/** * Create an Error Response * * @param responseURL * @param status * @param identityURL * @param supportSignature * @return * @throws ConfigurationException */ public Document getErrorResponse( String responseURL, String status, String identityURL, boolean supportSignature) { Document samlResponse = null; ResponseType responseType = null; SAML2Response saml2Response = new SAML2Response(); // Create a response type String id = IDGenerator.create("ID_"); IssuerInfoHolder issuerHolder = new IssuerInfoHolder(identityURL); issuerHolder.setStatusCode(status); IDPInfoHolder idp = new IDPInfoHolder(); idp.setNameIDFormatValue(null); idp.setNameIDFormat(JBossSAMLURIConstants.NAMEID_FORMAT_PERSISTENT.get()); SPInfoHolder sp = new SPInfoHolder(); sp.setResponseDestinationURI(responseURL); responseType = saml2Response.createResponseType(id); responseType.setStatus(JBossSAMLAuthnResponseFactory.createStatusType(status)); // Lets see how the response looks like if (logger.isTraceEnabled()) { StringWriter sw = new StringWriter(); try { saml2Response.marshall(responseType, sw); } catch (ProcessingException e) { logger.trace(e); } logger.trace("SAML Response Document: " + sw.toString()); } if (supportSignature) { try { SAML2Signature ss = new SAML2Signature(); samlResponse = ss.sign(responseType, keyManager.getSigningKeyPair()); } catch (Exception e) { logger.trace(e); throw new RuntimeException(logger.signatureError(e)); } } else try { samlResponse = saml2Response.convert(responseType); } catch (Exception e) { logger.trace(e); } return samlResponse; }
/** @see {@link ParserNamespaceSupport#parse(XMLEventReader)} */ public Object parse(XMLEventReader xmlEventReader) throws ParsingException { // Get the startelement StartElement startElement = StaxParserUtil.getNextStartElement(xmlEventReader); StaxParserUtil.validate(startElement, RESPONSE); ResponseType response = (ResponseType) parseBaseAttributes(startElement); while (xmlEventReader.hasNext()) { // Let us peek at the next start element startElement = StaxParserUtil.peekNextStartElement(xmlEventReader); if (startElement == null) break; String elementName = StaxParserUtil.getStartElementName(startElement); if (JBossSAMLConstants.ISSUER.get().equals(elementName)) { startElement = StaxParserUtil.getNextStartElement(xmlEventReader); NameIDType issuer = new NameIDType(); issuer.setValue(StaxParserUtil.getElementText(xmlEventReader)); response.setIssuer(issuer); } else if (JBossSAMLConstants.SIGNATURE.get().equals(elementName)) { Element sig = StaxParserUtil.getDOMElement(xmlEventReader); response.setSignature(sig); } else if (JBossSAMLConstants.ASSERTION.get().equals(elementName)) { SAMLAssertionParser assertionParser = new SAMLAssertionParser(); response.addAssertion( new RTChoiceType((AssertionType) assertionParser.parse(xmlEventReader))); } else if (JBossSAMLConstants.STATUS.get().equals(elementName)) { response.setStatus(parseStatus(xmlEventReader)); } else if (JBossSAMLConstants.ENCRYPTED_ASSERTION.get().equals(elementName)) { Element encryptedAssertion = StaxParserUtil.getDOMElement(xmlEventReader); response.addAssertion(new RTChoiceType(new EncryptedAssertionType(encryptedAssertion))); } else throw logger.parserUnknownTag(elementName, startElement.getLocation()); } return response; }
/** * Sign an ResponseType at the root * * @param response * @param keypair Key Pair * @param digestMethod (Example: DigestMethod.SHA1) * @param signatureMethod (Example: SignatureMethod.DSA_SHA1) * @return * @throws ParserConfigurationException * @throws XMLSignatureException * @throws MarshalException * @throws GeneralSecurityException */ public Document sign(ResponseType response, KeyPair keypair) throws ParserConfigurationException, GeneralSecurityException, MarshalException, XMLSignatureException { SAML2Response saml2Request = new SAML2Response(); Document doc = saml2Request.convert(response); doc.normalize(); Node theSibling = getNextSiblingOfIssuer(doc); if (theSibling != null) { this.sibling = theSibling; } return sign(doc, response.getID(), keypair); }