Exemplo n.º 1
0
  @Override
  protected Saml2Credentials retrieveCredentials(final WebContext wc) throws RequiresHttpAction {

    ExtendedSAMLMessageContext context = this.contextProvider.buildSpContext(wc);
    // assertion consumer url is pac4j callback url
    context.setAssertionConsumerUrl(getCallbackUrl());

    SignatureTrustEngine trustEngine = this.signatureTrustEngineProvider.build();

    this.handler.receiveMessage(context, trustEngine);

    this.responseValidator.validateSamlResponse(context, trustEngine, decrypter);

    return buildSaml2Credentials(context);
  }
Exemplo n.º 2
0
  @Override
  protected RedirectAction retrieveRedirectAction(final WebContext wc) {

    ExtendedSAMLMessageContext context = this.contextProvider.buildSpAndIdpContext(wc);
    final String relayState = getStateParameter(wc);

    AuthnRequest authnRequest = this.authnRequestBuilder.build(context);

    this.handler.sendMessage(context, authnRequest, relayState);

    if (destinationBindingType.equalsIgnoreCase(SAMLConstants.SAML2_POST_BINDING_URI)) {
      String content =
          ((SimpleResponseAdapter) context.getOutboundMessageTransport()).getOutgoingContent();
      return RedirectAction.success(content);
    } else {
      String location =
          ((SimpleResponseAdapter) context.getOutboundMessageTransport()).getRedirectUrl();
      return RedirectAction.redirect(location);
    }
  }
Exemplo n.º 3
0
  private Saml2Credentials buildSaml2Credentials(final ExtendedSAMLMessageContext context) {

    NameID nameId = (NameID) context.getSubjectNameIdentifier();
    Assertion subjectAssertion = context.getSubjectAssertion();

    List<Attribute> attributes = new ArrayList<Attribute>();
    for (AttributeStatement attributeStatement : subjectAssertion.getAttributeStatements()) {
      for (Attribute attribute : attributeStatement.getAttributes()) {
        attributes.add(attribute);
      }
      if (attributeStatement.getEncryptedAttributes().size() > 0) {
        logger.warn("Encrypted attributes returned, but no keystore was provided.");
      }
      for (EncryptedAttribute encryptedAttribute : attributeStatement.getEncryptedAttributes()) {
        try {
          attributes.add(decrypter.decrypt(encryptedAttribute));
        } catch (DecryptionException e) {
          logger.warn("Decryption of attribute failed, continue with the next one", e);
        }
      }
    }

    return new Saml2Credentials(nameId, attributes, subjectAssertion.getConditions(), getName());
  }