/**
* Applies the XML Digital Signature to the SAML 2.0 based Logout Request (LogoutRequest).
*
* @param logoutRequest the SAML 2.0 based Logout Request (LogoutRequest)
* @param signatureAlgorithm the algorithm used to compute the signature
* @param credential the signature signing credential
* @return the SAML 2.0 based Logout Request (LogoutRequest) with XML Digital Signature set
* @throws SSOException if an error occurs while signing the SAML 2.0 LogoutRequest message
*/
protected static LogoutRequest setSignature(
LogoutRequest logoutRequest, String signatureAlgorithm, X509Credential credential)
throws SSOException {
try {
Signature signature = setSignatureRaw(signatureAlgorithm, credential);
logoutRequest.setSignature(signature);
List<Signature> signatureList = new ArrayList<>();
signatureList.add(signature);
// Marshall and Sign
MarshallerFactory marshallerFactory = org.opensaml.xml.Configuration.getMarshallerFactory();
Marshaller marshaller = marshallerFactory.getMarshaller(logoutRequest);
marshaller.marshall(logoutRequest);
// Initializes and configures the library
Init.init();
// Signer is responsible for creating the digital signatures for the given XML Objects.
// Signs the XML Objects based on the given order of the Signature list
Signer.signObjects(signatureList);
return logoutRequest;
} catch (MarshallingException | SignatureException e) {
throw new SSOException("Error while signing the SAML 2.0 based LogoutRequest message", e);
}
}
/**
* Sign the SAML AuthnRequest message
*
* @param logoutRequest
* @param signatureAlgorithm
* @param cred
* @return
* @throws SAMLSSOException
*/
public static LogoutRequest setSignature(
LogoutRequest logoutRequest, String signatureAlgorithm, X509Credential cred)
throws SAMLSSOException {
try {
Signature signature = (Signature) buildXMLObject(Signature.DEFAULT_ELEMENT_NAME);
signature.setSigningCredential(cred);
signature.setSignatureAlgorithm(signatureAlgorithm);
signature.setCanonicalizationAlgorithm(Canonicalizer.ALGO_ID_C14N_EXCL_OMIT_COMMENTS);
try {
KeyInfo keyInfo = (KeyInfo) buildXMLObject(KeyInfo.DEFAULT_ELEMENT_NAME);
X509Data data = (X509Data) buildXMLObject(X509Data.DEFAULT_ELEMENT_NAME);
org.opensaml.xml.signature.X509Certificate cert =
(org.opensaml.xml.signature.X509Certificate)
buildXMLObject(org.opensaml.xml.signature.X509Certificate.DEFAULT_ELEMENT_NAME);
String value =
org.apache.xml.security.utils.Base64.encode(cred.getEntityCertificate().getEncoded());
cert.setValue(value);
data.getX509Certificates().add(cert);
keyInfo.getX509Datas().add(data);
signature.setKeyInfo(keyInfo);
} catch (CertificateEncodingException e) {
throw new SAMLSSOException("Error getting certificate", e);
}
logoutRequest.setSignature(signature);
List<Signature> signatureList = new ArrayList<Signature>();
signatureList.add(signature);
// Marshall and Sign
MarshallerFactory marshallerFactory = org.opensaml.xml.Configuration.getMarshallerFactory();
Marshaller marshaller = marshallerFactory.getMarshaller(logoutRequest);
marshaller.marshall(logoutRequest);
org.apache.xml.security.Init.init();
Signer.signObjects(signatureList);
return logoutRequest;
} catch (Exception e) {
throw new SAMLSSOException("Error while signing the Logout Request message", e);
}
}
