tidy up

src/main/java/no/steras/opensamlbook/idp/ArtifactResolutionServlet.java

@@ -2,13 +2,11 @@ package no.steras.opensamlbook.idp;
 
 import net.shibboleth.utilities.java.support.component.ComponentInitializationException;
 import net.shibboleth.utilities.java.support.xml.BasicParserPool;
-import net.shibboleth.utilities.java.support.xml.XMLParserException;
 import no.steras.opensamlbook.OpenSAMLUtils;
 import no.steras.opensamlbook.sp.SPConstants;
 import no.steras.opensamlbook.sp.SPCredentials;
 import org.apache.xml.security.utils.EncryptionConstants;
 import org.joda.time.DateTime;
-import org.opensaml.core.xml.XMLObject;
 import org.opensaml.core.xml.config.XMLObjectProviderRegistrySupport;
 import org.opensaml.core.xml.io.*;
 import org.opensaml.core.xml.schema.XSString;
@@ -17,15 +15,12 @@ import org.opensaml.messaging.context.MessageContext;
 import org.opensaml.messaging.decoder.MessageDecodingException;
 import org.opensaml.messaging.encoder.MessageEncodingException;
 import org.opensaml.saml.common.SAMLObject;
+import org.opensaml.saml.common.binding.security.impl.MessageLifetimeSecurityHandler;
 import org.opensaml.saml.saml2.binding.decoding.impl.HTTPSOAP11Decoder;
 import org.opensaml.saml.saml2.binding.encoding.impl.HTTPSOAP11Encoder;
 import org.opensaml.saml.saml2.core.*;
 import org.opensaml.saml.saml2.encryption.Encrypter;
-import org.opensaml.soap.messaging.context.SOAP11Context;
+
-import org.opensaml.soap.soap11.Body;
-import org.opensaml.soap.soap11.Envelope;
-import org.opensaml.soap.soap11.decoder.http.impl.EnvelopeBodyHandler;
-import org.opensaml.xmlsec.EncryptionParameters;
 import org.opensaml.xmlsec.encryption.support.DataEncryptionParameters;
 import org.opensaml.xmlsec.encryption.support.EncryptionException;
 import org.opensaml.xmlsec.encryption.support.KeyEncryptionParameters;
@@ -35,45 +30,24 @@ import org.opensaml.xmlsec.signature.support.SignatureException;
 import org.opensaml.xmlsec.signature.support.Signer;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
-import org.w3c.dom.Document;
-import org.w3c.dom.Element;
-import org.xml.sax.SAXException;
 
 import javax.servlet.ServletException;
 import javax.servlet.http.HttpServlet;
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
-import javax.xml.parsers.DocumentBuilder;
-import javax.xml.parsers.DocumentBuilderFactory;
-import javax.xml.parsers.ParserConfigurationException;
-import javax.xml.soap.SOAPEnvelope;
-import javax.xml.transform.OutputKeys;
-import javax.xml.transform.Transformer;
-import javax.xml.transform.TransformerException;
-import javax.xml.transform.TransformerFactory;
-import javax.xml.transform.dom.DOMSource;
-import javax.xml.transform.stream.StreamResult;
 import java.io.IOException;
-import java.io.InputStream;
-import java.io.PrintWriter;
-import java.io.Writer;
-import java.security.NoSuchAlgorithmException;
-import java.security.NoSuchProviderException;
-import java.security.spec.ECField;
 
-/**
- * Created by Privat on 4/6/14.
- */
 public class ArtifactResolutionServlet extends HttpServlet {
     private static Logger logger = LoggerFactory.getLogger(ArtifactResolutionServlet.class);
 
     @Override
     protected void doPost(final HttpServletRequest req, final HttpServletResponse resp) throws ServletException, IOException {
-        logger.debug("recieved artifactResolve");
+        logger.debug("recieved artifactResolve:");
         HTTPSOAP11Decoder decoder = new HTTPSOAP11Decoder();
-        decoder.setHttpServletRequest(req);
 
 
+        decoder.setHttpServletRequest(req);
+
         try {
             BasicParserPool parserPool = new BasicParserPool();
             parserPool.initialize();
@@ -81,20 +55,18 @@ public class ArtifactResolutionServlet extends HttpServlet {
             decoder.initialize();
             decoder.decode();
         } catch (MessageDecodingException e) {
-            e.printStackTrace();
+            throw new RuntimeException(e);
         } catch (ComponentInitializationException e) {
-            e.printStackTrace();
+            throw new RuntimeException(e);
         }
 
-
         OpenSAMLUtils.logSAMLObject(decoder.getMessageContext().getMessage());
+
+
         ArtifactResponse artifactResponse = buildArtifactResponse();
 
         MessageContext<SAMLObject> context = new MessageContext<SAMLObject>();
-
+        context.setMessage(artifactResponse);
-            context.setMessage(artifactResponse);
-
-
 
         HTTPSOAP11Encoder encoder = new HTTPSOAP11Encoder();
         encoder.setMessageContext(context);
@@ -104,9 +76,9 @@ public class ArtifactResolutionServlet extends HttpServlet {
             encoder.initialize();
             encoder.encode();
         } catch (MessageEncodingException e) {
-            e.printStackTrace();
+            throw new RuntimeException(e);
         } catch (ComponentInitializationException e) {
-            e.printStackTrace();
+            throw new RuntimeException(e);
         }
 
 
@@ -295,15 +267,4 @@ public class ArtifactResolutionServlet extends HttpServlet {
         return attributeStatement;
 
     }
-
-    public static Envelope wrapInSOAPEnvelope(final XMLObject xmlObject) {
-        Envelope envelope = OpenSAMLUtils.buildSAMLObject(Envelope.class);
-        Body body = OpenSAMLUtils.buildSAMLObject(Body.class);
-
-        body.getUnknownXMLObjects().add(xmlObject);
-
-        envelope.setBody(body);
-
-        return envelope;
-    }
 }

src/main/java/no/steras/opensamlbook/idp/IDPConstants.java

@@ -1,8 +1,5 @@
 package no.steras.opensamlbook.idp;
 
-/**
- * Created by Privat on 4/7/14.
- */
 public class IDPConstants {
     public static final String IDP_ENTITY_ID = "TestIDP";
     public static final String SSO_SERVICE = "http://localhost:8080/webprofile-ref-project/idp/singleSignOnService";

src/main/java/no/steras/opensamlbook/idp/IDPCredentials.java

@@ -3,20 +3,8 @@ package no.steras.opensamlbook.idp;
 import org.opensaml.security.credential.Credential;
 import org.opensaml.security.credential.CredentialSupport;
 import org.opensaml.security.crypto.KeySupport;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-import java.io.FileInputStream;
-import java.io.InputStream;
-import java.net.URL;
 import java.security.*;
-import java.util.Collections;
-import java.util.HashMap;
-import java.util.Map;
 
-/**
- * Created by Privat on 13/05/14.
- */
 public class IDPCredentials {
     private static final Credential credential;
 
@@ -26,7 +14,6 @@ public class IDPCredentials {
 
     private static Credential generateCredential() {
         try {
-            //KeySupport
             KeyPair keyPair = KeySupport.generateKeyPair("RSA", 1024, null);
             return CredentialSupport.getSimpleCredential(keyPair.getPublic(), keyPair.getPrivate());
         } catch (NoSuchAlgorithmException e) {

src/main/java/no/steras/opensamlbook/idp/SingleSignOnServlet.java

@@ -1,6 +1,5 @@
 package no.steras.opensamlbook.idp;
 
-import no.steras.opensamlbook.OpenSAMLUtils;
 import no.steras.opensamlbook.sp.SPConstants;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
@@ -12,14 +11,9 @@ import javax.servlet.http.HttpServletResponse;
 import java.io.IOException;
 import java.io.Writer;
 
-/**
- * Created by Privat on 4/6/14.
- */
 public class SingleSignOnServlet extends HttpServlet {
     private static Logger logger = LoggerFactory.getLogger(SingleSignOnServlet.class);
 
-
-
     @Override
     protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
         logger.info("AuthnRequest recieved");

src/main/java/no/steras/opensamlbook/sp/AccessFilter.java

@@ -3,26 +3,25 @@ package no.steras.opensamlbook.sp;
 import net.shibboleth.utilities.java.support.component.ComponentInitializationException;
 import no.steras.opensamlbook.OpenSAMLUtils;
 import no.steras.opensamlbook.idp.IDPConstants;
+import org.apache.commons.lang.ObjectUtils;
 import org.joda.time.DateTime;
-import org.joda.time.chrono.ISOChronology;
 import org.opensaml.core.config.InitializationException;
 import org.opensaml.core.config.InitializationService;
-import org.opensaml.core.config.Initializer;
-import org.opensaml.messaging.context.InOutOperationContext;
 import org.opensaml.messaging.context.MessageContext;
 import org.opensaml.messaging.encoder.MessageEncodingException;
-import org.opensaml.saml.common.SAMLObject;
 
+import org.opensaml.messaging.handler.MessageHandlerException;
+import org.opensaml.messaging.pipeline.servlet.BasicHttpServletMessagePipeline;
+import org.opensaml.messaging.pipeline.servlet.HttpServletMessagePipeline;
+import org.opensaml.saml.common.SAMLObject;
+import org.opensaml.saml.common.binding.security.impl.SAMLOutboundProtocolMessageSigningHandler;
 import org.opensaml.saml.common.messaging.context.SAMLEndpointContext;
-import org.opensaml.saml.common.messaging.context.SAMLMessageInfoContext;
 import org.opensaml.saml.common.messaging.context.SAMLPeerEntityContext;
 import org.opensaml.saml.common.xml.SAMLConstants;
 import org.opensaml.saml.saml2.binding.encoding.impl.HTTPRedirectDeflateEncoder;
 import org.opensaml.saml.saml2.core.*;
 import org.opensaml.saml.saml2.metadata.Endpoint;
 import org.opensaml.saml.saml2.metadata.SingleSignOnService;
-import org.opensaml.xmlsec.SecurityConfigurationSupport;
-import org.opensaml.xmlsec.SignatureSigningConfiguration;
 import org.opensaml.xmlsec.SignatureSigningParameters;
 import org.opensaml.xmlsec.context.SecurityParametersContext;
 import org.opensaml.xmlsec.signature.support.SignatureConstants;
@@ -44,10 +43,6 @@ public class AccessFilter implements Filter {
 
     @Override
     public void init(FilterConfig filterConfig) throws ServletException {
-        for (Provider jceProvider : Security.getProviders()) {
-            logger.info(jceProvider.getInfo());
-        }
-
         try {
             logger.info("Bootstrapping");
             InitializationService.initialize();
@@ -85,7 +80,6 @@ public class AccessFilter implements Filter {
         MessageContext context = new MessageContext();
 
         SAMLPeerEntityContext peerEntityContext = context.getSubcontext(SAMLPeerEntityContext.class, true);
-        peerEntityContext.setEntityId(IDPConstants.IDP_ENTITY_ID);
 
         SAMLEndpointContext endpointContext = peerEntityContext.getSubcontext(SAMLEndpointContext.class, true);
         endpointContext.setEndpoint(getIPDEndpoint());
@@ -166,10 +160,6 @@ public class AccessFilter implements Filter {
         return SPConstants.SP_ENTITY_ID;
     }
 
-    private String getSPNameQualifier() {
-        return SPConstants.SP_ENTITY_ID;
-    }
-
     private String getAssertionConsumerEndpoint() {
         return SPConstants.ASSERTION_CONSUMER_SERVICE;
     }

src/main/java/no/steras/opensamlbook/sp/ConsumerServlet.java

@@ -7,6 +7,7 @@ import net.shibboleth.utilities.java.support.xml.BasicParserPool;
 import no.steras.opensamlbook.OpenSAMLUtils;
 import no.steras.opensamlbook.idp.IDPConstants;
 import no.steras.opensamlbook.idp.IDPCredentials;
+import org.apache.xml.security.algorithms.MessageDigestAlgorithm;
 import org.joda.time.DateTime;
 import org.opensaml.core.xml.XMLObject;
 import org.opensaml.core.xml.config.XMLObjectProviderRegistrySupport;
@@ -16,6 +17,7 @@ import org.opensaml.messaging.context.InOutOperationContext;
 import org.opensaml.messaging.context.MessageContext;
 import org.opensaml.messaging.encoder.MessageEncodingException;
 import org.opensaml.messaging.handler.MessageHandler;
+import org.opensaml.messaging.handler.MessageHandlerException;
 import org.opensaml.messaging.handler.impl.BasicMessageHandlerChain;
 import org.opensaml.messaging.pipeline.httpclient.BasicHttpClientMessagePipeline;
 import org.opensaml.messaging.pipeline.httpclient.HttpClientMessagePipeline;
@@ -23,8 +25,12 @@ import org.opensaml.messaging.pipeline.httpclient.HttpClientMessagePipelineFacto
 import org.opensaml.profile.context.ProfileRequestContext;
 import org.opensaml.saml.common.SAMLObject;
 import org.opensaml.saml.common.binding.impl.SAMLSOAPDecoderBodyHandler;
+import org.opensaml.saml.common.binding.security.impl.MessageLifetimeSecurityHandler;
+import org.opensaml.saml.common.binding.security.impl.ReceivedEndpointSecurityHandler;
 import org.opensaml.saml.common.binding.security.impl.SAMLOutboundProtocolMessageSigningHandler;
+import org.opensaml.saml.common.binding.security.impl.SAMLProtocolMessageXMLSignatureSecurityHandler;
 import org.opensaml.saml.common.messaging.context.SAMLEndpointContext;
+import org.opensaml.saml.common.messaging.context.SAMLMessageInfoContext;
 import org.opensaml.saml.common.messaging.context.SAMLPeerEntityContext;
 import org.opensaml.saml.common.xml.SAMLConstants;
 import org.opensaml.saml.saml2.binding.decoding.impl.HttpClientResponseSOAP11Decoder;
@@ -64,6 +70,10 @@ import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 import javax.xml.bind.ValidationException;
 import java.io.IOException;
+import java.util.ArrayList;
+import java.util.HashSet;
+import java.util.List;
+import java.util.Set;
 
 /**
  * Created by Privat on 4/6/14.
@@ -78,10 +88,9 @@ public class ConsumerServlet extends HttpServlet {
         logger.info("Artifact: " + artifact.getArtifact());
 
         ArtifactResolve artifactResolve = buildArtifactResolve(artifact);
-        //signArtifactResolve(artifactResolve);
         logger.info("Sending ArtifactResolve");
         logger.info("ArtifactResolve: ");
-        //OpenSAMLUtils.logSAMLObject(artifactResolve);
+        OpenSAMLUtils.logSAMLObject(artifactResolve);
 
         ArtifactResponse artifactResponse = sendAndReceiveArtifactResolve(artifactResolve, resp);
         logger.info("ArtifactResponse received");
@@ -116,6 +125,7 @@ public class ConsumerServlet extends HttpServlet {
     }
 
     private void verifyAssertionSignature(Assertion assertion) {
+
         if (!assertion.isSigned()) {
             throw new RuntimeException("The SAML Assertion was not signed");
         }
@@ -218,15 +228,14 @@ public class ConsumerServlet extends HttpServlet {
         } catch (SecurityException e) {
             throw new RuntimeException(e);
         } catch (ComponentInitializationException e) {
-            e.printStackTrace();
+            throw new RuntimeException(e);
         } catch (MessageEncodingException e) {
-            e.printStackTrace();
+            throw new RuntimeException(e);
         } catch (IllegalAccessException e) {
-            e.printStackTrace();
+            throw new RuntimeException(e);
         } catch (Exception e) {
-            e.printStackTrace();
+            throw new RuntimeException(e);
         }
-        return null;
 
     }