public-collect/webprofile-ref-project-v3
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

tidy up

Browse Source
This commit is contained in:
srasmusson
2016-05-09 00:00:23 +02:00
parent 4a8f8e98af
commit 45eae54018
6 changed files with 34 additions and 96 deletions
Download Patch File Download Diff File Expand all files Collapse all files

61
src/main/java/no/steras/opensamlbook/idp/ArtifactResolutionServlet.java
View File

@@ -2,13 +2,11 @@ package no.steras.opensamlbook.idp;
import net.shibboleth.utilities.java.support.component.ComponentInitializationException;
import net.shibboleth.utilities.java.support.xml.BasicParserPool;
import net.shibboleth.utilities.java.support.xml.XMLParserException;
import no.steras.opensamlbook.OpenSAMLUtils;
import no.steras.opensamlbook.sp.SPConstants;
import no.steras.opensamlbook.sp.SPCredentials;
import org.apache.xml.security.utils.EncryptionConstants;
import org.joda.time.DateTime;
import org.opensaml.core.xml.XMLObject;
import org.opensaml.core.xml.config.XMLObjectProviderRegistrySupport;
import org.opensaml.core.xml.io.*;
import org.opensaml.core.xml.schema.XSString;
@@ -17,15 +15,12 @@ import org.opensaml.messaging.context.MessageContext;
import org.opensaml.messaging.decoder.MessageDecodingException;
import org.opensaml.messaging.encoder.MessageEncodingException;
import org.opensaml.saml.common.SAMLObject;
import org.opensaml.saml.common.binding.security.impl.MessageLifetimeSecurityHandler;
import org.opensaml.saml.saml2.binding.decoding.impl.HTTPSOAP11Decoder;
import org.opensaml.saml.saml2.binding.encoding.impl.HTTPSOAP11Encoder;
import org.opensaml.saml.saml2.core.*;
import org.opensaml.saml.saml2.encryption.Encrypter;
import org.opensaml.soap.messaging.context.SOAP11Context;
import org.opensaml.soap.soap11.Body;
import org.opensaml.soap.soap11.Envelope;
import org.opensaml.soap.soap11.decoder.http.impl.EnvelopeBodyHandler;
import org.opensaml.xmlsec.EncryptionParameters;
import org.opensaml.xmlsec.encryption.support.DataEncryptionParameters;
import org.opensaml.xmlsec.encryption.support.EncryptionException;
import org.opensaml.xmlsec.encryption.support.KeyEncryptionParameters;
@@ -35,45 +30,24 @@ import org.opensaml.xmlsec.signature.support.SignatureException;
import org.opensaml.xmlsec.signature.support.Signer;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.w3c.dom.Document;
import org.w3c.dom.Element;
import org.xml.sax.SAXException;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.xml.parsers.DocumentBuilder;
import javax.xml.parsers.DocumentBuilderFactory;
import javax.xml.parsers.ParserConfigurationException;
import javax.xml.soap.SOAPEnvelope;
import javax.xml.transform.OutputKeys;
import javax.xml.transform.Transformer;
import javax.xml.transform.TransformerException;
import javax.xml.transform.TransformerFactory;
import javax.xml.transform.dom.DOMSource;
import javax.xml.transform.stream.StreamResult;
import java.io.IOException;
import java.io.InputStream;
import java.io.PrintWriter;
import java.io.Writer;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.spec.ECField;
/**
* Created by Privat on 4/6/14.
*/
public class ArtifactResolutionServlet extends HttpServlet {
private static Logger logger = LoggerFactory.getLogger(ArtifactResolutionServlet.class);
@Override
protected void doPost(final HttpServletRequest req, final HttpServletResponse resp) throws ServletException, IOException {
logger.debug("recieved artifactResolve");
logger.debug("recieved artifactResolve:");
HTTPSOAP11Decoder decoder = new HTTPSOAP11Decoder();
decoder.setHttpServletRequest(req);
decoder.setHttpServletRequest(req);
try {
BasicParserPool parserPool = new BasicParserPool();
parserPool.initialize();
@@ -81,21 +55,19 @@ public class ArtifactResolutionServlet extends HttpServlet {
decoder.initialize();
decoder.decode();
} catch (MessageDecodingException e) {
e.printStackTrace();
throw new RuntimeException(e);
} catch (ComponentInitializationException e) {
e.printStackTrace();
throw new RuntimeException(e);
}
OpenSAMLUtils.logSAMLObject(decoder.getMessageContext().getMessage());
ArtifactResponse artifactResponse = buildArtifactResponse();
MessageContext<SAMLObject> context = new MessageContext<SAMLObject>();
context.setMessage(artifactResponse);
HTTPSOAP11Encoder encoder = new HTTPSOAP11Encoder();
encoder.setMessageContext(context);
encoder.setHttpServletResponse(resp);
@@ -104,9 +76,9 @@ public class ArtifactResolutionServlet extends HttpServlet {
encoder.initialize();
encoder.encode();
} catch (MessageEncodingException e) {
e.printStackTrace();
throw new RuntimeException(e);
} catch (ComponentInitializationException e) {
e.printStackTrace();
throw new RuntimeException(e);
}
@@ -295,15 +267,4 @@ public class ArtifactResolutionServlet extends HttpServlet {
return attributeStatement;
}
public static Envelope wrapInSOAPEnvelope(final XMLObject xmlObject) {
Envelope envelope = OpenSAMLUtils.buildSAMLObject(Envelope.class);
Body body = OpenSAMLUtils.buildSAMLObject(Body.class);
body.getUnknownXMLObjects().add(xmlObject);
envelope.setBody(body);
return envelope;
}
}

3
src/main/java/no/steras/opensamlbook/idp/IDPConstants.java
View File

@@ -1,8 +1,5 @@
package no.steras.opensamlbook.idp;
/**
* Created by Privat on 4/7/14.
*/
public class IDPConstants {
public static final String IDP_ENTITY_ID = "TestIDP";
public static final String SSO_SERVICE = "http://localhost:8080/webprofile-ref-project/idp/singleSignOnService";

13
src/main/java/no/steras/opensamlbook/idp/IDPCredentials.java
View File

@@ -3,20 +3,8 @@ package no.steras.opensamlbook.idp;
import org.opensaml.security.credential.Credential;
import org.opensaml.security.credential.CredentialSupport;
import org.opensaml.security.crypto.KeySupport;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import java.io.FileInputStream;
import java.io.InputStream;
import java.net.URL;
import java.security.*;
import java.util.Collections;
import java.util.HashMap;
import java.util.Map;
/**
* Created by Privat on 13/05/14.
*/
public class IDPCredentials {
private static final Credential credential;
@@ -26,7 +14,6 @@ public class IDPCredentials {
private static Credential generateCredential() {
try {
//KeySupport
KeyPair keyPair = KeySupport.generateKeyPair("RSA", 1024, null);
return CredentialSupport.getSimpleCredential(keyPair.getPublic(), keyPair.getPrivate());
} catch (NoSuchAlgorithmException e) {

6
src/main/java/no/steras/opensamlbook/idp/SingleSignOnServlet.java
View File

@@ -1,6 +1,5 @@
package no.steras.opensamlbook.idp;
import no.steras.opensamlbook.OpenSAMLUtils;
import no.steras.opensamlbook.sp.SPConstants;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
@@ -12,14 +11,9 @@ import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
import java.io.Writer;
/**
* Created by Privat on 4/6/14.
*/
public class SingleSignOnServlet extends HttpServlet {
private static Logger logger = LoggerFactory.getLogger(SingleSignOnServlet.class);
@Override
protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
logger.info("AuthnRequest recieved");

22
src/main/java/no/steras/opensamlbook/sp/AccessFilter.java
View File

@@ -3,26 +3,25 @@ package no.steras.opensamlbook.sp;
import net.shibboleth.utilities.java.support.component.ComponentInitializationException;
import no.steras.opensamlbook.OpenSAMLUtils;
import no.steras.opensamlbook.idp.IDPConstants;
import org.apache.commons.lang.ObjectUtils;
import org.joda.time.DateTime;
import org.joda.time.chrono.ISOChronology;
import org.opensaml.core.config.InitializationException;
import org.opensaml.core.config.InitializationService;
import org.opensaml.core.config.Initializer;
import org.opensaml.messaging.context.InOutOperationContext;
import org.opensaml.messaging.context.MessageContext;
import org.opensaml.messaging.encoder.MessageEncodingException;
import org.opensaml.saml.common.SAMLObject;
import org.opensaml.messaging.handler.MessageHandlerException;
import org.opensaml.messaging.pipeline.servlet.BasicHttpServletMessagePipeline;
import org.opensaml.messaging.pipeline.servlet.HttpServletMessagePipeline;
import org.opensaml.saml.common.SAMLObject;
import org.opensaml.saml.common.binding.security.impl.SAMLOutboundProtocolMessageSigningHandler;
import org.opensaml.saml.common.messaging.context.SAMLEndpointContext;
import org.opensaml.saml.common.messaging.context.SAMLMessageInfoContext;
import org.opensaml.saml.common.messaging.context.SAMLPeerEntityContext;
import org.opensaml.saml.common.xml.SAMLConstants;
import org.opensaml.saml.saml2.binding.encoding.impl.HTTPRedirectDeflateEncoder;
import org.opensaml.saml.saml2.core.*;
import org.opensaml.saml.saml2.metadata.Endpoint;
import org.opensaml.saml.saml2.metadata.SingleSignOnService;
import org.opensaml.xmlsec.SecurityConfigurationSupport;
import org.opensaml.xmlsec.SignatureSigningConfiguration;
import org.opensaml.xmlsec.SignatureSigningParameters;
import org.opensaml.xmlsec.context.SecurityParametersContext;
import org.opensaml.xmlsec.signature.support.SignatureConstants;
@@ -44,10 +43,6 @@ public class AccessFilter implements Filter {
@Override
public void init(FilterConfig filterConfig) throws ServletException {
for (Provider jceProvider : Security.getProviders()) {
logger.info(jceProvider.getInfo());
}
try {
logger.info("Bootstrapping");
InitializationService.initialize();
@@ -85,7 +80,6 @@ public class AccessFilter implements Filter {
MessageContext context = new MessageContext();
SAMLPeerEntityContext peerEntityContext = context.getSubcontext(SAMLPeerEntityContext.class, true);
peerEntityContext.setEntityId(IDPConstants.IDP_ENTITY_ID);
SAMLEndpointContext endpointContext = peerEntityContext.getSubcontext(SAMLEndpointContext.class, true);
endpointContext.setEndpoint(getIPDEndpoint());
@@ -166,10 +160,6 @@ public class AccessFilter implements Filter {
return SPConstants.SP_ENTITY_ID;
}
private String getSPNameQualifier() {
return SPConstants.SP_ENTITY_ID;
}
private String getAssertionConsumerEndpoint() {
return SPConstants.ASSERTION_CONSUMER_SERVICE;
}

23
src/main/java/no/steras/opensamlbook/sp/ConsumerServlet.java
View File

@@ -7,6 +7,7 @@ import net.shibboleth.utilities.java.support.xml.BasicParserPool;
import no.steras.opensamlbook.OpenSAMLUtils;
import no.steras.opensamlbook.idp.IDPConstants;
import no.steras.opensamlbook.idp.IDPCredentials;
import org.apache.xml.security.algorithms.MessageDigestAlgorithm;
import org.joda.time.DateTime;
import org.opensaml.core.xml.XMLObject;
import org.opensaml.core.xml.config.XMLObjectProviderRegistrySupport;
@@ -16,6 +17,7 @@ import org.opensaml.messaging.context.InOutOperationContext;
import org.opensaml.messaging.context.MessageContext;
import org.opensaml.messaging.encoder.MessageEncodingException;
import org.opensaml.messaging.handler.MessageHandler;
import org.opensaml.messaging.handler.MessageHandlerException;
import org.opensaml.messaging.handler.impl.BasicMessageHandlerChain;
import org.opensaml.messaging.pipeline.httpclient.BasicHttpClientMessagePipeline;
import org.opensaml.messaging.pipeline.httpclient.HttpClientMessagePipeline;
@@ -23,8 +25,12 @@ import org.opensaml.messaging.pipeline.httpclient.HttpClientMessagePipelineFacto
import org.opensaml.profile.context.ProfileRequestContext;
import org.opensaml.saml.common.SAMLObject;
import org.opensaml.saml.common.binding.impl.SAMLSOAPDecoderBodyHandler;
import org.opensaml.saml.common.binding.security.impl.MessageLifetimeSecurityHandler;
import org.opensaml.saml.common.binding.security.impl.ReceivedEndpointSecurityHandler;
import org.opensaml.saml.common.binding.security.impl.SAMLOutboundProtocolMessageSigningHandler;
import org.opensaml.saml.common.binding.security.impl.SAMLProtocolMessageXMLSignatureSecurityHandler;
import org.opensaml.saml.common.messaging.context.SAMLEndpointContext;
import org.opensaml.saml.common.messaging.context.SAMLMessageInfoContext;
import org.opensaml.saml.common.messaging.context.SAMLPeerEntityContext;
import org.opensaml.saml.common.xml.SAMLConstants;
import org.opensaml.saml.saml2.binding.decoding.impl.HttpClientResponseSOAP11Decoder;
@@ -64,6 +70,10 @@ import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.xml.bind.ValidationException;
import java.io.IOException;
import java.util.ArrayList;
import java.util.HashSet;
import java.util.List;
import java.util.Set;
/**
* Created by Privat on 4/6/14.
@@ -78,10 +88,9 @@ public class ConsumerServlet extends HttpServlet {
logger.info("Artifact: " + artifact.getArtifact());
ArtifactResolve artifactResolve = buildArtifactResolve(artifact);
//signArtifactResolve(artifactResolve);
logger.info("Sending ArtifactResolve");
logger.info("ArtifactResolve: ");
//OpenSAMLUtils.logSAMLObject(artifactResolve);
OpenSAMLUtils.logSAMLObject(artifactResolve);
ArtifactResponse artifactResponse = sendAndReceiveArtifactResolve(artifactResolve, resp);
logger.info("ArtifactResponse received");
@@ -116,6 +125,7 @@ public class ConsumerServlet extends HttpServlet {
}
private void verifyAssertionSignature(Assertion assertion) {
if (!assertion.isSigned()) {
throw new RuntimeException("The SAML Assertion was not signed");
}
@@ -218,15 +228,14 @@ public class ConsumerServlet extends HttpServlet {
} catch (SecurityException e) {
throw new RuntimeException(e);
} catch (ComponentInitializationException e) {
e.printStackTrace();
throw new RuntimeException(e);
} catch (MessageEncodingException e) {
e.printStackTrace();
throw new RuntimeException(e);
} catch (IllegalAccessException e) {
e.printStackTrace();
throw new RuntimeException(e);
} catch (Exception e) {
e.printStackTrace();
throw new RuntimeException(e);
}
return null;
}