public-collect/webprofile-ref-project-v3
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

tidy up and now using message handlers to do signing of SOAP

Browse Source
This commit is contained in:
srasmusson
2016-04-29 21:37:28 +02:00
parent 6e6b4182df
commit 56a99eb2c1
3 changed files with 18 additions and 58 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
src/main/java/no/steras/opensamlbook/idp/ArtifactResolutionServlet.java
View File

@@ -69,7 +69,7 @@ public class ArtifactResolutionServlet extends HttpServlet {
@Override
protected void doPost(final HttpServletRequest req, final HttpServletResponse resp) throws ServletException, IOException {
System.out.println("recieved artifactResolve");
logger.debug("recieved artifactResolve");
HTTPSOAP11Decoder decoder = new HTTPSOAP11Decoder();
decoder.setHttpServletRequest(req);
@@ -85,8 +85,9 @@ public class ArtifactResolutionServlet extends HttpServlet {
} catch (ComponentInitializationException e) {
e.printStackTrace();
}
System.out.println(decoder.getMessageContext().getMessage());
OpenSAMLUtils.logSAMLObject(decoder.getMessageContext().getMessage());
ArtifactResponse artifactResponse = buildArtifactResponse();
MessageContext<SAMLObject> context = new MessageContext<SAMLObject>();
@@ -108,11 +109,6 @@ public class ArtifactResolutionServlet extends HttpServlet {
e.printStackTrace();
}
/*ArtifactResponse artifactResponse = buildArtifactResponse();
artifactResponse.setInResponseTo("Made up ID");
printSAMLObject(wrapInSOAPEnvelope(artifactResponse), resp.getWriter());
*/
}

5
src/main/java/no/steras/opensamlbook/idp/SingleSignOnServlet.java
View File

@@ -1,6 +1,7 @@
package no.steras.opensamlbook.idp;
import no.steras.opensamlbook.OpenSAMLUtils;
import no.steras.opensamlbook.sp.SPConstants;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
@@ -16,7 +17,7 @@ import java.io.Writer;
*/
public class SingleSignOnServlet extends HttpServlet {
private static Logger logger = LoggerFactory.getLogger(SingleSignOnServlet.class);
private static final String ASSERTION_CONSUMER_SERVICE = "http://localhost:8080/webprofile-ref-project/sp/consumer";
@Override
@@ -30,7 +31,7 @@ public class SingleSignOnServlet extends HttpServlet {
@Override
protected void doPost(final HttpServletRequest req, final HttpServletResponse resp) throws ServletException, IOException {
resp.sendRedirect(ASSERTION_CONSUMER_SERVICE + "?SAMLart=AAQAAMFbLinlXaCM%2BFIxiDwGOLAy2T71gbpO7ZhNzAgEANlB90ECfpNEVLg%3D");
resp.sendRedirect(SPConstants.ASSERTION_CONSUMER_SERVICE + "?SAMLart=AAQAAMFbLinlXaCM%2BFIxiDwGOLAy2T71gbpO7ZhNzAgEANlB90ECfpNEVLg%3D");
}

61
src/main/java/no/steras/opensamlbook/sp/ConsumerServlet.java
View File

@@ -43,6 +43,8 @@ import org.opensaml.soap.common.SOAPException;
import org.opensaml.soap.messaging.context.SOAP11Context;
import org.opensaml.soap.soap11.Envelope;
import org.opensaml.soap.soap11.decoder.http.impl.EnvelopeBodyHandler;
import org.opensaml.xmlsec.SignatureSigningParameters;
import org.opensaml.xmlsec.context.SecurityParametersContext;
import org.opensaml.xmlsec.encryption.support.DecryptionException;
import org.opensaml.xmlsec.encryption.support.InlineEncryptedKeyResolver;
import org.opensaml.xmlsec.keyinfo.impl.StaticKeyInfoCredentialResolver;
@@ -76,7 +78,7 @@ public class ConsumerServlet extends HttpServlet {
logger.info("Artifact: " + artifact.getArtifact());
ArtifactResolve artifactResolve = buildArtifactResolve(artifact);
signArtifactResolve(artifactResolve);
//signArtifactResolve(artifactResolve);
logger.info("Sending ArtifactResolve");
logger.info("ArtifactResolve: ");
//OpenSAMLUtils.logSAMLObject(artifactResolve);
@@ -132,27 +134,6 @@ public class ConsumerServlet extends HttpServlet {
}
private void signArtifactResolve(ArtifactResolve artifactResolve) {
Signature signature = OpenSAMLUtils.buildSAMLObject(Signature.class);
signature.setSigningCredential(SPCredentials.getCredential());
signature.setSignatureAlgorithm(SignatureConstants.ALGO_ID_SIGNATURE_RSA_SHA1);
signature.setCanonicalizationAlgorithm(SignatureConstants.ALGO_ID_C14N_EXCL_OMIT_COMMENTS);
artifactResolve.setSignature(signature);
try {
XMLObjectProviderRegistrySupport.getMarshallerFactory().getMarshaller(artifactResolve).marshall(artifactResolve);
} catch (MarshallingException e) {
throw new RuntimeException(e);
}
try {
Signer.signObject(signature);
} catch (SignatureException e) {
throw new RuntimeException(e);
}
}
private void setAuthenticatedSession(HttpServletRequest req) {
req.getSession().setAttribute(SPConstants.AUTHENTICATED_SESSION_ATTRIBUTE, true);
}
@@ -193,31 +174,21 @@ public class ConsumerServlet extends HttpServlet {
private ArtifactResponse sendAndReceiveArtifactResolve(final ArtifactResolve artifactResolve, HttpServletResponse servletResponse) {
try {
//HTTPSOAP11Encoder encoder = new HTTPSOAP11Encoder();
MessageContext<ArtifactResolve> contextout = new MessageContext<ArtifactResolve>();
SAMLPeerEntityContext peerEntityContext = contextout.getSubcontext(SAMLPeerEntityContext.class, true);
peerEntityContext.setEntityId(IDPConstants.IDP_ENTITY_ID);
SAMLEndpointContext endpointContext = peerEntityContext.getSubcontext(SAMLEndpointContext.class, true);
endpointContext.setEndpoint(getIPDArtifactResolutionEndpoint());
//SOAP11Context soapContext = contextout.getSubcontext(SOAP11Context.class, true);
contextout.setMessage(artifactResolve);
SignatureSigningParameters signatureSigningParameters = new SignatureSigningParameters();
signatureSigningParameters.setSignatureAlgorithm(SignatureConstants.ALGO_ID_SIGNATURE_RSA_SHA256);
signatureSigningParameters.setSigningCredential(SPCredentials.getCredential());
signatureSigningParameters.setSignatureCanonicalizationAlgorithm(SignatureConstants.ALGO_ID_C14N_EXCL_OMIT_COMMENTS);
SecurityParametersContext securityParametersContext = contextout.getSubcontext(SecurityParametersContext.class, true);
securityParametersContext.setSignatureSigningParameters(signatureSigningParameters);
InOutOperationContext<ArtifactResponse, ArtifactResolve> context = new ProfileRequestContext<ArtifactResponse, ArtifactResolve>();
context.setOutboundMessageContext(contextout);
/*encoder.setMessageContext(context);
encoder.initialize();
encoder.prepareContext();
encoder.encode();
*/
AbstractPipelineHttpSOAPClient<SAMLObject, SAMLObject> soapClient = new AbstractPipelineHttpSOAPClient() {
@@ -231,20 +202,18 @@ public class ConsumerServlet extends HttpServlet {
decoder
);
BasicMessageHandlerChain<SAMLObject> outboundPayloadHandler = new BasicMessageHandlerChain<SAMLObject>();
outboundPayloadHandler.setHandlers(Lists.<MessageHandler<SAMLObject>>newArrayList(
new SAMLOutboundProtocolMessageSigningHandler()));
pipeline.setOutboundPayloadHandler(outboundPayloadHandler);
pipeline.setInboundHandler(new SAMLSOAPDecoderBodyHandler());
return pipeline;
}};
HttpClientBuilder clientBuilder = new HttpClientBuilder();
soapClient.setHttpClient(clientBuilder.buildClient());
soapClient.send(IDPConstants.ARTIFACT_RESOLUTION_SERVICE, context);
System.out.println(context.getInboundMessageContext().getMessage());
return context.getInboundMessageContext().getMessage();
} catch (SecurityException e) {
throw new RuntimeException(e);
@@ -285,12 +254,6 @@ public class ConsumerServlet extends HttpServlet {
return artifactResolve;
}
private Endpoint getIPDArtifactResolutionEndpoint() {
ArtifactResolutionService endpoint = OpenSAMLUtils.buildSAMLObject(ArtifactResolutionService.class);
endpoint.setBinding(SAMLConstants.SAML2_SOAP11_BINDING_URI);
endpoint.setLocation(IDPConstants.ARTIFACT_RESOLUTION_SERVICE);
return endpoint;
}
}