public-collect/webprofile-ref-project-v3
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

first working soap pipeline

Browse Source
This commit is contained in:
srasmusson
2016-04-29 18:57:16 +02:00
parent 3022294952
commit a8fba94ada
5 changed files with 152 additions and 86 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
src/main/java/no/steras/opensamlbook/OpenSAMLUtils.java
View File

@@ -6,6 +6,8 @@ import org.opensaml.core.xml.XMLObjectBuilderFactory;
import org.opensaml.core.xml.config.XMLObjectProviderRegistrySupport;
import org.opensaml.core.xml.io.Marshaller;
import org.opensaml.core.xml.io.MarshallingException;
import org.opensaml.soap.soap11.Body;
import org.opensaml.soap.soap11.Envelope;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.w3c.dom.Document;
@@ -81,8 +83,9 @@ public class OpenSAMLUtils {
} catch (TransformerException e) {
logger.error(e.getMessage(), e);
}
}
/*
public static Envelope wrapInSOAPEnvelope(final XMLObject xmlObject) throws IllegalAccessException {
Envelope envelope = OpenSAMLUtils.buildSAMLObject(Envelope.class);
Body body = OpenSAMLUtils.buildSAMLObject(Body.class);
@@ -93,5 +96,5 @@ public class OpenSAMLUtils {
return envelope;
}
*/
}

149
src/main/java/no/steras/opensamlbook/idp/ArtifactResolutionServlet.java
View File

@@ -1,10 +1,38 @@
package no.steras.opensamlbook.idp;
import net.shibboleth.utilities.java.support.component.ComponentInitializationException;
import net.shibboleth.utilities.java.support.xml.BasicParserPool;
import net.shibboleth.utilities.java.support.xml.XMLParserException;
import no.steras.opensamlbook.OpenSAMLUtils;
import no.steras.opensamlbook.sp.SPConstants;
import no.steras.opensamlbook.sp.SPCredentials;
import org.apache.xml.security.utils.EncryptionConstants;
import org.joda.time.DateTime;
import org.opensaml.core.xml.XMLObject;
import org.opensaml.core.xml.config.XMLObjectProviderRegistrySupport;
import org.opensaml.core.xml.io.*;
import org.opensaml.core.xml.schema.XSString;
import org.opensaml.core.xml.schema.impl.XSStringBuilder;
import org.opensaml.messaging.context.MessageContext;
import org.opensaml.messaging.decoder.MessageDecodingException;
import org.opensaml.messaging.encoder.MessageEncodingException;
import org.opensaml.saml.common.SAMLObject;
import org.opensaml.saml.saml2.binding.decoding.impl.HTTPSOAP11Decoder;
import org.opensaml.saml.saml2.binding.encoding.impl.HTTPSOAP11Encoder;
import org.opensaml.saml.saml2.core.*;
import org.opensaml.saml.saml2.encryption.Encrypter;
import org.opensaml.soap.messaging.context.SOAP11Context;
import org.opensaml.soap.soap11.Body;
import org.opensaml.soap.soap11.Envelope;
import org.opensaml.soap.soap11.decoder.http.impl.EnvelopeBodyHandler;
import org.opensaml.xmlsec.EncryptionParameters;
import org.opensaml.xmlsec.encryption.support.DataEncryptionParameters;
import org.opensaml.xmlsec.encryption.support.EncryptionException;
import org.opensaml.xmlsec.encryption.support.KeyEncryptionParameters;
import org.opensaml.xmlsec.signature.Signature;
import org.opensaml.xmlsec.signature.support.SignatureConstants;
import org.opensaml.xmlsec.signature.support.SignatureException;
import org.opensaml.xmlsec.signature.support.Signer;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.w3c.dom.Document;
@@ -18,6 +46,7 @@ import javax.servlet.http.HttpServletResponse;
import javax.xml.parsers.DocumentBuilder;
import javax.xml.parsers.DocumentBuilderFactory;
import javax.xml.parsers.ParserConfigurationException;
import javax.xml.soap.SOAPEnvelope;
import javax.xml.transform.OutputKeys;
import javax.xml.transform.Transformer;
import javax.xml.transform.TransformerException;
@@ -36,57 +65,59 @@ import java.security.spec.ECField;
* Created by Privat on 4/6/14.
*/
public class ArtifactResolutionServlet extends HttpServlet {
/* private static Logger logger = LoggerFactory.getLogger(ArtifactResolutionServlet.class);
private static Logger logger = LoggerFactory.getLogger(ArtifactResolutionServlet.class);
@Override
protected void doPost(final HttpServletRequest req, final HttpServletResponse resp) throws ServletException, IOException {
System.out.println("recieved artifactResolve");
HTTPSOAP11Decoder decoder = new HTTPSOAP11Decoder();
decoder.setHttpServletRequest(req);
try {
BasicParserPool parserPool = new BasicParserPool();
parserPool.initialize();
decoder.setParserPool(parserPool);
decoder.initialize();
decoder.decode();
} catch (MessageDecodingException e) {
e.printStackTrace();
} catch (ComponentInitializationException e) {
e.printStackTrace();
}
System.out.println(decoder.getMessageContext().getMessage());
ArtifactResponse artifactResponse = buildArtifactResponse();
MessageContext<SAMLObject> context = new MessageContext<SAMLObject>();
context.setMessage(artifactResponse);
HTTPSOAP11Encoder encoder = new HTTPSOAP11Encoder();
encoder.setMessageContext(context);
encoder.setHttpServletResponse(resp);
try {
encoder.prepareContext();
encoder.initialize();
encoder.encode();
} catch (MessageEncodingException e) {
e.printStackTrace();
} catch (ComponentInitializationException e) {
e.printStackTrace();
}
/*ArtifactResponse artifactResponse = buildArtifactResponse();
artifactResponse.setInResponseTo("Made up ID");
printSAMLObject(wrapInSOAPEnvelope(artifactResponse), resp.getWriter());
}
public static ArtifactResolve unmarshallArtifactResolve(final InputStream input) {
try {
BasicParserPool ppMgr = new BasicParserPool();
ppMgr.setNamespaceAware(true);
Document soap = ppMgr.parse(input);
Element soapRoot = soap.getDocumentElement();
UnmarshallerFactory unmarshallerFactory = Configuration.getUnmarshallerFactory();
Unmarshaller unmarshaller = unmarshallerFactory.getUnmarshaller(soapRoot);
Envelope soapEnvelope = (Envelope)unmarshaller.unmarshall(soapRoot);
return (ArtifactResolve)soapEnvelope.getBody().getUnknownXMLObjects().get(0);
} catch (XMLParserException e) {
throw new RuntimeException(e);
} catch (UnmarshallingException e) {
throw new RuntimeException(e);
}
*/
}
public static org.w3c.dom.Element marshallSAMLObject(final SAMLObject object) {
org.w3c.dom.Element element = null;
try {
MarshallerFactory unMarshallerFactory = Configuration.getMarshallerFactory();
Marshaller marshaller = unMarshallerFactory.getMarshaller(object);
element = marshaller.marshall(object);
} catch (ClassCastException e) {
throw new IllegalArgumentException("The class does not implement the interface XMLObject", e);
} catch (MarshallingException e) {
throw new RuntimeException(e);
}
return element;
}
private ArtifactResponse buildArtifactResponse() {
private ArtifactResponse buildArtifactResponse() {
ArtifactResponse artifactResponse = OpenSAMLUtils.buildSAMLObject(ArtifactResponse.class);
@@ -100,7 +131,7 @@ public class ArtifactResolutionServlet extends HttpServlet {
Status status = OpenSAMLUtils.buildSAMLObject(Status.class);
StatusCode statusCode = OpenSAMLUtils.buildSAMLObject(StatusCode.class);
statusCode.setValue(StatusCode.SUCCESS_URI);
statusCode.setValue(StatusCode.SUCCESS);
status.setStatusCode(statusCode);
artifactResponse.setStatus(status);
@@ -115,7 +146,7 @@ public class ArtifactResolutionServlet extends HttpServlet {
Status status2 = OpenSAMLUtils.buildSAMLObject(Status.class);
StatusCode statusCode2 = OpenSAMLUtils.buildSAMLObject(StatusCode.class);
statusCode2.setValue(StatusCode.SUCCESS_URI);
statusCode2.setValue(StatusCode.SUCCESS);
status2.setStatusCode(statusCode2);
response.setStatus(status2);
@@ -132,7 +163,7 @@ public class ArtifactResolutionServlet extends HttpServlet {
}
private EncryptedAssertion encryptAssertion(Assertion assertion) {
EncryptionParameters encryptionParameters = new EncryptionParameters();
DataEncryptionParameters encryptionParameters = new DataEncryptionParameters();
encryptionParameters.setAlgorithm(EncryptionConstants.ALGO_ID_BLOCKCIPHER_AES128);
KeyEncryptionParameters keyEncryptionParameters = new KeyEncryptionParameters();
@@ -159,7 +190,7 @@ public class ArtifactResolutionServlet extends HttpServlet {
assertion.setSignature(signature);
try {
Configuration.getMarshallerFactory().getMarshaller(assertion).marshall(assertion);
XMLObjectProviderRegistrySupport.getMarshallerFactory().getMarshaller(assertion).marshall(assertion);
} catch (MarshallingException e) {
throw new RuntimeException(e);
}
@@ -249,7 +280,7 @@ public class ArtifactResolutionServlet extends HttpServlet {
Attribute attributeUserName = OpenSAMLUtils.buildSAMLObject(Attribute.class);
XSStringBuilder stringBuilder = (XSStringBuilder)Configuration.getBuilderFactory().getBuilder(XSString.TYPE_NAME);
XSStringBuilder stringBuilder = (XSStringBuilder)XMLObjectProviderRegistrySupport.getBuilderFactory().getBuilder(XSString.TYPE_NAME);
XSString userNameValue = stringBuilder.buildObject(AttributeValue.DEFAULT_ELEMENT_NAME, XSString.TYPE_NAME);
userNameValue.setValue("bob");
@@ -279,32 +310,4 @@ public class ArtifactResolutionServlet extends HttpServlet {
return envelope;
}
public static void printSAMLObject(final XMLObject object, final PrintWriter writer) {
try {
DocumentBuilder builder;
DocumentBuilderFactory factory = DocumentBuilderFactory.newInstance();
factory.setNamespaceAware(true);
builder = factory.newDocumentBuilder();
org.w3c.dom.Document document = builder.newDocument();
Marshaller out = Configuration.getMarshallerFactory().getMarshaller(object);
out.marshall(object, document);
Transformer transformer = TransformerFactory.newInstance().newTransformer();
transformer.setOutputProperty(OutputKeys.INDENT, "yes");
StreamResult result = new StreamResult(writer);
DOMSource source = new DOMSource(document);
transformer.transform(source, result);
} catch (ParserConfigurationException e) {
e.printStackTrace();
} catch (MarshallingException e) {
e.printStackTrace();
} catch (TransformerException e) {
e.printStackTrace();
}
}*/
}

2
src/main/java/no/steras/opensamlbook/idp/IDPCredentials.java
View File

@@ -39,5 +39,5 @@ public class IDPCredentials {
public static Credential getCredential() {
return credential;
}
}

2
src/main/java/no/steras/opensamlbook/sp/AccessFilter.java
View File

@@ -110,7 +110,7 @@ public class AccessFilter implements Filter {
}
logger.info("AuthnRequest: ");
//OpenSAMLUtils.logSAMLObject(authnRequest);
OpenSAMLUtils.logSAMLObject(authnRequest);
logger.info("Redirecting to IDP");
try {

78
src/main/java/no/steras/opensamlbook/sp/ConsumerServlet.java
View File

@@ -1,6 +1,8 @@
package no.steras.opensamlbook.sp;
import com.google.common.collect.Lists;
import net.shibboleth.utilities.java.support.component.ComponentInitializationException;
import net.shibboleth.utilities.java.support.httpclient.HttpClientBuilder;
import net.shibboleth.utilities.java.support.xml.BasicParserPool;
import no.steras.opensamlbook.OpenSAMLUtils;
import no.steras.opensamlbook.idp.IDPConstants;
@@ -10,21 +12,37 @@ import org.opensaml.core.xml.XMLObject;
import org.opensaml.core.xml.config.XMLObjectProviderRegistrySupport;
import org.opensaml.core.xml.io.MarshallingException;
import org.opensaml.core.xml.schema.XSString;
import org.opensaml.messaging.context.InOutOperationContext;
import org.opensaml.messaging.context.MessageContext;
import org.opensaml.messaging.encoder.MessageEncodingException;
import org.opensaml.messaging.handler.MessageHandler;
import org.opensaml.messaging.handler.impl.BasicMessageHandlerChain;
import org.opensaml.messaging.pipeline.httpclient.BasicHttpClientMessagePipeline;
import org.opensaml.messaging.pipeline.httpclient.HttpClientMessagePipeline;
import org.opensaml.messaging.pipeline.httpclient.HttpClientMessagePipelineFactory;
import org.opensaml.profile.context.ProfileRequestContext;
import org.opensaml.saml.common.SAMLObject;
import org.opensaml.saml.common.binding.impl.SAMLSOAPDecoderBodyHandler;
import org.opensaml.saml.common.binding.security.impl.SAMLOutboundProtocolMessageSigningHandler;
import org.opensaml.saml.common.messaging.context.SAMLEndpointContext;
import org.opensaml.saml.common.messaging.context.SAMLPeerEntityContext;
import org.opensaml.saml.common.xml.SAMLConstants;
import org.opensaml.saml.saml2.binding.decoding.impl.HttpClientResponseSOAP11Decoder;
import org.opensaml.saml.saml2.binding.encoding.impl.HTTPSOAP11Encoder;
import org.opensaml.saml.saml2.binding.encoding.impl.HttpClientRequestSOAP11Encoder;
import org.opensaml.saml.saml2.core.*;
import org.opensaml.saml.saml2.encryption.Decrypter;
import org.opensaml.saml.saml2.metadata.ArtifactResolutionService;
import org.opensaml.saml.saml2.metadata.Endpoint;
import org.opensaml.saml.saml2.metadata.SingleSignOnService;
import org.opensaml.saml.security.impl.SAMLSignatureProfileValidator;
import org.opensaml.soap.client.http.AbstractPipelineHttpSOAPClient;
import org.opensaml.soap.client.http.HttpSOAPClient;
import org.opensaml.soap.client.http.PipelineFactoryHttpSOAPClient;
import org.opensaml.soap.common.SOAPException;
import org.opensaml.soap.messaging.context.SOAP11Context;
import org.opensaml.soap.soap11.Envelope;
import org.opensaml.soap.soap11.decoder.http.impl.EnvelopeBodyHandler;
import org.opensaml.xmlsec.encryption.support.DecryptionException;
import org.opensaml.xmlsec.encryption.support.InlineEncryptedKeyResolver;
import org.opensaml.xmlsec.keyinfo.impl.StaticKeyInfoCredentialResolver;
@@ -36,6 +54,8 @@ import org.opensaml.xmlsec.signature.support.Signer;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import javax.annotation.Nonnull;
import javax.annotation.Nullable;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
@@ -59,12 +79,12 @@ public class ConsumerServlet extends HttpServlet {
signArtifactResolve(artifactResolve);
logger.info("Sending ArtifactResolve");
logger.info("ArtifactResolve: ");
OpenSAMLUtils.logSAMLObject(artifactResolve);
//OpenSAMLUtils.logSAMLObject(artifactResolve);
ArtifactResponse artifactResponse = sendAndReceiveArtifactResolve(artifactResolve, resp);
logger.info("ArtifactResponse received");
logger.info("ArtifactResponse: ");
OpenSAMLUtils.logSAMLObject(artifactResponse);
// OpenSAMLUtils.logSAMLObject(artifactResponse);
EncryptedAssertion encryptedAssertion = getEncryptedAssertion(artifactResponse);
Assertion assertion = decryptAssertion(encryptedAssertion);
@@ -173,29 +193,69 @@ public class ConsumerServlet extends HttpServlet {
private ArtifactResponse sendAndReceiveArtifactResolve(final ArtifactResolve artifactResolve, HttpServletResponse servletResponse) {
try {
HTTPSOAP11Encoder encoder = new HTTPSOAP11Encoder();
MessageContext context = new MessageContext();
//HTTPSOAP11Encoder encoder = new HTTPSOAP11Encoder();
MessageContext<ArtifactResolve> contextout = new MessageContext<ArtifactResolve>();
SAMLPeerEntityContext peerEntityContext = context.getSubcontext(SAMLPeerEntityContext.class, true);
SAMLPeerEntityContext peerEntityContext = contextout.getSubcontext(SAMLPeerEntityContext.class, true);
peerEntityContext.setEntityId(IDPConstants.IDP_ENTITY_ID);
SAMLEndpointContext endpointContext = peerEntityContext.getSubcontext(SAMLEndpointContext.class, true);
endpointContext.setEndpoint(getIPDArtifactResolutionEndpoint());
context.setMessage(artifactResolve);
encoder.setHttpServletResponse(servletResponse);
encoder.setMessageContext(context);
//SOAP11Context soapContext = contextout.getSubcontext(SOAP11Context.class, true);
contextout.setMessage(artifactResolve);
InOutOperationContext<ArtifactResponse, ArtifactResolve> context = new ProfileRequestContext<ArtifactResponse, ArtifactResolve>();
context.setOutboundMessageContext(contextout);
/*encoder.setMessageContext(context);
encoder.initialize();
encoder.prepareContext();
encoder.encode();
*/
//return (ArtifactResponse)soapResponse.getBody().getUnknownXMLObjects().get(0);
AbstractPipelineHttpSOAPClient<SAMLObject, SAMLObject> soapClient = new AbstractPipelineHttpSOAPClient() {
protected HttpClientMessagePipeline newPipeline() throws SOAPException {
HttpClientRequestSOAP11Encoder encoder = new HttpClientRequestSOAP11Encoder();
HttpClientResponseSOAP11Decoder decoder = new HttpClientResponseSOAP11Decoder();
decoder.setBodyHandler(new SAMLSOAPDecoderBodyHandler());
BasicHttpClientMessagePipeline pipeline = new BasicHttpClientMessagePipeline(
encoder,
decoder
);
BasicMessageHandlerChain<SAMLObject> outboundPayloadHandler = new BasicMessageHandlerChain<SAMLObject>();
outboundPayloadHandler.setHandlers(Lists.<MessageHandler<SAMLObject>>newArrayList(
new SAMLOutboundProtocolMessageSigningHandler()));
pipeline.setOutboundPayloadHandler(outboundPayloadHandler);
pipeline.setInboundHandler(new SAMLSOAPDecoderBodyHandler());
return pipeline;
}};
HttpClientBuilder clientBuilder = new HttpClientBuilder();
soapClient.setHttpClient(clientBuilder.buildClient());
soapClient.send(IDPConstants.ARTIFACT_RESOLUTION_SERVICE, context);
System.out.println(context.getInboundMessageContext().getMessage());
return context.getInboundMessageContext().getMessage();
} catch (SecurityException e) {
throw new RuntimeException(e);
} catch (ComponentInitializationException e) {
e.printStackTrace();
} catch (MessageEncodingException e) {
e.printStackTrace();
} catch (IllegalAccessException e) {
e.printStackTrace();
} catch (Exception e) {
e.printStackTrace();
}
return null;