From fdb33b728539769cb0c013b67e9f18387055b3e3 Mon Sep 17 00:00:00 2001
From: srasmusson <rasmusson.stefan@gmail.com>
Date: Mon, 25 Apr 2016 20:27:15 +0200
Subject: [PATCH] fixed soap sending of artifact resolve

---
 .../opensamlbook/sp/ConsumerServlet.java      | 86 ++++++++++++++-----
 1 file changed, 65 insertions(+), 21 deletions(-)

diff --git a/src/main/java/no/steras/opensamlbook/sp/ConsumerServlet.java b/src/main/java/no/steras/opensamlbook/sp/ConsumerServlet.java
index 939a7fc..7a386ba 100644
--- a/src/main/java/no/steras/opensamlbook/sp/ConsumerServlet.java
+++ b/src/main/java/no/steras/opensamlbook/sp/ConsumerServlet.java
@@ -1,9 +1,38 @@
 package no.steras.opensamlbook.sp;
 
+import net.shibboleth.utilities.java.support.component.ComponentInitializationException;
+import net.shibboleth.utilities.java.support.xml.BasicParserPool;
 import no.steras.opensamlbook.OpenSAMLUtils;
 import no.steras.opensamlbook.idp.IDPConstants;
 import no.steras.opensamlbook.idp.IDPCredentials;
 import org.joda.time.DateTime;
+import org.opensaml.core.xml.XMLObject;
+import org.opensaml.core.xml.config.XMLObjectProviderRegistrySupport;
+import org.opensaml.core.xml.io.MarshallingException;
+import org.opensaml.core.xml.schema.XSString;
+import org.opensaml.messaging.context.MessageContext;
+import org.opensaml.messaging.encoder.MessageEncodingException;
+import org.opensaml.saml.common.messaging.context.SAMLEndpointContext;
+import org.opensaml.saml.common.messaging.context.SAMLPeerEntityContext;
+import org.opensaml.saml.common.xml.SAMLConstants;
+import org.opensaml.saml.saml2.binding.encoding.impl.HTTPSOAP11Encoder;
+import org.opensaml.saml.saml2.core.*;
+import org.opensaml.saml.saml2.encryption.Decrypter;
+import org.opensaml.saml.saml2.metadata.ArtifactResolutionService;
+import org.opensaml.saml.saml2.metadata.Endpoint;
+import org.opensaml.saml.saml2.metadata.SingleSignOnService;
+import org.opensaml.saml.security.impl.SAMLSignatureProfileValidator;
+import org.opensaml.soap.client.http.HttpSOAPClient;
+import org.opensaml.soap.common.SOAPException;
+import org.opensaml.soap.soap11.Envelope;
+import org.opensaml.xmlsec.encryption.support.DecryptionException;
+import org.opensaml.xmlsec.encryption.support.InlineEncryptedKeyResolver;
+import org.opensaml.xmlsec.keyinfo.impl.StaticKeyInfoCredentialResolver;
+import org.opensaml.xmlsec.signature.Signature;
+import org.opensaml.xmlsec.signature.support.SignatureConstants;
+import org.opensaml.xmlsec.signature.support.SignatureException;
+import org.opensaml.xmlsec.signature.support.SignatureValidator;
+import org.opensaml.xmlsec.signature.support.Signer;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
@@ -11,13 +40,14 @@ import javax.servlet.ServletException;
 import javax.servlet.http.HttpServlet;
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
+import javax.xml.bind.ValidationException;
 import java.io.IOException;
 
 /**
  * Created by Privat on 4/6/14.
  */
 public class ConsumerServlet extends HttpServlet {
-   /* private static Logger logger = LoggerFactory.getLogger(ConsumerServlet.class);
+    private static Logger logger = LoggerFactory.getLogger(ConsumerServlet.class);
 
     @Override
     protected void doGet(final HttpServletRequest req, final HttpServletResponse resp) throws ServletException, IOException {
@@ -31,7 +61,7 @@ public class ConsumerServlet extends HttpServlet {
         logger.info("ArtifactResolve: ");
         OpenSAMLUtils.logSAMLObject(artifactResolve);
 
-        ArtifactResponse artifactResponse = sendAndReceiveArtifactResolve(artifactResolve);
+        ArtifactResponse artifactResponse = sendAndReceiveArtifactResolve(artifactResolve, resp);
         logger.info("ArtifactResponse received");
         logger.info("ArtifactResponse: ");
         OpenSAMLUtils.logSAMLObject(artifactResponse);
@@ -72,13 +102,12 @@ public class ConsumerServlet extends HttpServlet {
             SAMLSignatureProfileValidator profileValidator = new SAMLSignatureProfileValidator();
             profileValidator.validate(assertion.getSignature());
 
-            SignatureValidator sigValidator = new SignatureValidator(IDPCredentials.getCredential());
 
-            sigValidator.validate(assertion.getSignature());
+            SignatureValidator.validate(assertion.getSignature(), IDPCredentials.getCredential());
 
             logger.info("SAML Assertion signature verified");
-        } catch (ValidationException e) {
-            throw new RuntimeException(e);
+        } catch (SignatureException e) {
+            e.printStackTrace();
         }
 
     }
@@ -92,7 +121,7 @@ public class ConsumerServlet extends HttpServlet {
         artifactResolve.setSignature(signature);
 
         try {
-            Configuration.getMarshallerFactory().getMarshaller(artifactResolve).marshall(artifactResolve);
+            XMLObjectProviderRegistrySupport.getMarshallerFactory().getMarshaller(artifactResolve).marshall(artifactResolve);
         } catch (MarshallingException e) {
             throw new RuntimeException(e);
         }
@@ -141,27 +170,35 @@ public class ConsumerServlet extends HttpServlet {
         return response.getEncryptedAssertions().get(0);
     }
 
-    private ArtifactResponse sendAndReceiveArtifactResolve(final ArtifactResolve artifactResolve) {
+    private ArtifactResponse sendAndReceiveArtifactResolve(final ArtifactResolve artifactResolve, HttpServletResponse servletResponse) {
         try {
-            Envelope envelope = OpenSAMLUtils.wrapInSOAPEnvelope(artifactResolve);
 
-            HttpClientBuilder clientBuilder = new HttpClientBuilder();
-            HttpSOAPClient soapClient = new HttpSOAPClient(clientBuilder.buildClient(), new BasicParserPool());
+            HTTPSOAP11Encoder encoder = new HTTPSOAP11Encoder();
+            MessageContext context = new MessageContext();
 
-            BasicSOAPMessageContext soapContext = new BasicSOAPMessageContext();
-            soapContext.setOutboundMessage(envelope);
+            SAMLPeerEntityContext peerEntityContext = context.getSubcontext(SAMLPeerEntityContext.class, true);
+            peerEntityContext.setEntityId(IDPConstants.IDP_ENTITY_ID);
 
-            soapClient.send(IDPConstants.ARTIFACT_RESOLUTION_SERVICE, soapContext);
+            SAMLEndpointContext endpointContext = peerEntityContext.getSubcontext(SAMLEndpointContext.class, true);
+            endpointContext.setEndpoint(getIPDArtifactResolutionEndpoint());
+            context.setMessage(artifactResolve);
 
-            Envelope soapResponse = (Envelope)soapContext.getInboundMessage();
-            return (ArtifactResponse)soapResponse.getBody().getUnknownXMLObjects().get(0);
-        } catch (IllegalAccessException e) {
-            throw new RuntimeException(e);
+            encoder.setHttpServletResponse(servletResponse);
+            encoder.setMessageContext(context);
+            encoder.initialize();
+            encoder.encode();
+
+
+            //return (ArtifactResponse)soapResponse.getBody().getUnknownXMLObjects().get(0);
         } catch (SecurityException e) {
             throw new RuntimeException(e);
-        } catch (SOAPException e) {
-            throw new RuntimeException(e);
+        } catch (ComponentInitializationException e) {
+            e.printStackTrace();
+        } catch (MessageEncodingException e) {
+            e.printStackTrace();
         }
+        return null;
+
     }
 
     private Artifact buildArtifactFromRequest(final HttpServletRequest req) {
@@ -187,6 +224,13 @@ public class ConsumerServlet extends HttpServlet {
 
         return artifactResolve;
     }
-    */
+
+    private Endpoint getIPDArtifactResolutionEndpoint() {
+        ArtifactResolutionService endpoint = OpenSAMLUtils.buildSAMLObject(ArtifactResolutionService.class);
+        endpoint.setBinding(SAMLConstants.SAML2_SOAP11_BINDING_URI);
+        endpoint.setLocation(IDPConstants.ARTIFACT_RESOLUTION_SERVICE);
+
+        return endpoint;
+    }
 
 }