fixed soap sending of artifact resolve

2016-04-25 20:27:15 +02:00
parent 75a37456c4
commit fdb33b7285
1 changed files with 65 additions and 21 deletions
--- a/src/main/java/no/steras/opensamlbook/sp/ConsumerServlet.java
+++ b/src/main/java/no/steras/opensamlbook/sp/ConsumerServlet.java
@@ -1,9 +1,38 @@
 package no.steras.opensamlbook.sp;
 import net.shibboleth.utilities.java.support.component.ComponentInitializationException;
 import net.shibboleth.utilities.java.support.xml.BasicParserPool;
 import no.steras.opensamlbook.OpenSAMLUtils;
 import no.steras.opensamlbook.idp.IDPConstants;
 import no.steras.opensamlbook.idp.IDPCredentials;
 import org.joda.time.DateTime;
 import org.opensaml.core.xml.XMLObject;
 import org.opensaml.core.xml.config.XMLObjectProviderRegistrySupport;
 import org.opensaml.core.xml.io.MarshallingException;
 import org.opensaml.core.xml.schema.XSString;
 import org.opensaml.messaging.context.MessageContext;
 import org.opensaml.messaging.encoder.MessageEncodingException;
 import org.opensaml.saml.common.messaging.context.SAMLEndpointContext;
 import org.opensaml.saml.common.messaging.context.SAMLPeerEntityContext;
 import org.opensaml.saml.common.xml.SAMLConstants;
 import org.opensaml.saml.saml2.binding.encoding.impl.HTTPSOAP11Encoder;
 import org.opensaml.saml.saml2.core.*;
 import org.opensaml.saml.saml2.encryption.Decrypter;
 import org.opensaml.saml.saml2.metadata.ArtifactResolutionService;
 import org.opensaml.saml.saml2.metadata.Endpoint;
 import org.opensaml.saml.saml2.metadata.SingleSignOnService;
 import org.opensaml.saml.security.impl.SAMLSignatureProfileValidator;
 import org.opensaml.soap.client.http.HttpSOAPClient;
 import org.opensaml.soap.common.SOAPException;
 import org.opensaml.soap.soap11.Envelope;
 import org.opensaml.xmlsec.encryption.support.DecryptionException;
 import org.opensaml.xmlsec.encryption.support.InlineEncryptedKeyResolver;
 import org.opensaml.xmlsec.keyinfo.impl.StaticKeyInfoCredentialResolver;
 import org.opensaml.xmlsec.signature.Signature;
 import org.opensaml.xmlsec.signature.support.SignatureConstants;
 import org.opensaml.xmlsec.signature.support.SignatureException;
 import org.opensaml.xmlsec.signature.support.SignatureValidator;
 import org.opensaml.xmlsec.signature.support.Signer;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
@@ -11,13 +40,14 @@ import javax.servlet.ServletException;
 import javax.servlet.http.HttpServlet;
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 import javax.xml.bind.ValidationException;
 import java.io.IOException;
 /**
 * Created by Privat on 4/6/14.
 */
 public class ConsumerServlet extends HttpServlet {
-   /* private static Logger logger = LoggerFactory.getLogger(ConsumerServlet.class);
+    private static Logger logger = LoggerFactory.getLogger(ConsumerServlet.class);
    @Override
    protected void doGet(final HttpServletRequest req, final HttpServletResponse resp) throws ServletException, IOException {
@@ -31,7 +61,7 @@ public class ConsumerServlet extends HttpServlet {
        logger.info("ArtifactResolve: ");
        OpenSAMLUtils.logSAMLObject(artifactResolve);
-        ArtifactResponse artifactResponse = sendAndReceiveArtifactResolve(artifactResolve);
+        ArtifactResponse artifactResponse = sendAndReceiveArtifactResolve(artifactResolve, resp);
        logger.info("ArtifactResponse received");
        logger.info("ArtifactResponse: ");
        OpenSAMLUtils.logSAMLObject(artifactResponse);
@@ -72,13 +102,12 @@ public class ConsumerServlet extends HttpServlet {
            SAMLSignatureProfileValidator profileValidator = new SAMLSignatureProfileValidator();
            profileValidator.validate(assertion.getSignature());
            SignatureValidator sigValidator = new SignatureValidator(IDPCredentials.getCredential());
-            sigValidator.validate(assertion.getSignature());
+            SignatureValidator.validate(assertion.getSignature(), IDPCredentials.getCredential());
            logger.info("SAML Assertion signature verified");
-        } catch (ValidationException e) {
+        } catch (SignatureException e) {
-            throw new RuntimeException(e);
+            e.printStackTrace();
        }
    }
@@ -92,7 +121,7 @@ public class ConsumerServlet extends HttpServlet {
        artifactResolve.setSignature(signature);
        try {
-            Configuration.getMarshallerFactory().getMarshaller(artifactResolve).marshall(artifactResolve);
+            XMLObjectProviderRegistrySupport.getMarshallerFactory().getMarshaller(artifactResolve).marshall(artifactResolve);
        } catch (MarshallingException e) {
            throw new RuntimeException(e);
        }
@@ -141,27 +170,35 @@ public class ConsumerServlet extends HttpServlet {
        return response.getEncryptedAssertions().get(0);
    }
-    private ArtifactResponse sendAndReceiveArtifactResolve(final ArtifactResolve artifactResolve) {
+    private ArtifactResponse sendAndReceiveArtifactResolve(final ArtifactResolve artifactResolve, HttpServletResponse servletResponse) {
        try {
            Envelope envelope = OpenSAMLUtils.wrapInSOAPEnvelope(artifactResolve);
-            HttpClientBuilder clientBuilder = new HttpClientBuilder();
+            HTTPSOAP11Encoder encoder = new HTTPSOAP11Encoder();
-            HttpSOAPClient soapClient = new HttpSOAPClient(clientBuilder.buildClient(), new BasicParserPool());
+            MessageContext context = new MessageContext();
-            BasicSOAPMessageContext soapContext = new BasicSOAPMessageContext();
+            SAMLPeerEntityContext peerEntityContext = context.getSubcontext(SAMLPeerEntityContext.class, true);
-            soapContext.setOutboundMessage(envelope);
+            peerEntityContext.setEntityId(IDPConstants.IDP_ENTITY_ID);
-            soapClient.send(IDPConstants.ARTIFACT_RESOLUTION_SERVICE, soapContext);
+            SAMLEndpointContext endpointContext = peerEntityContext.getSubcontext(SAMLEndpointContext.class, true);
            endpointContext.setEndpoint(getIPDArtifactResolutionEndpoint());
            context.setMessage(artifactResolve);
-            Envelope soapResponse = (Envelope)soapContext.getInboundMessage();
+            encoder.setHttpServletResponse(servletResponse);
-            return (ArtifactResponse)soapResponse.getBody().getUnknownXMLObjects().get(0);
+            encoder.setMessageContext(context);
-        } catch (IllegalAccessException e) {
+            encoder.initialize();
-            throw new RuntimeException(e);
+            encoder.encode();
            //return (ArtifactResponse)soapResponse.getBody().getUnknownXMLObjects().get(0);
        } catch (SecurityException e) {
            throw new RuntimeException(e);
-        } catch (SOAPException e) {
+        } catch (ComponentInitializationException e) {
-            throw new RuntimeException(e);
+            e.printStackTrace();
        } catch (MessageEncodingException e) {
            e.printStackTrace();
        }
        return null;
    }
    private Artifact buildArtifactFromRequest(final HttpServletRequest req) {
@@ -187,6 +224,13 @@ public class ConsumerServlet extends HttpServlet {
        return artifactResolve;
    }
-    */
+
    private Endpoint getIPDArtifactResolutionEndpoint() {
        ArtifactResolutionService endpoint = OpenSAMLUtils.buildSAMLObject(ArtifactResolutionService.class);
        endpoint.setBinding(SAMLConstants.SAML2_SOAP11_BINDING_URI);
        endpoint.setLocation(IDPConstants.ARTIFACT_RESOLUTION_SERVICE);
        return endpoint;
    }
 }