fixed soap sending of artifact resolve
This commit is contained in:
srasmusson
@@ -1,9 +1,38 @@
|
||||
package no.steras.opensamlbook.sp;
|
||||
|
||||
import net.shibboleth.utilities.java.support.component.ComponentInitializationException;
|
||||
import net.shibboleth.utilities.java.support.xml.BasicParserPool;
|
||||
import no.steras.opensamlbook.OpenSAMLUtils;
|
||||
import no.steras.opensamlbook.idp.IDPConstants;
|
||||
import no.steras.opensamlbook.idp.IDPCredentials;
|
||||
import org.joda.time.DateTime;
|
||||
import org.opensaml.core.xml.XMLObject;
|
||||
import org.opensaml.core.xml.config.XMLObjectProviderRegistrySupport;
|
||||
import org.opensaml.core.xml.io.MarshallingException;
|
||||
import org.opensaml.core.xml.schema.XSString;
|
||||
import org.opensaml.messaging.context.MessageContext;
|
||||
import org.opensaml.messaging.encoder.MessageEncodingException;
|
||||
import org.opensaml.saml.common.messaging.context.SAMLEndpointContext;
|
||||
import org.opensaml.saml.common.messaging.context.SAMLPeerEntityContext;
|
||||
import org.opensaml.saml.common.xml.SAMLConstants;
|
||||
import org.opensaml.saml.saml2.binding.encoding.impl.HTTPSOAP11Encoder;
|
||||
import org.opensaml.saml.saml2.core.*;
|
||||
import org.opensaml.saml.saml2.encryption.Decrypter;
|
||||
import org.opensaml.saml.saml2.metadata.ArtifactResolutionService;
|
||||
import org.opensaml.saml.saml2.metadata.Endpoint;
|
||||
import org.opensaml.saml.saml2.metadata.SingleSignOnService;
|
||||
import org.opensaml.saml.security.impl.SAMLSignatureProfileValidator;
|
||||
import org.opensaml.soap.client.http.HttpSOAPClient;
|
||||
import org.opensaml.soap.common.SOAPException;
|
||||
import org.opensaml.soap.soap11.Envelope;
|
||||
import org.opensaml.xmlsec.encryption.support.DecryptionException;
|
||||
import org.opensaml.xmlsec.encryption.support.InlineEncryptedKeyResolver;
|
||||
import org.opensaml.xmlsec.keyinfo.impl.StaticKeyInfoCredentialResolver;
|
||||
import org.opensaml.xmlsec.signature.Signature;
|
||||
import org.opensaml.xmlsec.signature.support.SignatureConstants;
|
||||
import org.opensaml.xmlsec.signature.support.SignatureException;
|
||||
import org.opensaml.xmlsec.signature.support.SignatureValidator;
|
||||
import org.opensaml.xmlsec.signature.support.Signer;
|
||||
import org.slf4j.Logger;
|
||||
import org.slf4j.LoggerFactory;
|
||||
|
||||
@@ -11,13 +40,14 @@ import javax.servlet.ServletException;
|
||||
import javax.servlet.http.HttpServlet;
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
import javax.servlet.http.HttpServletResponse;
|
||||
import javax.xml.bind.ValidationException;
|
||||
import java.io.IOException;
|
||||
|
||||
/**
|
||||
* Created by Privat on 4/6/14.
|
||||
*/
|
||||
public class ConsumerServlet extends HttpServlet {
|
||||
/* private static Logger logger = LoggerFactory.getLogger(ConsumerServlet.class);
|
||||
private static Logger logger = LoggerFactory.getLogger(ConsumerServlet.class);
|
||||
|
||||
@Override
|
||||
protected void doGet(final HttpServletRequest req, final HttpServletResponse resp) throws ServletException, IOException {
|
||||
@@ -31,7 +61,7 @@ public class ConsumerServlet extends HttpServlet {
|
||||
logger.info("ArtifactResolve: ");
|
||||
OpenSAMLUtils.logSAMLObject(artifactResolve);
|
||||
|
||||
ArtifactResponse artifactResponse = sendAndReceiveArtifactResolve(artifactResolve);
|
||||
ArtifactResponse artifactResponse = sendAndReceiveArtifactResolve(artifactResolve, resp);
|
||||
logger.info("ArtifactResponse received");
|
||||
logger.info("ArtifactResponse: ");
|
||||
OpenSAMLUtils.logSAMLObject(artifactResponse);
|
||||
@@ -72,13 +102,12 @@ public class ConsumerServlet extends HttpServlet {
|
||||
SAMLSignatureProfileValidator profileValidator = new SAMLSignatureProfileValidator();
|
||||
profileValidator.validate(assertion.getSignature());
|
||||
|
||||
SignatureValidator sigValidator = new SignatureValidator(IDPCredentials.getCredential());
|
||||
|
||||
sigValidator.validate(assertion.getSignature());
|
||||
SignatureValidator.validate(assertion.getSignature(), IDPCredentials.getCredential());
|
||||
|
||||
logger.info("SAML Assertion signature verified");
|
||||
} catch (ValidationException e) {
|
||||
throw new RuntimeException(e);
|
||||
} catch (SignatureException e) {
|
||||
e.printStackTrace();
|
||||
}
|
||||
|
||||
}
|
||||
@@ -92,7 +121,7 @@ public class ConsumerServlet extends HttpServlet {
|
||||
artifactResolve.setSignature(signature);
|
||||
|
||||
try {
|
||||
Configuration.getMarshallerFactory().getMarshaller(artifactResolve).marshall(artifactResolve);
|
||||
XMLObjectProviderRegistrySupport.getMarshallerFactory().getMarshaller(artifactResolve).marshall(artifactResolve);
|
||||
} catch (MarshallingException e) {
|
||||
throw new RuntimeException(e);
|
||||
}
|
||||
@@ -141,27 +170,35 @@ public class ConsumerServlet extends HttpServlet {
|
||||
return response.getEncryptedAssertions().get(0);
|
||||
}
|
||||
|
||||
private ArtifactResponse sendAndReceiveArtifactResolve(final ArtifactResolve artifactResolve) {
|
||||
private ArtifactResponse sendAndReceiveArtifactResolve(final ArtifactResolve artifactResolve, HttpServletResponse servletResponse) {
|
||||
try {
|
||||
Envelope envelope = OpenSAMLUtils.wrapInSOAPEnvelope(artifactResolve);
|
||||
|
||||
HttpClientBuilder clientBuilder = new HttpClientBuilder();
|
||||
HttpSOAPClient soapClient = new HttpSOAPClient(clientBuilder.buildClient(), new BasicParserPool());
|
||||
HTTPSOAP11Encoder encoder = new HTTPSOAP11Encoder();
|
||||
MessageContext context = new MessageContext();
|
||||
|
||||
BasicSOAPMessageContext soapContext = new BasicSOAPMessageContext();
|
||||
soapContext.setOutboundMessage(envelope);
|
||||
SAMLPeerEntityContext peerEntityContext = context.getSubcontext(SAMLPeerEntityContext.class, true);
|
||||
peerEntityContext.setEntityId(IDPConstants.IDP_ENTITY_ID);
|
||||
|
||||
soapClient.send(IDPConstants.ARTIFACT_RESOLUTION_SERVICE, soapContext);
|
||||
SAMLEndpointContext endpointContext = peerEntityContext.getSubcontext(SAMLEndpointContext.class, true);
|
||||
endpointContext.setEndpoint(getIPDArtifactResolutionEndpoint());
|
||||
context.setMessage(artifactResolve);
|
||||
|
||||
Envelope soapResponse = (Envelope)soapContext.getInboundMessage();
|
||||
return (ArtifactResponse)soapResponse.getBody().getUnknownXMLObjects().get(0);
|
||||
} catch (IllegalAccessException e) {
|
||||
throw new RuntimeException(e);
|
||||
encoder.setHttpServletResponse(servletResponse);
|
||||
encoder.setMessageContext(context);
|
||||
encoder.initialize();
|
||||
encoder.encode();
|
||||
|
||||
|
||||
//return (ArtifactResponse)soapResponse.getBody().getUnknownXMLObjects().get(0);
|
||||
} catch (SecurityException e) {
|
||||
throw new RuntimeException(e);
|
||||
} catch (SOAPException e) {
|
||||
throw new RuntimeException(e);
|
||||
} catch (ComponentInitializationException e) {
|
||||
e.printStackTrace();
|
||||
} catch (MessageEncodingException e) {
|
||||
e.printStackTrace();
|
||||
}
|
||||
return null;
|
||||
|
||||
}
|
||||
|
||||
private Artifact buildArtifactFromRequest(final HttpServletRequest req) {
|
||||
@@ -187,6 +224,13 @@ public class ConsumerServlet extends HttpServlet {
|
||||
|
||||
return artifactResolve;
|
||||
}
|
||||
*/
|
||||
|
||||
private Endpoint getIPDArtifactResolutionEndpoint() {
|
||||
ArtifactResolutionService endpoint = OpenSAMLUtils.buildSAMLObject(ArtifactResolutionService.class);
|
||||
endpoint.setBinding(SAMLConstants.SAML2_SOAP11_BINDING_URI);
|
||||
endpoint.setLocation(IDPConstants.ARTIFACT_RESOLUTION_SERVICE);
|
||||
|
||||
return endpoint;
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user