org.opensaml.DefaultBootstrap Java Examples

The following examples show how to use org.opensaml.DefaultBootstrap. You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
Source File: DefaultSAML2SSOManager.java    From carbon-identity with Apache License 2.0 6 votes vote down vote up
public static void doBootstrap() {

        /* Initializing the OpenSAML library */
        if (!bootStrapped) {
            Thread thread = Thread.currentThread();
            ClassLoader loader = thread.getContextClassLoader();
            thread.setContextClassLoader(new DefaultSAML2SSOManager().getClass().getClassLoader());
            try {
                DefaultBootstrap.bootstrap();
                bootStrapped = true;
            } catch (ConfigurationException e) {
                log.error("Error in bootstrapping the OpenSAML2 library", e);
            } finally {
                thread.setContextClassLoader(loader);
            }
        }
    }
 
Example #2
Source File: SAML2BearerGrantHandler.java    From carbon-identity with Apache License 2.0 6 votes vote down vote up
@Override
public void init() throws IdentityOAuth2Exception {

    super.init();

    Thread thread = Thread.currentThread();
    ClassLoader loader = thread.getContextClassLoader();
    thread.setContextClassLoader(this.getClass().getClassLoader());

    try {
        DefaultBootstrap.bootstrap();
    } catch (ConfigurationException e) {
        log.error("Error in bootstrapping the OpenSAML2 library", e);
        throw new IdentityOAuth2Exception("Error in bootstrapping the OpenSAML2 library");
    } finally {
        thread.setContextClassLoader(loader);
    }

    profileValidator = new SAMLSignatureProfileValidator();
}
 
Example #3
Source File: SAMLSSOUtil.java    From carbon-identity with Apache License 2.0 5 votes vote down vote up
public static void doBootstrap() {
    if (!isBootStrapped) {
        try {
            DefaultBootstrap.bootstrap();
            isBootStrapped = true;
        } catch (ConfigurationException e) {
            log.error("Error in bootstrapping the OpenSAML2 library", e);
        }
    }
}
 
Example #4
Source File: ArtifactBindingHelper.java    From secure-data-service with Apache License 2.0 5 votes vote down vote up
@PostConstruct
private void initializeOpenSAMLLibrary() {
    try {
        DefaultBootstrap.bootstrap();
    } catch (ConfigurationException ex) {
        LOG.error("Error composing artifact resolution request: xml object configuration initialization failed", ex);
        throw new IllegalArgumentException("Couldn't compose artifact resolution request", ex);
    }
}
 
Example #5
Source File: SAMLUtils.java    From cloudstack with Apache License 2.0 5 votes vote down vote up
public static String buildAuthnRequestUrl(final String authnId, final SAMLProviderMetadata spMetadata, final SAMLProviderMetadata idpMetadata, final String signatureAlgorithm) {
    String redirectUrl = "";
    try {
        DefaultBootstrap.bootstrap();
        AuthnRequest authnRequest = SAMLUtils.buildAuthnRequestObject(authnId, spMetadata.getEntityId(), idpMetadata.getSsoUrl(), spMetadata.getSsoUrl());
        PrivateKey privateKey = null;
        if (spMetadata.getKeyPair() != null) {
            privateKey = spMetadata.getKeyPair().getPrivate();
        }
        redirectUrl = idpMetadata.getSsoUrl() + "?" + SAMLUtils.generateSAMLRequestSignature("SAMLRequest=" + SAMLUtils.encodeSAMLRequest(authnRequest), privateKey, signatureAlgorithm);
    } catch (ConfigurationException | FactoryConfigurationError | MarshallingException | IOException | NoSuchAlgorithmException | InvalidKeyException | java.security.SignatureException e) {
        s_logger.error("SAML AuthnRequest message building error: " + e.getMessage());
    }
    return redirectUrl;
}
 
Example #6
Source File: SAML2LoginAPIAuthenticatorCmd.java    From cloudstack with Apache License 2.0 5 votes vote down vote up
public Response processSAMLResponse(String responseMessage) {
    Response responseObject = null;
    try {
        DefaultBootstrap.bootstrap();
        responseObject = SAMLUtils.decodeSAMLResponse(responseMessage);

    } catch (ConfigurationException | FactoryConfigurationError | ParserConfigurationException | SAXException | IOException | UnmarshallingException e) {
        s_logger.error("SAMLResponse processing error: " + e.getMessage());
    }
    return responseObject;
}
 
Example #7
Source File: Util.java    From carbon-commons with Apache License 2.0 5 votes vote down vote up
/**
 * This method is used to initialize the OpenSAML2 library. It calls the bootstrap method, if it
 * is not initialized yet.
 */
public static void doBootstrap() {
    if (!bootStrapped) {
        try {
            DefaultBootstrap.bootstrap();
            bootStrapped = true;
        } catch (ConfigurationException e) {
            System.err.println("Error in bootstrapping the OpenSAML2 library");
            e.printStackTrace();
        }
    }
}
 
Example #8
Source File: SAMLInit.java    From saml-sdk-java with Apache License 2.0 5 votes vote down vote up
public static void initialize()
    throws SAMLException
{
    try {
        DefaultBootstrap.bootstrap();
    } catch (ConfigurationException e) {
        throw new SAMLException(e);
    }
}
 
Example #9
Source File: SSOAgentUtils.java    From carbon-identity with Apache License 2.0 5 votes vote down vote up
public static void doBootstrap() throws SSOAgentException {
    if (!isBootStrapped) {
        try {
            DefaultBootstrap.bootstrap();
            isBootStrapped = true;
        } catch (ConfigurationException e) {
            throw new SSOAgentException("Error in bootstrapping the OpenSAML2 library", e);
        }
    }
}
 
Example #10
Source File: WSXACMLEntitlementServiceClient.java    From carbon-identity with Apache License 2.0 5 votes vote down vote up
/**
 * Bootstrap the OpenSAML2 library only if it is not bootstrapped.
 */
public static void doBootstrap() {

    if (!isBootStrapped) {
        try {
            DefaultBootstrap.bootstrap();
            isBootStrapped = true;
        } catch (ConfigurationException e) {
            log.error("Error in bootstrapping the OpenSAML2 library", e);
        }
    }
}
 
Example #11
Source File: WSXACMLEntitlementServiceClient.java    From micro-integrator with Apache License 2.0 5 votes vote down vote up
/**
 * Bootstrap the OpenSAML2 library only if it is not bootstrapped.
 */
public static void doBootstrap() {

    if (!isBootStrapped) {
        try {
            DefaultBootstrap.bootstrap();
            isBootStrapped = true;
        } catch (ConfigurationException e) {
            log.error("Error in bootstrapping the OpenSAML2 library", e);
        }
    }
}
 
Example #12
Source File: Util.java    From carbon-identity with Apache License 2.0 5 votes vote down vote up
/**
 * This method is used to initialize the OpenSAML2 library. It calls the bootstrap method, if it
 * is not initialized yet.
 */
public static void doBootstrap() {

    if (!bootStrapped) {
        try {
            DefaultBootstrap.bootstrap();
            bootStrapped = true;
        } catch (ConfigurationException e) {
            log.error("Error in bootstrapping the OpenSAML2 library", e);
        }
    }
}
 
Example #13
Source File: Util.java    From carbon-identity with Apache License 2.0 5 votes vote down vote up
/**
 * This method is used to initialize the OpenSAML2 library. It calls the bootstrap method, if it
 * is not initialized yet.
 */
public static void doBootstrap() {
    if (!bootStrapped) {
        try {
            DefaultBootstrap.bootstrap();
            bootStrapped = true;
        } catch (ConfigurationException e) {
            log.error("Error in bootstrapping the OpenSAML2 library", e);
        }
    }
}
 
Example #14
Source File: PassiveSTSManager.java    From carbon-identity with Apache License 2.0 5 votes vote down vote up
public static void doBootstrap() {

        /* Initializing the OpenSAML library */
        if (!bootStrapped) {
            try {
                DefaultBootstrap.bootstrap();
                bootStrapped = true;
            } catch (ConfigurationException e) {
                log.error("Error in bootstrapping the OpenSAML2 library", e);
            }
        }
    }
 
Example #15
Source File: WSXACMLMessageReceiver.java    From carbon-identity with Apache License 2.0 5 votes vote down vote up
/**
 * Bootstrap the OpenSAML2 library only if it is not bootstrapped.
 */
public static void doBootstrap() {

    if (!isBootStrapped) {
        try {
            DefaultBootstrap.bootstrap();
            isBootStrapped = true;
        } catch (ConfigurationException e) {
            log.error("Error in bootstrapping the OpenSAML2 library", e);
        }
    }
}
 
Example #16
Source File: MetadataGenerator.java    From MaxKey with Apache License 2.0 5 votes vote down vote up
/** Constructor. */
public MetadataGenerator() {
	try {
		parser = new BasicParserPool();
		parser.setNamespaceAware(true);
		DefaultBootstrap.bootstrap();
		builderFactory = org.opensaml.xml.Configuration.getBuilderFactory();
		marshallerFactory = org.opensaml.xml.Configuration.getMarshallerFactory();
		unmarshallerFactory = org.opensaml.xml.Configuration.getUnmarshallerFactory();
	} catch (ConfigurationException e) {
		e.printStackTrace();
	}

}
 
Example #17
Source File: OAuth2SAMLUtil.java    From jam-collaboration-sample with Apache License 2.0 4 votes vote down vote up
public static String buildSignedSAML2Assertion(
    final String idpId,
    final String destinationUri,
    
    final String subjectNameId,
    final String subjectNameIdFormat,
    final String subjectNameIdQualifier,

    final PrivateKey idpPrivateKey,
    final X509Certificate idpCertificate,
    final String spJamId,
    final Map<String, List<Object>> attributes) throws Exception {
            
    // Bootstrap the OpenSAML library
    try {
        DefaultBootstrap.bootstrap();
    } catch (ConfigurationException e) {
        
    }

    DateTime issueInstant = new DateTime();
    DateTime notOnOrAfter = issueInstant.plusMinutes(10);
    DateTime notBefore = issueInstant.minusMinutes(10);
    
    NameID nameID = makeEmailFormatName(subjectNameId, subjectNameIdFormat, subjectNameIdQualifier);
    
    SubjectConfirmationData subjectConfirmationData = (new SubjectConfirmationDataBuilder().buildObject());
    subjectConfirmationData.setRecipient(destinationUri);
    subjectConfirmationData.setNotOnOrAfter(notOnOrAfter);
    
    SubjectConfirmation subjectConfirmation = (new SubjectConfirmationBuilder().buildObject());
    subjectConfirmation.setMethod(SubjectConfirmation.METHOD_BEARER);
    subjectConfirmation.setSubjectConfirmationData(subjectConfirmationData);

    Subject subject = (new SubjectBuilder().buildObject());
    subject.setNameID(nameID);
    subject.getSubjectConfirmations().add(subjectConfirmation);
    
    Issuer issuer = (new IssuerBuilder().buildObject());
    issuer.setValue(idpId);
    
    Audience audience = (new AudienceBuilder().buildObject());
    audience.setAudienceURI(spJamId);
    
    AudienceRestriction audienceRestriction = (new AudienceRestrictionBuilder().buildObject());
    audienceRestriction.getAudiences().add(audience);
    
    Conditions conditions = (new ConditionsBuilder().buildObject());
    conditions.setNotBefore(notBefore);
    conditions.setNotOnOrAfter(notOnOrAfter);
    conditions.getAudienceRestrictions().add(audienceRestriction);
   
    Assertion assertion = (new AssertionBuilder().buildObject());
    assertion.setID(UUID.randomUUID().toString());
    assertion.setVersion(SAMLVersion.VERSION_20);
    assertion.setIssueInstant(issueInstant);
    assertion.setIssuer(issuer);
    assertion.setSubject(subject);
    assertion.setConditions(conditions);

    return signAssertion(assertion, idpPrivateKey);
}
 
Example #18
Source File: SamlAssertionProducer.java    From saml-generator with Apache License 2.0 4 votes vote down vote up
public Response createSAMLResponse(final String subjectId, final DateTime authenticationTime,
		                           final String credentialType, final HashMap<String, List<String>> attributes, String issuer, Integer samlAssertionDays) {
	
	try {
		DefaultBootstrap.bootstrap();
		
		Signature signature = createSignature();
		Status status = createStatus();
		Issuer responseIssuer = null;
		Issuer assertionIssuer = null;
		Subject subject = null;
		AttributeStatement attributeStatement = null;
		
		if (issuer != null) {
			responseIssuer = createIssuer(issuer);
			assertionIssuer = createIssuer(issuer);
		}
		
		if (subjectId != null) {
			subject = createSubject(subjectId, samlAssertionDays);
		}
		
		if (attributes != null && attributes.size() != 0) {
			attributeStatement = createAttributeStatement(attributes);
		}
		
		AuthnStatement authnStatement = createAuthnStatement(authenticationTime);
		
		Assertion assertion = createAssertion(new DateTime(), subject, assertionIssuer, authnStatement, attributeStatement);
		
		Response response = createResponse(new DateTime(), responseIssuer, status, assertion);
		response.setSignature(signature);
		
		ResponseMarshaller marshaller = new ResponseMarshaller();
		Element element = marshaller.marshall(response);
		
		if (signature != null) {
			Signer.signObject(signature);
		}
		
		ByteArrayOutputStream baos = new ByteArrayOutputStream();
		XMLHelper.writeNode(element, baos);
	
		return response;
		
	} catch (Throwable t) {
		t.printStackTrace();
		return null;
	}
}
 
Example #19
Source File: OAuth2SAMLWorkflowSample.java    From jam-collaboration-sample with Apache License 2.0 4 votes vote down vote up
private static Assertion buildSAML2Assertion(
        String baseUrl,
        String subjectNameId,
        String subjectNameIdFormat,
        String subjectNameIdQualifier,
        String idpId,
        String clientKey,
        boolean includeClientKeyAttribute)
{
    // Bootstrap the OpenSAML library
    try {
        DefaultBootstrap.bootstrap();
    } catch (ConfigurationException e) {
    }

    DateTime issueInstant = new DateTime();
    DateTime notOnOrAfter = issueInstant.plusMinutes(10);
    DateTime notBefore = issueInstant.minusMinutes(10);
    
    NameID nameID = (new NameIDBuilder().buildObject());
    if (subjectNameIdFormat.equals("email")) {
        nameID.setFormat(NameIDType.EMAIL);
    } else if (subjectNameIdFormat.equals("unspecified")) {
        nameID.setFormat(NameIDType.UNSPECIFIED);
    } else {
        throw new IllegalArgumentException("subjectNameIdFormat must be 'email' or 'unspecified'.");
    }
    if (subjectNameIdQualifier != null) {
        nameID.setNameQualifier(subjectNameIdQualifier);
    }
    nameID.setValue(subjectNameId);
    
    SubjectConfirmationData subjectConfirmationData = (new SubjectConfirmationDataBuilder().buildObject());
    subjectConfirmationData.setRecipient(baseUrl + ACCESS_TOKEN_URL_PATH);
    subjectConfirmationData.setNotOnOrAfter(notOnOrAfter);
    
    SubjectConfirmation subjectConfirmation = (new SubjectConfirmationBuilder().buildObject());
    subjectConfirmation.setMethod(SubjectConfirmation.METHOD_BEARER);
    subjectConfirmation.setSubjectConfirmationData(subjectConfirmationData);

    Subject subject = (new SubjectBuilder().buildObject());
    subject.setNameID(nameID);
    subject.getSubjectConfirmations().add(subjectConfirmation);
    
    Issuer issuer = (new IssuerBuilder().buildObject());
    issuer.setValue(idpId);
    
    Audience audience = (new AudienceBuilder().buildObject());
    audience.setAudienceURI(SP_ID_JAM);
    
    AudienceRestriction audienceRestriction = (new AudienceRestrictionBuilder().buildObject());
    audienceRestriction.getAudiences().add(audience);
    
    Conditions conditions = (new ConditionsBuilder().buildObject());
    conditions.setNotBefore(notBefore);
    conditions.setNotOnOrAfter(notOnOrAfter);
    conditions.getAudienceRestrictions().add(audienceRestriction);
   
    Assertion assertion = (new AssertionBuilder().buildObject());
    assertion.setID(UUID.randomUUID().toString());
    assertion.setVersion(SAMLVersion.VERSION_20);
    assertion.setIssueInstant(issueInstant);
    assertion.setIssuer(issuer);
    assertion.setSubject(subject);
    assertion.setConditions(conditions);
    
    if (includeClientKeyAttribute) {
        XSString attributeValue = (XSString)Configuration.getBuilderFactory().getBuilder(XSString.TYPE_NAME).buildObject(AttributeValue.DEFAULT_ELEMENT_NAME, XSString.TYPE_NAME);
        attributeValue.setValue(clientKey);

        Attribute attribute = (new AttributeBuilder().buildObject());
        attribute.setName("client_id");
        attribute.getAttributeValues().add(attributeValue);

        AttributeStatement attributeStatement = (new AttributeStatementBuilder().buildObject());
        attributeStatement.getAttributes().add(attribute);
        assertion.getAttributeStatements().add(attributeStatement);
    }

    return assertion;
}
 
Example #20
Source File: OAuth2SAMLWorkflowSample.java    From jam-collaboration-sample with Apache License 2.0 4 votes vote down vote up
private static Assertion buildSAML2Assertion(boolean includeClientKeyAttribute)
{
    // Bootstrap the OpenSAML library
    try {
        DefaultBootstrap.bootstrap();
    } catch (ConfigurationException e) {
    }

    DateTime issueInstant = new DateTime();
    DateTime notOnOrAfter = issueInstant.plusMinutes(10);
    DateTime notBefore = issueInstant.minusMinutes(10);
    
    NameID nameID = (new NameIDBuilder().buildObject());
    if (SUBJECT_NAME_ID_FORMAT.equals("email")) {
        nameID.setFormat(NameIDType.EMAIL);
    } else if (SUBJECT_NAME_ID_FORMAT.equals("unspecified")) {
        nameID.setFormat(NameIDType.UNSPECIFIED);
    } else {
        throw new IllegalArgumentException("SUBJECT_NAME_ID_FORMAT must be 'email' or 'unspecified'.");
    }
    if (subjectNameIdQualifier != null) {
        nameID.setNameQualifier(subjectNameIdQualifier);
    }
    nameID.setValue(SUBJECT_NAME_ID);
    
    SubjectConfirmationData subjectConfirmationData = (new SubjectConfirmationDataBuilder().buildObject());
    subjectConfirmationData.setRecipient(BASE_URL + ACCESS_TOKEN_URL_PATH);
    subjectConfirmationData.setNotOnOrAfter(notOnOrAfter);
    
    SubjectConfirmation subjectConfirmation = (new SubjectConfirmationBuilder().buildObject());
    subjectConfirmation.setMethod(SubjectConfirmation.METHOD_BEARER);
    subjectConfirmation.setSubjectConfirmationData(subjectConfirmationData);

    Subject subject = (new SubjectBuilder().buildObject());
    subject.setNameID(nameID);
    subject.getSubjectConfirmations().add(subjectConfirmation);
    
    Issuer issuer = (new IssuerBuilder().buildObject());
    issuer.setValue(IDP_ID);
    
    Audience audience = (new AudienceBuilder().buildObject());
    audience.setAudienceURI(SP_ID_JAM);
    
    AudienceRestriction audienceRestriction = (new AudienceRestrictionBuilder().buildObject());
    audienceRestriction.getAudiences().add(audience);
    
    Conditions conditions = (new ConditionsBuilder().buildObject());
    conditions.setNotBefore(notBefore);
    conditions.setNotOnOrAfter(notOnOrAfter);
    conditions.getAudienceRestrictions().add(audienceRestriction);
   
    Assertion assertion = (new AssertionBuilder().buildObject());
    assertion.setID(UUID.randomUUID().toString());
    assertion.setVersion(SAMLVersion.VERSION_20);
    assertion.setIssueInstant(issueInstant);
    assertion.setIssuer(issuer);
    assertion.setSubject(subject);
    assertion.setConditions(conditions);
    
    if (includeClientKeyAttribute) {
        XSString attributeValue = (XSString)Configuration.getBuilderFactory().getBuilder(XSString.TYPE_NAME).buildObject(AttributeValue.DEFAULT_ELEMENT_NAME, XSString.TYPE_NAME);
        attributeValue.setValue(CLIENT_KEY);

        Attribute attribute = (new AttributeBuilder().buildObject());
        attribute.setName("client_id");
        attribute.getAttributeValues().add(attributeValue);

        AttributeStatement attributeStatement = (new AttributeStatementBuilder().buildObject());
        attributeStatement.getAttributes().add(attribute);
        assertion.getAttributeStatements().add(attributeStatement);
    }

    return assertion;
}