Java Code Examples for org.opensaml.saml2.core.Response#setID()
The following examples show how to use
org.opensaml.saml2.core.Response#setID() .
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
| Source File: DefaultResponseBuilder.java From carbon-identity with Apache License 2.0 | 7 votes |
|
public Response buildResponse(SAMLSSOAuthnReqDTO authReqDTO, Assertion assertion)
throws IdentityException {
if (log.isDebugEnabled()) {
log.debug("Building SAML Response for the consumer '"
+ authReqDTO.getAssertionConsumerURL() + "'");
}
Response response = new org.opensaml.saml2.core.impl.ResponseBuilder().buildObject();
response.setIssuer(SAMLSSOUtil.getIssuer());
response.setID(SAMLSSOUtil.createID());
response.setInResponseTo(authReqDTO.getId());
response.setDestination(authReqDTO.getAssertionConsumerURL());
response.setStatus(buildStatus(SAMLSSOConstants.StatusCodes.SUCCESS_CODE, null));
response.setVersion(SAMLVersion.VERSION_20);
DateTime issueInstant = new DateTime();
response.setIssueInstant(issueInstant);
response.getAssertions().add(assertion);
if (authReqDTO.isDoSignResponse()) {
SAMLSSOUtil.setSignature(response, authReqDTO.getSigningAlgorithmUri(), authReqDTO.getDigestAlgorithmUri
(), new SignKeyDataHolder(authReqDTO.getUser().getAuthenticatedSubjectIdentifier()));
}
return response;
}
Example 2
| Source File: ErrorResponseBuilder.java From carbon-identity with Apache License 2.0 | 6 votes |
|
public static String generateErrorneousResponse() {
Response response = new ResponseBuilder().buildObject();
response.setIssuer(getIssuer());
response.setStatus(buildStatus());
response.setVersion(SAMLVersion.VERSION_20);
response.setID(UIDGenerator.generateUID());
try {
return encode(marshall(response));
} catch (IdentityException e) {
if (log.isDebugEnabled()) {
log.debug("Error while encoding.", e);
}
return null;
}
}
Example 3
| Source File: SAMLResponseBuilder.java From carbon-identity with Apache License 2.0 | 5 votes |
|
/**
* Build SAML response using IdP configuration & user name
*
* @param ssoIdPConfigs
* @param userName
* @return SAML Response object
* @throws IdentityException
*/
public Response buildSAMLResponse(SAMLSSOServiceProviderDO ssoIdPConfigs, String userName)
throws IdentityException {
if (log.isDebugEnabled()) {
log.debug("Building SAML Response for the consumer '" +
ssoIdPConfigs.getAssertionConsumerUrl() + "'");
}
Response response = new org.opensaml.saml2.core.impl.ResponseBuilder().buildObject();
response.setIssuer(SAMLSSOUtil.getIssuer());
response.setID(SAMLSSOUtil.createID());
response.setDestination(ssoIdPConfigs.getAssertionConsumerUrl());
response.setStatus(buildStatus(SAMLSSOConstants.StatusCodes.SUCCESS_CODE, null));
response.setVersion(SAMLVersion.VERSION_20);
DateTime issueInstant = new DateTime();
DateTime notOnOrAfter =
new DateTime(issueInstant.getMillis() +
SAMLSSOUtil.getSAMLResponseValidityPeriod() * 60 *
1000);
response.setIssueInstant(issueInstant);
Assertion assertion = buildSAMLAssertion(ssoIdPConfigs, notOnOrAfter, userName);
if (ssoIdPConfigs.isDoEnableEncryptedAssertion()) {
String domainName = MultitenantUtils.getTenantDomain(userName);
String alias = ssoIdPConfigs.getCertAlias();
if (alias != null) {
EncryptedAssertion encryptedAssertion =
SAMLSSOUtil.setEncryptedAssertion(assertion,
EncryptionConstants.ALGO_ID_BLOCKCIPHER_AES256,
alias,
domainName);
response.getEncryptedAssertions().add(encryptedAssertion);
}
} else {
response.getAssertions().add(assertion);
}
if (ssoIdPConfigs.isDoSignResponse()) {
SAMLSSOUtil.setSignature(response, ssoIdPConfigs.getSigningAlgorithmUri(), ssoIdPConfigs
.getDigestAlgorithmUri(), new SignKeyDataHolder(userName));
}
return response;
}
Example 4
| Source File: SamlAssertionProducer.java From saml-generator with Apache License 2.0 | 5 votes |
|
private Response createResponse(final DateTime issueDate, Issuer issuer, Status status, Assertion assertion) {
ResponseBuilder responseBuilder = new ResponseBuilder();
Response response = responseBuilder.buildObject();
response.setID(UUID.randomUUID().toString());
response.setIssueInstant(issueDate);
response.setVersion(SAMLVersion.VERSION_20);
response.setIssuer(issuer);
response.setStatus(status);
response.getAssertions().add(assertion);
return response;
}
Example 5
| Source File: SAML2LoginAPIAuthenticatorCmdTest.java From cloudstack with Apache License 2.0 | 5 votes |
|
private Response buildMockResponse() throws Exception {
Response samlMessage = new ResponseBuilder().buildObject();
samlMessage.setID("foo");
samlMessage.setVersion(SAMLVersion.VERSION_20);
samlMessage.setIssueInstant(new DateTime(0));
Issuer issuer = new IssuerBuilder().buildObject();
issuer.setValue("MockedIssuer");
samlMessage.setIssuer(issuer);
Status status = new StatusBuilder().buildObject();
StatusCode statusCode = new StatusCodeBuilder().buildObject();
statusCode.setValue(StatusCode.SUCCESS_URI);
status.setStatusCode(statusCode);
samlMessage.setStatus(status);
Assertion assertion = new AssertionBuilder().buildObject();
Subject subject = new SubjectBuilder().buildObject();
NameID nameID = new NameIDBuilder().buildObject();
nameID.setValue("SOME-UNIQUE-ID");
nameID.setFormat(NameIDType.PERSISTENT);
subject.setNameID(nameID);
assertion.setSubject(subject);
AuthnStatement authnStatement = new AuthnStatementBuilder().buildObject();
authnStatement.setSessionIndex("Some Session String");
assertion.getAuthnStatements().add(authnStatement);
AttributeStatement attributeStatement = new AttributeStatementBuilder().buildObject();
assertion.getAttributeStatements().add(attributeStatement);
samlMessage.getAssertions().add(assertion);
return samlMessage;
}
Example 6
| Source File: AuthnResponseGenerator.java From MaxKey with Apache License 2.0 | 4 votes |
|
public Response generateAuthnResponse( AppsSAML20Details saml20Details,
AuthnRequestInfo authnRequestInfo,
HashMap<String,String>attributeMap,
BindingAdapter bindingAdapter){
Response authResponse = new ResponseBuilder().buildObject();
//builder Assertion
Assertion assertion = assertionGenerator.generateAssertion(
saml20Details,
bindingAdapter,
saml20Details.getSpAcsUrl(),
authnRequestInfo.getAuthnRequestID(),
saml20Details.getAudience(),
Integer.parseInt(saml20Details.getValidityInterval()),
attributeMap);
//Encrypt
if(Boolean.isTrue(saml20Details.getEncrypted())) {
logger.info("begin to encrypt assertion");
try {
// Assume this contains a recipient's RSA public
EncryptionParameters encryptionParameters = new EncryptionParameters();
encryptionParameters.setAlgorithm(EncryptionConstants.ALGO_ID_BLOCKCIPHER_AES128);
logger.info("encryption assertion Algorithm : "+EncryptionConstants.ALGO_ID_BLOCKCIPHER_AES128);
KeyEncryptionParameters keyEncryptionParameters = new KeyEncryptionParameters();
keyEncryptionParameters.setEncryptionCredential(bindingAdapter.getSpSigningCredential());
// kekParams.setAlgorithm(EncryptionConstants.ALGO_ID_KEYTRANSPORT_RSAOAEP);
keyEncryptionParameters.setAlgorithm(EncryptionConstants.ALGO_ID_KEYTRANSPORT_RSA15);
logger.info("keyEncryption Algorithm : "+EncryptionConstants.ALGO_ID_KEYTRANSPORT_RSA15);
KeyInfoGeneratorFactory keyInfoGeneratorFactory = Configuration
.getGlobalSecurityConfiguration()
.getKeyInfoGeneratorManager().getDefaultManager()
.getFactory(bindingAdapter.getSpSigningCredential());
keyEncryptionParameters.setKeyInfoGenerator(keyInfoGeneratorFactory.newInstance());
Encrypter encrypter = new Encrypter(encryptionParameters, keyEncryptionParameters);
encrypter.setKeyPlacement(KeyPlacement.PEER);
EncryptedAssertion encryptedAssertion = encrypter.encrypt(assertion);
authResponse.getEncryptedAssertions().add(encryptedAssertion);
}catch(Exception e) {
logger.info("Unable to encrypt assertion .",e);
}
}else {
authResponse.getAssertions().add(assertion);
}
authResponse.setIssuer(issuerGenerator.generateIssuer());
authResponse.setID(idService.generateID());
authResponse.setIssueInstant(timeService.getCurrentDateTime());
authResponse.setInResponseTo(authnRequestInfo.getAuthnRequestID());
authResponse.setDestination(saml20Details.getSpAcsUrl());
authResponse.setStatus(statusGenerator.generateStatus(StatusCode.SUCCESS_URI));
logger.debug("authResponse.isSigned "+authResponse.isSigned());
return authResponse;
}
Example 7
| Source File: DefaultResponseBuilder.java From carbon-identity with Apache License 2.0 | 4 votes |
|
@Override
public Response buildResponse(SAMLSSOAuthnReqDTO authReqDTO, String sessionId)
throws IdentityException {
if (log.isDebugEnabled()) {
log.debug("Building SAML Response for the consumer '"
+ authReqDTO.getAssertionConsumerURL() + "'");
}
Response response = new org.opensaml.saml2.core.impl.ResponseBuilder().buildObject();
response.setIssuer(SAMLSSOUtil.getIssuer());
response.setID(SAMLSSOUtil.createID());
if (!authReqDTO.isIdPInitSSOEnabled()) {
response.setInResponseTo(authReqDTO.getId());
}
response.setDestination(authReqDTO.getAssertionConsumerURL());
response.setStatus(buildStatus(SAMLSSOConstants.StatusCodes.SUCCESS_CODE, null));
response.setVersion(SAMLVersion.VERSION_20);
DateTime issueInstant = new DateTime();
DateTime notOnOrAfter = new DateTime(issueInstant.getMillis()
+ SAMLSSOUtil.getSAMLResponseValidityPeriod() * 60 * 1000L);
response.setIssueInstant(issueInstant);
Assertion assertion = SAMLSSOUtil.buildSAMLAssertion(authReqDTO, notOnOrAfter, sessionId);
if (authReqDTO.isDoEnableEncryptedAssertion()) {
String domainName = authReqDTO.getTenantDomain();
String alias = authReqDTO.getCertAlias();
if (alias != null) {
EncryptedAssertion encryptedAssertion = SAMLSSOUtil.setEncryptedAssertion(assertion,
EncryptionConstants.ALGO_ID_BLOCKCIPHER_AES256, alias, domainName);
response.getEncryptedAssertions().add(encryptedAssertion);
}
} else {
response.getAssertions().add(assertion);
}
if (authReqDTO.isDoSignResponse()) {
SAMLSSOUtil.setSignature(response, authReqDTO.getSigningAlgorithmUri(), authReqDTO.getDigestAlgorithmUri
(), new SignKeyDataHolder(authReqDTO.getUser().getAuthenticatedSubjectIdentifier()));
}
return response;
}
