Java Code Examples for org.opensaml.saml2.core.Response#getStatus()
The following examples show how to use
org.opensaml.saml2.core.Response#getStatus() .
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
| Source File: SAML2SSOManager.java From carbon-identity with Apache License 2.0 | 5 votes |
|
protected boolean isNoPassive(Response response) {
return response.getStatus() != null &&
response.getStatus().getStatusCode() != null &&
response.getStatus().getStatusCode().getValue().equals(StatusCode.RESPONDER_URI) &&
response.getStatus().getStatusCode().getStatusCode() != null &&
response.getStatus().getStatusCode().getStatusCode().getValue().equals(
StatusCode.NO_PASSIVE_URI);
}
Example 2
| Source File: DefaultSAML2SSOManager.java From carbon-identity with Apache License 2.0 | 4 votes |
|
private void processSSOResponse(HttpServletRequest request) throws SAMLSSOException {
Response samlResponse = (Response) unmarshall(new String(Base64.decode(request.getParameter(
SSOConstants.HTTP_POST_PARAM_SAML2_RESP))));
Assertion assertion = null;
if (SSOUtils.isAssertionEncryptionEnabled(properties)) {
List<EncryptedAssertion> encryptedAssertions = samlResponse.getEncryptedAssertions();
EncryptedAssertion encryptedAssertion = null;
if (CollectionUtils.isNotEmpty(encryptedAssertions)) {
encryptedAssertion = encryptedAssertions.get(0);
try {
assertion = getDecryptedAssertion(encryptedAssertion);
} catch (Exception e) {
throw new SAMLSSOException("Unable to decrypt the SAML Assertion", e);
}
}
} else {
List<Assertion> assertions = samlResponse.getAssertions();
if (CollectionUtils.isNotEmpty(assertions)) {
assertion = assertions.get(0);
}
}
if (assertion == null) {
if (samlResponse.getStatus() != null &&
samlResponse.getStatus().getStatusCode() != null &&
samlResponse.getStatus().getStatusCode().getValue().equals(
SSOConstants.StatusCodes.IDENTITY_PROVIDER_ERROR) &&
samlResponse.getStatus().getStatusCode().getStatusCode() != null &&
samlResponse.getStatus().getStatusCode().getStatusCode().getValue().equals(
SSOConstants.StatusCodes.NO_PASSIVE)) {
return;
}
throw new SAMLSSOException("SAML Assertion not found in the Response");
}
// Get the subject name from the Response Object and forward it to login_action.jsp
String subject = null;
String nameQualifier = null;
String spNameQualifier = null;
if (assertion.getSubject() != null && assertion.getSubject().getNameID() != null) {
subject = assertion.getSubject().getNameID().getValue();
}
if (subject == null) {
throw new SAMLSSOException("SAML Response does not contain the name of the subject");
}
request.getSession().setAttribute("username", subject); // get the subject
nameQualifier = assertion.getSubject().getNameID().getNameQualifier();
spNameQualifier = assertion.getSubject().getNameID().getSPNameQualifier();
// validate audience restriction
validateAudienceRestriction(assertion);
// validate signature this SP only looking for assertion signature
validateSignature(samlResponse, assertion);
request.getSession(false).setAttribute("samlssoAttributes", getAssertionStatements(assertion));
//For removing the session when the single sign out request made by the SP itself
if (SSOUtils.isLogoutEnabled(properties)) {
String sessionId = assertion.getAuthnStatements().get(0).getSessionIndex();
if (sessionId == null) {
throw new SAMLSSOException("Single Logout is enabled but IdP Session ID not found in SAML Assertion");
}
request.getSession().setAttribute(SSOConstants.IDP_SESSION, sessionId);
request.getSession().setAttribute(SSOConstants.LOGOUT_USERNAME, nameQualifier);
request.getSession().setAttribute(SSOConstants.SP_NAME_QUALIFIER, spNameQualifier);
}
}
