org.opensaml.saml.common.messaging.context.SAMLBindingContext Java Examples

The following examples show how to use org.opensaml.saml.common.messaging.context.SAMLBindingContext. You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
Source File: AuthenticationHandlerSAML2.java    From sling-whiteboard with Apache License 2.0 5 votes vote down vote up 
private boolean validateRelayState(HttpServletRequest req, MessageContext messageContext) {
    SAMLBindingContext bindingContext = messageContext.getSubcontext(SAMLBindingContext.class, true);
    String reportedRelayState = bindingContext.getRelayState();
    SessionStorage relayStateStore = new SessionStorage(saml2ConfigService.getSaml2SessionAttr());
    String savedRelayState = relayStateStore.getString(req);
    if (savedRelayState == null || savedRelayState.isEmpty()){
        return false;
    } else if (savedRelayState.equals(reportedRelayState)){
        return true;
    }
    return false;
}
Example #2
Source File: SamlAssertionConsumerFunction.java    From armeria with Apache License 2.0 5 votes vote down vote up 
@Override
public HttpResponse serve(ServiceRequestContext ctx, AggregatedHttpRequest req,
                          String defaultHostname, SamlPortConfig portConfig) {
    try {
        final MessageContext<Response> messageContext;
        if (cfg.endpoint().bindingProtocol() == SamlBindingProtocol.HTTP_REDIRECT) {
            messageContext = HttpRedirectBindingUtil.toSamlObject(req, SAML_RESPONSE,
                                                                  idpConfigs, defaultIdpConfig);
        } else {
            messageContext = HttpPostBindingUtil.toSamlObject(req, SAML_RESPONSE);
        }

        final String endpointUri = cfg.endpoint().toUriString(portConfig.scheme().uriText(),
                                                              defaultHostname, portConfig.port());
        final Response response = messageContext.getMessage();
        final Assertion assertion = getValidatedAssertion(response, endpointUri);

        // Find a session index which is sent by an identity provider.
        final String sessionIndex = assertion.getAuthnStatements().stream()
                                             .map(AuthnStatement::getSessionIndex)
                                             .filter(Objects::nonNull)
                                             .findFirst().orElse(null);

        final SAMLBindingContext bindingContext = messageContext.getSubcontext(SAMLBindingContext.class);
        final String relayState = bindingContext != null ? bindingContext.getRelayState() : null;

        return ssoHandler.loginSucceeded(ctx, req, messageContext, sessionIndex, relayState);
    } catch (SamlException e) {
        return ssoHandler.loginFailed(ctx, req, null, e);
    }
}
Example #3
Source File: SamlServiceProviderTest.java    From armeria with Apache License 2.0 5 votes vote down vote up 
@Override
public CompletionStage<Void> beforeInitiatingSso(ServiceRequestContext ctx, HttpRequest req,
                                                 MessageContext<AuthnRequest> message,
                                                 SamlIdentityProviderConfig idpConfig) {
    message.getSubcontext(SAMLBindingContext.class, true)
           .setRelayState(req.path());
    return CompletableFuture.completedFuture(null);
}
Example #4
Source File: AuthenticationHandlerSAML2.java    From sling-whiteboard with Apache License 2.0 4 votes vote down vote up 
private void setRelayStateOnSession(HttpServletRequest req, SAMLBindingContext bindingContext) {
    String state = new BigInteger(130, new SecureRandom()).toString(32);
    bindingContext.setRelayState(state);
    SessionStorage sessionStorage = new SessionStorage(saml2ConfigService.getSaml2SessionAttr());
    sessionStorage.setString(req, state);
}