org.opensaml.saml.saml2.core.Status Java Examples
The following examples show how to use
org.opensaml.saml.saml2.core.Status.
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
| Source File: ResponseServiceTest.java From verify-service-provider with MIT License | 6 votes |
|
@Test
public void shouldFailWhenInResponseToDoesNotMatchRequestId() throws Exception {
expectedException.expect(SamlResponseValidationException.class);
expectedException.expectMessage(String.format("Expected InResponseTo to be some-incorrect-request-id, but was %s", DEFAULT_REQUEST_ID));
EntityDescriptor entityDescriptor = createEntityDescriptorWithSigningCertificate(TEST_RP_PUBLIC_SIGNING_CERT);
when(hubMetadataResolver.resolve(any())).thenReturn(ImmutableList.of(entityDescriptor));
Status successStatus = aStatus().
withStatusCode(aStatusCode().withValue(StatusCode.SUCCESS).build())
.build();
Response response = signResponse(createNoAttributeResponseBuilder(successStatus), testRpSigningCredential);
matchingResponseService.convertTranslatedResponseBody(
responseToBase64StringTransformer.apply(response),
"some-incorrect-request-id",
LevelOfAssurance.LEVEL_2,
VERIFY_SERVICE_PROVIDER_ENTITY_ID
);
}
Example #2
| Source File: SAML2PResponseComponentBuilder.java From cxf-fediz with Apache License 2.0 | 6 votes |
|
public static LogoutResponse createSAMLLogoutResponse(
String inResponseTo,
String issuer,
Status status,
String destination
) {
if (logoutResponseBuilder == null) {
logoutResponseBuilder = (SAMLObjectBuilder<LogoutResponse>)
builderFactory.getBuilder(LogoutResponse.DEFAULT_ELEMENT_NAME);
}
LogoutResponse response = logoutResponseBuilder.buildObject();
response.setID(UUID.randomUUID().toString());
response.setIssueInstant(new DateTime());
response.setInResponseTo(inResponseTo);
response.setIssuer(createIssuer(issuer));
response.setStatus(status);
response.setVersion(SAMLVersion.VERSION_20);
response.setDestination(destination);
return response;
}
Example #3
| Source File: SAML2PResponseComponentBuilder.java From cxf-fediz with Apache License 2.0 | 6 votes |
|
@SuppressWarnings("unchecked")
public static Response createSAMLResponse(
String inResponseTo,
Issuer issuer,
Status status
) {
if (responseBuilder == null) {
responseBuilder = (SAMLObjectBuilder<Response>)
builderFactory.getBuilder(Response.DEFAULT_ELEMENT_NAME);
}
Response response = responseBuilder.buildObject();
response.setID(UUID.randomUUID().toString());
response.setIssueInstant(new DateTime());
response.setInResponseTo(inResponseTo);
response.setIssuer(issuer);
response.setStatus(status);
response.setVersion(SAMLVersion.VERSION_20);
return response;
}
Example #4
| Source File: SAML2PResponseComponentBuilder.java From cxf with Apache License 2.0 | 6 votes |
|
@SuppressWarnings("unchecked")
public static Response createSAMLResponse(
String inResponseTo,
String issuer,
Status status
) {
if (responseBuilder == null) {
responseBuilder = (SAMLObjectBuilder<Response>)
builderFactory.getBuilder(Response.DEFAULT_ELEMENT_NAME);
}
Response response = responseBuilder.buildObject();
response.setID(UUID.randomUUID().toString());
response.setIssueInstant(new DateTime());
response.setInResponseTo(inResponseTo);
response.setIssuer(createIssuer(issuer));
response.setStatus(status);
response.setVersion(SAMLVersion.VERSION_20);
return response;
}
Example #5
| Source File: SAML2PResponseComponentBuilder.java From cxf-fediz with Apache License 2.0 | 6 votes |
|
public static LogoutResponse createSAMLLogoutResponse(
String inResponseTo,
String issuer,
Status status,
String destination
) {
if (logoutResponseBuilder == null) {
logoutResponseBuilder = (SAMLObjectBuilder<LogoutResponse>)
builderFactory.getBuilder(LogoutResponse.DEFAULT_ELEMENT_NAME);
}
LogoutResponse response = logoutResponseBuilder.buildObject();
response.setID("_" + UUID.randomUUID().toString());
response.setIssueInstant(new DateTime());
response.setInResponseTo(inResponseTo);
response.setIssuer(createIssuer(issuer));
response.setStatus(status);
response.setVersion(SAMLVersion.VERSION_20);
response.setDestination(destination);
return response;
}
Example #6
| Source File: SAML2PResponseComponentBuilder.java From syncope with Apache License 2.0 | 6 votes |
|
public static Status createStatus(final String statusCodeValue, final String statusMessage) {
if (statusBuilder == null) {
statusBuilder = new StatusBuilder();
}
if (statusCodeBuilder == null) {
statusCodeBuilder = new StatusCodeBuilder();
}
if (statusMessageBuilder == null) {
statusMessageBuilder = new StatusMessageBuilder();
}
Status status = statusBuilder.buildObject();
StatusCode statusCode = statusCodeBuilder.buildObject();
statusCode.setValue(statusCodeValue);
status.setStatusCode(statusCode);
if (statusMessage != null) {
StatusMessage statusMessageObject = statusMessageBuilder.buildObject();
statusMessageObject.setMessage(statusMessage);
status.setStatusMessage(statusMessageObject);
}
return status;
}
Example #7
| Source File: SAML2PResponseComponentBuilder.java From cxf-fediz with Apache License 2.0 | 6 votes |
|
@SuppressWarnings("unchecked")
public static Response createSAMLResponse(
String inResponseTo,
String issuer,
Status status
) {
if (responseBuilder == null) {
responseBuilder = (SAMLObjectBuilder<Response>)
builderFactory.getBuilder(Response.DEFAULT_ELEMENT_NAME);
}
Response response = responseBuilder.buildObject();
response.setID("_" + UUID.randomUUID().toString());
response.setIssueInstant(new DateTime());
response.setInResponseTo(inResponseTo);
response.setIssuer(createIssuer(issuer));
response.setStatus(status);
response.setVersion(SAMLVersion.VERSION_20);
return response;
}
Example #8
| Source File: SAMLResponseTest.java From cxf-fediz with Apache License 2.0 | 6 votes |
|
private Element createLogoutResponse(String statusValue, String destination,
boolean sign, String requestID) throws Exception {
DocumentBuilder docBuilder = docBuilderFactory.newDocumentBuilder();
Document doc = docBuilder.newDocument();
Status status =
SAML2PResponseComponentBuilder.createStatus(statusValue, null);
LogoutResponse response =
SAML2PResponseComponentBuilder.createSAMLLogoutResponse(requestID, TEST_IDP_ISSUER, status, destination);
// Sign the LogoutResponse
if (sign) {
signResponse(response, "mystskey");
}
Element policyElement = OpenSAMLUtil.toDom(response, doc);
doc.appendChild(policyElement);
return policyElement;
}
Example #9
| Source File: SamlSingleLogoutFunction.java From armeria with Apache License 2.0 | 6 votes |
|
private LogoutResponse createLogoutResponse(LogoutRequest logoutRequest,
String statusCode) {
final StatusCode success = build(StatusCode.DEFAULT_ELEMENT_NAME);
success.setValue(statusCode);
final Status status = build(Status.DEFAULT_ELEMENT_NAME);
status.setStatusCode(success);
final Issuer me = build(Issuer.DEFAULT_ELEMENT_NAME);
me.setValue(entityId);
final LogoutResponse logoutResponse = build(LogoutResponse.DEFAULT_ELEMENT_NAME);
logoutResponse.setIssuer(me);
logoutResponse.setID(requestIdManager.newId());
logoutResponse.setIssueInstant(DateTime.now());
logoutResponse.setStatus(status);
logoutResponse.setInResponseTo(logoutRequest.getID());
return logoutResponse;
}
Example #10
| Source File: SamlResponseCreator.java From cxf-fediz with Apache License 2.0 | 6 votes |
|
protected Element createResponse(Idp idp, String requestID, Assertion assertion) throws Exception {
Document doc = DOMUtils.newDocument();
Status status =
SAML2PResponseComponentBuilder.createStatus(
"urn:oasis:names:tc:SAML:2.0:status:Success", null
);
String issuer = isUseRealmForIssuer() ? idp.getRealm() : idp.getIdpUrl().toString();
Response response =
SAML2PResponseComponentBuilder.createSAMLResponse(requestID, issuer, status);
response.getAssertions().add(assertion);
Element policyElement = OpenSAMLUtil.toDom(response, doc);
doc.appendChild(policyElement);
return policyElement;
}
Example #11
| Source File: AbstractSamlResponseCreator.java From cxf-fediz with Apache License 2.0 | 6 votes |
|
protected Element createLogoutResponse(Idp idp, String statusValue,
String destination, String requestID) throws Exception {
Document doc = DOMUtils.newDocument();
Status status =
SAML2PResponseComponentBuilder.createStatus(statusValue, null);
String issuer = useRealmForIssuer ? idp.getRealm() : idp.getIdpUrl().toString();
LogoutResponse response =
SAML2PResponseComponentBuilder.createSAMLLogoutResponse(requestID, issuer, status, destination);
// Sign the LogoutResponse
signResponse(response, idp);
Element policyElement = OpenSAMLUtil.toDom(response, doc);
doc.appendChild(policyElement);
return policyElement;
}
Example #12
| Source File: ResponseServiceTest.java From verify-service-provider with MIT License | 6 votes |
|
private ResponseBuilder createAttributeResponseBuilder(Status samlStatus) {
return aResponse()
.withStatus(samlStatus)
.withNoDefaultAssertion()
.addEncryptedAssertion(aDefaultAssertion()
.addAttributeStatement(
anAttributeStatement()
.addAttribute(new SimpleStringAttributeBuilder()
.withName("FIRST_NAME")
.withSimpleStringValue("Bob")
.build())
.addAttribute(createVerifiedAttribute("FIRST_NAME_VERIFIED", true))
.build())
.buildWithEncrypterCredential(encryptionCredentialFactory.getEncryptingCredential())
);
}
Example #13
| Source File: SAML2PResponseComponentBuilder.java From cxf-fediz with Apache License 2.0 | 6 votes |
|
@SuppressWarnings("unchecked")
public static Response createSAMLResponse(
String inResponseTo,
String issuer,
Status status
) {
if (responseBuilder == null) {
responseBuilder = (SAMLObjectBuilder<Response>)
builderFactory.getBuilder(Response.DEFAULT_ELEMENT_NAME);
}
Response response = responseBuilder.buildObject();
response.setID("_" + UUID.randomUUID().toString());
response.setIssueInstant(new DateTime());
response.setInResponseTo(inResponseTo);
response.setIssuer(createIssuer(issuer));
response.setStatus(status);
response.setVersion(SAMLVersion.VERSION_20);
return response;
}
Example #14
| Source File: ResponseServiceTest.java From verify-service-provider with MIT License | 6 votes |
|
@Test
public void shouldFailValidationWhenHubResponseIsNotSigned() throws Exception {
expectedException.expect(SamlTransformationErrorException.class);
expectedException.expectMessage("SAML Validation Specification: Message signature is not signed");
Status successStatus = aStatus().
withStatusCode(aStatusCode().withValue(StatusCode.SUCCESS).build())
.build();
Response response = createNoAttributeResponseBuilder(successStatus).withoutSigning().build();
EntityDescriptor entityDescriptor = createEntityDescriptorWithSigningCertificate(TEST_RP_PUBLIC_SIGNING_CERT);
when(hubMetadataResolver.resolve(any())).thenReturn(ImmutableList.of(entityDescriptor));
matchingResponseService.convertTranslatedResponseBody(
responseToBase64StringTransformer.apply(response),
response.getInResponseTo(),
LevelOfAssurance.LEVEL_2,
VERIFY_SERVICE_PROVIDER_ENTITY_ID
);
}
Example #15
| Source File: ResponseServiceTest.java From verify-service-provider with MIT License | 6 votes |
|
@Test
public void shouldFailValidationWhenHubMetadataDoesNotContainCorrectCertificate() throws Exception {
expectedException.expect(SamlTransformationErrorException.class);
expectedException.expectMessage("SAML Validation Specification: Signature was not valid.");
Status successStatus = aStatus().
withStatusCode(aStatusCode().withValue(StatusCode.SUCCESS).build())
.build();
Response response = signResponse(createNoAttributeResponseBuilder(successStatus), testRpSigningCredential);
EntityDescriptor entityDescriptor = createEntityDescriptorWithSigningCertificate(TEST_PUBLIC_CERT);
when(hubMetadataResolver.resolve(any())).thenReturn(ImmutableList.of(entityDescriptor));
matchingResponseService.convertTranslatedResponseBody(
responseToBase64StringTransformer.apply(response),
response.getInResponseTo(),
LevelOfAssurance.LEVEL_2,
VERIFY_SERVICE_PROVIDER_ENTITY_ID
);
}
Example #16
| Source File: ResponseServiceTest.java From verify-service-provider with MIT License | 6 votes |
|
@Test
public void shouldFailWhenUnrecognizedSubStatus() throws Exception {
expectedException.expect(SamlResponseValidationException.class);
expectedException.expectMessage("Unknown SAML sub-status: UNKNOWN");
EntityDescriptor entityDescriptor = createEntityDescriptorWithSigningCertificate(TEST_RP_PUBLIC_SIGNING_CERT);
when(hubMetadataResolver.resolve(any())).thenReturn(ImmutableList.of(entityDescriptor));
Status noMatchStatus = aStatus().
withStatusCode(
aStatusCode()
.withValue(StatusCode.RESPONDER)
.withSubStatusCode(aStatusCode().withValue("UNKNOWN").build())
.build())
.build();
Response response = signResponse(createNoAttributeResponseBuilder(noMatchStatus), testRpSigningCredential);
matchingResponseService.convertTranslatedResponseBody(
responseToBase64StringTransformer.apply(response),
response.getInResponseTo(),
LevelOfAssurance.LEVEL_2,
VERIFY_SERVICE_PROVIDER_ENTITY_ID
);
}
Example #17
| Source File: ResponseServiceTest.java From verify-service-provider with MIT License | 6 votes |
|
@Test
public void shouldFailWhenUnrecognizedStatus() throws Exception {
expectedException.expect(SamlResponseValidationException.class);
expectedException.expectMessage("Unknown SAML status: UNKNOWN");
EntityDescriptor entityDescriptor = createEntityDescriptorWithSigningCertificate(TEST_RP_PUBLIC_SIGNING_CERT);
when(hubMetadataResolver.resolve(any())).thenReturn(ImmutableList.of(entityDescriptor));
Status noMatchStatus = aStatus().
withStatusCode(
aStatusCode()
.withValue("UNKNOWN")
.build())
.build();
Response response = signResponse(createNoAttributeResponseBuilder(noMatchStatus), testRpSigningCredential);
matchingResponseService.convertTranslatedResponseBody(
responseToBase64StringTransformer.apply(response),
response.getInResponseTo(),
LevelOfAssurance.LEVEL_2,
VERIFY_SERVICE_PROVIDER_ENTITY_ID
);
}
Example #18
| Source File: ResponseServiceTest.java From verify-service-provider with MIT License | 6 votes |
|
@Test
public void shouldHandleAuthenticationFailedSaml() throws Exception {
EntityDescriptor entityDescriptor = createEntityDescriptorWithSigningCertificate(TEST_RP_PUBLIC_SIGNING_CERT);
when(hubMetadataResolver.resolve(any())).thenReturn(ImmutableList.of(entityDescriptor));
Status noMatchStatus = aStatus().
withStatusCode(
aStatusCode()
.withValue(StatusCode.RESPONDER)
.withSubStatusCode(aStatusCode().withValue(StatusCode.AUTHN_FAILED).build())
.build())
.build();
Response response = signResponse(createNoAttributeResponseBuilder(noMatchStatus), testRpSigningCredential);
TranslatedMatchingResponseBody result = (TranslatedMatchingResponseBody) matchingResponseService.convertTranslatedResponseBody(
responseToBase64StringTransformer.apply(response),
response.getInResponseTo(),
LevelOfAssurance.LEVEL_2,
VERIFY_SERVICE_PROVIDER_ENTITY_ID
);
assertThat(result.getScenario()).isEqualTo(AUTHENTICATION_FAILED);
}
Example #19
| Source File: ResponseServiceTest.java From verify-service-provider with MIT License | 6 votes |
|
@Test
public void shouldHandleNoAuthnContextSaml() throws Exception {
EntityDescriptor entityDescriptor = createEntityDescriptorWithSigningCertificate(TEST_RP_PUBLIC_SIGNING_CERT);
when(hubMetadataResolver.resolve(any())).thenReturn(ImmutableList.of(entityDescriptor));
Status noMatchStatus = aStatus().
withStatusCode(
aStatusCode()
.withValue(StatusCode.RESPONDER)
.withSubStatusCode(aStatusCode().withValue(StatusCode.NO_AUTHN_CONTEXT).build())
.build())
.build();
Response response = signResponse(createNoAttributeResponseBuilder(noMatchStatus), testRpSigningCredential);
TranslatedMatchingResponseBody result = (TranslatedMatchingResponseBody) matchingResponseService.convertTranslatedResponseBody(
responseToBase64StringTransformer.apply(response),
response.getInResponseTo(),
LevelOfAssurance.LEVEL_2,
VERIFY_SERVICE_PROVIDER_ENTITY_ID
);
assertThat(result.getScenario()).isEqualTo(CANCELLATION);
}
Example #20
| Source File: ResponseServiceTest.java From verify-service-provider with MIT License | 6 votes |
|
@Test
public void shouldHandleRequestErrorSaml() throws Exception {
EntityDescriptor entityDescriptor = createEntityDescriptorWithSigningCertificate(TEST_RP_PUBLIC_SIGNING_CERT);
when(hubMetadataResolver.resolve(any())).thenReturn(ImmutableList.of(entityDescriptor));
Status noMatchStatus = aStatus().
withStatusCode(
aStatusCode()
.withValue(StatusCode.RESPONDER)
.withSubStatusCode(aStatusCode().withValue(StatusCode.REQUESTER).build())
.build())
.build();
Response response = signResponse(createNoAttributeResponseBuilder(noMatchStatus), testRpSigningCredential);
TranslatedMatchingResponseBody result = (TranslatedMatchingResponseBody) matchingResponseService.convertTranslatedResponseBody(
responseToBase64StringTransformer.apply(response),
response.getInResponseTo(),
LevelOfAssurance.LEVEL_2,
VERIFY_SERVICE_PROVIDER_ENTITY_ID
);
assertThat(result.getScenario()).isEqualTo(REQUEST_ERROR);
}
Example #21
| Source File: ResponseServiceTest.java From verify-service-provider with MIT License | 6 votes |
|
@Test
public void shouldHandleNoMatchSaml() throws Exception {
EntityDescriptor entityDescriptor = createEntityDescriptorWithSigningCertificate(TEST_RP_PUBLIC_SIGNING_CERT);
when(hubMetadataResolver.resolve(any())).thenReturn(ImmutableList.of(entityDescriptor));
Status noMatchStatus = aStatus().
withStatusCode(
aStatusCode()
.withValue(StatusCode.RESPONDER)
.withSubStatusCode(aStatusCode().withValue(SamlStatusCode.NO_MATCH).build())
.build())
.build();
Response response = signResponse(createNoAttributeResponseBuilder(noMatchStatus), testRpSigningCredential);
TranslatedMatchingResponseBody result = (TranslatedMatchingResponseBody) matchingResponseService.convertTranslatedResponseBody(
responseToBase64StringTransformer.apply(response),
response.getInResponseTo(),
LevelOfAssurance.LEVEL_2,
VERIFY_SERVICE_PROVIDER_ENTITY_ID
);
assertThat(result.getScenario()).isEqualTo(NO_MATCH);
}
Example #22
| Source File: ResponseServiceTest.java From verify-service-provider with MIT License | 6 votes |
|
@Test
public void matchingResponseServiceShouldHandleAccountCreationSaml() throws Exception {
EntityDescriptor entityDescriptor = createEntityDescriptorWithSigningCertificate(TEST_RP_PUBLIC_SIGNING_CERT);
when(hubMetadataResolver.resolve(any())).thenReturn(ImmutableList.of(entityDescriptor));
Status successStatus = aStatus().
withStatusCode(aStatusCode().withValue(StatusCode.SUCCESS).build())
.build();
Response response = signResponse(createAttributeResponseBuilder(successStatus), testRpSigningCredential);
TranslatedMatchingResponseBody result = (TranslatedMatchingResponseBody) matchingResponseService.convertTranslatedResponseBody(
responseToBase64StringTransformer.apply(response),
response.getInResponseTo(),
LevelOfAssurance.LEVEL_2,
VERIFY_SERVICE_PROVIDER_ENTITY_ID
);
assertThat(result.getScenario()).isEqualTo(ACCOUNT_CREATION);
assertThat(result.getAttributes()).isNotNull();
}
Example #23
| Source File: ResponseServiceTest.java From verify-service-provider with MIT License | 6 votes |
|
@Test
public void matchingResponseServiceShouldHandleSuccessMatchSaml() throws Exception {
EntityDescriptor entityDescriptor = createEntityDescriptorWithSigningCertificate(TEST_RP_PUBLIC_SIGNING_CERT);
when(hubMetadataResolver.resolve(any())).thenReturn(ImmutableList.of(entityDescriptor));
Status successStatus = aStatus().
withStatusCode(aStatusCode().withValue(StatusCode.SUCCESS).build())
.build();
Response response = signResponse(createNoAttributeResponseBuilder(successStatus), testRpSigningCredential);
TranslatedResponseBody result = matchingResponseService.convertTranslatedResponseBody(
responseToBase64StringTransformer.apply(response),
response.getInResponseTo(),
LevelOfAssurance.LEVEL_2,
VERIFY_SERVICE_PROVIDER_ENTITY_ID
);
assertThat(result).isEqualTo(new TranslatedMatchingResponseBody(
SUCCESS_MATCH,
"some-pid",
LevelOfAssurance.LEVEL_2,
null
));
}
Example #24
| Source File: SAMLLogoutTest.java From cxf-fediz with Apache License 2.0 | 6 votes |
|
private Element createLogoutResponse(String statusValue, String destination,
boolean sign, String requestID) throws Exception {
DocumentBuilder docBuilder = docBuilderFactory.newDocumentBuilder();
Document doc = docBuilder.newDocument();
Status status =
SAML2PResponseComponentBuilder.createStatus(statusValue, null);
LogoutResponse response =
SAML2PResponseComponentBuilder.createSAMLLogoutResponse(requestID, TEST_IDP_ISSUER, status, destination);
// Sign the LogoutResponse
if (sign) {
signResponse(response, "mystskey");
}
Element policyElement = OpenSAMLUtil.toDom(response, doc);
doc.appendChild(policyElement);
return policyElement;
}
Example #25
| Source File: SAML2PResponseComponentBuilder.java From cxf-fediz with Apache License 2.0 | 5 votes |
|
@SuppressWarnings("unchecked")
public static Status createStatus(
String statusCodeValue,
String statusMessage
) {
if (statusBuilder == null) {
statusBuilder = (SAMLObjectBuilder<Status>)
builderFactory.getBuilder(Status.DEFAULT_ELEMENT_NAME);
}
if (statusCodeBuilder == null) {
statusCodeBuilder = (SAMLObjectBuilder<StatusCode>)
builderFactory.getBuilder(StatusCode.DEFAULT_ELEMENT_NAME);
}
if (statusMessageBuilder == null) {
statusMessageBuilder = (SAMLObjectBuilder<StatusMessage>)
builderFactory.getBuilder(StatusMessage.DEFAULT_ELEMENT_NAME);
}
Status status = statusBuilder.buildObject();
StatusCode statusCode = statusCodeBuilder.buildObject();
statusCode.setValue(statusCodeValue);
status.setStatusCode(statusCode);
if (statusMessage != null) {
StatusMessage statusMessageObject = statusMessageBuilder.buildObject();
statusMessageObject.setMessage(statusMessage);
status.setStatusMessage(statusMessageObject);
}
return status;
}
Example #26
| Source File: SamlResponseErrorCreator.java From cxf-fediz with Apache License 2.0 | 5 votes |
|
public String createSAMLResponse(RequestContext context, boolean logout, boolean requestor,
Idp idp, String requestID, String destination) throws ProcessingException {
Document doc = DOMUtils.newDocument();
String statusValue = "urn:oasis:names:tc:SAML:2.0:status:Responder";
if (requestor) {
statusValue = "urn:oasis:names:tc:SAML:2.0:status:Requester";
}
Status status =
SAML2PResponseComponentBuilder.createStatus(statusValue, null);
Element responseElement = null;
try {
if (logout) {
responseElement = createLogoutResponse(idp, statusValue, destination, requestID);
} else {
Response response =
SAML2PResponseComponentBuilder.createSAMLResponse(requestID, idp.getRealm(), status);
Element policyElement = OpenSAMLUtil.toDom(response, doc);
doc.appendChild(policyElement);
responseElement = policyElement;
}
return encodeResponse(responseElement);
} catch (Exception e) {
LOG.warn("Error marshalling SAML Token: {}", e.getMessage());
throw new ProcessingException(TYPE.BAD_REQUEST);
}
}
Example #27
| Source File: SAMLResponseConformanceTest.java From cxf-fediz with Apache License 2.0 | 5 votes |
|
private Element createSamlResponse(SamlAssertionWrapper assertion, String alias,
boolean sign, String requestID, Issuer issuer)
throws IOException, UnsupportedCallbackException, WSSecurityException, Exception {
WSPasswordCallback[] cb = {
new WSPasswordCallback(alias, WSPasswordCallback.SIGNATURE)
};
cbPasswordHandler.handle(cb);
String password = cb[0].getPassword();
if (sign) {
assertion.signAssertion(alias, password, crypto, false);
}
DocumentBuilder docBuilder = docBuilderFactory.newDocumentBuilder();
Document doc = docBuilder.newDocument();
Status status =
SAML2PResponseComponentBuilder.createStatus(
"urn:oasis:names:tc:SAML:2.0:status:Success", null
);
Issuer responseIssuer = issuer;
if (responseIssuer == null) {
responseIssuer = SAML2PResponseComponentBuilder.createIssuer(assertion.getIssuerString());
}
Response response =
SAML2PResponseComponentBuilder.createSAMLResponse(requestID,
responseIssuer,
status);
response.getAssertions().add(assertion.getSaml2());
Element policyElement = OpenSAMLUtil.toDom(response, doc);
doc.appendChild(policyElement);
return policyElement;
}
Example #28
| Source File: SAMLSSOResponseValidatorTest.java From cxf with Apache License 2.0 | 5 votes |
|
private Response createResponse(
SubjectConfirmationDataBean subjectConfirmationData,
SAML2CallbackHandler callbackHandler
) throws Exception {
Document doc = DOMUtils.createDocument();
Status status =
SAML2PResponseComponentBuilder.createStatus(
SAMLProtocolResponseValidator.SAML2_STATUSCODE_SUCCESS, null
);
Response response =
SAML2PResponseComponentBuilder.createSAMLResponse(
"http://cxf.apache.org/saml", "http://cxf.apache.org/issuer", status
);
// Create an AuthenticationAssertion
SAMLCallback samlCallback = new SAMLCallback();
SAMLUtil.doSAMLCallback(callbackHandler, samlCallback);
SamlAssertionWrapper assertion = new SamlAssertionWrapper(samlCallback);
response.getAssertions().add(assertion.getSaml2());
Element policyElement = OpenSAMLUtil.toDom(response, doc);
doc.appendChild(policyElement);
assertNotNull(policyElement);
return (Response)OpenSAMLUtil.fromDom(policyElement);
}
Example #29
| Source File: SAML2PResponseComponentBuilder.java From cxf-fediz with Apache License 2.0 | 5 votes |
|
@SuppressWarnings("unchecked")
public static Status createStatus(
String statusCodeValue,
String statusMessage
) {
if (statusBuilder == null) {
statusBuilder = (SAMLObjectBuilder<Status>)
builderFactory.getBuilder(Status.DEFAULT_ELEMENT_NAME);
}
if (statusCodeBuilder == null) {
statusCodeBuilder = (SAMLObjectBuilder<StatusCode>)
builderFactory.getBuilder(StatusCode.DEFAULT_ELEMENT_NAME);
}
if (statusMessageBuilder == null) {
statusMessageBuilder = (SAMLObjectBuilder<StatusMessage>)
builderFactory.getBuilder(StatusMessage.DEFAULT_ELEMENT_NAME);
}
Status status = statusBuilder.buildObject();
StatusCode statusCode = statusCodeBuilder.buildObject();
statusCode.setValue(statusCodeValue);
status.setStatusCode(statusCode);
if (statusMessage != null) {
StatusMessage statusMessageObject = statusMessageBuilder.buildObject();
statusMessageObject.setMessage(statusMessage);
status.setStatusMessage(statusMessageObject);
}
return status;
}
Example #30
| Source File: SAMLResponseValidatorTest.java From cxf with Apache License 2.0 | 5 votes |
|
@org.junit.Test
public void testCreateAndValidateResponse() throws Exception {
Document doc = DOMUtils.createDocument();
Status status =
SAML2PResponseComponentBuilder.createStatus(
SAMLProtocolResponseValidator.SAML2_STATUSCODE_SUCCESS, null
);
Response response =
SAML2PResponseComponentBuilder.createSAMLResponse(
"http://cxf.apache.org/saml", "http://cxf.apache.org/issuer", status
);
// Create an AuthenticationAssertion
SAML2CallbackHandler callbackHandler = new SAML2CallbackHandler();
callbackHandler.setStatement(SAML2CallbackHandler.Statement.AUTHN);
callbackHandler.setIssuer("http://cxf.apache.org/issuer");
callbackHandler.setConfirmationMethod(SAML2Constants.CONF_SENDER_VOUCHES);
SAMLCallback samlCallback = new SAMLCallback();
SAMLUtil.doSAMLCallback(callbackHandler, samlCallback);
SamlAssertionWrapper assertion = new SamlAssertionWrapper(samlCallback);
response.getAssertions().add(assertion.getSaml2());
Element policyElement = OpenSAMLUtil.toDom(response, doc);
doc.appendChild(policyElement);
assertNotNull(policyElement);
Response marshalledResponse = (Response)OpenSAMLUtil.fromDom(policyElement);
// Validate the Response
SAMLProtocolResponseValidator validator = new SAMLProtocolResponseValidator();
validator.validateSamlResponse(marshalledResponse, null, null);
}
