• 设为首页
  • 点击收藏
  • 手机版
    手机扫一扫访问
    迪恩网络手机版
  • 关注官方公众号
    微信扫一扫关注
    迪恩网络公众号

Java AuthnRequest类代码示例

原作者: [db:作者] 来自: [db:来源] 收藏 邀请

本文整理汇总了Java中org.opensaml.saml.saml2.core.AuthnRequest的典型用法代码示例。如果您正苦于以下问题:Java AuthnRequest类的具体用法?Java AuthnRequest怎么用?Java AuthnRequest使用的例子?那么恭喜您, 这里精选的类代码示例或许可以为您提供帮助。



AuthnRequest类属于org.opensaml.saml.saml2.core包,在下文中一共展示了AuthnRequest类的20个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于我们的系统推荐出更棒的Java代码示例。

示例1: buildSamlResponse

import org.opensaml.saml.saml2.core.AuthnRequest; //导入依赖的package包/类
/**
 * Build saml response.
 *
 * @param response              the response
 * @param request               the request
 * @param authenticationContext the authentication context
 * @param casAssertion          the cas assertion
 * @param binding               the binding
 */
protected void buildSamlResponse(final HttpServletResponse response,
                                 final HttpServletRequest request,
                                 final Pair<AuthnRequest, MessageContext> authenticationContext,
                                 final Assertion casAssertion,
                                 final String binding) {
    final String issuer = SamlIdPUtils.getIssuerFromSamlRequest(authenticationContext.getKey());
    LOGGER.debug("Located issuer [{}] from authentication context", issuer);

    final SamlRegisteredService registeredService = verifySamlRegisteredService(issuer);

    LOGGER.debug("Located SAML metadata for [{}]", registeredService);
    final Optional<SamlRegisteredServiceServiceProviderMetadataFacade> adaptor =
            getSamlMetadataFacadeFor(registeredService, authenticationContext.getKey());

    if (!adaptor.isPresent()) {
        throw new UnauthorizedServiceException(UnauthorizedServiceException.CODE_UNAUTHZ_SERVICE, "Cannot find metadata linked to " + issuer);
    }
    LOGGER.debug("Preparing SAML response for [{}]", adaptor.get().getEntityId());
    final SamlRegisteredServiceServiceProviderMetadataFacade facade = adaptor.get();
    final AuthnRequest authnRequest = authenticationContext.getKey();
    this.responseBuilder.build(authnRequest, request, response,
            casAssertion, registeredService, facade, binding);
    LOGGER.info("Built the SAML response for [{}]", facade.getEntityId());
}
 
开发者ID:mrluo735,项目名称:cas-5.1.0,代码行数:34,代码来源:AbstractSamlProfileHandlerController.java


示例2: retrieveSamlAuthenticationRequestFromHttpRequest

import org.opensaml.saml.saml2.core.AuthnRequest; //导入依赖的package包/类
/**
 * Retrieve authn request authn request.
 *
 * @param request the request
 * @return the authn request
 * @throws Exception the exception
 */
protected AuthnRequest retrieveSamlAuthenticationRequestFromHttpRequest(final HttpServletRequest request) throws Exception {
    LOGGER.debug("Retrieving authentication request from scope");
    final String requestValue = request.getParameter(SamlProtocolConstants.PARAMETER_SAML_REQUEST);
    if (StringUtils.isBlank(requestValue)) {
        throw new IllegalArgumentException("SAML request could not be determined from the authentication request");
    }
    final byte[] encodedRequest = EncodingUtils.decodeBase64(requestValue.getBytes(StandardCharsets.UTF_8));
    final AuthnRequest authnRequest = (AuthnRequest)
            XMLObjectSupport.unmarshallFromInputStream(this.configBean.getParserPool(), new ByteArrayInputStream(encodedRequest));
    return authnRequest;
}
 
开发者ID:mrluo735,项目名称:cas-5.1.0,代码行数:19,代码来源:AbstractSamlProfileHandlerController.java


示例3: issueAuthenticationRequestRedirect

import org.opensaml.saml.saml2.core.AuthnRequest; //导入依赖的package包/类
/**
 * Redirect request for authentication.
 *
 * @param pair     the pair
 * @param request  the request
 * @param response the response
 * @throws Exception the exception
 */
protected void issueAuthenticationRequestRedirect(final Pair<? extends SignableSAMLObject, MessageContext> pair,
                                                  final HttpServletRequest request,
                                                  final HttpServletResponse response) throws Exception {
    final AuthnRequest authnRequest = AuthnRequest.class.cast(pair.getLeft());
    final String serviceUrl = constructServiceUrl(request, response, pair);
    LOGGER.debug("Created service url [{}]", serviceUrl);

    final String initialUrl = CommonUtils.constructRedirectUrl(this.loginUrl,
            CasProtocolConstants.PARAMETER_SERVICE, serviceUrl, authnRequest.isForceAuthn(),
            authnRequest.isPassive());

    final String urlToRedirectTo = buildRedirectUrlByRequestedAuthnContext(initialUrl, authnRequest, request);

    LOGGER.debug("Redirecting SAML authN request to [{}]", urlToRedirectTo);
    final AuthenticationRedirectStrategy authenticationRedirectStrategy = new DefaultAuthenticationRedirectStrategy();
    authenticationRedirectStrategy.redirect(request, response, urlToRedirectTo);

}
 
开发者ID:mrluo735,项目名称:cas-5.1.0,代码行数:27,代码来源:AbstractSamlProfileHandlerController.java


示例4: verifySamlAuthenticationRequest

import org.opensaml.saml.saml2.core.AuthnRequest; //导入依赖的package包/类
/**
 * Verify saml authentication request.
 *
 * @param authenticationContext the pair
 * @param request               the request
 * @return the pair
 * @throws Exception the exception
 */
protected Pair<SamlRegisteredService, SamlRegisteredServiceServiceProviderMetadataFacade> verifySamlAuthenticationRequest(
        final Pair<? extends SignableSAMLObject, MessageContext> authenticationContext,
        final HttpServletRequest request) throws Exception {
    final AuthnRequest authnRequest = AuthnRequest.class.cast(authenticationContext.getKey());
    final String issuer = SamlIdPUtils.getIssuerFromSamlRequest(authnRequest);
    LOGGER.debug("Located issuer [{}] from authentication request", issuer);

    final SamlRegisteredService registeredService = verifySamlRegisteredService(issuer);
    LOGGER.debug("Fetching saml metadata adaptor for [{}]", issuer);
    final Optional<SamlRegisteredServiceServiceProviderMetadataFacade> adaptor =
            SamlRegisteredServiceServiceProviderMetadataFacade.get(this.samlRegisteredServiceCachingMetadataResolver,
                    registeredService, authnRequest);

    if (!adaptor.isPresent()) {
        LOGGER.warn("No metadata could be found for [{}]", issuer);
        throw new UnauthorizedServiceException(UnauthorizedServiceException.CODE_UNAUTHZ_SERVICE, "Cannot find metadata linked to " + issuer);
    }

    verifyAuthenticationContextSignature(authenticationContext, request, authnRequest, adaptor.get());
    SamlUtils.logSamlObject(this.configBean, authnRequest);
    return Pair.of(registeredService, adaptor.get());
}
 
开发者ID:mrluo735,项目名称:cas-5.1.0,代码行数:31,代码来源:AbstractSamlProfileHandlerController.java


示例5: verifyAuthenticationContextSignature

import org.opensaml.saml.saml2.core.AuthnRequest; //导入依赖的package包/类
/**
 * Verify authentication context signature.
 *
 * @param authenticationContext the authentication context
 * @param request               the request
 * @param authnRequest          the authn request
 * @param adaptor               the adaptor
 * @throws Exception the exception
 */
protected void verifyAuthenticationContextSignature(final Pair<? extends SignableSAMLObject, MessageContext> authenticationContext,
                                                    final HttpServletRequest request, final AuthnRequest authnRequest,
                                                    final SamlRegisteredServiceServiceProviderMetadataFacade adaptor) throws Exception {
    final MessageContext ctx = authenticationContext.getValue();
    if (!SAMLBindingSupport.isMessageSigned(ctx)) {
        LOGGER.debug("The authentication context is not signed");
        if (adaptor.isAuthnRequestsSigned()) {
            LOGGER.error("Metadata for [{}] says authentication requests are signed, yet authentication request is not", adaptor.getEntityId());
            throw new SAMLException("AuthN request is not signed but should be");
        }
        LOGGER.debug("Authentication request is not signed, so there is no need to verify its signature.");
    } else {
        LOGGER.debug("The authentication context is signed; Proceeding to validate signatures...");
        this.samlObjectSignatureValidator.verifySamlProfileRequestIfNeeded(authnRequest, adaptor, request, ctx);
    }
}
 
开发者ID:mrluo735,项目名称:cas-5.1.0,代码行数:26,代码来源:AbstractSamlProfileHandlerController.java


示例6: handleCallbackProfileRequest

import org.opensaml.saml.saml2.core.AuthnRequest; //导入依赖的package包/类
/**
 * Handle callback profile request.
 *
 * @param response the response
 * @param request  the request
 * @throws Exception the exception
 */
@GetMapping(path = SamlIdPConstants.ENDPOINT_SAML2_SSO_PROFILE_POST_CALLBACK)
protected void handleCallbackProfileRequest(final HttpServletResponse response, final HttpServletRequest request) throws Exception {

    LOGGER.info("Received SAML callback profile request [{}]", request.getRequestURI());
    final AuthnRequest authnRequest = retrieveSamlAuthenticationRequestFromHttpRequest(request);
    if (authnRequest == null) {
        LOGGER.error("Can not validate the request because the original Authn request can not be found.");
        response.setStatus(HttpServletResponse.SC_FORBIDDEN);
        return;
    }

    final String ticket = CommonUtils.safeGetParameter(request, CasProtocolConstants.PARAMETER_TICKET);
    if (StringUtils.isBlank(ticket)) {
        LOGGER.error("Can not validate the request because no [{}] is provided via the request", CasProtocolConstants.PARAMETER_TICKET);
        response.setStatus(HttpServletResponse.SC_FORBIDDEN);
        return;
    }

    final Pair<AuthnRequest, MessageContext> authenticationContext = buildAuthenticationContextPair(request, authnRequest);
    final Assertion assertion = validateRequestAndBuildCasAssertion(response, request, authenticationContext);
    buildSamlResponse(response, request, authenticationContext, assertion, SAMLConstants.SAML2_POST_BINDING_URI);
}
 
开发者ID:mrluo735,项目名称:cas-5.1.0,代码行数:30,代码来源:SSOPostProfileCallbackHandlerController.java


示例7: validateRequestAndBuildCasAssertion

import org.opensaml.saml.saml2.core.AuthnRequest; //导入依赖的package包/类
private Assertion validateRequestAndBuildCasAssertion(final HttpServletResponse response,
                                                      final HttpServletRequest request,
                                                      final Pair<AuthnRequest, MessageContext> pair) throws Exception {
    final AuthnRequest authnRequest = pair.getKey();
    final String ticket = CommonUtils.safeGetParameter(request, CasProtocolConstants.PARAMETER_TICKET);
    final Cas30ServiceTicketValidator validator = new Cas30ServiceTicketValidator(this.serverPrefix);

    final HttpsURLConnectionFactory factory = new HttpsURLConnectionFactory();
    factory.setHostnameVerifier(this.hostnameVerifier);
    validator.setURLConnectionFactory(factory);
    
    validator.setRenew(authnRequest.isForceAuthn());
    final String serviceUrl = constructServiceUrl(request, response, pair);
    LOGGER.debug("Created service url for validation: [{}]", serviceUrl);
    final Assertion assertion = validator.validate(ticket, serviceUrl);
    logCasValidationAssertion(assertion);
    return assertion;
}
 
开发者ID:mrluo735,项目名称:cas-5.1.0,代码行数:19,代码来源:SSOPostProfileCallbackHandlerController.java


示例8: finalizeNameId

import org.opensaml.saml.saml2.core.AuthnRequest; //导入依赖的package包/类
/**
 * Finalize name id name id.
 *
 * @param nameid               the nameid
 * @param authnRequest         the authn request
 * @param assertion            the assertion
 * @param supportedNameFormats the supported name formats
 * @param service              the service
 * @param adaptor              the adaptor
 * @return the name id
 */
protected NameID finalizeNameId(final NameID nameid,
                                final AuthnRequest authnRequest,
                                final Assertion assertion,
                                final List<String> supportedNameFormats,
                                final SamlRegisteredService service,
                                final SamlRegisteredServiceServiceProviderMetadataFacade adaptor) {
    
    if (StringUtils.isNotBlank(service.getNameIdQualifier())) {
        nameid.setNameQualifier(service.getNameIdQualifier());
    }
    if (StringUtils.isNotBlank(service.getServiceProviderNameIdQualifier())) {
        nameid.setNameQualifier(service.getServiceProviderNameIdQualifier());
    }

    return nameid;
}
 
开发者ID:mrluo735,项目名称:cas-5.1.0,代码行数:28,代码来源:SamlProfileSamlNameIdBuilder.java


示例9: encodeNameIdBasedOnNameFormat

import org.opensaml.saml.saml2.core.AuthnRequest; //导入依赖的package包/类
/**
 * Encode name id based on name format name id.
 *
 * @param authnRequest the authn request
 * @param assertion    the assertion
 * @param nameFormat   the name format
 * @param service      the service
 * @param adaptor      the adaptor
 * @return the name id
 */
protected NameID encodeNameIdBasedOnNameFormat(final AuthnRequest authnRequest,
                                               final Assertion assertion,
                                               final String nameFormat,
                                               final SamlRegisteredService service,
                                               final SamlRegisteredServiceServiceProviderMetadataFacade adaptor) {
    try {
        final IdPAttribute attribute = prepareNameIdAttribute(assertion);
        final SAML2StringNameIDEncoder encoder = prepareNameIdEncoder(authnRequest, nameFormat, attribute, service, adaptor);
        LOGGER.debug("Encoding NameID based on [{}]", nameFormat);
        final NameID nameid = encoder.encode(attribute);
        LOGGER.debug("Final NameID encoded with format [{}] has value [{}]", nameid.getFormat(), nameid.getValue());
        return nameid;
    } catch (final Exception e) {
        LOGGER.error(e.getMessage(), e);
    }
    return null;
}
 
开发者ID:mrluo735,项目名称:cas-5.1.0,代码行数:28,代码来源:SamlProfileSamlNameIdBuilder.java


示例10: buildAttributeStatement

import org.opensaml.saml.saml2.core.AuthnRequest; //导入依赖的package包/类
private AttributeStatement buildAttributeStatement(final Assertion assertion,
                                                   final AuthnRequest authnRequest,
                                                   final SamlRegisteredService service,
                                                   final SamlRegisteredServiceServiceProviderMetadataFacade adaptor) throws SamlException {
    final Map<String, Object> attributes = new HashMap<>(assertion.getAttributes());
    attributes.putAll(assertion.getPrincipal().getAttributes());
    final Map<String, Object> encodedAttrs = this.samlAttributeEncoder.encodeAttributes(attributes, service);

    final SamlIdPProperties.Response resp = casProperties.getAuthn().getSamlIdp().getResponse();
    final Map<String, String> nameFormats = new HashMap<>(resp.configureAttributeNameFormats());
    nameFormats.putAll(service.getAttributeNameFormats());
    
    return newAttributeStatement(encodedAttrs,
            resp.isUseAttributeFriendlyName(),
            nameFormats);
}
 
开发者ID:mrluo735,项目名称:cas-5.1.0,代码行数:17,代码来源:SamlProfileSamlAttributeStatementBuilder.java


示例11: build

import org.opensaml.saml.saml2.core.AuthnRequest; //导入依赖的package包/类
@Override
public Assertion build(final AuthnRequest authnRequest, final HttpServletRequest request, final HttpServletResponse response,
                       final org.jasig.cas.client.validation.Assertion casAssertion, final SamlRegisteredService service,
                       final SamlRegisteredServiceServiceProviderMetadataFacade adaptor,
                       final String binding) throws SamlException {

    final List<Statement> statements = new ArrayList<>();
    statements.add(this.samlProfileSamlAuthNStatementBuilder.build(authnRequest, request, response,
            casAssertion, service, adaptor, binding));
    statements.add(this.samlProfileSamlAttributeStatementBuilder.build(authnRequest, request,
            response, casAssertion, service, adaptor, binding));

    final String id = '_' + String.valueOf(Math.abs(new SecureRandom().nextLong()));
    final Assertion assertion = newAssertion(statements, casProperties.getAuthn().getSamlIdp().getEntityId(),
            ZonedDateTime.now(ZoneOffset.UTC), id);
    assertion.setSubject(this.samlProfileSamlSubjectBuilder.build(authnRequest, request, response,
            casAssertion, service, adaptor, binding));
    assertion.setConditions(this.samlProfileSamlConditionsBuilder.build(authnRequest,
            request, response, casAssertion, service, adaptor, binding));
    signAssertion(assertion, request, response, service, adaptor, binding);
    return assertion;
}
 
开发者ID:mrluo735,项目名称:cas-5.1.0,代码行数:23,代码来源:SamlProfileSamlAssertionBuilder.java


示例12: buildAuthnStatement

import org.opensaml.saml.saml2.core.AuthnRequest; //导入依赖的package包/类
/**
 * Creates an authentication statement for the current request.
 *
 * @param assertion    the assertion
 * @param authnRequest the authn request
 * @param adaptor      the adaptor
 * @param service      the service
 * @return constructed authentication statement
 * @throws SamlException the saml exception
 */
private AuthnStatement buildAuthnStatement(final Assertion assertion, final AuthnRequest authnRequest,
                                           final SamlRegisteredServiceServiceProviderMetadataFacade adaptor,
                                           final SamlRegisteredService service) throws SamlException {

    final String authenticationMethod = this.authnContextClassRefBuilder.build(assertion, authnRequest, adaptor, service);
    final String id = '_' + String.valueOf(Math.abs(new SecureRandom().nextLong()));
    final AuthnStatement statement = newAuthnStatement(authenticationMethod, DateTimeUtils.zonedDateTimeOf(assertion.getAuthenticationDate()), id);
    if (assertion.getValidUntilDate() != null) {
        final ZonedDateTime dt = DateTimeUtils.zonedDateTimeOf(assertion.getValidUntilDate());
        statement.setSessionNotOnOrAfter(
                DateTimeUtils.dateTimeOf(dt.plusSeconds(casProperties.getAuthn().getSamlIdp().getResponse().getSkewAllowance())));
    }
    statement.setSubjectLocality(buildSubjectLocality(assertion, authnRequest, adaptor));
    return statement;
}
 
开发者ID:mrluo735,项目名称:cas-5.1.0,代码行数:26,代码来源:SamlProfileSamlAuthNStatementBuilder.java


示例13: buildSubject

import org.opensaml.saml.saml2.core.AuthnRequest; //导入依赖的package包/类
private Subject buildSubject(final HttpServletRequest request,
                             final HttpServletResponse response,
                             final AuthnRequest authnRequest,
                             final Assertion assertion,
                             final SamlRegisteredService service,
                             final SamlRegisteredServiceServiceProviderMetadataFacade adaptor,
                             final String binding) throws SamlException {
    final NameID nameID = this.ssoPostProfileSamlNameIdBuilder.build(authnRequest, request, response, 
            assertion, service, adaptor, binding);
    final ZonedDateTime validFromDate = ZonedDateTime.ofInstant(assertion.getValidFromDate().toInstant(), ZoneOffset.UTC);

    final AssertionConsumerService acs = adaptor.getAssertionConsumerService(binding);
    if (acs == null) {
        throw new IllegalArgumentException("Failed to locate the assertion consumer service url");
    }

    final String location = StringUtils.isBlank(acs.getResponseLocation()) ? acs.getLocation() : acs.getResponseLocation();
    final Subject subject = newSubject(nameID.getFormat(), nameID.getValue(),
            location, validFromDate.plusSeconds(this.skewAllowance), authnRequest.getID());
    subject.setNameID(nameID);
    return subject;
}
 
开发者ID:mrluo735,项目名称:cas-5.1.0,代码行数:23,代码来源:SamlProfileSamlSubjectBuilder.java


示例14: build

import org.opensaml.saml.saml2.core.AuthnRequest; //导入依赖的package包/类
@Override
public String build(final Assertion assertion, final AuthnRequest authnRequest,
                    final SamlRegisteredServiceServiceProviderMetadataFacade adaptor,
                    final SamlRegisteredService service) {
    final RequestedAuthnContext requestedAuthnContext = authnRequest.getRequestedAuthnContext();
    if (requestedAuthnContext == null) {
        LOGGER.debug("No specific authN context is requested. Returning [{}]", AuthnContext.UNSPECIFIED_AUTHN_CTX);
        return AuthnContext.UNSPECIFIED_AUTHN_CTX;
    }
    final List<AuthnContextClassRef> authnContextClassRefs = requestedAuthnContext.getAuthnContextClassRefs();
    if (authnContextClassRefs == null || authnContextClassRefs.isEmpty()) {
        LOGGER.debug("Requested authN context class ref is unspecified. Returning [{}]", AuthnContext.UNSPECIFIED_AUTHN_CTX);
        return AuthnContext.UNSPECIFIED_AUTHN_CTX;
    }
    LOGGER.debug("AuthN Context comparison is requested to use [{}]", requestedAuthnContext.getComparison());
    authnContextClassRefs.forEach(authnContextClassRef -> LOGGER.debug("Requested AuthN Context [{}]", authnContextClassRef.getAuthnContextClassRef()));
    if (StringUtils.isNotBlank(service.getRequiredAuthenticationContextClass())) {
        LOGGER.debug("Using [{}] as indicated by SAML registered service [{}]",
                service.getRequiredAuthenticationContextClass(),
                service.getName());
        return service.getRequiredAuthenticationContextClass();
    }
    LOGGER.debug("Returning default AuthN Context [{}]", AuthnContext.PPT_AUTHN_CTX);
    return AuthnContext.PPT_AUTHN_CTX;
}
 
开发者ID:mrluo735,项目名称:cas-5.1.0,代码行数:26,代码来源:DefaultAuthnContextClassRefBuilder.java


示例15: SamlMessageSenderHandler

import org.opensaml.saml.saml2.core.AuthnRequest; //导入依赖的package包/类
@Inject
public SamlMessageSenderHandler(
        StringToOpenSamlObjectTransformer<Response> responseTransformer,
        StringToOpenSamlObjectTransformer<AuthnRequest> authnRequestTransformer,
        SamlMessageSignatureValidator samlMessageSignatureValidator,
        ExternalCommunicationEventLogger externalCommunicationEventLogger,
        ProtectiveMonitoringLogger protectiveMonitoringLogger,
        SessionProxy sessionProxy) {

    this.responseTransformer = responseTransformer;
    this.authnRequestTransformer = authnRequestTransformer;
    this.samlMessageSignatureValidator = samlMessageSignatureValidator;
    this.externalCommunicationEventLogger = externalCommunicationEventLogger;
    this.protectiveMonitoringLogger = protectiveMonitoringLogger;
    this.sessionProxy = sessionProxy;
}
 
开发者ID:alphagov,项目名称:verify-hub,代码行数:17,代码来源:SamlMessageSenderHandler.java


示例16: generateAuthnRequestFromHub

import org.opensaml.saml.saml2.core.AuthnRequest; //导入依赖的package包/类
public SamlMessage generateAuthnRequestFromHub(SessionId sessionId, String principalIpAddress) {
    AuthnRequestFromHubContainerDto authnRequestFromHub = sessionProxy.getAuthnRequestFromHub(sessionId);

    AuthnRequest request = authnRequestTransformer.apply(authnRequestFromHub.getSamlRequest());

    SamlValidationResponse samlSignatureValidationResponse = samlMessageSignatureValidator.validate(request, SPSSODescriptor.DEFAULT_ELEMENT_NAME);
    protectiveMonitoringLogger.logAuthnRequest(request, Direction.OUTBOUND, samlSignatureValidationResponse.isOK());

    if (!samlSignatureValidationResponse.isOK()) {
        SamlValidationSpecificationFailure failure = samlSignatureValidationResponse.getSamlValidationSpecificationFailure();
        throw new SamlTransformationErrorException(failure.getErrorMessage(), samlSignatureValidationResponse.getCause(), Level.ERROR);
    }
    SamlMessage samlMessage = new SamlMessage(authnRequestFromHub.getSamlRequest(), SamlMessageType.SAML_REQUEST, Optional.fromNullable(sessionId.toString()), authnRequestFromHub.getPostEndpoint().toString(), Optional.of(authnRequestFromHub.getRegistering()));

    externalCommunicationEventLogger.logIdpAuthnRequest(request.getID(), sessionId, authnRequestFromHub.getPostEndpoint(), principalIpAddress);
    return samlMessage;
}
 
开发者ID:alphagov,项目名称:verify-hub,代码行数:18,代码来源:SamlMessageSenderHandler.java


示例17: SamlMessageReceiverApi

import org.opensaml.saml.saml2.core.AuthnRequest; //导入依赖的package包/类
@Inject
public SamlMessageReceiverApi(RelayStateValidator relayStateValidator,
                              StringToOpenSamlObjectTransformer<AuthnRequest> stringSamlAuthnRequestTransformer,
                              StringToOpenSamlObjectTransformer<org.opensaml.saml.saml2.core.Response> stringSamlResponseTransformer,
                              @Named("authnRequestSignatureValidator") SamlMessageSignatureValidator authnRequestSignatureValidator,
                              @Named("authnResponseSignatureValidator") SamlMessageSignatureValidator authnResponseSignatureValidator,
                              @Named("eidasAuthnResponseSignatureValidator") Optional<SamlMessageSignatureValidator> eidasAuthnResponseSignatureValidator,
                              ProtectiveMonitoringLogger protectiveMonitoringLogger,
                              SessionProxy sessionProxy) {
    this.relayStateValidator = relayStateValidator;
    this.stringSamlAuthnRequestTransformer = stringSamlAuthnRequestTransformer;
    this.stringSamlResponseTransformer = stringSamlResponseTransformer;
    this.authnRequestSignatureValidator = authnRequestSignatureValidator;
    this.authnResponseSignatureValidator = authnResponseSignatureValidator;
    this.eidasAuthnResponseSignatureValidator = eidasAuthnResponseSignatureValidator;
    this.protectiveMonitoringLogger = protectiveMonitoringLogger;
    this.sessionProxy = sessionProxy;
}
 
开发者ID:alphagov,项目名称:verify-hub,代码行数:19,代码来源:SamlMessageReceiverApi.java


示例18: handleRequestPost

import org.opensaml.saml.saml2.core.AuthnRequest; //导入依赖的package包/类
@POST
@Consumes(MediaType.APPLICATION_JSON)
@Produces(MediaType.APPLICATION_JSON)
@Timed
public Response handleRequestPost(SamlRequestDto samlRequestDto) {

    relayStateValidator.validate(samlRequestDto.getRelayState());

    AuthnRequest authnRequest = stringSamlAuthnRequestTransformer.apply(samlRequestDto.getSamlRequest());

    SamlValidationResponse signatureValidationResponse = authnRequestSignatureValidator.validate(authnRequest, SPSSODescriptor.DEFAULT_ELEMENT_NAME);

    protectiveMonitoringLogger.logAuthnRequest(authnRequest, Direction.INBOUND, signatureValidationResponse.isOK());

    if (!signatureValidationResponse.isOK()) {
        SamlValidationSpecificationFailure failure = signatureValidationResponse.getSamlValidationSpecificationFailure();
        throw new SamlTransformationErrorException(failure.getErrorMessage(), signatureValidationResponse.getCause(), Level.ERROR);
    }

    SamlAuthnRequestContainerDto samlAuthnRequestContainerDto = new SamlAuthnRequestContainerDto(samlRequestDto.getSamlRequest(), Optional.ofNullable(samlRequestDto.getRelayState()), samlRequestDto.getPrincipalIpAsSeenByFrontend());

    SessionId sessionId = sessionProxy.createSession(samlAuthnRequestContainerDto);
    return Response.ok(sessionId).build();
}
 
开发者ID:alphagov,项目名称:verify-hub,代码行数:25,代码来源:SamlMessageReceiverApi.java


示例19: generateAuthnRequestFromHub_shouldAddExternalCommunicationEvent

import org.opensaml.saml.saml2.core.AuthnRequest; //导入依赖的package包/类
@Test
public void generateAuthnRequestFromHub_shouldAddExternalCommunicationEvent() throws Exception {
    SessionId sessionId = SessionId.createNewSessionId();
    String expectedSamlMessageId = UUID.randomUUID().toString();

    when(sessionProxy.getAuthnRequestFromHub(any(SessionId.class))).thenReturn(new AuthnRequestFromHubContainerDto(samlRequest, postEndPoint, true));

    AuthnRequest authnRequest = anAuthnRequest().withId(expectedSamlMessageId).build();
    when(authnRequestTransformer.apply(samlRequest)).thenReturn(authnRequest);

    SamlMessage authnResponse = samlMessageSenderHandler.generateAuthnRequestFromHub(sessionId, principalIpAddressAsSeenByHub);
    assertThat(authnResponse.getSamlMessage()).isEqualTo(samlRequest);
    assertThat(authnResponse.getPostEndpoint()).isEqualTo(postEndPoint.toString());
    assertThat(authnResponse.getRegistration().isPresent()).isTrue();
    assertThat(authnResponse.getRegistration().get()).isTrue();
    assertThat(authnResponse.getSamlMessageType()).isEqualTo(SamlMessageType.SAML_REQUEST);
    assertThat(authnResponse.getRelayState().isPresent()).isTrue();
    assertThat(authnResponse.getRelayState().get()).isEqualTo(sessionId.getSessionId());

    verify(externalCommunicationEventLogger).logIdpAuthnRequest(expectedSamlMessageId, sessionId, postEndPoint, principalIpAddressAsSeenByHub);
}
 
开发者ID:alphagov,项目名称:verify-hub,代码行数:22,代码来源:SamlMessageSenderHandlerTest.java


示例20: handleResponsePost_shouldReportPrincipalIpAddress

import org.opensaml.saml.saml2.core.AuthnRequest; //导入依赖的package包/类
@Test
public void handleResponsePost_shouldReportPrincipalIpAddress() throws Exception {
    AuthnRequest authnRequest = anAuthnRequest().withIssuer(anIssuer().withIssuerId(ISSUER_ID).build()).build();

    when(stringSamlAuthnRequestTransformer.apply(SAML_REQUEST)).thenReturn(authnRequest);
    when(stringSamlResponseTransformer.apply(SAML_REQUEST)).thenReturn(aResponse().build());
    when(samlMessageSignatureValidator.validate(any(org.opensaml.saml.saml2.core.Response.class), any(QName.class))).thenReturn(SamlValidationResponse.aValidResponse());
    when(sessionProxy.createSession(any(SamlAuthnRequestContainerDto.class))).thenReturn(SESSION_ID);
    when(responseTransformer.apply(anyString())).thenReturn(aResponse().build());

    samlMessageReceiverApi.handleResponsePost(SAML_REQUEST_DTO);

    ArgumentCaptor<SamlAuthnResponseContainerDto> samlAuthnResponseContainerDtoArgumentCaptor = ArgumentCaptor.forClass(SamlAuthnResponseContainerDto.class);

    verify(sessionProxy).receiveAuthnResponseFromIdp(samlAuthnResponseContainerDtoArgumentCaptor.capture(), any(SessionId.class));
    assertThat(samlAuthnResponseContainerDtoArgumentCaptor.getValue().getPrincipalIPAddressAsSeenByHub()).isEqualTo(SAML_REQUEST_DTO.getPrincipalIpAsSeenByFrontend());
}
 
开发者ID:alphagov,项目名称:verify-hub,代码行数:18,代码来源:SamlMessageReceiverApiTest.java



注:本文中的org.opensaml.saml.saml2.core.AuthnRequest类示例整理自Github/MSDocs等源码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。


鲜花

握手

雷人

路过

鸡蛋
该文章已有0人参与评论

请发表评论

全部评论

专题导读
上一篇:
Java ScriptEngineService类代码示例发布时间:2022-05-22
下一篇:
Java GetContainerReportResponse类代码示例发布时间:2022-05-22
热门推荐
阅读排行榜

扫描微信二维码

查看手机版网站

随时了解更新最新资讯

139-2527-9053

在线客服(服务时间 9:00~18:00)

在线QQ客服
地址:深圳市南山区西丽大学城创智工业园
电邮:jeky_zhao#qq.com
移动电话:139-2527-9053

Powered by 互联科技 X3.4© 2001-2213 极客世界.|Sitemap