当前位置: 首页>>代码示例>>Java>>正文


Java MessageContext类代码示例

本文整理汇总了Java中org.opensaml.messaging.context.MessageContext的典型用法代码示例。如果您正苦于以下问题:Java MessageContext类的具体用法?Java MessageContext怎么用?Java MessageContext使用的例子?那么恭喜您, 这里精选的类代码示例或许可以为您提供帮助。


MessageContext类属于org.opensaml.messaging.context包,在下文中一共展示了MessageContext类的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Java代码示例。

示例1: buildSamlResponse

import org.opensaml.messaging.context.MessageContext; //导入依赖的package包/类
/**
 * Build saml response.
 *
 * @param response              the response
 * @param request               the request
 * @param authenticationContext the authentication context
 * @param casAssertion          the cas assertion
 * @param binding               the binding
 */
protected void buildSamlResponse(final HttpServletResponse response,
                                 final HttpServletRequest request,
                                 final Pair<AuthnRequest, MessageContext> authenticationContext,
                                 final Assertion casAssertion,
                                 final String binding) {
    final String issuer = SamlIdPUtils.getIssuerFromSamlRequest(authenticationContext.getKey());
    LOGGER.debug("Located issuer [{}] from authentication context", issuer);

    final SamlRegisteredService registeredService = verifySamlRegisteredService(issuer);

    LOGGER.debug("Located SAML metadata for [{}]", registeredService);
    final Optional<SamlRegisteredServiceServiceProviderMetadataFacade> adaptor =
            getSamlMetadataFacadeFor(registeredService, authenticationContext.getKey());

    if (!adaptor.isPresent()) {
        throw new UnauthorizedServiceException(UnauthorizedServiceException.CODE_UNAUTHZ_SERVICE, "Cannot find metadata linked to " + issuer);
    }
    LOGGER.debug("Preparing SAML response for [{}]", adaptor.get().getEntityId());
    final SamlRegisteredServiceServiceProviderMetadataFacade facade = adaptor.get();
    final AuthnRequest authnRequest = authenticationContext.getKey();
    this.responseBuilder.build(authnRequest, request, response,
            casAssertion, registeredService, facade, binding);
    LOGGER.info("Built the SAML response for [{}]", facade.getEntityId());
}
 
开发者ID:mrluo735,项目名称:cas-5.1.0,代码行数:34,代码来源:AbstractSamlProfileHandlerController.java

示例2: doInvoke

import org.opensaml.messaging.context.MessageContext; //导入依赖的package包/类
/** {@inheritDoc} */
@Override
protected void doInvoke(@Nonnull final MessageContext messageContext) throws MessageHandlerException {
    ComponentSupport.ifNotInitializedThrowUninitializedComponentException(this);
    // Resolve client id from inbound message
    final ClientID clientId = RequestFieldResolver.getClientID((AbstractRequest) messageContext.getMessage());
    // Resolve metadata for client id
    final ClientIDCriterion clientCriterion = new ClientIDCriterion(clientId);
    final CriteriaSet criteria = new CriteriaSet(clientCriterion);
    try {
        final OIDCClientInformation clientInformation = clientResolver.resolveSingle(criteria);
        if (clientInformation == null) {
            log.warn("{} No client information returned for {}", getLogPrefix(), clientId);
            return;
        }
        final OIDCMetadataContext oidcCtx = new OIDCMetadataContext();
        oidcCtx.setClientInformation(clientInformation);
        messageContext.addSubcontext(oidcCtx);
        // Based on that info we know 1) client is valid 2) we know valid
        // redirect uris
        log.debug("{} {} added to MessageContext as child of {}", getLogPrefix(),
                OIDCMetadataContext.class.getName(), messageContext.getClass().getName());
    } catch (ResolverException e) {
        log.error("{} ResolverException thrown during client information lookup", getLogPrefix(), e);
    }
}
 
开发者ID:CSCfi,项目名称:shibboleth-idp-oidc-extension,代码行数:27,代码来源:OIDCMetadataLookupHandler.java

示例3: doDecode

import org.opensaml.messaging.context.MessageContext; //导入依赖的package包/类
/** {@inheritDoc} */
@Override
protected void doDecode() throws MessageDecodingException {
    final MessageContext<OIDCWebFingerRequest> messageContext = new MessageContext<>();
    final HttpServletRequest httpRequest = getHttpServletRequest();
    final String resource = StringSupport.trimOrNull(httpRequest.getParameter("resource"));
    if (resource == null) {
        log.error("No resource parameter value found from the request");
        throw new MessageDecodingException("Mandatory value for resource is missing");
    }
    final String rel = StringSupport.trim(httpRequest.getParameter("rel"));
    if (rel == null) {
        log.error("No rel parameter value found from the request");
        throw new MessageDecodingException("Mandatory value for rel is missing");
    }
    final OIDCWebFingerRequestImpl request = new OIDCWebFingerRequestImpl(resource, rel);
    log.debug("Decoded Web Finger request with resource = {} and rel = {}", resource, rel);
    messageContext.setMessage(request);
    setMessageContext(messageContext);
}
 
开发者ID:CSCfi,项目名称:shibboleth-idp-oidc-extension,代码行数:21,代码来源:OIDCWebFingerRequestDecoder.java

示例4: setUp

import org.opensaml.messaging.context.MessageContext; //导入依赖的package包/类
@SuppressWarnings("unchecked")
@BeforeMethod
private void setUp() throws Exception {
    rule = new AttributeOIDCScopePolicyRule();
    rule.setMatchString("test");
    rule.setId("componentId");
    rule.initialize();
    final RequestContext requestCtx = new RequestContextBuilder().buildRequestContext();
    prc = new WebflowRequestContextProfileRequestContextLookup().apply(requestCtx);
    msgCtx = new MessageContext<AuthenticationResponse>();
    prc.setOutboundMessageContext(msgCtx);
    // shortcut, may break the test
    filtercontext = prc.getSubcontext(AttributeFilterContext.class, true);
    authRespCtx = new OIDCAuthenticationResponseContext();
    msgCtx.addSubcontext(authRespCtx);
    Scope scope = new Scope();
    scope.add("openid");
    scope.add("test");
    authRespCtx.setScope(scope);
}
 
开发者ID:CSCfi,项目名称:shibboleth-idp-oidc-extension,代码行数:21,代码来源:AttributeOIDCScopePolicyRuleTest.java

示例5: setUp

import org.opensaml.messaging.context.MessageContext; //导入依赖的package包/类
@SuppressWarnings({ "rawtypes", "unchecked" })
@BeforeMethod
public void setUp() throws ComponentInitializationException {
    message = new MockMessage();
    message.getProperties().put("foo", "3");
    message.getProperties().put("bar", "1");
    message.getProperties().put("baz", "2");

    // Encoded mock message, keys sorted alphabetically, per
    // MockMessage#toString
    expectedMessage = "bar=1&baz=2&foo=3";

    messageContext = new MessageContext<>();
    messageContext.setMessage(message);

    profileCtx = new ProfileRequestContext();
    profileCtx.setOutboundMessageContext(messageContext);

    encoder = new MockMessageEncoder();
    // Note: we don't init the encoder, b/c that is done by the action after
    // setting the message context
}
 
开发者ID:CSCfi,项目名称:shibboleth-idp-oidc-extension,代码行数:23,代码来源:EncodeMessageTest.java

示例6: testResponseEncoding

import org.opensaml.messaging.context.MessageContext; //导入依赖的package包/类
@Test
public void testResponseEncoding() throws Exception {

    AuthenticationErrorResponse resp = new AuthenticationErrorResponse(new URI("https://example.org"),
            new ErrorObject("code", "desc"), new State(), null);
    MessageContext<AuthenticationResponse> messageContext = new MessageContext<>();
    messageContext.setMessage(resp);
    MockHttpServletResponse response = new MockHttpServletResponse();

    OIDCAuthenticationResponseEncoder encoder = new OIDCAuthenticationResponseEncoder();
    encoder.setMessageContext(messageContext);
    encoder.setHttpServletResponse(response);

    encoder.initialize();
    encoder.encode();

    Assert.assertEquals("UTF-8", response.getCharacterEncoding(), "Unexpected character encoding");
    Assert.assertEquals(response.getHeader("Cache-control"), "no-cache, no-store", "Unexpected cache controls");

}
 
开发者ID:CSCfi,项目名称:shibboleth-idp-oidc-extension,代码行数:21,代码来源:OIDCAuthenticationResponseEncoderTest.java

示例7: encodeSamlResponse

import org.opensaml.messaging.context.MessageContext; //导入依赖的package包/类
/**
 * Encode response and pass it onto the outbound transport.
 * Uses {@link CasHttpSoap11Encoder} to handle encoding.
 *
 * @param httpResponse the http response
 * @param httpRequest the http request
 * @param samlMessage the saml response
 * @throws Exception the exception in case encoding fails.
 */
public void encodeSamlResponse(final HttpServletResponse httpResponse,
                               final HttpServletRequest httpRequest,
                               final Response samlMessage) throws Exception {

    SamlUtils.logSamlObject(this.configBean, samlMessage);
    
    final HTTPSOAP11Encoder encoder = new CasHttpSoap11Encoder();
    final MessageContext<SAMLObject> context = new MessageContext();
    context.setMessage(samlMessage);
    encoder.setHttpServletResponse(httpResponse);
    encoder.setMessageContext(context);
    encoder.initialize();
    encoder.prepareContext();
    encoder.encode();
}
 
开发者ID:mrluo735,项目名称:cas-5.1.0,代码行数:25,代码来源:Saml10ObjectBuilder.java

示例8: handleEcpRequest

import org.opensaml.messaging.context.MessageContext; //导入依赖的package包/类
/**
 * Handle ecp request.
 *
 * @param response the response
 * @param request  the request
 * @throws Exception the exception
 */
@PostMapping(path = SamlIdPConstants.ENDPOINT_SAML2_IDP_ECP_PROFILE_SSO,
        consumes = {MediaType.TEXT_XML_VALUE, SamlIdPConstants.ECP_SOAP_PAOS_CONTENT_TYPE},
        produces = {MediaType.TEXT_XML_VALUE, SamlIdPConstants.ECP_SOAP_PAOS_CONTENT_TYPE})
public void handleEcpRequest(final HttpServletResponse response,
                             final HttpServletRequest request) throws Exception {
    final MessageContext soapContext = decodeSoapRequest(request);
    final Credential credential = extractBasicAuthenticationCredential(request, response);

    if (credential == null) {
        LOGGER.error("Credentials could not be extracted from the SAML ECP request");
        return;
    }
    if (soapContext == null) {
        LOGGER.error("SAML ECP request could not be determined from the authentication request");
        return;
    }
    handleEcpRequest(response, request, soapContext, credential, SAMLConstants.SAML2_PAOS_BINDING_URI);
}
 
开发者ID:mrluo735,项目名称:cas-5.1.0,代码行数:26,代码来源:ECPProfileHandlerController.java

示例9: decodeSoapRequest

import org.opensaml.messaging.context.MessageContext; //导入依赖的package包/类
/**
 * Decode soap 11 context.
 *
 * @param request the request
 * @return the soap 11 context
 */
protected MessageContext decodeSoapRequest(final HttpServletRequest request) {
    try {
        final HTTPSOAP11Decoder decoder = new HTTPSOAP11Decoder();
        decoder.setParserPool(parserPool);
        decoder.setHttpServletRequest(request);

        final BindingDescriptor binding = new BindingDescriptor();
        binding.setId(getClass().getName());
        binding.setShortName(getClass().getName());
        binding.setSignatureCapable(true);
        binding.setSynchronous(true);

        decoder.setBindingDescriptor(binding);
        decoder.initialize();
        decoder.decode();
        return decoder.getMessageContext();
    } catch (final Exception e) {
        LOGGER.error(e.getMessage(), e);
    }
    return null;
}
 
开发者ID:mrluo735,项目名称:cas-5.1.0,代码行数:28,代码来源:ECPProfileHandlerController.java

示例10: issueAuthenticationRequestRedirect

import org.opensaml.messaging.context.MessageContext; //导入依赖的package包/类
/**
 * Redirect request for authentication.
 *
 * @param pair     the pair
 * @param request  the request
 * @param response the response
 * @throws Exception the exception
 */
protected void issueAuthenticationRequestRedirect(final Pair<? extends SignableSAMLObject, MessageContext> pair,
                                                  final HttpServletRequest request,
                                                  final HttpServletResponse response) throws Exception {
    final AuthnRequest authnRequest = AuthnRequest.class.cast(pair.getLeft());
    final String serviceUrl = constructServiceUrl(request, response, pair);
    LOGGER.debug("Created service url [{}]", serviceUrl);

    final String initialUrl = CommonUtils.constructRedirectUrl(this.loginUrl,
            CasProtocolConstants.PARAMETER_SERVICE, serviceUrl, authnRequest.isForceAuthn(),
            authnRequest.isPassive());

    final String urlToRedirectTo = buildRedirectUrlByRequestedAuthnContext(initialUrl, authnRequest, request);

    LOGGER.debug("Redirecting SAML authN request to [{}]", urlToRedirectTo);
    final AuthenticationRedirectStrategy authenticationRedirectStrategy = new DefaultAuthenticationRedirectStrategy();
    authenticationRedirectStrategy.redirect(request, response, urlToRedirectTo);

}
 
开发者ID:mrluo735,项目名称:cas-5.1.0,代码行数:27,代码来源:AbstractSamlProfileHandlerController.java

示例11: verifySamlAuthenticationRequest

import org.opensaml.messaging.context.MessageContext; //导入依赖的package包/类
/**
 * Verify saml authentication request.
 *
 * @param authenticationContext the pair
 * @param request               the request
 * @return the pair
 * @throws Exception the exception
 */
protected Pair<SamlRegisteredService, SamlRegisteredServiceServiceProviderMetadataFacade> verifySamlAuthenticationRequest(
        final Pair<? extends SignableSAMLObject, MessageContext> authenticationContext,
        final HttpServletRequest request) throws Exception {
    final AuthnRequest authnRequest = AuthnRequest.class.cast(authenticationContext.getKey());
    final String issuer = SamlIdPUtils.getIssuerFromSamlRequest(authnRequest);
    LOGGER.debug("Located issuer [{}] from authentication request", issuer);

    final SamlRegisteredService registeredService = verifySamlRegisteredService(issuer);
    LOGGER.debug("Fetching saml metadata adaptor for [{}]", issuer);
    final Optional<SamlRegisteredServiceServiceProviderMetadataFacade> adaptor =
            SamlRegisteredServiceServiceProviderMetadataFacade.get(this.samlRegisteredServiceCachingMetadataResolver,
                    registeredService, authnRequest);

    if (!adaptor.isPresent()) {
        LOGGER.warn("No metadata could be found for [{}]", issuer);
        throw new UnauthorizedServiceException(UnauthorizedServiceException.CODE_UNAUTHZ_SERVICE, "Cannot find metadata linked to " + issuer);
    }

    verifyAuthenticationContextSignature(authenticationContext, request, authnRequest, adaptor.get());
    SamlUtils.logSamlObject(this.configBean, authnRequest);
    return Pair.of(registeredService, adaptor.get());
}
 
开发者ID:mrluo735,项目名称:cas-5.1.0,代码行数:31,代码来源:AbstractSamlProfileHandlerController.java

示例12: verifyAuthenticationContextSignature

import org.opensaml.messaging.context.MessageContext; //导入依赖的package包/类
/**
 * Verify authentication context signature.
 *
 * @param authenticationContext the authentication context
 * @param request               the request
 * @param authnRequest          the authn request
 * @param adaptor               the adaptor
 * @throws Exception the exception
 */
protected void verifyAuthenticationContextSignature(final Pair<? extends SignableSAMLObject, MessageContext> authenticationContext,
                                                    final HttpServletRequest request, final AuthnRequest authnRequest,
                                                    final SamlRegisteredServiceServiceProviderMetadataFacade adaptor) throws Exception {
    final MessageContext ctx = authenticationContext.getValue();
    if (!SAMLBindingSupport.isMessageSigned(ctx)) {
        LOGGER.debug("The authentication context is not signed");
        if (adaptor.isAuthnRequestsSigned()) {
            LOGGER.error("Metadata for [{}] says authentication requests are signed, yet authentication request is not", adaptor.getEntityId());
            throw new SAMLException("AuthN request is not signed but should be");
        }
        LOGGER.debug("Authentication request is not signed, so there is no need to verify its signature.");
    } else {
        LOGGER.debug("The authentication context is signed; Proceeding to validate signatures...");
        this.samlObjectSignatureValidator.verifySamlProfileRequestIfNeeded(authnRequest, adaptor, request, ctx);
    }
}
 
开发者ID:mrluo735,项目名称:cas-5.1.0,代码行数:26,代码来源:AbstractSamlProfileHandlerController.java

示例13: handleCallbackProfileRequest

import org.opensaml.messaging.context.MessageContext; //导入依赖的package包/类
/**
 * Handle callback profile request.
 *
 * @param response the response
 * @param request  the request
 * @throws Exception the exception
 */
@GetMapping(path = SamlIdPConstants.ENDPOINT_SAML2_SSO_PROFILE_POST_CALLBACK)
protected void handleCallbackProfileRequest(final HttpServletResponse response, final HttpServletRequest request) throws Exception {

    LOGGER.info("Received SAML callback profile request [{}]", request.getRequestURI());
    final AuthnRequest authnRequest = retrieveSamlAuthenticationRequestFromHttpRequest(request);
    if (authnRequest == null) {
        LOGGER.error("Can not validate the request because the original Authn request can not be found.");
        response.setStatus(HttpServletResponse.SC_FORBIDDEN);
        return;
    }

    final String ticket = CommonUtils.safeGetParameter(request, CasProtocolConstants.PARAMETER_TICKET);
    if (StringUtils.isBlank(ticket)) {
        LOGGER.error("Can not validate the request because no [{}] is provided via the request", CasProtocolConstants.PARAMETER_TICKET);
        response.setStatus(HttpServletResponse.SC_FORBIDDEN);
        return;
    }

    final Pair<AuthnRequest, MessageContext> authenticationContext = buildAuthenticationContextPair(request, authnRequest);
    final Assertion assertion = validateRequestAndBuildCasAssertion(response, request, authenticationContext);
    buildSamlResponse(response, request, authenticationContext, assertion, SAMLConstants.SAML2_POST_BINDING_URI);
}
 
开发者ID:mrluo735,项目名称:cas-5.1.0,代码行数:30,代码来源:SSOPostProfileCallbackHandlerController.java

示例14: validateRequestAndBuildCasAssertion

import org.opensaml.messaging.context.MessageContext; //导入依赖的package包/类
private Assertion validateRequestAndBuildCasAssertion(final HttpServletResponse response,
                                                      final HttpServletRequest request,
                                                      final Pair<AuthnRequest, MessageContext> pair) throws Exception {
    final AuthnRequest authnRequest = pair.getKey();
    final String ticket = CommonUtils.safeGetParameter(request, CasProtocolConstants.PARAMETER_TICKET);
    final Cas30ServiceTicketValidator validator = new Cas30ServiceTicketValidator(this.serverPrefix);

    final HttpsURLConnectionFactory factory = new HttpsURLConnectionFactory();
    factory.setHostnameVerifier(this.hostnameVerifier);
    validator.setURLConnectionFactory(factory);
    
    validator.setRenew(authnRequest.isForceAuthn());
    final String serviceUrl = constructServiceUrl(request, response, pair);
    LOGGER.debug("Created service url for validation: [{}]", serviceUrl);
    final Assertion assertion = validator.validate(ticket, serviceUrl);
    logCasValidationAssertion(assertion);
    return assertion;
}
 
开发者ID:mrluo735,项目名称:cas-5.1.0,代码行数:19,代码来源:SSOPostProfileCallbackHandlerController.java

示例15: handleSloProfileRequest

import org.opensaml.messaging.context.MessageContext; //导入依赖的package包/类
/**
 * Handle profile request.
 *
 * @param response the response
 * @param request  the request
 * @param decoder  the decoder
 * @throws Exception the exception
 */
protected void handleSloProfileRequest(final HttpServletResponse response,
                                           final HttpServletRequest request,
                                           final BaseHttpServletRequestXMLMessageDecoder decoder) throws Exception {
    if (singleLogoutCallbacksDisabled) {
        LOGGER.info("Processing SAML IdP SLO requests is disabled");
        return;
    }

    final Pair<? extends SignableSAMLObject, MessageContext> pair = decodeSamlContextFromHttpRequest(request, decoder, LogoutRequest.class);
    final LogoutRequest logoutRequest = LogoutRequest.class.cast(pair.getKey());
    final MessageContext ctx = pair.getValue();

    if (this.forceSignedLogoutRequests && !SAMLBindingSupport.isMessageSigned(ctx)) {
        throw new SAMLException("Logout request is not signed but should be.");
    }

    if (SAMLBindingSupport.isMessageSigned(ctx)) {
        final MetadataResolver resolver = SamlIdPUtils.getMetadataResolverForAllSamlServices(this.servicesManager,
                SamlIdPUtils.getIssuerFromSamlRequest(logoutRequest),
                this.samlRegisteredServiceCachingMetadataResolver);
        this.samlObjectSignatureValidator.verifySamlProfileRequestIfNeeded(logoutRequest, resolver, request, ctx);
    }
    SamlUtils.logSamlObject(this.configBean, logoutRequest);
    response.sendRedirect(this.logoutUrl);
}
 
开发者ID:mrluo735,项目名称:cas-5.1.0,代码行数:34,代码来源:AbstractSamlSLOProfileHandlerController.java


注:本文中的org.opensaml.messaging.context.MessageContext类示例由纯净天空整理自Github/MSDocs等开源代码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。