本文整理汇总了Java中org.opensaml.messaging.context.MessageContext类的典型用法代码示例。如果您正苦于以下问题:Java MessageContext类的具体用法?Java MessageContext怎么用?Java MessageContext使用的例子?那么恭喜您, 这里精选的类代码示例或许可以为您提供帮助。
MessageContext类属于org.opensaml.messaging.context包,在下文中一共展示了MessageContext类的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Java代码示例。
示例1: buildSamlResponse
import org.opensaml.messaging.context.MessageContext; //导入依赖的package包/类
/**
* Build saml response.
*
* @param response the response
* @param request the request
* @param authenticationContext the authentication context
* @param casAssertion the cas assertion
* @param binding the binding
*/
protected void buildSamlResponse(final HttpServletResponse response,
final HttpServletRequest request,
final Pair<AuthnRequest, MessageContext> authenticationContext,
final Assertion casAssertion,
final String binding) {
final String issuer = SamlIdPUtils.getIssuerFromSamlRequest(authenticationContext.getKey());
LOGGER.debug("Located issuer [{}] from authentication context", issuer);
final SamlRegisteredService registeredService = verifySamlRegisteredService(issuer);
LOGGER.debug("Located SAML metadata for [{}]", registeredService);
final Optional<SamlRegisteredServiceServiceProviderMetadataFacade> adaptor =
getSamlMetadataFacadeFor(registeredService, authenticationContext.getKey());
if (!adaptor.isPresent()) {
throw new UnauthorizedServiceException(UnauthorizedServiceException.CODE_UNAUTHZ_SERVICE, "Cannot find metadata linked to " + issuer);
}
LOGGER.debug("Preparing SAML response for [{}]", adaptor.get().getEntityId());
final SamlRegisteredServiceServiceProviderMetadataFacade facade = adaptor.get();
final AuthnRequest authnRequest = authenticationContext.getKey();
this.responseBuilder.build(authnRequest, request, response,
casAssertion, registeredService, facade, binding);
LOGGER.info("Built the SAML response for [{}]", facade.getEntityId());
}
示例2: doInvoke
import org.opensaml.messaging.context.MessageContext; //导入依赖的package包/类
/** {@inheritDoc} */
@Override
protected void doInvoke(@Nonnull final MessageContext messageContext) throws MessageHandlerException {
ComponentSupport.ifNotInitializedThrowUninitializedComponentException(this);
// Resolve client id from inbound message
final ClientID clientId = RequestFieldResolver.getClientID((AbstractRequest) messageContext.getMessage());
// Resolve metadata for client id
final ClientIDCriterion clientCriterion = new ClientIDCriterion(clientId);
final CriteriaSet criteria = new CriteriaSet(clientCriterion);
try {
final OIDCClientInformation clientInformation = clientResolver.resolveSingle(criteria);
if (clientInformation == null) {
log.warn("{} No client information returned for {}", getLogPrefix(), clientId);
return;
}
final OIDCMetadataContext oidcCtx = new OIDCMetadataContext();
oidcCtx.setClientInformation(clientInformation);
messageContext.addSubcontext(oidcCtx);
// Based on that info we know 1) client is valid 2) we know valid
// redirect uris
log.debug("{} {} added to MessageContext as child of {}", getLogPrefix(),
OIDCMetadataContext.class.getName(), messageContext.getClass().getName());
} catch (ResolverException e) {
log.error("{} ResolverException thrown during client information lookup", getLogPrefix(), e);
}
}
示例3: doDecode
import org.opensaml.messaging.context.MessageContext; //导入依赖的package包/类
/** {@inheritDoc} */
@Override
protected void doDecode() throws MessageDecodingException {
final MessageContext<OIDCWebFingerRequest> messageContext = new MessageContext<>();
final HttpServletRequest httpRequest = getHttpServletRequest();
final String resource = StringSupport.trimOrNull(httpRequest.getParameter("resource"));
if (resource == null) {
log.error("No resource parameter value found from the request");
throw new MessageDecodingException("Mandatory value for resource is missing");
}
final String rel = StringSupport.trim(httpRequest.getParameter("rel"));
if (rel == null) {
log.error("No rel parameter value found from the request");
throw new MessageDecodingException("Mandatory value for rel is missing");
}
final OIDCWebFingerRequestImpl request = new OIDCWebFingerRequestImpl(resource, rel);
log.debug("Decoded Web Finger request with resource = {} and rel = {}", resource, rel);
messageContext.setMessage(request);
setMessageContext(messageContext);
}
示例4: setUp
import org.opensaml.messaging.context.MessageContext; //导入依赖的package包/类
@SuppressWarnings("unchecked")
@BeforeMethod
private void setUp() throws Exception {
rule = new AttributeOIDCScopePolicyRule();
rule.setMatchString("test");
rule.setId("componentId");
rule.initialize();
final RequestContext requestCtx = new RequestContextBuilder().buildRequestContext();
prc = new WebflowRequestContextProfileRequestContextLookup().apply(requestCtx);
msgCtx = new MessageContext<AuthenticationResponse>();
prc.setOutboundMessageContext(msgCtx);
// shortcut, may break the test
filtercontext = prc.getSubcontext(AttributeFilterContext.class, true);
authRespCtx = new OIDCAuthenticationResponseContext();
msgCtx.addSubcontext(authRespCtx);
Scope scope = new Scope();
scope.add("openid");
scope.add("test");
authRespCtx.setScope(scope);
}
示例5: setUp
import org.opensaml.messaging.context.MessageContext; //导入依赖的package包/类
@SuppressWarnings({ "rawtypes", "unchecked" })
@BeforeMethod
public void setUp() throws ComponentInitializationException {
message = new MockMessage();
message.getProperties().put("foo", "3");
message.getProperties().put("bar", "1");
message.getProperties().put("baz", "2");
// Encoded mock message, keys sorted alphabetically, per
// MockMessage#toString
expectedMessage = "bar=1&baz=2&foo=3";
messageContext = new MessageContext<>();
messageContext.setMessage(message);
profileCtx = new ProfileRequestContext();
profileCtx.setOutboundMessageContext(messageContext);
encoder = new MockMessageEncoder();
// Note: we don't init the encoder, b/c that is done by the action after
// setting the message context
}
示例6: testResponseEncoding
import org.opensaml.messaging.context.MessageContext; //导入依赖的package包/类
@Test
public void testResponseEncoding() throws Exception {
AuthenticationErrorResponse resp = new AuthenticationErrorResponse(new URI("https://example.org"),
new ErrorObject("code", "desc"), new State(), null);
MessageContext<AuthenticationResponse> messageContext = new MessageContext<>();
messageContext.setMessage(resp);
MockHttpServletResponse response = new MockHttpServletResponse();
OIDCAuthenticationResponseEncoder encoder = new OIDCAuthenticationResponseEncoder();
encoder.setMessageContext(messageContext);
encoder.setHttpServletResponse(response);
encoder.initialize();
encoder.encode();
Assert.assertEquals("UTF-8", response.getCharacterEncoding(), "Unexpected character encoding");
Assert.assertEquals(response.getHeader("Cache-control"), "no-cache, no-store", "Unexpected cache controls");
}
开发者ID:CSCfi,项目名称:shibboleth-idp-oidc-extension,代码行数:21,代码来源:OIDCAuthenticationResponseEncoderTest.java
示例7: encodeSamlResponse
import org.opensaml.messaging.context.MessageContext; //导入依赖的package包/类
/**
* Encode response and pass it onto the outbound transport.
* Uses {@link CasHttpSoap11Encoder} to handle encoding.
*
* @param httpResponse the http response
* @param httpRequest the http request
* @param samlMessage the saml response
* @throws Exception the exception in case encoding fails.
*/
public void encodeSamlResponse(final HttpServletResponse httpResponse,
final HttpServletRequest httpRequest,
final Response samlMessage) throws Exception {
SamlUtils.logSamlObject(this.configBean, samlMessage);
final HTTPSOAP11Encoder encoder = new CasHttpSoap11Encoder();
final MessageContext<SAMLObject> context = new MessageContext();
context.setMessage(samlMessage);
encoder.setHttpServletResponse(httpResponse);
encoder.setMessageContext(context);
encoder.initialize();
encoder.prepareContext();
encoder.encode();
}
示例8: handleEcpRequest
import org.opensaml.messaging.context.MessageContext; //导入依赖的package包/类
/**
* Handle ecp request.
*
* @param response the response
* @param request the request
* @throws Exception the exception
*/
@PostMapping(path = SamlIdPConstants.ENDPOINT_SAML2_IDP_ECP_PROFILE_SSO,
consumes = {MediaType.TEXT_XML_VALUE, SamlIdPConstants.ECP_SOAP_PAOS_CONTENT_TYPE},
produces = {MediaType.TEXT_XML_VALUE, SamlIdPConstants.ECP_SOAP_PAOS_CONTENT_TYPE})
public void handleEcpRequest(final HttpServletResponse response,
final HttpServletRequest request) throws Exception {
final MessageContext soapContext = decodeSoapRequest(request);
final Credential credential = extractBasicAuthenticationCredential(request, response);
if (credential == null) {
LOGGER.error("Credentials could not be extracted from the SAML ECP request");
return;
}
if (soapContext == null) {
LOGGER.error("SAML ECP request could not be determined from the authentication request");
return;
}
handleEcpRequest(response, request, soapContext, credential, SAMLConstants.SAML2_PAOS_BINDING_URI);
}
示例9: decodeSoapRequest
import org.opensaml.messaging.context.MessageContext; //导入依赖的package包/类
/**
* Decode soap 11 context.
*
* @param request the request
* @return the soap 11 context
*/
protected MessageContext decodeSoapRequest(final HttpServletRequest request) {
try {
final HTTPSOAP11Decoder decoder = new HTTPSOAP11Decoder();
decoder.setParserPool(parserPool);
decoder.setHttpServletRequest(request);
final BindingDescriptor binding = new BindingDescriptor();
binding.setId(getClass().getName());
binding.setShortName(getClass().getName());
binding.setSignatureCapable(true);
binding.setSynchronous(true);
decoder.setBindingDescriptor(binding);
decoder.initialize();
decoder.decode();
return decoder.getMessageContext();
} catch (final Exception e) {
LOGGER.error(e.getMessage(), e);
}
return null;
}
示例10: issueAuthenticationRequestRedirect
import org.opensaml.messaging.context.MessageContext; //导入依赖的package包/类
/**
* Redirect request for authentication.
*
* @param pair the pair
* @param request the request
* @param response the response
* @throws Exception the exception
*/
protected void issueAuthenticationRequestRedirect(final Pair<? extends SignableSAMLObject, MessageContext> pair,
final HttpServletRequest request,
final HttpServletResponse response) throws Exception {
final AuthnRequest authnRequest = AuthnRequest.class.cast(pair.getLeft());
final String serviceUrl = constructServiceUrl(request, response, pair);
LOGGER.debug("Created service url [{}]", serviceUrl);
final String initialUrl = CommonUtils.constructRedirectUrl(this.loginUrl,
CasProtocolConstants.PARAMETER_SERVICE, serviceUrl, authnRequest.isForceAuthn(),
authnRequest.isPassive());
final String urlToRedirectTo = buildRedirectUrlByRequestedAuthnContext(initialUrl, authnRequest, request);
LOGGER.debug("Redirecting SAML authN request to [{}]", urlToRedirectTo);
final AuthenticationRedirectStrategy authenticationRedirectStrategy = new DefaultAuthenticationRedirectStrategy();
authenticationRedirectStrategy.redirect(request, response, urlToRedirectTo);
}
示例11: verifySamlAuthenticationRequest
import org.opensaml.messaging.context.MessageContext; //导入依赖的package包/类
/**
* Verify saml authentication request.
*
* @param authenticationContext the pair
* @param request the request
* @return the pair
* @throws Exception the exception
*/
protected Pair<SamlRegisteredService, SamlRegisteredServiceServiceProviderMetadataFacade> verifySamlAuthenticationRequest(
final Pair<? extends SignableSAMLObject, MessageContext> authenticationContext,
final HttpServletRequest request) throws Exception {
final AuthnRequest authnRequest = AuthnRequest.class.cast(authenticationContext.getKey());
final String issuer = SamlIdPUtils.getIssuerFromSamlRequest(authnRequest);
LOGGER.debug("Located issuer [{}] from authentication request", issuer);
final SamlRegisteredService registeredService = verifySamlRegisteredService(issuer);
LOGGER.debug("Fetching saml metadata adaptor for [{}]", issuer);
final Optional<SamlRegisteredServiceServiceProviderMetadataFacade> adaptor =
SamlRegisteredServiceServiceProviderMetadataFacade.get(this.samlRegisteredServiceCachingMetadataResolver,
registeredService, authnRequest);
if (!adaptor.isPresent()) {
LOGGER.warn("No metadata could be found for [{}]", issuer);
throw new UnauthorizedServiceException(UnauthorizedServiceException.CODE_UNAUTHZ_SERVICE, "Cannot find metadata linked to " + issuer);
}
verifyAuthenticationContextSignature(authenticationContext, request, authnRequest, adaptor.get());
SamlUtils.logSamlObject(this.configBean, authnRequest);
return Pair.of(registeredService, adaptor.get());
}
示例12: verifyAuthenticationContextSignature
import org.opensaml.messaging.context.MessageContext; //导入依赖的package包/类
/**
* Verify authentication context signature.
*
* @param authenticationContext the authentication context
* @param request the request
* @param authnRequest the authn request
* @param adaptor the adaptor
* @throws Exception the exception
*/
protected void verifyAuthenticationContextSignature(final Pair<? extends SignableSAMLObject, MessageContext> authenticationContext,
final HttpServletRequest request, final AuthnRequest authnRequest,
final SamlRegisteredServiceServiceProviderMetadataFacade adaptor) throws Exception {
final MessageContext ctx = authenticationContext.getValue();
if (!SAMLBindingSupport.isMessageSigned(ctx)) {
LOGGER.debug("The authentication context is not signed");
if (adaptor.isAuthnRequestsSigned()) {
LOGGER.error("Metadata for [{}] says authentication requests are signed, yet authentication request is not", adaptor.getEntityId());
throw new SAMLException("AuthN request is not signed but should be");
}
LOGGER.debug("Authentication request is not signed, so there is no need to verify its signature.");
} else {
LOGGER.debug("The authentication context is signed; Proceeding to validate signatures...");
this.samlObjectSignatureValidator.verifySamlProfileRequestIfNeeded(authnRequest, adaptor, request, ctx);
}
}
示例13: handleCallbackProfileRequest
import org.opensaml.messaging.context.MessageContext; //导入依赖的package包/类
/**
* Handle callback profile request.
*
* @param response the response
* @param request the request
* @throws Exception the exception
*/
@GetMapping(path = SamlIdPConstants.ENDPOINT_SAML2_SSO_PROFILE_POST_CALLBACK)
protected void handleCallbackProfileRequest(final HttpServletResponse response, final HttpServletRequest request) throws Exception {
LOGGER.info("Received SAML callback profile request [{}]", request.getRequestURI());
final AuthnRequest authnRequest = retrieveSamlAuthenticationRequestFromHttpRequest(request);
if (authnRequest == null) {
LOGGER.error("Can not validate the request because the original Authn request can not be found.");
response.setStatus(HttpServletResponse.SC_FORBIDDEN);
return;
}
final String ticket = CommonUtils.safeGetParameter(request, CasProtocolConstants.PARAMETER_TICKET);
if (StringUtils.isBlank(ticket)) {
LOGGER.error("Can not validate the request because no [{}] is provided via the request", CasProtocolConstants.PARAMETER_TICKET);
response.setStatus(HttpServletResponse.SC_FORBIDDEN);
return;
}
final Pair<AuthnRequest, MessageContext> authenticationContext = buildAuthenticationContextPair(request, authnRequest);
final Assertion assertion = validateRequestAndBuildCasAssertion(response, request, authenticationContext);
buildSamlResponse(response, request, authenticationContext, assertion, SAMLConstants.SAML2_POST_BINDING_URI);
}
示例14: validateRequestAndBuildCasAssertion
import org.opensaml.messaging.context.MessageContext; //导入依赖的package包/类
private Assertion validateRequestAndBuildCasAssertion(final HttpServletResponse response,
final HttpServletRequest request,
final Pair<AuthnRequest, MessageContext> pair) throws Exception {
final AuthnRequest authnRequest = pair.getKey();
final String ticket = CommonUtils.safeGetParameter(request, CasProtocolConstants.PARAMETER_TICKET);
final Cas30ServiceTicketValidator validator = new Cas30ServiceTicketValidator(this.serverPrefix);
final HttpsURLConnectionFactory factory = new HttpsURLConnectionFactory();
factory.setHostnameVerifier(this.hostnameVerifier);
validator.setURLConnectionFactory(factory);
validator.setRenew(authnRequest.isForceAuthn());
final String serviceUrl = constructServiceUrl(request, response, pair);
LOGGER.debug("Created service url for validation: [{}]", serviceUrl);
final Assertion assertion = validator.validate(ticket, serviceUrl);
logCasValidationAssertion(assertion);
return assertion;
}
示例15: handleSloProfileRequest
import org.opensaml.messaging.context.MessageContext; //导入依赖的package包/类
/**
* Handle profile request.
*
* @param response the response
* @param request the request
* @param decoder the decoder
* @throws Exception the exception
*/
protected void handleSloProfileRequest(final HttpServletResponse response,
final HttpServletRequest request,
final BaseHttpServletRequestXMLMessageDecoder decoder) throws Exception {
if (singleLogoutCallbacksDisabled) {
LOGGER.info("Processing SAML IdP SLO requests is disabled");
return;
}
final Pair<? extends SignableSAMLObject, MessageContext> pair = decodeSamlContextFromHttpRequest(request, decoder, LogoutRequest.class);
final LogoutRequest logoutRequest = LogoutRequest.class.cast(pair.getKey());
final MessageContext ctx = pair.getValue();
if (this.forceSignedLogoutRequests && !SAMLBindingSupport.isMessageSigned(ctx)) {
throw new SAMLException("Logout request is not signed but should be.");
}
if (SAMLBindingSupport.isMessageSigned(ctx)) {
final MetadataResolver resolver = SamlIdPUtils.getMetadataResolverForAllSamlServices(this.servicesManager,
SamlIdPUtils.getIssuerFromSamlRequest(logoutRequest),
this.samlRegisteredServiceCachingMetadataResolver);
this.samlObjectSignatureValidator.verifySamlProfileRequestIfNeeded(logoutRequest, resolver, request, ctx);
}
SamlUtils.logSamlObject(this.configBean, logoutRequest);
response.sendRedirect(this.logoutUrl);
}