本文整理汇总了Java中org.opensaml.saml2.core.AuthnRequest类的典型用法代码示例。如果您正苦于以下问题:Java AuthnRequest类的具体用法?Java AuthnRequest怎么用?Java AuthnRequest使用的例子?那么, 这里精选的类代码示例或许可以为您提供帮助。
AuthnRequest类属于org.opensaml.saml2.core包,在下文中一共展示了AuthnRequest类的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Java代码示例。
示例1: createAuthnRequest
import org.opensaml.saml2.core.AuthnRequest; //导入依赖的package包/类
private String createAuthnRequest(String surl,
boolean fdeflate, String referer)
throws MarshallingException, IOException, SignatureException {
AuthnRequest ar = createAuthnRequest(surl + "/saml2/consumer",
false, false, SAMLConstants.SAML2_POST_BINDING_URI, null, null);
// Create signature and add to auth Request
Signature sig = getSignature();
ar.setSignature(sig);
AuthnRequestMarshaller marshaller = new AuthnRequestMarshaller();
Element arn = marshaller.marshall(ar);
Signer.signObject(sig);
byte[] res = XMLHelper.nodeToString(arn).getBytes();
// System.out.println(new String(res));
// Remember authentication request been sent
String rid = ar.getID();
SamlAbstractRequest sar = new SamlAbstractRequest(rid, referer);
_rmap.put(rid, sar);
return fdeflate ? deflate(res) : encode(res);
}
示例2: buildResponse
import org.opensaml.saml2.core.AuthnRequest; //导入依赖的package包/类
protected WebRequestSettings buildResponse(String status, int assuranceLevel) throws Exception {
Document document = TestHelper.parseBase64Encoded(Utils.getParameter("SAMLRequest", handler.url.toString()));
AuthnRequest ar = (AuthnRequest) Configuration.getUnmarshallerFactory().getUnmarshaller(document.getDocumentElement()).unmarshall(document.getDocumentElement());
Assertion assertion = TestHelper.buildAssertion(spMetadata.getDefaultAssertionConsumerService().getLocation(), spMetadata.getEntityID());
assertion.getAttributeStatements().get(0).getAttributes().clear();
assertion.getAttributeStatements().get(0).getAttributes().add(AttributeUtil.createAssuranceLevel(assuranceLevel));
Response r = TestHelper.buildResponse(assertion);
r.setStatus(SAMLUtil.createStatus(status));
r.setInResponseTo(ar.getID());
OIOResponse response = new OIOResponse(r);
response.sign(credential);
WebRequestSettings req = new WebRequestSettings(new URL(BASE + "/saml/SAMLAssertionConsumer"), SubmitMethod.POST);
req.setRequestParameters(Arrays.asList(
new NameValuePair("SAMLResponse", response.toBase64()),
new NameValuePair("RelayState", Utils.getParameter("RelayState", handler.url.toString()))));
return req;
}
示例3: initStorageWithRequest
import org.opensaml.saml2.core.AuthnRequest; //导入依赖的package包/类
/**
* Initialize the Storage by adding the original requests in the storage.
*
* @throws Exception
*/
@Before
public void initStorageWithRequest() throws Exception {
final AuthnRequest openSamlAuthnRequest = (AuthnRequest) SamlTestResourcesHelper
.buildOpenSamlXmlObjectFromResource(this.authnRequest);
this.authnRequestId = openSamlAuthnRequest.getID();
final Map<String, String[]> parametersMap = new HashMap<String, String[]>();
final IRequestWaitingForResponse authnRequestData = new QueryAuthnRequest(this.authnRequestId, this.idpConnector, parametersMap);
Mockito.when(this.samlStorage.findRequestWaitingForResponse(this.authnRequestId)).thenReturn(authnRequestData);
final LogoutRequest openSamlLogoutRequest = (LogoutRequest) SamlTestResourcesHelper
.buildOpenSamlXmlObjectFromResource(this.sloRequest);
this.sloRequestId = openSamlLogoutRequest.getID();
final IRequestWaitingForResponse sloRequestData = new QuerySloRequest(this.sloRequestId, this.idpConnector);
Mockito.when(this.samlStorage.findRequestWaitingForResponse(this.sloRequestId)).thenReturn(sloRequestData);
}
示例4: selectEndpointByACSIndex
import org.opensaml.saml2.core.AuthnRequest; //导入依赖的package包/类
/**
* Selects the endpoint by way of the assertion consumer service index given in the AuthnRequest.
*
* @param request the AuthnRequest
* @param endpoints list of endpoints to select from
*
* @return the selected endpoint
*/
protected Endpoint selectEndpointByACSIndex(AuthnRequest request, List<IndexedEndpoint> endpoints) {
Integer acsIndex = request.getAssertionConsumerServiceIndex();
for (IndexedEndpoint endpoint : endpoints) {
if (endpoint == null || !getSupportedIssuerBindings().contains(endpoint.getBinding())) {
log.debug(
"Endpoint '{}' with binding '{}' discarded because it requires an unsupported outbound binding.",
endpoint.getLocation(), endpoint.getBinding());
continue;
}
if (DatatypeHelper.safeEquals(acsIndex, endpoint.getIndex())) {
return endpoint;
} else {
log.debug("Endpoint '{}' with index '{}' discard because it does have the required index '{}'",
new Object[] {endpoint.getLocation(), endpoint.getIndex(), acsIndex});
}
}
log.warn("Relying party '{}' requested the response to be returned to endpoint with ACS index '{}' "
+ "however no endpoint, with that index and using a supported binding, can be found "
+ " in the relying party's metadata ", getEntityMetadata().getEntityID(), acsIndex);
return null;
}
示例5: processAttribute
import org.opensaml.saml2.core.AuthnRequest; //导入依赖的package包/类
/** {@inheritDoc} */
protected void processAttribute(XMLObject samlObject, Attr attribute) throws UnmarshallingException {
AuthnRequest req = (AuthnRequest) samlObject;
if (attribute.getLocalName().equals(AuthnRequest.FORCE_AUTHN_ATTRIB_NAME)) {
req.setForceAuthn(XSBooleanValue.valueOf(attribute.getValue()));
} else if (attribute.getLocalName().equals(AuthnRequest.IS_PASSIVE_ATTRIB_NAME)) {
req.setIsPassive(XSBooleanValue.valueOf(attribute.getValue()));
} else if (attribute.getLocalName().equals(AuthnRequest.PROTOCOL_BINDING_ATTRIB_NAME)) {
req.setProtocolBinding(attribute.getValue());
} else if (attribute.getLocalName().equals(AuthnRequest.ASSERTION_CONSUMER_SERVICE_INDEX_ATTRIB_NAME)) {
req.setAssertionConsumerServiceIndex(Integer.valueOf(attribute.getValue()));
} else if (attribute.getLocalName().equals(AuthnRequest.ASSERTION_CONSUMER_SERVICE_URL_ATTRIB_NAME)) {
req.setAssertionConsumerServiceURL(attribute.getValue());
} else if (attribute.getLocalName().equals(AuthnRequest.ATTRIBUTE_CONSUMING_SERVICE_INDEX_ATTRIB_NAME)) {
req.setAttributeConsumingServiceIndex(Integer.valueOf(attribute.getValue()));
} else if (attribute.getLocalName().equals(AuthnRequest.PROVIDER_NAME_ATTRIB_NAME)) {
req.setProviderName(attribute.getValue());
} else {
super.processAttribute(samlObject, attribute);
}
}
示例6: processChildElement
import org.opensaml.saml2.core.AuthnRequest; //导入依赖的package包/类
/** {@inheritDoc} */
protected void processChildElement(XMLObject parentSAMLObject, XMLObject childSAMLObject)
throws UnmarshallingException {
AuthnRequest req = (AuthnRequest) parentSAMLObject;
if (childSAMLObject instanceof Subject) {
req.setSubject((Subject) childSAMLObject);
} else if (childSAMLObject instanceof NameIDPolicy) {
req.setNameIDPolicy((NameIDPolicy) childSAMLObject);
} else if (childSAMLObject instanceof Conditions) {
req.setConditions((Conditions) childSAMLObject);
} else if (childSAMLObject instanceof RequestedAuthnContext) {
req.setRequestedAuthnContext((RequestedAuthnContext) childSAMLObject);
} else if (childSAMLObject instanceof Scoping) {
req.setScoping((Scoping) childSAMLObject);
} else {
super.processChildElement(parentSAMLObject, childSAMLObject);
}
}
示例7: buildAuthenticationRequest
import org.opensaml.saml2.core.AuthnRequest; //导入依赖的package包/类
public AuthnRequest buildAuthenticationRequest(String assertionConsumerServiceUrl, Integer assertionConsumerServiceIndex, String issuerId, String id, String destination) {
DateTime issueInstant = new DateTime();
AuthnRequestBuilder authRequestBuilder = new AuthnRequestBuilder();
AuthnRequest authRequest = authRequestBuilder.buildObject(SAML2_PROTOCOL, "AuthnRequest", "samlp");
authRequest.setIsPassive(Boolean.FALSE);
authRequest.setIssueInstant(issueInstant);
authRequest.setProtocolBinding(SAML2_POST_BINDING);
authRequest.setAssertionConsumerServiceURL(assertionConsumerServiceUrl);
authRequest.setAssertionConsumerServiceIndex(assertionConsumerServiceIndex);
authRequest.setIssuer(buildIssuer(issuerId));
authRequest.setNameIDPolicy(buildNameIDPolicy());
authRequest.setRequestedAuthnContext(buildRequestedAuthnContext());
authRequest.setID(id);
authRequest.setVersion(SAMLVersion.VERSION_20);
authRequest.setAttributeConsumingServiceIndex(1);
authRequest.setDestination(destination);
// firma la request
authRequest.setSignature(spidIntegrationUtil.getSignature());
return authRequest;
}
示例8: buildAuthnRequest
import org.opensaml.saml2.core.AuthnRequest; //导入依赖的package包/类
public static OIOAuthnRequest buildAuthnRequest(String ssoServiceLocation, String spEntityId, String protocolBinding, SessionHandler handler, String relayState, String assertionConsumerUrl) {
AuthnRequest authnRequest = SAMLUtil.buildXMLObject(AuthnRequest.class);
authnRequest.setIssuer(SAMLUtil.createIssuer(spEntityId));
authnRequest.setID(Utils.generateUUID());
authnRequest.setForceAuthn(Boolean.FALSE);
authnRequest.setIssueInstant(new DateTime(DateTimeZone.UTC));
authnRequest.setProtocolBinding(protocolBinding);
authnRequest.setDestination(ssoServiceLocation);
authnRequest.setAssertionConsumerServiceURL(assertionConsumerUrl);
try {
if (log.isDebugEnabled())
log.debug("Validate the authnRequest...");
authnRequest.validate(true);
if (log.isDebugEnabled())
log.debug("...OK");
} catch (ValidationException e) {
throw new WrappedException(Layer.CLIENT, e);
}
return new OIOAuthnRequest(authnRequest, relayState);
}
示例9: testHandle
import org.opensaml.saml2.core.AuthnRequest; //导入依赖的package包/类
@Test
public void testHandle() throws Exception {
RedirectBindingHandler rh = new RedirectBindingHandler();
final StringWriter sw = new StringWriter();
context.checking(new Expectations() {{
allowing(req).getCookies(); will(returnValue(null));
allowing(res).addHeader(with(any(String.class)), with(any(String.class)));
allowing(res).addDateHeader(with(any(String.class)), with(any(Long.class)));
one(res).setContentType("text/html");
one(res).getWriter(); will(returnValue(new PrintWriter(sw)));
}});
OIOAuthnRequest request = OIOAuthnRequest.buildAuthnRequest("http://ssoServiceLocation", "spEntityId", SAMLConstants.SAML2_ARTIFACT_BINDING_URI, handler, "state", "http://localhost");
rh.handle(req, res, credential, request);
String url = sw.toString().substring(sw.toString().indexOf("url=") + 4, sw.toString().indexOf(">", sw.toString().indexOf("url=")) - 1);
String r = Utils.getParameter("SAMLRequest", url);
TestHelper.validateUrlSignature(credential, url, r, "SAMLRequest");
Document document = TestHelper.parseBase64Encoded(r);
AuthnRequest ar = (AuthnRequest) Configuration.getUnmarshallerFactory().getUnmarshaller(document.getDocumentElement()).unmarshall(document.getDocumentElement());
assertEquals("http://ssoServiceLocation", ar.getDestination());
assertEquals("spEntityId", ar.getIssuer().getValue());
assertNotNull(ar.getID());
}
示例10: testHandle
import org.opensaml.saml2.core.AuthnRequest; //导入依赖的package包/类
@Test
public void testHandle() throws Exception {
final RequestDispatcher dispatcher = context.mock(RequestDispatcher.class);
context.checking(new Expectations() {{
one(req).getRequestDispatcher(dispatchPath); will(returnValue(dispatcher));
one(dispatcher).forward(req, res);
one(req).setAttribute(with(equal("SAMLRequest")), with(samlRequestBase64Encoded));
one(req).setAttribute(with(equal("RelayState")), with(any(String.class)));
one(req).setAttribute("action", serviceLocation);
}});
ph.handle(req, res, credential, request);
Document samlRequest = parseBase64Encoded(samlRequestBase64Encoded.getValue(), false);
AuthnRequest authnRequest = (AuthnRequest)Configuration.getUnmarshallerFactory().getUnmarshaller(samlRequest.getDocumentElement()).unmarshall(samlRequest.getDocumentElement());
assertEquals(entityId, authnRequest.getIssuer().getValue());
assertNotNull(authnRequest.getSignature());
assertTrue(authnRequest.getIssueInstant().isBeforeNow());
assertEquals(ph.getBindingURI(), authnRequest.getProtocolBinding());
assertEquals(serviceLocation, authnRequest.getDestination());
}
示例11: getRedirectUrl
import org.opensaml.saml2.core.AuthnRequest; //导入依赖的package包/类
@Test
public void getRedirectUrl() throws NoSuchAlgorithmException, NoSuchProviderException, URISyntaxException, DataFormatException, IOException, ParserConfigurationException, SAXException, UnmarshallingException, InvalidKeyException, SignatureException {
OIOAuthnRequest request = OIOAuthnRequest.buildAuthnRequest("http://ssoServiceLocation", "spEntityId", SAMLConstants.SAML2_ARTIFACT_BINDING_URI, handler, "state", "http://localhost");
String url = request.getRedirectURL(credential);
URI u = new URI(url);
assertEquals("ssoServiceLocation", u.getHost());
assertNotNull(Utils.getParameter("RelayState", url));
String req = Utils.getParameter("SAMLRequest", url);
assertNotNull(req);
// check the request document
Document document = TestHelper.parseBase64Encoded(req, true);
AuthnRequest authRequest = (AuthnRequest) Configuration.getUnmarshallerFactory().getUnmarshaller(document.getDocumentElement()).unmarshall(document.getDocumentElement());
assertEquals(SAMLConstants.SAML2_ARTIFACT_BINDING_URI, authRequest.getProtocolBinding());
assertEquals("spEntityId", authRequest.getIssuer().getValue());
assertEquals("http://ssoServiceLocation", authRequest.getDestination());
validateUrlSignature(credential, url, req, "SAMLRequest");
}
示例12: testSetNameIDPolicy
import org.opensaml.saml2.core.AuthnRequest; //导入依赖的package包/类
@Test
public void testSetNameIDPolicy() throws Exception {
AuthnRequest ar = SAMLUtil.buildXMLObject(AuthnRequest.class);
ar.setIssuer(SAMLUtil.createIssuer("issuer"));
OIOAuthnRequest r = new OIOAuthnRequest(ar, "state");
r.setNameIDPolicy(null, true);
assertNull(ar.getNameIDPolicy());
try {
r.setNameIDPolicy("stupid", false);
fail("invalid format");
} catch (IllegalArgumentException e) {}
r.setNameIDPolicy("persistent", true);
assertNotNull(ar.getNameIDPolicy());
assertEquals(NameIDFormat.PERSISTENT.getFormat(), ar.getNameIDPolicy().getFormat());
assertTrue(ar.getNameIDPolicy().getAllowCreate());
assertEquals("issuer", ar.getNameIDPolicy().getSPNameQualifier());
}
示例13: sendSAMLAuthRequest
import org.opensaml.saml2.core.AuthnRequest; //导入依赖的package包/类
public void sendSAMLAuthRequest(HttpServletRequest request, HttpServletResponse
servletResponse, String spId, String acsUrl, String idpSSOUrl) throws Exception {
String redirectURL;
String idpUrl = idpSSOUrl;
AuthnRequest authnRequest = samlAuthnRequestBuilder.buildRequest(spId, acsUrl,
idpUrl);
// store SAML 2.0 authentication request
String key = SAMLRequestStore.getInstance().storeRequest();
authnRequest.setID(key);
log.debug("SAML Authentication message : {} ",
SAMLUtils.SAMLObjectToString(authnRequest));
redirectURL = messageEncoder.encode(authnRequest, idpUrl, request.getRequestURI());
HttpServletResponseAdapter responseAdapter =
new HttpServletResponseAdapter(servletResponse, request.isSecure());
HTTPTransportUtils.addNoCacheHeaders(responseAdapter);
HTTPTransportUtils.setUTF8Encoding(responseAdapter);
responseAdapter.sendRedirect(redirectURL);
}
示例14: buildRequest
import org.opensaml.saml2.core.AuthnRequest; //导入依赖的package包/类
public AuthnRequest buildRequest(String spProviderId, String acsUrl, String idpUrl){
/* Building Issuer object */
IssuerBuilder issuerBuilder = new IssuerBuilder();
Issuer issuer =
issuerBuilder.buildObject("urn:oasis:names:tc:SAML:2.0:assertion",
"Issuer", "saml2p");
issuer.setValue(spProviderId);
/* Creation of AuthRequestObject */
DateTime issueInstant = new DateTime();
AuthnRequestBuilder authRequestBuilder = new AuthnRequestBuilder();
AuthnRequest authRequest =
authRequestBuilder.buildObject(SAMLConstants.SAML20P_NS,
"AuthnRequest", "saml2p");
authRequest.setForceAuthn(false);
authRequest.setIssueInstant(issueInstant);
authRequest.setProtocolBinding(SAMLConstants.SAML2_POST_BINDING_URI);
authRequest.setAssertionConsumerServiceURL(acsUrl);
authRequest.setIssuer(issuer);
authRequest.setVersion(SAMLVersion.VERSION_20);
authRequest.setDestination(idpUrl);
return authRequest;
}
示例15: validateSPInitSSORequest
import org.opensaml.saml2.core.AuthnRequest; //导入依赖的package包/类
/**
* Validates the SAMLRquest, the request can be the type AuthnRequest or
* LogoutRequest. The SigAlg and Signature parameter will be used only with
* the HTTP Redirect binding. With HTTP POST binding these values are null.
* If the user already having a SSO session then the Response
* will be returned if not only the validation results will be returned.
*
* @param samlReq
* @param queryString
* @param sessionId
* @param rpSessionId
* @param authnMode
* @return
* @throws IdentityException
*/
public SAMLSSOReqValidationResponseDTO validateSPInitSSORequest(String samlReq, String queryString,
String sessionId, String rpSessionId,
String authnMode, boolean isPost)
throws IdentityException {
XMLObject request;
if (isPost) {
request = SAMLSSOUtil.unmarshall(SAMLSSOUtil.decodeForPost(samlReq));
} else {
request = SAMLSSOUtil.unmarshall(SAMLSSOUtil.decode(samlReq));
}
if (request instanceof AuthnRequest) {
SSOAuthnRequestValidator authnRequestValidator =
SAMLSSOUtil.getSPInitSSOAuthnRequestValidator((AuthnRequest) request);
SAMLSSOReqValidationResponseDTO validationResp = authnRequestValidator.validate();
validationResp.setRequestMessageString(samlReq);
validationResp.setQueryString(queryString);
validationResp.setRpSessionId(rpSessionId);
validationResp.setIdPInitSSO(false);
return validationResp;
} else if (request instanceof LogoutRequest) {
SPInitLogoutRequestProcessor logoutReqProcessor = SAMLSSOUtil.getSPInitLogoutRequestProcessor();
SAMLSSOReqValidationResponseDTO validationResponseDTO =
logoutReqProcessor.process((LogoutRequest) request,
sessionId,
queryString);
return validationResponseDTO;
}
return null;
}