summaryrefslogtreecommitdiff
path: root/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/binding
diff options
context:
space:
mode:
authorThomas Lenz <thomas.lenz@egiz.gv.at>2020-04-08 16:23:51 +0200
committerThomas Lenz <thomas.lenz@egiz.gv.at>2020-04-08 16:23:51 +0200
commitf220f54579f5975586b4dcd7634668815c208eda (patch)
treee57d292efc3b520f35e613285f2355bebb1d5e47 /eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/binding
parentbfaeb328b295a9508e351068b5061de4efb47645 (diff)
downloadEAAF-Components-f220f54579f5975586b4dcd7634668815c208eda.tar.gz
EAAF-Components-f220f54579f5975586b4dcd7634668815c208eda.tar.bz2
EAAF-Components-f220f54579f5975586b4dcd7634668815c208eda.zip
refactor to OpenSAML 4.x
Diffstat (limited to 'eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/binding')
-rw-r--r--eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/binding/AbstractBinding.java47
-rw-r--r--eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/binding/PostBinding.java30
-rw-r--r--eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/binding/RedirectBinding.java32
-rw-r--r--eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/binding/SoapBinding.java34
4 files changed, 68 insertions, 75 deletions
diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/binding/AbstractBinding.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/binding/AbstractBinding.java
index 3543d85a..80697ee9 100644
--- a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/binding/AbstractBinding.java
+++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/binding/AbstractBinding.java
@@ -2,29 +2,12 @@ package at.gv.egiz.eaaf.modules.pvp2.impl.binding;
import javax.xml.namespace.QName;
-import at.gv.egiz.eaaf.core.api.idp.IConfiguration;
-import at.gv.egiz.eaaf.modules.pvp2.api.credential.EaafX509Credential;
-import at.gv.egiz.eaaf.modules.pvp2.api.message.InboundMessageInterface;
-import at.gv.egiz.eaaf.modules.pvp2.api.metadata.IPvp2MetadataProvider;
-import at.gv.egiz.eaaf.modules.pvp2.exception.Pvp2Exception;
-import at.gv.egiz.eaaf.modules.pvp2.exception.Pvp2InternalErrorException;
-import at.gv.egiz.eaaf.modules.pvp2.exception.SamlBindingException;
-import at.gv.egiz.eaaf.modules.pvp2.exception.SamlMessageValidationException;
-import at.gv.egiz.eaaf.modules.pvp2.exception.SamlSigningException;
-import at.gv.egiz.eaaf.modules.pvp2.impl.message.InboundMessage;
-import at.gv.egiz.eaaf.modules.pvp2.impl.message.PvpSProfileRequest;
-import at.gv.egiz.eaaf.modules.pvp2.impl.message.PvpSProfileResponse;
-import at.gv.egiz.eaaf.modules.pvp2.impl.utils.Saml2Utils;
-import at.gv.egiz.eaaf.modules.pvp2.impl.validation.TrustEngineFactory;
-import at.gv.egiz.eaaf.modules.pvp2.impl.verification.PvpSamlMessageHandlerChain;
-
import org.opensaml.core.config.ConfigurationService;
import org.opensaml.messaging.context.BaseContext;
import org.opensaml.messaging.context.MessageContext;
import org.opensaml.messaging.decoder.MessageDecodingException;
import org.opensaml.messaging.decoder.servlet.HttpServletRequestMessageDecoder;
import org.opensaml.messaging.handler.MessageHandlerException;
-import org.opensaml.saml.common.SAMLObject;
import org.opensaml.saml.common.SignableSAMLObject;
import org.opensaml.saml.common.binding.SAMLBindingSupport;
import org.opensaml.saml.common.binding.encoding.SAMLMessageEncoder;
@@ -48,6 +31,22 @@ import com.google.common.base.Optional;
import com.google.common.base.Predicates;
import com.google.common.base.Throwables;
import com.google.common.collect.FluentIterable;
+
+import at.gv.egiz.eaaf.core.api.idp.IConfiguration;
+import at.gv.egiz.eaaf.modules.pvp2.api.credential.EaafX509Credential;
+import at.gv.egiz.eaaf.modules.pvp2.api.message.InboundMessageInterface;
+import at.gv.egiz.eaaf.modules.pvp2.api.metadata.IPvp2MetadataProvider;
+import at.gv.egiz.eaaf.modules.pvp2.exception.Pvp2Exception;
+import at.gv.egiz.eaaf.modules.pvp2.exception.Pvp2InternalErrorException;
+import at.gv.egiz.eaaf.modules.pvp2.exception.SamlBindingException;
+import at.gv.egiz.eaaf.modules.pvp2.exception.SamlMessageValidationException;
+import at.gv.egiz.eaaf.modules.pvp2.exception.SamlSigningException;
+import at.gv.egiz.eaaf.modules.pvp2.impl.message.InboundMessage;
+import at.gv.egiz.eaaf.modules.pvp2.impl.message.PvpSProfileRequest;
+import at.gv.egiz.eaaf.modules.pvp2.impl.message.PvpSProfileResponse;
+import at.gv.egiz.eaaf.modules.pvp2.impl.utils.Saml2Utils;
+import at.gv.egiz.eaaf.modules.pvp2.impl.validation.TrustEngineFactory;
+import at.gv.egiz.eaaf.modules.pvp2.impl.verification.PvpSamlMessageHandlerChain;
import lombok.extern.slf4j.Slf4j;
import net.shibboleth.utilities.java.support.component.ComponentInitializationException;
@@ -65,8 +64,8 @@ public abstract class AbstractBinding {
public abstract String getSaml2BindingName();
- protected MessageContext<SAMLObject> internalMessageDecode(
- HttpServletRequestMessageDecoder<SAMLObject> decoder,
+ protected MessageContext internalMessageDecode(
+ HttpServletRequestMessageDecoder decoder,
String binding) throws Pvp2Exception {
try {
decoder.initialize();
@@ -97,9 +96,9 @@ public abstract class AbstractBinding {
}
- protected MessageContext<SAMLObject> buildBasicMessageContext(
+ protected MessageContext buildBasicMessageContext(
SAMLMessageEncoder encoder, SignableSAMLObject response) {
- final MessageContext<SAMLObject> messageContext = new MessageContext<>();
+ final MessageContext messageContext = new MessageContext();
messageContext.setMessage(response);
encoder.setMessageContext(messageContext);
return messageContext;
@@ -139,7 +138,7 @@ public abstract class AbstractBinding {
}
- protected void injectInboundMessageContexts(MessageContext<SAMLObject> messageContext,
+ protected void injectInboundMessageContexts(MessageContext messageContext,
IPvp2MetadataProvider metadataProvider, QName peerEntityRole) throws Pvp2InternalErrorException {
final SAMLPeerEntityContext peerEntityContext = new SAMLPeerEntityContext();
peerEntityContext.setRole(peerEntityRole);
@@ -164,7 +163,7 @@ public abstract class AbstractBinding {
}
protected void performMessageValidation(PvpSamlMessageHandlerChain messageValidatorChain,
- MessageContext<SAMLObject> messageContext) throws Pvp2Exception {
+ MessageContext messageContext) throws Pvp2Exception {
try {
messageValidatorChain.initialize();
messageValidatorChain.invoke(messageContext);
@@ -191,7 +190,7 @@ public abstract class AbstractBinding {
}
protected InboundMessageInterface performMessageDecodePostProcessing(
- MessageContext<SAMLObject> messageContext, boolean isVerified) {
+ MessageContext messageContext, boolean isVerified) {
InboundMessage msg = null;
if (messageContext.getMessage() instanceof RequestAbstractType) {
final RequestAbstractType inboundMessage =
diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/binding/PostBinding.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/binding/PostBinding.java
index c679de20..829f771a 100644
--- a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/binding/PostBinding.java
+++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/binding/PostBinding.java
@@ -23,6 +23,17 @@ import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.xml.namespace.QName;
+import org.opensaml.messaging.context.MessageContext;
+import org.opensaml.saml.common.binding.SAMLBindingSupport;
+import org.opensaml.saml.common.binding.impl.CheckMessageVersionHandler;
+import org.opensaml.saml.common.binding.security.impl.MessageLifetimeSecurityHandler;
+import org.opensaml.saml.common.binding.security.impl.ReceivedEndpointSecurityHandler;
+import org.opensaml.saml.common.messaging.SAMLMessageSecuritySupport;
+import org.opensaml.saml.common.xml.SAMLConstants;
+import org.opensaml.saml.saml2.core.RequestAbstractType;
+import org.opensaml.saml.saml2.core.StatusResponseType;
+import org.springframework.beans.factory.annotation.Autowired;
+
import at.gv.egiz.eaaf.core.api.IRequest;
import at.gv.egiz.eaaf.core.api.gui.IGuiBuilderConfigurationFactory;
import at.gv.egiz.eaaf.core.api.gui.IVelocityGuiBuilderConfiguration;
@@ -41,19 +52,6 @@ import at.gv.egiz.eaaf.modules.pvp2.impl.opensaml.EaafHttpPostDecoder;
import at.gv.egiz.eaaf.modules.pvp2.impl.opensaml.HttpPostEncoderWithOwnTemplate;
import at.gv.egiz.eaaf.modules.pvp2.impl.verification.EaafSamlProtocolMessageXmlSignatureSecurityHandler;
import at.gv.egiz.eaaf.modules.pvp2.impl.verification.PvpSamlMessageHandlerChain;
-
-import org.opensaml.messaging.context.MessageContext;
-import org.opensaml.saml.common.SAMLObject;
-import org.opensaml.saml.common.binding.SAMLBindingSupport;
-import org.opensaml.saml.common.binding.impl.CheckMessageVersionHandler;
-import org.opensaml.saml.common.binding.security.impl.MessageLifetimeSecurityHandler;
-import org.opensaml.saml.common.binding.security.impl.ReceivedEndpointSecurityHandler;
-import org.opensaml.saml.common.messaging.SAMLMessageSecuritySupport;
-import org.opensaml.saml.common.xml.SAMLConstants;
-import org.opensaml.saml.saml2.core.RequestAbstractType;
-import org.opensaml.saml.saml2.core.StatusResponseType;
-import org.springframework.beans.factory.annotation.Autowired;
-
import lombok.extern.slf4j.Slf4j;
import net.shibboleth.utilities.java.support.net.URIComparator;
@@ -85,7 +83,7 @@ public class PostBinding extends AbstractBinding implements IDecoder, IEncoder {
encoder.setHttpServletResponse(httpResp);
// inject message context
- final MessageContext<SAMLObject> messageContext = buildBasicMessageContext(encoder, request);
+ final MessageContext messageContext = buildBasicMessageContext(encoder, request);
// inject signing context
messageContext.addSubcontext(injectSigningInfos(credentials));
@@ -131,7 +129,7 @@ public class PostBinding extends AbstractBinding implements IDecoder, IEncoder {
encoder.setHttpServletResponse(httpResp);
// inject message context
- final MessageContext<SAMLObject> messageContext = buildBasicMessageContext(encoder, response);
+ final MessageContext messageContext = buildBasicMessageContext(encoder, response);
// inject signing context
messageContext.addSubcontext(injectSigningInfos(credentials));
@@ -165,7 +163,7 @@ public class PostBinding extends AbstractBinding implements IDecoder, IEncoder {
throws Pvp2Exception {
final EaafHttpPostDecoder decode = new EaafHttpPostDecoder(req);
- final MessageContext<SAMLObject> messageContext = internalMessageDecode(decode, PvpConstants.POST);
+ final MessageContext messageContext = internalMessageDecode(decode, PvpConstants.POST);
// check if PVP2 AuthnRequest is signed
if (!SAMLBindingSupport.isMessageSigned(messageContext)) {
diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/binding/RedirectBinding.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/binding/RedirectBinding.java
index f62f8a11..c66c773e 100644
--- a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/binding/RedirectBinding.java
+++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/binding/RedirectBinding.java
@@ -23,6 +23,18 @@ import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.xml.namespace.QName;
+import org.opensaml.messaging.context.MessageContext;
+import org.opensaml.saml.common.binding.SAMLBindingSupport;
+import org.opensaml.saml.common.binding.impl.CheckMessageVersionHandler;
+import org.opensaml.saml.common.binding.security.impl.MessageLifetimeSecurityHandler;
+import org.opensaml.saml.common.messaging.context.SAMLBindingContext;
+import org.opensaml.saml.common.xml.SAMLConstants;
+import org.opensaml.saml.saml2.binding.encoding.impl.HTTPRedirectDeflateEncoder;
+import org.opensaml.saml.saml2.core.RequestAbstractType;
+import org.opensaml.saml.saml2.core.StatusResponseType;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
import at.gv.egiz.eaaf.core.api.IRequest;
import at.gv.egiz.eaaf.modules.pvp2.PvpConstants;
import at.gv.egiz.eaaf.modules.pvp2.api.binding.IDecoder;
@@ -36,20 +48,6 @@ import at.gv.egiz.eaaf.modules.pvp2.exception.SamlBindingException;
import at.gv.egiz.eaaf.modules.pvp2.impl.opensaml.EaafHttpRedirectDeflateDecoder;
import at.gv.egiz.eaaf.modules.pvp2.impl.verification.EaafSaml2HttpRedirectDeflateSignatureSecurityHandler;
import at.gv.egiz.eaaf.modules.pvp2.impl.verification.PvpSamlMessageHandlerChain;
-
-import org.opensaml.messaging.context.MessageContext;
-import org.opensaml.saml.common.SAMLObject;
-import org.opensaml.saml.common.binding.SAMLBindingSupport;
-import org.opensaml.saml.common.binding.impl.CheckMessageVersionHandler;
-import org.opensaml.saml.common.binding.security.impl.MessageLifetimeSecurityHandler;
-import org.opensaml.saml.common.messaging.context.SAMLBindingContext;
-import org.opensaml.saml.common.xml.SAMLConstants;
-import org.opensaml.saml.saml2.binding.encoding.impl.HTTPRedirectDeflateEncoder;
-import org.opensaml.saml.saml2.core.RequestAbstractType;
-import org.opensaml.saml.saml2.core.StatusResponseType;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
import net.shibboleth.utilities.java.support.net.URIComparator;
public class RedirectBinding extends AbstractBinding implements IDecoder, IEncoder {
@@ -67,7 +65,7 @@ public class RedirectBinding extends AbstractBinding implements IDecoder, IEncod
final HTTPRedirectDeflateEncoder encoder = new HTTPRedirectDeflateEncoder();
encoder.setHttpServletResponse(resp);
- final MessageContext<SAMLObject> messageContext = buildBasicMessageContext(encoder, request);
+ final MessageContext messageContext = buildBasicMessageContext(encoder, request);
// set endpoint url
messageContext.addSubcontext(injectEndpointInfos(request, targetLocation));
@@ -104,7 +102,7 @@ public class RedirectBinding extends AbstractBinding implements IDecoder, IEncod
final HTTPRedirectDeflateEncoder encoder = new HTTPRedirectDeflateEncoder();
encoder.setHttpServletResponse(resp);
- final MessageContext<SAMLObject> messageContext = buildBasicMessageContext(encoder, response);
+ final MessageContext messageContext = buildBasicMessageContext(encoder, response);
// set endpoint url
messageContext.addSubcontext(injectEndpointInfos(response, targetLocation));
@@ -136,7 +134,7 @@ public class RedirectBinding extends AbstractBinding implements IDecoder, IEncod
throws Pvp2Exception {
final EaafHttpRedirectDeflateDecoder decode = new EaafHttpRedirectDeflateDecoder(req);
- final MessageContext<SAMLObject> messageContext = internalMessageDecode(decode, PvpConstants.REDIRECT);
+ final MessageContext messageContext = internalMessageDecode(decode, PvpConstants.REDIRECT);
final SAMLBindingContext bindingContext = messageContext.getSubcontext(SAMLBindingContext.class, true);
if (!bindingContext.hasBindingSignature()) {
diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/binding/SoapBinding.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/binding/SoapBinding.java
index 49e93f0a..cd651a1e 100644
--- a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/binding/SoapBinding.java
+++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/binding/SoapBinding.java
@@ -23,6 +23,20 @@ import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.xml.namespace.QName;
+import org.opensaml.messaging.context.MessageContext;
+import org.opensaml.saml.common.binding.SAMLBindingSupport;
+import org.opensaml.saml.common.binding.impl.CheckMessageVersionHandler;
+import org.opensaml.saml.common.binding.impl.SAMLProtocolAndRoleHandler;
+import org.opensaml.saml.common.binding.impl.SAMLSOAPDecoderBodyHandler;
+import org.opensaml.saml.common.binding.security.impl.MessageLifetimeSecurityHandler;
+import org.opensaml.saml.common.messaging.SAMLMessageSecuritySupport;
+import org.opensaml.saml.common.xml.SAMLConstants;
+import org.opensaml.saml.saml2.binding.decoding.impl.HTTPSOAP11Decoder;
+import org.opensaml.saml.saml2.binding.encoding.impl.HTTPSOAP11Encoder;
+import org.opensaml.saml.saml2.core.RequestAbstractType;
+import org.opensaml.saml.saml2.core.StatusResponseType;
+import org.opensaml.soap.messaging.context.SOAP11Context;
+
import at.gv.egiz.eaaf.core.api.IRequest;
import at.gv.egiz.eaaf.modules.pvp2.PvpConstants;
import at.gv.egiz.eaaf.modules.pvp2.api.binding.IDecoder;
@@ -38,22 +52,6 @@ import at.gv.egiz.eaaf.modules.pvp2.impl.utils.Saml2Utils;
import at.gv.egiz.eaaf.modules.pvp2.impl.verification.EaafMessageContextInitializationHandler;
import at.gv.egiz.eaaf.modules.pvp2.impl.verification.EaafSamlProtocolMessageXmlSignatureSecurityHandler;
import at.gv.egiz.eaaf.modules.pvp2.impl.verification.PvpSamlMessageHandlerChain;
-
-import org.opensaml.messaging.context.MessageContext;
-import org.opensaml.saml.common.SAMLObject;
-import org.opensaml.saml.common.binding.SAMLBindingSupport;
-import org.opensaml.saml.common.binding.impl.CheckMessageVersionHandler;
-import org.opensaml.saml.common.binding.impl.SAMLProtocolAndRoleHandler;
-import org.opensaml.saml.common.binding.impl.SAMLSOAPDecoderBodyHandler;
-import org.opensaml.saml.common.binding.security.impl.MessageLifetimeSecurityHandler;
-import org.opensaml.saml.common.messaging.SAMLMessageSecuritySupport;
-import org.opensaml.saml.common.xml.SAMLConstants;
-import org.opensaml.saml.saml2.binding.decoding.impl.HTTPSOAP11Decoder;
-import org.opensaml.saml.saml2.binding.encoding.impl.HTTPSOAP11Encoder;
-import org.opensaml.saml.saml2.core.RequestAbstractType;
-import org.opensaml.saml.saml2.core.StatusResponseType;
-import org.opensaml.soap.messaging.context.SOAP11Context;
-
import lombok.extern.slf4j.Slf4j;
import net.shibboleth.utilities.java.support.component.ComponentInitializationException;
import net.shibboleth.utilities.java.support.net.URIComparator;
@@ -72,7 +70,7 @@ public class SoapBinding extends AbstractBinding implements IDecoder, IEncoder {
injectMessageHandlerChain(soapDecoder, metadataProvider, peerEntityRole);
- final MessageContext<SAMLObject> messageContext =
+ final MessageContext messageContext =
internalMessageDecode(soapDecoder, PvpConstants.SOAP);
// check if PVP2 AuthnRequest is signed
@@ -141,7 +139,7 @@ public class SoapBinding extends AbstractBinding implements IDecoder, IEncoder {
encoder.setHttpServletResponse(resp);
// inject message context
- final MessageContext<SAMLObject> messageContext = buildBasicMessageContext(encoder, response);
+ final MessageContext messageContext = buildBasicMessageContext(encoder, response);
//inject SOAP enveloped
final SOAP11Context soap11Context = new SOAP11Context();