summaryrefslogtreecommitdiff
path: root/eaaf_modules/eaaf_module_pvp2_idp/src/main/java/at/gv
diff options
context:
space:
mode:
Diffstat (limited to 'eaaf_modules/eaaf_module_pvp2_idp/src/main/java/at/gv')
-rw-r--r--eaaf_modules/eaaf_module_pvp2_idp/src/main/java/at/gv/egiz/eaaf/modules/pvp2/idp/impl/AuthenticationAction.java30
-rw-r--r--eaaf_modules/eaaf_module_pvp2_idp/src/main/java/at/gv/egiz/eaaf/modules/pvp2/idp/impl/builder/AuthResponseBuilder.java14
2 files changed, 27 insertions, 17 deletions
diff --git a/eaaf_modules/eaaf_module_pvp2_idp/src/main/java/at/gv/egiz/eaaf/modules/pvp2/idp/impl/AuthenticationAction.java b/eaaf_modules/eaaf_module_pvp2_idp/src/main/java/at/gv/egiz/eaaf/modules/pvp2/idp/impl/AuthenticationAction.java
index 16cd27cd..f9d7767f 100644
--- a/eaaf_modules/eaaf_module_pvp2_idp/src/main/java/at/gv/egiz/eaaf/modules/pvp2/idp/impl/AuthenticationAction.java
+++ b/eaaf_modules/eaaf_module_pvp2_idp/src/main/java/at/gv/egiz/eaaf/modules/pvp2/idp/impl/AuthenticationAction.java
@@ -23,6 +23,19 @@ import javax.annotation.PostConstruct;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
+import org.joda.time.DateTime;
+import org.opensaml.saml.common.xml.SAMLConstants;
+import org.opensaml.saml.saml2.core.Assertion;
+import org.opensaml.saml.saml2.core.AuthnRequest;
+import org.opensaml.saml.saml2.core.Response;
+import org.opensaml.saml.saml2.metadata.AssertionConsumerService;
+import org.opensaml.saml.saml2.metadata.EntityDescriptor;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.context.ApplicationContext;
+import org.springframework.stereotype.Service;
+
import at.gv.egiz.eaaf.core.api.IRequest;
import at.gv.egiz.eaaf.core.api.idp.IAction;
import at.gv.egiz.eaaf.core.api.idp.IAuthData;
@@ -44,19 +57,6 @@ import at.gv.egiz.eaaf.modules.pvp2.impl.binding.RedirectBinding;
import at.gv.egiz.eaaf.modules.pvp2.impl.message.PvpSProfileRequest;
import at.gv.egiz.eaaf.modules.pvp2.impl.utils.Saml2Utils;
-import org.joda.time.DateTime;
-import org.opensaml.saml.common.xml.SAMLConstants;
-import org.opensaml.saml.saml2.core.Assertion;
-import org.opensaml.saml.saml2.core.AuthnRequest;
-import org.opensaml.saml.saml2.core.Response;
-import org.opensaml.saml.saml2.metadata.AssertionConsumerService;
-import org.opensaml.saml.saml2.metadata.EntityDescriptor;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.context.ApplicationContext;
-import org.springframework.stereotype.Service;
-
@Service("PVPAuthenticationRequestAction")
public class AuthenticationAction implements IAction {
private static final Logger log = LoggerFactory.getLogger(AuthenticationAction.class);
@@ -117,10 +117,10 @@ public class AuthenticationAction implements IAction {
IEncoder binding = null;
if (consumerService.getBinding().equals(SAMLConstants.SAML2_REDIRECT_BINDING_URI)) {
- binding = springContext.getBean("PVPRedirectBinding", RedirectBinding.class);
+ binding = springContext.getBean("PvpRedirectBinding", RedirectBinding.class);
} else if (consumerService.getBinding().equals(SAMLConstants.SAML2_POST_BINDING_URI)) {
- binding = springContext.getBean("PVPPOSTBinding", PostBinding.class);
+ binding = springContext.getBean("PvpPostBinding", PostBinding.class);
}
diff --git a/eaaf_modules/eaaf_module_pvp2_idp/src/main/java/at/gv/egiz/eaaf/modules/pvp2/idp/impl/builder/AuthResponseBuilder.java b/eaaf_modules/eaaf_module_pvp2_idp/src/main/java/at/gv/egiz/eaaf/modules/pvp2/idp/impl/builder/AuthResponseBuilder.java
index 565f28fb..482a2a09 100644
--- a/eaaf_modules/eaaf_module_pvp2_idp/src/main/java/at/gv/egiz/eaaf/modules/pvp2/idp/impl/builder/AuthResponseBuilder.java
+++ b/eaaf_modules/eaaf_module_pvp2_idp/src/main/java/at/gv/egiz/eaaf/modules/pvp2/idp/impl/builder/AuthResponseBuilder.java
@@ -31,6 +31,10 @@ import at.gv.egiz.eaaf.modules.pvp2.impl.utils.Saml2Utils;
import org.joda.time.DateTime;
import org.opensaml.core.criterion.EntityIdCriterion;
+import org.opensaml.core.xml.config.XMLObjectProviderRegistrySupport;
+import org.opensaml.core.xml.io.MarshallingException;
+import org.opensaml.core.xml.io.UnmarshallingException;
+import org.opensaml.core.xml.util.XMLObjectSupport;
import org.opensaml.saml.common.xml.SAMLConstants;
import org.opensaml.saml.criterion.EntityRoleCriterion;
import org.opensaml.saml.criterion.ProtocolCriterion;
@@ -61,6 +65,7 @@ import org.opensaml.xmlsec.keyinfo.impl.provider.InlineX509DataProvider;
import org.opensaml.xmlsec.keyinfo.impl.provider.RSAKeyValueProvider;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
+import org.w3c.dom.Element;
import net.shibboleth.utilities.java.support.component.ComponentInitializationException;
import net.shibboleth.utilities.java.support.resolver.CriteriaSet;
@@ -158,9 +163,14 @@ public class AuthResponseBuilder {
final Encrypter samlEncrypter = new Encrypter(dataEncParams, keyEncParamList);
samlEncrypter.setKeyPlacement(KeyPlacement.PEER);
- return samlEncrypter.encrypt(assertion);
+ final Element assertionElement = XMLObjectProviderRegistrySupport.getMarshallerFactory()
+ .getMarshaller(assertion).marshall(assertion);
+ assertionElement.setAttributeNS("http://www.w3.org/2000/xmlns/", "xmlns:xs", "http://www.w3.org/2001/XMLSchema");
- } catch (final EncryptionException | SamlSigningException e1) {
+ return samlEncrypter.encrypt((Assertion)
+ XMLObjectSupport.getUnmarshaller(assertionElement).unmarshall(assertionElement));
+
+ } catch (final EncryptionException | SamlSigningException | MarshallingException | UnmarshallingException e1) {
log.warn("Can not encrypt the PVP2 assertion", e1);
throw new InvalidAssertionEncryptionException();
generated by cgit v1.2.3 (git 2.25.1) at 2024-08-02 13:21:07 +0000