diff options
author | Thomas Lenz <tlenz@iaik.tugraz.at> | 2014-08-19 15:00:17 +0200 |
---|---|---|
committer | Thomas Lenz <tlenz@iaik.tugraz.at> | 2014-08-19 15:00:17 +0200 |
commit | 296ebbfb36ef207abe4611cb8d3727d2f86a692b (patch) | |
tree | 18eb50901baad0212ec76683871bb7edb30eef3c /id/server/idserverlib/src/main/java/at/gv/egovernment/moa | |
parent | 2f4f5750cf0d3fc83793a31017daee331410015a (diff) | |
download | moa-id-spss-296ebbfb36ef207abe4611cb8d3727d2f86a692b.tar.gz moa-id-spss-296ebbfb36ef207abe4611cb8d3727d2f86a692b.tar.bz2 moa-id-spss-296ebbfb36ef207abe4611cb8d3727d2f86a692b.zip |
update PVP 2.1 SAML2 bindings
Diffstat (limited to 'id/server/idserverlib/src/main/java/at/gv/egovernment/moa')
3 files changed, 51 insertions, 19 deletions
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/binding/PostBinding.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/binding/PostBinding.java index 7f73b1ed7..1a268c812 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/binding/PostBinding.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/binding/PostBinding.java @@ -147,20 +147,22 @@ public class PostBinding implements IDecoder, IEncoder { messageContext .setInboundMessageTransport(new HttpServletRequestAdapter(req)); try { - decode.setURIComparator(new MOAURICompare(PVPConfiguration.getInstance().getIDPSSOPostService())); - + //set metadata descriptor type + if (isSPEndPoint) { + messageContext.setPeerEntityRole(IDPSSODescriptor.DEFAULT_ELEMENT_NAME); + decode.setURIComparator(new MOAURICompare(PVPConfiguration.getInstance().getSPSSOPostService())); + + } else { + messageContext.setPeerEntityRole(SPSSODescriptor.DEFAULT_ELEMENT_NAME); + decode.setURIComparator(new MOAURICompare(PVPConfiguration.getInstance().getIDPSSOPostService())); + } + } catch (ConfigurationException e) { throw new SecurityException(e); } messageContext.setMetadataProvider(MOAMetadataProvider.getInstance()); - - //set metadata descriptor type - if (isSPEndPoint) - messageContext.setPeerEntityRole(IDPSSODescriptor.DEFAULT_ELEMENT_NAME); - else - messageContext.setPeerEntityRole(SPSSODescriptor.DEFAULT_ELEMENT_NAME); - + decode.decode(messageContext); InboundMessage msg = null; diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/binding/RedirectBinding.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/binding/RedirectBinding.java index 26f6f3a62..f11561c14 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/binding/RedirectBinding.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/binding/RedirectBinding.java @@ -135,18 +135,26 @@ public class RedirectBinding implements IDecoder, IEncoder { HTTPRedirectDeflateDecoder decode = new HTTPRedirectDeflateDecoder( new BasicParserPool()); + BasicSAMLMessageContext<SAMLObject, ?, ?> messageContext = new BasicSAMLMessageContext<SAMLObject, SAMLObject, SAMLObject>(); + messageContext + .setInboundMessageTransport(new HttpServletRequestAdapter(req)); + try { - decode.setURIComparator(new MOAURICompare(PVPConfiguration.getInstance().getIDPSSORedirectService())); + //set metadata descriptor type + if (isSPEndPoint) { + messageContext.setPeerEntityRole(IDPSSODescriptor.DEFAULT_ELEMENT_NAME); + decode.setURIComparator(new MOAURICompare(PVPConfiguration.getInstance().getSPSSOPostService())); + + } else { + messageContext.setPeerEntityRole(SPSSODescriptor.DEFAULT_ELEMENT_NAME); + decode.setURIComparator(new MOAURICompare(PVPConfiguration.getInstance().getIDPSSOPostService())); + } } catch (ConfigurationException e) { throw new SecurityException(e); } - - BasicSAMLMessageContext<SAMLObject, ?, ?> messageContext = new BasicSAMLMessageContext<SAMLObject, SAMLObject, SAMLObject>(); - messageContext - .setInboundMessageTransport(new HttpServletRequestAdapter(req)); - + messageContext.setMetadataProvider(MOAMetadataProvider.getInstance()); SAML2HTTPRedirectDeflateSignatureRule signatureRule = new SAML2HTTPRedirectDeflateSignatureRule( diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/binding/SoapBinding.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/binding/SoapBinding.java index f0eafe272..a2583c706 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/binding/SoapBinding.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/binding/SoapBinding.java @@ -33,6 +33,7 @@ import org.opensaml.common.xml.SAMLConstants; import org.opensaml.saml2.binding.encoding.HTTPSOAP11Encoder; import org.opensaml.saml2.core.RequestAbstractType; import org.opensaml.saml2.core.StatusResponseType; +import org.opensaml.saml2.metadata.SPSSODescriptor; import org.opensaml.ws.message.decoder.MessageDecodingException; import org.opensaml.ws.message.encoder.MessageEncodingException; import org.opensaml.ws.soap.client.BasicSOAPMessageContext; @@ -52,9 +53,11 @@ import at.gv.egovernment.moa.id.protocols.pvp2x.exceptions.BindingNotSupportedEx import at.gv.egovernment.moa.id.protocols.pvp2x.exceptions.PVP2Exception; import at.gv.egovernment.moa.id.protocols.pvp2x.messages.InboundMessageInterface; import at.gv.egovernment.moa.id.protocols.pvp2x.messages.MOARequest; +import at.gv.egovernment.moa.id.protocols.pvp2x.metadata.MOAMetadataProvider; import at.gv.egovernment.moa.id.protocols.pvp2x.signer.CredentialProvider; import at.gv.egovernment.moa.id.protocols.pvp2x.signer.CredentialsNotAvailableException; import at.gv.egovernment.moa.logging.Logger; +import at.gv.egovernment.moa.util.MiscUtil; public class SoapBinding implements IDecoder, IEncoder { @@ -66,8 +69,10 @@ public class SoapBinding implements IDecoder, IEncoder { new BasicSAMLMessageContext<SAMLObject, SAMLObject, SAMLObject>(); messageContext .setInboundMessageTransport(new HttpServletRequestAdapter( - req)); - + req)); + //messageContext.setPeerEntityRole(SPSSODescriptor.DEFAULT_ELEMENT_NAME); + messageContext.setMetadataProvider(MOAMetadataProvider.getInstance()); + soapDecoder.decode(messageContext); Envelope inboundMessage = (Envelope) messageContext @@ -78,8 +83,25 @@ public class SoapBinding implements IDecoder, IEncoder { if (!xmlElemList.isEmpty()) { SignableXMLObject attrReq = (SignableXMLObject) xmlElemList.get(0); - MOARequest request = new MOARequest(attrReq, getSAML2BindingName()); - request.setEntityID(messageContext.getPeerEntityMetadata().getEntityID()); + MOARequest request = new MOARequest(attrReq, getSAML2BindingName()); + + if (messageContext.getPeerEntityMetadata() != null) + request.setEntityID(messageContext.getPeerEntityMetadata().getEntityID()); + + else if (attrReq instanceof RequestAbstractType) { + RequestAbstractType attributeRequest = (RequestAbstractType) attrReq; + try { + if (MiscUtil.isNotEmpty(attributeRequest.getIssuer().getValue()) && + MOAMetadataProvider.getInstance().getRole( + attributeRequest.getIssuer().getValue(), + SPSSODescriptor.DEFAULT_ELEMENT_NAME) != null) + request.setEntityID(attributeRequest.getIssuer().getValue()); + + } catch (Exception e) { + Logger.warn("No Metadata found with EntityID " + attributeRequest.getIssuer().getValue()); + } + } + request.setVerified(false); return request; |