aboutsummaryrefslogtreecommitdiff
path: root/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/binding/PostBinding.java
diff options
context:
space:
mode:
Diffstat (limited to 'id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/binding/PostBinding.java')
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/binding/PostBinding.java38
1 files changed, 27 insertions, 11 deletions
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/binding/PostBinding.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/binding/PostBinding.java
index c7d779fa2..6e826005d 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/binding/PostBinding.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/binding/PostBinding.java
@@ -7,13 +7,16 @@ import org.apache.velocity.app.VelocityEngine;
import org.apache.velocity.runtime.RuntimeConstants;
import org.opensaml.common.SAMLObject;
import org.opensaml.common.binding.BasicSAMLMessageContext;
+import org.opensaml.common.xml.SAMLConstants;
import org.opensaml.saml2.binding.decoding.HTTPPostDecoder;
import org.opensaml.saml2.binding.encoding.HTTPPostEncoder;
import org.opensaml.saml2.core.RequestAbstractType;
import org.opensaml.saml2.core.Response;
import org.opensaml.saml2.core.StatusResponseType;
+import org.opensaml.saml2.metadata.SPSSODescriptor;
import org.opensaml.saml2.metadata.SingleSignOnService;
import org.opensaml.saml2.metadata.impl.SingleSignOnServiceBuilder;
+import org.opensaml.saml2.metadata.provider.MetadataProviderException;
import org.opensaml.ws.message.decoder.MessageDecodingException;
import org.opensaml.ws.message.encoder.MessageEncodingException;
import org.opensaml.ws.transport.http.HttpServletRequestAdapter;
@@ -21,11 +24,11 @@ import org.opensaml.ws.transport.http.HttpServletResponseAdapter;
import org.opensaml.xml.parse.BasicParserPool;
import org.opensaml.xml.security.SecurityException;
import org.opensaml.xml.security.credential.Credential;
-import org.opensaml.xml.signature.Signature;
-import at.gv.egovernment.moa.id.protocols.pvp2x.PVP2XProtocol;
+import at.gv.egovernment.moa.id.protocols.pvp2x.metadata.MOAMetadataProvider;
import at.gv.egovernment.moa.id.protocols.pvp2x.signer.CredentialProvider;
import at.gv.egovernment.moa.id.protocols.pvp2x.signer.CredentialsNotAvailableException;
+import at.gv.egovernment.moa.logging.Logger;
public class PostBinding implements IDecoder, IEncoder {
@@ -44,9 +47,6 @@ public class PostBinding implements IDecoder, IEncoder {
Credential credentials = CredentialProvider
.getIDPSigningCredential();
- Signature signer = CredentialProvider.getIDPSignature(credentials);
- response.setSignature(signer);
-
VelocityEngine engine = new VelocityEngine();
engine.setProperty(RuntimeConstants.ENCODING_DEFAULT, "UTF-8");
engine.setProperty(RuntimeConstants.OUTPUT_ENCODING, "UTF-8");
@@ -63,7 +63,7 @@ public class PostBinding implements IDecoder, IEncoder {
BasicSAMLMessageContext<SAMLObject, SAMLObject, SAMLObject> context = new BasicSAMLMessageContext<SAMLObject, SAMLObject, SAMLObject>();
SingleSignOnService service = new SingleSignOnServiceBuilder()
.buildObject();
- service.setBinding("urn:oasis:names:tc:SAML:2.0:bindings:HTTP-REDIRECT");
+ service.setBinding(SAMLConstants.SAML2_POST_BINDING_URI);
service.setLocation(targetLocation);
context.setOutboundSAMLMessageSigningCredential(credentials);
context.setPeerEntityEndpoint(service);
@@ -86,13 +86,24 @@ public class PostBinding implements IDecoder, IEncoder {
BasicSAMLMessageContext<RequestAbstractType, ?, ?> messageContext = new BasicSAMLMessageContext<RequestAbstractType, SAMLObject, SAMLObject>();
messageContext
.setInboundMessageTransport(new HttpServletRequestAdapter(req));
+ decode.setURIComparator(new MOAURICompare());
+ messageContext.setPeerEntityRole(SPSSODescriptor.DEFAULT_ELEMENT_NAME);
+
+ try {
+ messageContext.setMetadataProvider(new MOAMetadataProvider());
+ } catch (MetadataProviderException e) {
+ Logger.error("Failed to get Metadata Provider");
+ throw new SecurityException("Failed to get Metadata Provider");
+ }
+
decode.decode(messageContext);
RequestAbstractType inboundMessage = (RequestAbstractType) messageContext
.getInboundMessage();
-
+
MOARequest request = new MOARequest(inboundMessage);
-
+ request.setVerified(false);
+ request.setEntityMetadata(messageContext.getPeerEntityMetadata());
return request;
}
@@ -105,16 +116,21 @@ public class PostBinding implements IDecoder, IEncoder {
BasicSAMLMessageContext<Response, ?, ?> messageContext = new BasicSAMLMessageContext<Response, SAMLObject, SAMLObject>();
messageContext
.setInboundMessageTransport(new HttpServletRequestAdapter(req));
+
+ messageContext.setPeerEntityRole(SPSSODescriptor.DEFAULT_ELEMENT_NAME);
+
decode.decode(messageContext);
Response inboundMessage = (Response) messageContext.getInboundMessage();
-
+
MOAResponse moaResponse = new MOAResponse(inboundMessage);
+ moaResponse.setVerified(false);
+ moaResponse.setEntityMetadata(messageContext.getPeerEntityMetadata());
return moaResponse;
}
- public boolean handleDecode(String action) {
- return (action.equals(PVP2XProtocol.POST));
+ public boolean handleDecode(String action, HttpServletRequest req) {
+ return (req.getMethod().equals("POST"));
}
}
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-21 20:08:24 +0000