From 5c3841139097ce9de9c4fc7aa666df36b8d50214 Mon Sep 17 00:00:00 2001
From: Thomas Lenz <tlenz@iaik.tugraz.at>
Date: Fri, 9 May 2014 08:57:12 +0200
Subject: add SLO information into SAML2 metadata (actually not active code)

---
 .../moa/id/protocols/pvp2x/MetadataAction.java     | 51 +++++++++++++++++++---
 1 file changed, 44 insertions(+), 7 deletions(-)

(limited to 'id/server/idserverlib/src/main/java/at')

diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/MetadataAction.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/MetadataAction.java
index 5333a58ab..01f7e18ba 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/MetadataAction.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/MetadataAction.java
@@ -50,6 +50,7 @@ import org.opensaml.saml2.metadata.NameIDFormat;
 import org.opensaml.saml2.metadata.RoleDescriptor;
 import org.opensaml.saml2.metadata.SPSSODescriptor;
 import org.opensaml.saml2.metadata.ServiceName;
+import org.opensaml.saml2.metadata.SingleLogoutService;
 import org.opensaml.saml2.metadata.SingleSignOnService;
 import org.opensaml.xml.io.Marshaller;
 import org.opensaml.xml.security.SecurityException;
@@ -236,7 +237,8 @@ public class MetadataAction implements IAction {
 		unspecifiednameIDFormat.setFormat(NameIDType.UNSPECIFIED);
 		
 		spSSODescriptor.getNameIDFormats().add(unspecifiednameIDFormat);
-					
+
+		//add assertion consumer services
 		AssertionConsumerService postassertionConsumerService = 
 				SAML2Utils.createSAMLObject(AssertionConsumerService.class);		
 		postassertionConsumerService.setIndex(0);
@@ -245,8 +247,7 @@ public class MetadataAction implements IAction {
 				.getInstance().getIDPSSOPostService());	
 		postassertionConsumerService.setIsDefault(true);
 		spSSODescriptor.getAssertionConsumerServices().add(postassertionConsumerService);
-		
-		
+				
 		AssertionConsumerService redirectassertionConsumerService = 
 				SAML2Utils.createSAMLObject(AssertionConsumerService.class);		
 		redirectassertionConsumerService.setIndex(1);
@@ -255,6 +256,25 @@ public class MetadataAction implements IAction {
 				.getInstance().getIDPSSORedirectService());		
 		spSSODescriptor.getAssertionConsumerServices().add(redirectassertionConsumerService);
 		
+		
+		//add SLO descriptor
+//		SingleLogoutService postSLOService = 
+//				SAML2Utils.createSAMLObject(SingleLogoutService.class);			
+//		postSLOService.setLocation(PVPConfiguration
+//				.getInstance().getIDPSSOPostService());
+//		postSLOService
+//				.setBinding(SAMLConstants.SAML2_POST_BINDING_URI);
+//		spSSODescriptor.getSingleLogoutServices().add(postSLOService);
+//		
+//		SingleLogoutService redirectSLOService = 
+//				SAML2Utils.createSAMLObject(SingleLogoutService.class);			
+//		redirectSLOService.setLocation(PVPConfiguration
+//				.getInstance().getIDPSSOPostService());
+//		redirectSLOService
+//				.setBinding(SAMLConstants.SAML2_REDIRECT_BINDING_URI);
+//		spSSODescriptor.getSingleLogoutServices().add(redirectSLOService);
+		
+		
 		spSSODescriptor.addSupportedProtocol(SAMLConstants.SAML20P_NS);
 						
 		AttributeConsumingService attributeService = 
@@ -302,29 +322,46 @@ public class MetadataAction implements IAction {
 		idpSSODescriptor.setWantAuthnRequestsSigned(true);			
 		
 		if (PVPConfiguration.getInstance().getIDPSSOPostService() != null) {
+			//add SSO descriptor
 			SingleSignOnService postSingleSignOnService = SAML2Utils
 					.createSAMLObject(SingleSignOnService.class);
-
 			postSingleSignOnService.setLocation(PVPConfiguration
 					.getInstance().getIDPSSOPostService());
 			postSingleSignOnService
 					.setBinding(SAMLConstants.SAML2_POST_BINDING_URI);
-
 			idpSSODescriptor.getSingleSignOnServices().add(
 					postSingleSignOnService);
+			
+			//add SLO descriptor
+//			SingleLogoutService postSLOService = 
+//					SAML2Utils.createSAMLObject(SingleLogoutService.class);			
+//			postSLOService.setLocation(PVPConfiguration
+//					.getInstance().getIDPSSOPostService());
+//			postSLOService
+//					.setBinding(SAMLConstants.SAML2_POST_BINDING_URI);
+//			idpSSODescriptor.getSingleLogoutServices().add(postSLOService);
+			
 		}
 
 		if (PVPConfiguration.getInstance().getIDPSSORedirectService() != null) {
+			//add SSO descriptor
 			SingleSignOnService redirectSingleSignOnService = SAML2Utils
 					.createSAMLObject(SingleSignOnService.class);
-
 			redirectSingleSignOnService.setLocation(PVPConfiguration
 					.getInstance().getIDPSSORedirectService());
 			redirectSingleSignOnService
 					.setBinding(SAMLConstants.SAML2_REDIRECT_BINDING_URI);
-
 			idpSSODescriptor.getSingleSignOnServices().add(
 					redirectSingleSignOnService);
+			
+			//add SLO descriptor
+//			SingleLogoutService redirectSLOService = 
+//					SAML2Utils.createSAMLObject(SingleLogoutService.class);			
+//			redirectSLOService.setLocation(PVPConfiguration
+//					.getInstance().getIDPSSOPostService());
+//			redirectSLOService
+//					.setBinding(SAMLConstants.SAML2_REDIRECT_BINDING_URI);
+//			idpSSODescriptor.getSingleLogoutServices().add(redirectSLOService);
 		}
 
 		/*if (PVPConfiguration.getInstance().getIDPResolveSOAPService() != null) {
-- 
cgit v1.2.3