package at.gv.egovernment.moa.id.protocols.pvp2x.binding; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import org.apache.velocity.app.VelocityEngine; import org.apache.velocity.runtime.RuntimeConstants; import org.opensaml.common.SAMLObject; import org.opensaml.common.binding.BasicSAMLMessageContext; import org.opensaml.common.xml.SAMLConstants; import org.opensaml.saml2.binding.encoding.HTTPArtifactEncoder; import org.opensaml.saml2.core.RequestAbstractType; import org.opensaml.saml2.core.StatusResponseType; import org.opensaml.saml2.metadata.SingleSignOnService; import org.opensaml.saml2.metadata.impl.SingleSignOnServiceBuilder; import org.opensaml.ws.message.decoder.MessageDecodingException; import org.opensaml.ws.message.encoder.MessageEncodingException; import org.opensaml.ws.transport.http.HttpServletResponseAdapter; import org.opensaml.xml.security.SecurityException; import org.opensaml.xml.security.credential.Credential; import org.opensaml.xml.signature.Signature; import at.gv.egovernment.moa.id.protocols.pvp2x.PVPAssertionStorage; import at.gv.egovernment.moa.id.protocols.pvp2x.signer.CredentialProvider; import at.gv.egovernment.moa.id.protocols.pvp2x.signer.CredentialsNotAvailableException; public class ArtifactBinding implements IDecoder, IEncoder { public void encodeRequest(HttpServletRequest req, HttpServletResponse resp, RequestAbstractType request, String targetLocation) throws MessageEncodingException, SecurityException { } public void encodeRespone(HttpServletRequest req, HttpServletResponse resp, StatusResponseType response, String targetLocation) throws MessageEncodingException, SecurityException { try { Credential credentials = CredentialProvider .getIDPAssertionSigningCredential(); Signature signer = CredentialProvider.getIDPSignature(credentials); response.setSignature(signer); VelocityEngine engine = new VelocityEngine(); engine.setProperty(RuntimeConstants.ENCODING_DEFAULT, "UTF-8"); engine.setProperty(RuntimeConstants.OUTPUT_ENCODING, "UTF-8"); engine.setProperty(RuntimeConstants.ENCODING_DEFAULT, "UTF-8"); engine.setProperty(RuntimeConstants.RESOURCE_LOADER, "classpath"); engine.setProperty("classpath.resource.loader.class", "org.apache.velocity.runtime.resource.loader.ClasspathResourceLoader"); engine.init(); HTTPArtifactEncoder encoder = new HTTPArtifactEncoder(engine, "resources/templates/pvp_postbinding_template.html", PVPAssertionStorage.getInstance()); encoder.setPostEncoding(false); HttpServletResponseAdapter responseAdapter = new HttpServletResponseAdapter( resp, true); BasicSAMLMessageContext context = new BasicSAMLMessageContext(); SingleSignOnService service = new SingleSignOnServiceBuilder() .buildObject(); service.setBinding(SAMLConstants.SAML2_ARTIFACT_BINDING_URI); service.setLocation(targetLocation); context.setOutboundSAMLMessageSigningCredential(credentials); context.setPeerEntityEndpoint(service); context.setOutboundSAMLMessage(response); context.setOutboundMessageTransport(responseAdapter); encoder.encode(context); } catch (CredentialsNotAvailableException e) { e.printStackTrace(); throw new SecurityException(e); } catch (Exception e) { throw new SecurityException(e); } } public MOARequest decodeRequest(HttpServletRequest req, HttpServletResponse resp) throws MessageDecodingException, SecurityException { return null; } public MOAResponse decodeRespone(HttpServletRequest req, HttpServletResponse resp) throws MessageDecodingException, SecurityException { return null; } public boolean handleDecode(String action, HttpServletRequest req) { return false; } }