Java Code Examples for org.opensaml.common.binding.SAMLMessageContext#getInboundMessageTransport()
The following examples show how to use
org.opensaml.common.binding.SAMLMessageContext#getInboundMessageTransport() .
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
| Source File: SAML2AuthnRequestsSignedRule.java From lams with GNU General Public License v2.0 | 6 votes |
|
/**
* Determine whether the inbound message is signed.
*
* @param messageContext the message context being evaluated
* @return true if the inbound message is signed, otherwise false
*/
protected boolean isMessageSigned(SAMLMessageContext messageContext) {
// TODO this really should be determined by the decoders and supplied to the rule
// in some fashion, to handle binding-specific signature mechanisms. See JIRA issue JOWS-4.
//
// For now evaluate here inline for XML Signature and HTTP-Redirect and HTTP-Post-SimpleSign.
SAMLObject samlMessage = messageContext.getInboundSAMLMessage();
if (samlMessage instanceof SignableSAMLObject) {
SignableSAMLObject signableMessage = (SignableSAMLObject) samlMessage;
if (signableMessage.isSigned()) {
return true;
}
}
// This handles HTTP-Redirect and HTTP-POST-SimpleSign bindings.
HTTPInTransport inTransport = (HTTPInTransport) messageContext.getInboundMessageTransport();
String sigParam = inTransport.getParameterValue("Signature");
return !DatatypeHelper.isEmpty(sigParam);
}
Example 2
| Source File: HTTPArtifactDecoder.java From lams with GNU General Public License v2.0 | 6 votes |
|
/** {@inheritDoc} */
protected void doDecode(MessageContext messageContext) throws MessageDecodingException {
if (!(messageContext instanceof SAMLMessageContext)) {
log.error("Invalid message context type, this decoder only support SAMLMessageContext");
throw new MessageDecodingException(
"Invalid message context type, this decoder only support SAMLMessageContext");
}
if (!(messageContext.getInboundMessageTransport() instanceof HTTPInTransport)) {
log.error("Invalid inbound message transport type, this decoder only support HTTPInTransport");
throw new MessageDecodingException(
"Invalid inbound message transport type, this decoder only support HTTPInTransport");
}
SAMLMessageContext samlMsgCtx = (SAMLMessageContext) messageContext;
HTTPInTransport inTransport = (HTTPInTransport) samlMsgCtx.getInboundMessageTransport();
String relayState = DatatypeHelper.safeTrim(inTransport.getParameterValue("RelayState"));
samlMsgCtx.setRelayState(relayState);
processArtifact(samlMsgCtx);
populateMessageContext(samlMsgCtx);
}
Example 3
| Source File: OpenHTTPPostDecoder.java From MaxKey with Apache License 2.0 | 6 votes |
|
@Override
@SuppressWarnings("rawtypes")
protected String getActualReceiverEndpointURI(SAMLMessageContext messageContext) throws MessageDecodingException {
InTransport inTransport = messageContext.getInboundMessageTransport();
if (!(inTransport instanceof HttpServletRequestAdapter)) {
throw new MessageDecodingException("Message context InTransport instance was an unsupported type");
}
HttpServletRequest httpRequest = ((HttpServletRequestAdapter) inTransport).getWrappedRequest();
StringBuffer urlBuilder = httpRequest.getRequestURL();
String tempUrl = urlBuilder.toString();
// 从http协议头开始,跳过前面两个斜杠
tempUrl = tempUrl.substring(tempUrl.indexOf("/", 8) + 1);
return receiverEndpoint + tempUrl;
}
Example 4
| Source File: OpenHTTPPostSimpleSignDecoder.java From MaxKey with Apache License 2.0 | 6 votes |
|
@Override
@SuppressWarnings("rawtypes")
protected String getActualReceiverEndpointURI(
SAMLMessageContext messageContext) throws MessageDecodingException {
InTransport inTransport = messageContext.getInboundMessageTransport();
if (!(inTransport instanceof HttpServletRequestAdapter)) {
throw new MessageDecodingException("Message context InTransport instance was an unsupported type");
}
HttpServletRequest httpRequest = ((HttpServletRequestAdapter) inTransport).getWrappedRequest();
StringBuffer urlBuilder = httpRequest.getRequestURL();
String tempUrl = urlBuilder.toString();
// 从http协议头开始,跳过前面两个斜杠
tempUrl = tempUrl.substring(tempUrl.indexOf("/", 8) + 1);
return receiverEndpoint + tempUrl;
}
Example 5
| Source File: OpenHTTPRedirectDecoder.java From MaxKey with Apache License 2.0 | 6 votes |
|
@Override
@SuppressWarnings("rawtypes")
protected String getActualReceiverEndpointURI(SAMLMessageContext messageContext) throws MessageDecodingException {
InTransport inTransport = messageContext.getInboundMessageTransport();
if (!(inTransport instanceof HttpServletRequestAdapter)) {
throw new MessageDecodingException(
"Message context InTransport instance was an unsupported type");
}
HttpServletRequest httpRequest = ((HttpServletRequestAdapter) inTransport)
.getWrappedRequest();
StringBuffer urlBuilder = httpRequest.getRequestURL();
String tempUrl = urlBuilder.toString();
// 从http协议头开始,跳过前面两个斜杠
tempUrl = tempUrl.substring(tempUrl.indexOf("/", 8) + 1);
return receiverEndpoint + tempUrl;
}
Example 6
| Source File: HTTPArtifactDecoder.java From lams with GNU General Public License v2.0 | 5 votes |
|
/**
* Decodes the TARGET parameter and adds it to the message context.
*
* @param samlMsgCtx current message context
*
* @throws MessageDecodingException thrown if there is a problem decoding the TARGET parameter.
*/
protected void decodeTarget(SAMLMessageContext samlMsgCtx) throws MessageDecodingException {
HTTPInTransport inTransport = (HTTPInTransport) samlMsgCtx.getInboundMessageTransport();
String target = DatatypeHelper.safeTrim(inTransport.getParameterValue("TARGET"));
if (target == null) {
log.error("URL TARGET parameter was missing or did not contain a value.");
throw new MessageDecodingException("URL TARGET parameter was missing or did not contain a value.");
}
samlMsgCtx.setRelayState(target);
}
Example 7
| Source File: HTTPArtifactDecoder.java From lams with GNU General Public License v2.0 | 5 votes |
|
/**
* Process the incoming artifacts by decoding the artifacts, dereferencing them from the artifact source and
* storing the resulting response (with assertions) in the message context.
*
* @param samlMsgCtx current message context
*
* @throws MessageDecodingException thrown if there is a problem decoding or dereferencing the artifacts
*/
protected void processArtifacts(SAMLMessageContext samlMsgCtx) throws MessageDecodingException {
HTTPInTransport inTransport = (HTTPInTransport) samlMsgCtx.getInboundMessageTransport();
List<String> encodedArtifacts = inTransport.getParameterValues("SAMLart");
if (encodedArtifacts == null || encodedArtifacts.size() == 0) {
log.error("URL SAMLart parameter was missing or did not contain a value.");
throw new MessageDecodingException("URL SAMLart parameter was missing or did not contain a value.");
}
// TODO decode artifact(s); resolve issuer resolution endpoint; dereference using
// Request/AssertionArtifact(s) over synchronous backchannel binding;
// store response as the inbound SAML message.
}
Example 8
| Source File: HTTPPostDecoder.java From lams with GNU General Public License v2.0 | 5 votes |
|
/** {@inheritDoc} */
protected void doDecode(MessageContext messageContext) throws MessageDecodingException {
if (!(messageContext instanceof SAMLMessageContext)) {
log.error("Invalid message context type, this decoder only support SAMLMessageContext");
throw new MessageDecodingException(
"Invalid message context type, this decoder only support SAMLMessageContext");
}
if (!(messageContext.getInboundMessageTransport() instanceof HTTPInTransport)) {
log.error("Invalid inbound message transport type, this decoder only support HTTPInTransport");
throw new MessageDecodingException(
"Invalid inbound message transport type, this decoder only support HTTPInTransport");
}
SAMLMessageContext samlMsgCtx = (SAMLMessageContext) messageContext;
HTTPInTransport inTransport = (HTTPInTransport) samlMsgCtx.getInboundMessageTransport();
if (!inTransport.getHTTPMethod().equalsIgnoreCase("POST")) {
throw new MessageDecodingException("This message decoder only supports the HTTP POST method");
}
String relayState = inTransport.getParameterValue("TARGET");
samlMsgCtx.setRelayState(relayState);
log.debug("Decoded SAML relay state (TARGET parameter) of: {}", relayState);
String base64Message = inTransport.getParameterValue("SAMLResponse");
byte[] decodedBytes = Base64.decode(base64Message);
if (decodedBytes == null) {
log.error("Unable to Base64 decode SAML message");
throw new MessageDecodingException("Unable to Base64 decode SAML message");
}
SAMLObject inboundMessage = (SAMLObject) unmarshallMessage(new ByteArrayInputStream(decodedBytes));
samlMsgCtx.setInboundMessage(inboundMessage);
samlMsgCtx.setInboundSAMLMessage(inboundMessage);
log.debug("Decoded SAML message");
populateMessageContext(samlMsgCtx);
}
Example 9
| Source File: HTTPArtifactDecoder.java From lams with GNU General Public License v2.0 | 5 votes |
|
/**
* Process the incoming artifact by decoding the artifacts, dereferencing it from the artifact issuer and
* storing the resulting protocol message in the message context.
*
* @param samlMsgCtx current message context
*
* @throws MessageDecodingException thrown if there is a problem decoding or dereferencing the artifact
*/
protected void processArtifact(SAMLMessageContext samlMsgCtx) throws MessageDecodingException {
HTTPInTransport inTransport = (HTTPInTransport) samlMsgCtx.getInboundMessageTransport();
String encodedArtifact = DatatypeHelper.safeTrimOrNullString(inTransport.getParameterValue("SAMLart"));
if (encodedArtifact == null) {
log.error("URL SAMLart parameter was missing or did not contain a value.");
throw new MessageDecodingException("URL TARGET parameter was missing or did not contain a value.");
}
// TODO decode artifact; resolve issuer resolution endpoint; dereference using ArtifactResolve
// over synchronous backchannel binding; store resultant protocol message as the inbound SAML message.
}
Example 10
| Source File: HTTPRedirectDeflateDecoder.java From lams with GNU General Public License v2.0 | 5 votes |
|
/** {@inheritDoc} */
protected void doDecode(MessageContext messageContext) throws MessageDecodingException {
if (!(messageContext instanceof SAMLMessageContext)) {
log.error("Invalid message context type, this decoder only support SAMLMessageContext");
throw new MessageDecodingException(
"Invalid message context type, this decoder only support SAMLMessageContext");
}
if (!(messageContext.getInboundMessageTransport() instanceof HTTPInTransport)) {
log.error("Invalid inbound message transport type, this decoder only support HTTPInTransport");
throw new MessageDecodingException(
"Invalid inbound message transport type, this decoder only support HTTPInTransport");
}
SAMLMessageContext samlMsgCtx = (SAMLMessageContext) messageContext;
HTTPInTransport inTransport = (HTTPInTransport) samlMsgCtx.getInboundMessageTransport();
String relayState = inTransport.getParameterValue("RelayState");
samlMsgCtx.setRelayState(relayState);
log.debug("Decoded RelayState: {}", relayState);
InputStream samlMessageIns;
if (!DatatypeHelper.isEmpty(inTransport.getParameterValue("SAMLRequest"))) {
samlMessageIns = decodeMessage(inTransport.getParameterValue("SAMLRequest"));
} else if (!DatatypeHelper.isEmpty(inTransport.getParameterValue("SAMLResponse"))) {
samlMessageIns = decodeMessage(inTransport.getParameterValue("SAMLResponse"));
} else {
throw new MessageDecodingException(
"No SAMLRequest or SAMLResponse query path parameter, invalid SAML 2 HTTP Redirect message");
}
SAMLObject samlMessage = (SAMLObject) unmarshallMessage(samlMessageIns);
samlMsgCtx.setInboundSAMLMessage(samlMessage);
samlMsgCtx.setInboundMessage(samlMessage);
log.debug("Decoded SAML message");
populateMessageContext(samlMsgCtx);
}
Example 11
| Source File: HTTPPostDecoder.java From lams with GNU General Public License v2.0 | 5 votes |
|
/** {@inheritDoc} */
protected void doDecode(MessageContext messageContext) throws MessageDecodingException {
if (!(messageContext instanceof SAMLMessageContext)) {
log.error("Invalid message context type, this decoder only support SAMLMessageContext");
throw new MessageDecodingException(
"Invalid message context type, this decoder only support SAMLMessageContext");
}
if (!(messageContext.getInboundMessageTransport() instanceof HTTPInTransport)) {
log.error("Invalid inbound message transport type, this decoder only support HTTPInTransport");
throw new MessageDecodingException(
"Invalid inbound message transport type, this decoder only support HTTPInTransport");
}
SAMLMessageContext samlMsgCtx = (SAMLMessageContext) messageContext;
HTTPInTransport inTransport = (HTTPInTransport) samlMsgCtx.getInboundMessageTransport();
if (!inTransport.getHTTPMethod().equalsIgnoreCase("POST")) {
throw new MessageDecodingException("This message decoder only supports the HTTP POST method");
}
String relayState = inTransport.getParameterValue("RelayState");
samlMsgCtx.setRelayState(relayState);
log.debug("Decoded SAML relay state of: {}", relayState);
InputStream base64DecodedMessage = getBase64DecodedMessage(inTransport);
SAMLObject inboundMessage = (SAMLObject) unmarshallMessage(base64DecodedMessage);
samlMsgCtx.setInboundMessage(inboundMessage);
samlMsgCtx.setInboundSAMLMessage(inboundMessage);
log.debug("Decoded SAML message");
populateMessageContext(samlMsgCtx);
}
Example 12
| Source File: HTTPSOAP11Decoder.java From lams with GNU General Public License v2.0 | 4 votes |
|
/** {@inheritDoc} */
protected void doDecode(MessageContext messageContext) throws MessageDecodingException {
if (!(messageContext instanceof SAMLMessageContext)) {
log.error("Invalid message context type, this decoder only support SAMLMessageContext");
throw new MessageDecodingException(
"Invalid message context type, this decoder only support SAMLMessageContext");
}
if (!(messageContext.getInboundMessageTransport() instanceof HTTPInTransport)) {
log.error("Invalid inbound message transport type, this decoder only support HTTPInTransport");
throw new MessageDecodingException(
"Invalid inbound message transport type, this decoder only support HTTPInTransport");
}
SAMLMessageContext samlMsgCtx = (SAMLMessageContext) messageContext;
HTTPInTransport inTransport = (HTTPInTransport) samlMsgCtx.getInboundMessageTransport();
if (!inTransport.getHTTPMethod().equalsIgnoreCase("POST")) {
throw new MessageDecodingException("This message decoder only supports the HTTP POST method");
}
log.debug("Unmarshalling SOAP message");
Envelope soapMessage = (Envelope) unmarshallMessage(inTransport.getIncomingStream());
samlMsgCtx.setInboundMessage(soapMessage);
Header messageHeader = soapMessage.getHeader();
if (messageHeader != null) {
checkUnderstoodSOAPHeaders(soapMessage.getHeader().getUnknownXMLObjects());
}
List<XMLObject> soapBodyChildren = soapMessage.getBody().getUnknownXMLObjects();
if (soapBodyChildren.size() < 1 || soapBodyChildren.size() > 1) {
log.error("Unexpected number of children in the SOAP body, " + soapBodyChildren.size()
+ ". Unable to extract SAML message");
throw new MessageDecodingException(
"Unexpected number of children in the SOAP body, unable to extract SAML message");
}
XMLObject incommingMessage = soapBodyChildren.get(0);
if (!(incommingMessage instanceof SAMLObject)) {
log.error("Unexpected SOAP body content. Expected a SAML request but recieved {}", incommingMessage
.getElementQName());
throw new MessageDecodingException("Unexpected SOAP body content. Expected a SAML request but recieved "
+ incommingMessage.getElementQName());
}
SAMLObject samlMessage = (SAMLObject) incommingMessage;
log.debug("Decoded SOAP messaged which included SAML message of type {}", samlMessage.getElementQName());
samlMsgCtx.setInboundSAMLMessage(samlMessage);
populateMessageContext(samlMsgCtx);
}
Example 13
| Source File: HTTPPostSimpleSignDecoder.java From lams with GNU General Public License v2.0 | 4 votes |
|
/** {@inheritDoc} */
protected boolean isMessageSigned(SAMLMessageContext messageContext) {
HTTPInTransport inTransport = (HTTPInTransport) messageContext.getInboundMessageTransport();
String sigParam = inTransport.getParameterValue("Signature");
return (!DatatypeHelper.isEmpty(sigParam)) || super.isMessageSigned(messageContext);
}
Example 14
| Source File: HTTPRedirectDeflateDecoder.java From lams with GNU General Public License v2.0 | 4 votes |
|
/** {@inheritDoc} */
protected boolean isMessageSigned(SAMLMessageContext messageContext) {
HTTPInTransport inTransport = (HTTPInTransport) messageContext.getInboundMessageTransport();
String sigParam = inTransport.getParameterValue("Signature");
return (!DatatypeHelper.isEmpty(sigParam)) || super.isMessageSigned(messageContext);
}
Example 15
| Source File: HTTPSOAP11Decoder.java From lams with GNU General Public License v2.0 | 4 votes |
|
/** {@inheritDoc} */
protected void doDecode(MessageContext messageContext) throws MessageDecodingException {
if (!(messageContext instanceof SAMLMessageContext)) {
log.error("Invalid message context type, this decoder only support SAMLMessageContext");
throw new MessageDecodingException(
"Invalid message context type, this decoder only support SAMLMessageContext");
}
if (!(messageContext.getInboundMessageTransport() instanceof HTTPInTransport)) {
log.error("Invalid inbound message transport type, this decoder only support HTTPInTransport");
throw new MessageDecodingException(
"Invalid inbound message transport type, this decoder only support HTTPInTransport");
}
SAMLMessageContext samlMsgCtx = (SAMLMessageContext) messageContext;
HTTPInTransport inTransport = (HTTPInTransport) samlMsgCtx.getInboundMessageTransport();
if (!inTransport.getHTTPMethod().equalsIgnoreCase("POST")) {
throw new MessageDecodingException("This message decoder only supports the HTTP POST method");
}
log.debug("Unmarshalling SOAP message");
Envelope soapMessage = (Envelope) unmarshallMessage(inTransport.getIncomingStream());
samlMsgCtx.setInboundMessage(soapMessage);
Header messageHeader = soapMessage.getHeader();
if (messageHeader != null) {
checkUnderstoodSOAPHeaders(soapMessage.getHeader().getUnknownXMLObjects());
}
List<XMLObject> soapBodyChildren = soapMessage.getBody().getUnknownXMLObjects();
if (soapBodyChildren.size() < 1 || soapBodyChildren.size() > 1) {
log.error("Unexpected number of children in the SOAP body, " + soapBodyChildren.size()
+ ". Unable to extract SAML message");
throw new MessageDecodingException(
"Unexpected number of children in the SOAP body, unable to extract SAML message");
}
XMLObject incommingMessage = soapBodyChildren.get(0);
if (!(incommingMessage instanceof SAMLObject)) {
log.error("Unexpected SOAP body content. Expected a SAML request but recieved {}", incommingMessage
.getElementQName());
throw new MessageDecodingException("Unexpected SOAP body content. Expected a SAML request but recieved "
+ incommingMessage.getElementQName());
}
SAMLObject samlMessage = (SAMLObject) incommingMessage;
log.debug("Decoded SOAP messaged which included SAML message of type {}", samlMessage.getElementQName());
samlMsgCtx.setInboundSAMLMessage(samlMessage);
populateMessageContext(samlMsgCtx);
}
Example 16
| Source File: BaseSAMLMessageDecoder.java From lams with GNU General Public License v2.0 | 3 votes |
|
/**
* Extract the transport endpoint at which this message was received.
*
* <p>This default implementation assumes an underlying message context {@link InTransport} type
* of {@link HttpServletRequestAdapter} and returns the string representation of the underlying
* request URL as constructed via {@link HttpServletRequest#getRequestURL()}.</p>
*
* <p>Subclasses should override if binding-specific behavior or support for other transport
* typs is required. In this case, see also {@link #compareEndpointURIs(String, String)}.</p>
*
*
* @param messageContext current message context
* @return string representing the transport endpoint URI at which the current message was received
* @throws MessageDecodingException thrown if the endpoint can not be extracted from the message
* context and converted to a string representation
*/
protected String getActualReceiverEndpointURI(SAMLMessageContext messageContext) throws MessageDecodingException {
InTransport inTransport = messageContext.getInboundMessageTransport();
if (! (inTransport instanceof HttpServletRequestAdapter)) {
log.error("Message context InTransport instance was an unsupported type: {}",
inTransport.getClass().getName());
throw new MessageDecodingException("Message context InTransport instance was an unsupported type");
}
HttpServletRequest httpRequest = ((HttpServletRequestAdapter)inTransport).getWrappedRequest();
StringBuffer urlBuilder = httpRequest.getRequestURL();
return urlBuilder.toString();
}
