Java Code Examples for org.wso2.carbon.identity.core.util.IdentityUtil#getServerURL()

@Override
public void onTenantCreate(TenantInfoBean tenantInfoBean) throws StratosException {
    String fullName = tenantInfoBean.getAdmin() + UserCoreConstants.TENANT_DOMAIN_COMBINER + tenantInfoBean.getTenantDomain() ;
    BPSProfile bpsProfileDTO = new BPSProfile();
    String url = IdentityUtil.getServerURL(WorkflowImplServiceDataHolder.getInstance()
            .getConfigurationContextService().getServerConfigContext().getServicePath(), true, true);
    try {
        bpsProfileDTO.setManagerHostURL(url);
        bpsProfileDTO.setWorkerHostURL(url);
        bpsProfileDTO.setUsername(fullName);
        bpsProfileDTO.setPassword(new char[0]);
        bpsProfileDTO.setProfileName(WFImplConstant.DEFAULT_BPS_PROFILE_NAME);

        WorkflowImplServiceDataHolder.getInstance().getWorkflowImplService()
                .addBPSProfile(bpsProfileDTO, tenantInfoBean
                        .getTenantId());

    }catch (WorkflowImplException e) {
        //This is not thrown exception because this is not blocked to the other functionality. User can create
        // default profile by manually.
        String errorMsg = "Error occured while adding default bps profile, " + e.getMessage();
        log.error(errorMsg);
    }

}
 

/**
 * Get property value by key
 *
 * @param key Property key
 * @return Property value
 */
private static String getPropertyValue(String key) {
    
    if ((Constants.SERVICES_URL.equals(key)) && !prop.containsKey(Constants.SERVICES_URL)) {
        String serviceUrl = IdentityUtil.getServicePath();
        return IdentityUtil.getServerURL(serviceUrl, true, true);
    }
    return prop.getProperty(key);
}
 

public static String getOAuth1RequestTokenUrl() {
    String oauth1RequestTokenUrl = OAuthServerConfiguration.getInstance().getOAuth1RequestTokenUrl();
    if(StringUtils.isBlank(oauth1RequestTokenUrl)){
        oauth1RequestTokenUrl = IdentityUtil.getServerURL("oauth/request-token", true, true);
    }
    return oauth1RequestTokenUrl;
}
 

public void sendToLoginPage(HttpServletRequest request, HttpServletResponse response, String ctx)
        throws AuthenticationFailedException {
    String iwaURL = null;
    try {
        iwaURL = IdentityUtil.getServerURL(IWAConstants.IWA_AUTH_EP, false, true) +
                "?" + IWAConstants.IWA_PARAM_STATE + "=" +URLEncoder.encode(ctx, IWAConstants.UTF_8);
        response.sendRedirect(response.encodeRedirectURL(iwaURL));
    } catch (IOException e) {
        log.error("Error when sending to the login page :" + iwaURL, e);
        throw new AuthenticationFailedException("Authentication failed");
    }
}
 

private void sendToAuthenticationFramework(HttpServletRequest request, HttpServletResponse response,
                                           String sessionDataKey, SessionDTO sessionDTO) throws IOException {

    String commonAuthURL = IdentityUtil.getServerURL(FrameworkConstants.COMMONAUTH, false, true);

    String selfPath = request.getRequestURI();
    //Authentication context keeps data which should be sent to commonAuth endpoint
    AuthenticationRequest authenticationRequest = new AuthenticationRequest();
    authenticationRequest.setRelyingParty(sessionDTO.getRealm());
    authenticationRequest.setCommonAuthCallerPath(selfPath);
    authenticationRequest.setForceAuth(false);
    authenticationRequest.setRequestQueryParams(request.getParameterMap());

    //adding headers in out going request to authentication request context
    for (Enumeration e = request.getHeaderNames(); e.hasMoreElements(); ) {
        String headerName = e.nextElement().toString();
        authenticationRequest.addHeader(headerName, request.getHeader(headerName));
    }

    //Add authenticationRequest cache entry to cache
    AuthenticationRequestCacheEntry authRequest = new AuthenticationRequestCacheEntry(authenticationRequest);
    FrameworkUtils.addAuthenticationRequestToCache(sessionDataKey, authRequest);
    StringBuilder queryStringBuilder = new StringBuilder();
    queryStringBuilder.append("?").
            append(FrameworkConstants.SESSION_DATA_KEY).
                              append("=").
                              append(sessionDataKey).
                              append("&").
                              append(FrameworkConstants.RequestParams.TYPE).
                              append("=").
                              append(FrameworkConstants.PASSIVE_STS);
    response.sendRedirect(commonAuthURL + queryStringBuilder.toString());
}
 

public static String getFronEndUrl(String openId, HttpServletRequest request, String relativeUrl) {
    String tenant = MultitenantUtils.getDomainNameFromOpenId(openId);
    if (getHostName().equals(tenant)) {
        tenant = null;
    }

    String frontEndUrl = IdentityUtil.getServerURL("/carbon/", false, true) + relativeUrl;

    if (tenant != null && tenant.trim().length() > 0) {
        return frontEndUrl.replace("/carbon/", "/t/" + tenant + "/carbon/");
    }

    return frontEndUrl;
}
 

public static String getOpenIDUserPattern() {
    // Read from OpenID configuration in identity.xml
    String openIDUserPattern = IdentityUtil.getProperty(IdentityConstants.ServerConfig.OPENID_USER_PATTERN);
    // If configuration are not defined,  build URL from server configurations.
    if (StringUtils.isBlank(openIDUserPattern)) {
        openIDUserPattern = IdentityUtil.getServerURL(OpenIDServerConstants.OPENID, true, true);
    }
    return openIDUserPattern;
}
 

public static String getOAuth1AuthorizeUrl() {
    String oauth1AuthorizeUrl = OAuthServerConfiguration.getInstance().getOAuth1AuthorizeUrl();
    if(StringUtils.isBlank(oauth1AuthorizeUrl)){
        oauth1AuthorizeUrl = IdentityUtil.getServerURL("oauth/authorize-url", true, true);
    }
    return oauth1AuthorizeUrl;
}
 

public static String getNotificationEndpoint(){
    String redirectURL = IdentityUtil.getProperty(IdentityConstants.ServerConfig
            .NOTIFICATION_ENDPOINT);
    if (StringUtils.isBlank(redirectURL)){
        redirectURL = IdentityUtil.getServerURL(SAMLSSOConstants.NOTIFICATION_ENDPOINT, false, false);
    }
    return redirectURL;
}
 

/**
 * Initialize listener
 */
private synchronized void init() {
    try {
        tenantDataReceiveURLs = ConfigurationFacade.getInstance().getTenantDataEndpointURLs();

        if (!tenantDataReceiveURLs.isEmpty()) {

            serverURL = IdentityUtil.getServerURL("", true, true);
            int index = 0;

            for (String tenantDataReceiveUrl : tenantDataReceiveURLs) {
                URI tenantDataReceiveURI = new URI(tenantDataReceiveUrl);

                if (log.isDebugEnabled()) {
                    log.debug("Tenant list receiving url added : " + tenantDataReceiveUrl);
                }

                if (!tenantDataReceiveURI.isAbsolute()) {
                    // Set the absolute URL for tenant list receiving endpoint
                    tenantDataReceiveURLs.set(index, serverURL + tenantDataReceiveUrl);
                }
                index++;
            }

            initialized = true;
        } else {
            if (log.isDebugEnabled()) {
                log.debug("TenantDataListenerURLs are not set in configuration");
            }
        }
    } catch (URISyntaxException e) {
        log.error("Error while getting TenantDataListenerURLs", e);
    }
}
 

public static String getOAuth2TokenEPUrl() {
    String oauth2TokenEPUrl = OAuthServerConfiguration.getInstance().getOAuth2TokenEPUrl();
    if(StringUtils.isBlank(oauth2TokenEPUrl)){
        oauth2TokenEPUrl = IdentityUtil.getServerURL("oauth2/token", true, false);
    }
    return oauth2TokenEPUrl;
}
 

public static String getOAuth2ErrorPageUrl() {
    String oAuth2ErrorPageUrl = OAuthServerConfiguration.getInstance().getOauth2ErrorPageUrl();
    if(StringUtils.isBlank(oAuth2ErrorPageUrl)){
        oAuth2ErrorPageUrl = IdentityUtil.getServerURL("/authenticationendpoint/oauth2_error.do", false, false);
    }
    return oAuth2ErrorPageUrl;
}
 

/**
 * Build response for framework logout
 *
 * @param context Inbound authentication context
 * @return
 * @throws IOException
 * @throws IdentityApplicationManagementException
 * @throws FrameworkException
 */
protected InboundAuthenticationResponse buildResponseForFrameworkLogout(InboundAuthenticationContext context)
        throws IOException, IdentityApplicationManagementException, FrameworkException {

    String sessionDataKey = UUIDGenerator.generateUUID();

    AuthenticationRequest authenticationRequest = new AuthenticationRequest();
    InboundAuthenticationRequest inboundAuthenticationRequest = context.getInboundAuthenticationRequest();

    Map<String, String[]> parameterMap = inboundAuthenticationRequest.getParameters();

    parameterMap.put(FrameworkConstants.SESSION_DATA_KEY, new String[] { sessionDataKey });
    parameterMap.put(FrameworkConstants.RequestParams.TYPE, new String[] { getName() });

    authenticationRequest.appendRequestQueryParams(parameterMap);

    for (Map.Entry<String, String> entry : inboundAuthenticationRequest.getHeaders().entrySet()) {
        authenticationRequest.addHeader(entry.getKey(), entry.getValue());
    }

    authenticationRequest.setRelyingParty(getRelyingPartyId());
    authenticationRequest.setType(getName());
    authenticationRequest.setCommonAuthCallerPath(URLEncoder.encode(getCallbackPath(context), "UTF-8"));
    authenticationRequest.addRequestQueryParam(FrameworkConstants.RequestParams.LOGOUT,
            new String[]{"true"});

    AuthenticationRequestCacheEntry authRequest = new AuthenticationRequestCacheEntry(authenticationRequest);
    FrameworkUtils.addAuthenticationRequestToCache(sessionDataKey, authRequest);

    InboundAuthenticationContextCacheEntry contextCacheEntry = new InboundAuthenticationContextCacheEntry(context);
    InboundAuthenticationUtil.addInboundAuthenticationContextToCache(sessionDataKey, contextCacheEntry);

    InboundAuthenticationResponse response = new InboundAuthenticationResponse();
    response.addParameters(InboundAuthenticationConstants.RequestProcessor.AUTH_NAME, getName());
    response.addParameters(InboundAuthenticationConstants.RequestProcessor.SESSION_DATA_KEY, sessionDataKey);
    response.addParameters(InboundAuthenticationConstants.RequestProcessor.CALL_BACK_PATH,
            getCallbackPath(context));
    response.addParameters(InboundAuthenticationConstants.RequestProcessor.RELYING_PARTY, getRelyingPartyId());
    //type parameter is using since framework checking it, but future it'll use AUTH_NAME
    response.addParameters(InboundAuthenticationConstants.RequestProcessor.AUTH_TYPE, getName());
    String commonAuthURL = IdentityUtil.getServerURL(FrameworkConstants.COMMONAUTH, true, true);
    response.setRedirectURL(commonAuthURL);
    return response;
}
 

private void sendToFrameworkForLogout(HttpServletRequest request, HttpServletResponse response,
                                      SAMLSSOReqValidationResponseDTO signInRespDTO, String relayState,
                                      String sessionId,
                                      boolean invalid, boolean isPost) throws ServletException, IOException {

    SAMLSSOSessionDTO sessionDTO = new SAMLSSOSessionDTO();
    sessionDTO.setHttpQueryString(request.getQueryString());
    sessionDTO.setRelayState(relayState);
    sessionDTO.setSessionId(sessionId);
    sessionDTO.setLogoutReq(true);
    sessionDTO.setInvalidLogout(invalid);

    if (signInRespDTO != null) {
        sessionDTO.setDestination(signInRespDTO.getDestination());
        sessionDTO.setRequestMessageString(signInRespDTO.getRequestMessageString());
        sessionDTO.setIssuer(signInRespDTO.getIssuer());
        sessionDTO.setRequestID(signInRespDTO.getId());
        sessionDTO.setSubject(signInRespDTO.getSubject());
        sessionDTO.setRelyingPartySessionId(signInRespDTO.getRpSessionId());
        sessionDTO.setAssertionConsumerURL(signInRespDTO.getAssertionConsumerURL());
        sessionDTO.setValidationRespDTO(signInRespDTO);
    }

    String sessionDataKey = UUIDGenerator.generateUUID();
    addSessionDataToCache(sessionDataKey, sessionDTO);


    String commonAuthURL = IdentityUtil.getServerURL(FrameworkConstants.COMMONAUTH, false, true);

    String selfPath = request.getContextPath();

    //Add all parameters to authentication context before sending to authentication
    // framework
    AuthenticationRequest authenticationRequest = new
            AuthenticationRequest();
    authenticationRequest.addRequestQueryParam(FrameworkConstants.RequestParams.LOGOUT,
                                               new String[]{"true"});
    authenticationRequest.setRequestQueryParams(request.getParameterMap());
    authenticationRequest.setCommonAuthCallerPath(selfPath);
    authenticationRequest.setPost(isPost);

    if (signInRespDTO != null) {
        authenticationRequest.setRelyingParty(signInRespDTO.getIssuer());
    }
    authenticationRequest.appendRequestQueryParams(request.getParameterMap());
    //Add headers to AuthenticationRequestContext
    for (Enumeration e = request.getHeaderNames(); e.hasMoreElements(); ) {
        String headerName = e.nextElement().toString();
        authenticationRequest.addHeader(headerName, request.getHeader(headerName));
    }

    AuthenticationRequestCacheEntry authRequest = new AuthenticationRequestCacheEntry
            (authenticationRequest);
    addAuthenticationRequestToRequest(request, authRequest);
    sendRequestToFramework(request, response, sessionDataKey, FrameworkConstants.RequestType.CLAIM_TYPE_SAML_SSO);
}
 

@Override
protected void processAuthenticationResponse(HttpServletRequest request,
                                             HttpServletResponse response,
                                             AuthenticationContext context)
        throws AuthenticationFailedException {

    log.trace("Inside FacebookAuthenticator.authenticate()");

    try {
        Map<String, String> authenticatorProperties = context.getAuthenticatorProperties();
        String clientId = authenticatorProperties.get(FacebookAuthenticatorConstants.CLIENT_ID);
        String clientSecret =
                authenticatorProperties.get(FacebookAuthenticatorConstants.CLIENT_SECRET);
        String userInfoFields = authenticatorProperties.get(FacebookAuthenticatorConstants.USER_INFO_FIELDS);

        String tokenEndPoint = getTokenEndpoint();
        String fbAuthUserInfoUrl = getUserInfoEndpoint();

        String callbackUrl = IdentityUtil.getServerURL(FrameworkConstants.COMMONAUTH, true, true);

        String code = getAuthorizationCode(request);
        String token = getToken(tokenEndPoint, clientId, clientSecret, callbackUrl, code);

        if (!StringUtils.isBlank(userInfoFields)) {
            if (context.getExternalIdP().getIdentityProvider().getClaimConfig() != null && !StringUtils.isBlank
                    (context.getExternalIdP().getIdentityProvider().getClaimConfig().getUserClaimURI())) {
                String userClaimUri = context.getExternalIdP().getIdentityProvider().getClaimConfig()
                        .getUserClaimURI();
                if (!Arrays.asList(userInfoFields.split(",")).contains(userClaimUri)) {
                    userInfoFields += ("," + userClaimUri);
                }
            } else {
                if (!Arrays.asList(userInfoFields.split(",")).contains(FacebookAuthenticatorConstants
                        .DEFAULT_USER_IDENTIFIER)) {
                    userInfoFields += ("," + FacebookAuthenticatorConstants.DEFAULT_USER_IDENTIFIER);
                }
            }
        }

        Map<String, Object> userInfoJson = getUserInfoJson(fbAuthUserInfoUrl, userInfoFields, token);
        buildClaims(context, userInfoJson);
    } catch (ApplicationAuthenticatorException e) {
        log.error("Failed to process Facebook Connect response.", e);
        throw new AuthenticationFailedException(e.getMessage(), e);
    }
}
 

/**
 * Build response for framework login
 *
 * @param context Inbound authentication context
 * @return
 * @throws IOException
 * @throws IdentityApplicationManagementException
 * @throws FrameworkException
 */
protected InboundAuthenticationResponse buildResponseForFrameworkLogin(InboundAuthenticationContext context)
        throws IOException, IdentityApplicationManagementException, FrameworkException {

    String sessionDataKey = UUIDGenerator.generateUUID();

    AuthenticationRequest authenticationRequest = new AuthenticationRequest();
    InboundAuthenticationRequest inboundAuthenticationRequest = context.getInboundAuthenticationRequest();

    Map<String, String[]> parameterMap = inboundAuthenticationRequest.getParameters();

    parameterMap.put(FrameworkConstants.SESSION_DATA_KEY, new String[] { sessionDataKey });
    parameterMap.put(FrameworkConstants.RequestParams.TYPE, new String[] { getName() });

    authenticationRequest.appendRequestQueryParams(parameterMap);

    for (Map.Entry<String, String> entry : inboundAuthenticationRequest.getHeaders().entrySet()) {
        authenticationRequest.addHeader(entry.getKey(), entry.getValue());
    }

    authenticationRequest.setRelyingParty(getRelyingPartyId());
    authenticationRequest.setType(getName());
    authenticationRequest.setCommonAuthCallerPath(URLEncoder.encode(getCallbackPath(context), "UTF-8"));

    AuthenticationRequestCacheEntry authRequest = new AuthenticationRequestCacheEntry(authenticationRequest);
    FrameworkUtils.addAuthenticationRequestToCache(sessionDataKey, authRequest);

    InboundAuthenticationContextCacheEntry contextCacheEntry = new InboundAuthenticationContextCacheEntry(context);
    InboundAuthenticationUtil.addInboundAuthenticationContextToCache(sessionDataKey, contextCacheEntry);

    InboundAuthenticationResponse response = new InboundAuthenticationResponse();
    response.addParameters(InboundAuthenticationConstants.RequestProcessor.AUTH_NAME, getName());
    response.addParameters(InboundAuthenticationConstants.RequestProcessor.SESSION_DATA_KEY, sessionDataKey);
    response.addParameters(InboundAuthenticationConstants.RequestProcessor.CALL_BACK_PATH,
            getCallbackPath(context));
    response.addParameters(InboundAuthenticationConstants.RequestProcessor.RELYING_PARTY, getRelyingPartyId());
    //type parameter is using since framework checking it, but future it'll use AUTH_NAME
    response.addParameters(InboundAuthenticationConstants.RequestProcessor.AUTH_TYPE, getName());
    String commonAuthURL = IdentityUtil.getServerURL(FrameworkConstants.COMMONAUTH, true, true);
    response.setRedirectURL(commonAuthURL);
    return response;
}
 

/**
 * Returns the login page URL. User will be redirected to this URL when they
 * are not authenticated.
 *
 * @param claimedID
 * @param request
 * @param params
 * @return loginPageUrl
 * @throws IdentityException
 * @throws IOException
 */
private String getLoginPageUrl(String claimedID, HttpServletRequest request, ParameterList params)
        throws IdentityException, IOException {
        
    /*
     * We are setting the request's openid identifier to the session
     * here.  
     */
    request.getSession().setAttribute(OpenIDConstants.SessionAttribute.OPENID, claimedID);

    String commonAuthURL = IdentityUtil.getServerURL(FrameworkConstants.COMMONAUTH, false, true);
    String selfPath = request.getContextPath();
    String sessionDataKey = UUIDGenerator.generateUUID();

    //Authentication context keeps data which should be sent to commonAuth endpoint
    AuthenticationRequest authenticationRequest = new
            AuthenticationRequest();
    authenticationRequest.setRelyingParty(getRelyingParty(request));
    authenticationRequest.setCommonAuthCallerPath(selfPath);
    String username = null;
    String tenantDomain = null;
    if (params.getParameterValue(FrameworkConstants.OPENID_IDENTITY) != null) {
        username = OpenIDUtil.getUserName(params.getParameterValue(FrameworkConstants.OPENID_IDENTITY));
        authenticationRequest.addRequestQueryParam(FrameworkConstants.USERNAME, new String[] { username });
    }
    if (params.getParameterValue(FrameworkConstants.RequestParams.TENANT_DOMAIN) != null) {
        tenantDomain = params.getParameterValue(FrameworkConstants.RequestParams.TENANT_DOMAIN);
        authenticationRequest.setTenantDomain(tenantDomain);
    }

    boolean forceAuthenticate = false;
    if (!claimedID.endsWith("/openid/")) {
        String authenticatedUser =
                (String) request.getSession().getAttribute(OpenIDConstants.SessionAttribute.AUTHENTICATED_OPENID);
        if (log.isDebugEnabled()) {
            log.debug("claimedID : " + claimedID + ", authenticated user : " + authenticatedUser);
        }
        if (authenticatedUser != null && !"".equals(authenticatedUser.trim())
            && !claimedID.equals(authenticatedUser.trim())) {
            if (log.isDebugEnabled()) {
                log.debug("Overriding previously authenticated OpenID : " + authenticatedUser
                          + " with the OpenID in the current request :" + claimedID
                          + " and setting forceAuthenticate.");
            }
            forceAuthenticate = true;
        }
    }
    authenticationRequest.setForceAuth(forceAuthenticate);
    //Add request headers to authentication request context. ie to cache
    authenticationRequest.setRequestQueryParams(request.getParameterMap());
    for (Enumeration headerNames = request.getHeaderNames(); headerNames.hasMoreElements(); ) {
        String headerName = headerNames.nextElement().toString();
        authenticationRequest.addHeader(headerName, request.getHeader(headerName));
    }

    AuthenticationRequestCacheEntry authRequest = new AuthenticationRequestCacheEntry(authenticationRequest);
    FrameworkUtils.addAuthenticationRequestToCache(sessionDataKey, authRequest);
    StringBuilder queryStringBuilder = new StringBuilder();
    queryStringBuilder.append(commonAuthURL).
            append("?").
                              append(FrameworkConstants.SESSION_DATA_KEY).
                              append("=").
                              append(sessionDataKey).
                              append("&").
                              append(FrameworkConstants.RequestParams.TYPE).
                              append("=").
                              append(FrameworkConstants.RequestType.CLAIM_TYPE_OPENID);
    // reading the authorization header for request path authentication
    FrameworkUtils.setRequestPathCredentials(request);

    return queryStringBuilder.toString();
}
 

/**
 * Returns the login page URL.
 *
 * @param clientId
 * @param sessionDataKey
 * @param reqParams
 * @param forceAuthenticate
 * @param checkAuthentication
 * @param scopes
 * @return
 * @throws UnsupportedEncodingException
 */
public static String getLoginPageURL(String clientId, String sessionDataKey,
                                     boolean forceAuthenticate, boolean checkAuthentication, Set<String> scopes,
                                     Map<String, String[]> reqParams) throws IdentityOAuth2Exception {

    try {

        String type = "oauth2";

        if (scopes != null && scopes.contains("openid")) {
            type = "oidc";
        }
        String commonAuthURL = IdentityUtil.getServerURL(FrameworkConstants.COMMONAUTH, false, true);
        String selfPath = "/oauth2/authorize";
        AuthenticationRequest authenticationRequest = new AuthenticationRequest();

        int tenantId = OAuth2Util.getClientTenatId();

        //Build the authentication request context.
        authenticationRequest.setCommonAuthCallerPath(selfPath);
        authenticationRequest.setForceAuth(forceAuthenticate);
        authenticationRequest.setPassiveAuth(checkAuthentication);
        authenticationRequest.setRelyingParty(clientId);
        authenticationRequest.setTenantDomain(OAuth2Util.getTenantDomain(tenantId));
        authenticationRequest.setRequestQueryParams(reqParams);

        //Build an AuthenticationRequestCacheEntry which wraps AuthenticationRequestContext
        AuthenticationRequestCacheEntry authRequest = new AuthenticationRequestCacheEntry
                (authenticationRequest);
        FrameworkUtils.addAuthenticationRequestToCache(sessionDataKey, authRequest);
        // Build new query param with only type and session data key
        StringBuilder queryStringBuilder = new StringBuilder();
        queryStringBuilder.append(commonAuthURL).
                append("?").
                append(FrameworkConstants.SESSION_DATA_KEY).
                append("=").
                append(sessionDataKey).
                append("&").
                append(FrameworkConstants.RequestParams.TYPE).
                append("=").
                append(type);

        return queryStringBuilder.toString();
    } finally {
        OAuth2Util.clearClientTenantId();
    }
}
 

private void sendFrameworkForLogout(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
    Map paramMap = request.getParameterMap();
    SessionDTO sessionDTO = new SessionDTO();
    sessionDTO.setAction(getAttribute(paramMap, PassiveRequestorConstants.ACTION));
    sessionDTO.setAttributes(getAttribute(paramMap, PassiveRequestorConstants.ATTRIBUTE));
    sessionDTO.setContext(getAttribute(paramMap, PassiveRequestorConstants.CONTEXT));
    sessionDTO.setReplyTo(getAttribute(paramMap, PassiveRequestorConstants.REPLY_TO));
    sessionDTO.setPseudo(getAttribute(paramMap, PassiveRequestorConstants.PSEUDO));
    sessionDTO.setRealm(getAttribute(paramMap, PassiveRequestorConstants.REALM));
    sessionDTO.setRequest(getAttribute(paramMap, PassiveRequestorConstants.REQUEST));
    sessionDTO.setRequestPointer(getAttribute(paramMap, PassiveRequestorConstants.REQUEST_POINTER));
    sessionDTO.setPolicy(getAttribute(paramMap, PassiveRequestorConstants.POLCY));
    sessionDTO.setReqQueryString(request.getQueryString());

    String sessionDataKey = UUIDGenerator.generateUUID();
    addSessionDataToCache(sessionDataKey, sessionDTO);
    String commonAuthURL = IdentityUtil.getServerURL(FrameworkConstants.COMMONAUTH, false, true);

    String selfPath = request.getRequestURI();
    AuthenticationRequest authenticationRequest = new AuthenticationRequest();
    authenticationRequest.addRequestQueryParam(FrameworkConstants.RequestParams.LOGOUT,
            new String[]{Boolean.TRUE.toString()});
    authenticationRequest.setRequestQueryParams(request.getParameterMap());
    authenticationRequest.setCommonAuthCallerPath(selfPath);
    authenticationRequest.appendRequestQueryParams(request.getParameterMap());
    // According to ws-federation-1.2-spec; 'wtrealm' will not be sent in the Passive STS Logout Request.
    if (sessionDTO.getRealm() == null || sessionDTO.getRealm().trim().length() == 0) {
        authenticationRequest.setRelyingParty(new String());
    }
    for (Enumeration e = request.getHeaderNames(); e.hasMoreElements(); ) {
        String headerName = e.nextElement().toString();
        authenticationRequest.addHeader(headerName, request.getHeader(headerName));
    }

    AuthenticationRequestCacheEntry authRequest = new AuthenticationRequestCacheEntry
            (authenticationRequest);
    FrameworkUtils.addAuthenticationRequestToCache(sessionDataKey, authRequest);
    String queryParams = "?" + FrameworkConstants.SESSION_DATA_KEY + "=" + sessionDataKey
            + "&" + FrameworkConstants.RequestParams.TYPE + "=" + FrameworkConstants.PASSIVE_STS;

    response.sendRedirect(commonAuthURL + queryParams);

}
 

/**
 * Get IdentityResponseBuilder for framework login
 *
 * @param context IdentityMessageContext
 * @return IdentityResponseBuilder
 */
protected FrameworkLoginResponse.FrameworkLoginResponseBuilder buildResponseForFrameworkLogin(
        IdentityMessageContext context) {

    IdentityRequest identityRequest = context.getRequest();
    Map<String, String[]> parameterMap = identityRequest.getParameterMap();

    AuthenticationRequest authenticationRequest = new AuthenticationRequest();
    authenticationRequest.appendRequestQueryParams(parameterMap);
    Set<Map.Entry<String,String>> headers = new HashMap(identityRequest.getHeaderMap()).entrySet();
    for (Map.Entry<String,String> header : headers) {
        authenticationRequest.addHeader(header.getKey(), header.getValue());
    }
    authenticationRequest.setTenantDomain(identityRequest.getTenantDomain());
    authenticationRequest.setRelyingParty(getRelyingPartyId(context));
    authenticationRequest.setType(getType(context));
    authenticationRequest.setPassiveAuth(Boolean.parseBoolean(
            String.valueOf(context.getParameter(InboundConstants.PassiveAuth))));
    authenticationRequest.setForceAuth(Boolean.parseBoolean(
            String.valueOf(context.getParameter(InboundConstants.ForceAuth))));
    try {
        authenticationRequest.setCommonAuthCallerPath(URLEncoder.encode(getCallbackPath(context),
                                                                        StandardCharsets.UTF_8.name()));
    } catch (UnsupportedEncodingException e) {
        throw FrameworkRuntimeException.error("Error occurred while URL encoding callback path " +
                getCallbackPath(context), e);
    }

    AuthenticationRequestCacheEntry authRequest = new AuthenticationRequestCacheEntry(authenticationRequest);
    String sessionDataKey = UUIDGenerator.generateUUID();
    authRequest.setValidityPeriod(TimeUnit.MINUTES.toNanos(IdentityUtil.getOperationCleanUpTimeout()));
    FrameworkUtils.addAuthenticationRequestToCache(sessionDataKey, authRequest);

    InboundUtil.addContextToCache(sessionDataKey, context);

    FrameworkLoginResponse.FrameworkLoginResponseBuilder responseBuilder =
            new FrameworkLoginResponse.FrameworkLoginResponseBuilder(context);
    responseBuilder.setAuthName(getType(context));
    responseBuilder.setContextKey(sessionDataKey);
    responseBuilder.setCallbackPath(getCallbackPath(context));
    responseBuilder.setRelyingParty(getRelyingPartyId(context));
    //type parameter is using since framework checking it, but future it'll use AUTH_NAME
    responseBuilder.setAuthType(getType(context));
    String commonAuthURL = IdentityUtil.getServerURL(FrameworkConstants.COMMONAUTH, true, true);
    responseBuilder.setRedirectURL(commonAuthURL);
    return responseBuilder;
}