Java tutorial
/* * Asimba Server * * Copyright (C) 2012 Asimba * Copyright (C) 2007-2008 Alfa & Ariss B.V. * * This program is free software: you can redistribute it and/or modify * it under the terms of the GNU Affero General Public License as published by * the Free Software Foundation, either version 3 of the License, or * (at your option) any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU Affero General Public License for more details. * * You should have received a copy of the GNU Affero General Public License * along with this program. If not, see www.gnu.org/licenses * * Asimba - Serious Open Source SSO - More information on www.asimba.org * */ package com.alfaariss.oa.util.saml2.protocol; import java.io.UnsupportedEncodingException; import java.security.SecureRandom; import org.joda.time.DateTime; import org.opensaml.Configuration; import org.opensaml.common.SAMLVersion; import org.opensaml.saml2.core.Status; import org.opensaml.saml2.core.StatusCode; import org.opensaml.saml2.core.StatusResponseType; import org.opensaml.saml2.core.impl.StatusBuilder; import org.opensaml.saml2.core.impl.StatusCodeBuilder; import org.opensaml.xml.XMLObjectBuilderFactory; import com.alfaariss.oa.util.ModifiedBase64; import com.alfaariss.oa.util.saml2.SAML2IssueInstantWindow; /** * Abstract SAML2 protocol implementation. * * @author EVB * @author Alfa & Ariss */ public abstract class AbstractSAML2Protocol { /** The length of the artifact response message ID. */ public static final int REPONSE_ID_LENGTH = 20; /** XMLObjectBuilderFactory */ protected XMLObjectBuilderFactory _builderFactory; /** The expected destination */ protected String _sProfileURL; /** SecureRandom */ protected SecureRandom _random; /** SAML2IssueInstantWindow */ protected SAML2IssueInstantWindow _issueInstantWindow; /** * Create a new <code>AbstractSAML2Protocol</code>. * @param random The secure random generator. * @param sProfileURL The profile URL. * @param issueInstantWindow The issue instant window for requests. */ public AbstractSAML2Protocol(SecureRandom random, String sProfileURL, SAML2IssueInstantWindow issueInstantWindow) { _builderFactory = Configuration.getBuilderFactory(); _sProfileURL = sProfileURL; _random = random; _issueInstantWindow = issueInstantWindow; } /** * Populate a <code>Response</code>. * * Set the basic properties ID, version and issueInstant of a response. * * If no ID is supplied, an ID is generated. * @param response Empty response. * @param id The optional message ID, * @throws UnsupportedEncodingException If base64 encoding fails. */ protected void populateResponse(StatusResponseType response, String id) throws UnsupportedEncodingException { //DD Identifier is generated by crypto provider, uniqueness depends on provider implementation [saml-core r323] if (id == null) { //If no ID supplied generate one byte[] baId = new byte[REPONSE_ID_LENGTH]; _random.nextBytes(baId); id = ModifiedBase64.encode(baId); } response.setID("_" + id); response.setIssueInstant(new DateTime()); response.setVersion(SAMLVersion.VERSION_20); } /** * Build SAML2 status code. * * @param sTopLevelStatus The top-level status. * @param sSecondLevelStatus The second-0level status. * @return The constructed status code. */ protected Status constructStatusCode(String sTopLevelStatus, String sSecondLevelStatus) { StatusCodeBuilder statusCodeBuilder = (StatusCodeBuilder) Configuration.getBuilderFactory() .getBuilder(StatusCode.DEFAULT_ELEMENT_NAME); StatusCode statusCode = statusCodeBuilder.buildObject(); statusCode.setValue(sTopLevelStatus); if (sSecondLevelStatus != null) { StatusCode secondStatusCode = statusCodeBuilder.buildObject(); secondStatusCode.setValue(sSecondLevelStatus); statusCode.setStatusCode(secondStatusCode); } StatusBuilder statusBuilder = (StatusBuilder) Configuration.getBuilderFactory() .getBuilder(Status.DEFAULT_ELEMENT_NAME); Status status = statusBuilder.buildObject(); status.setStatusCode(statusCode); return status; } }