Package org.apereo.cas.support.saml.web.idp.profile

Class AbstractSamlProfileHandlerController

    • Method Summary

      All Methods Instance Methods Concrete Methods 
      Modifier and Type Method Description
      protected org.jasig.cas.client.validation.Assertion buildCasAssertion​(java.lang.String principal, org.apereo.cas.services.RegisteredService registeredService, java.util.Map<java.lang.String,​java.lang.Object> attributes)
      Build cas assertion.
      protected org.jasig.cas.client.validation.Assertion buildCasAssertion​(org.apereo.cas.authentication.Authentication authentication, org.apereo.cas.authentication.principal.Service service, org.apereo.cas.services.RegisteredService registeredService, java.util.Map<java.lang.String,​java.util.List<java.lang.Object>> attributesToCombine)
      Build cas assertion.
      protected java.lang.String buildRedirectUrlByRequestedAuthnContext​(java.lang.String initialUrl, org.opensaml.saml.saml2.core.AuthnRequest authnRequest, javax.servlet.http.HttpServletRequest request)
      Build redirect url by requested authn context.
      protected void buildSamlResponse​(javax.servlet.http.HttpServletResponse response, javax.servlet.http.HttpServletRequest request, org.apache.commons.lang3.tuple.Pair<org.opensaml.saml.saml2.core.AuthnRequest,​org.opensaml.messaging.context.MessageContext> authenticationContext, org.jasig.cas.client.validation.Assertion casAssertion, java.lang.String binding)
      Build saml response.
      protected java.lang.String constructServiceUrl​(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response, org.apache.commons.lang3.tuple.Pair<? extends org.opensaml.saml.common.SignableSAMLObject,​org.opensaml.messaging.context.MessageContext> pair)
      Construct service url string.
      protected org.opensaml.messaging.context.MessageContext decodeSoapRequest​(javax.servlet.http.HttpServletRequest request)
      Decode soap 11 context.
      protected java.util.Map<java.lang.String,​java.lang.String> getAuthenticationContextMappings()
      Gets authentication context mappings.
      protected org.apache.commons.lang3.tuple.Pair<org.apereo.cas.support.saml.services.SamlRegisteredService,​org.apereo.cas.support.saml.services.idp.metadata.SamlRegisteredServiceServiceProviderMetadataFacade> getRegisteredServiceAndFacade​(org.opensaml.saml.saml2.core.AuthnRequest request)
      Gets registered service and facade.
      protected java.util.Optional<org.apereo.cas.support.saml.services.idp.metadata.SamlRegisteredServiceServiceProviderMetadataFacade> getSamlMetadataFacadeFor​(org.apereo.cas.support.saml.services.SamlRegisteredService registeredService, java.lang.String entityId)
      Gets saml metadata adaptor for service.
      protected java.util.Optional<org.apereo.cas.support.saml.services.idp.metadata.SamlRegisteredServiceServiceProviderMetadataFacade> getSamlMetadataFacadeFor​(org.apereo.cas.support.saml.services.SamlRegisteredService registeredService, org.opensaml.saml.saml2.core.RequestAbstractType authnRequest)
      Gets saml metadata adaptor for service.
      org.springframework.web.servlet.ModelAndView handleUnauthorizedServiceException​(javax.servlet.http.HttpServletRequest req, java.lang.Exception ex)
      Handle unauthorized service exception.
      protected void initiateAuthenticationRequest​(org.apache.commons.lang3.tuple.Pair<? extends org.opensaml.saml.common.SignableSAMLObject,​org.opensaml.messaging.context.MessageContext> pair, javax.servlet.http.HttpServletResponse response, javax.servlet.http.HttpServletRequest request)
      Initiate authentication request.
      protected void issueAuthenticationRequestRedirect​(org.apache.commons.lang3.tuple.Pair<? extends org.opensaml.saml.common.SignableSAMLObject,​org.opensaml.messaging.context.MessageContext> pair, javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response)
      Redirect request for authentication.
      protected void logCasValidationAssertion​(org.jasig.cas.client.validation.Assertion assertion)
      Log cas validation assertion.
      protected org.opensaml.saml.saml2.core.AuthnRequest retrieveSamlAuthenticationRequestFromHttpRequest​(javax.servlet.http.HttpServletRequest request)
      Retrieve authn request authn request.
      protected void verifyAuthenticationContextSignature​(org.apache.commons.lang3.tuple.Pair<? extends org.opensaml.saml.common.SignableSAMLObject,​org.opensaml.messaging.context.MessageContext> authenticationContext, javax.servlet.http.HttpServletRequest request, org.opensaml.saml.saml2.core.RequestAbstractType authnRequest, org.apereo.cas.support.saml.services.idp.metadata.SamlRegisteredServiceServiceProviderMetadataFacade adaptor)
      Verify authentication context signature.
      protected void verifyAuthenticationContextSignature​(org.opensaml.messaging.context.MessageContext ctx, javax.servlet.http.HttpServletRequest request, org.opensaml.saml.saml2.core.RequestAbstractType authnRequest, org.apereo.cas.support.saml.services.idp.metadata.SamlRegisteredServiceServiceProviderMetadataFacade adaptor)
      Verify authentication context signature.
      protected org.apache.commons.lang3.tuple.Pair<org.apereo.cas.support.saml.services.SamlRegisteredService,​org.apereo.cas.support.saml.services.idp.metadata.SamlRegisteredServiceServiceProviderMetadataFacade> verifySamlAuthenticationRequest​(org.apache.commons.lang3.tuple.Pair<? extends org.opensaml.saml.common.SignableSAMLObject,​org.opensaml.messaging.context.MessageContext> authenticationContext, javax.servlet.http.HttpServletRequest request)
      Verify saml authentication request.
      protected org.apereo.cas.support.saml.services.SamlRegisteredService verifySamlRegisteredService​(java.lang.String serviceId)
      Gets registered service and verify.

      • Methods inherited from class java.lang.Object

        clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

    • Constructor Detail

      • AbstractSamlProfileHandlerController

        public AbstractSamlProfileHandlerController()

    • Method Detail

      • getSamlMetadataFacadeFor

        protected java.util.Optional<org.apereo.cas.support.saml.services.idp.metadata.SamlRegisteredServiceServiceProviderMetadataFacade> getSamlMetadataFacadeFor​(org.apereo.cas.support.saml.services.SamlRegisteredService registeredService,
                                                                                                                                                            org.opensaml.saml.saml2.core.RequestAbstractType authnRequest)
        Gets saml metadata adaptor for service.
        Parameters:
        registeredService - the registered service
        authnRequest - the authn request
        Returns:
        the saml metadata adaptor for service

      • getSamlMetadataFacadeFor

        protected java.util.Optional<org.apereo.cas.support.saml.services.idp.metadata.SamlRegisteredServiceServiceProviderMetadataFacade> getSamlMetadataFacadeFor​(org.apereo.cas.support.saml.services.SamlRegisteredService registeredService,
                                                                                                                                                            java.lang.String entityId)
        Gets saml metadata adaptor for service.
        Parameters:
        registeredService - the registered service
        entityId - the entity id
        Returns:
        the saml metadata adaptor for service

      • verifySamlRegisteredService

        protected org.apereo.cas.support.saml.services.SamlRegisteredService verifySamlRegisteredService​(java.lang.String serviceId)
        Gets registered service and verify.
        Parameters:
        serviceId - the service id
        Returns:
        the registered service and verify

      • retrieveSamlAuthenticationRequestFromHttpRequest

        protected org.opensaml.saml.saml2.core.AuthnRequest retrieveSamlAuthenticationRequestFromHttpRequest​(javax.servlet.http.HttpServletRequest request)
                                                                                              throws java.lang.Exception
        Retrieve authn request authn request.
        Parameters:
        request - the request
        Returns:
        the authn request
        Throws:
        java.lang.Exception - the exception

      • buildCasAssertion

        protected org.jasig.cas.client.validation.Assertion buildCasAssertion​(org.apereo.cas.authentication.Authentication authentication,
                                                                      org.apereo.cas.authentication.principal.Service service,
                                                                      org.apereo.cas.services.RegisteredService registeredService,
                                                                      java.util.Map<java.lang.String,​java.util.List<java.lang.Object>> attributesToCombine)
        Build cas assertion.
        Parameters:
        authentication - the authentication
        service - the service
        registeredService - the registered service
        attributesToCombine - the attributes to combine
        Returns:
        the assertion

      • buildCasAssertion

        protected org.jasig.cas.client.validation.Assertion buildCasAssertion​(java.lang.String principal,
                                                                      org.apereo.cas.services.RegisteredService registeredService,
                                                                      java.util.Map<java.lang.String,​java.lang.Object> attributes)
        Build cas assertion.
        Parameters:
        principal - the principal
        registeredService - the registered service
        attributes - the attributes
        Returns:
        the assertion

      • logCasValidationAssertion

        protected void logCasValidationAssertion​(org.jasig.cas.client.validation.Assertion assertion)
        Log cas validation assertion.
        Parameters:
        assertion - the assertion

      • issueAuthenticationRequestRedirect

        protected void issueAuthenticationRequestRedirect​(org.apache.commons.lang3.tuple.Pair<? extends org.opensaml.saml.common.SignableSAMLObject,​org.opensaml.messaging.context.MessageContext> pair,
                                                  javax.servlet.http.HttpServletRequest request,
                                                  javax.servlet.http.HttpServletResponse response)
                                           throws java.lang.Exception
        Redirect request for authentication.
        Parameters:
        pair - the pair
        request - the request
        response - the response
        Throws:
        java.lang.Exception - the exception

      • getAuthenticationContextMappings

        protected java.util.Map<java.lang.String,​java.lang.String> getAuthenticationContextMappings()
        Gets authentication context mappings.
        Returns:
        the authentication context mappings

      • buildRedirectUrlByRequestedAuthnContext

        protected java.lang.String buildRedirectUrlByRequestedAuthnContext​(java.lang.String initialUrl,
                                                                   org.opensaml.saml.saml2.core.AuthnRequest authnRequest,
                                                                   javax.servlet.http.HttpServletRequest request)
        Build redirect url by requested authn context.
        Parameters:
        initialUrl - the initial url
        authnRequest - the authn request
        request - the request
        Returns:
        the redirect url

      • constructServiceUrl

        protected java.lang.String constructServiceUrl​(javax.servlet.http.HttpServletRequest request,
                                               javax.servlet.http.HttpServletResponse response,
                                               org.apache.commons.lang3.tuple.Pair<? extends org.opensaml.saml.common.SignableSAMLObject,​org.opensaml.messaging.context.MessageContext> pair)
                                        throws org.apereo.cas.support.saml.SamlException
        Construct service url string.
        Parameters:
        request - the request
        response - the response
        pair - the pair
        Returns:
        the string
        Throws:
        org.apereo.cas.support.saml.SamlException - the saml exception

      • initiateAuthenticationRequest

        protected void initiateAuthenticationRequest​(org.apache.commons.lang3.tuple.Pair<? extends org.opensaml.saml.common.SignableSAMLObject,​org.opensaml.messaging.context.MessageContext> pair,
                                             javax.servlet.http.HttpServletResponse response,
                                             javax.servlet.http.HttpServletRequest request)
                                      throws java.lang.Exception
        Initiate authentication request.
        Parameters:
        pair - the pair
        response - the response
        request - the request
        Throws:
        java.lang.Exception - the exception

      • verifySamlAuthenticationRequest

        protected org.apache.commons.lang3.tuple.Pair<org.apereo.cas.support.saml.services.SamlRegisteredService,​org.apereo.cas.support.saml.services.idp.metadata.SamlRegisteredServiceServiceProviderMetadataFacade> verifySamlAuthenticationRequest​(org.apache.commons.lang3.tuple.Pair<? extends org.opensaml.saml.common.SignableSAMLObject,​org.opensaml.messaging.context.MessageContext> authenticationContext,
                                                                                                                                                                                                                                                     javax.servlet.http.HttpServletRequest request)
                                                                                                                                                                                                                                              throws java.lang.Exception
        Verify saml authentication request.
        Parameters:
        authenticationContext - the pair
        request - the request
        Returns:
        the pair
        Throws:
        java.lang.Exception - the exception

      • verifyAuthenticationContextSignature

        protected void verifyAuthenticationContextSignature​(org.apache.commons.lang3.tuple.Pair<? extends org.opensaml.saml.common.SignableSAMLObject,​org.opensaml.messaging.context.MessageContext> authenticationContext,
                                                    javax.servlet.http.HttpServletRequest request,
                                                    org.opensaml.saml.saml2.core.RequestAbstractType authnRequest,
                                                    org.apereo.cas.support.saml.services.idp.metadata.SamlRegisteredServiceServiceProviderMetadataFacade adaptor)
                                             throws java.lang.Exception
        Verify authentication context signature.
        Parameters:
        authenticationContext - the authentication context
        request - the request
        authnRequest - the authn request
        adaptor - the adaptor
        Throws:
        java.lang.Exception - the exception

      • verifyAuthenticationContextSignature

        protected void verifyAuthenticationContextSignature​(org.opensaml.messaging.context.MessageContext ctx,
                                                    javax.servlet.http.HttpServletRequest request,
                                                    org.opensaml.saml.saml2.core.RequestAbstractType authnRequest,
                                                    org.apereo.cas.support.saml.services.idp.metadata.SamlRegisteredServiceServiceProviderMetadataFacade adaptor)
                                             throws java.lang.Exception
        Verify authentication context signature.
        Parameters:
        ctx - the authentication context
        request - the request
        authnRequest - the authn request
        adaptor - the adaptor
        Throws:
        java.lang.Exception - the exception

      • buildSamlResponse

        protected void buildSamlResponse​(javax.servlet.http.HttpServletResponse response,
                                 javax.servlet.http.HttpServletRequest request,
                                 org.apache.commons.lang3.tuple.Pair<org.opensaml.saml.saml2.core.AuthnRequest,​org.opensaml.messaging.context.MessageContext> authenticationContext,
                                 org.jasig.cas.client.validation.Assertion casAssertion,
                                 java.lang.String binding)
        Build saml response.
        Parameters:
        response - the response
        request - the request
        authenticationContext - the authentication context
        casAssertion - the cas assertion
        binding - the binding

      • getRegisteredServiceAndFacade

        protected org.apache.commons.lang3.tuple.Pair<org.apereo.cas.support.saml.services.SamlRegisteredService,​org.apereo.cas.support.saml.services.idp.metadata.SamlRegisteredServiceServiceProviderMetadataFacade> getRegisteredServiceAndFacade​(org.opensaml.saml.saml2.core.AuthnRequest request)
        Gets registered service and facade.
        Parameters:
        request - the request
        Returns:
        the registered service and facade

      • decodeSoapRequest

        protected org.opensaml.messaging.context.MessageContext decodeSoapRequest​(javax.servlet.http.HttpServletRequest request)
        Decode soap 11 context.
        Parameters:
        request - the request
        Returns:
        the soap 11 context

      • handleUnauthorizedServiceException

        @ExceptionHandler(org.apereo.cas.services.UnauthorizedServiceException.class)
public org.springframework.web.servlet.ModelAndView handleUnauthorizedServiceException​(javax.servlet.http.HttpServletRequest req,
                                                                                       java.lang.Exception ex)
        Handle unauthorized service exception.
        Parameters:
        req - the req
        ex - the ex
        Returns:
        the model and view