org.opensaml.saml2.core.Response类的使用及代码示例

x33g5p2x  于2022-01-29 转载在 其他  
字(15.2k)|赞(0)|评价(0)|浏览(129)

本文整理了Java中org.opensaml.saml2.core.Response类的一些代码示例,展示了Response类的具体用法。这些代码示例主要来源于Github/Stackoverflow/Maven等平台,是从一些精选项目中提取出来的代码,具有较强的参考意义,能在一定程度帮忙到你。Response类的具体详情如下:
包路径:org.opensaml.saml2.core.Response
类名称:Response

Response介绍

[英]SAML 2.0 Core Response.
[中]SAML2.0核心响应。

代码示例

代码示例来源:origin: cloudfoundry/uaa

private Response createResponse(SAMLMessageContext context, AssertionConsumerService assertionConsumerService,
    Assertion assertion, AuthnRequest authnRequest) {
  @SuppressWarnings("unchecked")
  SAMLObjectBuilder<Response> responseBuilder = (SAMLObjectBuilder<Response>) builderFactory
      .getBuilder(Response.DEFAULT_ELEMENT_NAME);
  Response response = responseBuilder.buildObject();
  buildCommonAttributes(context.getLocalEntityId(), response, assertionConsumerService, authnRequest);
  response.getAssertions().add(assertion);
  buildStatusSuccess(response);
  return response;
}

代码示例来源:origin: cloudfoundry/uaa

private void buildCommonAttributes(String localEntityId, Response response, Endpoint service,
                  AuthnRequest authnRequest) {
  response.setID(generateID());
  response.setIssuer(getIssuer(localEntityId));
  response.setInResponseTo(authnRequest.getID());
  response.setVersion(SAMLVersion.VERSION_20);
  response.setIssueInstant(new DateTime());
  if (service != null) {
    response.setDestination(service.getLocation());
  }
}

代码示例来源:origin: cloudfoundry/uaa

public static Response wrapAssertionIntoResponse(Assertion assertion, String assertionIssuer) {
  Response response = new ResponseBuilder().buildObject();
  Issuer issuer = new IssuerBuilder().buildObject();
  issuer.setValue(assertionIssuer);
  response.setIssuer(issuer);
  response.setID("id-" + System.currentTimeMillis());
  Status stat = new StatusBuilder().buildObject();
  // Set the status code
  StatusCode statCode = new StatusCodeBuilder().buildObject();
  statCode.setValue("urn:oasis:names:tc:SAML:2.0:status:Success");
  stat.setStatusCode(statCode);
  // Set the status Message
  StatusMessage statMesssage = new StatusMessageBuilder().buildObject();
  statMesssage.setMessage(null);
  stat.setStatusMessage(statMesssage);
  response.setStatus(stat);
  response.setVersion(SAMLVersion.VERSION_20);
  response.setIssueInstant(new DateTime());
  response.getAssertions().add(assertion);
  //XMLHelper.adoptElement(assertion.getDOM(), assertion.getDOM().getOwnerDocument());
  return response;
}

代码示例来源:origin: cloudfoundry/uaa

@Test
public void testBuildResponse() throws MessageEncodingException, SAMLException, MetadataProviderException,
    SecurityException, MarshallingException, SignatureException {
  String authenticationId = UUID.randomUUID().toString();
  Authentication authentication = samlTestUtils.mockUaaAuthentication(authenticationId);
  SAMLMessageContext context = samlTestUtils.mockSamlMessageContext();
  IdpWebSSOProfileOptions options = new IdpWebSSOProfileOptions();
  options.setAssertionsSigned(false);
  profile.buildResponse(authentication, context, options);
  AuthnRequest request = (AuthnRequest) context.getInboundSAMLMessage();
  Response response = (Response) context.getOutboundSAMLMessage();
  assertEquals(request.getID(), response.getInResponseTo());
  Assertion assertion = response.getAssertions().get(0);
  Subject subject = assertion.getSubject();
  assertEquals("marissa", subject.getNameID().getValue());
  assertEquals(NameIDType.UNSPECIFIED, subject.getNameID().getFormat());
  SubjectConfirmation subjectConfirmation = subject.getSubjectConfirmations().get(0);
  SubjectConfirmationData subjectConfirmationData = subjectConfirmation.getSubjectConfirmationData();
  assertEquals(request.getID(), subjectConfirmationData.getInResponseTo());
  verifyAssertionAttributes(authenticationId, assertion);
}

代码示例来源:origin: org.opensaml/opensaml

/** {@inheritDoc} */
protected void processChildElement(XMLObject parentSAMLObject, XMLObject childSAMLObject)
    throws UnmarshallingException {
  Response resp = (Response) parentSAMLObject;
  if (childSAMLObject instanceof Assertion) {
    resp.getAssertions().add((Assertion) childSAMLObject);
  } else if (childSAMLObject instanceof EncryptedAssertion) {
    resp.getEncryptedAssertions().add((EncryptedAssertion) childSAMLObject);
  } else {
    super.processChildElement(parentSAMLObject, childSAMLObject);
  }
}

代码示例来源:origin: se.skltp.adapterservices.se.apotekensservice/TicketMachine

@Override
  public Response build() {
    Response saml2Response = new ResponseBuilder().buildObject();
    saml2Response.setIssueInstant(issueInstant);
    saml2Response.setVersion(SAMLVersion.VERSION_20);
    saml2Response.setID(id);
    saml2Response.setInResponseTo(inResponseTo);
    saml2Response.setIssuer(issuer);
    saml2Response.setStatus(status);
    saml2Response.setSignature(signature);
    if(assertions.size() >0){
      for (Assertion assertion : assertions) {
        saml2Response.getAssertions().add(assertion);
      }
    }
    return saml2Response;
  }
}

代码示例来源:origin: org.wso2.carbon.identity.framework/org.wso2.carbon.identity.entitlement

.getBuilder(Response.DEFAULT_ELEMENT_NAME);
Response response = builder.buildObject();
response.getAssertions().add(assertion);
response.setIssuer(createIssuer());
DateTime issueInstant = new DateTime();
response.setIssueInstant(issueInstant);
response = setSignature(response, XMLSignature.ALGO_ID_SIGNATURE_RSA, createBasicCredentials());
try {

代码示例来源:origin: coveo/saml-client

private void validateSignature(Response response) throws SamlException {
 Signature responseSignature = response.getSignature();
 Signature assertionSignature = response.getAssertions().get(0).getSignature();
 if (responseSignature == null && assertionSignature == null) {
  throw new SamlException("No signature is present in either response or assertion");
 }
 if (responseSignature != null && !validate(responseSignature)) {
  throw new SamlException("The response signature is invalid");
 }
 if (assertionSignature != null && !validate(assertionSignature)) {
  throw new SamlException("The assertion signature is invalid");
 }
}

代码示例来源:origin: org.springframework.security.extensions/spring-security-saml2-core

String statusCode = response.getStatus().getStatusCode().getValue();
if (!StatusCode.SUCCESS_URI.equals(statusCode)) {
  StatusMessage statusMessage = response.getStatus().getStatusMessage();
  String statusMessageText = null;
  if (statusMessage != null) {
if (response.getSignature() != null && !context.isInboundSAMLMessageAuthenticated()) {
  log.debug("Verifying Response signature");
  verifySignature(response.getSignature(), context.getPeerEntityId(), context.getLocalTrustEngine());
  context.setInboundSAMLMessageAuthenticated(true);
DateTime time = response.getIssueInstant();
if (!isDateTimeSkewValid(getResponseSkew(), time)) {
  throw new SAMLException("Response issue time is either too old or with date in the future, skew " + getResponseSkew() + ", time " + time);
if (!context.getPeerExtendedMetadata().isSupportUnsolicitedResponse() && response.getInResponseTo() == null) {
  throw new SAMLException("Reception of Unsolicited Response messages (without InResponseToField) is disabled");
if (messageStorage != null && response.getInResponseTo() != null) {
  XMLObject xmlObject = messageStorage.retrieveMessage(response.getInResponseTo());
  if (xmlObject == null) {
    throw new SAMLException("InResponseToField of the Response doesn't correspond to sent message " + response.getInResponseTo());
  } else if (xmlObject instanceof AuthnRequest) {
    request = (AuthnRequest) xmlObject;
  } else {
    throw new SAMLException("Sent request was of different type than the expected AuthnRequest " + response.getInResponseTo());
verifyEndpoint(context.getLocalEntityEndpoint(), response.getDestination());

代码示例来源:origin: apache/cloudstack

final String samlResponse = ((String[])params.get(SAMLPluginConstants.SAML_RESPONSE))[0];
Response processedSAMLResponse = this.processSAMLResponse(samlResponse);
String statusCode = processedSAMLResponse.getStatus().getStatusCode().getValue();
if (!statusCode.equals(StatusCode.SUCCESS_URI)) {
  throw new ServerApiException(ApiErrorCode.ACCOUNT_ERROR, apiServer.getSerializedApiError(ApiErrorCode.ACCOUNT_ERROR.getHttpCode(),
Issuer issuer = processedSAMLResponse.getIssuer();
SAMLProviderMetadata spMetadata = samlAuthManager.getSPMetadata();
SAMLProviderMetadata idpMetadata = samlAuthManager.getIdPMetadata(issuer.getValue());
String responseToId = processedSAMLResponse.getInResponseTo();
s_logger.debug("Received SAMLResponse in response to id=" + responseToId);
SAMLTokenVO token = samlAuthManager.getToken(responseToId);
Signature sig = processedSAMLResponse.getSignature();
if (idpMetadata.getSigningCertificate() != null && sig != null) {
  BasicX509Credential credential = new BasicX509Credential();
  username = SAMLUtils.getValueFromAssertions(processedSAMLResponse.getAssertions(), SAML2AuthManager.SAMLUserAttributeName.value());
for (Assertion assertion: processedSAMLResponse.getAssertions()) {
  if (assertion!= null && assertion.getSubject() != null && assertion.getSubject().getNameID() != null) {
    session.setAttribute(SAMLPluginConstants.SAML_NAMEID, assertion.getSubject().getNameID().getValue());
  Decrypter decrypter = new Decrypter(null, keyInfoResolver, keyResolver);
  decrypter.setRootInNewDocument(true);
  List<EncryptedAssertion> encryptedAssertions = processedSAMLResponse.getEncryptedAssertions();
  if (encryptedAssertions != null) {
    for (EncryptedAssertion encryptedAssertion : encryptedAssertions) {

代码示例来源:origin: org.wso2.carbon.identity.carbon.auth.saml2/org.wso2.carbon.identity.authenticator.saml2.sso.ui

Response samlResponse;
samlResponse = (Response) samlObject;
List<Assertion> assertions = samlResponse.getAssertions();
Assertion assertion = null;
if (assertions != null && assertions.size() > 0) {
  assertion = assertions.get(0);
} else {
  List<EncryptedAssertion> encryptedAssertions = samlResponse.getEncryptedAssertions();
  EncryptedAssertion encryptedAssertion;
  if (encryptedAssertions.size() > 0) {
  if (samlResponse.getStatus() != null &&
      samlResponse.getStatus().getStatusCode() != null &&
      samlResponse.getStatus().getStatusCode().getValue().equals("urn:oasis:names:tc:SAML:2.0:status:Responder") &&
      samlResponse.getStatus().getStatusCode().getStatusCode() != null &&
      samlResponse.getStatus().getStatusCode().getStatusCode().getValue().equals("urn:oasis:names:tc:SAML:2.0:status:NoPassive")) {
  if (samlResponse.getStatus() != null &&
      samlResponse.getStatus().getStatusMessage() != null) {
    log.error(samlResponse.getStatus().getStatusMessage().getMessage());
  } else {
    log.error("SAML Assertion not found in the Response.");

代码示例来源:origin: org.wso2.carbon.identity.agent.entitlement.mediator/org.wso2.carbon.identity.entitlement.proxy

if (validateIssuer(samlResponseObject.getIssuer())) {
  if (validateSignature(samlResponseObject.getSignature())) {
    List<Assertion> assertionList = samlResponseObject.getAssertions();

代码示例来源:origin: org.wso2.carbon.identity/org.wso2.carbon.identity.sso.saml.ui

public static String generateErrorneousResponse() {
  Response response = new ResponseBuilder().buildObject();
  response.setIssuer(getIssuer());
  response.setStatus(buildStatus());
  response.setVersion(SAMLVersion.VERSION_20);
  response.setID(UIDGenerator.generateUID());
  try {
    return encode(marshall(response));
  } catch (IdentityException e) {
    if (log.isDebugEnabled()) {
      log.debug("Error while encoding.", e);
    }
    return null;
  }
}

代码示例来源:origin: be.fedict.eid-idp/eid-idp-sp-protocol-saml2

if (!samlResponse.getInResponseTo().equals(requestId)) {
Status status = samlResponse.getStatus();
StatusCode statusCode = status.getStatusCode();
String statusValue = statusCode.getValue();
List<Assertion> assertions = samlResponse.getAssertions();
if (assertions.isEmpty()) {
  throw new AuthenticationResponseProcessorException(
if (null == samlResponse.getSignature() && expectResponseSigned) {
  throw new AuthenticationResponseProcessorException(
      "Expected a signed response but was not so! ");
  if (null != samlResponse.getSignature()) {
          .getCertificates(samlResponse.getSignature()
              .getKeyInfo());

代码示例来源:origin: org.wso2.carbon.identity.inbound.auth.saml2/org.wso2.carbon.identity.authenticator.inbound.saml2sso

response.getAssertions().add(assertion);
      new SAML2SSOResponseBuilderException(StatusCode.RESPONDER_URI,
          "Encryption certificate is not configured.");
  ex.setInResponseTo(response.getID());
  ex.setAcsUrl(response.getDestination());
  throw ex;
      new SAML2SSOResponseBuilderException(StatusCode.RESPONDER_URI,
          "Invalid encoded certificate: " + encodedCert);
  ex.setInResponseTo(response.getID());
  ex.setAcsUrl(response.getDestination());
  throw ex;
          "Error occurred while encrypting assertion.", e);
  ex.setInResponseTo(assertion.getID());
  ex.setAcsUrl(response.getDestination());
  throw ex;
          "Error occurred while encrypting assertion.", e);
  ex.setInResponseTo(assertion.getID());
  ex.setAcsUrl(response.getDestination());
  throw ex;
response.getEncryptedAssertions().add(encryptedAssertion);

代码示例来源:origin: org.adeptnet.auth/auth-saml

private void validate(final Response response) throws ValidationException {
  if (response.getStatus() == null
      || response.getStatus().getStatusCode() == null
      || !(StatusCode.SUCCESS_URI
      .equals(response.getStatus().getStatusCode().getValue()))) {
    throw new ValidationException("Response has an unsuccessful status code");
  if (!config.getSPConfig().getAcs().equals(response.getDestination())) {
    throw new ValidationException("Response is destined for a different endpoint");
  final DateTime issueInstant = response.getIssueInstant();
  for (Assertion assertion : response.getAssertions()) {

代码示例来源:origin: org.wso2.carbon.identity.carbon.auth.saml2/org.wso2.carbon.identity.authenticator.saml2.sso

/**
 * Validate the signature of a SAML2 Response
 *
 * @param response   SAML2 Response
 * @param domainName domain name of the subject
 * @return true, if signature is valid.
 */
private boolean validateSignature(Response response, String domainName) {
  boolean isSignatureValid = false;
  if (response == null || response.getSignature() == null) {
    log.error("SAML Response is not signed or response not available. Authentication process will be " +
        "terminated.");
  } else {
    if (log.isDebugEnabled()) {
      log.debug("Validating SAML Response Signature.");
    }
    isSignatureValid = validateSignature(response.getSignature(), domainName);
  }
  return isSignatureValid;
}

代码示例来源:origin: lastpass/saml-sdk-java

Signature sig = response.getSignature();
if (sig != null)
  sigValidator.validate(sig);
if (response.getStatus() == null ||
  response.getStatus().getStatusCode() == null ||
  !(StatusCode.SUCCESS_URI
    .equals(response.getStatus().getStatusCode().getValue()))) {
  throw new ValidationException(
    "Response has an unsuccessful status code");
if (!spConfig.getAcs().equals(response.getDestination()))
  throw new ValidationException(
    "Response is destined for a different endpoint");
DateTime issueInstant = response.getIssueInstant();

代码示例来源:origin: apache/cloudstack

final String samlResponse = ((String[])params.get(SAMLPluginConstants.SAML_RESPONSE))[0];
Response processedSAMLResponse = SAMLUtils.decodeSAMLResponse(samlResponse);
String statusCode = processedSAMLResponse.getStatus().getStatusCode().getValue();
if (!statusCode.equals(StatusCode.SUCCESS_URI)) {
  throw new ServerApiException(ApiErrorCode.INTERNAL_ERROR, _apiServer.getSerializedApiError(ApiErrorCode.INTERNAL_ERROR.getHttpCode(),

代码示例来源:origin: coveo/saml-client

private void validateResponse(Response response) throws SamlException {
 try {
  new ResponseSchemaValidator().validate(response);
 } catch (ValidationException ex) {
  throw new SamlException("The response schema validation failed", ex);
 }
 if (!response.getIssuer().getValue().equals(responseIssuer)) {
  throw new SamlException("The response issuer didn't match the expected value");
 }
 String statusCode = response.getStatus().getStatusCode().getValue();
 if (!statusCode.equals("urn:oasis:names:tc:SAML:2.0:status:Success")) {
  throw new SamlException("Invalid status code: " + statusCode);
 }
}

相关文章