1 22 package org.jboss.security.identity.sso; 23 24 import java.io.ByteArrayInputStream ; 25 import java.io.IOException ; 26 import java.util.Date ; 27 import java.util.Iterator ; 28 29 import org.opensaml.SAMLAssertion; 30 import org.opensaml.SAMLAuthenticationQuery; 31 import org.opensaml.SAMLAuthenticationStatement; 32 import org.opensaml.SAMLException; 33 import org.opensaml.SAMLNameIdentifier; 34 import org.opensaml.SAMLRequest; 35 import org.opensaml.SAMLResponse; 36 import org.opensaml.SAMLSubject; 37 import org.opensaml.provider.SecureRandomIDProvider; 38 39 41 48 public class JBossSingleSignOnProcessor implements SingleSignOnProcessor 49 { 50 private SecureRandomIDProvider idProvider = new SecureRandomIDProvider(); 51 52 private static final String LOGIN_FAILED="login_failed"; 53 54 57 public String generateAuthRequest(String username, String password) 58 throws SSOException 59 { 60 if(username == null || username.length() == 0) 61 throw new IllegalArgumentException ("username is null or zero-length"); 62 if(password == null) 63 throw new IllegalArgumentException ("password is null"); 64 try 65 { 66 String request = null; 67 68 SAMLNameIdentifier id = new SAMLNameIdentifier(); 70 id.setName(username); 71 id.setNameQualifier(password); 72 id.setFormat(SAMLNameIdentifier.FORMAT_UNSPECIFIED); 73 SAMLSubject subject = new SAMLSubject(); 74 subject.setNameIdentifier(id); 75 SAMLAuthenticationQuery query = new SAMLAuthenticationQuery(subject, 76 SAMLAuthenticationStatement.AuthenticationMethod_Password); 77 78 SAMLRequest authRequest = new SAMLRequest(query); 79 request = authRequest.toString(); 80 81 return request; 82 } 83 catch(SAMLException sme) 84 { 85 throw new SSOException(sme); 86 } 87 } 88 89 92 public String generateAuthResponse(String assertingParty, String username, 93 boolean success) throws SSOException 94 { 95 if(assertingParty == null || assertingParty.length() == 0) 96 throw new IllegalArgumentException ("assertingParty is null or zero-length"); 97 if(username == null || username.length() == 0) 98 throw new IllegalArgumentException ("username is null or zero-length"); 99 try 100 { 101 String response = null; 102 103 SAMLResponse authResponse = new SAMLResponse(); 105 authResponse.setId(this.idProvider.getIdentifier()); 106 107 if(success) 108 { 109 SAMLNameIdentifier id = new SAMLNameIdentifier(); 111 id.setName(username); 112 id.setFormat(SAMLNameIdentifier.FORMAT_UNSPECIFIED); 113 SAMLSubject subject = new SAMLSubject(); 114 subject.setNameIdentifier(id); 115 116 String methodStr = SAMLAuthenticationStatement.AuthenticationMethod_Password; 117 SAMLAuthenticationStatement authStatement = new SAMLAuthenticationStatement(); 118 119 authStatement.setAuthMethod(methodStr); 120 authStatement.setSubject(subject); 121 authStatement.setAuthInstant(new Date ()); 122 123 SAMLAssertion authAssertion = new SAMLAssertion(); 125 authAssertion.setId(this.idProvider.getIdentifier()); 126 authAssertion.setIssuer(assertingParty); 127 authAssertion.addStatement(authStatement); 128 129 authResponse.addAssertion(authAssertion); 131 } 132 else 133 { 134 SAMLException loginFailed = new SAMLException(LOGIN_FAILED); 135 authResponse.setStatus(loginFailed); 136 } 137 138 response = authResponse.toString(); 139 140 return response; 141 } 142 catch(SAMLException sme) 143 { 144 throw new SSOException(sme); 145 } 146 } 147 148 151 public SSOUser parseAuthRequest(String request) throws SSOException 152 { 153 if(request == null || request.length() == 0) 154 throw new IllegalArgumentException ("request is null or zero-length"); 155 ByteArrayInputStream bis = null; 156 try 157 { 158 SSOUser user = null; 159 160 bis = new ByteArrayInputStream (request.getBytes()); 161 SAMLRequest authRequest = new SAMLRequest(bis); 162 163 164 SAMLAuthenticationQuery query = (SAMLAuthenticationQuery)authRequest.getQuery(); 165 SAMLSubject subject = query.getSubject(); 166 167 SAMLNameIdentifier id = subject.getNameIdentifier(); 169 String username = id.getName(); 170 String password = id.getNameQualifier(); 171 172 user = new SSOUser(username,password); 173 174 return user; 175 } 176 catch(SAMLException sme) 177 { 178 throw new SSOException(sme); 179 } 180 finally 181 { 182 if(bis!=null) 183 { 184 try{bis.close();}catch(IOException e){} 185 } 186 } 187 } 188 189 192 public AuthResponse parseAuthResponse(String resp) throws SSOException 193 { 194 if(resp == null || resp.length() == 0) 195 throw new IllegalArgumentException ("response is null or zero-length"); 196 AuthResponse authResponse = null; 197 ByteArrayInputStream bis = null; 198 boolean success = false; 199 String assertToken = null; 200 String assertingParty = null; 201 String username = null; 202 try 203 { 204 bis = new ByteArrayInputStream (resp.getBytes()); 205 SAMLResponse response = new SAMLResponse(bis); 206 207 Iterator assertions = response.getAssertions(); 208 if(assertions!=null && assertions.hasNext()) 209 { 210 success = true; 211 SAMLAssertion authAssertion = (SAMLAssertion)assertions.next(); 212 assertToken = authAssertion.getId(); 213 assertingParty = authAssertion.getIssuer(); 214 SAMLAuthenticationStatement authStatement = (SAMLAuthenticationStatement)authAssertion.getStatements().next(); 215 username = authStatement.getSubject().getNameIdentifier().getName(); 216 217 SSOUser user = new SSOUser(username,null); 218 authResponse = new AuthResponse(assertingParty,assertToken,user,success); 219 } 220 221 return authResponse; 222 } 223 catch(SAMLException sme) 224 { 225 if(sme.getMessage().equals(LOGIN_FAILED)) 226 { 227 success = false; 228 authResponse = new AuthResponse(assertingParty,assertToken,null,success); 229 return authResponse; 230 } 231 else 232 { 233 throw new SSOException(sme); 234 } 235 } 236 finally 237 { 238 if(bis!=null) 239 { 240 try{bis.close();}catch(Exception e){} 241 } 242 } 243 } 244 } 245 | Popular Tags |