Package org.opensaml.saml.saml2.binding.encoding.impl

Class HTTPPostSimpleSignEncoder

java.lang.Object

net.shibboleth.shared.component.AbstractInitializableComponent

org.opensaml.messaging.encoder.AbstractMessageEncoder

org.opensaml.messaging.encoder.servlet.AbstractHttpServletResponseMessageEncoder

org.opensaml.messaging.encoder.servlet.BaseHttpServletResponseXMLMessageEncoder

org.opensaml.saml.common.binding.impl.BaseSAMLHttpServletResponseEncoder

org.opensaml.saml.saml2.binding.encoding.impl.BaseSAML2MessageEncoder

org.opensaml.saml.saml2.binding.encoding.impl.HTTPPostEncoder

org.opensaml.saml.saml2.binding.encoding.impl.HTTPPostSimpleSignEncoder

All Implemented Interfaces:

Component, DestructableComponent, InitializableComponent, UnmodifiableComponent, HTMLMessageEncoder, MessageEncoder, HttpServletResponseMessageEncoder, SAMLMessageEncoder

public class HTTPPostSimpleSignEncoder
extends HTTPPostEncoder

SAML 2.0 HTTP-POST-SimpleSign binding message encoder.

Field Summary

Fields

Modifier and Type	Field	Description
static final String	DEFAULT_TEMPLATE_ID	Default template ID.
private final org.slf4j.Logger	log	Class logger.

Fields inherited from class org.opensaml.messaging.encoder.AbstractMessageEncoder

BASE_PROTOCOL_MESSAGE_LOGGER_CATEGORY

Constructor Summary

Constructors

Constructor	Description
HTTPPostSimpleSignEncoder()	Constructor.

Method Summary

Modifier and Type	Method	Description
protected String	buildFormDataToSign(org.apache.velocity.VelocityContext velocityContext, MessageContext messageContext, String sigAlgURI)	Build the form control data string over which the signature is computed.
protected String	buildKeyInfo(Credential signingCredential, KeyInfoGenerator kiGenerator)	Build the KeyInfo from the signing credential.
protected String	generateSignature(Credential signingCredential, String algorithmURI, String formData)	Generates the signature over the string of concatenated form control data as indicated by the SimpleSign spec.
String	getBindingURI()	Gets the SAML binding URI supported by this encoder.
protected String	getSignatureAlgorithmURI(SignatureSigningParameters signingParameters)	Gets the signature algorithm URI to use.
protected void	populateVelocityContext(org.apache.velocity.VelocityContext velocityContext, MessageContext messageContext, String endpointURL)	Populate the Velocity context instance which will be used to render the POST body.

Methods inherited from class org.opensaml.saml.saml2.binding.encoding.impl.HTTPPostEncoder

doEncode, doInitialize, getVelocityEngine, getVelocityTemplateId, postEncode, setCSPDigester, setCSPNonceGenerator, setVelocityEngine, setVelocityTemplateId

Methods inherited from class org.opensaml.saml.saml2.binding.encoding.impl.BaseSAML2MessageEncoder

getEndpointURL

Methods inherited from class org.opensaml.messaging.encoder.servlet.BaseHttpServletResponseXMLMessageEncoder

encode, marshallMessage, serializeMessageForLogging

Methods inherited from class org.opensaml.messaging.encoder.servlet.AbstractHttpServletResponseMessageEncoder

getHttpServletResponse, getHttpServletResponseSupplier, setHttpServletResponseSupplier

Methods inherited from class org.opensaml.messaging.encoder.AbstractMessageEncoder

getMessageContext, getMessageToLog, getProtocolMessageLogger, getProtocolMessageLoggerSubCategory, logEncodedMessage, prepareContext, setMessageContext, setProtocolMessageLoggerSubCategory

Methods inherited from class net.shibboleth.shared.component.AbstractInitializableComponent

checkComponentActive, checkSetterPreconditions, destroy, doDestroy, ifDestroyedThrowDestroyedComponentException, ifInitializedThrowUnmodifiabledComponentException, ifNotInitializedThrowUninitializedComponentException, initialize, isDestroyed, isInitialized

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Methods inherited from interface net.shibboleth.shared.component.DestructableComponent

destroy, isDestroyed

Methods inherited from interface net.shibboleth.shared.component.InitializableComponent

initialize, isInitialized

Methods inherited from interface org.opensaml.messaging.encoder.MessageEncoder

encode, prepareContext, setMessageContext

Field Details

DEFAULT_TEMPLATE_ID

@Nonnull
@NotEmpty
public static final String DEFAULT_TEMPLATE_ID

Default template ID.

See Also:

• Constant Field Values

log

@Nonnull
private final org.slf4j.Logger log

Class logger.

Constructor Details

HTTPPostSimpleSignEncoder

public HTTPPostSimpleSignEncoder()

Constructor.

Method Details

getBindingURI

@Nonnull
@NotEmpty
public String getBindingURI()

Gets the SAML binding URI supported by this encoder.

Specified by:

getBindingURI in interface SAMLMessageEncoder

Overrides:

getBindingURI in class HTTPPostEncoder

Returns:

SAML binding URI supported by this encoder

populateVelocityContext

protected void populateVelocityContext(@Nonnull
 org.apache.velocity.VelocityContext velocityContext,
 @Nonnull
 MessageContext messageContext,
 @Nonnull @NotEmpty
 String endpointURL)
                                throws MessageEncodingException

Populate the Velocity context instance which will be used to render the POST body.

Overrides:

populateVelocityContext in class HTTPPostEncoder

Parameters:

velocityContext - the Velocity context instance to populate with data

messageContext - the SAML message context source of data

endpointURL - endpoint URL to which to encode message

Throws:

MessageEncodingException - thrown if there is a problem encoding the message

buildKeyInfo

@Nullable
protected String buildKeyInfo(@Nonnull
 Credential signingCredential,
 @Nonnull
 KeyInfoGenerator kiGenerator)
                       throws MessageEncodingException

Build the KeyInfo from the signing credential.

Parameters:

signingCredential - the credential used for signing

kiGenerator - the generator for the KeyInfo

Returns:

the marshalled, serialized and base64-encoded KeyInfo, or null if none was generated

Throws:

MessageEncodingException - thrown if there is an error generating or marshalling the KeyInfo

buildFormDataToSign

@Nonnull
protected String buildFormDataToSign(@Nonnull
 org.apache.velocity.VelocityContext velocityContext,
 @Nonnull
 MessageContext messageContext,
 @Nonnull
 String sigAlgURI)
                              throws MessageEncodingException

Build the form control data string over which the signature is computed.

Parameters:

velocityContext - the Velocity context which is already populated with the values for SAML message and relay state

messageContext - the SAML message context being processed

sigAlgURI - the signature algorithm URI

Returns:

the form control data string for signature computation

Throws:

MessageEncodingException - if there is an issue building the form to sign.

getSignatureAlgorithmURI

@Nonnull
protected String getSignatureAlgorithmURI(@Nonnull
 SignatureSigningParameters signingParameters)
                                   throws MessageEncodingException

Gets the signature algorithm URI to use.

Parameters:

signingParameters - the signing parameters to use

Returns:

signature algorithm to use with the associated signing credential

Throws:

MessageEncodingException - thrown if the algorithm URI is not supplied explicitly and could not be derived from the supplied credential

generateSignature

@Nonnull
protected String generateSignature(@Nonnull
 Credential signingCredential,
 @Nonnull
 String algorithmURI,
 String formData)
                            throws MessageEncodingException

Generates the signature over the string of concatenated form control data as indicated by the SimpleSign spec.

Parameters:

signingCredential - credential that will be used to sign

algorithmURI - algorithm URI of the signing credential

formData - form control data to be signed

Returns:

base64 encoded signature of form control data

Throws:

MessageEncodingException - there is an error computing the signature