1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17 package edu.internet2.middleware.shibboleth.idp.profile.saml1;
18
19 import org.joda.time.DateTime;
20 import org.joda.time.chrono.ISOChronology;
21 import org.opensaml.common.binding.SAMLMessageContext;
22 import org.opensaml.common.binding.decoding.SAMLMessageDecoder;
23 import org.opensaml.saml1.binding.decoding.BaseSAML1MessageDecoder;
24 import org.opensaml.ws.message.MessageContext;
25 import org.opensaml.ws.message.decoder.MessageDecodingException;
26 import org.opensaml.ws.transport.http.HTTPInTransport;
27 import org.opensaml.xml.util.DatatypeHelper;
28 import org.slf4j.Logger;
29 import org.slf4j.LoggerFactory;
30
31 import edu.internet2.middleware.shibboleth.idp.profile.saml1.ShibbolethSSOProfileHandler.ShibbolethSSORequestContext;
32
33
34
35
36 public class ShibbolethSSODecoder extends BaseSAML1MessageDecoder implements SAMLMessageDecoder {
37
38
39 private final Logger log = LoggerFactory.getLogger(ShibbolethSSODecoder.class);
40
41
42 public ShibbolethSSODecoder(){
43 super();
44 }
45
46
47 public String getBindingURI() {
48 return "urn:mace:shibboleth:1.0:profiles:AuthnRequest";
49 }
50
51
52 protected void doDecode(MessageContext messageContext) throws MessageDecodingException {
53 if (!(messageContext instanceof ShibbolethSSORequestContext)) {
54 log.warn("Invalid message context type, this decoder only support ShibbolethSSORequestContext");
55 throw new MessageDecodingException(
56 "Invalid message context type, this decoder only support ShibbolethSSORequestContext");
57 }
58
59 if (!(messageContext.getInboundMessageTransport() instanceof HTTPInTransport)) {
60 log.warn("Invalid inbound message transport type, this decoder only support HTTPInTransport");
61 throw new MessageDecodingException(
62 "Invalid inbound message transport type, this decoder only support HTTPInTransport");
63 }
64
65 ShibbolethSSORequestContext requestContext = (ShibbolethSSORequestContext) messageContext;
66 HTTPInTransport transport = (HTTPInTransport) messageContext.getInboundMessageTransport();
67
68 String providerId = DatatypeHelper.safeTrimOrNullString(transport.getParameterValue("providerId"));
69 if (providerId == null) {
70 log.warn("No providerId parameter given in Shibboleth SSO authentication request.");
71 throw new MessageDecodingException(
72 "No providerId parameter given in Shibboleth SSO authentication request.");
73 }
74 requestContext.setInboundMessageIssuer(providerId);
75
76 String shire = DatatypeHelper.safeTrimOrNullString(transport.getParameterValue("shire"));
77 if (shire == null) {
78 log.warn("No shire parameter given in Shibboleth SSO authentication request.");
79 throw new MessageDecodingException("No shire parameter given in Shibboleth SSO authentication request.");
80 }
81 requestContext.setSpAssertionConsumerService(shire);
82
83 String target = DatatypeHelper.safeTrimOrNullString(transport.getParameterValue("target"));
84 if (target == null) {
85 log.warn("No target parameter given in Shibboleth SSO authentication request.");
86 throw new MessageDecodingException("No target parameter given in Shibboleth SSO authentication request.");
87 }
88 requestContext.setRelayState(target);
89
90 String timeStr = DatatypeHelper.safeTrimOrNullString(transport.getParameterValue("time"));
91 if (timeStr != null) {
92 long time = Long.parseLong(timeStr) * 1000;
93 requestContext.setInboundSAMLMessageIssueInstant(new DateTime(time, ISOChronology.getInstanceUTC()));
94 }
95
96 populateRelyingPartyMetadata(requestContext);
97 }
98
99
100 protected boolean isIntendedDestinationEndpointURIRequired(SAMLMessageContext samlMsgCtx) {
101 return false;
102 }
103
104
105 protected String getIntendedDestinationEndpointURI(SAMLMessageContext samlMsgCtx) throws MessageDecodingException {
106
107
108 return null;
109 }
110
111 }