1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18 package edu.internet2.middleware.shibboleth.idp.profile.saml1;
19
20 import org.joda.time.DateTime;
21 import org.joda.time.chrono.ISOChronology;
22 import org.opensaml.common.binding.SAMLMessageContext;
23 import org.opensaml.common.binding.decoding.SAMLMessageDecoder;
24 import org.opensaml.saml1.binding.decoding.BaseSAML1MessageDecoder;
25 import org.opensaml.ws.message.MessageContext;
26 import org.opensaml.ws.message.decoder.MessageDecodingException;
27 import org.opensaml.ws.transport.http.HTTPInTransport;
28 import org.opensaml.ws.transport.http.HttpServletRequestAdapter;
29 import org.opensaml.xml.util.DatatypeHelper;
30 import org.slf4j.Logger;
31 import org.slf4j.LoggerFactory;
32
33 import edu.internet2.middleware.shibboleth.idp.profile.saml1.ShibbolethSSOProfileHandler.ShibbolethSSORequestContext;
34
35
36
37
38 public class ShibbolethSSODecoder extends BaseSAML1MessageDecoder implements SAMLMessageDecoder {
39
40
41 private final Logger log = LoggerFactory.getLogger(ShibbolethSSODecoder.class);
42
43
44 public ShibbolethSSODecoder(){
45 super();
46 }
47
48
49 public String getBindingURI() {
50 return "urn:mace:shibboleth:1.0:profiles:AuthnRequest";
51 }
52
53
54 protected void doDecode(MessageContext messageContext) throws MessageDecodingException {
55 if (!(messageContext instanceof ShibbolethSSORequestContext)) {
56 log.warn("Invalid message context type, this decoder only support ShibbolethSSORequestContext");
57 throw new MessageDecodingException(
58 "Invalid message context type, this decoder only support ShibbolethSSORequestContext");
59 }
60
61 if (!(messageContext.getInboundMessageTransport() instanceof HTTPInTransport)) {
62 log.warn("Invalid inbound message transport type, this decoder only support HTTPInTransport");
63 throw new MessageDecodingException(
64 "Invalid inbound message transport type, this decoder only support HTTPInTransport");
65 }
66
67 ShibbolethSSORequestContext requestContext = (ShibbolethSSORequestContext) messageContext;
68 HTTPInTransport transport = (HTTPInTransport) messageContext.getInboundMessageTransport();
69
70 String providerId = DatatypeHelper.safeTrimOrNullString(transport.getParameterValue("providerId"));
71 if (providerId == null) {
72 log.warn("No providerId parameter given in Shibboleth SSO authentication request.");
73 throw new MessageDecodingException(
74 "No providerId parameter given in Shibboleth SSO authentication request.");
75 }
76 requestContext.setInboundMessageIssuer(providerId);
77 requestContext.setPeerEntityId(providerId);
78
79 String shire = DatatypeHelper.safeTrimOrNullString(transport.getParameterValue("shire"));
80 if (shire == null) {
81 log.warn("No shire parameter given in Shibboleth SSO authentication request.");
82 throw new MessageDecodingException("No shire parameter given in Shibboleth SSO authentication request.");
83 }
84 requestContext.setSpAssertionConsumerService(shire);
85
86 String target = DatatypeHelper.safeTrimOrNullString(transport.getParameterValue("target"));
87 if (target == null) {
88 log.warn("No target parameter given in Shibboleth SSO authentication request.");
89 throw new MessageDecodingException("No target parameter given in Shibboleth SSO authentication request.");
90 }
91 requestContext.setRelayState(target);
92
93 String timeStr = DatatypeHelper.safeTrimOrNullString(transport.getParameterValue("time"));
94 if (timeStr != null) {
95 long time = Long.parseLong(timeStr) * 1000;
96 requestContext.setInboundSAMLMessageIssueInstant(new DateTime(time, ISOChronology.getInstanceUTC()));
97
98
99
100 String sessionID = ((HttpServletRequestAdapter) transport).getWrappedRequest().getRequestedSessionId();
101 if (sessionID != null) {
102 requestContext.setInboundSAMLMessageId(sessionID + '!' + timeStr);
103 }
104 }
105
106 populateRelyingPartyMetadata(requestContext);
107 }
108
109
110 protected boolean isIntendedDestinationEndpointURIRequired(SAMLMessageContext samlMsgCtx) {
111 return false;
112 }
113
114
115 protected String getIntendedDestinationEndpointURI(SAMLMessageContext samlMsgCtx) throws MessageDecodingException {
116
117
118 return null;
119 }
120
121 }