Commit ce41a1a8 authored by michael.simon's avatar michael.simon
Browse files

Add logout consume stub for HTTP-Redirect protocol

parent d9b721d6
......@@ -3,9 +3,14 @@ package edu.kit.scc.webreg.service.saml;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import edu.kit.scc.webreg.entity.SamlSpConfigurationEntity;
public interface SamlSpLogoutService {
void redirectLogout(HttpServletRequest request, HttpServletResponse response, Long userId)
throws Exception;
void consumeRedirectLogout(HttpServletRequest request, HttpServletResponse response, SamlSpConfigurationEntity spConfig)
throws Exception;
}
......@@ -20,10 +20,13 @@ import org.opensaml.saml.common.messaging.context.SAMLEndpointContext;
import org.opensaml.saml.common.messaging.context.SAMLPeerEntityContext;
import org.opensaml.saml.common.xml.SAMLConstants;
import org.opensaml.saml.criterion.RoleDescriptorCriterion;
import org.opensaml.saml.saml2.binding.decoding.impl.HTTPPostDecoder;
import org.opensaml.saml.saml2.binding.decoding.impl.HTTPRedirectDeflateDecoder;
import org.opensaml.saml.saml2.binding.encoding.impl.HTTPRedirectDeflateEncoder;
import org.opensaml.saml.saml2.core.Issuer;
import org.opensaml.saml.saml2.core.LogoutRequest;
import org.opensaml.saml.saml2.core.NameID;
import org.opensaml.saml.saml2.core.Response;
import org.opensaml.saml.saml2.metadata.EntityDescriptor;
import org.opensaml.saml.saml2.metadata.SingleLogoutService;
import org.opensaml.saml.security.impl.SAMLMetadataSignatureSigningParametersResolver;
......@@ -45,6 +48,7 @@ import edu.kit.scc.webreg.entity.SamlSpConfigurationEntity;
import edu.kit.scc.webreg.entity.SamlUserEntity;
import edu.kit.scc.webreg.entity.UserEntity;
import edu.kit.scc.webreg.service.saml.exc.SamlAuthenticationException;
import edu.kit.scc.webreg.service.saml.exc.SamlInvalidPostException;
import edu.kit.scc.webreg.session.SessionManager;
import net.shibboleth.utilities.java.support.resolver.CriteriaSet;
......@@ -77,7 +81,20 @@ public class SamlSpLogoutServiceImpl implements SamlSpLogoutService {
@Inject
private SessionManager session;
@Override
public void consumeRedirectLogout(HttpServletRequest request, HttpServletResponse response, SamlSpConfigurationEntity spConfig)
throws Exception {
HTTPRedirectDeflateDecoder decoder = new HTTPRedirectDeflateDecoder();
decoder.setHttpServletRequest(request);
decoder.initialize();
decoder.decode();
SAMLObject obj = decoder.getMessageContext().getMessage();
logger.debug("Message decoded: {}", obj);
}
@Override
public void redirectLogout(HttpServletRequest request, HttpServletResponse response, Long userId)
throws Exception {
......
/*******************************************************************************
* Copyright (c) 2014 Michael Simon.
* All rights reserved. This program and the accompanying materials
* are made available under the terms of the GNU Public License v3.0
* which accompanies this distribution, and is available at
* http://www.gnu.org/licenses/gpl.html
*
* Contributors:
* Michael Simon - initial
******************************************************************************/
package edu.kit.scc.webreg.sec;
import java.io.IOException;
import javax.inject.Inject;
import javax.inject.Named;
import javax.servlet.Servlet;
import javax.servlet.ServletConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.annotation.WebServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.slf4j.Logger;
import edu.kit.scc.webreg.entity.SamlSpConfigurationEntity;
import edu.kit.scc.webreg.service.SamlSpConfigurationService;
import edu.kit.scc.webreg.service.saml.SamlSpLogoutService;
import edu.kit.scc.webreg.session.SessionManager;
@Named
@WebServlet(urlPatterns = {"/Shibboleth.sso/SLO/Redirect", "/saml/sp/logout/redirect"})
public class Saml2SpLogoutHandler implements Servlet {
@Inject
private Logger logger;
@Inject
private SessionManager session;
@Inject
private SamlSpConfigurationService spConfigService;
@Inject
private SamlSpLogoutService samlLogoutService;
@Override
public void service(ServletRequest servletRequest, ServletResponse servletResponse)
throws ServletException, IOException {
HttpServletRequest request = (HttpServletRequest) servletRequest;
HttpServletResponse response = (HttpServletResponse) servletResponse;
String context = request.getServletContext().getContextPath();
String path = request.getRequestURI().substring(
context.length());
logger.debug("Dispatching request context '{}' path '{}'", context, path);
SamlSpConfigurationEntity spConfig = spConfigService.findByHostname(request.getServerName());
if (spConfig != null) {
logger.debug("Executing POST Handler for entity {}", spConfig.getEntityId());
service(request, response, spConfig);
}
}
private void service(HttpServletRequest request, HttpServletResponse response, SamlSpConfigurationEntity spConfig)
throws ServletException, IOException {
if (session == null || session.getIdpId() == null || session.getSpId() == null) {
logger.debug("Client session from {} not established. Sending client back to welcome page",
request.getRemoteAddr());
response.sendRedirect("/welcome/index.xhtml");
return;
}
logger.debug("attemp Logout, Consuming SAML Logout Request");
try {
samlLogoutService.consumeRedirectLogout(request, response, spConfig);
} catch (Exception e) {
throw new ServletException("Authentication problem", e);
}
}
@Override
public void init(ServletConfig config) throws ServletException {
}
@Override
public ServletConfig getServletConfig() {
return null;
}
@Override
public String getServletInfo() {
return null;
}
@Override
public void destroy() {
}
}
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment