You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cxf.apache.org by co...@apache.org on 2018/07/09 10:47:41 UTC
[cxf] branch master updated: Add the ability to create
LogoutRequests
This is an automated email from the ASF dual-hosted git repository.
coheigea pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/cxf.git
The following commit(s) were added to refs/heads/master by this push:
new 004f4c1 Add the ability to create LogoutRequests
004f4c1 is described below
commit 004f4c153a439fa1a4ac4205c7b213e563008366
Author: Colm O hEigeartaigh <co...@apache.org>
AuthorDate: Mon Jul 9 11:47:26 2018 +0100
Add the ability to create LogoutRequests
---
.../saml/sso/SamlpRequestComponentBuilder.java | 34 ++++++++++++++++++++++
.../security/saml/sso/AuthnRequestBuilderTest.java | 28 ++++++++++++++++++
2 files changed, 62 insertions(+)
diff --git a/rt/rs/security/sso/saml/src/main/java/org/apache/cxf/rs/security/saml/sso/SamlpRequestComponentBuilder.java b/rt/rs/security/sso/saml/src/main/java/org/apache/cxf/rs/security/saml/sso/SamlpRequestComponentBuilder.java
index e13f03a..6c581f0 100644
--- a/rt/rs/security/sso/saml/src/main/java/org/apache/cxf/rs/security/saml/sso/SamlpRequestComponentBuilder.java
+++ b/rt/rs/security/sso/saml/src/main/java/org/apache/cxf/rs/security/saml/sso/SamlpRequestComponentBuilder.java
@@ -19,6 +19,7 @@
package org.apache.cxf.rs.security.saml.sso;
+import java.util.Date;
import java.util.List;
import java.util.UUID;
@@ -32,6 +33,8 @@ import org.opensaml.saml.saml2.core.AuthnContextComparisonTypeEnumeration;
import org.opensaml.saml.saml2.core.AuthnContextDeclRef;
import org.opensaml.saml.saml2.core.AuthnRequest;
import org.opensaml.saml.saml2.core.Issuer;
+import org.opensaml.saml.saml2.core.LogoutRequest;
+import org.opensaml.saml.saml2.core.NameID;
import org.opensaml.saml.saml2.core.NameIDPolicy;
import org.opensaml.saml.saml2.core.RequestedAuthnContext;
@@ -42,6 +45,8 @@ public final class SamlpRequestComponentBuilder {
private static volatile SAMLObjectBuilder<AuthnRequest> authnRequestBuilder;
+ private static volatile SAMLObjectBuilder<LogoutRequest> logoutRequestBuilder;
+
private static volatile SAMLObjectBuilder<Issuer> issuerBuilder;
private static volatile SAMLObjectBuilder<NameIDPolicy> nameIDBuilder;
@@ -90,6 +95,35 @@ public final class SamlpRequestComponentBuilder {
return authnRequest;
}
+ public static LogoutRequest createLogoutRequest(
+ SAMLVersion version,
+ Issuer issuer,
+ String destination,
+ String consent,
+ Date notOnOrAfter,
+ String reason,
+ NameID nameID
+ ) {
+ if (logoutRequestBuilder == null) {
+ logoutRequestBuilder = (SAMLObjectBuilder<LogoutRequest>)
+ builderFactory.getBuilder(LogoutRequest.DEFAULT_ELEMENT_NAME);
+ }
+ LogoutRequest logoutRequest = logoutRequestBuilder.buildObject();
+ logoutRequest.setID("_" + UUID.randomUUID());
+ logoutRequest.setVersion(version);
+ logoutRequest.setIssueInstant(new DateTime());
+ logoutRequest.setDestination(destination);
+ logoutRequest.setConsent(consent);
+ logoutRequest.setIssuer(issuer);
+ if (notOnOrAfter != null) {
+ logoutRequest.setNotOnOrAfter(new DateTime(notOnOrAfter.getTime()));
+ }
+ logoutRequest.setReason(reason);
+ logoutRequest.setNameID(nameID);
+
+ return logoutRequest;
+ }
+
@SuppressWarnings("unchecked")
public static Issuer createIssuer(
String issuerValue
diff --git a/rt/rs/security/sso/saml/src/test/java/org/apache/cxf/rs/security/saml/sso/AuthnRequestBuilderTest.java b/rt/rs/security/sso/saml/src/test/java/org/apache/cxf/rs/security/saml/sso/AuthnRequestBuilderTest.java
index f2fcc0b..1ef17b3 100644
--- a/rt/rs/security/sso/saml/src/test/java/org/apache/cxf/rs/security/saml/sso/AuthnRequestBuilderTest.java
+++ b/rt/rs/security/sso/saml/src/test/java/org/apache/cxf/rs/security/saml/sso/AuthnRequestBuilderTest.java
@@ -20,6 +20,7 @@
package org.apache.cxf.rs.security.saml.sso;
import java.util.Collections;
+import java.util.Date;
import org.w3c.dom.Document;
import org.w3c.dom.Element;
@@ -28,11 +29,15 @@ import org.apache.cxf.helpers.DOMUtils;
import org.apache.cxf.message.Message;
import org.apache.cxf.message.MessageImpl;
import org.apache.wss4j.common.saml.OpenSAMLUtil;
+import org.apache.wss4j.common.saml.bean.NameIDBean;
+import org.apache.wss4j.common.saml.builder.SAML2ComponentBuilder;
import org.opensaml.saml.common.SAMLVersion;
import org.opensaml.saml.saml2.core.AuthnContextClassRef;
import org.opensaml.saml.saml2.core.AuthnContextComparisonTypeEnumeration;
import org.opensaml.saml.saml2.core.AuthnRequest;
import org.opensaml.saml.saml2.core.Issuer;
+import org.opensaml.saml.saml2.core.LogoutRequest;
+import org.opensaml.saml.saml2.core.NameID;
import org.opensaml.saml.saml2.core.NameIDPolicy;
import org.opensaml.saml.saml2.core.RequestedAuthnContext;
@@ -107,4 +112,27 @@ public class AuthnRequestBuilderTest extends org.junit.Assert {
+ "underscores, hyphens, and periods.", authnRequest.getID().matches("^[_a-zA-Z][-_0-9a-zA-Z\\.]+$"));
}
+ @org.junit.Test
+ public void testCreateLogoutRequest() throws Exception {
+ Document doc = DOMUtils.createDocument();
+
+ Issuer issuer =
+ SamlpRequestComponentBuilder.createIssuer("http://localhost:9001/app");
+
+ NameIDBean nameIdBean = new NameIDBean();
+ nameIdBean.setNameValue("uid=joe,ou=people,ou=saml-demo,o=example.com");
+ nameIdBean.setNameQualifier("www.example.com");
+ NameID nameID = SAML2ComponentBuilder.createNameID(nameIdBean);
+
+ Date notOnOrAfter = new Date();
+ notOnOrAfter.setTime(notOnOrAfter.getTime() + 60L * 1000L);
+ LogoutRequest logoutRequest =
+ SamlpRequestComponentBuilder.createLogoutRequest(SAMLVersion.VERSION_20, issuer, null, null,
+ notOnOrAfter, null, nameID);
+
+ Element policyElement = OpenSAMLUtil.toDom(logoutRequest, doc);
+ doc.appendChild(policyElement);
+ // String outputString = DOM2Writer.nodeToString(policyElement);
+ assertNotNull(policyElement);
+ }
}