View Javadoc

1   /*
2    * Copyright [2006] [University Corporation for Advanced Internet Development, Inc.]
3    *
4    * Licensed under the Apache License, Version 2.0 (the "License");
5    * you may not use this file except in compliance with the License.
6    * You may obtain a copy of the License at
7    *
8    * http://www.apache.org/licenses/LICENSE-2.0
9    *
10   * Unless required by applicable law or agreed to in writing, software
11   * distributed under the License is distributed on an "AS IS" BASIS,
12   * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13   * See the License for the specific language governing permissions and
14   * limitations under the License.
15   */
16  
17  package org.opensaml.saml2.binding.artifact;
18  
19  import java.security.MessageDigest;
20  import java.security.NoSuchAlgorithmException;
21  import java.security.SecureRandom;
22  
23  import org.opensaml.common.SAMLObject;
24  import org.opensaml.common.binding.BasicEndpointSelector;
25  import org.opensaml.common.binding.SAMLMessageContext;
26  import org.opensaml.common.xml.SAMLConstants;
27  import org.opensaml.saml2.core.NameID;
28  import org.opensaml.saml2.metadata.ArtifactResolutionService;
29  import org.opensaml.saml2.metadata.Endpoint;
30  import org.opensaml.saml2.metadata.IndexedEndpoint;
31  import org.opensaml.xml.util.DatatypeHelper;
32  import org.slf4j.Logger;
33  import org.slf4j.LoggerFactory;
34  
35  /**
36   * SAML 2, type 0x0004, artifact builder.
37   */
38  public class SAML2ArtifactType0004Builder implements SAML2ArtifactBuilder<SAML2ArtifactType0004> {
39  
40      /** Class logger. */
41      private final Logger log = LoggerFactory.getLogger(SAML2ArtifactType0004Builder.class);
42  
43      /** {@inheritDoc} */
44      public SAML2ArtifactType0004 buildArtifact(byte[] artifact) {
45          return SAML2ArtifactType0004.parseArtifact(artifact);
46      }
47  
48      /** {@inheritDoc} */
49      public SAML2ArtifactType0004 buildArtifact(SAMLMessageContext<SAMLObject, SAMLObject, NameID> requestContext) {
50          try {
51              IndexedEndpoint acsEndpoint = (IndexedEndpoint) getAcsEndpoint(requestContext);
52              if (acsEndpoint == null) {
53                  return null;
54              }
55  
56              byte[] endpointIndex = DatatypeHelper.intToByteArray(acsEndpoint.getIndex());
57              byte[] trimmedIndex = new byte[2];
58              trimmedIndex[0] = endpointIndex[2];
59              trimmedIndex[1] = endpointIndex[3];
60  
61              MessageDigest sha1Digester = MessageDigest.getInstance("SHA-1");
62              byte[] source = sha1Digester.digest(requestContext.getLocalEntityId().getBytes());
63  
64              SecureRandom handleGenerator = SecureRandom.getInstance("SHA1PRNG");
65              byte[] assertionHandle;
66              assertionHandle = new byte[20];
67              handleGenerator.nextBytes(assertionHandle);
68  
69              return new SAML2ArtifactType0004(trimmedIndex, source, assertionHandle);
70          } catch (NoSuchAlgorithmException e) {
71              log.error("JVM does not support required cryptography algorithms: SHA-1/SHA1PRNG.", e);
72              throw new InternalError("JVM does not support required cryptography algorithms: SHA-1/SHA1PRNG.");
73          }
74      }
75  
76      /**
77       * Gets the source location used to for the artifacts created by this encoder.
78       * 
79       * @param requestContext current request context
80       * 
81       * @return source location used to for the artifacts created by this encoder
82       */
83      protected Endpoint getAcsEndpoint(SAMLMessageContext<SAMLObject, SAMLObject, NameID> requestContext) {
84          BasicEndpointSelector selector = new BasicEndpointSelector();
85          selector.setEndpointType(ArtifactResolutionService.DEFAULT_ELEMENT_NAME);
86          selector.getSupportedIssuerBindings().add(SAMLConstants.SAML2_SOAP11_BINDING_URI);
87          selector.setMetadataProvider(requestContext.getMetadataProvider());
88          selector.setEntityMetadata(requestContext.getLocalEntityMetadata());
89          selector.setEntityRoleMetadata(requestContext.getLocalEntityRoleMetadata());
90  
91          Endpoint acsEndpoint = selector.selectEndpoint();
92  
93          if (acsEndpoint == null) {
94              log.error("No artifact resolution service endpoint defined for the entity "
95                      + requestContext.getOutboundMessageIssuer());
96              return null;
97          }
98  
99          return acsEndpoint;
100     }
101 }