SAML2SSOManager (Asgardeo - Java SAML SDK 0.1.12 API)

java.lang.Object
- io.asgardeo.java.saml.sdk.SAML2SSOManager

```
public class SAML2SSOManager
extends Object
```
TODO: Need to have mechanism to map SP initiated SAML2 Request to SAML2 Responses and validate. TODO: Still however IdP initiated SSO also should be possible through configuration

Constructor Summary

Constructors
Constructor and Description

SAML2SSOManager(SSOAgentConfig ssoAgentConfig)

Constructors
Constructor and Description
`SAML2SSOManager(SSOAgentConfig ssoAgentConfig)`

Method Summary

All Methods Instance Methods Concrete Methods
Modifier and Type	Method and Description
`protected org.opensaml.saml.saml2.core.AuthnRequest`	`buildAuthnRequest(javax.servlet.http.HttpServletRequest request)`
`protected org.opensaml.saml.saml2.core.LogoutRequest`	`buildLogoutRequest(String user, String sessionIdx)`
`org.opensaml.saml.saml2.core.LogoutResponse`	`buildLogoutResponse(String id, String status, String statMsg)`
`String`	`buildPostRequest(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response, boolean isLogout)` Handles the request for http post binding
`String`	`buildPostResponse(org.opensaml.saml.common.SignableSAMLObject requestMessage)`
`String`	`buildRedirectRequest(javax.servlet.http.HttpServletRequest request, boolean isLogout)` Returns the redirection URL with the appended SAML2 Request message
`org.opensaml.saml.saml2.core.LogoutResponse`	`doSLO(javax.servlet.http.HttpServletRequest request)` This method handles the logout requests from the IdP Any request for the defined logout URL is handled here
`protected String`	`encodeRequestMessage(org.opensaml.saml.common.SignableSAMLObject requestMessage, String binding)`
`protected org.opensaml.saml.saml2.core.Assertion`	`getDecryptedAssertion(org.opensaml.saml.saml2.core.EncryptedAssertion encryptedAssertion)` Get Decrypted Assertion
`SSOAgentConfig`	`getSsoAgentConfig()`
`protected boolean`	`isNoPassive(org.opensaml.saml.saml2.core.Response response)`
`protected String`	`marshall(org.opensaml.core.xml.XMLObject xmlObject)` Serialize the Auth.
`void`	`processArtifactResponse(javax.servlet.http.HttpServletRequest request)` Process authentication response with SAML2 artifact.
`void`	`processResponse(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response)`
`protected void`	`validateAudienceRestriction(org.opensaml.saml.saml2.core.Assertion assertion)` Validate the AudienceRestriction of SAML2 Response
`protected void`	`validateSignature(org.opensaml.saml.saml2.core.Response response, org.opensaml.saml.saml2.core.Assertion assertion)` Validate the signature of a SAML2 Response and Assertion

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

SAML2SSOManager

public SAML2SSOManager(SSOAgentConfig ssoAgentConfig)
                throws SSOAgentException

Throws:: SSOAgentException

Method Detail

buildRedirectRequest

public String buildRedirectRequest(javax.servlet.http.HttpServletRequest request,
                                   boolean isLogout)
                            throws SSOAgentException

Returns the redirection URL with the appended SAML2 Request message

Parameters:: request - SAML 2 request
Returns:: redirectionUrl
Throws:: SSOAgentException

buildPostRequest

public String buildPostRequest(javax.servlet.http.HttpServletRequest request,
                               javax.servlet.http.HttpServletResponse response,
                               boolean isLogout)
                        throws SSOAgentException

Handles the request for http post binding

Parameters:: request - The HTTP request with SAML2 message; response - The HTTP response; isLogout - Whether the request is a logout request
Throws:: SSOAgentException

buildPostResponse

public String buildPostResponse(org.opensaml.saml.common.SignableSAMLObject requestMessage)
                         throws SSOAgentException

Throws:: SSOAgentException

processResponse

public void processResponse(javax.servlet.http.HttpServletRequest request,
                            javax.servlet.http.HttpServletResponse response)
                     throws SSOAgentException

Throws:: SSOAgentException

processArtifactResponse
```
public void processArtifactResponse(javax.servlet.http.HttpServletRequest request)
                             throws SSOAgentException
```
Process authentication response with SAML2 artifact.

Parameters:

request - Http Servlet Request object.

Throws:

SSOAgentException

doSLO
```
public org.opensaml.saml.saml2.core.LogoutResponse doSLO(javax.servlet.http.HttpServletRequest request)
                                                  throws SSOAgentException
```
This method handles the logout requests from the IdP Any request for the defined logout URL is handled here

Parameters:

request -

Throws:

javax.servlet.ServletException

IOException

SSOAgentException

buildLogoutRequest

protected org.opensaml.saml.saml2.core.LogoutRequest buildLogoutRequest(String user,
                                                                        String sessionIdx)
                                                                 throws SSOAgentException

Throws:: SSOAgentException

buildLogoutResponse

public org.opensaml.saml.saml2.core.LogoutResponse buildLogoutResponse(String id,
                                                                       String status,
                                                                       String statMsg)
                                                                throws SSOAgentException

Throws:: SSOAgentException

buildAuthnRequest

protected org.opensaml.saml.saml2.core.AuthnRequest buildAuthnRequest(javax.servlet.http.HttpServletRequest request)
                                                               throws SSOAgentException

Throws:: SSOAgentException

encodeRequestMessage

protected String encodeRequestMessage(org.opensaml.saml.common.SignableSAMLObject requestMessage,
                                      String binding)
                               throws SSOAgentException

Throws:: SSOAgentException

validateAudienceRestriction

protected void validateAudienceRestriction(org.opensaml.saml.saml2.core.Assertion assertion)
                                    throws SSOAgentException

Validate the AudienceRestriction of SAML2 Response

Parameters:: assertion - SAML2 Assertion
Throws:: SSOAgentException

validateSignature

protected void validateSignature(org.opensaml.saml.saml2.core.Response response,
                                 org.opensaml.saml.saml2.core.Assertion assertion)
                          throws SSOAgentException

Validate the signature of a SAML2 Response and Assertion

Parameters:: response - SAML2 Response
Throws:: SSOAgentException

marshall

protected String marshall(org.opensaml.core.xml.XMLObject xmlObject)
                   throws SSOAgentException

Serialize the Auth. Request

Parameters:: xmlObject -
Returns:: serialized auth. req
Throws:: SSOAgentException

getDecryptedAssertion

protected org.opensaml.saml.saml2.core.Assertion getDecryptedAssertion(org.opensaml.saml.saml2.core.EncryptedAssertion encryptedAssertion)
                                                                throws SSOAgentException

Get Decrypted Assertion

Parameters:: encryptedAssertion -
Returns:
Throws:: Exception; SSOAgentException

isNoPassive

protected boolean isNoPassive(org.opensaml.saml.saml2.core.Response response)

getSsoAgentConfig

public SSOAgentConfig getSsoAgentConfig()

Class SAML2SSOManager

Constructor Summary