Skip to content

MaxKey
MaxKey

MaxKey单点登录官方(MaxKeyTop) / MaxKey
10 个月 前同步成功

通知 75
Star 3
Fork 1
MaxKey
MaxKey

前往新版Gitcode,体验更适合开发者的 AI 搜索 >>

切换分支/标签
查找文件 普通视图历史永久链接Permalink
WsFederationServiceImpl.java 2.8 KB
Newer Older
MaxKey单点登录官方's avatar
init  
MaxKey单点登录官方 已提交
1 2 3 4 
package org.maxkey.authn.support.wsfederation;

import javax.servlet.http.HttpServletRequest;
MaxKey单点登录官方's avatar
fix format  
MaxKey单点登录官方 已提交
5 
import org.maxkey.constants.ConstantsLoginType;
MaxKey单点登录官方's avatar
init  
MaxKey单点登录官方 已提交
6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 
import org.maxkey.util.StringUtils;
import org.maxkey.web.WebContext;
import org.opensaml.saml1.core.impl.AssertionImpl;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;


public class WsFederationServiceImpl implements   WsFederationService{
	final static Logger _logger = LoggerFactory.getLogger(WsFederationServiceImpl.class);
	
	private WsFederationConfiguration wsFederationConfiguration;
	
	public boolean login(String wsFederationWA,String wsFederationWResult,HttpServletRequest request){
		// it's an authentication
        if (StringUtils.isNotEmpty(wsFederationWA) && wsFederationWA.equalsIgnoreCase(WsFederationConstants.WSIGNIN)) {
            _logger.debug("wresult : {}"+wsFederationWResult);

            final String wctx = request.getParameter(WsFederationConstants.WCTX);
            _logger.debug("wctx : {}"+ wctx);

            // create credentials
            final AssertionImpl assertion = WsFederationUtils.parseTokenFromString(wsFederationWResult);
            //Validate the signature
            if (assertion != null && WsFederationUtils.validateSignature(assertion, wsFederationConfiguration.getSigningCertificates())) {
                final WsFederationCredential wsFederationCredential = WsFederationUtils.createCredentialFromToken(assertion);

                if (wsFederationCredential != null && wsFederationCredential.isValid(wsFederationConfiguration.getRelyingParty(),
                		wsFederationConfiguration.getIdentifier(),
                		wsFederationConfiguration.getTolerance())) {

                    //Give the library user a chance to change the attributes as necessary
                    if (wsFederationConfiguration.getAttributeMutator() != null) {
                    	wsFederationConfiguration.getAttributeMutator().modifyAttributes(
                    			wsFederationCredential.getAttributes(),
                    			wsFederationConfiguration.getUpnSuffix());
                    }

                    return WebContext.setAuthentication(
                    		wsFederationCredential.getAttributes().get("").toString(),
MaxKey单点登录官方's avatar
fix format  
MaxKey单点登录官方 已提交
45 
                    		ConstantsLoginType.WSFEDERATION,
MaxKey单点登录官方's avatar
init  
MaxKey单点登录官方 已提交
46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 
                    		"","","success");

                } else {
                    _logger.warn("SAML assertions are blank or no longer valid.");
                    return false;
                }
            } else {
                _logger.error("WS Requested Security Token is blank or the signature is not valid.");
                return false;
            }
        }
		return false;
	}

	public void setWsFederationConfiguration(
			WsFederationConfiguration wsFederationConfiguration) {
		this.wsFederationConfiguration = wsFederationConfiguration;
	}
	
}