Skip to content
体验新版
项目
组织
正在加载...
登录
切换导航
打开侧边栏
yujianwangzivayy
MaxKey
提交
fba86d25
MaxKey
项目概览
yujianwangzivayy
/
MaxKey
与 Fork 源项目一致
Fork自
MaxKey单点登录官方(MaxKeyTop) / MaxKey
通知
1
Star
0
Fork
0
代码
文件
提交
分支
Tags
贡献者
分支图
Diff
Issue
0
列表
看板
标记
里程碑
合并请求
0
DevOps
流水线
流水线任务
计划
Wiki
0
Wiki
分析
仓库
DevOps
项目成员
Pages
MaxKey
项目概览
项目概览
详情
发布
仓库
仓库
文件
提交
分支
标签
贡献者
分支图
比较
Issue
0
Issue
0
列表
看板
标记
里程碑
合并请求
0
合并请求
0
Pages
DevOps
DevOps
流水线
流水线任务
计划
分析
分析
仓库分析
DevOps
Wiki
0
Wiki
成员
成员
收起侧边栏
关闭侧边栏
动态
分支图
创建新Issue
流水线任务
提交
Issue看板
体验新版 GitCode,发现更多精彩内容 >>
提交
fba86d25
编写于
3月 01, 2020
作者:
MaxKey单点登录官方
浏览文件
操作
浏览文件
下载
电子邮件补丁
差异文件
SAML20 FIXED
SAML20 FIXED
上级
ac9e2dd7
变更
14
隐藏空白更改
内联
并排
Showing
14 changed file
with
161 addition
and
237 deletion
+161
-237
maxkey-core/src/main/java/org/maxkey/authn/BasicAuthentication.java
...e/src/main/java/org/maxkey/authn/BasicAuthentication.java
+7
-0
maxkey-protocols/maxkey-protocol-saml-2.0/src/main/java/org/maxkey/authz/saml/common/SignatureSecurityPolicyRule.java
...maxkey/authz/saml/common/SignatureSecurityPolicyRule.java
+2
-1
maxkey-protocols/maxkey-protocol-saml-2.0/src/main/java/org/maxkey/authz/saml20/consumer/AuthnRequestGenerator.java
...g/maxkey/authz/saml20/consumer/AuthnRequestGenerator.java
+1
-1
maxkey-protocols/maxkey-protocol-saml-2.0/src/main/java/org/maxkey/authz/saml20/metadata/endpoint/MetadataEndpoint.java
...xkey/authz/saml20/metadata/endpoint/MetadataEndpoint.java
+3
-3
maxkey-protocols/maxkey-protocol-saml-2.0/src/main/java/org/maxkey/authz/saml20/provider/endpoint/AssertionEndpoint.java
...key/authz/saml20/provider/endpoint/AssertionEndpoint.java
+1
-29
maxkey-protocols/maxkey-protocol-saml-2.0/src/main/java/org/maxkey/authz/saml20/provider/endpoint/SingleSignOnEndpoint.java
.../authz/saml20/provider/endpoint/SingleSignOnEndpoint.java
+2
-1
maxkey-protocols/maxkey-protocol-saml-2.0/src/main/java/org/maxkey/authz/saml20/provider/xml/AssertionGenerator.java
.../maxkey/authz/saml20/provider/xml/AssertionGenerator.java
+67
-22
maxkey-protocols/maxkey-protocol-saml-2.0/src/main/java/org/maxkey/authz/saml20/provider/xml/AttributeStatementGenerator.java
...uthz/saml20/provider/xml/AttributeStatementGenerator.java
+26
-34
maxkey-protocols/maxkey-protocol-saml-2.0/src/main/java/org/maxkey/authz/saml20/provider/xml/AuthnResponseGenerator.java
...key/authz/saml20/provider/xml/AuthnResponseGenerator.java
+27
-96
maxkey-protocols/maxkey-protocol-saml-2.0/src/main/java/org/maxkey/authz/saml20/provider/xml/AuthnStatementGenerator.java
...ey/authz/saml20/provider/xml/AuthnStatementGenerator.java
+8
-14
maxkey-protocols/maxkey-protocol-saml-2.0/src/main/java/org/maxkey/authz/saml20/provider/xml/ConditionsGenerator.java
...maxkey/authz/saml20/provider/xml/ConditionsGenerator.java
+8
-13
maxkey-protocols/maxkey-protocol-saml-2.0/src/main/java/org/maxkey/authz/saml20/provider/xml/StatusGenerator.java
...org/maxkey/authz/saml20/provider/xml/StatusGenerator.java
+3
-12
maxkey-protocols/maxkey-protocol-saml-2.0/src/main/java/org/maxkey/authz/saml20/provider/xml/SubjectGenerator.java
...rg/maxkey/authz/saml20/provider/xml/SubjectGenerator.java
+5
-4
maxkey-protocols/maxkey-protocol-saml-2.0/src/main/java/org/maxkey/authz/saml20/xml/IssuerGenerator.java
...ain/java/org/maxkey/authz/saml20/xml/IssuerGenerator.java
+1
-7
未找到文件。
maxkey-core/src/main/java/org/maxkey/authn/BasicAuthentication.java
浏览文件 @
fba86d25
...
...
@@ -67,6 +67,10 @@ public class BasicAuthentication implements Authentication{
public
String
getJ_username
()
{
return
j_username
;
}
public
String
getUsername
()
{
return
j_username
;
}
public
void
setJ_username
(
String
j_username
)
{
this
.
j_username
=
j_username
;
...
...
@@ -83,6 +87,9 @@ public class BasicAuthentication implements Authentication{
public
String
getJ_sessionid
()
{
return
j_sessionid
;
}
public
String
getSessionid
()
{
return
j_sessionid
;
}
public
void
setJ_sessionid
(
String
j_sessionid
)
{
this
.
j_sessionid
=
j_sessionid
;
...
...
maxkey-protocols/maxkey-protocol-saml-2.0/src/main/java/org/maxkey/authz/saml/common/SignatureSecurityPolicyRule.java
浏览文件 @
fba86d25
...
...
@@ -69,8 +69,9 @@ public class SignatureSecurityPolicyRule implements InitializingBean, SecurityP
}
SignableSAMLObject
samlMessage
=
(
SignableSAMLObject
)
messageContext
.
getInboundMessage
();
//TODO:POST NEED Signed,but some is not
if
(
!
samlMessage
.
isSigned
())
{
logger
.
debug
(
"evaluating signature POST NEED Signed,but some is not."
);
throw
new
SecurityPolicyException
(
"InboundMessage was not signed."
);
}
...
...
maxkey-protocols/maxkey-protocol-saml-2.0/src/main/java/org/maxkey/authz/saml20/consumer/AuthnRequestGenerator.java
浏览文件 @
fba86d25
...
...
@@ -22,7 +22,7 @@ public class AuthnRequestGenerator {
this
.
timeService
=
timeService
;
this
.
idService
=
idService
;
issuerGenerator
=
new
IssuerGenerator
(
issuingEntityName
);
issuerGenerator
=
new
IssuerGenerator
(
this
.
issuingEntityName
);
}
public
AuthnRequest
generateAuthnRequest
(
String
destination
,
String
responseLocation
)
{
...
...
maxkey-protocols/maxkey-protocol-saml-2.0/src/main/java/org/maxkey/authz/saml20/metadata/endpoint/MetadataEndpoint.java
浏览文件 @
fba86d25
...
...
@@ -86,11 +86,11 @@ public class MetadataEndpoint {
IDPSSODescriptor
descriptor
=
metadataGenerator
.
buildIDPSSODescriptor
();
descriptor
.
getSingleSignOnServices
().
add
(
metadataGenerator
.
getSingleSignOnService
(
WebContext
.
getHttpContextPath
()+
"/
saml/v20/authz
/"
+
appId
,
null
));
descriptor
.
getSingleSignOnServices
().
add
(
metadataGenerator
.
getSingleSignOnService
(
WebContext
.
getHttpContextPath
()+
"/
authz/saml20
/"
+
appId
,
null
));
descriptor
.
getSingleSignOnServices
().
add
(
metadataGenerator
.
getSingleSignOnService
(
WebContext
.
getHttpContextPath
()+
"/
saml/v20/authz
/"
+
appId
,
SAMLConstants
.
SAML2_REDIRECT_BINDING_URI
));
descriptor
.
getSingleSignOnServices
().
add
(
metadataGenerator
.
getSingleSignOnService
(
WebContext
.
getHttpContextPath
()+
"/
authz/saml20
/"
+
appId
,
SAMLConstants
.
SAML2_REDIRECT_BINDING_URI
));
descriptor
.
getSingleSignOnServices
().
add
(
metadataGenerator
.
getSingleSignOnService
(
WebContext
.
getHttpContextPath
()+
"/
saml/v20/authz
/"
+
appId
,
SAMLConstants
.
SAML2_POST_SIMPLE_SIGN_BINDING_URI
));
descriptor
.
getSingleSignOnServices
().
add
(
metadataGenerator
.
getSingleSignOnService
(
WebContext
.
getHttpContextPath
()+
"/
authz/saml20
/"
+
appId
,
SAMLConstants
.
SAML2_POST_SIMPLE_SIGN_BINDING_URI
));
descriptor
.
getSingleLogoutServices
().
add
(
metadataGenerator
.
getSingleLogoutService
(
WebContext
.
getHttpContextPath
()+
"/logout"
,
null
));
...
...
maxkey-protocols/maxkey-protocol-saml-2.0/src/main/java/org/maxkey/authz/saml20/provider/endpoint/AssertionEndpoint.java
浏览文件 @
fba86d25
package
org.maxkey.authz.saml20.provider.endpoint
;
import
java.util.ArrayList
;
import
java.util.HashMap
;
import
javax.servlet.http.HttpServletRequest
;
import
javax.servlet.http.HttpServletResponse
;
import
org.joda.time.DateTime
;
import
org.maxkey.authn.BasicAuthentication
;
import
org.maxkey.authz.saml.common.AuthnRequestInfo
;
import
org.maxkey.authz.saml.common.EndpointGenerator
;
import
org.maxkey.authz.saml20.binding.BindingAdapter
;
import
org.maxkey.authz.saml20.provider.xml.AuthnResponseGenerator
;
import
org.maxkey.domain.apps.AppsSAML20Details
;
import
org.maxkey.web.WebContext
;
import
org.opensaml.saml2.core.Response
;
import
org.opensaml.saml2.metadata.Endpoint
;
import
org.opensaml.ws.message.encoder.MessageEncodingException
;
...
...
@@ -21,9 +17,6 @@ import org.slf4j.Logger;
import
org.slf4j.LoggerFactory
;
import
org.springframework.beans.factory.annotation.Autowired
;
import
org.springframework.beans.factory.annotation.Qualifier
;
import
org.springframework.security.authentication.UsernamePasswordAuthenticationToken
;
import
org.springframework.security.core.GrantedAuthority
;
import
org.springframework.security.core.authority.SimpleGrantedAuthority
;
import
org.springframework.stereotype.Controller
;
import
org.springframework.web.bind.annotation.RequestMapping
;
import
org.springframework.web.servlet.ModelAndView
;
...
...
@@ -59,34 +52,13 @@ public class AssertionEndpoint {
logger
.
debug
(
"AuthnRequestInfo: {}"
,
authnRequestInfo
);
ArrayList
<
GrantedAuthority
>
grantedAuthority
=
new
ArrayList
<
GrantedAuthority
>();
grantedAuthority
.
add
(
new
SimpleGrantedAuthority
(
"ROLE_USER"
));
UsernamePasswordAuthenticationToken
authToken
=
(
UsernamePasswordAuthenticationToken
)
WebContext
.
getAuthentication
();
for
(
GrantedAuthority
anthGrantedAuthority:
authToken
.
getAuthorities
()){
grantedAuthority
.
add
(
anthGrantedAuthority
);
}
//TODO:
//String userName ="shimingxy@qq.com";
String
userName
=((
BasicAuthentication
)
authToken
.
getPrincipal
()).
getJ_username
();
//aly
//String userName ="admin@1729982683323703.onaliyun.com";
DateTime
authnInstant
=
new
DateTime
(
request
.
getSession
().
getCreationTime
());
String
remoteAddress
=
WebContext
.
getRequestIpAddress
(
request
);
HashMap
<
String
,
String
>
attributeMap
=
new
HashMap
<
String
,
String
>();
//saml20Details
Response
authResponse
=
authnResponseGenerator
.
generateAuthnResponse
(
saml20Details
,
authnRequestInfo
,
userName
,
remoteAddress
,
authnInstant
,
grantedAuthority
,
attributeMap
,
bindingAdapter
.
getSigningCredential
(),
bindingAdapter
.
getSpSigningCredential
());
bindingAdapter
);
Endpoint
endpoint
=
endpointGenerator
.
generateEndpoint
(
saml20Details
.
getSpAcsUrl
());
...
...
maxkey-protocols/maxkey-protocol-saml-2.0/src/main/java/org/maxkey/authz/saml20/provider/endpoint/SingleSignOnEndpoint.java
浏览文件 @
fba86d25
...
...
@@ -62,6 +62,7 @@ public class SingleSignOnEndpoint {
HttpServletRequest
request
,
HttpServletResponse
response
,
@PathVariable
(
"appid"
)
String
appId
)
throws
Exception
{
logger
.
debug
(
"SAML Authorize Redirect do POST , app id is "
+
appId
);
return
extractSAMLRequest
(
extractPostBindingAdapter
,
appId
,
request
);
}
...
...
@@ -70,7 +71,7 @@ public class SingleSignOnEndpoint {
HttpServletRequest
request
,
HttpServletResponse
response
,
@PathVariable
(
"appid"
)
String
appId
)
throws
Exception
{
logger
.
debug
(
"SAML Authorize Redirect do GET , app id is "
+
appId
);
return
extractSAMLRequest
(
extractRedirectBindingAdapter
,
appId
,
request
);
}
...
...
maxkey-protocols/maxkey-protocol-saml-2.0/src/main/java/org/maxkey/authz/saml20/provider/xml/AssertionGenerator.java
浏览文件 @
fba86d25
package
org.maxkey.authz.saml20.provider.xml
;
import
java.util.
Collection
;
import
java.util.
ArrayList
;
import
java.util.HashMap
;
import
org.joda.time.DateTime
;
import
org.maxkey.authz.saml.service.IDService
;
import
org.maxkey.authz.saml.service.TimeService
;
import
org.maxkey.authz.saml20.binding.BindingAdapter
;
import
org.maxkey.authz.saml20.xml.IssuerGenerator
;
import
org.maxkey.domain.apps.AppsSAML20Details
;
import
org.maxkey.web.WebContext
;
import
org.opensaml.Configuration
;
import
org.opensaml.saml2.core.Assertion
;
import
org.opensaml.saml2.core.AttributeStatement
;
...
...
@@ -15,12 +18,21 @@ import org.opensaml.saml2.core.Conditions;
import
org.opensaml.saml2.core.Issuer
;
import
org.opensaml.saml2.core.Subject
;
import
org.opensaml.saml2.core.impl.AssertionBuilder
;
import
org.opensaml.xml.XMLObjectBuilderFactory
;
import
org.opensaml.xml.security.BasicSecurityConfiguration
;
import
org.opensaml.xml.security.credential.BasicCredential
;
import
org.opensaml.xml.security.keyinfo.KeyInfoGeneratorFactory
;
import
org.opensaml.xml.signature.Signature
;
import
org.opensaml.xml.signature.SignatureConstants
;
import
org.opensaml.xml.signature.Signer
;
import
org.opensaml.xml.signature.impl.SignatureBuilder
;
import
org.slf4j.Logger
;
import
org.slf4j.LoggerFactory
;
import
org.springframework.security.authentication.UsernamePasswordAuthenticationToken
;
import
org.springframework.security.core.GrantedAuthority
;
import
org.springframework.security.core.authority.SimpleGrantedAuthority
;
public
class
AssertionGenerator
{
private
final
XMLObjectBuilderFactory
builderFactory
=
Configuration
.
getBuilderFactory
();
private
final
static
Logger
logger
=
LoggerFactory
.
getLogger
(
AssertionGenerator
.
class
);
private
final
IssuerGenerator
issuerGenerator
;
private
final
SubjectGenerator
subjectGenerator
;
...
...
@@ -44,42 +56,75 @@ public class AssertionGenerator {
}
public
Assertion
generateAssertion
(
AppsSAML20Details
saml20Details
,
BindingAdapter
bindingAdapter
,
String
assertionConsumerURL
,
String
nameIdValue
,
String
inResponseTo
,
String
audienceUrl
,
int
validInSeconds
,
Collection
<
GrantedAuthority
>
authorities
,
HashMap
<
String
,
String
>
attributeMap
,
String
clientAddress
,
DateTime
authnInstant
)
{
HashMap
<
String
,
String
>
attributeMap
)
{
AssertionBuilder
assertionBuilder
=
(
AssertionBuilder
)
builderFactory
.
getBuilder
(
Assertion
.
DEFAULT_ELEMENT_NAME
);
Assertion
assertion
=
assertionBuilder
.
buildObject
();
Assertion
assertion
=
new
AssertionBuilder
().
buildObject
();;
//Subject
Subject
subject
=
subjectGenerator
.
generateSubject
(
assertionConsumerURL
,
nameIdValue
,
inResponseTo
,
validInSeconds
,
clientAddress
);
validInSeconds
);
assertion
.
setSubject
(
subject
);
//issuer
Issuer
issuer
=
issuerGenerator
.
generateIssuer
();
assertion
.
setIssuer
(
issuer
);
//AuthnStatements
DateTime
authnInstant
=
new
DateTime
(
WebContext
.
getSession
().
getCreationTime
());
AuthnStatement
authnStatement
=
authnStatementGenerator
.
generateAuthnStatement
(
authnInstant
);
assertion
.
getAuthnStatements
().
add
(
authnStatement
);
AttributeStatement
attributeStatement
=
attributeStatementGenerator
.
generateAttributeStatement
(
authorities
,
attributeMap
);
//AttributeStatements
ArrayList
<
GrantedAuthority
>
grantedAuthoritys
=
new
ArrayList
<
GrantedAuthority
>();
grantedAuthoritys
.
add
(
new
SimpleGrantedAuthority
(
"ROLE_USER"
));
for
(
GrantedAuthority
anthGrantedAuthority:
((
UsernamePasswordAuthenticationToken
)
WebContext
.
getAuthentication
()).
getAuthorities
()){
grantedAuthoritys
.
add
(
anthGrantedAuthority
);
}
AttributeStatement
attributeStatement
=
attributeStatementGenerator
.
generateAttributeStatement
(
saml20Details
,
grantedAuthoritys
,
attributeMap
);
assertion
.
getAttributeStatements
().
add
(
attributeStatement
);
//ID
assertion
.
setID
(
idService
.
generateID
());
//IssueInstant
assertion
.
setIssueInstant
(
timeService
.
getCurrentDateTime
());
//Conditions
Conditions
conditions
=
conditionsGenerator
.
generateConditions
(
audienceUrl
,
validInSeconds
);
assertion
.
setConditions
(
conditions
);
//sign Assertion
try
{
BasicCredential
basicCredential
=
new
BasicCredential
();
basicCredential
.
setPrivateKey
(
bindingAdapter
.
getSigningCredential
().
getPrivateKey
());
Signature
signature
=
new
SignatureBuilder
().
buildObject
();
signature
.
setCanonicalizationAlgorithm
(
SignatureConstants
.
ALGO_ID_C14N_EXCL_OMIT_COMMENTS
);
signature
.
setSignatureAlgorithm
(
SignatureConstants
.
ALGO_ID_SIGNATURE_RSA_SHA256
);
signature
.
setSigningCredential
(
basicCredential
);
KeyInfoGeneratorFactory
keyInfoGeneratorFactory
=
Configuration
.
getGlobalSecurityConfiguration
()
.
getKeyInfoGeneratorManager
().
getDefaultManager
()
.
getFactory
(
bindingAdapter
.
getSigningCredential
());
signature
.
setKeyInfo
(
keyInfoGeneratorFactory
.
newInstance
().
generate
(
bindingAdapter
.
getSigningCredential
()));
BasicSecurityConfiguration
config
=
(
BasicSecurityConfiguration
)
Configuration
.
getGlobalSecurityConfiguration
();
config
.
registerSignatureAlgorithmURI
(
"RSA"
,
SignatureConstants
.
ALGO_ID_SIGNATURE_RSA_SHA256
);
config
.
setSignatureReferenceDigestMethod
(
SignatureConstants
.
ALGO_ID_DIGEST_SHA256
);
assertion
.
setSignature
(
signature
);
Configuration
.
getMarshallerFactory
().
getMarshaller
(
assertion
).
marshall
(
assertion
);
Signer
.
signObject
(
signature
);
logger
.
debug
(
"assertion.isSigned "
+
assertion
.
isSigned
());
}
catch
(
Exception
e
)
{
e
.
printStackTrace
();
logger
.
info
(
"Unable to Signer assertion "
,
e
);
}
return
assertion
;
}
...
...
maxkey-protocols/maxkey-protocol-saml-2.0/src/main/java/org/maxkey/authz/saml20/provider/xml/AttributeStatementGenerator.java
浏览文件 @
fba86d25
package
org.maxkey.authz.saml20.provider.xml
;
import
java.util.ArrayList
;
import
java.util.Collection
;
import
java.util.HashMap
;
import
java.util.Iterator
;
import
java.util.Map
;
import
java.util.Map.Entry
;
import
org.maxkey.
authz.saml20.binding.BindingAdapter
;
import
org.maxkey.
constants.BOOLEAN
;
import
org.maxkey.domain.ExtraAttr
;
import
org.maxkey.domain.ExtraAttrs
;
import
org.maxkey.domain.apps.AppsSAML20Details
;
import
org.maxkey.web.WebContext
;
import
org.opensaml.Configuration
;
import
org.opensaml.saml2.core.Attribute
;
import
org.opensaml.saml2.core.AttributeStatement
;
...
...
@@ -29,40 +29,35 @@ public class AttributeStatementGenerator {
private
final
XMLObjectBuilderFactory
builderFactory
=
Configuration
.
getBuilderFactory
();
public
AttributeStatement
generateAttributeStatement
(
Collection
<
GrantedAuthority
>
authoritie
s
)
{
return
generateAttributeStatement
(
authorities
,
null
);
public
AttributeStatement
generateAttributeStatement
(
AppsSAML20Details
saml20Details
,
ArrayList
<
GrantedAuthority
>
grantedAuthority
s
)
{
return
generateAttributeStatement
(
saml20Details
,
grantedAuthoritys
,
null
);
}
public
AttributeStatement
generateAttributeStatement
(
Collection
<
GrantedAuthority
>
authorities
,
AppsSAML20Details
saml20Details
,
ArrayList
<
GrantedAuthority
>
grantedAuthoritys
,
HashMap
<
String
,
String
>
attributeMap
)
{
AttributeStatementBuilder
attributeStatementBuilder
=
(
AttributeStatementBuilder
)
builderFactory
.
getBuilder
(
AttributeStatement
.
DEFAULT_ELEMENT_NAME
);
AttributeStatement
attributeStatement
=
attributeStatementBuilder
.
buildObject
();
if
(
null
!=
authorities
){
Attribute
attributeGrantedAuthority
=
builderGrantedAuthority
(
authorities
);
attributeStatement
.
getAttributes
().
add
(
attributeGrantedAuthority
);
}
Attribute
attributeGrantedAuthority
=
builderGrantedAuthority
(
grantedAuthoritys
);
attributeStatement
.
getAttributes
().
add
(
attributeGrantedAuthority
);
if
(
null
!=
attributeMap
){
Iterator
<
Entry
<
String
,
String
>>
iterator
=
attributeMap
.
entrySet
().
iterator
();
while
(
iterator
.
hasNext
())
{
Map
.
Entry
<
String
,
String
>
entry
=
(
Map
.
Entry
<
String
,
String
>)
iterator
.
next
();
String
key
=
entry
.
getKey
();
String
value
=
entry
.
getValue
();
Attribute
attribute
=
builderAttribute
(
key
,
value
,
Attribute
.
BASIC
);
attributeStatement
.
getAttributes
().
add
(
attribute
);
}
}
BindingAdapter
bindingAdapter
=
(
BindingAdapter
)
WebContext
.
getSession
().
getAttribute
(
"samlv20Adapter"
);
AppsSAML20Details
saml20Details
=
bindingAdapter
.
getSaml20Details
();
logger
.
debug
(
"ExtendAttr "
+
saml20Details
.
getExtendAttr
());
if
(
saml20Details
.
getIsExtendAttr
()==
1
)
{
if
(
BOOLEAN
.
isTrue
(
saml20Details
.
getIsExtendAttr
())
)
{
ExtraAttrs
extraAttrs
=
new
ExtraAttrs
(
saml20Details
.
getExtendAttr
());
for
(
ExtraAttr
extraAttr
:
extraAttrs
.
getExtraAttrs
())
{
logger
.
debug
(
"Attribute : "
+
extraAttr
.
getAttr
()+
" , Vale : "
+
extraAttr
.
getValue
()+
" , Type : "
+
extraAttr
.
getType
());
...
...
@@ -79,39 +74,36 @@ public class AttributeStatementGenerator {
attribute
.
setName
(
attributeName
);
// urn:oasis:names:tc:SAML:2.0:attrname-format:basic
if
(
nameFormat
==
null
||
nameFormat
.
equals
(
""
))
{
nameFormat
=
Attribute
.
BASIC
;
}
attribute
.
setNameFormat
(
nameFormat
);
// Response/Assertion/AttributeStatement/Attribute/AttributeValue
XSStringBuilder
stringBuilder
=
(
XSStringBuilder
)
builderFactory
.
getBuilder
(
XSString
.
TYPE_NAME
);
XSString
stringValue
=
stringBuilder
.
buildObject
(
AttributeValue
.
DEFAULT_ELEMENT_NAME
,
XSString
.
TYPE_NAME
);
stringValue
.
setValue
(
value
);
attribute
.
getAttributeValues
().
add
(
stringValue
);
if
(
value
!=
null
)
{
attribute
.
getAttributeValues
().
add
(
builderAttributeValue
(
value
));
}
return
attribute
;
}
public
Attribute
builderGrantedAuthority
(
Collection
<
GrantedAuthority
>
authorities
){
// Response/Assertion/AttributeStatement/Attribute
AttributeBuilder
attributeBuilder
=
(
AttributeBuilder
)
builderFactory
.
getBuilder
(
Attribute
.
DEFAULT_ELEMENT_NAME
);
Attribute
attribute
=
attributeBuilder
.
buildObject
();
attribute
.
setName
(
"GrantedAuthority"
);
// urn:oasis:names:tc:SAML:2.0:attrname-format:basic
attribute
.
setNameFormat
(
Attribute
.
BASIC
);
Attribute
attribute
=
builderAttribute
(
"GrantedAuthority"
,
null
,
null
);
for
(
GrantedAuthority
grantedAuthority
:
authorities
)
{
// this was convoluted to figure out
// Response/Assertion/AttributeStatement/Attribute/AttributeValue
XSStringBuilder
stringBuilder
=
(
XSStringBuilder
)
Configuration
.
getBuilderFactory
().
getBuilder
(
XSString
.
TYPE_NAME
);
XSString
stringValue
=
stringBuilder
.
buildObject
(
AttributeValue
.
DEFAULT_ELEMENT_NAME
,
XSString
.
TYPE_NAME
);
stringValue
.
setValue
(
grantedAuthority
.
getAuthority
());
attribute
.
getAttributeValues
().
add
(
stringValue
);
attribute
.
getAttributeValues
().
add
(
builderAttributeValue
(
grantedAuthority
.
getAuthority
()));
}
return
attribute
;
}
public
XSString
builderAttributeValue
(
String
value
)
{
XSString
xsStringValue
=
new
XSStringBuilder
().
buildObject
(
AttributeValue
.
DEFAULT_ELEMENT_NAME
,
XSString
.
TYPE_NAME
);
xsStringValue
.
setValue
(
value
);
return
xsStringValue
;
}
}
maxkey-protocols/maxkey-protocol-saml-2.0/src/main/java/org/maxkey/authz/saml20/provider/xml/AuthnResponseGenerator.java
浏览文件 @
fba86d25
package
org.maxkey.authz.saml20.provider.xml
;
import
java.util.Collection
;
import
java.util.HashMap
;
import
org.joda.time.DateTime
;
import
org.maxkey.authz.saml.common.AuthnRequestInfo
;
import
org.maxkey.authz.saml.service.IDService
;
import
org.maxkey.authz.saml.service.TimeService
;
import
org.maxkey.authz.saml20.binding.BindingAdapter
;
import
org.maxkey.authz.saml20.xml.IssuerGenerator
;
import
org.maxkey.constants.BOOLEAN
;
import
org.maxkey.domain.apps.AppsSAML20Details
;
import
org.opensaml.Configuration
;
import
org.opensaml.saml2.core.Assertion
;
import
org.opensaml.saml2.core.EncryptedAssertion
;
import
org.opensaml.saml2.core.Issuer
;
import
org.opensaml.saml2.core.Response
;
import
org.opensaml.saml2.core.StatusCode
;
import
org.opensaml.saml2.core.impl.ResponseBuilder
;
import
org.opensaml.saml2.encryption.Encrypter
;
import
org.opensaml.saml2.encryption.Encrypter.KeyPlacement
;
import
org.opensaml.xml.XMLObjectBuilderFactory
;
import
org.opensaml.xml.encryption.EncryptionConstants
;
import
org.opensaml.xml.encryption.EncryptionException
;
import
org.opensaml.xml.encryption.EncryptionParameters
;
import
org.opensaml.xml.encryption.KeyEncryptionParameters
;
import
org.opensaml.xml.io.Marshaller
;
import
org.opensaml.xml.io.MarshallerFactory
;
import
org.opensaml.xml.io.MarshallingException
;
import
org.opensaml.xml.security.BasicSecurityConfiguration
;
import
org.opensaml.xml.security.credential.BasicCredential
;
import
org.opensaml.xml.security.credential.Credential
;
import
org.opensaml.xml.security.keyinfo.KeyInfoGeneratorFactory
;
import
org.opensaml.xml.signature.Signature
;
import
org.opensaml.xml.signature.SignatureConstants
;
import
org.opensaml.xml.signature.SignatureException
;
import
org.opensaml.xml.signature.Signer
;
import
org.opensaml.xml.signature.impl.SignatureBuilder
;
import
org.slf4j.Logger
;
import
org.slf4j.LoggerFactory
;
import
org.springframework.security.core.GrantedAuthority
;
public
class
AuthnResponseGenerator
{
private
final
static
Logger
logger
=
LoggerFactory
.
getLogger
(
AuthnResponseGenerator
.
class
);
private
final
XMLObjectBuilderFactory
builderFactory
=
Configuration
.
getBuilderFactory
();
private
String
issuerName
;
private
IDService
idService
;
private
TimeService
timeService
;
private
AssertionGenerator
assertionGenerator
;
private
IssuerGenerator
issuerGenerator
;
private
StatusGenerator
statusGenerator
;
...
...
@@ -58,113 +38,64 @@ public class AuthnResponseGenerator {
this
.
issuerName
=
issuerName
;
this
.
idService
=
idService
;
this
.
timeService
=
timeService
;
issuerGenerator
=
new
IssuerGenerator
(
issuerName
);
issuerGenerator
=
new
IssuerGenerator
(
this
.
issuerName
);
assertionGenerator
=
new
AssertionGenerator
(
issuerName
,
timeService
,
idService
);
statusGenerator
=
new
StatusGenerator
();
}
public
Response
generateAuthnResponse
(
AppsSAML20Details
saml20Details
,
AuthnRequestInfo
authnRequestInfo
,
String
nameIdValue
,
String
clientAddress
,
DateTime
authnInstant
,
Collection
<
GrantedAuthority
>
authorities
,
HashMap
<
String
,
String
>
attributeMap
,
Credential
signingCredential
,
Credential
spSigningCredential
){
ResponseBuilder
responseBuilder
=
(
ResponseBuilder
)
builderFactory
.
getBuilder
(
Response
.
DEFAULT_ELEMENT_NAME
);
Response
authResponse
=
responseBuilder
.
buildObject
();
int
validInSeconds
=
Integer
.
parseInt
(
saml20Details
.
getValidityInterval
());
String
audienceUrl
=
saml20Details
.
getAudience
();
String
assertionConsumerURL
=
saml20Details
.
getSpAcsUrl
();
String
inResponseTo
=
authnRequestInfo
.
getAuthnRequestID
();
Issuer
responseIssuer
=
issuerGenerator
.
generateIssuer
();
BindingAdapter
bindingAdapter
){
Response
authResponse
=
new
ResponseBuilder
().
buildObject
();
//builder Assertion
Assertion
assertion
=
assertionGenerator
.
generateAssertion
(
assertionConsumerURL
,
nameIdValue
,
inResponseTo
,
audienceUrl
,
validInSeconds
,
authorities
,
attributeMap
,
clientAddress
,
authnInstant
);
saml20Details
,
bindingAdapter
,
saml20Details
.
getSpAcsUrl
(),
authnRequestInfo
.
getAuthnRequestID
(),
saml20Details
.
getAudience
(),
Integer
.
parseInt
(
saml20Details
.
getValidityInterval
()),
attributeMap
);
try
{
logger
.
debug
(
"authResponse.isSigned "
+
authResponse
.
isSigned
());
//assertion.setSignature(newSignature);
if
(
BOOLEAN
.
isTrue
(
saml20Details
.
getEncrypted
()))
{
//Encrypt
if
(
BOOLEAN
.
isTrue
(
saml20Details
.
getEncrypted
()))
{
logger
.
info
(
"begin to encrypt assertion"
);
try
{
// Assume this contains a recipient's RSA public
logger
.
info
(
"begin to encrypt assertion"
);
EncryptionParameters
encryptionParameters
=
new
EncryptionParameters
();
encryptionParameters
.
setAlgorithm
(
EncryptionConstants
.
ALGO_ID_BLOCKCIPHER_AES128
);
logger
.
info
(
"encryption assertion Algorithm : "
+
EncryptionConstants
.
ALGO_ID_BLOCKCIPHER_AES128
);
KeyEncryptionParameters
keyEncryptionParameters
=
new
KeyEncryptionParameters
();
keyEncryptionParameters
.
setEncryptionCredential
(
spSigningCredential
);
keyEncryptionParameters
.
setEncryptionCredential
(
bindingAdapter
.
getSpSigningCredential
()
);
// kekParams.setAlgorithm(EncryptionConstants.ALGO_ID_KEYTRANSPORT_RSAOAEP);
keyEncryptionParameters
.
setAlgorithm
(
EncryptionConstants
.
ALGO_ID_KEYTRANSPORT_RSA15
);
logger
.
info
(
"keyEncryption Algorithm : "
+
EncryptionConstants
.
ALGO_ID_KEYTRANSPORT_RSA15
);
KeyInfoGeneratorFactory
keyInfoGeneratorFactory
=
Configuration
.
getGlobalSecurityConfiguration
()
.
getKeyInfoGeneratorManager
().
getDefaultManager
()
.
getFactory
(
spSigningCredential
);
.
getFactory
(
bindingAdapter
.
getSpSigningCredential
()
);
keyEncryptionParameters
.
setKeyInfoGenerator
(
keyInfoGeneratorFactory
.
newInstance
());
Encrypter
encrypter
=
new
Encrypter
(
encryptionParameters
,
keyEncryptionParameters
);
encrypter
.
setKeyPlacement
(
KeyPlacement
.
PEER
);
EncryptedAssertion
encryptedAssertion
=
encrypter
.
encrypt
(
assertion
);
authResponse
.
getEncryptedAssertions
().
add
(
encryptedAssertion
);
}
SignatureBuilder
signatureBuilder
=
(
SignatureBuilder
)
builderFactory
.
getBuilder
(
Signature
.
DEFAULT_ELEMENT_NAME
);
BasicCredential
basicCredential
=
new
BasicCredential
();
basicCredential
.
setPrivateKey
(
signingCredential
.
getPrivateKey
());
Signature
signature
=
signatureBuilder
.
buildObject
();
signature
.
setCanonicalizationAlgorithm
(
SignatureConstants
.
ALGO_ID_C14N_EXCL_OMIT_COMMENTS
);
signature
.
setSignatureAlgorithm
(
SignatureConstants
.
ALGO_ID_SIGNATURE_RSA_SHA256
);
signature
.
setSigningCredential
(
basicCredential
);
KeyInfoGeneratorFactory
keyInfoGeneratorFactory
=
Configuration
.
getGlobalSecurityConfiguration
()
.
getKeyInfoGeneratorManager
().
getDefaultManager
()
.
getFactory
(
signingCredential
);
signature
.
setKeyInfo
(
keyInfoGeneratorFactory
.
newInstance
().
generate
(
signingCredential
));
BasicSecurityConfiguration
config
=
(
BasicSecurityConfiguration
)
Configuration
.
getGlobalSecurityConfiguration
();
config
.
registerSignatureAlgorithmURI
(
"RSA"
,
SignatureConstants
.
ALGO_ID_SIGNATURE_RSA_SHA256
);
config
.
setSignatureReferenceDigestMethod
(
SignatureConstants
.
ALGO_ID_DIGEST_SHA256
);
assertion
.
setSignature
(
signature
);
Configuration
.
getMarshallerFactory
().
getMarshaller
(
assertion
).
marshall
(
assertion
);
Signer
.
signObject
(
signature
);
logger
.
debug
(
"assertion.isSigned "
+
assertion
.
isSigned
());;
}
catch
(
Exception
e
)
{
logger
.
info
(
"Unable to encrypt assertion ."
,
e
);
}
}
else
{
authResponse
.
getAssertions
().
add
(
assertion
);
}
catch
(
EncryptionException
e
)
{
logger
.
info
(
"Unable to encrypt assertion ."
);
e
.
printStackTrace
();
}
catch
(
Exception
e
)
{
// TODO Auto-generated catch block
e
.
printStackTrace
();
}
authResponse
.
setIssuer
(
responseIssuer
);
authResponse
.
setIssuer
(
issuerGenerator
.
generateIssuer
()
);
authResponse
.
setID
(
idService
.
generateID
());
authResponse
.
setIssueInstant
(
timeService
.
getCurrentDateTime
());
authResponse
.
setInResponseTo
(
inResponseTo
);
//authResponse.getAssertions().add(assertion);
authResponse
.
setDestination
(
assertionConsumerURL
);
authResponse
.
setInResponseTo
(
authnRequestInfo
.
getAuthnRequestID
());
authResponse
.
setDestination
(
saml20Details
.
getSpAcsUrl
());
authResponse
.
setStatus
(
statusGenerator
.
generateStatus
(
StatusCode
.
SUCCESS_URI
));
logger
.
debug
(
"authResponse.isSigned "
+
authResponse
.
isSigned
());
return
authResponse
;
}
...
...
maxkey-protocols/maxkey-protocol-saml-2.0/src/main/java/org/maxkey/authz/saml20/provider/xml/AuthnStatementGenerator.java
浏览文件 @
fba86d25
...
...
@@ -2,39 +2,33 @@
package
org.maxkey.authz.saml20.provider.xml
;
import
org.joda.time.DateTime
;
import
org.opensaml.Configuration
;
import
org.opensaml.saml2.core.AuthnContext
;
import
org.opensaml.saml2.core.AuthnContextClassRef
;
import
org.opensaml.saml2.core.AuthnStatement
;
import
org.opensaml.saml2.core.impl.AuthnContextBuilder
;
import
org.opensaml.saml2.core.impl.AuthnContextClassRefBuilder
;
import
org.opensaml.saml2.core.impl.AuthnStatementBuilder
;
import
org.opensaml.xml.XMLObjectBuilderFactory
;
import
org.slf4j.Logger
;
import
org.slf4j.LoggerFactory
;
public
class
AuthnStatementGenerator
{
private
final
static
Logger
logger
=
LoggerFactory
.
getLogger
(
AuthnStatementGenerator
.
class
);
private
final
XMLObjectBuilderFactory
builderFactory
=
Configuration
.
getBuilderFactory
();
public
AuthnStatement
generateAuthnStatement
(
DateTime
authnInstant
)
{
//Response/Assertion/AuthnStatement/AuthContext/AuthContextClassRef
AuthnContextClassRefBuilder
authnContextClassRefBuilder
=
(
AuthnContextClassRefBuilder
)
builderFactory
.
getBuilder
(
AuthnContextClassRef
.
DEFAULT_ELEMENT_NAME
);
AuthnContextClassRef
authnContextClassRef
=
authnContextClassRefBuilder
.
buildObject
();
AuthnContextClassRef
authnContextClassRef
=
new
AuthnContextClassRefBuilder
().
buildObject
();
//urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport
authnContextClassRef
.
setAuthnContextClassRef
(
AuthnContext
.
P
ASSWORD
_AUTHN_CTX
);
authnContextClassRef
.
setAuthnContextClassRef
(
AuthnContext
.
P
PT
_AUTHN_CTX
);
//Response/Assertion/AuthnStatement/AuthContext
AuthnContextBuilder
authnContextBuilder
=
(
AuthnContextBuilder
)
builderFactory
.
getBuilder
(
AuthnContext
.
DEFAULT_ELEMENT_NAME
);
AuthnContext
authnContext
=
authnContextBuilder
.
buildObject
();
AuthnContext
authnContext
=
new
AuthnContextBuilder
().
buildObject
();
authnContext
.
setAuthnContextClassRef
(
authnContextClassRef
);
//Response/Assertion/AuthnStatement
AuthnStatementBuilder
authnStatementBuilder
=
(
AuthnStatementBuilder
)
builderFactory
.
getBuilder
(
AuthnStatement
.
DEFAULT_ELEMENT_NAME
);
AuthnStatement
authnStatement
=
authnStatementBuilder
.
buildObject
();
AuthnStatement
authnStatement
=
new
AuthnStatementBuilder
().
buildObject
();
authnStatement
.
setAuthnContext
(
authnContext
);
authnStatement
.
setAuthnInstant
(
authnInstant
);
logger
.
debug
(
"generateAuthnStatement authnInstant "
+
authnInstant
);
return
authnStatement
;
}
...
...
maxkey-protocols/maxkey-protocol-saml-2.0/src/main/java/org/maxkey/authz/saml20/provider/xml/ConditionsGenerator.java
浏览文件 @
fba86d25
...
...
@@ -2,23 +2,20 @@
package
org.maxkey.authz.saml20.provider.xml
;
import
org.joda.time.DateTime
;
import
org.opensaml.Configuration
;
import
org.opensaml.saml2.core.Audience
;
import
org.opensaml.saml2.core.AudienceRestriction
;
import
org.opensaml.saml2.core.Conditions
;
import
org.opensaml.saml2.core.impl.AudienceBuilder
;
import
org.opensaml.saml2.core.impl.AudienceRestrictionBuilder
;
import
org.opensaml.saml2.core.impl.ConditionsBuilder
;
import
org.opensaml.xml.XMLObjectBuilderFactory
;
import
org.slf4j.Logger
;
import
org.slf4j.LoggerFactory
;
public
class
ConditionsGenerator
{
private
final
XMLObjectBuilderFactory
builderFactory
=
Configuration
.
getBuilderFactory
();
private
final
static
Logger
logger
=
LoggerFactory
.
getLogger
(
ConditionsGenerator
.
class
);
public
Conditions
generateConditions
(
String
audienceUrl
,
int
validInSeconds
)
{
ConditionsBuilder
conditionsBuilder
=
(
ConditionsBuilder
)
builderFactory
.
getBuilder
(
Conditions
.
DEFAULT_ELEMENT_NAME
);
Conditions
conditions
=
conditionsBuilder
.
buildObject
();
Conditions
conditions
=
new
ConditionsBuilder
().
buildObject
();
conditions
.
setNotBefore
(
new
DateTime
());
conditions
.
setNotOnOrAfter
(
new
DateTime
().
plus
(
validInSeconds
*
1000
));
...
...
@@ -29,15 +26,13 @@ public class ConditionsGenerator {
}
public
AudienceRestriction
builderAudienceRestriction
(
String
audienceUrl
){
AudienceRestrictionBuilder
audienceRestrictionBuilder
=
(
AudienceRestrictionBuilder
)
builderFactory
.
getBuilder
(
AudienceRestriction
.
DEFAULT_ELEMENT_NAME
);
AudienceRestriction
audienceRestriction
=
audienceRestrictionBuilder
.
buildObject
();
AudienceRestriction
audienceRestriction
=
new
AudienceRestrictionBuilder
().
buildObject
();
AudienceBuilder
audienceBuilder
=
(
AudienceBuilder
)
builderFactory
.
getBuilder
(
Audience
.
DEFAULT_ELEMENT_NAME
);
Audience
audience
=
audienceBuilder
.
buildObject
();
Audience
audience
=
new
AudienceBuilder
().
buildObject
();
audience
.
setAudienceURI
(
audienceUrl
);
audienceRestriction
.
getAudiences
().
add
(
audience
);
logger
.
debug
(
"Audience URL "
+
audienceUrl
);
return
audienceRestriction
;
}
...
...
maxkey-protocols/maxkey-protocol-saml-2.0/src/main/java/org/maxkey/authz/saml20/provider/xml/StatusGenerator.java
浏览文件 @
fba86d25
package
org.maxkey.authz.saml20.provider.xml
;
import
org.opensaml.Configuration
;
import
org.opensaml.saml2.core.Status
;
import
org.opensaml.saml2.core.StatusCode
;
import
org.opensaml.saml2.core.StatusMessage
;
import
org.opensaml.saml2.core.impl.StatusBuilder
;
import
org.opensaml.saml2.core.impl.StatusCodeBuilder
;
import
org.opensaml.saml2.core.impl.StatusMessageBuilder
;
import
org.opensaml.xml.XMLObjectBuilderFactory
;
public
class
StatusGenerator
{
private
final
XMLObjectBuilderFactory
builderFactory
=
Configuration
.
getBuilderFactory
();
public
Status
generateStatus
(
String
value
)
{
Status
status
=
builderStatus
();
...
...
@@ -45,23 +40,19 @@ public class StatusGenerator {
}
public
Status
builderStatus
(){
StatusBuilder
builder
=
(
StatusBuilder
)
builderFactory
.
getBuilder
(
Status
.
DEFAULT_ELEMENT_NAME
);
Status
status
=
(
Status
)
builder
.
buildObject
();
Status
status
=
(
Status
)
new
StatusBuilder
().
buildObject
();
return
status
;
}
public
StatusCode
builderStatusCode
(
String
value
){
StatusCodeBuilder
codeBuilder
=
(
StatusCodeBuilder
)
builderFactory
.
getBuilder
(
StatusCode
.
DEFAULT_ELEMENT_NAME
);
StatusCode
statusCode
=
(
StatusCode
)
codeBuilder
.
buildObject
();
StatusCode
statusCode
=
(
StatusCode
)
new
StatusCodeBuilder
().
buildObject
();
statusCode
.
setValue
(
value
);
return
statusCode
;
}
public
StatusMessage
builderStatusMessage
(
String
message
){
StatusMessageBuilder
statusMessageBuilder
=
(
StatusMessageBuilder
)
builderFactory
.
getBuilder
(
StatusMessage
.
DEFAULT_ELEMENT_NAME
);
StatusMessage
statusMessage
=
statusMessageBuilder
.
buildObject
();
StatusMessage
statusMessage
=
new
StatusMessageBuilder
().
buildObject
();
statusMessage
.
setMessage
(
message
);
...
...
maxkey-protocols/maxkey-protocol-saml-2.0/src/main/java/org/maxkey/authz/saml20/provider/xml/SubjectGenerator.java
浏览文件 @
fba86d25
...
...
@@ -3,6 +3,7 @@ package org.maxkey.authz.saml20.provider.xml;
import
org.maxkey.authz.saml.service.TimeService
;
import
org.maxkey.web.WebContext
;
import
org.opensaml.saml2.core.NameID
;
import
org.opensaml.saml2.core.NameIDType
;
import
org.opensaml.saml2.core.Subject
;
...
...
@@ -25,14 +26,14 @@ public class SubjectGenerator {
public
Subject
generateSubject
(
String
assertionConsumerURL
,
String
nameIdValue
,
String
inResponseTo
,
int
validInSeconds
,
String
clientAddress
)
{
int
validInSeconds
)
{
String
nameIdValue
=
WebContext
.
getUserInfo
().
getUsername
();
NameID
nameID
=
builderNameID
(
nameIdValue
,
assertionConsumerURL
);
Subject
subject
=
builderSubject
(
nameID
);
String
clientAddress
=
WebContext
.
getRequestIpAddress
(
WebContext
.
getRequest
());
SubjectConfirmation
subjectConfirmation
=
builderSubjectConfirmation
(
assertionConsumerURL
,
inResponseTo
,
...
...
maxkey-protocols/maxkey-protocol-saml-2.0/src/main/java/org/maxkey/authz/saml20/xml/IssuerGenerator.java
浏览文件 @
fba86d25
package
org.maxkey.authz.saml20.xml
;
import
org.opensaml.Configuration
;
import
org.opensaml.saml2.core.Issuer
;
import
org.opensaml.saml2.core.NameIDType
;
import
org.opensaml.saml2.core.impl.IssuerBuilder
;
import
org.opensaml.xml.XMLObjectBuilderFactory
;
public
class
IssuerGenerator
{
private
final
XMLObjectBuilderFactory
builderFactory
=
Configuration
.
getBuilderFactory
();
private
final
String
issuerName
;
...
...
@@ -19,14 +15,12 @@ public class IssuerGenerator {
public
Issuer
generateIssuer
()
{
///Issuer
IssuerBuilder
issuerBuilder
=
(
IssuerBuilder
)
builderFactory
.
getBuilder
(
Issuer
.
DEFAULT_ELEMENT_NAME
);
Issuer
issuer
=
issuerBuilder
.
buildObject
();
Issuer
issuer
=
new
IssuerBuilder
().
buildObject
();
issuer
.
setValue
(
issuerName
);
issuer
.
setFormat
(
NameIDType
.
ENTITY
);
return
issuer
;
}
}
编辑
预览
Markdown
is supported
0%
请重试
或
添加新附件
.
添加附件
取消
You are about to add
0
people
to the discussion. Proceed with caution.
先完成此消息的编辑!
取消
想要评论请
注册
或
登录