Package org.keycloak.protocol.saml
Class SamlService.BindingProtocol
- java.lang.Object
-
- org.keycloak.protocol.saml.SamlService.BindingProtocol
-
- Direct Known Subclasses:
SamlService.PostBindingProtocol
,SamlService.RedirectBindingProtocol
- Enclosing class:
- SamlService
public abstract class SamlService.BindingProtocol extends Object
-
-
Field Summary
Fields Modifier and Type Field Description protected boolean
redirectToAuthentication
-
Constructor Summary
Constructors Constructor Description BindingProtocol()
-
Method Summary
All Methods Instance Methods Abstract Methods Concrete Methods Modifier and Type Method Description protected javax.ws.rs.core.Response
basicChecks(String samlRequest, String samlResponse, String artifact)
protected abstract boolean
containsUnencryptedSignature(SAMLDocumentHolder documentHolder)
protected abstract String
encodeSamlDocument(Document samlDocument)
javax.ws.rs.core.Response
execute(String samlRequest, String samlResponse, String relayState, String artifact)
void
execute(javax.ws.rs.container.AsyncResponse asyncReponse, String samlRequest, String samlResponse, String relayState, String artifact)
protected abstract SAMLDocumentHolder
extractRequestDocument(String samlRequest)
protected abstract SAMLDocumentHolder
extractResponseDocument(String response)
protected abstract String
getBindingType()
protected String
getBindingType(AuthnRequestType requestAbstractType)
protected URI
getExpectedDestinationUri(KeycloakSession session)
KEYCLOAK-12616, KEYCLOAK-12944: construct the expected destination URI using the configured base URI.protected void
handleArtifact(javax.ws.rs.container.AsyncResponse asyncResponse, String artifact, String relayState)
Handle a received artifact message.protected javax.ws.rs.core.Response
handleSamlRequest(String samlRequest, String relayState)
protected javax.ws.rs.core.Response
handleSamlResponse(String samlResponse, String relayState)
protected boolean
isDestinationRequired()
protected javax.ws.rs.core.Response
loginRequest(String relayState, AuthnRequestType requestAbstractType, ClientModel client)
protected javax.ws.rs.core.Response
logoutRequest(LogoutRequestType logoutRequest, ClientModel client, String relayState)
protected abstract void
verifySignature(SAMLDocumentHolder documentHolder, ClientModel client)
-
-
-
Method Detail
-
basicChecks
protected javax.ws.rs.core.Response basicChecks(String samlRequest, String samlResponse, String artifact)
-
isDestinationRequired
protected boolean isDestinationRequired()
-
handleSamlResponse
protected javax.ws.rs.core.Response handleSamlResponse(String samlResponse, String relayState)
-
handleSamlRequest
protected javax.ws.rs.core.Response handleSamlRequest(String samlRequest, String relayState)
-
handleArtifact
protected void handleArtifact(javax.ws.rs.container.AsyncResponse asyncResponse, String artifact, String relayState)
Handle a received artifact message. This means finding the client based on the content of the artifact, sending an ArtifactResolve, receiving an ArtifactResponse, and handling its content based on the "standard" workflows.- Parameters:
artifact
- the received artifactrelayState
- the current relay state
-
encodeSamlDocument
protected abstract String encodeSamlDocument(Document samlDocument) throws ProcessingException
- Throws:
ProcessingException
-
verifySignature
protected abstract void verifySignature(SAMLDocumentHolder documentHolder, ClientModel client) throws VerificationException
- Throws:
VerificationException
-
containsUnencryptedSignature
protected abstract boolean containsUnencryptedSignature(SAMLDocumentHolder documentHolder)
-
extractRequestDocument
protected abstract SAMLDocumentHolder extractRequestDocument(String samlRequest)
-
extractResponseDocument
protected abstract SAMLDocumentHolder extractResponseDocument(String response)
-
loginRequest
protected javax.ws.rs.core.Response loginRequest(String relayState, AuthnRequestType requestAbstractType, ClientModel client)
-
getBindingType
protected String getBindingType(AuthnRequestType requestAbstractType)
-
getBindingType
protected abstract String getBindingType()
-
logoutRequest
protected javax.ws.rs.core.Response logoutRequest(LogoutRequestType logoutRequest, ClientModel client, String relayState)
-
execute
public javax.ws.rs.core.Response execute(String samlRequest, String samlResponse, String relayState, String artifact)
-
execute
public void execute(javax.ws.rs.container.AsyncResponse asyncReponse, String samlRequest, String samlResponse, String relayState, String artifact)
-
getExpectedDestinationUri
protected URI getExpectedDestinationUri(KeycloakSession session)
KEYCLOAK-12616, KEYCLOAK-12944: construct the expected destination URI using the configured base URI.- Parameters:
session
- a reference to theKeycloakSession
.- Returns:
- the constructed
URI
.
-
-