Package org.keycloak.protocol.saml
Class SamlService.BindingProtocol
- java.lang.Object
-
- org.keycloak.protocol.saml.SamlService.BindingProtocol
-
- Direct Known Subclasses:
SamlService.PostBindingProtocol
,SamlService.RedirectBindingProtocol
- Enclosing class:
- SamlService
public abstract class SamlService.BindingProtocol extends Object
-
-
Field Summary
Fields Modifier and Type Field Description protected boolean
redirectToAuthentication
-
Constructor Summary
Constructors Constructor Description BindingProtocol()
-
Method Summary
All Methods Instance Methods Abstract Methods Concrete Methods Modifier and Type Method Description protected javax.ws.rs.core.Response
basicChecks(String samlRequest, String samlResponse, String artifact)
protected abstract boolean
containsUnencryptedSignature(org.keycloak.saml.processing.core.saml.v2.common.SAMLDocumentHolder documentHolder)
protected abstract String
encodeSamlDocument(Document samlDocument)
javax.ws.rs.core.Response
execute(String samlRequest, String samlResponse, String relayState, String artifact)
void
execute(javax.ws.rs.container.AsyncResponse asyncReponse, String samlRequest, String samlResponse, String relayState, String artifact)
protected abstract org.keycloak.saml.processing.core.saml.v2.common.SAMLDocumentHolder
extractRequestDocument(String samlRequest)
protected abstract org.keycloak.saml.processing.core.saml.v2.common.SAMLDocumentHolder
extractResponseDocument(String response)
protected abstract String
getBindingType()
protected String
getBindingType(org.keycloak.dom.saml.v2.protocol.AuthnRequestType requestAbstractType)
protected URI
getExpectedDestinationUri(org.keycloak.models.KeycloakSession session)
KEYCLOAK-12616, KEYCLOAK-12944: construct the expected destination URI using the configured base URI.protected void
handleArtifact(javax.ws.rs.container.AsyncResponse asyncResponse, String artifact, String relayState)
Handle a received artifact message.protected javax.ws.rs.core.Response
handleSamlRequest(String samlRequest, String relayState)
protected javax.ws.rs.core.Response
handleSamlResponse(String samlResponse, String relayState)
protected boolean
isDestinationRequired()
protected javax.ws.rs.core.Response
loginRequest(String relayState, org.keycloak.dom.saml.v2.protocol.AuthnRequestType requestAbstractType, org.keycloak.models.ClientModel client)
protected javax.ws.rs.core.Response
logoutRequest(org.keycloak.dom.saml.v2.protocol.LogoutRequestType logoutRequest, org.keycloak.models.ClientModel client, String relayState)
protected abstract void
verifySignature(org.keycloak.saml.processing.core.saml.v2.common.SAMLDocumentHolder documentHolder, org.keycloak.models.ClientModel client)
-
-
-
Method Detail
-
basicChecks
protected javax.ws.rs.core.Response basicChecks(String samlRequest, String samlResponse, String artifact)
-
isDestinationRequired
protected boolean isDestinationRequired()
-
handleSamlResponse
protected javax.ws.rs.core.Response handleSamlResponse(String samlResponse, String relayState)
-
handleSamlRequest
protected javax.ws.rs.core.Response handleSamlRequest(String samlRequest, String relayState)
-
handleArtifact
protected void handleArtifact(javax.ws.rs.container.AsyncResponse asyncResponse, String artifact, String relayState)
Handle a received artifact message. This means finding the client based on the content of the artifact, sending an ArtifactResolve, receiving an ArtifactResponse, and handling its content based on the "standard" workflows.- Parameters:
artifact
- the received artifactrelayState
- the current relay state
-
encodeSamlDocument
protected abstract String encodeSamlDocument(Document samlDocument) throws org.keycloak.saml.common.exceptions.ProcessingException
- Throws:
org.keycloak.saml.common.exceptions.ProcessingException
-
verifySignature
protected abstract void verifySignature(org.keycloak.saml.processing.core.saml.v2.common.SAMLDocumentHolder documentHolder, org.keycloak.models.ClientModel client) throws org.keycloak.common.VerificationException
- Throws:
org.keycloak.common.VerificationException
-
containsUnencryptedSignature
protected abstract boolean containsUnencryptedSignature(org.keycloak.saml.processing.core.saml.v2.common.SAMLDocumentHolder documentHolder)
-
extractRequestDocument
protected abstract org.keycloak.saml.processing.core.saml.v2.common.SAMLDocumentHolder extractRequestDocument(String samlRequest)
-
extractResponseDocument
protected abstract org.keycloak.saml.processing.core.saml.v2.common.SAMLDocumentHolder extractResponseDocument(String response)
-
loginRequest
protected javax.ws.rs.core.Response loginRequest(String relayState, org.keycloak.dom.saml.v2.protocol.AuthnRequestType requestAbstractType, org.keycloak.models.ClientModel client)
-
getBindingType
protected String getBindingType(org.keycloak.dom.saml.v2.protocol.AuthnRequestType requestAbstractType)
-
getBindingType
protected abstract String getBindingType()
-
logoutRequest
protected javax.ws.rs.core.Response logoutRequest(org.keycloak.dom.saml.v2.protocol.LogoutRequestType logoutRequest, org.keycloak.models.ClientModel client, String relayState)
-
execute
public javax.ws.rs.core.Response execute(String samlRequest, String samlResponse, String relayState, String artifact)
-
execute
public void execute(javax.ws.rs.container.AsyncResponse asyncReponse, String samlRequest, String samlResponse, String relayState, String artifact)
-
getExpectedDestinationUri
protected URI getExpectedDestinationUri(org.keycloak.models.KeycloakSession session)
KEYCLOAK-12616, KEYCLOAK-12944: construct the expected destination URI using the configured base URI.- Parameters:
session
- a reference to theKeycloakSession
.- Returns:
- the constructed
URI
.
-
-