Package org.keycloak.protocol.saml
Class SamlService.BindingProtocol
- java.lang.Object
-
- org.keycloak.protocol.saml.SamlService.BindingProtocol
-
- Direct Known Subclasses:
SamlService.PostBindingProtocol,SamlService.RedirectBindingProtocol
- Enclosing class:
- SamlService
public abstract class SamlService.BindingProtocol extends Object
-
-
Field Summary
Fields Modifier and Type Field Description protected booleanredirectToAuthentication
-
Constructor Summary
Constructors Constructor Description BindingProtocol()
-
Method Summary
All Methods Instance Methods Abstract Methods Concrete Methods Modifier and Type Method Description protected javax.ws.rs.core.ResponsebasicChecks(String samlRequest, String samlResponse, String artifact)protected abstract booleancontainsUnencryptedSignature(org.keycloak.saml.processing.core.saml.v2.common.SAMLDocumentHolder documentHolder)protected abstract StringencodeSamlDocument(Document samlDocument)javax.ws.rs.core.Responseexecute(String samlRequest, String samlResponse, String relayState, String artifact)voidexecute(javax.ws.rs.container.AsyncResponse asyncReponse, String samlRequest, String samlResponse, String relayState, String artifact)protected abstract org.keycloak.saml.processing.core.saml.v2.common.SAMLDocumentHolderextractRequestDocument(String samlRequest)protected abstract org.keycloak.saml.processing.core.saml.v2.common.SAMLDocumentHolderextractResponseDocument(String response)protected abstract StringgetBindingType()protected StringgetBindingType(org.keycloak.dom.saml.v2.protocol.AuthnRequestType requestAbstractType)protected URIgetExpectedDestinationUri(org.keycloak.models.KeycloakSession session)KEYCLOAK-12616, KEYCLOAK-12944: construct the expected destination URI using the configured base URI.protected voidhandleArtifact(javax.ws.rs.container.AsyncResponse asyncResponse, String artifact, String relayState)Handle a received artifact message.protected javax.ws.rs.core.ResponsehandleSamlRequest(String samlRequest, String relayState)protected javax.ws.rs.core.ResponsehandleSamlResponse(String samlResponse, String relayState)protected booleanisDestinationRequired()protected javax.ws.rs.core.ResponseloginRequest(String relayState, org.keycloak.dom.saml.v2.protocol.AuthnRequestType requestAbstractType, org.keycloak.models.ClientModel client)protected javax.ws.rs.core.ResponselogoutRequest(org.keycloak.dom.saml.v2.protocol.LogoutRequestType logoutRequest, org.keycloak.models.ClientModel client, String relayState)protected abstract voidverifySignature(org.keycloak.saml.processing.core.saml.v2.common.SAMLDocumentHolder documentHolder, org.keycloak.models.ClientModel client)
-
-
-
Method Detail
-
basicChecks
protected javax.ws.rs.core.Response basicChecks(String samlRequest, String samlResponse, String artifact)
-
isDestinationRequired
protected boolean isDestinationRequired()
-
handleSamlResponse
protected javax.ws.rs.core.Response handleSamlResponse(String samlResponse, String relayState)
-
handleSamlRequest
protected javax.ws.rs.core.Response handleSamlRequest(String samlRequest, String relayState)
-
handleArtifact
protected void handleArtifact(javax.ws.rs.container.AsyncResponse asyncResponse, String artifact, String relayState)Handle a received artifact message. This means finding the client based on the content of the artifact, sending an ArtifactResolve, receiving an ArtifactResponse, and handling its content based on the "standard" workflows.- Parameters:
artifact- the received artifactrelayState- the current relay state
-
encodeSamlDocument
protected abstract String encodeSamlDocument(Document samlDocument) throws org.keycloak.saml.common.exceptions.ProcessingException
- Throws:
org.keycloak.saml.common.exceptions.ProcessingException
-
verifySignature
protected abstract void verifySignature(org.keycloak.saml.processing.core.saml.v2.common.SAMLDocumentHolder documentHolder, org.keycloak.models.ClientModel client) throws org.keycloak.common.VerificationException- Throws:
org.keycloak.common.VerificationException
-
containsUnencryptedSignature
protected abstract boolean containsUnencryptedSignature(org.keycloak.saml.processing.core.saml.v2.common.SAMLDocumentHolder documentHolder)
-
extractRequestDocument
protected abstract org.keycloak.saml.processing.core.saml.v2.common.SAMLDocumentHolder extractRequestDocument(String samlRequest)
-
extractResponseDocument
protected abstract org.keycloak.saml.processing.core.saml.v2.common.SAMLDocumentHolder extractResponseDocument(String response)
-
loginRequest
protected javax.ws.rs.core.Response loginRequest(String relayState, org.keycloak.dom.saml.v2.protocol.AuthnRequestType requestAbstractType, org.keycloak.models.ClientModel client)
-
getBindingType
protected String getBindingType(org.keycloak.dom.saml.v2.protocol.AuthnRequestType requestAbstractType)
-
getBindingType
protected abstract String getBindingType()
-
logoutRequest
protected javax.ws.rs.core.Response logoutRequest(org.keycloak.dom.saml.v2.protocol.LogoutRequestType logoutRequest, org.keycloak.models.ClientModel client, String relayState)
-
execute
public javax.ws.rs.core.Response execute(String samlRequest, String samlResponse, String relayState, String artifact)
-
execute
public void execute(javax.ws.rs.container.AsyncResponse asyncReponse, String samlRequest, String samlResponse, String relayState, String artifact)
-
getExpectedDestinationUri
protected URI getExpectedDestinationUri(org.keycloak.models.KeycloakSession session)
KEYCLOAK-12616, KEYCLOAK-12944: construct the expected destination URI using the configured base URI.- Parameters:
session- a reference to theKeycloakSession.- Returns:
- the constructed
URI.
-
-