Class HTTPPostSimpleSignEncoder

All Implemented Interfaces:
Component, DestructableComponent, InitializableComponent, UnmodifiableComponent, MessageEncoder, HttpServletResponseMessageEncoder, SAMLMessageEncoder

public class HTTPPostSimpleSignEncoder extends HTTPPostEncoder
SAML 2.0 HTTP-POST-SimpleSign binding message encoder.
  • Field Details

    • DEFAULT_TEMPLATE_ID

      public static final String DEFAULT_TEMPLATE_ID
      Default template ID.
      See Also:
    • log

      private final org.slf4j.Logger log
      Class logger.
  • Constructor Details

    • HTTPPostSimpleSignEncoder

      public HTTPPostSimpleSignEncoder()
      Constructor.
  • Method Details

    • getBindingURI

      public String getBindingURI()
      Gets the SAML binding URI supported by this encoder.
      Specified by:
      getBindingURI in interface SAMLMessageEncoder
      Overrides:
      getBindingURI in class HTTPPostEncoder
      Returns:
      SAML binding URI supported by this encoder
    • populateVelocityContext

      protected void populateVelocityContext(org.apache.velocity.VelocityContext velocityContext, MessageContext messageContext, String endpointURL) throws MessageEncodingException
      Populate the Velocity context instance which will be used to render the POST body.
      Overrides:
      populateVelocityContext in class HTTPPostEncoder
      Parameters:
      velocityContext - the Velocity context instance to populate with data
      messageContext - the SAML message context source of data
      endpointURL - endpoint URL to which to encode message
      Throws:
      MessageEncodingException - thrown if there is a problem encoding the message
    • buildKeyInfo

      protected String buildKeyInfo(Credential signingCredential, KeyInfoGenerator kiGenerator) throws MessageEncodingException
      Build the KeyInfo from the signing credential.
      Parameters:
      signingCredential - the credential used for signing
      kiGenerator - the generator for the KeyInfo
      Returns:
      the marshalled, serialized and base64-encoded KeyInfo, or null if none was generated
      Throws:
      MessageEncodingException - thrown if there is an error generating or marshalling the KeyInfo
    • buildFormDataToSign

      protected String buildFormDataToSign(org.apache.velocity.VelocityContext velocityContext, MessageContext messageContext, String sigAlgURI) throws MessageEncodingException
      Build the form control data string over which the signature is computed.
      Parameters:
      velocityContext - the Velocity context which is already populated with the values for SAML message and relay state
      messageContext - the SAML message context being processed
      sigAlgURI - the signature algorithm URI
      Returns:
      the form control data string for signature computation
      Throws:
      MessageEncodingException - if there is an issue building the form to sign.
    • getSignatureAlgorithmURI

      protected String getSignatureAlgorithmURI(SignatureSigningParameters signingParameters) throws MessageEncodingException
      Gets the signature algorithm URI to use.
      Parameters:
      signingParameters - the signing parameters to use
      Returns:
      signature algorithm to use with the associated signing credential
      Throws:
      MessageEncodingException - thrown if the algorithm URI is not supplied explicitly and could not be derived from the supplied credential
    • generateSignature

      protected String generateSignature(Credential signingCredential, String algorithmURI, String formData) throws MessageEncodingException
      Generates the signature over the string of concatenated form control data as indicated by the SimpleSign spec.
      Parameters:
      signingCredential - credential that will be used to sign
      algorithmURI - algorithm URI of the signing credential
      formData - form control data to be signed
      Returns:
      base64 encoded signature of form control data
      Throws:
      MessageEncodingException - there is an error computing the signature