From a7033d7f89023b9a371bd7cfc70e280778e93cd3 Mon Sep 17 00:00:00 2001 From: shimingxy Date: Thu, 27 Feb 2020 21:56:33 +0800 Subject: [PATCH] update update --- .../crypto/keystore/KeyStoreLoader.java | 3 -- .../authz/saml/common/EndpointGenerator.java | 21 +++------ .../authz/saml/common/TrustResolver.java | 12 ++--- .../saml20/{ => binding}/BindingAdapter.java | 6 +-- .../{ => binding}/ExtractBindingAdapter.java | 3 +- .../decoder}/OpenHTTPPostDecoder.java | 11 +++-- .../OpenHTTPPostSimpleSignDecoder.java | 45 +++++++------------ .../decoder}/OpenHTTPRedirectDecoder.java | 16 +++---- .../impl}/ExtractPostBindingAdapter.java | 12 +++-- .../impl}/ExtractRedirectBindingAdapter.java | 5 ++- .../impl}/PostBindingAdapter.java | 7 +-- .../impl}/PostSimpleSignBindingAdapter.java | 2 +- .../consumer/AuthnRequestGenerator.java | 9 +--- .../consumer/endpoint/ConsumerEndpoint.java | 20 +++------ .../RealAuthenticationFailureHandler.java | 2 - ...erviceProviderAuthenticationException.java | 8 +++- .../metadata/MetadataDescriptorUtil.java | 12 ++--- .../saml20/metadata/MetadataGenerator.java | 6 ++- .../encoding/WebServicePostEncoder.java | 4 ++ .../provider/endpoint/AssertionEndpoint.java | 2 +- .../provider/endpoint/IdpInitEndpoint.java | 4 +- .../endpoint/SingleSignOnEndpoint.java | 5 ++- .../ui/velocity/package-info.java | 9 ++-- .../resources/spring/maxkey-protocol-saml.xml | 38 ++++++++-------- 24 files changed, 113 insertions(+), 149 deletions(-) rename maxkey-protocols/maxkey-protocol-saml-2.0/src/main/java/org/maxkey/authz/saml20/{ => binding}/BindingAdapter.java (85%) rename maxkey-protocols/maxkey-protocol-saml-2.0/src/main/java/org/maxkey/authz/saml20/{ => binding}/ExtractBindingAdapter.java (94%) rename maxkey-protocols/maxkey-protocol-saml-2.0/src/main/java/org/maxkey/authz/saml20/{ => binding/decoder}/OpenHTTPPostDecoder.java (93%) rename maxkey-protocols/maxkey-protocol-saml-2.0/src/main/java/org/maxkey/authz/saml20/{ => binding/decoder}/OpenHTTPPostSimpleSignDecoder.java (73%) rename maxkey-protocols/maxkey-protocol-saml-2.0/src/main/java/org/maxkey/authz/saml20/{ => binding/decoder}/OpenHTTPRedirectDecoder.java (91%) rename maxkey-protocols/maxkey-protocol-saml-2.0/src/main/java/org/maxkey/authz/saml20/{ => binding/impl}/ExtractPostBindingAdapter.java (93%) rename maxkey-protocols/maxkey-protocol-saml-2.0/src/main/java/org/maxkey/authz/saml20/{ => binding/impl}/ExtractRedirectBindingAdapter.java (93%) rename maxkey-protocols/maxkey-protocol-saml-2.0/src/main/java/org/maxkey/authz/saml20/{ => binding/impl}/PostBindingAdapter.java (97%) rename maxkey-protocols/maxkey-protocol-saml-2.0/src/main/java/org/maxkey/authz/saml20/{ => binding/impl}/PostSimpleSignBindingAdapter.java (94%) diff --git a/maxkey-core/src/main/java/org/maxkey/crypto/keystore/KeyStoreLoader.java b/maxkey-core/src/main/java/org/maxkey/crypto/keystore/KeyStoreLoader.java index 2b4aefce7..8b944333f 100644 --- a/maxkey-core/src/main/java/org/maxkey/crypto/keystore/KeyStoreLoader.java +++ b/maxkey-core/src/main/java/org/maxkey/crypto/keystore/KeyStoreLoader.java @@ -9,7 +9,6 @@ import java.util.Enumeration; import org.slf4j.Logger; import org.slf4j.LoggerFactory; import org.springframework.beans.factory.InitializingBean; -import org.springframework.beans.factory.annotation.Required; import org.springframework.util.ResourceUtils; @@ -45,7 +44,6 @@ public class KeyStoreLoader implements InitializingBean{ /** * @param keystoreFile the keystoreFile to set */ - @Required public void setKeystoreFile(String keystoreFile) { this.keystoreFile = keystoreFile; } @@ -55,7 +53,6 @@ public class KeyStoreLoader implements InitializingBean{ /** * @param keystorePassword the keystorePassword to set */ - @Required public void setKeystorePassword(String keystorePassword) { this.keystorePassword = keystorePassword; } diff --git a/maxkey-protocols/maxkey-protocol-saml-2.0/src/main/java/org/maxkey/authz/saml/common/EndpointGenerator.java b/maxkey-protocols/maxkey-protocol-saml-2.0/src/main/java/org/maxkey/authz/saml/common/EndpointGenerator.java index 7e021663c..654c6a644 100644 --- a/maxkey-protocols/maxkey-protocol-saml-2.0/src/main/java/org/maxkey/authz/saml/common/EndpointGenerator.java +++ b/maxkey-protocols/maxkey-protocol-saml-2.0/src/main/java/org/maxkey/authz/saml/common/EndpointGenerator.java @@ -5,26 +5,18 @@ package org.maxkey.authz.saml.common; import javax.xml.namespace.QName; import org.apache.commons.lang.StringUtils; -import org.opensaml.Configuration; -import org.opensaml.common.SAMLObjectBuilder; +import org.opensaml.saml2.metadata.AssertionConsumerService; import org.opensaml.saml2.metadata.Endpoint; -import org.opensaml.xml.XMLObjectBuilderFactory; +import org.opensaml.saml2.metadata.impl.AssertionConsumerServiceBuilder; import org.slf4j.Logger; import org.slf4j.LoggerFactory; public class EndpointGenerator { - private final static Logger logger = LoggerFactory.getLogger(EndpointGenerator.class); - private XMLObjectBuilderFactory builderFactory = Configuration.getBuilderFactory(); - public Endpoint generateEndpoint( String location) { logger.debug("end point location: {}", location); - - QName service=org.opensaml.saml2.metadata.AssertionConsumerService.DEFAULT_ELEMENT_NAME; - - SAMLObjectBuilder endpointBuilder = (SAMLObjectBuilder) builderFactory.getBuilder(service); - Endpoint samlEndpoint = endpointBuilder.buildObject(); + Endpoint samlEndpoint = new AssertionConsumerServiceBuilder().buildObject(); samlEndpoint.setLocation(location); @@ -35,12 +27,11 @@ public class EndpointGenerator { logger.debug("end point service: {}", service); logger.debug("end point location: {}", location); logger.debug("end point responseLocation: {}", responseLocation); - + Endpoint samlEndpoint; if(null==service){ - service=org.opensaml.saml2.metadata.AssertionConsumerService.DEFAULT_ELEMENT_NAME; + service = AssertionConsumerService.DEFAULT_ELEMENT_NAME; } - SAMLObjectBuilder endpointBuilder = (SAMLObjectBuilder) builderFactory.getBuilder(service); - Endpoint samlEndpoint = endpointBuilder.buildObject(); + samlEndpoint = new AssertionConsumerServiceBuilder().buildObject(service); samlEndpoint.setLocation(location); diff --git a/maxkey-protocols/maxkey-protocol-saml-2.0/src/main/java/org/maxkey/authz/saml/common/TrustResolver.java b/maxkey-protocols/maxkey-protocol-saml-2.0/src/main/java/org/maxkey/authz/saml/common/TrustResolver.java index 31000363e..0efe0a9af 100644 --- a/maxkey-protocols/maxkey-protocol-saml-2.0/src/main/java/org/maxkey/authz/saml/common/TrustResolver.java +++ b/maxkey-protocols/maxkey-protocol-saml-2.0/src/main/java/org/maxkey/authz/saml/common/TrustResolver.java @@ -32,8 +32,7 @@ public class TrustResolver { Map passwords = new HashMap(); passwords.put(key, password); - keyStoreCredentialResolver = new KeyStoreCredentialResolver( - trustKeyStore, passwords); + keyStoreCredentialResolver = new KeyStoreCredentialResolver(trustKeyStore, passwords); return keyStoreCredentialResolver; } @@ -60,13 +59,11 @@ public class TrustResolver { } securityPolicyDelegate.addSecurityPolicy(issueInstantRule); securityPolicyDelegate.addSecurityPolicy(messageReplayRule); - staticSecurityPolicyResolver = new StaticSecurityPolicyResolver( - securityPolicyDelegate); + staticSecurityPolicyResolver = new StaticSecurityPolicyResolver(securityPolicyDelegate); } public void initPolicyRule(){ - signatureSecurityPolicyRule = new SignatureSecurityPolicyRule( - keyStoreCredentialResolver, new SAMLSignatureProfileValidator()); + signatureSecurityPolicyRule = new SignatureSecurityPolicyRule(keyStoreCredentialResolver, new SAMLSignatureProfileValidator()); signatureSecurityPolicyRule.loadTrustEngine(); } @@ -80,8 +77,7 @@ public class TrustResolver { securityPolicyDelegate.addSecurityPolicy(issueInstantRule); securityPolicyDelegate.addSecurityPolicy(messageReplayRule); - staticSecurityPolicyResolver = new StaticSecurityPolicyResolver( - securityPolicyDelegate); + staticSecurityPolicyResolver = new StaticSecurityPolicyResolver(securityPolicyDelegate); } public KeyStoreCredentialResolver getKeyStoreCredentialResolver() { diff --git a/maxkey-protocols/maxkey-protocol-saml-2.0/src/main/java/org/maxkey/authz/saml20/BindingAdapter.java b/maxkey-protocols/maxkey-protocol-saml-2.0/src/main/java/org/maxkey/authz/saml20/binding/BindingAdapter.java similarity index 85% rename from maxkey-protocols/maxkey-protocol-saml-2.0/src/main/java/org/maxkey/authz/saml20/BindingAdapter.java rename to maxkey-protocols/maxkey-protocol-saml-2.0/src/main/java/org/maxkey/authz/saml20/binding/BindingAdapter.java index ee2802774..3d1ba1e4b 100644 --- a/maxkey-protocols/maxkey-protocol-saml-2.0/src/main/java/org/maxkey/authz/saml20/BindingAdapter.java +++ b/maxkey-protocols/maxkey-protocol-saml-2.0/src/main/java/org/maxkey/authz/saml20/binding/BindingAdapter.java @@ -1,5 +1,5 @@ -package org.maxkey.authz.saml20; +package org.maxkey.authz.saml20.binding; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; @@ -7,12 +7,9 @@ import javax.servlet.http.HttpServletResponse; import org.maxkey.authz.saml.common.AuthnRequestInfo; import org.maxkey.domain.apps.AppsSAML20Details; import org.opensaml.common.SignableSAMLObject; -import org.opensaml.common.binding.SAMLMessageContext; import org.opensaml.saml2.metadata.Endpoint; -import org.opensaml.ws.message.decoder.MessageDecodingException; import org.opensaml.ws.message.encoder.MessageEncodingException; import org.opensaml.ws.security.SecurityPolicyResolver; -import org.opensaml.xml.security.SecurityException; import org.opensaml.xml.security.credential.Credential; /** @@ -25,7 +22,6 @@ public interface BindingAdapter { public void sendSAMLMessage(SignableSAMLObject samlMessage, Endpoint endpoint, HttpServletRequest request, HttpServletResponse response) throws MessageEncodingException; - public void setSecurityPolicyResolver(SecurityPolicyResolver securityPolicyResolver); public void setExtractBindingAdapter(ExtractBindingAdapter extractBindingAdapter); diff --git a/maxkey-protocols/maxkey-protocol-saml-2.0/src/main/java/org/maxkey/authz/saml20/ExtractBindingAdapter.java b/maxkey-protocols/maxkey-protocol-saml-2.0/src/main/java/org/maxkey/authz/saml20/binding/ExtractBindingAdapter.java similarity index 94% rename from maxkey-protocols/maxkey-protocol-saml-2.0/src/main/java/org/maxkey/authz/saml20/ExtractBindingAdapter.java rename to maxkey-protocols/maxkey-protocol-saml-2.0/src/main/java/org/maxkey/authz/saml20/binding/ExtractBindingAdapter.java index 9afafa344..58fe68026 100644 --- a/maxkey-protocols/maxkey-protocol-saml-2.0/src/main/java/org/maxkey/authz/saml20/ExtractBindingAdapter.java +++ b/maxkey-protocols/maxkey-protocol-saml-2.0/src/main/java/org/maxkey/authz/saml20/binding/ExtractBindingAdapter.java @@ -1,5 +1,5 @@ -package org.maxkey.authz.saml20; +package org.maxkey.authz.saml20.binding; import java.security.KeyStore; @@ -21,6 +21,7 @@ import org.opensaml.xml.security.credential.CredentialResolver; */ public interface ExtractBindingAdapter { + @SuppressWarnings("rawtypes") public SAMLMessageContext extractSAMLMessageContext(HttpServletRequest request) throws MessageDecodingException, SecurityException; public String extractSAMLMessage(HttpServletRequest request); diff --git a/maxkey-protocols/maxkey-protocol-saml-2.0/src/main/java/org/maxkey/authz/saml20/OpenHTTPPostDecoder.java b/maxkey-protocols/maxkey-protocol-saml-2.0/src/main/java/org/maxkey/authz/saml20/binding/decoder/OpenHTTPPostDecoder.java similarity index 93% rename from maxkey-protocols/maxkey-protocol-saml-2.0/src/main/java/org/maxkey/authz/saml20/OpenHTTPPostDecoder.java rename to maxkey-protocols/maxkey-protocol-saml-2.0/src/main/java/org/maxkey/authz/saml20/binding/decoder/OpenHTTPPostDecoder.java index 7e9ddd45a..1b684fb7e 100644 --- a/maxkey-protocols/maxkey-protocol-saml-2.0/src/main/java/org/maxkey/authz/saml20/OpenHTTPPostDecoder.java +++ b/maxkey-protocols/maxkey-protocol-saml-2.0/src/main/java/org/maxkey/authz/saml20/binding/decoder/OpenHTTPPostDecoder.java @@ -1,9 +1,8 @@ -package org.maxkey.authz.saml20; +package org.maxkey.authz.saml20.binding.decoder; import javax.servlet.http.HttpServletRequest; import org.opensaml.common.binding.SAMLMessageContext; -import org.opensaml.common.binding.decoding.BaseSAMLMessageDecoder; import org.opensaml.saml2.binding.decoding.HTTPPostDecoder; import org.opensaml.ws.message.decoder.MessageDecodingException; import org.opensaml.ws.transport.InTransport; @@ -14,9 +13,7 @@ import org.slf4j.Logger; import org.slf4j.LoggerFactory; public class OpenHTTPPostDecoder extends HTTPPostDecoder { - - /** Class logger. */ - private final Logger log = LoggerFactory.getLogger(BaseSAMLMessageDecoder.class); + private final Logger log = LoggerFactory.getLogger(OpenHTTPPostDecoder.class); private String receiverEndpoint; @@ -42,6 +39,7 @@ public class OpenHTTPPostDecoder extends HTTPPostDecoder { * thrown if there is a problem decoding and processing the * message Destination or receiver endpoint information */ + @SuppressWarnings("rawtypes") @Override protected void checkEndpointURI(SAMLMessageContext messageContext) throws SecurityException, MessageDecodingException { @@ -99,8 +97,9 @@ public class OpenHTTPPostDecoder extends HTTPPostDecoder { } @Override + @SuppressWarnings("rawtypes") protected String getActualReceiverEndpointURI( - SAMLMessageContext messageContext) throws MessageDecodingException { + SAMLMessageContext messageContext) throws MessageDecodingException { InTransport inTransport = messageContext.getInboundMessageTransport(); if (!(inTransport instanceof HttpServletRequestAdapter)) { throw new MessageDecodingException( diff --git a/maxkey-protocols/maxkey-protocol-saml-2.0/src/main/java/org/maxkey/authz/saml20/OpenHTTPPostSimpleSignDecoder.java b/maxkey-protocols/maxkey-protocol-saml-2.0/src/main/java/org/maxkey/authz/saml20/binding/decoder/OpenHTTPPostSimpleSignDecoder.java similarity index 73% rename from maxkey-protocols/maxkey-protocol-saml-2.0/src/main/java/org/maxkey/authz/saml20/OpenHTTPPostSimpleSignDecoder.java rename to maxkey-protocols/maxkey-protocol-saml-2.0/src/main/java/org/maxkey/authz/saml20/binding/decoder/OpenHTTPPostSimpleSignDecoder.java index 0c3760c3f..af937f994 100644 --- a/maxkey-protocols/maxkey-protocol-saml-2.0/src/main/java/org/maxkey/authz/saml20/OpenHTTPPostSimpleSignDecoder.java +++ b/maxkey-protocols/maxkey-protocol-saml-2.0/src/main/java/org/maxkey/authz/saml20/binding/decoder/OpenHTTPPostSimpleSignDecoder.java @@ -1,9 +1,8 @@ -package org.maxkey.authz.saml20; +package org.maxkey.authz.saml20.binding.decoder; import javax.servlet.http.HttpServletRequest; import org.opensaml.common.binding.SAMLMessageContext; -import org.opensaml.common.binding.decoding.BaseSAMLMessageDecoder; import org.opensaml.saml2.binding.decoding.HTTPPostSimpleSignDecoder; import org.opensaml.ws.message.decoder.MessageDecodingException; import org.opensaml.ws.transport.InTransport; @@ -14,9 +13,7 @@ import org.slf4j.Logger; import org.slf4j.LoggerFactory; public class OpenHTTPPostSimpleSignDecoder extends HTTPPostSimpleSignDecoder { - - /** Class logger. */ - private final Logger log = LoggerFactory.getLogger(BaseSAMLMessageDecoder.class); + private final Logger log = LoggerFactory.getLogger(OpenHTTPPostSimpleSignDecoder.class); private String receiverEndpoint; @@ -42,7 +39,9 @@ public class OpenHTTPPostSimpleSignDecoder extends HTTPPostSimpleSignDecoder { * thrown if there is a problem decoding and processing the * message Destination or receiver endpoint information */ + @Override + @SuppressWarnings("rawtypes") protected void checkEndpointURI(SAMLMessageContext messageContext) throws SecurityException, MessageDecodingException { @@ -56,58 +55,48 @@ public class OpenHTTPPostSimpleSignDecoder extends HTTPPostSimpleSignDecoder { if (messageDestination == null) { if (bindingRequires) { log.error("SAML message intended destination endpoint URI required by binding was empty"); - throw new SecurityException( - "SAML message intended destination (required by binding) was not present"); + throw new SecurityException("SAML message intended destination (required by binding) was not present"); } else { log.debug("SAML message intended destination endpoint in message was empty, not required by binding, skipping"); return; } } - String receiverEndpoint = DatatypeHelper - .safeTrimOrNullString(getActualReceiverEndpointURI(messageContext)); + String receiverEndpoint = DatatypeHelper.safeTrimOrNullString(getActualReceiverEndpointURI(messageContext)); - log.debug("Intended message destination endpoint: {}", - messageDestination); + log.debug("Intended message destination endpoint: {}",messageDestination); log.debug("Actual message receiver endpoint: {}", receiverEndpoint); // 协议头统一(http或https,需要和destination统一) if (messageDestination.indexOf("/") != -1 && receiverEndpoint.indexOf("/") != -1) { - if (!messageDestination.substring(0, - messageDestination.indexOf("/")) - .equalsIgnoreCase( - receiverEndpoint.substring(0, - receiverEndpoint.indexOf("/")))) { - receiverEndpoint = messageDestination.substring(0, - messageDestination.indexOf("/")) - + receiverEndpoint.substring(receiverEndpoint - .indexOf("/")); + if (!messageDestination.substring(0,messageDestination.indexOf("/")) + .equalsIgnoreCase(receiverEndpoint.substring(0,receiverEndpoint.indexOf("/")))) { + + receiverEndpoint = messageDestination.substring(0,messageDestination.indexOf("/")) + + receiverEndpoint.substring(receiverEndpoint.indexOf("/")); } } boolean matched = compareEndpointURIs(messageDestination, receiverEndpoint); if (!matched) { - log.error( - "SAML message intended destination endpoint '{}' did not match the recipient endpoint '{}'", + log.error("SAML message intended destination endpoint '{}' did not match the recipient endpoint '{}'", messageDestination, receiverEndpoint); - throw new SecurityException( - "SAML message intended destination endpoint did not match recipient endpoint"); + throw new SecurityException("SAML message intended destination endpoint did not match recipient endpoint"); } else { log.debug("SAML message intended destination endpoint matched recipient endpoint"); } } @Override + @SuppressWarnings("rawtypes") protected String getActualReceiverEndpointURI( SAMLMessageContext messageContext) throws MessageDecodingException { InTransport inTransport = messageContext.getInboundMessageTransport(); if (!(inTransport instanceof HttpServletRequestAdapter)) { - throw new MessageDecodingException( - "Message context InTransport instance was an unsupported type"); + throw new MessageDecodingException("Message context InTransport instance was an unsupported type"); } - HttpServletRequest httpRequest = ((HttpServletRequestAdapter) inTransport) - .getWrappedRequest(); + HttpServletRequest httpRequest = ((HttpServletRequestAdapter) inTransport).getWrappedRequest(); StringBuffer urlBuilder = httpRequest.getRequestURL(); diff --git a/maxkey-protocols/maxkey-protocol-saml-2.0/src/main/java/org/maxkey/authz/saml20/OpenHTTPRedirectDecoder.java b/maxkey-protocols/maxkey-protocol-saml-2.0/src/main/java/org/maxkey/authz/saml20/binding/decoder/OpenHTTPRedirectDecoder.java similarity index 91% rename from maxkey-protocols/maxkey-protocol-saml-2.0/src/main/java/org/maxkey/authz/saml20/OpenHTTPRedirectDecoder.java rename to maxkey-protocols/maxkey-protocol-saml-2.0/src/main/java/org/maxkey/authz/saml20/binding/decoder/OpenHTTPRedirectDecoder.java index 243da1beb..f65fcc4c4 100644 --- a/maxkey-protocols/maxkey-protocol-saml-2.0/src/main/java/org/maxkey/authz/saml20/OpenHTTPRedirectDecoder.java +++ b/maxkey-protocols/maxkey-protocol-saml-2.0/src/main/java/org/maxkey/authz/saml20/binding/decoder/OpenHTTPRedirectDecoder.java @@ -1,9 +1,8 @@ -package org.maxkey.authz.saml20; +package org.maxkey.authz.saml20.binding.decoder; import javax.servlet.http.HttpServletRequest; import org.opensaml.common.binding.SAMLMessageContext; -import org.opensaml.common.binding.decoding.BaseSAMLMessageDecoder; import org.opensaml.saml2.binding.decoding.HTTPRedirectDeflateDecoder; import org.opensaml.ws.message.decoder.MessageDecodingException; import org.opensaml.ws.transport.InTransport; @@ -14,9 +13,7 @@ import org.slf4j.Logger; import org.slf4j.LoggerFactory; public class OpenHTTPRedirectDecoder extends HTTPRedirectDeflateDecoder { - - /** Class logger. */ - private final Logger log = LoggerFactory.getLogger(BaseSAMLMessageDecoder.class); + private final Logger log = LoggerFactory.getLogger(OpenHTTPRedirectDecoder.class); private String receiverEndpoint; @@ -42,9 +39,10 @@ public class OpenHTTPRedirectDecoder extends HTTPRedirectDeflateDecoder { * thrown if there is a problem decoding and processing the * message Destination or receiver endpoint information */ + @Override - protected void checkEndpointURI(SAMLMessageContext messageContext) - throws SecurityException, MessageDecodingException { + @SuppressWarnings("rawtypes") + protected void checkEndpointURI(SAMLMessageContext messageContext)throws SecurityException, MessageDecodingException { log.debug("Checking SAML message intended destination endpoint against receiver endpoint"); @@ -99,8 +97,8 @@ public class OpenHTTPRedirectDecoder extends HTTPRedirectDeflateDecoder { } @Override - protected String getActualReceiverEndpointURI( - SAMLMessageContext messageContext) throws MessageDecodingException { + @SuppressWarnings("rawtypes") + protected String getActualReceiverEndpointURI(SAMLMessageContext messageContext) throws MessageDecodingException { InTransport inTransport = messageContext.getInboundMessageTransport(); if (!(inTransport instanceof HttpServletRequestAdapter)) { throw new MessageDecodingException( diff --git a/maxkey-protocols/maxkey-protocol-saml-2.0/src/main/java/org/maxkey/authz/saml20/ExtractPostBindingAdapter.java b/maxkey-protocols/maxkey-protocol-saml-2.0/src/main/java/org/maxkey/authz/saml20/binding/impl/ExtractPostBindingAdapter.java similarity index 93% rename from maxkey-protocols/maxkey-protocol-saml-2.0/src/main/java/org/maxkey/authz/saml20/ExtractPostBindingAdapter.java rename to maxkey-protocols/maxkey-protocol-saml-2.0/src/main/java/org/maxkey/authz/saml20/binding/impl/ExtractPostBindingAdapter.java index 9b78ef5b4..0f1c75742 100644 --- a/maxkey-protocols/maxkey-protocol-saml-2.0/src/main/java/org/maxkey/authz/saml20/ExtractPostBindingAdapter.java +++ b/maxkey-protocols/maxkey-protocol-saml-2.0/src/main/java/org/maxkey/authz/saml20/binding/impl/ExtractPostBindingAdapter.java @@ -1,11 +1,12 @@ -package org.maxkey.authz.saml20; +package org.maxkey.authz.saml20.binding.impl; import java.security.KeyStore; import javax.servlet.http.HttpServletRequest; import org.apache.commons.lang.StringUtils; import org.maxkey.authz.saml.common.TrustResolver; +import org.maxkey.authz.saml20.binding.ExtractBindingAdapter; import org.maxkey.crypto.keystore.KeyStoreLoader; import org.maxkey.domain.apps.AppsSAML20Details; import org.opensaml.common.binding.BasicSAMLMessageContext; @@ -18,10 +19,13 @@ import org.opensaml.ws.security.SecurityPolicyResolver; import org.opensaml.ws.transport.http.HttpServletRequestAdapter; import org.opensaml.xml.security.SecurityException; import org.opensaml.xml.security.credential.CredentialResolver; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; import org.springframework.beans.factory.InitializingBean; public class ExtractPostBindingAdapter implements ExtractBindingAdapter, InitializingBean{ - + private final static Logger logger = LoggerFactory.getLogger(ExtractPostBindingAdapter.class); + static final String SAML_REQUEST_POST_PARAM_NAME = "SAMLRequest"; static final String SAML_RESPONSE_POST_PARAM_NAME = "SAMLResponse"; @@ -65,7 +69,9 @@ public class ExtractPostBindingAdapter implements ExtractBindingAdapter, Initial + @Override + @SuppressWarnings("rawtypes") public SAMLMessageContext extractSAMLMessageContext(HttpServletRequest request) throws MessageDecodingException, SecurityException { BasicSAMLMessageContext messageContext = new BasicSAMLMessageContext(); @@ -75,7 +81,7 @@ public class ExtractPostBindingAdapter implements ExtractBindingAdapter, Initial messageContext.setSecurityPolicyResolver(securityPolicyResolver); decoder.decode(messageContext); - + logger.debug("decode successed "); return messageContext; } diff --git a/maxkey-protocols/maxkey-protocol-saml-2.0/src/main/java/org/maxkey/authz/saml20/ExtractRedirectBindingAdapter.java b/maxkey-protocols/maxkey-protocol-saml-2.0/src/main/java/org/maxkey/authz/saml20/binding/impl/ExtractRedirectBindingAdapter.java similarity index 93% rename from maxkey-protocols/maxkey-protocol-saml-2.0/src/main/java/org/maxkey/authz/saml20/ExtractRedirectBindingAdapter.java rename to maxkey-protocols/maxkey-protocol-saml-2.0/src/main/java/org/maxkey/authz/saml20/binding/impl/ExtractRedirectBindingAdapter.java index 81faedbdf..4bbb787c7 100644 --- a/maxkey-protocols/maxkey-protocol-saml-2.0/src/main/java/org/maxkey/authz/saml20/ExtractRedirectBindingAdapter.java +++ b/maxkey-protocols/maxkey-protocol-saml-2.0/src/main/java/org/maxkey/authz/saml20/binding/impl/ExtractRedirectBindingAdapter.java @@ -1,4 +1,4 @@ -package org.maxkey.authz.saml20; +package org.maxkey.authz.saml20.binding.impl; import java.security.KeyStore; @@ -31,7 +31,8 @@ public class ExtractRedirectBindingAdapter extends ExtractPostBindingAdapter{ keyStoreLoader.getEntityName(), keyStoreLoader.getKeystorePassword(), issueInstantRule, - messageReplayRule,"Redirect"); + messageReplayRule, + "Redirect"); credentialResolver = (CredentialResolver)trustResolver.getKeyStoreCredentialResolver(); this.securityPolicyResolver = trustResolver.getStaticSecurityPolicyResolver(); } diff --git a/maxkey-protocols/maxkey-protocol-saml-2.0/src/main/java/org/maxkey/authz/saml20/PostBindingAdapter.java b/maxkey-protocols/maxkey-protocol-saml-2.0/src/main/java/org/maxkey/authz/saml20/binding/impl/PostBindingAdapter.java similarity index 97% rename from maxkey-protocols/maxkey-protocol-saml-2.0/src/main/java/org/maxkey/authz/saml20/PostBindingAdapter.java rename to maxkey-protocols/maxkey-protocol-saml-2.0/src/main/java/org/maxkey/authz/saml20/binding/impl/PostBindingAdapter.java index 9143d2cd4..2ef08e7f7 100644 --- a/maxkey-protocols/maxkey-protocol-saml-2.0/src/main/java/org/maxkey/authz/saml20/PostBindingAdapter.java +++ b/maxkey-protocols/maxkey-protocol-saml-2.0/src/main/java/org/maxkey/authz/saml20/binding/impl/PostBindingAdapter.java @@ -1,5 +1,5 @@ -package org.maxkey.authz.saml20; +package org.maxkey.authz.saml20.binding.impl; import java.security.KeyStore; import javax.servlet.http.HttpServletRequest; @@ -9,6 +9,8 @@ import org.apache.commons.lang.Validate; import org.apache.velocity.app.VelocityEngine; import org.maxkey.authz.saml.common.AuthnRequestInfo; import org.maxkey.authz.saml.common.TrustResolver; +import org.maxkey.authz.saml20.binding.BindingAdapter; +import org.maxkey.authz.saml20.binding.ExtractBindingAdapter; import org.maxkey.crypto.keystore.KeyStoreLoader; import org.maxkey.crypto.keystore.KeyStoreUtil; import org.maxkey.domain.apps.AppsSAML20Details; @@ -32,7 +34,6 @@ import org.opensaml.xml.security.criteria.UsageCriteria; import org.slf4j.Logger; import org.slf4j.LoggerFactory; import org.springframework.beans.factory.InitializingBean; -import org.springframework.beans.factory.annotation.Required; public class PostBindingAdapter implements BindingAdapter, InitializingBean{ private final static Logger logger = LoggerFactory.getLogger(PostBindingAdapter.class); @@ -73,12 +74,12 @@ public class PostBindingAdapter implements BindingAdapter, InitializingBean{ } - @Required public void setVelocityEngine(VelocityEngine velocityEngine) { this.velocityEngine = velocityEngine; } @Override + @SuppressWarnings({ "rawtypes", "unchecked" }) public void sendSAMLMessage(SignableSAMLObject samlMessage, Endpoint endpoint, HttpServletRequest request, diff --git a/maxkey-protocols/maxkey-protocol-saml-2.0/src/main/java/org/maxkey/authz/saml20/PostSimpleSignBindingAdapter.java b/maxkey-protocols/maxkey-protocol-saml-2.0/src/main/java/org/maxkey/authz/saml20/binding/impl/PostSimpleSignBindingAdapter.java similarity index 94% rename from maxkey-protocols/maxkey-protocol-saml-2.0/src/main/java/org/maxkey/authz/saml20/PostSimpleSignBindingAdapter.java rename to maxkey-protocols/maxkey-protocol-saml-2.0/src/main/java/org/maxkey/authz/saml20/binding/impl/PostSimpleSignBindingAdapter.java index 509a4ad60..06fd6419d 100644 --- a/maxkey-protocols/maxkey-protocol-saml-2.0/src/main/java/org/maxkey/authz/saml20/PostSimpleSignBindingAdapter.java +++ b/maxkey-protocols/maxkey-protocol-saml-2.0/src/main/java/org/maxkey/authz/saml20/binding/impl/PostSimpleSignBindingAdapter.java @@ -1,5 +1,5 @@ -package org.maxkey.authz.saml20; +package org.maxkey.authz.saml20.binding.impl; import org.opensaml.saml2.binding.encoding.HTTPPostSimpleSignEncoder; import org.opensaml.ws.security.SecurityPolicyResolver; diff --git a/maxkey-protocols/maxkey-protocol-saml-2.0/src/main/java/org/maxkey/authz/saml20/consumer/AuthnRequestGenerator.java b/maxkey-protocols/maxkey-protocol-saml-2.0/src/main/java/org/maxkey/authz/saml20/consumer/AuthnRequestGenerator.java index 6f409c6ad..827479cd7 100644 --- a/maxkey-protocols/maxkey-protocol-saml-2.0/src/main/java/org/maxkey/authz/saml20/consumer/AuthnRequestGenerator.java +++ b/maxkey-protocols/maxkey-protocol-saml-2.0/src/main/java/org/maxkey/authz/saml20/consumer/AuthnRequestGenerator.java @@ -5,15 +5,11 @@ package org.maxkey.authz.saml20.consumer; import org.maxkey.authz.saml.service.IDService; import org.maxkey.authz.saml.service.TimeService; import org.maxkey.authz.saml20.xml.IssuerGenerator; -import org.opensaml.Configuration; import org.opensaml.saml2.core.AuthnRequest; import org.opensaml.saml2.core.impl.AuthnRequestBuilder; -import org.opensaml.xml.XMLObjectBuilderFactory; public class AuthnRequestGenerator { - - private XMLObjectBuilderFactory builderFactory = Configuration.getBuilderFactory(); private final String issuingEntityName; private final TimeService timeService; @@ -30,10 +26,7 @@ public class AuthnRequestGenerator { } public AuthnRequest generateAuthnRequest(String destination, String responseLocation) { - - AuthnRequestBuilder authnRequestBuilder = (AuthnRequestBuilder) builderFactory.getBuilder(AuthnRequest.DEFAULT_ELEMENT_NAME); - - AuthnRequest authnRequest = authnRequestBuilder.buildObject(); + AuthnRequest authnRequest = new AuthnRequestBuilder().buildObject(); authnRequest.setAssertionConsumerServiceURL(responseLocation); authnRequest.setID(idService.generateID()); diff --git a/maxkey-protocols/maxkey-protocol-saml-2.0/src/main/java/org/maxkey/authz/saml20/consumer/endpoint/ConsumerEndpoint.java b/maxkey-protocols/maxkey-protocol-saml-2.0/src/main/java/org/maxkey/authz/saml20/consumer/endpoint/ConsumerEndpoint.java index 4b56d7315..e63ff162a 100644 --- a/maxkey-protocols/maxkey-protocol-saml-2.0/src/main/java/org/maxkey/authz/saml20/consumer/endpoint/ConsumerEndpoint.java +++ b/maxkey-protocols/maxkey-protocol-saml-2.0/src/main/java/org/maxkey/authz/saml20/consumer/endpoint/ConsumerEndpoint.java @@ -17,7 +17,7 @@ import org.maxkey.authz.saml.common.EndpointGenerator; import org.maxkey.authz.saml.common.TrustResolver; import org.maxkey.authz.saml.service.IDService; import org.maxkey.authz.saml.service.TimeService; -import org.maxkey.authz.saml20.ExtractBindingAdapter; +import org.maxkey.authz.saml20.binding.ExtractBindingAdapter; import org.maxkey.authz.saml20.consumer.AuthnRequestGenerator; import org.maxkey.authz.saml20.consumer.spring.IdentityProviderAuthenticationException; import org.maxkey.authz.saml20.consumer.spring.ServiceProviderAuthenticationException; @@ -174,13 +174,11 @@ public class ConsumerEndpoint { public void afterPropertiesSet() throws Exception { - authnRequestGenerator = new AuthnRequestGenerator( - keyStoreLoader.getEntityName(), timeService, idService); + authnRequestGenerator = new AuthnRequestGenerator(keyStoreLoader.getEntityName(), timeService, idService); endpointGenerator = new EndpointGenerator(); CriteriaSet criteriaSet = new CriteriaSet(); - criteriaSet.add(new EntityIDCriteria(keyStoreLoader - .getEntityName())); + criteriaSet.add(new EntityIDCriteria(keyStoreLoader.getEntityName())); criteriaSet.add(new UsageCriteria(UsageType.SIGNING)); try { @@ -210,17 +208,13 @@ public class ConsumerEndpoint { InputStream keyStoreStream = new ByteArrayInputStream(keyStoreBytes); try { - KeyStore keyStore = KeyStore.getInstance(keyStoreLoader - .getKeystoreType()); - keyStore.load(keyStoreStream, keyStoreLoader.getKeystorePassword() - .toCharArray()); + KeyStore keyStore = KeyStore.getInstance(keyStoreLoader.getKeystoreType()); + keyStore.load(keyStoreStream, keyStoreLoader.getKeystorePassword().toCharArray()); Map passwords = new HashMap(); - for (Enumeration en = keyStore.aliases(); en - .hasMoreElements();) { + for (Enumeration en = keyStore.aliases(); en.hasMoreElements();) { String aliase = en.nextElement(); - if (aliase.equalsIgnoreCase(keyStoreLoader - .getEntityName())) { + if (aliase.equalsIgnoreCase(keyStoreLoader.getEntityName())) { passwords.put(aliase, keyStoreLoader.getKeystorePassword()); } } diff --git a/maxkey-protocols/maxkey-protocol-saml-2.0/src/main/java/org/maxkey/authz/saml20/consumer/spring/RealAuthenticationFailureHandler.java b/maxkey-protocols/maxkey-protocol-saml-2.0/src/main/java/org/maxkey/authz/saml20/consumer/spring/RealAuthenticationFailureHandler.java index 2ddad808e..e7bb9fe9d 100644 --- a/maxkey-protocols/maxkey-protocol-saml-2.0/src/main/java/org/maxkey/authz/saml20/consumer/spring/RealAuthenticationFailureHandler.java +++ b/maxkey-protocols/maxkey-protocol-saml-2.0/src/main/java/org/maxkey/authz/saml20/consumer/spring/RealAuthenticationFailureHandler.java @@ -6,8 +6,6 @@ import java.io.IOException; import javax.servlet.ServletException; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; -import javax.servlet.http.HttpSession; - import org.slf4j.Logger; import org.slf4j.LoggerFactory; import org.springframework.security.core.AuthenticationException; diff --git a/maxkey-protocols/maxkey-protocol-saml-2.0/src/main/java/org/maxkey/authz/saml20/consumer/spring/ServiceProviderAuthenticationException.java b/maxkey-protocols/maxkey-protocol-saml-2.0/src/main/java/org/maxkey/authz/saml20/consumer/spring/ServiceProviderAuthenticationException.java index bcdef0095..d2b5dd912 100644 --- a/maxkey-protocols/maxkey-protocol-saml-2.0/src/main/java/org/maxkey/authz/saml20/consumer/spring/ServiceProviderAuthenticationException.java +++ b/maxkey-protocols/maxkey-protocol-saml-2.0/src/main/java/org/maxkey/authz/saml20/consumer/spring/ServiceProviderAuthenticationException.java @@ -15,8 +15,12 @@ import org.springframework.security.core.AuthenticationException; * @author jcox * */ -public class ServiceProviderAuthenticationException extends - AuthenticationException { +public class ServiceProviderAuthenticationException extends AuthenticationException { + + /** + * + */ + private static final long serialVersionUID = 8817095932085915398L; public ServiceProviderAuthenticationException(String msg, Throwable t) { super(msg, t); diff --git a/maxkey-protocols/maxkey-protocol-saml-2.0/src/main/java/org/maxkey/authz/saml20/metadata/MetadataDescriptorUtil.java b/maxkey-protocols/maxkey-protocol-saml-2.0/src/main/java/org/maxkey/authz/saml20/metadata/MetadataDescriptorUtil.java index 25ff177a0..beb6417a8 100644 --- a/maxkey-protocols/maxkey-protocol-saml-2.0/src/main/java/org/maxkey/authz/saml20/metadata/MetadataDescriptorUtil.java +++ b/maxkey-protocols/maxkey-protocol-saml-2.0/src/main/java/org/maxkey/authz/saml20/metadata/MetadataDescriptorUtil.java @@ -157,25 +157,21 @@ public class MetadataDescriptorUtil { // System.out.println("3 : "+idpEntityDescriptor.); // System.out.println("+"+ entityDescriptor.getOrganization()); - List listRoleDescriptor = entityDescriptor - .getRoleDescriptors(); + List listRoleDescriptor = entityDescriptor.getRoleDescriptors(); for (RoleDescriptor roleDescriptor : listRoleDescriptor) { // SPSSODescriptor // sPSSODescriptor1=idpEntityDescriptor.getSPSSODescriptor(SAMLConstants.SAML20P_NS); - if (roleDescriptor instanceof org.opensaml.saml2.metadata.impl.IDPSSODescriptorImpl) { + if (roleDescriptor instanceof IDPSSODescriptorImpl) { IDPSSODescriptor iDPSSODescriptor = (IDPSSODescriptorImpl) roleDescriptor; - // System.out.println("3 : "+sPSSODescriptor1.getAssertionConsumerServices().get(0).getLocation()); - - // System.out.println("4 : "+sPSSODescriptor1.getAssertionConsumerServices().get(0).getBinding()); - + System.out.println("3 : "+iDPSSODescriptor.getSingleSignOnServices().get(0).getLocation()); // System.out.println("- : "+iDPSSODescriptor.getNameIDFormats().get(0).getFormat()); // System.out.println("- : "+iDPSSODescriptor.getKeyDescriptors().get(0).getKeyInfo().getX509Datas().get(0)); } else { SPSSODescriptor sPSSODescriptor = (SPSSODescriptorImpl) roleDescriptor; - // System.out.println("- : "+sPSSODescriptor.getAssertionConsumerServices().get(0).getLocation()); + System.out.println("- : "+sPSSODescriptor.getAssertionConsumerServices().get(0).getLocation()); // System.out.println("- : "+sPSSODescriptor.getAssertionConsumerServices().get(0).getBinding()); } diff --git a/maxkey-protocols/maxkey-protocol-saml-2.0/src/main/java/org/maxkey/authz/saml20/metadata/MetadataGenerator.java b/maxkey-protocols/maxkey-protocol-saml-2.0/src/main/java/org/maxkey/authz/saml20/metadata/MetadataGenerator.java index 9a7290401..4d955d3c0 100644 --- a/maxkey-protocols/maxkey-protocol-saml-2.0/src/main/java/org/maxkey/authz/saml20/metadata/MetadataGenerator.java +++ b/maxkey-protocols/maxkey-protocol-saml-2.0/src/main/java/org/maxkey/authz/saml20/metadata/MetadataGenerator.java @@ -113,7 +113,8 @@ public class MetadataGenerator { } - public void samlmtest(){ + @SuppressWarnings({ "unchecked", "rawtypes" }) +public void samlmtest(){ try { KeyStoreLoader keyStoreLoader=new KeyStoreLoader(); keyStoreLoader.setKeystorePassword("secret"); @@ -342,7 +343,8 @@ public class MetadataGenerator { return encryptionKeyDescriptor; } - public static XMLObject buildXMLObject(QName objectQName){ + @SuppressWarnings("rawtypes") +public static XMLObject buildXMLObject(QName objectQName){ XMLObjectBuilder builder = builderFactory.getBuilder(objectQName); if(builder == null){ ; //fail("Unable to retrieve builder for object QName " + objectQName); diff --git a/maxkey-protocols/maxkey-protocol-saml-2.0/src/main/java/org/maxkey/authz/saml20/provider/binding/encoding/WebServicePostEncoder.java b/maxkey-protocols/maxkey-protocol-saml-2.0/src/main/java/org/maxkey/authz/saml20/provider/binding/encoding/WebServicePostEncoder.java index 20e3f8851..f1c431e48 100644 --- a/maxkey-protocols/maxkey-protocol-saml-2.0/src/main/java/org/maxkey/authz/saml20/provider/binding/encoding/WebServicePostEncoder.java +++ b/maxkey-protocols/maxkey-protocol-saml-2.0/src/main/java/org/maxkey/authz/saml20/provider/binding/encoding/WebServicePostEncoder.java @@ -36,6 +36,7 @@ public class WebServicePostEncoder extends HTTPPostEncoder { super(engine, templateId); } + @SuppressWarnings("rawtypes") public VelocityContext encodeMsgContext(MessageContext messageContext) throws MessageEncodingException { @@ -66,6 +67,7 @@ public class WebServicePostEncoder extends HTTPPostEncoder { * @throws MessageEncodingException * thrown if there is a problem encoding the message */ + @SuppressWarnings("rawtypes") protected VelocityContext encodeMsgContext(SAMLMessageContext messageContext) throws MessageEncodingException { @@ -83,6 +85,7 @@ public class WebServicePostEncoder extends HTTPPostEncoder { } } + @SuppressWarnings("rawtypes") protected void populateVelocityContext(VelocityContext velocityContext, SAMLMessageContext messageContext) throws MessageEncodingException { @@ -185,6 +188,7 @@ public class WebServicePostEncoder extends HTTPPostEncoder { * * @return the form control data string for signature computation */ + @SuppressWarnings("rawtypes") protected String buildFormDataToSign(VelocityContext velocityContext, SAMLMessageContext messageContext, String sigAlgURI) { StringBuilder builder = new StringBuilder(); diff --git a/maxkey-protocols/maxkey-protocol-saml-2.0/src/main/java/org/maxkey/authz/saml20/provider/endpoint/AssertionEndpoint.java b/maxkey-protocols/maxkey-protocol-saml-2.0/src/main/java/org/maxkey/authz/saml20/provider/endpoint/AssertionEndpoint.java index 9e8cc014d..006f6da75 100644 --- a/maxkey-protocols/maxkey-protocol-saml-2.0/src/main/java/org/maxkey/authz/saml20/provider/endpoint/AssertionEndpoint.java +++ b/maxkey-protocols/maxkey-protocol-saml-2.0/src/main/java/org/maxkey/authz/saml20/provider/endpoint/AssertionEndpoint.java @@ -9,7 +9,7 @@ import javax.servlet.http.HttpServletResponse; import org.joda.time.DateTime; import org.maxkey.authz.saml.common.AuthnRequestInfo; import org.maxkey.authz.saml.common.EndpointGenerator; -import org.maxkey.authz.saml20.BindingAdapter; +import org.maxkey.authz.saml20.binding.BindingAdapter; import org.maxkey.authz.saml20.provider.xml.AuthnResponseGenerator; import org.maxkey.domain.apps.AppsSAML20Details; import org.maxkey.web.WebContext; diff --git a/maxkey-protocols/maxkey-protocol-saml-2.0/src/main/java/org/maxkey/authz/saml20/provider/endpoint/IdpInitEndpoint.java b/maxkey-protocols/maxkey-protocol-saml-2.0/src/main/java/org/maxkey/authz/saml20/provider/endpoint/IdpInitEndpoint.java index 012145712..59396f605 100644 --- a/maxkey-protocols/maxkey-protocol-saml-2.0/src/main/java/org/maxkey/authz/saml20/provider/endpoint/IdpInitEndpoint.java +++ b/maxkey-protocols/maxkey-protocol-saml-2.0/src/main/java/org/maxkey/authz/saml20/provider/endpoint/IdpInitEndpoint.java @@ -6,8 +6,8 @@ import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import org.maxkey.authz.saml.common.AuthnRequestInfo; -import org.maxkey.authz.saml20.BindingAdapter; -import org.maxkey.authz.saml20.ExtractBindingAdapter; +import org.maxkey.authz.saml20.binding.BindingAdapter; +import org.maxkey.authz.saml20.binding.ExtractBindingAdapter; import org.maxkey.crypto.keystore.KeyStoreLoader; import org.maxkey.crypto.keystore.KeyStoreUtil; import org.maxkey.dao.service.AppsSaml20DetailsService; diff --git a/maxkey-protocols/maxkey-protocol-saml-2.0/src/main/java/org/maxkey/authz/saml20/provider/endpoint/SingleSignOnEndpoint.java b/maxkey-protocols/maxkey-protocol-saml-2.0/src/main/java/org/maxkey/authz/saml20/provider/endpoint/SingleSignOnEndpoint.java index 2c8c833e0..af069fd97 100644 --- a/maxkey-protocols/maxkey-protocol-saml-2.0/src/main/java/org/maxkey/authz/saml20/provider/endpoint/SingleSignOnEndpoint.java +++ b/maxkey-protocols/maxkey-protocol-saml-2.0/src/main/java/org/maxkey/authz/saml20/provider/endpoint/SingleSignOnEndpoint.java @@ -6,8 +6,8 @@ import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import org.maxkey.authz.saml.common.AuthnRequestInfo; -import org.maxkey.authz.saml20.BindingAdapter; -import org.maxkey.authz.saml20.ExtractBindingAdapter; +import org.maxkey.authz.saml20.binding.BindingAdapter; +import org.maxkey.authz.saml20.binding.ExtractBindingAdapter; import org.maxkey.authz.saml20.xml.SAML2ValidatorSuite; import org.maxkey.crypto.keystore.KeyStoreUtil; import org.maxkey.dao.service.AppsSaml20DetailsService; @@ -105,6 +105,7 @@ public class SingleSignOnEndpoint { } + @SuppressWarnings("rawtypes") public void extractSAMLMessage(ExtractBindingAdapter extractBindingAdapter,HttpServletRequest request) throws Exception{ SAMLMessageContext messageContext; logger.debug("extract SAML Message ."); diff --git a/maxkey-protocols/maxkey-protocol-saml-2.0/src/main/java/org/springframework/ui/velocity/package-info.java b/maxkey-protocols/maxkey-protocol-saml-2.0/src/main/java/org/springframework/ui/velocity/package-info.java index 5ee7fb11c..c7417b497 100644 --- a/maxkey-protocols/maxkey-protocol-saml-2.0/src/main/java/org/springframework/ui/velocity/package-info.java +++ b/maxkey-protocols/maxkey-protocol-saml-2.0/src/main/java/org/springframework/ui/velocity/package-info.java @@ -1,8 +1,5 @@ /** - * + * @author Crystal.Sea + * SAML 2.0 must use velocity,but spring 5.* is removed */ -/** - * @author Administrator - * - */ -package org.springframework.ui.velocity; \ No newline at end of file +package org.springframework.ui.velocity; diff --git a/maxkey-web-maxkey/src/main/resources/spring/maxkey-protocol-saml.xml b/maxkey-web-maxkey/src/main/resources/spring/maxkey-protocol-saml.xml index 1da2f3d81..5a19b1664 100644 --- a/maxkey-web-maxkey/src/main/resources/spring/maxkey-protocol-saml.xml +++ b/maxkey-web-maxkey/src/main/resources/spring/maxkey-protocol-saml.xml @@ -42,21 +42,31 @@ + + + + + + + + + - + + - + - + @@ -69,19 +79,9 @@ - - - - - - - - - - - + - + @@ -89,7 +89,7 @@ - + @@ -97,13 +97,13 @@ - + - + @@ -126,7 +126,6 @@ - @@ -138,6 +137,7 @@ +