├── opensaml4-webprofile-demo
├── certificates
│ ├── idpssl.jks
│ ├── idpssl.pfx
│ ├── idpssl.crt
│ └── idpssl.key
├── src
│ └── main
│ │ ├── resources
│ │ ├── SPKeystore.jks
│ │ └── logback.xml
│ │ ├── java
│ │ └── no
│ │ │ └── steras
│ │ │ └── opensamlSamples
│ │ │ └── opensaml4WebprofileDemo
│ │ │ ├── idp
│ │ │ ├── IDPConstants.java
│ │ │ ├── IDPCredentials.java
│ │ │ └── SingleSignOnServlet.java
│ │ │ ├── sp
│ │ │ ├── SPConstants.java
│ │ │ ├── SPCredentials.java
│ │ │ └── AccessFilter.java
│ │ │ ├── app
│ │ │ └── ApplicationServlet.java
│ │ │ └── OpenSAMLUtils.java
│ │ └── webapp
│ │ └── WEB-INF
│ │ └── web.xml
├── README.md
├── pom.xml
└── LICENSE
├── opensaml-signing-and-verification
├── src
│ └── main
│ │ ├── resources
│ │ ├── senderKeystore.jks
│ │ ├── logback.xml
│ │ └── sender-metadata.xml
│ │ ├── webapp
│ │ └── WEB-INF
│ │ │ └── web.xml
│ │ └── java
│ │ └── no
│ │ └── steras
│ │ └── opensamlSamples
│ │ └── signingVerification
│ │ ├── OpenSAMLUtils.java
│ │ ├── ReceiverServlet.java
│ │ └── SenderServlet.java
├── resources
│ └── logback.xml
├── README.md
└── pom.xml
├── opensaml-http-post
├── src
│ └── main
│ │ ├── resources
│ │ └── logback.xml
│ │ ├── webapp
│ │ └── WEB-INF
│ │ │ └── web.xml
│ │ └── java
│ │ └── no
│ │ └── steras
│ │ └── opensamlSamples
│ │ └── httpPost
│ │ ├── ReceiverServlet.java
│ │ ├── OpenSAMLUtils.java
│ │ └── PostServlet.java
├── README.md
├── pom.xml
└── LICENSE
├── opensaml-http-redirect
├── src
│ └── main
│ │ ├── resources
│ │ └── logback.xml
│ │ ├── webapp
│ │ └── WEB-INF
│ │ │ └── web.xml
│ │ └── java
│ │ └── no
│ │ └── steras
│ │ └── opensamlSamples
│ │ └── httpRedirect
│ │ ├── ReceiverServlet.java
│ │ ├── OpenSAMLUtils.java
│ │ └── RedirectServlet.java
├── README.md
├── pom.xml
└── LICENSE
├── getting-started-authnrequest
├── src
│ └── main
│ │ ├── resources
│ │ └── logback.xml
│ │ └── java
│ │ └── com
│ │ └── samlsecurity
│ │ └── opensamlSamples
│ │ └── gettingStartedAuthnrequest
│ │ ├── OpenSAMLUtils.java
│ │ └── GenAuthnRequest.java
├── README.md
└── pom.xml
├── getting-started-opensamlv3
├── src
│ └── main
│ │ ├── resources
│ │ └── logback.xml
│ │ └── java
│ │ └── com
│ │ └── samlsecurity
│ │ └── opensamlSamples
│ │ └── gettingStartedAuthnrequest
│ │ ├── OpenSAMLUtils.java
│ │ └── GenAuthnRequest.java
├── README.md
└── pom.xml
├── opensaml-pretty-print
├── README.md
├── pom.xml
├── src
│ └── main
│ │ └── java
│ │ └── no
│ │ └── steras
│ │ └── opensamlSamples
│ │ └── prettyprint
│ │ ├── OpenSAMLUtils.java
│ │ └── Prettyprint.java
└── LICENSE
├── no-bootstraping-opensaml-v3
├── README.md
├── src
│ └── main
│ │ └── java
│ │ └── no
│ │ └── steras
│ │ └── opensamlSamples
│ │ └── nobootstrap
│ │ └── v3
│ │ ├── NoBootstrap.java
│ │ └── OpenSAMLUtils.java
├── pom.xml
└── LICENSE
├── no-bootstraping-opensaml-v4
├── README.md
├── pom.xml
├── src
│ └── main
│ │ └── java
│ │ └── no
│ │ └── steras
│ │ └── opensamlSamples
│ │ └── nobootstrap
│ │ └── v4
│ │ ├── OpenSAMLUtils.java
│ │ └── NoBootstrap.java
└── LICENSE
└── README.md
/opensaml4-webprofile-demo/certificates/idpssl.jks:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/rasmusson/OpenSAML-sample-code/HEAD/opensaml4-webprofile-demo/certificates/idpssl.jks
--------------------------------------------------------------------------------
/opensaml4-webprofile-demo/certificates/idpssl.pfx:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/rasmusson/OpenSAML-sample-code/HEAD/opensaml4-webprofile-demo/certificates/idpssl.pfx
--------------------------------------------------------------------------------
/opensaml4-webprofile-demo/src/main/resources/SPKeystore.jks:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/rasmusson/OpenSAML-sample-code/HEAD/opensaml4-webprofile-demo/src/main/resources/SPKeystore.jks
--------------------------------------------------------------------------------
/opensaml-signing-and-verification/src/main/resources/senderKeystore.jks:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/rasmusson/OpenSAML-sample-code/HEAD/opensaml-signing-and-verification/src/main/resources/senderKeystore.jks
--------------------------------------------------------------------------------
/opensaml-http-post/src/main/resources/logback.xml:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 |
6 |
7 | %d{HH:mm:ss.SSS} [%thread] %-5level %logger{5} - %msg%n
8 |
9 |
10 |
11 |
12 |
13 |
14 |
15 |
--------------------------------------------------------------------------------
/opensaml-http-redirect/src/main/resources/logback.xml:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 |
6 |
7 | %d{HH:mm:ss.SSS} [%thread] %-5level %logger{5} - %msg%n
8 |
9 |
10 |
11 |
12 |
13 |
14 |
15 |
--------------------------------------------------------------------------------
/opensaml-signing-and-verification/resources/logback.xml:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 |
6 |
7 | %d{HH:mm:ss.SSS} [%thread] %-5level %logger{5} - %msg%n
8 |
9 |
10 |
11 |
12 |
13 |
14 |
15 |
--------------------------------------------------------------------------------
/getting-started-authnrequest/src/main/resources/logback.xml:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 |
6 |
7 | %d{HH:mm:ss.SSS} [%thread] %-5level %logger{5} - %msg%n
8 |
9 |
10 |
11 |
12 |
13 |
14 |
15 |
--------------------------------------------------------------------------------
/getting-started-opensamlv3/src/main/resources/logback.xml:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 |
6 |
7 | %d{HH:mm:ss.SSS} [%thread] %-5level %logger{5} - %msg%n
8 |
9 |
10 |
11 |
12 |
13 |
14 |
15 |
--------------------------------------------------------------------------------
/opensaml4-webprofile-demo/src/main/resources/logback.xml:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 |
6 |
7 | %d{HH:mm:ss.SSS} [%thread] %-5level %logger{5} - %msg%n
8 |
9 |
10 |
11 |
12 |
13 |
14 |
15 |
--------------------------------------------------------------------------------
/opensaml-signing-and-verification/src/main/resources/logback.xml:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 |
6 |
7 | %d{HH:mm:ss.SSS} [%thread] %-5level %logger{5} - %msg%n
8 |
9 |
10 |
11 |
12 |
13 |
14 |
15 |
--------------------------------------------------------------------------------
/opensaml4-webprofile-demo/src/main/java/no/steras/opensamlSamples/opensaml4WebprofileDemo/idp/IDPConstants.java:
--------------------------------------------------------------------------------
1 | package no.steras.opensamlSamples.opensaml4WebprofileDemo.idp;
2 |
3 | public class IDPConstants {
4 | public static final String IDP_ENTITY_ID = "TestIDP";
5 | public static final String SSO_SERVICE = "http://localhost:8080/opensaml4-webprofile-demo/idp/singleSignOnService";
6 | public static final String ARTIFACT_RESOLUTION_SERVICE = "http://localhost:8080/opensaml4-webprofile-demo/idp/artifactResolutionService";
7 | }
8 |
--------------------------------------------------------------------------------
/opensaml4-webprofile-demo/src/main/java/no/steras/opensamlSamples/opensaml4WebprofileDemo/sp/SPConstants.java:
--------------------------------------------------------------------------------
1 | package no.steras.opensamlSamples.opensaml4WebprofileDemo.sp;
2 |
3 | /**
4 | * Created by Privat on 4/7/14.
5 | */
6 | public class SPConstants {
7 | public static final String SP_ENTITY_ID = "TestSP";
8 | public static final String AUTHENTICATED_SESSION_ATTRIBUTE = "authenticated";
9 | public static final String GOTO_URL_SESSION_ATTRIBUTE = "gotoURL";
10 | public static final String ASSERTION_CONSUMER_SERVICE = "http://localhost:8080/opensaml4-webprofile-demo/sp/consumer";
11 |
12 | }
13 |
--------------------------------------------------------------------------------
/getting-started-opensamlv3/README.md:
--------------------------------------------------------------------------------
1 | # Getting started with OpenSAML and building AuthnRequest
2 | Sample code for the blog post [Getting started with OpenSAML 3](https://blog.samlsecurity.com/post/getting-started-opensaml-v3/?utm_source=github&utm_medium=link&utm_campaign=opensaml_samples_collection&utm_content=getting-started-v3), explaining
3 | * Basics of OpenSAML
4 | * How to add OpenSAML to your project
5 | * Initializing OpenSAML
6 | * Creating a SAML AuthnRequest message.
7 |
8 |
9 | ## Runing the code
10 | Clone the code, navigate to the folder for this sample and run:
11 | ```
12 | mvn compile exec:java -Dexec.mainClass="com.samlsecurity.opensamlSamples.gettingStartedAuthnrequest.GenAuthnRequest"
13 | ```
14 |
--------------------------------------------------------------------------------
/getting-started-authnrequest/README.md:
--------------------------------------------------------------------------------
1 | # Getting started with OpenSAML and building AuthnRequest
2 | Sample code for the blog post [Getting started with OpenSAML 4](https://blog.samlsecurity.com/post/getting-started-opensaml-v4/?utm_source=github&utm_medium=link&utm_campaign=opensaml_samples_collection&utm_content=getting-started-authn), explaining
3 | * Basics of OpenSAML
4 | * How to add OpenSAML to your project
5 | * Initializing OpenSAML
6 | * Creating a SAML AuthnRequest message.
7 |
8 |
9 | ## Runing the code
10 | Clone the code, navigate to the folder for this sample and run:
11 | ```
12 | mvn compile exec:java -Dexec.mainClass="com.samlsecurity.opensamlSamples.gettingStartedAuthnrequest.GenAuthnRequest"
13 | ```
14 |
--------------------------------------------------------------------------------
/opensaml-pretty-print/README.md:
--------------------------------------------------------------------------------
1 | # Demo code on pretty printing in OpenSAML 4
2 | This code shows a how to pretty print a SAML object in OpenSAML 4. This can be very useful for troubleshooting problems in you OpenSAML code.
3 |
4 | The code is explained with more detail and background on [this blog post](https://blog.samlsecurity.com/post/prettyprint-opensaml/?utm_source=github&utm_medium=link&utm_campaign=prettyprint&utm_id=prettyprint&utm_content=prettyprint)
5 |
6 | The code shows:
7 | * All dependecied needed
8 | * Initializing OpenSAML
9 | * Creating and printing a simple object using OpenSAML 4
10 |
11 | ## Running the code
12 | Clone this repo, navigate to the folder for this sample and run:
13 | ```
14 | mvn compile exec:java -Dexec.mainClass="no.steras.opensamlSamples.prettyprint.Prettyprint"
15 |
16 | ```
17 |
--------------------------------------------------------------------------------
/no-bootstraping-opensaml-v3/README.md:
--------------------------------------------------------------------------------
1 | # Library not initialized in OpenSAML 3
2 | A simple code sample showing the error that is thrown if the OpenSAML library is not properly initialized.
3 |
4 | [This blog post](https://blog.samlsecurity.com/2014/05/nullpointer-exception-in-opensaml.html/?utm_source=github&utm_medium=link&utm_campaign=no-bootstrap-opensaml&utm_id=no-bootstrap-opensaml&utm_content=no-bootstrap-opensaml) uses the code and explains the problem
5 |
6 |
7 | Running the code shows the exception thrown when using the library without initializing it. The code shows the correct way of initializing the library in OpenSAMl version 3
8 |
9 | ## Running the code
10 | Clone this repo, navigate to the folder for this sample and run:
11 | ```
12 | mvn compile exec:java -Dexec.mainClass="no.steras.opensamlSamples.nobootstrap.v3.NoBootstrap"
13 |
14 | ```
15 |
--------------------------------------------------------------------------------
/no-bootstraping-opensaml-v4/README.md:
--------------------------------------------------------------------------------
1 | # Library not initialized in OpenSAML 4
2 | A simple code sample showing the error that is thrown if the OpenSAML library is not properly initialized.
3 |
4 | [This blog post](https://blog.samlsecurity.com/2014/05/nullpointer-exception-in-opensaml.html/?utm_source=github&utm_medium=link&utm_campaign=no-bootstrap-opensaml&utm_id=no-bootstrap-opensaml&utm_content=no-bootstrap-opensaml) uses the code and explains the problem
5 |
6 |
7 | Running the code shows the exception thrown when using the library without initializing it. The code shows the correct way of initializing the library in OpenSAMl version 4
8 |
9 | ## Running the code
10 | Clone this repo, navigate to the folder for this sample and run:
11 | ```
12 | mvn compile exec:java -Dexec.mainClass="no.steras.opensamlSamples.nobootstrap.v4.NoBootstrap"
13 |
14 | ```
15 |
--------------------------------------------------------------------------------
/opensaml4-webprofile-demo/src/main/java/no/steras/opensamlSamples/opensaml4WebprofileDemo/app/ApplicationServlet.java:
--------------------------------------------------------------------------------
1 | package no.steras.opensamlSamples.opensaml4WebprofileDemo.app;
2 |
3 | import javax.servlet.ServletException;
4 | import javax.servlet.http.HttpServlet;
5 | import javax.servlet.http.HttpServletRequest;
6 | import javax.servlet.http.HttpServletResponse;
7 | import java.io.IOException;
8 |
9 | /**
10 | * This servlet acts as the resource that the access filter is protecting
11 | */
12 | public class ApplicationServlet extends HttpServlet {
13 | @Override
14 | protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
15 | resp.setContentType("text/html");
16 | resp.getWriter().append("You are now at the requested resource
");
17 | resp.getWriter().append("This is the protected resource. You are authenticated");
18 | }
19 | }
20 |
--------------------------------------------------------------------------------
/opensaml-http-post/README.md:
--------------------------------------------------------------------------------
1 | # Demo code on HTTP POST in OpenSAML 4
2 | This code shows a how to use the HTTPPostEncoder and HTTPPostDecoder in OpenSMAL 4 to send a receive messages using the HTTP POST binding.
3 |
4 | The code is explained with more detail and backgound on [this blog post](https://blog.samlsecurity.com/post/post-binding-opensaml-4/?utm_source=github&utm_medium=link&utm_campaign=opensaml_samples_collection&utm_content=http-post-binding)
5 |
6 | The demo sets up two servlets acting as sender and reciever of the a message.
7 |
8 | The code shows:
9 | * All dependecied needed
10 | * Initializing OpenSAML
11 | * Sending and receiving messages using OpenSAML 4
12 |
13 | ## Runing the code
14 | Clone this repo, navigate to the folder for this sample and run:
15 | ```
16 | mvn tomcat:run
17 | ```
18 |
19 | Then open a browser and navigate to http://localhost:8080/opensaml-http-post/postPage
20 | All SAML messages used during the communication are logged to the console.
21 |
--------------------------------------------------------------------------------
/opensaml-http-post/src/main/webapp/WEB-INF/web.xml:
--------------------------------------------------------------------------------
1 |
4 |
5 |
6 | HTTP Redirect demo
7 |
8 |
9 | PostServlet
10 | no.steras.opensamlSamples.httpPost.PostServlet
11 |
12 |
13 | ReceiverServlet
14 | no.steras.opensamlSamples.httpPost.ReceiverServlet
15 |
16 |
17 |
18 | PostServlet
19 | /postPage
20 |
21 |
22 | ReceiverServlet
23 | /receiverPage
24 |
25 |
26 |
27 |
--------------------------------------------------------------------------------
/opensaml-http-redirect/src/main/webapp/WEB-INF/web.xml:
--------------------------------------------------------------------------------
1 |
4 |
5 |
6 | HTTP Redirect demo
7 |
8 |
9 | RedirectServlet
10 | no.steras.opensamlSamples.httpRedirect.RedirectServlet
11 |
12 |
13 | ReceiverServlet
14 | no.steras.opensamlSamples.httpRedirect.ReceiverServlet
15 |
16 |
17 |
18 | RedirectServlet
19 | /redirectPage
20 |
21 |
22 | ReceiverServlet
23 | /receiverPage
24 |
25 |
26 |
27 |
--------------------------------------------------------------------------------
/opensaml-signing-and-verification/src/main/webapp/WEB-INF/web.xml:
--------------------------------------------------------------------------------
1 |
4 |
5 |
6 | Signing and verification
7 |
8 |
9 | SenderServlet
10 | no.steras.opensamlSamples.signingVerification.SenderServlet
11 |
12 |
13 | ReceiverServlet
14 | no.steras.opensamlSamples.signingVerification.ReceiverServlet
15 |
16 |
17 |
18 | SenderServlet
19 | /senderPage
20 |
21 |
22 | ReceiverServlet
23 | /receiverPage
24 |
25 |
26 |
27 |
--------------------------------------------------------------------------------
/opensaml-http-redirect/README.md:
--------------------------------------------------------------------------------
1 | # Demo code on HTTP Redirect in OpenSAML 4
2 | This code shows a how to use the HTTPRedirectDeflateEncoder and HTTPRedirectDeflateDecoder in OpenSMAL 4 to send a receive messages using HTTP Redirect binding.
3 |
4 | The code is explained with more detail and backgound on [this blog post](https://blog.samlsecurity.com/2011/01/redirect-with-authnrequest.html?utm_source=github&utm_medium=link&utm_campaign=opensaml_samples_collection&utm_content=http-redirect-binding)
5 |
6 | The demo sets up two servlets acting as different sender and reciever of the a message.
7 |
8 | The code shows:
9 | * All dependecied needed
10 | * Initializing OpenSAML
11 | * Sending and receiving messages using OpenSAML 4
12 |
13 | ## Runing the code
14 | Clone this repo, navigate to the folder for this sample and run:
15 | ```
16 | mvn tomcat:run
17 | ```
18 |
19 | Then open a browser and navigate to http://localhost:8080/opensaml-http-redirect/redirectPage
20 | All SAML messages used during the communication are logged to the console.
21 |
--------------------------------------------------------------------------------
/README.md:
--------------------------------------------------------------------------------
1 | # OpenSAML-sample-code
2 | Here I collect all code samples for OpenSAML from my books and my blog [https://blog.samlsecurity.com/](https://blog.samlsecurity.com/?utm_source=github&utm_medium=link&utm_campaign=opensaml_samples_collection&utm_content=main)
3 |
4 | These are the current samples in the collection
5 |
6 | * [Getting started with OpenSAML 4 and building AuthnRequest](getting-started-authnrequest)
7 | * [Complete demo of SP and IdP interacting with OpenSAML 4](opensaml4-webprofile-demo)
8 | * [Sending and receiving messages using HTTP Redirect](opensaml-http-redirect)
9 | * [Sending and receiving messages using HTTP Post](opensaml-http-post)
10 | * [OpenSAML 4 signing and signature verification](opensaml-signing-and-verification)
11 | * [OpenSAML 4 prettyprinting OpenSAML objects](opensaml-pretty-print)
12 | * [Exception thrown when OpenSAML 4 not initialized](no-bootstraping-opensaml-v4)
13 | * [Exception thrown when OpenSAML 3 not initialized](no-bootstraping-opensaml-v3)
14 | * [Getting started with OpenSAML 3](getting-started-opensamlv3)
15 |
--------------------------------------------------------------------------------
/opensaml4-webprofile-demo/src/main/java/no/steras/opensamlSamples/opensaml4WebprofileDemo/idp/IDPCredentials.java:
--------------------------------------------------------------------------------
1 | package no.steras.opensamlSamples.opensaml4WebprofileDemo.idp;
2 |
3 | import org.opensaml.security.credential.Credential;
4 | import org.opensaml.security.credential.CredentialSupport;
5 | import org.opensaml.security.crypto.KeySupport;
6 | import java.security.*;
7 |
8 | public class IDPCredentials {
9 | private static final Credential credential;
10 |
11 | static {
12 | credential = generateCredential();
13 | }
14 |
15 | private static Credential generateCredential() {
16 | try {
17 | KeyPair keyPair = KeySupport.generateKeyPair("RSA", 1024, null);
18 | return CredentialSupport.getSimpleCredential(keyPair.getPublic(), keyPair.getPrivate());
19 | } catch (NoSuchAlgorithmException e) {
20 | throw new RuntimeException(e);
21 | } catch (NoSuchProviderException e) {
22 | throw new RuntimeException(e);
23 | }
24 | }
25 |
26 | public static Credential getCredential() {
27 | return credential;
28 | }
29 |
30 | }
31 |
--------------------------------------------------------------------------------
/opensaml4-webprofile-demo/README.md:
--------------------------------------------------------------------------------
1 | # Demo of SP and IdP interacting using OpenSAML 4
2 | This code shows a simulation of how a SP and a IdP might communicate using SAML. Variations on this demo is used exensivley in the books [A Guide to OpenSAML V2](https://payhip.com/b/odEY?utm_source=github&utm_medium=link&utm_campaign=opensaml_samples_collection&utm_content=getting-started-authn) and [A Guide to OpenSAML V3](https://payhip.com/b/41Tw?utm_source=github&utm_medium=link&utm_campaign=opensaml_samples_collection&utm_content=getting-started-authn).
3 |
4 | The demo code sets up several servlets acting as different endpoints on SP, IdP and business application.
5 |
6 | The demo acts a good overview guide to OpenSAML demonstrating:
7 | * Building, singing and sending a AuthnRequest using HTTP Redirect binding
8 | * Parsing and verifying signatures on AuthnRequest
9 | * Sending a Response message using the Artifact binding
10 | * Encrypting and decryoting a Assertion
11 |
12 | ## Runing the code
13 | Clone the code, navigate to the folder for this sample and run:
14 | ```
15 | mvn tomcat:run
16 | ```
17 |
18 | Then open a browser and navigate to http://localhost:8080/opensaml4-webprofile-demo/app/appservlet
19 |
20 | All SAML messages used during the communication are logged to the console.
21 |
--------------------------------------------------------------------------------
/opensaml4-webprofile-demo/certificates/idpssl.crt:
--------------------------------------------------------------------------------
1 | -----BEGIN CERTIFICATE-----
2 | MIIDXTCCAkWgAwIBAgIJAKMAcjEIcSAhMA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNV
3 | BAYTAkFVMRMwEQYDVQQIDApTb21lLVN0YXRlMSEwHwYDVQQKDBhJbnRlcm5ldCBX
4 | aWRnaXRzIFB0eSBMdGQwHhcNMTYwNDI5MTgxNDUxWhcNMTcwNDI5MTgxNDUxWjBF
5 | MQswCQYDVQQGEwJBVTETMBEGA1UECAwKU29tZS1TdGF0ZTEhMB8GA1UECgwYSW50
6 | ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
7 | CgKCAQEAwEbvwC9dm5j5nazJCo19alYqoNEOQAkWfk+iQf6AzhbLlfWMEA0p2r1q
8 | MvAnYIHsGAAT4waUnUQnjETYGJzLxGQXilf0zLVTU2gTNg+NAAD76tx05BYEqI9M
9 | x5JIUvUVkWSDpeejnqT0AnjYGCyKXBdf5VBrOR+KVklcdUHqtGXIergsSDil9fLG
10 | GJNaFVzTxqHIaGzCNn1P9xCkKQJATHrFDfUOEMb2AiXvH3YdAQhV7vsNg/ljBkXj
11 | RKgZY1FTn5Irzoz94jnRVeWD1voKcp2vwAIw5ktuy3/gFfdqg7MIKBLKbY/+cqcu
12 | RMtwg+MqNBN9D2BwyOhEVeIla4Rk/wIDAQABo1AwTjAdBgNVHQ4EFgQUyhBliasA
13 | H2eiidabk1qWqICDqpUwHwYDVR0jBBgwFoAUyhBliasAH2eiidabk1qWqICDqpUw
14 | DAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQUFAAOCAQEAJiK6LSXyFxCHfvACRFfO
15 | AQFAz8nBvqUmE5T9+Oakx26mzVlDE0aFYXMYXBmitGq3I/faUTT1Nshei+boLBAL
16 | FhoRtKWVB+rYb2miDUJzYmsXb6GUZer1bQtYp5Zu7t585DVhTz4ia9S4FHzcOVTF
17 | E03NDYAGV8QG3fSJ+4dkeris0SA+sE4zNsIpIMI3f4UsDtn3+2AL4t2bkC+7ILpF
18 | kkhBDNRdh5SdmCzHsS27pV8hIqjC5gVt3t0HhAj3OWh38m30WAQ7v6SOe1QMfNPF
19 | xkC0cwH5Ot6LJ5OlgFpF/sP+JrMQ+EpkrnVd+Su0DxJPrilEAsb7W3R/49hFFjvv
20 | Ww==
21 | -----END CERTIFICATE-----
22 |
--------------------------------------------------------------------------------
/opensaml-signing-and-verification/README.md:
--------------------------------------------------------------------------------
1 | # OpenSAML 4 signing and signature verification demo
2 | This code shows a complete example of calculating XML signatures and validating them in OpenSAML 4. I also shows how to use surrounding components needed such as credential resolver, message handlers and trust engines.
3 |
4 | The code is explained with detail and backgound on [this blog post](https://blog.samlsecurity.com/2012/11/verifying-signatures-with-opensaml?utm_source=github&utm_medium=link&utm_campaign=opensaml_samples_collection&utm_content=opensaml-signing-and-verification)
5 |
6 | The demo sets up two servlets acting as sender and reciever of the a message, where the sender uses KeyStoreCredentialResolver and SAMLOutboundProtocolMessageSigningHandler to sign the message. The receiver uses FilesystemMetadataResolver and SAMLProtocolMessageXMLSignatureSecurityHandler to verify the message.
7 |
8 | The code shows:
9 | * All dependecied needed
10 | * Use of message handlers for signatures
11 | * Popular credential resolvers
12 | * Sending and receiving messages using OpenSAML 4
13 |
14 | ## Runing the code
15 | Clone this repo, navigate to the folder for this sample and run:
16 | ```
17 | mvn tomcat:run
18 | ```
19 |
20 | Then open a browser and navigate to http://localhost:8080/opensaml-signing-and-verification/senderPage
21 | All SAML messages used during the communication are logged to the console.
22 |
--------------------------------------------------------------------------------
/opensaml4-webprofile-demo/src/main/java/no/steras/opensamlSamples/opensaml4WebprofileDemo/idp/SingleSignOnServlet.java:
--------------------------------------------------------------------------------
1 | package no.steras.opensamlSamples.opensaml4WebprofileDemo.idp;
2 |
3 | import org.slf4j.Logger;
4 | import org.slf4j.LoggerFactory;
5 |
6 | import no.steras.opensamlSamples.opensaml4WebprofileDemo.sp.SPConstants;
7 |
8 | import javax.servlet.ServletException;
9 | import javax.servlet.http.HttpServlet;
10 | import javax.servlet.http.HttpServletRequest;
11 | import javax.servlet.http.HttpServletResponse;
12 | import java.io.IOException;
13 | import java.io.Writer;
14 |
15 | public class SingleSignOnServlet extends HttpServlet {
16 | private static Logger logger = LoggerFactory.getLogger(SingleSignOnServlet.class);
17 |
18 | @Override
19 | protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
20 | logger.info("AuthnRequest recieved");
21 | Writer w = resp.getWriter();
22 | resp.setContentType("text/html");
23 | w.append("" + "" + "You are now at IDP, click the button to authenticate
" + "" + "");
25 | }
26 |
27 | @Override
28 | protected void doPost(final HttpServletRequest req, final HttpServletResponse resp) throws ServletException, IOException {
29 | resp.sendRedirect(SPConstants.ASSERTION_CONSUMER_SERVICE + "?SAMLart=AAQAAMFbLinlXaCM%2BFIxiDwGOLAy2T71gbpO7ZhNzAgEANlB90ECfpNEVLg%3D");
30 | }
31 |
32 |
33 | }
34 |
--------------------------------------------------------------------------------
/opensaml-signing-and-verification/src/main/resources/sender-metadata.xml:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 |
6 |
7 | MIIDdzCCAl+gAwIBAgIECqnfAzANBgkqhkiG9w0BAQsFADBsMRAwDgYDVQQGEwdVbmtub3duMRAwDgYDVQQIEwdVbmtub3duMRAwDgYDVQQHEwdVbmtub3duMRAwDgYDVQQKEwdVbmtub3duMRAwDgYDVQQLEwdVbmtub3duMRAwDgYDVQQDEwdVbmtub3duMB4XDTIxMTEwODE4NDEzOFoXDTIyMDIwNjE4NDEzOFowbDEQMA4GA1UEBhMHVW5rbm93bjEQMA4GA1UECBMHVW5rbm93bjEQMA4GA1UEBxMHVW5rbm93bjEQMA4GA1UEChMHVW5rbm93bjEQMA4GA1UECxMHVW5rbm93bjEQMA4GA1UEAxMHVW5rbm93bjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAJdGKCdy0c3CeCFCUidx859yBMXcHyOpGScw4wvk1xRX87a9xzqxel/YJrushV+vylTo472QY1CrpuqSRhuGLKgqlb5I/yo7uLhiL20bJToxR9rSOeIuMGcAPpu9VQ0/MR5wKoQjZiYAfaHrYBK3O0jdzo1TlhlWpsurULurxr/LD19BNaYgkvHrxjUFsO7pcmg3KRaZpH0eRTXI+Taip6MspoRjcLjnROXiYGDGrlmNSG+VbSapQDlmzjJaBJmqUU+0Fe5GagxSB5l/hOY46T18rr/OGhTPxrFQljpR/N4BPwG2iawwFp+E/IzACbNSUOlcTP9Pf39vPF+XhRmKGK0CAwEAAaMhMB8wHQYDVR0OBBYEFDQQyF+Lcv97GDXGIIgSE9WRvAL/MA0GCSqGSIb3DQEBCwUAA4IBAQAKJY81c21vP5ZtmTsGFHqMKp7nYFNMk2ukkwFW5EUa6cuwgs4n4Kq0RwjGnc0c/isXpZJIKMl1Q6rU4mwQvgqphLXgiGCU+hQmwH8uOtAQxWK/kTrE7FtaTpuhco42wu1+ORNyOa2XNq6Ueivd77NxIwfaGLBSOi4u8gpGUSwmQYY7RkfUtEgbxmrNeu1kx7ikC1OU5/IM/E3nBgFiH1zBKnhxqJgUeMAsOZspGCTw8IEkK3I4RzvaYM63bJTqRl6uYZK/8XwX2AQEbjtwdTAqcpIB5DnboczVjwYvOLrr/7oPApjvX+bOBtbXEF2HJsAZF0Q7e9gXvSIg6QnOJdoH
8 |
9 |
10 |
11 |
12 |
--------------------------------------------------------------------------------
/opensaml4-webprofile-demo/certificates/idpssl.key:
--------------------------------------------------------------------------------
1 | -----BEGIN PRIVATE KEY-----
2 | MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQDARu/AL12bmPmd
3 | rMkKjX1qViqg0Q5ACRZ+T6JB/oDOFsuV9YwQDSnavWoy8CdggewYABPjBpSdRCeM
4 | RNgYnMvEZBeKV/TMtVNTaBM2D40AAPvq3HTkFgSoj0zHkkhS9RWRZIOl56OepPQC
5 | eNgYLIpcF1/lUGs5H4pWSVx1Qeq0Zch6uCxIOKX18sYYk1oVXNPGochobMI2fU/3
6 | EKQpAkBMesUN9Q4QxvYCJe8fdh0BCFXu+w2D+WMGReNEqBljUVOfkivOjP3iOdFV
7 | 5YPW+gpyna/AAjDmS27Lf+AV92qDswgoEsptj/5ypy5Ey3CD4yo0E30PYHDI6ERV
8 | 4iVrhGT/AgMBAAECggEAT1i2taOWSJC/ac8VA9LRz6ERZF4BOHHHo4ZvWjaRpvqH
9 | NzImg7U68Xa7LZwnU88pw9m8WzKq/59RhrQeTUHfYQNBJ6kWb6fgZAoN64BNWpQN
10 | YaVqY3mmoHzKXY1DZWCYbvCA12UZA23k+GQwIQG4czp+K16dcOxQJT2O9yCln52u
11 | GLif7R7OhSpKjpxGfnMWZzdXHxvGDxVnV/bOrJcRcHovi7y5sBm1yIz2uSzFBG3D
12 | pnScafmTqx5ewnUssX8/1AkgKkkSg/loPultForaYc9de4ntoQcc1/KqYOoG9jyy
13 | 8Brp4Ta1IhdB/5rrDzhahnmBzcBPI6fc2PNl4idYIQKBgQDfWRbzPiHCH0DfLc7j
14 | pNXCuhLwsu7kfWaCBJ7XNKu4j+hp8/NtK7R8JYa3++BakWrZ/N+L10IxvBAC+WL1
15 | rhXuLH6Z6iy2T3qPL8lLUf85BGGt0EHdDqrbjoMz8sZ16hGD9w8LUhw4JHjgFnLv
16 | +PTS3JaLonD93Zk1zhijBbt5rwKBgQDcYwCozaweyChKz0CRCAVNeamBGlv1V17H
17 | FLfqoCvgoiM1lvhUQxnI3py0UldGSpjMQpnw8q087RYjh9KkEOYAydvEhS/MUeEd
18 | ecfcxzPP0xp1VXdCmKA+vMAR42hP5PPneqZWza0r39Nz5Mnba++3U1xXLe44KnbH
19 | kVrKY3atsQKBgQDeKlpf3v/pfvkihwhy/LX9GuZYM0TaV7qtvjbaTvQ5hDxlmFod
20 | 0AmaLCHTxWIn9Npat+UNzzNzEWTD8Jn1VBNQdUYBiCStvGVnJNuQZqH/b1JSeQPr
21 | BfoCp8Hu3KF5DTobEJgQZL7ZQb5S+UGfXv74+J9vikfm3pTWJonvL3aK1QKBgQDX
22 | kV9LviHl2hLPWfnl4tqM9bv/NDFOwa9LO9DKBvHkP7QA7zLn+Np3yIevOft0HfNn
23 | mJ3LORSKy70j8+7t3Dmd+9SjXUNrr4tqsXv1UEQ1vF/c9UQ6N+BGfYnB9ZZKz8Bj
24 | Y2zg6z2/9Kd4bQmlPuazgy6Hd73T4nVcr6kG3lNvgQKBgGwkA93qaWATtzdPNEcj
25 | IP3ZBE5ll9wuZyBittGRQCfPwgL3WdE3ukYRtxvlWmughxQGSjCt84vY5ZQxxkHo
26 | jUFDZiHql/UC3udbKnUpAyuoG9xnA36PMgW7oawTqS90MSgRL4e6eLqWOPRAAaLt
27 | e0YP6NdBpG5nAtuTAUDxMajK
28 | -----END PRIVATE KEY-----
29 |
--------------------------------------------------------------------------------
/opensaml-http-post/src/main/java/no/steras/opensamlSamples/httpPost/ReceiverServlet.java:
--------------------------------------------------------------------------------
1 | package no.steras.opensamlSamples.httpPost;
2 |
3 | import java.io.IOException;
4 | import java.io.Writer;
5 |
6 | import javax.servlet.ServletException;
7 | import javax.servlet.http.HttpServlet;
8 | import javax.servlet.http.HttpServletRequest;
9 | import javax.servlet.http.HttpServletResponse;
10 |
11 | import org.opensaml.messaging.context.MessageContext;
12 | import org.opensaml.messaging.decoder.MessageDecodingException;
13 | import org.opensaml.saml.saml2.binding.decoding.impl.HTTPPostDecoder;
14 | import org.opensaml.saml.saml2.core.AuthnRequest;
15 | import org.slf4j.Logger;
16 | import org.slf4j.LoggerFactory;
17 |
18 | import net.shibboleth.utilities.java.support.component.ComponentInitializationException;
19 |
20 | public class ReceiverServlet extends HttpServlet {
21 | private static Logger logger = LoggerFactory.getLogger(ReceiverServlet.class);
22 |
23 | @Override
24 | protected void doPost(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
25 |
26 | HTTPPostDecoder decoder = new HTTPPostDecoder();
27 | decoder.setHttpServletRequest(req);
28 |
29 | AuthnRequest authnRequest;
30 | try {
31 | decoder.initialize();
32 |
33 | decoder.decode();
34 | MessageContext messageContext = decoder.getMessageContext();
35 | authnRequest = (AuthnRequest) messageContext.getMessage();
36 |
37 | } catch (ComponentInitializationException | MessageDecodingException e) {
38 | throw new RuntimeException(e);
39 | }
40 |
41 | logger.info("AuthnRequest recieved");
42 | logger.info("AuthnRequest redirect URL: ");
43 | logger.info(req.getRequestURL().toString() + "?" + req.getQueryString());
44 | logger.info("AuthnRequest message: ");
45 | OpenSAMLUtils.logSAMLObject(authnRequest);
46 |
47 | Writer w = resp.getWriter();
48 | resp.setContentType("text/html");
49 | w.append("" + "" + "AuthnRequest received. Results in the console log
"
50 | + "" + "");
51 | }
52 |
53 | }
54 |
--------------------------------------------------------------------------------
/opensaml-http-redirect/src/main/java/no/steras/opensamlSamples/httpRedirect/ReceiverServlet.java:
--------------------------------------------------------------------------------
1 | package no.steras.opensamlSamples.httpRedirect;
2 |
3 | import java.io.IOException;
4 | import java.io.Writer;
5 |
6 | import javax.servlet.ServletException;
7 | import javax.servlet.http.HttpServlet;
8 | import javax.servlet.http.HttpServletRequest;
9 | import javax.servlet.http.HttpServletResponse;
10 |
11 | import org.opensaml.messaging.context.MessageContext;
12 | import org.opensaml.messaging.decoder.MessageDecodingException;
13 | import org.opensaml.saml.saml2.binding.decoding.impl.HTTPRedirectDeflateDecoder;
14 | import org.opensaml.saml.saml2.core.AuthnRequest;
15 | import org.slf4j.Logger;
16 | import org.slf4j.LoggerFactory;
17 |
18 | import net.shibboleth.utilities.java.support.component.ComponentInitializationException;
19 |
20 | public class ReceiverServlet extends HttpServlet {
21 | private static Logger logger = LoggerFactory.getLogger(ReceiverServlet.class);
22 |
23 | @Override
24 | protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
25 |
26 | HTTPRedirectDeflateDecoder decoder = new HTTPRedirectDeflateDecoder();
27 | decoder.setHttpServletRequest(req);
28 |
29 | AuthnRequest authnRequest;
30 | try {
31 | decoder.initialize();
32 |
33 | decoder.decode();
34 | MessageContext messageContext = decoder.getMessageContext();
35 | authnRequest = (AuthnRequest) messageContext.getMessage();
36 |
37 | } catch (ComponentInitializationException | MessageDecodingException e) {
38 | throw new RuntimeException(e);
39 | }
40 |
41 | logger.info("AuthnRequest recieved");
42 | logger.info("AuthnRequest redirect URL: ");
43 | logger.info(req.getRequestURL().toString() + "?" + req.getQueryString());
44 | logger.info("AuthnRequest message: ");
45 | OpenSAMLUtils.logSAMLObject(authnRequest);
46 |
47 | Writer w = resp.getWriter();
48 | resp.setContentType("text/html");
49 | w.append("" + "" + "AuthnRequest received. Results in the console log
"
50 | + "" + "");
51 | }
52 |
53 | }
54 |
--------------------------------------------------------------------------------
/opensaml4-webprofile-demo/src/main/webapp/WEB-INF/web.xml:
--------------------------------------------------------------------------------
1 |
4 |
5 |
6 | Archetype Created Web Application
7 |
8 |
9 | ApplicationServlet
10 | no.steras.opensamlSamples.opensaml4WebprofileDemo.app.ApplicationServlet
11 |
12 |
13 | SingleSignOnService
14 | no.steras.opensamlSamples.opensaml4WebprofileDemo.idp.SingleSignOnServlet
15 |
16 |
17 | ConsumerServlet
18 | no.steras.opensamlSamples.opensaml4WebprofileDemo.sp.ConsumerServlet
19 |
20 |
21 | ArtifactResolutionServlet
22 | no.steras.opensamlSamples.opensaml4WebprofileDemo.idp.ArtifactResolutionServlet
23 |
24 |
25 |
26 | ApplicationServlet
27 | /app/appservlet
28 |
29 |
30 | SingleSignOnService
31 | /idp/singleSignOnService
32 |
33 |
34 | ConsumerServlet
35 | /sp/consumer
36 |
37 |
38 | ArtifactResolutionServlet
39 | /idp/artifactResolutionService
40 |
41 |
42 |
43 | AccessFilter
44 | no.steras.opensamlSamples.opensaml4WebprofileDemo.sp.AccessFilter
45 |
46 |
47 |
48 | AccessFilter
49 | /app/*
50 | REQUEST
51 |
52 |
53 |
--------------------------------------------------------------------------------
/opensaml-pretty-print/pom.xml:
--------------------------------------------------------------------------------
1 |
2 |
5 | 4.0.0
6 |
7 | no.steras.opensaml-samples
8 | opensaml-prettyprint
9 | 1.0-SNAPSHOT
10 | war
11 |
12 |
13 | 4.1.1
14 | 2.3
15 |
16 | 1.8
17 | 1.8
18 |
19 |
20 |
21 | org.opensaml
22 | opensaml-core
23 | ${opensaml.version}
24 |
25 |
26 | org.opensaml
27 | opensaml-saml-api
28 | ${opensaml.version}
29 |
30 |
31 | org.opensaml
32 | opensaml-saml-impl
33 | ${opensaml.version}
34 |
35 |
36 | org.opensaml
37 | opensaml-messaging-api
38 | ${opensaml.version}
39 |
40 |
41 | org.opensaml
42 | opensaml-messaging-impl
43 | ${opensaml.version}
44 |
45 |
46 | org.opensaml
47 | opensaml-soap-api
48 | ${opensaml.version}
49 |
50 |
51 | org.opensaml
52 | opensaml-soap-impl
53 | ${opensaml.version}
54 |
55 |
56 |
57 |
58 | shib-release
59 | https://build.shibboleth.net/nexus/content/repositories/releases
60 |
61 |
62 |
63 |
--------------------------------------------------------------------------------
/no-bootstraping-opensaml-v4/pom.xml:
--------------------------------------------------------------------------------
1 |
2 |
5 | 4.0.0
6 |
7 | no.steras.opensaml-samples
8 | opensaml-prettyprint
9 | 1.0-SNAPSHOT
10 | war
11 |
12 |
13 | 4.1.1
14 | 2.3
15 |
16 | 1.8
17 | 1.8
18 |
19 |
20 |
21 | org.opensaml
22 | opensaml-core
23 | ${opensaml.version}
24 |
25 |
26 | org.opensaml
27 | opensaml-saml-api
28 | ${opensaml.version}
29 |
30 |
31 | org.opensaml
32 | opensaml-saml-impl
33 | ${opensaml.version}
34 |
35 |
36 | org.opensaml
37 | opensaml-messaging-api
38 | ${opensaml.version}
39 |
40 |
41 | org.opensaml
42 | opensaml-messaging-impl
43 | ${opensaml.version}
44 |
45 |
46 | org.opensaml
47 | opensaml-soap-api
48 | ${opensaml.version}
49 |
50 |
51 | org.opensaml
52 | opensaml-soap-impl
53 | ${opensaml.version}
54 |
55 |
56 |
57 |
58 | shib-release
59 | https://build.shibboleth.net/nexus/content/repositories/releases
60 |
61 |
62 |
63 |
--------------------------------------------------------------------------------
/getting-started-authnrequest/src/main/java/com/samlsecurity/opensamlSamples/gettingStartedAuthnrequest/OpenSAMLUtils.java:
--------------------------------------------------------------------------------
1 | package com.samlsecurity.opensamlSamples.gettingStartedAuthnrequest;
2 |
3 | import javax.xml.namespace.QName;
4 |
5 | import org.opensaml.core.xml.XMLObject;
6 | import org.opensaml.core.xml.XMLObjectBuilderFactory;
7 | import org.opensaml.core.xml.config.XMLObjectProviderRegistrySupport;
8 | import org.opensaml.core.xml.io.Marshaller;
9 | import org.opensaml.core.xml.io.MarshallingException;
10 | import org.opensaml.saml.common.SignableSAMLObject;
11 | import org.slf4j.Logger;
12 | import org.slf4j.LoggerFactory;
13 | import org.w3c.dom.Element;
14 |
15 | import net.shibboleth.utilities.java.support.security.impl.RandomIdentifierGenerationStrategy;
16 | import net.shibboleth.utilities.java.support.xml.SerializeSupport;
17 |
18 | public class OpenSAMLUtils {
19 | private static Logger logger = LoggerFactory.getLogger(OpenSAMLUtils.class);
20 | private static RandomIdentifierGenerationStrategy secureRandomIdGenerator;
21 |
22 | static {
23 | secureRandomIdGenerator = new RandomIdentifierGenerationStrategy();
24 |
25 | }
26 |
27 | public static T buildSAMLObject(final Class clazz) {
28 | T object = null;
29 | try {
30 | XMLObjectBuilderFactory builderFactory = XMLObjectProviderRegistrySupport.getBuilderFactory();
31 | QName defaultElementName = (QName) clazz.getDeclaredField("DEFAULT_ELEMENT_NAME").get(null);
32 | object = (T) builderFactory.getBuilder(defaultElementName).buildObject(defaultElementName);
33 | } catch (IllegalAccessException e) {
34 | throw new IllegalArgumentException("Could not create SAML object");
35 | } catch (NoSuchFieldException e) {
36 | throw new IllegalArgumentException("Could not create SAML object");
37 | }
38 |
39 | return object;
40 | }
41 |
42 | public static String generateSecureRandomId() {
43 | return secureRandomIdGenerator.generateIdentifier();
44 | }
45 |
46 | public static void logSAMLObject(final XMLObject object) {
47 | Element element = null;
48 |
49 | if (object instanceof SignableSAMLObject && ((SignableSAMLObject) object).isSigned()
50 | && object.getDOM() != null) {
51 | element = object.getDOM();
52 | } else {
53 | try {
54 | Marshaller out = XMLObjectProviderRegistrySupport.getMarshallerFactory().getMarshaller(object);
55 | out.marshall(object);
56 | element = object.getDOM();
57 |
58 | } catch (MarshallingException e) {
59 | logger.error(e.getMessage(), e);
60 | }
61 | }
62 | String xmlString = SerializeSupport.prettyPrintXML(element);
63 |
64 | logger.info(xmlString);
65 |
66 | }
67 | }
68 |
--------------------------------------------------------------------------------
/opensaml-http-post/src/main/java/no/steras/opensamlSamples/httpPost/OpenSAMLUtils.java:
--------------------------------------------------------------------------------
1 | package no.steras.opensamlSamples.httpPost;
2 |
3 | import javax.xml.namespace.QName;
4 |
5 | import org.opensaml.core.xml.XMLObject;
6 | import org.opensaml.core.xml.XMLObjectBuilderFactory;
7 | import org.opensaml.core.xml.config.XMLObjectProviderRegistrySupport;
8 | import org.opensaml.core.xml.io.Marshaller;
9 | import org.opensaml.core.xml.io.MarshallingException;
10 | import org.opensaml.saml.common.SignableSAMLObject;
11 | import org.slf4j.Logger;
12 | import org.slf4j.LoggerFactory;
13 | import org.w3c.dom.Element;
14 |
15 | import net.shibboleth.utilities.java.support.security.impl.RandomIdentifierGenerationStrategy;
16 | import net.shibboleth.utilities.java.support.xml.SerializeSupport;
17 |
18 | /**
19 | * Created by Privat on 4/6/14.
20 | */
21 | public class OpenSAMLUtils {
22 | private static Logger logger = LoggerFactory.getLogger(OpenSAMLUtils.class);
23 | private static RandomIdentifierGenerationStrategy secureRandomIdGenerator;
24 |
25 | static {
26 | secureRandomIdGenerator = new RandomIdentifierGenerationStrategy();
27 |
28 | }
29 |
30 | public static T buildSAMLObject(final Class clazz) {
31 | T object = null;
32 | try {
33 | XMLObjectBuilderFactory builderFactory = XMLObjectProviderRegistrySupport.getBuilderFactory();
34 | QName defaultElementName = (QName) clazz.getDeclaredField("DEFAULT_ELEMENT_NAME").get(null);
35 | object = (T) builderFactory.getBuilder(defaultElementName).buildObject(defaultElementName);
36 | } catch (IllegalAccessException e) {
37 | throw new IllegalArgumentException("Could not create SAML object");
38 | } catch (NoSuchFieldException e) {
39 | throw new IllegalArgumentException("Could not create SAML object");
40 | }
41 |
42 | return object;
43 | }
44 |
45 | public static String generateSecureRandomId() {
46 | return secureRandomIdGenerator.generateIdentifier();
47 | }
48 |
49 | public static void logSAMLObject(final XMLObject object) {
50 | Element element = null;
51 |
52 | if (object instanceof SignableSAMLObject && ((SignableSAMLObject) object).isSigned()
53 | && object.getDOM() != null) {
54 | element = object.getDOM();
55 | } else {
56 | try {
57 | Marshaller out = XMLObjectProviderRegistrySupport.getMarshallerFactory().getMarshaller(object);
58 | out.marshall(object);
59 | element = object.getDOM();
60 |
61 | } catch (MarshallingException e) {
62 | logger.error(e.getMessage(), e);
63 | }
64 | }
65 |
66 | String xmlString = SerializeSupport.prettyPrintXML(element);
67 |
68 | logger.info(xmlString);
69 |
70 | }
71 | }
72 |
--------------------------------------------------------------------------------
/opensaml-http-redirect/src/main/java/no/steras/opensamlSamples/httpRedirect/OpenSAMLUtils.java:
--------------------------------------------------------------------------------
1 | package no.steras.opensamlSamples.httpRedirect;
2 |
3 | import javax.xml.namespace.QName;
4 |
5 | import org.opensaml.core.xml.XMLObject;
6 | import org.opensaml.core.xml.XMLObjectBuilderFactory;
7 | import org.opensaml.core.xml.config.XMLObjectProviderRegistrySupport;
8 | import org.opensaml.core.xml.io.Marshaller;
9 | import org.opensaml.core.xml.io.MarshallingException;
10 | import org.opensaml.saml.common.SignableSAMLObject;
11 | import org.slf4j.Logger;
12 | import org.slf4j.LoggerFactory;
13 | import org.w3c.dom.Element;
14 |
15 | import net.shibboleth.utilities.java.support.security.impl.RandomIdentifierGenerationStrategy;
16 | import net.shibboleth.utilities.java.support.xml.SerializeSupport;
17 |
18 | /**
19 | * Created by Privat on 4/6/14.
20 | */
21 | public class OpenSAMLUtils {
22 | private static Logger logger = LoggerFactory.getLogger(OpenSAMLUtils.class);
23 | private static RandomIdentifierGenerationStrategy secureRandomIdGenerator;
24 |
25 | static {
26 | secureRandomIdGenerator = new RandomIdentifierGenerationStrategy();
27 |
28 | }
29 |
30 | public static T buildSAMLObject(final Class clazz) {
31 | T object = null;
32 | try {
33 | XMLObjectBuilderFactory builderFactory = XMLObjectProviderRegistrySupport.getBuilderFactory();
34 | QName defaultElementName = (QName) clazz.getDeclaredField("DEFAULT_ELEMENT_NAME").get(null);
35 | object = (T) builderFactory.getBuilder(defaultElementName).buildObject(defaultElementName);
36 | } catch (IllegalAccessException e) {
37 | throw new IllegalArgumentException("Could not create SAML object");
38 | } catch (NoSuchFieldException e) {
39 | throw new IllegalArgumentException("Could not create SAML object");
40 | }
41 |
42 | return object;
43 | }
44 |
45 | public static String generateSecureRandomId() {
46 | return secureRandomIdGenerator.generateIdentifier();
47 | }
48 |
49 | public static void logSAMLObject(final XMLObject object) {
50 | Element element = null;
51 |
52 | if (object instanceof SignableSAMLObject && ((SignableSAMLObject) object).isSigned()
53 | && object.getDOM() != null) {
54 | element = object.getDOM();
55 | } else {
56 | try {
57 | Marshaller out = XMLObjectProviderRegistrySupport.getMarshallerFactory().getMarshaller(object);
58 | out.marshall(object);
59 | element = object.getDOM();
60 |
61 | } catch (MarshallingException e) {
62 | logger.error(e.getMessage(), e);
63 | }
64 | }
65 |
66 | String xmlString = SerializeSupport.prettyPrintXML(element);
67 |
68 | logger.info(xmlString);
69 |
70 | }
71 | }
72 |
--------------------------------------------------------------------------------
/opensaml-pretty-print/src/main/java/no/steras/opensamlSamples/prettyprint/OpenSAMLUtils.java:
--------------------------------------------------------------------------------
1 | package no.steras.opensamlSamples.prettyprint;
2 |
3 | import javax.xml.namespace.QName;
4 |
5 | import org.opensaml.core.xml.XMLObject;
6 | import org.opensaml.core.xml.XMLObjectBuilderFactory;
7 | import org.opensaml.core.xml.config.XMLObjectProviderRegistrySupport;
8 | import org.opensaml.core.xml.io.Marshaller;
9 | import org.opensaml.core.xml.io.MarshallingException;
10 | import org.opensaml.saml.common.SignableSAMLObject;
11 | import org.slf4j.Logger;
12 | import org.slf4j.LoggerFactory;
13 | import org.w3c.dom.Element;
14 |
15 | import net.shibboleth.utilities.java.support.security.impl.RandomIdentifierGenerationStrategy;
16 | import net.shibboleth.utilities.java.support.xml.SerializeSupport;
17 |
18 | /**
19 | * Created by Privat on 4/6/14.
20 | */
21 | public class OpenSAMLUtils {
22 | private static Logger logger = LoggerFactory.getLogger(OpenSAMLUtils.class);
23 | private static RandomIdentifierGenerationStrategy secureRandomIdGenerator;
24 |
25 | static {
26 | secureRandomIdGenerator = new RandomIdentifierGenerationStrategy();
27 |
28 | }
29 |
30 | public static T buildSAMLObject(final Class clazz) {
31 | T object = null;
32 | try {
33 | XMLObjectBuilderFactory builderFactory = XMLObjectProviderRegistrySupport.getBuilderFactory();
34 | QName defaultElementName = (QName) clazz.getDeclaredField("DEFAULT_ELEMENT_NAME").get(null);
35 | object = (T) builderFactory.getBuilder(defaultElementName).buildObject(defaultElementName);
36 | } catch (IllegalAccessException e) {
37 | throw new IllegalArgumentException("Could not create SAML object");
38 | } catch (NoSuchFieldException e) {
39 | throw new IllegalArgumentException("Could not create SAML object");
40 | }
41 |
42 | return object;
43 | }
44 |
45 | public static String generateSecureRandomId() {
46 | return secureRandomIdGenerator.generateIdentifier();
47 | }
48 |
49 | public static void logSAMLObject(final XMLObject object) {
50 | Element element = null;
51 |
52 | if (object instanceof SignableSAMLObject && ((SignableSAMLObject) object).isSigned()
53 | && object.getDOM() != null) {
54 | element = object.getDOM();
55 | } else {
56 | try {
57 | Marshaller out = XMLObjectProviderRegistrySupport.getMarshallerFactory().getMarshaller(object);
58 | out.marshall(object);
59 | element = object.getDOM();
60 |
61 | } catch (MarshallingException e) {
62 | logger.error(e.getMessage(), e);
63 | }
64 | }
65 |
66 | String xmlString = SerializeSupport.prettyPrintXML(element);
67 |
68 | logger.info(xmlString);
69 |
70 | }
71 | }
72 |
--------------------------------------------------------------------------------
/no-bootstraping-opensaml-v4/src/main/java/no/steras/opensamlSamples/nobootstrap/v4/OpenSAMLUtils.java:
--------------------------------------------------------------------------------
1 | package no.steras.opensamlSamples.nobootstrap.v4;
2 |
3 | import javax.xml.namespace.QName;
4 |
5 | import org.opensaml.core.xml.XMLObject;
6 | import org.opensaml.core.xml.XMLObjectBuilderFactory;
7 | import org.opensaml.core.xml.config.XMLObjectProviderRegistrySupport;
8 | import org.opensaml.core.xml.io.Marshaller;
9 | import org.opensaml.core.xml.io.MarshallingException;
10 | import org.opensaml.saml.common.SignableSAMLObject;
11 | import org.slf4j.Logger;
12 | import org.slf4j.LoggerFactory;
13 | import org.w3c.dom.Element;
14 |
15 | import net.shibboleth.utilities.java.support.security.impl.RandomIdentifierGenerationStrategy;
16 | import net.shibboleth.utilities.java.support.xml.SerializeSupport;
17 |
18 | /**
19 | * Created by Privat on 4/6/14.
20 | */
21 | public class OpenSAMLUtils {
22 | private static Logger logger = LoggerFactory.getLogger(OpenSAMLUtils.class);
23 | private static RandomIdentifierGenerationStrategy secureRandomIdGenerator;
24 |
25 | static {
26 | secureRandomIdGenerator = new RandomIdentifierGenerationStrategy();
27 |
28 | }
29 |
30 | public static T buildSAMLObject(final Class clazz) {
31 | T object = null;
32 | try {
33 | XMLObjectBuilderFactory builderFactory = XMLObjectProviderRegistrySupport.getBuilderFactory();
34 | QName defaultElementName = (QName) clazz.getDeclaredField("DEFAULT_ELEMENT_NAME").get(null);
35 | object = (T) builderFactory.getBuilder(defaultElementName).buildObject(defaultElementName);
36 | } catch (IllegalAccessException e) {
37 | throw new IllegalArgumentException("Could not create SAML object");
38 | } catch (NoSuchFieldException e) {
39 | throw new IllegalArgumentException("Could not create SAML object");
40 | }
41 |
42 | return object;
43 | }
44 |
45 | public static String generateSecureRandomId() {
46 | return secureRandomIdGenerator.generateIdentifier();
47 | }
48 |
49 | public static void logSAMLObject(final XMLObject object) {
50 | Element element = null;
51 |
52 | if (object instanceof SignableSAMLObject && ((SignableSAMLObject) object).isSigned()
53 | && object.getDOM() != null) {
54 | element = object.getDOM();
55 | } else {
56 | try {
57 | Marshaller out = XMLObjectProviderRegistrySupport.getMarshallerFactory().getMarshaller(object);
58 | out.marshall(object);
59 | element = object.getDOM();
60 |
61 | } catch (MarshallingException e) {
62 | logger.error(e.getMessage(), e);
63 | }
64 | }
65 |
66 | String xmlString = SerializeSupport.prettyPrintXML(element);
67 |
68 | logger.info(xmlString);
69 |
70 | }
71 | }
72 |
--------------------------------------------------------------------------------
/opensaml4-webprofile-demo/src/main/java/no/steras/opensamlSamples/opensaml4WebprofileDemo/OpenSAMLUtils.java:
--------------------------------------------------------------------------------
1 | package no.steras.opensamlSamples.opensaml4WebprofileDemo;
2 |
3 | import javax.xml.namespace.QName;
4 |
5 | import org.opensaml.core.xml.XMLObject;
6 | import org.opensaml.core.xml.XMLObjectBuilderFactory;
7 | import org.opensaml.core.xml.config.XMLObjectProviderRegistrySupport;
8 | import org.opensaml.core.xml.io.Marshaller;
9 | import org.opensaml.core.xml.io.MarshallingException;
10 | import org.opensaml.saml.common.SignableSAMLObject;
11 | import org.slf4j.Logger;
12 | import org.slf4j.LoggerFactory;
13 | import org.w3c.dom.Element;
14 |
15 | import net.shibboleth.utilities.java.support.security.impl.RandomIdentifierGenerationStrategy;
16 | import net.shibboleth.utilities.java.support.xml.SerializeSupport;
17 |
18 | /**
19 | * Created by Privat on 4/6/14.
20 | */
21 | public class OpenSAMLUtils {
22 | private static Logger logger = LoggerFactory.getLogger(OpenSAMLUtils.class);
23 | private static RandomIdentifierGenerationStrategy secureRandomIdGenerator;
24 |
25 | static {
26 | secureRandomIdGenerator = new RandomIdentifierGenerationStrategy();
27 |
28 | }
29 |
30 | public static T buildSAMLObject(final Class clazz) {
31 | T object = null;
32 | try {
33 | XMLObjectBuilderFactory builderFactory = XMLObjectProviderRegistrySupport.getBuilderFactory();
34 | QName defaultElementName = (QName) clazz.getDeclaredField("DEFAULT_ELEMENT_NAME").get(null);
35 | object = (T) builderFactory.getBuilder(defaultElementName).buildObject(defaultElementName);
36 | } catch (IllegalAccessException e) {
37 | throw new IllegalArgumentException("Could not create SAML object");
38 | } catch (NoSuchFieldException e) {
39 | throw new IllegalArgumentException("Could not create SAML object");
40 | }
41 |
42 | return object;
43 | }
44 |
45 | public static String generateSecureRandomId() {
46 | return secureRandomIdGenerator.generateIdentifier();
47 | }
48 |
49 | public static void logSAMLObject(final XMLObject object) {
50 | Element element = null;
51 |
52 | if (object instanceof SignableSAMLObject && ((SignableSAMLObject) object).isSigned()
53 | && object.getDOM() != null) {
54 | element = object.getDOM();
55 | } else {
56 | try {
57 | Marshaller out = XMLObjectProviderRegistrySupport.getMarshallerFactory().getMarshaller(object);
58 | out.marshall(object);
59 | element = object.getDOM();
60 |
61 | } catch (MarshallingException e) {
62 | logger.error(e.getMessage(), e);
63 | }
64 | }
65 |
66 | String xmlString = SerializeSupport.prettyPrintXML(element);
67 |
68 | logger.info(xmlString);
69 |
70 | }
71 | }
72 |
--------------------------------------------------------------------------------
/no-bootstraping-opensaml-v3/src/main/java/no/steras/opensamlSamples/nobootstrap/v3/NoBootstrap.java:
--------------------------------------------------------------------------------
1 | package no.steras.opensamlSamples.nobootstrap.v3;
2 |
3 | import java.util.HashMap;
4 | import java.util.Map;
5 | import org.joda.time.DateTime;
6 |
7 | import org.opensaml.core.config.ConfigurationService;
8 | import org.opensaml.core.config.InitializationException;
9 | import org.opensaml.core.config.InitializationService;
10 | import org.opensaml.core.xml.config.XMLObjectProviderRegistry;
11 | import org.opensaml.core.xml.config.XMLObjectProviderRegistrySupport;
12 | import org.opensaml.core.xml.io.Marshaller;
13 | import org.opensaml.saml.common.xml.SAMLConstants;
14 | import org.opensaml.saml.saml2.core.AuthnRequest;
15 | import org.opensaml.saml.saml2.core.Issuer;
16 | import org.opensaml.saml.saml2.core.NameIDPolicy;
17 | import org.opensaml.saml.saml2.core.NameIDType;
18 | import org.w3c.dom.Element;
19 |
20 | import net.shibboleth.utilities.java.support.xml.BasicParserPool;
21 | import net.shibboleth.utilities.java.support.xml.ParserPool;
22 | import net.shibboleth.utilities.java.support.xml.SerializeSupport;
23 |
24 | public class NoBootstrap {
25 | private static final String MESSAGE_RECEIVER_ENDPOINT = "DUMMY_RECEIVER_ENDPOINT";
26 | private static final String ASSERTION_CONSUMER_ENDPOINT = "DUMMY_ASSERTION_CONSUMER_ENDPOINT";
27 |
28 | public static void main(String[] args) throws Exception {
29 | //initOpenSAML();
30 | AuthnRequest authnRequest = buildAuthnRequest();
31 |
32 | // Pretty print
33 | Marshaller out = XMLObjectProviderRegistrySupport.getMarshallerFactory().getMarshaller(authnRequest);
34 | out.marshall(authnRequest);
35 | Element element = authnRequest.getDOM();
36 | String xmlString = SerializeSupport.prettyPrintXML(element);
37 |
38 | System.out.println(xmlString);
39 | }
40 |
41 | private static void initOpenSAML() {
42 | XMLObjectProviderRegistry registry = new XMLObjectProviderRegistry();
43 | ConfigurationService.register(XMLObjectProviderRegistry.class, registry);
44 |
45 | try {
46 | InitializationService.initialize();
47 | } catch (InitializationException e) {
48 | throw new RuntimeException("Initialization failed");
49 | }
50 | }
51 |
52 | private static AuthnRequest buildAuthnRequest() {
53 | AuthnRequest authnRequest = OpenSAMLUtils.buildSAMLObject(AuthnRequest.class);
54 | authnRequest.setIssueInstant(new DateTime());
55 | authnRequest.setDestination(MESSAGE_RECEIVER_ENDPOINT);
56 | authnRequest.setProtocolBinding(SAMLConstants.SAML2_ARTIFACT_BINDING_URI);
57 | authnRequest.setAssertionConsumerServiceURL(ASSERTION_CONSUMER_ENDPOINT);
58 | authnRequest.setID(OpenSAMLUtils.generateSecureRandomId());
59 | authnRequest.setIssuer(null);
60 | authnRequest.setNameIDPolicy(null);
61 |
62 | return authnRequest;
63 | }
64 |
65 | }
66 |
--------------------------------------------------------------------------------
/opensaml4-webprofile-demo/src/main/java/no/steras/opensamlSamples/opensaml4WebprofileDemo/sp/SPCredentials.java:
--------------------------------------------------------------------------------
1 | package no.steras.opensamlSamples.opensaml4WebprofileDemo.sp;
2 |
3 | import net.shibboleth.utilities.java.support.resolver.CriteriaSet;
4 | import net.shibboleth.utilities.java.support.resolver.Criterion;
5 | import net.shibboleth.utilities.java.support.resolver.ResolverException;
6 | import org.opensaml.core.criterion.EntityIdCriterion;
7 | import org.opensaml.security.credential.Credential;
8 | import org.opensaml.security.credential.impl.KeyStoreCredentialResolver;
9 | import org.slf4j.Logger;
10 | import org.slf4j.LoggerFactory;
11 |
12 | import java.io.FileInputStream;
13 | import java.io.InputStream;
14 | import java.net.URL;
15 | import java.security.*;
16 | import java.util.Collections;
17 | import java.util.HashMap;
18 | import java.util.Map;
19 |
20 | /**
21 | * Created by Privat on 13/05/14.
22 | */
23 | public class SPCredentials {
24 | private static final String KEY_STORE_PASSWORD = "password";
25 | private static final String KEY_STORE_ENTRY_PASSWORD = "password";
26 | private static final String KEY_STORE_PATH = "/SPKeystore.jks";
27 | private static final String KEY_ENTRY_ID = "SPKey";
28 |
29 | private static final Credential credential;
30 |
31 | static {
32 | try {
33 | KeyStore keystore = readKeystoreFromFile(KEY_STORE_PATH, KEY_STORE_PASSWORD);
34 | Map passwordMap = new HashMap();
35 | passwordMap.put(KEY_ENTRY_ID, KEY_STORE_ENTRY_PASSWORD);
36 | KeyStoreCredentialResolver resolver = new KeyStoreCredentialResolver(keystore, passwordMap);
37 |
38 | Criterion criterion = new EntityIdCriterion(KEY_ENTRY_ID);
39 | CriteriaSet criteriaSet = new CriteriaSet();
40 | criteriaSet.add(criterion);
41 |
42 | credential = resolver.resolveSingle(criteriaSet);
43 |
44 | } catch (ResolverException e) {
45 | throw new RuntimeException("Something went wrong reading credentials", e);
46 | }
47 | }
48 |
49 | private static KeyStore readKeystoreFromFile(String pathToKeyStore, String keyStorePassword) {
50 | try {
51 | KeyStore keystore = KeyStore.getInstance(KeyStore.getDefaultType());
52 | InputStream inputStream = SPCredentials.class.getResourceAsStream(pathToKeyStore);
53 | keystore.load(inputStream, keyStorePassword.toCharArray());
54 | inputStream.close();
55 | return keystore;
56 | } catch (Exception e) {
57 | throw new RuntimeException("Something went wrong reading keystore", e);
58 | }
59 | }
60 |
61 | public static Credential getCredential() {
62 | return credential;
63 | }
64 |
65 |
66 | }
67 |
--------------------------------------------------------------------------------
/no-bootstraping-opensaml-v4/src/main/java/no/steras/opensamlSamples/nobootstrap/v4/NoBootstrap.java:
--------------------------------------------------------------------------------
1 | package no.steras.opensamlSamples.nobootstrap.v4;
2 |
3 | import java.time.Instant;
4 | import java.util.HashMap;
5 | import java.util.Map;
6 |
7 | import org.opensaml.core.config.ConfigurationService;
8 | import org.opensaml.core.config.InitializationException;
9 | import org.opensaml.core.config.InitializationService;
10 | import org.opensaml.core.xml.config.XMLObjectProviderRegistry;
11 | import org.opensaml.core.xml.config.XMLObjectProviderRegistrySupport;
12 | import org.opensaml.core.xml.io.Marshaller;
13 | import org.opensaml.saml.common.xml.SAMLConstants;
14 | import org.opensaml.saml.saml2.core.AuthnRequest;
15 | import org.opensaml.saml.saml2.core.Issuer;
16 | import org.opensaml.saml.saml2.core.NameIDPolicy;
17 | import org.opensaml.saml.saml2.core.NameIDType;
18 | import org.w3c.dom.Element;
19 |
20 | import net.shibboleth.utilities.java.support.xml.BasicParserPool;
21 | import net.shibboleth.utilities.java.support.xml.ParserPool;
22 | import net.shibboleth.utilities.java.support.xml.SerializeSupport;
23 |
24 | public class NoBootstrap {
25 | private static final String MESSAGE_RECEIVER_ENDPOINT = "DUMMY_RECEIVER_ENDPOINT";
26 | private static final String ASSERTION_CONSUMER_ENDPOINT = "DUMMY_ASSERTION_CONSUMER_ENDPOINT";
27 |
28 | public static void main(String[] args) throws Exception {
29 | //initOpenSAML();
30 | AuthnRequest authnRequest = buildAuthnRequest();
31 |
32 | // Pretty print
33 | Marshaller out = XMLObjectProviderRegistrySupport.getMarshallerFactory().getMarshaller(authnRequest);
34 | out.marshall(authnRequest);
35 | Element element = authnRequest.getDOM();
36 | String xmlString = SerializeSupport.prettyPrintXML(element);
37 |
38 | System.out.println(xmlString);
39 | }
40 |
41 | private static void initOpenSAML() throws Exception {
42 | try {
43 | XMLObjectProviderRegistry registry = new XMLObjectProviderRegistry();
44 | ConfigurationService.register(XMLObjectProviderRegistry.class, registry);
45 |
46 | InitializationService.initialize();
47 | } catch (InitializationException e) {
48 | throw new RuntimeException("Initialization failed");
49 | }
50 |
51 | }
52 |
53 | private static AuthnRequest buildAuthnRequest() {
54 | AuthnRequest authnRequest = OpenSAMLUtils.buildSAMLObject(AuthnRequest.class);
55 | authnRequest.setIssueInstant(Instant.now());
56 | authnRequest.setDestination(MESSAGE_RECEIVER_ENDPOINT);
57 | authnRequest.setProtocolBinding(SAMLConstants.SAML2_ARTIFACT_BINDING_URI);
58 | authnRequest.setAssertionConsumerServiceURL(ASSERTION_CONSUMER_ENDPOINT);
59 | authnRequest.setID(OpenSAMLUtils.generateSecureRandomId());
60 | authnRequest.setIssuer(null);
61 | authnRequest.setNameIDPolicy(null);
62 |
63 | return authnRequest;
64 | }
65 |
66 | }
67 |
--------------------------------------------------------------------------------
/opensaml-http-redirect/pom.xml:
--------------------------------------------------------------------------------
1 |
2 |
5 | 4.0.0
6 |
7 | no.steras.opensaml-samples
8 | opensaml-http-redirect
9 | 1.0-SNAPSHOT
10 | war
11 |
12 |
13 | 4.1.1
14 |
15 |
16 |
17 | org.opensaml
18 | opensaml-core
19 | ${opensaml.version}
20 |
21 |
22 | org.opensaml
23 | opensaml-saml-api
24 | ${opensaml.version}
25 |
26 |
27 | org.opensaml
28 | opensaml-saml-impl
29 | ${opensaml.version}
30 |
31 |
32 | org.opensaml
33 | opensaml-messaging-api
34 | ${opensaml.version}
35 |
36 |
37 | org.opensaml
38 | opensaml-messaging-impl
39 | ${opensaml.version}
40 |
41 |
42 | org.opensaml
43 | opensaml-soap-api
44 | ${opensaml.version}
45 |
46 |
47 | org.opensaml
48 | opensaml-soap-impl
49 | ${opensaml.version}
50 |
51 |
52 | ch.qos.logback
53 | logback-core
54 | 1.1.7
55 |
56 |
57 | ch.qos.logback
58 | logback-classic
59 | 1.1.7
60 |
61 |
62 | javax.servlet
63 | javax.servlet-api
64 | 3.1.0
65 | provided
66 |
67 |
68 | commons-logging
69 | commons-logging
70 | 1.2
71 |
72 |
73 |
74 |
75 | shib-release
76 | https://build.shibboleth.net/nexus/content/repositories/releases
77 |
78 |
79 |
80 |
--------------------------------------------------------------------------------
/opensaml4-webprofile-demo/pom.xml:
--------------------------------------------------------------------------------
1 |
2 |
5 | 4.0.0
6 |
7 | no.steras.opensaml-samples
8 | opensaml4-webprofile-demo
9 | 1.0-SNAPSHOT
10 | war
11 |
12 |
13 | 4.1.1
14 |
15 |
16 |
17 | org.opensaml
18 | opensaml-core
19 | ${opensaml.version}
20 |
21 |
22 | org.opensaml
23 | opensaml-saml-api
24 | ${opensaml.version}
25 |
26 |
27 | org.opensaml
28 | opensaml-saml-impl
29 | ${opensaml.version}
30 |
31 |
32 | org.opensaml
33 | opensaml-messaging-api
34 | ${opensaml.version}
35 |
36 |
37 | org.opensaml
38 | opensaml-messaging-impl
39 | ${opensaml.version}
40 |
41 |
42 | org.opensaml
43 | opensaml-soap-api
44 | ${opensaml.version}
45 |
46 |
47 | org.opensaml
48 | opensaml-soap-impl
49 | ${opensaml.version}
50 |
51 |
52 | ch.qos.logback
53 | logback-core
54 | 1.1.7
55 |
56 |
57 | ch.qos.logback
58 | logback-classic
59 | 1.1.7
60 |
61 |
62 | javax.servlet
63 | javax.servlet-api
64 | 3.1.0
65 | provided
66 |
67 |
68 | commons-logging
69 | commons-logging
70 | 1.2
71 |
72 |
73 |
74 |
75 | shib-release
76 | https://build.shibboleth.net/nexus/content/repositories/releases
77 |
78 |
79 |
--------------------------------------------------------------------------------
/getting-started-opensamlv3/pom.xml:
--------------------------------------------------------------------------------
1 |
2 |
5 | 4.0.0
6 |
7 | no.steras.opensamlbook
8 | webprofile-ref-project
9 | 1.0-SNAPSHOT
10 | war
11 |
12 |
13 | 1.8
14 | 1.8
15 | 3.2.0
16 |
17 |
18 |
19 | org.opensaml
20 | opensaml-core
21 | ${opensaml.version}
22 |
23 |
24 | org.opensaml
25 | opensaml-saml-api
26 | ${opensaml.version}
27 |
28 |
29 | org.opensaml
30 | opensaml-saml-impl
31 | ${opensaml.version}
32 |
33 |
34 | org.opensaml
35 | opensaml-messaging-api
36 | ${opensaml.version}
37 |
38 |
39 | org.opensaml
40 | opensaml-messaging-impl
41 | ${opensaml.version}
42 |
43 |
44 | org.opensaml
45 | opensaml-soap-api
46 | ${opensaml.version}
47 |
48 |
49 | org.opensaml
50 | opensaml-soap-impl
51 | ${opensaml.version}
52 |
53 |
54 | ch.qos.logback
55 | logback-core
56 | 1.1.7
57 |
58 |
59 | ch.qos.logback
60 | logback-classic
61 | 1.1.7
62 |
63 |
64 | javax.servlet
65 | javax.servlet-api
66 | 3.1.0
67 | provided
68 |
69 |
70 | commons-logging
71 | commons-logging
72 | 1.2
73 |
74 |
75 |
76 |
77 | shib-release
78 | https://build.shibboleth.net/nexus/content/repositories/releases
79 |
80 |
81 |
--------------------------------------------------------------------------------
/no-bootstraping-opensaml-v3/pom.xml:
--------------------------------------------------------------------------------
1 |
2 |
5 | 4.0.0
6 |
7 | no.steras.opensamlbook
8 | webprofile-ref-project
9 | 1.0-SNAPSHOT
10 | war
11 |
12 |
13 | 1.8
14 | 1.8
15 | 3.2.0
16 |
17 |
18 |
19 | org.opensaml
20 | opensaml-core
21 | ${opensaml.version}
22 |
23 |
24 | org.opensaml
25 | opensaml-saml-api
26 | ${opensaml.version}
27 |
28 |
29 | org.opensaml
30 | opensaml-saml-impl
31 | ${opensaml.version}
32 |
33 |
34 | org.opensaml
35 | opensaml-messaging-api
36 | ${opensaml.version}
37 |
38 |
39 | org.opensaml
40 | opensaml-messaging-impl
41 | ${opensaml.version}
42 |
43 |
44 | org.opensaml
45 | opensaml-soap-api
46 | ${opensaml.version}
47 |
48 |
49 | org.opensaml
50 | opensaml-soap-impl
51 | ${opensaml.version}
52 |
53 |
54 | ch.qos.logback
55 | logback-core
56 | 1.1.7
57 |
58 |
59 | ch.qos.logback
60 | logback-classic
61 | 1.1.7
62 |
63 |
64 | javax.servlet
65 | javax.servlet-api
66 | 3.1.0
67 | provided
68 |
69 |
70 | commons-logging
71 | commons-logging
72 | 1.2
73 |
74 |
75 |
76 |
77 | shib-release
78 | https://build.shibboleth.net/nexus/content/repositories/releases
79 |
80 |
81 |
--------------------------------------------------------------------------------
/opensaml-http-post/pom.xml:
--------------------------------------------------------------------------------
1 |
2 |
5 | 4.0.0
6 |
7 | no.steras.opensaml-samples
8 | opensaml-http-post
9 | 1.0-SNAPSHOT
10 | war
11 |
12 |
13 | 4.1.1
14 | 2.3
15 |
16 | 1.8
17 | 1.8
18 |
19 |
20 |
21 | org.apache.velocity
22 | velocity-engine-core
23 | ${velocity.version}
24 |
25 |
26 | org.opensaml
27 | opensaml-core
28 | ${opensaml.version}
29 |
30 |
31 | org.opensaml
32 | opensaml-saml-api
33 | ${opensaml.version}
34 |
35 |
36 | org.opensaml
37 | opensaml-saml-impl
38 | ${opensaml.version}
39 |
40 |
41 | org.opensaml
42 | opensaml-messaging-api
43 | ${opensaml.version}
44 |
45 |
46 | org.opensaml
47 | opensaml-messaging-impl
48 | ${opensaml.version}
49 |
50 |
51 | org.opensaml
52 | opensaml-soap-api
53 | ${opensaml.version}
54 |
55 |
56 | org.opensaml
57 | opensaml-soap-impl
58 | ${opensaml.version}
59 |
60 |
61 | ch.qos.logback
62 | logback-core
63 | 1.1.7
64 |
65 |
66 | ch.qos.logback
67 | logback-classic
68 | 1.1.7
69 |
70 |
71 | javax.servlet
72 | javax.servlet-api
73 | 3.1.0
74 | provided
75 |
76 |
77 | commons-logging
78 | commons-logging
79 | 1.2
80 |
81 |
82 |
83 |
84 | shib-release
85 | https://build.shibboleth.net/nexus/content/repositories/releases
86 |
87 |
88 |
89 |
--------------------------------------------------------------------------------
/opensaml-signing-and-verification/pom.xml:
--------------------------------------------------------------------------------
1 |
2 |
5 | 4.0.0
6 |
7 | no.steras.opensaml-samples
8 | opensaml-signing-and-verification
9 | 1.0-SNAPSHOT
10 | war
11 |
12 |
13 | 4.1.1
14 | 2.3
15 |
16 | 1.8
17 | 1.8
18 |
19 |
20 |
21 | org.apache.velocity
22 | velocity-engine-core
23 | ${velocity.version}
24 |
25 |
26 | org.opensaml
27 | opensaml-core
28 | ${opensaml.version}
29 |
30 |
31 | org.opensaml
32 | opensaml-saml-api
33 | ${opensaml.version}
34 |
35 |
36 | org.opensaml
37 | opensaml-saml-impl
38 | ${opensaml.version}
39 |
40 |
41 | org.opensaml
42 | opensaml-messaging-api
43 | ${opensaml.version}
44 |
45 |
46 | org.opensaml
47 | opensaml-messaging-impl
48 | ${opensaml.version}
49 |
50 |
51 | org.opensaml
52 | opensaml-soap-api
53 | ${opensaml.version}
54 |
55 |
56 | org.opensaml
57 | opensaml-soap-impl
58 | ${opensaml.version}
59 |
60 |
61 | ch.qos.logback
62 | logback-core
63 | 1.1.7
64 |
65 |
66 | ch.qos.logback
67 | logback-classic
68 | 1.1.7
69 |
70 |
71 | javax.servlet
72 | javax.servlet-api
73 | 3.1.0
74 | provided
75 |
76 |
77 | commons-logging
78 | commons-logging
79 | 1.2
80 |
81 |
82 |
83 |
84 | shib-release
85 | https://build.shibboleth.net/nexus/content/repositories/releases
86 |
87 |
88 |
89 |
--------------------------------------------------------------------------------
/no-bootstraping-opensaml-v3/src/main/java/no/steras/opensamlSamples/nobootstrap/v3/OpenSAMLUtils.java:
--------------------------------------------------------------------------------
1 | package no.steras.opensamlSamples.nobootstrap.v3;
2 |
3 | import net.shibboleth.utilities.java.support.security.RandomIdentifierGenerationStrategy;
4 | import org.opensaml.core.xml.XMLObject;
5 | import org.opensaml.core.xml.XMLObjectBuilderFactory;
6 | import org.opensaml.core.xml.config.XMLObjectProviderRegistrySupport;
7 | import org.opensaml.core.xml.io.Marshaller;
8 | import org.opensaml.core.xml.io.MarshallingException;
9 | import org.opensaml.saml.common.SignableSAMLObject;
10 | import org.opensaml.soap.soap11.Body;
11 | import org.opensaml.soap.soap11.Envelope;
12 | import org.slf4j.Logger;
13 | import org.slf4j.LoggerFactory;
14 | import org.w3c.dom.Document;
15 | import org.w3c.dom.Element;
16 |
17 | import javax.xml.namespace.QName;
18 | import javax.xml.parsers.DocumentBuilder;
19 | import javax.xml.parsers.DocumentBuilderFactory;
20 | import javax.xml.parsers.ParserConfigurationException;
21 | import javax.xml.transform.*;
22 | import javax.xml.transform.dom.DOMSource;
23 | import javax.xml.transform.stream.StreamResult;
24 | import java.io.StringWriter;
25 | import java.security.NoSuchAlgorithmException;
26 |
27 | public class OpenSAMLUtils {
28 | private static Logger logger = LoggerFactory.getLogger(OpenSAMLUtils.class);
29 | private static RandomIdentifierGenerationStrategy secureRandomIdGenerator;
30 |
31 | static {
32 | secureRandomIdGenerator = new RandomIdentifierGenerationStrategy();
33 |
34 | }
35 |
36 | public static T buildSAMLObject(final Class clazz) {
37 | T object = null;
38 | try {
39 | XMLObjectBuilderFactory builderFactory = XMLObjectProviderRegistrySupport.getBuilderFactory();
40 | QName defaultElementName = (QName)clazz.getDeclaredField("DEFAULT_ELEMENT_NAME").get(null);
41 | object = (T)builderFactory.getBuilder(defaultElementName).buildObject(defaultElementName);
42 | } catch (IllegalAccessException e) {
43 | throw new IllegalArgumentException("Could not create SAML object");
44 | } catch (NoSuchFieldException e) {
45 | throw new IllegalArgumentException("Could not create SAML object");
46 | }
47 |
48 | return object;
49 | }
50 |
51 | public static String generateSecureRandomId() {
52 | return secureRandomIdGenerator.generateIdentifier();
53 | }
54 |
55 | public static void logSAMLObject(final XMLObject object) {
56 | Element element = null;
57 |
58 | if (object instanceof SignableSAMLObject && ((SignableSAMLObject)object).isSigned() && object.getDOM() != null) {
59 | element = object.getDOM();
60 | } else {
61 | try {
62 | Marshaller out = XMLObjectProviderRegistrySupport.getMarshallerFactory().getMarshaller(object);
63 | out.marshall(object);
64 | element = object.getDOM();
65 |
66 | } catch (MarshallingException e) {
67 | logger.error(e.getMessage(), e);
68 | }
69 | }
70 |
71 | try {
72 | Transformer transformer = TransformerFactory.newInstance().newTransformer();
73 | transformer.setOutputProperty(OutputKeys.INDENT, "yes");
74 | StreamResult result = new StreamResult(new StringWriter());
75 | DOMSource source = new DOMSource(element);
76 |
77 | transformer.transform(source, result);
78 | String xmlString = result.getWriter().toString();
79 |
80 | logger.info(xmlString);
81 | } catch (TransformerConfigurationException e) {
82 | e.printStackTrace();
83 | } catch (TransformerException e) {
84 | e.printStackTrace();
85 | }
86 | }
87 | }
88 |
--------------------------------------------------------------------------------
/getting-started-opensamlv3/src/main/java/com/samlsecurity/opensamlSamples/gettingStartedAuthnrequest/OpenSAMLUtils.java:
--------------------------------------------------------------------------------
1 | package com.samlsecurity.opensamlSamples.gettingStartedAuthnrequest;
2 |
3 | import net.shibboleth.utilities.java.support.security.RandomIdentifierGenerationStrategy;
4 | import org.opensaml.core.xml.XMLObject;
5 | import org.opensaml.core.xml.XMLObjectBuilderFactory;
6 | import org.opensaml.core.xml.config.XMLObjectProviderRegistrySupport;
7 | import org.opensaml.core.xml.io.Marshaller;
8 | import org.opensaml.core.xml.io.MarshallingException;
9 | import org.opensaml.saml.common.SignableSAMLObject;
10 | import org.opensaml.soap.soap11.Body;
11 | import org.opensaml.soap.soap11.Envelope;
12 | import org.slf4j.Logger;
13 | import org.slf4j.LoggerFactory;
14 | import org.w3c.dom.Document;
15 | import org.w3c.dom.Element;
16 |
17 | import javax.xml.namespace.QName;
18 | import javax.xml.parsers.DocumentBuilder;
19 | import javax.xml.parsers.DocumentBuilderFactory;
20 | import javax.xml.parsers.ParserConfigurationException;
21 | import javax.xml.transform.*;
22 | import javax.xml.transform.dom.DOMSource;
23 | import javax.xml.transform.stream.StreamResult;
24 | import java.io.StringWriter;
25 | import java.security.NoSuchAlgorithmException;
26 |
27 | public class OpenSAMLUtils {
28 | private static Logger logger = LoggerFactory.getLogger(OpenSAMLUtils.class);
29 | private static RandomIdentifierGenerationStrategy secureRandomIdGenerator;
30 |
31 | static {
32 | secureRandomIdGenerator = new RandomIdentifierGenerationStrategy();
33 |
34 | }
35 |
36 | public static T buildSAMLObject(final Class clazz) {
37 | T object = null;
38 | try {
39 | XMLObjectBuilderFactory builderFactory = XMLObjectProviderRegistrySupport.getBuilderFactory();
40 | QName defaultElementName = (QName)clazz.getDeclaredField("DEFAULT_ELEMENT_NAME").get(null);
41 | object = (T)builderFactory.getBuilder(defaultElementName).buildObject(defaultElementName);
42 | } catch (IllegalAccessException e) {
43 | throw new IllegalArgumentException("Could not create SAML object");
44 | } catch (NoSuchFieldException e) {
45 | throw new IllegalArgumentException("Could not create SAML object");
46 | }
47 |
48 | return object;
49 | }
50 |
51 | public static String generateSecureRandomId() {
52 | return secureRandomIdGenerator.generateIdentifier();
53 | }
54 |
55 | public static void logSAMLObject(final XMLObject object) {
56 | Element element = null;
57 |
58 | if (object instanceof SignableSAMLObject && ((SignableSAMLObject)object).isSigned() && object.getDOM() != null) {
59 | element = object.getDOM();
60 | } else {
61 | try {
62 | Marshaller out = XMLObjectProviderRegistrySupport.getMarshallerFactory().getMarshaller(object);
63 | out.marshall(object);
64 | element = object.getDOM();
65 |
66 | } catch (MarshallingException e) {
67 | logger.error(e.getMessage(), e);
68 | }
69 | }
70 |
71 | try {
72 | Transformer transformer = TransformerFactory.newInstance().newTransformer();
73 | transformer.setOutputProperty(OutputKeys.INDENT, "yes");
74 | StreamResult result = new StreamResult(new StringWriter());
75 | DOMSource source = new DOMSource(element);
76 |
77 | transformer.transform(source, result);
78 | String xmlString = result.getWriter().toString();
79 |
80 | logger.info(xmlString);
81 | } catch (TransformerConfigurationException e) {
82 | e.printStackTrace();
83 | } catch (TransformerException e) {
84 | e.printStackTrace();
85 | }
86 | }
87 | }
88 |
--------------------------------------------------------------------------------
/getting-started-authnrequest/pom.xml:
--------------------------------------------------------------------------------
1 |
2 |
5 | 4.0.0
6 |
7 | no.steras.opensaml-samples
8 | getting-started-authnrequest
9 | 1.0-SNAPSHOT
10 | war
11 |
12 |
13 | 4.1.1
14 | 3.0.0
15 |
16 |
17 |
18 | org.opensaml
19 | opensaml-core
20 | ${opensaml.version}
21 | compile
22 |
23 |
24 | org.opensaml
25 | opensaml-saml-api
26 | ${opensaml.version}
27 | compile
28 |
29 |
30 | org.opensaml
31 | opensaml-saml-impl
32 | ${opensaml.version}
33 | compile
34 |
35 |
36 | org.opensaml
37 | opensaml-soap-api
38 | ${opensaml.version}
39 | compile
40 |
41 |
42 | org.opensaml
43 | opensaml-xmlsec-api
44 | ${opensaml.version}
45 |
46 |
47 | org.opensaml
48 | opensaml-security-api
49 | ${opensaml.version}
50 |
51 |
52 | org.opensaml
53 | opensaml-security-impl
54 | ${opensaml.version}
55 |
56 |
57 | org.opensaml
58 | opensaml-profile-api
59 | ${opensaml.version}
60 |
61 |
62 | org.opensaml
63 | opensaml-profile-impl
64 | ${opensaml.version}
65 |
66 |
67 | org.opensaml
68 | opensaml-messaging-api
69 | ${opensaml.version}
70 |
71 |
72 | org.opensaml
73 | opensaml-messaging-impl
74 | ${opensaml.version}
75 |
76 |
77 | org.opensaml
78 | opensaml-storage-impl
79 | ${opensaml.version}
80 |
81 |
82 | org.opensaml
83 | opensaml-xmlsec-impl
84 | ${opensaml.version}
85 |
86 |
87 | javax.servlet
88 | javax.servlet-api
89 | provided
90 | 3.1.0
91 |
92 |
93 | net.shibboleth.tool
94 | xmlsectool
95 | ${xmlsectool.version}
96 |
97 |
98 | commons-logging
99 | commons-logging
100 | 1.2
101 |
102 |
103 |
104 |
105 | shib-release
106 | https://build.shibboleth.net/nexus/content/repositories/releases
107 |
108 |
109 |
--------------------------------------------------------------------------------
/opensaml-signing-and-verification/src/main/java/no/steras/opensamlSamples/signingVerification/OpenSAMLUtils.java:
--------------------------------------------------------------------------------
1 | package no.steras.opensamlSamples.signingVerification;
2 |
3 | import java.util.HashMap;
4 | import java.util.Map;
5 |
6 | import javax.xml.namespace.QName;
7 |
8 | import org.opensaml.core.xml.XMLObject;
9 | import org.opensaml.core.xml.XMLObjectBuilderFactory;
10 | import org.opensaml.core.xml.config.XMLObjectProviderRegistrySupport;
11 | import org.opensaml.core.xml.io.Marshaller;
12 | import org.opensaml.core.xml.io.MarshallingException;
13 | import org.opensaml.saml.common.SignableSAMLObject;
14 | import org.slf4j.Logger;
15 | import org.slf4j.LoggerFactory;
16 | import org.w3c.dom.Element;
17 |
18 | import net.shibboleth.utilities.java.support.component.ComponentInitializationException;
19 | import net.shibboleth.utilities.java.support.security.impl.RandomIdentifierGenerationStrategy;
20 | import net.shibboleth.utilities.java.support.xml.BasicParserPool;
21 | import net.shibboleth.utilities.java.support.xml.ParserPool;
22 | import net.shibboleth.utilities.java.support.xml.SerializeSupport;
23 |
24 | /**
25 | * Created by Privat on 4/6/14.
26 | */
27 | public class OpenSAMLUtils {
28 | private static Logger logger = LoggerFactory.getLogger(OpenSAMLUtils.class);
29 | private static RandomIdentifierGenerationStrategy secureRandomIdGenerator;
30 |
31 | static {
32 | secureRandomIdGenerator = new RandomIdentifierGenerationStrategy();
33 |
34 | }
35 |
36 | public static T buildSAMLObject(final Class clazz) {
37 | T object = null;
38 | try {
39 | XMLObjectBuilderFactory builderFactory = XMLObjectProviderRegistrySupport.getBuilderFactory();
40 | QName defaultElementName = (QName) clazz.getDeclaredField("DEFAULT_ELEMENT_NAME").get(null);
41 | object = (T) builderFactory.getBuilder(defaultElementName).buildObject(defaultElementName);
42 | } catch (IllegalAccessException e) {
43 | throw new IllegalArgumentException("Could not create SAML object");
44 | } catch (NoSuchFieldException e) {
45 | throw new IllegalArgumentException("Could not create SAML object");
46 | }
47 |
48 | return object;
49 | }
50 |
51 | public static String generateSecureRandomId() {
52 | return secureRandomIdGenerator.generateIdentifier();
53 | }
54 |
55 | public static void logSAMLObject(final XMLObject object) {
56 | Element element = null;
57 |
58 | if (object instanceof SignableSAMLObject && ((SignableSAMLObject) object).isSigned()
59 | && object.getDOM() != null) {
60 | element = object.getDOM();
61 | } else {
62 | try {
63 | Marshaller out = XMLObjectProviderRegistrySupport.getMarshallerFactory().getMarshaller(object);
64 | out.marshall(object);
65 | element = object.getDOM();
66 |
67 | } catch (MarshallingException e) {
68 | logger.error(e.getMessage(), e);
69 | }
70 | }
71 |
72 | String xmlString = SerializeSupport.prettyPrintXML(element);
73 |
74 | logger.info(xmlString);
75 |
76 | }
77 |
78 | public static ParserPool getParserPool() {
79 | BasicParserPool parserPool = new BasicParserPool();
80 | parserPool.setMaxPoolSize(100);
81 | parserPool.setCoalescing(true);
82 | parserPool.setIgnoreComments(true);
83 | parserPool.setIgnoreElementContentWhitespace(true);
84 | parserPool.setNamespaceAware(true);
85 | parserPool.setExpandEntityReferences(false);
86 | parserPool.setXincludeAware(false);
87 |
88 | final Map features = new HashMap();
89 | features.put("http://xml.org/sax/features/external-general-entities", Boolean.FALSE);
90 | features.put("http://xml.org/sax/features/external-parameter-entities", Boolean.FALSE);
91 | features.put("http://apache.org/xml/features/disallow-doctype-decl", Boolean.TRUE);
92 | features.put("http://apache.org/xml/features/validation/schema/normalized-value", Boolean.FALSE);
93 | features.put("http://javax.xml.XMLConstants/feature/secure-processing", Boolean.TRUE);
94 |
95 | parserPool.setBuilderFeatures(features);
96 |
97 | parserPool.setBuilderAttributes(new HashMap());
98 |
99 | try {
100 | parserPool.initialize();
101 | } catch (ComponentInitializationException e) {
102 | logger.error(e.getMessage(), e);
103 | }
104 |
105 | return parserPool;
106 | }
107 | }
108 |
--------------------------------------------------------------------------------
/getting-started-authnrequest/src/main/java/com/samlsecurity/opensamlSamples/gettingStartedAuthnrequest/GenAuthnRequest.java:
--------------------------------------------------------------------------------
1 | package com.samlsecurity.opensamlSamples.gettingStartedAuthnrequest;
2 |
3 | import java.time.Instant;
4 | import java.util.HashMap;
5 | import java.util.Map;
6 |
7 | import org.opensaml.core.config.ConfigurationService;
8 | import org.opensaml.core.config.InitializationException;
9 | import org.opensaml.core.config.InitializationService;
10 | import org.opensaml.core.xml.config.XMLObjectProviderRegistry;
11 | import org.opensaml.saml.common.xml.SAMLConstants;
12 | import org.opensaml.saml.saml2.core.AuthnRequest;
13 | import org.opensaml.saml.saml2.core.Issuer;
14 | import org.opensaml.saml.saml2.core.NameIDPolicy;
15 | import org.opensaml.saml.saml2.core.NameIDType;
16 | import org.slf4j.Logger;
17 | import org.slf4j.LoggerFactory;
18 |
19 | import net.shibboleth.utilities.java.support.component.ComponentInitializationException;
20 | import net.shibboleth.utilities.java.support.xml.BasicParserPool;
21 | import net.shibboleth.utilities.java.support.xml.ParserPool;
22 |
23 | public class GenAuthnRequest {
24 | private static final String IPD_SSO_DESTINATION = "https://idp.example.com/singleSingOnService";
25 | private static final String SP_ASSERTION_CONSUMER_SERVICE_URL = "https://sp.example.com/assertionConsumerService";
26 | private static final String SP_ISSUED_ID = "IssuerEntityId";
27 | private static Logger logger = LoggerFactory.getLogger(GenAuthnRequest.class);
28 |
29 | public static void main(String[] args) {
30 |
31 | initOpenSAML();
32 | AuthnRequest authnRequest = buildAuthnRequest();
33 | OpenSAMLUtils.logSAMLObject(authnRequest);
34 | }
35 |
36 | private static void initOpenSAML() {
37 | XMLObjectProviderRegistry registry = new XMLObjectProviderRegistry();
38 | ConfigurationService.register(XMLObjectProviderRegistry.class, registry);
39 |
40 | registry.setParserPool(getParserPool());
41 | try {
42 | InitializationService.initialize();
43 | } catch (InitializationException e) {
44 | logger.error(e.getMessage(), e);
45 | }
46 | }
47 |
48 | private static ParserPool getParserPool() {
49 | BasicParserPool parserPool = new BasicParserPool();
50 | parserPool.setMaxPoolSize(100);
51 | parserPool.setCoalescing(true);
52 | parserPool.setIgnoreComments(true);
53 | parserPool.setIgnoreElementContentWhitespace(true);
54 | parserPool.setNamespaceAware(true);
55 | parserPool.setExpandEntityReferences(false);
56 | parserPool.setXincludeAware(false);
57 |
58 | final Map features = new HashMap();
59 | features.put("http://xml.org/sax/features/external-general-entities", Boolean.FALSE);
60 | features.put("http://xml.org/sax/features/external-parameter-entities", Boolean.FALSE);
61 | features.put("http://apache.org/xml/features/disallow-doctype-decl", Boolean.TRUE);
62 | features.put("http://apache.org/xml/features/validation/schema/normalized-value", Boolean.FALSE);
63 | features.put("http://javax.xml.XMLConstants/feature/secure-processing", Boolean.TRUE);
64 |
65 | parserPool.setBuilderFeatures(features);
66 |
67 | parserPool.setBuilderAttributes(new HashMap());
68 |
69 | try {
70 | parserPool.initialize();
71 | } catch (ComponentInitializationException e) {
72 | logger.error(e.getMessage(), e);
73 | }
74 |
75 | return parserPool;
76 | }
77 |
78 | private static AuthnRequest buildAuthnRequest() {
79 | AuthnRequest authnRequest = OpenSAMLUtils.buildSAMLObject(AuthnRequest.class);
80 | authnRequest.setIssueInstant(Instant.now());
81 | authnRequest.setDestination(IPD_SSO_DESTINATION);
82 | authnRequest.setProtocolBinding(SAMLConstants.SAML2_ARTIFACT_BINDING_URI);
83 | authnRequest.setAssertionConsumerServiceURL(SP_ASSERTION_CONSUMER_SERVICE_URL);
84 | authnRequest.setID(OpenSAMLUtils.generateSecureRandomId());
85 | authnRequest.setIssuer(buildIssuer());
86 | authnRequest.setNameIDPolicy(buildNameIdPolicy());
87 |
88 | return authnRequest;
89 | }
90 |
91 | private static NameIDPolicy buildNameIdPolicy() {
92 | NameIDPolicy nameIDPolicy = OpenSAMLUtils.buildSAMLObject(NameIDPolicy.class);
93 | nameIDPolicy.setAllowCreate(true);
94 | nameIDPolicy.setFormat(NameIDType.TRANSIENT);
95 |
96 | return nameIDPolicy;
97 | }
98 |
99 | private static Issuer buildIssuer() {
100 | Issuer issuer = OpenSAMLUtils.buildSAMLObject(Issuer.class);
101 | issuer.setValue(SP_ISSUED_ID);
102 |
103 | return issuer;
104 | }
105 |
106 | }
107 |
--------------------------------------------------------------------------------
/getting-started-opensamlv3/src/main/java/com/samlsecurity/opensamlSamples/gettingStartedAuthnrequest/GenAuthnRequest.java:
--------------------------------------------------------------------------------
1 | package com.samlsecurity.opensamlSamples.gettingStartedAuthnrequest;
2 |
3 | import java.util.HashMap;
4 | import java.util.Map;
5 |
6 | import org.joda.time.DateTime;
7 | import org.opensaml.core.config.ConfigurationService;
8 | import org.opensaml.core.config.InitializationException;
9 | import org.opensaml.core.config.InitializationService;
10 | import org.opensaml.core.xml.config.XMLObjectProviderRegistry;
11 | import org.opensaml.saml.common.xml.SAMLConstants;
12 | import org.opensaml.saml.saml2.core.AuthnRequest;
13 | import org.opensaml.saml.saml2.core.Issuer;
14 | import org.opensaml.saml.saml2.core.NameIDPolicy;
15 | import org.opensaml.saml.saml2.core.NameIDType;
16 | import org.slf4j.Logger;
17 | import org.slf4j.LoggerFactory;
18 |
19 | import net.shibboleth.utilities.java.support.component.ComponentInitializationException;
20 | import net.shibboleth.utilities.java.support.xml.BasicParserPool;
21 | import net.shibboleth.utilities.java.support.xml.ParserPool;
22 |
23 | public class GenAuthnRequest {
24 | private static final String IPD_SSO_DESTINATION = "https://idp.example.com/singleSingOnService";
25 | private static final String SP_ASSERTION_CONSUMER_SERVICE_URL = "https://sp.example.com/assertionConsumerService";
26 | private static final String SP_ISSUED_ID = "IssuerEntityId";
27 | private static Logger logger = LoggerFactory.getLogger(GenAuthnRequest.class);
28 |
29 | public static void main(String[] args) {
30 |
31 | initOpenSAML();
32 | AuthnRequest authnRequest = buildAuthnRequest();
33 | OpenSAMLUtils.logSAMLObject(authnRequest);
34 | }
35 |
36 | private static void initOpenSAML() {
37 | XMLObjectProviderRegistry registry = new XMLObjectProviderRegistry();
38 | ConfigurationService.register(XMLObjectProviderRegistry.class, registry);
39 |
40 | registry.setParserPool(getParserPool());
41 | try {
42 | InitializationService.initialize();
43 | } catch (InitializationException e) {
44 | logger.error(e.getMessage(), e);
45 | }
46 | }
47 |
48 | private static ParserPool getParserPool() {
49 | BasicParserPool parserPool = new BasicParserPool();
50 | parserPool.setMaxPoolSize(100);
51 | parserPool.setCoalescing(true);
52 | parserPool.setIgnoreComments(true);
53 | parserPool.setIgnoreElementContentWhitespace(true);
54 | parserPool.setNamespaceAware(true);
55 | parserPool.setExpandEntityReferences(false);
56 | parserPool.setXincludeAware(false);
57 |
58 | final Map features = new HashMap();
59 | features.put("http://xml.org/sax/features/external-general-entities", Boolean.FALSE);
60 | features.put("http://xml.org/sax/features/external-parameter-entities", Boolean.FALSE);
61 | features.put("http://apache.org/xml/features/disallow-doctype-decl", Boolean.TRUE);
62 | features.put("http://apache.org/xml/features/validation/schema/normalized-value", Boolean.FALSE);
63 | features.put("http://javax.xml.XMLConstants/feature/secure-processing", Boolean.TRUE);
64 |
65 | parserPool.setBuilderFeatures(features);
66 |
67 | parserPool.setBuilderAttributes(new HashMap());
68 |
69 | try {
70 | parserPool.initialize();
71 | } catch (ComponentInitializationException e) {
72 | logger.error(e.getMessage(), e);
73 | }
74 |
75 | return parserPool;
76 | }
77 |
78 | private static AuthnRequest buildAuthnRequest() {
79 | AuthnRequest authnRequest = OpenSAMLUtils.buildSAMLObject(AuthnRequest.class);
80 | authnRequest.setIssueInstant(new DateTime());
81 | authnRequest.setDestination(IPD_SSO_DESTINATION);
82 | authnRequest.setProtocolBinding(SAMLConstants.SAML2_ARTIFACT_BINDING_URI);
83 | authnRequest.setAssertionConsumerServiceURL(SP_ASSERTION_CONSUMER_SERVICE_URL);
84 | authnRequest.setID(OpenSAMLUtils.generateSecureRandomId());
85 | authnRequest.setIssuer(buildIssuer());
86 | authnRequest.setNameIDPolicy(buildNameIdPolicy());
87 |
88 | return authnRequest;
89 | }
90 |
91 | private static NameIDPolicy buildNameIdPolicy() {
92 | NameIDPolicy nameIDPolicy = OpenSAMLUtils.buildSAMLObject(NameIDPolicy.class);
93 | nameIDPolicy.setAllowCreate(true);
94 | nameIDPolicy.setFormat(NameIDType.TRANSIENT);
95 |
96 | return nameIDPolicy;
97 | }
98 |
99 | private static Issuer buildIssuer() {
100 | Issuer issuer = OpenSAMLUtils.buildSAMLObject(Issuer.class);
101 | issuer.setValue(SP_ISSUED_ID);
102 |
103 | return issuer;
104 | }
105 |
106 | }
107 |
--------------------------------------------------------------------------------
/opensaml-pretty-print/src/main/java/no/steras/opensamlSamples/prettyprint/Prettyprint.java:
--------------------------------------------------------------------------------
1 | package no.steras.opensamlSamples.prettyprint;
2 |
3 | import java.time.Instant;
4 | import java.util.HashMap;
5 | import java.util.Map;
6 |
7 | import org.opensaml.core.config.ConfigurationService;
8 | import org.opensaml.core.config.InitializationException;
9 | import org.opensaml.core.config.InitializationService;
10 | import org.opensaml.core.xml.config.XMLObjectProviderRegistry;
11 | import org.opensaml.core.xml.config.XMLObjectProviderRegistrySupport;
12 | import org.opensaml.core.xml.io.Marshaller;
13 | import org.opensaml.saml.common.xml.SAMLConstants;
14 | import org.opensaml.saml.saml2.core.AuthnRequest;
15 | import org.opensaml.saml.saml2.core.Issuer;
16 | import org.opensaml.saml.saml2.core.NameIDPolicy;
17 | import org.opensaml.saml.saml2.core.NameIDType;
18 | import org.w3c.dom.Element;
19 |
20 | import net.shibboleth.utilities.java.support.xml.BasicParserPool;
21 | import net.shibboleth.utilities.java.support.xml.ParserPool;
22 | import net.shibboleth.utilities.java.support.xml.SerializeSupport;
23 |
24 | public class Prettyprint {
25 | private static final String MESSAGE_RECEIVER_ENDPOINT = "DUMMY_RECEIVER_ENDPOINT";
26 | private static final String ASSERTION_CONSUMER_ENDPOINT = "DUMMY_ASSERTION_CONSUMER_ENDPOINT";
27 | private static final String ISSUER = "DUMMY_ISSUER_ID";
28 |
29 | public static void main(String[] args) throws Exception {
30 | initOpenSAML();
31 | AuthnRequest authnRequest = buildAuthnRequest();
32 |
33 | // Pretty print
34 | Marshaller out = XMLObjectProviderRegistrySupport.getMarshallerFactory().getMarshaller(authnRequest);
35 | out.marshall(authnRequest);
36 | Element element = authnRequest.getDOM();
37 | String xmlString = SerializeSupport.prettyPrintXML(element);
38 |
39 | System.out.println(xmlString);
40 | }
41 |
42 | private static void initOpenSAML() throws Exception {
43 | try {
44 | XMLObjectProviderRegistry registry = new XMLObjectProviderRegistry();
45 | ConfigurationService.register(XMLObjectProviderRegistry.class, registry);
46 |
47 | registry.setParserPool(getParserPool());
48 | InitializationService.initialize();
49 | } catch (InitializationException e) {
50 | throw new RuntimeException("Initialization failed");
51 | }
52 |
53 | }
54 |
55 | private static AuthnRequest buildAuthnRequest() {
56 | AuthnRequest authnRequest = OpenSAMLUtils.buildSAMLObject(AuthnRequest.class);
57 | authnRequest.setIssueInstant(Instant.now());
58 | authnRequest.setDestination(MESSAGE_RECEIVER_ENDPOINT);
59 | authnRequest.setProtocolBinding(SAMLConstants.SAML2_ARTIFACT_BINDING_URI);
60 | authnRequest.setAssertionConsumerServiceURL(ASSERTION_CONSUMER_ENDPOINT);
61 | authnRequest.setID(OpenSAMLUtils.generateSecureRandomId());
62 | authnRequest.setIssuer(buildIssuer());
63 | authnRequest.setNameIDPolicy(buildNameIdPolicy());
64 |
65 | return authnRequest;
66 | }
67 |
68 | private static NameIDPolicy buildNameIdPolicy() {
69 | NameIDPolicy nameIDPolicy = OpenSAMLUtils.buildSAMLObject(NameIDPolicy.class);
70 | nameIDPolicy.setAllowCreate(true);
71 |
72 | nameIDPolicy.setFormat(NameIDType.TRANSIENT);
73 |
74 | return nameIDPolicy;
75 | }
76 |
77 | private static Issuer buildIssuer() {
78 | Issuer issuer = OpenSAMLUtils.buildSAMLObject(Issuer.class);
79 | issuer.setValue(ISSUER);
80 |
81 | return issuer;
82 | }
83 |
84 | private static ParserPool getParserPool() throws Exception {
85 | BasicParserPool parserPool = new BasicParserPool();
86 | parserPool.setMaxPoolSize(100);
87 | parserPool.setCoalescing(true);
88 | parserPool.setIgnoreComments(true);
89 | parserPool.setIgnoreElementContentWhitespace(true);
90 | parserPool.setNamespaceAware(true);
91 | parserPool.setExpandEntityReferences(false);
92 | parserPool.setXincludeAware(false);
93 |
94 | final Map features = new HashMap();
95 | features.put("http://xml.org/sax/features/external-general-entities", Boolean.FALSE);
96 | features.put("http://xml.org/sax/features/external-parameter-entities", Boolean.FALSE);
97 | features.put("http://apache.org/xml/features/disallow-doctype-decl", Boolean.TRUE);
98 | features.put("http://apache.org/xml/features/validation/schema/normalized-value", Boolean.FALSE);
99 | features.put("http://javax.xml.XMLConstants/feature/secure-processing", Boolean.TRUE);
100 |
101 | parserPool.setBuilderFeatures(features);
102 |
103 | parserPool.setBuilderAttributes(new HashMap());
104 |
105 | parserPool.initialize();
106 |
107 | return parserPool;
108 | }
109 |
110 | }
111 |
--------------------------------------------------------------------------------
/opensaml-http-redirect/src/main/java/no/steras/opensamlSamples/httpRedirect/RedirectServlet.java:
--------------------------------------------------------------------------------
1 | package no.steras.opensamlSamples.httpRedirect;
2 |
3 | import java.io.IOException;
4 | import java.io.Writer;
5 | import java.time.Instant;
6 | import java.util.HashMap;
7 | import java.util.Map;
8 |
9 | import javax.servlet.ServletException;
10 | import javax.servlet.http.HttpServlet;
11 | import javax.servlet.http.HttpServletRequest;
12 | import javax.servlet.http.HttpServletResponse;
13 |
14 | import org.opensaml.core.config.ConfigurationService;
15 | import org.opensaml.core.config.InitializationException;
16 | import org.opensaml.core.config.InitializationService;
17 | import org.opensaml.core.xml.config.XMLObjectProviderRegistry;
18 | import org.opensaml.messaging.context.MessageContext;
19 | import org.opensaml.messaging.encoder.MessageEncodingException;
20 | import org.opensaml.saml.common.messaging.context.SAMLBindingContext;
21 | import org.opensaml.saml.common.messaging.context.SAMLEndpointContext;
22 | import org.opensaml.saml.common.messaging.context.SAMLPeerEntityContext;
23 | import org.opensaml.saml.common.xml.SAMLConstants;
24 | import org.opensaml.saml.saml2.binding.encoding.impl.HTTPRedirectDeflateEncoder;
25 | import org.opensaml.saml.saml2.core.AuthnRequest;
26 | import org.opensaml.saml.saml2.core.Issuer;
27 | import org.opensaml.saml.saml2.core.NameIDPolicy;
28 | import org.opensaml.saml.saml2.core.NameIDType;
29 | import org.opensaml.saml.saml2.metadata.Endpoint;
30 | import org.opensaml.saml.saml2.metadata.SingleSignOnService;
31 | import org.slf4j.Logger;
32 | import org.slf4j.LoggerFactory;
33 |
34 | import net.shibboleth.utilities.java.support.component.ComponentInitializationException;
35 | import net.shibboleth.utilities.java.support.xml.BasicParserPool;
36 | import net.shibboleth.utilities.java.support.xml.ParserPool;
37 |
38 | /**
39 | * Created by Privat on 4/6/14.
40 | */
41 | public class RedirectServlet extends HttpServlet {
42 | private static Logger logger = LoggerFactory.getLogger(RedirectServlet.class);
43 |
44 | private static final String MESSAGE_RECEIVER_ENDPOINT = "http://localhost:8080/opensaml-http-redirect/receiverPage";
45 | private static final String ASSERTION_CONSUMER_ENDPOINT = "The should be the endpoint that should recieve the result of the authentication";
46 | private static final String ISSUER = "This should be the sender entityId";
47 |
48 | @Override
49 | public void init() throws ServletException {
50 | try {
51 | XMLObjectProviderRegistry registry = new XMLObjectProviderRegistry();
52 | ConfigurationService.register(XMLObjectProviderRegistry.class, registry);
53 |
54 | registry.setParserPool(getParserPool());
55 |
56 | logger.info("Initializing");
57 | InitializationService.initialize();
58 | } catch (InitializationException e) {
59 | throw new RuntimeException("Initialization failed");
60 | }
61 | }
62 |
63 | private static ParserPool getParserPool() {
64 | BasicParserPool parserPool = new BasicParserPool();
65 | parserPool.setMaxPoolSize(100);
66 | parserPool.setCoalescing(true);
67 | parserPool.setIgnoreComments(true);
68 | parserPool.setIgnoreElementContentWhitespace(true);
69 | parserPool.setNamespaceAware(true);
70 | parserPool.setExpandEntityReferences(false);
71 | parserPool.setXincludeAware(false);
72 |
73 | final Map features = new HashMap();
74 | features.put("http://xml.org/sax/features/external-general-entities", Boolean.FALSE);
75 | features.put("http://xml.org/sax/features/external-parameter-entities", Boolean.FALSE);
76 | features.put("http://apache.org/xml/features/disallow-doctype-decl", Boolean.TRUE);
77 | features.put("http://apache.org/xml/features/validation/schema/normalized-value", Boolean.FALSE);
78 | features.put("http://javax.xml.XMLConstants/feature/secure-processing", Boolean.TRUE);
79 |
80 | parserPool.setBuilderFeatures(features);
81 |
82 | parserPool.setBuilderAttributes(new HashMap());
83 |
84 | try {
85 | parserPool.initialize();
86 | } catch (ComponentInitializationException e) {
87 | logger.error(e.getMessage(), e);
88 | }
89 |
90 | return parserPool;
91 | }
92 |
93 | @Override
94 | protected void doGet(final HttpServletRequest req, final HttpServletResponse resp)
95 | throws ServletException, IOException {
96 | Writer w = resp.getWriter();
97 |
98 | resp.setContentType("text/html");
99 | w.append("" + ""
100 | + "Click the button to send the AuthnRequest using HTTP Redirect
" + "" + "");
102 | }
103 |
104 | @Override
105 | protected void doPost(final HttpServletRequest req, final HttpServletResponse resp)
106 | throws ServletException, IOException {
107 | AuthnRequest authnRequest = buildAuthnRequest();
108 | redirectUserWithRequest(resp, authnRequest);
109 | }
110 |
111 | private AuthnRequest buildAuthnRequest() {
112 | AuthnRequest authnRequest = OpenSAMLUtils.buildSAMLObject(AuthnRequest.class);
113 | authnRequest.setIssueInstant(Instant.now());
114 | authnRequest.setDestination(MESSAGE_RECEIVER_ENDPOINT);
115 | authnRequest.setProtocolBinding(SAMLConstants.SAML2_ARTIFACT_BINDING_URI);
116 | authnRequest.setAssertionConsumerServiceURL(ASSERTION_CONSUMER_ENDPOINT);
117 | authnRequest.setID(OpenSAMLUtils.generateSecureRandomId());
118 | authnRequest.setIssuer(buildIssuer());
119 | authnRequest.setNameIDPolicy(buildNameIdPolicy());
120 |
121 | return authnRequest;
122 | }
123 |
124 | private NameIDPolicy buildNameIdPolicy() {
125 | NameIDPolicy nameIDPolicy = OpenSAMLUtils.buildSAMLObject(NameIDPolicy.class);
126 | nameIDPolicy.setAllowCreate(true);
127 |
128 | nameIDPolicy.setFormat(NameIDType.TRANSIENT);
129 |
130 | return nameIDPolicy;
131 | }
132 |
133 | private Issuer buildIssuer() {
134 | Issuer issuer = OpenSAMLUtils.buildSAMLObject(Issuer.class);
135 | issuer.setValue(ISSUER);
136 |
137 | return issuer;
138 | }
139 |
140 | private void redirectUserWithRequest(HttpServletResponse httpServletResponse, AuthnRequest authnRequest) {
141 |
142 | MessageContext context = new MessageContext();
143 |
144 | context.setMessage(authnRequest);
145 |
146 | SAMLBindingContext bindingContext = context.getSubcontext(SAMLBindingContext.class, true);
147 | bindingContext.setRelayState("teststate");
148 |
149 | SAMLPeerEntityContext peerEntityContext = context.getSubcontext(SAMLPeerEntityContext.class, true);
150 |
151 | SAMLEndpointContext endpointContext = peerEntityContext.getSubcontext(SAMLEndpointContext.class, true);
152 | endpointContext.setEndpoint(URLToEndpoint(MESSAGE_RECEIVER_ENDPOINT));
153 |
154 | HTTPRedirectDeflateEncoder encoder = new HTTPRedirectDeflateEncoder();
155 |
156 | encoder.setMessageContext(context);
157 | encoder.setHttpServletResponse(httpServletResponse);
158 |
159 | try {
160 | encoder.initialize();
161 | } catch (ComponentInitializationException e) {
162 | throw new RuntimeException(e);
163 | }
164 |
165 | logger.info("Redirecting to receiver with AuthnRequest");
166 | try {
167 | encoder.encode();
168 | } catch (MessageEncodingException e) {
169 | throw new RuntimeException(e);
170 | }
171 | }
172 |
173 | private Endpoint URLToEndpoint(String URL) {
174 | SingleSignOnService endpoint = OpenSAMLUtils.buildSAMLObject(SingleSignOnService.class);
175 | endpoint.setBinding(SAMLConstants.SAML2_REDIRECT_BINDING_URI);
176 | endpoint.setLocation(URL);
177 |
178 | return endpoint;
179 | }
180 | }
181 |
--------------------------------------------------------------------------------
/opensaml-signing-and-verification/src/main/java/no/steras/opensamlSamples/signingVerification/ReceiverServlet.java:
--------------------------------------------------------------------------------
1 | package no.steras.opensamlSamples.signingVerification;
2 |
3 | import java.io.File;
4 | import java.io.IOException;
5 | import java.io.Writer;
6 |
7 | import javax.servlet.ServletException;
8 | import javax.servlet.http.HttpServlet;
9 | import javax.servlet.http.HttpServletRequest;
10 | import javax.servlet.http.HttpServletResponse;
11 |
12 | import org.opensaml.core.criterion.EntityIdCriterion;
13 | import org.opensaml.messaging.context.MessageContext;
14 | import org.opensaml.saml.common.binding.security.impl.SAMLProtocolMessageXMLSignatureSecurityHandler;
15 | import org.opensaml.saml.common.messaging.context.SAMLPeerEntityContext;
16 | import org.opensaml.saml.common.messaging.context.SAMLProtocolContext;
17 | import org.opensaml.saml.common.xml.SAMLConstants;
18 | import org.opensaml.saml.criterion.EntityRoleCriterion;
19 | import org.opensaml.saml.criterion.ProtocolCriterion;
20 | import org.opensaml.saml.metadata.resolver.impl.FilesystemMetadataResolver;
21 | import org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver;
22 | import org.opensaml.saml.saml2.binding.decoding.impl.HTTPPostDecoder;
23 | import org.opensaml.saml.saml2.core.AuthnRequest;
24 | import org.opensaml.saml.saml2.metadata.SPSSODescriptor;
25 | import org.opensaml.saml.security.impl.MetadataCredentialResolver;
26 | import org.opensaml.saml.security.impl.SAMLSignatureProfileValidator;
27 | import org.opensaml.security.SecurityException;
28 | import org.opensaml.security.credential.Credential;
29 | import org.opensaml.security.credential.UsageType;
30 | import org.opensaml.security.criteria.UsageCriterion;
31 | import org.opensaml.xmlsec.SignatureValidationParameters;
32 | import org.opensaml.xmlsec.config.impl.DefaultSecurityConfigurationBootstrap;
33 | import org.opensaml.xmlsec.context.SecurityParametersContext;
34 | import org.opensaml.xmlsec.keyinfo.KeyInfoCredentialResolver;
35 | import org.opensaml.xmlsec.signature.support.SignatureValidator;
36 | import org.opensaml.xmlsec.signature.support.impl.ExplicitKeySignatureTrustEngine;
37 | import org.slf4j.Logger;
38 | import org.slf4j.LoggerFactory;
39 |
40 | import net.shibboleth.utilities.java.support.resolver.CriteriaSet;
41 |
42 | public class ReceiverServlet extends HttpServlet {
43 | private static Logger logger = LoggerFactory.getLogger(ReceiverServlet.class);
44 | private static final String SENDER_METADATA_PATH = "sender-metadata.xml";
45 | private static final String SENDER_ENTITY_ID = "sender.example.com";
46 |
47 | @Override
48 | protected void doPost(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
49 |
50 | HTTPPostDecoder decoder = new HTTPPostDecoder();
51 | decoder.setHttpServletRequest(req);
52 |
53 | AuthnRequest authnRequest;
54 | try {
55 | decoder.initialize();
56 |
57 | decoder.decode();
58 | MessageContext messageContext = decoder.getMessageContext();
59 | authnRequest = (AuthnRequest) messageContext.getMessage();
60 | logger.info("verifySignatureUsingSignatureValidator");
61 | verifySignatureUsingSignatureValidator(authnRequest);
62 | logger.info("verifySignatureUsingMessageHandler");
63 | verifySignatureUsingMessageHandler(messageContext);
64 |
65 | } catch (Exception e) {
66 | throw new RuntimeException(e);
67 | }
68 |
69 | logger.info("AuthnRequest message: ");
70 | OpenSAMLUtils.logSAMLObject(authnRequest);
71 |
72 | Writer w = resp.getWriter();
73 | resp.setContentType("text/html");
74 | w.append("" + ""
75 | + "Message recieved and signature verified. Results in the console log
" + ""
76 | + "");
77 | }
78 |
79 | private MetadataCredentialResolver getMetadataCredentialResolver() throws Exception {
80 | final MetadataCredentialResolver metadataCredentialResolver = new MetadataCredentialResolver();
81 |
82 | File metadataFile = new File(getClass().getClassLoader().getResource(SENDER_METADATA_PATH).toURI());
83 |
84 | final FilesystemMetadataResolver metadataResolver = new FilesystemMetadataResolver(metadataFile);
85 | metadataResolver.setId(metadataResolver.getClass().getCanonicalName());
86 | metadataResolver.setParserPool(OpenSAMLUtils.getParserPool());
87 | metadataResolver.initialize();
88 |
89 | final PredicateRoleDescriptorResolver roleResolver = new PredicateRoleDescriptorResolver(metadataResolver);
90 |
91 | final KeyInfoCredentialResolver keyResolver = DefaultSecurityConfigurationBootstrap
92 | .buildBasicInlineKeyInfoCredentialResolver();
93 |
94 | metadataCredentialResolver.setKeyInfoCredentialResolver(keyResolver);
95 | metadataCredentialResolver.setRoleDescriptorResolver(roleResolver);
96 |
97 | metadataCredentialResolver.initialize();
98 | roleResolver.initialize();
99 |
100 | return metadataCredentialResolver;
101 | }
102 |
103 | private void verifySignatureUsingSignatureValidator(AuthnRequest authnRequest) throws Exception {
104 | // Get resolver to extract public key from metadata
105 | MetadataCredentialResolver metadataCredentialResolver = getMetadataCredentialResolver();
106 |
107 | // Set criterion to get relevant certificate
108 | CriteriaSet criteriaSet = new CriteriaSet();
109 |
110 | criteriaSet.add(new UsageCriterion(UsageType.SIGNING));
111 | criteriaSet.add(new EntityRoleCriterion(SPSSODescriptor.DEFAULT_ELEMENT_NAME));
112 | criteriaSet.add(new ProtocolCriterion(SAMLConstants.SAML20P_NS));
113 | criteriaSet.add(new EntityIdCriterion(SENDER_ENTITY_ID));
114 |
115 | // Resolve credential
116 | Credential credential = metadataCredentialResolver.resolveSingle(criteriaSet);
117 |
118 | // Verify signature format
119 | SAMLSignatureProfileValidator profileValidator = new SAMLSignatureProfileValidator();
120 | profileValidator.validate(authnRequest.getSignature());
121 |
122 | // Verify signature
123 | SignatureValidator.validate(authnRequest.getSignature(), credential);
124 | logger.info("Signature verified using SignatureValidator");
125 | }
126 |
127 | private ExplicitKeySignatureTrustEngine buildTrustEngine() throws Exception {
128 | final KeyInfoCredentialResolver keyInfoResolver = DefaultSecurityConfigurationBootstrap
129 | .buildBasicInlineKeyInfoCredentialResolver();
130 | ExplicitKeySignatureTrustEngine trustEngine = new ExplicitKeySignatureTrustEngine(
131 | getMetadataCredentialResolver(), keyInfoResolver);
132 |
133 | return trustEngine;
134 |
135 | }
136 |
137 | private SignatureValidationParameters buildSignatureValidationParameters() throws Exception {
138 | SignatureValidationParameters validationParameters = new SignatureValidationParameters();
139 | validationParameters.setSignatureTrustEngine(buildTrustEngine());
140 | return validationParameters;
141 | }
142 |
143 | private void verifySignatureUsingMessageHandler(MessageContext context) throws Exception {
144 | SecurityParametersContext secParamsContext = context.getSubcontext(SecurityParametersContext.class, true);
145 | secParamsContext.setSignatureValidationParameters(buildSignatureValidationParameters());
146 |
147 | SAMLPeerEntityContext peerEntityContext = context.getSubcontext(SAMLPeerEntityContext.class, true);
148 | peerEntityContext.setEntityId(SENDER_ENTITY_ID);
149 | peerEntityContext.setRole(SPSSODescriptor.DEFAULT_ELEMENT_NAME);
150 |
151 | SAMLProtocolContext protocolContext = context.getSubcontext(SAMLProtocolContext.class, true);
152 | protocolContext.setProtocol(SAMLConstants.SAML20P_NS);
153 |
154 | SAMLProtocolMessageXMLSignatureSecurityHandler signatureValidationHanlder = new SAMLProtocolMessageXMLSignatureSecurityHandler();
155 | signatureValidationHanlder.invoke(context);
156 |
157 | if (!peerEntityContext.isAuthenticated()) {
158 | throw new SecurityException("Message not signed");
159 | }
160 | }
161 | }
162 |
--------------------------------------------------------------------------------
/opensaml-http-post/src/main/java/no/steras/opensamlSamples/httpPost/PostServlet.java:
--------------------------------------------------------------------------------
1 | package no.steras.opensamlSamples.httpPost;
2 |
3 | import java.io.IOException;
4 | import java.io.Writer;
5 | import java.time.Instant;
6 | import java.util.HashMap;
7 | import java.util.Map;
8 |
9 | import javax.servlet.ServletException;
10 | import javax.servlet.http.HttpServlet;
11 | import javax.servlet.http.HttpServletRequest;
12 | import javax.servlet.http.HttpServletResponse;
13 |
14 | import org.apache.velocity.app.VelocityEngine;
15 | import org.apache.velocity.runtime.RuntimeConstants;
16 | import org.opensaml.core.config.ConfigurationService;
17 | import org.opensaml.core.config.InitializationException;
18 | import org.opensaml.core.config.InitializationService;
19 | import org.opensaml.core.xml.config.XMLObjectProviderRegistry;
20 | import org.opensaml.messaging.context.MessageContext;
21 | import org.opensaml.messaging.encoder.MessageEncodingException;
22 | import org.opensaml.saml.common.messaging.context.SAMLBindingContext;
23 | import org.opensaml.saml.common.messaging.context.SAMLEndpointContext;
24 | import org.opensaml.saml.common.messaging.context.SAMLPeerEntityContext;
25 | import org.opensaml.saml.common.xml.SAMLConstants;
26 | import org.opensaml.saml.saml2.binding.encoding.impl.HTTPPostEncoder;
27 | import org.opensaml.saml.saml2.core.AuthnRequest;
28 | import org.opensaml.saml.saml2.core.Issuer;
29 | import org.opensaml.saml.saml2.core.NameIDPolicy;
30 | import org.opensaml.saml.saml2.core.NameIDType;
31 | import org.opensaml.saml.saml2.metadata.Endpoint;
32 | import org.opensaml.saml.saml2.metadata.SingleSignOnService;
33 | import org.slf4j.Logger;
34 | import org.slf4j.LoggerFactory;
35 |
36 | import net.shibboleth.utilities.java.support.component.ComponentInitializationException;
37 | import net.shibboleth.utilities.java.support.xml.BasicParserPool;
38 | import net.shibboleth.utilities.java.support.xml.ParserPool;
39 |
40 | /**
41 | * Created by Privat on 4/6/14.
42 | */
43 | public class PostServlet extends HttpServlet {
44 | private static Logger logger = LoggerFactory.getLogger(PostServlet.class);
45 |
46 | private static final String MESSAGE_RECEIVER_ENDPOINT = "http://localhost:8080/opensaml-http-post/receiverPage";
47 | private static final String ASSERTION_CONSUMER_ENDPOINT = "The should be the endpoint that should recieve the result of the authentication";
48 | private static final String ISSUER = "This should be the sender entityId";
49 |
50 | @Override
51 | public void init() throws ServletException {
52 | try {
53 | XMLObjectProviderRegistry registry = new XMLObjectProviderRegistry();
54 | ConfigurationService.register(XMLObjectProviderRegistry.class, registry);
55 |
56 | registry.setParserPool(getParserPool());
57 |
58 | logger.info("Initializing");
59 | InitializationService.initialize();
60 | } catch (InitializationException e) {
61 | throw new RuntimeException("Initialization failed");
62 | }
63 | }
64 |
65 | private static ParserPool getParserPool() {
66 | BasicParserPool parserPool = new BasicParserPool();
67 | parserPool.setMaxPoolSize(100);
68 | parserPool.setCoalescing(true);
69 | parserPool.setIgnoreComments(true);
70 | parserPool.setIgnoreElementContentWhitespace(true);
71 | parserPool.setNamespaceAware(true);
72 | parserPool.setExpandEntityReferences(false);
73 | parserPool.setXincludeAware(false);
74 |
75 | final Map features = new HashMap();
76 | features.put("http://xml.org/sax/features/external-general-entities", Boolean.FALSE);
77 | features.put("http://xml.org/sax/features/external-parameter-entities", Boolean.FALSE);
78 | features.put("http://apache.org/xml/features/disallow-doctype-decl", Boolean.TRUE);
79 | features.put("http://apache.org/xml/features/validation/schema/normalized-value", Boolean.FALSE);
80 | features.put("http://javax.xml.XMLConstants/feature/secure-processing", Boolean.TRUE);
81 |
82 | parserPool.setBuilderFeatures(features);
83 |
84 | parserPool.setBuilderAttributes(new HashMap());
85 |
86 | try {
87 | parserPool.initialize();
88 | } catch (ComponentInitializationException e) {
89 | logger.error(e.getMessage(), e);
90 | }
91 |
92 | return parserPool;
93 | }
94 |
95 | @Override
96 | protected void doGet(final HttpServletRequest req, final HttpServletResponse resp)
97 | throws ServletException, IOException {
98 | Writer w = resp.getWriter();
99 |
100 | resp.setContentType("text/html");
101 | w.append("" + ""
102 | + "Click the button to send the AuthnRequest using HTTP POST
" + "" + "");
104 | }
105 |
106 | @Override
107 | protected void doPost(final HttpServletRequest req, final HttpServletResponse resp)
108 | throws ServletException, IOException {
109 | AuthnRequest authnRequest = buildAuthnRequest();
110 | sendMessageUsingPOST(resp, authnRequest);
111 | }
112 |
113 | private AuthnRequest buildAuthnRequest() {
114 | AuthnRequest authnRequest = OpenSAMLUtils.buildSAMLObject(AuthnRequest.class);
115 | authnRequest.setIssueInstant(Instant.now());
116 | authnRequest.setDestination(MESSAGE_RECEIVER_ENDPOINT);
117 | authnRequest.setProtocolBinding(SAMLConstants.SAML2_ARTIFACT_BINDING_URI);
118 | authnRequest.setAssertionConsumerServiceURL(ASSERTION_CONSUMER_ENDPOINT);
119 | authnRequest.setID(OpenSAMLUtils.generateSecureRandomId());
120 | authnRequest.setIssuer(buildIssuer());
121 | authnRequest.setNameIDPolicy(buildNameIdPolicy());
122 |
123 | return authnRequest;
124 | }
125 |
126 | private NameIDPolicy buildNameIdPolicy() {
127 | NameIDPolicy nameIDPolicy = OpenSAMLUtils.buildSAMLObject(NameIDPolicy.class);
128 | nameIDPolicy.setAllowCreate(true);
129 |
130 | nameIDPolicy.setFormat(NameIDType.TRANSIENT);
131 |
132 | return nameIDPolicy;
133 | }
134 |
135 | private Issuer buildIssuer() {
136 | Issuer issuer = OpenSAMLUtils.buildSAMLObject(Issuer.class);
137 | issuer.setValue(ISSUER);
138 |
139 | return issuer;
140 | }
141 |
142 | private void sendMessageUsingPOST(HttpServletResponse httpServletResponse, AuthnRequest authnRequest) {
143 |
144 | MessageContext context = new MessageContext();
145 |
146 | context.setMessage(authnRequest);
147 |
148 | SAMLBindingContext bindingContext = context.getSubcontext(SAMLBindingContext.class, true);
149 | bindingContext.setRelayState("teststate");
150 |
151 | SAMLPeerEntityContext peerEntityContext = context.getSubcontext(SAMLPeerEntityContext.class, true);
152 |
153 | SAMLEndpointContext endpointContext = peerEntityContext.getSubcontext(SAMLEndpointContext.class, true);
154 | endpointContext.setEndpoint(URLToEndpoint(MESSAGE_RECEIVER_ENDPOINT));
155 |
156 | VelocityEngine velocityEngine = new VelocityEngine();
157 | velocityEngine.setProperty(RuntimeConstants.RESOURCE_LOADERS, "classpath");
158 | velocityEngine.setProperty("classpath.resource.loader.class",
159 | "org.apache.velocity.runtime.resource.loader.ClasspathResourceLoader");
160 | velocityEngine.init();
161 |
162 | HTTPPostEncoder encoder = new HTTPPostEncoder();
163 |
164 | encoder.setMessageContext(context);
165 | encoder.setHttpServletResponse(httpServletResponse);
166 | encoder.setVelocityEngine(velocityEngine);
167 |
168 | try {
169 | encoder.initialize();
170 | } catch (ComponentInitializationException e) {
171 | throw new RuntimeException(e);
172 | }
173 |
174 | logger.info("Sending auto-sumbitting form to receiver with AuthnRequest");
175 | try {
176 | encoder.encode();
177 | } catch (MessageEncodingException e) {
178 | throw new RuntimeException(e);
179 | }
180 | }
181 |
182 | private Endpoint URLToEndpoint(String URL) {
183 | SingleSignOnService endpoint = OpenSAMLUtils.buildSAMLObject(SingleSignOnService.class);
184 | endpoint.setBinding(SAMLConstants.SAML2_REDIRECT_BINDING_URI);
185 | endpoint.setLocation(URL);
186 |
187 | return endpoint;
188 | }
189 | }
190 |
--------------------------------------------------------------------------------
/opensaml-signing-and-verification/src/main/java/no/steras/opensamlSamples/signingVerification/SenderServlet.java:
--------------------------------------------------------------------------------
1 | package no.steras.opensamlSamples.signingVerification;
2 |
3 | import java.io.IOException;
4 | import java.io.InputStream;
5 | import java.io.Writer;
6 | import java.security.KeyStore;
7 | import java.time.Instant;
8 | import java.util.HashMap;
9 | import java.util.Map;
10 |
11 | import javax.servlet.ServletException;
12 | import javax.servlet.http.HttpServlet;
13 | import javax.servlet.http.HttpServletRequest;
14 | import javax.servlet.http.HttpServletResponse;
15 |
16 | import org.apache.velocity.app.VelocityEngine;
17 | import org.apache.velocity.runtime.RuntimeConstants;
18 | import org.opensaml.core.config.ConfigurationService;
19 | import org.opensaml.core.config.InitializationException;
20 | import org.opensaml.core.config.InitializationService;
21 | import org.opensaml.core.criterion.EntityIdCriterion;
22 | import org.opensaml.core.xml.config.XMLObjectProviderRegistry;
23 | import org.opensaml.messaging.context.MessageContext;
24 | import org.opensaml.messaging.encoder.MessageEncodingException;
25 | import org.opensaml.saml.common.binding.security.impl.SAMLOutboundProtocolMessageSigningHandler;
26 | import org.opensaml.saml.common.messaging.context.SAMLBindingContext;
27 | import org.opensaml.saml.common.messaging.context.SAMLEndpointContext;
28 | import org.opensaml.saml.common.messaging.context.SAMLPeerEntityContext;
29 | import org.opensaml.saml.common.xml.SAMLConstants;
30 | import org.opensaml.saml.saml2.binding.encoding.impl.HTTPPostEncoder;
31 | import org.opensaml.saml.saml2.core.AuthnRequest;
32 | import org.opensaml.saml.saml2.core.Issuer;
33 | import org.opensaml.saml.saml2.core.NameIDPolicy;
34 | import org.opensaml.saml.saml2.core.NameIDType;
35 | import org.opensaml.saml.saml2.metadata.Endpoint;
36 | import org.opensaml.saml.saml2.metadata.SingleSignOnService;
37 | import org.opensaml.security.credential.Credential;
38 | import org.opensaml.security.credential.impl.KeyStoreCredentialResolver;
39 | import org.opensaml.xmlsec.SignatureSigningParameters;
40 | import org.opensaml.xmlsec.config.impl.JavaCryptoValidationInitializer;
41 | import org.opensaml.xmlsec.context.SecurityParametersContext;
42 | import org.opensaml.xmlsec.signature.support.SignatureConstants;
43 | import org.slf4j.Logger;
44 | import org.slf4j.LoggerFactory;
45 |
46 | import net.shibboleth.utilities.java.support.component.ComponentInitializationException;
47 | import net.shibboleth.utilities.java.support.resolver.CriteriaSet;
48 | import net.shibboleth.utilities.java.support.resolver.Criterion;
49 |
50 | /**
51 | * Created by Privat on 4/6/14.
52 | */
53 | public class SenderServlet extends HttpServlet {
54 | private static Logger logger = LoggerFactory.getLogger(SenderServlet.class);
55 |
56 | private static final String MESSAGE_RECEIVER_ENDPOINT = "http://localhost:8080/opensaml-signing-and-verification/receiverPage";
57 | private static final String ASSERTION_CONSUMER_ENDPOINT = "The should be the endpoint that should recieve the result of the authentication";
58 | private static final String ISSUER = "This should be the sender entityId";
59 | private static final String KEY_STORE_PASSWORD = "password";
60 | private static final String KEY_STORE_ENTRY_PASSWORD = "password";
61 | private static final String KEY_STORE_PATH = "/senderKeystore.jks";
62 | private static final String ENTITY_ID = "sender.example.com";
63 |
64 | @Override
65 | public void init() throws ServletException {
66 | try {
67 | JavaCryptoValidationInitializer javaCryptoValidationInitializer = new JavaCryptoValidationInitializer();
68 | javaCryptoValidationInitializer.init();
69 |
70 | XMLObjectProviderRegistry registry = new XMLObjectProviderRegistry();
71 | ConfigurationService.register(XMLObjectProviderRegistry.class, registry);
72 |
73 | registry.setParserPool(OpenSAMLUtils.getParserPool());
74 |
75 | logger.info("Initializing");
76 | InitializationService.initialize();
77 | } catch (InitializationException e) {
78 | throw new RuntimeException("Initialization failed");
79 | }
80 | }
81 |
82 | @Override
83 | protected void doGet(final HttpServletRequest req, final HttpServletResponse resp)
84 | throws ServletException, IOException {
85 | Writer w = resp.getWriter();
86 |
87 | resp.setContentType("text/html");
88 | w.append("" + ""
89 | + "Click the button to sign a message and send it and validate the signature in the reciever.
" + "" + "");
91 | }
92 |
93 | @Override
94 | protected void doPost(final HttpServletRequest req, final HttpServletResponse resp)
95 | throws ServletException, IOException {
96 | AuthnRequest authnRequest = buildAuthnRequest();
97 | try {
98 | sendMessageUsingPOST(resp, authnRequest);
99 | } catch (Exception e) {
100 | throw new RuntimeException(e);
101 | }
102 | }
103 |
104 | private AuthnRequest buildAuthnRequest() {
105 | AuthnRequest authnRequest = OpenSAMLUtils.buildSAMLObject(AuthnRequest.class);
106 | authnRequest.setIssueInstant(Instant.now());
107 | authnRequest.setDestination(MESSAGE_RECEIVER_ENDPOINT);
108 | authnRequest.setProtocolBinding(SAMLConstants.SAML2_ARTIFACT_BINDING_URI);
109 | authnRequest.setAssertionConsumerServiceURL(ASSERTION_CONSUMER_ENDPOINT);
110 | authnRequest.setID(OpenSAMLUtils.generateSecureRandomId());
111 | authnRequest.setIssuer(buildIssuer());
112 | authnRequest.setNameIDPolicy(buildNameIdPolicy());
113 |
114 | return authnRequest;
115 | }
116 |
117 | private NameIDPolicy buildNameIdPolicy() {
118 | NameIDPolicy nameIDPolicy = OpenSAMLUtils.buildSAMLObject(NameIDPolicy.class);
119 | nameIDPolicy.setAllowCreate(true);
120 |
121 | nameIDPolicy.setFormat(NameIDType.TRANSIENT);
122 |
123 | return nameIDPolicy;
124 | }
125 |
126 | private Issuer buildIssuer() {
127 | Issuer issuer = OpenSAMLUtils.buildSAMLObject(Issuer.class);
128 | issuer.setValue(ISSUER);
129 |
130 | return issuer;
131 | }
132 |
133 | private KeyStore readKeystoreFromFile(String pathToKeyStore, String keyStorePassword) {
134 | try {
135 | KeyStore keystore = KeyStore.getInstance(KeyStore.getDefaultType());
136 | InputStream inputStream = this.getClass().getResourceAsStream(pathToKeyStore);
137 | keystore.load(inputStream, keyStorePassword.toCharArray());
138 | inputStream.close();
139 | return keystore;
140 | } catch (Exception e) {
141 | throw new RuntimeException("Something went wrong reading keystore", e);
142 | }
143 | }
144 |
145 | private Credential getSenderSigningCredential() throws Exception {
146 | // Get key store
147 | KeyStore keystore = readKeystoreFromFile(KEY_STORE_PATH, KEY_STORE_PASSWORD);
148 | Map passwordMap = new HashMap();
149 | passwordMap.put(ENTITY_ID, KEY_STORE_ENTRY_PASSWORD);
150 |
151 | // Create key store resolver
152 | KeyStoreCredentialResolver resolver = new KeyStoreCredentialResolver(keystore, passwordMap);
153 |
154 | // Set criterion to get relevant certificate
155 | Criterion criterion = new EntityIdCriterion(ENTITY_ID);
156 | CriteriaSet criteriaSet = new CriteriaSet();
157 | criteriaSet.add(criterion);
158 |
159 | // Resolve credential
160 | return resolver.resolveSingle(criteriaSet);
161 | }
162 |
163 | private SignatureSigningParameters buildSignatureSigningParameters() throws Exception {
164 | SignatureSigningParameters signingParameters = new SignatureSigningParameters();
165 | signingParameters.setSigningCredential(getSenderSigningCredential());
166 | signingParameters.setSignatureAlgorithm(SignatureConstants.ALGO_ID_SIGNATURE_RSA_SHA256);
167 | signingParameters.setSignatureReferenceDigestMethod(SignatureConstants.ALGO_ID_DIGEST_SHA256);
168 | signingParameters.setSignatureCanonicalizationAlgorithm(SignatureConstants.ALGO_ID_C14N_EXCL_OMIT_COMMENTS);
169 | return signingParameters;
170 | }
171 |
172 | private void sendMessageUsingPOST(HttpServletResponse httpServletResponse, AuthnRequest authnRequest)
173 | throws Exception {
174 |
175 | MessageContext context = new MessageContext();
176 |
177 | context.setMessage(authnRequest);
178 |
179 | SAMLBindingContext bindingContext = context.getSubcontext(SAMLBindingContext.class, true);
180 | bindingContext.setRelayState("teststate");
181 |
182 | SAMLPeerEntityContext peerEntityContext = context.getSubcontext(SAMLPeerEntityContext.class, true);
183 |
184 | SAMLEndpointContext endpointContext = peerEntityContext.getSubcontext(SAMLEndpointContext.class, true);
185 | endpointContext.setEndpoint(URLToEndpoint(MESSAGE_RECEIVER_ENDPOINT));
186 |
187 | context.getSubcontext(SecurityParametersContext.class, true)
188 | .setSignatureSigningParameters(buildSignatureSigningParameters());
189 |
190 | SAMLOutboundProtocolMessageSigningHandler handler = new SAMLOutboundProtocolMessageSigningHandler();
191 | handler.setSignErrorResponses(false);
192 | handler.initialize();
193 |
194 | handler.invoke(context);
195 |
196 | VelocityEngine velocityEngine = new VelocityEngine();
197 | velocityEngine.setProperty(RuntimeConstants.RESOURCE_LOADERS, "classpath");
198 | velocityEngine.setProperty("classpath.resource.loader.class",
199 | "org.apache.velocity.runtime.resource.loader.ClasspathResourceLoader");
200 | velocityEngine.init();
201 |
202 | HTTPPostEncoder encoder = new HTTPPostEncoder();
203 |
204 | encoder.setMessageContext(context);
205 | encoder.setHttpServletResponse(httpServletResponse);
206 | encoder.setVelocityEngine(velocityEngine);
207 |
208 | try {
209 | encoder.initialize();
210 | } catch (ComponentInitializationException e) {
211 | throw new RuntimeException(e);
212 | }
213 |
214 | logger.info("Sending auto-sumbitting form to receiver with AuthnRequest");
215 | try {
216 | encoder.encode();
217 | } catch (MessageEncodingException e) {
218 | throw new RuntimeException(e);
219 | }
220 | }
221 |
222 | private Endpoint URLToEndpoint(String URL) {
223 | SingleSignOnService endpoint = OpenSAMLUtils.buildSAMLObject(SingleSignOnService.class);
224 | endpoint.setBinding(SAMLConstants.SAML2_REDIRECT_BINDING_URI);
225 | endpoint.setLocation(URL);
226 |
227 | return endpoint;
228 | }
229 | }
230 |
--------------------------------------------------------------------------------
/opensaml4-webprofile-demo/src/main/java/no/steras/opensamlSamples/opensaml4WebprofileDemo/sp/AccessFilter.java:
--------------------------------------------------------------------------------
1 | package no.steras.opensamlSamples.opensaml4WebprofileDemo.sp;
2 |
3 | import java.io.IOException;
4 | import java.security.Provider;
5 | import java.security.Security;
6 | import java.time.Instant;
7 | import java.util.HashMap;
8 | import java.util.Map;
9 |
10 | import javax.servlet.Filter;
11 | import javax.servlet.FilterChain;
12 | import javax.servlet.FilterConfig;
13 | import javax.servlet.ServletException;
14 | import javax.servlet.ServletRequest;
15 | import javax.servlet.ServletResponse;
16 | import javax.servlet.http.HttpServletRequest;
17 | import javax.servlet.http.HttpServletResponse;
18 |
19 | import org.opensaml.core.config.ConfigurationService;
20 | import org.opensaml.core.config.InitializationException;
21 | import org.opensaml.core.config.InitializationService;
22 | import org.opensaml.core.xml.config.XMLObjectProviderRegistry;
23 | import org.opensaml.messaging.context.MessageContext;
24 | import org.opensaml.messaging.encoder.MessageEncodingException;
25 | import org.opensaml.saml.common.messaging.context.SAMLBindingContext;
26 | import org.opensaml.saml.common.messaging.context.SAMLEndpointContext;
27 | import org.opensaml.saml.common.messaging.context.SAMLPeerEntityContext;
28 | import org.opensaml.saml.common.xml.SAMLConstants;
29 | import org.opensaml.saml.saml2.binding.encoding.impl.HTTPRedirectDeflateEncoder;
30 | import org.opensaml.saml.saml2.core.AuthnContext;
31 | import org.opensaml.saml.saml2.core.AuthnContextClassRef;
32 | import org.opensaml.saml.saml2.core.AuthnContextComparisonTypeEnumeration;
33 | import org.opensaml.saml.saml2.core.AuthnRequest;
34 | import org.opensaml.saml.saml2.core.Issuer;
35 | import org.opensaml.saml.saml2.core.NameIDPolicy;
36 | import org.opensaml.saml.saml2.core.NameIDType;
37 | import org.opensaml.saml.saml2.core.RequestedAuthnContext;
38 | import org.opensaml.saml.saml2.metadata.Endpoint;
39 | import org.opensaml.saml.saml2.metadata.SingleSignOnService;
40 | import org.opensaml.xmlsec.SignatureSigningParameters;
41 | import org.opensaml.xmlsec.config.impl.JavaCryptoValidationInitializer;
42 | import org.opensaml.xmlsec.context.SecurityParametersContext;
43 | import org.opensaml.xmlsec.signature.support.SignatureConstants;
44 | import org.slf4j.Logger;
45 | import org.slf4j.LoggerFactory;
46 |
47 | import net.shibboleth.utilities.java.support.component.ComponentInitializationException;
48 | import net.shibboleth.utilities.java.support.xml.BasicParserPool;
49 | import net.shibboleth.utilities.java.support.xml.ParserPool;
50 | import no.steras.opensamlSamples.opensaml4WebprofileDemo.OpenSAMLUtils;
51 | import no.steras.opensamlSamples.opensaml4WebprofileDemo.idp.IDPConstants;
52 |
53 | /**
54 | * The filter intercepts the user and start the SAML authentication if it is not
55 | * authenticated
56 | */
57 | public class AccessFilter implements Filter {
58 | private static Logger logger = LoggerFactory.getLogger(AccessFilter.class);
59 |
60 | public void init(FilterConfig filterConfig) throws ServletException {
61 | JavaCryptoValidationInitializer javaCryptoValidationInitializer = new JavaCryptoValidationInitializer();
62 | try {
63 | javaCryptoValidationInitializer.init();
64 |
65 | for (Provider jceProvider : Security.getProviders()) {
66 | logger.info(jceProvider.getInfo());
67 | }
68 |
69 | XMLObjectProviderRegistry registry = new XMLObjectProviderRegistry();
70 | ConfigurationService.register(XMLObjectProviderRegistry.class, registry);
71 |
72 | registry.setParserPool(getParserPool());
73 |
74 | logger.info("Initializing");
75 | InitializationService.initialize();
76 | } catch (InitializationException e) {
77 | throw new RuntimeException("Initialization failed");
78 | }
79 | }
80 |
81 | private static ParserPool getParserPool() {
82 | BasicParserPool parserPool = new BasicParserPool();
83 | parserPool.setMaxPoolSize(100);
84 | parserPool.setCoalescing(true);
85 | parserPool.setIgnoreComments(true);
86 | parserPool.setIgnoreElementContentWhitespace(true);
87 | parserPool.setNamespaceAware(true);
88 | parserPool.setExpandEntityReferences(false);
89 | parserPool.setXincludeAware(false);
90 |
91 | final Map features = new HashMap();
92 | features.put("http://xml.org/sax/features/external-general-entities", Boolean.FALSE);
93 | features.put("http://xml.org/sax/features/external-parameter-entities", Boolean.FALSE);
94 | features.put("http://apache.org/xml/features/disallow-doctype-decl", Boolean.TRUE);
95 | features.put("http://apache.org/xml/features/validation/schema/normalized-value", Boolean.FALSE);
96 | features.put("http://javax.xml.XMLConstants/feature/secure-processing", Boolean.TRUE);
97 |
98 | parserPool.setBuilderFeatures(features);
99 |
100 | parserPool.setBuilderAttributes(new HashMap());
101 |
102 | try {
103 | parserPool.initialize();
104 | } catch (ComponentInitializationException e) {
105 | logger.error(e.getMessage(), e);
106 | }
107 |
108 | return parserPool;
109 | }
110 |
111 | public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain)
112 | throws IOException, ServletException {
113 | HttpServletRequest httpServletRequest = (HttpServletRequest) request;
114 | HttpServletResponse httpServletResponse = (HttpServletResponse) response;
115 |
116 | if (httpServletRequest.getSession().getAttribute(SPConstants.AUTHENTICATED_SESSION_ATTRIBUTE) != null) {
117 | chain.doFilter(request, response);
118 | } else {
119 | setGotoURLOnSession(httpServletRequest);
120 | redirectUserForAuthentication(httpServletResponse);
121 | }
122 | }
123 |
124 | private void setGotoURLOnSession(HttpServletRequest request) {
125 | request.getSession().setAttribute(SPConstants.GOTO_URL_SESSION_ATTRIBUTE, request.getRequestURL().toString());
126 | }
127 |
128 | private void redirectUserForAuthentication(HttpServletResponse httpServletResponse) {
129 | AuthnRequest authnRequest = buildAuthnRequest();
130 | redirectUserWithRequest(httpServletResponse, authnRequest);
131 |
132 | }
133 |
134 | private void redirectUserWithRequest(HttpServletResponse httpServletResponse, AuthnRequest authnRequest) {
135 |
136 | MessageContext context = new MessageContext();
137 |
138 | context.setMessage(authnRequest);
139 |
140 | SAMLBindingContext bindingContext = context.getSubcontext(SAMLBindingContext.class, true);
141 | bindingContext.setRelayState("teststate");
142 |
143 | SAMLPeerEntityContext peerEntityContext = context.getSubcontext(SAMLPeerEntityContext.class, true);
144 |
145 | SAMLEndpointContext endpointContext = peerEntityContext.getSubcontext(SAMLEndpointContext.class, true);
146 | endpointContext.setEndpoint(getIPDEndpoint());
147 |
148 | SignatureSigningParameters signatureSigningParameters = new SignatureSigningParameters();
149 | signatureSigningParameters.setSigningCredential(SPCredentials.getCredential());
150 | signatureSigningParameters.setSignatureAlgorithm(SignatureConstants.ALGO_ID_SIGNATURE_RSA_SHA256);
151 |
152 | context.getSubcontext(SecurityParametersContext.class, true)
153 | .setSignatureSigningParameters(signatureSigningParameters);
154 |
155 | HTTPRedirectDeflateEncoder encoder = new HTTPRedirectDeflateEncoder();
156 |
157 | encoder.setMessageContext(context);
158 | encoder.setHttpServletResponse(httpServletResponse);
159 |
160 | try {
161 | encoder.initialize();
162 | } catch (ComponentInitializationException e) {
163 | throw new RuntimeException(e);
164 | }
165 |
166 | logger.info("AuthnRequest: ");
167 | OpenSAMLUtils.logSAMLObject(authnRequest);
168 |
169 | logger.info("Redirecting to IDP");
170 | try {
171 | encoder.encode();
172 | } catch (MessageEncodingException e) {
173 | throw new RuntimeException(e);
174 | }
175 | }
176 |
177 | private AuthnRequest buildAuthnRequest() {
178 | AuthnRequest authnRequest = OpenSAMLUtils.buildSAMLObject(AuthnRequest.class);
179 | authnRequest.setIssueInstant(Instant.now());
180 | authnRequest.setDestination(getIPDSSODestination());
181 | authnRequest.setProtocolBinding(SAMLConstants.SAML2_ARTIFACT_BINDING_URI);
182 | authnRequest.setAssertionConsumerServiceURL(getAssertionConsumerEndpoint());
183 | authnRequest.setID(OpenSAMLUtils.generateSecureRandomId());
184 | authnRequest.setIssuer(buildIssuer());
185 | authnRequest.setNameIDPolicy(buildNameIdPolicy());
186 | authnRequest.setRequestedAuthnContext(buildRequestedAuthnContext());
187 |
188 | return authnRequest;
189 | }
190 |
191 | private RequestedAuthnContext buildRequestedAuthnContext() {
192 | RequestedAuthnContext requestedAuthnContext = OpenSAMLUtils.buildSAMLObject(RequestedAuthnContext.class);
193 | requestedAuthnContext.setComparison(AuthnContextComparisonTypeEnumeration.MINIMUM);
194 |
195 | AuthnContextClassRef passwordAuthnContextClassRef = OpenSAMLUtils.buildSAMLObject(AuthnContextClassRef.class);
196 | passwordAuthnContextClassRef.setURI(AuthnContext.PASSWORD_AUTHN_CTX);
197 |
198 | requestedAuthnContext.getAuthnContextClassRefs().add(passwordAuthnContextClassRef);
199 |
200 | return requestedAuthnContext;
201 |
202 | }
203 |
204 | private NameIDPolicy buildNameIdPolicy() {
205 | NameIDPolicy nameIDPolicy = OpenSAMLUtils.buildSAMLObject(NameIDPolicy.class);
206 | nameIDPolicy.setAllowCreate(true);
207 |
208 | nameIDPolicy.setFormat(NameIDType.TRANSIENT);
209 |
210 | return nameIDPolicy;
211 | }
212 |
213 | private Issuer buildIssuer() {
214 | Issuer issuer = OpenSAMLUtils.buildSAMLObject(Issuer.class);
215 | issuer.setValue(getSPIssuerValue());
216 |
217 | return issuer;
218 | }
219 |
220 | private String getSPIssuerValue() {
221 | return SPConstants.SP_ENTITY_ID;
222 | }
223 |
224 | private String getAssertionConsumerEndpoint() {
225 | return SPConstants.ASSERTION_CONSUMER_SERVICE;
226 | }
227 |
228 | private String getIPDSSODestination() {
229 | return IDPConstants.SSO_SERVICE;
230 | }
231 |
232 | private Endpoint getIPDEndpoint() {
233 | SingleSignOnService endpoint = OpenSAMLUtils.buildSAMLObject(SingleSignOnService.class);
234 | endpoint.setBinding(SAMLConstants.SAML2_REDIRECT_BINDING_URI);
235 | endpoint.setLocation(getIPDSSODestination());
236 |
237 | return endpoint;
238 | }
239 |
240 | public void destroy() {
241 |
242 | }
243 | }
--------------------------------------------------------------------------------
/opensaml-http-post/LICENSE:
--------------------------------------------------------------------------------
1 | Apache License
2 | Version 2.0, January 2004
3 | http://www.apache.org/licenses/
4 |
5 | TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
6 |
7 | 1. Definitions.
8 |
9 | "License" shall mean the terms and conditions for use, reproduction,
10 | and distribution as defined by Sections 1 through 9 of this document.
11 |
12 | "Licensor" shall mean the copyright owner or entity authorized by
13 | the copyright owner that is granting the License.
14 |
15 | "Legal Entity" shall mean the union of the acting entity and all
16 | other entities that control, are controlled by, or are under common
17 | control with that entity. For the purposes of this definition,
18 | "control" means (i) the power, direct or indirect, to cause the
19 | direction or management of such entity, whether by contract or
20 | otherwise, or (ii) ownership of fifty percent (50%) or more of the
21 | outstanding shares, or (iii) beneficial ownership of such entity.
22 |
23 | "You" (or "Your") shall mean an individual or Legal Entity
24 | exercising permissions granted by this License.
25 |
26 | "Source" form shall mean the preferred form for making modifications,
27 | including but not limited to software source code, documentation
28 | source, and configuration files.
29 |
30 | "Object" form shall mean any form resulting from mechanical
31 | transformation or translation of a Source form, including but
32 | not limited to compiled object code, generated documentation,
33 | and conversions to other media types.
34 |
35 | "Work" shall mean the work of authorship, whether in Source or
36 | Object form, made available under the License, as indicated by a
37 | copyright notice that is included in or attached to the work
38 | (an example is provided in the Appendix below).
39 |
40 | "Derivative Works" shall mean any work, whether in Source or Object
41 | form, that is based on (or derived from) the Work and for which the
42 | editorial revisions, annotations, elaborations, or other modifications
43 | represent, as a whole, an original work of authorship. For the purposes
44 | of this License, Derivative Works shall not include works that remain
45 | separable from, or merely link (or bind by name) to the interfaces of,
46 | the Work and Derivative Works thereof.
47 |
48 | "Contribution" shall mean any work of authorship, including
49 | the original version of the Work and any modifications or additions
50 | to that Work or Derivative Works thereof, that is intentionally
51 | submitted to Licensor for inclusion in the Work by the copyright owner
52 | or by an individual or Legal Entity authorized to submit on behalf of
53 | the copyright owner. For the purposes of this definition, "submitted"
54 | means any form of electronic, verbal, or written communication sent
55 | to the Licensor or its representatives, including but not limited to
56 | communication on electronic mailing lists, source code control systems,
57 | and issue tracking systems that are managed by, or on behalf of, the
58 | Licensor for the purpose of discussing and improving the Work, but
59 | excluding communication that is conspicuously marked or otherwise
60 | designated in writing by the copyright owner as "Not a Contribution."
61 |
62 | "Contributor" shall mean Licensor and any individual or Legal Entity
63 | on behalf of whom a Contribution has been received by Licensor and
64 | subsequently incorporated within the Work.
65 |
66 | 2. Grant of Copyright License. Subject to the terms and conditions of
67 | this License, each Contributor hereby grants to You a perpetual,
68 | worldwide, non-exclusive, no-charge, royalty-free, irrevocable
69 | copyright license to reproduce, prepare Derivative Works of,
70 | publicly display, publicly perform, sublicense, and distribute the
71 | Work and such Derivative Works in Source or Object form.
72 |
73 | 3. Grant of Patent License. Subject to the terms and conditions of
74 | this License, each Contributor hereby grants to You a perpetual,
75 | worldwide, non-exclusive, no-charge, royalty-free, irrevocable
76 | (except as stated in this section) patent license to make, have made,
77 | use, offer to sell, sell, import, and otherwise transfer the Work,
78 | where such license applies only to those patent claims licensable
79 | by such Contributor that are necessarily infringed by their
80 | Contribution(s) alone or by combination of their Contribution(s)
81 | with the Work to which such Contribution(s) was submitted. If You
82 | institute patent litigation against any entity (including a
83 | cross-claim or counterclaim in a lawsuit) alleging that the Work
84 | or a Contribution incorporated within the Work constitutes direct
85 | or contributory patent infringement, then any patent licenses
86 | granted to You under this License for that Work shall terminate
87 | as of the date such litigation is filed.
88 |
89 | 4. Redistribution. You may reproduce and distribute copies of the
90 | Work or Derivative Works thereof in any medium, with or without
91 | modifications, and in Source or Object form, provided that You
92 | meet the following conditions:
93 |
94 | (a) You must give any other recipients of the Work or
95 | Derivative Works a copy of this License; and
96 |
97 | (b) You must cause any modified files to carry prominent notices
98 | stating that You changed the files; and
99 |
100 | (c) You must retain, in the Source form of any Derivative Works
101 | that You distribute, all copyright, patent, trademark, and
102 | attribution notices from the Source form of the Work,
103 | excluding those notices that do not pertain to any part of
104 | the Derivative Works; and
105 |
106 | (d) If the Work includes a "NOTICE" text file as part of its
107 | distribution, then any Derivative Works that You distribute must
108 | include a readable copy of the attribution notices contained
109 | within such NOTICE file, excluding those notices that do not
110 | pertain to any part of the Derivative Works, in at least one
111 | of the following places: within a NOTICE text file distributed
112 | as part of the Derivative Works; within the Source form or
113 | documentation, if provided along with the Derivative Works; or,
114 | within a display generated by the Derivative Works, if and
115 | wherever such third-party notices normally appear. The contents
116 | of the NOTICE file are for informational purposes only and
117 | do not modify the License. You may add Your own attribution
118 | notices within Derivative Works that You distribute, alongside
119 | or as an addendum to the NOTICE text from the Work, provided
120 | that such additional attribution notices cannot be construed
121 | as modifying the License.
122 |
123 | You may add Your own copyright statement to Your modifications and
124 | may provide additional or different license terms and conditions
125 | for use, reproduction, or distribution of Your modifications, or
126 | for any such Derivative Works as a whole, provided Your use,
127 | reproduction, and distribution of the Work otherwise complies with
128 | the conditions stated in this License.
129 |
130 | 5. Submission of Contributions. Unless You explicitly state otherwise,
131 | any Contribution intentionally submitted for inclusion in the Work
132 | by You to the Licensor shall be under the terms and conditions of
133 | this License, without any additional terms or conditions.
134 | Notwithstanding the above, nothing herein shall supersede or modify
135 | the terms of any separate license agreement you may have executed
136 | with Licensor regarding such Contributions.
137 |
138 | 6. Trademarks. This License does not grant permission to use the trade
139 | names, trademarks, service marks, or product names of the Licensor,
140 | except as required for reasonable and customary use in describing the
141 | origin of the Work and reproducing the content of the NOTICE file.
142 |
143 | 7. Disclaimer of Warranty. Unless required by applicable law or
144 | agreed to in writing, Licensor provides the Work (and each
145 | Contributor provides its Contributions) on an "AS IS" BASIS,
146 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
147 | implied, including, without limitation, any warranties or conditions
148 | of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
149 | PARTICULAR PURPOSE. You are solely responsible for determining the
150 | appropriateness of using or redistributing the Work and assume any
151 | risks associated with Your exercise of permissions under this License.
152 |
153 | 8. Limitation of Liability. In no event and under no legal theory,
154 | whether in tort (including negligence), contract, or otherwise,
155 | unless required by applicable law (such as deliberate and grossly
156 | negligent acts) or agreed to in writing, shall any Contributor be
157 | liable to You for damages, including any direct, indirect, special,
158 | incidental, or consequential damages of any character arising as a
159 | result of this License or out of the use or inability to use the
160 | Work (including but not limited to damages for loss of goodwill,
161 | work stoppage, computer failure or malfunction, or any and all
162 | other commercial damages or losses), even if such Contributor
163 | has been advised of the possibility of such damages.
164 |
165 | 9. Accepting Warranty or Additional Liability. While redistributing
166 | the Work or Derivative Works thereof, You may choose to offer,
167 | and charge a fee for, acceptance of support, warranty, indemnity,
168 | or other liability obligations and/or rights consistent with this
169 | License. However, in accepting such obligations, You may act only
170 | on Your own behalf and on Your sole responsibility, not on behalf
171 | of any other Contributor, and only if You agree to indemnify,
172 | defend, and hold each Contributor harmless for any liability
173 | incurred by, or claims asserted against, such Contributor by reason
174 | of your accepting any such warranty or additional liability.
175 |
176 | END OF TERMS AND CONDITIONS
177 |
178 | APPENDIX: How to apply the Apache License to your work.
179 |
180 | To apply the Apache License to your work, attach the following
181 | boilerplate notice, with the fields enclosed by brackets "{}"
182 | replaced with your own identifying information. (Don't include
183 | the brackets!) The text should be enclosed in the appropriate
184 | comment syntax for the file format. We also recommend that a
185 | file or class name and description of purpose be included on the
186 | same "printed page" as the copyright notice for easier
187 | identification within third-party archives.
188 |
189 | Copyright {yyyy} {name of copyright owner}
190 |
191 | Licensed under the Apache License, Version 2.0 (the "License");
192 | you may not use this file except in compliance with the License.
193 | You may obtain a copy of the License at
194 |
195 | http://www.apache.org/licenses/LICENSE-2.0
196 |
197 | Unless required by applicable law or agreed to in writing, software
198 | distributed under the License is distributed on an "AS IS" BASIS,
199 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
200 | See the License for the specific language governing permissions and
201 | limitations under the License.
202 |
--------------------------------------------------------------------------------
/opensaml-http-redirect/LICENSE:
--------------------------------------------------------------------------------
1 | Apache License
2 | Version 2.0, January 2004
3 | http://www.apache.org/licenses/
4 |
5 | TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
6 |
7 | 1. Definitions.
8 |
9 | "License" shall mean the terms and conditions for use, reproduction,
10 | and distribution as defined by Sections 1 through 9 of this document.
11 |
12 | "Licensor" shall mean the copyright owner or entity authorized by
13 | the copyright owner that is granting the License.
14 |
15 | "Legal Entity" shall mean the union of the acting entity and all
16 | other entities that control, are controlled by, or are under common
17 | control with that entity. For the purposes of this definition,
18 | "control" means (i) the power, direct or indirect, to cause the
19 | direction or management of such entity, whether by contract or
20 | otherwise, or (ii) ownership of fifty percent (50%) or more of the
21 | outstanding shares, or (iii) beneficial ownership of such entity.
22 |
23 | "You" (or "Your") shall mean an individual or Legal Entity
24 | exercising permissions granted by this License.
25 |
26 | "Source" form shall mean the preferred form for making modifications,
27 | including but not limited to software source code, documentation
28 | source, and configuration files.
29 |
30 | "Object" form shall mean any form resulting from mechanical
31 | transformation or translation of a Source form, including but
32 | not limited to compiled object code, generated documentation,
33 | and conversions to other media types.
34 |
35 | "Work" shall mean the work of authorship, whether in Source or
36 | Object form, made available under the License, as indicated by a
37 | copyright notice that is included in or attached to the work
38 | (an example is provided in the Appendix below).
39 |
40 | "Derivative Works" shall mean any work, whether in Source or Object
41 | form, that is based on (or derived from) the Work and for which the
42 | editorial revisions, annotations, elaborations, or other modifications
43 | represent, as a whole, an original work of authorship. For the purposes
44 | of this License, Derivative Works shall not include works that remain
45 | separable from, or merely link (or bind by name) to the interfaces of,
46 | the Work and Derivative Works thereof.
47 |
48 | "Contribution" shall mean any work of authorship, including
49 | the original version of the Work and any modifications or additions
50 | to that Work or Derivative Works thereof, that is intentionally
51 | submitted to Licensor for inclusion in the Work by the copyright owner
52 | or by an individual or Legal Entity authorized to submit on behalf of
53 | the copyright owner. For the purposes of this definition, "submitted"
54 | means any form of electronic, verbal, or written communication sent
55 | to the Licensor or its representatives, including but not limited to
56 | communication on electronic mailing lists, source code control systems,
57 | and issue tracking systems that are managed by, or on behalf of, the
58 | Licensor for the purpose of discussing and improving the Work, but
59 | excluding communication that is conspicuously marked or otherwise
60 | designated in writing by the copyright owner as "Not a Contribution."
61 |
62 | "Contributor" shall mean Licensor and any individual or Legal Entity
63 | on behalf of whom a Contribution has been received by Licensor and
64 | subsequently incorporated within the Work.
65 |
66 | 2. Grant of Copyright License. Subject to the terms and conditions of
67 | this License, each Contributor hereby grants to You a perpetual,
68 | worldwide, non-exclusive, no-charge, royalty-free, irrevocable
69 | copyright license to reproduce, prepare Derivative Works of,
70 | publicly display, publicly perform, sublicense, and distribute the
71 | Work and such Derivative Works in Source or Object form.
72 |
73 | 3. Grant of Patent License. Subject to the terms and conditions of
74 | this License, each Contributor hereby grants to You a perpetual,
75 | worldwide, non-exclusive, no-charge, royalty-free, irrevocable
76 | (except as stated in this section) patent license to make, have made,
77 | use, offer to sell, sell, import, and otherwise transfer the Work,
78 | where such license applies only to those patent claims licensable
79 | by such Contributor that are necessarily infringed by their
80 | Contribution(s) alone or by combination of their Contribution(s)
81 | with the Work to which such Contribution(s) was submitted. If You
82 | institute patent litigation against any entity (including a
83 | cross-claim or counterclaim in a lawsuit) alleging that the Work
84 | or a Contribution incorporated within the Work constitutes direct
85 | or contributory patent infringement, then any patent licenses
86 | granted to You under this License for that Work shall terminate
87 | as of the date such litigation is filed.
88 |
89 | 4. Redistribution. You may reproduce and distribute copies of the
90 | Work or Derivative Works thereof in any medium, with or without
91 | modifications, and in Source or Object form, provided that You
92 | meet the following conditions:
93 |
94 | (a) You must give any other recipients of the Work or
95 | Derivative Works a copy of this License; and
96 |
97 | (b) You must cause any modified files to carry prominent notices
98 | stating that You changed the files; and
99 |
100 | (c) You must retain, in the Source form of any Derivative Works
101 | that You distribute, all copyright, patent, trademark, and
102 | attribution notices from the Source form of the Work,
103 | excluding those notices that do not pertain to any part of
104 | the Derivative Works; and
105 |
106 | (d) If the Work includes a "NOTICE" text file as part of its
107 | distribution, then any Derivative Works that You distribute must
108 | include a readable copy of the attribution notices contained
109 | within such NOTICE file, excluding those notices that do not
110 | pertain to any part of the Derivative Works, in at least one
111 | of the following places: within a NOTICE text file distributed
112 | as part of the Derivative Works; within the Source form or
113 | documentation, if provided along with the Derivative Works; or,
114 | within a display generated by the Derivative Works, if and
115 | wherever such third-party notices normally appear. The contents
116 | of the NOTICE file are for informational purposes only and
117 | do not modify the License. You may add Your own attribution
118 | notices within Derivative Works that You distribute, alongside
119 | or as an addendum to the NOTICE text from the Work, provided
120 | that such additional attribution notices cannot be construed
121 | as modifying the License.
122 |
123 | You may add Your own copyright statement to Your modifications and
124 | may provide additional or different license terms and conditions
125 | for use, reproduction, or distribution of Your modifications, or
126 | for any such Derivative Works as a whole, provided Your use,
127 | reproduction, and distribution of the Work otherwise complies with
128 | the conditions stated in this License.
129 |
130 | 5. Submission of Contributions. Unless You explicitly state otherwise,
131 | any Contribution intentionally submitted for inclusion in the Work
132 | by You to the Licensor shall be under the terms and conditions of
133 | this License, without any additional terms or conditions.
134 | Notwithstanding the above, nothing herein shall supersede or modify
135 | the terms of any separate license agreement you may have executed
136 | with Licensor regarding such Contributions.
137 |
138 | 6. Trademarks. This License does not grant permission to use the trade
139 | names, trademarks, service marks, or product names of the Licensor,
140 | except as required for reasonable and customary use in describing the
141 | origin of the Work and reproducing the content of the NOTICE file.
142 |
143 | 7. Disclaimer of Warranty. Unless required by applicable law or
144 | agreed to in writing, Licensor provides the Work (and each
145 | Contributor provides its Contributions) on an "AS IS" BASIS,
146 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
147 | implied, including, without limitation, any warranties or conditions
148 | of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
149 | PARTICULAR PURPOSE. You are solely responsible for determining the
150 | appropriateness of using or redistributing the Work and assume any
151 | risks associated with Your exercise of permissions under this License.
152 |
153 | 8. Limitation of Liability. In no event and under no legal theory,
154 | whether in tort (including negligence), contract, or otherwise,
155 | unless required by applicable law (such as deliberate and grossly
156 | negligent acts) or agreed to in writing, shall any Contributor be
157 | liable to You for damages, including any direct, indirect, special,
158 | incidental, or consequential damages of any character arising as a
159 | result of this License or out of the use or inability to use the
160 | Work (including but not limited to damages for loss of goodwill,
161 | work stoppage, computer failure or malfunction, or any and all
162 | other commercial damages or losses), even if such Contributor
163 | has been advised of the possibility of such damages.
164 |
165 | 9. Accepting Warranty or Additional Liability. While redistributing
166 | the Work or Derivative Works thereof, You may choose to offer,
167 | and charge a fee for, acceptance of support, warranty, indemnity,
168 | or other liability obligations and/or rights consistent with this
169 | License. However, in accepting such obligations, You may act only
170 | on Your own behalf and on Your sole responsibility, not on behalf
171 | of any other Contributor, and only if You agree to indemnify,
172 | defend, and hold each Contributor harmless for any liability
173 | incurred by, or claims asserted against, such Contributor by reason
174 | of your accepting any such warranty or additional liability.
175 |
176 | END OF TERMS AND CONDITIONS
177 |
178 | APPENDIX: How to apply the Apache License to your work.
179 |
180 | To apply the Apache License to your work, attach the following
181 | boilerplate notice, with the fields enclosed by brackets "{}"
182 | replaced with your own identifying information. (Don't include
183 | the brackets!) The text should be enclosed in the appropriate
184 | comment syntax for the file format. We also recommend that a
185 | file or class name and description of purpose be included on the
186 | same "printed page" as the copyright notice for easier
187 | identification within third-party archives.
188 |
189 | Copyright {yyyy} {name of copyright owner}
190 |
191 | Licensed under the Apache License, Version 2.0 (the "License");
192 | you may not use this file except in compliance with the License.
193 | You may obtain a copy of the License at
194 |
195 | http://www.apache.org/licenses/LICENSE-2.0
196 |
197 | Unless required by applicable law or agreed to in writing, software
198 | distributed under the License is distributed on an "AS IS" BASIS,
199 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
200 | See the License for the specific language governing permissions and
201 | limitations under the License.
202 |
--------------------------------------------------------------------------------
/opensaml-pretty-print/LICENSE:
--------------------------------------------------------------------------------
1 | Apache License
2 | Version 2.0, January 2004
3 | http://www.apache.org/licenses/
4 |
5 | TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
6 |
7 | 1. Definitions.
8 |
9 | "License" shall mean the terms and conditions for use, reproduction,
10 | and distribution as defined by Sections 1 through 9 of this document.
11 |
12 | "Licensor" shall mean the copyright owner or entity authorized by
13 | the copyright owner that is granting the License.
14 |
15 | "Legal Entity" shall mean the union of the acting entity and all
16 | other entities that control, are controlled by, or are under common
17 | control with that entity. For the purposes of this definition,
18 | "control" means (i) the power, direct or indirect, to cause the
19 | direction or management of such entity, whether by contract or
20 | otherwise, or (ii) ownership of fifty percent (50%) or more of the
21 | outstanding shares, or (iii) beneficial ownership of such entity.
22 |
23 | "You" (or "Your") shall mean an individual or Legal Entity
24 | exercising permissions granted by this License.
25 |
26 | "Source" form shall mean the preferred form for making modifications,
27 | including but not limited to software source code, documentation
28 | source, and configuration files.
29 |
30 | "Object" form shall mean any form resulting from mechanical
31 | transformation or translation of a Source form, including but
32 | not limited to compiled object code, generated documentation,
33 | and conversions to other media types.
34 |
35 | "Work" shall mean the work of authorship, whether in Source or
36 | Object form, made available under the License, as indicated by a
37 | copyright notice that is included in or attached to the work
38 | (an example is provided in the Appendix below).
39 |
40 | "Derivative Works" shall mean any work, whether in Source or Object
41 | form, that is based on (or derived from) the Work and for which the
42 | editorial revisions, annotations, elaborations, or other modifications
43 | represent, as a whole, an original work of authorship. For the purposes
44 | of this License, Derivative Works shall not include works that remain
45 | separable from, or merely link (or bind by name) to the interfaces of,
46 | the Work and Derivative Works thereof.
47 |
48 | "Contribution" shall mean any work of authorship, including
49 | the original version of the Work and any modifications or additions
50 | to that Work or Derivative Works thereof, that is intentionally
51 | submitted to Licensor for inclusion in the Work by the copyright owner
52 | or by an individual or Legal Entity authorized to submit on behalf of
53 | the copyright owner. For the purposes of this definition, "submitted"
54 | means any form of electronic, verbal, or written communication sent
55 | to the Licensor or its representatives, including but not limited to
56 | communication on electronic mailing lists, source code control systems,
57 | and issue tracking systems that are managed by, or on behalf of, the
58 | Licensor for the purpose of discussing and improving the Work, but
59 | excluding communication that is conspicuously marked or otherwise
60 | designated in writing by the copyright owner as "Not a Contribution."
61 |
62 | "Contributor" shall mean Licensor and any individual or Legal Entity
63 | on behalf of whom a Contribution has been received by Licensor and
64 | subsequently incorporated within the Work.
65 |
66 | 2. Grant of Copyright License. Subject to the terms and conditions of
67 | this License, each Contributor hereby grants to You a perpetual,
68 | worldwide, non-exclusive, no-charge, royalty-free, irrevocable
69 | copyright license to reproduce, prepare Derivative Works of,
70 | publicly display, publicly perform, sublicense, and distribute the
71 | Work and such Derivative Works in Source or Object form.
72 |
73 | 3. Grant of Patent License. Subject to the terms and conditions of
74 | this License, each Contributor hereby grants to You a perpetual,
75 | worldwide, non-exclusive, no-charge, royalty-free, irrevocable
76 | (except as stated in this section) patent license to make, have made,
77 | use, offer to sell, sell, import, and otherwise transfer the Work,
78 | where such license applies only to those patent claims licensable
79 | by such Contributor that are necessarily infringed by their
80 | Contribution(s) alone or by combination of their Contribution(s)
81 | with the Work to which such Contribution(s) was submitted. If You
82 | institute patent litigation against any entity (including a
83 | cross-claim or counterclaim in a lawsuit) alleging that the Work
84 | or a Contribution incorporated within the Work constitutes direct
85 | or contributory patent infringement, then any patent licenses
86 | granted to You under this License for that Work shall terminate
87 | as of the date such litigation is filed.
88 |
89 | 4. Redistribution. You may reproduce and distribute copies of the
90 | Work or Derivative Works thereof in any medium, with or without
91 | modifications, and in Source or Object form, provided that You
92 | meet the following conditions:
93 |
94 | (a) You must give any other recipients of the Work or
95 | Derivative Works a copy of this License; and
96 |
97 | (b) You must cause any modified files to carry prominent notices
98 | stating that You changed the files; and
99 |
100 | (c) You must retain, in the Source form of any Derivative Works
101 | that You distribute, all copyright, patent, trademark, and
102 | attribution notices from the Source form of the Work,
103 | excluding those notices that do not pertain to any part of
104 | the Derivative Works; and
105 |
106 | (d) If the Work includes a "NOTICE" text file as part of its
107 | distribution, then any Derivative Works that You distribute must
108 | include a readable copy of the attribution notices contained
109 | within such NOTICE file, excluding those notices that do not
110 | pertain to any part of the Derivative Works, in at least one
111 | of the following places: within a NOTICE text file distributed
112 | as part of the Derivative Works; within the Source form or
113 | documentation, if provided along with the Derivative Works; or,
114 | within a display generated by the Derivative Works, if and
115 | wherever such third-party notices normally appear. The contents
116 | of the NOTICE file are for informational purposes only and
117 | do not modify the License. You may add Your own attribution
118 | notices within Derivative Works that You distribute, alongside
119 | or as an addendum to the NOTICE text from the Work, provided
120 | that such additional attribution notices cannot be construed
121 | as modifying the License.
122 |
123 | You may add Your own copyright statement to Your modifications and
124 | may provide additional or different license terms and conditions
125 | for use, reproduction, or distribution of Your modifications, or
126 | for any such Derivative Works as a whole, provided Your use,
127 | reproduction, and distribution of the Work otherwise complies with
128 | the conditions stated in this License.
129 |
130 | 5. Submission of Contributions. Unless You explicitly state otherwise,
131 | any Contribution intentionally submitted for inclusion in the Work
132 | by You to the Licensor shall be under the terms and conditions of
133 | this License, without any additional terms or conditions.
134 | Notwithstanding the above, nothing herein shall supersede or modify
135 | the terms of any separate license agreement you may have executed
136 | with Licensor regarding such Contributions.
137 |
138 | 6. Trademarks. This License does not grant permission to use the trade
139 | names, trademarks, service marks, or product names of the Licensor,
140 | except as required for reasonable and customary use in describing the
141 | origin of the Work and reproducing the content of the NOTICE file.
142 |
143 | 7. Disclaimer of Warranty. Unless required by applicable law or
144 | agreed to in writing, Licensor provides the Work (and each
145 | Contributor provides its Contributions) on an "AS IS" BASIS,
146 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
147 | implied, including, without limitation, any warranties or conditions
148 | of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
149 | PARTICULAR PURPOSE. You are solely responsible for determining the
150 | appropriateness of using or redistributing the Work and assume any
151 | risks associated with Your exercise of permissions under this License.
152 |
153 | 8. Limitation of Liability. In no event and under no legal theory,
154 | whether in tort (including negligence), contract, or otherwise,
155 | unless required by applicable law (such as deliberate and grossly
156 | negligent acts) or agreed to in writing, shall any Contributor be
157 | liable to You for damages, including any direct, indirect, special,
158 | incidental, or consequential damages of any character arising as a
159 | result of this License or out of the use or inability to use the
160 | Work (including but not limited to damages for loss of goodwill,
161 | work stoppage, computer failure or malfunction, or any and all
162 | other commercial damages or losses), even if such Contributor
163 | has been advised of the possibility of such damages.
164 |
165 | 9. Accepting Warranty or Additional Liability. While redistributing
166 | the Work or Derivative Works thereof, You may choose to offer,
167 | and charge a fee for, acceptance of support, warranty, indemnity,
168 | or other liability obligations and/or rights consistent with this
169 | License. However, in accepting such obligations, You may act only
170 | on Your own behalf and on Your sole responsibility, not on behalf
171 | of any other Contributor, and only if You agree to indemnify,
172 | defend, and hold each Contributor harmless for any liability
173 | incurred by, or claims asserted against, such Contributor by reason
174 | of your accepting any such warranty or additional liability.
175 |
176 | END OF TERMS AND CONDITIONS
177 |
178 | APPENDIX: How to apply the Apache License to your work.
179 |
180 | To apply the Apache License to your work, attach the following
181 | boilerplate notice, with the fields enclosed by brackets "{}"
182 | replaced with your own identifying information. (Don't include
183 | the brackets!) The text should be enclosed in the appropriate
184 | comment syntax for the file format. We also recommend that a
185 | file or class name and description of purpose be included on the
186 | same "printed page" as the copyright notice for easier
187 | identification within third-party archives.
188 |
189 | Copyright {yyyy} {name of copyright owner}
190 |
191 | Licensed under the Apache License, Version 2.0 (the "License");
192 | you may not use this file except in compliance with the License.
193 | You may obtain a copy of the License at
194 |
195 | http://www.apache.org/licenses/LICENSE-2.0
196 |
197 | Unless required by applicable law or agreed to in writing, software
198 | distributed under the License is distributed on an "AS IS" BASIS,
199 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
200 | See the License for the specific language governing permissions and
201 | limitations under the License.
202 |
--------------------------------------------------------------------------------
/no-bootstraping-opensaml-v3/LICENSE:
--------------------------------------------------------------------------------
1 | Apache License
2 | Version 2.0, January 2004
3 | http://www.apache.org/licenses/
4 |
5 | TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
6 |
7 | 1. Definitions.
8 |
9 | "License" shall mean the terms and conditions for use, reproduction,
10 | and distribution as defined by Sections 1 through 9 of this document.
11 |
12 | "Licensor" shall mean the copyright owner or entity authorized by
13 | the copyright owner that is granting the License.
14 |
15 | "Legal Entity" shall mean the union of the acting entity and all
16 | other entities that control, are controlled by, or are under common
17 | control with that entity. For the purposes of this definition,
18 | "control" means (i) the power, direct or indirect, to cause the
19 | direction or management of such entity, whether by contract or
20 | otherwise, or (ii) ownership of fifty percent (50%) or more of the
21 | outstanding shares, or (iii) beneficial ownership of such entity.
22 |
23 | "You" (or "Your") shall mean an individual or Legal Entity
24 | exercising permissions granted by this License.
25 |
26 | "Source" form shall mean the preferred form for making modifications,
27 | including but not limited to software source code, documentation
28 | source, and configuration files.
29 |
30 | "Object" form shall mean any form resulting from mechanical
31 | transformation or translation of a Source form, including but
32 | not limited to compiled object code, generated documentation,
33 | and conversions to other media types.
34 |
35 | "Work" shall mean the work of authorship, whether in Source or
36 | Object form, made available under the License, as indicated by a
37 | copyright notice that is included in or attached to the work
38 | (an example is provided in the Appendix below).
39 |
40 | "Derivative Works" shall mean any work, whether in Source or Object
41 | form, that is based on (or derived from) the Work and for which the
42 | editorial revisions, annotations, elaborations, or other modifications
43 | represent, as a whole, an original work of authorship. For the purposes
44 | of this License, Derivative Works shall not include works that remain
45 | separable from, or merely link (or bind by name) to the interfaces of,
46 | the Work and Derivative Works thereof.
47 |
48 | "Contribution" shall mean any work of authorship, including
49 | the original version of the Work and any modifications or additions
50 | to that Work or Derivative Works thereof, that is intentionally
51 | submitted to Licensor for inclusion in the Work by the copyright owner
52 | or by an individual or Legal Entity authorized to submit on behalf of
53 | the copyright owner. For the purposes of this definition, "submitted"
54 | means any form of electronic, verbal, or written communication sent
55 | to the Licensor or its representatives, including but not limited to
56 | communication on electronic mailing lists, source code control systems,
57 | and issue tracking systems that are managed by, or on behalf of, the
58 | Licensor for the purpose of discussing and improving the Work, but
59 | excluding communication that is conspicuously marked or otherwise
60 | designated in writing by the copyright owner as "Not a Contribution."
61 |
62 | "Contributor" shall mean Licensor and any individual or Legal Entity
63 | on behalf of whom a Contribution has been received by Licensor and
64 | subsequently incorporated within the Work.
65 |
66 | 2. Grant of Copyright License. Subject to the terms and conditions of
67 | this License, each Contributor hereby grants to You a perpetual,
68 | worldwide, non-exclusive, no-charge, royalty-free, irrevocable
69 | copyright license to reproduce, prepare Derivative Works of,
70 | publicly display, publicly perform, sublicense, and distribute the
71 | Work and such Derivative Works in Source or Object form.
72 |
73 | 3. Grant of Patent License. Subject to the terms and conditions of
74 | this License, each Contributor hereby grants to You a perpetual,
75 | worldwide, non-exclusive, no-charge, royalty-free, irrevocable
76 | (except as stated in this section) patent license to make, have made,
77 | use, offer to sell, sell, import, and otherwise transfer the Work,
78 | where such license applies only to those patent claims licensable
79 | by such Contributor that are necessarily infringed by their
80 | Contribution(s) alone or by combination of their Contribution(s)
81 | with the Work to which such Contribution(s) was submitted. If You
82 | institute patent litigation against any entity (including a
83 | cross-claim or counterclaim in a lawsuit) alleging that the Work
84 | or a Contribution incorporated within the Work constitutes direct
85 | or contributory patent infringement, then any patent licenses
86 | granted to You under this License for that Work shall terminate
87 | as of the date such litigation is filed.
88 |
89 | 4. Redistribution. You may reproduce and distribute copies of the
90 | Work or Derivative Works thereof in any medium, with or without
91 | modifications, and in Source or Object form, provided that You
92 | meet the following conditions:
93 |
94 | (a) You must give any other recipients of the Work or
95 | Derivative Works a copy of this License; and
96 |
97 | (b) You must cause any modified files to carry prominent notices
98 | stating that You changed the files; and
99 |
100 | (c) You must retain, in the Source form of any Derivative Works
101 | that You distribute, all copyright, patent, trademark, and
102 | attribution notices from the Source form of the Work,
103 | excluding those notices that do not pertain to any part of
104 | the Derivative Works; and
105 |
106 | (d) If the Work includes a "NOTICE" text file as part of its
107 | distribution, then any Derivative Works that You distribute must
108 | include a readable copy of the attribution notices contained
109 | within such NOTICE file, excluding those notices that do not
110 | pertain to any part of the Derivative Works, in at least one
111 | of the following places: within a NOTICE text file distributed
112 | as part of the Derivative Works; within the Source form or
113 | documentation, if provided along with the Derivative Works; or,
114 | within a display generated by the Derivative Works, if and
115 | wherever such third-party notices normally appear. The contents
116 | of the NOTICE file are for informational purposes only and
117 | do not modify the License. You may add Your own attribution
118 | notices within Derivative Works that You distribute, alongside
119 | or as an addendum to the NOTICE text from the Work, provided
120 | that such additional attribution notices cannot be construed
121 | as modifying the License.
122 |
123 | You may add Your own copyright statement to Your modifications and
124 | may provide additional or different license terms and conditions
125 | for use, reproduction, or distribution of Your modifications, or
126 | for any such Derivative Works as a whole, provided Your use,
127 | reproduction, and distribution of the Work otherwise complies with
128 | the conditions stated in this License.
129 |
130 | 5. Submission of Contributions. Unless You explicitly state otherwise,
131 | any Contribution intentionally submitted for inclusion in the Work
132 | by You to the Licensor shall be under the terms and conditions of
133 | this License, without any additional terms or conditions.
134 | Notwithstanding the above, nothing herein shall supersede or modify
135 | the terms of any separate license agreement you may have executed
136 | with Licensor regarding such Contributions.
137 |
138 | 6. Trademarks. This License does not grant permission to use the trade
139 | names, trademarks, service marks, or product names of the Licensor,
140 | except as required for reasonable and customary use in describing the
141 | origin of the Work and reproducing the content of the NOTICE file.
142 |
143 | 7. Disclaimer of Warranty. Unless required by applicable law or
144 | agreed to in writing, Licensor provides the Work (and each
145 | Contributor provides its Contributions) on an "AS IS" BASIS,
146 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
147 | implied, including, without limitation, any warranties or conditions
148 | of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
149 | PARTICULAR PURPOSE. You are solely responsible for determining the
150 | appropriateness of using or redistributing the Work and assume any
151 | risks associated with Your exercise of permissions under this License.
152 |
153 | 8. Limitation of Liability. In no event and under no legal theory,
154 | whether in tort (including negligence), contract, or otherwise,
155 | unless required by applicable law (such as deliberate and grossly
156 | negligent acts) or agreed to in writing, shall any Contributor be
157 | liable to You for damages, including any direct, indirect, special,
158 | incidental, or consequential damages of any character arising as a
159 | result of this License or out of the use or inability to use the
160 | Work (including but not limited to damages for loss of goodwill,
161 | work stoppage, computer failure or malfunction, or any and all
162 | other commercial damages or losses), even if such Contributor
163 | has been advised of the possibility of such damages.
164 |
165 | 9. Accepting Warranty or Additional Liability. While redistributing
166 | the Work or Derivative Works thereof, You may choose to offer,
167 | and charge a fee for, acceptance of support, warranty, indemnity,
168 | or other liability obligations and/or rights consistent with this
169 | License. However, in accepting such obligations, You may act only
170 | on Your own behalf and on Your sole responsibility, not on behalf
171 | of any other Contributor, and only if You agree to indemnify,
172 | defend, and hold each Contributor harmless for any liability
173 | incurred by, or claims asserted against, such Contributor by reason
174 | of your accepting any such warranty or additional liability.
175 |
176 | END OF TERMS AND CONDITIONS
177 |
178 | APPENDIX: How to apply the Apache License to your work.
179 |
180 | To apply the Apache License to your work, attach the following
181 | boilerplate notice, with the fields enclosed by brackets "{}"
182 | replaced with your own identifying information. (Don't include
183 | the brackets!) The text should be enclosed in the appropriate
184 | comment syntax for the file format. We also recommend that a
185 | file or class name and description of purpose be included on the
186 | same "printed page" as the copyright notice for easier
187 | identification within third-party archives.
188 |
189 | Copyright {yyyy} {name of copyright owner}
190 |
191 | Licensed under the Apache License, Version 2.0 (the "License");
192 | you may not use this file except in compliance with the License.
193 | You may obtain a copy of the License at
194 |
195 | http://www.apache.org/licenses/LICENSE-2.0
196 |
197 | Unless required by applicable law or agreed to in writing, software
198 | distributed under the License is distributed on an "AS IS" BASIS,
199 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
200 | See the License for the specific language governing permissions and
201 | limitations under the License.
202 |
--------------------------------------------------------------------------------
/no-bootstraping-opensaml-v4/LICENSE:
--------------------------------------------------------------------------------
1 | Apache License
2 | Version 2.0, January 2004
3 | http://www.apache.org/licenses/
4 |
5 | TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
6 |
7 | 1. Definitions.
8 |
9 | "License" shall mean the terms and conditions for use, reproduction,
10 | and distribution as defined by Sections 1 through 9 of this document.
11 |
12 | "Licensor" shall mean the copyright owner or entity authorized by
13 | the copyright owner that is granting the License.
14 |
15 | "Legal Entity" shall mean the union of the acting entity and all
16 | other entities that control, are controlled by, or are under common
17 | control with that entity. For the purposes of this definition,
18 | "control" means (i) the power, direct or indirect, to cause the
19 | direction or management of such entity, whether by contract or
20 | otherwise, or (ii) ownership of fifty percent (50%) or more of the
21 | outstanding shares, or (iii) beneficial ownership of such entity.
22 |
23 | "You" (or "Your") shall mean an individual or Legal Entity
24 | exercising permissions granted by this License.
25 |
26 | "Source" form shall mean the preferred form for making modifications,
27 | including but not limited to software source code, documentation
28 | source, and configuration files.
29 |
30 | "Object" form shall mean any form resulting from mechanical
31 | transformation or translation of a Source form, including but
32 | not limited to compiled object code, generated documentation,
33 | and conversions to other media types.
34 |
35 | "Work" shall mean the work of authorship, whether in Source or
36 | Object form, made available under the License, as indicated by a
37 | copyright notice that is included in or attached to the work
38 | (an example is provided in the Appendix below).
39 |
40 | "Derivative Works" shall mean any work, whether in Source or Object
41 | form, that is based on (or derived from) the Work and for which the
42 | editorial revisions, annotations, elaborations, or other modifications
43 | represent, as a whole, an original work of authorship. For the purposes
44 | of this License, Derivative Works shall not include works that remain
45 | separable from, or merely link (or bind by name) to the interfaces of,
46 | the Work and Derivative Works thereof.
47 |
48 | "Contribution" shall mean any work of authorship, including
49 | the original version of the Work and any modifications or additions
50 | to that Work or Derivative Works thereof, that is intentionally
51 | submitted to Licensor for inclusion in the Work by the copyright owner
52 | or by an individual or Legal Entity authorized to submit on behalf of
53 | the copyright owner. For the purposes of this definition, "submitted"
54 | means any form of electronic, verbal, or written communication sent
55 | to the Licensor or its representatives, including but not limited to
56 | communication on electronic mailing lists, source code control systems,
57 | and issue tracking systems that are managed by, or on behalf of, the
58 | Licensor for the purpose of discussing and improving the Work, but
59 | excluding communication that is conspicuously marked or otherwise
60 | designated in writing by the copyright owner as "Not a Contribution."
61 |
62 | "Contributor" shall mean Licensor and any individual or Legal Entity
63 | on behalf of whom a Contribution has been received by Licensor and
64 | subsequently incorporated within the Work.
65 |
66 | 2. Grant of Copyright License. Subject to the terms and conditions of
67 | this License, each Contributor hereby grants to You a perpetual,
68 | worldwide, non-exclusive, no-charge, royalty-free, irrevocable
69 | copyright license to reproduce, prepare Derivative Works of,
70 | publicly display, publicly perform, sublicense, and distribute the
71 | Work and such Derivative Works in Source or Object form.
72 |
73 | 3. Grant of Patent License. Subject to the terms and conditions of
74 | this License, each Contributor hereby grants to You a perpetual,
75 | worldwide, non-exclusive, no-charge, royalty-free, irrevocable
76 | (except as stated in this section) patent license to make, have made,
77 | use, offer to sell, sell, import, and otherwise transfer the Work,
78 | where such license applies only to those patent claims licensable
79 | by such Contributor that are necessarily infringed by their
80 | Contribution(s) alone or by combination of their Contribution(s)
81 | with the Work to which such Contribution(s) was submitted. If You
82 | institute patent litigation against any entity (including a
83 | cross-claim or counterclaim in a lawsuit) alleging that the Work
84 | or a Contribution incorporated within the Work constitutes direct
85 | or contributory patent infringement, then any patent licenses
86 | granted to You under this License for that Work shall terminate
87 | as of the date such litigation is filed.
88 |
89 | 4. Redistribution. You may reproduce and distribute copies of the
90 | Work or Derivative Works thereof in any medium, with or without
91 | modifications, and in Source or Object form, provided that You
92 | meet the following conditions:
93 |
94 | (a) You must give any other recipients of the Work or
95 | Derivative Works a copy of this License; and
96 |
97 | (b) You must cause any modified files to carry prominent notices
98 | stating that You changed the files; and
99 |
100 | (c) You must retain, in the Source form of any Derivative Works
101 | that You distribute, all copyright, patent, trademark, and
102 | attribution notices from the Source form of the Work,
103 | excluding those notices that do not pertain to any part of
104 | the Derivative Works; and
105 |
106 | (d) If the Work includes a "NOTICE" text file as part of its
107 | distribution, then any Derivative Works that You distribute must
108 | include a readable copy of the attribution notices contained
109 | within such NOTICE file, excluding those notices that do not
110 | pertain to any part of the Derivative Works, in at least one
111 | of the following places: within a NOTICE text file distributed
112 | as part of the Derivative Works; within the Source form or
113 | documentation, if provided along with the Derivative Works; or,
114 | within a display generated by the Derivative Works, if and
115 | wherever such third-party notices normally appear. The contents
116 | of the NOTICE file are for informational purposes only and
117 | do not modify the License. You may add Your own attribution
118 | notices within Derivative Works that You distribute, alongside
119 | or as an addendum to the NOTICE text from the Work, provided
120 | that such additional attribution notices cannot be construed
121 | as modifying the License.
122 |
123 | You may add Your own copyright statement to Your modifications and
124 | may provide additional or different license terms and conditions
125 | for use, reproduction, or distribution of Your modifications, or
126 | for any such Derivative Works as a whole, provided Your use,
127 | reproduction, and distribution of the Work otherwise complies with
128 | the conditions stated in this License.
129 |
130 | 5. Submission of Contributions. Unless You explicitly state otherwise,
131 | any Contribution intentionally submitted for inclusion in the Work
132 | by You to the Licensor shall be under the terms and conditions of
133 | this License, without any additional terms or conditions.
134 | Notwithstanding the above, nothing herein shall supersede or modify
135 | the terms of any separate license agreement you may have executed
136 | with Licensor regarding such Contributions.
137 |
138 | 6. Trademarks. This License does not grant permission to use the trade
139 | names, trademarks, service marks, or product names of the Licensor,
140 | except as required for reasonable and customary use in describing the
141 | origin of the Work and reproducing the content of the NOTICE file.
142 |
143 | 7. Disclaimer of Warranty. Unless required by applicable law or
144 | agreed to in writing, Licensor provides the Work (and each
145 | Contributor provides its Contributions) on an "AS IS" BASIS,
146 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
147 | implied, including, without limitation, any warranties or conditions
148 | of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
149 | PARTICULAR PURPOSE. You are solely responsible for determining the
150 | appropriateness of using or redistributing the Work and assume any
151 | risks associated with Your exercise of permissions under this License.
152 |
153 | 8. Limitation of Liability. In no event and under no legal theory,
154 | whether in tort (including negligence), contract, or otherwise,
155 | unless required by applicable law (such as deliberate and grossly
156 | negligent acts) or agreed to in writing, shall any Contributor be
157 | liable to You for damages, including any direct, indirect, special,
158 | incidental, or consequential damages of any character arising as a
159 | result of this License or out of the use or inability to use the
160 | Work (including but not limited to damages for loss of goodwill,
161 | work stoppage, computer failure or malfunction, or any and all
162 | other commercial damages or losses), even if such Contributor
163 | has been advised of the possibility of such damages.
164 |
165 | 9. Accepting Warranty or Additional Liability. While redistributing
166 | the Work or Derivative Works thereof, You may choose to offer,
167 | and charge a fee for, acceptance of support, warranty, indemnity,
168 | or other liability obligations and/or rights consistent with this
169 | License. However, in accepting such obligations, You may act only
170 | on Your own behalf and on Your sole responsibility, not on behalf
171 | of any other Contributor, and only if You agree to indemnify,
172 | defend, and hold each Contributor harmless for any liability
173 | incurred by, or claims asserted against, such Contributor by reason
174 | of your accepting any such warranty or additional liability.
175 |
176 | END OF TERMS AND CONDITIONS
177 |
178 | APPENDIX: How to apply the Apache License to your work.
179 |
180 | To apply the Apache License to your work, attach the following
181 | boilerplate notice, with the fields enclosed by brackets "{}"
182 | replaced with your own identifying information. (Don't include
183 | the brackets!) The text should be enclosed in the appropriate
184 | comment syntax for the file format. We also recommend that a
185 | file or class name and description of purpose be included on the
186 | same "printed page" as the copyright notice for easier
187 | identification within third-party archives.
188 |
189 | Copyright {yyyy} {name of copyright owner}
190 |
191 | Licensed under the Apache License, Version 2.0 (the "License");
192 | you may not use this file except in compliance with the License.
193 | You may obtain a copy of the License at
194 |
195 | http://www.apache.org/licenses/LICENSE-2.0
196 |
197 | Unless required by applicable law or agreed to in writing, software
198 | distributed under the License is distributed on an "AS IS" BASIS,
199 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
200 | See the License for the specific language governing permissions and
201 | limitations under the License.
202 |
--------------------------------------------------------------------------------
/opensaml4-webprofile-demo/LICENSE:
--------------------------------------------------------------------------------
1 | Apache License
2 | Version 2.0, January 2004
3 | http://www.apache.org/licenses/
4 |
5 | TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
6 |
7 | 1. Definitions.
8 |
9 | "License" shall mean the terms and conditions for use, reproduction,
10 | and distribution as defined by Sections 1 through 9 of this document.
11 |
12 | "Licensor" shall mean the copyright owner or entity authorized by
13 | the copyright owner that is granting the License.
14 |
15 | "Legal Entity" shall mean the union of the acting entity and all
16 | other entities that control, are controlled by, or are under common
17 | control with that entity. For the purposes of this definition,
18 | "control" means (i) the power, direct or indirect, to cause the
19 | direction or management of such entity, whether by contract or
20 | otherwise, or (ii) ownership of fifty percent (50%) or more of the
21 | outstanding shares, or (iii) beneficial ownership of such entity.
22 |
23 | "You" (or "Your") shall mean an individual or Legal Entity
24 | exercising permissions granted by this License.
25 |
26 | "Source" form shall mean the preferred form for making modifications,
27 | including but not limited to software source code, documentation
28 | source, and configuration files.
29 |
30 | "Object" form shall mean any form resulting from mechanical
31 | transformation or translation of a Source form, including but
32 | not limited to compiled object code, generated documentation,
33 | and conversions to other media types.
34 |
35 | "Work" shall mean the work of authorship, whether in Source or
36 | Object form, made available under the License, as indicated by a
37 | copyright notice that is included in or attached to the work
38 | (an example is provided in the Appendix below).
39 |
40 | "Derivative Works" shall mean any work, whether in Source or Object
41 | form, that is based on (or derived from) the Work and for which the
42 | editorial revisions, annotations, elaborations, or other modifications
43 | represent, as a whole, an original work of authorship. For the purposes
44 | of this License, Derivative Works shall not include works that remain
45 | separable from, or merely link (or bind by name) to the interfaces of,
46 | the Work and Derivative Works thereof.
47 |
48 | "Contribution" shall mean any work of authorship, including
49 | the original version of the Work and any modifications or additions
50 | to that Work or Derivative Works thereof, that is intentionally
51 | submitted to Licensor for inclusion in the Work by the copyright owner
52 | or by an individual or Legal Entity authorized to submit on behalf of
53 | the copyright owner. For the purposes of this definition, "submitted"
54 | means any form of electronic, verbal, or written communication sent
55 | to the Licensor or its representatives, including but not limited to
56 | communication on electronic mailing lists, source code control systems,
57 | and issue tracking systems that are managed by, or on behalf of, the
58 | Licensor for the purpose of discussing and improving the Work, but
59 | excluding communication that is conspicuously marked or otherwise
60 | designated in writing by the copyright owner as "Not a Contribution."
61 |
62 | "Contributor" shall mean Licensor and any individual or Legal Entity
63 | on behalf of whom a Contribution has been received by Licensor and
64 | subsequently incorporated within the Work.
65 |
66 | 2. Grant of Copyright License. Subject to the terms and conditions of
67 | this License, each Contributor hereby grants to You a perpetual,
68 | worldwide, non-exclusive, no-charge, royalty-free, irrevocable
69 | copyright license to reproduce, prepare Derivative Works of,
70 | publicly display, publicly perform, sublicense, and distribute the
71 | Work and such Derivative Works in Source or Object form.
72 |
73 | 3. Grant of Patent License. Subject to the terms and conditions of
74 | this License, each Contributor hereby grants to You a perpetual,
75 | worldwide, non-exclusive, no-charge, royalty-free, irrevocable
76 | (except as stated in this section) patent license to make, have made,
77 | use, offer to sell, sell, import, and otherwise transfer the Work,
78 | where such license applies only to those patent claims licensable
79 | by such Contributor that are necessarily infringed by their
80 | Contribution(s) alone or by combination of their Contribution(s)
81 | with the Work to which such Contribution(s) was submitted. If You
82 | institute patent litigation against any entity (including a
83 | cross-claim or counterclaim in a lawsuit) alleging that the Work
84 | or a Contribution incorporated within the Work constitutes direct
85 | or contributory patent infringement, then any patent licenses
86 | granted to You under this License for that Work shall terminate
87 | as of the date such litigation is filed.
88 |
89 | 4. Redistribution. You may reproduce and distribute copies of the
90 | Work or Derivative Works thereof in any medium, with or without
91 | modifications, and in Source or Object form, provided that You
92 | meet the following conditions:
93 |
94 | (a) You must give any other recipients of the Work or
95 | Derivative Works a copy of this License; and
96 |
97 | (b) You must cause any modified files to carry prominent notices
98 | stating that You changed the files; and
99 |
100 | (c) You must retain, in the Source form of any Derivative Works
101 | that You distribute, all copyright, patent, trademark, and
102 | attribution notices from the Source form of the Work,
103 | excluding those notices that do not pertain to any part of
104 | the Derivative Works; and
105 |
106 | (d) If the Work includes a "NOTICE" text file as part of its
107 | distribution, then any Derivative Works that You distribute must
108 | include a readable copy of the attribution notices contained
109 | within such NOTICE file, excluding those notices that do not
110 | pertain to any part of the Derivative Works, in at least one
111 | of the following places: within a NOTICE text file distributed
112 | as part of the Derivative Works; within the Source form or
113 | documentation, if provided along with the Derivative Works; or,
114 | within a display generated by the Derivative Works, if and
115 | wherever such third-party notices normally appear. The contents
116 | of the NOTICE file are for informational purposes only and
117 | do not modify the License. You may add Your own attribution
118 | notices within Derivative Works that You distribute, alongside
119 | or as an addendum to the NOTICE text from the Work, provided
120 | that such additional attribution notices cannot be construed
121 | as modifying the License.
122 |
123 | You may add Your own copyright statement to Your modifications and
124 | may provide additional or different license terms and conditions
125 | for use, reproduction, or distribution of Your modifications, or
126 | for any such Derivative Works as a whole, provided Your use,
127 | reproduction, and distribution of the Work otherwise complies with
128 | the conditions stated in this License.
129 |
130 | 5. Submission of Contributions. Unless You explicitly state otherwise,
131 | any Contribution intentionally submitted for inclusion in the Work
132 | by You to the Licensor shall be under the terms and conditions of
133 | this License, without any additional terms or conditions.
134 | Notwithstanding the above, nothing herein shall supersede or modify
135 | the terms of any separate license agreement you may have executed
136 | with Licensor regarding such Contributions.
137 |
138 | 6. Trademarks. This License does not grant permission to use the trade
139 | names, trademarks, service marks, or product names of the Licensor,
140 | except as required for reasonable and customary use in describing the
141 | origin of the Work and reproducing the content of the NOTICE file.
142 |
143 | 7. Disclaimer of Warranty. Unless required by applicable law or
144 | agreed to in writing, Licensor provides the Work (and each
145 | Contributor provides its Contributions) on an "AS IS" BASIS,
146 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
147 | implied, including, without limitation, any warranties or conditions
148 | of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
149 | PARTICULAR PURPOSE. You are solely responsible for determining the
150 | appropriateness of using or redistributing the Work and assume any
151 | risks associated with Your exercise of permissions under this License.
152 |
153 | 8. Limitation of Liability. In no event and under no legal theory,
154 | whether in tort (including negligence), contract, or otherwise,
155 | unless required by applicable law (such as deliberate and grossly
156 | negligent acts) or agreed to in writing, shall any Contributor be
157 | liable to You for damages, including any direct, indirect, special,
158 | incidental, or consequential damages of any character arising as a
159 | result of this License or out of the use or inability to use the
160 | Work (including but not limited to damages for loss of goodwill,
161 | work stoppage, computer failure or malfunction, or any and all
162 | other commercial damages or losses), even if such Contributor
163 | has been advised of the possibility of such damages.
164 |
165 | 9. Accepting Warranty or Additional Liability. While redistributing
166 | the Work or Derivative Works thereof, You may choose to offer,
167 | and charge a fee for, acceptance of support, warranty, indemnity,
168 | or other liability obligations and/or rights consistent with this
169 | License. However, in accepting such obligations, You may act only
170 | on Your own behalf and on Your sole responsibility, not on behalf
171 | of any other Contributor, and only if You agree to indemnify,
172 | defend, and hold each Contributor harmless for any liability
173 | incurred by, or claims asserted against, such Contributor by reason
174 | of your accepting any such warranty or additional liability.
175 |
176 | END OF TERMS AND CONDITIONS
177 |
178 | APPENDIX: How to apply the Apache License to your work.
179 |
180 | To apply the Apache License to your work, attach the following
181 | boilerplate notice, with the fields enclosed by brackets "{}"
182 | replaced with your own identifying information. (Don't include
183 | the brackets!) The text should be enclosed in the appropriate
184 | comment syntax for the file format. We also recommend that a
185 | file or class name and description of purpose be included on the
186 | same "printed page" as the copyright notice for easier
187 | identification within third-party archives.
188 |
189 | Copyright {yyyy} {name of copyright owner}
190 |
191 | Licensed under the Apache License, Version 2.0 (the "License");
192 | you may not use this file except in compliance with the License.
193 | You may obtain a copy of the License at
194 |
195 | http://www.apache.org/licenses/LICENSE-2.0
196 |
197 | Unless required by applicable law or agreed to in writing, software
198 | distributed under the License is distributed on an "AS IS" BASIS,
199 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
200 | See the License for the specific language governing permissions and
201 | limitations under the License.
202 |
--------------------------------------------------------------------------------