Package org.keycloak.protocol.saml
Class SamlProtocolUtils
java.lang.Object
org.keycloak.protocol.saml.SamlProtocolUtils
- Version:
- $Revision: 1 $
- Author:
- Bill Burke
- 
Constructor SummaryConstructors
- 
Method SummaryModifier and TypeMethodDescriptionstatic ArtifactResponseTypebuildArtifactResponse(SAML2Object samlObject, NameIDType issuer) Takes a saml object (an object that will be part of resulting ArtifactResponse), and inserts it as the body of an ArtifactResponse.static ArtifactResponseTypebuildArtifactResponse(SAML2Object samlObject, NameIDType issuer, URI statusCode) Takes a saml object (an object that will be part of resulting ArtifactResponse), and inserts it as the body of an ArtifactResponse.static ArtifactResponseTypebuildArtifactResponse(Document document) Takes a saml document and inserts it as a body of ArtifactResponseTypestatic Documentconvert(ArtifactResponseType responseType) Convert a SAML2 ArtifactResponse into a Documentstatic KeyLocatorcreateKeyLocatorForClient(KeycloakSession session, ClientModel client, KeyUse use) static KeyLocatorcreateKeyLocatorForClient(KeycloakSession session, SamlClient samlClient, KeyUse use) static PublicKeygetEncryptionKey(KeycloakSession session, ClientModel client) Returns public part of SAML encryption key from the client settings.static PublicKeygetEncryptionKey(KeycloakSession session, SamlClient samlClient) Returns public part of SAML encryption key from the client settings.static PublicKeygetPublicKey(ClientModel client, String attribute) static voidsetupEncryption(KeycloakSession session, SamlClient samlClient, BaseSAML2BindingBuilder<?> bindingBuilder) static voidverifyDocumentSignature(KeycloakSession session, ClientModel client, Document document) Verifies a signature of the given SAML document using settings for the given client.static voidverifyDocumentSignature(Document document, KeyLocator keyLocator) Verifies a signature of the given SAML document using keys obtained from the given key locator.static voidverifyRedirectSignature(SAMLDocumentHolder documentHolder, KeyLocator locator, jakarta.ws.rs.core.MultivaluedMap<String, String> encodedParams, String paramKey) static voidverifyRedirectSignature(SAMLDocumentHolder documentHolder, KeyLocator locator, jakarta.ws.rs.core.UriInfo uriInformation, String paramKey) 
- 
Constructor Details- 
SamlProtocolUtilspublic SamlProtocolUtils()
 
- 
- 
Method Details- 
verifyDocumentSignaturepublic static void verifyDocumentSignature(KeycloakSession session, ClientModel client, Document document) throws VerificationException Verifies a signature of the given SAML document using settings for the given client. Throws an exception if the client signature is expected to be present as per the client settings and it is invalid, otherwise returns back to the caller.- Parameters:
- session-
- client-
- document-
- Throws:
- VerificationException
 
- 
verifyDocumentSignaturepublic static void verifyDocumentSignature(Document document, KeyLocator keyLocator) throws VerificationException Verifies a signature of the given SAML document using keys obtained from the given key locator. Throws an exception if the client signature is invalid, otherwise returns back to the caller.- Parameters:
- document-
- keyLocator-
- Throws:
- VerificationException
 
- 
getEncryptionKeypublic static PublicKey getEncryptionKey(KeycloakSession session, ClientModel client) throws VerificationException Returns public part of SAML encryption key from the client settings.- Parameters:
- session-
- client-
- Returns:
- Public key for encryption.
- Throws:
- VerificationException
 
- 
getEncryptionKeypublic static PublicKey getEncryptionKey(KeycloakSession session, SamlClient samlClient) throws VerificationException Returns public part of SAML encryption key from the client settings.- Parameters:
- session-
- samlClient-
- Returns:
- Public key for encryption.
- Throws:
- VerificationException
 
- 
setupEncryptionpublic static void setupEncryption(KeycloakSession session, SamlClient samlClient, BaseSAML2BindingBuilder<?> bindingBuilder) throws VerificationException - Throws:
- VerificationException
 
- 
getPublicKeypublic static PublicKey getPublicKey(ClientModel client, String attribute) throws VerificationException - Throws:
- VerificationException
 
- 
createKeyLocatorForClientpublic static KeyLocator createKeyLocatorForClient(KeycloakSession session, ClientModel client, KeyUse use) throws VerificationException - Throws:
- VerificationException
 
- 
createKeyLocatorForClientpublic static KeyLocator createKeyLocatorForClient(KeycloakSession session, SamlClient samlClient, KeyUse use) throws VerificationException - Throws:
- VerificationException
 
- 
verifyRedirectSignaturepublic static void verifyRedirectSignature(SAMLDocumentHolder documentHolder, KeyLocator locator, jakarta.ws.rs.core.UriInfo uriInformation, String paramKey) throws VerificationException - Throws:
- VerificationException
 
- 
verifyRedirectSignaturepublic static void verifyRedirectSignature(SAMLDocumentHolder documentHolder, KeyLocator locator, jakarta.ws.rs.core.MultivaluedMap<String, String> encodedParams, String paramKey) throws VerificationException- Throws:
- VerificationException
 
- 
buildArtifactResponsepublic static ArtifactResponseType buildArtifactResponse(SAML2Object samlObject, NameIDType issuer, URI statusCode) throws ConfigurationException, ProcessingException Takes a saml object (an object that will be part of resulting ArtifactResponse), and inserts it as the body of an ArtifactResponse. The ArtifactResponse is returned as ArtifactResponseType- Parameters:
- samlObject- a Saml object
- issuer- issuer of the resulting ArtifactResponse, should be the same as issuer of the samlObject
- statusCode- status code of the resulting response
- Returns:
- An ArtifactResponse containing the saml object.
- Throws:
- ConfigurationException
- ProcessingException
 
- 
buildArtifactResponsepublic static ArtifactResponseType buildArtifactResponse(SAML2Object samlObject, NameIDType issuer) throws ConfigurationException, ProcessingException Takes a saml object (an object that will be part of resulting ArtifactResponse), and inserts it as the body of an ArtifactResponse. The ArtifactResponse is returned as ArtifactResponseType- Parameters:
- samlObject- a Saml object
- issuer- issuer of the resulting ArtifactResponse, should be the same as issuer of the samlObject
- Returns:
- An ArtifactResponse containing the saml object.
- Throws:
- ConfigurationException
- ProcessingException
 
- 
buildArtifactResponsepublic static ArtifactResponseType buildArtifactResponse(Document document) throws ParsingException, ProcessingException, ConfigurationException Takes a saml document and inserts it as a body of ArtifactResponseType- Parameters:
- document- the document
- Returns:
- An ArtifactResponse containing the saml document.
- Throws:
- ParsingException
- ProcessingException
- ConfigurationException
 
- 
convertpublic static Document convert(ArtifactResponseType responseType) throws ProcessingException, ConfigurationException, ParsingException Convert a SAML2 ArtifactResponse into a Document- Parameters:
- responseType- an artifactResponse
- Returns:
- an artifact response converted to a Document
- Throws:
- ParsingException
- ConfigurationException
- ProcessingException
 
 
-