Package org.keycloak.broker.saml

Class SAMLEndpoint

java.lang.Object

org.keycloak.broker.saml.SAMLEndpoint

public class SAMLEndpoint
extends Object

Version:

$Revision: 1 $

Author:

Bill Burke

Nested Class Summary

Nested Classes

Modifier and Type	Class	Description
protected class	SAMLEndpoint.ArtifactBinding
protected class	SAMLEndpoint.Binding
protected class	SAMLEndpoint.PostBinding
protected class	SAMLEndpoint.RedirectBinding

Field Summary

Fields

Modifier and Type	Field	Description
protected final UserAuthenticationIdentityProvider.AuthenticationCallback	callback
protected final ClientConnection	clientConnection
protected final SAMLIdentityProviderConfig	config
protected final DestinationValidator	destinationValidator
protected EventBuilder	event
protected final jakarta.ws.rs.core.HttpHeaders	headers
protected static final org.jboss.logging.Logger	logger
protected final long	maxInflatingSize
protected final SAMLIdentityProvider	provider
protected final RealmModel	realm
static final String	SAML_ASSERTION
static final String	SAML_AUTHN_STATEMENT
static final String	SAML_FEDERATED_SESSION_INDEX
static final String	SAML_FEDERATED_SUBJECT	Deprecated.
static final String	SAML_FEDERATED_SUBJECT_NAMEFORMAT	Deprecated.
static final String	SAML_FEDERATED_SUBJECT_NAMEID
static final String	SAML_LOGIN_RESPONSE
protected final KeycloakSession	session

Constructor Summary

Constructors

Constructor	Description
SAMLEndpoint(KeycloakSession session, SAMLIdentityProvider provider, SAMLIdentityProviderConfig config, UserAuthenticationIdentityProvider.AuthenticationCallback callback, DestinationValidator destinationValidator)

Method Summary

Modifier and Type	Method	Description
protected final String	expectedPrincipalType()
protected final String	getAttributeByFriendlyName(AssertionType assertion, String friendlyName)
protected final String	getAttributeByName(AssertionType assertion, String name)
protected final String	getFirstMatchingAttribute(AssertionType assertion, Predicate<AttributeType> predicate)
protected final String	getPrincipal(AssertionType assertion)
jakarta.ws.rs.core.Response	getSPDescriptor()
protected final NameIDType	getSubjectNameID(AssertionType assertion)
protected final String	getX500Attribute(AssertionType assertion, X500SAMLProfileConstants attribute)
jakarta.ws.rs.core.Response	postBinding(String samlRequest, String samlResponse, String samlArt, String relayState)
jakarta.ws.rs.core.Response	postBindingIdpInitiated(String samlRequest, String samlResponse, String relayState, String clientId)
jakarta.ws.rs.core.Response	redirectBinding(String samlRequest, String samlResponse, String samlArt, String relayState)
jakarta.ws.rs.core.Response	redirectBindingIdpInitiated(String samlRequest, String samlResponse, String relayState, String clientId)
protected final boolean	validateInResponseToAttribute(ResponseType responseType, String expectedRequestId)

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Details

logger

protected static final org.jboss.logging.Logger logger

SAML_FEDERATED_SESSION_INDEX

public static final String SAML_FEDERATED_SESSION_INDEX

See Also:

• Constant Field Values

SAML_FEDERATED_SUBJECT

@Deprecated
public static final String SAML_FEDERATED_SUBJECT

Deprecated.

See Also:

• Constant Field Values

SAML_FEDERATED_SUBJECT_NAMEFORMAT

@Deprecated
public static final String SAML_FEDERATED_SUBJECT_NAMEFORMAT

Deprecated.

See Also:

• Constant Field Values

SAML_FEDERATED_SUBJECT_NAMEID

public static final String SAML_FEDERATED_SUBJECT_NAMEID

See Also:

• Constant Field Values

SAML_LOGIN_RESPONSE

public static final String SAML_LOGIN_RESPONSE

See Also:

• Constant Field Values

SAML_ASSERTION

public static final String SAML_ASSERTION

See Also:

• Constant Field Values

SAML_AUTHN_STATEMENT

public static final String SAML_AUTHN_STATEMENT

See Also:

• Constant Field Values

realm

protected final RealmModel realm

event

protected EventBuilder event

config

protected final SAMLIdentityProviderConfig config

callback

protected final UserAuthenticationIdentityProvider.AuthenticationCallback callback

provider

protected final SAMLIdentityProvider provider

destinationValidator

protected final DestinationValidator destinationValidator

session

protected final KeycloakSession session

clientConnection

protected final ClientConnection clientConnection

headers

protected final jakarta.ws.rs.core.HttpHeaders headers

maxInflatingSize

protected final long maxInflatingSize

Constructor Details

SAMLEndpoint

public SAMLEndpoint(KeycloakSession session,
 SAMLIdentityProvider provider,
 SAMLIdentityProviderConfig config,
 UserAuthenticationIdentityProvider.AuthenticationCallback callback,
 DestinationValidator destinationValidator)

Method Details

getSPDescriptor

@GET
@Path("descriptor")
public jakarta.ws.rs.core.Response getSPDescriptor()

redirectBinding

@GET
public jakarta.ws.rs.core.Response redirectBinding(@QueryParam("SAMLRequest")
 String samlRequest,
 @QueryParam("SAMLResponse")
 String samlResponse,
 @QueryParam("SAMLart")
 String samlArt,
 @QueryParam("RelayState")
 String relayState)

postBinding

@POST
@Consumes("application/x-www-form-urlencoded")
public jakarta.ws.rs.core.Response postBinding(@FormParam("SAMLRequest")
 String samlRequest,
 @FormParam("SAMLResponse")
 String samlResponse,
 @FormParam("SAMLart")
 String samlArt,
 @FormParam("RelayState")
 String relayState)

redirectBindingIdpInitiated

@Path("clients/{client_id}")
@GET
public jakarta.ws.rs.core.Response redirectBindingIdpInitiated(@QueryParam("SAMLRequest")
 String samlRequest,
 @QueryParam("SAMLResponse")
 String samlResponse,
 @QueryParam("RelayState")
 String relayState,
 @PathParam("client_id")
 String clientId)

postBindingIdpInitiated

@Path("clients/{client_id}")
@POST
@Consumes("application/x-www-form-urlencoded")
public jakarta.ws.rs.core.Response postBindingIdpInitiated(@FormParam("SAMLRequest")
 String samlRequest,
 @FormParam("SAMLResponse")
 String samlResponse,
 @FormParam("RelayState")
 String relayState,
 @PathParam("client_id")
 String clientId)

getX500Attribute

protected final String getX500Attribute(AssertionType assertion,
 X500SAMLProfileConstants attribute)

getAttributeByName

protected final String getAttributeByName(AssertionType assertion,
 String name)

getAttributeByFriendlyName

protected final String getAttributeByFriendlyName(AssertionType assertion,
 String friendlyName)

getPrincipal

protected final String getPrincipal(AssertionType assertion)

getFirstMatchingAttribute

protected final String getFirstMatchingAttribute(AssertionType assertion,
 Predicate<AttributeType> predicate)

expectedPrincipalType

protected final String expectedPrincipalType()

getSubjectNameID

protected final NameIDType getSubjectNameID(AssertionType assertion)

validateInResponseToAttribute

protected final boolean validateInResponseToAttribute(ResponseType responseType,
 String expectedRequestId)