Merge pull request #2435 from patriot1burke/master

KEYCLOAK-2584
2016-03-25 00:08:32 -04:00 · 2016-03-25 00:08:32 -04:00 · add41ea92b
commit add41ea92b
parent cb4f95416c e497eb0950
1 changed files with 49 additions and 39 deletions
--- a/adapters/saml/core/src/main/java/org/keycloak/adapters/saml/AbstractInitiateLogin.java
+++ b/adapters/saml/core/src/main/java/org/keycloak/adapters/saml/AbstractInitiateLogin.java
@ -54,6 +54,39 @@ public abstract class AbstractInitiateLogin implements AuthChallenge {
    @Override
    public boolean challenge(HttpFacade httpFacade) {
        try {
+            SAML2AuthnRequestBuilder authnRequestBuilder = buildSaml2AuthnRequestBuilder(deployment);
+            BaseSAML2BindingBuilder binding = createSaml2Binding(deployment);
+            sessionStore.saveRequest();
+
+            sendAuthnRequest(httpFacade, authnRequestBuilder, binding);
+            sessionStore.setCurrentAction(SamlSessionStore.CurrentAction.LOGGING_IN);
+        } catch (Exception e) {
+            throw new RuntimeException("Could not create authentication request.", e);
+        }
+        return true;
+    }
+
+    public static BaseSAML2BindingBuilder createSaml2Binding(SamlDeployment deployment) {
+        BaseSAML2BindingBuilder binding = new BaseSAML2BindingBuilder();
+
+        if (deployment.getIDP().getSingleSignOnService().signRequest()) {
+
+            binding.signatureAlgorithm(deployment.getSignatureAlgorithm());
+            KeyPair keypair = deployment.getSigningKeyPair();
+            if (keypair == null) {
+                throw new RuntimeException("Signing keys not configured");
+            }
+            if (deployment.getSignatureCanonicalizationMethod() != null) {
+                binding.canonicalizationMethod(deployment.getSignatureCanonicalizationMethod());
+            }
+
+            binding.signWith(keypair);
+            binding.signDocument();
+        }
+        return binding;
+    }
+
+    public static SAML2AuthnRequestBuilder buildSaml2AuthnRequestBuilder(SamlDeployment deployment) {
        String issuerURL = deployment.getEntityID();
        String nameIDPolicyFormat = deployment.getNameIDPolicyFormat();

@ -77,30 +110,7 @@ public abstract class AbstractInitiateLogin implements AuthChallenge {
        if (deployment.getAssertionConsumerServiceUrl() != null) {
            authnRequestBuilder.assertionConsumerUrl(deployment.getAssertionConsumerServiceUrl());
        }
-            BaseSAML2BindingBuilder binding = new BaseSAML2BindingBuilder();
-
-            if (deployment.getIDP().getSingleSignOnService().signRequest()) {
-
-
-                KeyPair keypair = deployment.getSigningKeyPair();
-                if (keypair == null) {
-                    throw new RuntimeException("Signing keys not configured");
-                }
-                if (deployment.getSignatureCanonicalizationMethod() != null) {
-                    binding.canonicalizationMethod(deployment.getSignatureCanonicalizationMethod());
-                }
-
-                binding.signWith(keypair);
-                binding.signDocument();
-            }
-            sessionStore.saveRequest();
-
-            sendAuthnRequest(httpFacade, authnRequestBuilder, binding);
-            sessionStore.setCurrentAction(SamlSessionStore.CurrentAction.LOGGING_IN);
-        } catch (Exception e) {
-            throw new RuntimeException("Could not create authentication request.", e);
-        }
-        return true;
+        return authnRequestBuilder;
    }

    protected abstract void sendAuthnRequest(HttpFacade httpFacade, SAML2AuthnRequestBuilder authnRequestBuilder, BaseSAML2BindingBuilder binding) throws ProcessingException, ConfigurationException, IOException;