SAML - Parse Service Provider Metadata and extract details such as signing certificate and assertion consumer endpoint
Question
My application acts as an SAML IdP. For this, I am in the process of registering Service Providers with my application. For this, I connect to the SP Federation Metadata URL and download the XML.
Question is- is there any readily available java library which performs this tasks? Or do I need to extract the details manually using standard DOM APIs?
Note: My application maintains the user repository and their authentication and authorization details such as credentials, roles, operations, etc. Hence can not really depend on third party IdPs such as ADFS or OneLogin.
Any help is much appreciated.
1 answers
solution1
0 2020-02-27 06:56:25
Thanks to codebrane for the pointers. I've figured out the way using opensaml libraries.
private void init(String metadata) throws Exception {
// parse metadata XML
EntityDescriptorImpl entityDescriptor = parseMetaData(metadata);
SPSSODescriptor spssoDescriptor = entityDescriptor.getSPSSODescriptor(SAMLConstants.SAML20P_NS);
// get signing/encryption certificates
List<KeyDescriptor> keyDescriptors = spssoDescriptor.getKeyDescriptors();
for (KeyDescriptor keyDescriptor: keyDescriptors) {
KeyInfo keyInfo = keyDescriptor.getKeyInfo();
X509Certificate samlCertificate = keyInfo.getX509Datas().get(0).getX509Certificates().get(0);
sigVerificationCertificate = KeyInfoSupport.getCertificate(samlCertificate);
}
// get SAML endpoints
assertionConsumerServices = spssoDescriptor.getAssertionConsumerServices();
singleLogoutServices = spssoDescriptor.getSingleLogoutServices();
// TODO - extract organization name etc.
}
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.