in plugins/core/src/main/java/org/apache/cxf/fediz/core/processor/FederationProcessorImpl.java [346:470]
public RedirectionResponse createSignInRequest(HttpServletRequest request, FedizContext config)
throws ProcessingException {
String redirectURL = null;
final RequestState requestState;
try {
if (!(config.getProtocol() instanceof FederationProtocol)) {
LOG.error("Unsupported protocol");
throw new IllegalStateException("Unsupported protocol");
}
String issuerURL = resolveIssuer(request, config);
LOG.debug("Issuer url: {}", issuerURL);
if (issuerURL != null && !issuerURL.isEmpty()) {
redirectURL = issuerURL;
}
String wAuth = resolveAuthenticationType(request, config);
LOG.debug("WAuth: {}", wAuth);
String wReq = resolveRequest(request, config);
LOG.debug("WReq: {}", wReq);
String homeRealm = resolveHomeRealm(request, config);
LOG.debug("HomeRealm: {}", homeRealm);
String freshness = resolveFreshness(request, config);
LOG.debug("Freshness: {}", freshness);
String signInQuery = resolveSignInQuery(request, config);
LOG.debug("SignIn Query: {}", signInQuery);
String wctx = encode(UUID.randomUUID().toString(), UTF_8.name());
StringBuffer requestURL = request.getRequestURL();
String params = request.getQueryString();
if (params != null && !params.isEmpty()) {
requestURL.append('?').append(params);
}
requestState = new RequestState();
requestState.setTargetAddress(requestURL.toString());
requestState.setIdpServiceAddress(redirectURL);
requestState.setState(wctx);
requestState.setCreatedAt(System.currentTimeMillis());
StringBuilder sb = new StringBuilder();
sb.append(FederationConstants.PARAM_ACTION).append('=').append(FederationConstants.ACTION_SIGNIN);
String reply = resolveReply(request, config);
if (reply == null || reply.isEmpty()) {
reply = request.getRequestURL().toString();
} else {
try {
new URL(reply);
} catch (MalformedURLException ex) {
if (reply.startsWith("/")) {
reply = extractFullContextPath(request).concat(reply.substring(1));
} else {
reply = extractFullContextPath(request).concat(reply);
}
}
}
LOG.debug("wreply={}", reply);
sb.append('&').append(FederationConstants.PARAM_REPLY).append('=')
.append(encode(reply, UTF_8.name()));
String realm = resolveWTRealm(request, config);
LOG.debug("wtrealm={}", realm);
// add wtrealm parameter
sb.append('&').append(FederationConstants.PARAM_TREALM).append('=')
.append(encode(realm, UTF_8.name()));
// add authentication type parameter wauth if set
if (wAuth != null && !wAuth.isEmpty()) {
sb.append('&').append(FederationConstants.PARAM_AUTH_TYPE).append('=')
.append(encode(wAuth, UTF_8.name()));
}
// add tokenRequest parameter wreq if set
if (wReq != null && !wReq.isEmpty()) {
sb.append('&').append(FederationConstants.PARAM_REQUEST).append('=')
.append(encode(wReq, UTF_8.name()));
}
// add home realm parameter whr if set
if (homeRealm != null && !homeRealm.isEmpty()) {
sb.append('&').append(FederationConstants.PARAM_HOME_REALM).append('=')
.append(encode(homeRealm, UTF_8.name()));
}
// add freshness parameter wfresh if set
if (freshness != null && !freshness.isEmpty()) {
sb.append('&').append(FederationConstants.PARAM_FRESHNESS).append('=')
.append(encode(freshness, UTF_8.name()));
}
// add current time parameter wct
Instant now = Instant.now();
DateTimeFormatter formatter = DateUtil.getDateTimeFormatter(true);
String wct = now.atZone(ZoneOffset.UTC).format(formatter);
sb.append('&').append(FederationConstants.PARAM_CURRENT_TIME).append('=')
.append(encode(wct, UTF_8.name()));
LOG.debug("wctx={}", wctx);
sb.append('&').append(FederationConstants.PARAM_CONTEXT).append('=')
.append(encode(wctx, UTF_8.name()));
// add signin query extensions
if (signInQuery != null && signInQuery.length() > 0) {
sb.append('&').append(signInQuery);
}
redirectURL = redirectURL + '?' + sb.toString();
} catch (Exception ex) {
LOG.error("Failed to create SignInRequest", ex);
throw new ProcessingException("Failed to create SignInRequest", ex);
}
RedirectionResponse response = new RedirectionResponse();
response.setRedirectionURL(redirectURL);
response.setRequestState(requestState);
return response;
}