Package com.onelogin.saml2.logout

Class LogoutRequest

  • public class LogoutRequest
extends java.lang.Object
    LogoutRequest class of OneLogin's Java Toolkit. A class that implements SAML 2 Logout Request builder/parser/validator

    • Field Summary

      Fields 
      Modifier and Type Field Description
      private java.lang.String currentUrl
      URL of the current host + current view
      java.lang.String id
      SAML LogoutRequest ID.
      private java.util.Calendar issueInstant
      Time when the Logout Request was created
      private static org.slf4j.Logger LOGGER
      Private property to construct a logger for this class.
      private java.lang.String logoutRequestString
      SAML LogoutRequest string
      private HttpRequest request
      HttpRequest object to be processed (Contains GET and POST parameters, request URL, ...).
      private Saml2Settings settings
      Settings data.
      private java.lang.Exception validationException
      After validation, if it fails this property has the cause of the problem

    • Method Summary

      All Methods Static Methods Instance Methods Concrete Methods 
      Modifier and Type Method Description
      private org.apache.commons.lang3.text.StrSubstitutor generateSubstitutor​(LogoutRequestParams params, Saml2Settings settings)
      Substitutes LogoutRequest variables within a string by values.
      java.lang.String getEncodedLogoutRequest()  
      java.lang.String getEncodedLogoutRequest​(java.lang.Boolean deflated)  
      java.lang.String getError()
      After execute a validation process, if fails this method returns the cause
      java.lang.String getId()  
      static java.lang.String getId​(java.lang.String samlLogoutRequestString)
      Returns the ID of the Logout Request String.
      static java.lang.String getId​(org.w3c.dom.Document samlLogoutRequestDocument)
      Returns the ID of the Logout Request Document.
      java.util.Calendar getIssueInstant()
      Returns the issue instant of this message.
      static java.util.Calendar getIssueInstant​(java.lang.String samlLogoutRequestString)
      Returns the issue instant of the Logout Request Document.
      static java.util.Calendar getIssueInstant​(org.w3c.dom.Document samlLogoutRequestDocument)
      Returns the issue instant of the Logout Request Document.
      static java.lang.String getIssuer​(java.lang.String samlLogoutRequestString)
      Gets the Issuer from Logout Request String.
      static java.lang.String getIssuer​(java.lang.String samlLogoutRequestString, boolean trim)
      Gets the Issuer from Logout Request String.
      static java.lang.String getIssuer​(org.w3c.dom.Document samlLogoutRequestDocument)
      Gets the Issuer from Logout Request Document.
      static java.lang.String getIssuer​(org.w3c.dom.Document samlLogoutRequestDocument, boolean trim)
      Gets the Issuer from Logout Request Document.
      private static java.lang.StringBuilder getLogoutRequestTemplate()  
      java.lang.String getLogoutRequestXml()  
      static java.lang.String getNameId​(java.lang.String samlLogoutRequestString)
      Gets the NameID value provided from the SAML Logout Request String.
      static java.lang.String getNameId​(java.lang.String samlLogoutRequestString, java.security.PrivateKey key)
      Gets the NameID value provided from the SAML Logout Request String.
      static java.lang.String getNameId​(java.lang.String samlLogoutRequestString, java.security.PrivateKey key, boolean trimValue)
      Gets the NameID value provided from the SAML Logout Request String.
      static java.lang.String getNameId​(org.w3c.dom.Document samlLogoutRequestDocument)
      Gets the NameID value provided from the SAML Logout Request Document.
      static java.lang.String getNameId​(org.w3c.dom.Document samlLogoutRequestDocument, java.security.PrivateKey key)
      Gets the NameID value provided from the SAML Logout Request Document.
      static java.lang.String getNameId​(org.w3c.dom.Document samlLogoutRequestDocument, java.security.PrivateKey key, boolean trimValue)
      Gets the NameID value provided from the SAML Logout Request Document.
      static java.util.Map<java.lang.String,​java.lang.String> getNameIdData​(java.lang.String samlLogoutRequestString, java.security.PrivateKey key)
      Gets the NameID Data from the the Logout Request String.
      static java.util.Map<java.lang.String,​java.lang.String> getNameIdData​(java.lang.String samlLogoutRequestString, java.security.PrivateKey key, boolean trimValue)
      Gets the NameID Data from the the Logout Request String.
      static java.util.Map<java.lang.String,​java.lang.String> getNameIdData​(org.w3c.dom.Document samlLogoutRequestDocument, java.security.PrivateKey key)
      Gets the NameID Data from the the Logout Request Document.
      static java.util.Map<java.lang.String,​java.lang.String> getNameIdData​(org.w3c.dom.Document samlLogoutRequestDocument, java.security.PrivateKey key, boolean trimValue)
      Gets the NameID Data from the the Logout Request Document.
      static java.util.List<java.lang.String> getSessionIndexes​(java.lang.String samlLogoutRequestString)
      Gets the SessionIndexes from the LogoutRequest.
      static java.util.List<java.lang.String> getSessionIndexes​(java.lang.String samlLogoutRequestString, boolean trim)
      Gets the SessionIndexes from the LogoutRequest.
      static java.util.List<java.lang.String> getSessionIndexes​(org.w3c.dom.Document samlLogoutRequestDocument)
      Gets the SessionIndexes from the LogoutRequest.
      static java.util.List<java.lang.String> getSessionIndexes​(org.w3c.dom.Document samlLogoutRequestDocument, boolean trim)
      Gets the SessionIndexes from the LogoutRequest.
      java.lang.Exception getValidationException()
      After execute a validation process, if fails this method returns the Exception object
      java.lang.Boolean isValid()
      Determines if the SAML LogoutRequest is valid or not
      protected java.lang.String postProcessXml​(java.lang.String logoutRequestXml, LogoutRequestParams params, Saml2Settings settings)
      Allows for an extension class to post-process the LogoutRequest XML generated for this request, in order to customize the result.
      protected void setValidationException​(java.lang.Exception validationException)
      Sets the validation exception that this LogoutRequest should return when a validation error occurs.

      • Methods inherited from class java.lang.Object

        clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

    • Field Detail

      • LOGGER

        private static final org.slf4j.Logger LOGGER
        Private property to construct a logger for this class.

      • logoutRequestString

        private final java.lang.String logoutRequestString
        SAML LogoutRequest string

      • id

        public java.lang.String id
        SAML LogoutRequest ID.

      • request

        private final HttpRequest request
        HttpRequest object to be processed (Contains GET and POST parameters, request URL, ...).

      • currentUrl

        private java.lang.String currentUrl
        URL of the current host + current view

      • issueInstant

        private java.util.Calendar issueInstant
        Time when the Logout Request was created

      • validationException

        private java.lang.Exception validationException
        After validation, if it fails this property has the cause of the problem

    • Constructor Detail

      • LogoutRequest

        @Deprecated
public LogoutRequest​(Saml2Settings settings,
                     HttpRequest request,
                     java.lang.String nameId,
                     java.lang.String sessionIndex,
                     java.lang.String nameIdFormat,
                     java.lang.String nameIdNameQualifier,
                     java.lang.String nameIdSPNameQualifier)
        Deprecated.
        use LogoutRequest(Saml2Settings, HttpRequest) to build a received request from the HTTP request, or LogoutRequest(Saml2Settings, LogoutRequestParams) with LogoutRequestParams(String, String, String, String, String) to build a new request to be sent
        Constructs the LogoutRequest object.
        Parameters:
        settings - OneLogin_Saml2_Settings
        request - the HttpRequest object to be processed (Contains GET and POST parameters, request URL, ...).
        nameId - The NameID that will be set in the LogoutRequest.
        sessionIndex - The SessionIndex (taken from the SAML Response in the SSO process).
        nameIdFormat - The nameIdFormat that will be set in the LogoutRequest.
        nameIdNameQualifier - The NameID NameQualifier that will be set in the LogoutRequest.
        nameIdSPNameQualifier - The SP Name Qualifier that will be set in the LogoutRequest.

      • LogoutRequest

        @Deprecated
public LogoutRequest​(Saml2Settings settings,
                     HttpRequest request,
                     java.lang.String nameId,
                     java.lang.String sessionIndex,
                     java.lang.String nameIdFormat,
                     java.lang.String nameIdNameQualifier)
        Deprecated.
        use LogoutRequest(Saml2Settings, HttpRequest) to build a received request from the HTTP request, or LogoutRequest(Saml2Settings, LogoutRequestParams) with LogoutRequestParams(String, String, String, String) to build a new request to be sent
        Constructs the LogoutRequest object.
        Parameters:
        settings - OneLogin_Saml2_Settings
        request - the HttpRequest object to be processed (Contains GET and POST parameters, request URL, ...).
        nameId - The NameID that will be set in the LogoutRequest.
        sessionIndex - The SessionIndex (taken from the SAML Response in the SSO process).
        nameIdFormat - The nameIdFormat that will be set in the LogoutRequest.
        nameIdNameQualifier - The NameID NameQualifier will be set in the LogoutRequest.

      • LogoutRequest

        @Deprecated
public LogoutRequest​(Saml2Settings settings,
                     HttpRequest request,
                     java.lang.String nameId,
                     java.lang.String sessionIndex,
                     java.lang.String nameIdFormat)
        Deprecated.
        use LogoutRequest(Saml2Settings, HttpRequest) to build a received request from the HTTP request, or LogoutRequest(Saml2Settings, LogoutRequestParams) with LogoutRequestParams(String, String, String) to build a new request to be sent
        Constructs the LogoutRequest object.
        Parameters:
        settings - OneLogin_Saml2_Settings
        request - the HttpRequest object to be processed (Contains GET and POST parameters, request URL, ...).
        nameId - The NameID that will be set in the LogoutRequest.
        sessionIndex - The SessionIndex (taken from the SAML Response in the SSO process).
        nameIdFormat - The nameIdFormat that will be set in the LogoutRequest.

      • LogoutRequest

        public LogoutRequest​(Saml2Settings settings,
                     HttpRequest request)
        Constructs the LogoutRequest object when a received request should be extracted from the HTTP request and parsed.
        Parameters:
        settings - OneLogin_Saml2_Settings
        request - the HttpRequest object to be processed (Contains GET and POST parameters, request URL, ...).

      • LogoutRequest

        public LogoutRequest​(Saml2Settings settings,
                     LogoutRequestParams params)
        Constructs the LogoutRequest object when a new request should be generated and sent.
        Parameters:
        settings - OneLogin_Saml2_Settings
        params - a set of logout request input parameters that shape the request to create

    • Method Detail

      • postProcessXml

        protected java.lang.String postProcessXml​(java.lang.String logoutRequestXml,
                                          LogoutRequestParams params,
                                          Saml2Settings settings)
        Allows for an extension class to post-process the LogoutRequest XML generated for this request, in order to customize the result.

        This method is invoked at construction time when no existing LogoutRequest message is found in the HTTP request (and hence in the logout request sending scenario only), after all the other fields of this class have already been initialised. Its default implementation simply returns the input XML as-is, with no change.

        Parameters:
        logoutRequestXml - the XML produced for this LogoutRequest by the standard implementation provided by LogoutRequest
        params - the logout request input parameters
        settings - the settings
        Returns:
        the post-processed XML for this LogoutRequest, which will then be returned by any call to getLogoutRequestXml()

      • getEncodedLogoutRequest

        public java.lang.String getEncodedLogoutRequest​(java.lang.Boolean deflated)
                                         throws java.io.IOException
        Parameters:
        deflated - If deflated or not the encoded Logout Request
        Returns:
        the base64 encoded unsigned Logout Request (deflated or not)
        Throws:
        java.io.IOException

      • getEncodedLogoutRequest

        public java.lang.String getEncodedLogoutRequest()
                                         throws java.io.IOException
        Returns:
        the base64 encoded unsigned Logout Request (deflated or not)
        Throws:
        java.io.IOException

      • getLogoutRequestXml

        public java.lang.String getLogoutRequestXml()
        Returns:
        the plain XML Logout Request

      • generateSubstitutor

        private org.apache.commons.lang3.text.StrSubstitutor generateSubstitutor​(LogoutRequestParams params,
                                                                         Saml2Settings settings)
        Substitutes LogoutRequest variables within a string by values.
        Parameters:
        params - the logout request input parameters
        settings - Saml2Settings object. Setting data
        Returns:
        the StrSubstitutor object of the LogoutRequest

      • getLogoutRequestTemplate

        private static java.lang.StringBuilder getLogoutRequestTemplate()
        Returns:
        the LogoutRequest's template

      • isValid

        public java.lang.Boolean isValid()
        Determines if the SAML LogoutRequest is valid or not
        Returns:
        true if the SAML LogoutRequest is valid

      • getId

        public static java.lang.String getId​(org.w3c.dom.Document samlLogoutRequestDocument)
        Returns the ID of the Logout Request Document.
        Parameters:
        samlLogoutRequestDocument - A DOMDocument object loaded from the SAML Logout Request.
        Returns:
        the ID of the Logout Request.

      • getIssueInstant

        public static java.util.Calendar getIssueInstant​(org.w3c.dom.Document samlLogoutRequestDocument)
        Returns the issue instant of the Logout Request Document.
        Parameters:
        samlLogoutRequestDocument - A DOMDocument object loaded from the SAML Logout Request.
        Returns:
        the issue instant of the Logout Request.

      • getId

        public static java.lang.String getId​(java.lang.String samlLogoutRequestString)
        Returns the ID of the Logout Request String.
        Parameters:
        samlLogoutRequestString - A Logout Request string.
        Returns:
        the ID of the Logout Request.

      • getIssueInstant

        public static java.util.Calendar getIssueInstant​(java.lang.String samlLogoutRequestString)
        Returns the issue instant of the Logout Request Document.
        Parameters:
        samlLogoutRequestDocument - A DOMDocument object loaded from the SAML Logout Request.
        Returns:
        the issue instant of the Logout Request.

      • getNameIdData

        public static java.util.Map<java.lang.String,​java.lang.String> getNameIdData​(org.w3c.dom.Document samlLogoutRequestDocument,
                                                                                   java.security.PrivateKey key)
                                                                            throws java.lang.Exception
        Gets the NameID Data from the the Logout Request Document.
        Parameters:
        samlLogoutRequestDocument - A DOMDocument object loaded from the SAML Logout Request.
        key - The SP key to decrypt the NameID if encrypted
        Returns:
        the Name ID Data (Value, Format, NameQualifier, SPNameQualifier)
        Throws:
        java.lang.Exception

      • getNameIdData

        public static java.util.Map<java.lang.String,​java.lang.String> getNameIdData​(org.w3c.dom.Document samlLogoutRequestDocument,
                                                                                   java.security.PrivateKey key,
                                                                                   boolean trimValue)
                                                                            throws java.lang.Exception
        Gets the NameID Data from the the Logout Request Document.
        Parameters:
        samlLogoutRequestDocument - A DOMDocument object loaded from the SAML Logout Request.
        key - The SP key to decrypt the NameID if encrypted
        trimValue - whether the extracted Name ID value should be trimmed
        Returns:
        the Name ID Data (Value, Format, NameQualifier, SPNameQualifier)
        Throws:
        java.lang.Exception

      • getNameIdData

        public static java.util.Map<java.lang.String,​java.lang.String> getNameIdData​(java.lang.String samlLogoutRequestString,
                                                                                   java.security.PrivateKey key)
                                                                            throws java.lang.Exception
        Gets the NameID Data from the the Logout Request String.
        Parameters:
        samlLogoutRequestString - A DOMDocument object loaded from the SAML Logout Request.
        key - The SP key to decrypt the NameID if encrypted
        Returns:
        the Name ID Data (Value, Format, NameQualifier, SPNameQualifier)
        Throws:
        java.lang.Exception

      • getNameIdData

        public static java.util.Map<java.lang.String,​java.lang.String> getNameIdData​(java.lang.String samlLogoutRequestString,
                                                                                   java.security.PrivateKey key,
                                                                                   boolean trimValue)
                                                                            throws java.lang.Exception
        Gets the NameID Data from the the Logout Request String.
        Parameters:
        samlLogoutRequestString - A DOMDocument object loaded from the SAML Logout Request.
        key - The SP key to decrypt the NameID if encrypted
        trimValue - whether the extracted Name ID value should be trimmed
        Returns:
        the Name ID Data (Value, Format, NameQualifier, SPNameQualifier)
        Throws:
        java.lang.Exception

      • getNameId

        public static java.lang.String getNameId​(org.w3c.dom.Document samlLogoutRequestDocument,
                                         java.security.PrivateKey key)
                                  throws java.lang.Exception
        Gets the NameID value provided from the SAML Logout Request Document.
        Parameters:
        samlLogoutRequestDocument - A DOMDocument object loaded from the SAML Logout Request.
        key - The SP key to decrypt the NameID if encrypted
        Returns:
        the Name ID value
        Throws:
        java.lang.Exception

      • getNameId

        public static java.lang.String getNameId​(org.w3c.dom.Document samlLogoutRequestDocument,
                                         java.security.PrivateKey key,
                                         boolean trimValue)
                                  throws java.lang.Exception
        Gets the NameID value provided from the SAML Logout Request Document.
        Parameters:
        samlLogoutRequestDocument - A DOMDocument object loaded from the SAML Logout Request.
        key - The SP key to decrypt the NameID if encrypted
        trimValue - whether the extracted Name ID value should be trimmed
        Returns:
        the Name ID value
        Throws:
        java.lang.Exception

      • getNameId

        public static java.lang.String getNameId​(org.w3c.dom.Document samlLogoutRequestDocument)
                                  throws java.lang.Exception
        Gets the NameID value provided from the SAML Logout Request Document.
        Parameters:
        samlLogoutRequestDocument - A DOMDocument object loaded from the SAML Logout Request.
        Returns:
        the Name ID value
        Throws:
        java.lang.Exception

      • getNameId

        public static java.lang.String getNameId​(java.lang.String samlLogoutRequestString,
                                         java.security.PrivateKey key)
                                  throws java.lang.Exception
        Gets the NameID value provided from the SAML Logout Request String.
        Parameters:
        samlLogoutRequestString - A Logout Request string.
        key - The SP key to decrypt the NameID if encrypted
        Returns:
        the Name ID value
        Throws:
        java.lang.Exception

      • getNameId

        public static java.lang.String getNameId​(java.lang.String samlLogoutRequestString,
                                         java.security.PrivateKey key,
                                         boolean trimValue)
                                  throws java.lang.Exception
        Gets the NameID value provided from the SAML Logout Request String.
        Parameters:
        samlLogoutRequestString - A Logout Request string.
        key - The SP key to decrypt the NameID if encrypted
        trimValue - whether the extracted Name ID value should be trimmed
        Returns:
        the Name ID value
        Throws:
        java.lang.Exception

      • getNameId

        public static java.lang.String getNameId​(java.lang.String samlLogoutRequestString)
                                  throws java.lang.Exception
        Gets the NameID value provided from the SAML Logout Request String.
        Parameters:
        samlLogoutRequestString - A Logout Request string.
        Returns:
        the Name ID value
        Throws:
        java.lang.Exception

      • getIssuer

        public static java.lang.String getIssuer​(org.w3c.dom.Document samlLogoutRequestDocument)
                                  throws javax.xml.xpath.XPathExpressionException
        Gets the Issuer from Logout Request Document.
        Parameters:
        samlLogoutRequestDocument - A DOMDocument object loaded from the SAML Logout Request.
        Returns:
        the issuer of the logout request
        Throws:
        javax.xml.xpath.XPathExpressionException

      • getIssuer

        public static java.lang.String getIssuer​(org.w3c.dom.Document samlLogoutRequestDocument,
                                         boolean trim)
                                  throws javax.xml.xpath.XPathExpressionException
        Gets the Issuer from Logout Request Document.
        Parameters:
        samlLogoutRequestDocument - A DOMDocument object loaded from the SAML Logout Request.
        trim - whether the extracted issuer value should be trimmed
        Returns:
        the issuer of the logout request
        Throws:
        javax.xml.xpath.XPathExpressionException

      • getIssuer

        public static java.lang.String getIssuer​(java.lang.String samlLogoutRequestString)
                                  throws javax.xml.xpath.XPathExpressionException
        Gets the Issuer from Logout Request String.
        Parameters:
        samlLogoutRequestString - A Logout Request string.
        Returns:
        the issuer of the logout request
        Throws:
        javax.xml.xpath.XPathExpressionException

      • getIssuer

        public static java.lang.String getIssuer​(java.lang.String samlLogoutRequestString,
                                         boolean trim)
                                  throws javax.xml.xpath.XPathExpressionException
        Gets the Issuer from Logout Request String.
        Parameters:
        samlLogoutRequestString - A Logout Request string.
        trim - whether the extracted issuer value should be trimmed
        Returns:
        the issuer of the logout request
        Throws:
        javax.xml.xpath.XPathExpressionException

      • getSessionIndexes

        public static java.util.List<java.lang.String> getSessionIndexes​(org.w3c.dom.Document samlLogoutRequestDocument)
                                                          throws javax.xml.xpath.XPathExpressionException
        Gets the SessionIndexes from the LogoutRequest.
        Parameters:
        samlLogoutRequestDocument - A DOMDocument object loaded from the SAML Logout Request.
        Returns:
        the SessionIndexes
        Throws:
        javax.xml.xpath.XPathExpressionException

      • getSessionIndexes

        public static java.util.List<java.lang.String> getSessionIndexes​(org.w3c.dom.Document samlLogoutRequestDocument,
                                                                 boolean trim)
                                                          throws javax.xml.xpath.XPathExpressionException
        Gets the SessionIndexes from the LogoutRequest.
        Parameters:
        samlLogoutRequestDocument - A DOMDocument object loaded from the SAML Logout Request.
        trim - whether the extracted session indexes should be trimmed
        Returns:
        the SessionIndexes
        Throws:
        javax.xml.xpath.XPathExpressionException

      • getSessionIndexes

        public static java.util.List<java.lang.String> getSessionIndexes​(java.lang.String samlLogoutRequestString)
                                                          throws javax.xml.xpath.XPathExpressionException
        Gets the SessionIndexes from the LogoutRequest.
        Parameters:
        samlLogoutRequestString - A Logout Request string.
        Returns:
        the SessionIndexes
        Throws:
        javax.xml.xpath.XPathExpressionException

      • getSessionIndexes

        public static java.util.List<java.lang.String> getSessionIndexes​(java.lang.String samlLogoutRequestString,
                                                                 boolean trim)
                                                          throws javax.xml.xpath.XPathExpressionException
        Gets the SessionIndexes from the LogoutRequest.
        Parameters:
        samlLogoutRequestString - A Logout Request string.
        trim - whether the extracted session indexes should be trimmed
        Returns:
        the SessionIndexes
        Throws:
        javax.xml.xpath.XPathExpressionException

      • getError

        public java.lang.String getError()
        After execute a validation process, if fails this method returns the cause
        Returns:
        the cause of the validation error

      • getValidationException

        public java.lang.Exception getValidationException()
        After execute a validation process, if fails this method returns the Exception object
        Returns:
        the cause of the validation error

      • setValidationException

        protected void setValidationException​(java.lang.Exception validationException)
        Sets the validation exception that this LogoutRequest should return when a validation error occurs.
        Parameters:
        validationException - the validation exception to set

      • getId

        public java.lang.String getId()
        Returns:
        the ID of the Logout Request

      • getIssueInstant

        public java.util.Calendar getIssueInstant()
        Returns the issue instant of this message.
        Returns:
        a new Calendar instance carrying the issue instant of this message