文書の過去の版を表示しています。
Binary token取得の実装
本稿では、SAML Security token 取得の実装に続き、Binary token取得処理の実装について、紹介します。
Mainコード
実装コードのメインとなる部分を以下に示します。
private static final ResourceBundle RSC = ResourceBundle.getBundle("com.app.sample.ws.application"); private static final String CUSTOM_STS_ENDPOINT = "https://login.microsoftonline.com/extSTS.srf"; private Map<String, String> namespacePrefixes = new HashMap<String, String>(); static { //register the prefix of NameSpace namespacePrefixes.put("wsse", "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"); } public String receiveBinarySecurityToken(String samlAssertion) { String _token = ""; try { //request entity RequestEntity<String> _requestEntity = RequestEntity .post(new URI(CUSTOM_STS_ENDPOINT)) .header("content-type", "application/soap+xml; charset=utf-8") .body(buildBinaryTokenRequestEnvelope(samlAssertion)); ★ポイント1 RestTemplate _restTemplate = new RestTemplate(); _restTemplate.setRequestFactory(buildProxyClientHttpRequestFactory()); ★ポイント2 ResponseEntity<String> _responseEntity = _restTemplate.exchange(_requestEntity, String.class); DOMResult _result = new DOMResult(); Transformer _transformer = TransformerFactory.newInstance().newTransformer(); _transformer.transform(new StringSource(_responseEntity.getBody()), _result); Document _definitionDocument = (Document) _result.getNode(); final String XPATH_EXPRESSION = "//wsse:BinarySecurityToken"; ★ポイント3 _token = getXPathExpression(XPATH_EXPRESSION).evaluateAsString(_definitionDocument); if ("".equals(_token)) { logger.error("Unable to authenticate: empty token"); } } catch (Exception e) { logger.error("failed to receive binary security token", e); } return _token; }//receiveBinarySecurityToken private String buildBinaryTokenRequestEnvelope(String samlAssertion) { //SAML Assertion mapping Map<String, String> _mapRequest = new HashMap<String, String>(); _mapRequest.put("samltoken", samlAssertion); _mapRequest.put("siteurl", RSC.getString("site.url")); //replace placeHolder StringSubstitutor _substitutor = new StringSubstitutor(_mapRequest, "%(", ")"); String _finalXMLRequest = _substitutor.replace(RSC.getString("soap.binary.token.request")); return _finalXMLRequest; }//buildBinaryTokenRequestEnvelope private HttpComponentsClientHttpRequestFactory buildProxyClientHttpRequestFactory() throws Exception { return ProxyClientHttpRequestFactoryBuilder.build()); } private XPathExpression getXPathExpression(String expression) { XPathExpression _xPathExpressioin = XPathExpressionFactory.createXPathExpression(expression, namespacePrefixes); return _xPathExpressioin; }
★ポイント1
SOAPリクエストメッセージを作成する部分です。
%(samltoken)部分をSAML security token(SAML Assertion)に置換します。
%(siteurl)部分は、SharepointサイトURLに置換します。
appliction.propertiesの一部分を以下に示します。
site.url=SharepointサイトURL soap.binary.token.request=<s:Envelope xmlns:s="http://www.w3.org/2003/05/soap-envelope" xmlns:a="http://www.w3.org/2005/08/addressing" xmlns:u="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"><s:Header><a:Action s:mustUnderstand="1">http://schemas.xmlsoap.org/ws/2005/02/trust/RST/Issue</a:Action><a:ReplyTo><a:Address>http://www.w3.org/2005/08/addressing/anonymous</a:Address></a:ReplyTo><o:Security s:mustUnderstand="1" xmlns:o="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">%(samltoken)</o:Security></s:Header><s:Body><t:RequestSecurityToken xmlns:t="http://schemas.xmlsoap.org/ws/2005/02/trust"><wsp:AppliesTo xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy"><a:EndpointReference><a:Address>%(siteurl)</a:Address></a:EndpointReference></wsp:AppliesTo><t:KeyType>http://schemas.xmlsoap.org/ws/2005/05/identity/NoProofKey</t:KeyType><t:RequestType>http://schemas.xmlsoap.org/ws/2005/02/trust/Issue</t:RequestType><t:TokenType>urn:oasis:names:tc:SAML:1.0:assertion</t:TokenType></t:RequestSecurityToken></s:Body></s:Envelope>
コメント