add support for saml client to handle passive authn as an option (#960)

pac4j · Jul 13, 2017 · b53de63 · b53de63
1 parent cd22865
commit b53de63
Show file tree

Hide file tree

Showing 3 changed files with 20 additions and 7 deletions.
diff --git a/pac4j-saml/src/main/java/org/pac4j/saml/client/SAML2ClientConfiguration.java b/pac4j-saml/src/main/java/org/pac4j/saml/client/SAML2ClientConfiguration.java
@@ -64,6 +64,7 @@ public class SAML2ClientConfiguration extends InitializableObject {
     private int maximumAuthenticationLifetime;
 
     private boolean forceAuth = false;
+    private boolean passive = false;
 
     private boolean forceSignRedirectBindingAuthnRequest;
 
@@ -296,6 +297,14 @@ public String getServiceProviderEntityId() {
         return serviceProviderEntityId;
     }
 
+    public boolean isPassive() {
+        return passive;
+    }
+
+    public void setPassive(final boolean passive) {
+        this.passive = passive;
+    }
+
     public boolean isForceAuth() {
         return forceAuth;
     }

diff --git a/pac4j-saml/src/main/java/org/pac4j/saml/redirect/SAML2RedirectActionBuilder.java b/pac4j-saml/src/main/java/org/pac4j/saml/redirect/SAML2RedirectActionBuilder.java
@@ -32,7 +32,7 @@ public SAML2RedirectActionBuilder(final SAML2Client client) {
         final SAML2ClientConfiguration cfg = client.getConfiguration();
         this.saml2ObjectBuilder = new SAML2AuthnRequestBuilder(cfg.isForceAuth(),
                 cfg.getComparisonType(), cfg.getDestinationBindingType(), cfg.getAuthnContextClassRef(),
-                cfg.getNameIdPolicyFormat());
+                cfg.getNameIdPolicyFormat(), cfg.isPassive());
     }
 
     @Override

diff --git a/pac4j-saml/src/main/java/org/pac4j/saml/sso/impl/SAML2AuthnRequestBuilder.java b/pac4j-saml/src/main/java/org/pac4j/saml/sso/impl/SAML2AuthnRequestBuilder.java
@@ -34,6 +34,7 @@
 public class SAML2AuthnRequestBuilder implements SAML2ObjectBuilder<AuthnRequest> {
 
     private final boolean forceAuth;
+    private final boolean passive;
 
     private final AuthnContextComparisonTypeEnumeration comparisonType;
 
@@ -50,19 +51,22 @@ public class SAML2AuthnRequestBuilder implements SAML2ObjectBuilder<AuthnRequest
     /**
      * Instantiates a new Saml 2 authn request builder.
      *
-     * @param forceAuth the force auth
-     * @param comparisonType the comparison type
-     * @param bindingType the binding type
+     * @param forceAuth            the force auth
+     * @param comparisonType       the comparison type
+     * @param bindingType          the binding type
      * @param authnContextClassRef the authn context class ref
-     * @param nameIdPolicyFormat the name id policy format
+     * @param nameIdPolicyFormat   the name id policy format
+     * @param passive              the passive
      */
     public SAML2AuthnRequestBuilder(final boolean forceAuth, final String comparisonType, final String bindingType,
-                                    final String authnContextClassRef, final String nameIdPolicyFormat) {
+                                    final String authnContextClassRef, final String nameIdPolicyFormat,
+                                    final boolean passive) {
         this.forceAuth = forceAuth;
         this.comparisonType = getComparisonTypeEnumFromString(comparisonType);
         this.bindingType = bindingType;
         this.authnContextClassRef = authnContextClassRef;
         this.nameIdPolicyFormat = nameIdPolicyFormat;
+        this.passive = passive;
     }
 
     @Override
@@ -98,7 +102,7 @@ protected final AuthnRequest buildAuthnRequest(final SAML2MessageContext context
         request.setIssuer(getIssuer(selfContext.getEntityId()));
         request.setIssueInstant(DateTime.now().plusSeconds(this.issueInstantSkewSeconds));
         request.setVersion(SAMLVersion.VERSION_20);
-        request.setIsPassive(false);
+        request.setIsPassive(this.passive);
         request.setForceAuthn(this.forceAuth);
         request.setProviderName("pac4j-saml");