@@ -69,11 +69,6 @@ public class LogoutResponse {
69
69
*/
70
70
private String currentUrl ;
71
71
72
- /**
73
- * The inResponseTo attribute of the Logout Request
74
- */
75
- private String inResponseTo ;
76
-
77
72
/**
78
73
* Time when the Logout Request was created
79
74
*/
@@ -85,12 +80,8 @@ public class LogoutResponse {
85
80
private Exception validationException ;
86
81
87
82
/**
88
- * The respone status code and messages
89
- */
90
- private SamlResponseStatus responseStatus ;
91
-
92
- /**
93
- * Constructs the LogoutResponse object.
83
+ * Constructs the LogoutResponse object when a received response should be
84
+ * extracted from the HTTP request and parsed.
94
85
*
95
86
* @param settings
96
87
* OneLogin_Saml2_Settings
@@ -115,6 +106,25 @@ public LogoutResponse(Saml2Settings settings, HttpRequest request) {
115
106
logoutResponseDocument = Util .loadXML (logoutResponseString );
116
107
}
117
108
}
109
+
110
+ /**
111
+ * Constructs the LogoutResponse object when a new response should be generated
112
+ * and sent.
113
+ *
114
+ * @param settings
115
+ * OneLogin_Saml2_Settings
116
+ * @param params
117
+ * a set of logout response input parameters that shape the
118
+ * request to create
119
+ */
120
+ public LogoutResponse (Saml2Settings settings , LogoutResponseParams params ) {
121
+ this .settings = settings ;
122
+ this .request = null ;
123
+ id = Util .generateUniqueID (settings .getUniqueIDPrefix ());
124
+ issueInstant = Calendar .getInstance ();
125
+ StrSubstitutor substitutor = generateSubstitutor (params , settings );
126
+ this .logoutResponseString = postProcessXml (substitutor .replace (getLogoutResponseTemplate ()), params , settings );
127
+ }
118
128
119
129
/**
120
130
* @return the base64 encoded unsigned Logout Response (deflated or not)
@@ -355,21 +365,33 @@ protected NodeList query (String query) throws XPathExpressionException {
355
365
return Util .query (this .logoutResponseDocument , query , null );
356
366
}
357
367
358
- /**
359
- * Generates a Logout Response XML string.
360
- *
361
- * @param inResponseTo
362
- * InResponseTo attribute value to bet set at the Logout Response.
368
+ /**
369
+ * Generates a Logout Response XML string.
370
+ *
371
+ * @param inResponseTo
372
+ * InResponseTo attribute value to bet set at the Logout Response.
363
373
* @param responseStatus
364
- * SamlResponseStatus response status to be set on the LogoutResponse
365
- */
374
+ * SamlResponseStatus response status to be set on the
375
+ * LogoutResponse
376
+ * @deprecated use {@link #LogoutResponse(Saml2Settings, LogoutResponseParams)}
377
+ * instead, in which case this method becomes completely useless;
378
+ * indeed, invoking this method in an outgoing logout response
379
+ * scenario will cause the response parameters specified at
380
+ * construction time (<code>inResponseTo</code> and
381
+ * <code>responseStatus</code>) to be overwritten, as well as its
382
+ * generated id and issue instant; on the other hand invoking this
383
+ * method in a received logout response scenario does not make sense
384
+ * at all (and in that case
385
+ * {@link #LogoutResponse(Saml2Settings, HttpRequest)} should be
386
+ * used instead)
387
+ */
388
+ @ Deprecated
366
389
public void build (String inResponseTo , SamlResponseStatus responseStatus ) {
367
390
id = Util .generateUniqueID (settings .getUniqueIDPrefix ());
368
391
issueInstant = Calendar .getInstance ();
369
- this .inResponseTo = inResponseTo ;
370
-
371
- StrSubstitutor substitutor = generateSubstitutor (settings , responseStatus );
372
- this .logoutResponseString = postProcessXml (substitutor .replace (getLogoutResponseTemplate ()), settings );
392
+ final LogoutResponseParams params = new LogoutResponseParams (inResponseTo , responseStatus );
393
+ StrSubstitutor substitutor = generateSubstitutor (params , settings );
394
+ this .logoutResponseString = postProcessXml (substitutor .replace (getLogoutResponseTemplate ()), params , settings );
373
395
}
374
396
375
397
/**
@@ -379,24 +401,61 @@ public void build(String inResponseTo, SamlResponseStatus responseStatus) {
379
401
* InResponseTo attribute value to bet set at the Logout Response.
380
402
* @param statusCode
381
403
* String StatusCode to be set on the LogoutResponse
404
+ * @deprecated use {@link #LogoutResponse(Saml2Settings, LogoutResponseParams)}
405
+ * instead, in which case this method becomes completely useless;
406
+ * indeed, invoking this method in an outgoing logout response
407
+ * scenario will cause the response parameters specified at
408
+ * construction time (<code>inResponseTo</code> and
409
+ * <code>responseStatus</code>) to be overwritten, as well as its
410
+ * generated id and issue instant; on the other hand invoking this
411
+ * method in a received logout response scenario does not make sense
412
+ * at all (and in that case
413
+ * {@link #LogoutResponse(Saml2Settings, HttpRequest)} should be
414
+ * used instead)
382
415
*/
416
+ @ Deprecated
383
417
public void build (String inResponseTo , String statusCode ) {
384
418
build (inResponseTo , new SamlResponseStatus (statusCode ));
385
419
}
386
420
387
- /**
388
- * Generates a Logout Response XML string.
389
- *
390
- * @param inResponseTo
391
- * InResponseTo attribute value to bet set at the Logout Response.
392
- */
421
+ /**
422
+ * Generates a Logout Response XML string.
423
+ *
424
+ * @param inResponseTo
425
+ * InResponseTo attribute value to bet set at the Logout Response.
426
+ * @deprecated use {@link #LogoutResponse(Saml2Settings, LogoutResponseParams)}
427
+ * instead, in which case this method becomes completely useless;
428
+ * indeed, invoking this method in an outgoing logout response
429
+ * scenario will cause the response parameters specified at
430
+ * construction time (<code>inResponseTo</code> and
431
+ * <code>responseStatus</code>) to be overwritten, as well as its
432
+ * generated id and issue instant; on the other hand invoking this
433
+ * method in a received logout response scenario does not make sense
434
+ * at all (and in that case
435
+ * {@link #LogoutResponse(Saml2Settings, HttpRequest)} should be
436
+ * used instead)
437
+ */
438
+ @ Deprecated
393
439
public void build (String inResponseTo ) {
394
440
build (inResponseTo , Constants .STATUS_SUCCESS );
395
441
}
396
442
397
- /**
398
- * Generates a Logout Response XML string.
399
- */
443
+ /**
444
+ * Generates a Logout Response XML string.
445
+ *
446
+ * @deprecated use {@link #LogoutResponse(Saml2Settings, LogoutResponseParams)}
447
+ * instead, in which case this method becomes completely useless;
448
+ * indeed, invoking this method in an outgoing logout response
449
+ * scenario will cause the response parameters specified at
450
+ * construction time (<code>inResponseTo</code> and
451
+ * <code>responseStatus</code>) to be overwritten, as well as its
452
+ * generated id and issue instant; on the other hand invoking this
453
+ * method in a received logout response scenario does not make sense
454
+ * at all (and in that case
455
+ * {@link #LogoutResponse(Saml2Settings, HttpRequest)} should be
456
+ * used instead)
457
+ */
458
+ @ Deprecated
400
459
public void build () {
401
460
build (null );
402
461
}
@@ -412,26 +471,29 @@ public void build() {
412
471
* @param logoutResponseXml
413
472
* the XML produced for this LogoutResponse by the standard
414
473
* implementation provided by {@link LogoutResponse}
474
+ * @param params
475
+ * the logout request input parameters
415
476
* @param settings
416
477
* the settings
417
478
* @return the post-processed XML for this LogoutResponse, which will then be
418
479
* returned by any call to {@link #getLogoutResponseXml()}
419
480
*/
420
- protected String postProcessXml (final String logoutResponseXml , final Saml2Settings settings ) {
481
+ protected String postProcessXml (final String logoutResponseXml , final LogoutResponseParams params ,
482
+ final Saml2Settings settings ) {
421
483
return logoutResponseXml ;
422
484
}
423
485
424
486
/**
425
487
* Substitutes LogoutResponse variables within a string by values.
426
488
*
489
+ * @param params
490
+ * the logout response input parameters
427
491
* @param settings
428
- * Saml2Settings object. Setting data
429
- * @param responseStatus
430
- * SamlResponseStatus response status to be set on the LogoutResponse
492
+ * Saml2Settings object. Setting data
431
493
*
432
494
* @return the StrSubstitutor object of the LogoutResponse
433
495
*/
434
- private StrSubstitutor generateSubstitutor (Saml2Settings settings , SamlResponseStatus responseStatus ) {
496
+ private StrSubstitutor generateSubstitutor (LogoutResponseParams params , Saml2Settings settings ) {
435
497
Map <String , String > valueMap = new HashMap <String , String >();
436
498
437
499
valueMap .put ("id" , Util .toXml (id ));
@@ -447,12 +509,14 @@ private StrSubstitutor generateSubstitutor(Saml2Settings settings, SamlResponseS
447
509
valueMap .put ("destinationStr" , destinationStr );
448
510
449
511
String inResponseStr = "" ;
512
+ final String inResponseTo = params .getInResponseTo ();
450
513
if (inResponseTo != null ) {
451
514
inResponseStr = " InResponseTo=\" " + Util .toXml (inResponseTo ) + "\" " ;
452
515
}
453
516
valueMap .put ("inResponseStr" , inResponseStr );
454
517
455
518
StringBuilder statusStr = new StringBuilder ("<samlp:StatusCode " );
519
+ final SamlResponseStatus responseStatus = params .getResponseStatus ();
456
520
if (responseStatus != null ) {
457
521
String statusCode = responseStatus .getStatusCode ();
458
522
if (statusCode != null ) {
0 commit comments