A developer-friendly SAML 2.0 API written in Java.
Identio-saml is meant as a simple replacement of OpenSAML for the SAML Web Browser SSO Profile.
- Very simple to use: Much operations are done with a one-liner, even signing the SAML object, through a fluent-API.
- Strong performance: The API relies where it can on XML streaming which is much faster than DOM or SAX parsing.
- Opiniated: The API is based on secure defaults (for example: a security protocol message shouldn't be partially signed)
- Safe to use: All builders, signers and validators are thread-safe once initialized, all SAML objects are immutable.
The following code will generate a SAML 2.0 authentication request from scratch:
ArrayList<String> reqAuthnCtx = new ArrayList<>();
reqAuthnCtx.add(SamlConstants.AUTH_PASSWORD_PROTECTED_TRANSPORT);
reqAuthnCtx.add(SamlConstants.AUTH_TLS_CLIENT);
AuthentRequest ar = AuthentRequestBuilder.getInstance().setDestination("http://idp.identio.net/SAML2")
.setForceAuthent(false).setIsPassive(false).setIssuer("http://sp1.identio.net/sp/SAML2")
.setRequestedAuthnContext(reqAuthnCtx, SamlConstants.COMPARISON_EXACT)
.build();
Parsing a String containing a SAML AuthnRequest is straight-forward:
// String containing a SAML AuthnRequest (the string is trimmed for lisibility)
String arString = "<samlp:AuthnRequest xmlns:samlp=\"urn:oasis:names:tc:SAML:2.0:protocol ...";
AuthentRequest parsedAr = AuthentRequestBuilder.getInstance().build(arString, false);
The following code will sign the AuthnRequest generated in the step before:
// Initialize a RSA-SHA256 signer
Signer signer = new Signer("/home/user/mykeystore.p12", "pass", false,
SamlConstants.SIGNATURE_ALG_RSA_SHA256);
// Embed a XML-DSIG signature in the AuthnRequest
signer.signEmbedded(ar);
Identio-saml package repository is provided through JitPack for Gradle and Maven projects
- Add the JitPack repository to your pom.xml file
<repositories>
<repository>
<id>jitpack.io</id>
<url>https://jitpack.io</url>
</repository>
</repositories>
- Add the dependency
<dependency>
<groupId>com.github.identio</groupId>
<artifactId>identio-saml</artifactId>
<version>2.0.3</version>
</dependency>
- Add the JitPack repository in your root build.gradle at the end of repositories:
allprojects {
repositories {
...
maven { url "https://jitpack.io" }
}
}
- Add the dependency
dependencies {
compile 'com.github.identio:identio-saml:2.0.3'
}