Page History

Versions Compared

Key

This line was added.
This line was removed.
Formatting was changed.

...

Der findes følgende funktionalitet når Seal.Java anvendes som Service Consumer:

Arbejdsnavn (kolonne slettes inden QA)
eHDSI
DGWS system-id-kort classic

Eksempler på requests

eHDSI

Eksempel på opbygning af kald til STS:

Code Block
// Use Seal.Java EHDSIFactory-------------------------------------------------------------------- // 1. Factory // -------------------------------------------------------------------- EHDSIFactory factory = new EHDSIFactory(); // -------------------------------------------------------------------- // 2. Build SAML Assertion // -------------------------------------------------------------------- // Build Dkncp Boostrap SAML Assertion DkncpBootstrapSamlAssertionBuilder dkncpBootstrapSamlAssertionBuilder assertionBuilder= factory.createDkncpBootstrapSamlAssertionBuilder(vault, issuer); dkncpBootstrapSamlAssertionBuilder// Set values for the SAML Assertion assertionBuilder.setIssuer("http://sosi"); dkncpBootstrapSamlAssertionBuilderassertionBuilder.setAudienceRestriction("https://fmk"); Date now = new Date. . // Sign and validate Dkncp Bootstrap SAML Assertion DkncpBootstrapSamlAssertion assertion = assertionBuilder.build(); dkncpBootstrapSamlAssertionBuilderassertion.setNotBefore(new Date(now.getTime() - 1000)); dkncpBootstrapSamlAssertionBuilder.setNotOnOrAfter(new Date(now.getTime() + 5 * 60 * 1000)); dkncpBootstrapSamlAssertionBuilder.setSubjectName("C=DK,O=LAKESIDE A/S // CVR:25450442,CN=Sårjournal TEST læge,Serial=CVR:25450442-RID:73570260"); dkncpBootstrapSamlAssertionBuilder.setSubjectNameID("nameid"); dkncpBootstrapSamlAssertionBuilder.setSubjectNameIDFormat(SAMLValues.NAMEID_FORMAT_X509_SUBJECT_NAME); dkncpBootstrapSamlAssertionBuilder.setDeliveryNotOnOrAfter(new Date(now.getTime() + 10 * 1000)); dkncpBootstrapSamlAssertionBuilder.setSigningVault(vault); dkncpBootstrapSamlAssertionBuilder.setHolderOfKeyCertificate(holderOfKeyVault.getSystemCredentialPair().getCertificate()); // Set values for SAML attributes dkncpBootstrapSamlAssertionBuilder.setSubject("Alfonso Gonzalez"); . . . // Sign and validate Dkncp Bootstrap token DkncpBootstrapSamlAssertion dkncpBootstrapSamlAssertion = dkncpBootstrapSamlAssertionBuilder.build(); dkncpBootstrapSamlAssertion.validateSchema(); dkncpBootstrapSamlAssertion.validateSignatureAndTrust(vault); // Build Dkncp Bootstrap request DkncpBootstrapSamlAssertionToEhdsiIdwsXuaEmployeeIdentityTokenRequestDOMBuilder requestDomBuilder = factory.createDkncpBootstrapSamlAssertionToEhdsiIdwsXuaEmployeeIdentityTokenRequestDOMBuilder(); requestDomBuilder.setAudience("https://sosi"); requestDomBuilder.setSigningVault(holderOfKeyVault); requestDomBuilder.setDkncpBootstrapToken(dkncpBootstrapSamlAssertion); // Build and sign the final response requestDomBuilder.build()

Code Block

// Use Seal.Java EHDSIFactory--------------------------------------------------------------------
// 1. Factory
// --------------------------------------------------------------------
EHDSIFactory factory = new EHDSIFactory();


// --------------------------------------------------------------------
// 2. Build SAML Assertion
// --------------------------------------------------------------------

// Build Dkncp Boostrap SAML Assertion
DkncpBootstrapSamlAssertionBuilder dkncpBootstrapSamlAssertionBuilder assertionBuilder= factory.createDkncpBootstrapSamlAssertionBuilder(vault, issuer);

dkncpBootstrapSamlAssertionBuilder// Set values for the SAML Assertion
assertionBuilder.setIssuer("http://sosi");
dkncpBootstrapSamlAssertionBuilderassertionBuilder.setAudienceRestriction("https://fmk");
Date now = new Date.
.

// Sign and validate Dkncp Bootstrap SAML Assertion
DkncpBootstrapSamlAssertion assertion = assertionBuilder.build();
dkncpBootstrapSamlAssertionBuilderassertion.setNotBefore(new Date(now.getTime() - 1000));
dkncpBootstrapSamlAssertionBuilder.setNotOnOrAfter(new Date(now.getTime() + 5 * 60 * 1000));
dkncpBootstrapSamlAssertionBuilder.setSubjectName("C=DK,O=LAKESIDE A/S // CVR:25450442,CN=Sårjournal TEST læge,Serial=CVR:25450442-RID:73570260");
dkncpBootstrapSamlAssertionBuilder.setSubjectNameID("nameid");
dkncpBootstrapSamlAssertionBuilder.setSubjectNameIDFormat(SAMLValues.NAMEID_FORMAT_X509_SUBJECT_NAME);
dkncpBootstrapSamlAssertionBuilder.setDeliveryNotOnOrAfter(new Date(now.getTime() + 10 * 1000));
dkncpBootstrapSamlAssertionBuilder.setSigningVault(vault);
dkncpBootstrapSamlAssertionBuilder.setHolderOfKeyCertificate(holderOfKeyVault.getSystemCredentialPair().getCertificate());

// Set values for SAML attributes
dkncpBootstrapSamlAssertionBuilder.setSubject("Alfonso Gonzalez");
.
.
.

// Sign and validate Dkncp Bootstrap token
DkncpBootstrapSamlAssertion dkncpBootstrapSamlAssertion = dkncpBootstrapSamlAssertionBuilder.build();
dkncpBootstrapSamlAssertion.validateSchema();
dkncpBootstrapSamlAssertion.validateSignatureAndTrust(vault);

// Build Dkncp Bootstrap request
DkncpBootstrapSamlAssertionToEhdsiIdwsXuaEmployeeIdentityTokenRequestDOMBuilder requestDomBuilder = factory.createDkncpBootstrapSamlAssertionToEhdsiIdwsXuaEmployeeIdentityTokenRequestDOMBuilder();
requestDomBuilder.setAudience("https://sosi");
requestDomBuilder.setSigningVault(holderOfKeyVault);
requestDomBuilder.setDkncpBootstrapToken(dkncpBootstrapSamlAssertion);

// Build and sign the final response
requestDomBuilder.build()

Eksempel på fortolkning af svar fra STS:

validateSchema();
assertion.validateSignatureAndTrust(vault);


// --------------------------------------------------------------------
// 3. Build STS request
// --------------------------------------------------------------------

// Build Dkncp Bootstrap request
DkncpBootstrapSamlAssertionToEhdsiIdwsXuaEmployeeIdentityTokenRequestDOMBuilder requestBuilder = factory.createDkncpBootstrapSamlAssertionToEhdsiIdwsXuaEmployeeIdentityTokenRequestDOMBuilder();
requestBuilder.setAudience("https://sosi");
requestBuilder.setSigningVault(holderOfKeyVault);
requestBuilder.setDkncpBootstrapToken(assertion);

// Build and sign the final STS request
requestBuilder.build()

Eksempel på fortolkning af svar fra STS:

code

Code Block
// -------------------------------------------------------------------- // 1. Factory // -------------------------------------------------------------------- EHDSIFactory factory = new EHDSIFactory(); // -------------------------------------------------------------------- // 2. Parse STS response // -------------------------------------------------------------------- DkncpBootstrapSamlAssertionToEhdsiIdwsXuaEmployeeIdentityTokenResponseModelBuilder responseBuilder = factory.createDkncpBootstrapSamlAssertionToEhdsiIdwsXuaEmployeeIdentityTokenResponseModelBuilder(); DkncpBootstrapSamlAssertionToEhdsiIdwsXuaEmployeeIdentityTokenResponse response = responseBuilder.build(responseDocument); // Validate entire response response.validateSignature(); response.validateSignatureAndTrust(getHolderOfKeyFederation()); // -------------------------------------------------------------------- // 3. Get SAML Assertion // -------------------------------------------------------------------- // Get and validate the identity token from the response EhdsiIdwsXuaEmployeeIdentityToken identityToken = response.getEhdsiIdwsXuaEmployeeIdentityToken(); identityToken.validateSchema(); identityToken.validateSignatureAndTrust(vocesVault);

Code Block

// --------------------------------------------------------------------
// 1. Factory
// --------------------------------------------------------------------
EHDSIFactory factory = new EHDSIFactory();


// --------------------------------------------------------------------
// 2. Parse STS response
// --------------------------------------------------------------------
DkncpBootstrapSamlAssertionToEhdsiIdwsXuaEmployeeIdentityTokenResponseModelBuilder responseBuilder =  
                   factory.createDkncpBootstrapSamlAssertionToEhdsiIdwsXuaEmployeeIdentityTokenResponseModelBuilder();

DkncpBootstrapSamlAssertionToEhdsiIdwsXuaEmployeeIdentityTokenResponse response = responseBuilder.build(responseDocument);

// Validate entire response
response.validateSignature();
response.validateSignatureAndTrust(getHolderOfKeyFederation());


// --------------------------------------------------------------------
// 3. Get SAML Assertion
// --------------------------------------------------------------------

// Get and validate the identity token from the response
EhdsiIdwsXuaEmployeeIdentityToken identityToken = response.getEhdsiIdwsXuaEmployeeIdentityToken();
identityToken.validateSchema();
identityToken.validateSignatureAndTrust(vocesVault);

Content

Space Tools

Versions Compared

Old Version 2

New Version 3

Key

Eksempler på requests

eHDSI