PicketLink REST API

Background

You may be in a situation where you need SSO for your REST based applications.  The other situation is when you need SSO for your scripts.  This article will talk about the use of PicketLink Rest API to talk to various Identity Providers.

 

 

Required Libraries

  1. PicketLink  (2.0.3.Final and beyond)
  2. PicketLink Rest Jars (attached)
  3. Dependent Jars (attached)

 

Examples

When you want to do SAML2  SSO with an IDP using FORM authentication

 

 

import org.picketlink.identity.federation.saml.v2.assertion.AssertionType;
import org.picketlink.rest.api.PicketLinkRestClient;


PicketLinkRestClient client = new PicketLinkRestClient();

Map<String,String> options = new HashMap<String, String>();

options.put("idpURL", "http://localhost:8080/idp/");
options.put("serviceURL", "http://localhost:8080/sp/");
options.put("authType", "FORM");
options.put("issuer", "http://localhost:8080/sp/");

client.connect(options);
AssertionType assertion = client.callSAML20IDP("tomcat", "tomcat");
String username = client.userName(assertion));

List<String> roleKeys = null; 
List<String> roles = AssertionUtil.getRoles(assertion, roleKeys);

 

When you want to do SAML2 SSO with an IDP using BASIC authentication

 

 

PicketLinkRestClient client = new PicketLinkRestClient();
Map<String,String> options = new HashMap<String, String>();

options.put("idpURL", "http://localhost:8080/idp-basic/");
options.put("serviceURL", "http://localhost:8080/sp/");
options.put("authType", "BASIC");
options.put("issuer", "http://localhost:8080/sp/");
options.put("realm", "PicketLink IDP Application");

client.connect(options);
AssertionType assertion = client.callSAML20IDP("tomcat", "tomcat");
String username = client.userName(assertion));

List<String> roleKeys = null; 
List<String> roles = AssertionUtil.getRoles(assertion, roleKeys);