PicketLink REST API

    Background

    You may be in a situation where you need SSO for your REST based applications.  The other situation is when you need SSO for your scripts.  This article will talk about the use of PicketLink Rest API to talk to various Identity Providers.

     

     

    Required Libraries

    1. PicketLink  (2.0.3.Final and beyond)
    2. PicketLink Rest Jars (attached)
    3. Dependent Jars (attached)

     

    Examples

    When you want to do SAML2  SSO with an IDP using FORM authentication

     

     

    import org.picketlink.identity.federation.saml.v2.assertion.AssertionType;
    import org.picketlink.rest.api.PicketLinkRestClient;
    
    
    PicketLinkRestClient client = new PicketLinkRestClient();
    
    Map<String,String> options = new HashMap<String, String>();
    
    options.put("idpURL", "http://localhost:8080/idp/");
    options.put("serviceURL", "http://localhost:8080/sp/");
    options.put("authType", "FORM");
    options.put("issuer", "http://localhost:8080/sp/");
    
    client.connect(options);
    AssertionType assertion = client.callSAML20IDP("tomcat", "tomcat");
    String username = client.userName(assertion));
    
    List<String> roleKeys = null; 
    List<String> roles = AssertionUtil.getRoles(assertion, roleKeys);
    

     

    When you want to do SAML2 SSO with an IDP using BASIC authentication

     

     

    PicketLinkRestClient client = new PicketLinkRestClient();
    Map<String,String> options = new HashMap<String, String>();
    
    options.put("idpURL", "http://localhost:8080/idp-basic/");
    options.put("serviceURL", "http://localhost:8080/sp/");
    options.put("authType", "BASIC");
    options.put("issuer", "http://localhost:8080/sp/");
    options.put("realm", "PicketLink IDP Application");
    
    client.connect(options);
    AssertionType assertion = client.callSAML20IDP("tomcat", "tomcat");
    String username = client.userName(assertion));
    
    List<String> roleKeys = null; 
    List<String> roles = AssertionUtil.getRoles(assertion, roleKeys);