Package org.jboss.identity.federation.saml.v2.assertion

Examples of org.jboss.identity.federation.saml.v2.assertion.AssertionType

649
650
651
652
653
654
655
656
657
658
659
        Source responseMessage = this.tokenService.invoke(requestMessage);
        BaseRequestSecurityTokenResponse baseResponse = (BaseRequestSecurityTokenResponse) new WSTrustParser()
                .parse(DocumentUtil.getSourceAsStream(responseMessage));

        // validate the security token response.
        AssertionType assertion = this.validateSAMLAssertionResponse(baseResponse, "testcontext", "jduke",
                SAMLUtil.SAML2_HOLDER_OF_KEY_URI);
        // validate the holder of key contents.
        SubjectConfirmationType subjConfirmation = assertion.getSubject().getConfirmation().get(0);
        this.validateHolderOfKeyContents(subjConfirmation, WSTrustConstants.KEY_TYPE_PUBLIC, certificate, true);
    }
View Full Code Here
893
894
895
896
897
898
899
900
901
902
903
904
905
906
907
        collection = (RequestSecurityTokenResponseCollection) baseResponse;
        Element renewedAssertionElement = (Element) collection.getRequestSecurityTokenResponses().get(0)
                .getRequestedSecurityToken().getAny().get(0);

        // compare the assertions, checking if the lifetime has been updated.
        AssertionType originalAssertion = SAMLUtil.fromElement(assertionElement);
        AssertionType renewedAssertion = SAMLUtil.fromElement(renewedAssertionElement);

        // assertions should have different ids and lifetimes.
        assertFalse("Renewed assertion should have a unique id", originalAssertion.getID().equals(renewedAssertion.getID()));
        assertEquals(DatatypeConstants.LESSER,
                originalAssertion.getConditions().getNotBefore().compare(renewedAssertion.getConditions().getNotBefore()));
        assertEquals(DatatypeConstants.LESSER,
                originalAssertion.getConditions().getNotOnOrAfter().compare(renewedAssertion.getConditions().getNotOnOrAfter()));
    }
View Full Code Here
1491
1492
1493
1494
1495
1496
1497
1498
1499
1500
1501
1502
1503
1504
1505
1506
1507
1508
1509
1510
1511
1512
1513
1514
1515
1516
1517
1518
1519
1520
1521
1522
1523
1524
1525
1526
        RequestedSecurityTokenType requestedToken = response.getRequestedSecurityToken();
        assertNotNull("Unexpected null requested security token", requestedToken);

        // unmarshall the SAMLV2.0 assertion.
        Element assertionElement = (Element) requestedToken.getAny().get(0);
        AssertionType assertion = SAMLUtil.fromElement(assertionElement);

        // verify the contents of the unmarshalled assertion.
        assertNotNull("Invalid null assertion ID", assertion.getID());
        assertEquals(keyId.getValue().substring(1), assertion.getID());
        assertEquals(lifetime.getCreated(), assertion.getIssueInstant());

        // validate the assertion issuer.
        assertNotNull("Unexpected null assertion issuer", assertion.getIssuer());
        assertEquals("Unexpected assertion issuer name", "Test STS", assertion.getIssuer().getValue());

        // validate the assertion subject.
        assertNotNull("Unexpected null subject", assertion.getSubject());
        SubjectType subject = assertion.getSubject();

        NameIDType nameID = (NameIDType) subject.getSubType().getBaseID();
        assertEquals("Unexpected name id qualifier", "urn:picketlink:identity-federation", nameID.getNameQualifier());
        assertEquals("Unexpected name id value", principal, nameID.getValue());

        SubjectConfirmationType subjType = subject.getConfirmation().get(0);
        assertEquals("Unexpected confirmation method", confirmationMethod, subjType.getMethod());

        // validate the assertion conditions.
        assertNotNull("Unexpected null conditions", assertion.getConditions());
        assertEquals(lifetime.getCreated(), assertion.getConditions().getNotBefore());
        assertEquals(lifetime.getExpires(), assertion.getConditions().getNotOnOrAfter());

        assertNotNull("Assertion should have been signed", assertion.getSignature());

        return assertion;
    }
View Full Code Here
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
    public void testSAMLAssertionParsing() throws Exception {
        ClassLoader tcl = Thread.currentThread().getContextClassLoader();
        InputStream configStream = tcl.getResourceAsStream("parser/saml2/saml2-assertion.xml");

        SAMLParser parser = new SAMLParser();
        AssertionType assertion = (AssertionType) parser.parse(configStream);
        assertNotNull(assertion);

        assertEquals("ID_ab0392ef-b557-4453-95a8-a7e168da8ac5", assertion.getID());
        assertEquals(XMLTimeUtil.parse("2010-09-30T19:13:37.869Z"), assertion.getIssueInstant());
        // Issuer
        assertEquals("Test STS", assertion.getIssuer().getValue());

        // Subject
        SubjectType subject = assertion.getSubject();

        STSubType subType = subject.getSubType();
        NameIDType subjectNameID = (NameIDType) subType.getBaseID();
        assertEquals("jduke", subjectNameID.getValue());
        assertEquals("urn:picketlink:identity-federation", subjectNameID.getNameQualifier());

        ConditionsType conditions = assertion.getConditions();
        assertEquals(XMLTimeUtil.parse("2010-09-30T19:13:37.869Z"), conditions.getNotBefore());
        assertEquals(XMLTimeUtil.parse("2010-09-30T21:13:37.869Z"), conditions.getNotOnOrAfter());

        ByteArrayOutputStream baos = new ByteArrayOutputStream();
        // Lets do the writing
View Full Code Here
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
    public void testSAMLAssertionParsingWithAudienceRestriction() throws Exception {
        ClassLoader tcl = Thread.currentThread().getContextClassLoader();
        InputStream configStream = tcl.getResourceAsStream("parser/saml2/saml2-assertion-audiencerestriction.xml");

        SAMLParser parser = new SAMLParser();
        AssertionType assertion = (AssertionType) parser.parse(configStream);
        assertNotNull(assertion);

        assertEquals("ID_cf9efbf0-9d7f-4b4a-b77f-d83ecaafd374", assertion.getID());
        assertEquals(XMLTimeUtil.parse("2010-09-30T19:13:37.911Z"), assertion.getIssueInstant());
        assertEquals("2.0", assertion.getVersion());

        // Issuer
        assertEquals("Test STS", assertion.getIssuer().getValue());

        // Subject
        SubjectType subject = assertion.getSubject();

        STSubType subType = subject.getSubType();
        NameIDType subjectNameID = (NameIDType) subType.getBaseID();
        assertEquals("jduke", subjectNameID.getValue());
        assertEquals("urn:picketlink:identity-federation", subjectNameID.getNameQualifier());

        SubjectConfirmationType subjectConfirmation = subject.getConfirmation().get(0);
        assertEquals("urn:oasis:names:tc:SAML:2.0:cm:bearer", subjectConfirmation.getMethod());

        ConditionsType conditions = assertion.getConditions();
        assertEquals(XMLTimeUtil.parse("2010-09-30T19:13:37.911Z"), conditions.getNotBefore());
        assertEquals(XMLTimeUtil.parse("2010-09-30T21:13:37.911Z"), conditions.getNotOnOrAfter());

        AudienceRestrictionType audienceRestrictionType = (AudienceRestrictionType) conditions.getConditions().get(0);
        assertEquals(1, audienceRestrictionType.getAudience().size());
View Full Code Here
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
    public void testAssertionWithX500Attribute() throws Exception {
        ClassLoader tcl = Thread.currentThread().getContextClassLoader();
        InputStream configStream = tcl.getResourceAsStream("parser/saml2/saml2-assertion-x500attrib.xml");

        SAMLParser parser = new SAMLParser();
        AssertionType assertion = (AssertionType) parser.parse(configStream);
        assertNotNull(assertion);

        assertEquals("ID_b07b804c-7c29-ea16-7300-4f3d6f7928ac", assertion.getID());
        assertEquals(XMLTimeUtil.parse("2004-12-05T09:22:05Z"), assertion.getIssueInstant());
        assertEquals("2.0", assertion.getVersion());

        // Issuer
        assertEquals("https://idp.example.org/SAML2", assertion.getIssuer().getValue());

        Set<StatementAbstractType> statements = assertion.getStatements();
        assertEquals(2, statements.size());

        Iterator<StatementAbstractType> iter = statements.iterator();
        AuthnStatementType authnStatement = (AuthnStatementType) iter.next();
        assertEquals(XMLTimeUtil.parse("2004-12-05T09:22:00Z"), authnStatement.getAuthnInstant());
        assertEquals("b07b804c-7c29-ea16-7300-4f3d6f7928ac", authnStatement.getSessionIndex());

        AttributeStatementType attributeStatement = (AttributeStatementType) iter.next();
        List<ASTChoiceType> attributes = attributeStatement.getAttributes();
        assertEquals(1, attributes.size());
        AttributeType attribute = attributes.get(0).getAttribute();
        assertEquals("eduPersonAffiliation", attribute.getFriendlyName());
        assertEquals("urn:oid:1.3.6.1.4.1.5923.1.1.1.1", attribute.getName());
        assertEquals("urn:oasis:names:tc:SAML:2.0:attrname-format:uri", attribute.getNameFormat());

        // Ensure that we have x500:encoding
        QName x500EncodingName = new QName(JBossSAMLURIConstants.X500_NSURI.get(), JBossSAMLConstants.ENCODING.get());
        String encodingValue = attribute.getOtherAttributes().get(x500EncodingName);
        assertEquals("LDAP", encodingValue);

        List<Object> attributeValues = attribute.getAttributeValue();
        assertEquals(2, attributeValues.size());

        String str = (String) attributeValues.get(0);
        if (!(str.equals("member") || str.equals("staff")))
            throw new RuntimeException("attrib value not found");

        // Subject
        SubjectType subject = assertion.getSubject();
        STSubType subType = subject.getSubType();
        NameIDType subjectNameID = (NameIDType) subType.getBaseID();
        assertEquals("3f7b3dcf-1674-4ecd-92c8-1544f346baf8", subjectNameID.getValue());
        assertEquals("urn:oasis:names:tc:SAML:2.0:nameid-format:transient", subjectNameID.getFormat().toString());

        SubjectConfirmationType subjectConfirmation = subject.getConfirmation().get(0);
        assertEquals("urn:oasis:names:tc:SAML:2.0:cm:bearer", subjectConfirmation.getMethod());

        SubjectConfirmationDataType subjectConfirmationData = subjectConfirmation.getSubjectConfirmationData();
        assertEquals("ID_aaf23196-1773-2113-474a-fe114412ab72", subjectConfirmationData.getInResponseTo());
        assertEquals(XMLTimeUtil.parse("2004-12-05T09:27:05Z"), subjectConfirmationData.getNotOnOrAfter());
        assertEquals("https://sp.example.com/SAML2/SSO/POST", subjectConfirmationData.getRecipient());

        ConditionsType conditions = assertion.getConditions();
        assertEquals(XMLTimeUtil.parse("2004-12-05T09:17:05Z"), conditions.getNotBefore());
        assertEquals(XMLTimeUtil.parse("2004-12-05T09:27:05Z"), conditions.getNotOnOrAfter());

        AudienceRestrictionType audienceRestrictionType = (AudienceRestrictionType) conditions.getConditions().get(0);
        assertEquals(1, audienceRestrictionType.getAudience().size());
View Full Code Here
64
65
66
67
68
69
70
71
72
73
74
75
76
77
        assertEquals(WSTrustConstants.RENEW_REQUEST, requestToken.getRequestType().toASCIIString());
        assertEquals(SAMLUtil.SAML2_TOKEN_TYPE, requestToken.getTokenType().toASCIIString());

        RenewTargetType renewTarget = requestToken.getRenewTarget();
        Element assertionElement = (Element) renewTarget.getAny().get(0);
        AssertionType assertion = SAMLUtil.fromElement(assertionElement);
        assertEquals("ID_654b6092-c725-40ea-8044-de453b59cb28", assertion.getID());
        assertEquals("Test STS", assertion.getIssuer().getValue());
        SubjectType subject = assertion.getSubject();
        assertEquals("jduke", ((NameIDType) subject.getSubType().getBaseID()).getValue());

        // Now for the writing part
        ByteArrayOutputStream baos = new ByteArrayOutputStream();
        WSTrustRequestWriter rstWriter = new WSTrustRequestWriter(baos);
View Full Code Here
236
237
238
239
240
241
242
243
244
245
246
247
248
249
    public void testSAML2AssertionWithSubjectConfirmationHavingNameID() throws Exception {
        ClassLoader tcl = Thread.currentThread().getContextClassLoader();
        InputStream configStream = tcl.getResourceAsStream("parser/saml2/saml2-assertion-subjectconfirmation.xml");

        SAMLParser parser = new SAMLParser();
        AssertionType assertion = (AssertionType) parser.parse(configStream);
        assertNotNull(assertion);

        SubjectType subjectType = assertion.getSubject();
        STSubType stType = subjectType.getSubType();
        assertEquals("A_DUDE", ((NameIDType) stType.getBaseID()).getValue());

        List<SubjectConfirmationType> subjectConfirmationTypes = subjectType.getConfirmation();
        assertNotNull(subjectConfirmationTypes);
View Full Code Here
265
266
267
268
269
270
271
272
273
274
275
276
277
278
    public void testSAML2AssertionWithEncryptedID() throws Exception {
        ClassLoader tcl = Thread.currentThread().getContextClassLoader();
        InputStream configStream = tcl.getResourceAsStream("parser/saml2/saml2-assertion-encryptedID.xml");

        SAMLParser parser = new SAMLParser();
        AssertionType assertion = (AssertionType) parser.parse(configStream);
        assertNotNull(assertion);

        // Subject
        SubjectType subject = assertion.getSubject();
        STSubType subType = subject.getSubType();
        EncryptedElementType eet = subType.getEncryptedID();
        assertNotNull(eet);
    }
View Full Code Here
285
286
287
288
289
290
291
292
    public void testSAMLAssertionWithTestShib() throws Exception{
      ClassLoader tcl = Thread.currentThread().getContextClassLoader();
        InputStream configStream = tcl.getResourceAsStream("parser/saml2/saml2-assertion-testshib.xml");

        SAMLParser parser = new SAMLParser();
        AssertionType assertion = (AssertionType) parser.parse(configStream);
        assertNotNull(assertion);
    }
View Full Code Here
TOP

Related Classes of org.jboss.identity.federation.saml.v2.assertion.AssertionType

  • org.jboss.identity.federation.api.saml.v2.metadata.KeyDescriptorMetaDataBuilder
  • org.jboss.identity.federation.api.saml.v2.metadata.MetaDataBuilder
  • org.jboss.identity.federation.api.saml.v2.metadata.MetaDataExtractor
  • org.jboss.identity.federation.api.saml.v2.request.SAML2Request
  • org.jboss.identity.federation.api.saml.v2.response.SAML2Response
  • org.jboss.identity.federation.api.soap.SOAPSAMLXACML
  • org.jboss.identity.federation.api.wstrust.plugins.saml.SAML20TokenProvider
  • org.jboss.identity.federation.api.wstrust.plugins.saml.SAMLUtil
  • org.jboss.identity.federation.bindings.providers.FileBasedEntityMetadataProvider
  • org.jboss.identity.federation.bindings.servlets.CircleOfTrustServlet
    • Copyright © 2018 www.massapicom. All rights reserved.
    All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.