Examples of org.jboss.identity.federation.saml.v2.assertion.AttributeType

• org.picketlink.identity.federation.saml.v2.assertion.AttributeType
  3.org/2001/XMLSchema}anyType"> <sequence> <element ref="{urn:oasis:names:tc:SAML:2.0:assertion}AttributeValue" maxOccurs="unbounded" minOccurs="0"/> </sequence> <attribute name="Name" use="required" type="{http://www.w3.org/2001/XMLSchema}string" /> <attribute name="NameFormat" type="{http://www.w3.org/2001/XMLSchema}anyURI" /> <attribute name="FriendlyName" type="{http://www.w3.org/2001/XMLSchema}string" /> </restriction> </complexContent> </complexType>

   }

   protected boolean verifySignature(SAMLDocumentHolder samlDocumentHolder) throws IssuerNotTrustedException
   {
      Document samlResponse = samlDocumentHolder.getSamlDocument();
      ResponseType response = (ResponseType) samlDocumentHolder.getSamlObject();

      String issuerID = response.getIssuer().getValue();

      if(issuerID == null)
         throw new IssuerNotTrustedException("Issue missing");

      URL issuerURL;

      Document samlResponseDocument = null;

      if(trace)
         log.trace("AssertionConsumerURL=" + assertionConsumerURL +
            "::assertion validity=" + assertionValidity);
      ResponseType responseType = null;

      SAML2Response saml2Response = new SAML2Response();

      //Create a response type
      String id = IDGenerator.create("ID_");

      IssuerInfoHolder issuerHolder = new IssuerInfoHolder(identityURL);
      issuerHolder.setStatusCode(JBossSAMLURIConstants.STATUS_SUCCESS.get());

      IDPInfoHolder idp = new IDPInfoHolder();
      idp.setNameIDFormatValue(userPrincipal.getName());
      idp.setNameIDFormat(JBossSAMLURIConstants.NAMEID_FORMAT_PERSISTENT.get());

      SPInfoHolder sp = new SPInfoHolder();
      sp.setResponseDestinationURI(assertionConsumerURL);
      responseType = saml2Response.createResponseType(id, sp, idp, issuerHolder);


      //Add information on the roles
      AssertionType assertion = (AssertionType) responseType.getAssertionOrEncryptedAssertion().get(0);

      AttributeStatementType attrStatement = saml2Response.createAttributeStatement(roles);
      assertion.getStatementOrAuthnStatementOrAuthzDecisionStatement().add(attrStatement);

      //Add timed conditions

    */
   public Document getErrorResponse(String responseURL, String status,
         String identityURL, boolean supportSignature)
   {
      Document samlResponse = null;
      ResponseType responseType = null;

      SAML2Response saml2Response = new SAML2Response();

      //Create a response type
      String id = IDGenerator.create("ID_");

      if(request == null)
         throw new IllegalArgumentException("request is null");
      if(responseType == null)
         throw new IllegalArgumentException("response type is null");

      StatusType statusType = responseType.getStatus();
      if(statusType == null)
         throw new IllegalArgumentException("Status Type from the IDP is null");

      String statusValue = statusType.getStatusCode().getValue();
      if(JBossSAMLURIConstants.STATUS_SUCCESS.get().equals(statusValue) == false)
         throw new SecurityException("IDP forbid the user");

      List<Object> assertions = responseType.getAssertionOrEncryptedAssertion();
      if(assertions.size() == 0)

      if(request == null)
         throw new IllegalArgumentException("request is null");
      if(responseType == null)
         throw new IllegalArgumentException("response type is null");

      StatusType statusType = responseType.getStatus();
      if(statusType == null)
         throw new IllegalArgumentException("Status Type from the IDP is null");

      String statusValue = statusType.getStatusCode().getValue();
      if(JBossSAMLURIConstants.STATUS_SUCCESS.get().equals(statusValue) == false)
         throw new SecurityException("IDP forbid the user");

      List<Object> assertions = responseType.getAssertionOrEncryptedAssertion();
      if(assertions.size() == 0)

     *
     * @param roleName
     * @return
     */
    public static AttributeType createAttributeForRole(String roleName) {
        AttributeType att = new AttributeType("role");
        att.setFriendlyName("role");
        att.setNameFormat(JBossSAMLURIConstants.ATTRIBUTE_FORMAT_BASIC.get());

        // rolename
        att.addAttributeValue(roleName);

        return att;
    }

     * @param attributeValue
     * @return
     */
    public static AttributeStatementType createAttributeStatement(String attributeValue) {
        AttributeStatementType attribStatement = new AttributeStatementType();
        AttributeType att = new AttributeType(attributeValue);
        att.addAttributeValue(attributeValue);

        attribStatement.addAttribute(new ASTChoiceType(att));
        return attribStatement;
    }

            AttributeStatementType attributeStatement = this.getAttributeStatement(assertion);
            if (attributeStatement != null) {
                RoleGroup rolesGroup = new SimpleRoleGroup(SAML20CommonTokenRoleAttributeProvider.JBOSS_ROLE_PRINCIPAL_NAME);
                List<ASTChoiceType> attributeList = attributeStatement.getAttributes();
                for (ASTChoiceType obj : attributeList) {
                    AttributeType attribute = obj.getAttribute();
                    if (attribute != null) {
                        // if this is a role attribute, get its values and add them to the role set.
                        if (tokenRoleAttributeName.equals(attribute.getName())) {
                            for (Object value : attribute.getAttributeValue()) {
                                rolesGroup.addRole(new SimpleRole((String) value));
                            }
                        }
                    }
                }

        if (subject == null) {
            logger.trace("No authentication Subject found, cannot provide any user roles!");
            return null;
        } else {
            AttributeStatementType attributeStatement = new AttributeStatementType();
            AttributeType rolesAttribute = new AttributeType(tokenRoleAttributeName);
            attributeStatement.addAttribute(new ASTChoiceType(rolesAttribute));

            // List<Object> roles = rolesAttribute.getAttributeValue();
            for (Principal rolePrincipal : subject.getPrincipals()) {
                if (JBOSS_ROLE_PRINCIPAL_NAME.equalsIgnoreCase(rolePrincipal.getName())) {
                    Group simpleGroup = (Group) rolePrincipal;
                    Enumeration<? extends Principal> members = simpleGroup.members();
                    while (members.hasMoreElements()) {
                        Principal role = members.nextElement();
                        rolesAttribute.addAttributeValue(role.getName());
                        // roles.add( role.getName() );
                    }
                }
            }
            logger.trace("Returning an AttributeStatement with a [" + tokenRoleAttributeName + "] attribute containing: " + rolesAttribute.getAttributeValue().toString());
            return attributeStatement;
        }
    }

     * @param nameFormat name format uri
     * @param attributeValues an object array of attribute values
     * @return
     */
    public static AttributeType createAttribute(String name, String nameFormat, Object... attributeValues) {
        AttributeType att = new AttributeType(name);
        att.setNameFormat(nameFormat);
        if (attributeValues != null && attributeValues.length > 0) {
            for (Object attributeValue : attributeValues) {
                att.addAttributeValue(attributeValue);
            }
        }

        return att;
    }