Examples of org.jboss.seam.security.external.jaxb.samlv2.protocol.ObjectFactory

• org.jboss.seam.security.external.jaxb.samlv2.assertion.SubjectConfirmationDataType
  This object contains factory methods for each Java content interface and Java element interface generated in the org.jboss.seam.security.external.jaxb.samlv2.protocol package.

  An ObjectFactory allows you to programatically construct new instances of the Java representation for XML content. The Java representation of XML content can consist of schema derived interfaces and classes representing the binding of schema type definitions, element declarations and model groups. Factory methods for each of these are provided in this class.

        response.getAssertionOrEncryptedAssertion().add(assertion);

        SubjectType subject = assertionObjectFactory.createSubjectType();
        assertion.setSubject(subject);

        NameIDType nameID = assertionObjectFactory.createNameIDType();
        subject.getContent().add(assertionObjectFactory.createNameID(nameID));
        nameID.setValue(session.getPrincipal().getNameId().getValue());
        nameID.setFormat(session.getPrincipal().getNameId().getFormat());
        nameID.setNameQualifier(session.getPrincipal().getNameId().getQualifier());

        SubjectConfirmationType subjectConfirmation = assertionObjectFactory.createSubjectConfirmationType();
        subject.getContent().add(assertionObjectFactory.createSubjectConfirmation(subjectConfirmation));
        subjectConfirmation.setMethod(SamlConstants.CONFIRMATION_METHOD_BEARER);
        subjectConfirmation.setNameID(nameID);

    public LogoutRequestType createLogoutRequest(SamlNameId samlNameId, String sessionIndex) {
        LogoutRequestType logoutRequest = objectFactory.createLogoutRequestType();

        fillRequestAbstractTypeFields(logoutRequest);

        NameIDType nameID = assertionObjectFactory.createNameIDType();
        nameID.setValue(samlNameId.getValue());
        nameID.setFormat(samlNameId.getFormat());
        nameID.setNameQualifier(samlNameId.getQualifier());
        logoutRequest.setNameID(nameID);

        logoutRequest.getSessionIndex().add(sessionIndex);

        return logoutRequest;

    private void fillRequestAbstractTypeFields(RequestAbstractType request) {
        request.setID(dialogue.getId());
        request.setIssueInstant(SamlUtils.getXMLGregorianCalendarNow());

        NameIDType issuer = assertionObjectFactory.createNameIDType();
        issuer.setValue(samlEntityBean.get().getEntityId());
        request.setIssuer(issuer);

        request.setVersion(SamlConstants.VERSION_2_0);
    }

    private void fillStatusResponseFields(StatusResponseType response, String statusCode, String statusMessage) {
        response.setID(dialogue.getId());
        response.setIssueInstant(SamlUtils.getXMLGregorianCalendarNow());

        NameIDType issuer = assertionObjectFactory.createNameIDType();
        issuer.setValue(samlEntityBean.get().getEntityId());
        response.setIssuer(issuer);

        response.setVersion(SamlConstants.VERSION_2_0);
        response.setInResponseTo(samlDialogue.get().getExternalProviderMessageId());

        if (authnStatement == null) {
            log.warn("Received assertion not processed because it doesn't contain a valid authnStatement.");
            return null;
        }

        NameIDType nameId = validateSubjectAndExtractNameID(assertion);
        if (nameId == null) {
            log.warn("Received assertion not processed because it doesn't contain a valid subject.");
            return null;
        }

        SamlPrincipalImpl principal = new SamlPrincipalImpl();
        principal.setAssertion(assertion);
        principal.setNameId(new SamlNameIdImpl(nameId.getValue(), nameId.getFormat(), nameId.getNameQualifier()));
        SamlSpSessionImpl session = new SamlSpSessionImpl();
        session.setSessionIndex(authnStatement.getSessionIndex());
        session.setPrincipal(principal);
        session.setIdentityProvider(idp);

        return null;
    }

    private NameIDType validateSubjectAndExtractNameID(AssertionType assertion) {
        NameIDType nameId = null;
        boolean validConfirmationFound = false;

        for (JAXBElement<?> contentElement : assertion.getSubject().getContent()) {
            if (contentElement.getValue() instanceof NameIDType) {
                nameId = (NameIDType) contentElement.getValue();

            throw new InvalidRequestException("Request should be a single logout request.");
        }

        LogoutRequestType logoutRequest = (LogoutRequestType) request;

        NameIDType nameIdJaxb = logoutRequest.getNameID();
        SamlNameId samlNameId = new SamlNameIdImpl(nameIdJaxb.getValue(), nameIdJaxb.getFormat(), nameIdJaxb.getNameQualifier());

        samlIdpIncomingLogoutDialogue.get().setNameId(samlNameId);
        samlIdpIncomingLogoutDialogue.get().setSessionIndexes(logoutRequest.getSessionIndex());

        removeNextSessionParticipant(httpResponse);

         throw new InvalidRequestException("Request should be a single logout request.");
      }

      LogoutRequestType logoutRequest = (LogoutRequestType) request;

      NameIDType nameIdJaxb = logoutRequest.getNameID();
      SamlNameId samlNameId = new SamlNameIdImpl(nameIdJaxb.getValue(), nameIdJaxb.getFormat(), nameIdJaxb.getNameQualifier());

      samlIdpIncomingLogoutDialogue.get().setNameId(samlNameId);
      samlIdpIncomingLogoutDialogue.get().setSessionIndexes(logoutRequest.getSessionIndex());

      removeNextSessionParticipant(httpResponse);

        SubjectConfirmationType subjectConfirmation = assertionObjectFactory.createSubjectConfirmationType();
        subject.getContent().add(assertionObjectFactory.createSubjectConfirmation(subjectConfirmation));
        subjectConfirmation.setMethod(SamlConstants.CONFIRMATION_METHOD_BEARER);
        subjectConfirmation.setNameID(nameID);

        SubjectConfirmationDataType subjectConfirmationData = assertionObjectFactory.createSubjectConfirmationDataType();
        subjectConfirmation.setSubjectConfirmationData(subjectConfirmationData);

        subjectConfirmationData.setRecipient(externalSamlEndpoint.getLocation());
        subjectConfirmationData.setNotOnOrAfter(SamlUtils.getXMLGregorianCalendarNowPlusDuration(GregorianCalendar.MINUTE, ASSERTION_VALIDITY_IN_MINUTES));
        subjectConfirmationData.setInResponseTo(samlDialogue.get().getExternalProviderMessageId());

        ConditionsType conditions = assertionObjectFactory.createConditionsType();
        assertion.setConditions(conditions);
        AudienceRestrictionType audienceRestriction = assertionObjectFactory.createAudienceRestrictionType();
        conditions.getConditionOrAudienceRestrictionOrOneTimeUse().add(audienceRestriction);

                nameId = (NameIDType) contentElement.getValue();
            }
            if (contentElement.getValue() instanceof SubjectConfirmationType) {
                SubjectConfirmationType confirmation = (SubjectConfirmationType) contentElement.getValue();
                if (confirmation.getMethod().equals(SamlConstants.CONFIRMATION_METHOD_BEARER)) {
                    SubjectConfirmationDataType confirmationData = confirmation.getSubjectConfirmationData();

                    boolean validRecipient = confirmationData.getRecipient().equals(samlEntityBean.get().getServiceURL(SamlServiceType.SAML_ASSERTION_CONSUMER_SERVICE));

                    boolean notTooLate = confirmationData.getNotOnOrAfter().compare(SamlUtils.getXMLGregorianCalendarNow()) == DatatypeConstants.GREATER;

                    boolean validInResponseTo = confirmationData.getInResponseTo() == null || confirmationData.getInResponseTo().equals(dialogue.getId());

                    if (validRecipient && notTooLate && validInResponseTo) {
                        validConfirmationFound = true;
                    } else {
                        log.debugf("Validation of assertion failed: validRecipient: %b; notTootLate: %b; validInResponseTo: %b", new Object[]{validRecipient, notTooLate, validInResponseTo});