Package org.opensaml.saml1.core

Examples of org.opensaml.saml1.core.Assertion

130
131
132
133
134
135
136
137
138
139
140
141
                    "OpenSaml engine not initialized. Please make sure to initialize the OpenSaml engine "
                    + "prior using it"
                );
            }
        }
        Assertion assertion =
            assertionBuilder.buildObject(Assertion.DEFAULT_ELEMENT_NAME, Assertion.TYPE_NAME);
        assertion.setID(UUIDGenerator.getUUID());
        assertion.setVersion(SAMLVersion.VERSION_20);
        assertion.setIssueInstant(new DateTime());
        return assertion;
    }
View Full Code Here
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
*/
public class AssertionUnmarshaller extends AbstractSAMLObjectUnmarshaller {

    /** {@inheritDoc} */
    protected void processChildElement(XMLObject parentObject, XMLObject childObject) throws UnmarshallingException {
        Assertion assertion = (Assertion) parentObject;

        if (childObject instanceof Issuer) {
            assertion.setIssuer((Issuer) childObject);
        } else if (childObject instanceof Signature) {
            assertion.setSignature((Signature) childObject);
        } else if (childObject instanceof Subject) {
            assertion.setSubject((Subject) childObject);
        } else if (childObject instanceof Conditions) {
            assertion.setConditions((Conditions) childObject);
        } else if (childObject instanceof Advice) {
            assertion.setAdvice((Advice) childObject);
        } else if (childObject instanceof Statement) {
            assertion.getStatements().add((Statement) childObject);
        } else {
            super.processChildElement(parentObject, childObject);
        }
    }
View Full Code Here
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
        }
    }

    /** {@inheritDoc} */
    protected void processAttribute(XMLObject samlObject, Attr attribute) throws UnmarshallingException {
        Assertion assertion = (Assertion) samlObject;

        if (attribute.getLocalName().equals(Assertion.VERSION_ATTRIB_NAME)) {
            assertion.setVersion(SAMLVersion.valueOf(attribute.getValue()));
        } else if (attribute.getLocalName().equals(Assertion.ISSUE_INSTANT_ATTRIB_NAME)
                && !DatatypeHelper.isEmpty(attribute.getValue())) {
            assertion.setIssueInstant(new DateTime(attribute.getValue(), ISOChronology.getInstanceUTC()));
        } else if (attribute.getLocalName().equals(Assertion.ID_ATTRIB_NAME)) {
            assertion.setID(attribute.getValue());
            attribute.getOwnerElement().setIdAttributeNode(attribute, true);
        } else {
            super.processAttribute(samlObject, attribute);
        }
    }
View Full Code Here
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
*/
public class AssertionMarshaller extends AbstractSAMLObjectMarshaller {

    /** {@inheritDoc} */
    protected void marshallAttributes(XMLObject samlObject, Element domElement) throws MarshallingException {
        Assertion assertion = (Assertion) samlObject;

        if (assertion.getVersion() != null) {
            domElement.setAttributeNS(null, Assertion.VERSION_ATTRIB_NAME, assertion.getVersion().toString());
        }

        if (assertion.getIssueInstant() != null) {
            String issueInstantStr = Configuration.getSAMLDateFormatter().print(assertion.getIssueInstant());
            domElement.setAttributeNS(null, Assertion.ISSUE_INSTANT_ATTRIB_NAME, issueInstantStr);
        }

        if (assertion.getID() != null) {
            domElement.setAttributeNS(null, Assertion.ID_ATTRIB_NAME, assertion.getID());
            domElement.setIdAttributeNS(null, Assertion.ID_ATTRIB_NAME, true);
        }
    }
View Full Code Here
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
    @Override
    public Credential validate(Credential credential, RequestData data) throws WSSecurityException {
        Credential validatedCredential = super.validate(credential, data);
        SamlAssertionWrapper assertion = validatedCredential.getSamlAssertion();
       
        Assertion saml2Assertion = assertion.getSaml2();
        if (saml2Assertion == null) {
            throw new WSSecurityException(WSSecurityException.ErrorCode.FAILURE, "invalidSAMLsecurity");
        }
       
        List<AttributeStatement> attributeStatements = saml2Assertion.getAttributeStatements();
        if (attributeStatements == null || attributeStatements.isEmpty()) {
            throw new WSSecurityException(WSSecurityException.ErrorCode.FAILURE, "invalidSAMLsecurity");
        }
       
        Subject subject = saml2Assertion.getSubject();
        NameID nameID = subject.getNameID();
        String subjectName = nameID.getValue();
        if ("alice".equals(subjectName) || "bob".equals(subjectName)) {
            return validatedCredential;
        }
View Full Code Here
189
190
191
192
193
194
195
196
197
198
199
     */
    protected void decryptEncryptedAssertions(final Response response, final Decrypter decrypter) {

        for (EncryptedAssertion encryptedAssertion : response.getEncryptedAssertions()) {
            try {
                Assertion decryptedAssertion = decrypter.decrypt(encryptedAssertion);
                response.getAssertions().add(decryptedAssertion);
            } catch (DecryptionException e) {
                logger.error("Decryption of assertion failed, continue with the next one", e);
            }
        }
View Full Code Here
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
    }

    private Saml2Credentials buildSaml2Credentials(final ExtendedSAMLMessageContext context) {

        NameID nameId = (NameID) context.getSubjectNameIdentifier();
        Assertion subjectAssertion = context.getSubjectAssertion();

        List<Attribute> attributes = new ArrayList<Attribute>();
        for (AttributeStatement attributeStatement : subjectAssertion.getAttributeStatements()) {
            for (Attribute attribute : attributeStatement.getAttributes()) {
                attributes.add(attribute);
            }
            if (attributeStatement.getEncryptedAttributes().size() > 0) {
                if (decrypter == null) {
                    logger.warn("Encrypted attributes returned, but no keystore was provided.");
                } else {
                    for (EncryptedAttribute encryptedAttribute : attributeStatement.getEncryptedAttributes()) {
                        try {
                            attributes.add(decrypter.decrypt(encryptedAttribute));
                        } catch (DecryptionException e) {
                            logger.warn("Decryption of attribute failed, continue with the next one", e);
                        }
                    }
                }
            }
        }

        return new Saml2Credentials(nameId, attributes, subjectAssertion.getConditions(), getName());
    }
View Full Code Here
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
            if (WSConstants.ST_UNSIGNED == actInt.intValue()) {

                // If this is a SAML2.0 assertion
                if (wser.get(WSSecurityEngineResult.TAG_SAML_ASSERTION) instanceof Assertion) {

                    final Assertion assertion = (Assertion) wser.get(WSSecurityEngineResult.TAG_SAML_ASSERTION);
                    String id = assertion.getID();
                    Subject subject = assertion.getSubject();

                    Date dateOfCreation = null;
                    Date dateOfExpiration = null;

                    //Read the validity period from the 'Conditions' element, else read it from SC Data
                    if (assertion.getConditions() != null) {
                        Conditions conditions = assertion.getConditions();
                        if (conditions.getNotBefore() != null) {
                            dateOfCreation = conditions.getNotBefore().toDate();
                        }
                        if (conditions.getNotOnOrAfter() != null) {
                            dateOfExpiration = conditions.getNotOnOrAfter().toDate();
                        }
                    } else {
                        SubjectConfirmationData scData = subject.getSubjectConfirmations()
                                .get(0).getSubjectConfirmationData();
                        if (scData.getNotBefore() != null) {
                            dateOfCreation = scData.getNotBefore().toDate();
                        }
                        if (scData.getNotOnOrAfter() != null) {
                            dateOfExpiration = scData.getNotOnOrAfter().toDate();
                        }
                    }

                    // TODO : SAML2KeyInfo element needs to be moved to WSS4J.
                    SAML2KeyInfo saml2KeyInfo = SAML2Utils.
                            getSAML2KeyInfo(assertion, signatureCrypto, tokenCallbackHandler);

                    //Store the token
                    try {
                        TokenStorage store = rmd.getTokenStorage();
                        if (store.getToken(id) == null) {
                            Token token = new Token(id, (OMElement) SAML2Utils.getElementFromAssertion(assertion), dateOfCreation, dateOfExpiration);
                            token.setSecret(saml2KeyInfo.getSecret());
                            store.add(token);
                        }
                    } catch (Exception e) {
                        throw new RampartException(
                                "errorInAddingTokenIntoStore", e);
                    }

                }
                //if this is a SAML1.1 assertion
                else {
                    final SAMLAssertion assertion =

                            ((SAMLAssertion) wser
                                    .get(WSSecurityEngineResult.TAG_SAML_ASSERTION));
                    String id = assertion.getId();
                    Date created = assertion.getNotBefore();
                    Date expires = assertion.getNotOnOrAfter();
                    SAMLKeyInfo samlKi = SAMLUtil.getSAMLKeyInfo(assertion,
                            signatureCrypto, tokenCallbackHandler);
                    try {
                        TokenStorage store = rmd.getTokenStorage();
                        if (store.getToken(id) == null) {
                            Token token = new Token(id, (OMElement) assertion.toDOM(), created, expires);
                            token.setSecret(samlKi.getSecret());
                            store.add(token);
                        }
                    } catch (Exception e) {
                        throw new RampartException(
View Full Code Here
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
    @Override
    public Credential validate(Credential credential, RequestData data) throws WSSecurityException {
        Credential validatedCredential = super.validate(credential, data);
        SamlAssertionWrapper assertion = validatedCredential.getSamlAssertion();
       
        Assertion saml2Assertion = assertion.getSaml2();
        if (saml2Assertion == null) {
            throw new WSSecurityException(WSSecurityException.ErrorCode.FAILURE, "invalidSAMLsecurity");
        }
       
        List<AttributeStatement> attributeStatements = saml2Assertion.getAttributeStatements();
        if (attributeStatements == null || attributeStatements.isEmpty()) {
            throw new WSSecurityException(WSSecurityException.ErrorCode.FAILURE, "invalidSAMLsecurity");
        }
       
        for (AttributeStatement statement : attributeStatements) {
View Full Code Here
39
40
41
42
43
44
45
46
47
48
49
50
        if (transformedToken == null || transformedToken.getSaml2() == null
            || !"B-Issuer".equals(transformedToken.getIssuerString())) {
            throw new WSSecurityException(WSSecurityException.ErrorCode.FAILURE);
        }

        Assertion assertion = transformedToken.getSaml2();
        if (!"B-Principal".equals(assertion.getSubject().getNameID().getValue())) {
            throw new WSSecurityException(WSSecurityException.ErrorCode.FAILURE);
        }
       
        return validatedCredential;
    }
View Full Code Here
TOP

Related Classes of org.opensaml.saml1.core.Assertion

  • demo.sts.provider.token.Saml2TokenProvider
  • org.apache.cxf.systest.sts.intermediary_transformation.OnBehalfOfValidator
  • org.apache.cxf.systest.sts.realms.DifferentRealmValidator
  • org.apache.cxf.systest.sts.username_actas.ActAsValidator
  • org.apache.cxf.systest.ws.saml.Saml2AudienceRestrictionValidator
  • org.apache.cxf.systest.ws.saml.server.CustomSaml2Validator
  • org.apache.rahas.RahasSAML2TokenUTForBearerTest
  • org.apache.rahas.RahasSAMLTokenUTForBearerTest
  • org.apache.rahas.SAMLDataProvider
  • org.apache.rampart.RampartEngine
    • Copyright © 2018 www.massapicom. All rights reserved.
    All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.