Package org.picketlink.identity.federation.saml.v2.assertion

Examples of org.picketlink.identity.federation.saml.v2.assertion.AssertionType

222
223
224
225
226
227
228
229
230
231
232
233
234
235
        ResponseType responseType = getResponseTypeAndCheckSignature(response, bos);

        assertNotNull(responseType);
        assertEquals(1, responseType.getAssertions().size());
        AssertionType assertion = responseType.getAssertions().get(0).getAssertion();
        assertEquals(assertion.getIssuer().getValue(), IDENTITY_PROVIDER_URL);
       
        ConditionsType conditions = assertion.getConditions();
        assertNotNull(conditions);
        List<ConditionAbstractType> conditionList = conditions.getConditions();
        assertEquals(1, conditionList.size());
        AudienceRestrictionType audience = (AudienceRestrictionType) conditionList.get(0);
        assertEquals(SERVICE_PROVIDER_URL, audience.getAudience().get(0).toString());
View Full Code Here
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
        ResponseType responseType = getResponseTypeAndCheckSignature(response, null);

        assertNotNull(responseType);
        assertEquals(1, responseType.getAssertions().size());

        AssertionType issuedAssertion = responseType.getAssertions().get(0).getAssertion();

        assertEquals(issuedAssertion.getIssuer().getValue(), IDENTITY_PROVIDER_URL);

        // The response should redirect back to the caller SP
        assertTrue("Expected a redirect to the SP.", response.redirectString.contains(SERVICE_PROVIDER_URL));

        ConditionsType conditions = issuedAssertion.getConditions();

        assertEquals("The assertion timeout is invalid.", 3000, conditions.getNotOnOrAfter().toGregorianCalendar()
                .getTimeInMillis()
                - conditions.getNotBefore().toGregorianCalendar().getTimeInMillis());
    }
View Full Code Here
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
        Source responseMessage = this.tokenService.invoke(requestMessage);
        BaseRequestSecurityTokenResponse baseResponse = (BaseRequestSecurityTokenResponse) new WSTrustParser()
                .parse(DocumentUtil.getSourceAsStream(responseMessage));

        // validate the security token response.
        AssertionType assertion = this.validateSAMLAssertionResponse(baseResponse, "testcontext", "jduke",
                SAMLUtil.SAML2_BEARER_URI);

        // in this scenario, the conditions section should have an audience restriction.
        ConditionsType conditions = assertion.getConditions();
        assertEquals("Unexpected restriction list size", 1, conditions.getConditions().size());
        ConditionAbstractType abstractType = conditions.getConditions().get(0);
        assertTrue("Unexpected restriction type", abstractType instanceof AudienceRestrictionType);
        AudienceRestrictionType audienceRestriction = (AudienceRestrictionType) abstractType;
        assertEquals("Unexpected audience restriction list size", 1, audienceRestriction.getAudience().size());
View Full Code Here
505
506
507
508
509
510
511
512
513
514
515
516
517
518
        Source responseMessage = this.tokenService.invoke(requestMessage);
        BaseRequestSecurityTokenResponse baseResponse = (BaseRequestSecurityTokenResponse) new WSTrustParser()
                .parse(DocumentUtil.getSourceAsStream(responseMessage));

        // validate the security token response.
        AssertionType assertion = this.validateSAMLAssertionResponse(baseResponse, "testcontext", "jduke",
                SAMLUtil.SAML2_HOLDER_OF_KEY_URI);
        // validate the holder of key contents.
        SubjectConfirmationType subjConfirmation = assertion.getSubject().getConfirmation().get(0);
        this.validateHolderOfKeyContents(subjConfirmation, WSTrustConstants.KEY_TYPE_SYMMETRIC, null, false);

        // check if the response contains the STS-generated key.
        RequestSecurityTokenResponseCollection collection = (RequestSecurityTokenResponseCollection) baseResponse;
        RequestSecurityTokenResponse response = collection.getRequestSecurityTokenResponses().get(0);
View Full Code Here
560
561
562
563
564
565
566
567
568
569
570
571
572
573
        Source responseMessage = this.tokenService.invoke(requestMessage);
        BaseRequestSecurityTokenResponse baseResponse = (BaseRequestSecurityTokenResponse) new WSTrustParser()
                .parse(DocumentUtil.getSourceAsStream(responseMessage));

        // validate the security token response.
        AssertionType assertion = this.validateSAMLAssertionResponse(baseResponse, "testcontext", "jduke",
                SAMLUtil.SAML2_HOLDER_OF_KEY_URI);
        // validate the holder of key contents.
        SubjectConfirmationType subjConfirmation = assertion.getSubject().getConfirmation().get(0);
        this.validateHolderOfKeyContents(subjConfirmation, WSTrustConstants.KEY_TYPE_SYMMETRIC, null, false);

        RequestSecurityTokenResponseCollection collection = (RequestSecurityTokenResponseCollection) baseResponse;
        RequestSecurityTokenResponse response = collection.getRequestSecurityTokenResponses().get(0);
        RequestedProofTokenType proofToken = response.getRequestedProofToken();
View Full Code Here
613
614
615
616
617
618
619
620
621
622
623
        Source requestMessage = this.createSourceFromRequest(request);
        Source responseMessage = this.tokenService.invoke(requestMessage);
        BaseRequestSecurityTokenResponse baseResponse = (BaseRequestSecurityTokenResponse) new WSTrustParser()
                .parse(DocumentUtil.getSourceAsStream(responseMessage));
        // validate the security token response.
        AssertionType assertion = this.validateSAMLAssertionResponse(baseResponse, "testcontext", "jduke",
                SAMLUtil.SAML2_HOLDER_OF_KEY_URI);
        // validate the holder of key contents.
        SubjectConfirmationType subjConfirmation = assertion.getSubject().getConfirmation().get(0);
        this.validateHolderOfKeyContents(subjConfirmation, WSTrustConstants.KEY_TYPE_PUBLIC, certificate, false);
    }
View Full Code Here
649
650
651
652
653
654
655
656
657
658
659
        Source responseMessage = this.tokenService.invoke(requestMessage);
        BaseRequestSecurityTokenResponse baseResponse = (BaseRequestSecurityTokenResponse) new WSTrustParser()
                .parse(DocumentUtil.getSourceAsStream(responseMessage));

        // validate the security token response.
        AssertionType assertion = this.validateSAMLAssertionResponse(baseResponse, "testcontext", "jduke",
                SAMLUtil.SAML2_HOLDER_OF_KEY_URI);
        // validate the holder of key contents.
        SubjectConfirmationType subjConfirmation = assertion.getSubject().getConfirmation().get(0);
        this.validateHolderOfKeyContents(subjConfirmation, WSTrustConstants.KEY_TYPE_PUBLIC, certificate, true);
    }
View Full Code Here
893
894
895
896
897
898
899
900
901
902
903
904
905
906
907
        collection = (RequestSecurityTokenResponseCollection) baseResponse;
        Element renewedAssertionElement = (Element) collection.getRequestSecurityTokenResponses().get(0)
                .getRequestedSecurityToken().getAny().get(0);

        // compare the assertions, checking if the lifetime has been updated.
        AssertionType originalAssertion = SAMLUtil.fromElement(assertionElement);
        AssertionType renewedAssertion = SAMLUtil.fromElement(renewedAssertionElement);

        // assertions should have different ids and lifetimes.
        assertFalse("Renewed assertion should have a unique id", originalAssertion.getID().equals(renewedAssertion.getID()));
        assertEquals(DatatypeConstants.LESSER,
                originalAssertion.getConditions().getNotBefore().compare(renewedAssertion.getConditions().getNotBefore()));
        assertEquals(DatatypeConstants.LESSER,
                originalAssertion.getConditions().getNotOnOrAfter().compare(renewedAssertion.getConditions().getNotOnOrAfter()));
    }
View Full Code Here
1491
1492
1493
1494
1495
1496
1497
1498
1499
1500
1501
1502
1503
1504
1505
1506
1507
1508
1509
1510
1511
1512
1513
1514
1515
1516
1517
1518
1519
1520
1521
1522
1523
1524
1525
1526
        RequestedSecurityTokenType requestedToken = response.getRequestedSecurityToken();
        assertNotNull("Unexpected null requested security token", requestedToken);

        // unmarshall the SAMLV2.0 assertion.
        Element assertionElement = (Element) requestedToken.getAny().get(0);
        AssertionType assertion = SAMLUtil.fromElement(assertionElement);

        // verify the contents of the unmarshalled assertion.
        assertNotNull("Invalid null assertion ID", assertion.getID());
        assertEquals(keyId.getValue().substring(1), assertion.getID());
        assertEquals(lifetime.getCreated(), assertion.getIssueInstant());

        // validate the assertion issuer.
        assertNotNull("Unexpected null assertion issuer", assertion.getIssuer());
        assertEquals("Unexpected assertion issuer name", "Test STS", assertion.getIssuer().getValue());

        // validate the assertion subject.
        assertNotNull("Unexpected null subject", assertion.getSubject());
        SubjectType subject = assertion.getSubject();

        NameIDType nameID = (NameIDType) subject.getSubType().getBaseID();
        assertEquals("Unexpected name id qualifier", "urn:picketlink:identity-federation", nameID.getNameQualifier());
        assertEquals("Unexpected name id value", principal, nameID.getValue());

        SubjectConfirmationType subjType = subject.getConfirmation().get(0);
        assertEquals("Unexpected confirmation method", confirmationMethod, subjType.getMethod());

        // validate the assertion conditions.
        assertNotNull("Unexpected null conditions", assertion.getConditions());
        assertEquals(lifetime.getCreated(), assertion.getConditions().getNotBefore());
        assertEquals(lifetime.getExpires(), assertion.getConditions().getNotOnOrAfter());

        assertNotNull("Assertion should have been signed", assertion.getSignature());

        return assertion;
    }
View Full Code Here
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
    public void testSAMLAssertionParsing() throws Exception {
        ClassLoader tcl = Thread.currentThread().getContextClassLoader();
        InputStream configStream = tcl.getResourceAsStream("parser/saml2/saml2-assertion.xml");

        SAMLParser parser = new SAMLParser();
        AssertionType assertion = (AssertionType) parser.parse(configStream);
        assertNotNull(assertion);

        assertEquals("ID_ab0392ef-b557-4453-95a8-a7e168da8ac5", assertion.getID());
        assertEquals(XMLTimeUtil.parse("2010-09-30T19:13:37.869Z"), assertion.getIssueInstant());
        // Issuer
        assertEquals("Test STS", assertion.getIssuer().getValue());

        // Subject
        SubjectType subject = assertion.getSubject();

        STSubType subType = subject.getSubType();
        NameIDType subjectNameID = (NameIDType) subType.getBaseID();
        assertEquals("jduke", subjectNameID.getValue());
        assertEquals("urn:picketlink:identity-federation", subjectNameID.getNameQualifier());

        ConditionsType conditions = assertion.getConditions();
        assertEquals(XMLTimeUtil.parse("2010-09-30T19:13:37.869Z"), conditions.getNotBefore());
        assertEquals(XMLTimeUtil.parse("2010-09-30T21:13:37.869Z"), conditions.getNotOnOrAfter());

        ByteArrayOutputStream baos = new ByteArrayOutputStream();
        // Lets do the writing
View Full Code Here
TOP

Related Classes of org.picketlink.identity.federation.saml.v2.assertion.AssertionType

  • org.jboss.identity.federation.api.soap.SOAPSAMLXACML
  • org.jboss.identity.federation.api.wstrust.plugins.saml.SAML20TokenProvider
  • org.jboss.identity.federation.bindings.servlets.SOAPSAMLXACMLServlet
  • org.jboss.identity.federation.bindings.tomcat.idp.IDPRedirectValve
  • org.jboss.identity.federation.bindings.tomcat.sp.SPUtil
  • org.jboss.identity.federation.core.saml.v2.factories.JBossSAMLAuthnResponseFactory
  • org.jboss.identity.federation.core.saml.v2.factories.SAMLAssertionFactory
  • org.jboss.identity.federation.core.saml.v2.util.AssertionUtil
  • org.jboss.identity.federation.core.wstrust.plugins.saml.SAML20TokenProvider
  • org.jboss.identity.federation.web.filters.SPFilter
    • Copyright © 2018 www.massapicom. All rights reserved.
    All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.