public void testAssertionWithX500Attribute() throws Exception {
ClassLoader tcl = Thread.currentThread().getContextClassLoader();
InputStream configStream = tcl.getResourceAsStream("parser/saml2/saml2-assertion-x500attrib.xml");
SAMLParser parser = new SAMLParser();
AssertionType assertion = (AssertionType) parser.parse(configStream);
assertNotNull(assertion);
assertEquals("ID_b07b804c-7c29-ea16-7300-4f3d6f7928ac", assertion.getID());
assertEquals(XMLTimeUtil.parse("2004-12-05T09:22:05Z"), assertion.getIssueInstant());
assertEquals("2.0", assertion.getVersion());
// Issuer
assertEquals("https://idp.example.org/SAML2", assertion.getIssuer().getValue());
Set<StatementAbstractType> statements = assertion.getStatements();
assertEquals(2, statements.size());
Iterator<StatementAbstractType> iter = statements.iterator();
AuthnStatementType authnStatement = (AuthnStatementType) iter.next();
assertEquals(XMLTimeUtil.parse("2004-12-05T09:22:00Z"), authnStatement.getAuthnInstant());
assertEquals("b07b804c-7c29-ea16-7300-4f3d6f7928ac", authnStatement.getSessionIndex());
AttributeStatementType attributeStatement = (AttributeStatementType) iter.next();
List<ASTChoiceType> attributes = attributeStatement.getAttributes();
assertEquals(1, attributes.size());
AttributeType attribute = attributes.get(0).getAttribute();
assertEquals("eduPersonAffiliation", attribute.getFriendlyName());
assertEquals("urn:oid:1.3.6.1.4.1.5923.1.1.1.1", attribute.getName());
assertEquals("urn:oasis:names:tc:SAML:2.0:attrname-format:uri", attribute.getNameFormat());
// Ensure that we have x500:encoding
QName x500EncodingName = new QName(JBossSAMLURIConstants.X500_NSURI.get(), JBossSAMLConstants.ENCODING.get());
String encodingValue = attribute.getOtherAttributes().get(x500EncodingName);
assertEquals("LDAP", encodingValue);
List<Object> attributeValues = attribute.getAttributeValue();
assertEquals(2, attributeValues.size());
String str = (String) attributeValues.get(0);
if (!(str.equals("member") || str.equals("staff")))
throw new RuntimeException("attrib value not found");
// Subject
SubjectType subject = assertion.getSubject();
STSubType subType = subject.getSubType();
NameIDType subjectNameID = (NameIDType) subType.getBaseID();
assertEquals("3f7b3dcf-1674-4ecd-92c8-1544f346baf8", subjectNameID.getValue());
assertEquals("urn:oasis:names:tc:SAML:2.0:nameid-format:transient", subjectNameID.getFormat().toString());
SubjectConfirmationType subjectConfirmation = subject.getConfirmation().get(0);
assertEquals("urn:oasis:names:tc:SAML:2.0:cm:bearer", subjectConfirmation.getMethod());
SubjectConfirmationDataType subjectConfirmationData = subjectConfirmation.getSubjectConfirmationData();
assertEquals("ID_aaf23196-1773-2113-474a-fe114412ab72", subjectConfirmationData.getInResponseTo());
assertEquals(XMLTimeUtil.parse("2004-12-05T09:27:05Z"), subjectConfirmationData.getNotOnOrAfter());
assertEquals("https://sp.example.com/SAML2/SSO/POST", subjectConfirmationData.getRecipient());
ConditionsType conditions = assertion.getConditions();
assertEquals(XMLTimeUtil.parse("2004-12-05T09:17:05Z"), conditions.getNotBefore());
assertEquals(XMLTimeUtil.parse("2004-12-05T09:27:05Z"), conditions.getNotOnOrAfter());
AudienceRestrictionType audienceRestrictionType = (AudienceRestrictionType) conditions.getConditions().get(0);
assertEquals(1, audienceRestrictionType.getAudience().size());