Package org.picketlink.identity.federation.saml.v2.assertion

Examples of org.picketlink.identity.federation.saml.v2.assertion.AssertionType

58
59
60
61
62
63
64
65
66
67
68
69
        assertEquals(WSTrustConstants.VALIDATE_REQUEST, rst1.getRequestType().toASCIIString());
        assertEquals(WSTrustConstants.RSTR_STATUS_TOKEN_TYPE, rst1.getTokenType().toASCIIString());

        ValidateTargetType validateTarget = rst1.getValidateTarget();
        Element assertionElement = (Element) validateTarget.getAny().get(0);
        AssertionType assertion = SAMLUtil.fromElement(assertionElement);
        assertEquals("ID_654b6092-c725-40ea-8044-de453b59cb28", assertion.getID());

        // Now for the writing part
        ByteArrayOutputStream baos = new ByteArrayOutputStream();
        WSTrustRequestWriter rstWriter = new WSTrustRequestWriter(baos);
View Full Code Here
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
        String authnContextDeclRef = JBossSAMLURIConstants.AC_PASSWORD_PROTECTED_TRANSPORT.get();

        AuthnStatementType authnStatement = response.createAuthnStatement(authnContextDeclRef, XMLTimeUtil.getIssueInstant());

        // Create an assertion
        AssertionType assertion = response.createAssertion(id, issuerInfo.getIssuer());

        SubjectType subject = new SubjectType();

        subject.setSubType(new STSubType());
        NameIDType nameId = new NameIDType();
        nameId.setValue("jduke");
        subject.getSubType().addBaseID(nameId);

        assertion.setSubject(subject);
        assertion.addStatement(authnStatement);

        AttributeStatementType attributes = new AttributeStatementType();

        AttributeType attribute = new AttributeType("Role");

        attribute.addAttributeValue("Manager");

        attributes.addAttribute(new ASTChoiceType(attribute));

        assertion.addStatement(attributes);

        id = IDGenerator.create("ID_"); // regenerate

        return response.createResponseType(id, issuerInfo, assertion);
    }
View Full Code Here
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
        IssuerInfoHolder issuerInfo = new IssuerInfoHolder("http://localhost:8080/idp/");
        SAML2HandlerRequest request = new DefaultSAML2HandlerRequest(httpContext, issuerInfo.getIssuer(), docHolder,
                SAML2Handler.HANDLER_TYPE.IDP);
        SAML2HandlerResponse response = new DefaultSAML2HandlerResponse();

        AssertionType assertion = new AssertionType(IDGenerator.create("ID_"), XMLTimeUtil.getIssueInstant());

        Map<String, Object> myattr = new HashMap<String, Object>();
        myattr.put("testKey", "hello");
        AttributeStatementType attState = StatementUtil.createAttributeStatement(myattr);
        assertion.addStatement(attState);

        request.addOption(GeneralConstants.ASSERTION, assertion);
        handler.handleStatusResponseType(request, response);

        Map<String, List<Object>> sessionMap = (Map<String, List<Object>>) session
View Full Code Here
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
        this.provider.issueToken(context);
        assertNotNull("Unexpected null security token", context.getSecurityToken());

        SecurityToken securityToken = context.getSecurityToken();

        AssertionType assertion = assertionParser.fromElement((Element) securityToken.getTokenValue());
        /*
         * JAXBContext jaxbContext = JAXBContext.newInstance("org.picketlink.identity.federation.saml.v2.assertion");
         * Unmarshaller unmarshaller = jaxbContext.createUnmarshaller(); JAXBElement<?> parsedElement = (JAXBElement<?>)
         * unmarshaller.unmarshal((Element) context.getSecurityToken() .getTokenValue());
         * assertNotNull("Unexpected null element", parsedElement); assertEquals("Unexpected element type", AssertionType.class,
         * parsedElement.getDeclaredType());
         *
         * AssertionType assertion = (AssertionType) parsedElement.getValue(); StandardSecurityToken securityToken =
         * (StandardSecurityToken) context.getSecurityToken();
         */
        assertEquals("Unexpected token id", securityToken.getTokenID(), assertion.getID());
        assertEquals("Unexpected token issuer", "PicketLinkSTS", assertion.getIssuer().getValue());

        // check the contents of the assertion conditions.
        ConditionsType conditions = assertion.getConditions();
        assertNotNull("Unexpected null conditions", conditions);
        assertNotNull("Unexpected null value for NotBefore attribute", conditions.getNotBefore());
        assertNotNull("Unexpected null value for NotOnOrAfter attribute", conditions.getNotOnOrAfter());
        assertEquals("Unexpected number of conditions", 1, conditions.getConditions().size());

        AudienceRestrictionType restrictionType = (AudienceRestrictionType) conditions.getConditions().get(0);
        assertNotNull("Unexpected null audience list", restrictionType.getAudience());
        assertEquals("Unexpected number of audience elements", 1, restrictionType.getAudience().size());
        assertEquals("Unexpected audience value", "http://services.testcorp.org/provider2", restrictionType.getAudience()
                .get(0).toString());

        // check the contents of the assertion subject.
        SubjectType subject = assertion.getSubject();
        assertNotNull("Unexpected null subject", subject);

        NameIDType nameID = (NameIDType) subject.getSubType().getBaseID();
        assertEquals("Unexpected name id qualifier", "urn:picketlink:identity-federation", nameID.getNameQualifier());
        assertEquals("Unexpected name id", "sguilhen", nameID.getValue());

        SubjectConfirmationType confirmation = subject.getConfirmation().get(0);
        assertEquals("Unexpected confirmation method", SAMLUtil.SAML2_BEARER_URI, confirmation.getMethod());

        // validate the attached token reference created by the SAML provider.
        RequestedReferenceType reference = context.getAttachedReference();
        assertNotNull("Unexpected null attached reference", reference);
        SecurityTokenReferenceType securityRef = reference.getSecurityTokenReference();
        assertNotNull("Unexpected null security reference", securityRef);
        String tokenTypeAttr = securityRef.getOtherAttributes().get(new QName(WSTrustConstants.WSSE11_NS, "TokenType"));
        assertNotNull("Required attribute TokenType is missing", tokenTypeAttr);
        assertEquals("TokenType attribute has an unexpected value", SAMLUtil.SAML2_TOKEN_TYPE, tokenTypeAttr);
        KeyIdentifierType keyId = (KeyIdentifierType) securityRef.getAny().get(0);
        assertEquals("Unexpected key value type", SAMLUtil.SAML2_VALUE_TYPE, keyId.getValueType());
        assertNotNull("Unexpected null key identifier value", keyId.getValue());
        assertEquals(assertion.getID(), keyId.getValue().substring(1));
    }
View Full Code Here
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
        // call the SAML token provider and check the generated token.
        this.provider.issueToken(context);
        assertNotNull("Unexpected null security token", context.getSecurityToken());

        // check if the assertion has a subject confirmation that contains the encrypted symmetric key.
        AssertionType assertion = SAMLUtil.fromElement((Element) context.getSecurityToken().getTokenValue());
        SubjectType subject = assertion.getSubject();
        assertNotNull("Unexpected null subject", subject);

        NameIDType nameID = (NameIDType) subject.getSubType().getBaseID();
        assertEquals("Unexpected name id qualifier", "urn:picketlink:identity-federation", nameID.getNameQualifier());
        assertEquals("Unexpected name id", "sguilhen", nameID.getValue());

        SubjectConfirmationType confirmation = subject.getConfirmation().get(0);
        assertEquals("Unexpected confirmation method", SAMLUtil.SAML2_HOLDER_OF_KEY_URI, confirmation.getMethod());

        SubjectConfirmationDataType confirmData = confirmation.getSubjectConfirmationData();
        KeyInfoType keyInfo = (KeyInfoType) confirmData.getAnyType();
        assertEquals("Unexpected key info content size", 1, keyInfo.getContent().size());
        Element encKeyElement = (Element) keyInfo.getContent().get(0);
        assertEquals("Unexpected key info content type", WSTrustConstants.XMLEnc.ENCRYPTED_KEY, encKeyElement.getLocalName());

        // Now let's set an asymmetric proof of possession token in the context.
        Certificate certificate = this.getCertificate("keystore/sts_keystore.jks", "testpass", "service1");
        context.setProofTokenInfo(WSTrustUtil.createKeyInfo(certificate));

        // call the SAML token provider and check the generated token.
        this.provider.issueToken(context);
        assertNotNull("Unexpected null security token", context.getSecurityToken());

        // check if the assertion has a subject confirmation that contains the encoded certificate.
        assertion = SAMLUtil.fromElement((Element) context.getSecurityToken().getTokenValue());
        subject = assertion.getSubject();
        nameID = (NameIDType) subject.getSubType().getBaseID();
        assertEquals("Unexpected name id qualifier", "urn:picketlink:identity-federation", nameID.getNameQualifier());
        assertEquals("Unexpected name id", "sguilhen", nameID.getValue());
        confirmation = subject.getConfirmation().get(0);
        assertEquals("Unexpected confirmation method", SAMLUtil.SAML2_HOLDER_OF_KEY_URI, confirmation.getMethod());
View Full Code Here
90
91
92
93
94
95
96
97
98
99
100
        write(status);

        List<RTChoiceType> choiceTypes = response.getAssertions();
        if (choiceTypes != null) {
            for (RTChoiceType choiceType : choiceTypes) {
                AssertionType assertion = choiceType.getAssertion();
                if (assertion != null) {
                    assertionWriter.write(assertion);
                }

                EncryptedAssertionType encryptedAssertion = choiceType.getEncryptedAssertion();
View Full Code Here
39
40
41
42
43
44
45
46
    private Util() {
    }

    public static Element createSamlToken() throws Exception {
        String id = "ID+" + JBossSAMLBaseFactory.createUUID();
        final AssertionType assertionType = new AssertionType(id, XMLTimeUtil.getIssueInstant());
        return SAMLUtil.toElement(assertionType);
    }
View Full Code Here
474
475
476
477
478
479
480
481
482
483
484
                Element decryptedDocumentElement = XMLEncryptionUtil.decryptElementInDocument(newDoc, privateKey);
                SAMLParser parser = new SAMLParser();

                JAXPValidationUtil.checkSchemaValidation(decryptedDocumentElement);
                AssertionType assertion = (AssertionType) parser.parse(StaxParserUtil.getXMLEventReader(DocumentUtil
                        .getNodeAsStream(decryptedDocumentElement)));

                responseType.replaceAssertion(oldID, new RTChoiceType(assertion));
                return responseType;
            } catch (Exception e) {
View Full Code Here
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
            List<RTChoiceType> assertions = responseType.getAssertions();
            if (assertions.size() == 0)
                throw logger.samlHandlerNoAssertionFromIDP();

            AssertionType assertion = assertions.get(0).getAssertion();
            // Check for validity of assertion
            boolean expiredAssertion;
            try {
                String skew = (String) handlerConfig.getParameter(SAML2Handler.CLOCK_SKEW_MILIS);
                if (StringUtil.isNotNull(skew)) {
                    long skewMilis = Long.parseLong(skew);
                    expiredAssertion = AssertionUtil.hasExpired(assertion, skewMilis);
                } else
                    expiredAssertion = AssertionUtil.hasExpired(assertion);
            } catch (ConfigurationException e) {
                throw new ProcessingException(e);
            }
            if (expiredAssertion) {
                AssertionExpiredException aee = new AssertionExpiredException();
                aee.setId(assertion.getID());
                throw logger.assertionExpiredError(aee);
            }

            SubjectType subject = assertion.getSubject();
            /*
             * JAXBElement<NameIDType> jnameID = (JAXBElement<NameIDType>) subject.getContent().get(0); NameIDType nameID =
             * jnameID.getValue();
             */
            if (subject == null)
                throw logger.nullValueError("Subject in the assertion");

            STSubType subType = subject.getSubType();
            if (subType == null)
                throw logger.nullValueError("Unable to find subtype via subject");
            NameIDType nameID = (NameIDType) subType.getBaseID();

            if (nameID == null)
                throw logger.nullValueError("Unable to find username via subject");

            final String userName = nameID.getValue();
            List<String> roles = new ArrayList<String>();

            // Let us get the roles
            Set<StatementAbstractType> statements = assertion.getStatements();
            for (StatementAbstractType statement : statements) {
                if (statement instanceof AttributeStatementType) {
                    AttributeStatementType attributeStatement = (AttributeStatementType) statement;
                    roles.addAll(getRoles(attributeStatement));
                }
View Full Code Here
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
        List<org.picketlink.identity.federation.saml.v2.protocol.ResponseType.RTChoiceType> assertions = responseType
                .getAssertions();
        if (assertions.size() == 0)
            throw new IllegalStateException(ErrorCodes.NULL_VALUE + "No assertions in reply from IDP");

        AssertionType assertion = assertions.get(0).getAssertion();
        // Check for validity of assertion
        boolean expiredAssertion = AssertionUtil.hasExpired(assertion);
        if (expiredAssertion)
            throw new AssertionExpiredException(ErrorCodes.EXPIRED_ASSERTION);

        SubjectType subject = assertion.getSubject();
        /*
         * JAXBElement<NameIDType> jnameID = (JAXBElement<NameIDType>) subject.getContent().get(0); NameIDType nameID =
         * jnameID.getValue();
         */
        NameIDType nameID = (NameIDType) subject.getSubType().getBaseID();

        final String userName = nameID.getValue();
        List<String> roles = new ArrayList<String>();

        // Let us get the roles
        AttributeStatementType attributeStatement = (AttributeStatementType) assertion.getStatements().iterator().next();
        List<ASTChoiceType> attList = attributeStatement.getAttributes();
        for (ASTChoiceType obj : attList) {
            AttributeType attr = obj.getAttribute();
            String roleName = (String) attr.getAttributeValue().get(0);
            roles.add(roleName);
View Full Code Here
TOP

Related Classes of org.picketlink.identity.federation.saml.v2.assertion.AssertionType

  • org.jboss.identity.federation.api.soap.SOAPSAMLXACML
  • org.jboss.identity.federation.api.wstrust.plugins.saml.SAML20TokenProvider
  • org.jboss.identity.federation.bindings.servlets.SOAPSAMLXACMLServlet
  • org.jboss.identity.federation.bindings.tomcat.idp.IDPRedirectValve
  • org.jboss.identity.federation.bindings.tomcat.sp.SPUtil
  • org.jboss.identity.federation.core.saml.v2.factories.JBossSAMLAuthnResponseFactory
  • org.jboss.identity.federation.core.saml.v2.factories.SAMLAssertionFactory
  • org.jboss.identity.federation.core.saml.v2.util.AssertionUtil
  • org.jboss.identity.federation.core.wstrust.plugins.saml.SAML20TokenProvider
  • org.jboss.identity.federation.web.filters.SPFilter
    • Copyright © 2018 www.massapicom. All rights reserved.
    All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.