Examples of SAMLAssertion

Examples of org.opensaml.SAMLAssertion

572
573
574
575
576
577
578
579
580
581
582
583
584
585
                    WSSecurityEngineResult wser = (WSSecurityEngineResult) wsSecEngineResults
                            .get(j);
                    final Integer actInt =
                        (Integer)wser.get(WSSecurityEngineResult.TAG_ACTION);
                    if(WSConstants.ST_UNSIGNED == actInt.intValue()) {
                        final SAMLAssertion assertion =
                            ((SAMLAssertion) wser
                                .get(WSSecurityEngineResult.TAG_SAML_ASSERTION));
                        return assertion.getId();
                    }

                }
            }
            return null;
View Full Code Here

Examples of org.opensaml.SAMLAssertion

243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
                    }

                }
                //if this is a SAML1.1 assertion
                else {
                    final SAMLAssertion assertion = ((SAMLAssertion) wser.get(
                            WSSecurityEngineResult.TAG_SAML_ASSERTION));

                    // if the subject confirmation method is Bearer, do not try to get the KeyInfo
                    if(RahasConstants.SAML11_SUBJECT_CONFIRMATION_BEARER.equals(
                            TrustUtil.getSAML11SubjectConfirmationMethod(assertion))){
                        break;
                    }

                    String id = assertion.getId();
                    Date created = assertion.getNotBefore();
                    Date expires = assertion.getNotOnOrAfter();
                    SAMLKeyInfo samlKi = SAMLUtil.getSAMLKeyInfo(assertion,
                            signatureCrypto, tokenCallbackHandler);
                    try {
                        TokenStorage store = rmd.getTokenStorage();
                        if (store.getToken(id) == null) {
                            Token token = new Token(id, (OMElement) assertion.toDOM(), created, expires);
                            token.setSecret(samlKi.getSecret());
                            store.add(token);
                        }
                    } catch (Exception e) {
                        throw new RampartException(
View Full Code Here

Examples of org.opensaml.SAMLAssertion

149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
             *
             * If the key type is missing we will issue a HoK assertion
             */

            String keyType = data.getKeyType();
            SAMLAssertion assertion;
            if (keyType == null) {
                throw new TrustException(TrustException.INVALID_REQUEST,
                        new String[] { "Requested KeyType is missing" });
            }

            if (keyType.endsWith(RahasConstants.KEY_TYPE_SYMM_KEY)
                    || keyType.endsWith(RahasConstants.KEY_TYPE_PUBLIC_KEY)) {
                assertion = createHoKAssertion(config, doc, crypto,
                        creationTime, expirationTime, data);
            } else if (keyType.endsWith(RahasConstants.KEY_TYPE_BEARER)) {
                assertion = createBearerAssertion(config, doc, crypto,
                        creationTime, expirationTime, data);
            } else {
                throw new TrustException("unsupportedKeyType");
            }

            OMElement rstrElem;
            int wstVersion = data.getVersion();
            if (RahasConstants.VERSION_05_02 == wstVersion) {
                rstrElem = TrustUtil.createRequestSecurityTokenResponseElement(
                        wstVersion, env.getBody());
            } else {
                OMElement rstrcElem = TrustUtil
                        .createRequestSecurityTokenResponseCollectionElement(
                                wstVersion, env.getBody());
                rstrElem = TrustUtil.createRequestSecurityTokenResponseElement(
                        wstVersion, rstrcElem);
            }

            TrustUtil.createTokenTypeElement(wstVersion, rstrElem).setText(
                    RahasConstants.TOK_TYPE_SAML_10);

            if (keyType.endsWith(RahasConstants.KEY_TYPE_SYMM_KEY)) {
                TrustUtil.createKeySizeElement(wstVersion, rstrElem, keySize);
            }

            if (config.addRequestedAttachedRef) {
              TrustUtil.createRequestedAttachedRef(rstrElem, assertion.getId(),wstVersion);
            }

            if (config.addRequestedUnattachedRef) {
              TrustUtil.createRequestedUnattachedRef(rstrElem, assertion.getId(),wstVersion);  
            }

            if (data.getAppliesToAddress() != null) {
                TrustUtil.createAppliesToElement(rstrElem, data
                        .getAppliesToAddress(), data.getAddressingNs());
            }

            // Use GMT time in milliseconds
            DateFormat zulu = new XmlSchemaDateFormat();

            // Add the Lifetime element
            TrustUtil.createLifetimeElement(wstVersion, rstrElem, zulu
                    .format(creationTime), zulu.format(expirationTime));

            // Create the RequestedSecurityToken element and add the SAML token
            // to it
            OMElement reqSecTokenElem = TrustUtil
                    .createRequestedSecurityTokenElement(wstVersion, rstrElem);
            Token assertionToken;
            try {
                Node tempNode = assertion.toDOM();
                reqSecTokenElem.addChild((OMNode) ((Element) rstrElem)
                        .getOwnerDocument().importNode(tempNode, true));

                // Store the token
                assertionToken = new Token(assertion.getId(),
                        (OMElement) assertion.toDOM(), creationTime,
                        expirationTime);

                // At this point we definitely have the secret
                // Otherwise it should fail with an exception earlier
                assertionToken.setSecret(data.getEphmeralKey());
View Full Code Here

Examples of org.opensaml.SAMLAssertion

251
252
253
254
255
256
257
258
259
260
261
    private SAMLAssertion createBearerAssertion(SAMLTokenIssuerConfig config,
            Document doc, Crypto crypto, Date creationTime,
            Date expirationTime, RahasData data) throws TrustException {
        try {
            Principal principal = data.getPrincipal();
            SAMLAssertion assertion;
            // In the case where the principal is a UT
            if (principal instanceof WSUsernameTokenPrincipal) {
              SAMLNameIdentifier nameId = null;
              if(config.getCallbackHandler() != null){
                SAMLNameIdentifierCallback cb = new SAMLNameIdentifierCallback(data);
View Full Code Here

Examples of org.opensaml.SAMLAssertion

472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
            SAMLAttributeStatement attrStmt = new SAMLAttributeStatement(
            subject, Arrays.asList(attrs ));

            SAMLStatement[] statements = { attrStmt };

            SAMLAssertion assertion = new SAMLAssertion(config.issuerName,
                    notBefore, notAfter, null, null, Arrays.asList(statements));

            // sign the assertion
            X509Certificate[] issuerCerts = crypto
                    .getCertificates(config.issuerKeyAlias);

            String sigAlgo = XMLSignature.ALGO_ID_SIGNATURE_RSA;
            String pubKeyAlgo = issuerCerts[0].getPublicKey().getAlgorithm();
            if (pubKeyAlgo.equalsIgnoreCase("DSA")) {
                sigAlgo = XMLSignature.ALGO_ID_SIGNATURE_DSA;
            }
            java.security.Key issuerPK = crypto.getPrivateKey(
                    config.issuerKeyAlias, config.issuerKeyPassword);
            assertion.sign(sigAlgo, issuerPK, Arrays.asList(issuerCerts));

            return assertion;
        } catch (Exception e) {
            throw new TrustException("samlAssertionCreationError", e);
        }
View Full Code Here

Examples of org.opensaml.SAMLAssertion

540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
                SAMLStatement attrStatement = createSAMLAttributeStatement((SAMLSubject)subject.clone(), data, config);
                statements.add(attrStatement);
            }
            statements.add(authStmt);

            SAMLAssertion assertion = new SAMLAssertion(config.issuerName,
                    notBefore, notAfter, null, null, statements);

            // sign the assertion
            X509Certificate[] issuerCerts = crypto
                    .getCertificates(config.issuerKeyAlias);

            String sigAlgo = XMLSignature.ALGO_ID_SIGNATURE_RSA;
            String pubKeyAlgo = issuerCerts[0].getPublicKey().getAlgorithm();
            if (pubKeyAlgo.equalsIgnoreCase("DSA")) {
                sigAlgo = XMLSignature.ALGO_ID_SIGNATURE_DSA;
            }
            java.security.Key issuerPK = crypto.getPrivateKey(
                    config.issuerKeyAlias, config.issuerKeyPassword);
            assertion.sign(sigAlgo, issuerPK, Arrays.asList(issuerCerts));

            return assertion;
        } catch (Exception e) {
            throw new TrustException("samlAssertionCreationError", e);
        }
View Full Code Here

Examples of org.opensaml.SAMLAssertion

50
51
52
53
54
55
56
57
58
59
60
61
        WSSConfig wsc
    ) throws WSSecurityException {
        if (log.isDebugEnabled()) {
            log.debug("Found SAML Assertion element");
        }
        SAMLAssertion assertion = handleSAMLToken((Element) elem);
        this.id = assertion.getId();
        wsDocInfo.setAssertion((Element) elem);
        returnResults.add(
            0,
            new WSSecurityEngineResult(WSConstants.ST_UNSIGNED, assertion)
        );
View Full Code Here

Examples of org.opensaml.SAMLAssertion

63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
    }

    public SAMLAssertion handleSAMLToken(Element token) throws WSSecurityException {
        boolean result = false;
        SAMLAssertion assertion = null;
        try {
            assertion = new SAMLAssertion(token);
            result = true;
            if (log.isDebugEnabled()) {
                log.debug("SAML Assertion issuer " + assertion.getIssuer());
            }
        } catch (SAMLException e) {
            throw new WSSecurityException(
                WSSecurityException.FAILURE, "invalidSAMLsecurity", null, e
            );
View Full Code Here

Examples of org.opensaml.SAMLAssertion

56
57
58
59
60
61
62
63
64
65
66
        SAMLIssuer saml = loadSamlIssuer(handler, reqData);
        saml.setUsername(reqData.getUsername());
        saml.setUserCrypto(crypto);
        saml.setInstanceDoc(doc);

        SAMLAssertion assertion = saml.newAssertion();
        if (assertion == null) {
            throw new WSSecurityException("WSHandler: Signed SAML: no SAML token received");
        }
        String issuerKeyName = null;
        String issuerKeyPW = null;
View Full Code Here

Examples of org.opensaml.SAMLAssertion

34
35
36
37
38
39
40
41
42
43
        WSSecSAMLToken builder = new WSSecSAMLToken();
        builder.setWsConfig(reqData.getWssConfig());

        SAMLIssuer saml = loadSamlIssuer(handler, reqData);
        saml.setUsername(reqData.getUsername());
        SAMLAssertion assertion = saml.newAssertion();

        // add the SAMLAssertion Token to the SOAP Envelope
        builder.build(doc, assertion, reqData.getSecHeader());
    }
View Full Code Here
TOP
Copyright © 2018 www.massapi.com. All rights reserved.
All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.