org.opensaml.saml.saml2.core.Issuer Java Examples

The following examples show how to use org.opensaml.saml.saml2.core.Issuer. You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
Source File: AuthnRequestFactory.java    From verify-service-provider with MIT License 6 votes vote down vote up
public AuthnRequest build(String serviceEntityId) {
    AuthnRequest authnRequest = new AuthnRequestBuilder().buildObject();
    authnRequest.setID(String.format("_%s", UUID.randomUUID()));
    authnRequest.setIssueInstant(DateTime.now());
    authnRequest.setForceAuthn(false);
    authnRequest.setDestination(destination.toString());
    authnRequest.setExtensions(createExtensions());

    Issuer issuer = new IssuerBuilder().buildObject();
    issuer.setValue(serviceEntityId);
    authnRequest.setIssuer(issuer);

    authnRequest.setSignature(createSignature());

    try {
        XMLObjectProviderRegistrySupport.getMarshallerFactory().getMarshaller(authnRequest).marshall(authnRequest);
        Signer.signObject(authnRequest.getSignature());
    } catch (SignatureException | MarshallingException e) {
        throw new SAMLRuntimeException("Unknown problem while signing SAML object", e);
    }

    return authnRequest;
}
 
Example #2
Source File: SAML2PResponseComponentBuilder.java    From cxf-fediz with Apache License 2.0 6 votes vote down vote up
@SuppressWarnings("unchecked")
public static Response createSAMLResponse(
    String inResponseTo,
    Issuer issuer,
    Status status
) {
    if (responseBuilder == null) {
        responseBuilder = (SAMLObjectBuilder<Response>)
            builderFactory.getBuilder(Response.DEFAULT_ELEMENT_NAME);
    }
    Response response = responseBuilder.buildObject();

    response.setID(UUID.randomUUID().toString());
    response.setIssueInstant(new DateTime());
    response.setInResponseTo(inResponseTo);
    response.setIssuer(issuer);
    response.setStatus(status);
    response.setVersion(SAMLVersion.VERSION_20);

    return response;
}
 
Example #3
Source File: AuthnRequestBuilderTest.java    From cxf with Apache License 2.0 6 votes vote down vote up
@org.junit.Test
public void testCreateLogoutRequest() throws Exception {
    Document doc = DOMUtils.createDocument();

    Issuer issuer =
        SamlpRequestComponentBuilder.createIssuer("http://localhost:9001/app");

    NameIDBean nameIdBean = new NameIDBean();
    nameIdBean.setNameValue("uid=joe,ou=people,ou=saml-demo,o=example.com");
    nameIdBean.setNameQualifier("www.example.com");
    NameID nameID = SAML2ComponentBuilder.createNameID(nameIdBean);

    Date notOnOrAfter = new Date();
    notOnOrAfter.setTime(notOnOrAfter.getTime() + 60L * 1000L);
    LogoutRequest logoutRequest =
        SamlpRequestComponentBuilder.createLogoutRequest(SAMLVersion.VERSION_20, issuer, null, null,
                                                         notOnOrAfter, null, nameID);

    Element policyElement = OpenSAMLUtil.toDom(logoutRequest, doc);
    doc.appendChild(policyElement);
    // String outputString = DOM2Writer.nodeToString(policyElement);
    assertNotNull(policyElement);
}
 
Example #4
Source File: LogoutRequestBuilder.java    From carbon-apimgt with Apache License 2.0 6 votes vote down vote up
/**
 * Overload Logout request for sessionIndexId is not exist case
 *
 * @param subject Subject
 * @param reason Reason for logout
 * @param issuerId id of issuer
 * @return SAML logout request
 */
public LogoutRequest buildLogoutRequest(String subject, String reason,
                                        String issuerId, String nameIdFormat) {
    Util.doBootstrap();
    LogoutRequest logoutReq = new org.opensaml.saml.saml2.core.impl.LogoutRequestBuilder().buildObject();
    logoutReq.setID(Util.createID());

    DateTime issueInstant = new DateTime();
    logoutReq.setIssueInstant(issueInstant);
    logoutReq.setNotOnOrAfter(new DateTime(issueInstant.getMillis() + 5 * 60 * 1000));

    IssuerBuilder issuerBuilder = new IssuerBuilder();
    Issuer issuer = issuerBuilder.buildObject();
    issuer.setValue(issuerId);
    logoutReq.setIssuer(issuer);

    logoutReq.setNameID(Util.buildNameID(nameIdFormat, subject));

    logoutReq.setReason(reason);

    return logoutReq;
}
 
Example #5
Source File: SamlSingleLogoutFunction.java    From armeria with Apache License 2.0 6 votes vote down vote up
private LogoutResponse createLogoutResponse(LogoutRequest logoutRequest,
                                            String statusCode) {
    final StatusCode success = build(StatusCode.DEFAULT_ELEMENT_NAME);
    success.setValue(statusCode);

    final Status status = build(Status.DEFAULT_ELEMENT_NAME);
    status.setStatusCode(success);

    final Issuer me = build(Issuer.DEFAULT_ELEMENT_NAME);
    me.setValue(entityId);

    final LogoutResponse logoutResponse = build(LogoutResponse.DEFAULT_ELEMENT_NAME);
    logoutResponse.setIssuer(me);
    logoutResponse.setID(requestIdManager.newId());
    logoutResponse.setIssueInstant(DateTime.now());
    logoutResponse.setStatus(status);
    logoutResponse.setInResponseTo(logoutRequest.getID());

    return logoutResponse;
}
 
Example #6
Source File: LogoutRequestBuilder.java    From carbon-apimgt with Apache License 2.0 6 votes vote down vote up
/**
 * Build the logout request
 * @param subject name of the user
 * @param reason reason for generating logout request.
 * @return LogoutRequest object
 */
public LogoutRequest buildLogoutRequest(String subject,String sessionIndexId, String reason,
                                        String issuerId, String nameIdFormat) {
    Util.doBootstrap();
    LogoutRequest logoutReq = new org.opensaml.saml.saml2.core.impl.LogoutRequestBuilder().buildObject();
    logoutReq.setID(Util.createID());

    DateTime issueInstant = new DateTime();
    logoutReq.setIssueInstant(issueInstant);
    logoutReq.setNotOnOrAfter(new DateTime(issueInstant.getMillis() + 5 * 60 * 1000));

    IssuerBuilder issuerBuilder = new IssuerBuilder();
    Issuer issuer = issuerBuilder.buildObject();
    issuer.setValue(issuerId);
    logoutReq.setIssuer(issuer);

    logoutReq.setNameID(Util.buildNameID(nameIdFormat, subject));

    SessionIndex sessionIndex = new SessionIndexBuilder().buildObject();
    sessionIndex.setSessionIndex(sessionIndexId);
    logoutReq.getSessionIndexes().add(sessionIndex);

    logoutReq.setReason(reason);

    return logoutReq;
}
 
Example #7
Source File: SamlServiceProviderTest.java    From armeria with Apache License 2.0 6 votes vote down vote up
private static LogoutRequest getLogoutRequest(String destination, String issuerId) {
    final LogoutRequest logoutRequest = build(LogoutRequest.DEFAULT_ELEMENT_NAME);

    logoutRequest.setID(requestIdManager.newId());
    logoutRequest.setDestination(destination);

    final Issuer issuer = build(Issuer.DEFAULT_ELEMENT_NAME);
    issuer.setValue(issuerId);
    logoutRequest.setIssuer(issuer);
    logoutRequest.setIssueInstant(DateTime.now());

    final NameID nameID = build(NameID.DEFAULT_ELEMENT_NAME);
    nameID.setFormat(SamlNameIdFormat.EMAIL.urn());

    logoutRequest.setNameID(nameID);

    return logoutRequest;
}
 
Example #8
Source File: SamlpRequestComponentBuilder.java    From cxf-fediz with Apache License 2.0 5 votes vote down vote up
@SuppressWarnings("unchecked")
//CHECKSTYLE:OFF
public static AuthnRequest createAuthnRequest(
    String serviceURL,
    boolean forceAuthn,
    boolean isPassive,
    String protocolBinding,
    SAMLVersion version,
    Issuer issuer,
    NameIDPolicy nameIDPolicy,
    RequestedAuthnContext requestedAuthnCtx
) {
//CHECKSTYLE:ON
    if (authnRequestBuilder == null) {
        authnRequestBuilder = (SAMLObjectBuilder<AuthnRequest>)
            builderFactory.getBuilder(AuthnRequest.DEFAULT_ELEMENT_NAME);
    }
    AuthnRequest authnRequest = authnRequestBuilder.buildObject();
    authnRequest.setAssertionConsumerServiceURL(serviceURL);
    authnRequest.setForceAuthn(forceAuthn);
    authnRequest.setID("_" + UUID.randomUUID().toString());
    authnRequest.setIsPassive(isPassive);
    authnRequest.setIssueInstant(new DateTime());
    authnRequest.setProtocolBinding(protocolBinding);
    authnRequest.setVersion(version);

    authnRequest.setIssuer(issuer);
    authnRequest.setNameIDPolicy(nameIDPolicy);
    authnRequest.setRequestedAuthnContext(requestedAuthnCtx);

    return authnRequest;
}
 
Example #9
Source File: SamlpRequestComponentBuilder.java    From cxf with Apache License 2.0 5 votes vote down vote up
@SuppressWarnings("unchecked")
public static LogoutRequest createLogoutRequest(
    SAMLVersion version,
    Issuer issuer,
    String destination,
    String consent,
    Date notOnOrAfter,
    String reason,
    NameID nameID
) {
    if (logoutRequestBuilder == null) {
        logoutRequestBuilder = (SAMLObjectBuilder<LogoutRequest>)
            builderFactory.getBuilder(LogoutRequest.DEFAULT_ELEMENT_NAME);
    }
    LogoutRequest logoutRequest = logoutRequestBuilder.buildObject();
    logoutRequest.setID("_" + UUID.randomUUID());
    logoutRequest.setVersion(version);
    logoutRequest.setIssueInstant(new DateTime());
    logoutRequest.setDestination(destination);
    logoutRequest.setConsent(consent);
    logoutRequest.setIssuer(issuer);
    if (notOnOrAfter != null) {
        logoutRequest.setNotOnOrAfter(new DateTime(notOnOrAfter.getTime()));
    }
    logoutRequest.setReason(reason);
    logoutRequest.setNameID(nameID);

    return logoutRequest;
}
 
Example #10
Source File: DefaultAuthnRequestBuilder.java    From cxf with Apache License 2.0 5 votes vote down vote up
/**
 * Create a SAML 2.0 Protocol AuthnRequest
 */
public AuthnRequest createAuthnRequest(
    Message message,
    String issuerId,
    String assertionConsumerServiceAddress
) throws Exception {
    Issuer issuer =
        SamlpRequestComponentBuilder.createIssuer(issuerId);

    NameIDPolicy nameIDPolicy =
        SamlpRequestComponentBuilder.createNameIDPolicy(true, nameIDFormat, issuerId);

    AuthnContextClassRef authnCtxClassRef =
        SamlpRequestComponentBuilder.createAuthnCtxClassRef(
            "urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport"
        );
    RequestedAuthnContext authnCtx =
        SamlpRequestComponentBuilder.createRequestedAuthnCtxPolicy(
            AuthnContextComparisonTypeEnumeration.EXACT,
            Collections.singletonList(authnCtxClassRef), null
        );

    //CHECKSTYLE:OFF
    return SamlpRequestComponentBuilder.createAuthnRequest(
            assertionConsumerServiceAddress,
            forceAuthn,
            isPassive,
            protocolBinding,
            SAMLVersion.VERSION_20,
            issuer,
            nameIDPolicy,
            authnCtx
    );

}
 
Example #11
Source File: AuthnRequestBuilderTest.java    From cxf with Apache License 2.0 5 votes vote down vote up
@org.junit.Test
public void testCreateAuthnRequest() throws Exception {
    Document doc = DOMUtils.createDocument();

    Issuer issuer =
        SamlpRequestComponentBuilder.createIssuer("http://localhost:9001/app");
    NameIDPolicy nameIDPolicy =
        SamlpRequestComponentBuilder.createNameIDPolicy(
            true, "urn:oasis:names:tc:SAML:2.0:nameid-format:persistent", "Issuer"
        );

    AuthnContextClassRef authnCtxClassRef =
        SamlpRequestComponentBuilder.createAuthnCtxClassRef(
            "urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport"
        );
    RequestedAuthnContext authnCtx =
        SamlpRequestComponentBuilder.createRequestedAuthnCtxPolicy(
            AuthnContextComparisonTypeEnumeration.EXACT,
            Collections.singletonList(authnCtxClassRef), null
        );

    AuthnRequest authnRequest =
        SamlpRequestComponentBuilder.createAuthnRequest(
            "http://localhost:9001/sso", false, false,
            "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST", SAMLVersion.VERSION_20,
            issuer, nameIDPolicy, authnCtx
        );

    Element policyElement = OpenSAMLUtil.toDom(authnRequest, doc);
    doc.appendChild(policyElement);
    // String outputString = DOM2Writer.nodeToString(policyElement);
    assertNotNull(policyElement);
}
 
Example #12
Source File: SAML2PResponseComponentBuilder.java    From cxf with Apache License 2.0 5 votes vote down vote up
@SuppressWarnings("unchecked")
public static Issuer createIssuer(
    String issuerValue
) {
    if (issuerBuilder == null) {
        issuerBuilder = (SAMLObjectBuilder<Issuer>)
            builderFactory.getBuilder(Issuer.DEFAULT_ELEMENT_NAME);
    }
    Issuer issuer = issuerBuilder.buildObject();
    issuer.setValue(issuerValue);

    return issuer;
}
 
Example #13
Source File: SAML2PResponseComponentBuilder.java    From cxf-fediz with Apache License 2.0 5 votes vote down vote up
@SuppressWarnings("unchecked")
public static Issuer createIssuer(
    String issuerValue
) {
    if (issuerBuilder == null) {
        issuerBuilder = (SAMLObjectBuilder<Issuer>)
            builderFactory.getBuilder(Issuer.DEFAULT_ELEMENT_NAME);
    }
    Issuer issuer = issuerBuilder.buildObject();
    issuer.setValue(issuerValue);

    return issuer;
}
 
Example #14
Source File: SAML2PResponseComponentBuilder.java    From cxf-fediz with Apache License 2.0 5 votes vote down vote up
@SuppressWarnings("unchecked")
public static Issuer createIssuer(
    String issuerValue
) {
    if (issuerBuilder == null) {
        issuerBuilder = (SAMLObjectBuilder<Issuer>)
            builderFactory.getBuilder(Issuer.DEFAULT_ELEMENT_NAME);
    }
    Issuer issuer = issuerBuilder.buildObject();
    issuer.setValue(issuerValue);

    return issuer;
}
 
Example #15
Source File: SamlpRequestComponentBuilder.java    From cxf with Apache License 2.0 5 votes vote down vote up
@SuppressWarnings("unchecked")
public static Issuer createIssuer(
    String issuerValue
) {
    if (issuerBuilder == null) {
        issuerBuilder = (SAMLObjectBuilder<Issuer>)
            builderFactory.getBuilder(Issuer.DEFAULT_ELEMENT_NAME);
    }
    Issuer issuer = issuerBuilder.buildObject();
    issuer.setValue(issuerValue);

    return issuer;
}
 
Example #16
Source File: SamlpRequestComponentBuilder.java    From cxf-fediz with Apache License 2.0 5 votes vote down vote up
@SuppressWarnings("unchecked")
public static LogoutRequest createLogoutRequest(
    Issuer issuer,
    String reason,
    NameID nameId,
    List<String> sessionIndices
) {
    if (logoutRequestBuilder == null) {
        logoutRequestBuilder = (SAMLObjectBuilder<LogoutRequest>)
            builderFactory.getBuilder(LogoutRequest.DEFAULT_ELEMENT_NAME);
    }
    if (sessionIndexBuilder == null) {
        sessionIndexBuilder = (SAMLObjectBuilder<SessionIndex>)
            builderFactory.getBuilder(SessionIndex.DEFAULT_ELEMENT_NAME);
    }

    LogoutRequest logoutRequest = logoutRequestBuilder.buildObject();

    logoutRequest.setID("_" + UUID.randomUUID().toString());
    logoutRequest.setIssueInstant(new DateTime());

    if (reason != null) {
        logoutRequest.setReason(reason);
    }
    if (nameId != null) {
        logoutRequest.setNameID(nameId);
    }

    if (sessionIndices != null && !sessionIndices.isEmpty()) {
        for (String sessionIndex : sessionIndices) {
            SessionIndex sessionIndexObj = sessionIndexBuilder.buildObject();
            sessionIndexObj.setSessionIndex(sessionIndex);
            logoutRequest.getSessionIndexes().add(sessionIndexObj);
        }
    }

    logoutRequest.setIssuer(issuer);

    return logoutRequest;
}
 
Example #17
Source File: SamlpRequestComponentBuilder.java    From cxf-fediz with Apache License 2.0 5 votes vote down vote up
@SuppressWarnings("unchecked")
public static Issuer createIssuer(
    String issuerValue
) {
    if (issuerBuilder == null) {
        issuerBuilder = (SAMLObjectBuilder<Issuer>)
            builderFactory.getBuilder(Issuer.DEFAULT_ELEMENT_NAME);
    }
    Issuer issuer = issuerBuilder.buildObject();
    issuer.setValue(issuerValue);

    return issuer;
}
 
Example #18
Source File: DefaultSAMLPRequestBuilder.java    From cxf-fediz with Apache License 2.0 5 votes vote down vote up
/**
 * Create a SAML 2.0 Protocol AuthnRequest
 */
public AuthnRequest createAuthnRequest(
    String issuerId,
    String assertionConsumerServiceAddress
) throws Exception {
    Issuer issuer =
        SamlpRequestComponentBuilder.createIssuer(issuerId);

    NameIDPolicy nameIDPolicy =
        SamlpRequestComponentBuilder.createNameIDPolicy(
            true, nameIDFormat, issuerId
        );

    AuthnContextClassRef authnCtxClassRef =
        SamlpRequestComponentBuilder.createAuthnCtxClassRef(
            "urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport"
        );
    RequestedAuthnContext authnCtx =
        SamlpRequestComponentBuilder.createRequestedAuthnCtxPolicy(
            AuthnContextComparisonTypeEnumeration.EXACT,
            Collections.singletonList(authnCtxClassRef), null
        );

    //CHECKSTYLE:OFF
    return SamlpRequestComponentBuilder.createAuthnRequest(
            assertionConsumerServiceAddress,
            forceAuthn,
            isPassive,
            protocolBinding,
            SAMLVersion.VERSION_20,
            issuer,
            nameIDPolicy,
            authnCtx
    );

}
 
Example #19
Source File: SAMLResponseConformanceTest.java    From cxf-fediz with Apache License 2.0 5 votes vote down vote up
private Element createSamlResponse(SamlAssertionWrapper assertion, String alias,
                                  boolean sign, String requestID, Issuer issuer)
    throws IOException, UnsupportedCallbackException, WSSecurityException, Exception {
    WSPasswordCallback[] cb = {
        new WSPasswordCallback(alias, WSPasswordCallback.SIGNATURE)
    };
    cbPasswordHandler.handle(cb);
    String password = cb[0].getPassword();

    if (sign) {
        assertion.signAssertion(alias, password, crypto, false);
    }

    DocumentBuilder docBuilder = docBuilderFactory.newDocumentBuilder();
    Document doc = docBuilder.newDocument();

    Status status =
        SAML2PResponseComponentBuilder.createStatus(
            "urn:oasis:names:tc:SAML:2.0:status:Success", null
        );

    Issuer responseIssuer = issuer;
    if (responseIssuer == null) {
        responseIssuer = SAML2PResponseComponentBuilder.createIssuer(assertion.getIssuerString());
    }
    Response response =
        SAML2PResponseComponentBuilder.createSAMLResponse(requestID,
                                                          responseIssuer,
                                                          status);

    response.getAssertions().add(assertion.getSaml2());

    Element policyElement = OpenSAMLUtil.toDom(response, doc);
    doc.appendChild(policyElement);

    return policyElement;
}
 
Example #20
Source File: CustomSAMLPRequestBuilder.java    From cxf-fediz with Apache License 2.0 5 votes vote down vote up
/**
 * Create a SAML 2.0 Protocol AuthnRequest
 */
public AuthnRequest createAuthnRequest(
    String issuerId,
    String assertionConsumerServiceAddress
) throws Exception {
    Issuer issuer =
        SamlpRequestComponentBuilder.createIssuer(issuerId);

    NameIDPolicy nameIDPolicy =
        SamlpRequestComponentBuilder.createNameIDPolicy(
            true, "urn:oasis:names:tc:SAML:2.0:nameid-format:persistent", issuerId
        );

    AuthnContextClassRef authnCtxClassRef =
        SamlpRequestComponentBuilder.createAuthnCtxClassRef(
            "urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport"
        );
    RequestedAuthnContext authnCtx =
        SamlpRequestComponentBuilder.createRequestedAuthnCtxPolicy(
            AuthnContextComparisonTypeEnumeration.EXACT,
            Collections.singletonList(authnCtxClassRef), null
        );

    //CHECKSTYLE:OFF
    return SamlpRequestComponentBuilder.createAuthnRequest(
            assertionConsumerServiceAddress,
            forceAuthn,
            isPassive,
            protocolBinding,
            SAMLVersion.VERSION_11,
            issuer,
            nameIDPolicy,
            authnCtx
    );

}
 
Example #21
Source File: SAML2PResponseComponentBuilder.java    From cxf-fediz with Apache License 2.0 5 votes vote down vote up
@SuppressWarnings("unchecked")
public static Issuer createIssuer(
    String issuerValue
) {
    if (issuerBuilder == null) {
        issuerBuilder = (SAMLObjectBuilder<Issuer>)
            builderFactory.getBuilder(Issuer.DEFAULT_ELEMENT_NAME);
    }
    Issuer issuer = issuerBuilder.buildObject();
    issuer.setValue(issuerValue);

    return issuer;
}
 
Example #22
Source File: SAML2PResponseComponentBuilder.java    From cxf-fediz with Apache License 2.0 5 votes vote down vote up
@SuppressWarnings("unchecked")
public static Issuer createIssuer(
    String issuerValue,
    String issuerFormat
) {
    if (issuerBuilder == null) {
        issuerBuilder = (SAMLObjectBuilder<Issuer>)
            builderFactory.getBuilder(Issuer.DEFAULT_ELEMENT_NAME);
    }
    Issuer issuer = issuerBuilder.buildObject();
    issuer.setValue(issuerValue);
    issuer.setFormat(issuerFormat);

    return issuer;
}
 
Example #23
Source File: SamlpRequestComponentBuilder.java    From cxf with Apache License 2.0 5 votes vote down vote up
@SuppressWarnings("unchecked")
//CHECKSTYLE:OFF
public static AuthnRequest createAuthnRequest(
    String serviceURL,
    boolean forceAuthn,
    boolean isPassive,
    String protocolBinding,
    SAMLVersion version,
    Issuer issuer,
    NameIDPolicy nameIDPolicy,
    RequestedAuthnContext requestedAuthnCtx
) {
//CHECKSTYLE:ON
    if (authnRequestBuilder == null) {
        authnRequestBuilder = (SAMLObjectBuilder<AuthnRequest>)
            builderFactory.getBuilder(AuthnRequest.DEFAULT_ELEMENT_NAME);
    }
    AuthnRequest authnRequest = authnRequestBuilder.buildObject();
    authnRequest.setAssertionConsumerServiceURL(serviceURL);
    authnRequest.setForceAuthn(forceAuthn);
    authnRequest.setID("_" + UUID.randomUUID());
    authnRequest.setIsPassive(isPassive);
    authnRequest.setIssueInstant(new DateTime());
    authnRequest.setProtocolBinding(protocolBinding);
    authnRequest.setVersion(version);

    authnRequest.setIssuer(issuer);
    authnRequest.setNameIDPolicy(nameIDPolicy);
    authnRequest.setRequestedAuthnContext(requestedAuthnCtx);

    return authnRequest;
}
 
Example #24
Source File: WSXACMLMessageReceiver.java    From carbon-identity-framework with Apache License 2.0 5 votes vote down vote up
/**
 * Check for the validity of the issuer
 *
 * @param issuer :who makes the claims inside the Query
 * @return whether the issuer is valid
 */
private boolean validateIssuer(Issuer issuer) {

    boolean isValidated = false;

    if (issuer.getValue().equals("https://identity.carbon.wso2.org")
            && issuer.getSPProvidedID().equals("SPPProvierId")) {
        isValidated = true;
    }
    return isValidated;
}
 
Example #25
Source File: SamlClient.java    From saml-client with MIT License 5 votes vote down vote up
/** Create a minimal SAML request
 *
 * @param defaultElementName The SomeClass.DEFAULT_ELEMENT_NAME we'll be casting this object into
 * */
private RequestAbstractType getBasicSamlRequest(QName defaultElementName) {
  RequestAbstractType request = (RequestAbstractType) buildSamlObject(defaultElementName);
  request.setID("z" + UUID.randomUUID().toString()); // ADFS needs IDs to start with a letter

  request.setVersion(SAMLVersion.VERSION_20);
  request.setIssueInstant(DateTime.now());

  Issuer issuer = (Issuer) buildSamlObject(Issuer.DEFAULT_ELEMENT_NAME);
  issuer.setValue(relyingPartyIdentifier);
  request.setIssuer(issuer);

  return request;
}
 
Example #26
Source File: SamlClient.java    From saml-client with MIT License 5 votes vote down vote up
/**
 * Gets saml logout response.
 *
 * @param status  the status code @See StatusCode.java
 * @param statMsg the status message
 * @return saml logout response
 * @throws SamlException the saml exception
 */
public String getSamlLogoutResponse(final String status, final String statMsg)
    throws SamlException {
  LogoutResponse response = (LogoutResponse) buildSamlObject(LogoutResponse.DEFAULT_ELEMENT_NAME);
  response.setID("z" + UUID.randomUUID().toString()); // ADFS needs IDs to start with a letter

  response.setVersion(SAMLVersion.VERSION_20);
  response.setIssueInstant(DateTime.now());

  Issuer issuer = (Issuer) buildSamlObject(Issuer.DEFAULT_ELEMENT_NAME);
  issuer.setValue(relyingPartyIdentifier);
  response.setIssuer(issuer);

  //Status
  Status stat = (Status) buildSamlObject(Status.DEFAULT_ELEMENT_NAME);
  StatusCode statCode = new StatusCodeBuilder().buildObject();
  statCode.setValue(status);
  stat.setStatusCode(statCode);
  if (statMsg != null) {
    StatusMessage statMessage = new StatusMessageBuilder().buildObject();
    statMessage.setMessage(statMsg);
    stat.setStatusMessage(statMessage);
  }
  response.setStatus(stat);
  //Add a signature into the response
  signSAMLObject(response);

  StringWriter stringWriter;
  try {
    stringWriter = marshallXmlObject(response);
  } catch (MarshallingException ex) {
    throw new SamlException("Error while marshalling SAML request to XML", ex);
  }

  logger.trace("Issuing SAML Logout request: " + stringWriter.toString());

  return Base64.encodeBase64String(stringWriter.toString().getBytes(StandardCharsets.UTF_8));
}
 
Example #27
Source File: SamlAssertionConsumerFunction.java    From armeria with Apache License 2.0 5 votes vote down vote up
private SamlIdentityProviderConfig resolveIdpConfig(Issuer issuer) {
    final String value = issuer.getValue();
    if (value != null) {
        final SamlIdentityProviderConfig config = idpConfigs.get(value);
        if (config != null) {
            return config;
        }
    }
    throw new InvalidSamlRequestException("failed to find identity provider from configuration: " +
                                          issuer.getValue());
}
 
Example #28
Source File: WSXACMLMessageReceiver.java    From carbon-identity-framework with Apache License 2.0 5 votes vote down vote up
/**
 * Create the issuer object to be added
 *
 * @return : the issuer of the statements
 */
private static Issuer createIssuer() {

    IssuerBuilder issuer = (IssuerBuilder) XMLObjectProviderRegistrySupport.getBuilderFactory().
            getBuilder(Issuer.DEFAULT_ELEMENT_NAME);
    Issuer issuerObject = issuer.buildObject();
    issuerObject.setValue("https://identity.carbon.wso2.org");
    issuerObject.setSPProvidedID("SPPProvierId");
    return issuerObject;
}
 
Example #29
Source File: MatchingAssertionTranslatorTest.java    From verify-service-provider with MIT License 5 votes vote down vote up
private AssertionBuilder aSignedAssertion() {
    Issuer issuer = IssuerBuilder.anIssuer().build();
    issuer.setValue(TestEntityIds.TEST_RP_MS);
    return anAssertion()
            .withIssuer(issuer)
        .withSubject(aValidSubject().build())
        .withConditions(aValidConditions().build())
        .withSignature(aSignature()
            .withSigningCredential(testRpMsaSigningCredential)
            .build());
}
 
Example #30
Source File: LogoutRequestBuilder.java    From carbon-apimgt with Apache License 2.0 5 votes vote down vote up
/**
 * Build the logout request
 * @param subject name of the user
 * @param reason reason for generating logout request.
 * @return LogoutRequest object
 */
public LogoutRequest buildSignedLogoutRequest(String subject,String sessionIndexId, String reason,
        String issuerId, int tenantId, String tenantDomain, String destination, String nameIdFormat)
        throws SSOHostObjectException {
    Util.doBootstrap();
    LogoutRequest logoutReq = new org.opensaml.saml.saml2.core.impl.LogoutRequestBuilder().buildObject();
    logoutReq.setID(Util.createID());

    DateTime issueInstant = new DateTime();
    logoutReq.setIssueInstant(issueInstant);
    logoutReq.setNotOnOrAfter(new DateTime(issueInstant.getMillis() + 5 * 60 * 1000));

    IssuerBuilder issuerBuilder = new IssuerBuilder();
    Issuer issuer = issuerBuilder.buildObject();
    issuer.setValue(issuerId);
    logoutReq.setIssuer(issuer);

    logoutReq.setNameID(Util.buildNameID(nameIdFormat, subject));

    SessionIndex sessionIndex = new SessionIndexBuilder().buildObject();
    sessionIndex.setSessionIndex(sessionIndexId);
    logoutReq.getSessionIndexes().add(sessionIndex);

    logoutReq.setReason(reason);
    logoutReq.setDestination(destination);

    SSOAgentCarbonX509Credential ssoAgentCarbonX509Credential =
            new SSOAgentCarbonX509Credential(tenantId, tenantDomain);
    setSignature(logoutReq, SignatureConstants.ALGO_ID_SIGNATURE_RSA,
            new X509CredentialImpl(ssoAgentCarbonX509Credential));

    return logoutReq;
}