org.opensaml.saml2.core.Attribute Java Examples

The following examples show how to use org.opensaml.saml2.core.Attribute. You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
Source Project: lams   Author: lamsfoundation   File: IDPSSODescriptorUnmarshaller.java    License: GNU General Public License v2.0 6 votes vote down vote up
/** {@inheritDoc} */
protected void processChildElement(XMLObject parentObject, XMLObject childObject) throws UnmarshallingException {
    IDPSSODescriptor descriptor = (IDPSSODescriptor) parentObject;

    if (childObject instanceof SingleSignOnService) {
        descriptor.getSingleSignOnServices().add((SingleSignOnService) childObject);
    } else if (childObject instanceof NameIDMappingService) {
        descriptor.getNameIDMappingServices().add((NameIDMappingService) childObject);
    } else if (childObject instanceof AssertionIDRequestService) {
        descriptor.getAssertionIDRequestServices().add((AssertionIDRequestService) childObject);
    } else if (childObject instanceof AttributeProfile) {
        descriptor.getAttributeProfiles().add((AttributeProfile) childObject);
    } else if (childObject instanceof Attribute) {
        descriptor.getAttributes().add((Attribute) childObject);
    } else {
        super.processChildElement(parentObject, childObject);
    }
}
 
Example #2
Source Project: lams   Author: lamsfoundation   File: AttributeAuthorityDescriptorUnmarshaller.java    License: GNU General Public License v2.0 6 votes vote down vote up
/** {@inheritDoc} */
protected void processChildElement(XMLObject parentElement, XMLObject childElement) throws UnmarshallingException {
    AttributeAuthorityDescriptor descriptor = (AttributeAuthorityDescriptor) parentElement;

    if (childElement instanceof AttributeService) {
        descriptor.getAttributeServices().add((AttributeService) childElement);
    } else if (childElement instanceof AssertionIDRequestService) {
        descriptor.getAssertionIDRequestServices().add((AssertionIDRequestService) childElement);
    } else if (childElement instanceof NameIDFormat) {
        descriptor.getNameIDFormats().add((NameIDFormat) childElement);
    } else if (childElement instanceof AttributeProfile) {
        descriptor.getAttributeProfiles().add((AttributeProfile) childElement);
    } else if (childElement instanceof Attribute) {
        descriptor.getAttributes().add((Attribute) childElement);
    } else {
        super.processChildElement(parentElement, childElement);
    }
}
 
Example #3
Source Project: lams   Author: lamsfoundation   File: AttributeQuerySchemaValidator.java    License: GNU General Public License v2.0 6 votes vote down vote up
/**
 * Checks that all the attributes have a unique Name/NameFormat pair.
 * 
 * @param query the attribute query to validate
 * 
 * @throws ValidationException thrown if more than on Name/NameFormat pair is found in the list of attributes in
 *             this query
 */
protected void validateUniqueAttributeIdentifiers(AttributeQuery query) throws ValidationException {
    List<Attribute> attributes = query.getAttributes();

    HashSet<Pair<String, String>> encounteredNames = new HashSet<Pair<String, String>>();
    String attributeName;
    String attributeNameFormat;
    for (Attribute attribute : attributes) {
        attributeName = attribute.getName();
        attributeNameFormat = attribute.getNameFormat();
        if (DatatypeHelper.isEmpty(attributeNameFormat)) {
            // SAML 2 core, sec. 2.7.3.1, if no format is specified,
            // unspecified is in effect. This avoids bug in processing null value.
            attributeNameFormat = Attribute.UNSPECIFIED;
        }
        
        Pair<String, String> pair = new Pair<String, String>(attributeName, attributeNameFormat);
        if (encounteredNames.contains(pair)) {
            throw new ValidationException(
                    "Attribute query contains more than one attribute with the same Name and NameFormat");
        } else {
            encounteredNames.add(pair);
        }
    }
}
 
Example #4
Source Project: lams   Author: lamsfoundation   File: AttributeUnmarshaller.java    License: GNU General Public License v2.0 6 votes vote down vote up
/** {@inheritDoc} */
protected void processAttribute(XMLObject samlObject, Attr attribute) throws UnmarshallingException {

    Attribute attrib = (Attribute) samlObject;

    if (attribute.getLocalName().equals(Attribute.NAME_ATTTRIB_NAME)) {
        attrib.setName(attribute.getValue());
    } else if (attribute.getLocalName().equals(Attribute.NAME_FORMAT_ATTRIB_NAME)) {
        attrib.setNameFormat(attribute.getValue());
    } else if (attribute.getLocalName().equals(Attribute.FRIENDLY_NAME_ATTRIB_NAME)) {
        attrib.setFriendlyName(attribute.getValue());
    } else {
        QName attribQName = XMLHelper.getNodeQName(attribute);
        if (attribute.isId()) {
            attrib.getUnknownAttributes().registerID(attribQName);
        }
        attrib.getUnknownAttributes().put(attribQName, attribute.getValue());
    }
}
 
Example #5
Source Project: spring-boot-security-saml   Author: ulisesbocchio   File: SimpleSAMLUserDetailsServiceTest.java    License: MIT License 6 votes vote down vote up
@Test
public void testAttributes() {
    SAMLCredential samlCredential = mock(SAMLCredential.class);
    NameID nameId = mock(NameID.class);
    when(samlCredential.getNameID()).thenReturn(nameId);
    Attribute attribute = mock(Attribute.class);
    when(attribute.getName()).thenReturn("attr");
    when(samlCredential.getAttributes()).thenReturn(Collections.singletonList(attribute));
    when(samlCredential.getAttribute("attr")).thenReturn(attribute);
    when(samlCredential.getAttributeAsString("attr")).thenReturn("value");
    when(samlCredential.getAttributeAsStringArray("attr")).thenReturn(new String[]{"value"});
    when(nameId.toString()).thenReturn(NameID.UNSPECIFIED);
    SAMLUserDetails details = (SAMLUserDetails) new SimpleSAMLUserDetailsService().loadUserBySAML(samlCredential);
    assertThat(details.getPassword()).isEmpty();
    assertThat(details.isAccountNonExpired()).isTrue();
    assertThat(details.isAccountNonLocked()).isTrue();
    assertThat(details.isCredentialsNonExpired()).isTrue();
    assertThat(details.isEnabled()).isTrue();
    assertThat(details.getAuthorities()).extracting(GrantedAuthority::getAuthority).containsExactly("ROLE_USER");
    assertThat(details.getAttribute("attr")).isEqualTo("value");
    assertThat(details.getAttributeArray("attr")).containsExactly("value");
    assertThat(details.getAttributes()).containsOnlyKeys("attr").containsValue("value");
    assertThat(details.getAttributesArrays()).containsOnlyKeys("attr");
    assertThat(details.getAttributesArrays().get("attr")).containsExactly("value");
}
 
Example #6
Source Project: spring-boot-security-saml   Author: ulisesbocchio   File: SAMLUserDetailsTest.java    License: MIT License 6 votes vote down vote up
@Test
public void testAttributes() {
    SAMLCredential samlCredential = mock(SAMLCredential.class);
    NameID nameId = mock(NameID.class);
    when(samlCredential.getNameID()).thenReturn(nameId);
    Attribute attribute = mock(Attribute.class);
    when(attribute.getName()).thenReturn("attr");
    when(samlCredential.getAttributes()).thenReturn(Collections.singletonList(attribute));
    when(samlCredential.getAttribute("attr")).thenReturn(attribute);
    when(samlCredential.getAttributeAsString("attr")).thenReturn("value");
    when(samlCredential.getAttributeAsStringArray("attr")).thenReturn(new String[]{"value"});
    when(nameId.toString()).thenReturn(NameID.UNSPECIFIED);
    SAMLUserDetails details = new SAMLUserDetails(samlCredential);
    assertThat(details.getPassword()).isEmpty();
    assertThat(details.isAccountNonExpired()).isTrue();
    assertThat(details.isAccountNonLocked()).isTrue();
    assertThat(details.isCredentialsNonExpired()).isTrue();
    assertThat(details.isEnabled()).isTrue();
    assertThat(details.getAuthorities()).extracting(GrantedAuthority::getAuthority).containsExactly("ROLE_USER");
    assertThat(details.getAttribute("attr")).isEqualTo("value");
    assertThat(details.getAttributeArray("attr")).containsExactly("value");
    assertThat(details.getAttributes()).containsOnlyKeys("attr").containsValue("value");
    assertThat(details.getAttributesArrays()).containsOnlyKeys("attr");
    assertThat(details.getAttributesArrays().get("attr")).containsExactly("value");
}
 
Example #7
Source Project: MaxKey   Author: shimingxy   File: AttributeStatementGenerator.java    License: Apache License 2.0 6 votes vote down vote up
public Attribute builderAttribute(String attributeName,String value ,String nameFormat){
	AttributeBuilder attributeBuilder = (AttributeBuilder) builderFactory.getBuilder(Attribute.DEFAULT_ELEMENT_NAME);
	Attribute attribute = attributeBuilder.buildObject();
	attribute.setName(attributeName);

	// urn:oasis:names:tc:SAML:2.0:attrname-format:basic
	if(nameFormat==null || nameFormat.equals("")) {
		nameFormat=Attribute.BASIC;
	}
	
	attribute.setNameFormat(nameFormat);
	if(value!=null) {	
		attribute.getAttributeValues().add(builderAttributeValue(value));
	}
	
	return attribute;
}
 
Example #8
Source Project: spring-boot-security-saml-samples   Author: ulisesbocchio   File: Auth0SSODemoApplication.java    License: MIT License 6 votes vote down vote up
@Bean
public SAMLUserDetailsService userDetailsService() {
    return new SAMLUserDetailsService() {
        @Override
        public Object loadUserBySAML(SAMLCredential samlCredential) throws UsernameNotFoundException {
            return new SAMLUserDetails(samlCredential) {
                @Override
                public Map<String, String> getAttributes() {
                    return samlCredential.getAttributes().stream()
                            .collect(Collectors.toMap(Attribute::getName, this::getValue));
                }

                private String getValue(Attribute attribute) {
                    return Optional.ofNullable(getAttribute(attribute.getName())).orElse("");
                }
            };
        }
    };
}
 
Example #9
Source Project: carbon-identity   Author: wso2-attic   File: DefaultSAML2SSOManager.java    License: Apache License 2.0 6 votes vote down vote up
private Map<ClaimMapping, String> getAssertionStatements(Assertion assertion) {

        Map<ClaimMapping, String> results = new HashMap<ClaimMapping, String>();

        if (assertion != null) {

            List<AttributeStatement> attributeStatementList = assertion.getAttributeStatements();

            if (attributeStatementList != null) {
                for (AttributeStatement statement : attributeStatementList) {
                    List<Attribute> attributesList = statement.getAttributes();
                    for (Attribute attribute : attributesList) {
                        Element value = attribute.getAttributeValues().get(0)
                                .getDOM();
                        String attributeValue = value.getTextContent();
                        results.put(ClaimMapping.build(attribute.getName(),
                                attribute.getName(), null, false), attributeValue);
                    }
                }
            }
        }
        return results;
    }
 
Example #10
Source Project: carbon-identity   Author: wso2-attic   File: SAMLResponseBuilder.java    License: Apache License 2.0 6 votes vote down vote up
/**
 * Build Attribute Statement
 *
 * @param claims
 * @return AttributeStatement
 */
private AttributeStatement buildAttributeStatement(Map<String, String> claims) {
    AttributeStatement attStmt = null;
    if (claims != null) {
        attStmt = new AttributeStatementBuilder().buildObject();
        Iterator<String> ite = claims.keySet().iterator();

        for (int i = 0; i < claims.size(); i++) {
            Attribute attrib = new AttributeBuilder().buildObject();
            String claimUri = ite.next();
            attrib.setName(claimUri);
            // look
            // https://wiki.shibboleth.net/confluence/display/OpenSAML/OSTwoUsrManJavaAnyTypes
            XSStringBuilder stringBuilder =
                    (XSStringBuilder) Configuration.getBuilderFactory()
                            .getBuilder(XSString.TYPE_NAME);
            XSString stringValue =
                    stringBuilder.buildObject(AttributeValue.DEFAULT_ELEMENT_NAME,
                            XSString.TYPE_NAME);
            stringValue.setValue(claims.get(claimUri));
            attrib.getAttributeValues().add(stringValue);
            attStmt.getAttributes().add(attrib);
        }
    }
    return attStmt;
}
 
Example #11
Source Project: carbon-identity   Author: wso2-attic   File: SAML2SSOManager.java    License: Apache License 2.0 6 votes vote down vote up
private Map<String, String> getAssertionStatements(Assertion assertion) {

        Map<String, String> results = new HashMap<String, String>();

        if (assertion != null && assertion.getAttributeStatements() != null) {

            List<AttributeStatement> attributeStatementList = assertion.getAttributeStatements();


            for (AttributeStatement statement : attributeStatementList) {
                List<Attribute> attributesList = statement.getAttributes();
                for (Attribute attribute : attributesList) {
                    Element value = attribute.getAttributeValues().get(0).getDOM();
                    String attributeValue = value.getTextContent();
                    results.put(attribute.getName(), attributeValue);
                }
            }

        }
        return results;
    }
 
Example #12
Source Project: saml-generator   Author: rackerlabs   File: SamlAssertionProducer.java    License: Apache License 2.0 6 votes vote down vote up
private AttributeStatement createAttributeStatement(HashMap<String, List<String>> attributes) {
	// create authenticationstatement object
	AttributeStatementBuilder attributeStatementBuilder = new AttributeStatementBuilder();
	AttributeStatement attributeStatement = attributeStatementBuilder.buildObject();
	
	AttributeBuilder attributeBuilder = new AttributeBuilder();
	if (attributes != null) {
		for (Map.Entry<String, List<String>> entry : attributes.entrySet()) {
			Attribute attribute = attributeBuilder.buildObject();
			attribute.setName(entry.getKey());
			
			for (String value : entry.getValue()) {
				XSStringBuilder stringBuilder = new XSStringBuilder();
				XSString attributeValue = stringBuilder.buildObject(AttributeValue.DEFAULT_ELEMENT_NAME, XSString.TYPE_NAME);
				attributeValue.setValue(value);
				attribute.getAttributeValues().add(attributeValue);
			}
			
			attributeStatement.getAttributes().add(attribute);
		}
	}
	
	return attributeStatement;
}
 
Example #13
Source Project: cloudstack   Author: apache   File: SAMLUtils.java    License: Apache License 2.0 6 votes vote down vote up
public static String getValueFromAttributeStatements(final List<AttributeStatement> attributeStatements, final String attributeKey) {
    if (attributeStatements == null || attributeStatements.size() < 1 || attributeKey == null) {
        return null;
    }
    for (AttributeStatement attributeStatement : attributeStatements) {
        if (attributeStatement == null || attributeStatements.size() < 1) {
            continue;
        }
        for (Attribute attribute : attributeStatement.getAttributes()) {
            if (attribute.getAttributeValues() != null && attribute.getAttributeValues().size() > 0) {
                String value = attribute.getAttributeValues().get(0).getDOM().getTextContent();
                s_logger.debug("SAML attribute name: " + attribute.getName() + " friendly-name:" + attribute.getFriendlyName() + " value:" + value);
                if (attributeKey.equals(attribute.getName()) || attributeKey.equals(attribute.getFriendlyName())) {
                    return value;
                }
            }
        }
    }
    return null;
}
 
Example #14
Source Project: lams   Author: lamsfoundation   File: EntityAttributesUnmarshaller.java    License: GNU General Public License v2.0 5 votes vote down vote up
/** {@inheritDoc} */
protected void processChildElement(XMLObject parentObject, XMLObject childObject) throws UnmarshallingException {
    EntityAttributes entityAttrs = (EntityAttributes) parentObject;

    if (childObject instanceof Attribute) {
        entityAttrs.getAttributes().add((Attribute) childObject);
    } else if (childObject instanceof Assertion) {
        entityAttrs.getAssertions().add((Assertion) childObject);
    } else {
        super.processChildElement(parentObject, childObject);
    }
}
 
Example #15
Source Project: lams   Author: lamsfoundation   File: AttributeAuthorityDescriptorImpl.java    License: GNU General Public License v2.0 5 votes vote down vote up
/**
 * Constructor.
 * 
 * @param namespaceURI the namespace the element is in
 * @param elementLocalName the local name of the XML element this Object represents
 * @param namespacePrefix the prefix for the given namespace
 */
protected AttributeAuthorityDescriptorImpl(String namespaceURI, String elementLocalName, String namespacePrefix) {
    super(namespaceURI, elementLocalName, namespacePrefix);
    attributeServices = new XMLObjectChildrenList<AttributeService>(this);
    assertionIDRequestServices = new XMLObjectChildrenList<AssertionIDRequestService>(this);
    attributeProfiles = new XMLObjectChildrenList<AttributeProfile>(this);
    nameFormats = new XMLObjectChildrenList<NameIDFormat>(this);
    attributes = new XMLObjectChildrenList<Attribute>(this);
}
 
Example #16
Source Project: lams   Author: lamsfoundation   File: IDPSSODescriptorImpl.java    License: GNU General Public License v2.0 5 votes vote down vote up
/**
 * Constructor.
 * 
 * @param namespaceURI the namespace the element is in
 * @param elementLocalName the local name of the XML element this Object represents
 * @param namespacePrefix the prefix for the given namespace
 */
protected IDPSSODescriptorImpl(String namespaceURI, String elementLocalName, String namespacePrefix) {
    super(namespaceURI, elementLocalName, namespacePrefix);
    singleSignOnServices = new XMLObjectChildrenList<SingleSignOnService>(this);
    nameIDMappingServices = new XMLObjectChildrenList<NameIDMappingService>(this);
    assertionIDRequestServices = new XMLObjectChildrenList<AssertionIDRequestService>(this);
    attributeProfiles = new XMLObjectChildrenList<AttributeProfile>(this);
    attributes = new XMLObjectChildrenList<Attribute>(this);
}
 
Example #17
Source Project: lams   Author: lamsfoundation   File: Decrypter.java    License: GNU General Public License v2.0 5 votes vote down vote up
/**
 * Decrypt the specified EncryptedAttribute.
 * 
 * @param encryptedAttribute the EncryptedAttribute to decrypt
 * @return an Attribute
 * @throws DecryptionException thrown when decryption generates an error
 */
public Attribute decrypt(EncryptedAttribute encryptedAttribute) throws DecryptionException {
    SAMLObject samlObject = decryptData(encryptedAttribute);
    if (! (samlObject instanceof Attribute)) {
        throw new DecryptionException("Decrypted SAMLObject was not an instance of Attribute");
    }
    return (Attribute) samlObject;
}
 
Example #18
Source Project: lams   Author: lamsfoundation   File: AttributeStatementUnmarshaller.java    License: GNU General Public License v2.0 5 votes vote down vote up
/** {@inheritDoc} */
protected void processChildElement(XMLObject parentObject, XMLObject childObject) throws UnmarshallingException {
    AttributeStatement attributeStatement = (AttributeStatement) parentObject;

    if (childObject instanceof Attribute) {
        attributeStatement.getAttributes().add((Attribute) childObject);
    } else if (childObject instanceof EncryptedAttribute) {
        attributeStatement.getEncryptedAttributes().add((EncryptedAttribute) childObject);
    } else {
        super.processChildElement(parentObject, childObject);
    }
}
 
Example #19
Source Project: lams   Author: lamsfoundation   File: AttributeUnmarshaller.java    License: GNU General Public License v2.0 5 votes vote down vote up
/** {@inheritDoc} */
protected void processChildElement(XMLObject parentSAMLObject, XMLObject childSAMLObject)
        throws UnmarshallingException {

    Attribute attribute = (Attribute) parentSAMLObject;

    QName childQName = childSAMLObject.getElementQName();
    if (childQName.getLocalPart().equals("AttributeValue")
            && childQName.getNamespaceURI().equals(SAMLConstants.SAML20_NS)) {
        attribute.getAttributeValues().add(childSAMLObject);
    } else {
        super.processChildElement(parentSAMLObject, childSAMLObject);
    }
}
 
Example #20
Source Project: lams   Author: lamsfoundation   File: AttributeMarshaller.java    License: GNU General Public License v2.0 5 votes vote down vote up
/** {@inheritDoc} */
protected void marshallAttributes(XMLObject samlElement, Element domElement) throws MarshallingException {
    Attribute attribute = (Attribute) samlElement;

    if (attribute.getName() != null) {
        domElement.setAttributeNS(null, Attribute.NAME_ATTTRIB_NAME, attribute.getName());
    }

    if (attribute.getNameFormat() != null) {
        domElement.setAttributeNS(null, Attribute.NAME_FORMAT_ATTRIB_NAME, attribute.getNameFormat());
    }

    if (attribute.getFriendlyName() != null) {
        domElement.setAttributeNS(null, Attribute.FRIENDLY_NAME_ATTRIB_NAME, attribute.getFriendlyName());
    }

    Attr attr;
    for (Entry<QName, String> entry : attribute.getUnknownAttributes().entrySet()) {
        attr = XMLHelper.constructAttribute(domElement.getOwnerDocument(), entry.getKey());
        attr.setValue(entry.getValue());
        domElement.setAttributeNodeNS(attr);
        if (Configuration.isIDAttribute(entry.getKey())
                || attribute.getUnknownAttributes().isIDAttribute(entry.getKey())) {
            attr.getOwnerElement().setIdAttributeNode(attr, true);
        }
    }
}
 
Example #21
Source Project: lams   Author: lamsfoundation   File: AttributeQueryUnmarshaller.java    License: GNU General Public License v2.0 5 votes vote down vote up
/** {@inheritDoc} */
protected void processChildElement(XMLObject parentSAMLObject, XMLObject childSAMLObject)
        throws UnmarshallingException {
    AttributeQuery query = (AttributeQuery) parentSAMLObject;

    if (childSAMLObject instanceof Attribute) {
        query.getAttributes().add((Attribute) childSAMLObject);
    } else {
        super.processChildElement(parentSAMLObject, childSAMLObject);
    }
}
 
Example #22
Source Project: MaxKey   Author: shimingxy   File: AttributeStatementGenerator.java    License: Apache License 2.0 5 votes vote down vote up
public AttributeStatement generateAttributeStatement(
				AppsSAML20Details saml20Details,
				ArrayList<GrantedAuthority> grantedAuthoritys,
				HashMap<String,String>attributeMap) {

	AttributeStatementBuilder attributeStatementBuilder = (AttributeStatementBuilder) builderFactory.getBuilder(AttributeStatement.DEFAULT_ELEMENT_NAME);
	AttributeStatement attributeStatement = attributeStatementBuilder.buildObject();
	
	Attribute attributeGrantedAuthority=builderGrantedAuthority(grantedAuthoritys);
	attributeStatement.getAttributes().add(attributeGrantedAuthority);
	
	if(null!=attributeMap){
		Iterator<Entry<String, String>> iterator = attributeMap.entrySet().iterator();
		while (iterator.hasNext()) {
			Map.Entry<String, String> entry = (Map.Entry<String, String>) iterator.next();
			String key = entry.getKey();
			String value = entry.getValue();
			Attribute attribute=builderAttribute(key,value,Attribute.BASIC);
			attributeStatement.getAttributes().add(attribute);
		}
	}
	
	logger.debug("ExtendAttr "+saml20Details.getExtendAttr());
	if(Boolean.isTrue(saml20Details.getIsExtendAttr())) {
		ExtraAttrs extraAttrs=new ExtraAttrs(saml20Details.getExtendAttr());
		for(ExtraAttr extraAttr : extraAttrs.getExtraAttrs()) {
			logger.debug("Attribute : "+extraAttr.getAttr()+" , Vale : "+extraAttr.getValue()+" , Type : "+extraAttr.getType());
			attributeStatement.getAttributes().add(builderAttribute(extraAttr.getAttr(),extraAttr.getValue(),extraAttr.getType()));
		}
	}
	
	return attributeStatement;
}
 
Example #23
Source Project: MaxKey   Author: shimingxy   File: AttributeStatementGenerator.java    License: Apache License 2.0 5 votes vote down vote up
public Attribute   builderGrantedAuthority(Collection<GrantedAuthority> authorities){
	// Response/Assertion/AttributeStatement/Attribute
	Attribute attribute = builderAttribute("GrantedAuthority",null,null);
	for (GrantedAuthority grantedAuthority : authorities) {
		// this was convoluted to figure out
		// Response/Assertion/AttributeStatement/Attribute/AttributeValue
		attribute.getAttributeValues().add(builderAttributeValue(grantedAuthority.getAuthority()));

	}
	return attribute;
}
 
Example #24
Source Project: carbon-identity   Author: wso2-attic   File: Util.java    License: Apache License 2.0 5 votes vote down vote up
/**
 * Get the username from the SAML2 Assertion
 *
 * @param assertion SAML2 assertion
 * @return username
 */
public static String getUsernameFromAssertion(Assertion assertion) {

    String loginAttributeName = getLoginAttributeName();

    if (loginAttributeName != null) {
        // There can be multiple AttributeStatements in Assertion
        List<AttributeStatement> attributeStatements = assertion
                .getAttributeStatements();
        if (attributeStatements != null) {
            for (AttributeStatement attributeStatement : attributeStatements) {
                // There can be multiple Attributes in a
                // attributeStatement
                List<Attribute> attributes = attributeStatement
                        .getAttributes();
                if (attributes != null) {
                    for (Attribute attribute : attributes) {
                        String attributeName = attribute.getDOM()
                                .getAttribute("Name");
                        if (attributeName.equals(loginAttributeName)) {
                            List<XMLObject> attributeValues = attribute
                                    .getAttributeValues();
                            // There can be multiple attribute values in
                            // a attribute, but get the first one
                            return attributeValues.get(0).getDOM()
                                    .getTextContent();
                        }
                    }
                }
            }
        }
    }
    return assertion.getSubject().getNameID().getValue();
}
 
Example #25
Source Project: carbon-identity   Author: wso2-attic   File: SAML2SSOAuthenticator.java    License: Apache License 2.0 5 votes vote down vote up
/**
 * Get the username from the SAML2 Assertion
 *
 * @param assertion SAML2 assertion
 * @return username
 */
private String[] getRolesFromAssertion(Assertion assertion) {
    String[] roles = null;
    String roleClaim = getRoleClaim();
    List<AttributeStatement> attributeStatementList = assertion.getAttributeStatements();

    if (attributeStatementList != null) {
        for (AttributeStatement statement : attributeStatementList) {
            List<Attribute> attributesList = statement.getAttributes();
            for (Attribute attribute : attributesList) {
                String attributeName = attribute.getName();
                if (attributeName != null && roleClaim.equals(attributeName)) {
                    // Assumes role claim appear only once
                    Element value = attribute.getAttributeValues().get(0).getDOM();
                    String attributeValue = value.getTextContent();

                    if (log.isDebugEnabled()) {
                        log.debug("AttributeName : " + attributeName + ", AttributeValue : " + attributeValue);
                    }

                    roles = attributeValue.split(getAttributeSeperator());
                    if (log.isDebugEnabled()) {
                        log.debug("Role list : " + Arrays.toString(roles));
                    }
                }
            }
        }
    }
    return roles;
}
 
Example #26
Source Project: lams   Author: lamsfoundation   File: EntityAttributesImpl.java    License: GNU General Public License v2.0 4 votes vote down vote up
/** {@inheritDoc} */
public List<Attribute> getAttributes() {
    return (List<Attribute>) attributeInfo.subList(Attribute.DEFAULT_ELEMENT_NAME);
}
 
Example #27
Source Project: lams   Author: lamsfoundation   File: AttributeAuthorityDescriptorImpl.java    License: GNU General Public License v2.0 4 votes vote down vote up
/** {@inheritDoc} */
public List<Attribute> getAttributes() {
    return attributes;
}
 
Example #28
Source Project: lams   Author: lamsfoundation   File: IDPSSODescriptorImpl.java    License: GNU General Public License v2.0 4 votes vote down vote up
/** {@inheritDoc} */
public List<Attribute> getAttributes() {
    return attributes;
}
 
Example #29
Source Project: lams   Author: lamsfoundation   File: AttributeSchemaValidator.java    License: GNU General Public License v2.0 4 votes vote down vote up
/** {@inheritDoc} */
public void validate(Attribute attribute) throws ValidationException {
    validateName(attribute);
}
 
Example #30
Source Project: lams   Author: lamsfoundation   File: AttributeBuilder.java    License: GNU General Public License v2.0 4 votes vote down vote up
/** {@inheritDoc} */
public Attribute buildObject() {
    return buildObject(SAMLConstants.SAML20_NS, Attribute.DEFAULT_ELEMENT_LOCAL_NAME, SAMLConstants.SAML20_PREFIX);
}