Java Code Examples for org.opensaml.saml2.core.AttributeStatement

The following examples show how to use org.opensaml.saml2.core.AttributeStatement. These examples are extracted from open source projects. You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
Source Project: carbon-identity   Author: wso2-attic   File: DefaultSAML2SSOManager.java    License: Apache License 2.0 6 votes vote down vote up
private Map<ClaimMapping, String> getAssertionStatements(Assertion assertion) {

        Map<ClaimMapping, String> results = new HashMap<ClaimMapping, String>();

        if (assertion != null) {

            List<AttributeStatement> attributeStatementList = assertion.getAttributeStatements();

            if (attributeStatementList != null) {
                for (AttributeStatement statement : attributeStatementList) {
                    List<Attribute> attributesList = statement.getAttributes();
                    for (Attribute attribute : attributesList) {
                        Element value = attribute.getAttributeValues().get(0)
                                .getDOM();
                        String attributeValue = value.getTextContent();
                        results.put(ClaimMapping.build(attribute.getName(),
                                attribute.getName(), null, false), attributeValue);
                    }
                }
            }
        }
        return results;
    }
 
Example #2
Source Project: carbon-identity   Author: wso2-attic   File: SAMLResponseBuilder.java    License: Apache License 2.0 6 votes vote down vote up
/**
 * Build Attribute Statement
 *
 * @param claims
 * @return AttributeStatement
 */
private AttributeStatement buildAttributeStatement(Map<String, String> claims) {
    AttributeStatement attStmt = null;
    if (claims != null) {
        attStmt = new AttributeStatementBuilder().buildObject();
        Iterator<String> ite = claims.keySet().iterator();

        for (int i = 0; i < claims.size(); i++) {
            Attribute attrib = new AttributeBuilder().buildObject();
            String claimUri = ite.next();
            attrib.setName(claimUri);
            // look
            // https://wiki.shibboleth.net/confluence/display/OpenSAML/OSTwoUsrManJavaAnyTypes
            XSStringBuilder stringBuilder =
                    (XSStringBuilder) Configuration.getBuilderFactory()
                            .getBuilder(XSString.TYPE_NAME);
            XSString stringValue =
                    stringBuilder.buildObject(AttributeValue.DEFAULT_ELEMENT_NAME,
                            XSString.TYPE_NAME);
            stringValue.setValue(claims.get(claimUri));
            attrib.getAttributeValues().add(stringValue);
            attStmt.getAttributes().add(attrib);
        }
    }
    return attStmt;
}
 
Example #3
Source Project: carbon-identity   Author: wso2-attic   File: SAML2SSOManager.java    License: Apache License 2.0 6 votes vote down vote up
private Map<String, String> getAssertionStatements(Assertion assertion) {

        Map<String, String> results = new HashMap<String, String>();

        if (assertion != null && assertion.getAttributeStatements() != null) {

            List<AttributeStatement> attributeStatementList = assertion.getAttributeStatements();


            for (AttributeStatement statement : attributeStatementList) {
                List<Attribute> attributesList = statement.getAttributes();
                for (Attribute attribute : attributesList) {
                    Element value = attribute.getAttributeValues().get(0).getDOM();
                    String attributeValue = value.getTextContent();
                    results.put(attribute.getName(), attributeValue);
                }
            }

        }
        return results;
    }
 
Example #4
Source Project: saml-generator   Author: rackerlabs   File: SamlAssertionProducer.java    License: Apache License 2.0 6 votes vote down vote up
private Assertion createAssertion(final DateTime issueDate, Subject subject, Issuer issuer, AuthnStatement authnStatement,
		                          AttributeStatement attributeStatement) {
	AssertionBuilder assertionBuilder = new AssertionBuilder();
	Assertion assertion = assertionBuilder.buildObject();
	assertion.setID(UUID.randomUUID().toString());
	assertion.setIssueInstant(issueDate);
	assertion.setSubject(subject);
	assertion.setIssuer(issuer);
	
	if (authnStatement != null)
		assertion.getAuthnStatements().add(authnStatement);
	
	if (attributeStatement != null)
		assertion.getAttributeStatements().add(attributeStatement);
	
	return assertion;
}
 
Example #5
Source Project: saml-generator   Author: rackerlabs   File: SamlAssertionProducer.java    License: Apache License 2.0 6 votes vote down vote up
private AttributeStatement createAttributeStatement(HashMap<String, List<String>> attributes) {
	// create authenticationstatement object
	AttributeStatementBuilder attributeStatementBuilder = new AttributeStatementBuilder();
	AttributeStatement attributeStatement = attributeStatementBuilder.buildObject();
	
	AttributeBuilder attributeBuilder = new AttributeBuilder();
	if (attributes != null) {
		for (Map.Entry<String, List<String>> entry : attributes.entrySet()) {
			Attribute attribute = attributeBuilder.buildObject();
			attribute.setName(entry.getKey());
			
			for (String value : entry.getValue()) {
				XSStringBuilder stringBuilder = new XSStringBuilder();
				XSString attributeValue = stringBuilder.buildObject(AttributeValue.DEFAULT_ELEMENT_NAME, XSString.TYPE_NAME);
				attributeValue.setValue(value);
				attribute.getAttributeValues().add(attributeValue);
			}
			
			attributeStatement.getAttributes().add(attribute);
		}
	}
	
	return attributeStatement;
}
 
Example #6
Source Project: cloudstack   Author: apache   File: SAMLUtils.java    License: Apache License 2.0 6 votes vote down vote up
public static String getValueFromAttributeStatements(final List<AttributeStatement> attributeStatements, final String attributeKey) {
    if (attributeStatements == null || attributeStatements.size() < 1 || attributeKey == null) {
        return null;
    }
    for (AttributeStatement attributeStatement : attributeStatements) {
        if (attributeStatement == null || attributeStatements.size() < 1) {
            continue;
        }
        for (Attribute attribute : attributeStatement.getAttributes()) {
            if (attribute.getAttributeValues() != null && attribute.getAttributeValues().size() > 0) {
                String value = attribute.getAttributeValues().get(0).getDOM().getTextContent();
                s_logger.debug("SAML attribute name: " + attribute.getName() + " friendly-name:" + attribute.getFriendlyName() + " value:" + value);
                if (attributeKey.equals(attribute.getName()) || attributeKey.equals(attribute.getFriendlyName())) {
                    return value;
                }
            }
        }
    }
    return null;
}
 
Example #7
Source Project: lams   Author: lamsfoundation   File: AttributeStatementUnmarshaller.java    License: GNU General Public License v2.0 5 votes vote down vote up
/** {@inheritDoc} */
protected void processChildElement(XMLObject parentObject, XMLObject childObject) throws UnmarshallingException {
    AttributeStatement attributeStatement = (AttributeStatement) parentObject;

    if (childObject instanceof Attribute) {
        attributeStatement.getAttributes().add((Attribute) childObject);
    } else if (childObject instanceof EncryptedAttribute) {
        attributeStatement.getEncryptedAttributes().add((EncryptedAttribute) childObject);
    } else {
        super.processChildElement(parentObject, childObject);
    }
}
 
Example #8
Source Project: MaxKey   Author: shimingxy   File: AttributeStatementGenerator.java    License: Apache License 2.0 5 votes vote down vote up
public AttributeStatement generateAttributeStatement(
				AppsSAML20Details saml20Details,
				ArrayList<GrantedAuthority> grantedAuthoritys,
				HashMap<String,String>attributeMap) {

	AttributeStatementBuilder attributeStatementBuilder = (AttributeStatementBuilder) builderFactory.getBuilder(AttributeStatement.DEFAULT_ELEMENT_NAME);
	AttributeStatement attributeStatement = attributeStatementBuilder.buildObject();
	
	Attribute attributeGrantedAuthority=builderGrantedAuthority(grantedAuthoritys);
	attributeStatement.getAttributes().add(attributeGrantedAuthority);
	
	if(null!=attributeMap){
		Iterator<Entry<String, String>> iterator = attributeMap.entrySet().iterator();
		while (iterator.hasNext()) {
			Map.Entry<String, String> entry = (Map.Entry<String, String>) iterator.next();
			String key = entry.getKey();
			String value = entry.getValue();
			Attribute attribute=builderAttribute(key,value,Attribute.BASIC);
			attributeStatement.getAttributes().add(attribute);
		}
	}
	
	logger.debug("ExtendAttr "+saml20Details.getExtendAttr());
	if(Boolean.isTrue(saml20Details.getIsExtendAttr())) {
		ExtraAttrs extraAttrs=new ExtraAttrs(saml20Details.getExtendAttr());
		for(ExtraAttr extraAttr : extraAttrs.getExtraAttrs()) {
			logger.debug("Attribute : "+extraAttr.getAttr()+" , Vale : "+extraAttr.getValue()+" , Type : "+extraAttr.getType());
			attributeStatement.getAttributes().add(builderAttribute(extraAttr.getAttr(),extraAttr.getValue(),extraAttr.getType()));
		}
	}
	
	return attributeStatement;
}
 
Example #9
Source Project: carbon-identity   Author: wso2-attic   File: Util.java    License: Apache License 2.0 5 votes vote down vote up
/**
 * Get the username from the SAML2 Assertion
 *
 * @param assertion SAML2 assertion
 * @return username
 */
public static String getUsernameFromAssertion(Assertion assertion) {

    String loginAttributeName = getLoginAttributeName();

    if (loginAttributeName != null) {
        // There can be multiple AttributeStatements in Assertion
        List<AttributeStatement> attributeStatements = assertion
                .getAttributeStatements();
        if (attributeStatements != null) {
            for (AttributeStatement attributeStatement : attributeStatements) {
                // There can be multiple Attributes in a
                // attributeStatement
                List<Attribute> attributes = attributeStatement
                        .getAttributes();
                if (attributes != null) {
                    for (Attribute attribute : attributes) {
                        String attributeName = attribute.getDOM()
                                .getAttribute("Name");
                        if (attributeName.equals(loginAttributeName)) {
                            List<XMLObject> attributeValues = attribute
                                    .getAttributeValues();
                            // There can be multiple attribute values in
                            // a attribute, but get the first one
                            return attributeValues.get(0).getDOM()
                                    .getTextContent();
                        }
                    }
                }
            }
        }
    }
    return assertion.getSubject().getNameID().getValue();
}
 
Example #10
Source Project: carbon-identity   Author: wso2-attic   File: SAML2SSOAuthenticator.java    License: Apache License 2.0 5 votes vote down vote up
/**
 * Get the username from the SAML2 Assertion
 *
 * @param assertion SAML2 assertion
 * @return username
 */
private String[] getRolesFromAssertion(Assertion assertion) {
    String[] roles = null;
    String roleClaim = getRoleClaim();
    List<AttributeStatement> attributeStatementList = assertion.getAttributeStatements();

    if (attributeStatementList != null) {
        for (AttributeStatement statement : attributeStatementList) {
            List<Attribute> attributesList = statement.getAttributes();
            for (Attribute attribute : attributesList) {
                String attributeName = attribute.getName();
                if (attributeName != null && roleClaim.equals(attributeName)) {
                    // Assumes role claim appear only once
                    Element value = attribute.getAttributeValues().get(0).getDOM();
                    String attributeValue = value.getTextContent();

                    if (log.isDebugEnabled()) {
                        log.debug("AttributeName : " + attributeName + ", AttributeValue : " + attributeValue);
                    }

                    roles = attributeValue.split(getAttributeSeperator());
                    if (log.isDebugEnabled()) {
                        log.debug("Role list : " + Arrays.toString(roles));
                    }
                }
            }
        }
    }
    return roles;
}
 
Example #11
Source Project: cloudstack   Author: apache   File: SAML2LoginAPIAuthenticatorCmdTest.java    License: Apache License 2.0 5 votes vote down vote up
private Response buildMockResponse() throws Exception {
    Response samlMessage = new ResponseBuilder().buildObject();
    samlMessage.setID("foo");
    samlMessage.setVersion(SAMLVersion.VERSION_20);
    samlMessage.setIssueInstant(new DateTime(0));
    Issuer issuer = new IssuerBuilder().buildObject();
    issuer.setValue("MockedIssuer");
    samlMessage.setIssuer(issuer);
    Status status = new StatusBuilder().buildObject();
    StatusCode statusCode = new StatusCodeBuilder().buildObject();
    statusCode.setValue(StatusCode.SUCCESS_URI);
    status.setStatusCode(statusCode);
    samlMessage.setStatus(status);
    Assertion assertion = new AssertionBuilder().buildObject();
    Subject subject = new SubjectBuilder().buildObject();
    NameID nameID = new NameIDBuilder().buildObject();
    nameID.setValue("SOME-UNIQUE-ID");
    nameID.setFormat(NameIDType.PERSISTENT);
    subject.setNameID(nameID);
    assertion.setSubject(subject);
    AuthnStatement authnStatement = new AuthnStatementBuilder().buildObject();
    authnStatement.setSessionIndex("Some Session String");
    assertion.getAuthnStatements().add(authnStatement);
    AttributeStatement attributeStatement = new AttributeStatementBuilder().buildObject();
    assertion.getAttributeStatements().add(attributeStatement);
    samlMessage.getAssertions().add(assertion);
    return samlMessage;
}
 
Example #12
Source Project: secure-data-service   Author: inbloom   File: SamlHelper.java    License: Apache License 2.0 5 votes vote down vote up
/**
 *
 * @param samlAssertion
 * @return
 */
public LinkedMultiValueMap<String, String> extractAttributesFromResponse(Assertion samlAssertion) {
    LinkedMultiValueMap<String, String> attributes = new LinkedMultiValueMap<String, String>();

    AttributeStatement attributeStatement = samlAssertion.getAttributeStatements().get(0);

    for (org.opensaml.saml2.core.Attribute attribute : attributeStatement.getAttributes()) {
        String samlAttributeName = attribute.getName();
        List<XMLObject> valueObjects = attribute.getAttributeValues();
        for (XMLObject valueXmlObject : valueObjects) {
            attributes.add(samlAttributeName, valueXmlObject.getDOM().getTextContent());
        }
    }
    return attributes;
}
 
Example #13
Source Project: lams   Author: lamsfoundation   File: AttributeStatementSchemaValidator.java    License: GNU General Public License v2.0 4 votes vote down vote up
/** {@inheritDoc} */
public void validate(AttributeStatement attributeStatement) throws ValidationException {
    validateAttributes(attributeStatement);
}
 
Example #14
Source Project: lams   Author: lamsfoundation   File: AssertionImpl.java    License: GNU General Public License v2.0 4 votes vote down vote up
/** {@inheritDoc} */
public List<AttributeStatement> getAttributeStatements() {
    QName statementQName = new QName(SAMLConstants.SAML20_NS, AttributeStatement.DEFAULT_ELEMENT_LOCAL_NAME,
            SAMLConstants.SAML20_PREFIX);
    return (List<AttributeStatement>) statements.subList(statementQName);
}
 
Example #15
Source Project: lams   Author: lamsfoundation   File: AttributeStatementBuilder.java    License: GNU General Public License v2.0 4 votes vote down vote up
/** {@inheritDoc} */
public AttributeStatement buildObject() {
    return buildObject(SAMLConstants.SAML20_NS, AttributeStatement.DEFAULT_ELEMENT_LOCAL_NAME,
            SAMLConstants.SAML20_PREFIX);
}
 
Example #16
Source Project: lams   Author: lamsfoundation   File: AttributeStatementBuilder.java    License: GNU General Public License v2.0 4 votes vote down vote up
/** {@inheritDoc} */
public AttributeStatement buildObject(String namespaceURI, String localName, String namespacePrefix) {
    return new AttributeStatementImpl(namespaceURI, localName, namespacePrefix);
}
 
Example #17
Source Project: jam-collaboration-sample   Author: SAP-samples   File: OAuth2SAMLWorkflowSample.java    License: Apache License 2.0 4 votes vote down vote up
private static Assertion buildSAML2Assertion(boolean includeClientKeyAttribute)
{
    // Bootstrap the OpenSAML library
    try {
        DefaultBootstrap.bootstrap();
    } catch (ConfigurationException e) {
    }

    DateTime issueInstant = new DateTime();
    DateTime notOnOrAfter = issueInstant.plusMinutes(10);
    DateTime notBefore = issueInstant.minusMinutes(10);
    
    NameID nameID = (new NameIDBuilder().buildObject());
    if (SUBJECT_NAME_ID_FORMAT.equals("email")) {
        nameID.setFormat(NameIDType.EMAIL);
    } else if (SUBJECT_NAME_ID_FORMAT.equals("unspecified")) {
        nameID.setFormat(NameIDType.UNSPECIFIED);
    } else {
        throw new IllegalArgumentException("SUBJECT_NAME_ID_FORMAT must be 'email' or 'unspecified'.");
    }
    if (subjectNameIdQualifier != null) {
        nameID.setNameQualifier(subjectNameIdQualifier);
    }
    nameID.setValue(SUBJECT_NAME_ID);
    
    SubjectConfirmationData subjectConfirmationData = (new SubjectConfirmationDataBuilder().buildObject());
    subjectConfirmationData.setRecipient(BASE_URL + ACCESS_TOKEN_URL_PATH);
    subjectConfirmationData.setNotOnOrAfter(notOnOrAfter);
    
    SubjectConfirmation subjectConfirmation = (new SubjectConfirmationBuilder().buildObject());
    subjectConfirmation.setMethod(SubjectConfirmation.METHOD_BEARER);
    subjectConfirmation.setSubjectConfirmationData(subjectConfirmationData);

    Subject subject = (new SubjectBuilder().buildObject());
    subject.setNameID(nameID);
    subject.getSubjectConfirmations().add(subjectConfirmation);
    
    Issuer issuer = (new IssuerBuilder().buildObject());
    issuer.setValue(IDP_ID);
    
    Audience audience = (new AudienceBuilder().buildObject());
    audience.setAudienceURI(SP_ID_JAM);
    
    AudienceRestriction audienceRestriction = (new AudienceRestrictionBuilder().buildObject());
    audienceRestriction.getAudiences().add(audience);
    
    Conditions conditions = (new ConditionsBuilder().buildObject());
    conditions.setNotBefore(notBefore);
    conditions.setNotOnOrAfter(notOnOrAfter);
    conditions.getAudienceRestrictions().add(audienceRestriction);
   
    Assertion assertion = (new AssertionBuilder().buildObject());
    assertion.setID(UUID.randomUUID().toString());
    assertion.setVersion(SAMLVersion.VERSION_20);
    assertion.setIssueInstant(issueInstant);
    assertion.setIssuer(issuer);
    assertion.setSubject(subject);
    assertion.setConditions(conditions);
    
    if (includeClientKeyAttribute) {
        XSString attributeValue = (XSString)Configuration.getBuilderFactory().getBuilder(XSString.TYPE_NAME).buildObject(AttributeValue.DEFAULT_ELEMENT_NAME, XSString.TYPE_NAME);
        attributeValue.setValue(CLIENT_KEY);

        Attribute attribute = (new AttributeBuilder().buildObject());
        attribute.setName("client_id");
        attribute.getAttributeValues().add(attributeValue);

        AttributeStatement attributeStatement = (new AttributeStatementBuilder().buildObject());
        attributeStatement.getAttributes().add(attribute);
        assertion.getAttributeStatements().add(attributeStatement);
    }

    return assertion;
}
 
Example #18
Source Project: jam-collaboration-sample   Author: SAP-samples   File: OAuth2SAMLWorkflowSample.java    License: Apache License 2.0 4 votes vote down vote up
private static Assertion buildSAML2Assertion(
        String baseUrl,
        String subjectNameId,
        String subjectNameIdFormat,
        String subjectNameIdQualifier,
        String idpId,
        String clientKey,
        boolean includeClientKeyAttribute)
{
    // Bootstrap the OpenSAML library
    try {
        DefaultBootstrap.bootstrap();
    } catch (ConfigurationException e) {
    }

    DateTime issueInstant = new DateTime();
    DateTime notOnOrAfter = issueInstant.plusMinutes(10);
    DateTime notBefore = issueInstant.minusMinutes(10);
    
    NameID nameID = (new NameIDBuilder().buildObject());
    if (subjectNameIdFormat.equals("email")) {
        nameID.setFormat(NameIDType.EMAIL);
    } else if (subjectNameIdFormat.equals("unspecified")) {
        nameID.setFormat(NameIDType.UNSPECIFIED);
    } else {
        throw new IllegalArgumentException("subjectNameIdFormat must be 'email' or 'unspecified'.");
    }
    if (subjectNameIdQualifier != null) {
        nameID.setNameQualifier(subjectNameIdQualifier);
    }
    nameID.setValue(subjectNameId);
    
    SubjectConfirmationData subjectConfirmationData = (new SubjectConfirmationDataBuilder().buildObject());
    subjectConfirmationData.setRecipient(baseUrl + ACCESS_TOKEN_URL_PATH);
    subjectConfirmationData.setNotOnOrAfter(notOnOrAfter);
    
    SubjectConfirmation subjectConfirmation = (new SubjectConfirmationBuilder().buildObject());
    subjectConfirmation.setMethod(SubjectConfirmation.METHOD_BEARER);
    subjectConfirmation.setSubjectConfirmationData(subjectConfirmationData);

    Subject subject = (new SubjectBuilder().buildObject());
    subject.setNameID(nameID);
    subject.getSubjectConfirmations().add(subjectConfirmation);
    
    Issuer issuer = (new IssuerBuilder().buildObject());
    issuer.setValue(idpId);
    
    Audience audience = (new AudienceBuilder().buildObject());
    audience.setAudienceURI(SP_ID_JAM);
    
    AudienceRestriction audienceRestriction = (new AudienceRestrictionBuilder().buildObject());
    audienceRestriction.getAudiences().add(audience);
    
    Conditions conditions = (new ConditionsBuilder().buildObject());
    conditions.setNotBefore(notBefore);
    conditions.setNotOnOrAfter(notOnOrAfter);
    conditions.getAudienceRestrictions().add(audienceRestriction);
   
    Assertion assertion = (new AssertionBuilder().buildObject());
    assertion.setID(UUID.randomUUID().toString());
    assertion.setVersion(SAMLVersion.VERSION_20);
    assertion.setIssueInstant(issueInstant);
    assertion.setIssuer(issuer);
    assertion.setSubject(subject);
    assertion.setConditions(conditions);
    
    if (includeClientKeyAttribute) {
        XSString attributeValue = (XSString)Configuration.getBuilderFactory().getBuilder(XSString.TYPE_NAME).buildObject(AttributeValue.DEFAULT_ELEMENT_NAME, XSString.TYPE_NAME);
        attributeValue.setValue(clientKey);

        Attribute attribute = (new AttributeBuilder().buildObject());
        attribute.setName("client_id");
        attribute.getAttributeValues().add(attributeValue);

        AttributeStatement attributeStatement = (new AttributeStatementBuilder().buildObject());
        attributeStatement.getAttributes().add(attribute);
        assertion.getAttributeStatements().add(attributeStatement);
    }

    return assertion;
}
 
Example #19
Source Project: carbon-identity   Author: wso2-attic   File: SAML2TokenBuilder.java    License: Apache License 2.0 4 votes vote down vote up
@Override
public void createStatement(GenericIdentityProviderData ipData, RahasData rahasData)
        throws IdentityProviderException {
    if (log.isDebugEnabled()) {
        log.debug("Begin SAML statement creation.");
    }
    attributeStmt = (AttributeStatement) buildXMLObject(AttributeStatement.DEFAULT_ELEMENT_NAME);

    Map<String, RequestedClaimData> mapClaims = ipData.getRequestedClaims();

    if (rahasData.getAppliesToAddress() != null) {
        appilesTo = rahasData.getAppliesToAddress();
    }

    Iterator<RequestedClaimData> ite = mapClaims.values().iterator();

    while (ite.hasNext()) {
        RequestedClaimData claim = ite.next();
        String uri = claim.getUri();

        int index = uri.lastIndexOf("/");
        String attrName = uri.substring(index + 1, uri.length());
        String attrNamespace = uri.substring(0, index);

        Attribute attribute = (Attribute) buildXMLObject(Attribute.DEFAULT_ELEMENT_NAME);
        attribute.setName(attrName);
        attribute.setNameFormat(attrNamespace);

        XMLObjectBuilderFactory builderFactory = Configuration.getBuilderFactory();

        // TODO remove this else if condition after WSO2 IS supports claim
        // types properly
        if (claim.getUri().equals(IdentityConstants.CLAIM_PPID)) {
            XSBase64BinaryBuilder ppidValueBuilder = (XSBase64BinaryBuilder) builderFactory
                    .getBuilder(XSBase64Binary.TYPE_NAME);
            XSBase64Binary ppidValue = ppidValueBuilder.buildObject(
                    AttributeValue.DEFAULT_ELEMENT_NAME, XSBase64Binary.TYPE_NAME);
            ppidValue.setValue(claim.getValue());
            attribute.getAttributeValues().add(ppidValue);
        } else {
            XSStringBuilder attributeValueBuilder = (XSStringBuilder) builderFactory
                    .getBuilder(XSString.TYPE_NAME);

            XSString stringValue = attributeValueBuilder.buildObject(
                    AttributeValue.DEFAULT_ELEMENT_NAME, XSString.TYPE_NAME);
            stringValue.setValue(claim.getValue());
            attribute.getAttributeValues().add(stringValue);
        }
        attributeStmt.getAttributes().add(attribute);
    }
}
 
Example #20
Source Project: carbon-identity   Author: wso2-attic   File: DefaultSAMLAssertionBuilder.java    License: Apache License 2.0 4 votes vote down vote up
private AttributeStatement buildAttributeStatement(Map<String, String> claims) {

        String claimSeparator = claims.get(IdentityCoreConstants.MULTI_ATTRIBUTE_SEPARATOR);
        if (StringUtils.isNotBlank(claimSeparator)) {
            userAttributeSeparator = claimSeparator;
        }
        claims.remove(IdentityCoreConstants.MULTI_ATTRIBUTE_SEPARATOR);

        AttributeStatement attStmt = new AttributeStatementBuilder().buildObject();
        Iterator<Map.Entry<String, String>> iterator = claims.entrySet().iterator();
        boolean atLeastOneNotEmpty = false;
        for (int i = 0; i < claims.size(); i++) {
            Map.Entry<String, String> claimEntry = iterator.next();
            String claimUri = claimEntry.getKey();
            String claimValue = claimEntry.getValue();
            if (claimUri != null && !claimUri.trim().isEmpty() && claimValue != null && !claimValue.trim().isEmpty()) {
                atLeastOneNotEmpty = true;
                Attribute attribute = new AttributeBuilder().buildObject();
                attribute.setName(claimUri);
                //setting NAMEFORMAT attribute value to basic attribute profile
                attribute.setNameFormat(SAMLSSOConstants.NAME_FORMAT_BASIC);
                // look
                // https://wiki.shibboleth.net/confluence/display/OpenSAML/OSTwoUsrManJavaAnyTypes
                XSStringBuilder stringBuilder = (XSStringBuilder) Configuration.getBuilderFactory().
                        getBuilder(XSString.TYPE_NAME);
                XSString stringValue;

                //Need to check if the claim has multiple values
                if (userAttributeSeparator != null && claimValue.contains(userAttributeSeparator)) {
                    StringTokenizer st = new StringTokenizer(claimValue, userAttributeSeparator);
                    while (st.hasMoreElements()) {
                        String attValue = st.nextElement().toString();
                        if (attValue != null && attValue.trim().length() > 0) {
                            stringValue = stringBuilder.buildObject(AttributeValue.DEFAULT_ELEMENT_NAME, XSString.TYPE_NAME);
                            stringValue.setValue(attValue);
                            attribute.getAttributeValues().add(stringValue);
                        }
                    }
                } else {
                    stringValue = stringBuilder.buildObject(AttributeValue.DEFAULT_ELEMENT_NAME, XSString.TYPE_NAME);
                    stringValue.setValue(claimValue);
                    attribute.getAttributeValues().add(stringValue);
                }

                attStmt.getAttributes().add(attribute);
            }
        }
        if (atLeastOneNotEmpty) {
            return attStmt;
        } else {
            return null;
        }
    }
 
Example #21
Source Project: saml-generator   Author: rackerlabs   File: SamlAssertionProducer.java    License: Apache License 2.0 4 votes vote down vote up
public Response createSAMLResponse(final String subjectId, final DateTime authenticationTime,
		                           final String credentialType, final HashMap<String, List<String>> attributes, String issuer, Integer samlAssertionDays) {
	
	try {
		DefaultBootstrap.bootstrap();
		
		Signature signature = createSignature();
		Status status = createStatus();
		Issuer responseIssuer = null;
		Issuer assertionIssuer = null;
		Subject subject = null;
		AttributeStatement attributeStatement = null;
		
		if (issuer != null) {
			responseIssuer = createIssuer(issuer);
			assertionIssuer = createIssuer(issuer);
		}
		
		if (subjectId != null) {
			subject = createSubject(subjectId, samlAssertionDays);
		}
		
		if (attributes != null && attributes.size() != 0) {
			attributeStatement = createAttributeStatement(attributes);
		}
		
		AuthnStatement authnStatement = createAuthnStatement(authenticationTime);
		
		Assertion assertion = createAssertion(new DateTime(), subject, assertionIssuer, authnStatement, attributeStatement);
		
		Response response = createResponse(new DateTime(), responseIssuer, status, assertion);
		response.setSignature(signature);
		
		ResponseMarshaller marshaller = new ResponseMarshaller();
		Element element = marshaller.marshall(response);
		
		if (signature != null) {
			Signer.signObject(signature);
		}
		
		ByteArrayOutputStream baos = new ByteArrayOutputStream();
		XMLHelper.writeNode(element, baos);
	
		return response;
		
	} catch (Throwable t) {
		t.printStackTrace();
		return null;
	}
}
 
Example #22
Source Project: lams   Author: lamsfoundation   File: AttributeStatementSchemaValidator.java    License: GNU General Public License v2.0 2 votes vote down vote up
/**
 * Checks that at least one Attribute is present.
 * 
 * @param attributeStatement
 * @throws ValidationException
 */
protected void validateAttributes(AttributeStatement attributeStatement) throws ValidationException {
    if (attributeStatement.getAttributes() == null || attributeStatement.getAttributes().size() == 0) {
        throw new ValidationException("Must contain one or more attributes");
    }
}
 
Example #23
Source Project: MaxKey   Author: shimingxy   File: AttributeStatementGenerator.java    License: Apache License 2.0 2 votes vote down vote up
public AttributeStatement generateAttributeStatement(AppsSAML20Details saml20Details,ArrayList<GrantedAuthority> grantedAuthoritys) {
	return generateAttributeStatement(saml20Details, grantedAuthoritys,null);

}