org.opensaml.saml2.core.SubjectConfirmation Java Examples
The following examples show how to use
org.opensaml.saml2.core.SubjectConfirmation.
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
| Source File: SubjectUnmarshaller.java From lams with GNU General Public License v2.0 | 6 votes |
|
/** {@inheritDoc} */
protected void processChildElement(XMLObject parentObject, XMLObject childObject) throws UnmarshallingException {
Subject subject = (Subject) parentObject;
if (childObject instanceof BaseID) {
subject.setBaseID((BaseID) childObject);
} else if (childObject instanceof NameID) {
subject.setNameID((NameID) childObject);
} else if (childObject instanceof EncryptedID) {
subject.setEncryptedID((EncryptedID) childObject);
} else if (childObject instanceof SubjectConfirmation) {
subject.getSubjectConfirmations().add((SubjectConfirmation) childObject);
} else {
super.processChildElement(parentObject, childObject);
}
}
Example #2
| Source File: SubjectConfirmationUnmarshaller.java From lams with GNU General Public License v2.0 | 6 votes |
|
/** {@inheritDoc} */
protected void processChildElement(XMLObject parentObject, XMLObject childObject) throws UnmarshallingException {
SubjectConfirmation subjectConfirmation = (SubjectConfirmation) parentObject;
if (childObject instanceof BaseID) {
subjectConfirmation.setBaseID((BaseID) childObject);
} else if (childObject instanceof NameID) {
subjectConfirmation.setNameID((NameID) childObject);
} else if (childObject instanceof EncryptedID) {
subjectConfirmation.setEncryptedID((EncryptedID) childObject);
} else if (childObject instanceof SubjectConfirmationData) {
subjectConfirmation.setSubjectConfirmationData((SubjectConfirmationData) childObject);
} else {
super.processChildElement(parentObject, childObject);
}
}
Example #3
| Source File: SubjectGenerator.java From MaxKey with Apache License 2.0 | 6 votes |
|
public Subject generateSubject(
String assertionConsumerURL,
String inResponseTo,
int validInSeconds) {
String nameIdValue =WebContext.getUserInfo().getUsername();
NameID nameID =builderNameID(nameIdValue,assertionConsumerURL);
Subject subject =builderSubject(nameID);
String clientAddress=WebContext.getRequestIpAddress(WebContext.getRequest());
SubjectConfirmation subjectConfirmation =builderSubjectConfirmation(
assertionConsumerURL,
inResponseTo,
validInSeconds,
clientAddress);
subject.getSubjectConfirmations().add(subjectConfirmation);
return subject;
}
Example #4
| Source File: SubjectGenerator.java From MaxKey with Apache License 2.0 | 6 votes |
|
public SubjectConfirmation builderSubjectConfirmation(String recipient,String inResponseTo,int validInSeconds,String clientAddress){
//SubjectConfirmationBuilder subjectConfirmationBuilder = (SubjectConfirmationBuilder)builderFactory.getBuilder(SubjectConfirmation.DEFAULT_ELEMENT_NAME);
SubjectConfirmation subjectConfirmation = new SubjectConfirmationBuilder().buildObject();
subjectConfirmation.setMethod(SubjectConfirmation.METHOD_BEARER);
//SubjectConfirmationDataBuilder subjectConfirmationDataBuilder = (SubjectConfirmationDataBuilder)builderFactory.getBuilder(SubjectConfirmationData.DEFAULT_ELEMENT_NAME);
SubjectConfirmationData subjectConfirmationData = new SubjectConfirmationDataBuilder().buildObject();
subjectConfirmationData.setRecipient(recipient);
//if idp-init not need inResponseTo
if(null!=inResponseTo){
subjectConfirmationData.setInResponseTo(inResponseTo);
}
subjectConfirmationData.setNotOnOrAfter(timeService.getCurrentDateTime().plusSeconds(validInSeconds));
subjectConfirmationData.setAddress(clientAddress);
subjectConfirmation.setSubjectConfirmationData(subjectConfirmationData);
return subjectConfirmation;
}
Example #5
| Source File: SamlAssertionProducer.java From saml-generator with Apache License 2.0 | 5 votes |
|
private Subject createSubject(final String subjectId, final Integer samlAssertionDays) {
DateTime currentDate = new DateTime();
if (samlAssertionDays != null)
currentDate = currentDate.plusDays(samlAssertionDays);
// create name element
NameIDBuilder nameIdBuilder = new NameIDBuilder();
NameID nameId = nameIdBuilder.buildObject();
nameId.setValue(subjectId);
nameId.setFormat("urn:oasis:names:tc:SAML:2.0:nameid-format:persistent");
SubjectConfirmationDataBuilder dataBuilder = new SubjectConfirmationDataBuilder();
SubjectConfirmationData subjectConfirmationData = dataBuilder.buildObject();
subjectConfirmationData.setNotOnOrAfter(currentDate);
SubjectConfirmationBuilder subjectConfirmationBuilder = new SubjectConfirmationBuilder();
SubjectConfirmation subjectConfirmation = subjectConfirmationBuilder.buildObject();
subjectConfirmation.setMethod("urn:oasis:names:tc:SAML:2.0:cm:bearer");
subjectConfirmation.setSubjectConfirmationData(subjectConfirmationData);
// create subject element
SubjectBuilder subjectBuilder = new SubjectBuilder();
Subject subject = subjectBuilder.buildObject();
subject.setNameID(nameId);
subject.getSubjectConfirmations().add(subjectConfirmation);
return subject;
}
Example #6
| Source File: SubjectConfirmationUnmarshaller.java From lams with GNU General Public License v2.0 | 5 votes |
|
/** {@inheritDoc} */
protected void processAttribute(XMLObject samlObject, Attr attribute) throws UnmarshallingException {
SubjectConfirmation subjectConfirmation = (SubjectConfirmation) samlObject;
if (attribute.getLocalName().equals(SubjectConfirmation.METHOD_ATTRIB_NAME)) {
subjectConfirmation.setMethod(attribute.getValue());
} else {
super.processAttribute(samlObject, attribute);
}
}
Example #7
| Source File: SubjectConfirmationMarshaller.java From lams with GNU General Public License v2.0 | 5 votes |
|
/** {@inheritDoc} */
protected void marshallAttributes(XMLObject samlObject, Element domElement) throws MarshallingException {
SubjectConfirmation subjectConfirmation = (SubjectConfirmation) samlObject;
if (subjectConfirmation.getMethod() != null) {
domElement.setAttributeNS(null, SubjectConfirmation.METHOD_ATTRIB_NAME, subjectConfirmation.getMethod());
}
}
Example #8
| Source File: SubjectConfirmationSchemaValidator.java From lams with GNU General Public License v2.0 | 4 votes |
|
/** {@inheritDoc} */
public void validate(SubjectConfirmation subjectConfirmation) throws ValidationException {
validateMethod(subjectConfirmation);
}
Example #9
| Source File: SubjectImpl.java From lams with GNU General Public License v2.0 | 4 votes |
|
/** {@inheritDoc} */
public List<SubjectConfirmation> getSubjectConfirmations() {
return subjectConfirmations;
}
Example #10
| Source File: SubjectConfirmationBuilder.java From lams with GNU General Public License v2.0 | 4 votes |
|
/** {@inheritDoc} */
public SubjectConfirmation buildObject() {
return buildObject(SAMLConstants.SAML20_NS, SubjectConfirmation.DEFAULT_ELEMENT_LOCAL_NAME,
SAMLConstants.SAML20_PREFIX);
}
Example #11
| Source File: SubjectConfirmationBuilder.java From lams with GNU General Public License v2.0 | 4 votes |
|
/** {@inheritDoc} */
public SubjectConfirmation buildObject(String namespaceURI, String localName, String namespacePrefix) {
return new SubjectConfirmationImpl(namespaceURI, localName, namespacePrefix);
}
Example #12
| Source File: OAuth2SAMLWorkflowSample.java From jam-collaboration-sample with Apache License 2.0 | 4 votes |
|
private static Assertion buildSAML2Assertion(boolean includeClientKeyAttribute)
{
// Bootstrap the OpenSAML library
try {
DefaultBootstrap.bootstrap();
} catch (ConfigurationException e) {
}
DateTime issueInstant = new DateTime();
DateTime notOnOrAfter = issueInstant.plusMinutes(10);
DateTime notBefore = issueInstant.minusMinutes(10);
NameID nameID = (new NameIDBuilder().buildObject());
if (SUBJECT_NAME_ID_FORMAT.equals("email")) {
nameID.setFormat(NameIDType.EMAIL);
} else if (SUBJECT_NAME_ID_FORMAT.equals("unspecified")) {
nameID.setFormat(NameIDType.UNSPECIFIED);
} else {
throw new IllegalArgumentException("SUBJECT_NAME_ID_FORMAT must be 'email' or 'unspecified'.");
}
if (subjectNameIdQualifier != null) {
nameID.setNameQualifier(subjectNameIdQualifier);
}
nameID.setValue(SUBJECT_NAME_ID);
SubjectConfirmationData subjectConfirmationData = (new SubjectConfirmationDataBuilder().buildObject());
subjectConfirmationData.setRecipient(BASE_URL + ACCESS_TOKEN_URL_PATH);
subjectConfirmationData.setNotOnOrAfter(notOnOrAfter);
SubjectConfirmation subjectConfirmation = (new SubjectConfirmationBuilder().buildObject());
subjectConfirmation.setMethod(SubjectConfirmation.METHOD_BEARER);
subjectConfirmation.setSubjectConfirmationData(subjectConfirmationData);
Subject subject = (new SubjectBuilder().buildObject());
subject.setNameID(nameID);
subject.getSubjectConfirmations().add(subjectConfirmation);
Issuer issuer = (new IssuerBuilder().buildObject());
issuer.setValue(IDP_ID);
Audience audience = (new AudienceBuilder().buildObject());
audience.setAudienceURI(SP_ID_JAM);
AudienceRestriction audienceRestriction = (new AudienceRestrictionBuilder().buildObject());
audienceRestriction.getAudiences().add(audience);
Conditions conditions = (new ConditionsBuilder().buildObject());
conditions.setNotBefore(notBefore);
conditions.setNotOnOrAfter(notOnOrAfter);
conditions.getAudienceRestrictions().add(audienceRestriction);
Assertion assertion = (new AssertionBuilder().buildObject());
assertion.setID(UUID.randomUUID().toString());
assertion.setVersion(SAMLVersion.VERSION_20);
assertion.setIssueInstant(issueInstant);
assertion.setIssuer(issuer);
assertion.setSubject(subject);
assertion.setConditions(conditions);
if (includeClientKeyAttribute) {
XSString attributeValue = (XSString)Configuration.getBuilderFactory().getBuilder(XSString.TYPE_NAME).buildObject(AttributeValue.DEFAULT_ELEMENT_NAME, XSString.TYPE_NAME);
attributeValue.setValue(CLIENT_KEY);
Attribute attribute = (new AttributeBuilder().buildObject());
attribute.setName("client_id");
attribute.getAttributeValues().add(attributeValue);
AttributeStatement attributeStatement = (new AttributeStatementBuilder().buildObject());
attributeStatement.getAttributes().add(attribute);
assertion.getAttributeStatements().add(attributeStatement);
}
return assertion;
}
Example #13
| Source File: OAuth2SAMLWorkflowSample.java From jam-collaboration-sample with Apache License 2.0 | 4 votes |
|
private static Assertion buildSAML2Assertion(
String baseUrl,
String subjectNameId,
String subjectNameIdFormat,
String subjectNameIdQualifier,
String idpId,
String clientKey,
boolean includeClientKeyAttribute)
{
// Bootstrap the OpenSAML library
try {
DefaultBootstrap.bootstrap();
} catch (ConfigurationException e) {
}
DateTime issueInstant = new DateTime();
DateTime notOnOrAfter = issueInstant.plusMinutes(10);
DateTime notBefore = issueInstant.minusMinutes(10);
NameID nameID = (new NameIDBuilder().buildObject());
if (subjectNameIdFormat.equals("email")) {
nameID.setFormat(NameIDType.EMAIL);
} else if (subjectNameIdFormat.equals("unspecified")) {
nameID.setFormat(NameIDType.UNSPECIFIED);
} else {
throw new IllegalArgumentException("subjectNameIdFormat must be 'email' or 'unspecified'.");
}
if (subjectNameIdQualifier != null) {
nameID.setNameQualifier(subjectNameIdQualifier);
}
nameID.setValue(subjectNameId);
SubjectConfirmationData subjectConfirmationData = (new SubjectConfirmationDataBuilder().buildObject());
subjectConfirmationData.setRecipient(baseUrl + ACCESS_TOKEN_URL_PATH);
subjectConfirmationData.setNotOnOrAfter(notOnOrAfter);
SubjectConfirmation subjectConfirmation = (new SubjectConfirmationBuilder().buildObject());
subjectConfirmation.setMethod(SubjectConfirmation.METHOD_BEARER);
subjectConfirmation.setSubjectConfirmationData(subjectConfirmationData);
Subject subject = (new SubjectBuilder().buildObject());
subject.setNameID(nameID);
subject.getSubjectConfirmations().add(subjectConfirmation);
Issuer issuer = (new IssuerBuilder().buildObject());
issuer.setValue(idpId);
Audience audience = (new AudienceBuilder().buildObject());
audience.setAudienceURI(SP_ID_JAM);
AudienceRestriction audienceRestriction = (new AudienceRestrictionBuilder().buildObject());
audienceRestriction.getAudiences().add(audience);
Conditions conditions = (new ConditionsBuilder().buildObject());
conditions.setNotBefore(notBefore);
conditions.setNotOnOrAfter(notOnOrAfter);
conditions.getAudienceRestrictions().add(audienceRestriction);
Assertion assertion = (new AssertionBuilder().buildObject());
assertion.setID(UUID.randomUUID().toString());
assertion.setVersion(SAMLVersion.VERSION_20);
assertion.setIssueInstant(issueInstant);
assertion.setIssuer(issuer);
assertion.setSubject(subject);
assertion.setConditions(conditions);
if (includeClientKeyAttribute) {
XSString attributeValue = (XSString)Configuration.getBuilderFactory().getBuilder(XSString.TYPE_NAME).buildObject(AttributeValue.DEFAULT_ELEMENT_NAME, XSString.TYPE_NAME);
attributeValue.setValue(clientKey);
Attribute attribute = (new AttributeBuilder().buildObject());
attribute.setName("client_id");
attribute.getAttributeValues().add(attributeValue);
AttributeStatement attributeStatement = (new AttributeStatementBuilder().buildObject());
attributeStatement.getAttributes().add(attribute);
assertion.getAttributeStatements().add(attributeStatement);
}
return assertion;
}
Example #14
| Source File: OAuth2SAMLUtil.java From jam-collaboration-sample with Apache License 2.0 | 4 votes |
|
public static String buildSignedSAML2Assertion(
final String idpId,
final String destinationUri,
final String subjectNameId,
final String subjectNameIdFormat,
final String subjectNameIdQualifier,
final PrivateKey idpPrivateKey,
final X509Certificate idpCertificate,
final String spJamId,
final Map<String, List<Object>> attributes) throws Exception {
// Bootstrap the OpenSAML library
try {
DefaultBootstrap.bootstrap();
} catch (ConfigurationException e) {
}
DateTime issueInstant = new DateTime();
DateTime notOnOrAfter = issueInstant.plusMinutes(10);
DateTime notBefore = issueInstant.minusMinutes(10);
NameID nameID = makeEmailFormatName(subjectNameId, subjectNameIdFormat, subjectNameIdQualifier);
SubjectConfirmationData subjectConfirmationData = (new SubjectConfirmationDataBuilder().buildObject());
subjectConfirmationData.setRecipient(destinationUri);
subjectConfirmationData.setNotOnOrAfter(notOnOrAfter);
SubjectConfirmation subjectConfirmation = (new SubjectConfirmationBuilder().buildObject());
subjectConfirmation.setMethod(SubjectConfirmation.METHOD_BEARER);
subjectConfirmation.setSubjectConfirmationData(subjectConfirmationData);
Subject subject = (new SubjectBuilder().buildObject());
subject.setNameID(nameID);
subject.getSubjectConfirmations().add(subjectConfirmation);
Issuer issuer = (new IssuerBuilder().buildObject());
issuer.setValue(idpId);
Audience audience = (new AudienceBuilder().buildObject());
audience.setAudienceURI(spJamId);
AudienceRestriction audienceRestriction = (new AudienceRestrictionBuilder().buildObject());
audienceRestriction.getAudiences().add(audience);
Conditions conditions = (new ConditionsBuilder().buildObject());
conditions.setNotBefore(notBefore);
conditions.setNotOnOrAfter(notOnOrAfter);
conditions.getAudienceRestrictions().add(audienceRestriction);
Assertion assertion = (new AssertionBuilder().buildObject());
assertion.setID(UUID.randomUUID().toString());
assertion.setVersion(SAMLVersion.VERSION_20);
assertion.setIssueInstant(issueInstant);
assertion.setIssuer(issuer);
assertion.setSubject(subject);
assertion.setConditions(conditions);
return signAssertion(assertion, idpPrivateKey);
}
Example #15
| Source File: SAML2TokenBuilder.java From carbon-identity with Apache License 2.0 | 4 votes |
|
@Override
public void createSAMLAssertion(DateTime notAfter, DateTime notBefore, String assertionId)
throws IdentityProviderException {
assertion = (Assertion) buildXMLObject(Assertion.DEFAULT_ELEMENT_NAME);
Conditions conditions = (Conditions) buildXMLObject(Conditions.DEFAULT_ELEMENT_NAME);
conditions.setNotBefore(notBefore);
conditions.setNotOnOrAfter(notAfter);
ServerConfiguration config = ServerConfiguration.getInstance();
String host = "http://" + config.getFirstProperty("HostName");
Issuer issuer = (Issuer) buildXMLObject(Issuer.DEFAULT_ELEMENT_NAME);
issuer.setValue(host);
assertion.setIssuer(issuer);
assertion.setIssueInstant(new DateTime());
if (appilesTo != null) {
Audience audience = (Audience) buildXMLObject(Audience.DEFAULT_ELEMENT_NAME);
audience.setAudienceURI(appilesTo);
AudienceRestriction audienceRestrictions =
(AudienceRestriction) buildXMLObject(AudienceRestriction.DEFAULT_ELEMENT_NAME);
audienceRestrictions.getAudiences().add(audience);
conditions.getAudienceRestrictions().add(audienceRestrictions);
}
assertion.setConditions(conditions);
assertion.getAttributeStatements().add(this.attributeStmt);
assertion.setID(assertionId);
Subject subject = (Subject) buildXMLObject(Subject.DEFAULT_ELEMENT_NAME);
SubjectConfirmation subjectConf =
(SubjectConfirmation) buildXMLObject(SubjectConfirmation.DEFAULT_ELEMENT_NAME);
SubjectConfirmationData confData =
(SubjectConfirmationData) buildXMLObject(SubjectConfirmationData.DEFAULT_ELEMENT_NAME);
confData.setAddress(CONF_KEY);
subjectConf.setSubjectConfirmationData(confData);
subject.getSubjectConfirmations().add(subjectConf);
assertion.setSubject(subject);
}
Example #16
| Source File: SamlFederationResourceTest.java From secure-data-service with Apache License 2.0 | 3 votes |
|
private Assertion createAssertion(String conditionNotBefore, String subjectNotBefore, String recipient) {
Assertion assertion = Mockito.mock(Assertion.class);
Conditions conditions = Mockito.mock(Conditions.class);
DateTimeFormatter fmt = DateTimeFormat.forPattern("MM/dd/yyyy");
DateTime datetime = DateTime.now();
datetime = datetime.plusMonths(1) ;
Mockito.when(conditions.getNotBefore()).thenReturn(DateTime.parse(conditionNotBefore, fmt));
Mockito.when(conditions.getNotOnOrAfter()).thenReturn(DateTime.parse(datetime.toString(fmt), fmt));
Subject subject = Mockito.mock(Subject.class);
SubjectConfirmationData subjectConfirmationData = Mockito.mock(SubjectConfirmationData.class);
SubjectConfirmation subjectConfirmation = Mockito.mock(SubjectConfirmation.class);
Mockito.when(subjectConfirmation.getSubjectConfirmationData()).thenReturn(subjectConfirmationData);
ArrayList<SubjectConfirmation> res = new ArrayList<SubjectConfirmation>();
res.add(subjectConfirmation);
Mockito.when(subject.getSubjectConfirmations()).thenReturn(res);
Mockito.when(subjectConfirmationData.getNotBefore()).thenReturn(DateTime.parse(subjectNotBefore, fmt));
Mockito.when(subjectConfirmationData.getNotOnOrAfter()).thenReturn(DateTime.parse(datetime.toString(fmt), fmt));
Mockito.when(subjectConfirmationData.getRecipient()).thenReturn(recipient);
Mockito.when(assertion.getConditions()).thenReturn(conditions);
Mockito.when(assertion.getSubject()).thenReturn(subject);
return assertion;
}
Example #17
| Source File: SubjectImpl.java From lams with GNU General Public License v2.0 | 2 votes |
|
/**
* Constructor.
*
* @param namespaceURI the namespace the element is in
* @param elementLocalName the local name of the XML element this Object represents
* @param namespacePrefix the prefix for the given namespace
*/
protected SubjectImpl(String namespaceURI, String elementLocalName, String namespacePrefix) {
super(namespaceURI, elementLocalName, namespacePrefix);
subjectConfirmations = new XMLObjectChildrenList<SubjectConfirmation>(this);
}
Example #18
| Source File: SubjectConfirmationSchemaValidator.java From lams with GNU General Public License v2.0 | 2 votes |
|
/**
* Checks that Method is present.
*
* @param subjectConfirmation
* @throws ValidationException
*/
protected void validateMethod(SubjectConfirmation subjectConfirmation) throws ValidationException {
if (DatatypeHelper.isEmpty(subjectConfirmation.getMethod())) {
throw new ValidationException("Method required");
}
}
