org.opensaml.saml2.core.impl.AttributeStatementBuilder Java Examples
The following examples show how to use
org.opensaml.saml2.core.impl.AttributeStatementBuilder.
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
| Source File: SAMLResponseBuilder.java From carbon-identity with Apache License 2.0 | 7 votes |
|
/**
* Build Attribute Statement
*
* @param claims
* @return AttributeStatement
*/
private AttributeStatement buildAttributeStatement(Map<String, String> claims) {
AttributeStatement attStmt = null;
if (claims != null) {
attStmt = new AttributeStatementBuilder().buildObject();
Iterator<String> ite = claims.keySet().iterator();
for (int i = 0; i < claims.size(); i++) {
Attribute attrib = new AttributeBuilder().buildObject();
String claimUri = ite.next();
attrib.setName(claimUri);
// look
// https://wiki.shibboleth.net/confluence/display/OpenSAML/OSTwoUsrManJavaAnyTypes
XSStringBuilder stringBuilder =
(XSStringBuilder) Configuration.getBuilderFactory()
.getBuilder(XSString.TYPE_NAME);
XSString stringValue =
stringBuilder.buildObject(AttributeValue.DEFAULT_ELEMENT_NAME,
XSString.TYPE_NAME);
stringValue.setValue(claims.get(claimUri));
attrib.getAttributeValues().add(stringValue);
attStmt.getAttributes().add(attrib);
}
}
return attStmt;
}
Example #2
| Source File: SamlAssertionProducer.java From saml-generator with Apache License 2.0 | 6 votes |
|
private AttributeStatement createAttributeStatement(HashMap<String, List<String>> attributes) {
// create authenticationstatement object
AttributeStatementBuilder attributeStatementBuilder = new AttributeStatementBuilder();
AttributeStatement attributeStatement = attributeStatementBuilder.buildObject();
AttributeBuilder attributeBuilder = new AttributeBuilder();
if (attributes != null) {
for (Map.Entry<String, List<String>> entry : attributes.entrySet()) {
Attribute attribute = attributeBuilder.buildObject();
attribute.setName(entry.getKey());
for (String value : entry.getValue()) {
XSStringBuilder stringBuilder = new XSStringBuilder();
XSString attributeValue = stringBuilder.buildObject(AttributeValue.DEFAULT_ELEMENT_NAME, XSString.TYPE_NAME);
attributeValue.setValue(value);
attribute.getAttributeValues().add(attributeValue);
}
attributeStatement.getAttributes().add(attribute);
}
}
return attributeStatement;
}
Example #3
| Source File: AttributeStatementGenerator.java From MaxKey with Apache License 2.0 | 5 votes |
|
public AttributeStatement generateAttributeStatement(
AppsSAML20Details saml20Details,
ArrayList<GrantedAuthority> grantedAuthoritys,
HashMap<String,String>attributeMap) {
AttributeStatementBuilder attributeStatementBuilder = (AttributeStatementBuilder) builderFactory.getBuilder(AttributeStatement.DEFAULT_ELEMENT_NAME);
AttributeStatement attributeStatement = attributeStatementBuilder.buildObject();
Attribute attributeGrantedAuthority=builderGrantedAuthority(grantedAuthoritys);
attributeStatement.getAttributes().add(attributeGrantedAuthority);
if(null!=attributeMap){
Iterator<Entry<String, String>> iterator = attributeMap.entrySet().iterator();
while (iterator.hasNext()) {
Map.Entry<String, String> entry = (Map.Entry<String, String>) iterator.next();
String key = entry.getKey();
String value = entry.getValue();
Attribute attribute=builderAttribute(key,value,Attribute.BASIC);
attributeStatement.getAttributes().add(attribute);
}
}
logger.debug("ExtendAttr "+saml20Details.getExtendAttr());
if(Boolean.isTrue(saml20Details.getIsExtendAttr())) {
ExtraAttrs extraAttrs=new ExtraAttrs(saml20Details.getExtendAttr());
for(ExtraAttr extraAttr : extraAttrs.getExtraAttrs()) {
logger.debug("Attribute : "+extraAttr.getAttr()+" , Vale : "+extraAttr.getValue()+" , Type : "+extraAttr.getType());
attributeStatement.getAttributes().add(builderAttribute(extraAttr.getAttr(),extraAttr.getValue(),extraAttr.getType()));
}
}
return attributeStatement;
}
Example #4
| Source File: SAML2LoginAPIAuthenticatorCmdTest.java From cloudstack with Apache License 2.0 | 5 votes |
|
private Response buildMockResponse() throws Exception {
Response samlMessage = new ResponseBuilder().buildObject();
samlMessage.setID("foo");
samlMessage.setVersion(SAMLVersion.VERSION_20);
samlMessage.setIssueInstant(new DateTime(0));
Issuer issuer = new IssuerBuilder().buildObject();
issuer.setValue("MockedIssuer");
samlMessage.setIssuer(issuer);
Status status = new StatusBuilder().buildObject();
StatusCode statusCode = new StatusCodeBuilder().buildObject();
statusCode.setValue(StatusCode.SUCCESS_URI);
status.setStatusCode(statusCode);
samlMessage.setStatus(status);
Assertion assertion = new AssertionBuilder().buildObject();
Subject subject = new SubjectBuilder().buildObject();
NameID nameID = new NameIDBuilder().buildObject();
nameID.setValue("SOME-UNIQUE-ID");
nameID.setFormat(NameIDType.PERSISTENT);
subject.setNameID(nameID);
assertion.setSubject(subject);
AuthnStatement authnStatement = new AuthnStatementBuilder().buildObject();
authnStatement.setSessionIndex("Some Session String");
assertion.getAuthnStatements().add(authnStatement);
AttributeStatement attributeStatement = new AttributeStatementBuilder().buildObject();
assertion.getAttributeStatements().add(attributeStatement);
samlMessage.getAssertions().add(assertion);
return samlMessage;
}
Example #5
| Source File: OAuth2SAMLWorkflowSample.java From jam-collaboration-sample with Apache License 2.0 | 4 votes |
|
private static Assertion buildSAML2Assertion(boolean includeClientKeyAttribute)
{
// Bootstrap the OpenSAML library
try {
DefaultBootstrap.bootstrap();
} catch (ConfigurationException e) {
}
DateTime issueInstant = new DateTime();
DateTime notOnOrAfter = issueInstant.plusMinutes(10);
DateTime notBefore = issueInstant.minusMinutes(10);
NameID nameID = (new NameIDBuilder().buildObject());
if (SUBJECT_NAME_ID_FORMAT.equals("email")) {
nameID.setFormat(NameIDType.EMAIL);
} else if (SUBJECT_NAME_ID_FORMAT.equals("unspecified")) {
nameID.setFormat(NameIDType.UNSPECIFIED);
} else {
throw new IllegalArgumentException("SUBJECT_NAME_ID_FORMAT must be 'email' or 'unspecified'.");
}
if (subjectNameIdQualifier != null) {
nameID.setNameQualifier(subjectNameIdQualifier);
}
nameID.setValue(SUBJECT_NAME_ID);
SubjectConfirmationData subjectConfirmationData = (new SubjectConfirmationDataBuilder().buildObject());
subjectConfirmationData.setRecipient(BASE_URL + ACCESS_TOKEN_URL_PATH);
subjectConfirmationData.setNotOnOrAfter(notOnOrAfter);
SubjectConfirmation subjectConfirmation = (new SubjectConfirmationBuilder().buildObject());
subjectConfirmation.setMethod(SubjectConfirmation.METHOD_BEARER);
subjectConfirmation.setSubjectConfirmationData(subjectConfirmationData);
Subject subject = (new SubjectBuilder().buildObject());
subject.setNameID(nameID);
subject.getSubjectConfirmations().add(subjectConfirmation);
Issuer issuer = (new IssuerBuilder().buildObject());
issuer.setValue(IDP_ID);
Audience audience = (new AudienceBuilder().buildObject());
audience.setAudienceURI(SP_ID_JAM);
AudienceRestriction audienceRestriction = (new AudienceRestrictionBuilder().buildObject());
audienceRestriction.getAudiences().add(audience);
Conditions conditions = (new ConditionsBuilder().buildObject());
conditions.setNotBefore(notBefore);
conditions.setNotOnOrAfter(notOnOrAfter);
conditions.getAudienceRestrictions().add(audienceRestriction);
Assertion assertion = (new AssertionBuilder().buildObject());
assertion.setID(UUID.randomUUID().toString());
assertion.setVersion(SAMLVersion.VERSION_20);
assertion.setIssueInstant(issueInstant);
assertion.setIssuer(issuer);
assertion.setSubject(subject);
assertion.setConditions(conditions);
if (includeClientKeyAttribute) {
XSString attributeValue = (XSString)Configuration.getBuilderFactory().getBuilder(XSString.TYPE_NAME).buildObject(AttributeValue.DEFAULT_ELEMENT_NAME, XSString.TYPE_NAME);
attributeValue.setValue(CLIENT_KEY);
Attribute attribute = (new AttributeBuilder().buildObject());
attribute.setName("client_id");
attribute.getAttributeValues().add(attributeValue);
AttributeStatement attributeStatement = (new AttributeStatementBuilder().buildObject());
attributeStatement.getAttributes().add(attribute);
assertion.getAttributeStatements().add(attributeStatement);
}
return assertion;
}
Example #6
| Source File: OAuth2SAMLWorkflowSample.java From jam-collaboration-sample with Apache License 2.0 | 4 votes |
|
private static Assertion buildSAML2Assertion(
String baseUrl,
String subjectNameId,
String subjectNameIdFormat,
String subjectNameIdQualifier,
String idpId,
String clientKey,
boolean includeClientKeyAttribute)
{
// Bootstrap the OpenSAML library
try {
DefaultBootstrap.bootstrap();
} catch (ConfigurationException e) {
}
DateTime issueInstant = new DateTime();
DateTime notOnOrAfter = issueInstant.plusMinutes(10);
DateTime notBefore = issueInstant.minusMinutes(10);
NameID nameID = (new NameIDBuilder().buildObject());
if (subjectNameIdFormat.equals("email")) {
nameID.setFormat(NameIDType.EMAIL);
} else if (subjectNameIdFormat.equals("unspecified")) {
nameID.setFormat(NameIDType.UNSPECIFIED);
} else {
throw new IllegalArgumentException("subjectNameIdFormat must be 'email' or 'unspecified'.");
}
if (subjectNameIdQualifier != null) {
nameID.setNameQualifier(subjectNameIdQualifier);
}
nameID.setValue(subjectNameId);
SubjectConfirmationData subjectConfirmationData = (new SubjectConfirmationDataBuilder().buildObject());
subjectConfirmationData.setRecipient(baseUrl + ACCESS_TOKEN_URL_PATH);
subjectConfirmationData.setNotOnOrAfter(notOnOrAfter);
SubjectConfirmation subjectConfirmation = (new SubjectConfirmationBuilder().buildObject());
subjectConfirmation.setMethod(SubjectConfirmation.METHOD_BEARER);
subjectConfirmation.setSubjectConfirmationData(subjectConfirmationData);
Subject subject = (new SubjectBuilder().buildObject());
subject.setNameID(nameID);
subject.getSubjectConfirmations().add(subjectConfirmation);
Issuer issuer = (new IssuerBuilder().buildObject());
issuer.setValue(idpId);
Audience audience = (new AudienceBuilder().buildObject());
audience.setAudienceURI(SP_ID_JAM);
AudienceRestriction audienceRestriction = (new AudienceRestrictionBuilder().buildObject());
audienceRestriction.getAudiences().add(audience);
Conditions conditions = (new ConditionsBuilder().buildObject());
conditions.setNotBefore(notBefore);
conditions.setNotOnOrAfter(notOnOrAfter);
conditions.getAudienceRestrictions().add(audienceRestriction);
Assertion assertion = (new AssertionBuilder().buildObject());
assertion.setID(UUID.randomUUID().toString());
assertion.setVersion(SAMLVersion.VERSION_20);
assertion.setIssueInstant(issueInstant);
assertion.setIssuer(issuer);
assertion.setSubject(subject);
assertion.setConditions(conditions);
if (includeClientKeyAttribute) {
XSString attributeValue = (XSString)Configuration.getBuilderFactory().getBuilder(XSString.TYPE_NAME).buildObject(AttributeValue.DEFAULT_ELEMENT_NAME, XSString.TYPE_NAME);
attributeValue.setValue(clientKey);
Attribute attribute = (new AttributeBuilder().buildObject());
attribute.setName("client_id");
attribute.getAttributeValues().add(attributeValue);
AttributeStatement attributeStatement = (new AttributeStatementBuilder().buildObject());
attributeStatement.getAttributes().add(attribute);
assertion.getAttributeStatements().add(attributeStatement);
}
return assertion;
}
Example #7
| Source File: DefaultSAMLAssertionBuilder.java From carbon-identity with Apache License 2.0 | 4 votes |
|
private AttributeStatement buildAttributeStatement(Map<String, String> claims) {
String claimSeparator = claims.get(IdentityCoreConstants.MULTI_ATTRIBUTE_SEPARATOR);
if (StringUtils.isNotBlank(claimSeparator)) {
userAttributeSeparator = claimSeparator;
}
claims.remove(IdentityCoreConstants.MULTI_ATTRIBUTE_SEPARATOR);
AttributeStatement attStmt = new AttributeStatementBuilder().buildObject();
Iterator<Map.Entry<String, String>> iterator = claims.entrySet().iterator();
boolean atLeastOneNotEmpty = false;
for (int i = 0; i < claims.size(); i++) {
Map.Entry<String, String> claimEntry = iterator.next();
String claimUri = claimEntry.getKey();
String claimValue = claimEntry.getValue();
if (claimUri != null && !claimUri.trim().isEmpty() && claimValue != null && !claimValue.trim().isEmpty()) {
atLeastOneNotEmpty = true;
Attribute attribute = new AttributeBuilder().buildObject();
attribute.setName(claimUri);
//setting NAMEFORMAT attribute value to basic attribute profile
attribute.setNameFormat(SAMLSSOConstants.NAME_FORMAT_BASIC);
// look
// https://wiki.shibboleth.net/confluence/display/OpenSAML/OSTwoUsrManJavaAnyTypes
XSStringBuilder stringBuilder = (XSStringBuilder) Configuration.getBuilderFactory().
getBuilder(XSString.TYPE_NAME);
XSString stringValue;
//Need to check if the claim has multiple values
if (userAttributeSeparator != null && claimValue.contains(userAttributeSeparator)) {
StringTokenizer st = new StringTokenizer(claimValue, userAttributeSeparator);
while (st.hasMoreElements()) {
String attValue = st.nextElement().toString();
if (attValue != null && attValue.trim().length() > 0) {
stringValue = stringBuilder.buildObject(AttributeValue.DEFAULT_ELEMENT_NAME, XSString.TYPE_NAME);
stringValue.setValue(attValue);
attribute.getAttributeValues().add(stringValue);
}
}
} else {
stringValue = stringBuilder.buildObject(AttributeValue.DEFAULT_ELEMENT_NAME, XSString.TYPE_NAME);
stringValue.setValue(claimValue);
attribute.getAttributeValues().add(stringValue);
}
attStmt.getAttributes().add(attribute);
}
}
if (atLeastOneNotEmpty) {
return attStmt;
} else {
return null;
}
}
