com.onelogin.saml2.authn.SamlResponse Java Examples
The following examples show how to use
com.onelogin.saml2.authn.SamlResponse.
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
Source File: AuthTokenProcessorHandler.java From deprecated-security-advanced-modules with Apache License 2.0 | 6 votes |
private long getJwtExpiration(SamlResponse samlResponse) throws Exception { DateTime sessionNotOnOrAfter = samlResponse.getSessionNotOnOrAfter(); if (this.expiryBaseValue == ExpiryBaseValue.NOW) { return System.currentTimeMillis() / 1000 + this.expiryOffset; } else if (this.expiryBaseValue == ExpiryBaseValue.SESSION) { if (sessionNotOnOrAfter != null) { return sessionNotOnOrAfter.getMillis() / 1000 + this.expiryOffset; } else { throw new Exception( "Error while determining JWT expiration time: SamlResponse did not contain sessionNotOnOrAfter value"); } } else { // AUTO if (sessionNotOnOrAfter != null) { return sessionNotOnOrAfter.getMillis() / 1000; } else { return System.currentTimeMillis() / 1000 + (this.expiryOffset > 0 ? this.expiryOffset : 60 * 60); } } }
Example #2
Source File: AuthTokenProcessorHandler.java From deprecated-security-advanced-modules with Apache License 2.0 | 6 votes |
private String[] extractRoles(SamlResponse samlResponse) throws XPathExpressionException, ValidationError { if (this.samlRolesKey == null) { return new String[0]; } List<String> values = samlResponse.getAttributes().get(this.samlRolesKey); if (values == null || values.size() == 0) { return null; } if (samlRolesSeparator != null) { values = splitRoles(values); } else { values = trimRoles(values); } return values.toArray(new String[values.size()]); }
Example #3
Source File: AuthTokenProcessorHandler.java From deprecated-security-advanced-modules with Apache License 2.0 | 5 votes |
private String createJwt(SamlResponse samlResponse) throws Exception { JwtClaims jwtClaims = new JwtClaims(); JwtToken jwt = new JwtToken(jwtClaims); jwtClaims.setNotBefore(System.currentTimeMillis() / 1000); jwtClaims.setExpiryTime(getJwtExpiration(samlResponse)); jwtClaims.setProperty(this.jwtSubjectKey, this.extractSubject(samlResponse)); if (this.samlSubjectKey != null) { jwtClaims.setProperty("saml_ni", samlResponse.getNameId()); } if (samlResponse.getNameIdFormat() != null) { jwtClaims.setProperty("saml_nif", SamlNameIdFormat.getByUri(samlResponse.getNameIdFormat()).getShortName()); } String sessionIndex = samlResponse.getSessionIndex(); if (sessionIndex != null) { jwtClaims.setProperty("saml_si", sessionIndex); } if (this.samlRolesKey != null && this.jwtRolesKey != null) { String[] roles = this.extractRoles(samlResponse); jwtClaims.setProperty(this.jwtRolesKey, roles); } String encodedJwt = this.jwtProducer.processJwt(jwt); if (token_log.isDebugEnabled()) { token_log.debug("Created JWT: " + encodedJwt + "\n" + jsonMapReaderWriter.toJson(jwt.getJwsHeaders()) + "\n" + JwtUtils.claimsToJson(jwt.getClaims())); } return encodedJwt; }
Example #4
Source File: AuthTokenProcessorHandler.java From deprecated-security-advanced-modules with Apache License 2.0 | 5 votes |
private String extractSubject(SamlResponse samlResponse) throws Exception { if (this.samlSubjectKey == null) { return samlResponse.getNameId(); } List<String> values = samlResponse.getAttributes().get(this.samlSubjectKey); if (values == null || values.size() == 0) { return null; } return values.get(0); }
Example #5
Source File: SAMLResponseMap.java From guacamole-client with Apache License 2.0 | 5 votes |
@Override public void run() { // Loop through responses in map and remove ones that are no longer valid. Iterator<SamlResponse> responseIterator = samlResponseMap.values().iterator(); while (responseIterator.hasNext()) { try { responseIterator.next().validateTimestamps(); } catch (ValidationError e) { responseIterator.remove(); } } }
Example #6
Source File: SAMLResponseMap.java From guacamole-client with Apache License 2.0 | 2 votes |
/** * Retrieve the SamlResponse from the map that is represented by the * provided hash, or null if no such object exists. * * @param hash * The SHA-256 hash of the SamlResponse. * * @return * The SamlResponse object matching the hash provided. */ protected SamlResponse getSamlResponse(String hash) { return samlResponseMap.remove(hash); }
Example #7
Source File: SAMLResponseMap.java From guacamole-client with Apache License 2.0 | 2 votes |
/** * Place the provided mapping of hash to SamlResponse into the map. * * @param hash * The hash that will be the lookup key for this SamlResponse. * * @param samlResponse * The SamlResponse object. */ protected void putSamlResponse(String hash, SamlResponse samlResponse) { samlResponseMap.put(hash, samlResponse); }