org.opensaml.saml.saml2.core.AuthnContextComparisonTypeEnumeration Java Examples
The following examples show how to use
org.opensaml.saml.saml2.core.AuthnContextComparisonTypeEnumeration.
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
| Source File: SamlpRequestComponentBuilder.java From cxf with Apache License 2.0 | 6 votes |
|
@SuppressWarnings("unchecked")
public static RequestedAuthnContext createRequestedAuthnCtxPolicy(
AuthnContextComparisonTypeEnumeration comparison,
List<AuthnContextClassRef> authnCtxClassRefList,
List<AuthnContextDeclRef> authnCtxDeclRefList
) {
if (requestedAuthnCtxBuilder == null) {
requestedAuthnCtxBuilder = (SAMLObjectBuilder<RequestedAuthnContext>)
builderFactory.getBuilder(RequestedAuthnContext.DEFAULT_ELEMENT_NAME);
}
RequestedAuthnContext authnCtx = requestedAuthnCtxBuilder.buildObject();
authnCtx.setComparison(comparison);
if (authnCtxClassRefList != null) {
List<AuthnContextClassRef> classRefList = authnCtx.getAuthnContextClassRefs();
classRefList.addAll(authnCtxClassRefList);
}
if (authnCtxDeclRefList != null) {
List<AuthnContextDeclRef> declRefList = authnCtx.getAuthnContextDeclRefs();
declRefList.addAll(authnCtxDeclRefList);
}
return authnCtx;
}
Example #2
| Source File: SamlpRequestComponentBuilder.java From cxf-fediz with Apache License 2.0 | 6 votes |
|
@SuppressWarnings("unchecked")
public static RequestedAuthnContext createRequestedAuthnCtxPolicy(
AuthnContextComparisonTypeEnumeration comparison,
List<AuthnContextClassRef> authnCtxClassRefList,
List<AuthnContextDeclRef> authnCtxDeclRefList
) {
if (requestedAuthnCtxBuilder == null) {
requestedAuthnCtxBuilder = (SAMLObjectBuilder<RequestedAuthnContext>)
builderFactory.getBuilder(RequestedAuthnContext.DEFAULT_ELEMENT_NAME);
}
RequestedAuthnContext authnCtx = requestedAuthnCtxBuilder.buildObject();
authnCtx.setComparison(comparison);
if (authnCtxClassRefList != null) {
List<AuthnContextClassRef> classRefList = authnCtx.getAuthnContextClassRefs();
classRefList.addAll(authnCtxClassRefList);
}
if (authnCtxDeclRefList != null) {
List<AuthnContextDeclRef> declRefList = authnCtx.getAuthnContextDeclRefs();
declRefList.addAll(authnCtxDeclRefList);
}
return authnCtx;
}
Example #3
| Source File: DefaultRequestedAuthnContextProvider.java From syncope with Apache License 2.0 | 5 votes |
|
@Override
public RequestedAuthnContext provide() {
AuthnContextClassRef authnContextClassRef = new AuthnContextClassRefBuilder().buildObject();
authnContextClassRef.setAuthnContextClassRef(AuthnContext.PPT_AUTHN_CTX);
RequestedAuthnContext requestedAuthnContext = new RequestedAuthnContextBuilder().buildObject();
requestedAuthnContext.setComparison(AuthnContextComparisonTypeEnumeration.EXACT);
requestedAuthnContext.getAuthnContextClassRefs().add(authnContextClassRef);
return requestedAuthnContext;
}
Example #4
| Source File: DefaultAuthnRequestBuilder.java From cxf with Apache License 2.0 | 5 votes |
|
/**
* Create a SAML 2.0 Protocol AuthnRequest
*/
public AuthnRequest createAuthnRequest(
Message message,
String issuerId,
String assertionConsumerServiceAddress
) throws Exception {
Issuer issuer =
SamlpRequestComponentBuilder.createIssuer(issuerId);
NameIDPolicy nameIDPolicy =
SamlpRequestComponentBuilder.createNameIDPolicy(true, nameIDFormat, issuerId);
AuthnContextClassRef authnCtxClassRef =
SamlpRequestComponentBuilder.createAuthnCtxClassRef(
"urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport"
);
RequestedAuthnContext authnCtx =
SamlpRequestComponentBuilder.createRequestedAuthnCtxPolicy(
AuthnContextComparisonTypeEnumeration.EXACT,
Collections.singletonList(authnCtxClassRef), null
);
//CHECKSTYLE:OFF
return SamlpRequestComponentBuilder.createAuthnRequest(
assertionConsumerServiceAddress,
forceAuthn,
isPassive,
protocolBinding,
SAMLVersion.VERSION_20,
issuer,
nameIDPolicy,
authnCtx
);
}
Example #5
| Source File: AuthnRequestBuilderTest.java From cxf with Apache License 2.0 | 5 votes |
|
@org.junit.Test
public void testCreateAuthnRequest() throws Exception {
Document doc = DOMUtils.createDocument();
Issuer issuer =
SamlpRequestComponentBuilder.createIssuer("http://localhost:9001/app");
NameIDPolicy nameIDPolicy =
SamlpRequestComponentBuilder.createNameIDPolicy(
true, "urn:oasis:names:tc:SAML:2.0:nameid-format:persistent", "Issuer"
);
AuthnContextClassRef authnCtxClassRef =
SamlpRequestComponentBuilder.createAuthnCtxClassRef(
"urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport"
);
RequestedAuthnContext authnCtx =
SamlpRequestComponentBuilder.createRequestedAuthnCtxPolicy(
AuthnContextComparisonTypeEnumeration.EXACT,
Collections.singletonList(authnCtxClassRef), null
);
AuthnRequest authnRequest =
SamlpRequestComponentBuilder.createAuthnRequest(
"http://localhost:9001/sso", false, false,
"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST", SAMLVersion.VERSION_20,
issuer, nameIDPolicy, authnCtx
);
Element policyElement = OpenSAMLUtil.toDom(authnRequest, doc);
doc.appendChild(policyElement);
// String outputString = DOM2Writer.nodeToString(policyElement);
assertNotNull(policyElement);
}
Example #6
| Source File: DefaultSAMLPRequestBuilder.java From cxf-fediz with Apache License 2.0 | 5 votes |
|
/**
* Create a SAML 2.0 Protocol AuthnRequest
*/
public AuthnRequest createAuthnRequest(
String issuerId,
String assertionConsumerServiceAddress
) throws Exception {
Issuer issuer =
SamlpRequestComponentBuilder.createIssuer(issuerId);
NameIDPolicy nameIDPolicy =
SamlpRequestComponentBuilder.createNameIDPolicy(
true, nameIDFormat, issuerId
);
AuthnContextClassRef authnCtxClassRef =
SamlpRequestComponentBuilder.createAuthnCtxClassRef(
"urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport"
);
RequestedAuthnContext authnCtx =
SamlpRequestComponentBuilder.createRequestedAuthnCtxPolicy(
AuthnContextComparisonTypeEnumeration.EXACT,
Collections.singletonList(authnCtxClassRef), null
);
//CHECKSTYLE:OFF
return SamlpRequestComponentBuilder.createAuthnRequest(
assertionConsumerServiceAddress,
forceAuthn,
isPassive,
protocolBinding,
SAMLVersion.VERSION_20,
issuer,
nameIDPolicy,
authnCtx
);
}
Example #7
| Source File: CustomSAMLPRequestBuilder.java From cxf-fediz with Apache License 2.0 | 5 votes |
|
/**
* Create a SAML 2.0 Protocol AuthnRequest
*/
public AuthnRequest createAuthnRequest(
String issuerId,
String assertionConsumerServiceAddress
) throws Exception {
Issuer issuer =
SamlpRequestComponentBuilder.createIssuer(issuerId);
NameIDPolicy nameIDPolicy =
SamlpRequestComponentBuilder.createNameIDPolicy(
true, "urn:oasis:names:tc:SAML:2.0:nameid-format:persistent", issuerId
);
AuthnContextClassRef authnCtxClassRef =
SamlpRequestComponentBuilder.createAuthnCtxClassRef(
"urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport"
);
RequestedAuthnContext authnCtx =
SamlpRequestComponentBuilder.createRequestedAuthnCtxPolicy(
AuthnContextComparisonTypeEnumeration.EXACT,
Collections.singletonList(authnCtxClassRef), null
);
//CHECKSTYLE:OFF
return SamlpRequestComponentBuilder.createAuthnRequest(
assertionConsumerServiceAddress,
forceAuthn,
isPassive,
protocolBinding,
SAMLVersion.VERSION_11,
issuer,
nameIDPolicy,
authnCtx
);
}
Example #8
| Source File: IdpTest.java From cxf-fediz with Apache License 2.0 | 4 votes |
|
@org.junit.Test
public void testBadIssuerFormat() throws Exception {
OpenSAMLUtil.initSamlEngine();
// Create SAML AuthnRequest
String consumerURL = "https://localhost:" + getRpHttpsPort() + "/"
+ getServletContextName() + "/secure/fedservlet";
String issuerId = "urn:org:apache:cxf:fediz:fedizhelloworld";
Issuer issuer =
SamlpRequestComponentBuilder.createIssuer(issuerId);
issuer.setFormat("urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress");
String nameIDFormat = "urn:oasis:names:tc:SAML:2.0:nameid-format:persistent";
NameIDPolicy nameIDPolicy =
SamlpRequestComponentBuilder.createNameIDPolicy(true, nameIDFormat, issuerId);
AuthnContextClassRef authnCtxClassRef =
SamlpRequestComponentBuilder.createAuthnCtxClassRef(
"urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport"
);
RequestedAuthnContext authnCtx =
SamlpRequestComponentBuilder.createRequestedAuthnCtxPolicy(
AuthnContextComparisonTypeEnumeration.EXACT,
Collections.singletonList(authnCtxClassRef), null
);
String protocolBinding = "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST";
AuthnRequest authnRequest = SamlpRequestComponentBuilder.createAuthnRequest(
consumerURL,
false,
false,
protocolBinding,
SAMLVersion.VERSION_20,
issuer,
nameIDPolicy,
authnCtx
);
authnRequest.setDestination("https://localhost:" + getIdpHttpsPort() + "/fediz-idp/saml");
signAuthnRequest(authnRequest);
String authnRequestEncoded = encodeAuthnRequest(authnRequest);
String relayState = UUID.randomUUID().toString();
String url = "https://localhost:" + getIdpHttpsPort() + "/fediz-idp/saml?"
+ SSOConstants.RELAY_STATE + "=" + relayState
+ "&" + SSOConstants.SAML_REQUEST + "=" + URLEncoder.encode(authnRequestEncoded, UTF_8.name());
final WebClient webClient = new WebClient();
webClient.getOptions().setUseInsecureSSL(true);
webClient.getCredentialsProvider().setCredentials(
new AuthScope("localhost", Integer.parseInt(getIdpHttpsPort())),
new UsernamePasswordCredentials(USER, PWD));
webClient.getOptions().setJavaScriptEnabled(false);
final HtmlPage idpPage = webClient.getPage(url);
org.opensaml.saml.saml2.core.Response samlResponse =
parseSAMLResponse(idpPage, relayState, consumerURL, authnRequest.getID());
String expected = "urn:oasis:names:tc:SAML:2.0:status:Requester";
Assert.assertEquals(expected, samlResponse.getStatus().getStatusCode().getValue());
webClient.close();
}
