Java Code Examples for org.opensaml.saml.saml2.core.NameID#setValue()

The following examples show how to use org.opensaml.saml.saml2.core.NameID#setValue() . You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
Source File: SamlClient.java    From saml-client with MIT License 5 votes vote down vote up
/**
 * Gets the encoded logout request.
 *
 * @param nameId the name id
 * @return the logout request
 * @throws SamlException the saml exception
 */
public String getLogoutRequest(String nameId) throws SamlException {
  LogoutRequest request = (LogoutRequest) getBasicSamlRequest(LogoutRequest.DEFAULT_ELEMENT_NAME);

  NameID nid = (NameID) buildSamlObject(NameID.DEFAULT_ELEMENT_NAME);
  nid.setValue(nameId);
  request.setNameID(nid);

  signSAMLObject(request);

  return marshallAndEncodeSamlObject(request);
}
 
Example 2
Source File: Util.java    From carbon-apimgt with Apache License 2.0 5 votes vote down vote up
/**
 * Build NameID object given name ID format
 *
 * @param nameIdFormat Name ID format
 * @param subject      Subject
 * @return SAML NameID object
 */
public static NameID buildNameID(String nameIdFormat, String subject) {
    NameID nameIdObj = new NameIDBuilder().buildObject();
    if (!StringUtils.isEmpty(nameIdFormat)) {
        nameIdObj.setFormat(nameIdFormat);
    } else {
        nameIdObj.setFormat(SSOConstants.NAME_ID_POLICY_DEFAULT);
    }
    nameIdObj.setValue(subject);
    return nameIdObj;
}
 
Example 3
Source File: MockSamlIdpServer.java    From deprecated-security-advanced-modules with Apache License 2.0 4 votes vote down vote up
private NameID createNameID(String format, String value) {
    NameID nameID = createSamlElement(NameID.class);
    nameID.setFormat(format);
    nameID.setValue(value);
    return nameID;
}
 
Example 4
Source File: SAML2SPLogic.java    From syncope with Apache License 2.0 4 votes vote down vote up
@PreAuthorize("isAuthenticated() and not(hasRole('" + IdRepoEntitlement.ANONYMOUS + "'))")
public SAML2RequestTO createLogoutRequest(final String accessToken, final String spEntityID) {
    check();

    // 1. fetch the current JWT used for Syncope authentication
    JwsJwtCompactConsumer consumer = new JwsJwtCompactConsumer(accessToken);
    if (!consumer.verifySignatureWith(jwsSignatureVerifier)) {
        throw new IllegalArgumentException("Invalid signature found in Access Token");
    }

    // 2. look for IdP
    String idpEntityID = (String) consumer.getJwtClaims().getClaim(JWT_CLAIM_IDP_ENTITYID);
    if (idpEntityID == null) {
        throw new NotFoundException("No SAML 2.0 IdP information found in the access token");
    }
    SAML2IdPEntity idp = cache.get(idpEntityID);
    if (idp == null) {
        throw new NotFoundException("SAML 2.0 IdP '" + idpEntityID + '\'');
    }
    if (idp.getSLOLocation(idp.getBindingType()) == null) {
        throw new IllegalArgumentException("No SingleLogoutService available for " + idp.getId());
    }

    // 3. create LogoutRequest
    LogoutRequest logoutRequest = new LogoutRequestBuilder().buildObject();
    logoutRequest.setID('_' + SecureRandomUtils.generateRandomUUID().toString());
    logoutRequest.setDestination(idp.getSLOLocation(idp.getBindingType()).getLocation());

    DateTime now = new DateTime();
    logoutRequest.setIssueInstant(now);
    logoutRequest.setNotOnOrAfter(now.plusMinutes(5));

    Issuer issuer = new IssuerBuilder().buildObject();
    issuer.setValue(spEntityID);
    logoutRequest.setIssuer(issuer);

    NameID nameID = new NameIDBuilder().buildObject();
    nameID.setFormat((String) consumer.getJwtClaims().getClaim(JWT_CLAIM_NAMEID_FORMAT));
    nameID.setValue((String) consumer.getJwtClaims().getClaim(JWT_CLAIM_NAMEID_VALUE));
    logoutRequest.setNameID(nameID);

    SessionIndex sessionIndex = new SessionIndexBuilder().buildObject();
    sessionIndex.setSessionIndex((String) consumer.getJwtClaims().getClaim(JWT_CLAIM_SESSIONINDEX));
    logoutRequest.getSessionIndexes().add(sessionIndex);

    SAML2RequestTO requestTO = new SAML2RequestTO();
    requestTO.setIdpServiceAddress(logoutRequest.getDestination());
    requestTO.setBindingType(idp.getBindingType());
    try {
        // 3. generate relay state as JWT
        Map<String, Object> claims = new HashMap<>();
        claims.put(JWT_CLAIM_IDP_DEFLATE,
                idp.getBindingType() == SAML2BindingType.REDIRECT ? true : idp.isUseDeflateEncoding());
        Pair<String, Date> relayState = accessTokenDataBinder.generateJWT(
                SecureRandomUtils.generateRandomUUID().toString(),
                logoutRequest.getID(), JWT_RELAY_STATE_DURATION, claims);
        requestTO.setRelayState(relayState.getLeft());

        // 4. sign and encode AuthnRequest
        switch (idp.getBindingType()) {
            case REDIRECT:
                requestTO.setContent(SAML2ReaderWriter.encode(logoutRequest, true));
                requestTO.setSignAlg(saml2rw.getSigAlgo());
                requestTO.setSignature(saml2rw.sign(requestTO.getContent(), requestTO.getRelayState()));
                break;

            case POST:
            default:
                saml2rw.sign(logoutRequest);
                requestTO.setContent(SAML2ReaderWriter.encode(logoutRequest, idp.isUseDeflateEncoding()));
        }
    } catch (Exception e) {
        LOG.error("While generating LogoutRequest", e);
        SyncopeClientException sce = SyncopeClientException.build(ClientExceptionType.Unknown);
        sce.getElements().add(e.getMessage());
        throw sce;
    }

    return requestTO;
}
 
Example 5
Source File: AbstractSaml20ObjectBuilder.java    From springboot-shiro-cas-mybatis with MIT License 3 votes vote down vote up
/**
 * Gets name id.
 *
 * @param nameIdFormat the name id format
 * @param nameIdValue the name id value
 * @return the name iD
 */
protected NameID getNameID(final String nameIdFormat, final String nameIdValue) {
    final NameID nameId = newSamlObject(NameID.class);
    nameId.setFormat(nameIdFormat);
    nameId.setValue(nameIdValue);
    return nameId;
}