Package org.opensaml.saml2.core

Examples of org.opensaml.saml2.core.Assertion

100
101
102
103
104
105
106
107
108
109
110
111
        OMElement elem = rst.getFirstChildWithName(new QName(
                "urn:oasis:names:tc:SAML:2.0:assertion", "Assertion"));
        assertNotNull("Missing SAML Assertion", elem);

        Assertion assertion = getAssertionObjectFromOMElement(elem);
        Subject subject = assertion.getSubject();
        assertNotNull("SAML Subject of the assertion cannot be null", subject);

        List<SubjectConfirmation> subjectConfirmations = subject.getSubjectConfirmations();
        assertNotNull("At least one Subject Confirmation should be present in the SAML Subject",
                      subjectConfirmations.get(0));
View Full Code Here
151
152
153
154
155
156
157
158
159
160
161
     * Build the SAML Assertion object from the OMElement for the ease of processing
     * @param omElement OMElement containing the SAML Assertion
     * @return Assertion object
     */
    private Assertion getAssertionObjectFromOMElement(OMElement omElement){
        Assertion assertion = null;
        try {
            DocumentBuilderFactory documentBuilderFactory = DocumentBuilderFactory.newInstance();
            documentBuilderFactory.setNamespaceAware(true);
            DocumentBuilder docBuilder = documentBuilderFactory.newDocumentBuilder();
            Document document = docBuilder.parse(new ByteArrayInputStream(omElement.toString().getBytes()));
View Full Code Here
140
141
142
143
144
145
146
147
148
149
150
151
                    "OpenSaml engine not initialized. Please make sure to initialize the OpenSaml engine "
                    + "prior using it"
                );
            }
        }
        Assertion assertion =
            assertionBuilder.buildObject(Assertion.DEFAULT_ELEMENT_NAME, Assertion.TYPE_NAME);
        assertion.setID("_" + UUIDGenerator.getUUID());
        assertion.setVersion(SAMLVersion.VERSION_20);
        assertion.setIssueInstant(new DateTime());
        return assertion;
    }
View Full Code Here
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
            if (WSConstants.ST_UNSIGNED == actInt.intValue()) {

                // If this is a SAML2.0 assertion
                if (wser.get(WSSecurityEngineResult.TAG_SAML_ASSERTION) instanceof Assertion) {

                    final Assertion assertion = (Assertion) wser.get(WSSecurityEngineResult.TAG_SAML_ASSERTION);
                    String id = assertion.getID();
                    Subject subject = assertion.getSubject();
                    SubjectConfirmationData scData = subject.getSubjectConfirmations()
                            .get(0).getSubjectConfirmationData();
                    Date dateOfCreation = scData.getNotBefore().toDate();
                    Date dateOfExpiration = scData.getNotOnOrAfter().toDate();

                    // TODO : SAML2KeyInfo element needs to be moved to WSS4J.
                    SAML2KeyInfo saml2KeyInfo = SAML2Utils.
                            getSAML2KeyInfo(assertion, signatureCrypto, tokenCallbackHandler);

                    //Store the token
                    try {
                        TokenStorage store = rmd.getTokenStorage();
                        if (store.getToken(id) == null) {
                            Token token = new Token(id, (OMElement) SAML2Utils.getElementFromAssertion(assertion), dateOfCreation, dateOfExpiration);
                            token.setSecret(saml2KeyInfo.getSecret());
                            store.add(token);
                        }
                    } catch (Exception e) {
                        throw new RampartException(
                                "errorInAddingTokenIntoStore", e);
                    }

                }
                //if this is a SAML1.1 assertion
                else {
                    final SAMLAssertion assertion =

                            ((SAMLAssertion) wser
                                    .get(WSSecurityEngineResult.TAG_SAML_ASSERTION));
                    String id = assertion.getId();
                    Date created = assertion.getNotBefore();
                    Date expires = assertion.getNotOnOrAfter();
                    SAMLKeyInfo samlKi = SAMLUtil.getSAMLKeyInfo(assertion,
                            signatureCrypto, tokenCallbackHandler);
                    try {
                        TokenStorage store = rmd.getTokenStorage();
                        if (store.getToken(id) == null) {
                            Token token = new Token(id, (OMElement) assertion.toDOM(), created, expires);
                            token.setSecret(samlKi.getSecret());
                            store.add(token);
                        }
                    } catch (Exception e) {
                        throw new RampartException(
View Full Code Here
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
        if (!(OpenSAMLUtil.isMethodSenderVouches(confirmationMethod)
            || OpenSAMLUtil.isMethodHolderOfKey(confirmationMethod))) {
            throw new WSSecurityException(WSSecurityException.FAILURE, "invalidSAMLsecurity");
        }
       
        Assertion saml2Assertion = assertion.getSaml2();
        if (saml2Assertion == null) {
            throw new WSSecurityException(WSSecurityException.FAILURE, "invalidSAMLsecurity");
        }
       
        List<AttributeStatement> attributeStatements = saml2Assertion.getAttributeStatements();
        if (attributeStatements == null || attributeStatements.isEmpty()) {
            throw new WSSecurityException(WSSecurityException.FAILURE, "invalidSAMLsecurity");
        }
       
        return validatedCredential;
View Full Code Here
71
72
73
74
75
76
77
78
79
80
81
    }

    public Element createToken(X509Certificate certificate) {
        try {
            Subject subject = createSubject(certificate);
            Assertion samlAssertion = createAuthnAssertion(subject);
            return SamlUtils.toDom(samlAssertion).getDocumentElement();
        } catch (Exception e) {
            throw new TokenException("Can't serialize SAML assertion", e);
        }
    }
View Full Code Here
80
81
82
83
84
85
86
87
88
89
90
        }
    }

    public Element createToken(String username) {
        Subject subject = createSubject(username);
        Assertion samlAssertion = createAuthnAssertion(subject);

        try {
            return SamlUtils.toDom(samlAssertion).getDocumentElement();
        } catch (Exception e) {
            throw new TokenException("Can't serialize SAML assertion", e);
View Full Code Here
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
                .setSubjectConfirmationData(keyInfoDataType);
        return subject;
    }

    private Assertion createAuthnAssertion(Subject subject) {
        Assertion assertion = createAssertion(subject);

        AuthnContextClassRef ref = (new AuthnContextClassRefBuilder())
                .buildObject();
        String authnCtx = SAML_AUTH_CONTEXT;
        if (authnCtx != null) {
            ref.setAuthnContextClassRef(authnCtx);
        }
        AuthnContext authnContext = (new AuthnContextBuilder()).buildObject();
        authnContext.setAuthnContextClassRef(ref);

        AuthnStatement authnStatement = (new AuthnStatementBuilder())
                .buildObject();
        authnStatement.setAuthnInstant(new DateTime());
        authnStatement.setAuthnContext(authnContext);

        assertion.getStatements().add(authnStatement);

        return assertion;
    }
View Full Code Here
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
        return assertion;
    }

    private Assertion createAssertion(Subject subject) {
        Assertion assertion = (new AssertionBuilder()).buildObject();
        try {
            SecureRandomIdentifierGenerator generator = new SecureRandomIdentifierGenerator();
            assertion.setID(generator.generateIdentifier());
        } catch (NoSuchAlgorithmException e) {
            LOG.log(Level.WARNING, e.getMessage(), e);
        }

        DateTime now = new DateTime();
        assertion.setIssueInstant(now);

        String issuerURL = "http://www.sopera.de/SAML2";
        if (issuerURL != null) {
            Issuer issuer = (new IssuerBuilder()).buildObject();
            issuer.setValue(issuerURL);
            assertion.setIssuer(issuer);
        }

        assertion.setSubject(subject);

        Conditions conditions = (new ConditionsBuilder()).buildObject();
        conditions.setNotBefore(now.minusMillis(3600000));
        conditions.setNotOnOrAfter(now.plusMillis(3600000));
        assertion.setConditions(conditions);
        return assertion;
    }
View Full Code Here
41
42
43
44
45
46
47
48
49
50
51
    @Override
    public Credential validate(Credential credential, RequestData data) throws WSSecurityException {
        Credential validatedCredential = super.validate(credential, data);
        AssertionWrapper assertion = validatedCredential.getAssertion();
       
        Assertion saml2Assertion = assertion.getSaml2();
        if (saml2Assertion == null) {
            throw new WSSecurityException(WSSecurityException.FAILURE, "invalidSAMLsecurity");
        }
       
        return validatedCredential;
View Full Code Here
TOP

Related Classes of org.opensaml.saml2.core.Assertion

  • demo.sts.provider.token.Saml2TokenProvider
  • org.apache.cxf.rs.security.oauth2.saml.SamlOAuthValidator
  • org.apache.cxf.rs.security.saml.sso.AbstractServiceProviderFilter
  • org.apache.cxf.rs.security.saml.sso.AuthnRequestBuilderTest
  • org.apache.cxf.rs.security.saml.sso.SAMLResponseValidatorTest
  • org.apache.cxf.rs.security.saml.sso.SAMLSSOResponseValidatorTest
  • org.apache.cxf.rt.security.xacml.SamlRequestComponentBuilder
  • org.apache.cxf.systest.sts.intermediary_transformation.OnBehalfOfValidator
  • org.apache.cxf.systest.sts.realms.DifferentRealmValidator
  • org.apache.cxf.systest.sts.username_actas.ActAsValidator
    • Copyright © 2018 www.massapicom. All rights reserved.
    All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.