Example 11 with AttributeValue
use of com.sun.identity.entitlement.xacml3.core.AttributeValue in project verify-hub by alphagov.
the class VerifiedAttributesLoggerTest method shouldLogSurnameNameHistory.
@Test
public void shouldLogSurnameNameHistory() throws Exception {
AttributeValue surnameAttributeValue = new PersonNameAttributeValueBuilder().withFrom(DateTime.parse("2000-12-31")).withVerified(true).build();
Attribute surnameAttribute = new AttributeBuilder().buildObject();
surnameAttribute.setName(IdaConstants.Attributes_1_1.Surname.NAME);
surnameAttribute.getAttributeValues().add(surnameAttributeValue);
List<Attribute> attributes = aMatchingDatasetAttributeStatement_1_1().withSurname(surnameAttribute).build().getAttributes();
AttributeStatementLogData actual = mapper.readValue(formatAttributes("any-issuer", LEVEL_2, attributes), AttributeStatementLogData.class);
Map<String, List<VerifiedAttributeLogData>> attributesMap = actual.getAttributes();
assertThat(attributesMap.get(IdaConstants.Attributes_1_1.Surname.NAME)).isEqualTo(ImmutableList.of(new VerifiedAttributeLogData(true, null)));
}
Also used :
AttributeValue(org.opensaml.saml.saml2.core.AttributeValue)
AttributeBuilder(org.opensaml.saml.saml2.core.impl.AttributeBuilder)
Attribute(org.opensaml.saml.saml2.core.Attribute)
AttributeStatementLogData(uk.gov.ida.hub.samlengine.logging.data.AttributeStatementLogData)
PersonNameAttributeValueBuilder(uk.gov.ida.saml.core.test.builders.PersonNameAttributeValueBuilder)
List(java.util.List)
ImmutableList(com.google.common.collect.ImmutableList)
VerifiedAttributeLogData(uk.gov.ida.hub.samlengine.logging.data.VerifiedAttributeLogData)
Test(org.junit.Test)
Example 12 with AttributeValue
use of com.sun.identity.entitlement.xacml3.core.AttributeValue in project verify-hub by alphagov.
the class VerifiedAttributesLoggerTest method shouldLogCurrentAddressHistory.
@Test
public void shouldLogCurrentAddressHistory() throws Exception {
AttributeValue currentAddressAttributeValue = new AddressAttributeValueBuilder_1_1().withFrom(DateTime.now().minusYears(1)).withVerified(true).build();
Attribute currentAddressAttribute = new AttributeBuilder().buildObject();
currentAddressAttribute.setName(IdaConstants.Attributes_1_1.CurrentAddress.NAME);
currentAddressAttribute.getAttributeValues().add(currentAddressAttributeValue);
List<Attribute> attributes = aMatchingDatasetAttributeStatement_1_1().withCurrentAddress(currentAddressAttribute).build().getAttributes();
AttributeStatementLogData actual = mapper.readValue(formatAttributes("any-issuer", LEVEL_2, attributes), AttributeStatementLogData.class);
Map<String, List<VerifiedAttributeLogData>> attributesMap = actual.getAttributes();
assertThat(attributesMap.get(IdaConstants.Attributes_1_1.CurrentAddress.NAME)).isEqualTo(ImmutableList.of(new VerifiedAttributeLogData(true, null)));
}
Also used :
AttributeValue(org.opensaml.saml.saml2.core.AttributeValue)
AddressAttributeValueBuilder_1_1(uk.gov.ida.saml.core.test.builders.AddressAttributeValueBuilder_1_1)
AttributeBuilder(org.opensaml.saml.saml2.core.impl.AttributeBuilder)
Attribute(org.opensaml.saml.saml2.core.Attribute)
AttributeStatementLogData(uk.gov.ida.hub.samlengine.logging.data.AttributeStatementLogData)
List(java.util.List)
ImmutableList(com.google.common.collect.ImmutableList)
VerifiedAttributeLogData(uk.gov.ida.hub.samlengine.logging.data.VerifiedAttributeLogData)
Test(org.junit.Test)
Example 13 with AttributeValue
use of com.sun.identity.entitlement.xacml3.core.AttributeValue in project OpenAM by OpenRock.
the class XACMLPrivilegeUtils method getResourceNamesFromMatches.
static Set<String> getResourceNamesFromMatches(List<Match> matches) {
if (matches == null) {
return null;
}
Set<String> resourceNames = new HashSet<String>();
for (Match match : matches) {
String matchId = match.getMatchId();
if ((matchId != null) && matchId.indexOf(":resource-match:") != -1) {
AttributeValue attributeValue = match.getAttributeValue();
if (attributeValue != null) {
List<Object> contentList = attributeValue.getContent();
if ((contentList != null) && !contentList.isEmpty()) {
// FIXME: log a warning if more than one element
Object obj = contentList.get(0);
resourceNames.add(obj.toString());
}
}
}
}
return resourceNames;
}
Also used :
AttributeValue(com.sun.identity.entitlement.xacml3.core.AttributeValue)
JSONObject(org.json.JSONObject)
HashSet(java.util.HashSet)
Match(com.sun.identity.entitlement.xacml3.core.Match)
Example 14 with AttributeValue
use of com.sun.identity.entitlement.xacml3.core.AttributeValue in project OpenAM by OpenRock.
the class XACMLSchemaFactory method resourceAttributeToAdviceExpression.
/**
* Convert one {@link com.sun.identity.entitlement.ResourceAttribute} object into an
* {@link com.sun.identity.entitlement.xacml3.core.AdviceExpression} object.
*
* @param resourceAttribute The resource attribute
* @return the advice expression
* @throws com.sun.identity.entitlement.EntitlementException on JSON conversion errors
*/
public AdviceExpression resourceAttributeToAdviceExpression(ResourceAttribute resourceAttribute) throws EntitlementException {
// A pseudo-urn to use for advice/attribute id
final String adviceId = XACMLConstants.JSON_RESOURCE_ATTRIBUTE_ADVICE_ID + ":" + resourceAttribute.getClass().getName();
AdviceExpression result = new AdviceExpression();
AttributeValue attributeValue = factory.createAttributeValue();
attributeValue.setDataType(XACMLConstants.XS_STRING);
// We bypass much of the grief of conversion by getting JSON to do the heavy lifting for us.
attributeValue.getContent().add(resourceAttributeUtil.toJSON(resourceAttribute));
JAXBElement<AttributeValue> jaxbElement = factory.createAttributeValue(attributeValue);
AttributeAssignmentExpression attributeAssignmentExpression = factory.createAttributeAssignmentExpression();
attributeAssignmentExpression.setExpression(jaxbElement);
attributeAssignmentExpression.setAttributeId(adviceId + ":" + resourceAttribute.getPropertyName());
result.getAttributeAssignmentExpression().add(attributeAssignmentExpression);
// Resource Attributes are returned on successful policy decisions
result.setAppliesTo(EffectType.PERMIT);
// Set an AdviceId to be in strict compliance with the schema
result.setAdviceId(adviceId);
return result;
}
Also used :
AdviceExpression(com.sun.identity.entitlement.xacml3.core.AdviceExpression)
AttributeValue(com.sun.identity.entitlement.xacml3.core.AttributeValue)
AttributeAssignmentExpression(com.sun.identity.entitlement.xacml3.core.AttributeAssignmentExpression)
Example 15 with AttributeValue
use of com.sun.identity.entitlement.xacml3.core.AttributeValue in project OpenAM by OpenRock.
the class XACMLPrivilegeUtils method actionNameToMatch.
public static Match actionNameToMatch(String actionName, String applicationName) {
if (actionName == null || actionName.length() == 0) {
return null;
}
Match match = new Match();
String matchId = XACMLConstants.ENTITLEMENT_ACTION_MATCH + ":" + applicationName;
match.setMatchId(matchId);
AttributeValue attributeValue = new AttributeValue();
String dataType = XACMLConstants.XS_STRING;
attributeValue.setDataType(dataType);
attributeValue.getContent().add(actionName);
AttributeDesignator attributeDesignator = new AttributeDesignator();
String category = XACMLConstants.XACML_ACTION_CATEGORY;
attributeDesignator.setCategory(category);
String attributeId = XACMLConstants.XACML_ACTION_ID;
attributeDesignator.setAttributeId(attributeId);
String dt = XACMLConstants.XS_STRING;
attributeDesignator.setDataType(dt);
// TODO: not a constant?
String issuer = XACMLConstants.ACTION_ISSUER;
// attributeDesignator.setIssuer(issuer); // TODO: verify and fix
boolean mustBePresent = true;
attributeDesignator.setMustBePresent(mustBePresent);
match.setAttributeValue(attributeValue);
match.setAttributeDesignator(attributeDesignator);
return match;
}
Also used :
AttributeValue(com.sun.identity.entitlement.xacml3.core.AttributeValue)
AttributeDesignator(com.sun.identity.entitlement.xacml3.core.AttributeDesignator)
Match(com.sun.identity.entitlement.xacml3.core.Match)
Aggregations
AttributeValue (com.sun.identity.entitlement.xacml3.core.AttributeValue)20
Match (com.sun.identity.entitlement.xacml3.core.Match)10
JSONObject (org.json.JSONObject)9
AttributeDesignator (com.sun.identity.entitlement.xacml3.core.AttributeDesignator)7
List (java.util.List)7
ImmutableList (com.google.common.collect.ImmutableList)6
Test (org.junit.Test)6
Attribute (org.opensaml.saml.saml2.core.Attribute)6
AttributeValue (org.opensaml.saml.saml2.core.AttributeValue)6
AttributeBuilder (org.opensaml.saml.saml2.core.impl.AttributeBuilder)6
AttributeStatementLogData (uk.gov.ida.hub.samlengine.logging.data.AttributeStatementLogData)6
VerifiedAttributeLogData (uk.gov.ida.hub.samlengine.logging.data.VerifiedAttributeLogData)6
AnyOf (com.sun.identity.entitlement.xacml3.core.AnyOf)5
JAXBElement (javax.xml.bind.JAXBElement)5
EntitlementCondition (com.sun.identity.entitlement.EntitlementCondition)4
Condition (com.sun.identity.entitlement.xacml3.core.Condition)4
Rule (com.sun.identity.entitlement.xacml3.core.Rule)4
HashSet (java.util.HashSet)4
AllOf (com.sun.identity.entitlement.xacml3.core.AllOf)3
Apply (com.sun.identity.entitlement.xacml3.core.Apply)3
