Search in sources :

Example 11 with AttributeValue

use of com.sun.identity.entitlement.xacml3.core.AttributeValue in project verify-hub by alphagov.

the class VerifiedAttributesLoggerTest method shouldLogSurnameNameHistory.

@Test
public void shouldLogSurnameNameHistory() throws Exception {
    AttributeValue surnameAttributeValue = new PersonNameAttributeValueBuilder().withFrom(DateTime.parse("2000-12-31")).withVerified(true).build();
    Attribute surnameAttribute = new AttributeBuilder().buildObject();
    surnameAttribute.setName(IdaConstants.Attributes_1_1.Surname.NAME);
    surnameAttribute.getAttributeValues().add(surnameAttributeValue);
    List<Attribute> attributes = aMatchingDatasetAttributeStatement_1_1().withSurname(surnameAttribute).build().getAttributes();
    AttributeStatementLogData actual = mapper.readValue(formatAttributes("any-issuer", LEVEL_2, attributes), AttributeStatementLogData.class);
    Map<String, List<VerifiedAttributeLogData>> attributesMap = actual.getAttributes();
    assertThat(attributesMap.get(IdaConstants.Attributes_1_1.Surname.NAME)).isEqualTo(ImmutableList.of(new VerifiedAttributeLogData(true, null)));
}
Also used : AttributeValue(org.opensaml.saml.saml2.core.AttributeValue) AttributeBuilder(org.opensaml.saml.saml2.core.impl.AttributeBuilder) Attribute(org.opensaml.saml.saml2.core.Attribute) AttributeStatementLogData(uk.gov.ida.hub.samlengine.logging.data.AttributeStatementLogData) PersonNameAttributeValueBuilder(uk.gov.ida.saml.core.test.builders.PersonNameAttributeValueBuilder) List(java.util.List) ImmutableList(com.google.common.collect.ImmutableList) VerifiedAttributeLogData(uk.gov.ida.hub.samlengine.logging.data.VerifiedAttributeLogData) Test(org.junit.Test)

Example 12 with AttributeValue

use of com.sun.identity.entitlement.xacml3.core.AttributeValue in project verify-hub by alphagov.

the class VerifiedAttributesLoggerTest method shouldLogCurrentAddressHistory.

@Test
public void shouldLogCurrentAddressHistory() throws Exception {
    AttributeValue currentAddressAttributeValue = new AddressAttributeValueBuilder_1_1().withFrom(DateTime.now().minusYears(1)).withVerified(true).build();
    Attribute currentAddressAttribute = new AttributeBuilder().buildObject();
    currentAddressAttribute.setName(IdaConstants.Attributes_1_1.CurrentAddress.NAME);
    currentAddressAttribute.getAttributeValues().add(currentAddressAttributeValue);
    List<Attribute> attributes = aMatchingDatasetAttributeStatement_1_1().withCurrentAddress(currentAddressAttribute).build().getAttributes();
    AttributeStatementLogData actual = mapper.readValue(formatAttributes("any-issuer", LEVEL_2, attributes), AttributeStatementLogData.class);
    Map<String, List<VerifiedAttributeLogData>> attributesMap = actual.getAttributes();
    assertThat(attributesMap.get(IdaConstants.Attributes_1_1.CurrentAddress.NAME)).isEqualTo(ImmutableList.of(new VerifiedAttributeLogData(true, null)));
}
Also used : AttributeValue(org.opensaml.saml.saml2.core.AttributeValue) AddressAttributeValueBuilder_1_1(uk.gov.ida.saml.core.test.builders.AddressAttributeValueBuilder_1_1) AttributeBuilder(org.opensaml.saml.saml2.core.impl.AttributeBuilder) Attribute(org.opensaml.saml.saml2.core.Attribute) AttributeStatementLogData(uk.gov.ida.hub.samlengine.logging.data.AttributeStatementLogData) List(java.util.List) ImmutableList(com.google.common.collect.ImmutableList) VerifiedAttributeLogData(uk.gov.ida.hub.samlengine.logging.data.VerifiedAttributeLogData) Test(org.junit.Test)

Example 13 with AttributeValue

use of com.sun.identity.entitlement.xacml3.core.AttributeValue in project OpenAM by OpenRock.

the class XACMLPrivilegeUtils method getResourceNamesFromMatches.

static Set<String> getResourceNamesFromMatches(List<Match> matches) {
    if (matches == null) {
        return null;
    }
    Set<String> resourceNames = new HashSet<String>();
    for (Match match : matches) {
        String matchId = match.getMatchId();
        if ((matchId != null) && matchId.indexOf(":resource-match:") != -1) {
            AttributeValue attributeValue = match.getAttributeValue();
            if (attributeValue != null) {
                List<Object> contentList = attributeValue.getContent();
                if ((contentList != null) && !contentList.isEmpty()) {
                    // FIXME: log a warning if more than one element
                    Object obj = contentList.get(0);
                    resourceNames.add(obj.toString());
                }
            }
        }
    }
    return resourceNames;
}
Also used : AttributeValue(com.sun.identity.entitlement.xacml3.core.AttributeValue) JSONObject(org.json.JSONObject) HashSet(java.util.HashSet) Match(com.sun.identity.entitlement.xacml3.core.Match)

Example 14 with AttributeValue

use of com.sun.identity.entitlement.xacml3.core.AttributeValue in project OpenAM by OpenRock.

the class XACMLSchemaFactory method resourceAttributeToAdviceExpression.

/**
     * Convert one {@link com.sun.identity.entitlement.ResourceAttribute} object into an
     * {@link com.sun.identity.entitlement.xacml3.core.AdviceExpression} object.
     *
     * @param resourceAttribute The resource attribute
     * @return the advice expression
     * @throws com.sun.identity.entitlement.EntitlementException on JSON conversion errors
     */
public AdviceExpression resourceAttributeToAdviceExpression(ResourceAttribute resourceAttribute) throws EntitlementException {
    // A pseudo-urn to use for advice/attribute id
    final String adviceId = XACMLConstants.JSON_RESOURCE_ATTRIBUTE_ADVICE_ID + ":" + resourceAttribute.getClass().getName();
    AdviceExpression result = new AdviceExpression();
    AttributeValue attributeValue = factory.createAttributeValue();
    attributeValue.setDataType(XACMLConstants.XS_STRING);
    // We bypass much of the grief of conversion by getting JSON to do the heavy lifting for us.
    attributeValue.getContent().add(resourceAttributeUtil.toJSON(resourceAttribute));
    JAXBElement<AttributeValue> jaxbElement = factory.createAttributeValue(attributeValue);
    AttributeAssignmentExpression attributeAssignmentExpression = factory.createAttributeAssignmentExpression();
    attributeAssignmentExpression.setExpression(jaxbElement);
    attributeAssignmentExpression.setAttributeId(adviceId + ":" + resourceAttribute.getPropertyName());
    result.getAttributeAssignmentExpression().add(attributeAssignmentExpression);
    // Resource Attributes are returned on successful policy decisions
    result.setAppliesTo(EffectType.PERMIT);
    // Set an AdviceId to be in strict compliance with the schema
    result.setAdviceId(adviceId);
    return result;
}
Also used : AdviceExpression(com.sun.identity.entitlement.xacml3.core.AdviceExpression) AttributeValue(com.sun.identity.entitlement.xacml3.core.AttributeValue) AttributeAssignmentExpression(com.sun.identity.entitlement.xacml3.core.AttributeAssignmentExpression)

Example 15 with AttributeValue

use of com.sun.identity.entitlement.xacml3.core.AttributeValue in project OpenAM by OpenRock.

the class XACMLPrivilegeUtils method actionNameToMatch.

public static Match actionNameToMatch(String actionName, String applicationName) {
    if (actionName == null || actionName.length() == 0) {
        return null;
    }
    Match match = new Match();
    String matchId = XACMLConstants.ENTITLEMENT_ACTION_MATCH + ":" + applicationName;
    match.setMatchId(matchId);
    AttributeValue attributeValue = new AttributeValue();
    String dataType = XACMLConstants.XS_STRING;
    attributeValue.setDataType(dataType);
    attributeValue.getContent().add(actionName);
    AttributeDesignator attributeDesignator = new AttributeDesignator();
    String category = XACMLConstants.XACML_ACTION_CATEGORY;
    attributeDesignator.setCategory(category);
    String attributeId = XACMLConstants.XACML_ACTION_ID;
    attributeDesignator.setAttributeId(attributeId);
    String dt = XACMLConstants.XS_STRING;
    attributeDesignator.setDataType(dt);
    // TODO: not a constant?
    String issuer = XACMLConstants.ACTION_ISSUER;
    // attributeDesignator.setIssuer(issuer); // TODO: verify and fix
    boolean mustBePresent = true;
    attributeDesignator.setMustBePresent(mustBePresent);
    match.setAttributeValue(attributeValue);
    match.setAttributeDesignator(attributeDesignator);
    return match;
}
Also used : AttributeValue(com.sun.identity.entitlement.xacml3.core.AttributeValue) AttributeDesignator(com.sun.identity.entitlement.xacml3.core.AttributeDesignator) Match(com.sun.identity.entitlement.xacml3.core.Match)

Aggregations

AttributeValue (com.sun.identity.entitlement.xacml3.core.AttributeValue)20 Match (com.sun.identity.entitlement.xacml3.core.Match)10 JSONObject (org.json.JSONObject)9 AttributeDesignator (com.sun.identity.entitlement.xacml3.core.AttributeDesignator)7 List (java.util.List)7 ImmutableList (com.google.common.collect.ImmutableList)6 Test (org.junit.Test)6 Attribute (org.opensaml.saml.saml2.core.Attribute)6 AttributeValue (org.opensaml.saml.saml2.core.AttributeValue)6 AttributeBuilder (org.opensaml.saml.saml2.core.impl.AttributeBuilder)6 AttributeStatementLogData (uk.gov.ida.hub.samlengine.logging.data.AttributeStatementLogData)6 VerifiedAttributeLogData (uk.gov.ida.hub.samlengine.logging.data.VerifiedAttributeLogData)6 AnyOf (com.sun.identity.entitlement.xacml3.core.AnyOf)5 JAXBElement (javax.xml.bind.JAXBElement)5 EntitlementCondition (com.sun.identity.entitlement.EntitlementCondition)4 Condition (com.sun.identity.entitlement.xacml3.core.Condition)4 Rule (com.sun.identity.entitlement.xacml3.core.Rule)4 HashSet (java.util.HashSet)4 AllOf (com.sun.identity.entitlement.xacml3.core.AllOf)3 Apply (com.sun.identity.entitlement.xacml3.core.Apply)3