Search in sources :

Example 16 with AttributeValue

use of com.sun.identity.entitlement.xacml3.core.AttributeValue in project OpenAM by OpenRock.

the class XACMLPrivilegeUtils method entitlementSubjectToAnyOfList.

// TODO: not used now, use, test, fix and verify
public static List<AnyOf> entitlementSubjectToAnyOfList(EntitlementSubject es) {
    if (es == null) {
        return null;
    }
    List<AnyOf> anyOfList = new ArrayList<AnyOf>();
    AnyOf anyOf = new AnyOf();
    anyOfList.add(anyOf);
    List<AllOf> allOfList = anyOf.getAllOf();
    AllOf allOf = new AllOf();
    allOfList.add(allOf);
    List<Match> matchList = allOf.getMatch();
    if (es instanceof UserSubject) {
        UserSubject us = (UserSubject) es;
        String userId = us.getID();
        Match match = new Match();
        matchList.add(match);
        match.setMatchId("user-subject-match");
        AttributeValue attributeValue = new AttributeValue();
        String dataType = "datatype";
        attributeValue.setDataType(dataType);
        attributeValue.getContent().add(userId);
        AttributeDesignator attributeDesignator = new AttributeDesignator();
        String category = "subject-category";
        attributeDesignator.setCategory(category);
        String attributeId = "user-subject:user-id";
        attributeDesignator.setAttributeId(attributeId);
        String dt = "xs;string";
        attributeDesignator.setDataType(dt);
        String issuer = "subject:issuer";
        // attributeDesignator.setIssuer(issuer); TODO: verify and fix
        boolean mustBePresent = true;
        attributeDesignator.setMustBePresent(mustBePresent);
        match.setAttributeValue(attributeValue);
        match.setAttributeDesignator(attributeDesignator);
    }
    return anyOfList;
}
Also used : AttributeValue(com.sun.identity.entitlement.xacml3.core.AttributeValue) AttributeDesignator(com.sun.identity.entitlement.xacml3.core.AttributeDesignator) AnyOf(com.sun.identity.entitlement.xacml3.core.AnyOf) UserSubject(com.sun.identity.entitlement.UserSubject) ArrayList(java.util.ArrayList) AllOf(com.sun.identity.entitlement.xacml3.core.AllOf) Match(com.sun.identity.entitlement.xacml3.core.Match)

Example 17 with AttributeValue

use of com.sun.identity.entitlement.xacml3.core.AttributeValue in project OpenAM by OpenRock.

the class XACMLPrivilegeUtils method resourceNameToNotMatch.

public static Match resourceNameToNotMatch(String resourceName, String applicationName) {
    if (resourceName == null || resourceName.length() == 0) {
        return null;
    }
    Match match = new Match();
    String matchId = XACMLConstants.ENTITLEMENT_RESOURCE_NO_MATCH + ":" + applicationName;
    match.setMatchId(matchId);
    AttributeValue attributeValue = new AttributeValue();
    String dataType = XACMLConstants.XS_STRING;
    attributeValue.setDataType(dataType);
    attributeValue.getContent().add(resourceName);
    AttributeDesignator attributeDesignator = new AttributeDesignator();
    String category = XACMLConstants.XACML_RESOURCE_CATEGORY;
    attributeDesignator.setCategory(category);
    String attributeId = XACMLConstants.XACML_RESOURCE_ID;
    attributeDesignator.setAttributeId(attributeId);
    String dt = XACMLConstants.XS_STRING;
    attributeDesignator.setDataType(dt);
    // TODO: not a constant?
    String issuer = XACMLConstants.RESOURCE_ISSUER;
    // attributeDesignator.setIssuer(issuer); TODO: verify and fix
    boolean mustBePresent = true;
    attributeDesignator.setMustBePresent(mustBePresent);
    match.setAttributeValue(attributeValue);
    match.setAttributeDesignator(attributeDesignator);
    return match;
}
Also used : AttributeValue(com.sun.identity.entitlement.xacml3.core.AttributeValue) AttributeDesignator(com.sun.identity.entitlement.xacml3.core.AttributeDesignator) Match(com.sun.identity.entitlement.xacml3.core.Match)

Example 18 with AttributeValue

use of com.sun.identity.entitlement.xacml3.core.AttributeValue in project OpenAM by OpenRock.

the class XACMLPrivilegeUtils method getVariableById.

public static String getVariableById(Policy policy, String id) {
    String val = null;
    List<Object> vrList = policy.getCombinerParametersOrRuleCombinerParametersOrVariableDefinition();
    for (Object obj : vrList) {
        if (obj instanceof VariableDefinition) {
            VariableDefinition vd = (VariableDefinition) obj;
            if (vd.getVariableId().equals(id)) {
                JAXBElement<AttributeValue> jav = (JAXBElement<AttributeValue>) vd.getExpression();
                AttributeValue attributeValue = (AttributeValue) jav.getValue();
                val = attributeValue.getContent().get(0).toString();
            }
        }
    }
    return val;
}
Also used : AttributeValue(com.sun.identity.entitlement.xacml3.core.AttributeValue) VariableDefinition(com.sun.identity.entitlement.xacml3.core.VariableDefinition) JSONObject(org.json.JSONObject) JAXBElement(javax.xml.bind.JAXBElement)

Example 19 with AttributeValue

use of com.sun.identity.entitlement.xacml3.core.AttributeValue in project OpenAM by OpenRock.

the class XACMLPrivilegeUtils method entitlementSubjectToAnyOf.

public static AnyOf entitlementSubjectToAnyOf(EntitlementSubject es) throws JAXBException {
    if (es == null) {
        return null;
    }
    AnyOf anyOf = new AnyOf();
    List<AllOf> allOfList = anyOf.getAllOf();
    AllOf allOf = new AllOf();
    allOfList.add(allOf);
    List<Match> matchList = allOf.getMatch();
    Match match = new Match();
    matchList.add(match);
    match.setMatchId(XACMLConstants.JSON_SUBJECT_MATCH);
    AttributeValue attributeValue = new AttributeValue();
    String dataType = XACMLConstants.JSON_SUBJECT_DATATYPE + ":" + es.getClass().getName();
    attributeValue.setDataType(dataType);
    String esString = es.getState();
    attributeValue.getContent().add(esString);
    AttributeDesignator attributeDesignator = new AttributeDesignator();
    String category = XACMLConstants.XACML_ACCESS_SUBJECT_CATEGORY;
    attributeDesignator.setCategory(category);
    String attributeId = XACMLConstants.JSON_SUBJECT_ID;
    attributeDesignator.setAttributeId(attributeId);
    String dt = XACMLConstants.JSON_SUBJECT_DATATYPE + ":" + es.getClass().getName();
    attributeDesignator.setDataType(dt);
    // TODO: not a constant?
    String issuer = XACMLConstants.SUBJECT_ISSUER;
    //attributeDesignator.setIssuer(issuer); //TODO: verify and fix
    boolean mustBePresent = true;
    attributeDesignator.setMustBePresent(mustBePresent);
    match.setAttributeValue(attributeValue);
    match.setAttributeDesignator(attributeDesignator);
    return anyOf;
}
Also used : AttributeValue(com.sun.identity.entitlement.xacml3.core.AttributeValue) AttributeDesignator(com.sun.identity.entitlement.xacml3.core.AttributeDesignator) AnyOf(com.sun.identity.entitlement.xacml3.core.AnyOf) AllOf(com.sun.identity.entitlement.xacml3.core.AllOf) Match(com.sun.identity.entitlement.xacml3.core.Match)

Example 20 with AttributeValue

use of com.sun.identity.entitlement.xacml3.core.AttributeValue in project OpenAM by OpenRock.

the class XACMLSchemaFactoryTest method checkEqualAttributeAssignmentExpressions.

/**
     * @param first First attribute assignment expression to check
     * @param second Second attribute assignment expression to check
     * @return true if both attribute assignment expressions contain the same values, false otherwise
     */
private boolean checkEqualAttributeAssignmentExpressions(AttributeAssignmentExpression first, AttributeAssignmentExpression second) {
    if (first == null && second == null) {
        return true;
    }
    if (first == null || second == null) {
        return false;
    }
    JAXBElement<?> firstJaxbElement = first.getExpression();
    JAXBElement<?> secondJaxbElement = second.getExpression();
    Object firstObject = firstJaxbElement.getValue();
    Object secondObject = secondJaxbElement.getValue();
    if (firstObject == null && secondObject == null) {
        return true;
    }
    if (firstObject == null || secondObject == null) {
        return false;
    }
    if (!(firstObject instanceof AttributeValue) || !(secondObject instanceof AttributeValue)) {
        return false;
    }
    AttributeValue firstAttributeValue = (AttributeValue) firstObject;
    AttributeValue secondAttributeValue = (AttributeValue) secondObject;
    return checkEqualAttributeValues(firstAttributeValue, secondAttributeValue);
}
Also used : AttributeValue(com.sun.identity.entitlement.xacml3.core.AttributeValue)

Aggregations

AttributeValue (com.sun.identity.entitlement.xacml3.core.AttributeValue)20 Match (com.sun.identity.entitlement.xacml3.core.Match)10 JSONObject (org.json.JSONObject)9 AttributeDesignator (com.sun.identity.entitlement.xacml3.core.AttributeDesignator)7 List (java.util.List)7 ImmutableList (com.google.common.collect.ImmutableList)6 Test (org.junit.Test)6 Attribute (org.opensaml.saml.saml2.core.Attribute)6 AttributeValue (org.opensaml.saml.saml2.core.AttributeValue)6 AttributeBuilder (org.opensaml.saml.saml2.core.impl.AttributeBuilder)6 AttributeStatementLogData (uk.gov.ida.hub.samlengine.logging.data.AttributeStatementLogData)6 VerifiedAttributeLogData (uk.gov.ida.hub.samlengine.logging.data.VerifiedAttributeLogData)6 AnyOf (com.sun.identity.entitlement.xacml3.core.AnyOf)5 JAXBElement (javax.xml.bind.JAXBElement)5 EntitlementCondition (com.sun.identity.entitlement.EntitlementCondition)4 Condition (com.sun.identity.entitlement.xacml3.core.Condition)4 Rule (com.sun.identity.entitlement.xacml3.core.Rule)4 HashSet (java.util.HashSet)4 AllOf (com.sun.identity.entitlement.xacml3.core.AllOf)3 Apply (com.sun.identity.entitlement.xacml3.core.Apply)3