use of com.sun.identity.saml2.assertion.AssertionFactory in project OpenAM by OpenRock.
the class AttributeQueryUtil method constructAttrQueryForFedlet.
/**
* Constructs the Attribute Query used by the Fedlet to retrieve the
* values from IDP
*
* @param samlResp saml response
*
* @exception SAML2Exception if the operation is not successful
*
* @supported.api
*/
private static AttributeQuery constructAttrQueryForFedlet(String spEntityID, String idpEntityID, String nameIDValue, List<String> attrsList, String attrqMetaAlias, String attrProfileNameAlias, String subjectDN, boolean wantNameIDEncrypted) throws SAML2Exception {
String attrqEntityID = SAML2Utils.getSAML2MetaManager().getEntityByMetaAlias(attrqMetaAlias);
ProtocolFactory protocolFactory = ProtocolFactory.getInstance();
AssertionFactory assertionFactory = AssertionFactory.getInstance();
AttributeQuery attrQuery = protocolFactory.createAttributeQuery();
Issuer issuer = assertionFactory.createIssuer();
issuer.setValue(attrqEntityID);
attrQuery.setIssuer(issuer);
attrQuery.setID(SAML2Utils.generateID());
attrQuery.setVersion(SAML2Constants.VERSION_2_0);
attrQuery.setIssueInstant(new Date());
List attrs = new ArrayList();
for (String attributeName : attrsList) {
Attribute attr = assertionFactory.createAttribute();
attr.setName(attributeName);
attr.setNameFormat(SAML2Constants.BASIC_NAME_FORMAT);
attrs.add(attr);
}
attrQuery.setAttributes(attrs);
Subject subject = assertionFactory.createSubject();
NameID nameID = assertionFactory.createNameID();
nameID.setNameQualifier(idpEntityID);
nameID.setSPNameQualifier(spEntityID);
if (attrProfileNameAlias.equals(SAML2Constants.DEFAULT_ATTR_QUERY_PROFILE_ALIAS)) {
nameID.setFormat(SAML2Constants.NAMEID_TRANSIENT_FORMAT);
nameID.setValue(nameIDValue);
}
if (attrProfileNameAlias.equals(SAML2Constants.X509_SUBJECT_ATTR_QUERY_PROFILE_ALIAS)) {
nameID.setFormat(SAML2Constants.X509_SUBJECT_NAME);
nameID.setValue(subjectDN);
}
if (!wantNameIDEncrypted) {
subject.setNameID(nameID);
} else {
AttributeAuthorityDescriptorElement aad = metaManager.getAttributeAuthorityDescriptor("/", idpEntityID);
EncInfo encInfo = KeyUtil.getEncInfo(aad, idpEntityID, SAML2Constants.ATTR_AUTH_ROLE);
EncryptedID encryptedID = nameID.encrypt(encInfo.getWrappingKey(), encInfo.getDataEncAlgorithm(), encInfo.getDataEncStrength(), idpEntityID);
subject.setEncryptedID(encryptedID);
}
attrQuery.setSubject(subject);
return attrQuery;
}
use of com.sun.identity.saml2.assertion.AssertionFactory in project OpenAM by OpenRock.
the class DefaultLibraryIDPAttributeMapper method getSAMLAttribute.
/**
* Returns the SAML <code>Attribute</code> object.
*
* @param name attribute name.
* @param nameFormat Name format of the attribute
* @param values attribute values.
* @param hostEntityID Entity ID for hosted provider.
* @param remoteEntityID Entity ID for remote provider.
* @param realm the providers are in.
* @return SAML <code>Attribute</code> element.
* @exception SAML2Exception if any failure.
*/
protected Attribute getSAMLAttribute(String name, String nameFormat, Set<String> values, String hostEntityID, String remoteEntityID, String realm) throws SAML2Exception {
if (name == null) {
throw new SAML2Exception(bundle.getString("nullInput"));
}
AssertionFactory factory = AssertionFactory.getInstance();
Attribute attribute = factory.createAttribute();
attribute.setName(name);
if (nameFormat != null) {
attribute.setNameFormat(nameFormat);
}
if (values != null && !values.isEmpty()) {
boolean toEscape = needToEscapeXMLSpecialCharacters(hostEntityID, remoteEntityID, realm);
List<String> list = new ArrayList<String>();
for (String value : values) {
if (toEscape) {
list.add(XMLUtils.escapeSpecialCharacters(value));
} else {
list.add(value);
}
}
attribute.setAttributeValueString(list);
}
return attribute;
}
use of com.sun.identity.saml2.assertion.AssertionFactory in project OpenAM by OpenRock.
the class RequestAbstractImpl method parseDOMChileElements.
/**
* Parses child elements of the Docuemnt Element for this object.
*
* @param iter the child elements iterator.
* @throws SAML2Exception if error parsing the Document Element.
*/
protected void parseDOMChileElements(ListIterator iter) throws SAML2Exception {
AssertionFactory assertionFactory = AssertionFactory.getInstance();
ProtocolFactory protoFactory = ProtocolFactory.getInstance();
while (iter.hasNext()) {
Element childElement = (Element) iter.next();
String localName = childElement.getLocalName();
if (SAML2Constants.ISSUER.equals(localName)) {
validateIssuer();
nameID = assertionFactory.createIssuer(childElement);
} else if (SAML2Constants.SIGNATURE.equals(localName)) {
validateSignature();
signatureString = XMLUtils.print(childElement);
isSigned = true;
} else if (SAML2Constants.EXTENSIONS.equals(localName)) {
validateExtensions();
extensions = protoFactory.createExtensions(childElement);
} else {
iter.previous();
break;
}
}
}
use of com.sun.identity.saml2.assertion.AssertionFactory in project OpenAM by OpenRock.
the class LogoutResponseImpl method parseElement.
/**
* Parses the Docuemnt Element for this object.
*
* @param element the Document Element of this object.
* @throws SAML2Exception if error parsing the Document Element.
*/
private void parseElement(Element element) throws SAML2Exception {
AssertionFactory assertionFactory = AssertionFactory.getInstance();
ProtocolFactory protoFactory = ProtocolFactory.getInstance();
responseId = element.getAttribute(SAML2Constants.ID);
validateID(responseId);
version = element.getAttribute(SAML2Constants.VERSION);
validateVersion(version);
String issueInstantStr = element.getAttribute(SAML2Constants.ISSUE_INSTANT);
validateIssueInstant(issueInstantStr);
destination = element.getAttribute(SAML2Constants.DESTINATION);
consent = element.getAttribute(SAML2Constants.CONSENT);
inResponseTo = element.getAttribute(SAML2Constants.INRESPONSETO);
NodeList nList = element.getChildNodes();
if ((nList != null) && (nList.getLength() > 0)) {
for (int i = 0; i < nList.getLength(); i++) {
Node childNode = nList.item(i);
String cName = childNode.getLocalName();
if (cName != null) {
if (cName.equals(SAML2Constants.ISSUER)) {
issuer = assertionFactory.createIssuer((Element) childNode);
} else if (cName.equals(SAML2Constants.SIGNATURE)) {
signatureString = XMLUtils.getElementString((Element) childNode);
isSigned = true;
} else if (cName.equals(SAML2Constants.EXTENSIONS)) {
extensions = protoFactory.createExtensions((Element) childNode);
} else if (cName.equals(SAML2Constants.STATUS)) {
status = protoFactory.createStatus((Element) childNode);
validateStatus();
}
}
}
}
}
use of com.sun.identity.saml2.assertion.AssertionFactory in project OpenAM by OpenRock.
the class AssertionIDRequestImpl method parseDOMChileElements.
/**
* Parses child elements of the Docuemnt Element for this object.
*
* @param iter the child elements iterator.
* @throws SAML2Exception if error parsing the Document Element.
*/
protected void parseDOMChileElements(ListIterator iter) throws SAML2Exception {
super.parseDOMChileElements(iter);
AssertionFactory aFactory = AssertionFactory.getInstance();
while (iter.hasNext()) {
Element childElement = (Element) iter.next();
String localName = childElement.getLocalName();
if (SAML2Constants.ASSERTION_ID_REF.equals(localName)) {
AssertionIDRef assertionIDRef = aFactory.createAssertionIDRef(childElement);
if (assertionIDRefs == null) {
assertionIDRefs = new ArrayList();
}
assertionIDRefs.add(assertionIDRef);
} else {
iter.previous();
break;
}
}
if (assertionIDRefs == null) {
throw new SAML2Exception(SAML2Utils.bundle.getString("schemaViolation"));
}
}
Aggregations