Search in sources :

Example 1 with AssertionFactory

use of com.sun.identity.saml2.assertion.AssertionFactory in project OpenAM by OpenRock.

the class AttributeQueryUtil method constructAttrQueryForFedlet.

/**
     * Constructs the Attribute Query used by the Fedlet to retrieve the 
     * values from IDP
     *
     * @param samlResp saml response
     *
     * @exception SAML2Exception if the operation is not successful
     *
     * @supported.api
     */
private static AttributeQuery constructAttrQueryForFedlet(String spEntityID, String idpEntityID, String nameIDValue, List<String> attrsList, String attrqMetaAlias, String attrProfileNameAlias, String subjectDN, boolean wantNameIDEncrypted) throws SAML2Exception {
    String attrqEntityID = SAML2Utils.getSAML2MetaManager().getEntityByMetaAlias(attrqMetaAlias);
    ProtocolFactory protocolFactory = ProtocolFactory.getInstance();
    AssertionFactory assertionFactory = AssertionFactory.getInstance();
    AttributeQuery attrQuery = protocolFactory.createAttributeQuery();
    Issuer issuer = assertionFactory.createIssuer();
    issuer.setValue(attrqEntityID);
    attrQuery.setIssuer(issuer);
    attrQuery.setID(SAML2Utils.generateID());
    attrQuery.setVersion(SAML2Constants.VERSION_2_0);
    attrQuery.setIssueInstant(new Date());
    List attrs = new ArrayList();
    for (String attributeName : attrsList) {
        Attribute attr = assertionFactory.createAttribute();
        attr.setName(attributeName);
        attr.setNameFormat(SAML2Constants.BASIC_NAME_FORMAT);
        attrs.add(attr);
    }
    attrQuery.setAttributes(attrs);
    Subject subject = assertionFactory.createSubject();
    NameID nameID = assertionFactory.createNameID();
    nameID.setNameQualifier(idpEntityID);
    nameID.setSPNameQualifier(spEntityID);
    if (attrProfileNameAlias.equals(SAML2Constants.DEFAULT_ATTR_QUERY_PROFILE_ALIAS)) {
        nameID.setFormat(SAML2Constants.NAMEID_TRANSIENT_FORMAT);
        nameID.setValue(nameIDValue);
    }
    if (attrProfileNameAlias.equals(SAML2Constants.X509_SUBJECT_ATTR_QUERY_PROFILE_ALIAS)) {
        nameID.setFormat(SAML2Constants.X509_SUBJECT_NAME);
        nameID.setValue(subjectDN);
    }
    if (!wantNameIDEncrypted) {
        subject.setNameID(nameID);
    } else {
        AttributeAuthorityDescriptorElement aad = metaManager.getAttributeAuthorityDescriptor("/", idpEntityID);
        EncInfo encInfo = KeyUtil.getEncInfo(aad, idpEntityID, SAML2Constants.ATTR_AUTH_ROLE);
        EncryptedID encryptedID = nameID.encrypt(encInfo.getWrappingKey(), encInfo.getDataEncAlgorithm(), encInfo.getDataEncStrength(), idpEntityID);
        subject.setEncryptedID(encryptedID);
    }
    attrQuery.setSubject(subject);
    return attrQuery;
}
Also used : Issuer(com.sun.identity.saml2.assertion.Issuer) Attribute(com.sun.identity.saml2.assertion.Attribute) NameID(com.sun.identity.saml2.assertion.NameID) ArrayList(java.util.ArrayList) AttributeAuthorityDescriptorElement(com.sun.identity.saml2.jaxb.metadata.AttributeAuthorityDescriptorElement) EncryptedID(com.sun.identity.saml2.assertion.EncryptedID) Date(java.util.Date) Subject(com.sun.identity.saml2.assertion.Subject) ProtocolFactory(com.sun.identity.saml2.protocol.ProtocolFactory) EncInfo(com.sun.identity.saml2.key.EncInfo) AssertionFactory(com.sun.identity.saml2.assertion.AssertionFactory) AttributeQuery(com.sun.identity.saml2.protocol.AttributeQuery) List(java.util.List) ArrayList(java.util.ArrayList)

Example 2 with AssertionFactory

use of com.sun.identity.saml2.assertion.AssertionFactory in project OpenAM by OpenRock.

the class DefaultLibraryIDPAttributeMapper method getSAMLAttribute.

/**
     * Returns the SAML <code>Attribute</code> object.
     *
     * @param name attribute name.
     * @param nameFormat Name format of the attribute
     * @param values attribute values.
     * @param hostEntityID Entity ID for hosted provider.
     * @param remoteEntityID Entity ID for remote provider.
     * @param realm the providers are in.
     * @return SAML <code>Attribute</code> element.
     * @exception SAML2Exception if any failure.
     */
protected Attribute getSAMLAttribute(String name, String nameFormat, Set<String> values, String hostEntityID, String remoteEntityID, String realm) throws SAML2Exception {
    if (name == null) {
        throw new SAML2Exception(bundle.getString("nullInput"));
    }
    AssertionFactory factory = AssertionFactory.getInstance();
    Attribute attribute = factory.createAttribute();
    attribute.setName(name);
    if (nameFormat != null) {
        attribute.setNameFormat(nameFormat);
    }
    if (values != null && !values.isEmpty()) {
        boolean toEscape = needToEscapeXMLSpecialCharacters(hostEntityID, remoteEntityID, realm);
        List<String> list = new ArrayList<String>();
        for (String value : values) {
            if (toEscape) {
                list.add(XMLUtils.escapeSpecialCharacters(value));
            } else {
                list.add(value);
            }
        }
        attribute.setAttributeValueString(list);
    }
    return attribute;
}
Also used : SAML2Exception(com.sun.identity.saml2.common.SAML2Exception) AssertionFactory(com.sun.identity.saml2.assertion.AssertionFactory) Attribute(com.sun.identity.saml2.assertion.Attribute) ArrayList(java.util.ArrayList)

Example 3 with AssertionFactory

use of com.sun.identity.saml2.assertion.AssertionFactory in project OpenAM by OpenRock.

the class RequestAbstractImpl method parseDOMChileElements.

/** 
     * Parses child elements of the Docuemnt Element for this object.
     * 
     * @param iter the child elements iterator.
     * @throws SAML2Exception if error parsing the Document Element.
     */
protected void parseDOMChileElements(ListIterator iter) throws SAML2Exception {
    AssertionFactory assertionFactory = AssertionFactory.getInstance();
    ProtocolFactory protoFactory = ProtocolFactory.getInstance();
    while (iter.hasNext()) {
        Element childElement = (Element) iter.next();
        String localName = childElement.getLocalName();
        if (SAML2Constants.ISSUER.equals(localName)) {
            validateIssuer();
            nameID = assertionFactory.createIssuer(childElement);
        } else if (SAML2Constants.SIGNATURE.equals(localName)) {
            validateSignature();
            signatureString = XMLUtils.print(childElement);
            isSigned = true;
        } else if (SAML2Constants.EXTENSIONS.equals(localName)) {
            validateExtensions();
            extensions = protoFactory.createExtensions(childElement);
        } else {
            iter.previous();
            break;
        }
    }
}
Also used : ProtocolFactory(com.sun.identity.saml2.protocol.ProtocolFactory) AssertionFactory(com.sun.identity.saml2.assertion.AssertionFactory) Element(org.w3c.dom.Element)

Example 4 with AssertionFactory

use of com.sun.identity.saml2.assertion.AssertionFactory in project OpenAM by OpenRock.

the class LogoutResponseImpl method parseElement.

/**
     * Parses the Docuemnt Element for this object.
     *
     * @param element the Document Element of this object.
     * @throws SAML2Exception if error parsing the Document Element.
     */
private void parseElement(Element element) throws SAML2Exception {
    AssertionFactory assertionFactory = AssertionFactory.getInstance();
    ProtocolFactory protoFactory = ProtocolFactory.getInstance();
    responseId = element.getAttribute(SAML2Constants.ID);
    validateID(responseId);
    version = element.getAttribute(SAML2Constants.VERSION);
    validateVersion(version);
    String issueInstantStr = element.getAttribute(SAML2Constants.ISSUE_INSTANT);
    validateIssueInstant(issueInstantStr);
    destination = element.getAttribute(SAML2Constants.DESTINATION);
    consent = element.getAttribute(SAML2Constants.CONSENT);
    inResponseTo = element.getAttribute(SAML2Constants.INRESPONSETO);
    NodeList nList = element.getChildNodes();
    if ((nList != null) && (nList.getLength() > 0)) {
        for (int i = 0; i < nList.getLength(); i++) {
            Node childNode = nList.item(i);
            String cName = childNode.getLocalName();
            if (cName != null) {
                if (cName.equals(SAML2Constants.ISSUER)) {
                    issuer = assertionFactory.createIssuer((Element) childNode);
                } else if (cName.equals(SAML2Constants.SIGNATURE)) {
                    signatureString = XMLUtils.getElementString((Element) childNode);
                    isSigned = true;
                } else if (cName.equals(SAML2Constants.EXTENSIONS)) {
                    extensions = protoFactory.createExtensions((Element) childNode);
                } else if (cName.equals(SAML2Constants.STATUS)) {
                    status = protoFactory.createStatus((Element) childNode);
                    validateStatus();
                }
            }
        }
    }
}
Also used : ProtocolFactory(com.sun.identity.saml2.protocol.ProtocolFactory) AssertionFactory(com.sun.identity.saml2.assertion.AssertionFactory) NodeList(org.w3c.dom.NodeList) Node(org.w3c.dom.Node) Element(org.w3c.dom.Element)

Example 5 with AssertionFactory

use of com.sun.identity.saml2.assertion.AssertionFactory in project OpenAM by OpenRock.

the class AssertionIDRequestImpl method parseDOMChileElements.

/** 
     * Parses child elements of the Docuemnt Element for this object.
     * 
     * @param iter the child elements iterator.
     * @throws SAML2Exception if error parsing the Document Element.
     */
protected void parseDOMChileElements(ListIterator iter) throws SAML2Exception {
    super.parseDOMChileElements(iter);
    AssertionFactory aFactory = AssertionFactory.getInstance();
    while (iter.hasNext()) {
        Element childElement = (Element) iter.next();
        String localName = childElement.getLocalName();
        if (SAML2Constants.ASSERTION_ID_REF.equals(localName)) {
            AssertionIDRef assertionIDRef = aFactory.createAssertionIDRef(childElement);
            if (assertionIDRefs == null) {
                assertionIDRefs = new ArrayList();
            }
            assertionIDRefs.add(assertionIDRef);
        } else {
            iter.previous();
            break;
        }
    }
    if (assertionIDRefs == null) {
        throw new SAML2Exception(SAML2Utils.bundle.getString("schemaViolation"));
    }
}
Also used : SAML2Exception(com.sun.identity.saml2.common.SAML2Exception) AssertionFactory(com.sun.identity.saml2.assertion.AssertionFactory) AssertionIDRef(com.sun.identity.saml2.assertion.AssertionIDRef) Element(org.w3c.dom.Element) ArrayList(java.util.ArrayList)

Aggregations

AssertionFactory (com.sun.identity.saml2.assertion.AssertionFactory)17 Element (org.w3c.dom.Element)11 SAML2Exception (com.sun.identity.saml2.common.SAML2Exception)9 ProtocolFactory (com.sun.identity.saml2.protocol.ProtocolFactory)9 ArrayList (java.util.ArrayList)8 Node (org.w3c.dom.Node)7 NodeList (org.w3c.dom.NodeList)7 Assertion (com.sun.identity.saml2.assertion.Assertion)3 Attribute (com.sun.identity.saml2.assertion.Attribute)3 Issuer (com.sun.identity.saml2.assertion.Issuer)3 Date (java.util.Date)3 List (java.util.List)3 EncryptedAssertion (com.sun.identity.saml2.assertion.EncryptedAssertion)2 NameID (com.sun.identity.saml2.assertion.NameID)2 Subject (com.sun.identity.saml2.assertion.Subject)2 AssertionIDRef (com.sun.identity.saml2.assertion.AssertionIDRef)1 AttributeStatement (com.sun.identity.saml2.assertion.AttributeStatement)1 AuthnContext (com.sun.identity.saml2.assertion.AuthnContext)1 AuthnStatement (com.sun.identity.saml2.assertion.AuthnStatement)1 Conditions (com.sun.identity.saml2.assertion.Conditions)1