Example 1 with AudienceRestriction
use of com.sun.identity.saml2.assertion.AudienceRestriction in project OpenAM by OpenRock.
the class IDPSSOUtil method getConditions.
/**
* Returns a <code>SAML Conditions</code> object
*
* @param audienceEntityID the entity id of the audience
* @param effectiveTime the effective time of the assertion
* @return the <code>SAML Conditions</code> object
* @throws SAML2Exception if the operation is not successful
*/
protected static Conditions getConditions(String audienceEntityID, int notBeforeSkewTime, int effectiveTime) throws SAML2Exception {
String classMethod = "IDPSSOUtil.getConditions: ";
Conditions conditions = AssertionFactory.getInstance().createConditions();
Date date = new Date();
date.setTime(date.getTime() - notBeforeSkewTime * 1000);
conditions.setNotBefore(date);
date = new Date();
date.setTime(date.getTime() + effectiveTime * 1000);
conditions.setNotOnOrAfter(date);
List list = new ArrayList();
AudienceRestriction ar = getAudienceRestriction(audienceEntityID);
if (ar == null) {
SAML2Utils.debug.error(classMethod + "Unable to get Audience Restriction");
throw new SAML2Exception(SAML2Utils.bundle.getString("noAudienceRestriction"));
}
list.add(ar);
conditions.setAudienceRestrictions(list);
return conditions;
}
Also used :
SAML2Exception(com.sun.identity.saml2.common.SAML2Exception)
AudienceRestriction(com.sun.identity.saml2.assertion.AudienceRestriction)
ArrayList(java.util.ArrayList)
List(java.util.List)
ArrayList(java.util.ArrayList)
Conditions(com.sun.identity.saml2.assertion.Conditions)
Date(java.util.Date)
Example 2 with AudienceRestriction
use of com.sun.identity.saml2.assertion.AudienceRestriction in project OpenAM by OpenRock.
the class ConditionsImpl method toXMLString.
/**
* Returns a String representation
* @param includeNSPrefix Determines whether or not the namespace
* qualifier is prepended to the Element when converted
* @param declareNS Determines whether or not the namespace is
* declared within the Element.
* @return A String representation
* @exception SAML2Exception if something is wrong during conversion
*/
public String toXMLString(boolean includeNSPrefix, boolean declareNS) throws SAML2Exception {
StringBuffer sb = new StringBuffer(2000);
String NS = "";
String appendNS = "";
if (declareNS) {
NS = SAML2Constants.ASSERTION_DECLARE_STR;
}
if (includeNSPrefix) {
appendNS = SAML2Constants.ASSERTION_PREFIX;
}
sb.append("<").append(appendNS).append(CONDITIONS_ELEMENT).append(NS);
String str = null;
if (notBefore != null) {
str = DateUtils.toUTCDateFormat(notBefore);
sb.append(" ").append(NOT_BEFORE_ATTR).append("=\"").append(str).append("\"");
}
if (notOnOrAfter != null) {
str = DateUtils.toUTCDateFormat(notOnOrAfter);
sb.append(" ").append(NOT_ON_OR_AFTER_ATTR).append("=\"").append(str).append("\"");
}
sb.append(">\n");
int length = 0;
if (conditions != null) {
length = conditions.size();
for (int i = 0; i < length; i++) {
Condition condition = (Condition) conditions.get(i);
sb.append(condition.toXMLString(includeNSPrefix, false));
}
}
if (audienceRestrictions != null) {
length = audienceRestrictions.size();
for (int i = 0; i < length; i++) {
AudienceRestriction ar = (AudienceRestriction) audienceRestrictions.get(i);
sb.append(ar.toXMLString(includeNSPrefix, false));
}
}
if (oneTimeUses != null) {
length = oneTimeUses.size();
for (int i = 0; i < length; i++) {
OneTimeUse ar = (OneTimeUse) oneTimeUses.get(i);
sb.append(ar.toXMLString(includeNSPrefix, false));
}
}
if (proxyRestrictions != null) {
length = proxyRestrictions.size();
for (int i = 0; i < length; i++) {
ProxyRestriction pr = (ProxyRestriction) proxyRestrictions.get(i);
sb.append(pr.toXMLString(includeNSPrefix, false));
}
}
sb.append("</").append(appendNS).append(CONDITIONS_ELEMENT).append(">\n");
return sb.toString();
}
Also used :
Condition(com.sun.identity.saml2.assertion.Condition)
AudienceRestriction(com.sun.identity.saml2.assertion.AudienceRestriction)
OneTimeUse(com.sun.identity.saml2.assertion.OneTimeUse)
ProxyRestriction(com.sun.identity.saml2.assertion.ProxyRestriction)
Example 3 with AudienceRestriction
use of com.sun.identity.saml2.assertion.AudienceRestriction in project OpenAM by OpenRock.
the class AudienceRestrictionImpl method processElement.
private void processElement(Element element) throws SAML2Exception {
if (element == null) {
SAML2SDKUtils.debug.error("AudienceRestrictionImpl.processElement(): " + "invalid root element");
throw new SAML2Exception(SAML2SDKUtils.bundle.getString("invalid_element"));
}
String elemName = element.getLocalName();
if (elemName == null) {
SAML2SDKUtils.debug.error("AudienceRestrictionImpl.processElement(): " + "local name missing");
throw new SAML2Exception(SAML2SDKUtils.bundle.getString("missing_local_name"));
}
if (!elemName.equals(AUDIENCE_RESTRICTION_ELEMENT)) {
SAML2SDKUtils.debug.error("AudienceRestrictionImpl.processElement(): " + "invalid local name " + elemName);
throw new SAML2Exception(SAML2SDKUtils.bundle.getString("invalid_local_name"));
}
// starts processing subelements
NodeList nodes = element.getChildNodes();
int numOfNodes = nodes.getLength();
if (numOfNodes < 1) {
SAML2SDKUtils.debug.error("AudienceRestrictionImpl.processElement(): " + "AudienceRestriction has no subelements");
throw new SAML2Exception(SAML2SDKUtils.bundle.getString("missing_subelements"));
}
int nextElem = 0;
boolean hasAudience = false;
// The next subelements should all be <Audiences>
while (nextElem < numOfNodes) {
Node child = (Node) nodes.item(nextElem);
if (child.getNodeType() == Node.ELEMENT_NODE) {
String childName = child.getLocalName();
if (childName != null) {
if (childName.equals(AUDIENCE_ELEMENT)) {
audiences.add(XMLUtils.getElementValue((Element) child));
hasAudience = true;
} else {
SAML2SDKUtils.debug.error("AudienceRestrictionImpl.processElement(): " + "unexpected subelement " + childName);
throw new SAML2Exception(SAML2SDKUtils.bundle.getString("unexpected_subelement"));
}
}
}
nextElem++;
}
if (!hasAudience) {
SAML2SDKUtils.debug.error("AudienceRestrictionImpl.processElement(): " + "AudienceRestriction has no subelements");
throw new SAML2Exception(SAML2SDKUtils.bundle.getString("missing_subelements"));
}
}
Also used :
SAML2Exception(com.sun.identity.saml2.common.SAML2Exception)
NodeList(org.w3c.dom.NodeList)
Node(org.w3c.dom.Node)
Element(org.w3c.dom.Element)
Example 4 with AudienceRestriction
use of com.sun.identity.saml2.assertion.AudienceRestriction in project OpenAM by OpenRock.
the class AssertionGen method getCondition.
/**
*Add condition to the SAML assertion
*
*/
private Conditions getCondition(String SPEntityID) {
Conditions conditions = AssertionFactory.getInstance().createConditions();
AudienceRestriction ar = AssertionFactory.getInstance().createAudienceRestriction();
List SPIDList = new ArrayList();
List ARList = new ArrayList();
try {
conditions.setNotBefore(new Date());
SPIDList.add(SPEntityID);
ar.setAudience(SPIDList);
ARList.add(ar);
conditions.setAudienceRestrictions(ARList);
} catch (SAML2Exception ex) {
Logger.getLogger(AssertionGen.class.getName()).log(Level.SEVERE, null, ex);
}
return conditions;
}
Also used :
SAML2Exception(com.sun.identity.saml2.common.SAML2Exception)
ArrayList(java.util.ArrayList)
List(java.util.List)
ArrayList(java.util.ArrayList)
Date(java.util.Date)
Example 5 with AudienceRestriction
use of com.sun.identity.saml2.assertion.AudienceRestriction in project OpenAM by OpenRock.
the class IDPSSOUtil method getAudienceRestriction.
/**
* Returns a <code>SAML AudienceRestriction</code> object
*
* @param audienceEntityID the entity id of the audience
* @return the <code>SAML AudienceRestriction</code> object
* @throws SAML2Exception if the operation is not successful
*/
private static AudienceRestriction getAudienceRestriction(String audienceEntityID) throws SAML2Exception {
AudienceRestriction ar = AssertionFactory.getInstance().createAudienceRestriction();
if (audienceEntityID != null) {
List list = new ArrayList();
list.add(audienceEntityID);
ar.setAudience(list);
}
return ar;
}
Also used :
AudienceRestriction(com.sun.identity.saml2.assertion.AudienceRestriction)
ArrayList(java.util.ArrayList)
List(java.util.List)
ArrayList(java.util.ArrayList)
Aggregations
AudienceRestriction (com.sun.identity.saml2.assertion.AudienceRestriction)8
ArrayList (java.util.ArrayList)5
Date (java.util.Date)5
Conditions (com.sun.identity.saml2.assertion.Conditions)4
SAML2Exception (com.sun.identity.saml2.common.SAML2Exception)4
List (java.util.List)4
Condition (com.sun.identity.saml2.assertion.Condition)2
OneTimeUse (com.sun.identity.saml2.assertion.OneTimeUse)2
ProxyRestriction (com.sun.identity.saml2.assertion.ProxyRestriction)2
Issuer (com.sun.identity.saml2.assertion.Issuer)1
Subject (com.sun.identity.saml2.assertion.Subject)1
SubjectConfirmation (com.sun.identity.saml2.assertion.SubjectConfirmation)1
SubjectConfirmationData (com.sun.identity.saml2.assertion.SubjectConfirmationData)1
Iterator (java.util.Iterator)1
TokenCreationException (org.forgerock.openam.sts.TokenCreationException)1
Test (org.testng.annotations.Test)1
Element (org.w3c.dom.Element)1
Node (org.w3c.dom.Node)1
NodeList (org.w3c.dom.NodeList)1
