Examples with Conditions com.sun.identity.saml2.assertion.Conditions used on opensource projects

Example 6 with Conditions

use of com.sun.identity.saml2.assertion.Conditions in project OpenAM by OpenRock.

the class AssertionGen method getCondition.

/**
 *Add condition to the SAML assertion
 *
 */
private Conditions getCondition(String SPEntityID) {
    Conditions conditions = AssertionFactory.getInstance().createConditions();
    AudienceRestriction ar = AssertionFactory.getInstance().createAudienceRestriction();
    List SPIDList = new ArrayList();
    List ARList = new ArrayList();
    try {
        conditions.setNotBefore(new Date());
        SPIDList.add(SPEntityID);
        ar.setAudience(SPIDList);
        ARList.add(ar);
        conditions.setAudienceRestrictions(ARList);
    } catch (SAML2Exception ex) {
        Logger.getLogger(AssertionGen.class.getName()).log(Level.SEVERE, null, ex);
    }
    return conditions;
}

Example 7 with Conditions

use of com.sun.identity.saml2.assertion.Conditions in project OpenAM by OpenRock.

the class AssertionImpl method toXMLString.

/**
    * Returns a String representation
    * @param includeNSPrefix Determines whether or not the namespace
    *        qualifier is prepended to the Element when converted
    * @param declareNS Determines whether or not the namespace is declared
    *        within the Element.
    * @return A String representation
    * @exception SAML2Exception if something is wrong during conversion
    */
@Override
public String toXMLString(boolean includeNSPrefix, boolean declareNS) throws SAML2Exception {
    if ((signature != null) && (signedXMLString != null)) {
        return signedXMLString;
    }
    StringBuffer sb = new StringBuffer(2000);
    String NS = "";
    String appendNS = "";
    if (declareNS) {
        NS = SAML2Constants.ASSERTION_DECLARE_STR;
    }
    if (includeNSPrefix) {
        appendNS = SAML2Constants.ASSERTION_PREFIX;
    }
    sb.append("<").append(appendNS).append(ASSERTION_ELEMENT).append(NS);
    if ((version == null) || (version.length() == 0)) {
        SAML2SDKUtils.debug.error("AssertionImpl.toXMLString(): version missing");
        throw new SAML2Exception(SAML2SDKUtils.bundle.getString("missing_assertion_version"));
    }
    sb.append(" ").append(ASSERTION_VERSION_ATTR).append("=\"").append(version).append("\"");
    if ((id == null) || (id.length() == 0)) {
        SAML2SDKUtils.debug.error("AssertionImpl.toXMLString(): assertion id missing");
        throw new SAML2Exception(SAML2SDKUtils.bundle.getString("missing_assertion_id"));
    }
    sb.append(" ").append(ASSERTION_ID_ATTR).append("=\"").append(id).append("\"");
    if (issueInstant == null) {
        SAML2SDKUtils.debug.error("AssertionImpl.toXMLString(): issue instant missing");
        throw new SAML2Exception(SAML2SDKUtils.bundle.getString("missing_issue_instant"));
    }
    String instantStr = DateUtils.toUTCDateFormat(issueInstant);
    sb.append(" ").append(ASSERTION_ISSUEINSTANT_ATTR).append("=\"").append(instantStr).append("\"").append(">\n");
    if (issuer == null) {
        SAML2SDKUtils.debug.error("AssertionImpl.toXMLString(): issuer missing");
        throw new SAML2Exception(SAML2SDKUtils.bundle.getString("missing_subelement_issuer"));
    }
    sb.append(issuer.toXMLString(includeNSPrefix, false));
    if (signature != null) {
        sb.append(signature);
    }
    if (subject != null) {
        sb.append(subject.toXMLString(includeNSPrefix, false));
    }
    if (conditions != null) {
        sb.append(conditions.toXMLString(includeNSPrefix, false));
    }
    if (advice != null) {
        sb.append(advice.toXMLString(includeNSPrefix, false));
    }
    int length = 0;
    if (statements != null) {
        length = statements.size();
        for (int i = 0; i < length; i++) {
            String str = (String) statements.get(i);
            sb.append(str);
        }
    }
    if (authnStatements != null) {
        length = authnStatements.size();
        for (int i = 0; i < length; i++) {
            AuthnStatement st = (AuthnStatement) authnStatements.get(i);
            sb.append(st.toXMLString(includeNSPrefix, false));
        }
    }
    if (authzDecisionStatements != null) {
        length = authzDecisionStatements.size();
        for (int i = 0; i < length; i++) {
            AuthzDecisionStatement st = (AuthzDecisionStatement) authzDecisionStatements.get(i);
            sb.append(st.toXMLString(includeNSPrefix, false));
        }
    }
    if (attributeStatements != null) {
        length = attributeStatements.size();
        for (int i = 0; i < length; i++) {
            AttributeStatement st = (AttributeStatement) attributeStatements.get(i);
            sb.append(st.toXMLString(includeNSPrefix, false));
        }
    }
    sb.append("</").append(appendNS).append(ASSERTION_ELEMENT).append(">\n");
    //return SAML2Utils.removeNewLineChars(sb.toString());
    return sb.toString();
}

Example 8 with Conditions

use of com.sun.identity.saml2.assertion.Conditions in project OpenAM by OpenRock.

the class IDPSSOUtil method getValidTimeofResponse.

public static long getValidTimeofResponse(String realm, String idpEntityID, Response response) throws SAML2Exception {
    // in seconds
    int timeskew = SAML2Constants.ASSERTION_TIME_SKEW_DEFAULT;
    String timeskewStr = getAttributeValueFromIDPSSOConfig(realm, idpEntityID, SAML2Constants.ASSERTION_TIME_SKEW);
    if (timeskewStr != null && timeskewStr.trim().length() > 0) {
        timeskew = Integer.parseInt(timeskewStr);
        if (timeskew < 0) {
            timeskew = SAML2Constants.ASSERTION_TIME_SKEW_DEFAULT;
        }
    }
    if (SAML2Utils.debug.messageEnabled()) {
        SAML2Utils.debug.message("timeskew = " + timeskew);
    }
    List assertions = response.getAssertion();
    if ((assertions == null) || (assertions.size() == 0)) {
        // failed case
        return (System.currentTimeMillis() + getEffectiveTime(realm, idpEntityID) + timeskew * 1000);
    }
    Assertion assertion = (Assertion) assertions.get(0);
    Conditions cond = assertion.getConditions();
    if (cond == null) {
        throw new SAML2Exception("nullConditions");
    }
    Date notOnOrAfter = cond.getNotOnOrAfter();
    long ret = notOnOrAfter.getTime() + timeskew * 1000;
    if (notOnOrAfter == null || (ret < System.currentTimeMillis())) {
        if (SAML2Utils.debug.messageEnabled()) {
            SAML2Utils.debug.message("Time in Assertion " + " is invalid.");
        }
        throw new SAML2Exception(SAML2Utils.bundle.getString("invalidTimeOnResponse"));
    }
    return ret;
}

Example 9 with Conditions

use of com.sun.identity.saml2.assertion.Conditions in project OpenAM by OpenRock.

the class AssertionImpl method makeImmutable.

/**
    * Makes the object immutable
    */
@Override
public void makeImmutable() {
    if (isMutable) {
        if (authnStatements != null) {
            int length = authnStatements.size();
            for (int i = 0; i < length; i++) {
                AuthnStatement authn = (AuthnStatement) authnStatements.get(i);
                authn.makeImmutable();
            }
            authnStatements = Collections.unmodifiableList(authnStatements);
        }
        if (authzDecisionStatements != null) {
            int length = authzDecisionStatements.size();
            for (int i = 0; i < length; i++) {
                AuthzDecisionStatement authz = (AuthzDecisionStatement) authzDecisionStatements.get(i);
                authz.makeImmutable();
            }
            authzDecisionStatements = Collections.unmodifiableList(authzDecisionStatements);
        }
        if (attributeStatements != null) {
            int length = attributeStatements.size();
            for (int i = 0; i < length; i++) {
                AttributeStatement attr = (AttributeStatement) attributeStatements.get(i);
                attr.makeImmutable();
            }
            attributeStatements = Collections.unmodifiableList(attributeStatements);
        }
        if (statements != null) {
            statements = Collections.unmodifiableList(statements);
        }
        if (conditions != null) {
            conditions.makeImmutable();
        }
        if (issuer != null) {
            issuer.makeImmutable();
        }
        if (subject != null) {
            subject.makeImmutable();
        }
        if (advice != null) {
            advice.makeImmutable();
        }
        isMutable = false;
    }
}

Example 10 with Conditions

use of com.sun.identity.saml2.assertion.Conditions in project OpenAM by OpenRock.

the class ConditionsImpl method makeImmutable.

/**
    * Makes the object immutable
    */
public void makeImmutable() {
    if (isMutable) {
        if (conditions != null) {
            int length = conditions.size();
            for (int i = 0; i < length; i++) {
                Condition condition = (Condition) conditions.get(i);
                condition.makeImmutable();
            }
            conditions = Collections.unmodifiableList(conditions);
        }
        if (audienceRestrictions != null) {
            int length = audienceRestrictions.size();
            for (int i = 0; i < length; i++) {
                AudienceRestriction ar = (AudienceRestriction) audienceRestrictions.get(i);
                ar.makeImmutable();
            }
            audienceRestrictions = Collections.unmodifiableList(audienceRestrictions);
        }
        if (oneTimeUses != null) {
            int length = oneTimeUses.size();
            for (int i = 0; i < length; i++) {
                OneTimeUse oneTimeUse = (OneTimeUse) oneTimeUses.get(i);
                oneTimeUse.makeImmutable();
            }
            oneTimeUses = Collections.unmodifiableList(oneTimeUses);
        }
        if (proxyRestrictions != null) {
            int length = proxyRestrictions.size();
            for (int i = 0; i < length; i++) {
                ProxyRestriction pr = (ProxyRestriction) proxyRestrictions.get(i);
                pr.makeImmutable();
            }
            proxyRestrictions = Collections.unmodifiableList(proxyRestrictions);
        }
        isMutable = false;
    }
}