use of com.sun.identity.saml2.assertion.Issuer in project OpenAM by OpenRock.
the class ManageNameIDResponseImpl method parseElement.
private void parseElement(Element element) throws SAML2Exception {
AssertionFactory af = AssertionFactory.getInstance();
ProtocolFactory pf = ProtocolFactory.getInstance();
// make sure that the input xml block is not null
if (element == null) {
if (SAML2SDKUtils.debug.messageEnabled()) {
SAML2SDKUtils.debug.message("ManageNameIDResponseImpl.parseElement: Input is null.");
}
throw new SAML2Exception(SAML2SDKUtils.bundle.getString("nullInput"));
}
// Make sure this is an EncryptedAssertion.
String tag = null;
tag = element.getLocalName();
if ((tag == null) || (!tag.equals(elementName))) {
if (SAML2SDKUtils.debug.messageEnabled()) {
SAML2SDKUtils.debug.message("ManageNameIDResponseImpl.parseElement:" + "not ManageNameIDResponse.");
}
throw new SAML2Exception(SAML2SDKUtils.bundle.getString("wrongInput"));
}
responseId = element.getAttribute("ID");
validateID(responseId);
version = element.getAttribute("Version");
validateVersion(version);
String issueInstantStr = element.getAttribute("IssueInstant");
validateIssueInstant(issueInstantStr);
destination = element.getAttribute("Destination");
consent = element.getAttribute("Consent");
inResponseTo = element.getAttribute("InResponseTo");
NodeList nList = element.getChildNodes();
if ((nList != null) && (nList.getLength() > 0)) {
for (int i = 0; i < nList.getLength(); i++) {
Node childNode = nList.item(i);
String cName = childNode.getLocalName();
if (cName != null) {
if (cName.equals("Issuer")) {
issuer = af.createIssuer((Element) childNode);
} else if (cName.equals("Signature")) {
signatureString = XMLUtils.getElementString((Element) childNode);
isSigned = true;
} else if (cName.equals("Extensions")) {
extensions = pf.createExtensions((Element) childNode);
} else if (cName.equals("Status")) {
status = pf.createStatus((Element) childNode);
}
}
}
}
}
use of com.sun.identity.saml2.assertion.Issuer in project OpenAM by OpenRock.
the class SAML2PostAuthenticationPlugin method createLogoutRequest.
private LogoutRequest createLogoutRequest(String metaAlias, String realm, String idpEntityId, EndpointType logoutEndpoint, NameID nameId, String sessionIndex) throws SAML2Exception, SessionException {
// generate unique request ID
final String requestID = SAML2Utils.generateID();
if ((requestID == null) || (requestID.length() == 0)) {
DEBUG.warning("SAML2 PAP :: Unable to perform single logout, unable to generate request ID - {}", SAML2Utils.bundle.getString("cannotGenerateID"));
throw new SAML2Exception(SAML2Utils.BUNDLE_NAME, "cannotGenerateID", new Object[0]);
}
final String spEntityID = META_MANAGER.getEntityByMetaAlias(metaAlias);
final Issuer issuer = SAML2Utils.createIssuer(spEntityID);
final LogoutRequest logoutReq = ProtocolFactory.getInstance().createLogoutRequest();
logoutReq.setID(requestID);
logoutReq.setVersion(SAML2Constants.VERSION_2_0);
logoutReq.setIssueInstant(new Date());
logoutReq.setIssuer(issuer);
if (sessionIndex != null) {
logoutReq.setSessionIndex(Collections.singletonList(sessionIndex));
}
String location = logoutEndpoint.getLocation();
logoutReq.setDestination(XMLUtils.escapeSpecialCharacters(location));
LogoutUtil.setNameIDForSLORequest(logoutReq, nameId, realm, spEntityID, SAML2Constants.SP_ROLE, idpEntityId);
return logoutReq;
}
use of com.sun.identity.saml2.assertion.Issuer in project OpenAM by OpenRock.
the class AssertionGen method getAssertion.
/**
*Generate SAML arrestion and return Assertion object
*
*/
private Assertion getAssertion(String[] attrName, String[] attrValue) {
Assertion assertion = AssertionFactory.getInstance().createAssertion();
MetaDataParser lparser = new MetaDataParser();
String IDPEntityID = lparser.getIDPEntityID();
String SPEntityID = lparser.getSPEntityID();
String SPBaseUrl = lparser.getSPbaseUrl();
try {
assertion.setID(SAML2Utils.generateID());
assertion.setVersion(SAML2Constants.VERSION_2_0);
assertion.setIssueInstant(new Date());
Issuer issuer = AssertionFactory.getInstance().createIssuer();
issuer.setValue(IDPEntityID);
assertion.setIssuer(issuer);
assertion.setAuthnStatements(getAuthStatementList());
assertion.setSubject(getSubject(SPEntityID, SPBaseUrl, IDPEntityID));
assertion.setConditions(getCondition(SPEntityID));
if (attrName.length > 0 && !attrName[0].equals("null"))
assertion.setAttributeStatements(getAttributeList(attrName, attrValue));
KeyProvider kp = KeyUtil.getKeyProviderInstance();
assertion.sign(kp.getPrivateKey("test"), kp.getX509Certificate("test"));
return assertion;
} catch (SAML2Exception ex) {
Logger.getLogger(AssertionGen.class.getName()).log(Level.SEVERE, null, ex);
}
return assertion;
}
use of com.sun.identity.saml2.assertion.Issuer in project OpenAM by OpenRock.
the class AssertionGen method getResponse.
/**
*Generate SAML response and return the xml string
*
*/
public String getResponse(String[] attrName, String[] attrValue) {
try {
Response res = ProtocolFactory.getInstance().createResponse();
List assertionList = new ArrayList();
Status status = ProtocolFactory.getInstance().createStatus();
StatusCode scode = ProtocolFactory.getInstance().createStatusCode();
MetaDataParser lparser = new MetaDataParser();
String IDPEntityID = lparser.getIDPEntityID();
String SPEntityID = lparser.getSPEntityID();
Assertion assertion = getAssertion(attrName, attrValue);
assertionList.add(assertion);
res.setAssertion(assertionList);
res.setID(SAML2Utils.generateID());
res.setVersion(SAML2Constants.VERSION_2_0);
res.setIssueInstant(new Date());
scode.setValue(SAML2Constants.SUCCESS);
status.setStatusCode(scode);
res.setStatus(status);
Issuer issuer = AssertionFactory.getInstance().createIssuer();
issuer.setValue(IDPEntityID);
res.setIssuer(issuer);
res.setDestination(SPEntityID);
return res.toXMLString(true, true);
} catch (SAML2Exception ex) {
Logger.getLogger(AssertionGen.class.getName()).log(Level.SEVERE, null, ex);
}
return null;
}
use of com.sun.identity.saml2.assertion.Issuer in project OpenAM by OpenRock.
the class AssertionImpl method toXMLString.
/**
* Returns a String representation
* @param includeNSPrefix Determines whether or not the namespace
* qualifier is prepended to the Element when converted
* @param declareNS Determines whether or not the namespace is declared
* within the Element.
* @return A String representation
* @exception SAML2Exception if something is wrong during conversion
*/
@Override
public String toXMLString(boolean includeNSPrefix, boolean declareNS) throws SAML2Exception {
if ((signature != null) && (signedXMLString != null)) {
return signedXMLString;
}
StringBuffer sb = new StringBuffer(2000);
String NS = "";
String appendNS = "";
if (declareNS) {
NS = SAML2Constants.ASSERTION_DECLARE_STR;
}
if (includeNSPrefix) {
appendNS = SAML2Constants.ASSERTION_PREFIX;
}
sb.append("<").append(appendNS).append(ASSERTION_ELEMENT).append(NS);
if ((version == null) || (version.length() == 0)) {
SAML2SDKUtils.debug.error("AssertionImpl.toXMLString(): version missing");
throw new SAML2Exception(SAML2SDKUtils.bundle.getString("missing_assertion_version"));
}
sb.append(" ").append(ASSERTION_VERSION_ATTR).append("=\"").append(version).append("\"");
if ((id == null) || (id.length() == 0)) {
SAML2SDKUtils.debug.error("AssertionImpl.toXMLString(): assertion id missing");
throw new SAML2Exception(SAML2SDKUtils.bundle.getString("missing_assertion_id"));
}
sb.append(" ").append(ASSERTION_ID_ATTR).append("=\"").append(id).append("\"");
if (issueInstant == null) {
SAML2SDKUtils.debug.error("AssertionImpl.toXMLString(): issue instant missing");
throw new SAML2Exception(SAML2SDKUtils.bundle.getString("missing_issue_instant"));
}
String instantStr = DateUtils.toUTCDateFormat(issueInstant);
sb.append(" ").append(ASSERTION_ISSUEINSTANT_ATTR).append("=\"").append(instantStr).append("\"").append(">\n");
if (issuer == null) {
SAML2SDKUtils.debug.error("AssertionImpl.toXMLString(): issuer missing");
throw new SAML2Exception(SAML2SDKUtils.bundle.getString("missing_subelement_issuer"));
}
sb.append(issuer.toXMLString(includeNSPrefix, false));
if (signature != null) {
sb.append(signature);
}
if (subject != null) {
sb.append(subject.toXMLString(includeNSPrefix, false));
}
if (conditions != null) {
sb.append(conditions.toXMLString(includeNSPrefix, false));
}
if (advice != null) {
sb.append(advice.toXMLString(includeNSPrefix, false));
}
int length = 0;
if (statements != null) {
length = statements.size();
for (int i = 0; i < length; i++) {
String str = (String) statements.get(i);
sb.append(str);
}
}
if (authnStatements != null) {
length = authnStatements.size();
for (int i = 0; i < length; i++) {
AuthnStatement st = (AuthnStatement) authnStatements.get(i);
sb.append(st.toXMLString(includeNSPrefix, false));
}
}
if (authzDecisionStatements != null) {
length = authzDecisionStatements.size();
for (int i = 0; i < length; i++) {
AuthzDecisionStatement st = (AuthzDecisionStatement) authzDecisionStatements.get(i);
sb.append(st.toXMLString(includeNSPrefix, false));
}
}
if (attributeStatements != null) {
length = attributeStatements.size();
for (int i = 0; i < length; i++) {
AttributeStatement st = (AttributeStatement) attributeStatements.get(i);
sb.append(st.toXMLString(includeNSPrefix, false));
}
}
sb.append("</").append(appendNS).append(ASSERTION_ELEMENT).append(">\n");
//return SAML2Utils.removeNewLineChars(sb.toString());
return sb.toString();
}
Aggregations