Example 26 with Issuer
use of com.sun.identity.saml2.assertion.Issuer in project OpenAM by OpenRock.
the class ManageNameIDResponseImpl method parseElement.
private void parseElement(Element element) throws SAML2Exception {
AssertionFactory af = AssertionFactory.getInstance();
ProtocolFactory pf = ProtocolFactory.getInstance();
// make sure that the input xml block is not null
if (element == null) {
if (SAML2SDKUtils.debug.messageEnabled()) {
SAML2SDKUtils.debug.message("ManageNameIDResponseImpl.parseElement: Input is null.");
}
throw new SAML2Exception(SAML2SDKUtils.bundle.getString("nullInput"));
}
// Make sure this is an EncryptedAssertion.
String tag = null;
tag = element.getLocalName();
if ((tag == null) || (!tag.equals(elementName))) {
if (SAML2SDKUtils.debug.messageEnabled()) {
SAML2SDKUtils.debug.message("ManageNameIDResponseImpl.parseElement:" + "not ManageNameIDResponse.");
}
throw new SAML2Exception(SAML2SDKUtils.bundle.getString("wrongInput"));
}
responseId = element.getAttribute("ID");
validateID(responseId);
version = element.getAttribute("Version");
validateVersion(version);
String issueInstantStr = element.getAttribute("IssueInstant");
validateIssueInstant(issueInstantStr);
destination = element.getAttribute("Destination");
consent = element.getAttribute("Consent");
inResponseTo = element.getAttribute("InResponseTo");
NodeList nList = element.getChildNodes();
if ((nList != null) && (nList.getLength() > 0)) {
for (int i = 0; i < nList.getLength(); i++) {
Node childNode = nList.item(i);
String cName = childNode.getLocalName();
if (cName != null) {
if (cName.equals("Issuer")) {
issuer = af.createIssuer((Element) childNode);
} else if (cName.equals("Signature")) {
signatureString = XMLUtils.getElementString((Element) childNode);
isSigned = true;
} else if (cName.equals("Extensions")) {
extensions = pf.createExtensions((Element) childNode);
} else if (cName.equals("Status")) {
status = pf.createStatus((Element) childNode);
}
}
}
}
}
Also used :
ProtocolFactory(com.sun.identity.saml2.protocol.ProtocolFactory)
SAML2Exception(com.sun.identity.saml2.common.SAML2Exception)
AssertionFactory(com.sun.identity.saml2.assertion.AssertionFactory)
NodeList(org.w3c.dom.NodeList)
Node(org.w3c.dom.Node)
Element(org.w3c.dom.Element)
Example 27 with Issuer
use of com.sun.identity.saml2.assertion.Issuer in project OpenAM by OpenRock.
the class SAML2PostAuthenticationPlugin method createLogoutRequest.
private LogoutRequest createLogoutRequest(String metaAlias, String realm, String idpEntityId, EndpointType logoutEndpoint, NameID nameId, String sessionIndex) throws SAML2Exception, SessionException {
// generate unique request ID
final String requestID = SAML2Utils.generateID();
if ((requestID == null) || (requestID.length() == 0)) {
DEBUG.warning("SAML2 PAP :: Unable to perform single logout, unable to generate request ID - {}", SAML2Utils.bundle.getString("cannotGenerateID"));
throw new SAML2Exception(SAML2Utils.BUNDLE_NAME, "cannotGenerateID", new Object[0]);
}
final String spEntityID = META_MANAGER.getEntityByMetaAlias(metaAlias);
final Issuer issuer = SAML2Utils.createIssuer(spEntityID);
final LogoutRequest logoutReq = ProtocolFactory.getInstance().createLogoutRequest();
logoutReq.setID(requestID);
logoutReq.setVersion(SAML2Constants.VERSION_2_0);
logoutReq.setIssueInstant(new Date());
logoutReq.setIssuer(issuer);
if (sessionIndex != null) {
logoutReq.setSessionIndex(Collections.singletonList(sessionIndex));
}
String location = logoutEndpoint.getLocation();
logoutReq.setDestination(XMLUtils.escapeSpecialCharacters(location));
LogoutUtil.setNameIDForSLORequest(logoutReq, nameId, realm, spEntityID, SAML2Constants.SP_ROLE, idpEntityId);
return logoutReq;
}
Also used :
SAML2Exception(com.sun.identity.saml2.common.SAML2Exception)
Issuer(com.sun.identity.saml2.assertion.Issuer)
LogoutRequest(com.sun.identity.saml2.protocol.LogoutRequest)
Date(java.util.Date)
Example 28 with Issuer
use of com.sun.identity.saml2.assertion.Issuer in project OpenAM by OpenRock.
the class AssertionGen method getAssertion.
/**
*Generate SAML arrestion and return Assertion object
*
*/
private Assertion getAssertion(String[] attrName, String[] attrValue) {
Assertion assertion = AssertionFactory.getInstance().createAssertion();
MetaDataParser lparser = new MetaDataParser();
String IDPEntityID = lparser.getIDPEntityID();
String SPEntityID = lparser.getSPEntityID();
String SPBaseUrl = lparser.getSPbaseUrl();
try {
assertion.setID(SAML2Utils.generateID());
assertion.setVersion(SAML2Constants.VERSION_2_0);
assertion.setIssueInstant(new Date());
Issuer issuer = AssertionFactory.getInstance().createIssuer();
issuer.setValue(IDPEntityID);
assertion.setIssuer(issuer);
assertion.setAuthnStatements(getAuthStatementList());
assertion.setSubject(getSubject(SPEntityID, SPBaseUrl, IDPEntityID));
assertion.setConditions(getCondition(SPEntityID));
if (attrName.length > 0 && !attrName[0].equals("null"))
assertion.setAttributeStatements(getAttributeList(attrName, attrValue));
KeyProvider kp = KeyUtil.getKeyProviderInstance();
assertion.sign(kp.getPrivateKey("test"), kp.getX509Certificate("test"));
return assertion;
} catch (SAML2Exception ex) {
Logger.getLogger(AssertionGen.class.getName()).log(Level.SEVERE, null, ex);
}
return assertion;
}
Also used :
KeyProvider(com.sun.identity.saml.xmlsig.KeyProvider)
SAML2Exception(com.sun.identity.saml2.common.SAML2Exception)
Date(java.util.Date)
Example 29 with Issuer
use of com.sun.identity.saml2.assertion.Issuer in project OpenAM by OpenRock.
the class AssertionGen method getResponse.
/**
*Generate SAML response and return the xml string
*
*/
public String getResponse(String[] attrName, String[] attrValue) {
try {
Response res = ProtocolFactory.getInstance().createResponse();
List assertionList = new ArrayList();
Status status = ProtocolFactory.getInstance().createStatus();
StatusCode scode = ProtocolFactory.getInstance().createStatusCode();
MetaDataParser lparser = new MetaDataParser();
String IDPEntityID = lparser.getIDPEntityID();
String SPEntityID = lparser.getSPEntityID();
Assertion assertion = getAssertion(attrName, attrValue);
assertionList.add(assertion);
res.setAssertion(assertionList);
res.setID(SAML2Utils.generateID());
res.setVersion(SAML2Constants.VERSION_2_0);
res.setIssueInstant(new Date());
scode.setValue(SAML2Constants.SUCCESS);
status.setStatusCode(scode);
res.setStatus(status);
Issuer issuer = AssertionFactory.getInstance().createIssuer();
issuer.setValue(IDPEntityID);
res.setIssuer(issuer);
res.setDestination(SPEntityID);
return res.toXMLString(true, true);
} catch (SAML2Exception ex) {
Logger.getLogger(AssertionGen.class.getName()).log(Level.SEVERE, null, ex);
}
return null;
}
Also used :
SAML2Exception(com.sun.identity.saml2.common.SAML2Exception)
ArrayList(java.util.ArrayList)
List(java.util.List)
ArrayList(java.util.ArrayList)
Date(java.util.Date)
Example 30 with Issuer
use of com.sun.identity.saml2.assertion.Issuer in project OpenAM by OpenRock.
the class AssertionImpl method toXMLString.
/**
* Returns a String representation
* @param includeNSPrefix Determines whether or not the namespace
* qualifier is prepended to the Element when converted
* @param declareNS Determines whether or not the namespace is declared
* within the Element.
* @return A String representation
* @exception SAML2Exception if something is wrong during conversion
*/
@Override
public String toXMLString(boolean includeNSPrefix, boolean declareNS) throws SAML2Exception {
if ((signature != null) && (signedXMLString != null)) {
return signedXMLString;
}
StringBuffer sb = new StringBuffer(2000);
String NS = "";
String appendNS = "";
if (declareNS) {
NS = SAML2Constants.ASSERTION_DECLARE_STR;
}
if (includeNSPrefix) {
appendNS = SAML2Constants.ASSERTION_PREFIX;
}
sb.append("<").append(appendNS).append(ASSERTION_ELEMENT).append(NS);
if ((version == null) || (version.length() == 0)) {
SAML2SDKUtils.debug.error("AssertionImpl.toXMLString(): version missing");
throw new SAML2Exception(SAML2SDKUtils.bundle.getString("missing_assertion_version"));
}
sb.append(" ").append(ASSERTION_VERSION_ATTR).append("=\"").append(version).append("\"");
if ((id == null) || (id.length() == 0)) {
SAML2SDKUtils.debug.error("AssertionImpl.toXMLString(): assertion id missing");
throw new SAML2Exception(SAML2SDKUtils.bundle.getString("missing_assertion_id"));
}
sb.append(" ").append(ASSERTION_ID_ATTR).append("=\"").append(id).append("\"");
if (issueInstant == null) {
SAML2SDKUtils.debug.error("AssertionImpl.toXMLString(): issue instant missing");
throw new SAML2Exception(SAML2SDKUtils.bundle.getString("missing_issue_instant"));
}
String instantStr = DateUtils.toUTCDateFormat(issueInstant);
sb.append(" ").append(ASSERTION_ISSUEINSTANT_ATTR).append("=\"").append(instantStr).append("\"").append(">\n");
if (issuer == null) {
SAML2SDKUtils.debug.error("AssertionImpl.toXMLString(): issuer missing");
throw new SAML2Exception(SAML2SDKUtils.bundle.getString("missing_subelement_issuer"));
}
sb.append(issuer.toXMLString(includeNSPrefix, false));
if (signature != null) {
sb.append(signature);
}
if (subject != null) {
sb.append(subject.toXMLString(includeNSPrefix, false));
}
if (conditions != null) {
sb.append(conditions.toXMLString(includeNSPrefix, false));
}
if (advice != null) {
sb.append(advice.toXMLString(includeNSPrefix, false));
}
int length = 0;
if (statements != null) {
length = statements.size();
for (int i = 0; i < length; i++) {
String str = (String) statements.get(i);
sb.append(str);
}
}
if (authnStatements != null) {
length = authnStatements.size();
for (int i = 0; i < length; i++) {
AuthnStatement st = (AuthnStatement) authnStatements.get(i);
sb.append(st.toXMLString(includeNSPrefix, false));
}
}
if (authzDecisionStatements != null) {
length = authzDecisionStatements.size();
for (int i = 0; i < length; i++) {
AuthzDecisionStatement st = (AuthzDecisionStatement) authzDecisionStatements.get(i);
sb.append(st.toXMLString(includeNSPrefix, false));
}
}
if (attributeStatements != null) {
length = attributeStatements.size();
for (int i = 0; i < length; i++) {
AttributeStatement st = (AttributeStatement) attributeStatements.get(i);
sb.append(st.toXMLString(includeNSPrefix, false));
}
}
sb.append("</").append(appendNS).append(ASSERTION_ELEMENT).append(">\n");
//return SAML2Utils.removeNewLineChars(sb.toString());
return sb.toString();
}
Also used :
SAML2Exception(com.sun.identity.saml2.common.SAML2Exception)
AttributeStatement(com.sun.identity.saml2.assertion.AttributeStatement)
AuthzDecisionStatement(com.sun.identity.saml2.assertion.AuthzDecisionStatement)
AuthnStatement(com.sun.identity.saml2.assertion.AuthnStatement)
Aggregations
SAML2Exception (com.sun.identity.saml2.common.SAML2Exception)48
Issuer (com.sun.identity.saml2.assertion.Issuer)42
Date (java.util.Date)24
List (java.util.List)20
ArrayList (java.util.ArrayList)19
SAML2MetaException (com.sun.identity.saml2.meta.SAML2MetaException)15
Element (org.w3c.dom.Element)15
Assertion (com.sun.identity.saml2.assertion.Assertion)13
Response (com.sun.identity.saml2.protocol.Response)13
SessionException (com.sun.identity.plugin.session.SessionException)12
X509Certificate (java.security.cert.X509Certificate)12
EncryptedAssertion (com.sun.identity.saml2.assertion.EncryptedAssertion)11
SPSSODescriptorElement (com.sun.identity.saml2.jaxb.metadata.SPSSODescriptorElement)11
HttpServletResponse (javax.servlet.http.HttpServletResponse)11
Node (org.w3c.dom.Node)10
NodeList (org.w3c.dom.NodeList)10
AssertionFactory (com.sun.identity.saml2.assertion.AssertionFactory)8
IDPSSODescriptorElement (com.sun.identity.saml2.jaxb.metadata.IDPSSODescriptorElement)8
ProtocolFactory (com.sun.identity.saml2.protocol.ProtocolFactory)8
Status (com.sun.identity.saml2.protocol.Status)8
