Search in sources :

Example 1 with AttributeElement

use of com.sun.identity.saml2.jaxb.entityconfig.AttributeElement in project OpenAM by OpenRock.

the class AttributeQueryUtil method isValueValid.

private static boolean isValueValid(Attribute desiredAttr, AttributeElement supportedAttr) {
    List valuesD = desiredAttr.getAttributeValueString();
    if ((valuesD == null) || (valuesD.isEmpty())) {
        return true;
    }
    List attrValuesS = supportedAttr.getAttributeValue();
    if ((attrValuesS == null) || (attrValuesS.isEmpty())) {
        return true;
    }
    List valuesS = new ArrayList();
    for (Iterator iter = attrValuesS.iterator(); iter.hasNext(); ) {
        AttributeValueElement attrValueElem = (AttributeValueElement) iter.next();
        valuesS.addAll(attrValueElem.getContent());
    }
    try {
        return valuesS.containsAll(valuesD);
    } catch (Exception ex) {
        if (SAML2Utils.debug.messageEnabled()) {
            SAML2Utils.debug.message("AttributeQueryUtil.isValueValid:", ex);
        }
        return false;
    }
}
Also used : ArrayList(java.util.ArrayList) Iterator(java.util.Iterator) List(java.util.List) ArrayList(java.util.ArrayList) AttributeValueElement(com.sun.identity.saml2.jaxb.assertion.AttributeValueElement) SOAPException(javax.xml.soap.SOAPException) DataStoreProviderException(com.sun.identity.plugin.datastore.DataStoreProviderException) SAML2MetaException(com.sun.identity.saml2.meta.SAML2MetaException) SAML2Exception(com.sun.identity.saml2.common.SAML2Exception)

Example 2 with AttributeElement

use of com.sun.identity.saml2.jaxb.entityconfig.AttributeElement in project OpenAM by OpenRock.

the class ConfigureGoogleApps method updateIDPMeta.

private void updateIDPMeta(String realm, String entityId) throws WorkflowException {
    try {
        SAML2MetaManager samlManager = new SAML2MetaManager();
        EntityConfigElement entityConfig = samlManager.getEntityConfig(realm, entityId);
        IDPSSOConfigElement idpssoConfig = samlManager.getIDPSSOConfig(realm, entityId);
        List attrList = idpssoConfig.getAttribute();
        if (idpssoConfig != null) {
            for (Iterator it = attrList.iterator(); it.hasNext(); ) {
                AttributeElement avpnew = (AttributeElement) it.next();
                String name = avpnew.getName();
                if (name.equals("nameIDFormatMap")) {
                    for (Iterator itt = avpnew.getValue().listIterator(); itt.hasNext(); ) {
                        String temp = (String) itt.next();
                        if (temp.contains("unspecified")) {
                            itt.remove();
                        }
                    }
                    avpnew.getValue().add(0, nameidMapping);
                }
            }
        }
        samlManager.setEntityConfig(realm, entityConfig);
    } catch (SAML2MetaException e) {
        throw new WorkflowException(e.getMessage());
    }
}
Also used : Iterator(java.util.Iterator) IDPSSOConfigElement(com.sun.identity.saml2.jaxb.entityconfig.IDPSSOConfigElement) List(java.util.List) SAML2MetaManager(com.sun.identity.saml2.meta.SAML2MetaManager) AttributeElement(com.sun.identity.saml2.jaxb.entityconfig.AttributeElement) SAML2MetaException(com.sun.identity.saml2.meta.SAML2MetaException) EntityConfigElement(com.sun.identity.saml2.jaxb.entityconfig.EntityConfigElement)

Example 3 with AttributeElement

use of com.sun.identity.saml2.jaxb.entityconfig.AttributeElement in project OpenAM by OpenRock.

the class AttributeQueryUtil method verifyDesiredAttributes.

private static List<Attribute> verifyDesiredAttributes(List<AttributeElement> supportedAttrs, List<Attribute> desiredAttrs) throws SAML2Exception {
    if (supportedAttrs == null || supportedAttrs.isEmpty()) {
        return desiredAttrs;
    }
    if (desiredAttrs == null || desiredAttrs.isEmpty()) {
        return convertAttributes(supportedAttrs);
    }
    for (Attribute desiredAttr : desiredAttrs) {
        boolean isAttrValid = false;
        Iterator<AttributeElement> supportedAttrIterator = supportedAttrs.iterator();
        while (supportedAttrIterator.hasNext()) {
            AttributeElement supportedAttr = supportedAttrIterator.next();
            if (isSameAttribute(desiredAttr, supportedAttr)) {
                if (isValueValid(desiredAttr, supportedAttr)) {
                    isAttrValid = true;
                    //By removing the attribute from the supported list we make sure that an AttributeQuery can
                    //not request the same Attribute more than once, see SAML core 3.3.2.3.
                    supportedAttrIterator.remove();
                    break;
                } else {
                    throw new SAML2Exception("Attribute value not supported");
                }
            }
        }
        if (!isAttrValid) {
            throw new SAML2Exception("Attribute name not supported");
        }
    }
    return desiredAttrs;
}
Also used : SAML2Exception(com.sun.identity.saml2.common.SAML2Exception) Attribute(com.sun.identity.saml2.assertion.Attribute) AttributeElement(com.sun.identity.saml2.jaxb.assertion.AttributeElement)

Example 4 with AttributeElement

use of com.sun.identity.saml2.jaxb.entityconfig.AttributeElement in project OpenAM by OpenRock.

the class AttributeQueryUtil method convertAttributes.

private static List convertAttributes(List jaxbAttrs) throws SAML2Exception {
    List resultAttrs = new ArrayList();
    for (Iterator iter = jaxbAttrs.iterator(); iter.hasNext(); ) {
        AttributeElement jaxbAttr = (AttributeElement) iter.next();
        Attribute attr = AssertionFactory.getInstance().createAttribute();
        attr.setName(jaxbAttr.getName());
        attr.setNameFormat(jaxbAttr.getNameFormat());
        attr.setFriendlyName(jaxbAttr.getFriendlyName());
        List jaxbValues = jaxbAttr.getAttributeValue();
        if ((jaxbValues != null) && (!jaxbValues.isEmpty())) {
            List newValues = new ArrayList();
            for (Iterator iterV = jaxbValues.iterator(); iterV.hasNext(); ) {
                AttributeValueElement jaxbValeu = (AttributeValueElement) iter.next();
                List content = jaxbValeu.getContent();
                if ((content != null) && (!content.isEmpty())) {
                    newValues.add(content.get(0));
                }
            }
            if (!newValues.isEmpty()) {
                attr.setAttributeValueString(newValues);
            }
        }
        resultAttrs.add(attr);
    }
    return resultAttrs;
}
Also used : Attribute(com.sun.identity.saml2.assertion.Attribute) ArrayList(java.util.ArrayList) Iterator(java.util.Iterator) List(java.util.List) ArrayList(java.util.ArrayList) AttributeValueElement(com.sun.identity.saml2.jaxb.assertion.AttributeValueElement) AttributeElement(com.sun.identity.saml2.jaxb.assertion.AttributeElement)

Example 5 with AttributeElement

use of com.sun.identity.saml2.jaxb.entityconfig.AttributeElement in project OpenAM by OpenRock.

the class SAMLv2ModelImpl method updateBaseConfig.

/**
     * Updates the BaseConfigElement.
     *
     * @param baseConfig is the BaseConfigType passed.
     * @param values the Map which contains the new attribute/value pairs.
     * @param role the role of entity.
     * @throws AMConsoleException if update of baseConfig object fails.
     */
private void updateBaseConfig(BaseConfigType baseConfig, Map values, String role) throws JAXBException, AMConsoleException {
    List attrList = baseConfig.getAttribute();
    if (role.equals(EntityModel.IDENTITY_PROVIDER)) {
        attrList.clear();
        baseConfig = addAttributeType(extendedMetaIdpMap, baseConfig);
        attrList = baseConfig.getAttribute();
    } else if (role.equals(EntityModel.SERVICE_PROVIDER)) {
        attrList.clear();
        baseConfig = addAttributeType(extendedMetaSpMap, baseConfig);
        attrList = baseConfig.getAttribute();
    } else if (role.equals(EntityModel.POLICY_ENFORCEMENT_POINT_DESCRIPTOR)) {
        attrList.clear();
        baseConfig = addAttributeType(xacmlPEPExtendedMeta, baseConfig);
        attrList = baseConfig.getAttribute();
    } else if (role.equals(EntityModel.POLICY_DECISION_POINT_DESCRIPTOR)) {
        attrList.clear();
        baseConfig = addAttributeType(xacmlPDPExtendedMeta, baseConfig);
        attrList = baseConfig.getAttribute();
    }
    for (Iterator it = attrList.iterator(); it.hasNext(); ) {
        AttributeElement avpnew = (AttributeElement) it.next();
        String name = avpnew.getName();
        if (values.keySet().contains(name)) {
            Set set = (Set) values.get(name);
            if (set != null) {
                avpnew.getValue().clear();
                avpnew.getValue().addAll(set);
            }
        }
    }
}
Also used : Set(java.util.Set) OrderedSet(com.sun.identity.shared.datastruct.OrderedSet) Iterator(java.util.Iterator) List(java.util.List) ArrayList(java.util.ArrayList) AttributeElement(com.sun.identity.saml2.jaxb.entityconfig.AttributeElement)

Aggregations

Iterator (java.util.Iterator)6 List (java.util.List)6 ArrayList (java.util.ArrayList)5 SAML2Exception (com.sun.identity.saml2.common.SAML2Exception)3 AttributeElement (com.sun.identity.saml2.jaxb.assertion.AttributeElement)3 AttributeValueElement (com.sun.identity.saml2.jaxb.assertion.AttributeValueElement)3 AttributeElement (com.sun.identity.saml2.jaxb.entityconfig.AttributeElement)3 SAML2MetaException (com.sun.identity.saml2.meta.SAML2MetaException)3 Attribute (com.sun.identity.saml2.assertion.Attribute)2 Set (java.util.Set)2 COTException (com.sun.identity.cot.COTException)1 DataStoreProviderException (com.sun.identity.plugin.datastore.DataStoreProviderException)1 EntityConfigElement (com.sun.identity.saml2.jaxb.entityconfig.EntityConfigElement)1 IDPSSOConfigElement (com.sun.identity.saml2.jaxb.entityconfig.IDPSSOConfigElement)1 EntityDescriptorElement (com.sun.identity.saml2.jaxb.metadata.EntityDescriptorElement)1 ExtensionsType (com.sun.identity.saml2.jaxb.metadata.ExtensionsType)1 EntityAttributesElement (com.sun.identity.saml2.jaxb.metadataattr.EntityAttributesElement)1 SAML2MetaManager (com.sun.identity.saml2.meta.SAML2MetaManager)1 RequestedAuthnContext (com.sun.identity.saml2.protocol.RequestedAuthnContext)1 OrderedSet (com.sun.identity.shared.datastruct.OrderedSet)1