Search in sources :

Example 1 with ProtocolFactory

use of com.sun.identity.saml2.protocol.ProtocolFactory in project OpenAM by OpenRock.

the class AttributeQueryUtil method constructAttrQueryForFedlet.

/**
     * Constructs the Attribute Query used by the Fedlet to retrieve the 
     * values from IDP
     *
     * @param samlResp saml response
     *
     * @exception SAML2Exception if the operation is not successful
     *
     * @supported.api
     */
private static AttributeQuery constructAttrQueryForFedlet(String spEntityID, String idpEntityID, String nameIDValue, List<String> attrsList, String attrqMetaAlias, String attrProfileNameAlias, String subjectDN, boolean wantNameIDEncrypted) throws SAML2Exception {
    String attrqEntityID = SAML2Utils.getSAML2MetaManager().getEntityByMetaAlias(attrqMetaAlias);
    ProtocolFactory protocolFactory = ProtocolFactory.getInstance();
    AssertionFactory assertionFactory = AssertionFactory.getInstance();
    AttributeQuery attrQuery = protocolFactory.createAttributeQuery();
    Issuer issuer = assertionFactory.createIssuer();
    issuer.setValue(attrqEntityID);
    attrQuery.setIssuer(issuer);
    attrQuery.setID(SAML2Utils.generateID());
    attrQuery.setVersion(SAML2Constants.VERSION_2_0);
    attrQuery.setIssueInstant(new Date());
    List attrs = new ArrayList();
    for (String attributeName : attrsList) {
        Attribute attr = assertionFactory.createAttribute();
        attr.setName(attributeName);
        attr.setNameFormat(SAML2Constants.BASIC_NAME_FORMAT);
        attrs.add(attr);
    }
    attrQuery.setAttributes(attrs);
    Subject subject = assertionFactory.createSubject();
    NameID nameID = assertionFactory.createNameID();
    nameID.setNameQualifier(idpEntityID);
    nameID.setSPNameQualifier(spEntityID);
    if (attrProfileNameAlias.equals(SAML2Constants.DEFAULT_ATTR_QUERY_PROFILE_ALIAS)) {
        nameID.setFormat(SAML2Constants.NAMEID_TRANSIENT_FORMAT);
        nameID.setValue(nameIDValue);
    }
    if (attrProfileNameAlias.equals(SAML2Constants.X509_SUBJECT_ATTR_QUERY_PROFILE_ALIAS)) {
        nameID.setFormat(SAML2Constants.X509_SUBJECT_NAME);
        nameID.setValue(subjectDN);
    }
    if (!wantNameIDEncrypted) {
        subject.setNameID(nameID);
    } else {
        AttributeAuthorityDescriptorElement aad = metaManager.getAttributeAuthorityDescriptor("/", idpEntityID);
        EncInfo encInfo = KeyUtil.getEncInfo(aad, idpEntityID, SAML2Constants.ATTR_AUTH_ROLE);
        EncryptedID encryptedID = nameID.encrypt(encInfo.getWrappingKey(), encInfo.getDataEncAlgorithm(), encInfo.getDataEncStrength(), idpEntityID);
        subject.setEncryptedID(encryptedID);
    }
    attrQuery.setSubject(subject);
    return attrQuery;
}
Also used : Issuer(com.sun.identity.saml2.assertion.Issuer) Attribute(com.sun.identity.saml2.assertion.Attribute) NameID(com.sun.identity.saml2.assertion.NameID) ArrayList(java.util.ArrayList) AttributeAuthorityDescriptorElement(com.sun.identity.saml2.jaxb.metadata.AttributeAuthorityDescriptorElement) EncryptedID(com.sun.identity.saml2.assertion.EncryptedID) Date(java.util.Date) Subject(com.sun.identity.saml2.assertion.Subject) ProtocolFactory(com.sun.identity.saml2.protocol.ProtocolFactory) EncInfo(com.sun.identity.saml2.key.EncInfo) AssertionFactory(com.sun.identity.saml2.assertion.AssertionFactory) AttributeQuery(com.sun.identity.saml2.protocol.AttributeQuery) List(java.util.List) ArrayList(java.util.ArrayList)

Example 2 with ProtocolFactory

use of com.sun.identity.saml2.protocol.ProtocolFactory in project OpenAM by OpenRock.

the class RequestAbstractImpl method parseDOMChileElements.

/** 
     * Parses child elements of the Docuemnt Element for this object.
     * 
     * @param iter the child elements iterator.
     * @throws SAML2Exception if error parsing the Document Element.
     */
protected void parseDOMChileElements(ListIterator iter) throws SAML2Exception {
    AssertionFactory assertionFactory = AssertionFactory.getInstance();
    ProtocolFactory protoFactory = ProtocolFactory.getInstance();
    while (iter.hasNext()) {
        Element childElement = (Element) iter.next();
        String localName = childElement.getLocalName();
        if (SAML2Constants.ISSUER.equals(localName)) {
            validateIssuer();
            nameID = assertionFactory.createIssuer(childElement);
        } else if (SAML2Constants.SIGNATURE.equals(localName)) {
            validateSignature();
            signatureString = XMLUtils.print(childElement);
            isSigned = true;
        } else if (SAML2Constants.EXTENSIONS.equals(localName)) {
            validateExtensions();
            extensions = protoFactory.createExtensions(childElement);
        } else {
            iter.previous();
            break;
        }
    }
}
Also used : ProtocolFactory(com.sun.identity.saml2.protocol.ProtocolFactory) AssertionFactory(com.sun.identity.saml2.assertion.AssertionFactory) Element(org.w3c.dom.Element)

Example 3 with ProtocolFactory

use of com.sun.identity.saml2.protocol.ProtocolFactory in project OpenAM by OpenRock.

the class LogoutResponseImpl method parseElement.

/**
     * Parses the Docuemnt Element for this object.
     *
     * @param element the Document Element of this object.
     * @throws SAML2Exception if error parsing the Document Element.
     */
private void parseElement(Element element) throws SAML2Exception {
    AssertionFactory assertionFactory = AssertionFactory.getInstance();
    ProtocolFactory protoFactory = ProtocolFactory.getInstance();
    responseId = element.getAttribute(SAML2Constants.ID);
    validateID(responseId);
    version = element.getAttribute(SAML2Constants.VERSION);
    validateVersion(version);
    String issueInstantStr = element.getAttribute(SAML2Constants.ISSUE_INSTANT);
    validateIssueInstant(issueInstantStr);
    destination = element.getAttribute(SAML2Constants.DESTINATION);
    consent = element.getAttribute(SAML2Constants.CONSENT);
    inResponseTo = element.getAttribute(SAML2Constants.INRESPONSETO);
    NodeList nList = element.getChildNodes();
    if ((nList != null) && (nList.getLength() > 0)) {
        for (int i = 0; i < nList.getLength(); i++) {
            Node childNode = nList.item(i);
            String cName = childNode.getLocalName();
            if (cName != null) {
                if (cName.equals(SAML2Constants.ISSUER)) {
                    issuer = assertionFactory.createIssuer((Element) childNode);
                } else if (cName.equals(SAML2Constants.SIGNATURE)) {
                    signatureString = XMLUtils.getElementString((Element) childNode);
                    isSigned = true;
                } else if (cName.equals(SAML2Constants.EXTENSIONS)) {
                    extensions = protoFactory.createExtensions((Element) childNode);
                } else if (cName.equals(SAML2Constants.STATUS)) {
                    status = protoFactory.createStatus((Element) childNode);
                    validateStatus();
                }
            }
        }
    }
}
Also used : ProtocolFactory(com.sun.identity.saml2.protocol.ProtocolFactory) AssertionFactory(com.sun.identity.saml2.assertion.AssertionFactory) NodeList(org.w3c.dom.NodeList) Node(org.w3c.dom.Node) Element(org.w3c.dom.Element)

Example 4 with ProtocolFactory

use of com.sun.identity.saml2.protocol.ProtocolFactory in project OpenAM by OpenRock.

the class AuthnQueryImpl method parseDOMChileElements.

/** 
     * Parses child elements of the Docuemnt Element for this object.
     * 
     * @param iter the child elements iterator.
     * @throws SAML2Exception if error parsing the Document Element.
     */
protected void parseDOMChileElements(ListIterator iter) throws SAML2Exception {
    super.parseDOMChileElements(iter);
    ProtocolFactory pFactory = ProtocolFactory.getInstance();
    if (iter.hasNext()) {
        Element childElement = (Element) iter.next();
        String localName = childElement.getLocalName();
        if (SAML2Constants.REQ_AUTHN_CONTEXT.equals(localName)) {
            requestedAuthnContext = pFactory.createRequestedAuthnContext(childElement);
        } else {
            iter.previous();
        }
    }
}
Also used : ProtocolFactory(com.sun.identity.saml2.protocol.ProtocolFactory) Element(org.w3c.dom.Element)

Example 5 with ProtocolFactory

use of com.sun.identity.saml2.protocol.ProtocolFactory in project OpenAM by OpenRock.

the class ManageNameIDResponseImpl method parseElement.

private void parseElement(Element element) throws SAML2Exception {
    AssertionFactory af = AssertionFactory.getInstance();
    ProtocolFactory pf = ProtocolFactory.getInstance();
    // make sure that the input xml block is not null
    if (element == null) {
        if (SAML2SDKUtils.debug.messageEnabled()) {
            SAML2SDKUtils.debug.message("ManageNameIDResponseImpl.parseElement: Input is null.");
        }
        throw new SAML2Exception(SAML2SDKUtils.bundle.getString("nullInput"));
    }
    // Make sure this is an EncryptedAssertion.
    String tag = null;
    tag = element.getLocalName();
    if ((tag == null) || (!tag.equals(elementName))) {
        if (SAML2SDKUtils.debug.messageEnabled()) {
            SAML2SDKUtils.debug.message("ManageNameIDResponseImpl.parseElement:" + "not ManageNameIDResponse.");
        }
        throw new SAML2Exception(SAML2SDKUtils.bundle.getString("wrongInput"));
    }
    responseId = element.getAttribute("ID");
    validateID(responseId);
    version = element.getAttribute("Version");
    validateVersion(version);
    String issueInstantStr = element.getAttribute("IssueInstant");
    validateIssueInstant(issueInstantStr);
    destination = element.getAttribute("Destination");
    consent = element.getAttribute("Consent");
    inResponseTo = element.getAttribute("InResponseTo");
    NodeList nList = element.getChildNodes();
    if ((nList != null) && (nList.getLength() > 0)) {
        for (int i = 0; i < nList.getLength(); i++) {
            Node childNode = nList.item(i);
            String cName = childNode.getLocalName();
            if (cName != null) {
                if (cName.equals("Issuer")) {
                    issuer = af.createIssuer((Element) childNode);
                } else if (cName.equals("Signature")) {
                    signatureString = XMLUtils.getElementString((Element) childNode);
                    isSigned = true;
                } else if (cName.equals("Extensions")) {
                    extensions = pf.createExtensions((Element) childNode);
                } else if (cName.equals("Status")) {
                    status = pf.createStatus((Element) childNode);
                }
            }
        }
    }
}
Also used : ProtocolFactory(com.sun.identity.saml2.protocol.ProtocolFactory) SAML2Exception(com.sun.identity.saml2.common.SAML2Exception) AssertionFactory(com.sun.identity.saml2.assertion.AssertionFactory) NodeList(org.w3c.dom.NodeList) Node(org.w3c.dom.Node) Element(org.w3c.dom.Element)

Aggregations

ProtocolFactory (com.sun.identity.saml2.protocol.ProtocolFactory)17 Element (org.w3c.dom.Element)11 AssertionFactory (com.sun.identity.saml2.assertion.AssertionFactory)9 Node (org.w3c.dom.Node)9 NodeList (org.w3c.dom.NodeList)9 SAML2Exception (com.sun.identity.saml2.common.SAML2Exception)7 ArrayList (java.util.ArrayList)6 Issuer (com.sun.identity.saml2.assertion.Issuer)4 Date (java.util.Date)4 List (java.util.List)4 Assertion (com.sun.identity.saml2.assertion.Assertion)3 SAML2MetaException (com.sun.identity.saml2.meta.SAML2MetaException)3 Response (com.sun.identity.saml2.protocol.Response)3 Status (com.sun.identity.saml2.protocol.Status)3 StatusCode (com.sun.identity.saml2.protocol.StatusCode)3 Iterator (java.util.Iterator)3 HttpServletResponse (javax.servlet.http.HttpServletResponse)3 EncryptedAssertion (com.sun.identity.saml2.assertion.EncryptedAssertion)2 EncryptedID (com.sun.identity.saml2.assertion.EncryptedID)2 NameID (com.sun.identity.saml2.assertion.NameID)2