Example 1 with ClaimsCollectionImpl
use of ddf.security.claims.impl.ClaimsCollectionImpl in project ddf by codice.
the class AttributeQueryClaimsHandler method getAttributes.
/**
* Gets the attributes for the supplied user from the external attribute store. Returns null if
* the AttributeQueryClient is null.
*
* @param nameId used for the request.
* @return The collection of attributes retrieved from the external attribute store.
* @throws URISyntaxException
*/
protected ClaimsCollection getAttributes(String nameId) throws URISyntaxException {
ClaimsCollection claimCollection = new ClaimsCollectionImpl();
LOGGER.debug("Sending AttributeQuery Request.");
AttributeQueryClient attributeQueryClient;
Assertion assertion;
try {
attributeQueryClient = createAttributeQueryClient(simpleSign, externalAttributeStoreUrl, issuer, destination);
if (attributeQueryClient == null) {
return null;
}
assertion = attributeQueryClient.query(nameId);
if (assertion != null) {
createClaims(claimCollection, assertion);
}
} catch (AttributeQueryException ex) {
LOGGER.info("Error occurred in AttributeQueryClient, did not retrieve response. Set log level for \"org.codice.ddf.security.claims.attributequery.common\" to DEBUG for more information.");
LOGGER.debug("Error occurred in AttributeQueryClient, did not retrieve response.", ex);
}
return claimCollection;
}
Also used :
ClaimsCollectionImpl(ddf.security.claims.impl.ClaimsCollectionImpl)
Assertion(org.opensaml.saml.saml2.core.Assertion)
ClaimsCollection(ddf.security.claims.ClaimsCollection)
Example 2 with ClaimsCollectionImpl
use of ddf.security.claims.impl.ClaimsCollectionImpl in project ddf by codice.
the class CertificateClaimsHandler method retrieveClaims.
@Override
public ClaimsCollection retrieveClaims(ClaimsParameters parameters) {
ClaimsCollection claimsColl = new ClaimsCollectionImpl();
Map<String, Object> additionalProperties = parameters.getAdditionalProperties();
if (additionalProperties != null) {
if (additionalProperties.containsKey(SubjectOperations.EMAIL_ADDRESS_CLAIM_URI)) {
buildClaim(claimsColl, emailClaim, additionalProperties.get(SubjectOperations.EMAIL_ADDRESS_CLAIM_URI));
}
if (additionalProperties.containsKey(SubjectOperations.COUNTRY_CLAIM_URI)) {
buildClaim(claimsColl, countryClaim, additionalProperties.get(SubjectOperations.COUNTRY_CLAIM_URI));
}
}
return claimsColl;
}
Also used :
ClaimsCollectionImpl(ddf.security.claims.impl.ClaimsCollectionImpl)
ClaimsCollection(ddf.security.claims.ClaimsCollection)
Example 3 with ClaimsCollectionImpl
use of ddf.security.claims.impl.ClaimsCollectionImpl in project ddf by codice.
the class PKIRealmTest method setup.
@Before
public void setup() {
List<ClaimsHandler> claimsHandlers = new ArrayList<>();
claimsHandlers.add(mock(ClaimsHandler.class));
claimsHandlers.add(mock(ClaimsHandler.class));
ClaimsCollection claims1 = new ClaimsCollectionImpl();
ClaimImpl email1 = new ClaimImpl("email");
email1.addValue("test@example.com");
claims1.add(email1);
ClaimsCollection claims2 = new ClaimsCollectionImpl();
ClaimImpl email2 = new ClaimImpl("email");
email2.addValue("tester@example.com");
claims2.add(email2);
when(claimsHandlers.get(0).retrieveClaims(any())).thenReturn(claims1);
when(claimsHandlers.get(1).retrieveClaims(any())).thenReturn(claims2);
pkiRealm.setClaimsHandlers(claimsHandlers);
}
Also used :
ClaimsHandler(ddf.security.claims.ClaimsHandler)
ClaimsCollectionImpl(ddf.security.claims.impl.ClaimsCollectionImpl)
ArrayList(java.util.ArrayList)
ClaimImpl(ddf.security.claims.impl.ClaimImpl)
ClaimsCollection(ddf.security.claims.ClaimsCollection)
Before(org.junit.Before)
Example 4 with ClaimsCollectionImpl
use of ddf.security.claims.impl.ClaimsCollectionImpl in project ddf by codice.
the class AttributeQueryClaimsHandler method retrieveClaims.
/**
* Retrieves claims from the external attribute store.
*
* @param parameters The subject to get claims for.
* @return The collection of claims or an empty collection if there are no security claims.
* @throws URISyntaxException
*/
@Override
public ClaimsCollection retrieveClaims(ClaimsParameters parameters) {
ClaimsCollection claimCollection = new ClaimsCollectionImpl();
Principal principal = parameters.getPrincipal();
if (principal == null) {
return claimCollection;
}
String nameId = getNameId(principal);
try {
if (!StringUtils.isEmpty(nameId)) {
ClaimsCollection securityClaimCollection = getAttributes(nameId);
// If security claim collection came back empty, return an empty claim collection.
if (!CollectionUtils.isEmpty(securityClaimCollection)) {
claimCollection.addAll(securityClaimCollection);
}
}
} catch (URISyntaxException e) {
LOGGER.info(ERROR_RETRIEVING_ATTRIBUTES + "Set log level to DEBUG for more information.", externalAttributeStoreUrl, nameId);
LOGGER.debug(ERROR_RETRIEVING_ATTRIBUTES, externalAttributeStoreUrl, nameId, e);
}
return claimCollection;
}
Also used :
ClaimsCollectionImpl(ddf.security.claims.impl.ClaimsCollectionImpl)
ClaimsCollection(ddf.security.claims.ClaimsCollection)
URISyntaxException(java.net.URISyntaxException)
Principal(java.security.Principal)
Example 5 with ClaimsCollectionImpl
use of ddf.security.claims.impl.ClaimsCollectionImpl in project ddf by codice.
the class PropertyFileClaimsHandler method retrieveClaims.
@Override
public ClaimsCollection retrieveClaims(ClaimsParameters parameters) {
ClaimsCollection claimsColl = new ClaimsCollectionImpl();
Principal principal = parameters.getPrincipal();
String user = getUser(principal);
if (user == null) {
LOGGER.info("Could not determine user name, possible authentication error. Returning no claims.");
return claimsColl;
}
String userAttributes = userMapping.get(user);
if (userAttributes != null) {
String[] attributes = userAttributes.split(",");
Claim c = new ClaimImpl(roleClaimType);
for (int i = 1; i < attributes.length; i++) {
c.addValue(attributes[i]);
}
claimsColl.add(c);
}
Claim idClaim = new ClaimImpl(idClaimType);
idClaim.addValue(user);
claimsColl.add(idClaim);
return claimsColl;
}
Also used :
ClaimsCollectionImpl(ddf.security.claims.impl.ClaimsCollectionImpl)
ClaimImpl(ddf.security.claims.impl.ClaimImpl)
ClaimsCollection(ddf.security.claims.ClaimsCollection)
X500Principal(javax.security.auth.x500.X500Principal)
KerberosPrincipal(javax.security.auth.kerberos.KerberosPrincipal)
Principal(java.security.Principal)
Claim(ddf.security.claims.Claim)
Aggregations
ClaimsCollection (ddf.security.claims.ClaimsCollection)9
ClaimsCollectionImpl (ddf.security.claims.impl.ClaimsCollectionImpl)9
ClaimImpl (ddf.security.claims.impl.ClaimImpl)6
Principal (java.security.Principal)5
Claim (ddf.security.claims.Claim)4
ArrayList (java.util.ArrayList)3
X500Principal (javax.security.auth.x500.X500Principal)3
ClaimsHandler (ddf.security.claims.ClaimsHandler)2
Map (java.util.Map)2
Attribute (org.forgerock.opendj.ldap.Attribute)2
ByteString (org.forgerock.opendj.ldap.ByteString)2
Connection (org.forgerock.opendj.ldap.Connection)2
LdapException (org.forgerock.opendj.ldap.LdapException)2
SearchResultReferenceIOException (org.forgerock.opendj.ldap.SearchResultReferenceIOException)2
BindRequest (org.forgerock.opendj.ldap.requests.BindRequest)2
BindResult (org.forgerock.opendj.ldap.responses.BindResult)2
SearchResultEntry (org.forgerock.opendj.ldap.responses.SearchResultEntry)2
ConnectionEntryReader (org.forgerock.opendj.ldif.ConnectionEntryReader)2
Before (org.junit.Before)2
AndFilter (org.springframework.ldap.filter.AndFilter)2
