Example 16 with ProcessedClaimCollection
use of org.apache.cxf.sts.claims.ProcessedClaimCollection in project ddf by codice.
the class AttributeQueryClaimsHandler method getAttributes.
/**
* Gets the attributes for the supplied user from the external attribute store.
* Returns null if the AttributeQueryClient is null.
*
* @param nameId used for the request.
* @return The collection of attributes retrieved from the external attribute store.
* @throws URISyntaxException
*/
protected ProcessedClaimCollection getAttributes(String nameId) throws URISyntaxException {
ProcessedClaimCollection claimCollection = new ProcessedClaimCollection();
LOGGER.debug("Sending AttributeQuery Request.");
AttributeQueryClient attributeQueryClient;
Assertion assertion;
try {
attributeQueryClient = createAttributeQueryClient(simpleSign, externalAttributeStoreUrl, issuer, destination);
if (attributeQueryClient == null) {
return null;
}
assertion = attributeQueryClient.query(nameId);
if (assertion != null) {
createClaims(claimCollection, assertion);
}
} catch (AttributeQueryException ex) {
LOGGER.info("Error occurred in AttributeQueryClient, did not retrieve response. Set log level for \"org.codice.ddf.security.claims.attributequery.common\" to DEBUG for more information.");
LOGGER.debug("Error occurred in AttributeQueryClient, did not retrieve response.", ex);
}
return claimCollection;
}
Also used :
ProcessedClaimCollection(org.apache.cxf.sts.claims.ProcessedClaimCollection)
Assertion(org.opensaml.saml.saml2.core.Assertion)
Example 17 with ProcessedClaimCollection
use of org.apache.cxf.sts.claims.ProcessedClaimCollection in project cxf by apache.
the class ClaimUtils method mapType.
/**
* @param processedClaims Collection of claims to be mapped to a different claim type
* @param map Map of old:new claim types
* @param keepUnmapped if set to false only claims with a claim type contained in the map will be
* returned. If set to false claims with an unmapped claim type will also be returned.
* @return Returns claim collection with mapped claim types
*/
public ProcessedClaimCollection mapType(ProcessedClaimCollection processedClaims, Map<String, String> map, boolean keepUnmapped) {
ProcessedClaimCollection mappedProcessedClaims = new ProcessedClaimCollection();
if (processedClaims != null && map != null) {
for (ProcessedClaim c : processedClaims) {
String processedClaimType = (c.getClaimType() != null) ? c.getClaimType().toString() : "";
String mappedProcessedClaimType = map.get(processedClaimType);
if (mappedProcessedClaimType != null) {
ProcessedClaim processedClaim = c.clone();
processedClaim.setClaimType(URI.create(mappedProcessedClaimType));
mappedProcessedClaims.add(processedClaim);
} else if (keepUnmapped) {
mappedProcessedClaims.add(c.clone());
}
}
}
return mappedProcessedClaims;
}
Also used :
ProcessedClaimCollection(org.apache.cxf.sts.claims.ProcessedClaimCollection)
ProcessedClaim(org.apache.cxf.sts.claims.ProcessedClaim)
Example 18 with ProcessedClaimCollection
use of org.apache.cxf.sts.claims.ProcessedClaimCollection in project cxf by apache.
the class JexlClaimsMapperTest method testWrappedUpperCaseClaim.
@Test
public void testWrappedUpperCaseClaim() throws IOException {
ProcessedClaimCollection result = jcm.mapClaims("A", createClaimCollection(), "B", createProperties());
assertNotNull(result);
ProcessedClaim claim = findClaim(result, "http://my.schema.org/identity/claims/wrappedUppercase");
assertNotNull(claim);
assertNotNull(claim.getValues());
assertEquals(1, claim.getValues().size());
assertEquals("PREFIX_VALUE_SUFFIX", claim.getValues().get(0));
}
Also used :
ProcessedClaimCollection(org.apache.cxf.sts.claims.ProcessedClaimCollection)
ProcessedClaim(org.apache.cxf.sts.claims.ProcessedClaim)
Test(org.junit.Test)
Example 19 with ProcessedClaimCollection
use of org.apache.cxf.sts.claims.ProcessedClaimCollection in project cxf by apache.
the class JexlClaimsMapperTest method testClaimMerge.
@Test
public void testClaimMerge() throws IOException {
ProcessedClaimCollection result = jcm.mapClaims("A", createClaimCollection(), "B", createProperties());
assertNotNull(result);
assertTrue(result.size() >= 2);
assertEquals("http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name", result.get(1).getClaimType().toString());
assertEquals(1, result.get(1).getValues().size());
assertEquals("Jan Bernhardt", result.get(1).getValues().get(0));
for (ProcessedClaim c : result) {
if ("http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname".equals(c.getClaimType().toString())) {
fail("Only merged claim should be in result set, but not the individual claims");
}
}
}
Also used :
ProcessedClaimCollection(org.apache.cxf.sts.claims.ProcessedClaimCollection)
ProcessedClaim(org.apache.cxf.sts.claims.ProcessedClaim)
Test(org.junit.Test)
Example 20 with ProcessedClaimCollection
use of org.apache.cxf.sts.claims.ProcessedClaimCollection in project cxf by apache.
the class JexlClaimsMapperTest method createClaimCollection.
@SuppressWarnings("unchecked")
protected ProcessedClaimCollection createClaimCollection() {
ProcessedClaimCollection cc = new ProcessedClaimCollection();
ProcessedClaim c = new ProcessedClaim();
c.setIssuer("STS-A");
c.setOriginalIssuer("STS-B");
c.setClaimType(URI.create("http://schemas.xmlsoap.org/ws/2005/05/identity/claims/role"));
c.setValues((List<Object>) (List<?>) Arrays.asList("admin", "manager", "tester"));
cc.add(c);
c = new ProcessedClaim();
c.setIssuer("STS-A");
c.setClaimType(URI.create("http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname"));
c.setValues((List<Object>) (List<?>) Arrays.asList("Jan"));
cc.add(c);
c = new ProcessedClaim();
c.setIssuer("STS-A");
c.setClaimType(URI.create("http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname"));
c.setValues((List<Object>) (List<?>) Arrays.asList("Bernhardt"));
cc.add(c);
c = new ProcessedClaim();
c.setClaimType(URI.create("http://schemas.xmlsoap.org/ws/2005/05/identity/claims/unused"));
c.setValues((List<Object>) (List<?>) Arrays.asList("noValue"));
cc.add(c);
c = new ProcessedClaim();
c.setClaimType(URI.create("http://schemas.xmlsoap.org/ws/2005/05/identity/claims/mail"));
c.setValues((List<Object>) (List<?>) Arrays.asList("test@apache.com"));
cc.add(c);
return cc;
}
Also used :
ProcessedClaimCollection(org.apache.cxf.sts.claims.ProcessedClaimCollection)
ProcessedClaim(org.apache.cxf.sts.claims.ProcessedClaim)
List(java.util.List)
Aggregations
ProcessedClaimCollection (org.apache.cxf.sts.claims.ProcessedClaimCollection)68
ProcessedClaim (org.apache.cxf.sts.claims.ProcessedClaim)40
Test (org.junit.Test)32
ClaimCollection (org.apache.cxf.rt.security.claims.ClaimCollection)30
ClaimsParameters (org.apache.cxf.sts.claims.ClaimsParameters)29
Claim (org.apache.cxf.rt.security.claims.Claim)21
URI (java.net.URI)18
Principal (java.security.Principal)15
ClaimsManager (org.apache.cxf.sts.claims.ClaimsManager)14
CustomTokenPrincipal (org.apache.wss4j.common.principal.CustomTokenPrincipal)14
ArrayList (java.util.ArrayList)13
HashMap (java.util.HashMap)5
ClaimsHandler (org.apache.cxf.sts.claims.ClaimsHandler)5
LdapClaimsHandler (org.apache.cxf.sts.claims.LdapClaimsHandler)5
PrepareForTest (org.powermock.core.classloader.annotations.PrepareForTest)5
URISyntaxException (java.net.URISyntaxException)4
List (java.util.List)4
X500Principal (javax.security.auth.x500.X500Principal)4
LdapGroupClaimsHandler (org.apache.cxf.sts.claims.LdapGroupClaimsHandler)4
RealmSupportClaimsHandler (org.apache.cxf.sts.common.RealmSupportClaimsHandler)4
