use of org.apache.cxf.sts.request.Participants in project cxf by apache.
the class DefaultJWTClaimsProvider method handleAudienceRestriction.
/**
* Set the audience restriction claim. The Audiences are from an AppliesTo address, and the wst:Participants
* (if either exist).
*/
protected void handleAudienceRestriction(JWTClaimsProviderParameters jwtClaimsProviderParameters, JwtClaims claims) {
TokenProviderParameters providerParameters = jwtClaimsProviderParameters.getProviderParameters();
List<String> audiences = new ArrayList<>();
String appliesToAddress = providerParameters.getAppliesToAddress();
if (appliesToAddress != null) {
audiences.add(appliesToAddress);
}
Participants participants = providerParameters.getTokenRequirements().getParticipants();
if (participants != null) {
String address = TokenProviderUtils.extractAddressFromParticipantsEPR(participants.getPrimaryParticipant());
if (address != null) {
audiences.add(address);
}
if (participants.getParticipants() != null) {
for (Object participant : participants.getParticipants()) {
if (participant != null) {
address = TokenProviderUtils.extractAddressFromParticipantsEPR(participant);
if (address != null) {
audiences.add(address);
}
}
}
}
}
if (!audiences.isEmpty()) {
claims.setAudiences(audiences);
}
}
use of org.apache.cxf.sts.request.Participants in project cxf by apache.
the class DefaultConditionsProvider method createAudienceRestrictions.
/**
* Create a list of AudienceRestrictions to be added to the Conditions Element of the
* issued Assertion. The default behaviour is to add a single Audience URI per
* AudienceRestriction Element. The Audience URIs are from an AppliesTo address, and
* the wst:Participants (if either exist).
*/
protected List<AudienceRestrictionBean> createAudienceRestrictions(TokenProviderParameters providerParameters) {
List<AudienceRestrictionBean> audienceRestrictions = new ArrayList<>();
String appliesToAddress = providerParameters.getAppliesToAddress();
if (appliesToAddress != null) {
AudienceRestrictionBean audienceRestriction = new AudienceRestrictionBean();
audienceRestriction.setAudienceURIs(Collections.singletonList(appliesToAddress));
audienceRestrictions.add(audienceRestriction);
}
Participants participants = providerParameters.getTokenRequirements().getParticipants();
if (participants != null) {
String address = extractAddressFromParticipantsEPR(participants.getPrimaryParticipant());
if (address != null) {
AudienceRestrictionBean audienceRestriction = new AudienceRestrictionBean();
audienceRestriction.setAudienceURIs(Collections.singletonList(address));
audienceRestrictions.add(audienceRestriction);
}
if (participants.getParticipants() != null) {
for (Object participant : participants.getParticipants()) {
if (participant != null) {
address = extractAddressFromParticipantsEPR(participant);
if (address != null) {
AudienceRestrictionBean audienceRestriction = new AudienceRestrictionBean();
audienceRestriction.setAudienceURIs(Collections.singletonList(address));
audienceRestrictions.add(audienceRestriction);
}
}
}
}
}
return audienceRestrictions;
}
Aggregations