Search in sources :

Example 1 with Participants

use of org.apache.cxf.sts.request.Participants in project cxf by apache.

the class DefaultJWTClaimsProvider method handleAudienceRestriction.

/**
 * Set the audience restriction claim. The Audiences are from an AppliesTo address, and the wst:Participants
 * (if either exist).
 */
protected void handleAudienceRestriction(JWTClaimsProviderParameters jwtClaimsProviderParameters, JwtClaims claims) {
    TokenProviderParameters providerParameters = jwtClaimsProviderParameters.getProviderParameters();
    List<String> audiences = new ArrayList<>();
    String appliesToAddress = providerParameters.getAppliesToAddress();
    if (appliesToAddress != null) {
        audiences.add(appliesToAddress);
    }
    Participants participants = providerParameters.getTokenRequirements().getParticipants();
    if (participants != null) {
        String address = TokenProviderUtils.extractAddressFromParticipantsEPR(participants.getPrimaryParticipant());
        if (address != null) {
            audiences.add(address);
        }
        if (participants.getParticipants() != null) {
            for (Object participant : participants.getParticipants()) {
                if (participant != null) {
                    address = TokenProviderUtils.extractAddressFromParticipantsEPR(participant);
                    if (address != null) {
                        audiences.add(address);
                    }
                }
            }
        }
    }
    if (!audiences.isEmpty()) {
        claims.setAudiences(audiences);
    }
}
Also used : ArrayList(java.util.ArrayList) Participants(org.apache.cxf.sts.request.Participants) TokenProviderParameters(org.apache.cxf.sts.token.provider.TokenProviderParameters)

Example 2 with Participants

use of org.apache.cxf.sts.request.Participants in project cxf by apache.

the class DefaultConditionsProvider method createAudienceRestrictions.

/**
 * Create a list of AudienceRestrictions to be added to the Conditions Element of the
 * issued Assertion. The default behaviour is to add a single Audience URI per
 * AudienceRestriction Element. The Audience URIs are from an AppliesTo address, and
 * the wst:Participants (if either exist).
 */
protected List<AudienceRestrictionBean> createAudienceRestrictions(TokenProviderParameters providerParameters) {
    List<AudienceRestrictionBean> audienceRestrictions = new ArrayList<>();
    String appliesToAddress = providerParameters.getAppliesToAddress();
    if (appliesToAddress != null) {
        AudienceRestrictionBean audienceRestriction = new AudienceRestrictionBean();
        audienceRestriction.setAudienceURIs(Collections.singletonList(appliesToAddress));
        audienceRestrictions.add(audienceRestriction);
    }
    Participants participants = providerParameters.getTokenRequirements().getParticipants();
    if (participants != null) {
        String address = extractAddressFromParticipantsEPR(participants.getPrimaryParticipant());
        if (address != null) {
            AudienceRestrictionBean audienceRestriction = new AudienceRestrictionBean();
            audienceRestriction.setAudienceURIs(Collections.singletonList(address));
            audienceRestrictions.add(audienceRestriction);
        }
        if (participants.getParticipants() != null) {
            for (Object participant : participants.getParticipants()) {
                if (participant != null) {
                    address = extractAddressFromParticipantsEPR(participant);
                    if (address != null) {
                        AudienceRestrictionBean audienceRestriction = new AudienceRestrictionBean();
                        audienceRestriction.setAudienceURIs(Collections.singletonList(address));
                        audienceRestrictions.add(audienceRestriction);
                    }
                }
            }
        }
    }
    return audienceRestrictions;
}
Also used : AudienceRestrictionBean(org.apache.wss4j.common.saml.bean.AudienceRestrictionBean) ArrayList(java.util.ArrayList) Participants(org.apache.cxf.sts.request.Participants)

Aggregations

ArrayList (java.util.ArrayList)2 Participants (org.apache.cxf.sts.request.Participants)2 TokenProviderParameters (org.apache.cxf.sts.token.provider.TokenProviderParameters)1 AudienceRestrictionBean (org.apache.wss4j.common.saml.bean.AudienceRestrictionBean)1