Example 6 with AttributeBean
use of org.apache.wss4j.common.saml.bean.AttributeBean in project cxf by apache.
the class CustomAttributeProvider method createAttributeFromClaim.
/**
* Create an Attribute from a claim.
*/
private AttributeBean createAttributeFromClaim(ProcessedClaim claim, String tokenType) {
AttributeBean attributeBean = new AttributeBean();
if (WSS4JConstants.WSS_SAML2_TOKEN_TYPE.equals(tokenType) || WSS4JConstants.SAML2_NS.equals(tokenType)) {
attributeBean.setQualifiedName(claim.getClaimType().toString());
} else {
attributeBean.setSimpleName(claim.getClaimType().toString());
}
attributeBean.setAttributeValues(claim.getValues());
return attributeBean;
}
Also used :
AttributeBean(org.apache.wss4j.common.saml.bean.AttributeBean)
Example 7 with AttributeBean
use of org.apache.wss4j.common.saml.bean.AttributeBean in project cxf by apache.
the class CustomAttributeProvider method getStatement.
/**
* Get an AttributeStatementBean using the given parameters.
*/
public AttributeStatementBean getStatement(TokenProviderParameters providerParameters) {
List<AttributeBean> attributeList = new ArrayList<>();
TokenRequirements tokenRequirements = providerParameters.getTokenRequirements();
String tokenType = tokenRequirements.getTokenType();
// Handle Claims
ProcessedClaimCollection retrievedClaims = ClaimsUtils.processClaims(providerParameters);
AttributeStatementBean attrBean = new AttributeStatementBean();
Iterator<ProcessedClaim> claimIterator = retrievedClaims.iterator();
if (!claimIterator.hasNext()) {
// If no Claims have been processed then create a default attribute
AttributeBean attributeBean = createDefaultAttribute(tokenType);
attributeList.add(attributeBean);
}
while (claimIterator.hasNext()) {
ProcessedClaim claim = claimIterator.next();
AttributeBean attributeBean = createAttributeFromClaim(claim, tokenType);
attributeList.add(attributeBean);
}
ReceivedToken onBehalfOf = tokenRequirements.getOnBehalfOf();
ReceivedToken actAs = tokenRequirements.getActAs();
try {
if (onBehalfOf != null) {
AttributeBean parameterBean = handleAdditionalParameters(false, onBehalfOf.getToken(), tokenType);
if (!parameterBean.getAttributeValues().isEmpty()) {
attributeList.add(parameterBean);
}
}
if (actAs != null) {
AttributeBean parameterBean = handleAdditionalParameters(true, actAs.getToken(), tokenType);
if (!parameterBean.getAttributeValues().isEmpty()) {
attributeList.add(parameterBean);
}
}
} catch (WSSecurityException ex) {
throw new STSException(ex.getMessage(), ex);
}
attrBean.setSamlAttributes(attributeList);
return attrBean;
}
Also used :
AttributeStatementBean(org.apache.wss4j.common.saml.bean.AttributeStatementBean)
ProcessedClaimCollection(org.apache.cxf.sts.claims.ProcessedClaimCollection)
TokenRequirements(org.apache.cxf.sts.request.TokenRequirements)
ProcessedClaim(org.apache.cxf.sts.claims.ProcessedClaim)
ArrayList(java.util.ArrayList)
STSException(org.apache.cxf.ws.security.sts.provider.STSException)
WSSecurityException(org.apache.wss4j.common.ext.WSSecurityException)
AttributeBean(org.apache.wss4j.common.saml.bean.AttributeBean)
ReceivedToken(org.apache.cxf.sts.request.ReceivedToken)
Example 8 with AttributeBean
use of org.apache.wss4j.common.saml.bean.AttributeBean in project cxf by apache.
the class CustomAttributeProvider method handleAdditionalParameters.
/**
* Handle ActAs or OnBehalfOf elements.
*/
private AttributeBean handleAdditionalParameters(boolean actAs, Object parameter, String tokenType) throws WSSecurityException {
AttributeBean parameterBean = new AttributeBean();
String claimType = actAs ? "CustomActAs" : "CustomOnBehalfOf";
if (WSS4JConstants.WSS_SAML2_TOKEN_TYPE.equals(tokenType) || WSS4JConstants.SAML2_NS.equals(tokenType)) {
parameterBean.setQualifiedName(claimType);
parameterBean.setNameFormat("http://cxf.apache.org/sts/custom/" + claimType);
} else {
parameterBean.setSimpleName(claimType);
parameterBean.setQualifiedName("http://cxf.apache.org/sts/custom/" + claimType);
}
if (parameter instanceof UsernameTokenType) {
parameterBean.addAttributeValue(((UsernameTokenType) parameter).getUsername().getValue());
} else if (parameter instanceof Element) {
SamlAssertionWrapper wrapper = new SamlAssertionWrapper((Element) parameter);
SAMLTokenPrincipal principal = new SAMLTokenPrincipalImpl(wrapper);
parameterBean.addAttributeValue(principal.getName());
}
return parameterBean;
}
Also used :
SAMLTokenPrincipal(org.apache.wss4j.common.principal.SAMLTokenPrincipal)
UsernameTokenType(org.apache.cxf.ws.security.sts.provider.model.secext.UsernameTokenType)
Element(org.w3c.dom.Element)
SamlAssertionWrapper(org.apache.wss4j.common.saml.SamlAssertionWrapper)
AttributeBean(org.apache.wss4j.common.saml.bean.AttributeBean)
SAMLTokenPrincipalImpl(org.apache.wss4j.common.principal.SAMLTokenPrincipalImpl)
Example 9 with AttributeBean
use of org.apache.wss4j.common.saml.bean.AttributeBean in project cxf by apache.
the class Saml2CallbackHandler method handle.
public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException {
for (int i = 0; i < callbacks.length; i++) {
if (callbacks[i] instanceof SAMLCallback) {
SAMLCallback callback = (SAMLCallback) callbacks[i];
callback.setSamlVersion(Version.SAML_20);
callback.setIssuer("sts");
String subjectName = "uid=alice";
String confirmationMethod = SAML2Constants.CONF_BEARER;
SubjectBean subjectBean = new SubjectBean(subjectName, null, confirmationMethod);
callback.setSubject(subjectBean);
AttributeStatementBean attrBean = new AttributeStatementBean();
if (subjectBean != null) {
attrBean.setSubject(subjectBean);
}
AttributeBean attributeBean = new AttributeBean();
attributeBean.setQualifiedName("role");
attributeBean.addAttributeValue("user");
attrBean.setSamlAttributes(Collections.singletonList(attributeBean));
callback.setAttributeStatementData(Collections.singletonList(attrBean));
}
}
}
Also used :
SubjectBean(org.apache.wss4j.common.saml.bean.SubjectBean)
AttributeStatementBean(org.apache.wss4j.common.saml.bean.AttributeStatementBean)
SAMLCallback(org.apache.wss4j.common.saml.SAMLCallback)
AttributeBean(org.apache.wss4j.common.saml.bean.AttributeBean)
Example 10 with AttributeBean
use of org.apache.wss4j.common.saml.bean.AttributeBean in project cxf by apache.
the class Saml2CallbackHandler method handle.
public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException {
for (int i = 0; i < callbacks.length; i++) {
if (callbacks[i] instanceof SAMLCallback) {
SAMLCallback callback = (SAMLCallback) callbacks[i];
callback.setSamlVersion(Version.SAML_20);
callback.setIssuer("intermediary");
String subjectName = "uid=" + principal.getName();
String confirmationMethod = SAML2Constants.CONF_SENDER_VOUCHES;
SubjectBean subjectBean = new SubjectBean(subjectName, null, confirmationMethod);
callback.setSubject(subjectBean);
AttributeStatementBean attrBean = new AttributeStatementBean();
if (subjectBean != null) {
attrBean.setSubject(subjectBean);
}
AttributeBean attributeBean = new AttributeBean();
attributeBean.setQualifiedName("role");
attributeBean.addAttributeValue("user");
attrBean.setSamlAttributes(Collections.singletonList(attributeBean));
callback.setAttributeStatementData(Collections.singletonList(attrBean));
try {
String file = "serviceKeystore.properties";
Crypto crypto = CryptoFactory.getInstance(file);
callback.setIssuerCrypto(crypto);
callback.setIssuerKeyName("myservicekey");
callback.setIssuerKeyPassword("skpass");
callback.setSignAssertion(true);
} catch (WSSecurityException e) {
throw new IOException(e);
}
}
}
}
Also used :
SubjectBean(org.apache.wss4j.common.saml.bean.SubjectBean)
AttributeStatementBean(org.apache.wss4j.common.saml.bean.AttributeStatementBean)
Crypto(org.apache.wss4j.common.crypto.Crypto)
SAMLCallback(org.apache.wss4j.common.saml.SAMLCallback)
WSSecurityException(org.apache.wss4j.common.ext.WSSecurityException)
AttributeBean(org.apache.wss4j.common.saml.bean.AttributeBean)
IOException(java.io.IOException)
Aggregations
AttributeBean (org.apache.wss4j.common.saml.bean.AttributeBean)24
AttributeStatementBean (org.apache.wss4j.common.saml.bean.AttributeStatementBean)15
SAMLCallback (org.apache.wss4j.common.saml.SAMLCallback)12
ArrayList (java.util.ArrayList)8
SubjectBean (org.apache.wss4j.common.saml.bean.SubjectBean)8
IOException (java.io.IOException)7
Crypto (org.apache.wss4j.common.crypto.Crypto)7
WSSecurityException (org.apache.wss4j.common.ext.WSSecurityException)7
SamlAssertionWrapper (org.apache.wss4j.common.saml.SamlAssertionWrapper)6
UnsupportedCallbackException (javax.security.auth.callback.UnsupportedCallbackException)5
KeyInfoBean (org.apache.wss4j.common.saml.bean.KeyInfoBean)5
Principal (java.security.Principal)4
ClaimCollection (org.apache.cxf.rt.security.claims.ClaimCollection)4
ActionBean (org.apache.wss4j.common.saml.bean.ActionBean)4
AuthDecisionStatementBean (org.apache.wss4j.common.saml.bean.AuthDecisionStatementBean)4
AuthenticationStatementBean (org.apache.wss4j.common.saml.bean.AuthenticationStatementBean)4
Document (org.w3c.dom.Document)4
Claim (org.apache.cxf.rt.security.claims.Claim)3
TokenRequirements (org.apache.cxf.sts.request.TokenRequirements)3
URI (java.net.URI)2
