Example 1 with AttributeStatementBean
use of org.apache.wss4j.common.saml.bean.AttributeStatementBean in project cxf by apache.
the class SamlCallbackHandler method handle.
public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException {
for (int i = 0; i < callbacks.length; i++) {
if (callbacks[i] instanceof SAMLCallback) {
SAMLCallback callback = (SAMLCallback) callbacks[i];
if (saml2) {
callback.setSamlVersion(Version.SAML_20);
} else {
callback.setSamlVersion(Version.SAML_11);
}
callback.setIssuer("sts");
String subjectName = "uid=sts-client,o=mock-sts.com";
String subjectQualifier = "www.mock-sts.com";
if (!saml2 && SAML2Constants.CONF_SENDER_VOUCHES.equals(confirmationMethod)) {
confirmationMethod = SAML1Constants.CONF_SENDER_VOUCHES;
}
SubjectBean subjectBean = new SubjectBean(subjectName, subjectQualifier, confirmationMethod);
callback.setSubject(subjectBean);
if (attributes != null) {
AttributeStatementBean attrBean = new AttributeStatementBean();
attrBean.setSubject(subjectBean);
attrBean.setSamlAttributes(attributes);
callback.setAttributeStatementData(Collections.singletonList(attrBean));
}
}
}
}
Also used :
SubjectBean(org.apache.wss4j.common.saml.bean.SubjectBean)
AttributeStatementBean(org.apache.wss4j.common.saml.bean.AttributeStatementBean)
SAMLCallback(org.apache.wss4j.common.saml.SAMLCallback)
Example 2 with AttributeStatementBean
use of org.apache.wss4j.common.saml.bean.AttributeStatementBean in project cxf by apache.
the class DefaultAttributeStatementProvider method getStatement.
/**
* Get an AttributeStatementBean using the given parameters.
*/
public AttributeStatementBean getStatement(TokenProviderParameters providerParameters) {
AttributeStatementBean attrBean = new AttributeStatementBean();
List<AttributeBean> attributeList = new ArrayList<>();
TokenRequirements tokenRequirements = providerParameters.getTokenRequirements();
String tokenType = tokenRequirements.getTokenType();
AttributeBean attributeBean = createDefaultAttribute(tokenType);
attributeList.add(attributeBean);
attrBean.setSamlAttributes(attributeList);
return attrBean;
}
Also used :
AttributeStatementBean(org.apache.wss4j.common.saml.bean.AttributeStatementBean)
TokenRequirements(org.apache.cxf.sts.request.TokenRequirements)
ArrayList(java.util.ArrayList)
AttributeBean(org.apache.wss4j.common.saml.bean.AttributeBean)
Example 3 with AttributeStatementBean
use of org.apache.wss4j.common.saml.bean.AttributeStatementBean in project cxf by apache.
the class SamlCallbackHandler method handle.
public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException {
for (Callback callback : callbacks) {
if (callback instanceof SAMLCallback) {
SAMLCallback samlCallback = (SAMLCallback) callback;
// Set the Subject
if (subjectBean != null) {
samlCallback.setSubject(subjectBean);
}
// Set the token Type.
TokenRequirements tokenRequirements = tokenParameters.getTokenRequirements();
String tokenType = tokenRequirements.getTokenType();
boolean saml1 = false;
if (WSS4JConstants.WSS_SAML_TOKEN_TYPE.equals(tokenType) || WSS4JConstants.SAML_NS.equals(tokenType)) {
samlCallback.setSamlVersion(Version.SAML_11);
saml1 = true;
setSubjectOnBeans();
} else {
samlCallback.setSamlVersion(Version.SAML_20);
}
// Set the issuer
if (issuer == null) {
STSPropertiesMBean stsProperties = tokenParameters.getStsProperties();
samlCallback.setIssuer(stsProperties.getIssuer());
} else {
samlCallback.setIssuer(issuer);
}
// Set the statements
boolean statementAdded = false;
if (attributeBeans != null && !attributeBeans.isEmpty()) {
samlCallback.setAttributeStatementData(attributeBeans);
statementAdded = true;
}
if (authBeans != null && !authBeans.isEmpty()) {
samlCallback.setAuthenticationStatementData(authBeans);
statementAdded = true;
}
if (authDecisionBeans != null && !authDecisionBeans.isEmpty()) {
samlCallback.setAuthDecisionStatementData(authDecisionBeans);
statementAdded = true;
}
// If SAML 1.1 we *must* add a Statement
if (saml1 && !statementAdded) {
AttributeStatementBean defaultStatement = new DefaultAttributeStatementProvider().getStatement(tokenParameters);
defaultStatement.setSubject(subjectBean);
samlCallback.setAttributeStatementData(Collections.singletonList(defaultStatement));
}
// Set the conditions
samlCallback.setConditions(conditionsBean);
}
}
}
Also used :
AttributeStatementBean(org.apache.wss4j.common.saml.bean.AttributeStatementBean)
SAMLCallback(org.apache.wss4j.common.saml.SAMLCallback)
Callback(javax.security.auth.callback.Callback)
TokenRequirements(org.apache.cxf.sts.request.TokenRequirements)
STSPropertiesMBean(org.apache.cxf.sts.STSPropertiesMBean)
SAMLCallback(org.apache.wss4j.common.saml.SAMLCallback)
Example 4 with AttributeStatementBean
use of org.apache.wss4j.common.saml.bean.AttributeStatementBean in project cxf by apache.
the class CustomAttributeProvider method getStatement.
/**
* Get an AttributeStatementBean using the given parameters.
*/
public AttributeStatementBean getStatement(TokenProviderParameters providerParameters) {
List<AttributeBean> attributeList = new ArrayList<>();
TokenRequirements tokenRequirements = providerParameters.getTokenRequirements();
String tokenType = tokenRequirements.getTokenType();
// Handle Claims
ProcessedClaimCollection retrievedClaims = ClaimsUtils.processClaims(providerParameters);
AttributeStatementBean attrBean = new AttributeStatementBean();
Iterator<ProcessedClaim> claimIterator = retrievedClaims.iterator();
if (!claimIterator.hasNext()) {
// If no Claims have been processed then create a default attribute
AttributeBean attributeBean = createDefaultAttribute(tokenType);
attributeList.add(attributeBean);
}
while (claimIterator.hasNext()) {
ProcessedClaim claim = claimIterator.next();
AttributeBean attributeBean = createAttributeFromClaim(claim, tokenType);
attributeList.add(attributeBean);
}
ReceivedToken onBehalfOf = tokenRequirements.getOnBehalfOf();
ReceivedToken actAs = tokenRequirements.getActAs();
try {
if (onBehalfOf != null) {
AttributeBean parameterBean = handleAdditionalParameters(false, onBehalfOf.getToken(), tokenType);
if (!parameterBean.getAttributeValues().isEmpty()) {
attributeList.add(parameterBean);
}
}
if (actAs != null) {
AttributeBean parameterBean = handleAdditionalParameters(true, actAs.getToken(), tokenType);
if (!parameterBean.getAttributeValues().isEmpty()) {
attributeList.add(parameterBean);
}
}
} catch (WSSecurityException ex) {
throw new STSException(ex.getMessage(), ex);
}
attrBean.setSamlAttributes(attributeList);
return attrBean;
}
Also used :
AttributeStatementBean(org.apache.wss4j.common.saml.bean.AttributeStatementBean)
ProcessedClaimCollection(org.apache.cxf.sts.claims.ProcessedClaimCollection)
TokenRequirements(org.apache.cxf.sts.request.TokenRequirements)
ProcessedClaim(org.apache.cxf.sts.claims.ProcessedClaim)
ArrayList(java.util.ArrayList)
STSException(org.apache.cxf.ws.security.sts.provider.STSException)
WSSecurityException(org.apache.wss4j.common.ext.WSSecurityException)
AttributeBean(org.apache.wss4j.common.saml.bean.AttributeBean)
ReceivedToken(org.apache.cxf.sts.request.ReceivedToken)
Example 5 with AttributeStatementBean
use of org.apache.wss4j.common.saml.bean.AttributeStatementBean in project cxf by apache.
the class Saml2CallbackHandler method handle.
public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException {
for (int i = 0; i < callbacks.length; i++) {
if (callbacks[i] instanceof SAMLCallback) {
SAMLCallback callback = (SAMLCallback) callbacks[i];
callback.setSamlVersion(Version.SAML_20);
callback.setIssuer("sts");
String subjectName = "uid=alice";
String confirmationMethod = SAML2Constants.CONF_BEARER;
SubjectBean subjectBean = new SubjectBean(subjectName, null, confirmationMethod);
callback.setSubject(subjectBean);
AttributeStatementBean attrBean = new AttributeStatementBean();
if (subjectBean != null) {
attrBean.setSubject(subjectBean);
}
AttributeBean attributeBean = new AttributeBean();
attributeBean.setQualifiedName("role");
attributeBean.addAttributeValue("user");
attrBean.setSamlAttributes(Collections.singletonList(attributeBean));
callback.setAttributeStatementData(Collections.singletonList(attrBean));
}
}
}
Also used :
SubjectBean(org.apache.wss4j.common.saml.bean.SubjectBean)
AttributeStatementBean(org.apache.wss4j.common.saml.bean.AttributeStatementBean)
SAMLCallback(org.apache.wss4j.common.saml.SAMLCallback)
AttributeBean(org.apache.wss4j.common.saml.bean.AttributeBean)
Aggregations
AttributeStatementBean (org.apache.wss4j.common.saml.bean.AttributeStatementBean)19
AttributeBean (org.apache.wss4j.common.saml.bean.AttributeBean)15
SubjectBean (org.apache.wss4j.common.saml.bean.SubjectBean)11
SAMLCallback (org.apache.wss4j.common.saml.SAMLCallback)10
IOException (java.io.IOException)7
ArrayList (java.util.ArrayList)7
Crypto (org.apache.wss4j.common.crypto.Crypto)7
WSSecurityException (org.apache.wss4j.common.ext.WSSecurityException)7
UnsupportedCallbackException (javax.security.auth.callback.UnsupportedCallbackException)5
AuthDecisionStatementBean (org.apache.wss4j.common.saml.bean.AuthDecisionStatementBean)5
AuthenticationStatementBean (org.apache.wss4j.common.saml.bean.AuthenticationStatementBean)5
KeyInfoBean (org.apache.wss4j.common.saml.bean.KeyInfoBean)5
TokenRequirements (org.apache.cxf.sts.request.TokenRequirements)4
ActionBean (org.apache.wss4j.common.saml.bean.ActionBean)4
ConditionsBean (org.apache.wss4j.common.saml.bean.ConditionsBean)4
URI (java.net.URI)2
List (java.util.List)2
Message (org.apache.cxf.message.Message)2
ProcessedClaim (org.apache.cxf.sts.claims.ProcessedClaim)2
ProcessedClaimCollection (org.apache.cxf.sts.claims.ProcessedClaimCollection)2
