Search in sources :

Example 11 with SAML11AssertionType

use of org.keycloak.dom.saml.v1.assertion.SAML11AssertionType in project keycloak by keycloak.

the class AssertionUtil method hasExpired.

/**
 * Check whether the assertion has expired
 *
 * @param assertion
 *
 * @return
 *
 * @throws ConfigurationException
 */
public static boolean hasExpired(SAML11AssertionType assertion) throws ConfigurationException {
    boolean expiry = false;
    // Check for validity of assertion
    SAML11ConditionsType conditionsType = assertion.getConditions();
    if (conditionsType != null) {
        XMLGregorianCalendar now = XMLTimeUtil.getIssueInstant();
        XMLGregorianCalendar notBefore = conditionsType.getNotBefore();
        XMLGregorianCalendar notOnOrAfter = conditionsType.getNotOnOrAfter();
        logger.trace("Now=" + now.toXMLFormat() + " ::notBefore=" + notBefore.toXMLFormat() + " ::notOnOrAfter=" + notOnOrAfter);
        expiry = !XMLTimeUtil.isValid(now, notBefore, notOnOrAfter);
        if (expiry) {
            logger.samlAssertionExpired(assertion.getID());
        }
    }
    // TODO: if conditions do not exist, assume the assertion to be everlasting?
    return expiry;
}
Also used : XMLGregorianCalendar(javax.xml.datatype.XMLGregorianCalendar) SAML11ConditionsType(org.keycloak.dom.saml.v1.assertion.SAML11ConditionsType)

Aggregations

SAML11AssertionType (org.keycloak.dom.saml.v1.assertion.SAML11AssertionType)6 XMLGregorianCalendar (javax.xml.datatype.XMLGregorianCalendar)5 SAML11ConditionsType (org.keycloak.dom.saml.v1.assertion.SAML11ConditionsType)5 QName (javax.xml.namespace.QName)3 Attribute (javax.xml.stream.events.Attribute)3 SAML11AttributeStatementType (org.keycloak.dom.saml.v1.assertion.SAML11AttributeStatementType)3 Element (org.w3c.dom.Element)3 URI (java.net.URI)2 EndElement (javax.xml.stream.events.EndElement)2 StartElement (javax.xml.stream.events.StartElement)2 SAML11AuthenticationStatementType (org.keycloak.dom.saml.v1.assertion.SAML11AuthenticationStatementType)2 SAML11AuthorizationDecisionStatementType (org.keycloak.dom.saml.v1.assertion.SAML11AuthorizationDecisionStatementType)2 SAML11StatementAbstractType (org.keycloak.dom.saml.v1.assertion.SAML11StatementAbstractType)2 SAML11SubjectStatementType (org.keycloak.dom.saml.v1.assertion.SAML11SubjectStatementType)2 ArrayList (java.util.ArrayList)1 XMLEvent (javax.xml.stream.events.XMLEvent)1 SAML11AdviceType (org.keycloak.dom.saml.v1.assertion.SAML11AdviceType)1 SAML11AttributeType (org.keycloak.dom.saml.v1.assertion.SAML11AttributeType)1 SAML11AudienceRestrictionCondition (org.keycloak.dom.saml.v1.assertion.SAML11AudienceRestrictionCondition)1 SAML11ConditionAbstractType (org.keycloak.dom.saml.v1.assertion.SAML11ConditionAbstractType)1