Examples with SAML11AttributeStatementType org.keycloak.dom.saml.v1.assertion.SAML11AttributeStatementType used on opensource projects

Search in sources :

Example 1 with SAML11AttributeStatementType

use of org.keycloak.dom.saml.v1.assertion.SAML11AttributeStatementType in project keycloak by keycloak.

the class SAML11AssertionParser method parse.

/**
 * @see {@link ParserNamespaceSupport#parse(XMLEventReader)}
 */
public Object parse(XMLEventReader xmlEventReader) throws ParsingException {
    StartElement startElement = StaxParserUtil.peekNextStartElement(xmlEventReader);
    startElement = StaxParserUtil.getNextStartElement(xmlEventReader);
    // Special case: Encrypted Assertion
    StaxParserUtil.validate(startElement, ASSERTION);
    SAML11AssertionType assertion = parseBaseAttributes(startElement);
    Attribute issuerAttribute = startElement.getAttributeByName(new QName(SAML11Constants.ISSUER));
    String issuer = StaxParserUtil.getAttributeValue(issuerAttribute);
    assertion.setIssuer(issuer);
    // Peek at the next event
    while (xmlEventReader.hasNext()) {
        XMLEvent xmlEvent = StaxParserUtil.peek(xmlEventReader);
        if (xmlEvent == null)
            break;
        if (xmlEvent instanceof EndElement) {
            xmlEvent = StaxParserUtil.getNextEvent(xmlEventReader);
            EndElement endElement = (EndElement) xmlEvent;
            String endElementTag = StaxParserUtil.getElementName(endElement);
            if (endElementTag.equals(JBossSAMLConstants.ASSERTION.get()))
                break;
            else
                throw logger.parserUnknownEndElement(endElementTag, xmlEvent.getLocation());
        }
        StartElement peekedElement = null;
        if (xmlEvent instanceof StartElement) {
            peekedElement = (StartElement) xmlEvent;
        } else {
            peekedElement = StaxParserUtil.peekNextStartElement(xmlEventReader);
        }
        if (peekedElement == null)
            break;
        String tag = StaxParserUtil.getElementName(peekedElement);
        if (tag.equals(JBossSAMLConstants.SIGNATURE.get())) {
            assertion.setSignature(StaxParserUtil.getDOMElement(xmlEventReader));
        } else if (JBossSAMLConstants.ISSUER.get().equalsIgnoreCase(tag)) {
            startElement = StaxParserUtil.getNextStartElement(xmlEventReader);
            issuer = StaxParserUtil.getElementText(xmlEventReader);
            assertion.setIssuer(issuer);
        } else if (JBossSAMLConstants.SUBJECT.get().equalsIgnoreCase(tag)) {
            SAML11SubjectParser subjectParser = new SAML11SubjectParser();
            SAML11SubjectType subject = (SAML11SubjectType) subjectParser.parse(xmlEventReader);
            SAML11SubjectStatementType subStat = new SAML11SubjectStatementType();
            subStat.setSubject(subject);
        } else if (JBossSAMLConstants.CONDITIONS.get().equalsIgnoreCase(tag)) {
            startElement = (StartElement) xmlEvent;
            SAML11ConditionsType conditions = SAML11ParserUtil.parseSAML11Conditions(xmlEventReader);
            assertion.setConditions(conditions);
        } else if (SAML11Constants.AUTHENTICATION_STATEMENT.equals(tag)) {
            startElement = (StartElement) xmlEvent;
            SAML11AuthenticationStatementType authStat = SAML11ParserUtil.parseAuthenticationStatement(xmlEventReader);
            assertion.add(authStat);
        } else if (SAML11Constants.ATTRIBUTE_STATEMENT.equalsIgnoreCase(tag)) {
            SAML11AttributeStatementType attributeStatementType = SAML11ParserUtil.parseSAML11AttributeStatement(xmlEventReader);
            assertion.add(attributeStatementType);
        } else if (SAML11Constants.AUTHORIZATION_DECISION_STATEMENT.equalsIgnoreCase(tag)) {
            SAML11AuthorizationDecisionStatementType authzStat = SAML11ParserUtil.parseSAML11AuthorizationDecisionStatement(xmlEventReader);
            assertion.add(authzStat);
        } else
            throw logger.parserUnknownTag(tag, peekedElement.getLocation());
    }
    return assertion;
}
Also used : SAML11ConditionsType(org.keycloak.dom.saml.v1.assertion.SAML11ConditionsType) SAML11SubjectType(org.keycloak.dom.saml.v1.assertion.SAML11SubjectType) Attribute(javax.xml.stream.events.Attribute) EndElement(javax.xml.stream.events.EndElement) QName(javax.xml.namespace.QName) StartElement(javax.xml.stream.events.StartElement) SAML11AuthenticationStatementType(org.keycloak.dom.saml.v1.assertion.SAML11AuthenticationStatementType) SAML11AssertionType(org.keycloak.dom.saml.v1.assertion.SAML11AssertionType) XMLEvent(javax.xml.stream.events.XMLEvent) SAML11AuthorizationDecisionStatementType(org.keycloak.dom.saml.v1.assertion.SAML11AuthorizationDecisionStatementType) SAML11SubjectStatementType(org.keycloak.dom.saml.v1.assertion.SAML11SubjectStatementType) SAML11AttributeStatementType(org.keycloak.dom.saml.v1.assertion.SAML11AttributeStatementType)

Example 2 with SAML11AttributeStatementType

use of org.keycloak.dom.saml.v1.assertion.SAML11AttributeStatementType in project keycloak by keycloak.

the class SAML11ParserUtil method parseSAML11AttributeStatement.

/**
 * Parse an {@code SAML11AttributeStatementType}
 *
 * @param xmlEventReader
 *
 * @return
 *
 * @throws ParsingException
 */
public static SAML11AttributeStatementType parseSAML11AttributeStatement(XMLEventReader xmlEventReader) throws ParsingException {
    SAML11AttributeStatementType attributeStatementType = new SAML11AttributeStatementType();
    StartElement startElement = StaxParserUtil.getNextStartElement(xmlEventReader);
    String ATTRIBSTATEMT = JBossSAMLConstants.ATTRIBUTE_STATEMENT.get();
    StaxParserUtil.validate(startElement, ATTRIBSTATEMT);
    while (xmlEventReader.hasNext()) {
        XMLEvent xmlEvent = StaxParserUtil.peek(xmlEventReader);
        if (xmlEvent instanceof EndElement) {
            EndElement endElement = StaxParserUtil.getNextEndElement(xmlEventReader);
            StaxParserUtil.validate(endElement, JBossSAMLConstants.ATTRIBUTE_STATEMENT.get());
            break;
        }
        // Get the next start element
        startElement = StaxParserUtil.peekNextStartElement(xmlEventReader);
        String tag = startElement.getName().getLocalPart();
        if (JBossSAMLConstants.ATTRIBUTE.get().equals(tag)) {
            SAML11AttributeType attribute = parseSAML11Attribute(xmlEventReader);
            attributeStatementType.add(attribute);
        } else if (JBossSAMLConstants.SUBJECT.get().equals(tag)) {
            SAML11SubjectParser parser = new SAML11SubjectParser();
            SAML11SubjectType subject = (SAML11SubjectType) parser.parse(xmlEventReader);
            attributeStatementType.setSubject(subject);
        } else
            throw logger.parserUnknownTag(tag, startElement.getLocation());
    }
    return attributeStatementType;
}
Also used : StartElement(javax.xml.stream.events.StartElement) SAML11SubjectType(org.keycloak.dom.saml.v1.assertion.SAML11SubjectType) EndElement(javax.xml.stream.events.EndElement) SAML11SubjectParser(org.keycloak.saml.processing.core.parsers.saml.SAML11SubjectParser) XMLEvent(javax.xml.stream.events.XMLEvent) SAML11AttributeType(org.keycloak.dom.saml.v1.assertion.SAML11AttributeType) SAML11AttributeStatementType(org.keycloak.dom.saml.v1.assertion.SAML11AttributeStatementType)

Example 3 with SAML11AttributeStatementType

use of org.keycloak.dom.saml.v1.assertion.SAML11AttributeStatementType in project keycloak by keycloak.

the class SAML11AssertionWriter method write.

public void write(SAML11AttributeStatementType statement) throws ProcessingException {
    StaxUtil.writeStartElement(writer, ASSERTION_PREFIX, JBossSAMLConstants.ATTRIBUTE_STATEMENT.get(), SAML11Constants.ASSERTION_11_NSURI);
    SAML11SubjectType subject = statement.getSubject();
    if (subject != null)
        write(subject);
    List<SAML11AttributeType> attributes = statement.get();
    if (attributes != null) {
        for (SAML11AttributeType attr : attributes) {
            write(attr);
        }
    }
    StaxUtil.writeEndElement(writer);
    StaxUtil.flush(writer);
}
Also used : SAML11SubjectType(org.keycloak.dom.saml.v1.assertion.SAML11SubjectType) SAML11AttributeType(org.keycloak.dom.saml.v1.assertion.SAML11AttributeType)

Example 4 with SAML11AttributeStatementType

use of org.keycloak.dom.saml.v1.assertion.SAML11AttributeStatementType in project keycloak by keycloak.

the class SAML11AssertionWriter method write.

/**
 * Write an {@code SAML11AssertionType} to stream
 *
 * @param assertion
 * @param out
 *
 * @throws ProcessingException
 */
public void write(SAML11AssertionType assertion) throws ProcessingException {
    StaxUtil.writeStartElement(writer, ASSERTION_PREFIX, JBossSAMLConstants.ASSERTION.get(), ns);
    StaxUtil.writeNameSpace(writer, ASSERTION_PREFIX, ns);
    StaxUtil.writeDefaultNameSpace(writer, ns);
    // Attributes
    // StaxUtil.writeAttribute(writer, JBossSAMLConstants.ID.get(), assertion.getID());
    StaxUtil.writeAttribute(writer, SAML11Constants.ASSERTIONID, assertion.getID());
    StaxUtil.writeAttribute(writer, SAML11Constants.MAJOR_VERSION, assertion.getMajorVersion() + "");
    StaxUtil.writeAttribute(writer, SAML11Constants.MINOR_VERSION, assertion.getMinorVersion() + "");
    StaxUtil.writeAttribute(writer, JBossSAMLConstants.ISSUE_INSTANT.get(), assertion.getIssueInstant().toString());
    String issuer = assertion.getIssuer();
    if (issuer != null) {
        StaxUtil.writeAttribute(writer, SAML11Constants.ISSUER, issuer);
    }
    SAML11ConditionsType conditions = assertion.getConditions();
    if (conditions != null) {
        StaxUtil.writeStartElement(writer, ASSERTION_PREFIX, JBossSAMLConstants.CONDITIONS.get(), ns);
        StaxUtil.writeAttribute(writer, JBossSAMLConstants.NOT_BEFORE.get(), conditions.getNotBefore().toString());
        StaxUtil.writeAttribute(writer, JBossSAMLConstants.NOT_ON_OR_AFTER.get(), conditions.getNotOnOrAfter().toString());
        List<SAML11ConditionAbstractType> typeOfConditions = conditions.get();
        if (typeOfConditions != null) {
            for (SAML11ConditionAbstractType typeCondition : typeOfConditions) {
                if (typeCondition instanceof SAML11AudienceRestrictionCondition) {
                    SAML11AudienceRestrictionCondition art = (SAML11AudienceRestrictionCondition) typeCondition;
                    StaxUtil.writeStartElement(writer, ASSERTION_PREFIX, SAML11Constants.AUDIENCE_RESTRICTION_CONDITION, ns);
                    List<URI> audiences = art.get();
                    if (audiences != null) {
                        for (URI audience : audiences) {
                            StaxUtil.writeStartElement(writer, ASSERTION_PREFIX, JBossSAMLConstants.AUDIENCE.get(), ns);
                            StaxUtil.writeCharacters(writer, audience.toString());
                            StaxUtil.writeEndElement(writer);
                        }
                    }
                    StaxUtil.writeEndElement(writer);
                }
            }
        }
        StaxUtil.writeEndElement(writer);
    }
    SAML11AdviceType advice = assertion.getAdvice();
    if (advice != null)
        throw logger.notImplementedYet("Advice");
    List<SAML11StatementAbstractType> statements = assertion.getStatements();
    if (statements != null) {
        for (SAML11StatementAbstractType statement : statements) {
            if (statement instanceof SAML11AuthenticationStatementType) {
                write((SAML11AuthenticationStatementType) statement);
            } else if (statement instanceof SAML11AttributeStatementType) {
                write((SAML11AttributeStatementType) statement);
            } else if (statement instanceof SAML11AuthorizationDecisionStatementType) {
                write((SAML11AuthorizationDecisionStatementType) statement);
            } else if (statement instanceof SAML11SubjectStatementType) {
                write((SAML11SubjectStatementType) statement);
            } else
                throw logger.writerUnknownTypeError(statement.getClass().getName());
        }
    }
    Element sig = assertion.getSignature();
    if (sig != null)
        StaxUtil.writeDOMElement(writer, sig);
    StaxUtil.writeEndElement(writer);
    StaxUtil.flush(writer);
}
Also used : SAML11ConditionsType(org.keycloak.dom.saml.v1.assertion.SAML11ConditionsType) Element(org.w3c.dom.Element) URI(java.net.URI) SAML11AudienceRestrictionCondition(org.keycloak.dom.saml.v1.assertion.SAML11AudienceRestrictionCondition) SAML11AuthenticationStatementType(org.keycloak.dom.saml.v1.assertion.SAML11AuthenticationStatementType) SAML11AuthorizationDecisionStatementType(org.keycloak.dom.saml.v1.assertion.SAML11AuthorizationDecisionStatementType) SAML11ConditionAbstractType(org.keycloak.dom.saml.v1.assertion.SAML11ConditionAbstractType) SAML11AdviceType(org.keycloak.dom.saml.v1.assertion.SAML11AdviceType) SAML11StatementAbstractType(org.keycloak.dom.saml.v1.assertion.SAML11StatementAbstractType) SAML11AttributeStatementType(org.keycloak.dom.saml.v1.assertion.SAML11AttributeStatementType) SAML11SubjectStatementType(org.keycloak.dom.saml.v1.assertion.SAML11SubjectStatementType)

Example 5 with SAML11AttributeStatementType

use of org.keycloak.dom.saml.v1.assertion.SAML11AttributeStatementType in project keycloak by keycloak.

the class AssertionUtil method getRoles.

/**
 * Given an assertion, return the list of roles it may have
 *
 * @param assertion The {@link SAML11AssertionType}
 * @param roleKeys a list of string values representing the role keys. The list can be null.
 *
 * @return
 */
public static List<String> getRoles(SAML11AssertionType assertion, List<String> roleKeys) {
    List<String> roles = new ArrayList<>();
    List<SAML11StatementAbstractType> statements = assertion.getStatements();
    for (SAML11StatementAbstractType statement : statements) {
        if (statement instanceof SAML11AttributeStatementType) {
            SAML11AttributeStatementType attributeStatement = (SAML11AttributeStatementType) statement;
            List<SAML11AttributeType> attributes = attributeStatement.get();
            for (SAML11AttributeType attr : attributes) {
                if (roleKeys != null && roleKeys.size() > 0) {
                    if (!roleKeys.contains(attr.getAttributeName()))
                        continue;
                }
                List<Object> attributeValues = attr.get();
                if (attributeValues != null) {
                    for (Object attrValue : attributeValues) {
                        if (attrValue instanceof String) {
                            roles.add((String) attrValue);
                        } else if (attrValue instanceof Node) {
                            Node roleNode = (Node) attrValue;
                            roles.add(roleNode.getFirstChild().getNodeValue());
                        } else
                            throw logger.unknownObjectType(attrValue);
                    }
                }
            }
        }
    }
    return roles;
}
Also used : Node(org.w3c.dom.Node) ArrayList(java.util.ArrayList) SAML11AttributeType(org.keycloak.dom.saml.v1.assertion.SAML11AttributeType) SAML11StatementAbstractType(org.keycloak.dom.saml.v1.assertion.SAML11StatementAbstractType) SAML11AttributeStatementType(org.keycloak.dom.saml.v1.assertion.SAML11AttributeStatementType)

Aggregations

SAML11AttributeStatementType (org.keycloak.dom.saml.v1.assertion.SAML11AttributeStatementType)4 SAML11AttributeType (org.keycloak.dom.saml.v1.assertion.SAML11AttributeType)3 SAML11SubjectType (org.keycloak.dom.saml.v1.assertion.SAML11SubjectType)3 EndElement (javax.xml.stream.events.EndElement)2 StartElement (javax.xml.stream.events.StartElement)2 XMLEvent (javax.xml.stream.events.XMLEvent)2 SAML11AuthenticationStatementType (org.keycloak.dom.saml.v1.assertion.SAML11AuthenticationStatementType)2 SAML11AuthorizationDecisionStatementType (org.keycloak.dom.saml.v1.assertion.SAML11AuthorizationDecisionStatementType)2 SAML11ConditionsType (org.keycloak.dom.saml.v1.assertion.SAML11ConditionsType)2 SAML11StatementAbstractType (org.keycloak.dom.saml.v1.assertion.SAML11StatementAbstractType)2 SAML11SubjectStatementType (org.keycloak.dom.saml.v1.assertion.SAML11SubjectStatementType)2 URI (java.net.URI)1 ArrayList (java.util.ArrayList)1 QName (javax.xml.namespace.QName)1 Attribute (javax.xml.stream.events.Attribute)1 SAML11AdviceType (org.keycloak.dom.saml.v1.assertion.SAML11AdviceType)1 SAML11AssertionType (org.keycloak.dom.saml.v1.assertion.SAML11AssertionType)1 SAML11AudienceRestrictionCondition (org.keycloak.dom.saml.v1.assertion.SAML11AudienceRestrictionCondition)1 SAML11ConditionAbstractType (org.keycloak.dom.saml.v1.assertion.SAML11ConditionAbstractType)1 SAML11SubjectParser (org.keycloak.saml.processing.core.parsers.saml.SAML11SubjectParser)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial