Search in sources :

Example 1 with SAML11AudienceRestrictionCondition

use of org.keycloak.dom.saml.v1.assertion.SAML11AudienceRestrictionCondition in project keycloak by keycloak.

the class SAML11ParserUtil method parseSAML11Conditions.

/**
 * Parse {@link org.keycloak.dom.saml.v1.assertion.SAML11ConditionsType}
 *
 * @param xmlEventReader
 *
 * @return
 *
 * @throws ParsingException
 */
public static SAML11ConditionsType parseSAML11Conditions(XMLEventReader xmlEventReader) throws ParsingException {
    StartElement startElement;
    SAML11ConditionsType conditions = new SAML11ConditionsType();
    StartElement conditionsElement = StaxParserUtil.getNextStartElement(xmlEventReader);
    StaxParserUtil.validate(conditionsElement, JBossSAMLConstants.CONDITIONS.get());
    String assertionNS = SAML11Constants.ASSERTION_11_NSURI;
    QName notBeforeQName = new QName("", JBossSAMLConstants.NOT_BEFORE.get());
    QName notBeforeQNameWithNS = new QName(assertionNS, JBossSAMLConstants.NOT_BEFORE.get());
    QName notAfterQName = new QName("", JBossSAMLConstants.NOT_ON_OR_AFTER.get());
    QName notAfterQNameWithNS = new QName(assertionNS, JBossSAMLConstants.NOT_ON_OR_AFTER.get());
    Attribute notBeforeAttribute = conditionsElement.getAttributeByName(notBeforeQName);
    if (notBeforeAttribute == null)
        notBeforeAttribute = conditionsElement.getAttributeByName(notBeforeQNameWithNS);
    Attribute notAfterAttribute = conditionsElement.getAttributeByName(notAfterQName);
    if (notAfterAttribute == null)
        notAfterAttribute = conditionsElement.getAttributeByName(notAfterQNameWithNS);
    if (notBeforeAttribute != null) {
        String notBeforeValue = StaxParserUtil.getAttributeValue(notBeforeAttribute);
        conditions.setNotBefore(XMLTimeUtil.parse(notBeforeValue));
    }
    if (notAfterAttribute != null) {
        String notAfterValue = StaxParserUtil.getAttributeValue(notAfterAttribute);
        conditions.setNotOnOrAfter(XMLTimeUtil.parse(notAfterValue));
    }
    while (xmlEventReader.hasNext()) {
        XMLEvent xmlEvent = StaxParserUtil.peek(xmlEventReader);
        if (xmlEvent instanceof EndElement) {
            EndElement end = StaxParserUtil.getNextEndElement(xmlEventReader);
            if (StaxParserUtil.matches(end, JBossSAMLConstants.CONDITIONS.get()))
                break;
        }
        startElement = StaxParserUtil.peekNextStartElement(xmlEventReader);
        if (startElement == null)
            break;
        String tag = StaxParserUtil.getElementName(startElement);
        if (SAML11Constants.AUDIENCE_RESTRICTION_CONDITION.equals(tag)) {
            startElement = StaxParserUtil.getNextStartElement(xmlEventReader);
            SAML11AudienceRestrictionCondition restrictCond = new SAML11AudienceRestrictionCondition();
            startElement = StaxParserUtil.getNextStartElement(xmlEventReader);
            if (StaxParserUtil.getElementName(startElement).equals(JBossSAMLConstants.AUDIENCE.get())) {
                restrictCond.add(URI.create(StaxParserUtil.getElementText(xmlEventReader)));
            }
            EndElement theEndElement = StaxParserUtil.getNextEndElement(xmlEventReader);
            StaxParserUtil.validate(theEndElement, SAML11Constants.AUDIENCE_RESTRICTION_CONDITION);
            conditions.add(restrictCond);
        } else
            throw logger.parserUnknownTag(tag, startElement.getLocation());
    }
    return conditions;
}
Also used : StartElement(javax.xml.stream.events.StartElement) SAML11ConditionsType(org.keycloak.dom.saml.v1.assertion.SAML11ConditionsType) SAML11AudienceRestrictionCondition(org.keycloak.dom.saml.v1.assertion.SAML11AudienceRestrictionCondition) Attribute(javax.xml.stream.events.Attribute) EndElement(javax.xml.stream.events.EndElement) QName(javax.xml.namespace.QName) XMLEvent(javax.xml.stream.events.XMLEvent)

Example 2 with SAML11AudienceRestrictionCondition

use of org.keycloak.dom.saml.v1.assertion.SAML11AudienceRestrictionCondition in project keycloak by keycloak.

the class SAML11AssertionWriter method write.

/**
 * Write an {@code SAML11AssertionType} to stream
 *
 * @param assertion
 * @param out
 *
 * @throws ProcessingException
 */
public void write(SAML11AssertionType assertion) throws ProcessingException {
    StaxUtil.writeStartElement(writer, ASSERTION_PREFIX, JBossSAMLConstants.ASSERTION.get(), ns);
    StaxUtil.writeNameSpace(writer, ASSERTION_PREFIX, ns);
    StaxUtil.writeDefaultNameSpace(writer, ns);
    // Attributes
    // StaxUtil.writeAttribute(writer, JBossSAMLConstants.ID.get(), assertion.getID());
    StaxUtil.writeAttribute(writer, SAML11Constants.ASSERTIONID, assertion.getID());
    StaxUtil.writeAttribute(writer, SAML11Constants.MAJOR_VERSION, assertion.getMajorVersion() + "");
    StaxUtil.writeAttribute(writer, SAML11Constants.MINOR_VERSION, assertion.getMinorVersion() + "");
    StaxUtil.writeAttribute(writer, JBossSAMLConstants.ISSUE_INSTANT.get(), assertion.getIssueInstant().toString());
    String issuer = assertion.getIssuer();
    if (issuer != null) {
        StaxUtil.writeAttribute(writer, SAML11Constants.ISSUER, issuer);
    }
    SAML11ConditionsType conditions = assertion.getConditions();
    if (conditions != null) {
        StaxUtil.writeStartElement(writer, ASSERTION_PREFIX, JBossSAMLConstants.CONDITIONS.get(), ns);
        StaxUtil.writeAttribute(writer, JBossSAMLConstants.NOT_BEFORE.get(), conditions.getNotBefore().toString());
        StaxUtil.writeAttribute(writer, JBossSAMLConstants.NOT_ON_OR_AFTER.get(), conditions.getNotOnOrAfter().toString());
        List<SAML11ConditionAbstractType> typeOfConditions = conditions.get();
        if (typeOfConditions != null) {
            for (SAML11ConditionAbstractType typeCondition : typeOfConditions) {
                if (typeCondition instanceof SAML11AudienceRestrictionCondition) {
                    SAML11AudienceRestrictionCondition art = (SAML11AudienceRestrictionCondition) typeCondition;
                    StaxUtil.writeStartElement(writer, ASSERTION_PREFIX, SAML11Constants.AUDIENCE_RESTRICTION_CONDITION, ns);
                    List<URI> audiences = art.get();
                    if (audiences != null) {
                        for (URI audience : audiences) {
                            StaxUtil.writeStartElement(writer, ASSERTION_PREFIX, JBossSAMLConstants.AUDIENCE.get(), ns);
                            StaxUtil.writeCharacters(writer, audience.toString());
                            StaxUtil.writeEndElement(writer);
                        }
                    }
                    StaxUtil.writeEndElement(writer);
                }
            }
        }
        StaxUtil.writeEndElement(writer);
    }
    SAML11AdviceType advice = assertion.getAdvice();
    if (advice != null)
        throw logger.notImplementedYet("Advice");
    List<SAML11StatementAbstractType> statements = assertion.getStatements();
    if (statements != null) {
        for (SAML11StatementAbstractType statement : statements) {
            if (statement instanceof SAML11AuthenticationStatementType) {
                write((SAML11AuthenticationStatementType) statement);
            } else if (statement instanceof SAML11AttributeStatementType) {
                write((SAML11AttributeStatementType) statement);
            } else if (statement instanceof SAML11AuthorizationDecisionStatementType) {
                write((SAML11AuthorizationDecisionStatementType) statement);
            } else if (statement instanceof SAML11SubjectStatementType) {
                write((SAML11SubjectStatementType) statement);
            } else
                throw logger.writerUnknownTypeError(statement.getClass().getName());
        }
    }
    Element sig = assertion.getSignature();
    if (sig != null)
        StaxUtil.writeDOMElement(writer, sig);
    StaxUtil.writeEndElement(writer);
    StaxUtil.flush(writer);
}
Also used : SAML11ConditionsType(org.keycloak.dom.saml.v1.assertion.SAML11ConditionsType) Element(org.w3c.dom.Element) URI(java.net.URI) SAML11AudienceRestrictionCondition(org.keycloak.dom.saml.v1.assertion.SAML11AudienceRestrictionCondition) SAML11AuthenticationStatementType(org.keycloak.dom.saml.v1.assertion.SAML11AuthenticationStatementType) SAML11AuthorizationDecisionStatementType(org.keycloak.dom.saml.v1.assertion.SAML11AuthorizationDecisionStatementType) SAML11ConditionAbstractType(org.keycloak.dom.saml.v1.assertion.SAML11ConditionAbstractType) SAML11AdviceType(org.keycloak.dom.saml.v1.assertion.SAML11AdviceType) SAML11StatementAbstractType(org.keycloak.dom.saml.v1.assertion.SAML11StatementAbstractType) SAML11AttributeStatementType(org.keycloak.dom.saml.v1.assertion.SAML11AttributeStatementType) SAML11SubjectStatementType(org.keycloak.dom.saml.v1.assertion.SAML11SubjectStatementType)

Aggregations

SAML11AudienceRestrictionCondition (org.keycloak.dom.saml.v1.assertion.SAML11AudienceRestrictionCondition)2 SAML11ConditionsType (org.keycloak.dom.saml.v1.assertion.SAML11ConditionsType)2 URI (java.net.URI)1 QName (javax.xml.namespace.QName)1 Attribute (javax.xml.stream.events.Attribute)1 EndElement (javax.xml.stream.events.EndElement)1 StartElement (javax.xml.stream.events.StartElement)1 XMLEvent (javax.xml.stream.events.XMLEvent)1 SAML11AdviceType (org.keycloak.dom.saml.v1.assertion.SAML11AdviceType)1 SAML11AttributeStatementType (org.keycloak.dom.saml.v1.assertion.SAML11AttributeStatementType)1 SAML11AuthenticationStatementType (org.keycloak.dom.saml.v1.assertion.SAML11AuthenticationStatementType)1 SAML11AuthorizationDecisionStatementType (org.keycloak.dom.saml.v1.assertion.SAML11AuthorizationDecisionStatementType)1 SAML11ConditionAbstractType (org.keycloak.dom.saml.v1.assertion.SAML11ConditionAbstractType)1 SAML11StatementAbstractType (org.keycloak.dom.saml.v1.assertion.SAML11StatementAbstractType)1 SAML11SubjectStatementType (org.keycloak.dom.saml.v1.assertion.SAML11SubjectStatementType)1 Element (org.w3c.dom.Element)1