Example 1 with SAML11AuthorizationDecisionStatementType
use of org.keycloak.dom.saml.v1.assertion.SAML11AuthorizationDecisionStatementType in project keycloak by keycloak.
the class SAML11AssertionParser method parse.
/**
* @see {@link ParserNamespaceSupport#parse(XMLEventReader)}
*/
public Object parse(XMLEventReader xmlEventReader) throws ParsingException {
StartElement startElement = StaxParserUtil.peekNextStartElement(xmlEventReader);
startElement = StaxParserUtil.getNextStartElement(xmlEventReader);
// Special case: Encrypted Assertion
StaxParserUtil.validate(startElement, ASSERTION);
SAML11AssertionType assertion = parseBaseAttributes(startElement);
Attribute issuerAttribute = startElement.getAttributeByName(new QName(SAML11Constants.ISSUER));
String issuer = StaxParserUtil.getAttributeValue(issuerAttribute);
assertion.setIssuer(issuer);
// Peek at the next event
while (xmlEventReader.hasNext()) {
XMLEvent xmlEvent = StaxParserUtil.peek(xmlEventReader);
if (xmlEvent == null)
break;
if (xmlEvent instanceof EndElement) {
xmlEvent = StaxParserUtil.getNextEvent(xmlEventReader);
EndElement endElement = (EndElement) xmlEvent;
String endElementTag = StaxParserUtil.getElementName(endElement);
if (endElementTag.equals(JBossSAMLConstants.ASSERTION.get()))
break;
else
throw logger.parserUnknownEndElement(endElementTag, xmlEvent.getLocation());
}
StartElement peekedElement = null;
if (xmlEvent instanceof StartElement) {
peekedElement = (StartElement) xmlEvent;
} else {
peekedElement = StaxParserUtil.peekNextStartElement(xmlEventReader);
}
if (peekedElement == null)
break;
String tag = StaxParserUtil.getElementName(peekedElement);
if (tag.equals(JBossSAMLConstants.SIGNATURE.get())) {
assertion.setSignature(StaxParserUtil.getDOMElement(xmlEventReader));
} else if (JBossSAMLConstants.ISSUER.get().equalsIgnoreCase(tag)) {
startElement = StaxParserUtil.getNextStartElement(xmlEventReader);
issuer = StaxParserUtil.getElementText(xmlEventReader);
assertion.setIssuer(issuer);
} else if (JBossSAMLConstants.SUBJECT.get().equalsIgnoreCase(tag)) {
SAML11SubjectParser subjectParser = new SAML11SubjectParser();
SAML11SubjectType subject = (SAML11SubjectType) subjectParser.parse(xmlEventReader);
SAML11SubjectStatementType subStat = new SAML11SubjectStatementType();
subStat.setSubject(subject);
} else if (JBossSAMLConstants.CONDITIONS.get().equalsIgnoreCase(tag)) {
startElement = (StartElement) xmlEvent;
SAML11ConditionsType conditions = SAML11ParserUtil.parseSAML11Conditions(xmlEventReader);
assertion.setConditions(conditions);
} else if (SAML11Constants.AUTHENTICATION_STATEMENT.equals(tag)) {
startElement = (StartElement) xmlEvent;
SAML11AuthenticationStatementType authStat = SAML11ParserUtil.parseAuthenticationStatement(xmlEventReader);
assertion.add(authStat);
} else if (SAML11Constants.ATTRIBUTE_STATEMENT.equalsIgnoreCase(tag)) {
SAML11AttributeStatementType attributeStatementType = SAML11ParserUtil.parseSAML11AttributeStatement(xmlEventReader);
assertion.add(attributeStatementType);
} else if (SAML11Constants.AUTHORIZATION_DECISION_STATEMENT.equalsIgnoreCase(tag)) {
SAML11AuthorizationDecisionStatementType authzStat = SAML11ParserUtil.parseSAML11AuthorizationDecisionStatement(xmlEventReader);
assertion.add(authzStat);
} else
throw logger.parserUnknownTag(tag, peekedElement.getLocation());
}
return assertion;
}
Also used :
SAML11ConditionsType(org.keycloak.dom.saml.v1.assertion.SAML11ConditionsType)
SAML11SubjectType(org.keycloak.dom.saml.v1.assertion.SAML11SubjectType)
Attribute(javax.xml.stream.events.Attribute)
EndElement(javax.xml.stream.events.EndElement)
QName(javax.xml.namespace.QName)
StartElement(javax.xml.stream.events.StartElement)
SAML11AuthenticationStatementType(org.keycloak.dom.saml.v1.assertion.SAML11AuthenticationStatementType)
SAML11AssertionType(org.keycloak.dom.saml.v1.assertion.SAML11AssertionType)
XMLEvent(javax.xml.stream.events.XMLEvent)
SAML11AuthorizationDecisionStatementType(org.keycloak.dom.saml.v1.assertion.SAML11AuthorizationDecisionStatementType)
SAML11SubjectStatementType(org.keycloak.dom.saml.v1.assertion.SAML11SubjectStatementType)
SAML11AttributeStatementType(org.keycloak.dom.saml.v1.assertion.SAML11AttributeStatementType)
Example 2 with SAML11AuthorizationDecisionStatementType
use of org.keycloak.dom.saml.v1.assertion.SAML11AuthorizationDecisionStatementType in project keycloak by keycloak.
the class SAML11ParserUtil method parseSAML11AuthorizationDecisionStatement.
public static SAML11AuthorizationDecisionStatementType parseSAML11AuthorizationDecisionStatement(XMLEventReader xmlEventReader) throws ParsingException {
SAML11AuthorizationDecisionStatementType authzDecision = null;
StartElement startElement = StaxParserUtil.getNextStartElement(xmlEventReader);
StaxParserUtil.validate(startElement, SAML11Constants.AUTHORIZATION_DECISION_STATEMENT);
Attribute decision = startElement.getAttributeByName(new QName(SAML11Constants.DECISION));
if (decision == null)
throw logger.parserRequiredAttribute("Decision");
String decisionValue = StaxParserUtil.getAttributeValue(decision);
Attribute resource = startElement.getAttributeByName(new QName(SAML11Constants.RESOURCE));
if (resource == null)
throw logger.parserRequiredAttribute("Namespace");
String resValue = StaxParserUtil.getAttributeValue(resource);
authzDecision = new SAML11AuthorizationDecisionStatementType(URI.create(resValue), SAML11DecisionType.valueOf(decisionValue));
while (xmlEventReader.hasNext()) {
XMLEvent xmlEvent = StaxParserUtil.peek(xmlEventReader);
if (xmlEvent instanceof EndElement) {
EndElement end = StaxParserUtil.getNextEndElement(xmlEventReader);
if (StaxParserUtil.matches(end, SAML11Constants.AUTHORIZATION_DECISION_STATEMENT))
break;
}
startElement = StaxParserUtil.peekNextStartElement(xmlEventReader);
if (startElement == null)
break;
String tag = StaxParserUtil.getElementName(startElement);
if (SAML11Constants.ACTION.equals(tag)) {
startElement = StaxParserUtil.getNextStartElement(xmlEventReader);
SAML11ActionType samlAction = new SAML11ActionType();
Attribute namespaceAttr = startElement.getAttributeByName(new QName(SAML11Constants.NAMESPACE));
if (namespaceAttr != null) {
samlAction.setNamespace(StaxParserUtil.getAttributeValue(namespaceAttr));
}
samlAction.setValue(StaxParserUtil.getElementText(xmlEventReader));
authzDecision.addAction(samlAction);
} else if (JBossSAMLConstants.SUBJECT.get().equals(tag)) {
SAML11SubjectParser parser = new SAML11SubjectParser();
authzDecision.setSubject((SAML11SubjectType) parser.parse(xmlEventReader));
} else
throw logger.parserUnknownTag(tag, startElement.getLocation());
}
return authzDecision;
}
Also used :
StartElement(javax.xml.stream.events.StartElement)
SAML11SubjectType(org.keycloak.dom.saml.v1.assertion.SAML11SubjectType)
Attribute(javax.xml.stream.events.Attribute)
EndElement(javax.xml.stream.events.EndElement)
QName(javax.xml.namespace.QName)
SAML11SubjectParser(org.keycloak.saml.processing.core.parsers.saml.SAML11SubjectParser)
SAML11AuthorizationDecisionStatementType(org.keycloak.dom.saml.v1.assertion.SAML11AuthorizationDecisionStatementType)
XMLEvent(javax.xml.stream.events.XMLEvent)
SAML11ActionType(org.keycloak.dom.saml.v1.assertion.SAML11ActionType)
Example 3 with SAML11AuthorizationDecisionStatementType
use of org.keycloak.dom.saml.v1.assertion.SAML11AuthorizationDecisionStatementType in project keycloak by keycloak.
the class SAML11AssertionWriter method write.
public void write(SAML11AuthorizationDecisionStatementType xacmlStat) throws ProcessingException {
StaxUtil.writeStartElement(writer, ASSERTION_PREFIX, SAML11Constants.AUTHORIZATION_DECISION_STATEMENT, ns);
String resource = xacmlStat.getResource().toString();
StaxUtil.writeAttribute(writer, SAML11Constants.RESOURCE, resource);
StaxUtil.writeAttribute(writer, SAML11Constants.DECISION, xacmlStat.getDecision().name());
SAML11SubjectType subject = xacmlStat.getSubject();
if (subject != null)
write(subject);
List<SAML11ActionType> actions = xacmlStat.getActions();
for (SAML11ActionType action : actions) {
write(action);
}
StaxUtil.writeEndElement(writer);
StaxUtil.flush(writer);
}
Also used :
SAML11SubjectType(org.keycloak.dom.saml.v1.assertion.SAML11SubjectType)
SAML11ActionType(org.keycloak.dom.saml.v1.assertion.SAML11ActionType)
Example 4 with SAML11AuthorizationDecisionStatementType
use of org.keycloak.dom.saml.v1.assertion.SAML11AuthorizationDecisionStatementType in project keycloak by keycloak.
the class SAML11AssertionWriter method write.
/**
* Write an {@code SAML11AssertionType} to stream
*
* @param assertion
* @param out
*
* @throws ProcessingException
*/
public void write(SAML11AssertionType assertion) throws ProcessingException {
StaxUtil.writeStartElement(writer, ASSERTION_PREFIX, JBossSAMLConstants.ASSERTION.get(), ns);
StaxUtil.writeNameSpace(writer, ASSERTION_PREFIX, ns);
StaxUtil.writeDefaultNameSpace(writer, ns);
// Attributes
// StaxUtil.writeAttribute(writer, JBossSAMLConstants.ID.get(), assertion.getID());
StaxUtil.writeAttribute(writer, SAML11Constants.ASSERTIONID, assertion.getID());
StaxUtil.writeAttribute(writer, SAML11Constants.MAJOR_VERSION, assertion.getMajorVersion() + "");
StaxUtil.writeAttribute(writer, SAML11Constants.MINOR_VERSION, assertion.getMinorVersion() + "");
StaxUtil.writeAttribute(writer, JBossSAMLConstants.ISSUE_INSTANT.get(), assertion.getIssueInstant().toString());
String issuer = assertion.getIssuer();
if (issuer != null) {
StaxUtil.writeAttribute(writer, SAML11Constants.ISSUER, issuer);
}
SAML11ConditionsType conditions = assertion.getConditions();
if (conditions != null) {
StaxUtil.writeStartElement(writer, ASSERTION_PREFIX, JBossSAMLConstants.CONDITIONS.get(), ns);
StaxUtil.writeAttribute(writer, JBossSAMLConstants.NOT_BEFORE.get(), conditions.getNotBefore().toString());
StaxUtil.writeAttribute(writer, JBossSAMLConstants.NOT_ON_OR_AFTER.get(), conditions.getNotOnOrAfter().toString());
List<SAML11ConditionAbstractType> typeOfConditions = conditions.get();
if (typeOfConditions != null) {
for (SAML11ConditionAbstractType typeCondition : typeOfConditions) {
if (typeCondition instanceof SAML11AudienceRestrictionCondition) {
SAML11AudienceRestrictionCondition art = (SAML11AudienceRestrictionCondition) typeCondition;
StaxUtil.writeStartElement(writer, ASSERTION_PREFIX, SAML11Constants.AUDIENCE_RESTRICTION_CONDITION, ns);
List<URI> audiences = art.get();
if (audiences != null) {
for (URI audience : audiences) {
StaxUtil.writeStartElement(writer, ASSERTION_PREFIX, JBossSAMLConstants.AUDIENCE.get(), ns);
StaxUtil.writeCharacters(writer, audience.toString());
StaxUtil.writeEndElement(writer);
}
}
StaxUtil.writeEndElement(writer);
}
}
}
StaxUtil.writeEndElement(writer);
}
SAML11AdviceType advice = assertion.getAdvice();
if (advice != null)
throw logger.notImplementedYet("Advice");
List<SAML11StatementAbstractType> statements = assertion.getStatements();
if (statements != null) {
for (SAML11StatementAbstractType statement : statements) {
if (statement instanceof SAML11AuthenticationStatementType) {
write((SAML11AuthenticationStatementType) statement);
} else if (statement instanceof SAML11AttributeStatementType) {
write((SAML11AttributeStatementType) statement);
} else if (statement instanceof SAML11AuthorizationDecisionStatementType) {
write((SAML11AuthorizationDecisionStatementType) statement);
} else if (statement instanceof SAML11SubjectStatementType) {
write((SAML11SubjectStatementType) statement);
} else
throw logger.writerUnknownTypeError(statement.getClass().getName());
}
}
Element sig = assertion.getSignature();
if (sig != null)
StaxUtil.writeDOMElement(writer, sig);
StaxUtil.writeEndElement(writer);
StaxUtil.flush(writer);
}
Also used :
SAML11ConditionsType(org.keycloak.dom.saml.v1.assertion.SAML11ConditionsType)
Element(org.w3c.dom.Element)
URI(java.net.URI)
SAML11AudienceRestrictionCondition(org.keycloak.dom.saml.v1.assertion.SAML11AudienceRestrictionCondition)
SAML11AuthenticationStatementType(org.keycloak.dom.saml.v1.assertion.SAML11AuthenticationStatementType)
SAML11AuthorizationDecisionStatementType(org.keycloak.dom.saml.v1.assertion.SAML11AuthorizationDecisionStatementType)
SAML11ConditionAbstractType(org.keycloak.dom.saml.v1.assertion.SAML11ConditionAbstractType)
SAML11AdviceType(org.keycloak.dom.saml.v1.assertion.SAML11AdviceType)
SAML11StatementAbstractType(org.keycloak.dom.saml.v1.assertion.SAML11StatementAbstractType)
SAML11AttributeStatementType(org.keycloak.dom.saml.v1.assertion.SAML11AttributeStatementType)
SAML11SubjectStatementType(org.keycloak.dom.saml.v1.assertion.SAML11SubjectStatementType)
Aggregations
SAML11AuthorizationDecisionStatementType (org.keycloak.dom.saml.v1.assertion.SAML11AuthorizationDecisionStatementType)3
SAML11SubjectType (org.keycloak.dom.saml.v1.assertion.SAML11SubjectType)3
QName (javax.xml.namespace.QName)2
Attribute (javax.xml.stream.events.Attribute)2
EndElement (javax.xml.stream.events.EndElement)2
StartElement (javax.xml.stream.events.StartElement)2
XMLEvent (javax.xml.stream.events.XMLEvent)2
SAML11ActionType (org.keycloak.dom.saml.v1.assertion.SAML11ActionType)2
SAML11AttributeStatementType (org.keycloak.dom.saml.v1.assertion.SAML11AttributeStatementType)2
SAML11AuthenticationStatementType (org.keycloak.dom.saml.v1.assertion.SAML11AuthenticationStatementType)2
SAML11ConditionsType (org.keycloak.dom.saml.v1.assertion.SAML11ConditionsType)2
SAML11SubjectStatementType (org.keycloak.dom.saml.v1.assertion.SAML11SubjectStatementType)2
URI (java.net.URI)1
SAML11AdviceType (org.keycloak.dom.saml.v1.assertion.SAML11AdviceType)1
SAML11AssertionType (org.keycloak.dom.saml.v1.assertion.SAML11AssertionType)1
SAML11AudienceRestrictionCondition (org.keycloak.dom.saml.v1.assertion.SAML11AudienceRestrictionCondition)1
SAML11ConditionAbstractType (org.keycloak.dom.saml.v1.assertion.SAML11ConditionAbstractType)1
SAML11StatementAbstractType (org.keycloak.dom.saml.v1.assertion.SAML11StatementAbstractType)1
SAML11SubjectParser (org.keycloak.saml.processing.core.parsers.saml.SAML11SubjectParser)1
Element (org.w3c.dom.Element)1
