Example 31 with AttributeType
use of org.keycloak.dom.saml.v2.assertion.AttributeType in project keycloak by keycloak.
the class AttributeStatementHelper method createAttributeType.
public static AttributeType createAttributeType(ProtocolMapperModel mappingModel) {
String attributeName = mappingModel.getConfig().get(SAML_ATTRIBUTE_NAME);
AttributeType attribute = new AttributeType(attributeName);
String attributeType = mappingModel.getConfig().get(SAML_ATTRIBUTE_NAMEFORMAT);
String attributeNameFormat = JBossSAMLURIConstants.ATTRIBUTE_FORMAT_BASIC.get();
if (URI_REFERENCE.equals(attributeType))
attributeNameFormat = JBossSAMLURIConstants.ATTRIBUTE_FORMAT_URI.get();
else if (UNSPECIFIED.equals(attributeType))
attributeNameFormat = JBossSAMLURIConstants.ATTRIBUTE_FORMAT_UNSPECIFIED.get();
attribute.setNameFormat(attributeNameFormat);
String friendlyName = mappingModel.getConfig().get(FRIENDLY_NAME);
if (friendlyName != null && !friendlyName.trim().equals(""))
attribute.setFriendlyName(friendlyName);
return attribute;
}
Also used :
AttributeType(org.keycloak.dom.saml.v2.assertion.AttributeType)
Example 32 with AttributeType
use of org.keycloak.dom.saml.v2.assertion.AttributeType in project keycloak by keycloak.
the class AttributeStatementHelper method addAttribute.
public static void addAttribute(AttributeStatementType attributeStatement, ProtocolMapperModel mappingModel, String attributeValue) {
AttributeType attribute = createAttributeType(mappingModel);
attribute.addAttributeValue(attributeValue);
attributeStatement.addAttribute(new AttributeStatementType.ASTChoiceType(attribute));
}
Also used :
AttributeType(org.keycloak.dom.saml.v2.assertion.AttributeType)
AttributeStatementType(org.keycloak.dom.saml.v2.assertion.AttributeStatementType)
Example 33 with AttributeType
use of org.keycloak.dom.saml.v2.assertion.AttributeType in project keycloak by keycloak.
the class ScriptBasedMapper method transformAttributeStatement.
/**
* This method attaches one or many attributes to the passed attribute statement.
* To obtain the attribute values, it executes the mapper's script and returns attaches the returned value to the
* attribute.
* If the returned attribute is an Array or is iterable, the mapper will either return multiple attributes, or an
* attribute with multiple values. The variant chosen depends on the configuration of the mapper
*
* @param attributeStatement The attribute statements to be added to a token
* @param mappingModel The mapping model reflects the values that are actually input in the GUI
* @param session The current session
* @param userSession The current user session
* @param clientSession The current client session
*/
@Override
public void transformAttributeStatement(AttributeStatementType attributeStatement, ProtocolMapperModel mappingModel, KeycloakSession session, UserSessionModel userSession, AuthenticatedClientSessionModel clientSession) {
UserModel user = userSession.getUser();
String scriptSource = mappingModel.getConfig().get(ProviderConfigProperty.SCRIPT_TYPE);
RealmModel realm = userSession.getRealm();
String single = mappingModel.getConfig().get(SINGLE_VALUE_ATTRIBUTE);
boolean singleAttribute = Boolean.parseBoolean(single);
ScriptingProvider scripting = session.getProvider(ScriptingProvider.class);
ScriptModel scriptModel = scripting.createScript(realm.getId(), ScriptModel.TEXT_JAVASCRIPT, "attribute-mapper-script_" + mappingModel.getName(), scriptSource, null);
EvaluatableScriptAdapter script = scripting.prepareEvaluatableScript(scriptModel);
Object attributeValue;
try {
attributeValue = script.eval((bindings) -> {
bindings.put("user", user);
bindings.put("realm", realm);
bindings.put("clientSession", clientSession);
bindings.put("userSession", userSession);
bindings.put("keycloakSession", session);
});
// If the result is a an array or is iterable, get all values
if (attributeValue.getClass().isArray()) {
attributeValue = Arrays.asList((Object[]) attributeValue);
}
if (attributeValue instanceof Iterable) {
if (singleAttribute) {
AttributeType singleAttributeType = AttributeStatementHelper.createAttributeType(mappingModel);
attributeStatement.addAttribute(new AttributeStatementType.ASTChoiceType(singleAttributeType));
for (Object value : (Iterable) attributeValue) {
singleAttributeType.addAttributeValue(value);
}
} else {
for (Object value : (Iterable) attributeValue) {
AttributeStatementHelper.addAttribute(attributeStatement, mappingModel, value.toString());
}
}
} else {
// single value case
AttributeStatementHelper.addAttribute(attributeStatement, mappingModel, attributeValue.toString());
}
} catch (Exception ex) {
LOGGER.error("Error during execution of ProtocolMapper script", ex);
AttributeStatementHelper.addAttribute(attributeStatement, mappingModel, null);
}
}
Also used :
AttributeStatementType(org.keycloak.dom.saml.v2.assertion.AttributeStatementType)
EvaluatableScriptAdapter(org.keycloak.scripting.EvaluatableScriptAdapter)
java.util(java.util)
ProtocolMapperConfigException(org.keycloak.protocol.ProtocolMapperConfigException)
ScriptingProvider(org.keycloak.scripting.ScriptingProvider)
ScriptCompilationException(org.keycloak.scripting.ScriptCompilationException)
Logger(org.jboss.logging.Logger)
org.keycloak.models(org.keycloak.models)
ProviderConfigProperty(org.keycloak.provider.ProviderConfigProperty)
AttributeType(org.keycloak.dom.saml.v2.assertion.AttributeType)
AttributeStatementType(org.keycloak.dom.saml.v2.assertion.AttributeStatementType)
ProtocolMapperConfigException(org.keycloak.protocol.ProtocolMapperConfigException)
ScriptCompilationException(org.keycloak.scripting.ScriptCompilationException)
ScriptingProvider(org.keycloak.scripting.ScriptingProvider)
AttributeType(org.keycloak.dom.saml.v2.assertion.AttributeType)
EvaluatableScriptAdapter(org.keycloak.scripting.EvaluatableScriptAdapter)
Example 34 with AttributeType
use of org.keycloak.dom.saml.v2.assertion.AttributeType in project keycloak by keycloak.
the class SAMLAttributeParserTest method parsesAttributeElementWithKnownAndX509_ENCODINGAttributesCorrectly.
@Test
public void parsesAttributeElementWithKnownAndX509_ENCODINGAttributesCorrectly() throws Exception {
String nameFormatValue = "urn:oasis:names:tc:SAML:2.0:attrname-format:uri";
String nameValue = "urn:oid:2.5.4.42";
String friendlyNameValue = "givenName";
String encodingValue = "LDAP";
String x500Namespace = "urn:oasis:names:tc:SAML:2.0:profiles:attribute:X500";
AttributeType attributeType = parseAttributeElement(String.format(//
"<saml:Attribute xmlns:x500=\"%s\" " + //
"NameFormat=\"%s\" Name=\"%s\" FriendlyName=\"%s\" x500:Encoding=\"%s\"/>", //
x500Namespace, nameFormatValue, nameValue, friendlyNameValue, encodingValue));
Assert.assertEquals(nameFormatValue, attributeType.getNameFormat());
Assert.assertEquals(nameValue, attributeType.getName());
Assert.assertEquals(friendlyNameValue, attributeType.getFriendlyName());
Assert.assertTrue("Other attributes should not be empty", !attributeType.getOtherAttributes().isEmpty());
Assert.assertEquals(encodingValue, attributeType.getOtherAttributes().get(new QName(x500Namespace, "Encoding")));
}
Also used :
AttributeType(org.keycloak.dom.saml.v2.assertion.AttributeType)
QName(javax.xml.namespace.QName)
Test(org.junit.Test)
Example 35 with AttributeType
use of org.keycloak.dom.saml.v2.assertion.AttributeType in project keycloak by keycloak.
the class SAMLAttributeParserTest method parsesAttributeElementWithKnownAttributesCorrectly.
@Test
public void parsesAttributeElementWithKnownAttributesCorrectly() throws Exception {
String nameFormatValue = "urn:oasis:names:tc:SAML:2.0:attrname-format:uri";
String nameValue = "urn:oid:2.5.4.42";
String friendlyNameValue = "givenName";
AttributeType attributeType = parseAttributeElement("<saml:Attribute NameFormat=\"" + nameFormatValue + "\" Name=\"" + nameValue + "\" FriendlyName=\"" + friendlyNameValue + "\"/>");
Assert.assertEquals(nameFormatValue, attributeType.getNameFormat());
Assert.assertEquals(nameValue, attributeType.getName());
Assert.assertEquals(friendlyNameValue, attributeType.getFriendlyName());
Assert.assertTrue("Other attributes should be empty", attributeType.getOtherAttributes().isEmpty());
}
Also used :
AttributeType(org.keycloak.dom.saml.v2.assertion.AttributeType)
Test(org.junit.Test)
Aggregations
AttributeType (org.keycloak.dom.saml.v2.assertion.AttributeType)42
AttributeStatementType (org.keycloak.dom.saml.v2.assertion.AttributeStatementType)24
Test (org.junit.Test)17
AssertionType (org.keycloak.dom.saml.v2.assertion.AssertionType)13
ASTChoiceType (org.keycloak.dom.saml.v2.assertion.AttributeStatementType.ASTChoiceType)12
RequestedAttributeType (org.keycloak.dom.saml.v2.metadata.RequestedAttributeType)10
QName (javax.xml.namespace.QName)9
Element (org.w3c.dom.Element)9
Matchers.containsString (org.hamcrest.Matchers.containsString)8
StatementAbstractType (org.keycloak.dom.saml.v2.assertion.StatementAbstractType)8
ResponseType (org.keycloak.dom.saml.v2.protocol.ResponseType)8
SAML2Object (org.keycloak.dom.saml.v2.SAML2Object)7
NameIDType (org.keycloak.dom.saml.v2.assertion.NameIDType)7
JBossSAMLURIConstants (org.keycloak.saml.common.constants.JBossSAMLURIConstants)7
SamlClientBuilder (org.keycloak.testsuite.util.SamlClientBuilder)7
URI (java.net.URI)6
HashMap (java.util.HashMap)6
Set (java.util.Set)6
Collectors (java.util.stream.Collectors)6
Assert.assertThat (org.junit.Assert.assertThat)6
