Example 11 with ExtensionsType
use of org.keycloak.dom.saml.v2.protocol.ExtensionsType in project keycloak by keycloak.
the class SAML2LoginResponseBuilder method buildModel.
public ResponseType buildModel() throws ConfigurationException, ProcessingException {
ResponseType responseType = null;
SAML2Response saml2Response = new SAML2Response();
// Create a response type
String id = IDGenerator.create("ID_");
IssuerInfoHolder issuerHolder = new IssuerInfoHolder(issuer);
issuerHolder.setStatusCode(JBossSAMLURIConstants.STATUS_SUCCESS.get());
IDPInfoHolder idp = new IDPInfoHolder();
idp.setNameIDFormatValue(nameId);
idp.setNameIDFormat(nameIdFormat);
SPInfoHolder sp = new SPInfoHolder();
sp.setResponseDestinationURI(destination);
sp.setRequestID(requestID);
sp.setIssuer(requestIssuer);
responseType = saml2Response.createResponseType(id, sp, idp, issuerHolder);
AssertionType assertion = responseType.getAssertions().get(0).getAssertion();
// Add request issuer as the audience restriction
AudienceRestrictionType audience = new AudienceRestrictionType();
audience.addAudience(URI.create(requestIssuer));
assertion.getConditions().addCondition(audience);
// Update Conditions NotOnOrAfter
if (assertionExpiration > 0) {
ConditionsType conditions = assertion.getConditions();
conditions.setNotOnOrAfter(XMLTimeUtil.add(conditions.getNotBefore(), assertionExpiration * 1000L));
}
// Update SubjectConfirmationData NotOnOrAfter
if (subjectExpiration > 0) {
SubjectConfirmationDataType subjectConfirmationData = assertion.getSubject().getConfirmation().get(0).getSubjectConfirmationData();
subjectConfirmationData.setNotOnOrAfter(XMLTimeUtil.add(assertion.getConditions().getNotBefore(), subjectExpiration * 1000L));
}
// Create an AuthnStatementType
if (!disableAuthnStatement) {
String authContextRef = JBossSAMLURIConstants.AC_UNSPECIFIED.get();
if (isNotNull(authMethod))
authContextRef = authMethod;
AuthnStatementType authnStatement = StatementUtil.createAuthnStatement(XMLTimeUtil.getIssueInstant(), authContextRef);
if (sessionExpiration > 0)
authnStatement.setSessionNotOnOrAfter(XMLTimeUtil.add(authnStatement.getAuthnInstant(), sessionExpiration * 1000L));
if (sessionIndex != null)
authnStatement.setSessionIndex(sessionIndex);
else
authnStatement.setSessionIndex(assertion.getID());
assertion.addStatement(authnStatement);
}
if (includeOneTimeUseCondition) {
assertion.getConditions().addCondition(new OneTimeUseType());
}
if (!this.extensions.isEmpty()) {
ExtensionsType extensionsType = new ExtensionsType();
for (NodeGenerator extension : this.extensions) {
extensionsType.addExtension(extension);
}
responseType.setExtensions(extensionsType);
}
return responseType;
}
Also used :
AudienceRestrictionType(org.keycloak.dom.saml.v2.assertion.AudienceRestrictionType)
AssertionType(org.keycloak.dom.saml.v2.assertion.AssertionType)
ResponseType(org.keycloak.dom.saml.v2.protocol.ResponseType)
AuthnStatementType(org.keycloak.dom.saml.v2.assertion.AuthnStatementType)
OneTimeUseType(org.keycloak.dom.saml.v2.assertion.OneTimeUseType)
SubjectConfirmationDataType(org.keycloak.dom.saml.v2.assertion.SubjectConfirmationDataType)
SPInfoHolder(org.keycloak.saml.processing.core.saml.v2.holders.SPInfoHolder)
ExtensionsType(org.keycloak.dom.saml.v2.protocol.ExtensionsType)
IssuerInfoHolder(org.keycloak.saml.processing.core.saml.v2.holders.IssuerInfoHolder)
SAML2Response(org.keycloak.saml.processing.api.saml.v2.response.SAML2Response)
ConditionsType(org.keycloak.dom.saml.v2.assertion.ConditionsType)
IDPInfoHolder(org.keycloak.saml.processing.core.saml.v2.holders.IDPInfoHolder)
Example 12 with ExtensionsType
use of org.keycloak.dom.saml.v2.protocol.ExtensionsType in project keycloak by keycloak.
the class SAML2LogoutResponseBuilder method buildModel.
public StatusResponseType buildModel() throws ConfigurationException {
StatusResponseType statusResponse = new StatusResponseType(IDGenerator.create("ID_"), XMLTimeUtil.getIssueInstant());
// Status
StatusType statusType = new StatusType();
StatusCodeType statusCodeType = new StatusCodeType();
statusCodeType.setValue(JBossSAMLURIConstants.STATUS_SUCCESS.getUri());
statusType.setStatusCode(statusCodeType);
statusResponse.setStatus(statusType);
statusResponse.setInResponseTo(logoutRequestID);
statusResponse.setIssuer(issuer);
statusResponse.setDestination(destination);
if (!this.extensions.isEmpty()) {
ExtensionsType extensionsType = new ExtensionsType();
for (NodeGenerator extension : this.extensions) {
extensionsType.addExtension(extension);
}
statusResponse.setExtensions(extensionsType);
}
return statusResponse;
}
Also used :
StatusType(org.keycloak.dom.saml.v2.protocol.StatusType)
ExtensionsType(org.keycloak.dom.saml.v2.protocol.ExtensionsType)
StatusCodeType(org.keycloak.dom.saml.v2.protocol.StatusCodeType)
StatusResponseType(org.keycloak.dom.saml.v2.protocol.StatusResponseType)
Example 13 with ExtensionsType
use of org.keycloak.dom.saml.v2.protocol.ExtensionsType in project keycloak by keycloak.
the class SAMLMetadataWriter method writeAttributeAuthorityDescriptor.
public void writeAttributeAuthorityDescriptor(AttributeAuthorityDescriptorType attributeAuthority) throws ProcessingException {
StaxUtil.writeStartElement(writer, METADATA_PREFIX, JBossSAMLConstants.ATTRIBUTE_AUTHORITY_DESCRIPTOR.get(), JBossSAMLURIConstants.METADATA_NSURI.get());
writeProtocolSupportEnumeration(attributeAuthority.getProtocolSupportEnumeration());
Element signature = attributeAuthority.getSignature();
if (signature != null) {
StaxUtil.writeDOMElement(writer, signature);
}
ExtensionsType extensions = attributeAuthority.getExtensions();
if (extensions != null) {
write(extensions);
}
List<KeyDescriptorType> keyDescriptorList = attributeAuthority.getKeyDescriptor();
for (KeyDescriptorType keyDescriptor : keyDescriptorList) {
writeKeyDescriptor(keyDescriptor);
}
List<EndpointType> attributeServices = attributeAuthority.getAttributeService();
for (EndpointType endpoint : attributeServices) {
writeAttributeService(endpoint);
}
List<String> nameIDFormats = attributeAuthority.getNameIDFormat();
for (String nameIDFormat : nameIDFormats) {
writeNameIDFormat(nameIDFormat);
}
List<AttributeType> attributes = attributeAuthority.getAttribute();
for (AttributeType attributeType : attributes) {
write(attributeType);
}
StaxUtil.writeEndElement(writer);
StaxUtil.flush(writer);
}
Also used :
AttributeType(org.keycloak.dom.saml.v2.assertion.AttributeType)
RequestedAttributeType(org.keycloak.dom.saml.v2.metadata.RequestedAttributeType)
Element(org.w3c.dom.Element)
ExtensionsType(org.keycloak.dom.saml.v2.metadata.ExtensionsType)
EndpointType(org.keycloak.dom.saml.v2.metadata.EndpointType)
IndexedEndpointType(org.keycloak.dom.saml.v2.metadata.IndexedEndpointType)
KeyDescriptorType(org.keycloak.dom.saml.v2.metadata.KeyDescriptorType)
Example 14 with ExtensionsType
use of org.keycloak.dom.saml.v2.protocol.ExtensionsType in project keycloak by keycloak.
the class SAMLMetadataWriter method writeEntitiesDescriptor.
public void writeEntitiesDescriptor(EntitiesDescriptorType entities) throws ProcessingException {
StaxUtil.writeStartElement(writer, METADATA_PREFIX, JBossSAMLConstants.ENTITIES_DESCRIPTOR.get(), JBossSAMLURIConstants.METADATA_NSURI.get());
StaxUtil.writeDefaultNameSpace(writer, JBossSAMLURIConstants.METADATA_NSURI.get());
StaxUtil.writeNameSpace(writer, "md", JBossSAMLURIConstants.METADATA_NSURI.get());
StaxUtil.writeNameSpace(writer, "saml", JBossSAMLURIConstants.ASSERTION_NSURI.get());
StaxUtil.writeNameSpace(writer, "ds", JBossSAMLURIConstants.XMLDSIG_NSURI.get());
if (entities.getValidUntil() != null) {
StaxUtil.writeAttribute(writer, JBossSAMLConstants.VALID_UNTIL.get(), entities.getValidUntil().toString());
}
if (entities.getID() != null) {
StaxUtil.writeAttribute(writer, JBossSAMLConstants.ID.get(), entities.getID());
}
if (entities.getName() != null) {
StaxUtil.writeAttribute(writer, JBossSAMLConstants.NAME.get(), entities.getName());
}
Element signature = entities.getSignature();
if (signature != null) {
StaxUtil.writeDOMElement(writer, signature);
}
ExtensionsType extensions = entities.getExtensions();
if (extensions != null) {
write(extensions);
}
List<Object> entityDescriptors = entities.getEntityDescriptor();
for (Object ed : entityDescriptors) {
if (ed instanceof EntityDescriptorType) {
writeEntityDescriptor((EntityDescriptorType) ed);
} else
writeEntitiesDescriptor((EntitiesDescriptorType) ed);
}
StaxUtil.writeEndElement(writer);
StaxUtil.flush(writer);
}
Also used :
EntitiesDescriptorType(org.keycloak.dom.saml.v2.metadata.EntitiesDescriptorType)
Element(org.w3c.dom.Element)
ExtensionsType(org.keycloak.dom.saml.v2.metadata.ExtensionsType)
EntityDescriptorType(org.keycloak.dom.saml.v2.metadata.EntityDescriptorType)
Example 15 with ExtensionsType
use of org.keycloak.dom.saml.v2.protocol.ExtensionsType in project keycloak by keycloak.
the class SAMLMetadataWriter method write.
public void write(ContactType contact) throws ProcessingException {
StaxUtil.writeStartElement(writer, METADATA_PREFIX, JBossSAMLConstants.CONTACT_PERSON.get(), JBossSAMLURIConstants.METADATA_NSURI.get());
ContactTypeType attribs = contact.getContactType();
StaxUtil.writeAttribute(writer, JBossSAMLConstants.CONTACT_TYPE.get(), attribs.value());
ExtensionsType extensions = contact.getExtensions();
if (extensions != null) {
write(extensions);
}
// Write the name
String company = contact.getCompany();
if (company != null) {
StaxUtil.writeStartElement(writer, METADATA_PREFIX, JBossSAMLConstants.COMPANY.get(), JBossSAMLURIConstants.METADATA_NSURI.get());
StaxUtil.writeCharacters(writer, company);
StaxUtil.writeEndElement(writer);
}
String givenName = contact.getGivenName();
if (givenName != null) {
StaxUtil.writeStartElement(writer, METADATA_PREFIX, JBossSAMLConstants.GIVEN_NAME.get(), JBossSAMLURIConstants.METADATA_NSURI.get());
StaxUtil.writeCharacters(writer, givenName);
StaxUtil.writeEndElement(writer);
}
String surName = contact.getSurName();
if (surName != null) {
StaxUtil.writeStartElement(writer, METADATA_PREFIX, JBossSAMLConstants.SURNAME.get(), JBossSAMLURIConstants.METADATA_NSURI.get());
StaxUtil.writeCharacters(writer, surName);
StaxUtil.writeEndElement(writer);
}
List<String> emailAddresses = contact.getEmailAddress();
for (String email : emailAddresses) {
StaxUtil.writeStartElement(writer, METADATA_PREFIX, JBossSAMLConstants.EMAIL_ADDRESS.get(), JBossSAMLURIConstants.METADATA_NSURI.get());
StaxUtil.writeCharacters(writer, email);
StaxUtil.writeEndElement(writer);
}
List<String> tels = contact.getTelephoneNumber();
for (String telephone : tels) {
StaxUtil.writeStartElement(writer, METADATA_PREFIX, JBossSAMLConstants.TELEPHONE_NUMBER.get(), JBossSAMLURIConstants.METADATA_NSURI.get());
StaxUtil.writeCharacters(writer, telephone);
StaxUtil.writeEndElement(writer);
}
StaxUtil.writeEndElement(writer);
StaxUtil.flush(writer);
}
Also used :
ExtensionsType(org.keycloak.dom.saml.v2.metadata.ExtensionsType)
ContactTypeType(org.keycloak.dom.saml.v2.metadata.ContactTypeType)
Aggregations
ExtensionsType (org.keycloak.dom.saml.v2.protocol.ExtensionsType)12
Element (org.w3c.dom.Element)10
QName (javax.xml.namespace.QName)8
NameIDType (org.keycloak.dom.saml.v2.assertion.NameIDType)7
ExtensionsType (org.keycloak.dom.saml.v2.metadata.ExtensionsType)5
URI (java.net.URI)4
ResponseType (org.keycloak.dom.saml.v2.protocol.ResponseType)4
StatusResponseType (org.keycloak.dom.saml.v2.protocol.StatusResponseType)4
StatusType (org.keycloak.dom.saml.v2.protocol.StatusType)4
ASSERTION_NSURI (org.keycloak.saml.common.constants.JBossSAMLURIConstants.ASSERTION_NSURI)4
PROTOCOL_NSURI (org.keycloak.saml.common.constants.JBossSAMLURIConstants.PROTOCOL_NSURI)4
AssertionType (org.keycloak.dom.saml.v2.assertion.AssertionType)2
AttributeType (org.keycloak.dom.saml.v2.assertion.AttributeType)2
SubjectType (org.keycloak.dom.saml.v2.assertion.SubjectType)2
EntityDescriptorType (org.keycloak.dom.saml.v2.metadata.EntityDescriptorType)2
ArtifactResponseType (org.keycloak.dom.saml.v2.protocol.ArtifactResponseType)2
AuthnRequestType (org.keycloak.dom.saml.v2.protocol.AuthnRequestType)2
LogoutRequestType (org.keycloak.dom.saml.v2.protocol.LogoutRequestType)2
ProcessingException (org.keycloak.saml.common.exceptions.ProcessingException)2
SAML2Response (org.keycloak.saml.processing.api.saml.v2.response.SAML2Response)2
