Examples with XMLObject org.opensaml.core.xml.XMLObject used on opensource projects

Search in sources :

Example 61 with XMLObject

use of org.opensaml.core.xml.XMLObject in project cxf by apache.

the class SAMLProviderActAsTest method testDefaultSaml1ActAsUsernameToken.

/**
 * Create a default Saml1 Bearer Assertion with ActAs from a UsernameToken
 */
@org.junit.Test
public void testDefaultSaml1ActAsUsernameToken() throws Exception {
    TokenProvider samlTokenProvider = new SAMLTokenProvider();
    UsernameTokenType usernameToken = new UsernameTokenType();
    AttributedString username = new AttributedString();
    username.setValue("bob");
    usernameToken.setUsername(username);
    JAXBElement<UsernameTokenType> usernameTokenType = new JAXBElement<UsernameTokenType>(QNameConstants.USERNAME_TOKEN, UsernameTokenType.class, usernameToken);
    TokenProviderParameters providerParameters = createProviderParameters(WSS4JConstants.WSS_SAML_TOKEN_TYPE, STSConstants.BEARER_KEY_KEYTYPE, usernameTokenType);
    // Principal must be set in ReceivedToken/ActAs
    providerParameters.getTokenRequirements().getActAs().setPrincipal(new CustomTokenPrincipal(username.getValue()));
    assertTrue(samlTokenProvider.canHandleToken(WSS4JConstants.WSS_SAML_TOKEN_TYPE));
    TokenProviderResponse providerResponse = samlTokenProvider.createToken(providerParameters);
    assertNotNull(providerResponse);
    assertTrue(providerResponse.getToken() != null && providerResponse.getTokenId() != null);
    // Verify the token
    Element token = (Element) providerResponse.getToken();
    SamlAssertionWrapper assertion = new SamlAssertionWrapper(token);
    Assert.assertEquals("technical-user", assertion.getSubjectName());
    boolean foundActAsAttribute = false;
    for (org.opensaml.saml.saml1.core.AttributeStatement attributeStatement : assertion.getSaml1().getAttributeStatements()) {
        for (org.opensaml.saml.saml1.core.Attribute attribute : attributeStatement.getAttributes()) {
            if ("ActAs".equals(attribute.getAttributeName())) {
                for (XMLObject attributeValue : attribute.getAttributeValues()) {
                    Element attributeValueElement = attributeValue.getDOM();
                    String text = attributeValueElement.getTextContent();
                    if (text.contains("bob")) {
                        foundActAsAttribute = true;
                        break;
                    }
                }
            }
        }
    }
    assertTrue(foundActAsAttribute);
}
Also used : UsernameTokenType(org.apache.cxf.ws.security.sts.provider.model.secext.UsernameTokenType) JAXBElement(javax.xml.bind.JAXBElement) Element(org.w3c.dom.Element) SamlAssertionWrapper(org.apache.wss4j.common.saml.SamlAssertionWrapper) XMLObject(org.opensaml.core.xml.XMLObject) JAXBElement(javax.xml.bind.JAXBElement) AttributedString(org.apache.cxf.ws.security.sts.provider.model.secext.AttributedString) CustomTokenPrincipal(org.apache.wss4j.common.principal.CustomTokenPrincipal) AttributedString(org.apache.cxf.ws.security.sts.provider.model.secext.AttributedString)

Example 62 with XMLObject

use of org.opensaml.core.xml.XMLObject in project verify-hub by alphagov.

the class AuthnRequestFactory method anInvalidAuthnRequest.

public String anInvalidAuthnRequest(String id, String issuer, Optional<Boolean> forceAuthentication, Optional<URI> assertionConsumerServiceUrl, Optional<Integer> assertionConsumerServiceIndex, String publicCert, String privateKey, String ssoRequestEndpoint, Optional<DateTime> issueInstant) {
    // Pad ID to ensure request is long enough
    AuthnRequest authnRequest = getAuthnRequest(StringUtils.rightPad(id, 1200, "x"), issuer, forceAuthentication, assertionConsumerServiceUrl, assertionConsumerServiceIndex, publicCert, privateKey, ssoRequestEndpoint, issueInstant);
    authnRequest.setSignature(null);
    // Use a different transformer to ensure that no Signature elements are added
    XmlObjectToBase64EncodedStringTransformer<XMLObject> transformer = new XmlObjectToBase64EncodedStringTransformer<>();
    return transformer.apply(authnRequest);
}
Also used : AuthnRequest(org.opensaml.saml.saml2.core.AuthnRequest) XMLObject(org.opensaml.core.xml.XMLObject) XmlObjectToBase64EncodedStringTransformer(uk.gov.ida.saml.serializers.XmlObjectToBase64EncodedStringTransformer)

Example 63 with XMLObject

use of org.opensaml.core.xml.XMLObject in project verify-hub by alphagov.

the class HubAttributeQueryRequestToSamlAttributeQueryTransformerTest method transform_shouldOnlyIncludeCycle3Unencrypted.

@Test
public void transform_shouldOnlyIncludeCycle3Unencrypted() {
    final HubAssertion cycle3DataAssertion = aHubAssertion().build();
    HubAttributeQueryRequest originalQuery = aHubAttributeQueryRequest().withCycle3DataAssertion(cycle3DataAssertion).build();
    AttributeQuery transformedQuery = transformer.apply(originalQuery);
    List<XMLObject> unknownXMLObjects = transformedQuery.getSubject().getSubjectConfirmations().get(0).getSubjectConfirmationData().getUnknownXMLObjects(Assertion.DEFAULT_ELEMENT_NAME);
    assertThat(unknownXMLObjects.size()).isEqualTo(1);
    assertThat(((Assertion) unknownXMLObjects.get(0)).getID()).isEqualTo(cycle3DataAssertion.getId());
}
Also used : AttributeQuery(org.opensaml.saml.saml2.core.AttributeQuery) EncryptedAssertion(org.opensaml.saml.saml2.core.EncryptedAssertion) HubAssertionBuilder.aHubAssertion(uk.gov.ida.saml.core.test.builders.HubAssertionBuilder.aHubAssertion) PassthroughAssertionBuilder.aPassthroughAssertion(uk.gov.ida.saml.core.test.builders.PassthroughAssertionBuilder.aPassthroughAssertion) HubAssertion(uk.gov.ida.saml.core.domain.HubAssertion) Assertion(org.opensaml.saml.saml2.core.Assertion) XMLObject(org.opensaml.core.xml.XMLObject) HubAttributeQueryRequestBuilder.aHubAttributeQueryRequest(uk.gov.ida.saml.hub.test.builders.HubAttributeQueryRequestBuilder.aHubAttributeQueryRequest) HubAttributeQueryRequest(uk.gov.ida.saml.hub.domain.HubAttributeQueryRequest) HubAssertionBuilder.aHubAssertion(uk.gov.ida.saml.core.test.builders.HubAssertionBuilder.aHubAssertion) HubAssertion(uk.gov.ida.saml.core.domain.HubAssertion) Test(org.junit.jupiter.api.Test)

Example 64 with XMLObject

use of org.opensaml.core.xml.XMLObject in project verify-hub by alphagov.

the class HubAttributeQueryRequestToSamlAttributeQueryTransformerTest method transform_shouldContainBothMdsAndAuthnAssertionsEncrypted.

@Test
public void transform_shouldContainBothMdsAndAuthnAssertionsEncrypted() {
    HubAttributeQueryRequest originalQuery = aHubAttributeQueryRequest().withEncryptedMatchingDatasetAssertion(ENCRYPTED_MDS_ASSERTION).withEncryptedAuthnAssertion(ENCRYPTED_AUTHN_ASSERTION).build();
    final EncryptedAssertion value1 = new EncryptedAssertionBuilder().buildObject();
    final EncryptedAssertion value2 = new EncryptedAssertionBuilder().buildObject();
    when(encryptedAssertionUnmarshaller.transform(ENCRYPTED_MDS_ASSERTION)).thenReturn(value1);
    when(encryptedAssertionUnmarshaller.transform(ENCRYPTED_AUTHN_ASSERTION)).thenReturn(value2);
    AttributeQuery transformedQuery = transformer.apply(originalQuery);
    List<XMLObject> encryptedAssertions = transformedQuery.getSubject().getSubjectConfirmations().get(0).getSubjectConfirmationData().getUnknownXMLObjects(EncryptedAssertion.DEFAULT_ELEMENT_NAME);
    assertThat(encryptedAssertions.size()).isEqualTo(2);
    assertThat(encryptedAssertions).contains(value1, value2);
}
Also used : AttributeQuery(org.opensaml.saml.saml2.core.AttributeQuery) EncryptedAssertion(org.opensaml.saml.saml2.core.EncryptedAssertion) EncryptedAssertionBuilder(org.opensaml.saml.saml2.core.impl.EncryptedAssertionBuilder) XMLObject(org.opensaml.core.xml.XMLObject) HubAttributeQueryRequestBuilder.aHubAttributeQueryRequest(uk.gov.ida.saml.hub.test.builders.HubAttributeQueryRequestBuilder.aHubAttributeQueryRequest) HubAttributeQueryRequest(uk.gov.ida.saml.hub.domain.HubAttributeQueryRequest) Test(org.junit.jupiter.api.Test)

Example 65 with XMLObject

use of org.opensaml.core.xml.XMLObject in project verify-hub by alphagov.

the class MatchingDatasetAssertionValidator method validateAttribute.

private void validateAttribute(Attribute attribute) {
    String attributeName = attribute.getName();
    if (!VALID_ATTRIBUTE_NAMES_1_1.contains(attributeName))
        throw new SamlValidationException(mdsAttributeNotRecognised(attributeName));
    List<XMLObject> attributeValues = attribute.getAttributeValues();
    if (attributeValues.isEmpty())
        throw new SamlValidationException(emptyAttribute(attributeName));
    QName schemaType = attributeValues.get(0).getSchemaType();
    if (!VALID_TYPE_FOR_ATTRIBUTE.get(attributeName).equals(schemaType))
        throw new SamlValidationException(attributeWithIncorrectType(attributeName, VALID_TYPE_FOR_ATTRIBUTE.get(attributeName), schemaType));
    if (!VALID_ATTRIBUTE_NAME_FORMATS.contains(attribute.getNameFormat()))
        warn(invalidAttributeNameFormat(attribute.getNameFormat()));
}
Also used : SamlValidationException(uk.gov.ida.saml.hub.exception.SamlValidationException) QName(javax.xml.namespace.QName) XMLObject(org.opensaml.core.xml.XMLObject)

Aggregations

XMLObject (org.opensaml.core.xml.XMLObject)68 Element (org.w3c.dom.Element)27 WSSecurityException (org.apache.wss4j.common.ext.WSSecurityException)21 Document (org.w3c.dom.Document)21 ByteArrayInputStream (java.io.ByteArrayInputStream)19 Attribute (org.opensaml.saml.saml2.core.Attribute)14 AttributeStatement (org.opensaml.saml.saml2.core.AttributeStatement)10 IOException (java.io.IOException)9 SamlAssertionWrapper (org.apache.wss4j.common.saml.SamlAssertionWrapper)9 ArrayList (java.util.ArrayList)8 Test (org.junit.Test)8 XSString (org.opensaml.core.xml.schema.XSString)7 Assertion (org.opensaml.saml.saml2.core.Assertion)7 AuthnRequest (org.opensaml.saml.saml2.core.AuthnRequest)7 HashMap (java.util.HashMap)6 List (java.util.List)6 XMLStreamException (javax.xml.stream.XMLStreamException)6 InputStream (java.io.InputStream)5 InputStreamReader (java.io.InputStreamReader)5 LogoutSecurityException (ddf.security.samlp.LogoutSecurityException)4
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial