Search in sources :

Example 31 with XMLObject

use of org.opensaml.core.xml.XMLObject in project ddf by codice.

the class SimpleSignTest method testSignSamlObjectThenModify.

@Test(expected = SimpleSign.SignatureException.class)
public void testSignSamlObjectThenModify() throws Exception {
    Document responseDoc = StaxUtils.read(new ByteArrayInputStream(cannedResponse.getBytes()));
    XMLObject responseXmlObject = OpenSAMLUtil.fromDom(responseDoc.getDocumentElement());
    org.opensaml.saml.saml2.core.Response response = (org.opensaml.saml.saml2.core.Response) responseXmlObject;
    simpleSign.signSamlObject(response);
    Document doc = DOMUtils.createDocument();
    Element requestElement = OpenSAMLUtil.toDom(response, doc);
    requestElement.setAttribute("oops", "changedit");
    String responseMessage = DOM2Writer.nodeToString(requestElement);
    responseDoc = StaxUtils.read(new ByteArrayInputStream(responseMessage.getBytes()));
    responseXmlObject = OpenSAMLUtil.fromDom(responseDoc.getDocumentElement());
    response = (org.opensaml.saml.saml2.core.Response) responseXmlObject;
    simpleSign.validateSignature(response.getSignature(), response.getDOM().getOwnerDocument());
}
Also used : ByteArrayInputStream(java.io.ByteArrayInputStream) Element(org.w3c.dom.Element) XMLObject(org.opensaml.core.xml.XMLObject) Document(org.w3c.dom.Document) Test(org.junit.Test)

Example 32 with XMLObject

use of org.opensaml.core.xml.XMLObject in project ddf by codice.

the class SimpleSignTest method testSignSamlObject.

@Test
public void testSignSamlObject() throws Exception {
    Document responseDoc = StaxUtils.read(new ByteArrayInputStream(cannedResponse.getBytes()));
    XMLObject responseXmlObject = OpenSAMLUtil.fromDom(responseDoc.getDocumentElement());
    org.opensaml.saml.saml2.core.Response response = (org.opensaml.saml.saml2.core.Response) responseXmlObject;
    simpleSign.signSamlObject(response);
    Document doc = DOMUtils.createDocument();
    Element requestElement = OpenSAMLUtil.toDom(response, doc);
    String responseMessage = DOM2Writer.nodeToString(requestElement);
    responseDoc = StaxUtils.read(new ByteArrayInputStream(responseMessage.getBytes()));
    responseXmlObject = OpenSAMLUtil.fromDom(responseDoc.getDocumentElement());
    response = (org.opensaml.saml.saml2.core.Response) responseXmlObject;
    simpleSign.validateSignature(response.getSignature(), response.getDOM().getOwnerDocument());
}
Also used : ByteArrayInputStream(java.io.ByteArrayInputStream) Element(org.w3c.dom.Element) XMLObject(org.opensaml.core.xml.XMLObject) Document(org.w3c.dom.Document) Test(org.junit.Test)

Example 33 with XMLObject

use of org.opensaml.core.xml.XMLObject in project ddf by codice.

the class LogoutMessageImpl method extract.

private <T extends SAMLObject> T extract(@NotNull String samlObject, @NotNull Class<T> clazz) throws WSSecurityException, XMLStreamException {
    Document responseDoc = StaxUtils.read(new ByteArrayInputStream(samlObject.getBytes(StandardCharsets.UTF_8)));
    XMLObject responseXmlObject = OpenSAMLUtil.fromDom(responseDoc.getDocumentElement());
    if (clazz.isAssignableFrom(responseXmlObject.getClass())) {
        return clazz.cast(responseXmlObject);
    }
    return null;
}
Also used : ByteArrayInputStream(java.io.ByteArrayInputStream) XMLObject(org.opensaml.core.xml.XMLObject) Document(org.w3c.dom.Document)

Example 34 with XMLObject

use of org.opensaml.core.xml.XMLObject in project ddf by codice.

the class SecurityAssertionImpl method getPrincipals.

@Override
public Set<Principal> getPrincipals() {
    Set<Principal> principals = new HashSet<>();
    Principal primary = getPrincipal();
    principals.add(primary);
    principals.add(new RolePrincipal(primary.getName()));
    for (AttributeStatement attributeStatement : getAttributeStatements()) {
        for (Attribute attr : attributeStatement.getAttributes()) {
            if (StringUtils.containsIgnoreCase(attr.getName(), "role")) {
                for (final XMLObject obj : attr.getAttributeValues()) {
                    principals.add(new RolePrincipal(((XSString) obj).getValue()));
                }
            }
        }
    }
    return principals;
}
Also used : Attribute(org.opensaml.saml.saml2.core.Attribute) EncryptedAttribute(org.opensaml.saml.saml2.core.EncryptedAttribute) AttributeStatement(org.opensaml.saml.saml2.core.AttributeStatement) XMLObject(org.opensaml.core.xml.XMLObject) XSString(org.opensaml.core.xml.schema.XSString) RolePrincipal(org.apache.karaf.jaas.boot.principal.RolePrincipal) KerberosPrincipal(javax.security.auth.kerberos.KerberosPrincipal) Principal(java.security.Principal) X500Principal(javax.security.auth.x500.X500Principal) GuestPrincipal(ddf.security.principal.GuestPrincipal) RolePrincipal(org.apache.karaf.jaas.boot.principal.RolePrincipal) HashSet(java.util.HashSet)

Example 35 with XMLObject

use of org.opensaml.core.xml.XMLObject in project ddf by codice.

the class MetadataConfigurationParser method readEntityDescriptor.

private EntityDescriptor readEntityDescriptor(Reader reader) {
    Document entityDoc;
    try {
        entityDoc = StaxUtils.read(reader);
    } catch (Exception ex) {
        throw new IllegalArgumentException("Unable to read SAMLRequest as XML.");
    }
    XMLObject entityXmlObj;
    try {
        entityXmlObj = OpenSAMLUtil.fromDom(entityDoc.getDocumentElement());
    } catch (WSSecurityException ex) {
        throw new IllegalArgumentException("Unable to convert EntityDescriptor document to XMLObject.");
    }
    return (EntityDescriptor) entityXmlObj;
}
Also used : EntityDescriptor(org.opensaml.saml.saml2.metadata.EntityDescriptor) XMLObject(org.opensaml.core.xml.XMLObject) WSSecurityException(org.apache.wss4j.common.ext.WSSecurityException) Document(org.w3c.dom.Document) NoSuchFileException(java.nio.file.NoSuchFileException) WSSecurityException(org.apache.wss4j.common.ext.WSSecurityException) IOException(java.io.IOException)

Aggregations

XMLObject (org.opensaml.core.xml.XMLObject)68 Element (org.w3c.dom.Element)27 WSSecurityException (org.apache.wss4j.common.ext.WSSecurityException)21 Document (org.w3c.dom.Document)21 ByteArrayInputStream (java.io.ByteArrayInputStream)19 Attribute (org.opensaml.saml.saml2.core.Attribute)14 AttributeStatement (org.opensaml.saml.saml2.core.AttributeStatement)10 IOException (java.io.IOException)9 SamlAssertionWrapper (org.apache.wss4j.common.saml.SamlAssertionWrapper)9 ArrayList (java.util.ArrayList)8 Test (org.junit.Test)8 XSString (org.opensaml.core.xml.schema.XSString)7 Assertion (org.opensaml.saml.saml2.core.Assertion)7 AuthnRequest (org.opensaml.saml.saml2.core.AuthnRequest)7 HashMap (java.util.HashMap)6 List (java.util.List)6 XMLStreamException (javax.xml.stream.XMLStreamException)6 InputStream (java.io.InputStream)5 InputStreamReader (java.io.InputStreamReader)5 LogoutSecurityException (ddf.security.samlp.LogoutSecurityException)4