Example 1 with XSString
use of org.opensaml.core.xml.schema.XSString in project ddf by codice.
the class SubjectUtils method getAttribute.
/**
* Get any attribute from a subject by key.
*
* @param subject
* @param key
* @return attribute values or an empty list if not found.
*/
public static List<String> getAttribute(@Nullable Subject subject, String key) {
Validate.notNull(key);
if (subject == null) {
LOGGER.debug("Incoming subject was null, cannot look up {}.", key);
return Collections.emptyList();
}
PrincipalCollection principals = subject.getPrincipals();
if (principals == null) {
LOGGER.debug("No principals located in the incoming subject, cannot look up {}.", key);
return Collections.emptyList();
}
SecurityAssertion assertion = principals.oneByType(SecurityAssertion.class);
if (assertion == null) {
LOGGER.debug("Could not find Security Assertion, cannot look up {}.", key);
return Collections.emptyList();
}
return assertion.getAttributeStatements().stream().flatMap(as -> as.getAttributes().stream()).filter(a -> a.getName().equals(key)).flatMap(a -> a.getAttributeValues().stream()).filter(o -> o instanceof XSString).map(o -> (XSString) o).map(XSString::getValue).collect(Collectors.toList());
}
Also used :
Arrays(java.util.Arrays)
X500Principal(javax.security.auth.x500.X500Principal)
SortedSet(java.util.SortedSet)
LoggerFactory(org.slf4j.LoggerFactory)
BCStyle(org.bouncycastle.asn1.x500.style.BCStyle)
TreeSet(java.util.TreeSet)
AttributeTypeAndValue(org.bouncycastle.asn1.x500.AttributeTypeAndValue)
X500Name(org.bouncycastle.asn1.x500.X500Name)
Attribute(org.opensaml.saml.saml2.core.Attribute)
Subject(org.apache.shiro.subject.Subject)
AttributeStatement(org.opensaml.saml.saml2.core.AttributeStatement)
StringTokenizer(java.util.StringTokenizer)
Map(java.util.Map)
PrincipalCollection(org.apache.shiro.subject.PrincipalCollection)
XSString(org.opensaml.core.xml.schema.XSString)
ASN1ObjectIdentifier(org.bouncycastle.asn1.ASN1ObjectIdentifier)
Nullable(javax.annotation.Nullable)
SecurityAssertion(ddf.security.assertion.SecurityAssertion)
Logger(org.slf4j.Logger)
RDN(org.bouncycastle.asn1.x500.RDN)
Predicate(java.util.function.Predicate)
KerberosPrincipal(javax.security.auth.kerberos.KerberosPrincipal)
Collection(java.util.Collection)
Collectors(java.util.stream.Collectors)
GuestPrincipal(ddf.security.principal.GuestPrincipal)
List(java.util.List)
Principal(java.security.Principal)
Collections(java.util.Collections)
Validate(org.apache.commons.lang.Validate)
PrincipalCollection(org.apache.shiro.subject.PrincipalCollection)
XSString(org.opensaml.core.xml.schema.XSString)
SecurityAssertion(ddf.security.assertion.SecurityAssertion)
Example 2 with XSString
use of org.opensaml.core.xml.schema.XSString in project ddf by codice.
the class SecurityAssertionImpl method parseToken.
/**
* Parses the SecurityToken by wrapping within an AssertionWrapper.
*
* @param securityToken SecurityToken
*/
private void parseToken(SecurityToken securityToken) {
XMLStreamReader xmlStreamReader = StaxUtils.createXMLStreamReader(securityToken.getToken());
try {
AttrStatement attributeStatement = null;
AuthenticationStatement authenticationStatement = null;
Attr attribute = null;
int attrs = 0;
while (xmlStreamReader.hasNext()) {
int event = xmlStreamReader.next();
switch(event) {
case XMLStreamConstants.START_ELEMENT:
{
String localName = xmlStreamReader.getLocalName();
switch(localName) {
case NameID.DEFAULT_ELEMENT_LOCAL_NAME:
name = xmlStreamReader.getElementText();
for (int i = 0; i < xmlStreamReader.getAttributeCount(); i++) {
if (xmlStreamReader.getAttributeLocalName(i).equals(NameID.FORMAT_ATTRIB_NAME)) {
nameIDFormat = xmlStreamReader.getAttributeValue(i);
break;
}
}
break;
case AttributeStatement.DEFAULT_ELEMENT_LOCAL_NAME:
attributeStatement = new AttrStatement();
attributeStatements.add(attributeStatement);
break;
case AuthnStatement.DEFAULT_ELEMENT_LOCAL_NAME:
authenticationStatement = new AuthenticationStatement();
authenticationStatements.add(authenticationStatement);
attrs = xmlStreamReader.getAttributeCount();
for (int i = 0; i < attrs; i++) {
String name = xmlStreamReader.getAttributeLocalName(i);
String value = xmlStreamReader.getAttributeValue(i);
if (AuthnStatement.AUTHN_INSTANT_ATTRIB_NAME.equals(name)) {
authenticationStatement.setAuthnInstant(DateTime.parse(value));
}
}
break;
case AuthnContextClassRef.DEFAULT_ELEMENT_LOCAL_NAME:
if (authenticationStatement != null) {
String classValue = xmlStreamReader.getText();
classValue = classValue.trim();
AuthenticationContextClassRef authenticationContextClassRef = new AuthenticationContextClassRef();
authenticationContextClassRef.setAuthnContextClassRef(classValue);
AuthenticationContext authenticationContext = new AuthenticationContext();
authenticationContext.setAuthnContextClassRef(authenticationContextClassRef);
authenticationStatement.setAuthnContext(authenticationContext);
}
break;
case Attribute.DEFAULT_ELEMENT_LOCAL_NAME:
attribute = new Attr();
if (attributeStatement != null) {
attributeStatement.addAttribute(attribute);
}
attrs = xmlStreamReader.getAttributeCount();
for (int i = 0; i < attrs; i++) {
String name = xmlStreamReader.getAttributeLocalName(i);
String value = xmlStreamReader.getAttributeValue(i);
if (Attribute.NAME_ATTTRIB_NAME.equals(name)) {
attribute.setName(value);
} else if (Attribute.NAME_FORMAT_ATTRIB_NAME.equals(name)) {
attribute.setNameFormat(value);
}
}
break;
case AttributeValue.DEFAULT_ELEMENT_LOCAL_NAME:
XSString xsString = new XMLString();
xsString.setValue(xmlStreamReader.getElementText());
if (attribute != null) {
attribute.addAttributeValue(xsString);
}
break;
case Issuer.DEFAULT_ELEMENT_LOCAL_NAME:
issuer = xmlStreamReader.getElementText();
break;
case Conditions.DEFAULT_ELEMENT_LOCAL_NAME:
attrs = xmlStreamReader.getAttributeCount();
for (int i = 0; i < attrs; i++) {
String name = xmlStreamReader.getAttributeLocalName(i);
String value = xmlStreamReader.getAttributeValue(i);
if (Conditions.NOT_BEFORE_ATTRIB_NAME.equals(name)) {
notBefore = DatatypeConverter.parseDateTime(value).getTime();
} else if (Conditions.NOT_ON_OR_AFTER_ATTRIB_NAME.equals(name)) {
notOnOrAfter = DatatypeConverter.parseDateTime(value).getTime();
}
}
break;
case SubjectConfirmation.DEFAULT_ELEMENT_LOCAL_NAME:
attrs = xmlStreamReader.getAttributeCount();
for (int i = 0; i < attrs; i++) {
String name = xmlStreamReader.getAttributeLocalName(i);
String value = xmlStreamReader.getAttributeValue(i);
if (SubjectConfirmation.METHOD_ATTRIB_NAME.equals(name)) {
subjectConfirmations.add(value);
}
}
break;
case Assertion.DEFAULT_ELEMENT_LOCAL_NAME:
attrs = xmlStreamReader.getAttributeCount();
for (int i = 0; i < attrs; i++) {
String name = xmlStreamReader.getAttributeLocalName(i);
String value = xmlStreamReader.getAttributeValue(i);
if (Assertion.VERSION_ATTRIB_NAME.equals(name)) {
if ("2.0".equals(value)) {
tokenType = "http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV2.0";
} else if ("1.1".equals(value)) {
tokenType = "http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV1.1";
}
}
}
}
break;
}
case XMLStreamConstants.END_ELEMENT:
{
String localName = xmlStreamReader.getLocalName();
switch(localName) {
case AttributeStatement.DEFAULT_ELEMENT_LOCAL_NAME:
attributeStatement = null;
break;
case Attribute.DEFAULT_ELEMENT_LOCAL_NAME:
attribute = null;
break;
default:
break;
}
break;
}
}
}
} catch (XMLStreamException e) {
LOGGER.info("Unable to parse security token.", e);
} finally {
try {
xmlStreamReader.close();
} catch (XMLStreamException ignore) {
//ignore
}
}
}
Also used :
XMLStreamReader(javax.xml.stream.XMLStreamReader)
XMLStreamException(javax.xml.stream.XMLStreamException)
XSString(org.opensaml.core.xml.schema.XSString)
XSString(org.opensaml.core.xml.schema.XSString)
Example 3 with XSString
use of org.opensaml.core.xml.schema.XSString in project spring-security by spring-projects.
the class TestOpenSamlObjects method attributeStatements.
static List<AttributeStatement> attributeStatements() {
List<AttributeStatement> attributeStatements = new ArrayList<>();
AttributeStatementBuilder attributeStatementBuilder = new AttributeStatementBuilder();
AttributeBuilder attributeBuilder = new AttributeBuilder();
AttributeStatement attrStmt1 = attributeStatementBuilder.buildObject();
Attribute emailAttr = attributeBuilder.buildObject();
emailAttr.setName("email");
// gh-8864
XSAny email1 = new XSAnyBuilder().buildObject(AttributeValue.DEFAULT_ELEMENT_NAME, XSAny.TYPE_NAME);
email1.setTextContent("john.doe@example.com");
emailAttr.getAttributeValues().add(email1);
XSAny email2 = new XSAnyBuilder().buildObject(AttributeValue.DEFAULT_ELEMENT_NAME);
email2.setTextContent("doe.john@example.com");
emailAttr.getAttributeValues().add(email2);
attrStmt1.getAttributes().add(emailAttr);
Attribute nameAttr = attributeBuilder.buildObject();
nameAttr.setName("name");
XSString name = new XSStringBuilder().buildObject(AttributeValue.DEFAULT_ELEMENT_NAME, XSString.TYPE_NAME);
name.setValue("John Doe");
nameAttr.getAttributeValues().add(name);
attrStmt1.getAttributes().add(nameAttr);
Attribute ageAttr = attributeBuilder.buildObject();
ageAttr.setName("age");
XSInteger age = new XSIntegerBuilder().buildObject(AttributeValue.DEFAULT_ELEMENT_NAME, XSInteger.TYPE_NAME);
age.setValue(21);
ageAttr.getAttributeValues().add(age);
attrStmt1.getAttributes().add(ageAttr);
attributeStatements.add(attrStmt1);
AttributeStatement attrStmt2 = attributeStatementBuilder.buildObject();
Attribute websiteAttr = attributeBuilder.buildObject();
websiteAttr.setName("website");
XSURI uri = new XSURIBuilder().buildObject(AttributeValue.DEFAULT_ELEMENT_NAME, XSURI.TYPE_NAME);
uri.setValue("https://johndoe.com/");
websiteAttr.getAttributeValues().add(uri);
attrStmt2.getAttributes().add(websiteAttr);
Attribute registeredAttr = attributeBuilder.buildObject();
registeredAttr.setName("registered");
XSBoolean registered = new XSBooleanBuilder().buildObject(AttributeValue.DEFAULT_ELEMENT_NAME, XSBoolean.TYPE_NAME);
registered.setValue(new XSBooleanValue(true, false));
registeredAttr.getAttributeValues().add(registered);
attrStmt2.getAttributes().add(registeredAttr);
attributeStatements.add(attrStmt2);
return attributeStatements;
}
Also used :
AttributeStatementBuilder(org.opensaml.saml.saml2.core.impl.AttributeStatementBuilder)
AttributeBuilder(org.opensaml.saml.saml2.core.impl.AttributeBuilder)
XSIntegerBuilder(org.opensaml.core.xml.schema.impl.XSIntegerBuilder)
XSBooleanBuilder(org.opensaml.core.xml.schema.impl.XSBooleanBuilder)
XSAnyBuilder(org.opensaml.core.xml.schema.impl.XSAnyBuilder)
Attribute(org.opensaml.saml.saml2.core.Attribute)
EncryptedAttribute(org.opensaml.saml.saml2.core.EncryptedAttribute)
ArrayList(java.util.ArrayList)
XSString(org.opensaml.core.xml.schema.XSString)
XSStringBuilder(org.opensaml.core.xml.schema.impl.XSStringBuilder)
XSURI(org.opensaml.core.xml.schema.XSURI)
XSAny(org.opensaml.core.xml.schema.XSAny)
XSBooleanValue(org.opensaml.core.xml.schema.XSBooleanValue)
AttributeStatement(org.opensaml.saml.saml2.core.AttributeStatement)
XSInteger(org.opensaml.core.xml.schema.XSInteger)
XSBoolean(org.opensaml.core.xml.schema.XSBoolean)
XSURIBuilder(org.opensaml.core.xml.schema.impl.XSURIBuilder)
Example 4 with XSString
use of org.opensaml.core.xml.schema.XSString in project cas by apereo.
the class SamlMetadataUIInfo method findLocale.
private static Optional<String> findLocale(final String locale, final List<?> items) {
LOGGER.trace("Looking for locale [{}]", locale);
val p = Pattern.compile(locale, Pattern.CASE_INSENSITIVE);
return items.stream().filter(item -> item instanceof LocalizedName).map(item -> (LocalizedName) item).filter(item -> {
val xmlLang = item.getXMLLang();
return StringUtils.isNotBlank(xmlLang) && p.matcher(xmlLang).matches() && StringUtils.isNotBlank(item.getValue());
}).map(XSString::getValue).findFirst();
}
Also used :
lombok.val(lombok.val)
Setter(lombok.Setter)
XSURI(org.opensaml.core.xml.schema.XSURI)
Getter(lombok.Getter)
LocalizedName(org.opensaml.saml.saml2.metadata.LocalizedName)
Collection(java.util.Collection)
lombok.val(lombok.val)
StringUtils(org.apache.commons.lang3.StringUtils)
Collectors(java.util.stream.Collectors)
RegisteredService(org.apereo.cas.services.RegisteredService)
ArrayList(java.util.ArrayList)
Slf4j(lombok.extern.slf4j.Slf4j)
List(java.util.List)
LocalizedURI(org.opensaml.saml.saml2.metadata.LocalizedURI)
ToString(lombok.ToString)
DefaultRegisteredServiceUserInterfaceInfo(org.apereo.cas.web.flow.services.DefaultRegisteredServiceUserInterfaceInfo)
Optional(java.util.Optional)
UIInfo(org.opensaml.saml.ext.saml2mdui.UIInfo)
Pattern(java.util.regex.Pattern)
XSString(org.opensaml.core.xml.schema.XSString)
LocalizedName(org.opensaml.saml.saml2.metadata.LocalizedName)
Example 5 with XSString
use of org.opensaml.core.xml.schema.XSString in project cas by apereo.
the class SamlIdPConsentableAttributeBuilder method build.
@Override
public CasConsentableAttribute build(final CasConsentableAttribute attribute) {
val result = attributeDefinitionStore.locateAttributeDefinition(defn -> {
if (defn instanceof SamlIdPAttributeDefinition) {
val samlAttr = (SamlIdPAttributeDefinition) defn;
return samlAttr.getName().equalsIgnoreCase(attribute.getName()) && StringUtils.isNotBlank(samlAttr.getFriendlyName());
}
return false;
});
if (result.isPresent()) {
val samlAttr = (SamlIdPAttributeDefinition) result.get();
attribute.setFriendlyName(samlAttr.getFriendlyName());
}
val attributeValues = ObjectUtils.defaultIfNull(attribute.getValues(), new ArrayList<>());
attributeValues.replaceAll(o -> {
if (o instanceof XSString) {
return ((XSString) o).getValue();
}
if (o instanceof XSURI) {
return ((XSURI) o).getURI();
}
if (o instanceof Serializable) {
return o;
}
return o.toString();
});
return attribute;
}
Also used :
lombok.val(lombok.val)
SamlIdPAttributeDefinition(org.apereo.cas.support.saml.web.idp.profile.builders.attr.SamlIdPAttributeDefinition)
Serializable(java.io.Serializable)
XSString(org.opensaml.core.xml.schema.XSString)
XSURI(org.opensaml.core.xml.schema.XSURI)
Aggregations
XSString (org.opensaml.core.xml.schema.XSString)13
Attribute (org.opensaml.saml.saml2.core.Attribute)5
lombok.val (lombok.val)4
AttributeStatement (org.opensaml.saml.saml2.core.AttributeStatement)4
ArrayList (java.util.ArrayList)3
List (java.util.List)3
XSURI (org.opensaml.core.xml.schema.XSURI)3
GuestPrincipal (ddf.security.principal.GuestPrincipal)2
Principal (java.security.Principal)2
Collection (java.util.Collection)2
Collections (java.util.Collections)2
Map (java.util.Map)2
Collectors (java.util.stream.Collectors)2
KerberosPrincipal (javax.security.auth.kerberos.KerberosPrincipal)2
X500Principal (javax.security.auth.x500.X500Principal)2
StringUtils (org.apache.commons.lang3.StringUtils)2
XMLObject (org.opensaml.core.xml.XMLObject)2
EncryptedAttribute (org.opensaml.saml.saml2.core.EncryptedAttribute)2
Generators (com.fasterxml.uuid.Generators)1
RandomBasedGenerator (com.fasterxml.uuid.impl.RandomBasedGenerator)1
