Example 11 with AttributeStatement
use of org.opensaml.saml.saml1.core.AttributeStatement in project cloudstack by apache.
the class SAML2LoginAPIAuthenticatorCmdTest method buildMockResponse.
private Response buildMockResponse() throws Exception {
Response samlMessage = new ResponseBuilder().buildObject();
samlMessage.setID("foo");
samlMessage.setVersion(SAMLVersion.VERSION_20);
samlMessage.setIssueInstant(new DateTime(0));
Issuer issuer = new IssuerBuilder().buildObject();
issuer.setValue("MockedIssuer");
samlMessage.setIssuer(issuer);
Status status = new StatusBuilder().buildObject();
StatusCode statusCode = new StatusCodeBuilder().buildObject();
statusCode.setValue(StatusCode.SUCCESS_URI);
status.setStatusCode(statusCode);
samlMessage.setStatus(status);
Assertion assertion = new AssertionBuilder().buildObject();
Subject subject = new SubjectBuilder().buildObject();
NameID nameID = new NameIDBuilder().buildObject();
nameID.setValue("SOME-UNIQUE-ID");
nameID.setFormat(NameIDType.PERSISTENT);
subject.setNameID(nameID);
assertion.setSubject(subject);
AuthnStatement authnStatement = new AuthnStatementBuilder().buildObject();
authnStatement.setSessionIndex("Some Session String");
assertion.getAuthnStatements().add(authnStatement);
AttributeStatement attributeStatement = new AttributeStatementBuilder().buildObject();
assertion.getAttributeStatements().add(attributeStatement);
samlMessage.getAssertions().add(assertion);
return samlMessage;
}
Also used :
Status(org.opensaml.saml2.core.Status)
AttributeStatementBuilder(org.opensaml.saml2.core.impl.AttributeStatementBuilder)
StatusCodeBuilder(org.opensaml.saml2.core.impl.StatusCodeBuilder)
Issuer(org.opensaml.saml2.core.Issuer)
NameID(org.opensaml.saml2.core.NameID)
Assertion(org.opensaml.saml2.core.Assertion)
AssertionBuilder(org.opensaml.saml2.core.impl.AssertionBuilder)
AuthnStatementBuilder(org.opensaml.saml2.core.impl.AuthnStatementBuilder)
StatusCode(org.opensaml.saml2.core.StatusCode)
DateTime(org.joda.time.DateTime)
Subject(org.opensaml.saml2.core.Subject)
Response(org.opensaml.saml2.core.Response)
HttpServletResponse(javax.servlet.http.HttpServletResponse)
NameIDBuilder(org.opensaml.saml2.core.impl.NameIDBuilder)
AttributeStatement(org.opensaml.saml2.core.AttributeStatement)
AuthnStatement(org.opensaml.saml2.core.AuthnStatement)
StatusBuilder(org.opensaml.saml2.core.impl.StatusBuilder)
IssuerBuilder(org.opensaml.saml2.core.impl.IssuerBuilder)
ResponseBuilder(org.opensaml.saml2.core.impl.ResponseBuilder)
SubjectBuilder(org.opensaml.saml2.core.impl.SubjectBuilder)
Example 12 with AttributeStatement
use of org.opensaml.saml.saml1.core.AttributeStatement in project cloudstack by apache.
the class SAMLUtils method getValueFromAttributeStatements.
public static String getValueFromAttributeStatements(final List<AttributeStatement> attributeStatements, final String attributeKey) {
if (attributeStatements == null || attributeStatements.size() < 1 || attributeKey == null) {
return null;
}
for (AttributeStatement attributeStatement : attributeStatements) {
if (attributeStatement == null || attributeStatements.size() < 1) {
continue;
}
for (Attribute attribute : attributeStatement.getAttributes()) {
if (attribute.getAttributeValues() != null && attribute.getAttributeValues().size() > 0) {
String value = attribute.getAttributeValues().get(0).getDOM().getTextContent();
s_logger.debug("SAML attribute name: " + attribute.getName() + " friendly-name:" + attribute.getFriendlyName() + " value:" + value);
if (attributeKey.equals(attribute.getName()) || attributeKey.equals(attribute.getFriendlyName())) {
return value;
}
}
}
}
return null;
}
Also used :
Attribute(org.opensaml.saml2.core.Attribute)
AttributeStatement(org.opensaml.saml2.core.AttributeStatement)
Example 13 with AttributeStatement
use of org.opensaml.saml.saml1.core.AttributeStatement in project ddf by codice.
the class SubjectUtilsTest method getSubjectWithAttributes.
private Subject getSubjectWithAttributes(Map<String, List<String>> attributes) {
Subject subject = mock(Subject.class);
PrincipalCollection pc = mock(PrincipalCollection.class);
SecurityAssertion assertion = mock(SecurityAssertion.class);
AttributeStatement as = mock(AttributeStatement.class);
List<Attribute> attrs = attributes.entrySet().stream().map(this::getAttribute).collect(Collectors.toList());
doReturn(pc).when(subject).getPrincipals();
doReturn(assertion).when(pc).oneByType(SecurityAssertion.class);
doReturn(ImmutableList.of(assertion)).when(pc).byType(SecurityAssertion.class);
doReturn(Collections.singletonList(as)).when(assertion).getAttributeStatements();
doReturn(attrs).when(as).getAttributes();
return subject;
}
Also used :
Attribute(org.opensaml.saml.saml2.core.Attribute)
AttributeStatement(org.opensaml.saml.saml2.core.AttributeStatement)
PrincipalCollection(org.apache.shiro.subject.PrincipalCollection)
SimplePrincipalCollection(org.apache.shiro.subject.SimplePrincipalCollection)
SecurityAssertion(ddf.security.assertion.SecurityAssertion)
Example 14 with AttributeStatement
use of org.opensaml.saml.saml1.core.AttributeStatement in project ddf by codice.
the class AttributeQueryClaimsHandler method createClaims.
/**
* Creates claims from the extracted attributes.
*
* @param claimsCollection The collection of claims.
* @param assertion Assertion from the response.
* @return The collection of claims.
* @throws URISyntaxException
*/
protected ProcessedClaimCollection createClaims(ProcessedClaimCollection claimsCollection, Assertion assertion) throws URISyntaxException {
// Should only contain one Attribute Statement.
AttributeStatement attributeStatement = assertion.getAttributeStatements().get(0);
List<Attribute> attributeList = attributeStatement.getAttributes();
// and create the claim, otherwise, create the claim using its original attribute value.
for (Attribute attribute : attributeList) {
for (String claimType : supportedClaims) {
if (claimType.equalsIgnoreCase(attribute.getName())) {
String claimValue = attribute.getDOM().getTextContent();
if (attributeMap.containsKey(claimValue)) {
claimsCollection.add(createSingleValuedClaim(claimType, attributeMap.get(claimValue)));
} else {
claimsCollection.add(createSingleValuedClaim(claimType, claimValue));
}
break;
}
}
}
return claimsCollection;
}
Also used :
Attribute(org.opensaml.saml.saml2.core.Attribute)
AttributeStatement(org.opensaml.saml.saml2.core.AttributeStatement)
Example 15 with AttributeStatement
use of org.opensaml.saml.saml1.core.AttributeStatement in project ddf by codice.
the class SecurityAssertionImpl method getPrincipals.
@Override
public Set<Principal> getPrincipals() {
Set<Principal> principals = new HashSet<>();
Principal primary = getPrincipal();
principals.add(primary);
principals.add(new RolePrincipal(primary.getName()));
for (AttributeStatement attributeStatement : getAttributeStatements()) {
for (Attribute attr : attributeStatement.getAttributes()) {
if (StringUtils.containsIgnoreCase(attr.getName(), "role")) {
for (final XMLObject obj : attr.getAttributeValues()) {
principals.add(new RolePrincipal(((XSString) obj).getValue()));
}
}
}
}
return principals;
}
Also used :
Attribute(org.opensaml.saml.saml2.core.Attribute)
EncryptedAttribute(org.opensaml.saml.saml2.core.EncryptedAttribute)
AttributeStatement(org.opensaml.saml.saml2.core.AttributeStatement)
XMLObject(org.opensaml.core.xml.XMLObject)
XSString(org.opensaml.core.xml.schema.XSString)
RolePrincipal(org.apache.karaf.jaas.boot.principal.RolePrincipal)
KerberosPrincipal(javax.security.auth.kerberos.KerberosPrincipal)
Principal(java.security.Principal)
X500Principal(javax.security.auth.x500.X500Principal)
GuestPrincipal(ddf.security.principal.GuestPrincipal)
RolePrincipal(org.apache.karaf.jaas.boot.principal.RolePrincipal)
HashSet(java.util.HashSet)
Aggregations
AttributeStatement (org.opensaml.saml.saml2.core.AttributeStatement)17
Attribute (org.opensaml.saml.saml2.core.Attribute)10
XMLObject (org.opensaml.core.xml.XMLObject)8
Subject (org.opensaml.saml.saml2.core.Subject)5
Map (java.util.Map)4
Assertion (org.opensaml.saml.saml2.core.Assertion)4
AttributeStatement (org.opensaml.saml2.core.AttributeStatement)4
SecurityAssertion (ddf.security.assertion.SecurityAssertion)3
HashMap (java.util.HashMap)3
WSSecurityException (org.apache.wss4j.common.ext.WSSecurityException)3
SamlAssertionWrapper (org.apache.wss4j.common.saml.SamlAssertionWrapper)3
Credential (org.apache.wss4j.dom.validate.Credential)3
Credential (org.opensaml.security.credential.Credential)3
ArrayList (java.util.ArrayList)2
HashSet (java.util.HashSet)2
XSString (org.opensaml.core.xml.schema.XSString)2
Attribute (org.opensaml.saml2.core.Attribute)2
Signature (org.opensaml.xmlsec.signature.Signature)2
UTF8NameValueMicroformat (com.intel.mtwilson.datatypes.UTF8NameValueMicroformat)1
UTF8NameValueSequence (com.intel.mtwilson.datatypes.UTF8NameValueSequence)1
