Search in sources :

Example 1 with Statement

use of org.opensaml.saml.saml1.core.Statement in project cas by apereo.

the class Saml10ObjectBuilder method newAttributeStatement.

/**
 * New attribute statement.
 *
 * @param subject            the subject
 * @param attributes         the attributes
 * @param attributeNamespace the attribute namespace
 * @return the attribute statement
 */
public AttributeStatement newAttributeStatement(final Subject subject, final Map<String, Object> attributes, final String attributeNamespace) {
    final AttributeStatement attrStatement = newSamlObject(AttributeStatement.class);
    attrStatement.setSubject(subject);
    for (final Map.Entry<String, Object> e : attributes.entrySet()) {
        if (e.getValue() instanceof Collection<?> && ((Collection<?>) e.getValue()).isEmpty()) {
            LOGGER.info("Skipping attribute [{}] because it does not have any values.", e.getKey());
            continue;
        }
        final Attribute attribute = newSamlObject(Attribute.class);
        attribute.setAttributeName(e.getKey());
        if (StringUtils.isNotBlank(attributeNamespace)) {
            attribute.setAttributeNamespace(attributeNamespace);
        }
        addAttributeValuesToSaml1Attribute(e.getKey(), e.getValue(), attribute.getAttributeValues());
        attrStatement.getAttributes().add(attribute);
    }
    return attrStatement;
}
Also used : Attribute(org.opensaml.saml.saml1.core.Attribute) AttributeStatement(org.opensaml.saml.saml1.core.AttributeStatement) XMLObject(org.opensaml.core.xml.XMLObject) SAMLObject(org.opensaml.saml.common.SAMLObject) Map(java.util.Map)

Example 2 with Statement

use of org.opensaml.saml.saml1.core.Statement in project cas by apereo.

the class Saml10ObjectBuilder method newAuthenticationStatement.

/**
 * New authentication statement.
 *
 * @param authenticationDate   the authentication date
 * @param authenticationMethod the authentication method
 * @param subjectId            the subject id
 * @return the authentication statement
 */
public AuthenticationStatement newAuthenticationStatement(final ZonedDateTime authenticationDate, final Collection<Object> authenticationMethod, final String subjectId) {
    final AuthenticationStatement authnStatement = newSamlObject(AuthenticationStatement.class);
    authnStatement.setAuthenticationInstant(DateTimeUtils.dateTimeOf(authenticationDate));
    authnStatement.setAuthenticationMethod(authenticationMethod != null && !authenticationMethod.isEmpty() ? authenticationMethod.iterator().next().toString() : SamlAuthenticationMetaDataPopulator.AUTHN_METHOD_UNSPECIFIED);
    authnStatement.setSubject(newSubject(subjectId));
    return authnStatement;
}
Also used : AuthenticationStatement(org.opensaml.saml.saml1.core.AuthenticationStatement)

Example 3 with Statement

use of org.opensaml.saml.saml1.core.Statement in project cas by apereo.

the class SamlProfileSamlAssertionBuilder method build.

@Override
public Assertion build(final AuthnRequest authnRequest, final HttpServletRequest request, final HttpServletResponse response, final org.jasig.cas.client.validation.Assertion casAssertion, final SamlRegisteredService service, final SamlRegisteredServiceServiceProviderMetadataFacade adaptor) throws SamlException {
    final List<Statement> statements = new ArrayList<>();
    statements.add(this.samlProfileSamlAuthNStatementBuilder.build(authnRequest, request, response, casAssertion, service, adaptor));
    statements.add(this.samlProfileSamlAttributeStatementBuilder.build(authnRequest, request, response, casAssertion, service, adaptor));
    final String id = '_' + String.valueOf(Math.abs(new SecureRandom().nextLong()));
    final Assertion assertion = newAssertion(statements, casProperties.getAuthn().getSamlIdp().getEntityId(), ZonedDateTime.now(ZoneOffset.UTC), id);
    assertion.setSubject(this.samlProfileSamlSubjectBuilder.build(authnRequest, request, response, casAssertion, service, adaptor));
    assertion.setConditions(this.samlProfileSamlConditionsBuilder.build(authnRequest, request, response, casAssertion, service, adaptor));
    signAssertion(assertion, request, response, service, adaptor);
    return assertion;
}
Also used : AuthnStatement(org.opensaml.saml.saml2.core.AuthnStatement) AttributeStatement(org.opensaml.saml.saml2.core.AttributeStatement) Statement(org.opensaml.saml.saml2.core.Statement) ArrayList(java.util.ArrayList) Assertion(org.opensaml.saml.saml2.core.Assertion) SecureRandom(java.security.SecureRandom)

Example 4 with Statement

use of org.opensaml.saml.saml1.core.Statement in project OpenAttestation by OpenAttestation.

the class TrustAssertion method populateAssertionMap.

/**
     * Sample assertion statements that may appear in the XML: Trusted (boolean)
     * Trusted_BIOS (boolean) Trusted_VMM (boolean) BIOS_Name (string)
     * BIOS_Version (string) BIOS_OEM (string) VMM_Name (string) VMM_Version
     * (string) VMM_OSName (string) VMM_OSVersion (string) The BIOS_* entries
     * will only appear if Trusted_BIOS is true The VMM_* entries will only
     * appear if Trusted_VMM is true
     */
private void populateAssertionMap() {
    for (Statement statement : assertion.getStatements()) {
        if (statement instanceof AttributeStatement) {
            HashMap<String, String> assertionMap = new HashMap<String, String>();
            HostTrustAssertion hostTrustAssertion = new HostTrustAssertion(assertion, assertionMap);
            log.debug("attributes.size: " + ((AttributeStatement) statement).getAttributes().size());
            for (Attribute attribute : ((AttributeStatement) statement).getAttributes()) {
                String attributeValue = null;
                for (XMLObject value : attribute.getAttributeValues()) {
                    if (value instanceof XSAny) {
                        // boolean attributes are the text "true" or "false"
                        attributeValue = (((XSAny) value).getTextContent());
                    }
                    if (value instanceof XSString) {
                        attributeValue = (((XSString) value).getValue());
                    }
                }
                assertionMap.put(attribute.getName(), attributeValue);
            }
            hostAssertionMap.put(assertionMap.get("Host_Name"), hostTrustAssertion);
        }
    }
}
Also used : HashMap(java.util.HashMap) Attribute(org.opensaml.saml2.core.Attribute) Statement(org.opensaml.saml2.core.Statement) AttributeStatement(org.opensaml.saml2.core.AttributeStatement) AttributeStatement(org.opensaml.saml2.core.AttributeStatement) XMLObject(org.opensaml.xml.XMLObject) XSString(org.opensaml.xml.schema.XSString) XSString(org.opensaml.xml.schema.XSString) XSAny(org.opensaml.xml.schema.XSAny)

Example 5 with Statement

use of org.opensaml.saml.saml1.core.Statement in project cas by apereo.

the class SamlProfileSamlAssertionBuilder method build.

@Override
public Assertion build(final RequestAbstractType authnRequest, final HttpServletRequest request, final HttpServletResponse response, final Object casAssertion, final SamlRegisteredService service, final SamlRegisteredServiceServiceProviderMetadataFacade adaptor, final String binding) throws SamlException {
    final List<Statement> statements = new ArrayList<>();
    final AuthnStatement authnStatement = this.samlProfileSamlAuthNStatementBuilder.build(authnRequest, request, response, casAssertion, service, adaptor, binding);
    statements.add(authnStatement);
    final AttributeStatement attrStatement = this.samlProfileSamlAttributeStatementBuilder.build(authnRequest, request, response, casAssertion, service, adaptor, binding);
    if (!attrStatement.getAttributes().isEmpty() || !attrStatement.getEncryptedAttributes().isEmpty()) {
        statements.add(attrStatement);
    }
    final String id = '_' + String.valueOf(Math.abs(RandomUtils.getNativeInstance().nextLong()));
    final Assertion assertion = newAssertion(statements, casProperties.getAuthn().getSamlIdp().getEntityId(), ZonedDateTime.now(ZoneOffset.UTC), id);
    assertion.setSubject(this.samlProfileSamlSubjectBuilder.build(authnRequest, request, response, casAssertion, service, adaptor, binding));
    assertion.setConditions(this.samlProfileSamlConditionsBuilder.build(authnRequest, request, response, casAssertion, service, adaptor, binding));
    signAssertion(assertion, request, response, service, adaptor, binding);
    return assertion;
}
Also used : AuthnStatement(org.opensaml.saml.saml2.core.AuthnStatement) AttributeStatement(org.opensaml.saml.saml2.core.AttributeStatement) Statement(org.opensaml.saml.saml2.core.Statement) AttributeStatement(org.opensaml.saml.saml2.core.AttributeStatement) ArrayList(java.util.ArrayList) AuthnStatement(org.opensaml.saml.saml2.core.AuthnStatement) Assertion(org.opensaml.saml.saml2.core.Assertion)

Aggregations

AuthenticationStatement (org.opensaml.saml.saml1.core.AuthenticationStatement)3 ArrayList (java.util.ArrayList)2 Assertion (org.opensaml.saml.saml1.core.Assertion)2 AttributeStatement (org.opensaml.saml.saml1.core.AttributeStatement)2 Assertion (org.opensaml.saml.saml2.core.Assertion)2 AttributeStatement (org.opensaml.saml.saml2.core.AttributeStatement)2 AuthnStatement (org.opensaml.saml.saml2.core.AuthnStatement)2 Statement (org.opensaml.saml.saml2.core.Statement)2 SecureRandom (java.security.SecureRandom)1 ZonedDateTime (java.time.ZonedDateTime)1 HashMap (java.util.HashMap)1 Map (java.util.Map)1 Authentication (org.apereo.cas.authentication.Authentication)1 Principal (org.apereo.cas.authentication.principal.Principal)1 Service (org.apereo.cas.authentication.principal.Service)1 RegisteredService (org.apereo.cas.services.RegisteredService)1 XMLObject (org.opensaml.core.xml.XMLObject)1 SAMLObject (org.opensaml.saml.common.SAMLObject)1 Attribute (org.opensaml.saml.saml1.core.Attribute)1 AuthorizationDecisionStatement (org.opensaml.saml.saml1.core.AuthorizationDecisionStatement)1