Example 6 with Statement
use of org.opensaml.saml.saml1.core.Statement in project cas by apereo.
the class Saml10ObjectBuilder method newAssertion.
/**
* Create a new SAML1 response object.
*
* @param authnStatement the authn statement
* @param issuer the issuer
* @param issuedAt the issued at
* @param id the id
* @return the assertion
*/
public Assertion newAssertion(final AuthenticationStatement authnStatement, final String issuer, final ZonedDateTime issuedAt, final String id) {
final Assertion assertion = newSamlObject(Assertion.class);
assertion.setID(id);
assertion.setIssueInstant(DateTimeUtils.dateTimeOf(issuedAt));
assertion.setIssuer(issuer);
assertion.getAuthenticationStatements().add(authnStatement);
return assertion;
}
Also used :
Assertion(org.opensaml.saml.saml1.core.Assertion)
Example 7 with Statement
use of org.opensaml.saml.saml1.core.Statement in project cas by apereo.
the class Saml10SuccessResponseView method prepareResponse.
@Override
protected void prepareResponse(final Response response, final Map<String, Object> model) {
final ZonedDateTime issuedAt = DateTimeUtils.zonedDateTimeOf(response.getIssueInstant());
final Service service = getAssertionFrom(model).getService();
LOGGER.debug("Preparing SAML response for service [{}]", service);
final Authentication authentication = getPrimaryAuthenticationFrom(model);
final Collection<Object> authnMethods = CollectionUtils.toCollection(authentication.getAttributes().get(SamlAuthenticationMetaDataPopulator.ATTRIBUTE_AUTHENTICATION_METHOD));
LOGGER.debug("Authentication methods found are [{}]", authnMethods);
final Principal principal = getPrincipal(model);
final AuthenticationStatement authnStatement = this.samlObjectBuilder.newAuthenticationStatement(authentication.getAuthenticationDate(), authnMethods, principal.getId());
LOGGER.debug("Built authentication statement for [{}] dated at [{}]", principal, authentication.getAuthenticationDate());
final Assertion assertion = this.samlObjectBuilder.newAssertion(authnStatement, this.issuer, issuedAt, this.samlObjectBuilder.generateSecureRandomId());
LOGGER.debug("Built assertion for issuer [{}] dated at [{}]", this.issuer, issuedAt);
final Conditions conditions = this.samlObjectBuilder.newConditions(issuedAt, service.getId(), this.issueLength);
assertion.setConditions(conditions);
LOGGER.debug("Built assertion conditions for issuer [{}] and service [{}] ", this.issuer, service.getId());
final Subject subject = this.samlObjectBuilder.newSubject(principal.getId());
LOGGER.debug("Built subject for principal [{}]", principal);
final Map<String, Object> attributesToSend = prepareSamlAttributes(model, service);
LOGGER.debug("Authentication statement shall include these attributes [{}]", attributesToSend);
if (!attributesToSend.isEmpty()) {
assertion.getAttributeStatements().add(this.samlObjectBuilder.newAttributeStatement(subject, attributesToSend, this.defaultAttributeNamespace));
}
response.setStatus(this.samlObjectBuilder.newStatus(StatusCode.SUCCESS, null));
LOGGER.debug("Set response status code to [{}]", response.getStatus());
response.getAssertions().add(assertion);
}
Also used :
ZonedDateTime(java.time.ZonedDateTime)
Authentication(org.apereo.cas.authentication.Authentication)
Assertion(org.opensaml.saml.saml1.core.Assertion)
RegisteredService(org.apereo.cas.services.RegisteredService)
Service(org.apereo.cas.authentication.principal.Service)
Principal(org.apereo.cas.authentication.principal.Principal)
AuthenticationStatement(org.opensaml.saml.saml1.core.AuthenticationStatement)
Conditions(org.opensaml.saml.saml1.core.Conditions)
Subject(org.opensaml.saml.saml1.core.Subject)
Example 8 with Statement
use of org.opensaml.saml.saml1.core.Statement in project cxf by apache.
the class SAMLUtils method getSaml1Subject.
private static org.opensaml.saml.saml1.core.Subject getSaml1Subject(SamlAssertionWrapper assertionW) {
for (Statement stmt : assertionW.getSaml1().getStatements()) {
org.opensaml.saml.saml1.core.Subject samlSubject = null;
if (stmt instanceof AttributeStatement) {
AttributeStatement attrStmt = (AttributeStatement) stmt;
samlSubject = attrStmt.getSubject();
} else if (stmt instanceof AuthenticationStatement) {
AuthenticationStatement authStmt = (AuthenticationStatement) stmt;
samlSubject = authStmt.getSubject();
} else {
AuthorizationDecisionStatement authzStmt = (AuthorizationDecisionStatement) stmt;
samlSubject = authzStmt.getSubject();
}
if (samlSubject != null) {
return samlSubject;
}
}
return null;
}
Also used :
Statement(org.opensaml.saml.saml1.core.Statement)
AuthorizationDecisionStatement(org.opensaml.saml.saml1.core.AuthorizationDecisionStatement)
AuthenticationStatement(org.opensaml.saml.saml1.core.AuthenticationStatement)
AttributeStatement(org.opensaml.saml.saml1.core.AttributeStatement)
AttributeStatement(org.opensaml.saml.saml1.core.AttributeStatement)
AuthorizationDecisionStatement(org.opensaml.saml.saml1.core.AuthorizationDecisionStatement)
AuthenticationStatement(org.opensaml.saml.saml1.core.AuthenticationStatement)
Aggregations
AuthenticationStatement (org.opensaml.saml.saml1.core.AuthenticationStatement)3
ArrayList (java.util.ArrayList)2
Assertion (org.opensaml.saml.saml1.core.Assertion)2
AttributeStatement (org.opensaml.saml.saml1.core.AttributeStatement)2
Assertion (org.opensaml.saml.saml2.core.Assertion)2
AttributeStatement (org.opensaml.saml.saml2.core.AttributeStatement)2
AuthnStatement (org.opensaml.saml.saml2.core.AuthnStatement)2
Statement (org.opensaml.saml.saml2.core.Statement)2
SecureRandom (java.security.SecureRandom)1
ZonedDateTime (java.time.ZonedDateTime)1
HashMap (java.util.HashMap)1
Map (java.util.Map)1
Authentication (org.apereo.cas.authentication.Authentication)1
Principal (org.apereo.cas.authentication.principal.Principal)1
Service (org.apereo.cas.authentication.principal.Service)1
RegisteredService (org.apereo.cas.services.RegisteredService)1
XMLObject (org.opensaml.core.xml.XMLObject)1
SAMLObject (org.opensaml.saml.common.SAMLObject)1
Attribute (org.opensaml.saml.saml1.core.Attribute)1
AuthorizationDecisionStatement (org.opensaml.saml.saml1.core.AuthorizationDecisionStatement)1
