Search in sources :

Example 6 with Statement

use of org.opensaml.saml.saml1.core.Statement in project cas by apereo.

the class Saml10ObjectBuilder method newAssertion.

/**
 * Create a new SAML1 response object.
 *
 * @param authnStatement the authn statement
 * @param issuer         the issuer
 * @param issuedAt       the issued at
 * @param id             the id
 * @return the assertion
 */
public Assertion newAssertion(final AuthenticationStatement authnStatement, final String issuer, final ZonedDateTime issuedAt, final String id) {
    final Assertion assertion = newSamlObject(Assertion.class);
    assertion.setID(id);
    assertion.setIssueInstant(DateTimeUtils.dateTimeOf(issuedAt));
    assertion.setIssuer(issuer);
    assertion.getAuthenticationStatements().add(authnStatement);
    return assertion;
}
Also used : Assertion(org.opensaml.saml.saml1.core.Assertion)

Example 7 with Statement

use of org.opensaml.saml.saml1.core.Statement in project cas by apereo.

the class Saml10SuccessResponseView method prepareResponse.

@Override
protected void prepareResponse(final Response response, final Map<String, Object> model) {
    final ZonedDateTime issuedAt = DateTimeUtils.zonedDateTimeOf(response.getIssueInstant());
    final Service service = getAssertionFrom(model).getService();
    LOGGER.debug("Preparing SAML response for service [{}]", service);
    final Authentication authentication = getPrimaryAuthenticationFrom(model);
    final Collection<Object> authnMethods = CollectionUtils.toCollection(authentication.getAttributes().get(SamlAuthenticationMetaDataPopulator.ATTRIBUTE_AUTHENTICATION_METHOD));
    LOGGER.debug("Authentication methods found are [{}]", authnMethods);
    final Principal principal = getPrincipal(model);
    final AuthenticationStatement authnStatement = this.samlObjectBuilder.newAuthenticationStatement(authentication.getAuthenticationDate(), authnMethods, principal.getId());
    LOGGER.debug("Built authentication statement for [{}] dated at [{}]", principal, authentication.getAuthenticationDate());
    final Assertion assertion = this.samlObjectBuilder.newAssertion(authnStatement, this.issuer, issuedAt, this.samlObjectBuilder.generateSecureRandomId());
    LOGGER.debug("Built assertion for issuer [{}] dated at [{}]", this.issuer, issuedAt);
    final Conditions conditions = this.samlObjectBuilder.newConditions(issuedAt, service.getId(), this.issueLength);
    assertion.setConditions(conditions);
    LOGGER.debug("Built assertion conditions for issuer [{}] and service [{}] ", this.issuer, service.getId());
    final Subject subject = this.samlObjectBuilder.newSubject(principal.getId());
    LOGGER.debug("Built subject for principal [{}]", principal);
    final Map<String, Object> attributesToSend = prepareSamlAttributes(model, service);
    LOGGER.debug("Authentication statement shall include these attributes [{}]", attributesToSend);
    if (!attributesToSend.isEmpty()) {
        assertion.getAttributeStatements().add(this.samlObjectBuilder.newAttributeStatement(subject, attributesToSend, this.defaultAttributeNamespace));
    }
    response.setStatus(this.samlObjectBuilder.newStatus(StatusCode.SUCCESS, null));
    LOGGER.debug("Set response status code to [{}]", response.getStatus());
    response.getAssertions().add(assertion);
}
Also used : ZonedDateTime(java.time.ZonedDateTime) Authentication(org.apereo.cas.authentication.Authentication) Assertion(org.opensaml.saml.saml1.core.Assertion) RegisteredService(org.apereo.cas.services.RegisteredService) Service(org.apereo.cas.authentication.principal.Service) Principal(org.apereo.cas.authentication.principal.Principal) AuthenticationStatement(org.opensaml.saml.saml1.core.AuthenticationStatement) Conditions(org.opensaml.saml.saml1.core.Conditions) Subject(org.opensaml.saml.saml1.core.Subject)

Example 8 with Statement

use of org.opensaml.saml.saml1.core.Statement in project cxf by apache.

the class SAMLUtils method getSaml1Subject.

private static org.opensaml.saml.saml1.core.Subject getSaml1Subject(SamlAssertionWrapper assertionW) {
    for (Statement stmt : assertionW.getSaml1().getStatements()) {
        org.opensaml.saml.saml1.core.Subject samlSubject = null;
        if (stmt instanceof AttributeStatement) {
            AttributeStatement attrStmt = (AttributeStatement) stmt;
            samlSubject = attrStmt.getSubject();
        } else if (stmt instanceof AuthenticationStatement) {
            AuthenticationStatement authStmt = (AuthenticationStatement) stmt;
            samlSubject = authStmt.getSubject();
        } else {
            AuthorizationDecisionStatement authzStmt = (AuthorizationDecisionStatement) stmt;
            samlSubject = authzStmt.getSubject();
        }
        if (samlSubject != null) {
            return samlSubject;
        }
    }
    return null;
}
Also used : Statement(org.opensaml.saml.saml1.core.Statement) AuthorizationDecisionStatement(org.opensaml.saml.saml1.core.AuthorizationDecisionStatement) AuthenticationStatement(org.opensaml.saml.saml1.core.AuthenticationStatement) AttributeStatement(org.opensaml.saml.saml1.core.AttributeStatement) AttributeStatement(org.opensaml.saml.saml1.core.AttributeStatement) AuthorizationDecisionStatement(org.opensaml.saml.saml1.core.AuthorizationDecisionStatement) AuthenticationStatement(org.opensaml.saml.saml1.core.AuthenticationStatement)

Aggregations

AuthenticationStatement (org.opensaml.saml.saml1.core.AuthenticationStatement)3 ArrayList (java.util.ArrayList)2 Assertion (org.opensaml.saml.saml1.core.Assertion)2 AttributeStatement (org.opensaml.saml.saml1.core.AttributeStatement)2 Assertion (org.opensaml.saml.saml2.core.Assertion)2 AttributeStatement (org.opensaml.saml.saml2.core.AttributeStatement)2 AuthnStatement (org.opensaml.saml.saml2.core.AuthnStatement)2 Statement (org.opensaml.saml.saml2.core.Statement)2 SecureRandom (java.security.SecureRandom)1 ZonedDateTime (java.time.ZonedDateTime)1 HashMap (java.util.HashMap)1 Map (java.util.Map)1 Authentication (org.apereo.cas.authentication.Authentication)1 Principal (org.apereo.cas.authentication.principal.Principal)1 Service (org.apereo.cas.authentication.principal.Service)1 RegisteredService (org.apereo.cas.services.RegisteredService)1 XMLObject (org.opensaml.core.xml.XMLObject)1 SAMLObject (org.opensaml.saml.common.SAMLObject)1 Attribute (org.opensaml.saml.saml1.core.Attribute)1 AuthorizationDecisionStatement (org.opensaml.saml.saml1.core.AuthorizationDecisionStatement)1