Example 1 with Attribute
use of org.opensaml.saml.saml2.core.Attribute in project OpenAttestation by OpenAttestation.
the class SamlGenerator method createStringAttribute.
// create the host attributes
/**
* An attribute can be multi-valued, but this method builds a single-valued
* String attribute such as FirstName=John or IPAddress=1.2.3.4
* @param name
* @param value
* @return
* @throws ConfigurationException
*/
private Attribute createStringAttribute(String name, String value) throws ConfigurationException {
SAMLObjectBuilder attrBuilder = (SAMLObjectBuilder) builderFactory.getBuilder(Attribute.DEFAULT_ELEMENT_NAME);
Attribute attr = (Attribute) attrBuilder.buildObject();
attr.setName(name);
XMLObjectBuilder xmlBuilder = builderFactory.getBuilder(XSString.TYPE_NAME);
XSString attrValue = (XSString) xmlBuilder.buildObject(AttributeValue.DEFAULT_ELEMENT_NAME, XSString.TYPE_NAME);
attrValue.setValue(value);
attr.getAttributeValues().add(attrValue);
return attr;
}
Also used :
SAMLObjectBuilder(org.opensaml.common.SAMLObjectBuilder)
Attribute(org.opensaml.saml2.core.Attribute)
XMLObjectBuilder(org.opensaml.xml.XMLObjectBuilder)
XSString(org.opensaml.xml.schema.XSString)
Example 2 with Attribute
use of org.opensaml.saml.saml2.core.Attribute in project cas by apereo.
the class AbstractSaml20ObjectBuilder method newAttributeStatement.
/**
* New attribute statement.
*
* @param attributes the attributes
* @param setFriendlyName the set friendly name
* @param configuredNameFormats the configured name formats
* @return the attribute statement
*/
public AttributeStatement newAttributeStatement(final Map<String, Object> attributes, final boolean setFriendlyName, final Map<String, String> configuredNameFormats) {
final AttributeStatement attrStatement = newSamlObject(AttributeStatement.class);
for (final Map.Entry<String, Object> e : attributes.entrySet()) {
if (e.getValue() instanceof Collection<?> && ((Collection<?>) e.getValue()).isEmpty()) {
LOGGER.info("Skipping attribute [{}] because it does not have any values.", e.getKey());
continue;
}
final Attribute attribute = newAttribute(setFriendlyName, e, configuredNameFormats);
attrStatement.getAttributes().add(attribute);
}
return attrStatement;
}
Also used :
Attribute(org.opensaml.saml.saml2.core.Attribute)
AttributeStatement(org.opensaml.saml.saml2.core.AttributeStatement)
XMLObject(org.opensaml.core.xml.XMLObject)
Map(java.util.Map)
Example 3 with Attribute
use of org.opensaml.saml.saml2.core.Attribute in project cas by apereo.
the class MetadataRequestedAttributesAttributeReleasePolicy method getAttributesForSamlRegisteredService.
@Override
protected Map<String, Object> getAttributesForSamlRegisteredService(final Map<String, Object> attributes, final SamlRegisteredService service, final ApplicationContext applicationContext, final SamlRegisteredServiceCachingMetadataResolver resolver, final SamlRegisteredServiceServiceProviderMetadataFacade facade, final EntityDescriptor entityDescriptor) {
final Map<String, Object> releaseAttributes = new LinkedHashMap<>();
final SPSSODescriptor sso = facade.getSsoDescriptor();
if (sso != null) {
sso.getAttributeConsumingServices().forEach(svc -> svc.getRequestAttributes().stream().filter(attr -> {
final String name = this.useFriendlyName ? attr.getFriendlyName() : attr.getName();
LOGGER.debug("Checking for requested attribute [{}] in metadata for [{}]", name, service.getName());
return attributes.containsKey(name);
}).forEach(attr -> {
final String name = this.useFriendlyName ? attr.getFriendlyName() : attr.getName();
LOGGER.debug("Found requested attribute [{}] in metadata for [{}]", name, service.getName());
releaseAttributes.put(name, attributes.get(name));
}));
}
return releaseAttributes;
}
Also used :
Setter(lombok.Setter)
Getter(lombok.Getter)
SamlRegisteredServiceCachingMetadataResolver(org.apereo.cas.support.saml.services.idp.metadata.cache.SamlRegisteredServiceCachingMetadataResolver)
EqualsAndHashCode(lombok.EqualsAndHashCode)
ApplicationContext(org.springframework.context.ApplicationContext)
SPSSODescriptor(org.opensaml.saml.saml2.metadata.SPSSODescriptor)
LinkedHashMap(java.util.LinkedHashMap)
Slf4j(lombok.extern.slf4j.Slf4j)
Map(java.util.Map)
ToString(lombok.ToString)
SamlRegisteredServiceServiceProviderMetadataFacade(org.apereo.cas.support.saml.services.idp.metadata.SamlRegisteredServiceServiceProviderMetadataFacade)
AllArgsConstructor(lombok.AllArgsConstructor)
EntityDescriptor(org.opensaml.saml.saml2.metadata.EntityDescriptor)
NoArgsConstructor(lombok.NoArgsConstructor)
SPSSODescriptor(org.opensaml.saml.saml2.metadata.SPSSODescriptor)
ToString(lombok.ToString)
LinkedHashMap(java.util.LinkedHashMap)
Example 4 with Attribute
use of org.opensaml.saml.saml2.core.Attribute in project ddf by codice.
the class SubjectUtils method getAttribute.
/**
* Get any attribute from a subject by key.
*
* @param subject
* @param key
* @return attribute values or an empty list if not found.
*/
public static List<String> getAttribute(@Nullable Subject subject, String key) {
Validate.notNull(key);
if (subject == null) {
LOGGER.debug("Incoming subject was null, cannot look up {}.", key);
return Collections.emptyList();
}
PrincipalCollection principals = subject.getPrincipals();
if (principals == null) {
LOGGER.debug("No principals located in the incoming subject, cannot look up {}.", key);
return Collections.emptyList();
}
SecurityAssertion assertion = principals.oneByType(SecurityAssertion.class);
if (assertion == null) {
LOGGER.debug("Could not find Security Assertion, cannot look up {}.", key);
return Collections.emptyList();
}
return assertion.getAttributeStatements().stream().flatMap(as -> as.getAttributes().stream()).filter(a -> a.getName().equals(key)).flatMap(a -> a.getAttributeValues().stream()).filter(o -> o instanceof XSString).map(o -> (XSString) o).map(XSString::getValue).collect(Collectors.toList());
}
Also used :
Arrays(java.util.Arrays)
X500Principal(javax.security.auth.x500.X500Principal)
SortedSet(java.util.SortedSet)
LoggerFactory(org.slf4j.LoggerFactory)
BCStyle(org.bouncycastle.asn1.x500.style.BCStyle)
TreeSet(java.util.TreeSet)
AttributeTypeAndValue(org.bouncycastle.asn1.x500.AttributeTypeAndValue)
X500Name(org.bouncycastle.asn1.x500.X500Name)
Attribute(org.opensaml.saml.saml2.core.Attribute)
Subject(org.apache.shiro.subject.Subject)
AttributeStatement(org.opensaml.saml.saml2.core.AttributeStatement)
StringTokenizer(java.util.StringTokenizer)
Map(java.util.Map)
PrincipalCollection(org.apache.shiro.subject.PrincipalCollection)
XSString(org.opensaml.core.xml.schema.XSString)
ASN1ObjectIdentifier(org.bouncycastle.asn1.ASN1ObjectIdentifier)
Nullable(javax.annotation.Nullable)
SecurityAssertion(ddf.security.assertion.SecurityAssertion)
Logger(org.slf4j.Logger)
RDN(org.bouncycastle.asn1.x500.RDN)
Predicate(java.util.function.Predicate)
KerberosPrincipal(javax.security.auth.kerberos.KerberosPrincipal)
Collection(java.util.Collection)
Collectors(java.util.stream.Collectors)
GuestPrincipal(ddf.security.principal.GuestPrincipal)
List(java.util.List)
Principal(java.security.Principal)
Collections(java.util.Collections)
Validate(org.apache.commons.lang.Validate)
PrincipalCollection(org.apache.shiro.subject.PrincipalCollection)
XSString(org.opensaml.core.xml.schema.XSString)
SecurityAssertion(ddf.security.assertion.SecurityAssertion)
Example 5 with Attribute
use of org.opensaml.saml.saml2.core.Attribute in project ddf by codice.
the class SecurityAssertionImpl method toString.
/*
* (non-Javadoc)
*
* @see java.lang.Object#toString()
*/
@Override
public String toString() {
StringBuilder result = new StringBuilder();
result.append("Principal: ");
result.append(getPrincipal());
result.append(", Attributes: ");
for (AttributeStatement attributeStatement : getAttributeStatements()) {
for (Attribute attr : attributeStatement.getAttributes()) {
result.append("[ ");
result.append(attr.getName());
result.append(" : ");
for (int i = 0; i < attr.getAttributeValues().size(); i++) {
result.append(((XSString) attr.getAttributeValues().get(i)).getValue());
}
result.append("] ");
}
}
// add this back in when we support parsing this information
result.append(", AuthnStatements: ");
for (AuthnStatement authStatement : getAuthnStatements()) {
result.append("[ ");
result.append(authStatement.getAuthnInstant());
result.append(" : ");
result.append(authStatement.getAuthnContext().getAuthnContextClassRef().getAuthnContextClassRef());
result.append("] ");
}
// }
return result.toString();
}
Also used :
Attribute(org.opensaml.saml.saml2.core.Attribute)
EncryptedAttribute(org.opensaml.saml.saml2.core.EncryptedAttribute)
AttributeStatement(org.opensaml.saml.saml2.core.AttributeStatement)
AuthnStatement(org.opensaml.saml.saml2.core.AuthnStatement)
Aggregations
Attribute (org.opensaml.saml.saml2.core.Attribute)63
AttributeStatement (org.opensaml.saml.saml2.core.AttributeStatement)44
Test (org.junit.jupiter.api.Test)27
Assertion (org.opensaml.saml.saml2.core.Assertion)23
List (java.util.List)18
XMLObject (org.opensaml.core.xml.XMLObject)18
lombok.val (lombok.val)15
AttributeBuilder (org.opensaml.saml.saml2.core.impl.AttributeBuilder)13
Map (java.util.Map)12
EncryptedAttribute (org.opensaml.saml.saml2.core.EncryptedAttribute)12
ArrayList (java.util.ArrayList)11
HashMap (java.util.HashMap)11
XSString (org.opensaml.core.xml.schema.XSString)11
NameID (org.opensaml.saml.saml2.core.NameID)10
Slf4j (lombok.extern.slf4j.Slf4j)9
SimpleStringAttributeBuilder.aSimpleStringAttribute (uk.gov.ida.saml.core.test.builders.SimpleStringAttributeBuilder.aSimpleStringAttribute)9
Element (org.w3c.dom.Element)8
SamlTransformationErrorFactory.emptyAttribute (uk.gov.ida.saml.core.errors.SamlTransformationErrorFactory.emptyAttribute)8
Issuer (org.opensaml.saml.saml2.core.Issuer)7
AttributeStatementLogData (uk.gov.ida.hub.samlengine.logging.data.AttributeStatementLogData)7
