Example 66 with Attribute
use of org.opensaml.saml.saml2.core.Attribute in project cas by apereo.
the class SamlIdPServicesManagerRegisteredServiceLocator method getSamlParameterValue.
/**
* Get the saml2 request or entity id as a service attribute.
*
* @param registeredService the registered service
* @param service the service
* @return the boolean
*/
protected Optional<Pair<SamlProtocolServiceAttribute, String>> getSamlParameterValue(final RegisteredService registeredService, final Service service) {
if (registeredService instanceof SamlRegisteredService) {
val attributes = service.getAttributes();
LOGGER.trace("Reviewing service attributes [{}] for service id [{}] to match registered service [{}]", attributes, service.getId(), registeredService.getName());
return SamlProtocolServiceAttribute.values().stream().sorted(Comparator.comparing(SamlProtocolServiceAttribute::getOrder)).filter(attr -> attributes.containsKey(attr.getAttributeName())).map(attr -> Pair.of(attr, CollectionUtils.firstElement(attributes.get(attr.getAttributeName())).map(Object::toString).orElseThrow())).findFirst();
}
LOGGER.trace("Registered service [{}] is not a SAML2 registered service", registeredService.getName());
return Optional.empty();
}
Also used :
lombok.val(lombok.val)
Ordered(org.springframework.core.Ordered)
Getter(lombok.Getter)
SamlRegisteredServiceCachingMetadataResolver(org.apereo.cas.support.saml.services.idp.metadata.cache.SamlRegisteredServiceCachingMetadataResolver)
RequiredArgsConstructor(lombok.RequiredArgsConstructor)
lombok.val(lombok.val)
RequestAbstractType(org.opensaml.saml.saml2.core.RequestAbstractType)
StringUtils(org.apache.commons.lang3.StringUtils)
DefaultServicesManagerRegisteredServiceLocator(org.apereo.cas.services.DefaultServicesManagerRegisteredServiceLocator)
RegisteredService(org.apereo.cas.services.RegisteredService)
SamlIdPUtils(org.apereo.cas.support.saml.SamlIdPUtils)
SamlProtocolConstants(org.apereo.cas.support.saml.SamlProtocolConstants)
SamlUtils(org.apereo.cas.support.saml.SamlUtils)
Slf4j(lombok.extern.slf4j.Slf4j)
List(java.util.List)
Pair(org.apache.commons.lang3.tuple.Pair)
Service(org.apereo.cas.authentication.principal.Service)
SamlIdPConstants(org.apereo.cas.support.saml.SamlIdPConstants)
CollectionUtils(org.apereo.cas.util.CollectionUtils)
SamlRegisteredServiceServiceProviderMetadataFacade(org.apereo.cas.support.saml.services.idp.metadata.SamlRegisteredServiceServiceProviderMetadataFacade)
Optional(java.util.Optional)
Comparator(java.util.Comparator)
Example 67 with Attribute
use of org.opensaml.saml.saml2.core.Attribute in project cas by apereo.
the class AuthnRequestRequestedAttributesAttributeReleasePolicy method determineRequestedAttributeDefinitions.
@Override
protected List<String> determineRequestedAttributeDefinitions(final RegisteredServiceAttributeReleasePolicyContext context) {
val definitions = new ArrayList<String>();
val applicationContext = ApplicationContextProvider.getApplicationContext();
getSamlAuthnRequest(applicationContext).ifPresent(authnRequest -> {
if (authnRequest.getExtensions() != null) {
authnRequest.getExtensions().getUnknownXMLObjects().stream().filter(object -> object instanceof RequestedAttribute).map(object -> (RequestedAttribute) object).forEach(attr -> {
val name = this.useFriendlyName ? attr.getFriendlyName() : attr.getName();
LOGGER.debug("Found requested attribute [{}] in metadata for [{}]", name, context.getRegisteredService().getName());
definitions.add(name);
});
}
});
return definitions;
}
Also used :
lombok.val(lombok.val)
Setter(lombok.Setter)
RegisteredServiceAttributeReleasePolicyContext(org.apereo.cas.services.RegisteredServiceAttributeReleasePolicyContext)
Getter(lombok.Getter)
SamlRegisteredServiceCachingMetadataResolver(org.apereo.cas.support.saml.services.idp.metadata.cache.SamlRegisteredServiceCachingMetadataResolver)
lombok.val(lombok.val)
HashMap(java.util.HashMap)
EqualsAndHashCode(lombok.EqualsAndHashCode)
ApplicationContext(org.springframework.context.ApplicationContext)
ArrayList(java.util.ArrayList)
Slf4j(lombok.extern.slf4j.Slf4j)
List(java.util.List)
Map(java.util.Map)
ToString(lombok.ToString)
SamlRegisteredServiceServiceProviderMetadataFacade(org.apereo.cas.support.saml.services.idp.metadata.SamlRegisteredServiceServiceProviderMetadataFacade)
AllArgsConstructor(lombok.AllArgsConstructor)
EntityDescriptor(org.opensaml.saml.saml2.metadata.EntityDescriptor)
ApplicationContextProvider(org.apereo.cas.util.spring.ApplicationContextProvider)
RequestedAttribute(org.opensaml.saml.saml2.metadata.RequestedAttribute)
NoArgsConstructor(lombok.NoArgsConstructor)
RequestedAttribute(org.opensaml.saml.saml2.metadata.RequestedAttribute)
ArrayList(java.util.ArrayList)
Example 68 with Attribute
use of org.opensaml.saml.saml2.core.Attribute in project verify-hub by alphagov.
the class VerifiedAttributesLoggerTest method shouldLogFirstNameHistory.
@Test
public void shouldLogFirstNameHistory() throws Exception {
AttributeValue oldFirstNameAttributeValue = new PersonNameAttributeValueBuilder().withTo(DateTime.now().minusDays(181)).withVerified(true).build();
AttributeValue currentFirstNameAttributeValue = new PersonNameAttributeValueBuilder().withFrom(DateTime.now()).withTo(null).build();
Attribute firstNameAttribute = new AttributeBuilder().buildObject();
firstNameAttribute.setName(IdaConstants.Attributes_1_1.Firstname.NAME);
firstNameAttribute.getAttributeValues().add(oldFirstNameAttributeValue);
firstNameAttribute.getAttributeValues().add(currentFirstNameAttributeValue);
List<Attribute> attributes = aMatchingDatasetAttributeStatement_1_1().withFirstname(firstNameAttribute).build().getAttributes();
AttributeStatementLogData actual = mapper.readValue(formatAttributes("any-issuer", LEVEL_2, attributes), AttributeStatementLogData.class);
Map<String, List<VerifiedAttributeLogData>> attributesMap = actual.getAttributes();
assertThat(attributesMap.get(IdaConstants.Attributes_1_1.Firstname.NAME)).isEqualTo(List.of(new VerifiedAttributeLogData(true, "more than 180 days"), new VerifiedAttributeLogData(false, null)));
}
Also used :
AttributeValue(org.opensaml.saml.saml2.core.AttributeValue)
AttributeBuilder(org.opensaml.saml.saml2.core.impl.AttributeBuilder)
Attribute(org.opensaml.saml.saml2.core.Attribute)
AttributeStatementLogData(uk.gov.ida.hub.samlengine.logging.data.AttributeStatementLogData)
PersonNameAttributeValueBuilder(uk.gov.ida.saml.core.test.builders.PersonNameAttributeValueBuilder)
List(java.util.List)
VerifiedAttributeLogData(uk.gov.ida.hub.samlengine.logging.data.VerifiedAttributeLogData)
Test(org.junit.jupiter.api.Test)
Example 69 with Attribute
use of org.opensaml.saml.saml2.core.Attribute in project verify-hub by alphagov.
the class VerifiedAttributesLoggerTest method shouldLogPreviousAddressHistory.
@Test
public void shouldLogPreviousAddressHistory() throws Exception {
AttributeValue previousAddressAttributeValue = new AddressAttributeValueBuilder_1_1().withFrom(DateTime.now().minusYears(10)).withTo(DateTime.now().minusYears(1)).withVerified(false).build();
Attribute previousAddressAttribute = new AttributeBuilder().buildObject();
previousAddressAttribute.setName(IdaConstants.Attributes_1_1.PreviousAddress.NAME);
previousAddressAttribute.getAttributeValues().add(previousAddressAttributeValue);
List<Attribute> attributes = aMatchingDatasetAttributeStatement_1_1().addPreviousAddress(previousAddressAttribute).build().getAttributes();
AttributeStatementLogData actual = mapper.readValue(formatAttributes("any-issuer", LEVEL_2, attributes), AttributeStatementLogData.class);
Map<String, List<VerifiedAttributeLogData>> attributesMap = actual.getAttributes();
assertThat(attributesMap.get(IdaConstants.Attributes_1_1.PreviousAddress.NAME)).isEqualTo(List.of(new VerifiedAttributeLogData(false, "more than 180 days")));
}
Also used :
AttributeValue(org.opensaml.saml.saml2.core.AttributeValue)
AddressAttributeValueBuilder_1_1(uk.gov.ida.saml.core.test.builders.AddressAttributeValueBuilder_1_1)
AttributeBuilder(org.opensaml.saml.saml2.core.impl.AttributeBuilder)
Attribute(org.opensaml.saml.saml2.core.Attribute)
AttributeStatementLogData(uk.gov.ida.hub.samlengine.logging.data.AttributeStatementLogData)
List(java.util.List)
VerifiedAttributeLogData(uk.gov.ida.hub.samlengine.logging.data.VerifiedAttributeLogData)
Test(org.junit.jupiter.api.Test)
Example 70 with Attribute
use of org.opensaml.saml.saml2.core.Attribute in project verify-hub by alphagov.
the class VerifiedAttributesLoggerTest method shouldLogDateOfBirthHistory.
@Test
public void shouldLogDateOfBirthHistory() throws Exception {
Attribute dateOfBirthAttribute = new AttributeBuilder().buildObject();
dateOfBirthAttribute.setName(IdaConstants.Attributes_1_1.DateOfBirth.NAME);
AttributeValue oldDateOfBirthAttributeValue = new DateAttributeValueBuilder().withTo(DateTime.now().minusDays(1)).withVerified(true).build();
AttributeValue currentDateOfBirthAttributeValue = new DateAttributeValueBuilder().withTo(null).build();
dateOfBirthAttribute.getAttributeValues().add(oldDateOfBirthAttributeValue);
dateOfBirthAttribute.getAttributeValues().add(currentDateOfBirthAttributeValue);
List<Attribute> attributes = aMatchingDatasetAttributeStatement_1_1().withDateOfBirth(dateOfBirthAttribute).build().getAttributes();
AttributeStatementLogData actual = mapper.readValue(formatAttributes("any-issuer", LEVEL_2, attributes), AttributeStatementLogData.class);
Map<String, List<VerifiedAttributeLogData>> attributesMap = actual.getAttributes();
assertThat(attributesMap.get(IdaConstants.Attributes_1_1.DateOfBirth.NAME)).isEqualTo(List.of(new VerifiedAttributeLogData(true, "less than 180 days"), new VerifiedAttributeLogData(false, null)));
}
Also used :
AttributeBuilder(org.opensaml.saml.saml2.core.impl.AttributeBuilder)
AttributeValue(org.opensaml.saml.saml2.core.AttributeValue)
Attribute(org.opensaml.saml.saml2.core.Attribute)
AttributeStatementLogData(uk.gov.ida.hub.samlengine.logging.data.AttributeStatementLogData)
List(java.util.List)
DateAttributeValueBuilder(uk.gov.ida.saml.core.test.builders.DateAttributeValueBuilder)
VerifiedAttributeLogData(uk.gov.ida.hub.samlengine.logging.data.VerifiedAttributeLogData)
Test(org.junit.jupiter.api.Test)
Aggregations
Attribute (org.opensaml.saml.saml2.core.Attribute)63
AttributeStatement (org.opensaml.saml.saml2.core.AttributeStatement)44
Test (org.junit.jupiter.api.Test)27
Assertion (org.opensaml.saml.saml2.core.Assertion)23
List (java.util.List)18
XMLObject (org.opensaml.core.xml.XMLObject)18
lombok.val (lombok.val)15
AttributeBuilder (org.opensaml.saml.saml2.core.impl.AttributeBuilder)13
Map (java.util.Map)12
EncryptedAttribute (org.opensaml.saml.saml2.core.EncryptedAttribute)12
ArrayList (java.util.ArrayList)11
HashMap (java.util.HashMap)11
XSString (org.opensaml.core.xml.schema.XSString)11
NameID (org.opensaml.saml.saml2.core.NameID)10
Slf4j (lombok.extern.slf4j.Slf4j)9
SimpleStringAttributeBuilder.aSimpleStringAttribute (uk.gov.ida.saml.core.test.builders.SimpleStringAttributeBuilder.aSimpleStringAttribute)9
Element (org.w3c.dom.Element)8
SamlTransformationErrorFactory.emptyAttribute (uk.gov.ida.saml.core.errors.SamlTransformationErrorFactory.emptyAttribute)8
Issuer (org.opensaml.saml.saml2.core.Issuer)7
AttributeStatementLogData (uk.gov.ida.hub.samlengine.logging.data.AttributeStatementLogData)7
