Search in sources :

Example 86 with Attribute

use of org.opensaml.saml.saml2.core.Attribute in project tesb-rt-se by Talend.

the class SAML2AuthorizingInterceptor method getRoleFromAssertion.

private String getRoleFromAssertion(SamlAssertionWrapper assertion) {
    Assertion saml2Assertion = assertion.getSaml2();
    if (saml2Assertion == null) {
        return null;
    }
    List<AttributeStatement> attributeStatements = saml2Assertion.getAttributeStatements();
    if (attributeStatements == null || attributeStatements.isEmpty()) {
        return null;
    }
    String nameFormat = "http://schemas.xmlsoap.org/ws/2005/05/identity/claims";
    for (AttributeStatement statement : attributeStatements) {
        List<Attribute> attributes = statement.getAttributes();
        for (Attribute attribute : attributes) {
            if ("role".equals(attribute.getName()) && nameFormat.equals(attribute.getNameFormat())) {
                Element attributeValueElement = attribute.getAttributeValues().get(0).getDOM();
                return attributeValueElement.getTextContent();
            }
        }
    }
    return null;
}
Also used : Attribute(org.opensaml.saml.saml2.core.Attribute) AttributeStatement(org.opensaml.saml.saml2.core.AttributeStatement) Element(org.w3c.dom.Element) Assertion(org.opensaml.saml.saml2.core.Assertion)

Example 87 with Attribute

use of org.opensaml.saml.saml2.core.Attribute in project cloudstack by apache.

the class SAMLUtils method getValueFromAttributeStatements.

public static String getValueFromAttributeStatements(final List<AttributeStatement> attributeStatements, final String attributeKey) {
    if (attributeStatements == null || attributeStatements.size() < 1 || attributeKey == null) {
        return null;
    }
    for (AttributeStatement attributeStatement : attributeStatements) {
        if (attributeStatement == null || attributeStatements.size() < 1) {
            continue;
        }
        for (Attribute attribute : attributeStatement.getAttributes()) {
            if (attribute.getAttributeValues() != null && attribute.getAttributeValues().size() > 0) {
                String value = attribute.getAttributeValues().get(0).getDOM().getTextContent();
                s_logger.debug("SAML attribute name: " + attribute.getName() + " friendly-name:" + attribute.getFriendlyName() + " value:" + value);
                if (attributeKey.equals(attribute.getName()) || attributeKey.equals(attribute.getFriendlyName())) {
                    return value;
                }
            }
        }
    }
    return null;
}
Also used : Attribute(org.opensaml.saml2.core.Attribute) AttributeStatement(org.opensaml.saml2.core.AttributeStatement)

Example 88 with Attribute

use of org.opensaml.saml.saml2.core.Attribute in project spring-security by spring-projects.

the class OpenSamlDecryptionUtils method decryptAssertionElements.

static void decryptAssertionElements(Assertion assertion, RelyingPartyRegistration registration) {
    Decrypter decrypter = decrypter(registration);
    for (AttributeStatement statement : assertion.getAttributeStatements()) {
        for (EncryptedAttribute encryptedAttribute : statement.getEncryptedAttributes()) {
            try {
                Attribute attribute = decrypter.decrypt(encryptedAttribute);
                statement.getAttributes().add(attribute);
            } catch (Exception ex) {
                throw new Saml2Exception(ex);
            }
        }
    }
    if (assertion.getSubject() == null) {
        return;
    }
    if (assertion.getSubject().getEncryptedID() == null) {
        return;
    }
    try {
        assertion.getSubject().setNameID((NameID) decrypter.decrypt(assertion.getSubject().getEncryptedID()));
    } catch (Exception ex) {
        throw new Saml2Exception(ex);
    }
}
Also used : EncryptedAttribute(org.opensaml.saml.saml2.core.EncryptedAttribute) EncryptedAttribute(org.opensaml.saml.saml2.core.EncryptedAttribute) Attribute(org.opensaml.saml.saml2.core.Attribute) AttributeStatement(org.opensaml.saml.saml2.core.AttributeStatement) Decrypter(org.opensaml.saml.saml2.encryption.Decrypter) Saml2Exception(org.springframework.security.saml2.Saml2Exception) Saml2Exception(org.springframework.security.saml2.Saml2Exception)

Example 89 with Attribute

use of org.opensaml.saml.saml2.core.Attribute in project spring-security by spring-projects.

the class OpenSaml4AuthenticationProvider method getAssertionAttributes.

private static Map<String, List<Object>> getAssertionAttributes(Assertion assertion) {
    Map<String, List<Object>> attributeMap = new LinkedHashMap<>();
    for (AttributeStatement attributeStatement : assertion.getAttributeStatements()) {
        for (Attribute attribute : attributeStatement.getAttributes()) {
            List<Object> attributeValues = new ArrayList<>();
            for (XMLObject xmlObject : attribute.getAttributeValues()) {
                Object attributeValue = getXmlObjectValue(xmlObject);
                if (attributeValue != null) {
                    attributeValues.add(attributeValue);
                }
            }
            attributeMap.put(attribute.getName(), attributeValues);
        }
    }
    return attributeMap;
}
Also used : Attribute(org.opensaml.saml.saml2.core.Attribute) AttributeStatement(org.opensaml.saml.saml2.core.AttributeStatement) ArrayList(java.util.ArrayList) XMLObject(org.opensaml.core.xml.XMLObject) List(java.util.List) ArrayList(java.util.ArrayList) XMLObject(org.opensaml.core.xml.XMLObject) XSString(org.opensaml.core.xml.schema.XSString) LinkedHashMap(java.util.LinkedHashMap)

Example 90 with Attribute

use of org.opensaml.saml.saml2.core.Attribute in project spring-security by spring-projects.

the class TestOpenSamlObjects method customAttributeStatement.

static AttributeStatement customAttributeStatement(String attributeName, XMLObject customAttributeValue) {
    AttributeStatementBuilder attributeStatementBuilder = new AttributeStatementBuilder();
    AttributeBuilder attributeBuilder = new AttributeBuilder();
    Attribute attribute = attributeBuilder.buildObject();
    attribute.setName(attributeName);
    attribute.getAttributeValues().add(customAttributeValue);
    AttributeStatement attributeStatement = attributeStatementBuilder.buildObject();
    attributeStatement.getAttributes().add(attribute);
    return attributeStatement;
}
Also used : AttributeStatementBuilder(org.opensaml.saml.saml2.core.impl.AttributeStatementBuilder) AttributeBuilder(org.opensaml.saml.saml2.core.impl.AttributeBuilder) Attribute(org.opensaml.saml.saml2.core.Attribute) EncryptedAttribute(org.opensaml.saml.saml2.core.EncryptedAttribute) AttributeStatement(org.opensaml.saml.saml2.core.AttributeStatement)

Aggregations

Attribute (org.opensaml.saml.saml2.core.Attribute)63 AttributeStatement (org.opensaml.saml.saml2.core.AttributeStatement)44 Test (org.junit.jupiter.api.Test)27 Assertion (org.opensaml.saml.saml2.core.Assertion)23 List (java.util.List)18 XMLObject (org.opensaml.core.xml.XMLObject)18 lombok.val (lombok.val)15 AttributeBuilder (org.opensaml.saml.saml2.core.impl.AttributeBuilder)13 Map (java.util.Map)12 EncryptedAttribute (org.opensaml.saml.saml2.core.EncryptedAttribute)12 ArrayList (java.util.ArrayList)11 HashMap (java.util.HashMap)11 XSString (org.opensaml.core.xml.schema.XSString)11 NameID (org.opensaml.saml.saml2.core.NameID)10 Slf4j (lombok.extern.slf4j.Slf4j)9 SimpleStringAttributeBuilder.aSimpleStringAttribute (uk.gov.ida.saml.core.test.builders.SimpleStringAttributeBuilder.aSimpleStringAttribute)9 Element (org.w3c.dom.Element)8 SamlTransformationErrorFactory.emptyAttribute (uk.gov.ida.saml.core.errors.SamlTransformationErrorFactory.emptyAttribute)8 Issuer (org.opensaml.saml.saml2.core.Issuer)7 AttributeStatementLogData (uk.gov.ida.hub.samlengine.logging.data.AttributeStatementLogData)7