use of org.opensaml.saml.saml2.core.AuthnContextComparisonTypeEnumeration in project cxf by apache.
the class SamlpRequestComponentBuilder method createRequestedAuthnCtxPolicy.
@SuppressWarnings("unchecked")
public static RequestedAuthnContext createRequestedAuthnCtxPolicy(AuthnContextComparisonTypeEnumeration comparison, List<AuthnContextClassRef> authnCtxClassRefList, List<AuthnContextDeclRef> authnCtxDeclRefList) {
if (requestedAuthnCtxBuilder == null) {
requestedAuthnCtxBuilder = (SAMLObjectBuilder<RequestedAuthnContext>) builderFactory.getBuilder(RequestedAuthnContext.DEFAULT_ELEMENT_NAME);
}
RequestedAuthnContext authnCtx = requestedAuthnCtxBuilder.buildObject();
authnCtx.setComparison(comparison);
if (authnCtxClassRefList != null) {
List<AuthnContextClassRef> classRefList = authnCtx.getAuthnContextClassRefs();
classRefList.addAll(authnCtxClassRefList);
}
if (authnCtxDeclRefList != null) {
List<AuthnContextDeclRef> declRefList = authnCtx.getAuthnContextDeclRefs();
declRefList.addAll(authnCtxDeclRefList);
}
return authnCtx;
}
use of org.opensaml.saml.saml2.core.AuthnContextComparisonTypeEnumeration in project verify-hub by alphagov.
the class IdaAuthnRequestTranslator method getIdaAuthnRequestFromHub.
public IdaAuthnRequestFromHub getIdaAuthnRequestFromHub(IdaAuthnRequestFromHubDto idaAuthnRequestFromHubDto, URI ssoUri, String hubEntityId) {
List<AuthnContext> levelsOfAssurance = idaAuthnRequestFromHubDto.getLevelsOfAssurance();
AuthnContextComparisonTypeEnumeration comparisonType;
if (idaAuthnRequestFromHubDto.getUseExactComparisonType()) {
comparisonType = EXACT;
} else {
comparisonType = MINIMUM;
if (levelsOfAssurance.size() == 1) {
levelsOfAssurance = Arrays.asList(levelsOfAssurance.get(0), levelsOfAssurance.get(0));
}
}
return createRequestToSendFromHub(idaAuthnRequestFromHubDto.getId(), levelsOfAssurance, idaAuthnRequestFromHubDto.getForceAuthentication(), idaAuthnRequestFromHubDto.getSessionExpiryTimestamp(), ssoUri, comparisonType, hubEntityId);
}
use of org.opensaml.saml.saml2.core.AuthnContextComparisonTypeEnumeration in project verify-hub by alphagov.
the class IdaAuthnRequestFromHubToAuthnRequestTransformer method supplementAuthnRequestWithDetails.
protected void supplementAuthnRequestWithDetails(IdaAuthnRequestFromHub originalRequestFromHub, AuthnRequest authnRequest) {
Conditions conditions = getSamlObjectFactory().createConditions();
conditions.setNotOnOrAfter(originalRequestFromHub.getSessionExpiryTimestamp());
authnRequest.setConditions(conditions);
Scoping scoping = getSamlObjectFactory().createScoping();
scoping.setProxyCount(0);
authnRequest.setScoping(scoping);
AuthnContextComparisonTypeEnumeration comparisonType = originalRequestFromHub.getComparisonType();
RequestedAuthnContext requestedAuthnContext = getSamlObjectFactory().createRequestedAuthnContext(comparisonType);
originalRequestFromHub.getLevelsOfAssurance().stream().map(AuthnContext::getUri).map(uri -> getSamlObjectFactory().createAuthnContextClassReference(uri)).forEach(ref -> requestedAuthnContext.getAuthnContextClassRefs().add(ref));
NameIDPolicy nameIdPolicy = getSamlObjectFactory().createNameIdPolicy();
nameIdPolicy.setFormat(NameIDType.PERSISTENT);
nameIdPolicy.setSPNameQualifier(HubConstants.SP_NAME_QUALIFIER);
nameIdPolicy.setAllowCreate(true);
authnRequest.setNameIDPolicy(nameIdPolicy);
authnRequest.setRequestedAuthnContext(requestedAuthnContext);
if (originalRequestFromHub.getForceAuthentication().isPresent()) {
authnRequest.setForceAuthn(originalRequestFromHub.getForceAuthentication().get());
}
}
Aggregations