Examples with AuthnStatement org.opensaml.saml.saml2.core.AuthnStatement used on opensource projects

Example 1 with AuthnStatement

use of org.opensaml.saml.saml2.core.AuthnStatement in project cas by apereo.

the class GoogleAccountsServiceResponseBuilder method constructSamlResponse.

/**
     * Construct SAML response.
     * <a href="http://bit.ly/1uI8Ggu">See this reference for more info.</a>
     *
     * @param service the service
     * @return the SAML response
     */
protected String constructSamlResponse(final GoogleAccountsService service) {
    final ZonedDateTime currentDateTime = ZonedDateTime.now(ZoneOffset.UTC);
    final ZonedDateTime notBeforeIssueInstant = ZonedDateTime.parse("2003-04-17T00:46:02Z");
    final RegisteredService registeredService = servicesManager.findServiceBy(service);
    if (registeredService == null || !registeredService.getAccessStrategy().isServiceAccessAllowed()) {
        throw new UnauthorizedServiceException(UnauthorizedServiceException.CODE_UNAUTHZ_SERVICE);
    }
    final String userId = registeredService.getUsernameAttributeProvider().resolveUsername(service.getPrincipal(), service);
    final org.opensaml.saml.saml2.core.Response response = this.samlObjectBuilder.newResponse(this.samlObjectBuilder.generateSecureRandomId(), currentDateTime, service.getId(), service);
    response.setStatus(this.samlObjectBuilder.newStatus(StatusCode.SUCCESS, null));
    final String sessionIndex = '_' + String.valueOf(Math.abs(new SecureRandom().nextLong()));
    final AuthnStatement authnStatement = this.samlObjectBuilder.newAuthnStatement(AuthnContext.PASSWORD_AUTHN_CTX, currentDateTime, sessionIndex);
    final Assertion assertion = this.samlObjectBuilder.newAssertion(authnStatement, casServerPrefix, notBeforeIssueInstant, this.samlObjectBuilder.generateSecureRandomId());
    final Conditions conditions = this.samlObjectBuilder.newConditions(notBeforeIssueInstant, currentDateTime.plusSeconds(this.skewAllowance), service.getId());
    assertion.setConditions(conditions);
    final Subject subject = this.samlObjectBuilder.newSubject(NameID.EMAIL, userId, service.getId(), currentDateTime.plusSeconds(this.skewAllowance), service.getRequestId());
    assertion.setSubject(subject);
    response.getAssertions().add(assertion);
    final StringWriter writer = new StringWriter();
    this.samlObjectBuilder.marshalSamlXmlObject(response, writer);
    final String result = writer.toString();
    LOGGER.debug("Generated Google SAML response: [{}]", result);
    return result;
}

Example 2 with AuthnStatement

use of org.opensaml.saml.saml2.core.AuthnStatement in project cas by apereo.

the class AbstractSaml20ObjectBuilder method newAssertion.

/**
     * Create a new SAML1 response object.
     *
     * @param authnStatement the authn statement
     * @param issuer         the issuer
     * @param issuedAt       the issued at
     * @param id             the id
     * @return the assertion
     */
public Assertion newAssertion(final List<Statement> authnStatement, final String issuer, final ZonedDateTime issuedAt, final String id) {
    final Assertion assertion = newSamlObject(Assertion.class);
    assertion.setID(id);
    assertion.setIssueInstant(DateTimeUtils.dateTimeOf(issuedAt));
    assertion.setIssuer(newIssuer(issuer));
    assertion.getStatements().addAll(authnStatement);
    return assertion;
}

Example 3 with AuthnStatement

use of org.opensaml.saml.saml2.core.AuthnStatement in project ddf by codice.

the class SecurityAssertionImpl method toString.

/*
     * (non-Javadoc)
     * 
     * @see java.lang.Object#toString()
     */
@Override
public String toString() {
    StringBuilder result = new StringBuilder();
    result.append("Principal: ");
    result.append(getPrincipal());
    result.append(", Attributes: ");
    for (AttributeStatement attributeStatement : getAttributeStatements()) {
        for (Attribute attr : attributeStatement.getAttributes()) {
            result.append("[ ");
            result.append(attr.getName());
            result.append(" : ");
            for (int i = 0; i < attr.getAttributeValues().size(); i++) {
                result.append(((XSString) attr.getAttributeValues().get(i)).getValue());
            }
            result.append("] ");
        }
    }
    // add this back in when we support parsing this information
    result.append(", AuthnStatements: ");
    for (AuthnStatement authStatement : getAuthnStatements()) {
        result.append("[ ");
        result.append(authStatement.getAuthnInstant());
        result.append(" : ");
        result.append(authStatement.getAuthnContext().getAuthnContextClassRef().getAuthnContextClassRef());
        result.append("] ");
    }
    //        }
    return result.toString();
}

Example 4 with AuthnStatement

use of org.opensaml.saml.saml2.core.AuthnStatement in project cas by apereo.

the class AbstractSaml20ObjectBuilder method newAuthnStatement.

/**
     * New authn statement.
     *
     * @param contextClassRef the context class ref such as {@link AuthnContext#PASSWORD_AUTHN_CTX}
     * @param authnInstant    the authn instant
     * @param sessionIndex    the session index
     * @return the authn statement
     */
public AuthnStatement newAuthnStatement(final String contextClassRef, final ZonedDateTime authnInstant, final String sessionIndex) {
    final AuthnStatement stmt = newSamlObject(AuthnStatement.class);
    final AuthnContext ctx = newSamlObject(AuthnContext.class);
    final AuthnContextClassRef classRef = newSamlObject(AuthnContextClassRef.class);
    classRef.setAuthnContextClassRef(contextClassRef);
    ctx.setAuthnContextClassRef(classRef);
    stmt.setAuthnContext(ctx);
    stmt.setAuthnInstant(DateTimeUtils.dateTimeOf(authnInstant));
    stmt.setSessionIndex(sessionIndex);
    return stmt;
}

Example 5 with AuthnStatement

use of org.opensaml.saml.saml2.core.AuthnStatement in project cas by apereo.

the class SamlProfileSamlAuthNStatementBuilder method buildAuthnStatement.

/**
     * Creates an authentication statement for the current request.
     *
     * @param assertion    the assertion
     * @param authnRequest the authn request
     * @param adaptor      the adaptor
     * @param service      the service
     * @return constructed authentication statement
     * @throws SamlException the saml exception
     */
private AuthnStatement buildAuthnStatement(final Assertion assertion, final AuthnRequest authnRequest, final SamlRegisteredServiceServiceProviderMetadataFacade adaptor, final SamlRegisteredService service) throws SamlException {
    final String authenticationMethod = this.authnContextClassRefBuilder.build(assertion, authnRequest, adaptor, service);
    final String id = '_' + String.valueOf(Math.abs(new SecureRandom().nextLong()));
    final AuthnStatement statement = newAuthnStatement(authenticationMethod, DateTimeUtils.zonedDateTimeOf(assertion.getAuthenticationDate()), id);
    if (assertion.getValidUntilDate() != null) {
        final ZonedDateTime dt = DateTimeUtils.zonedDateTimeOf(assertion.getValidUntilDate());
        statement.setSessionNotOnOrAfter(DateTimeUtils.dateTimeOf(dt.plusSeconds(casProperties.getAuthn().getSamlIdp().getResponse().getSkewAllowance())));
    }
    statement.setSubjectLocality(buildSubjectLocality(assertion, authnRequest, adaptor));
    return statement;
}