use of org.opensaml.saml.saml2.core.Scoping in project cas by apereo.
the class SamlIdPDelegatedClientAuthenticationRequestCustomizerTests method setAuthnRequestFor.
private void setAuthnRequestFor(final JEEContext webContext, final String... allowedIdps) throws Exception {
val service = getSamlRegisteredServiceFor("https://cassp.example.org");
service.setId(RandomUtils.nextInt());
val authnRequest = SamlIdPTestUtils.getAuthnRequest(openSamlConfigBean, service);
var builder = (SAMLObjectBuilder) openSamlConfigBean.getBuilderFactory().getBuilder(Scoping.DEFAULT_ELEMENT_NAME);
val scoping = (Scoping) builder.buildObject(Scoping.DEFAULT_ELEMENT_NAME);
builder = (SAMLObjectBuilder) openSamlConfigBean.getBuilderFactory().getBuilder(IDPList.DEFAULT_ELEMENT_NAME);
val idpList = (IDPList) builder.buildObject(IDPList.DEFAULT_ELEMENT_NAME);
Arrays.stream(allowedIdps).forEach(idp -> {
val idpEntry = (IDPEntry) openSamlConfigBean.getBuilderFactory().getBuilder(IDPEntry.DEFAULT_ELEMENT_NAME).buildObject(IDPEntry.DEFAULT_ELEMENT_NAME);
idpEntry.setProviderID(idp);
idpList.getIDPEntrys().add(idpEntry);
});
scoping.setIDPList(idpList);
authnRequest.setScoping(scoping);
storeRequest(authnRequest, webContext);
}
use of org.opensaml.saml.saml2.core.Scoping in project verify-hub by alphagov.
the class IdaAuthnRequestFromHubToAuthnRequestTransformer method supplementAuthnRequestWithDetails.
protected void supplementAuthnRequestWithDetails(IdaAuthnRequestFromHub originalRequestFromHub, AuthnRequest authnRequest) {
Conditions conditions = getSamlObjectFactory().createConditions();
conditions.setNotOnOrAfter(originalRequestFromHub.getSessionExpiryTimestamp());
authnRequest.setConditions(conditions);
Scoping scoping = getSamlObjectFactory().createScoping();
scoping.setProxyCount(0);
authnRequest.setScoping(scoping);
AuthnContextComparisonTypeEnumeration comparisonType = originalRequestFromHub.getComparisonType();
RequestedAuthnContext requestedAuthnContext = getSamlObjectFactory().createRequestedAuthnContext(comparisonType);
originalRequestFromHub.getLevelsOfAssurance().stream().map(AuthnContext::getUri).map(uri -> getSamlObjectFactory().createAuthnContextClassReference(uri)).forEach(ref -> requestedAuthnContext.getAuthnContextClassRefs().add(ref));
NameIDPolicy nameIdPolicy = getSamlObjectFactory().createNameIdPolicy();
nameIdPolicy.setFormat(NameIDType.PERSISTENT);
nameIdPolicy.setSPNameQualifier(HubConstants.SP_NAME_QUALIFIER);
nameIdPolicy.setAllowCreate(true);
authnRequest.setNameIDPolicy(nameIdPolicy);
authnRequest.setRequestedAuthnContext(requestedAuthnContext);
if (originalRequestFromHub.getForceAuthentication().isPresent()) {
authnRequest.setForceAuthn(originalRequestFromHub.getForceAuthentication().get());
}
}
Aggregations