Examples with Subject org.opensaml.saml.saml2.core.Subject used on opensource projects

Search in sources :

Example 1 with Subject

use of org.opensaml.saml.saml2.core.Subject in project OpenAttestation by OpenAttestation.

the class SamlGenerator method createSubject.

private Subject createSubject(TxtHost host) throws ConfigurationException, UnknownHostException {
    // Create the Subject
    SAMLObjectBuilder subjectBuilder = (SAMLObjectBuilder) builderFactory.getBuilder(Subject.DEFAULT_ELEMENT_NAME);
    Subject subject = (Subject) subjectBuilder.buildObject();
    subject.setNameID(createNameID(host));
    subject.getSubjectConfirmations().add(createSubjectConfirmation(host));
    return subject;
}
Also used : SAMLObjectBuilder(org.opensaml.common.SAMLObjectBuilder) Subject(org.opensaml.saml2.core.Subject)

Example 2 with Subject

use of org.opensaml.saml.saml2.core.Subject in project cas by apereo.

the class GoogleAccountsServiceResponseBuilder method constructSamlResponse.

/**
     * Construct SAML response.
     * <a href="http://bit.ly/1uI8Ggu">See this reference for more info.</a>
     *
     * @param service the service
     * @return the SAML response
     */
protected String constructSamlResponse(final GoogleAccountsService service) {
    final ZonedDateTime currentDateTime = ZonedDateTime.now(ZoneOffset.UTC);
    final ZonedDateTime notBeforeIssueInstant = ZonedDateTime.parse("2003-04-17T00:46:02Z");
    final RegisteredService registeredService = servicesManager.findServiceBy(service);
    if (registeredService == null || !registeredService.getAccessStrategy().isServiceAccessAllowed()) {
        throw new UnauthorizedServiceException(UnauthorizedServiceException.CODE_UNAUTHZ_SERVICE);
    }
    final String userId = registeredService.getUsernameAttributeProvider().resolveUsername(service.getPrincipal(), service);
    final org.opensaml.saml.saml2.core.Response response = this.samlObjectBuilder.newResponse(this.samlObjectBuilder.generateSecureRandomId(), currentDateTime, service.getId(), service);
    response.setStatus(this.samlObjectBuilder.newStatus(StatusCode.SUCCESS, null));
    final String sessionIndex = '_' + String.valueOf(Math.abs(new SecureRandom().nextLong()));
    final AuthnStatement authnStatement = this.samlObjectBuilder.newAuthnStatement(AuthnContext.PASSWORD_AUTHN_CTX, currentDateTime, sessionIndex);
    final Assertion assertion = this.samlObjectBuilder.newAssertion(authnStatement, casServerPrefix, notBeforeIssueInstant, this.samlObjectBuilder.generateSecureRandomId());
    final Conditions conditions = this.samlObjectBuilder.newConditions(notBeforeIssueInstant, currentDateTime.plusSeconds(this.skewAllowance), service.getId());
    assertion.setConditions(conditions);
    final Subject subject = this.samlObjectBuilder.newSubject(NameID.EMAIL, userId, service.getId(), currentDateTime.plusSeconds(this.skewAllowance), service.getRequestId());
    assertion.setSubject(subject);
    response.getAssertions().add(assertion);
    final StringWriter writer = new StringWriter();
    this.samlObjectBuilder.marshalSamlXmlObject(response, writer);
    final String result = writer.toString();
    LOGGER.debug("Generated Google SAML response: [{}]", result);
    return result;
}
Also used : RegisteredService(org.apereo.cas.services.RegisteredService) Assertion(org.opensaml.saml.saml2.core.Assertion) UnauthorizedServiceException(org.apereo.cas.services.UnauthorizedServiceException) SecureRandom(java.security.SecureRandom) Conditions(org.opensaml.saml.saml2.core.Conditions) Subject(org.opensaml.saml.saml2.core.Subject) StringWriter(java.io.StringWriter) ZonedDateTime(java.time.ZonedDateTime) AuthnStatement(org.opensaml.saml.saml2.core.AuthnStatement)

Example 3 with Subject

use of org.opensaml.saml.saml2.core.Subject in project cas by apereo.

the class AbstractSaml20ObjectBuilder method newSubject.

/**
     * New subject element.
     *
     * @param nameIdFormat the name id format
     * @param nameIdValue  the name id value
     * @param recipient    the recipient
     * @param notOnOrAfter the not on or after
     * @param inResponseTo the in response to
     * @return the subject
     */
public Subject newSubject(final String nameIdFormat, final String nameIdValue, final String recipient, final ZonedDateTime notOnOrAfter, final String inResponseTo) {
    final SubjectConfirmation confirmation = newSamlObject(SubjectConfirmation.class);
    confirmation.setMethod(SubjectConfirmation.METHOD_BEARER);
    final SubjectConfirmationData data = newSamlObject(SubjectConfirmationData.class);
    data.setRecipient(recipient);
    data.setNotOnOrAfter(DateTimeUtils.dateTimeOf(notOnOrAfter));
    data.setInResponseTo(inResponseTo);
    confirmation.setSubjectConfirmationData(data);
    final Subject subject = newSamlObject(Subject.class);
    subject.setNameID(getNameID(nameIdFormat, nameIdValue));
    subject.getSubjectConfirmations().add(confirmation);
    return subject;
}
Also used : SubjectConfirmation(org.opensaml.saml.saml2.core.SubjectConfirmation) SubjectConfirmationData(org.opensaml.saml.saml2.core.SubjectConfirmationData) Subject(org.opensaml.saml.saml2.core.Subject)

Example 4 with Subject

use of org.opensaml.saml.saml2.core.Subject in project cas by apereo.

the class SamlProfileSamlAuthNStatementBuilder method buildSubjectLocality.

/**
     * Build subject locality subject locality.
     *
     * @param assertion    the assertion
     * @param authnRequest the authn request
     * @param adaptor      the adaptor
     * @return the subject locality
     * @throws SamlException the saml exception
     */
protected SubjectLocality buildSubjectLocality(final Assertion assertion, final AuthnRequest authnRequest, final SamlRegisteredServiceServiceProviderMetadataFacade adaptor) throws SamlException {
    final SubjectLocality subjectLocality = newSamlObject(SubjectLocality.class);
    subjectLocality.setAddress(SamlIdPUtils.getIssuerFromSamlRequest(authnRequest));
    return subjectLocality;
}
Also used : SubjectLocality(org.opensaml.saml.saml2.core.SubjectLocality)

Example 5 with Subject

use of org.opensaml.saml.saml2.core.Subject in project ddf by codice.

the class SecurityPluginTest method setupMockSubject.

private Subject setupMockSubject() {
    XSString mockAttributeValue = mock(XSString.class);
    when(mockAttributeValue.getValue()).thenReturn(TEST_USER);
    List<XMLObject> listOfAttributeValues = Arrays.asList(mockAttributeValue);
    Attribute mockAttribute = mock(Attribute.class);
    when(mockAttribute.getName()).thenReturn(SubjectUtils.EMAIL_ADDRESS_CLAIM_URI);
    when(mockAttribute.getAttributeValues()).thenReturn(listOfAttributeValues);
    List<Attribute> listOfAttributes = Arrays.asList(mockAttribute);
    AttributeStatement mockAttributeStatement = mock(AttributeStatement.class);
    when(mockAttributeStatement.getAttributes()).thenReturn(listOfAttributes);
    List<AttributeStatement> listOfAttributeStatements = Arrays.asList(mockAttributeStatement);
    Subject mockSubject = mock(Subject.class);
    PrincipalCollection mockPrincipals = mock(PrincipalCollection.class);
    SecurityAssertion mockSecurityAssertion = mock(SecurityAssertion.class);
    when(mockSecurityAssertion.getAttributeStatements()).thenReturn(listOfAttributeStatements);
    when(mockPrincipals.oneByType(SecurityAssertion.class)).thenReturn(mockSecurityAssertion);
    when(mockSubject.getPrincipals()).thenReturn(mockPrincipals);
    return mockSubject;
}
Also used : Attribute(org.opensaml.saml.saml2.core.Attribute) AttributeStatement(org.opensaml.saml.saml2.core.AttributeStatement) XMLObject(org.opensaml.core.xml.XMLObject) PrincipalCollection(org.apache.shiro.subject.PrincipalCollection) XSString(org.opensaml.core.xml.schema.XSString) SecurityAssertion(ddf.security.assertion.SecurityAssertion) Subject(ddf.security.Subject)

Aggregations

SecurityAssertion (ddf.security.assertion.SecurityAssertion)4 SecurityServiceException (ddf.security.service.SecurityServiceException)3 ZonedDateTime (java.time.ZonedDateTime)3 PrincipalCollection (org.apache.shiro.subject.PrincipalCollection)3 XSString (org.opensaml.core.xml.schema.XSString)3 AttributeStatement (org.opensaml.saml.saml2.core.AttributeStatement)3 Subject (org.opensaml.saml.saml2.core.Subject)3 Subject (ddf.security.Subject)2 X509Certificate (java.security.cert.X509Certificate)2 Map (java.util.Map)2 WSSecurityException (org.apache.wss4j.common.ext.WSSecurityException)2 Subject (org.opensaml.saml.saml1.core.Subject)2 Attribute (org.opensaml.saml.saml2.core.Attribute)2 SubjectConfirmation (org.opensaml.saml.saml2.core.SubjectConfirmation)2 Expansion (ddf.security.expansion.Expansion)1 KeyValueCollectionPermission (ddf.security.permission.KeyValueCollectionPermission)1 KeyValuePermission (ddf.security.permission.KeyValuePermission)1 GuestPrincipal (ddf.security.principal.GuestPrincipal)1 SimpleSign (ddf.security.samlp.SimpleSign)1 ValidationException (ddf.security.samlp.ValidationException)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial