Examples with AttributeStatementBuilder org.opensaml.saml.saml2.core.impl.AttributeStatementBuilder used on opensource projects

Example 1 with AttributeStatementBuilder

use of org.opensaml.saml.saml2.core.impl.AttributeStatementBuilder in project webcert by sklintyg.

the class FakeElegAuthenticationProvider method createSamlCredential.

private SAMLCredential createSamlCredential(Authentication token) {
    FakeElegCredentials fakeCredentials = (FakeElegCredentials) token.getCredentials();
    Assertion assertion = new AssertionBuilder().buildObject();
    attachAuthenticationContext(assertion, FAKE_AUTHENTICATION_ELEG_CONTEXT_REF);
    AttributeStatement attributeStatement = new AttributeStatementBuilder().buildObject();
    assertion.getAttributeStatements().add(attributeStatement);
    attributeStatement.getAttributes().add(createAttribute(CgiElegAssertion.PERSON_ID_ATTRIBUTE, fakeCredentials.getPersonId()));
    attributeStatement.getAttributes().add(createAttribute(CgiElegAssertion.FORNAMN_ATTRIBUTE, fakeCredentials.getFirstName()));
    attributeStatement.getAttributes().add(createAttribute(CgiElegAssertion.MELLAN_OCH_EFTERNAMN_ATTRIBUTE, fakeCredentials.getLastName()));
    NameID nameId = new NameIDBuilder().buildObject();
    nameId.setValue(token.getCredentials().toString());
    return new SAMLCredential(nameId, assertion, "fake-idp", "webcert");
}

Example 2 with AttributeStatementBuilder

use of org.opensaml.saml.saml2.core.impl.AttributeStatementBuilder in project webcert by sklintyg.

the class CommonFakeAuthenticationProvider method createSamlCredential.

private SAMLCredential createSamlCredential(Authentication token) {
    FakeCredentials fakeCredentials = (FakeCredentials) token.getCredentials();
    Assertion assertion = new AssertionBuilder().buildObject();
    attachAuthenticationContext(assertion, FAKE_AUTHENTICATION_SITHS_CONTEXT_REF);
    AttributeStatement attributeStatement = new AttributeStatementBuilder().buildObject();
    assertion.getAttributeStatements().add(attributeStatement);
    addAttribute(attributeStatement, BaseSakerhetstjanstAssertion.HSA_ID_ATTRIBUTE, fakeCredentials.getHsaId());
    NameID nameId = new NameIDBuilder().buildObject();
    nameId.setValue(token.getCredentials().toString());
    return new SAMLCredential(nameId, assertion, "fake-idp", "webcert");
}

Example 3 with AttributeStatementBuilder

use of org.opensaml.saml.saml2.core.impl.AttributeStatementBuilder in project spring-security by spring-projects.

the class TestOpenSamlObjects method attributeStatements.

static List<AttributeStatement> attributeStatements() {
    List<AttributeStatement> attributeStatements = new ArrayList<>();
    AttributeStatementBuilder attributeStatementBuilder = new AttributeStatementBuilder();
    AttributeBuilder attributeBuilder = new AttributeBuilder();
    AttributeStatement attrStmt1 = attributeStatementBuilder.buildObject();
    Attribute emailAttr = attributeBuilder.buildObject();
    emailAttr.setName("email");
    // gh-8864
    XSAny email1 = new XSAnyBuilder().buildObject(AttributeValue.DEFAULT_ELEMENT_NAME, XSAny.TYPE_NAME);
    email1.setTextContent("john.doe@example.com");
    emailAttr.getAttributeValues().add(email1);
    XSAny email2 = new XSAnyBuilder().buildObject(AttributeValue.DEFAULT_ELEMENT_NAME);
    email2.setTextContent("doe.john@example.com");
    emailAttr.getAttributeValues().add(email2);
    attrStmt1.getAttributes().add(emailAttr);
    Attribute nameAttr = attributeBuilder.buildObject();
    nameAttr.setName("name");
    XSString name = new XSStringBuilder().buildObject(AttributeValue.DEFAULT_ELEMENT_NAME, XSString.TYPE_NAME);
    name.setValue("John Doe");
    nameAttr.getAttributeValues().add(name);
    attrStmt1.getAttributes().add(nameAttr);
    Attribute ageAttr = attributeBuilder.buildObject();
    ageAttr.setName("age");
    XSInteger age = new XSIntegerBuilder().buildObject(AttributeValue.DEFAULT_ELEMENT_NAME, XSInteger.TYPE_NAME);
    age.setValue(21);
    ageAttr.getAttributeValues().add(age);
    attrStmt1.getAttributes().add(ageAttr);
    attributeStatements.add(attrStmt1);
    AttributeStatement attrStmt2 = attributeStatementBuilder.buildObject();
    Attribute websiteAttr = attributeBuilder.buildObject();
    websiteAttr.setName("website");
    XSURI uri = new XSURIBuilder().buildObject(AttributeValue.DEFAULT_ELEMENT_NAME, XSURI.TYPE_NAME);
    uri.setValue("https://johndoe.com/");
    websiteAttr.getAttributeValues().add(uri);
    attrStmt2.getAttributes().add(websiteAttr);
    Attribute registeredAttr = attributeBuilder.buildObject();
    registeredAttr.setName("registered");
    XSBoolean registered = new XSBooleanBuilder().buildObject(AttributeValue.DEFAULT_ELEMENT_NAME, XSBoolean.TYPE_NAME);
    registered.setValue(new XSBooleanValue(true, false));
    registeredAttr.getAttributeValues().add(registered);
    attrStmt2.getAttributes().add(registeredAttr);
    attributeStatements.add(attrStmt2);
    return attributeStatements;
}

Example 4 with AttributeStatementBuilder

use of org.opensaml.saml.saml2.core.impl.AttributeStatementBuilder in project ddf by codice.

the class SamlAssertionValidatorImplTest method createHolderOfKeyAssertion.

private Assertion createHolderOfKeyAssertion() throws Exception {
    Assertion assertion = new AssertionBuilder().buildObject();
    assertion.setID(UUID.randomUUID().toString());
    assertion.setIssueInstant(new DateTime());
    Issuer issuer = new IssuerBuilder().buildObject();
    issuer.setValue(ISSUER);
    assertion.setIssuer(issuer);
    NameID nameID = new NameIDBuilder().buildObject();
    nameID.setFormat("urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified");
    nameID.setNameQualifier("http://cxf.apache.org/sts");
    nameID.setValue("admin");
    X509SubjectName x509SubjectName = new X509SubjectNameBuilder().buildObject();
    x509SubjectName.setValue("EMAILADDRESS=localhost@example.org, CN=localhost, OU=Dev, O=DDF, ST=AZ, C=US");
    org.opensaml.xmlsec.signature.X509Certificate x509Certificate = new X509CertificateBuilder().buildObject();
    byte[] certBytes = certificate.getEncoded();
    String certString = new String(Base64.encode(certBytes));
    x509Certificate.setValue(certString);
    X509Data x509Data = new X509DataBuilder().buildObject();
    x509Data.getX509SubjectNames().add(x509SubjectName);
    x509Data.getX509Certificates().add(x509Certificate);
    KeyInfo keyInfo = new KeyInfoBuilder().buildObject();
    keyInfo.getX509Datas().add(x509Data);
    KeyInfoConfirmationDataType keyInfoConfirmationDataType = new KeyInfoConfirmationDataTypeBuilder().buildObject();
    keyInfoConfirmationDataType.getKeyInfos().add(keyInfo);
    SubjectConfirmation subjectConfirmation = new SubjectConfirmationBuilder().buildObject();
    subjectConfirmation.setMethod("urn:oasis:names:tc:SAML:2.0:cm:holder-of-key");
    subjectConfirmation.setSubjectConfirmationData(keyInfoConfirmationDataType);
    Subject subject = new SubjectBuilder().buildObject();
    subject.setNameID(nameID);
    subject.getSubjectConfirmations().add(subjectConfirmation);
    assertion.setSubject(subject);
    Conditions conditions = new ConditionsBuilder().buildObject();
    conditions.setNotBefore(new DateTime().minusDays(3));
    conditions.setNotOnOrAfter(new DateTime().plusDays(3));
    assertion.setConditions(conditions);
    AuthnStatement authnStatement = new AuthnStatementBuilder().buildObject();
    authnStatement.setAuthnInstant(new DateTime());
    AuthnContext authnContext = new AuthnContextBuilder().buildObject();
    AuthnContextClassRef authnContextClassRef = new AuthnContextClassRefBuilder().buildObject();
    authnContextClassRef.setAuthnContextClassRef("urn:oasis:names:tc:SAML:2.0:ac:classes:unspecified");
    authnContext.setAuthnContextClassRef(authnContextClassRef);
    authnStatement.setAuthnContext(authnContext);
    assertion.getAuthnStatements().add(authnStatement);
    AttributeStatement attributeStatement = new AttributeStatementBuilder().buildObject();
    Attribute attribute = new AttributeBuilder().buildObject();
    AttributeValueType attributeValue = new AttributeValueTypeImplBuilder().buildObject();
    attributeValue.setValue("admin");
    attribute.setName("http://schemas.xmlsoap.org/ws/2005/05/identity/claims/role");
    attribute.setNameFormat("urn:oasis:names:tc:SAML:2.0:attrname-format:unspecified");
    attribute.getAttributeValues().add(attributeValue);
    attributeStatement.getAttributes().add(attribute);
    assertion.getAttributeStatements().add(attributeStatement);
    Signature signature = OpenSAMLUtil.buildSignature();
    signature.setCanonicalizationAlgorithm(SignatureConstants.ALGO_ID_C14N_EXCL_OMIT_COMMENTS);
    signature.setSignatureAlgorithm(WSS4JConstants.RSA);
    BasicX509Credential signingCredential;
    signingCredential = new BasicX509Credential(certificate);
    signingCredential.setPrivateKey(privateKey);
    signature.setSigningCredential(signingCredential);
    X509KeyInfoGeneratorFactory x509KeyInfoGeneratorFactory = new X509KeyInfoGeneratorFactory();
    x509KeyInfoGeneratorFactory.setEmitEntityCertificate(true);
    KeyInfo signatureKeyInfo = x509KeyInfoGeneratorFactory.newInstance().generate(signingCredential);
    signature.setKeyInfo(signatureKeyInfo);
    assertion.setSignature(signature);
    return assertion;
}

Example 5 with AttributeStatementBuilder

use of org.opensaml.saml.saml2.core.impl.AttributeStatementBuilder in project verify-hub by alphagov.

the class MatchingServiceAssertionToAssertionTransformer method addAttributes.

private void addAttributes(final Assertion transformedAssertion, final List<Attribute> userAttributesForAccountCreation) {
    AttributeStatementBuilder attributeStatementBuilder = (AttributeStatementBuilder) builderFactory.getBuilder(AttributeStatement.DEFAULT_ELEMENT_NAME);
    AttributeStatement attributeStatement = attributeStatementBuilder.buildObject();
    attributeStatement.getAttributes().addAll(userAttributesForAccountCreation);
    transformedAssertion.getAttributeStatements().add(attributeStatement);
}