Example 16 with IssuerBuilder
use of org.opensaml.saml.saml2.core.impl.IssuerBuilder in project spring-security by spring-projects.
the class TestOpenSamlObjects method assertingPartyLogoutRequestNameIdInEncryptedId.
public static LogoutRequest assertingPartyLogoutRequestNameIdInEncryptedId(RelyingPartyRegistration registration) {
LogoutRequestBuilder logoutRequestBuilder = new LogoutRequestBuilder();
LogoutRequest logoutRequest = logoutRequestBuilder.buildObject();
logoutRequest.setID("id");
NameIDBuilder nameIdBuilder = new NameIDBuilder();
NameID nameId = nameIdBuilder.buildObject();
nameId.setValue("user");
logoutRequest.setNameID(null);
Saml2X509Credential credential = registration.getAssertingPartyDetails().getEncryptionX509Credentials().iterator().next();
EncryptedID encrypted = encrypted(nameId, credential);
logoutRequest.setEncryptedID(encrypted);
IssuerBuilder issuerBuilder = new IssuerBuilder();
Issuer issuer = issuerBuilder.buildObject();
issuer.setValue(registration.getAssertingPartyDetails().getEntityId());
logoutRequest.setIssuer(issuer);
logoutRequest.setDestination(registration.getSingleLogoutServiceLocation());
return logoutRequest;
}
Also used :
NameIDBuilder(org.opensaml.saml.saml2.core.impl.NameIDBuilder)
LogoutRequestBuilder(org.opensaml.saml.saml2.core.impl.LogoutRequestBuilder)
NameID(org.opensaml.saml.saml2.core.NameID)
Issuer(org.opensaml.saml.saml2.core.Issuer)
Saml2X509Credential(org.springframework.security.saml2.core.Saml2X509Credential)
LogoutRequest(org.opensaml.saml.saml2.core.LogoutRequest)
IssuerBuilder(org.opensaml.saml.saml2.core.impl.IssuerBuilder)
EncryptedID(org.opensaml.saml.saml2.core.EncryptedID)
Example 17 with IssuerBuilder
use of org.opensaml.saml.saml2.core.impl.IssuerBuilder in project spring-security by spring-projects.
the class TestOpenSamlObjects method assertingPartyLogoutRequest.
public static LogoutRequest assertingPartyLogoutRequest(RelyingPartyRegistration registration) {
LogoutRequestBuilder logoutRequestBuilder = new LogoutRequestBuilder();
LogoutRequest logoutRequest = logoutRequestBuilder.buildObject();
logoutRequest.setID("id");
NameIDBuilder nameIdBuilder = new NameIDBuilder();
NameID nameId = nameIdBuilder.buildObject();
nameId.setValue("user");
logoutRequest.setNameID(nameId);
IssuerBuilder issuerBuilder = new IssuerBuilder();
Issuer issuer = issuerBuilder.buildObject();
issuer.setValue(registration.getAssertingPartyDetails().getEntityId());
logoutRequest.setIssuer(issuer);
logoutRequest.setDestination(registration.getSingleLogoutServiceLocation());
return logoutRequest;
}
Also used :
NameIDBuilder(org.opensaml.saml.saml2.core.impl.NameIDBuilder)
LogoutRequestBuilder(org.opensaml.saml.saml2.core.impl.LogoutRequestBuilder)
NameID(org.opensaml.saml.saml2.core.NameID)
Issuer(org.opensaml.saml.saml2.core.Issuer)
LogoutRequest(org.opensaml.saml.saml2.core.LogoutRequest)
IssuerBuilder(org.opensaml.saml.saml2.core.impl.IssuerBuilder)
Example 18 with IssuerBuilder
use of org.opensaml.saml.saml2.core.impl.IssuerBuilder in project spring-security by spring-projects.
the class TestOpenSamlObjects method relyingPartyLogoutRequest.
public static LogoutRequest relyingPartyLogoutRequest(RelyingPartyRegistration registration) {
LogoutRequestBuilder logoutRequestBuilder = new LogoutRequestBuilder();
LogoutRequest logoutRequest = logoutRequestBuilder.buildObject();
logoutRequest.setID("id");
NameIDBuilder nameIdBuilder = new NameIDBuilder();
NameID nameId = nameIdBuilder.buildObject();
nameId.setValue("user");
logoutRequest.setNameID(nameId);
IssuerBuilder issuerBuilder = new IssuerBuilder();
Issuer issuer = issuerBuilder.buildObject();
issuer.setValue(registration.getAssertingPartyDetails().getEntityId());
logoutRequest.setIssuer(issuer);
logoutRequest.setDestination(registration.getAssertingPartyDetails().getSingleLogoutServiceLocation());
return logoutRequest;
}
Also used :
NameIDBuilder(org.opensaml.saml.saml2.core.impl.NameIDBuilder)
LogoutRequestBuilder(org.opensaml.saml.saml2.core.impl.LogoutRequestBuilder)
NameID(org.opensaml.saml.saml2.core.NameID)
Issuer(org.opensaml.saml.saml2.core.Issuer)
LogoutRequest(org.opensaml.saml.saml2.core.LogoutRequest)
IssuerBuilder(org.opensaml.saml.saml2.core.impl.IssuerBuilder)
Example 19 with IssuerBuilder
use of org.opensaml.saml.saml2.core.impl.IssuerBuilder in project ddf by codice.
the class SamlAssertionValidatorImpl method createIssuer.
/**
* Creates the issuer object for the response.
*
* @param issuerValue
* @return Issuer
*/
private static Issuer createIssuer(String issuerValue) {
if (issuerBuilder == null) {
issuerBuilder = (SAMLObjectBuilder<Issuer>) builderFactory.getBuilder(Issuer.DEFAULT_ELEMENT_NAME);
}
Issuer issuer = issuerBuilder.buildObject();
issuer.setValue(issuerValue);
return issuer;
}
Also used :
Issuer(org.opensaml.saml.saml2.core.Issuer)
Example 20 with IssuerBuilder
use of org.opensaml.saml.saml2.core.impl.IssuerBuilder in project ddf by codice.
the class SamlAssertionValidatorImplTest method createAssertion.
private Assertion createAssertion(boolean sign, boolean validSignature, String issuerString, DateTime notOnOrAfter) throws Exception {
Assertion assertion = new AssertionBuilder().buildObject();
assertion.setID(UUID.randomUUID().toString());
assertion.setIssueInstant(new DateTime());
Issuer issuer = new IssuerBuilder().buildObject();
issuer.setValue(issuerString);
assertion.setIssuer(issuer);
NameID nameID = new NameIDBuilder().buildObject();
nameID.setFormat("urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified");
nameID.setNameQualifier("http://cxf.apache.org/sts");
nameID.setValue("admin");
SubjectConfirmation subjectConfirmation = new SubjectConfirmationBuilder().buildObject();
subjectConfirmation.setMethod("urn:oasis:names:tc:SAML:2.0:cm:bearer");
Subject subject = new SubjectBuilder().buildObject();
subject.setNameID(nameID);
subject.getSubjectConfirmations().add(subjectConfirmation);
assertion.setSubject(subject);
Conditions conditions = new ConditionsBuilder().buildObject();
conditions.setNotBefore(new DateTime().minusDays(3));
conditions.setNotOnOrAfter(notOnOrAfter);
assertion.setConditions(conditions);
AuthnStatement authnStatement = new AuthnStatementBuilder().buildObject();
authnStatement.setAuthnInstant(new DateTime());
AuthnContext authnContext = new AuthnContextBuilder().buildObject();
AuthnContextClassRef authnContextClassRef = new AuthnContextClassRefBuilder().buildObject();
authnContextClassRef.setAuthnContextClassRef("urn:oasis:names:tc:SAML:2.0:ac:classes:unspecified");
authnContext.setAuthnContextClassRef(authnContextClassRef);
authnStatement.setAuthnContext(authnContext);
assertion.getAuthnStatements().add(authnStatement);
AttributeStatement attributeStatement = new AttributeStatementBuilder().buildObject();
Attribute attribute = new AttributeBuilder().buildObject();
AttributeValueType attributeValue = new AttributeValueTypeImplBuilder().buildObject();
attributeValue.setValue("admin");
attribute.setName("http://schemas.xmlsoap.org/ws/2005/05/identity/claims/role");
attribute.setNameFormat("urn:oasis:names:tc:SAML:2.0:attrname-format:unspecified");
attribute.getAttributeValues().add(attributeValue);
attributeStatement.getAttributes().add(attribute);
assertion.getAttributeStatements().add(attributeStatement);
if (sign) {
Signature signature = OpenSAMLUtil.buildSignature();
signature.setCanonicalizationAlgorithm(SignatureConstants.ALGO_ID_C14N_EXCL_OMIT_COMMENTS);
signature.setSignatureAlgorithm(WSS4JConstants.RSA);
BasicX509Credential signingCredential;
if (validSignature) {
signingCredential = new BasicX509Credential(certificate);
signingCredential.setPrivateKey(privateKey);
signature.setSigningCredential(signingCredential);
} else {
try (InputStream inputStream = getClass().getResourceAsStream("/localhost.crt")) {
CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509");
X509Certificate cert = (X509Certificate) certificateFactory.generateCertificate(inputStream);
signingCredential = new BasicX509Credential(cert);
signature.setSigningCredential(signingCredential);
}
}
X509KeyInfoGeneratorFactory x509KeyInfoGeneratorFactory = new X509KeyInfoGeneratorFactory();
x509KeyInfoGeneratorFactory.setEmitEntityCertificate(true);
KeyInfo keyInfo = x509KeyInfoGeneratorFactory.newInstance().generate(signingCredential);
signature.setKeyInfo(keyInfo);
assertion.setSignature(signature);
}
return assertion;
}
Also used :
Issuer(org.opensaml.saml.saml2.core.Issuer)
Attribute(org.opensaml.saml.saml2.core.Attribute)
AuthnStatementBuilder(org.opensaml.saml.saml2.core.impl.AuthnStatementBuilder)
AuthnContextClassRefBuilder(org.opensaml.saml.saml2.core.impl.AuthnContextClassRefBuilder)
CertificateFactory(java.security.cert.CertificateFactory)
DateTime(org.joda.time.DateTime)
Conditions(org.opensaml.saml.saml2.core.Conditions)
AuthnContext(org.opensaml.saml.saml2.core.AuthnContext)
NameIDBuilder(org.opensaml.saml.saml2.core.impl.NameIDBuilder)
SubjectConfirmation(org.opensaml.saml.saml2.core.SubjectConfirmation)
KeyInfo(org.opensaml.xmlsec.signature.KeyInfo)
SubjectBuilder(org.opensaml.saml.saml2.core.impl.SubjectBuilder)
SubjectConfirmationBuilder(org.opensaml.saml.saml2.core.impl.SubjectConfirmationBuilder)
X509KeyInfoGeneratorFactory(org.opensaml.xmlsec.keyinfo.impl.X509KeyInfoGeneratorFactory)
AttributeStatementBuilder(org.opensaml.saml.saml2.core.impl.AttributeStatementBuilder)
AttributeBuilder(org.opensaml.saml.saml2.core.impl.AttributeBuilder)
NameID(org.opensaml.saml.saml2.core.NameID)
AttributeValueType(org.opensaml.xacml.ctx.AttributeValueType)
InputStream(java.io.InputStream)
AuthnContextBuilder(org.opensaml.saml.saml2.core.impl.AuthnContextBuilder)
Assertion(org.opensaml.saml.saml2.core.Assertion)
AuthnContextClassRef(org.opensaml.saml.saml2.core.AuthnContextClassRef)
AssertionBuilder(org.opensaml.saml.saml2.core.impl.AssertionBuilder)
Subject(org.opensaml.saml.saml2.core.Subject)
X509Certificate(java.security.cert.X509Certificate)
ConditionsBuilder(org.opensaml.saml.saml2.core.impl.ConditionsBuilder)
BasicX509Credential(org.opensaml.security.x509.BasicX509Credential)
AttributeStatement(org.opensaml.saml.saml2.core.AttributeStatement)
Signature(org.opensaml.xmlsec.signature.Signature)
AuthnStatement(org.opensaml.saml.saml2.core.AuthnStatement)
IssuerBuilder(org.opensaml.saml.saml2.core.impl.IssuerBuilder)
AttributeValueTypeImplBuilder(org.opensaml.xacml.ctx.impl.AttributeValueTypeImplBuilder)
Aggregations
Issuer (org.opensaml.saml.saml2.core.Issuer)17
IssuerBuilder (org.opensaml.saml.saml2.core.impl.IssuerBuilder)9
DateTime (org.joda.time.DateTime)7
NameID (org.opensaml.saml.saml2.core.NameID)6
NameIDBuilder (org.opensaml.saml.saml2.core.impl.NameIDBuilder)6
LogoutRequest (org.opensaml.saml.saml2.core.LogoutRequest)4
AuthnContextClassRef (org.opensaml.saml.saml2.core.AuthnContextClassRef)3
AuthnContextClassRefBuilder (org.opensaml.saml.saml2.core.impl.AuthnContextClassRefBuilder)3
LogoutRequestBuilder (org.opensaml.saml.saml2.core.impl.LogoutRequestBuilder)3
Date (java.util.Date)2
HashMap (java.util.HashMap)2
SyncopeClientException (org.apache.syncope.common.lib.SyncopeClientException)2
SAML2RequestTO (org.apache.syncope.common.lib.to.SAML2RequestTO)2
SAML2IdPEntity (org.apache.syncope.core.logic.saml2.SAML2IdPEntity)2
NotFoundException (org.apache.syncope.core.persistence.api.dao.NotFoundException)2
XMLObject (org.opensaml.core.xml.XMLObject)2
XSString (org.opensaml.core.xml.schema.XSString)2
SAMLObjectBuilder (org.opensaml.saml.common.SAMLObjectBuilder)2
Assertion (org.opensaml.saml.saml2.core.Assertion)2
Attribute (org.opensaml.saml.saml2.core.Attribute)2
