Examples with Assertion org.opensaml.saml2.core.Assertion used on opensource projects

Search in sources :

Example 41 with Assertion

use of org.opensaml.saml2.core.Assertion in project ddf by codice.

the class AttributeQueryClaimsHandler method getAttributes.

/**
 * Gets the attributes for the supplied user from the external attribute store. Returns null if
 * the AttributeQueryClient is null.
 *
 * @param nameId used for the request.
 * @return The collection of attributes retrieved from the external attribute store.
 * @throws URISyntaxException
 */
protected ClaimsCollection getAttributes(String nameId) throws URISyntaxException {
    ClaimsCollection claimCollection = new ClaimsCollectionImpl();
    LOGGER.debug("Sending AttributeQuery Request.");
    AttributeQueryClient attributeQueryClient;
    Assertion assertion;
    try {
        attributeQueryClient = createAttributeQueryClient(simpleSign, externalAttributeStoreUrl, issuer, destination);
        if (attributeQueryClient == null) {
            return null;
        }
        assertion = attributeQueryClient.query(nameId);
        if (assertion != null) {
            createClaims(claimCollection, assertion);
        }
    } catch (AttributeQueryException ex) {
        LOGGER.info("Error occurred in AttributeQueryClient, did not retrieve response. Set log level for \"org.codice.ddf.security.claims.attributequery.common\" to DEBUG for more information.");
        LOGGER.debug("Error occurred in AttributeQueryClient, did not retrieve response.", ex);
    }
    return claimCollection;
}
Also used : ClaimsCollectionImpl(ddf.security.claims.impl.ClaimsCollectionImpl) Assertion(org.opensaml.saml.saml2.core.Assertion) ClaimsCollection(ddf.security.claims.ClaimsCollection)

Example 42 with Assertion

use of org.opensaml.saml2.core.Assertion in project ddf by codice.

the class AttributeQueryClientTest method testRetrieveResponse.

@Test
public void testRetrieveResponse() {
    setResponse(cannedResponse, false);
    Assertion assertion = attributeQueryClient.query(USERNAME);
    assertThat(assertion, is(notNullValue()));
    assertThat(assertion.getIssuer().getValue(), is(equalTo("localhost")));
    assertThat(assertion.getSubject().getNameID().getValue(), is(equalTo("admin")));
    assertThat(assertion.getAttributeStatements(), is(notNullValue()));
}
Also used : Assertion(org.opensaml.saml.saml2.core.Assertion) Test(org.junit.Test)

Example 43 with Assertion

use of org.opensaml.saml2.core.Assertion in project ddf by codice.

the class SamlAssertionValidatorImplTest method testValidateUnsignedAssertion.

@Test(expected = AuthenticationFailureException.class)
public void testValidateUnsignedAssertion() throws Exception {
    Assertion assertion = createAssertion(false, true, ISSUER, new DateTime().plusDays(3));
    Element securityToken = SAMLUtils.getInstance().getSecurityTokenFromSAMLAssertion(samlObjectToString(assertion));
    SimplePrincipalCollection simplePrincipalCollection = new SimplePrincipalCollection();
    simplePrincipalCollection.add(new SecurityAssertionSaml(securityToken), "default");
    SAMLAuthenticationToken samlAuthenticationToken = new SAMLAuthenticationToken(simplePrincipalCollection, simplePrincipalCollection, "127.0.0.1");
    samlAssertionValidator.validate(samlAuthenticationToken);
}
Also used : Element(org.w3c.dom.Element) Assertion(org.opensaml.saml.saml2.core.Assertion) SimplePrincipalCollection(org.apache.shiro.subject.SimplePrincipalCollection) SAMLAuthenticationToken(org.codice.ddf.security.handler.SAMLAuthenticationToken) DateTime(org.joda.time.DateTime) SecurityAssertionSaml(ddf.security.assertion.saml.impl.SecurityAssertionSaml) Test(org.junit.Test)

Example 44 with Assertion

use of org.opensaml.saml2.core.Assertion in project ddf by codice.

the class SamlAssertionValidatorImplTest method testValidateWithHolderOfKeyAssertion.

@Test
public void testValidateWithHolderOfKeyAssertion() throws Exception {
    Assertion assertion = createHolderOfKeyAssertion();
    Element securityToken = SAMLUtils.getInstance().getSecurityTokenFromSAMLAssertion(samlObjectToString(assertion));
    SimplePrincipalCollection simplePrincipalCollection = new SimplePrincipalCollection();
    simplePrincipalCollection.add(new SecurityAssertionSaml(securityToken), "default");
    SAMLAuthenticationToken samlAuthenticationToken = new SAMLAuthenticationToken(simplePrincipalCollection, simplePrincipalCollection, "127.0.0.1");
    X509Certificate[] certs = { certificate };
    samlAuthenticationToken.setX509Certs(certs);
    samlAssertionValidator.validate(samlAuthenticationToken);
}
Also used : Element(org.w3c.dom.Element) Assertion(org.opensaml.saml.saml2.core.Assertion) SimplePrincipalCollection(org.apache.shiro.subject.SimplePrincipalCollection) SAMLAuthenticationToken(org.codice.ddf.security.handler.SAMLAuthenticationToken) SecurityAssertionSaml(ddf.security.assertion.saml.impl.SecurityAssertionSaml) X509Certificate(java.security.cert.X509Certificate) Test(org.junit.Test)

Example 45 with Assertion

use of org.opensaml.saml2.core.Assertion in project ddf by codice.

the class SamlAssertionValidatorImplTest method testValidateExpiredAssertion.

@Test(expected = AuthenticationFailureException.class)
public void testValidateExpiredAssertion() throws Exception {
    Assertion assertion = createAssertion(false, true, ISSUER, new DateTime().minusSeconds(10));
    Element securityToken = SAMLUtils.getInstance().getSecurityTokenFromSAMLAssertion(samlObjectToString(assertion));
    SimplePrincipalCollection simplePrincipalCollection = new SimplePrincipalCollection();
    simplePrincipalCollection.add(new SecurityAssertionSaml(securityToken), "default");
    SAMLAuthenticationToken samlAuthenticationToken = new SAMLAuthenticationToken(simplePrincipalCollection, simplePrincipalCollection, "127.0.0.1");
    samlAssertionValidator.validate(samlAuthenticationToken);
}
Also used : Element(org.w3c.dom.Element) Assertion(org.opensaml.saml.saml2.core.Assertion) SimplePrincipalCollection(org.apache.shiro.subject.SimplePrincipalCollection) SAMLAuthenticationToken(org.codice.ddf.security.handler.SAMLAuthenticationToken) DateTime(org.joda.time.DateTime) SecurityAssertionSaml(ddf.security.assertion.saml.impl.SecurityAssertionSaml) Test(org.junit.Test)

Aggregations

Assertion (org.opensaml.saml.saml2.core.Assertion)175 Test (org.junit.jupiter.api.Test)118 Response (org.opensaml.saml.saml2.core.Response)62 AssertionBuilder.anAssertion (uk.gov.ida.saml.core.test.builders.AssertionBuilder.anAssertion)61 EncryptedAssertion (org.opensaml.saml.saml2.core.EncryptedAssertion)58 AttributeStatement (org.opensaml.saml.saml2.core.AttributeStatement)43 Attribute (org.opensaml.saml.saml2.core.Attribute)25 DateTime (org.joda.time.DateTime)22 Element (org.w3c.dom.Element)22 NameID (org.opensaml.saml.saml2.core.NameID)20 XMLObject (org.opensaml.core.xml.XMLObject)19 PassthroughAssertion (uk.gov.ida.saml.core.domain.PassthroughAssertion)17 ValidatedResponse (uk.gov.ida.saml.security.validators.ValidatedResponse)15 Authentication (org.springframework.security.core.Authentication)14 SubjectConfirmation (org.opensaml.saml.saml2.core.SubjectConfirmation)13 Test (org.junit.Test)12 AuthnStatement (org.opensaml.saml.saml2.core.AuthnStatement)12 Conditions (org.opensaml.saml.saml2.core.Conditions)12 HashMap (java.util.HashMap)11 NameIDBuilder (org.opensaml.saml.saml2.core.impl.NameIDBuilder)11
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial