Examples with Attribute - org.opensaml.saml2.core.Attribute

Example 66 with Attribute

use of org.opensaml.saml2.core.Attribute in project verify-hub by alphagov.

the class AttributeQueryAttributeFactory method createAttribute.

public Attribute createAttribute(final UserAccountCreationAttribute userAccountCreationAttribute) {
    final Attribute attribute = openSamlXmlObjectFactory.createAttribute();
    attribute.setName(userAccountCreationAttribute.getAttributeName());
    attribute.setNameFormat(Attribute.UNSPECIFIED);
    return attribute;
}

Also used : UserAccountCreationAttribute(uk.gov.ida.saml.hub.domain.UserAccountCreationAttribute) Attribute(org.opensaml.saml.saml2.core.Attribute)

Example 67 with Attribute

use of org.opensaml.saml2.core.Attribute in project verify-hub by alphagov.

the class MatchingDatasetAssertionValidator method validateAttributes.

private void validateAttributes(Assertion assertion) {
    final List<AttributeStatement> attributeStatements = assertion.getAttributeStatements();
    if (attributeStatements.isEmpty())
        throw new SamlValidationException(mdsStatementMissing());
    if (attributeStatements.size() > 1)
        throw new SamlValidationException(mdsMultipleStatements());
    final List<Attribute> attributes = attributeStatements.get(0).getAttributes();
    if (attributes.isEmpty())
        throw new SamlValidationException(attributeStatementEmpty(assertion.getID()));
    attributes.forEach(this::validateAttribute);
}

Also used : SamlValidationException(uk.gov.ida.saml.hub.exception.SamlValidationException) SamlTransformationErrorFactory.emptyAttribute(uk.gov.ida.saml.core.errors.SamlTransformationErrorFactory.emptyAttribute) Attribute(org.opensaml.saml.saml2.core.Attribute) AttributeStatement(org.opensaml.saml.saml2.core.AttributeStatement)

Example 68 with Attribute

use of org.opensaml.saml2.core.Attribute in project verify-hub by alphagov.

the class IPAddressValidator method validate.

public void validate(Assertion assertion) {
    for (AttributeStatement attributeStatement : assertion.getAttributeStatements()) {
        for (Attribute attribute : attributeStatement.getAttributes()) {
            if (attribute.getName().equals(IdaConstants.Attributes_1_1.IPAddress.NAME)) {
                IPAddress ipAddressAttributeValue = (IPAddress) attribute.getAttributeValues().get(0);
                String addressValue = ipAddressAttributeValue.getValue();
                if (!Strings.isNullOrEmpty(addressValue)) {
                    return;
                }
                SamlValidationSpecificationFailure failure = SamlTransformationErrorFactory.emptyIPAddress(assertion.getID());
                throw new SamlTransformationErrorException(failure.getErrorMessage(), failure.getLogLevel());
            }
        }
    }
    SamlValidationSpecificationFailure failure = SamlTransformationErrorFactory.missingIPAddress(assertion.getID());
    throw new SamlTransformationErrorException(failure.getErrorMessage(), failure.getLogLevel());
}

Also used : SamlValidationSpecificationFailure(uk.gov.ida.saml.core.validation.SamlValidationSpecificationFailure) Attribute(org.opensaml.saml.saml2.core.Attribute) AttributeStatement(org.opensaml.saml.saml2.core.AttributeStatement) SamlTransformationErrorException(uk.gov.ida.saml.core.validation.SamlTransformationErrorException) IPAddress(uk.gov.ida.saml.core.extensions.IPAddress)

Example 69 with Attribute

use of org.opensaml.saml2.core.Attribute in project tesb-rt-se by Talend.

the class SAML2AuthorizingInterceptor method getRoleFromAssertion.

private String getRoleFromAssertion(SamlAssertionWrapper assertion) {
    Assertion saml2Assertion = assertion.getSaml2();
    if (saml2Assertion == null) {
        return null;
    }
    List<AttributeStatement> attributeStatements = saml2Assertion.getAttributeStatements();
    if (attributeStatements == null || attributeStatements.isEmpty()) {
        return null;
    }
    String nameFormat = "http://schemas.xmlsoap.org/ws/2005/05/identity/claims";
    for (AttributeStatement statement : attributeStatements) {
        List<Attribute> attributes = statement.getAttributes();
        for (Attribute attribute : attributes) {
            if ("role".equals(attribute.getName()) && nameFormat.equals(attribute.getNameFormat())) {
                Element attributeValueElement = attribute.getAttributeValues().get(0).getDOM();
                return attributeValueElement.getTextContent();
            }
        }
    }
    return null;
}

Also used : Attribute(org.opensaml.saml.saml2.core.Attribute) AttributeStatement(org.opensaml.saml.saml2.core.AttributeStatement) Element(org.w3c.dom.Element) Assertion(org.opensaml.saml.saml2.core.Assertion)

Example 70 with Attribute

use of org.opensaml.saml2.core.Attribute in project cloudstack by apache.

the class SAMLUtils method getValueFromAttributeStatements.

public static String getValueFromAttributeStatements(final List<AttributeStatement> attributeStatements, final String attributeKey) {
    if (attributeStatements == null || attributeStatements.size() < 1 || attributeKey == null) {
        return null;
    }
    for (AttributeStatement attributeStatement : attributeStatements) {
        if (attributeStatement == null || attributeStatements.size() < 1) {
            continue;
        }
        for (Attribute attribute : attributeStatement.getAttributes()) {
            if (attribute.getAttributeValues() != null && attribute.getAttributeValues().size() > 0) {
                String value = attribute.getAttributeValues().get(0).getDOM().getTextContent();
                s_logger.debug("SAML attribute name: " + attribute.getName() + " friendly-name:" + attribute.getFriendlyName() + " value:" + value);
                if (attributeKey.equals(attribute.getName()) || attributeKey.equals(attribute.getFriendlyName())) {
                    return value;
                }
            }
        }
    }
    return null;
}

Also used : Attribute(org.opensaml.saml2.core.Attribute) AttributeStatement(org.opensaml.saml2.core.AttributeStatement)

Aggregations

Attribute (org.opensaml.saml.saml2.core.Attribute)63 AttributeStatement (org.opensaml.saml.saml2.core.AttributeStatement)39 Test (org.junit.jupiter.api.Test)21 Assertion (org.opensaml.saml.saml2.core.Assertion)19 XMLObject (org.opensaml.core.xml.XMLObject)16 AttributeBuilder (org.opensaml.saml.saml2.core.impl.AttributeBuilder)13 List (java.util.List)10 EncryptedAttribute (org.opensaml.saml.saml2.core.EncryptedAttribute)10 XSString (org.opensaml.core.xml.schema.XSString)9 SimpleStringAttributeBuilder.aSimpleStringAttribute (uk.gov.ida.saml.core.test.builders.SimpleStringAttributeBuilder.aSimpleStringAttribute)9 Element (org.w3c.dom.Element)8 SamlTransformationErrorFactory.emptyAttribute (uk.gov.ida.saml.core.errors.SamlTransformationErrorFactory.emptyAttribute)8 ArrayList (java.util.ArrayList)7 AttributeStatementLogData (uk.gov.ida.hub.samlengine.logging.data.AttributeStatementLogData)7 AssertionBuilder.anAssertion (uk.gov.ida.saml.core.test.builders.AssertionBuilder.anAssertion)7 Map (java.util.Map)6 SAMLObjectBuilder (org.opensaml.common.SAMLObjectBuilder)6 AttributeValue (org.opensaml.saml.saml2.core.AttributeValue)6 NameID (org.opensaml.saml.saml2.core.NameID)6 VerifiedAttributeLogData (uk.gov.ida.hub.samlengine.logging.data.VerifiedAttributeLogData)6