Search in sources :

Example 36 with Attribute

use of org.opensaml.saml2.core.Attribute in project OpenAttestation by OpenAttestation.

the class TrustAssertion method populateAssertionMap.

/**
     * Sample assertion statements that may appear in the XML: Trusted (boolean)
     * Trusted_BIOS (boolean) Trusted_VMM (boolean) BIOS_Name (string)
     * BIOS_Version (string) BIOS_OEM (string) VMM_Name (string) VMM_Version
     * (string) VMM_OSName (string) VMM_OSVersion (string) The BIOS_* entries
     * will only appear if Trusted_BIOS is true The VMM_* entries will only
     * appear if Trusted_VMM is true
     */
private void populateAssertionMap() {
    for (Statement statement : assertion.getStatements()) {
        if (statement instanceof AttributeStatement) {
            HashMap<String, String> assertionMap = new HashMap<String, String>();
            HostTrustAssertion hostTrustAssertion = new HostTrustAssertion(assertion, assertionMap);
            log.debug("attributes.size: " + ((AttributeStatement) statement).getAttributes().size());
            for (Attribute attribute : ((AttributeStatement) statement).getAttributes()) {
                String attributeValue = null;
                for (XMLObject value : attribute.getAttributeValues()) {
                    if (value instanceof XSAny) {
                        // boolean attributes are the text "true" or "false"
                        attributeValue = (((XSAny) value).getTextContent());
                    }
                    if (value instanceof XSString) {
                        attributeValue = (((XSString) value).getValue());
                    }
                }
                assertionMap.put(attribute.getName(), attributeValue);
            }
            hostAssertionMap.put(assertionMap.get("Host_Name"), hostTrustAssertion);
        }
    }
}
Also used : HashMap(java.util.HashMap) Attribute(org.opensaml.saml2.core.Attribute) Statement(org.opensaml.saml2.core.Statement) AttributeStatement(org.opensaml.saml2.core.AttributeStatement) AttributeStatement(org.opensaml.saml2.core.AttributeStatement) XMLObject(org.opensaml.xml.XMLObject) XSString(org.opensaml.xml.schema.XSString) XSString(org.opensaml.xml.schema.XSString) XSAny(org.opensaml.xml.schema.XSAny)

Example 37 with Attribute

use of org.opensaml.saml2.core.Attribute in project OpenAttestation by OpenAttestation.

the class SamlGenerator method createBase64BinaryAttribute.

/**
         * Creates a base64-encoded attribute
         * @param name
         * @param value
         * @return
         * @throws ConfigurationException 
         */
private Attribute createBase64BinaryAttribute(String name, byte[] value) throws ConfigurationException {
    SAMLObjectBuilder attrBuilder = (SAMLObjectBuilder) builderFactory.getBuilder(Attribute.DEFAULT_ELEMENT_NAME);
    Attribute attr = (Attribute) attrBuilder.buildObject();
    attr.setName(name);
    XMLObjectBuilder xmlBuilder = builderFactory.getBuilder(XSBase64Binary.TYPE_NAME);
    XSBase64Binary attrValue = (XSBase64Binary) xmlBuilder.buildObject(AttributeValue.DEFAULT_ELEMENT_NAME, XSBase64Binary.TYPE_NAME);
    attrValue.setValue(Base64.encodeBase64String(value));
    attr.getAttributeValues().add(attrValue);
    return attr;
}
Also used : XSBase64Binary(org.opensaml.xml.schema.XSBase64Binary) SAMLObjectBuilder(org.opensaml.common.SAMLObjectBuilder) Attribute(org.opensaml.saml2.core.Attribute) XMLObjectBuilder(org.opensaml.xml.XMLObjectBuilder)

Example 38 with Attribute

use of org.opensaml.saml2.core.Attribute in project OpenAttestation by OpenAttestation.

the class SamlGenerator method createBooleanAttribute.

/**
         * This method builds a single-valued boolean attribute such as isTrusted=true
         * @param name
         * @param value
         * @return
         * @throws ConfigurationException 
         */
private Attribute createBooleanAttribute(String name, boolean value) throws ConfigurationException {
    SAMLObjectBuilder attrBuilder = (SAMLObjectBuilder) builderFactory.getBuilder(Attribute.DEFAULT_ELEMENT_NAME);
    Attribute attr = (Attribute) attrBuilder.buildObject();
    attr.setName(name);
    XMLObjectBuilder xmlBuilder = builderFactory.getBuilder(XSAny.TYPE_NAME);
    XSAny attrValue = (XSAny) xmlBuilder.buildObject(AttributeValue.DEFAULT_ELEMENT_NAME, XSAny.TYPE_NAME);
    attrValue.setTextContent(value ? "true" : "false");
    attr.getAttributeValues().add(attrValue);
    return attr;
}
Also used : SAMLObjectBuilder(org.opensaml.common.SAMLObjectBuilder) Attribute(org.opensaml.saml2.core.Attribute) XMLObjectBuilder(org.opensaml.xml.XMLObjectBuilder) XSAny(org.opensaml.xml.schema.XSAny)

Example 39 with Attribute

use of org.opensaml.saml2.core.Attribute in project OpenAttestation by OpenAttestation.

the class SamlGenerator method createAssertion.

/**
         * Differences from createAssertion:
         * - the assertion ID is "MultipleHostTrustAssertion" instead of "HostTrustAssertion"
         * - there is no overall Subject for the assertion because it's for multiple host
         * - each host is identified with host attributes within its own attribute statement
         * 
         * @param hosts
         * @return
         * @throws ConfigurationException
         * @throws UnknownHostException 
         */
private Assertion createAssertion(Collection<TxtHostWithAssetTag> hosts) throws ConfigurationException, UnknownHostException {
    // Create the assertion
    SAMLObjectBuilder assertionBuilder = (SAMLObjectBuilder) builderFactory.getBuilder(Assertion.DEFAULT_ELEMENT_NAME);
    Assertion assertion = (Assertion) assertionBuilder.buildObject();
    // ID is arbitrary, only needs to be unique WITHIN THE DOCUMENT, and is required so that the Signature element can refer to it, for example #HostTrustAssertion
    assertion.setID("MultipleHostTrustAssertion");
    assertion.setIssuer(createIssuer());
    DateTime now = new DateTime();
    assertion.setIssueInstant(now);
    assertion.setVersion(SAMLVersion.VERSION_20);
    //            assertion.setSubject(createSubject(host));
    for (TxtHostWithAssetTag host : hosts) {
        assertion.getAttributeStatements().add(createHostAttributes(host.getHost(), host.getTagCertificate(), null));
    }
    return assertion;
}
Also used : SAMLObjectBuilder(org.opensaml.common.SAMLObjectBuilder) Assertion(org.opensaml.saml2.core.Assertion) DateTime(org.joda.time.DateTime)

Example 40 with Attribute

use of org.opensaml.saml2.core.Attribute in project OpenAttestation by OpenAttestation.

the class SamlGenerator method generateHostAssertions.

/**
     * Generates a multi-host SAML assertion which contains an AttributeStatement
     * for each host containing a Host_Address attribute with the host IP address
     * or hostname and the trust attributes as for a single-host assertion.
     * The Subject of the multi-host SAML assertion should not be used because
     * it is simply the collection hosts in the assertion and no statements
     * are made about the collection as a whole.
     * 
     * @param hosts
     * @return
     * @throws SamlException 
     */
public SamlAssertion generateHostAssertions(Collection<TxtHostWithAssetTag> hosts) throws SamlException {
    try {
        samlAssertion = new SamlAssertion();
        Assertion assertion = createAssertion(hosts);
        AssertionMarshaller marshaller = new AssertionMarshaller();
        Element plaintextElement = marshaller.marshall(assertion);
        String originalAssertionString = XMLHelper.nodeToString(plaintextElement);
        System.out.println("Assertion String: " + originalAssertionString);
        // add signatures and/or encryption
        signAssertion(plaintextElement);
        samlAssertion.assertion = XMLHelper.nodeToString(plaintextElement);
        System.out.println("Signed Assertion String: " + samlAssertion.assertion);
        return samlAssertion;
    } catch (Exception e) {
        throw new SamlException(e);
    }
}
Also used : AssertionMarshaller(org.opensaml.saml2.core.impl.AssertionMarshaller) Element(org.w3c.dom.Element) Assertion(org.opensaml.saml2.core.Assertion) XSString(org.opensaml.xml.schema.XSString) MarshalException(javax.xml.crypto.MarshalException) KeyStoreException(java.security.KeyStoreException) GeneralSecurityException(java.security.GeneralSecurityException) XMLSignatureException(javax.xml.crypto.dsig.XMLSignatureException) UnrecoverableEntryException(java.security.UnrecoverableEntryException) MarshallingException(org.opensaml.xml.io.MarshallingException) IOException(java.io.IOException) CertificateException(java.security.cert.CertificateException) UnknownHostException(java.net.UnknownHostException) NoSuchAlgorithmException(java.security.NoSuchAlgorithmException) ConfigurationException(org.opensaml.xml.ConfigurationException)

Aggregations

Attribute (org.opensaml.saml.saml2.core.Attribute)63 AttributeStatement (org.opensaml.saml.saml2.core.AttributeStatement)39 Test (org.junit.jupiter.api.Test)21 Assertion (org.opensaml.saml.saml2.core.Assertion)19 XMLObject (org.opensaml.core.xml.XMLObject)16 AttributeBuilder (org.opensaml.saml.saml2.core.impl.AttributeBuilder)13 List (java.util.List)10 EncryptedAttribute (org.opensaml.saml.saml2.core.EncryptedAttribute)10 XSString (org.opensaml.core.xml.schema.XSString)9 SimpleStringAttributeBuilder.aSimpleStringAttribute (uk.gov.ida.saml.core.test.builders.SimpleStringAttributeBuilder.aSimpleStringAttribute)9 Element (org.w3c.dom.Element)8 SamlTransformationErrorFactory.emptyAttribute (uk.gov.ida.saml.core.errors.SamlTransformationErrorFactory.emptyAttribute)8 ArrayList (java.util.ArrayList)7 AttributeStatementLogData (uk.gov.ida.hub.samlengine.logging.data.AttributeStatementLogData)7 AssertionBuilder.anAssertion (uk.gov.ida.saml.core.test.builders.AssertionBuilder.anAssertion)7 Map (java.util.Map)6 SAMLObjectBuilder (org.opensaml.common.SAMLObjectBuilder)6 AttributeValue (org.opensaml.saml.saml2.core.AttributeValue)6 NameID (org.opensaml.saml.saml2.core.NameID)6 VerifiedAttributeLogData (uk.gov.ida.hub.samlengine.logging.data.VerifiedAttributeLogData)6