Example 36 with Attribute
use of org.opensaml.saml2.core.Attribute in project OpenAttestation by OpenAttestation.
the class TrustAssertion method populateAssertionMap.
/**
* Sample assertion statements that may appear in the XML: Trusted (boolean)
* Trusted_BIOS (boolean) Trusted_VMM (boolean) BIOS_Name (string)
* BIOS_Version (string) BIOS_OEM (string) VMM_Name (string) VMM_Version
* (string) VMM_OSName (string) VMM_OSVersion (string) The BIOS_* entries
* will only appear if Trusted_BIOS is true The VMM_* entries will only
* appear if Trusted_VMM is true
*/
private void populateAssertionMap() {
for (Statement statement : assertion.getStatements()) {
if (statement instanceof AttributeStatement) {
HashMap<String, String> assertionMap = new HashMap<String, String>();
HostTrustAssertion hostTrustAssertion = new HostTrustAssertion(assertion, assertionMap);
log.debug("attributes.size: " + ((AttributeStatement) statement).getAttributes().size());
for (Attribute attribute : ((AttributeStatement) statement).getAttributes()) {
String attributeValue = null;
for (XMLObject value : attribute.getAttributeValues()) {
if (value instanceof XSAny) {
// boolean attributes are the text "true" or "false"
attributeValue = (((XSAny) value).getTextContent());
}
if (value instanceof XSString) {
attributeValue = (((XSString) value).getValue());
}
}
assertionMap.put(attribute.getName(), attributeValue);
}
hostAssertionMap.put(assertionMap.get("Host_Name"), hostTrustAssertion);
}
}
}
Also used :
HashMap(java.util.HashMap)
Attribute(org.opensaml.saml2.core.Attribute)
Statement(org.opensaml.saml2.core.Statement)
AttributeStatement(org.opensaml.saml2.core.AttributeStatement)
AttributeStatement(org.opensaml.saml2.core.AttributeStatement)
XMLObject(org.opensaml.xml.XMLObject)
XSString(org.opensaml.xml.schema.XSString)
XSString(org.opensaml.xml.schema.XSString)
XSAny(org.opensaml.xml.schema.XSAny)
Example 37 with Attribute
use of org.opensaml.saml2.core.Attribute in project OpenAttestation by OpenAttestation.
the class SamlGenerator method createBase64BinaryAttribute.
/**
* Creates a base64-encoded attribute
* @param name
* @param value
* @return
* @throws ConfigurationException
*/
private Attribute createBase64BinaryAttribute(String name, byte[] value) throws ConfigurationException {
SAMLObjectBuilder attrBuilder = (SAMLObjectBuilder) builderFactory.getBuilder(Attribute.DEFAULT_ELEMENT_NAME);
Attribute attr = (Attribute) attrBuilder.buildObject();
attr.setName(name);
XMLObjectBuilder xmlBuilder = builderFactory.getBuilder(XSBase64Binary.TYPE_NAME);
XSBase64Binary attrValue = (XSBase64Binary) xmlBuilder.buildObject(AttributeValue.DEFAULT_ELEMENT_NAME, XSBase64Binary.TYPE_NAME);
attrValue.setValue(Base64.encodeBase64String(value));
attr.getAttributeValues().add(attrValue);
return attr;
}
Also used :
XSBase64Binary(org.opensaml.xml.schema.XSBase64Binary)
SAMLObjectBuilder(org.opensaml.common.SAMLObjectBuilder)
Attribute(org.opensaml.saml2.core.Attribute)
XMLObjectBuilder(org.opensaml.xml.XMLObjectBuilder)
Example 38 with Attribute
use of org.opensaml.saml2.core.Attribute in project OpenAttestation by OpenAttestation.
the class SamlGenerator method createBooleanAttribute.
/**
* This method builds a single-valued boolean attribute such as isTrusted=true
* @param name
* @param value
* @return
* @throws ConfigurationException
*/
private Attribute createBooleanAttribute(String name, boolean value) throws ConfigurationException {
SAMLObjectBuilder attrBuilder = (SAMLObjectBuilder) builderFactory.getBuilder(Attribute.DEFAULT_ELEMENT_NAME);
Attribute attr = (Attribute) attrBuilder.buildObject();
attr.setName(name);
XMLObjectBuilder xmlBuilder = builderFactory.getBuilder(XSAny.TYPE_NAME);
XSAny attrValue = (XSAny) xmlBuilder.buildObject(AttributeValue.DEFAULT_ELEMENT_NAME, XSAny.TYPE_NAME);
attrValue.setTextContent(value ? "true" : "false");
attr.getAttributeValues().add(attrValue);
return attr;
}
Also used :
SAMLObjectBuilder(org.opensaml.common.SAMLObjectBuilder)
Attribute(org.opensaml.saml2.core.Attribute)
XMLObjectBuilder(org.opensaml.xml.XMLObjectBuilder)
XSAny(org.opensaml.xml.schema.XSAny)
Example 39 with Attribute
use of org.opensaml.saml2.core.Attribute in project OpenAttestation by OpenAttestation.
the class SamlGenerator method createAssertion.
/**
* Differences from createAssertion:
* - the assertion ID is "MultipleHostTrustAssertion" instead of "HostTrustAssertion"
* - there is no overall Subject for the assertion because it's for multiple host
* - each host is identified with host attributes within its own attribute statement
*
* @param hosts
* @return
* @throws ConfigurationException
* @throws UnknownHostException
*/
private Assertion createAssertion(Collection<TxtHostWithAssetTag> hosts) throws ConfigurationException, UnknownHostException {
// Create the assertion
SAMLObjectBuilder assertionBuilder = (SAMLObjectBuilder) builderFactory.getBuilder(Assertion.DEFAULT_ELEMENT_NAME);
Assertion assertion = (Assertion) assertionBuilder.buildObject();
// ID is arbitrary, only needs to be unique WITHIN THE DOCUMENT, and is required so that the Signature element can refer to it, for example #HostTrustAssertion
assertion.setID("MultipleHostTrustAssertion");
assertion.setIssuer(createIssuer());
DateTime now = new DateTime();
assertion.setIssueInstant(now);
assertion.setVersion(SAMLVersion.VERSION_20);
// assertion.setSubject(createSubject(host));
for (TxtHostWithAssetTag host : hosts) {
assertion.getAttributeStatements().add(createHostAttributes(host.getHost(), host.getTagCertificate(), null));
}
return assertion;
}
Also used :
SAMLObjectBuilder(org.opensaml.common.SAMLObjectBuilder)
Assertion(org.opensaml.saml2.core.Assertion)
DateTime(org.joda.time.DateTime)
Example 40 with Attribute
use of org.opensaml.saml2.core.Attribute in project OpenAttestation by OpenAttestation.
the class SamlGenerator method generateHostAssertions.
/**
* Generates a multi-host SAML assertion which contains an AttributeStatement
* for each host containing a Host_Address attribute with the host IP address
* or hostname and the trust attributes as for a single-host assertion.
* The Subject of the multi-host SAML assertion should not be used because
* it is simply the collection hosts in the assertion and no statements
* are made about the collection as a whole.
*
* @param hosts
* @return
* @throws SamlException
*/
public SamlAssertion generateHostAssertions(Collection<TxtHostWithAssetTag> hosts) throws SamlException {
try {
samlAssertion = new SamlAssertion();
Assertion assertion = createAssertion(hosts);
AssertionMarshaller marshaller = new AssertionMarshaller();
Element plaintextElement = marshaller.marshall(assertion);
String originalAssertionString = XMLHelper.nodeToString(plaintextElement);
System.out.println("Assertion String: " + originalAssertionString);
// add signatures and/or encryption
signAssertion(plaintextElement);
samlAssertion.assertion = XMLHelper.nodeToString(plaintextElement);
System.out.println("Signed Assertion String: " + samlAssertion.assertion);
return samlAssertion;
} catch (Exception e) {
throw new SamlException(e);
}
}
Also used :
AssertionMarshaller(org.opensaml.saml2.core.impl.AssertionMarshaller)
Element(org.w3c.dom.Element)
Assertion(org.opensaml.saml2.core.Assertion)
XSString(org.opensaml.xml.schema.XSString)
MarshalException(javax.xml.crypto.MarshalException)
KeyStoreException(java.security.KeyStoreException)
GeneralSecurityException(java.security.GeneralSecurityException)
XMLSignatureException(javax.xml.crypto.dsig.XMLSignatureException)
UnrecoverableEntryException(java.security.UnrecoverableEntryException)
MarshallingException(org.opensaml.xml.io.MarshallingException)
IOException(java.io.IOException)
CertificateException(java.security.cert.CertificateException)
UnknownHostException(java.net.UnknownHostException)
NoSuchAlgorithmException(java.security.NoSuchAlgorithmException)
ConfigurationException(org.opensaml.xml.ConfigurationException)
Aggregations
Attribute (org.opensaml.saml.saml2.core.Attribute)63
AttributeStatement (org.opensaml.saml.saml2.core.AttributeStatement)39
Test (org.junit.jupiter.api.Test)21
Assertion (org.opensaml.saml.saml2.core.Assertion)19
XMLObject (org.opensaml.core.xml.XMLObject)16
AttributeBuilder (org.opensaml.saml.saml2.core.impl.AttributeBuilder)13
List (java.util.List)10
EncryptedAttribute (org.opensaml.saml.saml2.core.EncryptedAttribute)10
XSString (org.opensaml.core.xml.schema.XSString)9
SimpleStringAttributeBuilder.aSimpleStringAttribute (uk.gov.ida.saml.core.test.builders.SimpleStringAttributeBuilder.aSimpleStringAttribute)9
Element (org.w3c.dom.Element)8
SamlTransformationErrorFactory.emptyAttribute (uk.gov.ida.saml.core.errors.SamlTransformationErrorFactory.emptyAttribute)8
ArrayList (java.util.ArrayList)7
AttributeStatementLogData (uk.gov.ida.hub.samlengine.logging.data.AttributeStatementLogData)7
AssertionBuilder.anAssertion (uk.gov.ida.saml.core.test.builders.AssertionBuilder.anAssertion)7
Map (java.util.Map)6
SAMLObjectBuilder (org.opensaml.common.SAMLObjectBuilder)6
AttributeValue (org.opensaml.saml.saml2.core.AttributeValue)6
NameID (org.opensaml.saml.saml2.core.NameID)6
VerifiedAttributeLogData (uk.gov.ida.hub.samlengine.logging.data.VerifiedAttributeLogData)6
