Examples with AttributeStatement org.opensaml.saml2.core.AttributeStatement used on opensource projects

Search in sources :

Example 66 with AttributeStatement

use of org.opensaml.saml2.core.AttributeStatement in project spring-security by spring-projects.

the class OpenSamlDecryptionUtils method decryptAssertionElements.

static void decryptAssertionElements(Assertion assertion, RelyingPartyRegistration registration) {
    Decrypter decrypter = decrypter(registration);
    for (AttributeStatement statement : assertion.getAttributeStatements()) {
        for (EncryptedAttribute encryptedAttribute : statement.getEncryptedAttributes()) {
            try {
                Attribute attribute = decrypter.decrypt(encryptedAttribute);
                statement.getAttributes().add(attribute);
            } catch (Exception ex) {
                throw new Saml2Exception(ex);
            }
        }
    }
    if (assertion.getSubject() == null) {
        return;
    }
    if (assertion.getSubject().getEncryptedID() == null) {
        return;
    }
    try {
        assertion.getSubject().setNameID((NameID) decrypter.decrypt(assertion.getSubject().getEncryptedID()));
    } catch (Exception ex) {
        throw new Saml2Exception(ex);
    }
}
Also used : EncryptedAttribute(org.opensaml.saml.saml2.core.EncryptedAttribute) EncryptedAttribute(org.opensaml.saml.saml2.core.EncryptedAttribute) Attribute(org.opensaml.saml.saml2.core.Attribute) AttributeStatement(org.opensaml.saml.saml2.core.AttributeStatement) Decrypter(org.opensaml.saml.saml2.encryption.Decrypter) Saml2Exception(org.springframework.security.saml2.Saml2Exception) Saml2Exception(org.springframework.security.saml2.Saml2Exception)

Example 67 with AttributeStatement

use of org.opensaml.saml2.core.AttributeStatement in project spring-security by spring-projects.

the class OpenSamlAuthenticationProviderTests method authenticateWhenAssertionContainsAttributesThenItSucceeds.

@Test
public void authenticateWhenAssertionContainsAttributesThenItSucceeds() {
    Response response = response();
    Assertion assertion = assertion();
    List<AttributeStatement> attributes = attributeStatements();
    assertion.getAttributeStatements().addAll(attributes);
    TestOpenSamlObjects.signed(assertion, TestSaml2X509Credentials.assertingPartySigningCredential(), RELYING_PARTY_ENTITY_ID);
    response.getAssertions().add(assertion);
    Saml2AuthenticationToken token = token(response, verifying(registration()));
    Authentication authentication = this.provider.authenticate(token);
    Saml2AuthenticatedPrincipal principal = (Saml2AuthenticatedPrincipal) authentication.getPrincipal();
    Map<String, Object> expected = new LinkedHashMap<>();
    expected.put("email", Arrays.asList("john.doe@example.com", "doe.john@example.com"));
    expected.put("name", Collections.singletonList("John Doe"));
    expected.put("age", Collections.singletonList(21));
    expected.put("website", Collections.singletonList("https://johndoe.com/"));
    expected.put("registered", Collections.singletonList(true));
    Instant registeredDate = Instant.ofEpochMilli(DateTime.parse("1970-01-01T00:00:00Z").getMillis());
    expected.put("registeredDate", Collections.singletonList(registeredDate));
    assertThat((String) principal.getFirstAttribute("name")).isEqualTo("John Doe");
    assertThat(principal.getAttributes()).isEqualTo(expected);
}
Also used : Response(org.opensaml.saml.saml2.core.Response) AttributeStatement(org.opensaml.saml.saml2.core.AttributeStatement) Authentication(org.springframework.security.core.Authentication) Instant(java.time.Instant) EncryptedAssertion(org.opensaml.saml.saml2.core.EncryptedAssertion) Assertion(org.opensaml.saml.saml2.core.Assertion) XMLObject(org.opensaml.core.xml.XMLObject) LinkedHashMap(java.util.LinkedHashMap) Test(org.junit.jupiter.api.Test)

Example 68 with AttributeStatement

use of org.opensaml.saml2.core.AttributeStatement in project spring-security by spring-projects.

the class OpenSaml4AuthenticationProvider method getAssertionAttributes.

private static Map<String, List<Object>> getAssertionAttributes(Assertion assertion) {
    Map<String, List<Object>> attributeMap = new LinkedHashMap<>();
    for (AttributeStatement attributeStatement : assertion.getAttributeStatements()) {
        for (Attribute attribute : attributeStatement.getAttributes()) {
            List<Object> attributeValues = new ArrayList<>();
            for (XMLObject xmlObject : attribute.getAttributeValues()) {
                Object attributeValue = getXmlObjectValue(xmlObject);
                if (attributeValue != null) {
                    attributeValues.add(attributeValue);
                }
            }
            attributeMap.put(attribute.getName(), attributeValues);
        }
    }
    return attributeMap;
}
Also used : Attribute(org.opensaml.saml.saml2.core.Attribute) AttributeStatement(org.opensaml.saml.saml2.core.AttributeStatement) ArrayList(java.util.ArrayList) XMLObject(org.opensaml.core.xml.XMLObject) List(java.util.List) ArrayList(java.util.ArrayList) XMLObject(org.opensaml.core.xml.XMLObject) XSString(org.opensaml.core.xml.schema.XSString) LinkedHashMap(java.util.LinkedHashMap)

Example 69 with AttributeStatement

use of org.opensaml.saml2.core.AttributeStatement in project spring-security by spring-projects.

the class TestOpenSamlObjects method customAttributeStatement.

static AttributeStatement customAttributeStatement(String attributeName, XMLObject customAttributeValue) {
    AttributeStatementBuilder attributeStatementBuilder = new AttributeStatementBuilder();
    AttributeBuilder attributeBuilder = new AttributeBuilder();
    Attribute attribute = attributeBuilder.buildObject();
    attribute.setName(attributeName);
    attribute.getAttributeValues().add(customAttributeValue);
    AttributeStatement attributeStatement = attributeStatementBuilder.buildObject();
    attributeStatement.getAttributes().add(attribute);
    return attributeStatement;
}
Also used : AttributeStatementBuilder(org.opensaml.saml.saml2.core.impl.AttributeStatementBuilder) AttributeBuilder(org.opensaml.saml.saml2.core.impl.AttributeBuilder) Attribute(org.opensaml.saml.saml2.core.Attribute) EncryptedAttribute(org.opensaml.saml.saml2.core.EncryptedAttribute) AttributeStatement(org.opensaml.saml.saml2.core.AttributeStatement)

Example 70 with AttributeStatement

use of org.opensaml.saml2.core.AttributeStatement in project spring-security by spring-projects.

the class OpenSaml4AuthenticationProviderTests method authenticateWhenEncryptedAttributeThenDecrypts.

@Test
public void authenticateWhenEncryptedAttributeThenDecrypts() {
    Response response = response();
    Assertion assertion = assertion();
    EncryptedAttribute attribute = TestOpenSamlObjects.encrypted("name", "value", TestSaml2X509Credentials.assertingPartyEncryptingCredential());
    AttributeStatement statement = build(AttributeStatement.DEFAULT_ELEMENT_NAME);
    statement.getEncryptedAttributes().add(attribute);
    assertion.getAttributeStatements().add(statement);
    response.getAssertions().add(assertion);
    TestOpenSamlObjects.signed(response, TestSaml2X509Credentials.assertingPartySigningCredential(), RELYING_PARTY_ENTITY_ID);
    Saml2AuthenticationToken token = token(response, decrypting(verifying(registration())));
    Saml2Authentication authentication = (Saml2Authentication) this.provider.authenticate(token);
    Saml2AuthenticatedPrincipal principal = (Saml2AuthenticatedPrincipal) authentication.getPrincipal();
    assertThat(principal.getAttribute("name")).containsExactly("value");
}
Also used : Response(org.opensaml.saml.saml2.core.Response) EncryptedAttribute(org.opensaml.saml.saml2.core.EncryptedAttribute) AttributeStatement(org.opensaml.saml.saml2.core.AttributeStatement) EncryptedAssertion(org.opensaml.saml.saml2.core.EncryptedAssertion) Assertion(org.opensaml.saml.saml2.core.Assertion) Test(org.junit.jupiter.api.Test)

Aggregations

AttributeStatement (org.opensaml.saml.saml2.core.AttributeStatement)61 Attribute (org.opensaml.saml.saml2.core.Attribute)38 Assertion (org.opensaml.saml.saml2.core.Assertion)36 Test (org.junit.jupiter.api.Test)24 AssertionBuilder.anAssertion (uk.gov.ida.saml.core.test.builders.AssertionBuilder.anAssertion)17 XMLObject (org.opensaml.core.xml.XMLObject)14 EncryptedAttribute (org.opensaml.saml.saml2.core.EncryptedAttribute)10 SimpleStringAttributeBuilder.aSimpleStringAttribute (uk.gov.ida.saml.core.test.builders.SimpleStringAttributeBuilder.aSimpleStringAttribute)9 SamlTransformationErrorFactory.emptyAttribute (uk.gov.ida.saml.core.errors.SamlTransformationErrorFactory.emptyAttribute)8 ArrayList (java.util.ArrayList)7 XSString (org.opensaml.core.xml.schema.XSString)7 NameID (org.opensaml.saml.saml2.core.NameID)7 Response (org.opensaml.saml.saml2.core.Response)7 Subject (org.opensaml.saml.saml2.core.Subject)7 EncryptedAssertion (org.opensaml.saml.saml2.core.EncryptedAssertion)6 AttributeBuilder (org.opensaml.saml.saml2.core.impl.AttributeBuilder)6 AttributeStatement (org.opensaml.saml2.core.AttributeStatement)6 Map (java.util.Map)5 AuthnStatement (org.opensaml.saml.saml2.core.AuthnStatement)5 AttributeStatementBuilder (org.opensaml.saml.saml2.core.impl.AttributeStatementBuilder)5
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial