Examples with AudienceRestriction org.opensaml.saml2.core.AudienceRestriction used on opensource projects

Search in sources :

Example 1 with AudienceRestriction

use of org.opensaml.saml2.core.AudienceRestriction in project verify-hub by alphagov.

the class MatchingServiceAssertionToAssertionTransformer method transform.

public Assertion transform(MatchingServiceAssertion originalAssertion) {
    Assertion transformedAssertion = openSamlXmlObjectFactory.createAssertion();
    transformedAssertion.setIssueInstant(originalAssertion.getIssueInstant());
    Issuer transformedIssuer = openSamlXmlObjectFactory.createIssuer(originalAssertion.getIssuerId());
    transformedAssertion.setIssuer(transformedIssuer);
    transformedAssertion.setID(originalAssertion.getId());
    Subject subject = outboundAssertionToSubjectTransformer.transform(originalAssertion);
    transformedAssertion.setSubject(subject);
    MatchingServiceAuthnStatement authnStatement = originalAssertion.getAuthnStatement();
    transformedAssertion.getAuthnStatements().add(matchingServiceAuthnStatementToAuthnStatementTransformer.transform(authnStatement));
    Conditions conditions = openSamlXmlObjectFactory.createConditions();
    AudienceRestriction audienceRestriction = openSamlXmlObjectFactory.createAudienceRestriction(originalAssertion.getAudience());
    conditions.getAudienceRestrictions().add(audienceRestriction);
    transformedAssertion.setConditions(conditions);
    List<Attribute> userAttributesForAccountCreation = originalAssertion.getUserAttributesForAccountCreation();
    if (!userAttributesForAccountCreation.isEmpty()) {
        addAttributes(transformedAssertion, userAttributesForAccountCreation);
    }
    return transformedAssertion;
}
Also used : AudienceRestriction(org.opensaml.saml.saml2.core.AudienceRestriction) Issuer(org.opensaml.saml.saml2.core.Issuer) Attribute(org.opensaml.saml.saml2.core.Attribute) MatchingServiceAssertion(uk.gov.ida.saml.msa.test.domain.MatchingServiceAssertion) Assertion(org.opensaml.saml.saml2.core.Assertion) MatchingServiceAuthnStatement(uk.gov.ida.saml.core.domain.MatchingServiceAuthnStatement) Subject(org.opensaml.saml.saml2.core.Subject) Conditions(org.opensaml.saml.saml2.core.Conditions)

Example 2 with AudienceRestriction

use of org.opensaml.saml2.core.AudienceRestriction in project cxf by apache.

the class SamlOAuthValidator method validateAudience.

private void validateAudience(Message message, Conditions cs) {
    String absoluteAddress = getAbsoluteTargetAddress(message);
    List<AudienceRestriction> restrictions = cs.getAudienceRestrictions();
    for (AudienceRestriction ar : restrictions) {
        List<Audience> audiences = ar.getAudiences();
        for (Audience a : audiences) {
            if (absoluteAddress.equals(a.getAudienceURI())) {
                return;
            }
        }
    }
    throw ExceptionUtils.toNotAuthorizedException(null, null);
}
Also used : AudienceRestriction(org.opensaml.saml.saml2.core.AudienceRestriction) Audience(org.opensaml.saml.saml2.core.Audience)

Example 3 with AudienceRestriction

use of org.opensaml.saml2.core.AudienceRestriction in project cxf by apache.

the class SAMLSSOResponseValidator method matchSaml2AudienceRestriction.

private boolean matchSaml2AudienceRestriction(String appliesTo, List<AudienceRestriction> audienceRestrictions) {
    boolean oneMatchFound = false;
    if (audienceRestrictions != null && !audienceRestrictions.isEmpty()) {
        for (AudienceRestriction audienceRestriction : audienceRestrictions) {
            if (audienceRestriction.getAudiences() != null) {
                boolean matchFound = false;
                for (org.opensaml.saml.saml2.core.Audience audience : audienceRestriction.getAudiences()) {
                    if (appliesTo.equals(audience.getAudienceURI())) {
                        matchFound = true;
                        oneMatchFound = true;
                        break;
                    }
                }
                if (!matchFound) {
                    return false;
                }
            }
        }
    }
    return oneMatchFound;
}
Also used : AudienceRestriction(org.opensaml.saml.saml2.core.AudienceRestriction)

Example 4 with AudienceRestriction

use of org.opensaml.saml2.core.AudienceRestriction in project MaxKey by dromara.

the class ConditionsGenerator method generateConditions.

public Conditions generateConditions(String audienceUrl, int validInSeconds) {
    Conditions conditions = new ConditionsBuilder().buildObject();
    conditions.setNotBefore(new DateTime());
    conditions.setNotOnOrAfter(new DateTime().plus(validInSeconds * 1000));
    AudienceRestriction audienceRestriction = builderAudienceRestriction(audienceUrl);
    conditions.getAudienceRestrictions().add(audienceRestriction);
    return conditions;
}
Also used : AudienceRestriction(org.opensaml.saml2.core.AudienceRestriction) Conditions(org.opensaml.saml2.core.Conditions) DateTime(org.joda.time.DateTime) ConditionsBuilder(org.opensaml.saml2.core.impl.ConditionsBuilder)

Example 5 with AudienceRestriction

use of org.opensaml.saml2.core.AudienceRestriction in project MaxKey by dromara.

the class ConditionsGenerator method builderAudienceRestriction.

public AudienceRestriction builderAudienceRestriction(String audienceUrl) {
    AudienceRestriction audienceRestriction = new AudienceRestrictionBuilder().buildObject();
    Audience audience = new AudienceBuilder().buildObject();
    audience.setAudienceURI(audienceUrl);
    audienceRestriction.getAudiences().add(audience);
    logger.debug("Audience URL " + audienceUrl);
    return audienceRestriction;
}
Also used : AudienceRestriction(org.opensaml.saml2.core.AudienceRestriction) AudienceRestrictionBuilder(org.opensaml.saml2.core.impl.AudienceRestrictionBuilder) Audience(org.opensaml.saml2.core.Audience) AudienceBuilder(org.opensaml.saml2.core.impl.AudienceBuilder)

Aggregations

AudienceRestriction (org.opensaml.saml.saml2.core.AudienceRestriction)5 DateTime (org.joda.time.DateTime)2 Assertion (org.opensaml.saml.saml2.core.Assertion)2 Audience (org.opensaml.saml.saml2.core.Audience)2 AudienceRestriction (org.opensaml.saml2.core.AudienceRestriction)2 SamlResponse (com.coveo.saml.SamlResponse)1 MessageConstants (com.epam.pipeline.common.MessageConstants)1 MessageHelper (com.epam.pipeline.common.MessageHelper)1 PipelineUser (com.epam.pipeline.entity.user.PipelineUser)1 PreferenceManager (com.epam.pipeline.manager.preference.PreferenceManager)1 SYSTEM_EXTERNAL_SERVICES_ENDPOINTS (com.epam.pipeline.manager.preference.SystemPreferences.SYSTEM_EXTERNAL_SERVICES_ENDPOINTS)1 UserManager (com.epam.pipeline.manager.user.UserManager)1 ExternalServiceEndpoint (com.epam.pipeline.security.ExternalServiceEndpoint)1 UserContext (com.epam.pipeline.security.UserContext)1 File (java.io.File)1 FileReader (java.io.FileReader)1 IOException (java.io.IOException)1 List (java.util.List)1 Optional (java.util.Optional)1 Function (java.util.function.Function)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial