Examples with AuthnStatement org.opensaml.saml2.core.AuthnStatement used on opensource projects

Example 1 with AuthnStatement

use of org.opensaml.saml2.core.AuthnStatement in project cas by apereo.

the class GoogleAccountsServiceResponseBuilder method constructSamlResponse.

/**
     * Construct SAML response.
     * <a href="http://bit.ly/1uI8Ggu">See this reference for more info.</a>
     *
     * @param service the service
     * @return the SAML response
     */
protected String constructSamlResponse(final GoogleAccountsService service) {
    final ZonedDateTime currentDateTime = ZonedDateTime.now(ZoneOffset.UTC);
    final ZonedDateTime notBeforeIssueInstant = ZonedDateTime.parse("2003-04-17T00:46:02Z");
    final RegisteredService registeredService = servicesManager.findServiceBy(service);
    if (registeredService == null || !registeredService.getAccessStrategy().isServiceAccessAllowed()) {
        throw new UnauthorizedServiceException(UnauthorizedServiceException.CODE_UNAUTHZ_SERVICE);
    }
    final String userId = registeredService.getUsernameAttributeProvider().resolveUsername(service.getPrincipal(), service);
    final org.opensaml.saml.saml2.core.Response response = this.samlObjectBuilder.newResponse(this.samlObjectBuilder.generateSecureRandomId(), currentDateTime, service.getId(), service);
    response.setStatus(this.samlObjectBuilder.newStatus(StatusCode.SUCCESS, null));
    final String sessionIndex = '_' + String.valueOf(Math.abs(new SecureRandom().nextLong()));
    final AuthnStatement authnStatement = this.samlObjectBuilder.newAuthnStatement(AuthnContext.PASSWORD_AUTHN_CTX, currentDateTime, sessionIndex);
    final Assertion assertion = this.samlObjectBuilder.newAssertion(authnStatement, casServerPrefix, notBeforeIssueInstant, this.samlObjectBuilder.generateSecureRandomId());
    final Conditions conditions = this.samlObjectBuilder.newConditions(notBeforeIssueInstant, currentDateTime.plusSeconds(this.skewAllowance), service.getId());
    assertion.setConditions(conditions);
    final Subject subject = this.samlObjectBuilder.newSubject(NameID.EMAIL, userId, service.getId(), currentDateTime.plusSeconds(this.skewAllowance), service.getRequestId());
    assertion.setSubject(subject);
    response.getAssertions().add(assertion);
    final StringWriter writer = new StringWriter();
    this.samlObjectBuilder.marshalSamlXmlObject(response, writer);
    final String result = writer.toString();
    LOGGER.debug("Generated Google SAML response: [{}]", result);
    return result;
}

Example 2 with AuthnStatement

use of org.opensaml.saml2.core.AuthnStatement in project ddf by codice.

the class SecurityAssertionImpl method toString.

/*
     * (non-Javadoc)
     * 
     * @see java.lang.Object#toString()
     */
@Override
public String toString() {
    StringBuilder result = new StringBuilder();
    result.append("Principal: ");
    result.append(getPrincipal());
    result.append(", Attributes: ");
    for (AttributeStatement attributeStatement : getAttributeStatements()) {
        for (Attribute attr : attributeStatement.getAttributes()) {
            result.append("[ ");
            result.append(attr.getName());
            result.append(" : ");
            for (int i = 0; i < attr.getAttributeValues().size(); i++) {
                result.append(((XSString) attr.getAttributeValues().get(i)).getValue());
            }
            result.append("] ");
        }
    }
    // add this back in when we support parsing this information
    result.append(", AuthnStatements: ");
    for (AuthnStatement authStatement : getAuthnStatements()) {
        result.append("[ ");
        result.append(authStatement.getAuthnInstant());
        result.append(" : ");
        result.append(authStatement.getAuthnContext().getAuthnContextClassRef().getAuthnContextClassRef());
        result.append("] ");
    }
    //        }
    return result.toString();
}

Example 3 with AuthnStatement

use of org.opensaml.saml2.core.AuthnStatement in project cas by apereo.

the class SamlProfileSamlAuthNStatementBuilder method buildAuthnStatement.

/**
 * Creates an authentication statement for the current request.
 *
 * @param assertion    the assertion
 * @param authnRequest the authn request
 * @param adaptor      the adaptor
 * @param service      the service
 * @param binding      the binding
 * @return constructed authentication statement
 * @throws SamlException the saml exception
 */
private AuthnStatement buildAuthnStatement(final Object casAssertion, final RequestAbstractType authnRequest, final SamlRegisteredServiceServiceProviderMetadataFacade adaptor, final SamlRegisteredService service, final String binding) throws SamlException {
    final Assertion assertion = Assertion.class.cast(casAssertion);
    final String authenticationMethod = this.authnContextClassRefBuilder.build(assertion, authnRequest, adaptor, service);
    final String id = '_' + String.valueOf(Math.abs(RandomUtils.getNativeInstance().nextLong()));
    final AuthnStatement statement = newAuthnStatement(authenticationMethod, DateTimeUtils.zonedDateTimeOf(assertion.getAuthenticationDate()), id);
    if (assertion.getValidUntilDate() != null) {
        final ZonedDateTime dt = DateTimeUtils.zonedDateTimeOf(assertion.getValidUntilDate());
        statement.setSessionNotOnOrAfter(DateTimeUtils.dateTimeOf(dt.plusSeconds(casProperties.getAuthn().getSamlIdp().getResponse().getSkewAllowance())));
    }
    statement.setSubjectLocality(buildSubjectLocality(assertion, authnRequest, adaptor, binding));
    return statement;
}

Example 4 with AuthnStatement

use of org.opensaml.saml2.core.AuthnStatement in project webcert by sklintyg.

the class BaseFakeAuthenticationProvider method attachAuthenticationContext.

protected void attachAuthenticationContext(Assertion assertion, String authContextRef) {
    AuthnStatement authnStatement = new AuthnStatementBuilder().buildObject();
    AuthnContext authnContext = new AuthnContextBuilder().buildObject();
    AuthnContextClassRef authnContextClassRef = new AuthnContextClassRefBuilder().buildObject();
    authnContextClassRef.setAuthnContextClassRef(authContextRef);
    authnContext.setAuthnContextClassRef(authnContextClassRef);
    authnStatement.setAuthnContext(authnContext);
    assertion.getAuthnStatements().add(authnStatement);
}

Example 5 with AuthnStatement

use of org.opensaml.saml2.core.AuthnStatement in project spring-security by spring-projects.

the class TestOpenSamlObjects method assertion.

static Assertion assertion(String username, String issuerEntityId, String recipientEntityId, String recipientUri) {
    Assertion assertion = build(Assertion.DEFAULT_ELEMENT_NAME);
    assertion.setID("A" + UUID.randomUUID().toString());
    assertion.setVersion(SAMLVersion.VERSION_20);
    assertion.setIssuer(issuer(issuerEntityId));
    assertion.setSubject(subject(username));
    assertion.setConditions(conditions());
    SubjectConfirmation subjectConfirmation = subjectConfirmation();
    subjectConfirmation.setMethod(SubjectConfirmation.METHOD_BEARER);
    SubjectConfirmationData confirmationData = subjectConfirmationData(recipientEntityId);
    confirmationData.setRecipient(recipientUri);
    subjectConfirmation.setSubjectConfirmationData(confirmationData);
    assertion.getSubject().getSubjectConfirmations().add(subjectConfirmation);
    AuthnStatement statement = build(AuthnStatement.DEFAULT_ELEMENT_NAME);
    statement.setSessionIndex("session-index");
    assertion.getAuthnStatements().add(statement);
    return assertion;
}