use of org.opensaml.saml2.core.NameID in project ddf by codice.
the class SamlProtocol method createNameID.
public static NameID createNameID(String nameIdValue) {
NameID nameId = nameIdBuilder.buildObject();
nameId.setValue(nameIdValue);
return nameId;
}
use of org.opensaml.saml2.core.NameID in project cas by apereo.
the class SamlProfileSamlNameIdBuilder method encodeNameIdBasedOnNameFormat.
/**
* Encode name id based on name format name id.
*
* @param authnRequest the authn request
* @param assertion the assertion
* @param nameFormat the name format
* @param service the service
* @param adaptor the adaptor
* @return the name id
*/
protected NameID encodeNameIdBasedOnNameFormat(final RequestAbstractType authnRequest, final Object assertion, final String nameFormat, final SamlRegisteredService service, final SamlRegisteredServiceServiceProviderMetadataFacade adaptor) {
try {
if (authnRequest instanceof AttributeQuery) {
final AttributeQuery query = AttributeQuery.class.cast(authnRequest);
final NameID nameID = query.getSubject().getNameID();
nameID.detach();
return nameID;
}
final IdPAttribute attribute = prepareNameIdAttribute(assertion, nameFormat, adaptor);
final SAML2StringNameIDEncoder encoder = prepareNameIdEncoder(authnRequest, nameFormat, attribute, service, adaptor);
LOGGER.debug("Encoding NameID based on [{}]", nameFormat);
final NameID nameid = encoder.encode(attribute);
LOGGER.debug("Final NameID encoded with format [{}] has value [{}]", nameid.getFormat(), nameid.getValue());
return nameid;
} catch (final Exception e) {
LOGGER.error(e.getMessage(), e);
}
return null;
}
use of org.opensaml.saml2.core.NameID in project cas by apereo.
the class SamlProfileSamlNameIdBuilder method buildNameId.
/**
* Build name id.
* If there are no explicitly defined NameIDFormats, include the default format.
* see: http://saml2int.org/profile/current/#section92
*
* @param authnRequest the authn request
* @param assertion the assertion
* @param service the service
* @param adaptor the adaptor
* @return the name id
* @throws SamlException the saml exception
*/
private NameID buildNameId(final RequestAbstractType authnRequest, final Object assertion, final SamlRegisteredService service, final SamlRegisteredServiceServiceProviderMetadataFacade adaptor) throws SamlException {
final List<String> supportedNameFormats = getSupportedNameIdFormats(service, adaptor);
final String requiredNameFormat = getRequiredNameIdFormatIfAny(authnRequest);
validateRequiredNameIdFormatIfAny(authnRequest, adaptor, supportedNameFormats, requiredNameFormat);
final NameID nameid = determineNameId(authnRequest, assertion, supportedNameFormats, service, adaptor);
return finalizeNameId(nameid, authnRequest, assertion, supportedNameFormats, service, adaptor);
}
use of org.opensaml.saml2.core.NameID in project cas by apereo.
the class SamlProfileSamlNameIdBuilder method determineNameId.
/**
* Determine name id name id.
*
* @param authnRequest the authn request
* @param assertion the assertion
* @param supportedNameFormats the supported name formats
* @param service the service
* @param adaptor the adaptor
* @return the name id
*/
protected NameID determineNameId(final RequestAbstractType authnRequest, final Object assertion, final List<String> supportedNameFormats, final SamlRegisteredService service, final SamlRegisteredServiceServiceProviderMetadataFacade adaptor) {
for (final String nameFormat : supportedNameFormats) {
LOGGER.debug("Evaluating NameID format [{}]", nameFormat);
final NameID nameid = encodeNameIdBasedOnNameFormat(authnRequest, assertion, nameFormat, service, adaptor);
if (nameid != null) {
return nameid;
}
}
return null;
}
use of org.opensaml.saml2.core.NameID in project cas by apereo.
the class SamlProfileSamlSubjectBuilder method buildSubject.
private Subject buildSubject(final HttpServletRequest request, final HttpServletResponse response, final RequestAbstractType authnRequest, final Object casAssertion, final SamlRegisteredService service, final SamlRegisteredServiceServiceProviderMetadataFacade adaptor, final String binding) throws SamlException {
final Assertion assertion = Assertion.class.cast(casAssertion);
final ZonedDateTime validFromDate = ZonedDateTime.ofInstant(assertion.getValidFromDate().toInstant(), ZoneOffset.UTC);
LOGGER.debug("Locating the assertion consumer service url for binding [{}]", binding);
@NonNull final AssertionConsumerService acs = adaptor.getAssertionConsumerService(binding);
final String location = StringUtils.isBlank(acs.getResponseLocation()) ? acs.getLocation() : acs.getResponseLocation();
if (StringUtils.isBlank(location)) {
LOGGER.warn("Subject recipient is not defined from either authentication request or metadata for [{}]", adaptor.getEntityId());
}
final NameID nameId = getNameIdForService(request, response, authnRequest, service, adaptor, binding, assertion);
final Subject subject = newSubject(nameId, service.isSkipGeneratingSubjectConfirmationRecipient() ? null : location, service.isSkipGeneratingSubjectConfirmationNotOnOrAfter() ? null : validFromDate.plusSeconds(this.skewAllowance), service.isSkipGeneratingSubjectConfirmationInResponseTo() ? null : authnRequest.getID(), service.isSkipGeneratingSubjectConfirmationNotBefore() ? null : ZonedDateTime.now());
LOGGER.debug("Created SAML subject [{}]", subject);
return subject;
}
Aggregations