Example 1 with Statement
use of org.opensaml.saml2.core.Statement in project cas by apereo.
the class SamlProfileSamlAssertionBuilder method build.
@Override
public Assertion build(final AuthnRequest authnRequest, final HttpServletRequest request, final HttpServletResponse response, final org.jasig.cas.client.validation.Assertion casAssertion, final SamlRegisteredService service, final SamlRegisteredServiceServiceProviderMetadataFacade adaptor) throws SamlException {
final List<Statement> statements = new ArrayList<>();
statements.add(this.samlProfileSamlAuthNStatementBuilder.build(authnRequest, request, response, casAssertion, service, adaptor));
statements.add(this.samlProfileSamlAttributeStatementBuilder.build(authnRequest, request, response, casAssertion, service, adaptor));
final String id = '_' + String.valueOf(Math.abs(new SecureRandom().nextLong()));
final Assertion assertion = newAssertion(statements, casProperties.getAuthn().getSamlIdp().getEntityId(), ZonedDateTime.now(ZoneOffset.UTC), id);
assertion.setSubject(this.samlProfileSamlSubjectBuilder.build(authnRequest, request, response, casAssertion, service, adaptor));
assertion.setConditions(this.samlProfileSamlConditionsBuilder.build(authnRequest, request, response, casAssertion, service, adaptor));
signAssertion(assertion, request, response, service, adaptor);
return assertion;
}
Also used :
AuthnStatement(org.opensaml.saml.saml2.core.AuthnStatement)
AttributeStatement(org.opensaml.saml.saml2.core.AttributeStatement)
Statement(org.opensaml.saml.saml2.core.Statement)
ArrayList(java.util.ArrayList)
Assertion(org.opensaml.saml.saml2.core.Assertion)
SecureRandom(java.security.SecureRandom)
Example 2 with Statement
use of org.opensaml.saml2.core.Statement in project OpenAttestation by OpenAttestation.
the class TrustAssertion method populateAssertionMap.
/**
* Sample assertion statements that may appear in the XML: Trusted (boolean)
* Trusted_BIOS (boolean) Trusted_VMM (boolean) BIOS_Name (string)
* BIOS_Version (string) BIOS_OEM (string) VMM_Name (string) VMM_Version
* (string) VMM_OSName (string) VMM_OSVersion (string) The BIOS_* entries
* will only appear if Trusted_BIOS is true The VMM_* entries will only
* appear if Trusted_VMM is true
*/
private void populateAssertionMap() {
for (Statement statement : assertion.getStatements()) {
if (statement instanceof AttributeStatement) {
HashMap<String, String> assertionMap = new HashMap<String, String>();
HostTrustAssertion hostTrustAssertion = new HostTrustAssertion(assertion, assertionMap);
log.debug("attributes.size: " + ((AttributeStatement) statement).getAttributes().size());
for (Attribute attribute : ((AttributeStatement) statement).getAttributes()) {
String attributeValue = null;
for (XMLObject value : attribute.getAttributeValues()) {
if (value instanceof XSAny) {
// boolean attributes are the text "true" or "false"
attributeValue = (((XSAny) value).getTextContent());
}
if (value instanceof XSString) {
attributeValue = (((XSString) value).getValue());
}
}
assertionMap.put(attribute.getName(), attributeValue);
}
hostAssertionMap.put(assertionMap.get("Host_Name"), hostTrustAssertion);
}
}
}
Also used :
HashMap(java.util.HashMap)
Attribute(org.opensaml.saml2.core.Attribute)
Statement(org.opensaml.saml2.core.Statement)
AttributeStatement(org.opensaml.saml2.core.AttributeStatement)
AttributeStatement(org.opensaml.saml2.core.AttributeStatement)
XMLObject(org.opensaml.xml.XMLObject)
XSString(org.opensaml.xml.schema.XSString)
XSString(org.opensaml.xml.schema.XSString)
XSAny(org.opensaml.xml.schema.XSAny)
Example 3 with Statement
use of org.opensaml.saml2.core.Statement in project OpenAttestation by OpenAttestation.
the class SamlGenerator method createAssertion.
/**
* Differences from createAssertion:
* - the assertion ID is "MultipleHostTrustAssertion" instead of "HostTrustAssertion"
* - there is no overall Subject for the assertion because it's for multiple host
* - each host is identified with host attributes within its own attribute statement
*
* @param hosts
* @return
* @throws ConfigurationException
* @throws UnknownHostException
*/
private Assertion createAssertion(Collection<TxtHostWithAssetTag> hosts) throws ConfigurationException, UnknownHostException {
// Create the assertion
SAMLObjectBuilder assertionBuilder = (SAMLObjectBuilder) builderFactory.getBuilder(Assertion.DEFAULT_ELEMENT_NAME);
Assertion assertion = (Assertion) assertionBuilder.buildObject();
// ID is arbitrary, only needs to be unique WITHIN THE DOCUMENT, and is required so that the Signature element can refer to it, for example #HostTrustAssertion
assertion.setID("MultipleHostTrustAssertion");
assertion.setIssuer(createIssuer());
DateTime now = new DateTime();
assertion.setIssueInstant(now);
assertion.setVersion(SAMLVersion.VERSION_20);
// assertion.setSubject(createSubject(host));
for (TxtHostWithAssetTag host : hosts) {
assertion.getAttributeStatements().add(createHostAttributes(host.getHost(), host.getTagCertificate(), null));
}
return assertion;
}
Also used :
SAMLObjectBuilder(org.opensaml.common.SAMLObjectBuilder)
Assertion(org.opensaml.saml2.core.Assertion)
DateTime(org.joda.time.DateTime)
Example 4 with Statement
use of org.opensaml.saml2.core.Statement in project cas by apereo.
the class SamlProfileSamlAssertionBuilder method build.
@Override
public Assertion build(final RequestAbstractType authnRequest, final HttpServletRequest request, final HttpServletResponse response, final Object casAssertion, final SamlRegisteredService service, final SamlRegisteredServiceServiceProviderMetadataFacade adaptor, final String binding) throws SamlException {
final List<Statement> statements = new ArrayList<>();
final AuthnStatement authnStatement = this.samlProfileSamlAuthNStatementBuilder.build(authnRequest, request, response, casAssertion, service, adaptor, binding);
statements.add(authnStatement);
final AttributeStatement attrStatement = this.samlProfileSamlAttributeStatementBuilder.build(authnRequest, request, response, casAssertion, service, adaptor, binding);
if (!attrStatement.getAttributes().isEmpty() || !attrStatement.getEncryptedAttributes().isEmpty()) {
statements.add(attrStatement);
}
final String id = '_' + String.valueOf(Math.abs(RandomUtils.getNativeInstance().nextLong()));
final Assertion assertion = newAssertion(statements, casProperties.getAuthn().getSamlIdp().getEntityId(), ZonedDateTime.now(ZoneOffset.UTC), id);
assertion.setSubject(this.samlProfileSamlSubjectBuilder.build(authnRequest, request, response, casAssertion, service, adaptor, binding));
assertion.setConditions(this.samlProfileSamlConditionsBuilder.build(authnRequest, request, response, casAssertion, service, adaptor, binding));
signAssertion(assertion, request, response, service, adaptor, binding);
return assertion;
}
Also used :
AuthnStatement(org.opensaml.saml.saml2.core.AuthnStatement)
AttributeStatement(org.opensaml.saml.saml2.core.AttributeStatement)
Statement(org.opensaml.saml.saml2.core.Statement)
AttributeStatement(org.opensaml.saml.saml2.core.AttributeStatement)
ArrayList(java.util.ArrayList)
AuthnStatement(org.opensaml.saml.saml2.core.AuthnStatement)
Assertion(org.opensaml.saml.saml2.core.Assertion)
Example 5 with Statement
use of org.opensaml.saml2.core.Statement in project cxf by apache.
the class SAMLUtils method getSaml1Subject.
private static org.opensaml.saml.saml1.core.Subject getSaml1Subject(SamlAssertionWrapper assertionW) {
for (Statement stmt : assertionW.getSaml1().getStatements()) {
final org.opensaml.saml.saml1.core.Subject samlSubject;
if (stmt instanceof AttributeStatement) {
AttributeStatement attrStmt = (AttributeStatement) stmt;
samlSubject = attrStmt.getSubject();
} else if (stmt instanceof AuthenticationStatement) {
AuthenticationStatement authStmt = (AuthenticationStatement) stmt;
samlSubject = authStmt.getSubject();
} else {
AuthorizationDecisionStatement authzStmt = (AuthorizationDecisionStatement) stmt;
samlSubject = authzStmt.getSubject();
}
if (samlSubject != null) {
return samlSubject;
}
}
return null;
}
Also used :
AttributeStatement(org.opensaml.saml.saml1.core.AttributeStatement)
Statement(org.opensaml.saml.saml1.core.Statement)
AuthorizationDecisionStatement(org.opensaml.saml.saml1.core.AuthorizationDecisionStatement)
AuthenticationStatement(org.opensaml.saml.saml1.core.AuthenticationStatement)
AttributeStatement(org.opensaml.saml.saml1.core.AttributeStatement)
AuthorizationDecisionStatement(org.opensaml.saml.saml1.core.AuthorizationDecisionStatement)
AuthenticationStatement(org.opensaml.saml.saml1.core.AuthenticationStatement)
Aggregations
ArrayList (java.util.ArrayList)2
Assertion (org.opensaml.saml.saml2.core.Assertion)2
AttributeStatement (org.opensaml.saml.saml2.core.AttributeStatement)2
AuthnStatement (org.opensaml.saml.saml2.core.AuthnStatement)2
Statement (org.opensaml.saml.saml2.core.Statement)2
SecureRandom (java.security.SecureRandom)1
HashMap (java.util.HashMap)1
DateTime (org.joda.time.DateTime)1
SAMLObjectBuilder (org.opensaml.common.SAMLObjectBuilder)1
AttributeStatement (org.opensaml.saml.saml1.core.AttributeStatement)1
AuthenticationStatement (org.opensaml.saml.saml1.core.AuthenticationStatement)1
AuthorizationDecisionStatement (org.opensaml.saml.saml1.core.AuthorizationDecisionStatement)1
Statement (org.opensaml.saml.saml1.core.Statement)1
Assertion (org.opensaml.saml2.core.Assertion)1
Attribute (org.opensaml.saml2.core.Attribute)1
AttributeStatement (org.opensaml.saml2.core.AttributeStatement)1
Statement (org.opensaml.saml2.core.Statement)1
XMLObject (org.opensaml.xml.XMLObject)1
XSAny (org.opensaml.xml.schema.XSAny)1
XSString (org.opensaml.xml.schema.XSString)1
