Examples with Subject - org.opensaml.saml2.core.Subject

Example 1 with Subject

use of org.opensaml.saml2.core.Subject in project OpenAttestation by OpenAttestation.

the class SamlGenerator method createSubject.

private Subject createSubject(TxtHost host) throws ConfigurationException, UnknownHostException {
    // Create the Subject
    SAMLObjectBuilder subjectBuilder = (SAMLObjectBuilder) builderFactory.getBuilder(Subject.DEFAULT_ELEMENT_NAME);
    Subject subject = (Subject) subjectBuilder.buildObject();
    subject.setNameID(createNameID(host));
    subject.getSubjectConfirmations().add(createSubjectConfirmation(host));
    return subject;
}

Also used : SAMLObjectBuilder(org.opensaml.common.SAMLObjectBuilder) Subject(org.opensaml.saml2.core.Subject)

Example 2 with Subject

use of org.opensaml.saml2.core.Subject in project cas by apereo.

the class GoogleAccountsServiceResponseBuilder method constructSamlResponse.

/**
     * Construct SAML response.
     * <a href="http://bit.ly/1uI8Ggu">See this reference for more info.</a>
     *
     * @param service the service
     * @return the SAML response
     */
protected String constructSamlResponse(final GoogleAccountsService service) {
    final ZonedDateTime currentDateTime = ZonedDateTime.now(ZoneOffset.UTC);
    final ZonedDateTime notBeforeIssueInstant = ZonedDateTime.parse("2003-04-17T00:46:02Z");
    final RegisteredService registeredService = servicesManager.findServiceBy(service);
    if (registeredService == null || !registeredService.getAccessStrategy().isServiceAccessAllowed()) {
        throw new UnauthorizedServiceException(UnauthorizedServiceException.CODE_UNAUTHZ_SERVICE);
    }
    final String userId = registeredService.getUsernameAttributeProvider().resolveUsername(service.getPrincipal(), service);
    final org.opensaml.saml.saml2.core.Response response = this.samlObjectBuilder.newResponse(this.samlObjectBuilder.generateSecureRandomId(), currentDateTime, service.getId(), service);
    response.setStatus(this.samlObjectBuilder.newStatus(StatusCode.SUCCESS, null));
    final String sessionIndex = '_' + String.valueOf(Math.abs(new SecureRandom().nextLong()));
    final AuthnStatement authnStatement = this.samlObjectBuilder.newAuthnStatement(AuthnContext.PASSWORD_AUTHN_CTX, currentDateTime, sessionIndex);
    final Assertion assertion = this.samlObjectBuilder.newAssertion(authnStatement, casServerPrefix, notBeforeIssueInstant, this.samlObjectBuilder.generateSecureRandomId());
    final Conditions conditions = this.samlObjectBuilder.newConditions(notBeforeIssueInstant, currentDateTime.plusSeconds(this.skewAllowance), service.getId());
    assertion.setConditions(conditions);
    final Subject subject = this.samlObjectBuilder.newSubject(NameID.EMAIL, userId, service.getId(), currentDateTime.plusSeconds(this.skewAllowance), service.getRequestId());
    assertion.setSubject(subject);
    response.getAssertions().add(assertion);
    final StringWriter writer = new StringWriter();
    this.samlObjectBuilder.marshalSamlXmlObject(response, writer);
    final String result = writer.toString();
    LOGGER.debug("Generated Google SAML response: [{}]", result);
    return result;
}

Also used : RegisteredService(org.apereo.cas.services.RegisteredService) Assertion(org.opensaml.saml.saml2.core.Assertion) UnauthorizedServiceException(org.apereo.cas.services.UnauthorizedServiceException) SecureRandom(java.security.SecureRandom) Conditions(org.opensaml.saml.saml2.core.Conditions) Subject(org.opensaml.saml.saml2.core.Subject) StringWriter(java.io.StringWriter) ZonedDateTime(java.time.ZonedDateTime) AuthnStatement(org.opensaml.saml.saml2.core.AuthnStatement)

Example 3 with Subject

use of org.opensaml.saml2.core.Subject in project cas by apereo.

the class AbstractSaml20ObjectBuilder method newSubject.

/**
     * New subject element.
     *
     * @param nameIdFormat the name id format
     * @param nameIdValue  the name id value
     * @param recipient    the recipient
     * @param notOnOrAfter the not on or after
     * @param inResponseTo the in response to
     * @return the subject
     */
public Subject newSubject(final String nameIdFormat, final String nameIdValue, final String recipient, final ZonedDateTime notOnOrAfter, final String inResponseTo) {
    final SubjectConfirmation confirmation = newSamlObject(SubjectConfirmation.class);
    confirmation.setMethod(SubjectConfirmation.METHOD_BEARER);
    final SubjectConfirmationData data = newSamlObject(SubjectConfirmationData.class);
    data.setRecipient(recipient);
    data.setNotOnOrAfter(DateTimeUtils.dateTimeOf(notOnOrAfter));
    data.setInResponseTo(inResponseTo);
    confirmation.setSubjectConfirmationData(data);
    final Subject subject = newSamlObject(Subject.class);
    subject.setNameID(getNameID(nameIdFormat, nameIdValue));
    subject.getSubjectConfirmations().add(confirmation);
    return subject;
}

Also used : SubjectConfirmation(org.opensaml.saml.saml2.core.SubjectConfirmation) SubjectConfirmationData(org.opensaml.saml.saml2.core.SubjectConfirmationData) Subject(org.opensaml.saml.saml2.core.Subject)

Example 4 with Subject

use of org.opensaml.saml2.core.Subject in project ddf by codice.

the class SamlProtocol method createSubject.

public static Subject createSubject(NameID nameId) {
    Subject subject = subjectBuilder.buildObject();
    subject.setNameID(nameId);
    return subject;
}

Also used : Subject(org.opensaml.saml.saml2.core.Subject)

Example 5 with Subject

use of org.opensaml.saml2.core.Subject in project cas by apereo.

the class Saml10ObjectBuilder method newSubject.

/**
     * New subject element with given confirmation method.
     *
     * @param identifier the identifier
     * @param confirmationMethod the confirmation method
     * @return the subject
     */
public Subject newSubject(final String identifier, final String confirmationMethod) {
    final SubjectConfirmation confirmation = newSamlObject(SubjectConfirmation.class);
    final ConfirmationMethod method = newSamlObject(ConfirmationMethod.class);
    method.setConfirmationMethod(confirmationMethod);
    confirmation.getConfirmationMethods().add(method);
    final NameIdentifier nameIdentifier = newSamlObject(NameIdentifier.class);
    nameIdentifier.setNameIdentifier(identifier);
    final Subject subject = newSamlObject(Subject.class);
    subject.setNameIdentifier(nameIdentifier);
    subject.setSubjectConfirmation(confirmation);
    return subject;
}

Also used : SubjectConfirmation(org.opensaml.saml.saml1.core.SubjectConfirmation) NameIdentifier(org.opensaml.saml.saml1.core.NameIdentifier) ConfirmationMethod(org.opensaml.saml.saml1.core.ConfirmationMethod) Subject(org.opensaml.saml.saml1.core.Subject)

Aggregations

SAMLObjectBuilder (org.opensaml.common.SAMLObjectBuilder)4 Subject (org.opensaml.saml.saml2.core.Subject)4 ZonedDateTime (java.time.ZonedDateTime)3 Assertion (org.opensaml.saml2.core.Assertion)3 NameID (org.opensaml.saml2.core.NameID)3 RegisteredService (org.apereo.cas.services.RegisteredService)2 DateTime (org.joda.time.DateTime)2 Subject (org.opensaml.saml.saml1.core.Subject)2 Subject (org.opensaml.saml2.core.Subject)2 IOException (java.io.IOException)1 StringWriter (java.io.StringWriter)1 UnknownHostException (java.net.UnknownHostException)1 GeneralSecurityException (java.security.GeneralSecurityException)1 KeyStoreException (java.security.KeyStoreException)1 NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)1 SecureRandom (java.security.SecureRandom)1 UnrecoverableEntryException (java.security.UnrecoverableEntryException)1 CertificateException (java.security.cert.CertificateException)1 HttpServletResponse (javax.servlet.http.HttpServletResponse)1 MarshalException (javax.xml.crypto.MarshalException)1