Search in sources :

Example 1 with AudienceBuilder

use of org.opensaml.saml2.core.impl.AudienceBuilder in project MaxKey by dromara.

the class ConditionsGenerator method builderAudienceRestriction.

public AudienceRestriction builderAudienceRestriction(String audienceUrl) {
    AudienceRestriction audienceRestriction = new AudienceRestrictionBuilder().buildObject();
    Audience audience = new AudienceBuilder().buildObject();
    audience.setAudienceURI(audienceUrl);
    audienceRestriction.getAudiences().add(audience);
    logger.debug("Audience URL " + audienceUrl);
    return audienceRestriction;
}
Also used : AudienceRestriction(org.opensaml.saml2.core.AudienceRestriction) AudienceRestrictionBuilder(org.opensaml.saml2.core.impl.AudienceRestrictionBuilder) Audience(org.opensaml.saml2.core.Audience) AudienceBuilder(org.opensaml.saml2.core.impl.AudienceBuilder)

Example 2 with AudienceBuilder

use of org.opensaml.saml2.core.impl.AudienceBuilder in project uaa by cloudfoundry.

the class IdpWebSsoProfileImpl method buildAssertionConditions.

private void buildAssertionConditions(Assertion assertion, int assertionTtlSeconds, String audienceURI) {
    @SuppressWarnings("unchecked") SAMLObjectBuilder<Conditions> conditionsBuilder = (SAMLObjectBuilder<Conditions>) builderFactory.getBuilder(Conditions.DEFAULT_ELEMENT_NAME);
    Conditions conditions = conditionsBuilder.buildObject();
    conditions.setNotBefore(new DateTime());
    conditions.setNotOnOrAfter(new DateTime().plusSeconds(assertionTtlSeconds));
    @SuppressWarnings("unchecked") SAMLObjectBuilder<AudienceRestriction> audienceRestrictionBuilder = (SAMLObjectBuilder<AudienceRestriction>) builderFactory.getBuilder(AudienceRestriction.DEFAULT_ELEMENT_NAME);
    AudienceRestriction audienceRestriction = audienceRestrictionBuilder.buildObject();
    @SuppressWarnings("unchecked") SAMLObjectBuilder<Audience> audienceBuilder = (SAMLObjectBuilder<Audience>) builderFactory.getBuilder(Audience.DEFAULT_ELEMENT_NAME);
    Audience audience = audienceBuilder.buildObject();
    audience.setAudienceURI(audienceURI);
    audienceRestriction.getAudiences().add(audience);
    conditions.getAudienceRestrictions().add(audienceRestriction);
    assertion.setConditions(conditions);
}
Also used : AudienceRestriction(org.opensaml.saml2.core.AudienceRestriction) SAMLObjectBuilder(org.opensaml.common.SAMLObjectBuilder) Audience(org.opensaml.saml2.core.Audience) Conditions(org.opensaml.saml2.core.Conditions) DateTime(org.joda.time.DateTime)

Example 3 with AudienceBuilder

use of org.opensaml.saml2.core.impl.AudienceBuilder in project OpenUnison by TremoloSecurity.

the class Saml2Assertion method generateAssertion.

private Assertion generateAssertion(String id2) {
    byte[] idBytes = new byte[20];
    random.nextBytes(idBytes);
    StringBuffer b = new StringBuffer();
    b.append('f').append(Hex.encodeHexString(idBytes));
    String id = b.toString();
    AssertionBuilder assertionBuilder = new AssertionBuilder();
    Assertion assertion = assertionBuilder.buildObject();
    assertion.setID(id);
    IssuerBuilder issuerBuilder = new IssuerBuilder();
    Issuer issuer = issuerBuilder.buildObject();
    issuer.setValue(this.issuer);
    assertion.setIssuer(issuer);
    // Get the subject builder based on the subject element name
    SubjectBuilder builder = new SubjectBuilder();
    // Create the subject
    Subject subject = builder.buildObject();
    SubjectConfirmationBuilder scb = new SubjectConfirmationBuilder();
    SubjectConfirmation sc = scb.buildObject();
    sc.setMethod(SubjectConfirmation.METHOD_BEARER);
    SubjectConfirmationDataBuilder scdb = new SubjectConfirmationDataBuilder();
    SubjectConfirmationData scd = scdb.buildObject();
    scd.setNotOnOrAfter(this.notAfter);
    scd.setRecipient(this.recepient);
    sc.setSubjectConfirmationData(scd);
    subject.getSubjectConfirmations().add(sc);
    NameIDBuilder nameIDBuilder = new NameIDBuilder();
    NameID nameID = nameIDBuilder.buildObject();
    nameID.setValue(this.subject);
    nameID.setFormat(this.nameIDFormat);
    // Added an NameID and two SubjectConfirmation items - creation of these items is not shown
    subject.setNameID(nameID);
    assertion.setSubject(subject);
    AuthnStatementBuilder authnStmtBuilder = new AuthnStatementBuilder();
    AuthnStatement authn = authnStmtBuilder.buildObject();
    authn.setAuthnInstant(this.issueInstant);
    AuthnContextBuilder authnCtxBuilder = new AuthnContextBuilder();
    AuthnContext authnCtx = authnCtxBuilder.buildObject();
    AuthnContextClassRefBuilder accrb = new AuthnContextClassRefBuilder();
    AuthnContextClassRef accrf = accrb.buildObject();
    accrf.setURI(this.authnContextRef);
    authnCtx.setAuthnContextClassRef(accrf);
    authn.setAuthnContext(authnCtx);
    // AuthnContextClassRefBuilder accrb = new AuthnContextClassRefBuilder();
    // AuthnContextClassRef accr = accrb.buildObject();
    // accr.setAuthnContextClassRef("urn:oasis:names:tc:SAML:2.0:ac:classes:unspecified");
    authn.setSessionIndex(id);
    // authnCtx.setAuthnContextClassRef(accr);
    // authn.setAuthnContext(authnCtx);
    assertion.getAuthnStatements().add(authn);
    AttributeStatementBuilder attrb = new AttributeStatementBuilder();
    AttributeStatement attrStmt = attrb.buildObject();
    boolean addAttrs = false;
    Iterator<Attribute> attrs = this.attribs.iterator();
    while (attrs.hasNext()) {
        Attribute attrib = attrs.next();
        AttributeBuilder attrBuilder = new AttributeBuilder();
        org.opensaml.saml.saml2.core.Attribute samlAttrib = attrBuilder.buildObject();
        samlAttrib.setName(attrib.getName());
        Iterator<String> attrVals = attrib.getValues().iterator();
        while (attrVals.hasNext()) {
            XSStringBuilder sb = new XSStringBuilder();
            XSString val = sb.buildObject(AttributeValue.DEFAULT_ELEMENT_NAME, XSString.TYPE_NAME);
            val.setValue(attrVals.next());
            samlAttrib.getAttributeValues().add(val);
            addAttrs = true;
        }
        attrStmt.getAttributes().add(samlAttrib);
    }
    if (addAttrs) {
        assertion.getAttributeStatements().add(attrStmt);
    }
    ConditionsBuilder cb = new ConditionsBuilder();
    Conditions conditions = cb.buildObject();
    conditions.setNotBefore(this.notBefore);
    conditions.setNotOnOrAfter(this.notAfter);
    AudienceRestrictionBuilder arb = new AudienceRestrictionBuilder();
    AudienceRestriction ar = arb.buildObject();
    AudienceBuilder ab = new AudienceBuilder();
    Audience a = ab.buildObject();
    a.setURI(this.audience);
    ar.getAudiences().add(a);
    conditions.getAudienceRestrictions().add(ar);
    assertion.setConditions(conditions);
    assertion.setIssueInstant(this.issueInstant);
    return assertion;
}
Also used : Issuer(org.opensaml.saml.saml2.core.Issuer) XSString(org.opensaml.core.xml.schema.XSString) SubjectConfirmationData(org.opensaml.saml.saml2.core.SubjectConfirmationData) AuthnStatementBuilder(org.opensaml.saml.saml2.core.impl.AuthnStatementBuilder) AuthnContextClassRefBuilder(org.opensaml.saml.saml2.core.impl.AuthnContextClassRefBuilder) XSStringBuilder(org.opensaml.core.xml.schema.impl.XSStringBuilder) Conditions(org.opensaml.saml.saml2.core.Conditions) SubjectConfirmationDataBuilder(org.opensaml.saml.saml2.core.impl.SubjectConfirmationDataBuilder) AuthnContext(org.opensaml.saml.saml2.core.AuthnContext) NameIDBuilder(org.opensaml.saml.saml2.core.impl.NameIDBuilder) AudienceRestriction(org.opensaml.saml.saml2.core.AudienceRestriction) SubjectConfirmation(org.opensaml.saml.saml2.core.SubjectConfirmation) SubjectBuilder(org.opensaml.saml.saml2.core.impl.SubjectBuilder) SubjectConfirmationBuilder(org.opensaml.saml.saml2.core.impl.SubjectConfirmationBuilder) AttributeStatementBuilder(org.opensaml.saml.saml2.core.impl.AttributeStatementBuilder) AttributeBuilder(org.opensaml.saml.saml2.core.impl.AttributeBuilder) AudienceRestrictionBuilder(org.opensaml.saml.saml2.core.impl.AudienceRestrictionBuilder) NameID(org.opensaml.saml.saml2.core.NameID) Audience(org.opensaml.saml.saml2.core.Audience) AudienceBuilder(org.opensaml.saml.saml2.core.impl.AudienceBuilder) AuthnContextBuilder(org.opensaml.saml.saml2.core.impl.AuthnContextBuilder) EncryptedAssertion(org.opensaml.saml.saml2.core.EncryptedAssertion) Assertion(org.opensaml.saml.saml2.core.Assertion) AuthnContextClassRef(org.opensaml.saml.saml2.core.AuthnContextClassRef) AssertionBuilder(org.opensaml.saml.saml2.core.impl.AssertionBuilder) XSString(org.opensaml.core.xml.schema.XSString) Subject(org.opensaml.saml.saml2.core.Subject) ConditionsBuilder(org.opensaml.saml.saml2.core.impl.ConditionsBuilder) AttributeStatement(org.opensaml.saml.saml2.core.AttributeStatement) AuthnStatement(org.opensaml.saml.saml2.core.AuthnStatement) IssuerBuilder(org.opensaml.saml.saml2.core.impl.IssuerBuilder)

Aggregations

Audience (org.opensaml.saml2.core.Audience)2 AudienceRestriction (org.opensaml.saml2.core.AudienceRestriction)2 DateTime (org.joda.time.DateTime)1 SAMLObjectBuilder (org.opensaml.common.SAMLObjectBuilder)1 XSString (org.opensaml.core.xml.schema.XSString)1 XSStringBuilder (org.opensaml.core.xml.schema.impl.XSStringBuilder)1 Assertion (org.opensaml.saml.saml2.core.Assertion)1 AttributeStatement (org.opensaml.saml.saml2.core.AttributeStatement)1 Audience (org.opensaml.saml.saml2.core.Audience)1 AudienceRestriction (org.opensaml.saml.saml2.core.AudienceRestriction)1 AuthnContext (org.opensaml.saml.saml2.core.AuthnContext)1 AuthnContextClassRef (org.opensaml.saml.saml2.core.AuthnContextClassRef)1 AuthnStatement (org.opensaml.saml.saml2.core.AuthnStatement)1 Conditions (org.opensaml.saml.saml2.core.Conditions)1 EncryptedAssertion (org.opensaml.saml.saml2.core.EncryptedAssertion)1 Issuer (org.opensaml.saml.saml2.core.Issuer)1 NameID (org.opensaml.saml.saml2.core.NameID)1 Subject (org.opensaml.saml.saml2.core.Subject)1 SubjectConfirmation (org.opensaml.saml.saml2.core.SubjectConfirmation)1 SubjectConfirmationData (org.opensaml.saml.saml2.core.SubjectConfirmationData)1