本文整理汇总了Java中org.opensaml.saml.saml2.core.AuthnStatement类的典型用法代码示例。如果您正苦于以下问题:Java AuthnStatement类的具体用法?Java AuthnStatement怎么用?Java AuthnStatement使用的例子?那么恭喜您, 这里精选的类代码示例或许可以为您提供帮助。
AuthnStatement类属于org.opensaml.saml.saml2.core包,在下文中一共展示了AuthnStatement类的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Java代码示例。
示例1: newAuthnStatement
import org.opensaml.saml.saml2.core.AuthnStatement; //导入依赖的package包/类
/**
* New authn statement.
*
* @param contextClassRef the context class ref such as {@link AuthnContext#PASSWORD_AUTHN_CTX}
* @param authnInstant the authn instant
* @param sessionIndex the session index
* @return the authn statement
*/
public AuthnStatement newAuthnStatement(final String contextClassRef, final ZonedDateTime authnInstant,
final String sessionIndex) {
LOGGER.debug("Building authentication statement with context class ref [{}] @ [{}] with index [{}]",
contextClassRef, authnInstant, sessionIndex);
final AuthnStatement stmt = newSamlObject(AuthnStatement.class);
final AuthnContext ctx = newSamlObject(AuthnContext.class);
final AuthnContextClassRef classRef = newSamlObject(AuthnContextClassRef.class);
classRef.setAuthnContextClassRef(contextClassRef);
ctx.setAuthnContextClassRef(classRef);
stmt.setAuthnContext(ctx);
stmt.setAuthnInstant(DateTimeUtils.dateTimeOf(authnInstant));
stmt.setSessionIndex(sessionIndex);
return stmt;
}
示例2: buildAuthnStatement
import org.opensaml.saml.saml2.core.AuthnStatement; //导入依赖的package包/类
/**
* Creates an authentication statement for the current request.
*
* @param assertion the assertion
* @param authnRequest the authn request
* @param adaptor the adaptor
* @param service the service
* @return constructed authentication statement
* @throws SamlException the saml exception
*/
private AuthnStatement buildAuthnStatement(final Assertion assertion, final AuthnRequest authnRequest,
final SamlRegisteredServiceServiceProviderMetadataFacade adaptor,
final SamlRegisteredService service) throws SamlException {
final String authenticationMethod = this.authnContextClassRefBuilder.build(assertion, authnRequest, adaptor, service);
final String id = '_' + String.valueOf(Math.abs(new SecureRandom().nextLong()));
final AuthnStatement statement = newAuthnStatement(authenticationMethod, DateTimeUtils.zonedDateTimeOf(assertion.getAuthenticationDate()), id);
if (assertion.getValidUntilDate() != null) {
final ZonedDateTime dt = DateTimeUtils.zonedDateTimeOf(assertion.getValidUntilDate());
statement.setSessionNotOnOrAfter(
DateTimeUtils.dateTimeOf(dt.plusSeconds(casProperties.getAuthn().getSamlIdp().getResponse().getSkewAllowance())));
}
statement.setSubjectLocality(buildSubjectLocality(assertion, authnRequest, adaptor));
return statement;
}
示例3: setUp
import org.opensaml.saml.saml2.core.AuthnStatement; //导入依赖的package包/类
@Before
public void setUp() {
instantValidator = mock(InstantValidator.class);
subjectValidator = mock(SubjectValidator.class);
conditionsValidator = mock(ConditionsValidator.class);
assertion = mock(Assertion.class);
AuthnStatement authnStatement = mock(AuthnStatement.class);
validator = new AssertionValidator(
instantValidator,
subjectValidator,
conditionsValidator
);
when(assertion.getAuthnStatements()).thenReturn(ImmutableList.of(authnStatement));
IdaSamlBootstrap.bootstrap();
}
示例4: newAssertion
import org.opensaml.saml.saml2.core.AuthnStatement; //导入依赖的package包/类
/**
* Create a new SAML1 response object.
*
* @param authnStatement the authn statement
* @param issuer the issuer
* @param issuedAt the issued at
* @param id the id
* @return the assertion
*/
public Assertion newAssertion(final AuthnStatement authnStatement, final String issuer,
final DateTime issuedAt, final String id) {
final Assertion assertion = newSamlObject(Assertion.class);
assertion.setID(id);
assertion.setIssueInstant(issuedAt);
assertion.setIssuer(newIssuer(issuer));
assertion.getAuthnStatements().add(authnStatement);
return assertion;
}
示例5: newAuthnStatement
import org.opensaml.saml.saml2.core.AuthnStatement; //导入依赖的package包/类
/**
* New authn statement.
*
* @param contextClassRef the context class ref such as {@link AuthnContext#PASSWORD_AUTHN_CTX}
* @param authnInstant the authn instant
* @return the authn statement
*/
public AuthnStatement newAuthnStatement(final String contextClassRef, final DateTime authnInstant) {
final AuthnStatement stmt = newSamlObject(AuthnStatement.class);
final AuthnContext ctx = newSamlObject(AuthnContext.class);
final AuthnContextClassRef classRef = newSamlObject(AuthnContextClassRef.class);
classRef.setAuthnContextClassRef(contextClassRef);
ctx.setAuthnContextClassRef(classRef);
stmt.setAuthnContext(ctx);
stmt.setAuthnInstant(authnInstant);
return stmt;
}
示例6: constructSamlResponse
import org.opensaml.saml.saml2.core.AuthnStatement; //导入依赖的package包/类
/**
* Construct SAML response.
* <a href="http://bit.ly/1uI8Ggu">See this reference for more info.</a>
* @return the SAML response
*/
private String constructSamlResponse() {
final DateTime currentDateTime = DateTime.parse(new ISOStandardDateFormat().getCurrentDateAndTime());
final DateTime notBeforeIssueInstant = DateTime.parse("2003-04-17T00:46:02Z");
final RegisteredService svc = this.servicesManager.findServiceBy(this);
final String userId = svc.getUsernameAttributeProvider().resolveUsername(getPrincipal(), this);
final org.opensaml.saml.saml2.core.Response response = BUILDER.newResponse(
BUILDER.generateSecureRandomId(),
currentDateTime,
getId(), this);
response.setStatus(BUILDER.newStatus(StatusCode.SUCCESS, null));
final AuthnStatement authnStatement = BUILDER.newAuthnStatement(
AuthnContext.PASSWORD_AUTHN_CTX, currentDateTime);
final Assertion assertion = BUILDER.newAssertion(authnStatement,
"https://www.opensaml.org/IDP",
notBeforeIssueInstant, BUILDER.generateSecureRandomId());
final Conditions conditions = BUILDER.newConditions(notBeforeIssueInstant,
currentDateTime, getId());
assertion.setConditions(conditions);
final Subject subject = BUILDER.newSubject(NameID.EMAIL, userId,
getId(), currentDateTime, this.requestId);
assertion.setSubject(subject);
response.getAssertions().add(assertion);
final StringWriter writer = new StringWriter();
BUILDER.marshalSamlXmlObject(response, writer);
final String result = writer.toString();
logger.debug("Generated Google SAML response: {}", result);
return result;
}
示例7: SamlProfileSamlAssertionBuilder
import org.opensaml.saml.saml2.core.AuthnStatement; //导入依赖的package包/类
public SamlProfileSamlAssertionBuilder(final OpenSamlConfigBean configBean,
final SamlProfileObjectBuilder<AuthnStatement> samlProfileSamlAuthNStatementBuilder,
final SamlProfileObjectBuilder<AttributeStatement> samlProfileSamlAttributeStatementBuilder,
final SamlProfileObjectBuilder<Subject> samlProfileSamlSubjectBuilder,
final SamlProfileObjectBuilder<Conditions> samlProfileSamlConditionsBuilder,
final BaseSamlObjectSigner samlObjectSigner) {
super(configBean);
this.samlProfileSamlAuthNStatementBuilder = samlProfileSamlAuthNStatementBuilder;
this.samlProfileSamlAttributeStatementBuilder = samlProfileSamlAttributeStatementBuilder;
this.samlProfileSamlSubjectBuilder = samlProfileSamlSubjectBuilder;
this.samlProfileSamlConditionsBuilder = samlProfileSamlConditionsBuilder;
this.samlObjectSigner = samlObjectSigner;
}
示例8: build
import org.opensaml.saml.saml2.core.AuthnStatement; //导入依赖的package包/类
@Override
public AuthnStatement build(final AuthnRequest authnRequest,
final HttpServletRequest request,
final HttpServletResponse response,
final Assertion assertion,
final SamlRegisteredService service,
final SamlRegisteredServiceServiceProviderMetadataFacade adaptor,
final String binding) throws SamlException {
return buildAuthnStatement(assertion, authnRequest, adaptor, service);
}
示例9: constructSamlResponse
import org.opensaml.saml.saml2.core.AuthnStatement; //导入依赖的package包/类
/**
* Construct SAML response.
* <a href="http://bit.ly/1uI8Ggu">See this reference for more info.</a>
*
* @param service the service
* @return the SAML response
*/
protected String constructSamlResponse(final GoogleAccountsService service) {
final ZonedDateTime currentDateTime = ZonedDateTime.now(ZoneOffset.UTC);
final ZonedDateTime notBeforeIssueInstant = ZonedDateTime.parse("2003-04-17T00:46:02Z");
final RegisteredService registeredService = servicesManager.findServiceBy(service);
if (registeredService == null || !registeredService.getAccessStrategy().isServiceAccessAllowed()) {
throw new UnauthorizedServiceException(UnauthorizedServiceException.CODE_UNAUTHZ_SERVICE);
}
final String userId = registeredService.getUsernameAttributeProvider().resolveUsername(service.getPrincipal(), service, registeredService);
final org.opensaml.saml.saml2.core.Response response = this.samlObjectBuilder.newResponse(
this.samlObjectBuilder.generateSecureRandomId(), currentDateTime, null, service);
response.setStatus(this.samlObjectBuilder.newStatus(StatusCode.SUCCESS, null));
final String sessionIndex = '_' + String.valueOf(Math.abs(new SecureRandom().nextLong()));
final AuthnStatement authnStatement = this.samlObjectBuilder.newAuthnStatement(AuthnContext.PASSWORD_AUTHN_CTX, currentDateTime, sessionIndex);
final Assertion assertion = this.samlObjectBuilder.newAssertion(authnStatement, casServerPrefix,
notBeforeIssueInstant, this.samlObjectBuilder.generateSecureRandomId());
final Conditions conditions = this.samlObjectBuilder.newConditions(notBeforeIssueInstant,
currentDateTime.plusSeconds(this.skewAllowance), service.getId());
assertion.setConditions(conditions);
final Subject subject = this.samlObjectBuilder.newSubject(NameID.EMAIL, userId,
service.getId(), currentDateTime.plusSeconds(this.skewAllowance), service.getRequestId());
assertion.setSubject(subject);
response.getAssertions().add(assertion);
final StringWriter writer = new StringWriter();
this.samlObjectBuilder.marshalSamlXmlObject(response, writer);
final String result = writer.toString();
LOGGER.debug("Generated Google SAML response: [{}]", result);
return result;
}
示例10: translate
import org.opensaml.saml.saml2.core.AuthnStatement; //导入依赖的package包/类
public TranslatedResponseBody translate(
List<Assertion> assertions,
String expectedInResponseTo,
LevelOfAssurance expectedLevelOfAssurance,
String entityId
) {
validateAssertions(assertions);
Assertion assertion = assertions.get(0);
assertionValidator.validate(assertion, expectedInResponseTo, entityId);
assertionsSignatureValidator.validate(assertions, IDPSSODescriptor.DEFAULT_ELEMENT_NAME);
AuthnStatement authnStatement = assertion.getAuthnStatements().get(0);
LevelOfAssurance levelOfAssurance = extractLevelOfAssurance(authnStatement);
LevelOfAssuranceValidator levelOfAssuranceValidator = new LevelOfAssuranceValidator();
levelOfAssuranceValidator.validate(levelOfAssurance, expectedLevelOfAssurance);
String nameID = assertion.getSubject().getNameID().getValue();
List<AttributeStatement> attributeStatements = assertion.getAttributeStatements();
if (isUserAccountCreation(attributeStatements)) {
return new TranslatedResponseBody(
ACCOUNT_CREATION,
nameID,
levelOfAssurance,
AttributeTranslationService.translateAttributes(attributeStatements.get(0))
);
}
return new TranslatedResponseBody(SUCCESS_MATCH, nameID, levelOfAssurance, null);
}
示例11: extractLevelOfAssurance
import org.opensaml.saml.saml2.core.AuthnStatement; //导入依赖的package包/类
private LevelOfAssurance extractLevelOfAssurance(AuthnStatement authnStatement) {
String levelOfAssuranceString = ofNullable(authnStatement.getAuthnContext())
.map(AuthnContext::getAuthnContextClassRef)
.map(AuthnContextClassRef::getAuthnContextClassRef)
.orElseThrow(() -> new SamlResponseValidationException("Expected a level of assurance."));
try {
return LevelOfAssurance.fromSamlValue(levelOfAssuranceString);
} catch (Exception ex) {
throw new SamlResponseValidationException(String.format("Level of assurance '%s' is not supported.", levelOfAssuranceString));
}
}
示例12: shouldThrowExceptionWhenLevelOfAssuranceNotPresent
import org.opensaml.saml.saml2.core.AuthnStatement; //导入依赖的package包/类
@Test
public void shouldThrowExceptionWhenLevelOfAssuranceNotPresent() {
expectedException.expect(SamlResponseValidationException.class);
expectedException.expectMessage("Expected a level of assurance.");
AuthnStatement authnStatement = anAuthnStatement().withAuthnContext(
anAuthnContext().withAuthnContextClassRef(null).build())
.build();
Assertion assertion = aSignedAssertion()
.addAuthnStatement(authnStatement
).buildUnencrypted();
translator.translate(ImmutableList.of(assertion), IN_RESPONSE_TO, LEVEL_2, VERIFY_SERVICE_PROVIDER_ENTITY_ID);
}
示例13: getSessionIndex
import org.opensaml.saml.saml2.core.AuthnStatement; //导入依赖的package包/类
/**
* Searches the sessionIndex in the assertion
*
* @param subjectAssertion assertion from the response
* @return the sessionIndex if found in the assertion
*/
private final String getSessionIndex(Assertion subjectAssertion) {
List<AuthnStatement> authnStatements = subjectAssertion.getAuthnStatements();
if(authnStatements != null && authnStatements.size() > 0) {
AuthnStatement statement = authnStatements.get(0);
if(statement != null) {
return statement.getSessionIndex();
}
}
return null;
}
示例14: validateAuthenticationStatements
import org.opensaml.saml.saml2.core.AuthnStatement; //导入依赖的package包/类
/**
* Validate the given authnStatements:
* - authnInstant
* - sessionNotOnOrAfter
*
* @param authnStatements the authn statements
* @param context the context
*/
protected final void validateAuthenticationStatements(final List<AuthnStatement> authnStatements,
final SAML2MessageContext context) {
for (final AuthnStatement statement : authnStatements) {
if (!isAuthnInstantValid(statement.getAuthnInstant())) {
throw new SAMLException("Authentication issue instant is too old or in the future");
}
if (statement.getSessionNotOnOrAfter() != null && statement.getSessionNotOnOrAfter().isBeforeNow()) {
throw new SAMLException("Authentication session between IDP and subject has ended");
}
// TODO implement authnContext validation
}
}
示例15: transform
import org.opensaml.saml.saml2.core.AuthnStatement; //导入依赖的package包/类
public AuthnStatement transform(MatchingServiceAuthnStatement idaAuthnStatement) {
AuthnStatement authnStatement = openSamlXmlObjectFactory.createAuthnStatement();
AuthnContext authnContext = openSamlXmlObjectFactory.createAuthnContext();
authnContext.setAuthnContextClassRef(openSamlXmlObjectFactory.createAuthnContextClassReference(idaAuthnStatement.getAuthnContext().getUri()));
authnStatement.setAuthnContext(authnContext);
authnStatement.setAuthnInstant(DateTime.now());
return authnStatement;
}
开发者ID:alphagov,项目名称:verify-matching-service-adapter,代码行数:9,代码来源:MatchingServiceAuthnStatementToAuthnStatementTransformer.java