当前位置: 首页>>代码示例>>Java>>正文


Java Conditions类代码示例

本文整理汇总了Java中org.opensaml.saml.saml2.core.Conditions的典型用法代码示例。如果您正苦于以下问题:Java Conditions类的具体用法?Java Conditions怎么用?Java Conditions使用的例子?那么恭喜您, 这里精选的类代码示例或许可以为您提供帮助。


Conditions类属于org.opensaml.saml.saml2.core包,在下文中一共展示了Conditions类的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Java代码示例。

示例1: validate

import org.opensaml.saml.saml2.core.Conditions; //导入依赖的package包/类
public void validate(Conditions conditionsElement, String entityId) {
    if (conditionsElement == null) {
        throw new SamlResponseValidationException("Conditions is missing from the assertion.");
    }

    if (conditionsElement.getProxyRestriction() != null) {
        throw new SamlResponseValidationException("Conditions should not contain proxy restriction element.");
    }

    if (conditionsElement.getOneTimeUse() != null) {
        throw new SamlResponseValidationException("Conditions should not contain one time use element.");
    }

    DateTime notOnOrAfter = conditionsElement.getNotOnOrAfter();
    if (notOnOrAfter != null) {
        timeRestrictionValidator.validateNotOnOrAfter(notOnOrAfter);
    }

    timeRestrictionValidator.validateNotBefore(conditionsElement.getNotBefore());
    audienceRestrictionValidator.validate(conditionsElement.getAudienceRestrictions(), entityId);
}
 
开发者ID:alphagov,项目名称:verify-service-provider,代码行数:22,代码来源:ConditionsValidator.java

示例2: validateAssertionConditions

import org.opensaml.saml.saml2.core.Conditions; //导入依赖的package包/类
/**
 * Validate assertionConditions
 *  - notBefore
 *  - notOnOrAfter
 *
 * @param conditions the conditions
 * @param context the context
 */
protected final void validateAssertionConditions(final Conditions conditions, final SAML2MessageContext context) {

    if (conditions == null) {
        throw new SAMLException("Assertion conditions cannot be null");
    }

    if (conditions.getNotBefore() != null && conditions.getNotBefore().minusSeconds(acceptedSkew).isAfterNow()) {
        throw new SAMLException("Assertion condition notBefore is not valid");
    }

    if (conditions.getNotOnOrAfter() != null && conditions.getNotOnOrAfter().plusSeconds(acceptedSkew).isBeforeNow()) {
        throw new SAMLException("Assertion condition notOnOrAfter is not valid");
    }

    final String entityId = context.getSAMLSelfEntityContext().getEntityId();
    validateAudienceRestrictions(conditions.getAudienceRestrictions(), entityId);
}
 
开发者ID:yaochi,项目名称:pac4j-plus,代码行数:26,代码来源:SAML2DefaultResponseValidator.java

示例3: newConditions

import org.opensaml.saml.saml2.core.Conditions; //导入依赖的package包/类
/**
 * New conditions element.
 *
 * @param notBefore the not before
 * @param notOnOrAfter the not on or after
 * @param audienceUri the service id
 * @return the conditions
 */
public Conditions newConditions(final DateTime notBefore, final DateTime notOnOrAfter, final String audienceUri) {
    final Conditions conditions = newSamlObject(Conditions.class);
    conditions.setNotBefore(notBefore);
    conditions.setNotOnOrAfter(notOnOrAfter);

    final AudienceRestriction audienceRestriction = newSamlObject(AudienceRestriction.class);
    final Audience audience = newSamlObject(Audience.class);
    audience.setAudienceURI(audienceUri);
    audienceRestriction.getAudiences().add(audience);
    conditions.getAudienceRestrictions().add(audienceRestriction);
    return conditions;
}
 
开发者ID:hsj-xiaokang,项目名称:springboot-shiro-cas-mybatis,代码行数:21,代码来源:AbstractSaml20ObjectBuilder.java

示例4: constructSamlResponse

import org.opensaml.saml.saml2.core.Conditions; //导入依赖的package包/类
/**
 * Construct SAML response.
 * <a href="http://bit.ly/1uI8Ggu">See this reference for more info.</a>
 * @return the SAML response
 */
private String constructSamlResponse() {
    final DateTime currentDateTime = DateTime.parse(new ISOStandardDateFormat().getCurrentDateAndTime());
    final DateTime notBeforeIssueInstant = DateTime.parse("2003-04-17T00:46:02Z");

    final RegisteredService svc = this.servicesManager.findServiceBy(this);
    final String userId = svc.getUsernameAttributeProvider().resolveUsername(getPrincipal(), this);

    final org.opensaml.saml.saml2.core.Response response = BUILDER.newResponse(
            BUILDER.generateSecureRandomId(),
            currentDateTime,
            getId(), this);
    response.setStatus(BUILDER.newStatus(StatusCode.SUCCESS, null));

    final AuthnStatement authnStatement = BUILDER.newAuthnStatement(
            AuthnContext.PASSWORD_AUTHN_CTX, currentDateTime);
    final Assertion assertion = BUILDER.newAssertion(authnStatement,
            "https://www.opensaml.org/IDP",
            notBeforeIssueInstant, BUILDER.generateSecureRandomId());

    final Conditions conditions = BUILDER.newConditions(notBeforeIssueInstant,
            currentDateTime, getId());
    assertion.setConditions(conditions);

    final Subject subject = BUILDER.newSubject(NameID.EMAIL, userId,
            getId(), currentDateTime, this.requestId);
    assertion.setSubject(subject);

    response.getAssertions().add(assertion);

    final StringWriter writer = new StringWriter();
    BUILDER.marshalSamlXmlObject(response, writer);

    final String result = writer.toString();
    logger.debug("Generated Google SAML response: {}", result);
    return result;
}
 
开发者ID:hsj-xiaokang,项目名称:springboot-shiro-cas-mybatis,代码行数:42,代码来源:GoogleAccountsService.java

示例5: newConditions

import org.opensaml.saml.saml2.core.Conditions; //导入依赖的package包/类
/**
 * New conditions element.
 *
 * @param notBefore    the not before
 * @param notOnOrAfter the not on or after
 * @param audienceUri  the service id
 * @return the conditions
 */
public Conditions newConditions(final ZonedDateTime notBefore, final ZonedDateTime notOnOrAfter, final String audienceUri) {
    LOGGER.debug("Building conditions for audience [{}] that enforce not-before [{}] and not-after [{}]", audienceUri, notBefore, notOnOrAfter);
    final Conditions conditions = newSamlObject(Conditions.class);
    conditions.setNotBefore(DateTimeUtils.dateTimeOf(notBefore));
    conditions.setNotOnOrAfter(DateTimeUtils.dateTimeOf(notOnOrAfter));

    final AudienceRestriction audienceRestriction = newSamlObject(AudienceRestriction.class);
    final Audience audience = newSamlObject(Audience.class);
    audience.setAudienceURI(audienceUri);
    audienceRestriction.getAudiences().add(audience);
    conditions.getAudienceRestrictions().add(audienceRestriction);
    return conditions;
}
 
开发者ID:mrluo735,项目名称:cas-5.1.0,代码行数:22,代码来源:AbstractSaml20ObjectBuilder.java

示例6: SamlProfileSamlAssertionBuilder

import org.opensaml.saml.saml2.core.Conditions; //导入依赖的package包/类
public SamlProfileSamlAssertionBuilder(final OpenSamlConfigBean configBean,
                                       final SamlProfileObjectBuilder<AuthnStatement> samlProfileSamlAuthNStatementBuilder,
                                       final SamlProfileObjectBuilder<AttributeStatement> samlProfileSamlAttributeStatementBuilder,
                                       final SamlProfileObjectBuilder<Subject> samlProfileSamlSubjectBuilder,
                                       final SamlProfileObjectBuilder<Conditions> samlProfileSamlConditionsBuilder,
                                       final BaseSamlObjectSigner samlObjectSigner) {
    super(configBean);
    this.samlProfileSamlAuthNStatementBuilder = samlProfileSamlAuthNStatementBuilder;
    this.samlProfileSamlAttributeStatementBuilder = samlProfileSamlAttributeStatementBuilder;
    this.samlProfileSamlSubjectBuilder = samlProfileSamlSubjectBuilder;
    this.samlProfileSamlConditionsBuilder = samlProfileSamlConditionsBuilder;
    this.samlObjectSigner = samlObjectSigner;
}
 
开发者ID:mrluo735,项目名称:cas-5.1.0,代码行数:14,代码来源:SamlProfileSamlAssertionBuilder.java

示例7: build

import org.opensaml.saml.saml2.core.Conditions; //导入依赖的package包/类
@Override
public Conditions build(final AuthnRequest authnRequest, final HttpServletRequest request, final HttpServletResponse response,
                        final Assertion assertion, final SamlRegisteredService service,
                        final SamlRegisteredServiceServiceProviderMetadataFacade adaptor,
                        final String binding)
        throws SamlException {
    return buildConditions(authnRequest, assertion, service, adaptor);
}
 
开发者ID:mrluo735,项目名称:cas-5.1.0,代码行数:9,代码来源:SamlProfileSamlConditionsBuilder.java

示例8: buildConditions

import org.opensaml.saml.saml2.core.Conditions; //导入依赖的package包/类
/**
 * Build conditions conditions.
 *
 * @param authnRequest the authn request
 * @param assertion    the assertion
 * @param service      the service
 * @param adaptor      the adaptor
 * @return the conditions
 * @throws SamlException the saml exception
 */
protected Conditions buildConditions(final AuthnRequest authnRequest,
                                     final Assertion assertion,
                                     final SamlRegisteredService service,
                                     final SamlRegisteredServiceServiceProviderMetadataFacade adaptor) throws SamlException {

    final ZonedDateTime currentDateTime = ZonedDateTime.now(ZoneOffset.UTC);
    final Conditions conditions = newConditions(currentDateTime,
            currentDateTime.plusSeconds(casProperties.getAuthn().getSamlIdp().getResponse().getSkewAllowance()),
            adaptor.getEntityId());
    return conditions;
}
 
开发者ID:mrluo735,项目名称:cas-5.1.0,代码行数:22,代码来源:SamlProfileSamlConditionsBuilder.java

示例9: constructSamlResponse

import org.opensaml.saml.saml2.core.Conditions; //导入依赖的package包/类
/**
 * Construct SAML response.
 * <a href="http://bit.ly/1uI8Ggu">See this reference for more info.</a>
 *
 * @param service the service
 * @return the SAML response
 */
protected String constructSamlResponse(final GoogleAccountsService service) {
    final ZonedDateTime currentDateTime = ZonedDateTime.now(ZoneOffset.UTC);
    final ZonedDateTime notBeforeIssueInstant = ZonedDateTime.parse("2003-04-17T00:46:02Z");
    final RegisteredService registeredService = servicesManager.findServiceBy(service);
    if (registeredService == null || !registeredService.getAccessStrategy().isServiceAccessAllowed()) {
        throw new UnauthorizedServiceException(UnauthorizedServiceException.CODE_UNAUTHZ_SERVICE);
    }
    final String userId = registeredService.getUsernameAttributeProvider().resolveUsername(service.getPrincipal(), service, registeredService);

    final org.opensaml.saml.saml2.core.Response response = this.samlObjectBuilder.newResponse(
            this.samlObjectBuilder.generateSecureRandomId(), currentDateTime, null, service);
    response.setStatus(this.samlObjectBuilder.newStatus(StatusCode.SUCCESS, null));

    final String sessionIndex = '_' + String.valueOf(Math.abs(new SecureRandom().nextLong()));
    final AuthnStatement authnStatement = this.samlObjectBuilder.newAuthnStatement(AuthnContext.PASSWORD_AUTHN_CTX, currentDateTime, sessionIndex);
    final Assertion assertion = this.samlObjectBuilder.newAssertion(authnStatement, casServerPrefix,
            notBeforeIssueInstant, this.samlObjectBuilder.generateSecureRandomId());

    final Conditions conditions = this.samlObjectBuilder.newConditions(notBeforeIssueInstant,
            currentDateTime.plusSeconds(this.skewAllowance), service.getId());
    assertion.setConditions(conditions);

    final Subject subject = this.samlObjectBuilder.newSubject(NameID.EMAIL, userId,
            service.getId(), currentDateTime.plusSeconds(this.skewAllowance), service.getRequestId());
    assertion.setSubject(subject);

    response.getAssertions().add(assertion);

    final StringWriter writer = new StringWriter();
    this.samlObjectBuilder.marshalSamlXmlObject(response, writer);

    final String result = writer.toString();
    LOGGER.debug("Generated Google SAML response: [{}]", result);
    return result;
}
 
开发者ID:mrluo735,项目名称:cas-5.1.0,代码行数:43,代码来源:GoogleAccountsServiceResponseBuilder.java

示例10: shouldValidateAssertionConditions

import org.opensaml.saml.saml2.core.Conditions; //导入依赖的package包/类
@Test
public void shouldValidateAssertionConditions() {
    Conditions conditions = mock(Conditions.class);
    when(assertion.getConditions()).thenReturn(conditions);

    validator.validate(assertion, "any-expected-in-response-to", "some-entity-id");

    verify(conditionsValidator).validate(conditions, "some-entity-id");
}
 
开发者ID:alphagov,项目名称:verify-service-provider,代码行数:10,代码来源:AssertionValidatorTest.java

示例11: setUp

import org.opensaml.saml.saml2.core.Conditions; //导入依赖的package包/类
@Before
public void setUp() {
    timeRestrictionValidator = mock(TimeRestrictionValidator.class);
    audienceRestrictionValidator = mock(AudienceRestrictionValidator.class);
    conditions = mock(Conditions.class);

    validator = new ConditionsValidator(timeRestrictionValidator, audienceRestrictionValidator);

    IdaSamlBootstrap.bootstrap();
}
 
开发者ID:alphagov,项目名称:verify-service-provider,代码行数:11,代码来源:ConditionsValidatorTest.java

示例12: retrieveUserProfile

import org.opensaml.saml.saml2.core.Conditions; //导入依赖的package包/类
@Override
protected SAML2Profile retrieveUserProfile(final SAML2Credentials credentials, final WebContext context) throws HttpAction {
    final SAML2Profile profile = new SAML2Profile();
    profile.setId(credentials.getNameId().getValue());
    profile.addAttribute("sessionindex", credentials.getSessionIndex());
    for (final Attribute attribute : credentials.getAttributes()) {
        logger.debug("Processing profile attribute {}", attribute);

        final List<String> values = new ArrayList<String>();
        for (final XMLObject attributeValue : attribute.getAttributeValues()) {
            final Element attributeValueElement = attributeValue.getDOM();
            if (attributeValueElement != null) {
                final String value = attributeValueElement.getTextContent();
                logger.debug("Adding attribute value {} for attribute {}", value,
                        attribute.getFriendlyName());
                values.add(value);
            } else {
                logger.warn("Attribute value DOM element is null for {}", attribute);
            }
        }

        if (!values.isEmpty()) {
            profile.addAttribute(attribute.getName(), values);
        } else {
            logger.debug("No attribute values found for {}", attribute.getName());
        }
    }
    
    // Retrieve conditions attributes
    Conditions conditions = credentials.getConditions(); 
    if (conditions != null) {            
        profile.addAttribute(SAML_CONDITION_NOT_BEFORE_ATTRIBUTE, conditions.getNotBefore());
        profile.addAttribute(SAML_CONDITION_NOT_ON_OR_AFTER_ATTRIBUTE, conditions.getNotOnOrAfter());
    }

    return profile;
}
 
开发者ID:yaochi,项目名称:pac4j-plus,代码行数:38,代码来源:SAML2Client.java

示例13: SAML2Credentials

import org.opensaml.saml.saml2.core.Conditions; //导入依赖的package包/类
public SAML2Credentials(final NameID nameId, final List<Attribute> attributes, final Conditions conditions,
                        final String clientName, final String sessionIndex) {
    this.nameId = nameId;
    this.sessionIndex = sessionIndex;
    this.attributes = attributes;
    this.conditions = conditions;
    setClientName(clientName);
}
 
开发者ID:yaochi,项目名称:pac4j-plus,代码行数:9,代码来源:SAML2Credentials.java

示例14: apply

import org.opensaml.saml.saml2.core.Conditions; //导入依赖的package包/类
public Assertion apply(MatchingServiceAssertion originalAssertion) {

        Assertion transformedAssertion = openSamlXmlObjectFactory.createAssertion();
        transformedAssertion.setIssueInstant(originalAssertion.getIssueInstant());

        Issuer transformedIssuer = openSamlXmlObjectFactory.createIssuer(originalAssertion.getIssuerId());
        transformedAssertion.setIssuer(transformedIssuer);
        transformedAssertion.setID(originalAssertion.getId());

        Subject subject = outboundAssertionToSubjectTransformer.transform(originalAssertion);
        transformedAssertion.setSubject(subject);

        MatchingServiceAuthnStatement authnStatement = originalAssertion.getAuthnStatement();

        transformedAssertion.getAuthnStatements().add(matchingServiceAuthnStatementToAuthnStatementTransformer.transform(authnStatement));

        Conditions conditions = openSamlXmlObjectFactory.createConditions();
        AudienceRestriction audienceRestriction = openSamlXmlObjectFactory.createAudienceRestriction(originalAssertion.getAudience());
        conditions.getAudienceRestrictions().add(audienceRestriction);
        transformedAssertion.setConditions(conditions);

        List<Attribute> userAttributesForAccountCreation = originalAssertion.getUserAttributesForAccountCreation();
        if (!userAttributesForAccountCreation.isEmpty()) {
            addAttributes(transformedAssertion, userAttributesForAccountCreation);
        }


        return transformedAssertion;
    }
 
开发者ID:alphagov,项目名称:verify-matching-service-adapter,代码行数:30,代码来源:MatchingServiceAssertionToAssertionTransformer.java

示例15: ConditionsValidator

import org.opensaml.saml.saml2.core.Conditions; //导入依赖的package包/类
public ConditionsValidator(final Function<T, Conditions> valueProvider, final String audienceUri) {
    super(
        true,
        valueProvider,
        new RequiredValidator<>(DEFAULT_REQUIRED_MESSAGE),
        new FixedErrorValidator<>(conditions -> conditions.getNotBefore() == null && conditions.getNotOnOrAfter() == null, DEFAULT_NOT_BEFORE_AND_NOT_ON_OR_AFTER_ARE_MISSING_MESSAGE),
        new CompositeValidator<>(
            conditions -> conditions.getNotBefore() != null && conditions.getNotOnOrAfter() != null,
            false,
            new FixedErrorValidator<>(conditions -> conditions.getNotOnOrAfter().isBefore(conditions.getNotOnOrAfter()) || conditions.getNotOnOrAfter().isEqual(conditions.getNotBefore()), DEFAULT_NOT_BEFORE_MUST_BE_LESS_THAN_NOT_ON_OR_AFTER_TIME_MESSAGE)
        ),
        new CompositeValidator<>(
            conditions -> conditions.getNotBefore() != null,
            false,
            new FixedErrorValidator<>(conditions -> DateTime.now(DateTimeZone.UTC).isBefore(conditions.getNotBefore()), DEFAULT_CURRENT_TIME_BEFORE_VALID_TIME_MESSAGE)
        ),
        new CompositeValidator<>(
            conditions -> conditions.getNotOnOrAfter() != null,
            false,
            new FixedErrorValidator<>(conditions -> DateTime.now(DateTimeZone.UTC).isAfter(conditions.getNotOnOrAfter()) || DateTime.now(DateTimeZone.UTC).isEqual(conditions.getNotOnOrAfter()), DEFAULT_CURRENT_TIME_IS_ON_AND_AFTER_VALID_TIME_MESSAGE)
        ),
        new CompositeValidator<>(
            true,
            new FixedErrorValidator<>(conditions -> conditions.getAudienceRestrictions().size() != 1, DEFAULT_CONDITIONS_MUST_CONTAIN_ONE_AUDIENCE_RESTRICTION_MESSAGE),
            new AudienceRestrictionValidator<>(conditions -> conditions.getAudienceRestrictions().get(0), audienceUri)
        )
    );
}
 
开发者ID:alphagov,项目名称:verify-matching-service-adapter,代码行数:29,代码来源:ConditionsValidator.java


注:本文中的org.opensaml.saml.saml2.core.Conditions类示例由纯净天空整理自Github/MSDocs等开源代码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。