本文整理汇总了Java中org.opensaml.saml2.core.Assertion类的典型用法代码示例。如果您正苦于以下问题:Java Assertion类的具体用法?Java Assertion怎么用?Java Assertion使用的例子?那么恭喜您, 这里精选的类代码示例或许可以为您提供帮助。
Assertion类属于org.opensaml.saml2.core包,在下文中一共展示了Assertion类的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Java代码示例。
示例1: buildResponse
import org.opensaml.saml2.core.Assertion; //导入依赖的package包/类
protected WebRequestSettings buildResponse(String status, int assuranceLevel) throws Exception {
Document document = TestHelper.parseBase64Encoded(Utils.getParameter("SAMLRequest", handler.url.toString()));
AuthnRequest ar = (AuthnRequest) Configuration.getUnmarshallerFactory().getUnmarshaller(document.getDocumentElement()).unmarshall(document.getDocumentElement());
Assertion assertion = TestHelper.buildAssertion(spMetadata.getDefaultAssertionConsumerService().getLocation(), spMetadata.getEntityID());
assertion.getAttributeStatements().get(0).getAttributes().clear();
assertion.getAttributeStatements().get(0).getAttributes().add(AttributeUtil.createAssuranceLevel(assuranceLevel));
Response r = TestHelper.buildResponse(assertion);
r.setStatus(SAMLUtil.createStatus(status));
r.setInResponseTo(ar.getID());
OIOResponse response = new OIOResponse(r);
response.sign(credential);
WebRequestSettings req = new WebRequestSettings(new URL(BASE + "/saml/SAMLAssertionConsumer"), SubmitMethod.POST);
req.setRequestParameters(Arrays.asList(
new NameValuePair("SAMLResponse", response.toBase64()),
new NameValuePair("RelayState", Utils.getParameter("RelayState", handler.url.toString()))));
return req;
}
示例2: validateSubject
import org.opensaml.saml2.core.Assertion; //导入依赖的package包/类
/**
* Checks that the Subject element is present when required.
*
* @param assertion
* @throws ValidationException
*/
protected void validateSubject(Assertion assertion) throws ValidationException {
if ((assertion.getStatements() == null || assertion.getStatements().size() == 0)
&& (assertion.getAuthnStatements() == null || assertion.getAuthnStatements().size() == 0)
&& (assertion.getAttributeStatements() == null || assertion.getAttributeStatements().size() == 0)
&& (assertion.getAuthzDecisionStatements() == null || assertion.getAuthzDecisionStatements().size() == 0)
&& assertion.getSubject() == null) {
throw new ValidationException("Subject is required when Statements are absent");
}
if (assertion.getAuthnStatements().size() > 0 && assertion.getSubject() == null) {
throw new ValidationException("Assertions containing AuthnStatements require a Subject");
}
if (assertion.getAuthzDecisionStatements().size() > 0 && assertion.getSubject() == null) {
throw new ValidationException("Assertions containing AuthzDecisionStatements require a Subject");
}
if (assertion.getAttributeStatements().size() > 0 && assertion.getSubject() == null) {
throw new ValidationException("Assertions containing AttributeStatements require a Subject");
}
}
示例3: processChildElement
import org.opensaml.saml2.core.Assertion; //导入依赖的package包/类
/** {@inheritDoc} */
protected void processChildElement(XMLObject parentObject, XMLObject childObject) throws UnmarshallingException {
Assertion assertion = (Assertion) parentObject;
if (childObject instanceof Issuer) {
assertion.setIssuer((Issuer) childObject);
} else if (childObject instanceof Signature) {
assertion.setSignature((Signature) childObject);
} else if (childObject instanceof Subject) {
assertion.setSubject((Subject) childObject);
} else if (childObject instanceof Conditions) {
assertion.setConditions((Conditions) childObject);
} else if (childObject instanceof Advice) {
assertion.setAdvice((Advice) childObject);
} else if (childObject instanceof Statement) {
assertion.getStatements().add((Statement) childObject);
} else {
super.processChildElement(parentObject, childObject);
}
}
示例4: processAttribute
import org.opensaml.saml2.core.Assertion; //导入依赖的package包/类
/** {@inheritDoc} */
protected void processAttribute(XMLObject samlObject, Attr attribute) throws UnmarshallingException {
Assertion assertion = (Assertion) samlObject;
if (attribute.getLocalName().equals(Assertion.VERSION_ATTRIB_NAME)) {
assertion.setVersion(SAMLVersion.valueOf(attribute.getValue()));
} else if (attribute.getLocalName().equals(Assertion.ISSUE_INSTANT_ATTRIB_NAME)
&& !DatatypeHelper.isEmpty(attribute.getValue())) {
assertion.setIssueInstant(new DateTime(attribute.getValue(), ISOChronology.getInstanceUTC()));
} else if (attribute.getLocalName().equals(Assertion.ID_ATTRIB_NAME)) {
assertion.setID(attribute.getValue());
attribute.getOwnerElement().setIdAttributeNode(attribute, true);
} else {
super.processAttribute(samlObject, attribute);
}
}
示例5: processChildElement
import org.opensaml.saml2.core.Assertion; //导入依赖的package包/类
/** {@inheritDoc} */
protected void processChildElement(XMLObject parentObject, XMLObject childObject) throws UnmarshallingException {
Evidence evidence = (Evidence) parentObject;
if (childObject instanceof AssertionIDRef) {
evidence.getAssertionIDReferences().add((AssertionIDRef) childObject);
} else if (childObject instanceof AssertionURIRef) {
evidence.getAssertionURIReferences().add((AssertionURIRef) childObject);
} else if (childObject instanceof Assertion) {
evidence.getAssertions().add((Assertion) childObject);
} else if (childObject instanceof EncryptedAssertion) {
evidence.getEncryptedAssertions().add((EncryptedAssertion) childObject);
} else {
super.processChildElement(parentObject, childObject);
}
}
示例6: marshallAttributes
import org.opensaml.saml2.core.Assertion; //导入依赖的package包/类
/** {@inheritDoc} */
protected void marshallAttributes(XMLObject samlObject, Element domElement) throws MarshallingException {
Assertion assertion = (Assertion) samlObject;
if (assertion.getVersion() != null) {
domElement.setAttributeNS(null, Assertion.VERSION_ATTRIB_NAME, assertion.getVersion().toString());
}
if (assertion.getIssueInstant() != null) {
String issueInstantStr = Configuration.getSAMLDateFormatter().print(assertion.getIssueInstant());
domElement.setAttributeNS(null, Assertion.ISSUE_INSTANT_ATTRIB_NAME, issueInstantStr);
}
if (assertion.getID() != null) {
domElement.setAttributeNS(null, Assertion.ID_ATTRIB_NAME, assertion.getID());
domElement.setIdAttributeNS(null, Assertion.ID_ATTRIB_NAME, true);
}
}
示例7: validateAssertion
import org.opensaml.saml2.core.Assertion; //导入依赖的package包/类
private void validateAssertion(Response response) throws SamlException {
if (response.getAssertions().size() != 1) {
throw new SamlException("The response doesn't contain exactly 1 assertion");
}
Assertion assertion = response.getAssertions().get(0);
if (!assertion.getIssuer().getValue().equals(responseIssuer)) {
throw new SamlException("The assertion issuer didn't match the expected value");
}
if (assertion.getSubject().getNameID() == null) {
throw new SamlException(
"The NameID value is missing from the SAML response; this is likely an IDP configuration issue");
}
enforceConditions(assertion.getConditions());
}
示例8: createLogoutRequest
import org.opensaml.saml2.core.Assertion; //导入依赖的package包/类
@SuppressWarnings("unchecked")
public LogoutRequest createLogoutRequest(Response resp) {
LogoutRequest lr = ((SAMLObjectBuilder<LogoutRequest>)
_bf.getBuilder(LogoutRequest.DEFAULT_ELEMENT_NAME)).buildObject();
String uid = UUID.randomUUID().toString();
lr.setID(uid);
lr.setIssueInstant(new DateTime());
lr.setVersion(SAMLVersion.VERSION_20);
lr.setIssuer(getIssuer());
// Get NameID and SessionIndex from first assertion from
// Authentication Response object
Assertion asr = resp.getAssertions().get(0);
NameID nid = ((SAMLObjectBuilder<NameID>)
_bf.getBuilder(NameID.DEFAULT_ELEMENT_NAME)).buildObject();
nid.setValue(asr.getSubject().getNameID().getValue());
lr.setNameID(nid);
// Set session index(es)
List<AuthnStatement> ausl = asr.getAuthnStatements();
if (ausl != null) {
for (AuthnStatement aus :ausl) {
SessionIndex sindex = ((SAMLObjectBuilder<SessionIndex>)
_bf.getBuilder(SessionIndex.DEFAULT_ELEMENT_NAME)).buildObject();
sindex.setSessionIndex(aus.getSessionIndex());
lr.getSessionIndexes().add(sindex);
}
}
return lr;
}
示例9: getAssertionStatements
import org.opensaml.saml2.core.Assertion; //导入依赖的package包/类
private Map<String, String> getAssertionStatements(Assertion assertion) {
Map<String, String> results = new HashMap<String, String>();
if (assertion != null && assertion.getAttributeStatements() != null) {
List<AttributeStatement> attributeStatementList = assertion.getAttributeStatements();
for (AttributeStatement statement : attributeStatementList) {
List<Attribute> attributesList = statement.getAttributes();
for (Attribute attribute : attributesList) {
List<String> valueList = new ArrayList<>();
for (XMLObject xmlObject : attribute.getAttributeValues()) {
valueList.add(xmlObject.getDOM().getTextContent());
}
String value = StringUtils.join(valueList, ",");
results.put(attribute.getName(), value);
}
}
}
return results;
}
示例10: validateSignature
import org.opensaml.saml2.core.Assertion; //导入依赖的package包/类
/**
* Validate the signature of a SAML2 Response and Assertion
*
* @param response SAML2 Response
* @return true, if signature is valid.
*/
protected void validateSignature(Response response, Assertion assertion) throws SSOAgentException {
if (SSOAgentDataHolder.getInstance().getSignatureValidator() != null) {
//Custom implemetation of signature validation
SAMLSignatureValidator signatureValidatorUtility = (SAMLSignatureValidator) SSOAgentDataHolder
.getInstance().getSignatureValidator();
signatureValidatorUtility.validateSignature(response, assertion, ssoAgentConfig);
} else {
//If custom implementation not found, Execute the default implementation
if (ssoAgentConfig.getSAML2().isResponseSigned()) {
if (response.getSignature() == null) {
throw new SSOAgentException("SAML2 Response signing is enabled, but signature element not found in SAML2 Response element");
} else {
validateSignature(response.getSignature());
}
}
if (ssoAgentConfig.getSAML2().isAssertionSigned()) {
if (assertion.getSignature() == null) {
throw new SSOAgentException("SAML2 Assertion signing is enabled, but signature element not found in SAML2 Assertion element");
} else {
validateSignature(assertion.getSignature());
}
}
}
}
示例11: validateAssertionValidityPeriod
import org.opensaml.saml2.core.Assertion; //导入依赖的package包/类
/**
* Validates the 'Not Before' and 'Not On Or After' conditions of the SAML Assertion
*
* @param assertion SAML Assertion element
* @throws SSOAgentException
*/
private void validateAssertionValidityPeriod(Assertion assertion) throws SSOAgentException {
if (assertion.getConditions() != null) {
int timeStampSkewInSeconds = ssoAgentConfig.getSAML2().getTimeStampSkewInSeconds();
DateTime validFrom = assertion.getConditions().getNotBefore();
DateTime validTill = assertion.getConditions().getNotOnOrAfter();
if (validFrom != null && validFrom.minusSeconds(timeStampSkewInSeconds).isAfterNow()) {
throw new SSOAgentException("Failed to meet SAML Assertion Condition 'Not Before'");
}
if (validTill != null && validTill.plusSeconds(timeStampSkewInSeconds).isBeforeNow()) {
throw new SSOAgentException("Failed to meet SAML Assertion Condition 'Not On Or After'");
}
if (validFrom != null && validTill != null && validFrom.isAfter(validTill)) {
throw new SSOAgentException(
"SAML Assertion Condition 'Not Before' must be less than the value of 'Not On Or After'");
}
}
}
示例12: readObject
import org.opensaml.saml2.core.Assertion; //导入依赖的package包/类
private void readObject(java.io.ObjectInputStream stream)
throws IOException, ClassNotFoundException, SSOAgentException {
subjectId = (String) stream.readObject();
responseString = (String) stream.readObject();
if (responseString != null && !EMPTY_STRING.equals(responseString)) {
response = (Response) SSOAgentUtils.unmarshall(responseString);
}
assertionString = (String) stream.readObject();
if (responseString != null && !EMPTY_STRING.equals(assertionString)) {
assertion = (Assertion) SSOAgentUtils.unmarshall(assertionString);
}
sessionIndex = (String) stream.readObject();
String accessTokenResponseBeanString = (String) stream.readObject();
if (!EMPTY_STRING.equals(accessTokenResponseBeanString)) {
accessTokenResponseBean = accessTokenResponseBean.deSerialize(accessTokenResponseBeanString);
} else {
accessTokenResponseBean = null;
}
subjectAttributes = (Map) stream.readObject();
}
示例13: printAssertion
import org.opensaml.saml2.core.Assertion; //导入依赖的package包/类
public static void printAssertion(Assertion assertion) {
System.out.println("Attributes:");
if (assertion.getAttributeStatements().isEmpty()) {
System.out.println(" No attribute statement available in assertion");
}
else {
AttributeStatement as = assertion.getAttributeStatements().get(0);
for (Attribute attr : as.getAttributes()) {
System.out.println(" " + attr.getName());
}
}
// TODO
}
示例14: getCredential
import org.opensaml.saml2.core.Assertion; //导入依赖的package包/类
private static Assertion getCredential(Subject subject) {
for (Object o : subject.getPublicCredentials()) {
if (o instanceof XMLStreamReader) {
String xml = printCredential((XMLStreamReader) o);
try {
XMLObject obj = SAMLUtil.unmarshallElementFromString(xml);
if (obj instanceof Assertion) {
return (Assertion) obj;
}
} catch (Exception e) {
log.error("Unable to unmarshall subject: " + xml, e);
}
}
}
throw new RuntimeException("No assertion in principal");
}
示例15: tokensCanBeReplacedWhenNotProtected
import org.opensaml.saml2.core.Assertion; //导入依赖的package包/类
@Test
public void tokensCanBeReplacedWhenNotProtected() throws Exception {
serviceClient.setToken(client.getToken());
serviceClient.setProtectTokens(false);
SOAPClientStub soapClient = new SOAPClientStub();
serviceClient.setSOAPClient(soapClient);
serviceClient.sendRequest(req, getProperty("endpoint"), getProperty("action"), null, null);
Element env = SAMLUtil.loadElementFromString(soapClient.xml);
NodeList nl = env.getElementsByTagNameNS(TrustConstants.WSSE_NS, "KeyIdentifier");
for (int i = 0; i < nl.getLength(); i++) {
Element item = (Element) nl.item(i);
item.setTextContent(token.getID());
}
Element a = (Element) env.getElementsByTagNameNS(Assertion.TYPE_NAME.getNamespaceURI(), "Assertion").item(0);
Node localToken = a.getOwnerDocument().adoptNode(token.getDOM());
a.getParentNode().replaceChild(localToken, a);
new HttpSOAPClient().wsCall(getProperty("endpoint"), null, null, true, XMLHelper.nodeToString(env), getProperty("action"));
}