本文整理汇总了Java中org.opensaml.saml2.core.NameID.setFormat方法的典型用法代码示例。如果您正苦于以下问题:Java NameID.setFormat方法的具体用法?Java NameID.setFormat怎么用?Java NameID.setFormat使用的例子?那么恭喜您, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在类org.opensaml.saml2.core.NameID的用法示例。
在下文中一共展示了NameID.setFormat方法的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Java代码示例。
示例1: buildLogoutRequest
import org.opensaml.saml2.core.NameID; //导入方法依赖的package包/类
protected LogoutRequest buildLogoutRequest(String user, String sessionIdx) throws SSOAgentException {
LogoutRequest logoutReq = new LogoutRequestBuilder().buildObject();
logoutReq.setID(SSOAgentUtils.createID());
logoutReq.setDestination(ssoAgentConfig.getSAML2().getIdPURL());
DateTime issueInstant = new DateTime();
logoutReq.setIssueInstant(issueInstant);
logoutReq.setNotOnOrAfter(new DateTime(issueInstant.getMillis() + 5 * 60 * 1000));
IssuerBuilder issuerBuilder = new IssuerBuilder();
Issuer issuer = issuerBuilder.buildObject();
issuer.setValue(ssoAgentConfig.getSAML2().getSPEntityId());
logoutReq.setIssuer(issuer);
NameID nameId = new NameIDBuilder().buildObject();
nameId.setFormat("urn:oasis:names:tc:SAML:2.0:nameid-format:entity");
nameId.setValue(user);
logoutReq.setNameID(nameId);
SessionIndex sessionIndex = new SessionIndexBuilder().buildObject();
sessionIndex.setSessionIndex(sessionIdx);
logoutReq.getSessionIndexes().add(sessionIndex);
logoutReq.setReason("Single Logout");
return logoutReq;
}
示例2: buildLogoutRequest
import org.opensaml.saml2.core.NameID; //导入方法依赖的package包/类
/**
* Generate a new LogoutRequest.
*
* @param session The session containing the active assertion.
* @param logoutServiceLocation Destination for the logout request.
* @param issuerEntityId Entity ID of the issuing entity.
*/
@SuppressWarnings("deprecation")
public static OIOLogoutRequest buildLogoutRequest(HttpSession session, String logoutServiceLocation, String issuerEntityId, SessionHandler handler) {
LogoutRequest logoutRequest = new LogoutRequestBuilder().buildObject();
logoutRequest.setID(Utils.generateUUID());
logoutRequest.setIssueInstant(new DateTime(DateTimeZone.UTC));
logoutRequest.addNamespace(OIOSAMLConstants.SAML20_NAMESPACE);
logoutRequest.setDestination(logoutServiceLocation);
logoutRequest.setReason("urn:oasis:names:tc:SAML:2.0:logout:user");
logoutRequest.setIssuer(SAMLUtil.createIssuer(issuerEntityId));
OIOAssertion assertion = handler.getAssertion(session.getId());
if (assertion != null) {
NameID nameID = SAMLUtil.createNameID(assertion.getSubjectNameIDValue());
nameID.setFormat(assertion.getAssertion().getSubject().getNameID().getFormat());
logoutRequest.setNameID(nameID);
SessionIndex sessionIndex = new SessionIndexBuilder().buildObject();
logoutRequest.getSessionIndexes().add(sessionIndex);
sessionIndex.setSessionIndex(assertion.getSessionIndex());
}
try {
if (log.isDebugEnabled()) {
log.debug("Validate the logoutRequest...");
}
logoutRequest.validate(true);
if (log.isDebugEnabled()) {
log.debug("...OK");
}
} catch (ValidationException e) {
throw new WrappedException(Layer.CLIENT, e);
}
return new OIOLogoutRequest(logoutRequest);
}
示例3: makeEmailFormatName
import org.opensaml.saml2.core.NameID; //导入方法依赖的package包/类
public static NameID makeEmailFormatName(final String subjectNameId, final String subjectNameIdFormat, final String subjectNameIdQualifier) {
NameID nameID = (new NameIDBuilder().buildObject());
if (subjectNameIdFormat.equals("email")) {
nameID.setFormat(NameIDType.EMAIL);
} else if (subjectNameIdFormat.equals("unspecified")) {
nameID.setFormat(NameIDType.UNSPECIFIED);
} else {
throw new IllegalArgumentException("subjectNameIdFormat must be 'email' or 'unspecified'.");
}
if (subjectNameIdQualifier != null) {
nameID.setNameQualifier(subjectNameIdQualifier);
}
nameID.setValue(subjectNameId);
return nameID;
}
示例4: buildLogoutRequest
import org.opensaml.saml2.core.NameID; //导入方法依赖的package包/类
/**
* Build the logout request
*
* @param subject name of the user
* @param reason reason for generating logout request.
* @return LogoutRequest object
* @throws Exception
*/
public LogoutRequest buildLogoutRequest(String subject, String reason, String sessionIndexStr) throws Exception {
log.info("Building logout request");
Util.doBootstrap();
LogoutRequest logoutReq = new org.opensaml.saml2.core.impl.LogoutRequestBuilder().buildObject();
logoutReq.setID(Util.createID());
logoutReq.setDestination(Util.getIdentityProviderSSOServiceURL());
DateTime issueInstant = new DateTime();
logoutReq.setIssueInstant(issueInstant);
logoutReq.setNotOnOrAfter(new DateTime(issueInstant.getMillis() + 5 * 60 * 1000));
IssuerBuilder issuerBuilder = new IssuerBuilder();
Issuer issuer = issuerBuilder.buildObject();
issuer.setValue(Util.getServiceProviderId());
logoutReq.setIssuer(issuer);
NameID nameId = new NameIDBuilder().buildObject();
nameId.setFormat(SAML2SSOAuthenticatorConstants.SAML2_NAME_ID_POLICY_TRANSIENT);
nameId.setValue(subject);
logoutReq.setNameID(nameId);
SessionIndex sessionIndex = new SessionIndexBuilder().buildObject();
sessionIndex.setSessionIndex(sessionIndexStr);
logoutReq.getSessionIndexes().add(sessionIndex);
logoutReq.setReason(reason);
Util.setSignature(logoutReq, XMLSignature.ALGO_ID_SIGNATURE_RSA, new SignKeyDataHolder());
return logoutReq;
}
示例5: buildAuthenticationRequest
import org.opensaml.saml2.core.NameID; //导入方法依赖的package包/类
/**
* Generate an authentication request with passive support.
*
* @return AuthnRequest Object
* @throws Exception
*/
public AuthnRequest buildAuthenticationRequest(String subjectName, String nameIdPolicyFormat, boolean isPassive)
throws Exception {
if (log.isDebugEnabled()) {
log.debug("Building Authentication Request");
}
Util.doBootstrap();
AuthnRequest authnRequest = (AuthnRequest) Util
.buildXMLObject(AuthnRequest.DEFAULT_ELEMENT_NAME);
authnRequest.setID(Util.createID());
authnRequest.setVersion(SAMLVersion.VERSION_20);
authnRequest.setIssueInstant(new DateTime());
authnRequest.setIssuer(buildIssuer());
authnRequest.setNameIDPolicy(buildNameIDPolicy(nameIdPolicyFormat));
authnRequest.setIsPassive(isPassive);
authnRequest.setDestination(Util.getIdentityProviderSSOServiceURL());
String acs = Util.getAssertionConsumerServiceURL();
if (acs != null && acs.trim().length() > 0) {
authnRequest.setAssertionConsumerServiceURL(acs);
} else {
authnRequest.setAssertionConsumerServiceURL(CarbonUIUtil.getAdminConsoleURL("").replace("carbon/", "acs"));
}
if (subjectName != null) {
Subject subject = new SubjectBuilder().buildObject();
NameID nameId = new NameIDBuilder().buildObject();
nameId.setValue(subjectName);
nameId.setFormat(NameIdentifier.EMAIL);
subject.setNameID(nameId);
authnRequest.setSubject(subject);
}
Util.setSignature(authnRequest, XMLSignature.ALGO_ID_SIGNATURE_RSA, new SignKeyDataHolder());
return authnRequest;
}
示例6: testSingleElementOptionalAttributesMarshall
import org.opensaml.saml2.core.NameID; //导入方法依赖的package包/类
/** {@inheritDoc} */
public void testSingleElementOptionalAttributesMarshall() {
QName qname = new QName(SAMLConstants.SAML20_NS, NameID.DEFAULT_ELEMENT_LOCAL_NAME, SAMLConstants.SAML20_PREFIX);
NameID nameID = (NameID) buildXMLObject(qname);
nameID.setValue(expectedName);
nameID.setNameQualifier(expectedNameQualifier);
nameID.setSPNameQualifier(expectedSPNameQualifier);
nameID.setFormat(expectedFormat);
nameID.setSPProvidedID(expectedSPID);
assertEquals(expectedOptionalAttributesDOM, nameID);
}
示例7: buildLogoutRequest
import org.opensaml.saml2.core.NameID; //导入方法依赖的package包/类
/**
* Build the logout request
* @param subject name of the user
* @param reason reason for generating logout request.
* @return LogoutRequest object
*/
public LogoutRequest buildLogoutRequest(String subject,String sessionIndexId, String reason,
String issuerId) {
Util.doBootstrap();
LogoutRequest logoutReq = new org.opensaml.saml2.core.impl.LogoutRequestBuilder().buildObject();
logoutReq.setID(Util.createID());
DateTime issueInstant = new DateTime();
logoutReq.setIssueInstant(issueInstant);
logoutReq.setNotOnOrAfter(new DateTime(issueInstant.getMillis() + 5 * 60 * 1000));
IssuerBuilder issuerBuilder = new IssuerBuilder();
Issuer issuer = issuerBuilder.buildObject();
issuer.setValue(issuerId);
logoutReq.setIssuer(issuer);
NameID nameId = new NameIDBuilder().buildObject();
nameId.setFormat(SSOConstants.SAML2_NAME_ID_POLICY);
nameId.setValue(subject);
logoutReq.setNameID(nameId);
SessionIndex sessionIndex = new SessionIndexBuilder().buildObject();
sessionIndex.setSessionIndex(sessionIndexId);
logoutReq.getSessionIndexes().add(sessionIndex);
logoutReq.setReason(reason);
return logoutReq;
}
示例8: createSubject
import org.opensaml.saml2.core.NameID; //导入方法依赖的package包/类
private Subject createSubject(final String subjectId, final Integer samlAssertionDays) {
DateTime currentDate = new DateTime();
if (samlAssertionDays != null)
currentDate = currentDate.plusDays(samlAssertionDays);
// create name element
NameIDBuilder nameIdBuilder = new NameIDBuilder();
NameID nameId = nameIdBuilder.buildObject();
nameId.setValue(subjectId);
nameId.setFormat("urn:oasis:names:tc:SAML:2.0:nameid-format:persistent");
SubjectConfirmationDataBuilder dataBuilder = new SubjectConfirmationDataBuilder();
SubjectConfirmationData subjectConfirmationData = dataBuilder.buildObject();
subjectConfirmationData.setNotOnOrAfter(currentDate);
SubjectConfirmationBuilder subjectConfirmationBuilder = new SubjectConfirmationBuilder();
SubjectConfirmation subjectConfirmation = subjectConfirmationBuilder.buildObject();
subjectConfirmation.setMethod("urn:oasis:names:tc:SAML:2.0:cm:bearer");
subjectConfirmation.setSubjectConfirmationData(subjectConfirmationData);
// create subject element
SubjectBuilder subjectBuilder = new SubjectBuilder();
Subject subject = subjectBuilder.buildObject();
subject.setNameID(nameId);
subject.getSubjectConfirmations().add(subjectConfirmation);
return subject;
}
示例9: buildMockResponse
import org.opensaml.saml2.core.NameID; //导入方法依赖的package包/类
private Response buildMockResponse() throws Exception {
Response samlMessage = new ResponseBuilder().buildObject();
samlMessage.setID("foo");
samlMessage.setVersion(SAMLVersion.VERSION_20);
samlMessage.setIssueInstant(new DateTime(0));
Issuer issuer = new IssuerBuilder().buildObject();
issuer.setValue("MockedIssuer");
samlMessage.setIssuer(issuer);
Status status = new StatusBuilder().buildObject();
StatusCode statusCode = new StatusCodeBuilder().buildObject();
statusCode.setValue(StatusCode.SUCCESS_URI);
status.setStatusCode(statusCode);
samlMessage.setStatus(status);
Assertion assertion = new AssertionBuilder().buildObject();
Subject subject = new SubjectBuilder().buildObject();
NameID nameID = new NameIDBuilder().buildObject();
nameID.setValue("SOME-UNIQUE-ID");
nameID.setFormat(NameIDType.PERSISTENT);
subject.setNameID(nameID);
assertion.setSubject(subject);
AuthnStatement authnStatement = new AuthnStatementBuilder().buildObject();
authnStatement.setSessionIndex("Some Session String");
assertion.getAuthnStatements().add(authnStatement);
AttributeStatement attributeStatement = new AttributeStatementBuilder().buildObject();
assertion.getAttributeStatements().add(attributeStatement);
samlMessage.getAssertions().add(assertion);
return samlMessage;
}
示例10: buildAssertion
import org.opensaml.saml2.core.NameID; //导入方法依赖的package包/类
private Assertion buildAssertion() throws NoSuchAlgorithmException, IllegalAccessException, KeyStoreException, java.security.cert.CertificateException,
SignatureException, MarshallingException, CertificateException, IOException, SecurityException, MetadataProviderException {
SecureRandomIdentifierGenerator idGenerator = new SecureRandomIdentifierGenerator();
Assertion assertion = buildXMLObjectDefaultName(Assertion.class);
Issuer issuer = buildXMLObjectDefaultName(Issuer.class);
issuer.setValue(MockIDPProperties.getIdpEntityId());
assertion.setIssuer(issuer);
assertion.setIssueInstant(new DateTime());
assertion.setID(idGenerator.generateIdentifier());
Subject subject = buildXMLObjectDefaultName(Subject.class);
assertion.setSubject(subject);
NameID nameID = buildXMLObjectDefaultName(NameID.class);
nameID.setFormat(NameIDType.TRANSIENT);
nameID.setValue("5VkzP/MZ1PMJ62o45/7DdFms9y7K");
nameID.setSPNameQualifier("steras-openam");
nameID.setNameQualifier("FakeIdP");
subject.setNameID(nameID);
subject.getSubjectConfirmations().add(buildSubjectConfirmation());
assertion.setConditions(buildConditions());
assertion.getAttributeStatements().add(buildAttributeStatement());
assertion.getAuthnStatements().add(buildAuthnStatement());
signSAMLObject(assertion, getIDPKeyFromKeystore());
return assertion;
}
示例11: createNameID
import org.opensaml.saml2.core.NameID; //导入方法依赖的package包/类
private static NameID createNameID(String value, String format) {
if (value != null && value.length() > 0 && format != null
&& format.length() > 0) {
NameID nameID = create(NameID.DEFAULT_ELEMENT_NAME);
nameID.setValue(value);
nameID.setFormat(format);
return nameID;
} else
return null;
}
示例12: buildSAMLAssertion
import org.opensaml.saml2.core.NameID; //导入方法依赖的package包/类
/**
* Build SAML Assertion object
*
* @param pRequestContext
* @param pNotOnOrAfter
* @param pRecipient
* @param pAudienceURI
* @param pAssertionAttributes
* @param pSignAssertion
* @param pDigitalCertificateName
* @return SAML Assertion Object
*/
private Assertion buildSAMLAssertion(ActionRequestContext pRequestContext
, DateTime pNotOnOrAfter
, String pRecipient
, String pAudienceURI
, Map<String, String> pAssertionAttributes
, boolean pSignAssertion
, String pDigitalCertificateName
) {
DateTime lCurrentTime = new DateTime();
Assertion lAssertion = new AssertionBuilder().buildObject();
lAssertion.setID(ASSERTION_ID_PREFIX + RandomString.getString(40));
lAssertion.setVersion(SAMLVersion.VERSION_20);
lAssertion.setIssuer(buildIssuer(pRequestContext.getFoxRequest().getHttpRequest().getRequestURL().toString()));
lAssertion.setIssueInstant(lCurrentTime);
Subject lSubject = new SubjectBuilder().buildObject();
SubjectConfirmation lSubjectConfirmation = new SubjectConfirmationBuilder().buildObject();
lSubjectConfirmation.setMethod(SubjectConfirmation.METHOD_BEARER);
SubjectConfirmationData lSubjectConfirmationData = new SubjectConfirmationDataBuilder().buildObject();
if (!XFUtil.isNull(pRecipient)) {
lSubjectConfirmationData.setRecipient(pRecipient);
}
lSubjectConfirmationData.setNotOnOrAfter(pNotOnOrAfter);
lSubjectConfirmation.setSubjectConfirmationData(lSubjectConfirmationData);
lSubject.getSubjectConfirmations().add(lSubjectConfirmation);
NameIDBuilder lNameIDBuilder = new NameIDBuilder();
NameID lNameID = lNameIDBuilder.buildObject();
lNameID.setValue(RandomString.getString(64));
lNameID.setFormat(NameID.TRANSIENT);
lSubject.setNameID(lNameID);
lAssertion.setSubject(lSubject);
AuthnStatement lAuthnStatement = new AuthnStatementBuilder().buildObject();
lAuthnStatement.setAuthnInstant(new DateTime());
AuthnContext lAuthnContext = new AuthnContextBuilder().buildObject();
AuthnContextClassRef lAuthnContextClassRef = new AuthnContextClassRefBuilder().buildObject();
lAuthnContextClassRef.setAuthnContextClassRef(AuthnContext.PASSWORD_AUTHN_CTX);
lAuthnContext.setAuthnContextClassRef(lAuthnContextClassRef);
lAuthnStatement.setAuthnContext(lAuthnContext);
lAssertion.getAuthnStatements().add(lAuthnStatement);
if (pAssertionAttributes != null && pAssertionAttributes.size() > 0) {
lAssertion.getAttributeStatements().add(buildAttributeStatement(pAssertionAttributes));
}
AudienceRestriction lAudienceRestriction = new AudienceRestrictionBuilder().buildObject();
if (!XFUtil.isNull(pAudienceURI)) {
Audience lAudience = new AudienceBuilder().buildObject();
lAudience.setAudienceURI(pAudienceURI);
lAudienceRestriction.getAudiences().add(lAudience);
}
Conditions lConditions = new ConditionsBuilder().buildObject();
lConditions.setNotBefore(lCurrentTime);
lConditions.setNotOnOrAfter(pNotOnOrAfter);
lConditions.getAudienceRestrictions().add(lAudienceRestriction);
lAssertion.setConditions(lConditions);
if (pSignAssertion) {
signSAMLObject(lAssertion, pRequestContext, pDigitalCertificateName);
}
return lAssertion;
}
示例13: buildSAMLAssertion
import org.opensaml.saml2.core.NameID; //导入方法依赖的package包/类
private Assertion buildSAMLAssertion(final String emailAddress)
{
// Bootstrap the OpenSAML library
try {
DefaultBootstrap.bootstrap();
} catch (ConfigurationException e) {
}
DateTime issueInstant = new DateTime();
DateTime notOnOrAfter = issueInstant.plusMinutes(15);
DateTime notBefore = issueInstant.minusMinutes(5);
NameID nameID = (new NameIDBuilder().buildObject());
nameID.setFormat(NameIDType.EMAIL);
nameID.setValue(emailAddress);
SubjectConfirmationData subjectConfirmationData = (new SubjectConfirmationDataBuilder().buildObject());
subjectConfirmationData.setRecipient(applicationLink.getRpcUrl().toString() + ACCESS_TOKEN_URL);
subjectConfirmationData.setNotOnOrAfter(notOnOrAfter);
SubjectConfirmation subjectConfirmation = (new SubjectConfirmationBuilder().buildObject());
subjectConfirmation.setMethod(SubjectConfirmation.METHOD_BEARER);
subjectConfirmation.setSubjectConfirmationData(subjectConfirmationData);
Subject subject = (new SubjectBuilder().buildObject());
subject.setNameID(nameID);
subject.getSubjectConfirmations().add(subjectConfirmation);
Issuer issuer = (new IssuerBuilder().buildObject());
issuer.setValue(providerID);
Audience audience = (new AudienceBuilder().buildObject());
audience.setAudienceURI(AUDIENCE_RESTRICTION);
AudienceRestriction audienceRestriction = (new AudienceRestrictionBuilder().buildObject());
audienceRestriction.getAudiences().add(audience);
Conditions conditions = (new ConditionsBuilder().buildObject());
conditions.setNotBefore(notBefore);
conditions.setNotOnOrAfter(notOnOrAfter);
conditions.getAudienceRestrictions().add(audienceRestriction);
XSString attributeValue = (XSString)Configuration.getBuilderFactory().getBuilder(XSString.TYPE_NAME).buildObject(AttributeValue.DEFAULT_ELEMENT_NAME, XSString.TYPE_NAME);
attributeValue.setValue(clientID);
Attribute attribute = (new AttributeBuilder().buildObject());
attribute.setName("client_id");
attribute.getAttributeValues().add(attributeValue);
AttributeStatement attributeStatement = (new AttributeStatementBuilder().buildObject());
attributeStatement.getAttributes().add(attribute);
Assertion assertion = (new AssertionBuilder().buildObject());
assertion.setID(UUID.randomUUID().toString());
assertion.setVersion(SAMLVersion.VERSION_20);
assertion.setIssueInstant(issueInstant);
assertion.setIssuer(issuer);
assertion.setSubject(subject);
assertion.setConditions(conditions);
assertion.getAttributeStatements().add(attributeStatement);
return assertion;
}
示例14: buildSAML2Assertion
import org.opensaml.saml2.core.NameID; //导入方法依赖的package包/类
private static Assertion buildSAML2Assertion(boolean includeClientKeyAttribute)
{
// Bootstrap the OpenSAML library
try {
DefaultBootstrap.bootstrap();
} catch (ConfigurationException e) {
}
DateTime issueInstant = new DateTime();
DateTime notOnOrAfter = issueInstant.plusMinutes(10);
DateTime notBefore = issueInstant.minusMinutes(10);
NameID nameID = (new NameIDBuilder().buildObject());
if (SUBJECT_NAME_ID_FORMAT.equals("email")) {
nameID.setFormat(NameIDType.EMAIL);
} else if (SUBJECT_NAME_ID_FORMAT.equals("unspecified")) {
nameID.setFormat(NameIDType.UNSPECIFIED);
} else {
throw new IllegalArgumentException("SUBJECT_NAME_ID_FORMAT must be 'email' or 'unspecified'.");
}
if (subjectNameIdQualifier != null) {
nameID.setNameQualifier(subjectNameIdQualifier);
}
nameID.setValue(SUBJECT_NAME_ID);
SubjectConfirmationData subjectConfirmationData = (new SubjectConfirmationDataBuilder().buildObject());
subjectConfirmationData.setRecipient(BASE_URL + ACCESS_TOKEN_URL_PATH);
subjectConfirmationData.setNotOnOrAfter(notOnOrAfter);
SubjectConfirmation subjectConfirmation = (new SubjectConfirmationBuilder().buildObject());
subjectConfirmation.setMethod(SubjectConfirmation.METHOD_BEARER);
subjectConfirmation.setSubjectConfirmationData(subjectConfirmationData);
Subject subject = (new SubjectBuilder().buildObject());
subject.setNameID(nameID);
subject.getSubjectConfirmations().add(subjectConfirmation);
Issuer issuer = (new IssuerBuilder().buildObject());
issuer.setValue(IDP_ID);
Audience audience = (new AudienceBuilder().buildObject());
audience.setAudienceURI(SP_ID_JAM);
AudienceRestriction audienceRestriction = (new AudienceRestrictionBuilder().buildObject());
audienceRestriction.getAudiences().add(audience);
Conditions conditions = (new ConditionsBuilder().buildObject());
conditions.setNotBefore(notBefore);
conditions.setNotOnOrAfter(notOnOrAfter);
conditions.getAudienceRestrictions().add(audienceRestriction);
Assertion assertion = (new AssertionBuilder().buildObject());
assertion.setID(UUID.randomUUID().toString());
assertion.setVersion(SAMLVersion.VERSION_20);
assertion.setIssueInstant(issueInstant);
assertion.setIssuer(issuer);
assertion.setSubject(subject);
assertion.setConditions(conditions);
if (includeClientKeyAttribute) {
XSString attributeValue = (XSString)Configuration.getBuilderFactory().getBuilder(XSString.TYPE_NAME).buildObject(AttributeValue.DEFAULT_ELEMENT_NAME, XSString.TYPE_NAME);
attributeValue.setValue(CLIENT_KEY);
Attribute attribute = (new AttributeBuilder().buildObject());
attribute.setName("client_id");
attribute.getAttributeValues().add(attributeValue);
AttributeStatement attributeStatement = (new AttributeStatementBuilder().buildObject());
attributeStatement.getAttributes().add(attribute);
assertion.getAttributeStatements().add(attributeStatement);
}
return assertion;
}
示例15: buildSAML2Assertion
import org.opensaml.saml2.core.NameID; //导入方法依赖的package包/类
private static Assertion buildSAML2Assertion(
String baseUrl,
String subjectNameId,
String subjectNameIdFormat,
String subjectNameIdQualifier,
String idpId,
String clientKey,
boolean includeClientKeyAttribute)
{
// Bootstrap the OpenSAML library
try {
DefaultBootstrap.bootstrap();
} catch (ConfigurationException e) {
}
DateTime issueInstant = new DateTime();
DateTime notOnOrAfter = issueInstant.plusMinutes(10);
DateTime notBefore = issueInstant.minusMinutes(10);
NameID nameID = (new NameIDBuilder().buildObject());
if (subjectNameIdFormat.equals("email")) {
nameID.setFormat(NameIDType.EMAIL);
} else if (subjectNameIdFormat.equals("unspecified")) {
nameID.setFormat(NameIDType.UNSPECIFIED);
} else {
throw new IllegalArgumentException("subjectNameIdFormat must be 'email' or 'unspecified'.");
}
if (subjectNameIdQualifier != null) {
nameID.setNameQualifier(subjectNameIdQualifier);
}
nameID.setValue(subjectNameId);
SubjectConfirmationData subjectConfirmationData = (new SubjectConfirmationDataBuilder().buildObject());
subjectConfirmationData.setRecipient(baseUrl + ACCESS_TOKEN_URL_PATH);
subjectConfirmationData.setNotOnOrAfter(notOnOrAfter);
SubjectConfirmation subjectConfirmation = (new SubjectConfirmationBuilder().buildObject());
subjectConfirmation.setMethod(SubjectConfirmation.METHOD_BEARER);
subjectConfirmation.setSubjectConfirmationData(subjectConfirmationData);
Subject subject = (new SubjectBuilder().buildObject());
subject.setNameID(nameID);
subject.getSubjectConfirmations().add(subjectConfirmation);
Issuer issuer = (new IssuerBuilder().buildObject());
issuer.setValue(idpId);
Audience audience = (new AudienceBuilder().buildObject());
audience.setAudienceURI(SP_ID_JAM);
AudienceRestriction audienceRestriction = (new AudienceRestrictionBuilder().buildObject());
audienceRestriction.getAudiences().add(audience);
Conditions conditions = (new ConditionsBuilder().buildObject());
conditions.setNotBefore(notBefore);
conditions.setNotOnOrAfter(notOnOrAfter);
conditions.getAudienceRestrictions().add(audienceRestriction);
Assertion assertion = (new AssertionBuilder().buildObject());
assertion.setID(UUID.randomUUID().toString());
assertion.setVersion(SAMLVersion.VERSION_20);
assertion.setIssueInstant(issueInstant);
assertion.setIssuer(issuer);
assertion.setSubject(subject);
assertion.setConditions(conditions);
if (includeClientKeyAttribute) {
XSString attributeValue = (XSString)Configuration.getBuilderFactory().getBuilder(XSString.TYPE_NAME).buildObject(AttributeValue.DEFAULT_ELEMENT_NAME, XSString.TYPE_NAME);
attributeValue.setValue(clientKey);
Attribute attribute = (new AttributeBuilder().buildObject());
attribute.setName("client_id");
attribute.getAttributeValues().add(attributeValue);
AttributeStatement attributeStatement = (new AttributeStatementBuilder().buildObject());
attributeStatement.getAttributes().add(attribute);
assertion.getAttributeStatements().add(attributeStatement);
}
return assertion;
}