本文整理汇总了Java中org.opensaml.saml2.core.SubjectConfirmation.setSubjectConfirmationData方法的典型用法代码示例。如果您正苦于以下问题:Java SubjectConfirmation.setSubjectConfirmationData方法的具体用法?Java SubjectConfirmation.setSubjectConfirmationData怎么用?Java SubjectConfirmation.setSubjectConfirmationData使用的例子?那么, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在类org.opensaml.saml2.core.SubjectConfirmation的用法示例。
在下文中一共展示了SubjectConfirmation.setSubjectConfirmationData方法的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Java代码示例。
示例1: processChildElement
import org.opensaml.saml2.core.SubjectConfirmation; //导入方法依赖的package包/类
/** {@inheritDoc} */
protected void processChildElement(XMLObject parentObject, XMLObject childObject) throws UnmarshallingException {
SubjectConfirmation subjectConfirmation = (SubjectConfirmation) parentObject;
if (childObject instanceof BaseID) {
subjectConfirmation.setBaseID((BaseID) childObject);
} else if (childObject instanceof NameID) {
subjectConfirmation.setNameID((NameID) childObject);
} else if (childObject instanceof EncryptedID) {
subjectConfirmation.setEncryptedID((EncryptedID) childObject);
} else if (childObject instanceof SubjectConfirmationData) {
subjectConfirmation.setSubjectConfirmationData((SubjectConfirmationData) childObject);
} else {
super.processChildElement(parentObject, childObject);
}
}
示例2: createSubject
import org.opensaml.saml2.core.SubjectConfirmation; //导入方法依赖的package包/类
/**
* Create a subject with a given nameID value.
*
* The subject is given a confirmation with method bearer.
*
* @param nameIDValue
* The value of the nameID
* @return The SAML subject with the given nameId
*/
public static Subject createSubject(String nameIDValue,
String recipient, DateTime notOnOrAfter) {
Subject subject = buildXMLObject(Subject.class);
subject.setNameID(createNameID(nameIDValue));
SubjectConfirmation subjectConfirmation = buildXMLObject(SubjectConfirmation.class);
subjectConfirmation.setMethod(OIOSAMLConstants.METHOD_BEARER);
SubjectConfirmationData subjectConfirmationData = buildXMLObject(SubjectConfirmationData.class);
subjectConfirmationData.setRecipient(recipient);
subjectConfirmationData.setNotOnOrAfter(notOnOrAfter);
subjectConfirmation.setSubjectConfirmationData(subjectConfirmationData);
subject.getSubjectConfirmations().add(subjectConfirmation);
return subject;
}
示例3: checkRecipient
import org.opensaml.saml2.core.SubjectConfirmation; //导入方法依赖的package包/类
@Test
public void checkRecipient() {
String requiredMethodBearer = "urn:oasis:names:tc:SAML:2.0:cm:bearer";
assertFalse(assertion.checkRecipient(null));
assertFalse(new OIOAssertion(new AssertionStubImpl()).checkRecipient(""));
Assertion localAssertion = new AssertionStubImpl();
localAssertion.setSubject(new SubjectStubImpl());
assertFalse(assertion.checkRecipient(""));
SubjectConfirmation subjectConfirmation = new SubjectConfirmationStubImpl();
subjectConfirmation.setMethod(requiredMethodBearer);
SubjectConfirmationData subConfData = new SubjectConfirmationDataStubImpl();
String expectedRecipient = "recipient";
subConfData.setRecipient(expectedRecipient);
subjectConfirmation.setSubjectConfirmationData(subConfData);
Subject subject = new SubjectStubImpl(Collections.singletonList(subjectConfirmation));
localAssertion.setSubject(subject);
OIOAssertion la = new OIOAssertion(localAssertion);
assertTrue(la.checkRecipient(expectedRecipient));
subConfData.setRecipient("something else");
assertFalse(la.checkRecipient(expectedRecipient));
subjectConfirmation.setMethod("not requiredBearer");
assertFalse(la.checkRecipient(expectedRecipient));
assertTrue(assertion.checkRecipient(assertionConsumerURL));
}
示例4: testChildElementsMarshall
import org.opensaml.saml2.core.SubjectConfirmation; //导入方法依赖的package包/类
/** {@inheritDoc} */
public void testChildElementsMarshall() {
QName qname = new QName(SAMLConstants.SAML20_NS, SubjectConfirmation.DEFAULT_ELEMENT_LOCAL_NAME, SAMLConstants.SAML20_PREFIX);
SubjectConfirmation subjectConfirmation = (SubjectConfirmation) buildXMLObject(qname);
QName nameIDQName = new QName(SAMLConstants.SAML20_NS, NameID.DEFAULT_ELEMENT_LOCAL_NAME, SAMLConstants.SAML20_PREFIX);
subjectConfirmation.setNameID((NameID) buildXMLObject(nameIDQName));
QName subjectConfirmationDataQName = new QName(SAMLConstants.SAML20_NS, SubjectConfirmationData.DEFAULT_ELEMENT_LOCAL_NAME, SAMLConstants.SAML20_PREFIX);
subjectConfirmation.setSubjectConfirmationData((SubjectConfirmationData) buildXMLObject(subjectConfirmationDataQName));
assertEquals(expectedChildElementsDOM, subjectConfirmation);
}
示例5: testChildElementsWithEncryptedIDMarshall
import org.opensaml.saml2.core.SubjectConfirmation; //导入方法依赖的package包/类
/** {@inheritDoc}
* @throws XMLParserException */
public void testChildElementsWithEncryptedIDMarshall() throws XMLParserException {
QName qname = new QName(SAMLConstants.SAML20_NS, SubjectConfirmation.DEFAULT_ELEMENT_LOCAL_NAME, SAMLConstants.SAML20_PREFIX);
SubjectConfirmation subjectConfirmation = (SubjectConfirmation) buildXMLObject(qname);
QName encryptedIDQName = new QName(SAMLConstants.SAML20_NS, EncryptedID.DEFAULT_ELEMENT_LOCAL_NAME, SAMLConstants.SAML20_PREFIX);
subjectConfirmation.setEncryptedID((EncryptedID) buildXMLObject(encryptedIDQName));
QName subjectConfirmationDataQName = new QName(SAMLConstants.SAML20_NS, SubjectConfirmationData.DEFAULT_ELEMENT_LOCAL_NAME, SAMLConstants.SAML20_PREFIX);
subjectConfirmation.setSubjectConfirmationData((SubjectConfirmationData) buildXMLObject(subjectConfirmationDataQName));
Document expectedChildElementsWithEncryptedID = parser.parse(SubjectConfirmationTest.class
.getResourceAsStream(childElementsWithEncryptedIDFile));
assertEquals(expectedChildElementsWithEncryptedID, subjectConfirmation);
}
示例6: createSubject
import org.opensaml.saml2.core.SubjectConfirmation; //导入方法依赖的package包/类
private Subject createSubject(final String subjectId, final Integer samlAssertionDays) {
DateTime currentDate = new DateTime();
if (samlAssertionDays != null)
currentDate = currentDate.plusDays(samlAssertionDays);
// create name element
NameIDBuilder nameIdBuilder = new NameIDBuilder();
NameID nameId = nameIdBuilder.buildObject();
nameId.setValue(subjectId);
nameId.setFormat("urn:oasis:names:tc:SAML:2.0:nameid-format:persistent");
SubjectConfirmationDataBuilder dataBuilder = new SubjectConfirmationDataBuilder();
SubjectConfirmationData subjectConfirmationData = dataBuilder.buildObject();
subjectConfirmationData.setNotOnOrAfter(currentDate);
SubjectConfirmationBuilder subjectConfirmationBuilder = new SubjectConfirmationBuilder();
SubjectConfirmation subjectConfirmation = subjectConfirmationBuilder.buildObject();
subjectConfirmation.setMethod("urn:oasis:names:tc:SAML:2.0:cm:bearer");
subjectConfirmation.setSubjectConfirmationData(subjectConfirmationData);
// create subject element
SubjectBuilder subjectBuilder = new SubjectBuilder();
Subject subject = subjectBuilder.buildObject();
subject.setNameID(nameId);
subject.getSubjectConfirmations().add(subjectConfirmation);
return subject;
}
示例7: buildSubjectConfirmation
import org.opensaml.saml2.core.SubjectConfirmation; //导入方法依赖的package包/类
private SubjectConfirmation buildSubjectConfirmation() throws IllegalAccessException, MetadataProviderException {
SubjectConfirmation subjectConfirmation = buildXMLObjectDefaultName(SubjectConfirmation.class);
subjectConfirmation.setMethod(SubjectConfirmation.METHOD_BEARER);
SubjectConfirmationData subjectConfirmationData = buildXMLObjectDefaultName(SubjectConfirmationData.class);
subjectConfirmationData.setInResponseTo(MockIDPAuthnReq.authnReqId);
subjectConfirmationData.setNotBefore(new DateTime().minusDays(2));
subjectConfirmationData.setNotOnOrAfter(new DateTime().plusDays(2));
subjectConfirmationData.setRecipient(MockIDPSPMetadata.getSpConsumerUrl());
subjectConfirmation.setSubjectConfirmationData(subjectConfirmationData);
return subjectConfirmation;
}
示例8: buildSAMLAssertion
import org.opensaml.saml2.core.SubjectConfirmation; //导入方法依赖的package包/类
/**
* Build SAML Assertion object
*
* @param pRequestContext
* @param pNotOnOrAfter
* @param pRecipient
* @param pAudienceURI
* @param pAssertionAttributes
* @param pSignAssertion
* @param pDigitalCertificateName
* @return SAML Assertion Object
*/
private Assertion buildSAMLAssertion(ActionRequestContext pRequestContext
, DateTime pNotOnOrAfter
, String pRecipient
, String pAudienceURI
, Map<String, String> pAssertionAttributes
, boolean pSignAssertion
, String pDigitalCertificateName
) {
DateTime lCurrentTime = new DateTime();
Assertion lAssertion = new AssertionBuilder().buildObject();
lAssertion.setID(ASSERTION_ID_PREFIX + RandomString.getString(40));
lAssertion.setVersion(SAMLVersion.VERSION_20);
lAssertion.setIssuer(buildIssuer(pRequestContext.getFoxRequest().getHttpRequest().getRequestURL().toString()));
lAssertion.setIssueInstant(lCurrentTime);
Subject lSubject = new SubjectBuilder().buildObject();
SubjectConfirmation lSubjectConfirmation = new SubjectConfirmationBuilder().buildObject();
lSubjectConfirmation.setMethod(SubjectConfirmation.METHOD_BEARER);
SubjectConfirmationData lSubjectConfirmationData = new SubjectConfirmationDataBuilder().buildObject();
if (!XFUtil.isNull(pRecipient)) {
lSubjectConfirmationData.setRecipient(pRecipient);
}
lSubjectConfirmationData.setNotOnOrAfter(pNotOnOrAfter);
lSubjectConfirmation.setSubjectConfirmationData(lSubjectConfirmationData);
lSubject.getSubjectConfirmations().add(lSubjectConfirmation);
NameIDBuilder lNameIDBuilder = new NameIDBuilder();
NameID lNameID = lNameIDBuilder.buildObject();
lNameID.setValue(RandomString.getString(64));
lNameID.setFormat(NameID.TRANSIENT);
lSubject.setNameID(lNameID);
lAssertion.setSubject(lSubject);
AuthnStatement lAuthnStatement = new AuthnStatementBuilder().buildObject();
lAuthnStatement.setAuthnInstant(new DateTime());
AuthnContext lAuthnContext = new AuthnContextBuilder().buildObject();
AuthnContextClassRef lAuthnContextClassRef = new AuthnContextClassRefBuilder().buildObject();
lAuthnContextClassRef.setAuthnContextClassRef(AuthnContext.PASSWORD_AUTHN_CTX);
lAuthnContext.setAuthnContextClassRef(lAuthnContextClassRef);
lAuthnStatement.setAuthnContext(lAuthnContext);
lAssertion.getAuthnStatements().add(lAuthnStatement);
if (pAssertionAttributes != null && pAssertionAttributes.size() > 0) {
lAssertion.getAttributeStatements().add(buildAttributeStatement(pAssertionAttributes));
}
AudienceRestriction lAudienceRestriction = new AudienceRestrictionBuilder().buildObject();
if (!XFUtil.isNull(pAudienceURI)) {
Audience lAudience = new AudienceBuilder().buildObject();
lAudience.setAudienceURI(pAudienceURI);
lAudienceRestriction.getAudiences().add(lAudience);
}
Conditions lConditions = new ConditionsBuilder().buildObject();
lConditions.setNotBefore(lCurrentTime);
lConditions.setNotOnOrAfter(pNotOnOrAfter);
lConditions.getAudienceRestrictions().add(lAudienceRestriction);
lAssertion.setConditions(lConditions);
if (pSignAssertion) {
signSAMLObject(lAssertion, pRequestContext, pDigitalCertificateName);
}
return lAssertion;
}
示例9: buildSAMLAssertion
import org.opensaml.saml2.core.SubjectConfirmation; //导入方法依赖的package包/类
private Assertion buildSAMLAssertion(final String emailAddress)
{
// Bootstrap the OpenSAML library
try {
DefaultBootstrap.bootstrap();
} catch (ConfigurationException e) {
}
DateTime issueInstant = new DateTime();
DateTime notOnOrAfter = issueInstant.plusMinutes(15);
DateTime notBefore = issueInstant.minusMinutes(5);
NameID nameID = (new NameIDBuilder().buildObject());
nameID.setFormat(NameIDType.EMAIL);
nameID.setValue(emailAddress);
SubjectConfirmationData subjectConfirmationData = (new SubjectConfirmationDataBuilder().buildObject());
subjectConfirmationData.setRecipient(applicationLink.getRpcUrl().toString() + ACCESS_TOKEN_URL);
subjectConfirmationData.setNotOnOrAfter(notOnOrAfter);
SubjectConfirmation subjectConfirmation = (new SubjectConfirmationBuilder().buildObject());
subjectConfirmation.setMethod(SubjectConfirmation.METHOD_BEARER);
subjectConfirmation.setSubjectConfirmationData(subjectConfirmationData);
Subject subject = (new SubjectBuilder().buildObject());
subject.setNameID(nameID);
subject.getSubjectConfirmations().add(subjectConfirmation);
Issuer issuer = (new IssuerBuilder().buildObject());
issuer.setValue(providerID);
Audience audience = (new AudienceBuilder().buildObject());
audience.setAudienceURI(AUDIENCE_RESTRICTION);
AudienceRestriction audienceRestriction = (new AudienceRestrictionBuilder().buildObject());
audienceRestriction.getAudiences().add(audience);
Conditions conditions = (new ConditionsBuilder().buildObject());
conditions.setNotBefore(notBefore);
conditions.setNotOnOrAfter(notOnOrAfter);
conditions.getAudienceRestrictions().add(audienceRestriction);
XSString attributeValue = (XSString)Configuration.getBuilderFactory().getBuilder(XSString.TYPE_NAME).buildObject(AttributeValue.DEFAULT_ELEMENT_NAME, XSString.TYPE_NAME);
attributeValue.setValue(clientID);
Attribute attribute = (new AttributeBuilder().buildObject());
attribute.setName("client_id");
attribute.getAttributeValues().add(attributeValue);
AttributeStatement attributeStatement = (new AttributeStatementBuilder().buildObject());
attributeStatement.getAttributes().add(attribute);
Assertion assertion = (new AssertionBuilder().buildObject());
assertion.setID(UUID.randomUUID().toString());
assertion.setVersion(SAMLVersion.VERSION_20);
assertion.setIssueInstant(issueInstant);
assertion.setIssuer(issuer);
assertion.setSubject(subject);
assertion.setConditions(conditions);
assertion.getAttributeStatements().add(attributeStatement);
return assertion;
}
示例10: buildSAML2Assertion
import org.opensaml.saml2.core.SubjectConfirmation; //导入方法依赖的package包/类
private static Assertion buildSAML2Assertion(boolean includeClientKeyAttribute)
{
// Bootstrap the OpenSAML library
try {
DefaultBootstrap.bootstrap();
} catch (ConfigurationException e) {
}
DateTime issueInstant = new DateTime();
DateTime notOnOrAfter = issueInstant.plusMinutes(10);
DateTime notBefore = issueInstant.minusMinutes(10);
NameID nameID = (new NameIDBuilder().buildObject());
if (SUBJECT_NAME_ID_FORMAT.equals("email")) {
nameID.setFormat(NameIDType.EMAIL);
} else if (SUBJECT_NAME_ID_FORMAT.equals("unspecified")) {
nameID.setFormat(NameIDType.UNSPECIFIED);
} else {
throw new IllegalArgumentException("SUBJECT_NAME_ID_FORMAT must be 'email' or 'unspecified'.");
}
if (subjectNameIdQualifier != null) {
nameID.setNameQualifier(subjectNameIdQualifier);
}
nameID.setValue(SUBJECT_NAME_ID);
SubjectConfirmationData subjectConfirmationData = (new SubjectConfirmationDataBuilder().buildObject());
subjectConfirmationData.setRecipient(BASE_URL + ACCESS_TOKEN_URL_PATH);
subjectConfirmationData.setNotOnOrAfter(notOnOrAfter);
SubjectConfirmation subjectConfirmation = (new SubjectConfirmationBuilder().buildObject());
subjectConfirmation.setMethod(SubjectConfirmation.METHOD_BEARER);
subjectConfirmation.setSubjectConfirmationData(subjectConfirmationData);
Subject subject = (new SubjectBuilder().buildObject());
subject.setNameID(nameID);
subject.getSubjectConfirmations().add(subjectConfirmation);
Issuer issuer = (new IssuerBuilder().buildObject());
issuer.setValue(IDP_ID);
Audience audience = (new AudienceBuilder().buildObject());
audience.setAudienceURI(SP_ID_JAM);
AudienceRestriction audienceRestriction = (new AudienceRestrictionBuilder().buildObject());
audienceRestriction.getAudiences().add(audience);
Conditions conditions = (new ConditionsBuilder().buildObject());
conditions.setNotBefore(notBefore);
conditions.setNotOnOrAfter(notOnOrAfter);
conditions.getAudienceRestrictions().add(audienceRestriction);
Assertion assertion = (new AssertionBuilder().buildObject());
assertion.setID(UUID.randomUUID().toString());
assertion.setVersion(SAMLVersion.VERSION_20);
assertion.setIssueInstant(issueInstant);
assertion.setIssuer(issuer);
assertion.setSubject(subject);
assertion.setConditions(conditions);
if (includeClientKeyAttribute) {
XSString attributeValue = (XSString)Configuration.getBuilderFactory().getBuilder(XSString.TYPE_NAME).buildObject(AttributeValue.DEFAULT_ELEMENT_NAME, XSString.TYPE_NAME);
attributeValue.setValue(CLIENT_KEY);
Attribute attribute = (new AttributeBuilder().buildObject());
attribute.setName("client_id");
attribute.getAttributeValues().add(attributeValue);
AttributeStatement attributeStatement = (new AttributeStatementBuilder().buildObject());
attributeStatement.getAttributes().add(attribute);
assertion.getAttributeStatements().add(attributeStatement);
}
return assertion;
}
示例11: buildSAML2Assertion
import org.opensaml.saml2.core.SubjectConfirmation; //导入方法依赖的package包/类
private static Assertion buildSAML2Assertion(
String baseUrl,
String subjectNameId,
String subjectNameIdFormat,
String subjectNameIdQualifier,
String idpId,
String clientKey,
boolean includeClientKeyAttribute)
{
// Bootstrap the OpenSAML library
try {
DefaultBootstrap.bootstrap();
} catch (ConfigurationException e) {
}
DateTime issueInstant = new DateTime();
DateTime notOnOrAfter = issueInstant.plusMinutes(10);
DateTime notBefore = issueInstant.minusMinutes(10);
NameID nameID = (new NameIDBuilder().buildObject());
if (subjectNameIdFormat.equals("email")) {
nameID.setFormat(NameIDType.EMAIL);
} else if (subjectNameIdFormat.equals("unspecified")) {
nameID.setFormat(NameIDType.UNSPECIFIED);
} else {
throw new IllegalArgumentException("subjectNameIdFormat must be 'email' or 'unspecified'.");
}
if (subjectNameIdQualifier != null) {
nameID.setNameQualifier(subjectNameIdQualifier);
}
nameID.setValue(subjectNameId);
SubjectConfirmationData subjectConfirmationData = (new SubjectConfirmationDataBuilder().buildObject());
subjectConfirmationData.setRecipient(baseUrl + ACCESS_TOKEN_URL_PATH);
subjectConfirmationData.setNotOnOrAfter(notOnOrAfter);
SubjectConfirmation subjectConfirmation = (new SubjectConfirmationBuilder().buildObject());
subjectConfirmation.setMethod(SubjectConfirmation.METHOD_BEARER);
subjectConfirmation.setSubjectConfirmationData(subjectConfirmationData);
Subject subject = (new SubjectBuilder().buildObject());
subject.setNameID(nameID);
subject.getSubjectConfirmations().add(subjectConfirmation);
Issuer issuer = (new IssuerBuilder().buildObject());
issuer.setValue(idpId);
Audience audience = (new AudienceBuilder().buildObject());
audience.setAudienceURI(SP_ID_JAM);
AudienceRestriction audienceRestriction = (new AudienceRestrictionBuilder().buildObject());
audienceRestriction.getAudiences().add(audience);
Conditions conditions = (new ConditionsBuilder().buildObject());
conditions.setNotBefore(notBefore);
conditions.setNotOnOrAfter(notOnOrAfter);
conditions.getAudienceRestrictions().add(audienceRestriction);
Assertion assertion = (new AssertionBuilder().buildObject());
assertion.setID(UUID.randomUUID().toString());
assertion.setVersion(SAMLVersion.VERSION_20);
assertion.setIssueInstant(issueInstant);
assertion.setIssuer(issuer);
assertion.setSubject(subject);
assertion.setConditions(conditions);
if (includeClientKeyAttribute) {
XSString attributeValue = (XSString)Configuration.getBuilderFactory().getBuilder(XSString.TYPE_NAME).buildObject(AttributeValue.DEFAULT_ELEMENT_NAME, XSString.TYPE_NAME);
attributeValue.setValue(clientKey);
Attribute attribute = (new AttributeBuilder().buildObject());
attribute.setName("client_id");
attribute.getAttributeValues().add(attributeValue);
AttributeStatement attributeStatement = (new AttributeStatementBuilder().buildObject());
attributeStatement.getAttributes().add(attribute);
assertion.getAttributeStatements().add(attributeStatement);
}
return assertion;
}
示例12: buildSignedSAML2Assertion
import org.opensaml.saml2.core.SubjectConfirmation; //导入方法依赖的package包/类
public static String buildSignedSAML2Assertion(
final String idpId,
final String destinationUri,
final String subjectNameId,
final String subjectNameIdFormat,
final String subjectNameIdQualifier,
final PrivateKey idpPrivateKey,
final X509Certificate idpCertificate,
final String spJamId,
final Map<String, List<Object>> attributes) throws Exception {
// Bootstrap the OpenSAML library
try {
DefaultBootstrap.bootstrap();
} catch (ConfigurationException e) {
}
DateTime issueInstant = new DateTime();
DateTime notOnOrAfter = issueInstant.plusMinutes(10);
DateTime notBefore = issueInstant.minusMinutes(10);
NameID nameID = makeEmailFormatName(subjectNameId, subjectNameIdFormat, subjectNameIdQualifier);
SubjectConfirmationData subjectConfirmationData = (new SubjectConfirmationDataBuilder().buildObject());
subjectConfirmationData.setRecipient(destinationUri);
subjectConfirmationData.setNotOnOrAfter(notOnOrAfter);
SubjectConfirmation subjectConfirmation = (new SubjectConfirmationBuilder().buildObject());
subjectConfirmation.setMethod(SubjectConfirmation.METHOD_BEARER);
subjectConfirmation.setSubjectConfirmationData(subjectConfirmationData);
Subject subject = (new SubjectBuilder().buildObject());
subject.setNameID(nameID);
subject.getSubjectConfirmations().add(subjectConfirmation);
Issuer issuer = (new IssuerBuilder().buildObject());
issuer.setValue(idpId);
Audience audience = (new AudienceBuilder().buildObject());
audience.setAudienceURI(spJamId);
AudienceRestriction audienceRestriction = (new AudienceRestrictionBuilder().buildObject());
audienceRestriction.getAudiences().add(audience);
Conditions conditions = (new ConditionsBuilder().buildObject());
conditions.setNotBefore(notBefore);
conditions.setNotOnOrAfter(notOnOrAfter);
conditions.getAudienceRestrictions().add(audienceRestriction);
Assertion assertion = (new AssertionBuilder().buildObject());
assertion.setID(UUID.randomUUID().toString());
assertion.setVersion(SAMLVersion.VERSION_20);
assertion.setIssueInstant(issueInstant);
assertion.setIssuer(issuer);
assertion.setSubject(subject);
assertion.setConditions(conditions);
return signAssertion(assertion, idpPrivateKey);
}
示例13: createSAMLAssertion
import org.opensaml.saml2.core.SubjectConfirmation; //导入方法依赖的package包/类
@Override
public void createSAMLAssertion(DateTime notAfter, DateTime notBefore, String assertionId)
throws IdentityProviderException {
assertion = (Assertion) buildXMLObject(Assertion.DEFAULT_ELEMENT_NAME);
Conditions conditions = (Conditions) buildXMLObject(Conditions.DEFAULT_ELEMENT_NAME);
conditions.setNotBefore(notBefore);
conditions.setNotOnOrAfter(notAfter);
ServerConfiguration config = ServerConfiguration.getInstance();
String host = "http://" + config.getFirstProperty("HostName");
Issuer issuer = (Issuer) buildXMLObject(Issuer.DEFAULT_ELEMENT_NAME);
issuer.setValue(host);
assertion.setIssuer(issuer);
assertion.setIssueInstant(new DateTime());
if (appilesTo != null) {
Audience audience = (Audience) buildXMLObject(Audience.DEFAULT_ELEMENT_NAME);
audience.setAudienceURI(appilesTo);
AudienceRestriction audienceRestrictions =
(AudienceRestriction) buildXMLObject(AudienceRestriction.DEFAULT_ELEMENT_NAME);
audienceRestrictions.getAudiences().add(audience);
conditions.getAudienceRestrictions().add(audienceRestrictions);
}
assertion.setConditions(conditions);
assertion.getAttributeStatements().add(this.attributeStmt);
assertion.setID(assertionId);
Subject subject = (Subject) buildXMLObject(Subject.DEFAULT_ELEMENT_NAME);
SubjectConfirmation subjectConf =
(SubjectConfirmation) buildXMLObject(SubjectConfirmation.DEFAULT_ELEMENT_NAME);
SubjectConfirmationData confData =
(SubjectConfirmationData) buildXMLObject(SubjectConfirmationData.DEFAULT_ELEMENT_NAME);
confData.setAddress(CONF_KEY);
subjectConf.setSubjectConfirmationData(confData);
subject.getSubjectConfirmations().add(subjectConf);
assertion.setSubject(subject);
}
示例14: generateHOKSAMLAssertion
import org.opensaml.saml2.core.SubjectConfirmation; //导入方法依赖的package包/类
public static Element generateHOKSAMLAssertion(PrivateKey issuerPrivateKey, X509Certificate issuerCertificate,
String issuerName, String subjectName, PublicKey hokPublicKey)
throws MarshallingException, SecurityException, SignatureException {
Assertion assertion = buildXMLObject(Assertion.class, Assertion.DEFAULT_ELEMENT_NAME);
assertion.setVersion(SAMLVersion.VERSION_20);
String assertionId = "assertion-" + UUID.randomUUID().toString();
assertion.setID(assertionId);
DateTime issueInstant = new DateTime();
assertion.setIssueInstant(issueInstant);
Issuer issuer = buildXMLObject(Issuer.class, Issuer.DEFAULT_ELEMENT_NAME);
assertion.setIssuer(issuer);
issuer.setValue(issuerName);
Subject subject = buildXMLObject(Subject.class, Subject.DEFAULT_ELEMENT_NAME);
assertion.setSubject(subject);
NameID subjectNameId = buildXMLObject(NameID.class, NameID.DEFAULT_ELEMENT_NAME);
subject.setNameID(subjectNameId);
subjectNameId.setValue(subjectName);
SubjectConfirmation subjectConfirmation = buildXMLObject(SubjectConfirmation.class,
SubjectConfirmation.DEFAULT_ELEMENT_NAME);
subject.getSubjectConfirmations().add(subjectConfirmation);
subjectConfirmation.setMethod(SubjectConfirmation.METHOD_HOLDER_OF_KEY);
KeyInfoConfirmationDataType keyInfoConfirmationData = new KeyInfoConfirmationDataTypeBuilder()
.buildObject(KeyInfoConfirmationDataType.DEFAULT_ELEMENT_NAME, KeyInfoConfirmationDataType.TYPE_NAME);
subjectConfirmation.setSubjectConfirmationData(keyInfoConfirmationData);
BasicKeyInfoGeneratorFactory keyInfoGeneratorFactory = new BasicKeyInfoGeneratorFactory();
keyInfoGeneratorFactory.setEmitPublicKeyValue(true);
BasicX509Credential keyInfoCredential = new BasicX509Credential();
keyInfoCredential.setPublicKey(hokPublicKey);
KeyInfo keyInfo = keyInfoGeneratorFactory.newInstance().generate(keyInfoCredential);
keyInfoConfirmationData.getKeyInfos().add(keyInfo);
BasicX509Credential credential = new BasicX509Credential();
credential.setPrivateKey(issuerPrivateKey);
credential.setEntityCertificate(issuerCertificate);
Signature signature = (Signature) Configuration.getBuilderFactory().getBuilder(Signature.DEFAULT_ELEMENT_NAME)
.buildObject(Signature.DEFAULT_ELEMENT_NAME);
signature.setSigningCredential(credential);
SecurityConfiguration secConfig = Configuration.getGlobalSecurityConfiguration();
SecurityHelper.prepareSignatureParams(signature, credential, secConfig, null);
assertion.setSignature(signature);
Element element = Configuration.getMarshallerFactory().getMarshaller(assertion).marshall(assertion);
Signer.signObject(signature);
return element;
}
示例15: createSubject
import org.opensaml.saml2.core.SubjectConfirmation; //导入方法依赖的package包/类
private static Subject createSubject() {
Subject subject = null;
NameID nameID = createNameID(samlResponseData.getSubjectValue(),
samlResponseData.getSubjectFormat());
if (nameID != null
|| samlResponseData.getSubjectNotOnOrAfter() != null
|| samlResponseData.getSubjectNotBefore() != null
|| (samlResponseData.getSubjectInResponseTo() != null && samlResponseData
.getSubjectInResponseTo().length() > 0)
|| (samlResponseData.getSubjectRecipient() != null && samlResponseData
.getSubjectRecipient().length() > 0)) {
subject = create(Subject.DEFAULT_ELEMENT_NAME);
subject.setNameID(nameID);
SubjectConfirmationData subjectConfirmationData = create(SubjectConfirmationData.DEFAULT_ELEMENT_NAME);
if (SamlResponseData.REPLACE_WITH_AUTHN_REQUEST
.equals(samlResponseData.getSubjectInResponseTo()))
subjectConfirmationData.setInResponseTo(authnRequest.getID());
else
subjectConfirmationData.setInResponseTo(samlResponseData
.getSubjectInResponseTo());
if (samlResponseData.getSubjectNotOnOrAfter() != null)
subjectConfirmationData
.setNotOnOrAfter(startTime.plusMinutes(samlResponseData
.getSubjectNotOnOrAfter()));
if (samlResponseData.getSubjectNotBefore() != null)
subjectConfirmationData.setNotBefore(startTime
.plusMinutes(samlResponseData.getSubjectNotBefore()));
if (SamlResponseData.REPLACE_WITH_AUTHN_REQUEST
.equals(samlResponseData.getSubjectRecipient()))
subjectConfirmationData.setRecipient(authnRequest
.getAssertionConsumerServiceURL());
else
subjectConfirmationData.setRecipient(samlResponseData
.getSubjectRecipient());
SubjectConfirmation subjectConfirmation = create(SubjectConfirmation.DEFAULT_ELEMENT_NAME);
subjectConfirmation.setMethod(SubjectConfirmation.METHOD_BEARER);
subjectConfirmation
.setSubjectConfirmationData(subjectConfirmationData);
subject.getSubjectConfirmations().add(subjectConfirmation);
}
return subject;
}