/** * Validates that the condition specifies at least one audience. * * @param audienceRestrictionCondition condition to validate * * @throws ValidationException thrown if now audience is specified in the condition */ protected void validateAudiences(AudienceRestrictionCondition audienceRestrictionCondition) throws ValidationException{ if (audienceRestrictionCondition.getAudiences() == null || audienceRestrictionCondition.getAudiences().size() == 0) { throw new ValidationException("No Audience statements present"); } } }
/** {@inheritDoc} */ protected void processChildElement(XMLObject parentSAMLObject, XMLObject childSAMLObject) throws UnmarshallingException { AudienceRestrictionCondition audienceRestrictionCondition = (AudienceRestrictionCondition) parentSAMLObject; if (childSAMLObject instanceof Audience) { audienceRestrictionCondition.getAudiences().add((Audience) childSAMLObject); } else { super.processChildElement(parentSAMLObject, childSAMLObject); } } }
private Conditions newConditions(final DateTime issuedAt, final String serviceId) { final Conditions conditions = newSamlObject(Conditions.class); conditions.setNotBefore(issuedAt); conditions.setNotOnOrAfter(issuedAt.plus(this.issueLength)); final AudienceRestrictionCondition audienceRestriction = newSamlObject(AudienceRestrictionCondition.class); final Audience audience = newSamlObject(Audience.class); audience.setUri(serviceId); audienceRestriction.getAudiences().add(audience); conditions.getAudienceRestrictionConditions().add(audienceRestriction); return conditions; }
/** * Create an AudienceRestrictionCondition object * * @param audienceRestrictionBean of type AudienceRestrictionBean * @return an AudienceRestrictionCondition object */ @SuppressWarnings("unchecked") public static AudienceRestrictionCondition createSamlv1AudienceRestriction(AudienceRestrictionBean audienceRestrictionBean) { if (audienceRestrictionV1Builder == null) { audienceRestrictionV1Builder = (SAMLObjectBuilder<AudienceRestrictionCondition>) builderFactory.getBuilder(AudienceRestrictionCondition.DEFAULT_ELEMENT_NAME); } if (audienceV1Builder == null) { audienceV1Builder = (SAMLObjectBuilder<Audience>) builderFactory.getBuilder(Audience.DEFAULT_ELEMENT_NAME); } AudienceRestrictionCondition audienceRestriction = audienceRestrictionV1Builder.buildObject(); for (String audienceURI : audienceRestrictionBean.getAudienceURIs()) { Audience audience = audienceV1Builder.buildObject(); audience.setUri(audienceURI); audienceRestriction.getAudiences().add(audience); } return audienceRestriction; }
/** * Create an AudienceRestrictionCondition object * * @param audienceRestrictionBean of type AudienceRestrictionBean * @return an AudienceRestrictionCondition object */ @SuppressWarnings("unchecked") public static AudienceRestrictionCondition createSamlv1AudienceRestriction(AudienceRestrictionBean audienceRestrictionBean) { if (audienceRestrictionV1Builder == null) { audienceRestrictionV1Builder = (SAMLObjectBuilder<AudienceRestrictionCondition>) builderFactory.getBuilder(AudienceRestrictionCondition.DEFAULT_ELEMENT_NAME); } if (audienceV1Builder == null) { audienceV1Builder = (SAMLObjectBuilder<Audience>) builderFactory.getBuilder(Audience.DEFAULT_ELEMENT_NAME); } AudienceRestrictionCondition audienceRestriction = audienceRestrictionV1Builder.buildObject(); for (String audienceURI : audienceRestrictionBean.getAudienceURIs()) { Audience audience = audienceV1Builder.buildObject(); audience.setUri(audienceURI); audienceRestriction.getAudiences().add(audience); } return audienceRestriction; }
@Override public void createSAMLAssertion(DateTime notAfter, DateTime notBefore, String assertionId) throws IdentityProviderException { assertion = (Assertion) buildXMLObject(Assertion.DEFAULT_ELEMENT_NAME); Conditions conditions = (Conditions) buildXMLObject(Conditions.DEFAULT_ELEMENT_NAME); conditions.setNotBefore(notBefore); conditions.setNotOnOrAfter(notAfter); ServerConfiguration config = ServerConfiguration.getInstance(); String host = "http://" + config.getFirstProperty("HostName"); assertion.setIssuer(host); assertion.setIssueInstant(new DateTime()); if (appilesTo != null) { Audience audience = (Audience) buildXMLObject(Audience.DEFAULT_ELEMENT_NAME); audience.setUri(appilesTo); AudienceRestrictionCondition audienceRestrictions = (AudienceRestrictionCondition) buildXMLObject(AudienceRestrictionCondition.DEFAULT_ELEMENT_NAME); audienceRestrictions.getAudiences().add(audience); conditions.getAudienceRestrictionConditions().add(audienceRestrictions); } assertion.setConditions(conditions); assertion.getAttributeStatements().add(this.attributeStmt); assertion.setID(assertionId); }
@Override public void createSAMLAssertion(DateTime notAfter, DateTime notBefore, String assertionId) throws IdentityProviderException { assertion = (Assertion) buildXMLObject(Assertion.DEFAULT_ELEMENT_NAME); Conditions conditions = (Conditions) buildXMLObject(Conditions.DEFAULT_ELEMENT_NAME); conditions.setNotBefore(notBefore); conditions.setNotOnOrAfter(notAfter); ServerConfiguration config = ServerConfiguration.getInstance(); String host = "http://" + config.getFirstProperty("HostName"); assertion.setIssuer(host); assertion.setIssueInstant(new DateTime()); if (appilesTo != null) { Audience audience = (Audience) buildXMLObject(Audience.DEFAULT_ELEMENT_NAME); audience.setUri(appilesTo); AudienceRestrictionCondition audienceRestrictions = (AudienceRestrictionCondition) buildXMLObject(AudienceRestrictionCondition.DEFAULT_ELEMENT_NAME); audienceRestrictions.getAudiences().add(audience); conditions.getAudienceRestrictionConditions().add(audienceRestrictions); } assertion.setConditions(conditions); assertion.getAttributeStatements().add(this.attributeStmt); assertion.setID(assertionId); }
boolean audienceFound = false; for (AudienceRestrictionCondition audienceRestriction : audienceRestrictions) { if (audienceRestriction.getAudiences() != null && audienceRestriction.getAudiences().size() > 0) { for (Audience audience : audienceRestriction.getAudiences()) { if (audience.getUri().equals(tokenEndpointAlias)) { audienceFound = true;
boolean audienceFound = false; for (AudienceRestrictionCondition audienceRestriction : audienceRestrictions) { if (audienceRestriction.getAudiences() != null && audienceRestriction.getAudiences().size() > 0) { for (Audience audience : audienceRestriction.getAudiences()) { if (audience.getUri().equals(tokenEndpointAlias)) { audienceFound = true;
for (org.opensaml.saml1.core.AudienceRestrictionCondition audienceRestriction : conditions.getAudienceRestrictionConditions()) { if (audienceRestriction.getAudiences() != null) { List<org.opensaml.saml1.core.Audience> audiences = audienceRestriction.getAudiences(); for (org.opensaml.saml1.core.Audience audience : audiences) { String audienceURI = audience.getUri();
for (org.opensaml.saml1.core.AudienceRestrictionCondition audienceRestriction : conditions.getAudienceRestrictionConditions()) { if (audienceRestriction.getAudiences() != null) { List<org.opensaml.saml1.core.Audience> audiences = audienceRestriction.getAudiences(); for (org.opensaml.saml1.core.Audience audience : audiences) { String audienceURI = audience.getUri();