private void buildAssertionAuthnStatement(Assertion assertion) { @SuppressWarnings("unchecked") SAMLObjectBuilder<AuthnStatement> authnStatementBuilder = (SAMLObjectBuilder<AuthnStatement>) builderFactory .getBuilder(AuthnStatement.DEFAULT_ELEMENT_NAME); AuthnStatement authnStatement = authnStatementBuilder.buildObject(); authnStatement.setAuthnInstant(new DateTime()); authnStatement.setSessionIndex(generateID()); @SuppressWarnings("unchecked") SAMLObjectBuilder<AuthnContext> authnContextBuilder = (SAMLObjectBuilder<AuthnContext>) builderFactory .getBuilder(AuthnContext.DEFAULT_ELEMENT_NAME); AuthnContext authnContext = authnContextBuilder.buildObject(); @SuppressWarnings("unchecked") SAMLObjectBuilder<AuthnContextClassRef> authnContextClassRefBuilder = (SAMLObjectBuilder<AuthnContextClassRef>) builderFactory .getBuilder(AuthnContextClassRef.DEFAULT_ELEMENT_NAME); AuthnContextClassRef authnContextClassRef = authnContextClassRefBuilder.buildObject(); authnContextClassRef.setAuthnContextClassRef(AuthnContext.PASSWORD_AUTHN_CTX); authnContext.setAuthnContextClassRef(authnContextClassRef); authnStatement.setAuthnContext(authnContext); assertion.getAuthnStatements().add(authnStatement); }
public MultiValueMap<String, String> retrieveUserAttributes(SamlIdentityProviderDefinition definition, SAMLCredential credential) { logger.debug(String.format("Retrieving SAML user attributes [zone:%s, origin:%s]", definition.getZoneId(), definition.getIdpEntityAlias())); MultiValueMap<String, String> userAttributes = new LinkedMultiValueMap<>(); if (definition != null && definition.getAttributeMappings() != null) { for (Entry<String, Object> attributeMapping : definition.getAttributeMappings().entrySet()) { if (attributeMapping.getValue() instanceof String) { if (credential.getAttribute((String)attributeMapping.getValue()) != null) { String key = attributeMapping.getKey(); for (XMLObject xmlObject : credential.getAttribute((String) attributeMapping.getValue()).getAttributeValues()) { String value = getStringValue(key, definition, xmlObject); if (value!=null) { userAttributes.add(key, value); } } } } } } if (credential.getAuthenticationAssertion() != null && credential.getAuthenticationAssertion().getAuthnStatements() != null) { for (AuthnStatement statement : credential.getAuthenticationAssertion().getAuthnStatements()) { if (statement.getAuthnContext() != null && statement.getAuthnContext().getAuthnContextClassRef() != null) { userAttributes.add(AUTHENTICATION_CONTEXT_CLASS_REFERENCE, statement.getAuthnContext().getAuthnContextClassRef().getAuthnContextClassRef()); } } } return userAttributes; }
private String getAuthenticatingAuthority(final Assertion assertion) { final List<AuthnStatement> authnStatements = assertion.getAuthnStatements(); for (AuthnStatement as : authnStatements) { final List<AuthenticatingAuthority> authorities = as.getAuthnContext().getAuthenticatingAuthorities(); for (AuthenticatingAuthority aa : authorities) { if (StringUtils.isNotBlank(aa.getURI())) { return aa.getURI(); } } } return null; }
/** {@inheritDoc} */ protected void processChildElement(XMLObject parentObject, XMLObject childObject) throws UnmarshallingException { AuthnContext authnContext = (AuthnContext) parentObject; if (childObject instanceof AuthnContextClassRef) { authnContext.setAuthnContextClassRef((AuthnContextClassRef) childObject); } else if (childObject instanceof AuthnContextDecl) { authnContext.setAuthnContextDecl((AuthnContextDecl) childObject); } else if (childObject instanceof AuthnContextDeclRef) { authnContext.setAuthnContextDeclRef((AuthnContextDeclRef) childObject); } else if (childObject instanceof AuthenticatingAuthority) { authnContext.getAuthenticatingAuthorities().add((AuthenticatingAuthority) childObject); } else { super.processChildElement(parentObject, childObject); } } }
private static AuthnStatement buildAuthnStatement(DateTime authnInstant, String entityID) { AuthnContextClassRef authnContextClassRef = buildSAMLObject(AuthnContextClassRef.class, AuthnContextClassRef.DEFAULT_ELEMENT_NAME); authnContextClassRef.setAuthnContextClassRef(AuthnContext.PASSWORD_AUTHN_CTX); AuthenticatingAuthority authenticatingAuthority = buildSAMLObject(AuthenticatingAuthority.class, AuthenticatingAuthority.DEFAULT_ELEMENT_NAME); authenticatingAuthority.setURI(entityID); AuthnContext authnContext = buildSAMLObject(AuthnContext.class, AuthnContext.DEFAULT_ELEMENT_NAME); authnContext.setAuthnContextClassRef(authnContextClassRef); authnContext.getAuthenticatingAuthorities().add(authenticatingAuthority); AuthnStatement authnStatement = buildSAMLObject(AuthnStatement.class, AuthnStatement.DEFAULT_ELEMENT_NAME); authnStatement.setAuthnContext(authnContext); authnStatement.setAuthnInstant(authnInstant); return authnStatement; }
(authnStatement.getAuthnContext().getAuthnContextClassRef() != null)) { samlAuthnStatement.setAuthContextClassRef(authnStatement.getAuthnContext().getAuthnContextClassRef().getAuthnContextClassRef()); log.debug("Assertion.samlAuthnStatement.authContextClassRef = " + samlAuthnStatement.getAuthContextClassRef()); log.debug("authnContext has " + authnStatement.getAuthnContext().getAuthenticatingAuthorities().size() + " content entries. "); List<AuthenticatingAuthority> contents = authnStatement.getAuthnContext().getAuthenticatingAuthorities(); if ((contents != null) && (contents.size() > 0)) {
if (receivedContext.getAuthnContextClassRef() != null) { classRef = receivedContext.getAuthnContextClassRef().getAuthnContextClassRef(); if (receivedContext.getAuthnContextDeclRef() != null) { declRef = receivedContext.getAuthnContextDeclRef().getAuthnContextDeclRef();
@Override public AuthnContext build() { AuthnContext authnContext = new AuthnContextBuilder().buildObject(); authnContext.setAuthnContextClassRef(authnContextClassRef); return authnContext; } }
when(authenticationContext.getAuthnContextClassRef()).thenReturn(contextClassRef);
authContext.setAuthnContextClassRef(authCtxClassRef); authenticationStatement.setAuthnContext(authContext);
public AuthenticationStatement(Authentication authentication){ SAMLCredential credential = (SAMLCredential) authentication.getCredentials(); Assertion assertion = credential.getAuthenticationAssertion(); List<AuthnStatement> authnStatements = assertion.getAuthnStatements(); AuthnStatement authnStatement = authnStatements.get(0); SubjectLocality subjectLocalityValue = authnStatement.getSubjectLocality(); authenticationInstance = authnStatement.getAuthnInstant(); sessionValidity = authnStatement.getSessionNotOnOrAfter(); authenticationContextClass = authnStatement.getAuthnContext().getAuthnContextClassRef().getAuthnContextClassRef(); sessionIndex = authnStatement.getSessionIndex(); subjectLocality = subjectLocalityValue == null ? null : subjectLocalityValue.getAddress(); }
); AuthnContext authnContext = authnContextBuilder.buildObject(); authnContext.setAuthnContextClassRef(authnContextClassRef); authnStatement.setAuthnContext(authnContext);
.getAuthnContextClassRef(); if (null == authnContextClassRef) { throw new AssertionValidationException(
); AuthnContext authnContext = authnContextBuilder.buildObject(); authnContext.setAuthnContextClassRef(authnContextClassRef); authnStatement.setAuthnContext(authnContext);
authnContextClassRef.setAuthnContextClassRef("urn:oasis:names:tc:SAML:2.0:ac:classes:Password"); // TODO not sure exactly about this authnContext.setAuthnContextClassRef(authnContextClassRef); authnStatement.setAuthnContext(authnContext);
); AuthnContext authnContext = authnContextBuilder.buildObject(); authnContext.setAuthnContextClassRef(authnContextClassRef); authnStatement.setAuthnContext(authnContext);
authnContextClassRef.setAuthnContextClassRef(authenticationPolicy .getUri()); authnContext.setAuthnContextClassRef(authnContextClassRef);
AuthnContextClassRef authCtxClassRef = new AuthnContextClassRefBuilder().buildObject(); authCtxClassRef.setAuthnContextClassRef(AuthnContext.PASSWORD_AUTHN_CTX); authContext.setAuthnContextClassRef(authCtxClassRef); authStmt.setAuthnContext(authContext); assertion.getAuthnStatements().add(authStmt);
AuthnContextClassRef authCtxClassRef = new AuthnContextClassRefBuilder().buildObject(); authCtxClassRef.setAuthnContextClassRef(AuthnContext.PASSWORD_AUTHN_CTX); authContext.setAuthnContextClassRef(authCtxClassRef); authStmt.setAuthnContext(authContext); samlAssertion.getAuthnStatements().add(authStmt);
AuthnContextClassRef authCtxClassRef = new AuthnContextClassRefBuilder().buildObject(); authCtxClassRef.setAuthnContextClassRef(AuthnContext.PASSWORD_AUTHN_CTX); authContext.setAuthnContextClassRef(authCtxClassRef); authStmt.setAuthnContext(authContext); samlAssertion.getAuthnStatements().add(authStmt);