) throws WSSecurityException { if (samlAssertion.getSamlVersion().equals(SAMLVersion.VERSION_20) && samlAssertion.getSaml2().getConditions() != null && samlAssertion.getSaml2().getConditions().getOneTimeUse() != null && data.getSamlOneTimeUseReplayCache() != null) { String identifier = samlAssertion.getId(); DateTime expires = samlAssertion.getSaml2().getConditions().getNotOnOrAfter(); if (expires != null) { Date rightNow = new Date();
) throws WSSecurityException { if (samlAssertion.getSamlVersion().equals(SAMLVersion.VERSION_20) && samlAssertion.getSaml2().getConditions() != null && samlAssertion.getSaml2().getConditions().getOneTimeUse() != null && data.getSamlOneTimeUseReplayCache() != null) { String identifier = samlAssertion.getId(); DateTime expires = samlAssertion.getSaml2().getConditions().getNotOnOrAfter(); if (expires != null) { Date rightNow = new Date();
/** * Parse a SAML Assertion to obtain a SAMLKeyInfo object from * the Subject of the assertion * * @param assertion The SAML Assertion * @param data The RequestData instance used to obtain configuration * @param docInfo A WSDocInfo instance * @param bspCompliant Whether to process tokens in compliance with the BSP spec or not * @return a SAMLKeyInfo object * @throws WSSecurityException */ public static SAMLKeyInfo getCredentialFromSubject( AssertionWrapper assertion, RequestData data, WSDocInfo docInfo, boolean bspCompliant ) throws WSSecurityException { if (assertion.getSaml1() != null) { return getCredentialFromSubject(assertion.getSaml1(), data, docInfo, bspCompliant); } else { return getCredentialFromSubject(assertion.getSaml2(), data, docInfo, bspCompliant); } }
/** * Parse a SAML Assertion to obtain a SAMLKeyInfo object from * the Subject of the assertion * * @param assertion The SAML Assertion * @param data The RequestData instance used to obtain configuration * @param docInfo A WSDocInfo instance * @param bspCompliant Whether to process tokens in compliance with the BSP spec or not * @return a SAMLKeyInfo object * @throws WSSecurityException */ public static SAMLKeyInfo getCredentialFromSubject( AssertionWrapper assertion, RequestData data, WSDocInfo docInfo, boolean bspCompliant ) throws WSSecurityException { if (assertion.getSaml1() != null) { return getCredentialFromSubject(assertion.getSaml1(), data, docInfo, bspCompliant); } else { return getCredentialFromSubject(assertion.getSaml2(), data, docInfo, bspCompliant); } }
); if (assertion.getSaml2() != null && !WSConstants.WSS_SAML2_KI_VALUE_TYPE.equals(valueType)) { throw new WSSecurityException( ); if (assertion.getSaml2() != null && !WSConstants.WSS_SAML2_TOKEN_TYPE.equals(tokenType)) { throw new WSSecurityException( WSSecurityException.INVALID_SECURITY_TOKEN, if (assertion.getSaml2() != null && secRef.containsReference()) { String valueType = secRef.getReference().getValueType(); if (valueType != null && !"".equals(valueType)) {
&& assertion.getSaml2().getConditions() != null) { validFrom = assertion.getSaml2().getConditions().getNotBefore(); validTill = assertion.getSaml2().getConditions().getNotOnOrAfter(); issueInstant = assertion.getSaml2().getIssueInstant(); } else if (assertion.getSamlVersion().equals(SAMLVersion.VERSION_11) && assertion.getSaml1().getConditions() != null) {
&& assertion.getSaml2().getConditions() != null) { validFrom = assertion.getSaml2().getConditions().getNotBefore(); validTill = assertion.getSaml2().getConditions().getNotOnOrAfter(); issueInstant = assertion.getSaml2().getIssueInstant(); } else if (assertion.getSamlVersion().equals(SAMLVersion.VERSION_11) && assertion.getSaml1().getConditions() != null) {
); if (assertion.getSaml2() != null && !WSConstants.WSS_SAML2_KI_VALUE_TYPE.equals(valueType)) { throw new WSSecurityException( ); if (assertion.getSaml2() != null && !WSConstants.WSS_SAML2_TOKEN_TYPE.equals(tokenType)) { throw new WSSecurityException( WSSecurityException.INVALID_SECURITY_TOKEN, if (assertion.getSaml2() != null && secRef.containsReference()) { String valueType = secRef.getReference().getValueType(); if (valueType != null && !"".equals(valueType)) {
); } else if (assertion.getSaml2() != null) { ValidatorSuite schemaValidators = org.opensaml.Configuration.getValidatorSuite("saml2-core-schema-validator"); org.opensaml.Configuration.getValidatorSuite("saml2-core-spec-validator"); try { schemaValidators.validate(assertion.getSaml2()); specValidators.validate(assertion.getSaml2()); } catch (ValidationException e) { LOG.debug("Saml Validation error: " + e.getMessage(), e);
); } else if (assertion.getSaml2() != null) { ValidatorSuite schemaValidators = org.opensaml.Configuration.getValidatorSuite("saml2-core-schema-validator"); org.opensaml.Configuration.getValidatorSuite("saml2-core-spec-validator"); try { schemaValidators.validate(assertion.getSaml2()); specValidators.validate(assertion.getSaml2()); } catch (ValidationException e) { LOG.debug("Saml Validation error: " + e.getMessage(), e);
ref.setValueType(WSConstants.WSS_SAML_KI_VALUE_TYPE); secRefSaml.addTokenType(WSConstants.WSS_SAML_TOKEN_TYPE); } else if (assertion.getSaml2() != null) { secRefSaml.addTokenType(WSConstants.WSS_SAML2_TOKEN_TYPE); valueType = WSConstants.WSS_SAML_KI_VALUE_TYPE; secRefSaml.addTokenType(WSConstants.WSS_SAML_TOKEN_TYPE); } else if (assertion.getSaml2() != null) { valueType = WSConstants.WSS_SAML2_KI_VALUE_TYPE; secRefSaml.addTokenType(WSConstants.WSS_SAML2_TOKEN_TYPE); ref.setValueType(WSConstants.WSS_SAML_KI_VALUE_TYPE); secRef.addTokenType(WSConstants.WSS_SAML_TOKEN_TYPE); } else if (assertion.getSaml2() != null) { secRef.addTokenType(WSConstants.WSS_SAML2_TOKEN_TYPE); valueType = WSConstants.WSS_SAML_KI_VALUE_TYPE; secRef.addTokenType(WSConstants.WSS_SAML_TOKEN_TYPE); } else if (assertion.getSaml2() != null) { valueType = WSConstants.WSS_SAML2_KI_VALUE_TYPE; secRef.addTokenType(WSConstants.WSS_SAML2_TOKEN_TYPE);
ref.setValueType(WSConstants.WSS_SAML_KI_VALUE_TYPE); secRefSaml.addTokenType(WSConstants.WSS_SAML_TOKEN_TYPE); } else if (assertion.getSaml2() != null) { secRefSaml.addTokenType(WSConstants.WSS_SAML2_TOKEN_TYPE); valueType = WSConstants.WSS_SAML_KI_VALUE_TYPE; secRefSaml.addTokenType(WSConstants.WSS_SAML_TOKEN_TYPE); } else if (assertion.getSaml2() != null) { valueType = WSConstants.WSS_SAML2_KI_VALUE_TYPE; secRefSaml.addTokenType(WSConstants.WSS_SAML2_TOKEN_TYPE); ref.setValueType(WSConstants.WSS_SAML_KI_VALUE_TYPE); secRef.addTokenType(WSConstants.WSS_SAML_TOKEN_TYPE); } else if (assertion.getSaml2() != null) { secRef.addTokenType(WSConstants.WSS_SAML2_TOKEN_TYPE); valueType = WSConstants.WSS_SAML_KI_VALUE_TYPE; secRef.addTokenType(WSConstants.WSS_SAML_TOKEN_TYPE); } else if (assertion.getSaml2() != null) { valueType = WSConstants.WSS_SAML2_KI_VALUE_TYPE; secRef.addTokenType(WSConstants.WSS_SAML2_TOKEN_TYPE);
public SAMLTokenPrincipal(AssertionWrapper assertion) { this.assertion = assertion; if (assertion.getSamlVersion() == SAMLVersion.VERSION_20) { org.opensaml.saml2.core.Subject subject = assertion.getSaml2().getSubject(); if (subject != null && subject.getNameID() != null) { name = subject.getNameID().getValue();
public SAMLTokenPrincipal(AssertionWrapper assertion) { this.assertion = assertion; if (assertion.getSamlVersion() == SAMLVersion.VERSION_20) { org.opensaml.saml2.core.Subject subject = assertion.getSaml2().getSubject(); if (subject != null && subject.getNameID() != null) { name = subject.getNameID().getValue();