/** * Create a default attribute */ private AttributeBean createDefaultAttribute(String tokenType) { AttributeBean attributeBean = new AttributeBean(); if (WSS4JConstants.WSS_SAML_TOKEN_TYPE.equals(tokenType) || WSS4JConstants.SAML_NS.equals(tokenType)) { attributeBean.setSimpleName("token-requestor"); attributeBean.setQualifiedName("http://cxf.apache.org/sts"); } else { attributeBean.setQualifiedName("token-requestor"); attributeBean.setNameFormat("http://cxf.apache.org/sts"); } attributeBean.addAttributeValue("authenticated"); return attributeBean; }
public AttributeStatementBean handleClaims(JsonMapObject claims) { if (claims != null) { String role = claims.getStringProperty("role"); if (role != null) { AttributeStatementBean attrBean = new AttributeStatementBean(); AttributeBean attributeBean = new AttributeBean(); attributeBean.setQualifiedName(ROLE.toString()); attributeBean.setNameFormat(nameFormat); List<Object> attributes = new ArrayList<>(); attributes.add(role); attributeBean.setAttributeValues(attributes); attrBean.setSamlAttributes(Collections.singletonList(attributeBean)); return attrBean; } } return null; }
/** * Create a default attribute */ private AttributeBean createDefaultAttribute(String tokenType) { AttributeBean attributeBean = new AttributeBean(); if (WSS4JConstants.WSS_SAML_TOKEN_TYPE.equals(tokenType) || WSS4JConstants.SAML_NS.equals(tokenType)) { attributeBean.setSimpleName("token-requestor"); attributeBean.setQualifiedName("http://cxf.apache.org/sts"); } else { attributeBean.setQualifiedName("token-requestor"); attributeBean.setNameFormat("http://cxf.apache.org/sts"); } attributeBean.addAttributeValue("authenticated"); return attributeBean; }
private AttributeBean createAttributeBean(AttributeKey attributeKey, List<Object> claimValues) { AttributeBean attributeBean = new AttributeBean(attributeKey.getSimpleName(), attributeKey.getQualifiedName(), claimValues); attributeBean.setNameFormat(attributeKey.getNameFormat()); return attributeBean; }
private AttributeBean createAttributeBean(AttributeKey attributeKey, List<Object> claimValues) { AttributeBean attributeBean = new AttributeBean(attributeKey.getSimpleName(), attributeKey.getQualifiedName(), claimValues); attributeBean.setNameFormat(attributeKey.getNameFormat()); return attributeBean; }
if (saml2) { attributeBean.setQualifiedName(claimType); attributeBean.setNameFormat(nameFormat); } else { String uri = claimType;
if (saml2) { attributeBean.setQualifiedName(claimType); attributeBean.setNameFormat(nameFormat); } else { String uri = claimType;
private void createAndSetStatement(SAMLCallback callback) { AuthenticationStatementBean authBean = new AuthenticationStatementBean(); authBean.setAuthenticationMethod("Password"); callback.setAuthenticationStatementData(Collections.singletonList(authBean)); if (attributeStatements != null && !attributeStatements.isEmpty()) { List<AttributeStatementBean> attrStatementBeans = new ArrayList<>(); for (AttributeStatement attrStatement : attributeStatements) { AttributeStatementBean attrStatementBean = new AttributeStatementBean(); List<AttributeBean> attrBeans = new ArrayList<>(); for (Attribute attribute : attrStatement.getAttributes()) { AttributeBean attributeBean = new AttributeBean(); attributeBean.setQualifiedName(attribute.getName()); attributeBean.setNameFormat(attribute.getNameFormat()); List<Object> attributeValues = new ArrayList<>(); for (XMLObject attrVal : attribute.getAttributeValues()) { attributeValues.add(attrVal.getDOM().getTextContent()); } attributeBean.setAttributeValues(attributeValues); attrBeans.add(attributeBean); } attrStatementBean.setSamlAttributes(attrBeans); attrStatementBeans.add(attrStatementBean); } callback.setAttributeStatementData(attrStatementBeans); } }
public AttributeStatementBean getStatement(TokenProviderParameters providerParameters) { Principal principal = null; if (providerParameters.getTokenRequirements().getValidateTarget() != null) { ReceivedToken receivedToken = providerParameters.getTokenRequirements().getValidateTarget(); if (receivedToken.getState().equals(STATE.VALID)) { principal = receivedToken.getPrincipal(); } } else { principal = providerParameters.getPrincipal(); } String role = "authenticated-user"; if (principal.getName().contains("CN=Carl Client")) { role = "doubleit-user"; } AttributeBean attributeBean = new AttributeBean(); String tokenType = providerParameters.getTokenRequirements().getTokenType(); if (WSConstants.WSS_SAML2_TOKEN_TYPE.equals(tokenType) || WSConstants.SAML2_NS.equals(tokenType)) { attributeBean.setQualifiedName("role"); attributeBean.setNameFormat("http://schemas.xmlsoap.org/ws/2005/05/identity/claims"); } else { attributeBean.setSimpleName("role"); attributeBean.setQualifiedName("http://schemas.xmlsoap.org/ws/2005/05/identity/claims"); } attributeBean.setAttributeValues(Collections.singletonList((Object)role)); AttributeStatementBean attributeStatementBean = new AttributeStatementBean(); attributeStatementBean.setSamlAttributes(Collections.singletonList(attributeBean)); return attributeStatementBean; }
attributeBean.setNameFormat(SAML2Constants.ATTRNAME_FORMAT_UNSPECIFIED); if (saml2) { attributeBean.setQualifiedName(ROLE_URI); attributeBean.setNameFormat(SAML2Constants.ATTRNAME_FORMAT_UNSPECIFIED); } else { String uri = ROLE_URI.toString();
} else { parameterBean.setQualifiedName(claimType); parameterBean.setNameFormat("http://cxf.apache.org/sts");
} else { parameterBean.setQualifiedName(claimType); parameterBean.setNameFormat("http://cxf.apache.org/sts");
roleClaim.setSimpleName("subject-role"); roleClaim.setQualifiedName(SAMLClaim.SAML_ROLE_ATTRIBUTENAME_DEFAULT); roleClaim.setNameFormat(SAML2Constants.ATTRNAME_FORMAT_UNSPECIFIED); roleClaim.setAttributeValues(new ArrayList<>(roles)); claims.add(roleClaim); authClaim.setSimpleName("http://claims/authentication"); authClaim.setQualifiedName("http://claims/authentication"); authClaim.setNameFormat("http://claims/authentication-format"); authClaim.setAttributeValues(new ArrayList<>(authMethods)); claims.add(authClaim);
roleClaim.setSimpleName("subject-role"); roleClaim.setQualifiedName(SAMLClaim.SAML_ROLE_ATTRIBUTENAME_DEFAULT); roleClaim.setNameFormat(SAML2Constants.ATTRNAME_FORMAT_UNSPECIFIED); roleClaim.setAttributeValues(new ArrayList<>(roles)); claims.add(roleClaim); authClaim.setSimpleName("http://claims/authentication"); authClaim.setQualifiedName("http://claims/authentication"); authClaim.setNameFormat("http://claims/authentication-format"); authClaim.setAttributeValues(new ArrayList<>(authMethods)); claims.add(authClaim);