/** {@inheritDoc} */ protected void processChildElement(XMLObject parentObject, XMLObject childObject) throws UnmarshallingException { AttributeStatement attributeStatement = (AttributeStatement) parentObject; if (childObject instanceof Attribute) { attributeStatement.getAttributes().add((Attribute) childObject); } else if (childObject instanceof EncryptedAttribute) { attributeStatement.getEncryptedAttributes().add((EncryptedAttribute) childObject); } else { super.processChildElement(parentObject, childObject); } } }
private final static String USERNAME_ATTRIBUTE_NAME = "urn:oid:0.9.2342.19200300.100.1.3" private String getUsername(Assertion assertion) { for (AttributeStatement attributeStatement : assertion.getAttributeStatements()) { for (Attribute attribute : attributeStatement.getAttributes()) { if (USERNAME_ATTRIBUTE_NAME.equals(attribute.getName())) { List<XMLObject> attributeValues = attribute.getAttributeValues(); if (!attributeValues.isEmpty()) { return getAttributeValue(attributeValues.get(0)); } } } } throw new IllegalArgumentException("no username attribute found"); }
@Nullable private String findLoginNameFromAttributes(Response response) { if (Strings.isNullOrEmpty(attributeLoginName)) { return null; } return response.getAssertions() .stream() .flatMap(s -> s.getAttributeStatements().stream()) .flatMap(s -> s.getAttributes().stream()) .filter(attr -> attr.getName().equals(attributeLoginName)) .findFirst() .map(attr -> { final XMLObject v = attr.getAttributeValues().get(0); if (v instanceof XSString) { return ((XSString) v).getValue(); } else { return null; } }) .orElse(null); }
private Map<String, String> setSAMLDetails(org.opensaml.saml2.core.Response response2){ Map<String, String> samlDetailsMap = new HashMap<String, String>(); try { List<Assertion> assertions = response2.getAssertions(); LOGGER.error("No of assertions : "+assertions.size()); for(Assertion assertion:assertions){ List<AttributeStatement> attributeStatements = assertion.getAttributeStatements(); for(AttributeStatement attributeStatement: attributeStatements){ List<Attribute> attributes = attributeStatement.getAttributes(); for(Attribute attribute: attributes){ String name = attribute.getName(); List<XMLObject> attributes1 = attribute.getAttributeValues(); for(XMLObject xmlObject : attributes1){ if(xmlObject instanceof XSString){ samlDetailsMap.put(name, ((XSString) xmlObject).getValue()); LOGGER.error("Name is : "+name+" value is : "+((XSString) xmlObject).getValue()); }else if(xmlObject instanceof XSAnyImpl){ String value = ((XSAnyImpl) xmlObject).getTextContent(); samlDetailsMap.put(name, value); } } } } } } catch (Exception e) { LOGGER.error("Exception occurred while setting the saml details"); } LOGGER.error("Exiting from setSAMLDetails method"); return samlDetailsMap; }
protected String findClaimInAssertion(org.opensaml.saml.saml2.core.Assertion assertion, URI claimURI) { List<org.opensaml.saml.saml2.core.AttributeStatement> attributeStatements = assertion.getAttributeStatements(); if (attributeStatements == null || attributeStatements.isEmpty()) { return "Attribute " + claimURI + " not found in the SAMLAssertion"; } for (org.opensaml.saml.saml2.core.AttributeStatement statement : attributeStatements) { List<org.opensaml.saml.saml2.core.Attribute> attributes = statement.getAttributes(); for (org.opensaml.saml.saml2.core.Attribute attribute : attributes) { if (attribute.getName().equals(claimURI.toString()) && attribute.getAttributeValues() != null && !attribute.getAttributeValues().isEmpty()) { return null; } } } return "Attribute " + claimURI + " not found in the SAMLAssertion"; }
private boolean findClaimInAssertion(org.opensaml.saml.saml2.core.Assertion assertion, URI claimURI) { List<org.opensaml.saml.saml2.core.AttributeStatement> attributeStatements = assertion.getAttributeStatements(); if (attributeStatements == null || attributeStatements.isEmpty()) { return false; } for (org.opensaml.saml.saml2.core.AttributeStatement statement : attributeStatements) { List<org.opensaml.saml.saml2.core.Attribute> attributes = statement.getAttributes(); for (org.opensaml.saml.saml2.core.Attribute attribute : attributes) { if (attribute.getName().equals(claimURI.toString()) && attribute.getAttributeValues() != null && !attribute.getAttributeValues().isEmpty()) { return true; } } } return false; }
private boolean findClaimInAssertion(org.opensaml.saml.saml2.core.Assertion assertion, URI claimURI) { List<org.opensaml.saml.saml2.core.AttributeStatement> attributeStatements = assertion.getAttributeStatements(); if (attributeStatements == null || attributeStatements.isEmpty()) { return false; } for (org.opensaml.saml.saml2.core.AttributeStatement statement : attributeStatements) { List<org.opensaml.saml.saml2.core.Attribute> attributes = statement.getAttributes(); for (org.opensaml.saml.saml2.core.Attribute attribute : attributes) { if (attribute.getName().equals(claimURI.toString()) && attribute.getAttributeValues() != null && !attribute.getAttributeValues().isEmpty()) { return true; } } } return false; }
/** * Returns the SAML 2.0 Assertion Attribute Statement content. * * @param assertion the SAML Assertion whose content is to be returned * @return the SAML 2.0 Assertion Attribute Statement content of the SAML 2.0 Assertion specified */ public static Map<String, String> getAssertionStatements(Assertion assertion) { Map<String, String> results = new HashMap<>(); if ((assertion != null) && (assertion.getAttributeStatements() != null)) { Stream<AttributeStatement> attributeStatements = assertion.getAttributeStatements().stream(); attributeStatements. forEach(attributeStatement -> attributeStatement.getAttributes() .stream() .forEach(attribute -> { Optional<XMLObject> value = attribute.getAttributeValues() .stream() .findFirst(); if (value.isPresent()) { Optional.ofNullable(value.get().getDOM()) .ifPresent(dom -> { String attributeValue = dom.getTextContent(); results.put(attribute.getName(), attributeValue); }); } })); } return results; }
statement.getAttributes().addAll(encodedAttributes); return statement;
s.getAttributes().addAll(decrypteds);
for (final AttributeStatement statement : assertion.getAttributeStatements()) { final List<EncryptedAttribute> accumulator = new ArrayList<>(statement.getAttributes().size()); for (final Attribute attribute : statement.getAttributes()) { try { if (log.isDebugEnabled()) { statement.getAttributes().clear();
private String getRoleFromAssertion(SamlAssertionWrapper assertion) { Assertion saml2Assertion = assertion.getSaml2(); if (saml2Assertion == null) { return null; } List<AttributeStatement> attributeStatements = saml2Assertion.getAttributeStatements(); if (attributeStatements == null || attributeStatements.isEmpty()) { return null; } String nameFormat = "http://schemas.xmlsoap.org/ws/2005/05/identity/claims"; for (AttributeStatement statement : attributeStatements) { List<Attribute> attributes = statement.getAttributes(); for (Attribute attribute : attributes) { if ("role".equals(attribute.getName()) && nameFormat.equals(attribute.getNameFormat())) { Element attributeValueElement = attribute.getAttributeValues().get(0).getDOM(); return attributeValueElement.getTextContent(); } } } return null; }
/** * Add Liberty SSOS service Endpoint Reference (EPR) attribute to Assertion's AttributeStatement. * * @param requestContext the current request context * @param assertion the delegated assertion being issued */ private void addLibertySSOSEPRAttribute(@Nonnull final ProfileRequestContext requestContext, @Nonnull final Assertion assertion) { final Attribute attribute = (Attribute) XMLObjectSupport.buildXMLObject(Attribute.DEFAULT_ELEMENT_NAME); attribute.setName(LibertyConstants.SERVICE_TYPE_SSOS); attribute.setNameFormat(Attribute.URI_REFERENCE); attribute.getAttributeValues().add(buildLibertSSOSEPRAttributeValue(requestContext, assertion)); final List<AttributeStatement> attributeStatements = assertion.getAttributeStatements(); AttributeStatement attributeStatement = null; if (attributeStatements.isEmpty()) { attributeStatement = (AttributeStatement) XMLObjectSupport.buildXMLObject(AttributeStatement.DEFAULT_ELEMENT_NAME); assertion.getAttributeStatements().add(attributeStatement); } else { attributeStatement = attributeStatements.get(0); } attributeStatement.getAttributes().add(attribute); }
String yourXMLFragment = "..."; AttributeStatementBuilder attributeStatementBuilder = (AttributeStatementBuilder) builderFactory.getBuilder(AttributeStatement.DEFAULT_ELEMENT_NAME); AttributeStatement attributeStatement = attributeStatementBuilder.buildObject(); AttributeBuilder attributeBuilder = (AttributeBuilder) builderFactory.getBuilder(Attribute.DEFAULT_ELEMENT_NAME); Attribute attr = attributeBuilder.buildObject(); attr.setName("yourAttributeName"); XSAnyBuilder sb2 = (XSAnyBuilder) builderFactory.getBuilder(XSAny.TYPE_NAME); XSAny attrAny = sb2.buildObject(AttributeValue.DEFAULT_ELEMENT_NAME, XSAny.TYPE_NAME); attrAny.setTextContent(yourXMLFragment.trim()); attr.getAttributeValues().add(attrAny); attributeStatement.getAttributes().add(attr);
LOG.finest("parsing statement: " + statement.getElementQName()); List<org.opensaml.saml.saml2.core.Attribute> attributes = statement.getAttributes(); for (org.opensaml.saml.saml2.core.Attribute attribute : attributes) { if (LOG.isLoggable(Level.FINEST)) {
LOG.finest("parsing statement: " + statement.getElementQName()); List<org.opensaml.saml.saml2.core.Attribute> attributes = statement.getAttributes(); for (org.opensaml.saml.saml2.core.Attribute attribute : attributes) { if (LOG.isLoggable(Level.FINEST)) {
/** * This method is used to build Attribute Statement including user attributes * * @param claims List of requested claims * @return AttributeStatement set of attributes contain inside attribute statement * @throws IdentitySAML2QueryException If unable to filter attributes from Map */ public static AttributeStatement buildAttributeStatement(Map<String, String> claims) throws IdentitySAML2QueryException { AttributeStatement attStmt = null; if (claims != null) { attStmt = new AttributeStatementBuilder().buildObject(); Iterator<String> iterator = claims.keySet().iterator(); for (int i = 0; i < claims.size(); i++) { Attribute attrib = new AttributeBuilder().buildObject(); String claimUri = iterator.next(); attrib.setName(claimUri); XSStringBuilder stringBuilder = (XSStringBuilder) XMLObjectProviderRegistrySupport.getBuilderFactory() .getBuilder(XSString.TYPE_NAME); XSString stringValue = stringBuilder.buildObject(AttributeValue.DEFAULT_ELEMENT_NAME, XSString.TYPE_NAME); stringValue.setValue(claims.get(claimUri)); attrib.getAttributeValues().add(stringValue); attStmt.getAttributes().add(attrib); } } return attStmt; }
private void createAndSetStatement(SAMLCallback callback) { AuthenticationStatementBean authBean = new AuthenticationStatementBean(); authBean.setAuthenticationMethod("Password"); callback.setAuthenticationStatementData(Collections.singletonList(authBean)); if (attributeStatements != null && !attributeStatements.isEmpty()) { List<AttributeStatementBean> attrStatementBeans = new ArrayList<>(); for (AttributeStatement attrStatement : attributeStatements) { AttributeStatementBean attrStatementBean = new AttributeStatementBean(); List<AttributeBean> attrBeans = new ArrayList<>(); for (Attribute attribute : attrStatement.getAttributes()) { AttributeBean attributeBean = new AttributeBean(); attributeBean.setQualifiedName(attribute.getName()); attributeBean.setNameFormat(attribute.getNameFormat()); List<Object> attributeValues = new ArrayList<>(); for (XMLObject attrVal : attribute.getAttributeValues()) { attributeValues.add(attrVal.getDOM().getTextContent()); } attributeBean.setAttributeValues(attributeValues); attrBeans.add(attributeBean); } attrStatementBean.setSamlAttributes(attrBeans); attrStatementBeans.add(attrStatementBean); } callback.setAttributeStatementData(attrStatementBeans); } }
protected List<Attribute> getAttributes( List<AttributeStatement> attributeStatements, List<SimpleKey> localKeys ) { List<Attribute> result = new LinkedList<>(); for (AttributeStatement stmt : ofNullable(attributeStatements).orElse(emptyList())) { for (org.opensaml.saml.saml2.core.Attribute a : ofNullable(stmt.getAttributes()).orElse(emptyList())) { result.add( new Attribute() .setFriendlyName(a.getFriendlyName()) .setName(a.getName()) .setNameFormat(AttributeNameFormat.fromUrn(a.getNameFormat())) .setValues(getJavaValues(a.getAttributeValues())) ); } for (EncryptedAttribute encryptedAttribute : ofNullable(stmt.getEncryptedAttributes()).orElse(emptyList())) { org.opensaml.saml.saml2.core.Attribute a = (org.opensaml.saml.saml2.core.Attribute) decrypt (encryptedAttribute, localKeys); result.add( new Attribute() .setFriendlyName(a.getFriendlyName()) .setName(a.getName()) .setNameFormat(AttributeNameFormat.fromUrn(a.getNameFormat())) .setValues(getJavaValues(a.getAttributeValues())) ); } } return result; }
for (Attribute attribute : attributeStatement.getAttributes()) { if (!"attribute-role".equals(attribute.getName())) { continue;