conditions.setNotOnOrAfter(DateTime.now().plusMinutes(1));
/** {@inheritDoc} */ protected void processAttribute(XMLObject samlObject, Attr attribute) throws UnmarshallingException { Conditions conditions = (Conditions) samlObject; if (attribute.getLocalName().equals(Conditions.NOT_BEFORE_ATTRIB_NAME) && !Strings.isNullOrEmpty(attribute.getValue())) { conditions.setNotBefore(new DateTime(attribute.getValue(), ISOChronology.getInstanceUTC())); } else if (attribute.getLocalName().equals(Conditions.NOT_ON_OR_AFTER_ATTRIB_NAME) && !Strings.isNullOrEmpty(attribute.getValue())) { conditions.setNotOnOrAfter(new DateTime(attribute.getValue(), ISOChronology.getInstanceUTC())); } else { super.processAttribute(samlObject, attribute); } } }
/** {@inheritDoc} */ @Override protected void doExecute(@Nonnull final ProfileRequestContext profileRequestContext) { final Long lifetime = assertionLifetimeStrategy != null ? assertionLifetimeStrategy.apply(profileRequestContext) : null; if (lifetime == null) { log.debug("{} No assertion lifetime supplied, using default", getLogPrefix()); } if (response instanceof org.opensaml.saml.saml1.core.Response) { for (final org.opensaml.saml.saml1.core.Assertion assertion : ((org.opensaml.saml.saml1.core.Response) response).getAssertions()) { final DateTime expiration = new DateTime(assertion.getIssueInstant()).plus( lifetime != null ? lifetime : defaultAssertionLifetime); log.debug("{} Added NotOnOrAfter condition, indicating an expiration of {}, to Assertion {}", new Object[] {getLogPrefix(), expiration, assertion.getID()}); SAML1ActionSupport.addConditionsToAssertion(this, assertion).setNotOnOrAfter(expiration); } } else if (response instanceof org.opensaml.saml.saml2.core.Response) { for (final org.opensaml.saml.saml2.core.Assertion assertion : ((org.opensaml.saml.saml2.core.Response) response).getAssertions()) { final DateTime expiration = new DateTime(assertion.getIssueInstant()).plus( lifetime != null ? lifetime : defaultAssertionLifetime); log.debug("{} Added NotOnOrAfter condition, indicating an expiration of {}, to Assertion {}", new Object[] {getLogPrefix(), expiration, assertion.getID()}); SAML2ActionSupport.addConditionsToAssertion(this, assertion).setNotOnOrAfter(expiration); } } }
/** * New conditions element. * * @param notBefore the not before * @param notOnOrAfter the not on or after * @param audienceUri the service id * @return the conditions */ public Conditions newConditions(final DateTime notBefore, final DateTime notOnOrAfter, final String audienceUri) { final Conditions conditions = newSamlObject(Conditions.class); conditions.setNotBefore(notBefore); conditions.setNotOnOrAfter(notOnOrAfter); final AudienceRestriction audienceRestriction = newSamlObject(AudienceRestriction.class); final Audience audience = newSamlObject(Audience.class); audience.setAudienceURI(audienceUri); audienceRestriction.getAudiences().add(audience); conditions.getAudienceRestrictions().add(audienceRestriction); return conditions; }
DateTime newNotBefore = new DateTime(); conditions.setNotBefore(newNotBefore); conditions.setNotOnOrAfter(newNotBefore.plusMinutes(5)); return conditions; conditions.setNotOnOrAfter(notAfter); } else { DateTime newNotBefore = new DateTime(); new DateTime(newNotBefore.getMillis() + tokenPeriodSeconds * 1000L); conditions.setNotOnOrAfter(notOnOrAfter);
conditions.setNotOnOrAfter(notOnOrAfter); conditions.getAudienceRestrictions().add(audienceRestriction); samlAssertion.setConditions(conditions);
conditions.setNotOnOrAfter(notOnOrAfter); conditions.getAudienceRestrictions().add(audienceRestriction); samlAssertion.setConditions(conditions);
buildSAMLObject(org.opensaml.saml.saml2.core.Conditions.class); conditions.setNotBefore(request.getConditions().getNotBefore()); conditions.setNotOnOrAfter(request.getConditions().getNotOnOrAfter()); a.setConditions(conditions);