/** {@inheritDoc} */ protected void processAttribute(XMLObject samlObject, Attr attribute) throws UnmarshallingException { Assertion assertion = (Assertion) samlObject; if (Assertion.ID_ATTRIB_NAME.equals(attribute.getLocalName())) { assertion.setID(attribute.getValue()); } else if (Assertion.ISSUER_ATTRIB_NAME.equals(attribute.getLocalName())) { assertion.setIssuer(attribute.getValue()); } else if (Assertion.ISSUEINSTANT_ATTRIB_NAME.equals(attribute.getLocalName()) && !DatatypeHelper.isEmpty(attribute.getValue())) { assertion.setIssueInstant(new DateTime(attribute.getValue(), ISOChronology.getInstanceUTC())); } else if (Assertion.MINORVERSION_ATTRIB_NAME.equals(attribute.getLocalName())) { if (attribute.getValue().equals("0")) { assertion.setVersion(SAMLVersion.VERSION_10); } else { assertion.setVersion(SAMLVersion.VERSION_11); } } else { super.processAttribute(samlObject, attribute); } }
/** * Method getId returns the id of this AssertionWrapper object. * * @return the id (type String) of this AssertionWrapper object. */ public String getId() { String id = null; if (saml2 != null) { id = saml2.getID(); } else if (saml1 != null) { id = saml1.getID(); } else { LOG.error("AssertionWrapper: unable to return ID - no saml assertion object"); } if (id == null || id.length() == 0) { LOG.error("AssertionWrapper: ID was null, seeting a new ID value"); id = "_" + UUIDGenerator.getUUID(); if (saml2 != null) { saml2.setID(id); } else if (saml1 != null) { saml1.setID(id); } } return id; }
/** * Method getId returns the id of this AssertionWrapper object. * * @return the id (type String) of this AssertionWrapper object. */ public String getId() { String id = null; if (saml2 != null) { id = saml2.getID(); } else if (saml1 != null) { id = saml1.getID(); } else { LOG.error("AssertionWrapper: unable to return ID - no saml assertion object"); } if (id == null || id.length() == 0) { LOG.error("AssertionWrapper: ID was null, seeting a new ID value"); id = "_" + UUIDGenerator.getUUID(); if (saml2 != null) { saml2.setID(id); } else if (saml1 != null) { saml1.setID(id); } } return id; }
/** * Create a new SAML 1.1 assertion * * @param issuer of type String * @return A SAML 1.1 assertion */ @SuppressWarnings("unchecked") public static Assertion createSamlv1Assertion(String issuer) { if (assertionV1Builder == null) { assertionV1Builder = (SAMLObjectBuilder<Assertion>) builderFactory.getBuilder(Assertion.DEFAULT_ELEMENT_NAME); if (assertionV1Builder == null) { throw new IllegalStateException( "OpenSaml engine not initialized. Please make sure to initialize the OpenSaml " + "engine prior using it" ); } } Assertion assertion = assertionV1Builder.buildObject( Assertion.DEFAULT_ELEMENT_NAME, Assertion.TYPE_NAME ); assertion.setVersion(SAMLVersion.VERSION_11); assertion.setIssuer(issuer); assertion.setIssueInstant(new DateTime()); // now assertion.setID("_" + UUIDGenerator.getUUID()); return assertion; }
/** * Create a new SAML 1.1 assertion * * @param issuer of type String * @return A SAML 1.1 assertion */ @SuppressWarnings("unchecked") public static Assertion createSamlv1Assertion(String issuer) { if (assertionV1Builder == null) { assertionV1Builder = (SAMLObjectBuilder<Assertion>) builderFactory.getBuilder(Assertion.DEFAULT_ELEMENT_NAME); if (assertionV1Builder == null) { throw new IllegalStateException( "OpenSaml engine not initialized. Please make sure to initialize the OpenSaml " + "engine prior using it" ); } } Assertion assertion = assertionV1Builder.buildObject( Assertion.DEFAULT_ELEMENT_NAME, Assertion.TYPE_NAME ); assertion.setVersion(SAMLVersion.VERSION_11); assertion.setIssuer(issuer); assertion.setIssueInstant(new DateTime()); // now assertion.setID("_" + UUIDGenerator.getUUID()); return assertion; }
@Override public void createSAMLAssertion(DateTime notAfter, DateTime notBefore, String assertionId) throws IdentityProviderException { assertion = (Assertion) buildXMLObject(Assertion.DEFAULT_ELEMENT_NAME); Conditions conditions = (Conditions) buildXMLObject(Conditions.DEFAULT_ELEMENT_NAME); conditions.setNotBefore(notBefore); conditions.setNotOnOrAfter(notAfter); ServerConfiguration config = ServerConfiguration.getInstance(); String host = "http://" + config.getFirstProperty("HostName"); assertion.setIssuer(host); assertion.setIssueInstant(new DateTime()); if (appilesTo != null) { Audience audience = (Audience) buildXMLObject(Audience.DEFAULT_ELEMENT_NAME); audience.setUri(appilesTo); AudienceRestrictionCondition audienceRestrictions = (AudienceRestrictionCondition) buildXMLObject(AudienceRestrictionCondition.DEFAULT_ELEMENT_NAME); audienceRestrictions.getAudiences().add(audience); conditions.getAudienceRestrictionConditions().add(audienceRestrictions); } assertion.setConditions(conditions); assertion.getAttributeStatements().add(this.attributeStmt); assertion.setID(assertionId); }
assertion.setConditions(SAMLUtils.createConditions(notBefore, notOnOrAfter)); assertion.getStatements().addAll(statements); assertion.setID(UIDGenerator.generateUID()); assertion.setIssueInstant(new DateTime()); return assertion;
@Override public void createSAMLAssertion(DateTime notAfter, DateTime notBefore, String assertionId) throws IdentityProviderException { assertion = (Assertion) buildXMLObject(Assertion.DEFAULT_ELEMENT_NAME); Conditions conditions = (Conditions) buildXMLObject(Conditions.DEFAULT_ELEMENT_NAME); conditions.setNotBefore(notBefore); conditions.setNotOnOrAfter(notAfter); ServerConfiguration config = ServerConfiguration.getInstance(); String host = "http://" + config.getFirstProperty("HostName"); assertion.setIssuer(host); assertion.setIssueInstant(new DateTime()); if (appilesTo != null) { Audience audience = (Audience) buildXMLObject(Audience.DEFAULT_ELEMENT_NAME); audience.setUri(appilesTo); AudienceRestrictionCondition audienceRestrictions = (AudienceRestrictionCondition) buildXMLObject(AudienceRestrictionCondition.DEFAULT_ELEMENT_NAME); audienceRestrictions.getAudiences().add(audience); conditions.getAudienceRestrictionConditions().add(audienceRestrictions); } assertion.setConditions(conditions); assertion.getAttributeStatements().add(this.attributeStmt); assertion.setID(assertionId); }
@Override protected void prepareResponse(final Response response, final Map<String, Object> model) { final Authentication authentication = getAssertionFrom(model).getChainedAuthentications().get(0); final DateTime issuedAt = response.getIssueInstant(); final Service service = getAssertionFrom(model).getService(); final Object o = authentication.getAttributes().get(RememberMeCredentials.AUTHENTICATION_ATTRIBUTE_REMEMBER_ME); final boolean isRemembered = o == Boolean.TRUE && !getAssertionFrom(model).isFromNewLogin(); // Build up the SAML assertion containing AuthenticationStatement and AttributeStatement final Assertion assertion = newSamlObject(Assertion.class); assertion.setID(generateId()); assertion.setIssueInstant(issuedAt); assertion.setIssuer(this.issuer); assertion.setConditions(newConditions(issuedAt, service.getId())); final AuthenticationStatement authnStatement = newAuthenticationStatement(authentication); assertion.getAuthenticationStatements().add(authnStatement); final Map<String, Object> attributes = authentication.getPrincipal().getAttributes(); if (!attributes.isEmpty() || isRemembered) { assertion.getAttributeStatements().add( newAttributeStatement(newSubject(authentication.getPrincipal().getId()), attributes, isRemembered)); } response.setStatus(newStatus(StatusCode.SUCCESS, null)); response.getAssertions().add(assertion); }