public MultiValueMap<String, String> retrieveUserAttributes(SamlIdentityProviderDefinition definition, SAMLCredential credential) { logger.debug(String.format("Retrieving SAML user attributes [zone:%s, origin:%s]", definition.getZoneId(), definition.getIdpEntityAlias())); MultiValueMap<String, String> userAttributes = new LinkedMultiValueMap<>(); if (definition != null && definition.getAttributeMappings() != null) { for (Entry<String, Object> attributeMapping : definition.getAttributeMappings().entrySet()) { if (attributeMapping.getValue() instanceof String) { if (credential.getAttribute((String)attributeMapping.getValue()) != null) { String key = attributeMapping.getKey(); for (XMLObject xmlObject : credential.getAttribute((String) attributeMapping.getValue()).getAttributeValues()) { String value = getStringValue(key, definition, xmlObject); if (value!=null) { userAttributes.add(key, value); } } } } } } if (credential.getAuthenticationAssertion() != null && credential.getAuthenticationAssertion().getAuthnStatements() != null) { for (AuthnStatement statement : credential.getAuthenticationAssertion().getAuthnStatements()) { if (statement.getAuthnContext() != null && statement.getAuthnContext().getAuthnContextClassRef() != null) { userAttributes.add(AUTHENTICATION_CONTEXT_CLASS_REFERENCE, statement.getAuthnContext().getAuthnContextClassRef().getAuthnContextClassRef()); } } } return userAttributes; }
when(authenticationContext.getAuthnContextClassRef()).thenReturn(contextClassRef);
if (receivedContext.getAuthnContextClassRef() != null) { classRef = receivedContext.getAuthnContextClassRef().getAuthnContextClassRef();
public AuthenticationStatement(Authentication authentication){ SAMLCredential credential = (SAMLCredential) authentication.getCredentials(); Assertion assertion = credential.getAuthenticationAssertion(); List<AuthnStatement> authnStatements = assertion.getAuthnStatements(); AuthnStatement authnStatement = authnStatements.get(0); SubjectLocality subjectLocalityValue = authnStatement.getSubjectLocality(); authenticationInstance = authnStatement.getAuthnInstant(); sessionValidity = authnStatement.getSessionNotOnOrAfter(); authenticationContextClass = authnStatement.getAuthnContext().getAuthnContextClassRef().getAuthnContextClassRef(); sessionIndex = authnStatement.getSessionIndex(); subjectLocality = subjectLocalityValue == null ? null : subjectLocalityValue.getAddress(); }
(authnStatement.getAuthnContext().getAuthnContextClassRef() != null)) { samlAuthnStatement.setAuthContextClassRef(authnStatement.getAuthnContext().getAuthnContextClassRef().getAuthnContextClassRef()); log.debug("Assertion.samlAuthnStatement.authContextClassRef = " + samlAuthnStatement.getAuthContextClassRef());
.getAuthnContextClassRef(); if (null == authnContextClassRef) { throw new AssertionValidationException(