public AuthnRequest buildIdpInitiatedAuthnRequest(String nameIDFormat, String spEntityID, String assertionUrl) { @SuppressWarnings("unchecked") SAMLObjectBuilder<AuthnRequest> builder = (SAMLObjectBuilder<AuthnRequest>) builderFactory .getBuilder(AuthnRequest.DEFAULT_ELEMENT_NAME); AuthnRequest request = builder.buildObject(); request.setVersion(SAMLVersion.VERSION_20); request.setID(generateID()); request.setIssuer(getIssuer(spEntityID)); request.setVersion(SAMLVersion.VERSION_20); request.setIssueInstant(new DateTime()); request.setID(null); request.setAssertionConsumerServiceURL(assertionUrl); if (null != nameIDFormat) { NameID nameID = ((SAMLObjectBuilder<NameID>) builderFactory.getBuilder(NameID.DEFAULT_ELEMENT_NAME)).buildObject(); nameID.setFormat(nameIDFormat); Subject subject = ((SAMLObjectBuilder<Subject>) builderFactory.getBuilder(Subject.DEFAULT_ELEMENT_NAME)).buildObject(); subject.setNameID(nameID); request.setSubject(subject); } return request; }
public AuthnRequest mockAuthnRequest(String nameIDFormat) { @SuppressWarnings("unchecked") SAMLObjectBuilder<AuthnRequest> builder = (SAMLObjectBuilder<AuthnRequest>) builderFactory .getBuilder(AuthnRequest.DEFAULT_ELEMENT_NAME); AuthnRequest request = builder.buildObject(); request.setVersion(SAMLVersion.VERSION_20); request.setID(generateID()); request.setIssuer(getIssuer(SP_ENTITY_ID)); request.setVersion(SAMLVersion.VERSION_20); request.setIssueInstant(new DateTime()); if (null != nameIDFormat) { NameID nameID = ((SAMLObjectBuilder<NameID>) builderFactory.getBuilder(NameID.DEFAULT_ELEMENT_NAME)) .buildObject(); nameID.setFormat(nameIDFormat); Subject subject = ((SAMLObjectBuilder<Subject>) builderFactory.getBuilder(Subject.DEFAULT_ELEMENT_NAME)) .buildObject(); subject.setNameID(nameID); request.setSubject(subject); } return request; }
assertion.getIssuer().setValue(issuerEntityId); assertion.getSubject().getNameID().setValue(username); assertion.getSubject().getNameID().setFormat(format); assertion.getSubject().getSubjectConfirmations().get(0).getSubjectConfirmationData().setInResponseTo(null); assertion.getSubject().getSubjectConfirmations().get(0).getSubjectConfirmationData().setNotOnOrAfter(until);
nameID.setFormat(nameIDFormat); subject.setNameID(nameID);
/** * Create named identifier. * @param principalName Name of the subject. * @param format Format of the subject, whether it is an email, uid etc ... * @return The NamedIdentifier object. * @throws org.apache.rahas.TrustException If unable to find the builder. */ public static NameID createNamedIdentifier(String principalName, String format) throws TrustException{ NameID nameId = (NameID)CommonUtil.buildXMLObject(NameID.DEFAULT_ELEMENT_NAME); nameId.setValue(principalName); nameId.setFormat(format); return nameId; }
@Override public NameID build() { NameID nameId = new NameIDBuilder().buildObject(); nameId.setFormat(format); nameId.setNameQualifier(nameQualifier); nameId.setValue(value); return nameId; } }
/** * Create a NameID model * One of the following formats MUST be used: * urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified * urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress * urn:oasis:names:tc:SAML:1.1:nameid-format:X509SubjectName * urn:oasis:names:tc:SAML:1.1:nameid-format:WindowsDomainQualifiedName * urn:oasis:names:tc:SAML:2.0:nameid-format:kerberos * urn:oasis:names:tc:SAML:2.0:nameid-format:entity * urn:oasis:names:tc:SAML:2.0:nameid-format:persistent * urn:oasis:names:tc:SAML:2.0:nameid-format:transient * * @param subject A SubjectBean instance * @return NameID */ @SuppressWarnings("unchecked") public static NameID createNameID(SubjectBean subject) { if (nameIdBuilder == null) { nameIdBuilder = (SAMLObjectBuilder<NameID>) builderFactory.getBuilder(NameID.DEFAULT_ELEMENT_NAME); } NameID nameID = nameIdBuilder.buildObject(); //nameID.setNameQualifier(subject.getSubjectNameQualifier()); nameID.setFormat(SamlConstants.NAMEID_FORMAT_X509_SUBJECT_NAME); nameID.setValue(subject.getSubjectName()); return nameID; } /**
public static LogoutRequest buildLogoutRequest(String issuerName, Session session) { String subject = session.getAuthenticationContext().getSubject(); String sessionIndexString = (String) session.getAttribute(SESSION_ATTRIBUTE_SAML_SESSION_INDEX); if(log.isDebugEnabled()){ log.debug(String.format("{%s} - Building logout request for subject : '%s' & sessionIndex : '%s'", session.getUuid(), subject, sessionIndexString)); } LogoutRequest logoutRequest = new LogoutRequestBuilder().buildObject(); logoutRequest.setID(UUID.randomUUID().toString()); logoutRequest.setDestination(GatewayUtils.getIDPUrl()); DateTime issueInstant = new DateTime(); logoutRequest.setIssueInstant(issueInstant); logoutRequest.setNotOnOrAfter(new DateTime(issueInstant.getMillis() + 5 * 60 * 1000)); IssuerBuilder issuerBuilder = new IssuerBuilder(); Issuer issuer = issuerBuilder.buildObject(); issuer.setValue(issuerName); logoutRequest.setIssuer(issuer); NameID nameId = new NameIDBuilder().buildObject(); nameId.setFormat("urn:oasis:names:tc:SAML:2.0:nameid-format:entity"); nameId.setValue(subject); logoutRequest.setNameID(nameId); SessionIndex sessionIndex = new SessionIndexBuilder().buildObject(); sessionIndex.setSessionIndex(sessionIndexString); logoutRequest.getSessionIndexes().add(sessionIndex); logoutRequest.setReason("Single Logout"); return logoutRequest; }
/** {@inheritDoc} */ public NameID encode(BaseAttribute attribute) throws AttributeEncodingException { if (attribute.getValues() != null) { for (final Object value : attribute.getValues()) { // Check for null, empty, or solely whitespace. But don't trim the value encoded. final String valueStr = value.toString(); if (DatatypeHelper.safeTrimOrNullString(valueStr) != null) { NameID nameId = nameIdBuilder.buildObject(); nameId.setValue(valueStr); if (nameFormat != null) { nameId.setFormat(nameFormat); } if (nameQualifier != null) { nameId.setNameQualifier(nameQualifier); } return nameId; } } } throw new AttributeEncodingException(attribute.getId() + " attribute does not contain any non-empty values to encode"); }
private static Subject buildSubject(String subjectNameId, String subjectNameIdType, String recipient, String inResponseTo) { NameID nameID = buildSAMLObject(NameID.class, NameID.DEFAULT_ELEMENT_NAME); nameID.setValue(subjectNameId); nameID.setFormat(subjectNameIdType); Subject subject = buildSAMLObject(Subject.class, Subject.DEFAULT_ELEMENT_NAME); subject.setNameID(nameID); SubjectConfirmation subjectConfirmation = buildSAMLObject(SubjectConfirmation.class, SubjectConfirmation.DEFAULT_ELEMENT_NAME); subjectConfirmation.setMethod(SubjectConfirmation.METHOD_BEARER); SubjectConfirmationData subjectConfirmationData = buildSAMLObject(SubjectConfirmationData.class, SubjectConfirmationData.DEFAULT_ELEMENT_NAME); subjectConfirmationData.setRecipient(recipient); subjectConfirmationData.setInResponseTo(inResponseTo); subjectConfirmationData.setNotOnOrAfter(new DateTime().plusMinutes(8 * 60)); subjectConfirmationData.setAddress(recipient); subjectConfirmation.setSubjectConfirmationData(subjectConfirmationData); subject.getSubjectConfirmations().add(subjectConfirmation); return subject; }
/** * Create a NameID object * One of the following formats MUST be used: * urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified * urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress * urn:oasis:names:tc:SAML:1.1:nameid-format:X509SubjectName * urn:oasis:names:tc:SAML:1.1:nameid-format:WindowsDomainQualifiedName * urn:oasis:names:tc:SAML:2.0:nameid-format:kerberos * urn:oasis:names:tc:SAML:2.0:nameid-format:entity * urn:oasis:names:tc:SAML:2.0:nameid-format:persistent * urn:oasis:names:tc:SAML:2.0:nameid-format:transient * * @param subject A SubjectBean instance * @return NameID */ @SuppressWarnings("unchecked") public static NameID createNameID(SubjectBean subject) { if (nameIdBuilder == null) { nameIdBuilder = (SAMLObjectBuilder<NameID>) builderFactory.getBuilder(NameID.DEFAULT_ELEMENT_NAME); } NameID nameID = nameIdBuilder.buildObject(); nameID.setNameQualifier(subject.getSubjectNameQualifier()); nameID.setFormat(subject.getSubjectNameIDFormat()); nameID.setValue(subject.getSubjectName()); return nameID; }
/** * Create a NameID object * One of the following formats MUST be used: * urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified * urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress * urn:oasis:names:tc:SAML:1.1:nameid-format:X509SubjectName * urn:oasis:names:tc:SAML:1.1:nameid-format:WindowsDomainQualifiedName * urn:oasis:names:tc:SAML:2.0:nameid-format:kerberos * urn:oasis:names:tc:SAML:2.0:nameid-format:entity * urn:oasis:names:tc:SAML:2.0:nameid-format:persistent * urn:oasis:names:tc:SAML:2.0:nameid-format:transient * * @param subject A SubjectBean instance * @return NameID */ @SuppressWarnings("unchecked") public static NameID createNameID(SubjectBean subject) { if (nameIdBuilder == null) { nameIdBuilder = (SAMLObjectBuilder<NameID>) builderFactory.getBuilder(NameID.DEFAULT_ELEMENT_NAME); } NameID nameID = nameIdBuilder.buildObject(); nameID.setNameQualifier(subject.getSubjectNameQualifier()); nameID.setFormat(subject.getSubjectNameIDFormat()); nameID.setValue(subject.getSubjectName()); return nameID; }
protected LogoutRequest buildLogoutRequest(String user, String sessionIdx) throws SSOAgentException { LogoutRequest logoutReq = new LogoutRequestBuilder().buildObject(); logoutReq.setID(SSOAgentUtils.createID()); logoutReq.setDestination(ssoAgentConfig.getSAML2().getIdPURL()); DateTime issueInstant = new DateTime(); logoutReq.setIssueInstant(issueInstant); logoutReq.setNotOnOrAfter(new DateTime(issueInstant.getMillis() + 5 * 60 * 1000)); IssuerBuilder issuerBuilder = new IssuerBuilder(); Issuer issuer = issuerBuilder.buildObject(); issuer.setValue(ssoAgentConfig.getSAML2().getSPEntityId()); logoutReq.setIssuer(issuer); NameID nameId = new NameIDBuilder().buildObject(); nameId.setFormat("urn:oasis:names:tc:SAML:2.0:nameid-format:entity"); nameId.setValue(user); logoutReq.setNameID(nameId); SessionIndex sessionIndex = new SessionIndexBuilder().buildObject(); sessionIndex.setSessionIndex(sessionIdx); logoutReq.getSessionIndexes().add(sessionIndex); logoutReq.setReason("Single Logout"); return logoutReq; }
NameID nameId = new NameIDBuilder().buildObject(); nameId.setValue(subjectName); nameId.setFormat(NameIdentifier.EMAIL); subject.setNameID(nameId); authnRequest.setSubject(subject);
nameId.setFormat(SSOConstants.SAML2_NAME_ID_POLICY); nameId.setValue(subject); logoutReq.setNameID(nameId);
nameId.setFormat(SAML2SSOAuthenticatorConstants.SAML2_NAME_ID_POLICY_TRANSIENT); nameId.setValue(subject); logoutReq.setNameID(nameId);
protected LogoutRequest buildLogoutRequest(String user, String sessionIdx) throws SSOAgentException { LogoutRequest logoutReq = new LogoutRequestBuilder().buildObject(); logoutReq.setID(SSOAgentUtils.createID()); logoutReq.setDestination(ssoAgentConfig.getSAML2().getIdPURL()); DateTime issueInstant = new DateTime(); logoutReq.setIssueInstant(issueInstant); logoutReq.setNotOnOrAfter(new DateTime(issueInstant.getMillis() + 5 * 60 * 1000)); IssuerBuilder issuerBuilder = new IssuerBuilder(); Issuer issuer = issuerBuilder.buildObject(); issuer.setValue(ssoAgentConfig.getSAML2().getSPEntityId()); logoutReq.setIssuer(issuer); NameID nameId = new NameIDBuilder().buildObject(); nameId.setFormat("urn:oasis:names:tc:SAML:2.0:nameid-format:entity"); nameId.setValue(user); logoutReq.setNameID(nameId); SessionIndex sessionIndex = new SessionIndexBuilder().buildObject(); sessionIndex.setSessionIndex(sessionIdx); logoutReq.getSessionIndexes().add(sessionIndex); logoutReq.setReason("Single Logout"); return logoutReq; }
nameId.setFormat(SAML2SSOAuthenticatorConstants.SAML2_NAME_ID_POLICY_TRANSIENT); nameId.setValue(subject); logoutReq.setNameID(nameId);
/** * Builds a name ID. The provided value is the textual content of the NameID. The * NameQualifier and SPNameQualifier are set according to the configuration, or * to the local and requesting entityIDs respectively. * * @param nameIdValue value of the NameID * @param resolutionContext current resolution context * * @return the constructed NameID */ protected NameID buildNameId(String nameIdValue, ShibbolethResolutionContext resolutionContext) { NameID nameId = nameIdBuilder.buildObject(); nameId.setValue(nameIdValue); if (nameIdFormat != null) { nameId.setFormat(nameIdFormat); } if (nameIdQualifier != null) { nameId.setNameQualifier(nameIdQualifier); } else { nameId.setNameQualifier(resolutionContext.getAttributeRequestContext().getLocalEntityId()); } if (nameIdSPQualifier != null) { nameId.setSPNameQualifier(nameIdSPQualifier); } else { nameId.setSPNameQualifier(resolutionContext.getAttributeRequestContext().getInboundMessageIssuer()); } return nameId; }
nameID.setFormat(credential.getNameID().getFormat()); nameID.setNameQualifier(credential.getNameID().getNameQualifier()); nameID.setSPNameQualifier(credential.getNameID().getSPNameQualifier());