本文整理汇总了Java中org.opensaml.saml2.core.Assertion类的典型用法代码示例。如果您正苦于以下问题:Java Assertion类的具体用法?Java Assertion怎么用?Java Assertion使用的例子?那么恭喜您, 这里精选的类代码示例或许可以为您提供帮助。
Assertion类属于org.opensaml.saml2.core包,在下文中一共展示了Assertion类的20个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于我们的系统推荐出更棒的Java代码示例。
示例1: buildResponse
import org.opensaml.saml2.core.Assertion; //导入依赖的package包/类
protected WebRequestSettings buildResponse(String status, int assuranceLevel) throws Exception {
Document document = TestHelper.parseBase64Encoded(Utils.getParameter("SAMLRequest", handler.url.toString()));
AuthnRequest ar = (AuthnRequest) Configuration.getUnmarshallerFactory().getUnmarshaller(document.getDocumentElement()).unmarshall(document.getDocumentElement());
Assertion assertion = TestHelper.buildAssertion(spMetadata.getDefaultAssertionConsumerService().getLocation(), spMetadata.getEntityID());
assertion.getAttributeStatements().get(0).getAttributes().clear();
assertion.getAttributeStatements().get(0).getAttributes().add(AttributeUtil.createAssuranceLevel(assuranceLevel));
Response r = TestHelper.buildResponse(assertion);
r.setStatus(SAMLUtil.createStatus(status));
r.setInResponseTo(ar.getID());
OIOResponse response = new OIOResponse(r);
response.sign(credential);
WebRequestSettings req = new WebRequestSettings(new URL(BASE + "/saml/SAMLAssertionConsumer"), SubmitMethod.POST);
req.setRequestParameters(Arrays.asList(
new NameValuePair("SAMLResponse", response.toBase64()),
new NameValuePair("RelayState", Utils.getParameter("RelayState", handler.url.toString()))));
return req;
}
开发者ID:amagdenko,项目名称:oiosaml.java,代码行数:22,代码来源:IntegrationTests.java
示例2: validateSubject
import org.opensaml.saml2.core.Assertion; //导入依赖的package包/类
/**
* Checks that the Subject element is present when required.
*
* @param assertion
* @throws ValidationException
*/
protected void validateSubject(Assertion assertion) throws ValidationException {
if ((assertion.getStatements() == null || assertion.getStatements().size() == 0)
&& (assertion.getAuthnStatements() == null || assertion.getAuthnStatements().size() == 0)
&& (assertion.getAttributeStatements() == null || assertion.getAttributeStatements().size() == 0)
&& (assertion.getAuthzDecisionStatements() == null || assertion.getAuthzDecisionStatements().size() == 0)
&& assertion.getSubject() == null) {
throw new ValidationException("Subject is required when Statements are absent");
}
if (assertion.getAuthnStatements().size() > 0 && assertion.getSubject() == null) {
throw new ValidationException("Assertions containing AuthnStatements require a Subject");
}
if (assertion.getAuthzDecisionStatements().size() > 0 && assertion.getSubject() == null) {
throw new ValidationException("Assertions containing AuthzDecisionStatements require a Subject");
}
if (assertion.getAttributeStatements().size() > 0 && assertion.getSubject() == null) {
throw new ValidationException("Assertions containing AttributeStatements require a Subject");
}
}
开发者ID:lamsfoundation,项目名称:lams,代码行数:26,代码来源:AssertionSpecValidator.java
示例3: processChildElement
import org.opensaml.saml2.core.Assertion; //导入依赖的package包/类
/** {@inheritDoc} */
protected void processChildElement(XMLObject parentObject, XMLObject childObject) throws UnmarshallingException {
Assertion assertion = (Assertion) parentObject;
if (childObject instanceof Issuer) {
assertion.setIssuer((Issuer) childObject);
} else if (childObject instanceof Signature) {
assertion.setSignature((Signature) childObject);
} else if (childObject instanceof Subject) {
assertion.setSubject((Subject) childObject);
} else if (childObject instanceof Conditions) {
assertion.setConditions((Conditions) childObject);
} else if (childObject instanceof Advice) {
assertion.setAdvice((Advice) childObject);
} else if (childObject instanceof Statement) {
assertion.getStatements().add((Statement) childObject);
} else {
super.processChildElement(parentObject, childObject);
}
}
开发者ID:lamsfoundation,项目名称:lams,代码行数:21,代码来源:AssertionUnmarshaller.java
示例4: processAttribute
import org.opensaml.saml2.core.Assertion; //导入依赖的package包/类
/** {@inheritDoc} */
protected void processAttribute(XMLObject samlObject, Attr attribute) throws UnmarshallingException {
Assertion assertion = (Assertion) samlObject;
if (attribute.getLocalName().equals(Assertion.VERSION_ATTRIB_NAME)) {
assertion.setVersion(SAMLVersion.valueOf(attribute.getValue()));
} else if (attribute.getLocalName().equals(Assertion.ISSUE_INSTANT_ATTRIB_NAME)
&& !DatatypeHelper.isEmpty(attribute.getValue())) {
assertion.setIssueInstant(new DateTime(attribute.getValue(), ISOChronology.getInstanceUTC()));
} else if (attribute.getLocalName().equals(Assertion.ID_ATTRIB_NAME)) {
assertion.setID(attribute.getValue());
attribute.getOwnerElement().setIdAttributeNode(attribute, true);
} else {
super.processAttribute(samlObject, attribute);
}
}
开发者ID:lamsfoundation,项目名称:lams,代码行数:17,代码来源:AssertionUnmarshaller.java
示例5: processChildElement
import org.opensaml.saml2.core.Assertion; //导入依赖的package包/类
/** {@inheritDoc} */
protected void processChildElement(XMLObject parentObject, XMLObject childObject) throws UnmarshallingException {
Evidence evidence = (Evidence) parentObject;
if (childObject instanceof AssertionIDRef) {
evidence.getAssertionIDReferences().add((AssertionIDRef) childObject);
} else if (childObject instanceof AssertionURIRef) {
evidence.getAssertionURIReferences().add((AssertionURIRef) childObject);
} else if (childObject instanceof Assertion) {
evidence.getAssertions().add((Assertion) childObject);
} else if (childObject instanceof EncryptedAssertion) {
evidence.getEncryptedAssertions().add((EncryptedAssertion) childObject);
} else {
super.processChildElement(parentObject, childObject);
}
}
开发者ID:lamsfoundation,项目名称:lams,代码行数:17,代码来源:EvidenceUnmarshaller.java
示例6: marshallAttributes
import org.opensaml.saml2.core.Assertion; //导入依赖的package包/类
/** {@inheritDoc} */
protected void marshallAttributes(XMLObject samlObject, Element domElement) throws MarshallingException {
Assertion assertion = (Assertion) samlObject;
if (assertion.getVersion() != null) {
domElement.setAttributeNS(null, Assertion.VERSION_ATTRIB_NAME, assertion.getVersion().toString());
}
if (assertion.getIssueInstant() != null) {
String issueInstantStr = Configuration.getSAMLDateFormatter().print(assertion.getIssueInstant());
domElement.setAttributeNS(null, Assertion.ISSUE_INSTANT_ATTRIB_NAME, issueInstantStr);
}
if (assertion.getID() != null) {
domElement.setAttributeNS(null, Assertion.ID_ATTRIB_NAME, assertion.getID());
domElement.setIdAttributeNS(null, Assertion.ID_ATTRIB_NAME, true);
}
}
开发者ID:lamsfoundation,项目名称:lams,代码行数:19,代码来源:AssertionMarshaller.java
示例7: validateAssertion
import org.opensaml.saml2.core.Assertion; //导入依赖的package包/类
private void validateAssertion(Response response) throws SamlException {
if (response.getAssertions().size() != 1) {
throw new SamlException("The response doesn't contain exactly 1 assertion");
}
Assertion assertion = response.getAssertions().get(0);
if (!assertion.getIssuer().getValue().equals(responseIssuer)) {
throw new SamlException("The assertion issuer didn't match the expected value");
}
if (assertion.getSubject().getNameID() == null) {
throw new SamlException(
"The NameID value is missing from the SAML response; this is likely an IDP configuration issue");
}
enforceConditions(assertion.getConditions());
}
开发者ID:coveo,项目名称:saml-client,代码行数:18,代码来源:SamlClient.java
示例8: createLogoutRequest
import org.opensaml.saml2.core.Assertion; //导入依赖的package包/类
@SuppressWarnings("unchecked")
public LogoutRequest createLogoutRequest(Response resp) {
LogoutRequest lr = ((SAMLObjectBuilder<LogoutRequest>)
_bf.getBuilder(LogoutRequest.DEFAULT_ELEMENT_NAME)).buildObject();
String uid = UUID.randomUUID().toString();
lr.setID(uid);
lr.setIssueInstant(new DateTime());
lr.setVersion(SAMLVersion.VERSION_20);
lr.setIssuer(getIssuer());
// Get NameID and SessionIndex from first assertion from
// Authentication Response object
Assertion asr = resp.getAssertions().get(0);
NameID nid = ((SAMLObjectBuilder<NameID>)
_bf.getBuilder(NameID.DEFAULT_ELEMENT_NAME)).buildObject();
nid.setValue(asr.getSubject().getNameID().getValue());
lr.setNameID(nid);
// Set session index(es)
List<AuthnStatement> ausl = asr.getAuthnStatements();
if (ausl != null) {
for (AuthnStatement aus :ausl) {
SessionIndex sindex = ((SAMLObjectBuilder<SessionIndex>)
_bf.getBuilder(SessionIndex.DEFAULT_ELEMENT_NAME)).buildObject();
sindex.setSessionIndex(aus.getSessionIndex());
lr.getSessionIndexes().add(sindex);
}
}
return lr;
}
开发者ID:osbitools,项目名称:OsBiToolsWs,代码行数:33,代码来源:SamlSecurityProvider.java
示例9: getAssertionStatements
import org.opensaml.saml2.core.Assertion; //导入依赖的package包/类
private Map<String, String> getAssertionStatements(Assertion assertion) {
Map<String, String> results = new HashMap<String, String>();
if (assertion != null && assertion.getAttributeStatements() != null) {
List<AttributeStatement> attributeStatementList = assertion.getAttributeStatements();
for (AttributeStatement statement : attributeStatementList) {
List<Attribute> attributesList = statement.getAttributes();
for (Attribute attribute : attributesList) {
List<String> valueList = new ArrayList<>();
for (XMLObject xmlObject : attribute.getAttributeValues()) {
valueList.add(xmlObject.getDOM().getTextContent());
}
String value = StringUtils.join(valueList, ",");
results.put(attribute.getName(), value);
}
}
}
return results;
}
开发者ID:wso2-extensions,项目名称:identity-agent-sso,代码行数:25,代码来源:SAML2SSOManager.java
示例10: validateSignature
import org.opensaml.saml2.core.Assertion; //导入依赖的package包/类
/**
* Validate the signature of a SAML2 Response and Assertion
*
* @param response SAML2 Response
* @return true, if signature is valid.
*/
protected void validateSignature(Response response, Assertion assertion) throws SSOAgentException {
if (SSOAgentDataHolder.getInstance().getSignatureValidator() != null) {
//Custom implemetation of signature validation
SAMLSignatureValidator signatureValidatorUtility = (SAMLSignatureValidator) SSOAgentDataHolder
.getInstance().getSignatureValidator();
signatureValidatorUtility.validateSignature(response, assertion, ssoAgentConfig);
} else {
//If custom implementation not found, Execute the default implementation
if (ssoAgentConfig.getSAML2().isResponseSigned()) {
if (response.getSignature() == null) {
throw new SSOAgentException("SAML2 Response signing is enabled, but signature element not found in SAML2 Response element");
} else {
validateSignature(response.getSignature());
}
}
if (ssoAgentConfig.getSAML2().isAssertionSigned()) {
if (assertion.getSignature() == null) {
throw new SSOAgentException("SAML2 Assertion signing is enabled, but signature element not found in SAML2 Assertion element");
} else {
validateSignature(assertion.getSignature());
}
}
}
}
开发者ID:wso2-extensions,项目名称:identity-agent-sso,代码行数:32,代码来源:SAML2SSOManager.java
示例11: validateAssertionValidityPeriod
import org.opensaml.saml2.core.Assertion; //导入依赖的package包/类
/**
* Validates the 'Not Before' and 'Not On Or After' conditions of the SAML Assertion
*
* @param assertion SAML Assertion element
* @throws SSOAgentException
*/
private void validateAssertionValidityPeriod(Assertion assertion) throws SSOAgentException {
if (assertion.getConditions() != null) {
int timeStampSkewInSeconds = ssoAgentConfig.getSAML2().getTimeStampSkewInSeconds();
DateTime validFrom = assertion.getConditions().getNotBefore();
DateTime validTill = assertion.getConditions().getNotOnOrAfter();
if (validFrom != null && validFrom.minusSeconds(timeStampSkewInSeconds).isAfterNow()) {
throw new SSOAgentException("Failed to meet SAML Assertion Condition 'Not Before'");
}
if (validTill != null && validTill.plusSeconds(timeStampSkewInSeconds).isBeforeNow()) {
throw new SSOAgentException("Failed to meet SAML Assertion Condition 'Not On Or After'");
}
if (validFrom != null && validTill != null && validFrom.isAfter(validTill)) {
throw new SSOAgentException(
"SAML Assertion Condition 'Not Before' must be less than the value of 'Not On Or After'");
}
}
}
开发者ID:wso2-extensions,项目名称:identity-agent-sso,代码行数:29,代码来源:SAML2SSOManager.java
示例12: readObject
import org.opensaml.saml2.core.Assertion; //导入依赖的package包/类
private void readObject(java.io.ObjectInputStream stream)
throws IOException, ClassNotFoundException, SSOAgentException {
subjectId = (String) stream.readObject();
responseString = (String) stream.readObject();
if (responseString != null && !EMPTY_STRING.equals(responseString)) {
response = (Response) SSOAgentUtils.unmarshall(responseString);
}
assertionString = (String) stream.readObject();
if (responseString != null && !EMPTY_STRING.equals(assertionString)) {
assertion = (Assertion) SSOAgentUtils.unmarshall(assertionString);
}
sessionIndex = (String) stream.readObject();
String accessTokenResponseBeanString = (String) stream.readObject();
if (!EMPTY_STRING.equals(accessTokenResponseBeanString)) {
accessTokenResponseBean = accessTokenResponseBean.deSerialize(accessTokenResponseBeanString);
} else {
accessTokenResponseBean = null;
}
subjectAttributes = (Map) stream.readObject();
}
开发者ID:wso2-extensions,项目名称:identity-agent-sso,代码行数:25,代码来源:LoggedInSessionBean.java
示例13: printAssertion
import org.opensaml.saml2.core.Assertion; //导入依赖的package包/类
public static void printAssertion(Assertion assertion) {
System.out.println("Attributes:");
if (assertion.getAttributeStatements().isEmpty()) {
System.out.println(" No attribute statement available in assertion");
}
else {
AttributeStatement as = assertion.getAttributeStatements().get(0);
for (Attribute attr : as.getAttributes()) {
System.out.println(" " + attr.getName());
}
}
// TODO
}
开发者ID:litsec,项目名称:eidas-opensaml,代码行数:17,代码来源:ParseAssertionExample.java
示例14: getCredential
import org.opensaml.saml2.core.Assertion; //导入依赖的package包/类
private static Assertion getCredential(Subject subject) {
for (Object o : subject.getPublicCredentials()) {
if (o instanceof XMLStreamReader) {
String xml = printCredential((XMLStreamReader) o);
try {
XMLObject obj = SAMLUtil.unmarshallElementFromString(xml);
if (obj instanceof Assertion) {
return (Assertion) obj;
}
} catch (Exception e) {
log.error("Unable to unmarshall subject: " + xml, e);
}
}
}
throw new RuntimeException("No assertion in principal");
}
开发者ID:amagdenko,项目名称:oiosaml.java,代码行数:17,代码来源:Provider.java
示例15: tokensCanBeReplacedWhenNotProtected
import org.opensaml.saml2.core.Assertion; //导入依赖的package包/类
@Test
public void tokensCanBeReplacedWhenNotProtected() throws Exception {
serviceClient.setToken(client.getToken());
serviceClient.setProtectTokens(false);
SOAPClientStub soapClient = new SOAPClientStub();
serviceClient.setSOAPClient(soapClient);
serviceClient.sendRequest(req, getProperty("endpoint"), getProperty("action"), null, null);
Element env = SAMLUtil.loadElementFromString(soapClient.xml);
NodeList nl = env.getElementsByTagNameNS(TrustConstants.WSSE_NS, "KeyIdentifier");
for (int i = 0; i < nl.getLength(); i++) {
Element item = (Element) nl.item(i);
item.setTextContent(token.getID());
}
Element a = (Element) env.getElementsByTagNameNS(Assertion.TYPE_NAME.getNamespaceURI(), "Assertion").item(0);
Node localToken = a.getOwnerDocument().adoptNode(token.getDOM());
a.getParentNode().replaceChild(localToken, a);
new HttpSOAPClient().wsCall(getProperty("endpoint"), null, null, true, XMLHelper.nodeToString(env), getProperty("action"));
}
开发者ID:amagdenko,项目名称:oiosaml.java,代码行数:23,代码来源:RequestTest.java
示例16: securityTokenReferenceCannotBeReplaced
import org.opensaml.saml2.core.Assertion; //导入依赖的package包/类
@Test(expected=SOAPException.class)
public void securityTokenReferenceCannotBeReplaced() throws Exception {
serviceClient.setToken(client.getToken(null));
serviceClient.setProtectTokens(true);
SOAPClientStub soapClient = new SOAPClientStub();
serviceClient.setSOAPClient(soapClient);
serviceClient.sendRequest(req, getProperty("endpoint"), getProperty("action"), null, null);
Element env = SAMLUtil.loadElementFromString(soapClient.xml);
NodeList nl = env.getElementsByTagNameNS(TrustConstants.WSSE_NS, "KeyIdentifier");
Element item = (Element) nl.item(nl.getLength() - 1);
item.setTextContent(token.getID());
Element a = (Element) env.getElementsByTagNameNS(Assertion.TYPE_NAME.getNamespaceURI(), "Assertion").item(0);
Node localToken = a.getOwnerDocument().adoptNode(token.getDOM());
a.getParentNode().insertBefore(localToken, a);
new HttpSOAPClient().wsCall(getProperty("endpoint"), null, null, true, XMLHelper.nodeToString(env), getProperty("action"));
}
开发者ID:amagdenko,项目名称:oiosaml.java,代码行数:21,代码来源:RequestTest.java
示例17: processChildElement
import org.opensaml.saml2.core.Assertion; //导入依赖的package包/类
@Override
protected void processChildElement(XMLObject parentXMLObject, XMLObject childXMLObject) throws UnmarshallingException
{
Token token = (Token) parentXMLObject;
if(childXMLObject instanceof Assertion)
{
token.setAssertion((Assertion)childXMLObject);
}
else if(childXMLObject instanceof EncryptedAssertion)
{
token.setEncryptedAssertion((EncryptedAssertion)childXMLObject);
}
else
{
token.getUnknownXMLObjects().add(childXMLObject);
}
}
开发者ID:amagdenko,项目名称:oiosaml.java,代码行数:19,代码来源:Token.java
示例18: sendRequestWithSenderVouchesToken
import org.opensaml.saml2.core.Assertion; //导入依赖的package包/类
@Test
public void sendRequestWithSenderVouchesToken() throws Exception {
ServiceClient client = this.client.getServiceClient();
client.setToken(assertion);
final StringValueHolder holder = new StringValueHolder();
context.checking(new Expectations() {{
one(soapClient).wsCall(with(equal(ADDRESS)), with(aNull(String.class)), with(aNull(String.class)), with(equal(true)), with(holder), with(equal("urn:action")));
will(new CustomAction("test") {
public Object invoke(Invocation invocation) throws Throwable {
return buildResponse(holder.getValue(), false);
}
});
}});
Assertion body = SAMLUtil.buildXMLObject(Assertion.class);
client.sendRequest(body, ADDRESS, "urn:action", null, null);
OIOSoapEnvelope env = new OIOSoapEnvelope((Envelope) SAMLUtil.unmarshallElementFromString(holder.getValue()));
assertFalse(env.isHolderOfKey());
assertTrue(env.isSigned());
Security sec = env.getHeaderElement(Security.class);
assertNotNull(sec);
assertNotNull(SAMLUtil.getFirstElement(sec, Assertion.class));
}
开发者ID:amagdenko,项目名称:oiosaml.java,代码行数:26,代码来源:TokenClientTest.java
示例19: buildAssertion
import org.opensaml.saml2.core.Assertion; //导入依赖的package包/类
public static Assertion buildAssertion(String recipient, String audience) {
Assertion assertion = SAMLUtil.buildXMLObject(Assertion.class);
assertion.setID(Utils.generateUUID());
assertion.setSubject(SAMLUtil.createSubject("joetest", recipient, new DateTime().plusHours(1)));
assertion.setIssueInstant(new DateTime());
assertion.setIssuer(SAMLUtil.createIssuer("idp1.test.oio.dk"));
assertion.setConditions(SAMLUtil.createAudienceCondition(audience));
assertion.getConditions().setNotOnOrAfter(new DateTime().plus(10000));
AuthnContext context = SAMLUtil.createAuthnContext("urn:oasis:names:tc:SAML:2.0:ac:classes:Password");
AuthnStatement authnStatement = SAMLUtil.buildXMLObject(AuthnStatement.class);
authnStatement.setAuthnContext(context);
authnStatement.setAuthnInstant(new DateTime());
authnStatement.setSessionIndex(Utils.generateUUID());
assertion.getAuthnStatements().add(authnStatement);
AttributeStatement as = SAMLUtil.buildXMLObject(AttributeStatement.class);
as.getAttributes().add(AttributeUtil.createAssuranceLevel(2));
assertion.getAttributeStatements().add(as);
return assertion;
}
开发者ID:amagdenko,项目名称:oiosaml.java,代码行数:24,代码来源:TestHelper.java
示例20: validate
import org.opensaml.saml2.core.Assertion; //导入依赖的package包/类
public void validate(OIOAssertion assertion, String spEntityId, String spAssertionConsumerURL) throws ValidationException {
super.validate(assertion, spEntityId, spAssertionConsumerURL);
Assertion a = assertion.getAssertion();
// There must be only be one AuthnStatement within the assertion
if (a.getAuthnStatements().size() != 1) {
throw new ValidationException("The assertion must contain exactly one AuthnStatement. Was " + a.getAuthnStatements().size());
}
// There must be exactly one AttributeStatement within the assertion
if (a.getAttributeStatements().size() != 1) {
throw new ValidationException("The assertion must contain exactly one AttributeStatement. Contains " + a.getAttributeStatements().size());
}
// There must not be a AuthzDecisionStatement within the assertion
if (a.getAuthzDecisionStatements().size() != 0) {
throw new ValidationException("The assertion must not contain a AuthzDecisionStatement. Contains " + a.getAuthzDecisionStatements().size());
}
}
开发者ID:amagdenko,项目名称:oiosaml.java,代码行数:20,代码来源:WSFedAssertionValidator.java
注:本文中的org.opensaml.saml2.core.Assertion类示例整理自Github/MSDocs等源码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。 |
客服电话
APP下载
官方微信
请发表评论