Examples of AssertionWrapper

Examples of org.apache.ws.security.saml.ext.AssertionWrapper

245
246
247
248
249
250
251
252
253
254
255
256
        assertTrue(tokenString.contains(providerResponse.getTokenId()));
        assertTrue(tokenString.contains("AttributeStatement"));
        assertTrue(tokenString.contains("alice"));
        assertTrue(tokenString.contains(SAML2Constants.CONF_BEARER));
       
        AssertionWrapper assertion = new AssertionWrapper(token);
        List<Attribute> attributes = assertion.getSaml2().getAttributeStatements().get(0).getAttributes();
        assertEquals(attributes.size(), 1);
        assertEquals(attributes.get(0).getName(), CLAIM_STATIC_COMPANY.toString());
        XMLObject valueObj = attributes.get(0).getAttributeValues().get(0);
        assertEquals(valueObj.getDOM().getTextContent(), CLAIM_STATIC_COMPANY_VALUE);     
    }
View Full Code Here

Examples of org.apache.ws.security.saml.ext.AssertionWrapper

302
303
304
305
306
307
308
309
310
311
312
313
        assertTrue(tokenString.contains(providerResponse.getTokenId()));
        assertTrue(tokenString.contains("AttributeStatement"));
        assertTrue(tokenString.contains("alice"));
        assertTrue(tokenString.contains(SAML2Constants.CONF_BEARER));
       
        AssertionWrapper assertion = new AssertionWrapper(token);
        List<Attribute> attributes = assertion.getSaml2().getAttributeStatements().get(0).getAttributes();
        assertEquals(attributes.size(), 1);
        assertEquals(attributes.get(0).getName(), CLAIM_APPLICATION.toString());
        XMLObject valueObj = attributes.get(0).getAttributeValues().get(0);
        assertEquals(valueObj.getDOM().getTextContent(), CLAIM_APPLICATION_VALUE);     
    }
View Full Code Here

Examples of org.apache.ws.security.saml.ext.AssertionWrapper

160
161
162
163
164
165
166
167
168
169
170
        if (parameter instanceof UsernameTokenType) {
            parameterBean.setAttributeValues(
                Collections.singletonList(((UsernameTokenType)parameter).getUsername().getValue())
            );
        } else if (parameter instanceof Element) {
            AssertionWrapper wrapper = new AssertionWrapper((Element)parameter);
            SAMLTokenPrincipal principal = new SAMLTokenPrincipal(wrapper);
            parameterBean.setAttributeValues(Collections.singletonList(principal.getName()));
        }

        return parameterBean;
View Full Code Here

Examples of org.apache.ws.security.saml.ext.AssertionWrapper

123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
            TokenRequirements tokenRequirements = requestParser.getTokenRequirements();
            String tokenType = tokenRequirements.getTokenType();
           
           
            if (stsProperties.getSamlRealmCodec() != null) {
                AssertionWrapper assertion = fetchSAMLAssertionFromWSSecuritySAMLToken(context);
               
                if (assertion != null) {
                    String wssecRealm = stsProperties.getSamlRealmCodec().getRealmFromToken(assertion);
                    SAMLTokenPrincipal samlPrincipal = new SAMLTokenPrincipal(assertion);
                    if (LOG.isLoggable(Level.FINE)) {
                        LOG.fine("SAML token realm of user '" + samlPrincipal.getName() + "' is " + wssecRealm);
                    }
                   
                    ReceivedToken wssecToken = new ReceivedToken(assertion.getElement());
                    wssecToken.setState(STATE.VALID);
                    TokenValidatorResponse tokenResponse = new TokenValidatorResponse();
                    tokenResponse.setPrincipal(samlPrincipal);
                    tokenResponse.setToken(wssecToken);
                    tokenResponse.setTokenRealm(wssecRealm);
View Full Code Here

Examples of org.apache.ws.security.saml.ext.AssertionWrapper

243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
                                       STSException.BAD_REQUEST);
            }
           
            // Get the claims of the received token (only SAML supported)
            // Consider refactoring to use a CallbackHandler and keep ClaimsManager token independent
            AssertionWrapper assertion =
                (AssertionWrapper)parameters.getAdditionalProperties().get(AssertionWrapper.class.getName());
            List<Claim> claimList = null;
            if (assertion.getSamlVersion().equals(SAMLVersion.VERSION_20)) {
                claimList = this.parseClaimsInAssertion(assertion.getSaml2());
            } else {
                claimList = this.parseClaimsInAssertion(assertion.getSaml1());
            }
            ClaimCollection sourceClaims = new ClaimCollection();
            sourceClaims.addAll(claimList);
           
            ClaimCollection targetClaims = claimsMapper.mapClaims(relationship.getSourceRealm(),
View Full Code Here

Examples of org.apache.ws.security.saml.ext.AssertionWrapper

119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
            computedKey = keyHandler.isComputedKey();
        }
       
        try {
            Document doc = DOMUtils.createDocument();
            AssertionWrapper assertion = createSamlToken(tokenParameters, secret, doc);
            Element token = assertion.toDOM(doc);
           
            // set the token in cache
            if (tokenParameters.getTokenStore() != null) {
                Date expires = new Date();
                long currentTime = expires.getTime();
                expires.setTime(currentTime + (conditionsProvider.getLifetime() * 1000L));
               
                SecurityToken securityToken = new SecurityToken(assertion.getId(), null, expires);
                securityToken.setToken(token);
                securityToken.setPrincipal(tokenParameters.getPrincipal());
                int hash = 0;
                byte[] signatureValue = assertion.getSignatureValue();
                if (signatureValue != null && signatureValue.length > 0) {
                    hash = Arrays.hashCode(signatureValue);
                    securityToken.setAssociatedHash(hash);
                }
                if (tokenParameters.getRealm() != null) {
                    Properties props = securityToken.getProperties();
                    if (props == null) {
                        props = new Properties();
                    }
                    props.setProperty(STSConstants.TOKEN_REALM, tokenParameters.getRealm());
                    securityToken.setProperties(props);
                }
                int ttl = (int)conditionsProvider.getLifetime();
                tokenParameters.getTokenStore().add(securityToken, ttl);
            }
           
            TokenProviderResponse response = new TokenProviderResponse();
            response.setToken(token);
            String tokenType = tokenRequirements.getTokenType();
            if (WSConstants.WSS_SAML2_TOKEN_TYPE.equals(tokenType)
                || WSConstants.SAML2_NS.equals(tokenType)) {
                response.setTokenId(token.getAttributeNS(null, "ID"));
            } else {
                response.setTokenId(token.getAttributeNS(null, "AssertionID"));
            }
           
            DateTime validFrom = null;
            DateTime validTill = null;
            long lifetime = 0;
            if (assertion.getSamlVersion().equals(SAMLVersion.VERSION_20)) {
                validFrom = assertion.getSaml2().getConditions().getNotBefore();
                validTill = assertion.getSaml2().getConditions().getNotOnOrAfter();
                lifetime = validTill.getMillis() - validFrom.getMillis();
            } else {
                validFrom = assertion.getSaml1().getConditions().getNotBefore();
                validTill = assertion.getSaml1().getConditions().getNotOnOrAfter();
                lifetime = validTill.getMillis() - validFrom.getMillis();
            }
            response.setLifetime(lifetime / 1000);
           
            response.setEntropy(entropyBytes);
View Full Code Here

Examples of org.apache.ws.security.saml.ext.AssertionWrapper

305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
       
        SamlCallbackHandler handler = createCallbackHandler(tokenParameters, secret, samlRealm, doc);
       
        SAMLParms samlParms = new SAMLParms();
        samlParms.setCallbackHandler(handler);
        AssertionWrapper assertion = new AssertionWrapper(samlParms);
       
        if (signToken) {
            STSPropertiesMBean stsProperties = tokenParameters.getStsProperties();
           
            // Initialise signature objects with defaults of STSPropertiesMBean
            Crypto signatureCrypto = stsProperties.getSignatureCrypto();
            CallbackHandler callbackHandler = stsProperties.getCallbackHandler();
            SignatureProperties signatureProperties = stsProperties.getSignatureProperties();
            String alias = stsProperties.getSignatureUsername();
           
            if (samlRealm != null) {
                // If SignatureCrypto configured in realm then
                // callbackhandler and alias of STSPropertiesMBean is ignored
                if (samlRealm.getSignatureCrypto() != null) {
                    LOG.fine("SAMLRealm signature keystore used");
                    signatureCrypto = samlRealm.getSignatureCrypto();
                    callbackHandler = samlRealm.getCallbackHandler();
                    alias = samlRealm.getSignatureAlias();
                }
                // SignatureProperties can be defined independently of SignatureCrypto
                if (samlRealm.getSignatureProperties() != null) {
                    signatureProperties = samlRealm.getSignatureProperties();
                }
            }
           
            // Get the signature algorithm to use
            String signatureAlgorithm = tokenParameters.getKeyRequirements().getSignatureAlgorithm();
            if (signatureAlgorithm == null) {
                // If none then default to what is configured
                signatureAlgorithm = signatureProperties.getSignatureAlgorithm();
            } else {
                List<String> supportedAlgorithms =
                    signatureProperties.getAcceptedSignatureAlgorithms();
                if (!supportedAlgorithms.contains(signatureAlgorithm)) {
                    signatureAlgorithm = signatureProperties.getSignatureAlgorithm();
                    LOG.fine("SignatureAlgorithm not supported, defaulting to: " + signatureAlgorithm);
                }
            }
           
            // Get the c14n algorithm to use
            String c14nAlgorithm = tokenParameters.getKeyRequirements().getC14nAlgorithm();
            if (c14nAlgorithm == null) {
                // If none then default to what is configured
                c14nAlgorithm = signatureProperties.getC14nAlgorithm();
            } else {
                List<String> supportedAlgorithms =
                    signatureProperties.getAcceptedC14nAlgorithms();
                if (!supportedAlgorithms.contains(c14nAlgorithm)) {
                    c14nAlgorithm = signatureProperties.getC14nAlgorithm();
                    LOG.fine("C14nAlgorithm not supported, defaulting to: " + c14nAlgorithm);
                }
            }
           
            // If alias not defined, get the default of the SignatureCrypto
            if ((alias == null || "".equals(alias)) && (signatureCrypto != null)) {
                alias = signatureCrypto.getDefaultX509Identifier();
                LOG.fine("Signature alias is null so using default alias: " + alias);
            }
            // Get the password
            WSPasswordCallback[] cb = {new WSPasswordCallback(alias, WSPasswordCallback.SIGNATURE)};
            LOG.fine("Creating SAML Token");
            callbackHandler.handle(cb);
            String password = cb[0].getPassword();
   
            LOG.fine("Signing SAML Token");
            boolean useKeyValue = signatureProperties.isUseKeyValue();
            assertion.signAssertion(
                alias, password, signatureCrypto, useKeyValue, c14nAlgorithm, signatureAlgorithm
            );
        }
       
        return assertion;
View Full Code Here

Examples of org.apache.ws.security.saml.ext.AssertionWrapper

106
107
108
109
110
111
112
113
114
115
116
117
118
                if (includeToken(token.getInclusion())) {
                    //Add the token
                    addEncryptedKeyElement(cloneElement(secTok.getToken()));
                }
            } else if (token instanceof SamlToken) {
                AssertionWrapper assertionWrapper = addSamlToken((SamlToken)token);
                if (assertionWrapper != null) {
                    addSupportingElement(assertionWrapper.toDOM(saaj.getSOAPPart()));
                }
            } else {
                //REVISIT - not supported for signed.  Exception?
            }
        }
View Full Code Here

Examples of org.apache.ws.security.saml.ext.AssertionWrapper

286
287
288
289
290
291
292
293
294
295
296
297
            addSig(doIssuedTokenSignature(token, wrapper));
        } else if (token instanceof X509Token
            || token instanceof KeyValueToken) {
            addSig(doX509TokenSignature(token, wrapper));
        } else if (token instanceof SamlToken) {
            AssertionWrapper assertionWrapper = addSamlToken((SamlToken)token);
            assertionWrapper.toDOM(saaj.getSOAPPart());
            storeAssertionAsSecurityToken(assertionWrapper);
            addSig(doIssuedTokenSignature(token, wrapper));
        } else if (token instanceof UsernameToken) {
            // Create a UsernameToken object for derived keys and store the security token
            WSSecUsernameToken usernameToken = addDKUsernameToken((UsernameToken)token, true);
View Full Code Here

Examples of org.apache.ws.security.saml.ext.AssertionWrapper

410
411
412
413
414
415
416
417
418
419
420
421
422
                if (foundCert.equals(cert)) {
                    return token;
                }
            } else if (actInt.intValue() == WSConstants.ST_SIGNED
                || actInt.intValue() == WSConstants.ST_UNSIGNED) {
                AssertionWrapper assertionWrapper =
                    (AssertionWrapper)token.get(WSSecurityEngineResult.TAG_SAML_ASSERTION);
                SAMLKeyInfo samlKeyInfo = assertionWrapper.getSubjectKeyInfo();
                if (samlKeyInfo != null) {
                    X509Certificate[] subjectCerts = samlKeyInfo.getCerts();
                    PublicKey subjectPublicKey = samlKeyInfo.getPublicKey();
                    if ((cert != null && subjectCerts != null
                        && cert.equals(subjectCerts[0]))
View Full Code Here
TOP
Copyright © 2018 www.massapi.com. All rights reserved.
All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.