Examples of ConditionsType

Examples of org.picketlink.identity.federation.saml.v2.assertion.ConditionsType

274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
     */
    public static boolean hasExpired(AssertionType assertion) throws ConfigurationException {
        boolean expiry = false;

        // Check for validity of assertion
        ConditionsType conditionsType = assertion.getConditions();
        if (conditionsType != null) {
            XMLGregorianCalendar now = XMLTimeUtil.getIssueInstant();
            XMLGregorianCalendar notBefore = conditionsType.getNotBefore();
            XMLGregorianCalendar notOnOrAfter = conditionsType.getNotOnOrAfter();

            logger.trace("Now=" + now.toXMLFormat() + " ::notBefore=" + notBefore.toXMLFormat() + " ::notOnOrAfter=" + notOnOrAfter);
           
            expiry = !XMLTimeUtil.isValid(now, notBefore, notOnOrAfter);
           
View Full Code Here

Examples of org.picketlink.identity.federation.saml.v2.assertion.ConditionsType

306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
     */
    public static boolean hasExpired(AssertionType assertion, long clockSkewInMilis) throws ConfigurationException {
        boolean expiry = false;

        // Check for validity of assertion
        ConditionsType conditionsType = assertion.getConditions();
        if (conditionsType != null) {
            XMLGregorianCalendar now = XMLTimeUtil.getIssueInstant();
            XMLGregorianCalendar notBefore = conditionsType.getNotBefore();
            XMLGregorianCalendar updatedNotBefore = XMLTimeUtil.subtract(notBefore, clockSkewInMilis);
            XMLGregorianCalendar notOnOrAfter = conditionsType.getNotOnOrAfter();
            XMLGregorianCalendar updatedOnOrAfter = XMLTimeUtil.add(notOnOrAfter, clockSkewInMilis);

            logger.trace("Now=" + now.toXMLFormat() + " ::notBefore=" + notBefore.toXMLFormat() + " ::notOnOrAfter=" + notOnOrAfter);
            expiry = !XMLTimeUtil.isValid(now, updatedNotBefore, updatedOnOrAfter);
            if (expiry) {
View Full Code Here

Examples of org.picketlink.identity.federation.saml.v2.assertion.ConditionsType

396
397
398
399
400
401
402
403
404
405
406
     * @return
     */
    public static XMLGregorianCalendar getExpiration(AssertionType assertion) {
        XMLGregorianCalendar expiry = null;

        ConditionsType conditionsType = assertion.getConditions();
        if (conditionsType != null) {
            expiry = conditionsType.getNotOnOrAfter();
        }
        return expiry;
    }
View Full Code Here

Examples of org.picketlink.identity.federation.saml.v2.assertion.ConditionsType

141
142
143
144
145
146
147
148
149
150
151
        Lifetime lifetime = context.getRequestSecurityToken().getLifetime();
        AudienceRestrictionType restriction = null;
        AppliesTo appliesTo = context.getRequestSecurityToken().getAppliesTo();
        if (appliesTo != null)
            restriction = SAMLAssertionFactory.createAudienceRestriction(WSTrustUtil.parseAppliesTo(appliesTo));
        ConditionsType conditions = SAMLAssertionFactory.createConditions(lifetime.getCreated(), lifetime.getExpires(),
                restriction);

        // the assertion principal (default is caller principal)
        Principal principal = context.getCallerPrincipal();
View Full Code Here

Examples of org.picketlink.identity.federation.saml.v2.assertion.ConditionsType

246
247
248
249
250
251
252
253
254
255
256
257
258
        // canceled assertions cannot be renewed.
        if (this.revocationRegistry.isRevoked(SAMLUtil.SAML2_TOKEN_TYPE, oldAssertion.getID()))
            throw logger.samlAssertionRevokedCouldNotRenew(oldAssertion.getID());

        // adjust the lifetime for the renewed assertion.
        ConditionsType conditions = oldAssertion.getConditions();
        conditions.setNotBefore(context.getRequestSecurityToken().getLifetime().getCreated());
        conditions.setNotOnOrAfter(context.getRequestSecurityToken().getLifetime().getExpires());

        // create a new unique ID for the renewed assertion.
        String assertionID = IDGenerator.create("ID_");

        List<StatementAbstractType> statements = new ArrayList<StatementAbstractType>();
View Full Code Here

Examples of org.picketlink.identity.federation.saml.v2.assertion.ConditionsType

96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
        SubjectType subject = assertion.getSubject();
        if (subject != null) {
            write(subject);
        }

        ConditionsType conditions = assertion.getConditions();
        if (conditions != null) {
            StaxUtil.writeStartElement(writer, ASSERTION_PREFIX, JBossSAMLConstants.CONDITIONS.get(), ASSERTION_NSURI.get());

            StaxUtil.writeAttribute(writer, JBossSAMLConstants.NOT_BEFORE.get(), conditions.getNotBefore().toString());
            StaxUtil.writeAttribute(writer, JBossSAMLConstants.NOT_ON_OR_AFTER.get(), conditions.getNotOnOrAfter().toString());

            List<ConditionAbstractType> typeOfConditions = conditions.getConditions();
            if (typeOfConditions != null) {
                for (ConditionAbstractType typeCondition : typeOfConditions) {
                    if (typeCondition instanceof AudienceRestrictionType) {
                        AudienceRestrictionType art = (AudienceRestrictionType) typeCondition;
                        StaxUtil.writeStartElement(writer, ASSERTION_PREFIX, JBossSAMLConstants.AUDIENCE_RESTRICTION.get(),
View Full Code Here

Examples of org.picketlink.identity.federation.saml.v2.assertion.ConditionsType

131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
        StandardSecurityToken securityToken = (StandardSecurityToken) context.getSecurityToken();
        assertEquals("Unexpected token id", securityToken.getTokenID(), assertion.getID());
        assertEquals("Unexpected token issuer", "PicketLinkSTS", assertion.getIssuer().getValue());

        // check the contents of the assertion conditions.
        ConditionsType conditions = assertion.getConditions();
        assertNotNull("Unexpected null conditions", conditions);
        assertNotNull("Unexpected null value for NotBefore attribute", conditions.getNotBefore());
        assertNotNull("Unexpected null value for NotOnOrAfter attribute", conditions.getNotOnOrAfter());
        assertEquals("Unexpected number of conditions", 1, conditions.getConditions().size());
        assertTrue("Unexpected condition type", conditions.getConditions().get(0) instanceof AudienceRestrictionType);
        AudienceRestrictionType restrictionType = (AudienceRestrictionType) conditions.getConditions().get(0);
        assertNotNull("Unexpected null audience list", restrictionType.getAudience());
        assertEquals("Unexpected number of audience elements", 1, restrictionType.getAudience().size());
        assertEquals("Unexpected audience value", "http://services.testcorp.org/provider2", restrictionType.getAudience()
                .get(0).toString());
View Full Code Here

Examples of org.picketlink.identity.federation.saml.v2.assertion.ConditionsType

75
76
77
78
79
80
81
82
83
84
85
86
        NameIDType nameIDType = (NameIDType) subType.getBaseID();

        assertEquals("urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress", nameIDType.getFormat().toString());
        assertEquals("j.doe@company.com", nameIDType.getValue());

        ConditionsType conditionsType = authnRequestType.getConditions();
        List<ConditionAbstractType> conditions = conditionsType.getConditions();
        assertTrue(conditions.size() == 1);

        ConditionAbstractType condition = conditions.get(0);
        assertTrue(condition instanceof AudienceRestrictionType);
        AudienceRestrictionType audienceRestrictionType = (AudienceRestrictionType) condition;
View Full Code Here

Examples of org.picketlink.identity.federation.saml.v2.assertion.ConditionsType

225
226
227
228
229
230
231
232
233
234
235
236
        assertNotNull(responseType);
        assertEquals(1, responseType.getAssertions().size());
        AssertionType assertion = responseType.getAssertions().get(0).getAssertion();
        assertEquals(assertion.getIssuer().getValue(), IDENTITY_PROVIDER_URL);
       
        ConditionsType conditions = assertion.getConditions();
        assertNotNull(conditions);
        List<ConditionAbstractType> conditionList = conditions.getConditions();
        assertEquals(1, conditionList.size());
        AudienceRestrictionType audience = (AudienceRestrictionType) conditionList.get(0);
        assertEquals(SERVICE_PROVIDER_URL, audience.getAudience().get(0).toString());
    }
View Full Code Here

Examples of org.picketlink.identity.federation.saml.v2.assertion.ConditionsType

401
402
403
404
405
406
407
408
409
410
411
        assertEquals(issuedAssertion.getIssuer().getValue(), IDENTITY_PROVIDER_URL);

        // The response should redirect back to the caller SP
        assertTrue("Expected a redirect to the SP.", response.redirectString.contains(SERVICE_PROVIDER_URL));

        ConditionsType conditions = issuedAssertion.getConditions();

        assertEquals("The assertion timeout is invalid.", 3000, conditions.getNotOnOrAfter().toGregorianCalendar()
                .getTimeInMillis()
                - conditions.getNotBefore().toGregorianCalendar().getTimeInMillis());
    }
View Full Code Here
TOP
Copyright © 2018 www.massapi.com. All rights reserved.
All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.