Examples of org.jboss.identity.federation.saml.v2.assertion.AssertionType

• org.picketlink.identity.federation.saml.v2.assertion.AssertionType
  3.org/2001/XMLSchema}anyType"> <sequence> <element ref="{urn:oasis:names:tc:SAML:2.0:assertion}Issuer"/> <element ref="{http://www.w3.org/2000/09/xmldsig#}Signature" minOccurs="0"/> <element ref="{urn:oasis:names:tc:SAML:2.0:assertion}Subject" minOccurs="0"/> <element ref="{urn:oasis:names:tc:SAML:2.0:assertion}Conditions" minOccurs="0"/> <element ref="{urn:oasis:names:tc:SAML:2.0:assertion}Advice" minOccurs="0"/> <choice maxOccurs="unbounded" minOccurs="0"> <element ref="{urn:oasis:names:tc:SAML:2.0:assertion}Statement"/> <element ref="{urn:oasis:names:tc:SAML:2.0:assertion}AuthnStatement"/> <element ref="{urn:oasis:names:tc:SAML:2.0:assertion}AuthzDecisionStatement"/> <element ref="{urn:oasis:names:tc:SAML:2.0:assertion}AttributeStatement"/> </choice> </sequence> <attribute name="Version" use="required" type="{http://www.w3.org/2001/XMLSchema}string" /> <attribute name="ID" use="required" type="{http://www.w3.org/2001/XMLSchema}ID" /> <attribute name="IssueInstant" use="required" type="{http://www.w3.org/2001/XMLSchema}dateTime" /> </restriction> </complexContent> </complexType>

        assertEquals(WSTrustConstants.CANCEL_REQUEST, requestToken.getRequestType().toASCIIString());

        CancelTargetType cancelTarget = requestToken.getCancelTarget();

        Element assertionElement = (Element) cancelTarget.getAny().get(0);
        AssertionType assertion = SAMLUtil.fromElement(assertionElement);
        validateAssertion(assertion);

        // Now for the writing part
        ByteArrayOutputStream baos = new ByteArrayOutputStream();
        WSTrustRequestWriter rstWriter = new WSTrustRequestWriter(baos);

    public void testSTSGroupMappingProvider() throws Exception {
        String roleAttributeName = "roleAttributeName";
        String role1 = "userRole1";
        String role2 = "userRole2";

        AssertionType assertion = new AssertionType("ID_SOME", XMLTimeUtil.getIssueInstant());
        AttributeStatementType attributeStatementType = new AttributeStatementType();
        assertion.addStatement(attributeStatementType);
        AttributeType attributeType = new AttributeType(roleAttributeName);
        attributeStatementType.addAttribute(new ASTChoiceType(attributeType));
        attributeType.addAttributeValue(role1);
        attributeType.addAttributeValue(role2);

     * @throws Exception if an error occurs while running the test.
     */
    public void testSTSPrincipalMappingProvider() throws Exception {
        String userId = "babak";

        AssertionType assertion = new AssertionType("ID_SOME", XMLTimeUtil.getIssueInstant());
        SubjectType subjectType = new SubjectType();
        assertion.setSubject(subjectType);
        // QName name = new QName(WSTrustConstants.SAML2_ASSERTION_NS, "NameID");
        NameIDType nameIDType = new NameIDType();
        nameIDType.setValue(userId);
        STSubType subType = new STSubType();
        subType.addBaseID(nameIDType);

        assertEquals("urn:oasis:names:tc:SAML:2.0:status:Success", status.getStatusCode().getValue().toString());

        List<RTChoiceType> assertionList = response.getAssertions();
        assertEquals(2, assertionList.size());

        AssertionType assertion1 = assertionList.get(0).getAssertion();
        assertEquals("ID_0be488d8-7089-4892-8aeb-83594c800706", assertion1.getID());
        assertEquals(XMLTimeUtil.parse("2009-05-26T14:06:26.362-05:00"), assertion1.getIssueInstant());
        assertEquals("2.0", assertion1.getVersion());
        assertEquals("testIssuer", assertion1.getIssuer().getValue());

        Iterator<StatementAbstractType> iterator = assertion1.getStatements().iterator();

        AuthnStatementType authnStatement = (AuthnStatementType) iterator.next();
        assertEquals(XMLTimeUtil.parse("2009-05-26T14:06:26.359-05:00"), authnStatement.getAuthnInstant());

        AuthnContextType authnContext = authnStatement.getAuthnContext();

        AuthnContextDeclRefType refType = (AuthnContextDeclRefType) authnContext.getURIType().iterator().next();
        assertEquals("urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport", refType.getValue().toASCIIString());
        /*
         * JAXBElement<?> authnContextDeclRefJaxb = (JAXBElement<?>) authnStatement.getAuthnContext().getContent().get(0);
         * assertEquals( "urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport", authnContextDeclRefJaxb.getValue()
         * );
         */

        AssertionType assertion2 = assertionList.get(1).getAssertion();
        assertEquals("ID_976d8310-658a-450d-be39-f33c73c8afa6", assertion2.getID());
        assertEquals(XMLTimeUtil.parse("2009-05-26T14:06:26.363-05:00"), assertion2.getIssueInstant());
        assertEquals("2.0", assertion2.getVersion());
        assertEquals("testIssuer", assertion2.getIssuer().getValue());

        authnStatement = (AuthnStatementType) assertion2.getStatements().iterator().next();
        assertEquals(XMLTimeUtil.parse("2009-05-26T14:06:26.359-05:00"), authnStatement.getAuthnInstant());
        SubjectLocalityType subjectLocality = authnStatement.getSubjectLocality();
        assertNotNull(subjectLocality);
        assertEquals("127.0.0.1", subjectLocality.getAddress());
        authnContext = authnStatement.getAuthnContext();

        // Status
        StatusType status = response.getStatus();
        assertEquals("urn:oasis:names:tc:SAML:2.0:status:Success", status.getStatusCode().getValue().toString());

        // Get the assertion
        AssertionType assertion = response.getAssertions().get(0).getAssertion();
        assertEquals("ID_8be1534d-9155-4837-9f26-70ea2c15e327", assertion.getID());
        assertEquals(XMLTimeUtil.parse("2010-11-04T00:19:16.842-05:00"), assertion.getIssueInstant());
        assertEquals("2.0", assertion.getVersion());

        assertEquals("http://localhost:8080/idp/", assertion.getIssuer().getValue());

        // Subject
        SubjectType subject = assertion.getSubject();

        NameIDType subjectNameID = (NameIDType) subject.getSubType().getBaseID();
        assertEquals("anil", subjectNameID.getValue());
        assertEquals("urn:oasis:names:tc:SAML:2.0:nameid-format:persistent", subjectNameID.getFormat().toString());

        SubjectConfirmationType subjectConfirmation = subject.getConfirmation().get(0);

        assertEquals("urn:oasis:names:tc:SAML:2.0:cm:bearer", subjectConfirmation.getMethod());

        SubjectConfirmationDataType subjectConfirmationData = subjectConfirmation.getSubjectConfirmationData();
        assertEquals("ID_04ded476-d73c-48af-b3a9-232a52905ffb", subjectConfirmationData.getInResponseTo());
        assertEquals(XMLTimeUtil.parse("2010-11-04T00:19:16.842-05:00"), subjectConfirmationData.getNotBefore());
        assertEquals(XMLTimeUtil.parse("2010-11-04T00:19:16.842-05:00"), subjectConfirmationData.getNotOnOrAfter());
        assertEquals("http://localhost:8080/employee/", subjectConfirmationData.getRecipient());

        AttributeStatementType attributeStatement = (AttributeStatementType) assertion.getStatements().iterator().next();

        List<AttributeStatementType.ASTChoiceType> attributes = attributeStatement.getAttributes();
        assertEquals(2, attributes.size());

        for (AttributeStatementType.ASTChoiceType attr : attributes) {

        SAMLParser parser = new SAMLParser();
        ResponseType response = (ResponseType) parser.parse(configStream);
        assertNotNull("ResponseType is not null", response);

        // Get the assertion
        AssertionType assertion = response.getAssertions().get(0).getAssertion();
        assertEquals("ID_response-id_1", assertion.getID());
        assertEquals(XMLTimeUtil.parse("2008-03-19T22:17:13Z"), assertion.getIssueInstant());
        assertEquals("2.0", assertion.getVersion());

        XACMLAuthzDecisionStatementType xacmlStat = (XACMLAuthzDecisionStatementType) assertion.getStatements().iterator()
                .next();
        assertNotNull(xacmlStat.getRequest());
        assertNotNull(xacmlStat.getResponse());

        ByteArrayOutputStream baos = new ByteArrayOutputStream();

        assertNotNull("ResponseType is not null", response);

        List<RTChoiceType> choices = response.getAssertions();
        assertEquals(1, choices.size());
        RTChoiceType rtc = choices.get(0);
        AssertionType assertion = rtc.getAssertion();
        Set<StatementAbstractType> statements = assertion.getStatements();
        for (StatementAbstractType statement : statements) {
            if (statement instanceof AuthnStatementType) {
                AuthnStatementType authnStat = (AuthnStatementType) statement;
                AuthnContextType authnContext = authnStat.getAuthnContext();

    @Test
    public void testValidAssertion() throws Exception {
        NameIDType nameIdType = new NameIDType();
        nameIdType.setValue("somename");

        AssertionType assertion = new AssertionType("SomeID", XMLTimeUtil.getIssueInstant());
        assertion.setIssuer(nameIdType);

        // Assertions with no conditions are everlasting
        assertTrue(AssertionUtil.hasExpired(assertion) == false);

        XMLGregorianCalendar now = XMLTimeUtil.getIssueInstant();

        XMLGregorianCalendar sometimeLater = XMLTimeUtil.add(now, 5555);

        ConditionsType conditions = new ConditionsType();
        conditions.setNotBefore(now);
        conditions.setNotOnOrAfter(sometimeLater);
        assertion.setConditions(conditions);
        assertTrue(AssertionUtil.hasExpired(assertion) == false);
    }

    @Test
    public void testExpiredAssertion() throws Exception {
        NameIDType nameIdType = new NameIDType();
        nameIdType.setValue("somename");

        AssertionType assertion = new AssertionType("SomeID", XMLTimeUtil.getIssueInstant());
        assertion.setIssuer(nameIdType);

        XMLGregorianCalendar now = XMLTimeUtil.getIssueInstant();

        XMLGregorianCalendar sometimeAgo = XMLTimeUtil.subtract(now, 55555);

        ConditionsType conditions = new ConditionsType();
        conditions.setNotBefore(XMLTimeUtil.subtract(now, 55575));
        conditions.setNotOnOrAfter(sometimeAgo);
        assertion.setConditions(conditions);
        assertTrue(AssertionUtil.hasExpired(assertion));
    }

    @Test
    public void testExpiredAssertionWithClockSkew() throws Exception {
        NameIDType nameIdType = new NameIDType();
        nameIdType.setValue("somename");

        AssertionType assertion = new AssertionType("SomeID", XMLTimeUtil.getIssueInstant());
        assertion.setIssuer(nameIdType);

        XMLGregorianCalendar now = XMLTimeUtil.getIssueInstant();

        XMLGregorianCalendar sometimeAgo = XMLTimeUtil.subtract(now, 55555);

        ConditionsType conditions = new ConditionsType();
        conditions.setNotBefore(XMLTimeUtil.subtract(now, 55575));
        conditions.setNotOnOrAfter(sometimeAgo);
        assertion.setConditions(conditions);

        assertFalse(AssertionUtil.hasExpired(assertion, 60000));
        assertTrue(AssertionUtil.hasExpired(assertion, 600));
    }