Examples of org.jboss.identity.federation.saml.v2.assertion.SubjectConfirmationDataType

• org.jboss.identity.federation.saml.v2.assertion.NameIDType
  3.org/2001/XMLSchema}anyType"> <sequence> <any/> </sequence> <attribute name="NotBefore" type="{http://www.w3.org/2001/XMLSchema}dateTime" /> <attribute name="NotOnOrAfter" type="{http://www.w3.org/2001/XMLSchema}dateTime" /> <attribute name="Recipient" type="{http://www.w3.org/2001/XMLSchema}anyURI" /> <attribute name="InResponseTo" type="{http://www.w3.org/2001/XMLSchema}NCName" /> <attribute name="Address" type="{http://www.w3.org/2001/XMLSchema}string" /> </restriction> </complexContent> </complexType>

    * @return
    */
   public static AttributeStatementType createAttributeStatement(String attributeValue)
   {
      AttributeStatementType attribStatement = assertionObjectFactory.createAttributeStatementType();
      AttributeType att = assertionObjectFactory.createAttributeType();
      JAXBElement<Object> attValue = assertionObjectFactory.createAttributeValue(attributeValue);
      att.getAttributeValue().add(attValue);
      attribStatement.getAttributeOrEncryptedAttribute().add(att);
      return attribStatement;
   }

    */
   private void issueToken(WSTrustRequestContext context, String assertionID) throws WSTrustException
   {
      // lifetime and audience restrictions.
      Lifetime lifetime = context.getRequestSecurityToken().getLifetime();
      AudienceRestrictionType restriction = null;
      AppliesTo appliesTo = context.getRequestSecurityToken().getAppliesTo();
      if (appliesTo != null)
         restriction = SAMLAssertionFactory.createAudienceRestriction(WSTrustUtil.parseAppliesTo(appliesTo));
      ConditionsType conditions = SAMLAssertionFactory.createConditions(lifetime.getCreated(), lifetime.getExpires(),
            restriction);

      Lifetime lifetime = context.getRequestSecurityToken().getLifetime();
      AudienceRestrictionType restriction = null;
      AppliesTo appliesTo = context.getRequestSecurityToken().getAppliesTo();
      if (appliesTo != null)
         restriction = SAMLAssertionFactory.createAudienceRestriction(WSTrustUtil.parseAppliesTo(appliesTo));
      ConditionsType conditions = SAMLAssertionFactory.createConditions(lifetime.getCreated(), lifetime.getExpires(),
            restriction);

      // TODO: implement support for the other confirmation methods.
      String confirmationMethod = SAMLUtil.SAML2_BEARER_URI;
      SubjectConfirmationType subjectConfirmation = SAMLAssertionFactory.createSubjectConfirmation(null,

   {
      XMLGregorianCalendar issueInstant = assertion.getIssueInstant();
      if(issueInstant == null)
         throw new IssueInstantMissingException("assertion does not have issue instant");
      XMLGregorianCalendar assertionValidityLength = XMLTimeUtil.add(issueInstant, durationInMilis);
      ConditionsType conditionsType = JBossSAMLBaseFactory.getObjectFactory().createConditionsType();
      conditionsType.setNotBefore(issueInstant);
      conditionsType.setNotOnOrAfter(assertionValidityLength);

      assertion.setConditions(conditionsType);
   }

    * @throws ConfigurationException
    */
   public static boolean hasExpired(AssertionType assertion) throws ConfigurationException
   {
      //Check for validity of assertion
      ConditionsType conditionsType = assertion.getConditions();
      if(conditionsType != null)
      {
         XMLGregorianCalendar now = XMLTimeUtil.getIssueInstant();
         XMLGregorianCalendar notBefore = conditionsType.getNotBefore();
         XMLGregorianCalendar notOnOrAfter = conditionsType.getNotOnOrAfter();
         if(trace) log.trace("Now="+now.toXMLFormat() + " ::notBefore="+notBefore.toXMLFormat()
               + "::notOnOrAfter="+notOnOrAfter);
         return !XMLTimeUtil.isValid(now, notBefore, notOnOrAfter);
      }
      //TODO: if conditions do not exist, assume the assertion to be everlasting?

            Element encAssertion = XMLEncryptionUtil.encryptElementInDocument(responseDoc,
                            publicKey, sk, keyLength, assertionQName, true);


            EncryptedElementType eet = saml2Response.getEncryptedAssertion(DocumentUtil.getNodeAsStream(encAssertion));
            responseType.getAssertionOrEncryptedAssertion().set(0, eet);
         }
         catch (MalformedURLException e)
         {
            // TODO Auto-generated catch block

      try
      {
         SAML2Response saml2Response = new SAML2Response();
         PrivateKey privateKey = keyManager.getSigningKey();

         EncryptedElementType myEET = (EncryptedElementType) responseType.getAssertionOrEncryptedAssertion().get(0);
         Document eetDoc = saml2Response.convert(myEET);

         Element decryptedDocumentElement = XMLEncryptionUtil.decryptElementInDocument(eetDoc,privateKey);

         //Let us use the encrypted doc element to decrypt it

      if(expiredAssertion)
         throw new AssertionExpiredException();

      SubjectType subject = assertion.getSubject();
      JAXBElement<NameIDType> jnameID = (JAXBElement<NameIDType>) subject.getContent().get(0);
      NameIDType nameID = jnameID.getValue();
      String userName = nameID.getValue();
      List<String> roles = new ArrayList<String>();

      //Let us get the roles
      AttributeStatementType attributeStatement = (AttributeStatementType) assertion.getStatementOrAuthnStatementOrAuthzDecisionStatement().get(0);
      List<Object> attList = attributeStatement.getAttributeOrEncryptedAttribute();

      if(expiredAssertion)
         throw new AssertionExpiredException();

      SubjectType subject = assertion.getSubject();
      JAXBElement<NameIDType> jnameID = (JAXBElement<NameIDType>) subject.getContent().get(0);
      NameIDType nameID = jnameID.getValue();
      final String userName = nameID.getValue();
      List<String> roles = new ArrayList<String>();

      //Let us get the roles
      AttributeStatementType attributeStatement = (AttributeStatementType) assertion.getStatementOrAuthnStatementOrAuthzDecisionStatement().get(0);
      List<Object> attList = attributeStatement.getAttributeOrEncryptedAttribute();

            confirmationMethod, null);

      // create a subject using the caller principal.
      Principal principal = context.getCallerPrincipal();
      String subjectName = principal == null ? "ANONYMOUS" : principal.getName();
      NameIDType nameID = SAMLAssertionFactory.createNameID(null, "urn:jboss:identity-federation", subjectName);
      SubjectType subject = SAMLAssertionFactory.createSubject(nameID, subjectConfirmation);

      // TODO: add SAML statements that corresponds to the claims provided by the requester.

      // create the SAML assertion.
      NameIDType issuerID = SAMLAssertionFactory.createNameID(null, null, context.getTokenIssuer());
      AssertionType assertion = SAMLAssertionFactory.createAssertion(assertionID, issuerID, lifetime.getCreated(),
            conditions, subject, null);

      // convert the constructed assertion to element.
      Element assertionElement = null;