Examples of org.jboss.identity.federation.saml.v2.profiles.xacml.protocol.XACMLAuthzDecisionQueryType

• org.jboss.identity.federation.saml.v2.assertion.ConditionsType
  3.org/2001/XMLSchema}boolean" default="false" /> <attribute name="ReturnContext" type="{http://www.w3.org/2001/XMLSchema}boolean" default="false" /> </extension> </complexContent> </complexType>

    */
   public static AttributeType createAttribute(String name, String nameFormat,
         Object... attributeValues)
   {
      ObjectFactory of = SAMLAssertionFactory.getObjectFactory();
      AttributeType att = of.createAttributeType();
      att.setName(name);
      att.setNameFormat(nameFormat);
      if(attributeValues != null && attributeValues.length > 0)
      {
         for(Object attributeValue:attributeValues)
         {
            att.getAttributeValue().add(of.createAttributeValue(attributeValue));
         }
      }

      return att;
   }

    * @param roleName
    * @return
    */
   public static AttributeType createAttributeForRole(String roleName)
   {
      AttributeType att = assertionObjectFactory.createAttributeType();
      att.setFriendlyName("role");
      att.setName("role");
      att.setNameFormat(JBossSAMLURIConstants.ATTRIBUTE_FORMAT_BASIC.get());

      //rolename
      att.getAttributeValue().add(roleName);

      return att;
   }

    * @return
    */
   public static AttributeStatementType createAttributeStatement(String attributeValue)
   {
      AttributeStatementType attribStatement = assertionObjectFactory.createAttributeStatementType();
      AttributeType att = assertionObjectFactory.createAttributeType();
      JAXBElement<Object> attValue = assertionObjectFactory.createAttributeValue(attributeValue);
      att.getAttributeValue().add(attValue);
      attribStatement.getAttributeOrEncryptedAttribute().add(att);
      return attribStatement;
   }

         {
            //Deal with the X500 Profile of SAML2
            attrStatement = JBossSAMLBaseFactory.createAttributeStatement();
            i++;
         }
         AttributeType att = getX500Attribute();

         Object value = attributes.get(key);

         if(AttributeConstants.EMAIL_ADDRESS.equals(key))
         {
            att.setFriendlyName(X500SAMLProfileConstants.EMAIL_ADDRESS.getFriendlyName());
            att.setName(X500SAMLProfileConstants.EMAIL_ADDRESS.get());
         }
         else if(AttributeConstants.EMPLOYEE_NUMBER.equals(key))
         {
            att.setFriendlyName(X500SAMLProfileConstants.EMPLOYEE_NUMBER.getFriendlyName());
            att.setName(X500SAMLProfileConstants.EMPLOYEE_NUMBER.get());
         }
         else if(AttributeConstants.GIVEN_NAME.equals(key))
         {
            att.setFriendlyName(X500SAMLProfileConstants.GIVENNAME.getFriendlyName());
            att.setName(X500SAMLProfileConstants.GIVENNAME.get());
         }
         else if(AttributeConstants.TELEPHONE.equals(key))
         {
            att.setFriendlyName(X500SAMLProfileConstants.TELEPHONE.getFriendlyName());
            att.setName(X500SAMLProfileConstants.TELEPHONE.get());
         }
         att.getAttributeValue().add(value);
         attrStatement.getAttributeOrEncryptedAttribute().add(att);
      }
      return attrStatement;
   }

      return attrStatement;
   }

   private static AttributeType getX500Attribute()
   {
      AttributeType att = factory.createAttributeType();
      att.getOtherAttributes().put(X500_QNAME, "LDAP");

      att.setNameFormat(JBossSAMLURIConstants.ATTRIBUTE_FORMAT_URI.get());
      return att;
   }

    */
   private void issueToken(WSTrustRequestContext context, String assertionID) throws WSTrustException
   {
      // lifetime and audience restrictions.
      Lifetime lifetime = context.getRequestSecurityToken().getLifetime();
      AudienceRestrictionType restriction = null;
      AppliesTo appliesTo = context.getRequestSecurityToken().getAppliesTo();
      if (appliesTo != null)
         restriction = SAMLAssertionFactory.createAudienceRestriction(WSTrustUtil.parseAppliesTo(appliesTo));
      ConditionsType conditions = SAMLAssertionFactory.createConditions(lifetime.getCreated(), lifetime.getExpires(),
            restriction);

    * @param values a {@code String[]} containing the restriction values.
    * @return the constructed {@code AudienceRestrictionType} instance.
    */
   public static AudienceRestrictionType createAudienceRestriction(String... values)
   {
      AudienceRestrictionType audienceRestriction = new AudienceRestrictionType();
      if (values != null)
         audienceRestriction.getAudience().addAll(Arrays.asList(values));
      return audienceRestriction;
   }

      Lifetime lifetime = context.getRequestSecurityToken().getLifetime();
      AudienceRestrictionType restriction = null;
      AppliesTo appliesTo = context.getRequestSecurityToken().getAppliesTo();
      if (appliesTo != null)
         restriction = SAMLAssertionFactory.createAudienceRestriction(WSTrustUtil.parseAppliesTo(appliesTo));
      ConditionsType conditions = SAMLAssertionFactory.createConditions(lifetime.getCreated(), lifetime.getExpires(),
            restriction);

      // TODO: implement support for the other confirmation methods.
      String confirmationMethod = SAMLUtil.SAML2_BEARER_URI;
      SubjectConfirmationType subjectConfirmation = SAMLAssertionFactory.createSubjectConfirmation(null,

   {
      XMLGregorianCalendar issueInstant = assertion.getIssueInstant();
      if(issueInstant == null)
         throw new IssueInstantMissingException("assertion does not have issue instant");
      XMLGregorianCalendar assertionValidityLength = XMLTimeUtil.add(issueInstant, durationInMilis);
      ConditionsType conditionsType = JBossSAMLBaseFactory.getObjectFactory().createConditionsType();
      conditionsType.setNotBefore(issueInstant);
      conditionsType.setNotOnOrAfter(assertionValidityLength);

      assertion.setConditions(conditionsType);
   }

    * @throws ConfigurationException
    */
   public static boolean hasExpired(AssertionType assertion) throws ConfigurationException
   {
      //Check for validity of assertion
      ConditionsType conditionsType = assertion.getConditions();
      if(conditionsType != null)
      {
         XMLGregorianCalendar now = XMLTimeUtil.getIssueInstant();
         XMLGregorianCalendar notBefore = conditionsType.getNotBefore();
         XMLGregorianCalendar notOnOrAfter = conditionsType.getNotOnOrAfter();
         if(trace) log.trace("Now="+now.toXMLFormat() + " ::notBefore="+notBefore.toXMLFormat()
               + "::notOnOrAfter="+notOnOrAfter);
         return !XMLTimeUtil.isValid(now, notBefore, notOnOrAfter);
      }
      //TODO: if conditions do not exist, assume the assertion to be everlasting?