final Integer actInt = (Integer) wser.get(WSSecurityEngineResult.TAG_ACTION);
if (WSConstants.ST_UNSIGNED == actInt.intValue()) {
// If this is a SAML2.0 assertion
if (wser.get(WSSecurityEngineResult.TAG_SAML_ASSERTION) instanceof Assertion) {
final Assertion assertion = (Assertion) wser
.get(WSSecurityEngineResult.TAG_SAML_ASSERTION);
// if the subject confirmation method is Bearer, do not try to get the KeyInfo
if (TrustUtil.getSAML2SubjectConfirmationMethod(assertion).equals(
RahasConstants.SAML20_SUBJECT_CONFIRMATION_BEARER)) {
break;
}
String id = assertion.getID();
Subject subject = assertion.getSubject();
Date dateOfCreation = null;
Date dateOfExpiration = null;
// Read the validity period from the 'Conditions' element, else read it from SC
// Data
if (assertion.getConditions() != null) {
Conditions conditions = assertion.getConditions();
if (conditions.getNotBefore() != null) {
dateOfCreation = conditions.getNotBefore().toDate();
}
if (conditions.getNotOnOrAfter() != null) {
dateOfExpiration = conditions.getNotOnOrAfter().toDate();
}
} else {
SubjectConfirmationData scData = subject.getSubjectConfirmations().get(0)
.getSubjectConfirmationData();
if (scData.getNotBefore() != null) {
dateOfCreation = scData.getNotBefore().toDate();
}
if (scData.getNotOnOrAfter() != null) {
dateOfExpiration = scData.getNotOnOrAfter().toDate();
}
}
// TODO : SAML2KeyInfo element needs to be moved to WSS4J.
SAML2KeyInfo saml2KeyInfo = SAML2Utils.getSAML2KeyInfo(assertion,
signatureCrypto, tokenCallbackHandler);
// Store the token
try {
TokenStorage store = rmd.getTokenStorage();
if (store.getToken(id) == null) {
Token token = new Token(id,
(OMElement) SAML2Utils.getElementFromAssertion(assertion),
dateOfCreation, dateOfExpiration);
token.setSecret(saml2KeyInfo.getSecret());
store.add(token);
}
} catch (Exception e) {
throw new RampartException("errorInAddingTokenIntoStore", e);
}
}
// if this is a SAML1.1 assertion
else {
final SAMLAssertion assertion = ((SAMLAssertion) wser
.get(WSSecurityEngineResult.TAG_SAML_ASSERTION));
// if the subject confirmation method is Bearer, do not try to get the KeyInfo
if (RahasConstants.SAML11_SUBJECT_CONFIRMATION_BEARER.equals(TrustUtil
.getSAML11SubjectConfirmationMethod(assertion))) {
break;
}
String id = assertion.getId();
Date created = assertion.getNotBefore();
Date expires = assertion.getNotOnOrAfter();
SAMLKeyInfo samlKi = SAMLUtil.getSAMLKeyInfo(assertion, signatureCrypto,
tokenCallbackHandler);
try {
TokenStorage store = rmd.getTokenStorage();
if (store.getToken(id) == null) {
Token token = new Token(id, (OMElement) assertion.toDOM(), created,
expires);
token.setSecret(samlKi.getSecret());
store.add(token);
}
} catch (Exception e) {