Package org.picketlink.identity.federation.api.saml.v2.metadata

Examples of org.picketlink.identity.federation.api.saml.v2.metadata.SecurityActions


     * Test the encoding/decoding of a SAML2 AuthnRequest (Use of ByteArrayOutputStream)
     *
     * @throws Exception
     */
    public void testRegularRedirectBindingUseCaseWithByteArray() throws Exception {
        AuthnRequestType authnRequest = (new SAML2Request()).createAuthnRequestType(IDGenerator.create("ID_"), "http://sp",
                "http://idp", "http://sp");

        ByteArrayOutputStream baos = new ByteArrayOutputStream();
        SAML2Request saml2Request = new SAML2Request();
        saml2Request.marshall(authnRequest, baos);

        String request = RedirectBindingUtil.deflateBase64URLEncode(baos.toByteArray());

        InputStream is = RedirectBindingUtil.urlBase64DeflateDecode(request);

        AuthnRequestType parsed = saml2Request.getAuthnRequestType(is);
        assertNotNull("Parsed request is not null", parsed);
    }
View Full Code Here


    public Document buildDocument() throws ConfigurationException, ProcessingException {
        Document samlResponseDocument = null;

        ResponseType responseType = null;

        SAML2Response saml2Response = new SAML2Response();

        // Create a response type
        String id = IDGenerator.create("ID_");

        IssuerInfoHolder issuerHolder = new IssuerInfoHolder(responseIssuer);
        issuerHolder.setStatusCode(JBossSAMLURIConstants.STATUS_SUCCESS.get());

        IDPInfoHolder idp = new IDPInfoHolder();
        idp.setNameIDFormatValue(userPrincipal);
        idp.setNameIDFormat(JBossSAMLURIConstants.NAMEID_FORMAT_PERSISTENT.get());

        SPInfoHolder sp = new SPInfoHolder();
        sp.setResponseDestinationURI(destination);
        sp.setRequestID(requestID);
        sp.setIssuer(requestIssuer);
        responseType = saml2Response.createResponseType(id, sp, idp, issuerHolder);

        // Add information on the roles
        AssertionType assertion = responseType.getAssertions().get(0).getAssertion();

        // Create an AuthnStatementType
        if (!disableAuthnStatement) {
            String authContextRef = JBossSAMLURIConstants.AC_UNSPECIFIED.get();
            if (isNotNull(authMethod))
                authContextRef = authMethod;

            AuthnStatementType authnStatement = StatementUtil.createAuthnStatement(XMLTimeUtil.getIssueInstant(),
                    authContextRef);

            authnStatement.setSessionIndex(assertion.getID());

            assertion.addStatement(authnStatement);
        }

        if (roles != null && !roles.isEmpty()) {
            AttributeStatementType attrStatement = StatementUtil.createAttributeStatementForRoles(roles, multiValuedRoles);
            assertion.addStatement(attrStatement);
        }

        // Add in the attributes information
        if (attributes != null && attributes.size() > 0) {
            AttributeStatementType attStatement = StatementUtil.createAttributeStatement(attributes);
            assertion.addStatement(attStatement);
        }

        try {
            samlResponseDocument = saml2Response.convert(responseType);

            if (logger.isTraceEnabled()) {
                logger.trace("SAML Response Document: " + DocumentUtil.asString(samlResponseDocument));
            }
        } catch (Exception e) {
View Full Code Here

    public Document buildDocument() throws ProcessingException {
        Document samlResponse = null;
        ResponseType responseType = null;

        SAML2Response saml2Response = new SAML2Response();

        // Create a response type
        String id = IDGenerator.create("ID_");

        IssuerInfoHolder issuerHolder = new IssuerInfoHolder(responseIssuer);
        issuerHolder.setStatusCode(status);

        IDPInfoHolder idp = new IDPInfoHolder();
        idp.setNameIDFormatValue(null);
        idp.setNameIDFormat(JBossSAMLURIConstants.NAMEID_FORMAT_PERSISTENT.get());

        SPInfoHolder sp = new SPInfoHolder();
        sp.setResponseDestinationURI(destination);

        responseType = saml2Response.createResponseType(id);
        responseType.setStatus(JBossSAMLAuthnResponseFactory.createStatusTypeForResponder(status));
        responseType.setDestination(destination);

        if (encrypt) encryptDocument(samlResponse);
        return samlResponse;
View Full Code Here

     */
    public Document getErrorResponse(String responseURL, String status, String identityURL, boolean supportSignature) {
        Document samlResponse = null;
        ResponseType responseType = null;

        SAML2Response saml2Response = new SAML2Response();

        // Create a response type
        String id = IDGenerator.create("ID_");

        IssuerInfoHolder issuerHolder = new IssuerInfoHolder(identityURL);
        issuerHolder.setStatusCode(status);

        IDPInfoHolder idp = new IDPInfoHolder();
        idp.setNameIDFormatValue(null);
        idp.setNameIDFormat(JBossSAMLURIConstants.NAMEID_FORMAT_PERSISTENT.get());

        SPInfoHolder sp = new SPInfoHolder();
        sp.setResponseDestinationURI(responseURL);

        responseType = saml2Response.createResponseType(id);
        responseType.setStatus(JBossSAMLAuthnResponseFactory.createStatusType(status));

        // Lets see how the response looks like
        if (logger.isTraceEnabled()) {
            StringWriter sw = new StringWriter();
            try {
                saml2Response.marshall(responseType, sw);
            } catch (ProcessingException e) {
                logger.trace(e);
            }
            logger.trace("SAML Response Document: " + sw.toString());
        }

        if (supportSignature) {
            try {
                SAML2Signature ss = new SAML2Signature();
                samlResponse = ss.sign(responseType, keyManager.getSigningKeyPair());
            } catch (Exception e) {
                logger.trace(e);
                throw new RuntimeException(logger.signatureError(e));
            }
        } else
            try {
                samlResponse = saml2Response.convert(responseType);
            } catch (Exception e) {
                logger.trace(e);
            }

        return samlResponse;
View Full Code Here

     * @throws IOException
     * @throws GeneralSecurityException
     */
    public static String getSAMLResponseURLWithSignature(ResponseType responseType, String relayState, PrivateKey signingKey)
            throws IOException, GeneralSecurityException {
        SAML2Response saml2Response = new SAML2Response();

        Document responseDoc = saml2Response.convert(responseType);

        // URL Encode the Request
        String responseString = DocumentUtil.getDocumentAsString(responseDoc);

        String urlEncodedResponse = RedirectBindingUtil.deflateBase64URLEncode(responseString);
View Full Code Here

    @Test
    public void testSigningResponse() throws Exception {
        IssuerInfoHolder issuerInfo = new IssuerInfoHolder("testIssuer");
        String id = IDGenerator.create("ID_");

        SAML2Response response = new SAML2Response();

        String authnContextDeclRef = JBossSAMLURIConstants.AC_PASSWORD_PROTECTED_TRANSPORT.get();

        AuthnStatementType authnStatement = response.createAuthnStatement(authnContextDeclRef, XMLTimeUtil.getIssueInstant());

        // Create an assertion
        AssertionType assertion = response.createAssertion(id, issuerInfo.getIssuer());
        assertion.addStatement(authnStatement);

        KeyPairGenerator kpg = KeyPairGenerator.getInstance("DSA");
        KeyPair kp = kpg.genKeyPair();

        id = IDGenerator.create("ID_"); // regenerate
        ResponseType responseType = response.createResponseType(id, issuerInfo, assertion);

        SAML2Signature ss = new SAML2Signature();
        ss.setSignatureMethod(SignatureMethod.DSA_SHA1);
        Document signedDoc = ss.sign(responseType, kp);
View Full Code Here

        assertTrue(isValid);
    }

    @Test
    public void testSigningAnAssertionWithinResponse() throws Exception {
        SAML2Response response = new SAML2Response();
        String fileName = "xml/dom/saml-response-2-assertions.xml";
        ClassLoader tcl = Thread.currentThread().getContextClassLoader();
        InputStream is = tcl.getResourceAsStream(fileName);
        if (is == null)
            throw new RuntimeException("InputStream is null");

        ResponseType responseType = response.getResponseType(is);

        Document doc = response.convert(responseType);

        KeyPairGenerator kpg = KeyPairGenerator.getInstance("RSA");
        KeyPair kp = kpg.genKeyPair();

        // String id = "ID_0be488d8-7089-4892-8aeb-83594c800706";
View Full Code Here

        roles.add("roleA");
        roles.add("roleB");

        ResponseType responseType = null;

        SAML2Response saml2Response = new SAML2Response();

        // Create a response type
        String id = IDGenerator.create("ID_");

        IssuerInfoHolder issuerHolder = new IssuerInfoHolder("http://identityurl");
        issuerHolder.setStatusCode(JBossSAMLURIConstants.STATUS_SUCCESS.get());

        IDPInfoHolder idp = new IDPInfoHolder();
        idp.setNameIDFormatValue("testPrincipal");
        idp.setNameIDFormat(JBossSAMLURIConstants.NAMEID_FORMAT_PERSISTENT.get());

        SPInfoHolder sp = new SPInfoHolder();
        sp.setResponseDestinationURI("http://service");
        sp.setIssuer("http://service.issuer");
        responseType = saml2Response.createResponseType(id, sp, idp, issuerHolder);
        AssertionType assertion = responseType.getAssertions().get(0).getAssertion();

        AttributeStatementType attrStatement = StatementUtil.createAttributeStatement(roles);
        assertion.addStatement(attrStatement);

        // Add timed conditions
        saml2Response.createTimedConditions(assertion, 5000L);

        return responseType;
    }
View Full Code Here

        issuerHolder.setStatusCode(JBossSAMLURIConstants.STATUS_SUCCESS.get());

        IDPInfoHolder idp = new IDPInfoHolder();
        idp.setNameIDFormatValue(IDGenerator.create());

        SAML2Response saml2Response = new SAML2Response();

        SPInfoHolder sp = new SPInfoHolder();
        sp.setResponseDestinationURI("http://fakesp");
        sp.setIssuer("http://fakesp");
        ResponseType rt = saml2Response.createResponseType("response111", sp, idp, issuerHolder);
        Assert.assertNotNull(rt);

        ByteArrayOutputStream baos = new ByteArrayOutputStream();
        saml2Response.marshall(rt, baos);
    }
View Full Code Here

        return this.postBinding || idpPostBinding;
    }

    private SAMLDocumentHolder getSAMLDocumentHolder(String samlResponse) throws ParsingException, ConfigurationException,
            ProcessingException {
        SAML2Response saml2Response = new SAML2Response();

        InputStream dataStream = null;

        if (isPostBinding()) {
            // deal with SAML response from IDP
            dataStream = PostBindingUtil.base64DecodeAsStream(samlResponse);
        } else {
            // deal with SAML response from IDP
            dataStream = RedirectBindingUtil.base64DeflateDecode(samlResponse);
        }

        try {
            saml2Response.getSAML2ObjectFromStream(dataStream);
        } catch (ProcessingException pe) {
            logger.samlResponseFromIDPParsingFailed();
            throw pe;
        } catch (ParsingException pe) {
            logger.samlResponseFromIDPParsingFailed();
            throw pe;
        }
       

        return saml2Response.getSamlDocumentHolder();
    }
View Full Code Here

TOP

Related Classes of org.picketlink.identity.federation.api.saml.v2.metadata.SecurityActions

Copyright © 2018 www.massapicom. All rights reserved.
All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.