org.opensaml.saml2.core.Attribute Java Examples

The following examples show how to use org.opensaml.saml2.core.Attribute. You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
Source File: SAMLResponseBuilder.java    From carbon-identity with Apache License 2.0 7 votes vote down vote up
/**
 * Build Attribute Statement
 *
 * @param claims
 * @return AttributeStatement
 */
private AttributeStatement buildAttributeStatement(Map<String, String> claims) {
    AttributeStatement attStmt = null;
    if (claims != null) {
        attStmt = new AttributeStatementBuilder().buildObject();
        Iterator<String> ite = claims.keySet().iterator();

        for (int i = 0; i < claims.size(); i++) {
            Attribute attrib = new AttributeBuilder().buildObject();
            String claimUri = ite.next();
            attrib.setName(claimUri);
            // look
            // https://wiki.shibboleth.net/confluence/display/OpenSAML/OSTwoUsrManJavaAnyTypes
            XSStringBuilder stringBuilder =
                    (XSStringBuilder) Configuration.getBuilderFactory()
                            .getBuilder(XSString.TYPE_NAME);
            XSString stringValue =
                    stringBuilder.buildObject(AttributeValue.DEFAULT_ELEMENT_NAME,
                            XSString.TYPE_NAME);
            stringValue.setValue(claims.get(claimUri));
            attrib.getAttributeValues().add(stringValue);
            attStmt.getAttributes().add(attrib);
        }
    }
    return attStmt;
}
 
Example #2
Source File: AttributeAuthorityDescriptorUnmarshaller.java    From lams with GNU General Public License v2.0 6 votes vote down vote up
/** {@inheritDoc} */
protected void processChildElement(XMLObject parentElement, XMLObject childElement) throws UnmarshallingException {
    AttributeAuthorityDescriptor descriptor = (AttributeAuthorityDescriptor) parentElement;

    if (childElement instanceof AttributeService) {
        descriptor.getAttributeServices().add((AttributeService) childElement);
    } else if (childElement instanceof AssertionIDRequestService) {
        descriptor.getAssertionIDRequestServices().add((AssertionIDRequestService) childElement);
    } else if (childElement instanceof NameIDFormat) {
        descriptor.getNameIDFormats().add((NameIDFormat) childElement);
    } else if (childElement instanceof AttributeProfile) {
        descriptor.getAttributeProfiles().add((AttributeProfile) childElement);
    } else if (childElement instanceof Attribute) {
        descriptor.getAttributes().add((Attribute) childElement);
    } else {
        super.processChildElement(parentElement, childElement);
    }
}
 
Example #3
Source File: AttributeUnmarshaller.java    From lams with GNU General Public License v2.0 6 votes vote down vote up
/** {@inheritDoc} */
protected void processAttribute(XMLObject samlObject, Attr attribute) throws UnmarshallingException {

    Attribute attrib = (Attribute) samlObject;

    if (attribute.getLocalName().equals(Attribute.NAME_ATTTRIB_NAME)) {
        attrib.setName(attribute.getValue());
    } else if (attribute.getLocalName().equals(Attribute.NAME_FORMAT_ATTRIB_NAME)) {
        attrib.setNameFormat(attribute.getValue());
    } else if (attribute.getLocalName().equals(Attribute.FRIENDLY_NAME_ATTRIB_NAME)) {
        attrib.setFriendlyName(attribute.getValue());
    } else {
        QName attribQName = XMLHelper.getNodeQName(attribute);
        if (attribute.isId()) {
            attrib.getUnknownAttributes().registerID(attribQName);
        }
        attrib.getUnknownAttributes().put(attribQName, attribute.getValue());
    }
}
 
Example #4
Source File: SimpleSAMLUserDetailsServiceTest.java    From spring-boot-security-saml with MIT License 6 votes vote down vote up
@Test
public void testAttributes() {
    SAMLCredential samlCredential = mock(SAMLCredential.class);
    NameID nameId = mock(NameID.class);
    when(samlCredential.getNameID()).thenReturn(nameId);
    Attribute attribute = mock(Attribute.class);
    when(attribute.getName()).thenReturn("attr");
    when(samlCredential.getAttributes()).thenReturn(Collections.singletonList(attribute));
    when(samlCredential.getAttribute("attr")).thenReturn(attribute);
    when(samlCredential.getAttributeAsString("attr")).thenReturn("value");
    when(samlCredential.getAttributeAsStringArray("attr")).thenReturn(new String[]{"value"});
    when(nameId.toString()).thenReturn(NameID.UNSPECIFIED);
    SAMLUserDetails details = (SAMLUserDetails) new SimpleSAMLUserDetailsService().loadUserBySAML(samlCredential);
    assertThat(details.getPassword()).isEmpty();
    assertThat(details.isAccountNonExpired()).isTrue();
    assertThat(details.isAccountNonLocked()).isTrue();
    assertThat(details.isCredentialsNonExpired()).isTrue();
    assertThat(details.isEnabled()).isTrue();
    assertThat(details.getAuthorities()).extracting(GrantedAuthority::getAuthority).containsExactly("ROLE_USER");
    assertThat(details.getAttribute("attr")).isEqualTo("value");
    assertThat(details.getAttributeArray("attr")).containsExactly("value");
    assertThat(details.getAttributes()).containsOnlyKeys("attr").containsValue("value");
    assertThat(details.getAttributesArrays()).containsOnlyKeys("attr");
    assertThat(details.getAttributesArrays().get("attr")).containsExactly("value");
}
 
Example #5
Source File: SAMLUserDetailsTest.java    From spring-boot-security-saml with MIT License 6 votes vote down vote up
@Test
public void testAttributes() {
    SAMLCredential samlCredential = mock(SAMLCredential.class);
    NameID nameId = mock(NameID.class);
    when(samlCredential.getNameID()).thenReturn(nameId);
    Attribute attribute = mock(Attribute.class);
    when(attribute.getName()).thenReturn("attr");
    when(samlCredential.getAttributes()).thenReturn(Collections.singletonList(attribute));
    when(samlCredential.getAttribute("attr")).thenReturn(attribute);
    when(samlCredential.getAttributeAsString("attr")).thenReturn("value");
    when(samlCredential.getAttributeAsStringArray("attr")).thenReturn(new String[]{"value"});
    when(nameId.toString()).thenReturn(NameID.UNSPECIFIED);
    SAMLUserDetails details = new SAMLUserDetails(samlCredential);
    assertThat(details.getPassword()).isEmpty();
    assertThat(details.isAccountNonExpired()).isTrue();
    assertThat(details.isAccountNonLocked()).isTrue();
    assertThat(details.isCredentialsNonExpired()).isTrue();
    assertThat(details.isEnabled()).isTrue();
    assertThat(details.getAuthorities()).extracting(GrantedAuthority::getAuthority).containsExactly("ROLE_USER");
    assertThat(details.getAttribute("attr")).isEqualTo("value");
    assertThat(details.getAttributeArray("attr")).containsExactly("value");
    assertThat(details.getAttributes()).containsOnlyKeys("attr").containsValue("value");
    assertThat(details.getAttributesArrays()).containsOnlyKeys("attr");
    assertThat(details.getAttributesArrays().get("attr")).containsExactly("value");
}
 
Example #6
Source File: AttributeQuerySchemaValidator.java    From lams with GNU General Public License v2.0 6 votes vote down vote up
/**
 * Checks that all the attributes have a unique Name/NameFormat pair.
 * 
 * @param query the attribute query to validate
 * 
 * @throws ValidationException thrown if more than on Name/NameFormat pair is found in the list of attributes in
 *             this query
 */
protected void validateUniqueAttributeIdentifiers(AttributeQuery query) throws ValidationException {
    List<Attribute> attributes = query.getAttributes();

    HashSet<Pair<String, String>> encounteredNames = new HashSet<Pair<String, String>>();
    String attributeName;
    String attributeNameFormat;
    for (Attribute attribute : attributes) {
        attributeName = attribute.getName();
        attributeNameFormat = attribute.getNameFormat();
        if (DatatypeHelper.isEmpty(attributeNameFormat)) {
            // SAML 2 core, sec. 2.7.3.1, if no format is specified,
            // unspecified is in effect. This avoids bug in processing null value.
            attributeNameFormat = Attribute.UNSPECIFIED;
        }
        
        Pair<String, String> pair = new Pair<String, String>(attributeName, attributeNameFormat);
        if (encounteredNames.contains(pair)) {
            throw new ValidationException(
                    "Attribute query contains more than one attribute with the same Name and NameFormat");
        } else {
            encounteredNames.add(pair);
        }
    }
}
 
Example #7
Source File: AttributeStatementGenerator.java    From MaxKey with Apache License 2.0 6 votes vote down vote up
public Attribute builderAttribute(String attributeName,String value ,String nameFormat){
	AttributeBuilder attributeBuilder = (AttributeBuilder) builderFactory.getBuilder(Attribute.DEFAULT_ELEMENT_NAME);
	Attribute attribute = attributeBuilder.buildObject();
	attribute.setName(attributeName);

	// urn:oasis:names:tc:SAML:2.0:attrname-format:basic
	if(nameFormat==null || nameFormat.equals("")) {
		nameFormat=Attribute.BASIC;
	}
	
	attribute.setNameFormat(nameFormat);
	if(value!=null) {	
		attribute.getAttributeValues().add(builderAttributeValue(value));
	}
	
	return attribute;
}
 
Example #8
Source File: Auth0SSODemoApplication.java    From spring-boot-security-saml-samples with MIT License 6 votes vote down vote up
@Bean
public SAMLUserDetailsService userDetailsService() {
    return new SAMLUserDetailsService() {
        @Override
        public Object loadUserBySAML(SAMLCredential samlCredential) throws UsernameNotFoundException {
            return new SAMLUserDetails(samlCredential) {
                @Override
                public Map<String, String> getAttributes() {
                    return samlCredential.getAttributes().stream()
                            .collect(Collectors.toMap(Attribute::getName, this::getValue));
                }

                private String getValue(Attribute attribute) {
                    return Optional.ofNullable(getAttribute(attribute.getName())).orElse("");
                }
            };
        }
    };
}
 
Example #9
Source File: DefaultSAML2SSOManager.java    From carbon-identity with Apache License 2.0 6 votes vote down vote up
private Map<ClaimMapping, String> getAssertionStatements(Assertion assertion) {

        Map<ClaimMapping, String> results = new HashMap<ClaimMapping, String>();

        if (assertion != null) {

            List<AttributeStatement> attributeStatementList = assertion.getAttributeStatements();

            if (attributeStatementList != null) {
                for (AttributeStatement statement : attributeStatementList) {
                    List<Attribute> attributesList = statement.getAttributes();
                    for (Attribute attribute : attributesList) {
                        Element value = attribute.getAttributeValues().get(0)
                                .getDOM();
                        String attributeValue = value.getTextContent();
                        results.put(ClaimMapping.build(attribute.getName(),
                                attribute.getName(), null, false), attributeValue);
                    }
                }
            }
        }
        return results;
    }
 
Example #10
Source File: IDPSSODescriptorUnmarshaller.java    From lams with GNU General Public License v2.0 6 votes vote down vote up
/** {@inheritDoc} */
protected void processChildElement(XMLObject parentObject, XMLObject childObject) throws UnmarshallingException {
    IDPSSODescriptor descriptor = (IDPSSODescriptor) parentObject;

    if (childObject instanceof SingleSignOnService) {
        descriptor.getSingleSignOnServices().add((SingleSignOnService) childObject);
    } else if (childObject instanceof NameIDMappingService) {
        descriptor.getNameIDMappingServices().add((NameIDMappingService) childObject);
    } else if (childObject instanceof AssertionIDRequestService) {
        descriptor.getAssertionIDRequestServices().add((AssertionIDRequestService) childObject);
    } else if (childObject instanceof AttributeProfile) {
        descriptor.getAttributeProfiles().add((AttributeProfile) childObject);
    } else if (childObject instanceof Attribute) {
        descriptor.getAttributes().add((Attribute) childObject);
    } else {
        super.processChildElement(parentObject, childObject);
    }
}
 
Example #11
Source File: SAML2SSOManager.java    From carbon-identity with Apache License 2.0 6 votes vote down vote up
private Map<String, String> getAssertionStatements(Assertion assertion) {

        Map<String, String> results = new HashMap<String, String>();

        if (assertion != null && assertion.getAttributeStatements() != null) {

            List<AttributeStatement> attributeStatementList = assertion.getAttributeStatements();


            for (AttributeStatement statement : attributeStatementList) {
                List<Attribute> attributesList = statement.getAttributes();
                for (Attribute attribute : attributesList) {
                    Element value = attribute.getAttributeValues().get(0).getDOM();
                    String attributeValue = value.getTextContent();
                    results.put(attribute.getName(), attributeValue);
                }
            }

        }
        return results;
    }
 
Example #12
Source File: SamlAssertionProducer.java    From saml-generator with Apache License 2.0 6 votes vote down vote up
private AttributeStatement createAttributeStatement(HashMap<String, List<String>> attributes) {
	// create authenticationstatement object
	AttributeStatementBuilder attributeStatementBuilder = new AttributeStatementBuilder();
	AttributeStatement attributeStatement = attributeStatementBuilder.buildObject();
	
	AttributeBuilder attributeBuilder = new AttributeBuilder();
	if (attributes != null) {
		for (Map.Entry<String, List<String>> entry : attributes.entrySet()) {
			Attribute attribute = attributeBuilder.buildObject();
			attribute.setName(entry.getKey());
			
			for (String value : entry.getValue()) {
				XSStringBuilder stringBuilder = new XSStringBuilder();
				XSString attributeValue = stringBuilder.buildObject(AttributeValue.DEFAULT_ELEMENT_NAME, XSString.TYPE_NAME);
				attributeValue.setValue(value);
				attribute.getAttributeValues().add(attributeValue);
			}
			
			attributeStatement.getAttributes().add(attribute);
		}
	}
	
	return attributeStatement;
}
 
Example #13
Source File: SAMLUtils.java    From cloudstack with Apache License 2.0 6 votes vote down vote up
public static String getValueFromAttributeStatements(final List<AttributeStatement> attributeStatements, final String attributeKey) {
    if (attributeStatements == null || attributeStatements.size() < 1 || attributeKey == null) {
        return null;
    }
    for (AttributeStatement attributeStatement : attributeStatements) {
        if (attributeStatement == null || attributeStatements.size() < 1) {
            continue;
        }
        for (Attribute attribute : attributeStatement.getAttributes()) {
            if (attribute.getAttributeValues() != null && attribute.getAttributeValues().size() > 0) {
                String value = attribute.getAttributeValues().get(0).getDOM().getTextContent();
                s_logger.debug("SAML attribute name: " + attribute.getName() + " friendly-name:" + attribute.getFriendlyName() + " value:" + value);
                if (attributeKey.equals(attribute.getName()) || attributeKey.equals(attribute.getFriendlyName())) {
                    return value;
                }
            }
        }
    }
    return null;
}
 
Example #14
Source File: Util.java    From carbon-identity with Apache License 2.0 5 votes vote down vote up
/**
 * Get the username from the SAML2 Assertion
 *
 * @param assertion SAML2 assertion
 * @return username
 */
public static String getUsernameFromAssertion(Assertion assertion) {

    String loginAttributeName = getLoginAttributeName();

    if (loginAttributeName != null) {
        // There can be multiple AttributeStatements in Assertion
        List<AttributeStatement> attributeStatements = assertion
                .getAttributeStatements();
        if (attributeStatements != null) {
            for (AttributeStatement attributeStatement : attributeStatements) {
                // There can be multiple Attributes in a
                // attributeStatement
                List<Attribute> attributes = attributeStatement
                        .getAttributes();
                if (attributes != null) {
                    for (Attribute attribute : attributes) {
                        String attributeName = attribute.getDOM()
                                .getAttribute("Name");
                        if (attributeName.equals(loginAttributeName)) {
                            List<XMLObject> attributeValues = attribute
                                    .getAttributeValues();
                            // There can be multiple attribute values in
                            // a attribute, but get the first one
                            return attributeValues.get(0).getDOM()
                                    .getTextContent();
                        }
                    }
                }
            }
        }
    }
    return assertion.getSubject().getNameID().getValue();
}
 
Example #15
Source File: EntityAttributesUnmarshaller.java    From lams with GNU General Public License v2.0 5 votes vote down vote up
/** {@inheritDoc} */
protected void processChildElement(XMLObject parentObject, XMLObject childObject) throws UnmarshallingException {
    EntityAttributes entityAttrs = (EntityAttributes) parentObject;

    if (childObject instanceof Attribute) {
        entityAttrs.getAttributes().add((Attribute) childObject);
    } else if (childObject instanceof Assertion) {
        entityAttrs.getAssertions().add((Assertion) childObject);
    } else {
        super.processChildElement(parentObject, childObject);
    }
}
 
Example #16
Source File: AttributeStatementGenerator.java    From MaxKey with Apache License 2.0 5 votes vote down vote up
public Attribute   builderGrantedAuthority(Collection<GrantedAuthority> authorities){
	// Response/Assertion/AttributeStatement/Attribute
	Attribute attribute = builderAttribute("GrantedAuthority",null,null);
	for (GrantedAuthority grantedAuthority : authorities) {
		// this was convoluted to figure out
		// Response/Assertion/AttributeStatement/Attribute/AttributeValue
		attribute.getAttributeValues().add(builderAttributeValue(grantedAuthority.getAuthority()));

	}
	return attribute;
}
 
Example #17
Source File: SAML2SSOAuthenticator.java    From carbon-identity with Apache License 2.0 5 votes vote down vote up
/**
 * Get the username from the SAML2 Assertion
 *
 * @param assertion SAML2 assertion
 * @return username
 */
private String[] getRolesFromAssertion(Assertion assertion) {
    String[] roles = null;
    String roleClaim = getRoleClaim();
    List<AttributeStatement> attributeStatementList = assertion.getAttributeStatements();

    if (attributeStatementList != null) {
        for (AttributeStatement statement : attributeStatementList) {
            List<Attribute> attributesList = statement.getAttributes();
            for (Attribute attribute : attributesList) {
                String attributeName = attribute.getName();
                if (attributeName != null && roleClaim.equals(attributeName)) {
                    // Assumes role claim appear only once
                    Element value = attribute.getAttributeValues().get(0).getDOM();
                    String attributeValue = value.getTextContent();

                    if (log.isDebugEnabled()) {
                        log.debug("AttributeName : " + attributeName + ", AttributeValue : " + attributeValue);
                    }

                    roles = attributeValue.split(getAttributeSeperator());
                    if (log.isDebugEnabled()) {
                        log.debug("Role list : " + Arrays.toString(roles));
                    }
                }
            }
        }
    }
    return roles;
}
 
Example #18
Source File: AttributeStatementGenerator.java    From MaxKey with Apache License 2.0 5 votes vote down vote up
public AttributeStatement generateAttributeStatement(
				AppsSAML20Details saml20Details,
				ArrayList<GrantedAuthority> grantedAuthoritys,
				HashMap<String,String>attributeMap) {

	AttributeStatementBuilder attributeStatementBuilder = (AttributeStatementBuilder) builderFactory.getBuilder(AttributeStatement.DEFAULT_ELEMENT_NAME);
	AttributeStatement attributeStatement = attributeStatementBuilder.buildObject();
	
	Attribute attributeGrantedAuthority=builderGrantedAuthority(grantedAuthoritys);
	attributeStatement.getAttributes().add(attributeGrantedAuthority);
	
	if(null!=attributeMap){
		Iterator<Entry<String, String>> iterator = attributeMap.entrySet().iterator();
		while (iterator.hasNext()) {
			Map.Entry<String, String> entry = (Map.Entry<String, String>) iterator.next();
			String key = entry.getKey();
			String value = entry.getValue();
			Attribute attribute=builderAttribute(key,value,Attribute.BASIC);
			attributeStatement.getAttributes().add(attribute);
		}
	}
	
	logger.debug("ExtendAttr "+saml20Details.getExtendAttr());
	if(Boolean.isTrue(saml20Details.getIsExtendAttr())) {
		ExtraAttrs extraAttrs=new ExtraAttrs(saml20Details.getExtendAttr());
		for(ExtraAttr extraAttr : extraAttrs.getExtraAttrs()) {
			logger.debug("Attribute : "+extraAttr.getAttr()+" , Vale : "+extraAttr.getValue()+" , Type : "+extraAttr.getType());
			attributeStatement.getAttributes().add(builderAttribute(extraAttr.getAttr(),extraAttr.getValue(),extraAttr.getType()));
		}
	}
	
	return attributeStatement;
}
 
Example #19
Source File: AttributeQueryUnmarshaller.java    From lams with GNU General Public License v2.0 5 votes vote down vote up
/** {@inheritDoc} */
protected void processChildElement(XMLObject parentSAMLObject, XMLObject childSAMLObject)
        throws UnmarshallingException {
    AttributeQuery query = (AttributeQuery) parentSAMLObject;

    if (childSAMLObject instanceof Attribute) {
        query.getAttributes().add((Attribute) childSAMLObject);
    } else {
        super.processChildElement(parentSAMLObject, childSAMLObject);
    }
}
 
Example #20
Source File: AttributeMarshaller.java    From lams with GNU General Public License v2.0 5 votes vote down vote up
/** {@inheritDoc} */
protected void marshallAttributes(XMLObject samlElement, Element domElement) throws MarshallingException {
    Attribute attribute = (Attribute) samlElement;

    if (attribute.getName() != null) {
        domElement.setAttributeNS(null, Attribute.NAME_ATTTRIB_NAME, attribute.getName());
    }

    if (attribute.getNameFormat() != null) {
        domElement.setAttributeNS(null, Attribute.NAME_FORMAT_ATTRIB_NAME, attribute.getNameFormat());
    }

    if (attribute.getFriendlyName() != null) {
        domElement.setAttributeNS(null, Attribute.FRIENDLY_NAME_ATTRIB_NAME, attribute.getFriendlyName());
    }

    Attr attr;
    for (Entry<QName, String> entry : attribute.getUnknownAttributes().entrySet()) {
        attr = XMLHelper.constructAttribute(domElement.getOwnerDocument(), entry.getKey());
        attr.setValue(entry.getValue());
        domElement.setAttributeNodeNS(attr);
        if (Configuration.isIDAttribute(entry.getKey())
                || attribute.getUnknownAttributes().isIDAttribute(entry.getKey())) {
            attr.getOwnerElement().setIdAttributeNode(attr, true);
        }
    }
}
 
Example #21
Source File: AttributeStatementUnmarshaller.java    From lams with GNU General Public License v2.0 5 votes vote down vote up
/** {@inheritDoc} */
protected void processChildElement(XMLObject parentObject, XMLObject childObject) throws UnmarshallingException {
    AttributeStatement attributeStatement = (AttributeStatement) parentObject;

    if (childObject instanceof Attribute) {
        attributeStatement.getAttributes().add((Attribute) childObject);
    } else if (childObject instanceof EncryptedAttribute) {
        attributeStatement.getEncryptedAttributes().add((EncryptedAttribute) childObject);
    } else {
        super.processChildElement(parentObject, childObject);
    }
}
 
Example #22
Source File: AttributeAuthorityDescriptorImpl.java    From lams with GNU General Public License v2.0 5 votes vote down vote up
/**
 * Constructor.
 * 
 * @param namespaceURI the namespace the element is in
 * @param elementLocalName the local name of the XML element this Object represents
 * @param namespacePrefix the prefix for the given namespace
 */
protected AttributeAuthorityDescriptorImpl(String namespaceURI, String elementLocalName, String namespacePrefix) {
    super(namespaceURI, elementLocalName, namespacePrefix);
    attributeServices = new XMLObjectChildrenList<AttributeService>(this);
    assertionIDRequestServices = new XMLObjectChildrenList<AssertionIDRequestService>(this);
    attributeProfiles = new XMLObjectChildrenList<AttributeProfile>(this);
    nameFormats = new XMLObjectChildrenList<NameIDFormat>(this);
    attributes = new XMLObjectChildrenList<Attribute>(this);
}
 
Example #23
Source File: IDPSSODescriptorImpl.java    From lams with GNU General Public License v2.0 5 votes vote down vote up
/**
 * Constructor.
 * 
 * @param namespaceURI the namespace the element is in
 * @param elementLocalName the local name of the XML element this Object represents
 * @param namespacePrefix the prefix for the given namespace
 */
protected IDPSSODescriptorImpl(String namespaceURI, String elementLocalName, String namespacePrefix) {
    super(namespaceURI, elementLocalName, namespacePrefix);
    singleSignOnServices = new XMLObjectChildrenList<SingleSignOnService>(this);
    nameIDMappingServices = new XMLObjectChildrenList<NameIDMappingService>(this);
    assertionIDRequestServices = new XMLObjectChildrenList<AssertionIDRequestService>(this);
    attributeProfiles = new XMLObjectChildrenList<AttributeProfile>(this);
    attributes = new XMLObjectChildrenList<Attribute>(this);
}
 
Example #24
Source File: Decrypter.java    From lams with GNU General Public License v2.0 5 votes vote down vote up
/**
 * Decrypt the specified EncryptedAttribute.
 * 
 * @param encryptedAttribute the EncryptedAttribute to decrypt
 * @return an Attribute
 * @throws DecryptionException thrown when decryption generates an error
 */
public Attribute decrypt(EncryptedAttribute encryptedAttribute) throws DecryptionException {
    SAMLObject samlObject = decryptData(encryptedAttribute);
    if (! (samlObject instanceof Attribute)) {
        throw new DecryptionException("Decrypted SAMLObject was not an instance of Attribute");
    }
    return (Attribute) samlObject;
}
 
Example #25
Source File: AttributeUnmarshaller.java    From lams with GNU General Public License v2.0 5 votes vote down vote up
/** {@inheritDoc} */
protected void processChildElement(XMLObject parentSAMLObject, XMLObject childSAMLObject)
        throws UnmarshallingException {

    Attribute attribute = (Attribute) parentSAMLObject;

    QName childQName = childSAMLObject.getElementQName();
    if (childQName.getLocalPart().equals("AttributeValue")
            && childQName.getNamespaceURI().equals(SAMLConstants.SAML20_NS)) {
        attribute.getAttributeValues().add(childSAMLObject);
    } else {
        super.processChildElement(parentSAMLObject, childSAMLObject);
    }
}
 
Example #26
Source File: SAMLUserDetails.java    From spring-boot-security-saml-samples with MIT License 4 votes vote down vote up
public Map<String, String> getAttributes() {
  return samlCredential.getAttributes().stream()
      .collect(Collectors.toMap(Attribute::getName, this::getString));
}
 
Example #27
Source File: EntityAttributesImpl.java    From lams with GNU General Public License v2.0 4 votes vote down vote up
/** {@inheritDoc} */
public List<Attribute> getAttributes() {
    return (List<Attribute>) attributeInfo.subList(Attribute.DEFAULT_ELEMENT_NAME);
}
 
Example #28
Source File: DefaultSAMLAssertionBuilder.java    From carbon-identity with Apache License 2.0 4 votes vote down vote up
private AttributeStatement buildAttributeStatement(Map<String, String> claims) {

        String claimSeparator = claims.get(IdentityCoreConstants.MULTI_ATTRIBUTE_SEPARATOR);
        if (StringUtils.isNotBlank(claimSeparator)) {
            userAttributeSeparator = claimSeparator;
        }
        claims.remove(IdentityCoreConstants.MULTI_ATTRIBUTE_SEPARATOR);

        AttributeStatement attStmt = new AttributeStatementBuilder().buildObject();
        Iterator<Map.Entry<String, String>> iterator = claims.entrySet().iterator();
        boolean atLeastOneNotEmpty = false;
        for (int i = 0; i < claims.size(); i++) {
            Map.Entry<String, String> claimEntry = iterator.next();
            String claimUri = claimEntry.getKey();
            String claimValue = claimEntry.getValue();
            if (claimUri != null && !claimUri.trim().isEmpty() && claimValue != null && !claimValue.trim().isEmpty()) {
                atLeastOneNotEmpty = true;
                Attribute attribute = new AttributeBuilder().buildObject();
                attribute.setName(claimUri);
                //setting NAMEFORMAT attribute value to basic attribute profile
                attribute.setNameFormat(SAMLSSOConstants.NAME_FORMAT_BASIC);
                // look
                // https://wiki.shibboleth.net/confluence/display/OpenSAML/OSTwoUsrManJavaAnyTypes
                XSStringBuilder stringBuilder = (XSStringBuilder) Configuration.getBuilderFactory().
                        getBuilder(XSString.TYPE_NAME);
                XSString stringValue;

                //Need to check if the claim has multiple values
                if (userAttributeSeparator != null && claimValue.contains(userAttributeSeparator)) {
                    StringTokenizer st = new StringTokenizer(claimValue, userAttributeSeparator);
                    while (st.hasMoreElements()) {
                        String attValue = st.nextElement().toString();
                        if (attValue != null && attValue.trim().length() > 0) {
                            stringValue = stringBuilder.buildObject(AttributeValue.DEFAULT_ELEMENT_NAME, XSString.TYPE_NAME);
                            stringValue.setValue(attValue);
                            attribute.getAttributeValues().add(stringValue);
                        }
                    }
                } else {
                    stringValue = stringBuilder.buildObject(AttributeValue.DEFAULT_ELEMENT_NAME, XSString.TYPE_NAME);
                    stringValue.setValue(claimValue);
                    attribute.getAttributeValues().add(stringValue);
                }

                attStmt.getAttributes().add(attribute);
            }
        }
        if (atLeastOneNotEmpty) {
            return attStmt;
        } else {
            return null;
        }
    }
 
Example #29
Source File: AttributeAuthorityDescriptorImpl.java    From lams with GNU General Public License v2.0 4 votes vote down vote up
/** {@inheritDoc} */
public List<Attribute> getAttributes() {
    return attributes;
}
 
Example #30
Source File: SAML2TokenBuilder.java    From carbon-identity with Apache License 2.0 4 votes vote down vote up
@Override
public void createStatement(GenericIdentityProviderData ipData, RahasData rahasData)
        throws IdentityProviderException {
    if (log.isDebugEnabled()) {
        log.debug("Begin SAML statement creation.");
    }
    attributeStmt = (AttributeStatement) buildXMLObject(AttributeStatement.DEFAULT_ELEMENT_NAME);

    Map<String, RequestedClaimData> mapClaims = ipData.getRequestedClaims();

    if (rahasData.getAppliesToAddress() != null) {
        appilesTo = rahasData.getAppliesToAddress();
    }

    Iterator<RequestedClaimData> ite = mapClaims.values().iterator();

    while (ite.hasNext()) {
        RequestedClaimData claim = ite.next();
        String uri = claim.getUri();

        int index = uri.lastIndexOf("/");
        String attrName = uri.substring(index + 1, uri.length());
        String attrNamespace = uri.substring(0, index);

        Attribute attribute = (Attribute) buildXMLObject(Attribute.DEFAULT_ELEMENT_NAME);
        attribute.setName(attrName);
        attribute.setNameFormat(attrNamespace);

        XMLObjectBuilderFactory builderFactory = Configuration.getBuilderFactory();

        // TODO remove this else if condition after WSO2 IS supports claim
        // types properly
        if (claim.getUri().equals(IdentityConstants.CLAIM_PPID)) {
            XSBase64BinaryBuilder ppidValueBuilder = (XSBase64BinaryBuilder) builderFactory
                    .getBuilder(XSBase64Binary.TYPE_NAME);
            XSBase64Binary ppidValue = ppidValueBuilder.buildObject(
                    AttributeValue.DEFAULT_ELEMENT_NAME, XSBase64Binary.TYPE_NAME);
            ppidValue.setValue(claim.getValue());
            attribute.getAttributeValues().add(ppidValue);
        } else {
            XSStringBuilder attributeValueBuilder = (XSStringBuilder) builderFactory
                    .getBuilder(XSString.TYPE_NAME);

            XSString stringValue = attributeValueBuilder.buildObject(
                    AttributeValue.DEFAULT_ELEMENT_NAME, XSString.TYPE_NAME);
            stringValue.setValue(claim.getValue());
            attribute.getAttributeValues().add(stringValue);
        }
        attributeStmt.getAttributes().add(attribute);
    }
}