org.opensaml.saml2.core.AuthnContext Java Examples

The following examples show how to use org.opensaml.saml2.core.AuthnContext. You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
Source File: AuthnStatementGenerator.java    From MaxKey with Apache License 2.0 6 votes vote down vote up
public AuthnStatement generateAuthnStatement(DateTime authnInstant) {
	//Response/Assertion/AuthnStatement/AuthContext/AuthContextClassRef
	AuthnContextClassRef authnContextClassRef = new AuthnContextClassRefBuilder().buildObject();
	//urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport
	authnContextClassRef.setAuthnContextClassRef(AuthnContext.PPT_AUTHN_CTX);

	//Response/Assertion/AuthnStatement/AuthContext
	AuthnContext authnContext = new AuthnContextBuilder().buildObject();
	authnContext.setAuthnContextClassRef(authnContextClassRef);

	//Response/Assertion/AuthnStatement
	AuthnStatement authnStatement = new AuthnStatementBuilder().buildObject();
	authnStatement.setAuthnContext(authnContext);
	authnStatement.setAuthnInstant(authnInstant);
	logger.debug("generateAuthnStatement authnInstant "+authnInstant);
	return authnStatement;

}
 
Example #2
Source File: SamlAssertionProducer.java    From saml-generator with Apache License 2.0 6 votes vote down vote up
private AuthnStatement createAuthnStatement(final DateTime issueDate) {
	// create authcontextclassref object
	AuthnContextClassRefBuilder classRefBuilder = new AuthnContextClassRefBuilder();
	AuthnContextClassRef classRef = classRefBuilder.buildObject();
	classRef.setAuthnContextClassRef("urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport");
	
	// create authcontext object
	AuthnContextBuilder authContextBuilder = new AuthnContextBuilder();
	AuthnContext authnContext = authContextBuilder.buildObject();
	authnContext.setAuthnContextClassRef(classRef);
	
	// create authenticationstatement object
	AuthnStatementBuilder authStatementBuilder = new AuthnStatementBuilder();
	AuthnStatement authnStatement = authStatementBuilder.buildObject();
	authnStatement.setAuthnInstant(issueDate);
	authnStatement.setAuthnContext(authnContext);
	
	return authnStatement;
}
 
Example #3
Source File: AuthnStatementUnmarshaller.java    From lams with GNU General Public License v2.0 5 votes vote down vote up
/** {@inheritDoc} */
protected void processChildElement(XMLObject parentObject, XMLObject childObject) throws UnmarshallingException {
    AuthnStatement authnStatement = (AuthnStatement) parentObject;
    if (childObject instanceof SubjectLocality) {
        authnStatement.setSubjectLocality((SubjectLocality) childObject);
    } else if (childObject instanceof AuthnContext) {
        authnStatement.setAuthnContext((AuthnContext) childObject);
    } else {
        super.processChildElement(parentObject, childObject);
    }
}
 
Example #4
Source File: AuthnContextUnmarshaller.java    From lams with GNU General Public License v2.0 5 votes vote down vote up
/** {@inheritDoc} */
protected void processChildElement(XMLObject parentObject, XMLObject childObject) throws UnmarshallingException {
    AuthnContext authnContext = (AuthnContext) parentObject;
    if (childObject instanceof AuthnContextClassRef) {
        authnContext.setAuthnContextClassRef((AuthnContextClassRef) childObject);
    } else if (childObject instanceof AuthnContextDecl) {
        authnContext.setAuthnContextDecl((AuthnContextDecl) childObject);
    } else if (childObject instanceof AuthnContextDeclRef) {
        authnContext.setAuthnContextDeclRef((AuthnContextDeclRef) childObject);
    } else if (childObject instanceof AuthenticatingAuthority) {
        authnContext.getAuthenticatingAuthorities().add((AuthenticatingAuthority) childObject);
    } else {
        super.processChildElement(parentObject, childObject);
    }
}
 
Example #5
Source File: SAMLUtils.java    From cloudstack with Apache License 2.0 5 votes vote down vote up
public static AuthnRequest buildAuthnRequestObject(final String authnId, final String spId, final String idpUrl, final String consumerUrl) {
    // Issuer object
    IssuerBuilder issuerBuilder = new IssuerBuilder();
    Issuer issuer = issuerBuilder.buildObject();
    issuer.setValue(spId);

    // AuthnContextClass
    AuthnContextClassRefBuilder authnContextClassRefBuilder = new AuthnContextClassRefBuilder();
    AuthnContextClassRef authnContextClassRef = authnContextClassRefBuilder.buildObject(
            SAMLConstants.SAML20_NS,
            "AuthnContextClassRef", "saml");
    authnContextClassRef.setAuthnContextClassRef(AuthnContext.PPT_AUTHN_CTX);

    // AuthnContext
    RequestedAuthnContextBuilder requestedAuthnContextBuilder = new RequestedAuthnContextBuilder();
    RequestedAuthnContext requestedAuthnContext = requestedAuthnContextBuilder.buildObject();
    requestedAuthnContext.setComparison(AuthnContextComparisonTypeEnumeration.EXACT);
    requestedAuthnContext.getAuthnContextClassRefs().add(authnContextClassRef);

    // Creation of AuthRequestObject
    AuthnRequestBuilder authRequestBuilder = new AuthnRequestBuilder();
    AuthnRequest authnRequest = authRequestBuilder.buildObject();
    authnRequest.setID(authnId);
    authnRequest.setDestination(idpUrl);
    authnRequest.setVersion(SAMLVersion.VERSION_20);
    authnRequest.setForceAuthn(false);
    authnRequest.setIsPassive(false);
    authnRequest.setIssueInstant(new DateTime());
    authnRequest.setProtocolBinding(SAMLConstants.SAML2_POST_BINDING_URI);
    authnRequest.setAssertionConsumerServiceURL(consumerUrl);
    authnRequest.setProviderName(spId);
    authnRequest.setIssuer(issuer);
    authnRequest.setRequestedAuthnContext(requestedAuthnContext);

    return authnRequest;
}
 
Example #6
Source File: AuthnContextBuilder.java    From lams with GNU General Public License v2.0 4 votes vote down vote up
/** {@inheritDoc} */
public AuthnContext buildObject() {
    return buildObject(SAMLConstants.SAML20_NS, AuthnContext.DEFAULT_ELEMENT_LOCAL_NAME,
            SAMLConstants.SAML20_PREFIX);
}
 
Example #7
Source File: AuthnContextBuilder.java    From lams with GNU General Public License v2.0 4 votes vote down vote up
/** {@inheritDoc} */
public AuthnContext buildObject(String namespaceURI, String localName, String namespacePrefix) {
    return new AuthnContextImpl(namespaceURI, localName, namespacePrefix);
}
 
Example #8
Source File: AuthnStatementImpl.java    From lams with GNU General Public License v2.0 4 votes vote down vote up
/** {@inheritDoc} */
public AuthnContext getAuthnContext() {
    return authnContext;
}
 
Example #9
Source File: AuthnStatementImpl.java    From lams with GNU General Public License v2.0 4 votes vote down vote up
/** {@inheritDoc} */
public void setAuthnContext(AuthnContext newAuthnContext) {
    this.authnContext = prepareForAssignment(this.authnContext, newAuthnContext);
}
 
Example #10
Source File: DefaultSAML2SSOManager.java    From carbon-identity with Apache License 2.0 4 votes vote down vote up
private RequestedAuthnContext buildRequestedAuthnContext(AuthnRequest inboundAuthnRequest) throws SAMLSSOException {
    
    /* AuthnContext */
    RequestedAuthnContextBuilder requestedAuthnContextBuilder = null;
    RequestedAuthnContext requestedAuthnContext = null;
    
    String includeAuthnContext = properties
            .get(IdentityApplicationConstants.Authenticator.SAML2SSO.INCLUDE_AUTHN_CONTEXT);
    
    if (StringUtils.isNotEmpty(includeAuthnContext) && "as_request".equalsIgnoreCase(includeAuthnContext)) {
        if (inboundAuthnRequest != null) {
            RequestedAuthnContext incomingRequestedAuthnContext = inboundAuthnRequest.getRequestedAuthnContext();
            if (incomingRequestedAuthnContext != null) {
                requestedAuthnContextBuilder = new RequestedAuthnContextBuilder();
                requestedAuthnContext = requestedAuthnContextBuilder.buildObject();
                requestedAuthnContext.setDOM(incomingRequestedAuthnContext.getDOM());
            }
        }
    } else if (StringUtils.isEmpty(includeAuthnContext) || "yes".equalsIgnoreCase(includeAuthnContext)) {
        requestedAuthnContextBuilder = new RequestedAuthnContextBuilder();
        requestedAuthnContext = requestedAuthnContextBuilder.buildObject();
        /* AuthnContextClass */
        AuthnContextClassRefBuilder authnContextClassRefBuilder = new AuthnContextClassRefBuilder();
        AuthnContextClassRef authnContextClassRef = authnContextClassRefBuilder
                .buildObject(SAMLConstants.SAML20_NS,
                        AuthnContextClassRef.DEFAULT_ELEMENT_LOCAL_NAME,
                        SAMLConstants.SAML20_PREFIX);

        String authnContextClassProp = properties
                .get(IdentityApplicationConstants.Authenticator.SAML2SSO.AUTHENTICATION_CONTEXT_CLASS);

        if (StringUtils.isNotEmpty(authnContextClassProp)) {
            authnContextClassRef.setAuthnContextClassRef(IdentityApplicationManagementUtil
                    .getSAMLAuthnContextClasses().get(authnContextClassProp));
        } else {
            authnContextClassRef.setAuthnContextClassRef(AuthnContext.PPT_AUTHN_CTX);
        }

        /* Authentication Context Comparison Level */
        String authnContextComparison = properties
                .get(IdentityApplicationConstants.Authenticator.SAML2SSO.AUTHENTICATION_CONTEXT_COMPARISON_LEVEL);

        if (StringUtils.isNotEmpty(authnContextComparison)) {
            if (AuthnContextComparisonTypeEnumeration.EXACT.toString().equalsIgnoreCase(
                    authnContextComparison)) {
                requestedAuthnContext.setComparison(AuthnContextComparisonTypeEnumeration.EXACT);
            } else if (AuthnContextComparisonTypeEnumeration.MINIMUM.toString().equalsIgnoreCase(
                    authnContextComparison)) {
                requestedAuthnContext.setComparison(AuthnContextComparisonTypeEnumeration.MINIMUM);
            } else if (AuthnContextComparisonTypeEnumeration.MAXIMUM.toString().equalsIgnoreCase(
                    authnContextComparison)) {
                requestedAuthnContext.setComparison(AuthnContextComparisonTypeEnumeration.MAXIMUM);
            } else if (AuthnContextComparisonTypeEnumeration.BETTER.toString().equalsIgnoreCase(
                    authnContextComparison)) {
                requestedAuthnContext.setComparison(AuthnContextComparisonTypeEnumeration.BETTER);
            }
        } else {
            requestedAuthnContext.setComparison(AuthnContextComparisonTypeEnumeration.EXACT);
        }
        requestedAuthnContext.getAuthnContextClassRefs().add(authnContextClassRef);
    }
    return requestedAuthnContext;
}