Java Code Examples for org.opensaml.saml.saml2.core.Issuer#setValue()
The following examples show how to use
org.opensaml.saml.saml2.core.Issuer#setValue() .
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
| Source File: AuthnRequestFactory.java From verify-service-provider with MIT License | 6 votes |
|
public AuthnRequest build(String serviceEntityId) {
AuthnRequest authnRequest = new AuthnRequestBuilder().buildObject();
authnRequest.setID(String.format("_%s", UUID.randomUUID()));
authnRequest.setIssueInstant(DateTime.now());
authnRequest.setForceAuthn(false);
authnRequest.setDestination(destination.toString());
authnRequest.setExtensions(createExtensions());
Issuer issuer = new IssuerBuilder().buildObject();
issuer.setValue(serviceEntityId);
authnRequest.setIssuer(issuer);
authnRequest.setSignature(createSignature());
try {
XMLObjectProviderRegistrySupport.getMarshallerFactory().getMarshaller(authnRequest).marshall(authnRequest);
Signer.signObject(authnRequest.getSignature());
} catch (SignatureException | MarshallingException e) {
throw new SAMLRuntimeException("Unknown problem while signing SAML object", e);
}
return authnRequest;
}
Example 2
| Source File: LogoutRequestBuilder.java From carbon-apimgt with Apache License 2.0 | 6 votes |
|
/**
* Overload Logout request for sessionIndexId is not exist case
*
* @param subject Subject
* @param reason Reason for logout
* @param issuerId id of issuer
* @return SAML logout request
*/
public LogoutRequest buildLogoutRequest(String subject, String reason,
String issuerId, String nameIdFormat) {
Util.doBootstrap();
LogoutRequest logoutReq = new org.opensaml.saml.saml2.core.impl.LogoutRequestBuilder().buildObject();
logoutReq.setID(Util.createID());
DateTime issueInstant = new DateTime();
logoutReq.setIssueInstant(issueInstant);
logoutReq.setNotOnOrAfter(new DateTime(issueInstant.getMillis() + 5 * 60 * 1000));
IssuerBuilder issuerBuilder = new IssuerBuilder();
Issuer issuer = issuerBuilder.buildObject();
issuer.setValue(issuerId);
logoutReq.setIssuer(issuer);
logoutReq.setNameID(Util.buildNameID(nameIdFormat, subject));
logoutReq.setReason(reason);
return logoutReq;
}
Example 3
| Source File: SamlSingleLogoutFunction.java From armeria with Apache License 2.0 | 6 votes |
|
private LogoutResponse createLogoutResponse(LogoutRequest logoutRequest,
String statusCode) {
final StatusCode success = build(StatusCode.DEFAULT_ELEMENT_NAME);
success.setValue(statusCode);
final Status status = build(Status.DEFAULT_ELEMENT_NAME);
status.setStatusCode(success);
final Issuer me = build(Issuer.DEFAULT_ELEMENT_NAME);
me.setValue(entityId);
final LogoutResponse logoutResponse = build(LogoutResponse.DEFAULT_ELEMENT_NAME);
logoutResponse.setIssuer(me);
logoutResponse.setID(requestIdManager.newId());
logoutResponse.setIssueInstant(DateTime.now());
logoutResponse.setStatus(status);
logoutResponse.setInResponseTo(logoutRequest.getID());
return logoutResponse;
}
Example 4
| Source File: LogoutRequestBuilder.java From carbon-apimgt with Apache License 2.0 | 6 votes |
|
/**
* Build the logout request
* @param subject name of the user
* @param reason reason for generating logout request.
* @return LogoutRequest object
*/
public LogoutRequest buildLogoutRequest(String subject,String sessionIndexId, String reason,
String issuerId, String nameIdFormat) {
Util.doBootstrap();
LogoutRequest logoutReq = new org.opensaml.saml.saml2.core.impl.LogoutRequestBuilder().buildObject();
logoutReq.setID(Util.createID());
DateTime issueInstant = new DateTime();
logoutReq.setIssueInstant(issueInstant);
logoutReq.setNotOnOrAfter(new DateTime(issueInstant.getMillis() + 5 * 60 * 1000));
IssuerBuilder issuerBuilder = new IssuerBuilder();
Issuer issuer = issuerBuilder.buildObject();
issuer.setValue(issuerId);
logoutReq.setIssuer(issuer);
logoutReq.setNameID(Util.buildNameID(nameIdFormat, subject));
SessionIndex sessionIndex = new SessionIndexBuilder().buildObject();
sessionIndex.setSessionIndex(sessionIndexId);
logoutReq.getSessionIndexes().add(sessionIndex);
logoutReq.setReason(reason);
return logoutReq;
}
Example 5
| Source File: SAML2PResponseComponentBuilder.java From cxf-fediz with Apache License 2.0 | 5 votes |
|
@SuppressWarnings("unchecked")
public static Issuer createIssuer(
String issuerValue,
String issuerFormat
) {
if (issuerBuilder == null) {
issuerBuilder = (SAMLObjectBuilder<Issuer>)
builderFactory.getBuilder(Issuer.DEFAULT_ELEMENT_NAME);
}
Issuer issuer = issuerBuilder.buildObject();
issuer.setValue(issuerValue);
issuer.setFormat(issuerFormat);
return issuer;
}
Example 6
| Source File: SamlpRequestComponentBuilder.java From cxf-fediz with Apache License 2.0 | 5 votes |
|
@SuppressWarnings("unchecked")
public static Issuer createIssuer(
String issuerValue
) {
if (issuerBuilder == null) {
issuerBuilder = (SAMLObjectBuilder<Issuer>)
builderFactory.getBuilder(Issuer.DEFAULT_ELEMENT_NAME);
}
Issuer issuer = issuerBuilder.buildObject();
issuer.setValue(issuerValue);
return issuer;
}
Example 7
| Source File: SamlpRequestComponentBuilder.java From cxf with Apache License 2.0 | 5 votes |
|
@SuppressWarnings("unchecked")
public static Issuer createIssuer(
String issuerValue
) {
if (issuerBuilder == null) {
issuerBuilder = (SAMLObjectBuilder<Issuer>)
builderFactory.getBuilder(Issuer.DEFAULT_ELEMENT_NAME);
}
Issuer issuer = issuerBuilder.buildObject();
issuer.setValue(issuerValue);
return issuer;
}
Example 8
| Source File: SamlRequestComponentBuilder.java From cxf with Apache License 2.0 | 5 votes |
|
/**
* Create an Issuer object
*
* @param issuerValue of type String
* @return an Issuer object
*/
@SuppressWarnings("unchecked")
public static Issuer createIssuer(String issuerValue) {
if (issuerBuilder == null) {
issuerBuilder = (SAMLObjectBuilder<Issuer>)
builderFactory.getBuilder(Issuer.DEFAULT_ELEMENT_NAME);
}
Issuer issuer = issuerBuilder.buildObject();
//
// The SAML authority that is making the claim(s) in the assertion. The issuer SHOULD
// be unambiguous to the intended relying parties.
issuer.setValue(issuerValue);
return issuer;
}
Example 9
| Source File: AuthReqBuilder.java From carbon-apimgt with Apache License 2.0 | 5 votes |
|
/**
* Build the issuer object
*
* @return Issuer object
*/
private static Issuer buildIssuer(String issuerId) {
IssuerBuilder issuerBuilder = new IssuerBuilder();
Issuer issuer = issuerBuilder.buildObject();
issuer.setValue(issuerId);
return issuer;
}
Example 10
| Source File: LogoutRequestBuilder.java From carbon-apimgt with Apache License 2.0 | 5 votes |
|
/**
* Overload Logout request for sessionIndexId is not exist case
*
* @param subject Subject
* @param reason Reason for logout
* @param issuerId id of issuer
* @return Signed SAML logout request
*/
public LogoutRequest buildSignedLogoutRequest(String subject, String reason,
String issuerId, int tenantId, String tenantDomain, String destination, String nameIdFormat)
throws SSOHostObjectException {
Util.doBootstrap();
LogoutRequest logoutReq = new org.opensaml.saml.saml2.core.impl.LogoutRequestBuilder().buildObject();
logoutReq.setID(Util.createID());
DateTime issueInstant = new DateTime();
logoutReq.setIssueInstant(issueInstant);
logoutReq.setNotOnOrAfter(new DateTime(issueInstant.getMillis() + 5 * 60 * 1000));
IssuerBuilder issuerBuilder = new IssuerBuilder();
Issuer issuer = issuerBuilder.buildObject();
issuer.setValue(issuerId);
logoutReq.setIssuer(issuer);
logoutReq.setNameID(Util.buildNameID(nameIdFormat, subject));
logoutReq.setReason(reason);
logoutReq.setDestination(destination);
SSOAgentCarbonX509Credential ssoAgentCarbonX509Credential =
new SSOAgentCarbonX509Credential(tenantId, tenantDomain);
setSignature(logoutReq, SignatureConstants.ALGO_ID_SIGNATURE_RSA,
new X509CredentialImpl(ssoAgentCarbonX509Credential));
return logoutReq;
}
Example 11
| Source File: SAML2PResponseComponentBuilder.java From cxf-fediz with Apache License 2.0 | 5 votes |
|
@SuppressWarnings("unchecked")
public static Issuer createIssuer(
String issuerValue
) {
if (issuerBuilder == null) {
issuerBuilder = (SAMLObjectBuilder<Issuer>)
builderFactory.getBuilder(Issuer.DEFAULT_ELEMENT_NAME);
}
Issuer issuer = issuerBuilder.buildObject();
issuer.setValue(issuerValue);
return issuer;
}
Example 12
| Source File: SAML2PResponseComponentBuilder.java From cxf-fediz with Apache License 2.0 | 5 votes |
|
@SuppressWarnings("unchecked")
public static Issuer createIssuer(
String issuerValue
) {
if (issuerBuilder == null) {
issuerBuilder = (SAMLObjectBuilder<Issuer>)
builderFactory.getBuilder(Issuer.DEFAULT_ELEMENT_NAME);
}
Issuer issuer = issuerBuilder.buildObject();
issuer.setValue(issuerValue);
return issuer;
}
Example 13
| Source File: SamlClient.java From saml-client with MIT License | 5 votes |
|
/**
* Gets saml logout response.
*
* @param status the status code @See StatusCode.java
* @param statMsg the status message
* @return saml logout response
* @throws SamlException the saml exception
*/
public String getSamlLogoutResponse(final String status, final String statMsg)
throws SamlException {
LogoutResponse response = (LogoutResponse) buildSamlObject(LogoutResponse.DEFAULT_ELEMENT_NAME);
response.setID("z" + UUID.randomUUID().toString()); // ADFS needs IDs to start with a letter
response.setVersion(SAMLVersion.VERSION_20);
response.setIssueInstant(DateTime.now());
Issuer issuer = (Issuer) buildSamlObject(Issuer.DEFAULT_ELEMENT_NAME);
issuer.setValue(relyingPartyIdentifier);
response.setIssuer(issuer);
//Status
Status stat = (Status) buildSamlObject(Status.DEFAULT_ELEMENT_NAME);
StatusCode statCode = new StatusCodeBuilder().buildObject();
statCode.setValue(status);
stat.setStatusCode(statCode);
if (statMsg != null) {
StatusMessage statMessage = new StatusMessageBuilder().buildObject();
statMessage.setMessage(statMsg);
stat.setStatusMessage(statMessage);
}
response.setStatus(stat);
//Add a signature into the response
signSAMLObject(response);
StringWriter stringWriter;
try {
stringWriter = marshallXmlObject(response);
} catch (MarshallingException ex) {
throw new SamlException("Error while marshalling SAML request to XML", ex);
}
logger.trace("Issuing SAML Logout request: " + stringWriter.toString());
return Base64.encodeBase64String(stringWriter.toString().getBytes(StandardCharsets.UTF_8));
}
Example 14
| Source File: SamlClient.java From saml-client with MIT License | 5 votes |
|
/** Create a minimal SAML request
*
* @param defaultElementName The SomeClass.DEFAULT_ELEMENT_NAME we'll be casting this object into
* */
private RequestAbstractType getBasicSamlRequest(QName defaultElementName) {
RequestAbstractType request = (RequestAbstractType) buildSamlObject(defaultElementName);
request.setID("z" + UUID.randomUUID().toString()); // ADFS needs IDs to start with a letter
request.setVersion(SAMLVersion.VERSION_20);
request.setIssueInstant(DateTime.now());
Issuer issuer = (Issuer) buildSamlObject(Issuer.DEFAULT_ELEMENT_NAME);
issuer.setValue(relyingPartyIdentifier);
request.setIssuer(issuer);
return request;
}
Example 15
| Source File: WSXACMLMessageReceiver.java From carbon-identity-framework with Apache License 2.0 | 5 votes |
|
/**
* Create the issuer object to be added
*
* @return : the issuer of the statements
*/
private static Issuer createIssuer() {
IssuerBuilder issuer = (IssuerBuilder) XMLObjectProviderRegistrySupport.getBuilderFactory().
getBuilder(Issuer.DEFAULT_ELEMENT_NAME);
Issuer issuerObject = issuer.buildObject();
issuerObject.setValue("https://identity.carbon.wso2.org");
issuerObject.setSPProvidedID("SPPProvierId");
return issuerObject;
}
Example 16
| Source File: MatchingAssertionTranslatorTest.java From verify-service-provider with MIT License | 5 votes |
|
private AssertionBuilder aSignedAssertion() {
Issuer issuer = IssuerBuilder.anIssuer().build();
issuer.setValue(TestEntityIds.TEST_RP_MS);
return anAssertion()
.withIssuer(issuer)
.withSubject(aValidSubject().build())
.withConditions(aValidConditions().build())
.withSignature(aSignature()
.withSigningCredential(testRpMsaSigningCredential)
.build());
}
Example 17
| Source File: GenerateAuthnRequestResourceTest.java From verify-service-provider with MIT License | 5 votes |
|
@Before
public void mockAuthnRequestFactory() {
authnRequest = new AuthnRequestBuilder().buildObject();
authnRequest.setID(TEST_REQUEST_ID);
authnRequest.setDestination(TEST_DESTINATION);
authnRequest.setIssueInstant(DateTime.parse(TEST_ISSUE_INSTANT));
Issuer issuer = new IssuerBuilder().buildObject();
issuer.setValue(TEST_ISSUER);
authnRequest.setIssuer(issuer);
reset(authnRequestFactory);
}
Example 18
| Source File: SAML2SPLogic.java From syncope with Apache License 2.0 | 4 votes |
|
@PreAuthorize("isAuthenticated() and not(hasRole('" + IdRepoEntitlement.ANONYMOUS + "'))")
public SAML2RequestTO createLogoutRequest(final String accessToken, final String spEntityID) {
check();
// 1. fetch the current JWT used for Syncope authentication
JwsJwtCompactConsumer consumer = new JwsJwtCompactConsumer(accessToken);
if (!consumer.verifySignatureWith(jwsSignatureVerifier)) {
throw new IllegalArgumentException("Invalid signature found in Access Token");
}
// 2. look for IdP
String idpEntityID = (String) consumer.getJwtClaims().getClaim(JWT_CLAIM_IDP_ENTITYID);
if (idpEntityID == null) {
throw new NotFoundException("No SAML 2.0 IdP information found in the access token");
}
SAML2IdPEntity idp = cache.get(idpEntityID);
if (idp == null) {
throw new NotFoundException("SAML 2.0 IdP '" + idpEntityID + '\'');
}
if (idp.getSLOLocation(idp.getBindingType()) == null) {
throw new IllegalArgumentException("No SingleLogoutService available for " + idp.getId());
}
// 3. create LogoutRequest
LogoutRequest logoutRequest = new LogoutRequestBuilder().buildObject();
logoutRequest.setID('_' + SecureRandomUtils.generateRandomUUID().toString());
logoutRequest.setDestination(idp.getSLOLocation(idp.getBindingType()).getLocation());
DateTime now = new DateTime();
logoutRequest.setIssueInstant(now);
logoutRequest.setNotOnOrAfter(now.plusMinutes(5));
Issuer issuer = new IssuerBuilder().buildObject();
issuer.setValue(spEntityID);
logoutRequest.setIssuer(issuer);
NameID nameID = new NameIDBuilder().buildObject();
nameID.setFormat((String) consumer.getJwtClaims().getClaim(JWT_CLAIM_NAMEID_FORMAT));
nameID.setValue((String) consumer.getJwtClaims().getClaim(JWT_CLAIM_NAMEID_VALUE));
logoutRequest.setNameID(nameID);
SessionIndex sessionIndex = new SessionIndexBuilder().buildObject();
sessionIndex.setSessionIndex((String) consumer.getJwtClaims().getClaim(JWT_CLAIM_SESSIONINDEX));
logoutRequest.getSessionIndexes().add(sessionIndex);
SAML2RequestTO requestTO = new SAML2RequestTO();
requestTO.setIdpServiceAddress(logoutRequest.getDestination());
requestTO.setBindingType(idp.getBindingType());
try {
// 3. generate relay state as JWT
Map<String, Object> claims = new HashMap<>();
claims.put(JWT_CLAIM_IDP_DEFLATE,
idp.getBindingType() == SAML2BindingType.REDIRECT ? true : idp.isUseDeflateEncoding());
Pair<String, Date> relayState = accessTokenDataBinder.generateJWT(
SecureRandomUtils.generateRandomUUID().toString(),
logoutRequest.getID(), JWT_RELAY_STATE_DURATION, claims);
requestTO.setRelayState(relayState.getLeft());
// 4. sign and encode AuthnRequest
switch (idp.getBindingType()) {
case REDIRECT:
requestTO.setContent(SAML2ReaderWriter.encode(logoutRequest, true));
requestTO.setSignAlg(saml2rw.getSigAlgo());
requestTO.setSignature(saml2rw.sign(requestTO.getContent(), requestTO.getRelayState()));
break;
case POST:
default:
saml2rw.sign(logoutRequest);
requestTO.setContent(SAML2ReaderWriter.encode(logoutRequest, idp.isUseDeflateEncoding()));
}
} catch (Exception e) {
LOG.error("While generating LogoutRequest", e);
SyncopeClientException sce = SyncopeClientException.build(ClientExceptionType.Unknown);
sce.getElements().add(e.getMessage());
throw sce;
}
return requestTO;
}
Example 19
| Source File: SamlServiceProviderTest.java From armeria with Apache License 2.0 | 4 votes |
|
private static Response getAuthResponse(String recipient) throws Exception {
// IdP entity ID
final Issuer issuer = build(Issuer.DEFAULT_ELEMENT_NAME);
issuer.setValue("http://idp.example.com/post");
final Assertion assertion = build(Assertion.DEFAULT_ELEMENT_NAME);
final Subject subject = build(Subject.DEFAULT_ELEMENT_NAME);
final SubjectConfirmation subjectConfirmation = build(SubjectConfirmation.DEFAULT_ELEMENT_NAME);
final SubjectConfirmationData data = build(SubjectConfirmationData.DEFAULT_ELEMENT_NAME);
data.setInResponseTo(requestIdManager.newId());
data.setNotOnOrAfter(DateTime.now().plusMinutes(1));
data.setRecipient(recipient);
subjectConfirmation.setSubjectConfirmationData(data);
subjectConfirmation.setMethod("urn:oasis:names:tc:SAML:2.0:cm:bearer");
subject.getSubjectConfirmations().add(subjectConfirmation);
assertion.setSubject(subject);
assertion.setIssuer(XMLObjectSupport.cloneXMLObject(issuer));
assertion.setIssueInstant(DateTime.now());
assertion.setID(requestIdManager.newId());
final AuthnStatement authnStatement = build(AuthnStatement.DEFAULT_ELEMENT_NAME);
authnStatement.setSessionIndex("1");
assertion.getAuthnStatements().add(authnStatement);
final Conditions conditions = build(Conditions.DEFAULT_ELEMENT_NAME);
conditions.setNotBefore(DateTime.now().minusMinutes(1));
conditions.setNotOnOrAfter(DateTime.now().plusMinutes(1));
final AudienceRestriction audienceRestriction = build(AudienceRestriction.DEFAULT_ELEMENT_NAME);
final Audience audience = build(Audience.DEFAULT_ELEMENT_NAME);
// Set SP entity ID as an audience.
audience.setAudienceURI(spEntityId);
audienceRestriction.getAudiences().add(audience);
conditions.getAudienceRestrictions().add(audienceRestriction);
assertion.setConditions(conditions);
sign(assertion, idpCredential, signatureAlgorithm);
final Response response = build(Response.DEFAULT_ELEMENT_NAME);
response.getAssertions().add(assertion);
response.setID(requestIdManager.newId());
response.setIssuer(issuer);
response.setIssueInstant(DateTime.now());
final Status status = build(Status.DEFAULT_ELEMENT_NAME);
final StatusCode statusCode = build(StatusCode.DEFAULT_ELEMENT_NAME);
statusCode.setValue(StatusCode.SUCCESS);
status.setStatusCode(statusCode);
response.setStatus(status);
return response;
}
Example 20
| Source File: AbstractSaml20ObjectBuilder.java From springboot-shiro-cas-mybatis with MIT License | 2 votes |
|
/**
* New issuer.
*
* @param issuerValue the issuer
* @return the issuer
*/
public Issuer newIssuer(final String issuerValue) {
final Issuer issuer = newSamlObject(Issuer.class);
issuer.setValue(issuerValue);
return issuer;
}
