public HashMap<String, String> convertSAMLtoHashMap(SAMLAssertion samlAssertion)
throws AuthenticationConfigurationException {
HashMap<String, String> attributesMap = new HashMap<String, String>();
try {
DocumentBuilderFactory newInstance = XMLUtilities.getDocumentBuilderFactory();
DocumentBuilder documentBuilder = newInstance.newDocumentBuilder();
ByteArrayInputStream is = new ByteArrayInputStream(samlAssertion.toString().getBytes());
Document document = documentBuilder.parse(is);
XPath xpathEngine = XPathFactory.newInstance().newXPath();
String emailId = (String) xpathEngine.evaluate(EMAIL_EXP, document, XPathConstants.STRING);
String firstName =
(String) xpathEngine.evaluate(FIRST_NAME_EXP, document, XPathConstants.STRING);
String lastName =
(String) xpathEngine.evaluate(LAST_NAME_EXP, document, XPathConstants.STRING);
attributesMap.put(WebSSOConstants.CAGRID_SSO_EMAIL_ID, emailId);
attributesMap.put(WebSSOConstants.CAGRID_SSO_FIRST_NAME, firstName);
attributesMap.put(WebSSOConstants.CAGRID_SSO_LAST_NAME, lastName);
} catch (Exception e) {
handleException(e);
}
return attributesMap;
}
public void verifySAMLAssertion(SAMLAssertion saml, AssertionCredentialsManager cm)
throws Exception {
assertNotNull(saml);
saml.verify(cm.getIdPCertificate());
try {
// Test against a bad certificate
InputStream resource = TestCase.class.getResourceAsStream(Constants.BMI_CACERT);
saml.verify(CertUtil.loadCertificate(resource));
assertTrue(false);
} catch (InvalidCryptoException ex) {
}
assertEquals(cm.getIdPCertificate().getSubjectDN().toString(), saml.getIssuer());
Iterator itr = saml.getStatements();
int count = 0;
boolean authFound = false;
while (itr.hasNext()) {
count = count + 1;
SAMLStatement stmt = (SAMLStatement) itr.next();
if (stmt instanceof SAMLAuthenticationStatement) {
if (authFound) {
assertTrue(false);
} else {
authFound = true;
}
SAMLAuthenticationStatement auth = (SAMLAuthenticationStatement) stmt;
assertEquals(TEST_UID, auth.getSubject().getNameIdentifier().getName());
assertEquals("urn:oasis:names:tc:SAML:1.0:am:password", auth.getAuthMethod());
}
if (stmt instanceof SAMLAttributeStatement) {
String uid =
Utils.getAttribute(
saml, SAMLConstants.UID_ATTRIBUTE_NAMESPACE, SAMLConstants.UID_ATTRIBUTE);
assertNotNull(uid);
String email =
Utils.getAttribute(
saml, SAMLConstants.EMAIL_ATTRIBUTE_NAMESPACE, SAMLConstants.EMAIL_ATTRIBUTE);
assertNotNull(email);
String firstName =
Utils.getAttribute(
saml,
SAMLConstants.FIRST_NAME_ATTRIBUTE_NAMESPACE,
SAMLConstants.FIRST_NAME_ATTRIBUTE);
assertNotNull(firstName);
String lastName =
Utils.getAttribute(
saml,
SAMLConstants.LAST_NAME_ATTRIBUTE_NAMESPACE,
SAMLConstants.LAST_NAME_ATTRIBUTE);
assertNotNull(lastName);
assertEquals(TEST_UID, uid);
assertEquals(TEST_FIRST_NAME, firstName);
assertEquals(TEST_LAST_NAME, lastName);
assertEquals(TEST_EMAIL, email);
}
}
assertEquals(2, count);
assertTrue(authFound);
}
