/**
* New conditions element.
*
* @param issuedAt the issued at
* @param audienceUri the service id
* @param issueLength the issue length
* @return the conditions
*/
public Conditions newConditions(
final ZonedDateTime issuedAt, final String audienceUri, final long issueLength) {
final Conditions conditions = newSamlObject(Conditions.class);
conditions.setNotBefore(DateTimeUtils.dateTimeOf(issuedAt));
conditions.setNotOnOrAfter(
DateTimeUtils.dateTimeOf(issuedAt.plus(issueLength, ChronoUnit.MILLIS)));
final AudienceRestrictionCondition audienceRestriction =
newSamlObject(AudienceRestrictionCondition.class);
final Audience audience = newSamlObject(Audience.class);
audience.setUri(audienceUri);
audienceRestriction.getAudiences().add(audience);
conditions.getAudienceRestrictionConditions().add(audienceRestriction);
return conditions;
}
/**
* Create a new SAML1 response object.
*
* @param authnStatement the authn statement
* @param issuer the issuer
* @param issuedAt the issued at
* @param id the id
* @return the assertion
*/
public Assertion newAssertion(
final AuthenticationStatement authnStatement,
final String issuer,
final ZonedDateTime issuedAt,
final String id) {
final Assertion assertion = newSamlObject(Assertion.class);
assertion.setID(id);
assertion.setIssueInstant(DateTimeUtils.dateTimeOf(issuedAt));
assertion.setIssuer(issuer);
assertion.getAuthenticationStatements().add(authnStatement);
return assertion;
}
/**
* New authentication statement.
*
* @param authenticationDate the authentication date
* @param authenticationMethod the authentication method
* @param subjectId the subject id
* @return the authentication statement
*/
public AuthenticationStatement newAuthenticationStatement(
final ZonedDateTime authenticationDate,
final String authenticationMethod,
final String subjectId) {
final AuthenticationStatement authnStatement = newSamlObject(AuthenticationStatement.class);
authnStatement.setAuthenticationInstant(DateTimeUtils.dateTimeOf(authenticationDate));
authnStatement.setAuthenticationMethod(
authenticationMethod != null
? authenticationMethod
: SamlAuthenticationMetaDataPopulator.AUTHN_METHOD_UNSPECIFIED);
authnStatement.setSubject(newSubject(subjectId));
return authnStatement;
}
/**
* Create a new SAML response object.
*
* @param id the id
* @param issueInstant the issue instant
* @param recipient the recipient
* @param service the service
* @return the response
*/
public Response newResponse(
final String id,
final ZonedDateTime issueInstant,
final String recipient,
final WebApplicationService service) {
final Response samlResponse = newSamlObject(Response.class);
samlResponse.setID(id);
samlResponse.setIssueInstant(DateTimeUtils.dateTimeOf(issueInstant));
samlResponse.setVersion(SAMLVersion.VERSION_11);
samlResponse.setInResponseTo(recipient);
if (service instanceof SamlService) {
final SamlService samlService = (SamlService) service;
final String requestId = samlService.getRequestID();
if (StringUtils.isNotBlank(requestId)) {
samlResponse.setInResponseTo(requestId);
}
}
return samlResponse;
}
