/** * Consumes the assertion, resulting in the extraction of the Subject as the JAAS principal and * the Role Statements as the JAAS roles. * * @param assertion * @throws Exception */ private SimplePrincipal consumeAssertion(AssertionType assertion) throws Exception { SubjectType samlSubjectType = assertion.getSubject(); String samlSubject = ((NameIDType) samlSubjectType.getSubType().getBaseID()).getValue(); SimplePrincipal identity = new SimplePrincipal(samlSubject); Set<StatementAbstractType> statements = assertion.getStatements(); for (StatementAbstractType statement : statements) { if (statement instanceof AttributeStatementType) { AttributeStatementType attrStatement = (AttributeStatementType) statement; List<ASTChoiceType> attributes = attrStatement.getAttributes(); for (ASTChoiceType astChoiceType : attributes) { if (astChoiceType.getAttribute() != null && astChoiceType.getAttribute().getName().equals("Role")) { // $NON-NLS-1$ List<Object> values = astChoiceType.getAttribute().getAttributeValue(); for (Object roleValue : values) { if (roleValue != null) { identity.addRole(roleValue.toString()); } } } } } } TL_principal.set(identity); return identity; }
/** * This test constructs the {@link ResponseType}. An {@link AssertionType} is locally constructed * and then passed to the construct method * * @throws Exception */ @Test public void constructAndSign() throws Exception { SAML2Response samlResponse = new SAML2Response(); String ID = IDGenerator.create("ID_"); IssuerInfoHolder issuerInfo = new IssuerInfoHolder("picketlink"); IDPInfoHolder idp = new IDPInfoHolder(); idp.setNameIDFormatValue("anil"); // create the service provider(in this case BAS) holder object SPInfoHolder sp = new SPInfoHolder(); sp.setResponseDestinationURI("http://sombody"); Map<String, Object> attributes = new HashMap<String, Object>(); attributes.put("TOKEN_USER_ID", String.valueOf(2)); attributes.put("TOKEN_ORGANIZATION_DISPLAY_NAME", "Test Org"); attributes.put("TOKEN_USER_DISPLAY_NAME", "Test User"); AttributeStatementType attributeStatement = StatementUtil.createAttributeStatement(attributes); String assertionId = IDGenerator.create("ID_"); AssertionType assertion = AssertionUtil.createAssertion(assertionId, issuerInfo.getIssuer()); assertion.addStatement(attributeStatement); ResponseType responseType = samlResponse.createResponseType(ID, sp, idp, issuerInfo, assertion); SAML2Signature sig = new SAML2Signature(); Document signedDoc = sig.sign(responseType, getKeyPair()); assertNotNull(signedDoc); System.out.println("Signed Response=" + DocumentUtil.asString(signedDoc)); Document convertedDoc = samlResponse.convert(responseType); assertNotNull(convertedDoc); // Now for the writing part ByteArrayOutputStream baos = new ByteArrayOutputStream(); SAMLResponseWriter samlWriter = new SAMLResponseWriter(StaxUtil.getXMLStreamWriter(baos)); samlWriter.write(responseType); Document doc = DocumentUtil.getDocument(new ByteArrayInputStream(baos.toByteArray())); JAXPValidationUtil.validate(DocumentUtil.getNodeAsStream(doc)); }
/** * Creates a SAMLV2 {@code AssertionType} with the specified values. * * @param id a {@code String} representing the assertion ID. * @param issuerID a {@code NameIDType} that identifies the assertion issuer. * @param issueInstant the assertion time of creation. * @param conditions the {@code ConditionsType} that specify the conditions under which the * assertion is to be considered valid * @param subject the {@code SubjectType} that identifies the authenticated principal. * @param statements a list of statements associated with the authenticated principal. * @return */ public static AssertionType createAssertion( String id, NameIDType issuerID, XMLGregorianCalendar issueInstant, ConditionsType conditions, SubjectType subject, List<StatementAbstractType> statements) { AssertionType assertion = new AssertionType(id, issueInstant); assertion.setIssuer(issuerID); if (conditions != null) assertion.setConditions(conditions); if (subject != null) assertion.setSubject(subject); if (statements != null) { for (StatementAbstractType statement : statements) { assertion.addStatement(statement); } } return assertion; }