/**
* Builds a name ID. The provided value is the textual content of the NameIdentifier. If a {@link
* #nameIdQualifier} is not null it is used as the NameIdentifier's name qualifier, otherwise the
* attribute issuer's entity id is used.
*
* @param nameIdValue value of the NameIdentifier
* @param resolutionContext current resolution context
* @return the constructed NameIdentifier
* @throws ResolutionException if the IdP Name is empty.
*/
protected NameIdentifier buildNameId(
@Nonnull @NotEmpty final String nameIdValue,
@Nonnull final AttributeResolutionContext resolutionContext)
throws ResolutionException {
log.debug("{} building a SAML1 NameIdentifier with value of '{}'", getLogPrefix(), nameIdValue);
final NameIdentifier nameIdentifier = nameIdentifierBuilder.buildObject();
nameIdentifier.setValue(nameIdValue);
if (nameIdFormat != null) {
log.debug("{} Format set to '{}'", getLogPrefix(), nameIdFormat);
nameIdentifier.setFormat(nameIdFormat);
}
final String attributeIssuerID =
StringSupport.trimOrNull(resolutionContext.getAttributeIssuerID());
if (nameIdQualifier != null) {
nameIdentifier.setNameQualifier(nameIdQualifier);
log.debug("{} NameQualifier set to '{}'", getLogPrefix(), nameIdQualifier);
} else if (null != attributeIssuerID) {
log.debug("{} NameQualifier set to '{}'", getLogPrefix(), attributeIssuerID);
nameIdentifier.setNameQualifier(attributeIssuerID);
} else {
throw new ResolutionException(getLogPrefix() + " provided attribute issuer ID was empty");
}
return nameIdentifier;
}
private static IdPAttributeValue<?> saml1NameIdFor(final String ident) {
NameIdentifier id = saml1Builder.buildObject();
id.setValue(ident);
id.setFormat(NameIdentifier.X509_SUBJECT);
id.setNameQualifier(QUALIFIER);
return new XMLObjectAttributeValue(id);
}
/**
* New subject element with given confirmation method.
*
* @param identifier the identifier
* @param confirmationMethod the confirmation method
* @return the subject
*/
public Subject newSubject(final String identifier, final String confirmationMethod) {
final SubjectConfirmation confirmation = newSamlObject(SubjectConfirmation.class);
final ConfirmationMethod method = newSamlObject(ConfirmationMethod.class);
method.setConfirmationMethod(confirmationMethod);
confirmation.getConfirmationMethods().add(method);
final NameIdentifier nameIdentifier = newSamlObject(NameIdentifier.class);
nameIdentifier.setNameIdentifier(identifier);
final Subject subject = newSamlObject(Subject.class);
subject.setNameIdentifier(nameIdentifier);
subject.setSubjectConfirmation(confirmation);
return subject;
}
@Test
public void testNameIdentifierValued() throws Exception {
final Collection<? extends IdPAttributeValue<?>> values =
Collections.singletonList(saml1NameIdFor(NAME_1));
final IdPAttribute inputAttribute = new IdPAttribute(ATTR_NAME);
inputAttribute.setValues(values);
prc.getSubcontext(RelyingPartyContext.class)
.getSubcontext(AttributeContext.class, true)
.setIdPAttributes(Collections.singleton(inputAttribute));
generator.setAttributeSourceIds(Collections.singletonList(ATTR_NAME));
generator.initialize();
final NameIdentifier outputNameId = generator.generate(prc, generator.getFormat());
Assert.assertNotNull(outputNameId);
Assert.assertEquals(outputNameId.getValue(), NAME_1);
Assert.assertEquals(outputNameId.getFormat(), NameIdentifier.X509_SUBJECT);
Assert.assertEquals(outputNameId.getNameQualifier(), QUALIFIER);
}