/** * This test constructs the {@link ResponseType}. An {@link AssertionType} is locally constructed * and then passed to the construct method * * @throws Exception */ @Test public void constructAndSign() throws Exception { SAML2Response samlResponse = new SAML2Response(); String ID = IDGenerator.create("ID_"); IssuerInfoHolder issuerInfo = new IssuerInfoHolder("picketlink"); IDPInfoHolder idp = new IDPInfoHolder(); idp.setNameIDFormatValue("anil"); // create the service provider(in this case BAS) holder object SPInfoHolder sp = new SPInfoHolder(); sp.setResponseDestinationURI("http://sombody"); Map<String, Object> attributes = new HashMap<String, Object>(); attributes.put("TOKEN_USER_ID", String.valueOf(2)); attributes.put("TOKEN_ORGANIZATION_DISPLAY_NAME", "Test Org"); attributes.put("TOKEN_USER_DISPLAY_NAME", "Test User"); AttributeStatementType attributeStatement = StatementUtil.createAttributeStatement(attributes); String assertionId = IDGenerator.create("ID_"); AssertionType assertion = AssertionUtil.createAssertion(assertionId, issuerInfo.getIssuer()); assertion.addStatement(attributeStatement); ResponseType responseType = samlResponse.createResponseType(ID, sp, idp, issuerInfo, assertion); SAML2Signature sig = new SAML2Signature(); Document signedDoc = sig.sign(responseType, getKeyPair()); assertNotNull(signedDoc); System.out.println("Signed Response=" + DocumentUtil.asString(signedDoc)); Document convertedDoc = samlResponse.convert(responseType); assertNotNull(convertedDoc); // Now for the writing part ByteArrayOutputStream baos = new ByteArrayOutputStream(); SAMLResponseWriter samlWriter = new SAMLResponseWriter(StaxUtil.getXMLStreamWriter(baos)); samlWriter.write(responseType); Document doc = DocumentUtil.getDocument(new ByteArrayInputStream(baos.toByteArray())); JAXPValidationUtil.validate(DocumentUtil.getNodeAsStream(doc)); }
/** * Creates a SAMLV2 {@code AssertionType} with the specified values. * * @param id a {@code String} representing the assertion ID. * @param issuerID a {@code NameIDType} that identifies the assertion issuer. * @param issueInstant the assertion time of creation. * @param conditions the {@code ConditionsType} that specify the conditions under which the * assertion is to be considered valid * @param subject the {@code SubjectType} that identifies the authenticated principal. * @param statements a list of statements associated with the authenticated principal. * @return */ public static AssertionType createAssertion( String id, NameIDType issuerID, XMLGregorianCalendar issueInstant, ConditionsType conditions, SubjectType subject, List<StatementAbstractType> statements) { AssertionType assertion = new AssertionType(id, issueInstant); assertion.setIssuer(issuerID); if (conditions != null) assertion.setConditions(conditions); if (subject != null) assertion.setSubject(subject); if (statements != null) { for (StatementAbstractType statement : statements) { assertion.addStatement(statement); } } return assertion; }