/**
* This test constructs the {@link ResponseType}. An {@link AssertionType} is locally constructed
* and then passed to the construct method
*
* @throws Exception
*/
@Test
public void constructAndSign() throws Exception {
SAML2Response samlResponse = new SAML2Response();
String ID = IDGenerator.create("ID_");
IssuerInfoHolder issuerInfo = new IssuerInfoHolder("picketlink");
IDPInfoHolder idp = new IDPInfoHolder();
idp.setNameIDFormatValue("anil");
// create the service provider(in this case BAS) holder object
SPInfoHolder sp = new SPInfoHolder();
sp.setResponseDestinationURI("http://sombody");
Map<String, Object> attributes = new HashMap<String, Object>();
attributes.put("TOKEN_USER_ID", String.valueOf(2));
attributes.put("TOKEN_ORGANIZATION_DISPLAY_NAME", "Test Org");
attributes.put("TOKEN_USER_DISPLAY_NAME", "Test User");
AttributeStatementType attributeStatement = StatementUtil.createAttributeStatement(attributes);
String assertionId = IDGenerator.create("ID_");
AssertionType assertion = AssertionUtil.createAssertion(assertionId, issuerInfo.getIssuer());
assertion.addStatement(attributeStatement);
ResponseType responseType = samlResponse.createResponseType(ID, sp, idp, issuerInfo, assertion);
SAML2Signature sig = new SAML2Signature();
Document signedDoc = sig.sign(responseType, getKeyPair());
assertNotNull(signedDoc);
System.out.println("Signed Response=" + DocumentUtil.asString(signedDoc));
Document convertedDoc = samlResponse.convert(responseType);
assertNotNull(convertedDoc);
// Now for the writing part
ByteArrayOutputStream baos = new ByteArrayOutputStream();
SAMLResponseWriter samlWriter = new SAMLResponseWriter(StaxUtil.getXMLStreamWriter(baos));
samlWriter.write(responseType);
Document doc = DocumentUtil.getDocument(new ByteArrayInputStream(baos.toByteArray()));
JAXPValidationUtil.validate(DocumentUtil.getNodeAsStream(doc));
}
/**
* Creates a SAMLV2 {@code AssertionType} with the specified values.
*
* @param id a {@code String} representing the assertion ID.
* @param issuerID a {@code NameIDType} that identifies the assertion issuer.
* @param issueInstant the assertion time of creation.
* @param conditions the {@code ConditionsType} that specify the conditions under which the
* assertion is to be considered valid
* @param subject the {@code SubjectType} that identifies the authenticated principal.
* @param statements a list of statements associated with the authenticated principal.
* @return
*/
public static AssertionType createAssertion(
String id,
NameIDType issuerID,
XMLGregorianCalendar issueInstant,
ConditionsType conditions,
SubjectType subject,
List<StatementAbstractType> statements) {
AssertionType assertion = new AssertionType(id, issueInstant);
assertion.setIssuer(issuerID);
if (conditions != null) assertion.setConditions(conditions);
if (subject != null) assertion.setSubject(subject);
if (statements != null) {
for (StatementAbstractType statement : statements) {
assertion.addStatement(statement);
}
}
return assertion;
}
