/** {@inheritDoc} */ protected void processChildElement(XMLObject parentSAMLObject, XMLObject childSAMLObject) throws UnmarshallingException { Assertion assertion = (Assertion) parentSAMLObject; if (childSAMLObject instanceof Signature) { assertion.setSignature((Signature) childSAMLObject); } else if (childSAMLObject instanceof Conditions) { assertion.setConditions((Conditions) childSAMLObject); } else if (childSAMLObject instanceof Advice) { assertion.setAdvice((Advice) childSAMLObject); } else if (childSAMLObject instanceof Statement) { assertion.getStatements().add((Statement) childSAMLObject); } else { super.processChildElement(parentSAMLObject, childSAMLObject); } }
/** * Creates and adds a {@link Conditions} to a given {@link Assertion}. If the {@link Assertion} already contains an * {@link Conditions} this method just returns. * * @param action current action * @param assertion assertion to which the condition will be added * * @return the {@link Conditions} that already existed on, or the one that was added to, the {@link Assertion} */ @Nonnull public static Conditions addConditionsToAssertion(@Nonnull final AbstractProfileAction action, @Nonnull final Assertion assertion) { Conditions conditions = assertion.getConditions(); if (conditions == null) { final SAMLObjectBuilder<Conditions> conditionsBuilder = (SAMLObjectBuilder<Conditions>) XMLObjectProviderRegistrySupport.getBuilderFactory().<Conditions>getBuilderOrThrow( Conditions.DEFAULT_ELEMENT_NAME); conditions = conditionsBuilder.buildObject(); assertion.setConditions(conditions); getLogger().debug("Profile Action {}: Assertion {} did not already contain Conditions, added", action.getClass().getSimpleName(), assertion.getID()); } else { getLogger().debug("Profile Action {}: Assertion {} already contains Conditions, nothing was done", action.getClass().getSimpleName(), assertion.getID()); } return conditions; }
private void createNewConditions(SamlAssertionWrapper assertion, TokenRenewerParameters tokenParameters) { ConditionsBean conditions = conditionsProvider.getConditions(convertToProviderParameters(tokenParameters)); if (assertion.getSaml1() != null) { org.opensaml.saml.saml1.core.Assertion saml1Assertion = assertion.getSaml1(); saml1Assertion.setIssueInstant(new DateTime()); org.opensaml.saml.saml1.core.Conditions saml1Conditions = SAML1ComponentBuilder.createSamlv1Conditions(conditions); saml1Assertion.setConditions(saml1Conditions); } else { org.opensaml.saml.saml2.core.Assertion saml2Assertion = assertion.getSaml2(); saml2Assertion.setIssueInstant(new DateTime()); org.opensaml.saml.saml2.core.Conditions saml2Conditions = SAML2ComponentBuilder.createConditions(conditions); saml2Assertion.setConditions(saml2Conditions); } }
private void createNewConditions(SamlAssertionWrapper assertion, TokenRenewerParameters tokenParameters) { ConditionsBean conditions = conditionsProvider.getConditions(convertToProviderParameters(tokenParameters)); if (assertion.getSaml1() != null) { org.opensaml.saml.saml1.core.Assertion saml1Assertion = assertion.getSaml1(); saml1Assertion.setIssueInstant(new DateTime()); org.opensaml.saml.saml1.core.Conditions saml1Conditions = SAML1ComponentBuilder.createSamlv1Conditions(conditions); saml1Assertion.setConditions(saml1Conditions); } else { org.opensaml.saml.saml2.core.Assertion saml2Assertion = assertion.getSaml2(); saml2Assertion.setIssueInstant(new DateTime()); org.opensaml.saml.saml2.core.Conditions saml2Conditions = SAML2ComponentBuilder.createConditions(conditions); saml2Assertion.setConditions(saml2Conditions); } }
assertion.setConditions(conditions); LOGGER.debug("Built assertion conditions for issuer [{}] and service [{}] ", this.issuer, service.getId());
@Override protected void prepareResponse(final Response response, final Map<String, Object> model) { final DateTime issuedAt = response.getIssueInstant(); final Service service = getAssertionFrom(model).getService(); final Authentication authentication = getPrimaryAuthenticationFrom(model); final String authenticationMethod = (String) authentication.getAttributes().get( SamlAuthenticationMetaDataPopulator.ATTRIBUTE_AUTHENTICATION_METHOD); final AuthenticationStatement authnStatement = this.samlObjectBuilder.newAuthenticationStatement( authentication.getAuthenticationDate().toDate(), authenticationMethod, getPrincipal(model).getId()); final Assertion assertion = this.samlObjectBuilder.newAssertion(authnStatement, this.issuer, issuedAt, this.samlObjectBuilder.generateSecureRandomId()); final Conditions conditions = this.samlObjectBuilder.newConditions(issuedAt, service.getId(), this.issueLength); assertion.setConditions(conditions); final Subject subject = this.samlObjectBuilder.newSubject(getPrincipal(model).getId()); final Map<String, Object> attributesToSend = prepareSamlAttributes(model, service); if (!attributesToSend.isEmpty()) { assertion.getAttributeStatements().add(this.samlObjectBuilder.newAttributeStatement( subject, attributesToSend, VALIDATION_SAML_ATTRIBUTE_NAMESPACE)); } response.setStatus(this.samlObjectBuilder.newStatus(StatusCode.SUCCESS, null)); response.getAssertions().add(assertion); }
audienceRestriction.getAudiences().add(audience); conditions.getAudienceRestrictionConditions().add(audienceRestriction); assertion.setConditions(conditions); assertion.getAuthenticationStatements().add( newAuthenticationStatement(now, state.getAuthenticationMethod(), state.getPrincipalName()));
saml1.setConditions(conditions);