/** {@inheritDoc} */ protected void processAttribute(XMLObject samlObject, Attr attribute) throws UnmarshallingException { Conditions conditions = (Conditions) samlObject; if (Conditions.NOTBEFORE_ATTRIB_NAME.equals(attribute.getLocalName()) && !Strings.isNullOrEmpty(attribute.getValue())) { conditions.setNotBefore(new DateTime(attribute.getValue(), ISOChronology.getInstanceUTC())); } else if (Conditions.NOTONORAFTER_ATTRIB_NAME.equals(attribute.getLocalName()) && !Strings.isNullOrEmpty(attribute.getValue())) { conditions.setNotOnOrAfter(new DateTime(attribute.getValue(), ISOChronology.getInstanceUTC())); } else { processAttribute(samlObject, attribute); } } }
/** * New conditions element. * * @param issuedAt the issued at * @param audienceUri the service id * @param issueLength the issue length * @return the conditions */ public Conditions newConditions(final DateTime issuedAt, final String audienceUri, final long issueLength) { final Conditions conditions = newSamlObject(Conditions.class); conditions.setNotBefore(issuedAt); conditions.setNotOnOrAfter(issuedAt.plus(issueLength)); final AudienceRestrictionCondition audienceRestriction = newSamlObject(AudienceRestrictionCondition.class); final Audience audience = newSamlObject(Audience.class); audience.setUri(audienceUri); audienceRestriction.getAudiences().add(audience); conditions.getAudienceRestrictionConditions().add(audienceRestriction); return conditions; }
conditions.setNotBefore(newNotBefore); conditions.setNotOnOrAfter(newNotBefore.plusMinutes(5)); return conditions; ); conditions.setNotBefore(notBefore); conditions.setNotOnOrAfter(notAfter); } else { DateTime newNotBefore = new DateTime(); conditions.setNotBefore(newNotBefore); if (tokenPeriodSeconds <= 0) { tokenPeriodSeconds = 5L * 60L;
/** {@inheritDoc} */ @Override protected void doExecute(@Nonnull final ProfileRequestContext profileRequestContext) { if (response instanceof org.opensaml.saml.saml1.core.Response) { for (final org.opensaml.saml.saml1.core.Assertion assertion : ((org.opensaml.saml.saml1.core.Response) response).getAssertions()) { log.debug("{} Added NotBefore condition to Assertion {}", getLogPrefix(), assertion.getID()); SAML1ActionSupport.addConditionsToAssertion(this, assertion).setNotBefore( ((org.opensaml.saml.saml1.core.Response) response).getIssueInstant()); } } else if (response instanceof org.opensaml.saml.saml2.core.Response) { for (final org.opensaml.saml.saml2.core.Assertion assertion : ((org.opensaml.saml.saml2.core.Response) response).getAssertions()) { log.debug("{} Added NotBefore condition to Assertion {}", getLogPrefix(), assertion.getID()); SAML2ActionSupport.addConditionsToAssertion(this, assertion).setNotBefore( ((org.opensaml.saml.saml2.core.Response) response).getIssueInstant()); } } }
conditions.setNotBefore(now); conditions.setNotOnOrAfter(now.plusSeconds(60)); final AudienceRestrictionCondition audienceRestriction = newSAMLObject(