/** * Return true iff the two input {@link NameID} objects are equivalent for SAML 2.0 purposes. * * @param name1 first NameID to check * @param name2 second NameID to check * @return true iff the two values should be viewed as equivalent */ public static boolean areNameIDsEquivalent(@Nonnull final NameID name1, @Nonnull final NameID name2) { return areNameIDFormatsEquivalent(name1.getFormat(), name2.getFormat()) && Objects.equals(name1.getValue(), name2.getValue()) && Objects.equals(name1.getNameQualifier(), name2.getNameQualifier()) && Objects.equals(name1.getSPNameQualifier(), name2.getSPNameQualifier()); }
/** * Apply policy to the target object. * * @param input current profile request context * @param target target object * * @return result of policy */ private boolean doApply(@Nullable final ProfileRequestContext input, @Nonnull final NameID target) { final String requesterId = requesterIdLookupStrategy != null ? requesterIdLookupStrategy.apply(input) : null; final String responderId = responderIdLookupStrategy != null ? responderIdLookupStrategy.apply(input) : null; final String format = target.getFormat(); if (formats.contains(format != null ? format : NameID.UNSPECIFIED)) { log.debug("Applying policy to NameID with Format {}", format != null ? format : NameID.UNSPECIFIED); return doApply(requesterId, responderId, format, target.getNameQualifier(), target.getSPNameQualifier()); } else { log.debug("Policy checking disabled for NameID Format {}", format != null ? format : NameID.UNSPECIFIED); return true; } }
/** * Create an efficient field-wise copy of a {@link NameID}. * * @param nameId the object to clone * * @return the copy */ @Nonnull private NameID cloneNameID(@Nonnull final NameID nameId) { final NameID clone = nameIdBuilder.buildObject(); clone.setFormat(nameId.getFormat()); clone.setNameQualifier(nameId.getNameQualifier()); clone.setSPNameQualifier(nameId.getSPNameQualifier()); clone.setSPProvidedID(nameId.getSPProvidedID()); clone.setValue(nameId.getValue()); return clone; }
/** * Create an efficient field-wise copy of a {@link NameID}. * * @return the copy */ @Nonnull private NameID cloneNameID() { final NameID clone = nameIdBuilder.buildObject(); clone.setFormat(nameId.getFormat()); clone.setNameQualifier(nameId.getNameQualifier()); clone.setSPNameQualifier(nameId.getSPNameQualifier()); clone.setSPProvidedID(nameId.getSPProvidedID()); clone.setValue(nameId.getValue()); return clone; }
String issuerID = nameID.getNameQualifier(); if (issuerID == null) { issuerID = c14nContext.getResponderId();
final String sessionIndex, final List<String> authnContexts) { this.nameId = new SAMLNameID(); this.nameId.setNameQualifier(nameId.getNameQualifier()); this.nameId.setFormat(nameId.getFormat()); this.nameId.setSpNameQualifier(nameId.getSPNameQualifier());
protected NameIdPrincipal getNameIdPrincipal(NameID p) { return new NameIdPrincipal() .setSpNameQualifier(p.getSPNameQualifier()) .setNameQualifier(p.getNameQualifier()) .setFormat(NameId.fromUrn(p.getFormat())) .setSpProvidedId(p.getSPProvidedID()) .setValue(p.getValue()); }
public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException { for (int i = 0; i < callbacks.length; i++) { if (callbacks[i] instanceof SAMLCallback) { SAMLCallback callback = (SAMLCallback) callbacks[i]; callback.setSamlVersion(Version.SAML_20); callback.setIssuer(issuer); if (conditions != null) { callback.setConditions(conditions); } SubjectBean subjectBean = new SubjectBean( subject.getNameID().getValue(), subject.getNameID().getNameQualifier(), confirmationMethod ); subjectBean.setSubjectNameIDFormat(subject.getNameID().getFormat()); subjectBean.setSubjectConfirmationData(subjectConfirmationData); callback.setSubject(subjectBean); createAndSetStatement(callback); } else { throw new UnsupportedCallbackException(callbacks[i], "Unrecognized Callback"); } } }
public static Subject getSubject(Message message, SamlAssertionWrapper assertionW) { if (assertionW.getSaml2() != null) { org.opensaml.saml.saml2.core.Subject s = assertionW.getSaml2().getSubject(); Subject subject = new Subject(); NameID nameId = s.getNameID(); subject.setNameQualifier(nameId.getNameQualifier()); // if format is transient then we may need to use STSClient // to request an alternate name from IDP subject.setNameFormat(nameId.getFormat()); subject.setName(nameId.getValue()); subject.setSpId(nameId.getSPProvidedID()); subject.setSpQualifier(nameId.getSPNameQualifier()); return subject; } else if (assertionW.getSaml1() != null) { org.opensaml.saml.saml1.core.Subject s = getSaml1Subject(assertionW); if (s != null) { Subject subject = new Subject(); NameIdentifier nameId = s.getNameIdentifier(); subject.setNameQualifier(nameId.getNameQualifier()); // if format is transient then we may need to use STSClient // to request an alternate name from IDP subject.setNameFormat(nameId.getFormat()); subject.setName(nameId.getValue()); return subject; } } return null; }
public static Subject getSubject(Message message, SamlAssertionWrapper assertionW) { if (assertionW.getSaml2() != null) { org.opensaml.saml.saml2.core.Subject s = assertionW.getSaml2().getSubject(); Subject subject = new Subject(); NameID nameId = s.getNameID(); subject.setNameQualifier(nameId.getNameQualifier()); // if format is transient then we may need to use STSClient // to request an alternate name from IDP subject.setNameFormat(nameId.getFormat()); subject.setName(nameId.getValue()); subject.setSpId(nameId.getSPProvidedID()); subject.setSpQualifier(nameId.getSPNameQualifier()); return subject; } else if (assertionW.getSaml1() != null) { org.opensaml.saml.saml1.core.Subject s = getSaml1Subject(assertionW); if (s != null) { Subject subject = new Subject(); NameIdentifier nameId = s.getNameIdentifier(); subject.setNameQualifier(nameId.getNameQualifier()); // if format is transient then we may need to use STSClient // to request an alternate name from IDP subject.setNameFormat(nameId.getFormat()); subject.setName(nameId.getValue()); return subject; } } return null; }