public Collection<? extends GrantedAuthority> retrieveSamlAuthorities(SamlIdentityProviderDefinition definition, SAMLCredential credential) { Collection<SamlUserAuthority> authorities = new ArrayList<>(); if (definition.getAttributeMappings().get(GROUP_ATTRIBUTE_NAME)!=null) { List<String> attributeNames = new LinkedList<>(); if (definition.getAttributeMappings().get(GROUP_ATTRIBUTE_NAME) instanceof String) { attributeNames.add((String) definition.getAttributeMappings().get(GROUP_ATTRIBUTE_NAME)); } else if (definition.getAttributeMappings().get(GROUP_ATTRIBUTE_NAME) instanceof Collection) { attributeNames.addAll((Collection) definition.getAttributeMappings().get(GROUP_ATTRIBUTE_NAME)); } for (Attribute attribute : credential.getAttributes()) { if ((attributeNames.contains(attribute.getName())) || (attributeNames.contains(attribute.getFriendlyName()))) { if (attribute.getAttributeValues() != null && attribute.getAttributeValues().size() > 0) { for (XMLObject group : attribute.getAttributeValues()) { authorities.add(new SamlUserAuthority(getStringValue(attribute.getName(),definition,group))); } } } } } return authorities == null ? Collections.EMPTY_LIST : authorities; }
private void assertAttributeValue(List<Attribute> attributeList, String name, String... expectedValue) { for (Attribute attribute : attributeList) { if (attribute.getName().equals(name)) { List<XMLObject> xsString = attribute.getAttributeValues(); List<String> attributeValues = xsString.stream().map(xs -> ((XSString)xs).getValue()).collect(Collectors.toList()); assertThat(String.format("Attribute mismatch for '%s'.", name), attributeValues, containsInAnyOrder(expectedValue)); return; } } Assert.fail(String.format("No attribute value with name of '%s'.", name)); }
public Attribute buildStringAttribute(String name, List<String> values) { @SuppressWarnings("unchecked") SAMLObjectBuilder<Attribute> attributeBuilder = (SAMLObjectBuilder<Attribute>) builderFactory .getBuilder(Attribute.DEFAULT_ELEMENT_NAME); Attribute attribute = (Attribute) attributeBuilder.buildObject(); attribute.setName(name); @SuppressWarnings("unchecked") XMLObjectBuilder<XSString> xsStringBuilder = (XMLObjectBuilder<XSString>) builderFactory .getBuilder(XSString.TYPE_NAME); for (String value : values) { // Set custom Attributes XSString attributeValue = xsStringBuilder.buildObject(AttributeValue.DEFAULT_ELEMENT_NAME, XSString.TYPE_NAME); attributeValue.setValue(value); attribute.getAttributeValues().add(attributeValue); } return attribute; }
public MultiValueMap<String, String> retrieveUserAttributes(SamlIdentityProviderDefinition definition, SAMLCredential credential) { logger.debug(String.format("Retrieving SAML user attributes [zone:%s, origin:%s]", definition.getZoneId(), definition.getIdpEntityAlias())); MultiValueMap<String, String> userAttributes = new LinkedMultiValueMap<>(); if (definition != null && definition.getAttributeMappings() != null) { for (Entry<String, Object> attributeMapping : definition.getAttributeMappings().entrySet()) { if (attributeMapping.getValue() instanceof String) { if (credential.getAttribute((String)attributeMapping.getValue()) != null) { String key = attributeMapping.getKey(); for (XMLObject xmlObject : credential.getAttribute((String) attributeMapping.getValue()).getAttributeValues()) { String value = getStringValue(key, definition, xmlObject); if (value!=null) { userAttributes.add(key, value); } } } } } } if (credential.getAuthenticationAssertion() != null && credential.getAuthenticationAssertion().getAuthnStatements() != null) { for (AuthnStatement statement : credential.getAuthenticationAssertion().getAuthnStatements()) { if (statement.getAuthnContext() != null && statement.getAuthnContext().getAuthnContextClassRef() != null) { userAttributes.add(AUTHENTICATION_CONTEXT_CLASS_REFERENCE, statement.getAuthnContext().getAuthnContextClassRef().getAuthnContextClassRef()); } } } return userAttributes; }
xmlObjects.add(impl); when(attribute.getAttributeValues()).thenReturn(xmlObjects); return Arrays.asList(attribute);
public static String getValueFromAttributeStatements(final List<AttributeStatement> attributeStatements, final String attributeKey) { if (attributeStatements == null || attributeStatements.size() < 1 || attributeKey == null) { return null; } for (AttributeStatement attributeStatement : attributeStatements) { if (attributeStatement == null || attributeStatements.size() < 1) { continue; } for (Attribute attribute : attributeStatement.getAttributes()) { if (attribute.getAttributeValues() != null && attribute.getAttributeValues().size() > 0) { String value = attribute.getAttributeValues().get(0).getDOM().getTextContent(); s_logger.debug("SAML attribute name: " + attribute.getName() + " friendly-name:" + attribute.getFriendlyName() + " value:" + value); if (attributeKey.equals(attribute.getName()) || attributeKey.equals(attribute.getFriendlyName())) { return value; } } } } return null; }
private String getValueFromAttributeStatements(final Assertion assertion, final String name) { final List<AttributeStatement> attributeStatements = assertion.getAttributeStatements(); for (AttributeStatement attributeStatement : attributeStatements) { final List<Attribute> attributes = attributeStatement.getAttributes(); for (Attribute attribute : attributes) { if (name.equals(attribute.getName())) { return attribute.getAttributeValues().get(0).getDOM().getTextContent(); } } } return ""; }
/** {@inheritDoc} */ protected void processChildElement(XMLObject parentSAMLObject, XMLObject childSAMLObject) throws UnmarshallingException { Attribute attribute = (Attribute) parentSAMLObject; QName childQName = childSAMLObject.getElementQName(); if (childQName.getLocalPart().equals("AttributeValue") && childQName.getNamespaceURI().equals(SAMLConstants.SAML20_NS)) { attribute.getAttributeValues().add(childSAMLObject); } else { super.processChildElement(parentSAMLObject, childSAMLObject); } }
@Override public Principal loadUserBySAML(SAMLCredential credential) { LOG.debug("loadUserBySAML {}", credential); List<SAMLAttribute> attributes = credential.getAttributes().stream().map(attribute -> new SAMLAttribute( attribute.getName(), attribute.getAttributeValues().stream().map(SAMLBuilder::getStringValueFromXMLObject) .filter(Optional::isPresent).map(Optional::get).collect(toList()))).collect(toList()); NameID nameID = credential.getNameID(); return new SAMLPrincipal(nameID.getValue(), nameID.getFormat(), attributes); }
/** * Create a SAML20 attribute containing one attribute value with a given * commonName * * @param value * The commonName * @return The attribute */ public static Attribute createCommonName(String value) { Attribute attribute = createAttribute(ATTRIBUTE_COMMON_NAME_NAME, ATTRIBUTE_COMMON_NAME_FRIENDLY_NAME, URI_ATTRIBUTE_NAME_FORMAT); if (value != null) { attribute.getAttributeValues().add(createAttributeValue(value)); } return attribute; }
private Map<String, String> getAssertionStatements(Assertion assertion) { Map<String, String> results = new HashMap<String, String>(); if (assertion != null && assertion.getAttributeStatements() != null) { List<AttributeStatement> attributeStatementList = assertion.getAttributeStatements(); for (AttributeStatement statement : attributeStatementList) { List<Attribute> attributesList = statement.getAttributes(); for (Attribute attribute : attributesList) { Element value = attribute.getAttributeValues().get(0).getDOM(); String attributeValue = value.getTextContent(); results.put(attribute.getName(), attributeValue); } } } return results; }
private static Attribute buildAttribute(String name, List<String> values) { XSStringBuilder stringBuilder = (XSStringBuilder) Configuration.getBuilderFactory().getBuilder(XSString.TYPE_NAME); Attribute attribute = buildSAMLObject(Attribute.class, Attribute.DEFAULT_ELEMENT_NAME); attribute.setName(name); attribute.setNameFormat("urn:oasis:names:tc:SAML:2.0:attrname-format:uri"); List<XSString> xsStringList = values.stream().map(value -> { XSString stringValue = stringBuilder.buildObject(AttributeValue.DEFAULT_ELEMENT_NAME, XSString.TYPE_NAME); stringValue.setValue(value); return stringValue; }).collect(toList()); attribute.getAttributeValues().addAll(xsStringList); return attribute; }
/** {@inheritDoc} */ public Attribute encode(BaseAttribute attribute) throws AttributeEncodingException { Attribute samlAttribute = attributeBuilder.buildObject(); samlAttribute.setName(getAttributeName()); samlAttribute.setNameFormat(getNameFormat()); samlAttribute.setFriendlyName(getFriendlyName()); samlAttribute.getAttributeValues() .addAll(encodeAttributeValues(AttributeValue.DEFAULT_ELEMENT_NAME, attribute)); List<XMLObject> attributeValues = samlAttribute.getAttributeValues(); if (attributeValues == null || attributeValues.isEmpty()) { log.debug("Unable to encode {} attribute. It does not contain any values", attribute.getId()); return null; } return samlAttribute; } }
@SuppressWarnings("unchecked") private static Attribute getAttribute(String attributeName, String attributeValue) { Attribute attribute = buildXMLObject(Attribute.class, Attribute.DEFAULT_ELEMENT_NAME); attribute.setName(attributeName); XMLObjectBuilder<XSString> builder = Configuration.getBuilderFactory() .getBuilder(XSString.TYPE_NAME); XSString xmlAttributeValue = builder.buildObject( AttributeValue.DEFAULT_ELEMENT_NAME, XSString.TYPE_NAME); xmlAttributeValue.setValue(attributeValue); attribute.getAttributeValues().add(xmlAttributeValue); return attribute; }
@SuppressWarnings("unchecked") private static Attribute getAttribute(String attributeName, Integer attributeValue) { Attribute attribute = buildXMLObject(Attribute.class, Attribute.DEFAULT_ELEMENT_NAME); attribute.setName(attributeName); XMLObjectBuilder<XSInteger> builder = Configuration.getBuilderFactory() .getBuilder(XSInteger.TYPE_NAME); XSInteger xmlAttributeValue = builder.buildObject( AttributeValue.DEFAULT_ELEMENT_NAME, XSInteger.TYPE_NAME); xmlAttributeValue.setValue(attributeValue); attribute.getAttributeValues().add(xmlAttributeValue); return attribute; }
@Override public Attribute build() { Attribute attribute = new AttributeBuilder().buildObject(); XSString xsString = new XSStringBuilder().buildObject(AttributeValue.DEFAULT_ELEMENT_NAME, XSString.TYPE_NAME); attribute.setName(attributeName); attribute.setNameFormat(attributeFormat); xsString.setValue(attributeValue); attribute.getAttributeValues().add(xsString); return attribute; }
private void addAttribute(AttributeStatement attributeStatement, Attributes attribute, String value) { if (null == value) { return; } XMLObjectBuilder<XSString> builder = Configuration.getBuilderFactory() .getBuilder(XSString.TYPE_NAME); Attribute samlAttribute = buildXMLObject(Attribute.class, Attribute.DEFAULT_ELEMENT_NAME); samlAttribute.setName(attribute.getName()); XSString attributeValue = builder.buildObject( AttributeValue.DEFAULT_ELEMENT_NAME, XSString.TYPE_NAME); attributeValue.setValue(value); samlAttribute.getAttributeValues().add(attributeValue); attributeStatement.getAttributes().add(samlAttribute); }
@SuppressWarnings("unchecked") private static Attribute getAttribute(String attributeName, byte[] attributeValue) { Attribute attribute = buildXMLObject(Attribute.class, Attribute.DEFAULT_ELEMENT_NAME); attribute.setName(attributeName); XMLObjectBuilder<XSBase64Binary> builder = Configuration .getBuilderFactory().getBuilder(XSBase64Binary.TYPE_NAME); XSBase64Binary xmlAttributeValue = builder.buildObject( AttributeValue.DEFAULT_ELEMENT_NAME, XSBase64Binary.TYPE_NAME); xmlAttributeValue.setValue(Base64.encodeBytes(attributeValue)); attribute.getAttributeValues().add(xmlAttributeValue); return attribute; }
private void addAttribute(AttributeStatement attributeStatement, Attributes attribute, byte[] value) { if (null == value) { return; } XMLObjectBuilder<XSBase64Binary> builder = Configuration .getBuilderFactory().getBuilder(XSBase64Binary.TYPE_NAME); Attribute samlAttribute = buildXMLObject(Attribute.class, Attribute.DEFAULT_ELEMENT_NAME); samlAttribute.setName(attribute.getName()); XSBase64Binary attributeValue = builder.buildObject( AttributeValue.DEFAULT_ELEMENT_NAME, XSBase64Binary.TYPE_NAME); attributeValue.setValue(Base64.encode(value)); samlAttribute.getAttributeValues().add(attributeValue); attributeStatement.getAttributes().add(samlAttribute); }
private Attribute getSAML2Attribute(String name, String value, String namespace) { XMLObjectBuilderFactory builderFactory = null; SAMLObjectBuilder<Attribute> attrBuilder = null; Attribute attribute = null; XSStringBuilder attributeValueBuilder = null; XSString stringValue = null; builderFactory = Configuration.getBuilderFactory(); attrBuilder = (SAMLObjectBuilder<Attribute>) builderFactory.getBuilder(Attribute.DEFAULT_ELEMENT_NAME); attribute = attrBuilder.buildObject(); attribute.setName(name); attribute.setNameFormat(namespace); attributeValueBuilder = (XSStringBuilder) builderFactory.getBuilder(XSString.TYPE_NAME); stringValue = attributeValueBuilder.buildObject(AttributeValue.DEFAULT_ELEMENT_NAME, XSString.TYPE_NAME); stringValue.setValue(value); attribute.getAttributeValues().add(stringValue); return attribute; }