Tabnine Logo
AssertionUtil.hasExpired
Code IndexAdd Tabnine to your IDE (free)

How to use
hasExpired
method
in
org.picketlink.identity.federation.core.saml.v2.util.AssertionUtil

Best Java code snippets using org.picketlink.identity.federation.core.saml.v2.util.AssertionUtil.hasExpired (Showing top 20 results out of 315)

origin: org.picketlink/picketlink-federation

  /**
   * Verify whether an {@link org.picketlink.identity.federation.saml.v2.assertion.AssertionType} has expired
   * @param assertionType
   * @return
   * @throws ConfigurationException
   */
  public boolean hasExpired(AssertionType assertionType) throws ConfigurationException {
    return AssertionUtil.hasExpired(assertionType);
  }
}
origin: picketlink/picketlink

  /**
   * Verify whether an {@link org.picketlink.identity.federation.saml.v2.assertion.AssertionType} has expired
   * @param assertionType
   * @return
   * @throws ConfigurationException
   */
  public boolean hasExpired(AssertionType assertionType) throws ConfigurationException {
    return AssertionUtil.hasExpired(assertionType);
  }
}
origin: org.picketlink.distribution/picketlink-wildfly8

if (AssertionUtil.hasExpired(assertionType)) {
  log.error("Expired Assertion with ID = " + assertionType.getID());
  return Response.status(Response.Status.NOT_ACCEPTABLE).build();// expired assertion
origin: org.picketlink/picketlink-core

/**
 * @see org.picketlink.identity.federation.core.interfaces.SecurityTokenProvider#validateToken(org.picketlink.identity.federation.core.interfaces.ProtocolContext)
 */
public void validateToken(ProtocolContext context) throws ProcessingException {
  if (!(context instanceof SAMLProtocolContext))
    return;
  SecurityManager sm = System.getSecurityManager();
  if (sm != null)
    sm.checkPermission(PicketLinkCoreSTS.rte);
  SAMLProtocolContext samlProtocolContext = (SAMLProtocolContext) context;
  AssertionType issuedAssertion = samlProtocolContext.getIssuedAssertion();
  try {
    if (!AssertionUtil.hasExpired(issuedAssertion))
      throw logger.samlAssertionExpiredError();
  } catch (ConfigurationException e) {
    throw logger.processingError(e);
  }
  if (issuedAssertion == null)
    throw logger.assertionInvalidError();
  if (this.tokenRegistry.getToken(issuedAssertion.getID()) == null)
    throw logger.assertionInvalidError();
}
origin: org.picketlink/picketlink-core

/**
 * @see org.picketlink.identity.federation.core.interfaces.SecurityTokenProvider#validateToken(org.picketlink.identity.federation.core.interfaces.ProtocolContext)
 */
public void validateToken(ProtocolContext context) throws ProcessingException {
  if (!(context instanceof SAML11ProtocolContext))
    return;
  SecurityManager sm = System.getSecurityManager();
  if (sm != null)
    sm.checkPermission(PicketLinkCoreSTS.rte);
  SAML11ProtocolContext samlProtocolContext = (SAML11ProtocolContext) context;
  SAML11AssertionType issuedAssertion = samlProtocolContext.getIssuedAssertion();
  try {
    if (!AssertionUtil.hasExpired(issuedAssertion))
      throw logger.samlAssertionExpiredError();
  } catch (ConfigurationException e) {
    throw logger.processingError(e);
  }
  if (issuedAssertion == null)
    throw logger.assertionInvalidError();
  if (this.tokenRegistry.getToken(issuedAssertion.getID()) == null)
    throw logger.assertionInvalidError();
}
origin: org.picketlink/picketlink-federation

/**
 * @see org.picketlink.identity.federation.core.interfaces.SecurityTokenProvider#validateToken(org.picketlink.identity.federation.core.interfaces.ProtocolContext)
 */
public void validateToken(ProtocolContext context) throws ProcessingException {
  if (!(context instanceof SAML11ProtocolContext))
    return;
  SecurityManager sm = System.getSecurityManager();
  if (sm != null)
    sm.checkPermission(PicketLinkCoreSTS.rte);
  SAML11ProtocolContext samlProtocolContext = (SAML11ProtocolContext) context;
  SAML11AssertionType issuedAssertion = samlProtocolContext.getIssuedAssertion();
  try {
    if (AssertionUtil.hasExpired(issuedAssertion)) {
      throw logger.samlAssertionExpiredError();
    }
  } catch (ConfigurationException e) {
    throw logger.processingError(e);
  }
  if (issuedAssertion == null)
    throw logger.assertionInvalidError();
  if (this.tokenRegistry.getToken(issuedAssertion.getID()) == null)
    throw logger.assertionInvalidError();
}
origin: org.picketlink/picketlink-federation

/**
 * @see org.picketlink.identity.federation.core.interfaces.SecurityTokenProvider#validateToken(org.picketlink.identity.federation.core.interfaces.ProtocolContext)
 */
public void validateToken(ProtocolContext context) throws ProcessingException {
  if (!(context instanceof SAMLProtocolContext))
    return;
  SecurityManager sm = System.getSecurityManager();
  if (sm != null)
    sm.checkPermission(PicketLinkCoreSTS.rte);
  SAMLProtocolContext samlProtocolContext = (SAMLProtocolContext) context;
  AssertionType issuedAssertion = samlProtocolContext.getIssuedAssertion();
  try {
    if (AssertionUtil.hasExpired(issuedAssertion)) {
      throw logger.samlAssertionExpiredError();
    }
  } catch (ConfigurationException e) {
    throw logger.processingError(e);
  }
  if (issuedAssertion == null)
    throw logger.assertionInvalidError();
  if (this.tokenRegistry.getToken(issuedAssertion.getID()) == null)
    throw logger.assertionInvalidError();
}
origin: org.picketlink/picketlink-fed

/**
* @see org.picketlink.identity.federation.core.interfaces.SecurityTokenProvider#validateToken(org.picketlink.identity.federation.core.interfaces.ProtocolContext)
*/
public void validateToken(ProtocolContext context) throws ProcessingException
{
 if (!(context instanceof SAMLProtocolContext))
   return;
 SecurityManager sm = System.getSecurityManager();
 if (sm != null)
   sm.checkPermission(PicketLinkCoreSTS.rte);
 SAMLProtocolContext samlProtocolContext = (SAMLProtocolContext) context;
 AssertionType issuedAssertion = samlProtocolContext.getIssuedAssertion();
 try
 {
   if (!AssertionUtil.hasExpired(issuedAssertion))
    throw new ProcessingException(ErrorCodes.EXPIRED_ASSERTION);
 }
 catch (ConfigurationException e)
 {
   throw new ProcessingException(e);
 }
 if (issuedAssertion == null)
   throw new ProcessingException(ErrorCodes.NULL_ARGUMENT + "Assertion");
 if (this.tokenRegistry.getToken(issuedAssertion.getID()) == null)
   throw new ProcessingException(ErrorCodes.INVALID_ASSERTION);
}
origin: org.picketlink/picketlink-fed

/**
* @see org.picketlink.identity.federation.core.interfaces.SecurityTokenProvider#validateToken(org.picketlink.identity.federation.core.interfaces.ProtocolContext)
*/
public void validateToken(ProtocolContext context) throws ProcessingException
{
 if (!(context instanceof SAMLProtocolContext))
   return;
 SecurityManager sm = System.getSecurityManager();
 if (sm != null)
   sm.checkPermission(PicketLinkCoreSTS.rte);
 SAMLProtocolContext samlProtocolContext = (SAMLProtocolContext) context;
 AssertionType issuedAssertion = samlProtocolContext.getIssuedAssertion();
 try
 {
   if (!AssertionUtil.hasExpired(issuedAssertion))
    throw new ProcessingException(ErrorCodes.EXPIRED_ASSERTION);
 }
 catch (ConfigurationException e)
 {
   throw new ProcessingException(e);
 }
 if (issuedAssertion == null)
   throw new ProcessingException(ErrorCodes.NULL_ASSERTION);
 if (this.tokenRegistry.getToken(issuedAssertion.getID()) == null)
   throw new ProcessingException(ErrorCodes.INVALID_ASSERTION);
}
origin: org.picketlink/picketlink-fed-core

/**
* @see org.picketlink.identity.federation.core.interfaces.SecurityTokenProvider#validateToken(org.picketlink.identity.federation.core.interfaces.ProtocolContext)
*/
public void validateToken(ProtocolContext context) throws ProcessingException
{
 if (!(context instanceof SAMLProtocolContext))
   return;
 SecurityManager sm = System.getSecurityManager();
 if (sm != null)
   sm.checkPermission(PicketLinkCoreSTS.rte);
 SAMLProtocolContext samlProtocolContext = (SAMLProtocolContext) context;
 AssertionType issuedAssertion = samlProtocolContext.getIssuedAssertion();
 try
 {
   if (!AssertionUtil.hasExpired(issuedAssertion))
    throw new ProcessingException(ErrorCodes.EXPIRED_ASSERTION);
 }
 catch (ConfigurationException e)
 {
   throw new ProcessingException(e);
 }
 if (issuedAssertion == null)
   throw new ProcessingException(ErrorCodes.NULL_ARGUMENT + "Assertion");
 if (this.tokenRegistry.getToken(issuedAssertion.getID()) == null)
   throw new ProcessingException(ErrorCodes.INVALID_ASSERTION);
}
origin: org.picketlink/picketlink-fed-core

/**
* @see org.picketlink.identity.federation.core.interfaces.SecurityTokenProvider#validateToken(org.picketlink.identity.federation.core.interfaces.ProtocolContext)
*/
public void validateToken(ProtocolContext context) throws ProcessingException
{
 if (!(context instanceof SAMLProtocolContext))
   return;
 SecurityManager sm = System.getSecurityManager();
 if (sm != null)
   sm.checkPermission(PicketLinkCoreSTS.rte);
 SAMLProtocolContext samlProtocolContext = (SAMLProtocolContext) context;
 AssertionType issuedAssertion = samlProtocolContext.getIssuedAssertion();
 try
 {
   if (!AssertionUtil.hasExpired(issuedAssertion))
    throw new ProcessingException(ErrorCodes.EXPIRED_ASSERTION);
 }
 catch (ConfigurationException e)
 {
   throw new ProcessingException(e);
 }
 if (issuedAssertion == null)
   throw new ProcessingException(ErrorCodes.NULL_ASSERTION);
 if (this.tokenRegistry.getToken(issuedAssertion.getID()) == null)
   throw new ProcessingException(ErrorCodes.INVALID_ASSERTION);
}
origin: picketlink/picketlink

/**
 * @see org.picketlink.identity.federation.core.interfaces.SecurityTokenProvider#validateToken(org.picketlink.identity.federation.core.interfaces.ProtocolContext)
 */
public void validateToken(ProtocolContext context) throws ProcessingException {
  if (!(context instanceof SAML11ProtocolContext))
    return;
  SecurityManager sm = System.getSecurityManager();
  if (sm != null)
    sm.checkPermission(PicketLinkCoreSTS.rte);
  SAML11ProtocolContext samlProtocolContext = (SAML11ProtocolContext) context;
  SAML11AssertionType issuedAssertion = samlProtocolContext.getIssuedAssertion();
  try {
    if (AssertionUtil.hasExpired(issuedAssertion)) {
      throw logger.samlAssertionExpiredError();
    }
  } catch (ConfigurationException e) {
    throw logger.processingError(e);
  }
  if (issuedAssertion == null)
    throw logger.assertionInvalidError();
  if (this.tokenRegistry.getToken(issuedAssertion.getID()) == null)
    throw logger.assertionInvalidError();
}
origin: picketlink/picketlink

/**
 * @see org.picketlink.identity.federation.core.interfaces.SecurityTokenProvider#validateToken(org.picketlink.identity.federation.core.interfaces.ProtocolContext)
 */
public void validateToken(ProtocolContext context) throws ProcessingException {
  if (!(context instanceof SAMLProtocolContext))
    return;
  SecurityManager sm = System.getSecurityManager();
  if (sm != null)
    sm.checkPermission(PicketLinkCoreSTS.rte);
  SAMLProtocolContext samlProtocolContext = (SAMLProtocolContext) context;
  AssertionType issuedAssertion = samlProtocolContext.getIssuedAssertion();
  try {
    if (AssertionUtil.hasExpired(issuedAssertion)) {
      throw logger.samlAssertionExpiredError();
    }
  } catch (ConfigurationException e) {
    throw logger.processingError(e);
  }
  if (issuedAssertion == null)
    throw logger.assertionInvalidError();
  if (this.tokenRegistry.getToken(issuedAssertion.getID()) == null)
    throw logger.assertionInvalidError();
}
origin: org.picketlink.distribution/picketlink-jbas7

/**
 * This method validates SAML Credential in following steps: <ol> <li>Validate the signing key embedded in SAML token is still
 * valid, not expired</li> <li>Validate the signing key embedded in SAML token is trusted against a local truststore,  such as
 * certpath validation</li> <li>Validate SAML token is still valid, not expired</li> <li>Validate the SAML signature using the
 * embedded signing key in SAML token itself as you indicated below</li> </ol>
 *
 * If something goes wrong throws LoginException.
 *
 * @throws LoginException
 */
private void validateSAMLCredential() throws LoginException, ConfigurationException, CertificateExpiredException, CertificateNotYetValidException {
  X509Certificate cert = getX509Certificate();
  // public certificate validation
  validateCertPath(cert);
  // check time validity of the certificate
  cert.checkValidity();
  boolean sigValid = false;
  try {
    sigValid = AssertionUtil.isSignatureValid(credential.getAssertionAsElement(), cert.getPublicKey());
  } catch (ProcessingException e) {
    logger.processingError(e);
  }
  if (!sigValid) {
    throw logger.authSAMLInvalidSignatureError();
  }
  if (AssertionUtil.hasExpired(assertion)) {
    throw logger.authSAMLAssertionExpiredError();
  }
}
origin: org.picketlink.distribution/picketlink-jbas7

if (AssertionUtil.hasExpired(assertion)) {
  throw logger.authSAMLAssertionExpiredError();
origin: org.picketlink.distribution/picketlink-jbas5

/**
 * This method validates SAML Credential in following steps: <ol> <li>Validate the signing key embedded in SAML token is still
 * valid, not expired</li> <li>Validate the signing key embedded in SAML token is trusted against a local truststore,  such as
 * certpath validation</li> <li>Validate SAML token is still valid, not expired</li> <li>Validate the SAML signature using the
 * embedded signing key in SAML token itself as you indicated below</li> </ol>
 *
 * If something goes wrong throws LoginException.
 *
 * @throws LoginException
 */
private void validateSAMLCredential() throws LoginException, ConfigurationException, CertificateExpiredException, CertificateNotYetValidException {
  X509Certificate cert = getX509Certificate();
  // public certificate validation
  validateCertPath(cert);
  // check time validity of the certificate
  cert.checkValidity();
  boolean sigValid = false;
  try {
    sigValid = AssertionUtil.isSignatureValid(credential.getAssertionAsElement(), cert.getPublicKey());
  } catch (ProcessingException e) {
    logger.processingError(e);
  }
  if (!sigValid) {
    throw logger.authSAMLInvalidSignatureError();
  }
  if (AssertionUtil.hasExpired(assertion)) {
    throw logger.authSAMLAssertionExpiredError();
  }
}
origin: org.picketlink.distribution/picketlink-jbas5

if (AssertionUtil.hasExpired(assertion)) {
  throw logger.authSAMLAssertionExpiredError();
origin: org.picketlink/picketlink-core

if (AssertionUtil.hasExpired(assertion)) {
  code = WSTrustConstants.STATUS_CODE_INVALID;
  reason = "Validation failure: assertion expired or used before its lifetime period";
origin: picketlink/picketlink

if (AssertionUtil.hasExpired(assertion, getClockSkewInMillis())) {
  code = WSTrustConstants.STATUS_CODE_INVALID;
  reason = "Validation failure: assertion expired or used before its lifetime period";
origin: org.picketlink/picketlink-core

if (AssertionUtil.hasExpired(assertion)) {
  code = WSTrustConstants.STATUS_CODE_INVALID;
  reason = "Validation failure: assertion expired or used before its lifetime period";
org.picketlink.identity.federation.core.saml.v2.utilAssertionUtilhasExpired

Javadoc

Check whether the assertion has expired

Popular methods of AssertionUtil

  • getRoles
    Given an assertion, return the list of roles it may have
  • getExpiration
    Extract the expiration time from an AssertionType
  • asString
    Given AssertionType, convert it into a String
  • createTimedConditions
    Add validity conditions to the SAML2 Assertion
  • createAssertion
    Create an assertion
  • createSAML11TimedConditions
    Add validity conditions to the SAML2 Assertion
  • isSignatureValid
    Given an assertion element, validate the signature
  • asDocument
    Given AssertionType, convert it into a DOM Document.
  • createAssertionSubject
    Given a user name, create a SubjectType that can then be inserted into an assertion
  • isAudience
    Checks whether the given assertion is intended for the given org.picketlink.config.federation.SPType

Popular in Java

  • Reading from database using SQL prepared statement
  • setScale (BigDecimal)
  • getExternalFilesDir (Context)
  • putExtra (Intent)
  • BufferedReader (java.io)
    Wraps an existing Reader and buffers the input. Expensive interaction with the underlying reader is
  • RandomAccessFile (java.io)
    Allows reading from and writing to a file in a random-access manner. This is different from the uni-
  • Permission (java.security)
    Legacy security code; do not use.
  • JarFile (java.util.jar)
    JarFile is used to read jar entries and their associated data from jar files.
  • Reference (javax.naming)
  • JPanel (javax.swing)
  • Github Copilot alternatives
Tabnine Logo

  • Products

    Search for Java codeSearch for JavaScript code

  • IDE Plugins

    IntelliJ IDEAWebStormVisual StudioAndroid StudioEclipseVisual Studio CodePyCharmSublime TextPhpStormVimGoLandRubyMineEmacsJupyter NotebookJupyter LabRiderDataGripAppCode

  • Company

    About UsContact UsCareers

  • Resources

    FAQBlogTabnine AcademyTerms of usePrivacy policyJava Code IndexJavascript Code Index
Get Tabnine for your IDE now