本文整理了Java中org.opensaml.saml.saml2.core.Assertion.getSubject()方法的一些代码示例,展示了Assertion.getSubject()的具体用法。这些代码示例主要来源于Github/Stackoverflow/Maven等平台,是从一些精选项目中提取出来的代码,具有较强的参考意义,能在一定程度帮忙到你。Assertion.getSubject()方法的具体详情如下:
包路径:org.opensaml.saml.saml2.core.Assertion
类名称:Assertion
方法名:getSubject
[英]Gets the Subject of this assertion.
[中]获取此断言的主题。
代码示例来源:origin: line/armeria
/**
* Returns a {@link NameID} which is matched to the specified {@code filter} from the {@link Response}.
*/
public static Optional<NameID> getNameId(Response response, Predicate<NameID> filter) {
return response.getAssertions().stream()
.map(s -> s.getSubject().getNameID())
.filter(filter)
.findFirst();
}代码示例来源:origin: line/armeria
final Subject subject = assertion.getSubject();
if (subject == null) {
continue;代码示例来源:origin: net.shibboleth.idp/idp-saml-impl
/**
* Apply function to an assertion.
*
* @param assertion assertion to operate on
*
* @return the format, or null
*/
@Nullable private String apply(@Nonnull final org.opensaml.saml.saml2.core.Assertion assertion) {
if (assertion.getSubject() != null && assertion.getSubject().getNameID() != null) {
return assertion.getSubject().getNameID().getFormat();
}
return null;
}代码示例来源:origin: net.shibboleth.idp/idp-saml-impl
/**
* Apply function to an assertion.
*
* @param assertion assertion to operate on
*
* @return the identifier, or null
*/
@Nullable private String apply(@Nonnull final org.opensaml.saml.saml2.core.Assertion assertion) {
if (assertion.getSubject() != null && assertion.getSubject().getNameID() != null) {
return assertion.getSubject().getNameID().getValue();
}
return null;
}代码示例来源:origin: org.opensaml/opensaml-saml-impl
/**
* Get the subject to which the name identifier will be added.
*
* @param assertion the assertion being modified
*
* @return the assertion to which the name identifier will be added
*/
@Nonnull private Subject getAssertionSubject(@Nonnull final Assertion assertion) {
if (assertion.getSubject() != null) {
return assertion.getSubject();
}
final Subject subject = subjectBuilder.buildObject();
assertion.setSubject(subject);
return subject;
}代码示例来源:origin: org.opensaml/opensaml-saml-impl
/**
* Get the subject to which the name identifier will be added.
*
* @param assertion the assertion being modified
*
* @return the assertion to which the name identifier will be added
*/
@Nonnull private Subject getAssertionSubject(@Nonnull final Assertion assertion) {
if (assertion.getSubject() != null) {
return assertion.getSubject();
}
final Subject subject = subjectBuilder.buildObject();
assertion.setSubject(subject);
return subject;
}代码示例来源:origin: org.opensaml/opensaml-saml-impl
/**
* Get the subject to which the confirmation will be added.
*
* @param assertion the assertion being modified
*
* @return the subject to which the confirmation will be added
*/
@Nonnull private Subject getAssertionSubject(@Nonnull final Assertion assertion) {
if (assertion.getSubject() != null) {
return assertion.getSubject();
}
final Subject subject = subjectBuilder.buildObject();
assertion.setSubject(subject);
return subject;
}代码示例来源:origin: com.linecorp.armeria/armeria-saml
/**
* Returns a {@link NameID} which is matched to the specified {@code filter} from the {@link Response}.
*/
public static Optional<NameID> getNameId(Response response, Predicate<NameID> filter) {
return response.getAssertions().stream()
.map(s -> s.getSubject().getNameID())
.filter(filter)
.findFirst();
}代码示例来源:origin: line/centraldogma
@Nullable
private String findLoginNameFromSubjects(Response response) {
if (Strings.isNullOrEmpty(subjectLoginNameIdFormat)) {
return null;
}
return response.getAssertions()
.stream()
.map(s -> s.getSubject().getNameID())
.filter(nameId -> nameId.getFormat().equals(subjectLoginNameIdFormat))
.map(NameIDType::getValue)
.findFirst()
.orElse(null);
}代码示例来源:origin: net.shibboleth.idp/idp-saml-impl
if (assertion.getSubject() != null && assertion.getSubject().getNameID() != null) {
for (final AuthnStatement statement : assertion.getAuthnStatements()) {
if (statement.getSessionIndex() != null) {代码示例来源:origin: org.apereo.cas/cas-server-support-saml-idp-web
@Override
public String getPrincipalIdFrom(final Authentication authentication, final Object returnValue, final Exception exception) {
val response = (Response) returnValue;
if (!response.getAssertions().isEmpty()) {
val assertion = response.getAssertions().get(0);
val subject = assertion.getSubject();
if (subject != null && subject.getNameID() != null) {
return subject.getNameID().getValue();
}
}
return super.getPrincipalIdFrom(authentication, returnValue, exception);
}代码示例来源:origin: net.shibboleth.idp/idp-saml-impl
/** {@inheritDoc} */
@Override
protected boolean doPreExecute(@Nonnull final ProfileRequestContext profileRequestContext) {
if (!super.doPreExecute(profileRequestContext)) {
return false;
}
assertion = assertionTokenStrategy.apply(profileRequestContext);
if (assertion == null) {
log.warn("{} No valid SAML 2 Assertion available within the request context", getLogPrefix());
ActionSupport.buildEvent(profileRequestContext, AuthnEventIds.NO_CREDENTIALS);
return false;
}
final org.opensaml.saml.saml2.core.Subject samlSubject = assertion.getSubject();
if (samlSubject == null || samlSubject.getNameID() == null) {
log.warn("{} SAML 2 Assertion does not contain either a Subject or a NameID", getLogPrefix());
ActionSupport.buildEvent(profileRequestContext, AuthnEventIds.INVALID_SUBJECT);
return false;
}
nameID = samlSubject.getNameID();
return true;
}代码示例来源:origin: org.apache.cxf/cxf-rt-rs-security-oauth2-saml
public void validate(Message message, SamlAssertionWrapper wrapper) {
validateSAMLVersion(wrapper);
Conditions cs = wrapper.getSaml2().getConditions();
validateAudience(message, cs);
if (issuer != null) {
String actualIssuer = getIssuer(wrapper);
String expectedIssuer = OAuthConstants.CLIENT_ID.equals(issuer)
? wrapper.getSaml2().getSubject().getNameID().getValue() : issuer;
if (actualIssuer == null || !actualIssuer.equals(expectedIssuer)) {
throw ExceptionUtils.toNotAuthorizedException(null, null);
}
}
if (!validateAuthenticationSubject(message, cs, wrapper.getSaml2().getSubject())) {
throw ExceptionUtils.toNotAuthorizedException(null, null);
}
}代码示例来源:origin: apache/cxf
public void validate(Message message, SamlAssertionWrapper wrapper) {
validateSAMLVersion(wrapper);
Conditions cs = wrapper.getSaml2().getConditions();
validateAudience(message, cs);
if (issuer != null) {
String actualIssuer = getIssuer(wrapper);
String expectedIssuer = OAuthConstants.CLIENT_ID.equals(issuer)
? wrapper.getSaml2().getSubject().getNameID().getValue() : issuer;
if (actualIssuer == null || !actualIssuer.equals(expectedIssuer)) {
throw ExceptionUtils.toNotAuthorizedException(null, null);
}
}
if (!validateAuthenticationSubject(message, cs, wrapper.getSaml2().getSubject())) {
throw ExceptionUtils.toNotAuthorizedException(null, null);
}
}代码示例来源:origin: org.apereo.cas/cas-server-support-saml-idp-web
private void storeAttributeQueryTicketInRegistry(final Assertion assertion, final HttpServletRequest request,
final SamlRegisteredServiceServiceProviderMetadataFacade adaptor) {
val value = assertion.getSubject().getNameID().getValue();
val ticketGrantingTicket = CookieUtils.getTicketGrantingTicketFromRequest(
ticketGrantingTicketCookieGenerator, this.ticketRegistry, request);
val ticket = samlAttributeQueryTicketFactory.create(value,
assertion, adaptor.getEntityId(), ticketGrantingTicket);
this.ticketRegistry.addTicket(ticket);
}
}代码示例来源:origin: org.pac4j/pac4j-saml
/**
* Validate the given assertion:
* - issueInstant
* - issuer
* - subject
* - conditions
* - authnStatements
* - signature
*
* @param assertion the assertion
* @param context the context
* @param engine the engine
* @param decrypter the decrypter
*/
protected final void validateAssertion(final Assertion assertion, final SAML2MessageContext context,
final SignatureTrustEngine engine, final Decrypter decrypter) {
validateIssueInstant(assertion.getIssueInstant());
validateIssuer(assertion.getIssuer(), context);
if (assertion.getSubject() != null) {
validateSubject(assertion.getSubject(), context, decrypter);
} else {
throw new SAMAssertionSubjectException("Assertion subject cannot be null");
}
validateAssertionConditions(assertion.getConditions(), context);
validateAuthenticationStatements(assertion.getAuthnStatements(), context);
validateAssertionSignature(assertion.getSignature(), context, engine);
}代码示例来源:origin: org.opensaml/opensaml-saml-impl
/**
* Decrypt any {@link EncryptedID} found in an assertion and replace it with the result.
*
* @param assertion assertion to operate on
*
* @throws EncryptionException if an error occurs
*/
private void processAssertion(@Nonnull final Assertion assertion) throws EncryptionException {
processSubject(assertion.getSubject());
if (assertion.getConditions() != null) {
for (final Condition c : assertion.getConditions().getConditions()) {
if (!(c instanceof DelegationRestrictionType)) {
continue;
}
for (final Delegate d : ((DelegationRestrictionType) c).getDelegates()) {
if (shouldEncrypt(d.getNameID())) {
log.debug("{} Encrypting NameID in Delegate", getLogPrefix());
final EncryptedID encrypted = getEncrypter().encrypt(d.getNameID());
d.setEncryptedID(encrypted);
d.setNameID(null);
}
}
}
}
}代码示例来源:origin: spring-projects/spring-security-saml
protected Assertion resolveAssertion(
org.opensaml.saml.saml2.core.Assertion parsed,
List<SimpleKey> verificationKeys,
List<SimpleKey> localKeys
) {
Signature signature = validateSignature(parsed, verificationKeys);
return new Assertion()
.setSignature(signature)
.setId(parsed.getID())
.setIssueInstant(parsed.getIssueInstant())
.setVersion(parsed.getVersion().toString())
.setIssuer(getIssuer(parsed.getIssuer()))
.setSubject(getSubject(parsed.getSubject(), localKeys))
.setConditions(getConditions(parsed.getConditions()))
.setAuthenticationStatements(getAuthenticationStatements(parsed.getAuthnStatements()))
.setAttributes(getAttributes(parsed.getAttributeStatements(), localKeys))
;
}代码示例来源:origin: apache/cxf
public static Subject getSubject(Message message, SamlAssertionWrapper assertionW) {
if (assertionW.getSaml2() != null) {
org.opensaml.saml.saml2.core.Subject s = assertionW.getSaml2().getSubject();
Subject subject = new Subject();
NameID nameId = s.getNameID();
subject.setNameQualifier(nameId.getNameQualifier());
// if format is transient then we may need to use STSClient
// to request an alternate name from IDP
subject.setNameFormat(nameId.getFormat());
subject.setName(nameId.getValue());
subject.setSpId(nameId.getSPProvidedID());
subject.setSpQualifier(nameId.getSPNameQualifier());
return subject;
} else if (assertionW.getSaml1() != null) {
org.opensaml.saml.saml1.core.Subject s = getSaml1Subject(assertionW);
if (s != null) {
Subject subject = new Subject();
NameIdentifier nameId = s.getNameIdentifier();
subject.setNameQualifier(nameId.getNameQualifier());
// if format is transient then we may need to use STSClient
// to request an alternate name from IDP
subject.setNameFormat(nameId.getFormat());
subject.setName(nameId.getValue());
return subject;
}
}
return null;
}代码示例来源:origin: org.apache.cxf/cxf-rt-rs-security-xml
public static Subject getSubject(Message message, SamlAssertionWrapper assertionW) {
if (assertionW.getSaml2() != null) {
org.opensaml.saml.saml2.core.Subject s = assertionW.getSaml2().getSubject();
Subject subject = new Subject();
NameID nameId = s.getNameID();
subject.setNameQualifier(nameId.getNameQualifier());
// if format is transient then we may need to use STSClient
// to request an alternate name from IDP
subject.setNameFormat(nameId.getFormat());
subject.setName(nameId.getValue());
subject.setSpId(nameId.getSPProvidedID());
subject.setSpQualifier(nameId.getSPNameQualifier());
return subject;
} else if (assertionW.getSaml1() != null) {
org.opensaml.saml.saml1.core.Subject s = getSaml1Subject(assertionW);
if (s != null) {
Subject subject = new Subject();
NameIdentifier nameId = s.getNameIdentifier();
subject.setNameQualifier(nameId.getNameQualifier());
// if format is transient then we may need to use STSClient
// to request an alternate name from IDP
subject.setNameFormat(nameId.getFormat());
subject.setName(nameId.getValue());
return subject;
}
}
return null;
}内容来源于网络,如有侵权,请联系作者删除!