org.opensaml.saml.saml2.core.Assertion.getID()方法的使用及代码示例

x33g5p2x  于2022-01-16 转载在 其他  
字(15.6k)|赞(0)|评价(0)|浏览(107)

本文整理了Java中org.opensaml.saml.saml2.core.Assertion.getID()方法的一些代码示例,展示了Assertion.getID()的具体用法。这些代码示例主要来源于Github/Stackoverflow/Maven等平台,是从一些精选项目中提取出来的代码,具有较强的参考意义,能在一定程度帮忙到你。Assertion.getID()方法的具体详情如下:
包路径:org.opensaml.saml.saml2.core.Assertion
类名称:Assertion
方法名:getID

Assertion.getID介绍

[英]Sets the ID of this assertion.
[中]设置此断言的ID。

代码示例

代码示例来源:origin: net.shibboleth.idp/idp-saml-impl

public String apply(final org.opensaml.saml.saml2.core.Assertion input) {
    return input.getID();
  }
});

代码示例来源:origin: org.wso2.carbon.identity.inbound.auth.saml2/org.wso2.carbon.identity.query.saml

/**
 * This method is used to set signature to a assertion
 *
 * @param assertion          created assertion need to sign
 * @param signatureAlgorithm signature algorithm
 * @param digestAlgorithm    cryptographic hash algorithm
 * @param cred               X509Credential instance
 * @throws IdentitySAML2QueryException If unable to write signature to the assertion
 */
public static void setSignature(Assertion assertion, String signatureAlgorithm, String digestAlgorithm,
                X509Credential cred) throws IdentitySAML2QueryException {
  try {
    doSetSignature(assertion, signatureAlgorithm, digestAlgorithm, cred);
  } catch (IdentityException e) {
    log.error("Unable to set signature to the assertion id"+assertion.getID(),e);
    throw new IdentitySAML2QueryException("Unable to set signature to the assertion id"+assertion.getID(),e);
  }
}

代码示例来源:origin: org.opensaml/opensaml-saml-api

/**
 * Validates that the assertion is a {@link SAMLVersion#VERSION_20} assertion.
 * 
 * @param assertion the assertion to validate
 * @param context current validation context
 * 
 * @return result of the validation evaluation
 * 
 * @throws AssertionValidationException thrown if there is a problem validating the version
 */
@Nonnull protected ValidationResult validateVersion(@Nonnull final Assertion assertion, 
    @Nonnull final ValidationContext context) throws AssertionValidationException {
  
  if (assertion.getVersion() != SAMLVersion.VERSION_20) {
    context.setValidationFailureMessage(String.format(
        "Assertion '%s' is not a SAML 2.0 version Assertion", assertion.getID()));
    return ValidationResult.INVALID;
  }
  return ValidationResult.VALID;
}

代码示例来源:origin: net.shibboleth.idp/idp-saml-impl

/** {@inheritDoc} */
@Override
protected void doExecute(@Nonnull final ProfileRequestContext profileRequestContext) {
  for (final Assertion assertion : assertions) {
    addDelegationRestriction(profileRequestContext,
        SAML2ActionSupport.addConditionsToAssertion(this, assertion));
    log.debug("{} Added DelegationRestrictionType Condition to Assertion {}", 
        getLogPrefix(), assertion.getID());
  }
}

代码示例来源:origin: net.shibboleth.idp/idp-saml-impl

/** {@inheritDoc} */
@Override
protected void doExecute(@Nonnull final ProfileRequestContext profileRequestContext,
    @Nonnull final AuthenticationContext authenticationContext) {
  final Assertion assertion = assertionLookupStrategy.apply(profileRequestContext);
  if (assertion == null) {
    log.error("Unable to obtain Assertion to modify");
    ActionSupport.buildEvent(profileRequestContext, EventIds.INVALID_MSG_CTX);
    return;
  }
  final AuthnStatement statement = buildAuthnStatement(profileRequestContext,
      authenticationContext.getSubcontext(RequestedPrincipalContext.class)); 
  assertion.getAuthnStatements().add(statement);
  log.debug("{} Added AuthenticationStatement to Assertion {}", getLogPrefix(), assertion.getID());
}

代码示例来源:origin: org.opensaml/opensaml-saml-impl

/** {@inheritDoc} */
@Override
protected void doExecute(@Nonnull final ProfileRequestContext profileRequestContext) {
  
  for (final Assertion assertion : response.getAssertions()) {
    addProxyRestriction(profileRequestContext, SAML2ActionSupport.addConditionsToAssertion(this, assertion));
    log.debug("{} Added ProxyRestriction to Assertion {}", getLogPrefix(), assertion.getID());
  }
}

代码示例来源:origin: net.shibboleth.idp/idp-saml-impl

/** {@inheritDoc} */
  @Override protected void doExecute(@Nonnull final ProfileRequestContext profileRequestContext) {

    final Assertion assertion = assertionLookupStrategy.apply(profileRequestContext);
    if (assertion == null) {
      log.error("Unable to obtain Assertion to modify");
      ActionSupport.buildEvent(profileRequestContext, EventIds.INVALID_MSG_CTX);
      return;
    }

    final AuthnStatement statement = getNewAuthnStatement();
    if (statement == null) {
      log.error("Unable to obtain AuthnStatement to add");
      ActionSupport.buildEvent(profileRequestContext, EventIds.MESSAGE_PROC_ERROR);
      return;
    }
    assertion.getAuthnStatements().add(statement);

    log.debug("{} Added AuthenticationStatement to Assertion {}", getLogPrefix(), assertion.getID());
  }
//CheckStyle: ReturnCount OFF

代码示例来源:origin: org.opensaml/opensaml-saml-api

/**
 * Constructs and adds a {@link Assertion} to the given {@link Response}. The {@link Assertion} is constructed
 * using the parameters supplied, and its issue instant is set to the issue instant of the given {@link Response}.
 * 
 * @param action the current action
 * @param response the response to which the assertion will be added
 * @param idGenerator source of assertion ID
 * @param issuer value for assertion
 * 
 * @return the assertion that was added to the response
 */
@Nonnull public static Assertion addAssertionToResponse(@Nonnull final AbstractProfileAction action,
    @Nonnull final Response response, @Nonnull final IdentifierGenerationStrategy idGenerator,
    @Nullable final String issuer) {
  final Assertion assertion = buildAssertion(action, idGenerator, issuer);
  assertion.setIssueInstant(response.getIssueInstant());
  getLogger().debug("Profile Action {}: Added Assertion {} to Response {}",
      new Object[] {action.getClass().getSimpleName(), assertion.getID(), response.getID(),});
  response.getAssertions().add(assertion);
  return assertion;
}

代码示例来源:origin: org.opensaml/opensaml-saml-impl

/**
 * Validates the <code>NotBefore</code> condition of the {@link SubjectConfirmationData}, if any is present.
 * 
 * @param confirmation confirmation method, with {@link SubjectConfirmationData}, being validated
 * @param assertion assertion bearing the confirmation method
 * @param context current validation context
 * 
 * @return the result of the validation evaluation
 * 
 * @throws AssertionValidationException thrown if there is a problem determining the validity of the NotBefore
 */
@Nonnull protected ValidationResult validateNotBefore(@Nonnull final SubjectConfirmation confirmation, 
    @Nonnull final Assertion assertion, @Nonnull final ValidationContext context) 
        throws AssertionValidationException {
  DateTime skewedNow = new DateTime(ISOChronology.getInstanceUTC()).plus(SAML20AssertionValidator
      .getClockSkew(context));
  DateTime notBefore = confirmation.getSubjectConfirmationData().getNotBefore();
  
  log.debug("Evaluating SubjectConfirmationData NotBefore '{}' against 'skewed now' time '{}'",
      notBefore, skewedNow);
  if (notBefore != null && notBefore.isAfter(skewedNow)) {
    context.setValidationFailureMessage(String.format(
        "Subject confirmation, in assertion '%s', with NotBefore condition of '%s' is not yet valid",
        assertion.getID(), notBefore));
    return ValidationResult.INVALID;
  }
  return ValidationResult.VALID;
}

代码示例来源:origin: org.opensaml/opensaml-saml-impl

/** {@inheritDoc} */
@Nonnull public ValidationResult validate(@Nonnull final Condition condition, @Nonnull final Assertion assertion,
    @Nonnull final ValidationContext context) throws AssertionValidationException {
  
  if (!(condition instanceof OneTimeUse) 
      && !Objects.equals(condition.getElementQName(), getServicedCondition())) {
    log.warn("Condition '{}' of type '{}' in assertion '{}' was not an '{}' condition.  Unable to process.",
        new Object[] { condition.getElementQName(), condition.getSchemaType(), assertion.getID(),
            getServicedCondition(), });
    return ValidationResult.INDETERMINATE;
  }
  
  if (!replayCache.check(CACHE_CONTEXT, getCacheValue(assertion), getExpires(assertion, context))) {
    context.setValidationFailureMessage(String.format(
        "Assertion '%s' has a one time use condition and has been used before", assertion.getID()));
    return ValidationResult.INVALID;
  }
  return ValidationResult.VALID;
}

代码示例来源:origin: org.opensaml/opensaml-saml-impl

/** {@inheritDoc} */
  protected void marshallAttributes(XMLObject samlObject, Element domElement) throws MarshallingException {
    Assertion assertion = (Assertion) samlObject;

    if (assertion.getVersion() != null) {
      domElement.setAttributeNS(null, Assertion.VERSION_ATTRIB_NAME, assertion.getVersion().toString());
    }

    if (assertion.getIssueInstant() != null) {
      String issueInstantStr = SAMLConfigurationSupport.getSAMLDateFormatter().print(assertion.getIssueInstant());
      domElement.setAttributeNS(null, Assertion.ISSUE_INSTANT_ATTRIB_NAME, issueInstantStr);
    }

    if (assertion.getID() != null) {
      domElement.setAttributeNS(null, Assertion.ID_ATTRIB_NAME, assertion.getID());
      domElement.setIdAttributeNS(null, Assertion.ID_ATTRIB_NAME, true);
    }
  }
}

代码示例来源:origin: org.opensaml/opensaml-saml-api

/**
 * Creates and adds a {@link Conditions} to a given {@link Assertion}. If the {@link Assertion} already contains an
 * {@link Conditions} this method just returns.
 * 
 * @param action current action
 * @param assertion assertion to which the condition will be added
 * 
 * @return the {@link Conditions} that already existed on, or the one that was added to, the {@link Assertion}
 */
@Nonnull public static Conditions addConditionsToAssertion(@Nonnull final AbstractProfileAction action,
    @Nonnull final Assertion assertion) {
  Conditions conditions = assertion.getConditions();
  if (conditions == null) {
    final SAMLObjectBuilder<Conditions> conditionsBuilder = (SAMLObjectBuilder<Conditions>)
        XMLObjectProviderRegistrySupport.getBuilderFactory().<Conditions>getBuilderOrThrow(
            Conditions.DEFAULT_ELEMENT_NAME);
    conditions = conditionsBuilder.buildObject();
    assertion.setConditions(conditions);
    getLogger().debug("Profile Action {}: Assertion {} did not already contain Conditions, one was added",
        action.getClass().getSimpleName(), assertion.getID());
  } else {
    getLogger().debug("Profile Action {}: Assertion {} already contained Conditions, nothing was done",
        action.getClass().getSimpleName(), assertion.getID());
  }
  return conditions;
}

代码示例来源:origin: org.opensaml/opensaml-saml-impl

/** {@inheritDoc} */
@Override
protected void doExecute(@Nonnull final ProfileRequestContext profileRequestContext) {
  final SAMLObjectBuilder<OneTimeUse> conditionBuilder = (SAMLObjectBuilder<OneTimeUse>)
      XMLObjectProviderRegistrySupport.getBuilderFactory().<OneTimeUse>getBuilderOrThrow(
          OneTimeUse.DEFAULT_ELEMENT_NAME);
  for (final Assertion assertion : response.getAssertions()) {
    final Conditions conditions = SAML2ActionSupport.addConditionsToAssertion(this, assertion);
    if (conditions.getOneTimeUse() == null) {
      conditions.getConditions().add(conditionBuilder.buildObject());
      log.debug("{} Added OneTimeUse condition to Assertion {}", getLogPrefix(), assertion.getID());
    } else {
      log.debug("{} Assertion {} already contained OneTimeUse condition, another was not added",
          getLogPrefix(), assertion.getID());
    }
  }
}

代码示例来源:origin: net.shibboleth.idp/idp-saml-impl

/** {@inheritDoc} */
  @Override protected void doExecute(@Nonnull final ProfileRequestContext profileRequestContext) {
    try {
      final AttributeStatement statement = buildAttributeStatement(profileRequestContext,
          getAttributeContext().getIdPAttributes().values());
      if (statement == null) {
        log.debug("{} No AttributeStatement was built, nothing to do", getLogPrefix());
        return;
      }

      final Assertion assertion = assertionLookupStrategy.apply(profileRequestContext);
      if (assertion == null) {
        log.error("Unable to obtain Assertion to modify");
        ActionSupport.buildEvent(profileRequestContext, EventIds.INVALID_MSG_CTX);
        return;
      }

      assertion.getAttributeStatements().add(statement);

      log.debug("{} Adding constructed AttributeStatement to Assertion {} ", getLogPrefix(), assertion.getID());
    } catch (final AttributeEncodingException e) {
      ActionSupport.buildEvent(profileRequestContext, IdPEventIds.UNABLE_ENCODE_ATTRIBUTE);
    }
  }
//CheckStyle: ReturnCount ON

代码示例来源:origin: org.opensaml/opensaml-saml-impl

/**
 * Get the string value which will be tracked in the cache for purposes of one-time use detection.
 * 
 * @param assertion the SAML 2 Assertion to evaluate
 * 
 * @return the cache value
 * 
 * @throws AssertionValidationException thrown if there is a problem calculating the cached value
 */
@Nonnull protected String getCacheValue(@Nonnull final Assertion assertion) throws AssertionValidationException {
  String issuer = null;
  if (assertion.getIssuer() != null && assertion.getIssuer().getValue() != null) {
    issuer = StringSupport.trimOrNull(assertion.getIssuer().getValue());
  }
  if (issuer == null) {
    issuer = "NoIssuer";
  }
  
  String id = StringSupport.trimOrNull(assertion.getID());
  if (id == null) {
    id = "NoID";
  }
  
  String value = String.format("%s--%s", issuer, id);
  log.debug("Generated one-time use cache value of: {}", value);
  return value;
}

代码示例来源:origin: org.opensaml/opensaml-saml-impl

/** {@inheritDoc} */
@Override
protected void doExecute(@Nonnull final ProfileRequestContext profileRequestContext) {
  
  if (response instanceof org.opensaml.saml.saml1.core.Response) {
    for (final org.opensaml.saml.saml1.core.Assertion assertion :
        ((org.opensaml.saml.saml1.core.Response) response).getAssertions()) {
      addAudienceRestriction(profileRequestContext,
          SAML1ActionSupport.addConditionsToAssertion(this, assertion));
      log.debug("{} Added AudienceRestrictionCondition to Assertion {}", getLogPrefix(), assertion.getID());
    }
  } else if (response instanceof org.opensaml.saml.saml2.core.Response) {
    for (final org.opensaml.saml.saml2.core.Assertion assertion :
        ((org.opensaml.saml.saml2.core.Response) response).getAssertions()) {
      addAudienceRestriction(profileRequestContext,
          SAML2ActionSupport.addConditionsToAssertion(this, assertion));
      log.debug("{} Added AudienceRestrictionCondition to Assertion {}", getLogPrefix(), assertion.getID());
    }
  }
}

代码示例来源:origin: org.opensaml/opensaml-saml-impl

/** {@inheritDoc} */
@Override
protected void doExecute(@Nonnull final ProfileRequestContext profileRequestContext) {
  if (response instanceof org.opensaml.saml.saml1.core.Response) {
    for (final org.opensaml.saml.saml1.core.Assertion assertion :
        ((org.opensaml.saml.saml1.core.Response) response).getAssertions()) {
      log.debug("{} Added NotBefore condition to Assertion {}", getLogPrefix(), assertion.getID());
      SAML1ActionSupport.addConditionsToAssertion(this, assertion).setNotBefore(
          ((org.opensaml.saml.saml1.core.Response) response).getIssueInstant());
    }
  } else if (response instanceof org.opensaml.saml.saml2.core.Response) {
    for (final org.opensaml.saml.saml2.core.Assertion assertion :
        ((org.opensaml.saml.saml2.core.Response) response).getAssertions()) {
      log.debug("{} Added NotBefore condition to Assertion {}", getLogPrefix(), assertion.getID());
      SAML2ActionSupport.addConditionsToAssertion(this, assertion).setNotBefore(
          ((org.opensaml.saml.saml2.core.Response) response).getIssueInstant());
    }
  }
}

代码示例来源:origin: apache/cxf

private String createNewId(SamlAssertionWrapper assertion) {
  if (assertion.getSaml1() != null) {
    org.opensaml.saml.saml1.core.Assertion saml1Assertion = assertion.getSaml1();
    String oldId = saml1Assertion.getID();
    saml1Assertion.setID(IDGenerator.generateID("_"));
    return oldId;
  }
  org.opensaml.saml.saml2.core.Assertion saml2Assertion = assertion.getSaml2();
  String oldId = saml2Assertion.getID();
  saml2Assertion.setID(IDGenerator.generateID("_"));
  return oldId;
}

代码示例来源:origin: org.apache.cxf.services.sts/cxf-services-sts-core

private String createNewId(SamlAssertionWrapper assertion) {
  if (assertion.getSaml1() != null) {
    org.opensaml.saml.saml1.core.Assertion saml1Assertion = assertion.getSaml1();
    String oldId = saml1Assertion.getID();
    saml1Assertion.setID(IDGenerator.generateID("_"));
    return oldId;
  }
  org.opensaml.saml.saml2.core.Assertion saml2Assertion = assertion.getSaml2();
  String oldId = saml2Assertion.getID();
  saml2Assertion.setID(IDGenerator.generateID("_"));
  return oldId;
}

代码示例来源:origin: spring-projects/spring-security-saml

protected Assertion resolveAssertion(
  org.opensaml.saml.saml2.core.Assertion parsed,
  List<SimpleKey> verificationKeys,
  List<SimpleKey> localKeys
) {
  Signature signature = validateSignature(parsed, verificationKeys);
  return new Assertion()
    .setSignature(signature)
    .setId(parsed.getID())
    .setIssueInstant(parsed.getIssueInstant())
    .setVersion(parsed.getVersion().toString())
    .setIssuer(getIssuer(parsed.getIssuer()))
    .setSubject(getSubject(parsed.getSubject(), localKeys))
    .setConditions(getConditions(parsed.getConditions()))
    .setAuthenticationStatements(getAuthenticationStatements(parsed.getAuthnStatements()))
    .setAttributes(getAttributes(parsed.getAttributeStatements(), localKeys))
    ;
}

内容来源于网络,如有侵权,请联系作者删除!

Assertion

相关文章

    查看更多

    热门标签

    更多
    JavaquerypythonNode开发语言requestUtil数据库Table后端算法LoggerMessageElementParser

    最新文章

    更多
    • 蜀ICP备13028337号-1 大数据知识库 https://www.saoniuhuo.com © All rights reserved
    • 本站内容来源互联网,如果侵犯您的权益请联系我们删除, 联系方式:448109455@qq.com