org.apache.cxf.ws.security.wss4j.SAMLUtils Maven / Gradle / Ivy
/**
* Licensed to the Apache Software Foundation (ASF) under one
* or more contributor license agreements. See the NOTICE file
* distributed with this work for additional information
* regarding copyright ownership. The ASF licenses this file
* to you under the Apache License, Version 2.0 (the
* "License"); you may not use this file except in compliance
* with the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
package org.apache.cxf.ws.security.wss4j;
import java.util.ArrayList;
import java.util.Collections;
import java.util.List;
import org.w3c.dom.Element;
import org.apache.ws.security.saml.ext.AssertionWrapper;
import org.opensaml.common.SAMLVersion;
import org.opensaml.xml.XMLObject;
/**
* internal SAMLUtils to avoid direct reference to opensaml from WSS4J interceptors.
*/
final class SAMLUtils {
private SAMLUtils() {
}
public static List parseRolesInAssertion(Object assertion, String roleAttributeName) {
if (((AssertionWrapper) assertion).getSamlVersion().equals(SAMLVersion.VERSION_20)) {
return parseRolesInAssertion(((AssertionWrapper)assertion).getSaml2(), roleAttributeName);
} else {
return parseRolesInAssertion(((AssertionWrapper)assertion).getSaml1(), roleAttributeName);
}
}
public static String getIssuer(Object assertion) {
return ((AssertionWrapper)assertion).getIssuerString();
}
public static Element getAssertionElement(Object assertion) {
return ((AssertionWrapper)assertion).getElement();
}
//
// these methods are moved from previous WSS4JInInterceptor
//
private static List parseRolesInAssertion(org.opensaml.saml1.core.Assertion assertion,
String roleAttributeName) {
List attributeStatements =
assertion.getAttributeStatements();
if (attributeStatements == null || attributeStatements.isEmpty()) {
return null;
}
List roles = new ArrayList();
for (org.opensaml.saml1.core.AttributeStatement statement : attributeStatements) {
List attributes = statement.getAttributes();
for (org.opensaml.saml1.core.Attribute attribute : attributes) {
if (attribute.getAttributeName().equals(roleAttributeName)) {
for (XMLObject attributeValue : attribute.getAttributeValues()) {
Element attributeValueElement = attributeValue.getDOM();
String value = attributeValueElement.getTextContent();
roles.add(value);
}
if (attribute.getAttributeValues().size() > 1) {
// Don't search for other attributes with the same name if
//
// Value1
// Value2
//
break;
}
}
}
}
return Collections.unmodifiableList(roles);
}
private static List parseRolesInAssertion(org.opensaml.saml2.core.Assertion assertion,
String roleAttributeName) {
List attributeStatements =
assertion.getAttributeStatements();
if (attributeStatements == null || attributeStatements.isEmpty()) {
return null;
}
List roles = new ArrayList();
for (org.opensaml.saml2.core.AttributeStatement statement : attributeStatements) {
List attributes = statement.getAttributes();
for (org.opensaml.saml2.core.Attribute attribute : attributes) {
if (attribute.getName().equals(roleAttributeName)) {
for (XMLObject attributeValue : attribute.getAttributeValues()) {
Element attributeValueElement = attributeValue.getDOM();
String value = attributeValueElement.getTextContent();
roles.add(value);
}
if (attribute.getAttributeValues().size() > 1) {
// Don't search for other attributes with the same name if
//
// Value1
// Value2
//
break;
}
}
}
}
return Collections.unmodifiableList(roles);
}
}
© 2015 - 2025 Weber Informatics LLC | Privacy Policy