public class AssertionUtil extends Object
Constructor and Description |
---|
AssertionUtil() |
Modifier and Type | Method and Description |
---|---|
static Document |
asDocument(AssertionType assertion)
Given
AssertionType , convert it into a DOM Document. |
static String |
asString(AssertionType assertion)
Given
AssertionType , convert it into a String |
static AssertionType |
createAssertion(String id,
NameIDType issuer)
Create an assertion
|
static SubjectType |
createAssertionSubject(String userName)
Given a user name, create a
SubjectType that can then be inserted into an assertion |
static AttributeType |
createAttribute(String name,
String nameFormat,
Object... attributeValues)
Create an attribute type
|
static SAML11AssertionType |
createSAML11Assertion(String id,
XMLGregorianCalendar issueInstant,
String issuer)
Create an assertion
|
static void |
createSAML11TimedConditions(SAML11AssertionType assertion,
long durationInMilis,
long clockSkew)
Add validity conditions to the SAML2 Assertion
|
static void |
createTimedConditions(AssertionType assertion,
long durationInMilis)
Add validity conditions to the SAML2 Assertion
|
static void |
createTimedConditions(AssertionType assertion,
long durationInMilis,
long clockSkew)
Add validity conditions to the SAML2 Assertion
|
static Element |
decryptAssertion(SAMLDocumentHolder holder,
ResponseType responseType,
PrivateKey privateKey)
This method modifies the given responseType, and replaces the encrypted assertion with a decrypted version.
|
static AssertionType |
getAssertion(SAMLDocumentHolder holder,
ResponseType responseType,
PrivateKey privateKey) |
static XMLGregorianCalendar |
getExpiration(AssertionType assertion)
Extract the expiration time from an
AssertionType |
static List<String> |
getRoles(AssertionType assertion,
List<String> roleKeys)
Given an assertion, return the list of roles it may have
|
static List<String> |
getRoles(SAML11AssertionType assertion,
List<String> roleKeys)
Given an assertion, return the list of roles it may have
|
protected static Element |
getSignature(Element element) |
static boolean |
hasExpired(AssertionType assertion)
Check whether the assertion has expired.
|
static boolean |
hasExpired(AssertionType assertion,
long clockSkewInMilis)
Verify whether the assertion has expired.
|
static boolean |
hasExpired(SAML11AssertionType assertion)
Check whether the assertion has expired
|
static boolean |
hasExpired(SAML11AssertionType assertion,
long clockSkewInMilis)
Verify whether the assertion has expired.
|
static boolean |
isAssertionEncrypted(ResponseType responseType) |
static boolean |
isSignatureValid(Element element,
KeyLocator keyLocator)
Given an Element, validate the Signature direct child element
|
static boolean |
isSignatureValid(Element element,
PublicKey publicKey)
Given an Element, validate the Signature direct child element
|
static boolean |
isSignedElement(Element element)
Given an Element, check if there is a Signature direct child element
|
public static String asString(AssertionType assertion) throws ProcessingException
AssertionType
, convert it into a Stringassertion
- ProcessingException
public static Document asDocument(AssertionType assertion) throws ProcessingException
AssertionType
, convert it into a DOM Document.assertion
- ProcessingException
public static SAML11AssertionType createSAML11Assertion(String id, XMLGregorianCalendar issueInstant, String issuer)
id
- issuer
- public static AssertionType createAssertion(String id, NameIDType issuer)
id
- issuer
- public static SubjectType createAssertionSubject(String userName)
SubjectType
that can then be inserted into an assertionuserName
- public static AttributeType createAttribute(String name, String nameFormat, Object... attributeValues)
name
- Name of the attributenameFormat
- name format uriattributeValues
- an object array of attribute valuespublic static void createTimedConditions(AssertionType assertion, long durationInMilis) throws ConfigurationException, IssueInstantMissingException
Add validity conditions to the SAML2 Assertion
There is no clock skew added.
assertion
- durationInMilis
- ConfigurationException
IssueInstantMissingException
#createTimedConditions(AssertionType, long, long)}
public static void createTimedConditions(AssertionType assertion, long durationInMilis, long clockSkew) throws ConfigurationException, IssueInstantMissingException
assertion
- durationInMilis
- ConfigurationException
IssueInstantMissingException
public static void createSAML11TimedConditions(SAML11AssertionType assertion, long durationInMilis, long clockSkew) throws ConfigurationException, IssueInstantMissingException
assertion
- durationInMilis
- ConfigurationException
IssueInstantMissingException
public static boolean isSignatureValid(Element element, PublicKey publicKey)
public static boolean isSignatureValid(Element element, KeyLocator keyLocator)
element
- parent ElementkeyLocator
- the KeyLocator
public static boolean isSignedElement(Element element)
element
- parent Elementpublic static boolean hasExpired(AssertionType assertion) throws ConfigurationException
assertion
- ConfigurationException
public static boolean hasExpired(AssertionType assertion, long clockSkewInMilis) throws ConfigurationException
assertion
- clockSkewInMilis
- in milisecondsConfigurationException
public static boolean hasExpired(SAML11AssertionType assertion) throws ConfigurationException
assertion
- ConfigurationException
public static boolean hasExpired(SAML11AssertionType assertion, long clockSkewInMilis) throws ConfigurationException
assertion
- clockSkewInMilis
- in milisecondsConfigurationException
public static XMLGregorianCalendar getExpiration(AssertionType assertion)
AssertionType
assertion
- public static List<String> getRoles(AssertionType assertion, List<String> roleKeys)
assertion
- The AssertionType
roleKeys
- a list of string values representing the role keys. The list can be null.public static List<String> getRoles(SAML11AssertionType assertion, List<String> roleKeys)
assertion
- The SAML11AssertionType
roleKeys
- a list of string values representing the role keys. The list can be null.public static AssertionType getAssertion(SAMLDocumentHolder holder, ResponseType responseType, PrivateKey privateKey) throws ParsingException, ProcessingException, ConfigurationException
public static boolean isAssertionEncrypted(ResponseType responseType) throws ProcessingException
ProcessingException
public static Element decryptAssertion(SAMLDocumentHolder holder, ResponseType responseType, PrivateKey privateKey) throws ParsingException, ProcessingException, ConfigurationException
responseType
- a response containg an encrypted assertionParsingException
ProcessingException
ConfigurationException
Copyright © 2021 JBoss by Red Hat. All rights reserved.