public class AssertionUtil extends Object
| Constructor and Description |
|---|
AssertionUtil() |
| Modifier and Type | Method and Description |
|---|---|
static Document |
asDocument(AssertionType assertion)
Given
AssertionType, convert it into a DOM Document. |
static String |
asString(AssertionType assertion)
Given
AssertionType, convert it into a String |
static AssertionType |
createAssertion(String id,
NameIDType issuer)
Create an assertion
|
static SubjectType |
createAssertionSubject(String userName)
Given a user name, create a
SubjectType that can then be inserted into an assertion |
static AttributeType |
createAttribute(String name,
String nameFormat,
Object... attributeValues)
Create an attribute type
|
static SAML11AssertionType |
createSAML11Assertion(String id,
XMLGregorianCalendar issueInstant,
String issuer)
Create an assertion
|
static void |
createSAML11TimedConditions(SAML11AssertionType assertion,
long durationInMilis,
long clockSkew)
Add validity conditions to the SAML2 Assertion
|
static void |
createTimedConditions(AssertionType assertion,
long durationInMilis)
Add validity conditions to the SAML2 Assertion
|
static void |
createTimedConditions(AssertionType assertion,
long durationInMilis,
long clockSkew)
Add validity conditions to the SAML2 Assertion
|
static Element |
decryptAssertion(SAMLDocumentHolder holder,
ResponseType responseType,
PrivateKey privateKey)
This method modifies the given responseType, and replaces the encrypted assertion with a decrypted version.
|
static AssertionType |
getAssertion(SAMLDocumentHolder holder,
ResponseType responseType,
PrivateKey privateKey) |
static XMLGregorianCalendar |
getExpiration(AssertionType assertion)
Extract the expiration time from an
AssertionType |
static List<String> |
getRoles(AssertionType assertion,
List<String> roleKeys)
Given an assertion, return the list of roles it may have
|
static List<String> |
getRoles(SAML11AssertionType assertion,
List<String> roleKeys)
Given an assertion, return the list of roles it may have
|
protected static Element |
getSignature(Element element) |
static boolean |
hasExpired(AssertionType assertion)
Check whether the assertion has expired.
|
static boolean |
hasExpired(AssertionType assertion,
long clockSkewInMilis)
Verify whether the assertion has expired.
|
static boolean |
hasExpired(SAML11AssertionType assertion)
Check whether the assertion has expired
|
static boolean |
hasExpired(SAML11AssertionType assertion,
long clockSkewInMilis)
Verify whether the assertion has expired.
|
static boolean |
isAssertionEncrypted(ResponseType responseType) |
static boolean |
isSignatureValid(Element element,
KeyLocator keyLocator)
Given an Element, validate the Signature direct child element
|
static boolean |
isSignatureValid(Element element,
PublicKey publicKey)
Given an Element, validate the Signature direct child element
|
static boolean |
isSignedElement(Element element)
Given an Element, check if there is a Signature direct child element
|
public static String asString(AssertionType assertion) throws ProcessingException
AssertionType, convert it into a Stringassertion - ProcessingExceptionpublic static Document asDocument(AssertionType assertion) throws ProcessingException
AssertionType, convert it into a DOM Document.assertion - ProcessingExceptionpublic static SAML11AssertionType createSAML11Assertion(String id, XMLGregorianCalendar issueInstant, String issuer)
id - issuer - public static AssertionType createAssertion(String id, NameIDType issuer)
id - issuer - public static SubjectType createAssertionSubject(String userName)
SubjectType that can then be inserted into an assertionuserName - public static AttributeType createAttribute(String name, String nameFormat, Object... attributeValues)
name - Name of the attributenameFormat - name format uriattributeValues - an object array of attribute valuespublic static void createTimedConditions(AssertionType assertion, long durationInMilis) throws ConfigurationException, IssueInstantMissingException
Add validity conditions to the SAML2 Assertion
There is no clock skew added.
assertion - durationInMilis - ConfigurationExceptionIssueInstantMissingException#createTimedConditions(AssertionType, long, long)}
public static void createTimedConditions(AssertionType assertion, long durationInMilis, long clockSkew) throws ConfigurationException, IssueInstantMissingException
assertion - durationInMilis - ConfigurationExceptionIssueInstantMissingExceptionpublic static void createSAML11TimedConditions(SAML11AssertionType assertion, long durationInMilis, long clockSkew) throws ConfigurationException, IssueInstantMissingException
assertion - durationInMilis - ConfigurationExceptionIssueInstantMissingExceptionpublic static boolean isSignatureValid(Element element, PublicKey publicKey)
public static boolean isSignatureValid(Element element, KeyLocator keyLocator)
element - parent ElementkeyLocator - the KeyLocatorpublic static boolean isSignedElement(Element element)
element - parent Elementpublic static boolean hasExpired(AssertionType assertion) throws ConfigurationException
assertion - ConfigurationExceptionpublic static boolean hasExpired(AssertionType assertion, long clockSkewInMilis) throws ConfigurationException
assertion - clockSkewInMilis - in milisecondsConfigurationExceptionpublic static boolean hasExpired(SAML11AssertionType assertion) throws ConfigurationException
assertion - ConfigurationExceptionpublic static boolean hasExpired(SAML11AssertionType assertion, long clockSkewInMilis) throws ConfigurationException
assertion - clockSkewInMilis - in milisecondsConfigurationExceptionpublic static XMLGregorianCalendar getExpiration(AssertionType assertion)
AssertionTypeassertion - public static List<String> getRoles(AssertionType assertion, List<String> roleKeys)
assertion - The AssertionTyperoleKeys - a list of string values representing the role keys. The list can be null.public static List<String> getRoles(SAML11AssertionType assertion, List<String> roleKeys)
assertion - The SAML11AssertionTyperoleKeys - a list of string values representing the role keys. The list can be null.public static AssertionType getAssertion(SAMLDocumentHolder holder, ResponseType responseType, PrivateKey privateKey) throws ParsingException, ProcessingException, ConfigurationException
public static boolean isAssertionEncrypted(ResponseType responseType) throws ProcessingException
ProcessingExceptionpublic static Element decryptAssertion(SAMLDocumentHolder holder, ResponseType responseType, PrivateKey privateKey) throws ParsingException, ProcessingException, ConfigurationException
responseType - a response containg an encrypted assertionParsingExceptionProcessingExceptionConfigurationExceptionCopyright © 2021 JBoss by Red Hat. All rights reserved.