public class AssertionUtil extends Object
Constructor and Description |
---|
AssertionUtil() |
Modifier and Type | Method and Description |
---|---|
static Document |
asDocument(AssertionType assertion)
Given
AssertionType , convert it into a DOM Document. |
static String |
asString(AssertionType assertion)
Given
AssertionType , convert it into a String |
static AssertionType |
createAssertion(String id,
NameIDType issuer)
Create an assertion
|
static SubjectType |
createAssertionSubject(String userName)
Given a user name, create a
SubjectType that can then be inserted into an assertion |
static AttributeType |
createAttribute(String name,
String nameFormat,
Object... attributeValues)
Create an attribute type
|
static SAML11AssertionType |
createSAML11Assertion(String id,
XMLGregorianCalendar issueInstant,
String issuer)
Create an assertion
|
static void |
createSAML11TimedConditions(SAML11AssertionType assertion,
long durationInMilis,
long clockSkew)
Add validity conditions to the SAML2 Assertion
|
static void |
createTimedConditions(AssertionType assertion,
long durationInMilis)
Add validity conditions to the SAML2 Assertion
|
static void |
createTimedConditions(AssertionType assertion,
long durationInMilis,
long clockSkew)
Add validity conditions to the SAML2 Assertion
|
static XMLGregorianCalendar |
getExpiration(AssertionType assertion)
Extract the expiration time from an
AssertionType |
static List<String> |
getRoles(AssertionType assertion,
List<String> roleKeys)
Given an assertion, return the list of roles it may have
|
static List<String> |
getRoles(SAML11AssertionType assertion,
List<String> roleKeys)
Given an assertion, return the list of roles it may have
|
static boolean |
hasExpired(AssertionType assertion)
Check whether the assertion has expired
|
static boolean |
hasExpired(AssertionType assertion,
long clockSkewInMilis)
Verify whether the assertion has expired.
|
static boolean |
hasExpired(SAML11AssertionType assertion)
Check whether the assertion has expired
|
static boolean |
hasExpired(SAML11AssertionType assertion,
long clockSkewInMilis)
Verify whether the assertion has expired.
|
static boolean |
isAudience(AssertionType assertionType,
SPType spType)
Checks whether the given assertion is intended for the given
SPType or not. |
static boolean |
isSignatureValid(Element assertionElement,
PublicKey publicKey)
Given an assertion element, validate the signature
|
public static String asString(AssertionType assertion) throws ProcessingException
AssertionType
, convert it into a Stringassertion
- ProcessingException
public static Document asDocument(AssertionType assertion) throws ProcessingException
AssertionType
, convert it into a DOM Document.assertion
- ProcessingException
public static SAML11AssertionType createSAML11Assertion(String id, XMLGregorianCalendar issueInstant, String issuer)
id
- issuer
- public static AssertionType createAssertion(String id, NameIDType issuer)
id
- issuer
- public static SubjectType createAssertionSubject(String userName)
SubjectType
that can then be inserted into an assertionuserName
- public static AttributeType createAttribute(String name, String nameFormat, Object... attributeValues)
name
- Name of the attributenameFormat
- name format uriattributeValues
- an object array of attribute valuespublic static void createTimedConditions(AssertionType assertion, long durationInMilis) throws ConfigurationException, IssueInstantMissingException
Add validity conditions to the SAML2 Assertion
There is no clock skew added.
assertion
- durationInMilis
- ConfigurationException
IssueInstantMissingException
#createTimedConditions(AssertionType, long, long)}
public static void createTimedConditions(AssertionType assertion, long durationInMilis, long clockSkew) throws ConfigurationException, IssueInstantMissingException
assertion
- durationInMilis
- ConfigurationException
IssueInstantMissingException
public static void createSAML11TimedConditions(SAML11AssertionType assertion, long durationInMilis, long clockSkew) throws ConfigurationException, IssueInstantMissingException
assertion
- durationInMilis
- ConfigurationException
IssueInstantMissingException
public static boolean isSignatureValid(Element assertionElement, PublicKey publicKey)
assertionElement
- publicKey
- the PublicKey
public static boolean hasExpired(AssertionType assertion) throws ConfigurationException
assertion
- ConfigurationException
public static boolean hasExpired(AssertionType assertion, long clockSkewInMilis) throws ConfigurationException
assertion
- clockSkewInMilis
- in milisecondsConfigurationException
public static boolean isAudience(AssertionType assertionType, SPType spType)
Checks whether the given assertion is intended for the given SPType
or not.
assertionType
- spType
- public static boolean hasExpired(SAML11AssertionType assertion) throws ConfigurationException
assertion
- ConfigurationException
public static boolean hasExpired(SAML11AssertionType assertion, long clockSkewInMilis) throws ConfigurationException
assertion
- clockSkewInMilis
- in milisecondsConfigurationException
public static XMLGregorianCalendar getExpiration(AssertionType assertion)
AssertionType
assertion
- public static List<String> getRoles(AssertionType assertion, List<String> roleKeys)
assertion
- The AssertionType
roleKeys
- a list of string values representing the role keys. The list can be null.public static List<String> getRoles(SAML11AssertionType assertion, List<String> roleKeys)
assertion
- The SAML11AssertionType
roleKeys
- a list of string values representing the role keys. The list can be null.Copyright © 2018 JBoss by Red Hat. All rights reserved.