我正在使用Java客户端生成自定义SAML断言,以从支持SAML2承载断言配置文件的WSO2 API Manager获取OAuth令牌。 (https://nallaa.wordpress.com/2013/04/04/saml2-bearer-assertion-profile-for-oauth-2-0-with-wso2-identity-server/)
这是向在WSO2 IS中没有登录的匿名用户发出OAuth令牌。我正在为这些用户生成小ID。使用该唯一ID我生成SAML断言。
现在我想将此逻辑移至node.js.有没有办法在node.js中创建类似于这个逻辑的SAML断言?
private Assertion buildSAMLAssertion() throws Exception {
DefaultBootstrap.bootstrap();
Assertion samlAssertion = new AssertionBuilder().buildObject();
try {
DateTime currentTime = new DateTime();
DateTime notOnOrAfter = new DateTime(currentTime.getMillis() + 60 * 60 * 1000);
samlAssertion.setID(createID());
samlAssertion.setVersion(SAMLVersion.VERSION_20);
samlAssertion.setIssuer(getIssuer());
samlAssertion.setIssueInstant(currentTime);
Subject subject = new SubjectBuilder().buildObject();
NameID nameId = new NameIDBuilder().buildObject();
nameId.setValue(username);
nameId.setFormat(NameIdentifier.EMAIL);
subject.setNameID(nameId);
SubjectConfirmation subjectConfirmation =
new SubjectConfirmationBuilder().buildObject();
subjectConfirmation.setMethod("urn:oasis:names:tc:SAML:2.0:cm:bearer");
SubjectConfirmationData scData = new SubjectConfirmationDataBuilder().buildObject();
scData.setRecipient(recipient);
scData.setNotOnOrAfter(notOnOrAfter);
scData.setInResponseTo(id);
subjectConfirmation.setSubjectConfirmationData(scData);
subject.getSubjectConfirmations().add(subjectConfirmation);
samlAssertion.setSubject(subject);
AuthnStatement authStmt = new AuthnStatementBuilder().buildObject();
authStmt.setAuthnInstant(new DateTime());
AuthnContext authContext = new AuthnContextBuilder().buildObject();
AuthnContextClassRef authCtxClassRef = new AuthnContextClassRefBuilder().buildObject();
authCtxClassRef.setAuthnContextClassRef(AuthnContext.PASSWORD_AUTHN_CTX);
authContext.setAuthnContextClassRef(authCtxClassRef);
authStmt.setAuthnContext(authContext);
samlAssertion.getAuthnStatements().add(authStmt);
if (claims != null) {
samlAssertion.getAttributeStatements().add(buildAttributeStatement(claims));
}
AudienceRestriction audienceRestriction =
new AudienceRestrictionBuilder().buildObject();
if (requestedAudiences != null) {
for (String requestedAudience : requestedAudiences) {
Audience audience = new AudienceBuilder().buildObject();
audience.setAudienceURI(requestedAudience);
audienceRestriction.getAudiences().add(audience);
}
}
Conditions conditions = new ConditionsBuilder().buildObject();
conditions.setNotBefore(currentTime);
conditions.setNotOnOrAfter(notOnOrAfter);
conditions.getAudienceRestrictions().add(audienceRestriction);
samlAssertion.setConditions(conditions);
if (doAssertionSigning) {
setSignature(samlAssertion, XMLSignature.ALGO_ID_SIGNATURE_RSA, getCredential());
}
} catch (Exception e) {
e.printStackTrace();
}
return samlAssertion;
}
答案 0 :(得分:0)
这个[1]是我能找到的唯一一个与构建SAML断言有关的库。你可以在这里找到这个库的源代码[2]。尝试探索它的能力。它目前似乎只支持SAML 1.1令牌