private Assertion createAssertion()

in src/main/java/com/aws/sap/sample/lambda/sap/oauth/LocalSamlTokenFactory.java [134:238]

• 64 lines of code
• 1 McCabe index (conditional complexity)

	private Assertion createAssertion(Properties _cfg) throws MissingPropertyException, ConfigurationException {
		
		PropertyHandler.checkPropertySet(_cfg, PropertyHandler.CFG_SAML_NAMEID);
		PropertyHandler.checkPropertySet(_cfg, PropertyHandler.CFG_OA2_TOKEN_ENDPOINT);
		PropertyHandler.checkPropertySet(_cfg, PropertyHandler.CFG_SAML_AUDIENCE_RESTRICTION);
		PropertyHandler.checkPropertySet(_cfg, PropertyHandler.CFG_SAML_ISSUER);
		PropertyHandler.checkPropertySet(_cfg, PropertyHandler.CFG_OA2_CLIENT_ID);
		
		// Create the NameIdentifier
		NameID nameId = (NameID) nameIdBuilder.buildObject();
		nameId.setValue(PropertyHandler.getValue(_cfg, PropertyHandler.CFG_SAML_NAMEID));
		nameId.setFormat(PropertyHandler.getValue(_cfg, PropertyHandler.CFG_SAML_NAMEID_FORMAT,"urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified"));
		
		// Create the SubjectConfirmation
		SubjectConfirmationData confirmationMethod = (SubjectConfirmationData) confirmationMethodBuilder.buildObject();

		DateTime now = new DateTime();
		DateTime until = new DateTime().plusHours(4);

		// confirmationMethod.setNotBefore(now);
		confirmationMethod.setNotOnOrAfter(until);
		confirmationMethod.setRecipient(PropertyHandler.getValue(_cfg, PropertyHandler.CFG_OA2_TOKEN_ENDPOINT));

		SubjectConfirmation subjectConfirmation = (SubjectConfirmation) subjectConfirmationBuilder.buildObject();
		subjectConfirmation.setMethod(SubjectConfirmation.METHOD_BEARER);
		subjectConfirmation.setSubjectConfirmationData(confirmationMethod);

		// Create the Subject
		Subject subject = (Subject) subjectBuilder.buildObject();
		subject.setNameID(nameId);
		subject.getSubjectConfirmations().add(subjectConfirmation);

		// Builder Attributes
		//AttributeStatement attrStatement = (AttributeStatement) attrStatementBuilder.buildObject();

		// Create the audience restriction
		AudienceRestriction audienceRestriction = (AudienceRestriction) audienceRestrictionnBuilder.buildObject();

		// Create the audience
		Audience audience = (Audience) audienceBuilder.buildObject();
		audience.setAudienceURI(PropertyHandler.getValue(_cfg, PropertyHandler.CFG_SAML_AUDIENCE_RESTRICTION));
		// add in the audience
		audienceRestriction.getAudiences().add(audience);

		SAMLObjectBuilder conditionsBuilder = (SAMLObjectBuilder) getSAMLBuilder()
				.getBuilder(Conditions.DEFAULT_ELEMENT_NAME);
		Conditions conditions = (Conditions) conditionsBuilder.buildObject();

		// conditions.getConditions().add(condition);
		conditions.getAudienceRestrictions().add(audienceRestriction);
		conditions.setNotBefore(now);
		conditions.setNotOnOrAfter(until);

		// Authnstatement

		AuthnStatement authnStatement = (AuthnStatement) authStatementBuilder.buildObject();
		// authnStatement.setSubject(subject);
		// authnStatement.setAuthenticationMethod(strAuthMethod);
		DateTime now2 = new DateTime();
		authnStatement.setAuthnInstant(now2);
		// authnStatement.setSessionIndex(input.getSessionId());
		authnStatement.setSessionNotOnOrAfter(now2.plus(15));

		AuthnContext authnContext = (AuthnContext) authContextBuilder.buildObject();

		AuthnContextClassRef authnContextClassRef = (AuthnContextClassRef) authContextClassRefBuilder.buildObject();
		authnContextClassRef.setAuthnContextClassRef(PropertyHandler.getValue(_cfg, PropertyHandler.CFG_SAML_AUTHNCONTEXT_PREVIUOUS_AUTHENTICATION,"urn:oasis:names:tc:SAML:2.0:ac:classes:Password"));
		authnContext.setAuthnContextClassRef(authnContextClassRef);
		authnStatement.setAuthnContext(authnContext);

		// Create Issuer
		Issuer issuer = (Issuer) issuerBuilder.buildObject();
		issuer.setValue(PropertyHandler.getValue(_cfg, PropertyHandler.CFG_SAML_ISSUER));
		
		// Create the attribute
		AttributeStatementBuilder attributeStatementBuilder = (AttributeStatementBuilder) builderFactory
				.getBuilder(AttributeStatement.DEFAULT_ELEMENT_NAME);
		AttributeStatement attributeStatement = attributeStatementBuilder.buildObject();

		AttributeBuilder attributeBuilder = (AttributeBuilder) builderFactory
				.getBuilder(Attribute.DEFAULT_ELEMENT_NAME);
		Attribute attr = attributeBuilder.buildObject();
		attr.setName("client_id");

		XSAnyBuilder sb2 = (XSAnyBuilder) builderFactory.getBuilder(XSAny.TYPE_NAME);
		XSAny attrAny = sb2.buildObject(AttributeValue.DEFAULT_ELEMENT_NAME, XSAny.TYPE_NAME);
		attrAny.setTextContent(PropertyHandler.getValue(_cfg, PropertyHandler.CFG_OA2_CLIENT_ID));
		
		attr.getAttributeValues().add(attrAny);
		attributeStatement.getAttributes().add(attr);

		// Create the assertion
		Assertion assertion = (Assertion) assertionBuilder.buildObject();
		assertion.setID("_" + UUID.randomUUID().toString());
		assertion.setSubject(subject);
		assertion.setIssuer(issuer);
		assertion.setIssueInstant(now);
		assertion.getAttributeStatements().add(attributeStatement);
		assertion.getAuthnStatements().add(authnStatement);
		assertion.setVersion(SAMLVersion.VERSION_20);

		assertion.setConditions(conditions);

		return assertion;
	}