2016-06-02 16:07:45 +00:00
|
|
|
|
|
|
|
|
==== Obtaining Assertion Attributes
|
|
|
|
|
|
2016-06-02 21:33:28 +00:00
|
|
|
After a successful SAML login, your application code may want to obtain attribute values passed with the SAML assertion.
|
|
|
|
|
`HttpServletRequest.getUserPrincipal()` returns a `Principal` object that you can typecast into a {{book.project.name}} specific class
|
|
|
|
|
called `org.keycloak.adapters.saml.SamlPrincipal`.
|
2016-06-02 16:07:45 +00:00
|
|
|
This object allows you to look at the raw assertion and also has convenience functions to look up attribute values.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
[source,java]
|
|
|
|
|
----
|
|
|
|
|
package org.keycloak.adapters.saml;
|
|
|
|
|
|
|
|
|
|
public class SamlPrincipal implements Serializable, Principal {
|
|
|
|
|
/**
|
|
|
|
|
* Get full saml assertion
|
|
|
|
|
*
|
|
|
|
|
* @return
|
|
|
|
|
*/
|
|
|
|
|
public AssertionType getAssertion() {
|
|
|
|
|
...
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Get SAML subject sent in assertion
|
|
|
|
|
*
|
|
|
|
|
* @return
|
|
|
|
|
*/
|
|
|
|
|
public String getSamlSubject() {
|
|
|
|
|
...
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Subject nameID format
|
|
|
|
|
*
|
|
|
|
|
* @return
|
|
|
|
|
*/
|
|
|
|
|
public String getNameIDFormat() {
|
|
|
|
|
...
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
@Override
|
|
|
|
|
public String getName() {
|
|
|
|
|
...
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Convenience function that gets Attribute value by attribute name
|
|
|
|
|
*
|
|
|
|
|
* @param name
|
|
|
|
|
* @return
|
|
|
|
|
*/
|
|
|
|
|
public List<String> getAttributes(String name) {
|
|
|
|
|
...
|
|
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Convenience function that gets Attribute value by attribute friendly name
|
|
|
|
|
*
|
|
|
|
|
* @param friendlyName
|
|
|
|
|
* @return
|
|
|
|
|
*/
|
|
|
|
|
public List<String> getFriendlyAttributes(String friendlyName) {
|
|
|
|
|
...
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Convenience function that gets first value of an attribute by attribute name
|
|
|
|
|
*
|
|
|
|
|
* @param name
|
|
|
|
|
* @return
|
|
|
|
|
*/
|
|
|
|
|
public String getAttribute(String name) {
|
|
|
|
|
...
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Convenience function that gets first value of an attribute by attribute name
|
|
|
|
|
*
|
|
|
|
|
*
|
|
|
|
|
* @param friendlyName
|
|
|
|
|
* @return
|
|
|
|
|
*/
|
|
|
|
|
public String getFriendlyAttribute(String friendlyName) {
|
|
|
|
|
...
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Get set of all assertion attribute names
|
|
|
|
|
*
|
|
|
|
|
* @return
|
|
|
|
|
*/
|
|
|
|
|
public Set<String> getAttributeNames() {
|
|
|
|
|
...
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Get set of all assertion friendly attribute names
|
|
|
|
|
*
|
|
|
|
|
* @return
|
|
|
|
|
*/
|
|
|
|
|
public Set<String> getFriendlyNames() {
|
|
|
|
|
...
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
----
|
