[jboss-cvs] Picketlink SVN: r567 - in federation/trunk: picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/wsa and 9 other directories.
jboss-cvs-commits at lists.jboss.org
jboss-cvs-commits at lists.jboss.org
Mon Nov 29 19:32:41 EST 2010
Author: sguilhen at redhat.com
Date: 2010-11-29 19:32:39 -0500 (Mon, 29 Nov 2010)
New Revision: 567
Added:
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/writers/WSTrustRequestWriter.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/writers/WSTrustResponseWriter.java
federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/ws/trust/ComputedKeyType.java
Removed:
federation/trunk/picketlink-fed-api/src/test/java/org/picketlink/test/identity/federation/api/wstrust/
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/WSTrustJAXBFactory.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/writers/WSTrustRSTWriter.java
federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/WST_SAML_ParsingPerfTestCase.java
federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/wstrust/STSClientUnitTestCase.java
federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/wstrust/WSTrustJAXBFactoryUnitTestCase.java
Modified:
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/wsa/WSAddressingParser.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/wst/WSTRequestSecurityTokenParser.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/wst/WSTRequestSecurityTokenResponseParser.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/wst/WSTrustOnBehalfOfParser.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/util/StaxUtil.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/util/TransformerUtil.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/util/XMLSignatureUtil.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/PicketLinkSTS.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/STSClient.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/StandardRequestHandler.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/WSTrustConstants.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/WSTrustUtil.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/plugins/saml/SAML20TokenProvider.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/writers/WSPolicyWriter.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/writers/WSSecurityWriter.java
federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/wst/WSTResponseAssertionHOKCertificateTestCase.java
federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/wst/WSTrustBatchValidateParsingTestCase.java
federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/wst/WSTrustCancelTargetSamlTestCase.java
federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/wst/WSTrustIssueAppliesToTestCase.java
federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/wst/WSTrustIssuePublicCertificateTestCase.java
federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/wst/WSTrustIssuePublicKeyTestCase.java
federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/wst/WSTrustIssueSymmetricKeyTestCase.java
federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/wst/WSTrustIssueTestCase.java
federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/wst/WSTrustOnBehalfOfTestCase.java
federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/wstrust/PicketLinkSTSUnitTestCase.java
federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/wstrust/SAML20TokenProviderUnitTestCase.java
federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/wstrust/SpecialTokenProvider.java
Log:
PLFED-119: Stax is now used to write/parse WS-Trust response messages.
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/wsa/WSAddressingParser.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/wsa/WSAddressingParser.java 2010-11-25 22:20:20 UTC (rev 566)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/wsa/WSAddressingParser.java 2010-11-30 00:32:39 UTC (rev 567)
@@ -34,7 +34,6 @@
import org.picketlink.identity.federation.core.wstrust.WSTrustConstants;
import org.picketlink.identity.federation.ws.addressing.AttributedURIType;
import org.picketlink.identity.federation.ws.addressing.EndpointReferenceType;
-import org.picketlink.identity.federation.ws.addressing.ObjectFactory;
/**
* <p>
@@ -87,7 +86,7 @@
EndElement endElement = (EndElement)xmlEvent;
StaxParserUtil.validate( endElement, ENDPOINT_REFERENCE );
- return new ObjectFactory().createEndpointReference( reference );
+ return reference;
}
}
else
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/wst/WSTRequestSecurityTokenParser.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/wst/WSTRequestSecurityTokenParser.java 2010-11-25 22:20:20 UTC (rev 566)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/wst/WSTRequestSecurityTokenParser.java 2010-11-30 00:32:39 UTC (rev 567)
@@ -142,7 +142,7 @@
EndElement validateTargetEndElement = StaxParserUtil.getNextEndElement(xmlEventReader);
StaxParserUtil.validate( validateTargetEndElement, WSTrustConstants.RENEW_TARGET ) ;
}
- else if( tag.equals( WSTrustConstants.On_BEHALF_OF ))
+ else if( tag.equals( WSTrustConstants.ON_BEHALF_OF ))
{
subEvent = StaxParserUtil.getNextStartElement(xmlEventReader);
@@ -150,7 +150,7 @@
OnBehalfOfType onBehalfOf = (OnBehalfOfType) wstOnBehalfOfParser.parse(xmlEventReader);
requestToken.setOnBehalfOf(onBehalfOf);
EndElement onBehalfOfEndElement = StaxParserUtil.getNextEndElement(xmlEventReader);
- StaxParserUtil.validate( onBehalfOfEndElement, WSTrustConstants.On_BEHALF_OF ) ;
+ StaxParserUtil.validate( onBehalfOfEndElement, WSTrustConstants.ON_BEHALF_OF ) ;
}
else if( tag.equals( WSTrustConstants.KEY_TYPE ))
{
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/wst/WSTRequestSecurityTokenResponseParser.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/wst/WSTRequestSecurityTokenResponseParser.java 2010-11-25 22:20:20 UTC (rev 566)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/wst/WSTRequestSecurityTokenResponseParser.java 2010-11-30 00:32:39 UTC (rev 567)
@@ -1,23 +1,19 @@
/*
- * JBoss, Home of Professional Open Source.
- * Copyright 2008, Red Hat Middleware LLC, and individual contributors
- * as indicated by the @author tags. See the copyright.txt file in the
- * distribution for a full listing of individual contributors.
- *
- * This is free software; you can redistribute it and/or modify it
- * under the terms of the GNU Lesser General Public License as
- * published by the Free Software Foundation; either version 2.1 of
- * the License, or (at your option) any later version.
- *
- * This software is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public
- * License along with this software; if not, write to the Free
- * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
- * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ * JBoss, Home of Professional Open Source. Copyright 2008, Red Hat Middleware LLC, and individual contributors as
+ * indicated by the @author tags. See the copyright.txt file in the distribution for a full listing of individual
+ * contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either version 2.1 of the License, or (at your option) any
+ * later version.
+ *
+ * This software is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied
+ * warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
+ * details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License along with this software; if not, write to
+ * the Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA, or see the FSF site:
+ * http://www.fsf.org.
*/
package org.picketlink.identity.federation.core.parsers.wst;
@@ -34,20 +30,22 @@
import org.picketlink.identity.federation.core.exceptions.ParsingException;
import org.picketlink.identity.federation.core.parsers.ParserController;
import org.picketlink.identity.federation.core.parsers.ParserNamespaceSupport;
-import org.picketlink.identity.federation.core.parsers.saml.SAMLAssertionParser;
import org.picketlink.identity.federation.core.parsers.util.StaxParserUtil;
import org.picketlink.identity.federation.core.parsers.wsse.WSSecurityParser;
-import org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLConstants;
import org.picketlink.identity.federation.core.wstrust.WSTrustConstants;
import org.picketlink.identity.federation.core.wstrust.wrappers.Lifetime;
import org.picketlink.identity.federation.core.wstrust.wrappers.RequestSecurityTokenResponse;
import org.picketlink.identity.federation.ws.policy.AppliesTo;
import org.picketlink.identity.federation.ws.trust.BinarySecretType;
+import org.picketlink.identity.federation.ws.trust.ComputedKeyType;
import org.picketlink.identity.federation.ws.trust.EntropyType;
import org.picketlink.identity.federation.ws.trust.LifetimeType;
import org.picketlink.identity.federation.ws.trust.OnBehalfOfType;
+import org.picketlink.identity.federation.ws.trust.RequestedProofTokenType;
import org.picketlink.identity.federation.ws.trust.RequestedReferenceType;
import org.picketlink.identity.federation.ws.trust.RequestedSecurityTokenType;
+import org.picketlink.identity.federation.ws.trust.RequestedTokenCancelledType;
+import org.picketlink.identity.federation.ws.trust.StatusType;
import org.picketlink.identity.federation.ws.trust.UseKeyType;
import org.picketlink.identity.federation.ws.wss.secext.SecurityTokenReferenceType;
import org.picketlink.identity.federation.ws.wss.utility.AttributedDateTime;
@@ -55,12 +53,14 @@
/**
* Parse the WS-Trust RequestSecurityToken
+ *
* @author Anil.Saldhana at redhat.com
* @since Oct 11, 2010
*/
public class WSTRequestSecurityTokenResponseParser implements ParserNamespaceSupport
-{
+{
public static final String X509CERTIFICATE = "X509Certificate";
+
public static final String KEYVALUE = "KeyValue";
public static final String JDK_TRANSFORMER_PROPERTY = "picketlink.jdk.transformer";
@@ -69,203 +69,238 @@
* @see {@link ParserNamespaceSupport#parse(XMLEventReader)}
*/
public Object parse(XMLEventReader xmlEventReader) throws ParsingException
- {
- StartElement startElement = StaxParserUtil.getNextStartElement( xmlEventReader );
+ {
+ StartElement startElement = StaxParserUtil.getNextStartElement(xmlEventReader);
RequestSecurityTokenResponse responseToken = new RequestSecurityTokenResponse();
- QName contextQName = new QName( "", WSTrustConstants.RST_CONTEXT );
- Attribute contextAttribute = startElement.getAttributeByName( contextQName );
- String contextValue = StaxParserUtil.getAttributeValue( contextAttribute );
- responseToken.setContext( contextValue );
+ QName contextQName = new QName("", WSTrustConstants.RST_CONTEXT);
+ Attribute contextAttribute = startElement.getAttributeByName(contextQName);
+ String contextValue = StaxParserUtil.getAttributeValue(contextAttribute);
+ responseToken.setContext(contextValue);
- while( xmlEventReader.hasNext() )
+ while (xmlEventReader.hasNext())
{
- XMLEvent xmlEvent = StaxParserUtil.peek( xmlEventReader );
- if( xmlEvent == null )
+ XMLEvent xmlEvent = StaxParserUtil.peek(xmlEventReader);
+ if (xmlEvent == null)
break;
- if( xmlEvent instanceof EndElement )
+ if (xmlEvent instanceof EndElement)
{
- xmlEvent = StaxParserUtil.getNextEvent( xmlEventReader );
+ xmlEvent = StaxParserUtil.getNextEvent(xmlEventReader);
EndElement endElement = (EndElement) xmlEvent;
- String endElementTag = StaxParserUtil.getEndElementName( endElement );
- if( endElementTag.equals( WSTrustConstants.RSTR ) )
+ String endElementTag = StaxParserUtil.getEndElementName(endElement);
+ if (endElementTag.equals(WSTrustConstants.RSTR))
break;
}
try
{
- StartElement subEvent = StaxParserUtil.peekNextStartElement( xmlEventReader );
- if( subEvent == null )
+ StartElement subEvent = StaxParserUtil.peekNextStartElement(xmlEventReader);
+ if (subEvent == null)
break;
- String tag = StaxParserUtil.getStartElementName( subEvent );
- if( tag.equals( WSTrustConstants.REQUEST_TYPE ))
- {
+ String tag = StaxParserUtil.getStartElementName(subEvent);
+ if (tag.equals(WSTrustConstants.REQUEST_TYPE))
+ {
subEvent = StaxParserUtil.getNextStartElement(xmlEventReader);
- if( !StaxParserUtil.hasTextAhead( xmlEventReader ))
- throw new ParsingException( "request type is expected ahead" );
+ if (!StaxParserUtil.hasTextAhead(xmlEventReader))
+ throw new ParsingException("request type is expected ahead");
String value = StaxParserUtil.getElementText(xmlEventReader);
- responseToken.setRequestType( new URI( value ));
+ responseToken.setRequestType(new URI(value));
}
- else if( tag.equals( WSTrustConstants.LIFETIME ))
+ else if (tag.equals(WSTrustConstants.LIFETIME))
{
subEvent = StaxParserUtil.getNextStartElement(xmlEventReader);
- StaxParserUtil.validate(subEvent, WSTrustConstants.LIFETIME );
-
-
+ StaxParserUtil.validate(subEvent, WSTrustConstants.LIFETIME);
+
LifetimeType lifeTime = new LifetimeType();
- //Get the Created
+ // Get the Created
subEvent = StaxParserUtil.getNextStartElement(xmlEventReader);
- String subTag = StaxParserUtil.getStartElementName( subEvent );
- if( subTag.equals( WSTrustConstants.CREATED ))
- {
+ String subTag = StaxParserUtil.getStartElementName(subEvent);
+ if (subTag.equals(WSTrustConstants.CREATED))
+ {
AttributedDateTime created = new AttributedDateTime();
- created.setValue( StaxParserUtil.getElementText(xmlEventReader) );
- lifeTime.setCreated( created );
+ created.setValue(StaxParserUtil.getElementText(xmlEventReader));
+ lifeTime.setCreated(created);
}
subEvent = StaxParserUtil.getNextStartElement(xmlEventReader);
- subTag = StaxParserUtil.getStartElementName( subEvent );
-
- if( subTag.equals( WSTrustConstants.EXPIRES ))
- {
+ subTag = StaxParserUtil.getStartElementName(subEvent);
+
+ if (subTag.equals(WSTrustConstants.EXPIRES))
+ {
AttributedDateTime expires = new AttributedDateTime();
- expires.setValue( StaxParserUtil.getElementText(xmlEventReader) );
- lifeTime.setExpires( expires );
- }
+ expires.setValue(StaxParserUtil.getElementText(xmlEventReader));
+ lifeTime.setExpires(expires);
+ }
else
- throw new RuntimeException( subTag + " was unexpected" );
-
- responseToken.setLifetime( new Lifetime( lifeTime ));
+ throw new RuntimeException(subTag + " was unexpected");
+
+ responseToken.setLifetime(new Lifetime(lifeTime));
EndElement lifeTimeElement = StaxParserUtil.getNextEndElement(xmlEventReader);
- StaxParserUtil.validate( lifeTimeElement, WSTrustConstants.LIFETIME ) ;
+ StaxParserUtil.validate(lifeTimeElement, WSTrustConstants.LIFETIME);
}
- else if( tag.equals( WSTrustConstants.TOKEN_TYPE ))
+ else if (tag.equals(WSTrustConstants.TOKEN_TYPE))
{
subEvent = StaxParserUtil.getNextStartElement(xmlEventReader);
- if( !StaxParserUtil.hasTextAhead( xmlEventReader ))
- throw new ParsingException( "token type is expected ahead" );
+ if (!StaxParserUtil.hasTextAhead(xmlEventReader))
+ throw new ParsingException("token type is expected ahead");
String value = StaxParserUtil.getElementText(xmlEventReader);
- responseToken.setTokenType( new URI( value ));
- }
- else if( tag.equals( WSTrustConstants.On_BEHALF_OF ))
+ responseToken.setTokenType(new URI(value));
+ }
+ else if (tag.equals(WSTrustConstants.ON_BEHALF_OF))
{
subEvent = StaxParserUtil.getNextStartElement(xmlEventReader);
- WSTrustOnBehalfOfParser wstOnBehalfOfParser = new WSTrustOnBehalfOfParser();
- OnBehalfOfType onBehalfOf = (OnBehalfOfType) wstOnBehalfOfParser.parse(xmlEventReader);
+ WSTrustOnBehalfOfParser wstOnBehalfOfParser = new WSTrustOnBehalfOfParser();
+ OnBehalfOfType onBehalfOf = (OnBehalfOfType) wstOnBehalfOfParser.parse(xmlEventReader);
responseToken.setOnBehalfOf(onBehalfOf);
EndElement onBehalfOfEndElement = StaxParserUtil.getNextEndElement(xmlEventReader);
- StaxParserUtil.validate( onBehalfOfEndElement, WSTrustConstants.On_BEHALF_OF ) ;
- }
- else if( tag.equals( WSTrustConstants.KEY_TYPE ))
+ StaxParserUtil.validate(onBehalfOfEndElement, WSTrustConstants.ON_BEHALF_OF);
+ }
+ else if (tag.equals(WSTrustConstants.KEY_TYPE))
{
subEvent = StaxParserUtil.getNextStartElement(xmlEventReader);
- if( !StaxParserUtil.hasTextAhead( xmlEventReader ))
- throw new ParsingException( "key type is expected ahead" );
+ if (!StaxParserUtil.hasTextAhead(xmlEventReader))
+ throw new ParsingException("key type is expected ahead");
String keyType = StaxParserUtil.getElementText(xmlEventReader);
try
{
- URI keyTypeURI = new URI( keyType );
- responseToken.setKeyType( keyTypeURI );
+ URI keyTypeURI = new URI(keyType);
+ responseToken.setKeyType(keyTypeURI);
}
- catch( URISyntaxException e )
+ catch (URISyntaxException e)
{
- throw new ParsingException( e );
- }
- }
- else if( tag.equals( WSTrustConstants.KEY_SIZE ))
+ throw new ParsingException(e);
+ }
+ }
+ else if (tag.equals(WSTrustConstants.KEY_SIZE))
{
subEvent = StaxParserUtil.getNextStartElement(xmlEventReader);
- if( !StaxParserUtil.hasTextAhead( xmlEventReader ))
- throw new ParsingException( "key size is expected ahead" );
+ if (!StaxParserUtil.hasTextAhead(xmlEventReader))
+ throw new ParsingException("key size is expected ahead");
String keySize = StaxParserUtil.getElementText(xmlEventReader);
try
- {
- responseToken.setKeySize(Long.parseLong( keySize ));
+ {
+ responseToken.setKeySize(Long.parseLong(keySize));
}
- catch( NumberFormatException e )
+ catch (NumberFormatException e)
{
- throw new ParsingException( e );
- }
- }
- else if( tag.equals( WSTrustConstants.ENTROPY ))
+ throw new ParsingException(e);
+ }
+ }
+ else if (tag.equals(WSTrustConstants.ENTROPY))
{
- subEvent = StaxParserUtil.getNextStartElement(xmlEventReader);
+ subEvent = StaxParserUtil.getNextStartElement(xmlEventReader);
EntropyType entropy = new EntropyType();
subEvent = StaxParserUtil.getNextStartElement(xmlEventReader);
- if( StaxParserUtil.matches(subEvent, WSTrustConstants.BINARY_SECRET ))
+ if (StaxParserUtil.matches(subEvent, WSTrustConstants.BINARY_SECRET))
{
BinarySecretType binarySecret = new BinarySecretType();
- Attribute typeAttribute = subEvent.getAttributeByName( new QName( "", "Type" ));
- binarySecret.setType( StaxParserUtil.getAttributeValue( typeAttribute ));
+ Attribute typeAttribute = subEvent.getAttributeByName(new QName("", "Type"));
+ binarySecret.setType(StaxParserUtil.getAttributeValue(typeAttribute));
- if( !StaxParserUtil.hasTextAhead( xmlEventReader ))
- throw new ParsingException( "binary secret value is expected ahead" );
+ if (!StaxParserUtil.hasTextAhead(xmlEventReader))
+ throw new ParsingException("binary secret value is expected ahead");
- binarySecret.setValue( StaxParserUtil.getElementText(xmlEventReader).getBytes() );
- entropy.getAny().add( binarySecret );
+ binarySecret.setValue(StaxParserUtil.getElementText(xmlEventReader).getBytes());
+ entropy.getAny().add(binarySecret);
}
responseToken.setEntropy(entropy);
}
- else if( tag.equals( WSTrustConstants.USE_KEY ))
+ else if (tag.equals(WSTrustConstants.USE_KEY))
{
- subEvent = StaxParserUtil.getNextStartElement(xmlEventReader);
- UseKeyType useKeyType = new UseKeyType();
- StaxParserUtil.validate( subEvent, WSTrustConstants.USE_KEY ) ;
+ subEvent = StaxParserUtil.getNextStartElement(xmlEventReader);
+ UseKeyType useKeyType = new UseKeyType();
+ StaxParserUtil.validate(subEvent, WSTrustConstants.USE_KEY);
- //We peek at the next start element as the stax source has to be in the START_ELEMENT mode
- subEvent = StaxParserUtil.peekNextStartElement(xmlEventReader);
- if( StaxParserUtil.matches(subEvent, X509CERTIFICATE ))
+ // We peek at the next start element as the stax source has to be in the START_ELEMENT mode
+ subEvent = StaxParserUtil.peekNextStartElement(xmlEventReader);
+ if (StaxParserUtil.matches(subEvent, X509CERTIFICATE))
{
Element domElement = StaxParserUtil.getDOMElement(xmlEventReader);
- //Element domElement = getX509CertificateAsDomElement( subEvent, xmlEventReader );
+ // Element domElement = getX509CertificateAsDomElement( subEvent, xmlEventReader );
- useKeyType.setAny( domElement );
- responseToken.setUseKey( useKeyType );
- }
- else if( StaxParserUtil.matches(subEvent, KEYVALUE ))
+ useKeyType.setAny(domElement);
+ responseToken.setUseKey(useKeyType);
+ }
+ else if (StaxParserUtil.matches(subEvent, KEYVALUE))
{
- //Element domElement = getKeyValueAsDomElement( subEvent, xmlEventReader );
- Element domElement = StaxParserUtil.getDOMElement(xmlEventReader);//
- useKeyType.setAny( domElement );
- responseToken.setUseKey( useKeyType );
+ Element domElement = StaxParserUtil.getDOMElement(xmlEventReader);
+ useKeyType.setAny(domElement);
+ responseToken.setUseKey(useKeyType);
}
- else throw new RuntimeException( "unsupported " + StaxParserUtil.getStartElementName( subEvent ));
+ else
+ throw new RuntimeException("unsupported " + StaxParserUtil.getStartElementName(subEvent));
}
- else if( tag.equals( WSTrustConstants.REQUESTED_TOKEN ))
- {
- responseToken.setRequestedSecurityToken( parseRequestedSecurityTokenType(xmlEventReader) );
+ else if (tag.equals(WSTrustConstants.REQUESTED_TOKEN_CANCELLED))
+ {
+ StaxParserUtil.getNextEndElement(xmlEventReader);
+ responseToken.setRequestedTokenCancelled(new RequestedTokenCancelledType());
}
- else if( tag.equals( WSTrustConstants.REQUESTED_ATTACHED_REFERENCE ))
+ else if (tag.equals(WSTrustConstants.REQUESTED_PROOF_TOKEN))
{
- responseToken.setRequestedAttachedReference( parseRequestedReference(xmlEventReader));
+ subEvent = StaxParserUtil.getNextStartElement(xmlEventReader);
+ RequestedProofTokenType requestedProofToken = new RequestedProofTokenType();
+ subEvent = StaxParserUtil.getNextStartElement(xmlEventReader);
+ if (StaxParserUtil.matches(subEvent, WSTrustConstants.BINARY_SECRET))
+ {
+ BinarySecretType binarySecret = new BinarySecretType();
+ Attribute typeAttribute = subEvent.getAttributeByName(new QName("", "Type"));
+ binarySecret.setType(StaxParserUtil.getAttributeValue(typeAttribute));
+
+ if (!StaxParserUtil.hasTextAhead(xmlEventReader))
+ throw new ParsingException("binary secret value is expected ahead");
+
+ binarySecret.setValue(StaxParserUtil.getElementText(xmlEventReader).getBytes());
+ requestedProofToken.setAny(binarySecret);
+ }
+ else if (StaxParserUtil.matches(subEvent, WSTrustConstants.COMPUTED_KEY))
+ {
+ ComputedKeyType computedKey = new ComputedKeyType();
+ if (!StaxParserUtil.hasTextAhead(xmlEventReader))
+ throw new ParsingException("computed key algorithm is expected ahead");
+ computedKey.setAlgorithm(StaxParserUtil.getElementText(xmlEventReader));
+ requestedProofToken.setAny(computedKey);
+ }
+ responseToken.setRequestedProofToken(requestedProofToken);
}
+ else if (tag.equals(WSTrustConstants.REQUESTED_TOKEN))
+ {
+ responseToken.setRequestedSecurityToken(parseRequestedSecurityTokenType(xmlEventReader));
+ }
+ else if (tag.equals(WSTrustConstants.REQUESTED_ATTACHED_REFERENCE))
+ {
+ responseToken.setRequestedAttachedReference(parseRequestedReference(xmlEventReader));
+ }
+ else if (tag.equals(WSTrustConstants.STATUS))
+ {
+ responseToken.setStatus(this.parseStatusType(xmlEventReader));
+ }
else
{
QName qname = subEvent.getName();
- ParserNamespaceSupport parser = ParserController.get( qname );
- if( parser == null )
- throw new RuntimeException( "Cannot parse " + qname );
+ ParserNamespaceSupport parser = ParserController.get(qname);
+ if (parser == null)
+ throw new RuntimeException("Cannot parse " + qname);
- Object parsedObject = parser.parse( xmlEventReader );
- if( parsedObject instanceof AppliesTo )
+ Object parsedObject = parser.parse(xmlEventReader);
+ if (parsedObject instanceof AppliesTo)
{
- responseToken.setAppliesTo( (AppliesTo) parsedObject );
+ responseToken.setAppliesTo((AppliesTo) parsedObject);
}
}
- }
+ }
catch (URISyntaxException e)
{
- throw new ParsingException( e );
- }
+ throw new ParsingException(e);
+ }
}
return responseToken;
@@ -275,28 +310,26 @@
* @see {@link ParserNamespaceSupport#supports(QName)}
*/
public boolean supports(QName qname)
- {
+ {
String nsURI = qname.getNamespaceURI();
String localPart = qname.getLocalPart();
- return WSTrustConstants.BASE_NAMESPACE.equals( nsURI )
- && WSTrustConstants.RST.equals( localPart );
- }
-
- private RequestedSecurityTokenType parseRequestedSecurityTokenType( XMLEventReader xmlEventReader ) throws ParsingException
+ return WSTrustConstants.BASE_NAMESPACE.equals(nsURI) && WSTrustConstants.RST.equals(localPart);
+ }
+
+ private StatusType parseStatusType(XMLEventReader xmlEventReader) throws ParsingException
{
- RequestedSecurityTokenType requestedSecurityTokenType = new RequestedSecurityTokenType();
-
+ StatusType status = new StatusType();
StartElement startElement = StaxParserUtil.getNextStartElement(xmlEventReader);
- StaxParserUtil.validate(startElement, WSTrustConstants.REQUESTED_TOKEN );
-
+ StaxParserUtil.validate(startElement, WSTrustConstants.STATUS);
+
XMLEvent xmlEvent = null;
- while( xmlEventReader.hasNext() )
+ while (xmlEventReader.hasNext())
{
xmlEvent = StaxParserUtil.peek(xmlEventReader);
- if( xmlEvent instanceof EndElement )
+ if (xmlEvent instanceof EndElement)
{
- if( StaxParserUtil.getEndElementName( (EndElement) xmlEvent ).equals( WSTrustConstants.REQUESTED_TOKEN ))
+ if (StaxParserUtil.getEndElementName((EndElement) xmlEvent).equals(WSTrustConstants.STATUS))
{
xmlEvent = StaxParserUtil.getNextEndElement(xmlEventReader);
break;
@@ -304,32 +337,71 @@
}
startElement = (StartElement) xmlEvent;
String tag = StaxParserUtil.getStartElementName(startElement);
-
- if( tag.equals( JBossSAMLConstants.ASSERTION.get() ))
+
+ if (tag.equals(WSTrustConstants.CODE))
{
- SAMLAssertionParser assertionParser = new SAMLAssertionParser();
- requestedSecurityTokenType.setAny( assertionParser.parse(xmlEventReader) );
+ startElement = StaxParserUtil.getNextStartElement(xmlEventReader);
+ StaxParserUtil.validate(startElement, WSTrustConstants.CODE);
+
+ if (!StaxParserUtil.hasTextAhead(xmlEventReader))
+ throw new ParsingException("Validation code is expected ahead");
+ status.setCode(StaxParserUtil.getElementText(xmlEventReader));
}
+ else if (tag.equals(WSTrustConstants.REASON))
+ {
+ startElement = StaxParserUtil.getNextStartElement(xmlEventReader);
+ StaxParserUtil.validate(startElement, WSTrustConstants.REASON);
+
+ if (!StaxParserUtil.hasTextAhead(xmlEventReader))
+ throw new ParsingException("Validation reason is expected ahead");
+ status.setReason(StaxParserUtil.getElementText(xmlEventReader));
+ }
}
-
+ return status;
+ }
+
+ private RequestedSecurityTokenType parseRequestedSecurityTokenType(XMLEventReader xmlEventReader)
+ throws ParsingException
+ {
+ RequestedSecurityTokenType requestedSecurityTokenType = new RequestedSecurityTokenType();
+
+ StartElement startElement = StaxParserUtil.getNextStartElement(xmlEventReader);
+ StaxParserUtil.validate(startElement, WSTrustConstants.REQUESTED_TOKEN);
+
+ XMLEvent xmlEvent = null;
+ while (xmlEventReader.hasNext())
+ {
+ xmlEvent = StaxParserUtil.peek(xmlEventReader);
+ if (xmlEvent instanceof EndElement)
+ {
+ if (StaxParserUtil.getEndElementName((EndElement) xmlEvent).equals(WSTrustConstants.REQUESTED_TOKEN))
+ {
+ xmlEvent = StaxParserUtil.getNextEndElement(xmlEventReader);
+ break;
+ }
+ }
+ Element tokenElement = StaxParserUtil.getDOMElement(xmlEventReader);
+ requestedSecurityTokenType.setAny(tokenElement);
+ }
+
return requestedSecurityTokenType;
}
-
- private RequestedReferenceType parseRequestedReference( XMLEventReader xmlEventReader ) throws ParsingException
+
+ private RequestedReferenceType parseRequestedReference(XMLEventReader xmlEventReader) throws ParsingException
{
StartElement startElement = StaxParserUtil.getNextStartElement(xmlEventReader);
- StaxParserUtil.validate(startElement, WSTrustConstants.REQUESTED_ATTACHED_REFERENCE );
-
+ StaxParserUtil.validate(startElement, WSTrustConstants.REQUESTED_ATTACHED_REFERENCE);
+
RequestedReferenceType ref = new RequestedReferenceType();
-
+
WSSecurityParser wsseParser = new WSSecurityParser();
SecurityTokenReferenceType secref = (SecurityTokenReferenceType) wsseParser.parse(xmlEventReader);
-
- ref.setSecurityTokenReference( secref );
-
+
+ ref.setSecurityTokenReference(secref);
+
EndElement endElement = StaxParserUtil.getNextEndElement(xmlEventReader);
- StaxParserUtil.validate(endElement, WSTrustConstants.REQUESTED_ATTACHED_REFERENCE );
-
- return ref;
+ StaxParserUtil.validate(endElement, WSTrustConstants.REQUESTED_ATTACHED_REFERENCE);
+
+ return ref;
}
}
\ No newline at end of file
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/wst/WSTrustOnBehalfOfParser.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/wst/WSTrustOnBehalfOfParser.java 2010-11-25 22:20:20 UTC (rev 566)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/wst/WSTrustOnBehalfOfParser.java 2010-11-30 00:32:39 UTC (rev 567)
@@ -70,6 +70,6 @@
String localPart = qname.getLocalPart();
return WSTrustConstants.BASE_NAMESPACE.equals( nsURI )
- && WSTrustConstants.On_BEHALF_OF.equals( localPart );
+ && WSTrustConstants.ON_BEHALF_OF.equals( localPart );
}
}
\ No newline at end of file
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/util/StaxUtil.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/util/StaxUtil.java 2010-11-25 22:20:20 UTC (rev 566)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/util/StaxUtil.java 2010-11-30 00:32:39 UTC (rev 567)
@@ -1,23 +1,19 @@
/*
- * JBoss, Home of Professional Open Source.
- * Copyright 2008, Red Hat Middleware LLC, and individual contributors
- * as indicated by the @author tags. See the copyright.txt file in the
- * distribution for a full listing of individual contributors.
- *
- * This is free software; you can redistribute it and/or modify it
- * under the terms of the GNU Lesser General Public License as
- * published by the Free Software Foundation; either version 2.1 of
- * the License, or (at your option) any later version.
- *
- * This software is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public
- * License along with this software; if not, write to the Free
- * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
- * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ * JBoss, Home of Professional Open Source. Copyright 2008, Red Hat Middleware LLC, and individual contributors as
+ * indicated by the @author tags. See the copyright.txt file in the distribution for a full listing of individual
+ * contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either version 2.1 of the License, or (at your option) any
+ * later version.
+ *
+ * This software is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied
+ * warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
+ * details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License along with this software; if not, write to
+ * the Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA, or see the FSF site:
+ * http://www.fsf.org.
*/
package org.picketlink.identity.federation.core.util;
@@ -40,19 +36,21 @@
/**
* Utility class that deals with StAX
+ *
* @author Anil.Saldhana at redhat.com
* @since Oct 19, 2010
*/
public class StaxUtil
-{
+{
private static ThreadLocal<Stack<String>> registeredNSStack = new ThreadLocal<Stack<String>>();
-
+
/**
* Flush the stream writer
+ *
* @param writer
* @throws ProcessingException
*/
- public static void flush( XMLStreamWriter writer ) throws ProcessingException
+ public static void flush(XMLStreamWriter writer) throws ProcessingException
{
try
{
@@ -60,48 +58,50 @@
}
catch (XMLStreamException e)
{
- throw new ProcessingException( e );
+ throw new ProcessingException(e);
}
}
/**
* Get an {@code XMLEventWriter}
+ *
* @param outStream
* @return
* @throws ProcessingException
*/
- public static XMLEventWriter getXMLEventWriter( final OutputStream outStream ) throws ProcessingException
+ public static XMLEventWriter getXMLEventWriter(final OutputStream outStream) throws ProcessingException
{
XMLOutputFactory xmlOutputFactory = XMLOutputFactory.newInstance();
try
{
- return xmlOutputFactory.createXMLEventWriter( outStream, "UTF-8" );
+ return xmlOutputFactory.createXMLEventWriter(outStream, "UTF-8");
}
catch (XMLStreamException e)
{
- throw new ProcessingException( e );
+ throw new ProcessingException(e);
}
}
/**
* Get an {@code XMLStreamWriter}
+ *
* @param outStream
* @return
* @throws ProcessingException
*/
- public static XMLStreamWriter getXMLStreamWriter( final OutputStream outStream ) throws ProcessingException
+ public static XMLStreamWriter getXMLStreamWriter(final OutputStream outStream) throws ProcessingException
{
XMLOutputFactory xmlOutputFactory = XMLOutputFactory.newInstance();
try
{
- return xmlOutputFactory.createXMLStreamWriter( outStream, "UTF-8" );
+ return xmlOutputFactory.createXMLStreamWriter(outStream, "UTF-8");
}
catch (XMLStreamException e)
{
- throw new ProcessingException( e );
+ throw new ProcessingException(e);
}
}
-
+
public static XMLStreamWriter getXMLStreamWriter(final Result result) throws ProcessingException
{
XMLOutputFactory factory = XMLOutputFactory.newInstance();
@@ -114,287 +114,305 @@
throw new ProcessingException(xe);
}
}
-
+
/**
* Set a prefix
+ *
* @param writer
* @param prefix
* @param nsURI
* @throws ProcessingException
*/
- public static void setPrefix( XMLStreamWriter writer, String prefix, String nsURI ) throws ProcessingException
+ public static void setPrefix(XMLStreamWriter writer, String prefix, String nsURI) throws ProcessingException
{
try
{
- writer.setPrefix(prefix, nsURI );
+ writer.setPrefix(prefix, nsURI);
}
catch (XMLStreamException e)
{
- throw new ProcessingException( e );
+ throw new ProcessingException(e);
}
}
-
+
/**
* Write an attribute
+ *
* @param writer
- * @param attributeName QName of the attribute
+ * @param attributeName
+ * QName of the attribute
* @param attributeValue
* @throws ProcessingException
*/
- public static void writeAttribute( XMLStreamWriter writer, QName attributeName, String attributeValue ) throws ProcessingException
+ public static void writeAttribute(XMLStreamWriter writer, QName attributeName, String attributeValue)
+ throws ProcessingException
{
try
{
- writer.writeAttribute( attributeName.getNamespaceURI() , attributeName.getLocalPart(), attributeValue );
+ writer.writeAttribute(attributeName.getPrefix(), attributeName.getNamespaceURI(),
+ attributeName.getLocalPart(), attributeValue);
}
catch (XMLStreamException e)
{
- throw new ProcessingException( e );
+ throw new ProcessingException(e);
}
}
/**
* Write an xml attribute
+ *
* @param writer
- * @param localName localpart
- * @param value value of the attribute
+ * @param localName
+ * localpart
+ * @param value
+ * value of the attribute
* @throws ProcessingException
*/
- public static void writeAttribute( XMLStreamWriter writer, String localName, String value ) throws ProcessingException
+ public static void writeAttribute(XMLStreamWriter writer, String localName, String value) throws ProcessingException
{
try
- {
+ {
writer.writeAttribute(localName, value);
}
catch (XMLStreamException e)
{
- throw new ProcessingException( e );
+ throw new ProcessingException(e);
}
}
-
+
/**
* Write an xml attribute
+ *
* @param writer
- * @param localName localpart
- * @param type typically xsi:type
- * @param value value of the attribute
+ * @param localName
+ * localpart
+ * @param type
+ * typically xsi:type
+ * @param value
+ * value of the attribute
* @throws ProcessingException
*/
- public static void writeAttribute( XMLStreamWriter writer, String localName, String type, String value ) throws ProcessingException
+ public static void writeAttribute(XMLStreamWriter writer, String localName, String type, String value)
+ throws ProcessingException
{
try
- {
- writer.writeAttribute( localName, type, value );
+ {
+ writer.writeAttribute(localName, type, value);
}
catch (XMLStreamException e)
{
- throw new ProcessingException( e );
+ throw new ProcessingException(e);
}
}
-
+
/**
* Write a string as text node
+ *
* @param writer
* @param value
* @throws ProcessingException
*/
- public static void writeCharacters( XMLStreamWriter writer, String value ) throws ProcessingException
+ public static void writeCharacters(XMLStreamWriter writer, String value) throws ProcessingException
{
try
- {
- writer.writeCharacters( value);
+ {
+ writer.writeCharacters(value);
}
catch (XMLStreamException e)
{
- throw new ProcessingException( e );
+ throw new ProcessingException(e);
}
}
-
+
/**
* Write the default namespace
+ *
* @param writer
* @param ns
* @throws ProcessingException
*/
- public static void writeDefaultNameSpace( XMLStreamWriter writer, String ns ) throws ProcessingException
+ public static void writeDefaultNameSpace(XMLStreamWriter writer, String ns) throws ProcessingException
{
try
{
- writer.writeDefaultNamespace( ns );
+ writer.writeDefaultNamespace(ns);
}
catch (XMLStreamException e)
{
- throw new ProcessingException( e );
+ throw new ProcessingException(e);
}
}
-
+
/**
* Write a DOM Node to the stream
+ *
* @param writer
* @param node
* @throws ProcessingException
*/
- public static void writeDOMNode( XMLStreamWriter writer, Node node ) throws ProcessingException
+ public static void writeDOMNode(XMLStreamWriter writer, Node node) throws ProcessingException
{
try
{
short nodeType = node.getNodeType();
-
- switch( nodeType )
+
+ switch (nodeType)
{
- case Node.ELEMENT_NODE:
- writeDOMElement( writer, (Element) node);
+ case Node.ELEMENT_NODE :
+ writeDOMElement(writer, (Element) node);
break;
- case Node.TEXT_NODE:
+ case Node.TEXT_NODE :
writer.writeCharacters(node.getNodeValue());
break;
- case Node.COMMENT_NODE:
+ case Node.COMMENT_NODE :
writer.writeComment(node.getNodeValue());
- break;
- case Node.CDATA_SECTION_NODE:
+ break;
+ case Node.CDATA_SECTION_NODE :
writer.writeCData(node.getNodeValue());
- break;
- default:
- //Don't care
+ break;
+ default :
+ // Don't care
}
}
catch (DOMException e)
{
- throw new ProcessingException( e );
+ throw new ProcessingException(e);
}
catch (XMLStreamException e)
{
- throw new ProcessingException( e );
- }
+ throw new ProcessingException(e);
+ }
}
-
/**
* Write DOM Element to the stream
+ *
* @param writer
* @param domElement
* @throws ProcessingException
*/
- public static void writeDOMElement( XMLStreamWriter writer, Element domElement ) throws ProcessingException
+ public static void writeDOMElement(XMLStreamWriter writer, Element domElement) throws ProcessingException
{
- if( registeredNSStack.get() == null )
+ if (registeredNSStack.get() == null)
{
- registeredNSStack.set( new Stack<String>() );
+ registeredNSStack.set(new Stack<String>());
}
String domElementPrefix = domElement.getPrefix();
-
- if (domElementPrefix == null)
+
+ if (domElementPrefix == null)
{
- domElementPrefix = "";
+ domElementPrefix = "";
}
-
+
String domElementNS = domElement.getNamespaceURI();
- if (domElementNS == null)
+ if (domElementNS == null)
{
- domElementNS = "";
+ domElementNS = "";
}
-
+
writeStartElement(writer, domElementPrefix, domElement.getLocalName(), domElementNS);
-
- //Should we register namespace
- if( domElementPrefix != "" && !registeredNSStack.get().contains(domElementNS) )
+ // Should we register namespace
+ if (domElementPrefix != "" && !registeredNSStack.get().contains(domElementNS))
{
- // writeNameSpace(writer, domElementPrefix, domElementNS );
- registeredNSStack.get().push( domElementNS );
+ // writeNameSpace(writer, domElementPrefix, domElementNS );
+ registeredNSStack.get().push(domElementNS);
}
// Deal with Attributes
NamedNodeMap attrs = domElement.getAttributes();
- for (int i = 0, len = attrs.getLength(); i < len; ++i)
+ for (int i = 0, len = attrs.getLength(); i < len; ++i)
{
- Attr attr = (Attr) attrs.item(i);
- String attributePrefix = attr.getPrefix();
- String attribLocalName = attr.getLocalName();
- String attribValue = attr.getValue();
+ Attr attr = (Attr) attrs.item(i);
+ String attributePrefix = attr.getPrefix();
+ String attribLocalName = attr.getLocalName();
+ String attribValue = attr.getValue();
- if (attributePrefix == null || attributePrefix.length() == 0)
- {
- if ( "xmlns".equals( attribLocalName ))
- {
- writeDefaultNameSpace( writer, attribValue );
- }
- else
- {
- writeAttribute( writer, attribLocalName, attribValue );
- }
- }
- else
- {
- if ( "xmlns".equals( attributePrefix ))
- {
- writeNameSpace( writer, attribLocalName, attribValue);
- }
- else
- {
- writeAttribute( writer, new QName( attr.getNamespaceURI(), attribLocalName, attributePrefix ), attribValue);
- }
- }
+ if (attributePrefix == null || attributePrefix.length() == 0)
+ {
+ if ("xmlns".equals(attribLocalName))
+ {
+ writeDefaultNameSpace(writer, attribValue);
+ }
+ else
+ {
+ writeAttribute(writer, attribLocalName, attribValue);
+ }
+ }
+ else
+ {
+ if ("xmlns".equals(attributePrefix))
+ {
+ writeNameSpace(writer, attribLocalName, attribValue);
+ }
+ else
+ {
+ writeAttribute(writer, new QName(attr.getNamespaceURI(), attribLocalName, attributePrefix), attribValue);
+ }
+ }
}
- for ( Node child = domElement.getFirstChild(); child != null; child = child.getNextSibling() )
+ for (Node child = domElement.getFirstChild(); child != null; child = child.getNextSibling())
{
- writeDOMNode( writer, child);
+ writeDOMNode(writer, child);
}
writeEndElement(writer);
}
-
-
+
/**
* Write a namespace
+ *
* @param writer
- * @param prefix prefix
- * @param ns Namespace URI
+ * @param prefix
+ * prefix
+ * @param ns
+ * Namespace URI
* @throws ProcessingException
*/
- public static void writeNameSpace( XMLStreamWriter writer, String prefix, String ns ) throws ProcessingException
+ public static void writeNameSpace(XMLStreamWriter writer, String prefix, String ns) throws ProcessingException
{
try
- {
+ {
writer.writeNamespace(prefix, ns);
}
catch (XMLStreamException e)
{
- throw new ProcessingException( e );
+ throw new ProcessingException(e);
}
}
/**
* Write a start element
+ *
* @param writer
* @param prefix
* @param localPart
* @param ns
* @throws ProcessingException
*/
- public static void writeStartElement( XMLStreamWriter writer, String prefix, String localPart, String ns ) throws ProcessingException
+ public static void writeStartElement(XMLStreamWriter writer, String prefix, String localPart, String ns)
+ throws ProcessingException
{
try
{
- writer.writeStartElement( prefix, localPart, ns);
+ writer.writeStartElement(prefix, localPart, ns);
}
catch (XMLStreamException e)
{
- throw new ProcessingException( e );
+ throw new ProcessingException(e);
}
}
/**
* <p>
- * Write an end element. The stream writer keeps track of which start element
- * needs to be closed with an end tag.
+ * Write an end element. The stream writer keeps track of which start element needs to be closed with an end tag.
* </p>
*
* @param writer
* @throws ProcessingException
*/
- public static void writeEndElement( XMLStreamWriter writer ) throws ProcessingException
+ public static void writeEndElement(XMLStreamWriter writer) throws ProcessingException
{
try
{
@@ -402,7 +420,7 @@
}
catch (XMLStreamException e)
{
- throw new ProcessingException( e );
+ throw new ProcessingException(e);
}
}
}
\ No newline at end of file
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/util/TransformerUtil.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/util/TransformerUtil.java 2010-11-25 22:20:20 UTC (rev 566)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/util/TransformerUtil.java 2010-11-30 00:32:39 UTC (rev 567)
@@ -301,7 +301,12 @@
{
Namespace namespace = namespaces.next();
QName name = namespace.getName();
- el.setAttributeNS(name.getNamespaceURI(), "xmlns:" + name.getLocalPart(), namespace.getNamespaceURI());
+ localPart = name.getLocalPart();
+ prefix = name.getPrefix();
+ if (prefix != null && prefix != "")
+ qual = (localPart != null && localPart != "") ? prefix + ":" + localPart : prefix;
+
+ el.setAttributeNS(name.getNamespaceURI(), qual, namespace.getNamespaceURI());
}
XMLEvent nextEvent = StaxParserUtil.peek(xmlEventReader);
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/util/XMLSignatureUtil.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/util/XMLSignatureUtil.java 2010-11-25 22:20:20 UTC (rev 566)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/util/XMLSignatureUtil.java 2010-11-30 00:32:39 UTC (rev 567)
@@ -92,7 +92,8 @@
private static XMLSignatureFactory fac = getXMLSignatureFactory();
- private static XMLSignatureFactory getXMLSignatureFactory()
+ @SuppressWarnings("restriction")
+private static XMLSignatureFactory getXMLSignatureFactory()
{
XMLSignatureFactory xsf = null;
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/PicketLinkSTS.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/PicketLinkSTS.java 2010-11-25 22:20:20 UTC (rev 566)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/PicketLinkSTS.java 2010-11-30 00:32:39 UTC (rev 567)
@@ -1,23 +1,19 @@
/*
- * JBoss, Home of Professional Open Source.
- * Copyright 2009, Red Hat Middleware LLC, and individual contributors
- * as indicated by the @author tags. See the copyright.txt file in the
- * distribution for a full listing of individual contributors.
- *
- * This is free software; you can redistribute it and/or modify it
- * under the terms of the GNU Lesser General Public License as
- * published by the Free Software Foundation; either version 2.1 of
- * the License, or (at your option) any later version.
- *
- * This software is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public
- * License along with this software; if not, write to the Free
- * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
- * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ * JBoss, Home of Professional Open Source. Copyright 2009, Red Hat Middleware LLC, and individual contributors as
+ * indicated by the @author tags. See the copyright.txt file in the distribution for a full listing of individual
+ * contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either version 2.1 of the License, or (at your option) any
+ * later version.
+ *
+ * This software is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied
+ * warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
+ * details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License along with this software; if not, write to
+ * the Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA, or see the FSF site:
+ * http://www.fsf.org.
*/
package org.picketlink.identity.federation.core.wstrust;
@@ -27,6 +23,7 @@
import javax.annotation.Resource;
import javax.xml.transform.Source;
+import javax.xml.transform.dom.DOMResult;
import javax.xml.transform.dom.DOMSource;
import javax.xml.ws.Provider;
import javax.xml.ws.Service;
@@ -45,6 +42,7 @@
import org.picketlink.identity.federation.core.wstrust.wrappers.RequestSecurityTokenCollection;
import org.picketlink.identity.federation.core.wstrust.wrappers.RequestSecurityTokenResponse;
import org.picketlink.identity.federation.core.wstrust.wrappers.RequestSecurityTokenResponseCollection;
+import org.picketlink.identity.federation.core.wstrust.writers.WSTrustResponseWriter;
import org.w3c.dom.Document;
/**
@@ -56,7 +54,7 @@
*/
@WebServiceProvider(serviceName = "PicketLinkSTS", portName = "PicketLinkSTSPort", targetNamespace = "urn:picketlink:identity-federation:sts", wsdlLocation = "WEB-INF/wsdl/PicketLinkSTS.wsdl")
@ServiceMode(value = Service.Mode.PAYLOAD)
-public class PicketLinkSTS implements Provider<Source>//SecurityTokenService
+public class PicketLinkSTS implements Provider<Source>// SecurityTokenService
{
private static Logger logger = Logger.getLogger(PicketLinkSTS.class);
@@ -107,9 +105,11 @@
* Process a security token request.
* </p>
*
- * @param request a {@code RequestSecurityToken} instance that contains the request information.
+ * @param request
+ * a {@code RequestSecurityToken} instance that contains the request information.
* @return a {@code Source} instance representing the marshalled response.
- * @throws WebServiceException Any exception encountered in handling token
+ * @throws WebServiceException
+ * Any exception encountered in handling token
*/
protected Source handleTokenRequest(RequestSecurityToken request)
{
@@ -163,7 +163,8 @@
* Process a collection of security token requests.
* </p>
*
- * @param requestCollection a {@code RequestSecurityTokenCollection} containing the various requests information.
+ * @param requestCollection
+ * a {@code RequestSecurityTokenCollection} containing the various requests information.
* @return a {@code Source} instance representing the marshalled response.
*/
protected Source handleTokenRequestCollection(RequestSecurityTokenCollection requestCollection)
@@ -176,7 +177,8 @@
* Marshalls the specified {@code RequestSecurityTokenResponse} into a {@code Source} instance.
* </p>
*
- * @param response the {@code RequestSecurityTokenResponse} to be marshalled.
+ * @param response
+ * the {@code RequestSecurityTokenResponse} to be marshalled.
* @return the resulting {@code Source} instance.
*/
protected Source marshallResponse(RequestSecurityTokenResponse response)
@@ -184,7 +186,18 @@
// add the single response to a RequestSecurityTokenResponse collection, as per the specification.
RequestSecurityTokenResponseCollection responseCollection = new RequestSecurityTokenResponseCollection();
responseCollection.addRequestSecurityTokenResponse(response);
- return WSTrustJAXBFactory.getInstance().marshallRequestSecurityTokenResponse(responseCollection);
+
+ try
+ {
+ DOMResult result = new DOMResult(DocumentUtil.createDocument());
+ WSTrustResponseWriter writer = new WSTrustResponseWriter(result);
+ writer.write(responseCollection);
+ return new DOMSource(result.getNode());
+ }
+ catch (Exception e)
+ {
+ throw new WebServiceException("Error writting response: " + e.getMessage(), e);
+ }
}
/**
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/STSClient.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/STSClient.java 2010-11-25 22:20:20 UTC (rev 566)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/STSClient.java 2010-11-30 00:32:39 UTC (rev 567)
@@ -34,11 +34,12 @@
import javax.xml.ws.Service.Mode;
import javax.xml.ws.soap.SOAPBinding;
+import org.picketlink.identity.federation.core.parsers.wst.WSTrustParser;
import org.picketlink.identity.federation.core.saml.v2.util.DocumentUtil;
import org.picketlink.identity.federation.core.wstrust.wrappers.RequestSecurityToken;
import org.picketlink.identity.federation.core.wstrust.wrappers.RequestSecurityTokenResponse;
import org.picketlink.identity.federation.core.wstrust.wrappers.RequestSecurityTokenResponseCollection;
-import org.picketlink.identity.federation.core.wstrust.writers.WSTrustRSTWriter;
+import org.picketlink.identity.federation.core.wstrust.writers.WSTrustRequestWriter;
import org.picketlink.identity.federation.ws.trust.CancelTargetType;
import org.picketlink.identity.federation.ws.trust.RenewTargetType;
import org.picketlink.identity.federation.ws.trust.StatusType;
@@ -92,8 +93,9 @@
/**
* Issues a Security Token for the ultimate recipient of the token.
*
- * @param endpointURI - The ultimate recipient of the token. This will be set at the AppliesTo for the
- * RequestSecurityToken which is an optional element so it may be null.
+ * @param endpointURI
+ * - The ultimate recipient of the token. This will be set at the AppliesTo for the RequestSecurityToken
+ * which is an optional element so it may be null.
* @return Element - The Security Token Element which will be of the TokenType configured for the endpointURI passed
* in.
* @throws WSTrustException
@@ -109,11 +111,14 @@
* Issues a Security Token from the STS. This methods has the option of specifying one or both of
* endpointURI/tokenType but at least one must specified.
*
- * @param endpointURI - The ultimate recipient of the token. This will be set at the AppliesTo for the
- * RequestSecurityToken which is an optional element so it may be null.
- * @param tokenType - The type of security token to be issued.
+ * @param endpointURI
+ * - The ultimate recipient of the token. This will be set at the AppliesTo for the RequestSecurityToken
+ * which is an optional element so it may be null.
+ * @param tokenType
+ * - The type of security token to be issued.
* @return Element - The Security Token Element issued.
- * @throws IllegalArgumentException If neither endpointURI nor tokenType was specified.
+ * @throws IllegalArgumentException
+ * If neither endpointURI nor tokenType was specified.
* @throws WSTrustException
*/
public Element issueToken(String endpointURI, String tokenType) throws WSTrustException
@@ -132,13 +137,18 @@
* Issues a security token on behalf of the specified principal.
* </p>
*
- * @param endpointURI the ultimate recipient of the token. This will be set at the AppliesTo for the
- * RequestSecurityToken which is an optional element so it may be null.
- * @param tokenType the type of the token to be issued.
- * @param principal the {@code Principal} to whom the token will be issued.
+ * @param endpointURI
+ * the ultimate recipient of the token. This will be set at the AppliesTo for the RequestSecurityToken
+ * which is an optional element so it may be null.
+ * @param tokenType
+ * the type of the token to be issued.
+ * @param principal
+ * the {@code Principal} to whom the token will be issued.
* @return an {@code Element} representing the issued security token.
- * @throws IllegalArgumentException If neither endpointURI nor tokenType was specified.
- * @throws WSTrustException if an error occurs while issuing the security token.
+ * @throws IllegalArgumentException
+ * If neither endpointURI nor tokenType was specified.
+ * @throws WSTrustException
+ * if an error occurs while issuing the security token.
*/
public Element issueTokenOnBehalfOf(String endpointURI, String tokenType, Principal principal)
throws WSTrustException
@@ -289,17 +299,24 @@
DOMSource requestSource = this.createSourceFromRequest(request);
Source response = dispatchLocal.get().invoke(requestSource);
- RequestSecurityTokenResponseCollection responseCollection = (RequestSecurityTokenResponseCollection) WSTrustJAXBFactory
- .getInstance().parseRequestSecurityTokenResponse(response);
- RequestSecurityTokenResponse tokenResponse = responseCollection.getRequestSecurityTokenResponses().get(0);
+ try
+ {
+ RequestSecurityTokenResponseCollection responseCollection = (RequestSecurityTokenResponseCollection) new WSTrustParser()
+ .parse(DocumentUtil.getSourceAsStream(response));
+ RequestSecurityTokenResponse tokenResponse = responseCollection.getRequestSecurityTokenResponses().get(0);
- StatusType status = tokenResponse.getStatus();
- if (status != null)
+ StatusType status = tokenResponse.getStatus();
+ if (status != null)
+ {
+ String code = status.getCode();
+ return WSTrustConstants.STATUS_CODE_VALID.equals(code);
+ }
+ return false;
+ }
+ catch (Exception e)
{
- String code = status.getCode();
- return WSTrustConstants.STATUS_CODE_VALID.equals(code);
+ throw new WSTrustException("Error parsing WS-Trust response: " + e.getMessage(), e);
}
- return false;
}
/**
@@ -307,9 +324,11 @@
* Cancels the specified security token by sending a WS-Trust cancel message to the STS.
* </p>
*
- * @param securityToken the security token to be canceled.
+ * @param securityToken
+ * the security token to be canceled.
* @return {@code true} if the token has been canceled by the STS; {@code false} otherwise.
- * @throws WSTrustException if an error occurs while processing the cancel request.
+ * @throws WSTrustException
+ * if an error occurs while processing the cancel request.
*/
public boolean cancelToken(Element securityToken) throws WSTrustException
{
@@ -321,18 +340,23 @@
request.setCancelTarget(cancelTarget);
request.setContext("context");
- // marshal the request and send it to the STS.
- WSTrustJAXBFactory jaxbFactory = WSTrustJAXBFactory.getInstance();
DOMSource requestSource = this.createSourceFromRequest(request);
Source response = dispatchLocal.get().invoke(requestSource);
// get the WS-Trust response and check for presence of the RequestTokenCanceled element.
- RequestSecurityTokenResponseCollection responseCollection = (RequestSecurityTokenResponseCollection) jaxbFactory
- .parseRequestSecurityTokenResponse(response);
- RequestSecurityTokenResponse tokenResponse = responseCollection.getRequestSecurityTokenResponses().get(0);
- if (tokenResponse.getRequestedTokenCancelled() != null)
- return true;
- return false;
+ try
+ {
+ RequestSecurityTokenResponseCollection responseCollection = (RequestSecurityTokenResponseCollection) new WSTrustParser()
+ .parse(DocumentUtil.getSourceAsStream(response));
+ RequestSecurityTokenResponse tokenResponse = responseCollection.getRequestSecurityTokenResponses().get(0);
+ if (tokenResponse.getRequestedTokenCancelled() != null)
+ return true;
+ return false;
+ }
+ catch (Exception e)
+ {
+ throw new WSTrustException("Error parsing WS-Trust response: " + e.getMessage(), e);
+ }
}
public Dispatch<Source> getDispatch()
@@ -345,7 +369,7 @@
try
{
DOMResult result = new DOMResult(DocumentUtil.createDocument());
- WSTrustRSTWriter writer = new WSTrustRSTWriter(result);
+ WSTrustRequestWriter writer = new WSTrustRequestWriter(result);
writer.write(request);
return new DOMSource(result.getNode());
}
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/StandardRequestHandler.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/StandardRequestHandler.java 2010-11-25 22:20:20 UTC (rev 566)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/StandardRequestHandler.java 2010-11-30 00:32:39 UTC (rev 567)
@@ -40,6 +40,7 @@
import org.picketlink.identity.federation.ws.policy.AppliesTo;
import org.picketlink.identity.federation.ws.trust.BinarySecretType;
import org.picketlink.identity.federation.ws.trust.ClaimsType;
+import org.picketlink.identity.federation.ws.trust.ComputedKeyType;
import org.picketlink.identity.federation.ws.trust.EntropyType;
import org.picketlink.identity.federation.ws.trust.ObjectFactory;
import org.picketlink.identity.federation.ws.trust.RequestedProofTokenType;
@@ -195,13 +196,13 @@
{
clientSecret = Base64.decode(new String(WSTrustUtil.getBinarySecret(clientEntropy)));
serverEntropy = new EntropyType();
- serverEntropy.getAny().add(objFactory.createBinarySecret(serverBinarySecret));
+ serverEntropy.getAny().add(serverBinarySecret);
}
if (clientSecret != null && clientSecret.length != 0)
{
// client secret has been specified - combine it with the sts secret.
- requestedProofToken.setAny(objFactory.createComputedKey(WSTrustConstants.CK_PSHA1));
+ requestedProofToken.setAny(new ComputedKeyType(WSTrustConstants.CK_PSHA1));
byte[] combinedSecret = null;
try
{
@@ -218,7 +219,7 @@
else
{
// client secret has not been specified - use the sts secret only.
- requestedProofToken.setAny(objFactory.createBinarySecret(serverBinarySecret));
+ requestedProofToken.setAny(serverBinarySecret);
requestContext.setProofTokenInfo(WSTrustUtil.createKeyInfo(serverBinarySecret.getValue(),
providerPublicKey, keyWrapAlgo));
}
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/WSTrustConstants.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/WSTrustConstants.java 2010-11-25 22:20:20 UTC (rev 566)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/WSTrustConstants.java 2010-11-30 00:32:39 UTC (rev 567)
@@ -87,7 +87,8 @@
String CREATED = "Created";
String ENTROPY = "Entropy";
String EXPIRES = "Expires";
- String On_BEHALF_OF = "OnBehalfOf";
+ String ON_BEHALF_OF = "OnBehalfOf";
+ String COMPUTED_KEY = "ComputedKey";
String KEY_SIZE = "KeySize";
String KEY_TYPE = "KeyType";
String LIFETIME = "Lifetime";
@@ -96,6 +97,8 @@
String RST_COLLECTION = "RequestSecurityTokenCollection";
String RSTR_COLLECTION = "RequestSecurityTokenResponseCollection";
String REQUESTED_TOKEN = "RequestedSecurityToken";
+ String REQUESTED_TOKEN_CANCELLED = "RequestedTokenCancelled";
+ String REQUESTED_PROOF_TOKEN = "RequestedProofToken";
String REQUESTED_ATTACHED_REFERENCE = "RequestedAttachedReference";
String REQUEST_TYPE = "RequestType";
String TOKEN_TYPE = "TokenType";
@@ -103,6 +106,9 @@
String RENEW_TARGET = "RenewTarget";
String VALIDATE_TARGET = "ValidateTarget";
String USE_KEY = "UseKey";
+ String STATUS = "Status";
+ String CODE = "Code";
+ String REASON = "Reason";
//Attribute Names
String RST_CONTEXT = "Context";
@@ -129,5 +135,6 @@
String PREFIX_11 = "wsse11";
String SECURITY_TOKEN_REFERENCE = "SecurityTokenReference";
String USERNAME_TOKEN = "UsernameToken";
+ String VALUE_TYPE = "ValueType";
}
}
\ No newline at end of file
Deleted: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/WSTrustJAXBFactory.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/WSTrustJAXBFactory.java 2010-11-25 22:20:20 UTC (rev 566)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/WSTrustJAXBFactory.java 2010-11-30 00:32:39 UTC (rev 567)
@@ -1,361 +0,0 @@
-/*
- * JBoss, Home of Professional Open Source.
- * Copyright 2009, Red Hat Middleware LLC, and individual contributors
- * as indicated by the @author tags. See the copyright.txt file in the
- * distribution for a full listing of individual contributors.
- *
- * This is free software; you can redistribute it and/or modify it
- * under the terms of the GNU Lesser General Public License as
- * published by the Free Software Foundation; either version 2.1 of
- * the License, or (at your option) any later version.
- *
- * This software is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public
- * License along with this software; if not, write to the Free
- * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
- * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
- */
-package org.picketlink.identity.federation.core.wstrust;
-
-import javax.xml.bind.Binder;
-import javax.xml.bind.JAXBElement;
-import javax.xml.bind.JAXBException;
-import javax.xml.bind.Marshaller;
-import javax.xml.bind.Unmarshaller;
-import javax.xml.transform.Source;
-
-import org.apache.log4j.Logger;
-import org.picketlink.identity.federation.core.saml.v2.common.SAMLDocumentHolder;
-import org.picketlink.identity.federation.core.saml.v2.util.DocumentUtil;
-import org.picketlink.identity.federation.core.util.JAXBUtil;
-import org.picketlink.identity.federation.core.wstrust.wrappers.BaseRequestSecurityToken;
-import org.picketlink.identity.federation.core.wstrust.wrappers.BaseRequestSecurityTokenResponse;
-import org.picketlink.identity.federation.core.wstrust.wrappers.RequestSecurityToken;
-import org.picketlink.identity.federation.core.wstrust.wrappers.RequestSecurityTokenResponse;
-import org.picketlink.identity.federation.core.wstrust.wrappers.RequestSecurityTokenResponseCollection;
-import org.picketlink.identity.federation.ws.trust.ObjectFactory;
-import org.picketlink.identity.federation.ws.trust.RequestSecurityTokenResponseCollectionType;
-import org.picketlink.identity.federation.ws.trust.RequestSecurityTokenType;
-import org.w3c.dom.Document;
-import org.w3c.dom.Element;
-import org.w3c.dom.Node;
-import org.w3c.dom.NodeList;
-
-/**
- * <p>
- * This factory implements utility methods for converting between JAXB model objects and XML source.
- * </p>
- *
- * @author <a href="mailto:sguilhen at redhat.com">Stefan Guilhen</a>
- */
-public class WSTrustJAXBFactory
-{
- private static Logger log = Logger.getLogger(WSTrustJAXBFactory.class);
-
- private boolean trace = log.isTraceEnabled();
-
- private static final WSTrustJAXBFactory instance = new WSTrustJAXBFactory();
-
- private Marshaller marshaller;
-
- private Unmarshaller unmarshaller;
-
- private Binder<Node> binder;
-
- private final ObjectFactory objectFactory;
-
- private ThreadLocal<SAMLDocumentHolder> holders = new ThreadLocal<SAMLDocumentHolder>();
-
- /**
- * <p>
- * Creates the {@code WSTrustJAXBFactory} singleton instance.
- * </p>
- */
- private WSTrustJAXBFactory()
- {
- try
- {
- this.marshaller = JAXBUtil.getMarshaller(this.getPackages());
- this.unmarshaller = JAXBUtil.getUnmarshaller(this.getPackages());
- this.binder = JAXBUtil.getJAXBContext(this.getPackages()).createBinder();
- this.objectFactory = new ObjectFactory();
- }
- catch (JAXBException e)
- {
- throw new RuntimeException(e.getMessage(), e);
- }
- }
-
- /**
- * <p>
- * Gets a reference to the singleton instance.
- * </p>
- *
- * @return a reference to the {@code WSTrustJAXBFactory} instance.
- */
- public static WSTrustJAXBFactory getInstance()
- {
- return instance;
- }
-
- private String getPackages()
- {
- StringBuilder packages = new StringBuilder();
- packages.append("org.picketlink.identity.federation.ws.addressing");
- packages.append(":org.picketlink.identity.federation.ws.policy");
- packages.append(":org.picketlink.identity.federation.ws.trust");
- packages.append(":org.picketlink.identity.federation.ws.wss.secext");
- packages.append(":org.picketlink.identity.federation.ws.wss.utility");
- packages.append(":org.picketlink.identity.xmlsec.w3.xmldsig");
- return packages.toString();
- }
-
- /**
- * <p>
- * Creates a {@code BaseRequestSecurityToken} from the specified XML source.
- * </p>
- *
- * @param request
- * the XML source containing the security token request message.
- * @return the constructed {@code BaseRequestSecurityToken} instance. It will be an instance of {@code
- * RequestSecurityToken} the message contains a single token request, and an instance of {@code
- * RequestSecurityTokenCollection} if multiples requests are being made in the same message.
- */
- @SuppressWarnings("unchecked")
- public BaseRequestSecurityToken parseRequestSecurityToken(Source request) throws WSTrustException
- {
- // if the request contains a validate, cancel, or renew target, we must preserve it from JAXB unmarshalling.
- try
- {
- Node documentNode = DocumentUtil.getNodeFromSource(request);
- Document document = documentNode instanceof Document ? (Document) documentNode : documentNode
- .getOwnerDocument();
-
- JAXBElement<RequestSecurityTokenType> jaxbRST;
- Node rst = this.findNodeByNameNS(document, "RequestSecurityToken", WSTrustConstants.BASE_NAMESPACE);
- if (rst == null)
- throw new RuntimeException("Request Security Token node not found");
-
- jaxbRST = (JAXBElement<RequestSecurityTokenType>) binder.unmarshal(rst);
-
- RequestSecurityTokenType rstt = jaxbRST.getValue();
-
- SAML2SecurityToken samlSecurityToken = new SAML2SecurityToken(rstt);
- holders.set(new SAMLDocumentHolder(samlSecurityToken, document));
- return new RequestSecurityToken(rstt);
- }
- catch (Exception e)
- {
- throw new WSTrustException("Error parsing security token request", e);
- }
- }
-
- /**
- * <p>
- * Creates a {@code BaseRequestSecurityTokenResponse} from the specified XML source.
- * </p>
- *
- * @param response
- * the XML source containing the security token response message.
- * @return the constructed {@code BaseRequestSecurityTokenResponse} instance. According to the WS-Trust
- * specification, the returned object will be an instance of {@code RequestSecurityTokenResponseCollection}.
- */
- public BaseRequestSecurityTokenResponse parseRequestSecurityTokenResponse(Source response) throws WSTrustException
- {
- // if the response contains an issued token, we must preserve it from the JAXB unmarshalling.
- Element tokenElement = null;
- Node documentNode = null;
- try
- {
- documentNode = DocumentUtil.getNodeFromSource(response);
- }
- catch (Exception e)
- {
- throw new WSTrustException("Failed to transform request source", e);
- }
-
- Document document = documentNode instanceof Document ? (Document) documentNode : documentNode.getOwnerDocument();
- Node requestedTokenNode = this.findNodeByNameNS(document, "RequestedSecurityToken",
- WSTrustConstants.BASE_NAMESPACE);
- if (requestedTokenNode != null)
- tokenElement = (Element) requestedTokenNode.getFirstChild();
-
- try
- {
- Object object = this.unmarshaller.unmarshal(documentNode);
- if (object instanceof JAXBElement)
- {
- JAXBElement<?> element = (JAXBElement<?>) object;
- if (element.getDeclaredType().equals(RequestSecurityTokenResponseCollectionType.class))
- {
- RequestSecurityTokenResponseCollection collection = new RequestSecurityTokenResponseCollection(
- (RequestSecurityTokenResponseCollectionType) element.getValue());
- // insert the security token in the parsed response.
- if (tokenElement != null)
- {
- RequestSecurityTokenResponse parsedResponse = collection.getRequestSecurityTokenResponses().get(0);
- parsedResponse.getRequestedSecurityToken().setAny(tokenElement);
- }
- return collection;
- }
- else
- throw new RuntimeException("Invalid response type: " + element.getDeclaredType());
- }
- else
- throw new RuntimeException("Invalid response type: " + object.getClass().getName());
- }
- catch (JAXBException e)
- {
- throw new RuntimeException("Failed to unmarshall security token response", e);
- }
- }
-
- /**
- * <p>
- * Creates a {@code javax.xml.transform.Source} from the specified request object.
- * </p>
- *
- * @param request
- * a {@code RequestSecurityToken} representing the object model of the security token request.
- * @return the constructed {@code Source} instance.
- */
- public Source marshallRequestSecurityToken(RequestSecurityToken request)
- {
- Element targetElement = null;
- // if the request has a validate, cancel, or renew target, we must preserve it from JAXB marshaling.
- String requestType = request.getRequestType().toString();
- if (requestType.equalsIgnoreCase(WSTrustConstants.VALIDATE_REQUEST) && request.getValidateTarget() != null)
- {
- targetElement = (Element) request.getValidateTarget().getAny();
- request.getValidateTarget().setAny(null);
- }
- else if (requestType.equalsIgnoreCase(WSTrustConstants.RENEW_REQUEST) && request.getRenewTarget() != null)
- {
- targetElement = (Element) request.getRenewTarget().getAny();
- request.getRenewTarget().setAny(null);
- }
- else if (requestType.equalsIgnoreCase(WSTrustConstants.CANCEL_REQUEST) && request.getCancelTarget() != null)
- {
- targetElement = (Element) request.getCancelTarget().getAny();
- request.getCancelTarget().setAny(null);
- }
-
- Document result = null;
- try
- {
- result = DocumentUtil.createDocument();
- this.marshaller.marshal(this.objectFactory.createRequestSecurityToken(request.getDelegate()), result);
-
- // insert the original target in the appropriate element.
- if (targetElement != null)
- {
- Node node = null;
- if (requestType.equalsIgnoreCase(WSTrustConstants.VALIDATE_REQUEST))
- node = this.findNodeByNameNS(result, "ValidateTarget", WSTrustConstants.BASE_NAMESPACE);
- else if (requestType.equalsIgnoreCase(WSTrustConstants.RENEW_REQUEST))
- node = this.findNodeByNameNS(result, "RenewTarget", WSTrustConstants.BASE_NAMESPACE);
- else if (requestType.equalsIgnoreCase(WSTrustConstants.CANCEL_REQUEST))
- node = this.findNodeByNameNS(result, "CancelTarget", WSTrustConstants.BASE_NAMESPACE);
- if (node == null)
- throw new RuntimeException("Unsupported request type:" + requestType);
- node.appendChild(result.importNode(targetElement, true));
- }
- }
- catch (Exception e)
- {
- throw new RuntimeException("Failed to marshall security token request", e);
- }
-
- return DocumentUtil.getXMLSource(result);
- }
-
- /**
- * <p>
- * Creates a {@code javax.xml.transform.Source} from the specified response object.
- * </p>
- *
- * @param collection
- * a {@code RequestSecurityTokenResponseCollection} representing the object model of the security token
- * response.
- * @return the constructed {@code Source} instance.
- */
- public Source marshallRequestSecurityTokenResponse(RequestSecurityTokenResponseCollection collection)
- {
- if (collection.getRequestSecurityTokenResponses().size() == 0)
- throw new IllegalArgumentException("The response collection must contain at least one response");
-
- // if the response contains an issued token, we must preserve it from the JAXB marshaling.
- Element tokenElement = null;
- RequestSecurityTokenResponse response = collection.getRequestSecurityTokenResponses().get(0);
- if (response.getRequestedSecurityToken() != null)
- {
- tokenElement = (Element) response.getRequestedSecurityToken().getAny();
- // we don't want to marshall any token - it will be inserted in the DOM document later.
- response.getRequestedSecurityToken().setAny(null);
- }
-
- Document result = null;
- try
- {
- // marshall the response to a document and insert the issued token directly on the document.
- result = DocumentUtil.createDocument();
- this.marshaller.marshal(this.objectFactory.createRequestSecurityTokenResponseCollection(collection
- .getDelegate()), result);
-
- // the document is a ws-trust template - we need to insert the token in the appropriate element.
- if (tokenElement != null)
- {
- Node node = this.findNodeByNameNS(result, "RequestedSecurityToken", WSTrustConstants.BASE_NAMESPACE);
- node.appendChild(result.importNode(tokenElement, true));
- }
- if (trace)
- {
- log.trace("Final RSTR doc:" + DocumentUtil.asString(result));
- }
-
- }
- catch (Exception e)
- {
- throw new RuntimeException("Failed to marshall security token response", e);
- }
- return DocumentUtil.getXMLSource(result);
- }
-
- /**
- * Return the {@code SAMLDocumentHolder} for the thread
- * @return
- */
- public SAMLDocumentHolder getSAMLDocumentHolderOnThread()
- {
- return holders.get();
- }
-
- /**
- * <p>
- * Finds in the specified document a node that matches the specified name and namespace.
- * </p>
- *
- * @param document
- * the {@code Document} instance upon which the search is made.
- * @param localName
- * a {@code String} containing the local name of the searched node.
- * @param namespace
- * a {@code String} containing the namespace of the searched node.
- * @return a {@code Node} representing the searched node. If more than one node is found in the document, the first
- * one will be returned. If no nodes were found according to the search parameters, then {@code null} is
- * returned.
- */
- private Node findNodeByNameNS(Document document, String localName, String namespace)
- {
- NodeList list = document.getElementsByTagNameNS(namespace, localName);
- if (list == null || list.getLength() == 0)
- // log("Unable to locate element " + localName + " with namespace " + namespace);
- return null;
- return list.item(0);
- }
-
-}
\ No newline at end of file
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/WSTrustUtil.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/WSTrustUtil.java 2010-11-25 22:20:20 UTC (rev 566)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/WSTrustUtil.java 2010-11-30 00:32:39 UTC (rev 567)
@@ -53,7 +53,6 @@
import org.picketlink.identity.federation.core.wstrust.wrappers.Lifetime;
import org.picketlink.identity.federation.ws.addressing.AttributedURIType;
import org.picketlink.identity.federation.ws.addressing.EndpointReferenceType;
-import org.picketlink.identity.federation.ws.addressing.ObjectFactory;
import org.picketlink.identity.federation.ws.policy.AppliesTo;
import org.picketlink.identity.federation.ws.trust.BinarySecretType;
import org.picketlink.identity.federation.ws.trust.EntropyType;
@@ -116,8 +115,7 @@
Map<QName, String> attributes)
{
SecurityTokenReferenceType securityTokenReference = new SecurityTokenReferenceType();
- securityTokenReference.getAny().add(
- new org.picketlink.identity.federation.ws.wss.secext.ObjectFactory().createKeyIdentifier(keyIdentifier));
+ securityTokenReference.getAny().add(keyIdentifier);
securityTokenReference.getOtherAttributes().putAll(attributes);
RequestedReferenceType reference = new RequestedReferenceType();
reference.setSecurityTokenReference(securityTokenReference);
@@ -140,7 +138,7 @@
EndpointReferenceType reference = new EndpointReferenceType();
reference.setAddress(attributedURI);
AppliesTo appliesTo = new AppliesTo();
- appliesTo.getAny().add(new ObjectFactory().createEndpointReference(reference));
+ appliesTo.getAny().add(reference);
return appliesTo;
}
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/plugins/saml/SAML20TokenProvider.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/plugins/saml/SAML20TokenProvider.java 2010-11-25 22:20:20 UTC (rev 566)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/plugins/saml/SAML20TokenProvider.java 2010-11-30 00:32:39 UTC (rev 567)
@@ -1,23 +1,19 @@
/*
- * JBoss, Home of Professional Open Source.
- * Copyright 2009, Red Hat Middleware LLC, and individual contributors
- * as indicated by the @author tags. See the copyright.txt file in the
- * distribution for a full listing of individual contributors.
- *
- * This is free software; you can redistribute it and/or modify it
- * under the terms of the GNU Lesser General Public License as
- * published by the Free Software Foundation; either version 2.1 of
- * the License, or (at your option) any later version.
- *
- * This software is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public
- * License along with this software; if not, write to the Free
- * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
- * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ * JBoss, Home of Professional Open Source. Copyright 2009, Red Hat Middleware LLC, and individual contributors as
+ * indicated by the @author tags. See the copyright.txt file in the distribution for a full listing of individual
+ * contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either version 2.1 of the License, or (at your option) any
+ * later version.
+ *
+ * This software is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied
+ * warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
+ * details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License along with this software; if not, write to
+ * the Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA, or see the FSF site:
+ * http://www.fsf.org.
*/
package org.picketlink.identity.federation.core.wstrust.plugins.saml;
@@ -167,8 +163,8 @@
this.attributeProvider.setProperties(this.properties);
}
else
- logger.warn("Attribute provider not installed: " + attributeProviderClassName +
- "is not an instance of SAML20TokenAttributeProvider");
+ logger.warn("Attribute provider not installed: " + attributeProviderClassName
+ + "is not an instance of SAML20TokenAttributeProvider");
}
catch (PrivilegedActionException pae)
{
@@ -182,7 +178,7 @@
* (non-Javadoc)
*
* @see org.picketlink.identity.federation.core.wstrust.SecurityTokenProvider#
- * cancelToken(org.picketlink.identity.federation.core.wstrust.WSTrustRequestContext)
+ * cancelToken(org.picketlink.identity.federation.core.wstrust.WSTrustRequestContext)
*/
public void cancelToken(WSTrustRequestContext context) throws WSTrustException
{
@@ -203,7 +199,7 @@
* (non-Javadoc)
*
* @see org.picketlink.identity.federation.core.wstrust.SecurityTokenProvider#
- * issueToken(org.picketlink.identity.federation.core.wstrust.WSTrustRequestContext)
+ * issueToken(org.picketlink.identity.federation.core.wstrust.WSTrustRequestContext)
*/
public void issueToken(WSTrustRequestContext context) throws WSTrustException
{
@@ -288,7 +284,8 @@
// set the SAML assertion attached reference.
KeyIdentifierType keyIdentifier = WSTrustUtil.createKeyIdentifier(SAMLUtil.SAML2_VALUE_TYPE, "#" + assertionID);
Map<QName, String> attributes = new HashMap<QName, String>();
- attributes.put(new QName(WSTrustConstants.WSSE11_NS, "TokenType"), SAMLUtil.SAML2_TOKEN_TYPE);
+ attributes.put(new QName(WSTrustConstants.WSSE11_NS, "TokenType", WSTrustConstants.WSSE.PREFIX_11),
+ SAMLUtil.SAML2_TOKEN_TYPE);
RequestedReferenceType attachedReference = WSTrustUtil.createRequestedReference(keyIdentifier, attributes);
context.setAttachedReference(attachedReference);
}
@@ -297,7 +294,7 @@
* (non-Javadoc)
*
* @see org.picketlink.identity.federation.core.wstrust.SecurityTokenProvider#
- * renewToken(org.picketlink.identity.federation.core.wstrust.WSTrustRequestContext)
+ * renewToken(org.picketlink.identity.federation.core.wstrust.WSTrustRequestContext)
*/
public void renewToken(WSTrustRequestContext context) throws WSTrustException
{
@@ -364,7 +361,7 @@
* (non-Javadoc)
*
* @see org.picketlink.identity.federation.core.wstrust.SecurityTokenProvider#
- * validateToken(org.picketlink.identity.federation.core.wstrust.WSTrustRequestContext)
+ * validateToken(org.picketlink.identity.federation.core.wstrust.WSTrustRequestContext)
*/
public void validateToken(WSTrustRequestContext context) throws WSTrustException
{
@@ -431,8 +428,9 @@
* <p>
* Checks whether the specified element is a SAMLV2.0 assertion or not.
* </p>
- *
- * @param element the {@code Element} being verified.
+ *
+ * @param element
+ * the {@code Element} being verified.
* @return {@code true} if the element is a SAMLV2.0 assertion; {@code false} otherwise.
*/
private boolean isAssertion(Element element)
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/writers/WSPolicyWriter.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/writers/WSPolicyWriter.java 2010-11-25 22:20:20 UTC (rev 566)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/writers/WSPolicyWriter.java 2010-11-30 00:32:39 UTC (rev 567)
@@ -66,10 +66,9 @@
{
for( Object content: contentList )
{
- JAXBElement<?> jaxb = (JAXBElement<?>) content;
- if( EndpointReferenceType.class.equals( jaxb.getDeclaredType() ) )
+ if( content instanceof EndpointReferenceType )
{
- EndpointReferenceType endpointReference = (EndpointReferenceType) jaxb.getValue();
+ EndpointReferenceType endpointReference = (EndpointReferenceType) content;
WSAddressingWriter wsAddressingWriter = new WSAddressingWriter(this.writer);
wsAddressingWriter.write(endpointReference);
}
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/writers/WSSecurityWriter.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/writers/WSSecurityWriter.java 2010-11-25 22:20:20 UTC (rev 566)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/writers/WSSecurityWriter.java 2010-11-30 00:32:39 UTC (rev 567)
@@ -1,27 +1,22 @@
/*
- * JBoss, Home of Professional Open Source.
- * Copyright 2008, Red Hat Middleware LLC, and individual contributors
- * as indicated by the @author tags. See the copyright.txt file in the
- * distribution for a full listing of individual contributors.
- *
- * This is free software; you can redistribute it and/or modify it
- * under the terms of the GNU Lesser General Public License as
- * published by the Free Software Foundation; either version 2.1 of
- * the License, or (at your option) any later version.
- *
- * This software is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public
- * License along with this software; if not, write to the Free
- * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
- * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ * JBoss, Home of Professional Open Source. Copyright 2008, Red Hat Middleware LLC, and individual contributors as
+ * indicated by the @author tags. See the copyright.txt file in the distribution for a full listing of individual
+ * contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either version 2.1 of the License, or (at your option) any
+ * later version.
+ *
+ * This software is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied
+ * warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
+ * details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License along with this software; if not, write to
+ * the Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA, or see the FSF site:
+ * http://www.fsf.org.
*/
package org.picketlink.identity.federation.core.wstrust.writers;
-
import static org.picketlink.identity.federation.core.wsse.WSSecurityConstants.ID;
import static org.picketlink.identity.federation.core.wsse.WSSecurityConstants.USERNAME;
import static org.picketlink.identity.federation.core.wsse.WSSecurityConstants.USERNAME_TOKEN;
@@ -30,52 +25,124 @@
import static org.picketlink.identity.federation.core.wsse.WSSecurityConstants.WSU_NS;
import static org.picketlink.identity.federation.core.wsse.WSSecurityConstants.WSU_PREFIX;
+import java.util.HashSet;
+import java.util.Map;
+import java.util.Set;
+
+import javax.xml.datatype.XMLGregorianCalendar;
import javax.xml.namespace.QName;
import javax.xml.stream.XMLStreamWriter;
import org.picketlink.identity.federation.core.exceptions.ProcessingException;
import org.picketlink.identity.federation.core.util.StaxUtil;
import org.picketlink.identity.federation.core.util.StringUtil;
+import org.picketlink.identity.federation.core.wstrust.WSTrustConstants;
import org.picketlink.identity.federation.ws.wss.secext.AttributedString;
+import org.picketlink.identity.federation.ws.wss.secext.KeyIdentifierType;
+import org.picketlink.identity.federation.ws.wss.secext.SecurityTokenReferenceType;
import org.picketlink.identity.federation.ws.wss.secext.UsernameTokenType;
/**
* Write WS-Security Elements
+ *
* @author Anil.Saldhana at redhat.com
* @since Nov 8, 2010
*/
public class WSSecurityWriter
{
private XMLStreamWriter writer;
-
+
public WSSecurityWriter(XMLStreamWriter writer)
{
this.writer = writer;
}
-
+
public void write(UsernameTokenType usernameToken) throws ProcessingException
{
- StaxUtil.writeStartElement( writer, WSSE_PREFIX, USERNAME_TOKEN, WSSE_NS );
- StaxUtil.writeNameSpace( writer, WSSE_PREFIX, WSSE_NS );
-
+ StaxUtil.writeStartElement(writer, WSSE_PREFIX, USERNAME_TOKEN, WSSE_NS);
+ StaxUtil.writeNameSpace(writer, WSSE_PREFIX, WSSE_NS);
+
String id = usernameToken.getId();
- if( StringUtil.isNullOrEmpty( id ))
- throw new ProcessingException( " Id on the UsernameToken is null" );
+ if (StringUtil.isNullOrEmpty(id))
+ throw new ProcessingException(" Id on the UsernameToken is null");
+
+ QName wsuIDQName = new QName(WSU_NS, ID, WSU_PREFIX);
+ StaxUtil.writeNameSpace(writer, WSU_PREFIX, WSU_NS);
+ StaxUtil.writeAttribute(writer, wsuIDQName, id);
+
+ AttributedString userNameAttr = usernameToken.getUsername();
+ if (userNameAttr == null)
+ throw new ProcessingException(" User Name is null on the UsernameToken");
+
+ StaxUtil.writeStartElement(writer, WSSE_PREFIX, USERNAME, WSSE_NS);
+ StaxUtil.writeCharacters(writer, userNameAttr.getValue());
+ StaxUtil.writeEndElement(writer);
+
+ StaxUtil.writeEndElement(writer);
+ StaxUtil.flush(writer);
+ }
+
+ public void writeLifetime(XMLGregorianCalendar created, XMLGregorianCalendar expires) throws ProcessingException
+ {
+ // write the created element.
+ StaxUtil.writeStartElement(this.writer, WSU_PREFIX, WSTrustConstants.CREATED, WSU_NS);
+ StaxUtil.writeNameSpace(this.writer, WSU_PREFIX, WSU_NS);
+ StaxUtil.writeCharacters(this.writer, created.toXMLFormat());
+ StaxUtil.writeEndElement(this.writer);
+
+ // write the expires element.
+ StaxUtil.writeStartElement(this.writer, WSU_PREFIX, WSTrustConstants.EXPIRES, WSU_NS);
+ StaxUtil.writeNameSpace(this.writer, WSU_PREFIX, WSU_NS);
+ StaxUtil.writeCharacters(this.writer, expires.toXMLFormat());
+ StaxUtil.writeEndElement(this.writer);
+
+ StaxUtil.flush(this.writer);
+ }
+
+ public void writeSecurityTokenReference(SecurityTokenReferenceType secRef) throws ProcessingException
+ {
+ Set<String> usedNamespaces = new HashSet<String>();
+ usedNamespaces.add(WSSE_NS);
- StaxUtil.setPrefix(writer, WSU_PREFIX, WSU_NS );
- QName wsuIDQName = new QName( WSU_NS, ID, WSU_PREFIX );
- StaxUtil.writeAttribute(writer, wsuIDQName, id );
- StaxUtil.writeNameSpace(writer, WSU_PREFIX, WSU_NS );
+ StaxUtil.writeStartElement(writer, WSSE_PREFIX, WSTrustConstants.WSSE.SECURITY_TOKEN_REFERENCE, WSSE_NS);
+ StaxUtil.writeNameSpace(writer, WSSE_PREFIX, WSSE_NS);
+
+ // write the id attribute, if available.
+ if (secRef.getId() != null && secRef.getId() != "")
+ {
+ QName wsuIDQName = new QName(WSU_NS, ID, WSU_PREFIX);
+ StaxUtil.writeNameSpace(writer, WSU_PREFIX, WSU_NS);
+ StaxUtil.writeAttribute(writer, wsuIDQName, secRef.getId());
+ usedNamespaces.add(WSU_NS);
+ }
+
+ // write all other attributes.
+ for (Map.Entry<QName, String> entry : secRef.getOtherAttributes().entrySet())
+ {
+ QName key = entry.getKey();
+ // check if the namespace needs to be written.
+ if (!usedNamespaces.contains(key.getNamespaceURI()))
+ {
+ StaxUtil.writeNameSpace(this.writer, key.getPrefix(), key.getNamespaceURI());
+ usedNamespaces.add(key.getNamespaceURI());
+ }
+ StaxUtil.writeAttribute(this.writer, key, entry.getValue());
+ }
- AttributedString userNameAttr = usernameToken.getUsername();
- if( userNameAttr == null )
- throw new ProcessingException( " User Name is null on the UsernameToken" );
+ // write the key identifier, if available.
+ for (Object obj : secRef.getAny())
+ {
+ if (obj instanceof KeyIdentifierType)
+ {
+ KeyIdentifierType keyId = (KeyIdentifierType) obj;
+ StaxUtil.writeStartElement(this.writer, WSSE_PREFIX, WSTrustConstants.WSSE.KEY_IDENTIFIER, WSSE_NS);
+ StaxUtil.writeAttribute(this.writer, WSTrustConstants.WSSE.VALUE_TYPE, keyId.getValueType());
+ StaxUtil.writeCharacters(this.writer, keyId.getValue());
+ StaxUtil.writeEndElement(this.writer);
+ }
+ }
- StaxUtil.writeStartElement( writer, WSSE_PREFIX, USERNAME, WSSE_NS );
- StaxUtil.writeCharacters(writer, userNameAttr.getValue() );
- StaxUtil.writeEndElement( writer );
-
- StaxUtil.writeEndElement( writer );
- StaxUtil.flush( writer );
+ StaxUtil.writeEndElement(this.writer);
+ StaxUtil.flush(this.writer);
}
}
\ No newline at end of file
Deleted: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/writers/WSTrustRSTWriter.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/writers/WSTrustRSTWriter.java 2010-11-25 22:20:20 UTC (rev 566)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/writers/WSTrustRSTWriter.java 2010-11-30 00:32:39 UTC (rev 567)
@@ -1,449 +0,0 @@
-/*
- * JBoss, Home of Professional Open Source.
- * Copyright 2008, Red Hat Middleware LLC, and individual contributors
- * as indicated by the @author tags. See the copyright.txt file in the
- * distribution for a full listing of individual contributors.
- *
- * This is free software; you can redistribute it and/or modify it
- * under the terms of the GNU Lesser General Public License as
- * published by the Free Software Foundation; either version 2.1 of
- * the License, or (at your option) any later version.
- *
- * This software is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public
- * License along with this software; if not, write to the Free
- * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
- * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
- */
-package org.picketlink.identity.federation.core.wstrust.writers;
-
-import static org.picketlink.identity.federation.core.wstrust.WSTrustConstants.BASE_NAMESPACE;
-import static org.picketlink.identity.federation.core.wstrust.WSTrustConstants.PREFIX;
-import static org.picketlink.identity.federation.core.wstrust.WSTrustConstants.RST;
-import static org.picketlink.identity.federation.core.wstrust.WSTrustConstants.RST_COLLECTION;
-import static org.picketlink.identity.federation.core.wstrust.WSTrustConstants.RST_CONTEXT;
-
-import java.io.OutputStream;
-import java.net.URI;
-import java.util.List;
-
-import javax.xml.stream.XMLStreamWriter;
-import javax.xml.transform.Result;
-
-import org.picketlink.identity.federation.core.exceptions.ProcessingException;
-import org.picketlink.identity.federation.core.saml.v2.writers.SAMLAssertionWriter;
-import org.picketlink.identity.federation.core.util.StaxUtil;
-import org.picketlink.identity.federation.core.wstrust.WSTrustConstants;
-import org.picketlink.identity.federation.core.wstrust.wrappers.RequestSecurityToken;
-import org.picketlink.identity.federation.core.wstrust.wrappers.RequestSecurityTokenCollection;
-import org.picketlink.identity.federation.saml.v2.assertion.AssertionType;
-import org.picketlink.identity.federation.ws.policy.AppliesTo;
-import org.picketlink.identity.federation.ws.trust.BinarySecretType;
-import org.picketlink.identity.federation.ws.trust.CancelTargetType;
-import org.picketlink.identity.federation.ws.trust.EntropyType;
-import org.picketlink.identity.federation.ws.trust.OnBehalfOfType;
-import org.picketlink.identity.federation.ws.trust.RenewTargetType;
-import org.picketlink.identity.federation.ws.trust.UseKeyType;
-import org.picketlink.identity.federation.ws.trust.ValidateTargetType;
-import org.picketlink.identity.federation.ws.wss.secext.UsernameTokenType;
-import org.picketlink.identity.xmlsec.w3.xmldsig.KeyValueType;
-import org.picketlink.identity.xmlsec.w3.xmldsig.RSAKeyValueType;
-import org.w3c.dom.Element;
-
-/**
- * Given a {@code RequestSecurityToken}, write into an {@code OutputStream}
- * @author Anil.Saldhana at redhat.com
- * @since Oct 19, 2010
- */
-public class WSTrustRSTWriter
-{
- private XMLStreamWriter writer;
-
- /**
- * <p>
- * Creates a {@code WSTrustRSTWriter} that writes {@code RequestSecurityToken} instances to the specified
- * {@code OutputStream}.
- * </p>
- *
- * @param out the stream where the request is to be written.
- * @throws ProcessingException if an error occurs while processing the request.
- */
- public WSTrustRSTWriter(OutputStream out) throws ProcessingException
- {
- this.writer = StaxUtil.getXMLStreamWriter(out);
- }
-
- /**
- * <p>
- * Creates a {@code WSTrustRSTWriter} that writes {@code RequestSecurityToken} instances to the specified
- * {@code Result}.
- * </p>
- *
- * @param result the {@code Result} where the request it to be written.
- * @throws ProcessingException if an error occurs while processing the request.
- */
- public WSTrustRSTWriter(Result result) throws ProcessingException
- {
- this.writer = StaxUtil.getXMLStreamWriter(result);
- }
-
- /**
- * <p>
- * Creates a {@code WSTrustRSTWriter} that uses the specified {@code XMLStreamWriter} to write the request
- * objects.
- * </p>
- *
- * @param writer the {@code XMLStreamWriter} to be used to write requests.
- */
- public WSTrustRSTWriter(XMLStreamWriter writer)
- {
- this.writer = writer;
- }
-
- /**
- * Write the {@code RequestSecurityTokenCollection} into the {@code OutputStream}
- * @param requestTokenCollection
- * @param out
- * @throws ProcessingException
- */
- public void write( RequestSecurityTokenCollection requestTokenCollection) throws ProcessingException
- {
- StaxUtil.writeStartElement( writer, PREFIX, RST_COLLECTION, BASE_NAMESPACE);
- StaxUtil.writeNameSpace( writer, PREFIX, BASE_NAMESPACE );
-
- List<RequestSecurityToken> tokenList = requestTokenCollection.getRequestSecurityTokens();
- if( tokenList == null )
- throw new ProcessingException( "RST list is null" );
-
- for( RequestSecurityToken token: tokenList )
- {
- write(token);
- }
-
- StaxUtil.writeEndElement( writer );
- StaxUtil.flush( writer );
- }
-
- /**
- * Write the {@code RequestSecurityToken} into the {@code OutputStream}
- * @param requestToken
- * @param out
- * @throws ProcessingException
- */
- public void write( RequestSecurityToken requestToken ) throws ProcessingException
- {
- StaxUtil.writeStartElement( writer, PREFIX, RST, BASE_NAMESPACE);
- StaxUtil.writeNameSpace( writer, PREFIX, BASE_NAMESPACE );
- String context = requestToken.getContext();
- StaxUtil.writeAttribute( writer, RST_CONTEXT, context );
-
- URI requestType = requestToken.getRequestType();
- if( requestType != null )
- {
- writeRequestType( writer, requestType );
- }
-
- URI tokenType = requestToken.getTokenType();
- if( tokenType != null )
- {
- writeTokenType( writer, tokenType );
- }
- //Deal with AppliesTo
- AppliesTo appliesTo = requestToken.getAppliesTo();
- if( appliesTo != null )
- {
- WSPolicyWriter wsPolicyWriter = new WSPolicyWriter(this.writer);
- wsPolicyWriter.write( appliesTo );
- }
-
- long keySize = requestToken.getKeySize();
- if (keySize != 0)
- {
- StaxUtil.writeStartElement(writer, PREFIX, WSTrustConstants.KEY_SIZE, BASE_NAMESPACE);
- StaxUtil.writeCharacters(writer, Long.toString(keySize));
- StaxUtil.writeEndElement(writer);
- }
-
- URI keyType = requestToken.getKeyType();
- if( keyType != null )
- {
- StaxUtil.writeStartElement( writer, PREFIX, WSTrustConstants.KEY_TYPE, BASE_NAMESPACE);
- StaxUtil.writeCharacters(writer, keyType.toString() );
- StaxUtil.writeEndElement( writer );
- }
- EntropyType entropy = requestToken.getEntropy();
- if( entropy != null )
- {
- writeEntropyType(entropy);
- }
-
- UseKeyType useKeyType = requestToken.getUseKey();
- if( useKeyType != null )
- {
- writeUseKeyType(useKeyType);
- }
-
- OnBehalfOfType onBehalfOf = requestToken.getOnBehalfOf();
- if( onBehalfOf != null )
- {
- writeOnBehalfOfType(onBehalfOf);
- }
-
- ValidateTargetType validateTarget = requestToken.getValidateTarget();
- if( validateTarget != null )
- {
- writeValidateTargetType(validateTarget);
- }
-
- CancelTargetType cancelTarget = requestToken.getCancelTarget();
- if( cancelTarget != null )
- {
- writeCancelTargetType(cancelTarget);
- }
-
- RenewTargetType renewTarget = requestToken.getRenewTarget();
- if (renewTarget != null)
- {
- writeRenewTargetType(renewTarget);
- }
-
- StaxUtil.writeEndElement( writer );
- StaxUtil.flush( writer );
- }
-
- /**
- * Write an {@code EntropyType} to stream
- * @param entropy
- * @throws ProcessingException
- */
- private void writeEntropyType(EntropyType entropy) throws ProcessingException
- {
- StaxUtil.writeStartElement( writer, PREFIX, WSTrustConstants.ENTROPY, BASE_NAMESPACE);
-
- List<Object> entropyList = entropy.getAny();
- if( entropyList != null )
- {
- for( Object entropyObj: entropyList )
- {
- if( entropyObj instanceof BinarySecretType )
- {
- BinarySecretType binarySecret = (BinarySecretType) entropyObj;
- writeBinarySecretType( writer, binarySecret );
- }
- }
- }
- StaxUtil.writeEndElement( writer );
- }
-
- /**
- * Write an {@code UseKeyType} to stream
- * @param useKeyType
- * @throws ProcessingException
- */
- private void writeUseKeyType(UseKeyType useKeyType) throws ProcessingException
- {
- StaxUtil.writeStartElement( writer, PREFIX, WSTrustConstants.USE_KEY, BASE_NAMESPACE);
-
- Object useKeyTypeValue = useKeyType.getAny();
- if( useKeyTypeValue instanceof Element )
- {
- Element domElement = (Element) useKeyTypeValue;
- StaxUtil.writeDOMElement( writer, domElement );
- }
- else if (useKeyTypeValue instanceof byte[])
- {
- byte[] certificate = (byte[]) useKeyTypeValue;
- StaxUtil.writeStartElement(writer, WSTrustConstants.XMLDSig.DSIG_PREFIX , WSTrustConstants.XMLDSig.X509CERT,
- WSTrustConstants.DSIG_NS);
- StaxUtil.writeNameSpace( writer, WSTrustConstants.XMLDSig.DSIG_PREFIX , WSTrustConstants.DSIG_NS);
- StaxUtil.writeCharacters(writer, new String(certificate));
- StaxUtil.writeEndElement(writer);
- }
- else if (useKeyTypeValue instanceof KeyValueType)
- {
- writeKeyValueType((KeyValueType) useKeyTypeValue);
- }
- else
- throw new RuntimeException( " Unknown use key type:" + useKeyTypeValue.getClass().getName() );
-
- StaxUtil.writeEndElement(writer);
- }
-
- private void writeKeyValueType(KeyValueType type) throws ProcessingException
- {
- StaxUtil.writeStartElement(writer, WSTrustConstants.XMLDSig.DSIG_PREFIX , WSTrustConstants.XMLDSig.KEYVALUE, WSTrustConstants.DSIG_NS);
- StaxUtil.writeNameSpace(writer, WSTrustConstants.XMLDSig.DSIG_PREFIX , WSTrustConstants.DSIG_NS);
- if (type.getContent().size() == 0)
- throw new ProcessingException("KeyValueType must contain at least one value");
-
- for (Object obj : type.getContent())
- {
- if (obj instanceof RSAKeyValueType)
- {
- RSAKeyValueType rsaKeyValue = (RSAKeyValueType) obj;
- writeRSAKeyValueType(rsaKeyValue);
- }
- }
- StaxUtil.writeEndElement(writer);
- }
-
- private void writeRSAKeyValueType(RSAKeyValueType type) throws ProcessingException
- {
- StaxUtil.writeStartElement(writer, "dsig", WSTrustConstants.XMLDSig.RSA_KEYVALUE , WSTrustConstants.DSIG_NS);
- // write the rsa key modulus.
- byte[] modulus = type.getModulus();
- StaxUtil.writeStartElement(writer, "dsig", WSTrustConstants.XMLDSig.MODULUS , WSTrustConstants.DSIG_NS);
- StaxUtil.writeCharacters(writer, new String(modulus));
- StaxUtil.writeEndElement(writer);
-
- // write the rsa key exponent.
- byte[] exponent = type.getExponent();
- StaxUtil.writeStartElement(writer, "dsig", WSTrustConstants.XMLDSig.EXPONENT , WSTrustConstants.DSIG_NS);
- StaxUtil.writeCharacters(writer, new String(exponent));
- StaxUtil.writeEndElement(writer);
-
- StaxUtil.writeEndElement(writer);
- }
- /**
- * Write an {@code OnBehalfOfType} to stream
- * @param onBehalfOf
- * @param out
- * @throws ProcessingException
- */
- private void writeOnBehalfOfType(OnBehalfOfType onBehalfOf) throws ProcessingException
- {
- StaxUtil.writeStartElement( writer, PREFIX, WSTrustConstants.On_BEHALF_OF, BASE_NAMESPACE);
- StaxUtil.writeCharacters(writer, "" );
-
- UsernameTokenType usernameToken = (UsernameTokenType) onBehalfOf.getAny();
- WSSecurityWriter wsseWriter = new WSSecurityWriter(this.writer);
- wsseWriter.write( usernameToken );
- StaxUtil.writeEndElement( writer );
- }
-
- /**
- * Write an {@code ValidateTargetType} to stream
- * @param validateTarget
- * @param out
- * @throws ProcessingException
- */
- private void writeValidateTargetType(ValidateTargetType validateTarget) throws ProcessingException
- {
- StaxUtil.writeStartElement( writer, PREFIX, WSTrustConstants.VALIDATE_TARGET, BASE_NAMESPACE);
-
- Object validateTargetObj = validateTarget.getAny();
- if (validateTargetObj != null)
- {
- if (validateTargetObj instanceof AssertionType)
- {
- AssertionType assertion = (AssertionType) validateTargetObj;
- SAMLAssertionWriter samlAssertionWriter = new SAMLAssertionWriter(this.writer);
- samlAssertionWriter.write(assertion);
- }
- else if (validateTargetObj instanceof Element)
- {
- StaxUtil.writeDOMElement(writer, (Element) validateTargetObj);
- }
- else
- throw new ProcessingException("Unknown validate target type=" + validateTargetObj.getClass().getName());
- }
- StaxUtil.writeEndElement( writer );
- }
-
- private void writeRenewTargetType(RenewTargetType renewTarget) throws ProcessingException
- {
- StaxUtil.writeStartElement( writer, PREFIX, WSTrustConstants.RENEW_TARGET, BASE_NAMESPACE);
-
- Object renewTargetObj = renewTarget.getAny();
- if (renewTargetObj != null)
- {
- if (renewTargetObj instanceof AssertionType)
- {
- AssertionType assertion = (AssertionType) renewTargetObj;
- SAMLAssertionWriter samlAssertionWriter = new SAMLAssertionWriter(this.writer);
- samlAssertionWriter.write(assertion);
- }
- else if (renewTargetObj instanceof Element)
- {
- StaxUtil.writeDOMElement(writer, (Element) renewTargetObj);
- }
- else
- throw new ProcessingException("Unknown renew target type=" + renewTargetObj.getClass().getName());
- }
- StaxUtil.writeEndElement( writer );
- }
-
- /**
- * Write an {@code CancelTargetType} to Stream
- * @param cancelTarget
- * @param out
- * @throws ProcessingException
- */
- private void writeCancelTargetType(CancelTargetType cancelTarget) throws ProcessingException
- {
- StaxUtil.writeStartElement( writer, PREFIX, WSTrustConstants.CANCEL_TARGET, BASE_NAMESPACE);
-
- Object cancelTargetObj = cancelTarget.getAny();
- if (cancelTargetObj != null)
- {
- if (cancelTargetObj instanceof AssertionType)
- {
- AssertionType assertion = (AssertionType) cancelTargetObj;
- SAMLAssertionWriter samlAssertionWriter = new SAMLAssertionWriter(this.writer);
- samlAssertionWriter.write(assertion);
- }
- else if (cancelTargetObj instanceof Element)
- {
- StaxUtil.writeDOMElement(writer, (Element) cancelTargetObj);
- }
- else
- throw new ProcessingException("Unknown cancel target type=" + cancelTargetObj.getClass().getName());
- }
- StaxUtil.writeEndElement( writer );
- }
-
- /**
- * Write a {@code BinarySecretType} to stream
- * @param writer
- * @param binarySecret
- * @throws ProcessingException
- */
- private void writeBinarySecretType( XMLStreamWriter writer, BinarySecretType binarySecret ) throws ProcessingException
- {
- StaxUtil.writeStartElement( writer, PREFIX, WSTrustConstants.BINARY_SECRET, BASE_NAMESPACE );
- String type = binarySecret.getType();
- StaxUtil.writeAttribute(writer, WSTrustConstants.TYPE, type );
- StaxUtil.writeCharacters(writer, new String( binarySecret.getValue() ) );
- StaxUtil.writeEndElement(writer);
- }
-
- /**
- * Write a Request Type
- * @param writer
- * @param uri
- * @throws ProcessingException
- */
- private void writeRequestType( XMLStreamWriter writer , URI uri ) throws ProcessingException
- {
- StaxUtil.writeStartElement( writer, PREFIX, WSTrustConstants.REQUEST_TYPE, BASE_NAMESPACE );
- StaxUtil.writeCharacters(writer, uri.toASCIIString() );
- StaxUtil.writeEndElement(writer);
- }
-
- /**
- * Write Token Type
- * @param writer
- * @param uri
- * @throws ProcessingException
- */
- private void writeTokenType( XMLStreamWriter writer , URI uri ) throws ProcessingException
- {
- StaxUtil.writeStartElement( writer, PREFIX, WSTrustConstants.TOKEN_TYPE, BASE_NAMESPACE );
- StaxUtil.writeCharacters(writer, uri.toASCIIString() );
- StaxUtil.writeEndElement(writer);
- }
-}
\ No newline at end of file
Copied: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/writers/WSTrustRequestWriter.java (from rev 562, federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/writers/WSTrustRSTWriter.java)
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/writers/WSTrustRequestWriter.java (rev 0)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/writers/WSTrustRequestWriter.java 2010-11-30 00:32:39 UTC (rev 567)
@@ -0,0 +1,447 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2008, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.picketlink.identity.federation.core.wstrust.writers;
+
+import static org.picketlink.identity.federation.core.wstrust.WSTrustConstants.BASE_NAMESPACE;
+import static org.picketlink.identity.federation.core.wstrust.WSTrustConstants.PREFIX;
+import static org.picketlink.identity.federation.core.wstrust.WSTrustConstants.RST;
+import static org.picketlink.identity.federation.core.wstrust.WSTrustConstants.RST_COLLECTION;
+import static org.picketlink.identity.federation.core.wstrust.WSTrustConstants.RST_CONTEXT;
+
+import java.io.OutputStream;
+import java.net.URI;
+import java.util.List;
+
+import javax.xml.stream.XMLStreamWriter;
+import javax.xml.transform.Result;
+
+import org.picketlink.identity.federation.core.exceptions.ProcessingException;
+import org.picketlink.identity.federation.core.saml.v2.writers.SAMLAssertionWriter;
+import org.picketlink.identity.federation.core.util.StaxUtil;
+import org.picketlink.identity.federation.core.wstrust.WSTrustConstants;
+import org.picketlink.identity.federation.core.wstrust.wrappers.RequestSecurityToken;
+import org.picketlink.identity.federation.core.wstrust.wrappers.RequestSecurityTokenCollection;
+import org.picketlink.identity.federation.saml.v2.assertion.AssertionType;
+import org.picketlink.identity.federation.ws.policy.AppliesTo;
+import org.picketlink.identity.federation.ws.trust.BinarySecretType;
+import org.picketlink.identity.federation.ws.trust.CancelTargetType;
+import org.picketlink.identity.federation.ws.trust.EntropyType;
+import org.picketlink.identity.federation.ws.trust.OnBehalfOfType;
+import org.picketlink.identity.federation.ws.trust.RenewTargetType;
+import org.picketlink.identity.federation.ws.trust.UseKeyType;
+import org.picketlink.identity.federation.ws.trust.ValidateTargetType;
+import org.picketlink.identity.federation.ws.wss.secext.UsernameTokenType;
+import org.picketlink.identity.xmlsec.w3.xmldsig.KeyValueType;
+import org.picketlink.identity.xmlsec.w3.xmldsig.RSAKeyValueType;
+import org.w3c.dom.Element;
+
+/**
+ * Given a {@code RequestSecurityToken}, write into an {@code OutputStream}
+ * @author Anil.Saldhana at redhat.com
+ * @since Oct 19, 2010
+ */
+public class WSTrustRequestWriter
+{
+ private XMLStreamWriter writer;
+
+ /**
+ * <p>
+ * Creates a {@code WSTrustRequestWriter} that writes {@code RequestSecurityToken} instances to the specified
+ * {@code OutputStream}.
+ * </p>
+ *
+ * @param out the stream where the request is to be written.
+ * @throws ProcessingException if an error occurs while processing the request.
+ */
+ public WSTrustRequestWriter(OutputStream out) throws ProcessingException
+ {
+ this.writer = StaxUtil.getXMLStreamWriter(out);
+ }
+
+ /**
+ * <p>
+ * Creates a {@code WSTrustRequestWriter} that writes {@code RequestSecurityToken} instances to the specified
+ * {@code Result}.
+ * </p>
+ *
+ * @param result the {@code Result} where the request it to be written.
+ * @throws ProcessingException if an error occurs while processing the request.
+ */
+ public WSTrustRequestWriter(Result result) throws ProcessingException
+ {
+ this.writer = StaxUtil.getXMLStreamWriter(result);
+ }
+
+ /**
+ * <p>
+ * Creates a {@code WSTrustRequestWriter} that uses the specified {@code XMLStreamWriter} to write the request
+ * objects.
+ * </p>
+ *
+ * @param writer the {@code XMLStreamWriter} to be used to write requests.
+ */
+ public WSTrustRequestWriter(XMLStreamWriter writer)
+ {
+ this.writer = writer;
+ }
+
+ /**
+ * Write the {@code RequestSecurityTokenCollection} into the {@code OutputStream}
+ * @param requestTokenCollection
+ * @param out
+ * @throws ProcessingException
+ */
+ public void write( RequestSecurityTokenCollection requestTokenCollection) throws ProcessingException
+ {
+ StaxUtil.writeStartElement( writer, PREFIX, RST_COLLECTION, BASE_NAMESPACE);
+ StaxUtil.writeNameSpace( writer, PREFIX, BASE_NAMESPACE );
+
+ List<RequestSecurityToken> tokenList = requestTokenCollection.getRequestSecurityTokens();
+ if( tokenList == null )
+ throw new ProcessingException( "RST list is null" );
+
+ for( RequestSecurityToken token: tokenList )
+ {
+ write(token);
+ }
+
+ StaxUtil.writeEndElement( writer );
+ StaxUtil.flush( writer );
+ }
+
+ /**
+ * Write the {@code RequestSecurityToken} into the {@code OutputStream}
+ * @param requestToken
+ * @param out
+ * @throws ProcessingException
+ */
+ public void write( RequestSecurityToken requestToken ) throws ProcessingException
+ {
+ StaxUtil.writeStartElement( writer, PREFIX, RST, BASE_NAMESPACE);
+ StaxUtil.writeNameSpace( writer, PREFIX, BASE_NAMESPACE );
+ String context = requestToken.getContext();
+ StaxUtil.writeAttribute( writer, RST_CONTEXT, context );
+
+ URI requestType = requestToken.getRequestType();
+ if( requestType != null )
+ {
+ writeRequestType( writer, requestType );
+ }
+
+ URI tokenType = requestToken.getTokenType();
+ if( tokenType != null )
+ {
+ writeTokenType( writer, tokenType );
+ }
+ //Deal with AppliesTo
+ AppliesTo appliesTo = requestToken.getAppliesTo();
+ if( appliesTo != null )
+ {
+ WSPolicyWriter wsPolicyWriter = new WSPolicyWriter(this.writer);
+ wsPolicyWriter.write( appliesTo );
+ }
+
+ long keySize = requestToken.getKeySize();
+ if (keySize != 0)
+ {
+ StaxUtil.writeStartElement(writer, PREFIX, WSTrustConstants.KEY_SIZE, BASE_NAMESPACE);
+ StaxUtil.writeCharacters(writer, Long.toString(keySize));
+ StaxUtil.writeEndElement(writer);
+ }
+
+ URI keyType = requestToken.getKeyType();
+ if( keyType != null )
+ {
+ StaxUtil.writeStartElement( writer, PREFIX, WSTrustConstants.KEY_TYPE, BASE_NAMESPACE);
+ StaxUtil.writeCharacters(writer, keyType.toString() );
+ StaxUtil.writeEndElement( writer );
+ }
+ EntropyType entropy = requestToken.getEntropy();
+ if( entropy != null )
+ {
+ writeEntropyType(entropy);
+ }
+
+ UseKeyType useKeyType = requestToken.getUseKey();
+ if( useKeyType != null )
+ {
+ writeUseKeyType(useKeyType);
+ }
+
+ OnBehalfOfType onBehalfOf = requestToken.getOnBehalfOf();
+ if( onBehalfOf != null )
+ {
+ writeOnBehalfOfType(onBehalfOf);
+ }
+
+ ValidateTargetType validateTarget = requestToken.getValidateTarget();
+ if( validateTarget != null )
+ {
+ writeValidateTargetType(validateTarget);
+ }
+
+ CancelTargetType cancelTarget = requestToken.getCancelTarget();
+ if( cancelTarget != null )
+ {
+ writeCancelTargetType(cancelTarget);
+ }
+
+ RenewTargetType renewTarget = requestToken.getRenewTarget();
+ if (renewTarget != null)
+ {
+ writeRenewTargetType(renewTarget);
+ }
+
+ StaxUtil.writeEndElement( writer );
+ StaxUtil.flush( writer );
+ }
+
+ /**
+ * Write an {@code EntropyType} to stream
+ * @param entropy
+ * @throws ProcessingException
+ */
+ private void writeEntropyType(EntropyType entropy) throws ProcessingException
+ {
+ StaxUtil.writeStartElement( writer, PREFIX, WSTrustConstants.ENTROPY, BASE_NAMESPACE);
+
+ List<Object> entropyList = entropy.getAny();
+ if( entropyList != null )
+ {
+ for( Object entropyObj: entropyList )
+ {
+ if( entropyObj instanceof BinarySecretType )
+ {
+ BinarySecretType binarySecret = (BinarySecretType) entropyObj;
+ writeBinarySecretType( writer, binarySecret );
+ }
+ }
+ }
+ StaxUtil.writeEndElement( writer );
+ }
+
+ /**
+ * Write an {@code UseKeyType} to stream
+ * @param useKeyType
+ * @throws ProcessingException
+ */
+ private void writeUseKeyType(UseKeyType useKeyType) throws ProcessingException
+ {
+ StaxUtil.writeStartElement( writer, PREFIX, WSTrustConstants.USE_KEY, BASE_NAMESPACE);
+
+ Object useKeyTypeValue = useKeyType.getAny();
+ if( useKeyTypeValue instanceof Element )
+ {
+ Element domElement = (Element) useKeyTypeValue;
+ StaxUtil.writeDOMElement( writer, domElement );
+ }
+ else if (useKeyTypeValue instanceof byte[])
+ {
+ byte[] certificate = (byte[]) useKeyTypeValue;
+ StaxUtil.writeStartElement(writer, WSTrustConstants.XMLDSig.DSIG_PREFIX , WSTrustConstants.XMLDSig.X509CERT,
+ WSTrustConstants.DSIG_NS);
+ StaxUtil.writeNameSpace( writer, WSTrustConstants.XMLDSig.DSIG_PREFIX , WSTrustConstants.DSIG_NS);
+ StaxUtil.writeCharacters(writer, new String(certificate));
+ StaxUtil.writeEndElement(writer);
+ }
+ else if (useKeyTypeValue instanceof KeyValueType)
+ {
+ writeKeyValueType((KeyValueType) useKeyTypeValue);
+ }
+ else
+ throw new RuntimeException( " Unknown use key type:" + useKeyTypeValue.getClass().getName() );
+
+ StaxUtil.writeEndElement(writer);
+ }
+
+ private void writeKeyValueType(KeyValueType type) throws ProcessingException
+ {
+ StaxUtil.writeStartElement(writer, WSTrustConstants.XMLDSig.DSIG_PREFIX , WSTrustConstants.XMLDSig.KEYVALUE, WSTrustConstants.DSIG_NS);
+ StaxUtil.writeNameSpace(writer, WSTrustConstants.XMLDSig.DSIG_PREFIX , WSTrustConstants.DSIG_NS);
+ if (type.getContent().size() == 0)
+ throw new ProcessingException("KeyValueType must contain at least one value");
+
+ for (Object obj : type.getContent())
+ {
+ if (obj instanceof RSAKeyValueType)
+ {
+ RSAKeyValueType rsaKeyValue = (RSAKeyValueType) obj;
+ writeRSAKeyValueType(rsaKeyValue);
+ }
+ }
+ StaxUtil.writeEndElement(writer);
+ }
+
+ private void writeRSAKeyValueType(RSAKeyValueType type) throws ProcessingException
+ {
+ StaxUtil.writeStartElement(writer, "dsig", WSTrustConstants.XMLDSig.RSA_KEYVALUE , WSTrustConstants.DSIG_NS);
+ // write the rsa key modulus.
+ byte[] modulus = type.getModulus();
+ StaxUtil.writeStartElement(writer, "dsig", WSTrustConstants.XMLDSig.MODULUS , WSTrustConstants.DSIG_NS);
+ StaxUtil.writeCharacters(writer, new String(modulus));
+ StaxUtil.writeEndElement(writer);
+
+ // write the rsa key exponent.
+ byte[] exponent = type.getExponent();
+ StaxUtil.writeStartElement(writer, "dsig", WSTrustConstants.XMLDSig.EXPONENT , WSTrustConstants.DSIG_NS);
+ StaxUtil.writeCharacters(writer, new String(exponent));
+ StaxUtil.writeEndElement(writer);
+
+ StaxUtil.writeEndElement(writer);
+ }
+ /**
+ * Write an {@code OnBehalfOfType} to stream
+ * @param onBehalfOf
+ * @param out
+ * @throws ProcessingException
+ */
+ private void writeOnBehalfOfType(OnBehalfOfType onBehalfOf) throws ProcessingException
+ {
+ StaxUtil.writeStartElement( writer, PREFIX, WSTrustConstants.ON_BEHALF_OF, BASE_NAMESPACE);
+ UsernameTokenType usernameToken = (UsernameTokenType) onBehalfOf.getAny();
+ WSSecurityWriter wsseWriter = new WSSecurityWriter(this.writer);
+ wsseWriter.write( usernameToken );
+ StaxUtil.writeEndElement( writer );
+ }
+
+ /**
+ * Write an {@code ValidateTargetType} to stream
+ * @param validateTarget
+ * @param out
+ * @throws ProcessingException
+ */
+ private void writeValidateTargetType(ValidateTargetType validateTarget) throws ProcessingException
+ {
+ StaxUtil.writeStartElement( writer, PREFIX, WSTrustConstants.VALIDATE_TARGET, BASE_NAMESPACE);
+
+ Object validateTargetObj = validateTarget.getAny();
+ if (validateTargetObj != null)
+ {
+ if (validateTargetObj instanceof AssertionType)
+ {
+ AssertionType assertion = (AssertionType) validateTargetObj;
+ SAMLAssertionWriter samlAssertionWriter = new SAMLAssertionWriter(this.writer);
+ samlAssertionWriter.write(assertion);
+ }
+ else if (validateTargetObj instanceof Element)
+ {
+ StaxUtil.writeDOMElement(writer, (Element) validateTargetObj);
+ }
+ else
+ throw new ProcessingException("Unknown validate target type=" + validateTargetObj.getClass().getName());
+ }
+ StaxUtil.writeEndElement( writer );
+ }
+
+ private void writeRenewTargetType(RenewTargetType renewTarget) throws ProcessingException
+ {
+ StaxUtil.writeStartElement( writer, PREFIX, WSTrustConstants.RENEW_TARGET, BASE_NAMESPACE);
+
+ Object renewTargetObj = renewTarget.getAny();
+ if (renewTargetObj != null)
+ {
+ if (renewTargetObj instanceof AssertionType)
+ {
+ AssertionType assertion = (AssertionType) renewTargetObj;
+ SAMLAssertionWriter samlAssertionWriter = new SAMLAssertionWriter(this.writer);
+ samlAssertionWriter.write(assertion);
+ }
+ else if (renewTargetObj instanceof Element)
+ {
+ StaxUtil.writeDOMElement(writer, (Element) renewTargetObj);
+ }
+ else
+ throw new ProcessingException("Unknown renew target type=" + renewTargetObj.getClass().getName());
+ }
+ StaxUtil.writeEndElement( writer );
+ }
+
+ /**
+ * Write an {@code CancelTargetType} to Stream
+ * @param cancelTarget
+ * @param out
+ * @throws ProcessingException
+ */
+ private void writeCancelTargetType(CancelTargetType cancelTarget) throws ProcessingException
+ {
+ StaxUtil.writeStartElement( writer, PREFIX, WSTrustConstants.CANCEL_TARGET, BASE_NAMESPACE);
+
+ Object cancelTargetObj = cancelTarget.getAny();
+ if (cancelTargetObj != null)
+ {
+ if (cancelTargetObj instanceof AssertionType)
+ {
+ AssertionType assertion = (AssertionType) cancelTargetObj;
+ SAMLAssertionWriter samlAssertionWriter = new SAMLAssertionWriter(this.writer);
+ samlAssertionWriter.write(assertion);
+ }
+ else if (cancelTargetObj instanceof Element)
+ {
+ StaxUtil.writeDOMElement(writer, (Element) cancelTargetObj);
+ }
+ else
+ throw new ProcessingException("Unknown cancel target type=" + cancelTargetObj.getClass().getName());
+ }
+ StaxUtil.writeEndElement( writer );
+ }
+
+ /**
+ * Write a {@code BinarySecretType} to stream
+ * @param writer
+ * @param binarySecret
+ * @throws ProcessingException
+ */
+ private void writeBinarySecretType( XMLStreamWriter writer, BinarySecretType binarySecret ) throws ProcessingException
+ {
+ StaxUtil.writeStartElement( writer, PREFIX, WSTrustConstants.BINARY_SECRET, BASE_NAMESPACE );
+ String type = binarySecret.getType();
+ StaxUtil.writeAttribute(writer, WSTrustConstants.TYPE, type );
+ StaxUtil.writeCharacters(writer, new String( binarySecret.getValue() ) );
+ StaxUtil.writeEndElement(writer);
+ }
+
+ /**
+ * Write a Request Type
+ * @param writer
+ * @param uri
+ * @throws ProcessingException
+ */
+ private void writeRequestType( XMLStreamWriter writer , URI uri ) throws ProcessingException
+ {
+ StaxUtil.writeStartElement( writer, PREFIX, WSTrustConstants.REQUEST_TYPE, BASE_NAMESPACE );
+ StaxUtil.writeCharacters(writer, uri.toASCIIString() );
+ StaxUtil.writeEndElement(writer);
+ }
+
+ /**
+ * Write Token Type
+ * @param writer
+ * @param uri
+ * @throws ProcessingException
+ */
+ private void writeTokenType( XMLStreamWriter writer , URI uri ) throws ProcessingException
+ {
+ StaxUtil.writeStartElement( writer, PREFIX, WSTrustConstants.TOKEN_TYPE, BASE_NAMESPACE );
+ StaxUtil.writeCharacters(writer, uri.toASCIIString() );
+ StaxUtil.writeEndElement(writer);
+ }
+}
\ No newline at end of file
Added: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/writers/WSTrustResponseWriter.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/writers/WSTrustResponseWriter.java (rev 0)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/writers/WSTrustResponseWriter.java 2010-11-30 00:32:39 UTC (rev 567)
@@ -0,0 +1,312 @@
+/*
+ * JBoss, Home of Professional Open Source. Copyright 2008, Red Hat Middleware LLC, and individual contributors as
+ * indicated by the @author tags. See the copyright.txt file in the distribution for a full listing of individual
+ * contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either version 2.1 of the License, or (at your option) any
+ * later version.
+ *
+ * This software is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied
+ * warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
+ * details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License along with this software; if not, write to
+ * the Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA, or see the FSF site:
+ * http://www.fsf.org.
+ */
+package org.picketlink.identity.federation.core.wstrust.writers;
+
+import java.io.OutputStream;
+import java.util.List;
+
+import javax.xml.stream.XMLStreamWriter;
+import javax.xml.transform.Result;
+
+import org.picketlink.identity.federation.core.exceptions.ProcessingException;
+import org.picketlink.identity.federation.core.saml.v2.writers.SAMLAssertionWriter;
+import org.picketlink.identity.federation.core.util.StaxUtil;
+import org.picketlink.identity.federation.core.wstrust.WSTrustConstants;
+import org.picketlink.identity.federation.core.wstrust.wrappers.Lifetime;
+import org.picketlink.identity.federation.core.wstrust.wrappers.RequestSecurityTokenResponse;
+import org.picketlink.identity.federation.core.wstrust.wrappers.RequestSecurityTokenResponseCollection;
+import org.picketlink.identity.federation.saml.v2.assertion.AssertionType;
+import org.picketlink.identity.federation.ws.trust.BinarySecretType;
+import org.picketlink.identity.federation.ws.trust.ComputedKeyType;
+import org.picketlink.identity.federation.ws.trust.EntropyType;
+import org.picketlink.identity.federation.ws.trust.RequestedProofTokenType;
+import org.picketlink.identity.federation.ws.trust.RequestedReferenceType;
+import org.picketlink.identity.federation.ws.trust.StatusType;
+import org.w3c.dom.Element;
+
+/**
+ * <p>
+ * A Stax writer for WS-Trust response messages.
+ * </p>
+ *
+ * @author <a href="mailto:sguilhen at redhat.com">Stefan Guilhen</a>
+ */
+public class WSTrustResponseWriter
+{
+ private XMLStreamWriter writer;
+
+ /**
+ * <p>
+ * Creates a {@code WSTrustResponseWriter} instance that writes WS-Trust response messages to the specified {@code
+ * OutputStream}.
+ * </p>
+ *
+ * @param stream
+ * the where the response is to be written.
+ * @throws ProcessingException
+ * if an error occurs when creating the {@code XMLStreamWriter} for the specified stream.
+ */
+ public WSTrustResponseWriter(OutputStream stream) throws ProcessingException
+ {
+ this.writer = StaxUtil.getXMLStreamWriter(stream);
+ }
+
+ /**
+ * <p>
+ * Creates a {@code WSTrustResponseWriter} instance that writes WS-Trust response messages to the specified {@code
+ * Result}.
+ * </p>
+ *
+ * @param result
+ * the {@code Result} object where the response is to be written.
+ * @throws ProcessingException
+ * if an error occurs when creating the {@code XMLStreamWriter} for the specified result.
+ */
+ public WSTrustResponseWriter(Result result) throws ProcessingException
+ {
+ this.writer = StaxUtil.getXMLStreamWriter(result);
+ }
+
+ /**
+ * <p>
+ * Creates a {@code WSTrustResponseWriter} instance that uses the specified {@code XMLStreamWriter} to write the
+ * WS-Trust response messages.
+ * </p>
+ *
+ * @param writer
+ * the {@code XMLStreamWriter} that will be used to write the response messages.
+ */
+ public WSTrustResponseWriter(XMLStreamWriter writer)
+ {
+ this.writer = writer;
+ }
+
+ /**
+ * <p>
+ * Writes the WS-Trust response message represented by the specified {@code RequestSecurityTokenResponseCollection}
+ * object.
+ * </p>
+ *
+ * @param collection
+ * the object that contains the WS-Trust response message to be written.
+ * @throws ProcessingException
+ * if an error occurs while writing the response message.
+ */
+ public void write(RequestSecurityTokenResponseCollection collection) throws ProcessingException
+ {
+ // write the "root" response collection element with its namespace.
+ StaxUtil.writeStartElement(this.writer, WSTrustConstants.PREFIX, WSTrustConstants.RSTR_COLLECTION,
+ WSTrustConstants.BASE_NAMESPACE);
+ StaxUtil.writeNameSpace(this.writer, WSTrustConstants.PREFIX, WSTrustConstants.BASE_NAMESPACE);
+
+ // write all individual response messages.
+ List<RequestSecurityTokenResponse> responses = collection.getRequestSecurityTokenResponses();
+ if (responses == null)
+ throw new ProcessingException("WS-Trust response message doesn't contain any response");
+
+ for (RequestSecurityTokenResponse response : responses)
+ this.write(response);
+
+ // write the response collection end element.
+ StaxUtil.writeEndElement(this.writer);
+ StaxUtil.flush(this.writer);
+ }
+
+ private void write(RequestSecurityTokenResponse response) throws ProcessingException
+ {
+ // write the response element and the context attribute.
+ StaxUtil.writeStartElement(this.writer, WSTrustConstants.PREFIX, WSTrustConstants.RSTR,
+ WSTrustConstants.BASE_NAMESPACE);
+ String context = response.getContext();
+ StaxUtil.writeAttribute(this.writer, WSTrustConstants.RST_CONTEXT, context);
+
+ // write the token type, if available.
+ if (response.getTokenType() != null)
+ {
+ StaxUtil.writeStartElement(this.writer, WSTrustConstants.PREFIX, WSTrustConstants.TOKEN_TYPE,
+ WSTrustConstants.BASE_NAMESPACE);
+ StaxUtil.writeCharacters(this.writer, response.getTokenType().toASCIIString());
+ StaxUtil.writeEndElement(this.writer);
+ }
+
+ // write the token lifetime, if available.
+ if (response.getLifetime() != null)
+ {
+ Lifetime lifetime = response.getLifetime();
+ StaxUtil.writeStartElement(this.writer, WSTrustConstants.PREFIX, WSTrustConstants.LIFETIME,
+ WSTrustConstants.BASE_NAMESPACE);
+ new WSSecurityWriter(this.writer).writeLifetime(lifetime.getCreated(), lifetime.getExpires());
+ StaxUtil.writeEndElement(this.writer);
+ }
+
+ // write the applies-to element, if available.
+ if (response.getAppliesTo() != null)
+ {
+ WSPolicyWriter policyWriter = new WSPolicyWriter(this.writer);
+ policyWriter.write(response.getAppliesTo());
+ }
+
+ // write the key size, if available.
+ if (response.getKeySize() != 0)
+ {
+ StaxUtil.writeStartElement(this.writer, WSTrustConstants.PREFIX, WSTrustConstants.KEY_SIZE,
+ WSTrustConstants.BASE_NAMESPACE);
+ StaxUtil.writeCharacters(this.writer, Long.toString(response.getKeySize()));
+ StaxUtil.writeEndElement(this.writer);
+ }
+
+ // write the key type, if available.
+ if (response.getKeyType() != null)
+ {
+ StaxUtil.writeStartElement(this.writer, WSTrustConstants.PREFIX, WSTrustConstants.KEY_TYPE,
+ WSTrustConstants.BASE_NAMESPACE);
+ StaxUtil.writeCharacters(this.writer, response.getKeyType().toString());
+ StaxUtil.writeEndElement(this.writer);
+ }
+
+ // write the security token, if available.
+ if (response.getRequestedSecurityToken() != null)
+ {
+ StaxUtil.writeStartElement(this.writer, WSTrustConstants.PREFIX, WSTrustConstants.REQUESTED_TOKEN,
+ WSTrustConstants.BASE_NAMESPACE);
+ Object securityToken = response.getRequestedSecurityToken().getAny();
+ if (securityToken != null)
+ {
+ if (securityToken instanceof AssertionType)
+ {
+ AssertionType assertion = (AssertionType) securityToken;
+ SAMLAssertionWriter samlAssertionWriter = new SAMLAssertionWriter(this.writer);
+ samlAssertionWriter.write(assertion);
+ }
+ else if (securityToken instanceof Element)
+ {
+ StaxUtil.writeDOMElement(this.writer, (Element) securityToken);
+ }
+ else
+ throw new ProcessingException("Unknown security token type=" + securityToken.getClass().getName());
+ }
+ StaxUtil.writeEndElement(this.writer);
+ }
+
+ // write the attached reference, if available.
+ if (response.getRequestedAttachedReference() != null)
+ {
+ RequestedReferenceType ref = response.getRequestedAttachedReference();
+ StaxUtil.writeStartElement(this.writer, WSTrustConstants.PREFIX,
+ WSTrustConstants.REQUESTED_ATTACHED_REFERENCE, WSTrustConstants.BASE_NAMESPACE);
+ new WSSecurityWriter(this.writer).writeSecurityTokenReference(ref.getSecurityTokenReference());
+ StaxUtil.writeEndElement(this.writer);
+ }
+
+ // write the requested proof token, if available.
+ if (response.getRequestedProofToken() != null)
+ {
+ RequestedProofTokenType requestedProof = response.getRequestedProofToken();
+ Object content = requestedProof.getAny();
+ if (content == null)
+ throw new ProcessingException("RequestedProofToken context cannot be empty");
+
+ StaxUtil.writeStartElement(this.writer, WSTrustConstants.PREFIX, WSTrustConstants.REQUESTED_PROOF_TOKEN,
+ WSTrustConstants.BASE_NAMESPACE);
+ if (content instanceof BinarySecretType)
+ {
+ BinarySecretType binarySecret = (BinarySecretType) content;
+ StaxUtil.writeStartElement(this.writer, WSTrustConstants.PREFIX, WSTrustConstants.BINARY_SECRET,
+ WSTrustConstants.BASE_NAMESPACE);
+ StaxUtil.writeAttribute(this.writer, WSTrustConstants.TYPE, binarySecret.getType());
+ StaxUtil.writeCharacters(this.writer, new String(binarySecret.getValue()));
+ StaxUtil.writeEndElement(this.writer);
+ }
+ else if (content instanceof ComputedKeyType)
+ {
+ ComputedKeyType computedKey = (ComputedKeyType) content;
+ StaxUtil.writeStartElement(this.writer, WSTrustConstants.PREFIX, WSTrustConstants.COMPUTED_KEY,
+ WSTrustConstants.BASE_NAMESPACE);
+ StaxUtil.writeCharacters(this.writer, computedKey.getAlgorithm());
+ StaxUtil.writeEndElement(this.writer);
+ }
+ StaxUtil.writeEndElement(this.writer);
+ }
+
+ // write the server entropy, if available.
+ if (response.getEntropy() != null)
+ {
+ EntropyType entropy = response.getEntropy();
+ StaxUtil.writeStartElement(this.writer, WSTrustConstants.PREFIX, WSTrustConstants.ENTROPY,
+ WSTrustConstants.BASE_NAMESPACE);
+
+ List<Object> entropyList = entropy.getAny();
+ if (entropyList != null && entropyList.size() != 0)
+ {
+ for (Object entropyObj : entropyList)
+ {
+ if (entropyObj instanceof BinarySecretType)
+ {
+ BinarySecretType binarySecret = (BinarySecretType) entropyObj;
+ StaxUtil.writeStartElement(this.writer, WSTrustConstants.PREFIX, WSTrustConstants.BINARY_SECRET,
+ WSTrustConstants.BASE_NAMESPACE);
+ StaxUtil.writeAttribute(this.writer, WSTrustConstants.TYPE, binarySecret.getType());
+ StaxUtil.writeCharacters(this.writer, new String(binarySecret.getValue()));
+ StaxUtil.writeEndElement(this.writer);
+ }
+ }
+ }
+ StaxUtil.writeEndElement(writer);
+ }
+
+ // write the validation status, if available.
+ if (response.getStatus() != null)
+ {
+ StatusType status = response.getStatus();
+ StaxUtil.writeStartElement(this.writer, WSTrustConstants.PREFIX, WSTrustConstants.STATUS,
+ WSTrustConstants.BASE_NAMESPACE);
+
+ // write the status code.
+ if (status.getCode() == null || status.getCode() == "")
+ throw new ProcessingException("Validation status code is missing");
+ StaxUtil.writeStartElement(this.writer, WSTrustConstants.PREFIX, WSTrustConstants.CODE,
+ WSTrustConstants.BASE_NAMESPACE);
+ StaxUtil.writeCharacters(this.writer, response.getStatus().getCode());
+ StaxUtil.writeEndElement(this.writer);
+
+ // write the status reason, if available.
+ if (status.getReason() != null)
+ {
+ StaxUtil.writeStartElement(this.writer, WSTrustConstants.PREFIX, WSTrustConstants.REASON,
+ WSTrustConstants.BASE_NAMESPACE);
+ StaxUtil.writeCharacters(this.writer, response.getStatus().getReason());
+ StaxUtil.writeEndElement(this.writer);
+ }
+
+ // write the status end element.
+ StaxUtil.writeEndElement(this.writer);
+ }
+
+ // write the cancel status, if available.
+ if (response.getRequestedTokenCancelled() != null)
+ {
+ StaxUtil.writeStartElement(this.writer, WSTrustConstants.PREFIX, WSTrustConstants.REQUESTED_TOKEN_CANCELLED,
+ WSTrustConstants.BASE_NAMESPACE);
+ StaxUtil.writeEndElement(this.writer);
+ }
+
+ // write the response end element.
+ StaxUtil.writeEndElement(this.writer);
+ StaxUtil.flush(writer);
+ }
+}
Deleted: federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/WST_SAML_ParsingPerfTestCase.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/WST_SAML_ParsingPerfTestCase.java 2010-11-25 22:20:20 UTC (rev 566)
+++ federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/WST_SAML_ParsingPerfTestCase.java 2010-11-30 00:32:39 UTC (rev 567)
@@ -1,100 +0,0 @@
-/*
- * JBoss, Home of Professional Open Source.
- * Copyright 2008, Red Hat Middleware LLC, and individual contributors
- * as indicated by the @author tags. See the copyright.txt file in the
- * distribution for a full listing of individual contributors.
- *
- * This is free software; you can redistribute it and/or modify it
- * under the terms of the GNU Lesser General Public License as
- * published by the Free Software Foundation; either version 2.1 of
- * the License, or (at your option) any later version.
- *
- * This software is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public
- * License along with this software; if not, write to the Free
- * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
- * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
- */
-package org.picketlink.test.identity.federation.core.parser;
-
-import java.io.ByteArrayInputStream;
-import java.io.InputStream;
-
-import javax.xml.transform.Source;
-
-import org.junit.Ignore;
-import org.junit.Test;
-import org.picketlink.identity.federation.core.parsers.wst.WSTrustParser;
-import org.picketlink.identity.federation.core.saml.v2.util.DocumentUtil;
-import org.picketlink.identity.federation.core.wstrust.WSTrustJAXBFactory;
-import org.w3c.dom.Document;
-
-/**
- * Some simple perf tests
- * @author Anil.Saldhana at redhat.com
- * @since Oct 14, 2010
- */
-public class WST_SAML_ParsingPerfTestCase
-{
- private int runs = 5000;
-
- String fileName = "parser/perf/wst-batch-validate-one.xml";
-
- /**
- * This test just tests some saml/wst payload performance
- * using JAXB and Stax.
- *
- * <b>NOTE:</b> For the test to work, just comment out @Ignore
- * @throws Exception
- */
- @Test
- @Ignore
- public void testParsingPerformance() throws Exception
- {
- ClassLoader tcl = Thread.currentThread().getContextClassLoader();
- InputStream configStream = tcl.getResourceAsStream( fileName );
-
- Document doc = DocumentUtil.getDocument( configStream );
- Source source = DocumentUtil.getXMLSource(doc);
-
-
- //JAXB way
- long start = System.currentTimeMillis();
- for( int i = 0 ; i < runs; i++ )
- {
- useJAXB( source );
- }
- long elapsedTimeMillis = System.currentTimeMillis() - start;
- System.out.println("JAXB, time spent for " + runs
- + " iterations = " + elapsedTimeMillis + " ms or " + elapsedTimeMillis/1000F + " secs");
-
- configStream = tcl.getResourceAsStream( fileName );
- byte[] xmlData = new byte[ configStream.available() ];
- configStream.read( xmlData );
-
- //Stax Way
- start = System.currentTimeMillis();
- for( int i = 0 ; i < runs; i++ )
- {
- useStax( new ByteArrayInputStream( xmlData ) );
- }
- elapsedTimeMillis = System.currentTimeMillis() - start;
- System.out.println("STAX, time spent for " + runs
- + " iterations = " + elapsedTimeMillis + " ms or " + elapsedTimeMillis/1000F + " secs");
- }
-
- private void useJAXB( Source source ) throws Exception
- {
- WSTrustJAXBFactory.getInstance().parseRequestSecurityToken(source);
- }
-
- private void useStax( InputStream configStream ) throws Exception
- {
- WSTrustParser parser = new WSTrustParser();
- parser.parse( configStream );
- }
-}
\ No newline at end of file
Modified: federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/wst/WSTResponseAssertionHOKCertificateTestCase.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/wst/WSTResponseAssertionHOKCertificateTestCase.java 2010-11-25 22:20:20 UTC (rev 566)
+++ federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/wst/WSTResponseAssertionHOKCertificateTestCase.java 2010-11-30 00:32:39 UTC (rev 567)
@@ -27,13 +27,13 @@
import java.io.InputStream;
import java.util.Map;
-import javax.xml.bind.JAXBElement;
import javax.xml.namespace.QName;
import org.junit.Test;
import org.picketlink.identity.federation.core.parsers.wst.WSTrustParser;
import org.picketlink.identity.federation.core.saml.v2.util.XMLTimeUtil;
import org.picketlink.identity.federation.core.wstrust.WSTrustConstants;
+import org.picketlink.identity.federation.core.wstrust.plugins.saml.SAMLUtil;
import org.picketlink.identity.federation.core.wstrust.wrappers.RequestSecurityTokenResponse;
import org.picketlink.identity.federation.core.wstrust.wrappers.RequestSecurityTokenResponseCollection;
import org.picketlink.identity.federation.saml.v2.assertion.AssertionType;
@@ -41,6 +41,7 @@
import org.picketlink.identity.federation.ws.trust.RequestedReferenceType;
import org.picketlink.identity.federation.ws.wss.secext.KeyIdentifierType;
import org.picketlink.identity.federation.ws.wss.secext.SecurityTokenReferenceType;
+import org.w3c.dom.Element;
/**
* @author Anil.Saldhana at redhat.com
@@ -68,13 +69,14 @@
assertEquals( XMLTimeUtil.parse( "2010-11-11T16:34:19.602Z" ), rstr.getLifetime().getCreated() );
assertEquals( XMLTimeUtil.parse( "2010-11-11T18:34:19.602Z" ), rstr.getLifetime().getExpires() );
- EndpointReferenceType endpoint = (EndpointReferenceType)((JAXBElement) rstr.getAppliesTo().getAny().get(0)).getValue();
+ EndpointReferenceType endpoint = (EndpointReferenceType) rstr.getAppliesTo().getAny().get(0);
assertEquals( "http://services.testcorp.org/provider2", endpoint.getAddress().getValue() );
assertEquals( 128, rstr.getKeySize() );
assertEquals( WSTrustConstants.KEY_TYPE_PUBLIC, rstr.getKeyType().toASCIIString() );
- AssertionType assertion = (AssertionType) rstr.getRequestedSecurityToken().getAny();
+ Element assertionElement = (Element) rstr.getRequestedSecurityToken().getAny();
+ AssertionType assertion = SAMLUtil.fromElement(assertionElement);
assertEquals( "ID_5a15fc70-daa1-4808-b70e-9cbf6b8e4d4f", assertion.getID() );
RequestedReferenceType ref = rstr.getRequestedAttachedReference();
Modified: federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/wst/WSTrustBatchValidateParsingTestCase.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/wst/WSTrustBatchValidateParsingTestCase.java 2010-11-25 22:20:20 UTC (rev 566)
+++ federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/wst/WSTrustBatchValidateParsingTestCase.java 2010-11-30 00:32:39 UTC (rev 567)
@@ -35,7 +35,7 @@
import org.picketlink.identity.federation.core.wstrust.WSTrustConstants;
import org.picketlink.identity.federation.core.wstrust.wrappers.RequestSecurityToken;
import org.picketlink.identity.federation.core.wstrust.wrappers.RequestSecurityTokenCollection;
-import org.picketlink.identity.federation.core.wstrust.writers.WSTrustRSTWriter;
+import org.picketlink.identity.federation.core.wstrust.writers.WSTrustRequestWriter;
/**
* Validate the parsing of wst-batch-validate.xml
@@ -69,7 +69,7 @@
//Now for the writing part
ByteArrayOutputStream baos = new ByteArrayOutputStream();
- WSTrustRSTWriter rstWriter = new WSTrustRSTWriter(baos);
+ WSTrustRequestWriter rstWriter = new WSTrustRequestWriter(baos);
rstWriter.write( requestCollection );
Modified: federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/wst/WSTrustCancelTargetSamlTestCase.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/wst/WSTrustCancelTargetSamlTestCase.java 2010-11-25 22:20:20 UTC (rev 566)
+++ federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/wst/WSTrustCancelTargetSamlTestCase.java 2010-11-30 00:32:39 UTC (rev 567)
@@ -38,7 +38,7 @@
import org.picketlink.identity.federation.core.saml.v2.util.DocumentUtil;
import org.picketlink.identity.federation.core.wstrust.WSTrustConstants;
import org.picketlink.identity.federation.core.wstrust.wrappers.RequestSecurityToken;
-import org.picketlink.identity.federation.core.wstrust.writers.WSTrustRSTWriter;
+import org.picketlink.identity.federation.core.wstrust.writers.WSTrustRequestWriter;
import org.picketlink.identity.federation.saml.v2.assertion.AssertionType;
import org.picketlink.identity.federation.saml.v2.assertion.ConditionsType;
import org.picketlink.identity.federation.saml.v2.assertion.NameIDType;
@@ -71,7 +71,7 @@
//Now for the writing part
ByteArrayOutputStream baos = new ByteArrayOutputStream();
- WSTrustRSTWriter rstWriter = new WSTrustRSTWriter(baos);
+ WSTrustRequestWriter rstWriter = new WSTrustRequestWriter(baos);
rstWriter.write(requestToken );
Modified: federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/wst/WSTrustIssueAppliesToTestCase.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/wst/WSTrustIssueAppliesToTestCase.java 2010-11-25 22:20:20 UTC (rev 566)
+++ federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/wst/WSTrustIssueAppliesToTestCase.java 2010-11-30 00:32:39 UTC (rev 567)
@@ -55,8 +55,7 @@
assertEquals( WSTrustConstants.ISSUE_REQUEST , requestToken.getRequestType().toASCIIString() );
AppliesTo appliesTo = requestToken.getAppliesTo();
- JAXBElement<EndpointReferenceType> jaxb = (JAXBElement<EndpointReferenceType>) appliesTo.getAny().get(0);
- EndpointReferenceType endpoint = jaxb.getValue();
+ EndpointReferenceType endpoint = (EndpointReferenceType) appliesTo.getAny().get(0);
assertEquals( "http://services.testcorp.org/provider2", endpoint.getAddress().getValue() );
}
}
\ No newline at end of file
Modified: federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/wst/WSTrustIssuePublicCertificateTestCase.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/wst/WSTrustIssuePublicCertificateTestCase.java 2010-11-25 22:20:20 UTC (rev 566)
+++ federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/wst/WSTrustIssuePublicCertificateTestCase.java 2010-11-30 00:32:39 UTC (rev 567)
@@ -27,15 +27,13 @@
import java.io.ByteArrayOutputStream;
import java.io.InputStream;
-import javax.xml.bind.JAXBElement;
-
import org.junit.Test;
import org.picketlink.identity.federation.core.parsers.wst.WSTRequestSecurityTokenParser;
import org.picketlink.identity.federation.core.parsers.wst.WSTrustParser;
import org.picketlink.identity.federation.core.saml.v2.util.DocumentUtil;
import org.picketlink.identity.federation.core.wstrust.WSTrustConstants;
import org.picketlink.identity.federation.core.wstrust.wrappers.RequestSecurityToken;
-import org.picketlink.identity.federation.core.wstrust.writers.WSTrustRSTWriter;
+import org.picketlink.identity.federation.core.wstrust.writers.WSTrustRequestWriter;
import org.picketlink.identity.federation.ws.addressing.EndpointReferenceType;
import org.picketlink.identity.federation.ws.policy.AppliesTo;
import org.picketlink.identity.federation.ws.trust.UseKeyType;
@@ -63,8 +61,7 @@
assertEquals( WSTrustConstants.ISSUE_REQUEST , requestToken.getRequestType().toASCIIString() );
AppliesTo appliesTo = requestToken.getAppliesTo();
- JAXBElement<EndpointReferenceType> jaxb = (JAXBElement<EndpointReferenceType>) appliesTo.getAny().get(0);
- EndpointReferenceType endpoint = jaxb.getValue();
+ EndpointReferenceType endpoint = (EndpointReferenceType) appliesTo.getAny().get(0);
assertEquals( "http://services.testcorp.org/provider2", endpoint.getAddress().getValue() );
@@ -77,7 +74,7 @@
//Now for the writing part
ByteArrayOutputStream baos = new ByteArrayOutputStream();
- WSTrustRSTWriter rstWriter = new WSTrustRSTWriter(baos);
+ WSTrustRequestWriter rstWriter = new WSTrustRequestWriter(baos);
rstWriter.write(requestToken );
Modified: federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/wst/WSTrustIssuePublicKeyTestCase.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/wst/WSTrustIssuePublicKeyTestCase.java 2010-11-25 22:20:20 UTC (rev 566)
+++ federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/wst/WSTrustIssuePublicKeyTestCase.java 2010-11-30 00:32:39 UTC (rev 567)
@@ -1,23 +1,19 @@
/*
- * JBoss, Home of Professional Open Source.
- * Copyright 2008, Red Hat Middleware LLC, and individual contributors
- * as indicated by the @author tags. See the copyright.txt file in the
- * distribution for a full listing of individual contributors.
- *
- * This is free software; you can redistribute it and/or modify it
- * under the terms of the GNU Lesser General Public License as
- * published by the Free Software Foundation; either version 2.1 of
- * the License, or (at your option) any later version.
- *
- * This software is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public
- * License along with this software; if not, write to the Free
- * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
- * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ * JBoss, Home of Professional Open Source. Copyright 2008, Red Hat Middleware LLC, and individual contributors as
+ * indicated by the @author tags. See the copyright.txt file in the distribution for a full listing of individual
+ * contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either version 2.1 of the License, or (at your option) any
+ * later version.
+ *
+ * This software is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied
+ * warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
+ * details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License along with this software; if not, write to
+ * the Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA, or see the FSF site:
+ * http://www.fsf.org.
*/
package org.picketlink.test.identity.federation.core.parser.wst;
@@ -27,15 +23,13 @@
import java.io.ByteArrayOutputStream;
import java.io.InputStream;
-import javax.xml.bind.JAXBElement;
-
import org.junit.Test;
import org.picketlink.identity.federation.core.parsers.wst.WSTRequestSecurityTokenParser;
import org.picketlink.identity.federation.core.parsers.wst.WSTrustParser;
import org.picketlink.identity.federation.core.saml.v2.util.DocumentUtil;
import org.picketlink.identity.federation.core.wstrust.WSTrustConstants;
import org.picketlink.identity.federation.core.wstrust.wrappers.RequestSecurityToken;
-import org.picketlink.identity.federation.core.wstrust.writers.WSTrustRSTWriter;
+import org.picketlink.identity.federation.core.wstrust.writers.WSTrustRequestWriter;
import org.picketlink.identity.federation.ws.addressing.EndpointReferenceType;
import org.picketlink.identity.federation.ws.policy.AppliesTo;
import org.picketlink.identity.federation.ws.trust.UseKeyType;
@@ -43,6 +37,7 @@
/**
* Validate parsing of RST with Use Key set to a RSA Public Key
+ *
* @author Anil.Saldhana at redhat.com
* @since Oct 18, 2010
*/
@@ -54,35 +49,33 @@
public void testPublicKey() throws Exception
{
ClassLoader tcl = Thread.currentThread().getContextClassLoader();
- InputStream configStream = tcl.getResourceAsStream( "parser/wst/wst-issue-public-key.xml" );
-
+ InputStream configStream = tcl.getResourceAsStream("parser/wst/wst-issue-public-key.xml");
+
WSTrustParser parser = new WSTrustParser();
- RequestSecurityToken requestToken = ( RequestSecurityToken ) parser.parse( configStream );
-
- assertEquals( "testcontext", requestToken.getContext() );
- assertEquals( WSTrustConstants.ISSUE_REQUEST , requestToken.getRequestType().toASCIIString() );
-
+ RequestSecurityToken requestToken = (RequestSecurityToken) parser.parse(configStream);
+
+ assertEquals("testcontext", requestToken.getContext());
+ assertEquals(WSTrustConstants.ISSUE_REQUEST, requestToken.getRequestType().toASCIIString());
+
AppliesTo appliesTo = requestToken.getAppliesTo();
- JAXBElement<EndpointReferenceType> jaxb = (JAXBElement<EndpointReferenceType>) appliesTo.getAny().get(0);
- EndpointReferenceType endpoint = jaxb.getValue();
- assertEquals( "http://services.testcorp.org/provider2", endpoint.getAddress().getValue() );
-
-
- assertEquals( "http://docs.oasis-open.org/ws-sx/ws-trust/200512/PublicKey", requestToken.getKeyType().toASCIIString() );
-
+ EndpointReferenceType endpoint = (EndpointReferenceType) appliesTo.getAny().get(0);
+ assertEquals("http://services.testcorp.org/provider2", endpoint.getAddress().getValue());
+
+ assertEquals("http://docs.oasis-open.org/ws-sx/ws-trust/200512/PublicKey", requestToken.getKeyType()
+ .toASCIIString());
+
UseKeyType useKeyType = requestToken.getUseKey();
- Element certEl = (Element) useKeyType.getAny();
-
- assertEquals( "ds:" + WSTRequestSecurityTokenParser.KEYVALUE, certEl.getTagName() );
-
+ Element certEl = (Element) useKeyType.getAny();
- //Now for the writing part
+ assertEquals("ds:" + WSTRequestSecurityTokenParser.KEYVALUE, certEl.getTagName());
+
+ // Now for the writing part
ByteArrayOutputStream baos = new ByteArrayOutputStream();
- WSTrustRSTWriter rstWriter = new WSTrustRSTWriter(baos);
+ WSTrustRequestWriter rstWriter = new WSTrustRequestWriter(baos);
- rstWriter.write(requestToken );
+ rstWriter.write(requestToken);
- System.out.println( new String( baos.toByteArray() ));
- DocumentUtil.getDocument( new ByteArrayInputStream( baos.toByteArray() ));
+ System.out.println(new String(baos.toByteArray()));
+ DocumentUtil.getDocument(new ByteArrayInputStream(baos.toByteArray()));
}
}
\ No newline at end of file
Modified: federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/wst/WSTrustIssueSymmetricKeyTestCase.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/wst/WSTrustIssueSymmetricKeyTestCase.java 2010-11-25 22:20:20 UTC (rev 566)
+++ federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/wst/WSTrustIssueSymmetricKeyTestCase.java 2010-11-30 00:32:39 UTC (rev 567)
@@ -27,14 +27,12 @@
import java.io.ByteArrayOutputStream;
import java.io.InputStream;
-import javax.xml.bind.JAXBElement;
-
import org.junit.Test;
import org.picketlink.identity.federation.core.parsers.wst.WSTrustParser;
import org.picketlink.identity.federation.core.saml.v2.util.DocumentUtil;
import org.picketlink.identity.federation.core.wstrust.WSTrustConstants;
import org.picketlink.identity.federation.core.wstrust.wrappers.RequestSecurityToken;
-import org.picketlink.identity.federation.core.wstrust.writers.WSTrustRSTWriter;
+import org.picketlink.identity.federation.core.wstrust.writers.WSTrustRequestWriter;
import org.picketlink.identity.federation.ws.addressing.EndpointReferenceType;
import org.picketlink.identity.federation.ws.policy.AppliesTo;
import org.picketlink.identity.federation.ws.trust.BinarySecretType;
@@ -61,8 +59,7 @@
assertEquals( WSTrustConstants.ISSUE_REQUEST , requestToken.getRequestType().toASCIIString() );
AppliesTo appliesTo = requestToken.getAppliesTo();
- JAXBElement<EndpointReferenceType> jaxb = (JAXBElement<EndpointReferenceType>) appliesTo.getAny().get(0);
- EndpointReferenceType endpoint = jaxb.getValue();
+ EndpointReferenceType endpoint = (EndpointReferenceType) appliesTo.getAny().get(0);
assertEquals( "http://services.testcorp.org/provider2", endpoint.getAddress().getValue() );
@@ -76,7 +73,7 @@
//Now for the writing part
ByteArrayOutputStream baos = new ByteArrayOutputStream();
- WSTrustRSTWriter rstWriter = new WSTrustRSTWriter(baos);
+ WSTrustRequestWriter rstWriter = new WSTrustRequestWriter(baos);
rstWriter.write(requestToken);
Modified: federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/wst/WSTrustIssueTestCase.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/wst/WSTrustIssueTestCase.java 2010-11-25 22:20:20 UTC (rev 566)
+++ federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/wst/WSTrustIssueTestCase.java 2010-11-30 00:32:39 UTC (rev 567)
@@ -32,7 +32,7 @@
import org.picketlink.identity.federation.core.saml.v2.util.DocumentUtil;
import org.picketlink.identity.federation.core.wstrust.WSTrustConstants;
import org.picketlink.identity.federation.core.wstrust.wrappers.RequestSecurityToken;
-import org.picketlink.identity.federation.core.wstrust.writers.WSTrustRSTWriter;
+import org.picketlink.identity.federation.core.wstrust.writers.WSTrustRequestWriter;
/**
* Validate simple RST parsing
@@ -56,7 +56,7 @@
//Now for the writing part
ByteArrayOutputStream baos = new ByteArrayOutputStream();
- WSTrustRSTWriter rstWriter = new WSTrustRSTWriter(baos);
+ WSTrustRequestWriter rstWriter = new WSTrustRequestWriter(baos);
rstWriter.write(requestToken);
Modified: federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/wst/WSTrustOnBehalfOfTestCase.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/wst/WSTrustOnBehalfOfTestCase.java 2010-11-25 22:20:20 UTC (rev 566)
+++ federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/wst/WSTrustOnBehalfOfTestCase.java 2010-11-30 00:32:39 UTC (rev 567)
@@ -32,7 +32,7 @@
import org.picketlink.identity.federation.core.saml.v2.util.DocumentUtil;
import org.picketlink.identity.federation.core.wstrust.WSTrustConstants;
import org.picketlink.identity.federation.core.wstrust.wrappers.RequestSecurityToken;
-import org.picketlink.identity.federation.core.wstrust.writers.WSTrustRSTWriter;
+import org.picketlink.identity.federation.core.wstrust.writers.WSTrustRequestWriter;
import org.picketlink.identity.federation.ws.trust.OnBehalfOfType;
import org.picketlink.identity.federation.ws.wss.secext.UsernameTokenType;
@@ -62,7 +62,7 @@
//Now for the writing part
ByteArrayOutputStream baos = new ByteArrayOutputStream();
- WSTrustRSTWriter rstWriter = new WSTrustRSTWriter(baos);
+ WSTrustRequestWriter rstWriter = new WSTrustRequestWriter(baos);
rstWriter.write(requestToken);
Modified: federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/wstrust/PicketLinkSTSUnitTestCase.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/wstrust/PicketLinkSTSUnitTestCase.java 2010-11-25 22:20:20 UTC (rev 566)
+++ federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/wstrust/PicketLinkSTSUnitTestCase.java 2010-11-30 00:32:39 UTC (rev 567)
@@ -48,6 +48,7 @@
import org.picketlink.identity.federation.core.config.STSType;
import org.picketlink.identity.federation.core.exceptions.ConfigurationException;
import org.picketlink.identity.federation.core.exceptions.ParsingException;
+import org.picketlink.identity.federation.core.parsers.wst.WSTrustParser;
import org.picketlink.identity.federation.core.saml.v2.common.IDGenerator;
import org.picketlink.identity.federation.core.saml.v2.util.DocumentUtil;
import org.picketlink.identity.federation.core.util.Base64;
@@ -58,7 +59,6 @@
import org.picketlink.identity.federation.core.wstrust.StandardRequestHandler;
import org.picketlink.identity.federation.core.wstrust.WSTrustConstants;
import org.picketlink.identity.federation.core.wstrust.WSTrustException;
-import org.picketlink.identity.federation.core.wstrust.WSTrustJAXBFactory;
import org.picketlink.identity.federation.core.wstrust.WSTrustRequestHandler;
import org.picketlink.identity.federation.core.wstrust.WSTrustUtil;
import org.picketlink.identity.federation.core.wstrust.plugins.saml.SAML20TokenProvider;
@@ -68,7 +68,7 @@
import org.picketlink.identity.federation.core.wstrust.wrappers.RequestSecurityToken;
import org.picketlink.identity.federation.core.wstrust.wrappers.RequestSecurityTokenResponse;
import org.picketlink.identity.federation.core.wstrust.wrappers.RequestSecurityTokenResponseCollection;
-import org.picketlink.identity.federation.core.wstrust.writers.WSTrustRSTWriter;
+import org.picketlink.identity.federation.core.wstrust.writers.WSTrustRequestWriter;
import org.picketlink.identity.federation.saml.v2.assertion.AssertionType;
import org.picketlink.identity.federation.saml.v2.assertion.AudienceRestrictionType;
import org.picketlink.identity.federation.saml.v2.assertion.ConditionAbstractType;
@@ -82,6 +82,7 @@
import org.picketlink.identity.federation.ws.policy.AppliesTo;
import org.picketlink.identity.federation.ws.trust.BinarySecretType;
import org.picketlink.identity.federation.ws.trust.CancelTargetType;
+import org.picketlink.identity.federation.ws.trust.ComputedKeyType;
import org.picketlink.identity.federation.ws.trust.EntropyType;
import org.picketlink.identity.federation.ws.trust.OnBehalfOfType;
import org.picketlink.identity.federation.ws.trust.RenewTargetType;
@@ -163,7 +164,8 @@
*
* </p>
*
- * @throws Exception if an error occurs while running the test.
+ * @throws Exception
+ * if an error occurs while running the test.
*/
public void testSTSConfiguration() throws Exception
{
@@ -241,7 +243,8 @@
*
* </p>
*
- * @throws Exception if an error occurs while running the test.
+ * @throws Exception
+ * if an error occurs while running the test.
*/
public void testInvokeCustom() throws Exception
{
@@ -252,9 +255,8 @@
// invoke the token service.
Source responseMessage = this.tokenService.invoke(requestMessage);
- BaseRequestSecurityTokenResponse baseResponse = WSTrustJAXBFactory.getInstance()
- .parseRequestSecurityTokenResponse(responseMessage);
-
+ BaseRequestSecurityTokenResponse baseResponse = (BaseRequestSecurityTokenResponse) new WSTrustParser()
+ .parse(DocumentUtil.getSourceAsStream(responseMessage));
// validate the security token response.
this.validateCustomTokenResponse(baseResponse);
}
@@ -294,7 +296,8 @@
*
* </p>
*
- * @throws Exception if an error occurs while running the test.
+ * @throws Exception
+ * if an error occurs while running the test.
*/
public void testInvokeSAML20() throws Exception
{
@@ -305,9 +308,8 @@
// invoke the token service.
Source responseMessage = this.tokenService.invoke(requestMessage);
- BaseRequestSecurityTokenResponse baseResponse = WSTrustJAXBFactory.getInstance()
- .parseRequestSecurityTokenResponse(responseMessage);
-
+ BaseRequestSecurityTokenResponse baseResponse = (BaseRequestSecurityTokenResponse) new WSTrustParser()
+ .parse(DocumentUtil.getSourceAsStream(responseMessage));
// validate the security token response.
this.validateSAMLAssertionResponse(baseResponse, "testcontext", "jduke", SAMLUtil.SAML2_BEARER_URI);
}
@@ -319,7 +321,8 @@
* case, the request should be handled by the custom {@code SpecialTokenProvider}.
* </p>
*
- * @throws Exception if an error occurs while running the test.
+ * @throws Exception
+ * if an error occurs while running the test.
*/
public void testInvokeCustomAppliesTo() throws Exception
{
@@ -330,8 +333,8 @@
// invoke the token service.
Source responseMessage = this.tokenService.invoke(requestMessage);
- BaseRequestSecurityTokenResponse baseResponse = WSTrustJAXBFactory.getInstance()
- .parseRequestSecurityTokenResponse(responseMessage);
+ BaseRequestSecurityTokenResponse baseResponse = (BaseRequestSecurityTokenResponse) new WSTrustParser()
+ .parse(DocumentUtil.getSourceAsStream(responseMessage));
// validate the security token response.
this.validateCustomTokenResponse(baseResponse);
@@ -344,7 +347,8 @@
* case, the request should be handled by the standard {@code SAML20TokenProvider}.
* </p>
*
- * @throws Exception if an error occurs while running the test.
+ * @throws Exception
+ * if an error occurs while running the test.
*/
public void testInvokeSAML20AppliesTo() throws Exception
{
@@ -354,8 +358,8 @@
// invoke the token service.
Source responseMessage = this.tokenService.invoke(requestMessage);
- BaseRequestSecurityTokenResponse baseResponse = WSTrustJAXBFactory.getInstance()
- .parseRequestSecurityTokenResponse(responseMessage);
+ BaseRequestSecurityTokenResponse baseResponse = (BaseRequestSecurityTokenResponse) new WSTrustParser()
+ .parse(DocumentUtil.getSourceAsStream(responseMessage));
// validate the security token response.
AssertionType assertion = this.validateSAMLAssertionResponse(baseResponse, "testcontext", "jduke",
@@ -380,7 +384,8 @@
* the request).
* </p>
*
- * @throws Exception if an error occurs while running the test.
+ * @throws Exception
+ * if an error occurs while running the test.
*/
public void testInvokeSAML20OnBehalfOf() throws Exception
{
@@ -394,8 +399,8 @@
// invoke the token service.
Source responseMessage = this.tokenService.invoke(requestMessage);
- BaseRequestSecurityTokenResponse baseResponse = WSTrustJAXBFactory.getInstance()
- .parseRequestSecurityTokenResponse(responseMessage);
+ BaseRequestSecurityTokenResponse baseResponse = (BaseRequestSecurityTokenResponse) new WSTrustParser()
+ .parse(DocumentUtil.getSourceAsStream(responseMessage));
// validate the security token response (assertion principal should be anotherduke as specified by OnBehalfOf).
this.validateSAMLAssertionResponse(baseResponse, "testcontext", "anotherduke", SAMLUtil.SAML2_SENDER_VOUCHES_URI);
@@ -408,7 +413,8 @@
* this key as the proof token. The WS-Trust response should contain the STS-generated key.
* </p>
*
- * @throws Exception if an error occurs while running the test.
+ * @throws Exception
+ * if an error occurs while running the test.
*/
@SuppressWarnings("rawtypes")
public void testInvokeSAML20WithSTSGeneratedSymmetricKey() throws Exception
@@ -423,8 +429,8 @@
// invoke the token service.
Source responseMessage = this.tokenService.invoke(requestMessage);
- BaseRequestSecurityTokenResponse baseResponse = WSTrustJAXBFactory.getInstance()
- .parseRequestSecurityTokenResponse(responseMessage);
+ BaseRequestSecurityTokenResponse baseResponse = (BaseRequestSecurityTokenResponse) new WSTrustParser()
+ .parse(DocumentUtil.getSourceAsStream(responseMessage));
// validate the security token response.
AssertionType assertion = this.validateSAMLAssertionResponse(baseResponse, "testcontext", "jduke",
@@ -439,10 +445,8 @@
RequestSecurityTokenResponse response = collection.getRequestSecurityTokenResponses().get(0);
RequestedProofTokenType proofToken = response.getRequestedProofToken();
assertNotNull("Unexpected null proof token", proofToken);
- assertTrue(proofToken.getAny() instanceof JAXBElement);
- JAXBElement proofElement = (JAXBElement) proofToken.getAny();
- assertEquals("Unexpected proof token content", BinarySecretType.class, proofElement.getDeclaredType());
- BinarySecretType serverBinarySecret = (BinarySecretType) proofElement.getValue();
+ assertTrue(proofToken.getAny() instanceof BinarySecretType);
+ BinarySecretType serverBinarySecret = (BinarySecretType) proofToken.getAny();
assertNotNull("Unexpected null secret", serverBinarySecret.getValue());
// default key size is 128 bits (16 bytes).
byte[] encodedSecret = serverBinarySecret.getValue();
@@ -457,7 +461,8 @@
* should include the STS key to allow reconstruction of the combined key and the algorithm used to combine the keys.
* </p>
*
- * @throws Exception if an error occurs while running the test.
+ * @throws Exception
+ * if an error occurs while running the test.
*/
@SuppressWarnings("rawtypes")
public void testInvokeSAML20WithCombinedSymmetricKey() throws Exception
@@ -482,8 +487,8 @@
// invoke the token service.
Source requestMessage = this.createSourceFromRequest(request);
Source responseMessage = this.tokenService.invoke(requestMessage);
- BaseRequestSecurityTokenResponse baseResponse = WSTrustJAXBFactory.getInstance()
- .parseRequestSecurityTokenResponse(responseMessage);
+ BaseRequestSecurityTokenResponse baseResponse = (BaseRequestSecurityTokenResponse) new WSTrustParser()
+ .parse(DocumentUtil.getSourceAsStream(responseMessage));
// validate the security token response.
AssertionType assertion = this.validateSAMLAssertionResponse(baseResponse, "testcontext", "jduke",
@@ -497,20 +502,15 @@
RequestSecurityTokenResponse response = collection.getRequestSecurityTokenResponses().get(0);
RequestedProofTokenType proofToken = response.getRequestedProofToken();
assertNotNull("Unexpected null proof token", proofToken);
- assertTrue(proofToken.getAny() instanceof JAXBElement);
- JAXBElement<?> proofElement = (JAXBElement<?>) proofToken.getAny();
+ assertTrue(proofToken.getAny() instanceof ComputedKeyType);
+ ComputedKeyType computedKey = (ComputedKeyType) proofToken.getAny();
+ assertEquals("Unexpected computed key algorithm", WSTrustConstants.CK_PSHA1, computedKey.getAlgorithm());
- // proof token should contain only the computed key algorithm.
- assertEquals("Unexpected proof token content", "ComputedKey", proofElement.getName().getLocalPart());
- assertEquals("Unexpected computed key algorithm", WSTrustConstants.CK_PSHA1, proofElement.getValue());
-
// server entropy must have been included in the response to allow reconstruction of the computed key.
EntropyType serverEntropy = response.getEntropy();
assertNotNull("Unexpected null server entropy");
assertEquals("Invalid number of elements in server entropy", 1, serverEntropy.getAny().size());
- JAXBElement serverEntropyContent = (JAXBElement) serverEntropy.getAny().get(0);
- assertEquals("Unexpected proof token content", BinarySecretType.class, serverEntropyContent.getDeclaredType());
- BinarySecretType serverBinarySecret = (BinarySecretType) serverEntropyContent.getValue();
+ BinarySecretType serverBinarySecret = (BinarySecretType) serverEntropy.getAny().get(0);
assertEquals("Unexpected binary secret type", WSTrustConstants.BS_TYPE_NONCE, serverBinarySecret.getType());
assertNotNull("Unexpected null secret value", serverBinarySecret.getValue());
// get the base64 decoded
@@ -524,7 +524,8 @@
* The STS must include the specified certificate in the SAML subject confirmation.
* </p>
*
- * @throws Exception if an error occurs while running the test.
+ * @throws Exception
+ * if an error occurs while running the test.
*/
public void testInvokeSAML20WithCertificate() throws Exception
{
@@ -542,9 +543,8 @@
// invoke the token service.
Source requestMessage = this.createSourceFromRequest(request);
Source responseMessage = this.tokenService.invoke(requestMessage);
- BaseRequestSecurityTokenResponse baseResponse = WSTrustJAXBFactory.getInstance()
- .parseRequestSecurityTokenResponse(responseMessage);
-
+ BaseRequestSecurityTokenResponse baseResponse = (BaseRequestSecurityTokenResponse) new WSTrustParser()
+ .parse(DocumentUtil.getSourceAsStream(responseMessage));
// validate the security token response.
AssertionType assertion = this.validateSAMLAssertionResponse(baseResponse, "testcontext", "jduke",
SAMLUtil.SAML2_HOLDER_OF_KEY_URI);
@@ -560,7 +560,8 @@
* STS must include the specified public key in the SAML subject confirmation.
* </p>
*
- * @throws Exception if an error occurs while running the test.
+ * @throws Exception
+ * if an error occurs while running the test.
*/
public void testInvokeSAML20WithPublicKey() throws Exception
{
@@ -579,8 +580,8 @@
// invoke the token service.
Source requestMessage = this.createSourceFromRequest(request);
Source responseMessage = this.tokenService.invoke(requestMessage);
- BaseRequestSecurityTokenResponse baseResponse = WSTrustJAXBFactory.getInstance()
- .parseRequestSecurityTokenResponse(responseMessage);
+ BaseRequestSecurityTokenResponse baseResponse = (BaseRequestSecurityTokenResponse) new WSTrustParser()
+ .parse(DocumentUtil.getSourceAsStream(responseMessage));
// validate the security token response.
AssertionType assertion = this.validateSAMLAssertionResponse(baseResponse, "testcontext", "jduke",
@@ -597,7 +598,8 @@
* the assertion validated, checking the validation results.
* </p>
*
- * @throws Exception if an error occurs while running the test.
+ * @throws Exception
+ * if an error occurs while running the test.
*/
public void testInvokeSAML20Validate() throws Exception
{
@@ -605,20 +607,19 @@
RequestSecurityToken request = this.createRequest("testcontext", WSTrustConstants.ISSUE_REQUEST,
SAMLUtil.SAML2_TOKEN_TYPE, null);
- // use the factory to marshall the request.
- WSTrustJAXBFactory factory = WSTrustJAXBFactory.getInstance();
Source requestMessage = this.createSourceFromRequest(request);
// invoke the token service.
Source responseMessage = this.tokenService.invoke(requestMessage);
- BaseRequestSecurityTokenResponse baseResponse = factory.parseRequestSecurityTokenResponse(responseMessage);
+ WSTrustParser parser = new WSTrustParser();
+ BaseRequestSecurityTokenResponse baseResponse = (BaseRequestSecurityTokenResponse) parser.parse(DocumentUtil
+ .getSourceAsStream(responseMessage));
// validate the response and get the SAML assertion from the request.
- this.validateSAMLAssertionResponse(baseResponse, "testcontext", "jduke",
- SAMLUtil.SAML2_BEARER_URI);
+ this.validateSAMLAssertionResponse(baseResponse, "testcontext", "jduke", SAMLUtil.SAML2_BEARER_URI);
RequestSecurityTokenResponseCollection collection = (RequestSecurityTokenResponseCollection) baseResponse;
Element assertion = (Element) collection.getRequestSecurityTokenResponses().get(0).getRequestedSecurityToken()
- .getAny();
+ .getAny();
// now construct a WS-Trust validate request with the generated assertion.
request = this.createRequest("validatecontext", WSTrustConstants.VALIDATE_REQUEST, WSTrustConstants.STATUS_TYPE,
@@ -629,7 +630,7 @@
// invoke the token service.
responseMessage = this.tokenService.invoke(this.createSourceFromRequest(request));
- baseResponse = factory.parseRequestSecurityTokenResponse(responseMessage);
+ baseResponse = (BaseRequestSecurityTokenResponse) parser.parse(DocumentUtil.getSourceAsStream(responseMessage));
// validate the response contents.
assertNotNull("Unexpected null response", baseResponse);
@@ -648,8 +649,8 @@
assertion.getFirstChild().getFirstChild().setNodeValue("Tempered Issuer");
request.getValidateTarget().setAny(assertion);
responseMessage = this.tokenService.invoke(this.createSourceFromRequest(request));
- collection = (RequestSecurityTokenResponseCollection) WSTrustJAXBFactory.getInstance()
- .parseRequestSecurityTokenResponse(responseMessage);
+ collection = (RequestSecurityTokenResponseCollection) parser.parse(DocumentUtil
+ .getSourceAsStream(responseMessage));
assertEquals("Unexpected number of responses", 1, collection.getRequestSecurityTokenResponses().size());
response = collection.getRequestSecurityTokenResponses().get(0);
assertEquals("Unexpected response context", "validatecontext", response.getContext());
@@ -666,7 +667,8 @@
* assertion renewed (i.e. get a new assertion with an updated lifetime).
* </p>
*
- * @throws Exception if an error occurs while running the test.
+ * @throws Exception
+ * if an error occurs while running the test.
*/
public void testInvokeSAML20Renew() throws Exception
{
@@ -674,13 +676,13 @@
RequestSecurityToken request = this.createRequest("testcontext", WSTrustConstants.ISSUE_REQUEST, null,
"http://services.testcorp.org/provider2");
- // use the factory to marshall the request.
- WSTrustJAXBFactory factory = WSTrustJAXBFactory.getInstance();
Source requestMessage = this.createSourceFromRequest(request);
// invoke the token service.
Source responseMessage = this.tokenService.invoke(requestMessage);
- BaseRequestSecurityTokenResponse baseResponse = factory.parseRequestSecurityTokenResponse(responseMessage);
+ WSTrustParser parser = new WSTrustParser();
+ BaseRequestSecurityTokenResponse baseResponse = (BaseRequestSecurityTokenResponse) parser.parse(DocumentUtil
+ .getSourceAsStream(responseMessage));
// validate the response and get the SAML assertion from the request.
this.validateSAMLAssertionResponse(baseResponse, "testcontext", "jduke", SAMLUtil.SAML2_BEARER_URI);
@@ -696,7 +698,7 @@
// invoke the token service.
responseMessage = this.tokenService.invoke(this.createSourceFromRequest(request));
- baseResponse = factory.parseRequestSecurityTokenResponse(responseMessage);
+ baseResponse = (BaseRequestSecurityTokenResponse) parser.parse(DocumentUtil.getSourceAsStream(responseMessage));
// validate the renew response contents and get the renewed token.
this.validateSAMLAssertionResponse(baseResponse, "renewcontext", "jduke", SAMLUtil.SAML2_BEARER_URI);
@@ -723,7 +725,8 @@
* the assertion. A canceled assertion cannot be renewed or considered valid anymore.
* </p>
*
- * @throws Exception if an error occurs while running the test.
+ * @throws Exception
+ * if an error occurs while running the test.
*/
public void testInvokeSAML20Cancel() throws Exception
{
@@ -731,13 +734,13 @@
RequestSecurityToken request = this.createRequest("testcontext", WSTrustConstants.ISSUE_REQUEST,
SAMLUtil.SAML2_TOKEN_TYPE, null);
- // use the factory to marshall the request.
- WSTrustJAXBFactory factory = WSTrustJAXBFactory.getInstance();
Source requestMessage = this.createSourceFromRequest(request);
// invoke the token service.
Source responseMessage = this.tokenService.invoke(requestMessage);
- BaseRequestSecurityTokenResponse baseResponse = factory.parseRequestSecurityTokenResponse(responseMessage);
+ WSTrustParser parser = new WSTrustParser();
+ BaseRequestSecurityTokenResponse baseResponse = (BaseRequestSecurityTokenResponse) parser.parse(DocumentUtil
+ .getSourceAsStream(responseMessage));
// validate the response and get the SAML assertion from the request.
this.validateSAMLAssertionResponse(baseResponse, "testcontext", "jduke", SAMLUtil.SAML2_BEARER_URI);
@@ -753,7 +756,7 @@
// invoke the token service.
responseMessage = this.tokenService.invoke(this.createSourceFromRequest(request));
- baseResponse = factory.parseRequestSecurityTokenResponse(responseMessage);
+ baseResponse = (BaseRequestSecurityTokenResponse) parser.parse(DocumentUtil.getSourceAsStream(responseMessage));
// validate the response contents.
assertNotNull("Unexpected null response", baseResponse);
@@ -773,7 +776,8 @@
// the response should contain a status indicating that the token is not valid.
responseMessage = this.tokenService.invoke(this.createSourceFromRequest(request));
- collection = (RequestSecurityTokenResponseCollection) factory.parseRequestSecurityTokenResponse(responseMessage);
+ collection = (RequestSecurityTokenResponseCollection) parser.parse(DocumentUtil
+ .getSourceAsStream(responseMessage));
assertEquals("Unexpected number of responses", 1, collection.getRequestSecurityTokenResponses().size());
response = collection.getRequestSecurityTokenResponses().get(0);
assertEquals("Unexpected response context", "validatecontext", response.getContext());
@@ -810,7 +814,8 @@
* security token service.
* </p>
*
- * @throws Exception if an error occurs while running the test.
+ * @throws Exception
+ * if an error occurs while running the test.
*/
public void testInvokeUnknownTokenType() throws Exception
{
@@ -840,7 +845,8 @@
* This test verifies if the token service is correctly identifying invalid issue requests.
* </p>
*
- * @throws Exception if an error occurs while running the test.
+ * @throws Exception
+ * if an error occurs while running the test.
*/
public void testInvalidIssueRequests() throws Exception
{
@@ -885,7 +891,8 @@
* This test verifies if the token service is correctly identifying invalid renew requests.
* </p>
*
- * @throws Exception if an error occurs while running the test.
+ * @throws Exception
+ * if an error occurs while running the test.
*/
public void testInvalidRenewRequests() throws Exception
{
@@ -944,7 +951,8 @@
* This test verifies if the token service is correctly identifying invalid validate requests.
* </p>
*
- * @throws Exception if an error occurs while running the test.
+ * @throws Exception
+ * if an error occurs while running the test.
*/
public void testInvalidValidateRequests() throws Exception
{
@@ -1003,7 +1011,8 @@
* This test verifies if the token service is correctly identifying invalid cancel requests.
* </p>
*
- * @throws Exception if an error occurs while running the test.
+ * @throws Exception
+ * if an error occurs while running the test.
*/
public void testInvalidCancelRequests() throws Exception
{
@@ -1063,8 +1072,10 @@
* SpecialTokenProvider}.
* </p>
*
- * @param baseResponse a reference to the WS-Trust response that was sent by the STS.
- * @throws Exception if one of the validation performed fail.
+ * @param baseResponse
+ * a reference to the WS-Trust response that was sent by the STS.
+ * @throws Exception
+ * if one of the validation performed fail.
*/
private void validateCustomTokenResponse(BaseRequestSecurityTokenResponse baseResponse) throws Exception
{
@@ -1089,10 +1100,11 @@
assertNotNull("Unexpected null token", token);
assertTrue("Unexpected token class", token instanceof Element);
Element element = (Element) requestedToken.getAny();
+ assertEquals("Unexpected root element name", "SpecialToken", element.getLocalName());
assertEquals("Unexpected namespace value", "http://www.tokens.org", element.getNamespaceURI());
-
- assertEquals("Unexpected attribute value", "http://www.tokens.org/SpecialToken", element.getAttributeNS(
- "http://www.tokens.org", "TokenType"));
+ assertEquals("Unexpected attribute value", "http://www.tokens.org/SpecialToken", element.getAttribute("TokenType"));
+ element = (Element) element.getFirstChild();
+ assertEquals("Unexpected child element name", "SpecialTokenValue", element.getLocalName());
assertEquals("Unexpected token value", "Principal:jduke", element.getFirstChild().getNodeValue());
}
@@ -1102,13 +1114,18 @@
* SAML20TokenProvider}.
* </p>
*
- * @param baseResponse a reference to the WS-Trust response that was sent by the STS.
- * @param context the expected name of the response context.
- * @param principal the principal that is expected to be seen in the assertion subject.
- * @param confirmationMethod the confirmation method that is expected to be seen in the assertion subject.
+ * @param baseResponse
+ * a reference to the WS-Trust response that was sent by the STS.
+ * @param context
+ * the expected name of the response context.
+ * @param principal
+ * the principal that is expected to be seen in the assertion subject.
+ * @param confirmationMethod
+ * the confirmation method that is expected to be seen in the assertion subject.
* @return the SAMLV2.0 assertion that has been extracted from the response. This object can be used by the test
* methods to perform extra validations depending on the scenario being tested.
- * @throws Exception if an error occurs while performing the validation.
+ * @throws Exception
+ * if an error occurs while performing the validation.
*/
private AssertionType validateSAMLAssertionResponse(BaseRequestSecurityTokenResponse baseResponse, String context,
String principal, String confirmationMethod) throws Exception
@@ -1134,8 +1151,7 @@
String tokenTypeAttr = securityRef.getOtherAttributes().get(new QName(WSTrustConstants.WSSE11_NS, "TokenType"));
assertNotNull("Required attribute TokenType is missing", tokenTypeAttr);
assertEquals("TokenType attribute has an unexpected value", SAMLUtil.SAML2_TOKEN_TYPE, tokenTypeAttr);
- JAXBElement<?> keyIdElement = (JAXBElement<?>) securityRef.getAny().get(0);
- KeyIdentifierType keyId = (KeyIdentifierType) keyIdElement.getValue();
+ KeyIdentifierType keyId = (KeyIdentifierType) securityRef.getAny().get(0);
assertEquals("Unexpected key value type", SAMLUtil.SAML2_VALUE_TYPE, keyId.getValueType());
assertNotNull("Unexpected null key identifier value", keyId.getValue());
@@ -1145,7 +1161,8 @@
assertNotNull("Unexpected null requested security token", requestedToken);
// unmarshall the SAMLV2.0 assertion.
- AssertionType assertion = SAMLUtil.fromElement((Element) requestedToken.getAny());
+ Element assertionElement = (Element) requestedToken.getAny();
+ AssertionType assertion = SAMLUtil.fromElement(assertionElement);
// verify the contents of the unmarshalled assertion.
assertNotNull("Invalid null assertion ID", assertion.getID());
@@ -1174,7 +1191,6 @@
assertEquals(lifetime.getCreated(), assertion.getConditions().getNotBefore());
assertEquals(lifetime.getExpires(), assertion.getConditions().getNotOnOrAfter());
- // verify if the assertion has been signed.
assertNotNull("Assertion should have been signed", assertion.getSignature());
return assertion;
@@ -1186,12 +1202,17 @@
* confirmation method has been used.
* </p>
*
- * @param subjectConfirmation the {@code SubjectConfirmationType} to be validated.
- * @param keyType the type of the proof-of-possession key (Symmetric or Public).
- * @param certificate the certificate used in the Public Key scenarios.
- * @param usePublicKey {@code true} if the certificate's Public Key was used as the proof-of-possession token;
- * {@code false} otherwise.
- * @throws Exception if an error occurs while performing the validation.
+ * @param subjectConfirmation
+ * the {@code SubjectConfirmationType} to be validated.
+ * @param keyType
+ * the type of the proof-of-possession key (Symmetric or Public).
+ * @param certificate
+ * the certificate used in the Public Key scenarios.
+ * @param usePublicKey
+ * {@code true} if the certificate's Public Key was used as the proof-of-possession token; {@code false}
+ * otherwise.
+ * @throws Exception
+ * if an error occurs while performing the validation.
*/
private void validateHolderOfKeyContents(SubjectConfirmationType subjectConfirmation, String keyType,
Certificate certificate, boolean usePublicKey) throws Exception
@@ -1261,10 +1282,14 @@
* Utility method that creates a simple WS-Trust request using the specified information.
* </p>
*
- * @param context a {@code String} that represents the request context.
- * @param requestType a {@code String} that represents the WS-Trust request type.
- * @param tokenType a {@code String} that represents the requested token type.
- * @param appliesToString a {@code String} that represents the URL of a service provider.
+ * @param context
+ * a {@code String} that represents the request context.
+ * @param requestType
+ * a {@code String} that represents the WS-Trust request type.
+ * @param tokenType
+ * a {@code String} that represents the requested token type.
+ * @param appliesToString
+ * a {@code String} that represents the URL of a service provider.
* @return the constructed {@code RequestSecurityToken} object.
*/
private RequestSecurityToken createRequest(String context, String requestType, String tokenType,
@@ -1276,15 +1301,7 @@
if (tokenType != null)
request.setTokenType(URI.create(tokenType));
if (appliesToString != null)
- {
- AttributedURIType attributedURI = new AttributedURIType();
- attributedURI.setValue(appliesToString);
- EndpointReferenceType reference = new EndpointReferenceType();
- reference.setAddress(attributedURI);
- AppliesTo appliesTo = new AppliesTo();
- appliesTo.getAny().add(new ObjectFactory().createEndpointReference(reference));
- request.setAppliesTo(appliesTo);
- }
+ request.setAppliesTo(WSTrustUtil.createAppliesTo(appliesToString));
return request;
}
@@ -1294,7 +1311,8 @@
* </p>
*
* @return an {@code Element} representing the unknown token.
- * @throws Exception if an error occurs while creating the token.
+ * @throws Exception
+ * if an error occurs while creating the token.
*/
private Element createUnknownToken() throws Exception
{
@@ -1315,11 +1333,15 @@
* Obtains the {@code Certificate} stored under the specified alias in the specified keystore.
* </p>
*
- * @param keyStoreFile the name of the file that contains a JKS keystore.
- * @param passwd the keystore password.
- * @param certificateAlias the alias of a certificate in the keystore.
+ * @param keyStoreFile
+ * the name of the file that contains a JKS keystore.
+ * @param passwd
+ * the keystore password.
+ * @param certificateAlias
+ * the alias of a certificate in the keystore.
* @return a reference to the {@code Certificate} stored under the given alias.
- * @throws Exception if an error occurs while handling the keystore.
+ * @throws Exception
+ * if an error occurs while handling the keystore.
*/
private Certificate getCertificate(String keyStoreFile, String passwd, String certificateAlias) throws Exception
{
@@ -1333,9 +1355,9 @@
private Source createSourceFromRequest(RequestSecurityToken request) throws Exception
{
- // write the request XML to a byte[]
+ // write the request XML to a DOMResult
DOMResult result = new DOMResult(DocumentUtil.createDocument());
- WSTrustRSTWriter writer = new WSTrustRSTWriter(result);
+ WSTrustRequestWriter writer = new WSTrustRequestWriter(result);
writer.write(request);
return new DOMSource(result.getNode());
}
@@ -1441,7 +1463,8 @@
* Sets the principal to be used in the test case.
* </p>
*
- * @param principal the {@code Principal} to be set.
+ * @param principal
+ * the {@code Principal} to be set.
*/
public void setUserPrincipal(Principal principal)
{
Modified: federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/wstrust/SAML20TokenProviderUnitTestCase.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/wstrust/SAML20TokenProviderUnitTestCase.java 2010-11-25 22:20:20 UTC (rev 566)
+++ federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/wstrust/SAML20TokenProviderUnitTestCase.java 2010-11-30 00:32:39 UTC (rev 567)
@@ -35,19 +35,22 @@
import javax.xml.bind.JAXBElement;
import javax.xml.bind.Unmarshaller;
import javax.xml.namespace.QName;
+import javax.xml.transform.Source;
+import javax.xml.transform.dom.DOMResult;
import javax.xml.transform.dom.DOMSource;
import junit.framework.TestCase;
+import org.picketlink.identity.federation.core.saml.v2.util.DocumentUtil;
import org.picketlink.identity.federation.core.wstrust.StandardSecurityToken;
import org.picketlink.identity.federation.core.wstrust.WSTrustConstants;
-import org.picketlink.identity.federation.core.wstrust.WSTrustJAXBFactory;
import org.picketlink.identity.federation.core.wstrust.WSTrustRequestContext;
import org.picketlink.identity.federation.core.wstrust.WSTrustUtil;
import org.picketlink.identity.federation.core.wstrust.plugins.saml.SAML20TokenProvider;
import org.picketlink.identity.federation.core.wstrust.plugins.saml.SAMLUtil;
import org.picketlink.identity.federation.core.wstrust.wrappers.Lifetime;
import org.picketlink.identity.federation.core.wstrust.wrappers.RequestSecurityToken;
+import org.picketlink.identity.federation.core.wstrust.writers.WSTrustRequestWriter;
import org.picketlink.identity.federation.saml.v2.assertion.AssertionType;
import org.picketlink.identity.federation.saml.v2.assertion.AudienceRestrictionType;
import org.picketlink.identity.federation.saml.v2.assertion.ConditionsType;
@@ -157,8 +160,7 @@
String tokenTypeAttr = securityRef.getOtherAttributes().get(new QName(WSTrustConstants.WSSE11_NS, "TokenType"));
assertNotNull("Required attribute TokenType is missing", tokenTypeAttr);
assertEquals("TokenType attribute has an unexpected value", SAMLUtil.SAML2_TOKEN_TYPE, tokenTypeAttr);
- JAXBElement<?> keyIdElement = (JAXBElement<?>) securityRef.getAny().get(0);
- KeyIdentifierType keyId = (KeyIdentifierType) keyIdElement.getValue();
+ KeyIdentifierType keyId = (KeyIdentifierType) securityRef.getAny().get(0);
assertEquals("Unexpected key value type", SAMLUtil.SAML2_VALUE_TYPE, keyId.getValueType());
assertNotNull("Unexpected null key identifier value", keyId.getValue());
assertEquals(assertion.getID(), keyId.getValue().substring(1));
@@ -346,7 +348,7 @@
validateTarget.setAny(assertion);
request.setValidateTarget(validateTarget);
// we need to set the request document in the request object for the test.
- DOMSource requestSource = (DOMSource) WSTrustJAXBFactory.getInstance().marshallRequestSecurityToken(request);
+ DOMSource requestSource = (DOMSource) this.createSourceFromRequest(request);
request.setRSTDocument((Document) requestSource.getNode());
WSTrustRequestContext context = new WSTrustRequestContext(request, new TestPrincipal("sguilhen"));
@@ -373,4 +375,12 @@
Certificate certificate = keyStore.getCertificate(certificateAlias);
return certificate;
}
+
+ private Source createSourceFromRequest(RequestSecurityToken request) throws Exception
+ {
+ DOMResult result = new DOMResult(DocumentUtil.createDocument());
+ WSTrustRequestWriter writer = new WSTrustRequestWriter(result);
+ writer.write(request);
+ return new DOMSource(result.getNode());
+ }
}
Deleted: federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/wstrust/STSClientUnitTestCase.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/wstrust/STSClientUnitTestCase.java 2010-11-25 22:20:20 UTC (rev 566)
+++ federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/wstrust/STSClientUnitTestCase.java 2010-11-30 00:32:39 UTC (rev 567)
@@ -1,283 +0,0 @@
-/*
- * JBoss, Home of Professional Open Source.
- * Copyright 2008, Red Hat Middleware LLC, and individual contributors
- * as indicated by the @author tags. See the copyright.txt file in the
- * distribution for a full listing of individual contributors.
- *
- * This is free software; you can redistribute it and/or modify it
- * under the terms of the GNU Lesser General Public License as
- * published by the Free Software Foundation; either version 2.1 of
- * the License, or (at your option) any later version.
- *
- * This software is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public
- * License along with this software; if not, write to the Free
- * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
- * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
- */
-package org.picketlink.test.identity.federation.core.wstrust;
-
-import java.net.MalformedURLException;
-import java.net.URI;
-import java.net.URL;
-import java.security.KeyStore;
-import java.security.PublicKey;
-import java.util.Map;
-
-import javax.xml.bind.JAXBException;
-import javax.xml.namespace.QName;
-import javax.xml.soap.SOAPBody;
-import javax.xml.soap.SOAPEnvelope;
-import javax.xml.soap.SOAPPart;
-import javax.xml.transform.Result;
-import javax.xml.transform.Source;
-import javax.xml.transform.Transformer;
-import javax.xml.transform.TransformerFactory;
-import javax.xml.transform.dom.DOMSource;
-import javax.xml.transform.stream.StreamResult;
-import javax.xml.ws.BindingProvider;
-import javax.xml.ws.Dispatch;
-import javax.xml.ws.Service;
-import javax.xml.ws.Service.Mode;
-import javax.xml.ws.soap.SOAPBinding;
-
-import junit.framework.TestCase;
-
-import org.picketlink.identity.federation.core.wstrust.STSClient;
-import org.picketlink.identity.federation.core.saml.v2.util.DocumentUtil;
-import org.picketlink.identity.federation.core.util.KeyStoreUtil;
-import org.picketlink.identity.federation.core.util.XMLSignatureUtil;
-import org.picketlink.identity.federation.core.wstrust.STSClientConfig;
-import org.picketlink.identity.federation.core.wstrust.WSTrustConstants;
-import org.picketlink.identity.federation.core.wstrust.WSTrustJAXBFactory;
-import org.picketlink.identity.federation.core.wstrust.STSClientConfig.Builder;
-import org.picketlink.identity.federation.core.wstrust.plugins.saml.SAMLUtil;
-import org.picketlink.identity.federation.core.wstrust.wrappers.RequestSecurityToken;
-import org.picketlink.identity.federation.core.wstrust.wrappers.RequestSecurityTokenResponse;
-import org.picketlink.identity.federation.core.wstrust.wrappers.RequestSecurityTokenResponseCollection;
-import org.picketlink.identity.federation.ws.trust.StatusType;
-import org.picketlink.identity.federation.ws.trust.ValidateTargetType;
-import org.w3c.dom.Document;
-import org.w3c.dom.Element;
-import org.w3c.dom.Node;
-import org.w3c.dom.NodeList;
-
-/**
- * Unit tests for WS-Trust STS Clients
- * @author Anil.Saldhana at redhat.com
- * @since Aug 26, 2009
- */
-public class STSClientUnitTestCase extends TestCase
-{
- //Specify whether this test is run as part of build
- private boolean usetest = false;
-
-
- public void testSTS() throws Exception
- {
- if(usetest == false)
- return;
-
- // create a dispatch object to invoke JBoss STSs.
- Dispatch<Source> dispatch = createDispatch();
-
- // create a custom token request message.
- RequestSecurityToken request = new RequestSecurityToken();
- request.setTokenType(URI.create(SAMLUtil.SAML2_TOKEN_TYPE));
- request.setRequestType(URI.create(WSTrustConstants.ISSUE_REQUEST));
- request.setContext("context");
-
- // send the token request to JBoss STS and get the response.
- WSTrustJAXBFactory jaxbFactory = WSTrustJAXBFactory.getInstance();
- DOMSource requestSource = (DOMSource) jaxbFactory.marshallRequestSecurityToken(request);
- Source response = dispatch.invoke(requestSource);
-
- Node documentNode = ((DOMSource) response).getNode();
- Document responseDoc = documentNode instanceof Document ? (Document) documentNode : documentNode.getOwnerDocument();
-
-
- Document myDocument = DocumentUtil.createDocument();
-
- Node importedNode = myDocument.importNode(responseDoc.getDocumentElement(), true);
-
- myDocument.appendChild(importedNode);
-
- NodeList nodes = null;
- if(responseDoc instanceof SOAPPart)
- {
- SOAPPart soapPart = (SOAPPart) responseDoc;
- SOAPEnvelope env = soapPart.getEnvelope();
- SOAPBody body = env.getBody();
- Node data = body.getFirstChild();
- nodes = ((Element)data).getElementsByTagName("RequestedSecurityToken");
- }
- else
- nodes = responseDoc.getElementsByTagNameNS(WSTrustConstants.BASE_NAMESPACE, "RequestedSecurityToken");
-
- assertNotNull("Nodelist not null", nodes);
- Node rstr = nodes.item(0);
- /*RequestSecurityTokenResponseCollection responseCollection = (RequestSecurityTokenResponseCollection) jaxbFactory.parseRequestSecurityTokenResponse(response);
- RequestSecurityTokenResponse tokenResponse = responseCollection.getRequestSecurityTokenResponses().get(0);
-
- // the SAML assertion is returned as an Element.
- Element assertion = (Element) tokenResponse.getRequestedSecurityToken().getAny();*/
- Element assertion = (Element) rstr.getFirstChild();
- System.out.println("NAMESPACE=" + assertion.getNamespaceURI());
-
-// PublicKey key = getValidatingKey();
-// Document validate = DocumentUtil.createDocument();
-// validate.appendChild(validate.importNode(assertion, true));
-// System.out.println("Is token valid? " + XMLSignatureUtil.validate(validate, key));
-
- // print the assertion for demonstration purposes.
- System.out.println("\nSuccessfully issued a standard SAMLV2.0 Assertion!");
- printAssertion(assertion);
-
- ClassLoader tcl = Thread.currentThread().getContextClassLoader();
- KeyStore ks = KeyStoreUtil.getKeyStore(tcl.getResource("keystore/sts_keystore.jks")
- , "testpass".toCharArray());
-
- PublicKey pk = KeyStoreUtil.getPublicKey(ks, "sts", "keypass".toCharArray());
-
- assertNotNull("Public key is not null", pk);
- Document tokenDocument = DocumentUtil.createDocument();
- importedNode = tokenDocument.importNode(assertion, true);
- tokenDocument.appendChild(importedNode);
-
- //System.out.println("Going to validate:" + DocumentUtil.getDocumentAsString(tokenDocument));
- //assertTrue("SignedInfo valid", XMLSignatureUtil.preCheckSignedInfo(tokenDocument));
- //Locally we will validate the assertion
- assertTrue("Recieved assertion sig valid", XMLSignatureUtil.validate(tokenDocument, pk));
-
- // let's validate the received SAML assertion.
- request.getAny().clear();
- request.setTokenType(URI.create(WSTrustConstants.STATUS_TYPE));
- request.setRequestType(URI.create(WSTrustConstants.VALIDATE_REQUEST));
- ValidateTargetType validateTarget = new ValidateTargetType();
- validateTarget.setAny(assertion);
- request.setValidateTarget(validateTarget);
-
- requestSource = (DOMSource) jaxbFactory.marshallRequestSecurityToken(request);
-
- response = dispatch.invoke(requestSource);
- RequestSecurityTokenResponseCollection
- responseCollection = (RequestSecurityTokenResponseCollection) jaxbFactory
- .parseRequestSecurityTokenResponse(response);
- RequestSecurityTokenResponse tokenResponse = responseCollection.getRequestSecurityTokenResponses().get(0);
-
- StatusType status = tokenResponse.getStatus();
- if (status != null)
- {
- String code = status.getCode();
- assertFalse("Signature is valid", WSTrustConstants.STATUS_CODE_INVALID.equals(code));
-
- System.out.println("\n\nSAMLV2.0 Assertion successfuly validated!");
- System.out.println("Validation status code: " + tokenResponse.getStatus().getCode());
- System.out.println("Validation status reason: " + tokenResponse.getStatus().getReason());
- }
- else
- System.out.println("\n\nFailed to validate SAMLV2.0 Assertion");
- }
-
- public void testIssue_Validate_Renew() throws Exception
- {
- if(usetest == false)
- return;
-
- String serviceName = "PicketLinkSTS";
- String portName = "PicketLinkSTSPort";
- String endpointAddress = "http://localhost:8080/jboss-sts/PicketLinkSTS";
- Builder builder = new STSClientConfig.Builder();
- STSClientConfig config = builder.serviceName(serviceName).portName(portName).endpointAddress(endpointAddress).username("admin").password("admin").build();
- STSClient client = new STSClient(config);
- Element token = client.issueToken(SAMLUtil.SAML2_TOKEN_TYPE);
- assertTrue("Token is valid" , client.validateToken(token));
-
- Element renewedToken = client.renewToken(SAMLUtil.SAML2_TOKEN_TYPE, token);
- System.out.println("Renewed Token=" + DocumentUtil.getNodeAsString(renewedToken));
- }
-
- public void testIssue_Validate_Renew_Using_AppliesTo() throws Exception
- {
- if(usetest == false)
- return;
-
- Builder stsConfigBuilder = new STSClientConfig.Builder();
- stsConfigBuilder.serviceName("PicketLinkSTS");
- stsConfigBuilder.portName("PicketLinkSTSPort");
- stsConfigBuilder.endpointAddress("http://localhost:8080/jboss-sts/PicketLinkSTS");
- stsConfigBuilder.username("admin").password("admin");
- STSClient client = new STSClient(stsConfigBuilder.build());
-
- // This endpointURI is specified in src/test/resource/jboss-sts.xml
- String endpointURI = "http://services.testcorp.org/provider2";
-
- Element token = client.issueTokenForEndpoint(endpointURI);
- assertTrue("Token is valid" , client.validateToken(token));
-
- Element renewedToken = client.renewToken(SAMLUtil.SAML2_TOKEN_TYPE, token);
- System.out.println("Renewed Token=" + DocumentUtil.getNodeAsString(renewedToken));
- }
-
- public void testIssue_Neither_AppliesTo_Or_TokenType_Specified()
- {
- if(usetest == false)
- return;
-
- Builder stsConfigBuilder = new STSClientConfig.Builder();
- stsConfigBuilder.serviceName("PicketLinkSTS");
- stsConfigBuilder.portName("PicketLinkSTSPort");
- stsConfigBuilder.endpointAddress("http://localhost:8080/jboss-sts/PicketLinkSTS");
- stsConfigBuilder.username("admin").password("admin");
- STSClient client = new STSClient(stsConfigBuilder.build());
-
- try
- {
- client.issueToken(null, null);
- fail("issueTokenForEndpoint should throw an exception if endpointURI and tokenType are null");
- }
- catch(Exception e)
- {
- assertTrue("Excpetion was not of type IllegalException", e instanceof IllegalArgumentException);
- }
- }
-
-
- private Dispatch<Source> createDispatch() throws MalformedURLException, JAXBException
- {
- // JBoss STS target information.
- String targetNS = "http://org.picketlink.trust/sts/";
- QName serviceName = new QName(targetNS, "PicketLinkSTS");
- QName portName = new QName(targetNS, "PicketLinkSTSPort");
- URL endpointAddress = new URL("http://localhost:8080/jboss-sts/PicketLinkSTS");
-// URL securityConfigURL = new File("jboss-wsse-client.xml").toURI().toURL();
-
- Service service = Service.create(serviceName);
- service.addPort(portName, SOAPBinding.SOAP11HTTP_BINDING, endpointAddress.toExternalForm());
-
- // create the dispatch, setting the client security configuration file.
- Dispatch<Source> dispatch = service.createDispatch(portName, Source.class, Mode.PAYLOAD);
-// ((ConfigProvider) dispatch).setSecurityConfig(securityConfigURL.toExternalForm());
-// ((ConfigProvider) dispatch).setConfigName("Standard WSSecurity Client");
-
- // add the username and password to the request context.
- Map<String, Object> reqContext = dispatch.getRequestContext();
- reqContext.put(BindingProvider.USERNAME_PROPERTY, "admin");
- reqContext.put(BindingProvider.PASSWORD_PROPERTY, "admin");
-
- return dispatch;
- }
-
- private void printAssertion(Element assertion) throws Exception
- {
- TransformerFactory tranFactory = TransformerFactory.newInstance();
- Transformer aTransformer = tranFactory.newTransformer();
- Source src = new DOMSource(assertion);
- Result dest = new StreamResult(System.out);
- aTransformer.transform(src, dest);
- }
-}
\ No newline at end of file
Modified: federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/wstrust/SpecialTokenProvider.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/wstrust/SpecialTokenProvider.java 2010-11-25 22:20:20 UTC (rev 566)
+++ federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/wstrust/SpecialTokenProvider.java 2010-11-30 00:32:39 UTC (rev 567)
@@ -95,10 +95,14 @@
String namespaceURI = "http://www.tokens.org";
Element root = doc.createElementNS(namespaceURI, "token:SpecialToken");
- root.appendChild(doc.createTextNode("Principal:" + caller));
+ Element child = doc.createElementNS(namespaceURI, "token:SpecialTokenValue");
+ child.appendChild(doc.createTextNode("Principal:" + caller));
+ root.appendChild(child);
String id = IDGenerator.create("ID_");
root.setAttributeNS(namespaceURI, "ID", id);
root.setAttributeNS(namespaceURI, "TokenType", tokenType.toString());
+ root.setAttributeNS("http://www.w3.org/2000/xmlns/", "xmlns:token", namespaceURI);
+
doc.appendChild(root);
SecurityToken token = new StandardSecurityToken(tokenType.toString(), root, id);
Deleted: federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/wstrust/WSTrustJAXBFactoryUnitTestCase.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/wstrust/WSTrustJAXBFactoryUnitTestCase.java 2010-11-25 22:20:20 UTC (rev 566)
+++ federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/wstrust/WSTrustJAXBFactoryUnitTestCase.java 2010-11-30 00:32:39 UTC (rev 567)
@@ -1,186 +0,0 @@
-/*
- * JBoss, Home of Professional Open Source.
- * Copyright 2009, Red Hat Middleware LLC, and individual contributors
- * as indicated by the @author tags. See the copyright.txt file in the
- * distribution for a full listing of individual contributors.
- *
- * This is free software; you can redistribute it and/or modify it
- * under the terms of the GNU Lesser General Public License as
- * published by the Free Software Foundation; either version 2.1 of
- * the License, or (at your option) any later version.
- *
- * This software is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public
- * License along with this software; if not, write to the Free
- * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
- * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
- */
-package org.picketlink.test.identity.federation.core.wstrust;
-
-import java.net.URI;
-
-import javax.xml.transform.Source;
-import javax.xml.transform.dom.DOMSource;
-
-import junit.framework.TestCase;
-
-import org.picketlink.identity.federation.core.saml.v2.util.DocumentUtil;
-import org.picketlink.identity.federation.core.wstrust.WSTrustJAXBFactory;
-import org.picketlink.identity.federation.core.wstrust.wrappers.BaseRequestSecurityToken;
-import org.picketlink.identity.federation.core.wstrust.wrappers.BaseRequestSecurityTokenResponse;
-import org.picketlink.identity.federation.core.wstrust.wrappers.RequestSecurityToken;
-import org.picketlink.identity.federation.core.wstrust.wrappers.RequestSecurityTokenResponse;
-import org.picketlink.identity.federation.core.wstrust.wrappers.RequestSecurityTokenResponseCollection;
-import org.w3c.dom.Document;
-
-/**
- * <p>
- * This {@code TestCase} tests the methods of the {@code WSTrustJAXBFactory}.
- * </p>
- *
- * @author <a href="mailto:sguilhen at redhat.com">Stefan Guilhen</a>
- */
-public class WSTrustJAXBFactoryUnitTestCase extends TestCase
-{
-
- /**
- * <p>
- * Tests parsing a WS-Trust request message.
- * </p>
- *
- * @throws Exception
- * if an error occurs while running the test.
- */
- public void testParseRequestSecurityToken() throws Exception
- {
- // load a sample ws-trust request from a test file.
- Document document = DocumentUtil
- .getDocument(this.getClass().getResourceAsStream("/wstrust/ws-trust-request.xml"));
-
- // encapsulate the request in a source object.
- Source source = new DOMSource(document);
-
- // parse the request using the WSTrustJAXBFactory.
- WSTrustJAXBFactory factory = WSTrustJAXBFactory.getInstance();
- BaseRequestSecurityToken baseRequest = factory.parseRequestSecurityToken(source);
- assertNotNull("Unexpected null request message", baseRequest);
-
- // check the contents of the parsed request.
- assertTrue("Unexpected request message type", baseRequest instanceof RequestSecurityToken);
- RequestSecurityToken parsedRequest = (RequestSecurityToken) baseRequest;
- assertEquals("Unexpected context name", "testcontext", parsedRequest.getContext());
- assertEquals("Unexpected token type", "http://www.tokens.org/SpecialToken", parsedRequest.getTokenType().toString());
- assertEquals("Unexpected request type", "http://docs.oasis-open.org/ws-sx/ws-trust/200512/Issue", parsedRequest
- .getRequestType().toString());
- }
-
- /**
- * <p>
- * Tests parsing a WS-Trust response message.
- * </p>
- *
- * @throws Exception
- * if an error occurs while running the test.
- */
- public void testParseRequestSecurityTokenResponse() throws Exception
- {
- // load a ws-trust response from a file.
- Document document = DocumentUtil.getDocument(this.getClass()
- .getResourceAsStream("/wstrust/ws-trust-response.xml"));
-
- // encapsulate the response in a source object.
- Source source = new DOMSource(document);
-
- // parse the response using the WSTrustJAXBFactory.
- WSTrustJAXBFactory factory = WSTrustJAXBFactory.getInstance();
- BaseRequestSecurityTokenResponse baseResponse = factory.parseRequestSecurityTokenResponse(source);
- assertNotNull("Unexpected null response message", baseResponse);
-
- // check the contents of the parsed response.
- assertTrue("Unexpected response message type", baseResponse instanceof RequestSecurityTokenResponseCollection);
- RequestSecurityTokenResponseCollection parsedCollection = (RequestSecurityTokenResponseCollection) baseResponse;
- assertNotNull("Unexpected null response list", parsedCollection.getRequestSecurityTokenResponses());
- assertEquals("Unexpected number of responses", 1, parsedCollection.getRequestSecurityTokenResponses().size());
-
- RequestSecurityTokenResponse parsedResponse = parsedCollection.getRequestSecurityTokenResponses().get(0);
- assertEquals("Unexpected context name", "testcontext", parsedResponse.getContext());
- assertEquals("Unexpected token type", "http://www.tokens.org/SpecialToken", parsedResponse.getTokenType()
- .toString());
- assertFalse(parsedResponse.isForwardable());
- }
-
- /**
- * <p>
- * Tests the marshalling of a WS-Trust request.
- * </p>
- *
- * @throws Exception
- * if an error occurs while running the test.
- */
- public void testMarshallRequestSecurityToken() throws Exception
- {
- // create a request object.
- RequestSecurityToken request = new RequestSecurityToken();
- request.setContext("testcontext");
- request.setTokenType(new URI("http://www.tokens.org/SpecialToken"));
- request.setRequestType(new URI("http://docs.oasis-open.org/ws-sx/ws-trust/200512/Issue"));
-
- // use the factory to marshall the request.
- WSTrustJAXBFactory factory = WSTrustJAXBFactory.getInstance();
- Source source = factory.marshallRequestSecurityToken(request);
- assertNotNull("Unexpected null source", source);
- assertTrue("Unexpected source type", source instanceof DOMSource);
-
- // at this point we know that the parsing works, so parse the generated source and compare to the original request.
- BaseRequestSecurityToken baseRequest = factory.parseRequestSecurityToken(source);
- assertNotNull("Unexpected null value for the parsed request", baseRequest);
- assertTrue("Unexpected parsed request type", baseRequest instanceof RequestSecurityToken);
- RequestSecurityToken parsedRequest = (RequestSecurityToken) baseRequest;
- assertEquals("Unexpected context value", request.getContext(), parsedRequest.getContext());
- assertTrue("Unexpected token type", request.getTokenType().equals(parsedRequest.getTokenType()));
- assertTrue("Unexpected request type", request.getRequestType().equals(parsedRequest.getRequestType()));
- }
-
- /**
- * <p>
- * Tests the marshalling of a WS-Trust response.
- * </p>
- *
- * @throws Exception
- * if an error occurs while running the test.
- */
- public void testMarshallRequestSecurityTokenResponse() throws Exception
- {
- // create a sample ws-trust response message.
- RequestSecurityTokenResponse response = new RequestSecurityTokenResponse();
- response.setContext("testcontext");
- response.setTokenType(new URI("http://www.tokens.org/SpecialToken"));
- response.setForwardable(false);
-
- RequestSecurityTokenResponseCollection collection = new RequestSecurityTokenResponseCollection();
- collection.addRequestSecurityTokenResponse(response);
-
- // use the factory to marshall the response.
- WSTrustJAXBFactory factory = WSTrustJAXBFactory.getInstance();
- Source source = factory.marshallRequestSecurityTokenResponse(collection);
- assertNotNull("Unexpected null source", source);
- assertTrue("Unexpected source type", source instanceof DOMSource);
-
- // at this point we know that the parsing works, so parse the generated source and compare to the original response.
- BaseRequestSecurityTokenResponse baseResponse = factory.parseRequestSecurityTokenResponse(source);
- assertNotNull("Unexpected null value for the parsed response", baseResponse);
- assertTrue("Unexpected parsed request type", baseResponse instanceof RequestSecurityTokenResponseCollection);
- RequestSecurityTokenResponseCollection parsedCollection = (RequestSecurityTokenResponseCollection) baseResponse;
- assertNotNull("Unexpected null response list", parsedCollection.getRequestSecurityTokenResponses());
- assertEquals("Unexpected number of responses", 1, parsedCollection.getRequestSecurityTokenResponses().size());
-
- RequestSecurityTokenResponse parsedResponse = parsedCollection.getRequestSecurityTokenResponses().get(0);
- assertEquals("Unexpected context value", response.getContext(), parsedResponse.getContext());
- assertTrue("Unexpected token type", response.getTokenType().equals(parsedResponse.getTokenType()));
- assertFalse(parsedResponse.isForwardable());
- }
-}
Added: federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/ws/trust/ComputedKeyType.java
===================================================================
--- federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/ws/trust/ComputedKeyType.java (rev 0)
+++ federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/ws/trust/ComputedKeyType.java 2010-11-30 00:32:39 UTC (rev 567)
@@ -0,0 +1,72 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2009, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.picketlink.identity.federation.ws.trust;
+
+public class ComputedKeyType
+{
+ private String algorithm;
+
+ /**
+ * <p>
+ * Creates an instance of {@code ComputedKeyType}.
+ * </p>
+ */
+ public ComputedKeyType()
+ {
+ }
+
+ /**
+ * <p>
+ * Creates an instance of {@code ComputedKeyType} with the specified algorithm.
+ * </p>
+ *
+ * @param algorithm the computed key algorithm.
+ */
+ public ComputedKeyType(String algorithm)
+ {
+ this.algorithm = algorithm;
+ }
+
+ /**
+ * <p>
+ * Obtains the algorithm used to compute the shared secret key.
+ * </p>
+ *
+ * @return a {@code String} representing the computed key algorithm.
+ */
+ public String getAlgorithm()
+ {
+ return this.algorithm;
+ }
+
+ /**
+ * <p>
+ * Sets the algorithm used to compute the shared secret key.
+ * </p>
+ *
+ * @param algorithm a {@code String} representing the computed key algorithm.
+ */
+ public void setAlgorithm(String algorithm)
+ {
+ this.algorithm = algorithm;
+ }
+}
More information about the jboss-cvs-commits
mailing list