[jboss-cvs] Picketlink SVN: r569 - in federation/trunk/picketlink-fed-core/src: main/java/org/picketlink/identity/federation/core/parsers/saml and 19 other directories.
jboss-cvs-commits at lists.jboss.org
jboss-cvs-commits at lists.jboss.org
Tue Nov 30 11:06:24 EST 2010
Author: anil.saldhana at jboss.com
Date: 2010-11-30 11:06:20 -0500 (Tue, 30 Nov 2010)
New Revision: 569
Added:
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/util/NetworkUtil.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/writers/WSTrustRSTWriter.java
Modified:
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/factories/XACMLContextFactory.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLAssertionParser.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLAuthNRequestParser.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLRequestAbstractParser.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLSloRequestParser.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLSubjectParser.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/util/SAMLParserUtil.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/common/StatementLocal.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/constants/JBossSAMLConstants.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/factories/JBossSAMLAuthnRequestFactory.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/factories/JBossSAMLAuthnResponseFactory.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/factories/JBossSAMLBaseFactory.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/factories/SAMLAssertionFactory.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/holders/IssuerInfoHolder.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/impl/DefaultSAML2HandlerRequest.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/interfaces/SAML2HandlerRequest.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/util/AssertionUtil.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/util/JAXBElementMappingUtil.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/util/SOAPSAMLXACMLUtil.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/util/StatementUtil.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/BaseWriter.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/SAMLAssertionWriter.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/SAMLRequestWriter.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/SAMLResponseWriter.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/util/StaxUtil.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/StandardRequestHandler.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/plugins/saml/SAML20TokenAttributeProvider.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/plugins/saml/SAML20TokenProvider.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/plugins/saml/SAMLUtil.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/writers/WSPolicyWriter.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/writers/WSTrustRequestWriter.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/writers/WSTrustResponseWriter.java
federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/identity/federation/core/wstrust/auth/Util.java
federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/saml/SAMLAssertionParserTestCase.java
federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/saml/SAMLAuthnRequestParserTestCase.java
federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/saml/SAMLResponseParserTestCase.java
federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/saml/SAMLSloRequestParserTestCase.java
federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/saml/SAMLSloResponseParserTestCase.java
federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/wst/WSTResponseAssertionHOKCertificateTestCase.java
federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/saml/v2/X500AttributeUnitTestCase.java
federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/saml/v2/util/AssertionUtilUnitTestCase.java
federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/wstrust/PicketLinkSTSUnitTestCase.java
federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/wstrust/SAML20TokenProviderUnitTestCase.java
Log:
updated saml object model
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/factories/XACMLContextFactory.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/factories/XACMLContextFactory.java 2010-11-30 16:03:56 UTC (rev 568)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/factories/XACMLContextFactory.java 2010-11-30 16:06:20 UTC (rev 569)
@@ -21,11 +21,9 @@
*/
package org.picketlink.identity.federation.core.factories;
-import org.picketlink.identity.federation.core.saml.v2.util.SOAPSAMLXACMLUtil;
-import org.picketlink.identity.federation.saml.v2.profiles.xacml.assertion.XACMLAuthzDecisionStatementType;
-import org.jboss.security.xacml.core.model.context.ObjectFactory;
import org.jboss.security.xacml.core.model.context.RequestType;
import org.jboss.security.xacml.core.model.context.ResponseType;
+import org.picketlink.identity.federation.newmodel.saml.v2.profiles.xacml.assertion.XACMLAuthzDecisionStatementType;
/**
@@ -34,14 +32,7 @@
* @since Jul 30, 2009
*/
public class XACMLContextFactory
-{
- private static ObjectFactory _objectFactory = new ObjectFactory();
-
- public static ObjectFactory getObjectFactory()
- {
- return _objectFactory;
- }
-
+{
/**
* Create an XACML Authorization Decision Statement Type
* @param request
@@ -51,7 +42,7 @@
public static XACMLAuthzDecisionStatementType createXACMLAuthzDecisionStatementType(RequestType request,
ResponseType response)
{
- XACMLAuthzDecisionStatementType xacmlStatement = SOAPSAMLXACMLUtil.createXACMLAuthzDecisionStatementType();
+ XACMLAuthzDecisionStatementType xacmlStatement = new XACMLAuthzDecisionStatementType();
xacmlStatement.setRequest(request);
xacmlStatement.setResponse(response);
return xacmlStatement;
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLAssertionParser.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLAssertionParser.java 2010-11-30 16:03:56 UTC (rev 568)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLAssertionParser.java 2010-11-30 16:06:20 UTC (rev 569)
@@ -21,6 +21,7 @@
*/
package org.picketlink.identity.federation.core.parsers.saml;
+import javax.xml.datatype.XMLGregorianCalendar;
import javax.xml.namespace.QName;
import javax.xml.stream.XMLEventReader;
import javax.xml.stream.events.Attribute;
@@ -34,13 +35,8 @@
import org.picketlink.identity.federation.core.parsers.util.StaxParserUtil;
import org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLConstants;
import org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLURIConstants;
-import org.picketlink.identity.federation.core.saml.v2.util.XMLTimeUtil;
-import org.picketlink.identity.federation.saml.v2.assertion.AssertionType;
-import org.picketlink.identity.federation.saml.v2.assertion.AttributeStatementType;
-import org.picketlink.identity.federation.saml.v2.assertion.AuthnStatementType;
-import org.picketlink.identity.federation.saml.v2.assertion.ConditionsType;
-import org.picketlink.identity.federation.saml.v2.assertion.NameIDType;
-import org.picketlink.identity.federation.saml.v2.assertion.SubjectType;
+import org.picketlink.identity.federation.core.saml.v2.util.XMLTimeUtil;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.*;
/**
* Parse the saml assertion
@@ -121,12 +117,12 @@
else if( JBossSAMLConstants.AUTHN_STATEMENT.get().equalsIgnoreCase( tag ) )
{
AuthnStatementType authnStatementType = SAMLParserUtil.parseAuthnStatement( xmlEventReader );
- assertion.getStatementOrAuthnStatementOrAuthzDecisionStatement().add( authnStatementType );
+ assertion.addStatement(authnStatementType);
}
else if( JBossSAMLConstants.ATTRIBUTE_STATEMENT.get().equalsIgnoreCase( tag ) )
{
- AttributeStatementType attributeStatementType = SAMLParserUtil.parseAttributeStatement( xmlEventReader );
- assertion.getStatementOrAuthnStatementOrAuthzDecisionStatement().add( attributeStatementType );
+ AttributeStatementType attributeStatementType = SAMLParserUtil.parseAttributeStatement( xmlEventReader );
+ assertion.addStatement(attributeStatementType);
}
else throw new RuntimeException( "SAMLAssertionParser:: unknown: " + tag );
}
@@ -147,19 +143,15 @@
private AssertionType parseBaseAttributes( StartElement nextElement ) throws ParsingException
{
- AssertionType assertion = new AssertionType();
Attribute idAttribute = nextElement.getAttributeByName( new QName( JBossSAMLConstants.ID.get() ) );
- assertion.setID( StaxParserUtil.getAttributeValue( idAttribute ));
+ String id = StaxParserUtil.getAttributeValue( idAttribute );
Attribute versionAttribute = nextElement.getAttributeByName( new QName( JBossSAMLConstants.VERSION.get() ));
- assertion.setVersion( StaxParserUtil.getAttributeValue(versionAttribute) );
+ String version = StaxParserUtil.getAttributeValue(versionAttribute) ;
Attribute issueInstantAttribute = nextElement.getAttributeByName( new QName( JBossSAMLConstants.ISSUE_INSTANT.get() ));
- if( issueInstantAttribute != null )
- {
- assertion.setIssueInstant( XMLTimeUtil.parse( StaxParserUtil.getAttributeValue(issueInstantAttribute )));
- }
+ XMLGregorianCalendar issueInstant = XMLTimeUtil.parse( StaxParserUtil.getAttributeValue(issueInstantAttribute ));
- return assertion;
+ return new AssertionType( id, issueInstant, version );
}
}
\ No newline at end of file
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLAuthNRequestParser.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLAuthNRequestParser.java 2010-11-30 16:03:56 UTC (rev 568)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLAuthNRequestParser.java 2010-11-30 16:06:20 UTC (rev 569)
@@ -30,9 +30,10 @@
import org.picketlink.identity.federation.core.parsers.ParserNamespaceSupport;
import org.picketlink.identity.federation.core.parsers.util.StaxParserUtil;
import org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLConstants;
-import org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLURIConstants;
-import org.picketlink.identity.federation.saml.v2.protocol.AuthnRequestType;
-import org.picketlink.identity.federation.saml.v2.protocol.NameIDPolicyType;
+import org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLURIConstants;
+import org.picketlink.identity.federation.core.util.NetworkUtil;
+import org.picketlink.identity.federation.newmodel.saml.v2.protocol.AuthnRequestType;
+import org.picketlink.identity.federation.newmodel.saml.v2.protocol.NameIDPolicyType;
/**
* Parse the SAML2 AuthnRequest
@@ -93,7 +94,11 @@
Attribute assertionConsumerServiceURL = startElement.getAttributeByName( new QName( "AssertionConsumerServiceURL" ));
if( assertionConsumerServiceURL != null )
- authnRequest.setAssertionConsumerServiceURL( StaxParserUtil.getAttributeValue( assertionConsumerServiceURL ));
+ {
+ String uri = StaxParserUtil.getAttributeValue( assertionConsumerServiceURL );
+ authnRequest.setAssertionConsumerServiceURL( NetworkUtil.createURI(uri));
+ }
+
Attribute assertionConsumerServiceIndex = startElement.getAttributeByName( new QName( "AssertionConsumerServiceIndex" ));
if( assertionConsumerServiceIndex != null )
@@ -101,7 +106,7 @@
Attribute protocolBinding = startElement.getAttributeByName( new QName( "ProtocolBinding" ));
if( protocolBinding != null )
- authnRequest.setProtocolBinding( StaxParserUtil.getAttributeValue( protocolBinding ));
+ authnRequest.setProtocolBinding( NetworkUtil.createURI( StaxParserUtil.getAttributeValue( protocolBinding )));
Attribute providerName = startElement.getAttributeByName( new QName( "ProviderName" ));
if( providerName != null )
@@ -136,7 +141,7 @@
NameIDPolicyType nameIDPolicy = new NameIDPolicyType();
Attribute format = startElement.getAttributeByName( new QName( "Format" ));
if( format != null )
- nameIDPolicy.setFormat( StaxParserUtil.getAttributeValue( format ));
+ nameIDPolicy.setFormat( NetworkUtil.createURI( StaxParserUtil.getAttributeValue( format )));
Attribute allowCreate = startElement.getAttributeByName( new QName( "AllowCreate" ));
if( allowCreate != null )
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLRequestAbstractParser.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLRequestAbstractParser.java 2010-11-30 16:03:56 UTC (rev 568)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLRequestAbstractParser.java 2010-11-30 16:06:20 UTC (rev 569)
@@ -29,9 +29,10 @@
import org.picketlink.identity.federation.core.exceptions.ParsingException;
import org.picketlink.identity.federation.core.parsers.util.StaxParserUtil;
import org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLConstants;
-import org.picketlink.identity.federation.core.saml.v2.util.XMLTimeUtil;
-import org.picketlink.identity.federation.saml.v2.assertion.NameIDType;
-import org.picketlink.identity.federation.saml.v2.protocol.RequestAbstractType;
+import org.picketlink.identity.federation.core.saml.v2.util.XMLTimeUtil;
+import org.picketlink.identity.federation.core.util.NetworkUtil;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.NameIDType;
+import org.picketlink.identity.federation.newmodel.saml.v2.protocol.RequestAbstractType;
/**
* Base Class for SAML Request Parsing
@@ -65,7 +66,7 @@
Attribute destination = startElement.getAttributeByName( new QName( "Destination" ));
if( destination != null )
- request.setDestination( StaxParserUtil.getAttributeValue( destination ));
+ request.setDestination( NetworkUtil.createURI( StaxParserUtil.getAttributeValue( destination )));
Attribute consent = startElement.getAttributeByName( new QName( "Consent" ));
if( consent != null )
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLSloRequestParser.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLSloRequestParser.java 2010-11-30 16:03:56 UTC (rev 568)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLSloRequestParser.java 2010-11-30 16:06:20 UTC (rev 569)
@@ -33,8 +33,8 @@
import org.picketlink.identity.federation.core.parsers.ParserNamespaceSupport;
import org.picketlink.identity.federation.core.parsers.util.StaxParserUtil;
import org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLConstants;
-import org.picketlink.identity.federation.core.saml.v2.util.XMLTimeUtil;
-import org.picketlink.identity.federation.saml.v2.protocol.LogoutRequestType;
+import org.picketlink.identity.federation.core.saml.v2.util.XMLTimeUtil;
+import org.picketlink.identity.federation.newmodel.saml.v2.protocol.LogoutRequestType;
/**
* Parse the Single Log Out requests
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLSubjectParser.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLSubjectParser.java 2010-11-30 16:03:56 UTC (rev 568)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLSubjectParser.java 2010-11-30 16:06:20 UTC (rev 569)
@@ -35,15 +35,13 @@
import org.picketlink.identity.federation.core.parsers.util.StaxParserUtil;
import org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLConstants;
import org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLURIConstants;
-import org.picketlink.identity.federation.core.saml.v2.factories.SAMLAssertionFactory;
import org.picketlink.identity.federation.core.saml.v2.util.XMLTimeUtil;
import org.picketlink.identity.federation.core.wstrust.WSTrustConstants;
-import org.picketlink.identity.federation.saml.v2.assertion.AttributeStatementType;
-import org.picketlink.identity.federation.saml.v2.assertion.NameIDType;
-import org.picketlink.identity.federation.saml.v2.assertion.ObjectFactory;
-import org.picketlink.identity.federation.saml.v2.assertion.SubjectConfirmationDataType;
-import org.picketlink.identity.federation.saml.v2.assertion.SubjectConfirmationType;
-import org.picketlink.identity.federation.saml.v2.assertion.SubjectType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.NameIDType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.SubjectConfirmationDataType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.SubjectConfirmationType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.SubjectType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.SubjectType.STSubType;
import org.picketlink.identity.xmlsec.w3.xmldsig.KeyInfoType;
import org.picketlink.identity.xmlsec.w3.xmldsig.X509DataType;
@@ -53,9 +51,7 @@
* @since Oct 12, 2010
*/
public class SAMLSubjectParser implements ParserNamespaceSupport
-{
- private ObjectFactory objectFactory = new ObjectFactory();
-
+{
/**
* @see {@link ParserNamespaceSupport#parse(XMLEventReader)}
*/
@@ -85,8 +81,9 @@
if( JBossSAMLConstants.NAMEID.get().equalsIgnoreCase( tag ) )
{
NameIDType nameID = SAMLParserUtil.parseNameIDType(xmlEventReader);
- JAXBElement<NameIDType> jaxbNameID = objectFactory.createNameID( nameID );
- subject.getContent().add( jaxbNameID );
+ STSubType subType = new STSubType();
+ subType.addBaseID(nameID);
+ subject.setSubType( subType );
}
else if( JBossSAMLConstants.SUBJECT_CONFIRMATION.get().equalsIgnoreCase( tag ) )
{
@@ -114,8 +111,7 @@
}
}
- JAXBElement<SubjectConfirmationType> jaxbSubjectConf = objectFactory.createSubjectConfirmation( subjectConfirmationType );
- subject.getContent().add(jaxbSubjectConf);
+ subject.addConfirmation(subjectConfirmationType);
//Get the end tag
EndElement endElement = (EndElement) StaxParserUtil.getNextEvent(xmlEventReader);
@@ -123,9 +119,10 @@
}
else if( JBossSAMLConstants.ATTRIBUTE_STATEMENT.get().equals( tag ))
{
- AttributeStatementType attributeStatement = SAMLParserUtil.parseAttributeStatement(xmlEventReader);
+ throw new RuntimeException( "NYI" );
+ /*AttributeStatementType attributeStatement = SAMLParserUtil.parseAttributeStatement(xmlEventReader);
JAXBElement<?> jaxbEl = SAMLAssertionFactory.getObjectFactory().createAttributeStatement(attributeStatement);
- subject.getContent().add( jaxbEl );
+ subject.getContent().add( jaxbEl );*/
}
else throw new RuntimeException( "Unknown tag:" + tag );
}
@@ -143,8 +140,7 @@
return nsURI.equals( JBossSAMLURIConstants.ASSERTION_NSURI.get() )
&& localPart.equals( JBossSAMLConstants.SUBJECT.get() );
}
-
- @SuppressWarnings({"unchecked", "rawtypes"})
+
private SubjectConfirmationDataType parseSubjectConfirmationData( XMLEventReader xmlEventReader ) throws ParsingException
{
StartElement startElement = StaxParserUtil.getNextStartElement(xmlEventReader);
@@ -189,11 +185,8 @@
String tag = StaxParserUtil.getStartElementName(startElement);
if( tag.equals( WSTrustConstants.XMLDSig.KEYINFO ))
{
- KeyInfoType keyInfo = parseKeyInfo(xmlEventReader);
- QName qname = new QName( WSTrustConstants.XMLDSig.DSIG_NS, WSTrustConstants.XMLDSig.KEYINFO,
- WSTrustConstants.XMLDSig.DSIG_PREFIX );
- JAXBElement<?> jaxb = new JAXBElement(qname, KeyInfoType.class, keyInfo );
- subjectConfirmationData.getContent().add( jaxb );
+ KeyInfoType keyInfo = parseKeyInfo(xmlEventReader);
+ subjectConfirmationData.setAnyType(keyInfo);
}
}
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/util/SAMLParserUtil.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/util/SAMLParserUtil.java 2010-11-30 16:03:56 UTC (rev 568)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/util/SAMLParserUtil.java 2010-11-30 16:06:20 UTC (rev 569)
@@ -21,7 +21,7 @@
*/
package org.picketlink.identity.federation.core.parsers.util;
-import javax.xml.bind.JAXBElement;
+import javax.xml.datatype.XMLGregorianCalendar;
import javax.xml.namespace.QName;
import javax.xml.stream.XMLEventReader;
import javax.xml.stream.events.Attribute;
@@ -31,13 +31,16 @@
import org.picketlink.identity.federation.core.exceptions.ParsingException;
import org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLConstants;
import org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLURIConstants;
-import org.picketlink.identity.federation.core.saml.v2.factories.SAMLAssertionFactory;
import org.picketlink.identity.federation.core.saml.v2.util.XMLTimeUtil;
-import org.picketlink.identity.federation.saml.v2.assertion.AttributeStatementType;
-import org.picketlink.identity.federation.saml.v2.assertion.AttributeType;
-import org.picketlink.identity.federation.saml.v2.assertion.AuthnContextType;
-import org.picketlink.identity.federation.saml.v2.assertion.AuthnStatementType;
-import org.picketlink.identity.federation.saml.v2.assertion.NameIDType;
+import org.picketlink.identity.federation.core.util.NetworkUtil;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AttributeStatementType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AttributeStatementType.ASTChoiceType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AttributeType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AuthnContextClassRefType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AuthnContextDeclType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AuthnContextType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AuthnStatementType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.NameIDType;
/**
* Utility methods for SAML Parser
@@ -68,7 +71,7 @@
if( JBossSAMLConstants.ATTRIBUTE.get().equals( tag ) )
{
AttributeType attribute = parseAttribute(xmlEventReader);
- attributeStatementType.getAttributeOrEncryptedAttribute().add( attribute );
+ attributeStatementType.addAttribute( new ASTChoiceType( attribute ));
}
else throw new RuntimeException( "Unknown tag:" + tag );
}
@@ -165,7 +168,6 @@
*/
public static AuthnStatementType parseAuthnStatement( XMLEventReader xmlEventReader ) throws ParsingException
{
- AuthnStatementType authnStatementType = new AuthnStatementType();
StartElement startElement = StaxParserUtil.getNextStartElement(xmlEventReader);
String AUTHNSTATEMENT = JBossSAMLConstants.AUTHN_STATEMENT.get();
@@ -174,7 +176,9 @@
Attribute authnInstant = startElement.getAttributeByName( new QName( "AuthnInstant" ));
if( authnInstant == null )
throw new RuntimeException( "Required attribute AuthnInstant in " + AUTHNSTATEMENT );
- authnStatementType.setAuthnInstant( XMLTimeUtil.parse( StaxParserUtil.getAttributeValue( authnInstant )));
+
+ XMLGregorianCalendar issueInstant = XMLTimeUtil.parse( StaxParserUtil.getAttributeValue( authnInstant ));
+ AuthnStatementType authnStatementType = new AuthnStatementType( issueInstant );
Attribute sessionIndex = startElement.getAttributeByName( new QName( "SessionIndex" ));
if( sessionIndex != null )
@@ -216,8 +220,8 @@
{
String text = StaxParserUtil.getElementText( xmlEventReader );
- JAXBElement<?> acDeclRef = SAMLAssertionFactory.getObjectFactory().createAuthnContextDeclRef( text );
- authnContextType.getContent().add(acDeclRef);
+ AuthnContextDeclType aAuthnContextDeclType = new AuthnContextDeclType( NetworkUtil.createURI(text));
+ authnContextType.addURIType(aAuthnContextDeclType);
EndElement endElement = StaxParserUtil.getNextEndElement(xmlEventReader);
StaxParserUtil.validate(endElement, JBossSAMLConstants.AUTHN_CONTEXT.get() );
}
@@ -225,8 +229,8 @@
{
String text = StaxParserUtil.getElementText( xmlEventReader );
- JAXBElement<?> acDeclRef = SAMLAssertionFactory.getObjectFactory().createAuthnContextClassRef(text );
- authnContextType.getContent().add(acDeclRef);
+ AuthnContextClassRefType aAuthnContextClassRefType = new AuthnContextClassRefType( NetworkUtil.createURI(text));
+ authnContextType.addURIType( aAuthnContextClassRefType );
EndElement endElement = StaxParserUtil.getNextEndElement(xmlEventReader);
StaxParserUtil.validate(endElement, JBossSAMLConstants.AUTHN_CONTEXT.get() );
}
@@ -256,7 +260,7 @@
Attribute format = nameIDElement.getAttributeByName( new QName( JBossSAMLConstants.FORMAT.get() ));
if( format != null )
{
- nameID.setFormat( StaxParserUtil.getAttributeValue( format ));
+ nameID.setFormat( NetworkUtil.createURI( StaxParserUtil.getAttributeValue( format )) );
}
Attribute spProvidedID = nameIDElement.getAttributeByName( new QName( JBossSAMLConstants.SP_PROVIDED_ID.get() ));
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/common/StatementLocal.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/common/StatementLocal.java 2010-11-30 16:03:56 UTC (rev 568)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/common/StatementLocal.java 2010-11-30 16:06:20 UTC (rev 569)
@@ -21,9 +21,9 @@
*/
package org.picketlink.identity.federation.core.saml.v2.common;
-import java.util.List;
+import java.util.Set;
-import org.picketlink.identity.federation.saml.v2.assertion.StatementAbstractType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.StatementAbstractType;
/**
* Thread Local holding the statements
@@ -33,6 +33,6 @@
*/
public class StatementLocal
{
- public static ThreadLocal<List<StatementAbstractType>> statements
- = new InheritableThreadLocal<List<StatementAbstractType>>();
+ public static ThreadLocal<Set<StatementAbstractType>> statements
+ = new InheritableThreadLocal<Set<StatementAbstractType>>();
}
\ No newline at end of file
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/constants/JBossSAMLConstants.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/constants/JBossSAMLConstants.java 2010-11-30 16:03:56 UTC (rev 568)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/constants/JBossSAMLConstants.java 2010-11-30 16:06:20 UTC (rev 569)
@@ -38,7 +38,9 @@
AUDIENCE( "Audience" ),
AUDIENCE_RESTRICTION( "AudienceRestriction" ),
AUTHN_CONTEXT( "AuthnContext" ),
+ AUTHENTICATING_AUTHORITY( "AuthenticatingAuthority" ),
AUTHN_CONTEXT_CLASS_REF( "AuthnContextClassRef" ),
+ AUTHN_CONTEXT_DECLARATION( "AuthnContextDecl" ),
AUTHN_CONTEXT_DECLARATION_REF( "AuthnContextDeclRef" ),
AUTHN_INSTANT( "AuthnInstant" ),
AUTHN_REQUEST( "AuthnRequest" ),
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/factories/JBossSAMLAuthnRequestFactory.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/factories/JBossSAMLAuthnRequestFactory.java 2010-11-30 16:03:56 UTC (rev 568)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/factories/JBossSAMLAuthnRequestFactory.java 2010-11-30 16:06:20 UTC (rev 569)
@@ -21,7 +21,6 @@
*/
package org.picketlink.identity.federation.core.saml.v2.factories;
-import javax.xml.bind.JAXBElement;
import javax.xml.bind.JAXBException;
import javax.xml.bind.Marshaller;
import javax.xml.bind.Unmarshaller;
@@ -31,8 +30,9 @@
import org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLConstants;
import org.picketlink.identity.federation.core.saml.v2.util.XMLTimeUtil;
import org.picketlink.identity.federation.core.util.JAXBUtil;
-import org.picketlink.identity.federation.saml.v2.assertion.NameIDType;
-import org.picketlink.identity.federation.saml.v2.protocol.AuthnRequestType;
+import org.picketlink.identity.federation.core.util.NetworkUtil;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.NameIDType;
+import org.picketlink.identity.federation.newmodel.saml.v2.protocol.AuthnRequestType;
import org.xml.sax.SAXException;
/**
@@ -46,16 +46,6 @@
private static String schemaLocation = "schema/saml/v2/saml-schema-protocol-2.0.xsd";
/**
- * Create a AuthnRequestType
- * @return
- */
- public static AuthnRequestType createAuthnRequestType()
- {
- AuthnRequestType authnRequestType = SAMLProtocolFactory.getObjectFactory().createAuthnRequestType();
- return authnRequestType;
- }
-
- /**
* Create an AuthnRequestType
* @param id Id of the request
* @param assertionConsumerURL URL of the requestor where the response assertion is requested
@@ -68,32 +58,21 @@
{
XMLGregorianCalendar issueInstant = XMLTimeUtil.getIssueInstant();
- AuthnRequestType authnRequest = SAMLProtocolFactory.getObjectFactory().createAuthnRequestType();
+ AuthnRequestType authnRequest = new AuthnRequestType();
authnRequest.setID(id);
authnRequest.setVersion(JBossSAMLConstants.VERSION_2_0.get());
- authnRequest.setAssertionConsumerServiceURL(assertionConsumerURL);
- authnRequest.setProtocolBinding(JBossSAMLConstants.HTTP_POST_BINDING.get());
- authnRequest.setDestination(destination);
+ authnRequest.setAssertionConsumerServiceURL( NetworkUtil.createURI( assertionConsumerURL ));
+ authnRequest.setProtocolBinding( NetworkUtil.createURI( JBossSAMLConstants.HTTP_POST_BINDING.get() ));
+ authnRequest.setDestination( NetworkUtil.createURI( destination ));
authnRequest.setIssueInstant(issueInstant);
//Create an issuer
- NameIDType issuer = JBossSAMLBaseFactory.createNameID();
+ NameIDType issuer = new NameIDType();
issuer.setValue(issuerValue);
authnRequest.setIssuer(issuer);
- return authnRequest;
-
- }
-
- /**
- * Create a JAXBElement for the AuthnRequestType
- * @param authnRequestType
- * @return
- */
- public static JAXBElement<AuthnRequestType> createAuthnRequestType(AuthnRequestType authnRequestType)
- {
- return SAMLProtocolFactory.getObjectFactory().createAuthnRequest(authnRequestType);
+ return authnRequest;
}
/**
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/factories/JBossSAMLAuthnResponseFactory.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/factories/JBossSAMLAuthnResponseFactory.java 2010-11-30 16:03:56 UTC (rev 568)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/factories/JBossSAMLAuthnResponseFactory.java 2010-11-30 16:06:20 UTC (rev 569)
@@ -21,7 +21,8 @@
*/
package org.picketlink.identity.federation.core.saml.v2.factories;
-import javax.xml.bind.JAXBElement;
+import java.util.List;
+
import javax.xml.bind.JAXBException;
import javax.xml.bind.Marshaller;
import javax.xml.bind.Unmarshaller;
@@ -33,14 +34,18 @@
import org.picketlink.identity.federation.core.saml.v2.holders.SPInfoHolder;
import org.picketlink.identity.federation.core.saml.v2.util.XMLTimeUtil;
import org.picketlink.identity.federation.core.util.JAXBUtil;
-import org.picketlink.identity.federation.saml.v2.assertion.AssertionType;
-import org.picketlink.identity.federation.saml.v2.assertion.NameIDType;
-import org.picketlink.identity.federation.saml.v2.assertion.SubjectConfirmationDataType;
-import org.picketlink.identity.federation.saml.v2.assertion.SubjectConfirmationType;
-import org.picketlink.identity.federation.saml.v2.assertion.SubjectType;
-import org.picketlink.identity.federation.saml.v2.protocol.ResponseType;
-import org.picketlink.identity.federation.saml.v2.protocol.StatusCodeType;
-import org.picketlink.identity.federation.saml.v2.protocol.StatusType;
+import org.picketlink.identity.federation.core.util.NetworkUtil;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AssertionType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.ConditionsType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.NameIDType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.StatementAbstractType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.SubjectConfirmationDataType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.SubjectConfirmationType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.SubjectType;
+import org.picketlink.identity.federation.newmodel.saml.v2.protocol.ResponseType;
+import org.picketlink.identity.federation.newmodel.saml.v2.protocol.ResponseType.RTChoiceType;
+import org.picketlink.identity.federation.newmodel.saml.v2.protocol.StatusCodeType;
+import org.picketlink.identity.federation.newmodel.saml.v2.protocol.StatusType;
import org.xml.sax.SAXException;
/**
@@ -60,10 +65,10 @@
*/
public static StatusType createStatusType(String statusCodeURI)
{
- StatusCodeType sct = SAMLProtocolFactory.getObjectFactory().createStatusCodeType();
- sct.setValue(statusCodeURI);
+ StatusCodeType sct = new StatusCodeType();
+ sct.setValue( NetworkUtil.createURI( statusCodeURI ));
- StatusType statusType = SAMLProtocolFactory.getObjectFactory().createStatusType();
+ StatusType statusType = new StatusType();
statusType.setStatusCode(sct);
return statusType;
}
@@ -74,7 +79,7 @@
*/
public static ResponseType createResponseType()
{
- return SAMLProtocolFactory.getObjectFactory().createResponseType();
+ return new ResponseType();
}
/**
@@ -94,40 +99,36 @@
XMLGregorianCalendar issueInstant = XMLTimeUtil.getIssueInstant();
//Create an assertion
- AssertionType assertionType = JBossSAMLBaseFactory.createAssertion();
- assertionType.setID("ID_" + JBossSAMLBaseFactory.createUUID());
- assertionType.setVersion(issuerInfo.getSamlVersion());
- assertionType.setIssueInstant(issueInstant);
+ String id = "ID_" + JBossSAMLBaseFactory.createUUID();
- assertionType.setIssuer(issuerInfo.getIssuer());
-
//Create assertion -> subject
- SubjectType subjectType = JBossSAMLBaseFactory.createSubject();
+ SubjectType subjectType = new SubjectType();
//subject -> nameid
- NameIDType nameIDType = JBossSAMLBaseFactory.createNameID();
- nameIDType.setFormat(idp.getNameIDFormat());
+ NameIDType nameIDType = new NameIDType();
+ nameIDType.setFormat( NetworkUtil.createURI( idp.getNameIDFormat() ));
nameIDType.setValue(idp.getNameIDFormatValue());
- JAXBElement<NameIDType> jaxbNameIDType = JBossSAMLBaseFactory.createNameID(nameIDType);
- subjectType.getContent().add(jaxbNameIDType);
+ SubjectType.STSubType subType = new SubjectType.STSubType();
+ subType.addBaseID(nameIDType);
- SubjectConfirmationType subjectConfirmation =
- JBossSAMLBaseFactory.createSubjectConfirmation(idp.getSubjectConfirmationMethod());
- SubjectConfirmationDataType subjectConfirmationData =
- JBossSAMLBaseFactory.createSubjectConfirmationData(sp.getRequestID(),
- responseDestinationURI, issueInstant);
- subjectConfirmationData.setRecipient(sp.getResponseDestinationURI());
+ SubjectConfirmationType subjectConfirmation = new SubjectConfirmationType();
+ subjectConfirmation.setMethod( idp.getSubjectConfirmationMethod());
+ SubjectConfirmationDataType subjectConfirmationData = new SubjectConfirmationDataType();
+ subjectConfirmationData.setInResponseTo( sp.getRequestID() );
+ subjectConfirmationData.setRecipient( responseDestinationURI );
+ subjectConfirmationData.setNotBefore(issueInstant);
+ subjectConfirmationData.setNotOnOrAfter(issueInstant);
+
subjectConfirmation.setSubjectConfirmationData(subjectConfirmationData);
+
+ subjectType.addConfirmation(subjectConfirmation);
- JAXBElement<SubjectConfirmationType> jaxbSubjectConfirmationType =
- JBossSAMLBaseFactory.createSubjectConfirmation(subjectConfirmation);
+ AssertionType assertionType = SAMLAssertionFactory.createAssertion(id,
+ nameIDType , issueInstant, (ConditionsType) null, subjectType, (List<StatementAbstractType>)null );
- subjectType.getContent().add(jaxbSubjectConfirmationType);
- assertionType.setSubject(subjectType);
-
ResponseType responseType = createResponseType(ID, issuerInfo, assertionType);
//InResponseTo ID
responseType.setInResponseTo(sp.getRequestID());
@@ -148,7 +149,7 @@
public static ResponseType createResponseType(String ID, IssuerInfoHolder issuerInfo, AssertionType assertionType)
throws ConfigurationException
{
- ResponseType responseType = SAMLProtocolFactory.getObjectFactory().createResponseType();
+ ResponseType responseType = new ResponseType();
responseType.setVersion(issuerInfo.getSamlVersion());
//ID
@@ -168,11 +169,9 @@
XMLGregorianCalendar issueInstant = XMLTimeUtil.getIssueInstant();
//IssueInstant
- responseType.setIssueInstant(issueInstant);
- if(assertionType.getIssueInstant() == null)
- assertionType.setIssueInstant(issueInstant);
-
- responseType.getAssertionOrEncryptedAssertion().add(assertionType);
+ responseType.setIssueInstant(issueInstant);
+
+ responseType.addAssertion( new RTChoiceType( assertionType ));
return responseType;
}
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/factories/JBossSAMLBaseFactory.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/factories/JBossSAMLBaseFactory.java 2010-11-30 16:03:56 UTC (rev 568)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/factories/JBossSAMLBaseFactory.java 2010-11-30 16:06:20 UTC (rev 569)
@@ -22,18 +22,15 @@
package org.picketlink.identity.federation.core.saml.v2.factories;
-import javax.xml.bind.JAXBElement;
import javax.xml.datatype.XMLGregorianCalendar;
import org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLURIConstants;
-import org.picketlink.identity.federation.saml.v2.assertion.AssertionType;
-import org.picketlink.identity.federation.saml.v2.assertion.AttributeStatementType;
-import org.picketlink.identity.federation.saml.v2.assertion.AttributeType;
-import org.picketlink.identity.federation.saml.v2.assertion.NameIDType;
-import org.picketlink.identity.federation.saml.v2.assertion.ObjectFactory;
-import org.picketlink.identity.federation.saml.v2.assertion.SubjectConfirmationDataType;
-import org.picketlink.identity.federation.saml.v2.assertion.SubjectConfirmationType;
-import org.picketlink.identity.federation.saml.v2.assertion.SubjectType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AttributeStatementType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AttributeStatementType.ASTChoiceType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AttributeType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.NameIDType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.SubjectConfirmationDataType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.SubjectConfirmationType;
/**
* Base methods for the factories
@@ -41,25 +38,14 @@
* @since Dec 9, 2008
*/
public class JBossSAMLBaseFactory
-{
- private static ObjectFactory assertionObjectFactory = new ObjectFactory();
-
+{
/**
- * Create a plain assertion type
- * @return
- */
- public static AssertionType createAssertion()
- {
- return assertionObjectFactory.createAssertionType();
- }
-
- /**
* Create an empty attribute statement
* @return
*/
public static AttributeStatementType createAttributeStatement()
{
- return assertionObjectFactory.createAttributeStatementType();
+ return new AttributeStatementType();
}
/**
@@ -69,13 +55,13 @@
*/
public static AttributeType createAttributeForRole(String roleName)
{
- AttributeType att = assertionObjectFactory.createAttributeType();
+ AttributeType att = new AttributeType();
att.setFriendlyName("role");
att.setName("role");
att.setNameFormat(JBossSAMLURIConstants.ATTRIBUTE_FORMAT_BASIC.get());
//rolename
- att.getAttributeValue().add(roleName);
+ att.addAttributeValue( roleName );
return att;
}
@@ -87,67 +73,27 @@
*/
public static AttributeStatementType createAttributeStatement(String attributeValue)
{
- AttributeStatementType attribStatement = assertionObjectFactory.createAttributeStatementType();
- AttributeType att = assertionObjectFactory.createAttributeType();
- JAXBElement<Object> attValue = assertionObjectFactory.createAttributeValue(attributeValue);
- att.getAttributeValue().add(attValue);
- attribStatement.getAttributeOrEncryptedAttribute().add(att);
+ AttributeStatementType attribStatement = new AttributeStatementType();
+ AttributeType att = new AttributeType();
+ att.addAttributeValue(attributeValue);
+
+ attribStatement.addAttribute( new ASTChoiceType( att ));
return attribStatement;
}
/**
- * Create an empty name id
- * @return
- */
- public static NameIDType createNameID()
- {
- return assertionObjectFactory.createNameIDType();
- }
-
- /**
- * Create the JAXBElement type of nameid
- * @param nameIDType
- * @return
- */
- public static JAXBElement<NameIDType> createNameID(NameIDType nameIDType)
- {
- return assertionObjectFactory.createNameID(nameIDType);
- }
-
- /**
- * Create an empty subject
- * @return
- */
- public static SubjectType createSubject()
- {
- SubjectType subjectType = assertionObjectFactory.createSubjectType();
- return subjectType;
- }
-
- /**
* Create a Subject confirmation type given the method
* @param method
* @return
*/
public static SubjectConfirmationType createSubjectConfirmation(String method)
{
- SubjectConfirmationType sct = assertionObjectFactory.createSubjectConfirmationType();
+ SubjectConfirmationType sct = new SubjectConfirmationType();
sct.setMethod(method);
return sct;
}
/**
- * Create a JAXBElement for subject confirmtation type
- * @param sct
- * @return
- */
-
- public static JAXBElement<SubjectConfirmationType> createSubjectConfirmation(SubjectConfirmationType sct)
- {
- return assertionObjectFactory.createSubjectConfirmation(sct);
- }
-
- /**
* Create a Subject Confirmation
* @param inResponseTo
* @param destinationURI
@@ -157,7 +103,7 @@
public static SubjectConfirmationDataType createSubjectConfirmationData(String inResponseTo,
String destinationURI, XMLGregorianCalendar issueInstant)
{
- SubjectConfirmationDataType subjectConfirmationData = assertionObjectFactory.createSubjectConfirmationDataType();
+ SubjectConfirmationDataType subjectConfirmationData = new SubjectConfirmationDataType();
subjectConfirmationData.setInResponseTo(inResponseTo);
subjectConfirmationData.setRecipient(destinationURI);
subjectConfirmationData.setNotBefore(issueInstant);
@@ -174,24 +120,16 @@
{
return java.util.UUID.randomUUID().toString();
}
+
/**
- * Get the Object Factory
- * @return
- */
- public static ObjectFactory getObjectFactory()
- {
- return assertionObjectFactory;
- }
-
- /**
* Return the NameIDType for the issuer
* @param issuerID
* @return
*/
public static NameIDType getIssuer(String issuerID)
{
- NameIDType nid = assertionObjectFactory.createNameIDType();
+ NameIDType nid = new NameIDType();
nid.setValue(issuerID);
return nid;
}
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/factories/SAMLAssertionFactory.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/factories/SAMLAssertionFactory.java 2010-11-30 16:03:56 UTC (rev 568)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/factories/SAMLAssertionFactory.java 2010-11-30 16:06:20 UTC (rev 569)
@@ -21,39 +21,31 @@
*/
package org.picketlink.identity.federation.core.saml.v2.factories;
-import java.util.Arrays;
import java.util.List;
import javax.xml.datatype.XMLGregorianCalendar;
import org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLConstants;
-import org.picketlink.identity.federation.saml.v2.assertion.AssertionType;
-import org.picketlink.identity.federation.saml.v2.assertion.AudienceRestrictionType;
-import org.picketlink.identity.federation.saml.v2.assertion.ConditionAbstractType;
-import org.picketlink.identity.federation.saml.v2.assertion.ConditionsType;
-import org.picketlink.identity.federation.saml.v2.assertion.KeyInfoConfirmationDataType;
-import org.picketlink.identity.federation.saml.v2.assertion.NameIDType;
-import org.picketlink.identity.federation.saml.v2.assertion.ObjectFactory;
-import org.picketlink.identity.federation.saml.v2.assertion.StatementAbstractType;
-import org.picketlink.identity.federation.saml.v2.assertion.SubjectConfirmationType;
-import org.picketlink.identity.federation.saml.v2.assertion.SubjectType;
+import org.picketlink.identity.federation.core.util.NetworkUtil;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AssertionType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AudienceRestrictionType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.ConditionAbstractType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.ConditionsType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.KeyInfoConfirmationDataType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.NameIDType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.StatementAbstractType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.SubjectConfirmationType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.SubjectType;
import org.picketlink.identity.xmlsec.w3.xmldsig.KeyInfoType;
/**
- * Get the SAML Assertion Object Factory
+ * Deal with {@code AssertionType}
*
* @author Anil.Saldhana at redhat.com
* @since Jan 28, 2009
*/
public class SAMLAssertionFactory
-{
- private static ObjectFactory factory = new ObjectFactory();
-
- public static ObjectFactory getObjectFactory()
- {
- return factory;
- }
-
+{
/**
* <p>
* Creates an {@code AudienceRestrictionType} with the specified values.
@@ -65,8 +57,13 @@
public static AudienceRestrictionType createAudienceRestriction(String... values)
{
AudienceRestrictionType audienceRestriction = new AudienceRestrictionType();
- if (values != null)
- audienceRestriction.getAudience().addAll(Arrays.asList(values));
+ if ( values != null )
+ {
+ for( String val: values )
+ {
+ audienceRestriction.addAudience( NetworkUtil.createURI( val ) );
+ }
+ }
return audienceRestriction;
}
@@ -83,7 +80,7 @@
public static NameIDType createNameID(String format, String qualifier, String value)
{
NameIDType nameID = new NameIDType();
- nameID.setFormat(format);
+ nameID.setFormat( NetworkUtil.createURI( format ));
nameID.setNameQualifier(qualifier);
nameID.setValue(value);
return nameID;
@@ -105,8 +102,14 @@
ConditionsType conditions = new ConditionsType();
conditions.setNotBefore(notBefore);
conditions.setNotOnOrAfter(notOnOrAfter);
- if (restrictions != null)
- conditions.getConditionOrAudienceRestrictionOrOneTimeUse().addAll(Arrays.asList(restrictions));
+ if ( restrictions != null )
+ {
+ for( ConditionAbstractType condition : restrictions )
+ {
+ conditions.addCondition(condition);
+ }
+
+ }
return conditions;
}
@@ -120,8 +123,8 @@
*/
public static KeyInfoConfirmationDataType createKeyInfoConfirmation(KeyInfoType keyInfo)
{
- KeyInfoConfirmationDataType type = getObjectFactory().createKeyInfoConfirmationDataType();
- type.getContent().add(new org.picketlink.identity.xmlsec.w3.xmldsig.ObjectFactory().createKeyInfo(keyInfo));
+ KeyInfoConfirmationDataType type = new KeyInfoConfirmationDataType();
+ type.setAnyType( keyInfo );
return type;
}
@@ -157,12 +160,13 @@
*/
public static SubjectType createSubject(NameIDType nameID, SubjectConfirmationType confirmation)
{
- SubjectType subject = new SubjectType();
- ObjectFactory factory = getObjectFactory();
+ SubjectType subject = new SubjectType();
if (nameID != null)
- subject.getContent().add(factory.createNameID(nameID));
- if (confirmation != null)
- subject.getContent().add(factory.createSubjectConfirmation(confirmation));
+ {
+ SubjectType.STSubType subType = new SubjectType.STSubType();
+ subType.addConfirmation(confirmation);
+ subType.addBaseID(nameID);
+ }
return subject;
}
@@ -183,18 +187,20 @@
public static AssertionType createAssertion(String id, NameIDType issuerID, XMLGregorianCalendar issueInstant,
ConditionsType conditions, SubjectType subject, List<StatementAbstractType> statements)
{
- AssertionType assertion = new AssertionType();
- assertion.setID(id);
- assertion.setIssuer(issuerID);
- assertion.setIssueInstant(issueInstant);
+ AssertionType assertion = new AssertionType( id, issueInstant, JBossSAMLConstants.VERSION_2_0.get() );
+ assertion.setIssuer(issuerID);
if(conditions != null)
assertion.setConditions(conditions);
if(subject != null)
assertion.setSubject(subject);
- assertion.setVersion(JBossSAMLConstants.VERSION_2_0.get());
- if (statements != null)
- assertion.getStatementOrAuthnStatementOrAuthzDecisionStatement().addAll(statements);
+ if ( statements != null )
+ {
+ for( StatementAbstractType statement: statements )
+ {
+ assertion.addStatement(statement);
+ }
+ }
return assertion;
}
}
\ No newline at end of file
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/holders/IssuerInfoHolder.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/holders/IssuerInfoHolder.java 2010-11-30 16:03:56 UTC (rev 568)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/holders/IssuerInfoHolder.java 2010-11-30 16:06:20 UTC (rev 569)
@@ -23,8 +23,7 @@
import org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLConstants;
import org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLURIConstants;
-import org.picketlink.identity.federation.saml.v2.assertion.NameIDType;
-import org.picketlink.identity.federation.saml.v2.assertion.ObjectFactory;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.NameIDType;
/**
* Holds info about the issuer for saml messages creation
@@ -50,9 +49,8 @@
public IssuerInfoHolder(String issuerAsString)
{
if(issuerAsString == null)
- throw new IllegalArgumentException("issuerAsString is null");
- ObjectFactory assertionObjectFactory = new ObjectFactory();
- issuer = assertionObjectFactory.createNameIDType();
+ throw new IllegalArgumentException("issuerAsString is null");
+ issuer = new NameIDType();
issuer.setValue(issuerAsString);
}
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/impl/DefaultSAML2HandlerRequest.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/impl/DefaultSAML2HandlerRequest.java 2010-11-30 16:03:56 UTC (rev 568)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/impl/DefaultSAML2HandlerRequest.java 2010-11-30 16:06:20 UTC (rev 569)
@@ -30,7 +30,7 @@
import org.picketlink.identity.federation.core.saml.v2.interfaces.SAML2HandlerRequest;
import org.picketlink.identity.federation.core.saml.v2.interfaces.SAML2Handler.HANDLER_TYPE;
import org.picketlink.identity.federation.saml.v2.SAML2Object;
-import org.picketlink.identity.federation.saml.v2.assertion.NameIDType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.NameIDType;
import org.w3c.dom.Document;
/**
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/interfaces/SAML2HandlerRequest.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/interfaces/SAML2HandlerRequest.java 2010-11-30 16:03:56 UTC (rev 568)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/interfaces/SAML2HandlerRequest.java 2010-11-30 16:06:20 UTC (rev 569)
@@ -24,8 +24,8 @@
import java.util.Map;
import org.picketlink.identity.federation.core.interfaces.ProtocolContext;
-import org.picketlink.identity.federation.saml.v2.SAML2Object;
-import org.picketlink.identity.federation.saml.v2.assertion.NameIDType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.NameIDType;
+import org.picketlink.identity.federation.saml.v2.SAML2Object;
import org.w3c.dom.Document;
/**
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/util/AssertionUtil.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/util/AssertionUtil.java 2010-11-30 16:03:56 UTC (rev 568)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/util/AssertionUtil.java 2010-11-30 16:06:20 UTC (rev 569)
@@ -27,13 +27,10 @@
import org.picketlink.identity.federation.core.exceptions.ConfigurationException;
import org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLConstants;
import org.picketlink.identity.federation.core.saml.v2.exceptions.IssueInstantMissingException;
-import org.picketlink.identity.federation.core.saml.v2.factories.JBossSAMLBaseFactory;
-import org.picketlink.identity.federation.core.saml.v2.factories.SAMLAssertionFactory;
-import org.picketlink.identity.federation.saml.v2.assertion.AssertionType;
-import org.picketlink.identity.federation.saml.v2.assertion.AttributeType;
-import org.picketlink.identity.federation.saml.v2.assertion.ConditionsType;
-import org.picketlink.identity.federation.saml.v2.assertion.NameIDType;
-import org.picketlink.identity.federation.saml.v2.assertion.ObjectFactory;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AssertionType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AttributeType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.ConditionsType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.NameIDType;
/**
* Utility to deal with assertions
@@ -53,10 +50,17 @@
*/
public static AssertionType createAssertion(String id, NameIDType issuer)
{
- AssertionType assertion = SAMLAssertionFactory.getObjectFactory().createAssertionType();
- assertion.setID(id);
- assertion.setVersion(JBossSAMLConstants.VERSION_2_0.get());
- assertion.setIssuer(issuer);
+ XMLGregorianCalendar issueInstant = null;
+ try
+ {
+ issueInstant = XMLTimeUtil.getIssueInstant();
+ }
+ catch (ConfigurationException e)
+ {
+ throw new RuntimeException( e );
+ }
+ AssertionType assertion = new AssertionType( id, issueInstant, JBossSAMLConstants.VERSION_2_0.get() );
+ assertion.setIssuer( issuer );
return assertion;
}
@@ -69,16 +73,15 @@
*/
public static AttributeType createAttribute(String name, String nameFormat,
Object... attributeValues)
- {
- ObjectFactory of = SAMLAssertionFactory.getObjectFactory();
- AttributeType att = of.createAttributeType();
+ {
+ AttributeType att = new AttributeType();
att.setName(name);
att.setNameFormat(nameFormat);
if(attributeValues != null && attributeValues.length > 0)
{
for(Object attributeValue:attributeValues)
{
- att.getAttributeValue().add(of.createAttributeValue(attributeValue));
+ att.addAttributeValue(attributeValue);
}
}
@@ -99,7 +102,7 @@
if(issueInstant == null)
throw new IssueInstantMissingException("assertion does not have issue instant");
XMLGregorianCalendar assertionValidityLength = XMLTimeUtil.add(issueInstant, durationInMilis);
- ConditionsType conditionsType = JBossSAMLBaseFactory.getObjectFactory().createConditionsType();
+ ConditionsType conditionsType = new ConditionsType();
conditionsType.setNotBefore(issueInstant);
conditionsType.setNotOnOrAfter(assertionValidityLength);
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/util/JAXBElementMappingUtil.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/util/JAXBElementMappingUtil.java 2010-11-30 16:03:56 UTC (rev 568)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/util/JAXBElementMappingUtil.java 2010-11-30 16:06:20 UTC (rev 569)
@@ -97,7 +97,8 @@
*/
public static JAXBElement<?> get(EncryptedElementType encryptedAssertion)
{
- return SAMLAssertionFactory.getObjectFactory().createEncryptedAssertion(encryptedAssertion);
+ throw new RuntimeException( "NYI" );
+ //return SAMLAssertionFactory.getObjectFactory().createEncryptedAssertion(encryptedAssertion);
}
/**
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/util/SOAPSAMLXACMLUtil.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/util/SOAPSAMLXACMLUtil.java 2010-11-30 16:03:56 UTC (rev 568)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/util/SOAPSAMLXACMLUtil.java 2010-11-30 16:06:20 UTC (rev 569)
@@ -33,9 +33,8 @@
import org.picketlink.identity.federation.core.exceptions.ConfigurationException;
import org.picketlink.identity.federation.core.exceptions.ProcessingException;
import org.picketlink.identity.federation.core.util.JAXBUtil;
-import org.picketlink.identity.federation.saml.v2.profiles.xacml.assertion.ObjectFactory;
-import org.picketlink.identity.federation.saml.v2.profiles.xacml.assertion.XACMLAuthzDecisionStatementType;
-import org.picketlink.identity.federation.saml.v2.profiles.xacml.protocol.XACMLAuthzDecisionQueryType;
+import org.picketlink.identity.federation.newmodel.saml.v2.profiles.xacml.protocol.XACMLAuthzDecisionQueryType;
+import org.picketlink.identity.federation.saml.v2.profiles.xacml.assertion.ObjectFactory;
import org.w3c.dom.Element;
/**
@@ -84,26 +83,6 @@
return (XACMLAuthzDecisionQueryType)xacmlObject;
}
- public static XACMLAuthzDecisionQueryType createXACMLAuthzDecisionQueryType()
- {
- return queryTypeObjectFactory.createXACMLAuthzDecisionQueryType();
- }
-
- public static XACMLAuthzDecisionStatementType createXACMLAuthzDecisionStatementType()
- {
- return statementObjectFactory.createXACMLAuthzDecisionStatementType();
- }
-
- public static JAXBElement<XACMLAuthzDecisionQueryType> getJAXB(XACMLAuthzDecisionQueryType queryType)
- {
- return queryTypeObjectFactory.createXACMLAuthzDecisionQuery(queryType);
- }
-
- public static JAXBElement<XACMLAuthzDecisionStatementType> getJAXB(XACMLAuthzDecisionStatementType stmtType)
- {
- return statementObjectFactory.createXACMLAuthzDecisionStatement(stmtType);
- }
-
public static Marshaller getMarshaller() throws JAXBException
{
return JAXBUtil.getMarshaller(getPackage());
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/util/StatementUtil.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/util/StatementUtil.java 2010-11-30 16:03:56 UTC (rev 568)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/util/StatementUtil.java 2010-11-30 16:06:20 UTC (rev 569)
@@ -31,10 +31,9 @@
import org.picketlink.identity.federation.core.constants.AttributeConstants;
import org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLURIConstants;
import org.picketlink.identity.federation.core.saml.v2.constants.X500SAMLProfileConstants;
-import org.picketlink.identity.federation.core.saml.v2.factories.JBossSAMLBaseFactory;
-import org.picketlink.identity.federation.saml.v2.assertion.AttributeStatementType;
-import org.picketlink.identity.federation.saml.v2.assertion.AttributeType;
-import org.picketlink.identity.federation.saml.v2.assertion.ObjectFactory;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AttributeStatementType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AttributeStatementType.ASTChoiceType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AttributeType;
/**
* Deals with SAML2 Statements
@@ -43,10 +42,8 @@
*/
public class StatementUtil
{
- public static final QName X500_QNAME = new QName(JBossSAMLURIConstants.X500_NSURI.get(), "Encoding");
+ public static final QName X500_QNAME = new QName(JBossSAMLURIConstants.X500_NSURI.get(), "Encoding");
- private static ObjectFactory factory = new ObjectFactory();
-
/**
* Create an attribute statement with all the attributes
* @param attributes a map with keys from {@link AttributeConstants}
@@ -64,7 +61,7 @@
if (i == 0)
{
//Deal with the X500 Profile of SAML2
- attrStatement = JBossSAMLBaseFactory.createAttributeStatement();
+ attrStatement = new AttributeStatementType();
i++;
}
@@ -77,8 +74,9 @@
Collection<?> roles = (Collection<?>) value;
for (Object role : roles)
{
- AttributeType roleAttr = JBossSAMLBaseFactory.createAttributeForRole((String) role);
- attrStatement.getAttributeOrEncryptedAttribute().add(factory.createAttribute(roleAttr));
+ AttributeType roleAttr = new AttributeType();
+ roleAttr.addAttributeValue(role);
+ attrStatement.addAttribute( new ASTChoiceType( roleAttr ));
}
}
}
@@ -108,8 +106,8 @@
att.setFriendlyName(X500SAMLProfileConstants.TELEPHONE.getFriendlyName());
att.setName(X500SAMLProfileConstants.TELEPHONE.get());
}
- att.getAttributeValue().add(value);
- attrStatement.getAttributeOrEncryptedAttribute().add(att);
+ att.addAttributeValue( value );
+ attrStatement.addAttribute( new ASTChoiceType( att ));
}
}
return attrStatement;
@@ -122,18 +120,19 @@
*/
public static AttributeStatementType createAttributeStatement(List<String> roles)
{
- AttributeStatementType attrStatement = JBossSAMLBaseFactory.createAttributeStatement();
+ AttributeStatementType attrStatement = new AttributeStatementType();
for (String role : roles)
{
- AttributeType attr = JBossSAMLBaseFactory.createAttributeForRole(role);
- attrStatement.getAttributeOrEncryptedAttribute().add(attr);
+ AttributeType attr = new AttributeType();
+ attr.addAttributeValue( role );
+ attrStatement.addAttribute( new ASTChoiceType( attr ));
}
return attrStatement;
}
private static AttributeType getX500Attribute()
{
- AttributeType att = factory.createAttributeType();
+ AttributeType att = new AttributeType();
att.getOtherAttributes().put(X500_QNAME, "LDAP");
att.setNameFormat(JBossSAMLURIConstants.ATTRIBUTE_FORMAT_URI.get());
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/BaseWriter.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/BaseWriter.java 2010-11-30 16:03:56 UTC (rev 568)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/BaseWriter.java 2010-11-30 16:06:20 UTC (rev 569)
@@ -21,14 +21,16 @@
*/
package org.picketlink.identity.federation.core.saml.v2.writers;
+import java.net.URI;
+
import javax.xml.namespace.QName;
import javax.xml.stream.XMLStreamWriter;
import org.picketlink.identity.federation.core.exceptions.ProcessingException;
import org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLConstants;
import org.picketlink.identity.federation.core.util.StaxUtil;
-import org.picketlink.identity.federation.core.util.StringUtil;
-import org.picketlink.identity.federation.saml.v2.assertion.NameIDType;
+import org.picketlink.identity.federation.core.util.StringUtil;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.NameIDType;
/**
* Base Class for the Stax writers for SAML
@@ -58,11 +60,11 @@
{
StaxUtil.writeStartElement( writer, tag.getPrefix(), tag.getLocalPart() , tag.getNamespaceURI() );
- String format = nameIDType.getFormat();
- if( StringUtil.isNotNull( format ))
+ URI format = nameIDType.getFormat();
+ if( format != null )
{
- StaxUtil.writeAttribute( writer, JBossSAMLConstants.FORMAT.get(), format );
- }
+ StaxUtil.writeAttribute( writer, JBossSAMLConstants.FORMAT.get(), format.toASCIIString() );
+ }
String spProvidedID = nameIDType.getSPProvidedID();
if( StringUtil.isNotNull( spProvidedID ))
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/SAMLAssertionWriter.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/SAMLAssertionWriter.java 2010-11-30 16:03:56 UTC (rev 568)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/SAMLAssertionWriter.java 2010-11-30 16:06:20 UTC (rev 569)
@@ -23,12 +23,13 @@
import static org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLURIConstants.ASSERTION_NSURI;
+import java.net.URI;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
+import java.util.Set;
-import javax.xml.bind.JAXBElement;
import javax.xml.datatype.XMLGregorianCalendar;
import javax.xml.namespace.QName;
import javax.xml.stream.XMLStreamWriter;
@@ -38,17 +39,25 @@
import org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLURIConstants;
import org.picketlink.identity.federation.core.util.StaxUtil;
import org.picketlink.identity.federation.core.util.StringUtil;
-import org.picketlink.identity.federation.saml.v2.assertion.AssertionType;
-import org.picketlink.identity.federation.saml.v2.assertion.AttributeStatementType;
-import org.picketlink.identity.federation.saml.v2.assertion.AttributeType;
-import org.picketlink.identity.federation.saml.v2.assertion.AuthnContextType;
-import org.picketlink.identity.federation.saml.v2.assertion.AuthnStatementType;
-import org.picketlink.identity.federation.saml.v2.assertion.BaseIDAbstractType;
-import org.picketlink.identity.federation.saml.v2.assertion.NameIDType;
-import org.picketlink.identity.federation.saml.v2.assertion.StatementAbstractType;
-import org.picketlink.identity.federation.saml.v2.assertion.SubjectConfirmationDataType;
-import org.picketlink.identity.federation.saml.v2.assertion.SubjectConfirmationType;
-import org.picketlink.identity.federation.saml.v2.assertion.SubjectType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AssertionType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AttributeStatementType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AttributeStatementType.ASTChoiceType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AttributeType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AuthnContextClassRefType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AuthnContextDeclRefType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AuthnContextDeclType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AuthnContextType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AuthnContextType.AuthnContextTypeSequence;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AuthnStatementType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.BaseIDAbstractType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.EncryptedElementType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.NameIDType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.StatementAbstractType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.SubjectConfirmationDataType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.SubjectConfirmationType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.SubjectType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.SubjectType.STSubType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.URIType;
/**
* Write the SAML Assertion to stream
@@ -90,7 +99,7 @@
//TODO: conditions and advice
- List<StatementAbstractType> statements = assertion.getStatementOrAuthnStatementOrAuthzDecisionStatement();
+ Set<StatementAbstractType> statements = assertion.getStatements();
if( statements != null )
{
for( StatementAbstractType statement: statements )
@@ -127,16 +136,19 @@
{
StaxUtil.writeStartElement( writer, ASSERTION_PREFIX, JBossSAMLConstants.ATTRIBUTE_STATEMENT.get() , ASSERTION_NSURI.get() );
- List<Object> attributes = statement.getAttributeOrEncryptedAttribute();
+ List<ASTChoiceType> attributes = statement.getAttributes();
if( attributes != null )
{
- for( Object attr : attributes )
+ for( ASTChoiceType attr : attributes )
{
- if( attr instanceof AttributeType )
+ AttributeType attributeType = attr.getAttribute();
+ if( attributeType != null )
{
- AttributeType attributeType = (AttributeType) attr;
write( attributeType );
}
+ EncryptedElementType encType = attr.getEncryptedAssertion();
+ if( encType != null )
+ throw new RuntimeException( "unable to write as it is NYI" );
}
}
@@ -179,32 +191,52 @@
{
StaxUtil.writeStartElement( writer, ASSERTION_PREFIX, JBossSAMLConstants.AUTHN_CONTEXT.get() , ASSERTION_NSURI.get() );
- List< JAXBElement<?> > subList = authContext.getContent();
- if( subList != null )
+ AuthnContextTypeSequence sequence = authContext.getSequence();
+ if( sequence != null )
{
- for( JAXBElement<?> el: subList )
+ AuthnContextClassRefType authnContextClassRefType = sequence.getClassRef();
+ if( authnContextClassRefType != null )
{
- QName elName = el.getName();
- if( elName.getLocalPart().equals( JBossSAMLConstants.AUTHN_CONTEXT_DECLARATION_REF.get() ))
+ StaxUtil.writeStartElement( writer, ASSERTION_PREFIX, JBossSAMLConstants.AUTHN_CONTEXT_CLASS_REF.get() ,
+ ASSERTION_NSURI.get() );
+ StaxUtil.writeCharacters( writer, authnContextClassRefType.getValue().toASCIIString() );
+ StaxUtil.writeEndElement( writer);
+ }
+
+ Set<URIType> uriTypes = sequence.getURIType();
+ if( uriTypes != null )
+ {
+ for( URIType uriType: uriTypes )
{
- String decl = (String) el.getValue();
- StaxUtil.writeStartElement( writer, ASSERTION_PREFIX, JBossSAMLConstants.AUTHN_CONTEXT_DECLARATION_REF.get() ,
- ASSERTION_NSURI.get() );
- StaxUtil.writeCharacters( writer, decl );
- StaxUtil.writeEndElement( writer);
- }
- else if( elName.getLocalPart().equals( JBossSAMLConstants.AUTHN_CONTEXT_CLASS_REF.get() ))
- {
- String decl = (String) el.getValue();
- StaxUtil.writeStartElement( writer, ASSERTION_PREFIX, JBossSAMLConstants.AUTHN_CONTEXT_CLASS_REF.get() ,
- ASSERTION_NSURI.get() );
- StaxUtil.writeCharacters( writer, decl );
- StaxUtil.writeEndElement( writer);
- }
- else
- throw new RuntimeException( "Unsupported :" + elName );
+ if( uriType instanceof AuthnContextDeclType )
+ {
+ StaxUtil.writeStartElement( writer, ASSERTION_PREFIX, JBossSAMLConstants.AUTHN_CONTEXT_DECLARATION.get() ,
+ ASSERTION_NSURI.get() );
+ StaxUtil.writeCharacters( writer, uriType.getValue().toASCIIString() );
+ StaxUtil.writeEndElement( writer);
+ }
+ if( uriType instanceof AuthnContextDeclRefType )
+ {
+ StaxUtil.writeStartElement( writer, ASSERTION_PREFIX, JBossSAMLConstants.AUTHN_CONTEXT_DECLARATION_REF.get() ,
+ ASSERTION_NSURI.get() );
+ StaxUtil.writeCharacters( writer, uriType.getValue().toASCIIString() );
+ StaxUtil.writeEndElement( writer);
+ }
+ }
+ }
+ }
+
+ Set<URI> authAuthorities = authContext.getAuthenticatingAuthority();
+ if( authAuthorities != null )
+ {
+ for( URI aa: authAuthorities )
+ {
+ StaxUtil.writeStartElement( writer, ASSERTION_PREFIX, JBossSAMLConstants.AUTHENTICATING_AUTHORITY.get() ,
+ ASSERTION_NSURI.get() );
+ StaxUtil.writeCharacters( writer, aa.toASCIIString() );
+ StaxUtil.writeEndElement( writer);
}
- }
+ }
StaxUtil.writeEndElement( writer);
StaxUtil.flush( writer );
@@ -287,48 +319,38 @@
*/
public void write( SubjectType subject ) throws ProcessingException
{
- StaxUtil.writeStartElement( writer, ASSERTION_PREFIX, JBossSAMLConstants.SUBJECT.get() , ASSERTION_NSURI.get() );
- List<JAXBElement<?>> contentList = subject.getContent();
- if( contentList != null )
+ StaxUtil.writeStartElement( writer, ASSERTION_PREFIX, JBossSAMLConstants.SUBJECT.get() , ASSERTION_NSURI.get() );
+
+ STSubType subType = subject.getSubType();
+ if( subType != null )
{
- for( JAXBElement<?> jaxbEl: contentList )
+ BaseIDAbstractType baseID = subType.getBaseID();
+ if( baseID instanceof NameIDType )
{
- Class<?> declaredType = jaxbEl.getDeclaredType();
- if( declaredType.equals( SubjectConfirmationType.class) )
+ NameIDType nameIDType = (NameIDType) baseID;
+ write( nameIDType, new QName( ASSERTION_NSURI.get(), JBossSAMLConstants.NAMEID.get(), ASSERTION_PREFIX) );
+ }
+ EncryptedElementType enc = subType.getEncryptedID();
+ if( enc != null )
+ throw new RuntimeException( "NYI" );
+ List<SubjectConfirmationType> confirmations = subType.getConfirmation();
+ if( confirmations != null )
+ {
+ for( SubjectConfirmationType confirmation: confirmations )
{
- SubjectConfirmationType subjectConfirmationType = (SubjectConfirmationType) jaxbEl.getValue();
- StaxUtil.writeStartElement( writer, ASSERTION_PREFIX, JBossSAMLConstants.SUBJECT_CONFIRMATION.get(), ASSERTION_NSURI.get() );
-
- StaxUtil.writeAttribute(writer, JBossSAMLConstants.METHOD.get(), subjectConfirmationType.getMethod() );
-
- BaseIDAbstractType baseID = subjectConfirmationType.getBaseID();
- if( baseID != null )
- {
- write( baseID );
- }
- NameIDType nameIDType = subjectConfirmationType.getNameID();
- if( nameIDType != null )
- {
- write( nameIDType, new QName( ASSERTION_NSURI.get(), JBossSAMLConstants.NAMEID.get(), ASSERTION_PREFIX) );
- }
- SubjectConfirmationDataType subjectConfirmationData = subjectConfirmationType.getSubjectConfirmationData();
- if( subjectConfirmationData != null )
- {
- write( subjectConfirmationData );
- }
-
-
- StaxUtil.writeEndElement( writer);
+ write( confirmation );
}
- else if( declaredType.equals( NameIDType.class ))
- {
- NameIDType nameIDType = (NameIDType) jaxbEl.getValue();
- write( nameIDType, new QName( ASSERTION_NSURI.get(), JBossSAMLConstants.NAMEID.get(), ASSERTION_PREFIX) );
- }
- else
- throw new RuntimeException( "SAMLAssertionWriter: NYI: declared Type:" + declaredType.getName() );
}
}
+ List<SubjectConfirmationType> subjectConfirmations = subject.getConfirmation();
+ if( subjectConfirmations != null )
+ {
+ for( SubjectConfirmationType subjectConfirmationType : subjectConfirmations )
+ {
+ write( subjectConfirmationType );
+ }
+ }
+
StaxUtil.writeEndElement( writer);
StaxUtil.flush( writer );
@@ -339,6 +361,30 @@
throw new RuntimeException( "NYI");
}
+ private void write( SubjectConfirmationType subjectConfirmationType ) throws ProcessingException
+ {
+ StaxUtil.writeStartElement( writer, ASSERTION_PREFIX, JBossSAMLConstants.SUBJECT_CONFIRMATION.get(), ASSERTION_NSURI.get() );
+
+ StaxUtil.writeAttribute(writer, JBossSAMLConstants.METHOD.get(), subjectConfirmationType.getMethod() );
+
+ BaseIDAbstractType baseID = subjectConfirmationType.getBaseID();
+ if( baseID != null )
+ {
+ write( baseID );
+ }
+ NameIDType nameIDType = subjectConfirmationType.getNameID();
+ if( nameIDType != null )
+ {
+ write( nameIDType, new QName( ASSERTION_NSURI.get(), JBossSAMLConstants.NAMEID.get(), ASSERTION_PREFIX) );
+ }
+ SubjectConfirmationDataType subjectConfirmationData = subjectConfirmationType.getSubjectConfirmationData();
+ if( subjectConfirmationData != null )
+ {
+ write( subjectConfirmationData );
+ }
+ StaxUtil.writeEndElement( writer);
+ }
+
private void write( SubjectConfirmationDataType subjectConfirmationData ) throws ProcessingException
{
StaxUtil.writeStartElement( writer, ASSERTION_PREFIX, JBossSAMLConstants.SUBJECT_CONFIRMATION_DATA.get(), ASSERTION_NSURI.get() );
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/SAMLRequestWriter.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/SAMLRequestWriter.java 2010-11-30 16:03:56 UTC (rev 568)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/SAMLRequestWriter.java 2010-11-30 16:06:20 UTC (rev 569)
@@ -24,17 +24,19 @@
import static org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLURIConstants.ASSERTION_NSURI;
import static org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLURIConstants.PROTOCOL_NSURI;
+import java.net.URI;
+
import javax.xml.namespace.QName;
import javax.xml.stream.XMLStreamWriter;
import org.picketlink.identity.federation.core.exceptions.ProcessingException;
import org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLConstants;
import org.picketlink.identity.federation.core.util.StaxUtil;
-import org.picketlink.identity.federation.core.util.StringUtil;
-import org.picketlink.identity.federation.saml.v2.assertion.NameIDType;
-import org.picketlink.identity.federation.saml.v2.protocol.AuthnRequestType;
-import org.picketlink.identity.federation.saml.v2.protocol.LogoutRequestType;
-import org.picketlink.identity.federation.saml.v2.protocol.NameIDPolicyType;
+import org.picketlink.identity.federation.core.util.StringUtil;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.NameIDType;
+import org.picketlink.identity.federation.newmodel.saml.v2.protocol.AuthnRequestType;
+import org.picketlink.identity.federation.newmodel.saml.v2.protocol.LogoutRequestType;
+import org.picketlink.identity.federation.newmodel.saml.v2.protocol.NameIDPolicyType;
/**
* Writes a SAML2 Request Type to Stream
@@ -65,17 +67,17 @@
StaxUtil.writeAttribute( writer, JBossSAMLConstants.VERSION.get(), request.getVersion() );
StaxUtil.writeAttribute( writer, JBossSAMLConstants.ISSUE_INSTANT.get(), request.getIssueInstant().toString() );
- String destination = request.getDestination();
- if( StringUtil.isNotNull( destination ))
- StaxUtil.writeAttribute( writer, JBossSAMLConstants.DESTINATION.get(), destination );
+ URI destination = request.getDestination();
+ if( destination != null )
+ StaxUtil.writeAttribute( writer, JBossSAMLConstants.DESTINATION.get(), destination.toASCIIString() );
String consent = request.getConsent();
if( StringUtil.isNotNull( consent ))
StaxUtil.writeAttribute( writer, JBossSAMLConstants.CONSENT.get(), consent );
- String assertionURL = request.getAssertionConsumerServiceURL();
- if( StringUtil.isNotNull( assertionURL ) )
- StaxUtil.writeAttribute( writer, JBossSAMLConstants.ASSERTION_CONSUMER_SERVICE_URL.get(), assertionURL );
+ URI assertionURL = request.getAssertionConsumerServiceURL();
+ if( assertionURL != null )
+ StaxUtil.writeAttribute( writer, JBossSAMLConstants.ASSERTION_CONSUMER_SERVICE_URL.get(), assertionURL.toASCIIString() );
NameIDType issuer = request.getIssuer();
write( issuer, new QName( ASSERTION_NSURI.get(), JBossSAMLConstants.ISSUER.get()));
@@ -106,10 +108,10 @@
StaxUtil.writeAttribute( writer, JBossSAMLConstants.VERSION.get(), logOutRequest.getVersion() );
StaxUtil.writeAttribute( writer, JBossSAMLConstants.ISSUE_INSTANT.get(), logOutRequest.getIssueInstant().toString() );
- String destination = logOutRequest.getDestination();
- if( StringUtil.isNotNull( destination ))
+ URI destination = logOutRequest.getDestination();
+ if( destination != null )
{
- StaxUtil.writeAttribute( writer, JBossSAMLConstants.DESTINATION.get(),destination );
+ StaxUtil.writeAttribute( writer, JBossSAMLConstants.DESTINATION.get(), destination.toASCIIString() );
}
String consent = logOutRequest.getConsent();
@@ -133,10 +135,10 @@
{
StaxUtil.writeStartElement( writer, PROTOCOL_PREFIX, JBossSAMLConstants.NAMEID_POLICY.get(), PROTOCOL_NSURI.get() );
- String format = nameIDPolicy.getFormat();
- if( StringUtil.isNotNull( format ))
+ URI format = nameIDPolicy.getFormat();
+ if( format != null )
{
- StaxUtil.writeAttribute( writer, JBossSAMLConstants.FORMAT.get(), format );
+ StaxUtil.writeAttribute( writer, JBossSAMLConstants.FORMAT.get(), format.toASCIIString() );
}
String spNameQualifier = nameIDPolicy.getSPNameQualifier();
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/SAMLResponseWriter.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/SAMLResponseWriter.java 2010-11-30 16:03:56 UTC (rev 568)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/SAMLResponseWriter.java 2010-11-30 16:06:20 UTC (rev 569)
@@ -24,6 +24,7 @@
import static org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLURIConstants.ASSERTION_NSURI;
import static org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLURIConstants.PROTOCOL_NSURI;
+import java.net.URI;
import java.util.List;
import javax.xml.namespace.QName;
@@ -33,13 +34,14 @@
import org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLConstants;
import org.picketlink.identity.federation.core.util.StaxUtil;
import org.picketlink.identity.federation.core.util.StringUtil;
-import org.picketlink.identity.federation.saml.v2.assertion.AssertionType;
-import org.picketlink.identity.federation.saml.v2.assertion.NameIDType;
-import org.picketlink.identity.federation.saml.v2.protocol.ResponseType;
-import org.picketlink.identity.federation.saml.v2.protocol.StatusCodeType;
-import org.picketlink.identity.federation.saml.v2.protocol.StatusDetailType;
-import org.picketlink.identity.federation.saml.v2.protocol.StatusResponseType;
-import org.picketlink.identity.federation.saml.v2.protocol.StatusType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AssertionType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.NameIDType;
+import org.picketlink.identity.federation.newmodel.saml.v2.protocol.ResponseType;
+import org.picketlink.identity.federation.newmodel.saml.v2.protocol.ResponseType.RTChoiceType;
+import org.picketlink.identity.federation.newmodel.saml.v2.protocol.StatusCodeType;
+import org.picketlink.identity.federation.newmodel.saml.v2.protocol.StatusDetailType;
+import org.picketlink.identity.federation.newmodel.saml.v2.protocol.StatusResponseType;
+import org.picketlink.identity.federation.newmodel.saml.v2.protocol.StatusType;
/**
* Write a SAML Response to stream
@@ -77,11 +79,12 @@
StatusType status = response.getStatus();
write( status );
- List<Object> assertions = response.getAssertionOrEncryptedAssertion();
- if( assertions != null )
+ List<RTChoiceType> choiceTypes = response.getAssertions();
+ if( choiceTypes != null )
{
- for( Object assertion: assertions )
+ for( RTChoiceType choiceType: choiceTypes )
{
+ AssertionType assertion = choiceType.getAssertion();
if( assertion instanceof AssertionType )
{
assertionWriter.write( (AssertionType) assertion );
@@ -163,10 +166,10 @@
{
StaxUtil.writeStartElement( writer, PROTOCOL_PREFIX, JBossSAMLConstants.STATUS_CODE.get() , PROTOCOL_NSURI.get() );
- String value = statusCodeType.getValue();
- if( StringUtil.isNotNull( value ))
+ URI value = statusCodeType.getValue();
+ if( value != null )
{
- StaxUtil.writeAttribute( writer, JBossSAMLConstants.VALUE.get(), value );
+ StaxUtil.writeAttribute( writer, JBossSAMLConstants.VALUE.get(), value.toASCIIString() );
}
StatusCodeType subStatusCode = statusCodeType.getStatusCode();
if( subStatusCode != null )
Added: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/util/NetworkUtil.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/util/NetworkUtil.java (rev 0)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/util/NetworkUtil.java 2010-11-30 16:06:20 UTC (rev 569)
@@ -0,0 +1,50 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2008, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.picketlink.identity.federation.core.util;
+
+import java.net.URI;
+import java.net.URISyntaxException;
+
+/**
+ * General utility class for network related stuff
+ * @author Anil.Saldhana at redhat.com
+ * @since Nov 29, 2010
+ */
+public class NetworkUtil
+{
+ /**
+ * Create {@code URI}
+ * @param value
+ * @return
+ */
+ public static URI createURI( String value )
+ {
+ try
+ {
+ return new URI( value );
+ }
+ catch (URISyntaxException e)
+ {
+ throw new RuntimeException( "value is not of type URI:", e );
+ }
+ }
+}
\ No newline at end of file
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/util/StaxUtil.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/util/StaxUtil.java 2010-11-30 16:03:56 UTC (rev 568)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/util/StaxUtil.java 2010-11-30 16:06:20 UTC (rev 569)
@@ -18,6 +18,7 @@
package org.picketlink.identity.federation.core.util;
import java.io.OutputStream;
+import java.io.Writer;
import java.util.Stack;
import javax.xml.namespace.QName;
@@ -101,6 +102,26 @@
throw new ProcessingException(e);
}
}
+
+ /**
+ * Get an {@code XMLStreamWriter}
+ *
+ * @param writer {@code Writer}
+ * @return
+ * @throws ProcessingException
+ */
+ public static XMLStreamWriter getXMLStreamWriter(final Writer writer ) throws ProcessingException
+ {
+ XMLOutputFactory xmlOutputFactory = XMLOutputFactory.newInstance();
+ try
+ {
+ return xmlOutputFactory.createXMLStreamWriter( writer );
+ }
+ catch (XMLStreamException e)
+ {
+ throw new ProcessingException(e);
+ }
+ }
public static XMLStreamWriter getXMLStreamWriter(final Result result) throws ProcessingException
{
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/StandardRequestHandler.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/StandardRequestHandler.java 2010-11-30 16:03:56 UTC (rev 568)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/StandardRequestHandler.java 2010-11-30 16:06:20 UTC (rev 569)
@@ -42,7 +42,6 @@
import org.picketlink.identity.federation.ws.trust.ClaimsType;
import org.picketlink.identity.federation.ws.trust.ComputedKeyType;
import org.picketlink.identity.federation.ws.trust.EntropyType;
-import org.picketlink.identity.federation.ws.trust.ObjectFactory;
import org.picketlink.identity.federation.ws.trust.RequestedProofTokenType;
import org.picketlink.identity.federation.ws.trust.RequestedSecurityTokenType;
import org.picketlink.identity.federation.ws.trust.RequestedTokenCancelledType;
@@ -183,8 +182,7 @@
{
// symmetric key case: if client entropy is found, compute a key. If not, generate a new key.
requestedProofToken = new RequestedProofTokenType();
- ObjectFactory objFactory = new ObjectFactory();
-
+
byte[] serverSecret = WSTrustUtil.createRandomSecret((int) keySize / 8);
BinarySecretType serverBinarySecret = new BinarySecretType();
serverBinarySecret.setType(WSTrustConstants.BS_TYPE_NONCE);
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/plugins/saml/SAML20TokenAttributeProvider.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/plugins/saml/SAML20TokenAttributeProvider.java 2010-11-30 16:03:56 UTC (rev 568)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/plugins/saml/SAML20TokenAttributeProvider.java 2010-11-30 16:06:20 UTC (rev 569)
@@ -2,7 +2,7 @@
import java.util.Map;
-import org.picketlink.identity.federation.saml.v2.assertion.AttributeStatementType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AttributeStatementType;
/**
* <p>
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/plugins/saml/SAML20TokenProvider.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/plugins/saml/SAML20TokenProvider.java 2010-11-30 16:03:56 UTC (rev 568)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/plugins/saml/SAML20TokenProvider.java 2010-11-30 16:06:20 UTC (rev 569)
@@ -43,16 +43,16 @@
import org.picketlink.identity.federation.core.wstrust.plugins.FileBasedRevocationRegistry;
import org.picketlink.identity.federation.core.wstrust.plugins.JPABasedRevocationRegistry;
import org.picketlink.identity.federation.core.wstrust.plugins.RevocationRegistry;
-import org.picketlink.identity.federation.core.wstrust.wrappers.Lifetime;
-import org.picketlink.identity.federation.saml.v2.assertion.AssertionType;
-import org.picketlink.identity.federation.saml.v2.assertion.AttributeStatementType;
-import org.picketlink.identity.federation.saml.v2.assertion.AudienceRestrictionType;
-import org.picketlink.identity.federation.saml.v2.assertion.ConditionsType;
-import org.picketlink.identity.federation.saml.v2.assertion.KeyInfoConfirmationDataType;
-import org.picketlink.identity.federation.saml.v2.assertion.NameIDType;
-import org.picketlink.identity.federation.saml.v2.assertion.StatementAbstractType;
-import org.picketlink.identity.federation.saml.v2.assertion.SubjectConfirmationType;
-import org.picketlink.identity.federation.saml.v2.assertion.SubjectType;
+import org.picketlink.identity.federation.core.wstrust.wrappers.Lifetime;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AssertionType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AttributeStatementType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AudienceRestrictionType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.ConditionsType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.KeyInfoConfirmationDataType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.NameIDType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.StatementAbstractType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.SubjectConfirmationType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.SubjectType;
import org.picketlink.identity.federation.ws.policy.AppliesTo;
import org.picketlink.identity.federation.ws.trust.RequestedReferenceType;
import org.picketlink.identity.federation.ws.trust.StatusType;
@@ -262,7 +262,7 @@
AttributeStatementType attributeStatement = this.attributeProvider.getAttributeStatement();
if (attributeStatement != null)
{
- assertion.getStatementOrAuthnStatementOrAuthzDecisionStatement().add(attributeStatement);
+ assertion.addStatement( attributeStatement );
}
}
@@ -329,11 +329,14 @@
// create a new unique ID for the renewed assertion.
String assertionID = IDGenerator.create("ID_");
+
+ List<StatementAbstractType> statements = new ArrayList<StatementAbstractType>();
+ statements.addAll( oldAssertion.getStatements() );
// create the new assertion.
AssertionType newAssertion = SAMLAssertionFactory.createAssertion(assertionID, oldAssertion.getIssuer(), context
- .getRequestSecurityToken().getLifetime().getCreated(), conditions, oldAssertion.getSubject(), oldAssertion
- .getStatementOrAuthnStatementOrAuthzDecisionStatement());
+ .getRequestSecurityToken().getLifetime().getCreated(), conditions, oldAssertion.getSubject(),
+ statements );
// create a security token with the new assertion.
Element assertionElement = null;
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/plugins/saml/SAMLUtil.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/plugins/saml/SAMLUtil.java 2010-11-30 16:03:56 UTC (rev 568)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/plugins/saml/SAMLUtil.java 2010-11-30 16:06:20 UTC (rev 569)
@@ -21,16 +21,18 @@
*/
package org.picketlink.identity.federation.core.wstrust.plugins.saml;
+import java.io.ByteArrayInputStream;
+import java.io.ByteArrayOutputStream;
+
import javax.xml.bind.JAXBElement;
import javax.xml.bind.JAXBException;
-import javax.xml.bind.Marshaller;
import javax.xml.bind.Unmarshaller;
-import javax.xml.transform.dom.DOMResult;
import org.picketlink.identity.federation.core.saml.v2.util.DocumentUtil;
+import org.picketlink.identity.federation.core.saml.v2.writers.SAMLAssertionWriter;
import org.picketlink.identity.federation.core.util.JAXBUtil;
-import org.picketlink.identity.federation.saml.v2.assertion.AssertionType;
-import org.picketlink.identity.federation.saml.v2.assertion.ObjectFactory;
+import org.picketlink.identity.federation.core.util.StaxUtil;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AssertionType;
import org.w3c.dom.Document;
import org.w3c.dom.Element;
@@ -65,13 +67,20 @@
* @throws Exception
* if an error occurs while marshaling the assertion.
*/
- public static Element toElement(AssertionType assertion) throws Exception
+ public static Element toElement( AssertionType assertion ) throws Exception
{
- Document document = DocumentUtil.createDocument();
+ /*Document document = DocumentUtil.createDocument();
DOMResult result = new DOMResult(document);
- Marshaller marshaller = JAXBUtil.getMarshaller("org.picketlink.identity.federation.saml.v2.assertion");
+ */
+ ByteArrayOutputStream baos = new ByteArrayOutputStream();
+ SAMLAssertionWriter writer = new SAMLAssertionWriter(StaxUtil.getXMLStreamWriter(baos));
+ writer.write( assertion );
+
+ ByteArrayInputStream bis = new ByteArrayInputStream( baos.toByteArray() );
+ Document document = DocumentUtil.getDocument( bis ); //throws exceptions
+ /*Marshaller marshaller = JAXBUtil.getMarshaller("org.picketlink.identity.federation.saml.v2.assertion");
marshaller.marshal(new ObjectFactory().createAssertion(assertion), result);
-
+*/
// normalize the document to remove unused namespaces.
// DOMConfiguration docConfig = document.getDomConfig();
// docConfig.setParameter("namespaces", Boolean.TRUE);
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/writers/WSPolicyWriter.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/writers/WSPolicyWriter.java 2010-11-30 16:03:56 UTC (rev 568)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/writers/WSPolicyWriter.java 2010-11-30 16:06:20 UTC (rev 569)
@@ -28,7 +28,6 @@
import java.util.List;
-import javax.xml.bind.JAXBElement;
import javax.xml.stream.XMLStreamWriter;
import org.picketlink.identity.federation.core.exceptions.ProcessingException;
Copied: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/writers/WSTrustRSTWriter.java (from rev 560, federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/writers/WSTrustRSTWriter.java)
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/writers/WSTrustRSTWriter.java (rev 0)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/writers/WSTrustRSTWriter.java 2010-11-30 16:06:20 UTC (rev 569)
@@ -0,0 +1,449 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2008, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.picketlink.identity.federation.core.wstrust.writers;
+
+import static org.picketlink.identity.federation.core.wstrust.WSTrustConstants.BASE_NAMESPACE;
+import static org.picketlink.identity.federation.core.wstrust.WSTrustConstants.PREFIX;
+import static org.picketlink.identity.federation.core.wstrust.WSTrustConstants.RST;
+import static org.picketlink.identity.federation.core.wstrust.WSTrustConstants.RST_COLLECTION;
+import static org.picketlink.identity.federation.core.wstrust.WSTrustConstants.RST_CONTEXT;
+
+import java.io.OutputStream;
+import java.net.URI;
+import java.util.List;
+
+import javax.xml.stream.XMLStreamWriter;
+import javax.xml.transform.Result;
+
+import org.picketlink.identity.federation.core.exceptions.ProcessingException;
+import org.picketlink.identity.federation.core.saml.v2.writers.SAMLAssertionWriter;
+import org.picketlink.identity.federation.core.util.StaxUtil;
+import org.picketlink.identity.federation.core.wstrust.WSTrustConstants;
+import org.picketlink.identity.federation.core.wstrust.wrappers.RequestSecurityToken;
+import org.picketlink.identity.federation.core.wstrust.wrappers.RequestSecurityTokenCollection;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AssertionType;
+import org.picketlink.identity.federation.ws.policy.AppliesTo;
+import org.picketlink.identity.federation.ws.trust.BinarySecretType;
+import org.picketlink.identity.federation.ws.trust.CancelTargetType;
+import org.picketlink.identity.federation.ws.trust.EntropyType;
+import org.picketlink.identity.federation.ws.trust.OnBehalfOfType;
+import org.picketlink.identity.federation.ws.trust.RenewTargetType;
+import org.picketlink.identity.federation.ws.trust.UseKeyType;
+import org.picketlink.identity.federation.ws.trust.ValidateTargetType;
+import org.picketlink.identity.federation.ws.wss.secext.UsernameTokenType;
+import org.picketlink.identity.xmlsec.w3.xmldsig.KeyValueType;
+import org.picketlink.identity.xmlsec.w3.xmldsig.RSAKeyValueType;
+import org.w3c.dom.Element;
+
+/**
+ * Given a {@code RequestSecurityToken}, write into an {@code OutputStream}
+ * @author Anil.Saldhana at redhat.com
+ * @since Oct 19, 2010
+ */
+public class WSTrustRSTWriter
+{
+ private XMLStreamWriter writer;
+
+ /**
+ * <p>
+ * Creates a {@code WSTrustRSTWriter} that writes {@code RequestSecurityToken} instances to the specified
+ * {@code OutputStream}.
+ * </p>
+ *
+ * @param out the stream where the request is to be written.
+ * @throws ProcessingException if an error occurs while processing the request.
+ */
+ public WSTrustRSTWriter(OutputStream out) throws ProcessingException
+ {
+ this.writer = StaxUtil.getXMLStreamWriter(out);
+ }
+
+ /**
+ * <p>
+ * Creates a {@code WSTrustRSTWriter} that writes {@code RequestSecurityToken} instances to the specified
+ * {@code Result}.
+ * </p>
+ *
+ * @param result the {@code Result} where the request it to be written.
+ * @throws ProcessingException if an error occurs while processing the request.
+ */
+ public WSTrustRSTWriter(Result result) throws ProcessingException
+ {
+ this.writer = StaxUtil.getXMLStreamWriter(result);
+ }
+
+ /**
+ * <p>
+ * Creates a {@code WSTrustRSTWriter} that uses the specified {@code XMLStreamWriter} to write the request
+ * objects.
+ * </p>
+ *
+ * @param writer the {@code XMLStreamWriter} to be used to write requests.
+ */
+ public WSTrustRSTWriter(XMLStreamWriter writer)
+ {
+ this.writer = writer;
+ }
+
+ /**
+ * Write the {@code RequestSecurityTokenCollection} into the {@code OutputStream}
+ * @param requestTokenCollection
+ * @param out
+ * @throws ProcessingException
+ */
+ public void write( RequestSecurityTokenCollection requestTokenCollection) throws ProcessingException
+ {
+ StaxUtil.writeStartElement( writer, PREFIX, RST_COLLECTION, BASE_NAMESPACE);
+ StaxUtil.writeNameSpace( writer, PREFIX, BASE_NAMESPACE );
+
+ List<RequestSecurityToken> tokenList = requestTokenCollection.getRequestSecurityTokens();
+ if( tokenList == null )
+ throw new ProcessingException( "RST list is null" );
+
+ for( RequestSecurityToken token: tokenList )
+ {
+ write(token);
+ }
+
+ StaxUtil.writeEndElement( writer );
+ StaxUtil.flush( writer );
+ }
+
+ /**
+ * Write the {@code RequestSecurityToken} into the {@code OutputStream}
+ * @param requestToken
+ * @param out
+ * @throws ProcessingException
+ */
+ public void write( RequestSecurityToken requestToken ) throws ProcessingException
+ {
+ StaxUtil.writeStartElement( writer, PREFIX, RST, BASE_NAMESPACE);
+ StaxUtil.writeNameSpace( writer, PREFIX, BASE_NAMESPACE );
+ String context = requestToken.getContext();
+ StaxUtil.writeAttribute( writer, RST_CONTEXT, context );
+
+ URI requestType = requestToken.getRequestType();
+ if( requestType != null )
+ {
+ writeRequestType( writer, requestType );
+ }
+
+ URI tokenType = requestToken.getTokenType();
+ if( tokenType != null )
+ {
+ writeTokenType( writer, tokenType );
+ }
+ //Deal with AppliesTo
+ AppliesTo appliesTo = requestToken.getAppliesTo();
+ if( appliesTo != null )
+ {
+ WSPolicyWriter wsPolicyWriter = new WSPolicyWriter(this.writer);
+ wsPolicyWriter.write( appliesTo );
+ }
+
+ long keySize = requestToken.getKeySize();
+ if (keySize != 0)
+ {
+ StaxUtil.writeStartElement(writer, PREFIX, WSTrustConstants.KEY_SIZE, BASE_NAMESPACE);
+ StaxUtil.writeCharacters(writer, Long.toString(keySize));
+ StaxUtil.writeEndElement(writer);
+ }
+
+ URI keyType = requestToken.getKeyType();
+ if( keyType != null )
+ {
+ StaxUtil.writeStartElement( writer, PREFIX, WSTrustConstants.KEY_TYPE, BASE_NAMESPACE);
+ StaxUtil.writeCharacters(writer, keyType.toString() );
+ StaxUtil.writeEndElement( writer );
+ }
+ EntropyType entropy = requestToken.getEntropy();
+ if( entropy != null )
+ {
+ writeEntropyType(entropy);
+ }
+
+ UseKeyType useKeyType = requestToken.getUseKey();
+ if( useKeyType != null )
+ {
+ writeUseKeyType(useKeyType);
+ }
+
+ OnBehalfOfType onBehalfOf = requestToken.getOnBehalfOf();
+ if( onBehalfOf != null )
+ {
+ writeOnBehalfOfType(onBehalfOf);
+ }
+
+ ValidateTargetType validateTarget = requestToken.getValidateTarget();
+ if( validateTarget != null )
+ {
+ writeValidateTargetType(validateTarget);
+ }
+
+ CancelTargetType cancelTarget = requestToken.getCancelTarget();
+ if( cancelTarget != null )
+ {
+ writeCancelTargetType(cancelTarget);
+ }
+
+ RenewTargetType renewTarget = requestToken.getRenewTarget();
+ if (renewTarget != null)
+ {
+ writeRenewTargetType(renewTarget);
+ }
+
+ StaxUtil.writeEndElement( writer );
+ StaxUtil.flush( writer );
+ }
+
+ /**
+ * Write an {@code EntropyType} to stream
+ * @param entropy
+ * @throws ProcessingException
+ */
+ private void writeEntropyType(EntropyType entropy) throws ProcessingException
+ {
+ StaxUtil.writeStartElement( writer, PREFIX, WSTrustConstants.ENTROPY, BASE_NAMESPACE);
+
+ List<Object> entropyList = entropy.getAny();
+ if( entropyList != null )
+ {
+ for( Object entropyObj: entropyList )
+ {
+ if( entropyObj instanceof BinarySecretType )
+ {
+ BinarySecretType binarySecret = (BinarySecretType) entropyObj;
+ writeBinarySecretType( writer, binarySecret );
+ }
+ }
+ }
+ StaxUtil.writeEndElement( writer );
+ }
+
+ /**
+ * Write an {@code UseKeyType} to stream
+ * @param useKeyType
+ * @throws ProcessingException
+ */
+ private void writeUseKeyType(UseKeyType useKeyType) throws ProcessingException
+ {
+ StaxUtil.writeStartElement( writer, PREFIX, WSTrustConstants.USE_KEY, BASE_NAMESPACE);
+
+ Object useKeyTypeValue = useKeyType.getAny();
+ if( useKeyTypeValue instanceof Element )
+ {
+ Element domElement = (Element) useKeyTypeValue;
+ StaxUtil.writeDOMElement( writer, domElement );
+ }
+ else if (useKeyTypeValue instanceof byte[])
+ {
+ byte[] certificate = (byte[]) useKeyTypeValue;
+ StaxUtil.writeStartElement(writer, WSTrustConstants.XMLDSig.DSIG_PREFIX , WSTrustConstants.XMLDSig.X509CERT,
+ WSTrustConstants.DSIG_NS);
+ StaxUtil.writeNameSpace( writer, WSTrustConstants.XMLDSig.DSIG_PREFIX , WSTrustConstants.DSIG_NS);
+ StaxUtil.writeCharacters(writer, new String(certificate));
+ StaxUtil.writeEndElement(writer);
+ }
+ else if (useKeyTypeValue instanceof KeyValueType)
+ {
+ writeKeyValueType((KeyValueType) useKeyTypeValue);
+ }
+ else
+ throw new RuntimeException( " Unknown use key type:" + useKeyTypeValue.getClass().getName() );
+
+ StaxUtil.writeEndElement(writer);
+ }
+
+ private void writeKeyValueType(KeyValueType type) throws ProcessingException
+ {
+ StaxUtil.writeStartElement(writer, WSTrustConstants.XMLDSig.DSIG_PREFIX , WSTrustConstants.XMLDSig.KEYVALUE, WSTrustConstants.DSIG_NS);
+ StaxUtil.writeNameSpace(writer, WSTrustConstants.XMLDSig.DSIG_PREFIX , WSTrustConstants.DSIG_NS);
+ if (type.getContent().size() == 0)
+ throw new ProcessingException("KeyValueType must contain at least one value");
+
+ for (Object obj : type.getContent())
+ {
+ if (obj instanceof RSAKeyValueType)
+ {
+ RSAKeyValueType rsaKeyValue = (RSAKeyValueType) obj;
+ writeRSAKeyValueType(rsaKeyValue);
+ }
+ }
+ StaxUtil.writeEndElement(writer);
+ }
+
+ private void writeRSAKeyValueType(RSAKeyValueType type) throws ProcessingException
+ {
+ StaxUtil.writeStartElement(writer, "dsig", WSTrustConstants.XMLDSig.RSA_KEYVALUE , WSTrustConstants.DSIG_NS);
+ // write the rsa key modulus.
+ byte[] modulus = type.getModulus();
+ StaxUtil.writeStartElement(writer, "dsig", WSTrustConstants.XMLDSig.MODULUS , WSTrustConstants.DSIG_NS);
+ StaxUtil.writeCharacters(writer, new String(modulus));
+ StaxUtil.writeEndElement(writer);
+
+ // write the rsa key exponent.
+ byte[] exponent = type.getExponent();
+ StaxUtil.writeStartElement(writer, "dsig", WSTrustConstants.XMLDSig.EXPONENT , WSTrustConstants.DSIG_NS);
+ StaxUtil.writeCharacters(writer, new String(exponent));
+ StaxUtil.writeEndElement(writer);
+
+ StaxUtil.writeEndElement(writer);
+ }
+ /**
+ * Write an {@code OnBehalfOfType} to stream
+ * @param onBehalfOf
+ * @param out
+ * @throws ProcessingException
+ */
+ private void writeOnBehalfOfType(OnBehalfOfType onBehalfOf) throws ProcessingException
+ {
+ StaxUtil.writeStartElement( writer, PREFIX, WSTrustConstants.ON_BEHALF_OF, BASE_NAMESPACE);
+ StaxUtil.writeCharacters(writer, "" );
+
+ UsernameTokenType usernameToken = (UsernameTokenType) onBehalfOf.getAny();
+ WSSecurityWriter wsseWriter = new WSSecurityWriter(this.writer);
+ wsseWriter.write( usernameToken );
+ StaxUtil.writeEndElement( writer );
+ }
+
+ /**
+ * Write an {@code ValidateTargetType} to stream
+ * @param validateTarget
+ * @param out
+ * @throws ProcessingException
+ */
+ private void writeValidateTargetType(ValidateTargetType validateTarget) throws ProcessingException
+ {
+ StaxUtil.writeStartElement( writer, PREFIX, WSTrustConstants.VALIDATE_TARGET, BASE_NAMESPACE);
+
+ Object validateTargetObj = validateTarget.getAny();
+ if (validateTargetObj != null)
+ {
+ if (validateTargetObj instanceof AssertionType)
+ {
+ AssertionType assertion = (AssertionType) validateTargetObj;
+ SAMLAssertionWriter samlAssertionWriter = new SAMLAssertionWriter(this.writer);
+ samlAssertionWriter.write(assertion);
+ }
+ else if (validateTargetObj instanceof Element)
+ {
+ StaxUtil.writeDOMElement(writer, (Element) validateTargetObj);
+ }
+ else
+ throw new ProcessingException("Unknown validate target type=" + validateTargetObj.getClass().getName());
+ }
+ StaxUtil.writeEndElement( writer );
+ }
+
+ private void writeRenewTargetType(RenewTargetType renewTarget) throws ProcessingException
+ {
+ StaxUtil.writeStartElement( writer, PREFIX, WSTrustConstants.RENEW_TARGET, BASE_NAMESPACE);
+
+ Object renewTargetObj = renewTarget.getAny();
+ if (renewTargetObj != null)
+ {
+ if (renewTargetObj instanceof AssertionType)
+ {
+ AssertionType assertion = (AssertionType) renewTargetObj;
+ SAMLAssertionWriter samlAssertionWriter = new SAMLAssertionWriter(this.writer);
+ samlAssertionWriter.write(assertion);
+ }
+ else if (renewTargetObj instanceof Element)
+ {
+ StaxUtil.writeDOMElement(writer, (Element) renewTargetObj);
+ }
+ else
+ throw new ProcessingException("Unknown renew target type=" + renewTargetObj.getClass().getName());
+ }
+ StaxUtil.writeEndElement( writer );
+ }
+
+ /**
+ * Write an {@code CancelTargetType} to Stream
+ * @param cancelTarget
+ * @param out
+ * @throws ProcessingException
+ */
+ private void writeCancelTargetType(CancelTargetType cancelTarget) throws ProcessingException
+ {
+ StaxUtil.writeStartElement( writer, PREFIX, WSTrustConstants.CANCEL_TARGET, BASE_NAMESPACE);
+
+ Object cancelTargetObj = cancelTarget.getAny();
+ if (cancelTargetObj != null)
+ {
+ if (cancelTargetObj instanceof AssertionType)
+ {
+ AssertionType assertion = (AssertionType) cancelTargetObj;
+ SAMLAssertionWriter samlAssertionWriter = new SAMLAssertionWriter(this.writer);
+ samlAssertionWriter.write(assertion);
+ }
+ else if (cancelTargetObj instanceof Element)
+ {
+ StaxUtil.writeDOMElement(writer, (Element) cancelTargetObj);
+ }
+ else
+ throw new ProcessingException("Unknown cancel target type=" + cancelTargetObj.getClass().getName());
+ }
+ StaxUtil.writeEndElement( writer );
+ }
+
+ /**
+ * Write a {@code BinarySecretType} to stream
+ * @param writer
+ * @param binarySecret
+ * @throws ProcessingException
+ */
+ private void writeBinarySecretType( XMLStreamWriter writer, BinarySecretType binarySecret ) throws ProcessingException
+ {
+ StaxUtil.writeStartElement( writer, PREFIX, WSTrustConstants.BINARY_SECRET, BASE_NAMESPACE );
+ String type = binarySecret.getType();
+ StaxUtil.writeAttribute(writer, WSTrustConstants.TYPE, type );
+ StaxUtil.writeCharacters(writer, new String( binarySecret.getValue() ) );
+ StaxUtil.writeEndElement(writer);
+ }
+
+ /**
+ * Write a Request Type
+ * @param writer
+ * @param uri
+ * @throws ProcessingException
+ */
+ private void writeRequestType( XMLStreamWriter writer , URI uri ) throws ProcessingException
+ {
+ StaxUtil.writeStartElement( writer, PREFIX, WSTrustConstants.REQUEST_TYPE, BASE_NAMESPACE );
+ StaxUtil.writeCharacters(writer, uri.toASCIIString() );
+ StaxUtil.writeEndElement(writer);
+ }
+
+ /**
+ * Write Token Type
+ * @param writer
+ * @param uri
+ * @throws ProcessingException
+ */
+ private void writeTokenType( XMLStreamWriter writer , URI uri ) throws ProcessingException
+ {
+ StaxUtil.writeStartElement( writer, PREFIX, WSTrustConstants.TOKEN_TYPE, BASE_NAMESPACE );
+ StaxUtil.writeCharacters(writer, uri.toASCIIString() );
+ StaxUtil.writeEndElement(writer);
+ }
+}
\ No newline at end of file
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/writers/WSTrustRequestWriter.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/writers/WSTrustRequestWriter.java 2010-11-30 16:03:56 UTC (rev 568)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/writers/WSTrustRequestWriter.java 2010-11-30 16:06:20 UTC (rev 569)
@@ -39,8 +39,8 @@
import org.picketlink.identity.federation.core.util.StaxUtil;
import org.picketlink.identity.federation.core.wstrust.WSTrustConstants;
import org.picketlink.identity.federation.core.wstrust.wrappers.RequestSecurityToken;
-import org.picketlink.identity.federation.core.wstrust.wrappers.RequestSecurityTokenCollection;
-import org.picketlink.identity.federation.saml.v2.assertion.AssertionType;
+import org.picketlink.identity.federation.core.wstrust.wrappers.RequestSecurityTokenCollection;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AssertionType;
import org.picketlink.identity.federation.ws.policy.AppliesTo;
import org.picketlink.identity.federation.ws.trust.BinarySecretType;
import org.picketlink.identity.federation.ws.trust.CancelTargetType;
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/writers/WSTrustResponseWriter.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/writers/WSTrustResponseWriter.java 2010-11-30 16:03:56 UTC (rev 568)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/writers/WSTrustResponseWriter.java 2010-11-30 16:06:20 UTC (rev 569)
@@ -29,8 +29,8 @@
import org.picketlink.identity.federation.core.wstrust.WSTrustConstants;
import org.picketlink.identity.federation.core.wstrust.wrappers.Lifetime;
import org.picketlink.identity.federation.core.wstrust.wrappers.RequestSecurityTokenResponse;
-import org.picketlink.identity.federation.core.wstrust.wrappers.RequestSecurityTokenResponseCollection;
-import org.picketlink.identity.federation.saml.v2.assertion.AssertionType;
+import org.picketlink.identity.federation.core.wstrust.wrappers.RequestSecurityTokenResponseCollection;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AssertionType;
import org.picketlink.identity.federation.ws.trust.BinarySecretType;
import org.picketlink.identity.federation.ws.trust.ComputedKeyType;
import org.picketlink.identity.federation.ws.trust.EntropyType;
Modified: federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/identity/federation/core/wstrust/auth/Util.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/identity/federation/core/wstrust/auth/Util.java 2010-11-30 16:03:56 UTC (rev 568)
+++ federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/identity/federation/core/wstrust/auth/Util.java 2010-11-30 16:06:20 UTC (rev 569)
@@ -23,9 +23,12 @@
import java.util.HashMap;
import java.util.Map;
+import org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLConstants;
+import org.picketlink.identity.federation.core.saml.v2.factories.JBossSAMLBaseFactory;
+import org.picketlink.identity.federation.core.saml.v2.util.XMLTimeUtil;
import org.picketlink.identity.federation.core.wstrust.auth.AbstractSTSLoginModule;
-import org.picketlink.identity.federation.core.wstrust.plugins.saml.SAMLUtil;
-import org.picketlink.identity.federation.saml.v2.assertion.AssertionType;
+import org.picketlink.identity.federation.core.wstrust.plugins.saml.SAMLUtil;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AssertionType;
import org.w3c.dom.Element;
/**
@@ -42,7 +45,9 @@
public static Element createSamlToken() throws Exception
{
- final AssertionType assertionType = new AssertionType();
+ String id = "ID+" + JBossSAMLBaseFactory.createUUID();
+ final AssertionType assertionType = new AssertionType( id, XMLTimeUtil.getIssueInstant(),
+ JBossSAMLConstants.VERSION_2_0.get() );
return SAMLUtil.toElement(assertionType);
}
Modified: federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/saml/SAMLAssertionParserTestCase.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/saml/SAMLAssertionParserTestCase.java 2010-11-30 16:03:56 UTC (rev 568)
+++ federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/saml/SAMLAssertionParserTestCase.java 2010-11-30 16:06:20 UTC (rev 569)
@@ -27,7 +27,9 @@
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.InputStream;
+import java.util.Iterator;
import java.util.List;
+import java.util.Set;
import javax.xml.bind.JAXBElement;
import javax.xml.namespace.QName;
@@ -39,18 +41,10 @@
import org.picketlink.identity.federation.core.saml.v2.util.DocumentUtil;
import org.picketlink.identity.federation.core.saml.v2.util.XMLTimeUtil;
import org.picketlink.identity.federation.core.saml.v2.writers.SAMLAssertionWriter;
-import org.picketlink.identity.federation.core.util.StaxUtil;
-import org.picketlink.identity.federation.saml.v2.assertion.AssertionType;
-import org.picketlink.identity.federation.saml.v2.assertion.AttributeStatementType;
-import org.picketlink.identity.federation.saml.v2.assertion.AttributeType;
-import org.picketlink.identity.federation.saml.v2.assertion.AudienceRestrictionType;
-import org.picketlink.identity.federation.saml.v2.assertion.AuthnStatementType;
-import org.picketlink.identity.federation.saml.v2.assertion.ConditionsType;
-import org.picketlink.identity.federation.saml.v2.assertion.NameIDType;
-import org.picketlink.identity.federation.saml.v2.assertion.StatementAbstractType;
-import org.picketlink.identity.federation.saml.v2.assertion.SubjectConfirmationDataType;
-import org.picketlink.identity.federation.saml.v2.assertion.SubjectConfirmationType;
-import org.picketlink.identity.federation.saml.v2.assertion.SubjectType;
+import org.picketlink.identity.federation.core.util.StaxUtil;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.*;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AttributeStatementType.ASTChoiceType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.SubjectType.STSubType;
/**
* Test the parsing of saml assertions
@@ -76,7 +70,17 @@
//Subject
SubjectType subject = assertion.getSubject();
- List<JAXBElement<?>> content = subject.getContent();
+
+ STSubType subType = subject.getSubType();
+ NameIDType subjectNameID = (NameIDType) subType.getBaseID();
+ assertEquals( "jduke", subjectNameID.getValue() );
+ assertEquals( "urn:picketlink:identity-federation", subjectNameID.getNameQualifier() );
+ SubjectConfirmationType subjectConfirmation = subject.getConfirmation().get(0 );
+ SubjectConfirmationDataType subjectConfirmationDataType = subjectConfirmation.getSubjectConfirmationData();
+ assertEquals( XMLTimeUtil.parse( "2010-09-30T19:13:37.869Z" ) , subjectConfirmationDataType.getNotBefore() );
+ assertEquals( XMLTimeUtil.parse( "2010-09-30T21:13:37.869Z" ) , subjectConfirmationDataType.getNotOnOrAfter() );
+
+ /*List<JAXBElement<?>> content = subject.getContent();
int size = content.size();
@@ -98,7 +102,7 @@
assertEquals( XMLTimeUtil.parse( "2010-09-30T19:13:37.869Z" ) , conditions.getNotBefore() );
assertEquals( XMLTimeUtil.parse( "2010-09-30T21:13:37.869Z" ) , conditions.getNotOnOrAfter() );
}
- }
+ } */
}
@@ -125,7 +129,24 @@
//Subject
SubjectType subject = assertion.getSubject();
- List<JAXBElement<?>> content = subject.getContent();
+
+ STSubType subType = subject.getSubType();
+ NameIDType subjectNameID = (NameIDType) subType.getBaseID();
+ assertEquals( "jduke", subjectNameID.getValue() );
+ assertEquals( "urn:picketlink:identity-federation", subjectNameID.getNameQualifier() );
+
+ SubjectConfirmationType subjectConfirmation = subject.getConfirmation().get(0 );
+ assertEquals( "urn:oasis:names:tc:SAML:2.0:cm:bearer", subjectConfirmation.getMethod() );
+
+ ConditionsType conditions = assertion.getConditions();
+ assertEquals( XMLTimeUtil.parse( "2010-09-30T19:13:37.911Z" ) , conditions.getNotBefore() );
+ assertEquals( XMLTimeUtil.parse( "2010-09-30T21:13:37.911Z" ) , conditions.getNotOnOrAfter() );
+
+ AudienceRestrictionType audienceRestrictionType = (AudienceRestrictionType) conditions.getConditions().get(0);
+ assertEquals( 1, audienceRestrictionType.getAudience().size() );
+ assertEquals( "http://services.testcorp.org/provider2", audienceRestrictionType.getAudience().get( 0 ));
+
+ /*List<JAXBElement<?>> content = subject.getContent();
int size = content.size();
@@ -153,7 +174,7 @@
assertEquals( 1, audienceRestrictionType.getAudience().size() );
assertEquals( "http://services.testcorp.org/provider2", audienceRestrictionType.getAudience().get( 0 ));
}
- }
+ }*/
}
@@ -174,18 +195,19 @@
//Issuer
assertEquals( "https://idp.example.org/SAML2", assertion.getIssuer().getValue() );
- List<StatementAbstractType> statements = assertion.getStatementOrAuthnStatementOrAuthzDecisionStatement();
+ Set<StatementAbstractType> statements = assertion.getStatements();
assertEquals( 2, statements.size() );
- AuthnStatementType authnStatement = (AuthnStatementType) statements.get(0);
+ Iterator<StatementAbstractType> iter = statements.iterator();
+ AuthnStatementType authnStatement = (AuthnStatementType) iter.next();
assertEquals( XMLTimeUtil.parse( "2004-12-05T09:22:00Z" ), authnStatement.getAuthnInstant() );
assertEquals( "b07b804c-7c29-ea16-7300-4f3d6f7928ac", authnStatement.getSessionIndex() );
- AttributeStatementType attributeStatement = (AttributeStatementType) statements.get( 1 );
- List<Object> attributes = attributeStatement.getAttributeOrEncryptedAttribute();
+ AttributeStatementType attributeStatement = (AttributeStatementType) iter.next();
+ List<ASTChoiceType> attributes = attributeStatement.getAttributes();
assertEquals( 1, attributes.size() );
- AttributeType attribute = (AttributeType) attributes.get(0);
+ AttributeType attribute = attributes.get(0).getAttribute();
assertEquals( "eduPersonAffiliation", attribute.getFriendlyName() );
assertEquals( "urn:oid:1.3.6.1.4.1.5923.1.1.1.1", attribute.getName() );
assertEquals( "urn:oasis:names:tc:SAML:2.0:attrname-format:uri", attribute.getNameFormat() );
@@ -205,7 +227,29 @@
//Subject
SubjectType subject = assertion.getSubject();
- List<JAXBElement<?>> content = subject.getContent();
+ STSubType subType = subject.getSubType();
+ NameIDType subjectNameID = (NameIDType) subType.getBaseID();
+ assertEquals( "3f7b3dcf-1674-4ecd-92c8-1544f346baf8", subjectNameID.getValue() );
+ assertEquals( "urn:oasis:names:tc:SAML:2.0:nameid-format:transient", subjectNameID.getFormat() );
+
+ SubjectConfirmationType subjectConfirmation = subject.getConfirmation().get(0 );
+ assertEquals( "urn:oasis:names:tc:SAML:2.0:cm:bearer", subjectConfirmation.getMethod() );
+
+ SubjectConfirmationDataType subjectConfirmationData = subjectConfirmation.getSubjectConfirmationData();
+ assertEquals( "ID_aaf23196-1773-2113-474a-fe114412ab72", subjectConfirmationData.getInResponseTo() );
+ assertEquals( XMLTimeUtil.parse( "2004-12-05T09:27:05Z" ), subjectConfirmationData.getNotOnOrAfter() );
+ assertEquals( "https://sp.example.com/SAML2/SSO/POST", subjectConfirmationData.getRecipient());
+
+ ConditionsType conditions = assertion.getConditions();
+ assertEquals( XMLTimeUtil.parse( "2004-12-05T09:17:05Z" ) , conditions.getNotBefore() );
+ assertEquals( XMLTimeUtil.parse( "2004-12-05T09:27:05Z" ) , conditions.getNotOnOrAfter() );
+
+ AudienceRestrictionType audienceRestrictionType = (AudienceRestrictionType) conditions.getConditions().get(0);
+ assertEquals( 1, audienceRestrictionType.getAudience().size() );
+ assertEquals( "https://sp.example.com/SAML2", audienceRestrictionType.getAudience().get( 0 ));
+
+
+ /*List<JAXBElement<?>> content = subject.getContent();
int size = content.size();
assertEquals( 2, size );
@@ -246,7 +290,7 @@
assertEquals( XMLTimeUtil.parse( "2004-12-05T09:27:05Z" ), subjectConfirmationData.getNotOnOrAfter() );
assertEquals( "https://sp.example.com/SAML2/SSO/POST", subjectConfirmationData.getRecipient());
}
- }
+ } */
ByteArrayOutputStream baos = new ByteArrayOutputStream();
SAMLAssertionWriter writer = new SAMLAssertionWriter(StaxUtil.getXMLStreamWriter(baos));
Modified: federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/saml/SAMLAuthnRequestParserTestCase.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/saml/SAMLAuthnRequestParserTestCase.java 2010-11-30 16:03:56 UTC (rev 568)
+++ federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/saml/SAMLAuthnRequestParserTestCase.java 2010-11-30 16:06:20 UTC (rev 569)
@@ -33,9 +33,9 @@
import org.picketlink.identity.federation.core.saml.v2.util.DocumentUtil;
import org.picketlink.identity.federation.core.saml.v2.util.XMLTimeUtil;
import org.picketlink.identity.federation.core.saml.v2.writers.SAMLRequestWriter;
-import org.picketlink.identity.federation.core.util.StaxUtil;
-import org.picketlink.identity.federation.saml.v2.protocol.AuthnRequestType;
-import org.picketlink.identity.federation.saml.v2.protocol.NameIDPolicyType;
+import org.picketlink.identity.federation.core.util.StaxUtil;
+import org.picketlink.identity.federation.newmodel.saml.v2.protocol.AuthnRequestType;
+import org.picketlink.identity.federation.newmodel.saml.v2.protocol.NameIDPolicyType;
/**
* Validate the SAML2 AuthnRequest parse
Modified: federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/saml/SAMLResponseParserTestCase.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/saml/SAMLResponseParserTestCase.java 2010-11-30 16:03:56 UTC (rev 568)
+++ federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/saml/SAMLResponseParserTestCase.java 2010-11-30 16:06:20 UTC (rev 569)
@@ -27,6 +27,7 @@
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.InputStream;
+import java.util.Iterator;
import java.util.List;
import javax.xml.bind.JAXBElement;
@@ -36,17 +37,20 @@
import org.picketlink.identity.federation.core.saml.v2.util.DocumentUtil;
import org.picketlink.identity.federation.core.saml.v2.util.XMLTimeUtil;
import org.picketlink.identity.federation.core.saml.v2.writers.SAMLResponseWriter;
-import org.picketlink.identity.federation.core.util.StaxUtil;
-import org.picketlink.identity.federation.saml.v2.assertion.AssertionType;
-import org.picketlink.identity.federation.saml.v2.assertion.AttributeStatementType;
-import org.picketlink.identity.federation.saml.v2.assertion.AttributeType;
-import org.picketlink.identity.federation.saml.v2.assertion.AuthnStatementType;
-import org.picketlink.identity.federation.saml.v2.assertion.NameIDType;
-import org.picketlink.identity.federation.saml.v2.assertion.SubjectConfirmationDataType;
-import org.picketlink.identity.federation.saml.v2.assertion.SubjectConfirmationType;
-import org.picketlink.identity.federation.saml.v2.assertion.SubjectType;
-import org.picketlink.identity.federation.saml.v2.protocol.ResponseType;
-import org.picketlink.identity.federation.saml.v2.protocol.StatusType;
+import org.picketlink.identity.federation.core.util.StaxUtil;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AssertionType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AttributeStatementType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AttributeType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AuthnContextDeclRefType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AuthnContextType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AuthnStatementType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.NameIDType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.StatementAbstractType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.SubjectConfirmationDataType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.SubjectConfirmationType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.SubjectType;
+import org.picketlink.identity.federation.newmodel.saml.v2.protocol.*;
+import org.picketlink.identity.federation.newmodel.saml.v2.protocol.ResponseType.RTChoiceType;
/**
* Validate the parsing of SAML2 Response
@@ -76,31 +80,43 @@
StatusType status = response.getStatus();
assertEquals( "urn:oasis:names:tc:SAML:2.0:status:Success", status.getStatusCode().getValue() );
- List<Object> assertionList = response.getAssertionOrEncryptedAssertion();
+ List<RTChoiceType> assertionList = response.getAssertions();
assertEquals( 2, assertionList.size() );
- AssertionType assertion1 = (AssertionType) assertionList.get( 0 );
+ AssertionType assertion1 = assertionList.get( 0 ).getAssertion();
assertEquals( "ID_0be488d8-7089-4892-8aeb-83594c800706", assertion1.getID() );
assertEquals( XMLTimeUtil.parse( "2009-05-26T14:06:26.362-05:00" ), assertion1.getIssueInstant() );
assertEquals( "2.0", assertion1.getVersion() );
- assertEquals( "testIssuer", assertion1.getIssuer().getValue() );
- AuthnStatementType authnStatement = (AuthnStatementType) assertion1.getStatementOrAuthnStatementOrAuthzDecisionStatement().get( 0 );
+ assertEquals( "testIssuer", assertion1.getIssuer().getValue() ) ;
+
+ Iterator<StatementAbstractType> iterator = assertion1.getStatements().iterator();
+
+ AuthnStatementType authnStatement = (AuthnStatementType) iterator.next();
assertEquals( XMLTimeUtil.parse( "2009-05-26T14:06:26.359-05:00" ), authnStatement.getAuthnInstant() );
+
+
+ AuthnContextType authnContext = authnStatement.getAuthnContext();
+
+ AuthnContextDeclRefType refType = (AuthnContextDeclRefType) authnContext.getURIType().iterator().next();
+ assertEquals( "urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport", refType.getValue().toASCIIString() );
+ /*
JAXBElement<?> authnContextDeclRefJaxb = (JAXBElement<?>) authnStatement.getAuthnContext().getContent().get(0);
- assertEquals( "urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport", authnContextDeclRefJaxb.getValue() );
+ assertEquals( "urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport", authnContextDeclRefJaxb.getValue() );*/
- AssertionType assertion2 = (AssertionType) assertionList.get( 1 );
+ AssertionType assertion2 = (AssertionType) assertionList.get( 1 ).getAssertion();
assertEquals( "ID_976d8310-658a-450d-be39-f33c73c8afa6", assertion2.getID() );
assertEquals( XMLTimeUtil.parse( "2009-05-26T14:06:26.363-05:00" ), assertion2.getIssueInstant() );
assertEquals( "2.0", assertion2.getVersion() );
assertEquals( "testIssuer", assertion2.getIssuer().getValue() );
- authnStatement = (AuthnStatementType) assertion2.getStatementOrAuthnStatementOrAuthzDecisionStatement().get( 0 );
+ authnStatement = (AuthnStatementType) assertion2.getStatements().iterator().next();
assertEquals( XMLTimeUtil.parse( "2009-05-26T14:06:26.359-05:00" ), authnStatement.getAuthnInstant() );
- authnContextDeclRefJaxb = (JAXBElement<?>) authnStatement.getAuthnContext().getContent().get(0);
- assertEquals( "urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport", authnContextDeclRefJaxb.getValue() );
+ authnContext = authnStatement.getAuthnContext();
+ refType = (AuthnContextDeclRefType) authnContext.getURIType().iterator().next();
+ assertEquals( "urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport", refType.getValue().toASCIIString() );
+
//Let us do some writing - currently only visual inspection. We will do proper validation later.
ByteArrayOutputStream baos = new ByteArrayOutputStream();
SAMLResponseWriter writer = new SAMLResponseWriter(StaxUtil.getXMLStreamWriter(baos));
@@ -136,7 +152,7 @@
assertEquals( "urn:oasis:names:tc:SAML:2.0:status:Success", status.getStatusCode().getValue() );
//Get the assertion
- AssertionType assertion = (AssertionType) response.getAssertionOrEncryptedAssertion().get(0);
+ AssertionType assertion = (AssertionType) response.getAssertions().get(0).getAssertion();
assertEquals( "ID_8be1534d-9155-4837-9f26-70ea2c15e327", assertion.getID() );
assertEquals( XMLTimeUtil.parse( "2010-11-04T00:19:16.842-05:00" ), assertion.getIssueInstant() );
assertEquals( "2.0", assertion.getVersion() );
@@ -145,8 +161,42 @@
//Subject
SubjectType subject = assertion.getSubject();
- List<JAXBElement<?>> content = subject.getContent();
+ NameIDType subjectNameID = (NameIDType) subject.getSubType().getBaseID();
+ assertEquals( "anil", subjectNameID.getValue() );
+ assertEquals( "urn:oasis:names:tc:SAML:2.0:nameid-format:persistent", subjectNameID.getFormat() );
+
+ SubjectConfirmationType subjectConfirmation = subject.getConfirmation().get(0);
+
+ assertEquals( "urn:oasis:names:tc:SAML:2.0:cm:bearer", subjectConfirmation.getMethod() );
+
+ SubjectConfirmationDataType subjectConfirmationData = subjectConfirmation.getSubjectConfirmationData();
+ assertEquals( "ID_04ded476-d73c-48af-b3a9-232a52905ffb", subjectConfirmationData.getInResponseTo() );
+ assertEquals( XMLTimeUtil.parse( "2010-11-04T00:19:16.842-05:00" ), subjectConfirmationData.getNotBefore() );
+ assertEquals( XMLTimeUtil.parse( "2010-11-04T00:19:16.842-05:00" ), subjectConfirmationData.getNotOnOrAfter() );
+ assertEquals( "http://localhost:8080/employee/", subjectConfirmationData.getRecipient());
+
+ AttributeStatementType attributeStatement = (AttributeStatementType) assertion.getStatements().iterator().next();
+
+ List<org.picketlink.identity.federation.newmodel.saml.v2.assertion.AttributeStatementType.ASTChoiceType> attributes = attributeStatement.getAttributes();
+ assertEquals( 2, attributes.size() );
+
+ for( org.picketlink.identity.federation.newmodel.saml.v2.assertion.AttributeStatementType.ASTChoiceType attr: attributes )
+ {
+ AttributeType attribute = attr.getAttribute();
+ assertEquals( "role", attribute.getFriendlyName() );
+ assertEquals( "role", attribute.getName() );
+ assertEquals( "role", attribute.getNameFormat() );
+ List<Object> attributeValues = attribute.getAttributeValue();
+ assertEquals( 1, attributeValues.size() );
+
+ String str = (String ) attributeValues.get( 0 );
+ if( ! ( str.equals( "employee") || str.equals( "manager" )))
+ throw new RuntimeException( "attrib value not found" );
+ }
+
+ /*List<JAXBElement<?>> content = subject.getContent();
+
int size = content.size();
for( int i = 0 ; i < size; i++ )
@@ -196,6 +246,6 @@
}
else
throw new RuntimeException( "unknown" );
- }
+ } */
}
}
\ No newline at end of file
Modified: federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/saml/SAMLSloRequestParserTestCase.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/saml/SAMLSloRequestParserTestCase.java 2010-11-30 16:03:56 UTC (rev 568)
+++ federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/saml/SAMLSloRequestParserTestCase.java 2010-11-30 16:06:20 UTC (rev 569)
@@ -33,8 +33,8 @@
import org.picketlink.identity.federation.core.saml.v2.util.DocumentUtil;
import org.picketlink.identity.federation.core.saml.v2.util.XMLTimeUtil;
import org.picketlink.identity.federation.core.saml.v2.writers.SAMLRequestWriter;
-import org.picketlink.identity.federation.core.util.StaxUtil;
-import org.picketlink.identity.federation.saml.v2.protocol.LogoutRequestType;
+import org.picketlink.identity.federation.core.util.StaxUtil;
+import org.picketlink.identity.federation.newmodel.saml.v2.protocol.LogoutRequestType;
/**
* Validate the parsing of SLO (log out) Request
Modified: federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/saml/SAMLSloResponseParserTestCase.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/saml/SAMLSloResponseParserTestCase.java 2010-11-30 16:03:56 UTC (rev 568)
+++ federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/saml/SAMLSloResponseParserTestCase.java 2010-11-30 16:06:20 UTC (rev 569)
@@ -37,10 +37,9 @@
import org.picketlink.identity.federation.core.saml.v2.util.DocumentUtil;
import org.picketlink.identity.federation.core.saml.v2.util.XMLTimeUtil;
import org.picketlink.identity.federation.core.saml.v2.writers.SAMLResponseWriter;
-import org.picketlink.identity.federation.core.util.StaxUtil;
-import org.picketlink.identity.federation.saml.v2.protocol.StatusResponseType;
-import org.picketlink.identity.federation.saml.v2.protocol.StatusType;
-
+import org.picketlink.identity.federation.core.util.StaxUtil;
+import org.picketlink.identity.federation.newmodel.saml.v2.protocol.StatusResponseType;
+import org.picketlink.identity.federation.newmodel.saml.v2.protocol.StatusType;
/**
* Validate the parsing of SLO Response
* @author Anil.Saldhana at redhat.com
Modified: federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/wst/WSTResponseAssertionHOKCertificateTestCase.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/wst/WSTResponseAssertionHOKCertificateTestCase.java 2010-11-30 16:03:56 UTC (rev 568)
+++ federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/wst/WSTResponseAssertionHOKCertificateTestCase.java 2010-11-30 16:06:20 UTC (rev 569)
@@ -35,8 +35,8 @@
import org.picketlink.identity.federation.core.wstrust.WSTrustConstants;
import org.picketlink.identity.federation.core.wstrust.plugins.saml.SAMLUtil;
import org.picketlink.identity.federation.core.wstrust.wrappers.RequestSecurityTokenResponse;
-import org.picketlink.identity.federation.core.wstrust.wrappers.RequestSecurityTokenResponseCollection;
-import org.picketlink.identity.federation.saml.v2.assertion.AssertionType;
+import org.picketlink.identity.federation.core.wstrust.wrappers.RequestSecurityTokenResponseCollection;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AssertionType;
import org.picketlink.identity.federation.ws.addressing.EndpointReferenceType;
import org.picketlink.identity.federation.ws.trust.RequestedReferenceType;
import org.picketlink.identity.federation.ws.wss.secext.KeyIdentifierType;
Modified: federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/saml/v2/X500AttributeUnitTestCase.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/saml/v2/X500AttributeUnitTestCase.java 2010-11-30 16:03:56 UTC (rev 568)
+++ federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/saml/v2/X500AttributeUnitTestCase.java 2010-11-30 16:06:20 UTC (rev 569)
@@ -25,24 +25,22 @@
import java.util.HashMap;
import java.util.Map;
-import javax.xml.bind.JAXBElement;
-import javax.xml.bind.Marshaller;
-
import junit.framework.TestCase;
import org.picketlink.identity.federation.core.constants.AttributeConstants;
import org.picketlink.identity.federation.core.saml.v2.common.IDGenerator;
import org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLURIConstants;
import org.picketlink.identity.federation.core.saml.v2.factories.JBossSAMLAuthnResponseFactory;
-import org.picketlink.identity.federation.core.saml.v2.factories.SAMLProtocolFactory;
import org.picketlink.identity.federation.core.saml.v2.holders.IDPInfoHolder;
import org.picketlink.identity.federation.core.saml.v2.holders.IssuerInfoHolder;
import org.picketlink.identity.federation.core.saml.v2.holders.SPInfoHolder;
import org.picketlink.identity.federation.core.saml.v2.util.DocumentUtil;
import org.picketlink.identity.federation.core.saml.v2.util.StatementUtil;
-import org.picketlink.identity.federation.saml.v2.assertion.AssertionType;
-import org.picketlink.identity.federation.saml.v2.assertion.AttributeStatementType;
-import org.picketlink.identity.federation.saml.v2.protocol.ResponseType;
+import org.picketlink.identity.federation.core.saml.v2.writers.SAMLResponseWriter;
+import org.picketlink.identity.federation.core.util.StaxUtil;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AssertionType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AttributeStatementType;
+import org.picketlink.identity.federation.newmodel.saml.v2.protocol.ResponseType;
import org.w3c.dom.Document;
import org.w3c.dom.Element;
import org.w3c.dom.Node;
@@ -73,15 +71,18 @@
new SPInfoHolder(), idp, issuerHolder);
assertNotNull(rt);
- AssertionType assertion = (AssertionType) rt.getAssertionOrEncryptedAssertion().get(0);
- assertion.getStatementOrAuthnStatementOrAuthzDecisionStatement().add(attrStat);
+ AssertionType assertion = (AssertionType) rt.getAssertions().get(0).getAssertion();
+ assertion.addStatement( attrStat );
ByteArrayOutputStream baos = new ByteArrayOutputStream();
- Marshaller marshaller = JBossSAMLAuthnResponseFactory.getValidatingMarshaller(false);
+ SAMLResponseWriter writer = new SAMLResponseWriter( StaxUtil.getXMLStreamWriter(baos) );
+ writer.write(rt);
+
+ /*Marshaller marshaller = JBossSAMLAuthnResponseFactory.getValidatingMarshaller(false);
JAXBElement<ResponseType> jaxb = SAMLProtocolFactory.getObjectFactory().createResponse(rt);
marshaller.marshal(jaxb, baos);
- //marshaller.marshal(jaxb, System.out);
+ *///marshaller.marshal(jaxb, System.out);
Document samlDom = DocumentUtil.getDocument(new String(baos.toByteArray()));
NodeList nl = samlDom.getElementsByTagName("Attribute");
Modified: federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/saml/v2/util/AssertionUtilUnitTestCase.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/saml/v2/util/AssertionUtilUnitTestCase.java 2010-11-30 16:03:56 UTC (rev 568)
+++ federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/saml/v2/util/AssertionUtilUnitTestCase.java 2010-11-30 16:06:20 UTC (rev 569)
@@ -26,32 +26,26 @@
import junit.framework.TestCase;
import org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLConstants;
-import org.picketlink.identity.federation.core.saml.v2.factories.SAMLAssertionFactory;
import org.picketlink.identity.federation.core.saml.v2.util.AssertionUtil;
import org.picketlink.identity.federation.core.saml.v2.util.XMLTimeUtil;
-import org.picketlink.identity.federation.saml.v2.assertion.AssertionType;
-import org.picketlink.identity.federation.saml.v2.assertion.ConditionsType;
-import org.picketlink.identity.federation.saml.v2.assertion.NameIDType;
-import org.picketlink.identity.federation.saml.v2.assertion.ObjectFactory;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AssertionType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.ConditionsType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.NameIDType;
-
/**
* Unit test the AssertionUtil
* @author Anil.Saldhana at redhat.com
* @since Jun 3, 2009
*/
public class AssertionUtilUnitTestCase extends TestCase
-{
- private ObjectFactory of = SAMLAssertionFactory.getObjectFactory();
+{
public void testValidAssertion() throws Exception
{
- NameIDType nameIdType = of.createNameIDType();
+ NameIDType nameIdType = new NameIDType();
nameIdType.setValue("somename");
- AssertionType assertion = of.createAssertionType();
- assertion.setID("SomeID");
- assertion.setVersion(JBossSAMLConstants.VERSION_2_0.get());
+ AssertionType assertion = new AssertionType( "SomeID", XMLTimeUtil.getIssueInstant(), JBossSAMLConstants.VERSION_2_0.get() );
assertion.setIssuer(nameIdType);
//Assertions with no conditions are everlasting
@@ -61,7 +55,7 @@
XMLGregorianCalendar sometimeLater = XMLTimeUtil.add(now, 5555);
- ConditionsType conditions = of.createConditionsType();
+ ConditionsType conditions = new ConditionsType();
conditions.setNotBefore(now);
conditions.setNotOnOrAfter(sometimeLater);
assertion.setConditions(conditions);
@@ -71,19 +65,17 @@
public void testExpiredAssertion() throws Exception
{
- NameIDType nameIdType = of.createNameIDType();
+ NameIDType nameIdType = new NameIDType();
nameIdType.setValue("somename");
- AssertionType assertion = of.createAssertionType();
- assertion.setID("SomeID");
- assertion.setVersion(JBossSAMLConstants.VERSION_2_0.get());
+ AssertionType assertion = new AssertionType( "SomeID", XMLTimeUtil.getIssueInstant(), JBossSAMLConstants.VERSION_2_0.get());
assertion.setIssuer(nameIdType);
XMLGregorianCalendar now = XMLTimeUtil.getIssueInstant();
XMLGregorianCalendar sometimeAgo = XMLTimeUtil.subtract(now, 55555);
- ConditionsType conditions = of.createConditionsType();
+ ConditionsType conditions = new ConditionsType();
conditions.setNotBefore(XMLTimeUtil.subtract(now,55575));
conditions.setNotOnOrAfter(sometimeAgo);
assertion.setConditions(conditions);
Modified: federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/wstrust/PicketLinkSTSUnitTestCase.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/wstrust/PicketLinkSTSUnitTestCase.java 2010-11-30 16:03:56 UTC (rev 568)
+++ federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/wstrust/PicketLinkSTSUnitTestCase.java 2010-11-30 16:06:20 UTC (rev 569)
@@ -69,17 +69,14 @@
import org.picketlink.identity.federation.core.wstrust.wrappers.RequestSecurityTokenResponse;
import org.picketlink.identity.federation.core.wstrust.wrappers.RequestSecurityTokenResponseCollection;
import org.picketlink.identity.federation.core.wstrust.writers.WSTrustRequestWriter;
-import org.picketlink.identity.federation.saml.v2.assertion.AssertionType;
-import org.picketlink.identity.federation.saml.v2.assertion.AudienceRestrictionType;
-import org.picketlink.identity.federation.saml.v2.assertion.ConditionAbstractType;
-import org.picketlink.identity.federation.saml.v2.assertion.ConditionsType;
-import org.picketlink.identity.federation.saml.v2.assertion.NameIDType;
-import org.picketlink.identity.federation.saml.v2.assertion.SubjectConfirmationDataType;
-import org.picketlink.identity.federation.saml.v2.assertion.SubjectConfirmationType;
-import org.picketlink.identity.federation.ws.addressing.AttributedURIType;
-import org.picketlink.identity.federation.ws.addressing.EndpointReferenceType;
-import org.picketlink.identity.federation.ws.addressing.ObjectFactory;
-import org.picketlink.identity.federation.ws.policy.AppliesTo;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AssertionType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AudienceRestrictionType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.ConditionAbstractType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.ConditionsType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.NameIDType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.SubjectConfirmationDataType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.SubjectConfirmationType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.SubjectType;
import org.picketlink.identity.federation.ws.trust.BinarySecretType;
import org.picketlink.identity.federation.ws.trust.CancelTargetType;
import org.picketlink.identity.federation.ws.trust.ComputedKeyType;
@@ -367,9 +364,8 @@
// in this scenario, the conditions section should have an audience restriction.
ConditionsType conditions = assertion.getConditions();
- assertEquals("Unexpected restriction list size", 1, conditions.getConditionOrAudienceRestrictionOrOneTimeUse()
- .size());
- ConditionAbstractType abstractType = conditions.getConditionOrAudienceRestrictionOrOneTimeUse().get(0);
+ assertEquals("Unexpected restriction list size", 1, conditions.getConditions().size());
+ ConditionAbstractType abstractType = conditions.getConditions().get(0);
assertTrue("Unexpected restriction type", abstractType instanceof AudienceRestrictionType);
AudienceRestrictionType audienceRestriction = (AudienceRestrictionType) abstractType;
assertEquals("Unexpected audience restriction list size", 1, audienceRestriction.getAudience().size());
@@ -415,8 +411,7 @@
*
* @throws Exception
* if an error occurs while running the test.
- */
- @SuppressWarnings("rawtypes")
+ */
public void testInvokeSAML20WithSTSGeneratedSymmetricKey() throws Exception
{
// create a simple token request, asking for a SAMLv2.0 token.
@@ -436,8 +431,7 @@
AssertionType assertion = this.validateSAMLAssertionResponse(baseResponse, "testcontext", "jduke",
SAMLUtil.SAML2_HOLDER_OF_KEY_URI);
// validate the holder of key contents.
- SubjectConfirmationType subjConfirmation = (SubjectConfirmationType) assertion.getSubject().getContent().get(1)
- .getValue();
+ SubjectConfirmationType subjConfirmation = (SubjectConfirmationType) assertion.getSubject().getConfirmation().get(1);
this.validateHolderOfKeyContents(subjConfirmation, WSTrustConstants.KEY_TYPE_SYMMETRIC, null, false);
// check if the response contains the STS-generated key.
@@ -463,8 +457,7 @@
*
* @throws Exception
* if an error occurs while running the test.
- */
- @SuppressWarnings("rawtypes")
+ */
public void testInvokeSAML20WithCombinedSymmetricKey() throws Exception
{
// create a 64-bit random client secret.
@@ -494,8 +487,7 @@
AssertionType assertion = this.validateSAMLAssertionResponse(baseResponse, "testcontext", "jduke",
SAMLUtil.SAML2_HOLDER_OF_KEY_URI);
// validate the holder of key contents.
- SubjectConfirmationType subjConfirmation = (SubjectConfirmationType) assertion.getSubject().getContent().get(1)
- .getValue();
+ SubjectConfirmationType subjConfirmation = (SubjectConfirmationType) assertion.getSubject().getConfirmation().get(1) ;
this.validateHolderOfKeyContents(subjConfirmation, WSTrustConstants.KEY_TYPE_SYMMETRIC, null, false);
RequestSecurityTokenResponseCollection collection = (RequestSecurityTokenResponseCollection) baseResponse;
@@ -549,8 +541,7 @@
AssertionType assertion = this.validateSAMLAssertionResponse(baseResponse, "testcontext", "jduke",
SAMLUtil.SAML2_HOLDER_OF_KEY_URI);
// validate the holder of key contents.
- SubjectConfirmationType subjConfirmation = (SubjectConfirmationType) assertion.getSubject().getContent().get(1)
- .getValue();
+ SubjectConfirmationType subjConfirmation = (SubjectConfirmationType) assertion.getSubject().getConfirmation().get(1);
this.validateHolderOfKeyContents(subjConfirmation, WSTrustConstants.KEY_TYPE_PUBLIC, certificate, false);
}
@@ -587,8 +578,7 @@
AssertionType assertion = this.validateSAMLAssertionResponse(baseResponse, "testcontext", "jduke",
SAMLUtil.SAML2_HOLDER_OF_KEY_URI);
// validate the holder of key contents.
- SubjectConfirmationType subjConfirmation = (SubjectConfirmationType) assertion.getSubject().getContent().get(1)
- .getValue();
+ SubjectConfirmationType subjConfirmation = (SubjectConfirmationType) assertion.getSubject().getConfirmation().get(1) ;
this.validateHolderOfKeyContents(subjConfirmation, WSTrustConstants.KEY_TYPE_PUBLIC, certificate, true);
}
@@ -1175,15 +1165,13 @@
// validate the assertion subject.
assertNotNull("Unexpected null subject", assertion.getSubject());
- List<JAXBElement<?>> content = assertion.getSubject().getContent();
- assertNotNull("Unexpected null subject content");
- assertEquals(2, content.size());
- assertEquals("Unexpected type found", NameIDType.class, content.get(0).getDeclaredType());
- NameIDType nameID = (NameIDType) content.get(0).getValue();
+ SubjectType subject = assertion.getSubject();
+
+ NameIDType nameID = (NameIDType) subject.getSubType().getBaseID();
assertEquals("Unexpected name id qualifier", "urn:picketlink:identity-federation", nameID.getNameQualifier());
assertEquals("Unexpected name id value", principal, nameID.getValue());
- assertEquals("Unexpected type found", SubjectConfirmationType.class, content.get(1).getDeclaredType());
- SubjectConfirmationType subjType = (SubjectConfirmationType) content.get(1).getValue();
+
+ SubjectConfirmationType subjType = (SubjectConfirmationType) subject.getConfirmation().get(1);
assertEquals("Unexpected confirmation method", confirmationMethod, subjType.getMethod());
// validate the assertion conditions.
@@ -1219,11 +1207,7 @@
{
SubjectConfirmationDataType subjConfirmationDataType = subjectConfirmation.getSubjectConfirmationData();
assertNotNull("Unexpected null subject confirmation data", subjConfirmationDataType);
- List<Object> confirmationContent = subjConfirmationDataType.getContent();
- assertEquals("Unexpected subject confirmation content size", 1, confirmationContent.size());
- JAXBElement<?> keyInfoElement = (JAXBElement<?>) confirmationContent.get(0);
- assertEquals("Unexpected subject confirmation context type", KeyInfoType.class, keyInfoElement.getDeclaredType());
- KeyInfoType keyInfo = (KeyInfoType) keyInfoElement.getValue();
+ KeyInfoType keyInfo = (KeyInfoType)subjConfirmationDataType.getAnyType();
assertEquals("Unexpected key info content size", 1, keyInfo.getContent().size());
// if the key is a symmetric key, the KeyInfo should contain an encrypted element.
Modified: federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/wstrust/SAML20TokenProviderUnitTestCase.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/wstrust/SAML20TokenProviderUnitTestCase.java 2010-11-30 16:03:56 UTC (rev 568)
+++ federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/wstrust/SAML20TokenProviderUnitTestCase.java 2010-11-30 16:06:20 UTC (rev 569)
@@ -50,13 +50,9 @@
import org.picketlink.identity.federation.core.wstrust.plugins.saml.SAMLUtil;
import org.picketlink.identity.federation.core.wstrust.wrappers.Lifetime;
import org.picketlink.identity.federation.core.wstrust.wrappers.RequestSecurityToken;
-import org.picketlink.identity.federation.core.wstrust.writers.WSTrustRequestWriter;
-import org.picketlink.identity.federation.saml.v2.assertion.AssertionType;
-import org.picketlink.identity.federation.saml.v2.assertion.AudienceRestrictionType;
-import org.picketlink.identity.federation.saml.v2.assertion.ConditionsType;
-import org.picketlink.identity.federation.saml.v2.assertion.NameIDType;
-import org.picketlink.identity.federation.saml.v2.assertion.SubjectConfirmationType;
-import org.picketlink.identity.federation.saml.v2.assertion.SubjectType;
+import org.picketlink.identity.federation.core.wstrust.writers.WSTrustRequestWriter;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AssertionType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.ConditionsType;
import org.picketlink.identity.federation.ws.trust.RequestedReferenceType;
import org.picketlink.identity.federation.ws.trust.StatusType;
import org.picketlink.identity.federation.ws.trust.ValidateTargetType;
@@ -97,7 +93,9 @@
*/
public void testIssueSAMLV20Token() throws Exception
{
- // create a WSTrustRequestContext with a simple WS-Trust request.
+ fail( "Work on this");
+
+ /*// create a WSTrustRequestContext with a simple WS-Trust request.
RequestSecurityToken request = new RequestSecurityToken();
request.setLifetime(WSTrustUtil.createDefaultLifetime(3600000));
request.setAppliesTo(WSTrustUtil.createAppliesTo("http://services.testcorp.org/provider2"));
@@ -163,7 +161,7 @@
KeyIdentifierType keyId = (KeyIdentifierType) securityRef.getAny().get(0);
assertEquals("Unexpected key value type", SAMLUtil.SAML2_VALUE_TYPE, keyId.getValueType());
assertNotNull("Unexpected null key identifier value", keyId.getValue());
- assertEquals(assertion.getID(), keyId.getValue().substring(1));
+ assertEquals(assertion.getID(), keyId.getValue().substring(1));*/
}
/**
@@ -176,7 +174,8 @@
*/
public void testIssueSAMLV20HolderOfKeyToken() throws Exception
{
- // create a WSTrustRequestContext with a simple WS-Trust request.
+ fail( "work" );
+ /*// create a WSTrustRequestContext with a simple WS-Trust request.
RequestSecurityToken request = new RequestSecurityToken();
request.setLifetime(WSTrustUtil.createDefaultLifetime(3600000));
request.setAppliesTo(WSTrustUtil.createAppliesTo("http://services.testcorp.org/provider2"));
@@ -254,7 +253,7 @@
assertEquals("Unexpected X509 data content type", byte[].class, x509CertElement.getDeclaredType());
// certificate should have been encoded to Base64, so we need to decode it first.
byte[] encodedCert = (byte[]) x509CertElement.getValue();
- assertTrue("Invalid encoded certificate found", Arrays.equals(certificate.getEncoded(), encodedCert));
+ assertTrue("Invalid encoded certificate found", Arrays.equals(certificate.getEncoded(), encodedCert));*/
}
/**
More information about the jboss-cvs-commits
mailing list