[jboss-cvs] Picketlink SVN: r1029 - in federation/trunk: picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v1 and 3 other directories.
jboss-cvs-commits at lists.jboss.org
jboss-cvs-commits at lists.jboss.org
Thu Jun 23 18:25:13 EDT 2011
Author: anil.saldhana at jboss.com
Date: 2011-06-23 18:25:12 -0400 (Thu, 23 Jun 2011)
New Revision: 1029
Added:
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAML11ResponseParser.java
federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/saml/SAML11ResponseParserTestCase.java
federation/trunk/picketlink-fed-core/src/test/resources/parser/saml1/saml1-response.xml
Modified:
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLParser.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLResponseParser.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v1/SAML11Constants.java
federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/saml/v1/protocol/SAML11ResponseType.java
Log:
more SAML11 parsing
Added: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAML11ResponseParser.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAML11ResponseParser.java (rev 0)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAML11ResponseParser.java 2011-06-23 22:25:12 UTC (rev 1029)
@@ -0,0 +1,185 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2008, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.picketlink.identity.federation.core.parsers.saml;
+
+import javax.xml.datatype.XMLGregorianCalendar;
+import javax.xml.namespace.QName;
+import javax.xml.stream.XMLEventReader;
+import javax.xml.stream.events.Attribute;
+import javax.xml.stream.events.EndElement;
+import javax.xml.stream.events.StartElement;
+import javax.xml.stream.events.XMLEvent;
+
+import org.picketlink.identity.federation.core.exceptions.ParsingException;
+import org.picketlink.identity.federation.core.parsers.ParserNamespaceSupport;
+import org.picketlink.identity.federation.core.parsers.util.StaxParserUtil;
+import org.picketlink.identity.federation.core.saml.v1.SAML11Constants;
+import org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLConstants;
+import org.picketlink.identity.federation.core.saml.v2.util.XMLTimeUtil;
+import org.picketlink.identity.federation.saml.v1.assertion.SAML11AssertionType;
+import org.picketlink.identity.federation.saml.v1.protocol.SAML11ResponseType;
+import org.picketlink.identity.federation.saml.v1.protocol.SAML11StatusCodeType;
+import org.picketlink.identity.federation.saml.v1.protocol.SAML11StatusType;
+import org.w3c.dom.Element;
+
+/**
+ * Parse the SAML 11 Response
+ * @author Anil.Saldhana at redhat.com
+ * @since 23 June 2011
+ */
+public class SAML11ResponseParser implements ParserNamespaceSupport
+{
+ private final String RESPONSE = JBossSAMLConstants.RESPONSE.get();
+
+ /**
+ * @see {@link ParserNamespaceSupport#parse(XMLEventReader)}
+ */
+ public Object parse(XMLEventReader xmlEventReader) throws ParsingException
+ {
+ //Get the startelement
+ StartElement startElement = StaxParserUtil.getNextStartElement(xmlEventReader);
+ StaxParserUtil.validate(startElement, RESPONSE);
+
+ Attribute idAttr = startElement.getAttributeByName(new QName("ResponseID"));
+ if (idAttr == null)
+ throw new RuntimeException("ID attribute is missing");
+ String id = StaxParserUtil.getAttributeValue(idAttr);
+
+ Attribute issueInstant = startElement.getAttributeByName(new QName("IssueInstant"));
+ if (issueInstant == null)
+ throw new RuntimeException("IssueInstant attribute required in Response");
+ XMLGregorianCalendar issueInstantVal = XMLTimeUtil.parse(StaxParserUtil.getAttributeValue(issueInstant));
+
+ SAML11ResponseType response = new SAML11ResponseType(id, issueInstantVal);
+
+ while (xmlEventReader.hasNext())
+ {
+ //Let us peek at the next start element
+ startElement = StaxParserUtil.peekNextStartElement(xmlEventReader);
+ if (startElement == null)
+ break;
+ String elementName = StaxParserUtil.getStartElementName(startElement);
+ if (JBossSAMLConstants.SIGNATURE.get().equals(elementName))
+ {
+ Element sig = StaxParserUtil.getDOMElement(xmlEventReader);
+ response.setSignature(sig);
+ }
+ else if (JBossSAMLConstants.ASSERTION.get().equals(elementName))
+ {
+ SAML11AssertionParser assertionParser = new SAML11AssertionParser();
+ response.add((SAML11AssertionType) assertionParser.parse(xmlEventReader));
+ }
+ else if (JBossSAMLConstants.STATUS.get().equals(elementName))
+ {
+ response.setStatus(parseStatus(xmlEventReader));
+ }
+ else
+ throw new RuntimeException("Unknown tag=" + elementName + "::location=" + startElement.getLocation());
+ }
+
+ return response;
+ }
+
+ /**
+ * Parse the status element
+ * @param xmlEventReader
+ * @return
+ * @throws ParsingException
+ */
+ protected SAML11StatusType parseStatus(XMLEventReader xmlEventReader) throws ParsingException
+ {
+ //Get the Start Element
+ StartElement startElement = StaxParserUtil.getNextStartElement(xmlEventReader);
+ String STATUS = JBossSAMLConstants.STATUS.get();
+ StaxParserUtil.validate(startElement, STATUS);
+
+ SAML11StatusType status = new SAML11StatusType();
+
+ while (xmlEventReader.hasNext())
+ {
+ startElement = StaxParserUtil.peekNextStartElement(xmlEventReader);
+
+ if (startElement == null)
+ break;
+
+ QName startElementName = startElement.getName();
+ String elementTag = startElementName.getLocalPart();
+
+ SAML11StatusCodeType statusCode = new SAML11StatusCodeType();
+
+ if (JBossSAMLConstants.STATUS_CODE.get().equals(elementTag))
+ {
+ startElement = StaxParserUtil.getNextStartElement(xmlEventReader);
+ if (startElement == null)
+ break;
+ Attribute valueAttr = startElement.getAttributeByName(new QName("Value"));
+ if (valueAttr != null)
+ {
+ statusCode.setValue(new QName(StaxParserUtil.getAttributeValue(valueAttr)));
+ }
+ status.setStatusCode(statusCode);
+
+ //Peek at the next start element to see if it is status code
+ startElement = StaxParserUtil.peekNextStartElement(xmlEventReader);
+ elementTag = startElement.getName().getLocalPart();
+ if (JBossSAMLConstants.STATUS_CODE.get().equals(elementTag))
+ {
+ SAML11StatusCodeType subStatusCodeType = new SAML11StatusCodeType();
+ startElement = StaxParserUtil.getNextStartElement(xmlEventReader);
+ Attribute subValueAttr = startElement.getAttributeByName(new QName("Value"));
+ if (subValueAttr != null)
+ {
+ subStatusCodeType.setValue(new QName(StaxParserUtil.getAttributeValue(subValueAttr)));
+ }
+ statusCode.setStatusCode(subStatusCodeType);
+
+ // Go to Status code end element.
+ EndElement endElement = StaxParserUtil.getNextEndElement(xmlEventReader);
+ StaxParserUtil.validate(endElement, JBossSAMLConstants.STATUS_CODE.get());
+ continue;
+ }
+ }
+
+ //Get the next end element
+ XMLEvent xmlEvent = StaxParserUtil.peek(xmlEventReader);
+ if (xmlEvent instanceof EndElement)
+ {
+ EndElement endElement = StaxParserUtil.getNextEndElement(xmlEventReader);
+ if (StaxParserUtil.matches(endElement, STATUS))
+ break;
+ else
+ throw new RuntimeException("unknown end element:" + StaxParserUtil.getEndElementName(endElement));
+ }
+ else
+ break;
+ }
+ return status;
+ }
+
+ /**
+ * @see {@link ParserNamespaceSupport#supports(QName)}
+ */
+ public boolean supports(QName qname)
+ {
+ return SAML11Constants.PROTOCOL_11_NSURI.equals(qname.getNamespaceURI()) && RESPONSE.equals(qname.getLocalPart());
+ }
+}
\ No newline at end of file
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLParser.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLParser.java 2011-06-23 20:44:42 UTC (rev 1028)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLParser.java 2011-06-23 22:25:12 UTC (rev 1029)
@@ -63,7 +63,8 @@
String elementName = StaxParserUtil.getStartElementName(startElement);
- if (elementName.equalsIgnoreCase(JBossSAMLConstants.ASSERTION.get()))
+ if (elementName.equalsIgnoreCase(JBossSAMLConstants.ASSERTION.get())
+ || elementName.equals(JBossSAMLConstants.ENCRYPTED_ASSERTION.get()))
{
if (nsURI.equals(SAML11Constants.ASSERTION_11_NSURI))
{
@@ -97,7 +98,6 @@
SAMLResponseParser responseParser = new SAMLResponseParser();
return responseParser.parse(xmlEventReader);
}
-
else if (JBossSAMLURIConstants.PROTOCOL_NSURI.get().equals(nsURI)
&& JBossSAMLConstants.REQUEST_ABSTRACT.get().equals(startElementName.getLocalPart()))
{
@@ -124,10 +124,11 @@
SAMLEntitiesDescriptorParser entityDescriptorParser = new SAMLEntitiesDescriptorParser();
return entityDescriptorParser.parse(xmlEventReader);
}
- else if (JBossSAMLURIConstants.ASSERTION_NSURI.get().equals(nsURI))
+ else if (SAML11Constants.PROTOCOL_11_NSURI.equals(nsURI)
+ && JBossSAMLConstants.RESPONSE.get().equals(startElementName.getLocalPart()))
{
- SAMLAssertionParser assertionParser = new SAMLAssertionParser();
- return assertionParser.parse(xmlEventReader);
+ SAML11ResponseParser responseParser = new SAML11ResponseParser();
+ return responseParser.parse(xmlEventReader);
}
else
throw new RuntimeException("Unknown Tag:" + elementName + "::location=" + startElement.getLocation());
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLResponseParser.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLResponseParser.java 2011-06-23 20:44:42 UTC (rev 1028)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLResponseParser.java 2011-06-23 22:25:12 UTC (rev 1029)
@@ -76,8 +76,8 @@
}
else if (JBossSAMLConstants.SIGNATURE.get().equals(elementName))
{
- startElement = StaxParserUtil.getNextStartElement(xmlEventReader);
- StaxParserUtil.bypassElementBlock(xmlEventReader, JBossSAMLConstants.SIGNATURE.get());
+ Element sig = StaxParserUtil.getDOMElement(xmlEventReader);
+ response.setSignature(sig);
}
else if (JBossSAMLConstants.ASSERTION.get().equals(elementName))
{
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v1/SAML11Constants.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v1/SAML11Constants.java 2011-06-23 20:44:42 UTC (rev 1028)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v1/SAML11Constants.java 2011-06-23 22:25:12 UTC (rev 1029)
@@ -68,5 +68,7 @@
String NAMESPACE = "Namespace";
+ String PROTOCOL_11_NSURI = "urn:oasis:names:tc:SAML:1.0:protocol";
+
String RESOURCE = "Resource";
}
\ No newline at end of file
Added: federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/saml/SAML11ResponseParserTestCase.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/saml/SAML11ResponseParserTestCase.java (rev 0)
+++ federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/saml/SAML11ResponseParserTestCase.java 2011-06-23 22:25:12 UTC (rev 1029)
@@ -0,0 +1,72 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2008, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.picketlink.test.identity.federation.core.parser.saml;
+
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertNotNull;
+
+import java.io.InputStream;
+import java.util.List;
+
+import org.junit.Test;
+import org.picketlink.identity.federation.core.parsers.saml.SAML11ResponseParser;
+import org.picketlink.identity.federation.core.parsers.saml.SAMLParser;
+import org.picketlink.identity.federation.core.saml.v2.util.XMLTimeUtil;
+import org.picketlink.identity.federation.saml.v1.assertion.SAML11AssertionType;
+import org.picketlink.identity.federation.saml.v1.protocol.SAML11ResponseType;
+import org.picketlink.identity.federation.saml.v1.protocol.SAML11StatusCodeType;
+import org.picketlink.identity.federation.saml.v1.protocol.SAML11StatusType;
+
+/**
+ * Unit Test the {@link SAML11ResponseParser}
+ * @author Anil.Saldhana at redhat.com
+ * @since Jun 23, 2011
+ */
+public class SAML11ResponseParserTestCase
+{
+ @Test
+ public void testSAML11Response() throws Exception
+ {
+ ClassLoader tcl = Thread.currentThread().getContextClassLoader();
+ InputStream configStream = tcl.getResourceAsStream("parser/saml1/saml1-response.xml");
+
+ SAMLParser parser = new SAMLParser();
+ SAML11ResponseType response = (SAML11ResponseType) parser.parse(configStream);
+ assertNotNull(response);
+
+ assertEquals(1, response.getMajorVersion());
+ assertEquals(1, response.getMinorVersion());
+ assertEquals("_P1YaA+Q/wSM/t/8E3R8rNhcpPTM=", response.getID());
+ assertEquals(XMLTimeUtil.parse("2002-06-19T17:05:37.795Z"), response.getIssueInstant());
+
+ assertNotNull(response.getSignature());
+
+ SAML11StatusType status = response.getStatus();
+ SAML11StatusCodeType statusCode = status.getStatusCode();
+ assertEquals("samlp:Success", statusCode.getValue().toString());
+
+ List<SAML11AssertionType> assertions = response.get();
+ assertEquals(1, assertions.size());
+ SAML11AssertionType assertion = assertions.get(0);
+ assertEquals("buGxcG4gILg5NlocyLccDz6iXrUa", assertion.getID());
+ }
+}
\ No newline at end of file
Added: federation/trunk/picketlink-fed-core/src/test/resources/parser/saml1/saml1-response.xml
===================================================================
--- federation/trunk/picketlink-fed-core/src/test/resources/parser/saml1/saml1-response.xml (rev 0)
+++ federation/trunk/picketlink-fed-core/src/test/resources/parser/saml1/saml1-response.xml 2011-06-23 22:25:12 UTC (rev 1029)
@@ -0,0 +1,55 @@
+<samlp:Response
+ xmlns:samlp="urn:oasis:names:tc:SAML:1.0:protocol"
+ MajorVersion="1" MinorVersion="1"
+ ResponseID="_P1YaA+Q/wSM/t/8E3R8rNhcpPTM="
+ IssueInstant="2002-06-19T17:05:37.795Z">
+ <Signature xmlns="http://www.w3.org/2000/09/xmldsig#">
+ <SignedInfo>
+ <CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
+ <SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1" />
+ <Reference URI="#s69f7e258e30da2b9b9f5799d4eb0c548782432bf">
+ <Transforms>
+ <Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature" />
+ <Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
+ </Transforms>
+ <DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
+ <DigestValue>zdCY/1iqOMUJq/RvxsaDPWM4+7c=</DigestValue>
+ </Reference>
+ </SignedInfo>
+ <SignatureValue>ApcX/Ddfsfdslkfd</SignatureValue>
+ <KeyInfo>
+ <X509Data>
+ <X509Certificate>MIICmjdfdflkfdslfaf;sjdposafhpofhpowfowqpowqfow
+ </X509Certificate>
+ </X509Data>
+ </KeyInfo>
+ </Signature>
+ <samlp:Status>
+ <samlp:StatusCode Value="samlp:Success"/>
+ </samlp:Status>
+ <saml:Assertion
+ xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion"
+ MajorVersion="1" MinorVersion="1"
+ AssertionID="buGxcG4gILg5NlocyLccDz6iXrUa"
+ Issuer="https://idp.example.org/saml"
+ IssueInstant="2002-06-19T17:05:37.795Z">
+ <saml:Conditions
+ NotBefore="2002-06-19T17:00:37.795Z"
+ NotOnOrAfter="2002-06-19T17:10:37.795Z"/>
+ <saml:AuthenticationStatement
+ AuthenticationMethod="urn:oasis:names:tc:SAML:1.0:am:password"
+ AuthenticationInstant="2002-06-19T17:05:17.706Z">
+ <saml:Subject>
+ <saml:NameIdentifier
+ Format="urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress">
+ user at idp.example.org
+ </saml:NameIdentifier>
+ <saml:SubjectConfirmation>
+ <saml:ConfirmationMethod>
+ urn:oasis:names:tc:SAML:1.0:cm:bearer
+ </saml:ConfirmationMethod>
+ </saml:SubjectConfirmation>
+ </saml:Subject>
+ </saml:AuthenticationStatement>
+ </saml:Assertion>
+ </samlp:Response>
\ No newline at end of file
Modified: federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/saml/v1/protocol/SAML11ResponseType.java
===================================================================
--- federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/saml/v1/protocol/SAML11ResponseType.java 2011-06-23 20:44:42 UTC (rev 1028)
+++ federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/saml/v1/protocol/SAML11ResponseType.java 2011-06-23 22:25:12 UTC (rev 1029)
@@ -27,7 +27,6 @@
import javax.xml.datatype.XMLGregorianCalendar;
-import org.picketlink.identity.federation.saml.common.CommonResponseType;
import org.picketlink.identity.federation.saml.v1.assertion.SAML11AssertionType;
/**
@@ -46,7 +45,7 @@
* @author Anil.Saldhana at redhat.com
* @since Jun 22, 2011
*/
-public class SAML11ResponseType extends CommonResponseType
+public class SAML11ResponseType extends SAML11ResponseAbstractType
{
private static final long serialVersionUID = 1L;
More information about the jboss-cvs-commits
mailing list