JBoss Identity SVN: r761 - identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/jboss/wstrust.
by jboss-identity-commits@lists.jboss.org
Author: sguilhen(a)redhat.com
Date: 2009-09-03 14:32:05 -0400 (Thu, 03 Sep 2009)
New Revision: 761
Modified:
identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/jboss/wstrust/JBossSTSConfiguration.java
Log:
JBID-137: TruststoreAlias is now verified first. Only if it has not been specified we use the mappings defined in the KeyProvider section to obtain the service provider PKC
Modified: identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/jboss/wstrust/JBossSTSConfiguration.java
===================================================================
--- identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/jboss/wstrust/JBossSTSConfiguration.java 2009-09-03 18:24:08 UTC (rev 760)
+++ identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/jboss/wstrust/JBossSTSConfiguration.java 2009-09-03 18:32:05 UTC (rev 761)
@@ -242,15 +242,16 @@
{
try
{
- key = this.trustManager.getValidatingKey(serviceName);
+ // try using the truststore alias from the service provider metadata.
+ ServiceProviderType provider = this.spMetadata.get(serviceName);
+ if(provider != null && provider.getTruststoreAlias() != null)
+ {
+ key = this.trustManager.getPublicKey(provider.getTruststoreAlias());
+ }
+ // if there was no truststore alias or no PKC under that alias, use the KeyProvider mapping.
if(key == null)
{
- // try using the truststore alias from the service provider metadata.
- ServiceProviderType provider = this.spMetadata.get(serviceName);
- if(provider != null && provider.getTruststoreAlias() != null)
- {
- key = this.trustManager.getPublicKey(provider.getTruststoreAlias());
- }
+ key = this.trustManager.getValidatingKey(serviceName);
}
}
catch (Exception e)
14 years, 8 months
JBoss Identity SVN: r760 - identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/jboss/wstrust.
by jboss-identity-commits@lists.jboss.org
Author: sguilhen(a)redhat.com
Date: 2009-09-03 14:24:08 -0400 (Thu, 03 Sep 2009)
New Revision: 760
Modified:
identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/jboss/wstrust/JBossSTSConfiguration.java
Log:
JBID-137: updated JBossSTSConfiguration to use the TruststoreAlias attribute from ServiceProviderType to locate a PKC when a ValidatingAlias has not been configured for the service provider
Modified: identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/jboss/wstrust/JBossSTSConfiguration.java
===================================================================
--- identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/jboss/wstrust/JBossSTSConfiguration.java 2009-09-03 18:17:00 UTC (rev 759)
+++ identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/jboss/wstrust/JBossSTSConfiguration.java 2009-09-03 18:24:08 UTC (rev 760)
@@ -243,6 +243,15 @@
try
{
key = this.trustManager.getValidatingKey(serviceName);
+ if(key == null)
+ {
+ // try using the truststore alias from the service provider metadata.
+ ServiceProviderType provider = this.spMetadata.get(serviceName);
+ if(provider != null && provider.getTruststoreAlias() != null)
+ {
+ key = this.trustManager.getPublicKey(provider.getTruststoreAlias());
+ }
+ }
}
catch (Exception e)
{
14 years, 8 months
JBoss Identity SVN: r759 - in identity-federation/trunk: jboss-identity-bindings/src/test/java/org/jboss/test/identity/federation/bindings/config and 9 other directories.
by jboss-identity-commits@lists.jboss.org
Author: sguilhen(a)redhat.com
Date: 2009-09-03 14:17:00 -0400 (Thu, 03 Sep 2009)
New Revision: 759
Added:
identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/config/ClaimProviderType.java
identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/config/ClaimProvidersType.java
identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/config/PropertyType.java
Modified:
identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/jboss/wstrust/JBossSTS.java
identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/jboss/wstrust/JBossSTSConfiguration.java
identity-federation/trunk/jboss-identity-bindings/src/test/java/org/jboss/test/identity/federation/bindings/config/ConfigUnitTestCase.java
identity-federation/trunk/jboss-identity-bindings/src/test/java/org/jboss/test/identity/federation/bindings/wstrust/JBossSTSUnitTestCase.java
identity-federation/trunk/jboss-identity-bindings/src/test/java/org/jboss/test/identity/federation/bindings/wstrust/SpecialTokenProvider.java
identity-federation/trunk/jboss-identity-bindings/src/test/resources/config/test-config-4.xml
identity-federation/trunk/jboss-identity-bindings/src/test/resources/jboss-sts.xml
identity-federation/trunk/jboss-identity-fed-api/
identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/config/AuthPropertyType.java
identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/config/EncAlgoType.java
identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/config/EncryptionType.java
identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/config/IDPType.java
identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/config/KeyProviderType.java
identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/config/KeyValueType.java
identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/config/MetadataProviderType.java
identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/config/ObjectFactory.java
identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/config/ProviderType.java
identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/config/SPType.java
identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/config/STSType.java
identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/config/ServiceProviderType.java
identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/config/ServiceProvidersType.java
identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/config/TokenProviderType.java
identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/config/TokenProvidersType.java
identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/config/TrustType.java
identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/config/package-info.java
identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/wstrust/STSConfiguration.java
identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/wstrust/SecurityTokenProvider.java
identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/wstrust/StandardRequestHandler.java
identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/wstrust/StandardSecurityToken.java
identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/wstrust/plugins/saml/SAML20TokenProvider.java
identity-federation/trunk/jboss-identity-fed-core/src/test/java/org/jboss/test/identity/federation/core/wstrust/MockSTSConfiguration.java
identity-federation/trunk/jboss-identity-fed-core/src/test/java/org/jboss/test/identity/federation/core/wstrust/SpecialTokenProvider.java
identity-federation/trunk/jboss-identity-web/src/main/resources/schema/config/jboss-identity-fed.xsd
Log:
JBID-137: changed the schema to allow for the specification of general properties for the token providers. Providers must also specify the token element name and namespace so that a token provider can be located when the request contains no token type (example: validate requests)
Modified: identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/jboss/wstrust/JBossSTS.java
===================================================================
--- identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/jboss/wstrust/JBossSTS.java 2009-09-03 01:56:21 UTC (rev 758)
+++ identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/jboss/wstrust/JBossSTS.java 2009-09-03 18:17:00 UTC (rev 759)
@@ -72,7 +72,7 @@
/*
* (non-Javadoc)
*
- * @see org.jboss.identity.federation.api.wstrust.SecurityTokenService#invoke(javax.xml.transform.Source)
+ * @see org.jboss.identity.federation.core.wstrust.SecurityTokenService#invoke(javax.xml.transform.Source)
*/
public Source invoke(Source request)
{
Modified: identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/jboss/wstrust/JBossSTSConfiguration.java
===================================================================
--- identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/jboss/wstrust/JBossSTSConfiguration.java 2009-09-03 01:56:21 UTC (rev 758)
+++ identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/jboss/wstrust/JBossSTSConfiguration.java 2009-09-03 18:17:00 UTC (rev 759)
@@ -27,6 +27,7 @@
import java.util.Map;
import org.jboss.identity.federation.core.config.KeyProviderType;
+import org.jboss.identity.federation.core.config.PropertyType;
import org.jboss.identity.federation.core.config.STSType;
import org.jboss.identity.federation.core.config.ServiceProviderType;
import org.jboss.identity.federation.core.config.ServiceProvidersType;
@@ -55,12 +56,10 @@
private final Map<String, ServiceProviderType> spMetadata = new HashMap<String, ServiceProviderType>();
- private final Map<String, Object> options = new HashMap<String, Object>();
-
private TrustKeyManager trustManager;
private WSTrustRequestHandler handler;
-
+
/**
* <p>
* Creates an instance of {@code JBossSTSConfiguration} with default configuration values.
@@ -69,11 +68,7 @@
public JBossSTSConfiguration()
{
this.delegate = new STSType();
- // set the default values in the delegate.
- this.delegate.setSTSName("JBossSTS");
- this.delegate.setEncryptToken(false);
- this.delegate.setTokenTimeout(3600);
- this.delegate.setRequestHandler("org.jboss.identity.federation.api.wstrust.StandardRequestHandler");
+ this.delegate.setRequestHandler("org.jboss.identity.federation.core.wstrust.StandardRequestHandler");
// TODO: add default token provider classes.
}
@@ -89,7 +84,7 @@
this.delegate = config;
// set the default request handler if one hasn't been specified.
if (this.delegate.getRequestHandler() == null)
- this.delegate.setRequestHandler("org.jboss.identity.federation.api.wstrust.StandardRequestHandler");
+ this.delegate.setRequestHandler("org.jboss.identity.federation.core.wstrust.StandardRequestHandler");
// build the token-provider and service-metadata maps.
TokenProvidersType providers = this.delegate.getTokenProviders();
@@ -98,8 +93,16 @@
WSTrustServiceFactory serviceFactory = WSTrustServiceFactory.getInstance();
for (TokenProviderType provider : providers.getTokenProvider())
{
- this.tokenProviders.put(provider.getTokenType(), serviceFactory.createTokenProvider(provider
- .getProviderClass()));
+ // create and initialize the token provider.
+ SecurityTokenProvider tokenProvider = serviceFactory.createTokenProvider(provider.getProviderClass());
+ Map<String, String> properties = new HashMap<String, String>();
+ for(PropertyType propertyType : provider.getProperty())
+ properties.put(propertyType.getName(), propertyType.getValue());
+ tokenProvider.initialize(properties);
+ // token providers can be keyed by the token type and by token element + namespace.
+ this.tokenProviders.put(provider.getTokenType(), tokenProvider);
+ String tokenElementAndNS = provider.getTokenElement() + "$" + provider.getTokenElementNS();
+ this.tokenProviders.put(tokenElementAndNS, tokenProvider);
}
}
ServiceProvidersType serviceProviders = this.delegate.getServiceProviders();
@@ -129,7 +132,7 @@
/*
* (non-Javadoc)
*
- * @see org.jboss.identity.federation.api.wstrust.STSConfiguration#getSTSName()
+ * @see org.jboss.identity.federation.core.wstrust.STSConfiguration#getSTSName()
*/
public String getSTSName()
{
@@ -139,7 +142,7 @@
/*
* (non-Javadoc)
*
- * @see org.jboss.identity.federation.api.wstrust.STSConfiguration#getEncryptIssuedToken()
+ * @see org.jboss.identity.federation.core.wstrust.STSConfiguration#getEncryptIssuedToken()
*/
public boolean encryptIssuedToken()
{
@@ -149,18 +152,17 @@
/*
* (non-Javadoc)
*
- * @see org.jboss.identity.federation.api.wstrust.STSConfiguration#signIssuedToken()
+ * @see org.jboss.identity.federation.core.wstrust.STSConfiguration#signIssuedToken()
*/
public boolean signIssuedToken()
{
- //TODO: add the sign-by-default property to the configuration schema.
- return true;
+ return this.delegate.isSignToken();
}
-
+
/*
* (non-Javadoc)
*
- * @see org.jboss.identity.federation.api.wstrust.STSConfiguration#getIssuedTokenTimeout()
+ * @see org.jboss.identity.federation.core.wstrust.STSConfiguration#getIssuedTokenTimeout()
*/
public long getIssuedTokenTimeout()
{
@@ -171,31 +173,21 @@
/*
* (non-Javadoc)
*
- * @see org.jboss.identity.federation.api.wstrust.STSConfiguration#getRequestHandlerClass()
+ * @see org.jboss.identity.federation.core.wstrust.STSConfiguration#getRequestHandlerClass()
*/
public WSTrustRequestHandler getRequestHandler()
{
if (this.handler == null)
- this.handler = WSTrustServiceFactory.getInstance().createRequestHandler(
- this.delegate.getRequestHandler(), this);
+ this.handler = WSTrustServiceFactory.getInstance().createRequestHandler(this.delegate.getRequestHandler(),
+ this);
return this.handler;
}
/*
* (non-Javadoc)
*
- * @see org.jboss.identity.federation.api.wstrust.STSConfiguration#getOptions()
+ * @see org.jboss.identity.federation.core.wstrust.STSConfiguration#getProviderForService(java.lang.String)
*/
- public Map<String, Object> getOptions()
- {
- return this.options;
- }
-
- /*
- * (non-Javadoc)
- *
- * @see org.jboss.identity.federation.api.wstrust.STSConfiguration#getProviderForService(java.lang.String)
- */
public SecurityTokenProvider getProviderForService(String serviceName)
{
ServiceProviderType provider = this.spMetadata.get(serviceName);
@@ -209,7 +201,7 @@
/*
* (non-Javadoc)
*
- * @see org.jboss.identity.federation.api.wstrust.STSConfiguration#getProviderForTokenType(java.lang.String)
+ * @see org.jboss.identity.federation.core.wstrust.STSConfiguration#getProviderForTokenType(java.lang.String)
*/
public SecurityTokenProvider getProviderForTokenType(String tokenType)
{
@@ -219,8 +211,18 @@
/*
* (non-Javadoc)
*
- * @see org.jboss.identity.federation.api.wstrust.STSConfiguration#getTokenTypeForService(java.lang.String)
+ * @see org.jboss.identity.federation.core.wstrust.STSConfiguration#getProviderForTokenElementNS(java.lang.String, java.lang.String)
*/
+ public SecurityTokenProvider getProviderForTokenElementNS(String tokenLocalName, String tokenNamespace)
+ {
+ return this.tokenProviders.get(tokenLocalName + "$" + tokenNamespace);
+ }
+
+ /*
+ * (non-Javadoc)
+ *
+ * @see org.jboss.identity.federation.core.wstrust.STSConfiguration#getTokenTypeForService(java.lang.String)
+ */
public String getTokenTypeForService(String serviceName)
{
ServiceProviderType provider = this.spMetadata.get(serviceName);
@@ -231,7 +233,7 @@
/*
* (non-Javadoc)
- * @see org.jboss.identity.federation.api.wstrust.STSConfiguration#getServiceProviderPublicKey(java.lang.String)
+ * @see org.jboss.identity.federation.core.wstrust.STSConfiguration#getServiceProviderPublicKey(java.lang.String)
*/
public PublicKey getServiceProviderPublicKey(String serviceName)
{
@@ -252,7 +254,7 @@
/*
* (non-Javadoc)
- * @see org.jboss.identity.federation.api.wstrust.STSConfiguration#getSTSKeyPair()
+ * @see org.jboss.identity.federation.core.wstrust.STSConfiguration#getSTSKeyPair()
*/
public KeyPair getSTSKeyPair()
{
Modified: identity-federation/trunk/jboss-identity-bindings/src/test/java/org/jboss/test/identity/federation/bindings/config/ConfigUnitTestCase.java
===================================================================
--- identity-federation/trunk/jboss-identity-bindings/src/test/java/org/jboss/test/identity/federation/bindings/config/ConfigUnitTestCase.java 2009-09-03 01:56:21 UTC (rev 758)
+++ identity-federation/trunk/jboss-identity-bindings/src/test/java/org/jboss/test/identity/federation/bindings/config/ConfigUnitTestCase.java 2009-09-03 18:17:00 UTC (rev 759)
@@ -33,6 +33,7 @@
import org.jboss.identity.federation.core.config.IDPType;
import org.jboss.identity.federation.core.config.KeyProviderType;
import org.jboss.identity.federation.core.config.KeyValueType;
+import org.jboss.identity.federation.core.config.PropertyType;
import org.jboss.identity.federation.core.config.SPType;
import org.jboss.identity.federation.core.config.STSType;
import org.jboss.identity.federation.core.config.ServiceProviderType;
@@ -155,6 +156,10 @@
assertNotNull("Unexpected null token provider", tokenProvider);
assertEquals("Unexpected provider class name", "org.jboss.SpecialTokenProvider", tokenProvider.getProviderClass());
assertEquals("Unexpected token type", "specialToken", tokenProvider.getTokenType());
+ assertEquals("Unexpected token element name", "SpecialToken", tokenProvider.getTokenElement());
+ assertEquals("Unexpected token namespace", "http://www.tokens.org", tokenProvider.getTokenElementNS());
+ List<PropertyType> properties = tokenProvider.getProperty();
+ assertEquals("Invalid number of properties", 2, properties.size());
// configuration of the service providers.
ServiceProvidersType serviceProviders = stsType.getServiceProviders();
assertNotNull("Unexpected null list of service providers", serviceProviders);
Modified: identity-federation/trunk/jboss-identity-bindings/src/test/java/org/jboss/test/identity/federation/bindings/wstrust/JBossSTSUnitTestCase.java
===================================================================
--- identity-federation/trunk/jboss-identity-bindings/src/test/java/org/jboss/test/identity/federation/bindings/wstrust/JBossSTSUnitTestCase.java 2009-09-03 01:56:21 UTC (rev 758)
+++ identity-federation/trunk/jboss-identity-bindings/src/test/java/org/jboss/test/identity/federation/bindings/wstrust/JBossSTSUnitTestCase.java 2009-09-03 18:17:00 UTC (rev 759)
@@ -24,6 +24,7 @@
import java.net.URI;
import java.security.Principal;
import java.util.List;
+import java.util.Map;
import javax.xml.bind.JAXBContext;
import javax.xml.bind.JAXBElement;
@@ -116,11 +117,11 @@
* <ValidatingAlias Key="http://services.testcorp.org/provider1" Value="service1"/>
* <ValidatingAlias Key="http://services.testcorp.org/provider2" Value="service2"/>
* </KeyProvider>
- * <RequestHandler>org.jboss.identity.federation.api.wstrust.StandardRequestHandler</RequestHandler>
+ * <RequestHandler>org.jboss.identity.federation.core.wstrust.StandardRequestHandler</RequestHandler>
* <TokenProviders>
* <TokenProvider ProviderClass="org.jboss.test.identity.federation.bindings.trust.SpecialTokenProvider"
* TokenType="http://www.tokens.org/SpecialToken"/>
- * <TokenProvider ProviderClass="org.jboss.identity.federation.api.wstrust.SAML20TokenProvider"
+ * <TokenProvider ProviderClass="org.jboss.identity.federation.core.wstrust.SAML20TokenProvider"
* TokenType="http://docs.oasis-open.org/wss/oasis-wss-saml-token-profi...
* </TokenProviders>
* <ServiceProviders>
@@ -154,18 +155,16 @@
SecurityTokenProvider provider = config.getProviderForTokenType("http://www.tokens.org/SpecialToken");
assertNotNull("Unexpected null token provider", provider);
assertTrue("Unexpected token provider type", provider instanceof SpecialTokenProvider);
+ Map<String, String> properties = ((SpecialTokenProvider) provider).getProperties();
+ assertNotNull("Unexpected null properties map", properties);
+ assertEquals("Unexpected number of properties", 2, properties.size());
+ assertEquals("Invalid property found", "Value1", properties.get("Property1"));
+ assertEquals("Invalid property found", "Value2", properties.get("Property2"));
provider = config.getProviderForTokenType(SAMLUtil.SAML2_TOKEN_TYPE);
assertNotNull("Unexpected null token provider", provider);
assertTrue("Unexpected token provider type", provider instanceof SAML20TokenProvider);
assertNull(config.getProviderForTokenType("unexistentType"));
- // check the service provider -> token type mapping.
- assertEquals("Invalid token type for service provider 1", "http://www.tokens.org/SpecialToken", config
- .getTokenTypeForService("http://services.testcorp.org/provider1"));
- assertEquals("Invalid token type for service provider 2", SAMLUtil.SAML2_TOKEN_TYPE, config
- .getTokenTypeForService("http://services.testcorp.org/provider2"));
- assertNull(config.getTokenTypeForService("http://invalid.service/service"));
-
// check the service provider -> token provider mapping.
provider = config.getProviderForService("http://services.testcorp.org/provider1");
assertNotNull("Unexpected null token provider", provider);
@@ -175,6 +174,22 @@
assertTrue("Unexpected token provider type", provider instanceof SAML20TokenProvider);
assertNull(config.getProviderForService("http://invalid.service/service"));
+ // check the token element and namespace -> token provider mapping.
+ provider = config.getProviderForTokenElementNS("SpecialToken", "http://www.tokens.org");
+ assertNotNull("Unexpected null token provider", provider);
+ assertTrue("Unexpected token provider type", provider instanceof SpecialTokenProvider);
+ provider = config.getProviderForTokenElementNS("Assertion", "urn:oasis:names:tc:SAML:2.0:assertion");
+ assertNotNull("Unexpected null token provider", provider);
+ assertTrue("Unexpected token provider type", provider instanceof SAML20TokenProvider);
+ assertNull(config.getProviderForTokenElementNS("SpecialToken", "InvalidNamespace"));
+
+ // check the service provider -> token type mapping.
+ assertEquals("Invalid token type for service provider 1", "http://www.tokens.org/SpecialToken", config
+ .getTokenTypeForService("http://services.testcorp.org/provider1"));
+ assertEquals("Invalid token type for service provider 2", SAMLUtil.SAML2_TOKEN_TYPE, config
+ .getTokenTypeForService("http://services.testcorp.org/provider2"));
+ assertNull(config.getTokenTypeForService("http://invalid.service/service"));
+
// check the keystore configuration.
assertNotNull("Invalid null STS key pair", config.getSTSKeyPair());
assertNotNull("Invalid null STS public key", config.getSTSKeyPair().getPublic());
Modified: identity-federation/trunk/jboss-identity-bindings/src/test/java/org/jboss/test/identity/federation/bindings/wstrust/SpecialTokenProvider.java
===================================================================
--- identity-federation/trunk/jboss-identity-bindings/src/test/java/org/jboss/test/identity/federation/bindings/wstrust/SpecialTokenProvider.java 2009-09-03 01:56:21 UTC (rev 758)
+++ identity-federation/trunk/jboss-identity-bindings/src/test/java/org/jboss/test/identity/federation/bindings/wstrust/SpecialTokenProvider.java 2009-09-03 18:17:00 UTC (rev 759)
@@ -23,6 +23,7 @@
import java.net.URI;
import java.net.URISyntaxException;
+import java.util.Map;
import javax.xml.parsers.ParserConfigurationException;
@@ -45,11 +46,23 @@
*/
public class SpecialTokenProvider implements SecurityTokenProvider
{
+
+ private Map<String, String> properties;
+
+ /*
+ * (non-Javadoc)
+ *
+ * @see org.jboss.identity.federation.core.wstrust.SecurityTokenProvider#initialize(java.util.Map)
+ */
+ public void initialize(Map<String, String> properties)
+ {
+ this.properties = properties;
+ }
/*
* (non-Javadoc)
*
- * @see org.jboss.identity.federation.api.wstrust.SecurityTokenProvider#cancelToken(org.jboss.identity.federation.api.wstrust.WSTrustRequestContext)
+ * @see org.jboss.identity.federation.core.wstrust.SecurityTokenProvider#cancelToken(org.jboss.identity.federation.core.wstrust.WSTrustRequestContext)
*/
public void cancelToken(WSTrustRequestContext context) throws WSTrustException
{
@@ -58,27 +71,27 @@
/*
* (non-Javadoc)
*
- * @see org.jboss.identity.federation.api.wstrust.SecurityTokenProvider#issueToken(org.jboss.identity.federation.api.wstrust.WSTrustRequestContext)
+ * @see org.jboss.identity.federation.core.wstrust.SecurityTokenProvider#issueToken(org.jboss.identity.federation.core.wstrust.WSTrustRequestContext)
*/
public void issueToken(WSTrustRequestContext context) throws WSTrustException
{
// create a simple sample token using the info from the request.
- String caller = context.getCallerPrincipal() == null? "anonymous" : context.getCallerPrincipal().getName();
+ String caller = context.getCallerPrincipal() == null ? "anonymous" : context.getCallerPrincipal().getName();
URI tokenType = context.getRequestSecurityToken().getTokenType();
- if(tokenType == null)
+ if (tokenType == null)
{
try
{
tokenType = new URI("http://www.tokens.org/SpecialToken");
}
catch (URISyntaxException ignore)
- {
+ {
}
}
-
+
// we will use DOM to create the token.
try
- {
+ {
Document doc = DocumentUtil.createDocument();
String namespaceURI = "http://www.tokens.org";
@@ -88,11 +101,11 @@
root.setAttributeNS(namespaceURI, "ID", id);
root.setAttributeNS(namespaceURI, "TokenType", tokenType.toString());
doc.appendChild(root);
-
+
SecurityToken token = new StandardSecurityToken(tokenType.toString(), root, id);
context.setSecurityToken(token);
}
- catch(ParserConfigurationException pce)
+ catch (ParserConfigurationException pce)
{
pce.printStackTrace();
}
@@ -101,7 +114,7 @@
/*
* (non-Javadoc)
*
- * @see org.jboss.identity.federation.api.wstrust.SecurityTokenProvider#renewToken(org.jboss.identity.federation.api.wstrust.WSTrustRequestContext)
+ * @see org.jboss.identity.federation.core.wstrust.SecurityTokenProvider#renewToken(org.jboss.identity.federation.core.wstrust.WSTrustRequestContext)
*/
public void renewToken(WSTrustRequestContext context) throws WSTrustException
{
@@ -110,9 +123,21 @@
/*
* (non-Javadoc)
*
- * @see org.jboss.identity.federation.api.wstrust.SecurityTokenProvider#validateToken(org.jboss.identity.federation.api.wstrust.WSTrustRequestContext)
+ * @see org.jboss.identity.federation.core.wstrust.SecurityTokenProvider#validateToken(org.jboss.identity.federation.core.wstrust.WSTrustRequestContext)
*/
public void validateToken(WSTrustRequestContext context) throws WSTrustException
{
}
+
+ /**
+ * <p>
+ * Just returns a reference to the properties that have been configured for testing purposes.
+ * </p>
+ *
+ * @return a reference to the properties map.
+ */
+ public Map<String, String> getProperties()
+ {
+ return this.properties;
+ }
}
Modified: identity-federation/trunk/jboss-identity-bindings/src/test/resources/config/test-config-4.xml
===================================================================
--- identity-federation/trunk/jboss-identity-bindings/src/test/resources/config/test-config-4.xml 2009-09-03 01:56:21 UTC (rev 758)
+++ identity-federation/trunk/jboss-identity-bindings/src/test/resources/config/test-config-4.xml 2009-09-03 18:17:00 UTC (rev 759)
@@ -7,7 +7,11 @@
</KeyProvider>
<RequestHandler>org.jboss.identity.federation.wstrust.Handler</RequestHandler>
<TokenProviders>
- <TokenProvider ProviderClass="org.jboss.SpecialTokenProvider" TokenType="specialToken"/>
+ <TokenProvider ProviderClass="org.jboss.SpecialTokenProvider" TokenType="specialToken"
+ TokenElement="SpecialToken" TokenElementNS="http://www.tokens.org">
+ <Property Name="Property1" Value="Value1"/>
+ <Property Name="Property2" Value="Value2"/>
+ </TokenProvider>
</TokenProviders>
<ServiceProviders>
<ServiceProvider Endpoint="http://provider.endpoint/provider" TokenType="specialToken"
Modified: identity-federation/trunk/jboss-identity-bindings/src/test/resources/jboss-sts.xml
===================================================================
--- identity-federation/trunk/jboss-identity-bindings/src/test/resources/jboss-sts.xml 2009-09-03 01:56:21 UTC (rev 758)
+++ identity-federation/trunk/jboss-identity-bindings/src/test/resources/jboss-sts.xml 2009-09-03 18:17:00 UTC (rev 759)
@@ -11,9 +11,16 @@
<RequestHandler>org.jboss.identity.federation.core.wstrust.StandardRequestHandler</RequestHandler>
<TokenProviders>
<TokenProvider ProviderClass="org.jboss.test.identity.federation.bindings.wstrust.SpecialTokenProvider"
- TokenType="http://www.tokens.org/SpecialToken"/>
+ TokenType="http://www.tokens.org/SpecialToken"
+ TokenElement="SpecialToken"
+ TokenElementNS="http://www.tokens.org">
+ <Property Name="Property1" Value="Value1"/>
+ <Property Name="Property2" Value="Value2"/>
+ </TokenProvider>
<TokenProvider ProviderClass="org.jboss.identity.federation.core.wstrust.plugins.saml.SAML20TokenProvider"
- TokenType="http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV2.0"/>
+ TokenType="http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV2.0"
+ TokenElement="Assertion"
+ TokenElementNS="urn:oasis:names:tc:SAML:2.0:assertion"/>
</TokenProviders>
<ServiceProviders>
<ServiceProvider Endpoint="http://services.testcorp.org/provider1" TokenType="http://www.tokens.org/SpecialToken"
Property changes on: identity-federation/trunk/jboss-identity-fed-api
___________________________________________________________________
Name: svn:ignore
- .metadata
target
.settings
target-eclipse
eclipse-target
.classpath
.project
+ test.log
.classpath
.project
.settings
target
Modified: identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/config/AuthPropertyType.java
===================================================================
--- identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/config/AuthPropertyType.java 2009-09-03 01:56:21 UTC (rev 758)
+++ identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/config/AuthPropertyType.java 2009-09-03 18:17:00 UTC (rev 759)
@@ -1,8 +1,8 @@
//
-// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, vhudson-jaxb-ri-2.1-661
+// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, vJAXB 2.1.10
// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a>
// Any modifications to this file will be lost upon recompilation of the source schema.
-// Generated on: 2009.04.21 at 04:51:39 PM CDT
+// Generated on: 2009.09.03 at 01:21:42 PM BRT
//
Added: identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/config/ClaimProviderType.java
===================================================================
--- identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/config/ClaimProviderType.java (rev 0)
+++ identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/config/ClaimProviderType.java 2009-09-03 18:17:00 UTC (rev 759)
@@ -0,0 +1,131 @@
+//
+// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, vJAXB 2.1.10
+// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a>
+// Any modifications to this file will be lost upon recompilation of the source schema.
+// Generated on: 2009.09.03 at 01:21:42 PM BRT
+//
+
+
+package org.jboss.identity.federation.core.config;
+
+import java.util.ArrayList;
+import java.util.List;
+import javax.xml.bind.annotation.XmlAccessType;
+import javax.xml.bind.annotation.XmlAccessorType;
+import javax.xml.bind.annotation.XmlAttribute;
+import javax.xml.bind.annotation.XmlElement;
+import javax.xml.bind.annotation.XmlType;
+
+
+/**
+ * <p>Java class for ClaimProviderType complex type.
+ *
+ * <p>The following schema fragment specifies the expected content contained within this class.
+ *
+ * <pre>
+ * <complexType name="ClaimProviderType">
+ * <complexContent>
+ * <restriction base="{http://www.w3.org/2001/XMLSchema}anyType">
+ * <sequence>
+ * <element name="Property" type="{urn:jboss:identity-federation:config:1.0}PropertyType" maxOccurs="unbounded" minOccurs="0"/>
+ * </sequence>
+ * <attribute name="ProviderClass" use="required" type="{http://www.w3.org/2001/XMLSchema}string" />
+ * <attribute name="Dialect" use="required" type="{http://www.w3.org/2001/XMLSchema}string" />
+ * </restriction>
+ * </complexContent>
+ * </complexType>
+ * </pre>
+ *
+ *
+ */
+(a)XmlAccessorType(XmlAccessType.FIELD)
+@XmlType(name = "ClaimProviderType", propOrder = {
+ "property"
+})
+public class ClaimProviderType {
+
+ @XmlElement(name = "Property")
+ protected List<PropertyType> property;
+ @XmlAttribute(name = "ProviderClass", required = true)
+ protected String providerClass;
+ @XmlAttribute(name = "Dialect", required = true)
+ protected String dialect;
+
+ /**
+ * Gets the value of the property property.
+ *
+ * <p>
+ * This accessor method returns a reference to the live list,
+ * not a snapshot. Therefore any modification you make to the
+ * returned list will be present inside the JAXB object.
+ * This is why there is not a <CODE>set</CODE> method for the property property.
+ *
+ * <p>
+ * For example, to add a new item, do as follows:
+ * <pre>
+ * getProperty().add(newItem);
+ * </pre>
+ *
+ *
+ * <p>
+ * Objects of the following type(s) are allowed in the list
+ * {@link PropertyType }
+ *
+ *
+ */
+ public List<PropertyType> getProperty() {
+ if (property == null) {
+ property = new ArrayList<PropertyType>();
+ }
+ return this.property;
+ }
+
+ /**
+ * Gets the value of the providerClass property.
+ *
+ * @return
+ * possible object is
+ * {@link String }
+ *
+ */
+ public String getProviderClass() {
+ return providerClass;
+ }
+
+ /**
+ * Sets the value of the providerClass property.
+ *
+ * @param value
+ * allowed object is
+ * {@link String }
+ *
+ */
+ public void setProviderClass(String value) {
+ this.providerClass = value;
+ }
+
+ /**
+ * Gets the value of the dialect property.
+ *
+ * @return
+ * possible object is
+ * {@link String }
+ *
+ */
+ public String getDialect() {
+ return dialect;
+ }
+
+ /**
+ * Sets the value of the dialect property.
+ *
+ * @param value
+ * allowed object is
+ * {@link String }
+ *
+ */
+ public void setDialect(String value) {
+ this.dialect = value;
+ }
+
+}
Added: identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/config/ClaimProvidersType.java
===================================================================
--- identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/config/ClaimProvidersType.java (rev 0)
+++ identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/config/ClaimProvidersType.java 2009-09-03 18:17:00 UTC (rev 759)
@@ -0,0 +1,80 @@
+//
+// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, vJAXB 2.1.10
+// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a>
+// Any modifications to this file will be lost upon recompilation of the source schema.
+// Generated on: 2009.09.03 at 01:21:42 PM BRT
+//
+
+
+package org.jboss.identity.federation.core.config;
+
+import java.util.ArrayList;
+import java.util.List;
+import javax.xml.bind.annotation.XmlAccessType;
+import javax.xml.bind.annotation.XmlAccessorType;
+import javax.xml.bind.annotation.XmlElement;
+import javax.xml.bind.annotation.XmlType;
+
+
+/**
+ *
+ * The claim providers specify the classes that are capable of handling specific claims dialects.
+ *
+ *
+ * <p>Java class for ClaimProvidersType complex type.
+ *
+ * <p>The following schema fragment specifies the expected content contained within this class.
+ *
+ * <pre>
+ * <complexType name="ClaimProvidersType">
+ * <complexContent>
+ * <restriction base="{http://www.w3.org/2001/XMLSchema}anyType">
+ * <sequence>
+ * <element name="ClaimProvider" type="{urn:jboss:identity-federation:config:1.0}ClaimProviderType" maxOccurs="unbounded"/>
+ * </sequence>
+ * </restriction>
+ * </complexContent>
+ * </complexType>
+ * </pre>
+ *
+ *
+ */
+(a)XmlAccessorType(XmlAccessType.FIELD)
+@XmlType(name = "ClaimProvidersType", propOrder = {
+ "claimProvider"
+})
+public class ClaimProvidersType {
+
+ @XmlElement(name = "ClaimProvider", required = true)
+ protected List<ClaimProviderType> claimProvider;
+
+ /**
+ * Gets the value of the claimProvider property.
+ *
+ * <p>
+ * This accessor method returns a reference to the live list,
+ * not a snapshot. Therefore any modification you make to the
+ * returned list will be present inside the JAXB object.
+ * This is why there is not a <CODE>set</CODE> method for the claimProvider property.
+ *
+ * <p>
+ * For example, to add a new item, do as follows:
+ * <pre>
+ * getClaimProvider().add(newItem);
+ * </pre>
+ *
+ *
+ * <p>
+ * Objects of the following type(s) are allowed in the list
+ * {@link ClaimProviderType }
+ *
+ *
+ */
+ public List<ClaimProviderType> getClaimProvider() {
+ if (claimProvider == null) {
+ claimProvider = new ArrayList<ClaimProviderType>();
+ }
+ return this.claimProvider;
+ }
+
+}
Modified: identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/config/EncAlgoType.java
===================================================================
--- identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/config/EncAlgoType.java 2009-09-03 01:56:21 UTC (rev 758)
+++ identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/config/EncAlgoType.java 2009-09-03 18:17:00 UTC (rev 759)
@@ -1,8 +1,8 @@
//
-// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, vhudson-jaxb-ri-2.1-661
+// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, vJAXB 2.1.10
// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a>
// Any modifications to this file will be lost upon recompilation of the source schema.
-// Generated on: 2009.04.21 at 04:51:39 PM CDT
+// Generated on: 2009.09.03 at 01:21:42 PM BRT
//
Modified: identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/config/EncryptionType.java
===================================================================
--- identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/config/EncryptionType.java 2009-09-03 01:56:21 UTC (rev 758)
+++ identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/config/EncryptionType.java 2009-09-03 18:17:00 UTC (rev 759)
@@ -1,8 +1,8 @@
//
-// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, vhudson-jaxb-ri-2.1-661
+// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, vJAXB 2.1.10
// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a>
// Any modifications to this file will be lost upon recompilation of the source schema.
-// Generated on: 2009.04.21 at 04:51:39 PM CDT
+// Generated on: 2009.09.03 at 01:21:42 PM BRT
//
Modified: identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/config/IDPType.java
===================================================================
--- identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/config/IDPType.java 2009-09-03 01:56:21 UTC (rev 758)
+++ identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/config/IDPType.java 2009-09-03 18:17:00 UTC (rev 759)
@@ -1,8 +1,8 @@
//
-// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, vhudson-jaxb-ri-2.1-661
+// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, vJAXB 2.1.10
// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a>
// Any modifications to this file will be lost upon recompilation of the source schema.
-// Generated on: 2009.04.21 at 04:51:39 PM CDT
+// Generated on: 2009.09.03 at 01:21:42 PM BRT
//
Modified: identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/config/KeyProviderType.java
===================================================================
--- identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/config/KeyProviderType.java 2009-09-03 01:56:21 UTC (rev 758)
+++ identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/config/KeyProviderType.java 2009-09-03 18:17:00 UTC (rev 759)
@@ -1,8 +1,8 @@
//
-// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, vhudson-jaxb-ri-2.1-661
+// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, vJAXB 2.1.10
// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a>
// Any modifications to this file will be lost upon recompilation of the source schema.
-// Generated on: 2009.04.21 at 04:51:39 PM CDT
+// Generated on: 2009.09.03 at 01:21:42 PM BRT
//
@@ -10,7 +10,6 @@
import java.util.ArrayList;
import java.util.List;
-
import javax.xml.bind.annotation.XmlAccessType;
import javax.xml.bind.annotation.XmlAccessorType;
import javax.xml.bind.annotation.XmlAttribute;
Modified: identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/config/KeyValueType.java
===================================================================
--- identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/config/KeyValueType.java 2009-09-03 01:56:21 UTC (rev 758)
+++ identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/config/KeyValueType.java 2009-09-03 18:17:00 UTC (rev 759)
@@ -1,8 +1,8 @@
//
-// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, vhudson-jaxb-ri-2.1-661
+// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, vJAXB 2.1.10
// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a>
// Any modifications to this file will be lost upon recompilation of the source schema.
-// Generated on: 2009.04.21 at 04:51:39 PM CDT
+// Generated on: 2009.09.03 at 01:21:42 PM BRT
//
Modified: identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/config/MetadataProviderType.java
===================================================================
--- identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/config/MetadataProviderType.java 2009-09-03 01:56:21 UTC (rev 758)
+++ identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/config/MetadataProviderType.java 2009-09-03 18:17:00 UTC (rev 759)
@@ -1,8 +1,8 @@
//
-// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, vhudson-jaxb-ri-2.1-661
+// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, vJAXB 2.1.10
// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a>
// Any modifications to this file will be lost upon recompilation of the source schema.
-// Generated on: 2009.04.22 at 01:16:08 PM CDT
+// Generated on: 2009.09.03 at 01:21:42 PM BRT
//
@@ -10,7 +10,6 @@
import java.util.ArrayList;
import java.util.List;
-
import javax.xml.bind.annotation.XmlAccessType;
import javax.xml.bind.annotation.XmlAccessorType;
import javax.xml.bind.annotation.XmlAttribute;
Modified: identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/config/ObjectFactory.java
===================================================================
--- identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/config/ObjectFactory.java 2009-09-03 01:56:21 UTC (rev 758)
+++ identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/config/ObjectFactory.java 2009-09-03 18:17:00 UTC (rev 759)
@@ -1,8 +1,8 @@
//
-// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, vhudson-jaxb-ri-2.1-661
+// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, vJAXB 2.1.10
// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a>
// Any modifications to this file will be lost upon recompilation of the source schema.
-// Generated on: 2009.04.21 at 04:51:39 PM CDT
+// Generated on: 2009.09.03 at 01:21:42 PM BRT
//
@@ -31,8 +31,8 @@
@XmlRegistry
public class ObjectFactory {
+ private final static QName _JBossIDP_QNAME = new QName("urn:jboss:identity-federation:config:1.0", "JBossIDP");
private final static QName _JBossSTS_QNAME = new QName("urn:jboss:identity-federation:config:1.0", "JBossSTS");
- private final static QName _JBossIDP_QNAME = new QName("urn:jboss:identity-federation:config:1.0", "JBossIDP");
private final static QName _JBossSP_QNAME = new QName("urn:jboss:identity-federation:config:1.0", "JBossSP");
/**
@@ -43,127 +43,142 @@
}
/**
- * Create an instance of {@link STSType }
+ * Create an instance of {@link KeyProviderType }
*
*/
- public STSType createSTSType() {
- return new STSType();
+ public KeyProviderType createKeyProviderType() {
+ return new KeyProviderType();
}
/**
- * Create an instance of {@link KeyValueType }
+ * Create an instance of {@link TokenProviderType }
*
*/
- public KeyValueType createKeyValueType() {
- return new KeyValueType();
+ public TokenProviderType createTokenProviderType() {
+ return new TokenProviderType();
}
/**
- * Create an instance of {@link ServiceProviderType }
+ * Create an instance of {@link SPType }
*
*/
- public ServiceProviderType createServiceProviderType() {
- return new ServiceProviderType();
+ public SPType createSPType() {
+ return new SPType();
}
/**
- * Create an instance of {@link KeyProviderType }
+ * Create an instance of {@link ServiceProvidersType }
*
*/
- public KeyProviderType createKeyProviderType() {
- return new KeyProviderType();
+ public ServiceProvidersType createServiceProvidersType() {
+ return new ServiceProvidersType();
}
/**
- * Create an instance of {@link TokenProvidersType }
+ * Create an instance of {@link AuthPropertyType }
*
*/
- public TokenProvidersType createTokenProvidersType() {
- return new TokenProvidersType();
+ public AuthPropertyType createAuthPropertyType() {
+ return new AuthPropertyType();
}
/**
- * Create an instance of {@link TokenProviderType }
+ * Create an instance of {@link ClaimProvidersType }
*
*/
- public TokenProviderType createTokenProviderType() {
- return new TokenProviderType();
+ public ClaimProvidersType createClaimProvidersType() {
+ return new ClaimProvidersType();
}
/**
- * Create an instance of {@link IDPType }
+ * Create an instance of {@link ClaimProviderType }
*
*/
- public IDPType createIDPType() {
- return new IDPType();
+ public ClaimProviderType createClaimProviderType() {
+ return new ClaimProviderType();
}
/**
- * Create an instance of {@link ServiceProvidersType }
+ * Create an instance of {@link STSType }
*
*/
- public ServiceProvidersType createServiceProvidersType() {
- return new ServiceProvidersType();
+ public STSType createSTSType() {
+ return new STSType();
}
/**
- * Create an instance of {@link MetadataProviderType }
+ * Create an instance of {@link PropertyType }
*
*/
- public MetadataProviderType createMetadataProviderType() {
- return new MetadataProviderType();
+ public PropertyType createPropertyType() {
+ return new PropertyType();
}
/**
- * Create an instance of {@link ProviderType }
+ * Create an instance of {@link EncryptionType }
*
*/
- public ProviderType createProviderType() {
- return new ProviderType();
+ public EncryptionType createEncryptionType() {
+ return new EncryptionType();
}
/**
- * Create an instance of {@link AuthPropertyType }
+ * Create an instance of {@link TrustType }
*
*/
- public AuthPropertyType createAuthPropertyType() {
- return new AuthPropertyType();
+ public TrustType createTrustType() {
+ return new TrustType();
}
/**
- * Create an instance of {@link TrustType }
+ * Create an instance of {@link MetadataProviderType }
*
*/
- public TrustType createTrustType() {
- return new TrustType();
+ public MetadataProviderType createMetadataProviderType() {
+ return new MetadataProviderType();
}
/**
- * Create an instance of {@link SPType }
+ * Create an instance of {@link KeyValueType }
*
*/
- public SPType createSPType() {
- return new SPType();
+ public KeyValueType createKeyValueType() {
+ return new KeyValueType();
}
/**
- * Create an instance of {@link EncryptionType }
+ * Create an instance of {@link IDPType }
*
*/
- public EncryptionType createEncryptionType() {
- return new EncryptionType();
+ public IDPType createIDPType() {
+ return new IDPType();
}
/**
- * Create an instance of {@link JAXBElement }{@code <}{@link STSType }{@code >}}
+ * Create an instance of {@link ProviderType }
*
*/
- @XmlElementDecl(namespace = "urn:jboss:identity-federation:config:1.0", name = "JBossSTS")
- public JAXBElement<STSType> createJBossSTS(STSType value) {
- return new JAXBElement<STSType>(_JBossSTS_QNAME, STSType.class, null, value);
+ public ProviderType createProviderType() {
+ return new ProviderType();
}
/**
+ * Create an instance of {@link ServiceProviderType }
+ *
+ */
+ public ServiceProviderType createServiceProviderType() {
+ return new ServiceProviderType();
+ }
+
+ /**
+ * Create an instance of {@link TokenProvidersType }
+ *
+ */
+ public TokenProvidersType createTokenProvidersType() {
+ return new TokenProvidersType();
+ }
+
+ /**
* Create an instance of {@link JAXBElement }{@code <}{@link IDPType }{@code >}}
*
*/
@@ -173,6 +188,15 @@
}
/**
+ * Create an instance of {@link JAXBElement }{@code <}{@link STSType }{@code >}}
+ *
+ */
+ @XmlElementDecl(namespace = "urn:jboss:identity-federation:config:1.0", name = "JBossSTS")
+ public JAXBElement<STSType> createJBossSTS(STSType value) {
+ return new JAXBElement<STSType>(_JBossSTS_QNAME, STSType.class, null, value);
+ }
+
+ /**
* Create an instance of {@link JAXBElement }{@code <}{@link SPType }{@code >}}
*
*/
Added: identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/config/PropertyType.java
===================================================================
--- identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/config/PropertyType.java (rev 0)
+++ identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/config/PropertyType.java 2009-09-03 18:17:00 UTC (rev 759)
@@ -0,0 +1,92 @@
+//
+// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, vJAXB 2.1.10
+// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a>
+// Any modifications to this file will be lost upon recompilation of the source schema.
+// Generated on: 2009.09.03 at 01:21:42 PM BRT
+//
+
+
+package org.jboss.identity.federation.core.config;
+
+import javax.xml.bind.annotation.XmlAccessType;
+import javax.xml.bind.annotation.XmlAccessorType;
+import javax.xml.bind.annotation.XmlAttribute;
+import javax.xml.bind.annotation.XmlType;
+
+
+/**
+ * <p>Java class for PropertyType complex type.
+ *
+ * <p>The following schema fragment specifies the expected content contained within this class.
+ *
+ * <pre>
+ * <complexType name="PropertyType">
+ * <complexContent>
+ * <restriction base="{http://www.w3.org/2001/XMLSchema}anyType">
+ * <attribute name="Name" use="required" type="{http://www.w3.org/2001/XMLSchema}string" />
+ * <attribute name="Value" use="required" type="{http://www.w3.org/2001/XMLSchema}string" />
+ * </restriction>
+ * </complexContent>
+ * </complexType>
+ * </pre>
+ *
+ *
+ */
+(a)XmlAccessorType(XmlAccessType.FIELD)
+@XmlType(name = "PropertyType")
+public class PropertyType {
+
+ @XmlAttribute(name = "Name", required = true)
+ protected String name;
+ @XmlAttribute(name = "Value", required = true)
+ protected String value;
+
+ /**
+ * Gets the value of the name property.
+ *
+ * @return
+ * possible object is
+ * {@link String }
+ *
+ */
+ public String getName() {
+ return name;
+ }
+
+ /**
+ * Sets the value of the name property.
+ *
+ * @param value
+ * allowed object is
+ * {@link String }
+ *
+ */
+ public void setName(String value) {
+ this.name = value;
+ }
+
+ /**
+ * Gets the value of the value property.
+ *
+ * @return
+ * possible object is
+ * {@link String }
+ *
+ */
+ public String getValue() {
+ return value;
+ }
+
+ /**
+ * Sets the value of the value property.
+ *
+ * @param value
+ * allowed object is
+ * {@link String }
+ *
+ */
+ public void setValue(String value) {
+ this.value = value;
+ }
+
+}
Modified: identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/config/ProviderType.java
===================================================================
--- identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/config/ProviderType.java 2009-09-03 01:56:21 UTC (rev 758)
+++ identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/config/ProviderType.java 2009-09-03 18:17:00 UTC (rev 759)
@@ -1,8 +1,8 @@
//
-// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, vhudson-jaxb-ri-2.1-661
+// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, vJAXB 2.1.10
// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a>
// Any modifications to this file will be lost upon recompilation of the source schema.
-// Generated on: 2009.04.21 at 04:51:39 PM CDT
+// Generated on: 2009.09.03 at 01:21:42 PM BRT
//
@@ -56,8 +56,8 @@
"metaDataProvider"
})
@XmlSeeAlso({
- IDPType.class,
- SPType.class
+ SPType.class,
+ IDPType.class
})
public class ProviderType {
Modified: identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/config/SPType.java
===================================================================
--- identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/config/SPType.java 2009-09-03 01:56:21 UTC (rev 758)
+++ identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/config/SPType.java 2009-09-03 18:17:00 UTC (rev 759)
@@ -1,8 +1,8 @@
//
-// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, vhudson-jaxb-ri-2.1-661
+// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, vJAXB 2.1.10
// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a>
// Any modifications to this file will be lost upon recompilation of the source schema.
-// Generated on: 2009.04.21 at 04:51:39 PM CDT
+// Generated on: 2009.09.03 at 01:21:42 PM BRT
//
Modified: identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/config/STSType.java
===================================================================
--- identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/config/STSType.java 2009-09-03 01:56:21 UTC (rev 758)
+++ identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/config/STSType.java 2009-09-03 18:17:00 UTC (rev 759)
@@ -1,8 +1,8 @@
//
-// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, vhudson-jaxb-ri-2.1-661
+// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, vJAXB 2.1.10
// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a>
// Any modifications to this file will be lost upon recompilation of the source schema.
-// Generated on: 2009.04.21 at 04:51:39 PM CDT
+// Generated on: 2009.09.03 at 01:21:42 PM BRT
//
@@ -27,11 +27,13 @@
* <sequence>
* <element name="KeyProvider" type="{urn:jboss:identity-federation:config:1.0}KeyProviderType" minOccurs="0"/>
* <element name="RequestHandler" type="{http://www.w3.org/2001/XMLSchema}string" minOccurs="0"/>
+ * <element name="ClaimProviders" type="{urn:jboss:identity-federation:config:1.0}ClaimProvidersType" minOccurs="0"/>
* <element name="TokenProviders" type="{urn:jboss:identity-federation:config:1.0}TokenProvidersType" minOccurs="0"/>
* <element name="ServiceProviders" type="{urn:jboss:identity-federation:config:1.0}ServiceProvidersType" minOccurs="0"/>
* </sequence>
* <attribute name="STSName" type="{http://www.w3.org/2001/XMLSchema}string" default="JBossSTS" />
* <attribute name="TokenTimeout" type="{http://www.w3.org/2001/XMLSchema}int" default="3600" />
+ * <attribute name="SignToken" type="{http://www.w3.org/2001/XMLSchema}boolean" default="true" />
* <attribute name="EncryptToken" type="{http://www.w3.org/2001/XMLSchema}boolean" default="false" />
* </restriction>
* </complexContent>
@@ -44,6 +46,7 @@
@XmlType(name = "STSType", propOrder = {
"keyProvider",
"requestHandler",
+ "claimProviders",
"tokenProviders",
"serviceProviders"
})
@@ -53,6 +56,8 @@
protected KeyProviderType keyProvider;
@XmlElement(name = "RequestHandler")
protected String requestHandler;
+ @XmlElement(name = "ClaimProviders")
+ protected ClaimProvidersType claimProviders;
@XmlElement(name = "TokenProviders")
protected TokenProvidersType tokenProviders;
@XmlElement(name = "ServiceProviders")
@@ -61,6 +66,8 @@
protected String stsName;
@XmlAttribute(name = "TokenTimeout")
protected Integer tokenTimeout;
+ @XmlAttribute(name = "SignToken")
+ protected Boolean signToken;
@XmlAttribute(name = "EncryptToken")
protected Boolean encryptToken;
@@ -113,6 +120,30 @@
}
/**
+ * Gets the value of the claimProviders property.
+ *
+ * @return
+ * possible object is
+ * {@link ClaimProvidersType }
+ *
+ */
+ public ClaimProvidersType getClaimProviders() {
+ return claimProviders;
+ }
+
+ /**
+ * Sets the value of the claimProviders property.
+ *
+ * @param value
+ * allowed object is
+ * {@link ClaimProvidersType }
+ *
+ */
+ public void setClaimProviders(ClaimProvidersType value) {
+ this.claimProviders = value;
+ }
+
+ /**
* Gets the value of the tokenProviders property.
*
* @return
@@ -217,6 +248,34 @@
}
/**
+ * Gets the value of the signToken property.
+ *
+ * @return
+ * possible object is
+ * {@link Boolean }
+ *
+ */
+ public boolean isSignToken() {
+ if (signToken == null) {
+ return true;
+ } else {
+ return signToken;
+ }
+ }
+
+ /**
+ * Sets the value of the signToken property.
+ *
+ * @param value
+ * allowed object is
+ * {@link Boolean }
+ *
+ */
+ public void setSignToken(Boolean value) {
+ this.signToken = value;
+ }
+
+ /**
* Gets the value of the encryptToken property.
*
* @return
Modified: identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/config/ServiceProviderType.java
===================================================================
--- identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/config/ServiceProviderType.java 2009-09-03 01:56:21 UTC (rev 758)
+++ identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/config/ServiceProviderType.java 2009-09-03 18:17:00 UTC (rev 759)
@@ -1,8 +1,8 @@
//
-// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, vhudson-jaxb-ri-2.1-661
+// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, vJAXB 2.1.10
// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a>
// Any modifications to this file will be lost upon recompilation of the source schema.
-// Generated on: 2009.04.21 at 04:51:39 PM CDT
+// Generated on: 2009.09.03 at 01:21:42 PM BRT
//
@@ -30,9 +30,9 @@
* <complexType name="ServiceProviderType">
* <complexContent>
* <restriction base="{http://www.w3.org/2001/XMLSchema}anyType">
- * <attribute name="endpoint" use="required" type="{http://www.w3.org/2001/XMLSchema}string" />
- * <attribute name="TruststoreAlias" use="required" type="{http://www.w3.org/2001/XMLSchema}string" />
+ * <attribute name="Endpoint" use="required" type="{http://www.w3.org/2001/XMLSchema}string" />
* <attribute name="TokenType" use="required" type="{http://www.w3.org/2001/XMLSchema}string" />
+ * <attribute name="TruststoreAlias" type="{http://www.w3.org/2001/XMLSchema}string" />
* </restriction>
* </complexContent>
* </complexType>
@@ -46,10 +46,10 @@
@XmlAttribute(name = "Endpoint", required = true)
protected String endpoint;
- @XmlAttribute(name = "TruststoreAlias", required = true)
- protected String truststoreAlias;
@XmlAttribute(name = "TokenType", required = true)
protected String tokenType;
+ @XmlAttribute(name = "TruststoreAlias")
+ protected String truststoreAlias;
/**
* Gets the value of the endpoint property.
@@ -76,51 +76,51 @@
}
/**
- * Gets the value of the truststoreAlias property.
+ * Gets the value of the tokenType property.
*
* @return
* possible object is
* {@link String }
*
*/
- public String getTruststoreAlias() {
- return truststoreAlias;
+ public String getTokenType() {
+ return tokenType;
}
/**
- * Sets the value of the truststoreAlias property.
+ * Sets the value of the tokenType property.
*
* @param value
* allowed object is
* {@link String }
*
*/
- public void setTruststoreAlias(String value) {
- this.truststoreAlias = value;
+ public void setTokenType(String value) {
+ this.tokenType = value;
}
/**
- * Gets the value of the tokenType property.
+ * Gets the value of the truststoreAlias property.
*
* @return
* possible object is
* {@link String }
*
*/
- public String getTokenType() {
- return tokenType;
+ public String getTruststoreAlias() {
+ return truststoreAlias;
}
/**
- * Sets the value of the tokenType property.
+ * Sets the value of the truststoreAlias property.
*
* @param value
* allowed object is
* {@link String }
*
*/
- public void setTokenType(String value) {
- this.tokenType = value;
+ public void setTruststoreAlias(String value) {
+ this.truststoreAlias = value;
}
}
Modified: identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/config/ServiceProvidersType.java
===================================================================
--- identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/config/ServiceProvidersType.java 2009-09-03 01:56:21 UTC (rev 758)
+++ identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/config/ServiceProvidersType.java 2009-09-03 18:17:00 UTC (rev 759)
@@ -1,8 +1,8 @@
//
-// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, vhudson-jaxb-ri-2.1-661
+// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, vJAXB 2.1.10
// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a>
// Any modifications to this file will be lost upon recompilation of the source schema.
-// Generated on: 2009.04.21 at 04:51:39 PM CDT
+// Generated on: 2009.09.03 at 01:21:42 PM BRT
//
@@ -10,7 +10,6 @@
import java.util.ArrayList;
import java.util.List;
-
import javax.xml.bind.annotation.XmlAccessType;
import javax.xml.bind.annotation.XmlAccessorType;
import javax.xml.bind.annotation.XmlElement;
Modified: identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/config/TokenProviderType.java
===================================================================
--- identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/config/TokenProviderType.java 2009-09-03 01:56:21 UTC (rev 758)
+++ identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/config/TokenProviderType.java 2009-09-03 18:17:00 UTC (rev 759)
@@ -1,16 +1,19 @@
//
-// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, vhudson-jaxb-ri-2.1-661
+// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, vJAXB 2.1.10
// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a>
// Any modifications to this file will be lost upon recompilation of the source schema.
-// Generated on: 2009.04.21 at 04:51:39 PM CDT
+// Generated on: 2009.09.03 at 01:21:42 PM BRT
//
package org.jboss.identity.federation.core.config;
+import java.util.ArrayList;
+import java.util.List;
import javax.xml.bind.annotation.XmlAccessType;
import javax.xml.bind.annotation.XmlAccessorType;
import javax.xml.bind.annotation.XmlAttribute;
+import javax.xml.bind.annotation.XmlElement;
import javax.xml.bind.annotation.XmlType;
@@ -23,8 +26,13 @@
* <complexType name="TokenProviderType">
* <complexContent>
* <restriction base="{http://www.w3.org/2001/XMLSchema}anyType">
+ * <sequence>
+ * <element name="Property" type="{urn:jboss:identity-federation:config:1.0}PropertyType" maxOccurs="unbounded" minOccurs="0"/>
+ * </sequence>
* <attribute name="ProviderClass" use="required" type="{http://www.w3.org/2001/XMLSchema}string" />
* <attribute name="TokenType" use="required" type="{http://www.w3.org/2001/XMLSchema}string" />
+ * <attribute name="TokenElement" use="required" type="{http://www.w3.org/2001/XMLSchema}string" />
+ * <attribute name="TokenElementNS" use="required" type="{http://www.w3.org/2001/XMLSchema}string" />
* </restriction>
* </complexContent>
* </complexType>
@@ -33,15 +41,52 @@
*
*/
@XmlAccessorType(XmlAccessType.FIELD)
-@XmlType(name = "TokenProviderType")
+@XmlType(name = "TokenProviderType", propOrder = {
+ "property"
+})
public class TokenProviderType {
+ @XmlElement(name = "Property")
+ protected List<PropertyType> property;
@XmlAttribute(name = "ProviderClass", required = true)
protected String providerClass;
@XmlAttribute(name = "TokenType", required = true)
protected String tokenType;
+ @XmlAttribute(name = "TokenElement", required = true)
+ protected String tokenElement;
+ @XmlAttribute(name = "TokenElementNS", required = true)
+ protected String tokenElementNS;
/**
+ * Gets the value of the property property.
+ *
+ * <p>
+ * This accessor method returns a reference to the live list,
+ * not a snapshot. Therefore any modification you make to the
+ * returned list will be present inside the JAXB object.
+ * This is why there is not a <CODE>set</CODE> method for the property property.
+ *
+ * <p>
+ * For example, to add a new item, do as follows:
+ * <pre>
+ * getProperty().add(newItem);
+ * </pre>
+ *
+ *
+ * <p>
+ * Objects of the following type(s) are allowed in the list
+ * {@link PropertyType }
+ *
+ *
+ */
+ public List<PropertyType> getProperty() {
+ if (property == null) {
+ property = new ArrayList<PropertyType>();
+ }
+ return this.property;
+ }
+
+ /**
* Gets the value of the providerClass property.
*
* @return
@@ -89,4 +134,52 @@
this.tokenType = value;
}
+ /**
+ * Gets the value of the tokenElement property.
+ *
+ * @return
+ * possible object is
+ * {@link String }
+ *
+ */
+ public String getTokenElement() {
+ return tokenElement;
+ }
+
+ /**
+ * Sets the value of the tokenElement property.
+ *
+ * @param value
+ * allowed object is
+ * {@link String }
+ *
+ */
+ public void setTokenElement(String value) {
+ this.tokenElement = value;
+ }
+
+ /**
+ * Gets the value of the tokenElementNS property.
+ *
+ * @return
+ * possible object is
+ * {@link String }
+ *
+ */
+ public String getTokenElementNS() {
+ return tokenElementNS;
+ }
+
+ /**
+ * Sets the value of the tokenElementNS property.
+ *
+ * @param value
+ * allowed object is
+ * {@link String }
+ *
+ */
+ public void setTokenElementNS(String value) {
+ this.tokenElementNS = value;
+ }
+
}
Modified: identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/config/TokenProvidersType.java
===================================================================
--- identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/config/TokenProvidersType.java 2009-09-03 01:56:21 UTC (rev 758)
+++ identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/config/TokenProvidersType.java 2009-09-03 18:17:00 UTC (rev 759)
@@ -1,8 +1,8 @@
//
-// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, vhudson-jaxb-ri-2.1-661
+// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, vJAXB 2.1.10
// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a>
// Any modifications to this file will be lost upon recompilation of the source schema.
-// Generated on: 2009.04.21 at 04:51:39 PM CDT
+// Generated on: 2009.09.03 at 01:21:42 PM BRT
//
@@ -10,7 +10,6 @@
import java.util.ArrayList;
import java.util.List;
-
import javax.xml.bind.annotation.XmlAccessType;
import javax.xml.bind.annotation.XmlAccessorType;
import javax.xml.bind.annotation.XmlElement;
Modified: identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/config/TrustType.java
===================================================================
--- identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/config/TrustType.java 2009-09-03 01:56:21 UTC (rev 758)
+++ identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/config/TrustType.java 2009-09-03 18:17:00 UTC (rev 759)
@@ -1,8 +1,8 @@
//
-// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, vhudson-jaxb-ri-2.1-661
+// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, vJAXB 2.1.10
// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a>
// Any modifications to this file will be lost upon recompilation of the source schema.
-// Generated on: 2009.04.21 at 04:51:39 PM CDT
+// Generated on: 2009.09.03 at 01:21:42 PM BRT
//
Modified: identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/config/package-info.java
===================================================================
--- identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/config/package-info.java 2009-09-03 01:56:21 UTC (rev 758)
+++ identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/config/package-info.java 2009-09-03 18:17:00 UTC (rev 759)
@@ -1,8 +1,8 @@
//
-// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, vhudson-jaxb-ri-2.1-661
+// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, vJAXB 2.1.10
// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a>
// Any modifications to this file will be lost upon recompilation of the source schema.
-// Generated on: 2009.04.21 at 04:51:39 PM CDT
+// Generated on: 2009.09.03 at 01:21:42 PM BRT
//
@javax.xml.bind.annotation.XmlSchema(namespace = "urn:jboss:identity-federation:config:1.0", elementFormDefault = javax.xml.bind.annotation.XmlNsForm.QUALIFIED)
Modified: identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/wstrust/STSConfiguration.java
===================================================================
--- identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/wstrust/STSConfiguration.java 2009-09-03 01:56:21 UTC (rev 758)
+++ identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/wstrust/STSConfiguration.java 2009-09-03 18:17:00 UTC (rev 759)
@@ -23,7 +23,6 @@
import java.security.KeyPair;
import java.security.PublicKey;
-import java.util.Map;
/**
* <p>
@@ -61,7 +60,7 @@
* @return {@code true} if the issued token is to be signed; {@code false} otherwise.
*/
public boolean signIssuedToken();
-
+
/**
* <p>
* Obtains the timeout value (in milliseconds) for issued tokens.
@@ -121,12 +120,18 @@
/**
* <p>
- * Obtains a {@code Map} that contains the non-standard configuration options.
+ * Obtains the token provider that can handle tokens that have the specified local name and namespace. When a
+ * validate, renew, or cancel request is made, the token type is not set in the WS-Trust request. In these cases
+ * the {@code SecurityTokenProvider} must be determined using the security token itself.
* </p>
*
- * @return a {@code Map<String, Object>} containing the additional configuration options.
+ * @param tokenLocalName a {@code String} representing the token element name. (e.g. {@code Assertion}).
+ * @param tokenNamespace a {@code String} representing the token element namespace. (e.g.
+ * {@code urn:oasis:names:tc:SAML:2.0:assertion}).
+ * @return a reference to the {@code SecurityTokenProvider} that must be used to handle the request that contains
+ * only the security token.
*/
- public Map<String, Object> getOptions();
+ public SecurityTokenProvider getProviderForTokenElementNS(String tokenLocalName, String tokenNamespace);
/**
* <p>
Modified: identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/wstrust/SecurityTokenProvider.java
===================================================================
--- identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/wstrust/SecurityTokenProvider.java 2009-09-03 01:56:21 UTC (rev 758)
+++ identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/wstrust/SecurityTokenProvider.java 2009-09-03 18:17:00 UTC (rev 759)
@@ -21,6 +21,7 @@
*/
package org.jboss.identity.federation.core.wstrust;
+import java.util.Map;
/**
* <p>
@@ -33,6 +34,16 @@
{
/**
* <p>
+ * Initializes the {@code SecurityTokenProvider} using the specified properties map.
+ * </p>
+ *
+ * @param properties a {@code Map<String, String>} that contains the properties that have been configured for
+ * this {@code SecurityTokenProvider}.
+ */
+ public void initialize(Map<String, String> properties);
+
+ /**
+ * <p>
* Generates a security token using the information contained in the specified request context and stores the
* newly-created token in the context itself.
* </p>
Modified: identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/wstrust/StandardRequestHandler.java
===================================================================
--- identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/wstrust/StandardRequestHandler.java 2009-09-03 01:56:21 UTC (rev 758)
+++ identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/wstrust/StandardRequestHandler.java 2009-09-03 18:17:00 UTC (rev 759)
@@ -54,16 +54,15 @@
public class StandardRequestHandler implements WSTrustRequestHandler
{
private static Logger log = Logger.getLogger(StandardRequestHandler.class);
+
private boolean trace = log.isTraceEnabled();
private STSConfiguration configuration;
/*
* (non-Javadoc)
- *
- * @see
- * org.jboss.identity.federation.api.wstrust.WSTrustRequestHandler#initialize(org.jboss.identity.federation.api.wstrust
- * .STSConfiguration)
+ * @see org.jboss.identity.federation.core.wstrust.WSTrustRequestHandler#initialize(
+ * org.jboss.identity.federation.core.wstrust.STSConfiguration)
*/
public void initialize(STSConfiguration configuration)
{
@@ -72,18 +71,16 @@
/*
* (non-Javadoc)
- *
- * @see
- * org.jboss.identity.federation.api.wstrust.WSTrustRequestHandler#issue(org.jboss.identity.federation.api.wstrust
- * .protocol.RequestSecurityToken, java.security.Principal)
+ * @see org.jboss.identity.federation.core.wstrust.WSTrustRequestHandler#issue(
+ * org.jboss.identity.federation.core.wstrust.wrappers.RequestSecurityToken, java.security.Principal)
*/
public RequestSecurityTokenResponse issue(RequestSecurityToken request, Principal callerPrincipal)
throws WSTrustException
{
Document rstDocument = request.getRSTDocument();
- if( rstDocument == null)
+ if (rstDocument == null)
throw new IllegalArgumentException("Request does not contain the DOM Document");
-
+
SecurityTokenProvider provider = null;
// first try to obtain the security token provider using the applies-to contents.
@@ -95,8 +92,11 @@
if (serviceName != null)
{
provider = this.configuration.getProviderForService(serviceName);
- request.setTokenType(URI.create(this.configuration.getTokenTypeForService(serviceName)));
- providerPublicKey = this.configuration.getServiceProviderPublicKey(serviceName);
+ if (provider != null)
+ {
+ request.setTokenType(URI.create(this.configuration.getTokenTypeForService(serviceName)));
+ providerPublicKey = this.configuration.getServiceProviderPublicKey(serviceName);
+ }
}
}
// if applies-to is not available or if no provider was found for the service, use the token type.
@@ -185,18 +185,16 @@
/*
* (non-Javadoc)
- *
- * @see
- * org.jboss.identity.federation.api.wstrust.WSTrustRequestHandler#renew(org.jboss.identity.federation.api.wstrust
- * .protocol.RequestSecurityToken, java.security.Principal)
+ * @see org.jboss.identity.federation.core.wstrust.WSTrustRequestHandler#renew(
+ * org.jboss.identity.federation.core.wstrust.wrappers.RequestSecurityToken, java.security.Principal)
*/
public RequestSecurityTokenResponse renew(RequestSecurityToken request, Principal callerPrincipal)
throws WSTrustException
{
Document rstDocument = request.getRSTDocument();
- if( rstDocument == null)
+ if (rstDocument == null)
throw new IllegalArgumentException("Request does not contain the DOM Document");
-
+
SecurityTokenProvider provider = null;
// first try to obtain the security token provider using the applies-to contents.
@@ -220,9 +218,9 @@
else if (appliesTo == null && request.getTokenType() == null)
throw new WSTrustException("Either AppliesTo or TokenType must be present in a security token request");
- // TODO: get the provider using the token from the request.
- provider = this.configuration.getProviderForTokenType(SAMLUtil.SAML2_TOKEN_TYPE);
-
+ // TODO: get the provider using the token from the request.
+ provider = this.configuration.getProviderForTokenType(SAMLUtil.SAML2_TOKEN_TYPE);
+
if (provider != null)
{
// create the request context and delegate token generation to the provider.
@@ -238,7 +236,6 @@
if (requestContext.getSecurityToken() == null)
throw new WSTrustException("Token issued by provider " + provider.getClass().getName() + " is null");
-
// construct the ws-trust security token response.
RequestedSecurityTokenType requestedSecurityToken = new RequestedSecurityTokenType();
@@ -269,53 +266,47 @@
/*
* (non-Javadoc)
- *
- * @see
- * org.jboss.identity.federation.api.wstrust.WSTrustRequestHandler#validate(org.jboss.identity.federation.api.wstrust
- * .protocol.RequestSecurityToken, java.security.Principal)
+ * @see org.jboss.identity.federation.core.wstrust.WSTrustRequestHandler#validate(
+ * org.jboss.identity.federation.core.wstrust.wrappers.RequestSecurityToken, java.security.Principal)
*/
public RequestSecurityTokenResponse validate(RequestSecurityToken request, Principal callerPrincipal)
throws WSTrustException
{
Document rstDocument = request.getRSTDocument();
- if( rstDocument == null)
+ if (rstDocument == null)
throw new IllegalArgumentException("Request does not contain the DOM Document");
-
+
if (request.getValidateTarget() == null)
throw new WSTrustException("Unable to validate token: validate target is null");
-
+
if (request.getTokenType() == null)
request.setTokenType(URI.create(WSTrustConstants.STATUS_TYPE));
- // TODO: get the provider using the token from the request.
- SecurityTokenProvider provider = this.configuration.getProviderForTokenType(SAMLUtil.SAML2_TOKEN_TYPE);
+ Node securityToken = request.getValidateTargetElement().getFirstChild();
+ SecurityTokenProvider provider = this.configuration.getProviderForTokenElementNS(
+ securityToken.getLocalName(), securityToken.getNamespaceURI());
WSTrustRequestContext context = new WSTrustRequestContext(request, callerPrincipal);
StatusType status = null;
-
+
// validate the security token digital signature.
if (this.configuration.signIssuedToken() && this.configuration.getSTSKeyPair() != null)
{
KeyPair keyPair = this.configuration.getSTSKeyPair();
try
{
- //Element tokenElement = (Element) request.getValidateTarget().getAny();
- Element tokenElement = request.getValidateTargetElement();
-
- Node securityToken = tokenElement.getFirstChild();
-
- if(trace)
+ if (trace)
{
try
{
log.trace("Going to validate:" + DocumentUtil.getNodeAsString(securityToken));
}
catch (Exception e)
- {
+ {
}
}
Document tokenDocument = DocumentUtil.createDocument();
- Node importedNode = tokenDocument.importNode(securityToken, true);
+ Node importedNode = tokenDocument.importNode(securityToken, true);
tokenDocument.appendChild(importedNode);
if (!XMLSignatureUtil.validate(tokenDocument, keyPair.getPublic()))
{
@@ -331,10 +322,10 @@
status.setReason("Validation failure: unable to verify digital signature: " + e.getMessage());
}
}
- // TODO: add logging statements alerting that signature validation was not perfomed.
-
+ // TODO: add logging statements alerting that signature validation was not performed.
+
// if the signature is valid, then let the provider handle perform any additional validation checks.
- if(status == null)
+ if (status == null)
{
provider.validateToken(context);
status = context.getStatus();
@@ -352,29 +343,27 @@
/*
* (non-Javadoc)
- *
- * @see
- * org.jboss.identity.federation.api.wstrust.WSTrustRequestHandler#cancel(org.jboss.identity.federation.api.wstrust
- * .protocol.RequestSecurityToken, java.security.Principal)
+ * @see org.jboss.identity.federation.core.wstrust.WSTrustRequestHandler#cancel(
+ * org.jboss.identity.federation.core.wstrust.wrappers.RequestSecurityToken, java.security.Principal)
*/
public RequestSecurityTokenResponse cancel(RequestSecurityToken request, Principal callerPrincipal)
throws WSTrustException
{
Document rstDocument = request.getRSTDocument();
- if( rstDocument == null)
+ if (rstDocument == null)
throw new IllegalArgumentException("Request does not contain the DOM Document");
-
+
// TODO: implement cancel logic.
throw new UnsupportedOperationException();
}
public Document postProcess(Document rstrDocument, RequestSecurityToken request) throws WSTrustException
{
- if(WSTrustConstants.ISSUE_REQUEST.equals(request.getRequestType().toString())
+ if (WSTrustConstants.ISSUE_REQUEST.equals(request.getRequestType().toString())
|| WSTrustConstants.RENEW_REQUEST.equals(request.getRequestType().toString()))
{
- rstrDocument = DocumentUtil.normalizeNamespaces(rstrDocument);
-
+ rstrDocument = DocumentUtil.normalizeNamespaces(rstrDocument);
+
//Sign and encrypt
if (this.configuration.signIssuedToken() && this.configuration.getSTSKeyPair() != null)
{
@@ -385,29 +374,32 @@
String signatureMethod = signatureURI != null ? signatureURI.toString() : SignatureMethod.RSA_SHA1;
try
{
- Node rst = rstrDocument.getElementsByTagNameNS(WSTrustConstants.BASE_NAMESPACE,
+ Node rst = rstrDocument.getElementsByTagNameNS(WSTrustConstants.BASE_NAMESPACE,
"RequestedSecurityToken").item(0);
Element tokenElement = (Element) rst.getFirstChild();
- if(trace)
+ if (trace)
{
- log.trace("NamespaceURI of element to be signed:" +tokenElement.getNamespaceURI() );
+ log.trace("NamespaceURI of element to be signed:" + tokenElement.getNamespaceURI());
}
- /* XMLSignatureUtil.sign(tokenElement.getOwnerDocument(), keyPair, DigestMethod.SHA1, signatureMethod,
- "#" + tokenElement.getAttribute("ID"));
- */
- rstrDocument = XMLSignatureUtil.sign(rstrDocument, tokenElement, keyPair,
- DigestMethod.SHA1, signatureMethod, "#" + tokenElement.getAttribute("ID"));
- if(trace)
+ /* XMLSignatureUtil.sign(tokenElement.getOwnerDocument(), keyPair, DigestMethod.SHA1, signatureMethod,
+ "#" + tokenElement.getAttribute("ID"));
+ */
+ rstrDocument = XMLSignatureUtil.sign(rstrDocument, tokenElement, keyPair, DigestMethod.SHA1,
+ signatureMethod, "#" + tokenElement.getAttribute("ID"));
+ if (trace)
{
try
{
log.trace("Signed Token:" + DocumentUtil.getNodeAsString(tokenElement));
-
+
Document tokenDocument = DocumentUtil.createDocument();
tokenDocument.appendChild(tokenDocument.importNode(tokenElement, true));
log.trace("valid=" + XMLSignatureUtil.validate(tokenDocument, keyPair.getPublic()));
-
- }catch(Exception ignore){}
+
+ }
+ catch (Exception ignore)
+ {
+ }
}
}
catch (Exception e)
Modified: identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/wstrust/StandardSecurityToken.java
===================================================================
--- identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/wstrust/StandardSecurityToken.java 2009-09-03 01:56:21 UTC (rev 758)
+++ identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/wstrust/StandardSecurityToken.java 2009-09-03 18:17:00 UTC (rev 759)
@@ -64,7 +64,7 @@
/*
* (non-Javadoc)
*
- * @see org.jboss.identity.federation.api.wstrust.SecurityToken#getTokenType()
+ * @see org.jboss.identity.federation.core.wstrust.SecurityToken#getTokenType()
*/
public String getTokenType()
{
@@ -74,7 +74,7 @@
/*
* (non-Javadoc)
*
- * @see org.jboss.identity.federation.api.wstrust.SecurityToken#getTokenValue()
+ * @see org.jboss.identity.federation.core.wstrust.SecurityToken#getTokenValue()
*/
public Object getTokenValue()
{
@@ -84,7 +84,7 @@
/*
* (non-Javadoc)
*
- * @see org.jboss.identity.federation.api.wstrust.SecurityToken#getTokenID()
+ * @see org.jboss.identity.federation.core.wstrust.SecurityToken#getTokenID()
*/
public String getTokenID()
{
Modified: identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/wstrust/plugins/saml/SAML20TokenProvider.java
===================================================================
--- identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/wstrust/plugins/saml/SAML20TokenProvider.java 2009-09-03 01:56:21 UTC (rev 758)
+++ identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/wstrust/plugins/saml/SAML20TokenProvider.java 2009-09-03 18:17:00 UTC (rev 759)
@@ -63,11 +63,23 @@
public class SAML20TokenProvider implements SecurityTokenProvider
{
+ private Map<String, String> properties;
+
/*
* (non-Javadoc)
*
- * @see org.jboss.identity.federation.api.wstrust.SecurityTokenProvider#cancelToken(org.jboss.identity.federation.api.wstrust.WSTrustRequestContext)
+ * @see org.jboss.identity.federation.core.wstrust.SecurityTokenProvider#initialize(java.util.Map)
*/
+ public void initialize(Map<String, String> properties)
+ {
+ this.properties = properties;
+ }
+
+ /*
+ * (non-Javadoc)
+ *
+ * @see org.jboss.identity.federation.core.wstrust.SecurityTokenProvider#cancelToken(org.jboss.identity.federation.core.wstrust.WSTrustRequestContext)
+ */
public void cancelToken(WSTrustRequestContext context) throws WSTrustException
{
// TODO: implement cancel logic.
@@ -76,7 +88,7 @@
/*
* (non-Javadoc)
*
- * @see org.jboss.identity.federation.api.wstrust.SecurityTokenProvider#issueToken(org.jboss.identity.federation.api.wstrust.WSTrustRequestContext)
+ * @see org.jboss.identity.federation.core.wstrust.SecurityTokenProvider#issueToken(org.jboss.identity.federation.core.wstrust.WSTrustRequestContext)
*/
public void issueToken(WSTrustRequestContext context) throws WSTrustException
{
@@ -89,7 +101,7 @@
/*
* (non-Javadoc)
*
- * @see org.jboss.identity.federation.api.wstrust.SecurityTokenProvider#renewToken(org.jboss.identity.federation.api.wstrust.WSTrustRequestContext)
+ * @see org.jboss.identity.federation.core.wstrust.SecurityTokenProvider#renewToken(org.jboss.identity.federation.core.wstrust.WSTrustRequestContext)
*/
public void renewToken(WSTrustRequestContext context) throws WSTrustException
{
@@ -103,7 +115,7 @@
/*
* (non-Javadoc)
*
- * @see org.jboss.identity.federation.api.wstrust.SecurityTokenProvider#validateToken(org.jboss.identity.federation.api.wstrust.WSTrustRequestContext)
+ * @see org.jboss.identity.federation.core.wstrust.SecurityTokenProvider#validateToken(org.jboss.identity.federation.core.wstrust.WSTrustRequestContext)
*/
@SuppressWarnings("unchecked")
public void validateToken(WSTrustRequestContext context) throws WSTrustException
Modified: identity-federation/trunk/jboss-identity-fed-core/src/test/java/org/jboss/test/identity/federation/core/wstrust/MockSTSConfiguration.java
===================================================================
--- identity-federation/trunk/jboss-identity-fed-core/src/test/java/org/jboss/test/identity/federation/core/wstrust/MockSTSConfiguration.java 2009-09-03 01:56:21 UTC (rev 758)
+++ identity-federation/trunk/jboss-identity-fed-core/src/test/java/org/jboss/test/identity/federation/core/wstrust/MockSTSConfiguration.java 2009-09-03 18:17:00 UTC (rev 759)
@@ -23,7 +23,6 @@
import java.security.KeyPair;
import java.security.PublicKey;
-import java.util.Map;
import org.jboss.identity.federation.core.wstrust.STSConfiguration;
import org.jboss.identity.federation.core.wstrust.SecurityTokenProvider;
@@ -43,7 +42,7 @@
/*
* (non-Javadoc)
*
- * @see org.jboss.identity.federation.api.wstrust.STSConfiguration#getEncryptIssuedToken()
+ * @see org.jboss.identity.federation.core.wstrust.STSConfiguration#getEncryptIssuedToken()
*/
public boolean encryptIssuedToken()
{
@@ -52,17 +51,17 @@
/*
* (non-Javadoc)
- * @see org.jboss.identity.federation.api.wstrust.STSConfiguration#signIssuedToken()
+ * @see org.jboss.identity.federation.core.wstrust.STSConfiguration#signIssuedToken()
*/
- public boolean signIssuedToken()
+ public boolean signIssuedToken()
{
- return true;
+ return true;
}
-
+
/*
* (non-Javadoc)
*
- * @see org.jboss.identity.federation.api.wstrust.STSConfiguration#getIssuedTokenTimeout()
+ * @see org.jboss.identity.federation.core.wstrust.STSConfiguration#getIssuedTokenTimeout()
*/
public long getIssuedTokenTimeout()
{
@@ -72,9 +71,9 @@
/*
* (non-Javadoc)
*
- * @see org.jboss.identity.federation.api.wstrust.STSConfiguration#getOptions()
+ * @see org.jboss.identity.federation.core.wstrust.STSConfiguration#getProviderForService(java.lang.String)
*/
- public Map<String, Object> getOptions()
+ public SecurityTokenProvider getProviderForService(String serviceName)
{
return null;
}
@@ -82,9 +81,9 @@
/*
* (non-Javadoc)
*
- * @see org.jboss.identity.federation.api.wstrust.STSConfiguration#getProviderForService(java.lang.String)
+ * @see org.jboss.identity.federation.core.wstrust.STSConfiguration#getProviderForTokenType(java.lang.String)
*/
- public SecurityTokenProvider getProviderForService(String serviceName)
+ public SecurityTokenProvider getProviderForTokenType(String tokenType)
{
return null;
}
@@ -92,9 +91,9 @@
/*
* (non-Javadoc)
*
- * @see org.jboss.identity.federation.api.wstrust.STSConfiguration#getProviderForTokenType(java.lang.String)
+ * @see org.jboss.identity.federation.core.wstrust.STSConfiguration#getProviderForTokenElementNS(java.lang.String, java.lang.String)
*/
- public SecurityTokenProvider getProviderForTokenType(String tokenType)
+ public SecurityTokenProvider getProviderForTokenElementNS(String tokenLocalName, String tokenNamespace)
{
return null;
}
@@ -102,7 +101,7 @@
/*
* (non-Javadoc)
*
- * @see org.jboss.identity.federation.api.wstrust.STSConfiguration#getTokenTypeForService(java.lang.String)
+ * @see org.jboss.identity.federation.core.wstrust.STSConfiguration#getTokenTypeForService(java.lang.String)
*/
public String getTokenTypeForService(String serviceName)
{
@@ -112,7 +111,7 @@
/*
* (non-Javadoc)
*
- * @see org.jboss.identity.federation.api.wstrust.STSConfiguration#getRequestHandler()
+ * @see org.jboss.identity.federation.core.wstrust.STSConfiguration#getRequestHandler()
*/
public WSTrustRequestHandler getRequestHandler()
{
@@ -122,7 +121,7 @@
/*
* (non-Javadoc)
*
- * @see org.jboss.identity.federation.api.wstrust.STSConfiguration#getSTSName()
+ * @see org.jboss.identity.federation.core.wstrust.STSConfiguration#getSTSName()
*/
public String getSTSName()
{
@@ -132,7 +131,7 @@
/*
* (non-Javadoc)
*
- * @see org.jboss.identity.federation.api.wstrust.STSConfiguration#getServiceProviderPublicKey(java.lang.String)
+ * @see org.jboss.identity.federation.core.wstrust.STSConfiguration#getServiceProviderPublicKey(java.lang.String)
*/
public PublicKey getServiceProviderPublicKey(String serviceName)
{
@@ -142,7 +141,7 @@
/*
* (non-Javadoc)
*
- * @see org.jboss.identity.federation.api.wstrust.STSConfiguration#getSTSKeyPair()
+ * @see org.jboss.identity.federation.core.wstrust.STSConfiguration#getSTSKeyPair()
*/
public KeyPair getSTSKeyPair()
{
Modified: identity-federation/trunk/jboss-identity-fed-core/src/test/java/org/jboss/test/identity/federation/core/wstrust/SpecialTokenProvider.java
===================================================================
--- identity-federation/trunk/jboss-identity-fed-core/src/test/java/org/jboss/test/identity/federation/core/wstrust/SpecialTokenProvider.java 2009-09-03 01:56:21 UTC (rev 758)
+++ identity-federation/trunk/jboss-identity-fed-core/src/test/java/org/jboss/test/identity/federation/core/wstrust/SpecialTokenProvider.java 2009-09-03 18:17:00 UTC (rev 759)
@@ -21,6 +21,8 @@
*/
package org.jboss.test.identity.federation.core.wstrust;
+import java.util.Map;
+
import org.jboss.identity.federation.core.wstrust.SecurityTokenProvider;
import org.jboss.identity.federation.core.wstrust.WSTrustException;
import org.jboss.identity.federation.core.wstrust.WSTrustRequestContext;
@@ -38,8 +40,17 @@
/*
* (non-Javadoc)
*
- * @see org.jboss.identity.federation.api.wstrust.SecurityTokenProvider#cancelToken(org.jboss.identity.federation.api.wstrust.WSTrustRequestContext)
+ * @see org.jboss.identity.federation.core.wstrust.SecurityTokenProvider#initialize(java.util.Map)
*/
+ public void initialize(Map<String, String> properties)
+ {
+ }
+
+ /*
+ * (non-Javadoc)
+ *
+ * @see org.jboss.identity.federation.core.wstrust.SecurityTokenProvider#cancelToken(org.jboss.identity.federation.core.wstrust.WSTrustRequestContext)
+ */
public void cancelToken(WSTrustRequestContext context) throws WSTrustException
{
}
@@ -47,7 +58,7 @@
/*
* (non-Javadoc)
*
- * @see org.jboss.identity.federation.api.wstrust.SecurityTokenProvider#issueToken(org.jboss.identity.federation.api.wstrust.WSTrustRequestContext)
+ * @see org.jboss.identity.federation.core.wstrust.SecurityTokenProvider#issueToken(org.jboss.identity.federation.core.wstrust.WSTrustRequestContext)
*/
public void issueToken(WSTrustRequestContext context) throws WSTrustException
{
@@ -56,7 +67,7 @@
/*
* (non-Javadoc)
*
- * @see org.jboss.identity.federation.api.wstrust.SecurityTokenProvider#renewToken(org.jboss.identity.federation.api.wstrust.WSTrustRequestContext)
+ * @see org.jboss.identity.federation.core.wstrust.SecurityTokenProvider#renewToken(org.jboss.identity.federation.core.wstrust.WSTrustRequestContext)
*/
public void renewToken(WSTrustRequestContext context) throws WSTrustException
{
@@ -65,7 +76,7 @@
/*
* (non-Javadoc)
*
- * @see org.jboss.identity.federation.api.wstrust.SecurityTokenProvider#validateToken(org.jboss.identity.federation.api.wstrust.WSTrustRequestContext)
+ * @see org.jboss.identity.federation.core.wstrust.SecurityTokenProvider#validateToken(org.jboss.identity.federation.core.wstrust.WSTrustRequestContext)
*/
public void validateToken(WSTrustRequestContext context) throws WSTrustException
{
Modified: identity-federation/trunk/jboss-identity-web/src/main/resources/schema/config/jboss-identity-fed.xsd
===================================================================
--- identity-federation/trunk/jboss-identity-web/src/main/resources/schema/config/jboss-identity-fed.xsd 2009-09-03 01:56:21 UTC (rev 758)
+++ identity-federation/trunk/jboss-identity-web/src/main/resources/schema/config/jboss-identity-fed.xsd 2009-09-03 18:17:00 UTC (rev 759)
@@ -159,17 +159,37 @@
<complexType name="STSType">
<sequence>
- <element name="KeyProvider" type="tns:KeyProviderType"
- maxOccurs="1" minOccurs="0"/>
+ <element name="KeyProvider" type="tns:KeyProviderType" minOccurs="0"/>
<element name="RequestHandler" type="string" minOccurs="0"/>
+ <element name="ClaimProviders" type="tns:ClaimProvidersType" minOccurs="0"/>
<element name="TokenProviders" type="tns:TokenProvidersType" minOccurs="0"/>
<element name="ServiceProviders" type="tns:ServiceProvidersType" minOccurs="0"/>
</sequence>
<attribute name="STSName" default="JBossSTS" type="string" use="optional"/>
<attribute name="TokenTimeout" default="3600" type="int" use="optional"/>
+ <attribute name="SignToken" default="true" type="boolean" use="optional"/>
<attribute name="EncryptToken" default="false" type="boolean" use="optional"/>
</complexType>
+ <complexType name="ClaimProvidersType">
+ <annotation>
+ <documentation>
+ The claim providers specify the classes that are capable of handling specific claims dialects.
+ </documentation>
+ </annotation>
+ <sequence>
+ <element name="ClaimProvider" type="tns:ClaimProviderType" minOccurs="1" maxOccurs="unbounded"/>
+ </sequence>
+ </complexType>
+
+ <complexType name="ClaimProviderType">
+ <sequence>
+ <element name="Property" type="tns:PropertyType" minOccurs="0" maxOccurs="unbounded"/>
+ </sequence>
+ <attribute name="ProviderClass" type="string" use="required"/>
+ <attribute name="Dialect" type="string" use="required"/>
+ </complexType>
+
<complexType name="TokenProvidersType">
<annotation>
<documentation>
@@ -184,8 +204,13 @@
</complexType>
<complexType name="TokenProviderType">
+ <sequence>
+ <element name="Property" type="tns:PropertyType" minOccurs="0" maxOccurs="unbounded"/>
+ </sequence>
<attribute name="ProviderClass" type="string" use="required"/>
<attribute name="TokenType" type="string" use="required"/>
+ <attribute name="TokenElement" type="string" use="required"/>
+ <attribute name="TokenElementNS" type="string" use="required"/>
</complexType>
<complexType name="ServiceProvidersType">
@@ -209,12 +234,16 @@
</documentation>
</annotation>
<attribute name="Endpoint" type="string" use="required"/>
- <attribute name="TruststoreAlias" type="string" use="required"/>
<attribute name="TokenType" type="string" use="required"/>
+ <attribute name="TruststoreAlias" type="string" use="optional"/>
</complexType>
<element name="JBossSTS" type="tns:STSType"/>
+ <complexType name="PropertyType">
+ <attribute name="Name" type="string" use="required"/>
+ <attribute name="Value" type="string" use="required"/>
+ </complexType>
<complexType name="MetadataProviderType">
<sequence>
14 years, 8 months
JBoss Identity SVN: r758 - in identity-federation/trunk: jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/servlets and 30 other directories.
by jboss-identity-commits@lists.jboss.org
Author: sguilhen(a)redhat.com
Date: 2009-09-02 21:56:21 -0400 (Wed, 02 Sep 2009)
New Revision: 758
Added:
identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/common/
identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/common/IDGenerator.java
identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/common/SAMLDocumentHolder.java
identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/util/XMLSignatureUtil.java
identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/wstrust/STSConfiguration.java
identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/wstrust/SecurityActions.java
identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/wstrust/SecurityToken.java
identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/wstrust/SecurityTokenProvider.java
identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/wstrust/SecurityTokenService.java
identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/wstrust/StandardRequestHandler.java
identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/wstrust/StandardSecurityToken.java
identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/wstrust/WSTrustConstants.java
identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/wstrust/WSTrustException.java
identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/wstrust/WSTrustJAXBFactory.java
identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/wstrust/WSTrustRequestContext.java
identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/wstrust/WSTrustRequestHandler.java
identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/wstrust/WSTrustServiceFactory.java
identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/wstrust/WSTrustUtil.java
identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/wstrust/plugins/
identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/wstrust/plugins/saml/
identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/wstrust/plugins/saml/SAML20TokenProvider.java
identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/wstrust/plugins/saml/SAMLUtil.java
identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/wstrust/wrappers/
identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/wstrust/wrappers/BaseRequestSecurityToken.java
identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/wstrust/wrappers/BaseRequestSecurityTokenResponse.java
identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/wstrust/wrappers/Lifetime.java
identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/wstrust/wrappers/RequestSecurityToken.java
identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/wstrust/wrappers/RequestSecurityTokenCollection.java
identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/wstrust/wrappers/RequestSecurityTokenResponse.java
identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/wstrust/wrappers/RequestSecurityTokenResponseCollection.java
identity-federation/trunk/jboss-identity-fed-core/src/test/java/org/jboss/test/identity/federation/core/wstrust/
identity-federation/trunk/jboss-identity-fed-core/src/test/java/org/jboss/test/identity/federation/core/wstrust/MockSTSConfiguration.java
identity-federation/trunk/jboss-identity-fed-core/src/test/java/org/jboss/test/identity/federation/core/wstrust/SAML20TokenProviderUnitTestCase.java
identity-federation/trunk/jboss-identity-fed-core/src/test/java/org/jboss/test/identity/federation/core/wstrust/SpecialTokenProvider.java
identity-federation/trunk/jboss-identity-fed-core/src/test/java/org/jboss/test/identity/federation/core/wstrust/WSTrustJAXBFactoryUnitTestCase.java
identity-federation/trunk/jboss-identity-fed-core/src/test/java/org/jboss/test/identity/federation/core/wstrust/WSTrustServiceFactoryUnitTestCase.java
identity-federation/trunk/jboss-identity-fed-core/src/test/resources/wstrust/
identity-federation/trunk/jboss-identity-fed-core/src/test/resources/wstrust/ws-trust-request.xml
identity-federation/trunk/jboss-identity-fed-core/src/test/resources/wstrust/ws-trust-response.xml
Removed:
identity-federation/trunk/jboss-identity-fed-api/src/main/java/org/jboss/identity/federation/api/saml/v2/common/
identity-federation/trunk/jboss-identity-fed-api/src/main/java/org/jboss/identity/federation/api/util/XMLSignatureUtil.java
identity-federation/trunk/jboss-identity-fed-api/src/main/java/org/jboss/identity/federation/api/wstrust/STSConfiguration.java
identity-federation/trunk/jboss-identity-fed-api/src/main/java/org/jboss/identity/federation/api/wstrust/SecurityActions.java
identity-federation/trunk/jboss-identity-fed-api/src/main/java/org/jboss/identity/federation/api/wstrust/SecurityToken.java
identity-federation/trunk/jboss-identity-fed-api/src/main/java/org/jboss/identity/federation/api/wstrust/SecurityTokenProvider.java
identity-federation/trunk/jboss-identity-fed-api/src/main/java/org/jboss/identity/federation/api/wstrust/SecurityTokenService.java
identity-federation/trunk/jboss-identity-fed-api/src/main/java/org/jboss/identity/federation/api/wstrust/StandardRequestHandler.java
identity-federation/trunk/jboss-identity-fed-api/src/main/java/org/jboss/identity/federation/api/wstrust/StandardSecurityToken.java
identity-federation/trunk/jboss-identity-fed-api/src/main/java/org/jboss/identity/federation/api/wstrust/WSTrustConstants.java
identity-federation/trunk/jboss-identity-fed-api/src/main/java/org/jboss/identity/federation/api/wstrust/WSTrustException.java
identity-federation/trunk/jboss-identity-fed-api/src/main/java/org/jboss/identity/federation/api/wstrust/WSTrustJAXBFactory.java
identity-federation/trunk/jboss-identity-fed-api/src/main/java/org/jboss/identity/federation/api/wstrust/WSTrustRequestContext.java
identity-federation/trunk/jboss-identity-fed-api/src/main/java/org/jboss/identity/federation/api/wstrust/WSTrustRequestHandler.java
identity-federation/trunk/jboss-identity-fed-api/src/main/java/org/jboss/identity/federation/api/wstrust/WSTrustServiceFactory.java
identity-federation/trunk/jboss-identity-fed-api/src/main/java/org/jboss/identity/federation/api/wstrust/WSTrustUtil.java
identity-federation/trunk/jboss-identity-fed-api/src/main/java/org/jboss/identity/federation/api/wstrust/plugins/saml/
identity-federation/trunk/jboss-identity-fed-api/src/test/java/org/jboss/test/identity/federation/api/wstrust/MockSTSConfiguration.java
identity-federation/trunk/jboss-identity-fed-api/src/test/java/org/jboss/test/identity/federation/api/wstrust/SAML20TokenProviderUnitTestCase.java
identity-federation/trunk/jboss-identity-fed-api/src/test/java/org/jboss/test/identity/federation/api/wstrust/SpecialTokenProvider.java
identity-federation/trunk/jboss-identity-fed-api/src/test/java/org/jboss/test/identity/federation/api/wstrust/WSTrustJAXBFactoryUnitTestCase.java
identity-federation/trunk/jboss-identity-fed-api/src/test/java/org/jboss/test/identity/federation/api/wstrust/WSTrustServiceFactoryUnitTestCase.java
identity-federation/trunk/jboss-identity-fed-api/src/test/resources/wstrust/ws-trust-request.xml
identity-federation/trunk/jboss-identity-fed-api/src/test/resources/wstrust/ws-trust-response.xml
identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/wstrust/BaseRequestSecurityToken.java
identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/wstrust/BaseRequestSecurityTokenResponse.java
identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/wstrust/Lifetime.java
identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/wstrust/RequestSecurityToken.java
identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/wstrust/RequestSecurityTokenCollection.java
identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/wstrust/RequestSecurityTokenResponse.java
identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/wstrust/RequestSecurityTokenResponseCollection.java
Modified:
identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/jboss/wstrust/JBossSTS.java
identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/jboss/wstrust/JBossSTSConfiguration.java
identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/servlets/SOAPSAMLXACMLServlet.java
identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/idp/IDPRedirectValve.java
identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/sp/SPPostFormAuthenticator.java
identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/sp/SPPostSignatureFormAuthenticator.java
identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/sp/SPUtil.java
identity-federation/trunk/jboss-identity-bindings/src/test/java/org/jboss/test/identity/federation/bindings/util/RedirectBindingSignatureUtilTestCase.java
identity-federation/trunk/jboss-identity-bindings/src/test/java/org/jboss/test/identity/federation/bindings/util/RedirectBindingUtilTestCase.java
identity-federation/trunk/jboss-identity-bindings/src/test/java/org/jboss/test/identity/federation/bindings/wstrust/JBossSTSUnitTestCase.java
identity-federation/trunk/jboss-identity-bindings/src/test/java/org/jboss/test/identity/federation/bindings/wstrust/SpecialTokenProvider.java
identity-federation/trunk/jboss-identity-bindings/src/test/resources/jboss-sts.xml
identity-federation/trunk/jboss-identity-fed-api/src/main/java/org/jboss/identity/federation/api/saml/v2/request/SAML2Request.java
identity-federation/trunk/jboss-identity-fed-api/src/main/java/org/jboss/identity/federation/api/saml/v2/response/SAML2Response.java
identity-federation/trunk/jboss-identity-fed-api/src/main/java/org/jboss/identity/federation/api/saml/v2/sig/SAML2Signature.java
identity-federation/trunk/jboss-identity-fed-api/src/main/java/org/jboss/identity/federation/api/wstrust/WSTrustClient.java
identity-federation/trunk/jboss-identity-fed-api/src/test/java/org/jboss/test/identity/federation/api/saml/v2/DeflateEncodingDecodingUnitTestCase.java
identity-federation/trunk/jboss-identity-fed-api/src/test/java/org/jboss/test/identity/federation/api/saml/v2/SAML2AuthnRequestUnitTestCase.java
identity-federation/trunk/jboss-identity-fed-api/src/test/java/org/jboss/test/identity/federation/api/saml/v2/SAML2AuthnResponseUnitTestCase.java
identity-federation/trunk/jboss-identity-fed-api/src/test/java/org/jboss/test/identity/federation/api/saml/v2/SignatureValidationUnitTestCase.java
identity-federation/trunk/jboss-identity-fed-api/src/test/java/org/jboss/test/identity/federation/api/util/XMLEncryptionUnitTestCase.java
identity-federation/trunk/jboss-identity-fed-api/src/test/java/org/jboss/test/identity/federation/api/wstrust/WSTrustClientUnitTestCase.java
identity-federation/trunk/jboss-identity-seam/src/main/java/org/jboss/identity/seam/federation/SamlAuthenticationFilter.java
identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/filters/SPFilter.java
identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/util/IDPWebRequestUtil.java
Log:
JBID-178: moved WS-T code from api to core, leaving only WSTrustClient in api. All other files have been updated accordingly
Modified: identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/jboss/wstrust/JBossSTS.java
===================================================================
--- identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/jboss/wstrust/JBossSTS.java 2009-09-02 17:50:36 UTC (rev 757)
+++ identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/jboss/wstrust/JBossSTS.java 2009-09-03 01:56:21 UTC (rev 758)
@@ -34,22 +34,22 @@
import javax.xml.ws.WebServiceException;
import javax.xml.ws.WebServiceProvider;
-import org.jboss.identity.federation.api.saml.v2.common.SAMLDocumentHolder;
-import org.jboss.identity.federation.api.wstrust.STSConfiguration;
-import org.jboss.identity.federation.api.wstrust.SecurityTokenService;
-import org.jboss.identity.federation.api.wstrust.WSTrustConstants;
-import org.jboss.identity.federation.api.wstrust.WSTrustException;
-import org.jboss.identity.federation.api.wstrust.WSTrustJAXBFactory;
-import org.jboss.identity.federation.api.wstrust.WSTrustRequestHandler;
import org.jboss.identity.federation.core.config.STSType;
import org.jboss.identity.federation.core.exceptions.ConfigurationException;
import org.jboss.identity.federation.core.exceptions.ParsingException;
+import org.jboss.identity.federation.core.saml.v2.common.SAMLDocumentHolder;
import org.jboss.identity.federation.core.util.JAXBUtil;
-import org.jboss.identity.federation.core.wstrust.BaseRequestSecurityToken;
-import org.jboss.identity.federation.core.wstrust.RequestSecurityToken;
-import org.jboss.identity.federation.core.wstrust.RequestSecurityTokenCollection;
-import org.jboss.identity.federation.core.wstrust.RequestSecurityTokenResponse;
-import org.jboss.identity.federation.core.wstrust.RequestSecurityTokenResponseCollection;
+import org.jboss.identity.federation.core.wstrust.STSConfiguration;
+import org.jboss.identity.federation.core.wstrust.SecurityTokenService;
+import org.jboss.identity.federation.core.wstrust.WSTrustConstants;
+import org.jboss.identity.federation.core.wstrust.WSTrustException;
+import org.jboss.identity.federation.core.wstrust.WSTrustJAXBFactory;
+import org.jboss.identity.federation.core.wstrust.WSTrustRequestHandler;
+import org.jboss.identity.federation.core.wstrust.wrappers.BaseRequestSecurityToken;
+import org.jboss.identity.federation.core.wstrust.wrappers.RequestSecurityToken;
+import org.jboss.identity.federation.core.wstrust.wrappers.RequestSecurityTokenCollection;
+import org.jboss.identity.federation.core.wstrust.wrappers.RequestSecurityTokenResponse;
+import org.jboss.identity.federation.core.wstrust.wrappers.RequestSecurityTokenResponseCollection;
import org.w3c.dom.Document;
/**
Modified: identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/jboss/wstrust/JBossSTSConfiguration.java
===================================================================
--- identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/jboss/wstrust/JBossSTSConfiguration.java 2009-09-02 17:50:36 UTC (rev 757)
+++ identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/jboss/wstrust/JBossSTSConfiguration.java 2009-09-03 01:56:21 UTC (rev 758)
@@ -26,16 +26,16 @@
import java.util.HashMap;
import java.util.Map;
-import org.jboss.identity.federation.api.wstrust.STSConfiguration;
-import org.jboss.identity.federation.api.wstrust.SecurityTokenProvider;
-import org.jboss.identity.federation.api.wstrust.WSTrustRequestHandler;
-import org.jboss.identity.federation.api.wstrust.WSTrustServiceFactory;
import org.jboss.identity.federation.core.config.KeyProviderType;
import org.jboss.identity.federation.core.config.STSType;
import org.jboss.identity.federation.core.config.ServiceProviderType;
import org.jboss.identity.federation.core.config.ServiceProvidersType;
import org.jboss.identity.federation.core.config.TokenProviderType;
import org.jboss.identity.federation.core.config.TokenProvidersType;
+import org.jboss.identity.federation.core.wstrust.STSConfiguration;
+import org.jboss.identity.federation.core.wstrust.SecurityTokenProvider;
+import org.jboss.identity.federation.core.wstrust.WSTrustRequestHandler;
+import org.jboss.identity.federation.core.wstrust.WSTrustServiceFactory;
import org.jboss.identity.federation.web.interfaces.TrustKeyManager;
/**
Modified: identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/servlets/SOAPSAMLXACMLServlet.java
===================================================================
--- identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/servlets/SOAPSAMLXACMLServlet.java 2009-09-02 17:50:36 UTC (rev 757)
+++ identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/servlets/SOAPSAMLXACMLServlet.java 2009-09-03 01:56:21 UTC (rev 758)
@@ -40,10 +40,10 @@
import javax.xml.bind.helpers.DefaultValidationEventHandler;
import org.apache.log4j.Logger;
-import org.jboss.identity.federation.api.saml.v2.common.IDGenerator;
import org.jboss.identity.federation.api.saml.v2.response.SAML2Response;
import org.jboss.identity.federation.core.factories.SOAPFactory;
import org.jboss.identity.federation.core.factories.XACMLContextFactory;
+import org.jboss.identity.federation.core.saml.v2.common.IDGenerator;
import org.jboss.identity.federation.core.saml.v2.factories.SAMLAssertionFactory;
import org.jboss.identity.federation.core.saml.v2.holders.IssuerInfoHolder;
import org.jboss.identity.federation.core.saml.v2.util.DocumentUtil;
Modified: identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/idp/IDPRedirectValve.java
===================================================================
--- identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/idp/IDPRedirectValve.java 2009-09-02 17:50:36 UTC (rev 757)
+++ identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/idp/IDPRedirectValve.java 2009-09-03 01:56:21 UTC (rev 758)
@@ -42,14 +42,16 @@
import org.apache.catalina.util.LifecycleSupport;
import org.apache.catalina.valves.ValveBase;
import org.apache.log4j.Logger;
-import org.jboss.identity.federation.api.saml.v2.common.IDGenerator;
import org.jboss.identity.federation.api.saml.v2.request.SAML2Request;
import org.jboss.identity.federation.api.saml.v2.response.SAML2Response;
import org.jboss.identity.federation.bindings.tomcat.TomcatRoleGenerator;
import org.jboss.identity.federation.bindings.util.ValveUtil;
+import org.jboss.identity.federation.core.config.IDPType;
+import org.jboss.identity.federation.core.config.TrustType;
import org.jboss.identity.federation.core.exceptions.ConfigurationException;
import org.jboss.identity.federation.core.exceptions.ParsingException;
import org.jboss.identity.federation.core.exceptions.ProcessingException;
+import org.jboss.identity.federation.core.saml.v2.common.IDGenerator;
import org.jboss.identity.federation.core.saml.v2.constants.JBossSAMLURIConstants;
import org.jboss.identity.federation.core.saml.v2.exceptions.IssueInstantMissingException;
import org.jboss.identity.federation.core.saml.v2.exceptions.IssuerNotTrustedException;
@@ -61,8 +63,6 @@
import org.jboss.identity.federation.saml.v2.protocol.AuthnRequestType;
import org.jboss.identity.federation.saml.v2.protocol.RequestAbstractType;
import org.jboss.identity.federation.saml.v2.protocol.ResponseType;
-import org.jboss.identity.federation.core.config.IDPType;
-import org.jboss.identity.federation.core.config.TrustType;
import org.jboss.identity.federation.web.interfaces.RoleGenerator;
import org.jboss.identity.federation.web.util.ConfigurationUtil;
import org.jboss.identity.federation.web.util.HTTPRedirectUtil;
Modified: identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/sp/SPPostFormAuthenticator.java
===================================================================
--- identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/sp/SPPostFormAuthenticator.java 2009-09-02 17:50:36 UTC (rev 757)
+++ identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/sp/SPPostFormAuthenticator.java 2009-09-03 01:56:21 UTC (rev 758)
@@ -41,20 +41,20 @@
import org.apache.catalina.deploy.LoginConfig;
import org.apache.catalina.realm.GenericPrincipal;
import org.apache.log4j.Logger;
-import org.jboss.identity.federation.api.saml.v2.common.SAMLDocumentHolder;
import org.jboss.identity.federation.api.saml.v2.request.SAML2Request;
import org.jboss.identity.federation.api.saml.v2.response.SAML2Response;
-import org.jboss.identity.federation.core.config.TrustType;
import org.jboss.identity.federation.bindings.tomcat.sp.holder.ServiceProviderSAMLContext;
-import org.jboss.identity.federation.web.util.PostBindingUtil;
import org.jboss.identity.federation.bindings.util.ValveUtil;
+import org.jboss.identity.federation.core.config.TrustType;
import org.jboss.identity.federation.core.exceptions.ConfigurationException;
+import org.jboss.identity.federation.core.saml.v2.common.SAMLDocumentHolder;
import org.jboss.identity.federation.core.saml.v2.exceptions.AssertionExpiredException;
import org.jboss.identity.federation.core.saml.v2.exceptions.IssuerNotTrustedException;
import org.jboss.identity.federation.core.saml.v2.holders.DestinationInfoHolder;
import org.jboss.identity.federation.saml.v2.assertion.EncryptedElementType;
import org.jboss.identity.federation.saml.v2.protocol.AuthnRequestType;
import org.jboss.identity.federation.saml.v2.protocol.ResponseType;
+import org.jboss.identity.federation.web.util.PostBindingUtil;
import org.xml.sax.SAXException;
/**
Modified: identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/sp/SPPostSignatureFormAuthenticator.java
===================================================================
--- identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/sp/SPPostSignatureFormAuthenticator.java 2009-09-02 17:50:36 UTC (rev 757)
+++ identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/sp/SPPostSignatureFormAuthenticator.java 2009-09-03 01:56:21 UTC (rev 758)
@@ -35,18 +35,18 @@
import org.apache.catalina.LifecycleException;
import org.apache.catalina.connector.Response;
import org.apache.log4j.Logger;
-import org.jboss.identity.federation.api.saml.v2.common.SAMLDocumentHolder;
import org.jboss.identity.federation.api.saml.v2.request.SAML2Request;
-import org.jboss.identity.federation.api.util.XMLSignatureUtil;
import org.jboss.identity.federation.core.config.KeyProviderType;
+import org.jboss.identity.federation.core.saml.v2.common.SAMLDocumentHolder;
+import org.jboss.identity.federation.core.saml.v2.exceptions.IssuerNotTrustedException;
+import org.jboss.identity.federation.core.saml.v2.holders.DestinationInfoHolder;
+import org.jboss.identity.federation.core.util.XMLSignatureUtil;
+import org.jboss.identity.federation.saml.v2.protocol.AuthnRequestType;
+import org.jboss.identity.federation.saml.v2.protocol.ResponseType;
import org.jboss.identity.federation.web.interfaces.TrustKeyConfigurationException;
import org.jboss.identity.federation.web.interfaces.TrustKeyManager;
import org.jboss.identity.federation.web.interfaces.TrustKeyProcessingException;
import org.jboss.identity.federation.web.util.PostBindingUtil;
-import org.jboss.identity.federation.core.saml.v2.exceptions.IssuerNotTrustedException;
-import org.jboss.identity.federation.core.saml.v2.holders.DestinationInfoHolder;
-import org.jboss.identity.federation.saml.v2.protocol.AuthnRequestType;
-import org.jboss.identity.federation.saml.v2.protocol.ResponseType;
import org.w3c.dom.Document;
import org.xml.sax.SAXException;
Modified: identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/sp/SPUtil.java
===================================================================
--- identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/sp/SPUtil.java 2009-09-02 17:50:36 UTC (rev 757)
+++ identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/sp/SPUtil.java 2009-09-03 01:56:21 UTC (rev 758)
@@ -30,9 +30,9 @@
import org.apache.catalina.Context;
import org.apache.catalina.connector.Request;
import org.apache.catalina.realm.GenericPrincipal;
-import org.jboss.identity.federation.api.saml.v2.common.IDGenerator;
import org.jboss.identity.federation.api.saml.v2.request.SAML2Request;
import org.jboss.identity.federation.core.exceptions.ConfigurationException;
+import org.jboss.identity.federation.core.saml.v2.common.IDGenerator;
import org.jboss.identity.federation.core.saml.v2.constants.JBossSAMLURIConstants;
import org.jboss.identity.federation.core.saml.v2.exceptions.AssertionExpiredException;
import org.jboss.identity.federation.core.saml.v2.util.AssertionUtil;
Modified: identity-federation/trunk/jboss-identity-bindings/src/test/java/org/jboss/test/identity/federation/bindings/util/RedirectBindingSignatureUtilTestCase.java
===================================================================
--- identity-federation/trunk/jboss-identity-bindings/src/test/java/org/jboss/test/identity/federation/bindings/util/RedirectBindingSignatureUtilTestCase.java 2009-09-02 17:50:36 UTC (rev 757)
+++ identity-federation/trunk/jboss-identity-bindings/src/test/java/org/jboss/test/identity/federation/bindings/util/RedirectBindingSignatureUtilTestCase.java 2009-09-03 01:56:21 UTC (rev 758)
@@ -27,12 +27,12 @@
import junit.framework.TestCase;
-import org.jboss.identity.federation.api.saml.v2.common.IDGenerator;
import org.jboss.identity.federation.api.util.KeyStoreUtil;
-import org.jboss.identity.federation.web.util.RedirectBindingSignatureUtil;
+import org.jboss.identity.federation.core.saml.v2.common.IDGenerator;
import org.jboss.identity.federation.core.saml.v2.factories.JBossSAMLAuthnRequestFactory;
import org.jboss.identity.federation.core.saml.v2.util.SignatureUtil;
import org.jboss.identity.federation.saml.v2.protocol.AuthnRequestType;
+import org.jboss.identity.federation.web.util.RedirectBindingSignatureUtil;
/**
* Unit Test the redirect binding sig util
Modified: identity-federation/trunk/jboss-identity-bindings/src/test/java/org/jboss/test/identity/federation/bindings/util/RedirectBindingUtilTestCase.java
===================================================================
--- identity-federation/trunk/jboss-identity-bindings/src/test/java/org/jboss/test/identity/federation/bindings/util/RedirectBindingUtilTestCase.java 2009-09-02 17:50:36 UTC (rev 757)
+++ identity-federation/trunk/jboss-identity-bindings/src/test/java/org/jboss/test/identity/federation/bindings/util/RedirectBindingUtilTestCase.java 2009-09-03 01:56:21 UTC (rev 758)
@@ -27,12 +27,12 @@
import junit.framework.TestCase;
-import org.jboss.identity.federation.api.saml.v2.common.IDGenerator;
import org.jboss.identity.federation.api.saml.v2.request.SAML2Request;
-import org.jboss.identity.federation.web.util.RedirectBindingUtil;
+import org.jboss.identity.federation.core.saml.v2.common.IDGenerator;
import org.jboss.identity.federation.core.saml.v2.factories.JBossSAMLAuthnRequestFactory;
import org.jboss.identity.federation.saml.v2.protocol.AuthnRequestType;
import org.jboss.identity.federation.saml.v2.protocol.RequestAbstractType;
+import org.jboss.identity.federation.web.util.RedirectBindingUtil;
/**
* Unit Test the RedirectBindingUtil
Modified: identity-federation/trunk/jboss-identity-bindings/src/test/java/org/jboss/test/identity/federation/bindings/wstrust/JBossSTSUnitTestCase.java
===================================================================
--- identity-federation/trunk/jboss-identity-bindings/src/test/java/org/jboss/test/identity/federation/bindings/wstrust/JBossSTSUnitTestCase.java 2009-09-02 17:50:36 UTC (rev 757)
+++ identity-federation/trunk/jboss-identity-bindings/src/test/java/org/jboss/test/identity/federation/bindings/wstrust/JBossSTSUnitTestCase.java 2009-09-03 01:56:21 UTC (rev 758)
@@ -37,23 +37,23 @@
import junit.framework.TestCase;
-import org.jboss.identity.federation.api.wstrust.STSConfiguration;
-import org.jboss.identity.federation.api.wstrust.SecurityTokenProvider;
-import org.jboss.identity.federation.api.wstrust.StandardRequestHandler;
-import org.jboss.identity.federation.api.wstrust.WSTrustConstants;
-import org.jboss.identity.federation.api.wstrust.WSTrustException;
-import org.jboss.identity.federation.api.wstrust.WSTrustJAXBFactory;
-import org.jboss.identity.federation.api.wstrust.WSTrustRequestHandler;
-import org.jboss.identity.federation.api.wstrust.plugins.saml.SAML20TokenProvider;
-import org.jboss.identity.federation.api.wstrust.plugins.saml.SAMLUtil;
import org.jboss.identity.federation.bindings.jboss.subject.JBossIdentityPrincipal;
import org.jboss.identity.federation.bindings.jboss.wstrust.JBossSTS;
import org.jboss.identity.federation.core.exceptions.ConfigurationException;
-import org.jboss.identity.federation.core.wstrust.BaseRequestSecurityTokenResponse;
-import org.jboss.identity.federation.core.wstrust.Lifetime;
-import org.jboss.identity.federation.core.wstrust.RequestSecurityToken;
-import org.jboss.identity.federation.core.wstrust.RequestSecurityTokenResponse;
-import org.jboss.identity.federation.core.wstrust.RequestSecurityTokenResponseCollection;
+import org.jboss.identity.federation.core.wstrust.STSConfiguration;
+import org.jboss.identity.federation.core.wstrust.SecurityTokenProvider;
+import org.jboss.identity.federation.core.wstrust.StandardRequestHandler;
+import org.jboss.identity.federation.core.wstrust.WSTrustConstants;
+import org.jboss.identity.federation.core.wstrust.WSTrustException;
+import org.jboss.identity.federation.core.wstrust.WSTrustJAXBFactory;
+import org.jboss.identity.federation.core.wstrust.WSTrustRequestHandler;
+import org.jboss.identity.federation.core.wstrust.plugins.saml.SAML20TokenProvider;
+import org.jboss.identity.federation.core.wstrust.plugins.saml.SAMLUtil;
+import org.jboss.identity.federation.core.wstrust.wrappers.BaseRequestSecurityTokenResponse;
+import org.jboss.identity.federation.core.wstrust.wrappers.Lifetime;
+import org.jboss.identity.federation.core.wstrust.wrappers.RequestSecurityToken;
+import org.jboss.identity.federation.core.wstrust.wrappers.RequestSecurityTokenResponse;
+import org.jboss.identity.federation.core.wstrust.wrappers.RequestSecurityTokenResponseCollection;
import org.jboss.identity.federation.saml.v2.assertion.AssertionType;
import org.jboss.identity.federation.saml.v2.assertion.AudienceRestrictionType;
import org.jboss.identity.federation.saml.v2.assertion.ConditionAbstractType;
Modified: identity-federation/trunk/jboss-identity-bindings/src/test/java/org/jboss/test/identity/federation/bindings/wstrust/SpecialTokenProvider.java
===================================================================
--- identity-federation/trunk/jboss-identity-bindings/src/test/java/org/jboss/test/identity/federation/bindings/wstrust/SpecialTokenProvider.java 2009-09-02 17:50:36 UTC (rev 757)
+++ identity-federation/trunk/jboss-identity-bindings/src/test/java/org/jboss/test/identity/federation/bindings/wstrust/SpecialTokenProvider.java 2009-09-03 01:56:21 UTC (rev 758)
@@ -26,13 +26,13 @@
import javax.xml.parsers.ParserConfigurationException;
-import org.jboss.identity.federation.api.saml.v2.common.IDGenerator;
-import org.jboss.identity.federation.api.wstrust.SecurityToken;
-import org.jboss.identity.federation.api.wstrust.SecurityTokenProvider;
-import org.jboss.identity.federation.api.wstrust.StandardSecurityToken;
-import org.jboss.identity.federation.api.wstrust.WSTrustException;
-import org.jboss.identity.federation.api.wstrust.WSTrustRequestContext;
+import org.jboss.identity.federation.core.saml.v2.common.IDGenerator;
import org.jboss.identity.federation.core.saml.v2.util.DocumentUtil;
+import org.jboss.identity.federation.core.wstrust.SecurityToken;
+import org.jboss.identity.federation.core.wstrust.SecurityTokenProvider;
+import org.jboss.identity.federation.core.wstrust.StandardSecurityToken;
+import org.jboss.identity.federation.core.wstrust.WSTrustException;
+import org.jboss.identity.federation.core.wstrust.WSTrustRequestContext;
import org.w3c.dom.Document;
import org.w3c.dom.Element;
Modified: identity-federation/trunk/jboss-identity-bindings/src/test/resources/jboss-sts.xml
===================================================================
--- identity-federation/trunk/jboss-identity-bindings/src/test/resources/jboss-sts.xml 2009-09-02 17:50:36 UTC (rev 757)
+++ identity-federation/trunk/jboss-identity-bindings/src/test/resources/jboss-sts.xml 2009-09-03 01:56:21 UTC (rev 758)
@@ -8,11 +8,11 @@
<ValidatingAlias Key="http://services.testcorp.org/provider1" Value="service1"/>
<ValidatingAlias Key="http://services.testcorp.org/provider2" Value="service2"/>
</KeyProvider>
- <RequestHandler>org.jboss.identity.federation.api.wstrust.StandardRequestHandler</RequestHandler>
+ <RequestHandler>org.jboss.identity.federation.core.wstrust.StandardRequestHandler</RequestHandler>
<TokenProviders>
<TokenProvider ProviderClass="org.jboss.test.identity.federation.bindings.wstrust.SpecialTokenProvider"
TokenType="http://www.tokens.org/SpecialToken"/>
- <TokenProvider ProviderClass="org.jboss.identity.federation.api.wstrust.plugins.saml.SAML20TokenProvider"
+ <TokenProvider ProviderClass="org.jboss.identity.federation.core.wstrust.plugins.saml.SAML20TokenProvider"
TokenType="http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV2.0"/>
</TokenProviders>
<ServiceProviders>
Modified: identity-federation/trunk/jboss-identity-fed-api/src/main/java/org/jboss/identity/federation/api/saml/v2/request/SAML2Request.java
===================================================================
--- identity-federation/trunk/jboss-identity-fed-api/src/main/java/org/jboss/identity/federation/api/saml/v2/request/SAML2Request.java 2009-09-02 17:50:36 UTC (rev 757)
+++ identity-federation/trunk/jboss-identity-fed-api/src/main/java/org/jboss/identity/federation/api/saml/v2/request/SAML2Request.java 2009-09-03 01:56:21 UTC (rev 758)
@@ -34,10 +34,10 @@
import javax.xml.bind.Unmarshaller;
import javax.xml.parsers.ParserConfigurationException;
-import org.jboss.identity.federation.api.saml.v2.common.SAMLDocumentHolder;
import org.jboss.identity.federation.core.constants.JBossIdentityFederationConstants;
import org.jboss.identity.federation.core.exceptions.ConfigurationException;
import org.jboss.identity.federation.core.exceptions.ParsingException;
+import org.jboss.identity.federation.core.saml.v2.common.SAMLDocumentHolder;
import org.jboss.identity.federation.core.saml.v2.factories.JBossSAMLAuthnRequestFactory;
import org.jboss.identity.federation.core.saml.v2.factories.JBossSAMLBaseFactory;
import org.jboss.identity.federation.core.saml.v2.util.DocumentUtil;
Modified: identity-federation/trunk/jboss-identity-fed-api/src/main/java/org/jboss/identity/federation/api/saml/v2/response/SAML2Response.java
===================================================================
--- identity-federation/trunk/jboss-identity-fed-api/src/main/java/org/jboss/identity/federation/api/saml/v2/response/SAML2Response.java 2009-09-02 17:50:36 UTC (rev 757)
+++ identity-federation/trunk/jboss-identity-fed-api/src/main/java/org/jboss/identity/federation/api/saml/v2/response/SAML2Response.java 2009-09-03 01:56:21 UTC (rev 758)
@@ -37,10 +37,10 @@
import javax.xml.datatype.XMLGregorianCalendar;
import javax.xml.parsers.ParserConfigurationException;
-import org.jboss.identity.federation.api.saml.v2.common.SAMLDocumentHolder;
import org.jboss.identity.federation.core.constants.JBossIdentityFederationConstants;
import org.jboss.identity.federation.core.exceptions.ConfigurationException;
import org.jboss.identity.federation.core.exceptions.ParsingException;
+import org.jboss.identity.federation.core.saml.v2.common.SAMLDocumentHolder;
import org.jboss.identity.federation.core.saml.v2.constants.JBossSAMLURIConstants;
import org.jboss.identity.federation.core.saml.v2.exceptions.IssueInstantMissingException;
import org.jboss.identity.federation.core.saml.v2.factories.JBossSAMLAuthnResponseFactory;
Modified: identity-federation/trunk/jboss-identity-fed-api/src/main/java/org/jboss/identity/federation/api/saml/v2/sig/SAML2Signature.java
===================================================================
--- identity-federation/trunk/jboss-identity-fed-api/src/main/java/org/jboss/identity/federation/api/saml/v2/sig/SAML2Signature.java 2009-09-02 17:50:36 UTC (rev 757)
+++ identity-federation/trunk/jboss-identity-fed-api/src/main/java/org/jboss/identity/federation/api/saml/v2/sig/SAML2Signature.java 2009-09-03 01:56:21 UTC (rev 758)
@@ -37,9 +37,9 @@
import org.jboss.identity.federation.api.saml.v2.request.SAML2Request;
import org.jboss.identity.federation.api.saml.v2.response.SAML2Response;
-import org.jboss.identity.federation.api.util.XMLSignatureUtil;
import org.jboss.identity.federation.core.saml.v2.constants.JBossSAMLURIConstants;
import org.jboss.identity.federation.core.saml.v2.util.DocumentUtil;
+import org.jboss.identity.federation.core.util.XMLSignatureUtil;
import org.jboss.identity.federation.saml.v2.protocol.RequestAbstractType;
import org.jboss.identity.federation.saml.v2.protocol.ResponseType;
import org.w3c.dom.Document;
Deleted: identity-federation/trunk/jboss-identity-fed-api/src/main/java/org/jboss/identity/federation/api/util/XMLSignatureUtil.java
===================================================================
--- identity-federation/trunk/jboss-identity-fed-api/src/main/java/org/jboss/identity/federation/api/util/XMLSignatureUtil.java 2009-09-02 17:50:36 UTC (rev 757)
+++ identity-federation/trunk/jboss-identity-fed-api/src/main/java/org/jboss/identity/federation/api/util/XMLSignatureUtil.java 2009-09-03 01:56:21 UTC (rev 758)
@@ -1,340 +0,0 @@
-/*
- * JBoss, Home of Professional Open Source.
- * Copyright 2008, Red Hat Middleware LLC, and individual contributors
- * as indicated by the @author tags. See the copyright.txt file in the
- * distribution for a full listing of individual contributors.
- *
- * This is free software; you can redistribute it and/or modify it
- * under the terms of the GNU Lesser General Public License as
- * published by the Free Software Foundation; either version 2.1 of
- * the License, or (at your option) any later version.
- *
- * This software is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public
- * License along with this software; if not, write to the Free
- * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
- * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
- */
-package org.jboss.identity.federation.api.util;
-
-import java.io.OutputStream;
-import java.security.AccessController;
-import java.security.GeneralSecurityException;
-import java.security.Key;
-import java.security.KeyPair;
-import java.security.PrivateKey;
-import java.security.PrivilegedAction;
-import java.security.PublicKey;
-import java.util.Collections;
-import java.util.List;
-
-import javax.security.cert.X509Certificate;
-import javax.xml.bind.JAXBElement;
-import javax.xml.bind.JAXBException;
-import javax.xml.bind.Marshaller;
-import javax.xml.crypto.MarshalException;
-import javax.xml.crypto.dsig.CanonicalizationMethod;
-import javax.xml.crypto.dsig.DigestMethod;
-import javax.xml.crypto.dsig.Reference;
-import javax.xml.crypto.dsig.SignatureMethod;
-import javax.xml.crypto.dsig.SignedInfo;
-import javax.xml.crypto.dsig.Transform;
-import javax.xml.crypto.dsig.XMLSignature;
-import javax.xml.crypto.dsig.XMLSignatureException;
-import javax.xml.crypto.dsig.XMLSignatureFactory;
-import javax.xml.crypto.dsig.dom.DOMSignContext;
-import javax.xml.crypto.dsig.dom.DOMValidateContext;
-import javax.xml.crypto.dsig.keyinfo.KeyInfo;
-import javax.xml.crypto.dsig.keyinfo.KeyInfoFactory;
-import javax.xml.crypto.dsig.keyinfo.KeyValue;
-import javax.xml.crypto.dsig.spec.C14NMethodParameterSpec;
-import javax.xml.crypto.dsig.spec.TransformParameterSpec;
-import javax.xml.parsers.ParserConfigurationException;
-import javax.xml.transform.Transformer;
-import javax.xml.transform.TransformerException;
-import javax.xml.transform.TransformerFactory;
-import javax.xml.transform.stream.StreamResult;
-
-import org.apache.log4j.Logger;
-import org.jboss.identity.federation.core.saml.v2.constants.JBossSAMLURIConstants;
-import org.jboss.identity.federation.core.saml.v2.util.DocumentUtil;
-import org.jboss.identity.federation.core.util.JAXBUtil;
-import org.jboss.identity.xmlsec.w3.xmldsig.ObjectFactory;
-import org.jboss.identity.xmlsec.w3.xmldsig.SignatureType;
-import org.w3c.dom.Document;
-import org.w3c.dom.Node;
-import org.w3c.dom.NodeList;
-import org.xml.sax.SAXException;
-
-/**
- * Utility for XML Signature
- * @author Anil.Saldhana(a)redhat.com
- * @since Dec 15, 2008
- */
-public class XMLSignatureUtil
-{
- private static Logger log = Logger.getLogger(XMLSignatureUtil.class);
- private static boolean trace = log.isTraceEnabled();
-
- private static String pkgName = "org.jboss.identity.federation.w3.xmldsig";
- private static String schemaLocation = "schema/saml/v2/xmldsig-core-schema.xsd";
-
- private static ObjectFactory objectFactory = new ObjectFactory();
-
- private static XMLSignatureFactory fac = getXMLSignatureFactory();
-
- private static XMLSignatureFactory getXMLSignatureFactory()
- {
- XMLSignatureFactory xsf = null;
-
- try
- {
- xsf = XMLSignatureFactory.getInstance("DOM");
- }
- catch(Exception err)
- {
- //JDK5
- xsf = XMLSignatureFactory.getInstance("DOM",
- new org.jcp.xml.dsig.internal.dom.XMLDSigRI());
- }
- return xsf;
- }
-
- //Set some system properties
- static
- {
- AccessController.doPrivileged(new PrivilegedAction<Object>()
- {
- public Object run()
- {
- System.setProperty("org.apache.xml.security.ignoreLineBreaks", "true");
- return null;
- }
- });
- };
-
- /**
- * Precheck whether the document that will be validated
- * has the right signedinfo
- * @param doc
- * @return
- */
- public static boolean preCheckSignedInfo(Document doc)
- {
- NodeList nl = doc.getElementsByTagNameNS(JBossSAMLURIConstants.XMLDSIG_NSURI.get(), "SignedInfo");
- return nl != null ? nl.getLength() > 0 : false;
- }
-
- /**
- * Sign a node in a document
- * @param doc Document
- * @param parentOfNodeToBeSigned Parent Node of the node to be signed
- * @param signingKey Private Key
- * @param certificate X509 Certificate holding the public key
- * @param digestMethod (Example: DigestMethod.SHA1)
- * @param signatureMethod (Example: SignatureMethod.DSA_SHA1)
- * @param referenceURI
- * @return Document that contains the signed node
- * @throws XMLSignatureException
- * @throws MarshalException
- * @throws GeneralSecurityException
- * @throws ParserConfigurationException
- */
- public static Document sign(Document doc,
- Node parentOfNodeToBeSigned,
- PrivateKey signingKey,
- X509Certificate certificate,
- String digestMethod,
- String signatureMethod,
- String referenceURI)
- throws ParserConfigurationException, GeneralSecurityException, MarshalException, XMLSignatureException
- {
- KeyPair keyPair = new KeyPair(certificate.getPublicKey(),signingKey);
- return sign(doc,parentOfNodeToBeSigned, keyPair,
- digestMethod, signatureMethod, referenceURI);
- }
-
- /**
- * Sign a node in a document
- * @param doc
- * @param nodeToBeSigned
- * @param keyPair
- * @param publicKey
- * @param digestMethod
- * @param signatureMethod
- * @param referenceURI
- * @return
- * @throws ParserConfigurationException
- * @throws XMLSignatureException
- * @throws MarshalException
- * @throws GeneralSecurityException
- */
- public static Document sign(Document doc,
- Node nodeToBeSigned,
- KeyPair keyPair,
- String digestMethod,
- String signatureMethod,
- String referenceURI) throws ParserConfigurationException, GeneralSecurityException, MarshalException, XMLSignatureException
- {
- if(nodeToBeSigned == null)
- throw new IllegalArgumentException("Node to be signed is null");
- if(trace)
- {
- try
- {
- log.trace("Document to be signed=" + DocumentUtil.getDocumentAsString(doc));
- }catch (Exception e) {}
- }
-
- Node parentNode = nodeToBeSigned.getParentNode();
-
- //Let us create a new Document
- Document newDoc = DocumentUtil.createDocument();
- //Import the node
- Node signingNode = newDoc.importNode(nodeToBeSigned, true);
- newDoc.appendChild(signingNode);
-
- newDoc = sign(newDoc, keyPair, digestMethod, signatureMethod, referenceURI);
-
- //Now let us import this signed doc into the original document we got in the method call
- Node signedNode = doc.importNode(newDoc.getFirstChild(), true);
-
- parentNode.replaceChild(signedNode, nodeToBeSigned);
- //doc.getDocumentElement().replaceChild(signedNode, nodeToBeSigned);
-
- return doc;
- }
-
-
- /**
- * Sign the root element
- * @param doc
- * @param signingKey
- * @param publicKey
- * @param digestMethod
- * @param signatureMethod
- * @param referenceURI
- * @return
- * @throws GeneralSecurityException
- * @throws XMLSignatureException
- * @throws MarshalException
- */
- public static Document sign(Document doc,
- KeyPair keyPair,
- String digestMethod,
- String signatureMethod,
- String referenceURI) throws GeneralSecurityException, MarshalException, XMLSignatureException
- {
- if(trace)
- {
- try
- {
- log.trace("Document to be signed=" + DocumentUtil.getDocumentAsString(doc));
- }catch (Exception e) {}
- }
- PrivateKey signingKey = keyPair.getPrivate();
- PublicKey publicKey = keyPair.getPublic();
-
- DOMSignContext dsc = new DOMSignContext(signingKey, doc.getDocumentElement());
- dsc.setDefaultNamespacePrefix("dsig");
-
-// dsc.putNamespacePrefix(XMLSignature.XMLNS, "ds");
-
- DigestMethod digestMethodObj = fac.newDigestMethod(digestMethod, null);
- Transform transform = fac.newTransform(Transform.ENVELOPED,
- (TransformParameterSpec) null);
-
- List<Transform> transformList = Collections.singletonList(transform);
- Reference ref = fac.newReference
- ( referenceURI, digestMethodObj,transformList,null, null);
-
- String canonicalizationMethodType = CanonicalizationMethod.EXCLUSIVE_WITH_COMMENTS;
- CanonicalizationMethod canonicalizationMethod
- = fac.newCanonicalizationMethod
- (canonicalizationMethodType, (C14NMethodParameterSpec) null);
-
- List<Reference> referenceList = Collections.singletonList(ref);
- SignatureMethod signatureMethodObj = fac.newSignatureMethod(signatureMethod, null);
- SignedInfo si = fac.newSignedInfo (canonicalizationMethod, signatureMethodObj ,
- referenceList);
-
- KeyInfoFactory kif = fac.getKeyInfoFactory();
- KeyValue kv = kif.newKeyValue(publicKey);
- KeyInfo ki = kif.newKeyInfo(Collections.singletonList(kv));
-
- XMLSignature signature = fac.newXMLSignature(si, ki);
-
- signature.sign(dsc);
-
- return doc;
- }
- /**
- * Validate a signed document with the given public key
- * @param signedDoc
- * @param publicKey
- * @return
- * @throws MarshalException
- * @throws XMLSignatureException
- */
- @SuppressWarnings("unchecked")
- public static boolean validate(Document signedDoc, Key publicKey) throws MarshalException, XMLSignatureException
- {
- NodeList nl = signedDoc.getElementsByTagNameNS(XMLSignature.XMLNS, "Signature");
- if (nl == null || nl.getLength() == 0)
- {
- throw new IllegalArgumentException("Cannot find Signature element");
- }
- if(publicKey == null)
- throw new IllegalArgumentException("Public Key is null");
-
- DOMValidateContext valContext = new DOMValidateContext(publicKey, nl.item(0));
- XMLSignature signature = fac.unmarshalXMLSignature(valContext);
- boolean coreValidity = signature.validate(valContext);
-
- if(trace && !coreValidity)
- {
- boolean sv = signature.getSignatureValue().validate(valContext);
- log.trace("Signature validation status: " + sv);
-
- List<Reference> references = signature.getSignedInfo().getReferences();
- for(Reference ref:references)
- {
- log.trace("[Ref id=" + ref.getId() +":uri=" + ref.getURI() +
- "]validity status:" + ref.validate(valContext));
- }
- }
- return coreValidity;
- }
-
- /**
- * Marshall a SignatureType to output stream
- * @param signature
- * @param os
- * @throws SAXException
- * @throws JAXBException
- */
- public static void marshall(SignatureType signature, OutputStream os) throws JAXBException, SAXException
- {
- JAXBElement<SignatureType> jsig = objectFactory.createSignature(signature);
- Marshaller marshaller = JAXBUtil.getValidatingMarshaller(pkgName, schemaLocation);
- marshaller.marshal(jsig, os);
- }
-
- /**
- * Marshall the signed document to an output stream
- * @param signedDocument
- * @param os
- * @throws TransformerException
- */
- public static void marshall(Document signedDocument, OutputStream os)
- throws TransformerException
- {
- TransformerFactory tf = TransformerFactory.newInstance();
- Transformer trans = tf.newTransformer();
- trans.transform(DocumentUtil.getXMLSource(signedDocument), new StreamResult(os));
- }
-}
\ No newline at end of file
Deleted: identity-federation/trunk/jboss-identity-fed-api/src/main/java/org/jboss/identity/federation/api/wstrust/STSConfiguration.java
===================================================================
--- identity-federation/trunk/jboss-identity-fed-api/src/main/java/org/jboss/identity/federation/api/wstrust/STSConfiguration.java 2009-09-02 17:50:36 UTC (rev 757)
+++ identity-federation/trunk/jboss-identity-fed-api/src/main/java/org/jboss/identity/federation/api/wstrust/STSConfiguration.java 2009-09-03 01:56:21 UTC (rev 758)
@@ -1,149 +0,0 @@
-/*
- * JBoss, Home of Professional Open Source.
- * Copyright 2009, Red Hat Middleware LLC, and individual contributors
- * as indicated by the @author tags. See the copyright.txt file in the
- * distribution for a full listing of individual contributors.
- *
- * This is free software; you can redistribute it and/or modify it
- * under the terms of the GNU Lesser General Public License as
- * published by the Free Software Foundation; either version 2.1 of
- * the License, or (at your option) any later version.
- *
- * This software is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public
- * License along with this software; if not, write to the Free
- * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
- * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
- */
-package org.jboss.identity.federation.api.wstrust;
-
-import java.security.KeyPair;
-import java.security.PublicKey;
-import java.util.Map;
-
-/**
- * <p>
- * The {@code STSConfiguration} interface allows access to the security token service (STS) configuration attributes.
- * </p>
- *
- * @author <a href="mailto:sguilhen@redhat.com">Stefan Guilhen</a>
- */
-public interface STSConfiguration
-{
-
- /**
- * <p>
- * Obtains the unique name of the secure token service.
- * </p>
- *
- * @return a {@code String} representing the STS name.
- */
- public String getSTSName();
-
- /**
- * <p>
- * Indicates whether the issued token should be encrypted or not.
- * </p>
- *
- * @return {@code true} if the issued token is to be encrypted; {@code false} otherwise.
- */
- public boolean encryptIssuedToken();
-
- /**
- * <p>
- * Indicates whether the issued token should be digitally signed or not.
- * </p>
- *
- * @return {@code true} if the issued token is to be signed; {@code false} otherwise.
- */
- public boolean signIssuedToken();
-
- /**
- * <p>
- * Obtains the timeout value (in milliseconds) for issued tokens.
- * </p>
- *
- * @return the token timeout value.
- */
- public long getIssuedTokenTimeout();
-
- /**
- * <p>
- * Obtains the WS-Trust request handler class.
- * </p>
- *
- * @return a reference to the configured {@code WSTrustRequestHandler}.
- */
- public WSTrustRequestHandler getRequestHandler();
-
- /**
- * <p>
- * Given the name of a service provider, obtains the type of the token that should be used when issuing tokens to
- * clients of that service.
- * </p>
- *
- * @param serviceName the name of the service provider that requires a token from its clients.
- * @return a {@code String} representing the type of the token that suits the specified service.
- */
- public String getTokenTypeForService(String serviceName);
-
- /**
- * <p>
- * Given the name of a service provider, obtains the provider that must be used when issuing tokens to clients of
- * that service. When requesting a token to the STS, a client can specify the service it needs the token for using
- * the {@code AppliesTo} element. Based on the service provider name, the STS identifies the type of the token that
- * is to be issued and then selects the appropriate token provider to handle the request.
- * </p>
- *
- * @param serviceName the name of the service provider that requires a token from its clients.
- * @return a reference to the {@code SecurityTokenProvider} that must be used in order to issue tokens to clients of
- * the specified service.
- */
- public SecurityTokenProvider getProviderForService(String serviceName);
-
- /**
- * <p>
- * Given a token type, obtains the token provider that should be used to handle token requests of that type. When a
- * client doesn't specify the service provider name through the {@code AppliesTo} element, it must specify the token
- * type through the {@code TokenType} element. The STS uses the supplied type to select the appropriate token
- * provider.
- * </p>
- *
- * @param tokenType a {@code String} representing the type of the token.
- * @return a reference to the {@code SecurityTokenProvider} that must be used to handle token requests of the
- * specified type.
- */
- public SecurityTokenProvider getProviderForTokenType(String tokenType);
-
- /**
- * <p>
- * Obtains a {@code Map} that contains the non-standard configuration options.
- * </p>
- *
- * @return a {@code Map<String, Object>} containing the additional configuration options.
- */
- public Map<String, Object> getOptions();
-
- /**
- * <p>
- * Obtains a reference to the {@code KeyPair} object that contains the STS {@code PrivateKey} and {@code PublicKey}.
- * </p>
- *
- * @return a reference to the STS {@code KeyPair}.
- */
- public KeyPair getSTSKeyPair();
-
- /**
- * <p>
- * Obtains the public key of the specified service provider. The returned key is used to encrypt issued tokens.
- * </p>
- *
- * @param serviceName the name of the service provider (normally the provider URL).
- * @return a reference to the provider's {@code PublicKey}
- */
- public PublicKey getServiceProviderPublicKey(String serviceName);
-}
Deleted: identity-federation/trunk/jboss-identity-fed-api/src/main/java/org/jboss/identity/federation/api/wstrust/SecurityActions.java
===================================================================
--- identity-federation/trunk/jboss-identity-fed-api/src/main/java/org/jboss/identity/federation/api/wstrust/SecurityActions.java 2009-09-02 17:50:36 UTC (rev 757)
+++ identity-federation/trunk/jboss-identity-fed-api/src/main/java/org/jboss/identity/federation/api/wstrust/SecurityActions.java 2009-09-03 01:56:21 UTC (rev 758)
@@ -1,108 +0,0 @@
-/*
- * JBoss, Home of Professional Open Source.
- * Copyright 2009, Red Hat Middleware LLC, and individual contributors
- * as indicated by the @author tags. See the copyright.txt file in the
- * distribution for a full listing of individual contributors.
- *
- * This is free software; you can redistribute it and/or modify it
- * under the terms of the GNU Lesser General Public License as
- * published by the Free Software Foundation; either version 2.1 of
- * the License, or (at your option) any later version.
- *
- * This software is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public
- * License along with this software; if not, write to the Free
- * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
- * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
- */
-package org.jboss.identity.federation.api.wstrust;
-
-import java.security.AccessController;
-import java.security.PrivilegedAction;
-import java.security.PrivilegedActionException;
-import java.security.PrivilegedExceptionAction;
-
-/**
- * <p>
- * Utility class that executes actions such as creating a class in privileged blocks.
- * </p>
- *
- * @author <a href="mailto:sguilhen@redhat.com">Stefan Guilhen</a>
- */
-class SecurityActions
-{
-
- /**
- * <p>
- * Gets the thread context class loader using a privileged block.
- * </p>
- *
- * @return a reference to the thread context {@code ClassLoader}.
- */
- static ClassLoader getContextClassLoader()
- {
- return AccessController.doPrivileged(new PrivilegedAction<ClassLoader>()
- {
- public ClassLoader run()
- {
- return Thread.currentThread().getContextClassLoader();
- }
- });
- }
-
- /**
- * <p>
- * Loads a class using the thread context class loader in a privileged block.
- * </p>
- *
- * @param name the fully-qualified name of the class to be loaded.
- * @return a reference to the loaded {@code Class}.
- * @throws PrivilegedActionException if an error occurs while loading the class. This exception wraps the real cause
- * of the error, so classes using this method must perform a {@code getCause()} in order to get a
- * reference to the root of the error.
- */
- static Class<?> loadClass(final String name) throws PrivilegedActionException
- {
- return AccessController.doPrivileged(new PrivilegedExceptionAction<Class<?>>()
- {
- public Class<?> run() throws PrivilegedActionException
- {
- try
- {
- return getContextClassLoader().loadClass(name);
- }
- catch (Exception e)
- {
- throw new PrivilegedActionException(e);
- }
- }
- });
- }
-
- /**
- * <p>
- * Creates an instance of the specified class in a privileged block. The class must define a default constructor.
- * </p>
- *
- * @param className the fully-qualified name of the class to be instantiated.
- * @return a reference to the instantiated {@code Object}.
- * @throws PrivilegedActionException if an error occurs while instantiating the class. This exception wraps the real
- * cause of the error, so classes using this method must perform a {@code getCause()} in order to get a
- * reference to the root of the error.
- */
- static Object instantiateClass(final String className) throws PrivilegedActionException
- {
- return AccessController.doPrivileged(new PrivilegedExceptionAction<Object>()
- {
- public Object run() throws Exception
- {
- Class<?> objectClass = loadClass(className);
- return objectClass.newInstance();
- }
- });
- }
-}
\ No newline at end of file
Deleted: identity-federation/trunk/jboss-identity-fed-api/src/main/java/org/jboss/identity/federation/api/wstrust/SecurityToken.java
===================================================================
--- identity-federation/trunk/jboss-identity-fed-api/src/main/java/org/jboss/identity/federation/api/wstrust/SecurityToken.java 2009-09-02 17:50:36 UTC (rev 757)
+++ identity-federation/trunk/jboss-identity-fed-api/src/main/java/org/jboss/identity/federation/api/wstrust/SecurityToken.java 2009-09-03 01:56:21 UTC (rev 758)
@@ -1,60 +0,0 @@
-/*
- * JBoss, Home of Professional Open Source.
- * Copyright 2009, Red Hat Middleware LLC, and individual contributors
- * as indicated by the @author tags. See the copyright.txt file in the
- * distribution for a full listing of individual contributors.
- *
- * This is free software; you can redistribute it and/or modify it
- * under the terms of the GNU Lesser General Public License as
- * published by the Free Software Foundation; either version 2.1 of
- * the License, or (at your option) any later version.
- *
- * This software is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public
- * License along with this software; if not, write to the Free
- * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
- * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
- */
-package org.jboss.identity.federation.api.wstrust;
-
-/**
- * <p>
- * Interface that represents a security token.
- * </p>
- *
- * @author <a href="mailto:sguilhen@redhat.com">Stefan Guilhen</a>
- */
-public interface SecurityToken
-{
-
- /**
- * <p>
- * Obtains the security token unique identifier.
- * </p>
- *
- * @return a {@code String} representing the token id.
- */
- public String getTokenID();
-
- /**
- * <p>
- * Obtains the type of the security token.
- * </p>
- *
- * @return a {@code String} representing the security token type.
- */
- public String getTokenType();
-
- /**
- * <p>
- * Obtains the value of the security token.
- * </p>
- *
- * @return an {@code Object} representing the security token value.
- */
- public Object getTokenValue();
-}
Deleted: identity-federation/trunk/jboss-identity-fed-api/src/main/java/org/jboss/identity/federation/api/wstrust/SecurityTokenProvider.java
===================================================================
--- identity-federation/trunk/jboss-identity-fed-api/src/main/java/org/jboss/identity/federation/api/wstrust/SecurityTokenProvider.java 2009-09-02 17:50:36 UTC (rev 757)
+++ identity-federation/trunk/jboss-identity-fed-api/src/main/java/org/jboss/identity/federation/api/wstrust/SecurityTokenProvider.java 2009-09-03 01:56:21 UTC (rev 758)
@@ -1,76 +0,0 @@
-/*
- * JBoss, Home of Professional Open Source.
- * Copyright 2009, Red Hat Middleware LLC, and individual contributors
- * as indicated by the @author tags. See the copyright.txt file in the
- * distribution for a full listing of individual contributors.
- *
- * This is free software; you can redistribute it and/or modify it
- * under the terms of the GNU Lesser General Public License as
- * published by the Free Software Foundation; either version 2.1 of
- * the License, or (at your option) any later version.
- *
- * This software is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public
- * License along with this software; if not, write to the Free
- * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
- * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
- */
-package org.jboss.identity.federation.api.wstrust;
-
-/**
- * <p>
- * This interface defines the methods that must be implemented by security token providers.
- * </p>
- *
- * @author <a href="mailto:sguilhen@redhat.com">Stefan Guilhen</a>
- */
-public interface SecurityTokenProvider
-{
- /**
- * <p>
- * Generates a security token using the information contained in the specified request context and stores the
- * newly-created token in the context itself.
- * </p>
- *
- * @param context the {@code WSTrustRequestContext} to be used when generating the token.
- * @throws WSTrustException if an error occurs while creating the security token.
- */
- public void issueToken(WSTrustRequestContext context) throws WSTrustException;
-
- /**
- * <p>
- * Renews the security token contained in the specified request context. This method is used when a previously
- * generated token has expired, generating a new version of the same token with different expiration semantics.
- * </p>
- *
- * @param context the {@code WSTrustRequestContext} that contains the token to be renewed.
- * @throws WSTrustException if an error occurs while renewing the security token.
- */
- public void renewToken(WSTrustRequestContext context) throws WSTrustException;
-
- /**
- * <p>
- * Cancels the token contained in the specified request context. A security token is usually canceled when one wants
- * to make sure that the token will not be used anymore. A security token can't be renewed once it has been canceled.
- * </p>
- *
- * @param context the {@code WSTrustRequestContext} that contains the token to be canceled.
- * @throws WSTrustException if an error occurs while canceling the security token.
- */
- public void cancelToken(WSTrustRequestContext context) throws WSTrustException;
-
- /**
- * <p>
- * Evaluates the validity of the token contained in the specified request context and sets the result in the context
- * itself. The result can be a status, a new token, or both.
- * </p>
- *
- * @param context the {@code WSTrustRequestContext} that contains the token to be validated.
- * @throws WSTrustException if an error occurs while validating the security token.
- */
- public void validateToken(WSTrustRequestContext context) throws WSTrustException;
-}
Deleted: identity-federation/trunk/jboss-identity-fed-api/src/main/java/org/jboss/identity/federation/api/wstrust/SecurityTokenService.java
===================================================================
--- identity-federation/trunk/jboss-identity-fed-api/src/main/java/org/jboss/identity/federation/api/wstrust/SecurityTokenService.java 2009-09-02 17:50:36 UTC (rev 757)
+++ identity-federation/trunk/jboss-identity-fed-api/src/main/java/org/jboss/identity/federation/api/wstrust/SecurityTokenService.java 2009-09-03 01:56:21 UTC (rev 758)
@@ -1,43 +0,0 @@
-/*
- * JBoss, Home of Professional Open Source.
- * Copyright 2009, Red Hat Middleware LLC, and individual contributors
- * as indicated by the @author tags. See the copyright.txt file in the
- * distribution for a full listing of individual contributors.
- *
- * This is free software; you can redistribute it and/or modify it
- * under the terms of the GNU Lesser General Public License as
- * published by the Free Software Foundation; either version 2.1 of
- * the License, or (at your option) any later version.
- *
- * This software is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public
- * License along with this software; if not, write to the Free
- * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
- * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
- */
-package org.jboss.identity.federation.api.wstrust;
-
-import javax.xml.transform.Source;
-import javax.xml.ws.Provider;
-
-/**
- * <p>
- * The {@code SecurityTokenService} (STS) interface. It extends the {@code Provider} interface so that it can be
- * dynamically invoked (as opposed to having a service endpoint interface).
- * </p>
- *
- * @author <a href="mailto:sguilhen@redhat.com">Stefan Guilhen</a>
- */
-public interface SecurityTokenService extends Provider<Source>
-{
- /*
- * (non-Javadoc)
- *
- * @see javax.xml.ws.Provider#invoke(java.lang.Object)
- */
- public Source invoke(Source request);
-}
Deleted: identity-federation/trunk/jboss-identity-fed-api/src/main/java/org/jboss/identity/federation/api/wstrust/StandardRequestHandler.java
===================================================================
--- identity-federation/trunk/jboss-identity-fed-api/src/main/java/org/jboss/identity/federation/api/wstrust/StandardRequestHandler.java 2009-09-02 17:50:36 UTC (rev 757)
+++ identity-federation/trunk/jboss-identity-fed-api/src/main/java/org/jboss/identity/federation/api/wstrust/StandardRequestHandler.java 2009-09-03 01:56:21 UTC (rev 758)
@@ -1,423 +0,0 @@
-/*
- * JBoss, Home of Professional Open Source.
- * Copyright 2009, Red Hat Middleware LLC, and individual contributors
- * as indicated by the @author tags. See the copyright.txt file in the
- * distribution for a full listing of individual contributors.
- *
- * This is free software; you can redistribute it and/or modify it
- * under the terms of the GNU Lesser General Public License as
- * published by the Free Software Foundation; either version 2.1 of
- * the License, or (at your option) any later version.
- *
- * This software is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public
- * License along with this software; if not, write to the Free
- * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
- * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
- */
-package org.jboss.identity.federation.api.wstrust;
-
-import java.net.URI;
-import java.security.KeyPair;
-import java.security.Principal;
-import java.security.PublicKey;
-
-import javax.xml.crypto.dsig.DigestMethod;
-import javax.xml.crypto.dsig.SignatureMethod;
-
-import org.apache.log4j.Logger;
-import org.jboss.identity.federation.api.util.XMLSignatureUtil;
-import org.jboss.identity.federation.api.wstrust.plugins.saml.SAMLUtil;
-import org.jboss.identity.federation.core.saml.v2.util.DocumentUtil;
-import org.jboss.identity.federation.core.wstrust.RequestSecurityToken;
-import org.jboss.identity.federation.core.wstrust.RequestSecurityTokenResponse;
-import org.jboss.identity.federation.ws.policy.AppliesTo;
-import org.jboss.identity.federation.ws.trust.RequestedSecurityTokenType;
-import org.jboss.identity.federation.ws.trust.StatusType;
-import org.w3c.dom.Document;
-import org.w3c.dom.Element;
-import org.w3c.dom.Node;
-
-/**
- * <p>
- * Default implementation of the {@code WSTrustRequestHandler} interface. It creates the request context containing the
- * original WS-Trust request as well as any information that may be relevant to the token processing, and delegates the
- * actual token handling processing to the appropriate {@code SecurityTokenProvider}.
- * </p>
- *
- * @author <a href="mailto:sguilhen@redhat.com">Stefan Guilhen</a>
- */
-public class StandardRequestHandler implements WSTrustRequestHandler
-{
- private static Logger log = Logger.getLogger(StandardRequestHandler.class);
- private boolean trace = log.isTraceEnabled();
-
- private STSConfiguration configuration;
-
- /*
- * (non-Javadoc)
- *
- * @see
- * org.jboss.identity.federation.api.wstrust.WSTrustRequestHandler#initialize(org.jboss.identity.federation.api.wstrust
- * .STSConfiguration)
- */
- public void initialize(STSConfiguration configuration)
- {
- this.configuration = configuration;
- }
-
- /*
- * (non-Javadoc)
- *
- * @see
- * org.jboss.identity.federation.api.wstrust.WSTrustRequestHandler#issue(org.jboss.identity.federation.api.wstrust
- * .protocol.RequestSecurityToken, java.security.Principal)
- */
- public RequestSecurityTokenResponse issue(RequestSecurityToken request, Principal callerPrincipal)
- throws WSTrustException
- {
- Document rstDocument = request.getRSTDocument();
- if( rstDocument == null)
- throw new IllegalArgumentException("Request does not contain the DOM Document");
-
- SecurityTokenProvider provider = null;
-
- // first try to obtain the security token provider using the applies-to contents.
- AppliesTo appliesTo = request.getAppliesTo();
- PublicKey providerPublicKey = null;
- if (appliesTo != null)
- {
- String serviceName = WSTrustUtil.parseAppliesTo(appliesTo);
- if (serviceName != null)
- {
- provider = this.configuration.getProviderForService(serviceName);
- request.setTokenType(URI.create(this.configuration.getTokenTypeForService(serviceName)));
- providerPublicKey = this.configuration.getServiceProviderPublicKey(serviceName);
- }
- }
- // if applies-to is not available or if no provider was found for the service, use the token type.
- if (provider == null && request.getTokenType() != null)
- {
- provider = this.configuration.getProviderForTokenType(request.getTokenType().toString());
- }
- else if (appliesTo == null && request.getTokenType() == null)
- throw new WSTrustException("Either AppliesTo or TokenType must be present in a security token request");
-
- if (provider != null)
- {
- // create the request context and delegate token generation to the provider.
- WSTrustRequestContext requestContext = new WSTrustRequestContext(request, callerPrincipal);
- requestContext.setTokenIssuer(this.configuration.getSTSName());
- if (request.getLifetime() == null && this.configuration.getIssuedTokenTimeout() != 0)
- {
- // if no lifetime has been specified, use the configured timeout value.
- request.setLifetime(WSTrustUtil.createDefaultLifetime(this.configuration.getIssuedTokenTimeout()));
- }
- requestContext.setServiceProviderPublicKey(providerPublicKey);
- provider.issueToken(requestContext);
-
- if (requestContext.getSecurityToken() == null)
- throw new WSTrustException("Token issued by provider " + provider.getClass().getName() + " is null");
-
- // sign the issued token if needed.
- /*if (this.configuration.signIssuedToken() && this.configuration.getSTSKeyPair() != null)
- {
- KeyPair keyPair = this.configuration.getSTSKeyPair();
- if (keyPair != null)
- {
- URI signatureURI = request.getSignatureAlgorithm();
- String signatureMethod = signatureURI != null ? signatureURI.toString() : SignatureMethod.RSA_SHA1;
- try
- {
- Element tokenElement = (Element) requestContext.getSecurityToken().getTokenValue();
- XMLSignatureUtil.sign(tokenElement.getOwnerDocument(), keyPair, DigestMethod.SHA1, signatureMethod,
- "#" + requestContext.getSecurityToken().getTokenID());
- if(trace)
- {
- try
- {
- log.trace("Signed Token:" + DocumentUtil.getNodeAsString(tokenElement));
-
- Document tokenDocument = DocumentUtil.createDocument();
- tokenDocument.appendChild(tokenDocument.importNode(tokenElement, true));
- log.trace("valid=" + XMLSignatureUtil.validate(tokenDocument, keyPair.getPublic()));
-
- }catch(Exception ignore){}
- }
- }
- catch (Exception e)
- {
- throw new WSTrustException("Failed to sign security token", e);
- }
- }
- }*/
-
- // construct the ws-trust security token response.
- RequestedSecurityTokenType requestedSecurityToken = new RequestedSecurityTokenType();
- requestedSecurityToken.setAny(requestContext.getSecurityToken().getTokenValue());
-
- // TODO: create proof token and encrypt the token if needed
-
- RequestSecurityTokenResponse response = new RequestSecurityTokenResponse();
- if (request.getContext() != null)
- response.setContext(request.getContext());
-
- response.setTokenType(request.getTokenType());
- response.setLifetime(request.getLifetime());
- response.setAppliesTo(appliesTo);
- response.setRequestedSecurityToken(requestedSecurityToken);
-
- // set the attached and unattached references.
- if (requestContext.getAttachedReference() != null)
- response.setRequestedAttachedReference(requestContext.getAttachedReference());
- if (requestContext.getUnattachedReference() != null)
- response.setRequestedUnattachedReference(requestContext.getUnattachedReference());
-
- return response;
- }
- else
- throw new WSTrustException("Unable to find a token provider for the token request");
- }
-
- /*
- * (non-Javadoc)
- *
- * @see
- * org.jboss.identity.federation.api.wstrust.WSTrustRequestHandler#renew(org.jboss.identity.federation.api.wstrust
- * .protocol.RequestSecurityToken, java.security.Principal)
- */
- public RequestSecurityTokenResponse renew(RequestSecurityToken request, Principal callerPrincipal)
- throws WSTrustException
- {
- Document rstDocument = request.getRSTDocument();
- if( rstDocument == null)
- throw new IllegalArgumentException("Request does not contain the DOM Document");
-
- SecurityTokenProvider provider = null;
-
- // first try to obtain the security token provider using the applies-to contents.
- AppliesTo appliesTo = request.getAppliesTo();
- PublicKey providerPublicKey = null;
- if (appliesTo != null)
- {
- String serviceName = WSTrustUtil.parseAppliesTo(appliesTo);
- if (serviceName != null)
- {
- provider = this.configuration.getProviderForService(serviceName);
- request.setTokenType(URI.create(this.configuration.getTokenTypeForService(serviceName)));
- providerPublicKey = this.configuration.getServiceProviderPublicKey(serviceName);
- }
- }
- // if applies-to is not available or if no provider was found for the service, use the token type.
- if (provider == null && request.getTokenType() != null)
- {
- provider = this.configuration.getProviderForTokenType(request.getTokenType().toString());
- }
- else if (appliesTo == null && request.getTokenType() == null)
- throw new WSTrustException("Either AppliesTo or TokenType must be present in a security token request");
-
- // TODO: get the provider using the token from the request.
- provider = this.configuration.getProviderForTokenType(SAMLUtil.SAML2_TOKEN_TYPE);
-
- if (provider != null)
- {
- // create the request context and delegate token generation to the provider.
- WSTrustRequestContext requestContext = new WSTrustRequestContext(request, callerPrincipal);
- requestContext.setTokenIssuer(this.configuration.getSTSName());
- if (request.getLifetime() == null && this.configuration.getIssuedTokenTimeout() != 0)
- {
- // if no lifetime has been specified, use the configured timeout value.
- request.setLifetime(WSTrustUtil.createDefaultLifetime(this.configuration.getIssuedTokenTimeout()));
- }
- requestContext.setServiceProviderPublicKey(providerPublicKey);
- provider.renewToken(requestContext);
-
- if (requestContext.getSecurityToken() == null)
- throw new WSTrustException("Token issued by provider " + provider.getClass().getName() + " is null");
-
-
- // construct the ws-trust security token response.
- RequestedSecurityTokenType requestedSecurityToken = new RequestedSecurityTokenType();
- requestedSecurityToken.setAny(requestContext.getSecurityToken().getTokenValue());
-
- // TODO: create proof token and encrypt the token if needed
-
- RequestSecurityTokenResponse response = new RequestSecurityTokenResponse();
- if (request.getContext() != null)
- response.setContext(request.getContext());
-
- response.setTokenType(request.getTokenType());
- response.setLifetime(request.getLifetime());
- response.setAppliesTo(appliesTo);
- response.setRequestedSecurityToken(requestedSecurityToken);
-
- // set the attached and unattached references.
- if (requestContext.getAttachedReference() != null)
- response.setRequestedAttachedReference(requestContext.getAttachedReference());
- if (requestContext.getUnattachedReference() != null)
- response.setRequestedUnattachedReference(requestContext.getUnattachedReference());
-
- return response;
- }
- else
- throw new WSTrustException("Unable to find a token provider for the token request");
- }
-
- /*
- * (non-Javadoc)
- *
- * @see
- * org.jboss.identity.federation.api.wstrust.WSTrustRequestHandler#validate(org.jboss.identity.federation.api.wstrust
- * .protocol.RequestSecurityToken, java.security.Principal)
- */
- public RequestSecurityTokenResponse validate(RequestSecurityToken request, Principal callerPrincipal)
- throws WSTrustException
- {
- Document rstDocument = request.getRSTDocument();
- if( rstDocument == null)
- throw new IllegalArgumentException("Request does not contain the DOM Document");
-
- if (request.getValidateTarget() == null)
- throw new WSTrustException("Unable to validate token: validate target is null");
-
- if (request.getTokenType() == null)
- request.setTokenType(URI.create(WSTrustConstants.STATUS_TYPE));
-
- // TODO: get the provider using the token from the request.
- SecurityTokenProvider provider = this.configuration.getProviderForTokenType(SAMLUtil.SAML2_TOKEN_TYPE);
- WSTrustRequestContext context = new WSTrustRequestContext(request, callerPrincipal);
-
- StatusType status = null;
-
- // validate the security token digital signature.
- if (this.configuration.signIssuedToken() && this.configuration.getSTSKeyPair() != null)
- {
- KeyPair keyPair = this.configuration.getSTSKeyPair();
- try
- {
- //Element tokenElement = (Element) request.getValidateTarget().getAny();
- Element tokenElement = request.getValidateTargetElement();
-
- Node securityToken = tokenElement.getFirstChild();
-
- if(trace)
- {
- try
- {
- log.trace("Going to validate:" + DocumentUtil.getNodeAsString(securityToken));
- }
- catch (Exception e)
- {
- }
- }
- Document tokenDocument = DocumentUtil.createDocument();
- Node importedNode = tokenDocument.importNode(securityToken, true);
- tokenDocument.appendChild(importedNode);
- if (!XMLSignatureUtil.validate(tokenDocument, keyPair.getPublic()))
- {
- status = new StatusType();
- status.setCode(WSTrustConstants.STATUS_CODE_INVALID);
- status.setReason("Validation failure: digital signature is invalid");
- }
- }
- catch (Exception e)
- {
- status = new StatusType();
- status.setCode(WSTrustConstants.STATUS_CODE_INVALID);
- status.setReason("Validation failure: unable to verify digital signature: " + e.getMessage());
- }
- }
- // TODO: add logging statements alerting that signature validation was not perfomed.
-
- // if the signature is valid, then let the provider handle perform any additional validation checks.
- if(status == null)
- {
- provider.validateToken(context);
- status = context.getStatus();
- }
-
- // construct and return the response.
- RequestSecurityTokenResponse response = new RequestSecurityTokenResponse();
- if (request.getContext() != null)
- response.setContext(request.getContext());
- response.setTokenType(request.getTokenType());
- response.setStatus(status);
-
- return response;
- }
-
- /*
- * (non-Javadoc)
- *
- * @see
- * org.jboss.identity.federation.api.wstrust.WSTrustRequestHandler#cancel(org.jboss.identity.federation.api.wstrust
- * .protocol.RequestSecurityToken, java.security.Principal)
- */
- public RequestSecurityTokenResponse cancel(RequestSecurityToken request, Principal callerPrincipal)
- throws WSTrustException
- {
- Document rstDocument = request.getRSTDocument();
- if( rstDocument == null)
- throw new IllegalArgumentException("Request does not contain the DOM Document");
-
- // TODO: implement cancel logic.
- throw new UnsupportedOperationException();
- }
-
- public Document postProcess(Document rstrDocument, RequestSecurityToken request) throws WSTrustException
- {
- if(WSTrustConstants.ISSUE_REQUEST.equals(request.getRequestType().toString())
- || WSTrustConstants.RENEW_REQUEST.equals(request.getRequestType().toString()))
- {
- rstrDocument = DocumentUtil.normalizeNamespaces(rstrDocument);
-
- //Sign and encrypt
- if (this.configuration.signIssuedToken() && this.configuration.getSTSKeyPair() != null)
- {
- KeyPair keyPair = this.configuration.getSTSKeyPair();
- if (keyPair != null)
- {
- URI signatureURI = request.getSignatureAlgorithm();
- String signatureMethod = signatureURI != null ? signatureURI.toString() : SignatureMethod.RSA_SHA1;
- try
- {
- Node rst = rstrDocument.getElementsByTagNameNS(WSTrustConstants.BASE_NAMESPACE,
- "RequestedSecurityToken").item(0);
- Element tokenElement = (Element) rst.getFirstChild();
- if(trace)
- {
- log.trace("NamespaceURI of element to be signed:" +tokenElement.getNamespaceURI() );
- }
- /* XMLSignatureUtil.sign(tokenElement.getOwnerDocument(), keyPair, DigestMethod.SHA1, signatureMethod,
- "#" + tokenElement.getAttribute("ID"));
- */
- rstrDocument = XMLSignatureUtil.sign(rstrDocument, tokenElement, keyPair,
- DigestMethod.SHA1, signatureMethod, "#" + tokenElement.getAttribute("ID"));
- if(trace)
- {
- try
- {
- log.trace("Signed Token:" + DocumentUtil.getNodeAsString(tokenElement));
-
- Document tokenDocument = DocumentUtil.createDocument();
- tokenDocument.appendChild(tokenDocument.importNode(tokenElement, true));
- log.trace("valid=" + XMLSignatureUtil.validate(tokenDocument, keyPair.getPublic()));
-
- }catch(Exception ignore){}
- }
- }
- catch (Exception e)
- {
- throw new WSTrustException("Failed to sign security token", e);
- }
- }
- }
- }
-
- return rstrDocument;
- }
-}
\ No newline at end of file
Deleted: identity-federation/trunk/jboss-identity-fed-api/src/main/java/org/jboss/identity/federation/api/wstrust/StandardSecurityToken.java
===================================================================
--- identity-federation/trunk/jboss-identity-fed-api/src/main/java/org/jboss/identity/federation/api/wstrust/StandardSecurityToken.java 2009-09-02 17:50:36 UTC (rev 757)
+++ identity-federation/trunk/jboss-identity-fed-api/src/main/java/org/jboss/identity/federation/api/wstrust/StandardSecurityToken.java 2009-09-03 01:56:21 UTC (rev 758)
@@ -1,93 +0,0 @@
-/*
- * JBoss, Home of Professional Open Source.
- * Copyright 2009, Red Hat Middleware LLC, and individual contributors
- * as indicated by the @author tags. See the copyright.txt file in the
- * distribution for a full listing of individual contributors.
- *
- * This is free software; you can redistribute it and/or modify it
- * under the terms of the GNU Lesser General Public License as
- * published by the Free Software Foundation; either version 2.1 of
- * the License, or (at your option) any later version.
- *
- * This software is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public
- * License along with this software; if not, write to the Free
- * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
- * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
- */
-package org.jboss.identity.federation.api.wstrust;
-
-import org.w3c.dom.Element;
-
-/**
- * <p>
- * Standard implementation of the {@code SecurityToken} interface. This implementation stores the issued token as an
- * {@code Element}. The token providers are responsible for marshaling the security token into an {@code Element}
- * instance because the security token marshaling process falls out of the scope of the STS (the STS only deals with
- * WS-Trust classes and doesn't know how to marshal each specific token type).
- * </p>
- *
- * @author <a href="mailto:sguilhen@redhat.com">Stefan Guilhen</a>
- */
-public class StandardSecurityToken implements SecurityToken
-{
- private final String tokenType;
-
- private final String tokenId;
-
- private final Element token;
-
- /**
- * <p>
- * Creates an instance of {@code StandardSecurityToken} with the specified parameters.
- * </p>
- *
- * @param tokenType
- * a {@code String} representing the type of the security token. This is usually the same type as specified
- * in the WS-Trust request message.
- * @param token
- * the security token in its {@code Element} form (i.e. the marshaled security token).
- * @param tokenID
- * a {@code String} representing the id of the security token.
- */
- public StandardSecurityToken(String tokenType, Element token, String tokenID)
- {
- this.tokenType = tokenType;
- this.tokenId = tokenID;
- this.token = token;
- }
-
- /*
- * (non-Javadoc)
- *
- * @see org.jboss.identity.federation.api.wstrust.SecurityToken#getTokenType()
- */
- public String getTokenType()
- {
- return this.tokenType;
- }
-
- /*
- * (non-Javadoc)
- *
- * @see org.jboss.identity.federation.api.wstrust.SecurityToken#getTokenValue()
- */
- public Object getTokenValue()
- {
- return this.token;
- }
-
- /*
- * (non-Javadoc)
- *
- * @see org.jboss.identity.federation.api.wstrust.SecurityToken#getTokenID()
- */
- public String getTokenID()
- {
- return this.tokenId;
- }
-}
Modified: identity-federation/trunk/jboss-identity-fed-api/src/main/java/org/jboss/identity/federation/api/wstrust/WSTrustClient.java
===================================================================
--- identity-federation/trunk/jboss-identity-fed-api/src/main/java/org/jboss/identity/federation/api/wstrust/WSTrustClient.java 2009-09-02 17:50:36 UTC (rev 757)
+++ identity-federation/trunk/jboss-identity-fed-api/src/main/java/org/jboss/identity/federation/api/wstrust/WSTrustClient.java 2009-09-03 01:56:21 UTC (rev 758)
@@ -38,9 +38,12 @@
import org.jboss.identity.federation.core.exceptions.ParsingException;
import org.jboss.identity.federation.core.saml.v2.util.DocumentUtil;
-import org.jboss.identity.federation.core.wstrust.RequestSecurityToken;
-import org.jboss.identity.federation.core.wstrust.RequestSecurityTokenResponse;
-import org.jboss.identity.federation.core.wstrust.RequestSecurityTokenResponseCollection;
+import org.jboss.identity.federation.core.wstrust.WSTrustConstants;
+import org.jboss.identity.federation.core.wstrust.WSTrustException;
+import org.jboss.identity.federation.core.wstrust.WSTrustJAXBFactory;
+import org.jboss.identity.federation.core.wstrust.wrappers.RequestSecurityToken;
+import org.jboss.identity.federation.core.wstrust.wrappers.RequestSecurityTokenResponse;
+import org.jboss.identity.federation.core.wstrust.wrappers.RequestSecurityTokenResponseCollection;
import org.jboss.identity.federation.ws.trust.RenewTargetType;
import org.jboss.identity.federation.ws.trust.StatusType;
import org.jboss.identity.federation.ws.trust.ValidateTargetType;
Deleted: identity-federation/trunk/jboss-identity-fed-api/src/main/java/org/jboss/identity/federation/api/wstrust/WSTrustConstants.java
===================================================================
--- identity-federation/trunk/jboss-identity-fed-api/src/main/java/org/jboss/identity/federation/api/wstrust/WSTrustConstants.java 2009-09-02 17:50:36 UTC (rev 757)
+++ identity-federation/trunk/jboss-identity-fed-api/src/main/java/org/jboss/identity/federation/api/wstrust/WSTrustConstants.java 2009-09-03 01:56:21 UTC (rev 758)
@@ -1,54 +0,0 @@
-/*
- * JBoss, Home of Professional Open Source.
- * Copyright 2009, Red Hat Middleware LLC, and individual contributors
- * as indicated by the @author tags. See the copyright.txt file in the
- * distribution for a full listing of individual contributors.
- *
- * This is free software; you can redistribute it and/or modify it
- * under the terms of the GNU Lesser General Public License as
- * published by the Free Software Foundation; either version 2.1 of
- * the License, or (at your option) any later version.
- *
- * This software is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public
- * License along with this software; if not, write to the Free
- * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
- * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
- */
-package org.jboss.identity.federation.api.wstrust;
-
-/**
- * <p>
- * This class defines the constants used throughout the WS-Trust implementation code.
- * </p>
- *
- * @author <a href="mailto:sguilhen@redhat.com">Stefan Guilhen</a>
- */
-public class WSTrustConstants
-{
- public static final String BASE_NAMESPACE = "http://docs.oasis-open.org/ws-sx/ws-trust/200512/";
-
- // WS-Trust request types.
- public static final String ISSUE_REQUEST = BASE_NAMESPACE + "Issue";
- public static final String RENEW_REQUEST = BASE_NAMESPACE + "Renew";
- public static final String CANCEL_REQUEST = BASE_NAMESPACE + "Cancel";
- public static final String VALIDATE_REQUEST = BASE_NAMESPACE + "Validate";
-
- // WS-Trust validation constants.
- public static final String STATUS_TYPE = BASE_NAMESPACE + "RSTR/Status";
- public static final String STATUS_CODE_VALID = BASE_NAMESPACE + "status/valid";
- public static final String STATUS_CODE_INVALID = BASE_NAMESPACE + "status/invalid";
-
- // WSS namespaces values.
- public static final String WSA_NS = "http://www.w3.org/2005/08/addressing";
- public static final String WSU_NS = "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utilit...";
- public static final String WSSE_NS = "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext...";
- public static final String WSSE11_NS = "http://docs.oasis-open.org/wss/oasis-wss-wssecurity-secext-1.1.xsd";
- public static final String XENC_NS = "http://www.w3.org/2001/04/xmlenc#";
- public static final String DSIG_NS = "http://www.w3.org/2000/09/xmldsig#";
- public static final String SAML2_ASSERTION_NS = "urn:oasis:names:tc:SAML:2.0:assertion";
-}
Deleted: identity-federation/trunk/jboss-identity-fed-api/src/main/java/org/jboss/identity/federation/api/wstrust/WSTrustException.java
===================================================================
--- identity-federation/trunk/jboss-identity-fed-api/src/main/java/org/jboss/identity/federation/api/wstrust/WSTrustException.java 2009-09-02 17:50:36 UTC (rev 757)
+++ identity-federation/trunk/jboss-identity-fed-api/src/main/java/org/jboss/identity/federation/api/wstrust/WSTrustException.java 2009-09-03 01:56:21 UTC (rev 758)
@@ -1,61 +0,0 @@
-/*
- * JBoss, Home of Professional Open Source.
- * Copyright 2009, Red Hat Middleware LLC, and individual contributors
- * as indicated by the @author tags. See the copyright.txt file in the
- * distribution for a full listing of individual contributors.
- *
- * This is free software; you can redistribute it and/or modify it
- * under the terms of the GNU Lesser General Public License as
- * published by the Free Software Foundation; either version 2.1 of
- * the License, or (at your option) any later version.
- *
- * This software is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public
- * License along with this software; if not, write to the Free
- * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
- * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
- */
-package org.jboss.identity.federation.api.wstrust;
-
-import java.security.GeneralSecurityException;
-
-/**
- * <p>
- * Exception used to convey that an error has happened when handling a WS-Trust request message.
- * </p>
- *
- * @author <a href="mailto:sguilhen@redhat.com">Stefan Guilhen</a>
- */
-public class WSTrustException extends GeneralSecurityException
-{
- private static final long serialVersionUID = -232066282004315310L;
-
- /**
- * <p>
- * Creates an instance of {@code WSTrustException} using the specified error message.
- * </p>
- *
- * @param message the error message.
- */
- public WSTrustException(String message)
- {
- super(message);
- }
-
- /**
- * <p>
- * Creates an instance of {@code WSTrustException} using the specified error message and cause.
- * </p>
- *
- * @param message the error message.
- * @param cause a {@code Throwable} representing the cause of the error.
- */
- public WSTrustException(String message, Throwable cause)
- {
- super(message, cause);
- }
-}
\ No newline at end of file
Deleted: identity-federation/trunk/jboss-identity-fed-api/src/main/java/org/jboss/identity/federation/api/wstrust/WSTrustJAXBFactory.java
===================================================================
--- identity-federation/trunk/jboss-identity-fed-api/src/main/java/org/jboss/identity/federation/api/wstrust/WSTrustJAXBFactory.java 2009-09-02 17:50:36 UTC (rev 757)
+++ identity-federation/trunk/jboss-identity-fed-api/src/main/java/org/jboss/identity/federation/api/wstrust/WSTrustJAXBFactory.java 2009-09-03 01:56:21 UTC (rev 758)
@@ -1,412 +0,0 @@
-/*
- * JBoss, Home of Professional Open Source.
- * Copyright 2009, Red Hat Middleware LLC, and individual contributors
- * as indicated by the @author tags. See the copyright.txt file in the
- * distribution for a full listing of individual contributors.
- *
- * This is free software; you can redistribute it and/or modify it
- * under the terms of the GNU Lesser General Public License as
- * published by the Free Software Foundation; either version 2.1 of
- * the License, or (at your option) any later version.
- *
- * This software is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public
- * License along with this software; if not, write to the Free
- * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
- * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
- */
-package org.jboss.identity.federation.api.wstrust;
-
-import javax.xml.bind.Binder;
-import javax.xml.bind.JAXBElement;
-import javax.xml.bind.JAXBException;
-import javax.xml.bind.Marshaller;
-import javax.xml.bind.Unmarshaller;
-import javax.xml.transform.Source;
-import javax.xml.transform.dom.DOMSource;
-
-import org.apache.log4j.Logger;
-import org.jboss.identity.federation.api.saml.v2.common.SAMLDocumentHolder;
-import org.jboss.identity.federation.core.exceptions.ParsingException;
-import org.jboss.identity.federation.core.saml.v2.util.DocumentUtil;
-import org.jboss.identity.federation.core.util.JAXBUtil;
-import org.jboss.identity.federation.core.wstrust.BaseRequestSecurityToken;
-import org.jboss.identity.federation.core.wstrust.BaseRequestSecurityTokenResponse;
-import org.jboss.identity.federation.core.wstrust.RequestSecurityToken;
-import org.jboss.identity.federation.core.wstrust.RequestSecurityTokenResponse;
-import org.jboss.identity.federation.core.wstrust.RequestSecurityTokenResponseCollection;
-import org.jboss.identity.federation.ws.trust.ObjectFactory;
-import org.jboss.identity.federation.ws.trust.RequestSecurityTokenResponseCollectionType;
-import org.jboss.identity.federation.ws.trust.RequestSecurityTokenType;
-import org.w3c.dom.Document;
-import org.w3c.dom.Element;
-import org.w3c.dom.Node;
-import org.w3c.dom.NodeList;
-
-/**
- * <p>
- * This factory implements utility methods for converting between JAXB model objects and XML source.
- * </p>
- *
- * @author <a href="mailto:sguilhen@redhat.com">Stefan Guilhen</a>
- */
-public class WSTrustJAXBFactory
-{
- private static Logger log = Logger.getLogger(WSTrustJAXBFactory.class);
- private boolean trace = log.isTraceEnabled();
-
- private static final WSTrustJAXBFactory instance = new WSTrustJAXBFactory();
-
- private Marshaller marshaller;
-
- private Unmarshaller unmarshaller;
-
- private Binder<Node> binder;
-
- private final ObjectFactory objectFactory;
-
- private ThreadLocal<SAMLDocumentHolder> holders = new ThreadLocal<SAMLDocumentHolder>();
-
- /**
- * <p>
- * Creates the {@code WSTrustJAXBFactory} singleton instance.
- * </p>
- */
- private WSTrustJAXBFactory()
- {
- try
- {
- this.marshaller = JAXBUtil.getMarshaller(this.getPackages());
- this.unmarshaller = JAXBUtil.getUnmarshaller(this.getPackages());
- this.binder = JAXBUtil.getJAXBContext(this.getPackages()).createBinder();
- this.objectFactory = new ObjectFactory();
- }
- catch (JAXBException e)
- {
- throw new RuntimeException(e.getMessage(), e);
- }
- }
-
- /**
- * <p>
- * Gets a reference to the singleton instance.
- * </p>
- *
- * @return a reference to the {@code WSTrustJAXBFactory} instance.
- */
- public static WSTrustJAXBFactory getInstance()
- {
- return instance;
- }
-
- private String getPackages()
- {
- StringBuilder packages = new StringBuilder();
- packages.append("org.jboss.identity.federation.ws.addressing");
- packages.append(":org.jboss.identity.federation.ws.policy");
- packages.append(":org.jboss.identity.federation.ws.trust");
- packages.append(":org.jboss.identity.federation.ws.wss.secext");
- packages.append(":org.jboss.identity.federation.ws.wss.utility");
- return packages.toString();
- }
-
- /**
- * <p>
- * Creates a {@code BaseRequestSecurityToken} from the specified XML source.
- * </p>
- *
- * @param request
- * the XML source containing the security token request message.
- * @return the constructed {@code BaseRequestSecurityToken} instance. It will be an instance of {@code
- * RequestSecurityToken} the message contains a single token request, and an instance of {@code
- * RequestSecurityTokenCollection} if multiples requests are being made in the same message.
- * @throws ParsingException
- */
- @SuppressWarnings("unchecked")
- public BaseRequestSecurityToken parseRequestSecurityToken(Source request) throws ParsingException
- {
- // if the request contains a validate, cancel, or renew target, we must preserve it from JAXB unmarshalling.
- Node documentNode = ((DOMSource) request).getNode();
- Document document = documentNode instanceof Document ? (Document) documentNode : documentNode.getOwnerDocument();
-
- JAXBElement<RequestSecurityTokenType> jaxbRST;
- try
- {
- Node rst = this.findNodeByNameNS(document, "RequestSecurityToken", WSTrustConstants.BASE_NAMESPACE);
- if(rst == null)
- throw new RuntimeException("Request Security Token node not found");
-
- jaxbRST = (JAXBElement<RequestSecurityTokenType>) binder.unmarshal(rst);
-
- RequestSecurityTokenType rstt = jaxbRST.getValue();
- holders.set(new SAMLDocumentHolder(rstt, document));
- return new RequestSecurityToken(rstt);
- }
- catch (JAXBException e)
- {
- throw new ParsingException(e);
- }
-
-
- /*Element targetElement = this.getValidateOrRenewOrCancelTarget(document);
-
- try
- {
- Object object = this.unmarshaller.unmarshal(request);
- if (object instanceof JAXBElement)
- {
- JAXBElement<?> element = (JAXBElement<?>) object;
- if (element.getDeclaredType().equals(RequestSecurityTokenType.class))
- {
- RequestSecurityToken parsedRequest = new RequestSecurityToken((RequestSecurityTokenType) element
- .getValue());
- // insert the request target in the parsed request.
- if (targetElement != null)
- {
- if (parsedRequest.getValidateTarget() != null)
- parsedRequest.getValidateTarget().setAny(targetElement);
- else if (parsedRequest.getRenewTarget() != null)
- parsedRequest.getRenewTarget().setAny(targetElement);
- else if (parsedRequest.getCancelTarget() != null)
- parsedRequest.getCancelTarget().setAny(targetElement);
- }
- return parsedRequest;
- }
- else
- throw new RuntimeException("Invalid request type: " + element.getDeclaredType());
- }
- else
- throw new RuntimeException("Invalid request type: " + object.getClass().getName());
- }
- catch (Exception e)
- {
- throw new RuntimeException("Failed to unmarshall security token request", e);
- }*/
- }
-
- /**
- * <p>
- * Creates a {@code BaseRequestSecurityTokenResponse} from the specified XML source.
- * </p>
- *
- * @param response
- * the XML source containing the security token response message.
- * @return the constructed {@code BaseRequestSecurityTokenResponse} instance. According to the WS-Trust
- * specification, the returned object will be an instance of {@code RequestSecurityTokenResponseCollection}.
- */
- public BaseRequestSecurityTokenResponse parseRequestSecurityTokenResponse(Source response)
- {
- // if the response contains an issued token, we must preserve it from the JAXB unmarshalling.
- Element tokenElement = null;
- Node documentNode = ((DOMSource) response).getNode();
- Document document = documentNode instanceof Document ? (Document) documentNode : documentNode.getOwnerDocument();
- Node requestedTokenNode = this.findNodeByNameNS(document, "RequestedSecurityToken",
- WSTrustConstants.BASE_NAMESPACE);
- if (requestedTokenNode != null)
- tokenElement = (Element) requestedTokenNode.getFirstChild();
-
- try
- {
- Object object = this.unmarshaller.unmarshal(response);
- if (object instanceof JAXBElement)
- {
- JAXBElement<?> element = (JAXBElement<?>) unmarshaller.unmarshal(response);
- if (element.getDeclaredType().equals(RequestSecurityTokenResponseCollectionType.class))
- {
- RequestSecurityTokenResponseCollection collection = new RequestSecurityTokenResponseCollection(
- (RequestSecurityTokenResponseCollectionType) element.getValue());
- // insert the security token in the parsed response.
- if (tokenElement != null)
- {
- RequestSecurityTokenResponse parsedResponse = collection.getRequestSecurityTokenResponses().get(0);
- parsedResponse.getRequestedSecurityToken().setAny(tokenElement);
- }
- return collection;
- }
- else
- throw new RuntimeException("Invalid response type: " + element.getDeclaredType());
- }
- else
- throw new RuntimeException("Invalid response type: " + object.getClass().getName());
- }
- catch (Exception e)
- {
- throw new RuntimeException("Failed to unmarshall security token response", e);
- }
- }
-
- /**
- * <p>
- * Creates a {@code javax.xml.transform.Source} from the specified request object.
- * </p>
- *
- * @param request
- * a {@code RequestSecurityToken} representing the object model of the security token request.
- * @return the constructed {@code Source} instance.
- */
- public Source marshallRequestSecurityToken(RequestSecurityToken request)
- {
- Element targetElement = null;
- // if the request has a validate, cancel, or renew target, we must preserve it from JAXB marshaling.
- String requestType = request.getRequestType().toString();
- if (requestType.equalsIgnoreCase(WSTrustConstants.VALIDATE_REQUEST))
- {
- targetElement = (Element) request.getValidateTarget().getAny();
- request.getValidateTarget().setAny(null);
- }
- else if (requestType.equalsIgnoreCase(WSTrustConstants.RENEW_REQUEST))
- {
- targetElement = (Element) request.getRenewTarget().getAny();
- request.getRenewTarget().setAny(null);
- }
- else if (requestType.equalsIgnoreCase(WSTrustConstants.CANCEL_REQUEST))
- {
- targetElement = (Element) request.getCancelTarget().getAny();
- request.getCancelTarget().setAny(null);
- }
-
- Document result = null;
- try
- {
- result = DocumentUtil.createDocument();
- this.marshaller.marshal(this.objectFactory.createRequestSecurityToken(request.getDelegate()), result);
-
- // insert the original target in the appropriate element.
- if (targetElement != null)
- {
- Node node = null;
- if (requestType.equalsIgnoreCase(WSTrustConstants.VALIDATE_REQUEST))
- node = this.findNodeByNameNS(result, "ValidateTarget", WSTrustConstants.BASE_NAMESPACE);
- else if (requestType.equalsIgnoreCase(WSTrustConstants.RENEW_REQUEST))
- node = this.findNodeByNameNS(result, "RenewTarget", WSTrustConstants.BASE_NAMESPACE);
- else if (requestType.equalsIgnoreCase(WSTrustConstants.CANCEL_REQUEST))
- node = this.findNodeByNameNS(result, "CancelTarget", WSTrustConstants.BASE_NAMESPACE);
- if(node == null)
- throw new RuntimeException("Unsupported request type:" + requestType);
- node.appendChild(result.importNode(targetElement, true));
- }
- }
- catch (Exception e)
- {
- throw new RuntimeException("Failed to marshall security token request", e);
- }
-
- return DocumentUtil.getXMLSource(result);
- }
-
- /**
- * <p>
- * Creates a {@code javax.xml.transform.Source} from the specified response object.
- * </p>
- *
- * @param collection
- * a {@code RequestSecurityTokenResponseCollection} representing the object model of the security token
- * response.
- * @return the constructed {@code Source} instance.
- */
- public Source marshallRequestSecurityTokenResponse(RequestSecurityTokenResponseCollection collection)
- {
- if (collection.getRequestSecurityTokenResponses().size() == 0)
- throw new IllegalArgumentException("The response collection must contain at least one response");
-
- // if the response contains an issued token, we must preserve it from the JAXB marshaling.
- Element tokenElement = null;
- RequestSecurityTokenResponse response = collection.getRequestSecurityTokenResponses().get(0);
- if (response.getRequestedSecurityToken() != null)
- {
- tokenElement = (Element) response.getRequestedSecurityToken().getAny();
- // we don't want to marshall any token - it will be inserted in the DOM document later.
- response.getRequestedSecurityToken().setAny(null);
- }
-
- Document result = null;
- try
- {
- // marshall the response to a document and insert the issued token directly on the document.
- result = DocumentUtil.createDocument();
- this.marshaller.marshal(this.objectFactory.createRequestSecurityTokenResponseCollection(collection
- .getDelegate()), result);
-
- // the document is a ws-trust template - we need to insert the token in the appropriate element.
- if (tokenElement != null)
- {
- Node node = this.findNodeByNameNS(result, "RequestedSecurityToken", WSTrustConstants.BASE_NAMESPACE);
- node.appendChild(result.importNode(tokenElement, true));
- }
- if(trace)
- {
- try
- {
- log.trace("Final RSTR doc:" + DocumentUtil.getDocumentAsString(result));
-
- }catch(Exception ignore){}
- }
-
- }
- catch (Exception e)
- {
- throw new RuntimeException("Failed to marshall security token response", e);
- }
- return DocumentUtil.getXMLSource(result);
- }
-
- /**
- * Return the {@code SAMLDocumentHolder} for the thread
- * @return
- */
- public SAMLDocumentHolder getSAMLDocumentHolderOnThread()
- {
- return holders.get();
- }
-
- /**
- * <p>
- * Finds in the specified document a node that matches the specified name and namespace.
- * </p>
- *
- * @param document
- * the {@code Document} instance upon which the search is made.
- * @param localName
- * a {@code String} containing the local name of the searched node.
- * @param namespace
- * a {@code String} containing the namespace of the searched node.
- * @return a {@code Node} representing the searched node. If more than one node is found in the document, the first
- * one will be returned. If no nodes were found according to the search parameters, then {@code null} is
- * returned.
- */
- private Node findNodeByNameNS(Document document, String localName, String namespace)
- {
- NodeList list = document.getElementsByTagNameNS(namespace, localName);
- if (list == null || list.getLength() == 0)
- // log("Unable to locate element " + localName + " with namespace " + namespace);
- return null;
- return list.item(0);
- }
-
- /**
- * <p>
- * Searches the specified document for an element that represents a validate, renew, or cancel target.
- * </p>
- *
- * @param document
- * the {@code Document} upon which the search is to be made.
- * @return an {@code Element} representing the validate, renew, or cancel target.
- */
- /*private Element getValidateOrRenewOrCancelTarget(Document document)
- {
- Node target = this.findNodeByNameNS(document, "ValidateTarget", WSTrustConstants.BASE_NAMESPACE);
- if (target != null)
- return (Element) target.getFirstChild();
- target = this.findNodeByNameNS(document, "RenewTarget", WSTrustConstants.BASE_NAMESPACE);
- if (target != null)
- return (Element) target.getFirstChild();
- target = this.findNodeByNameNS(document, "CancelTarget", WSTrustConstants.BASE_NAMESPACE);
- if (target != null)
- return (Element) target.getFirstChild();
- return null;
- }*/
-}
\ No newline at end of file
Deleted: identity-federation/trunk/jboss-identity-fed-api/src/main/java/org/jboss/identity/federation/api/wstrust/WSTrustRequestContext.java
===================================================================
--- identity-federation/trunk/jboss-identity-fed-api/src/main/java/org/jboss/identity/federation/api/wstrust/WSTrustRequestContext.java 2009-09-02 17:50:36 UTC (rev 757)
+++ identity-federation/trunk/jboss-identity-fed-api/src/main/java/org/jboss/identity/federation/api/wstrust/WSTrustRequestContext.java 2009-09-03 01:56:21 UTC (rev 758)
@@ -1,247 +0,0 @@
-/*
- * JBoss, Home of Professional Open Source.
- * Copyright 2009, Red Hat Middleware LLC, and individual contributors
- * as indicated by the @author tags. See the copyright.txt file in the
- * distribution for a full listing of individual contributors.
- *
- * This is free software; you can redistribute it and/or modify it
- * under the terms of the GNU Lesser General Public License as
- * published by the Free Software Foundation; either version 2.1 of
- * the License, or (at your option) any later version.
- *
- * This software is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public
- * License along with this software; if not, write to the Free
- * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
- * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
- */
-package org.jboss.identity.federation.api.wstrust;
-
-import java.security.Principal;
-import java.security.PublicKey;
-
-import org.jboss.identity.federation.core.wstrust.RequestSecurityToken;
-import org.jboss.identity.federation.ws.trust.RequestedReferenceType;
-import org.jboss.identity.federation.ws.trust.StatusType;
-
-/**
- * <p>
- * The {@code WSTrustRequestContext} contains all the information that is relevant for the security token request
- * processing. Its attributes are divided into two groups: attributes set by the request handler before calling a token
- * provider, and attributes set by the token provider after processing the token request.
- * </p>
- *
- * @author <a href="mailto:sguilhen@redhat.com">Stefan Guilhen</a>
- */
-public class WSTrustRequestContext
-{
-
- // information supplied by the request handler.
- private String tokenIssuer;
-
- private PublicKey providerPublicKey;
-
- private final Principal callerPrincipal;
-
- private final RequestSecurityToken request;
-
- // information supplied by the token provider.
- private SecurityToken securityToken;
-
- private StatusType status;
-
- private RequestedReferenceType attachedReference;
-
- private RequestedReferenceType unattachedReference;
-
- /**
- * <p>
- * Creates an instance of {@code WSTrustRequestContext} using the specified request.
- * </p>
- *
- * @param request a {@code RequestSecurityToken} object that contains the information about the security token
- * request.
- * @param callerPrincipal the {@code Principal} of the security token requester.
- */
- public WSTrustRequestContext(RequestSecurityToken request, Principal callerPrincipal)
- {
- this.request = request;
- this.callerPrincipal = callerPrincipal;
- }
-
- /**
- * <p>
- * Obtains the name of the token issuer (security token service name).
- * </p>
- *
- * @return a {@code String} representing the token issuer name.
- */
- public String getTokenIssuer()
- {
- return tokenIssuer;
- }
-
- /**
- * <p>
- * Sets the name of the token issuer.
- * </p>
- *
- * @param tokenIssuer a {@code String} representing the token issuer name.
- */
- public void setTokenIssuer(String tokenIssuer)
- {
- this.tokenIssuer = tokenIssuer;
- }
-
- /**
- * <p>
- * Obtains the {@code PublicKey} of the service provider that requires a security token.
- * </p>
- *
- * @return the service provider's {@code PublicKey}.
- */
- public PublicKey getServiceProviderPublicKey()
- {
- return this.providerPublicKey;
- }
-
- /**
- * <p>
- * Sets the {@code PublicKey} of the service provider that requires a security token.
- * </p>
- *
- * @param providerPublicKey the service provider's {@code PublicKey}.
- */
- public void setServiceProviderPublicKey(PublicKey providerPublicKey)
- {
- this.providerPublicKey = providerPublicKey;
- }
-
- /**
- * <p>
- * Obtains the principal of the WS-Trust token requester.
- * </p>
- *
- * @return a reference to the caller {@code Principal} object.
- */
- public Principal getCallerPrincipal()
- {
- return this.callerPrincipal;
- }
-
- /**
- * <p>
- * Obtains the object the contains the information about the security token request.
- * </p>
- *
- * @return a reference to the {@code RequestSecurityToken} instance.
- */
- public RequestSecurityToken getRequestSecurityToken()
- {
- return this.request;
- }
-
- /**
- * <p>
- * Obtains the security token contained in this context.
- * </p>
- *
- * @return a reference to the {@code SecurityToken} instance.
- */
- public SecurityToken getSecurityToken()
- {
- return this.securityToken;
- }
-
- /**
- * <p>
- * Sets the security token in the context.
- * </p>
- *
- * @param token the {@code SecurityToken} instance to be set.
- */
- public void setSecurityToken(SecurityToken token)
- {
- this.securityToken = token;
- }
-
- /**
- * <p>
- * Obtains the status of the security token validation.
- * </p>
- *
- * @return a reference to the resulting {@code StatusType}.
- */
- public StatusType getStatus()
- {
- return this.status;
- }
-
- /**
- * <p>
- * Sets the status of the security token validation.
- * </p>
- *
- * @param status a reference to the {@code StatusType} that represents the validation status.
- */
- public void setStatus(StatusType status)
- {
- this.status = status;
- }
-
- /**
- * <p>
- * Obtains the security token attached reference. This reference is used to locate the token inside the WS-Trust
- * response message when that token doesn't support references using URI fragments.
- * </p>
- *
- * @return a {@code RequestedReferenceType} representing the attached reference.
- */
- public RequestedReferenceType getAttachedReference()
- {
- return this.attachedReference;
- }
-
- /**
- * <p>
- * Sets the security token attached reference. This reference is used to locate the token inside the WS-Trust
- * response message when that token doesn't support references using URI fragments.
- * </p>
- *
- * @param attachedReference a {@code RequestedReferenceType} representing the attached reference.
- */
- public void setAttachedReference(RequestedReferenceType attachedReference)
- {
- this.attachedReference = attachedReference;
- }
-
- /**
- * <p>
- * Obtains the security token unattached reference. This reference is used to locate the token when it is not placed
- * inside the WS-Trust response message.
- * </p>
- *
- * @return a {@code RequestedReferenceType} representing the unattached reference.
- */
- public RequestedReferenceType getUnattachedReference()
- {
- return this.unattachedReference;
- }
-
- /**
- * <p>
- * Sets the security token unattached reference. This reference is used to locate the token when it is not placed
- * inside the WS-Trust response message.
- * </p>
- *
- * @param unattachedReference a {@code RequestedReferenceType} representing the unattached reference.
- */
- public void setUnattachedReference(RequestedReferenceType unattachedReference)
- {
- this.unattachedReference = unattachedReference;
- }
-}
Deleted: identity-federation/trunk/jboss-identity-fed-api/src/main/java/org/jboss/identity/federation/api/wstrust/WSTrustRequestHandler.java
===================================================================
--- identity-federation/trunk/jboss-identity-fed-api/src/main/java/org/jboss/identity/federation/api/wstrust/WSTrustRequestHandler.java 2009-09-02 17:50:36 UTC (rev 757)
+++ identity-federation/trunk/jboss-identity-fed-api/src/main/java/org/jboss/identity/federation/api/wstrust/WSTrustRequestHandler.java 2009-09-03 01:56:21 UTC (rev 758)
@@ -1,111 +0,0 @@
-/*
- * JBoss, Home of Professional Open Source.
- * Copyright 2009, Red Hat Middleware LLC, and individual contributors
- * as indicated by the @author tags. See the copyright.txt file in the
- * distribution for a full listing of individual contributors.
- *
- * This is free software; you can redistribute it and/or modify it
- * under the terms of the GNU Lesser General Public License as
- * published by the Free Software Foundation; either version 2.1 of
- * the License, or (at your option) any later version.
- *
- * This software is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public
- * License along with this software; if not, write to the Free
- * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
- * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
- */
-package org.jboss.identity.federation.api.wstrust;
-
-import java.security.Principal;
-
-import org.jboss.identity.federation.core.wstrust.RequestSecurityToken;
-import org.jboss.identity.federation.core.wstrust.RequestSecurityTokenResponse;
-import org.w3c.dom.Document;
-
-/**
- * <p>
- * The {@code WSTrustRequestHandler} interface defines the methods that will be responsible for handling the different
- * types of WS-Trust request messages.
- * </p>
- *
- * @author <a href="mailto:sguilhen@redhat.com">Stefan Guilhen</a>
- */
-public interface WSTrustRequestHandler
-{
- /**
- * <p>
- * Initializes the concrete {@code WSTrustRequestHandler} instance.
- * </p>
- *
- * @param configuration a reference to object that contains the STS configuration.
- */
- public void initialize(STSConfiguration configuration);
-
- /**
- * <p>
- * Generates a security token according to the information specified in the request message and returns the created
- * token in the response.
- * </p>
- *
- * @param request the security token request message.
- * @param callerPrincipal the {@code Principal} of the ws-trust token requester.
- * @return a {@code RequestSecurityTokenResponse} containing the generated token.
- * @throws WSTrustException if an error occurs while handling the request message.
- */
- public RequestSecurityTokenResponse issue(RequestSecurityToken request, Principal callerPrincipal)
- throws WSTrustException;
-
- /**
- * <p>
- * Renews the security token as specified in the request message, returning the renewed token in the response.
- * </p>
- *
- * @param request the request message that contains the token to be renewed.
- * @param callerPrincipal the {@code Principal} of the ws-trust token requester.
- * @return a {@code RequestSecurityTokenResponse} containing the renewed token.
- * @throws WSTrustException if an error occurs while handling the renewal process.
- */
- public RequestSecurityTokenResponse renew(RequestSecurityToken request, Principal callerPrincipal)
- throws WSTrustException;
-
- /**
- * <p>
- * Cancels the security token as specified in the request message.
- * </p>
- *
- * @param request the request message that contains the token to be canceled.
- * @param callerPrincipal the {@code Principal} of the ws-trust token requester.
- * @return a {@code RequestSecurityTokenResponse} indicating whether the token has been canceled or not.
- * @throws WSTrustException if an error occurs while handling the cancellation process.
- */
- public RequestSecurityTokenResponse cancel(RequestSecurityToken request, Principal callerPrincipal)
- throws WSTrustException;
-
- /**
- * <p>
- * Validates the security token as specified in the request message.
- * </p>
- *
- * @param request the request message that contains the token to be validated.
- * @param callerPrincipal the {@code Principal} of the ws-trust token requester.
- * @return a {@code RequestSecurityTokenResponse} containing the validation status or a new token.
- * @throws WSTrustException if an error occurs while handling the validation process.
- */
- public RequestSecurityTokenResponse validate(RequestSecurityToken request, Principal callerPrincipal)
- throws WSTrustException;
-
- /**
- * Perform Post Processing on the generated RSTR Collection Document
- * Steps such as signing and encryption need to be done here.
- * @param rstrDocument
- * @param request
- * @return
- * @throws WSTrustException
- */
- public Document postProcess(Document rstrDocument, RequestSecurityToken request) throws WSTrustException;
-}
Deleted: identity-federation/trunk/jboss-identity-fed-api/src/main/java/org/jboss/identity/federation/api/wstrust/WSTrustServiceFactory.java
===================================================================
--- identity-federation/trunk/jboss-identity-fed-api/src/main/java/org/jboss/identity/federation/api/wstrust/WSTrustServiceFactory.java 2009-09-02 17:50:36 UTC (rev 757)
+++ identity-federation/trunk/jboss-identity-fed-api/src/main/java/org/jboss/identity/federation/api/wstrust/WSTrustServiceFactory.java 2009-09-03 01:56:21 UTC (rev 758)
@@ -1,102 +0,0 @@
-/*
- * JBoss, Home of Professional Open Source.
- * Copyright 2009, Red Hat Middleware LLC, and individual contributors
- * as indicated by the @author tags. See the copyright.txt file in the
- * distribution for a full listing of individual contributors.
- *
- * This is free software; you can redistribute it and/or modify it
- * under the terms of the GNU Lesser General Public License as
- * published by the Free Software Foundation; either version 2.1 of
- * the License, or (at your option) any later version.
- *
- * This software is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public
- * License along with this software; if not, write to the Free
- * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
- * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
- */
-package org.jboss.identity.federation.api.wstrust;
-
-import java.security.PrivilegedActionException;
-
-/**
- * <p>
- * Factory class used for instantiating pluggable services, such as the {@code WSTrustRequestHandler} and
- * {@code SecurityTokenProvider} implementations.
- * </p>
- *
- * @author <a href="mailto:sguilhen@redhat.com">Stefan Guilhen</a>
- */
-public class WSTrustServiceFactory
-{
-
- private static final WSTrustServiceFactory factory = new WSTrustServiceFactory();
-
- /**
- * <p>
- * Creates the {@code WSTrustConfigurationFactory} singleton instance.
- * </p>
- */
- private WSTrustServiceFactory()
- {
- }
-
- /**
- * <p>
- * Obtains a reference to the singleton instance.
- * </p>
- *
- * @return the {@code WSTrustConfigurationFactory} singleton.
- */
- public static WSTrustServiceFactory getInstance()
- {
- return factory;
- }
-
- /**
- * <p>
- * Constructs and returns the {@code WSTrustRequestHandler} that will be used to handle WS-Trust requests.
- * </p>
- *
- * @param configuration a reference to the {@code STSConfiguration}.
- * @return a reference to the constructed {@code WSTrustRequestHandler} object.
- */
- public WSTrustRequestHandler createRequestHandler(String handlerClassName, STSConfiguration configuration)
- {
- try
- {
- WSTrustRequestHandler handler = (WSTrustRequestHandler) SecurityActions.instantiateClass(handlerClassName);
- handler.initialize(configuration);
- return handler;
- }
- catch (Exception e)
- {
- throw new RuntimeException(e.getMessage(), e);
- }
- }
-
- /**
- * <p>
- * Constructs and returns a {@code SecurityTokenProvider} from the specified class name.
- * </p>
- *
- * @param providerClass the FQN of the {@code SecurityTokenProvider} to be instantiated.
- * @return a reference to the constructed {@code SecurityTokenProvider} object.
- */
- public SecurityTokenProvider createTokenProvider(String providerClass)
- {
- try
- {
- SecurityTokenProvider tokenProvider = (SecurityTokenProvider) SecurityActions.instantiateClass(providerClass);
- return tokenProvider;
- }
- catch (PrivilegedActionException pae)
- {
- throw new RuntimeException("Unable to instantiate token provider " + providerClass, pae);
- }
- }
-}
Deleted: identity-federation/trunk/jboss-identity-fed-api/src/main/java/org/jboss/identity/federation/api/wstrust/WSTrustUtil.java
===================================================================
--- identity-federation/trunk/jboss-identity-fed-api/src/main/java/org/jboss/identity/federation/api/wstrust/WSTrustUtil.java 2009-09-02 17:50:36 UTC (rev 757)
+++ identity-federation/trunk/jboss-identity-fed-api/src/main/java/org/jboss/identity/federation/api/wstrust/WSTrustUtil.java 2009-09-03 01:56:21 UTC (rev 758)
@@ -1,157 +0,0 @@
-/*
- * JBoss, Home of Professional Open Source.
- * Copyright 2009, Red Hat Middleware LLC, and individual contributors
- * as indicated by the @author tags. See the copyright.txt file in the
- * distribution for a full listing of individual contributors.
- *
- * This is free software; you can redistribute it and/or modify it
- * under the terms of the GNU Lesser General Public License as
- * published by the Free Software Foundation; either version 2.1 of
- * the License, or (at your option) any later version.
- *
- * This software is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public
- * License along with this software; if not, write to the Free
- * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
- * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
- */
-package org.jboss.identity.federation.api.wstrust;
-
-import java.util.GregorianCalendar;
-import java.util.Map;
-
-import javax.xml.bind.JAXBElement;
-import javax.xml.namespace.QName;
-
-import org.jboss.identity.federation.core.wstrust.Lifetime;
-import org.jboss.identity.federation.ws.addressing.AttributedURIType;
-import org.jboss.identity.federation.ws.addressing.EndpointReferenceType;
-import org.jboss.identity.federation.ws.addressing.ObjectFactory;
-import org.jboss.identity.federation.ws.policy.AppliesTo;
-import org.jboss.identity.federation.ws.trust.RequestedReferenceType;
-import org.jboss.identity.federation.ws.wss.secext.KeyIdentifierType;
-import org.jboss.identity.federation.ws.wss.secext.SecurityTokenReferenceType;
-
-/**
- * <p>
- * Utility class that provides methods for parsing/creating WS-Trust elements.
- * </p>
- *
- * @author <a href="mailto:sguilhen@redhat.com">Stefan Guilhen</a>
- */
-public class WSTrustUtil
-{
-
- /**
- * <p>
- * Creates an instance of {@code KeyIdentifierType} with the specified values.
- * </p>
- *
- * @param valueType a {@code String} representing the identifier value type.
- * @param value a {@code String} representing the identifier value.
- * @return the constructed {@code KeyIdentifierType} instance.
- */
- public static KeyIdentifierType createKeyIdentifier(String valueType, String value)
- {
- KeyIdentifierType keyIdentifier = new KeyIdentifierType();
- keyIdentifier.setValueType(valueType);
- keyIdentifier.setValue(value);
- return keyIdentifier;
- }
-
- /**
- * <p>
- * Creates an instance of {@code RequestedReferenceType} with the specified values. This method first creates a
- * {@code SecurityTokenReferenceType} with the specified key identifier and attributes and then use this reference
- * to construct the {@code RequestedReferenceType} that is returned.
- * </p>
- *
- * @param keyIdentifier the key identifier of the security token reference.
- * @param attributes the attributes to be set on the security token reference.
- * @return the constructed {@code RequestedReferenceType} instance.
- */
- public static RequestedReferenceType createRequestedReference(KeyIdentifierType keyIdentifier,
- Map<QName, String> attributes)
- {
- SecurityTokenReferenceType securityTokenReference = new SecurityTokenReferenceType();
- securityTokenReference.getAny().add(
- new org.jboss.identity.federation.ws.wss.secext.ObjectFactory().createKeyIdentifier(keyIdentifier));
- securityTokenReference.getOtherAttributes().putAll(attributes);
- RequestedReferenceType reference = new RequestedReferenceType();
- reference.setSecurityTokenReference(securityTokenReference);
-
- return reference;
- }
-
- /**
- * <p>
- * Creates an instance of {@code AppliesTo} using the specified endpoint address.
- * </p>
- *
- * @param endpointURI a {@code String} representing the endpoint URI.
- * @return the constructed {@code AppliesTo} instance.
- */
- public static AppliesTo createAppliesTo(String endpointURI)
- {
- AttributedURIType attributedURI = new AttributedURIType();
- attributedURI.setValue(endpointURI);
- EndpointReferenceType reference = new EndpointReferenceType();
- reference.setAddress(attributedURI);
- AppliesTo appliesTo = new AppliesTo();
- appliesTo.getAny().add(new ObjectFactory().createEndpointReference(reference));
-
- return appliesTo;
- }
-
- /**
- * <p>
- * Parses the contents of the {@code AppliesTo} element and returns the address the uniquely identify the service
- * provider.
- * </p>
- *
- * @param appliesTo the {@code AppliesTo} instance to be parsed.
- * @return the address of the service provider.
- */
- public static String parseAppliesTo(AppliesTo appliesTo)
- {
- EndpointReferenceType reference = null;
- for (Object obj : appliesTo.getAny())
- {
- if (obj instanceof EndpointReferenceType)
- reference = (EndpointReferenceType) obj;
- else if (obj instanceof JAXBElement)
- {
- JAXBElement<?> element = (JAXBElement<?>) obj;
- if (element.getName().getLocalPart().equalsIgnoreCase("EndpointReference"))
- reference = (EndpointReferenceType) element.getValue();
- }
-
- if (reference != null && reference.getAddress() != null)
- return reference.getAddress().getValue();
- }
- return null;
- }
-
- /**
- * <p>
- * Creates a {@code Lifetime} instance that specifies a range of time that starts at the current GMT time and has
- * the specified duration in milliseconds.
- * </p>
- *
- * @param tokenTimeout the token timeout value (in milliseconds).
- * @return the constructed {@code Lifetime} instance.
- */
- public static Lifetime createDefaultLifetime(long tokenTimeout)
- {
- GregorianCalendar created = new GregorianCalendar();
- GregorianCalendar expires = new GregorianCalendar();
- expires.setTimeInMillis(created.getTimeInMillis() + tokenTimeout);
-
- return new Lifetime(created, expires);
- }
-
-}
Modified: identity-federation/trunk/jboss-identity-fed-api/src/test/java/org/jboss/test/identity/federation/api/saml/v2/DeflateEncodingDecodingUnitTestCase.java
===================================================================
--- identity-federation/trunk/jboss-identity-fed-api/src/test/java/org/jboss/test/identity/federation/api/saml/v2/DeflateEncodingDecodingUnitTestCase.java 2009-09-02 17:50:36 UTC (rev 757)
+++ identity-federation/trunk/jboss-identity-fed-api/src/test/java/org/jboss/test/identity/federation/api/saml/v2/DeflateEncodingDecodingUnitTestCase.java 2009-09-03 01:56:21 UTC (rev 758)
@@ -28,10 +28,10 @@
import junit.framework.TestCase;
-import org.jboss.identity.federation.api.saml.v2.common.IDGenerator;
import org.jboss.identity.federation.api.saml.v2.request.SAML2Request;
import org.jboss.identity.federation.api.util.Base64;
import org.jboss.identity.federation.api.util.DeflateUtil;
+import org.jboss.identity.federation.core.saml.v2.common.IDGenerator;
import org.jboss.identity.federation.core.saml.v2.factories.JBossSAMLAuthnRequestFactory;
import org.jboss.identity.federation.saml.v2.protocol.AuthnRequestType;
Modified: identity-federation/trunk/jboss-identity-fed-api/src/test/java/org/jboss/test/identity/federation/api/saml/v2/SAML2AuthnRequestUnitTestCase.java
===================================================================
--- identity-federation/trunk/jboss-identity-fed-api/src/test/java/org/jboss/test/identity/federation/api/saml/v2/SAML2AuthnRequestUnitTestCase.java 2009-09-02 17:50:36 UTC (rev 757)
+++ identity-federation/trunk/jboss-identity-fed-api/src/test/java/org/jboss/test/identity/federation/api/saml/v2/SAML2AuthnRequestUnitTestCase.java 2009-09-03 01:56:21 UTC (rev 758)
@@ -28,8 +28,8 @@
import junit.framework.TestCase;
-import org.jboss.identity.federation.api.saml.v2.common.IDGenerator;
import org.jboss.identity.federation.api.saml.v2.request.SAML2Request;
+import org.jboss.identity.federation.core.saml.v2.common.IDGenerator;
import org.jboss.identity.federation.saml.v2.assertion.AudienceRestrictionType;
import org.jboss.identity.federation.saml.v2.assertion.ConditionAbstractType;
import org.jboss.identity.federation.saml.v2.assertion.ConditionsType;
Modified: identity-federation/trunk/jboss-identity-fed-api/src/test/java/org/jboss/test/identity/federation/api/saml/v2/SAML2AuthnResponseUnitTestCase.java
===================================================================
--- identity-federation/trunk/jboss-identity-fed-api/src/test/java/org/jboss/test/identity/federation/api/saml/v2/SAML2AuthnResponseUnitTestCase.java 2009-09-02 17:50:36 UTC (rev 757)
+++ identity-federation/trunk/jboss-identity-fed-api/src/test/java/org/jboss/test/identity/federation/api/saml/v2/SAML2AuthnResponseUnitTestCase.java 2009-09-03 01:56:21 UTC (rev 758)
@@ -25,8 +25,8 @@
import junit.framework.TestCase;
-import org.jboss.identity.federation.api.saml.v2.common.IDGenerator;
import org.jboss.identity.federation.api.saml.v2.response.SAML2Response;
+import org.jboss.identity.federation.core.saml.v2.common.IDGenerator;
import org.jboss.identity.federation.core.saml.v2.constants.JBossSAMLURIConstants;
import org.jboss.identity.federation.core.saml.v2.factories.JBossSAMLAuthnResponseFactory;
import org.jboss.identity.federation.core.saml.v2.holders.IDPInfoHolder;
Modified: identity-federation/trunk/jboss-identity-fed-api/src/test/java/org/jboss/test/identity/federation/api/saml/v2/SignatureValidationUnitTestCase.java
===================================================================
--- identity-federation/trunk/jboss-identity-fed-api/src/test/java/org/jboss/test/identity/federation/api/saml/v2/SignatureValidationUnitTestCase.java 2009-09-02 17:50:36 UTC (rev 757)
+++ identity-federation/trunk/jboss-identity-fed-api/src/test/java/org/jboss/test/identity/federation/api/saml/v2/SignatureValidationUnitTestCase.java 2009-09-03 01:56:21 UTC (rev 758)
@@ -32,16 +32,16 @@
import javax.xml.bind.JAXBElement;
import javax.xml.crypto.dsig.SignatureMethod;
-import org.jboss.identity.federation.api.saml.v2.common.IDGenerator;
import org.jboss.identity.federation.api.saml.v2.request.SAML2Request;
import org.jboss.identity.federation.api.saml.v2.response.SAML2Response;
import org.jboss.identity.federation.api.saml.v2.sig.SAML2Signature;
-import org.jboss.identity.federation.api.util.XMLSignatureUtil;
+import org.jboss.identity.federation.core.saml.v2.common.IDGenerator;
import org.jboss.identity.federation.core.saml.v2.constants.JBossSAMLURIConstants;
import org.jboss.identity.federation.core.saml.v2.holders.IssuerInfoHolder;
import org.jboss.identity.federation.core.saml.v2.util.DocumentUtil;
import org.jboss.identity.federation.core.saml.v2.util.SignatureUtil;
import org.jboss.identity.federation.core.saml.v2.util.XMLTimeUtil;
+import org.jboss.identity.federation.core.util.XMLSignatureUtil;
import org.jboss.identity.federation.saml.v2.assertion.AssertionType;
import org.jboss.identity.federation.saml.v2.assertion.AuthnStatementType;
import org.jboss.identity.federation.saml.v2.protocol.AuthnRequestType;
Modified: identity-federation/trunk/jboss-identity-fed-api/src/test/java/org/jboss/test/identity/federation/api/util/XMLEncryptionUnitTestCase.java
===================================================================
--- identity-federation/trunk/jboss-identity-fed-api/src/test/java/org/jboss/test/identity/federation/api/util/XMLEncryptionUnitTestCase.java 2009-09-02 17:50:36 UTC (rev 757)
+++ identity-federation/trunk/jboss-identity-fed-api/src/test/java/org/jboss/test/identity/federation/api/util/XMLEncryptionUnitTestCase.java 2009-09-03 01:56:21 UTC (rev 758)
@@ -36,8 +36,8 @@
import junit.framework.TestCase;
-import org.jboss.identity.federation.api.saml.v2.common.IDGenerator;
import org.jboss.identity.federation.api.saml.v2.response.SAML2Response;
+import org.jboss.identity.federation.core.saml.v2.common.IDGenerator;
import org.jboss.identity.federation.core.saml.v2.constants.JBossSAMLURIConstants;
import org.jboss.identity.federation.core.saml.v2.holders.IDPInfoHolder;
import org.jboss.identity.federation.core.saml.v2.holders.IssuerInfoHolder;
Deleted: identity-federation/trunk/jboss-identity-fed-api/src/test/java/org/jboss/test/identity/federation/api/wstrust/MockSTSConfiguration.java
===================================================================
--- identity-federation/trunk/jboss-identity-fed-api/src/test/java/org/jboss/test/identity/federation/api/wstrust/MockSTSConfiguration.java 2009-09-02 17:50:36 UTC (rev 757)
+++ identity-federation/trunk/jboss-identity-fed-api/src/test/java/org/jboss/test/identity/federation/api/wstrust/MockSTSConfiguration.java 2009-09-03 01:56:21 UTC (rev 758)
@@ -1,152 +0,0 @@
-/*
- * JBoss, Home of Professional Open Source.
- * Copyright 2009, Red Hat Middleware LLC, and individual contributors
- * as indicated by the @author tags. See the copyright.txt file in the
- * distribution for a full listing of individual contributors.
- *
- * This is free software; you can redistribute it and/or modify it
- * under the terms of the GNU Lesser General Public License as
- * published by the Free Software Foundation; either version 2.1 of
- * the License, or (at your option) any later version.
- *
- * This software is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public
- * License along with this software; if not, write to the Free
- * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
- * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
- */
-package org.jboss.test.identity.federation.api.wstrust;
-
-import java.security.KeyPair;
-import java.security.PublicKey;
-import java.util.Map;
-
-import org.jboss.identity.federation.api.wstrust.STSConfiguration;
-import org.jboss.identity.federation.api.wstrust.SecurityTokenProvider;
-import org.jboss.identity.federation.api.wstrust.WSTrustRequestHandler;
-
-/**
- * <p>
- * Mock implementation of {@code STSConfiguration} used in the test scenarios.
- * </p>
- *
- * @author <a href="mailto:sguilhen@redhat.com">Stefan Guilhen</a>
- * @version $Revision$
- */
-public class MockSTSConfiguration implements STSConfiguration
-{
-
- /*
- * (non-Javadoc)
- *
- * @see org.jboss.identity.federation.api.wstrust.STSConfiguration#getEncryptIssuedToken()
- */
- public boolean encryptIssuedToken()
- {
- return false;
- }
-
- /*
- * (non-Javadoc)
- * @see org.jboss.identity.federation.api.wstrust.STSConfiguration#signIssuedToken()
- */
- public boolean signIssuedToken()
- {
- return true;
- }
-
- /*
- * (non-Javadoc)
- *
- * @see org.jboss.identity.federation.api.wstrust.STSConfiguration#getIssuedTokenTimeout()
- */
- public long getIssuedTokenTimeout()
- {
- return 0;
- }
-
- /*
- * (non-Javadoc)
- *
- * @see org.jboss.identity.federation.api.wstrust.STSConfiguration#getOptions()
- */
- public Map<String, Object> getOptions()
- {
- return null;
- }
-
- /*
- * (non-Javadoc)
- *
- * @see org.jboss.identity.federation.api.wstrust.STSConfiguration#getProviderForService(java.lang.String)
- */
- public SecurityTokenProvider getProviderForService(String serviceName)
- {
- return null;
- }
-
- /*
- * (non-Javadoc)
- *
- * @see org.jboss.identity.federation.api.wstrust.STSConfiguration#getProviderForTokenType(java.lang.String)
- */
- public SecurityTokenProvider getProviderForTokenType(String tokenType)
- {
- return null;
- }
-
- /*
- * (non-Javadoc)
- *
- * @see org.jboss.identity.federation.api.wstrust.STSConfiguration#getTokenTypeForService(java.lang.String)
- */
- public String getTokenTypeForService(String serviceName)
- {
- return null;
- }
-
- /*
- * (non-Javadoc)
- *
- * @see org.jboss.identity.federation.api.wstrust.STSConfiguration#getRequestHandler()
- */
- public WSTrustRequestHandler getRequestHandler()
- {
- return null;
- }
-
- /*
- * (non-Javadoc)
- *
- * @see org.jboss.identity.federation.api.wstrust.STSConfiguration#getSTSName()
- */
- public String getSTSName()
- {
- return null;
- }
-
- /*
- * (non-Javadoc)
- *
- * @see org.jboss.identity.federation.api.wstrust.STSConfiguration#getServiceProviderPublicKey(java.lang.String)
- */
- public PublicKey getServiceProviderPublicKey(String serviceName)
- {
- return null;
- }
-
- /*
- * (non-Javadoc)
- *
- * @see org.jboss.identity.federation.api.wstrust.STSConfiguration#getSTSKeyPair()
- */
- public KeyPair getSTSKeyPair()
- {
- return null;
- }
-
-}
Deleted: identity-federation/trunk/jboss-identity-fed-api/src/test/java/org/jboss/test/identity/federation/api/wstrust/SAML20TokenProviderUnitTestCase.java
===================================================================
--- identity-federation/trunk/jboss-identity-fed-api/src/test/java/org/jboss/test/identity/federation/api/wstrust/SAML20TokenProviderUnitTestCase.java 2009-09-02 17:50:36 UTC (rev 757)
+++ identity-federation/trunk/jboss-identity-fed-api/src/test/java/org/jboss/test/identity/federation/api/wstrust/SAML20TokenProviderUnitTestCase.java 2009-09-03 01:56:21 UTC (rev 758)
@@ -1,275 +0,0 @@
-/*
- * JBoss, Home of Professional Open Source.
- * Copyright 2009, Red Hat Middleware LLC, and individual contributors
- * as indicated by the @author tags. See the copyright.txt file in the
- * distribution for a full listing of individual contributors.
- *
- * This is free software; you can redistribute it and/or modify it
- * under the terms of the GNU Lesser General Public License as
- * published by the Free Software Foundation; either version 2.1 of
- * the License, or (at your option) any later version.
- *
- * This software is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public
- * License along with this software; if not, write to the Free
- * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
- * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
- */
-package org.jboss.test.identity.federation.api.wstrust;
-
-import java.net.URI;
-import java.security.Principal;
-import java.util.GregorianCalendar;
-
-import javax.xml.bind.JAXBContext;
-import javax.xml.bind.JAXBElement;
-import javax.xml.bind.Unmarshaller;
-import javax.xml.namespace.QName;
-
-import junit.framework.TestCase;
-
-import org.jboss.identity.federation.api.wstrust.StandardSecurityToken;
-import org.jboss.identity.federation.api.wstrust.WSTrustConstants;
-import org.jboss.identity.federation.api.wstrust.WSTrustRequestContext;
-import org.jboss.identity.federation.api.wstrust.WSTrustUtil;
-import org.jboss.identity.federation.api.wstrust.plugins.saml.SAML20TokenProvider;
-import org.jboss.identity.federation.api.wstrust.plugins.saml.SAMLUtil;
-import org.jboss.identity.federation.core.wstrust.Lifetime;
-import org.jboss.identity.federation.core.wstrust.RequestSecurityToken;
-import org.jboss.identity.federation.saml.v2.assertion.AssertionType;
-import org.jboss.identity.federation.saml.v2.assertion.AudienceRestrictionType;
-import org.jboss.identity.federation.saml.v2.assertion.ConditionsType;
-import org.jboss.identity.federation.saml.v2.assertion.NameIDType;
-import org.jboss.identity.federation.saml.v2.assertion.SubjectConfirmationType;
-import org.jboss.identity.federation.saml.v2.assertion.SubjectType;
-import org.jboss.identity.federation.ws.trust.RequestedReferenceType;
-import org.jboss.identity.federation.ws.trust.StatusType;
-import org.jboss.identity.federation.ws.trust.ValidateTargetType;
-import org.jboss.identity.federation.ws.wss.secext.KeyIdentifierType;
-import org.jboss.identity.federation.ws.wss.secext.SecurityTokenReferenceType;
-import org.w3c.dom.Element;
-
-/**
- * <p>
- * This {@code TestCase} tests the functionalities of the {@code SAML20TokenProvider} class.
- * </p>
- *
- * @author <a href="mailto:sguilhen@redhat.com">Stefan Guilhen</a>
- */
-public class SAML20TokenProviderUnitTestCase extends TestCase
-{
-
- /**
- * <p>
- * Tests the issuance of a SAMLV2.0 Assertion.
- * </p>
- *
- * @throws Exception if an error occurs while running the test.
- */
- public void testIssueSAMLV20Token() throws Exception
- {
- // create a WSTrustRequestContext with a simple WS-Trust request.
- RequestSecurityToken request = new RequestSecurityToken();
- request.setLifetime(WSTrustUtil.createDefaultLifetime(3600000));
- request.setAppliesTo(WSTrustUtil.createAppliesTo("http://services.testcorp.org/provider2"));
- request.setTokenType(URI.create(SAMLUtil.SAML2_TOKEN_TYPE));
-
- WSTrustRequestContext context = new WSTrustRequestContext(request, new TestPrincipal("sguilhen"));
- context.setTokenIssuer("JBossSTS");
-
- // call the SAML token provider and check the generated token.
- new SAML20TokenProvider().issueToken(context);
- assertNotNull("Unexpected null security token", context.getSecurityToken());
-
- JAXBContext jaxbContext = JAXBContext.newInstance("org.jboss.identity.federation.saml.v2.assertion");
- Unmarshaller unmarshaller = jaxbContext.createUnmarshaller();
- JAXBElement<?> parsedElement = (JAXBElement<?>) unmarshaller.unmarshal((Element) context.getSecurityToken()
- .getTokenValue());
- assertNotNull("Unexpected null element", parsedElement);
- assertEquals("Unexpected element type", AssertionType.class, parsedElement.getDeclaredType());
-
- AssertionType assertion = (AssertionType) parsedElement.getValue();
- StandardSecurityToken securityToken = (StandardSecurityToken) context.getSecurityToken();
- assertEquals("Unexpected token id", securityToken.getTokenID(), assertion.getID());
- assertEquals("Unexpected token issuer", "JBossSTS", assertion.getIssuer().getValue());
-
- // check the contents of the assertion conditions.
- ConditionsType conditions = assertion.getConditions();
- assertNotNull("Unexpected null conditions", conditions);
- assertNotNull("Unexpected null value for NotBefore attribute", conditions.getNotBefore());
- assertNotNull("Unexpected null value for NotOnOrAfter attribute", conditions.getNotOnOrAfter());
- assertEquals("Unexpected number of conditions", 1, conditions.getConditionOrAudienceRestrictionOrOneTimeUse()
- .size());
- assertTrue("Unexpected condition type",
- conditions.getConditionOrAudienceRestrictionOrOneTimeUse().get(0) instanceof AudienceRestrictionType);
- AudienceRestrictionType restrictionType = (AudienceRestrictionType) conditions
- .getConditionOrAudienceRestrictionOrOneTimeUse().get(0);
- assertNotNull("Unexpected null audience list", restrictionType.getAudience());
- assertEquals("Unexpected number of audience elements", 1, restrictionType.getAudience().size());
- assertEquals("Unexpected audience value", "http://services.testcorp.org/provider2", restrictionType.getAudience()
- .get(0));
-
- // check the contents of the assertion subject.
- SubjectType subject = assertion.getSubject();
- assertNotNull("Unexpected null subject", subject);
- assertEquals("Unexpected subject content size", 2, subject.getContent().size());
- JAXBElement<?> content = subject.getContent().get(0);
- assertEquals("Unexpected content type", NameIDType.class, content.getDeclaredType());
- NameIDType nameID = (NameIDType) content.getValue();
- assertEquals("Unexpected name id qualifier", "urn:jboss:identity-federation", nameID.getNameQualifier());
- assertEquals("Unexpected name id", "sguilhen", nameID.getValue());
- content = subject.getContent().get(1);
- assertEquals("Unexpected content type", SubjectConfirmationType.class, content.getDeclaredType());
- SubjectConfirmationType confirmation = (SubjectConfirmationType) content.getValue();
- assertEquals("Unexpected confirmation method", SAMLUtil.SAML2_BEARER_URI, confirmation.getMethod());
-
- // validate the attached token reference created by the SAML provider.
- RequestedReferenceType reference = context.getAttachedReference();
- assertNotNull("Unexpected null attached reference", reference);
- SecurityTokenReferenceType securityRef = reference.getSecurityTokenReference();
- assertNotNull("Unexpected null security reference", securityRef);
- String tokenTypeAttr = securityRef.getOtherAttributes().get(new QName(WSTrustConstants.WSSE11_NS, "TokenType"));
- assertNotNull("Required attribute TokenType is missing", tokenTypeAttr);
- assertEquals("TokenType attribute has an unexpected value", SAMLUtil.SAML2_TOKEN_TYPE, tokenTypeAttr);
- JAXBElement<?> keyIdElement = (JAXBElement<?>) securityRef.getAny().get(0);
- KeyIdentifierType keyId = (KeyIdentifierType) keyIdElement.getValue();
- assertEquals("Unexpected key value type", SAMLUtil.SAML2_VALUE_TYPE, keyId.getValueType());
- assertNotNull("Unexpected null key identifier value", keyId.getValue());
- assertEquals(assertion.getID(), keyId.getValue().substring(1));
- }
-
- /**
- * <p>
- * Tests the validation of a SAMLV2.0 Assertion.
- * </p>
- *
- * @throws Exception if an error occurs while running the test.
- */
- public void testValidateSAMLV20Token() throws Exception
- {
-
- // issue a SAMLV2.0 assertion.
- WSTrustRequestContext context = this.createIssuingContext(WSTrustUtil.createDefaultLifetime(3600000));
- SAML20TokenProvider provider = new SAML20TokenProvider();
- provider.issueToken(context);
-
- // get the issued SAMLV2.0 assertion.
- Element assertion = (Element) context.getSecurityToken().getTokenValue();
-
- // now create a WS-Trust validate context.
- context = this.createValidatingContext(assertion);
-
- // validate the SAMLV2.0 assertion.
- provider.validateToken(context);
- StatusType status = context.getStatus();
- assertNotNull("Unexpected null status type", status);
- assertEquals("Unexpected status code", WSTrustConstants.STATUS_CODE_VALID, status.getCode());
- assertEquals("Unexpected status reason", "SAMLV2.0 Assertion successfuly validated", status.getReason());
-
- // now let's create a new SAMLV2.0 assertion with an expired lifetime.
- long currentTimeMillis = System.currentTimeMillis();
- GregorianCalendar created = new GregorianCalendar();
- created.setTimeInMillis(currentTimeMillis - 3600000);
- GregorianCalendar expires = new GregorianCalendar();
- expires.setTimeInMillis(currentTimeMillis - 1800000);
- context = this.createIssuingContext(new Lifetime(created, expires));
-
- provider.issueToken(context);
- assertion = (Element) context.getSecurityToken().getTokenValue();
-
- // try to validate the expired token.
- context = this.createValidatingContext(assertion);
- provider.validateToken(context);
- status = context.getStatus();
- assertNotNull("Unexpected null status type", status);
- assertEquals("Unexpected status code", WSTrustConstants.STATUS_CODE_INVALID, status.getCode());
- assertEquals("Unexpected status reason",
- "Validation failure: assertion expired or used before its lifetime period", status.getReason());
- }
-
- /**
- * <p>
- * Creates a {@code WSTrustRequestContext} using the specified lifetime. The created context is used in the issuing
- * test scenarios.
- * </p>
- *
- * @param lifetime the {@code Lifetime} of the assertion to be issued.
- * @return the constructed {@code WSTrustRequestHandler} instance.
- * @throws Exception if an error occurs while creating the context.
- */
- private WSTrustRequestContext createIssuingContext(Lifetime lifetime) throws Exception
- {
- // create a WSTrustRequestContext with a simple WS-Trust issue request.
- RequestSecurityToken request = new RequestSecurityToken();
- request.setLifetime(lifetime);
- request.setAppliesTo(WSTrustUtil.createAppliesTo("http://services.testcorp.org/provider2"));
- request.setRequestType(URI.create(WSTrustConstants.ISSUE_REQUEST));
- request.setTokenType(URI.create(SAMLUtil.SAML2_TOKEN_TYPE));
-
- WSTrustRequestContext context = new WSTrustRequestContext(request, new TestPrincipal("sguilhen"));
- context.setTokenIssuer("JBossSTS");
-
- return context;
- }
-
- /**
- * <p>
- * Creates a {@code WSTrustRequestContext} for validating the specified assertion.
- * </p>
- *
- * @param assertion an {@code Element} representing the SAMLV2.0 assertion to be validated.
- * @return the constructed {@code WSTrustRequestContext} instance.
- * @throws Exception if an error occurs while creating the validating context.
- */
- private WSTrustRequestContext createValidatingContext(Element assertion) throws Exception
- {
- RequestSecurityToken request = new RequestSecurityToken();
- request.setRequestType(URI.create(WSTrustConstants.VALIDATE_REQUEST));
- request.setTokenType(URI.create(WSTrustConstants.STATUS_TYPE));
- ValidateTargetType validateTarget = new ValidateTargetType();
- validateTarget.setAny(assertion);
- request.setValidateTarget(validateTarget);
-
- WSTrustRequestContext context = new WSTrustRequestContext(request, new TestPrincipal("sguilhen"));
-
- return context;
- }
-
- /**
- * <p>
- * Simple {@code Principal} implementation used in the test scenarios.
- * </p>
- *
- * @author <a href="mailto:sguilhen@redhat.com">Stefan Guilhen</a>
- */
- private class TestPrincipal implements Principal
- {
- private final String name;
-
- /**
- * <p>
- * Creates an instance of {@code TestPrincipal} with the specified name.
- * </p>
- *
- * @param name a {@code String} representing the principal name.
- */
- public TestPrincipal(String name)
- {
- this.name = name;
- }
-
- /*
- * (non-Javadoc)
- *
- * @see java.security.Principal#getName()
- */
- public String getName()
- {
- return this.name;
- }
- }
-}
Deleted: identity-federation/trunk/jboss-identity-fed-api/src/test/java/org/jboss/test/identity/federation/api/wstrust/SpecialTokenProvider.java
===================================================================
--- identity-federation/trunk/jboss-identity-fed-api/src/test/java/org/jboss/test/identity/federation/api/wstrust/SpecialTokenProvider.java 2009-09-02 17:50:36 UTC (rev 757)
+++ identity-federation/trunk/jboss-identity-fed-api/src/test/java/org/jboss/test/identity/federation/api/wstrust/SpecialTokenProvider.java 2009-09-03 01:56:21 UTC (rev 758)
@@ -1,74 +0,0 @@
-/*
- * JBoss, Home of Professional Open Source.
- * Copyright 2009, Red Hat Middleware LLC, and individual contributors
- * as indicated by the @author tags. See the copyright.txt file in the
- * distribution for a full listing of individual contributors.
- *
- * This is free software; you can redistribute it and/or modify it
- * under the terms of the GNU Lesser General Public License as
- * published by the Free Software Foundation; either version 2.1 of
- * the License, or (at your option) any later version.
- *
- * This software is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public
- * License along with this software; if not, write to the Free
- * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
- * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
- */
-package org.jboss.test.identity.federation.api.wstrust;
-
-import org.jboss.identity.federation.api.wstrust.SecurityTokenProvider;
-import org.jboss.identity.federation.api.wstrust.WSTrustException;
-import org.jboss.identity.federation.api.wstrust.WSTrustRequestContext;
-
-/**
- * <p>
- * Mock {@code SecurityTokenProvider} used in the test scenarios.
- * </p>
- *
- * @author <a href="mailto:sguilhen@redhat.com">Stefan Guilhen</a>
- */
-public class SpecialTokenProvider implements SecurityTokenProvider
-{
-
- /*
- * (non-Javadoc)
- *
- * @see org.jboss.identity.federation.api.wstrust.SecurityTokenProvider#cancelToken(org.jboss.identity.federation.api.wstrust.WSTrustRequestContext)
- */
- public void cancelToken(WSTrustRequestContext context) throws WSTrustException
- {
- }
-
- /*
- * (non-Javadoc)
- *
- * @see org.jboss.identity.federation.api.wstrust.SecurityTokenProvider#issueToken(org.jboss.identity.federation.api.wstrust.WSTrustRequestContext)
- */
- public void issueToken(WSTrustRequestContext context) throws WSTrustException
- {
- }
-
- /*
- * (non-Javadoc)
- *
- * @see org.jboss.identity.federation.api.wstrust.SecurityTokenProvider#renewToken(org.jboss.identity.federation.api.wstrust.WSTrustRequestContext)
- */
- public void renewToken(WSTrustRequestContext context) throws WSTrustException
- {
- }
-
- /*
- * (non-Javadoc)
- *
- * @see org.jboss.identity.federation.api.wstrust.SecurityTokenProvider#validateToken(org.jboss.identity.federation.api.wstrust.WSTrustRequestContext)
- */
- public void validateToken(WSTrustRequestContext context) throws WSTrustException
- {
- }
-
-}
Modified: identity-federation/trunk/jboss-identity-fed-api/src/test/java/org/jboss/test/identity/federation/api/wstrust/WSTrustClientUnitTestCase.java
===================================================================
--- identity-federation/trunk/jboss-identity-fed-api/src/test/java/org/jboss/test/identity/federation/api/wstrust/WSTrustClientUnitTestCase.java 2009-09-02 17:50:36 UTC (rev 757)
+++ identity-federation/trunk/jboss-identity-fed-api/src/test/java/org/jboss/test/identity/federation/api/wstrust/WSTrustClientUnitTestCase.java 2009-09-03 01:56:21 UTC (rev 758)
@@ -48,16 +48,16 @@
import junit.framework.TestCase;
import org.jboss.identity.federation.api.util.KeyStoreUtil;
-import org.jboss.identity.federation.api.util.XMLSignatureUtil;
import org.jboss.identity.federation.api.wstrust.WSTrustClient;
-import org.jboss.identity.federation.api.wstrust.WSTrustConstants;
-import org.jboss.identity.federation.api.wstrust.WSTrustJAXBFactory;
import org.jboss.identity.federation.api.wstrust.WSTrustClient.SecurityInfo;
-import org.jboss.identity.federation.api.wstrust.plugins.saml.SAMLUtil;
import org.jboss.identity.federation.core.saml.v2.util.DocumentUtil;
-import org.jboss.identity.federation.core.wstrust.RequestSecurityToken;
-import org.jboss.identity.federation.core.wstrust.RequestSecurityTokenResponse;
-import org.jboss.identity.federation.core.wstrust.RequestSecurityTokenResponseCollection;
+import org.jboss.identity.federation.core.util.XMLSignatureUtil;
+import org.jboss.identity.federation.core.wstrust.WSTrustConstants;
+import org.jboss.identity.federation.core.wstrust.WSTrustJAXBFactory;
+import org.jboss.identity.federation.core.wstrust.plugins.saml.SAMLUtil;
+import org.jboss.identity.federation.core.wstrust.wrappers.RequestSecurityToken;
+import org.jboss.identity.federation.core.wstrust.wrappers.RequestSecurityTokenResponse;
+import org.jboss.identity.federation.core.wstrust.wrappers.RequestSecurityTokenResponseCollection;
import org.jboss.identity.federation.ws.trust.StatusType;
import org.jboss.identity.federation.ws.trust.ValidateTargetType;
import org.w3c.dom.Document;
Deleted: identity-federation/trunk/jboss-identity-fed-api/src/test/java/org/jboss/test/identity/federation/api/wstrust/WSTrustJAXBFactoryUnitTestCase.java
===================================================================
--- identity-federation/trunk/jboss-identity-fed-api/src/test/java/org/jboss/test/identity/federation/api/wstrust/WSTrustJAXBFactoryUnitTestCase.java 2009-09-02 17:50:36 UTC (rev 757)
+++ identity-federation/trunk/jboss-identity-fed-api/src/test/java/org/jboss/test/identity/federation/api/wstrust/WSTrustJAXBFactoryUnitTestCase.java 2009-09-03 01:56:21 UTC (rev 758)
@@ -1,186 +0,0 @@
-/*
- * JBoss, Home of Professional Open Source.
- * Copyright 2009, Red Hat Middleware LLC, and individual contributors
- * as indicated by the @author tags. See the copyright.txt file in the
- * distribution for a full listing of individual contributors.
- *
- * This is free software; you can redistribute it and/or modify it
- * under the terms of the GNU Lesser General Public License as
- * published by the Free Software Foundation; either version 2.1 of
- * the License, or (at your option) any later version.
- *
- * This software is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public
- * License along with this software; if not, write to the Free
- * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
- * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
- */
-package org.jboss.test.identity.federation.api.wstrust;
-
-import java.net.URI;
-
-import javax.xml.transform.Source;
-import javax.xml.transform.dom.DOMSource;
-
-import junit.framework.TestCase;
-
-import org.jboss.identity.federation.api.wstrust.WSTrustJAXBFactory;
-import org.jboss.identity.federation.core.saml.v2.util.DocumentUtil;
-import org.jboss.identity.federation.core.wstrust.BaseRequestSecurityToken;
-import org.jboss.identity.federation.core.wstrust.BaseRequestSecurityTokenResponse;
-import org.jboss.identity.federation.core.wstrust.RequestSecurityToken;
-import org.jboss.identity.federation.core.wstrust.RequestSecurityTokenResponse;
-import org.jboss.identity.federation.core.wstrust.RequestSecurityTokenResponseCollection;
-import org.w3c.dom.Document;
-
-/**
- * <p>
- * This {@code TestCase} tests the methods of the {@code WSTrustJAXBFactory}.
- * </p>
- *
- * @author <a href="mailto:sguilhen@redhat.com">Stefan Guilhen</a>
- */
-public class WSTrustJAXBFactoryUnitTestCase extends TestCase
-{
-
- /**
- * <p>
- * Tests parsing a WS-Trust request message.
- * </p>
- *
- * @throws Exception
- * if an error occurs while running the test.
- */
- public void testParseRequestSecurityToken() throws Exception
- {
- // load a sample ws-trust request from a test file.
- Document document = DocumentUtil
- .getDocument(this.getClass().getResourceAsStream("/wstrust/ws-trust-request.xml"));
-
- // encapsulate the request in a source object.
- Source source = new DOMSource(document);
-
- // parse the request using the WSTrustJAXBFactory.
- WSTrustJAXBFactory factory = WSTrustJAXBFactory.getInstance();
- BaseRequestSecurityToken baseRequest = factory.parseRequestSecurityToken(source);
- assertNotNull("Unexpected null request message", baseRequest);
-
- // check the contents of the parsed request.
- assertTrue("Unexpected request message type", baseRequest instanceof RequestSecurityToken);
- RequestSecurityToken parsedRequest = (RequestSecurityToken) baseRequest;
- assertEquals("Unexpected context name", "testcontext", parsedRequest.getContext());
- assertEquals("Unexpected token type", "http://www.tokens.org/SpecialToken", parsedRequest.getTokenType().toString());
- assertEquals("Unexpected request type", "http://docs.oasis-open.org/ws-sx/ws-trust/200512/Issue", parsedRequest
- .getRequestType().toString());
- }
-
- /**
- * <p>
- * Tests parsing a WS-Trust response message.
- * </p>
- *
- * @throws Exception
- * if an error occurs while running the test.
- */
- public void testParseRequestSecurityTokenResponse() throws Exception
- {
- // load a ws-trust response from a file.
- Document document = DocumentUtil.getDocument(this.getClass()
- .getResourceAsStream("/wstrust/ws-trust-response.xml"));
-
- // encapsulate the response in a source object.
- Source source = new DOMSource(document);
-
- // parse the response using the WSTrustJAXBFactory.
- WSTrustJAXBFactory factory = WSTrustJAXBFactory.getInstance();
- BaseRequestSecurityTokenResponse baseResponse = factory.parseRequestSecurityTokenResponse(source);
- assertNotNull("Unexpected null response message", baseResponse);
-
- // check the contents of the parsed response.
- assertTrue("Unexpected response message type", baseResponse instanceof RequestSecurityTokenResponseCollection);
- RequestSecurityTokenResponseCollection parsedCollection = (RequestSecurityTokenResponseCollection) baseResponse;
- assertNotNull("Unexpected null response list", parsedCollection.getRequestSecurityTokenResponses());
- assertEquals("Unexpected number of responses", 1, parsedCollection.getRequestSecurityTokenResponses().size());
-
- RequestSecurityTokenResponse parsedResponse = parsedCollection.getRequestSecurityTokenResponses().get(0);
- assertEquals("Unexpected context name", "testcontext", parsedResponse.getContext());
- assertEquals("Unexpected token type", "http://www.tokens.org/SpecialToken", parsedResponse.getTokenType()
- .toString());
- assertFalse(parsedResponse.isForwardable());
- }
-
- /**
- * <p>
- * Tests the marshalling of a WS-Trust request.
- * </p>
- *
- * @throws Exception
- * if an error occurs while running the test.
- */
- public void testMarshallRequestSecurityToken() throws Exception
- {
- // create a request object.
- RequestSecurityToken request = new RequestSecurityToken();
- request.setContext("testcontext");
- request.setTokenType(new URI("http://www.tokens.org/SpecialToken"));
- request.setRequestType(new URI("http://docs.oasis-open.org/ws-sx/ws-trust/200512/Issue"));
-
- // use the factory to marshall the request.
- WSTrustJAXBFactory factory = WSTrustJAXBFactory.getInstance();
- Source source = factory.marshallRequestSecurityToken(request);
- assertNotNull("Unexpected null source", source);
- assertTrue("Unexpected source type", source instanceof DOMSource);
-
- // at this point we know that the parsing works, so parse the generated source and compare to the original request.
- BaseRequestSecurityToken baseRequest = factory.parseRequestSecurityToken(source);
- assertNotNull("Unexpected null value for the parsed request", baseRequest);
- assertTrue("Unexpected parsed request type", baseRequest instanceof RequestSecurityToken);
- RequestSecurityToken parsedRequest = (RequestSecurityToken) baseRequest;
- assertEquals("Unexpected context value", request.getContext(), parsedRequest.getContext());
- assertTrue("Unexpected token type", request.getTokenType().equals(parsedRequest.getTokenType()));
- assertTrue("Unexpected request type", request.getRequestType().equals(parsedRequest.getRequestType()));
- }
-
- /**
- * <p>
- * Tests the marshalling of a WS-Trust response.
- * </p>
- *
- * @throws Exception
- * if an error occurs while running the test.
- */
- public void testMarshallRequestSecurityTokenResponse() throws Exception
- {
- // create a sample ws-trust response message.
- RequestSecurityTokenResponse response = new RequestSecurityTokenResponse();
- response.setContext("testcontext");
- response.setTokenType(new URI("http://www.tokens.org/SpecialToken"));
- response.setForwardable(false);
-
- RequestSecurityTokenResponseCollection collection = new RequestSecurityTokenResponseCollection();
- collection.addRequestSecurityTokenResponse(response);
-
- // use the factory to marshall the response.
- WSTrustJAXBFactory factory = WSTrustJAXBFactory.getInstance();
- Source source = factory.marshallRequestSecurityTokenResponse(collection);
- assertNotNull("Unexpected null source", source);
- assertTrue("Unexpected source type", source instanceof DOMSource);
-
- // at this point we know that the parsing works, so parse the generated source and compare to the original response.
- BaseRequestSecurityTokenResponse baseResponse = factory.parseRequestSecurityTokenResponse(source);
- assertNotNull("Unexpected null value for the parsed response", baseResponse);
- assertTrue("Unexpected parsed request type", baseResponse instanceof RequestSecurityTokenResponseCollection);
- RequestSecurityTokenResponseCollection parsedCollection = (RequestSecurityTokenResponseCollection) baseResponse;
- assertNotNull("Unexpected null response list", parsedCollection.getRequestSecurityTokenResponses());
- assertEquals("Unexpected number of responses", 1, parsedCollection.getRequestSecurityTokenResponses().size());
-
- RequestSecurityTokenResponse parsedResponse = parsedCollection.getRequestSecurityTokenResponses().get(0);
- assertEquals("Unexpected context value", response.getContext(), parsedResponse.getContext());
- assertTrue("Unexpected token type", response.getTokenType().equals(parsedResponse.getTokenType()));
- assertFalse(parsedResponse.isForwardable());
- }
-}
Deleted: identity-federation/trunk/jboss-identity-fed-api/src/test/java/org/jboss/test/identity/federation/api/wstrust/WSTrustServiceFactoryUnitTestCase.java
===================================================================
--- identity-federation/trunk/jboss-identity-fed-api/src/test/java/org/jboss/test/identity/federation/api/wstrust/WSTrustServiceFactoryUnitTestCase.java 2009-09-02 17:50:36 UTC (rev 757)
+++ identity-federation/trunk/jboss-identity-fed-api/src/test/java/org/jboss/test/identity/federation/api/wstrust/WSTrustServiceFactoryUnitTestCase.java 2009-09-03 01:56:21 UTC (rev 758)
@@ -1,106 +0,0 @@
-/*
- * JBoss, Home of Professional Open Source.
- * Copyright 2009, Red Hat Middleware LLC, and individual contributors
- * as indicated by the @author tags. See the copyright.txt file in the
- * distribution for a full listing of individual contributors.
- *
- * This is free software; you can redistribute it and/or modify it
- * under the terms of the GNU Lesser General Public License as
- * published by the Free Software Foundation; either version 2.1 of
- * the License, or (at your option) any later version.
- *
- * This software is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public
- * License along with this software; if not, write to the Free
- * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
- * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
- */
-package org.jboss.test.identity.federation.api.wstrust;
-
-import java.security.PrivilegedActionException;
-
-import junit.framework.TestCase;
-
-import org.jboss.identity.federation.api.wstrust.STSConfiguration;
-import org.jboss.identity.federation.api.wstrust.SecurityTokenProvider;
-import org.jboss.identity.federation.api.wstrust.StandardRequestHandler;
-import org.jboss.identity.federation.api.wstrust.WSTrustRequestHandler;
-import org.jboss.identity.federation.api.wstrust.WSTrustServiceFactory;
-import org.jboss.identity.federation.api.wstrust.plugins.saml.SAML20TokenProvider;
-
-/**
- * <p>
- * This {@code TestCase} tests the behavior of the {@code WSTrustServiceFactory} class.
- * </p>
- *
- * @author <a href="mailto:sguilhen@redhat.com">Stefan Guilhen</a>
- */
-public class WSTrustServiceFactoryUnitTestCase extends TestCase
-{
-
- /**
- * <p>
- * Tests the creation of a {@code WSTrustRequestHandler} instance.
- * </p>
- *
- * @throws Exception if an error occurs while running the test.
- */
- public void testCreateRequestHandler() throws Exception
- {
- STSConfiguration config = new MockSTSConfiguration();
- WSTrustServiceFactory factory = WSTrustServiceFactory.getInstance();
-
- // tests the creation of the request handler.
- WSTrustRequestHandler handler = factory.createRequestHandler(
- "org.jboss.identity.federation.api.wstrust.StandardRequestHandler", config);
- assertNotNull("Unexpected null request handler", handler);
- assertTrue("Unexpected request handler type", handler instanceof StandardRequestHandler);
-
- // try to create an invalid instance of request handler.
- try
- {
- factory.createRequestHandler("InvalidHandler", config);
- fail("An exception should have been raised");
- }
- catch (RuntimeException re)
- {
- assertTrue(re.getCause() instanceof PrivilegedActionException);
- }
- }
-
- /**
- * <p>
- * Tests the creation of {@code SecurityTokenProvider}s.
- * </p>
- *
- * @throws Exception if an error occurs while running the test.
- */
- public void testCreateTokenProvider() throws Exception
- {
- WSTrustServiceFactory factory = WSTrustServiceFactory.getInstance();
- SecurityTokenProvider provider = factory
- .createTokenProvider("org.jboss.test.identity.federation.api.wstrust.SpecialTokenProvider");
- assertNotNull("Unexpected null token provider", provider);
- assertTrue("Unexpected token provider type", provider instanceof SpecialTokenProvider);
- provider = factory
- .createTokenProvider("org.jboss.identity.federation.api.wstrust.plugins.saml.SAML20TokenProvider");
- assertNotNull("Unexpected null token provider", provider);
- assertTrue("Unexpected token provider type", provider instanceof SAML20TokenProvider);
-
- // try to create an invalid token provider.
- try
- {
- factory.createTokenProvider("InvalidTokenProvider");
- fail("An exception should have been raised");
- }
- catch (RuntimeException re)
- {
- assertTrue(re.getCause() instanceof PrivilegedActionException);
- }
-
- }
-}
Deleted: identity-federation/trunk/jboss-identity-fed-api/src/test/resources/wstrust/ws-trust-request.xml
===================================================================
--- identity-federation/trunk/jboss-identity-fed-api/src/test/resources/wstrust/ws-trust-request.xml 2009-09-02 17:50:36 UTC (rev 757)
+++ identity-federation/trunk/jboss-identity-fed-api/src/test/resources/wstrust/ws-trust-request.xml 2009-09-03 01:56:21 UTC (rev 758)
@@ -1,4 +0,0 @@
-<wst:RequestSecurityToken xmlns:wst="http://docs.oasis-open.org/ws-sx/ws-trust/200512/" Context="testcontext">
- <wst:TokenType>http://www.tokens.org/SpecialToken</wst:TokenType>
- <wst:RequestType>http://docs.oasis-open.org/ws-sx/ws-trust/200512/Issue</wst:RequestType>
-</wst:RequestSecurityToken>
\ No newline at end of file
Deleted: identity-federation/trunk/jboss-identity-fed-api/src/test/resources/wstrust/ws-trust-response.xml
===================================================================
--- identity-federation/trunk/jboss-identity-fed-api/src/test/resources/wstrust/ws-trust-response.xml 2009-09-02 17:50:36 UTC (rev 757)
+++ identity-federation/trunk/jboss-identity-fed-api/src/test/resources/wstrust/ws-trust-response.xml 2009-09-03 01:56:21 UTC (rev 758)
@@ -1,7 +0,0 @@
-<wst:RequestSecurityTokenResponseCollection
- xmlns:wst="http://docs.oasis-open.org/ws-sx/ws-trust/200512/">
- <wst:RequestSecurityTokenResponse Context="testcontext">
- <wst:TokenType>http://www.tokens.org/SpecialToken</wst:TokenType>
- <wst:Forwardable>false</wst:Forwardable>
- </wst:RequestSecurityTokenResponse>
-</wst:RequestSecurityTokenResponseCollection>
Added: identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/common/IDGenerator.java
===================================================================
--- identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/common/IDGenerator.java (rev 0)
+++ identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/common/IDGenerator.java 2009-09-03 01:56:21 UTC (rev 758)
@@ -0,0 +1,55 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2008, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.identity.federation.core.saml.v2.common;
+
+import java.util.UUID;
+
+/**
+ * Utility class that generates unique IDs
+ * @author Anil.Saldhana(a)redhat.com
+ * @since Jan 5, 2009
+ */
+public class IDGenerator
+{
+ /*
+ * Create a basic unique ID
+ */
+ public static String create()
+ {
+ return UUID.randomUUID().toString();
+ }
+
+ /**
+ * Create an id that is prefixed by a string
+ * @param prefix
+ * @return an id
+ * @throws IllegalArgumentException when prefix is null
+ */
+ public static String create(String prefix)
+ {
+ if(prefix == null)
+ throw new IllegalArgumentException("prefix is null");
+ StringBuilder sb = new StringBuilder(prefix);
+ sb.append(IDGenerator.create());
+ return sb.toString();
+ }
+}
\ No newline at end of file
Added: identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/common/SAMLDocumentHolder.java
===================================================================
--- identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/common/SAMLDocumentHolder.java (rev 0)
+++ identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/common/SAMLDocumentHolder.java 2009-09-03 01:56:21 UTC (rev 758)
@@ -0,0 +1,74 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2008, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.identity.federation.core.saml.v2.common;
+
+import org.w3c.dom.Document;
+
+/**
+ * A Holder class that can store
+ * the SAML object as well as the corresponding
+ * DOM object.
+ * It is thread safe because each thread
+ * can have only one instance of this class
+ * @author Anil.Saldhana(a)redhat.com
+ * @since Aug 13, 2009
+ */
+public class SAMLDocumentHolder
+{
+ private Object samlObject;
+ private Document samlDocument;
+
+ public SAMLDocumentHolder(Object samlObject)
+ {
+ this.samlObject = samlObject;
+ }
+
+ public SAMLDocumentHolder(Document samlDocument)
+ {
+ this.samlDocument = samlDocument;
+ }
+
+ public SAMLDocumentHolder(Object samlObject, Document samlDocument)
+ {
+ this.samlObject = samlObject;
+ this.samlDocument = samlDocument;
+ }
+ public Object getSamlObject()
+ {
+ return samlObject;
+ }
+
+ public void setSamlObject(Object samlObject)
+ {
+ this.samlObject = samlObject;
+ }
+
+ public Document getSamlDocument()
+ {
+ return samlDocument;
+ }
+
+ public void setSamlDocument(Document samlDocument)
+ {
+ this.samlDocument = samlDocument;
+ }
+}
\ No newline at end of file
Added: identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/util/XMLSignatureUtil.java
===================================================================
--- identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/util/XMLSignatureUtil.java (rev 0)
+++ identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/util/XMLSignatureUtil.java 2009-09-03 01:56:21 UTC (rev 758)
@@ -0,0 +1,340 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2008, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.identity.federation.core.util;
+
+import java.io.OutputStream;
+import java.security.AccessController;
+import java.security.GeneralSecurityException;
+import java.security.Key;
+import java.security.KeyPair;
+import java.security.PrivateKey;
+import java.security.PrivilegedAction;
+import java.security.PublicKey;
+import java.util.Collections;
+import java.util.List;
+
+import javax.security.cert.X509Certificate;
+import javax.xml.bind.JAXBElement;
+import javax.xml.bind.JAXBException;
+import javax.xml.bind.Marshaller;
+import javax.xml.crypto.MarshalException;
+import javax.xml.crypto.dsig.CanonicalizationMethod;
+import javax.xml.crypto.dsig.DigestMethod;
+import javax.xml.crypto.dsig.Reference;
+import javax.xml.crypto.dsig.SignatureMethod;
+import javax.xml.crypto.dsig.SignedInfo;
+import javax.xml.crypto.dsig.Transform;
+import javax.xml.crypto.dsig.XMLSignature;
+import javax.xml.crypto.dsig.XMLSignatureException;
+import javax.xml.crypto.dsig.XMLSignatureFactory;
+import javax.xml.crypto.dsig.dom.DOMSignContext;
+import javax.xml.crypto.dsig.dom.DOMValidateContext;
+import javax.xml.crypto.dsig.keyinfo.KeyInfo;
+import javax.xml.crypto.dsig.keyinfo.KeyInfoFactory;
+import javax.xml.crypto.dsig.keyinfo.KeyValue;
+import javax.xml.crypto.dsig.spec.C14NMethodParameterSpec;
+import javax.xml.crypto.dsig.spec.TransformParameterSpec;
+import javax.xml.parsers.ParserConfigurationException;
+import javax.xml.transform.Transformer;
+import javax.xml.transform.TransformerException;
+import javax.xml.transform.TransformerFactory;
+import javax.xml.transform.stream.StreamResult;
+
+import org.apache.log4j.Logger;
+import org.jboss.identity.federation.core.saml.v2.constants.JBossSAMLURIConstants;
+import org.jboss.identity.federation.core.saml.v2.util.DocumentUtil;
+import org.jboss.identity.federation.core.util.JAXBUtil;
+import org.jboss.identity.xmlsec.w3.xmldsig.ObjectFactory;
+import org.jboss.identity.xmlsec.w3.xmldsig.SignatureType;
+import org.w3c.dom.Document;
+import org.w3c.dom.Node;
+import org.w3c.dom.NodeList;
+import org.xml.sax.SAXException;
+
+/**
+ * Utility for XML Signature
+ * @author Anil.Saldhana(a)redhat.com
+ * @since Dec 15, 2008
+ */
+public class XMLSignatureUtil
+{
+ private static Logger log = Logger.getLogger(XMLSignatureUtil.class);
+ private static boolean trace = log.isTraceEnabled();
+
+ private static String pkgName = "org.jboss.identity.federation.w3.xmldsig";
+ private static String schemaLocation = "schema/saml/v2/xmldsig-core-schema.xsd";
+
+ private static ObjectFactory objectFactory = new ObjectFactory();
+
+ private static XMLSignatureFactory fac = getXMLSignatureFactory();
+
+ private static XMLSignatureFactory getXMLSignatureFactory()
+ {
+ XMLSignatureFactory xsf = null;
+
+ try
+ {
+ xsf = XMLSignatureFactory.getInstance("DOM");
+ }
+ catch(Exception err)
+ {
+ //JDK5
+ xsf = XMLSignatureFactory.getInstance("DOM",
+ new org.jcp.xml.dsig.internal.dom.XMLDSigRI());
+ }
+ return xsf;
+ }
+
+ //Set some system properties
+ static
+ {
+ AccessController.doPrivileged(new PrivilegedAction<Object>()
+ {
+ public Object run()
+ {
+ System.setProperty("org.apache.xml.security.ignoreLineBreaks", "true");
+ return null;
+ }
+ });
+ };
+
+ /**
+ * Precheck whether the document that will be validated
+ * has the right signedinfo
+ * @param doc
+ * @return
+ */
+ public static boolean preCheckSignedInfo(Document doc)
+ {
+ NodeList nl = doc.getElementsByTagNameNS(JBossSAMLURIConstants.XMLDSIG_NSURI.get(), "SignedInfo");
+ return nl != null ? nl.getLength() > 0 : false;
+ }
+
+ /**
+ * Sign a node in a document
+ * @param doc Document
+ * @param parentOfNodeToBeSigned Parent Node of the node to be signed
+ * @param signingKey Private Key
+ * @param certificate X509 Certificate holding the public key
+ * @param digestMethod (Example: DigestMethod.SHA1)
+ * @param signatureMethod (Example: SignatureMethod.DSA_SHA1)
+ * @param referenceURI
+ * @return Document that contains the signed node
+ * @throws XMLSignatureException
+ * @throws MarshalException
+ * @throws GeneralSecurityException
+ * @throws ParserConfigurationException
+ */
+ public static Document sign(Document doc,
+ Node parentOfNodeToBeSigned,
+ PrivateKey signingKey,
+ X509Certificate certificate,
+ String digestMethod,
+ String signatureMethod,
+ String referenceURI)
+ throws ParserConfigurationException, GeneralSecurityException, MarshalException, XMLSignatureException
+ {
+ KeyPair keyPair = new KeyPair(certificate.getPublicKey(),signingKey);
+ return sign(doc,parentOfNodeToBeSigned, keyPair,
+ digestMethod, signatureMethod, referenceURI);
+ }
+
+ /**
+ * Sign a node in a document
+ * @param doc
+ * @param nodeToBeSigned
+ * @param keyPair
+ * @param publicKey
+ * @param digestMethod
+ * @param signatureMethod
+ * @param referenceURI
+ * @return
+ * @throws ParserConfigurationException
+ * @throws XMLSignatureException
+ * @throws MarshalException
+ * @throws GeneralSecurityException
+ */
+ public static Document sign(Document doc,
+ Node nodeToBeSigned,
+ KeyPair keyPair,
+ String digestMethod,
+ String signatureMethod,
+ String referenceURI) throws ParserConfigurationException, GeneralSecurityException, MarshalException, XMLSignatureException
+ {
+ if(nodeToBeSigned == null)
+ throw new IllegalArgumentException("Node to be signed is null");
+ if(trace)
+ {
+ try
+ {
+ log.trace("Document to be signed=" + DocumentUtil.getDocumentAsString(doc));
+ }catch (Exception e) {}
+ }
+
+ Node parentNode = nodeToBeSigned.getParentNode();
+
+ //Let us create a new Document
+ Document newDoc = DocumentUtil.createDocument();
+ //Import the node
+ Node signingNode = newDoc.importNode(nodeToBeSigned, true);
+ newDoc.appendChild(signingNode);
+
+ newDoc = sign(newDoc, keyPair, digestMethod, signatureMethod, referenceURI);
+
+ //Now let us import this signed doc into the original document we got in the method call
+ Node signedNode = doc.importNode(newDoc.getFirstChild(), true);
+
+ parentNode.replaceChild(signedNode, nodeToBeSigned);
+ //doc.getDocumentElement().replaceChild(signedNode, nodeToBeSigned);
+
+ return doc;
+ }
+
+
+ /**
+ * Sign the root element
+ * @param doc
+ * @param signingKey
+ * @param publicKey
+ * @param digestMethod
+ * @param signatureMethod
+ * @param referenceURI
+ * @return
+ * @throws GeneralSecurityException
+ * @throws XMLSignatureException
+ * @throws MarshalException
+ */
+ public static Document sign(Document doc,
+ KeyPair keyPair,
+ String digestMethod,
+ String signatureMethod,
+ String referenceURI) throws GeneralSecurityException, MarshalException, XMLSignatureException
+ {
+ if(trace)
+ {
+ try
+ {
+ log.trace("Document to be signed=" + DocumentUtil.getDocumentAsString(doc));
+ }catch (Exception e) {}
+ }
+ PrivateKey signingKey = keyPair.getPrivate();
+ PublicKey publicKey = keyPair.getPublic();
+
+ DOMSignContext dsc = new DOMSignContext(signingKey, doc.getDocumentElement());
+ dsc.setDefaultNamespacePrefix("dsig");
+
+// dsc.putNamespacePrefix(XMLSignature.XMLNS, "ds");
+
+ DigestMethod digestMethodObj = fac.newDigestMethod(digestMethod, null);
+ Transform transform = fac.newTransform(Transform.ENVELOPED,
+ (TransformParameterSpec) null);
+
+ List<Transform> transformList = Collections.singletonList(transform);
+ Reference ref = fac.newReference
+ ( referenceURI, digestMethodObj,transformList,null, null);
+
+ String canonicalizationMethodType = CanonicalizationMethod.EXCLUSIVE_WITH_COMMENTS;
+ CanonicalizationMethod canonicalizationMethod
+ = fac.newCanonicalizationMethod
+ (canonicalizationMethodType, (C14NMethodParameterSpec) null);
+
+ List<Reference> referenceList = Collections.singletonList(ref);
+ SignatureMethod signatureMethodObj = fac.newSignatureMethod(signatureMethod, null);
+ SignedInfo si = fac.newSignedInfo (canonicalizationMethod, signatureMethodObj ,
+ referenceList);
+
+ KeyInfoFactory kif = fac.getKeyInfoFactory();
+ KeyValue kv = kif.newKeyValue(publicKey);
+ KeyInfo ki = kif.newKeyInfo(Collections.singletonList(kv));
+
+ XMLSignature signature = fac.newXMLSignature(si, ki);
+
+ signature.sign(dsc);
+
+ return doc;
+ }
+ /**
+ * Validate a signed document with the given public key
+ * @param signedDoc
+ * @param publicKey
+ * @return
+ * @throws MarshalException
+ * @throws XMLSignatureException
+ */
+ @SuppressWarnings("unchecked")
+ public static boolean validate(Document signedDoc, Key publicKey) throws MarshalException, XMLSignatureException
+ {
+ NodeList nl = signedDoc.getElementsByTagNameNS(XMLSignature.XMLNS, "Signature");
+ if (nl == null || nl.getLength() == 0)
+ {
+ throw new IllegalArgumentException("Cannot find Signature element");
+ }
+ if(publicKey == null)
+ throw new IllegalArgumentException("Public Key is null");
+
+ DOMValidateContext valContext = new DOMValidateContext(publicKey, nl.item(0));
+ XMLSignature signature = fac.unmarshalXMLSignature(valContext);
+ boolean coreValidity = signature.validate(valContext);
+
+ if(trace && !coreValidity)
+ {
+ boolean sv = signature.getSignatureValue().validate(valContext);
+ log.trace("Signature validation status: " + sv);
+
+ List<Reference> references = signature.getSignedInfo().getReferences();
+ for(Reference ref:references)
+ {
+ log.trace("[Ref id=" + ref.getId() +":uri=" + ref.getURI() +
+ "]validity status:" + ref.validate(valContext));
+ }
+ }
+ return coreValidity;
+ }
+
+ /**
+ * Marshall a SignatureType to output stream
+ * @param signature
+ * @param os
+ * @throws SAXException
+ * @throws JAXBException
+ */
+ public static void marshall(SignatureType signature, OutputStream os) throws JAXBException, SAXException
+ {
+ JAXBElement<SignatureType> jsig = objectFactory.createSignature(signature);
+ Marshaller marshaller = JAXBUtil.getValidatingMarshaller(pkgName, schemaLocation);
+ marshaller.marshal(jsig, os);
+ }
+
+ /**
+ * Marshall the signed document to an output stream
+ * @param signedDocument
+ * @param os
+ * @throws TransformerException
+ */
+ public static void marshall(Document signedDocument, OutputStream os)
+ throws TransformerException
+ {
+ TransformerFactory tf = TransformerFactory.newInstance();
+ Transformer trans = tf.newTransformer();
+ trans.transform(DocumentUtil.getXMLSource(signedDocument), new StreamResult(os));
+ }
+}
\ No newline at end of file
Deleted: identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/wstrust/BaseRequestSecurityToken.java
===================================================================
--- identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/wstrust/BaseRequestSecurityToken.java 2009-09-02 17:50:36 UTC (rev 757)
+++ identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/wstrust/BaseRequestSecurityToken.java 2009-09-03 01:56:21 UTC (rev 758)
@@ -1,33 +0,0 @@
-/*
- * JBoss, Home of Professional Open Source.
- * Copyright 2009, Red Hat Middleware LLC, and individual contributors
- * as indicated by the @author tags. See the copyright.txt file in the
- * distribution for a full listing of individual contributors.
- *
- * This is free software; you can redistribute it and/or modify it
- * under the terms of the GNU Lesser General Public License as
- * published by the Free Software Foundation; either version 2.1 of
- * the License, or (at your option) any later version.
- *
- * This software is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public
- * License along with this software; if not, write to the Free
- * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
- * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
- */
-package org.jboss.identity.federation.core.wstrust;
-
-/**
- * <p>
- * Marker interface for the request security token types.
- * </p>
- *
- * @author <a href="mailto:sguilhen@redhat.com">Stefan Guilhen</a>
- */
-public interface BaseRequestSecurityToken
-{
-}
Deleted: identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/wstrust/BaseRequestSecurityTokenResponse.java
===================================================================
--- identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/wstrust/BaseRequestSecurityTokenResponse.java 2009-09-02 17:50:36 UTC (rev 757)
+++ identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/wstrust/BaseRequestSecurityTokenResponse.java 2009-09-03 01:56:21 UTC (rev 758)
@@ -1,33 +0,0 @@
-/*
- * JBoss, Home of Professional Open Source.
- * Copyright 2009, Red Hat Middleware LLC, and individual contributors
- * as indicated by the @author tags. See the copyright.txt file in the
- * distribution for a full listing of individual contributors.
- *
- * This is free software; you can redistribute it and/or modify it
- * under the terms of the GNU Lesser General Public License as
- * published by the Free Software Foundation; either version 2.1 of
- * the License, or (at your option) any later version.
- *
- * This software is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public
- * License along with this software; if not, write to the Free
- * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
- * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
- */
-package org.jboss.identity.federation.core.wstrust;
-
-/**
- * <p>
- * Marker interface for the security token response types.
- * </p>
- *
- * @author <a href="mailto:sguilhen@redhat.com">Stefan Guilhen</a>
- */
-public interface BaseRequestSecurityTokenResponse
-{
-}
Deleted: identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/wstrust/Lifetime.java
===================================================================
--- identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/wstrust/Lifetime.java 2009-09-02 17:50:36 UTC (rev 757)
+++ identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/wstrust/Lifetime.java 2009-09-03 01:56:21 UTC (rev 758)
@@ -1,236 +0,0 @@
-/*
- * JBoss, Home of Professional Open Source.
- * Copyright 2009, Red Hat Middleware LLC, and individual contributors
- * as indicated by the @author tags. See the copyright.txt file in the
- * distribution for a full listing of individual contributors.
- *
- * This is free software; you can redistribute it and/or modify it
- * under the terms of the GNU Lesser General Public License as
- * published by the Free Software Foundation; either version 2.1 of
- * the License, or (at your option) any later version.
- *
- * This software is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public
- * License along with this software; if not, write to the Free
- * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
- * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
- */
-package org.jboss.identity.federation.core.wstrust;
-
-import java.util.GregorianCalendar;
-
-import javax.xml.datatype.DatatypeConfigurationException;
-import javax.xml.datatype.DatatypeFactory;
-import javax.xml.datatype.XMLGregorianCalendar;
-
-import org.jboss.identity.federation.ws.trust.LifetimeType;
-import org.jboss.identity.federation.ws.wss.utility.AttributedDateTime;
-
-/**
- * <p>
- * This class represents a WS-Trust {@code Lifetime}. It wraps the JAXB {@code LifetimeType} and offer methods that
- * allows for easy retrieval of the creation and expiration times as {@code XMLGregorianCalendar} and
- * {@code GregorianCalendar} objects.
- * </p>
- *
- * @author <a href="mailto:sguilhen@redhat.com">Stefan Guilhen</a>
- */
-public class Lifetime
-{
-
- private final LifetimeType delegate;
-
- private XMLGregorianCalendar created;
-
- private XMLGregorianCalendar expires;
-
- private DatatypeFactory factory;
-
- /**
- * <p>
- * Creates an instance of {@code Lifetime} with the specified parameters.
- * </p>
- *
- * @param created a {@code GregorianCalendar} representing the token creation time.
- * @param expires a {@code GregorianCalendar} representing the token expiration time.
- */
- public Lifetime(GregorianCalendar created, GregorianCalendar expires)
- {
- try
- {
- this.factory = DatatypeFactory.newInstance();
- }
- catch (DatatypeConfigurationException dce)
- {
- throw new RuntimeException("Unable to get DatatypeFactory instance", dce);
- }
-
- // normalize the parameters (convert to UTC).
- this.created = factory.newXMLGregorianCalendar(created).normalize();
- this.expires = factory.newXMLGregorianCalendar(expires).normalize();
-
- // set the delegate fields.
- this.delegate = new LifetimeType();
- AttributedDateTime dateTime = new AttributedDateTime();
- dateTime.setValue(this.created.toXMLFormat());
- this.delegate.setCreated(dateTime);
- dateTime = new AttributedDateTime();
- dateTime.setValue(this.expires.toXMLFormat());
- this.delegate.setExpires(dateTime);
-
- }
-
- /**
- * <p>
- * Creates a {@code Lifetime} instance using the specified {@code LifetimeType}.
- * </p>
- *
- * @param lifetime a reference to the {@code LifetimeType} instance that contains the information used in the
- * {@code Lifetime} construction.
- */
- public Lifetime(LifetimeType lifetime)
- {
- if (lifetime == null)
- throw new IllegalArgumentException("Unable to create a Lifetime object from a null LifetimeType");
-
- try
- {
- this.factory = DatatypeFactory.newInstance();
- }
- catch (DatatypeConfigurationException dce)
- {
- throw new RuntimeException("Unable to get DatatypeFactory instance", dce);
- }
- this.delegate = lifetime;
-
- // construct the created and expires instances from the lifetime object.
- this.created = factory.newXMLGregorianCalendar(lifetime.getCreated().getValue());
- this.expires = factory.newXMLGregorianCalendar(lifetime.getExpires().getValue());
-
- // check if the supplied lifetime needs to be normalized.
- if (this.created.getTimezone() != 0)
- {
- this.created = this.created.normalize();
- this.delegate.getCreated().setValue(this.created.toXMLFormat());
- }
- if (this.expires.getTimezone() != 0)
- {
- this.expires = this.expires.normalize();
- this.delegate.getExpires().setValue(this.expires.toXMLFormat());
- }
- }
-
- /**
- * <p>
- * Obtains the creation time as a {@code XMLGregorianCalendar}.
- * </p>
- *
- * @return a reference to the {@code XMLGregorianCalendar} that represents the creation time.
- */
- public XMLGregorianCalendar getCreated()
- {
- return this.created;
- }
-
- /**
- * <p>
- * Sets the creation time.
- * </p>
- *
- * @param created a reference to the {@code XMLGregorianCalendar} that represents the creation time to be set.
- */
- public void setCreated(XMLGregorianCalendar created)
- {
- this.created = created.normalize();
- this.delegate.getCreated().setValue(this.created.toXMLFormat());
- }
-
- /**
- * <p>
- * Obtains the creation time as a {@code GregorianCalendar}.
- * </p>
- *
- * @return a reference to the {@code GregorianCalendar} that represents the creation time.
- */
- public GregorianCalendar getCreatedCalendar()
- {
- return this.created.toGregorianCalendar();
- }
-
- /**
- * <p>
- * Sets the creation time.
- * </p>
- *
- * @param created a reference to the {@code GregorianCalendar} that represents the creation time to be set.
- */
- public void setCreatedCalendar(GregorianCalendar created)
- {
- this.setCreated(this.factory.newXMLGregorianCalendar(created));
- }
-
- /**
- * <p>
- * Obtains the expiration time as a {@code XMLGregorianCalendar}.
- * </p>
- *
- * @return a reference to the {@code XMLGregorianCalendar} that represents the expiration time.
- */
- public XMLGregorianCalendar getExpires()
- {
- return this.expires;
- }
-
- /**
- * <p>
- * Sets the expiration time.
- * </p>
- *
- * @param expires a reference to the {@code XMLGregorianCalendar} that represents the expiration time.
- */
- public void setExpires(XMLGregorianCalendar expires)
- {
- this.expires = expires.normalize();
- this.delegate.getExpires().setValue(this.expires.toXMLFormat());
- }
-
- /**
- * <p>
- * Obtains the expiration time as a {@code GregorianCalendar}.
- * </p>
- *
- * @return a reference to the {@code GregorianCalendar} that represents the expiration time.
- */
- public GregorianCalendar getExpiresCalendar()
- {
- return this.expires.toGregorianCalendar();
- }
-
- /**
- * <p>
- * Sets the expiration time.
- * </p>
- *
- * @param expires a reference to the {@code GregorianCalendar} that represents the expiration time.
- */
- public void setExpiresCalendar(GregorianCalendar expires)
- {
- this.setExpires(this.factory.newXMLGregorianCalendar(expires));
- }
-
- /**
- * <p>
- * Obtains a reference to the {@code LifetimeType} delegate.
- * </p>
- *
- * @return a reference to the delegate instance.
- */
- public LifetimeType getDelegate()
- {
- return this.delegate;
- }
-}
Deleted: identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/wstrust/RequestSecurityToken.java
===================================================================
--- identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/wstrust/RequestSecurityToken.java 2009-09-02 17:50:36 UTC (rev 757)
+++ identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/wstrust/RequestSecurityToken.java 2009-09-03 01:56:21 UTC (rev 758)
@@ -1,1139 +0,0 @@
-/*
- * JBoss, Home of Professional Open Source.
- * Copyright 2009, Red Hat Middleware LLC, and individual contributors
- * as indicated by the @author tags. See the copyright.txt file in the
- * distribution for a full listing of individual contributors.
- *
- * This is free software; you can redistribute it and/or modify it
- * under the terms of the GNU Lesser General Public License as
- * published by the Free Software Foundation; either version 2.1 of
- * the License, or (at your option) any later version.
- *
- * This software is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public
- * License along with this software; if not, write to the Free
- * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
- * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
- */
-package org.jboss.identity.federation.core.wstrust;
-
-import java.net.URI;
-import java.util.ArrayList;
-import java.util.Collections;
-import java.util.List;
-import java.util.Map;
-
-import javax.xml.bind.JAXBElement;
-import javax.xml.namespace.QName;
-
-import org.jboss.identity.federation.ws.addressing.EndpointReferenceType;
-import org.jboss.identity.federation.ws.policy.AppliesTo;
-import org.jboss.identity.federation.ws.policy.Policy;
-import org.jboss.identity.federation.ws.policy.PolicyReference;
-import org.jboss.identity.federation.ws.trust.AllowPostdatingType;
-import org.jboss.identity.federation.ws.trust.CancelTargetType;
-import org.jboss.identity.federation.ws.trust.ClaimsType;
-import org.jboss.identity.federation.ws.trust.DelegateToType;
-import org.jboss.identity.federation.ws.trust.EncryptionType;
-import org.jboss.identity.federation.ws.trust.EntropyType;
-import org.jboss.identity.federation.ws.trust.LifetimeType;
-import org.jboss.identity.federation.ws.trust.ObjectFactory;
-import org.jboss.identity.federation.ws.trust.OnBehalfOfType;
-import org.jboss.identity.federation.ws.trust.ProofEncryptionType;
-import org.jboss.identity.federation.ws.trust.RenewTargetType;
-import org.jboss.identity.federation.ws.trust.RenewingType;
-import org.jboss.identity.federation.ws.trust.RequestSecurityTokenType;
-import org.jboss.identity.federation.ws.trust.UseKeyType;
-import org.jboss.identity.federation.ws.trust.ValidateTargetType;
-import org.w3c.dom.Document;
-import org.w3c.dom.Element;
-import org.w3c.dom.NodeList;
-
-/**
- * <p>
- * This class represents a WS-Trust {@code RequestSecurityToken}. It wraps the JAXB representation of the security
- * token request and offers a series of getter/setter methods that make it easy to work with elements that are
- * represented by the {@code Any} XML type.
- * </p>
- * <p>
- * The following shows the intended content model of a {@code RequestSecurityToken}:
- *
- * <pre>
- * <xs:element ref='wst:TokenType' minOccurs='0' />
- * <xs:element ref='wst:RequestType' />
- * <xs:element ref='wsp:AppliesTo' minOccurs='0' />
- * <xs:element ref='wst:Claims' minOccurs='0' />
- * <xs:element ref='wst:Entropy' minOccurs='0' />
- * <xs:element ref='wst:Lifetime' minOccurs='0' />
- * <xs:element ref='wst:AllowPostdating' minOccurs='0' />
- * <xs:element ref='wst:Renewing' minOccurs='0' />
- * <xs:element ref='wst:OnBehalfOf' minOccurs='0' />
- * <xs:element ref='wst:Issuer' minOccurs='0' />
- * <xs:element ref='wst:AuthenticationType' minOccurs='0' />
- * <xs:element ref='wst:KeyType' minOccurs='0' />
- * <xs:element ref='wst:KeySize' minOccurs='0' />
- * <xs:element ref='wst:SignatureAlgorithm' minOccurs='0' />
- * <xs:element ref='wst:Encryption' minOccurs='0' />
- * <xs:element ref='wst:EncryptionAlgorithm' minOccurs='0' />
- * <xs:element ref='wst:CanonicalizationAlgorithm' minOccurs='0' />
- * <xs:element ref='wst:ProofEncryption' minOccurs='0' />
- * <xs:element ref='wst:UseKey' minOccurs='0' />
- * <xs:element ref='wst:SignWith' minOccurs='0' />
- * <xs:element ref='wst:EncryptWith' minOccurs='0' />
- * <xs:element ref='wst:DelegateTo' minOccurs='0' />
- * <xs:element ref='wst:Forwardable' minOccurs='0' />
- * <xs:element ref='wst:Delegatable' minOccurs='0' />
- * <xs:element ref='wsp:Policy' minOccurs='0' />
- * <xs:element ref='wsp:PolicyReference' minOccurs='0' />
- * <xs:any namespace='##other' processContents='lax' minOccurs='0' maxOccurs='unbounded' />
- * </pre>
- *
- * </p>
- *
- * @author <a href="mailto:sguilhen@redhat.com">Stefan Guilhen</a>
- */
-public class RequestSecurityToken implements BaseRequestSecurityToken
-{
-
- private final RequestSecurityTokenType delegate;
-
- private URI tokenType;
-
- private URI requestType;
-
- private AppliesTo appliesTo;
-
- private ClaimsType claims;
-
- private EntropyType entropy;
-
- private Lifetime lifetime;
-
- private AllowPostdatingType allowPostDating;
-
- private RenewingType renewing;
-
- private OnBehalfOfType onBehalfOf;
-
- private EndpointReferenceType issuer;
-
- private URI authenticationType;
-
- private URI keyType;
-
- private long keySize;
-
- private URI signatureAlgorithm;
-
- private EncryptionType encryption;
-
- private URI encryptionAlgorithm;
-
- private URI canonicalizationAlgorithm;
-
- private ProofEncryptionType proofEncryption;
-
- private UseKeyType useKey;
-
- private URI signWith;
-
- private URI encryptWith;
-
- private DelegateToType delegateTo;
-
- private boolean forwardable;
-
- private boolean delegatable;
-
- private Policy policy;
-
- private PolicyReference policyReference;
-
- private ValidateTargetType validateTarget;
-
- private RenewTargetType renewTarget;
-
- private CancelTargetType cancelTarget;
-
- private final List<Object> extensionElements = new ArrayList<Object>();
-
- private final ObjectFactory factory = new ObjectFactory();
-
- private Document rstDocument;
-
- /**
- * <p>
- * Creates an instance of {@code RequestSecurityToken}.
- * </p>
- */
- public RequestSecurityToken()
- {
- this.delegate = new RequestSecurityTokenType();
- }
-
- /**
- * <p>
- * Creates an instance of {@code RequestSecurityToken} using the specified delegate.
- * </p>
- *
- * @param delegate the JAXB {@code RequestSecurityTokenType} that represents a WS-Trust token request.
- */
- public RequestSecurityToken(RequestSecurityTokenType delegate)
- {
- this.delegate = delegate;
- // parse the delegate's Any contents.
- for (Object obj : this.delegate.getAny())
- {
- if (obj instanceof AppliesTo)
- {
- this.appliesTo = (AppliesTo) obj;
- }
- else if (obj instanceof Policy)
- {
- this.policy = (Policy) obj;
- }
- else if (obj instanceof PolicyReference)
- {
- this.policyReference = (PolicyReference) obj;
- }
- else if (obj instanceof JAXBElement)
- {
- JAXBElement<?> element = (JAXBElement<?>) obj;
- String localName = element.getName().getLocalPart();
- if (localName.equalsIgnoreCase("TokenType"))
- this.tokenType = URI.create((String) element.getValue());
- else if (localName.equalsIgnoreCase("RequestType"))
- this.requestType = URI.create((String) element.getValue());
- else if (localName.equalsIgnoreCase("Claims"))
- this.claims = (ClaimsType) element.getValue();
- else if (localName.equalsIgnoreCase("Entropy"))
- this.entropy = (EntropyType) element.getValue();
- else if (localName.equalsIgnoreCase("Lifetime"))
- this.lifetime = new Lifetime((LifetimeType) element.getValue());
- else if (localName.equalsIgnoreCase("AllowPostdating"))
- this.allowPostDating = (AllowPostdatingType) element.getValue();
- else if (localName.equalsIgnoreCase("Renewing"))
- this.renewing = (RenewingType) element.getValue();
- else if (localName.equalsIgnoreCase("OnBehalfOf"))
- this.onBehalfOf = (OnBehalfOfType) element.getValue();
- else if (localName.equalsIgnoreCase("Issuer"))
- this.issuer = (EndpointReferenceType) element.getValue();
- else if (localName.equalsIgnoreCase("AuthenticationType"))
- this.authenticationType = URI.create((String) element.getValue());
- else if (localName.equalsIgnoreCase("KeyType"))
- this.keyType = URI.create((String) element.getValue());
- else if (localName.equalsIgnoreCase("KeySize"))
- this.keySize = (Long) element.getValue();
- else if (localName.equalsIgnoreCase("SignatureAlgorithm"))
- this.signatureAlgorithm = URI.create((String) element.getValue());
- else if (localName.equalsIgnoreCase("Encryption"))
- this.encryption = (EncryptionType) element.getValue();
- else if (localName.equalsIgnoreCase("EntropyAlgorithm"))
- this.encryptionAlgorithm = URI.create((String) element.getValue());
- else if (localName.equalsIgnoreCase("CanonicalizationAlgorithm"))
- this.canonicalizationAlgorithm = URI.create((String) element.getValue());
- else if (localName.equalsIgnoreCase("ProofEncryption"))
- this.proofEncryption = (ProofEncryptionType) element.getValue();
- else if (localName.equalsIgnoreCase("UseKey"))
- this.useKey = (UseKeyType) element.getValue();
- else if (localName.equalsIgnoreCase("SignWith"))
- this.signWith = URI.create((String) element.getValue());
- else if (localName.equalsIgnoreCase("EncryptWith"))
- this.encryptWith = URI.create((String) element.getValue());
- else if (localName.equalsIgnoreCase("DelegateTo"))
- this.delegateTo = (DelegateToType) element.getValue();
- else if (localName.equalsIgnoreCase("Forwardable"))
- this.forwardable = (Boolean) element.getValue();
- else if (localName.equalsIgnoreCase("Delegatable"))
- this.delegatable = (Boolean) element.getValue();
- else if (localName.equalsIgnoreCase("CancelTarget"))
- this.cancelTarget = (CancelTargetType) element.getValue();
- else if (localName.equalsIgnoreCase("RenewTarget"))
- this.renewTarget = (RenewTargetType) element.getValue();
- else if (localName.equalsIgnoreCase("ValidateTarget"))
- this.validateTarget = (ValidateTargetType) element.getValue();
- else
- this.extensionElements.add(element.getValue());
- }
- else
- {
- this.extensionElements.add(obj);
- }
- }
- }
-
- /**
- * Creates an instance of {@code RequestSecurityTokenType} and {@code Document}
- * @param delegate
- * @param rstDocument
- */
- public RequestSecurityToken(RequestSecurityTokenType delegate, Document rstDocument)
- {
- this(delegate);
- this.rstDocument = rstDocument;
- }
-
- /**
- * <p>
- * Obtains the {@code URI} that identifies the token type.
- * </p>
- *
- * @return a {@code URI} that represents the token type.
- */
- public URI getTokenType()
- {
- return this.tokenType;
- }
-
- /**
- * <p>
- * Sets the token type.
- * </p>
- *
- * @param tokenType a {@code URI} that identifies the token type.
- */
- public void setTokenType(URI tokenType)
- {
- this.tokenType = tokenType;
- this.delegate.getAny().add(this.factory.createTokenType(tokenType.toString()));
-
- }
-
- /**
- * <p>
- * Obtains the request type.
- * </p>
- *
- * @return a {@code URI} that identifies the request type.
- */
- public URI getRequestType()
- {
- return this.requestType;
- }
-
- /**
- * <p>
- * Sets the request type. The type must be one of the request types described in the WS-Trust specification.
- * </p>
- *
- * @param requestType a {@code URI} that identifies the request type.
- */
- public void setRequestType(URI requestType)
- {
- this.requestType = requestType;
- this.delegate.getAny().add(this.factory.createRequestType(requestType.toString()));
- }
-
- /**
- * <p>
- * Obtains the {@code AppliesTo} value of this request. The {@code AppliesTo} object identifies the service provider
- * (web service) that requires a token to be presented by clients. A STS uses this object to find the type of the
- * token that is accepted by the service provider so that it can issue appropriate tokens to clients.
- * </p>
- *
- * @return the reference to the {@code AppliesTo} object.
- */
- public AppliesTo getAppliesTo()
- {
- return this.appliesTo;
- }
-
- /**
- * <p>
- * Sets the {@code AppliesTo} value of this request. The {@code AppliesTo} object identifies the service provider
- * (web service) that requires a token to be presented by clients. A STS uses this object to find the type of the
- * token that is accepted by the service provider so that it can issue appropriate tokens to clients.
- * </p>
- *
- * @param appliesTo a reference to the {@code AppliesTo} object that identifies the service provider.
- */
- public void setAppliesTo(AppliesTo appliesTo)
- {
- this.appliesTo = appliesTo;
- this.delegate.getAny().add(appliesTo);
- }
-
- /**
- * <p>
- * Obtains the set of claims of this request.
- * </p>
- *
- * @return a reference to the {@code ClaimsType} object that represents the request's claims.
- */
- public ClaimsType getClaims()
- {
- return this.claims;
- }
-
- /**
- * <p>
- * Sets the claims of this request.
- * </p>
- *
- * @param claims the {@code ClaimsType} object that represents the claims to be set.
- */
- public void setClaims(ClaimsType claims)
- {
- this.claims = claims;
- this.delegate.getAny().add(this.factory.createClaims(claims));
- }
-
- /**
- * <p>
- * Obtains the entropy that will be used in creating the key.
- * </p>
- *
- * @return a reference to the {@code EntropyType} that represents the entropy.
- */
- public EntropyType getEntropy()
- {
- return this.entropy;
- }
-
- /**
- * <p>
- * Sets the entropy that must be used when creating the key.
- * </p>
- *
- * @param entropy the {@code EntropyType} representing the entropy to be set.
- */
- public void setEntropy(EntropyType entropy)
- {
- this.entropy = entropy;
- this.delegate.getAny().add(this.factory.createEntropy(entropy));
- }
-
- /**
- * <p>
- * Obtains the desired lifetime of the requested token.
- * </p>
- *
- * @return a reference to the {@code Lifetime} that represents the lifetime.
- */
- public Lifetime getLifetime()
- {
- return this.lifetime;
- }
-
- /**
- * <p>
- * Sets the desired lifetime of the requested token.
- * </p>
- *
- * @param lifetime the {@code Lifetime} object representing the lifetime to be set.
- */
- public void setLifetime(Lifetime lifetime)
- {
- this.lifetime = lifetime;
- this.delegate.getAny().add(this.factory.createLifetime(lifetime.getDelegate()));
- }
-
- /**
- * <p>
- * Checks whether a request for a postdated token should be allowed or not.
- * </p>
- *
- * @return {@code null} if the token can't have a future lifetime (e.g. a token to be used the next day); a
- * {@code AllowPostdatingType} otherwise.
- */
- public AllowPostdatingType getAllowPostDating()
- {
- return this.allowPostDating;
- }
-
- /**
- * <p>
- * Specifies whether a request for a postdated token should be allowed or not.
- * </p>
- *
- * @param allowPostDating {@code null} if the token can't have a future lifetime (e.g. a token to be used the next
- * day); a {@code AllowPostdatingType} otherwise.
- */
- public void setAllowPostDating(AllowPostdatingType allowPostDating)
- {
- this.allowPostDating = allowPostDating;
- this.delegate.getAny().add(this.factory.createAllowPostdating(allowPostDating));
- }
-
- /**
- * <p>
- * Obtains the renew semantics for this request.
- * </p>
- *
- * @return a reference to the {@code RenewingType} that represents the renew semantics for this request.
- */
- public RenewingType getRenewing()
- {
- return this.renewing;
- }
-
- /**
- * <p>
- * Sets the renew semantics for this request.
- * </p>
- *
- * @param renewing the {@code RenewingType} object representing the semantics to be set.
- */
- public void setRenewing(RenewingType renewing)
- {
- this.renewing = renewing;
- this.delegate.getAny().add(this.factory.createRenewing(renewing));
- }
-
- /**
- * <p>
- * Obtains the identity on whose behalf this request was made.
- * </p>
- *
- * @return a reference to the {@code OnBehalfOfType} that represents the identity on whose behalf this request was
- * made.
- */
- public OnBehalfOfType getOnBehalfOf()
- {
- return this.onBehalfOf;
- }
-
- /**
- * <p>
- * Specifies the identity on whose behalf this request is being made.
- * </p>
- *
- * @param onBehalfOf the {@code OnBehalfOfType} object representing the identity to be set.
- */
- public void setOnBehalfOf(OnBehalfOfType onBehalfOf)
- {
- this.onBehalfOf = onBehalfOf;
- this.delegate.getAny().add(this.factory.createOnBehalfOf(onBehalfOf));
- }
-
- /**
- * <p>
- * Obtains the issuer of the token included in the request in the scenarios where the requestor is obtaining a token
- * on behalf of another party.
- * </p>
- *
- * @return a reference to the {@code EndpointReferenceType} that represents the issuer.
- */
- public EndpointReferenceType getIssuer()
- {
- return this.issuer;
- }
-
- /**
- * <p>
- * Sets the issuer of the token included in the request in scenarios where the requestor is obtaining a token on
- * behalf of another party.
- * </p>
- *
- * @param issuer the {@code EndpointReferenceType} object representing the issuer to be set.
- */
- public void setIssuer(EndpointReferenceType issuer)
- {
- this.issuer = issuer;
- this.delegate.getAny().add(this.factory.createIssuer(issuer));
- }
-
- /**
- * <p>
- * Obtains the type of authentication that has been set as part of the request.
- * </p>
- *
- * @return a {@code URI} that identifies the desired authentication type.
- */
- public URI getAuthenticationType()
- {
- return this.authenticationType;
- }
-
- /**
- * <p>
- * Sets the authentication type in the request.
- * </p>
- *
- * @param authenticationType a {@code URI} that identifies the authentication type to be set.
- */
- public void setAuthenticationType(URI authenticationType)
- {
- this.authenticationType = authenticationType;
- this.delegate.getAny().add(this.factory.createAuthenticationType(authenticationType.toString()));
- }
-
- /**
- * <p>
- * Obtains the type of the key that has been set in the request.
- * </p>
- *
- * @return a {@code URI} that identifies the key type.
- */
- public URI getKeyType()
- {
- return this.keyType;
- }
-
- /**
- * <p>
- * Sets the key type in the request.
- * </p>
- *
- * @param keyType a {@code URI} that specifies the key type.
- */
- public void setKeyType(URI keyType)
- {
- this.keyType = keyType;
- this.delegate.getAny().add(this.factory.createKeyType(keyType.toString()));
- }
-
- /**
- * <p>
- * Obtains the size of they key that has been set in the request.
- * </p>
- *
- * @return a {@code long} representing the key size in bytes.
- */
- public long getKeySize()
- {
- return this.keySize;
- }
-
- /**
- * <p>
- * Sets the size of the key in the request.
- * </p>
- *
- * @param keySize a {@code long} representing the key size in bytes.
- */
- public void setKeySize(long keySize)
- {
- this.keySize = keySize;
- this.delegate.getAny().add(this.factory.createKeySize(keySize));
- }
-
- /**
- * <p>
- * Obtains the signature algorithm that has been set in the request.
- * </p>
- *
- * @return a {@code URI} that represents the signature algorithm.
- */
- public URI getSignatureAlgorithm()
- {
- return this.signatureAlgorithm;
- }
-
- /**
- * <p>
- * Sets the signature algorithm in the request.
- * </p>
- *
- * @param signatureAlgorithm a {@code URI} that represents the algorithm to be set.
- */
- public void setSignatureAlgorithm(URI signatureAlgorithm)
- {
- this.signatureAlgorithm = signatureAlgorithm;
- this.delegate.getAny().add(this.factory.createSignatureAlgorithm(signatureAlgorithm.toString()));
- }
-
- /**
- * <p>
- * Obtains the {@code Encryption} section of the request. The {@code Encryption} element indicates that the requestor
- * desires any returned secrets in issued security tokens to be encrypted.
- * </p>
- *
- * @return a reference to the {@code EncryptionType} object.
- */
- public EncryptionType getEncryption()
- {
- return this.encryption;
- }
-
- /**
- * <p>
- * Sets the {@code Encryption} section of the request. The {@code Encryption} element indicates that the requestor
- * desires any returned secrets in issued security tokens to be encrypted.
- * </p>
- *
- * @param encryption the {@code EncryptionType} to be set.
- */
- public void setEncryption(EncryptionType encryption)
- {
- this.encryption = encryption;
- this.delegate.getAny().add(this.factory.createEncryption(encryption));
- }
-
- /**
- * <p>
- * Obtains the encryption algorithm that has been set in the request.
- * </p>
- *
- * @return a {@code URI} that represents the encryption algorithm.
- */
- public URI getEncryptionAlgorithm()
- {
- return this.encryptionAlgorithm;
- }
-
- /**
- * <p>
- * Sets the encryption algorithm in the request.
- * </p>
- *
- * @param encryptionAlgorithm a {@code URI} that represents the encryption algorithm to be set.
- */
- public void setEncryptionAlgorithm(URI encryptionAlgorithm)
- {
- this.encryptionAlgorithm = encryptionAlgorithm;
- this.delegate.getAny().add(this.factory.createEncryptionAlgorithm(encryptionAlgorithm.toString()));
- }
-
- /**
- * <p>
- * Obtains the canonicalization algorithm that has been set in the request.
- * </p>
- *
- * @return a {@code URI} that represents the canonicalization algorithm.
- */
- public URI getCanonicalizationAlgorithm()
- {
- return this.canonicalizationAlgorithm;
- }
-
- /**
- * <p>
- * Sets the canonicalization algorithm in the request.
- * </p>
- *
- * @param canonicalizationAlgorithm a {@code URI} that represents the algorithm to be set.
- */
- public void setCanonicalizationAlgorithm(URI canonicalizationAlgorithm)
- {
- this.canonicalizationAlgorithm = canonicalizationAlgorithm;
- this.delegate.getAny().add(this.factory.createCanonicalizationAlgorithm(canonicalizationAlgorithm.toString()));
- }
-
- /**
- * <p>
- * Obtains the {@code ProofEncryption} section of the request. The {@code ProofEncryption} indicates that the
- * requester desires any returned secrets in issued security tokens to be encrypted.
- * </p>
- *
- * @return a reference to the {@code ProofEncryptionType} object.
- */
- public ProofEncryptionType getProofEncryption()
- {
- return this.proofEncryption;
- }
-
- /**
- * <p>
- * Sets the {@code ProofEncryption} section of the request. The {@code ProofEncryption} indicates that the requester
- * desires any returned secrets in issued security tokens to be encrypted.
- * </p>
- *
- * @param proofEncryption the {@code ProofEncryptionType} to be set.
- */
- public void setProofEncryption(ProofEncryptionType proofEncryption)
- {
- this.proofEncryption = proofEncryption;
- this.delegate.getAny().add(this.factory.createProofEncryption(proofEncryption));
- }
-
- /**
- * <p>
- * Obtains the key that should be used in the returned token.
- * </p>
- *
- * @return a reference to the {@code UseKeyType} instance that represents the key to be used.
- */
- public UseKeyType getUseKey()
- {
- return this.useKey;
- }
-
- /**
- * <p>
- * Sets the key that should be used in the returned token.
- * </p>
- *
- * @param useKey the {@code UseKeyType} instance to be set.
- */
- public void setUseKey(UseKeyType useKey)
- {
- this.useKey = useKey;
- this.delegate.getAny().add(this.factory.createUseKey(useKey));
- }
-
- /**
- * <p>
- * Obtains the signature algorithm that should be used with the issued security token.
- * </p>
- *
- * @return a {@code URI} representing the algorithm that should be used.
- */
- public URI getSignWith()
- {
- return this.signWith;
- }
-
- /**
- * <p>
- * Sets the signature algorithm that should be used with the issued security token.
- * </p>
- *
- * @param signWith a {@code URI} representing the algorithm to be used.
- */
- public void setSignWith(URI signWith)
- {
- this.signWith = signWith;
- this.delegate.getAny().add(this.factory.createSignatureAlgorithm(signWith.toString()));
- }
-
- /**
- * <p>
- * Obtains the encryption algorithm that should be used with the issued security token.
- * </p>
- *
- * @return a {@code URI} representing the encryption algorithm that should be used.
- */
- public URI getEncryptWith()
- {
- return this.encryptWith;
- }
-
- /**
- * <p>
- * Sets the encryption algorithm that should be used with the issued security token.
- * </p>
- *
- * @param encryptWith a {@code URI} representing the algorithm to be used.
- */
- public void setEncryptWith(URI encryptWith)
- {
- this.encryptWith = encryptWith;
- this.delegate.getAny().add(this.factory.createEncryptWith(encryptWith.toString()));
- }
-
- /**
- * <p>
- * Obtains the identity to which the requested token should be delegated.
- * </p>
- *
- * @return a reference to the {@code DelegateToType} instance that represents the identity.
- */
- public DelegateToType getDelegateTo()
- {
- return this.delegateTo;
- }
-
- /**
- * <p>
- * Sets the identity to which the requested token should be delegated.
- * </p>
- *
- * @param delegateTo the {@code DelegateToType} object representing the identity to be set.
- */
- public void setDelegateTo(DelegateToType delegateTo)
- {
- this.delegateTo = delegateTo;
- this.delegate.getAny().add(this.factory.createDelegateTo(delegateTo));
- }
-
- /**
- * <p>
- * Indicates whether the requested token should be marked as "forwardable" or not. In general, this flag is used when
- * a token is normally bound to the requestor's machine or service. Using this flag, the returned token MAY be used
- * from any source machine so long as the key is correctly proven.
- * </p>
- *
- * @return {@code true} if the requested token should be marked as "forwardable"; {@code false} otherwise.
- */
- public boolean isForwardable()
- {
- return this.forwardable;
- }
-
- /**
- * <p>
- * Specifies whether the requested token should be marked as "forwardable" or not. In general, this flag is used when
- * a token is normally bound to the requestor's machine or service. Using this flag, the returned token MAY be used
- * from any source machine so long as the key is correctly proven.
- * </p>
- *
- * @param forwardable {@code true} if the requested token should be marked as "forwardable"; {@code false} otherwise.
- */
- public void setForwardable(boolean forwardable)
- {
- this.forwardable = forwardable;
- this.delegate.getAny().add(this.factory.createForwardable(forwardable));
- }
-
- /**
- * <p>
- * Indicates whether the requested token should be marked as "delegatable" or not. Using this flag, the returned
- * token MAY be delegated to another party.
- * </p>
- *
- * @return {@code true} if the requested token should be marked as "delegatable"; {@code false} otherwise.
- */
- public boolean isDelegatable()
- {
- return this.delegatable;
- }
-
- /**
- * <p>
- * Specifies whether the requested token should be marked as "delegatable" or not. Using this flag, the returned
- * token MAY be delegated to another party.
- * </p>
- *
- * @param delegatable {@code true} if the requested token should be marked as "delegatable"; {@code false} otherwise.
- */
- public void setDelegatable(boolean delegatable)
- {
- this.delegatable = delegatable;
- this.delegate.getAny().add(this.factory.createDelegatable(delegatable));
- }
-
- /**
- * <p>
- * Obtains the {@code Policy} associated with the request. The policy specifies defaults that can be overridden by
- * the previous properties.
- * </p>
- *
- * @return a reference to the {@code Policy} that has been set in the request.
- */
- public Policy getPolicy()
- {
- return this.policy;
- }
-
- /**
- * <p>
- * Sets the {@code Policy} in the request. The policy specifies defaults that can be overridden by the previous
- * properties.
- * </p>
- *
- * @param policy the {@code Policy} instance to be set.
- */
- public void setPolicy(Policy policy)
- {
- this.policy = policy;
- this.delegate.getAny().add(policy);
- }
-
- /**
- * <p>
- * Obtains the reference to the {@code Policy} that should be used.
- * </p>
- *
- * @return a {@code PolicyReference} that specifies where the {@code Policy} can be found.
- */
- public PolicyReference getPolicyReference()
- {
- return this.policyReference;
- }
-
- /**
- * <p>
- * Sets the reference to the {@code Policy} that should be used.
- * </p>
- *
- * @param policyReference the {@code PolicyReference} object to be set.
- */
- public void setPolicyReference(PolicyReference policyReference)
- {
- this.policyReference = policyReference;
- this.delegate.getAny().add(policyReference);
- }
-
- /**
- * <p>
- * Obtains the list of request elements that are not part of the standard content model.
- * </p>
- *
- * @return a {@code List<Object>} containing the extension elements.
- */
- public List<Object> getExtensionElements()
- {
- return Collections.unmodifiableList(this.extensionElements);
- }
-
- /**
- * <p>
- * Obtains the request context.
- * </p>
- *
- * @return a {@code String} that identifies the request.
- */
- public String getContext()
- {
- return this.delegate.getContext();
- }
-
- /**
- * <p>
- * Sets the request context.
- * </p>
- *
- * @param context a {@code String} that identifies the request.
- */
- public void setContext(String context)
- {
- this.delegate.setContext(context);
- }
-
- /**
- * <p>
- * Obtains the {@code CancelTarget} section of the request. This element identifies the token that is to be canceled.
- * </p>
- *
- * @return a reference to the {@code CancelTargetType} that represents the {@code CancelTarget} section of the
- * WS-Trust cancel request.
- */
- public CancelTargetType getCancelTarget()
- {
- return this.cancelTarget;
- }
-
- /**
- * <p>
- * Sets the {@code CancelTarget} section of the request. This element identifies the token that is to be canceled.
- * </p>
- *
- * @param cancelTarget a reference to the {@code CancelTargetType} that identifies the token that must be canceled.
- */
- public void setCancelTarget(CancelTargetType cancelTarget)
- {
- this.cancelTarget = cancelTarget;
- this.delegate.getAny().add(this.factory.createCancelTarget(cancelTarget));
- }
-
- /**
- * <p>
- * Obtains the {@code RenewTarget} section of the request. This element identifies the token that is to be renewed.
- * </p>
- *
- * @return a reference to the {@code RenewTargetType} that represents the {@code RenewTarget} section of the WS-Trust
- * renew request.
- */
- public RenewTargetType getRenewTarget()
- {
- return this.renewTarget;
- }
-
- /**
- * <p>
- * Sets the {@code RenewTarget} section of the request. This element identifies the token that is to be renewed.
- * </p>
- *
- * @param renewTarget a reference to the {@code RenewTargetType} that identifies the token that must be renewed.
- */
- public void setRenewTarget(RenewTargetType renewTarget)
- {
- this.renewTarget = renewTarget;
- this.delegate.getAny().add(this.factory.createRenewTarget(renewTarget));
- }
-
- /**
- * <p>
- * Obtains the {@code ValidateTarget} section of the request. This element identifies the token that is to be
- * validated.
- * </p>
- *
- * @return a reference to the {@code ValidateTargetType} that represents the {@code ValidateTarget} section of the
- * WS-Trust validate request.
- */
- public ValidateTargetType getValidateTarget()
- {
- return this.validateTarget;
- }
-
- /**
- * Return the element in the document that represents
- * the validate type
- * @return
- */
- public Element getValidateTargetElement()
- {
- if(rstDocument == null)
- throw new IllegalStateException("RST Document is null");
-
- String ns = "http://docs.oasis-open.org/ws-sx/ws-trust/200512/";
- String localPart = "ValidateTarget";
-
- NodeList nodeList = rstDocument.getElementsByTagNameNS(ns,localPart);
- if(nodeList != null && nodeList.getLength() > 0)
- return (Element) nodeList.item(0);
- else
- return null;
- }
-
- /**
- * <p>
- * Sets the {@code ValidateTarged} section of the request. This elements identifies the token that is to be
- * validated.
- * </p>
- *
- * @param validateTarget a reference to the {@code ValidateTargetType} that identifies the token that must be
- * validated.
- */
- public void setValidateTarget(ValidateTargetType validateTarget)
- {
- this.validateTarget = validateTarget;
- this.delegate.getAny().add(this.factory.createValidateTarget(validateTarget));
- }
-
- /**
- * <p>
- * Obtains a map that contains attributes that aren't bound to any typed property on the request. This is a live
- * reference, so attributes can be added/changed/removed directly. For this reason, there is no setter method.
- * </p>
- *
- * @return a {@code Map<QName, String>} that contains the attributes.
- */
- public Map<QName, String> getOtherAttributes()
- {
- return this.delegate.getOtherAttributes();
- }
-
- /**
- * <p>
- * Gets a reference to the list that holds all request element values.
- * </p>
- *
- * @return a {@code List<Object>} containing all values specified in the request.
- */
- public List<Object> getAny()
- {
- return this.delegate.getAny();
- }
-
- /**
- * <p>
- * Obtains a reference to the {@code RequestSecurityTokenType} delegate.
- * </p>
- *
- * @return a reference to the delegate instance.
- */
- public RequestSecurityTokenType getDelegate()
- {
- return this.delegate;
- }
-
- /**
- * Get the {@code Document} document representing the request
- * @return
- */
- public Document getRSTDocument()
- {
- return this.rstDocument;
- }
-
- public void setRSTDocument(Document rstDocument)
- {
- this.rstDocument = rstDocument;
- }
-}
\ No newline at end of file
Deleted: identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/wstrust/RequestSecurityTokenCollection.java
===================================================================
--- identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/wstrust/RequestSecurityTokenCollection.java 2009-09-02 17:50:36 UTC (rev 757)
+++ identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/wstrust/RequestSecurityTokenCollection.java 2009-09-03 01:56:21 UTC (rev 758)
@@ -1,122 +0,0 @@
-/*
- * JBoss, Home of Professional Open Source.
- * Copyright 2009, Red Hat Middleware LLC, and individual contributors
- * as indicated by the @author tags. See the copyright.txt file in the
- * distribution for a full listing of individual contributors.
- *
- * This is free software; you can redistribute it and/or modify it
- * under the terms of the GNU Lesser General Public License as
- * published by the Free Software Foundation; either version 2.1 of
- * the License, or (at your option) any later version.
- *
- * This software is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public
- * License along with this software; if not, write to the Free
- * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
- * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
- */
-package org.jboss.identity.federation.core.wstrust;
-
-import java.util.ArrayList;
-import java.util.Collections;
-import java.util.List;
-
-import org.jboss.identity.federation.ws.trust.RequestSecurityTokenCollectionType;
-import org.jboss.identity.federation.ws.trust.RequestSecurityTokenType;
-
-/**
- * <p>
- * This class represents a WS-Trust {@code RequestSecurityTokenCollection}. It wraps the JAXB representation of the
- * security token collection request.
- * </p>
- *
- * @author <a href="mailto:sguilhen@redhat.com">Stefan Guilhen</a>
- */
-public class RequestSecurityTokenCollection implements BaseRequestSecurityToken
-{
-
- private final RequestSecurityTokenCollectionType delegate;
-
- private final List<RequestSecurityToken> requestSecurityTokens;
-
- /**
- * <p>
- * Creates an instance of {@code RequestSecurityTokenCollection}.
- * </p>
- */
- public RequestSecurityTokenCollection()
- {
- this.requestSecurityTokens = new ArrayList<RequestSecurityToken>();
- this.delegate = new RequestSecurityTokenCollectionType();
- }
-
- /**
- * <p>
- * Creates an instance of {@code RequestSecurityTokenCollection} using the specified delegate.
- * </p>
- *
- * @param delegate the JAXB {@code RequestSecurityTokenCollectionType} that represents a WS-Trust request collection.
- */
- public RequestSecurityTokenCollection(RequestSecurityTokenCollectionType delegate)
- {
- this.delegate = delegate;
- this.requestSecurityTokens = new ArrayList<RequestSecurityToken>();
- for (RequestSecurityTokenType request : delegate.getRequestSecurityToken())
- this.requestSecurityTokens.add(new RequestSecurityToken(request));
- }
-
- /**
- * <p>
- * Obtains the collection of {@code RequestSecurityToken} objects. The returned collection is immutable, so addition
- * or removal of requests must be carried by the appropriate add/remove methods.
- * </p>
- *
- * @return a {@code List<RequestSecurityToken>} containing the token requests.
- */
- public List<RequestSecurityToken> getRequestSecurityTokens()
- {
- return Collections.unmodifiableList(this.requestSecurityTokens);
- }
-
- /**
- * <p>
- * Adds the specified {@code RequestSecurityToken} object to the collection of token requests.
- * </p>
- *
- * @param request the {@code RequestSecurityToken} to be added.
- */
- public void addRequestSecurityToken(RequestSecurityToken request)
- {
- this.delegate.getRequestSecurityToken().add(request.getDelegate());
- this.requestSecurityTokens.add(request);
- }
-
- /**
- * <p>
- * Removes the specified {@code RequestSecurityToken} object from the collection of token requests.
- * </p>
- *
- * @param request the {@code RequestSecurityToken} to be removed.
- */
- public void removeRequestSecurityToken(RequestSecurityToken request)
- {
- this.delegate.getRequestSecurityToken().remove(request.getDelegate());
- this.requestSecurityTokens.remove(request);
- }
-
- /**
- * <p>
- * Obtains a reference to the {@code RequestSecurityTokenCollectionType} delegate.
- * </p>
- *
- * @return a reference to the delegate instance.
- */
- public RequestSecurityTokenCollectionType getDelegate()
- {
- return this.delegate;
- }
-}
Deleted: identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/wstrust/RequestSecurityTokenResponse.java
===================================================================
--- identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/wstrust/RequestSecurityTokenResponse.java 2009-09-02 17:50:36 UTC (rev 757)
+++ identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/wstrust/RequestSecurityTokenResponse.java 2009-09-03 01:56:21 UTC (rev 758)
@@ -1,1159 +0,0 @@
-/*
- * JBoss, Home of Professional Open Source.
- * Copyright 2009, Red Hat Middleware LLC, and individual contributors
- * as indicated by the @author tags. See the copyright.txt file in the
- * distribution for a full listing of individual contributors.
- *
- * This is free software; you can redistribute it and/or modify it
- * under the terms of the GNU Lesser General Public License as
- * published by the Free Software Foundation; either version 2.1 of
- * the License, or (at your option) any later version.
- *
- * This software is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public
- * License along with this software; if not, write to the Free
- * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
- * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
- */
-package org.jboss.identity.federation.core.wstrust;
-
-import java.net.URI;
-import java.net.URISyntaxException;
-import java.util.ArrayList;
-import java.util.Collections;
-import java.util.List;
-import java.util.Map;
-
-import javax.xml.bind.JAXBElement;
-import javax.xml.namespace.QName;
-
-import org.jboss.identity.federation.ws.addressing.EndpointReferenceType;
-import org.jboss.identity.federation.ws.policy.AppliesTo;
-import org.jboss.identity.federation.ws.policy.Policy;
-import org.jboss.identity.federation.ws.policy.PolicyReference;
-import org.jboss.identity.federation.ws.trust.AllowPostdatingType;
-import org.jboss.identity.federation.ws.trust.AuthenticatorType;
-import org.jboss.identity.federation.ws.trust.DelegateToType;
-import org.jboss.identity.federation.ws.trust.EncryptionType;
-import org.jboss.identity.federation.ws.trust.EntropyType;
-import org.jboss.identity.federation.ws.trust.LifetimeType;
-import org.jboss.identity.federation.ws.trust.ObjectFactory;
-import org.jboss.identity.federation.ws.trust.OnBehalfOfType;
-import org.jboss.identity.federation.ws.trust.ProofEncryptionType;
-import org.jboss.identity.federation.ws.trust.RenewingType;
-import org.jboss.identity.federation.ws.trust.RequestSecurityTokenResponseType;
-import org.jboss.identity.federation.ws.trust.RequestedProofTokenType;
-import org.jboss.identity.federation.ws.trust.RequestedReferenceType;
-import org.jboss.identity.federation.ws.trust.RequestedSecurityTokenType;
-import org.jboss.identity.federation.ws.trust.StatusType;
-import org.jboss.identity.federation.ws.trust.UseKeyType;
-
-/**
- * <p>
- * This class represents a WS-Trust {@code RequestSecurityTokenResponse}. It wraps the JAXB representation of the
- * security token response and offers a series of getter/setter methods that make it easy to work with elements that are
- * represented by the {@code Any} XML type.
- * </p>
- * <p>
- * The following shows the intended content model of a {@code RequestSecurityTokenResponse}:
- *
- * <pre>
- * <xs:element ref='wst:TokenType' minOccurs='0' />
- * <xs:element ref='wst:RequestType' />
- * <xs:element ref='wst:RequestedSecurityToken' minOccurs='0' />
- * <xs:element ref='wsp:AppliesTo' minOccurs='0' />
- * <xs:element ref='wst:RequestedAttachedReference' minOccurs='0' />
- * <xs:element ref='wst:RequestedUnattachedReference' minOccurs='0' />
- * <xs:element ref='wst:RequestedProofToken' minOccurs='0' />
- * <xs:element ref='wst:Entropy' minOccurs='0' />
- * <xs:element ref='wst:Lifetime' minOccurs='0' />
- * <xs:element ref='wst:Status' minOccurs='0' />
- * <xs:element ref='wst:AllowPostdating' minOccurs='0' />
- * <xs:element ref='wst:Renewing' minOccurs='0' />
- * <xs:element ref='wst:OnBehalfOf' minOccurs='0' />
- * <xs:element ref='wst:Issuer' minOccurs='0' />
- * <xs:element ref='wst:AuthenticationType' minOccurs='0' />
- * <xs:element ref='wst:Authenticator' minOccurs='0' />
- * <xs:element ref='wst:KeyType' minOccurs='0' />
- * <xs:element ref='wst:KeySize' minOccurs='0' />
- * <xs:element ref='wst:SignatureAlgorithm' minOccurs='0' />
- * <xs:element ref='wst:Encryption' minOccurs='0' />
- * <xs:element ref='wst:EncryptionAlgorithm' minOccurs='0' />
- * <xs:element ref='wst:CanonicalizationAlgorithm' minOccurs='0' />
- * <xs:element ref='wst:ProofEncryption' minOccurs='0' />
- * <xs:element ref='wst:UseKey' minOccurs='0' />
- * <xs:element ref='wst:SignWith' minOccurs='0' />
- * <xs:element ref='wst:EncryptWith' minOccurs='0' />
- * <xs:element ref='wst:DelegateTo' minOccurs='0' />
- * <xs:element ref='wst:Forwardable' minOccurs='0' />
- * <xs:element ref='wst:Delegatable' minOccurs='0' />
- * <xs:element ref='wsp:Policy' minOccurs='0' />
- * <xs:element ref='wsp:PolicyReference' minOccurs='0' />
- * <xs:any namespace='##other' processContents='lax' minOccurs='0' maxOccurs='unbounded' />
- * </pre>
- *
- * </p>
- *
- * @author <a href="mailto:sguilhen@redhat.com">Stefan Guilhen</a>
- */
-/**
- * <p>
- * </p>
- *
- * @author <a href="mailto:sguilhen@redhat.com">Stefan Guilhen</a>
- */
-public class RequestSecurityTokenResponse implements BaseRequestSecurityTokenResponse
-{
-
- private final RequestSecurityTokenResponseType delegate;
-
- private URI tokenType;
-
- private URI requestType;
-
- private RequestedSecurityTokenType requestedSecurityToken;
-
- private AppliesTo appliesTo;
-
- private RequestedReferenceType requestedAttachedReference;
-
- private RequestedReferenceType requestedUnattachedReference;
-
- private RequestedProofTokenType requestedProofToken;
-
- private EntropyType entropy;
-
- private Lifetime lifetime;
-
- private StatusType status;
-
- private AllowPostdatingType allowPostDating;
-
- private RenewingType renewing;
-
- private OnBehalfOfType onBehalfOf;
-
- private EndpointReferenceType issuer;
-
- private URI authenticationType;
-
- private AuthenticatorType authenticator;
-
- private URI keyType;
-
- private long keySize;
-
- private URI signatureAlgorithm;
-
- private EncryptionType encryption;
-
- private URI encryptionAlgorithm;
-
- private URI canonicalizationAlgorithm;
-
- private ProofEncryptionType proofEncryption;
-
- private UseKeyType useKey;
-
- private URI signWith;
-
- private URI encryptWith;
-
- private DelegateToType delegateTo;
-
- private boolean forwardable;
-
- private boolean delegatable;
-
- private Policy policy;
-
- private PolicyReference policyReference;
-
- private final List<Object> extensionElements = new ArrayList<Object>();
-
- private final ObjectFactory factory = new ObjectFactory();
-
- /**
- * <p>
- * Creates an instance of {@code RequestSecurityTokenResponse}.
- * </p>
- */
- public RequestSecurityTokenResponse()
- {
- this.delegate = new RequestSecurityTokenResponseType();
- }
-
- /**
- * <p>
- * Creates an instance of {@code RequestSecurityTokenResponse} using the specified delegate.
- * </p>
- *
- * @param delegate the JAXB {@code RequestSecurityTokenResponseType} that represents a WS-Trust response.
- */
- public RequestSecurityTokenResponse(RequestSecurityTokenResponseType delegate)
- {
- this.delegate = delegate;
- // parse the delegate's Any contents.
- try
- {
- for (Object obj : this.delegate.getAny())
- {
- if (obj instanceof AppliesTo)
- {
- this.appliesTo = (AppliesTo) obj;
- }
- else if (obj instanceof Policy)
- {
- this.policy = (Policy) obj;
- }
- else if (obj instanceof PolicyReference)
- {
- this.policyReference = (PolicyReference) obj;
- }
- else if (obj instanceof JAXBElement)
- {
- JAXBElement<?> element = (JAXBElement<?>) obj;
- String localName = element.getName().getLocalPart();
- if (localName.equalsIgnoreCase("TokenType"))
- this.tokenType = new URI((String) element.getValue());
- else if (localName.equalsIgnoreCase("RequestType"))
- this.requestType = new URI((String) element.getValue());
- else if (localName.equalsIgnoreCase("RequestedSecurityToken"))
- this.requestedSecurityToken = (RequestedSecurityTokenType) element.getValue();
- else if (localName.equalsIgnoreCase("RequestedAttachedReference"))
- this.requestedAttachedReference = (RequestedReferenceType) element.getValue();
- else if (localName.equalsIgnoreCase("RequestedUnattachedReference"))
- this.requestedUnattachedReference = (RequestedReferenceType) element.getValue();
- else if (localName.equalsIgnoreCase("RequestedProofToken"))
- this.requestedProofToken = (RequestedProofTokenType) element.getValue();
- else if (localName.equalsIgnoreCase("Entropy"))
- this.entropy = (EntropyType) element.getValue();
- else if (localName.equalsIgnoreCase("Lifetime"))
- this.lifetime = new Lifetime((LifetimeType) element.getValue());
- else if (localName.equalsIgnoreCase("Status"))
- this.status = (StatusType) element.getValue();
- else if (localName.equalsIgnoreCase("AllowPostdating"))
- this.allowPostDating = (AllowPostdatingType) element.getValue();
- else if (localName.equalsIgnoreCase("Renewing"))
- this.renewing = (RenewingType) element.getValue();
- else if (localName.equalsIgnoreCase("OnBehalfOf"))
- this.onBehalfOf = (OnBehalfOfType) element.getValue();
- else if (localName.equalsIgnoreCase("Issuer"))
- this.issuer = (EndpointReferenceType) element.getValue();
- else if (localName.equalsIgnoreCase("AuthenticationType"))
- this.authenticationType = new URI((String) element.getValue());
- else if (localName.equalsIgnoreCase("Authenticator"))
- this.authenticator = (AuthenticatorType) element.getValue();
- else if (localName.equalsIgnoreCase("KeyType"))
- this.keyType = new URI((String) element.getValue());
- else if (localName.equalsIgnoreCase("KeySize"))
- this.keySize = (Long) element.getValue();
- else if (localName.equalsIgnoreCase("SignatureAlgorithm"))
- this.signatureAlgorithm = new URI((String) element.getValue());
- else if (localName.equalsIgnoreCase("Encryption"))
- this.encryption = (EncryptionType) element.getValue();
- else if (localName.equalsIgnoreCase("EntropyAlgorithm"))
- this.encryptionAlgorithm = new URI((String) element.getValue());
- else if (localName.equalsIgnoreCase("CanonicalizationAlgorithm"))
- this.canonicalizationAlgorithm = new URI((String) element.getValue());
- else if (localName.equalsIgnoreCase("ProofEncryption"))
- this.proofEncryption = (ProofEncryptionType) element.getValue();
- else if (localName.equalsIgnoreCase("UseKey"))
- this.useKey = (UseKeyType) element.getValue();
- else if (localName.equalsIgnoreCase("SignWith"))
- this.signWith = new URI((String) element.getValue());
- else if (localName.equalsIgnoreCase("EncryptWith"))
- this.encryptWith = new URI((String) element.getValue());
- else if (localName.equalsIgnoreCase("DelegateTo"))
- this.delegateTo = (DelegateToType) element.getValue();
- else if (localName.equalsIgnoreCase("Forwardable"))
- this.forwardable = (Boolean) element.getValue();
- else if (localName.equalsIgnoreCase("Delegatable"))
- this.delegatable = (Boolean) element.getValue();
- else
- this.extensionElements.add(element.getValue());
- }
- else
- {
- this.extensionElements.add(obj);
- }
- }
- }
- catch (URISyntaxException e)
- {
- throw new RuntimeException(e.getMessage(), e);
- }
- }
-
- /**
- * <p>
- * Obtains the {@code URI} that identifies the token type.
- * </p>
- *
- * @return a {@code URI} that represents the token type.
- */
- public URI getTokenType()
- {
- return tokenType;
- }
-
- /**
- * <p>
- * Sets the token type.
- * </p>
- *
- * @param tokenType a {@code URI} that identifies the token type.
- */
- public void setTokenType(URI tokenType)
- {
- this.tokenType = tokenType;
- this.delegate.getAny().add(this.factory.createTokenType(tokenType.toString()));
-
- }
-
- /**
- * <p>
- * Obtains the request type.
- * </p>
- *
- * @return a {@code URI} that identifies the request type.
- */
- public URI getRequestType()
- {
- return requestType;
- }
-
- /**
- * <p>
- * Sets the request type. The type must be one of the request types described in the WS-Trust specification.
- * </p>
- *
- * @param requestType a {@code URI} that identifies the request type.
- */
- public void setRequestType(URI requestType)
- {
- this.requestType = requestType;
- this.delegate.getAny().add(this.factory.createRequestType(requestType.toString()));
- }
-
- /**
- * <p>
- * Obtains the requested security token that has been set in the response.
- * </p>
- *
- * @return a reference to the {@code RequestedSecurityTokenType} that contains the token.
- */
- public RequestedSecurityTokenType getRequestedSecurityToken()
- {
- return requestedSecurityToken;
- }
-
- /**
- * <p>
- * Sets the requested security token in the response.
- * </p>
- *
- * @param requestedSecurityToken the {@code RequestedSecurityTokenType} instance to be set.
- */
- public void setRequestedSecurityToken(RequestedSecurityTokenType requestedSecurityToken)
- {
- this.requestedSecurityToken = requestedSecurityToken;
- this.delegate.getAny().add(this.factory.createRequestedSecurityToken(requestedSecurityToken));
- }
-
- /**
- * <p>
- * Obtains the scope to which the security token applies.
- * </p>
- *
- * @return a reference to the {@code AppliesTo} instance that represents the token scope.
- */
- public AppliesTo getAppliesTo()
- {
- return appliesTo;
- }
-
- /**
- * <p>
- * Sets the scope to which the security token applies.
- * </p>
- *
- * @param appliesTo a reference to the {@code AppliesTo} object that represents the scope to be set.
- */
- public void setAppliesTo(AppliesTo appliesTo)
- {
- this.appliesTo = appliesTo;
- this.delegate.getAny().add(appliesTo);
- }
-
- /**
- * <p>
- * Obtains the {@code RequestedAttachedReference} that indicate how to reference the returned token when that token
- * doesn't support references using URI fragments (XML ID).
- * </p>
- *
- * @return a {@code RequestedReferenceType} that represents the token reference.
- */
- public RequestedReferenceType getRequestedAttachedReference()
- {
- return requestedAttachedReference;
- }
-
- /**
- * <p>
- * Sets the {@code RequestedAttachedReference} that indicate how to reference the returned token when that token
- * doesn't support references using URI fragments (XML ID).
- * </p>
- *
- * @param requestedAttachedReference the {@code RequestedReferenceType} instance to be set.
- */
- public void setRequestedAttachedReference(RequestedReferenceType requestedAttachedReference)
- {
- this.requestedAttachedReference = requestedAttachedReference;
- this.delegate.getAny().add(this.factory.createRequestedAttachedReference(requestedAttachedReference));
- }
-
- /**
- * <p>
- * Obtains the {@code RequestedUnattachedReference} that specifies to indicate how to reference the token when it is
- * not placed inside the message.
- * </p>
- *
- * @return a {@code RequestedReferenceType} that represents the unattached reference.
- */
- public RequestedReferenceType getRequestedUnattachedReference()
- {
- return requestedUnattachedReference;
- }
-
- /**
- * <p>
- * Sets the {@code RequestedUnattachedReference} that specifies to indicate how to reference the token when it is not
- * placed inside the message.
- * </p>
- *
- * @param requestedUnattachedReference the {@code RequestedReferenceType} instance to be set.
- */
- public void setRequestedUnattachedReference(RequestedReferenceType requestedUnattachedReference)
- {
- this.requestedUnattachedReference = requestedUnattachedReference;
- this.delegate.getAny().add(this.factory.createRequestedUnattachedReference(requestedUnattachedReference));
- }
-
- /**
- * <p>
- * Obtains the proof of possession token that has been set in the response.
- * </p>
- *
- * @return a reference to the {@code RequestedProofTokenType} that contains the token.
- */
- public RequestedProofTokenType getRequestedProofToken()
- {
- return requestedProofToken;
- }
-
- /**
- * <p>
- * Sets the proof of possesion token in the response.
- * </p>
- *
- * @param requestedProofToken the {@code RequestedProofTokenType} instance to be set.
- */
- public void setRequestedProofToken(RequestedProofTokenType requestedProofToken)
- {
- this.requestedProofToken = requestedProofToken;
- this.delegate.getAny().add(this.factory.createRequestedProofToken(requestedProofToken));
- }
-
- /**
- * <p>
- * Obtains the entropy that has been used in creating the key.
- * </p>
- *
- * @return a reference to the {@code EntropyType} that represents the entropy.
- */
- public EntropyType getEntropy()
- {
- return entropy;
- }
-
- /**
- * <p>
- * Sets the entropy that has been used in creating the key.
- * </p>
- *
- * @param entropy the {@code EntropyType} representing the entropy to be set.
- */
- public void setEntropy(EntropyType entropy)
- {
- this.entropy = entropy;
- this.delegate.getAny().add(this.factory.createEntropy(entropy));
- }
-
- /**
- * <p>
- * Obtains the lifetime of the security token.
- * </p>
- *
- * @return a reference to the {@code Lifetime} that represents the lifetime of the security token.
- */
- public Lifetime getLifetime()
- {
- return lifetime;
- }
-
- /**
- * <p>
- * Sets the lifetime of the security token.
- * </p>
- *
- * @param lifetime the {@code Lifetime} object representing the lifetime to be set.
- */
- public void setLifetime(Lifetime lifetime)
- {
- this.lifetime = lifetime;
- this.delegate.getAny().add(this.factory.createLifetime(lifetime.getDelegate()));
- }
-
- /**
- * <p>
- * Obtains the result of a security token validation.
- * </p>
- *
- * @return a referece to the {@code StatusType} instance that represents the status of the validation.
- */
- public StatusType getStatus()
- {
- return status;
- }
-
- /**
- * <p>
- * Sets the result of a security token validation.
- * </p>
- *
- * @param status the {@code StatusType} instance to be set.
- */
- public void setStatus(StatusType status)
- {
- this.status = status;
- this.delegate.getAny().add(this.factory.createStatus(status));
- }
-
- /**
- * <p>
- * Checks whether the returned token is a postdated token or not.
- * </p>
- *
- * @return {@code null} if the token is not postdated; a {@code AllowPostdatingType} otherwise.
- */
- public AllowPostdatingType getAllowPostDating()
- {
- return allowPostDating;
- }
-
- /**
- * <p>
- * Specifies whether the returned token is a postdated token or not.
- * </p>
- *
- * @param allowPostDating {@code null} if the token is not postdated; a {@code AllowPostdatingType} otherwise.
- */
- public void setAllowPostDating(AllowPostdatingType allowPostDating)
- {
- this.allowPostDating = allowPostDating;
- this.delegate.getAny().add(this.factory.createAllowPostdating(allowPostDating));
- }
-
- /**
- * <p>
- * Obtains the renew semantics for the token request.
- * </p>
- *
- * @return a reference to the {@code RenewingType} that represents the renew semantics for the request.
- */
- public RenewingType getRenewing()
- {
- return renewing;
- }
-
- /**
- * <p>
- * Sets the renew semantics for the token request.
- * </p>
- *
- * @param renewing the {@code RenewingType} object representing the semantics to be set.
- */
- public void setRenewing(RenewingType renewing)
- {
- this.renewing = renewing;
- this.delegate.getAny().add(this.factory.createRenewing(renewing));
- }
-
- /**
- * <p>
- * Obtains the identity on whose behalf the token request was made.
- * </p>
- *
- * @return a reference to the {@code OnBehalfOfType} that represents the identity on whose behalf the token request
- * was made.
- */
- public OnBehalfOfType getOnBehalfOf()
- {
- return onBehalfOf;
- }
-
- /**
- * <p>
- * Specifies the identity on whose behalf the token request was made.
- * </p>
- *
- * @param onBehalfOf the {@code OnBehalfOfType} object representing the identity to be set.
- */
- public void setOnBehalfOf(OnBehalfOfType onBehalfOf)
- {
- this.onBehalfOf = onBehalfOf;
- this.delegate.getAny().add(this.factory.createOnBehalfOf(onBehalfOf));
- }
-
- /**
- * <p>
- * Obtains the issuer of the token included in the request in the scenarios where the requestor is obtaining a token
- * on behalf of another party.
- * </p>
- *
- * @return a reference to the {@code EndpointReferenceType} that represents the issuer.
- */
- public EndpointReferenceType getIssuer()
- {
- return this.issuer;
- }
-
- /**
- * <p>
- * Sets the issuer of the token included in the request in scenarios where the requestor is obtaining a token on
- * behalf of another party.
- * </p>
- *
- * @param issuer the {@code EndpointReferenceType} object representing the issuer to be set.
- */
- public void setIssuer(EndpointReferenceType issuer)
- {
- this.issuer = issuer;
- this.delegate.getAny().add(this.factory.createIssuer(issuer));
- }
-
- /**
- * <p>
- * Obtains the type of authentication that is to be conducted.
- * </p>
- *
- * @return a {@code URI} that identifies the authentication type.
- */
- public URI getAuthenticationType()
- {
- return authenticationType;
- }
-
- /**
- * <p>
- * Sets the authentication type in the response.
- * </p>
- *
- * @param authenticationType a {@code URI} that identifies the authentication type to be set.
- */
- public void setAuthenticationType(URI authenticationType)
- {
- this.authenticationType = authenticationType;
- this.delegate.getAny().add(this.factory.createAuthenticationType(authenticationType.toString()));
- }
-
- /**
- * <p>
- * Obtains the authenticator that must be used in authenticating exchanges.
- * </p>
- *
- * @return a reference to the {@code AuthenticatorType} that represents the authenticator.
- */
- public AuthenticatorType getAuthenticator()
- {
- return authenticator;
- }
-
- /**
- * <p>
- * Sets the authenticator that must be used in authenticating exchanges.
- * </p>
- *
- * @param authenticator the {@code AuthenticatorType} instance to be set.
- */
- public void setAuthenticator(AuthenticatorType authenticator)
- {
- this.authenticator = authenticator;
- this.delegate.getAny().add(this.factory.createAuthenticator(authenticator));
- }
-
- /**
- * <p>
- * Obtains the type of the key that has been set in the response.
- * </p>
- *
- * @return a {@code URI} that identifies the key type.
- */
- public URI getKeyType()
- {
- return keyType;
- }
-
- /**
- * <p>
- * Sets the key type in the response.
- * </p>
- *
- * @param keyType a {@code URI} that specifies the key type.
- */
- public void setKeyType(URI keyType)
- {
- this.keyType = keyType;
- this.delegate.getAny().add(this.factory.createKeyType(keyType.toString()));
- }
-
- /**
- * <p>
- * Obtains the size of they key that has been set in the response.
- * </p>
- *
- * @return a {@code long} representing the key size in bytes.
- */
- public long getKeySize()
- {
- return keySize;
- }
-
- /**
- * <p>
- * Sets the size of the key in the response.
- * </p>
- *
- * @param keySize a {@code long} representing the key size in bytes.
- */
- public void setKeySize(long keySize)
- {
- this.keySize = keySize;
- this.delegate.getAny().add(this.factory.createKeySize(keySize));
- }
-
- /**
- * <p>
- * Obtains the signature algorithm that has been set in the response.
- * </p>
- *
- * @return a {@code URI} that represents the signature algorithm.
- */
- public URI getSignatureAlgorithm()
- {
- return signatureAlgorithm;
- }
-
- /**
- * <p>
- * Sets the signature algorithm in the response.
- * </p>
- *
- * @param signatureAlgorithm a {@code URI} that represents the algorithm to be set.
- */
- public void setSignatureAlgorithm(URI signatureAlgorithm)
- {
- this.signatureAlgorithm = signatureAlgorithm;
- this.delegate.getAny().add(this.factory.createSignatureAlgorithm(signatureAlgorithm.toString()));
- }
-
- /**
- * <p>
- * Obtains the {@code Encryption} section of the response. The {@code Encryption} element indicates that the
- * requestor desires any returned secrets in issued security tokens to be encrypted.
- * </p>
- *
- * @return a reference to the {@code EncryptionType} object.
- */
- public EncryptionType getEncryption()
- {
- return encryption;
- }
-
- /**
- * <p>
- * Sets the {@code Encryption} section of the response. The {@code Encryption} element indicates that the requestor
- * desires any returned secrets in issued security tokens to be encrypted.
- * </p>
- *
- * @param encryption the {@code EncryptionType} to be set.
- */
- public void setEncryption(EncryptionType encryption)
- {
- this.encryption = encryption;
- this.delegate.getAny().add(this.factory.createEncryption(encryption));
- }
-
- /**
- * <p>
- * Obtains the encryption algorithm that has been set in the response.
- * </p>
- *
- * @return a {@code URI} that represents the encryption algorithm.
- */
- public URI getEncryptionAlgorithm()
- {
- return encryptionAlgorithm;
- }
-
- /**
- * <p>
- * Sets the encryption algorithm in the response.
- * </p>
- *
- * @param encryptionAlgorithm a {@code URI} that represents the encryption algorithm to be set.
- */
- public void setEncryptionAlgorithm(URI encryptionAlgorithm)
- {
- this.encryptionAlgorithm = encryptionAlgorithm;
- this.delegate.getAny().add(this.factory.createEncryptionAlgorithm(encryptionAlgorithm.toString()));
- }
-
- /**
- * <p>
- * Obtains the canonicalization algorithm that has been set in the response.
- * </p>
- *
- * @return a {@code URI} that represents the canonicalization algorithm.
- */
- public URI getCanonicalizationAlgorithm()
- {
- return canonicalizationAlgorithm;
- }
-
- /**
- * <p>
- * Sets the canonicalization algorithm in the response.
- * </p>
- *
- * @param canonicalizationAlgorithm a {@code URI} that represents the algorithm to be set.
- */
- public void setCanonicalizationAlgorithm(URI canonicalizationAlgorithm)
- {
- this.canonicalizationAlgorithm = canonicalizationAlgorithm;
- this.delegate.getAny().add(this.factory.createCanonicalizationAlgorithm(canonicalizationAlgorithm.toString()));
- }
-
- /**
- * <p>
- * Obtains the {@code ProofEncryption} section of the response. The {@code ProofEncryption} indicates that the
- * requestor desires any returned secrets in issued security tokens to be encrypted.
- * </p>
- *
- * @return a reference to the {@code ProofEncryptionType} object.
- */
- public ProofEncryptionType getProofEncryption()
- {
- return proofEncryption;
- }
-
- /**
- * <p>
- * Sets the {@code ProofEncryption} section of the response. The {@code ProofEncryption} indicates that the requestor
- * desires any returned secrets in issued security tokens to be encrypted.
- * </p>
- *
- * @param proofEncryption the {@code ProofEncryptionType} to be set.
- */
- public void setProofEncryption(ProofEncryptionType proofEncryption)
- {
- this.proofEncryption = proofEncryption;
- this.delegate.getAny().add(this.factory.createProofEncryption(proofEncryption));
- }
-
- /**
- * <p>
- * Obtains the key that used in the returned token.
- * </p>
- *
- * @return a reference to the {@code UseKeyType} instance that represents the key used.
- */
- public UseKeyType getUseKey()
- {
- return useKey;
- }
-
- /**
- * <p>
- * Sets the key that used in the returned token.
- * </p>
- *
- * @param useKey the {@code UseKeyType} instance to be set.
- */
- public void setUseKey(UseKeyType useKey)
- {
- this.useKey = useKey;
- this.delegate.getAny().add(this.factory.createUseKey(useKey));
- }
-
- /**
- * <p>
- * Obtains the signature algorithm used with the issued security token.
- * </p>
- *
- * @return a {@code URI} representing the algorithm used.
- */
- public URI getSignWith()
- {
- return signWith;
- }
-
- /**
- * <p>
- * Sets the signature algorithm used with the issued security token.
- * </p>
- *
- * @param signWith a {@code URI} representing the algorithm used.
- */
- public void setSignWith(URI signWith)
- {
- this.signWith = signWith;
- this.delegate.getAny().add(this.factory.createSignatureAlgorithm(signWith.toString()));
- }
-
- /**
- * <p>
- * Obtains the encryption algorithm used with the issued security token.
- * </p>
- *
- * @return a {@code URI} representing the encryption algorithm used.
- */
- public URI getEncryptWith()
- {
- return encryptWith;
- }
-
- /**
- * <p>
- * Sets the encryption algorithm used with the issued security token.
- * </p>
- *
- * @param encryptWith a {@code URI} representing the algorithm used.
- */
- public void setEncryptWith(URI encryptWith)
- {
- this.encryptWith = encryptWith;
- this.delegate.getAny().add(this.factory.createEncryptWith(encryptWith.toString()));
- }
-
- /**
- * <p>
- * Obtains the identity to which the requested token should be delegated.
- * </p>
- *
- * @return a reference to the {@code DelegateToType} instance that represents the identity.
- */
- public DelegateToType getDelegateTo()
- {
- return delegateTo;
- }
-
- /**
- * <p>
- * Sets the identity to which the requested token should be delegated.
- * </p>
- *
- * @param delegateTo the {@code DelegateToType} object representing the identity to be set.
- */
- public void setDelegateTo(DelegateToType delegateTo)
- {
- this.delegateTo = delegateTo;
- this.delegate.getAny().add(this.factory.createDelegateTo(delegateTo));
- }
-
- /**
- * <p>
- * Indicates whether the requested token has been marked as "forwardable" or not. In general, this flag is used when
- * a token is normally bound to the requestor's machine or service. Using this flag, the returned token MAY be used
- * from any source machine so long as the key is correctly proven.
- * </p>
- *
- * @return {@code true} if the requested token has been marked as "forwardable"; {@code false} otherwise.
- */
- public boolean isForwardable()
- {
- return forwardable;
- }
-
- /**
- * <p>
- * Specifies whether the requested token has been marked as "forwardable" or not. In general, this flag is used when
- * a token is normally bound to the requestor's machine or service. Using this flag, the returned token MAY be used
- * from any source machine so long as the key is correctly proven.
- * </p>
- *
- * @param forwardable {@code true} if the requested token has been marked as "forwardable"; {@code false} otherwise.
- */
- public void setForwardable(boolean forwardable)
- {
- this.forwardable = forwardable;
- this.delegate.getAny().add(this.factory.createForwardable(forwardable));
- }
-
- /**
- * <p>
- * Indicates whether the requested token has been marked as "delegatable" or not. Using this flag, the returned token
- * MAY be delegated to another party.
- * </p>
- *
- * @return {@code true} if the requested token has been marked as "delegatable"; {@code false} otherwise.
- */
- public boolean isDelegatable()
- {
- return delegatable;
- }
-
- /**
- * <p>
- * Specifies whether the requested token has been marked as "delegatable" or not. Using this flag, the returned token
- * MAY be delegated to another party.
- * </p>
- *
- * @param delegatable {@code true} if the requested token has been marked as "delegatable"; {@code false} otherwise.
- */
- public void setDelegatable(boolean delegatable)
- {
- this.delegatable = delegatable;
- this.delegate.getAny().add(this.factory.createDelegatable(delegatable));
- }
-
- /**
- * <p>
- * Obtains the {@code Policy} that was associated with the request. The policy specifies defaults that can be
- * overridden by the previous properties.
- * </p>
- *
- * @return a reference to the {@code Policy} that was associated with the request.
- */
- public Policy getPolicy()
- {
- return policy;
- }
-
- /**
- * <p>
- * Sets the {@code Policy} in the response. The policy specifies defaults that can be overridden by the previous
- * properties.
- * </p>
- *
- * @param policy the {@code Policy} instance to be set.
- */
- public void setPolicy(Policy policy)
- {
- this.policy = policy;
- this.delegate.getAny().add(policy);
- }
-
- /**
- * <p>
- * Obtains the reference to the {@code Policy} that was associated with the request.
- * </p>
- *
- * @return a {@code PolicyReference} that specifies where the {@code Policy} can be found.
- */
- public PolicyReference getPolicyReference()
- {
- return policyReference;
- }
-
- /**
- * <p>
- * Sets the reference to the {@code Policy} that was associated with the request.
- * </p>
- *
- * @param policyReference the {@code PolicyReference} object to be set.
- */
- public void setPolicyReference(PolicyReference policyReference)
- {
- this.policyReference = policyReference;
- this.delegate.getAny().add(policyReference);
- }
-
- /**
- * <p>
- * Obtains the list of request elements that are not part of the standard content model.
- * </p>
- *
- * @return a {@code List<Object>} containing the extension elements.
- */
- public List<Object> getExtensionElements()
- {
- return Collections.unmodifiableList(this.extensionElements);
- }
-
- /**
- * <p>
- * Obtains the response context.
- * </p>
- *
- * @return a {@code String} that identifies the original request.
- */
- public String getContext()
- {
- return this.delegate.getContext();
- }
-
- /**
- * <p>
- * Sets the response context.
- * </p>
- *
- * @param context a {@code String} that identifies the original request.
- */
- public void setContext(String context)
- {
- this.delegate.setContext(context);
- }
-
- /**
- * <p>
- * Obtains a map that contains attributes that aren't bound to any typed property on the response. This is a live
- * reference, so attributes can be added/changed/removed directly. For this reason, there is no setter method.
- * </p>
- *
- * @return a {@code Map<QName, String>} that contains the attributes.
- */
- public Map<QName, String> getOtherAttributes()
- {
- return this.delegate.getOtherAttributes();
- }
-
- /**
- * <p>
- * Gets a reference to the list that holds all response element values.
- * </p>
- *
- * @return a {@code List<Object>} containing all values specified in the response.
- */
- public List<Object> getAny()
- {
- return this.delegate.getAny();
- }
-
- /**
- * <p>
- * Obtains a reference to the {@code RequestSecurityTokenResponseType} delegate.
- * </p>
- *
- * @return a reference to the delegate instance.
- */
- public RequestSecurityTokenResponseType getDelegate()
- {
- return this.delegate;
- }
-}
Deleted: identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/wstrust/RequestSecurityTokenResponseCollection.java
===================================================================
--- identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/wstrust/RequestSecurityTokenResponseCollection.java 2009-09-02 17:50:36 UTC (rev 757)
+++ identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/wstrust/RequestSecurityTokenResponseCollection.java 2009-09-03 01:56:21 UTC (rev 758)
@@ -1,124 +0,0 @@
-/*
- * JBoss, Home of Professional Open Source.
- * Copyright 2009, Red Hat Middleware LLC, and individual contributors
- * as indicated by the @author tags. See the copyright.txt file in the
- * distribution for a full listing of individual contributors.
- *
- * This is free software; you can redistribute it and/or modify it
- * under the terms of the GNU Lesser General Public License as
- * published by the Free Software Foundation; either version 2.1 of
- * the License, or (at your option) any later version.
- *
- * This software is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public
- * License along with this software; if not, write to the Free
- * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
- * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
- */
-package org.jboss.identity.federation.core.wstrust;
-
-import java.util.ArrayList;
-import java.util.Collections;
-import java.util.List;
-
-import org.jboss.identity.federation.ws.trust.RequestSecurityTokenResponseCollectionType;
-import org.jboss.identity.federation.ws.trust.RequestSecurityTokenResponseType;
-
-/**
- * <p>
- * This class represents a WS-Trust {@code RequestSecurityTokenResponseCollection}. It wraps the JAXB representation of
- * the security token collection response.
- * </p>
- *
- * @author <a href="mailto:sguilhen@redhat.com">Stefan Guilhen</a>
- */
-public class RequestSecurityTokenResponseCollection implements BaseRequestSecurityTokenResponse
-{
-
- private final RequestSecurityTokenResponseCollectionType delegate;
-
- private final List<RequestSecurityTokenResponse> requestSecurityTokenResponses;
-
- /**
- * <p>
- * Creates an instance of {@code RequestSecurityTokenResponseCollection}.
- * </p>
- */
- public RequestSecurityTokenResponseCollection()
- {
- this.requestSecurityTokenResponses = new ArrayList<RequestSecurityTokenResponse>();
- this.delegate = new RequestSecurityTokenResponseCollectionType();
- }
-
- /**
- * <p>
- * Creates an instance of {@code RequestSecurityTokenResponseCollection} using the specified delegate.
- * </p>
- *
- * @param delegate the JAXB {@code RequestSecurityTokenResponseCollectionType} that represents a WS-Trust request
- * collection.
- */
- public RequestSecurityTokenResponseCollection(RequestSecurityTokenResponseCollectionType delegate)
- {
- this.delegate = delegate;
- this.requestSecurityTokenResponses = new ArrayList<RequestSecurityTokenResponse>();
- for (RequestSecurityTokenResponseType response : delegate.getRequestSecurityTokenResponse())
- this.requestSecurityTokenResponses.add(new RequestSecurityTokenResponse(response));
- }
-
- /**
- * <p>
- * Obtains the collection of {@code RequestSecurityTokenResponse} objects. The returned collection is immutable, so
- * addition or removal of requests must be carried by the appropriate add/remove methods.
- * </p>
- *
- * @return a {@code List<RequestSecurityToken>} containing the token requests.
- */
- public List<RequestSecurityTokenResponse> getRequestSecurityTokenResponses()
- {
- return Collections.unmodifiableList(this.requestSecurityTokenResponses);
- }
-
- /**
- * <p>
- * Adds the specified {@code RequestSecurityTokenResponse} object to the collection of token requests.
- * </p>
- *
- * @param request the {@code RequestSecurityTokenResponse} to be added.
- */
- public void addRequestSecurityTokenResponse(RequestSecurityTokenResponse response)
- {
- this.delegate.getRequestSecurityTokenResponse().add(response.getDelegate());
- this.requestSecurityTokenResponses.add(response);
- }
-
- /**
- * <p>
- * Removes the specified {@code RequestSecurityTokenResponse} object from the collection of token requests.
- * </p>
- *
- * @param request the {@code RequestSecurityTokenResponse} to be removed.
- */
- public void removeRequestSecurityTokenResponse(RequestSecurityTokenResponse response)
- {
- this.delegate.getRequestSecurityTokenResponse().remove(response.getDelegate());
- this.requestSecurityTokenResponses.remove(response);
- }
-
- /**
- * <p>
- * Obtains a reference to the {@code RequestSecurityTokenResponseCollectionType} delegate.
- * </p>
- *
- * @return a reference to the delegate instance.
- */
- public RequestSecurityTokenResponseCollectionType getDelegate()
- {
- return this.delegate;
- }
-
-}
Added: identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/wstrust/STSConfiguration.java
===================================================================
--- identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/wstrust/STSConfiguration.java (rev 0)
+++ identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/wstrust/STSConfiguration.java 2009-09-03 01:56:21 UTC (rev 758)
@@ -0,0 +1,149 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2009, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.identity.federation.core.wstrust;
+
+import java.security.KeyPair;
+import java.security.PublicKey;
+import java.util.Map;
+
+/**
+ * <p>
+ * The {@code STSConfiguration} interface allows access to the security token service (STS) configuration attributes.
+ * </p>
+ *
+ * @author <a href="mailto:sguilhen@redhat.com">Stefan Guilhen</a>
+ */
+public interface STSConfiguration
+{
+
+ /**
+ * <p>
+ * Obtains the unique name of the secure token service.
+ * </p>
+ *
+ * @return a {@code String} representing the STS name.
+ */
+ public String getSTSName();
+
+ /**
+ * <p>
+ * Indicates whether the issued token should be encrypted or not.
+ * </p>
+ *
+ * @return {@code true} if the issued token is to be encrypted; {@code false} otherwise.
+ */
+ public boolean encryptIssuedToken();
+
+ /**
+ * <p>
+ * Indicates whether the issued token should be digitally signed or not.
+ * </p>
+ *
+ * @return {@code true} if the issued token is to be signed; {@code false} otherwise.
+ */
+ public boolean signIssuedToken();
+
+ /**
+ * <p>
+ * Obtains the timeout value (in milliseconds) for issued tokens.
+ * </p>
+ *
+ * @return the token timeout value.
+ */
+ public long getIssuedTokenTimeout();
+
+ /**
+ * <p>
+ * Obtains the WS-Trust request handler class.
+ * </p>
+ *
+ * @return a reference to the configured {@code WSTrustRequestHandler}.
+ */
+ public WSTrustRequestHandler getRequestHandler();
+
+ /**
+ * <p>
+ * Given the name of a service provider, obtains the type of the token that should be used when issuing tokens to
+ * clients of that service.
+ * </p>
+ *
+ * @param serviceName the name of the service provider that requires a token from its clients.
+ * @return a {@code String} representing the type of the token that suits the specified service.
+ */
+ public String getTokenTypeForService(String serviceName);
+
+ /**
+ * <p>
+ * Given the name of a service provider, obtains the provider that must be used when issuing tokens to clients of
+ * that service. When requesting a token to the STS, a client can specify the service it needs the token for using
+ * the {@code AppliesTo} element. Based on the service provider name, the STS identifies the type of the token that
+ * is to be issued and then selects the appropriate token provider to handle the request.
+ * </p>
+ *
+ * @param serviceName the name of the service provider that requires a token from its clients.
+ * @return a reference to the {@code SecurityTokenProvider} that must be used in order to issue tokens to clients of
+ * the specified service.
+ */
+ public SecurityTokenProvider getProviderForService(String serviceName);
+
+ /**
+ * <p>
+ * Given a token type, obtains the token provider that should be used to handle token requests of that type. When a
+ * client doesn't specify the service provider name through the {@code AppliesTo} element, it must specify the token
+ * type through the {@code TokenType} element. The STS uses the supplied type to select the appropriate token
+ * provider.
+ * </p>
+ *
+ * @param tokenType a {@code String} representing the type of the token.
+ * @return a reference to the {@code SecurityTokenProvider} that must be used to handle token requests of the
+ * specified type.
+ */
+ public SecurityTokenProvider getProviderForTokenType(String tokenType);
+
+ /**
+ * <p>
+ * Obtains a {@code Map} that contains the non-standard configuration options.
+ * </p>
+ *
+ * @return a {@code Map<String, Object>} containing the additional configuration options.
+ */
+ public Map<String, Object> getOptions();
+
+ /**
+ * <p>
+ * Obtains a reference to the {@code KeyPair} object that contains the STS {@code PrivateKey} and {@code PublicKey}.
+ * </p>
+ *
+ * @return a reference to the STS {@code KeyPair}.
+ */
+ public KeyPair getSTSKeyPair();
+
+ /**
+ * <p>
+ * Obtains the public key of the specified service provider. The returned key is used to encrypt issued tokens.
+ * </p>
+ *
+ * @param serviceName the name of the service provider (normally the provider URL).
+ * @return a reference to the provider's {@code PublicKey}
+ */
+ public PublicKey getServiceProviderPublicKey(String serviceName);
+}
Added: identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/wstrust/SecurityActions.java
===================================================================
--- identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/wstrust/SecurityActions.java (rev 0)
+++ identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/wstrust/SecurityActions.java 2009-09-03 01:56:21 UTC (rev 758)
@@ -0,0 +1,108 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2009, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.identity.federation.core.wstrust;
+
+import java.security.AccessController;
+import java.security.PrivilegedAction;
+import java.security.PrivilegedActionException;
+import java.security.PrivilegedExceptionAction;
+
+/**
+ * <p>
+ * Utility class that executes actions such as creating a class in privileged blocks.
+ * </p>
+ *
+ * @author <a href="mailto:sguilhen@redhat.com">Stefan Guilhen</a>
+ */
+class SecurityActions
+{
+
+ /**
+ * <p>
+ * Gets the thread context class loader using a privileged block.
+ * </p>
+ *
+ * @return a reference to the thread context {@code ClassLoader}.
+ */
+ static ClassLoader getContextClassLoader()
+ {
+ return AccessController.doPrivileged(new PrivilegedAction<ClassLoader>()
+ {
+ public ClassLoader run()
+ {
+ return Thread.currentThread().getContextClassLoader();
+ }
+ });
+ }
+
+ /**
+ * <p>
+ * Loads a class using the thread context class loader in a privileged block.
+ * </p>
+ *
+ * @param name the fully-qualified name of the class to be loaded.
+ * @return a reference to the loaded {@code Class}.
+ * @throws PrivilegedActionException if an error occurs while loading the class. This exception wraps the real cause
+ * of the error, so classes using this method must perform a {@code getCause()} in order to get a
+ * reference to the root of the error.
+ */
+ static Class<?> loadClass(final String name) throws PrivilegedActionException
+ {
+ return AccessController.doPrivileged(new PrivilegedExceptionAction<Class<?>>()
+ {
+ public Class<?> run() throws PrivilegedActionException
+ {
+ try
+ {
+ return getContextClassLoader().loadClass(name);
+ }
+ catch (Exception e)
+ {
+ throw new PrivilegedActionException(e);
+ }
+ }
+ });
+ }
+
+ /**
+ * <p>
+ * Creates an instance of the specified class in a privileged block. The class must define a default constructor.
+ * </p>
+ *
+ * @param className the fully-qualified name of the class to be instantiated.
+ * @return a reference to the instantiated {@code Object}.
+ * @throws PrivilegedActionException if an error occurs while instantiating the class. This exception wraps the real
+ * cause of the error, so classes using this method must perform a {@code getCause()} in order to get a
+ * reference to the root of the error.
+ */
+ static Object instantiateClass(final String className) throws PrivilegedActionException
+ {
+ return AccessController.doPrivileged(new PrivilegedExceptionAction<Object>()
+ {
+ public Object run() throws Exception
+ {
+ Class<?> objectClass = loadClass(className);
+ return objectClass.newInstance();
+ }
+ });
+ }
+}
\ No newline at end of file
Added: identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/wstrust/SecurityToken.java
===================================================================
--- identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/wstrust/SecurityToken.java (rev 0)
+++ identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/wstrust/SecurityToken.java 2009-09-03 01:56:21 UTC (rev 758)
@@ -0,0 +1,60 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2009, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.identity.federation.core.wstrust;
+
+/**
+ * <p>
+ * Interface that represents a security token.
+ * </p>
+ *
+ * @author <a href="mailto:sguilhen@redhat.com">Stefan Guilhen</a>
+ */
+public interface SecurityToken
+{
+
+ /**
+ * <p>
+ * Obtains the security token unique identifier.
+ * </p>
+ *
+ * @return a {@code String} representing the token id.
+ */
+ public String getTokenID();
+
+ /**
+ * <p>
+ * Obtains the type of the security token.
+ * </p>
+ *
+ * @return a {@code String} representing the security token type.
+ */
+ public String getTokenType();
+
+ /**
+ * <p>
+ * Obtains the value of the security token.
+ * </p>
+ *
+ * @return an {@code Object} representing the security token value.
+ */
+ public Object getTokenValue();
+}
Added: identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/wstrust/SecurityTokenProvider.java
===================================================================
--- identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/wstrust/SecurityTokenProvider.java (rev 0)
+++ identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/wstrust/SecurityTokenProvider.java 2009-09-03 01:56:21 UTC (rev 758)
@@ -0,0 +1,77 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2009, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.identity.federation.core.wstrust;
+
+
+/**
+ * <p>
+ * This interface defines the methods that must be implemented by security token providers.
+ * </p>
+ *
+ * @author <a href="mailto:sguilhen@redhat.com">Stefan Guilhen</a>
+ */
+public interface SecurityTokenProvider
+{
+ /**
+ * <p>
+ * Generates a security token using the information contained in the specified request context and stores the
+ * newly-created token in the context itself.
+ * </p>
+ *
+ * @param context the {@code WSTrustRequestContext} to be used when generating the token.
+ * @throws WSTrustException if an error occurs while creating the security token.
+ */
+ public void issueToken(WSTrustRequestContext context) throws WSTrustException;
+
+ /**
+ * <p>
+ * Renews the security token contained in the specified request context. This method is used when a previously
+ * generated token has expired, generating a new version of the same token with different expiration semantics.
+ * </p>
+ *
+ * @param context the {@code WSTrustRequestContext} that contains the token to be renewed.
+ * @throws WSTrustException if an error occurs while renewing the security token.
+ */
+ public void renewToken(WSTrustRequestContext context) throws WSTrustException;
+
+ /**
+ * <p>
+ * Cancels the token contained in the specified request context. A security token is usually canceled when one wants
+ * to make sure that the token will not be used anymore. A security token can't be renewed once it has been canceled.
+ * </p>
+ *
+ * @param context the {@code WSTrustRequestContext} that contains the token to be canceled.
+ * @throws WSTrustException if an error occurs while canceling the security token.
+ */
+ public void cancelToken(WSTrustRequestContext context) throws WSTrustException;
+
+ /**
+ * <p>
+ * Evaluates the validity of the token contained in the specified request context and sets the result in the context
+ * itself. The result can be a status, a new token, or both.
+ * </p>
+ *
+ * @param context the {@code WSTrustRequestContext} that contains the token to be validated.
+ * @throws WSTrustException if an error occurs while validating the security token.
+ */
+ public void validateToken(WSTrustRequestContext context) throws WSTrustException;
+}
Added: identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/wstrust/SecurityTokenService.java
===================================================================
--- identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/wstrust/SecurityTokenService.java (rev 0)
+++ identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/wstrust/SecurityTokenService.java 2009-09-03 01:56:21 UTC (rev 758)
@@ -0,0 +1,43 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2009, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.identity.federation.core.wstrust;
+
+import javax.xml.transform.Source;
+import javax.xml.ws.Provider;
+
+/**
+ * <p>
+ * The {@code SecurityTokenService} (STS) interface. It extends the {@code Provider} interface so that it can be
+ * dynamically invoked (as opposed to having a service endpoint interface).
+ * </p>
+ *
+ * @author <a href="mailto:sguilhen@redhat.com">Stefan Guilhen</a>
+ */
+public interface SecurityTokenService extends Provider<Source>
+{
+ /*
+ * (non-Javadoc)
+ *
+ * @see javax.xml.ws.Provider#invoke(java.lang.Object)
+ */
+ public Source invoke(Source request);
+}
Added: identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/wstrust/StandardRequestHandler.java
===================================================================
--- identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/wstrust/StandardRequestHandler.java (rev 0)
+++ identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/wstrust/StandardRequestHandler.java 2009-09-03 01:56:21 UTC (rev 758)
@@ -0,0 +1,423 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2009, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.identity.federation.core.wstrust;
+
+import java.net.URI;
+import java.security.KeyPair;
+import java.security.Principal;
+import java.security.PublicKey;
+
+import javax.xml.crypto.dsig.DigestMethod;
+import javax.xml.crypto.dsig.SignatureMethod;
+
+import org.apache.log4j.Logger;
+import org.jboss.identity.federation.core.saml.v2.util.DocumentUtil;
+import org.jboss.identity.federation.core.util.XMLSignatureUtil;
+import org.jboss.identity.federation.core.wstrust.plugins.saml.SAMLUtil;
+import org.jboss.identity.federation.core.wstrust.wrappers.RequestSecurityToken;
+import org.jboss.identity.federation.core.wstrust.wrappers.RequestSecurityTokenResponse;
+import org.jboss.identity.federation.ws.policy.AppliesTo;
+import org.jboss.identity.federation.ws.trust.RequestedSecurityTokenType;
+import org.jboss.identity.federation.ws.trust.StatusType;
+import org.w3c.dom.Document;
+import org.w3c.dom.Element;
+import org.w3c.dom.Node;
+
+/**
+ * <p>
+ * Default implementation of the {@code WSTrustRequestHandler} interface. It creates the request context containing the
+ * original WS-Trust request as well as any information that may be relevant to the token processing, and delegates the
+ * actual token handling processing to the appropriate {@code SecurityTokenProvider}.
+ * </p>
+ *
+ * @author <a href="mailto:sguilhen@redhat.com">Stefan Guilhen</a>
+ */
+public class StandardRequestHandler implements WSTrustRequestHandler
+{
+ private static Logger log = Logger.getLogger(StandardRequestHandler.class);
+ private boolean trace = log.isTraceEnabled();
+
+ private STSConfiguration configuration;
+
+ /*
+ * (non-Javadoc)
+ *
+ * @see
+ * org.jboss.identity.federation.api.wstrust.WSTrustRequestHandler#initialize(org.jboss.identity.federation.api.wstrust
+ * .STSConfiguration)
+ */
+ public void initialize(STSConfiguration configuration)
+ {
+ this.configuration = configuration;
+ }
+
+ /*
+ * (non-Javadoc)
+ *
+ * @see
+ * org.jboss.identity.federation.api.wstrust.WSTrustRequestHandler#issue(org.jboss.identity.federation.api.wstrust
+ * .protocol.RequestSecurityToken, java.security.Principal)
+ */
+ public RequestSecurityTokenResponse issue(RequestSecurityToken request, Principal callerPrincipal)
+ throws WSTrustException
+ {
+ Document rstDocument = request.getRSTDocument();
+ if( rstDocument == null)
+ throw new IllegalArgumentException("Request does not contain the DOM Document");
+
+ SecurityTokenProvider provider = null;
+
+ // first try to obtain the security token provider using the applies-to contents.
+ AppliesTo appliesTo = request.getAppliesTo();
+ PublicKey providerPublicKey = null;
+ if (appliesTo != null)
+ {
+ String serviceName = WSTrustUtil.parseAppliesTo(appliesTo);
+ if (serviceName != null)
+ {
+ provider = this.configuration.getProviderForService(serviceName);
+ request.setTokenType(URI.create(this.configuration.getTokenTypeForService(serviceName)));
+ providerPublicKey = this.configuration.getServiceProviderPublicKey(serviceName);
+ }
+ }
+ // if applies-to is not available or if no provider was found for the service, use the token type.
+ if (provider == null && request.getTokenType() != null)
+ {
+ provider = this.configuration.getProviderForTokenType(request.getTokenType().toString());
+ }
+ else if (appliesTo == null && request.getTokenType() == null)
+ throw new WSTrustException("Either AppliesTo or TokenType must be present in a security token request");
+
+ if (provider != null)
+ {
+ // create the request context and delegate token generation to the provider.
+ WSTrustRequestContext requestContext = new WSTrustRequestContext(request, callerPrincipal);
+ requestContext.setTokenIssuer(this.configuration.getSTSName());
+ if (request.getLifetime() == null && this.configuration.getIssuedTokenTimeout() != 0)
+ {
+ // if no lifetime has been specified, use the configured timeout value.
+ request.setLifetime(WSTrustUtil.createDefaultLifetime(this.configuration.getIssuedTokenTimeout()));
+ }
+ requestContext.setServiceProviderPublicKey(providerPublicKey);
+ provider.issueToken(requestContext);
+
+ if (requestContext.getSecurityToken() == null)
+ throw new WSTrustException("Token issued by provider " + provider.getClass().getName() + " is null");
+
+ // sign the issued token if needed.
+ /*if (this.configuration.signIssuedToken() && this.configuration.getSTSKeyPair() != null)
+ {
+ KeyPair keyPair = this.configuration.getSTSKeyPair();
+ if (keyPair != null)
+ {
+ URI signatureURI = request.getSignatureAlgorithm();
+ String signatureMethod = signatureURI != null ? signatureURI.toString() : SignatureMethod.RSA_SHA1;
+ try
+ {
+ Element tokenElement = (Element) requestContext.getSecurityToken().getTokenValue();
+ XMLSignatureUtil.sign(tokenElement.getOwnerDocument(), keyPair, DigestMethod.SHA1, signatureMethod,
+ "#" + requestContext.getSecurityToken().getTokenID());
+ if(trace)
+ {
+ try
+ {
+ log.trace("Signed Token:" + DocumentUtil.getNodeAsString(tokenElement));
+
+ Document tokenDocument = DocumentUtil.createDocument();
+ tokenDocument.appendChild(tokenDocument.importNode(tokenElement, true));
+ log.trace("valid=" + XMLSignatureUtil.validate(tokenDocument, keyPair.getPublic()));
+
+ }catch(Exception ignore){}
+ }
+ }
+ catch (Exception e)
+ {
+ throw new WSTrustException("Failed to sign security token", e);
+ }
+ }
+ }*/
+
+ // construct the ws-trust security token response.
+ RequestedSecurityTokenType requestedSecurityToken = new RequestedSecurityTokenType();
+ requestedSecurityToken.setAny(requestContext.getSecurityToken().getTokenValue());
+
+ // TODO: create proof token and encrypt the token if needed
+
+ RequestSecurityTokenResponse response = new RequestSecurityTokenResponse();
+ if (request.getContext() != null)
+ response.setContext(request.getContext());
+
+ response.setTokenType(request.getTokenType());
+ response.setLifetime(request.getLifetime());
+ response.setAppliesTo(appliesTo);
+ response.setRequestedSecurityToken(requestedSecurityToken);
+
+ // set the attached and unattached references.
+ if (requestContext.getAttachedReference() != null)
+ response.setRequestedAttachedReference(requestContext.getAttachedReference());
+ if (requestContext.getUnattachedReference() != null)
+ response.setRequestedUnattachedReference(requestContext.getUnattachedReference());
+
+ return response;
+ }
+ else
+ throw new WSTrustException("Unable to find a token provider for the token request");
+ }
+
+ /*
+ * (non-Javadoc)
+ *
+ * @see
+ * org.jboss.identity.federation.api.wstrust.WSTrustRequestHandler#renew(org.jboss.identity.federation.api.wstrust
+ * .protocol.RequestSecurityToken, java.security.Principal)
+ */
+ public RequestSecurityTokenResponse renew(RequestSecurityToken request, Principal callerPrincipal)
+ throws WSTrustException
+ {
+ Document rstDocument = request.getRSTDocument();
+ if( rstDocument == null)
+ throw new IllegalArgumentException("Request does not contain the DOM Document");
+
+ SecurityTokenProvider provider = null;
+
+ // first try to obtain the security token provider using the applies-to contents.
+ AppliesTo appliesTo = request.getAppliesTo();
+ PublicKey providerPublicKey = null;
+ if (appliesTo != null)
+ {
+ String serviceName = WSTrustUtil.parseAppliesTo(appliesTo);
+ if (serviceName != null)
+ {
+ provider = this.configuration.getProviderForService(serviceName);
+ request.setTokenType(URI.create(this.configuration.getTokenTypeForService(serviceName)));
+ providerPublicKey = this.configuration.getServiceProviderPublicKey(serviceName);
+ }
+ }
+ // if applies-to is not available or if no provider was found for the service, use the token type.
+ if (provider == null && request.getTokenType() != null)
+ {
+ provider = this.configuration.getProviderForTokenType(request.getTokenType().toString());
+ }
+ else if (appliesTo == null && request.getTokenType() == null)
+ throw new WSTrustException("Either AppliesTo or TokenType must be present in a security token request");
+
+ // TODO: get the provider using the token from the request.
+ provider = this.configuration.getProviderForTokenType(SAMLUtil.SAML2_TOKEN_TYPE);
+
+ if (provider != null)
+ {
+ // create the request context and delegate token generation to the provider.
+ WSTrustRequestContext requestContext = new WSTrustRequestContext(request, callerPrincipal);
+ requestContext.setTokenIssuer(this.configuration.getSTSName());
+ if (request.getLifetime() == null && this.configuration.getIssuedTokenTimeout() != 0)
+ {
+ // if no lifetime has been specified, use the configured timeout value.
+ request.setLifetime(WSTrustUtil.createDefaultLifetime(this.configuration.getIssuedTokenTimeout()));
+ }
+ requestContext.setServiceProviderPublicKey(providerPublicKey);
+ provider.renewToken(requestContext);
+
+ if (requestContext.getSecurityToken() == null)
+ throw new WSTrustException("Token issued by provider " + provider.getClass().getName() + " is null");
+
+
+ // construct the ws-trust security token response.
+ RequestedSecurityTokenType requestedSecurityToken = new RequestedSecurityTokenType();
+ requestedSecurityToken.setAny(requestContext.getSecurityToken().getTokenValue());
+
+ // TODO: create proof token and encrypt the token if needed
+
+ RequestSecurityTokenResponse response = new RequestSecurityTokenResponse();
+ if (request.getContext() != null)
+ response.setContext(request.getContext());
+
+ response.setTokenType(request.getTokenType());
+ response.setLifetime(request.getLifetime());
+ response.setAppliesTo(appliesTo);
+ response.setRequestedSecurityToken(requestedSecurityToken);
+
+ // set the attached and unattached references.
+ if (requestContext.getAttachedReference() != null)
+ response.setRequestedAttachedReference(requestContext.getAttachedReference());
+ if (requestContext.getUnattachedReference() != null)
+ response.setRequestedUnattachedReference(requestContext.getUnattachedReference());
+
+ return response;
+ }
+ else
+ throw new WSTrustException("Unable to find a token provider for the token request");
+ }
+
+ /*
+ * (non-Javadoc)
+ *
+ * @see
+ * org.jboss.identity.federation.api.wstrust.WSTrustRequestHandler#validate(org.jboss.identity.federation.api.wstrust
+ * .protocol.RequestSecurityToken, java.security.Principal)
+ */
+ public RequestSecurityTokenResponse validate(RequestSecurityToken request, Principal callerPrincipal)
+ throws WSTrustException
+ {
+ Document rstDocument = request.getRSTDocument();
+ if( rstDocument == null)
+ throw new IllegalArgumentException("Request does not contain the DOM Document");
+
+ if (request.getValidateTarget() == null)
+ throw new WSTrustException("Unable to validate token: validate target is null");
+
+ if (request.getTokenType() == null)
+ request.setTokenType(URI.create(WSTrustConstants.STATUS_TYPE));
+
+ // TODO: get the provider using the token from the request.
+ SecurityTokenProvider provider = this.configuration.getProviderForTokenType(SAMLUtil.SAML2_TOKEN_TYPE);
+ WSTrustRequestContext context = new WSTrustRequestContext(request, callerPrincipal);
+
+ StatusType status = null;
+
+ // validate the security token digital signature.
+ if (this.configuration.signIssuedToken() && this.configuration.getSTSKeyPair() != null)
+ {
+ KeyPair keyPair = this.configuration.getSTSKeyPair();
+ try
+ {
+ //Element tokenElement = (Element) request.getValidateTarget().getAny();
+ Element tokenElement = request.getValidateTargetElement();
+
+ Node securityToken = tokenElement.getFirstChild();
+
+ if(trace)
+ {
+ try
+ {
+ log.trace("Going to validate:" + DocumentUtil.getNodeAsString(securityToken));
+ }
+ catch (Exception e)
+ {
+ }
+ }
+ Document tokenDocument = DocumentUtil.createDocument();
+ Node importedNode = tokenDocument.importNode(securityToken, true);
+ tokenDocument.appendChild(importedNode);
+ if (!XMLSignatureUtil.validate(tokenDocument, keyPair.getPublic()))
+ {
+ status = new StatusType();
+ status.setCode(WSTrustConstants.STATUS_CODE_INVALID);
+ status.setReason("Validation failure: digital signature is invalid");
+ }
+ }
+ catch (Exception e)
+ {
+ status = new StatusType();
+ status.setCode(WSTrustConstants.STATUS_CODE_INVALID);
+ status.setReason("Validation failure: unable to verify digital signature: " + e.getMessage());
+ }
+ }
+ // TODO: add logging statements alerting that signature validation was not perfomed.
+
+ // if the signature is valid, then let the provider handle perform any additional validation checks.
+ if(status == null)
+ {
+ provider.validateToken(context);
+ status = context.getStatus();
+ }
+
+ // construct and return the response.
+ RequestSecurityTokenResponse response = new RequestSecurityTokenResponse();
+ if (request.getContext() != null)
+ response.setContext(request.getContext());
+ response.setTokenType(request.getTokenType());
+ response.setStatus(status);
+
+ return response;
+ }
+
+ /*
+ * (non-Javadoc)
+ *
+ * @see
+ * org.jboss.identity.federation.api.wstrust.WSTrustRequestHandler#cancel(org.jboss.identity.federation.api.wstrust
+ * .protocol.RequestSecurityToken, java.security.Principal)
+ */
+ public RequestSecurityTokenResponse cancel(RequestSecurityToken request, Principal callerPrincipal)
+ throws WSTrustException
+ {
+ Document rstDocument = request.getRSTDocument();
+ if( rstDocument == null)
+ throw new IllegalArgumentException("Request does not contain the DOM Document");
+
+ // TODO: implement cancel logic.
+ throw new UnsupportedOperationException();
+ }
+
+ public Document postProcess(Document rstrDocument, RequestSecurityToken request) throws WSTrustException
+ {
+ if(WSTrustConstants.ISSUE_REQUEST.equals(request.getRequestType().toString())
+ || WSTrustConstants.RENEW_REQUEST.equals(request.getRequestType().toString()))
+ {
+ rstrDocument = DocumentUtil.normalizeNamespaces(rstrDocument);
+
+ //Sign and encrypt
+ if (this.configuration.signIssuedToken() && this.configuration.getSTSKeyPair() != null)
+ {
+ KeyPair keyPair = this.configuration.getSTSKeyPair();
+ if (keyPair != null)
+ {
+ URI signatureURI = request.getSignatureAlgorithm();
+ String signatureMethod = signatureURI != null ? signatureURI.toString() : SignatureMethod.RSA_SHA1;
+ try
+ {
+ Node rst = rstrDocument.getElementsByTagNameNS(WSTrustConstants.BASE_NAMESPACE,
+ "RequestedSecurityToken").item(0);
+ Element tokenElement = (Element) rst.getFirstChild();
+ if(trace)
+ {
+ log.trace("NamespaceURI of element to be signed:" +tokenElement.getNamespaceURI() );
+ }
+ /* XMLSignatureUtil.sign(tokenElement.getOwnerDocument(), keyPair, DigestMethod.SHA1, signatureMethod,
+ "#" + tokenElement.getAttribute("ID"));
+ */
+ rstrDocument = XMLSignatureUtil.sign(rstrDocument, tokenElement, keyPair,
+ DigestMethod.SHA1, signatureMethod, "#" + tokenElement.getAttribute("ID"));
+ if(trace)
+ {
+ try
+ {
+ log.trace("Signed Token:" + DocumentUtil.getNodeAsString(tokenElement));
+
+ Document tokenDocument = DocumentUtil.createDocument();
+ tokenDocument.appendChild(tokenDocument.importNode(tokenElement, true));
+ log.trace("valid=" + XMLSignatureUtil.validate(tokenDocument, keyPair.getPublic()));
+
+ }catch(Exception ignore){}
+ }
+ }
+ catch (Exception e)
+ {
+ throw new WSTrustException("Failed to sign security token", e);
+ }
+ }
+ }
+ }
+
+ return rstrDocument;
+ }
+}
\ No newline at end of file
Added: identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/wstrust/StandardSecurityToken.java
===================================================================
--- identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/wstrust/StandardSecurityToken.java (rev 0)
+++ identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/wstrust/StandardSecurityToken.java 2009-09-03 01:56:21 UTC (rev 758)
@@ -0,0 +1,93 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2009, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.identity.federation.core.wstrust;
+
+import org.w3c.dom.Element;
+
+/**
+ * <p>
+ * Standard implementation of the {@code SecurityToken} interface. This implementation stores the issued token as an
+ * {@code Element}. The token providers are responsible for marshaling the security token into an {@code Element}
+ * instance because the security token marshaling process falls out of the scope of the STS (the STS only deals with
+ * WS-Trust classes and doesn't know how to marshal each specific token type).
+ * </p>
+ *
+ * @author <a href="mailto:sguilhen@redhat.com">Stefan Guilhen</a>
+ */
+public class StandardSecurityToken implements SecurityToken
+{
+ private final String tokenType;
+
+ private final String tokenId;
+
+ private final Element token;
+
+ /**
+ * <p>
+ * Creates an instance of {@code StandardSecurityToken} with the specified parameters.
+ * </p>
+ *
+ * @param tokenType
+ * a {@code String} representing the type of the security token. This is usually the same type as specified
+ * in the WS-Trust request message.
+ * @param token
+ * the security token in its {@code Element} form (i.e. the marshaled security token).
+ * @param tokenID
+ * a {@code String} representing the id of the security token.
+ */
+ public StandardSecurityToken(String tokenType, Element token, String tokenID)
+ {
+ this.tokenType = tokenType;
+ this.tokenId = tokenID;
+ this.token = token;
+ }
+
+ /*
+ * (non-Javadoc)
+ *
+ * @see org.jboss.identity.federation.api.wstrust.SecurityToken#getTokenType()
+ */
+ public String getTokenType()
+ {
+ return this.tokenType;
+ }
+
+ /*
+ * (non-Javadoc)
+ *
+ * @see org.jboss.identity.federation.api.wstrust.SecurityToken#getTokenValue()
+ */
+ public Object getTokenValue()
+ {
+ return this.token;
+ }
+
+ /*
+ * (non-Javadoc)
+ *
+ * @see org.jboss.identity.federation.api.wstrust.SecurityToken#getTokenID()
+ */
+ public String getTokenID()
+ {
+ return this.tokenId;
+ }
+}
Added: identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/wstrust/WSTrustConstants.java
===================================================================
--- identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/wstrust/WSTrustConstants.java (rev 0)
+++ identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/wstrust/WSTrustConstants.java 2009-09-03 01:56:21 UTC (rev 758)
@@ -0,0 +1,54 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2009, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.identity.federation.core.wstrust;
+
+/**
+ * <p>
+ * This class defines the constants used throughout the WS-Trust implementation code.
+ * </p>
+ *
+ * @author <a href="mailto:sguilhen@redhat.com">Stefan Guilhen</a>
+ */
+public class WSTrustConstants
+{
+ public static final String BASE_NAMESPACE = "http://docs.oasis-open.org/ws-sx/ws-trust/200512/";
+
+ // WS-Trust request types.
+ public static final String ISSUE_REQUEST = BASE_NAMESPACE + "Issue";
+ public static final String RENEW_REQUEST = BASE_NAMESPACE + "Renew";
+ public static final String CANCEL_REQUEST = BASE_NAMESPACE + "Cancel";
+ public static final String VALIDATE_REQUEST = BASE_NAMESPACE + "Validate";
+
+ // WS-Trust validation constants.
+ public static final String STATUS_TYPE = BASE_NAMESPACE + "RSTR/Status";
+ public static final String STATUS_CODE_VALID = BASE_NAMESPACE + "status/valid";
+ public static final String STATUS_CODE_INVALID = BASE_NAMESPACE + "status/invalid";
+
+ // WSS namespaces values.
+ public static final String WSA_NS = "http://www.w3.org/2005/08/addressing";
+ public static final String WSU_NS = "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utilit...";
+ public static final String WSSE_NS = "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext...";
+ public static final String WSSE11_NS = "http://docs.oasis-open.org/wss/oasis-wss-wssecurity-secext-1.1.xsd";
+ public static final String XENC_NS = "http://www.w3.org/2001/04/xmlenc#";
+ public static final String DSIG_NS = "http://www.w3.org/2000/09/xmldsig#";
+ public static final String SAML2_ASSERTION_NS = "urn:oasis:names:tc:SAML:2.0:assertion";
+}
Added: identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/wstrust/WSTrustException.java
===================================================================
--- identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/wstrust/WSTrustException.java (rev 0)
+++ identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/wstrust/WSTrustException.java 2009-09-03 01:56:21 UTC (rev 758)
@@ -0,0 +1,61 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2009, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.identity.federation.core.wstrust;
+
+import java.security.GeneralSecurityException;
+
+/**
+ * <p>
+ * Exception used to convey that an error has happened when handling a WS-Trust request message.
+ * </p>
+ *
+ * @author <a href="mailto:sguilhen@redhat.com">Stefan Guilhen</a>
+ */
+public class WSTrustException extends GeneralSecurityException
+{
+ private static final long serialVersionUID = -232066282004315310L;
+
+ /**
+ * <p>
+ * Creates an instance of {@code WSTrustException} using the specified error message.
+ * </p>
+ *
+ * @param message the error message.
+ */
+ public WSTrustException(String message)
+ {
+ super(message);
+ }
+
+ /**
+ * <p>
+ * Creates an instance of {@code WSTrustException} using the specified error message and cause.
+ * </p>
+ *
+ * @param message the error message.
+ * @param cause a {@code Throwable} representing the cause of the error.
+ */
+ public WSTrustException(String message, Throwable cause)
+ {
+ super(message, cause);
+ }
+}
\ No newline at end of file
Added: identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/wstrust/WSTrustJAXBFactory.java
===================================================================
--- identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/wstrust/WSTrustJAXBFactory.java (rev 0)
+++ identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/wstrust/WSTrustJAXBFactory.java 2009-09-03 01:56:21 UTC (rev 758)
@@ -0,0 +1,412 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2009, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.identity.federation.core.wstrust;
+
+import javax.xml.bind.Binder;
+import javax.xml.bind.JAXBElement;
+import javax.xml.bind.JAXBException;
+import javax.xml.bind.Marshaller;
+import javax.xml.bind.Unmarshaller;
+import javax.xml.transform.Source;
+import javax.xml.transform.dom.DOMSource;
+
+import org.apache.log4j.Logger;
+import org.jboss.identity.federation.core.exceptions.ParsingException;
+import org.jboss.identity.federation.core.saml.v2.common.SAMLDocumentHolder;
+import org.jboss.identity.federation.core.saml.v2.util.DocumentUtil;
+import org.jboss.identity.federation.core.util.JAXBUtil;
+import org.jboss.identity.federation.core.wstrust.wrappers.BaseRequestSecurityToken;
+import org.jboss.identity.federation.core.wstrust.wrappers.BaseRequestSecurityTokenResponse;
+import org.jboss.identity.federation.core.wstrust.wrappers.RequestSecurityToken;
+import org.jboss.identity.federation.core.wstrust.wrappers.RequestSecurityTokenResponse;
+import org.jboss.identity.federation.core.wstrust.wrappers.RequestSecurityTokenResponseCollection;
+import org.jboss.identity.federation.ws.trust.ObjectFactory;
+import org.jboss.identity.federation.ws.trust.RequestSecurityTokenResponseCollectionType;
+import org.jboss.identity.federation.ws.trust.RequestSecurityTokenType;
+import org.w3c.dom.Document;
+import org.w3c.dom.Element;
+import org.w3c.dom.Node;
+import org.w3c.dom.NodeList;
+
+/**
+ * <p>
+ * This factory implements utility methods for converting between JAXB model objects and XML source.
+ * </p>
+ *
+ * @author <a href="mailto:sguilhen@redhat.com">Stefan Guilhen</a>
+ */
+public class WSTrustJAXBFactory
+{
+ private static Logger log = Logger.getLogger(WSTrustJAXBFactory.class);
+ private boolean trace = log.isTraceEnabled();
+
+ private static final WSTrustJAXBFactory instance = new WSTrustJAXBFactory();
+
+ private Marshaller marshaller;
+
+ private Unmarshaller unmarshaller;
+
+ private Binder<Node> binder;
+
+ private final ObjectFactory objectFactory;
+
+ private ThreadLocal<SAMLDocumentHolder> holders = new ThreadLocal<SAMLDocumentHolder>();
+
+ /**
+ * <p>
+ * Creates the {@code WSTrustJAXBFactory} singleton instance.
+ * </p>
+ */
+ private WSTrustJAXBFactory()
+ {
+ try
+ {
+ this.marshaller = JAXBUtil.getMarshaller(this.getPackages());
+ this.unmarshaller = JAXBUtil.getUnmarshaller(this.getPackages());
+ this.binder = JAXBUtil.getJAXBContext(this.getPackages()).createBinder();
+ this.objectFactory = new ObjectFactory();
+ }
+ catch (JAXBException e)
+ {
+ throw new RuntimeException(e.getMessage(), e);
+ }
+ }
+
+ /**
+ * <p>
+ * Gets a reference to the singleton instance.
+ * </p>
+ *
+ * @return a reference to the {@code WSTrustJAXBFactory} instance.
+ */
+ public static WSTrustJAXBFactory getInstance()
+ {
+ return instance;
+ }
+
+ private String getPackages()
+ {
+ StringBuilder packages = new StringBuilder();
+ packages.append("org.jboss.identity.federation.ws.addressing");
+ packages.append(":org.jboss.identity.federation.ws.policy");
+ packages.append(":org.jboss.identity.federation.ws.trust");
+ packages.append(":org.jboss.identity.federation.ws.wss.secext");
+ packages.append(":org.jboss.identity.federation.ws.wss.utility");
+ return packages.toString();
+ }
+
+ /**
+ * <p>
+ * Creates a {@code BaseRequestSecurityToken} from the specified XML source.
+ * </p>
+ *
+ * @param request
+ * the XML source containing the security token request message.
+ * @return the constructed {@code BaseRequestSecurityToken} instance. It will be an instance of {@code
+ * RequestSecurityToken} the message contains a single token request, and an instance of {@code
+ * RequestSecurityTokenCollection} if multiples requests are being made in the same message.
+ * @throws ParsingException
+ */
+ @SuppressWarnings("unchecked")
+ public BaseRequestSecurityToken parseRequestSecurityToken(Source request) throws ParsingException
+ {
+ // if the request contains a validate, cancel, or renew target, we must preserve it from JAXB unmarshalling.
+ Node documentNode = ((DOMSource) request).getNode();
+ Document document = documentNode instanceof Document ? (Document) documentNode : documentNode.getOwnerDocument();
+
+ JAXBElement<RequestSecurityTokenType> jaxbRST;
+ try
+ {
+ Node rst = this.findNodeByNameNS(document, "RequestSecurityToken", WSTrustConstants.BASE_NAMESPACE);
+ if(rst == null)
+ throw new RuntimeException("Request Security Token node not found");
+
+ jaxbRST = (JAXBElement<RequestSecurityTokenType>) binder.unmarshal(rst);
+
+ RequestSecurityTokenType rstt = jaxbRST.getValue();
+ holders.set(new SAMLDocumentHolder(rstt, document));
+ return new RequestSecurityToken(rstt);
+ }
+ catch (JAXBException e)
+ {
+ throw new ParsingException(e);
+ }
+
+
+ /*Element targetElement = this.getValidateOrRenewOrCancelTarget(document);
+
+ try
+ {
+ Object object = this.unmarshaller.unmarshal(request);
+ if (object instanceof JAXBElement)
+ {
+ JAXBElement<?> element = (JAXBElement<?>) object;
+ if (element.getDeclaredType().equals(RequestSecurityTokenType.class))
+ {
+ RequestSecurityToken parsedRequest = new RequestSecurityToken((RequestSecurityTokenType) element
+ .getValue());
+ // insert the request target in the parsed request.
+ if (targetElement != null)
+ {
+ if (parsedRequest.getValidateTarget() != null)
+ parsedRequest.getValidateTarget().setAny(targetElement);
+ else if (parsedRequest.getRenewTarget() != null)
+ parsedRequest.getRenewTarget().setAny(targetElement);
+ else if (parsedRequest.getCancelTarget() != null)
+ parsedRequest.getCancelTarget().setAny(targetElement);
+ }
+ return parsedRequest;
+ }
+ else
+ throw new RuntimeException("Invalid request type: " + element.getDeclaredType());
+ }
+ else
+ throw new RuntimeException("Invalid request type: " + object.getClass().getName());
+ }
+ catch (Exception e)
+ {
+ throw new RuntimeException("Failed to unmarshall security token request", e);
+ }*/
+ }
+
+ /**
+ * <p>
+ * Creates a {@code BaseRequestSecurityTokenResponse} from the specified XML source.
+ * </p>
+ *
+ * @param response
+ * the XML source containing the security token response message.
+ * @return the constructed {@code BaseRequestSecurityTokenResponse} instance. According to the WS-Trust
+ * specification, the returned object will be an instance of {@code RequestSecurityTokenResponseCollection}.
+ */
+ public BaseRequestSecurityTokenResponse parseRequestSecurityTokenResponse(Source response)
+ {
+ // if the response contains an issued token, we must preserve it from the JAXB unmarshalling.
+ Element tokenElement = null;
+ Node documentNode = ((DOMSource) response).getNode();
+ Document document = documentNode instanceof Document ? (Document) documentNode : documentNode.getOwnerDocument();
+ Node requestedTokenNode = this.findNodeByNameNS(document, "RequestedSecurityToken",
+ WSTrustConstants.BASE_NAMESPACE);
+ if (requestedTokenNode != null)
+ tokenElement = (Element) requestedTokenNode.getFirstChild();
+
+ try
+ {
+ Object object = this.unmarshaller.unmarshal(response);
+ if (object instanceof JAXBElement)
+ {
+ JAXBElement<?> element = (JAXBElement<?>) unmarshaller.unmarshal(response);
+ if (element.getDeclaredType().equals(RequestSecurityTokenResponseCollectionType.class))
+ {
+ RequestSecurityTokenResponseCollection collection = new RequestSecurityTokenResponseCollection(
+ (RequestSecurityTokenResponseCollectionType) element.getValue());
+ // insert the security token in the parsed response.
+ if (tokenElement != null)
+ {
+ RequestSecurityTokenResponse parsedResponse = collection.getRequestSecurityTokenResponses().get(0);
+ parsedResponse.getRequestedSecurityToken().setAny(tokenElement);
+ }
+ return collection;
+ }
+ else
+ throw new RuntimeException("Invalid response type: " + element.getDeclaredType());
+ }
+ else
+ throw new RuntimeException("Invalid response type: " + object.getClass().getName());
+ }
+ catch (Exception e)
+ {
+ throw new RuntimeException("Failed to unmarshall security token response", e);
+ }
+ }
+
+ /**
+ * <p>
+ * Creates a {@code javax.xml.transform.Source} from the specified request object.
+ * </p>
+ *
+ * @param request
+ * a {@code RequestSecurityToken} representing the object model of the security token request.
+ * @return the constructed {@code Source} instance.
+ */
+ public Source marshallRequestSecurityToken(RequestSecurityToken request)
+ {
+ Element targetElement = null;
+ // if the request has a validate, cancel, or renew target, we must preserve it from JAXB marshaling.
+ String requestType = request.getRequestType().toString();
+ if (requestType.equalsIgnoreCase(WSTrustConstants.VALIDATE_REQUEST))
+ {
+ targetElement = (Element) request.getValidateTarget().getAny();
+ request.getValidateTarget().setAny(null);
+ }
+ else if (requestType.equalsIgnoreCase(WSTrustConstants.RENEW_REQUEST))
+ {
+ targetElement = (Element) request.getRenewTarget().getAny();
+ request.getRenewTarget().setAny(null);
+ }
+ else if (requestType.equalsIgnoreCase(WSTrustConstants.CANCEL_REQUEST))
+ {
+ targetElement = (Element) request.getCancelTarget().getAny();
+ request.getCancelTarget().setAny(null);
+ }
+
+ Document result = null;
+ try
+ {
+ result = DocumentUtil.createDocument();
+ this.marshaller.marshal(this.objectFactory.createRequestSecurityToken(request.getDelegate()), result);
+
+ // insert the original target in the appropriate element.
+ if (targetElement != null)
+ {
+ Node node = null;
+ if (requestType.equalsIgnoreCase(WSTrustConstants.VALIDATE_REQUEST))
+ node = this.findNodeByNameNS(result, "ValidateTarget", WSTrustConstants.BASE_NAMESPACE);
+ else if (requestType.equalsIgnoreCase(WSTrustConstants.RENEW_REQUEST))
+ node = this.findNodeByNameNS(result, "RenewTarget", WSTrustConstants.BASE_NAMESPACE);
+ else if (requestType.equalsIgnoreCase(WSTrustConstants.CANCEL_REQUEST))
+ node = this.findNodeByNameNS(result, "CancelTarget", WSTrustConstants.BASE_NAMESPACE);
+ if(node == null)
+ throw new RuntimeException("Unsupported request type:" + requestType);
+ node.appendChild(result.importNode(targetElement, true));
+ }
+ }
+ catch (Exception e)
+ {
+ throw new RuntimeException("Failed to marshall security token request", e);
+ }
+
+ return DocumentUtil.getXMLSource(result);
+ }
+
+ /**
+ * <p>
+ * Creates a {@code javax.xml.transform.Source} from the specified response object.
+ * </p>
+ *
+ * @param collection
+ * a {@code RequestSecurityTokenResponseCollection} representing the object model of the security token
+ * response.
+ * @return the constructed {@code Source} instance.
+ */
+ public Source marshallRequestSecurityTokenResponse(RequestSecurityTokenResponseCollection collection)
+ {
+ if (collection.getRequestSecurityTokenResponses().size() == 0)
+ throw new IllegalArgumentException("The response collection must contain at least one response");
+
+ // if the response contains an issued token, we must preserve it from the JAXB marshaling.
+ Element tokenElement = null;
+ RequestSecurityTokenResponse response = collection.getRequestSecurityTokenResponses().get(0);
+ if (response.getRequestedSecurityToken() != null)
+ {
+ tokenElement = (Element) response.getRequestedSecurityToken().getAny();
+ // we don't want to marshall any token - it will be inserted in the DOM document later.
+ response.getRequestedSecurityToken().setAny(null);
+ }
+
+ Document result = null;
+ try
+ {
+ // marshall the response to a document and insert the issued token directly on the document.
+ result = DocumentUtil.createDocument();
+ this.marshaller.marshal(this.objectFactory.createRequestSecurityTokenResponseCollection(collection
+ .getDelegate()), result);
+
+ // the document is a ws-trust template - we need to insert the token in the appropriate element.
+ if (tokenElement != null)
+ {
+ Node node = this.findNodeByNameNS(result, "RequestedSecurityToken", WSTrustConstants.BASE_NAMESPACE);
+ node.appendChild(result.importNode(tokenElement, true));
+ }
+ if(trace)
+ {
+ try
+ {
+ log.trace("Final RSTR doc:" + DocumentUtil.getDocumentAsString(result));
+
+ }catch(Exception ignore){}
+ }
+
+ }
+ catch (Exception e)
+ {
+ throw new RuntimeException("Failed to marshall security token response", e);
+ }
+ return DocumentUtil.getXMLSource(result);
+ }
+
+ /**
+ * Return the {@code SAMLDocumentHolder} for the thread
+ * @return
+ */
+ public SAMLDocumentHolder getSAMLDocumentHolderOnThread()
+ {
+ return holders.get();
+ }
+
+ /**
+ * <p>
+ * Finds in the specified document a node that matches the specified name and namespace.
+ * </p>
+ *
+ * @param document
+ * the {@code Document} instance upon which the search is made.
+ * @param localName
+ * a {@code String} containing the local name of the searched node.
+ * @param namespace
+ * a {@code String} containing the namespace of the searched node.
+ * @return a {@code Node} representing the searched node. If more than one node is found in the document, the first
+ * one will be returned. If no nodes were found according to the search parameters, then {@code null} is
+ * returned.
+ */
+ private Node findNodeByNameNS(Document document, String localName, String namespace)
+ {
+ NodeList list = document.getElementsByTagNameNS(namespace, localName);
+ if (list == null || list.getLength() == 0)
+ // log("Unable to locate element " + localName + " with namespace " + namespace);
+ return null;
+ return list.item(0);
+ }
+
+ /**
+ * <p>
+ * Searches the specified document for an element that represents a validate, renew, or cancel target.
+ * </p>
+ *
+ * @param document
+ * the {@code Document} upon which the search is to be made.
+ * @return an {@code Element} representing the validate, renew, or cancel target.
+ */
+ /*private Element getValidateOrRenewOrCancelTarget(Document document)
+ {
+ Node target = this.findNodeByNameNS(document, "ValidateTarget", WSTrustConstants.BASE_NAMESPACE);
+ if (target != null)
+ return (Element) target.getFirstChild();
+ target = this.findNodeByNameNS(document, "RenewTarget", WSTrustConstants.BASE_NAMESPACE);
+ if (target != null)
+ return (Element) target.getFirstChild();
+ target = this.findNodeByNameNS(document, "CancelTarget", WSTrustConstants.BASE_NAMESPACE);
+ if (target != null)
+ return (Element) target.getFirstChild();
+ return null;
+ }*/
+}
\ No newline at end of file
Added: identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/wstrust/WSTrustRequestContext.java
===================================================================
--- identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/wstrust/WSTrustRequestContext.java (rev 0)
+++ identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/wstrust/WSTrustRequestContext.java 2009-09-03 01:56:21 UTC (rev 758)
@@ -0,0 +1,247 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2009, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.identity.federation.core.wstrust;
+
+import java.security.Principal;
+import java.security.PublicKey;
+
+import org.jboss.identity.federation.core.wstrust.wrappers.RequestSecurityToken;
+import org.jboss.identity.federation.ws.trust.RequestedReferenceType;
+import org.jboss.identity.federation.ws.trust.StatusType;
+
+/**
+ * <p>
+ * The {@code WSTrustRequestContext} contains all the information that is relevant for the security token request
+ * processing. Its attributes are divided into two groups: attributes set by the request handler before calling a token
+ * provider, and attributes set by the token provider after processing the token request.
+ * </p>
+ *
+ * @author <a href="mailto:sguilhen@redhat.com">Stefan Guilhen</a>
+ */
+public class WSTrustRequestContext
+{
+
+ // information supplied by the request handler.
+ private String tokenIssuer;
+
+ private PublicKey providerPublicKey;
+
+ private final Principal callerPrincipal;
+
+ private final RequestSecurityToken request;
+
+ // information supplied by the token provider.
+ private SecurityToken securityToken;
+
+ private StatusType status;
+
+ private RequestedReferenceType attachedReference;
+
+ private RequestedReferenceType unattachedReference;
+
+ /**
+ * <p>
+ * Creates an instance of {@code WSTrustRequestContext} using the specified request.
+ * </p>
+ *
+ * @param request a {@code RequestSecurityToken} object that contains the information about the security token
+ * request.
+ * @param callerPrincipal the {@code Principal} of the security token requester.
+ */
+ public WSTrustRequestContext(RequestSecurityToken request, Principal callerPrincipal)
+ {
+ this.request = request;
+ this.callerPrincipal = callerPrincipal;
+ }
+
+ /**
+ * <p>
+ * Obtains the name of the token issuer (security token service name).
+ * </p>
+ *
+ * @return a {@code String} representing the token issuer name.
+ */
+ public String getTokenIssuer()
+ {
+ return tokenIssuer;
+ }
+
+ /**
+ * <p>
+ * Sets the name of the token issuer.
+ * </p>
+ *
+ * @param tokenIssuer a {@code String} representing the token issuer name.
+ */
+ public void setTokenIssuer(String tokenIssuer)
+ {
+ this.tokenIssuer = tokenIssuer;
+ }
+
+ /**
+ * <p>
+ * Obtains the {@code PublicKey} of the service provider that requires a security token.
+ * </p>
+ *
+ * @return the service provider's {@code PublicKey}.
+ */
+ public PublicKey getServiceProviderPublicKey()
+ {
+ return this.providerPublicKey;
+ }
+
+ /**
+ * <p>
+ * Sets the {@code PublicKey} of the service provider that requires a security token.
+ * </p>
+ *
+ * @param providerPublicKey the service provider's {@code PublicKey}.
+ */
+ public void setServiceProviderPublicKey(PublicKey providerPublicKey)
+ {
+ this.providerPublicKey = providerPublicKey;
+ }
+
+ /**
+ * <p>
+ * Obtains the principal of the WS-Trust token requester.
+ * </p>
+ *
+ * @return a reference to the caller {@code Principal} object.
+ */
+ public Principal getCallerPrincipal()
+ {
+ return this.callerPrincipal;
+ }
+
+ /**
+ * <p>
+ * Obtains the object the contains the information about the security token request.
+ * </p>
+ *
+ * @return a reference to the {@code RequestSecurityToken} instance.
+ */
+ public RequestSecurityToken getRequestSecurityToken()
+ {
+ return this.request;
+ }
+
+ /**
+ * <p>
+ * Obtains the security token contained in this context.
+ * </p>
+ *
+ * @return a reference to the {@code SecurityToken} instance.
+ */
+ public SecurityToken getSecurityToken()
+ {
+ return this.securityToken;
+ }
+
+ /**
+ * <p>
+ * Sets the security token in the context.
+ * </p>
+ *
+ * @param token the {@code SecurityToken} instance to be set.
+ */
+ public void setSecurityToken(SecurityToken token)
+ {
+ this.securityToken = token;
+ }
+
+ /**
+ * <p>
+ * Obtains the status of the security token validation.
+ * </p>
+ *
+ * @return a reference to the resulting {@code StatusType}.
+ */
+ public StatusType getStatus()
+ {
+ return this.status;
+ }
+
+ /**
+ * <p>
+ * Sets the status of the security token validation.
+ * </p>
+ *
+ * @param status a reference to the {@code StatusType} that represents the validation status.
+ */
+ public void setStatus(StatusType status)
+ {
+ this.status = status;
+ }
+
+ /**
+ * <p>
+ * Obtains the security token attached reference. This reference is used to locate the token inside the WS-Trust
+ * response message when that token doesn't support references using URI fragments.
+ * </p>
+ *
+ * @return a {@code RequestedReferenceType} representing the attached reference.
+ */
+ public RequestedReferenceType getAttachedReference()
+ {
+ return this.attachedReference;
+ }
+
+ /**
+ * <p>
+ * Sets the security token attached reference. This reference is used to locate the token inside the WS-Trust
+ * response message when that token doesn't support references using URI fragments.
+ * </p>
+ *
+ * @param attachedReference a {@code RequestedReferenceType} representing the attached reference.
+ */
+ public void setAttachedReference(RequestedReferenceType attachedReference)
+ {
+ this.attachedReference = attachedReference;
+ }
+
+ /**
+ * <p>
+ * Obtains the security token unattached reference. This reference is used to locate the token when it is not placed
+ * inside the WS-Trust response message.
+ * </p>
+ *
+ * @return a {@code RequestedReferenceType} representing the unattached reference.
+ */
+ public RequestedReferenceType getUnattachedReference()
+ {
+ return this.unattachedReference;
+ }
+
+ /**
+ * <p>
+ * Sets the security token unattached reference. This reference is used to locate the token when it is not placed
+ * inside the WS-Trust response message.
+ * </p>
+ *
+ * @param unattachedReference a {@code RequestedReferenceType} representing the unattached reference.
+ */
+ public void setUnattachedReference(RequestedReferenceType unattachedReference)
+ {
+ this.unattachedReference = unattachedReference;
+ }
+}
Added: identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/wstrust/WSTrustRequestHandler.java
===================================================================
--- identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/wstrust/WSTrustRequestHandler.java (rev 0)
+++ identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/wstrust/WSTrustRequestHandler.java 2009-09-03 01:56:21 UTC (rev 758)
@@ -0,0 +1,111 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2009, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.identity.federation.core.wstrust;
+
+import java.security.Principal;
+
+import org.jboss.identity.federation.core.wstrust.wrappers.RequestSecurityToken;
+import org.jboss.identity.federation.core.wstrust.wrappers.RequestSecurityTokenResponse;
+import org.w3c.dom.Document;
+
+/**
+ * <p>
+ * The {@code WSTrustRequestHandler} interface defines the methods that will be responsible for handling the different
+ * types of WS-Trust request messages.
+ * </p>
+ *
+ * @author <a href="mailto:sguilhen@redhat.com">Stefan Guilhen</a>
+ */
+public interface WSTrustRequestHandler
+{
+ /**
+ * <p>
+ * Initializes the concrete {@code WSTrustRequestHandler} instance.
+ * </p>
+ *
+ * @param configuration a reference to object that contains the STS configuration.
+ */
+ public void initialize(STSConfiguration configuration);
+
+ /**
+ * <p>
+ * Generates a security token according to the information specified in the request message and returns the created
+ * token in the response.
+ * </p>
+ *
+ * @param request the security token request message.
+ * @param callerPrincipal the {@code Principal} of the ws-trust token requester.
+ * @return a {@code RequestSecurityTokenResponse} containing the generated token.
+ * @throws WSTrustException if an error occurs while handling the request message.
+ */
+ public RequestSecurityTokenResponse issue(RequestSecurityToken request, Principal callerPrincipal)
+ throws WSTrustException;
+
+ /**
+ * <p>
+ * Renews the security token as specified in the request message, returning the renewed token in the response.
+ * </p>
+ *
+ * @param request the request message that contains the token to be renewed.
+ * @param callerPrincipal the {@code Principal} of the ws-trust token requester.
+ * @return a {@code RequestSecurityTokenResponse} containing the renewed token.
+ * @throws WSTrustException if an error occurs while handling the renewal process.
+ */
+ public RequestSecurityTokenResponse renew(RequestSecurityToken request, Principal callerPrincipal)
+ throws WSTrustException;
+
+ /**
+ * <p>
+ * Cancels the security token as specified in the request message.
+ * </p>
+ *
+ * @param request the request message that contains the token to be canceled.
+ * @param callerPrincipal the {@code Principal} of the ws-trust token requester.
+ * @return a {@code RequestSecurityTokenResponse} indicating whether the token has been canceled or not.
+ * @throws WSTrustException if an error occurs while handling the cancellation process.
+ */
+ public RequestSecurityTokenResponse cancel(RequestSecurityToken request, Principal callerPrincipal)
+ throws WSTrustException;
+
+ /**
+ * <p>
+ * Validates the security token as specified in the request message.
+ * </p>
+ *
+ * @param request the request message that contains the token to be validated.
+ * @param callerPrincipal the {@code Principal} of the ws-trust token requester.
+ * @return a {@code RequestSecurityTokenResponse} containing the validation status or a new token.
+ * @throws WSTrustException if an error occurs while handling the validation process.
+ */
+ public RequestSecurityTokenResponse validate(RequestSecurityToken request, Principal callerPrincipal)
+ throws WSTrustException;
+
+ /**
+ * Perform Post Processing on the generated RSTR Collection Document
+ * Steps such as signing and encryption need to be done here.
+ * @param rstrDocument
+ * @param request
+ * @return
+ * @throws WSTrustException
+ */
+ public Document postProcess(Document rstrDocument, RequestSecurityToken request) throws WSTrustException;
+}
Added: identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/wstrust/WSTrustServiceFactory.java
===================================================================
--- identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/wstrust/WSTrustServiceFactory.java (rev 0)
+++ identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/wstrust/WSTrustServiceFactory.java 2009-09-03 01:56:21 UTC (rev 758)
@@ -0,0 +1,102 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2009, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.identity.federation.core.wstrust;
+
+import java.security.PrivilegedActionException;
+
+/**
+ * <p>
+ * Factory class used for instantiating pluggable services, such as the {@code WSTrustRequestHandler} and
+ * {@code SecurityTokenProvider} implementations.
+ * </p>
+ *
+ * @author <a href="mailto:sguilhen@redhat.com">Stefan Guilhen</a>
+ */
+public class WSTrustServiceFactory
+{
+
+ private static final WSTrustServiceFactory factory = new WSTrustServiceFactory();
+
+ /**
+ * <p>
+ * Creates the {@code WSTrustConfigurationFactory} singleton instance.
+ * </p>
+ */
+ private WSTrustServiceFactory()
+ {
+ }
+
+ /**
+ * <p>
+ * Obtains a reference to the singleton instance.
+ * </p>
+ *
+ * @return the {@code WSTrustConfigurationFactory} singleton.
+ */
+ public static WSTrustServiceFactory getInstance()
+ {
+ return factory;
+ }
+
+ /**
+ * <p>
+ * Constructs and returns the {@code WSTrustRequestHandler} that will be used to handle WS-Trust requests.
+ * </p>
+ *
+ * @param configuration a reference to the {@code STSConfiguration}.
+ * @return a reference to the constructed {@code WSTrustRequestHandler} object.
+ */
+ public WSTrustRequestHandler createRequestHandler(String handlerClassName, STSConfiguration configuration)
+ {
+ try
+ {
+ WSTrustRequestHandler handler = (WSTrustRequestHandler) SecurityActions.instantiateClass(handlerClassName);
+ handler.initialize(configuration);
+ return handler;
+ }
+ catch (Exception e)
+ {
+ throw new RuntimeException(e.getMessage(), e);
+ }
+ }
+
+ /**
+ * <p>
+ * Constructs and returns a {@code SecurityTokenProvider} from the specified class name.
+ * </p>
+ *
+ * @param providerClass the FQN of the {@code SecurityTokenProvider} to be instantiated.
+ * @return a reference to the constructed {@code SecurityTokenProvider} object.
+ */
+ public SecurityTokenProvider createTokenProvider(String providerClass)
+ {
+ try
+ {
+ SecurityTokenProvider tokenProvider = (SecurityTokenProvider) SecurityActions.instantiateClass(providerClass);
+ return tokenProvider;
+ }
+ catch (PrivilegedActionException pae)
+ {
+ throw new RuntimeException("Unable to instantiate token provider " + providerClass, pae);
+ }
+ }
+}
Added: identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/wstrust/WSTrustUtil.java
===================================================================
--- identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/wstrust/WSTrustUtil.java (rev 0)
+++ identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/wstrust/WSTrustUtil.java 2009-09-03 01:56:21 UTC (rev 758)
@@ -0,0 +1,157 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2009, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.identity.federation.core.wstrust;
+
+import java.util.GregorianCalendar;
+import java.util.Map;
+
+import javax.xml.bind.JAXBElement;
+import javax.xml.namespace.QName;
+
+import org.jboss.identity.federation.core.wstrust.wrappers.Lifetime;
+import org.jboss.identity.federation.ws.addressing.AttributedURIType;
+import org.jboss.identity.federation.ws.addressing.EndpointReferenceType;
+import org.jboss.identity.federation.ws.addressing.ObjectFactory;
+import org.jboss.identity.federation.ws.policy.AppliesTo;
+import org.jboss.identity.federation.ws.trust.RequestedReferenceType;
+import org.jboss.identity.federation.ws.wss.secext.KeyIdentifierType;
+import org.jboss.identity.federation.ws.wss.secext.SecurityTokenReferenceType;
+
+/**
+ * <p>
+ * Utility class that provides methods for parsing/creating WS-Trust elements.
+ * </p>
+ *
+ * @author <a href="mailto:sguilhen@redhat.com">Stefan Guilhen</a>
+ */
+public class WSTrustUtil
+{
+
+ /**
+ * <p>
+ * Creates an instance of {@code KeyIdentifierType} with the specified values.
+ * </p>
+ *
+ * @param valueType a {@code String} representing the identifier value type.
+ * @param value a {@code String} representing the identifier value.
+ * @return the constructed {@code KeyIdentifierType} instance.
+ */
+ public static KeyIdentifierType createKeyIdentifier(String valueType, String value)
+ {
+ KeyIdentifierType keyIdentifier = new KeyIdentifierType();
+ keyIdentifier.setValueType(valueType);
+ keyIdentifier.setValue(value);
+ return keyIdentifier;
+ }
+
+ /**
+ * <p>
+ * Creates an instance of {@code RequestedReferenceType} with the specified values. This method first creates a
+ * {@code SecurityTokenReferenceType} with the specified key identifier and attributes and then use this reference
+ * to construct the {@code RequestedReferenceType} that is returned.
+ * </p>
+ *
+ * @param keyIdentifier the key identifier of the security token reference.
+ * @param attributes the attributes to be set on the security token reference.
+ * @return the constructed {@code RequestedReferenceType} instance.
+ */
+ public static RequestedReferenceType createRequestedReference(KeyIdentifierType keyIdentifier,
+ Map<QName, String> attributes)
+ {
+ SecurityTokenReferenceType securityTokenReference = new SecurityTokenReferenceType();
+ securityTokenReference.getAny().add(
+ new org.jboss.identity.federation.ws.wss.secext.ObjectFactory().createKeyIdentifier(keyIdentifier));
+ securityTokenReference.getOtherAttributes().putAll(attributes);
+ RequestedReferenceType reference = new RequestedReferenceType();
+ reference.setSecurityTokenReference(securityTokenReference);
+
+ return reference;
+ }
+
+ /**
+ * <p>
+ * Creates an instance of {@code AppliesTo} using the specified endpoint address.
+ * </p>
+ *
+ * @param endpointURI a {@code String} representing the endpoint URI.
+ * @return the constructed {@code AppliesTo} instance.
+ */
+ public static AppliesTo createAppliesTo(String endpointURI)
+ {
+ AttributedURIType attributedURI = new AttributedURIType();
+ attributedURI.setValue(endpointURI);
+ EndpointReferenceType reference = new EndpointReferenceType();
+ reference.setAddress(attributedURI);
+ AppliesTo appliesTo = new AppliesTo();
+ appliesTo.getAny().add(new ObjectFactory().createEndpointReference(reference));
+
+ return appliesTo;
+ }
+
+ /**
+ * <p>
+ * Parses the contents of the {@code AppliesTo} element and returns the address the uniquely identify the service
+ * provider.
+ * </p>
+ *
+ * @param appliesTo the {@code AppliesTo} instance to be parsed.
+ * @return the address of the service provider.
+ */
+ public static String parseAppliesTo(AppliesTo appliesTo)
+ {
+ EndpointReferenceType reference = null;
+ for (Object obj : appliesTo.getAny())
+ {
+ if (obj instanceof EndpointReferenceType)
+ reference = (EndpointReferenceType) obj;
+ else if (obj instanceof JAXBElement)
+ {
+ JAXBElement<?> element = (JAXBElement<?>) obj;
+ if (element.getName().getLocalPart().equalsIgnoreCase("EndpointReference"))
+ reference = (EndpointReferenceType) element.getValue();
+ }
+
+ if (reference != null && reference.getAddress() != null)
+ return reference.getAddress().getValue();
+ }
+ return null;
+ }
+
+ /**
+ * <p>
+ * Creates a {@code Lifetime} instance that specifies a range of time that starts at the current GMT time and has
+ * the specified duration in milliseconds.
+ * </p>
+ *
+ * @param tokenTimeout the token timeout value (in milliseconds).
+ * @return the constructed {@code Lifetime} instance.
+ */
+ public static Lifetime createDefaultLifetime(long tokenTimeout)
+ {
+ GregorianCalendar created = new GregorianCalendar();
+ GregorianCalendar expires = new GregorianCalendar();
+ expires.setTimeInMillis(created.getTimeInMillis() + tokenTimeout);
+
+ return new Lifetime(created, expires);
+ }
+
+}
Added: identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/wstrust/plugins/saml/SAML20TokenProvider.java
===================================================================
--- identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/wstrust/plugins/saml/SAML20TokenProvider.java (rev 0)
+++ identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/wstrust/plugins/saml/SAML20TokenProvider.java 2009-09-03 01:56:21 UTC (rev 758)
@@ -0,0 +1,242 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2009, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.identity.federation.core.wstrust.plugins.saml;
+
+import java.security.Principal;
+import java.util.HashMap;
+import java.util.Map;
+
+import javax.xml.bind.JAXBElement;
+import javax.xml.bind.JAXBException;
+import javax.xml.namespace.QName;
+
+import org.jboss.identity.federation.core.saml.v2.common.IDGenerator;
+import org.jboss.identity.federation.core.saml.v2.factories.SAMLAssertionFactory;
+import org.jboss.identity.federation.core.saml.v2.util.AssertionUtil;
+import org.jboss.identity.federation.core.wstrust.SecurityToken;
+import org.jboss.identity.federation.core.wstrust.SecurityTokenProvider;
+import org.jboss.identity.federation.core.wstrust.StandardSecurityToken;
+import org.jboss.identity.federation.core.wstrust.WSTrustConstants;
+import org.jboss.identity.federation.core.wstrust.WSTrustException;
+import org.jboss.identity.federation.core.wstrust.WSTrustRequestContext;
+import org.jboss.identity.federation.core.wstrust.WSTrustUtil;
+import org.jboss.identity.federation.core.wstrust.wrappers.Lifetime;
+import org.jboss.identity.federation.saml.v2.assertion.AssertionType;
+import org.jboss.identity.federation.saml.v2.assertion.AudienceRestrictionType;
+import org.jboss.identity.federation.saml.v2.assertion.ConditionsType;
+import org.jboss.identity.federation.saml.v2.assertion.NameIDType;
+import org.jboss.identity.federation.saml.v2.assertion.SubjectConfirmationType;
+import org.jboss.identity.federation.saml.v2.assertion.SubjectType;
+import org.jboss.identity.federation.ws.policy.AppliesTo;
+import org.jboss.identity.federation.ws.trust.RequestedReferenceType;
+import org.jboss.identity.federation.ws.trust.StatusType;
+import org.jboss.identity.federation.ws.trust.ValidateTargetType;
+import org.jboss.identity.federation.ws.wss.secext.KeyIdentifierType;
+import org.w3c.dom.Element;
+
+/**
+ * <p>
+ * A {@code SecurityTokenProvider} implementation that handles WS-Trust SAML 2.0 token requests.
+ * </p>
+ *
+ * @author <a href="mailto:sguilhen@redhat.com">Stefan Guilhen</a>
+ */
+public class SAML20TokenProvider implements SecurityTokenProvider
+{
+
+ /*
+ * (non-Javadoc)
+ *
+ * @see org.jboss.identity.federation.api.wstrust.SecurityTokenProvider#cancelToken(org.jboss.identity.federation.api.wstrust.WSTrustRequestContext)
+ */
+ public void cancelToken(WSTrustRequestContext context) throws WSTrustException
+ {
+ // TODO: implement cancel logic.
+ }
+
+ /*
+ * (non-Javadoc)
+ *
+ * @see org.jboss.identity.federation.api.wstrust.SecurityTokenProvider#issueToken(org.jboss.identity.federation.api.wstrust.WSTrustRequestContext)
+ */
+ public void issueToken(WSTrustRequestContext context) throws WSTrustException
+ {
+ // generate an id for the new assertion.
+ String assertionID = IDGenerator.create("ID_");
+
+ issueToken(context, assertionID);
+ }
+
+ /*
+ * (non-Javadoc)
+ *
+ * @see org.jboss.identity.federation.api.wstrust.SecurityTokenProvider#renewToken(org.jboss.identity.federation.api.wstrust.WSTrustRequestContext)
+ */
+ public void renewToken(WSTrustRequestContext context) throws WSTrustException
+ {
+ Element assertion = (Element) context.getRequestSecurityToken().getRenewTarget().getAny();
+
+ String id = assertion.getAttribute("ID");
+
+ issueToken(context, id); //Just reissue
+ }
+
+ /*
+ * (non-Javadoc)
+ *
+ * @see org.jboss.identity.federation.api.wstrust.SecurityTokenProvider#validateToken(org.jboss.identity.federation.api.wstrust.WSTrustRequestContext)
+ */
+ @SuppressWarnings("unchecked")
+ public void validateToken(WSTrustRequestContext context) throws WSTrustException
+ {
+ // get the SAML assertion that must be validated.
+ ValidateTargetType validateTarget = context.getRequestSecurityToken().getValidateTarget();
+ if(validateTarget == null)
+ throw new WSTrustException("Invalid validate message: missing required ValidateTarget");
+
+ String code = WSTrustConstants.STATUS_CODE_VALID;
+ String reason = "SAMLV2.0 Assertion successfuly validated";
+
+ AssertionType assertion = null;
+
+ Object assertionObj = validateTarget.getAny();
+ if(assertionObj instanceof JAXBElement)
+ {
+ JAXBElement<AssertionType> assertionType = (JAXBElement<AssertionType>) validateTarget.getAny();
+ assertion = assertionType.getValue();
+ }
+ else if(assertionObj instanceof Element)
+ {
+ Element assertionElement = (Element) assertionObj;
+
+ if(!this.isAssertion(assertionElement))
+ {
+ code = WSTrustConstants.STATUS_CODE_INVALID;
+ reason = "Validation failure: supplied token is not a SAMLV2.0 Assertion";
+ }
+ else
+ {
+ try
+ {
+ assertion = SAMLUtil.fromElement((Element) assertionObj);
+ }
+ catch (JAXBException e)
+ {
+ throw new WSTrustException("Unmarshalling error:",e);
+ }
+ }
+ }
+
+ // check the assertion lifetime.
+ try
+ {
+ if(AssertionUtil.hasExpired(assertion))
+ {
+ code = WSTrustConstants.STATUS_CODE_INVALID;
+ reason = "Validation failure: assertion expired or used before its lifetime period";
+ }
+ }
+ catch(Exception ce)
+ {
+ code = WSTrustConstants.STATUS_CODE_INVALID;
+ reason = "Validation failure: unable to verify assertion lifetime: " + ce.getMessage();
+ }
+
+ // construct the status and set it on the request context.
+ StatusType status = new StatusType();
+ status.setCode(code);
+ status.setReason(reason);
+ context.setStatus(status);
+ }
+
+ /**
+ * <p>
+ * Checks whether the specified element is a SAMLV2.0 assertion or not.
+ * </p>
+ *
+ * @param element the {@code Element} being verified.
+ * @return {@code true} if the element is a SAMLV2.0 assertion; {@code false} otherwise.
+ */
+ private boolean isAssertion(Element element)
+ {
+ return element == null ? false : "Assertion".equals(element.getLocalName())
+ && WSTrustConstants.SAML2_ASSERTION_NS.equals(element.getNamespaceURI());
+ }
+
+ /**
+ * Issue a SAML assertion token with the provided ID
+ * @param context
+ * @param assertionID
+ * @throws WSTrustException
+ */
+ private void issueToken(WSTrustRequestContext context, String assertionID) throws WSTrustException
+ {
+ // lifetime and audience restrictions.
+ Lifetime lifetime = context.getRequestSecurityToken().getLifetime();
+ AudienceRestrictionType restriction = null;
+ AppliesTo appliesTo = context.getRequestSecurityToken().getAppliesTo();
+ if (appliesTo != null)
+ restriction = SAMLAssertionFactory.createAudienceRestriction(WSTrustUtil.parseAppliesTo(appliesTo));
+ ConditionsType conditions = SAMLAssertionFactory.createConditions(lifetime.getCreated(), lifetime.getExpires(),
+ restriction);
+
+ // TODO: implement support for the other confirmation methods.
+ String confirmationMethod = SAMLUtil.SAML2_BEARER_URI;
+ SubjectConfirmationType subjectConfirmation = SAMLAssertionFactory.createSubjectConfirmation(null,
+ confirmationMethod, null);
+
+ // create a subject using the caller principal.
+ Principal principal = context.getCallerPrincipal();
+ String subjectName = principal == null ? "ANONYMOUS" : principal.getName();
+ NameIDType nameID = SAMLAssertionFactory.createNameID(null, "urn:jboss:identity-federation", subjectName);
+ SubjectType subject = SAMLAssertionFactory.createSubject(nameID, subjectConfirmation);
+
+ // TODO: add SAML statements that corresponds to the claims provided by the requester.
+
+ // create the SAML assertion.
+ NameIDType issuerID = SAMLAssertionFactory.createNameID(null, null, context.getTokenIssuer());
+ AssertionType assertion = SAMLAssertionFactory.createAssertion(assertionID, issuerID, lifetime.getCreated(),
+ conditions, subject, null);
+
+ // convert the constructed assertion to element.
+ Element assertionElement = null;
+ try
+ {
+ assertionElement = SAMLUtil.toElement(assertion);
+ }
+ catch (Exception e)
+ {
+ throw new WSTrustException("Failed to marshall SAMLV2 assertion", e);
+ }
+
+ SecurityToken token = new StandardSecurityToken(context.getRequestSecurityToken().getTokenType().toString(),
+ assertionElement, assertionID);
+ context.setSecurityToken(token);
+
+ // set the SAML assertion attached reference.
+ KeyIdentifierType keyIdentifier = WSTrustUtil.createKeyIdentifier(SAMLUtil.SAML2_VALUE_TYPE, "#" + assertionID);
+ Map<QName, String> attributes = new HashMap<QName, String>();
+ attributes.put(new QName(WSTrustConstants.WSSE11_NS, "TokenType"), SAMLUtil.SAML2_TOKEN_TYPE);
+ RequestedReferenceType attachedReference = WSTrustUtil.createRequestedReference(keyIdentifier, attributes);
+ context.setAttachedReference(attachedReference);
+ }
+}
\ No newline at end of file
Added: identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/wstrust/plugins/saml/SAMLUtil.java
===================================================================
--- identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/wstrust/plugins/saml/SAMLUtil.java (rev 0)
+++ identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/wstrust/plugins/saml/SAMLUtil.java 2009-09-03 01:56:21 UTC (rev 758)
@@ -0,0 +1,105 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2009, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.identity.federation.core.wstrust.plugins.saml;
+
+import javax.xml.bind.JAXBElement;
+import javax.xml.bind.JAXBException;
+import javax.xml.bind.Marshaller;
+import javax.xml.bind.Unmarshaller;
+import javax.xml.transform.dom.DOMResult;
+
+import org.jboss.identity.federation.core.saml.v2.util.DocumentUtil;
+import org.jboss.identity.federation.core.util.JAXBUtil;
+import org.jboss.identity.federation.saml.v2.assertion.AssertionType;
+import org.jboss.identity.federation.saml.v2.assertion.ObjectFactory;
+import org.w3c.dom.DOMConfiguration;
+import org.w3c.dom.Document;
+import org.w3c.dom.Element;
+
+/**
+ * <p>
+ * This class contains utility methods and constants that are used by the SAML token providers.
+ * </p>
+ *
+ * @author <a href="mailto:sguilhen@redhat.com">Stefan Guilhen</a>
+ */
+public class SAMLUtil
+{
+
+ public static final String SAML2_BEARER_URI = "urn:oasis:names:tc:SAML:2.0:cm:bearer";
+
+ public static final String SAML2_TOKEN_TYPE = "http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV2.0";
+
+ public static final String SAML2_VALUE_TYPE = "http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLID";
+
+ /**
+ * <p>
+ * Utility method that marshals the specified {@code AssertionType} object into an {@code Element} instance.
+ * </p>
+ *
+ * @param assertion
+ * an {@code AssertionType} object representing the SAML assertion to be marshaled.
+ * @return a reference to the {@code Element} that contains the marshaled SAML assertion.
+ * @throws Exception
+ * if an error occurs while marshaling the assertion.
+ */
+ public static Element toElement(AssertionType assertion) throws Exception
+ {
+ Document document = DocumentUtil.createDocument();
+ DOMResult result = new DOMResult(document);
+ Marshaller marshaller = JAXBUtil.getMarshaller("org.jboss.identity.federation.saml.v2.assertion");
+ marshaller.marshal(new ObjectFactory().createAssertion(assertion), result);
+
+ // normalize the document to remove unused namespaces.
+ DOMConfiguration docConfig = document.getDomConfig();
+ docConfig.setParameter("namespaces", Boolean.TRUE);
+ docConfig.setParameter("namespace-declarations", Boolean.FALSE);
+ document.normalizeDocument();
+
+ return document.getDocumentElement();
+ }
+
+ /**
+ * <p>
+ * Utility method that unmarshals the specified {@code Element} into an {@code AssertionType} instance.
+ * </p>
+ *
+ * @param assertionElement
+ * the {@code Element} that contains the marshaled SAMLV2.0 assertion.
+ * @return a reference to the unmarshaled {@code AssertionType} instance.
+ * @throws JAXBException if an error occurs while unmarshalling the document.
+ */
+ public static AssertionType fromElement(Element assertionElement) throws JAXBException
+ {
+ Unmarshaller unmarshaller = JAXBUtil.getUnmarshaller("org.jboss.identity.federation.saml.v2.assertion");
+ Object object = unmarshaller.unmarshal(assertionElement);
+ if (object instanceof AssertionType)
+ return (AssertionType) object;
+ else if (object instanceof JAXBElement)
+ {
+ JAXBElement<?> element = (JAXBElement<?>) object;
+ if (element.getDeclaredType().equals(AssertionType.class))
+ return (AssertionType) element.getValue();
+ }
+ throw new IllegalArgumentException("Supplied document does not contain a SAMLV2.0 Assertion");
+ }
+}
Copied: identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/wstrust/wrappers/BaseRequestSecurityToken.java (from rev 757, identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/wstrust/BaseRequestSecurityToken.java)
===================================================================
--- identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/wstrust/wrappers/BaseRequestSecurityToken.java (rev 0)
+++ identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/wstrust/wrappers/BaseRequestSecurityToken.java 2009-09-03 01:56:21 UTC (rev 758)
@@ -0,0 +1,33 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2009, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.identity.federation.core.wstrust.wrappers;
+
+/**
+ * <p>
+ * Marker interface for the request security token types.
+ * </p>
+ *
+ * @author <a href="mailto:sguilhen@redhat.com">Stefan Guilhen</a>
+ */
+public interface BaseRequestSecurityToken
+{
+}
Copied: identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/wstrust/wrappers/BaseRequestSecurityTokenResponse.java (from rev 757, identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/wstrust/BaseRequestSecurityTokenResponse.java)
===================================================================
--- identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/wstrust/wrappers/BaseRequestSecurityTokenResponse.java (rev 0)
+++ identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/wstrust/wrappers/BaseRequestSecurityTokenResponse.java 2009-09-03 01:56:21 UTC (rev 758)
@@ -0,0 +1,33 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2009, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.identity.federation.core.wstrust.wrappers;
+
+/**
+ * <p>
+ * Marker interface for the security token response types.
+ * </p>
+ *
+ * @author <a href="mailto:sguilhen@redhat.com">Stefan Guilhen</a>
+ */
+public interface BaseRequestSecurityTokenResponse
+{
+}
Copied: identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/wstrust/wrappers/Lifetime.java (from rev 757, identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/wstrust/Lifetime.java)
===================================================================
--- identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/wstrust/wrappers/Lifetime.java (rev 0)
+++ identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/wstrust/wrappers/Lifetime.java 2009-09-03 01:56:21 UTC (rev 758)
@@ -0,0 +1,236 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2009, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.identity.federation.core.wstrust.wrappers;
+
+import java.util.GregorianCalendar;
+
+import javax.xml.datatype.DatatypeConfigurationException;
+import javax.xml.datatype.DatatypeFactory;
+import javax.xml.datatype.XMLGregorianCalendar;
+
+import org.jboss.identity.federation.ws.trust.LifetimeType;
+import org.jboss.identity.federation.ws.wss.utility.AttributedDateTime;
+
+/**
+ * <p>
+ * This class represents a WS-Trust {@code Lifetime}. It wraps the JAXB {@code LifetimeType} and offer methods that
+ * allows for easy retrieval of the creation and expiration times as {@code XMLGregorianCalendar} and
+ * {@code GregorianCalendar} objects.
+ * </p>
+ *
+ * @author <a href="mailto:sguilhen@redhat.com">Stefan Guilhen</a>
+ */
+public class Lifetime
+{
+
+ private final LifetimeType delegate;
+
+ private XMLGregorianCalendar created;
+
+ private XMLGregorianCalendar expires;
+
+ private DatatypeFactory factory;
+
+ /**
+ * <p>
+ * Creates an instance of {@code Lifetime} with the specified parameters.
+ * </p>
+ *
+ * @param created a {@code GregorianCalendar} representing the token creation time.
+ * @param expires a {@code GregorianCalendar} representing the token expiration time.
+ */
+ public Lifetime(GregorianCalendar created, GregorianCalendar expires)
+ {
+ try
+ {
+ this.factory = DatatypeFactory.newInstance();
+ }
+ catch (DatatypeConfigurationException dce)
+ {
+ throw new RuntimeException("Unable to get DatatypeFactory instance", dce);
+ }
+
+ // normalize the parameters (convert to UTC).
+ this.created = factory.newXMLGregorianCalendar(created).normalize();
+ this.expires = factory.newXMLGregorianCalendar(expires).normalize();
+
+ // set the delegate fields.
+ this.delegate = new LifetimeType();
+ AttributedDateTime dateTime = new AttributedDateTime();
+ dateTime.setValue(this.created.toXMLFormat());
+ this.delegate.setCreated(dateTime);
+ dateTime = new AttributedDateTime();
+ dateTime.setValue(this.expires.toXMLFormat());
+ this.delegate.setExpires(dateTime);
+
+ }
+
+ /**
+ * <p>
+ * Creates a {@code Lifetime} instance using the specified {@code LifetimeType}.
+ * </p>
+ *
+ * @param lifetime a reference to the {@code LifetimeType} instance that contains the information used in the
+ * {@code Lifetime} construction.
+ */
+ public Lifetime(LifetimeType lifetime)
+ {
+ if (lifetime == null)
+ throw new IllegalArgumentException("Unable to create a Lifetime object from a null LifetimeType");
+
+ try
+ {
+ this.factory = DatatypeFactory.newInstance();
+ }
+ catch (DatatypeConfigurationException dce)
+ {
+ throw new RuntimeException("Unable to get DatatypeFactory instance", dce);
+ }
+ this.delegate = lifetime;
+
+ // construct the created and expires instances from the lifetime object.
+ this.created = factory.newXMLGregorianCalendar(lifetime.getCreated().getValue());
+ this.expires = factory.newXMLGregorianCalendar(lifetime.getExpires().getValue());
+
+ // check if the supplied lifetime needs to be normalized.
+ if (this.created.getTimezone() != 0)
+ {
+ this.created = this.created.normalize();
+ this.delegate.getCreated().setValue(this.created.toXMLFormat());
+ }
+ if (this.expires.getTimezone() != 0)
+ {
+ this.expires = this.expires.normalize();
+ this.delegate.getExpires().setValue(this.expires.toXMLFormat());
+ }
+ }
+
+ /**
+ * <p>
+ * Obtains the creation time as a {@code XMLGregorianCalendar}.
+ * </p>
+ *
+ * @return a reference to the {@code XMLGregorianCalendar} that represents the creation time.
+ */
+ public XMLGregorianCalendar getCreated()
+ {
+ return this.created;
+ }
+
+ /**
+ * <p>
+ * Sets the creation time.
+ * </p>
+ *
+ * @param created a reference to the {@code XMLGregorianCalendar} that represents the creation time to be set.
+ */
+ public void setCreated(XMLGregorianCalendar created)
+ {
+ this.created = created.normalize();
+ this.delegate.getCreated().setValue(this.created.toXMLFormat());
+ }
+
+ /**
+ * <p>
+ * Obtains the creation time as a {@code GregorianCalendar}.
+ * </p>
+ *
+ * @return a reference to the {@code GregorianCalendar} that represents the creation time.
+ */
+ public GregorianCalendar getCreatedCalendar()
+ {
+ return this.created.toGregorianCalendar();
+ }
+
+ /**
+ * <p>
+ * Sets the creation time.
+ * </p>
+ *
+ * @param created a reference to the {@code GregorianCalendar} that represents the creation time to be set.
+ */
+ public void setCreatedCalendar(GregorianCalendar created)
+ {
+ this.setCreated(this.factory.newXMLGregorianCalendar(created));
+ }
+
+ /**
+ * <p>
+ * Obtains the expiration time as a {@code XMLGregorianCalendar}.
+ * </p>
+ *
+ * @return a reference to the {@code XMLGregorianCalendar} that represents the expiration time.
+ */
+ public XMLGregorianCalendar getExpires()
+ {
+ return this.expires;
+ }
+
+ /**
+ * <p>
+ * Sets the expiration time.
+ * </p>
+ *
+ * @param expires a reference to the {@code XMLGregorianCalendar} that represents the expiration time.
+ */
+ public void setExpires(XMLGregorianCalendar expires)
+ {
+ this.expires = expires.normalize();
+ this.delegate.getExpires().setValue(this.expires.toXMLFormat());
+ }
+
+ /**
+ * <p>
+ * Obtains the expiration time as a {@code GregorianCalendar}.
+ * </p>
+ *
+ * @return a reference to the {@code GregorianCalendar} that represents the expiration time.
+ */
+ public GregorianCalendar getExpiresCalendar()
+ {
+ return this.expires.toGregorianCalendar();
+ }
+
+ /**
+ * <p>
+ * Sets the expiration time.
+ * </p>
+ *
+ * @param expires a reference to the {@code GregorianCalendar} that represents the expiration time.
+ */
+ public void setExpiresCalendar(GregorianCalendar expires)
+ {
+ this.setExpires(this.factory.newXMLGregorianCalendar(expires));
+ }
+
+ /**
+ * <p>
+ * Obtains a reference to the {@code LifetimeType} delegate.
+ * </p>
+ *
+ * @return a reference to the delegate instance.
+ */
+ public LifetimeType getDelegate()
+ {
+ return this.delegate;
+ }
+}
Copied: identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/wstrust/wrappers/RequestSecurityToken.java (from rev 757, identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/wstrust/RequestSecurityToken.java)
===================================================================
--- identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/wstrust/wrappers/RequestSecurityToken.java (rev 0)
+++ identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/wstrust/wrappers/RequestSecurityToken.java 2009-09-03 01:56:21 UTC (rev 758)
@@ -0,0 +1,1139 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2009, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.identity.federation.core.wstrust.wrappers;
+
+import java.net.URI;
+import java.util.ArrayList;
+import java.util.Collections;
+import java.util.List;
+import java.util.Map;
+
+import javax.xml.bind.JAXBElement;
+import javax.xml.namespace.QName;
+
+import org.jboss.identity.federation.ws.addressing.EndpointReferenceType;
+import org.jboss.identity.federation.ws.policy.AppliesTo;
+import org.jboss.identity.federation.ws.policy.Policy;
+import org.jboss.identity.federation.ws.policy.PolicyReference;
+import org.jboss.identity.federation.ws.trust.AllowPostdatingType;
+import org.jboss.identity.federation.ws.trust.CancelTargetType;
+import org.jboss.identity.federation.ws.trust.ClaimsType;
+import org.jboss.identity.federation.ws.trust.DelegateToType;
+import org.jboss.identity.federation.ws.trust.EncryptionType;
+import org.jboss.identity.federation.ws.trust.EntropyType;
+import org.jboss.identity.federation.ws.trust.LifetimeType;
+import org.jboss.identity.federation.ws.trust.ObjectFactory;
+import org.jboss.identity.federation.ws.trust.OnBehalfOfType;
+import org.jboss.identity.federation.ws.trust.ProofEncryptionType;
+import org.jboss.identity.federation.ws.trust.RenewTargetType;
+import org.jboss.identity.federation.ws.trust.RenewingType;
+import org.jboss.identity.federation.ws.trust.RequestSecurityTokenType;
+import org.jboss.identity.federation.ws.trust.UseKeyType;
+import org.jboss.identity.federation.ws.trust.ValidateTargetType;
+import org.w3c.dom.Document;
+import org.w3c.dom.Element;
+import org.w3c.dom.NodeList;
+
+/**
+ * <p>
+ * This class represents a WS-Trust {@code RequestSecurityToken}. It wraps the JAXB representation of the security
+ * token request and offers a series of getter/setter methods that make it easy to work with elements that are
+ * represented by the {@code Any} XML type.
+ * </p>
+ * <p>
+ * The following shows the intended content model of a {@code RequestSecurityToken}:
+ *
+ * <pre>
+ * <xs:element ref='wst:TokenType' minOccurs='0' />
+ * <xs:element ref='wst:RequestType' />
+ * <xs:element ref='wsp:AppliesTo' minOccurs='0' />
+ * <xs:element ref='wst:Claims' minOccurs='0' />
+ * <xs:element ref='wst:Entropy' minOccurs='0' />
+ * <xs:element ref='wst:Lifetime' minOccurs='0' />
+ * <xs:element ref='wst:AllowPostdating' minOccurs='0' />
+ * <xs:element ref='wst:Renewing' minOccurs='0' />
+ * <xs:element ref='wst:OnBehalfOf' minOccurs='0' />
+ * <xs:element ref='wst:Issuer' minOccurs='0' />
+ * <xs:element ref='wst:AuthenticationType' minOccurs='0' />
+ * <xs:element ref='wst:KeyType' minOccurs='0' />
+ * <xs:element ref='wst:KeySize' minOccurs='0' />
+ * <xs:element ref='wst:SignatureAlgorithm' minOccurs='0' />
+ * <xs:element ref='wst:Encryption' minOccurs='0' />
+ * <xs:element ref='wst:EncryptionAlgorithm' minOccurs='0' />
+ * <xs:element ref='wst:CanonicalizationAlgorithm' minOccurs='0' />
+ * <xs:element ref='wst:ProofEncryption' minOccurs='0' />
+ * <xs:element ref='wst:UseKey' minOccurs='0' />
+ * <xs:element ref='wst:SignWith' minOccurs='0' />
+ * <xs:element ref='wst:EncryptWith' minOccurs='0' />
+ * <xs:element ref='wst:DelegateTo' minOccurs='0' />
+ * <xs:element ref='wst:Forwardable' minOccurs='0' />
+ * <xs:element ref='wst:Delegatable' minOccurs='0' />
+ * <xs:element ref='wsp:Policy' minOccurs='0' />
+ * <xs:element ref='wsp:PolicyReference' minOccurs='0' />
+ * <xs:any namespace='##other' processContents='lax' minOccurs='0' maxOccurs='unbounded' />
+ * </pre>
+ *
+ * </p>
+ *
+ * @author <a href="mailto:sguilhen@redhat.com">Stefan Guilhen</a>
+ */
+public class RequestSecurityToken implements BaseRequestSecurityToken
+{
+
+ private final RequestSecurityTokenType delegate;
+
+ private URI tokenType;
+
+ private URI requestType;
+
+ private AppliesTo appliesTo;
+
+ private ClaimsType claims;
+
+ private EntropyType entropy;
+
+ private Lifetime lifetime;
+
+ private AllowPostdatingType allowPostDating;
+
+ private RenewingType renewing;
+
+ private OnBehalfOfType onBehalfOf;
+
+ private EndpointReferenceType issuer;
+
+ private URI authenticationType;
+
+ private URI keyType;
+
+ private long keySize;
+
+ private URI signatureAlgorithm;
+
+ private EncryptionType encryption;
+
+ private URI encryptionAlgorithm;
+
+ private URI canonicalizationAlgorithm;
+
+ private ProofEncryptionType proofEncryption;
+
+ private UseKeyType useKey;
+
+ private URI signWith;
+
+ private URI encryptWith;
+
+ private DelegateToType delegateTo;
+
+ private boolean forwardable;
+
+ private boolean delegatable;
+
+ private Policy policy;
+
+ private PolicyReference policyReference;
+
+ private ValidateTargetType validateTarget;
+
+ private RenewTargetType renewTarget;
+
+ private CancelTargetType cancelTarget;
+
+ private final List<Object> extensionElements = new ArrayList<Object>();
+
+ private final ObjectFactory factory = new ObjectFactory();
+
+ private Document rstDocument;
+
+ /**
+ * <p>
+ * Creates an instance of {@code RequestSecurityToken}.
+ * </p>
+ */
+ public RequestSecurityToken()
+ {
+ this.delegate = new RequestSecurityTokenType();
+ }
+
+ /**
+ * <p>
+ * Creates an instance of {@code RequestSecurityToken} using the specified delegate.
+ * </p>
+ *
+ * @param delegate the JAXB {@code RequestSecurityTokenType} that represents a WS-Trust token request.
+ */
+ public RequestSecurityToken(RequestSecurityTokenType delegate)
+ {
+ this.delegate = delegate;
+ // parse the delegate's Any contents.
+ for (Object obj : this.delegate.getAny())
+ {
+ if (obj instanceof AppliesTo)
+ {
+ this.appliesTo = (AppliesTo) obj;
+ }
+ else if (obj instanceof Policy)
+ {
+ this.policy = (Policy) obj;
+ }
+ else if (obj instanceof PolicyReference)
+ {
+ this.policyReference = (PolicyReference) obj;
+ }
+ else if (obj instanceof JAXBElement)
+ {
+ JAXBElement<?> element = (JAXBElement<?>) obj;
+ String localName = element.getName().getLocalPart();
+ if (localName.equalsIgnoreCase("TokenType"))
+ this.tokenType = URI.create((String) element.getValue());
+ else if (localName.equalsIgnoreCase("RequestType"))
+ this.requestType = URI.create((String) element.getValue());
+ else if (localName.equalsIgnoreCase("Claims"))
+ this.claims = (ClaimsType) element.getValue();
+ else if (localName.equalsIgnoreCase("Entropy"))
+ this.entropy = (EntropyType) element.getValue();
+ else if (localName.equalsIgnoreCase("Lifetime"))
+ this.lifetime = new Lifetime((LifetimeType) element.getValue());
+ else if (localName.equalsIgnoreCase("AllowPostdating"))
+ this.allowPostDating = (AllowPostdatingType) element.getValue();
+ else if (localName.equalsIgnoreCase("Renewing"))
+ this.renewing = (RenewingType) element.getValue();
+ else if (localName.equalsIgnoreCase("OnBehalfOf"))
+ this.onBehalfOf = (OnBehalfOfType) element.getValue();
+ else if (localName.equalsIgnoreCase("Issuer"))
+ this.issuer = (EndpointReferenceType) element.getValue();
+ else if (localName.equalsIgnoreCase("AuthenticationType"))
+ this.authenticationType = URI.create((String) element.getValue());
+ else if (localName.equalsIgnoreCase("KeyType"))
+ this.keyType = URI.create((String) element.getValue());
+ else if (localName.equalsIgnoreCase("KeySize"))
+ this.keySize = (Long) element.getValue();
+ else if (localName.equalsIgnoreCase("SignatureAlgorithm"))
+ this.signatureAlgorithm = URI.create((String) element.getValue());
+ else if (localName.equalsIgnoreCase("Encryption"))
+ this.encryption = (EncryptionType) element.getValue();
+ else if (localName.equalsIgnoreCase("EntropyAlgorithm"))
+ this.encryptionAlgorithm = URI.create((String) element.getValue());
+ else if (localName.equalsIgnoreCase("CanonicalizationAlgorithm"))
+ this.canonicalizationAlgorithm = URI.create((String) element.getValue());
+ else if (localName.equalsIgnoreCase("ProofEncryption"))
+ this.proofEncryption = (ProofEncryptionType) element.getValue();
+ else if (localName.equalsIgnoreCase("UseKey"))
+ this.useKey = (UseKeyType) element.getValue();
+ else if (localName.equalsIgnoreCase("SignWith"))
+ this.signWith = URI.create((String) element.getValue());
+ else if (localName.equalsIgnoreCase("EncryptWith"))
+ this.encryptWith = URI.create((String) element.getValue());
+ else if (localName.equalsIgnoreCase("DelegateTo"))
+ this.delegateTo = (DelegateToType) element.getValue();
+ else if (localName.equalsIgnoreCase("Forwardable"))
+ this.forwardable = (Boolean) element.getValue();
+ else if (localName.equalsIgnoreCase("Delegatable"))
+ this.delegatable = (Boolean) element.getValue();
+ else if (localName.equalsIgnoreCase("CancelTarget"))
+ this.cancelTarget = (CancelTargetType) element.getValue();
+ else if (localName.equalsIgnoreCase("RenewTarget"))
+ this.renewTarget = (RenewTargetType) element.getValue();
+ else if (localName.equalsIgnoreCase("ValidateTarget"))
+ this.validateTarget = (ValidateTargetType) element.getValue();
+ else
+ this.extensionElements.add(element.getValue());
+ }
+ else
+ {
+ this.extensionElements.add(obj);
+ }
+ }
+ }
+
+ /**
+ * Creates an instance of {@code RequestSecurityTokenType} and {@code Document}
+ * @param delegate
+ * @param rstDocument
+ */
+ public RequestSecurityToken(RequestSecurityTokenType delegate, Document rstDocument)
+ {
+ this(delegate);
+ this.rstDocument = rstDocument;
+ }
+
+ /**
+ * <p>
+ * Obtains the {@code URI} that identifies the token type.
+ * </p>
+ *
+ * @return a {@code URI} that represents the token type.
+ */
+ public URI getTokenType()
+ {
+ return this.tokenType;
+ }
+
+ /**
+ * <p>
+ * Sets the token type.
+ * </p>
+ *
+ * @param tokenType a {@code URI} that identifies the token type.
+ */
+ public void setTokenType(URI tokenType)
+ {
+ this.tokenType = tokenType;
+ this.delegate.getAny().add(this.factory.createTokenType(tokenType.toString()));
+
+ }
+
+ /**
+ * <p>
+ * Obtains the request type.
+ * </p>
+ *
+ * @return a {@code URI} that identifies the request type.
+ */
+ public URI getRequestType()
+ {
+ return this.requestType;
+ }
+
+ /**
+ * <p>
+ * Sets the request type. The type must be one of the request types described in the WS-Trust specification.
+ * </p>
+ *
+ * @param requestType a {@code URI} that identifies the request type.
+ */
+ public void setRequestType(URI requestType)
+ {
+ this.requestType = requestType;
+ this.delegate.getAny().add(this.factory.createRequestType(requestType.toString()));
+ }
+
+ /**
+ * <p>
+ * Obtains the {@code AppliesTo} value of this request. The {@code AppliesTo} object identifies the service provider
+ * (web service) that requires a token to be presented by clients. A STS uses this object to find the type of the
+ * token that is accepted by the service provider so that it can issue appropriate tokens to clients.
+ * </p>
+ *
+ * @return the reference to the {@code AppliesTo} object.
+ */
+ public AppliesTo getAppliesTo()
+ {
+ return this.appliesTo;
+ }
+
+ /**
+ * <p>
+ * Sets the {@code AppliesTo} value of this request. The {@code AppliesTo} object identifies the service provider
+ * (web service) that requires a token to be presented by clients. A STS uses this object to find the type of the
+ * token that is accepted by the service provider so that it can issue appropriate tokens to clients.
+ * </p>
+ *
+ * @param appliesTo a reference to the {@code AppliesTo} object that identifies the service provider.
+ */
+ public void setAppliesTo(AppliesTo appliesTo)
+ {
+ this.appliesTo = appliesTo;
+ this.delegate.getAny().add(appliesTo);
+ }
+
+ /**
+ * <p>
+ * Obtains the set of claims of this request.
+ * </p>
+ *
+ * @return a reference to the {@code ClaimsType} object that represents the request's claims.
+ */
+ public ClaimsType getClaims()
+ {
+ return this.claims;
+ }
+
+ /**
+ * <p>
+ * Sets the claims of this request.
+ * </p>
+ *
+ * @param claims the {@code ClaimsType} object that represents the claims to be set.
+ */
+ public void setClaims(ClaimsType claims)
+ {
+ this.claims = claims;
+ this.delegate.getAny().add(this.factory.createClaims(claims));
+ }
+
+ /**
+ * <p>
+ * Obtains the entropy that will be used in creating the key.
+ * </p>
+ *
+ * @return a reference to the {@code EntropyType} that represents the entropy.
+ */
+ public EntropyType getEntropy()
+ {
+ return this.entropy;
+ }
+
+ /**
+ * <p>
+ * Sets the entropy that must be used when creating the key.
+ * </p>
+ *
+ * @param entropy the {@code EntropyType} representing the entropy to be set.
+ */
+ public void setEntropy(EntropyType entropy)
+ {
+ this.entropy = entropy;
+ this.delegate.getAny().add(this.factory.createEntropy(entropy));
+ }
+
+ /**
+ * <p>
+ * Obtains the desired lifetime of the requested token.
+ * </p>
+ *
+ * @return a reference to the {@code Lifetime} that represents the lifetime.
+ */
+ public Lifetime getLifetime()
+ {
+ return this.lifetime;
+ }
+
+ /**
+ * <p>
+ * Sets the desired lifetime of the requested token.
+ * </p>
+ *
+ * @param lifetime the {@code Lifetime} object representing the lifetime to be set.
+ */
+ public void setLifetime(Lifetime lifetime)
+ {
+ this.lifetime = lifetime;
+ this.delegate.getAny().add(this.factory.createLifetime(lifetime.getDelegate()));
+ }
+
+ /**
+ * <p>
+ * Checks whether a request for a postdated token should be allowed or not.
+ * </p>
+ *
+ * @return {@code null} if the token can't have a future lifetime (e.g. a token to be used the next day); a
+ * {@code AllowPostdatingType} otherwise.
+ */
+ public AllowPostdatingType getAllowPostDating()
+ {
+ return this.allowPostDating;
+ }
+
+ /**
+ * <p>
+ * Specifies whether a request for a postdated token should be allowed or not.
+ * </p>
+ *
+ * @param allowPostDating {@code null} if the token can't have a future lifetime (e.g. a token to be used the next
+ * day); a {@code AllowPostdatingType} otherwise.
+ */
+ public void setAllowPostDating(AllowPostdatingType allowPostDating)
+ {
+ this.allowPostDating = allowPostDating;
+ this.delegate.getAny().add(this.factory.createAllowPostdating(allowPostDating));
+ }
+
+ /**
+ * <p>
+ * Obtains the renew semantics for this request.
+ * </p>
+ *
+ * @return a reference to the {@code RenewingType} that represents the renew semantics for this request.
+ */
+ public RenewingType getRenewing()
+ {
+ return this.renewing;
+ }
+
+ /**
+ * <p>
+ * Sets the renew semantics for this request.
+ * </p>
+ *
+ * @param renewing the {@code RenewingType} object representing the semantics to be set.
+ */
+ public void setRenewing(RenewingType renewing)
+ {
+ this.renewing = renewing;
+ this.delegate.getAny().add(this.factory.createRenewing(renewing));
+ }
+
+ /**
+ * <p>
+ * Obtains the identity on whose behalf this request was made.
+ * </p>
+ *
+ * @return a reference to the {@code OnBehalfOfType} that represents the identity on whose behalf this request was
+ * made.
+ */
+ public OnBehalfOfType getOnBehalfOf()
+ {
+ return this.onBehalfOf;
+ }
+
+ /**
+ * <p>
+ * Specifies the identity on whose behalf this request is being made.
+ * </p>
+ *
+ * @param onBehalfOf the {@code OnBehalfOfType} object representing the identity to be set.
+ */
+ public void setOnBehalfOf(OnBehalfOfType onBehalfOf)
+ {
+ this.onBehalfOf = onBehalfOf;
+ this.delegate.getAny().add(this.factory.createOnBehalfOf(onBehalfOf));
+ }
+
+ /**
+ * <p>
+ * Obtains the issuer of the token included in the request in the scenarios where the requestor is obtaining a token
+ * on behalf of another party.
+ * </p>
+ *
+ * @return a reference to the {@code EndpointReferenceType} that represents the issuer.
+ */
+ public EndpointReferenceType getIssuer()
+ {
+ return this.issuer;
+ }
+
+ /**
+ * <p>
+ * Sets the issuer of the token included in the request in scenarios where the requestor is obtaining a token on
+ * behalf of another party.
+ * </p>
+ *
+ * @param issuer the {@code EndpointReferenceType} object representing the issuer to be set.
+ */
+ public void setIssuer(EndpointReferenceType issuer)
+ {
+ this.issuer = issuer;
+ this.delegate.getAny().add(this.factory.createIssuer(issuer));
+ }
+
+ /**
+ * <p>
+ * Obtains the type of authentication that has been set as part of the request.
+ * </p>
+ *
+ * @return a {@code URI} that identifies the desired authentication type.
+ */
+ public URI getAuthenticationType()
+ {
+ return this.authenticationType;
+ }
+
+ /**
+ * <p>
+ * Sets the authentication type in the request.
+ * </p>
+ *
+ * @param authenticationType a {@code URI} that identifies the authentication type to be set.
+ */
+ public void setAuthenticationType(URI authenticationType)
+ {
+ this.authenticationType = authenticationType;
+ this.delegate.getAny().add(this.factory.createAuthenticationType(authenticationType.toString()));
+ }
+
+ /**
+ * <p>
+ * Obtains the type of the key that has been set in the request.
+ * </p>
+ *
+ * @return a {@code URI} that identifies the key type.
+ */
+ public URI getKeyType()
+ {
+ return this.keyType;
+ }
+
+ /**
+ * <p>
+ * Sets the key type in the request.
+ * </p>
+ *
+ * @param keyType a {@code URI} that specifies the key type.
+ */
+ public void setKeyType(URI keyType)
+ {
+ this.keyType = keyType;
+ this.delegate.getAny().add(this.factory.createKeyType(keyType.toString()));
+ }
+
+ /**
+ * <p>
+ * Obtains the size of they key that has been set in the request.
+ * </p>
+ *
+ * @return a {@code long} representing the key size in bytes.
+ */
+ public long getKeySize()
+ {
+ return this.keySize;
+ }
+
+ /**
+ * <p>
+ * Sets the size of the key in the request.
+ * </p>
+ *
+ * @param keySize a {@code long} representing the key size in bytes.
+ */
+ public void setKeySize(long keySize)
+ {
+ this.keySize = keySize;
+ this.delegate.getAny().add(this.factory.createKeySize(keySize));
+ }
+
+ /**
+ * <p>
+ * Obtains the signature algorithm that has been set in the request.
+ * </p>
+ *
+ * @return a {@code URI} that represents the signature algorithm.
+ */
+ public URI getSignatureAlgorithm()
+ {
+ return this.signatureAlgorithm;
+ }
+
+ /**
+ * <p>
+ * Sets the signature algorithm in the request.
+ * </p>
+ *
+ * @param signatureAlgorithm a {@code URI} that represents the algorithm to be set.
+ */
+ public void setSignatureAlgorithm(URI signatureAlgorithm)
+ {
+ this.signatureAlgorithm = signatureAlgorithm;
+ this.delegate.getAny().add(this.factory.createSignatureAlgorithm(signatureAlgorithm.toString()));
+ }
+
+ /**
+ * <p>
+ * Obtains the {@code Encryption} section of the request. The {@code Encryption} element indicates that the requestor
+ * desires any returned secrets in issued security tokens to be encrypted.
+ * </p>
+ *
+ * @return a reference to the {@code EncryptionType} object.
+ */
+ public EncryptionType getEncryption()
+ {
+ return this.encryption;
+ }
+
+ /**
+ * <p>
+ * Sets the {@code Encryption} section of the request. The {@code Encryption} element indicates that the requestor
+ * desires any returned secrets in issued security tokens to be encrypted.
+ * </p>
+ *
+ * @param encryption the {@code EncryptionType} to be set.
+ */
+ public void setEncryption(EncryptionType encryption)
+ {
+ this.encryption = encryption;
+ this.delegate.getAny().add(this.factory.createEncryption(encryption));
+ }
+
+ /**
+ * <p>
+ * Obtains the encryption algorithm that has been set in the request.
+ * </p>
+ *
+ * @return a {@code URI} that represents the encryption algorithm.
+ */
+ public URI getEncryptionAlgorithm()
+ {
+ return this.encryptionAlgorithm;
+ }
+
+ /**
+ * <p>
+ * Sets the encryption algorithm in the request.
+ * </p>
+ *
+ * @param encryptionAlgorithm a {@code URI} that represents the encryption algorithm to be set.
+ */
+ public void setEncryptionAlgorithm(URI encryptionAlgorithm)
+ {
+ this.encryptionAlgorithm = encryptionAlgorithm;
+ this.delegate.getAny().add(this.factory.createEncryptionAlgorithm(encryptionAlgorithm.toString()));
+ }
+
+ /**
+ * <p>
+ * Obtains the canonicalization algorithm that has been set in the request.
+ * </p>
+ *
+ * @return a {@code URI} that represents the canonicalization algorithm.
+ */
+ public URI getCanonicalizationAlgorithm()
+ {
+ return this.canonicalizationAlgorithm;
+ }
+
+ /**
+ * <p>
+ * Sets the canonicalization algorithm in the request.
+ * </p>
+ *
+ * @param canonicalizationAlgorithm a {@code URI} that represents the algorithm to be set.
+ */
+ public void setCanonicalizationAlgorithm(URI canonicalizationAlgorithm)
+ {
+ this.canonicalizationAlgorithm = canonicalizationAlgorithm;
+ this.delegate.getAny().add(this.factory.createCanonicalizationAlgorithm(canonicalizationAlgorithm.toString()));
+ }
+
+ /**
+ * <p>
+ * Obtains the {@code ProofEncryption} section of the request. The {@code ProofEncryption} indicates that the
+ * requester desires any returned secrets in issued security tokens to be encrypted.
+ * </p>
+ *
+ * @return a reference to the {@code ProofEncryptionType} object.
+ */
+ public ProofEncryptionType getProofEncryption()
+ {
+ return this.proofEncryption;
+ }
+
+ /**
+ * <p>
+ * Sets the {@code ProofEncryption} section of the request. The {@code ProofEncryption} indicates that the requester
+ * desires any returned secrets in issued security tokens to be encrypted.
+ * </p>
+ *
+ * @param proofEncryption the {@code ProofEncryptionType} to be set.
+ */
+ public void setProofEncryption(ProofEncryptionType proofEncryption)
+ {
+ this.proofEncryption = proofEncryption;
+ this.delegate.getAny().add(this.factory.createProofEncryption(proofEncryption));
+ }
+
+ /**
+ * <p>
+ * Obtains the key that should be used in the returned token.
+ * </p>
+ *
+ * @return a reference to the {@code UseKeyType} instance that represents the key to be used.
+ */
+ public UseKeyType getUseKey()
+ {
+ return this.useKey;
+ }
+
+ /**
+ * <p>
+ * Sets the key that should be used in the returned token.
+ * </p>
+ *
+ * @param useKey the {@code UseKeyType} instance to be set.
+ */
+ public void setUseKey(UseKeyType useKey)
+ {
+ this.useKey = useKey;
+ this.delegate.getAny().add(this.factory.createUseKey(useKey));
+ }
+
+ /**
+ * <p>
+ * Obtains the signature algorithm that should be used with the issued security token.
+ * </p>
+ *
+ * @return a {@code URI} representing the algorithm that should be used.
+ */
+ public URI getSignWith()
+ {
+ return this.signWith;
+ }
+
+ /**
+ * <p>
+ * Sets the signature algorithm that should be used with the issued security token.
+ * </p>
+ *
+ * @param signWith a {@code URI} representing the algorithm to be used.
+ */
+ public void setSignWith(URI signWith)
+ {
+ this.signWith = signWith;
+ this.delegate.getAny().add(this.factory.createSignatureAlgorithm(signWith.toString()));
+ }
+
+ /**
+ * <p>
+ * Obtains the encryption algorithm that should be used with the issued security token.
+ * </p>
+ *
+ * @return a {@code URI} representing the encryption algorithm that should be used.
+ */
+ public URI getEncryptWith()
+ {
+ return this.encryptWith;
+ }
+
+ /**
+ * <p>
+ * Sets the encryption algorithm that should be used with the issued security token.
+ * </p>
+ *
+ * @param encryptWith a {@code URI} representing the algorithm to be used.
+ */
+ public void setEncryptWith(URI encryptWith)
+ {
+ this.encryptWith = encryptWith;
+ this.delegate.getAny().add(this.factory.createEncryptWith(encryptWith.toString()));
+ }
+
+ /**
+ * <p>
+ * Obtains the identity to which the requested token should be delegated.
+ * </p>
+ *
+ * @return a reference to the {@code DelegateToType} instance that represents the identity.
+ */
+ public DelegateToType getDelegateTo()
+ {
+ return this.delegateTo;
+ }
+
+ /**
+ * <p>
+ * Sets the identity to which the requested token should be delegated.
+ * </p>
+ *
+ * @param delegateTo the {@code DelegateToType} object representing the identity to be set.
+ */
+ public void setDelegateTo(DelegateToType delegateTo)
+ {
+ this.delegateTo = delegateTo;
+ this.delegate.getAny().add(this.factory.createDelegateTo(delegateTo));
+ }
+
+ /**
+ * <p>
+ * Indicates whether the requested token should be marked as "forwardable" or not. In general, this flag is used when
+ * a token is normally bound to the requestor's machine or service. Using this flag, the returned token MAY be used
+ * from any source machine so long as the key is correctly proven.
+ * </p>
+ *
+ * @return {@code true} if the requested token should be marked as "forwardable"; {@code false} otherwise.
+ */
+ public boolean isForwardable()
+ {
+ return this.forwardable;
+ }
+
+ /**
+ * <p>
+ * Specifies whether the requested token should be marked as "forwardable" or not. In general, this flag is used when
+ * a token is normally bound to the requestor's machine or service. Using this flag, the returned token MAY be used
+ * from any source machine so long as the key is correctly proven.
+ * </p>
+ *
+ * @param forwardable {@code true} if the requested token should be marked as "forwardable"; {@code false} otherwise.
+ */
+ public void setForwardable(boolean forwardable)
+ {
+ this.forwardable = forwardable;
+ this.delegate.getAny().add(this.factory.createForwardable(forwardable));
+ }
+
+ /**
+ * <p>
+ * Indicates whether the requested token should be marked as "delegatable" or not. Using this flag, the returned
+ * token MAY be delegated to another party.
+ * </p>
+ *
+ * @return {@code true} if the requested token should be marked as "delegatable"; {@code false} otherwise.
+ */
+ public boolean isDelegatable()
+ {
+ return this.delegatable;
+ }
+
+ /**
+ * <p>
+ * Specifies whether the requested token should be marked as "delegatable" or not. Using this flag, the returned
+ * token MAY be delegated to another party.
+ * </p>
+ *
+ * @param delegatable {@code true} if the requested token should be marked as "delegatable"; {@code false} otherwise.
+ */
+ public void setDelegatable(boolean delegatable)
+ {
+ this.delegatable = delegatable;
+ this.delegate.getAny().add(this.factory.createDelegatable(delegatable));
+ }
+
+ /**
+ * <p>
+ * Obtains the {@code Policy} associated with the request. The policy specifies defaults that can be overridden by
+ * the previous properties.
+ * </p>
+ *
+ * @return a reference to the {@code Policy} that has been set in the request.
+ */
+ public Policy getPolicy()
+ {
+ return this.policy;
+ }
+
+ /**
+ * <p>
+ * Sets the {@code Policy} in the request. The policy specifies defaults that can be overridden by the previous
+ * properties.
+ * </p>
+ *
+ * @param policy the {@code Policy} instance to be set.
+ */
+ public void setPolicy(Policy policy)
+ {
+ this.policy = policy;
+ this.delegate.getAny().add(policy);
+ }
+
+ /**
+ * <p>
+ * Obtains the reference to the {@code Policy} that should be used.
+ * </p>
+ *
+ * @return a {@code PolicyReference} that specifies where the {@code Policy} can be found.
+ */
+ public PolicyReference getPolicyReference()
+ {
+ return this.policyReference;
+ }
+
+ /**
+ * <p>
+ * Sets the reference to the {@code Policy} that should be used.
+ * </p>
+ *
+ * @param policyReference the {@code PolicyReference} object to be set.
+ */
+ public void setPolicyReference(PolicyReference policyReference)
+ {
+ this.policyReference = policyReference;
+ this.delegate.getAny().add(policyReference);
+ }
+
+ /**
+ * <p>
+ * Obtains the list of request elements that are not part of the standard content model.
+ * </p>
+ *
+ * @return a {@code List<Object>} containing the extension elements.
+ */
+ public List<Object> getExtensionElements()
+ {
+ return Collections.unmodifiableList(this.extensionElements);
+ }
+
+ /**
+ * <p>
+ * Obtains the request context.
+ * </p>
+ *
+ * @return a {@code String} that identifies the request.
+ */
+ public String getContext()
+ {
+ return this.delegate.getContext();
+ }
+
+ /**
+ * <p>
+ * Sets the request context.
+ * </p>
+ *
+ * @param context a {@code String} that identifies the request.
+ */
+ public void setContext(String context)
+ {
+ this.delegate.setContext(context);
+ }
+
+ /**
+ * <p>
+ * Obtains the {@code CancelTarget} section of the request. This element identifies the token that is to be canceled.
+ * </p>
+ *
+ * @return a reference to the {@code CancelTargetType} that represents the {@code CancelTarget} section of the
+ * WS-Trust cancel request.
+ */
+ public CancelTargetType getCancelTarget()
+ {
+ return this.cancelTarget;
+ }
+
+ /**
+ * <p>
+ * Sets the {@code CancelTarget} section of the request. This element identifies the token that is to be canceled.
+ * </p>
+ *
+ * @param cancelTarget a reference to the {@code CancelTargetType} that identifies the token that must be canceled.
+ */
+ public void setCancelTarget(CancelTargetType cancelTarget)
+ {
+ this.cancelTarget = cancelTarget;
+ this.delegate.getAny().add(this.factory.createCancelTarget(cancelTarget));
+ }
+
+ /**
+ * <p>
+ * Obtains the {@code RenewTarget} section of the request. This element identifies the token that is to be renewed.
+ * </p>
+ *
+ * @return a reference to the {@code RenewTargetType} that represents the {@code RenewTarget} section of the WS-Trust
+ * renew request.
+ */
+ public RenewTargetType getRenewTarget()
+ {
+ return this.renewTarget;
+ }
+
+ /**
+ * <p>
+ * Sets the {@code RenewTarget} section of the request. This element identifies the token that is to be renewed.
+ * </p>
+ *
+ * @param renewTarget a reference to the {@code RenewTargetType} that identifies the token that must be renewed.
+ */
+ public void setRenewTarget(RenewTargetType renewTarget)
+ {
+ this.renewTarget = renewTarget;
+ this.delegate.getAny().add(this.factory.createRenewTarget(renewTarget));
+ }
+
+ /**
+ * <p>
+ * Obtains the {@code ValidateTarget} section of the request. This element identifies the token that is to be
+ * validated.
+ * </p>
+ *
+ * @return a reference to the {@code ValidateTargetType} that represents the {@code ValidateTarget} section of the
+ * WS-Trust validate request.
+ */
+ public ValidateTargetType getValidateTarget()
+ {
+ return this.validateTarget;
+ }
+
+ /**
+ * Return the element in the document that represents
+ * the validate type
+ * @return
+ */
+ public Element getValidateTargetElement()
+ {
+ if(rstDocument == null)
+ throw new IllegalStateException("RST Document is null");
+
+ String ns = "http://docs.oasis-open.org/ws-sx/ws-trust/200512/";
+ String localPart = "ValidateTarget";
+
+ NodeList nodeList = rstDocument.getElementsByTagNameNS(ns,localPart);
+ if(nodeList != null && nodeList.getLength() > 0)
+ return (Element) nodeList.item(0);
+ else
+ return null;
+ }
+
+ /**
+ * <p>
+ * Sets the {@code ValidateTarged} section of the request. This elements identifies the token that is to be
+ * validated.
+ * </p>
+ *
+ * @param validateTarget a reference to the {@code ValidateTargetType} that identifies the token that must be
+ * validated.
+ */
+ public void setValidateTarget(ValidateTargetType validateTarget)
+ {
+ this.validateTarget = validateTarget;
+ this.delegate.getAny().add(this.factory.createValidateTarget(validateTarget));
+ }
+
+ /**
+ * <p>
+ * Obtains a map that contains attributes that aren't bound to any typed property on the request. This is a live
+ * reference, so attributes can be added/changed/removed directly. For this reason, there is no setter method.
+ * </p>
+ *
+ * @return a {@code Map<QName, String>} that contains the attributes.
+ */
+ public Map<QName, String> getOtherAttributes()
+ {
+ return this.delegate.getOtherAttributes();
+ }
+
+ /**
+ * <p>
+ * Gets a reference to the list that holds all request element values.
+ * </p>
+ *
+ * @return a {@code List<Object>} containing all values specified in the request.
+ */
+ public List<Object> getAny()
+ {
+ return this.delegate.getAny();
+ }
+
+ /**
+ * <p>
+ * Obtains a reference to the {@code RequestSecurityTokenType} delegate.
+ * </p>
+ *
+ * @return a reference to the delegate instance.
+ */
+ public RequestSecurityTokenType getDelegate()
+ {
+ return this.delegate;
+ }
+
+ /**
+ * Get the {@code Document} document representing the request
+ * @return
+ */
+ public Document getRSTDocument()
+ {
+ return this.rstDocument;
+ }
+
+ public void setRSTDocument(Document rstDocument)
+ {
+ this.rstDocument = rstDocument;
+ }
+}
\ No newline at end of file
Copied: identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/wstrust/wrappers/RequestSecurityTokenCollection.java (from rev 757, identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/wstrust/RequestSecurityTokenCollection.java)
===================================================================
--- identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/wstrust/wrappers/RequestSecurityTokenCollection.java (rev 0)
+++ identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/wstrust/wrappers/RequestSecurityTokenCollection.java 2009-09-03 01:56:21 UTC (rev 758)
@@ -0,0 +1,122 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2009, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.identity.federation.core.wstrust.wrappers;
+
+import java.util.ArrayList;
+import java.util.Collections;
+import java.util.List;
+
+import org.jboss.identity.federation.ws.trust.RequestSecurityTokenCollectionType;
+import org.jboss.identity.federation.ws.trust.RequestSecurityTokenType;
+
+/**
+ * <p>
+ * This class represents a WS-Trust {@code RequestSecurityTokenCollection}. It wraps the JAXB representation of the
+ * security token collection request.
+ * </p>
+ *
+ * @author <a href="mailto:sguilhen@redhat.com">Stefan Guilhen</a>
+ */
+public class RequestSecurityTokenCollection implements BaseRequestSecurityToken
+{
+
+ private final RequestSecurityTokenCollectionType delegate;
+
+ private final List<RequestSecurityToken> requestSecurityTokens;
+
+ /**
+ * <p>
+ * Creates an instance of {@code RequestSecurityTokenCollection}.
+ * </p>
+ */
+ public RequestSecurityTokenCollection()
+ {
+ this.requestSecurityTokens = new ArrayList<RequestSecurityToken>();
+ this.delegate = new RequestSecurityTokenCollectionType();
+ }
+
+ /**
+ * <p>
+ * Creates an instance of {@code RequestSecurityTokenCollection} using the specified delegate.
+ * </p>
+ *
+ * @param delegate the JAXB {@code RequestSecurityTokenCollectionType} that represents a WS-Trust request collection.
+ */
+ public RequestSecurityTokenCollection(RequestSecurityTokenCollectionType delegate)
+ {
+ this.delegate = delegate;
+ this.requestSecurityTokens = new ArrayList<RequestSecurityToken>();
+ for (RequestSecurityTokenType request : delegate.getRequestSecurityToken())
+ this.requestSecurityTokens.add(new RequestSecurityToken(request));
+ }
+
+ /**
+ * <p>
+ * Obtains the collection of {@code RequestSecurityToken} objects. The returned collection is immutable, so addition
+ * or removal of requests must be carried by the appropriate add/remove methods.
+ * </p>
+ *
+ * @return a {@code List<RequestSecurityToken>} containing the token requests.
+ */
+ public List<RequestSecurityToken> getRequestSecurityTokens()
+ {
+ return Collections.unmodifiableList(this.requestSecurityTokens);
+ }
+
+ /**
+ * <p>
+ * Adds the specified {@code RequestSecurityToken} object to the collection of token requests.
+ * </p>
+ *
+ * @param request the {@code RequestSecurityToken} to be added.
+ */
+ public void addRequestSecurityToken(RequestSecurityToken request)
+ {
+ this.delegate.getRequestSecurityToken().add(request.getDelegate());
+ this.requestSecurityTokens.add(request);
+ }
+
+ /**
+ * <p>
+ * Removes the specified {@code RequestSecurityToken} object from the collection of token requests.
+ * </p>
+ *
+ * @param request the {@code RequestSecurityToken} to be removed.
+ */
+ public void removeRequestSecurityToken(RequestSecurityToken request)
+ {
+ this.delegate.getRequestSecurityToken().remove(request.getDelegate());
+ this.requestSecurityTokens.remove(request);
+ }
+
+ /**
+ * <p>
+ * Obtains a reference to the {@code RequestSecurityTokenCollectionType} delegate.
+ * </p>
+ *
+ * @return a reference to the delegate instance.
+ */
+ public RequestSecurityTokenCollectionType getDelegate()
+ {
+ return this.delegate;
+ }
+}
Copied: identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/wstrust/wrappers/RequestSecurityTokenResponse.java (from rev 757, identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/wstrust/RequestSecurityTokenResponse.java)
===================================================================
--- identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/wstrust/wrappers/RequestSecurityTokenResponse.java (rev 0)
+++ identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/wstrust/wrappers/RequestSecurityTokenResponse.java 2009-09-03 01:56:21 UTC (rev 758)
@@ -0,0 +1,1159 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2009, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.identity.federation.core.wstrust.wrappers;
+
+import java.net.URI;
+import java.net.URISyntaxException;
+import java.util.ArrayList;
+import java.util.Collections;
+import java.util.List;
+import java.util.Map;
+
+import javax.xml.bind.JAXBElement;
+import javax.xml.namespace.QName;
+
+import org.jboss.identity.federation.ws.addressing.EndpointReferenceType;
+import org.jboss.identity.federation.ws.policy.AppliesTo;
+import org.jboss.identity.federation.ws.policy.Policy;
+import org.jboss.identity.federation.ws.policy.PolicyReference;
+import org.jboss.identity.federation.ws.trust.AllowPostdatingType;
+import org.jboss.identity.federation.ws.trust.AuthenticatorType;
+import org.jboss.identity.federation.ws.trust.DelegateToType;
+import org.jboss.identity.federation.ws.trust.EncryptionType;
+import org.jboss.identity.federation.ws.trust.EntropyType;
+import org.jboss.identity.federation.ws.trust.LifetimeType;
+import org.jboss.identity.federation.ws.trust.ObjectFactory;
+import org.jboss.identity.federation.ws.trust.OnBehalfOfType;
+import org.jboss.identity.federation.ws.trust.ProofEncryptionType;
+import org.jboss.identity.federation.ws.trust.RenewingType;
+import org.jboss.identity.federation.ws.trust.RequestSecurityTokenResponseType;
+import org.jboss.identity.federation.ws.trust.RequestedProofTokenType;
+import org.jboss.identity.federation.ws.trust.RequestedReferenceType;
+import org.jboss.identity.federation.ws.trust.RequestedSecurityTokenType;
+import org.jboss.identity.federation.ws.trust.StatusType;
+import org.jboss.identity.federation.ws.trust.UseKeyType;
+
+/**
+ * <p>
+ * This class represents a WS-Trust {@code RequestSecurityTokenResponse}. It wraps the JAXB representation of the
+ * security token response and offers a series of getter/setter methods that make it easy to work with elements that are
+ * represented by the {@code Any} XML type.
+ * </p>
+ * <p>
+ * The following shows the intended content model of a {@code RequestSecurityTokenResponse}:
+ *
+ * <pre>
+ * <xs:element ref='wst:TokenType' minOccurs='0' />
+ * <xs:element ref='wst:RequestType' />
+ * <xs:element ref='wst:RequestedSecurityToken' minOccurs='0' />
+ * <xs:element ref='wsp:AppliesTo' minOccurs='0' />
+ * <xs:element ref='wst:RequestedAttachedReference' minOccurs='0' />
+ * <xs:element ref='wst:RequestedUnattachedReference' minOccurs='0' />
+ * <xs:element ref='wst:RequestedProofToken' minOccurs='0' />
+ * <xs:element ref='wst:Entropy' minOccurs='0' />
+ * <xs:element ref='wst:Lifetime' minOccurs='0' />
+ * <xs:element ref='wst:Status' minOccurs='0' />
+ * <xs:element ref='wst:AllowPostdating' minOccurs='0' />
+ * <xs:element ref='wst:Renewing' minOccurs='0' />
+ * <xs:element ref='wst:OnBehalfOf' minOccurs='0' />
+ * <xs:element ref='wst:Issuer' minOccurs='0' />
+ * <xs:element ref='wst:AuthenticationType' minOccurs='0' />
+ * <xs:element ref='wst:Authenticator' minOccurs='0' />
+ * <xs:element ref='wst:KeyType' minOccurs='0' />
+ * <xs:element ref='wst:KeySize' minOccurs='0' />
+ * <xs:element ref='wst:SignatureAlgorithm' minOccurs='0' />
+ * <xs:element ref='wst:Encryption' minOccurs='0' />
+ * <xs:element ref='wst:EncryptionAlgorithm' minOccurs='0' />
+ * <xs:element ref='wst:CanonicalizationAlgorithm' minOccurs='0' />
+ * <xs:element ref='wst:ProofEncryption' minOccurs='0' />
+ * <xs:element ref='wst:UseKey' minOccurs='0' />
+ * <xs:element ref='wst:SignWith' minOccurs='0' />
+ * <xs:element ref='wst:EncryptWith' minOccurs='0' />
+ * <xs:element ref='wst:DelegateTo' minOccurs='0' />
+ * <xs:element ref='wst:Forwardable' minOccurs='0' />
+ * <xs:element ref='wst:Delegatable' minOccurs='0' />
+ * <xs:element ref='wsp:Policy' minOccurs='0' />
+ * <xs:element ref='wsp:PolicyReference' minOccurs='0' />
+ * <xs:any namespace='##other' processContents='lax' minOccurs='0' maxOccurs='unbounded' />
+ * </pre>
+ *
+ * </p>
+ *
+ * @author <a href="mailto:sguilhen@redhat.com">Stefan Guilhen</a>
+ */
+/**
+ * <p>
+ * </p>
+ *
+ * @author <a href="mailto:sguilhen@redhat.com">Stefan Guilhen</a>
+ */
+public class RequestSecurityTokenResponse implements BaseRequestSecurityTokenResponse
+{
+
+ private final RequestSecurityTokenResponseType delegate;
+
+ private URI tokenType;
+
+ private URI requestType;
+
+ private RequestedSecurityTokenType requestedSecurityToken;
+
+ private AppliesTo appliesTo;
+
+ private RequestedReferenceType requestedAttachedReference;
+
+ private RequestedReferenceType requestedUnattachedReference;
+
+ private RequestedProofTokenType requestedProofToken;
+
+ private EntropyType entropy;
+
+ private Lifetime lifetime;
+
+ private StatusType status;
+
+ private AllowPostdatingType allowPostDating;
+
+ private RenewingType renewing;
+
+ private OnBehalfOfType onBehalfOf;
+
+ private EndpointReferenceType issuer;
+
+ private URI authenticationType;
+
+ private AuthenticatorType authenticator;
+
+ private URI keyType;
+
+ private long keySize;
+
+ private URI signatureAlgorithm;
+
+ private EncryptionType encryption;
+
+ private URI encryptionAlgorithm;
+
+ private URI canonicalizationAlgorithm;
+
+ private ProofEncryptionType proofEncryption;
+
+ private UseKeyType useKey;
+
+ private URI signWith;
+
+ private URI encryptWith;
+
+ private DelegateToType delegateTo;
+
+ private boolean forwardable;
+
+ private boolean delegatable;
+
+ private Policy policy;
+
+ private PolicyReference policyReference;
+
+ private final List<Object> extensionElements = new ArrayList<Object>();
+
+ private final ObjectFactory factory = new ObjectFactory();
+
+ /**
+ * <p>
+ * Creates an instance of {@code RequestSecurityTokenResponse}.
+ * </p>
+ */
+ public RequestSecurityTokenResponse()
+ {
+ this.delegate = new RequestSecurityTokenResponseType();
+ }
+
+ /**
+ * <p>
+ * Creates an instance of {@code RequestSecurityTokenResponse} using the specified delegate.
+ * </p>
+ *
+ * @param delegate the JAXB {@code RequestSecurityTokenResponseType} that represents a WS-Trust response.
+ */
+ public RequestSecurityTokenResponse(RequestSecurityTokenResponseType delegate)
+ {
+ this.delegate = delegate;
+ // parse the delegate's Any contents.
+ try
+ {
+ for (Object obj : this.delegate.getAny())
+ {
+ if (obj instanceof AppliesTo)
+ {
+ this.appliesTo = (AppliesTo) obj;
+ }
+ else if (obj instanceof Policy)
+ {
+ this.policy = (Policy) obj;
+ }
+ else if (obj instanceof PolicyReference)
+ {
+ this.policyReference = (PolicyReference) obj;
+ }
+ else if (obj instanceof JAXBElement)
+ {
+ JAXBElement<?> element = (JAXBElement<?>) obj;
+ String localName = element.getName().getLocalPart();
+ if (localName.equalsIgnoreCase("TokenType"))
+ this.tokenType = new URI((String) element.getValue());
+ else if (localName.equalsIgnoreCase("RequestType"))
+ this.requestType = new URI((String) element.getValue());
+ else if (localName.equalsIgnoreCase("RequestedSecurityToken"))
+ this.requestedSecurityToken = (RequestedSecurityTokenType) element.getValue();
+ else if (localName.equalsIgnoreCase("RequestedAttachedReference"))
+ this.requestedAttachedReference = (RequestedReferenceType) element.getValue();
+ else if (localName.equalsIgnoreCase("RequestedUnattachedReference"))
+ this.requestedUnattachedReference = (RequestedReferenceType) element.getValue();
+ else if (localName.equalsIgnoreCase("RequestedProofToken"))
+ this.requestedProofToken = (RequestedProofTokenType) element.getValue();
+ else if (localName.equalsIgnoreCase("Entropy"))
+ this.entropy = (EntropyType) element.getValue();
+ else if (localName.equalsIgnoreCase("Lifetime"))
+ this.lifetime = new Lifetime((LifetimeType) element.getValue());
+ else if (localName.equalsIgnoreCase("Status"))
+ this.status = (StatusType) element.getValue();
+ else if (localName.equalsIgnoreCase("AllowPostdating"))
+ this.allowPostDating = (AllowPostdatingType) element.getValue();
+ else if (localName.equalsIgnoreCase("Renewing"))
+ this.renewing = (RenewingType) element.getValue();
+ else if (localName.equalsIgnoreCase("OnBehalfOf"))
+ this.onBehalfOf = (OnBehalfOfType) element.getValue();
+ else if (localName.equalsIgnoreCase("Issuer"))
+ this.issuer = (EndpointReferenceType) element.getValue();
+ else if (localName.equalsIgnoreCase("AuthenticationType"))
+ this.authenticationType = new URI((String) element.getValue());
+ else if (localName.equalsIgnoreCase("Authenticator"))
+ this.authenticator = (AuthenticatorType) element.getValue();
+ else if (localName.equalsIgnoreCase("KeyType"))
+ this.keyType = new URI((String) element.getValue());
+ else if (localName.equalsIgnoreCase("KeySize"))
+ this.keySize = (Long) element.getValue();
+ else if (localName.equalsIgnoreCase("SignatureAlgorithm"))
+ this.signatureAlgorithm = new URI((String) element.getValue());
+ else if (localName.equalsIgnoreCase("Encryption"))
+ this.encryption = (EncryptionType) element.getValue();
+ else if (localName.equalsIgnoreCase("EntropyAlgorithm"))
+ this.encryptionAlgorithm = new URI((String) element.getValue());
+ else if (localName.equalsIgnoreCase("CanonicalizationAlgorithm"))
+ this.canonicalizationAlgorithm = new URI((String) element.getValue());
+ else if (localName.equalsIgnoreCase("ProofEncryption"))
+ this.proofEncryption = (ProofEncryptionType) element.getValue();
+ else if (localName.equalsIgnoreCase("UseKey"))
+ this.useKey = (UseKeyType) element.getValue();
+ else if (localName.equalsIgnoreCase("SignWith"))
+ this.signWith = new URI((String) element.getValue());
+ else if (localName.equalsIgnoreCase("EncryptWith"))
+ this.encryptWith = new URI((String) element.getValue());
+ else if (localName.equalsIgnoreCase("DelegateTo"))
+ this.delegateTo = (DelegateToType) element.getValue();
+ else if (localName.equalsIgnoreCase("Forwardable"))
+ this.forwardable = (Boolean) element.getValue();
+ else if (localName.equalsIgnoreCase("Delegatable"))
+ this.delegatable = (Boolean) element.getValue();
+ else
+ this.extensionElements.add(element.getValue());
+ }
+ else
+ {
+ this.extensionElements.add(obj);
+ }
+ }
+ }
+ catch (URISyntaxException e)
+ {
+ throw new RuntimeException(e.getMessage(), e);
+ }
+ }
+
+ /**
+ * <p>
+ * Obtains the {@code URI} that identifies the token type.
+ * </p>
+ *
+ * @return a {@code URI} that represents the token type.
+ */
+ public URI getTokenType()
+ {
+ return tokenType;
+ }
+
+ /**
+ * <p>
+ * Sets the token type.
+ * </p>
+ *
+ * @param tokenType a {@code URI} that identifies the token type.
+ */
+ public void setTokenType(URI tokenType)
+ {
+ this.tokenType = tokenType;
+ this.delegate.getAny().add(this.factory.createTokenType(tokenType.toString()));
+
+ }
+
+ /**
+ * <p>
+ * Obtains the request type.
+ * </p>
+ *
+ * @return a {@code URI} that identifies the request type.
+ */
+ public URI getRequestType()
+ {
+ return requestType;
+ }
+
+ /**
+ * <p>
+ * Sets the request type. The type must be one of the request types described in the WS-Trust specification.
+ * </p>
+ *
+ * @param requestType a {@code URI} that identifies the request type.
+ */
+ public void setRequestType(URI requestType)
+ {
+ this.requestType = requestType;
+ this.delegate.getAny().add(this.factory.createRequestType(requestType.toString()));
+ }
+
+ /**
+ * <p>
+ * Obtains the requested security token that has been set in the response.
+ * </p>
+ *
+ * @return a reference to the {@code RequestedSecurityTokenType} that contains the token.
+ */
+ public RequestedSecurityTokenType getRequestedSecurityToken()
+ {
+ return requestedSecurityToken;
+ }
+
+ /**
+ * <p>
+ * Sets the requested security token in the response.
+ * </p>
+ *
+ * @param requestedSecurityToken the {@code RequestedSecurityTokenType} instance to be set.
+ */
+ public void setRequestedSecurityToken(RequestedSecurityTokenType requestedSecurityToken)
+ {
+ this.requestedSecurityToken = requestedSecurityToken;
+ this.delegate.getAny().add(this.factory.createRequestedSecurityToken(requestedSecurityToken));
+ }
+
+ /**
+ * <p>
+ * Obtains the scope to which the security token applies.
+ * </p>
+ *
+ * @return a reference to the {@code AppliesTo} instance that represents the token scope.
+ */
+ public AppliesTo getAppliesTo()
+ {
+ return appliesTo;
+ }
+
+ /**
+ * <p>
+ * Sets the scope to which the security token applies.
+ * </p>
+ *
+ * @param appliesTo a reference to the {@code AppliesTo} object that represents the scope to be set.
+ */
+ public void setAppliesTo(AppliesTo appliesTo)
+ {
+ this.appliesTo = appliesTo;
+ this.delegate.getAny().add(appliesTo);
+ }
+
+ /**
+ * <p>
+ * Obtains the {@code RequestedAttachedReference} that indicate how to reference the returned token when that token
+ * doesn't support references using URI fragments (XML ID).
+ * </p>
+ *
+ * @return a {@code RequestedReferenceType} that represents the token reference.
+ */
+ public RequestedReferenceType getRequestedAttachedReference()
+ {
+ return requestedAttachedReference;
+ }
+
+ /**
+ * <p>
+ * Sets the {@code RequestedAttachedReference} that indicate how to reference the returned token when that token
+ * doesn't support references using URI fragments (XML ID).
+ * </p>
+ *
+ * @param requestedAttachedReference the {@code RequestedReferenceType} instance to be set.
+ */
+ public void setRequestedAttachedReference(RequestedReferenceType requestedAttachedReference)
+ {
+ this.requestedAttachedReference = requestedAttachedReference;
+ this.delegate.getAny().add(this.factory.createRequestedAttachedReference(requestedAttachedReference));
+ }
+
+ /**
+ * <p>
+ * Obtains the {@code RequestedUnattachedReference} that specifies to indicate how to reference the token when it is
+ * not placed inside the message.
+ * </p>
+ *
+ * @return a {@code RequestedReferenceType} that represents the unattached reference.
+ */
+ public RequestedReferenceType getRequestedUnattachedReference()
+ {
+ return requestedUnattachedReference;
+ }
+
+ /**
+ * <p>
+ * Sets the {@code RequestedUnattachedReference} that specifies to indicate how to reference the token when it is not
+ * placed inside the message.
+ * </p>
+ *
+ * @param requestedUnattachedReference the {@code RequestedReferenceType} instance to be set.
+ */
+ public void setRequestedUnattachedReference(RequestedReferenceType requestedUnattachedReference)
+ {
+ this.requestedUnattachedReference = requestedUnattachedReference;
+ this.delegate.getAny().add(this.factory.createRequestedUnattachedReference(requestedUnattachedReference));
+ }
+
+ /**
+ * <p>
+ * Obtains the proof of possession token that has been set in the response.
+ * </p>
+ *
+ * @return a reference to the {@code RequestedProofTokenType} that contains the token.
+ */
+ public RequestedProofTokenType getRequestedProofToken()
+ {
+ return requestedProofToken;
+ }
+
+ /**
+ * <p>
+ * Sets the proof of possesion token in the response.
+ * </p>
+ *
+ * @param requestedProofToken the {@code RequestedProofTokenType} instance to be set.
+ */
+ public void setRequestedProofToken(RequestedProofTokenType requestedProofToken)
+ {
+ this.requestedProofToken = requestedProofToken;
+ this.delegate.getAny().add(this.factory.createRequestedProofToken(requestedProofToken));
+ }
+
+ /**
+ * <p>
+ * Obtains the entropy that has been used in creating the key.
+ * </p>
+ *
+ * @return a reference to the {@code EntropyType} that represents the entropy.
+ */
+ public EntropyType getEntropy()
+ {
+ return entropy;
+ }
+
+ /**
+ * <p>
+ * Sets the entropy that has been used in creating the key.
+ * </p>
+ *
+ * @param entropy the {@code EntropyType} representing the entropy to be set.
+ */
+ public void setEntropy(EntropyType entropy)
+ {
+ this.entropy = entropy;
+ this.delegate.getAny().add(this.factory.createEntropy(entropy));
+ }
+
+ /**
+ * <p>
+ * Obtains the lifetime of the security token.
+ * </p>
+ *
+ * @return a reference to the {@code Lifetime} that represents the lifetime of the security token.
+ */
+ public Lifetime getLifetime()
+ {
+ return lifetime;
+ }
+
+ /**
+ * <p>
+ * Sets the lifetime of the security token.
+ * </p>
+ *
+ * @param lifetime the {@code Lifetime} object representing the lifetime to be set.
+ */
+ public void setLifetime(Lifetime lifetime)
+ {
+ this.lifetime = lifetime;
+ this.delegate.getAny().add(this.factory.createLifetime(lifetime.getDelegate()));
+ }
+
+ /**
+ * <p>
+ * Obtains the result of a security token validation.
+ * </p>
+ *
+ * @return a referece to the {@code StatusType} instance that represents the status of the validation.
+ */
+ public StatusType getStatus()
+ {
+ return status;
+ }
+
+ /**
+ * <p>
+ * Sets the result of a security token validation.
+ * </p>
+ *
+ * @param status the {@code StatusType} instance to be set.
+ */
+ public void setStatus(StatusType status)
+ {
+ this.status = status;
+ this.delegate.getAny().add(this.factory.createStatus(status));
+ }
+
+ /**
+ * <p>
+ * Checks whether the returned token is a postdated token or not.
+ * </p>
+ *
+ * @return {@code null} if the token is not postdated; a {@code AllowPostdatingType} otherwise.
+ */
+ public AllowPostdatingType getAllowPostDating()
+ {
+ return allowPostDating;
+ }
+
+ /**
+ * <p>
+ * Specifies whether the returned token is a postdated token or not.
+ * </p>
+ *
+ * @param allowPostDating {@code null} if the token is not postdated; a {@code AllowPostdatingType} otherwise.
+ */
+ public void setAllowPostDating(AllowPostdatingType allowPostDating)
+ {
+ this.allowPostDating = allowPostDating;
+ this.delegate.getAny().add(this.factory.createAllowPostdating(allowPostDating));
+ }
+
+ /**
+ * <p>
+ * Obtains the renew semantics for the token request.
+ * </p>
+ *
+ * @return a reference to the {@code RenewingType} that represents the renew semantics for the request.
+ */
+ public RenewingType getRenewing()
+ {
+ return renewing;
+ }
+
+ /**
+ * <p>
+ * Sets the renew semantics for the token request.
+ * </p>
+ *
+ * @param renewing the {@code RenewingType} object representing the semantics to be set.
+ */
+ public void setRenewing(RenewingType renewing)
+ {
+ this.renewing = renewing;
+ this.delegate.getAny().add(this.factory.createRenewing(renewing));
+ }
+
+ /**
+ * <p>
+ * Obtains the identity on whose behalf the token request was made.
+ * </p>
+ *
+ * @return a reference to the {@code OnBehalfOfType} that represents the identity on whose behalf the token request
+ * was made.
+ */
+ public OnBehalfOfType getOnBehalfOf()
+ {
+ return onBehalfOf;
+ }
+
+ /**
+ * <p>
+ * Specifies the identity on whose behalf the token request was made.
+ * </p>
+ *
+ * @param onBehalfOf the {@code OnBehalfOfType} object representing the identity to be set.
+ */
+ public void setOnBehalfOf(OnBehalfOfType onBehalfOf)
+ {
+ this.onBehalfOf = onBehalfOf;
+ this.delegate.getAny().add(this.factory.createOnBehalfOf(onBehalfOf));
+ }
+
+ /**
+ * <p>
+ * Obtains the issuer of the token included in the request in the scenarios where the requestor is obtaining a token
+ * on behalf of another party.
+ * </p>
+ *
+ * @return a reference to the {@code EndpointReferenceType} that represents the issuer.
+ */
+ public EndpointReferenceType getIssuer()
+ {
+ return this.issuer;
+ }
+
+ /**
+ * <p>
+ * Sets the issuer of the token included in the request in scenarios where the requestor is obtaining a token on
+ * behalf of another party.
+ * </p>
+ *
+ * @param issuer the {@code EndpointReferenceType} object representing the issuer to be set.
+ */
+ public void setIssuer(EndpointReferenceType issuer)
+ {
+ this.issuer = issuer;
+ this.delegate.getAny().add(this.factory.createIssuer(issuer));
+ }
+
+ /**
+ * <p>
+ * Obtains the type of authentication that is to be conducted.
+ * </p>
+ *
+ * @return a {@code URI} that identifies the authentication type.
+ */
+ public URI getAuthenticationType()
+ {
+ return authenticationType;
+ }
+
+ /**
+ * <p>
+ * Sets the authentication type in the response.
+ * </p>
+ *
+ * @param authenticationType a {@code URI} that identifies the authentication type to be set.
+ */
+ public void setAuthenticationType(URI authenticationType)
+ {
+ this.authenticationType = authenticationType;
+ this.delegate.getAny().add(this.factory.createAuthenticationType(authenticationType.toString()));
+ }
+
+ /**
+ * <p>
+ * Obtains the authenticator that must be used in authenticating exchanges.
+ * </p>
+ *
+ * @return a reference to the {@code AuthenticatorType} that represents the authenticator.
+ */
+ public AuthenticatorType getAuthenticator()
+ {
+ return authenticator;
+ }
+
+ /**
+ * <p>
+ * Sets the authenticator that must be used in authenticating exchanges.
+ * </p>
+ *
+ * @param authenticator the {@code AuthenticatorType} instance to be set.
+ */
+ public void setAuthenticator(AuthenticatorType authenticator)
+ {
+ this.authenticator = authenticator;
+ this.delegate.getAny().add(this.factory.createAuthenticator(authenticator));
+ }
+
+ /**
+ * <p>
+ * Obtains the type of the key that has been set in the response.
+ * </p>
+ *
+ * @return a {@code URI} that identifies the key type.
+ */
+ public URI getKeyType()
+ {
+ return keyType;
+ }
+
+ /**
+ * <p>
+ * Sets the key type in the response.
+ * </p>
+ *
+ * @param keyType a {@code URI} that specifies the key type.
+ */
+ public void setKeyType(URI keyType)
+ {
+ this.keyType = keyType;
+ this.delegate.getAny().add(this.factory.createKeyType(keyType.toString()));
+ }
+
+ /**
+ * <p>
+ * Obtains the size of they key that has been set in the response.
+ * </p>
+ *
+ * @return a {@code long} representing the key size in bytes.
+ */
+ public long getKeySize()
+ {
+ return keySize;
+ }
+
+ /**
+ * <p>
+ * Sets the size of the key in the response.
+ * </p>
+ *
+ * @param keySize a {@code long} representing the key size in bytes.
+ */
+ public void setKeySize(long keySize)
+ {
+ this.keySize = keySize;
+ this.delegate.getAny().add(this.factory.createKeySize(keySize));
+ }
+
+ /**
+ * <p>
+ * Obtains the signature algorithm that has been set in the response.
+ * </p>
+ *
+ * @return a {@code URI} that represents the signature algorithm.
+ */
+ public URI getSignatureAlgorithm()
+ {
+ return signatureAlgorithm;
+ }
+
+ /**
+ * <p>
+ * Sets the signature algorithm in the response.
+ * </p>
+ *
+ * @param signatureAlgorithm a {@code URI} that represents the algorithm to be set.
+ */
+ public void setSignatureAlgorithm(URI signatureAlgorithm)
+ {
+ this.signatureAlgorithm = signatureAlgorithm;
+ this.delegate.getAny().add(this.factory.createSignatureAlgorithm(signatureAlgorithm.toString()));
+ }
+
+ /**
+ * <p>
+ * Obtains the {@code Encryption} section of the response. The {@code Encryption} element indicates that the
+ * requestor desires any returned secrets in issued security tokens to be encrypted.
+ * </p>
+ *
+ * @return a reference to the {@code EncryptionType} object.
+ */
+ public EncryptionType getEncryption()
+ {
+ return encryption;
+ }
+
+ /**
+ * <p>
+ * Sets the {@code Encryption} section of the response. The {@code Encryption} element indicates that the requestor
+ * desires any returned secrets in issued security tokens to be encrypted.
+ * </p>
+ *
+ * @param encryption the {@code EncryptionType} to be set.
+ */
+ public void setEncryption(EncryptionType encryption)
+ {
+ this.encryption = encryption;
+ this.delegate.getAny().add(this.factory.createEncryption(encryption));
+ }
+
+ /**
+ * <p>
+ * Obtains the encryption algorithm that has been set in the response.
+ * </p>
+ *
+ * @return a {@code URI} that represents the encryption algorithm.
+ */
+ public URI getEncryptionAlgorithm()
+ {
+ return encryptionAlgorithm;
+ }
+
+ /**
+ * <p>
+ * Sets the encryption algorithm in the response.
+ * </p>
+ *
+ * @param encryptionAlgorithm a {@code URI} that represents the encryption algorithm to be set.
+ */
+ public void setEncryptionAlgorithm(URI encryptionAlgorithm)
+ {
+ this.encryptionAlgorithm = encryptionAlgorithm;
+ this.delegate.getAny().add(this.factory.createEncryptionAlgorithm(encryptionAlgorithm.toString()));
+ }
+
+ /**
+ * <p>
+ * Obtains the canonicalization algorithm that has been set in the response.
+ * </p>
+ *
+ * @return a {@code URI} that represents the canonicalization algorithm.
+ */
+ public URI getCanonicalizationAlgorithm()
+ {
+ return canonicalizationAlgorithm;
+ }
+
+ /**
+ * <p>
+ * Sets the canonicalization algorithm in the response.
+ * </p>
+ *
+ * @param canonicalizationAlgorithm a {@code URI} that represents the algorithm to be set.
+ */
+ public void setCanonicalizationAlgorithm(URI canonicalizationAlgorithm)
+ {
+ this.canonicalizationAlgorithm = canonicalizationAlgorithm;
+ this.delegate.getAny().add(this.factory.createCanonicalizationAlgorithm(canonicalizationAlgorithm.toString()));
+ }
+
+ /**
+ * <p>
+ * Obtains the {@code ProofEncryption} section of the response. The {@code ProofEncryption} indicates that the
+ * requestor desires any returned secrets in issued security tokens to be encrypted.
+ * </p>
+ *
+ * @return a reference to the {@code ProofEncryptionType} object.
+ */
+ public ProofEncryptionType getProofEncryption()
+ {
+ return proofEncryption;
+ }
+
+ /**
+ * <p>
+ * Sets the {@code ProofEncryption} section of the response. The {@code ProofEncryption} indicates that the requestor
+ * desires any returned secrets in issued security tokens to be encrypted.
+ * </p>
+ *
+ * @param proofEncryption the {@code ProofEncryptionType} to be set.
+ */
+ public void setProofEncryption(ProofEncryptionType proofEncryption)
+ {
+ this.proofEncryption = proofEncryption;
+ this.delegate.getAny().add(this.factory.createProofEncryption(proofEncryption));
+ }
+
+ /**
+ * <p>
+ * Obtains the key that used in the returned token.
+ * </p>
+ *
+ * @return a reference to the {@code UseKeyType} instance that represents the key used.
+ */
+ public UseKeyType getUseKey()
+ {
+ return useKey;
+ }
+
+ /**
+ * <p>
+ * Sets the key that used in the returned token.
+ * </p>
+ *
+ * @param useKey the {@code UseKeyType} instance to be set.
+ */
+ public void setUseKey(UseKeyType useKey)
+ {
+ this.useKey = useKey;
+ this.delegate.getAny().add(this.factory.createUseKey(useKey));
+ }
+
+ /**
+ * <p>
+ * Obtains the signature algorithm used with the issued security token.
+ * </p>
+ *
+ * @return a {@code URI} representing the algorithm used.
+ */
+ public URI getSignWith()
+ {
+ return signWith;
+ }
+
+ /**
+ * <p>
+ * Sets the signature algorithm used with the issued security token.
+ * </p>
+ *
+ * @param signWith a {@code URI} representing the algorithm used.
+ */
+ public void setSignWith(URI signWith)
+ {
+ this.signWith = signWith;
+ this.delegate.getAny().add(this.factory.createSignatureAlgorithm(signWith.toString()));
+ }
+
+ /**
+ * <p>
+ * Obtains the encryption algorithm used with the issued security token.
+ * </p>
+ *
+ * @return a {@code URI} representing the encryption algorithm used.
+ */
+ public URI getEncryptWith()
+ {
+ return encryptWith;
+ }
+
+ /**
+ * <p>
+ * Sets the encryption algorithm used with the issued security token.
+ * </p>
+ *
+ * @param encryptWith a {@code URI} representing the algorithm used.
+ */
+ public void setEncryptWith(URI encryptWith)
+ {
+ this.encryptWith = encryptWith;
+ this.delegate.getAny().add(this.factory.createEncryptWith(encryptWith.toString()));
+ }
+
+ /**
+ * <p>
+ * Obtains the identity to which the requested token should be delegated.
+ * </p>
+ *
+ * @return a reference to the {@code DelegateToType} instance that represents the identity.
+ */
+ public DelegateToType getDelegateTo()
+ {
+ return delegateTo;
+ }
+
+ /**
+ * <p>
+ * Sets the identity to which the requested token should be delegated.
+ * </p>
+ *
+ * @param delegateTo the {@code DelegateToType} object representing the identity to be set.
+ */
+ public void setDelegateTo(DelegateToType delegateTo)
+ {
+ this.delegateTo = delegateTo;
+ this.delegate.getAny().add(this.factory.createDelegateTo(delegateTo));
+ }
+
+ /**
+ * <p>
+ * Indicates whether the requested token has been marked as "forwardable" or not. In general, this flag is used when
+ * a token is normally bound to the requestor's machine or service. Using this flag, the returned token MAY be used
+ * from any source machine so long as the key is correctly proven.
+ * </p>
+ *
+ * @return {@code true} if the requested token has been marked as "forwardable"; {@code false} otherwise.
+ */
+ public boolean isForwardable()
+ {
+ return forwardable;
+ }
+
+ /**
+ * <p>
+ * Specifies whether the requested token has been marked as "forwardable" or not. In general, this flag is used when
+ * a token is normally bound to the requestor's machine or service. Using this flag, the returned token MAY be used
+ * from any source machine so long as the key is correctly proven.
+ * </p>
+ *
+ * @param forwardable {@code true} if the requested token has been marked as "forwardable"; {@code false} otherwise.
+ */
+ public void setForwardable(boolean forwardable)
+ {
+ this.forwardable = forwardable;
+ this.delegate.getAny().add(this.factory.createForwardable(forwardable));
+ }
+
+ /**
+ * <p>
+ * Indicates whether the requested token has been marked as "delegatable" or not. Using this flag, the returned token
+ * MAY be delegated to another party.
+ * </p>
+ *
+ * @return {@code true} if the requested token has been marked as "delegatable"; {@code false} otherwise.
+ */
+ public boolean isDelegatable()
+ {
+ return delegatable;
+ }
+
+ /**
+ * <p>
+ * Specifies whether the requested token has been marked as "delegatable" or not. Using this flag, the returned token
+ * MAY be delegated to another party.
+ * </p>
+ *
+ * @param delegatable {@code true} if the requested token has been marked as "delegatable"; {@code false} otherwise.
+ */
+ public void setDelegatable(boolean delegatable)
+ {
+ this.delegatable = delegatable;
+ this.delegate.getAny().add(this.factory.createDelegatable(delegatable));
+ }
+
+ /**
+ * <p>
+ * Obtains the {@code Policy} that was associated with the request. The policy specifies defaults that can be
+ * overridden by the previous properties.
+ * </p>
+ *
+ * @return a reference to the {@code Policy} that was associated with the request.
+ */
+ public Policy getPolicy()
+ {
+ return policy;
+ }
+
+ /**
+ * <p>
+ * Sets the {@code Policy} in the response. The policy specifies defaults that can be overridden by the previous
+ * properties.
+ * </p>
+ *
+ * @param policy the {@code Policy} instance to be set.
+ */
+ public void setPolicy(Policy policy)
+ {
+ this.policy = policy;
+ this.delegate.getAny().add(policy);
+ }
+
+ /**
+ * <p>
+ * Obtains the reference to the {@code Policy} that was associated with the request.
+ * </p>
+ *
+ * @return a {@code PolicyReference} that specifies where the {@code Policy} can be found.
+ */
+ public PolicyReference getPolicyReference()
+ {
+ return policyReference;
+ }
+
+ /**
+ * <p>
+ * Sets the reference to the {@code Policy} that was associated with the request.
+ * </p>
+ *
+ * @param policyReference the {@code PolicyReference} object to be set.
+ */
+ public void setPolicyReference(PolicyReference policyReference)
+ {
+ this.policyReference = policyReference;
+ this.delegate.getAny().add(policyReference);
+ }
+
+ /**
+ * <p>
+ * Obtains the list of request elements that are not part of the standard content model.
+ * </p>
+ *
+ * @return a {@code List<Object>} containing the extension elements.
+ */
+ public List<Object> getExtensionElements()
+ {
+ return Collections.unmodifiableList(this.extensionElements);
+ }
+
+ /**
+ * <p>
+ * Obtains the response context.
+ * </p>
+ *
+ * @return a {@code String} that identifies the original request.
+ */
+ public String getContext()
+ {
+ return this.delegate.getContext();
+ }
+
+ /**
+ * <p>
+ * Sets the response context.
+ * </p>
+ *
+ * @param context a {@code String} that identifies the original request.
+ */
+ public void setContext(String context)
+ {
+ this.delegate.setContext(context);
+ }
+
+ /**
+ * <p>
+ * Obtains a map that contains attributes that aren't bound to any typed property on the response. This is a live
+ * reference, so attributes can be added/changed/removed directly. For this reason, there is no setter method.
+ * </p>
+ *
+ * @return a {@code Map<QName, String>} that contains the attributes.
+ */
+ public Map<QName, String> getOtherAttributes()
+ {
+ return this.delegate.getOtherAttributes();
+ }
+
+ /**
+ * <p>
+ * Gets a reference to the list that holds all response element values.
+ * </p>
+ *
+ * @return a {@code List<Object>} containing all values specified in the response.
+ */
+ public List<Object> getAny()
+ {
+ return this.delegate.getAny();
+ }
+
+ /**
+ * <p>
+ * Obtains a reference to the {@code RequestSecurityTokenResponseType} delegate.
+ * </p>
+ *
+ * @return a reference to the delegate instance.
+ */
+ public RequestSecurityTokenResponseType getDelegate()
+ {
+ return this.delegate;
+ }
+}
Copied: identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/wstrust/wrappers/RequestSecurityTokenResponseCollection.java (from rev 757, identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/wstrust/RequestSecurityTokenResponseCollection.java)
===================================================================
--- identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/wstrust/wrappers/RequestSecurityTokenResponseCollection.java (rev 0)
+++ identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/wstrust/wrappers/RequestSecurityTokenResponseCollection.java 2009-09-03 01:56:21 UTC (rev 758)
@@ -0,0 +1,124 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2009, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.identity.federation.core.wstrust.wrappers;
+
+import java.util.ArrayList;
+import java.util.Collections;
+import java.util.List;
+
+import org.jboss.identity.federation.ws.trust.RequestSecurityTokenResponseCollectionType;
+import org.jboss.identity.federation.ws.trust.RequestSecurityTokenResponseType;
+
+/**
+ * <p>
+ * This class represents a WS-Trust {@code RequestSecurityTokenResponseCollection}. It wraps the JAXB representation of
+ * the security token collection response.
+ * </p>
+ *
+ * @author <a href="mailto:sguilhen@redhat.com">Stefan Guilhen</a>
+ */
+public class RequestSecurityTokenResponseCollection implements BaseRequestSecurityTokenResponse
+{
+
+ private final RequestSecurityTokenResponseCollectionType delegate;
+
+ private final List<RequestSecurityTokenResponse> requestSecurityTokenResponses;
+
+ /**
+ * <p>
+ * Creates an instance of {@code RequestSecurityTokenResponseCollection}.
+ * </p>
+ */
+ public RequestSecurityTokenResponseCollection()
+ {
+ this.requestSecurityTokenResponses = new ArrayList<RequestSecurityTokenResponse>();
+ this.delegate = new RequestSecurityTokenResponseCollectionType();
+ }
+
+ /**
+ * <p>
+ * Creates an instance of {@code RequestSecurityTokenResponseCollection} using the specified delegate.
+ * </p>
+ *
+ * @param delegate the JAXB {@code RequestSecurityTokenResponseCollectionType} that represents a WS-Trust request
+ * collection.
+ */
+ public RequestSecurityTokenResponseCollection(RequestSecurityTokenResponseCollectionType delegate)
+ {
+ this.delegate = delegate;
+ this.requestSecurityTokenResponses = new ArrayList<RequestSecurityTokenResponse>();
+ for (RequestSecurityTokenResponseType response : delegate.getRequestSecurityTokenResponse())
+ this.requestSecurityTokenResponses.add(new RequestSecurityTokenResponse(response));
+ }
+
+ /**
+ * <p>
+ * Obtains the collection of {@code RequestSecurityTokenResponse} objects. The returned collection is immutable, so
+ * addition or removal of requests must be carried by the appropriate add/remove methods.
+ * </p>
+ *
+ * @return a {@code List<RequestSecurityToken>} containing the token requests.
+ */
+ public List<RequestSecurityTokenResponse> getRequestSecurityTokenResponses()
+ {
+ return Collections.unmodifiableList(this.requestSecurityTokenResponses);
+ }
+
+ /**
+ * <p>
+ * Adds the specified {@code RequestSecurityTokenResponse} object to the collection of token requests.
+ * </p>
+ *
+ * @param request the {@code RequestSecurityTokenResponse} to be added.
+ */
+ public void addRequestSecurityTokenResponse(RequestSecurityTokenResponse response)
+ {
+ this.delegate.getRequestSecurityTokenResponse().add(response.getDelegate());
+ this.requestSecurityTokenResponses.add(response);
+ }
+
+ /**
+ * <p>
+ * Removes the specified {@code RequestSecurityTokenResponse} object from the collection of token requests.
+ * </p>
+ *
+ * @param request the {@code RequestSecurityTokenResponse} to be removed.
+ */
+ public void removeRequestSecurityTokenResponse(RequestSecurityTokenResponse response)
+ {
+ this.delegate.getRequestSecurityTokenResponse().remove(response.getDelegate());
+ this.requestSecurityTokenResponses.remove(response);
+ }
+
+ /**
+ * <p>
+ * Obtains a reference to the {@code RequestSecurityTokenResponseCollectionType} delegate.
+ * </p>
+ *
+ * @return a reference to the delegate instance.
+ */
+ public RequestSecurityTokenResponseCollectionType getDelegate()
+ {
+ return this.delegate;
+ }
+
+}
Added: identity-federation/trunk/jboss-identity-fed-core/src/test/java/org/jboss/test/identity/federation/core/wstrust/MockSTSConfiguration.java
===================================================================
--- identity-federation/trunk/jboss-identity-fed-core/src/test/java/org/jboss/test/identity/federation/core/wstrust/MockSTSConfiguration.java (rev 0)
+++ identity-federation/trunk/jboss-identity-fed-core/src/test/java/org/jboss/test/identity/federation/core/wstrust/MockSTSConfiguration.java 2009-09-03 01:56:21 UTC (rev 758)
@@ -0,0 +1,152 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2009, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.test.identity.federation.core.wstrust;
+
+import java.security.KeyPair;
+import java.security.PublicKey;
+import java.util.Map;
+
+import org.jboss.identity.federation.core.wstrust.STSConfiguration;
+import org.jboss.identity.federation.core.wstrust.SecurityTokenProvider;
+import org.jboss.identity.federation.core.wstrust.WSTrustRequestHandler;
+
+/**
+ * <p>
+ * Mock implementation of {@code STSConfiguration} used in the test scenarios.
+ * </p>
+ *
+ * @author <a href="mailto:sguilhen@redhat.com">Stefan Guilhen</a>
+ * @version $Revision: 631 $
+ */
+public class MockSTSConfiguration implements STSConfiguration
+{
+
+ /*
+ * (non-Javadoc)
+ *
+ * @see org.jboss.identity.federation.api.wstrust.STSConfiguration#getEncryptIssuedToken()
+ */
+ public boolean encryptIssuedToken()
+ {
+ return false;
+ }
+
+ /*
+ * (non-Javadoc)
+ * @see org.jboss.identity.federation.api.wstrust.STSConfiguration#signIssuedToken()
+ */
+ public boolean signIssuedToken()
+ {
+ return true;
+ }
+
+ /*
+ * (non-Javadoc)
+ *
+ * @see org.jboss.identity.federation.api.wstrust.STSConfiguration#getIssuedTokenTimeout()
+ */
+ public long getIssuedTokenTimeout()
+ {
+ return 0;
+ }
+
+ /*
+ * (non-Javadoc)
+ *
+ * @see org.jboss.identity.federation.api.wstrust.STSConfiguration#getOptions()
+ */
+ public Map<String, Object> getOptions()
+ {
+ return null;
+ }
+
+ /*
+ * (non-Javadoc)
+ *
+ * @see org.jboss.identity.federation.api.wstrust.STSConfiguration#getProviderForService(java.lang.String)
+ */
+ public SecurityTokenProvider getProviderForService(String serviceName)
+ {
+ return null;
+ }
+
+ /*
+ * (non-Javadoc)
+ *
+ * @see org.jboss.identity.federation.api.wstrust.STSConfiguration#getProviderForTokenType(java.lang.String)
+ */
+ public SecurityTokenProvider getProviderForTokenType(String tokenType)
+ {
+ return null;
+ }
+
+ /*
+ * (non-Javadoc)
+ *
+ * @see org.jboss.identity.federation.api.wstrust.STSConfiguration#getTokenTypeForService(java.lang.String)
+ */
+ public String getTokenTypeForService(String serviceName)
+ {
+ return null;
+ }
+
+ /*
+ * (non-Javadoc)
+ *
+ * @see org.jboss.identity.federation.api.wstrust.STSConfiguration#getRequestHandler()
+ */
+ public WSTrustRequestHandler getRequestHandler()
+ {
+ return null;
+ }
+
+ /*
+ * (non-Javadoc)
+ *
+ * @see org.jboss.identity.federation.api.wstrust.STSConfiguration#getSTSName()
+ */
+ public String getSTSName()
+ {
+ return null;
+ }
+
+ /*
+ * (non-Javadoc)
+ *
+ * @see org.jboss.identity.federation.api.wstrust.STSConfiguration#getServiceProviderPublicKey(java.lang.String)
+ */
+ public PublicKey getServiceProviderPublicKey(String serviceName)
+ {
+ return null;
+ }
+
+ /*
+ * (non-Javadoc)
+ *
+ * @see org.jboss.identity.federation.api.wstrust.STSConfiguration#getSTSKeyPair()
+ */
+ public KeyPair getSTSKeyPair()
+ {
+ return null;
+ }
+
+}
Added: identity-federation/trunk/jboss-identity-fed-core/src/test/java/org/jboss/test/identity/federation/core/wstrust/SAML20TokenProviderUnitTestCase.java
===================================================================
--- identity-federation/trunk/jboss-identity-fed-core/src/test/java/org/jboss/test/identity/federation/core/wstrust/SAML20TokenProviderUnitTestCase.java (rev 0)
+++ identity-federation/trunk/jboss-identity-fed-core/src/test/java/org/jboss/test/identity/federation/core/wstrust/SAML20TokenProviderUnitTestCase.java 2009-09-03 01:56:21 UTC (rev 758)
@@ -0,0 +1,275 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2009, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.test.identity.federation.core.wstrust;
+
+import java.net.URI;
+import java.security.Principal;
+import java.util.GregorianCalendar;
+
+import javax.xml.bind.JAXBContext;
+import javax.xml.bind.JAXBElement;
+import javax.xml.bind.Unmarshaller;
+import javax.xml.namespace.QName;
+
+import junit.framework.TestCase;
+
+import org.jboss.identity.federation.core.wstrust.StandardSecurityToken;
+import org.jboss.identity.federation.core.wstrust.WSTrustConstants;
+import org.jboss.identity.federation.core.wstrust.WSTrustRequestContext;
+import org.jboss.identity.federation.core.wstrust.WSTrustUtil;
+import org.jboss.identity.federation.core.wstrust.plugins.saml.SAML20TokenProvider;
+import org.jboss.identity.federation.core.wstrust.plugins.saml.SAMLUtil;
+import org.jboss.identity.federation.core.wstrust.wrappers.Lifetime;
+import org.jboss.identity.federation.core.wstrust.wrappers.RequestSecurityToken;
+import org.jboss.identity.federation.saml.v2.assertion.AssertionType;
+import org.jboss.identity.federation.saml.v2.assertion.AudienceRestrictionType;
+import org.jboss.identity.federation.saml.v2.assertion.ConditionsType;
+import org.jboss.identity.federation.saml.v2.assertion.NameIDType;
+import org.jboss.identity.federation.saml.v2.assertion.SubjectConfirmationType;
+import org.jboss.identity.federation.saml.v2.assertion.SubjectType;
+import org.jboss.identity.federation.ws.trust.RequestedReferenceType;
+import org.jboss.identity.federation.ws.trust.StatusType;
+import org.jboss.identity.federation.ws.trust.ValidateTargetType;
+import org.jboss.identity.federation.ws.wss.secext.KeyIdentifierType;
+import org.jboss.identity.federation.ws.wss.secext.SecurityTokenReferenceType;
+import org.w3c.dom.Element;
+
+/**
+ * <p>
+ * This {@code TestCase} tests the functionalities of the {@code SAML20TokenProvider} class.
+ * </p>
+ *
+ * @author <a href="mailto:sguilhen@redhat.com">Stefan Guilhen</a>
+ */
+public class SAML20TokenProviderUnitTestCase extends TestCase
+{
+
+ /**
+ * <p>
+ * Tests the issuance of a SAMLV2.0 Assertion.
+ * </p>
+ *
+ * @throws Exception if an error occurs while running the test.
+ */
+ public void testIssueSAMLV20Token() throws Exception
+ {
+ // create a WSTrustRequestContext with a simple WS-Trust request.
+ RequestSecurityToken request = new RequestSecurityToken();
+ request.setLifetime(WSTrustUtil.createDefaultLifetime(3600000));
+ request.setAppliesTo(WSTrustUtil.createAppliesTo("http://services.testcorp.org/provider2"));
+ request.setTokenType(URI.create(SAMLUtil.SAML2_TOKEN_TYPE));
+
+ WSTrustRequestContext context = new WSTrustRequestContext(request, new TestPrincipal("sguilhen"));
+ context.setTokenIssuer("JBossSTS");
+
+ // call the SAML token provider and check the generated token.
+ new SAML20TokenProvider().issueToken(context);
+ assertNotNull("Unexpected null security token", context.getSecurityToken());
+
+ JAXBContext jaxbContext = JAXBContext.newInstance("org.jboss.identity.federation.saml.v2.assertion");
+ Unmarshaller unmarshaller = jaxbContext.createUnmarshaller();
+ JAXBElement<?> parsedElement = (JAXBElement<?>) unmarshaller.unmarshal((Element) context.getSecurityToken()
+ .getTokenValue());
+ assertNotNull("Unexpected null element", parsedElement);
+ assertEquals("Unexpected element type", AssertionType.class, parsedElement.getDeclaredType());
+
+ AssertionType assertion = (AssertionType) parsedElement.getValue();
+ StandardSecurityToken securityToken = (StandardSecurityToken) context.getSecurityToken();
+ assertEquals("Unexpected token id", securityToken.getTokenID(), assertion.getID());
+ assertEquals("Unexpected token issuer", "JBossSTS", assertion.getIssuer().getValue());
+
+ // check the contents of the assertion conditions.
+ ConditionsType conditions = assertion.getConditions();
+ assertNotNull("Unexpected null conditions", conditions);
+ assertNotNull("Unexpected null value for NotBefore attribute", conditions.getNotBefore());
+ assertNotNull("Unexpected null value for NotOnOrAfter attribute", conditions.getNotOnOrAfter());
+ assertEquals("Unexpected number of conditions", 1, conditions.getConditionOrAudienceRestrictionOrOneTimeUse()
+ .size());
+ assertTrue("Unexpected condition type",
+ conditions.getConditionOrAudienceRestrictionOrOneTimeUse().get(0) instanceof AudienceRestrictionType);
+ AudienceRestrictionType restrictionType = (AudienceRestrictionType) conditions
+ .getConditionOrAudienceRestrictionOrOneTimeUse().get(0);
+ assertNotNull("Unexpected null audience list", restrictionType.getAudience());
+ assertEquals("Unexpected number of audience elements", 1, restrictionType.getAudience().size());
+ assertEquals("Unexpected audience value", "http://services.testcorp.org/provider2", restrictionType.getAudience()
+ .get(0));
+
+ // check the contents of the assertion subject.
+ SubjectType subject = assertion.getSubject();
+ assertNotNull("Unexpected null subject", subject);
+ assertEquals("Unexpected subject content size", 2, subject.getContent().size());
+ JAXBElement<?> content = subject.getContent().get(0);
+ assertEquals("Unexpected content type", NameIDType.class, content.getDeclaredType());
+ NameIDType nameID = (NameIDType) content.getValue();
+ assertEquals("Unexpected name id qualifier", "urn:jboss:identity-federation", nameID.getNameQualifier());
+ assertEquals("Unexpected name id", "sguilhen", nameID.getValue());
+ content = subject.getContent().get(1);
+ assertEquals("Unexpected content type", SubjectConfirmationType.class, content.getDeclaredType());
+ SubjectConfirmationType confirmation = (SubjectConfirmationType) content.getValue();
+ assertEquals("Unexpected confirmation method", SAMLUtil.SAML2_BEARER_URI, confirmation.getMethod());
+
+ // validate the attached token reference created by the SAML provider.
+ RequestedReferenceType reference = context.getAttachedReference();
+ assertNotNull("Unexpected null attached reference", reference);
+ SecurityTokenReferenceType securityRef = reference.getSecurityTokenReference();
+ assertNotNull("Unexpected null security reference", securityRef);
+ String tokenTypeAttr = securityRef.getOtherAttributes().get(new QName(WSTrustConstants.WSSE11_NS, "TokenType"));
+ assertNotNull("Required attribute TokenType is missing", tokenTypeAttr);
+ assertEquals("TokenType attribute has an unexpected value", SAMLUtil.SAML2_TOKEN_TYPE, tokenTypeAttr);
+ JAXBElement<?> keyIdElement = (JAXBElement<?>) securityRef.getAny().get(0);
+ KeyIdentifierType keyId = (KeyIdentifierType) keyIdElement.getValue();
+ assertEquals("Unexpected key value type", SAMLUtil.SAML2_VALUE_TYPE, keyId.getValueType());
+ assertNotNull("Unexpected null key identifier value", keyId.getValue());
+ assertEquals(assertion.getID(), keyId.getValue().substring(1));
+ }
+
+ /**
+ * <p>
+ * Tests the validation of a SAMLV2.0 Assertion.
+ * </p>
+ *
+ * @throws Exception if an error occurs while running the test.
+ */
+ public void testValidateSAMLV20Token() throws Exception
+ {
+
+ // issue a SAMLV2.0 assertion.
+ WSTrustRequestContext context = this.createIssuingContext(WSTrustUtil.createDefaultLifetime(3600000));
+ SAML20TokenProvider provider = new SAML20TokenProvider();
+ provider.issueToken(context);
+
+ // get the issued SAMLV2.0 assertion.
+ Element assertion = (Element) context.getSecurityToken().getTokenValue();
+
+ // now create a WS-Trust validate context.
+ context = this.createValidatingContext(assertion);
+
+ // validate the SAMLV2.0 assertion.
+ provider.validateToken(context);
+ StatusType status = context.getStatus();
+ assertNotNull("Unexpected null status type", status);
+ assertEquals("Unexpected status code", WSTrustConstants.STATUS_CODE_VALID, status.getCode());
+ assertEquals("Unexpected status reason", "SAMLV2.0 Assertion successfuly validated", status.getReason());
+
+ // now let's create a new SAMLV2.0 assertion with an expired lifetime.
+ long currentTimeMillis = System.currentTimeMillis();
+ GregorianCalendar created = new GregorianCalendar();
+ created.setTimeInMillis(currentTimeMillis - 3600000);
+ GregorianCalendar expires = new GregorianCalendar();
+ expires.setTimeInMillis(currentTimeMillis - 1800000);
+ context = this.createIssuingContext(new Lifetime(created, expires));
+
+ provider.issueToken(context);
+ assertion = (Element) context.getSecurityToken().getTokenValue();
+
+ // try to validate the expired token.
+ context = this.createValidatingContext(assertion);
+ provider.validateToken(context);
+ status = context.getStatus();
+ assertNotNull("Unexpected null status type", status);
+ assertEquals("Unexpected status code", WSTrustConstants.STATUS_CODE_INVALID, status.getCode());
+ assertEquals("Unexpected status reason",
+ "Validation failure: assertion expired or used before its lifetime period", status.getReason());
+ }
+
+ /**
+ * <p>
+ * Creates a {@code WSTrustRequestContext} using the specified lifetime. The created context is used in the issuing
+ * test scenarios.
+ * </p>
+ *
+ * @param lifetime the {@code Lifetime} of the assertion to be issued.
+ * @return the constructed {@code WSTrustRequestHandler} instance.
+ * @throws Exception if an error occurs while creating the context.
+ */
+ private WSTrustRequestContext createIssuingContext(Lifetime lifetime) throws Exception
+ {
+ // create a WSTrustRequestContext with a simple WS-Trust issue request.
+ RequestSecurityToken request = new RequestSecurityToken();
+ request.setLifetime(lifetime);
+ request.setAppliesTo(WSTrustUtil.createAppliesTo("http://services.testcorp.org/provider2"));
+ request.setRequestType(URI.create(WSTrustConstants.ISSUE_REQUEST));
+ request.setTokenType(URI.create(SAMLUtil.SAML2_TOKEN_TYPE));
+
+ WSTrustRequestContext context = new WSTrustRequestContext(request, new TestPrincipal("sguilhen"));
+ context.setTokenIssuer("JBossSTS");
+
+ return context;
+ }
+
+ /**
+ * <p>
+ * Creates a {@code WSTrustRequestContext} for validating the specified assertion.
+ * </p>
+ *
+ * @param assertion an {@code Element} representing the SAMLV2.0 assertion to be validated.
+ * @return the constructed {@code WSTrustRequestContext} instance.
+ * @throws Exception if an error occurs while creating the validating context.
+ */
+ private WSTrustRequestContext createValidatingContext(Element assertion) throws Exception
+ {
+ RequestSecurityToken request = new RequestSecurityToken();
+ request.setRequestType(URI.create(WSTrustConstants.VALIDATE_REQUEST));
+ request.setTokenType(URI.create(WSTrustConstants.STATUS_TYPE));
+ ValidateTargetType validateTarget = new ValidateTargetType();
+ validateTarget.setAny(assertion);
+ request.setValidateTarget(validateTarget);
+
+ WSTrustRequestContext context = new WSTrustRequestContext(request, new TestPrincipal("sguilhen"));
+
+ return context;
+ }
+
+ /**
+ * <p>
+ * Simple {@code Principal} implementation used in the test scenarios.
+ * </p>
+ *
+ * @author <a href="mailto:sguilhen@redhat.com">Stefan Guilhen</a>
+ */
+ private class TestPrincipal implements Principal
+ {
+ private final String name;
+
+ /**
+ * <p>
+ * Creates an instance of {@code TestPrincipal} with the specified name.
+ * </p>
+ *
+ * @param name a {@code String} representing the principal name.
+ */
+ public TestPrincipal(String name)
+ {
+ this.name = name;
+ }
+
+ /*
+ * (non-Javadoc)
+ *
+ * @see java.security.Principal#getName()
+ */
+ public String getName()
+ {
+ return this.name;
+ }
+ }
+}
Added: identity-federation/trunk/jboss-identity-fed-core/src/test/java/org/jboss/test/identity/federation/core/wstrust/SpecialTokenProvider.java
===================================================================
--- identity-federation/trunk/jboss-identity-fed-core/src/test/java/org/jboss/test/identity/federation/core/wstrust/SpecialTokenProvider.java (rev 0)
+++ identity-federation/trunk/jboss-identity-fed-core/src/test/java/org/jboss/test/identity/federation/core/wstrust/SpecialTokenProvider.java 2009-09-03 01:56:21 UTC (rev 758)
@@ -0,0 +1,74 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2009, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.test.identity.federation.core.wstrust;
+
+import org.jboss.identity.federation.core.wstrust.SecurityTokenProvider;
+import org.jboss.identity.federation.core.wstrust.WSTrustException;
+import org.jboss.identity.federation.core.wstrust.WSTrustRequestContext;
+
+/**
+ * <p>
+ * Mock {@code SecurityTokenProvider} used in the test scenarios.
+ * </p>
+ *
+ * @author <a href="mailto:sguilhen@redhat.com">Stefan Guilhen</a>
+ */
+public class SpecialTokenProvider implements SecurityTokenProvider
+{
+
+ /*
+ * (non-Javadoc)
+ *
+ * @see org.jboss.identity.federation.api.wstrust.SecurityTokenProvider#cancelToken(org.jboss.identity.federation.api.wstrust.WSTrustRequestContext)
+ */
+ public void cancelToken(WSTrustRequestContext context) throws WSTrustException
+ {
+ }
+
+ /*
+ * (non-Javadoc)
+ *
+ * @see org.jboss.identity.federation.api.wstrust.SecurityTokenProvider#issueToken(org.jboss.identity.federation.api.wstrust.WSTrustRequestContext)
+ */
+ public void issueToken(WSTrustRequestContext context) throws WSTrustException
+ {
+ }
+
+ /*
+ * (non-Javadoc)
+ *
+ * @see org.jboss.identity.federation.api.wstrust.SecurityTokenProvider#renewToken(org.jboss.identity.federation.api.wstrust.WSTrustRequestContext)
+ */
+ public void renewToken(WSTrustRequestContext context) throws WSTrustException
+ {
+ }
+
+ /*
+ * (non-Javadoc)
+ *
+ * @see org.jboss.identity.federation.api.wstrust.SecurityTokenProvider#validateToken(org.jboss.identity.federation.api.wstrust.WSTrustRequestContext)
+ */
+ public void validateToken(WSTrustRequestContext context) throws WSTrustException
+ {
+ }
+
+}
Added: identity-federation/trunk/jboss-identity-fed-core/src/test/java/org/jboss/test/identity/federation/core/wstrust/WSTrustJAXBFactoryUnitTestCase.java
===================================================================
--- identity-federation/trunk/jboss-identity-fed-core/src/test/java/org/jboss/test/identity/federation/core/wstrust/WSTrustJAXBFactoryUnitTestCase.java (rev 0)
+++ identity-federation/trunk/jboss-identity-fed-core/src/test/java/org/jboss/test/identity/federation/core/wstrust/WSTrustJAXBFactoryUnitTestCase.java 2009-09-03 01:56:21 UTC (rev 758)
@@ -0,0 +1,186 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2009, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.test.identity.federation.core.wstrust;
+
+import java.net.URI;
+
+import javax.xml.transform.Source;
+import javax.xml.transform.dom.DOMSource;
+
+import junit.framework.TestCase;
+
+import org.jboss.identity.federation.core.saml.v2.util.DocumentUtil;
+import org.jboss.identity.federation.core.wstrust.WSTrustJAXBFactory;
+import org.jboss.identity.federation.core.wstrust.wrappers.BaseRequestSecurityToken;
+import org.jboss.identity.federation.core.wstrust.wrappers.BaseRequestSecurityTokenResponse;
+import org.jboss.identity.federation.core.wstrust.wrappers.RequestSecurityToken;
+import org.jboss.identity.federation.core.wstrust.wrappers.RequestSecurityTokenResponse;
+import org.jboss.identity.federation.core.wstrust.wrappers.RequestSecurityTokenResponseCollection;
+import org.w3c.dom.Document;
+
+/**
+ * <p>
+ * This {@code TestCase} tests the methods of the {@code WSTrustJAXBFactory}.
+ * </p>
+ *
+ * @author <a href="mailto:sguilhen@redhat.com">Stefan Guilhen</a>
+ */
+public class WSTrustJAXBFactoryUnitTestCase extends TestCase
+{
+
+ /**
+ * <p>
+ * Tests parsing a WS-Trust request message.
+ * </p>
+ *
+ * @throws Exception
+ * if an error occurs while running the test.
+ */
+ public void testParseRequestSecurityToken() throws Exception
+ {
+ // load a sample ws-trust request from a test file.
+ Document document = DocumentUtil
+ .getDocument(this.getClass().getResourceAsStream("/wstrust/ws-trust-request.xml"));
+
+ // encapsulate the request in a source object.
+ Source source = new DOMSource(document);
+
+ // parse the request using the WSTrustJAXBFactory.
+ WSTrustJAXBFactory factory = WSTrustJAXBFactory.getInstance();
+ BaseRequestSecurityToken baseRequest = factory.parseRequestSecurityToken(source);
+ assertNotNull("Unexpected null request message", baseRequest);
+
+ // check the contents of the parsed request.
+ assertTrue("Unexpected request message type", baseRequest instanceof RequestSecurityToken);
+ RequestSecurityToken parsedRequest = (RequestSecurityToken) baseRequest;
+ assertEquals("Unexpected context name", "testcontext", parsedRequest.getContext());
+ assertEquals("Unexpected token type", "http://www.tokens.org/SpecialToken", parsedRequest.getTokenType().toString());
+ assertEquals("Unexpected request type", "http://docs.oasis-open.org/ws-sx/ws-trust/200512/Issue", parsedRequest
+ .getRequestType().toString());
+ }
+
+ /**
+ * <p>
+ * Tests parsing a WS-Trust response message.
+ * </p>
+ *
+ * @throws Exception
+ * if an error occurs while running the test.
+ */
+ public void testParseRequestSecurityTokenResponse() throws Exception
+ {
+ // load a ws-trust response from a file.
+ Document document = DocumentUtil.getDocument(this.getClass()
+ .getResourceAsStream("/wstrust/ws-trust-response.xml"));
+
+ // encapsulate the response in a source object.
+ Source source = new DOMSource(document);
+
+ // parse the response using the WSTrustJAXBFactory.
+ WSTrustJAXBFactory factory = WSTrustJAXBFactory.getInstance();
+ BaseRequestSecurityTokenResponse baseResponse = factory.parseRequestSecurityTokenResponse(source);
+ assertNotNull("Unexpected null response message", baseResponse);
+
+ // check the contents of the parsed response.
+ assertTrue("Unexpected response message type", baseResponse instanceof RequestSecurityTokenResponseCollection);
+ RequestSecurityTokenResponseCollection parsedCollection = (RequestSecurityTokenResponseCollection) baseResponse;
+ assertNotNull("Unexpected null response list", parsedCollection.getRequestSecurityTokenResponses());
+ assertEquals("Unexpected number of responses", 1, parsedCollection.getRequestSecurityTokenResponses().size());
+
+ RequestSecurityTokenResponse parsedResponse = parsedCollection.getRequestSecurityTokenResponses().get(0);
+ assertEquals("Unexpected context name", "testcontext", parsedResponse.getContext());
+ assertEquals("Unexpected token type", "http://www.tokens.org/SpecialToken", parsedResponse.getTokenType()
+ .toString());
+ assertFalse(parsedResponse.isForwardable());
+ }
+
+ /**
+ * <p>
+ * Tests the marshalling of a WS-Trust request.
+ * </p>
+ *
+ * @throws Exception
+ * if an error occurs while running the test.
+ */
+ public void testMarshallRequestSecurityToken() throws Exception
+ {
+ // create a request object.
+ RequestSecurityToken request = new RequestSecurityToken();
+ request.setContext("testcontext");
+ request.setTokenType(new URI("http://www.tokens.org/SpecialToken"));
+ request.setRequestType(new URI("http://docs.oasis-open.org/ws-sx/ws-trust/200512/Issue"));
+
+ // use the factory to marshall the request.
+ WSTrustJAXBFactory factory = WSTrustJAXBFactory.getInstance();
+ Source source = factory.marshallRequestSecurityToken(request);
+ assertNotNull("Unexpected null source", source);
+ assertTrue("Unexpected source type", source instanceof DOMSource);
+
+ // at this point we know that the parsing works, so parse the generated source and compare to the original request.
+ BaseRequestSecurityToken baseRequest = factory.parseRequestSecurityToken(source);
+ assertNotNull("Unexpected null value for the parsed request", baseRequest);
+ assertTrue("Unexpected parsed request type", baseRequest instanceof RequestSecurityToken);
+ RequestSecurityToken parsedRequest = (RequestSecurityToken) baseRequest;
+ assertEquals("Unexpected context value", request.getContext(), parsedRequest.getContext());
+ assertTrue("Unexpected token type", request.getTokenType().equals(parsedRequest.getTokenType()));
+ assertTrue("Unexpected request type", request.getRequestType().equals(parsedRequest.getRequestType()));
+ }
+
+ /**
+ * <p>
+ * Tests the marshalling of a WS-Trust response.
+ * </p>
+ *
+ * @throws Exception
+ * if an error occurs while running the test.
+ */
+ public void testMarshallRequestSecurityTokenResponse() throws Exception
+ {
+ // create a sample ws-trust response message.
+ RequestSecurityTokenResponse response = new RequestSecurityTokenResponse();
+ response.setContext("testcontext");
+ response.setTokenType(new URI("http://www.tokens.org/SpecialToken"));
+ response.setForwardable(false);
+
+ RequestSecurityTokenResponseCollection collection = new RequestSecurityTokenResponseCollection();
+ collection.addRequestSecurityTokenResponse(response);
+
+ // use the factory to marshall the response.
+ WSTrustJAXBFactory factory = WSTrustJAXBFactory.getInstance();
+ Source source = factory.marshallRequestSecurityTokenResponse(collection);
+ assertNotNull("Unexpected null source", source);
+ assertTrue("Unexpected source type", source instanceof DOMSource);
+
+ // at this point we know that the parsing works, so parse the generated source and compare to the original response.
+ BaseRequestSecurityTokenResponse baseResponse = factory.parseRequestSecurityTokenResponse(source);
+ assertNotNull("Unexpected null value for the parsed response", baseResponse);
+ assertTrue("Unexpected parsed request type", baseResponse instanceof RequestSecurityTokenResponseCollection);
+ RequestSecurityTokenResponseCollection parsedCollection = (RequestSecurityTokenResponseCollection) baseResponse;
+ assertNotNull("Unexpected null response list", parsedCollection.getRequestSecurityTokenResponses());
+ assertEquals("Unexpected number of responses", 1, parsedCollection.getRequestSecurityTokenResponses().size());
+
+ RequestSecurityTokenResponse parsedResponse = parsedCollection.getRequestSecurityTokenResponses().get(0);
+ assertEquals("Unexpected context value", response.getContext(), parsedResponse.getContext());
+ assertTrue("Unexpected token type", response.getTokenType().equals(parsedResponse.getTokenType()));
+ assertFalse(parsedResponse.isForwardable());
+ }
+}
Added: identity-federation/trunk/jboss-identity-fed-core/src/test/java/org/jboss/test/identity/federation/core/wstrust/WSTrustServiceFactoryUnitTestCase.java
===================================================================
--- identity-federation/trunk/jboss-identity-fed-core/src/test/java/org/jboss/test/identity/federation/core/wstrust/WSTrustServiceFactoryUnitTestCase.java (rev 0)
+++ identity-federation/trunk/jboss-identity-fed-core/src/test/java/org/jboss/test/identity/federation/core/wstrust/WSTrustServiceFactoryUnitTestCase.java 2009-09-03 01:56:21 UTC (rev 758)
@@ -0,0 +1,106 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2009, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.test.identity.federation.core.wstrust;
+
+import java.security.PrivilegedActionException;
+
+import junit.framework.TestCase;
+
+import org.jboss.identity.federation.core.wstrust.STSConfiguration;
+import org.jboss.identity.federation.core.wstrust.SecurityTokenProvider;
+import org.jboss.identity.federation.core.wstrust.StandardRequestHandler;
+import org.jboss.identity.federation.core.wstrust.WSTrustRequestHandler;
+import org.jboss.identity.federation.core.wstrust.WSTrustServiceFactory;
+import org.jboss.identity.federation.core.wstrust.plugins.saml.SAML20TokenProvider;
+
+/**
+ * <p>
+ * This {@code TestCase} tests the behavior of the {@code WSTrustServiceFactory} class.
+ * </p>
+ *
+ * @author <a href="mailto:sguilhen@redhat.com">Stefan Guilhen</a>
+ */
+public class WSTrustServiceFactoryUnitTestCase extends TestCase
+{
+
+ /**
+ * <p>
+ * Tests the creation of a {@code WSTrustRequestHandler} instance.
+ * </p>
+ *
+ * @throws Exception if an error occurs while running the test.
+ */
+ public void testCreateRequestHandler() throws Exception
+ {
+ STSConfiguration config = new MockSTSConfiguration();
+ WSTrustServiceFactory factory = WSTrustServiceFactory.getInstance();
+
+ // tests the creation of the request handler.
+ WSTrustRequestHandler handler = factory.createRequestHandler(
+ "org.jboss.identity.federation.core.wstrust.StandardRequestHandler", config);
+ assertNotNull("Unexpected null request handler", handler);
+ assertTrue("Unexpected request handler type", handler instanceof StandardRequestHandler);
+
+ // try to create an invalid instance of request handler.
+ try
+ {
+ factory.createRequestHandler("InvalidHandler", config);
+ fail("An exception should have been raised");
+ }
+ catch (RuntimeException re)
+ {
+ assertTrue(re.getCause() instanceof PrivilegedActionException);
+ }
+ }
+
+ /**
+ * <p>
+ * Tests the creation of {@code SecurityTokenProvider}s.
+ * </p>
+ *
+ * @throws Exception if an error occurs while running the test.
+ */
+ public void testCreateTokenProvider() throws Exception
+ {
+ WSTrustServiceFactory factory = WSTrustServiceFactory.getInstance();
+ SecurityTokenProvider provider = factory
+ .createTokenProvider("org.jboss.test.identity.federation.core.wstrust.SpecialTokenProvider");
+ assertNotNull("Unexpected null token provider", provider);
+ assertTrue("Unexpected token provider type", provider instanceof SpecialTokenProvider);
+ provider = factory
+ .createTokenProvider("org.jboss.identity.federation.core.wstrust.plugins.saml.SAML20TokenProvider");
+ assertNotNull("Unexpected null token provider", provider);
+ assertTrue("Unexpected token provider type", provider instanceof SAML20TokenProvider);
+
+ // try to create an invalid token provider.
+ try
+ {
+ factory.createTokenProvider("InvalidTokenProvider");
+ fail("An exception should have been raised");
+ }
+ catch (RuntimeException re)
+ {
+ assertTrue(re.getCause() instanceof PrivilegedActionException);
+ }
+
+ }
+}
Added: identity-federation/trunk/jboss-identity-fed-core/src/test/resources/wstrust/ws-trust-request.xml
===================================================================
--- identity-federation/trunk/jboss-identity-fed-core/src/test/resources/wstrust/ws-trust-request.xml (rev 0)
+++ identity-federation/trunk/jboss-identity-fed-core/src/test/resources/wstrust/ws-trust-request.xml 2009-09-03 01:56:21 UTC (rev 758)
@@ -0,0 +1,4 @@
+<wst:RequestSecurityToken xmlns:wst="http://docs.oasis-open.org/ws-sx/ws-trust/200512/" Context="testcontext">
+ <wst:TokenType>http://www.tokens.org/SpecialToken</wst:TokenType>
+ <wst:RequestType>http://docs.oasis-open.org/ws-sx/ws-trust/200512/Issue</wst:RequestType>
+</wst:RequestSecurityToken>
\ No newline at end of file
Added: identity-federation/trunk/jboss-identity-fed-core/src/test/resources/wstrust/ws-trust-response.xml
===================================================================
--- identity-federation/trunk/jboss-identity-fed-core/src/test/resources/wstrust/ws-trust-response.xml (rev 0)
+++ identity-federation/trunk/jboss-identity-fed-core/src/test/resources/wstrust/ws-trust-response.xml 2009-09-03 01:56:21 UTC (rev 758)
@@ -0,0 +1,7 @@
+<wst:RequestSecurityTokenResponseCollection
+ xmlns:wst="http://docs.oasis-open.org/ws-sx/ws-trust/200512/">
+ <wst:RequestSecurityTokenResponse Context="testcontext">
+ <wst:TokenType>http://www.tokens.org/SpecialToken</wst:TokenType>
+ <wst:Forwardable>false</wst:Forwardable>
+ </wst:RequestSecurityTokenResponse>
+</wst:RequestSecurityTokenResponseCollection>
Modified: identity-federation/trunk/jboss-identity-seam/src/main/java/org/jboss/identity/seam/federation/SamlAuthenticationFilter.java
===================================================================
--- identity-federation/trunk/jboss-identity-seam/src/main/java/org/jboss/identity/seam/federation/SamlAuthenticationFilter.java 2009-09-02 17:50:36 UTC (rev 757)
+++ identity-federation/trunk/jboss-identity-seam/src/main/java/org/jboss/identity/seam/federation/SamlAuthenticationFilter.java 2009-09-03 01:56:21 UTC (rev 758)
@@ -52,16 +52,16 @@
import javax.xml.crypto.MarshalException;
import javax.xml.crypto.dsig.XMLSignatureException;
-import org.jboss.identity.federation.api.saml.v2.common.IDGenerator;
-import org.jboss.identity.federation.api.saml.v2.common.SAMLDocumentHolder;
import org.jboss.identity.federation.api.saml.v2.request.SAML2Request;
import org.jboss.identity.federation.api.saml.v2.response.SAML2Response;
-import org.jboss.identity.federation.api.util.XMLSignatureUtil;
import org.jboss.identity.federation.core.exceptions.ConfigurationException;
import org.jboss.identity.federation.core.exceptions.ParsingException;
+import org.jboss.identity.federation.core.saml.v2.common.IDGenerator;
+import org.jboss.identity.federation.core.saml.v2.common.SAMLDocumentHolder;
import org.jboss.identity.federation.core.saml.v2.constants.JBossSAMLURIConstants;
import org.jboss.identity.federation.core.saml.v2.holders.DestinationInfoHolder;
import org.jboss.identity.federation.core.saml.v2.util.AssertionUtil;
+import org.jboss.identity.federation.core.util.XMLSignatureUtil;
import org.jboss.identity.federation.saml.v2.assertion.AssertionType;
import org.jboss.identity.federation.saml.v2.assertion.AttributeStatementType;
import org.jboss.identity.federation.saml.v2.assertion.AttributeType;
Modified: identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/filters/SPFilter.java
===================================================================
--- identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/filters/SPFilter.java 2009-09-02 17:50:36 UTC (rev 757)
+++ identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/filters/SPFilter.java 2009-09-03 01:56:21 UTC (rev 758)
@@ -51,18 +51,21 @@
import javax.xml.crypto.dsig.XMLSignatureException;
import org.apache.log4j.Logger;
-import org.jboss.identity.federation.api.saml.v2.common.IDGenerator;
-import org.jboss.identity.federation.api.saml.v2.common.SAMLDocumentHolder;
import org.jboss.identity.federation.api.saml.v2.request.SAML2Request;
import org.jboss.identity.federation.api.saml.v2.response.SAML2Response;
-import org.jboss.identity.federation.api.util.XMLSignatureUtil;
+import org.jboss.identity.federation.core.config.KeyProviderType;
+import org.jboss.identity.federation.core.config.SPType;
+import org.jboss.identity.federation.core.config.TrustType;
import org.jboss.identity.federation.core.exceptions.ConfigurationException;
import org.jboss.identity.federation.core.exceptions.ParsingException;
+import org.jboss.identity.federation.core.saml.v2.common.IDGenerator;
+import org.jboss.identity.federation.core.saml.v2.common.SAMLDocumentHolder;
import org.jboss.identity.federation.core.saml.v2.constants.JBossSAMLURIConstants;
import org.jboss.identity.federation.core.saml.v2.exceptions.AssertionExpiredException;
import org.jboss.identity.federation.core.saml.v2.exceptions.IssuerNotTrustedException;
import org.jboss.identity.federation.core.saml.v2.holders.DestinationInfoHolder;
import org.jboss.identity.federation.core.saml.v2.util.AssertionUtil;
+import org.jboss.identity.federation.core.util.XMLSignatureUtil;
import org.jboss.identity.federation.saml.v2.assertion.AssertionType;
import org.jboss.identity.federation.saml.v2.assertion.AttributeStatementType;
import org.jboss.identity.federation.saml.v2.assertion.AttributeType;
@@ -72,9 +75,6 @@
import org.jboss.identity.federation.saml.v2.protocol.AuthnRequestType;
import org.jboss.identity.federation.saml.v2.protocol.ResponseType;
import org.jboss.identity.federation.saml.v2.protocol.StatusType;
-import org.jboss.identity.federation.core.config.KeyProviderType;
-import org.jboss.identity.federation.core.config.SPType;
-import org.jboss.identity.federation.core.config.TrustType;
import org.jboss.identity.federation.web.interfaces.IRoleValidator;
import org.jboss.identity.federation.web.interfaces.TrustKeyConfigurationException;
import org.jboss.identity.federation.web.interfaces.TrustKeyManager;
Modified: identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/util/IDPWebRequestUtil.java
===================================================================
--- identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/util/IDPWebRequestUtil.java 2009-09-02 17:50:36 UTC (rev 757)
+++ identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/util/IDPWebRequestUtil.java 2009-09-03 01:56:21 UTC (rev 758)
@@ -26,7 +26,6 @@
import java.io.InputStream;
import java.io.StringWriter;
import java.net.URL;
-import java.net.URLEncoder;
import java.security.GeneralSecurityException;
import java.security.Principal;
import java.security.PrivateKey;
@@ -38,21 +37,16 @@
import javax.xml.bind.JAXBException;
import javax.xml.transform.TransformerException;
import javax.xml.transform.TransformerFactoryConfigurationError;
-
+
import org.apache.log4j.Logger;
-import org.jboss.identity.federation.api.saml.v2.common.IDGenerator;
import org.jboss.identity.federation.api.saml.v2.request.SAML2Request;
import org.jboss.identity.federation.api.saml.v2.response.SAML2Response;
import org.jboss.identity.federation.api.saml.v2.sig.SAML2Signature;
import org.jboss.identity.federation.core.config.IDPType;
import org.jboss.identity.federation.core.config.TrustType;
-import org.jboss.identity.federation.web.interfaces.TrustKeyManager;
-import org.jboss.identity.federation.web.util.HTTPRedirectUtil;
-import org.jboss.identity.federation.web.util.PostBindingUtil;
-import org.jboss.identity.federation.web.util.RedirectBindingSignatureUtil;
-import org.jboss.identity.federation.web.util.RedirectBindingUtil;
import org.jboss.identity.federation.core.exceptions.ConfigurationException;
import org.jboss.identity.federation.core.exceptions.ParsingException;
+import org.jboss.identity.federation.core.saml.v2.common.IDGenerator;
import org.jboss.identity.federation.core.saml.v2.constants.JBossSAMLURIConstants;
import org.jboss.identity.federation.core.saml.v2.exceptions.IssueInstantMissingException;
import org.jboss.identity.federation.core.saml.v2.exceptions.IssuerNotTrustedException;
@@ -61,11 +55,11 @@
import org.jboss.identity.federation.core.saml.v2.holders.IssuerInfoHolder;
import org.jboss.identity.federation.core.saml.v2.holders.SPInfoHolder;
import org.jboss.identity.federation.core.saml.v2.util.DocumentUtil;
-import org.jboss.identity.federation.core.saml.v2.util.SignatureUtil;
import org.jboss.identity.federation.saml.v2.assertion.AssertionType;
import org.jboss.identity.federation.saml.v2.assertion.AttributeStatementType;
import org.jboss.identity.federation.saml.v2.protocol.RequestAbstractType;
import org.jboss.identity.federation.saml.v2.protocol.ResponseType;
+import org.jboss.identity.federation.web.interfaces.TrustKeyManager;
import org.w3c.dom.Document;
import org.xml.sax.SAXException;
14 years, 8 months
JBoss Identity SVN: r757 - idm/tags.
by jboss-identity-commits@lists.jboss.org
Author: bdaw
Date: 2009-09-02 13:50:36 -0400 (Wed, 02 Sep 2009)
New Revision: 757
Added:
idm/tags/1.0.0.Beta2/
Log:
tag IDM 1.0.0.Beta2
Copied: idm/tags/1.0.0.Beta2 (from rev 756, idm/trunk)
14 years, 8 months
JBoss Identity SVN: r756 - in idm/trunk: assembly and 16 other directories.
by jboss-identity-commits@lists.jboss.org
Author: bdaw
Date: 2009-09-02 13:48:49 -0400 (Wed, 02 Sep 2009)
New Revision: 756
Modified:
idm/trunk/assembly/pom.xml
idm/trunk/example/auth-simple/pom.xml
idm/trunk/example/auth/pom.xml
idm/trunk/example/simple/pom.xml
idm/trunk/idm-api/pom.xml
idm/trunk/idm-auth/pom.xml
idm/trunk/idm-cache/pom.xml
idm/trunk/idm-common/pom.xml
idm/trunk/idm-core/pom.xml
idm/trunk/idm-hibernate/pom.xml
idm/trunk/idm-ldap/pom.xml
idm/trunk/idm-spi/pom.xml
idm/trunk/idm-testsuite/pom.xml
idm/trunk/integration/deployer/pom.xml
idm/trunk/integration/jboss5/pom.xml
idm/trunk/integration/pom.xml
idm/trunk/parent/pom.xml
idm/trunk/pom.xml
Log:
prepare for 1.0.0.Beta2
Modified: idm/trunk/assembly/pom.xml
===================================================================
--- idm/trunk/assembly/pom.xml 2009-09-02 16:59:50 UTC (rev 755)
+++ idm/trunk/assembly/pom.xml 2009-09-02 17:48:49 UTC (rev 756)
@@ -4,14 +4,14 @@
<modelVersion>4.0.0</modelVersion>
<groupId>org.jboss.identity.idm</groupId>
<artifactId>jbossidm</artifactId>
- <version>1.0.0-SNAPSHOT</version>
+ <version>1.0.0.Beta2</version>
<packaging>pom</packaging>
<name>JBoss Identity IDM Assembly </name>
<parent>
<groupId>org.jboss.identity.idm</groupId>
<artifactId>idm-parent</artifactId>
- <version>1.0.0-SNAPSHOT</version>
+ <version>1.0.0.Beta2</version>
<relativePath>../parent</relativePath>
</parent>
Modified: idm/trunk/example/auth/pom.xml
===================================================================
--- idm/trunk/example/auth/pom.xml 2009-09-02 16:59:50 UTC (rev 755)
+++ idm/trunk/example/auth/pom.xml 2009-09-02 17:48:49 UTC (rev 756)
@@ -1,7 +1,7 @@
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
<modelVersion>4.0.0</modelVersion>
<groupId>org.jboss.identity.idm.example</groupId>
- <version>1.0.0-SNAPSHOT</version>
+ <version>1.0.0.Beta2</version>
<artifactId>example-auth</artifactId>
<packaging>jar</packaging>
<name>Example - JEE authentication</name>
Modified: idm/trunk/example/auth-simple/pom.xml
===================================================================
--- idm/trunk/example/auth-simple/pom.xml 2009-09-02 16:59:50 UTC (rev 755)
+++ idm/trunk/example/auth-simple/pom.xml 2009-09-02 17:48:49 UTC (rev 756)
@@ -1,7 +1,7 @@
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
<modelVersion>4.0.0</modelVersion>
<groupId>org.jboss.identity.idm.example</groupId>
- <version>1.0.0-SNAPSHOT</version>
+ <version>1.0.0.Beta2</version>
<artifactId>example-auth-simple</artifactId>
<packaging>jar</packaging>
<name>Example - JEE authentication (using deployer)</name>
Modified: idm/trunk/example/simple/pom.xml
===================================================================
--- idm/trunk/example/simple/pom.xml 2009-09-02 16:59:50 UTC (rev 755)
+++ idm/trunk/example/simple/pom.xml 2009-09-02 17:48:49 UTC (rev 756)
@@ -1,7 +1,7 @@
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
<modelVersion>4.0.0</modelVersion>
<groupId>org.jboss.identity.idm.example</groupId>
- <version>1.0.0-SNAPSHOT</version>
+ <version>1.0.0.Beta2</version>
<artifactId>example-simple</artifactId>
<packaging>jar</packaging>
<name>Example - Simple JBoss Identity IDM Maven2 project</name>
Modified: idm/trunk/idm-api/pom.xml
===================================================================
--- idm/trunk/idm-api/pom.xml 2009-09-02 16:59:50 UTC (rev 755)
+++ idm/trunk/idm-api/pom.xml 2009-09-02 17:48:49 UTC (rev 756)
@@ -2,7 +2,7 @@
<parent>
<groupId>org.jboss.identity.idm</groupId>
<artifactId>idm-parent</artifactId>
- <version>1.0.0-SNAPSHOT</version>
+ <version>1.0.0.Beta2</version>
<relativePath>../parent</relativePath>
</parent>
<modelVersion>4.0.0</modelVersion>
Modified: idm/trunk/idm-auth/pom.xml
===================================================================
--- idm/trunk/idm-auth/pom.xml 2009-09-02 16:59:50 UTC (rev 755)
+++ idm/trunk/idm-auth/pom.xml 2009-09-02 17:48:49 UTC (rev 756)
@@ -2,7 +2,7 @@
<parent>
<groupId>org.jboss.identity.idm</groupId>
<artifactId>idm-parent</artifactId>
- <version>1.0.0-SNAPSHOT</version>
+ <version>1.0.0.Beta2</version>
<relativePath>../parent</relativePath>
</parent>
<modelVersion>4.0.0</modelVersion>
Modified: idm/trunk/idm-cache/pom.xml
===================================================================
--- idm/trunk/idm-cache/pom.xml 2009-09-02 16:59:50 UTC (rev 755)
+++ idm/trunk/idm-cache/pom.xml 2009-09-02 17:48:49 UTC (rev 756)
@@ -2,7 +2,7 @@
<parent>
<groupId>org.jboss.identity.idm</groupId>
<artifactId>idm-parent</artifactId>
- <version>1.0.0-SNAPSHOT</version>
+ <version>1.0.0.Beta2</version>
<relativePath>../parent</relativePath>
</parent>
<modelVersion>4.0.0</modelVersion>
Modified: idm/trunk/idm-common/pom.xml
===================================================================
--- idm/trunk/idm-common/pom.xml 2009-09-02 16:59:50 UTC (rev 755)
+++ idm/trunk/idm-common/pom.xml 2009-09-02 17:48:49 UTC (rev 756)
@@ -2,7 +2,7 @@
<parent>
<groupId>org.jboss.identity.idm</groupId>
<artifactId>idm-parent</artifactId>
- <version>1.0.0-SNAPSHOT</version>
+ <version>1.0.0.Beta2</version>
<relativePath>../parent</relativePath>
</parent>
<modelVersion>4.0.0</modelVersion>
Modified: idm/trunk/idm-core/pom.xml
===================================================================
--- idm/trunk/idm-core/pom.xml 2009-09-02 16:59:50 UTC (rev 755)
+++ idm/trunk/idm-core/pom.xml 2009-09-02 17:48:49 UTC (rev 756)
@@ -2,7 +2,7 @@
<parent>
<groupId>org.jboss.identity.idm</groupId>
<artifactId>idm-parent</artifactId>
- <version>1.0.0-SNAPSHOT</version>
+ <version>1.0.0.Beta2</version>
<relativePath>../parent</relativePath>
</parent>
<modelVersion>4.0.0</modelVersion>
Modified: idm/trunk/idm-hibernate/pom.xml
===================================================================
--- idm/trunk/idm-hibernate/pom.xml 2009-09-02 16:59:50 UTC (rev 755)
+++ idm/trunk/idm-hibernate/pom.xml 2009-09-02 17:48:49 UTC (rev 756)
@@ -2,7 +2,7 @@
<parent>
<groupId>org.jboss.identity.idm</groupId>
<artifactId>idm-parent</artifactId>
- <version>1.0.0-SNAPSHOT</version>
+ <version>1.0.0.Beta2</version>
<relativePath>../parent</relativePath>
</parent>
<modelVersion>4.0.0</modelVersion>
Modified: idm/trunk/idm-ldap/pom.xml
===================================================================
--- idm/trunk/idm-ldap/pom.xml 2009-09-02 16:59:50 UTC (rev 755)
+++ idm/trunk/idm-ldap/pom.xml 2009-09-02 17:48:49 UTC (rev 756)
@@ -2,7 +2,7 @@
<parent>
<groupId>org.jboss.identity.idm</groupId>
<artifactId>idm-parent</artifactId>
- <version>1.0.0-SNAPSHOT</version>
+ <version>1.0.0.Beta2</version>
<relativePath>../parent</relativePath>
</parent>
<modelVersion>4.0.0</modelVersion>
Modified: idm/trunk/idm-spi/pom.xml
===================================================================
--- idm/trunk/idm-spi/pom.xml 2009-09-02 16:59:50 UTC (rev 755)
+++ idm/trunk/idm-spi/pom.xml 2009-09-02 17:48:49 UTC (rev 756)
@@ -2,7 +2,7 @@
<parent>
<groupId>org.jboss.identity.idm</groupId>
<artifactId>idm-parent</artifactId>
- <version>1.0.0-SNAPSHOT</version>
+ <version>1.0.0.Beta2</version>
<relativePath>../parent</relativePath>
</parent>
<modelVersion>4.0.0</modelVersion>
Modified: idm/trunk/idm-testsuite/pom.xml
===================================================================
--- idm/trunk/idm-testsuite/pom.xml 2009-09-02 16:59:50 UTC (rev 755)
+++ idm/trunk/idm-testsuite/pom.xml 2009-09-02 17:48:49 UTC (rev 756)
@@ -2,7 +2,7 @@
<parent>
<groupId>org.jboss.identity.idm</groupId>
<artifactId>idm-parent</artifactId>
- <version>1.0.0-SNAPSHOT</version>
+ <version>1.0.0.Beta2</version>
<relativePath>../parent</relativePath>
</parent>
<modelVersion>4.0.0</modelVersion>
Modified: idm/trunk/integration/deployer/pom.xml
===================================================================
--- idm/trunk/integration/deployer/pom.xml 2009-09-02 16:59:50 UTC (rev 755)
+++ idm/trunk/integration/deployer/pom.xml 2009-09-02 17:48:49 UTC (rev 756)
@@ -8,12 +8,12 @@
<groupId>org.jboss.identity.idm.integration</groupId>
<artifactId>idm-jboss5-deployer</artifactId>
<packaging>jar</packaging>
- <version>1.0.0-SNAPSHOT</version>
+ <version>1.0.0.Beta2</version>
<parent>
<groupId>org.jboss.identity.idm</groupId>
<artifactId>idm-integration</artifactId>
- <version>1.0.0-SNAPSHOT</version>
+ <version>1.0.0.Beta2</version>
</parent>
<properties>
Modified: idm/trunk/integration/jboss5/pom.xml
===================================================================
--- idm/trunk/integration/jboss5/pom.xml 2009-09-02 16:59:50 UTC (rev 755)
+++ idm/trunk/integration/jboss5/pom.xml 2009-09-02 17:48:49 UTC (rev 756)
@@ -8,12 +8,12 @@
<groupId>org.jboss.identity.idm.integration</groupId>
<artifactId>idm-jboss5</artifactId>
<packaging>jar</packaging>
- <version>1.0.0-SNAPSHOT</version>
+ <version>1.0.0.Beta2</version>
<parent>
<groupId>org.jboss.identity.idm</groupId>
<artifactId>idm-integration</artifactId>
- <version>1.0.0-SNAPSHOT</version>
+ <version>1.0.0.Beta2</version>
</parent>
<dependencies>
Modified: idm/trunk/integration/pom.xml
===================================================================
--- idm/trunk/integration/pom.xml 2009-09-02 16:59:50 UTC (rev 755)
+++ idm/trunk/integration/pom.xml 2009-09-02 17:48:49 UTC (rev 756)
@@ -13,7 +13,7 @@
<parent>
<groupId>org.jboss.identity.idm</groupId>
<artifactId>idm-parent</artifactId>
- <version>1.0.0-SNAPSHOT</version>
+ <version>1.0.0.Beta2</version>
<relativePath>../parent/pom.xml</relativePath>
</parent>
Modified: idm/trunk/parent/pom.xml
===================================================================
--- idm/trunk/parent/pom.xml 2009-09-02 16:59:50 UTC (rev 755)
+++ idm/trunk/parent/pom.xml 2009-09-02 17:48:49 UTC (rev 756)
@@ -8,7 +8,7 @@
<groupId>org.jboss.identity.idm</groupId>
<artifactId>idm-parent</artifactId>
<packaging>pom</packaging>
- <version>1.0.0-SNAPSHOT</version>
+ <version>1.0.0.Beta2</version>
<name>JBoss Identity IDM- Parent</name>
<url>http://labs.jboss.org/portal/jbosssecurity/</url>
<description>JBoss Identity is a cross-cutting project that handles identity needs for the JEMS projects</description>
Modified: idm/trunk/pom.xml
===================================================================
--- idm/trunk/pom.xml 2009-09-02 16:59:50 UTC (rev 755)
+++ idm/trunk/pom.xml 2009-09-02 17:48:49 UTC (rev 756)
@@ -3,7 +3,7 @@
<parent>
<groupId>org.jboss.identity.idm</groupId>
<artifactId>idm-parent</artifactId>
- <version>1.0.0-SNAPSHOT</version>
+ <version>1.0.0.Beta2</version>
<relativePath>parent</relativePath>
</parent>
<modelVersion>4.0.0</modelVersion>
14 years, 8 months
JBoss Identity SVN: r755 - identity-federation/trunk/jboss-identity-bindings/src/test/java/org/jboss/test/identity/federation/bindings/wstrust.
by jboss-identity-commits@lists.jboss.org
Author: sguilhen(a)redhat.com
Date: 2009-09-02 12:59:50 -0400 (Wed, 02 Sep 2009)
New Revision: 755
Modified:
identity-federation/trunk/jboss-identity-bindings/src/test/java/org/jboss/test/identity/federation/bindings/wstrust/JBossSTSUnitTestCase.java
Log:
JBID-179: Fixed JBossSTSUnitTestCase
Modified: identity-federation/trunk/jboss-identity-bindings/src/test/java/org/jboss/test/identity/federation/bindings/wstrust/JBossSTSUnitTestCase.java
===================================================================
--- identity-federation/trunk/jboss-identity-bindings/src/test/java/org/jboss/test/identity/federation/bindings/wstrust/JBossSTSUnitTestCase.java 2009-08-31 16:35:00 UTC (rev 754)
+++ identity-federation/trunk/jboss-identity-bindings/src/test/java/org/jboss/test/identity/federation/bindings/wstrust/JBossSTSUnitTestCase.java 2009-09-02 16:59:50 UTC (rev 755)
@@ -217,9 +217,8 @@
BaseRequestSecurityTokenResponse baseResponse = WSTrustJAXBFactory.getInstance()
.parseRequestSecurityTokenResponse(responseMessage);
- //TODO: JBID-179
// validate the security token response.
- //this.validateCustomTokenResponse(baseResponse);
+ this.validateCustomTokenResponse(baseResponse);
}
/**
@@ -488,10 +487,9 @@
Element element = (Element) requestedToken.getAny();
assertEquals("Unexpected namespace value", "http://www.tokens.org", element.getNamespaceURI());
- /*//TODO: Fix JBID-179
assertEquals("Unexpected attribute value", "http://www.tokens.org/SpecialToken", element
- .getAttribute("TokenType"));
- assertEquals("Unexpected token value", "Principal:sguilhen", element.getFirstChild().getNodeValue());*/
+ .getAttributeNS("http://www.tokens.org", "TokenType"));
+ assertEquals("Unexpected token value", "Principal:sguilhen", element.getFirstChild().getNodeValue());
}
/**
14 years, 8 months