Author: anil.saldhana(a)jboss.com Date: 2008-12-17 12:54:32 -0500 (Wed, 17 Dec 2008) New Revision: 170 Added: identity-federation/trunk/identity-fed-core/ identity-federation/trunk/identity-fed-core/.classpath identity-federation/trunk/identity-fed-core/.project identity-federation/trunk/identity-fed-core/pom.xml identity-federation/trunk/identity-fed-core/src/ identity-federation/trunk/identity-fed-core/src/main/ identity-federation/trunk/identity-fed-core/src/main/java/ identity-federation/trunk/identity-fed-core/src/main/java/org/ identity-federation/trunk/identity-fed-core/src/main/java/org/jboss/ identity-federation/trunk/identity-fed-core/src/main/java/org/jboss/identity/ identity-federation/trunk/identity-fed-core/src/main/java/org/jboss/identity/federation/ identity-federation/trunk/identity-fed-core/src/main/java/org/jboss/identity/federation/core/ identity-federation/trunk/identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/ identity-federation/trunk/identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/ identity-federation/trunk/identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/constants/ identity-federation/trunk/identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/constants/JBossSAMLConstants.java identity-federation/trunk/identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/constants/JBossSAMLURIConstants.java identity-federation/trunk/identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/holders/ identity-federation/trunk/identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/holders/IDPInfoHolder.java identity-federation/trunk/identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/holders/IssuerInfoHolder.java identity-federation/trunk/identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/holders/SPInfoHolder.java identity-federation/trunk/identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/util/ identity-federation/trunk/identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/util/SignatureUtil.java identity-federation/trunk/identity-fed-core/src/main/resources/ identity-federation/trunk/identity-fed-core/src/test/ identity-federation/trunk/identity-fed-core/src/test/java/ identity-federation/trunk/identity-fed-core/src/test/resources/ Log: code module Added: identity-federation/trunk/identity-fed-core/.classpath =================================================================== --- identity-federation/trunk/identity-fed-core/.classpath (rev 0) +++ identity-federation/trunk/identity-fed-core/.classpath 2008-12-17 17:54:32 UTC (rev 170) @@ -0,0 +1,10 @@ +<?xml version="1.0" encoding="UTF-8"?> +<classpath> + <classpathentry kind="src" path="src/main/resources"/> + <classpathentry kind="src" path="src/test/java"/> + <classpathentry kind="src" path="src/main/java"/> + <classpathentry kind="src" path="src/test/resources"/> + <classpathentry kind="con" path="org.eclipse.jdt.launching.JRE_CONTAINER"/> + <classpathentry combineaccessrules="false" kind="src" path="/identity-fed-model"/> + <classpathentry kind="output" path="target-eclipse"/> +</classpath> Added: identity-federation/trunk/identity-fed-core/.project =================================================================== --- identity-federation/trunk/identity-fed-core/.project (rev 0) +++ identity-federation/trunk/identity-fed-core/.project 2008-12-17 17:54:32 UTC (rev 170) @@ -0,0 +1,17 @@ +<?xml version="1.0" encoding="UTF-8"?> +<projectDescription> + <name>identity-fed-core</name> + <comment></comment> + <projects> + </projects> + <buildSpec> + <buildCommand> + <name>org.eclipse.jdt.core.javabuilder</name> + <arguments> + </arguments> + </buildCommand> + </buildSpec> + <natures> + <nature>org.eclipse.jdt.core.javanature</nature> + </natures> +</projectDescription> Added: identity-federation/trunk/identity-fed-core/pom.xml =================================================================== --- identity-federation/trunk/identity-fed-core/pom.xml (rev 0) +++ identity-federation/trunk/identity-fed-core/pom.xml 2008-12-17 17:54:32 UTC (rev 170) @@ -0,0 +1,83 @@ +<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd"> + <parent> + <groupId>org.jboss.identity</groupId> + <artifactId>jboss-identity-fed-parent</artifactId> + <version>1.0.0-SNAPSHOT</version> + <relativePath>../parent</relativePath> + </parent> + <modelVersion>4.0.0</modelVersion> + <artifactId>jboss-identity-fed-core</artifactId> + <packaging>jar</packaging> + <name>JBoss Identity Federation Core</name> + <url>http://labs.jboss.org/portal/jbosssecurity/</url> + <description>JBoss Identity Federation Core contains the core infrastructure code</description> + <licenses> + <license> + <name>lgpl</name> + <url>http://repository.jboss.com/licenses/lgpl.txt</url> + </license> + </licenses> + <organization> + <name>JBoss Inc.</name> + <url>http://www.jboss.org</url> + </organization> + <scm> + <connection>scm:svn:http://anonsvn.jboss.org/repos/jbossidentity/identi... + <developerConnection>scm:svn:https://svn.jboss.org/jbossidentity/identi... + <url>http://viewvc.jboss.org/cgi-bin/viewvc.cgi/jbossidentity/identity-... + </scm> + <build> + <plugins> + <plugin> + <artifactId>maven-surefire-plugin</artifactId> + <version>2.4.3</version> + <configuration> + <printSummary>true</printSummary> + <disableXmlReport>false</disableXmlReport> + <testFailureIgnore>false</testFailureIgnore> + <includes> + <include>**/**TestCase.java</include> + </includes> + <forkMode>pertest</forkMode> + <argLine>-Djava.endorsed.dirs=${basedir}/src/test/resources/endorsed</argLine> + <useFile>false</useFile> + <trimStackTrace>false</trimStackTrace> + </configuration> + </plugin> + </plugins> + </build> + + <dependencies> + <dependency> + <groupId>org.jboss.identity</groupId> + <artifactId>jboss-identity-fed-model</artifactId> + <version>${project.version}</version> + </dependency> + <dependency> + <groupId>sun-jaxb</groupId> + <artifactId>jaxb-api</artifactId> + </dependency> + <dependency> + <groupId>stax</groupId> + <artifactId>stax-api</artifactId> + <version>1.0</version> + </dependency> + <dependency> + <groupId>sun-jaf</groupId> + <artifactId>activation</artifactId> + <version>1.1</version> + <scope>test</scope> + </dependency> + <dependency> + <groupId>codehaus-stax</groupId> + <artifactId>stax</artifactId> + <version>1.1.1</version> + <scope>test</scope> + </dependency> + <dependency> + <groupId>junit</groupId> + <artifactId>junit</artifactId> + <scope>test</scope> + </dependency> + </dependencies> +</project> Added: identity-federation/trunk/identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/constants/JBossSAMLConstants.java =================================================================== --- identity-federation/trunk/identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/constants/JBossSAMLConstants.java (rev 0) +++ identity-federation/trunk/identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/constants/JBossSAMLConstants.java 2008-12-17 17:54:32 UTC (rev 170) @@ -0,0 +1,46 @@ +/* + * JBoss, Home of Professional Open Source. + * Copyright 2008, Red Hat Middleware LLC, and individual contributors + * as indicated by the @author tags. See the copyright.txt file in the + * distribution for a full listing of individual contributors. + * + * This is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * This software is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this software; if not, write to the Free + * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA + * 02110-1301 USA, or see the FSF site: http://www.fsf.org. + */ +package org.jboss.identity.federation.core.saml.v2.constants; + +/** + * SAML Constants + * @author Anil.Saldhana(a)redhat.com + * @since Dec 10, 2008 + */ +public enum JBossSAMLConstants +{ + SIGNATURE_SHA1_WITH_DSA("SHA1withDSA"), + SIGNATURE_SHA1_WITH_RSA("SHA1withRSA"), + VERSION_2_0("2.0"); + + private String val; + + private JBossSAMLConstants(String val) + { + this.val = val; + } + + public String get() + { + return this.val; + } +} \ No newline at end of file Added: identity-federation/trunk/identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/constants/JBossSAMLURIConstants.java =================================================================== --- identity-federation/trunk/identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/constants/JBossSAMLURIConstants.java (rev 0) +++ identity-federation/trunk/identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/constants/JBossSAMLURIConstants.java 2008-12-17 17:54:32 UTC (rev 170) @@ -0,0 +1,54 @@ +/* + * JBoss, Home of Professional Open Source. + * Copyright 2008, Red Hat Middleware LLC, and individual contributors + * as indicated by the @author tags. See the copyright.txt file in the + * distribution for a full listing of individual contributors. + * + * This is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * This software is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this software; if not, write to the Free + * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA + * 02110-1301 USA, or see the FSF site: http://www.fsf.org. + */ +package org.jboss.identity.federation.core.saml.v2.constants; + + +/** + * Define the constants based on URI + * @author Anil.Saldhana(a)redhat.com + * @since Dec 10, 2008 + */ +public enum JBossSAMLURIConstants +{ + AC_PASSWORD_PROTECTED_TRANSPORT("urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport"), + ATTRIBUTE_FORMAT_BASIC("urn:oasis:names:tc:SAML:2.0:attrname-format:basic"), + NAMEID_FORMAT_TRANSIENT("urn:oasis:names:tc:SAML:2.0:nameid-format:transient"), + NAMEID_FORMAT_PERSISTENT("urn:oasis:names:tc:SAML:2.0:nameid-format:persistent"), + SIGNATURE_DSA_SHA1("http://www.w3.org/2000/09/xmldsig#dsa-sha1"), + SIGNATURE_RSA_SHA1("http://www.w3.org/2000/09/xmldsig#rsa-sha1"), + SUBJECT_CONFIRMATION_BEARER("urn:oasis:names:tc:SAML:2.0:cm:bearer"), + STATUS_SUCCESS("urn:oasis:names:tc:SAML:2.0:status:Success"), + TRANSFORM_ENVELOPED_SIGNATURE("http://www.w3.org/2000/09/xmldsig#env..., + TRANSFORM_C14N_EXCL_OMIT_COMMENTS("http://www.w3.org/2001/10/xml-exc...; + + private String uri = null; + + private JBossSAMLURIConstants(String uristr) + { + this.uri = uristr; + } + + public String get() + { + return this.uri; + } +} \ No newline at end of file Added: identity-federation/trunk/identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/holders/IDPInfoHolder.java =================================================================== --- identity-federation/trunk/identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/holders/IDPInfoHolder.java (rev 0) +++ identity-federation/trunk/identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/holders/IDPInfoHolder.java 2008-12-17 17:54:32 UTC (rev 170) @@ -0,0 +1,68 @@ +/* + * JBoss, Home of Professional Open Source. + * Copyright 2008, Red Hat Middleware LLC, and individual contributors + * as indicated by the @author tags. See the copyright.txt file in the + * distribution for a full listing of individual contributors. + * + * This is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * This software is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this software; if not, write to the Free + * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA + * 02110-1301 USA, or see the FSF site: http://www.fsf.org. + */ +package org.jboss.identity.federation.core.saml.v2.holders; + +import org.jboss.identity.federation.core.saml.v2.constants.JBossSAMLURIConstants; + + +/** + * Holds essential information about an IDP for creating + * saml messages. + * @author Anil.Saldhana(a)redhat.com + * @since Dec 10, 2008 + */ +public class IDPInfoHolder +{ + private String subjectConfirmationMethod = JBossSAMLURIConstants.SUBJECT_CONFIRMATION_BEARER.get(); + private String nameIDFormat = JBossSAMLURIConstants.NAMEID_FORMAT_TRANSIENT.get(); + private String nameIDFormatValue; + + public String getSubjectConfirmationMethod() + { + return subjectConfirmationMethod; + } + + public void setSubjectConfirmationMethod(String subjectConfirmationMethod) + { + this.subjectConfirmationMethod = subjectConfirmationMethod; + } + + public String getNameIDFormat() + { + return nameIDFormat; + } + + public void setNameIDFormat(String nameIDFormat) + { + this.nameIDFormat = nameIDFormat; + } + + public String getNameIDFormatValue() + { + return nameIDFormatValue; + } + + public void setNameIDFormatValue(String nameIDFormatValue) + { + this.nameIDFormatValue = nameIDFormatValue; + } +} \ No newline at end of file Added: identity-federation/trunk/identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/holders/IssuerInfoHolder.java =================================================================== --- identity-federation/trunk/identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/holders/IssuerInfoHolder.java (rev 0) +++ identity-federation/trunk/identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/holders/IssuerInfoHolder.java 2008-12-17 17:54:32 UTC (rev 170) @@ -0,0 +1,87 @@ +/* + * JBoss, Home of Professional Open Source. + * Copyright 2008, Red Hat Middleware LLC, and individual contributors + * as indicated by the @author tags. See the copyright.txt file in the + * distribution for a full listing of individual contributors. + * + * This is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * This software is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this software; if not, write to the Free + * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA + * 02110-1301 USA, or see the FSF site: http://www.fsf.org. + */ +package org.jboss.identity.federation.core.saml.v2.holders; + +import org.jboss.identity.federation.core.saml.v2.constants.JBossSAMLConstants; +import org.jboss.identity.federation.saml.v2.assertion.NameIDType; +import org.jboss.identity.federation.saml.v2.assertion.ObjectFactory; + +/** + * Holds info about the issuer for saml messages creation + * @author Anil.Saldhana(a)redhat.com + * @param <JBossSAMLConstants> + * @since Dec 10, 2008 + */ +public class IssuerInfoHolder +{ + private NameIDType issuer; + + private String statusCodeURI; + private String samlVersion = JBossSAMLConstants.VERSION_2_0.get(); + + + public IssuerInfoHolder(NameIDType issuer) + { + if(issuer == null) + throw new IllegalArgumentException("issuer in ctr in null"); + this.issuer = issuer; + } + + public IssuerInfoHolder(String issuerAsString) + { + if(issuerAsString == null) + throw new IllegalArgumentException("issuerAsString is null"); + ObjectFactory assertionObjectFactory = new ObjectFactory(); + issuer = assertionObjectFactory.createNameIDType(); + issuer.setValue(issuerAsString); + } + + public NameIDType getIssuer() + { + return issuer; + } + + public void setIssuer(NameIDType issuer) + { + this.issuer = issuer; + } + + public String getStatusCode() + { + return statusCodeURI; + } + + public void setStatusCode(String statusCode) + { + this.statusCodeURI = statusCode; + } + + public String getSamlVersion() + { + return samlVersion; + } + + public void setSamlVersion(String samlVersion) + { + this.samlVersion = samlVersion; + } +} \ No newline at end of file Added: identity-federation/trunk/identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/holders/SPInfoHolder.java =================================================================== --- identity-federation/trunk/identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/holders/SPInfoHolder.java (rev 0) +++ identity-federation/trunk/identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/holders/SPInfoHolder.java 2008-12-17 17:54:32 UTC (rev 170) @@ -0,0 +1,55 @@ +/* + * JBoss, Home of Professional Open Source. + * Copyright 2008, Red Hat Middleware LLC, and individual contributors + * as indicated by the @author tags. See the copyright.txt file in the + * distribution for a full listing of individual contributors. + * + * This is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * This software is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this software; if not, write to the Free + * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA + * 02110-1301 USA, or see the FSF site: http://www.fsf.org. + */ +package org.jboss.identity.federation.core.saml.v2.holders; + +/** + * <p>Holds the information about a Service Provider</p> + * <p>This holder is useful in generating saml messages</p> + * + * @author Anil.Saldhana(a)redhat.com + * @since Dec 10, 2008 + */ +public class SPInfoHolder +{ + private String requestID; + private String responseDestinationURI; + + public String getRequestID() + { + return requestID; + } + + public void setRequestID(String requestID) + { + this.requestID = requestID; + } + + public String getResponseDestinationURI() + { + return responseDestinationURI; + } + + public void setResponseDestinationURI(String responseDestinationURI) + { + this.responseDestinationURI = responseDestinationURI; + } +} \ No newline at end of file Added: identity-federation/trunk/identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/util/SignatureUtil.java =================================================================== --- identity-federation/trunk/identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/util/SignatureUtil.java (rev 0) +++ identity-federation/trunk/identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/util/SignatureUtil.java 2008-12-17 17:54:32 UTC (rev 170) @@ -0,0 +1,114 @@ +/* + * JBoss, Home of Professional Open Source. + * Copyright 2008, Red Hat Middleware LLC, and individual contributors + * as indicated by the @author tags. See the copyright.txt file in the + * distribution for a full listing of individual contributors. + * + * This is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * This software is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this software; if not, write to the Free + * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA + * 02110-1301 USA, or see the FSF site: http://www.fsf.org. + */ +package org.jboss.identity.federation.core.saml.v2.util; + +import java.security.GeneralSecurityException; +import java.security.PrivateKey; +import java.security.PublicKey; +import java.security.Signature; +import java.security.cert.X509Certificate; + +import org.jboss.identity.federation.core.saml.v2.constants.JBossSAMLConstants; + + +/** + * Signature utility for signing content + * @author Anil.Saldhana(a)redhat.com + * @since Dec 16, 2008 + */ +public class SignatureUtil +{ + public static String getXMLSignatureAlgorithmURI(String algo) + { + String xmlSignatureAlgo = null; + + if("DSA".equalsIgnoreCase(algo)) + { + xmlSignatureAlgo = JBossSAMLConstants.SIGNATURE_SHA1_WITH_DSA.get(); + } + else + if("RSA".equalsIgnoreCase(algo)) + { + xmlSignatureAlgo = JBossSAMLConstants.SIGNATURE_SHA1_WITH_RSA.get(); + } + return xmlSignatureAlgo ; + } + + public static byte[] sign(String stringToBeSigned, PrivateKey signingKey) + throws Exception + { + if(stringToBeSigned == null) + throw new IllegalArgumentException("stringToBeSigned is null"); + if(signingKey == null) + throw new IllegalArgumentException("signingKey is null"); + + String algo = signingKey.getAlgorithm(); + Signature sig = getSignature(algo); + sig.initSign(signingKey); + sig.update(stringToBeSigned.getBytes()); + return sig.sign(); + } + + public static boolean validate(byte[] signedContent, + byte[] signatureValue, PublicKey validatingKey) throws Exception + { + //We assume that the sigatureValue has the same algorithm as the public key + //If not, there will be an exception anyway + String algo = validatingKey.getAlgorithm(); + Signature sig = getSignature(algo); + + sig.initVerify(validatingKey); + sig.update(signedContent); + return sig.verify(signatureValue); + } + + public static boolean validate(byte[] signedContent, + byte[] signatureValue, + String signatureAlgorithm, + X509Certificate validatingCert) throws Exception + { + Signature sig = getSignature(signatureAlgorithm); + + sig.initVerify(validatingCert); + sig.update(signedContent); + return sig.verify(signatureValue); + } + + private static Signature getSignature(String algo) throws Exception + { + Signature sig = null; + String xmlSignatureAlgo = getXMLSignatureAlgorithmURI(algo); + if(xmlSignatureAlgo == null) + throw new GeneralSecurityException("Signing Algorithm invalid:" + algo); + + if("DSA".equalsIgnoreCase(algo)) + { + sig = Signature.getInstance(xmlSignatureAlgo); + } + else + if("RSA".equalsIgnoreCase(algo)) + { + sig = Signature.getInstance(xmlSignatureAlgo); + } + return sig; + } +} \ No newline at end of file