JBoss Identity SVN: r172 - in identity-federation/trunk/identity-bindings: src/main/java/org/jboss/identity/federation/bindings/tomcat/idp and 2 other directories.
11:59 a.m.
Author: anil.saldhana(a)jboss.com
Date: 2008-12-17 12:59:06 -0500 (Wed, 17 Dec 2008)
New Revision: 172
Added:
identity-federation/trunk/identity-bindings/src/main/java/org/jboss/identity/federation/bindings/util/RedirectBindingSignatureUtil.java
identity-federation/trunk/identity-bindings/src/main/java/org/jboss/identity/federation/bindings/util/cert/
Modified:
identity-federation/trunk/identity-bindings/.classpath
identity-federation/trunk/identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/idp/IDPRedirectValve.java
identity-federation/trunk/identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/sp/SPRedirectFormAuthenticator.java
identity-federation/trunk/identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/sp/SPRedirectValve.java
Log:
refactor
Modified: identity-federation/trunk/identity-bindings/.classpath
===================================================================
--- identity-federation/trunk/identity-bindings/.classpath 2008-12-17 17:54:54 UTC (rev
171)
+++ identity-federation/trunk/identity-bindings/.classpath 2008-12-17 17:59:06 UTC (rev
172)
@@ -13,8 +13,9 @@
<classpathentry kind="var"
path="M2_REPO/apache-tomcat/tomcat-http/5.5.12/tomcat-http-5.5.12.jar"/>
<classpathentry kind="var"
path="M2_REPO/apache-tomcat/naming-resources/5.5.12/naming-resources-5.5.12.jar"/>
<classpathentry combineaccessrules="false" kind="src"
path="/identity-fed-api"/>
- <classpathentry combineaccessrules="false" kind="src"
path="/identity-fed-model"/>
<classpathentry kind="var"
path="M2_REPO/sun-jaxb/jaxb-api/2.1.9/jaxb-api-2.1.9.jar"/>
<classpathentry kind="var"
path="M2_REPO/apache-log4j/log4j/1.2.14/log4j-1.2.14.jar"/>
+ <classpathentry combineaccessrules="false" kind="src"
path="/identity-fed-core"/>
+ <classpathentry combineaccessrules="false" kind="src"
path="/identity-fed-model"/>
<classpathentry kind="output" path="target-eclipse/"/>
</classpath>
Modified:
identity-federation/trunk/identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/idp/IDPRedirectValve.java
===================================================================
---
identity-federation/trunk/identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/idp/IDPRedirectValve.java 2008-12-17
17:54:54 UTC (rev 171)
+++
identity-federation/trunk/identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/idp/IDPRedirectValve.java 2008-12-17
17:59:06 UTC (rev 172)
@@ -21,7 +21,6 @@
*/
package org.jboss.identity.federation.bindings.tomcat.idp;
-import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.StringWriter;
@@ -48,13 +47,13 @@
import org.jboss.identity.federation.api.util.Base64;
import org.jboss.identity.federation.api.util.DeflateUtil;
import org.jboss.identity.federation.bindings.util.HTTPRedirectUtil;
+import org.jboss.identity.federation.core.saml.v2.constants.JBossSAMLURIConstants;
+import org.jboss.identity.federation.core.saml.v2.holders.IDPInfoHolder;
+import org.jboss.identity.federation.core.saml.v2.holders.IssuerInfoHolder;
+import org.jboss.identity.federation.core.saml.v2.holders.SPInfoHolder;
import org.jboss.identity.federation.saml.v2.assertion.AssertionType;
import org.jboss.identity.federation.saml.v2.assertion.AttributeStatementType;
import org.jboss.identity.federation.saml.v2.assertion.AttributeType;
-import org.jboss.identity.federation.saml.v2.jboss.IDPInfoHolder;
-import org.jboss.identity.federation.saml.v2.jboss.IssuerInfoHolder;
-import org.jboss.identity.federation.saml.v2.jboss.JBossSAMLURIConstants;
-import org.jboss.identity.federation.saml.v2.jboss.SPInfoHolder;
import org.jboss.identity.federation.saml.v2.protocol.AuthnRequestType;
import org.jboss.identity.federation.saml.v2.protocol.ResponseType;
Modified:
identity-federation/trunk/identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/sp/SPRedirectFormAuthenticator.java
===================================================================
---
identity-federation/trunk/identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/sp/SPRedirectFormAuthenticator.java 2008-12-17
17:54:54 UTC (rev 171)
+++
identity-federation/trunk/identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/sp/SPRedirectFormAuthenticator.java 2008-12-17
17:59:06 UTC (rev 172)
@@ -48,12 +48,12 @@
import org.jboss.identity.federation.api.util.Base64;
import org.jboss.identity.federation.api.util.DeflateUtil;
import org.jboss.identity.federation.bindings.util.HTTPRedirectUtil;
+import org.jboss.identity.federation.core.saml.v2.constants.JBossSAMLURIConstants;
import org.jboss.identity.federation.saml.v2.assertion.AssertionType;
import org.jboss.identity.federation.saml.v2.assertion.AttributeStatementType;
import org.jboss.identity.federation.saml.v2.assertion.AttributeType;
import org.jboss.identity.federation.saml.v2.assertion.NameIDType;
import org.jboss.identity.federation.saml.v2.assertion.SubjectType;
-import org.jboss.identity.federation.saml.v2.jboss.JBossSAMLURIConstants;
import org.jboss.identity.federation.saml.v2.protocol.AuthnRequestType;
import org.jboss.identity.federation.saml.v2.protocol.ResponseType;
import org.jboss.identity.federation.saml.v2.protocol.StatusType;
Modified:
identity-federation/trunk/identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/sp/SPRedirectValve.java
===================================================================
---
identity-federation/trunk/identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/sp/SPRedirectValve.java 2008-12-17
17:54:54 UTC (rev 171)
+++
identity-federation/trunk/identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/sp/SPRedirectValve.java 2008-12-17
17:59:06 UTC (rev 172)
@@ -45,13 +45,13 @@
import org.jboss.identity.federation.api.saml.v2.factories.JBossSAMLBaseFactory;
import org.jboss.identity.federation.api.util.Base64;
import org.jboss.identity.federation.api.util.DeflateUtil;
-import org.jboss.identity.federation.bindings.util.HTTPRedirectUtil;
+import org.jboss.identity.federation.bindings.util.HTTPRedirectUtil;
+import org.jboss.identity.federation.core.saml.v2.constants.JBossSAMLURIConstants;
import org.jboss.identity.federation.saml.v2.assertion.AssertionType;
import org.jboss.identity.federation.saml.v2.assertion.AttributeStatementType;
import org.jboss.identity.federation.saml.v2.assertion.AttributeType;
import org.jboss.identity.federation.saml.v2.assertion.NameIDType;
import org.jboss.identity.federation.saml.v2.assertion.SubjectType;
-import org.jboss.identity.federation.saml.v2.jboss.JBossSAMLURIConstants;
import org.jboss.identity.federation.saml.v2.protocol.AuthnRequestType;
import org.jboss.identity.federation.saml.v2.protocol.ResponseType;
import org.jboss.identity.federation.saml.v2.protocol.StatusType;
Added:
identity-federation/trunk/identity-bindings/src/main/java/org/jboss/identity/federation/bindings/util/RedirectBindingSignatureUtil.java
===================================================================
---
identity-federation/trunk/identity-bindings/src/main/java/org/jboss/identity/federation/bindings/util/RedirectBindingSignatureUtil.java
(rev 0)
+++
identity-federation/trunk/identity-bindings/src/main/java/org/jboss/identity/federation/bindings/util/RedirectBindingSignatureUtil.java 2008-12-17
17:59:06 UTC (rev 172)
@@ -0,0 +1,118 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2008, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.identity.federation.bindings.util;
+
+import java.net.URLEncoder;
+import java.security.PrivateKey;
+
+import javax.servlet.http.HttpServletRequest;
+
+import org.jboss.identity.federation.core.saml.v2.util.SignatureUtil;
+
+
+/**
+ * Signature Support for the HTTP/Redirect binding
+ * @author Anil.Saldhana(a)redhat.com
+ * @since Dec 16, 2008
+ */
+public class RedirectBindingSignatureUtil
+{
+ public static String getRequestRedirectURLWithSignature(
+ String urlEncodedRequest, String urlEncodedRelayState,
+ PrivateKey signingKey) throws Exception
+ {
+ StringBuilder sb = new StringBuilder();
+ sb.append("SAMLRequest=").append(urlEncodedRequest);
+ if(urlEncodedRelayState != null && urlEncodedRelayState.length() > 0)
+ {
+
sb.append("&").append("RelayState=").append(urlEncodedRelayState);
+ }
+ //SigAlg
+ String algo = signingKey.getAlgorithm();
+ String sigAlg = SignatureUtil.getXMLSignatureAlgorithmURI(algo);
+
+ sigAlg = URLEncoder.encode(sigAlg, "UTF-8");
+
+ sb.append("&").append("SigAlg=").append(sigAlg);
+
+ byte[] sigValue = SignatureUtil.sign(sb.toString(), signingKey);
+
+ sb.append("&").append("Signature=").append(sigValue);
+
+ return sb.toString();
+ }
+
+ public static String getSignedURL(HttpServletRequest request,
+ PrivateKey signingKey)
+ {
+ //Build the query string
+ String queryString = request.getQueryString();
+ StringBuilder sb = new StringBuilder();
+
+ String req = getToken(queryString, "SAMLRequest");
+ if(req != null)
+ sb.append("SAMLRequest=").append(req);
+ else
+ {
+ String res = getToken(queryString, "SAMLResponse");
+ if(res == null)
+ throw new IllegalStateException("Either SAMLRequest or SAMLResponse
needed");
+
+ sb.append("SAMLResponse=").append(res);
+ }
+
+ sb.append("&");
+
+ //Relay State
+ String relayState = getToken(queryString,"RelayState");
+ if(relayState != null)
+ {
+ sb.append("RelayState=").append(relayState);
+ }
+
+ //SigAlg
+ String algo = signingKey.getAlgorithm();
+ String sigVal = SignatureUtil.getXMLSignatureAlgorithmURI(algo);
+
+ sb.append("SigVal=").append(sigVal);
+ return null;
+ }
+
+ private static String getToken(String queryString, String token)
+ {
+ if(queryString == null)
+ throw new IllegalArgumentException("queryString is null");
+
+ token += "=";
+
+ int start = queryString.indexOf(token);
+ if(start < 0)
+ return null;
+
+ int end = queryString.indexOf("&",start);
+
+ if(end == -1)
+ return queryString.substring(start);
+
+ return queryString.substring(start,end);
+ }
+}
\ No newline at end of file
6348
days inactive
6348
days old
jboss-identity-commits@lists.jboss.org
0 comments
1 participants
participants (1)
-
jboss-identity-commits@lists.jboss.org