Author: anil.saldhana(a)jboss.com
Date: 2009-09-14 16:24:52 -0400 (Mon, 14 Sep 2009)
New Revision: 788
Added:
identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/constants/X500SAMLProfileConstants.java
identity-federation/trunk/jboss-identity-fed-core/src/test/java/org/jboss/test/identity/federation/core/saml/v2/X500AttributeUnitTestCase.java
Modified:
identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/constants/JBossSAMLURIConstants.java
identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/util/StatementUtil.java
Log:
JBID-152: x500 attrib support
Modified:
identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/constants/JBossSAMLURIConstants.java
===================================================================
---
identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/constants/JBossSAMLURIConstants.java 2009-09-12
11:19:54 UTC (rev 787)
+++
identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/constants/JBossSAMLURIConstants.java 2009-09-14
20:24:52 UTC (rev 788)
@@ -98,6 +98,7 @@
TRANSFORM_C14N_EXCL_OMIT_COMMENTS("http://www.w3.org/2001/10/xml-exc...,
+ X500_NSURI("urn:oasis:names:tc:SAML:2.0:profiles:attribute:X500"),
XMLSCHEMA_NSURI("http://www.w3.org/2001/XMLSchema"),
XMLDSIG_NSURI("http://www.w3.org/2000/09/xmldsig#"),
XMLENC_NSURI("http://www.w3.org/2001/04/xmlenc#");
Added:
identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/constants/X500SAMLProfileConstants.java
===================================================================
---
identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/constants/X500SAMLProfileConstants.java
(rev 0)
+++
identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/constants/X500SAMLProfileConstants.java 2009-09-14
20:24:52 UTC (rev 788)
@@ -0,0 +1,56 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2008, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site:
http://www.fsf.org.
+ */
+package org.jboss.identity.federation.core.saml.v2.constants;
+
+/**
+ * @author Anil.Saldhana(a)redhat.com
+ * @since Sep 11, 2009
+ */
+public enum X500SAMLProfileConstants
+{
+
+ CN("commonName", "urn:oid:2.5.4.3"),
+ GIVENNAME("givenName","urn:oid:2.5.4.42"),
+ EMAIL_ADDRESS("mail", "urn:oid:0.9.2342.19200300.100.1.3"),
+ EMPLOYEE_NUMBER("mail", "urn:oid:2.16.840.1.113730.3.1.3"),
+ SN("surname", "urn:oid:2.5.4.4"),
+ TELEPHONE("telephoneNumber", "urn:oid:2.5.4.20");
+
+ private String friendlyName = null;
+ private String uri = null;
+
+ private X500SAMLProfileConstants(String friendlyName,
+ String uristr)
+ {
+ this.uri = uristr;
+ }
+
+ public String get()
+ {
+ return this.uri;
+ }
+
+ public String getFriendlyName()
+ {
+ return friendlyName;
+ }
+}
\ No newline at end of file
Modified:
identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/util/StatementUtil.java
===================================================================
---
identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/util/StatementUtil.java 2009-09-12
11:19:54 UTC (rev 787)
+++
identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/util/StatementUtil.java 2009-09-14
20:24:52 UTC (rev 788)
@@ -26,8 +26,11 @@
import java.util.Map;
import java.util.Set;
+import javax.xml.namespace.QName;
+
import org.jboss.identity.federation.core.constants.AttributeConstants;
import org.jboss.identity.federation.core.saml.v2.constants.JBossSAMLURIConstants;
+import org.jboss.identity.federation.core.saml.v2.constants.X500SAMLProfileConstants;
import org.jboss.identity.federation.core.saml.v2.factories.JBossSAMLBaseFactory;
import org.jboss.identity.federation.saml.v2.assertion.AttributeStatementType;
import org.jboss.identity.federation.saml.v2.assertion.AttributeType;
@@ -41,29 +44,64 @@
*/
public class StatementUtil
{
+ public static final QName X500_QNAME = new
QName(JBossSAMLURIConstants.X500_NSURI.get(),
+ "Encoding");
+
private static ObjectFactory factory = new ObjectFactory();
public static List<StatementAbstractType>
createStatements(Map<String,Object> attributes)
{
+ AttributeStatementType attrStatement = null;
List<StatementAbstractType> statements = new
ArrayList<StatementAbstractType>();
+ int i = 0;
+
Set<String> keys = attributes.keySet();
for(String key: keys)
{
+ if(i == 0)
+ {
+ //Deal with the X500 Profile of SAML2
+ attrStatement = JBossSAMLBaseFactory.createAttributeStatement();
+ i++;
+ }
+ AttributeType att = getX500Attribute();
+
Object value = attributes.get(key);
if(AttributeConstants.EMAIL_ADDRESS.equals(key))
- {
- AttributeStatementType attrStatement =
JBossSAMLBaseFactory.createAttributeStatement();
- AttributeType att = factory.createAttributeType();
- att.setNameFormat(JBossSAMLURIConstants.NAMEID_FORMAT_EMAIL.get());
-
- //rolename
- att.getAttributeValue().add(value);
- attrStatement.getAttributeOrEncryptedAttribute().add(att);
- statements.add(attrStatement);
+ {
+
att.setFriendlyName(X500SAMLProfileConstants.EMAIL_ADDRESS.getFriendlyName());
+ att.setName(X500SAMLProfileConstants.EMAIL_ADDRESS.get());
}
+ else if(AttributeConstants.EMPLOYEE_NUMBER.equals(key))
+ {
+
att.setFriendlyName(X500SAMLProfileConstants.EMPLOYEE_NUMBER.getFriendlyName());
+ att.setName(X500SAMLProfileConstants.EMPLOYEE_NUMBER.get());
+ }
+ else if(AttributeConstants.GIVEN_NAME.equals(key))
+ {
+ att.setFriendlyName(X500SAMLProfileConstants.GIVENNAME.getFriendlyName());
+ att.setName(X500SAMLProfileConstants.GIVENNAME.get());
+ }
+ else if(AttributeConstants.TELEPHONE.equals(key))
+ {
+ att.setFriendlyName(X500SAMLProfileConstants.TELEPHONE.getFriendlyName());
+ att.setName(X500SAMLProfileConstants.TELEPHONE.get());
+ }
+ att.getAttributeValue().add(value);
+ attrStatement.getAttributeOrEncryptedAttribute().add(att);
}
+ statements.add(attrStatement);
return statements;
}
+
+ private static AttributeType getX500Attribute()
+ {
+ AttributeType att = factory.createAttributeType();
+ att.getOtherAttributes().put(X500_QNAME, "LDAP");
+
+ att.setNameFormat(JBossSAMLURIConstants.ATTRIBUTE_FORMAT_URI.get());
+ return att;
+ }
}
\ No newline at end of file
Added:
identity-federation/trunk/jboss-identity-fed-core/src/test/java/org/jboss/test/identity/federation/core/saml/v2/X500AttributeUnitTestCase.java
===================================================================
---
identity-federation/trunk/jboss-identity-fed-core/src/test/java/org/jboss/test/identity/federation/core/saml/v2/X500AttributeUnitTestCase.java
(rev 0)
+++
identity-federation/trunk/jboss-identity-fed-core/src/test/java/org/jboss/test/identity/federation/core/saml/v2/X500AttributeUnitTestCase.java 2009-09-14
20:24:52 UTC (rev 788)
@@ -0,0 +1,108 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2008, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site:
http://www.fsf.org.
+ */
+package org.jboss.test.identity.federation.core.saml.v2;
+
+import java.io.ByteArrayOutputStream;
+import java.util.HashMap;
+import java.util.List;
+import java.util.Map;
+
+import javax.xml.bind.JAXBElement;
+import javax.xml.bind.Marshaller;
+
+import org.jboss.identity.federation.core.constants.AttributeConstants;
+import org.jboss.identity.federation.core.saml.v2.common.IDGenerator;
+import org.jboss.identity.federation.core.saml.v2.constants.JBossSAMLURIConstants;
+import
org.jboss.identity.federation.core.saml.v2.factories.JBossSAMLAuthnResponseFactory;
+import org.jboss.identity.federation.core.saml.v2.factories.SAMLProtocolFactory;
+import org.jboss.identity.federation.core.saml.v2.holders.IDPInfoHolder;
+import org.jboss.identity.federation.core.saml.v2.holders.IssuerInfoHolder;
+import org.jboss.identity.federation.core.saml.v2.holders.SPInfoHolder;
+import org.jboss.identity.federation.core.saml.v2.util.DocumentUtil;
+import org.jboss.identity.federation.core.saml.v2.util.StatementUtil;
+import org.jboss.identity.federation.saml.v2.assertion.AssertionType;
+import org.jboss.identity.federation.saml.v2.assertion.StatementAbstractType;
+import org.jboss.identity.federation.saml.v2.protocol.ResponseType;
+import org.w3c.dom.Document;
+import org.w3c.dom.Element;
+import org.w3c.dom.Node;
+import org.w3c.dom.NodeList;
+
+import junit.framework.TestCase;
+
+/**
+ * Unit test the X500 Profile of SAML2
+ * @author Anil.Saldhana(a)redhat.com
+ * @since Sep 14, 2009
+ */
+public class X500AttributeUnitTestCase extends TestCase
+{
+ public void testX500Marshalling() throws Exception
+ {
+ Map<String,Object> attributes = new HashMap<String, Object>();
+ attributes.put(AttributeConstants.EMAIL_ADDRESS, "test@a");
+ attributes.put(AttributeConstants.GIVEN_NAME, "anil");
+
+ List<StatementAbstractType>
+ statementList = StatementUtil.createStatements(attributes);
+
+ IssuerInfoHolder issuerHolder = new IssuerInfoHolder("http://idp");
+ issuerHolder.setStatusCode(JBossSAMLURIConstants.STATUS_SUCCESS.get());
+
+ IDPInfoHolder idp = new IDPInfoHolder();
+ idp.setNameIDFormatValue(IDGenerator.create());
+
+ ResponseType rt =
JBossSAMLAuthnResponseFactory.createResponseType("response111",
+ new SPInfoHolder(), idp, issuerHolder);
+ assertNotNull(rt);
+
+ AssertionType assertion = (AssertionType)
rt.getAssertionOrEncryptedAssertion().get(0);
+
assertion.getStatementOrAuthnStatementOrAuthzDecisionStatement().addAll(statementList);
+
+ ByteArrayOutputStream baos = new ByteArrayOutputStream();
+
+ Marshaller marshaller =
JBossSAMLAuthnResponseFactory.getValidatingMarshaller(false);
+ JAXBElement<ResponseType> jaxb =
SAMLProtocolFactory.getObjectFactory().createResponse(rt);
+ marshaller.marshal(jaxb, baos);
+ //marshaller.marshal(jaxb, System.out);
+
+ Document samlDom = DocumentUtil.getDocument(new String(baos.toByteArray()));
+ NodeList nl = samlDom.getElementsByTagName("Attribute");
+ assertEquals("nodes = 2", 2, nl.getLength());
+
+ String x500NS = JBossSAMLURIConstants.X500_NSURI.get();
+ String encodingLocalName = "Encoding";
+
+ Element attrib = (Element) nl.item(0);
+ assertTrue("Has ldap encoding?", attrib.hasAttributeNS( x500NS,
encodingLocalName));
+ assertEquals("LDAP",
+ attrib.getAttributeNodeNS(x500NS, encodingLocalName).getNodeValue());
+
+ NodeList nla =
+ attrib.getElementsByTagNameNS(JBossSAMLURIConstants.ASSERTION_NSURI.get(),
+ "AttributeValue");
+
+ Node attribNode = nla.item(0);
+ String nodeValue = attribNode.getTextContent();
+ assertTrue(nodeValue.equals("test@a") ||
nodeValue.equals("anil"));
+ }
+}
\ No newline at end of file