Picketlink SVN: r575 - in federation/trunk: picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/util and 4 other directories.
by picketlink-commits@lists.jboss.org
Author: anil.saldhana(a)jboss.com
Date: 2010-11-30 17:48:15 -0500 (Tue, 30 Nov 2010)
New Revision: 575
Modified:
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLAssertionParser.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLSubjectParser.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/util/SAMLParserUtil.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/SAMLAssertionWriter.java
federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/saml/SAMLAssertionParserTestCase.java
federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/saml/SAMLAuthnRequestParserTestCase.java
federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/saml/SAMLResponseParserTestCase.java
federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/saml/SAMLSloResponseParserTestCase.java
federation/trunk/picketlink-fed-core/src/test/resources/parser/saml2/saml2-response-assertion-subject.xml
federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/newmodel/saml/v2/assertion/AssertionType.java
federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/newmodel/saml/v2/assertion/AuthnContextType.java
Log:
fixes
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLAssertionParser.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLAssertionParser.java 2010-11-30 22:16:55 UTC (rev 574)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLAssertionParser.java 2010-11-30 22:48:15 UTC (rev 575)
@@ -83,11 +83,8 @@
encryptedAssertion.setEncryptedElement( resultDocument.getDocumentElement() );
return encryptedAssertion;
}
-
+
-
-
-
startElement = StaxParserUtil.getNextStartElement(xmlEventReader);
//Special case: Encrypted Assertion
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLSubjectParser.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLSubjectParser.java 2010-11-30 22:16:55 UTC (rev 574)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLSubjectParser.java 2010-11-30 22:48:15 UTC (rev 575)
@@ -121,14 +121,7 @@
//Get the end tag
EndElement endElement = (EndElement) StaxParserUtil.getNextEvent(xmlEventReader);
StaxParserUtil.matches(endElement, JBossSAMLConstants.SUBJECT_CONFIRMATION.get() );
- }
- else if( JBossSAMLConstants.ATTRIBUTE_STATEMENT.get().equals( tag ))
- {
- throw new RuntimeException( "NYI" );
- /*AttributeStatementType attributeStatement = SAMLParserUtil.parseAttributeStatement(xmlEventReader);
- JAXBElement<?> jaxbEl = SAMLAssertionFactory.getObjectFactory().createAttributeStatement(attributeStatement);
- subject.getContent().add( jaxbEl );*/
- }
+ }
else throw new RuntimeException( "Unknown tag:" + tag );
}
return subject;
@@ -241,5 +234,5 @@
}
}
return keyInfo;
- }
+ }
}
\ No newline at end of file
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/util/SAMLParserUtil.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/util/SAMLParserUtil.java 2010-11-30 22:16:55 UTC (rev 574)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/util/SAMLParserUtil.java 2010-11-30 22:48:15 UTC (rev 575)
@@ -37,7 +37,7 @@
import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AttributeStatementType.ASTChoiceType;
import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AttributeType;
import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AuthnContextClassRefType;
-import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AuthnContextDeclType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AuthnContextDeclRefType;
import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AuthnContextType;
import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AuthnStatementType;
import org.picketlink.identity.federation.newmodel.saml.v2.assertion.NameIDType;
@@ -220,7 +220,7 @@
{
String text = StaxParserUtil.getElementText( xmlEventReader );
- AuthnContextDeclType aAuthnContextDeclType = new AuthnContextDeclType( NetworkUtil.createURI(text));
+ AuthnContextDeclRefType aAuthnContextDeclType = new AuthnContextDeclRefType( NetworkUtil.createURI(text));
authnContextType.addURIType(aAuthnContextDeclType);
EndElement endElement = StaxParserUtil.getNextEndElement(xmlEventReader);
StaxParserUtil.validate(endElement, JBossSAMLConstants.AUTHN_CONTEXT.get() );
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/SAMLAssertionWriter.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/SAMLAssertionWriter.java 2010-11-30 22:16:55 UTC (rev 574)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/SAMLAssertionWriter.java 2010-11-30 22:48:15 UTC (rev 575)
@@ -89,7 +89,8 @@
StaxUtil.writeAttribute( writer, JBossSAMLConstants.ISSUE_INSTANT.get(), assertion.getIssueInstant().toString() );
NameIDType issuer = assertion.getIssuer();
- write( issuer, new QName( ASSERTION_NSURI.get(), JBossSAMLConstants.ISSUER.get() ) );
+ if( issuer != null )
+ write( issuer, new QName( ASSERTION_NSURI.get(), JBossSAMLConstants.ISSUER.get() ) );
SubjectType subject = assertion.getSubject();
if( subject != null )
Modified: federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/saml/SAMLAssertionParserTestCase.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/saml/SAMLAssertionParserTestCase.java 2010-11-30 22:16:55 UTC (rev 574)
+++ federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/saml/SAMLAssertionParserTestCase.java 2010-11-30 22:48:15 UTC (rev 575)
@@ -31,7 +31,6 @@
import java.util.List;
import java.util.Set;
-import javax.xml.bind.JAXBElement;
import javax.xml.namespace.QName;
import org.junit.Test;
@@ -41,9 +40,19 @@
import org.picketlink.identity.federation.core.saml.v2.util.DocumentUtil;
import org.picketlink.identity.federation.core.saml.v2.util.XMLTimeUtil;
import org.picketlink.identity.federation.core.saml.v2.writers.SAMLAssertionWriter;
-import org.picketlink.identity.federation.core.util.StaxUtil;
-import org.picketlink.identity.federation.newmodel.saml.v2.assertion.*;
+import org.picketlink.identity.federation.core.util.StaxUtil;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AssertionType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AttributeStatementType;
import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AttributeStatementType.ASTChoiceType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AttributeType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AudienceRestrictionType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AuthnStatementType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.ConditionsType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.NameIDType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.StatementAbstractType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.SubjectConfirmationDataType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.SubjectConfirmationType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.SubjectType;
import org.picketlink.identity.federation.newmodel.saml.v2.assertion.SubjectType.STSubType;
/**
@@ -74,12 +83,12 @@
STSubType subType = subject.getSubType();
NameIDType subjectNameID = (NameIDType) subType.getBaseID();
assertEquals( "jduke", subjectNameID.getValue() );
- assertEquals( "urn:picketlink:identity-federation", subjectNameID.getNameQualifier() );
- SubjectConfirmationType subjectConfirmation = subject.getConfirmation().get(0 );
- SubjectConfirmationDataType subjectConfirmationDataType = subjectConfirmation.getSubjectConfirmationData();
- assertEquals( XMLTimeUtil.parse( "2010-09-30T19:13:37.869Z" ) , subjectConfirmationDataType.getNotBefore() );
- assertEquals( XMLTimeUtil.parse( "2010-09-30T21:13:37.869Z" ) , subjectConfirmationDataType.getNotOnOrAfter() );
+ assertEquals( "urn:picketlink:identity-federation", subjectNameID.getNameQualifier() );
+ ConditionsType conditions = assertion.getConditions();
+ assertEquals( XMLTimeUtil.parse( "2010-09-30T19:13:37.869Z" ) , conditions.getNotBefore() );
+ assertEquals( XMLTimeUtil.parse( "2010-09-30T21:13:37.869Z" ) , conditions.getNotOnOrAfter() );
+
/*List<JAXBElement<?>> content = subject.getContent();
int size = content.size();
@@ -144,7 +153,7 @@
AudienceRestrictionType audienceRestrictionType = (AudienceRestrictionType) conditions.getConditions().get(0);
assertEquals( 1, audienceRestrictionType.getAudience().size() );
- assertEquals( "http://services.testcorp.org/provider2", audienceRestrictionType.getAudience().get( 0 ));
+ assertEquals( "http://services.testcorp.org/provider2", audienceRestrictionType.getAudience().get( 0 ).toASCIIString());
/*List<JAXBElement<?>> content = subject.getContent();
@@ -230,7 +239,7 @@
STSubType subType = subject.getSubType();
NameIDType subjectNameID = (NameIDType) subType.getBaseID();
assertEquals( "3f7b3dcf-1674-4ecd-92c8-1544f346baf8", subjectNameID.getValue() );
- assertEquals( "urn:oasis:names:tc:SAML:2.0:nameid-format:transient", subjectNameID.getFormat() );
+ assertEquals( "urn:oasis:names:tc:SAML:2.0:nameid-format:transient", subjectNameID.getFormat().toString() );
SubjectConfirmationType subjectConfirmation = subject.getConfirmation().get(0 );
assertEquals( "urn:oasis:names:tc:SAML:2.0:cm:bearer", subjectConfirmation.getMethod() );
@@ -246,7 +255,7 @@
AudienceRestrictionType audienceRestrictionType = (AudienceRestrictionType) conditions.getConditions().get(0);
assertEquals( 1, audienceRestrictionType.getAudience().size() );
- assertEquals( "https://sp.example.com/SAML2", audienceRestrictionType.getAudience().get( 0 ));
+ assertEquals( "https://sp.example.com/SAML2", audienceRestrictionType.getAudience().get( 0 ).toString());
/*List<JAXBElement<?>> content = subject.getContent();
Modified: federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/saml/SAMLAuthnRequestParserTestCase.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/saml/SAMLAuthnRequestParserTestCase.java 2010-11-30 22:16:55 UTC (rev 574)
+++ federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/saml/SAMLAuthnRequestParserTestCase.java 2010-11-30 22:48:15 UTC (rev 575)
@@ -54,11 +54,11 @@
AuthnRequestType authnRequest = ( AuthnRequestType ) parser.parse(configStream);
assertNotNull( "AuthnRequestType is not null", authnRequest );
- assertEquals( "http://localhost/org.eclipse.higgins.saml2idp.test/SAMLEndpoint", authnRequest.getAssertionConsumerServiceURL() );
- assertEquals( "http://localhost/org.eclipse.higgins.saml2idp.server/SAMLEndpoint", authnRequest.getDestination() );
+ assertEquals( "http://localhost/org.eclipse.higgins.saml2idp.test/SAMLEndpoint", authnRequest.getAssertionConsumerServiceURL().toString() );
+ assertEquals( "http://localhost/org.eclipse.higgins.saml2idp.server/SAMLEndpoint", authnRequest.getDestination().toString() );
assertEquals( "a2sffdlgdhgfg32fdldsdghdsgdgfdglgx", authnRequest.getID() );
assertEquals( XMLTimeUtil.parse( "2007-12-17T18:40:52.203Z" ), authnRequest.getIssueInstant() );
- assertEquals( "urn:oasis:names.tc:SAML:2.0:bindings:HTTP-Redirect", authnRequest.getProtocolBinding() );
+ assertEquals( "urn:oasis:names.tc:SAML:2.0:bindings:HTTP-Redirect", authnRequest.getProtocolBinding().toString() );
assertEquals( "Test SAML2 SP", authnRequest.getProviderName() );
assertEquals( "2.0", authnRequest.getVersion() );
@@ -67,7 +67,7 @@
//NameID Policy
NameIDPolicyType nameIDPolicy = authnRequest.getNameIDPolicy();
- assertEquals( "urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified", nameIDPolicy.getFormat() );
+ assertEquals( "urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified", nameIDPolicy.getFormat().toString() );
assertEquals( Boolean.TRUE , nameIDPolicy.isAllowCreate() );
//Try out writing
Modified: federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/saml/SAMLResponseParserTestCase.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/saml/SAMLResponseParserTestCase.java 2010-11-30 22:16:55 UTC (rev 574)
+++ federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/saml/SAMLResponseParserTestCase.java 2010-11-30 22:48:15 UTC (rev 575)
@@ -30,14 +30,12 @@
import java.util.Iterator;
import java.util.List;
-import javax.xml.bind.JAXBElement;
-
import org.junit.Test;
import org.picketlink.identity.federation.core.parsers.saml.SAMLParser;
import org.picketlink.identity.federation.core.saml.v2.util.DocumentUtil;
import org.picketlink.identity.federation.core.saml.v2.util.XMLTimeUtil;
import org.picketlink.identity.federation.core.saml.v2.writers.SAMLResponseWriter;
-import org.picketlink.identity.federation.core.util.StaxUtil;
+import org.picketlink.identity.federation.core.util.StaxUtil;
import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AssertionType;
import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AttributeStatementType;
import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AttributeType;
@@ -49,8 +47,9 @@
import org.picketlink.identity.federation.newmodel.saml.v2.assertion.SubjectConfirmationDataType;
import org.picketlink.identity.federation.newmodel.saml.v2.assertion.SubjectConfirmationType;
import org.picketlink.identity.federation.newmodel.saml.v2.assertion.SubjectType;
-import org.picketlink.identity.federation.newmodel.saml.v2.protocol.*;
+import org.picketlink.identity.federation.newmodel.saml.v2.protocol.ResponseType;
import org.picketlink.identity.federation.newmodel.saml.v2.protocol.ResponseType.RTChoiceType;
+import org.picketlink.identity.federation.newmodel.saml.v2.protocol.StatusType;
/**
* Validate the parsing of SAML2 Response
@@ -78,7 +77,7 @@
//Status
StatusType status = response.getStatus();
- assertEquals( "urn:oasis:names:tc:SAML:2.0:status:Success", status.getStatusCode().getValue() );
+ assertEquals( "urn:oasis:names:tc:SAML:2.0:status:Success", status.getStatusCode().getValue().toString() );
List<RTChoiceType> assertionList = response.getAssertions();
assertEquals( 2, assertionList.size() );
@@ -149,7 +148,7 @@
//Status
StatusType status = response.getStatus();
- assertEquals( "urn:oasis:names:tc:SAML:2.0:status:Success", status.getStatusCode().getValue() );
+ assertEquals( "urn:oasis:names:tc:SAML:2.0:status:Success", status.getStatusCode().getValue().toString() );
//Get the assertion
AssertionType assertion = (AssertionType) response.getAssertions().get(0).getAssertion();
@@ -164,7 +163,7 @@
NameIDType subjectNameID = (NameIDType) subject.getSubType().getBaseID();
assertEquals( "anil", subjectNameID.getValue() );
- assertEquals( "urn:oasis:names:tc:SAML:2.0:nameid-format:persistent", subjectNameID.getFormat() );
+ assertEquals( "urn:oasis:names:tc:SAML:2.0:nameid-format:persistent", subjectNameID.getFormat().toString() );
SubjectConfirmationType subjectConfirmation = subject.getConfirmation().get(0);
Modified: federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/saml/SAMLSloResponseParserTestCase.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/saml/SAMLSloResponseParserTestCase.java 2010-11-30 22:16:55 UTC (rev 574)
+++ federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/saml/SAMLSloResponseParserTestCase.java 2010-11-30 22:48:15 UTC (rev 575)
@@ -66,8 +66,8 @@
//Status
StatusType status = response.getStatus();
- assertEquals( "urn:oasis:names:tc:SAML:2.0:status:Responder", status.getStatusCode().getValue() );
- assertEquals( "urn:oasis:names:tc:SAML:2.0:status:Success", status.getStatusCode().getStatusCode().getValue() );
+ assertEquals( "urn:oasis:names:tc:SAML:2.0:status:Responder", status.getStatusCode().getValue().toString() );
+ assertEquals( "urn:oasis:names:tc:SAML:2.0:status:Success", status.getStatusCode().getStatusCode().getValue().toString() );
//Let us do some writing - currently only visual inspection. We will do proper validation later.
ByteArrayOutputStream baos = new ByteArrayOutputStream();
Modified: federation/trunk/picketlink-fed-core/src/test/resources/parser/saml2/saml2-response-assertion-subject.xml
===================================================================
--- federation/trunk/picketlink-fed-core/src/test/resources/parser/saml2/saml2-response-assertion-subject.xml 2010-11-30 22:16:55 UTC (rev 574)
+++ federation/trunk/picketlink-fed-core/src/test/resources/parser/saml2/saml2-response-assertion-subject.xml 2010-11-30 22:48:15 UTC (rev 575)
@@ -17,6 +17,8 @@
InResponseTo="ID_04ded476-d73c-48af-b3a9-232a52905ffb" NotBefore="2010-11-04T00:19:16.842-05:00"
NotOnOrAfter="2010-11-04T00:19:16.842-05:00" Recipient="http://localhost:8080/employee/"></saml:SubjectConfirmationData>
</saml:SubjectConfirmation>
+
+ </saml:Subject>
<saml:AttributeStatement>
<saml:Attribute Name="role" FriendlyName="role"
NameFormat="role">
@@ -31,6 +33,5 @@
</saml:AttributeValue>
</saml:Attribute>
</saml:AttributeStatement>
- </saml:Subject>
</saml:Assertion>
</samlp:Response>
\ No newline at end of file
Modified: federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/newmodel/saml/v2/assertion/AssertionType.java
===================================================================
--- federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/newmodel/saml/v2/assertion/AssertionType.java 2010-11-30 22:16:55 UTC (rev 574)
+++ federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/newmodel/saml/v2/assertion/AssertionType.java 2010-11-30 22:48:15 UTC (rev 575)
@@ -23,8 +23,8 @@
import java.util.Collection;
import java.util.Collections;
+import java.util.LinkedHashSet;
import java.util.Set;
-import java.util.TreeSet;
import javax.xml.datatype.XMLGregorianCalendar;
@@ -70,7 +70,7 @@
private ConditionsType conditions;
- private Set<StatementAbstractType> statements = new TreeSet<StatementAbstractType>();
+ private Set<StatementAbstractType> statements = new LinkedHashSet<StatementAbstractType>();
public AssertionType(String iD, XMLGregorianCalendar issueInstant, String version)
{
Modified: federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/newmodel/saml/v2/assertion/AuthnContextType.java
===================================================================
--- federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/newmodel/saml/v2/assertion/AuthnContextType.java 2010-11-30 22:16:55 UTC (rev 574)
+++ federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/newmodel/saml/v2/assertion/AuthnContextType.java 2010-11-30 22:48:15 UTC (rev 575)
@@ -25,8 +25,8 @@
import java.util.Arrays;
import java.util.Collections;
import java.util.HashSet;
+import java.util.LinkedHashSet;
import java.util.Set;
-import java.util.TreeSet;
@@ -64,7 +64,7 @@
*/
public class AuthnContextType
{
- private Set<URI> authenticatingAuthority = new TreeSet<URI>();
+ private Set<URI> authenticatingAuthority = new LinkedHashSet<URI>();
private AuthnContextTypeSequence sequence;
14 years, 1 month
Picketlink SVN: r574 - in federation/trunk: picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers and 1 other directories.
by picketlink-commits@lists.jboss.org
Author: anil.saldhana(a)jboss.com
Date: 2010-11-30 17:16:55 -0500 (Tue, 30 Nov 2010)
New Revision: 574
Modified:
federation/trunk/picketlink-fed-api/src/test/java/org/picketlink/test/identity/federation/api/util/XMLEncryptionUnitTestCase.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/SAMLResponseWriter.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/util/StaxUtil.java
Log:
some fixes with xml enc
Modified: federation/trunk/picketlink-fed-api/src/test/java/org/picketlink/test/identity/federation/api/util/XMLEncryptionUnitTestCase.java
===================================================================
--- federation/trunk/picketlink-fed-api/src/test/java/org/picketlink/test/identity/federation/api/util/XMLEncryptionUnitTestCase.java 2010-11-30 21:48:59 UTC (rev 573)
+++ federation/trunk/picketlink-fed-api/src/test/java/org/picketlink/test/identity/federation/api/util/XMLEncryptionUnitTestCase.java 2010-11-30 22:16:55 UTC (rev 574)
@@ -21,9 +21,7 @@
*/
package org.picketlink.test.identity.federation.api.util;
-import java.io.ByteArrayInputStream;
import java.io.InputStream;
-import java.io.StringWriter;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.PrivateKey;
@@ -101,48 +99,8 @@
AssertionType assertion = (AssertionType) newRT.getAssertions().get(0).getAssertion();
assertEquals("testPrincipal", assertion.getIssuer().getValue());
- }
+ }
- public void testEncryptAssertionWithMarshalling() throws Exception
- {
- KeyPair kp = this.getKeyPair("RSA");
- SecretKey sk = this.getSecretKey();
-
- ResponseType rt = createResponse();
- Document responseDoc = sr.convert(rt);
-
- String assertionNS = JBossSAMLURIConstants.ASSERTION_NSURI.get();
-
- QName assertionQName = new QName(assertionNS, "EncryptedAssertion", "saml");
-
- Element docElement = XMLEncryptionUtil.encryptElementInDocument(responseDoc,kp.getPublic(), sk,
- 128, assertionQName, true);
-
- EncryptedAssertionType eet = sr.getEncryptedAssertion(DocumentUtil.getNodeAsStream(docElement));
- rt.addAssertion( new RTChoiceType( eet ));
-
- StringWriter sw = new StringWriter();
- sr.marshall(rt, sw);
-
-
- System.out.println( sw.toString() );
-
- //Create a brand new ResponseType
- ResponseType received = sr.getResponseType(new ByteArrayInputStream(sw.toString().getBytes("UTF-8")));
-
- EncryptedAssertionType encryptedAssertionType = received.getAssertions().get(0).getEncryptedAssertion();
- Document eetDoc = sr.convert( encryptedAssertionType );
-
- Element decryptedDocumentElement = XMLEncryptionUtil.decryptElementInDocument(eetDoc,kp.getPrivate());
-
- //Let us use the encrypted doc element to decrypt it
- ResponseType newRT = sr.getResponseType(DocumentUtil.getNodeAsStream(decryptedDocumentElement));
-
- AssertionType assertion = newRT.getAssertions().get(0).getAssertion();
- assertEquals("http://identityurl", assertion.getIssuer().getValue());
- }
-
-
public void testArbitraryXML() throws Exception
{
String myXML = "<somexml><a><b></b></a></somexml>";
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/SAMLResponseWriter.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/SAMLResponseWriter.java 2010-11-30 21:48:59 UTC (rev 573)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/SAMLResponseWriter.java 2010-11-30 22:16:55 UTC (rev 574)
@@ -30,10 +30,8 @@
import javax.xml.namespace.QName;
import javax.xml.stream.XMLStreamWriter;
-import org.picketlink.identity.federation.core.exceptions.ConfigurationException;
import org.picketlink.identity.federation.core.exceptions.ProcessingException;
import org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLConstants;
-import org.picketlink.identity.federation.core.saml.v2.util.DocumentUtil;
import org.picketlink.identity.federation.core.util.StaxUtil;
import org.picketlink.identity.federation.core.util.StringUtil;
import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AssertionType;
@@ -45,7 +43,6 @@
import org.picketlink.identity.federation.newmodel.saml.v2.protocol.StatusDetailType;
import org.picketlink.identity.federation.newmodel.saml.v2.protocol.StatusResponseType;
import org.picketlink.identity.federation.newmodel.saml.v2.protocol.StatusType;
-import org.w3c.dom.Element;
/**
* Write a SAML Response to stream
@@ -97,15 +94,7 @@
EncryptedAssertionType encryptedAssertion = choiceType.getEncryptedAssertion();
if( encryptedAssertion != null )
{
- Element encryptedElement = encryptedAssertion.getEncryptedElement();
- try
- {
- StaxUtil.writeCharacters(writer, DocumentUtil.getNodeAsString(encryptedElement));
- }
- catch (ConfigurationException e)
- {
- throw new ProcessingException( e );
- }
+ //Skip
}
}
}
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/util/StaxUtil.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/util/StaxUtil.java 2010-11-30 21:48:59 UTC (rev 573)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/util/StaxUtil.java 2010-11-30 22:16:55 UTC (rev 574)
@@ -244,6 +244,25 @@
throw new ProcessingException(e);
}
}
+
+ /**
+ * Write a string as text node
+ *
+ * @param writer
+ * @param value
+ * @throws ProcessingException
+ */
+ public static void writeCData(XMLStreamWriter writer, String value) throws ProcessingException
+ {
+ try
+ {
+ writer.writeCData( value );
+ }
+ catch (XMLStreamException e)
+ {
+ throw new ProcessingException(e);
+ }
+ }
/**
* Write the default namespace
14 years, 1 month
Picketlink SVN: r573 - in federation/trunk: picketlink-bindings-jboss/src/test/java/org/picketlink/test/identity/federation/bindings/jboss/auth and 10 other directories.
by picketlink-commits@lists.jboss.org
Author: anil.saldhana(a)jboss.com
Date: 2010-11-30 16:48:59 -0500 (Tue, 30 Nov 2010)
New Revision: 573
Modified:
federation/trunk/picketlink-bindings-jboss/src/main/java/org/picketlink/identity/federation/bindings/jboss/auth/SAML20TokenRoleAttributeProvider.java
federation/trunk/picketlink-bindings-jboss/src/test/java/org/picketlink/test/identity/federation/bindings/jboss/auth/STSMappingProviderUnitTestCase.java
federation/trunk/picketlink-fed-api/src/main/java/org/picketlink/identity/federation/api/saml/v2/response/SAML2Response.java
federation/trunk/picketlink-fed-api/src/test/java/org/picketlink/test/identity/federation/api/saml/v2/SignatureValidationUnitTestCase.java
federation/trunk/picketlink-fed-api/src/test/java/org/picketlink/test/identity/federation/api/util/XMLEncryptionUnitTestCase.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLAssertionParser.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLParser.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLResponseParser.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLSloResponseParser.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLStatusResponseTypeParser.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLSubjectParser.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/util/SAMLParserUtil.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/constants/JBossSAMLConstants.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/factories/JBossSAMLBaseFactory.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/util/AssertionUtil.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/util/StatementUtil.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/SAMLAssertionWriter.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/SAMLResponseWriter.java
federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/newmodel/saml/v2/assertion/AttributeType.java
federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/newmodel/saml/v2/assertion/AuthnContextType.java
Log:
fixes
Modified: federation/trunk/picketlink-bindings-jboss/src/main/java/org/picketlink/identity/federation/bindings/jboss/auth/SAML20TokenRoleAttributeProvider.java
===================================================================
--- federation/trunk/picketlink-bindings-jboss/src/main/java/org/picketlink/identity/federation/bindings/jboss/auth/SAML20TokenRoleAttributeProvider.java 2010-11-30 16:56:07 UTC (rev 572)
+++ federation/trunk/picketlink-bindings-jboss/src/main/java/org/picketlink/identity/federation/bindings/jboss/auth/SAML20TokenRoleAttributeProvider.java 2010-11-30 21:48:59 UTC (rev 573)
@@ -84,8 +84,7 @@
else
{
AttributeStatementType attributeStatement = new AttributeStatementType();
- AttributeType rolesAttribute = new AttributeType();
- rolesAttribute.setName(tokenRoleAttributeName);
+ AttributeType rolesAttribute = new AttributeType( tokenRoleAttributeName );
attributeStatement.addAttribute( new ASTChoiceType(rolesAttribute) );
List<Object> roles = rolesAttribute.getAttributeValue();
Modified: federation/trunk/picketlink-bindings-jboss/src/test/java/org/picketlink/test/identity/federation/bindings/jboss/auth/STSMappingProviderUnitTestCase.java
===================================================================
--- federation/trunk/picketlink-bindings-jboss/src/test/java/org/picketlink/test/identity/federation/bindings/jboss/auth/STSMappingProviderUnitTestCase.java 2010-11-30 16:56:07 UTC (rev 572)
+++ federation/trunk/picketlink-bindings-jboss/src/test/java/org/picketlink/test/identity/federation/bindings/jboss/auth/STSMappingProviderUnitTestCase.java 2010-11-30 21:48:59 UTC (rev 573)
@@ -78,9 +78,8 @@
AssertionType assertion = new AssertionType( "ID_SOME", XMLTimeUtil.getIssueInstant(), JBossSAMLConstants.VERSION_2_0.get());
AttributeStatementType attributeStatementType = new AttributeStatementType();
assertion.addStatement( attributeStatementType );
- AttributeType attributeType = new AttributeType();
- attributeStatementType.addAttribute( new ASTChoiceType(attributeType));
- attributeType.setName(roleAttributeName);
+ AttributeType attributeType = new AttributeType( roleAttributeName );
+ attributeStatementType.addAttribute( new ASTChoiceType(attributeType));
attributeType.getAttributeValue().add(role1);
attributeType.getAttributeValue().add(role2);
Modified: federation/trunk/picketlink-fed-api/src/main/java/org/picketlink/identity/federation/api/saml/v2/response/SAML2Response.java
===================================================================
--- federation/trunk/picketlink-fed-api/src/main/java/org/picketlink/identity/federation/api/saml/v2/response/SAML2Response.java 2010-11-30 16:56:07 UTC (rev 572)
+++ federation/trunk/picketlink-fed-api/src/main/java/org/picketlink/identity/federation/api/saml/v2/response/SAML2Response.java 2010-11-30 21:48:59 UTC (rev 573)
@@ -305,6 +305,8 @@
/*JAXBContext jaxb = JAXBUtil.getJAXBContext(EncryptedElementType.class);
Binder<Node> binder = jaxb.createBinder();
*/
+ if( encryptedElementType == null )
+ throw new IllegalArgumentException( "encryptedElementType is null ");
Document doc = DocumentUtil.createDocument();
Node importedNode = doc.importNode( encryptedElementType.getEncryptedElement(), true );
doc.appendChild(importedNode);
Modified: federation/trunk/picketlink-fed-api/src/test/java/org/picketlink/test/identity/federation/api/saml/v2/SignatureValidationUnitTestCase.java
===================================================================
--- federation/trunk/picketlink-fed-api/src/test/java/org/picketlink/test/identity/federation/api/saml/v2/SignatureValidationUnitTestCase.java 2010-11-30 16:56:07 UTC (rev 572)
+++ federation/trunk/picketlink-fed-api/src/test/java/org/picketlink/test/identity/federation/api/saml/v2/SignatureValidationUnitTestCase.java 2010-11-30 21:48:59 UTC (rev 573)
@@ -28,10 +28,9 @@
import java.security.KeyPair;
import java.security.KeyPairGenerator;
-import javax.xml.bind.Binder;
-import javax.xml.bind.JAXBElement;
import javax.xml.crypto.dsig.SignatureMethod;
+import org.junit.Test;
import org.picketlink.identity.federation.api.saml.v2.request.SAML2Request;
import org.picketlink.identity.federation.api.saml.v2.response.SAML2Response;
import org.picketlink.identity.federation.api.saml.v2.sig.SAML2Signature;
@@ -41,12 +40,11 @@
import org.picketlink.identity.federation.core.saml.v2.util.DocumentUtil;
import org.picketlink.identity.federation.core.saml.v2.util.SignatureUtil;
import org.picketlink.identity.federation.core.saml.v2.util.XMLTimeUtil;
-import org.picketlink.identity.federation.core.util.XMLSignatureUtil;
+import org.picketlink.identity.federation.core.util.XMLSignatureUtil;
import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AssertionType;
import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AuthnStatementType;
import org.picketlink.identity.federation.newmodel.saml.v2.protocol.AuthnRequestType;
import org.picketlink.identity.federation.newmodel.saml.v2.protocol.ResponseType;
-import org.junit.Test;
import org.w3c.dom.Document;
import org.w3c.dom.Node;
@@ -126,7 +124,6 @@
assertTrue(isValid);
}
- @SuppressWarnings("unchecked")
@Test
public void testSigningAnAssertionWithinResponse() throws Exception
{
Modified: federation/trunk/picketlink-fed-api/src/test/java/org/picketlink/test/identity/federation/api/util/XMLEncryptionUnitTestCase.java
===================================================================
--- federation/trunk/picketlink-fed-api/src/test/java/org/picketlink/test/identity/federation/api/util/XMLEncryptionUnitTestCase.java 2010-11-30 16:56:07 UTC (rev 572)
+++ federation/trunk/picketlink-fed-api/src/test/java/org/picketlink/test/identity/federation/api/util/XMLEncryptionUnitTestCase.java 2010-11-30 21:48:59 UTC (rev 573)
@@ -22,6 +22,7 @@
package org.picketlink.test.identity.federation.api.util;
import java.io.ByteArrayInputStream;
+import java.io.InputStream;
import java.io.StringWriter;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
@@ -79,22 +80,26 @@
Element docElement = XMLEncryptionUtil.encryptElementInDocument(responseDoc,kp.getPublic(), sk,
128, assertionQName, true);
-
- EncryptedAssertionType eet = sr.getEncryptedAssertion(DocumentUtil.getNodeAsStream(docElement));
+
+ // System.out.println( DocumentUtil.getNodeAsString(docElement));
+
+ InputStream is = DocumentUtil.getNodeAsStream( docElement );
+ EncryptedAssertionType eet = sr.getEncryptedAssertion( is );
rt.addAssertion( new RTChoiceType( eet ) );
- RTChoiceType choiceType = rt.getAssertions().get(0);
+ RTChoiceType choiceType = rt.getAssertions().get(1);
EncryptedAssertionType encryptedAssertionType = choiceType.getEncryptedAssertion();
Document eetDoc = sr.convert( encryptedAssertionType );
Element decryptedDocumentElement = XMLEncryptionUtil.decryptElementInDocument(eetDoc,kp.getPrivate());
+
+ //Let us use the encrypted doc element to decrypt it
- //Let us use the encrypted doc element to decrypt it
ResponseType newRT = sr.getResponseType(DocumentUtil.getNodeAsStream(decryptedDocumentElement));
AssertionType assertion = (AssertionType) newRT.getAssertions().get(0).getAssertion();
- assertEquals("http://identityurl", assertion.getIssuer().getValue());
+ assertEquals("testPrincipal", assertion.getIssuer().getValue());
}
@@ -119,6 +124,9 @@
StringWriter sw = new StringWriter();
sr.marshall(rt, sw);
+
+ System.out.println( sw.toString() );
+
//Create a brand new ResponseType
ResponseType received = sr.getResponseType(new ByteArrayInputStream(sw.toString().getBytes("UTF-8")));
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLAssertionParser.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLAssertionParser.java 2010-11-30 16:56:07 UTC (rev 572)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLAssertionParser.java 2010-11-30 21:48:59 UTC (rev 573)
@@ -28,6 +28,9 @@
import javax.xml.stream.events.EndElement;
import javax.xml.stream.events.StartElement;
import javax.xml.stream.events.XMLEvent;
+import javax.xml.transform.Transformer;
+import javax.xml.transform.dom.DOMResult;
+import javax.xml.transform.stax.StAXSource;
import org.picketlink.identity.federation.core.exceptions.ParsingException;
import org.picketlink.identity.federation.core.parsers.ParserNamespaceSupport;
@@ -35,8 +38,11 @@
import org.picketlink.identity.federation.core.parsers.util.StaxParserUtil;
import org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLConstants;
import org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLURIConstants;
+import org.picketlink.identity.federation.core.saml.v2.util.DocumentUtil;
import org.picketlink.identity.federation.core.saml.v2.util.XMLTimeUtil;
+import org.picketlink.identity.federation.core.util.TransformerUtil;
import org.picketlink.identity.federation.newmodel.saml.v2.assertion.*;
+import org.w3c.dom.Document;
/**
* Parse the saml assertion
@@ -52,7 +58,39 @@
*/
public Object parse(XMLEventReader xmlEventReader) throws ParsingException
{
- StartElement startElement = StaxParserUtil.getNextStartElement(xmlEventReader);
+ StartElement startElement = StaxParserUtil.peekNextStartElement(xmlEventReader);
+ String startElementName = StaxParserUtil.getStartElementName(startElement);
+ if( startElementName.equals( JBossSAMLConstants.ENCRYPTED_ASSERTION.get() ))
+ {
+ Document resultDocument;
+ try
+ {
+ resultDocument = DocumentUtil.createDocument();
+ DOMResult domResult = new DOMResult( resultDocument );
+
+ //Let us parse <b><c><d> using transformer
+ StAXSource source = new StAXSource(xmlEventReader);
+
+ Transformer transformer = TransformerUtil.getStaxSourceToDomResultTransformer();
+ transformer.transform( source, domResult );
+ }
+ catch ( Exception e)
+ {
+ throw new RuntimeException( e );
+ }
+
+ EncryptedAssertionType encryptedAssertion = new EncryptedAssertionType();
+ encryptedAssertion.setEncryptedElement( resultDocument.getDocumentElement() );
+ return encryptedAssertion;
+ }
+
+
+
+
+
+ startElement = StaxParserUtil.getNextStartElement(xmlEventReader);
+
+ //Special case: Encrypted Assertion
StaxParserUtil.validate(startElement, ASSERTION );
AssertionType assertion = parseBaseAttributes( startElement );
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLParser.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLParser.java 2010-11-30 16:56:07 UTC (rev 572)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLParser.java 2010-11-30 21:48:59 UTC (rev 573)
@@ -85,8 +85,12 @@
SAMLResponseParser responseParser = new SAMLResponseParser();
return responseParser.parse( xmlEventReader );
}
- else
- throw new RuntimeException( "Unknown Tag:" + elementName );
+ else if( JBossSAMLURIConstants.ASSERTION_NSURI.get().equals(nsURI) )
+ {
+ SAMLAssertionParser assertionParser = new SAMLAssertionParser();
+ return assertionParser.parse( xmlEventReader );
+ }
+ else throw new RuntimeException( "Unknown Tag:" + elementName );
}
else
{
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLResponseParser.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLResponseParser.java 2010-11-30 16:56:07 UTC (rev 572)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLResponseParser.java 2010-11-30 21:48:59 UTC (rev 573)
@@ -31,8 +31,10 @@
import org.picketlink.identity.federation.core.parsers.util.StaxParserUtil;
import org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLConstants;
import org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLURIConstants;
-import org.picketlink.identity.federation.saml.v2.assertion.NameIDType;
-import org.picketlink.identity.federation.saml.v2.protocol.ResponseType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AssertionType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.NameIDType;
+import org.picketlink.identity.federation.newmodel.saml.v2.protocol.ResponseType;
+import org.picketlink.identity.federation.newmodel.saml.v2.protocol.ResponseType.RTChoiceType;
/**
* Parse the SAML Response
@@ -76,7 +78,7 @@
else if( JBossSAMLConstants.ASSERTION.get().equals( elementName ))
{
SAMLAssertionParser assertionParser = new SAMLAssertionParser();
- response.getAssertionOrEncryptedAssertion().add( assertionParser.parse(xmlEventReader));
+ response.addAssertion( new RTChoiceType( (AssertionType) assertionParser.parse(xmlEventReader ) ));
}
else if( JBossSAMLConstants.STATUS.get().equals( elementName ))
{
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLSloResponseParser.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLSloResponseParser.java 2010-11-30 16:56:07 UTC (rev 572)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLSloResponseParser.java 2010-11-30 21:48:59 UTC (rev 573)
@@ -34,8 +34,8 @@
import org.picketlink.identity.federation.core.parsers.util.StaxParserUtil;
import org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLConstants;
import org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLURIConstants;
-import org.picketlink.identity.federation.saml.v2.assertion.NameIDType;
-import org.picketlink.identity.federation.saml.v2.protocol.StatusResponseType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.NameIDType;
+import org.picketlink.identity.federation.newmodel.saml.v2.protocol.StatusResponseType;
/**
* Parse the SLO Response
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLStatusResponseTypeParser.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLStatusResponseTypeParser.java 2010-11-30 16:56:07 UTC (rev 572)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLStatusResponseTypeParser.java 2010-11-30 21:48:59 UTC (rev 573)
@@ -32,9 +32,10 @@
import org.picketlink.identity.federation.core.parsers.util.StaxParserUtil;
import org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLConstants;
import org.picketlink.identity.federation.core.saml.v2.util.XMLTimeUtil;
-import org.picketlink.identity.federation.saml.v2.protocol.StatusCodeType;
-import org.picketlink.identity.federation.saml.v2.protocol.StatusResponseType;
-import org.picketlink.identity.federation.saml.v2.protocol.StatusType;
+import org.picketlink.identity.federation.core.util.NetworkUtil;
+import org.picketlink.identity.federation.newmodel.saml.v2.protocol.StatusCodeType;
+import org.picketlink.identity.federation.newmodel.saml.v2.protocol.StatusResponseType;
+import org.picketlink.identity.federation.newmodel.saml.v2.protocol.StatusType;
/**
* Base Class for all Response Type parsing for SAML2
@@ -114,7 +115,7 @@
Attribute valueAttr = startElement.getAttributeByName( new QName( "Value" ));
if( valueAttr != null )
{
- statusCode.setValue( StaxParserUtil.getAttributeValue( valueAttr ));
+ statusCode.setValue( NetworkUtil.createURI( StaxParserUtil.getAttributeValue( valueAttr ) ));
}
status.setStatusCode( statusCode );
@@ -127,7 +128,7 @@
Attribute subValueAttr = startElement.getAttributeByName( new QName( "Value" ));
if( subValueAttr != null )
{
- subStatusCodeType.setValue( StaxParserUtil.getAttributeValue( subValueAttr ));
+ subStatusCodeType.setValue( NetworkUtil.createURI( StaxParserUtil.getAttributeValue( subValueAttr )));
}
statusCode.setStatusCode( subStatusCodeType );
}
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLSubjectParser.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLSubjectParser.java 2010-11-30 16:56:07 UTC (rev 572)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLSubjectParser.java 2010-11-30 21:48:59 UTC (rev 573)
@@ -69,7 +69,10 @@
{
EndElement endElement = (EndElement) xmlEvent;
if( StaxParserUtil.matches(endElement , JBossSAMLConstants.SUBJECT.get() ))
- break;
+ {
+ endElement = StaxParserUtil.getNextEndElement(xmlEventReader);
+ break;
+ }
else
throw new RuntimeException( "Unknown End Element:" + StaxParserUtil.getEndElementName( endElement ) );
}
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/util/SAMLParserUtil.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/util/SAMLParserUtil.java 2010-11-30 16:56:07 UTC (rev 572)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/util/SAMLParserUtil.java 2010-11-30 21:48:59 UTC (rev 573)
@@ -85,27 +85,27 @@
* @throws ParsingException
*/
public static AttributeType parseAttribute( XMLEventReader xmlEventReader ) throws ParsingException
- {
- AttributeType attributeType = new AttributeType();
-
+ {
StartElement startElement = StaxParserUtil.getNextStartElement(xmlEventReader);
StaxParserUtil.validate( startElement, JBossSAMLConstants.ATTRIBUTE.get() );
-
+ AttributeType attributeType = null;
+
+ Attribute name = startElement.getAttributeByName( new QName( JBossSAMLConstants.NAME.get() ));
+ if( name == null )
+ throw new RuntimeException( "Required attribute Name in Attribute" );
+ attributeType = new AttributeType( StaxParserUtil.getAttributeValue( name ));
+
//Look for X500 Encoding
QName x500EncodingName = new QName( JBossSAMLURIConstants.X500_NSURI.get(),
JBossSAMLConstants.ENCODING.get() );
Attribute x500EncodingAttr = startElement.getAttributeByName( x500EncodingName );
if( x500EncodingAttr != null )
- {
+ {
attributeType.getOtherAttributes().put( x500EncodingAttr.getName(), StaxParserUtil.getAttributeValue( x500EncodingAttr ));
}
-
- Attribute name = startElement.getAttributeByName( new QName( JBossSAMLConstants.NAME.get() ));
- if( name == null )
- throw new RuntimeException( "Required attribute Name in Attribute" );
- attributeType.setName( StaxParserUtil.getAttributeValue( name ));
-
+
+
Attribute friendlyName = startElement.getAttributeByName( new QName( JBossSAMLConstants.FRIENDLY_NAME.get() ));
if( friendlyName != null )
attributeType.setFriendlyName( StaxParserUtil.getAttributeValue( friendlyName ));
@@ -127,7 +127,7 @@
if( JBossSAMLConstants.ATTRIBUTE_VALUE.get().equals( tag ) )
{
Object attributeValue = parseAttributeValue(xmlEventReader);
- attributeType.getAttributeValue().add( attributeValue );
+ attributeType.addAttributeValue( attributeValue );
}
else throw new RuntimeException( "Unknown tag:" + tag );
}
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/constants/JBossSAMLConstants.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/constants/JBossSAMLConstants.java 2010-11-30 16:56:07 UTC (rev 572)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/constants/JBossSAMLConstants.java 2010-11-30 21:48:59 UTC (rev 573)
@@ -49,6 +49,7 @@
CONSENT( "Consent" ),
DESTINATION( "Destination" ),
ENCODING( "Encoding" ),
+ ENCRYPTED_ASSERTION( "EncryptedAssertion" ),
FORMAT( "Format" ),
FRIENDLY_NAME( "FriendlyName" ),
ID( "ID" ),
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/factories/JBossSAMLBaseFactory.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/factories/JBossSAMLBaseFactory.java 2010-11-30 16:56:07 UTC (rev 572)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/factories/JBossSAMLBaseFactory.java 2010-11-30 21:48:59 UTC (rev 573)
@@ -55,9 +55,8 @@
*/
public static AttributeType createAttributeForRole(String roleName)
{
- AttributeType att = new AttributeType();
- att.setFriendlyName("role");
- att.setName("role");
+ AttributeType att = new AttributeType( "role" );
+ att.setFriendlyName("role");
att.setNameFormat(JBossSAMLURIConstants.ATTRIBUTE_FORMAT_BASIC.get());
//rolename
@@ -74,7 +73,7 @@
public static AttributeStatementType createAttributeStatement(String attributeValue)
{
AttributeStatementType attribStatement = new AttributeStatementType();
- AttributeType att = new AttributeType();
+ AttributeType att = new AttributeType( attributeValue );
att.addAttributeValue(attributeValue);
attribStatement.addAttribute( new ASTChoiceType( att ));
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/util/AssertionUtil.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/util/AssertionUtil.java 2010-11-30 16:56:07 UTC (rev 572)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/util/AssertionUtil.java 2010-11-30 21:48:59 UTC (rev 573)
@@ -74,8 +74,7 @@
public static AttributeType createAttribute(String name, String nameFormat,
Object... attributeValues)
{
- AttributeType att = new AttributeType();
- att.setName(name);
+ AttributeType att = new AttributeType( name );
att.setNameFormat(nameFormat);
if(attributeValues != null && attributeValues.length > 0)
{
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/util/StatementUtil.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/util/StatementUtil.java 2010-11-30 16:56:07 UTC (rev 572)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/util/StatementUtil.java 2010-11-30 21:48:59 UTC (rev 573)
@@ -74,7 +74,7 @@
Collection<?> roles = (Collection<?>) value;
for (Object role : roles)
{
- AttributeType roleAttr = new AttributeType();
+ AttributeType roleAttr = new AttributeType( "Role" );
roleAttr.addAttributeValue(role);
attrStatement.addAttribute( new ASTChoiceType( roleAttr ));
}
@@ -83,29 +83,33 @@
else
{
- AttributeType att = getX500Attribute();
+ AttributeType att;
Object value = attributes.get(key);
if (AttributeConstants.EMAIL_ADDRESS.equals(key))
{
- att.setFriendlyName(X500SAMLProfileConstants.EMAIL_ADDRESS.getFriendlyName());
- att.setName(X500SAMLProfileConstants.EMAIL_ADDRESS.get());
+ att = getX500Attribute( X500SAMLProfileConstants.EMAIL_ADDRESS.get() );
+ att.setFriendlyName(X500SAMLProfileConstants.EMAIL_ADDRESS.getFriendlyName());
}
else if (AttributeConstants.EMPLOYEE_NUMBER.equals(key))
{
- att.setFriendlyName(X500SAMLProfileConstants.EMPLOYEE_NUMBER.getFriendlyName());
- att.setName(X500SAMLProfileConstants.EMPLOYEE_NUMBER.get());
+ att = getX500Attribute( X500SAMLProfileConstants.EMPLOYEE_NUMBER.get() );
+ att.setFriendlyName(X500SAMLProfileConstants.EMPLOYEE_NUMBER.getFriendlyName());
}
else if (AttributeConstants.GIVEN_NAME.equals(key))
{
- att.setFriendlyName(X500SAMLProfileConstants.GIVENNAME.getFriendlyName());
- att.setName(X500SAMLProfileConstants.GIVENNAME.get());
+ att = getX500Attribute( X500SAMLProfileConstants.GIVENNAME.get() );
+ att.setFriendlyName(X500SAMLProfileConstants.GIVENNAME.getFriendlyName());
}
else if (AttributeConstants.TELEPHONE.equals(key))
{
+ att = getX500Attribute( X500SAMLProfileConstants.TELEPHONE.get() );
att.setFriendlyName(X500SAMLProfileConstants.TELEPHONE.getFriendlyName());
att.setName(X500SAMLProfileConstants.TELEPHONE.get());
}
+ else
+ throw new RuntimeException( "Unknown:" + key );
+
att.addAttributeValue( value );
attrStatement.addAttribute( new ASTChoiceType( att ));
}
@@ -123,16 +127,16 @@
AttributeStatementType attrStatement = new AttributeStatementType();
for (String role : roles)
{
- AttributeType attr = new AttributeType();
+ AttributeType attr = new AttributeType( "Role" );
attr.addAttributeValue( role );
attrStatement.addAttribute( new ASTChoiceType( attr ));
}
return attrStatement;
}
- private static AttributeType getX500Attribute()
+ private static AttributeType getX500Attribute( String name )
{
- AttributeType att = new AttributeType();
+ AttributeType att = new AttributeType( name );
att.getOtherAttributes().put(X500_QNAME, "LDAP");
att.setNameFormat(JBossSAMLURIConstants.ATTRIBUTE_FORMAT_URI.get());
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/SAMLAssertionWriter.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/SAMLAssertionWriter.java 2010-11-30 16:56:07 UTC (rev 572)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/SAMLAssertionWriter.java 2010-11-30 21:48:59 UTC (rev 573)
@@ -252,7 +252,11 @@
{
StaxUtil.writeStartElement( writer, ASSERTION_PREFIX, JBossSAMLConstants.ATTRIBUTE.get() , ASSERTION_NSURI.get() );
- StaxUtil.writeAttribute( writer, JBossSAMLConstants.NAME.get(), attributeType.getName() );
+ String attributeName = attributeType.getName();
+ if( attributeName != null )
+ {
+ StaxUtil.writeAttribute( writer, JBossSAMLConstants.NAME.get(), attributeName );
+ }
String friendlyName = attributeType.getFriendlyName();
if( StringUtil.isNotNull( friendlyName ))
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/SAMLResponseWriter.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/SAMLResponseWriter.java 2010-11-30 16:56:07 UTC (rev 572)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/SAMLResponseWriter.java 2010-11-30 21:48:59 UTC (rev 573)
@@ -30,11 +30,14 @@
import javax.xml.namespace.QName;
import javax.xml.stream.XMLStreamWriter;
+import org.picketlink.identity.federation.core.exceptions.ConfigurationException;
import org.picketlink.identity.federation.core.exceptions.ProcessingException;
import org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLConstants;
+import org.picketlink.identity.federation.core.saml.v2.util.DocumentUtil;
import org.picketlink.identity.federation.core.util.StaxUtil;
import org.picketlink.identity.federation.core.util.StringUtil;
import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AssertionType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.EncryptedAssertionType;
import org.picketlink.identity.federation.newmodel.saml.v2.assertion.NameIDType;
import org.picketlink.identity.federation.newmodel.saml.v2.protocol.ResponseType;
import org.picketlink.identity.federation.newmodel.saml.v2.protocol.ResponseType.RTChoiceType;
@@ -42,6 +45,7 @@
import org.picketlink.identity.federation.newmodel.saml.v2.protocol.StatusDetailType;
import org.picketlink.identity.federation.newmodel.saml.v2.protocol.StatusResponseType;
import org.picketlink.identity.federation.newmodel.saml.v2.protocol.StatusType;
+import org.w3c.dom.Element;
/**
* Write a SAML Response to stream
@@ -85,10 +89,24 @@
for( RTChoiceType choiceType: choiceTypes )
{
AssertionType assertion = choiceType.getAssertion();
- if( assertion instanceof AssertionType )
+ if( assertion != null )
{
assertionWriter.write( (AssertionType) assertion );
}
+
+ EncryptedAssertionType encryptedAssertion = choiceType.getEncryptedAssertion();
+ if( encryptedAssertion != null )
+ {
+ Element encryptedElement = encryptedAssertion.getEncryptedElement();
+ try
+ {
+ StaxUtil.writeCharacters(writer, DocumentUtil.getNodeAsString(encryptedElement));
+ }
+ catch (ConfigurationException e)
+ {
+ throw new ProcessingException( e );
+ }
+ }
}
}
StaxUtil.writeEndElement( writer);
Modified: federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/newmodel/saml/v2/assertion/AttributeType.java
===================================================================
--- federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/newmodel/saml/v2/assertion/AttributeType.java 2010-11-30 16:56:07 UTC (rev 572)
+++ federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/newmodel/saml/v2/assertion/AttributeType.java 2010-11-30 21:48:59 UTC (rev 573)
@@ -57,6 +57,11 @@
protected String nameFormat;
protected String friendlyName;
private Map<QName, String> otherAttributes = new HashMap<QName, String>();
+
+ public AttributeType( String name )
+ {
+ this.name = name;
+ }
public void addAttributeValue( Object value )
{
Modified: federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/newmodel/saml/v2/assertion/AuthnContextType.java
===================================================================
--- federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/newmodel/saml/v2/assertion/AuthnContextType.java 2010-11-30 16:56:07 UTC (rev 572)
+++ federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/newmodel/saml/v2/assertion/AuthnContextType.java 2010-11-30 21:48:59 UTC (rev 573)
@@ -24,6 +24,7 @@
import java.net.URI;
import java.util.Arrays;
import java.util.Collections;
+import java.util.HashSet;
import java.util.Set;
import java.util.TreeSet;
@@ -67,7 +68,7 @@
private AuthnContextTypeSequence sequence;
- private Set<URIType> URITypes;
+ private Set<URIType> URITypes = new HashSet<URIType>();
public void addAuthenticatingAuthority( URI aa )
14 years, 1 month
Picketlink SVN: r572 - in federation/trunk: picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml and 2 other directories.
by picketlink-commits@lists.jboss.org
Author: anil.saldhana(a)jboss.com
Date: 2010-11-30 11:56:07 -0500 (Tue, 30 Nov 2010)
New Revision: 572
Modified:
federation/trunk/picketlink-fed-api/src/test/java/org/picketlink/test/identity/federation/api/saml/v2/SAML2AuthnRequestUnitTestCase.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLAuthNRequestParser.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLConditionsParser.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLRequestAbstractParser.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/constants/JBossSAMLConstants.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/SAMLRequestWriter.java
Log:
additional parsing guards
Modified: federation/trunk/picketlink-fed-api/src/test/java/org/picketlink/test/identity/federation/api/saml/v2/SAML2AuthnRequestUnitTestCase.java
===================================================================
--- federation/trunk/picketlink-fed-api/src/test/java/org/picketlink/test/identity/federation/api/saml/v2/SAML2AuthnRequestUnitTestCase.java 2010-11-30 16:20:18 UTC (rev 571)
+++ federation/trunk/picketlink-fed-api/src/test/java/org/picketlink/test/identity/federation/api/saml/v2/SAML2AuthnRequestUnitTestCase.java 2010-11-30 16:56:07 UTC (rev 572)
@@ -60,9 +60,9 @@
AuthnRequestType authnRequestType = request.getAuthnRequestType(resourceName);
- assertEquals("http://www.example.com/", authnRequestType.getDestination());
+ assertEquals("http://www.example.com/", authnRequestType.getDestination().toString());
assertEquals("urn:oasis:names:tc:SAML:2.0:consent:obtained", authnRequestType.getConsent());
- assertEquals("http://www.example.com/",authnRequestType.getAssertionConsumerServiceURL());
+ assertEquals("http://www.example.com/",authnRequestType.getAssertionConsumerServiceURL().toString());
assertEquals(Integer.valueOf("0"), authnRequestType.getAttributeConsumingServiceIndex());
SubjectType subjectType = authnRequestType.getSubject();
@@ -71,7 +71,7 @@
STSubType subType = subjectType.getSubType();
NameIDType nameIDType = (NameIDType) subType.getBaseID();
- assertEquals("urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress",nameIDType.getFormat());
+ assertEquals("urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress",nameIDType.getFormat().toString());
assertEquals("j.doe(a)company.com",nameIDType.getValue());
ConditionsType conditionsType = authnRequestType.getConditions();
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLAuthNRequestParser.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLAuthNRequestParser.java 2010-11-30 16:20:18 UTC (rev 571)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLAuthNRequestParser.java 2010-11-30 16:56:07 UTC (rev 572)
@@ -30,10 +30,13 @@
import org.picketlink.identity.federation.core.parsers.ParserNamespaceSupport;
import org.picketlink.identity.federation.core.parsers.util.StaxParserUtil;
import org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLConstants;
-import org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLURIConstants;
+import org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLURIConstants;
import org.picketlink.identity.federation.core.util.NetworkUtil;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.ConditionsType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.SubjectType;
import org.picketlink.identity.federation.newmodel.saml.v2.protocol.AuthnRequestType;
import org.picketlink.identity.federation.newmodel.saml.v2.protocol.NameIDPolicyType;
+import org.picketlink.identity.federation.newmodel.saml.v2.protocol.RequestedAuthnContextType;
/**
* Parse the SAML2 AuthnRequest
@@ -68,8 +71,27 @@
startElement = StaxParserUtil.getNextStartElement( xmlEventReader );
authnRequest.setNameIDPolicy( getNameIDPolicy( startElement ));
}
- else
- throw new RuntimeException( "Unknown Element:" + elementName );
+ else if( JBossSAMLConstants.SUBJECT.get().equals( elementName ))
+ {
+ authnRequest.setSubject( getSubject(xmlEventReader) );
+ }
+ else if( JBossSAMLConstants.CONDITIONS.get().equals( elementName ))
+ {
+ authnRequest.setConditions( (ConditionsType) ( new SAMLConditionsParser()).parse(xmlEventReader));
+ }
+ else if( JBossSAMLConstants.REQUESTED_AUTHN_CONTEXT.get().equals( elementName ))
+ {
+ authnRequest.setRequestedAuthnContext( getRequestedAuthnContextType(xmlEventReader));
+ }
+ else if( JBossSAMLConstants.ISSUER.get().equals( elementName ))
+ {
+ continue;
+ }
+ else if( JBossSAMLConstants.SIGNATURE.get().equals( elementName ))
+ {
+ continue;
+ }
+ else throw new RuntimeException( "Unknown Element:" + elementName );
}
return authnRequest;
}
@@ -151,4 +173,29 @@
return nameIDPolicy;
}
+
+ private SubjectType getSubject( XMLEventReader xmlEventReader ) throws ParsingException
+ {
+ SAMLSubjectParser subjectParser = new SAMLSubjectParser();
+ return (SubjectType) subjectParser.parse(xmlEventReader);
+ }
+
+ private RequestedAuthnContextType getRequestedAuthnContextType( XMLEventReader xmlEventReader ) throws ParsingException
+ {
+ RequestedAuthnContextType ract = new RequestedAuthnContextType();
+ StartElement startElement = StaxParserUtil.getNextStartElement(xmlEventReader);
+ StaxParserUtil.validate(startElement, JBossSAMLConstants.REQUESTED_AUTHN_CONTEXT.get() );
+
+ startElement = StaxParserUtil.getNextStartElement(xmlEventReader);
+ String elName = StaxParserUtil.getStartElementName(startElement);
+
+ if( elName.equals( JBossSAMLConstants.AUTHN_CONTEXT_CLASS_REF.get() ))
+ {
+ String value = StaxParserUtil.getElementText(xmlEventReader);
+ ract.addAuthnContextClassRef(value);
+ }
+ else throw new RuntimeException( "unknown :" + elName );
+
+ return ract;
+ }
}
\ No newline at end of file
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLConditionsParser.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLConditionsParser.java 2010-11-30 16:20:18 UTC (rev 571)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLConditionsParser.java 2010-11-30 16:56:07 UTC (rev 572)
@@ -34,8 +34,9 @@
import org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLConstants;
import org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLURIConstants;
import org.picketlink.identity.federation.core.saml.v2.util.XMLTimeUtil;
-import org.picketlink.identity.federation.saml.v2.assertion.AudienceRestrictionType;
-import org.picketlink.identity.federation.saml.v2.assertion.ConditionsType;
+import org.picketlink.identity.federation.core.util.NetworkUtil;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AudienceRestrictionType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.ConditionsType;
/**
* Parse the <conditions> in the saml assertion
@@ -113,7 +114,7 @@
if( JBossSAMLConstants.AUDIENCE_RESTRICTION.get().equals( tag ) )
{
AudienceRestrictionType audienceRestriction = getAudienceRestriction(xmlEventReader);
- conditions.getConditionOrAudienceRestrictionOrOneTimeUse().add( audienceRestriction );
+ conditions.addCondition( audienceRestriction );
}
else throw new RuntimeException( "Unknown tag:" + tag );
}
@@ -155,7 +156,7 @@
throw new ParsingException( "audienceValue is expected ahead" );
String audienceValue = StaxParserUtil.getElementText( xmlEventReader );
- audience.getAudience().add( audienceValue );
+ audience.addAudience( NetworkUtil.createURI( audienceValue ));
XMLEvent xmlEvent = StaxParserUtil.peek(xmlEventReader);
if( xmlEvent instanceof EndElement )
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLRequestAbstractParser.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLRequestAbstractParser.java 2010-11-30 16:20:18 UTC (rev 571)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLRequestAbstractParser.java 2010-11-30 16:56:07 UTC (rev 572)
@@ -25,14 +25,20 @@
import javax.xml.stream.XMLEventReader;
import javax.xml.stream.events.Attribute;
import javax.xml.stream.events.StartElement;
+import javax.xml.transform.Transformer;
+import javax.xml.transform.dom.DOMResult;
+import javax.xml.transform.stax.StAXSource;
import org.picketlink.identity.federation.core.exceptions.ParsingException;
-import org.picketlink.identity.federation.core.parsers.util.StaxParserUtil;
+import org.picketlink.identity.federation.core.parsers.util.StaxParserUtil;
import org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLConstants;
-import org.picketlink.identity.federation.core.saml.v2.util.XMLTimeUtil;
+import org.picketlink.identity.federation.core.saml.v2.util.DocumentUtil;
+import org.picketlink.identity.federation.core.saml.v2.util.XMLTimeUtil;
import org.picketlink.identity.federation.core.util.NetworkUtil;
+import org.picketlink.identity.federation.core.util.TransformerUtil;
import org.picketlink.identity.federation.newmodel.saml.v2.assertion.NameIDType;
import org.picketlink.identity.federation.newmodel.saml.v2.protocol.RequestAbstractType;
+import org.w3c.dom.Document;
/**
* Base Class for SAML Request Parsing
@@ -86,9 +92,26 @@
request.setIssuer( issuer );
}
else if( JBossSAMLConstants.SIGNATURE.get().equals( elementName ))
- {
- startElement = StaxParserUtil.getNextStartElement( xmlEventReader );
- StaxParserUtil.bypassElementBlock(xmlEventReader, JBossSAMLConstants.SIGNATURE.get() );
+ {
+ Document resultDocument;
+ try
+ {
+ resultDocument = DocumentUtil.createDocument();
+ DOMResult domResult = new DOMResult( resultDocument );
+
+ //Let us parse <b><c><d> using transformer
+ StAXSource source = new StAXSource(xmlEventReader);
+
+ Transformer transformer = TransformerUtil.getStaxSourceToDomResultTransformer();
+ transformer.transform( source, domResult );
+ }
+ catch ( Exception e)
+ {
+ throw new RuntimeException( e );
+ }
+
+ request.setSignature( resultDocument.getDocumentElement() );
+ //StaxParserUtil.bypassElementBlock(xmlEventReader, JBossSAMLConstants.SIGNATURE.get() );
}
}
}
\ No newline at end of file
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/constants/JBossSAMLConstants.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/constants/JBossSAMLConstants.java 2010-11-30 16:20:18 UTC (rev 571)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/constants/JBossSAMLConstants.java 2010-11-30 16:56:07 UTC (rev 572)
@@ -67,6 +67,7 @@
NAME_QUALIFIER( "NameQualifier" ),
NOT_BEFORE( "NotBefore" ),
NOT_ON_OR_AFTER( "NotOnOrAfter" ),
+ REQUESTED_AUTHN_CONTEXT( "RequestedAuthnContext" ),
RECIPIENT( "Recipient" ),
RESPONSE( "Response" ),
SESSION_INDEX( "SessionIndex" ),
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/SAMLRequestWriter.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/SAMLRequestWriter.java 2010-11-30 16:20:18 UTC (rev 571)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/SAMLRequestWriter.java 2010-11-30 16:56:07 UTC (rev 572)
@@ -80,8 +80,10 @@
StaxUtil.writeAttribute( writer, JBossSAMLConstants.ASSERTION_CONSUMER_SERVICE_URL.get(), assertionURL.toASCIIString() );
NameIDType issuer = request.getIssuer();
- write( issuer, new QName( ASSERTION_NSURI.get(), JBossSAMLConstants.ISSUER.get()));
-
+ if( issuer != null )
+ {
+ write( issuer, new QName( ASSERTION_NSURI.get(), JBossSAMLConstants.ISSUER.get()));
+ }
NameIDPolicyType nameIDPolicy = request.getNameIDPolicy();
if( nameIDPolicy != null )
write( nameIDPolicy );
14 years, 1 month
Picketlink SVN: r571 - in federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers: wst and 1 other directory.
by picketlink-commits@lists.jboss.org
Author: anil.saldhana(a)jboss.com
Date: 2010-11-30 11:20:18 -0500 (Tue, 30 Nov 2010)
New Revision: 571
Modified:
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLAssertionParser.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLAuthNRequestParser.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLConditionsParser.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLSubjectParser.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/wst/WSTRequestSecurityTokenParser.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/wst/WSTRequestSecurityTokenResponseParser.java
Log:
add guards
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLAssertionParser.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLAssertionParser.java 2010-11-30 16:07:32 UTC (rev 570)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLAssertionParser.java 2010-11-30 16:20:18 UTC (rev 571)
@@ -70,6 +70,8 @@
String endElementTag = StaxParserUtil.getEndElementName( endElement );
if( endElementTag.equals( JBossSAMLConstants.ASSERTION.get() ) )
break;
+ else
+ throw new RuntimeException( "Unknown End Element:" + endElementTag );
}
StartElement peekedElement = null;
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLAuthNRequestParser.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLAuthNRequestParser.java 2010-11-30 16:07:32 UTC (rev 570)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLAuthNRequestParser.java 2010-11-30 16:20:18 UTC (rev 571)
@@ -68,6 +68,8 @@
startElement = StaxParserUtil.getNextStartElement( xmlEventReader );
authnRequest.setNameIDPolicy( getNameIDPolicy( startElement ));
}
+ else
+ throw new RuntimeException( "Unknown Element:" + elementName );
}
return authnRequest;
}
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLConditionsParser.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLConditionsParser.java 2010-11-30 16:07:32 UTC (rev 570)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLConditionsParser.java 2010-11-30 16:20:18 UTC (rev 571)
@@ -166,6 +166,8 @@
StaxParserUtil.getNextEvent(xmlEventReader); //Just get the end element
break;
}
+ else
+ throw new RuntimeException( "Unknown End Element:" + StaxParserUtil.getEndElementName( endElement ) );
}
}
return audience;
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLSubjectParser.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLSubjectParser.java 2010-11-30 16:07:32 UTC (rev 570)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLSubjectParser.java 2010-11-30 16:20:18 UTC (rev 571)
@@ -70,6 +70,8 @@
EndElement endElement = (EndElement) xmlEvent;
if( StaxParserUtil.matches(endElement , JBossSAMLConstants.SUBJECT.get() ))
break;
+ else
+ throw new RuntimeException( "Unknown End Element:" + StaxParserUtil.getEndElementName( endElement ) );
}
StartElement peekedElement = StaxParserUtil.peekNextStartElement( xmlEventReader );
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/wst/WSTRequestSecurityTokenParser.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/wst/WSTRequestSecurityTokenParser.java 2010-11-30 16:07:32 UTC (rev 570)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/wst/WSTRequestSecurityTokenParser.java 2010-11-30 16:20:18 UTC (rev 571)
@@ -85,6 +85,8 @@
String endElementTag = StaxParserUtil.getEndElementName( endElement );
if( endElementTag.equals( WSTrustConstants.RST ) )
break;
+ else
+ throw new RuntimeException( "Unknown End Element:" + StaxParserUtil.getEndElementName( endElement ) );
}
try
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/wst/WSTRequestSecurityTokenResponseParser.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/wst/WSTRequestSecurityTokenResponseParser.java 2010-11-30 16:07:32 UTC (rev 570)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/wst/WSTRequestSecurityTokenResponseParser.java 2010-11-30 16:20:18 UTC (rev 571)
@@ -91,6 +91,8 @@
String endElementTag = StaxParserUtil.getEndElementName(endElement);
if (endElementTag.equals(WSTrustConstants.RSTR))
break;
+ else
+ throw new RuntimeException( "Unknown End Element:" + StaxParserUtil.getEndElementName( endElement ) );
}
try
14 years, 1 month
Picketlink SVN: r570 - in federation/trunk: picketlink-bindings/src/main/java/org/picketlink/identity/federation/bindings/tomcat/sp and 17 other directories.
by picketlink-commits@lists.jboss.org
Author: anil.saldhana(a)jboss.com
Date: 2010-11-30 11:07:32 -0500 (Tue, 30 Nov 2010)
New Revision: 570
Modified:
federation/trunk/picketlink-bindings-jboss/src/main/java/org/picketlink/identity/federation/bindings/jboss/auth/SAML20TokenRoleAttributeProvider.java
federation/trunk/picketlink-bindings-jboss/src/main/java/org/picketlink/identity/federation/bindings/jboss/auth/SAML2STSLoginModule.java
federation/trunk/picketlink-bindings-jboss/src/main/java/org/picketlink/identity/federation/bindings/jboss/auth/mapping/STSGroupMappingProvider.java
federation/trunk/picketlink-bindings-jboss/src/main/java/org/picketlink/identity/federation/bindings/jboss/auth/mapping/STSPrincipalMappingProvider.java
federation/trunk/picketlink-bindings-jboss/src/test/java/org/picketlink/test/identity/federation/bindings/jboss/auth/STSMappingProviderUnitTestCase.java
federation/trunk/picketlink-bindings/src/main/java/org/picketlink/identity/federation/bindings/tomcat/idp/IDPRedirectValve.java
federation/trunk/picketlink-bindings/src/main/java/org/picketlink/identity/federation/bindings/tomcat/idp/IDPRedirectWithSignatureValve.java
federation/trunk/picketlink-bindings/src/main/java/org/picketlink/identity/federation/bindings/tomcat/idp/IDPWebBrowserSSOValve.java
federation/trunk/picketlink-bindings/src/main/java/org/picketlink/identity/federation/bindings/tomcat/sp/SPRedirectFormAuthenticator.java
federation/trunk/picketlink-bindings/src/main/java/org/picketlink/identity/federation/bindings/tomcat/sp/SPRedirectSignatureFormAuthenticator.java
federation/trunk/picketlink-bindings/src/main/java/org/picketlink/identity/federation/bindings/tomcat/sp/SPUtil.java
federation/trunk/picketlink-bindings/src/test/java/org/picketlink/test/identity/federation/bindings/util/RedirectBindingSignatureUtilTestCase.java
federation/trunk/picketlink-bindings/src/test/java/org/picketlink/test/identity/federation/bindings/util/RedirectBindingUtilTestCase.java
federation/trunk/picketlink-bindings/src/test/java/org/picketlink/test/identity/federation/bindings/workflow/SAML2LogoutTomcatWorkflowUnitTestCase.java
federation/trunk/picketlink-bindings/src/test/java/org/picketlink/test/identity/federation/bindings/workflow/SAML2PostTomcatWorkflowUnitTestCase.java
federation/trunk/picketlink-fed-api/src/main/java/org/picketlink/identity/federation/api/saml/v2/request/SAML2Request.java
federation/trunk/picketlink-fed-api/src/main/java/org/picketlink/identity/federation/api/saml/v2/response/SAML2Response.java
federation/trunk/picketlink-fed-api/src/main/java/org/picketlink/identity/federation/api/saml/v2/sig/SAML2Signature.java
federation/trunk/picketlink-fed-api/src/main/java/org/picketlink/identity/federation/api/soap/SOAPSAMLXACML.java
federation/trunk/picketlink-fed-api/src/test/java/org/picketlink/test/identity/federation/api/saml/v2/DeflateEncodingDecodingUnitTestCase.java
federation/trunk/picketlink-fed-api/src/test/java/org/picketlink/test/identity/federation/api/saml/v2/SAML2AuthnRequestUnitTestCase.java
federation/trunk/picketlink-fed-api/src/test/java/org/picketlink/test/identity/federation/api/saml/v2/SAML2AuthnResponseUnitTestCase.java
federation/trunk/picketlink-fed-api/src/test/java/org/picketlink/test/identity/federation/api/saml/v2/SAML2RequestUnitTestCase.java
federation/trunk/picketlink-fed-api/src/test/java/org/picketlink/test/identity/federation/api/saml/v2/SignatureValidationUnitTestCase.java
federation/trunk/picketlink-fed-api/src/test/java/org/picketlink/test/identity/federation/api/util/XMLEncryptionUnitTestCase.java
federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/web/filters/SPFilter.java
federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/web/handlers/saml2/SAML2AuthenticationHandler.java
federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/web/handlers/saml2/SAML2LogOutHandler.java
federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/web/servlets/saml/SOAPSAMLXACMLServlet.java
federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/web/util/IDPWebRequestUtil.java
federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/web/util/RedirectBindingSignatureUtil.java
federation/trunk/picketlink-web/src/test/java/org/picketlink/test/identity/federation/web/saml/handlers/SAML2SignatureHandlerUnitTestCase.java
federation/trunk/picketlink-web/src/test/java/org/picketlink/test/identity/federation/web/workflow/saml2/SAML2LogoutWorkflowUnitTestCase.java
federation/trunk/picketlink-web/src/test/java/org/picketlink/test/identity/federation/web/workflow/saml2/SAML2PostWorkflowUnitTestCase.java
Log:
updated saml object model
Modified: federation/trunk/picketlink-bindings/src/main/java/org/picketlink/identity/federation/bindings/tomcat/idp/IDPRedirectValve.java
===================================================================
--- federation/trunk/picketlink-bindings/src/main/java/org/picketlink/identity/federation/bindings/tomcat/idp/IDPRedirectValve.java 2010-11-30 16:06:20 UTC (rev 569)
+++ federation/trunk/picketlink-bindings/src/main/java/org/picketlink/identity/federation/bindings/tomcat/idp/IDPRedirectValve.java 2010-11-30 16:07:32 UTC (rev 570)
@@ -33,7 +33,6 @@
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletResponse;
-import javax.xml.bind.JAXBException;
import org.apache.catalina.Context;
import org.apache.catalina.Lifecycle;
@@ -62,16 +61,15 @@
import org.picketlink.identity.federation.core.saml.v2.holders.IssuerInfoHolder;
import org.picketlink.identity.federation.core.saml.v2.holders.SPInfoHolder;
import org.picketlink.identity.federation.core.saml.v2.util.StatementUtil;
-import org.picketlink.identity.federation.saml.v2.assertion.AssertionType;
-import org.picketlink.identity.federation.saml.v2.assertion.AttributeStatementType;
-import org.picketlink.identity.federation.saml.v2.protocol.AuthnRequestType;
-import org.picketlink.identity.federation.saml.v2.protocol.RequestAbstractType;
-import org.picketlink.identity.federation.saml.v2.protocol.ResponseType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AssertionType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AttributeStatementType;
+import org.picketlink.identity.federation.newmodel.saml.v2.protocol.AuthnRequestType;
+import org.picketlink.identity.federation.newmodel.saml.v2.protocol.RequestAbstractType;
+import org.picketlink.identity.federation.newmodel.saml.v2.protocol.ResponseType;
import org.picketlink.identity.federation.web.constants.GeneralConstants;
import org.picketlink.identity.federation.web.util.ConfigurationUtil;
import org.picketlink.identity.federation.web.util.HTTPRedirectUtil;
import org.picketlink.identity.federation.web.util.RedirectBindingUtil;
-import org.xml.sax.SAXException;
/**
* Valve at the IDP that supports the HTTP/Redirect Binding
@@ -248,15 +246,7 @@
finalDest.append( getDestinationQueryString(urlEncodedResponse, relayState) );
HTTPRedirectUtil.sendRedirectForResponder(finalDest.toString(), response);
- }
- catch (JAXBException e)
- {
- throw new ParsingException(e);
- }
- catch (SAXException e)
- {
- throw new ParsingException(e);
- }
+ }
catch (IOException e)
{
throw new ProcessingException(e);
@@ -322,37 +312,16 @@
InputStream is = RedirectBindingUtil.base64DeflateDecode(samlMessage);
SAML2Request saml2Request = new SAML2Request();
- AuthnRequestType authnRequestType = null;
- try
- {
- authnRequestType = saml2Request.getAuthnRequestType(is);
- }
- catch (JAXBException e2)
- {
- throw new ParsingException(e2);
- }
- catch (SAXException e2)
- {
- throw new ParsingException(e2);
- }
+ AuthnRequestType authnRequestType = saml2Request.getAuthnRequestType(is);
+
if(authnRequestType == null)
throw new IllegalStateException("AuthnRequest is null");
if(log.isTraceEnabled())
{
StringWriter sw = new StringWriter();
- try
- {
- saml2Request.marshall(authnRequestType, sw);
- }
- catch (SAXException e)
- {
- log.trace(e);
- }
- catch (JAXBException e)
- {
- log.trace(e);
- }
+ saml2Request.marshall(authnRequestType, sw);
+
log.trace("IDPRedirectValve::AuthnRequest="+sw.toString());
}
SAML2Response saml2Response = new SAML2Response();
@@ -368,14 +337,14 @@
idp.setNameIDFormat(JBossSAMLURIConstants.NAMEID_FORMAT_PERSISTENT.get());
SPInfoHolder sp = new SPInfoHolder();
- sp.setResponseDestinationURI(authnRequestType.getAssertionConsumerServiceURL());
+ sp.setResponseDestinationURI( authnRequestType.getAssertionConsumerServiceURL().toASCIIString() );
responseType = saml2Response.createResponseType(id, sp, idp, issuerHolder);
//Add information on the roles
List<String> roles = rg.generateRoles(userPrincipal);
- AssertionType assertion = (AssertionType) responseType.getAssertionOrEncryptedAssertion().get(0);
+ AssertionType assertion = (AssertionType) responseType.getAssertions().get(0).getAssertion();
AttributeStatementType attrStatement = StatementUtil.createAttributeStatement(roles);
- assertion.getStatementOrAuthnStatementOrAuthzDecisionStatement().add(attrStatement);
+ assertion.addStatement( attrStatement );
//Add timed conditions
try
@@ -391,18 +360,8 @@
if(log.isTraceEnabled())
{
StringWriter sw = new StringWriter();
- try
- {
- saml2Response.marshall(responseType, sw);
- }
- catch (JAXBException e)
- {
- log.trace(e);
- }
- catch (SAXException e)
- {
- log.trace(e);
- }
+ saml2Response.marshall(responseType, sw);
+
log.trace("IDPRedirectValve::Response="+sw.toString());
}
Modified: federation/trunk/picketlink-bindings/src/main/java/org/picketlink/identity/federation/bindings/tomcat/idp/IDPRedirectWithSignatureValve.java
===================================================================
--- federation/trunk/picketlink-bindings/src/main/java/org/picketlink/identity/federation/bindings/tomcat/idp/IDPRedirectWithSignatureValve.java 2010-11-30 16:06:20 UTC (rev 569)
+++ federation/trunk/picketlink-bindings/src/main/java/org/picketlink/identity/federation/bindings/tomcat/idp/IDPRedirectWithSignatureValve.java 2010-11-30 16:07:32 UTC (rev 570)
@@ -35,7 +35,6 @@
import java.util.List;
import javax.crypto.SecretKey;
-import javax.xml.bind.JAXBException;
import javax.xml.namespace.QName;
import org.apache.catalina.LifecycleException;
@@ -56,12 +55,12 @@
import org.picketlink.identity.federation.core.util.CoreConfigUtil;
import org.picketlink.identity.federation.core.util.XMLEncryptionUtil;
import org.picketlink.identity.federation.core.util.XMLSignatureUtil;
-import org.picketlink.identity.federation.saml.v2.assertion.EncryptedElementType;
-import org.picketlink.identity.federation.saml.v2.protocol.ResponseType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.EncryptedAssertionType;
+import org.picketlink.identity.federation.newmodel.saml.v2.protocol.ResponseType;
+import org.picketlink.identity.federation.newmodel.saml.v2.protocol.ResponseType.RTChoiceType;
import org.picketlink.identity.federation.web.util.RedirectBindingSignatureUtil;
import org.w3c.dom.Document;
import org.w3c.dom.Element;
-import org.xml.sax.SAXException;
/**
@@ -214,21 +213,13 @@
publicKey, sk, keyLength, assertionQName, true);
- EncryptedElementType eet = saml2Response.getEncryptedAssertion(DocumentUtil.getNodeAsStream(encAssertion));
- responseType.getAssertionOrEncryptedAssertion().set(0, eet);
+ EncryptedAssertionType eet = saml2Response.getEncryptedAssertion(DocumentUtil.getNodeAsStream(encAssertion));
+ responseType.addAssertion( new RTChoiceType( eet ));
}
catch (MalformedURLException e)
{
throw new ParsingException(e);
- }
- catch (JAXBException e)
- {
- throw new ParsingException(e);
- }
- catch (SAXException e)
- {
- throw new ParsingException(e);
- }
+ }
catch (Exception e)
{
throw new ProcessingException(e);
@@ -238,18 +229,8 @@
if(log.isTraceEnabled())
{
StringWriter sw = new StringWriter();
- try
- {
- saml2Response.marshall(responseType, sw);
- }
- catch (JAXBException e)
- {
- if(trace) log.trace(e);
- }
- catch (SAXException e)
- {
- if(trace) log.trace(e);
- }
+ saml2Response.marshall(responseType, sw);
+
log.trace("IDPRedirectValveWithSignature::Response="+sw.toString());
}
return responseType;
Modified: federation/trunk/picketlink-bindings/src/main/java/org/picketlink/identity/federation/bindings/tomcat/idp/IDPWebBrowserSSOValve.java
===================================================================
--- federation/trunk/picketlink-bindings/src/main/java/org/picketlink/identity/federation/bindings/tomcat/idp/IDPWebBrowserSSOValve.java 2010-11-30 16:06:20 UTC (rev 569)
+++ federation/trunk/picketlink-bindings/src/main/java/org/picketlink/identity/federation/bindings/tomcat/idp/IDPWebBrowserSSOValve.java 2010-11-30 16:07:32 UTC (rev 570)
@@ -88,8 +88,8 @@
import org.picketlink.identity.federation.core.util.StringUtil;
import org.picketlink.identity.federation.core.util.XMLSignatureUtil;
import org.picketlink.identity.federation.saml.v2.SAML2Object;
-import org.picketlink.identity.federation.saml.v2.protocol.RequestAbstractType;
-import org.picketlink.identity.federation.saml.v2.protocol.StatusResponseType;
+import org.picketlink.identity.federation.newmodel.saml.v2.protocol.RequestAbstractType;
+import org.picketlink.identity.federation.newmodel.saml.v2.protocol.StatusResponseType;
import org.picketlink.identity.federation.web.constants.GeneralConstants;
import org.picketlink.identity.federation.web.core.HTTPContext;
import org.picketlink.identity.federation.web.core.IdentityServer;
Modified: federation/trunk/picketlink-bindings/src/main/java/org/picketlink/identity/federation/bindings/tomcat/sp/SPRedirectFormAuthenticator.java
===================================================================
--- federation/trunk/picketlink-bindings/src/main/java/org/picketlink/identity/federation/bindings/tomcat/sp/SPRedirectFormAuthenticator.java 2010-11-30 16:06:20 UTC (rev 569)
+++ federation/trunk/picketlink-bindings/src/main/java/org/picketlink/identity/federation/bindings/tomcat/sp/SPRedirectFormAuthenticator.java 2010-11-30 16:07:32 UTC (rev 570)
@@ -33,7 +33,6 @@
import javax.servlet.RequestDispatcher;
import javax.servlet.ServletException;
-import javax.xml.bind.JAXBException;
import org.apache.catalina.Session;
import org.apache.catalina.authenticator.Constants;
@@ -53,8 +52,8 @@
import org.picketlink.identity.federation.core.saml.v2.interfaces.SAML2Handler;
import org.picketlink.identity.federation.core.saml.v2.interfaces.SAML2HandlerResponse;
import org.picketlink.identity.federation.core.saml.v2.util.DocumentUtil;
-import org.picketlink.identity.federation.saml.v2.protocol.AuthnRequestType;
-import org.picketlink.identity.federation.saml.v2.protocol.ResponseType;
+import org.picketlink.identity.federation.newmodel.saml.v2.protocol.AuthnRequestType;
+import org.picketlink.identity.federation.newmodel.saml.v2.protocol.ResponseType;
import org.picketlink.identity.federation.web.constants.GeneralConstants;
import org.picketlink.identity.federation.web.core.HTTPContext;
import org.picketlink.identity.federation.web.process.ServiceProviderBaseProcessor;
@@ -62,10 +61,9 @@
import org.picketlink.identity.federation.web.process.ServiceProviderSAMLResponseProcessor;
import org.picketlink.identity.federation.web.util.HTTPRedirectUtil;
import org.picketlink.identity.federation.web.util.RedirectBindingUtil;
-import org.picketlink.identity.federation.web.util.ServerDetector;
import org.picketlink.identity.federation.web.util.RedirectBindingUtil.RedirectBindingUtilDestHolder;
+import org.picketlink.identity.federation.web.util.ServerDetector;
import org.w3c.dom.Document;
-import org.xml.sax.SAXException;
/**
* Authenticator at the Service Provider
@@ -332,7 +330,7 @@
}
protected String createSAMLRequestMessage(String relayState, Response response)
- throws ServletException, ConfigurationException, SAXException, JAXBException, IOException
+ throws ServletException, ConfigurationException, IOException, ProcessingException
{
//create a saml request
if(this.serviceURL == null)
@@ -347,7 +345,7 @@
saml2Request.marshall(authnRequest, baos);
String base64Request = RedirectBindingUtil.deflateBase64URLEncode(baos.toByteArray());
- String destination = authnRequest.getDestination();
+ String destination = authnRequest.getDestination().toASCIIString();
String destinationQueryString = getDestinationQueryString(base64Request, relayState, true);
@@ -416,7 +414,5 @@
throws IOException, GeneralSecurityException, ConfigurationException, ParsingException
{
throw new RuntimeException("This authenticator does not handle encryption");
- }
-
-
+ }
}
\ No newline at end of file
Modified: federation/trunk/picketlink-bindings/src/main/java/org/picketlink/identity/federation/bindings/tomcat/sp/SPRedirectSignatureFormAuthenticator.java
===================================================================
--- federation/trunk/picketlink-bindings/src/main/java/org/picketlink/identity/federation/bindings/tomcat/sp/SPRedirectSignatureFormAuthenticator.java 2010-11-30 16:06:20 UTC (rev 569)
+++ federation/trunk/picketlink-bindings/src/main/java/org/picketlink/identity/federation/bindings/tomcat/sp/SPRedirectSignatureFormAuthenticator.java 2010-11-30 16:07:32 UTC (rev 570)
@@ -29,8 +29,6 @@
import java.security.PublicKey;
import java.util.List;
-import javax.xml.bind.JAXBException;
-
import org.apache.catalina.Context;
import org.apache.catalina.LifecycleException;
import org.apache.catalina.connector.Request;
@@ -48,8 +46,8 @@
import org.picketlink.identity.federation.core.saml.v2.util.SignatureUtil;
import org.picketlink.identity.federation.core.util.CoreConfigUtil;
import org.picketlink.identity.federation.core.util.XMLEncryptionUtil;
-import org.picketlink.identity.federation.saml.v2.assertion.EncryptedElementType;
-import org.picketlink.identity.federation.saml.v2.protocol.ResponseType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.EncryptedElementType;
+import org.picketlink.identity.federation.newmodel.saml.v2.protocol.ResponseType;
import org.picketlink.identity.federation.web.constants.GeneralConstants;
import org.picketlink.identity.federation.web.process.ServiceProviderBaseProcessor;
import org.picketlink.identity.federation.web.util.RedirectBindingSignatureUtil;
@@ -192,7 +190,7 @@
SAML2Response saml2Response = new SAML2Response();
PrivateKey privateKey = keyManager.getSigningKey();
- EncryptedElementType myEET = (EncryptedElementType) responseType.getAssertionOrEncryptedAssertion().get(0);
+ EncryptedElementType myEET = (EncryptedElementType) responseType.getAssertions().get(0).getEncryptedAssertion();
Document eetDoc = saml2Response.convert(myEET);
Element decryptedDocumentElement = XMLEncryptionUtil.decryptElementInDocument(eetDoc,privateKey);
@@ -200,10 +198,6 @@
//Let us use the encrypted doc element to decrypt it
return saml2Response.getResponseType(DocumentUtil.getNodeAsStream(decryptedDocumentElement));
}
- catch (JAXBException e)
- {
- throw new ConfigurationException(e);
- }
catch (Exception e)
{
throw new GeneralSecurityException(e);
Modified: federation/trunk/picketlink-bindings/src/main/java/org/picketlink/identity/federation/bindings/tomcat/sp/SPUtil.java
===================================================================
--- federation/trunk/picketlink-bindings/src/main/java/org/picketlink/identity/federation/bindings/tomcat/sp/SPUtil.java 2010-11-30 16:06:20 UTC (rev 569)
+++ federation/trunk/picketlink-bindings/src/main/java/org/picketlink/identity/federation/bindings/tomcat/sp/SPUtil.java 2010-11-30 16:07:32 UTC (rev 570)
@@ -25,8 +25,6 @@
import java.util.ArrayList;
import java.util.List;
-import javax.xml.bind.JAXBElement;
-
import org.apache.catalina.Context;
import org.apache.catalina.connector.Request;
import org.apache.catalina.realm.GenericPrincipal;
@@ -37,14 +35,16 @@
import org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLURIConstants;
import org.picketlink.identity.federation.core.saml.v2.exceptions.AssertionExpiredException;
import org.picketlink.identity.federation.core.saml.v2.util.AssertionUtil;
-import org.picketlink.identity.federation.saml.v2.assertion.AssertionType;
-import org.picketlink.identity.federation.saml.v2.assertion.AttributeStatementType;
-import org.picketlink.identity.federation.saml.v2.assertion.AttributeType;
-import org.picketlink.identity.federation.saml.v2.assertion.NameIDType;
-import org.picketlink.identity.federation.saml.v2.assertion.SubjectType;
-import org.picketlink.identity.federation.saml.v2.protocol.AuthnRequestType;
-import org.picketlink.identity.federation.saml.v2.protocol.ResponseType;
-import org.picketlink.identity.federation.saml.v2.protocol.StatusType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AssertionType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AttributeStatementType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AttributeStatementType.ASTChoiceType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AttributeType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.NameIDType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.SubjectType;
+import org.picketlink.identity.federation.newmodel.saml.v2.protocol.AuthnRequestType;
+import org.picketlink.identity.federation.newmodel.saml.v2.protocol.ResponseType;
+import org.picketlink.identity.federation.newmodel.saml.v2.protocol.ResponseType.RTChoiceType;
+import org.picketlink.identity.federation.newmodel.saml.v2.protocol.StatusType;
/**
* Common code useful for a SP
@@ -79,8 +79,7 @@
* @param serverEnvironment tomcat,jboss etc
* @return
* @throws AssertionExpiredException
- */
- @SuppressWarnings("unchecked")
+ */
public Principal handleSAMLResponse(Request request, ResponseType responseType)
throws ConfigurationException, AssertionExpiredException
{
@@ -93,35 +92,36 @@
if(statusType == null)
throw new IllegalArgumentException("Status Type from the IDP is null");
- String statusValue = statusType.getStatusCode().getValue();
+ String statusValue = statusType.getStatusCode().getValue().toASCIIString();
if(JBossSAMLURIConstants.STATUS_SUCCESS.get().equals(statusValue) == false)
throw new SecurityException("IDP forbid the user");
- List<Object> assertions = responseType.getAssertionOrEncryptedAssertion();
+ List<RTChoiceType> assertions = responseType.getAssertions();
if(assertions.size() == 0)
throw new IllegalStateException("No assertions in reply from IDP");
- AssertionType assertion = (AssertionType)assertions.get(0);
+ AssertionType assertion = assertions.get(0).getAssertion();
//Check for validity of assertion
boolean expiredAssertion = AssertionUtil.hasExpired(assertion);
if(expiredAssertion)
throw new AssertionExpiredException();
SubjectType subject = assertion.getSubject();
- JAXBElement<NameIDType> jnameID = (JAXBElement<NameIDType>) subject.getContent().get(0);
- NameIDType nameID = jnameID.getValue();
+
+ //JAXBElement<NameIDType> jnameID = (JAXBElement<NameIDType>) subject.getContent().get(0);
+ NameIDType nameID = (NameIDType) subject.getSubType().getBaseID();
String userName = nameID.getValue();
List<String> roles = new ArrayList<String>();
//Set it on a thread local for JBID integrators
- StatementLocal.statements.set(assertion.getStatementOrAuthnStatementOrAuthzDecisionStatement());
+ StatementLocal.statements.set(assertion.getStatements() );
//Let us get the roles
- AttributeStatementType attributeStatement = (AttributeStatementType) assertion.getStatementOrAuthnStatementOrAuthzDecisionStatement().get(0);
- List<Object> attList = attributeStatement.getAttributeOrEncryptedAttribute();
- for(Object obj:attList)
+ AttributeStatementType attributeStatement = (AttributeStatementType) assertion.getStatements().iterator().next();
+ List<ASTChoiceType> attList = attributeStatement.getAttributes();
+ for( ASTChoiceType obj:attList)
{
- AttributeType attr = (AttributeType) obj;
+ AttributeType attr = (AttributeType) obj.getAttribute();
String roleName = (String) attr.getAttributeValue().get(0);
roles.add(roleName);
}
Modified: federation/trunk/picketlink-bindings/src/test/java/org/picketlink/test/identity/federation/bindings/util/RedirectBindingSignatureUtilTestCase.java
===================================================================
--- federation/trunk/picketlink-bindings/src/test/java/org/picketlink/test/identity/federation/bindings/util/RedirectBindingSignatureUtilTestCase.java 2010-11-30 16:06:20 UTC (rev 569)
+++ federation/trunk/picketlink-bindings/src/test/java/org/picketlink/test/identity/federation/bindings/util/RedirectBindingSignatureUtilTestCase.java 2010-11-30 16:07:32 UTC (rev 570)
@@ -31,7 +31,7 @@
import org.picketlink.identity.federation.core.saml.v2.factories.JBossSAMLAuthnRequestFactory;
import org.picketlink.identity.federation.core.saml.v2.util.SignatureUtil;
import org.picketlink.identity.federation.core.util.KeyStoreUtil;
-import org.picketlink.identity.federation.saml.v2.protocol.AuthnRequestType;
+import org.picketlink.identity.federation.newmodel.saml.v2.protocol.AuthnRequestType;
import org.picketlink.identity.federation.web.util.RedirectBindingSignatureUtil;
/**
Modified: federation/trunk/picketlink-bindings/src/test/java/org/picketlink/test/identity/federation/bindings/util/RedirectBindingUtilTestCase.java
===================================================================
--- federation/trunk/picketlink-bindings/src/test/java/org/picketlink/test/identity/federation/bindings/util/RedirectBindingUtilTestCase.java 2010-11-30 16:06:20 UTC (rev 569)
+++ federation/trunk/picketlink-bindings/src/test/java/org/picketlink/test/identity/federation/bindings/util/RedirectBindingUtilTestCase.java 2010-11-30 16:07:32 UTC (rev 570)
@@ -30,8 +30,8 @@
import org.picketlink.identity.federation.api.saml.v2.request.SAML2Request;
import org.picketlink.identity.federation.core.saml.v2.common.IDGenerator;
import org.picketlink.identity.federation.core.saml.v2.factories.JBossSAMLAuthnRequestFactory;
-import org.picketlink.identity.federation.saml.v2.protocol.AuthnRequestType;
-import org.picketlink.identity.federation.saml.v2.protocol.RequestAbstractType;
+import org.picketlink.identity.federation.newmodel.saml.v2.protocol.AuthnRequestType;
+import org.picketlink.identity.federation.newmodel.saml.v2.protocol.RequestAbstractType;
import org.picketlink.identity.federation.web.util.RedirectBindingUtil;
/**
Modified: federation/trunk/picketlink-bindings/src/test/java/org/picketlink/test/identity/federation/bindings/workflow/SAML2LogoutTomcatWorkflowUnitTestCase.java
===================================================================
--- federation/trunk/picketlink-bindings/src/test/java/org/picketlink/test/identity/federation/bindings/workflow/SAML2LogoutTomcatWorkflowUnitTestCase.java 2010-11-30 16:06:20 UTC (rev 569)
+++ federation/trunk/picketlink-bindings/src/test/java/org/picketlink/test/identity/federation/bindings/workflow/SAML2LogoutTomcatWorkflowUnitTestCase.java 2010-11-30 16:07:32 UTC (rev 570)
@@ -41,7 +41,7 @@
import org.picketlink.identity.federation.api.saml.v2.response.SAML2Response;
import org.picketlink.identity.federation.bindings.tomcat.idp.IDPWebBrowserSSOValve;
import org.picketlink.identity.federation.bindings.tomcat.sp.SPRedirectFormAuthenticator;
-import org.picketlink.identity.federation.saml.v2.protocol.LogoutRequestType;
+import org.picketlink.identity.federation.newmodel.saml.v2.protocol.LogoutRequestType;
import org.picketlink.identity.federation.saml.v2.protocol.StatusResponseType;
import org.picketlink.identity.federation.web.constants.GeneralConstants;
import org.picketlink.identity.federation.web.core.IdentityServer;
Modified: federation/trunk/picketlink-bindings/src/test/java/org/picketlink/test/identity/federation/bindings/workflow/SAML2PostTomcatWorkflowUnitTestCase.java
===================================================================
--- federation/trunk/picketlink-bindings/src/test/java/org/picketlink/test/identity/federation/bindings/workflow/SAML2PostTomcatWorkflowUnitTestCase.java 2010-11-30 16:06:20 UTC (rev 569)
+++ federation/trunk/picketlink-bindings/src/test/java/org/picketlink/test/identity/federation/bindings/workflow/SAML2PostTomcatWorkflowUnitTestCase.java 2010-11-30 16:07:32 UTC (rev 570)
@@ -43,8 +43,8 @@
import org.picketlink.identity.federation.core.saml.v2.common.IDGenerator;
import org.picketlink.identity.federation.core.saml.v2.util.DocumentUtil;
import org.picketlink.identity.federation.core.util.Base64;
-import org.picketlink.identity.federation.saml.v2.protocol.AuthnRequestType;
-import org.picketlink.identity.federation.saml.v2.protocol.ResponseType;
+import org.picketlink.identity.federation.newmodel.saml.v2.protocol.AuthnRequestType;
+import org.picketlink.identity.federation.newmodel.saml.v2.protocol.ResponseType;
import org.picketlink.identity.federation.web.constants.GeneralConstants;
import org.picketlink.identity.federation.web.core.IdentityServer;
import org.picketlink.identity.federation.web.util.PostBindingUtil;
@@ -197,4 +197,4 @@
server.sessionCreated(new HttpSessionEvent(session));
return server;
}
-}
+}
\ No newline at end of file
Modified: federation/trunk/picketlink-bindings-jboss/src/main/java/org/picketlink/identity/federation/bindings/jboss/auth/SAML20TokenRoleAttributeProvider.java
===================================================================
--- federation/trunk/picketlink-bindings-jboss/src/main/java/org/picketlink/identity/federation/bindings/jboss/auth/SAML20TokenRoleAttributeProvider.java 2010-11-30 16:06:20 UTC (rev 569)
+++ federation/trunk/picketlink-bindings-jboss/src/main/java/org/picketlink/identity/federation/bindings/jboss/auth/SAML20TokenRoleAttributeProvider.java 2010-11-30 16:07:32 UTC (rev 570)
@@ -10,9 +10,10 @@
import org.apache.log4j.Logger;
import org.jboss.security.SecurityContextAssociation;
-import org.picketlink.identity.federation.core.wstrust.plugins.saml.SAML20TokenAttributeProvider;
-import org.picketlink.identity.federation.saml.v2.assertion.AttributeStatementType;
-import org.picketlink.identity.federation.saml.v2.assertion.AttributeType;
+import org.picketlink.identity.federation.core.wstrust.plugins.saml.SAML20TokenAttributeProvider;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AttributeStatementType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AttributeStatementType.ASTChoiceType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AttributeType;
/**
* <p>
@@ -85,7 +86,7 @@
AttributeStatementType attributeStatement = new AttributeStatementType();
AttributeType rolesAttribute = new AttributeType();
rolesAttribute.setName(tokenRoleAttributeName);
- attributeStatement.getAttributeOrEncryptedAttribute().add(rolesAttribute);
+ attributeStatement.addAttribute( new ASTChoiceType(rolesAttribute) );
List<Object> roles = rolesAttribute.getAttributeValue();
for( Principal rolePrincipal : subject.getPrincipals() )
Modified: federation/trunk/picketlink-bindings-jboss/src/main/java/org/picketlink/identity/federation/bindings/jboss/auth/SAML2STSLoginModule.java
===================================================================
--- federation/trunk/picketlink-bindings-jboss/src/main/java/org/picketlink/identity/federation/bindings/jboss/auth/SAML2STSLoginModule.java 2010-11-30 16:06:20 UTC (rev 569)
+++ federation/trunk/picketlink-bindings-jboss/src/main/java/org/picketlink/identity/federation/bindings/jboss/auth/SAML2STSLoginModule.java 2010-11-30 16:07:32 UTC (rev 570)
@@ -32,23 +32,24 @@
import javax.security.auth.callback.Callback;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.login.LoginException;
-import javax.xml.bind.JAXBElement;
import org.jboss.security.auth.callback.ObjectCallback;
import org.jboss.security.auth.spi.AbstractServerLoginModule;
import org.picketlink.identity.federation.bindings.jboss.subject.PicketLinkGroup;
import org.picketlink.identity.federation.bindings.jboss.subject.PicketLinkPrincipal;
import org.picketlink.identity.federation.core.wstrust.STSClient;
+import org.picketlink.identity.federation.core.wstrust.STSClientConfig.Builder;
import org.picketlink.identity.federation.core.wstrust.SamlCredential;
import org.picketlink.identity.federation.core.wstrust.WSTrustException;
-import org.picketlink.identity.federation.core.wstrust.STSClientConfig.Builder;
import org.picketlink.identity.federation.core.wstrust.plugins.saml.SAMLUtil;
-import org.picketlink.identity.federation.saml.v2.assertion.AssertionType;
-import org.picketlink.identity.federation.saml.v2.assertion.AttributeStatementType;
-import org.picketlink.identity.federation.saml.v2.assertion.AttributeType;
-import org.picketlink.identity.federation.saml.v2.assertion.NameIDType;
-import org.picketlink.identity.federation.saml.v2.assertion.StatementAbstractType;
-import org.picketlink.identity.federation.saml.v2.assertion.SubjectType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AssertionType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AttributeStatementType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AttributeStatementType.ASTChoiceType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AttributeType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.BaseIDAbstractType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.NameIDType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.StatementAbstractType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.SubjectType;
import org.w3c.dom.Element;
/**
@@ -183,15 +184,22 @@
SubjectType subject = assertion.getSubject();
if (subject != null)
{
- for (JAXBElement<?> element : subject.getContent())
+ BaseIDAbstractType baseID = subject.getSubType().getBaseID();
+ if( baseID instanceof NameIDType )
{
+ NameIDType nameID = (NameIDType) baseID;
+ this.principal = new PicketLinkPrincipal(nameID.getValue());
+ }
+
+ /*for (JAXBElement<?> element : subject.getContent())
+ {
if (element.getDeclaredType().equals(NameIDType.class))
{
NameIDType nameID = (NameIDType) element.getValue();
this.principal = new PicketLinkPrincipal(nameID.getValue());
break;
}
- }
+ }*/
}
}
catch (Exception e)
@@ -246,12 +254,12 @@
if (attributeStatement != null)
{
Set<Principal> roles = new HashSet<Principal>();
- List<Object> attributeList = attributeStatement.getAttributeOrEncryptedAttribute();
- for (Object obj : attributeList)
+ List<ASTChoiceType> attributeList = attributeStatement.getAttributes();
+ for ( ASTChoiceType obj : attributeList )
{
- if (obj instanceof AttributeType)
+ AttributeType attribute = obj.getAttribute();
+ if( attribute != null )
{
- AttributeType attribute = (AttributeType) obj;
// if this is a role attribute, get its values and add them to the role set.
if (attribute.getName().equals("role"))
{
@@ -280,7 +288,7 @@
*/
private AttributeStatementType getAttributeStatement(AssertionType assertion)
{
- List<StatementAbstractType> statementList = assertion.getStatementOrAuthnStatementOrAuthzDecisionStatement();
+ Set<StatementAbstractType> statementList = assertion.getStatements();
if (statementList.size() != 0)
{
for (StatementAbstractType statement : statementList)
Modified: federation/trunk/picketlink-bindings-jboss/src/main/java/org/picketlink/identity/federation/bindings/jboss/auth/mapping/STSGroupMappingProvider.java
===================================================================
--- federation/trunk/picketlink-bindings-jboss/src/main/java/org/picketlink/identity/federation/bindings/jboss/auth/mapping/STSGroupMappingProvider.java 2010-11-30 16:06:20 UTC (rev 569)
+++ federation/trunk/picketlink-bindings-jboss/src/main/java/org/picketlink/identity/federation/bindings/jboss/auth/mapping/STSGroupMappingProvider.java 2010-11-30 16:07:32 UTC (rev 570)
@@ -2,6 +2,7 @@
import java.util.List;
import java.util.Map;
+import java.util.Set;
import javax.xml.bind.JAXBException;
@@ -14,10 +15,11 @@
import org.picketlink.identity.federation.bindings.jboss.auth.SAML20TokenRoleAttributeProvider;
import org.picketlink.identity.federation.core.wstrust.auth.AbstractSTSLoginModule;
import org.picketlink.identity.federation.core.wstrust.plugins.saml.SAMLUtil;
-import org.picketlink.identity.federation.saml.v2.assertion.AssertionType;
-import org.picketlink.identity.federation.saml.v2.assertion.AttributeStatementType;
-import org.picketlink.identity.federation.saml.v2.assertion.AttributeType;
-import org.picketlink.identity.federation.saml.v2.assertion.StatementAbstractType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AssertionType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AttributeStatementType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AttributeStatementType.ASTChoiceType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AttributeType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.StatementAbstractType;
import org.w3c.dom.Element;
/**
@@ -112,11 +114,23 @@
if (attributeStatement != null)
{
RoleGroup rolesGroup = new SimpleRoleGroup(SAML20TokenRoleAttributeProvider.JBOSS_ROLE_PRINCIPAL_NAME);
- List<Object> attributeList = attributeStatement.getAttributeOrEncryptedAttribute();
- for (Object obj : attributeList)
+ List<ASTChoiceType> attributeList = attributeStatement.getAttributes();
+ for ( ASTChoiceType obj : attributeList)
{
- if (obj instanceof AttributeType)
+ AttributeType attribute = obj.getAttribute();
+ if( attribute != null )
{
+ // if this is a role attribute, get its values and add them to the role set.
+ if (tokenRoleAttributeName.equals(attribute.getName()))
+ {
+ for (Object value : attribute.getAttributeValue())
+ {
+ rolesGroup.addRole(new SimpleRole((String) value));
+ }
+ }
+ }
+ /*if (obj instanceof AttributeType)
+ {
AttributeType attribute = (AttributeType) obj;
// if this is a role attribute, get its values and add them to the role set.
if (tokenRoleAttributeName.equals(attribute.getName()))
@@ -126,7 +140,7 @@
rolesGroup.addRole(new SimpleRole((String) value));
}
}
- }
+ }*/
}
result.setMappedObject(rolesGroup);
if (log.isDebugEnabled())
@@ -169,7 +183,7 @@
*/
private AttributeStatementType getAttributeStatement(AssertionType assertion)
{
- List<StatementAbstractType> statementList = assertion.getStatementOrAuthnStatementOrAuthzDecisionStatement();
+ Set<StatementAbstractType> statementList = assertion.getStatements();
if (statementList.size() != 0)
{
for (StatementAbstractType statement : statementList)
@@ -180,4 +194,4 @@
}
return null;
}
-}
+}
\ No newline at end of file
Modified: federation/trunk/picketlink-bindings-jboss/src/main/java/org/picketlink/identity/federation/bindings/jboss/auth/mapping/STSPrincipalMappingProvider.java
===================================================================
--- federation/trunk/picketlink-bindings-jboss/src/main/java/org/picketlink/identity/federation/bindings/jboss/auth/mapping/STSPrincipalMappingProvider.java 2010-11-30 16:06:20 UTC (rev 569)
+++ federation/trunk/picketlink-bindings-jboss/src/main/java/org/picketlink/identity/federation/bindings/jboss/auth/mapping/STSPrincipalMappingProvider.java 2010-11-30 16:07:32 UTC (rev 570)
@@ -3,7 +3,6 @@
import java.security.Principal;
import java.util.Map;
-import javax.xml.bind.JAXBElement;
import javax.xml.bind.JAXBException;
import org.apache.log4j.Logger;
@@ -12,9 +11,10 @@
import org.jboss.security.mapping.providers.principal.AbstractPrincipalMappingProvider;
import org.picketlink.identity.federation.core.wstrust.auth.AbstractSTSLoginModule;
import org.picketlink.identity.federation.core.wstrust.plugins.saml.SAMLUtil;
-import org.picketlink.identity.federation.saml.v2.assertion.AssertionType;
-import org.picketlink.identity.federation.saml.v2.assertion.NameIDType;
-import org.picketlink.identity.federation.saml.v2.assertion.SubjectType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AssertionType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.BaseIDAbstractType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.NameIDType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.SubjectType;
import org.w3c.dom.Element;
/**
@@ -75,8 +75,20 @@
SubjectType subject = assertion.getSubject();
if (subject != null)
{
- for (JAXBElement<?> element : subject.getContent())
+ BaseIDAbstractType baseID = subject.getSubType().getBaseID();
+ if( baseID != null && baseID instanceof NameIDType )
{
+ NameIDType nameID = (NameIDType) baseID;
+ Principal mappedPrincipal = new SimplePrincipal(nameID.getValue());
+ result.setMappedObject(mappedPrincipal);
+ if (log.isDebugEnabled())
+ {
+ log.debug("Mapped principal to " + mappedPrincipal);
+ }
+ return;
+ }
+ /*for (JAXBElement<?> element : subject.getContent())
+ {
if (element.getDeclaredType().equals(NameIDType.class))
{
NameIDType nameID = (NameIDType) element.getValue();
@@ -88,7 +100,7 @@
}
return;
}
- }
+ }*/
}
}
catch (JAXBException e)
Modified: federation/trunk/picketlink-bindings-jboss/src/test/java/org/picketlink/test/identity/federation/bindings/jboss/auth/STSMappingProviderUnitTestCase.java
===================================================================
--- federation/trunk/picketlink-bindings-jboss/src/test/java/org/picketlink/test/identity/federation/bindings/jboss/auth/STSMappingProviderUnitTestCase.java 2010-11-30 16:06:20 UTC (rev 569)
+++ federation/trunk/picketlink-bindings-jboss/src/test/java/org/picketlink/test/identity/federation/bindings/jboss/auth/STSMappingProviderUnitTestCase.java 2010-11-30 16:07:32 UTC (rev 570)
@@ -25,9 +25,6 @@
import java.util.HashMap;
import java.util.Map;
-import javax.xml.bind.JAXBElement;
-import javax.xml.namespace.QName;
-
import junit.framework.TestCase;
import org.jboss.security.identity.RoleGroup;
@@ -36,14 +33,17 @@
import org.picketlink.identity.federation.bindings.jboss.auth.SAML20TokenRoleAttributeProvider;
import org.picketlink.identity.federation.bindings.jboss.auth.mapping.STSGroupMappingProvider;
import org.picketlink.identity.federation.bindings.jboss.auth.mapping.STSPrincipalMappingProvider;
-import org.picketlink.identity.federation.core.wstrust.WSTrustConstants;
+import org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLConstants;
+import org.picketlink.identity.federation.core.saml.v2.util.XMLTimeUtil;
import org.picketlink.identity.federation.core.wstrust.auth.AbstractSTSLoginModule;
import org.picketlink.identity.federation.core.wstrust.plugins.saml.SAMLUtil;
-import org.picketlink.identity.federation.saml.v2.assertion.AssertionType;
-import org.picketlink.identity.federation.saml.v2.assertion.AttributeStatementType;
-import org.picketlink.identity.federation.saml.v2.assertion.AttributeType;
-import org.picketlink.identity.federation.saml.v2.assertion.NameIDType;
-import org.picketlink.identity.federation.saml.v2.assertion.SubjectType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AssertionType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AttributeStatementType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AttributeStatementType.ASTChoiceType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AttributeType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.NameIDType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.SubjectType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.SubjectType.STSubType;
import org.w3c.dom.Element;
/**
@@ -75,11 +75,11 @@
String role1 = "userRole1";
String role2 = "userRole2";
- AssertionType assertion = new AssertionType();
+ AssertionType assertion = new AssertionType( "ID_SOME", XMLTimeUtil.getIssueInstant(), JBossSAMLConstants.VERSION_2_0.get());
AttributeStatementType attributeStatementType = new AttributeStatementType();
- assertion.getStatementOrAuthnStatementOrAuthzDecisionStatement().add(attributeStatementType);
+ assertion.addStatement( attributeStatementType );
AttributeType attributeType = new AttributeType();
- attributeStatementType.getAttributeOrEncryptedAttribute().add(attributeType);
+ attributeStatementType.addAttribute( new ASTChoiceType(attributeType));
attributeType.setName(roleAttributeName);
attributeType.getAttributeValue().add(role1);
attributeType.getAttributeValue().add(role2);
@@ -112,16 +112,19 @@
{
String userId = "babak";
- AssertionType assertion = new AssertionType();
+ AssertionType assertion = new AssertionType( "ID_SOME", XMLTimeUtil.getIssueInstant(), JBossSAMLConstants.VERSION_2_0.get() );
SubjectType subjectType = new SubjectType();
assertion.setSubject(subjectType);
- QName name = new QName(WSTrustConstants.SAML2_ASSERTION_NS, "NameID");
- Class<NameIDType> declaredType = NameIDType.class;
+ //QName name = new QName(WSTrustConstants.SAML2_ASSERTION_NS, "NameID");
NameIDType nameIDType = new NameIDType();
nameIDType.setValue(userId);
- JAXBElement<NameIDType> jaxbElement = new JAXBElement<NameIDType>(name, declaredType, JAXBElement.GlobalScope.class, nameIDType);
- subjectType.getContent().add(jaxbElement);
+ STSubType subType = new STSubType();
+ subType.addBaseID( nameIDType );
+ subjectType.setSubType( subType );
+ /*JAXBElement<NameIDType> jaxbElement = new JAXBElement<NameIDType>(name, declaredType, JAXBElement.GlobalScope.class, nameIDType);
+ subjectType.getContent().add(jaxbElement);*/
+
MappingResult<Principal> mappingResult = new MappingResult<Principal>();
Map<String, Object> contextMap = new HashMap<String, Object>();
Element assertionElement = SAMLUtil.toElement(assertion);
Modified: federation/trunk/picketlink-fed-api/src/main/java/org/picketlink/identity/federation/api/saml/v2/request/SAML2Request.java
===================================================================
--- federation/trunk/picketlink-fed-api/src/main/java/org/picketlink/identity/federation/api/saml/v2/request/SAML2Request.java 2010-11-30 16:06:20 UTC (rev 569)
+++ federation/trunk/picketlink-fed-api/src/main/java/org/picketlink/identity/federation/api/saml/v2/request/SAML2Request.java 2010-11-30 16:07:32 UTC (rev 570)
@@ -21,17 +21,16 @@
*/
package org.picketlink.identity.federation.api.saml.v2.request;
+import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.io.Writer;
-import javax.xml.bind.Binder;
import javax.xml.bind.JAXBContext;
import javax.xml.bind.JAXBElement;
import javax.xml.bind.JAXBException;
-import javax.xml.bind.Marshaller;
import javax.xml.bind.Unmarshaller;
import javax.xml.parsers.ParserConfigurationException;
@@ -44,22 +43,20 @@
import org.picketlink.identity.federation.core.saml.v2.common.SAMLDocumentHolder;
import org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLConstants;
import org.picketlink.identity.federation.core.saml.v2.factories.JBossSAMLAuthnRequestFactory;
-import org.picketlink.identity.federation.core.saml.v2.factories.JBossSAMLBaseFactory;
import org.picketlink.identity.federation.core.saml.v2.util.DocumentUtil;
-import org.picketlink.identity.federation.core.saml.v2.util.JAXBElementMappingUtil;
import org.picketlink.identity.federation.core.saml.v2.util.XMLTimeUtil;
import org.picketlink.identity.federation.core.saml.v2.writers.SAMLRequestWriter;
+import org.picketlink.identity.federation.core.saml.v2.writers.SAMLResponseWriter;
import org.picketlink.identity.federation.core.util.JAXBUtil;
import org.picketlink.identity.federation.core.util.StaxUtil;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.NameIDType;
+import org.picketlink.identity.federation.newmodel.saml.v2.profiles.xacml.protocol.XACMLAuthzDecisionQueryType;
+import org.picketlink.identity.federation.newmodel.saml.v2.protocol.AuthnRequestType;
+import org.picketlink.identity.federation.newmodel.saml.v2.protocol.LogoutRequestType;
+import org.picketlink.identity.federation.newmodel.saml.v2.protocol.RequestAbstractType;
+import org.picketlink.identity.federation.newmodel.saml.v2.protocol.ResponseType;
import org.picketlink.identity.federation.saml.v2.SAML2Object;
-import org.picketlink.identity.federation.saml.v2.assertion.NameIDType;
-import org.picketlink.identity.federation.saml.v2.profiles.xacml.protocol.XACMLAuthzDecisionQueryType;
-import org.picketlink.identity.federation.saml.v2.protocol.AuthnRequestType;
-import org.picketlink.identity.federation.saml.v2.protocol.LogoutRequestType;
-import org.picketlink.identity.federation.saml.v2.protocol.RequestAbstractType;
-import org.picketlink.identity.federation.saml.v2.protocol.ResponseType;
import org.w3c.dom.Document;
-import org.w3c.dom.Node;
import org.xml.sax.SAXException;
/**
@@ -92,33 +89,23 @@
/**
* Get AuthnRequestType from a file
* @param fileName file with the serialized AuthnRequestType
- * @return AuthnRequestType
- * @throws SAXException
- * @throws JAXBException
+ * @return AuthnRequestType
+ * @throws ParsingException
+ * @throws ProcessingException
+ * @throws ConfigurationException
* @throws IllegalArgumentException if the input fileName is null
* IllegalStateException if the InputStream from the fileName is null
*/
- public AuthnRequestType getAuthnRequestType(String fileName) throws JAXBException, SAXException
+ public AuthnRequestType getAuthnRequestType(String fileName) throws ConfigurationException, ProcessingException, ParsingException
{
if(fileName == null)
throw new IllegalArgumentException("fileName is null");
ClassLoader tcl = SecurityActions.getContextClassLoader();
InputStream is = tcl.getResourceAsStream(fileName);
return getAuthnRequestType(is);
- }
+ }
/**
- * Get the Binder
- * @return
- * @throws JAXBException
- */
- public Binder<Node> getBinder() throws JAXBException
- {
- JAXBContext jaxb = JAXBUtil.getJAXBContext(RequestAbstractType.class);
- return jaxb.createBinder();
- }
-
- /**
* Get the Underlying SAML2Object from the input stream
* @param is
* @return
@@ -160,49 +147,51 @@
* @throws ConfigurationException
* @throws
* @throws IllegalArgumentException inputstream is null
- */
- @SuppressWarnings("unchecked")
+ */
public RequestAbstractType getRequestType(InputStream is)
throws ParsingException, ConfigurationException, ProcessingException
{
if(is == null)
throw new IllegalStateException("InputStream is null");
-
- Document samlDocument = DocumentUtil.getDocument(is);
-
- try
- {
- Binder<Node> binder = getBinder();
+
+ Document samlDocument = DocumentUtil.getDocument( is );
+
+ SAMLParser samlParser = new SAMLParser();
+ RequestAbstractType requestType = (RequestAbstractType) samlParser.parse( DocumentUtil.getNodeAsStream(samlDocument));
+
+ /*Binder<Node> binder = getBinder();
JAXBElement<RequestAbstractType> jaxbAuthnRequestType = (JAXBElement<RequestAbstractType>) binder.unmarshal(samlDocument);
- RequestAbstractType requestType = jaxbAuthnRequestType.getValue();
- samlDocumentHolder = new SAMLDocumentHolder(requestType, samlDocument);
- return requestType;
- }
- catch (JAXBException e)
- {
- throw new ParsingException(e);
- }
+ RequestAbstractType requestType = jaxbAuthnRequestType.getValue();*/
+ samlDocumentHolder = new SAMLDocumentHolder(requestType, samlDocument);
+ return requestType;
}
/**
* Get the AuthnRequestType from an input stream
* @param is Inputstream containing the AuthnRequest
- * @return
- * @throws SAXException
- * @throws JAXBException
+ * @return
+ * @throws ParsingException
+ * @throws ProcessingException
+ * @throws ConfigurationException
* @throws IllegalArgumentException inputstream is null
- */
- @SuppressWarnings("unchecked")
- public AuthnRequestType getAuthnRequestType(InputStream is) throws JAXBException, SAXException
+ */
+ public AuthnRequestType getAuthnRequestType(InputStream is) throws ConfigurationException, ProcessingException, ParsingException
{
if(is == null)
throw new IllegalStateException("InputStream is null");
String key = PicketLinkFederationConstants.JAXB_SCHEMA_VALIDATION;
- boolean validate = Boolean.parseBoolean(SecurityActions.getSystemProperty(key, "false"));
+ //boolean validate = Boolean.parseBoolean(SecurityActions.getSystemProperty(key, "false"));
- Unmarshaller un = JBossSAMLAuthnRequestFactory.getValidatingUnmarshaller(validate);
+ Document samlDocument = DocumentUtil.getDocument( is );
+
+ SAMLParser samlParser = new SAMLParser();
+ AuthnRequestType requestType = (AuthnRequestType) samlParser.parse( DocumentUtil.getNodeAsStream(samlDocument));
+ samlDocumentHolder = new SAMLDocumentHolder(requestType, samlDocument);
+ return requestType;
+
+ /*Unmarshaller un = JBossSAMLAuthnRequestFactory.getValidatingUnmarshaller(validate);
JAXBElement<AuthnRequestType> jaxbAuthnRequestType = (JAXBElement<AuthnRequestType>) un.unmarshal(is);
- return jaxbAuthnRequestType.getValue();
+ return jaxbAuthnRequestType.getValue();*/
}
@@ -222,17 +211,16 @@
* @throws ConfigurationException
*/
public LogoutRequestType createLogoutRequest(String issuer) throws ConfigurationException
- {
- org.picketlink.identity.federation.saml.v2.protocol.ObjectFactory of
- = new org.picketlink.identity.federation.saml.v2.protocol.ObjectFactory();
- LogoutRequestType lrt = of.createLogoutRequestType();
+ {
+ LogoutRequestType lrt = new LogoutRequestType();
lrt.setID(IDGenerator.create("ID_"));
lrt.setIssueInstant(XMLTimeUtil.getIssueInstant());
lrt.setVersion( JBossSAMLConstants.VERSION_2_0.get() );
//Create an issuer
- NameIDType issuerNameID = JBossSAMLBaseFactory.createNameID();
+ NameIDType issuerNameID = new NameIDType();
issuerNameID.setValue(issuer);
+
lrt.setIssuer(issuerNameID);
return lrt;
@@ -323,14 +311,14 @@
* @throws JAXBException
* @throws ParserConfigurationException
*/
- public Document convert(ResponseType responseType) throws JAXBException, ConfigurationException
+ public Document convert( ResponseType responseType) throws ProcessingException, ParsingException, ConfigurationException
{
- JAXBContext jaxb = JAXBUtil.getJAXBContext(ResponseType.class);
- Binder<Node> binder = jaxb.createBinder();
+ ByteArrayOutputStream baos = new ByteArrayOutputStream();
+ SAMLResponseWriter writer = new SAMLResponseWriter(StaxUtil.getXMLStreamWriter(baos));
+ writer.write( responseType );
- Document doc = DocumentUtil.createDocument();
- binder.marshal(JAXBElementMappingUtil.get(responseType), doc);
- return doc;
+ ByteArrayInputStream bis = new ByteArrayInputStream( baos.toByteArray() );
+ return DocumentUtil.getDocument(bis);
}
/**
@@ -340,14 +328,26 @@
* @throws JAXBException
* @throws SAXException
*/
- public void marshall(RequestAbstractType requestType, OutputStream os) throws SAXException, JAXBException
+ public void marshall(RequestAbstractType requestType, OutputStream os) throws ProcessingException
{
- String key = PicketLinkFederationConstants.JAXB_SCHEMA_VALIDATION;
+ /*String key = PicketLinkFederationConstants.JAXB_SCHEMA_VALIDATION;
boolean validate = Boolean.parseBoolean(SecurityActions.getSystemProperty(key, "false"));
Marshaller marshaller = JBossSAMLAuthnRequestFactory.getValidatingMarshaller(validate);
JAXBElement<?> j = JAXBElementMappingUtil.get(requestType);
marshaller.marshal(j, os);
+ */
+ SAMLRequestWriter samlRequestWriter = new SAMLRequestWriter( StaxUtil.getXMLStreamWriter(os));
+ if( requestType instanceof AuthnRequestType )
+ {
+ samlRequestWriter.write((AuthnRequestType)requestType );
+ }
+ else if( requestType instanceof LogoutRequestType )
+ {
+ samlRequestWriter.write((LogoutRequestType)requestType );
+ }
+ else
+ throw new RuntimeException( "Unsupported" );
}
/**
@@ -357,13 +357,25 @@
* @throws JAXBException
* @throws SAXException
*/
- public void marshall(RequestAbstractType requestType, Writer writer) throws SAXException, JAXBException
+ public void marshall(RequestAbstractType requestType, Writer writer) throws ProcessingException
{
- String key = PicketLinkFederationConstants.JAXB_SCHEMA_VALIDATION;
+ /*String key = PicketLinkFederationConstants.JAXB_SCHEMA_VALIDATION;
boolean validate = Boolean.parseBoolean(SecurityActions.getSystemProperty(key, "false"));
Marshaller marshaller = JBossSAMLAuthnRequestFactory.getValidatingMarshaller(validate);
JAXBElement<?> j = JAXBElementMappingUtil.get(requestType);
- marshaller.marshal(j, writer);
+ marshaller.marshal(j, writer);*/
+
+ SAMLRequestWriter samlRequestWriter = new SAMLRequestWriter( StaxUtil.getXMLStreamWriter( writer ));
+ if( requestType instanceof AuthnRequestType )
+ {
+ samlRequestWriter.write((AuthnRequestType)requestType );
+ }
+ else if( requestType instanceof LogoutRequestType )
+ {
+ samlRequestWriter.write((LogoutRequestType)requestType );
+ }
+ else
+ throw new RuntimeException( "Unsupported" );
}
}
\ No newline at end of file
Modified: federation/trunk/picketlink-fed-api/src/main/java/org/picketlink/identity/federation/api/saml/v2/response/SAML2Response.java
===================================================================
--- federation/trunk/picketlink-fed-api/src/main/java/org/picketlink/identity/federation/api/saml/v2/response/SAML2Response.java 2010-11-30 16:06:20 UTC (rev 569)
+++ federation/trunk/picketlink-fed-api/src/main/java/org/picketlink/identity/federation/api/saml/v2/response/SAML2Response.java 2010-11-30 16:07:32 UTC (rev 570)
@@ -31,17 +31,11 @@
import java.io.Writer;
import java.util.Arrays;
-import javax.xml.bind.Binder;
-import javax.xml.bind.JAXBContext;
-import javax.xml.bind.JAXBElement;
import javax.xml.bind.JAXBException;
-import javax.xml.bind.Marshaller;
-import javax.xml.bind.Unmarshaller;
import javax.xml.datatype.XMLGregorianCalendar;
import javax.xml.namespace.QName;
import javax.xml.parsers.ParserConfigurationException;
-import org.picketlink.identity.federation.core.constants.PicketLinkFederationConstants;
import org.picketlink.identity.federation.core.exceptions.ConfigurationException;
import org.picketlink.identity.federation.core.exceptions.ParsingException;
import org.picketlink.identity.federation.core.exceptions.ProcessingException;
@@ -50,33 +44,29 @@
import org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLURIConstants;
import org.picketlink.identity.federation.core.saml.v2.exceptions.IssueInstantMissingException;
import org.picketlink.identity.federation.core.saml.v2.factories.JBossSAMLAuthnResponseFactory;
-import org.picketlink.identity.federation.core.saml.v2.factories.SAMLAssertionFactory;
-import org.picketlink.identity.federation.core.saml.v2.factories.SAMLProtocolFactory;
import org.picketlink.identity.federation.core.saml.v2.holders.IDPInfoHolder;
import org.picketlink.identity.federation.core.saml.v2.holders.IssuerInfoHolder;
import org.picketlink.identity.federation.core.saml.v2.holders.SPInfoHolder;
import org.picketlink.identity.federation.core.saml.v2.util.AssertionUtil;
import org.picketlink.identity.federation.core.saml.v2.util.DocumentUtil;
-import org.picketlink.identity.federation.core.saml.v2.util.JAXBElementMappingUtil;
import org.picketlink.identity.federation.core.saml.v2.writers.SAMLResponseWriter;
-import org.picketlink.identity.federation.core.util.JAXBUtil;
+import org.picketlink.identity.federation.core.util.NetworkUtil;
import org.picketlink.identity.federation.core.util.StaxUtil;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.ActionType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AssertionType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AuthnContextType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AuthnStatementType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AuthzDecisionStatementType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.DecisionType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.EncryptedAssertionType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.EncryptedElementType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.EvidenceType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.NameIDType;
+import org.picketlink.identity.federation.newmodel.saml.v2.protocol.ResponseType;
+import org.picketlink.identity.federation.newmodel.saml.v2.protocol.StatusResponseType;
import org.picketlink.identity.federation.saml.v2.SAML2Object;
-import org.picketlink.identity.federation.saml.v2.assertion.ActionType;
-import org.picketlink.identity.federation.saml.v2.assertion.AssertionType;
-import org.picketlink.identity.federation.saml.v2.assertion.AuthnContextType;
-import org.picketlink.identity.federation.saml.v2.assertion.AuthnStatementType;
-import org.picketlink.identity.federation.saml.v2.assertion.AuthzDecisionStatementType;
-import org.picketlink.identity.federation.saml.v2.assertion.DecisionType;
-import org.picketlink.identity.federation.saml.v2.assertion.EncryptedElementType;
-import org.picketlink.identity.federation.saml.v2.assertion.EvidenceType;
-import org.picketlink.identity.federation.saml.v2.assertion.NameIDType;
-import org.picketlink.identity.federation.saml.v2.assertion.ObjectFactory;
-import org.picketlink.identity.federation.saml.v2.protocol.ResponseType;
-import org.picketlink.identity.federation.saml.v2.protocol.StatusResponseType;
import org.w3c.dom.Document;
import org.w3c.dom.Node;
-import org.xml.sax.SAXException;
/**
* API for dealing with SAML2 Response objects
@@ -106,13 +96,11 @@
*/
public AuthnStatementType createAuthnStatement(String authnContextDeclRef,
XMLGregorianCalendar issueInstant)
- {
- ObjectFactory objectFactory = SAMLAssertionFactory.getObjectFactory();
- AuthnStatementType authnStatement = objectFactory.createAuthnStatementType();
- authnStatement.setAuthnInstant(issueInstant);
- AuthnContextType act = objectFactory.createAuthnContextType();
+ {
+ AuthnStatementType authnStatement = new AuthnStatementType( issueInstant );
+ AuthnContextType act = new AuthnContextType();
String authContextDeclRef = JBossSAMLURIConstants.AC_PASSWORD_PROTECTED_TRANSPORT.get();
- act.getContent().add(objectFactory.createAuthnContextDeclRef(authContextDeclRef));
+ act.addAuthenticatingAuthority( NetworkUtil.createURI( authContextDeclRef ));
authnStatement.setAuthnContext(act);
return authnStatement;
}
@@ -129,9 +117,8 @@
DecisionType decision,
EvidenceType evidence,
ActionType... actions)
- {
- ObjectFactory objectFactory = SAMLAssertionFactory.getObjectFactory();
- AuthzDecisionStatementType authzDecST = objectFactory.createAuthzDecisionStatementType();
+ {
+ AuthzDecisionStatementType authzDecST = new AuthzDecisionStatementType();
authzDecST.setResource(resource);
authzDecST.setDecision(decision);
if(evidence != null)
@@ -199,37 +186,39 @@
/**
* Get an encrypted assertion from the stream
* @param is
- * @return
- * @throws SAXException
- * @throws JAXBException
- */
- @SuppressWarnings("unchecked")
- public EncryptedElementType getEncryptedAssertion(InputStream is) throws JAXBException, SAXException
+ * @return
+ * @throws ParsingException
+ */
+ public EncryptedAssertionType getEncryptedAssertion(InputStream is) throws ParsingException
{
if(is == null)
- throw new IllegalArgumentException("inputstream is null");
+ throw new IllegalArgumentException( "inputstream is null" );
- Unmarshaller un = JBossSAMLAuthnResponseFactory.getUnmarshaller();
+ SAMLParser samlParser = new SAMLParser();
+ return ( EncryptedAssertionType ) samlParser.parse(is);
+
+ /*Unmarshaller un = JBossSAMLAuthnResponseFactory.getUnmarshaller();
JAXBElement<EncryptedElementType> jaxb = (JAXBElement<EncryptedElementType>) un.unmarshal(is);
- return jaxb.getValue();
+ return jaxb.getValue(); */
}
/**
* Read an assertion from an input stream
* @param is
- * @return
- * @throws JAXBException
- * @throws SAXException
- */
- @SuppressWarnings("unchecked")
- public AssertionType getAssertionType(InputStream is) throws JAXBException, SAXException
+ * @return
+ * @throws ParsingException
+ */
+ public AssertionType getAssertionType(InputStream is) throws ParsingException
{
if(is == null)
- throw new IllegalArgumentException("inputstream is null");
+ throw new IllegalArgumentException( "inputstream is null" );
- Unmarshaller un = JBossSAMLAuthnResponseFactory.getUnmarshaller();
+ SAMLParser samlParser = new SAMLParser();
+ return (AssertionType) samlParser.parse(is);
+
+ /*Unmarshaller un = JBossSAMLAuthnResponseFactory.getUnmarshaller();
JAXBElement<AssertionType> jaxb = (JAXBElement<AssertionType>) un.unmarshal(is);
- return jaxb.getValue();
+ return jaxb.getValue(); */
}
/**
@@ -247,28 +236,24 @@
* @return
* @throws ParsingException
* @throws ConfigurationException
- */
- @SuppressWarnings("unchecked")
+ */
public ResponseType getResponseType(InputStream is)
throws ParsingException, ConfigurationException, ProcessingException
{
if(is == null)
throw new IllegalArgumentException("inputstream is null");
-
+
Document samlResponseDocument = DocumentUtil.getDocument(is);
-
- try
- {
- Binder<Node> binder = getBinder();
+
+ SAMLParser samlParser = new SAMLParser();
+ ResponseType responseType = (ResponseType) samlParser.parse( DocumentUtil.getNodeAsStream( samlResponseDocument ));
+
+
+ /*Binder<Node> binder = getBinder();
JAXBElement<ResponseType> jaxbResponseType = (JAXBElement<ResponseType>) binder.unmarshal(samlResponseDocument);
- ResponseType responseType = jaxbResponseType.getValue();
- samlDocumentHolder = new SAMLDocumentHolder(responseType, samlResponseDocument);
- return responseType;
- }
- catch (JAXBException e)
- {
- throw new ParsingException(e);
- }
+ ResponseType responseType = jaxbResponseType.getValue();*/
+ samlDocumentHolder = new SAMLDocumentHolder(responseType, samlResponseDocument);
+ return responseType;
}
@@ -311,33 +296,24 @@
/**
* Convert an EncryptedElement into a Document
* @param encryptedElementType
- * @return
- * @throws JAXBException
- * @throws ParserConfigurationException
+ * @return
+ * @throws ConfigurationException
*/
public Document convert(EncryptedElementType encryptedElementType)
- throws JAXBException, ConfigurationException
- {
- JAXBContext jaxb = JAXBUtil.getJAXBContext(EncryptedElementType.class);
+ throws ConfigurationException
+ {
+ /*JAXBContext jaxb = JAXBUtil.getJAXBContext(EncryptedElementType.class);
Binder<Node> binder = jaxb.createBinder();
-
+ */
Document doc = DocumentUtil.createDocument();
- binder.marshal(JAXBElementMappingUtil.get(encryptedElementType), doc);
+ Node importedNode = doc.importNode( encryptedElementType.getEncryptedElement(), true );
+ doc.appendChild(importedNode);
+
+ //binder.marshal(JAXBElementMappingUtil.get(encryptedElementType), doc);
return doc;
}
/**
- * Get the Binder
- * @return
- * @throws JAXBException
- */
- public Binder<Node> getBinder() throws JAXBException
- {
- JAXBContext jaxb = JAXBUtil.getJAXBContext(ResponseType.class);
- return jaxb.createBinder();
- }
-
- /**
* Convert a SAML2 Response into a Document
* @param responseType
* @return
@@ -349,7 +325,7 @@
public Document convert(StatusResponseType responseType) throws JAXBException, ConfigurationException*/
- public Document convert(StatusResponseType responseType) throws ProcessingException, ConfigurationException, ParsingException
+ public Document convert( StatusResponseType responseType) throws ProcessingException, ConfigurationException, ParsingException
{
ByteArrayOutputStream bos = new ByteArrayOutputStream();
@@ -385,12 +361,11 @@
*
* @param responseType
* @param os
- * @throws SAXException
- * @throws JAXBException
+ * @throws ProcessingException
*/
- public void marshall(ResponseType responseType, OutputStream os) throws JAXBException, SAXException
+ public void marshall(ResponseType responseType, OutputStream os) throws ProcessingException
{
- String key = PicketLinkFederationConstants.JAXB_SCHEMA_VALIDATION;
+ /*String key = PicketLinkFederationConstants.JAXB_SCHEMA_VALIDATION;
boolean validate = Boolean.parseBoolean(SecurityActions
.getSystemProperty(key, "false"));
@@ -398,20 +373,25 @@
.getValidatingMarshaller(validate);
JAXBElement<ResponseType> jaxb = SAMLProtocolFactory.getObjectFactory()
.createResponse(responseType);
- marshaller.marshal(jaxb, os);
+ marshaller.marshal(jaxb, os); */
+
+ SAMLResponseWriter samlWriter = new SAMLResponseWriter( StaxUtil.getXMLStreamWriter(os));
+ samlWriter.write(responseType);
}
/**
* Marshall the ResponseType into a writer
* @param responseType
* @param writer
- * @throws SAXException
- * @throws JAXBException
+ * @throws ProcessingException
*/
- public void marshall(ResponseType responseType, Writer writer) throws JAXBException, SAXException
+ public void marshall(ResponseType responseType, Writer writer) throws ProcessingException
{
- Marshaller marshaller = JBossSAMLAuthnResponseFactory.getMarshaller();
+ SAMLResponseWriter samlWriter = new SAMLResponseWriter( StaxUtil.getXMLStreamWriter( writer ));
+ samlWriter.write(responseType);
+
+ /*Marshaller marshaller = JBossSAMLAuthnResponseFactory.getMarshaller();
JAXBElement<ResponseType> jaxb = SAMLProtocolFactory.getObjectFactory().createResponse(responseType);
- marshaller.marshal(jaxb, writer);
+ marshaller.marshal(jaxb, writer);*/
}
}
\ No newline at end of file
Modified: federation/trunk/picketlink-fed-api/src/main/java/org/picketlink/identity/federation/api/saml/v2/sig/SAML2Signature.java
===================================================================
--- federation/trunk/picketlink-fed-api/src/main/java/org/picketlink/identity/federation/api/saml/v2/sig/SAML2Signature.java 2010-11-30 16:06:20 UTC (rev 569)
+++ federation/trunk/picketlink-fed-api/src/main/java/org/picketlink/identity/federation/api/saml/v2/sig/SAML2Signature.java 2010-11-30 16:07:32 UTC (rev 570)
@@ -41,9 +41,9 @@
import org.picketlink.identity.federation.core.exceptions.ProcessingException;
import org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLURIConstants;
import org.picketlink.identity.federation.core.saml.v2.util.DocumentUtil;
-import org.picketlink.identity.federation.core.util.XMLSignatureUtil;
-import org.picketlink.identity.federation.saml.v2.protocol.RequestAbstractType;
-import org.picketlink.identity.federation.saml.v2.protocol.ResponseType;
+import org.picketlink.identity.federation.core.util.XMLSignatureUtil;
+import org.picketlink.identity.federation.newmodel.saml.v2.protocol.RequestAbstractType;
+import org.picketlink.identity.federation.newmodel.saml.v2.protocol.ResponseType;
import org.w3c.dom.Document;
import org.w3c.dom.Node;
import org.xml.sax.SAXException;
Modified: federation/trunk/picketlink-fed-api/src/main/java/org/picketlink/identity/federation/api/soap/SOAPSAMLXACML.java
===================================================================
--- federation/trunk/picketlink-fed-api/src/main/java/org/picketlink/identity/federation/api/soap/SOAPSAMLXACML.java 2010-11-30 16:06:20 UTC (rev 569)
+++ federation/trunk/picketlink-fed-api/src/main/java/org/picketlink/identity/federation/api/soap/SOAPSAMLXACML.java 2010-11-30 16:07:32 UTC (rev 570)
@@ -32,18 +32,14 @@
import org.picketlink.identity.federation.core.exceptions.ConfigurationException;
import org.picketlink.identity.federation.core.exceptions.ProcessingException;
-import org.picketlink.identity.federation.core.factories.SOAPFactory;
-import org.picketlink.identity.federation.core.saml.v2.factories.SAMLAssertionFactory;
+import org.picketlink.identity.federation.core.factories.SOAPFactory;
import org.picketlink.identity.federation.core.saml.v2.util.SOAPSAMLXACMLUtil;
import org.picketlink.identity.federation.core.saml.v2.util.XMLTimeUtil;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.NameIDType;
+import org.picketlink.identity.federation.newmodel.saml.v2.profiles.xacml.protocol.XACMLAuthzDecisionQueryType;
import org.picketlink.identity.federation.org.xmlsoap.schemas.soap.envelope.Body;
import org.picketlink.identity.federation.org.xmlsoap.schemas.soap.envelope.Envelope;
-import org.picketlink.identity.federation.org.xmlsoap.schemas.soap.envelope.Fault;
-import org.picketlink.identity.federation.saml.v2.assertion.AssertionType;
-import org.picketlink.identity.federation.saml.v2.assertion.NameIDType;
-import org.picketlink.identity.federation.saml.v2.profiles.xacml.assertion.XACMLAuthzDecisionStatementType;
-import org.picketlink.identity.federation.saml.v2.profiles.xacml.protocol.XACMLAuthzDecisionQueryType;
-import org.picketlink.identity.federation.saml.v2.protocol.ResponseType;
+import org.picketlink.identity.federation.org.xmlsoap.schemas.soap.envelope.Fault;
import org.jboss.security.xacml.core.model.context.DecisionType;
import org.jboss.security.xacml.core.model.context.RequestType;
import org.jboss.security.xacml.core.model.context.ResultType;
@@ -67,21 +63,21 @@
*/
public Result send(String endpoint, String issuer, RequestType xacmlRequest) throws ProcessingException
{
+ throw new RuntimeException( "NYI" );/*
try
{
- XACMLAuthzDecisionQueryType queryType = SOAPSAMLXACMLUtil.createXACMLAuthzDecisionQueryType();
+ XACMLAuthzDecisionQueryType queryType = new XACMLAuthzDecisionQueryType();
queryType.setRequest(xacmlRequest);
//Create Issue Instant
queryType.setIssueInstant(XMLTimeUtil.getIssueInstant());
//Create Issuer
- NameIDType nameIDType = SAMLAssertionFactory.getObjectFactory().createNameIDType();
+ NameIDType nameIDType = new NameIDType();
nameIDType.setValue(issuer);
queryType.setIssuer(nameIDType);
+
- JAXBElement<?> jaxbQueryType = SOAPSAMLXACMLUtil.getJAXB(queryType);
-
Envelope envelope = createEnvelope(jaxbQueryType);
JAXBElement<?> soapRequest = SOAPFactory.getObjectFactory().createEnvelope(envelope);
@@ -125,7 +121,7 @@
catch (ConfigurationException e)
{
throw new ProcessingException(e);
- }
+ }*/
}
private Envelope createEnvelope(JAXBElement<?> jaxbElement)
Modified: federation/trunk/picketlink-fed-api/src/test/java/org/picketlink/test/identity/federation/api/saml/v2/DeflateEncodingDecodingUnitTestCase.java
===================================================================
--- federation/trunk/picketlink-fed-api/src/test/java/org/picketlink/test/identity/federation/api/saml/v2/DeflateEncodingDecodingUnitTestCase.java 2010-11-30 16:06:20 UTC (rev 569)
+++ federation/trunk/picketlink-fed-api/src/test/java/org/picketlink/test/identity/federation/api/saml/v2/DeflateEncodingDecodingUnitTestCase.java 2010-11-30 16:07:32 UTC (rev 570)
@@ -32,8 +32,8 @@
import org.picketlink.identity.federation.api.util.DeflateUtil;
import org.picketlink.identity.federation.core.saml.v2.common.IDGenerator;
import org.picketlink.identity.federation.core.saml.v2.factories.JBossSAMLAuthnRequestFactory;
-import org.picketlink.identity.federation.core.util.Base64;
-import org.picketlink.identity.federation.saml.v2.protocol.AuthnRequestType;
+import org.picketlink.identity.federation.core.util.Base64;
+import org.picketlink.identity.federation.newmodel.saml.v2.protocol.AuthnRequestType;
/**
* Unit test the DEFLATE compression
Modified: federation/trunk/picketlink-fed-api/src/test/java/org/picketlink/test/identity/federation/api/saml/v2/SAML2AuthnRequestUnitTestCase.java
===================================================================
--- federation/trunk/picketlink-fed-api/src/test/java/org/picketlink/test/identity/federation/api/saml/v2/SAML2AuthnRequestUnitTestCase.java 2010-11-30 16:06:20 UTC (rev 569)
+++ federation/trunk/picketlink-fed-api/src/test/java/org/picketlink/test/identity/federation/api/saml/v2/SAML2AuthnRequestUnitTestCase.java 2010-11-30 16:07:32 UTC (rev 570)
@@ -22,22 +22,22 @@
package org.picketlink.test.identity.federation.api.saml.v2;
import java.io.ByteArrayOutputStream;
+import java.net.URI;
import java.util.List;
-import javax.xml.bind.JAXBElement;
-
import junit.framework.TestCase;
import org.picketlink.identity.federation.api.saml.v2.request.SAML2Request;
import org.picketlink.identity.federation.core.saml.v2.common.IDGenerator;
-import org.picketlink.identity.federation.saml.v2.assertion.AudienceRestrictionType;
-import org.picketlink.identity.federation.saml.v2.assertion.ConditionAbstractType;
-import org.picketlink.identity.federation.saml.v2.assertion.ConditionsType;
-import org.picketlink.identity.federation.saml.v2.assertion.NameIDType;
-import org.picketlink.identity.federation.saml.v2.assertion.SubjectType;
-import org.picketlink.identity.federation.saml.v2.protocol.AuthnRequestType;
-import org.picketlink.identity.federation.saml.v2.protocol.RequestedAuthnContextType;
-import org.picketlink.identity.xmlsec.w3.xmldsig.SignatureType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AudienceRestrictionType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.ConditionAbstractType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.ConditionsType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.NameIDType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.SubjectType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.SubjectType.STSubType;
+import org.picketlink.identity.federation.newmodel.saml.v2.protocol.AuthnRequestType;
+import org.picketlink.identity.federation.newmodel.saml.v2.protocol.RequestedAuthnContextType;
+import org.w3c.dom.Element;
@@ -68,23 +68,22 @@
SubjectType subjectType = authnRequestType.getSubject();
assertNotNull(subjectType);
- List<JAXBElement<?>> subjectContentList = subjectType.getContent();
- JAXBElement<?> elem1 = subjectContentList.get(0);
- NameIDType nameIDType = (NameIDType) elem1.getValue();
+ STSubType subType = subjectType.getSubType();
+ NameIDType nameIDType = (NameIDType) subType.getBaseID();
assertEquals("urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress",nameIDType.getFormat());
assertEquals("j.doe(a)company.com",nameIDType.getValue());
ConditionsType conditionsType = authnRequestType.getConditions();
- List<ConditionAbstractType> conditions = conditionsType.getConditionOrAudienceRestrictionOrOneTimeUse();
+ List<ConditionAbstractType> conditions = conditionsType.getConditions();
assertTrue(conditions.size() == 1);
ConditionAbstractType condition = conditions.get(0);
assertTrue(condition instanceof AudienceRestrictionType);
AudienceRestrictionType audienceRestrictionType = (AudienceRestrictionType) condition;
- List<String> audiences = audienceRestrictionType.getAudience();
+ List<URI> audiences = audienceRestrictionType.getAudience();
assertTrue(audiences.size() == 1);
- assertEquals("urn:foo:sp.example.org", audiences.get(0));
+ assertEquals("urn:foo:sp.example.org", audiences.get(0).toASCIIString());
RequestedAuthnContextType requestedAuthnContext = authnRequestType.getRequestedAuthnContext();
assertEquals( "urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport"
@@ -109,7 +108,7 @@
AuthnRequestType authnRequestType = request.getAuthnRequestType(resourceName);
assertNotNull(authnRequestType);
- SignatureType signatureType = authnRequestType.getSignature();
+ Element signatureType = authnRequestType.getSignature();
assertNotNull("Signature is not null", signatureType);
//Let us marshall it back to an output stream
Modified: federation/trunk/picketlink-fed-api/src/test/java/org/picketlink/test/identity/federation/api/saml/v2/SAML2AuthnResponseUnitTestCase.java
===================================================================
--- federation/trunk/picketlink-fed-api/src/test/java/org/picketlink/test/identity/federation/api/saml/v2/SAML2AuthnResponseUnitTestCase.java 2010-11-30 16:06:20 UTC (rev 569)
+++ federation/trunk/picketlink-fed-api/src/test/java/org/picketlink/test/identity/federation/api/saml/v2/SAML2AuthnResponseUnitTestCase.java 2010-11-30 16:07:32 UTC (rev 570)
@@ -31,8 +31,8 @@
import org.picketlink.identity.federation.core.saml.v2.factories.JBossSAMLAuthnResponseFactory;
import org.picketlink.identity.federation.core.saml.v2.holders.IDPInfoHolder;
import org.picketlink.identity.federation.core.saml.v2.holders.IssuerInfoHolder;
-import org.picketlink.identity.federation.core.saml.v2.holders.SPInfoHolder;
-import org.picketlink.identity.federation.saml.v2.protocol.ResponseType;
+import org.picketlink.identity.federation.core.saml.v2.holders.SPInfoHolder;
+import org.picketlink.identity.federation.newmodel.saml.v2.protocol.ResponseType;
/**
Modified: federation/trunk/picketlink-fed-api/src/test/java/org/picketlink/test/identity/federation/api/saml/v2/SAML2RequestUnitTestCase.java
===================================================================
--- federation/trunk/picketlink-fed-api/src/test/java/org/picketlink/test/identity/federation/api/saml/v2/SAML2RequestUnitTestCase.java 2010-11-30 16:06:20 UTC (rev 569)
+++ federation/trunk/picketlink-fed-api/src/test/java/org/picketlink/test/identity/federation/api/saml/v2/SAML2RequestUnitTestCase.java 2010-11-30 16:07:32 UTC (rev 570)
@@ -23,8 +23,8 @@
import junit.framework.TestCase;
-import org.picketlink.identity.federation.api.saml.v2.request.SAML2Request;
-import org.picketlink.identity.federation.saml.v2.protocol.LogoutRequestType;
+import org.picketlink.identity.federation.api.saml.v2.request.SAML2Request;
+import org.picketlink.identity.federation.newmodel.saml.v2.protocol.LogoutRequestType;
/**
Modified: federation/trunk/picketlink-fed-api/src/test/java/org/picketlink/test/identity/federation/api/saml/v2/SignatureValidationUnitTestCase.java
===================================================================
--- federation/trunk/picketlink-fed-api/src/test/java/org/picketlink/test/identity/federation/api/saml/v2/SignatureValidationUnitTestCase.java 2010-11-30 16:06:20 UTC (rev 569)
+++ federation/trunk/picketlink-fed-api/src/test/java/org/picketlink/test/identity/federation/api/saml/v2/SignatureValidationUnitTestCase.java 2010-11-30 16:07:32 UTC (rev 570)
@@ -41,11 +41,11 @@
import org.picketlink.identity.federation.core.saml.v2.util.DocumentUtil;
import org.picketlink.identity.federation.core.saml.v2.util.SignatureUtil;
import org.picketlink.identity.federation.core.saml.v2.util.XMLTimeUtil;
-import org.picketlink.identity.federation.core.util.XMLSignatureUtil;
-import org.picketlink.identity.federation.saml.v2.assertion.AssertionType;
-import org.picketlink.identity.federation.saml.v2.assertion.AuthnStatementType;
-import org.picketlink.identity.federation.saml.v2.protocol.AuthnRequestType;
-import org.picketlink.identity.federation.saml.v2.protocol.ResponseType;
+import org.picketlink.identity.federation.core.util.XMLSignatureUtil;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AssertionType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AuthnStatementType;
+import org.picketlink.identity.federation.newmodel.saml.v2.protocol.AuthnRequestType;
+import org.picketlink.identity.federation.newmodel.saml.v2.protocol.ResponseType;
import org.junit.Test;
import org.w3c.dom.Document;
import org.w3c.dom.Node;
@@ -109,7 +109,7 @@
// Create an assertion
AssertionType assertion = response.createAssertion(id, issuerInfo.getIssuer());
- assertion.getStatementOrAuthnStatementOrAuthzDecisionStatement().add(authnStatement);
+ assertion.addStatement( authnStatement );
KeyPairGenerator kpg = KeyPairGenerator.getInstance("DSA");
KeyPair kp = kpg.genKeyPair();
@@ -176,7 +176,7 @@
* Now the signed document is marshalled across the wire using dom
* write
*/
- Binder<Node> binder = response.getBinder();
+ //Binder<Node> binder = response.getBinder();
//We have to parse the dom coming from the stream and feed to binder
Document readDoc = DocumentUtil.getDocument(DocumentUtil.getNodeAsStream(signedDoc));
@@ -191,9 +191,9 @@
// The client re-validates the signature.
assertTrue("Signature is valid:", XMLSignatureUtil.validate(validatingDoc, kp.getPublic()));
- JAXBElement<ResponseType> jaxbresponseType = (JAXBElement<ResponseType>) binder.unmarshal(readDoc);
+ /*JAXBElement<ResponseType> jaxbresponseType = (JAXBElement<ResponseType>) binder.unmarshal(readDoc);
responseType = jaxbresponseType.getValue();
- assertNotNull(responseType);
+ assertNotNull(responseType); */
}
/**
Modified: federation/trunk/picketlink-fed-api/src/test/java/org/picketlink/test/identity/federation/api/util/XMLEncryptionUnitTestCase.java
===================================================================
--- federation/trunk/picketlink-fed-api/src/test/java/org/picketlink/test/identity/federation/api/util/XMLEncryptionUnitTestCase.java 2010-11-30 16:06:20 UTC (rev 569)
+++ federation/trunk/picketlink-fed-api/src/test/java/org/picketlink/test/identity/federation/api/util/XMLEncryptionUnitTestCase.java 2010-11-30 16:07:32 UTC (rev 570)
@@ -45,10 +45,11 @@
import org.picketlink.identity.federation.core.saml.v2.util.DocumentUtil;
import org.picketlink.identity.federation.core.saml.v2.util.StatementUtil;
import org.picketlink.identity.federation.core.util.XMLEncryptionUtil;
-import org.picketlink.identity.federation.saml.v2.assertion.AssertionType;
-import org.picketlink.identity.federation.saml.v2.assertion.AttributeStatementType;
-import org.picketlink.identity.federation.saml.v2.assertion.EncryptedElementType;
-import org.picketlink.identity.federation.saml.v2.protocol.ResponseType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AssertionType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AttributeStatementType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.EncryptedAssertionType;
+import org.picketlink.identity.federation.newmodel.saml.v2.protocol.ResponseType;
+import org.picketlink.identity.federation.newmodel.saml.v2.protocol.ResponseType.RTChoiceType;
import org.w3c.dom.Document;
import org.w3c.dom.Element;
import org.w3c.dom.Node;
@@ -79,18 +80,20 @@
Element docElement = XMLEncryptionUtil.encryptElementInDocument(responseDoc,kp.getPublic(), sk,
128, assertionQName, true);
- EncryptedElementType eet = sr.getEncryptedAssertion(DocumentUtil.getNodeAsStream(docElement));
- rt.getAssertionOrEncryptedAssertion().set(0,eet);
+ EncryptedAssertionType eet = sr.getEncryptedAssertion(DocumentUtil.getNodeAsStream(docElement));
+ rt.addAssertion( new RTChoiceType( eet ) );
- EncryptedElementType myeet = (EncryptedElementType) rt.getAssertionOrEncryptedAssertion().get(0);
- Document eetDoc = sr.convert(myeet);
+ RTChoiceType choiceType = rt.getAssertions().get(0);
+ EncryptedAssertionType encryptedAssertionType = choiceType.getEncryptedAssertion();
+ Document eetDoc = sr.convert( encryptedAssertionType );
+
Element decryptedDocumentElement = XMLEncryptionUtil.decryptElementInDocument(eetDoc,kp.getPrivate());
//Let us use the encrypted doc element to decrypt it
ResponseType newRT = sr.getResponseType(DocumentUtil.getNodeAsStream(decryptedDocumentElement));
- AssertionType assertion = (AssertionType) newRT.getAssertionOrEncryptedAssertion().get(0);
+ AssertionType assertion = (AssertionType) newRT.getAssertions().get(0).getAssertion();
assertEquals("http://identityurl", assertion.getIssuer().getValue());
}
@@ -110,8 +113,8 @@
Element docElement = XMLEncryptionUtil.encryptElementInDocument(responseDoc,kp.getPublic(), sk,
128, assertionQName, true);
- EncryptedElementType eet = sr.getEncryptedAssertion(DocumentUtil.getNodeAsStream(docElement));
- rt.getAssertionOrEncryptedAssertion().set(0,eet);
+ EncryptedAssertionType eet = sr.getEncryptedAssertion(DocumentUtil.getNodeAsStream(docElement));
+ rt.addAssertion( new RTChoiceType( eet ));
StringWriter sw = new StringWriter();
sr.marshall(rt, sw);
@@ -119,15 +122,15 @@
//Create a brand new ResponseType
ResponseType received = sr.getResponseType(new ByteArrayInputStream(sw.toString().getBytes("UTF-8")));
- EncryptedElementType myeet = (EncryptedElementType) received.getAssertionOrEncryptedAssertion().get(0);
- Document eetDoc = sr.convert(myeet);
+ EncryptedAssertionType encryptedAssertionType = received.getAssertions().get(0).getEncryptedAssertion();
+ Document eetDoc = sr.convert( encryptedAssertionType );
Element decryptedDocumentElement = XMLEncryptionUtil.decryptElementInDocument(eetDoc,kp.getPrivate());
//Let us use the encrypted doc element to decrypt it
ResponseType newRT = sr.getResponseType(DocumentUtil.getNodeAsStream(decryptedDocumentElement));
- AssertionType assertion = (AssertionType) newRT.getAssertionOrEncryptedAssertion().get(0);
+ AssertionType assertion = newRT.getAssertions().get(0).getAssertion();
assertEquals("http://identityurl", assertion.getIssuer().getValue());
}
@@ -210,10 +213,10 @@
SPInfoHolder sp = new SPInfoHolder();
sp.setResponseDestinationURI("http://service");
responseType = saml2Response.createResponseType(id, sp, idp, issuerHolder);
- AssertionType assertion = (AssertionType) responseType.getAssertionOrEncryptedAssertion().get(0);
+ AssertionType assertion = (AssertionType) responseType.getAssertions().get(0).getAssertion();
AttributeStatementType attrStatement = StatementUtil.createAttributeStatement(roles);
- assertion.getStatementOrAuthnStatementOrAuthzDecisionStatement().add(attrStatement);
+ assertion.addStatement( attrStatement );
//Add timed conditions
saml2Response.createTimedConditions(assertion, 5000L);
Modified: federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/web/filters/SPFilter.java
===================================================================
--- federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/web/filters/SPFilter.java 2010-11-30 16:06:20 UTC (rev 569)
+++ federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/web/filters/SPFilter.java 2010-11-30 16:07:32 UTC (rev 570)
@@ -95,17 +95,18 @@
import org.picketlink.identity.federation.core.util.CoreConfigUtil;
import org.picketlink.identity.federation.core.util.StringUtil;
import org.picketlink.identity.federation.core.util.XMLSignatureUtil;
-import org.picketlink.identity.federation.saml.v2.SAML2Object;
-import org.picketlink.identity.federation.saml.v2.assertion.AssertionType;
-import org.picketlink.identity.federation.saml.v2.assertion.AttributeStatementType;
-import org.picketlink.identity.federation.saml.v2.assertion.AttributeType;
-import org.picketlink.identity.federation.saml.v2.assertion.NameIDType;
-import org.picketlink.identity.federation.saml.v2.assertion.SubjectType;
-import org.picketlink.identity.federation.saml.v2.protocol.AuthnRequestType;
-import org.picketlink.identity.federation.saml.v2.protocol.RequestAbstractType;
-import org.picketlink.identity.federation.saml.v2.protocol.ResponseType;
-import org.picketlink.identity.federation.saml.v2.protocol.StatusResponseType;
-import org.picketlink.identity.federation.saml.v2.protocol.StatusType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AssertionType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AttributeStatementType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AttributeStatementType.ASTChoiceType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AttributeType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.NameIDType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.SubjectType;
+import org.picketlink.identity.federation.newmodel.saml.v2.protocol.AuthnRequestType;
+import org.picketlink.identity.federation.newmodel.saml.v2.protocol.RequestAbstractType;
+import org.picketlink.identity.federation.newmodel.saml.v2.protocol.ResponseType;
+import org.picketlink.identity.federation.newmodel.saml.v2.protocol.StatusResponseType;
+import org.picketlink.identity.federation.newmodel.saml.v2.protocol.StatusType;
+import org.picketlink.identity.federation.saml.v2.SAML2Object;
import org.picketlink.identity.federation.web.constants.GeneralConstants;
import org.picketlink.identity.federation.web.core.HTTPContext;
import org.picketlink.identity.federation.web.interfaces.IRoleValidator;
@@ -598,7 +599,7 @@
saml2Request.marshall(authnRequest, baos);
String samlMessage = PostBindingUtil.base64Encode(baos.toString());
- String destination = authnRequest.getDestination();
+ String destination = authnRequest.getDestination().toASCIIString();
PostBindingUtil.sendPost(new DestinationInfoHolder(destination, samlMessage, relayState),
response, true);
}
@@ -727,32 +728,34 @@
if(statusType == null)
throw new IllegalArgumentException("Status Type from the IDP is null");
- String statusValue = statusType.getStatusCode().getValue();
+ String statusValue = statusType.getStatusCode().getValue().toASCIIString();
if(JBossSAMLURIConstants.STATUS_SUCCESS.get().equals(statusValue) == false)
throw new SecurityException("IDP forbid the user");
- List<Object> assertions = responseType.getAssertionOrEncryptedAssertion();
+ List<org.picketlink.identity.federation.newmodel.saml.v2.protocol.ResponseType.RTChoiceType> assertions = responseType.getAssertions();
if(assertions.size() == 0)
throw new IllegalStateException("No assertions in reply from IDP");
- AssertionType assertion = (AssertionType)assertions.get(0);
+ AssertionType assertion = assertions.get(0).getAssertion();
//Check for validity of assertion
boolean expiredAssertion = AssertionUtil.hasExpired(assertion);
if(expiredAssertion)
throw new AssertionExpiredException();
SubjectType subject = assertion.getSubject();
- JAXBElement<NameIDType> jnameID = (JAXBElement<NameIDType>) subject.getContent().get(0);
- NameIDType nameID = jnameID.getValue();
+ /*JAXBElement<NameIDType> jnameID = (JAXBElement<NameIDType>) subject.getContent().get(0);
+ NameIDType nameID = jnameID.getValue();*/
+ NameIDType nameID = (NameIDType) subject.getSubType().getBaseID();
+
final String userName = nameID.getValue();
List<String> roles = new ArrayList<String>();
//Let us get the roles
- AttributeStatementType attributeStatement = (AttributeStatementType) assertion.getStatementOrAuthnStatementOrAuthzDecisionStatement().get(0);
- List<Object> attList = attributeStatement.getAttributeOrEncryptedAttribute();
- for(Object obj:attList)
+ AttributeStatementType attributeStatement = (AttributeStatementType) assertion.getStatements().iterator().next();
+ List<ASTChoiceType> attList = attributeStatement.getAttributes();
+ for(ASTChoiceType obj:attList)
{
- AttributeType attr = (AttributeType) obj;
+ AttributeType attr = obj.getAttribute();
String roleName = (String) attr.getAttributeValue().get(0);
roles.add(roleName);
}
Modified: federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/web/handlers/saml2/SAML2AuthenticationHandler.java
===================================================================
--- federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/web/handlers/saml2/SAML2AuthenticationHandler.java 2010-11-30 16:06:20 UTC (rev 569)
+++ federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/web/handlers/saml2/SAML2AuthenticationHandler.java 2010-11-30 16:07:32 UTC (rev 570)
@@ -29,8 +29,6 @@
import javax.servlet.ServletContext;
import javax.servlet.http.HttpSession;
-import javax.xml.bind.JAXBElement;
-import javax.xml.bind.JAXBException;
import org.apache.log4j.Logger;
import org.picketlink.identity.federation.api.saml.v2.request.SAML2Request;
@@ -45,26 +43,27 @@
import org.picketlink.identity.federation.core.saml.v2.holders.IssuerInfoHolder;
import org.picketlink.identity.federation.core.saml.v2.holders.SPInfoHolder;
import org.picketlink.identity.federation.core.saml.v2.interfaces.SAML2HandlerRequest;
-import org.picketlink.identity.federation.core.saml.v2.interfaces.SAML2HandlerResponse;
import org.picketlink.identity.federation.core.saml.v2.interfaces.SAML2HandlerRequest.GENERATE_REQUEST_TYPE;
+import org.picketlink.identity.federation.core.saml.v2.interfaces.SAML2HandlerResponse;
import org.picketlink.identity.federation.core.saml.v2.util.AssertionUtil;
import org.picketlink.identity.federation.core.saml.v2.util.StatementUtil;
-import org.picketlink.identity.federation.saml.v2.assertion.AssertionType;
-import org.picketlink.identity.federation.saml.v2.assertion.AttributeStatementType;
-import org.picketlink.identity.federation.saml.v2.assertion.AttributeType;
-import org.picketlink.identity.federation.saml.v2.assertion.EncryptedElementType;
-import org.picketlink.identity.federation.saml.v2.assertion.NameIDType;
-import org.picketlink.identity.federation.saml.v2.assertion.SubjectType;
-import org.picketlink.identity.federation.saml.v2.protocol.AuthnRequestType;
-import org.picketlink.identity.federation.saml.v2.protocol.ResponseType;
-import org.picketlink.identity.federation.saml.v2.protocol.StatusType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AssertionType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AttributeStatementType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AttributeStatementType.ASTChoiceType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AttributeType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.EncryptedAssertionType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.NameIDType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.SubjectType;
+import org.picketlink.identity.federation.newmodel.saml.v2.protocol.AuthnRequestType;
+import org.picketlink.identity.federation.newmodel.saml.v2.protocol.ResponseType;
+import org.picketlink.identity.federation.newmodel.saml.v2.protocol.ResponseType.RTChoiceType;
+import org.picketlink.identity.federation.newmodel.saml.v2.protocol.StatusType;
import org.picketlink.identity.federation.web.constants.GeneralConstants;
import org.picketlink.identity.federation.web.core.HTTPContext;
import org.picketlink.identity.federation.web.core.IdentityServer;
import org.picketlink.identity.federation.web.interfaces.IRoleValidator;
import org.w3c.dom.Document;
import org.w3c.dom.Node;
-import org.xml.sax.SAXException;
/**
* Handles for dealing with SAML2 Authentication
@@ -160,7 +159,7 @@
{
Map<String,Object> attribs = (Map<String, Object>) request.getOptions().get(GeneralConstants.ATTRIBUTES);
long assertionValidity = (Long) request.getOptions().get(GeneralConstants.ASSERTIONS_VALIDITY);
- String destination = art.getAssertionConsumerServiceURL();
+ String destination = art.getAssertionConsumerServiceURL().toASCIIString();
Document samlResponse = this.getResponse(destination,
userPrincipal, roles, request.getIssuer().getValue(),
attribs,
@@ -216,10 +215,10 @@
responseType = saml2Response.createResponseType(id, sp, idp, issuerHolder);
//Add information on the roles
- AssertionType assertion = (AssertionType) responseType.getAssertionOrEncryptedAssertion().get(0);
+ AssertionType assertion = (AssertionType) responseType.getAssertions().get(0).getAssertion();
AttributeStatementType attrStatement = StatementUtil.createAttributeStatement(roles);
- assertion.getStatementOrAuthnStatementOrAuthzDecisionStatement().add(attrStatement);
+ assertion.addStatement( attrStatement );
//Add timed conditions
saml2Response.createTimedConditions(assertion, assertionValidity);
@@ -228,7 +227,7 @@
if(attribs != null && attribs.size() > 0 )
{
AttributeStatementType attStatement = StatementUtil.createAttributeStatement(attribs);
- assertion.getStatementOrAuthnStatementOrAuthzDecisionStatement().add(attStatement);
+ assertion.addStatement( attStatement );
}
//Lets see how the response looks like
@@ -239,14 +238,10 @@
{
saml2Response.marshall(responseType, sw);
}
- catch (JAXBException e)
+ catch ( ProcessingException e)
{
log.trace(e);
- }
- catch (SAXException e)
- {
- log.trace(e);
- }
+ }
log.trace("Response="+sw.toString());
}
try
@@ -291,12 +286,12 @@
{
HTTPContext httpContext = (HTTPContext) request.getContext();
ResponseType responseType = (ResponseType) request.getSAML2Object();
- List<Object> assertions = responseType.getAssertionOrEncryptedAssertion();
+ List<RTChoiceType> assertions = responseType.getAssertions();
if(assertions.size() == 0)
throw new IllegalStateException("No assertions in reply from IDP");
- Object assertion = assertions.get(0);
- if(assertion instanceof EncryptedElementType)
+ Object assertion = assertions.get(0).getEncryptedAssertion();
+ if(assertion instanceof EncryptedAssertionType)
{
responseType = this.decryptAssertion(responseType);
}
@@ -323,8 +318,7 @@
{
throw new RuntimeException("This authenticator does not handle encryption");
}
-
- @SuppressWarnings("unchecked")
+
private Principal handleSAMLResponse(ResponseType responseType, SAML2HandlerResponse response)
throws ProcessingException
{
@@ -335,15 +329,15 @@
if(statusType == null)
throw new IllegalArgumentException("Status Type from the IDP is null");
- String statusValue = statusType.getStatusCode().getValue();
+ String statusValue = statusType.getStatusCode().getValue().toASCIIString();
if(JBossSAMLURIConstants.STATUS_SUCCESS.get().equals(statusValue) == false)
throw new SecurityException("IDP forbid the user");
- List<Object> assertions = responseType.getAssertionOrEncryptedAssertion();
+ List<RTChoiceType> assertions = responseType.getAssertions();
if(assertions.size() == 0)
throw new IllegalStateException("No assertions in reply from IDP");
- AssertionType assertion = (AssertionType)assertions.get(0);
+ AssertionType assertion = assertions.get(0).getAssertion();
//Check for validity of assertion
boolean expiredAssertion;
try
@@ -361,17 +355,20 @@
}
SubjectType subject = assertion.getSubject();
- JAXBElement<NameIDType> jnameID = (JAXBElement<NameIDType>) subject.getContent().get(0);
+ /*JAXBElement<NameIDType> jnameID = (JAXBElement<NameIDType>) subject.getContent().get(0);
NameIDType nameID = jnameID.getValue();
+ */
+ NameIDType nameID = (NameIDType) subject.getSubType().getBaseID();
+
final String userName = nameID.getValue();
List<String> roles = new ArrayList<String>();
//Let us get the roles
- AttributeStatementType attributeStatement = (AttributeStatementType) assertion.getStatementOrAuthnStatementOrAuthzDecisionStatement().get(0);
- List<Object> attList = attributeStatement.getAttributeOrEncryptedAttribute();
- for(Object obj:attList)
+ AttributeStatementType attributeStatement = (AttributeStatementType) assertion.getStatements().iterator().next();
+ List<ASTChoiceType> attList = attributeStatement.getAttributes();
+ for(ASTChoiceType obj:attList)
{
- AttributeType attr = (AttributeType) obj;
+ AttributeType attr = obj.getAttribute();
List<Object> attributeValues = attr.getAttributeValue();
if( attributeValues != null)
{
Modified: federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/web/handlers/saml2/SAML2LogOutHandler.java
===================================================================
--- federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/web/handlers/saml2/SAML2LogOutHandler.java 2010-11-30 16:06:20 UTC (rev 569)
+++ federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/web/handlers/saml2/SAML2LogOutHandler.java 2010-11-30 16:07:32 UTC (rev 570)
@@ -40,14 +40,13 @@
import org.picketlink.identity.federation.core.saml.v2.interfaces.SAML2HandlerRequest.GENERATE_REQUEST_TYPE;
import org.picketlink.identity.federation.core.saml.v2.interfaces.SAML2HandlerResponse;
import org.picketlink.identity.federation.core.saml.v2.util.XMLTimeUtil;
-import org.picketlink.identity.federation.saml.v2.SAML2Object;
-import org.picketlink.identity.federation.saml.v2.protocol.LogoutRequestType;
-import org.picketlink.identity.federation.saml.v2.protocol.ObjectFactory;
-import org.picketlink.identity.federation.saml.v2.protocol.RequestAbstractType;
-import org.picketlink.identity.federation.saml.v2.protocol.ResponseType;
-import org.picketlink.identity.federation.saml.v2.protocol.StatusCodeType;
-import org.picketlink.identity.federation.saml.v2.protocol.StatusResponseType;
-import org.picketlink.identity.federation.saml.v2.protocol.StatusType;
+import org.picketlink.identity.federation.core.util.NetworkUtil;
+import org.picketlink.identity.federation.newmodel.saml.v2.protocol.LogoutRequestType;
+import org.picketlink.identity.federation.newmodel.saml.v2.protocol.ResponseType;
+import org.picketlink.identity.federation.newmodel.saml.v2.protocol.StatusCodeType;
+import org.picketlink.identity.federation.newmodel.saml.v2.protocol.StatusResponseType;
+import org.picketlink.identity.federation.newmodel.saml.v2.protocol.StatusType;
+import org.picketlink.identity.federation.saml.v2.SAML2Object;
import org.picketlink.identity.federation.web.constants.GeneralConstants;
import org.picketlink.identity.federation.web.core.HTTPContext;
import org.picketlink.identity.federation.web.core.IdentityServer;
@@ -64,9 +63,7 @@
private IDPLogOutHandler idp = new IDPLogOutHandler();
private SPLogOutHandler sp = new SPLogOutHandler();
-
- private ObjectFactory objectFactory = new ObjectFactory();
-
+
/**
* @see SAML2Handler#generateSAMLRequest(SAML2HandlerRequest, SAML2HandlerResponse)
*/
@@ -287,7 +284,7 @@
long assertionValidity = (Long) request.getOptions().get(GeneralConstants.ASSERTIONS_VALIDITY);
lort.setNotOnOrAfter(XMLTimeUtil.add(lort.getIssueInstant(), assertionValidity));
- lort.setDestination(participant);
+ lort.setDestination( NetworkUtil.createURI( participant ));
response.setResultingDocument(saml2Request.convert(lort));
response.setSendRequest(true);
@@ -328,16 +325,16 @@
String originalIssuer)
throws ConfigurationException, ParserConfigurationException, ProcessingException
{
- StatusResponseType statusResponse = objectFactory.createStatusResponseType();
+ StatusResponseType statusResponse = new StatusResponseType();
//Status
- StatusType statusType = objectFactory.createStatusType();
- StatusCodeType statusCodeType = objectFactory.createStatusCodeType();
- statusCodeType.setValue(JBossSAMLURIConstants.STATUS_RESPONDER.get());
+ StatusType statusType = new StatusType();
+ StatusCodeType statusCodeType = new StatusCodeType();
+ statusCodeType.setValue( NetworkUtil.createURI( JBossSAMLURIConstants.STATUS_RESPONDER.get() ));
//2nd level status code
- StatusCodeType status2ndLevel = objectFactory.createStatusCodeType();
- status2ndLevel.setValue(JBossSAMLURIConstants.STATUS_SUCCESS.get());
+ StatusCodeType status2ndLevel = new StatusCodeType();
+ status2ndLevel.setValue( NetworkUtil.createURI( JBossSAMLURIConstants.STATUS_SUCCESS.get() ));
statusCodeType.setStatusCode(status2ndLevel);
statusType.setStatusCode(statusCodeType);
@@ -445,16 +442,16 @@
session.invalidate(); //Invalidate the current session at the SP
//Generate a Logout Response
- StatusResponseType statusResponse = objectFactory.createStatusResponseType();
+ StatusResponseType statusResponse = new StatusResponseType();
//Status
- StatusType statusType = objectFactory.createStatusType();
- StatusCodeType statusCodeType = objectFactory.createStatusCodeType();
- statusCodeType.setValue(JBossSAMLURIConstants.STATUS_RESPONDER.get());
+ StatusType statusType = new StatusType();
+ StatusCodeType statusCodeType = new StatusCodeType();
+ statusCodeType.setValue( NetworkUtil.createURI( JBossSAMLURIConstants.STATUS_RESPONDER.get() ));
//2nd level status code
- StatusCodeType status2ndLevel = objectFactory.createStatusCodeType();
- status2ndLevel.setValue(JBossSAMLURIConstants.STATUS_SUCCESS.get());
+ StatusCodeType status2ndLevel = new StatusCodeType();
+ status2ndLevel.setValue( NetworkUtil.createURI( JBossSAMLURIConstants.STATUS_SUCCESS.get() ));
statusCodeType.setStatusCode(status2ndLevel);
statusType.setStatusCode(statusCodeType);
Modified: federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/web/servlets/saml/SOAPSAMLXACMLServlet.java
===================================================================
--- federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/web/servlets/saml/SOAPSAMLXACMLServlet.java 2010-11-30 16:06:20 UTC (rev 569)
+++ federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/web/servlets/saml/SOAPSAMLXACMLServlet.java 2010-11-30 16:07:32 UTC (rev 570)
@@ -51,14 +51,11 @@
import org.picketlink.identity.federation.core.saml.v2.util.SOAPSAMLXACMLUtil;
import org.picketlink.identity.federation.core.saml.v2.util.XMLTimeUtil;
import org.picketlink.identity.federation.core.util.JAXBUtil;
+import org.picketlink.identity.federation.newmodel.saml.v2.profiles.xacml.protocol.XACMLAuthzDecisionQueryType;
+import org.picketlink.identity.federation.newmodel.saml.v2.protocol.RequestAbstractType;
import org.picketlink.identity.federation.org.xmlsoap.schemas.soap.envelope.Body;
import org.picketlink.identity.federation.org.xmlsoap.schemas.soap.envelope.Envelope;
-import org.picketlink.identity.federation.org.xmlsoap.schemas.soap.envelope.Fault;
-import org.picketlink.identity.federation.saml.v2.assertion.AssertionType;
-import org.picketlink.identity.federation.saml.v2.assertion.StatementAbstractType;
-import org.picketlink.identity.federation.saml.v2.profiles.xacml.assertion.XACMLAuthzDecisionStatementType;
-import org.picketlink.identity.federation.saml.v2.profiles.xacml.protocol.XACMLAuthzDecisionQueryType;
-import org.picketlink.identity.federation.saml.v2.protocol.RequestAbstractType;
+import org.picketlink.identity.federation.org.xmlsoap.schemas.soap.envelope.Fault;
import org.jboss.security.xacml.core.JBossPDP;
import org.jboss.security.xacml.core.JBossRequestContext;
import org.jboss.security.xacml.core.model.context.RequestType;
@@ -145,7 +142,8 @@
@Override
protected void service(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException
{
- JAXBElement<RequestAbstractType> jaxbRequestType = null;
+ throw new RuntimeException( "FIX" );
+ /*JAXBElement<RequestAbstractType> jaxbRequestType = null;
Envelope envelope = null;
XACMLAuthzDecisionQueryType xacmlRequest = null;
@@ -256,7 +254,7 @@
{
log("marshalling exception",e);
}
- }
+ } */
}
private PolicyDecisionPoint getPDP() throws PrivilegedActionException
Modified: federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/web/util/IDPWebRequestUtil.java
===================================================================
--- federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/web/util/IDPWebRequestUtil.java 2010-11-30 16:06:20 UTC (rev 569)
+++ federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/web/util/IDPWebRequestUtil.java 2010-11-30 16:07:32 UTC (rev 570)
@@ -38,7 +38,6 @@
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
-import javax.xml.bind.JAXBException;
import javax.xml.crypto.dsig.CanonicalizationMethod;
import org.apache.log4j.Logger;
@@ -63,12 +62,11 @@
import org.picketlink.identity.federation.core.saml.v2.holders.SPInfoHolder;
import org.picketlink.identity.federation.core.saml.v2.util.DocumentUtil;
import org.picketlink.identity.federation.core.saml.v2.util.StatementUtil;
-import org.picketlink.identity.federation.saml.v2.assertion.AssertionType;
-import org.picketlink.identity.federation.saml.v2.assertion.AttributeStatementType;
-import org.picketlink.identity.federation.saml.v2.protocol.RequestAbstractType;
-import org.picketlink.identity.federation.saml.v2.protocol.ResponseType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AssertionType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AttributeStatementType;
+import org.picketlink.identity.federation.newmodel.saml.v2.protocol.RequestAbstractType;
+import org.picketlink.identity.federation.newmodel.saml.v2.protocol.ResponseType;
import org.w3c.dom.Document;
-import org.xml.sax.SAXException;
/**
* Request Util
@@ -220,10 +218,10 @@
responseType = saml2Response.createResponseType(id, sp, idp, issuerHolder);
//Add information on the roles
- AssertionType assertion = (AssertionType) responseType.getAssertionOrEncryptedAssertion().get(0);
+ AssertionType assertion = (AssertionType) responseType.getAssertions().get(0).getAssertion();
AttributeStatementType attrStatement = StatementUtil.createAttributeStatement(roles);
- assertion.getStatementOrAuthnStatementOrAuthzDecisionStatement().add(attrStatement);
+ assertion.addStatement( attrStatement );
//Add timed conditions
saml2Response.createTimedConditions(assertion, assertionValidity);
@@ -236,7 +234,7 @@
Map<String, Object> attribs =
attributeManager.getAttributes(userPrincipal, this.attribKeys);
AttributeStatementType attStatement = StatementUtil.createAttributeStatement(attribs);
- assertion.getStatementOrAuthnStatementOrAuthzDecisionStatement().add(attStatement);
+ assertion.addStatement( attStatement );
}
catch(Exception e)
{
@@ -252,14 +250,10 @@
{
saml2Response.marshall(responseType, sw);
}
- catch (JAXBException e)
+ catch ( ProcessingException e)
{
log.trace(e);
- }
- catch (SAXException e)
- {
- log.trace(e);
- }
+ }
log.trace("Response="+sw.toString());
}
@@ -546,14 +540,10 @@
{
saml2Response.marshall(responseType, sw);
}
- catch (JAXBException e)
+ catch ( ProcessingException e)
{
log.trace(e);
- }
- catch (SAXException e)
- {
- log.trace(e);
- }
+ }
log.trace("Response="+sw.toString());
}
Modified: federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/web/util/RedirectBindingSignatureUtil.java
===================================================================
--- federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/web/util/RedirectBindingSignatureUtil.java 2010-11-30 16:06:20 UTC (rev 569)
+++ federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/web/util/RedirectBindingSignatureUtil.java 2010-11-30 16:07:32 UTC (rev 570)
@@ -35,10 +35,13 @@
import org.picketlink.identity.federation.api.saml.v2.request.SAML2Request;
import org.picketlink.identity.federation.api.saml.v2.response.SAML2Response;
+import org.picketlink.identity.federation.core.exceptions.ConfigurationException;
+import org.picketlink.identity.federation.core.exceptions.ParsingException;
+import org.picketlink.identity.federation.core.exceptions.ProcessingException;
import org.picketlink.identity.federation.core.saml.v2.util.DocumentUtil;
-import org.picketlink.identity.federation.core.saml.v2.util.SignatureUtil;
-import org.picketlink.identity.federation.saml.v2.protocol.AuthnRequestType;
-import org.picketlink.identity.federation.saml.v2.protocol.ResponseType;
+import org.picketlink.identity.federation.core.saml.v2.util.SignatureUtil;
+import org.picketlink.identity.federation.newmodel.saml.v2.protocol.AuthnRequestType;
+import org.picketlink.identity.federation.newmodel.saml.v2.protocol.ResponseType;
import org.picketlink.identity.federation.web.constants.GeneralConstants;
import org.w3c.dom.Document;
import org.xml.sax.SAXException;
@@ -152,13 +155,14 @@
/**
* From the SAML Request URL, get the Request object
* @param signedURL
- * @return
+ * @return
* @throws IOException
- * @throws SAXException
- * @throws JAXBException
+ * @throws ParsingException
+ * @throws ProcessingException
+ * @throws ConfigurationException
*/
public static AuthnRequestType getRequestFromSignedURL(String signedURL)
- throws JAXBException, SAXException, IOException
+ throws ConfigurationException, ProcessingException, ParsingException, IOException
{
String samlRequestTokenValue = getTokenValue(signedURL, "SAMLRequest");
Modified: federation/trunk/picketlink-web/src/test/java/org/picketlink/test/identity/federation/web/saml/handlers/SAML2SignatureHandlerUnitTestCase.java
===================================================================
--- federation/trunk/picketlink-web/src/test/java/org/picketlink/test/identity/federation/web/saml/handlers/SAML2SignatureHandlerUnitTestCase.java 2010-11-30 16:06:20 UTC (rev 569)
+++ federation/trunk/picketlink-web/src/test/java/org/picketlink/test/identity/federation/web/saml/handlers/SAML2SignatureHandlerUnitTestCase.java 2010-11-30 16:07:32 UTC (rev 570)
@@ -42,8 +42,8 @@
import org.picketlink.identity.federation.core.saml.v2.interfaces.SAML2HandlerConfig;
import org.picketlink.identity.federation.core.saml.v2.interfaces.SAML2HandlerRequest;
import org.picketlink.identity.federation.core.saml.v2.interfaces.SAML2HandlerResponse;
-import org.picketlink.identity.federation.core.saml.v2.interfaces.SAML2HandlerRequest.GENERATE_REQUEST_TYPE;
-import org.picketlink.identity.federation.saml.v2.protocol.AuthnRequestType;
+import org.picketlink.identity.federation.core.saml.v2.interfaces.SAML2HandlerRequest.GENERATE_REQUEST_TYPE;
+import org.picketlink.identity.federation.newmodel.saml.v2.protocol.AuthnRequestType;
import org.picketlink.identity.federation.web.constants.GeneralConstants;
import org.picketlink.identity.federation.web.core.HTTPContext;
import org.picketlink.identity.federation.web.handlers.saml2.SAML2AuthenticationHandler;
Modified: federation/trunk/picketlink-web/src/test/java/org/picketlink/test/identity/federation/web/workflow/saml2/SAML2LogoutWorkflowUnitTestCase.java
===================================================================
--- federation/trunk/picketlink-web/src/test/java/org/picketlink/test/identity/federation/web/workflow/saml2/SAML2LogoutWorkflowUnitTestCase.java 2010-11-30 16:06:20 UTC (rev 569)
+++ federation/trunk/picketlink-web/src/test/java/org/picketlink/test/identity/federation/web/workflow/saml2/SAML2LogoutWorkflowUnitTestCase.java 2010-11-30 16:07:32 UTC (rev 570)
@@ -39,8 +39,8 @@
import org.picketlink.identity.federation.api.saml.v2.request.SAML2Request;
import org.picketlink.identity.federation.core.saml.v2.util.DocumentUtil;
import org.picketlink.identity.federation.core.util.Base64;
-import org.picketlink.identity.federation.saml.v2.SAML2Object;
-import org.picketlink.identity.federation.saml.v2.protocol.LogoutRequestType;
+import org.picketlink.identity.federation.newmodel.saml.v2.protocol.LogoutRequestType;
+import org.picketlink.identity.federation.saml.v2.SAML2Object;
import org.picketlink.identity.federation.web.constants.GeneralConstants;
import org.picketlink.identity.federation.web.core.IdentityServer;
import org.picketlink.identity.federation.web.filters.SPFilter;
Modified: federation/trunk/picketlink-web/src/test/java/org/picketlink/test/identity/federation/web/workflow/saml2/SAML2PostWorkflowUnitTestCase.java
===================================================================
--- federation/trunk/picketlink-web/src/test/java/org/picketlink/test/identity/federation/web/workflow/saml2/SAML2PostWorkflowUnitTestCase.java 2010-11-30 16:06:20 UTC (rev 569)
+++ federation/trunk/picketlink-web/src/test/java/org/picketlink/test/identity/federation/web/workflow/saml2/SAML2PostWorkflowUnitTestCase.java 2010-11-30 16:07:32 UTC (rev 570)
@@ -36,9 +36,9 @@
import org.picketlink.identity.federation.api.saml.v2.response.SAML2Response;
import org.picketlink.identity.federation.core.saml.v2.common.IDGenerator;
import org.picketlink.identity.federation.core.saml.v2.util.DocumentUtil;
-import org.picketlink.identity.federation.core.util.Base64;
-import org.picketlink.identity.federation.saml.v2.protocol.AuthnRequestType;
-import org.picketlink.identity.federation.saml.v2.protocol.ResponseType;
+import org.picketlink.identity.federation.core.util.Base64;
+import org.picketlink.identity.federation.newmodel.saml.v2.protocol.AuthnRequestType;
+import org.picketlink.identity.federation.newmodel.saml.v2.protocol.ResponseType;
import org.picketlink.identity.federation.web.constants.GeneralConstants;
import org.picketlink.identity.federation.web.core.IdentityServer;
import org.picketlink.identity.federation.web.filters.SPFilter;
14 years, 1 month
Picketlink SVN: r569 - in federation/trunk/picketlink-fed-core/src: main/java/org/picketlink/identity/federation/core/parsers/saml and 19 other directories.
by picketlink-commits@lists.jboss.org
Author: anil.saldhana(a)jboss.com
Date: 2010-11-30 11:06:20 -0500 (Tue, 30 Nov 2010)
New Revision: 569
Added:
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/util/NetworkUtil.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/writers/WSTrustRSTWriter.java
Modified:
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/factories/XACMLContextFactory.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLAssertionParser.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLAuthNRequestParser.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLRequestAbstractParser.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLSloRequestParser.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLSubjectParser.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/util/SAMLParserUtil.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/common/StatementLocal.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/constants/JBossSAMLConstants.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/factories/JBossSAMLAuthnRequestFactory.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/factories/JBossSAMLAuthnResponseFactory.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/factories/JBossSAMLBaseFactory.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/factories/SAMLAssertionFactory.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/holders/IssuerInfoHolder.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/impl/DefaultSAML2HandlerRequest.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/interfaces/SAML2HandlerRequest.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/util/AssertionUtil.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/util/JAXBElementMappingUtil.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/util/SOAPSAMLXACMLUtil.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/util/StatementUtil.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/BaseWriter.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/SAMLAssertionWriter.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/SAMLRequestWriter.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/SAMLResponseWriter.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/util/StaxUtil.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/StandardRequestHandler.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/plugins/saml/SAML20TokenAttributeProvider.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/plugins/saml/SAML20TokenProvider.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/plugins/saml/SAMLUtil.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/writers/WSPolicyWriter.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/writers/WSTrustRequestWriter.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/writers/WSTrustResponseWriter.java
federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/identity/federation/core/wstrust/auth/Util.java
federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/saml/SAMLAssertionParserTestCase.java
federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/saml/SAMLAuthnRequestParserTestCase.java
federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/saml/SAMLResponseParserTestCase.java
federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/saml/SAMLSloRequestParserTestCase.java
federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/saml/SAMLSloResponseParserTestCase.java
federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/wst/WSTResponseAssertionHOKCertificateTestCase.java
federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/saml/v2/X500AttributeUnitTestCase.java
federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/saml/v2/util/AssertionUtilUnitTestCase.java
federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/wstrust/PicketLinkSTSUnitTestCase.java
federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/wstrust/SAML20TokenProviderUnitTestCase.java
Log:
updated saml object model
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/factories/XACMLContextFactory.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/factories/XACMLContextFactory.java 2010-11-30 16:03:56 UTC (rev 568)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/factories/XACMLContextFactory.java 2010-11-30 16:06:20 UTC (rev 569)
@@ -21,11 +21,9 @@
*/
package org.picketlink.identity.federation.core.factories;
-import org.picketlink.identity.federation.core.saml.v2.util.SOAPSAMLXACMLUtil;
-import org.picketlink.identity.federation.saml.v2.profiles.xacml.assertion.XACMLAuthzDecisionStatementType;
-import org.jboss.security.xacml.core.model.context.ObjectFactory;
import org.jboss.security.xacml.core.model.context.RequestType;
import org.jboss.security.xacml.core.model.context.ResponseType;
+import org.picketlink.identity.federation.newmodel.saml.v2.profiles.xacml.assertion.XACMLAuthzDecisionStatementType;
/**
@@ -34,14 +32,7 @@
* @since Jul 30, 2009
*/
public class XACMLContextFactory
-{
- private static ObjectFactory _objectFactory = new ObjectFactory();
-
- public static ObjectFactory getObjectFactory()
- {
- return _objectFactory;
- }
-
+{
/**
* Create an XACML Authorization Decision Statement Type
* @param request
@@ -51,7 +42,7 @@
public static XACMLAuthzDecisionStatementType createXACMLAuthzDecisionStatementType(RequestType request,
ResponseType response)
{
- XACMLAuthzDecisionStatementType xacmlStatement = SOAPSAMLXACMLUtil.createXACMLAuthzDecisionStatementType();
+ XACMLAuthzDecisionStatementType xacmlStatement = new XACMLAuthzDecisionStatementType();
xacmlStatement.setRequest(request);
xacmlStatement.setResponse(response);
return xacmlStatement;
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLAssertionParser.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLAssertionParser.java 2010-11-30 16:03:56 UTC (rev 568)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLAssertionParser.java 2010-11-30 16:06:20 UTC (rev 569)
@@ -21,6 +21,7 @@
*/
package org.picketlink.identity.federation.core.parsers.saml;
+import javax.xml.datatype.XMLGregorianCalendar;
import javax.xml.namespace.QName;
import javax.xml.stream.XMLEventReader;
import javax.xml.stream.events.Attribute;
@@ -34,13 +35,8 @@
import org.picketlink.identity.federation.core.parsers.util.StaxParserUtil;
import org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLConstants;
import org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLURIConstants;
-import org.picketlink.identity.federation.core.saml.v2.util.XMLTimeUtil;
-import org.picketlink.identity.federation.saml.v2.assertion.AssertionType;
-import org.picketlink.identity.federation.saml.v2.assertion.AttributeStatementType;
-import org.picketlink.identity.federation.saml.v2.assertion.AuthnStatementType;
-import org.picketlink.identity.federation.saml.v2.assertion.ConditionsType;
-import org.picketlink.identity.federation.saml.v2.assertion.NameIDType;
-import org.picketlink.identity.federation.saml.v2.assertion.SubjectType;
+import org.picketlink.identity.federation.core.saml.v2.util.XMLTimeUtil;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.*;
/**
* Parse the saml assertion
@@ -121,12 +117,12 @@
else if( JBossSAMLConstants.AUTHN_STATEMENT.get().equalsIgnoreCase( tag ) )
{
AuthnStatementType authnStatementType = SAMLParserUtil.parseAuthnStatement( xmlEventReader );
- assertion.getStatementOrAuthnStatementOrAuthzDecisionStatement().add( authnStatementType );
+ assertion.addStatement(authnStatementType);
}
else if( JBossSAMLConstants.ATTRIBUTE_STATEMENT.get().equalsIgnoreCase( tag ) )
{
- AttributeStatementType attributeStatementType = SAMLParserUtil.parseAttributeStatement( xmlEventReader );
- assertion.getStatementOrAuthnStatementOrAuthzDecisionStatement().add( attributeStatementType );
+ AttributeStatementType attributeStatementType = SAMLParserUtil.parseAttributeStatement( xmlEventReader );
+ assertion.addStatement(attributeStatementType);
}
else throw new RuntimeException( "SAMLAssertionParser:: unknown: " + tag );
}
@@ -147,19 +143,15 @@
private AssertionType parseBaseAttributes( StartElement nextElement ) throws ParsingException
{
- AssertionType assertion = new AssertionType();
Attribute idAttribute = nextElement.getAttributeByName( new QName( JBossSAMLConstants.ID.get() ) );
- assertion.setID( StaxParserUtil.getAttributeValue( idAttribute ));
+ String id = StaxParserUtil.getAttributeValue( idAttribute );
Attribute versionAttribute = nextElement.getAttributeByName( new QName( JBossSAMLConstants.VERSION.get() ));
- assertion.setVersion( StaxParserUtil.getAttributeValue(versionAttribute) );
+ String version = StaxParserUtil.getAttributeValue(versionAttribute) ;
Attribute issueInstantAttribute = nextElement.getAttributeByName( new QName( JBossSAMLConstants.ISSUE_INSTANT.get() ));
- if( issueInstantAttribute != null )
- {
- assertion.setIssueInstant( XMLTimeUtil.parse( StaxParserUtil.getAttributeValue(issueInstantAttribute )));
- }
+ XMLGregorianCalendar issueInstant = XMLTimeUtil.parse( StaxParserUtil.getAttributeValue(issueInstantAttribute ));
- return assertion;
+ return new AssertionType( id, issueInstant, version );
}
}
\ No newline at end of file
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLAuthNRequestParser.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLAuthNRequestParser.java 2010-11-30 16:03:56 UTC (rev 568)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLAuthNRequestParser.java 2010-11-30 16:06:20 UTC (rev 569)
@@ -30,9 +30,10 @@
import org.picketlink.identity.federation.core.parsers.ParserNamespaceSupport;
import org.picketlink.identity.federation.core.parsers.util.StaxParserUtil;
import org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLConstants;
-import org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLURIConstants;
-import org.picketlink.identity.federation.saml.v2.protocol.AuthnRequestType;
-import org.picketlink.identity.federation.saml.v2.protocol.NameIDPolicyType;
+import org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLURIConstants;
+import org.picketlink.identity.federation.core.util.NetworkUtil;
+import org.picketlink.identity.federation.newmodel.saml.v2.protocol.AuthnRequestType;
+import org.picketlink.identity.federation.newmodel.saml.v2.protocol.NameIDPolicyType;
/**
* Parse the SAML2 AuthnRequest
@@ -93,7 +94,11 @@
Attribute assertionConsumerServiceURL = startElement.getAttributeByName( new QName( "AssertionConsumerServiceURL" ));
if( assertionConsumerServiceURL != null )
- authnRequest.setAssertionConsumerServiceURL( StaxParserUtil.getAttributeValue( assertionConsumerServiceURL ));
+ {
+ String uri = StaxParserUtil.getAttributeValue( assertionConsumerServiceURL );
+ authnRequest.setAssertionConsumerServiceURL( NetworkUtil.createURI(uri));
+ }
+
Attribute assertionConsumerServiceIndex = startElement.getAttributeByName( new QName( "AssertionConsumerServiceIndex" ));
if( assertionConsumerServiceIndex != null )
@@ -101,7 +106,7 @@
Attribute protocolBinding = startElement.getAttributeByName( new QName( "ProtocolBinding" ));
if( protocolBinding != null )
- authnRequest.setProtocolBinding( StaxParserUtil.getAttributeValue( protocolBinding ));
+ authnRequest.setProtocolBinding( NetworkUtil.createURI( StaxParserUtil.getAttributeValue( protocolBinding )));
Attribute providerName = startElement.getAttributeByName( new QName( "ProviderName" ));
if( providerName != null )
@@ -136,7 +141,7 @@
NameIDPolicyType nameIDPolicy = new NameIDPolicyType();
Attribute format = startElement.getAttributeByName( new QName( "Format" ));
if( format != null )
- nameIDPolicy.setFormat( StaxParserUtil.getAttributeValue( format ));
+ nameIDPolicy.setFormat( NetworkUtil.createURI( StaxParserUtil.getAttributeValue( format )));
Attribute allowCreate = startElement.getAttributeByName( new QName( "AllowCreate" ));
if( allowCreate != null )
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLRequestAbstractParser.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLRequestAbstractParser.java 2010-11-30 16:03:56 UTC (rev 568)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLRequestAbstractParser.java 2010-11-30 16:06:20 UTC (rev 569)
@@ -29,9 +29,10 @@
import org.picketlink.identity.federation.core.exceptions.ParsingException;
import org.picketlink.identity.federation.core.parsers.util.StaxParserUtil;
import org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLConstants;
-import org.picketlink.identity.federation.core.saml.v2.util.XMLTimeUtil;
-import org.picketlink.identity.federation.saml.v2.assertion.NameIDType;
-import org.picketlink.identity.federation.saml.v2.protocol.RequestAbstractType;
+import org.picketlink.identity.federation.core.saml.v2.util.XMLTimeUtil;
+import org.picketlink.identity.federation.core.util.NetworkUtil;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.NameIDType;
+import org.picketlink.identity.federation.newmodel.saml.v2.protocol.RequestAbstractType;
/**
* Base Class for SAML Request Parsing
@@ -65,7 +66,7 @@
Attribute destination = startElement.getAttributeByName( new QName( "Destination" ));
if( destination != null )
- request.setDestination( StaxParserUtil.getAttributeValue( destination ));
+ request.setDestination( NetworkUtil.createURI( StaxParserUtil.getAttributeValue( destination )));
Attribute consent = startElement.getAttributeByName( new QName( "Consent" ));
if( consent != null )
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLSloRequestParser.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLSloRequestParser.java 2010-11-30 16:03:56 UTC (rev 568)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLSloRequestParser.java 2010-11-30 16:06:20 UTC (rev 569)
@@ -33,8 +33,8 @@
import org.picketlink.identity.federation.core.parsers.ParserNamespaceSupport;
import org.picketlink.identity.federation.core.parsers.util.StaxParserUtil;
import org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLConstants;
-import org.picketlink.identity.federation.core.saml.v2.util.XMLTimeUtil;
-import org.picketlink.identity.federation.saml.v2.protocol.LogoutRequestType;
+import org.picketlink.identity.federation.core.saml.v2.util.XMLTimeUtil;
+import org.picketlink.identity.federation.newmodel.saml.v2.protocol.LogoutRequestType;
/**
* Parse the Single Log Out requests
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLSubjectParser.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLSubjectParser.java 2010-11-30 16:03:56 UTC (rev 568)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLSubjectParser.java 2010-11-30 16:06:20 UTC (rev 569)
@@ -35,15 +35,13 @@
import org.picketlink.identity.federation.core.parsers.util.StaxParserUtil;
import org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLConstants;
import org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLURIConstants;
-import org.picketlink.identity.federation.core.saml.v2.factories.SAMLAssertionFactory;
import org.picketlink.identity.federation.core.saml.v2.util.XMLTimeUtil;
import org.picketlink.identity.federation.core.wstrust.WSTrustConstants;
-import org.picketlink.identity.federation.saml.v2.assertion.AttributeStatementType;
-import org.picketlink.identity.federation.saml.v2.assertion.NameIDType;
-import org.picketlink.identity.federation.saml.v2.assertion.ObjectFactory;
-import org.picketlink.identity.federation.saml.v2.assertion.SubjectConfirmationDataType;
-import org.picketlink.identity.federation.saml.v2.assertion.SubjectConfirmationType;
-import org.picketlink.identity.federation.saml.v2.assertion.SubjectType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.NameIDType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.SubjectConfirmationDataType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.SubjectConfirmationType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.SubjectType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.SubjectType.STSubType;
import org.picketlink.identity.xmlsec.w3.xmldsig.KeyInfoType;
import org.picketlink.identity.xmlsec.w3.xmldsig.X509DataType;
@@ -53,9 +51,7 @@
* @since Oct 12, 2010
*/
public class SAMLSubjectParser implements ParserNamespaceSupport
-{
- private ObjectFactory objectFactory = new ObjectFactory();
-
+{
/**
* @see {@link ParserNamespaceSupport#parse(XMLEventReader)}
*/
@@ -85,8 +81,9 @@
if( JBossSAMLConstants.NAMEID.get().equalsIgnoreCase( tag ) )
{
NameIDType nameID = SAMLParserUtil.parseNameIDType(xmlEventReader);
- JAXBElement<NameIDType> jaxbNameID = objectFactory.createNameID( nameID );
- subject.getContent().add( jaxbNameID );
+ STSubType subType = new STSubType();
+ subType.addBaseID(nameID);
+ subject.setSubType( subType );
}
else if( JBossSAMLConstants.SUBJECT_CONFIRMATION.get().equalsIgnoreCase( tag ) )
{
@@ -114,8 +111,7 @@
}
}
- JAXBElement<SubjectConfirmationType> jaxbSubjectConf = objectFactory.createSubjectConfirmation( subjectConfirmationType );
- subject.getContent().add(jaxbSubjectConf);
+ subject.addConfirmation(subjectConfirmationType);
//Get the end tag
EndElement endElement = (EndElement) StaxParserUtil.getNextEvent(xmlEventReader);
@@ -123,9 +119,10 @@
}
else if( JBossSAMLConstants.ATTRIBUTE_STATEMENT.get().equals( tag ))
{
- AttributeStatementType attributeStatement = SAMLParserUtil.parseAttributeStatement(xmlEventReader);
+ throw new RuntimeException( "NYI" );
+ /*AttributeStatementType attributeStatement = SAMLParserUtil.parseAttributeStatement(xmlEventReader);
JAXBElement<?> jaxbEl = SAMLAssertionFactory.getObjectFactory().createAttributeStatement(attributeStatement);
- subject.getContent().add( jaxbEl );
+ subject.getContent().add( jaxbEl );*/
}
else throw new RuntimeException( "Unknown tag:" + tag );
}
@@ -143,8 +140,7 @@
return nsURI.equals( JBossSAMLURIConstants.ASSERTION_NSURI.get() )
&& localPart.equals( JBossSAMLConstants.SUBJECT.get() );
}
-
- @SuppressWarnings({"unchecked", "rawtypes"})
+
private SubjectConfirmationDataType parseSubjectConfirmationData( XMLEventReader xmlEventReader ) throws ParsingException
{
StartElement startElement = StaxParserUtil.getNextStartElement(xmlEventReader);
@@ -189,11 +185,8 @@
String tag = StaxParserUtil.getStartElementName(startElement);
if( tag.equals( WSTrustConstants.XMLDSig.KEYINFO ))
{
- KeyInfoType keyInfo = parseKeyInfo(xmlEventReader);
- QName qname = new QName( WSTrustConstants.XMLDSig.DSIG_NS, WSTrustConstants.XMLDSig.KEYINFO,
- WSTrustConstants.XMLDSig.DSIG_PREFIX );
- JAXBElement<?> jaxb = new JAXBElement(qname, KeyInfoType.class, keyInfo );
- subjectConfirmationData.getContent().add( jaxb );
+ KeyInfoType keyInfo = parseKeyInfo(xmlEventReader);
+ subjectConfirmationData.setAnyType(keyInfo);
}
}
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/util/SAMLParserUtil.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/util/SAMLParserUtil.java 2010-11-30 16:03:56 UTC (rev 568)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/util/SAMLParserUtil.java 2010-11-30 16:06:20 UTC (rev 569)
@@ -21,7 +21,7 @@
*/
package org.picketlink.identity.federation.core.parsers.util;
-import javax.xml.bind.JAXBElement;
+import javax.xml.datatype.XMLGregorianCalendar;
import javax.xml.namespace.QName;
import javax.xml.stream.XMLEventReader;
import javax.xml.stream.events.Attribute;
@@ -31,13 +31,16 @@
import org.picketlink.identity.federation.core.exceptions.ParsingException;
import org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLConstants;
import org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLURIConstants;
-import org.picketlink.identity.federation.core.saml.v2.factories.SAMLAssertionFactory;
import org.picketlink.identity.federation.core.saml.v2.util.XMLTimeUtil;
-import org.picketlink.identity.federation.saml.v2.assertion.AttributeStatementType;
-import org.picketlink.identity.federation.saml.v2.assertion.AttributeType;
-import org.picketlink.identity.federation.saml.v2.assertion.AuthnContextType;
-import org.picketlink.identity.federation.saml.v2.assertion.AuthnStatementType;
-import org.picketlink.identity.federation.saml.v2.assertion.NameIDType;
+import org.picketlink.identity.federation.core.util.NetworkUtil;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AttributeStatementType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AttributeStatementType.ASTChoiceType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AttributeType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AuthnContextClassRefType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AuthnContextDeclType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AuthnContextType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AuthnStatementType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.NameIDType;
/**
* Utility methods for SAML Parser
@@ -68,7 +71,7 @@
if( JBossSAMLConstants.ATTRIBUTE.get().equals( tag ) )
{
AttributeType attribute = parseAttribute(xmlEventReader);
- attributeStatementType.getAttributeOrEncryptedAttribute().add( attribute );
+ attributeStatementType.addAttribute( new ASTChoiceType( attribute ));
}
else throw new RuntimeException( "Unknown tag:" + tag );
}
@@ -165,7 +168,6 @@
*/
public static AuthnStatementType parseAuthnStatement( XMLEventReader xmlEventReader ) throws ParsingException
{
- AuthnStatementType authnStatementType = new AuthnStatementType();
StartElement startElement = StaxParserUtil.getNextStartElement(xmlEventReader);
String AUTHNSTATEMENT = JBossSAMLConstants.AUTHN_STATEMENT.get();
@@ -174,7 +176,9 @@
Attribute authnInstant = startElement.getAttributeByName( new QName( "AuthnInstant" ));
if( authnInstant == null )
throw new RuntimeException( "Required attribute AuthnInstant in " + AUTHNSTATEMENT );
- authnStatementType.setAuthnInstant( XMLTimeUtil.parse( StaxParserUtil.getAttributeValue( authnInstant )));
+
+ XMLGregorianCalendar issueInstant = XMLTimeUtil.parse( StaxParserUtil.getAttributeValue( authnInstant ));
+ AuthnStatementType authnStatementType = new AuthnStatementType( issueInstant );
Attribute sessionIndex = startElement.getAttributeByName( new QName( "SessionIndex" ));
if( sessionIndex != null )
@@ -216,8 +220,8 @@
{
String text = StaxParserUtil.getElementText( xmlEventReader );
- JAXBElement<?> acDeclRef = SAMLAssertionFactory.getObjectFactory().createAuthnContextDeclRef( text );
- authnContextType.getContent().add(acDeclRef);
+ AuthnContextDeclType aAuthnContextDeclType = new AuthnContextDeclType( NetworkUtil.createURI(text));
+ authnContextType.addURIType(aAuthnContextDeclType);
EndElement endElement = StaxParserUtil.getNextEndElement(xmlEventReader);
StaxParserUtil.validate(endElement, JBossSAMLConstants.AUTHN_CONTEXT.get() );
}
@@ -225,8 +229,8 @@
{
String text = StaxParserUtil.getElementText( xmlEventReader );
- JAXBElement<?> acDeclRef = SAMLAssertionFactory.getObjectFactory().createAuthnContextClassRef(text );
- authnContextType.getContent().add(acDeclRef);
+ AuthnContextClassRefType aAuthnContextClassRefType = new AuthnContextClassRefType( NetworkUtil.createURI(text));
+ authnContextType.addURIType( aAuthnContextClassRefType );
EndElement endElement = StaxParserUtil.getNextEndElement(xmlEventReader);
StaxParserUtil.validate(endElement, JBossSAMLConstants.AUTHN_CONTEXT.get() );
}
@@ -256,7 +260,7 @@
Attribute format = nameIDElement.getAttributeByName( new QName( JBossSAMLConstants.FORMAT.get() ));
if( format != null )
{
- nameID.setFormat( StaxParserUtil.getAttributeValue( format ));
+ nameID.setFormat( NetworkUtil.createURI( StaxParserUtil.getAttributeValue( format )) );
}
Attribute spProvidedID = nameIDElement.getAttributeByName( new QName( JBossSAMLConstants.SP_PROVIDED_ID.get() ));
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/common/StatementLocal.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/common/StatementLocal.java 2010-11-30 16:03:56 UTC (rev 568)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/common/StatementLocal.java 2010-11-30 16:06:20 UTC (rev 569)
@@ -21,9 +21,9 @@
*/
package org.picketlink.identity.federation.core.saml.v2.common;
-import java.util.List;
+import java.util.Set;
-import org.picketlink.identity.federation.saml.v2.assertion.StatementAbstractType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.StatementAbstractType;
/**
* Thread Local holding the statements
@@ -33,6 +33,6 @@
*/
public class StatementLocal
{
- public static ThreadLocal<List<StatementAbstractType>> statements
- = new InheritableThreadLocal<List<StatementAbstractType>>();
+ public static ThreadLocal<Set<StatementAbstractType>> statements
+ = new InheritableThreadLocal<Set<StatementAbstractType>>();
}
\ No newline at end of file
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/constants/JBossSAMLConstants.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/constants/JBossSAMLConstants.java 2010-11-30 16:03:56 UTC (rev 568)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/constants/JBossSAMLConstants.java 2010-11-30 16:06:20 UTC (rev 569)
@@ -38,7 +38,9 @@
AUDIENCE( "Audience" ),
AUDIENCE_RESTRICTION( "AudienceRestriction" ),
AUTHN_CONTEXT( "AuthnContext" ),
+ AUTHENTICATING_AUTHORITY( "AuthenticatingAuthority" ),
AUTHN_CONTEXT_CLASS_REF( "AuthnContextClassRef" ),
+ AUTHN_CONTEXT_DECLARATION( "AuthnContextDecl" ),
AUTHN_CONTEXT_DECLARATION_REF( "AuthnContextDeclRef" ),
AUTHN_INSTANT( "AuthnInstant" ),
AUTHN_REQUEST( "AuthnRequest" ),
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/factories/JBossSAMLAuthnRequestFactory.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/factories/JBossSAMLAuthnRequestFactory.java 2010-11-30 16:03:56 UTC (rev 568)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/factories/JBossSAMLAuthnRequestFactory.java 2010-11-30 16:06:20 UTC (rev 569)
@@ -21,7 +21,6 @@
*/
package org.picketlink.identity.federation.core.saml.v2.factories;
-import javax.xml.bind.JAXBElement;
import javax.xml.bind.JAXBException;
import javax.xml.bind.Marshaller;
import javax.xml.bind.Unmarshaller;
@@ -31,8 +30,9 @@
import org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLConstants;
import org.picketlink.identity.federation.core.saml.v2.util.XMLTimeUtil;
import org.picketlink.identity.federation.core.util.JAXBUtil;
-import org.picketlink.identity.federation.saml.v2.assertion.NameIDType;
-import org.picketlink.identity.federation.saml.v2.protocol.AuthnRequestType;
+import org.picketlink.identity.federation.core.util.NetworkUtil;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.NameIDType;
+import org.picketlink.identity.federation.newmodel.saml.v2.protocol.AuthnRequestType;
import org.xml.sax.SAXException;
/**
@@ -46,16 +46,6 @@
private static String schemaLocation = "schema/saml/v2/saml-schema-protocol-2.0.xsd";
/**
- * Create a AuthnRequestType
- * @return
- */
- public static AuthnRequestType createAuthnRequestType()
- {
- AuthnRequestType authnRequestType = SAMLProtocolFactory.getObjectFactory().createAuthnRequestType();
- return authnRequestType;
- }
-
- /**
* Create an AuthnRequestType
* @param id Id of the request
* @param assertionConsumerURL URL of the requestor where the response assertion is requested
@@ -68,32 +58,21 @@
{
XMLGregorianCalendar issueInstant = XMLTimeUtil.getIssueInstant();
- AuthnRequestType authnRequest = SAMLProtocolFactory.getObjectFactory().createAuthnRequestType();
+ AuthnRequestType authnRequest = new AuthnRequestType();
authnRequest.setID(id);
authnRequest.setVersion(JBossSAMLConstants.VERSION_2_0.get());
- authnRequest.setAssertionConsumerServiceURL(assertionConsumerURL);
- authnRequest.setProtocolBinding(JBossSAMLConstants.HTTP_POST_BINDING.get());
- authnRequest.setDestination(destination);
+ authnRequest.setAssertionConsumerServiceURL( NetworkUtil.createURI( assertionConsumerURL ));
+ authnRequest.setProtocolBinding( NetworkUtil.createURI( JBossSAMLConstants.HTTP_POST_BINDING.get() ));
+ authnRequest.setDestination( NetworkUtil.createURI( destination ));
authnRequest.setIssueInstant(issueInstant);
//Create an issuer
- NameIDType issuer = JBossSAMLBaseFactory.createNameID();
+ NameIDType issuer = new NameIDType();
issuer.setValue(issuerValue);
authnRequest.setIssuer(issuer);
- return authnRequest;
-
- }
-
- /**
- * Create a JAXBElement for the AuthnRequestType
- * @param authnRequestType
- * @return
- */
- public static JAXBElement<AuthnRequestType> createAuthnRequestType(AuthnRequestType authnRequestType)
- {
- return SAMLProtocolFactory.getObjectFactory().createAuthnRequest(authnRequestType);
+ return authnRequest;
}
/**
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/factories/JBossSAMLAuthnResponseFactory.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/factories/JBossSAMLAuthnResponseFactory.java 2010-11-30 16:03:56 UTC (rev 568)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/factories/JBossSAMLAuthnResponseFactory.java 2010-11-30 16:06:20 UTC (rev 569)
@@ -21,7 +21,8 @@
*/
package org.picketlink.identity.federation.core.saml.v2.factories;
-import javax.xml.bind.JAXBElement;
+import java.util.List;
+
import javax.xml.bind.JAXBException;
import javax.xml.bind.Marshaller;
import javax.xml.bind.Unmarshaller;
@@ -33,14 +34,18 @@
import org.picketlink.identity.federation.core.saml.v2.holders.SPInfoHolder;
import org.picketlink.identity.federation.core.saml.v2.util.XMLTimeUtil;
import org.picketlink.identity.federation.core.util.JAXBUtil;
-import org.picketlink.identity.federation.saml.v2.assertion.AssertionType;
-import org.picketlink.identity.federation.saml.v2.assertion.NameIDType;
-import org.picketlink.identity.federation.saml.v2.assertion.SubjectConfirmationDataType;
-import org.picketlink.identity.federation.saml.v2.assertion.SubjectConfirmationType;
-import org.picketlink.identity.federation.saml.v2.assertion.SubjectType;
-import org.picketlink.identity.federation.saml.v2.protocol.ResponseType;
-import org.picketlink.identity.federation.saml.v2.protocol.StatusCodeType;
-import org.picketlink.identity.federation.saml.v2.protocol.StatusType;
+import org.picketlink.identity.federation.core.util.NetworkUtil;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AssertionType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.ConditionsType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.NameIDType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.StatementAbstractType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.SubjectConfirmationDataType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.SubjectConfirmationType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.SubjectType;
+import org.picketlink.identity.federation.newmodel.saml.v2.protocol.ResponseType;
+import org.picketlink.identity.federation.newmodel.saml.v2.protocol.ResponseType.RTChoiceType;
+import org.picketlink.identity.federation.newmodel.saml.v2.protocol.StatusCodeType;
+import org.picketlink.identity.federation.newmodel.saml.v2.protocol.StatusType;
import org.xml.sax.SAXException;
/**
@@ -60,10 +65,10 @@
*/
public static StatusType createStatusType(String statusCodeURI)
{
- StatusCodeType sct = SAMLProtocolFactory.getObjectFactory().createStatusCodeType();
- sct.setValue(statusCodeURI);
+ StatusCodeType sct = new StatusCodeType();
+ sct.setValue( NetworkUtil.createURI( statusCodeURI ));
- StatusType statusType = SAMLProtocolFactory.getObjectFactory().createStatusType();
+ StatusType statusType = new StatusType();
statusType.setStatusCode(sct);
return statusType;
}
@@ -74,7 +79,7 @@
*/
public static ResponseType createResponseType()
{
- return SAMLProtocolFactory.getObjectFactory().createResponseType();
+ return new ResponseType();
}
/**
@@ -94,40 +99,36 @@
XMLGregorianCalendar issueInstant = XMLTimeUtil.getIssueInstant();
//Create an assertion
- AssertionType assertionType = JBossSAMLBaseFactory.createAssertion();
- assertionType.setID("ID_" + JBossSAMLBaseFactory.createUUID());
- assertionType.setVersion(issuerInfo.getSamlVersion());
- assertionType.setIssueInstant(issueInstant);
+ String id = "ID_" + JBossSAMLBaseFactory.createUUID();
- assertionType.setIssuer(issuerInfo.getIssuer());
-
//Create assertion -> subject
- SubjectType subjectType = JBossSAMLBaseFactory.createSubject();
+ SubjectType subjectType = new SubjectType();
//subject -> nameid
- NameIDType nameIDType = JBossSAMLBaseFactory.createNameID();
- nameIDType.setFormat(idp.getNameIDFormat());
+ NameIDType nameIDType = new NameIDType();
+ nameIDType.setFormat( NetworkUtil.createURI( idp.getNameIDFormat() ));
nameIDType.setValue(idp.getNameIDFormatValue());
- JAXBElement<NameIDType> jaxbNameIDType = JBossSAMLBaseFactory.createNameID(nameIDType);
- subjectType.getContent().add(jaxbNameIDType);
+ SubjectType.STSubType subType = new SubjectType.STSubType();
+ subType.addBaseID(nameIDType);
- SubjectConfirmationType subjectConfirmation =
- JBossSAMLBaseFactory.createSubjectConfirmation(idp.getSubjectConfirmationMethod());
- SubjectConfirmationDataType subjectConfirmationData =
- JBossSAMLBaseFactory.createSubjectConfirmationData(sp.getRequestID(),
- responseDestinationURI, issueInstant);
- subjectConfirmationData.setRecipient(sp.getResponseDestinationURI());
+ SubjectConfirmationType subjectConfirmation = new SubjectConfirmationType();
+ subjectConfirmation.setMethod( idp.getSubjectConfirmationMethod());
+ SubjectConfirmationDataType subjectConfirmationData = new SubjectConfirmationDataType();
+ subjectConfirmationData.setInResponseTo( sp.getRequestID() );
+ subjectConfirmationData.setRecipient( responseDestinationURI );
+ subjectConfirmationData.setNotBefore(issueInstant);
+ subjectConfirmationData.setNotOnOrAfter(issueInstant);
+
subjectConfirmation.setSubjectConfirmationData(subjectConfirmationData);
+
+ subjectType.addConfirmation(subjectConfirmation);
- JAXBElement<SubjectConfirmationType> jaxbSubjectConfirmationType =
- JBossSAMLBaseFactory.createSubjectConfirmation(subjectConfirmation);
+ AssertionType assertionType = SAMLAssertionFactory.createAssertion(id,
+ nameIDType , issueInstant, (ConditionsType) null, subjectType, (List<StatementAbstractType>)null );
- subjectType.getContent().add(jaxbSubjectConfirmationType);
- assertionType.setSubject(subjectType);
-
ResponseType responseType = createResponseType(ID, issuerInfo, assertionType);
//InResponseTo ID
responseType.setInResponseTo(sp.getRequestID());
@@ -148,7 +149,7 @@
public static ResponseType createResponseType(String ID, IssuerInfoHolder issuerInfo, AssertionType assertionType)
throws ConfigurationException
{
- ResponseType responseType = SAMLProtocolFactory.getObjectFactory().createResponseType();
+ ResponseType responseType = new ResponseType();
responseType.setVersion(issuerInfo.getSamlVersion());
//ID
@@ -168,11 +169,9 @@
XMLGregorianCalendar issueInstant = XMLTimeUtil.getIssueInstant();
//IssueInstant
- responseType.setIssueInstant(issueInstant);
- if(assertionType.getIssueInstant() == null)
- assertionType.setIssueInstant(issueInstant);
-
- responseType.getAssertionOrEncryptedAssertion().add(assertionType);
+ responseType.setIssueInstant(issueInstant);
+
+ responseType.addAssertion( new RTChoiceType( assertionType ));
return responseType;
}
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/factories/JBossSAMLBaseFactory.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/factories/JBossSAMLBaseFactory.java 2010-11-30 16:03:56 UTC (rev 568)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/factories/JBossSAMLBaseFactory.java 2010-11-30 16:06:20 UTC (rev 569)
@@ -22,18 +22,15 @@
package org.picketlink.identity.federation.core.saml.v2.factories;
-import javax.xml.bind.JAXBElement;
import javax.xml.datatype.XMLGregorianCalendar;
import org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLURIConstants;
-import org.picketlink.identity.federation.saml.v2.assertion.AssertionType;
-import org.picketlink.identity.federation.saml.v2.assertion.AttributeStatementType;
-import org.picketlink.identity.federation.saml.v2.assertion.AttributeType;
-import org.picketlink.identity.federation.saml.v2.assertion.NameIDType;
-import org.picketlink.identity.federation.saml.v2.assertion.ObjectFactory;
-import org.picketlink.identity.federation.saml.v2.assertion.SubjectConfirmationDataType;
-import org.picketlink.identity.federation.saml.v2.assertion.SubjectConfirmationType;
-import org.picketlink.identity.federation.saml.v2.assertion.SubjectType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AttributeStatementType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AttributeStatementType.ASTChoiceType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AttributeType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.NameIDType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.SubjectConfirmationDataType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.SubjectConfirmationType;
/**
* Base methods for the factories
@@ -41,25 +38,14 @@
* @since Dec 9, 2008
*/
public class JBossSAMLBaseFactory
-{
- private static ObjectFactory assertionObjectFactory = new ObjectFactory();
-
+{
/**
- * Create a plain assertion type
- * @return
- */
- public static AssertionType createAssertion()
- {
- return assertionObjectFactory.createAssertionType();
- }
-
- /**
* Create an empty attribute statement
* @return
*/
public static AttributeStatementType createAttributeStatement()
{
- return assertionObjectFactory.createAttributeStatementType();
+ return new AttributeStatementType();
}
/**
@@ -69,13 +55,13 @@
*/
public static AttributeType createAttributeForRole(String roleName)
{
- AttributeType att = assertionObjectFactory.createAttributeType();
+ AttributeType att = new AttributeType();
att.setFriendlyName("role");
att.setName("role");
att.setNameFormat(JBossSAMLURIConstants.ATTRIBUTE_FORMAT_BASIC.get());
//rolename
- att.getAttributeValue().add(roleName);
+ att.addAttributeValue( roleName );
return att;
}
@@ -87,67 +73,27 @@
*/
public static AttributeStatementType createAttributeStatement(String attributeValue)
{
- AttributeStatementType attribStatement = assertionObjectFactory.createAttributeStatementType();
- AttributeType att = assertionObjectFactory.createAttributeType();
- JAXBElement<Object> attValue = assertionObjectFactory.createAttributeValue(attributeValue);
- att.getAttributeValue().add(attValue);
- attribStatement.getAttributeOrEncryptedAttribute().add(att);
+ AttributeStatementType attribStatement = new AttributeStatementType();
+ AttributeType att = new AttributeType();
+ att.addAttributeValue(attributeValue);
+
+ attribStatement.addAttribute( new ASTChoiceType( att ));
return attribStatement;
}
/**
- * Create an empty name id
- * @return
- */
- public static NameIDType createNameID()
- {
- return assertionObjectFactory.createNameIDType();
- }
-
- /**
- * Create the JAXBElement type of nameid
- * @param nameIDType
- * @return
- */
- public static JAXBElement<NameIDType> createNameID(NameIDType nameIDType)
- {
- return assertionObjectFactory.createNameID(nameIDType);
- }
-
- /**
- * Create an empty subject
- * @return
- */
- public static SubjectType createSubject()
- {
- SubjectType subjectType = assertionObjectFactory.createSubjectType();
- return subjectType;
- }
-
- /**
* Create a Subject confirmation type given the method
* @param method
* @return
*/
public static SubjectConfirmationType createSubjectConfirmation(String method)
{
- SubjectConfirmationType sct = assertionObjectFactory.createSubjectConfirmationType();
+ SubjectConfirmationType sct = new SubjectConfirmationType();
sct.setMethod(method);
return sct;
}
/**
- * Create a JAXBElement for subject confirmtation type
- * @param sct
- * @return
- */
-
- public static JAXBElement<SubjectConfirmationType> createSubjectConfirmation(SubjectConfirmationType sct)
- {
- return assertionObjectFactory.createSubjectConfirmation(sct);
- }
-
- /**
* Create a Subject Confirmation
* @param inResponseTo
* @param destinationURI
@@ -157,7 +103,7 @@
public static SubjectConfirmationDataType createSubjectConfirmationData(String inResponseTo,
String destinationURI, XMLGregorianCalendar issueInstant)
{
- SubjectConfirmationDataType subjectConfirmationData = assertionObjectFactory.createSubjectConfirmationDataType();
+ SubjectConfirmationDataType subjectConfirmationData = new SubjectConfirmationDataType();
subjectConfirmationData.setInResponseTo(inResponseTo);
subjectConfirmationData.setRecipient(destinationURI);
subjectConfirmationData.setNotBefore(issueInstant);
@@ -174,24 +120,16 @@
{
return java.util.UUID.randomUUID().toString();
}
+
/**
- * Get the Object Factory
- * @return
- */
- public static ObjectFactory getObjectFactory()
- {
- return assertionObjectFactory;
- }
-
- /**
* Return the NameIDType for the issuer
* @param issuerID
* @return
*/
public static NameIDType getIssuer(String issuerID)
{
- NameIDType nid = assertionObjectFactory.createNameIDType();
+ NameIDType nid = new NameIDType();
nid.setValue(issuerID);
return nid;
}
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/factories/SAMLAssertionFactory.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/factories/SAMLAssertionFactory.java 2010-11-30 16:03:56 UTC (rev 568)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/factories/SAMLAssertionFactory.java 2010-11-30 16:06:20 UTC (rev 569)
@@ -21,39 +21,31 @@
*/
package org.picketlink.identity.federation.core.saml.v2.factories;
-import java.util.Arrays;
import java.util.List;
import javax.xml.datatype.XMLGregorianCalendar;
import org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLConstants;
-import org.picketlink.identity.federation.saml.v2.assertion.AssertionType;
-import org.picketlink.identity.federation.saml.v2.assertion.AudienceRestrictionType;
-import org.picketlink.identity.federation.saml.v2.assertion.ConditionAbstractType;
-import org.picketlink.identity.federation.saml.v2.assertion.ConditionsType;
-import org.picketlink.identity.federation.saml.v2.assertion.KeyInfoConfirmationDataType;
-import org.picketlink.identity.federation.saml.v2.assertion.NameIDType;
-import org.picketlink.identity.federation.saml.v2.assertion.ObjectFactory;
-import org.picketlink.identity.federation.saml.v2.assertion.StatementAbstractType;
-import org.picketlink.identity.federation.saml.v2.assertion.SubjectConfirmationType;
-import org.picketlink.identity.federation.saml.v2.assertion.SubjectType;
+import org.picketlink.identity.federation.core.util.NetworkUtil;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AssertionType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AudienceRestrictionType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.ConditionAbstractType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.ConditionsType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.KeyInfoConfirmationDataType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.NameIDType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.StatementAbstractType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.SubjectConfirmationType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.SubjectType;
import org.picketlink.identity.xmlsec.w3.xmldsig.KeyInfoType;
/**
- * Get the SAML Assertion Object Factory
+ * Deal with {@code AssertionType}
*
* @author Anil.Saldhana(a)redhat.com
* @since Jan 28, 2009
*/
public class SAMLAssertionFactory
-{
- private static ObjectFactory factory = new ObjectFactory();
-
- public static ObjectFactory getObjectFactory()
- {
- return factory;
- }
-
+{
/**
* <p>
* Creates an {@code AudienceRestrictionType} with the specified values.
@@ -65,8 +57,13 @@
public static AudienceRestrictionType createAudienceRestriction(String... values)
{
AudienceRestrictionType audienceRestriction = new AudienceRestrictionType();
- if (values != null)
- audienceRestriction.getAudience().addAll(Arrays.asList(values));
+ if ( values != null )
+ {
+ for( String val: values )
+ {
+ audienceRestriction.addAudience( NetworkUtil.createURI( val ) );
+ }
+ }
return audienceRestriction;
}
@@ -83,7 +80,7 @@
public static NameIDType createNameID(String format, String qualifier, String value)
{
NameIDType nameID = new NameIDType();
- nameID.setFormat(format);
+ nameID.setFormat( NetworkUtil.createURI( format ));
nameID.setNameQualifier(qualifier);
nameID.setValue(value);
return nameID;
@@ -105,8 +102,14 @@
ConditionsType conditions = new ConditionsType();
conditions.setNotBefore(notBefore);
conditions.setNotOnOrAfter(notOnOrAfter);
- if (restrictions != null)
- conditions.getConditionOrAudienceRestrictionOrOneTimeUse().addAll(Arrays.asList(restrictions));
+ if ( restrictions != null )
+ {
+ for( ConditionAbstractType condition : restrictions )
+ {
+ conditions.addCondition(condition);
+ }
+
+ }
return conditions;
}
@@ -120,8 +123,8 @@
*/
public static KeyInfoConfirmationDataType createKeyInfoConfirmation(KeyInfoType keyInfo)
{
- KeyInfoConfirmationDataType type = getObjectFactory().createKeyInfoConfirmationDataType();
- type.getContent().add(new org.picketlink.identity.xmlsec.w3.xmldsig.ObjectFactory().createKeyInfo(keyInfo));
+ KeyInfoConfirmationDataType type = new KeyInfoConfirmationDataType();
+ type.setAnyType( keyInfo );
return type;
}
@@ -157,12 +160,13 @@
*/
public static SubjectType createSubject(NameIDType nameID, SubjectConfirmationType confirmation)
{
- SubjectType subject = new SubjectType();
- ObjectFactory factory = getObjectFactory();
+ SubjectType subject = new SubjectType();
if (nameID != null)
- subject.getContent().add(factory.createNameID(nameID));
- if (confirmation != null)
- subject.getContent().add(factory.createSubjectConfirmation(confirmation));
+ {
+ SubjectType.STSubType subType = new SubjectType.STSubType();
+ subType.addConfirmation(confirmation);
+ subType.addBaseID(nameID);
+ }
return subject;
}
@@ -183,18 +187,20 @@
public static AssertionType createAssertion(String id, NameIDType issuerID, XMLGregorianCalendar issueInstant,
ConditionsType conditions, SubjectType subject, List<StatementAbstractType> statements)
{
- AssertionType assertion = new AssertionType();
- assertion.setID(id);
- assertion.setIssuer(issuerID);
- assertion.setIssueInstant(issueInstant);
+ AssertionType assertion = new AssertionType( id, issueInstant, JBossSAMLConstants.VERSION_2_0.get() );
+ assertion.setIssuer(issuerID);
if(conditions != null)
assertion.setConditions(conditions);
if(subject != null)
assertion.setSubject(subject);
- assertion.setVersion(JBossSAMLConstants.VERSION_2_0.get());
- if (statements != null)
- assertion.getStatementOrAuthnStatementOrAuthzDecisionStatement().addAll(statements);
+ if ( statements != null )
+ {
+ for( StatementAbstractType statement: statements )
+ {
+ assertion.addStatement(statement);
+ }
+ }
return assertion;
}
}
\ No newline at end of file
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/holders/IssuerInfoHolder.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/holders/IssuerInfoHolder.java 2010-11-30 16:03:56 UTC (rev 568)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/holders/IssuerInfoHolder.java 2010-11-30 16:06:20 UTC (rev 569)
@@ -23,8 +23,7 @@
import org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLConstants;
import org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLURIConstants;
-import org.picketlink.identity.federation.saml.v2.assertion.NameIDType;
-import org.picketlink.identity.federation.saml.v2.assertion.ObjectFactory;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.NameIDType;
/**
* Holds info about the issuer for saml messages creation
@@ -50,9 +49,8 @@
public IssuerInfoHolder(String issuerAsString)
{
if(issuerAsString == null)
- throw new IllegalArgumentException("issuerAsString is null");
- ObjectFactory assertionObjectFactory = new ObjectFactory();
- issuer = assertionObjectFactory.createNameIDType();
+ throw new IllegalArgumentException("issuerAsString is null");
+ issuer = new NameIDType();
issuer.setValue(issuerAsString);
}
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/impl/DefaultSAML2HandlerRequest.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/impl/DefaultSAML2HandlerRequest.java 2010-11-30 16:03:56 UTC (rev 568)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/impl/DefaultSAML2HandlerRequest.java 2010-11-30 16:06:20 UTC (rev 569)
@@ -30,7 +30,7 @@
import org.picketlink.identity.federation.core.saml.v2.interfaces.SAML2HandlerRequest;
import org.picketlink.identity.federation.core.saml.v2.interfaces.SAML2Handler.HANDLER_TYPE;
import org.picketlink.identity.federation.saml.v2.SAML2Object;
-import org.picketlink.identity.federation.saml.v2.assertion.NameIDType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.NameIDType;
import org.w3c.dom.Document;
/**
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/interfaces/SAML2HandlerRequest.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/interfaces/SAML2HandlerRequest.java 2010-11-30 16:03:56 UTC (rev 568)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/interfaces/SAML2HandlerRequest.java 2010-11-30 16:06:20 UTC (rev 569)
@@ -24,8 +24,8 @@
import java.util.Map;
import org.picketlink.identity.federation.core.interfaces.ProtocolContext;
-import org.picketlink.identity.federation.saml.v2.SAML2Object;
-import org.picketlink.identity.federation.saml.v2.assertion.NameIDType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.NameIDType;
+import org.picketlink.identity.federation.saml.v2.SAML2Object;
import org.w3c.dom.Document;
/**
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/util/AssertionUtil.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/util/AssertionUtil.java 2010-11-30 16:03:56 UTC (rev 568)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/util/AssertionUtil.java 2010-11-30 16:06:20 UTC (rev 569)
@@ -27,13 +27,10 @@
import org.picketlink.identity.federation.core.exceptions.ConfigurationException;
import org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLConstants;
import org.picketlink.identity.federation.core.saml.v2.exceptions.IssueInstantMissingException;
-import org.picketlink.identity.federation.core.saml.v2.factories.JBossSAMLBaseFactory;
-import org.picketlink.identity.federation.core.saml.v2.factories.SAMLAssertionFactory;
-import org.picketlink.identity.federation.saml.v2.assertion.AssertionType;
-import org.picketlink.identity.federation.saml.v2.assertion.AttributeType;
-import org.picketlink.identity.federation.saml.v2.assertion.ConditionsType;
-import org.picketlink.identity.federation.saml.v2.assertion.NameIDType;
-import org.picketlink.identity.federation.saml.v2.assertion.ObjectFactory;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AssertionType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AttributeType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.ConditionsType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.NameIDType;
/**
* Utility to deal with assertions
@@ -53,10 +50,17 @@
*/
public static AssertionType createAssertion(String id, NameIDType issuer)
{
- AssertionType assertion = SAMLAssertionFactory.getObjectFactory().createAssertionType();
- assertion.setID(id);
- assertion.setVersion(JBossSAMLConstants.VERSION_2_0.get());
- assertion.setIssuer(issuer);
+ XMLGregorianCalendar issueInstant = null;
+ try
+ {
+ issueInstant = XMLTimeUtil.getIssueInstant();
+ }
+ catch (ConfigurationException e)
+ {
+ throw new RuntimeException( e );
+ }
+ AssertionType assertion = new AssertionType( id, issueInstant, JBossSAMLConstants.VERSION_2_0.get() );
+ assertion.setIssuer( issuer );
return assertion;
}
@@ -69,16 +73,15 @@
*/
public static AttributeType createAttribute(String name, String nameFormat,
Object... attributeValues)
- {
- ObjectFactory of = SAMLAssertionFactory.getObjectFactory();
- AttributeType att = of.createAttributeType();
+ {
+ AttributeType att = new AttributeType();
att.setName(name);
att.setNameFormat(nameFormat);
if(attributeValues != null && attributeValues.length > 0)
{
for(Object attributeValue:attributeValues)
{
- att.getAttributeValue().add(of.createAttributeValue(attributeValue));
+ att.addAttributeValue(attributeValue);
}
}
@@ -99,7 +102,7 @@
if(issueInstant == null)
throw new IssueInstantMissingException("assertion does not have issue instant");
XMLGregorianCalendar assertionValidityLength = XMLTimeUtil.add(issueInstant, durationInMilis);
- ConditionsType conditionsType = JBossSAMLBaseFactory.getObjectFactory().createConditionsType();
+ ConditionsType conditionsType = new ConditionsType();
conditionsType.setNotBefore(issueInstant);
conditionsType.setNotOnOrAfter(assertionValidityLength);
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/util/JAXBElementMappingUtil.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/util/JAXBElementMappingUtil.java 2010-11-30 16:03:56 UTC (rev 568)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/util/JAXBElementMappingUtil.java 2010-11-30 16:06:20 UTC (rev 569)
@@ -97,7 +97,8 @@
*/
public static JAXBElement<?> get(EncryptedElementType encryptedAssertion)
{
- return SAMLAssertionFactory.getObjectFactory().createEncryptedAssertion(encryptedAssertion);
+ throw new RuntimeException( "NYI" );
+ //return SAMLAssertionFactory.getObjectFactory().createEncryptedAssertion(encryptedAssertion);
}
/**
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/util/SOAPSAMLXACMLUtil.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/util/SOAPSAMLXACMLUtil.java 2010-11-30 16:03:56 UTC (rev 568)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/util/SOAPSAMLXACMLUtil.java 2010-11-30 16:06:20 UTC (rev 569)
@@ -33,9 +33,8 @@
import org.picketlink.identity.federation.core.exceptions.ConfigurationException;
import org.picketlink.identity.federation.core.exceptions.ProcessingException;
import org.picketlink.identity.federation.core.util.JAXBUtil;
-import org.picketlink.identity.federation.saml.v2.profiles.xacml.assertion.ObjectFactory;
-import org.picketlink.identity.federation.saml.v2.profiles.xacml.assertion.XACMLAuthzDecisionStatementType;
-import org.picketlink.identity.federation.saml.v2.profiles.xacml.protocol.XACMLAuthzDecisionQueryType;
+import org.picketlink.identity.federation.newmodel.saml.v2.profiles.xacml.protocol.XACMLAuthzDecisionQueryType;
+import org.picketlink.identity.federation.saml.v2.profiles.xacml.assertion.ObjectFactory;
import org.w3c.dom.Element;
/**
@@ -84,26 +83,6 @@
return (XACMLAuthzDecisionQueryType)xacmlObject;
}
- public static XACMLAuthzDecisionQueryType createXACMLAuthzDecisionQueryType()
- {
- return queryTypeObjectFactory.createXACMLAuthzDecisionQueryType();
- }
-
- public static XACMLAuthzDecisionStatementType createXACMLAuthzDecisionStatementType()
- {
- return statementObjectFactory.createXACMLAuthzDecisionStatementType();
- }
-
- public static JAXBElement<XACMLAuthzDecisionQueryType> getJAXB(XACMLAuthzDecisionQueryType queryType)
- {
- return queryTypeObjectFactory.createXACMLAuthzDecisionQuery(queryType);
- }
-
- public static JAXBElement<XACMLAuthzDecisionStatementType> getJAXB(XACMLAuthzDecisionStatementType stmtType)
- {
- return statementObjectFactory.createXACMLAuthzDecisionStatement(stmtType);
- }
-
public static Marshaller getMarshaller() throws JAXBException
{
return JAXBUtil.getMarshaller(getPackage());
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/util/StatementUtil.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/util/StatementUtil.java 2010-11-30 16:03:56 UTC (rev 568)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/util/StatementUtil.java 2010-11-30 16:06:20 UTC (rev 569)
@@ -31,10 +31,9 @@
import org.picketlink.identity.federation.core.constants.AttributeConstants;
import org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLURIConstants;
import org.picketlink.identity.federation.core.saml.v2.constants.X500SAMLProfileConstants;
-import org.picketlink.identity.federation.core.saml.v2.factories.JBossSAMLBaseFactory;
-import org.picketlink.identity.federation.saml.v2.assertion.AttributeStatementType;
-import org.picketlink.identity.federation.saml.v2.assertion.AttributeType;
-import org.picketlink.identity.federation.saml.v2.assertion.ObjectFactory;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AttributeStatementType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AttributeStatementType.ASTChoiceType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AttributeType;
/**
* Deals with SAML2 Statements
@@ -43,10 +42,8 @@
*/
public class StatementUtil
{
- public static final QName X500_QNAME = new QName(JBossSAMLURIConstants.X500_NSURI.get(), "Encoding");
+ public static final QName X500_QNAME = new QName(JBossSAMLURIConstants.X500_NSURI.get(), "Encoding");
- private static ObjectFactory factory = new ObjectFactory();
-
/**
* Create an attribute statement with all the attributes
* @param attributes a map with keys from {@link AttributeConstants}
@@ -64,7 +61,7 @@
if (i == 0)
{
//Deal with the X500 Profile of SAML2
- attrStatement = JBossSAMLBaseFactory.createAttributeStatement();
+ attrStatement = new AttributeStatementType();
i++;
}
@@ -77,8 +74,9 @@
Collection<?> roles = (Collection<?>) value;
for (Object role : roles)
{
- AttributeType roleAttr = JBossSAMLBaseFactory.createAttributeForRole((String) role);
- attrStatement.getAttributeOrEncryptedAttribute().add(factory.createAttribute(roleAttr));
+ AttributeType roleAttr = new AttributeType();
+ roleAttr.addAttributeValue(role);
+ attrStatement.addAttribute( new ASTChoiceType( roleAttr ));
}
}
}
@@ -108,8 +106,8 @@
att.setFriendlyName(X500SAMLProfileConstants.TELEPHONE.getFriendlyName());
att.setName(X500SAMLProfileConstants.TELEPHONE.get());
}
- att.getAttributeValue().add(value);
- attrStatement.getAttributeOrEncryptedAttribute().add(att);
+ att.addAttributeValue( value );
+ attrStatement.addAttribute( new ASTChoiceType( att ));
}
}
return attrStatement;
@@ -122,18 +120,19 @@
*/
public static AttributeStatementType createAttributeStatement(List<String> roles)
{
- AttributeStatementType attrStatement = JBossSAMLBaseFactory.createAttributeStatement();
+ AttributeStatementType attrStatement = new AttributeStatementType();
for (String role : roles)
{
- AttributeType attr = JBossSAMLBaseFactory.createAttributeForRole(role);
- attrStatement.getAttributeOrEncryptedAttribute().add(attr);
+ AttributeType attr = new AttributeType();
+ attr.addAttributeValue( role );
+ attrStatement.addAttribute( new ASTChoiceType( attr ));
}
return attrStatement;
}
private static AttributeType getX500Attribute()
{
- AttributeType att = factory.createAttributeType();
+ AttributeType att = new AttributeType();
att.getOtherAttributes().put(X500_QNAME, "LDAP");
att.setNameFormat(JBossSAMLURIConstants.ATTRIBUTE_FORMAT_URI.get());
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/BaseWriter.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/BaseWriter.java 2010-11-30 16:03:56 UTC (rev 568)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/BaseWriter.java 2010-11-30 16:06:20 UTC (rev 569)
@@ -21,14 +21,16 @@
*/
package org.picketlink.identity.federation.core.saml.v2.writers;
+import java.net.URI;
+
import javax.xml.namespace.QName;
import javax.xml.stream.XMLStreamWriter;
import org.picketlink.identity.federation.core.exceptions.ProcessingException;
import org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLConstants;
import org.picketlink.identity.federation.core.util.StaxUtil;
-import org.picketlink.identity.federation.core.util.StringUtil;
-import org.picketlink.identity.federation.saml.v2.assertion.NameIDType;
+import org.picketlink.identity.federation.core.util.StringUtil;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.NameIDType;
/**
* Base Class for the Stax writers for SAML
@@ -58,11 +60,11 @@
{
StaxUtil.writeStartElement( writer, tag.getPrefix(), tag.getLocalPart() , tag.getNamespaceURI() );
- String format = nameIDType.getFormat();
- if( StringUtil.isNotNull( format ))
+ URI format = nameIDType.getFormat();
+ if( format != null )
{
- StaxUtil.writeAttribute( writer, JBossSAMLConstants.FORMAT.get(), format );
- }
+ StaxUtil.writeAttribute( writer, JBossSAMLConstants.FORMAT.get(), format.toASCIIString() );
+ }
String spProvidedID = nameIDType.getSPProvidedID();
if( StringUtil.isNotNull( spProvidedID ))
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/SAMLAssertionWriter.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/SAMLAssertionWriter.java 2010-11-30 16:03:56 UTC (rev 568)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/SAMLAssertionWriter.java 2010-11-30 16:06:20 UTC (rev 569)
@@ -23,12 +23,13 @@
import static org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLURIConstants.ASSERTION_NSURI;
+import java.net.URI;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
+import java.util.Set;
-import javax.xml.bind.JAXBElement;
import javax.xml.datatype.XMLGregorianCalendar;
import javax.xml.namespace.QName;
import javax.xml.stream.XMLStreamWriter;
@@ -38,17 +39,25 @@
import org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLURIConstants;
import org.picketlink.identity.federation.core.util.StaxUtil;
import org.picketlink.identity.federation.core.util.StringUtil;
-import org.picketlink.identity.federation.saml.v2.assertion.AssertionType;
-import org.picketlink.identity.federation.saml.v2.assertion.AttributeStatementType;
-import org.picketlink.identity.federation.saml.v2.assertion.AttributeType;
-import org.picketlink.identity.federation.saml.v2.assertion.AuthnContextType;
-import org.picketlink.identity.federation.saml.v2.assertion.AuthnStatementType;
-import org.picketlink.identity.federation.saml.v2.assertion.BaseIDAbstractType;
-import org.picketlink.identity.federation.saml.v2.assertion.NameIDType;
-import org.picketlink.identity.federation.saml.v2.assertion.StatementAbstractType;
-import org.picketlink.identity.federation.saml.v2.assertion.SubjectConfirmationDataType;
-import org.picketlink.identity.federation.saml.v2.assertion.SubjectConfirmationType;
-import org.picketlink.identity.federation.saml.v2.assertion.SubjectType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AssertionType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AttributeStatementType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AttributeStatementType.ASTChoiceType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AttributeType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AuthnContextClassRefType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AuthnContextDeclRefType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AuthnContextDeclType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AuthnContextType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AuthnContextType.AuthnContextTypeSequence;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AuthnStatementType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.BaseIDAbstractType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.EncryptedElementType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.NameIDType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.StatementAbstractType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.SubjectConfirmationDataType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.SubjectConfirmationType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.SubjectType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.SubjectType.STSubType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.URIType;
/**
* Write the SAML Assertion to stream
@@ -90,7 +99,7 @@
//TODO: conditions and advice
- List<StatementAbstractType> statements = assertion.getStatementOrAuthnStatementOrAuthzDecisionStatement();
+ Set<StatementAbstractType> statements = assertion.getStatements();
if( statements != null )
{
for( StatementAbstractType statement: statements )
@@ -127,16 +136,19 @@
{
StaxUtil.writeStartElement( writer, ASSERTION_PREFIX, JBossSAMLConstants.ATTRIBUTE_STATEMENT.get() , ASSERTION_NSURI.get() );
- List<Object> attributes = statement.getAttributeOrEncryptedAttribute();
+ List<ASTChoiceType> attributes = statement.getAttributes();
if( attributes != null )
{
- for( Object attr : attributes )
+ for( ASTChoiceType attr : attributes )
{
- if( attr instanceof AttributeType )
+ AttributeType attributeType = attr.getAttribute();
+ if( attributeType != null )
{
- AttributeType attributeType = (AttributeType) attr;
write( attributeType );
}
+ EncryptedElementType encType = attr.getEncryptedAssertion();
+ if( encType != null )
+ throw new RuntimeException( "unable to write as it is NYI" );
}
}
@@ -179,32 +191,52 @@
{
StaxUtil.writeStartElement( writer, ASSERTION_PREFIX, JBossSAMLConstants.AUTHN_CONTEXT.get() , ASSERTION_NSURI.get() );
- List< JAXBElement<?> > subList = authContext.getContent();
- if( subList != null )
+ AuthnContextTypeSequence sequence = authContext.getSequence();
+ if( sequence != null )
{
- for( JAXBElement<?> el: subList )
+ AuthnContextClassRefType authnContextClassRefType = sequence.getClassRef();
+ if( authnContextClassRefType != null )
{
- QName elName = el.getName();
- if( elName.getLocalPart().equals( JBossSAMLConstants.AUTHN_CONTEXT_DECLARATION_REF.get() ))
+ StaxUtil.writeStartElement( writer, ASSERTION_PREFIX, JBossSAMLConstants.AUTHN_CONTEXT_CLASS_REF.get() ,
+ ASSERTION_NSURI.get() );
+ StaxUtil.writeCharacters( writer, authnContextClassRefType.getValue().toASCIIString() );
+ StaxUtil.writeEndElement( writer);
+ }
+
+ Set<URIType> uriTypes = sequence.getURIType();
+ if( uriTypes != null )
+ {
+ for( URIType uriType: uriTypes )
{
- String decl = (String) el.getValue();
- StaxUtil.writeStartElement( writer, ASSERTION_PREFIX, JBossSAMLConstants.AUTHN_CONTEXT_DECLARATION_REF.get() ,
- ASSERTION_NSURI.get() );
- StaxUtil.writeCharacters( writer, decl );
- StaxUtil.writeEndElement( writer);
- }
- else if( elName.getLocalPart().equals( JBossSAMLConstants.AUTHN_CONTEXT_CLASS_REF.get() ))
- {
- String decl = (String) el.getValue();
- StaxUtil.writeStartElement( writer, ASSERTION_PREFIX, JBossSAMLConstants.AUTHN_CONTEXT_CLASS_REF.get() ,
- ASSERTION_NSURI.get() );
- StaxUtil.writeCharacters( writer, decl );
- StaxUtil.writeEndElement( writer);
- }
- else
- throw new RuntimeException( "Unsupported :" + elName );
+ if( uriType instanceof AuthnContextDeclType )
+ {
+ StaxUtil.writeStartElement( writer, ASSERTION_PREFIX, JBossSAMLConstants.AUTHN_CONTEXT_DECLARATION.get() ,
+ ASSERTION_NSURI.get() );
+ StaxUtil.writeCharacters( writer, uriType.getValue().toASCIIString() );
+ StaxUtil.writeEndElement( writer);
+ }
+ if( uriType instanceof AuthnContextDeclRefType )
+ {
+ StaxUtil.writeStartElement( writer, ASSERTION_PREFIX, JBossSAMLConstants.AUTHN_CONTEXT_DECLARATION_REF.get() ,
+ ASSERTION_NSURI.get() );
+ StaxUtil.writeCharacters( writer, uriType.getValue().toASCIIString() );
+ StaxUtil.writeEndElement( writer);
+ }
+ }
+ }
+ }
+
+ Set<URI> authAuthorities = authContext.getAuthenticatingAuthority();
+ if( authAuthorities != null )
+ {
+ for( URI aa: authAuthorities )
+ {
+ StaxUtil.writeStartElement( writer, ASSERTION_PREFIX, JBossSAMLConstants.AUTHENTICATING_AUTHORITY.get() ,
+ ASSERTION_NSURI.get() );
+ StaxUtil.writeCharacters( writer, aa.toASCIIString() );
+ StaxUtil.writeEndElement( writer);
}
- }
+ }
StaxUtil.writeEndElement( writer);
StaxUtil.flush( writer );
@@ -287,48 +319,38 @@
*/
public void write( SubjectType subject ) throws ProcessingException
{
- StaxUtil.writeStartElement( writer, ASSERTION_PREFIX, JBossSAMLConstants.SUBJECT.get() , ASSERTION_NSURI.get() );
- List<JAXBElement<?>> contentList = subject.getContent();
- if( contentList != null )
+ StaxUtil.writeStartElement( writer, ASSERTION_PREFIX, JBossSAMLConstants.SUBJECT.get() , ASSERTION_NSURI.get() );
+
+ STSubType subType = subject.getSubType();
+ if( subType != null )
{
- for( JAXBElement<?> jaxbEl: contentList )
+ BaseIDAbstractType baseID = subType.getBaseID();
+ if( baseID instanceof NameIDType )
{
- Class<?> declaredType = jaxbEl.getDeclaredType();
- if( declaredType.equals( SubjectConfirmationType.class) )
+ NameIDType nameIDType = (NameIDType) baseID;
+ write( nameIDType, new QName( ASSERTION_NSURI.get(), JBossSAMLConstants.NAMEID.get(), ASSERTION_PREFIX) );
+ }
+ EncryptedElementType enc = subType.getEncryptedID();
+ if( enc != null )
+ throw new RuntimeException( "NYI" );
+ List<SubjectConfirmationType> confirmations = subType.getConfirmation();
+ if( confirmations != null )
+ {
+ for( SubjectConfirmationType confirmation: confirmations )
{
- SubjectConfirmationType subjectConfirmationType = (SubjectConfirmationType) jaxbEl.getValue();
- StaxUtil.writeStartElement( writer, ASSERTION_PREFIX, JBossSAMLConstants.SUBJECT_CONFIRMATION.get(), ASSERTION_NSURI.get() );
-
- StaxUtil.writeAttribute(writer, JBossSAMLConstants.METHOD.get(), subjectConfirmationType.getMethod() );
-
- BaseIDAbstractType baseID = subjectConfirmationType.getBaseID();
- if( baseID != null )
- {
- write( baseID );
- }
- NameIDType nameIDType = subjectConfirmationType.getNameID();
- if( nameIDType != null )
- {
- write( nameIDType, new QName( ASSERTION_NSURI.get(), JBossSAMLConstants.NAMEID.get(), ASSERTION_PREFIX) );
- }
- SubjectConfirmationDataType subjectConfirmationData = subjectConfirmationType.getSubjectConfirmationData();
- if( subjectConfirmationData != null )
- {
- write( subjectConfirmationData );
- }
-
-
- StaxUtil.writeEndElement( writer);
+ write( confirmation );
}
- else if( declaredType.equals( NameIDType.class ))
- {
- NameIDType nameIDType = (NameIDType) jaxbEl.getValue();
- write( nameIDType, new QName( ASSERTION_NSURI.get(), JBossSAMLConstants.NAMEID.get(), ASSERTION_PREFIX) );
- }
- else
- throw new RuntimeException( "SAMLAssertionWriter: NYI: declared Type:" + declaredType.getName() );
}
}
+ List<SubjectConfirmationType> subjectConfirmations = subject.getConfirmation();
+ if( subjectConfirmations != null )
+ {
+ for( SubjectConfirmationType subjectConfirmationType : subjectConfirmations )
+ {
+ write( subjectConfirmationType );
+ }
+ }
+
StaxUtil.writeEndElement( writer);
StaxUtil.flush( writer );
@@ -339,6 +361,30 @@
throw new RuntimeException( "NYI");
}
+ private void write( SubjectConfirmationType subjectConfirmationType ) throws ProcessingException
+ {
+ StaxUtil.writeStartElement( writer, ASSERTION_PREFIX, JBossSAMLConstants.SUBJECT_CONFIRMATION.get(), ASSERTION_NSURI.get() );
+
+ StaxUtil.writeAttribute(writer, JBossSAMLConstants.METHOD.get(), subjectConfirmationType.getMethod() );
+
+ BaseIDAbstractType baseID = subjectConfirmationType.getBaseID();
+ if( baseID != null )
+ {
+ write( baseID );
+ }
+ NameIDType nameIDType = subjectConfirmationType.getNameID();
+ if( nameIDType != null )
+ {
+ write( nameIDType, new QName( ASSERTION_NSURI.get(), JBossSAMLConstants.NAMEID.get(), ASSERTION_PREFIX) );
+ }
+ SubjectConfirmationDataType subjectConfirmationData = subjectConfirmationType.getSubjectConfirmationData();
+ if( subjectConfirmationData != null )
+ {
+ write( subjectConfirmationData );
+ }
+ StaxUtil.writeEndElement( writer);
+ }
+
private void write( SubjectConfirmationDataType subjectConfirmationData ) throws ProcessingException
{
StaxUtil.writeStartElement( writer, ASSERTION_PREFIX, JBossSAMLConstants.SUBJECT_CONFIRMATION_DATA.get(), ASSERTION_NSURI.get() );
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/SAMLRequestWriter.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/SAMLRequestWriter.java 2010-11-30 16:03:56 UTC (rev 568)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/SAMLRequestWriter.java 2010-11-30 16:06:20 UTC (rev 569)
@@ -24,17 +24,19 @@
import static org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLURIConstants.ASSERTION_NSURI;
import static org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLURIConstants.PROTOCOL_NSURI;
+import java.net.URI;
+
import javax.xml.namespace.QName;
import javax.xml.stream.XMLStreamWriter;
import org.picketlink.identity.federation.core.exceptions.ProcessingException;
import org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLConstants;
import org.picketlink.identity.federation.core.util.StaxUtil;
-import org.picketlink.identity.federation.core.util.StringUtil;
-import org.picketlink.identity.federation.saml.v2.assertion.NameIDType;
-import org.picketlink.identity.federation.saml.v2.protocol.AuthnRequestType;
-import org.picketlink.identity.federation.saml.v2.protocol.LogoutRequestType;
-import org.picketlink.identity.federation.saml.v2.protocol.NameIDPolicyType;
+import org.picketlink.identity.federation.core.util.StringUtil;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.NameIDType;
+import org.picketlink.identity.federation.newmodel.saml.v2.protocol.AuthnRequestType;
+import org.picketlink.identity.federation.newmodel.saml.v2.protocol.LogoutRequestType;
+import org.picketlink.identity.federation.newmodel.saml.v2.protocol.NameIDPolicyType;
/**
* Writes a SAML2 Request Type to Stream
@@ -65,17 +67,17 @@
StaxUtil.writeAttribute( writer, JBossSAMLConstants.VERSION.get(), request.getVersion() );
StaxUtil.writeAttribute( writer, JBossSAMLConstants.ISSUE_INSTANT.get(), request.getIssueInstant().toString() );
- String destination = request.getDestination();
- if( StringUtil.isNotNull( destination ))
- StaxUtil.writeAttribute( writer, JBossSAMLConstants.DESTINATION.get(), destination );
+ URI destination = request.getDestination();
+ if( destination != null )
+ StaxUtil.writeAttribute( writer, JBossSAMLConstants.DESTINATION.get(), destination.toASCIIString() );
String consent = request.getConsent();
if( StringUtil.isNotNull( consent ))
StaxUtil.writeAttribute( writer, JBossSAMLConstants.CONSENT.get(), consent );
- String assertionURL = request.getAssertionConsumerServiceURL();
- if( StringUtil.isNotNull( assertionURL ) )
- StaxUtil.writeAttribute( writer, JBossSAMLConstants.ASSERTION_CONSUMER_SERVICE_URL.get(), assertionURL );
+ URI assertionURL = request.getAssertionConsumerServiceURL();
+ if( assertionURL != null )
+ StaxUtil.writeAttribute( writer, JBossSAMLConstants.ASSERTION_CONSUMER_SERVICE_URL.get(), assertionURL.toASCIIString() );
NameIDType issuer = request.getIssuer();
write( issuer, new QName( ASSERTION_NSURI.get(), JBossSAMLConstants.ISSUER.get()));
@@ -106,10 +108,10 @@
StaxUtil.writeAttribute( writer, JBossSAMLConstants.VERSION.get(), logOutRequest.getVersion() );
StaxUtil.writeAttribute( writer, JBossSAMLConstants.ISSUE_INSTANT.get(), logOutRequest.getIssueInstant().toString() );
- String destination = logOutRequest.getDestination();
- if( StringUtil.isNotNull( destination ))
+ URI destination = logOutRequest.getDestination();
+ if( destination != null )
{
- StaxUtil.writeAttribute( writer, JBossSAMLConstants.DESTINATION.get(),destination );
+ StaxUtil.writeAttribute( writer, JBossSAMLConstants.DESTINATION.get(), destination.toASCIIString() );
}
String consent = logOutRequest.getConsent();
@@ -133,10 +135,10 @@
{
StaxUtil.writeStartElement( writer, PROTOCOL_PREFIX, JBossSAMLConstants.NAMEID_POLICY.get(), PROTOCOL_NSURI.get() );
- String format = nameIDPolicy.getFormat();
- if( StringUtil.isNotNull( format ))
+ URI format = nameIDPolicy.getFormat();
+ if( format != null )
{
- StaxUtil.writeAttribute( writer, JBossSAMLConstants.FORMAT.get(), format );
+ StaxUtil.writeAttribute( writer, JBossSAMLConstants.FORMAT.get(), format.toASCIIString() );
}
String spNameQualifier = nameIDPolicy.getSPNameQualifier();
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/SAMLResponseWriter.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/SAMLResponseWriter.java 2010-11-30 16:03:56 UTC (rev 568)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/SAMLResponseWriter.java 2010-11-30 16:06:20 UTC (rev 569)
@@ -24,6 +24,7 @@
import static org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLURIConstants.ASSERTION_NSURI;
import static org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLURIConstants.PROTOCOL_NSURI;
+import java.net.URI;
import java.util.List;
import javax.xml.namespace.QName;
@@ -33,13 +34,14 @@
import org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLConstants;
import org.picketlink.identity.federation.core.util.StaxUtil;
import org.picketlink.identity.federation.core.util.StringUtil;
-import org.picketlink.identity.federation.saml.v2.assertion.AssertionType;
-import org.picketlink.identity.federation.saml.v2.assertion.NameIDType;
-import org.picketlink.identity.federation.saml.v2.protocol.ResponseType;
-import org.picketlink.identity.federation.saml.v2.protocol.StatusCodeType;
-import org.picketlink.identity.federation.saml.v2.protocol.StatusDetailType;
-import org.picketlink.identity.federation.saml.v2.protocol.StatusResponseType;
-import org.picketlink.identity.federation.saml.v2.protocol.StatusType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AssertionType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.NameIDType;
+import org.picketlink.identity.federation.newmodel.saml.v2.protocol.ResponseType;
+import org.picketlink.identity.federation.newmodel.saml.v2.protocol.ResponseType.RTChoiceType;
+import org.picketlink.identity.federation.newmodel.saml.v2.protocol.StatusCodeType;
+import org.picketlink.identity.federation.newmodel.saml.v2.protocol.StatusDetailType;
+import org.picketlink.identity.federation.newmodel.saml.v2.protocol.StatusResponseType;
+import org.picketlink.identity.federation.newmodel.saml.v2.protocol.StatusType;
/**
* Write a SAML Response to stream
@@ -77,11 +79,12 @@
StatusType status = response.getStatus();
write( status );
- List<Object> assertions = response.getAssertionOrEncryptedAssertion();
- if( assertions != null )
+ List<RTChoiceType> choiceTypes = response.getAssertions();
+ if( choiceTypes != null )
{
- for( Object assertion: assertions )
+ for( RTChoiceType choiceType: choiceTypes )
{
+ AssertionType assertion = choiceType.getAssertion();
if( assertion instanceof AssertionType )
{
assertionWriter.write( (AssertionType) assertion );
@@ -163,10 +166,10 @@
{
StaxUtil.writeStartElement( writer, PROTOCOL_PREFIX, JBossSAMLConstants.STATUS_CODE.get() , PROTOCOL_NSURI.get() );
- String value = statusCodeType.getValue();
- if( StringUtil.isNotNull( value ))
+ URI value = statusCodeType.getValue();
+ if( value != null )
{
- StaxUtil.writeAttribute( writer, JBossSAMLConstants.VALUE.get(), value );
+ StaxUtil.writeAttribute( writer, JBossSAMLConstants.VALUE.get(), value.toASCIIString() );
}
StatusCodeType subStatusCode = statusCodeType.getStatusCode();
if( subStatusCode != null )
Added: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/util/NetworkUtil.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/util/NetworkUtil.java (rev 0)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/util/NetworkUtil.java 2010-11-30 16:06:20 UTC (rev 569)
@@ -0,0 +1,50 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2008, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.picketlink.identity.federation.core.util;
+
+import java.net.URI;
+import java.net.URISyntaxException;
+
+/**
+ * General utility class for network related stuff
+ * @author Anil.Saldhana(a)redhat.com
+ * @since Nov 29, 2010
+ */
+public class NetworkUtil
+{
+ /**
+ * Create {@code URI}
+ * @param value
+ * @return
+ */
+ public static URI createURI( String value )
+ {
+ try
+ {
+ return new URI( value );
+ }
+ catch (URISyntaxException e)
+ {
+ throw new RuntimeException( "value is not of type URI:", e );
+ }
+ }
+}
\ No newline at end of file
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/util/StaxUtil.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/util/StaxUtil.java 2010-11-30 16:03:56 UTC (rev 568)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/util/StaxUtil.java 2010-11-30 16:06:20 UTC (rev 569)
@@ -18,6 +18,7 @@
package org.picketlink.identity.federation.core.util;
import java.io.OutputStream;
+import java.io.Writer;
import java.util.Stack;
import javax.xml.namespace.QName;
@@ -101,6 +102,26 @@
throw new ProcessingException(e);
}
}
+
+ /**
+ * Get an {@code XMLStreamWriter}
+ *
+ * @param writer {@code Writer}
+ * @return
+ * @throws ProcessingException
+ */
+ public static XMLStreamWriter getXMLStreamWriter(final Writer writer ) throws ProcessingException
+ {
+ XMLOutputFactory xmlOutputFactory = XMLOutputFactory.newInstance();
+ try
+ {
+ return xmlOutputFactory.createXMLStreamWriter( writer );
+ }
+ catch (XMLStreamException e)
+ {
+ throw new ProcessingException(e);
+ }
+ }
public static XMLStreamWriter getXMLStreamWriter(final Result result) throws ProcessingException
{
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/StandardRequestHandler.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/StandardRequestHandler.java 2010-11-30 16:03:56 UTC (rev 568)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/StandardRequestHandler.java 2010-11-30 16:06:20 UTC (rev 569)
@@ -42,7 +42,6 @@
import org.picketlink.identity.federation.ws.trust.ClaimsType;
import org.picketlink.identity.federation.ws.trust.ComputedKeyType;
import org.picketlink.identity.federation.ws.trust.EntropyType;
-import org.picketlink.identity.federation.ws.trust.ObjectFactory;
import org.picketlink.identity.federation.ws.trust.RequestedProofTokenType;
import org.picketlink.identity.federation.ws.trust.RequestedSecurityTokenType;
import org.picketlink.identity.federation.ws.trust.RequestedTokenCancelledType;
@@ -183,8 +182,7 @@
{
// symmetric key case: if client entropy is found, compute a key. If not, generate a new key.
requestedProofToken = new RequestedProofTokenType();
- ObjectFactory objFactory = new ObjectFactory();
-
+
byte[] serverSecret = WSTrustUtil.createRandomSecret((int) keySize / 8);
BinarySecretType serverBinarySecret = new BinarySecretType();
serverBinarySecret.setType(WSTrustConstants.BS_TYPE_NONCE);
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/plugins/saml/SAML20TokenAttributeProvider.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/plugins/saml/SAML20TokenAttributeProvider.java 2010-11-30 16:03:56 UTC (rev 568)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/plugins/saml/SAML20TokenAttributeProvider.java 2010-11-30 16:06:20 UTC (rev 569)
@@ -2,7 +2,7 @@
import java.util.Map;
-import org.picketlink.identity.federation.saml.v2.assertion.AttributeStatementType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AttributeStatementType;
/**
* <p>
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/plugins/saml/SAML20TokenProvider.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/plugins/saml/SAML20TokenProvider.java 2010-11-30 16:03:56 UTC (rev 568)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/plugins/saml/SAML20TokenProvider.java 2010-11-30 16:06:20 UTC (rev 569)
@@ -43,16 +43,16 @@
import org.picketlink.identity.federation.core.wstrust.plugins.FileBasedRevocationRegistry;
import org.picketlink.identity.federation.core.wstrust.plugins.JPABasedRevocationRegistry;
import org.picketlink.identity.federation.core.wstrust.plugins.RevocationRegistry;
-import org.picketlink.identity.federation.core.wstrust.wrappers.Lifetime;
-import org.picketlink.identity.federation.saml.v2.assertion.AssertionType;
-import org.picketlink.identity.federation.saml.v2.assertion.AttributeStatementType;
-import org.picketlink.identity.federation.saml.v2.assertion.AudienceRestrictionType;
-import org.picketlink.identity.federation.saml.v2.assertion.ConditionsType;
-import org.picketlink.identity.federation.saml.v2.assertion.KeyInfoConfirmationDataType;
-import org.picketlink.identity.federation.saml.v2.assertion.NameIDType;
-import org.picketlink.identity.federation.saml.v2.assertion.StatementAbstractType;
-import org.picketlink.identity.federation.saml.v2.assertion.SubjectConfirmationType;
-import org.picketlink.identity.federation.saml.v2.assertion.SubjectType;
+import org.picketlink.identity.federation.core.wstrust.wrappers.Lifetime;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AssertionType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AttributeStatementType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AudienceRestrictionType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.ConditionsType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.KeyInfoConfirmationDataType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.NameIDType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.StatementAbstractType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.SubjectConfirmationType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.SubjectType;
import org.picketlink.identity.federation.ws.policy.AppliesTo;
import org.picketlink.identity.federation.ws.trust.RequestedReferenceType;
import org.picketlink.identity.federation.ws.trust.StatusType;
@@ -262,7 +262,7 @@
AttributeStatementType attributeStatement = this.attributeProvider.getAttributeStatement();
if (attributeStatement != null)
{
- assertion.getStatementOrAuthnStatementOrAuthzDecisionStatement().add(attributeStatement);
+ assertion.addStatement( attributeStatement );
}
}
@@ -329,11 +329,14 @@
// create a new unique ID for the renewed assertion.
String assertionID = IDGenerator.create("ID_");
+
+ List<StatementAbstractType> statements = new ArrayList<StatementAbstractType>();
+ statements.addAll( oldAssertion.getStatements() );
// create the new assertion.
AssertionType newAssertion = SAMLAssertionFactory.createAssertion(assertionID, oldAssertion.getIssuer(), context
- .getRequestSecurityToken().getLifetime().getCreated(), conditions, oldAssertion.getSubject(), oldAssertion
- .getStatementOrAuthnStatementOrAuthzDecisionStatement());
+ .getRequestSecurityToken().getLifetime().getCreated(), conditions, oldAssertion.getSubject(),
+ statements );
// create a security token with the new assertion.
Element assertionElement = null;
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/plugins/saml/SAMLUtil.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/plugins/saml/SAMLUtil.java 2010-11-30 16:03:56 UTC (rev 568)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/plugins/saml/SAMLUtil.java 2010-11-30 16:06:20 UTC (rev 569)
@@ -21,16 +21,18 @@
*/
package org.picketlink.identity.federation.core.wstrust.plugins.saml;
+import java.io.ByteArrayInputStream;
+import java.io.ByteArrayOutputStream;
+
import javax.xml.bind.JAXBElement;
import javax.xml.bind.JAXBException;
-import javax.xml.bind.Marshaller;
import javax.xml.bind.Unmarshaller;
-import javax.xml.transform.dom.DOMResult;
import org.picketlink.identity.federation.core.saml.v2.util.DocumentUtil;
+import org.picketlink.identity.federation.core.saml.v2.writers.SAMLAssertionWriter;
import org.picketlink.identity.federation.core.util.JAXBUtil;
-import org.picketlink.identity.federation.saml.v2.assertion.AssertionType;
-import org.picketlink.identity.federation.saml.v2.assertion.ObjectFactory;
+import org.picketlink.identity.federation.core.util.StaxUtil;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AssertionType;
import org.w3c.dom.Document;
import org.w3c.dom.Element;
@@ -65,13 +67,20 @@
* @throws Exception
* if an error occurs while marshaling the assertion.
*/
- public static Element toElement(AssertionType assertion) throws Exception
+ public static Element toElement( AssertionType assertion ) throws Exception
{
- Document document = DocumentUtil.createDocument();
+ /*Document document = DocumentUtil.createDocument();
DOMResult result = new DOMResult(document);
- Marshaller marshaller = JAXBUtil.getMarshaller("org.picketlink.identity.federation.saml.v2.assertion");
+ */
+ ByteArrayOutputStream baos = new ByteArrayOutputStream();
+ SAMLAssertionWriter writer = new SAMLAssertionWriter(StaxUtil.getXMLStreamWriter(baos));
+ writer.write( assertion );
+
+ ByteArrayInputStream bis = new ByteArrayInputStream( baos.toByteArray() );
+ Document document = DocumentUtil.getDocument( bis ); //throws exceptions
+ /*Marshaller marshaller = JAXBUtil.getMarshaller("org.picketlink.identity.federation.saml.v2.assertion");
marshaller.marshal(new ObjectFactory().createAssertion(assertion), result);
-
+*/
// normalize the document to remove unused namespaces.
// DOMConfiguration docConfig = document.getDomConfig();
// docConfig.setParameter("namespaces", Boolean.TRUE);
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/writers/WSPolicyWriter.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/writers/WSPolicyWriter.java 2010-11-30 16:03:56 UTC (rev 568)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/writers/WSPolicyWriter.java 2010-11-30 16:06:20 UTC (rev 569)
@@ -28,7 +28,6 @@
import java.util.List;
-import javax.xml.bind.JAXBElement;
import javax.xml.stream.XMLStreamWriter;
import org.picketlink.identity.federation.core.exceptions.ProcessingException;
Copied: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/writers/WSTrustRSTWriter.java (from rev 560, federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/writers/WSTrustRSTWriter.java)
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/writers/WSTrustRSTWriter.java (rev 0)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/writers/WSTrustRSTWriter.java 2010-11-30 16:06:20 UTC (rev 569)
@@ -0,0 +1,449 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2008, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.picketlink.identity.federation.core.wstrust.writers;
+
+import static org.picketlink.identity.federation.core.wstrust.WSTrustConstants.BASE_NAMESPACE;
+import static org.picketlink.identity.federation.core.wstrust.WSTrustConstants.PREFIX;
+import static org.picketlink.identity.federation.core.wstrust.WSTrustConstants.RST;
+import static org.picketlink.identity.federation.core.wstrust.WSTrustConstants.RST_COLLECTION;
+import static org.picketlink.identity.federation.core.wstrust.WSTrustConstants.RST_CONTEXT;
+
+import java.io.OutputStream;
+import java.net.URI;
+import java.util.List;
+
+import javax.xml.stream.XMLStreamWriter;
+import javax.xml.transform.Result;
+
+import org.picketlink.identity.federation.core.exceptions.ProcessingException;
+import org.picketlink.identity.federation.core.saml.v2.writers.SAMLAssertionWriter;
+import org.picketlink.identity.federation.core.util.StaxUtil;
+import org.picketlink.identity.federation.core.wstrust.WSTrustConstants;
+import org.picketlink.identity.federation.core.wstrust.wrappers.RequestSecurityToken;
+import org.picketlink.identity.federation.core.wstrust.wrappers.RequestSecurityTokenCollection;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AssertionType;
+import org.picketlink.identity.federation.ws.policy.AppliesTo;
+import org.picketlink.identity.federation.ws.trust.BinarySecretType;
+import org.picketlink.identity.federation.ws.trust.CancelTargetType;
+import org.picketlink.identity.federation.ws.trust.EntropyType;
+import org.picketlink.identity.federation.ws.trust.OnBehalfOfType;
+import org.picketlink.identity.federation.ws.trust.RenewTargetType;
+import org.picketlink.identity.federation.ws.trust.UseKeyType;
+import org.picketlink.identity.federation.ws.trust.ValidateTargetType;
+import org.picketlink.identity.federation.ws.wss.secext.UsernameTokenType;
+import org.picketlink.identity.xmlsec.w3.xmldsig.KeyValueType;
+import org.picketlink.identity.xmlsec.w3.xmldsig.RSAKeyValueType;
+import org.w3c.dom.Element;
+
+/**
+ * Given a {@code RequestSecurityToken}, write into an {@code OutputStream}
+ * @author Anil.Saldhana(a)redhat.com
+ * @since Oct 19, 2010
+ */
+public class WSTrustRSTWriter
+{
+ private XMLStreamWriter writer;
+
+ /**
+ * <p>
+ * Creates a {@code WSTrustRSTWriter} that writes {@code RequestSecurityToken} instances to the specified
+ * {@code OutputStream}.
+ * </p>
+ *
+ * @param out the stream where the request is to be written.
+ * @throws ProcessingException if an error occurs while processing the request.
+ */
+ public WSTrustRSTWriter(OutputStream out) throws ProcessingException
+ {
+ this.writer = StaxUtil.getXMLStreamWriter(out);
+ }
+
+ /**
+ * <p>
+ * Creates a {@code WSTrustRSTWriter} that writes {@code RequestSecurityToken} instances to the specified
+ * {@code Result}.
+ * </p>
+ *
+ * @param result the {@code Result} where the request it to be written.
+ * @throws ProcessingException if an error occurs while processing the request.
+ */
+ public WSTrustRSTWriter(Result result) throws ProcessingException
+ {
+ this.writer = StaxUtil.getXMLStreamWriter(result);
+ }
+
+ /**
+ * <p>
+ * Creates a {@code WSTrustRSTWriter} that uses the specified {@code XMLStreamWriter} to write the request
+ * objects.
+ * </p>
+ *
+ * @param writer the {@code XMLStreamWriter} to be used to write requests.
+ */
+ public WSTrustRSTWriter(XMLStreamWriter writer)
+ {
+ this.writer = writer;
+ }
+
+ /**
+ * Write the {@code RequestSecurityTokenCollection} into the {@code OutputStream}
+ * @param requestTokenCollection
+ * @param out
+ * @throws ProcessingException
+ */
+ public void write( RequestSecurityTokenCollection requestTokenCollection) throws ProcessingException
+ {
+ StaxUtil.writeStartElement( writer, PREFIX, RST_COLLECTION, BASE_NAMESPACE);
+ StaxUtil.writeNameSpace( writer, PREFIX, BASE_NAMESPACE );
+
+ List<RequestSecurityToken> tokenList = requestTokenCollection.getRequestSecurityTokens();
+ if( tokenList == null )
+ throw new ProcessingException( "RST list is null" );
+
+ for( RequestSecurityToken token: tokenList )
+ {
+ write(token);
+ }
+
+ StaxUtil.writeEndElement( writer );
+ StaxUtil.flush( writer );
+ }
+
+ /**
+ * Write the {@code RequestSecurityToken} into the {@code OutputStream}
+ * @param requestToken
+ * @param out
+ * @throws ProcessingException
+ */
+ public void write( RequestSecurityToken requestToken ) throws ProcessingException
+ {
+ StaxUtil.writeStartElement( writer, PREFIX, RST, BASE_NAMESPACE);
+ StaxUtil.writeNameSpace( writer, PREFIX, BASE_NAMESPACE );
+ String context = requestToken.getContext();
+ StaxUtil.writeAttribute( writer, RST_CONTEXT, context );
+
+ URI requestType = requestToken.getRequestType();
+ if( requestType != null )
+ {
+ writeRequestType( writer, requestType );
+ }
+
+ URI tokenType = requestToken.getTokenType();
+ if( tokenType != null )
+ {
+ writeTokenType( writer, tokenType );
+ }
+ //Deal with AppliesTo
+ AppliesTo appliesTo = requestToken.getAppliesTo();
+ if( appliesTo != null )
+ {
+ WSPolicyWriter wsPolicyWriter = new WSPolicyWriter(this.writer);
+ wsPolicyWriter.write( appliesTo );
+ }
+
+ long keySize = requestToken.getKeySize();
+ if (keySize != 0)
+ {
+ StaxUtil.writeStartElement(writer, PREFIX, WSTrustConstants.KEY_SIZE, BASE_NAMESPACE);
+ StaxUtil.writeCharacters(writer, Long.toString(keySize));
+ StaxUtil.writeEndElement(writer);
+ }
+
+ URI keyType = requestToken.getKeyType();
+ if( keyType != null )
+ {
+ StaxUtil.writeStartElement( writer, PREFIX, WSTrustConstants.KEY_TYPE, BASE_NAMESPACE);
+ StaxUtil.writeCharacters(writer, keyType.toString() );
+ StaxUtil.writeEndElement( writer );
+ }
+ EntropyType entropy = requestToken.getEntropy();
+ if( entropy != null )
+ {
+ writeEntropyType(entropy);
+ }
+
+ UseKeyType useKeyType = requestToken.getUseKey();
+ if( useKeyType != null )
+ {
+ writeUseKeyType(useKeyType);
+ }
+
+ OnBehalfOfType onBehalfOf = requestToken.getOnBehalfOf();
+ if( onBehalfOf != null )
+ {
+ writeOnBehalfOfType(onBehalfOf);
+ }
+
+ ValidateTargetType validateTarget = requestToken.getValidateTarget();
+ if( validateTarget != null )
+ {
+ writeValidateTargetType(validateTarget);
+ }
+
+ CancelTargetType cancelTarget = requestToken.getCancelTarget();
+ if( cancelTarget != null )
+ {
+ writeCancelTargetType(cancelTarget);
+ }
+
+ RenewTargetType renewTarget = requestToken.getRenewTarget();
+ if (renewTarget != null)
+ {
+ writeRenewTargetType(renewTarget);
+ }
+
+ StaxUtil.writeEndElement( writer );
+ StaxUtil.flush( writer );
+ }
+
+ /**
+ * Write an {@code EntropyType} to stream
+ * @param entropy
+ * @throws ProcessingException
+ */
+ private void writeEntropyType(EntropyType entropy) throws ProcessingException
+ {
+ StaxUtil.writeStartElement( writer, PREFIX, WSTrustConstants.ENTROPY, BASE_NAMESPACE);
+
+ List<Object> entropyList = entropy.getAny();
+ if( entropyList != null )
+ {
+ for( Object entropyObj: entropyList )
+ {
+ if( entropyObj instanceof BinarySecretType )
+ {
+ BinarySecretType binarySecret = (BinarySecretType) entropyObj;
+ writeBinarySecretType( writer, binarySecret );
+ }
+ }
+ }
+ StaxUtil.writeEndElement( writer );
+ }
+
+ /**
+ * Write an {@code UseKeyType} to stream
+ * @param useKeyType
+ * @throws ProcessingException
+ */
+ private void writeUseKeyType(UseKeyType useKeyType) throws ProcessingException
+ {
+ StaxUtil.writeStartElement( writer, PREFIX, WSTrustConstants.USE_KEY, BASE_NAMESPACE);
+
+ Object useKeyTypeValue = useKeyType.getAny();
+ if( useKeyTypeValue instanceof Element )
+ {
+ Element domElement = (Element) useKeyTypeValue;
+ StaxUtil.writeDOMElement( writer, domElement );
+ }
+ else if (useKeyTypeValue instanceof byte[])
+ {
+ byte[] certificate = (byte[]) useKeyTypeValue;
+ StaxUtil.writeStartElement(writer, WSTrustConstants.XMLDSig.DSIG_PREFIX , WSTrustConstants.XMLDSig.X509CERT,
+ WSTrustConstants.DSIG_NS);
+ StaxUtil.writeNameSpace( writer, WSTrustConstants.XMLDSig.DSIG_PREFIX , WSTrustConstants.DSIG_NS);
+ StaxUtil.writeCharacters(writer, new String(certificate));
+ StaxUtil.writeEndElement(writer);
+ }
+ else if (useKeyTypeValue instanceof KeyValueType)
+ {
+ writeKeyValueType((KeyValueType) useKeyTypeValue);
+ }
+ else
+ throw new RuntimeException( " Unknown use key type:" + useKeyTypeValue.getClass().getName() );
+
+ StaxUtil.writeEndElement(writer);
+ }
+
+ private void writeKeyValueType(KeyValueType type) throws ProcessingException
+ {
+ StaxUtil.writeStartElement(writer, WSTrustConstants.XMLDSig.DSIG_PREFIX , WSTrustConstants.XMLDSig.KEYVALUE, WSTrustConstants.DSIG_NS);
+ StaxUtil.writeNameSpace(writer, WSTrustConstants.XMLDSig.DSIG_PREFIX , WSTrustConstants.DSIG_NS);
+ if (type.getContent().size() == 0)
+ throw new ProcessingException("KeyValueType must contain at least one value");
+
+ for (Object obj : type.getContent())
+ {
+ if (obj instanceof RSAKeyValueType)
+ {
+ RSAKeyValueType rsaKeyValue = (RSAKeyValueType) obj;
+ writeRSAKeyValueType(rsaKeyValue);
+ }
+ }
+ StaxUtil.writeEndElement(writer);
+ }
+
+ private void writeRSAKeyValueType(RSAKeyValueType type) throws ProcessingException
+ {
+ StaxUtil.writeStartElement(writer, "dsig", WSTrustConstants.XMLDSig.RSA_KEYVALUE , WSTrustConstants.DSIG_NS);
+ // write the rsa key modulus.
+ byte[] modulus = type.getModulus();
+ StaxUtil.writeStartElement(writer, "dsig", WSTrustConstants.XMLDSig.MODULUS , WSTrustConstants.DSIG_NS);
+ StaxUtil.writeCharacters(writer, new String(modulus));
+ StaxUtil.writeEndElement(writer);
+
+ // write the rsa key exponent.
+ byte[] exponent = type.getExponent();
+ StaxUtil.writeStartElement(writer, "dsig", WSTrustConstants.XMLDSig.EXPONENT , WSTrustConstants.DSIG_NS);
+ StaxUtil.writeCharacters(writer, new String(exponent));
+ StaxUtil.writeEndElement(writer);
+
+ StaxUtil.writeEndElement(writer);
+ }
+ /**
+ * Write an {@code OnBehalfOfType} to stream
+ * @param onBehalfOf
+ * @param out
+ * @throws ProcessingException
+ */
+ private void writeOnBehalfOfType(OnBehalfOfType onBehalfOf) throws ProcessingException
+ {
+ StaxUtil.writeStartElement( writer, PREFIX, WSTrustConstants.ON_BEHALF_OF, BASE_NAMESPACE);
+ StaxUtil.writeCharacters(writer, "" );
+
+ UsernameTokenType usernameToken = (UsernameTokenType) onBehalfOf.getAny();
+ WSSecurityWriter wsseWriter = new WSSecurityWriter(this.writer);
+ wsseWriter.write( usernameToken );
+ StaxUtil.writeEndElement( writer );
+ }
+
+ /**
+ * Write an {@code ValidateTargetType} to stream
+ * @param validateTarget
+ * @param out
+ * @throws ProcessingException
+ */
+ private void writeValidateTargetType(ValidateTargetType validateTarget) throws ProcessingException
+ {
+ StaxUtil.writeStartElement( writer, PREFIX, WSTrustConstants.VALIDATE_TARGET, BASE_NAMESPACE);
+
+ Object validateTargetObj = validateTarget.getAny();
+ if (validateTargetObj != null)
+ {
+ if (validateTargetObj instanceof AssertionType)
+ {
+ AssertionType assertion = (AssertionType) validateTargetObj;
+ SAMLAssertionWriter samlAssertionWriter = new SAMLAssertionWriter(this.writer);
+ samlAssertionWriter.write(assertion);
+ }
+ else if (validateTargetObj instanceof Element)
+ {
+ StaxUtil.writeDOMElement(writer, (Element) validateTargetObj);
+ }
+ else
+ throw new ProcessingException("Unknown validate target type=" + validateTargetObj.getClass().getName());
+ }
+ StaxUtil.writeEndElement( writer );
+ }
+
+ private void writeRenewTargetType(RenewTargetType renewTarget) throws ProcessingException
+ {
+ StaxUtil.writeStartElement( writer, PREFIX, WSTrustConstants.RENEW_TARGET, BASE_NAMESPACE);
+
+ Object renewTargetObj = renewTarget.getAny();
+ if (renewTargetObj != null)
+ {
+ if (renewTargetObj instanceof AssertionType)
+ {
+ AssertionType assertion = (AssertionType) renewTargetObj;
+ SAMLAssertionWriter samlAssertionWriter = new SAMLAssertionWriter(this.writer);
+ samlAssertionWriter.write(assertion);
+ }
+ else if (renewTargetObj instanceof Element)
+ {
+ StaxUtil.writeDOMElement(writer, (Element) renewTargetObj);
+ }
+ else
+ throw new ProcessingException("Unknown renew target type=" + renewTargetObj.getClass().getName());
+ }
+ StaxUtil.writeEndElement( writer );
+ }
+
+ /**
+ * Write an {@code CancelTargetType} to Stream
+ * @param cancelTarget
+ * @param out
+ * @throws ProcessingException
+ */
+ private void writeCancelTargetType(CancelTargetType cancelTarget) throws ProcessingException
+ {
+ StaxUtil.writeStartElement( writer, PREFIX, WSTrustConstants.CANCEL_TARGET, BASE_NAMESPACE);
+
+ Object cancelTargetObj = cancelTarget.getAny();
+ if (cancelTargetObj != null)
+ {
+ if (cancelTargetObj instanceof AssertionType)
+ {
+ AssertionType assertion = (AssertionType) cancelTargetObj;
+ SAMLAssertionWriter samlAssertionWriter = new SAMLAssertionWriter(this.writer);
+ samlAssertionWriter.write(assertion);
+ }
+ else if (cancelTargetObj instanceof Element)
+ {
+ StaxUtil.writeDOMElement(writer, (Element) cancelTargetObj);
+ }
+ else
+ throw new ProcessingException("Unknown cancel target type=" + cancelTargetObj.getClass().getName());
+ }
+ StaxUtil.writeEndElement( writer );
+ }
+
+ /**
+ * Write a {@code BinarySecretType} to stream
+ * @param writer
+ * @param binarySecret
+ * @throws ProcessingException
+ */
+ private void writeBinarySecretType( XMLStreamWriter writer, BinarySecretType binarySecret ) throws ProcessingException
+ {
+ StaxUtil.writeStartElement( writer, PREFIX, WSTrustConstants.BINARY_SECRET, BASE_NAMESPACE );
+ String type = binarySecret.getType();
+ StaxUtil.writeAttribute(writer, WSTrustConstants.TYPE, type );
+ StaxUtil.writeCharacters(writer, new String( binarySecret.getValue() ) );
+ StaxUtil.writeEndElement(writer);
+ }
+
+ /**
+ * Write a Request Type
+ * @param writer
+ * @param uri
+ * @throws ProcessingException
+ */
+ private void writeRequestType( XMLStreamWriter writer , URI uri ) throws ProcessingException
+ {
+ StaxUtil.writeStartElement( writer, PREFIX, WSTrustConstants.REQUEST_TYPE, BASE_NAMESPACE );
+ StaxUtil.writeCharacters(writer, uri.toASCIIString() );
+ StaxUtil.writeEndElement(writer);
+ }
+
+ /**
+ * Write Token Type
+ * @param writer
+ * @param uri
+ * @throws ProcessingException
+ */
+ private void writeTokenType( XMLStreamWriter writer , URI uri ) throws ProcessingException
+ {
+ StaxUtil.writeStartElement( writer, PREFIX, WSTrustConstants.TOKEN_TYPE, BASE_NAMESPACE );
+ StaxUtil.writeCharacters(writer, uri.toASCIIString() );
+ StaxUtil.writeEndElement(writer);
+ }
+}
\ No newline at end of file
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/writers/WSTrustRequestWriter.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/writers/WSTrustRequestWriter.java 2010-11-30 16:03:56 UTC (rev 568)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/writers/WSTrustRequestWriter.java 2010-11-30 16:06:20 UTC (rev 569)
@@ -39,8 +39,8 @@
import org.picketlink.identity.federation.core.util.StaxUtil;
import org.picketlink.identity.federation.core.wstrust.WSTrustConstants;
import org.picketlink.identity.federation.core.wstrust.wrappers.RequestSecurityToken;
-import org.picketlink.identity.federation.core.wstrust.wrappers.RequestSecurityTokenCollection;
-import org.picketlink.identity.federation.saml.v2.assertion.AssertionType;
+import org.picketlink.identity.federation.core.wstrust.wrappers.RequestSecurityTokenCollection;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AssertionType;
import org.picketlink.identity.federation.ws.policy.AppliesTo;
import org.picketlink.identity.federation.ws.trust.BinarySecretType;
import org.picketlink.identity.federation.ws.trust.CancelTargetType;
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/writers/WSTrustResponseWriter.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/writers/WSTrustResponseWriter.java 2010-11-30 16:03:56 UTC (rev 568)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/writers/WSTrustResponseWriter.java 2010-11-30 16:06:20 UTC (rev 569)
@@ -29,8 +29,8 @@
import org.picketlink.identity.federation.core.wstrust.WSTrustConstants;
import org.picketlink.identity.federation.core.wstrust.wrappers.Lifetime;
import org.picketlink.identity.federation.core.wstrust.wrappers.RequestSecurityTokenResponse;
-import org.picketlink.identity.federation.core.wstrust.wrappers.RequestSecurityTokenResponseCollection;
-import org.picketlink.identity.federation.saml.v2.assertion.AssertionType;
+import org.picketlink.identity.federation.core.wstrust.wrappers.RequestSecurityTokenResponseCollection;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AssertionType;
import org.picketlink.identity.federation.ws.trust.BinarySecretType;
import org.picketlink.identity.federation.ws.trust.ComputedKeyType;
import org.picketlink.identity.federation.ws.trust.EntropyType;
Modified: federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/identity/federation/core/wstrust/auth/Util.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/identity/federation/core/wstrust/auth/Util.java 2010-11-30 16:03:56 UTC (rev 568)
+++ federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/identity/federation/core/wstrust/auth/Util.java 2010-11-30 16:06:20 UTC (rev 569)
@@ -23,9 +23,12 @@
import java.util.HashMap;
import java.util.Map;
+import org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLConstants;
+import org.picketlink.identity.federation.core.saml.v2.factories.JBossSAMLBaseFactory;
+import org.picketlink.identity.federation.core.saml.v2.util.XMLTimeUtil;
import org.picketlink.identity.federation.core.wstrust.auth.AbstractSTSLoginModule;
-import org.picketlink.identity.federation.core.wstrust.plugins.saml.SAMLUtil;
-import org.picketlink.identity.federation.saml.v2.assertion.AssertionType;
+import org.picketlink.identity.federation.core.wstrust.plugins.saml.SAMLUtil;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AssertionType;
import org.w3c.dom.Element;
/**
@@ -42,7 +45,9 @@
public static Element createSamlToken() throws Exception
{
- final AssertionType assertionType = new AssertionType();
+ String id = "ID+" + JBossSAMLBaseFactory.createUUID();
+ final AssertionType assertionType = new AssertionType( id, XMLTimeUtil.getIssueInstant(),
+ JBossSAMLConstants.VERSION_2_0.get() );
return SAMLUtil.toElement(assertionType);
}
Modified: federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/saml/SAMLAssertionParserTestCase.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/saml/SAMLAssertionParserTestCase.java 2010-11-30 16:03:56 UTC (rev 568)
+++ federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/saml/SAMLAssertionParserTestCase.java 2010-11-30 16:06:20 UTC (rev 569)
@@ -27,7 +27,9 @@
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.InputStream;
+import java.util.Iterator;
import java.util.List;
+import java.util.Set;
import javax.xml.bind.JAXBElement;
import javax.xml.namespace.QName;
@@ -39,18 +41,10 @@
import org.picketlink.identity.federation.core.saml.v2.util.DocumentUtil;
import org.picketlink.identity.federation.core.saml.v2.util.XMLTimeUtil;
import org.picketlink.identity.federation.core.saml.v2.writers.SAMLAssertionWriter;
-import org.picketlink.identity.federation.core.util.StaxUtil;
-import org.picketlink.identity.federation.saml.v2.assertion.AssertionType;
-import org.picketlink.identity.federation.saml.v2.assertion.AttributeStatementType;
-import org.picketlink.identity.federation.saml.v2.assertion.AttributeType;
-import org.picketlink.identity.federation.saml.v2.assertion.AudienceRestrictionType;
-import org.picketlink.identity.federation.saml.v2.assertion.AuthnStatementType;
-import org.picketlink.identity.federation.saml.v2.assertion.ConditionsType;
-import org.picketlink.identity.federation.saml.v2.assertion.NameIDType;
-import org.picketlink.identity.federation.saml.v2.assertion.StatementAbstractType;
-import org.picketlink.identity.federation.saml.v2.assertion.SubjectConfirmationDataType;
-import org.picketlink.identity.federation.saml.v2.assertion.SubjectConfirmationType;
-import org.picketlink.identity.federation.saml.v2.assertion.SubjectType;
+import org.picketlink.identity.federation.core.util.StaxUtil;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.*;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AttributeStatementType.ASTChoiceType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.SubjectType.STSubType;
/**
* Test the parsing of saml assertions
@@ -76,7 +70,17 @@
//Subject
SubjectType subject = assertion.getSubject();
- List<JAXBElement<?>> content = subject.getContent();
+
+ STSubType subType = subject.getSubType();
+ NameIDType subjectNameID = (NameIDType) subType.getBaseID();
+ assertEquals( "jduke", subjectNameID.getValue() );
+ assertEquals( "urn:picketlink:identity-federation", subjectNameID.getNameQualifier() );
+ SubjectConfirmationType subjectConfirmation = subject.getConfirmation().get(0 );
+ SubjectConfirmationDataType subjectConfirmationDataType = subjectConfirmation.getSubjectConfirmationData();
+ assertEquals( XMLTimeUtil.parse( "2010-09-30T19:13:37.869Z" ) , subjectConfirmationDataType.getNotBefore() );
+ assertEquals( XMLTimeUtil.parse( "2010-09-30T21:13:37.869Z" ) , subjectConfirmationDataType.getNotOnOrAfter() );
+
+ /*List<JAXBElement<?>> content = subject.getContent();
int size = content.size();
@@ -98,7 +102,7 @@
assertEquals( XMLTimeUtil.parse( "2010-09-30T19:13:37.869Z" ) , conditions.getNotBefore() );
assertEquals( XMLTimeUtil.parse( "2010-09-30T21:13:37.869Z" ) , conditions.getNotOnOrAfter() );
}
- }
+ } */
}
@@ -125,7 +129,24 @@
//Subject
SubjectType subject = assertion.getSubject();
- List<JAXBElement<?>> content = subject.getContent();
+
+ STSubType subType = subject.getSubType();
+ NameIDType subjectNameID = (NameIDType) subType.getBaseID();
+ assertEquals( "jduke", subjectNameID.getValue() );
+ assertEquals( "urn:picketlink:identity-federation", subjectNameID.getNameQualifier() );
+
+ SubjectConfirmationType subjectConfirmation = subject.getConfirmation().get(0 );
+ assertEquals( "urn:oasis:names:tc:SAML:2.0:cm:bearer", subjectConfirmation.getMethod() );
+
+ ConditionsType conditions = assertion.getConditions();
+ assertEquals( XMLTimeUtil.parse( "2010-09-30T19:13:37.911Z" ) , conditions.getNotBefore() );
+ assertEquals( XMLTimeUtil.parse( "2010-09-30T21:13:37.911Z" ) , conditions.getNotOnOrAfter() );
+
+ AudienceRestrictionType audienceRestrictionType = (AudienceRestrictionType) conditions.getConditions().get(0);
+ assertEquals( 1, audienceRestrictionType.getAudience().size() );
+ assertEquals( "http://services.testcorp.org/provider2", audienceRestrictionType.getAudience().get( 0 ));
+
+ /*List<JAXBElement<?>> content = subject.getContent();
int size = content.size();
@@ -153,7 +174,7 @@
assertEquals( 1, audienceRestrictionType.getAudience().size() );
assertEquals( "http://services.testcorp.org/provider2", audienceRestrictionType.getAudience().get( 0 ));
}
- }
+ }*/
}
@@ -174,18 +195,19 @@
//Issuer
assertEquals( "https://idp.example.org/SAML2", assertion.getIssuer().getValue() );
- List<StatementAbstractType> statements = assertion.getStatementOrAuthnStatementOrAuthzDecisionStatement();
+ Set<StatementAbstractType> statements = assertion.getStatements();
assertEquals( 2, statements.size() );
- AuthnStatementType authnStatement = (AuthnStatementType) statements.get(0);
+ Iterator<StatementAbstractType> iter = statements.iterator();
+ AuthnStatementType authnStatement = (AuthnStatementType) iter.next();
assertEquals( XMLTimeUtil.parse( "2004-12-05T09:22:00Z" ), authnStatement.getAuthnInstant() );
assertEquals( "b07b804c-7c29-ea16-7300-4f3d6f7928ac", authnStatement.getSessionIndex() );
- AttributeStatementType attributeStatement = (AttributeStatementType) statements.get( 1 );
- List<Object> attributes = attributeStatement.getAttributeOrEncryptedAttribute();
+ AttributeStatementType attributeStatement = (AttributeStatementType) iter.next();
+ List<ASTChoiceType> attributes = attributeStatement.getAttributes();
assertEquals( 1, attributes.size() );
- AttributeType attribute = (AttributeType) attributes.get(0);
+ AttributeType attribute = attributes.get(0).getAttribute();
assertEquals( "eduPersonAffiliation", attribute.getFriendlyName() );
assertEquals( "urn:oid:1.3.6.1.4.1.5923.1.1.1.1", attribute.getName() );
assertEquals( "urn:oasis:names:tc:SAML:2.0:attrname-format:uri", attribute.getNameFormat() );
@@ -205,7 +227,29 @@
//Subject
SubjectType subject = assertion.getSubject();
- List<JAXBElement<?>> content = subject.getContent();
+ STSubType subType = subject.getSubType();
+ NameIDType subjectNameID = (NameIDType) subType.getBaseID();
+ assertEquals( "3f7b3dcf-1674-4ecd-92c8-1544f346baf8", subjectNameID.getValue() );
+ assertEquals( "urn:oasis:names:tc:SAML:2.0:nameid-format:transient", subjectNameID.getFormat() );
+
+ SubjectConfirmationType subjectConfirmation = subject.getConfirmation().get(0 );
+ assertEquals( "urn:oasis:names:tc:SAML:2.0:cm:bearer", subjectConfirmation.getMethod() );
+
+ SubjectConfirmationDataType subjectConfirmationData = subjectConfirmation.getSubjectConfirmationData();
+ assertEquals( "ID_aaf23196-1773-2113-474a-fe114412ab72", subjectConfirmationData.getInResponseTo() );
+ assertEquals( XMLTimeUtil.parse( "2004-12-05T09:27:05Z" ), subjectConfirmationData.getNotOnOrAfter() );
+ assertEquals( "https://sp.example.com/SAML2/SSO/POST", subjectConfirmationData.getRecipient());
+
+ ConditionsType conditions = assertion.getConditions();
+ assertEquals( XMLTimeUtil.parse( "2004-12-05T09:17:05Z" ) , conditions.getNotBefore() );
+ assertEquals( XMLTimeUtil.parse( "2004-12-05T09:27:05Z" ) , conditions.getNotOnOrAfter() );
+
+ AudienceRestrictionType audienceRestrictionType = (AudienceRestrictionType) conditions.getConditions().get(0);
+ assertEquals( 1, audienceRestrictionType.getAudience().size() );
+ assertEquals( "https://sp.example.com/SAML2", audienceRestrictionType.getAudience().get( 0 ));
+
+
+ /*List<JAXBElement<?>> content = subject.getContent();
int size = content.size();
assertEquals( 2, size );
@@ -246,7 +290,7 @@
assertEquals( XMLTimeUtil.parse( "2004-12-05T09:27:05Z" ), subjectConfirmationData.getNotOnOrAfter() );
assertEquals( "https://sp.example.com/SAML2/SSO/POST", subjectConfirmationData.getRecipient());
}
- }
+ } */
ByteArrayOutputStream baos = new ByteArrayOutputStream();
SAMLAssertionWriter writer = new SAMLAssertionWriter(StaxUtil.getXMLStreamWriter(baos));
Modified: federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/saml/SAMLAuthnRequestParserTestCase.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/saml/SAMLAuthnRequestParserTestCase.java 2010-11-30 16:03:56 UTC (rev 568)
+++ federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/saml/SAMLAuthnRequestParserTestCase.java 2010-11-30 16:06:20 UTC (rev 569)
@@ -33,9 +33,9 @@
import org.picketlink.identity.federation.core.saml.v2.util.DocumentUtil;
import org.picketlink.identity.federation.core.saml.v2.util.XMLTimeUtil;
import org.picketlink.identity.federation.core.saml.v2.writers.SAMLRequestWriter;
-import org.picketlink.identity.federation.core.util.StaxUtil;
-import org.picketlink.identity.federation.saml.v2.protocol.AuthnRequestType;
-import org.picketlink.identity.federation.saml.v2.protocol.NameIDPolicyType;
+import org.picketlink.identity.federation.core.util.StaxUtil;
+import org.picketlink.identity.federation.newmodel.saml.v2.protocol.AuthnRequestType;
+import org.picketlink.identity.federation.newmodel.saml.v2.protocol.NameIDPolicyType;
/**
* Validate the SAML2 AuthnRequest parse
Modified: federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/saml/SAMLResponseParserTestCase.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/saml/SAMLResponseParserTestCase.java 2010-11-30 16:03:56 UTC (rev 568)
+++ federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/saml/SAMLResponseParserTestCase.java 2010-11-30 16:06:20 UTC (rev 569)
@@ -27,6 +27,7 @@
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.InputStream;
+import java.util.Iterator;
import java.util.List;
import javax.xml.bind.JAXBElement;
@@ -36,17 +37,20 @@
import org.picketlink.identity.federation.core.saml.v2.util.DocumentUtil;
import org.picketlink.identity.federation.core.saml.v2.util.XMLTimeUtil;
import org.picketlink.identity.federation.core.saml.v2.writers.SAMLResponseWriter;
-import org.picketlink.identity.federation.core.util.StaxUtil;
-import org.picketlink.identity.federation.saml.v2.assertion.AssertionType;
-import org.picketlink.identity.federation.saml.v2.assertion.AttributeStatementType;
-import org.picketlink.identity.federation.saml.v2.assertion.AttributeType;
-import org.picketlink.identity.federation.saml.v2.assertion.AuthnStatementType;
-import org.picketlink.identity.federation.saml.v2.assertion.NameIDType;
-import org.picketlink.identity.federation.saml.v2.assertion.SubjectConfirmationDataType;
-import org.picketlink.identity.federation.saml.v2.assertion.SubjectConfirmationType;
-import org.picketlink.identity.federation.saml.v2.assertion.SubjectType;
-import org.picketlink.identity.federation.saml.v2.protocol.ResponseType;
-import org.picketlink.identity.federation.saml.v2.protocol.StatusType;
+import org.picketlink.identity.federation.core.util.StaxUtil;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AssertionType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AttributeStatementType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AttributeType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AuthnContextDeclRefType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AuthnContextType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AuthnStatementType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.NameIDType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.StatementAbstractType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.SubjectConfirmationDataType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.SubjectConfirmationType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.SubjectType;
+import org.picketlink.identity.federation.newmodel.saml.v2.protocol.*;
+import org.picketlink.identity.federation.newmodel.saml.v2.protocol.ResponseType.RTChoiceType;
/**
* Validate the parsing of SAML2 Response
@@ -76,31 +80,43 @@
StatusType status = response.getStatus();
assertEquals( "urn:oasis:names:tc:SAML:2.0:status:Success", status.getStatusCode().getValue() );
- List<Object> assertionList = response.getAssertionOrEncryptedAssertion();
+ List<RTChoiceType> assertionList = response.getAssertions();
assertEquals( 2, assertionList.size() );
- AssertionType assertion1 = (AssertionType) assertionList.get( 0 );
+ AssertionType assertion1 = assertionList.get( 0 ).getAssertion();
assertEquals( "ID_0be488d8-7089-4892-8aeb-83594c800706", assertion1.getID() );
assertEquals( XMLTimeUtil.parse( "2009-05-26T14:06:26.362-05:00" ), assertion1.getIssueInstant() );
assertEquals( "2.0", assertion1.getVersion() );
- assertEquals( "testIssuer", assertion1.getIssuer().getValue() );
- AuthnStatementType authnStatement = (AuthnStatementType) assertion1.getStatementOrAuthnStatementOrAuthzDecisionStatement().get( 0 );
+ assertEquals( "testIssuer", assertion1.getIssuer().getValue() ) ;
+
+ Iterator<StatementAbstractType> iterator = assertion1.getStatements().iterator();
+
+ AuthnStatementType authnStatement = (AuthnStatementType) iterator.next();
assertEquals( XMLTimeUtil.parse( "2009-05-26T14:06:26.359-05:00" ), authnStatement.getAuthnInstant() );
+
+
+ AuthnContextType authnContext = authnStatement.getAuthnContext();
+
+ AuthnContextDeclRefType refType = (AuthnContextDeclRefType) authnContext.getURIType().iterator().next();
+ assertEquals( "urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport", refType.getValue().toASCIIString() );
+ /*
JAXBElement<?> authnContextDeclRefJaxb = (JAXBElement<?>) authnStatement.getAuthnContext().getContent().get(0);
- assertEquals( "urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport", authnContextDeclRefJaxb.getValue() );
+ assertEquals( "urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport", authnContextDeclRefJaxb.getValue() );*/
- AssertionType assertion2 = (AssertionType) assertionList.get( 1 );
+ AssertionType assertion2 = (AssertionType) assertionList.get( 1 ).getAssertion();
assertEquals( "ID_976d8310-658a-450d-be39-f33c73c8afa6", assertion2.getID() );
assertEquals( XMLTimeUtil.parse( "2009-05-26T14:06:26.363-05:00" ), assertion2.getIssueInstant() );
assertEquals( "2.0", assertion2.getVersion() );
assertEquals( "testIssuer", assertion2.getIssuer().getValue() );
- authnStatement = (AuthnStatementType) assertion2.getStatementOrAuthnStatementOrAuthzDecisionStatement().get( 0 );
+ authnStatement = (AuthnStatementType) assertion2.getStatements().iterator().next();
assertEquals( XMLTimeUtil.parse( "2009-05-26T14:06:26.359-05:00" ), authnStatement.getAuthnInstant() );
- authnContextDeclRefJaxb = (JAXBElement<?>) authnStatement.getAuthnContext().getContent().get(0);
- assertEquals( "urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport", authnContextDeclRefJaxb.getValue() );
+ authnContext = authnStatement.getAuthnContext();
+ refType = (AuthnContextDeclRefType) authnContext.getURIType().iterator().next();
+ assertEquals( "urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport", refType.getValue().toASCIIString() );
+
//Let us do some writing - currently only visual inspection. We will do proper validation later.
ByteArrayOutputStream baos = new ByteArrayOutputStream();
SAMLResponseWriter writer = new SAMLResponseWriter(StaxUtil.getXMLStreamWriter(baos));
@@ -136,7 +152,7 @@
assertEquals( "urn:oasis:names:tc:SAML:2.0:status:Success", status.getStatusCode().getValue() );
//Get the assertion
- AssertionType assertion = (AssertionType) response.getAssertionOrEncryptedAssertion().get(0);
+ AssertionType assertion = (AssertionType) response.getAssertions().get(0).getAssertion();
assertEquals( "ID_8be1534d-9155-4837-9f26-70ea2c15e327", assertion.getID() );
assertEquals( XMLTimeUtil.parse( "2010-11-04T00:19:16.842-05:00" ), assertion.getIssueInstant() );
assertEquals( "2.0", assertion.getVersion() );
@@ -145,8 +161,42 @@
//Subject
SubjectType subject = assertion.getSubject();
- List<JAXBElement<?>> content = subject.getContent();
+ NameIDType subjectNameID = (NameIDType) subject.getSubType().getBaseID();
+ assertEquals( "anil", subjectNameID.getValue() );
+ assertEquals( "urn:oasis:names:tc:SAML:2.0:nameid-format:persistent", subjectNameID.getFormat() );
+
+ SubjectConfirmationType subjectConfirmation = subject.getConfirmation().get(0);
+
+ assertEquals( "urn:oasis:names:tc:SAML:2.0:cm:bearer", subjectConfirmation.getMethod() );
+
+ SubjectConfirmationDataType subjectConfirmationData = subjectConfirmation.getSubjectConfirmationData();
+ assertEquals( "ID_04ded476-d73c-48af-b3a9-232a52905ffb", subjectConfirmationData.getInResponseTo() );
+ assertEquals( XMLTimeUtil.parse( "2010-11-04T00:19:16.842-05:00" ), subjectConfirmationData.getNotBefore() );
+ assertEquals( XMLTimeUtil.parse( "2010-11-04T00:19:16.842-05:00" ), subjectConfirmationData.getNotOnOrAfter() );
+ assertEquals( "http://localhost:8080/employee/", subjectConfirmationData.getRecipient());
+
+ AttributeStatementType attributeStatement = (AttributeStatementType) assertion.getStatements().iterator().next();
+
+ List<org.picketlink.identity.federation.newmodel.saml.v2.assertion.AttributeStatementType.ASTChoiceType> attributes = attributeStatement.getAttributes();
+ assertEquals( 2, attributes.size() );
+
+ for( org.picketlink.identity.federation.newmodel.saml.v2.assertion.AttributeStatementType.ASTChoiceType attr: attributes )
+ {
+ AttributeType attribute = attr.getAttribute();
+ assertEquals( "role", attribute.getFriendlyName() );
+ assertEquals( "role", attribute.getName() );
+ assertEquals( "role", attribute.getNameFormat() );
+ List<Object> attributeValues = attribute.getAttributeValue();
+ assertEquals( 1, attributeValues.size() );
+
+ String str = (String ) attributeValues.get( 0 );
+ if( ! ( str.equals( "employee") || str.equals( "manager" )))
+ throw new RuntimeException( "attrib value not found" );
+ }
+
+ /*List<JAXBElement<?>> content = subject.getContent();
+
int size = content.size();
for( int i = 0 ; i < size; i++ )
@@ -196,6 +246,6 @@
}
else
throw new RuntimeException( "unknown" );
- }
+ } */
}
}
\ No newline at end of file
Modified: federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/saml/SAMLSloRequestParserTestCase.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/saml/SAMLSloRequestParserTestCase.java 2010-11-30 16:03:56 UTC (rev 568)
+++ federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/saml/SAMLSloRequestParserTestCase.java 2010-11-30 16:06:20 UTC (rev 569)
@@ -33,8 +33,8 @@
import org.picketlink.identity.federation.core.saml.v2.util.DocumentUtil;
import org.picketlink.identity.federation.core.saml.v2.util.XMLTimeUtil;
import org.picketlink.identity.federation.core.saml.v2.writers.SAMLRequestWriter;
-import org.picketlink.identity.federation.core.util.StaxUtil;
-import org.picketlink.identity.federation.saml.v2.protocol.LogoutRequestType;
+import org.picketlink.identity.federation.core.util.StaxUtil;
+import org.picketlink.identity.federation.newmodel.saml.v2.protocol.LogoutRequestType;
/**
* Validate the parsing of SLO (log out) Request
Modified: federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/saml/SAMLSloResponseParserTestCase.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/saml/SAMLSloResponseParserTestCase.java 2010-11-30 16:03:56 UTC (rev 568)
+++ federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/saml/SAMLSloResponseParserTestCase.java 2010-11-30 16:06:20 UTC (rev 569)
@@ -37,10 +37,9 @@
import org.picketlink.identity.federation.core.saml.v2.util.DocumentUtil;
import org.picketlink.identity.federation.core.saml.v2.util.XMLTimeUtil;
import org.picketlink.identity.federation.core.saml.v2.writers.SAMLResponseWriter;
-import org.picketlink.identity.federation.core.util.StaxUtil;
-import org.picketlink.identity.federation.saml.v2.protocol.StatusResponseType;
-import org.picketlink.identity.federation.saml.v2.protocol.StatusType;
-
+import org.picketlink.identity.federation.core.util.StaxUtil;
+import org.picketlink.identity.federation.newmodel.saml.v2.protocol.StatusResponseType;
+import org.picketlink.identity.federation.newmodel.saml.v2.protocol.StatusType;
/**
* Validate the parsing of SLO Response
* @author Anil.Saldhana(a)redhat.com
Modified: federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/wst/WSTResponseAssertionHOKCertificateTestCase.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/wst/WSTResponseAssertionHOKCertificateTestCase.java 2010-11-30 16:03:56 UTC (rev 568)
+++ federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/wst/WSTResponseAssertionHOKCertificateTestCase.java 2010-11-30 16:06:20 UTC (rev 569)
@@ -35,8 +35,8 @@
import org.picketlink.identity.federation.core.wstrust.WSTrustConstants;
import org.picketlink.identity.federation.core.wstrust.plugins.saml.SAMLUtil;
import org.picketlink.identity.federation.core.wstrust.wrappers.RequestSecurityTokenResponse;
-import org.picketlink.identity.federation.core.wstrust.wrappers.RequestSecurityTokenResponseCollection;
-import org.picketlink.identity.federation.saml.v2.assertion.AssertionType;
+import org.picketlink.identity.federation.core.wstrust.wrappers.RequestSecurityTokenResponseCollection;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AssertionType;
import org.picketlink.identity.federation.ws.addressing.EndpointReferenceType;
import org.picketlink.identity.federation.ws.trust.RequestedReferenceType;
import org.picketlink.identity.federation.ws.wss.secext.KeyIdentifierType;
Modified: federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/saml/v2/X500AttributeUnitTestCase.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/saml/v2/X500AttributeUnitTestCase.java 2010-11-30 16:03:56 UTC (rev 568)
+++ federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/saml/v2/X500AttributeUnitTestCase.java 2010-11-30 16:06:20 UTC (rev 569)
@@ -25,24 +25,22 @@
import java.util.HashMap;
import java.util.Map;
-import javax.xml.bind.JAXBElement;
-import javax.xml.bind.Marshaller;
-
import junit.framework.TestCase;
import org.picketlink.identity.federation.core.constants.AttributeConstants;
import org.picketlink.identity.federation.core.saml.v2.common.IDGenerator;
import org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLURIConstants;
import org.picketlink.identity.federation.core.saml.v2.factories.JBossSAMLAuthnResponseFactory;
-import org.picketlink.identity.federation.core.saml.v2.factories.SAMLProtocolFactory;
import org.picketlink.identity.federation.core.saml.v2.holders.IDPInfoHolder;
import org.picketlink.identity.federation.core.saml.v2.holders.IssuerInfoHolder;
import org.picketlink.identity.federation.core.saml.v2.holders.SPInfoHolder;
import org.picketlink.identity.federation.core.saml.v2.util.DocumentUtil;
import org.picketlink.identity.federation.core.saml.v2.util.StatementUtil;
-import org.picketlink.identity.federation.saml.v2.assertion.AssertionType;
-import org.picketlink.identity.federation.saml.v2.assertion.AttributeStatementType;
-import org.picketlink.identity.federation.saml.v2.protocol.ResponseType;
+import org.picketlink.identity.federation.core.saml.v2.writers.SAMLResponseWriter;
+import org.picketlink.identity.federation.core.util.StaxUtil;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AssertionType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AttributeStatementType;
+import org.picketlink.identity.federation.newmodel.saml.v2.protocol.ResponseType;
import org.w3c.dom.Document;
import org.w3c.dom.Element;
import org.w3c.dom.Node;
@@ -73,15 +71,18 @@
new SPInfoHolder(), idp, issuerHolder);
assertNotNull(rt);
- AssertionType assertion = (AssertionType) rt.getAssertionOrEncryptedAssertion().get(0);
- assertion.getStatementOrAuthnStatementOrAuthzDecisionStatement().add(attrStat);
+ AssertionType assertion = (AssertionType) rt.getAssertions().get(0).getAssertion();
+ assertion.addStatement( attrStat );
ByteArrayOutputStream baos = new ByteArrayOutputStream();
- Marshaller marshaller = JBossSAMLAuthnResponseFactory.getValidatingMarshaller(false);
+ SAMLResponseWriter writer = new SAMLResponseWriter( StaxUtil.getXMLStreamWriter(baos) );
+ writer.write(rt);
+
+ /*Marshaller marshaller = JBossSAMLAuthnResponseFactory.getValidatingMarshaller(false);
JAXBElement<ResponseType> jaxb = SAMLProtocolFactory.getObjectFactory().createResponse(rt);
marshaller.marshal(jaxb, baos);
- //marshaller.marshal(jaxb, System.out);
+ *///marshaller.marshal(jaxb, System.out);
Document samlDom = DocumentUtil.getDocument(new String(baos.toByteArray()));
NodeList nl = samlDom.getElementsByTagName("Attribute");
Modified: federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/saml/v2/util/AssertionUtilUnitTestCase.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/saml/v2/util/AssertionUtilUnitTestCase.java 2010-11-30 16:03:56 UTC (rev 568)
+++ federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/saml/v2/util/AssertionUtilUnitTestCase.java 2010-11-30 16:06:20 UTC (rev 569)
@@ -26,32 +26,26 @@
import junit.framework.TestCase;
import org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLConstants;
-import org.picketlink.identity.federation.core.saml.v2.factories.SAMLAssertionFactory;
import org.picketlink.identity.federation.core.saml.v2.util.AssertionUtil;
import org.picketlink.identity.federation.core.saml.v2.util.XMLTimeUtil;
-import org.picketlink.identity.federation.saml.v2.assertion.AssertionType;
-import org.picketlink.identity.federation.saml.v2.assertion.ConditionsType;
-import org.picketlink.identity.federation.saml.v2.assertion.NameIDType;
-import org.picketlink.identity.federation.saml.v2.assertion.ObjectFactory;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AssertionType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.ConditionsType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.NameIDType;
-
/**
* Unit test the AssertionUtil
* @author Anil.Saldhana(a)redhat.com
* @since Jun 3, 2009
*/
public class AssertionUtilUnitTestCase extends TestCase
-{
- private ObjectFactory of = SAMLAssertionFactory.getObjectFactory();
+{
public void testValidAssertion() throws Exception
{
- NameIDType nameIdType = of.createNameIDType();
+ NameIDType nameIdType = new NameIDType();
nameIdType.setValue("somename");
- AssertionType assertion = of.createAssertionType();
- assertion.setID("SomeID");
- assertion.setVersion(JBossSAMLConstants.VERSION_2_0.get());
+ AssertionType assertion = new AssertionType( "SomeID", XMLTimeUtil.getIssueInstant(), JBossSAMLConstants.VERSION_2_0.get() );
assertion.setIssuer(nameIdType);
//Assertions with no conditions are everlasting
@@ -61,7 +55,7 @@
XMLGregorianCalendar sometimeLater = XMLTimeUtil.add(now, 5555);
- ConditionsType conditions = of.createConditionsType();
+ ConditionsType conditions = new ConditionsType();
conditions.setNotBefore(now);
conditions.setNotOnOrAfter(sometimeLater);
assertion.setConditions(conditions);
@@ -71,19 +65,17 @@
public void testExpiredAssertion() throws Exception
{
- NameIDType nameIdType = of.createNameIDType();
+ NameIDType nameIdType = new NameIDType();
nameIdType.setValue("somename");
- AssertionType assertion = of.createAssertionType();
- assertion.setID("SomeID");
- assertion.setVersion(JBossSAMLConstants.VERSION_2_0.get());
+ AssertionType assertion = new AssertionType( "SomeID", XMLTimeUtil.getIssueInstant(), JBossSAMLConstants.VERSION_2_0.get());
assertion.setIssuer(nameIdType);
XMLGregorianCalendar now = XMLTimeUtil.getIssueInstant();
XMLGregorianCalendar sometimeAgo = XMLTimeUtil.subtract(now, 55555);
- ConditionsType conditions = of.createConditionsType();
+ ConditionsType conditions = new ConditionsType();
conditions.setNotBefore(XMLTimeUtil.subtract(now,55575));
conditions.setNotOnOrAfter(sometimeAgo);
assertion.setConditions(conditions);
Modified: federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/wstrust/PicketLinkSTSUnitTestCase.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/wstrust/PicketLinkSTSUnitTestCase.java 2010-11-30 16:03:56 UTC (rev 568)
+++ federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/wstrust/PicketLinkSTSUnitTestCase.java 2010-11-30 16:06:20 UTC (rev 569)
@@ -69,17 +69,14 @@
import org.picketlink.identity.federation.core.wstrust.wrappers.RequestSecurityTokenResponse;
import org.picketlink.identity.federation.core.wstrust.wrappers.RequestSecurityTokenResponseCollection;
import org.picketlink.identity.federation.core.wstrust.writers.WSTrustRequestWriter;
-import org.picketlink.identity.federation.saml.v2.assertion.AssertionType;
-import org.picketlink.identity.federation.saml.v2.assertion.AudienceRestrictionType;
-import org.picketlink.identity.federation.saml.v2.assertion.ConditionAbstractType;
-import org.picketlink.identity.federation.saml.v2.assertion.ConditionsType;
-import org.picketlink.identity.federation.saml.v2.assertion.NameIDType;
-import org.picketlink.identity.federation.saml.v2.assertion.SubjectConfirmationDataType;
-import org.picketlink.identity.federation.saml.v2.assertion.SubjectConfirmationType;
-import org.picketlink.identity.federation.ws.addressing.AttributedURIType;
-import org.picketlink.identity.federation.ws.addressing.EndpointReferenceType;
-import org.picketlink.identity.federation.ws.addressing.ObjectFactory;
-import org.picketlink.identity.federation.ws.policy.AppliesTo;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AssertionType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AudienceRestrictionType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.ConditionAbstractType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.ConditionsType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.NameIDType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.SubjectConfirmationDataType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.SubjectConfirmationType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.SubjectType;
import org.picketlink.identity.federation.ws.trust.BinarySecretType;
import org.picketlink.identity.federation.ws.trust.CancelTargetType;
import org.picketlink.identity.federation.ws.trust.ComputedKeyType;
@@ -367,9 +364,8 @@
// in this scenario, the conditions section should have an audience restriction.
ConditionsType conditions = assertion.getConditions();
- assertEquals("Unexpected restriction list size", 1, conditions.getConditionOrAudienceRestrictionOrOneTimeUse()
- .size());
- ConditionAbstractType abstractType = conditions.getConditionOrAudienceRestrictionOrOneTimeUse().get(0);
+ assertEquals("Unexpected restriction list size", 1, conditions.getConditions().size());
+ ConditionAbstractType abstractType = conditions.getConditions().get(0);
assertTrue("Unexpected restriction type", abstractType instanceof AudienceRestrictionType);
AudienceRestrictionType audienceRestriction = (AudienceRestrictionType) abstractType;
assertEquals("Unexpected audience restriction list size", 1, audienceRestriction.getAudience().size());
@@ -415,8 +411,7 @@
*
* @throws Exception
* if an error occurs while running the test.
- */
- @SuppressWarnings("rawtypes")
+ */
public void testInvokeSAML20WithSTSGeneratedSymmetricKey() throws Exception
{
// create a simple token request, asking for a SAMLv2.0 token.
@@ -436,8 +431,7 @@
AssertionType assertion = this.validateSAMLAssertionResponse(baseResponse, "testcontext", "jduke",
SAMLUtil.SAML2_HOLDER_OF_KEY_URI);
// validate the holder of key contents.
- SubjectConfirmationType subjConfirmation = (SubjectConfirmationType) assertion.getSubject().getContent().get(1)
- .getValue();
+ SubjectConfirmationType subjConfirmation = (SubjectConfirmationType) assertion.getSubject().getConfirmation().get(1);
this.validateHolderOfKeyContents(subjConfirmation, WSTrustConstants.KEY_TYPE_SYMMETRIC, null, false);
// check if the response contains the STS-generated key.
@@ -463,8 +457,7 @@
*
* @throws Exception
* if an error occurs while running the test.
- */
- @SuppressWarnings("rawtypes")
+ */
public void testInvokeSAML20WithCombinedSymmetricKey() throws Exception
{
// create a 64-bit random client secret.
@@ -494,8 +487,7 @@
AssertionType assertion = this.validateSAMLAssertionResponse(baseResponse, "testcontext", "jduke",
SAMLUtil.SAML2_HOLDER_OF_KEY_URI);
// validate the holder of key contents.
- SubjectConfirmationType subjConfirmation = (SubjectConfirmationType) assertion.getSubject().getContent().get(1)
- .getValue();
+ SubjectConfirmationType subjConfirmation = (SubjectConfirmationType) assertion.getSubject().getConfirmation().get(1) ;
this.validateHolderOfKeyContents(subjConfirmation, WSTrustConstants.KEY_TYPE_SYMMETRIC, null, false);
RequestSecurityTokenResponseCollection collection = (RequestSecurityTokenResponseCollection) baseResponse;
@@ -549,8 +541,7 @@
AssertionType assertion = this.validateSAMLAssertionResponse(baseResponse, "testcontext", "jduke",
SAMLUtil.SAML2_HOLDER_OF_KEY_URI);
// validate the holder of key contents.
- SubjectConfirmationType subjConfirmation = (SubjectConfirmationType) assertion.getSubject().getContent().get(1)
- .getValue();
+ SubjectConfirmationType subjConfirmation = (SubjectConfirmationType) assertion.getSubject().getConfirmation().get(1);
this.validateHolderOfKeyContents(subjConfirmation, WSTrustConstants.KEY_TYPE_PUBLIC, certificate, false);
}
@@ -587,8 +578,7 @@
AssertionType assertion = this.validateSAMLAssertionResponse(baseResponse, "testcontext", "jduke",
SAMLUtil.SAML2_HOLDER_OF_KEY_URI);
// validate the holder of key contents.
- SubjectConfirmationType subjConfirmation = (SubjectConfirmationType) assertion.getSubject().getContent().get(1)
- .getValue();
+ SubjectConfirmationType subjConfirmation = (SubjectConfirmationType) assertion.getSubject().getConfirmation().get(1) ;
this.validateHolderOfKeyContents(subjConfirmation, WSTrustConstants.KEY_TYPE_PUBLIC, certificate, true);
}
@@ -1175,15 +1165,13 @@
// validate the assertion subject.
assertNotNull("Unexpected null subject", assertion.getSubject());
- List<JAXBElement<?>> content = assertion.getSubject().getContent();
- assertNotNull("Unexpected null subject content");
- assertEquals(2, content.size());
- assertEquals("Unexpected type found", NameIDType.class, content.get(0).getDeclaredType());
- NameIDType nameID = (NameIDType) content.get(0).getValue();
+ SubjectType subject = assertion.getSubject();
+
+ NameIDType nameID = (NameIDType) subject.getSubType().getBaseID();
assertEquals("Unexpected name id qualifier", "urn:picketlink:identity-federation", nameID.getNameQualifier());
assertEquals("Unexpected name id value", principal, nameID.getValue());
- assertEquals("Unexpected type found", SubjectConfirmationType.class, content.get(1).getDeclaredType());
- SubjectConfirmationType subjType = (SubjectConfirmationType) content.get(1).getValue();
+
+ SubjectConfirmationType subjType = (SubjectConfirmationType) subject.getConfirmation().get(1);
assertEquals("Unexpected confirmation method", confirmationMethod, subjType.getMethod());
// validate the assertion conditions.
@@ -1219,11 +1207,7 @@
{
SubjectConfirmationDataType subjConfirmationDataType = subjectConfirmation.getSubjectConfirmationData();
assertNotNull("Unexpected null subject confirmation data", subjConfirmationDataType);
- List<Object> confirmationContent = subjConfirmationDataType.getContent();
- assertEquals("Unexpected subject confirmation content size", 1, confirmationContent.size());
- JAXBElement<?> keyInfoElement = (JAXBElement<?>) confirmationContent.get(0);
- assertEquals("Unexpected subject confirmation context type", KeyInfoType.class, keyInfoElement.getDeclaredType());
- KeyInfoType keyInfo = (KeyInfoType) keyInfoElement.getValue();
+ KeyInfoType keyInfo = (KeyInfoType)subjConfirmationDataType.getAnyType();
assertEquals("Unexpected key info content size", 1, keyInfo.getContent().size());
// if the key is a symmetric key, the KeyInfo should contain an encrypted element.
Modified: federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/wstrust/SAML20TokenProviderUnitTestCase.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/wstrust/SAML20TokenProviderUnitTestCase.java 2010-11-30 16:03:56 UTC (rev 568)
+++ federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/wstrust/SAML20TokenProviderUnitTestCase.java 2010-11-30 16:06:20 UTC (rev 569)
@@ -50,13 +50,9 @@
import org.picketlink.identity.federation.core.wstrust.plugins.saml.SAMLUtil;
import org.picketlink.identity.federation.core.wstrust.wrappers.Lifetime;
import org.picketlink.identity.federation.core.wstrust.wrappers.RequestSecurityToken;
-import org.picketlink.identity.federation.core.wstrust.writers.WSTrustRequestWriter;
-import org.picketlink.identity.federation.saml.v2.assertion.AssertionType;
-import org.picketlink.identity.federation.saml.v2.assertion.AudienceRestrictionType;
-import org.picketlink.identity.federation.saml.v2.assertion.ConditionsType;
-import org.picketlink.identity.federation.saml.v2.assertion.NameIDType;
-import org.picketlink.identity.federation.saml.v2.assertion.SubjectConfirmationType;
-import org.picketlink.identity.federation.saml.v2.assertion.SubjectType;
+import org.picketlink.identity.federation.core.wstrust.writers.WSTrustRequestWriter;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AssertionType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.ConditionsType;
import org.picketlink.identity.federation.ws.trust.RequestedReferenceType;
import org.picketlink.identity.federation.ws.trust.StatusType;
import org.picketlink.identity.federation.ws.trust.ValidateTargetType;
@@ -97,7 +93,9 @@
*/
public void testIssueSAMLV20Token() throws Exception
{
- // create a WSTrustRequestContext with a simple WS-Trust request.
+ fail( "Work on this");
+
+ /*// create a WSTrustRequestContext with a simple WS-Trust request.
RequestSecurityToken request = new RequestSecurityToken();
request.setLifetime(WSTrustUtil.createDefaultLifetime(3600000));
request.setAppliesTo(WSTrustUtil.createAppliesTo("http://services.testcorp.org/provider2"));
@@ -163,7 +161,7 @@
KeyIdentifierType keyId = (KeyIdentifierType) securityRef.getAny().get(0);
assertEquals("Unexpected key value type", SAMLUtil.SAML2_VALUE_TYPE, keyId.getValueType());
assertNotNull("Unexpected null key identifier value", keyId.getValue());
- assertEquals(assertion.getID(), keyId.getValue().substring(1));
+ assertEquals(assertion.getID(), keyId.getValue().substring(1));*/
}
/**
@@ -176,7 +174,8 @@
*/
public void testIssueSAMLV20HolderOfKeyToken() throws Exception
{
- // create a WSTrustRequestContext with a simple WS-Trust request.
+ fail( "work" );
+ /*// create a WSTrustRequestContext with a simple WS-Trust request.
RequestSecurityToken request = new RequestSecurityToken();
request.setLifetime(WSTrustUtil.createDefaultLifetime(3600000));
request.setAppliesTo(WSTrustUtil.createAppliesTo("http://services.testcorp.org/provider2"));
@@ -254,7 +253,7 @@
assertEquals("Unexpected X509 data content type", byte[].class, x509CertElement.getDeclaredType());
// certificate should have been encoded to Base64, so we need to decode it first.
byte[] encodedCert = (byte[]) x509CertElement.getValue();
- assertTrue("Invalid encoded certificate found", Arrays.equals(certificate.getEncoded(), encodedCert));
+ assertTrue("Invalid encoded certificate found", Arrays.equals(certificate.getEncoded(), encodedCert));*/
}
/**
14 years, 1 month
Picketlink SVN: r568 - in federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/newmodel/saml/v2: assertion and 5 other directories.
by picketlink-commits@lists.jboss.org
Author: anil.saldhana(a)jboss.com
Date: 2010-11-30 11:03:56 -0500 (Tue, 30 Nov 2010)
New Revision: 568
Added:
federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/newmodel/saml/v2/profiles/
federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/newmodel/saml/v2/profiles/xacml/
federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/newmodel/saml/v2/profiles/xacml/assertion/
federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/newmodel/saml/v2/profiles/xacml/assertion/XACMLAuthzDecisionStatementType.java
federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/newmodel/saml/v2/profiles/xacml/assertion/XACMLPolicyStatementType.java
federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/newmodel/saml/v2/profiles/xacml/protocol/
federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/newmodel/saml/v2/profiles/xacml/protocol/XACMLAuthzDecisionQueryType.java
federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/newmodel/saml/v2/profiles/xacml/protocol/XACMLPolicyQueryType.java
Modified:
federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/newmodel/saml/v2/assertion/AssertionType.java
federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/newmodel/saml/v2/assertion/AttributeStatementType.java
federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/newmodel/saml/v2/assertion/AuthzDecisionStatementType.java
federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/newmodel/saml/v2/assertion/NameIDType.java
federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/newmodel/saml/v2/assertion/SubjectType.java
federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/newmodel/saml/v2/protocol/ResponseType.java
Log:
updated saml object model
Modified: federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/newmodel/saml/v2/assertion/AssertionType.java
===================================================================
--- federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/newmodel/saml/v2/assertion/AssertionType.java 2010-11-30 00:32:39 UTC (rev 567)
+++ federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/newmodel/saml/v2/assertion/AssertionType.java 2010-11-30 16:03:56 UTC (rev 568)
@@ -65,6 +65,8 @@
private AdviceType advice;
private NameIDType issuer;
+
+ private SubjectType subject;
private ConditionsType conditions;
@@ -82,6 +84,16 @@
return ID;
}
+ public SubjectType getSubject()
+ {
+ return subject;
+ }
+
+ public void setSubject(SubjectType subject)
+ {
+ this.subject = subject;
+ }
+
public XMLGregorianCalendar getIssueInstant()
{
return issueInstant;
Modified: federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/newmodel/saml/v2/assertion/AttributeStatementType.java
===================================================================
--- federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/newmodel/saml/v2/assertion/AttributeStatementType.java 2010-11-30 00:32:39 UTC (rev 567)
+++ federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/newmodel/saml/v2/assertion/AttributeStatementType.java 2010-11-30 16:03:56 UTC (rev 568)
@@ -51,9 +51,9 @@
public class AttributeStatementType
extends StatementAbstractType
{
- protected List<ChoiceType> attributes = new ArrayList<ChoiceType>();
+ protected List<ASTChoiceType> attributes = new ArrayList<ASTChoiceType>();
- public void addAttribute( ChoiceType attribute )
+ public void addAttribute( ASTChoiceType attribute )
{
attributes.add( attribute );
}
@@ -61,22 +61,22 @@
/**
* Gets the attributes.
*/
- public List<ChoiceType> getAttributes()
+ public List<ASTChoiceType> getAttributes()
{
return Collections.unmodifiableList( this.attributes );
}
- public static class ChoiceType
+ public static class ASTChoiceType
{
private AttributeType attribute;
private EncryptedElementType encryptedAssertion;
- public ChoiceType(AttributeType attribute)
+ public ASTChoiceType(AttributeType attribute)
{
super();
this.attribute = attribute;
}
- public ChoiceType(EncryptedElementType encryptedAssertion)
+ public ASTChoiceType(EncryptedElementType encryptedAssertion)
{
super();
this.encryptedAssertion = encryptedAssertion;
Modified: federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/newmodel/saml/v2/assertion/AuthzDecisionStatementType.java
===================================================================
--- federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/newmodel/saml/v2/assertion/AuthzDecisionStatementType.java 2010-11-30 00:32:39 UTC (rev 567)
+++ federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/newmodel/saml/v2/assertion/AuthzDecisionStatementType.java 2010-11-30 16:03:56 UTC (rev 568)
@@ -22,6 +22,7 @@
package org.picketlink.identity.federation.newmodel.saml.v2.assertion;
import java.util.ArrayList;
+import java.util.Collections;
import java.util.List;
@@ -51,39 +52,23 @@
extends StatementAbstractType
{
- protected List<ActionType> action;
+ protected List<ActionType> action = new ArrayList<ActionType>();
protected EvidenceType evidence;
protected String resource;
protected DecisionType decision;
/**
- * Gets the value of the action property.
- *
- * <p>
- * This accessor method returns a reference to the live list,
- * not a snapshot. Therefore any modification you make to the
- * returned list will be present inside the JAXB object.
- * This is why there is not a <CODE>set</CODE> method for the action property.
- *
- * <p>
- * For example, to add a new item, do as follows:
- * <pre>
- * getAction().add(newItem);
- * </pre>
- *
- *
- * <p>
- * Objects of the following type(s) are allowed in the list
- * {@link ActionType }
- *
- *
+ * Gets the value of the action property.
*/
- public List<ActionType> getAction() {
- if (action == null) {
- action = new ArrayList<ActionType>();
- }
- return this.action;
+ public List<ActionType> getAction()
+ {
+ return Collections.unmodifiableList( this.action );
}
+
+ public void addAction( ActionType actionType )
+ {
+ action.add(actionType);
+ }
/**
* Gets the value of the evidence property.
Modified: federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/newmodel/saml/v2/assertion/NameIDType.java
===================================================================
--- federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/newmodel/saml/v2/assertion/NameIDType.java 2010-11-30 00:32:39 UTC (rev 567)
+++ federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/newmodel/saml/v2/assertion/NameIDType.java 2010-11-30 16:03:56 UTC (rev 568)
@@ -47,10 +47,19 @@
</attributeGroup>
*/
+ private String value;
+ private URI format;
+ private String sPProvidedID;
- private URI format;
- private String sPProvidedID;
-
+ public String getValue()
+ {
+ return value;
+ }
+ public void setValue(String value)
+ {
+ this.value = value;
+ }
+
public String getsPProvidedID()
{
return sPProvidedID;
Modified: federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/newmodel/saml/v2/assertion/SubjectType.java
===================================================================
--- federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/newmodel/saml/v2/assertion/SubjectType.java 2010-11-30 00:32:39 UTC (rev 567)
+++ federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/newmodel/saml/v2/assertion/SubjectType.java 2010-11-30 16:03:56 UTC (rev 568)
@@ -58,14 +58,14 @@
{
protected List<SubjectConfirmationType> subjectConfirmation = new ArrayList<SubjectConfirmationType>();
- protected SubType subType;
+ protected STSubType subType;
- public SubType getSubType()
+ public STSubType getSubType()
{
return subType;
}
- public void setSubType(SubType subType)
+ public void setSubType(STSubType subType)
{
this.subType = subType;
}
@@ -85,9 +85,11 @@
subjectConfirmation.add( con );
}
- public static class SubType
+ public static class STSubType
{
private BaseIDAbstractType baseID;
+
+ private EncryptedElementType encryptedID;
protected List<SubjectConfirmationType> subjectConfirmation = new ArrayList<SubjectConfirmationType>();
@@ -99,8 +101,18 @@
public BaseIDAbstractType getBaseID()
{
return baseID;
+ }
+
+ public EncryptedElementType getEncryptedID()
+ {
+ return encryptedID;
}
+ public void setEncryptedID(EncryptedElementType encryptedID)
+ {
+ this.encryptedID = encryptedID;
+ }
+
public void addConfirmation( SubjectConfirmationType con )
{
subjectConfirmation.add( con );
Added: federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/newmodel/saml/v2/profiles/xacml/assertion/XACMLAuthzDecisionStatementType.java
===================================================================
--- federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/newmodel/saml/v2/profiles/xacml/assertion/XACMLAuthzDecisionStatementType.java (rev 0)
+++ federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/newmodel/saml/v2/profiles/xacml/assertion/XACMLAuthzDecisionStatementType.java 2010-11-30 16:03:56 UTC (rev 568)
@@ -0,0 +1,102 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2008, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.picketlink.identity.federation.newmodel.saml.v2.profiles.xacml.assertion;
+
+import org.jboss.security.xacml.core.model.context.RequestType;
+import org.jboss.security.xacml.core.model.context.ResponseType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.StatementAbstractType;
+
+
+/**
+ * <p>Java class for XACMLAuthzDecisionStatementType complex type.
+ *
+ * <p>The following schema fragment specifies the expected content contained within this class.
+ *
+ * <pre>
+ * <complexType name="XACMLAuthzDecisionStatementType">
+ * <complexContent>
+ * <extension base="{urn:oasis:names:tc:SAML:2.0:assertion}StatementAbstractType">
+ * <sequence>
+ * <element ref="{urn:oasis:names:tc:xacml:2.0:context:schema:os}Response"/>
+ * <element ref="{urn:oasis:names:tc:xacml:2.0:context:schema:os}Request" minOccurs="0"/>
+ * </sequence>
+ * </extension>
+ * </complexContent>
+ * </complexType>
+ * </pre>
+ *
+ *
+ */
+public class XACMLAuthzDecisionStatementType
+ extends StatementAbstractType
+{
+ protected ResponseType response;
+ protected RequestType request;
+
+ /**
+ * Gets the value of the response property.
+ *
+ * @return
+ * possible object is
+ * {@link ResponseType }
+ *
+ */
+ public ResponseType getResponse() {
+ return response;
+ }
+
+ /**
+ * Sets the value of the response property.
+ *
+ * @param value
+ * allowed object is
+ * {@link ResponseType }
+ *
+ */
+ public void setResponse(ResponseType value) {
+ this.response = value;
+ }
+
+ /**
+ * Gets the value of the request property.
+ *
+ * @return
+ * possible object is
+ * {@link RequestType }
+ *
+ */
+ public RequestType getRequest() {
+ return request;
+ }
+
+ /**
+ * Sets the value of the request property.
+ *
+ * @param value
+ * allowed object is
+ * {@link RequestType }
+ *
+ */
+ public void setRequest(RequestType value) {
+ this.request = value;
+ }
+}
\ No newline at end of file
Added: federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/newmodel/saml/v2/profiles/xacml/assertion/XACMLPolicyStatementType.java
===================================================================
--- federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/newmodel/saml/v2/profiles/xacml/assertion/XACMLPolicyStatementType.java (rev 0)
+++ federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/newmodel/saml/v2/profiles/xacml/assertion/XACMLPolicyStatementType.java 2010-11-30 16:03:56 UTC (rev 568)
@@ -0,0 +1,91 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2008, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.picketlink.identity.federation.newmodel.saml.v2.profiles.xacml.assertion;
+
+import java.util.ArrayList;
+import java.util.List;
+
+import org.jboss.security.xacml.core.model.policy.PolicySetType;
+import org.jboss.security.xacml.core.model.policy.PolicyType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.StatementAbstractType;
+
+/**
+ * <p>Java class for XACMLPolicyStatementType complex type.
+ *
+ * <p>The following schema fragment specifies the expected content contained within this class.
+ *
+ * <pre>
+ * <complexType name="XACMLPolicyStatementType">
+ * <complexContent>
+ * <extension base="{urn:oasis:names:tc:SAML:2.0:assertion}StatementAbstractType">
+ * <choice maxOccurs="unbounded" minOccurs="0">
+ * <element ref="{urn:oasis:names:tc:xacml:2.0:policy:schema:os}Policy"/>
+ * <element ref="{urn:oasis:names:tc:xacml:2.0:policy:schema:os}PolicySet"/>
+ * </choice>
+ * </extension>
+ * </complexContent>
+ * </complexType>
+ * </pre>
+ *
+ *
+ */
+public class XACMLPolicyStatementType
+ extends StatementAbstractType
+{
+ public static class ChoiceType
+ {
+ private PolicyType policy;
+ private PolicySetType policySet;
+ public PolicyType getPolicy()
+ {
+ return policy;
+ }
+ public void setPolicy(PolicyType policy)
+ {
+ this.policy = policy;
+ }
+ public PolicySetType getPolicySet()
+ {
+ return policySet;
+ }
+ public void setPolicySet(PolicySetType policySet)
+ {
+ this.policySet = policySet;
+ }
+ }
+
+ protected List<ChoiceType> choiceTypeList = new ArrayList<ChoiceType>();
+
+ public void add(ChoiceType choice )
+ {
+ choiceTypeList.add(choice);
+ }
+
+ /**
+ * Gets the value of the choiceTypeList property.
+ */
+ public List<ChoiceType> getChoiceType()
+ {
+ return choiceTypeList;
+ }
+
+}
\ No newline at end of file
Added: federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/newmodel/saml/v2/profiles/xacml/protocol/XACMLAuthzDecisionQueryType.java
===================================================================
--- federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/newmodel/saml/v2/profiles/xacml/protocol/XACMLAuthzDecisionQueryType.java (rev 0)
+++ federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/newmodel/saml/v2/profiles/xacml/protocol/XACMLAuthzDecisionQueryType.java 2010-11-30 16:03:56 UTC (rev 568)
@@ -0,0 +1,136 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2008, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.picketlink.identity.federation.newmodel.saml.v2.profiles.xacml.protocol;
+
+import org.jboss.security.xacml.core.model.context.RequestType;
+import org.picketlink.identity.federation.newmodel.saml.v2.protocol.RequestAbstractType;
+
+
+/**
+ * <p>Java class for XACMLAuthzDecisionQueryType complex type.
+ *
+ * <p>The following schema fragment specifies the expected content contained within this class.
+ *
+ * <pre>
+ * <complexType name="XACMLAuthzDecisionQueryType">
+ * <complexContent>
+ * <extension base="{urn:oasis:names:tc:SAML:2.0:protocol}RequestAbstractType">
+ * <sequence>
+ * <element ref="{urn:oasis:names:tc:xacml:2.0:context:schema:os}Request"/>
+ * </sequence>
+ * <attribute name="InputContextOnly" type="{http://www.w3.org/2001/XMLSchema}boolean" default="false" />
+ * <attribute name="ReturnContext" type="{http://www.w3.org/2001/XMLSchema}boolean" default="false" />
+ * </extension>
+ * </complexContent>
+ * </complexType>
+ * </pre>
+ *
+ *
+ */
+public class XACMLAuthzDecisionQueryType
+ extends RequestAbstractType
+{
+ protected RequestType request;
+ protected Boolean inputContextOnly;
+ protected Boolean returnContext;
+
+ /**
+ * Gets the value of the request property.
+ *
+ * @return
+ * possible object is
+ * {@link RequestType }
+ *
+ */
+ public RequestType getRequest() {
+ return request;
+ }
+
+ /**
+ * Sets the value of the request property.
+ *
+ * @param value
+ * allowed object is
+ * {@link RequestType }
+ *
+ */
+ public void setRequest(RequestType value) {
+ this.request = value;
+ }
+
+ /**
+ * Gets the value of the inputContextOnly property.
+ *
+ * @return
+ * possible object is
+ * {@link Boolean }
+ *
+ */
+ public boolean isInputContextOnly() {
+ if (inputContextOnly == null) {
+ return false;
+ } else {
+ return inputContextOnly;
+ }
+ }
+
+ /**
+ * Sets the value of the inputContextOnly property.
+ *
+ * @param value
+ * allowed object is
+ * {@link Boolean }
+ *
+ */
+ public void setInputContextOnly(Boolean value) {
+ this.inputContextOnly = value;
+ }
+
+ /**
+ * Gets the value of the returnContext property.
+ *
+ * @return
+ * possible object is
+ * {@link Boolean }
+ *
+ */
+ public boolean isReturnContext() {
+ if (returnContext == null) {
+ return false;
+ } else {
+ return returnContext;
+ }
+ }
+
+ /**
+ * Sets the value of the returnContext property.
+ *
+ * @param value
+ * allowed object is
+ * {@link Boolean }
+ *
+ */
+ public void setReturnContext(Boolean value) {
+ this.returnContext = value;
+ }
+
+}
\ No newline at end of file
Added: federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/newmodel/saml/v2/profiles/xacml/protocol/XACMLPolicyQueryType.java
===================================================================
--- federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/newmodel/saml/v2/profiles/xacml/protocol/XACMLPolicyQueryType.java (rev 0)
+++ federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/newmodel/saml/v2/profiles/xacml/protocol/XACMLPolicyQueryType.java 2010-11-30 16:03:56 UTC (rev 568)
@@ -0,0 +1,108 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2008, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.picketlink.identity.federation.newmodel.saml.v2.profiles.xacml.protocol;
+
+import org.jboss.security.xacml.core.model.context.RequestType;
+import org.jboss.security.xacml.core.model.policy.IdReferenceType;
+import org.jboss.security.xacml.core.model.policy.TargetType;
+import org.picketlink.identity.federation.newmodel.saml.v2.protocol.RequestAbstractType;
+
+
+/**
+ * <p>Java class for XACMLPolicyQueryType complex type.
+ *
+ * <p>The following schema fragment specifies the expected content contained within this class.
+ *
+ * <pre>
+ * <complexType name="XACMLPolicyQueryType">
+ * <complexContent>
+ * <extension base="{urn:oasis:names:tc:SAML:2.0:protocol}RequestAbstractType">
+ * <choice maxOccurs="unbounded" minOccurs="0">
+ * <element ref="{urn:oasis:names:tc:xacml:2.0:context:schema:os}Request"/>
+ * <element ref="{urn:oasis:names:tc:xacml:2.0:policy:schema:os}Target"/>
+ * <element ref="{urn:oasis:names:tc:xacml:2.0:policy:schema:os}PolicySetIdReference"/>
+ * <element ref="{urn:oasis:names:tc:xacml:2.0:policy:schema:os}PolicyIdReference"/>
+ * </choice>
+ * </extension>
+ * </complexContent>
+ * </complexType>
+ * </pre>
+ *
+ *
+ */
+public class XACMLPolicyQueryType
+ extends RequestAbstractType
+{
+ public static class ChoiceType
+ {
+ private RequestType request;
+ private TargetType target;
+ private IdReferenceType policySetIDReference;
+ private IdReferenceType policyIdReference;
+ public RequestType getRequest()
+ {
+ return request;
+ }
+ public void setRequest(RequestType request)
+ {
+ this.request = request;
+ }
+ public TargetType getTarget()
+ {
+ return target;
+ }
+ public void setTarget(TargetType target)
+ {
+ this.target = target;
+ }
+ public IdReferenceType getPolicySetIDReference()
+ {
+ return policySetIDReference;
+ }
+ public void setPolicySetIDReference(IdReferenceType policySetIDReference)
+ {
+ this.policySetIDReference = policySetIDReference;
+ }
+ public IdReferenceType getPolicyIdReference()
+ {
+ return policyIdReference;
+ }
+ public void setPolicyIdReference(IdReferenceType policyIdReference)
+ {
+ this.policyIdReference = policyIdReference;
+ }
+ }
+
+ protected ChoiceType choiceType;
+
+
+
+ public ChoiceType getChoiceType()
+ {
+ return choiceType;
+ }
+
+ public void setChoiceType(ChoiceType choiceType)
+ {
+ this.choiceType = choiceType;
+ }
+}
\ No newline at end of file
Modified: federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/newmodel/saml/v2/protocol/ResponseType.java
===================================================================
--- federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/newmodel/saml/v2/protocol/ResponseType.java 2010-11-30 00:32:39 UTC (rev 567)
+++ federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/newmodel/saml/v2/protocol/ResponseType.java 2010-11-30 16:03:56 UTC (rev 568)
@@ -25,8 +25,8 @@
import java.util.Collections;
import java.util.List;
-import org.picketlink.identity.federation.newmodel.saml.v2.assertion.EncryptedAssertionType;
-import org.picketlink.identity.federation.saml.v2.assertion.AssertionType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AssertionType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.EncryptedAssertionType;
/**
* <p>Java class for ResponseType complex type.
@@ -51,9 +51,9 @@
public class ResponseType
extends StatusResponseType
{
- protected List<ChoiceType> assertions = new ArrayList<ResponseType.ChoiceType>();
+ protected List<RTChoiceType> assertions = new ArrayList<ResponseType.RTChoiceType>();
- public void addAssertion( ChoiceType choice )
+ public void addAssertion( RTChoiceType choice )
{
assertions.add(choice);
}
@@ -61,20 +61,20 @@
/**
* Gets a read only list of assertions
*/
- public List<ChoiceType> getAssertions()
+ public List<RTChoiceType> getAssertions()
{
return Collections.unmodifiableList( assertions );
}
- public static class ChoiceType
+ public static class RTChoiceType
{
private AssertionType assertion;
private EncryptedAssertionType encryptedAssertion;
- public ChoiceType(AssertionType assertion)
+ public RTChoiceType(AssertionType assertion)
{
this.assertion = assertion;
}
- public ChoiceType(EncryptedAssertionType encryptedAssertion)
+ public RTChoiceType(EncryptedAssertionType encryptedAssertion)
{
this.encryptedAssertion = encryptedAssertion;
}
14 years, 1 month
Picketlink SVN: r567 - in federation/trunk: picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/wsa and 9 other directories.
by picketlink-commits@lists.jboss.org
Author: sguilhen(a)redhat.com
Date: 2010-11-29 19:32:39 -0500 (Mon, 29 Nov 2010)
New Revision: 567
Added:
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/writers/WSTrustRequestWriter.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/writers/WSTrustResponseWriter.java
federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/ws/trust/ComputedKeyType.java
Removed:
federation/trunk/picketlink-fed-api/src/test/java/org/picketlink/test/identity/federation/api/wstrust/
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/WSTrustJAXBFactory.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/writers/WSTrustRSTWriter.java
federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/WST_SAML_ParsingPerfTestCase.java
federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/wstrust/STSClientUnitTestCase.java
federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/wstrust/WSTrustJAXBFactoryUnitTestCase.java
Modified:
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/wsa/WSAddressingParser.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/wst/WSTRequestSecurityTokenParser.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/wst/WSTRequestSecurityTokenResponseParser.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/wst/WSTrustOnBehalfOfParser.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/util/StaxUtil.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/util/TransformerUtil.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/util/XMLSignatureUtil.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/PicketLinkSTS.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/STSClient.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/StandardRequestHandler.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/WSTrustConstants.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/WSTrustUtil.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/plugins/saml/SAML20TokenProvider.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/writers/WSPolicyWriter.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/writers/WSSecurityWriter.java
federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/wst/WSTResponseAssertionHOKCertificateTestCase.java
federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/wst/WSTrustBatchValidateParsingTestCase.java
federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/wst/WSTrustCancelTargetSamlTestCase.java
federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/wst/WSTrustIssueAppliesToTestCase.java
federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/wst/WSTrustIssuePublicCertificateTestCase.java
federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/wst/WSTrustIssuePublicKeyTestCase.java
federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/wst/WSTrustIssueSymmetricKeyTestCase.java
federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/wst/WSTrustIssueTestCase.java
federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/wst/WSTrustOnBehalfOfTestCase.java
federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/wstrust/PicketLinkSTSUnitTestCase.java
federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/wstrust/SAML20TokenProviderUnitTestCase.java
federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/wstrust/SpecialTokenProvider.java
Log:
PLFED-119: Stax is now used to write/parse WS-Trust response messages.
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/wsa/WSAddressingParser.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/wsa/WSAddressingParser.java 2010-11-25 22:20:20 UTC (rev 566)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/wsa/WSAddressingParser.java 2010-11-30 00:32:39 UTC (rev 567)
@@ -34,7 +34,6 @@
import org.picketlink.identity.federation.core.wstrust.WSTrustConstants;
import org.picketlink.identity.federation.ws.addressing.AttributedURIType;
import org.picketlink.identity.federation.ws.addressing.EndpointReferenceType;
-import org.picketlink.identity.federation.ws.addressing.ObjectFactory;
/**
* <p>
@@ -87,7 +86,7 @@
EndElement endElement = (EndElement)xmlEvent;
StaxParserUtil.validate( endElement, ENDPOINT_REFERENCE );
- return new ObjectFactory().createEndpointReference( reference );
+ return reference;
}
}
else
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/wst/WSTRequestSecurityTokenParser.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/wst/WSTRequestSecurityTokenParser.java 2010-11-25 22:20:20 UTC (rev 566)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/wst/WSTRequestSecurityTokenParser.java 2010-11-30 00:32:39 UTC (rev 567)
@@ -142,7 +142,7 @@
EndElement validateTargetEndElement = StaxParserUtil.getNextEndElement(xmlEventReader);
StaxParserUtil.validate( validateTargetEndElement, WSTrustConstants.RENEW_TARGET ) ;
}
- else if( tag.equals( WSTrustConstants.On_BEHALF_OF ))
+ else if( tag.equals( WSTrustConstants.ON_BEHALF_OF ))
{
subEvent = StaxParserUtil.getNextStartElement(xmlEventReader);
@@ -150,7 +150,7 @@
OnBehalfOfType onBehalfOf = (OnBehalfOfType) wstOnBehalfOfParser.parse(xmlEventReader);
requestToken.setOnBehalfOf(onBehalfOf);
EndElement onBehalfOfEndElement = StaxParserUtil.getNextEndElement(xmlEventReader);
- StaxParserUtil.validate( onBehalfOfEndElement, WSTrustConstants.On_BEHALF_OF ) ;
+ StaxParserUtil.validate( onBehalfOfEndElement, WSTrustConstants.ON_BEHALF_OF ) ;
}
else if( tag.equals( WSTrustConstants.KEY_TYPE ))
{
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/wst/WSTRequestSecurityTokenResponseParser.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/wst/WSTRequestSecurityTokenResponseParser.java 2010-11-25 22:20:20 UTC (rev 566)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/wst/WSTRequestSecurityTokenResponseParser.java 2010-11-30 00:32:39 UTC (rev 567)
@@ -1,23 +1,19 @@
/*
- * JBoss, Home of Professional Open Source.
- * Copyright 2008, Red Hat Middleware LLC, and individual contributors
- * as indicated by the @author tags. See the copyright.txt file in the
- * distribution for a full listing of individual contributors.
- *
- * This is free software; you can redistribute it and/or modify it
- * under the terms of the GNU Lesser General Public License as
- * published by the Free Software Foundation; either version 2.1 of
- * the License, or (at your option) any later version.
- *
- * This software is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public
- * License along with this software; if not, write to the Free
- * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
- * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ * JBoss, Home of Professional Open Source. Copyright 2008, Red Hat Middleware LLC, and individual contributors as
+ * indicated by the @author tags. See the copyright.txt file in the distribution for a full listing of individual
+ * contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either version 2.1 of the License, or (at your option) any
+ * later version.
+ *
+ * This software is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied
+ * warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
+ * details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License along with this software; if not, write to
+ * the Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA, or see the FSF site:
+ * http://www.fsf.org.
*/
package org.picketlink.identity.federation.core.parsers.wst;
@@ -34,20 +30,22 @@
import org.picketlink.identity.federation.core.exceptions.ParsingException;
import org.picketlink.identity.federation.core.parsers.ParserController;
import org.picketlink.identity.federation.core.parsers.ParserNamespaceSupport;
-import org.picketlink.identity.federation.core.parsers.saml.SAMLAssertionParser;
import org.picketlink.identity.federation.core.parsers.util.StaxParserUtil;
import org.picketlink.identity.federation.core.parsers.wsse.WSSecurityParser;
-import org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLConstants;
import org.picketlink.identity.federation.core.wstrust.WSTrustConstants;
import org.picketlink.identity.federation.core.wstrust.wrappers.Lifetime;
import org.picketlink.identity.federation.core.wstrust.wrappers.RequestSecurityTokenResponse;
import org.picketlink.identity.federation.ws.policy.AppliesTo;
import org.picketlink.identity.federation.ws.trust.BinarySecretType;
+import org.picketlink.identity.federation.ws.trust.ComputedKeyType;
import org.picketlink.identity.federation.ws.trust.EntropyType;
import org.picketlink.identity.federation.ws.trust.LifetimeType;
import org.picketlink.identity.federation.ws.trust.OnBehalfOfType;
+import org.picketlink.identity.federation.ws.trust.RequestedProofTokenType;
import org.picketlink.identity.federation.ws.trust.RequestedReferenceType;
import org.picketlink.identity.federation.ws.trust.RequestedSecurityTokenType;
+import org.picketlink.identity.federation.ws.trust.RequestedTokenCancelledType;
+import org.picketlink.identity.federation.ws.trust.StatusType;
import org.picketlink.identity.federation.ws.trust.UseKeyType;
import org.picketlink.identity.federation.ws.wss.secext.SecurityTokenReferenceType;
import org.picketlink.identity.federation.ws.wss.utility.AttributedDateTime;
@@ -55,12 +53,14 @@
/**
* Parse the WS-Trust RequestSecurityToken
+ *
* @author Anil.Saldhana(a)redhat.com
* @since Oct 11, 2010
*/
public class WSTRequestSecurityTokenResponseParser implements ParserNamespaceSupport
-{
+{
public static final String X509CERTIFICATE = "X509Certificate";
+
public static final String KEYVALUE = "KeyValue";
public static final String JDK_TRANSFORMER_PROPERTY = "picketlink.jdk.transformer";
@@ -69,203 +69,238 @@
* @see {@link ParserNamespaceSupport#parse(XMLEventReader)}
*/
public Object parse(XMLEventReader xmlEventReader) throws ParsingException
- {
- StartElement startElement = StaxParserUtil.getNextStartElement( xmlEventReader );
+ {
+ StartElement startElement = StaxParserUtil.getNextStartElement(xmlEventReader);
RequestSecurityTokenResponse responseToken = new RequestSecurityTokenResponse();
- QName contextQName = new QName( "", WSTrustConstants.RST_CONTEXT );
- Attribute contextAttribute = startElement.getAttributeByName( contextQName );
- String contextValue = StaxParserUtil.getAttributeValue( contextAttribute );
- responseToken.setContext( contextValue );
+ QName contextQName = new QName("", WSTrustConstants.RST_CONTEXT);
+ Attribute contextAttribute = startElement.getAttributeByName(contextQName);
+ String contextValue = StaxParserUtil.getAttributeValue(contextAttribute);
+ responseToken.setContext(contextValue);
- while( xmlEventReader.hasNext() )
+ while (xmlEventReader.hasNext())
{
- XMLEvent xmlEvent = StaxParserUtil.peek( xmlEventReader );
- if( xmlEvent == null )
+ XMLEvent xmlEvent = StaxParserUtil.peek(xmlEventReader);
+ if (xmlEvent == null)
break;
- if( xmlEvent instanceof EndElement )
+ if (xmlEvent instanceof EndElement)
{
- xmlEvent = StaxParserUtil.getNextEvent( xmlEventReader );
+ xmlEvent = StaxParserUtil.getNextEvent(xmlEventReader);
EndElement endElement = (EndElement) xmlEvent;
- String endElementTag = StaxParserUtil.getEndElementName( endElement );
- if( endElementTag.equals( WSTrustConstants.RSTR ) )
+ String endElementTag = StaxParserUtil.getEndElementName(endElement);
+ if (endElementTag.equals(WSTrustConstants.RSTR))
break;
}
try
{
- StartElement subEvent = StaxParserUtil.peekNextStartElement( xmlEventReader );
- if( subEvent == null )
+ StartElement subEvent = StaxParserUtil.peekNextStartElement(xmlEventReader);
+ if (subEvent == null)
break;
- String tag = StaxParserUtil.getStartElementName( subEvent );
- if( tag.equals( WSTrustConstants.REQUEST_TYPE ))
- {
+ String tag = StaxParserUtil.getStartElementName(subEvent);
+ if (tag.equals(WSTrustConstants.REQUEST_TYPE))
+ {
subEvent = StaxParserUtil.getNextStartElement(xmlEventReader);
- if( !StaxParserUtil.hasTextAhead( xmlEventReader ))
- throw new ParsingException( "request type is expected ahead" );
+ if (!StaxParserUtil.hasTextAhead(xmlEventReader))
+ throw new ParsingException("request type is expected ahead");
String value = StaxParserUtil.getElementText(xmlEventReader);
- responseToken.setRequestType( new URI( value ));
+ responseToken.setRequestType(new URI(value));
}
- else if( tag.equals( WSTrustConstants.LIFETIME ))
+ else if (tag.equals(WSTrustConstants.LIFETIME))
{
subEvent = StaxParserUtil.getNextStartElement(xmlEventReader);
- StaxParserUtil.validate(subEvent, WSTrustConstants.LIFETIME );
-
-
+ StaxParserUtil.validate(subEvent, WSTrustConstants.LIFETIME);
+
LifetimeType lifeTime = new LifetimeType();
- //Get the Created
+ // Get the Created
subEvent = StaxParserUtil.getNextStartElement(xmlEventReader);
- String subTag = StaxParserUtil.getStartElementName( subEvent );
- if( subTag.equals( WSTrustConstants.CREATED ))
- {
+ String subTag = StaxParserUtil.getStartElementName(subEvent);
+ if (subTag.equals(WSTrustConstants.CREATED))
+ {
AttributedDateTime created = new AttributedDateTime();
- created.setValue( StaxParserUtil.getElementText(xmlEventReader) );
- lifeTime.setCreated( created );
+ created.setValue(StaxParserUtil.getElementText(xmlEventReader));
+ lifeTime.setCreated(created);
}
subEvent = StaxParserUtil.getNextStartElement(xmlEventReader);
- subTag = StaxParserUtil.getStartElementName( subEvent );
-
- if( subTag.equals( WSTrustConstants.EXPIRES ))
- {
+ subTag = StaxParserUtil.getStartElementName(subEvent);
+
+ if (subTag.equals(WSTrustConstants.EXPIRES))
+ {
AttributedDateTime expires = new AttributedDateTime();
- expires.setValue( StaxParserUtil.getElementText(xmlEventReader) );
- lifeTime.setExpires( expires );
- }
+ expires.setValue(StaxParserUtil.getElementText(xmlEventReader));
+ lifeTime.setExpires(expires);
+ }
else
- throw new RuntimeException( subTag + " was unexpected" );
-
- responseToken.setLifetime( new Lifetime( lifeTime ));
+ throw new RuntimeException(subTag + " was unexpected");
+
+ responseToken.setLifetime(new Lifetime(lifeTime));
EndElement lifeTimeElement = StaxParserUtil.getNextEndElement(xmlEventReader);
- StaxParserUtil.validate( lifeTimeElement, WSTrustConstants.LIFETIME ) ;
+ StaxParserUtil.validate(lifeTimeElement, WSTrustConstants.LIFETIME);
}
- else if( tag.equals( WSTrustConstants.TOKEN_TYPE ))
+ else if (tag.equals(WSTrustConstants.TOKEN_TYPE))
{
subEvent = StaxParserUtil.getNextStartElement(xmlEventReader);
- if( !StaxParserUtil.hasTextAhead( xmlEventReader ))
- throw new ParsingException( "token type is expected ahead" );
+ if (!StaxParserUtil.hasTextAhead(xmlEventReader))
+ throw new ParsingException("token type is expected ahead");
String value = StaxParserUtil.getElementText(xmlEventReader);
- responseToken.setTokenType( new URI( value ));
- }
- else if( tag.equals( WSTrustConstants.On_BEHALF_OF ))
+ responseToken.setTokenType(new URI(value));
+ }
+ else if (tag.equals(WSTrustConstants.ON_BEHALF_OF))
{
subEvent = StaxParserUtil.getNextStartElement(xmlEventReader);
- WSTrustOnBehalfOfParser wstOnBehalfOfParser = new WSTrustOnBehalfOfParser();
- OnBehalfOfType onBehalfOf = (OnBehalfOfType) wstOnBehalfOfParser.parse(xmlEventReader);
+ WSTrustOnBehalfOfParser wstOnBehalfOfParser = new WSTrustOnBehalfOfParser();
+ OnBehalfOfType onBehalfOf = (OnBehalfOfType) wstOnBehalfOfParser.parse(xmlEventReader);
responseToken.setOnBehalfOf(onBehalfOf);
EndElement onBehalfOfEndElement = StaxParserUtil.getNextEndElement(xmlEventReader);
- StaxParserUtil.validate( onBehalfOfEndElement, WSTrustConstants.On_BEHALF_OF ) ;
- }
- else if( tag.equals( WSTrustConstants.KEY_TYPE ))
+ StaxParserUtil.validate(onBehalfOfEndElement, WSTrustConstants.ON_BEHALF_OF);
+ }
+ else if (tag.equals(WSTrustConstants.KEY_TYPE))
{
subEvent = StaxParserUtil.getNextStartElement(xmlEventReader);
- if( !StaxParserUtil.hasTextAhead( xmlEventReader ))
- throw new ParsingException( "key type is expected ahead" );
+ if (!StaxParserUtil.hasTextAhead(xmlEventReader))
+ throw new ParsingException("key type is expected ahead");
String keyType = StaxParserUtil.getElementText(xmlEventReader);
try
{
- URI keyTypeURI = new URI( keyType );
- responseToken.setKeyType( keyTypeURI );
+ URI keyTypeURI = new URI(keyType);
+ responseToken.setKeyType(keyTypeURI);
}
- catch( URISyntaxException e )
+ catch (URISyntaxException e)
{
- throw new ParsingException( e );
- }
- }
- else if( tag.equals( WSTrustConstants.KEY_SIZE ))
+ throw new ParsingException(e);
+ }
+ }
+ else if (tag.equals(WSTrustConstants.KEY_SIZE))
{
subEvent = StaxParserUtil.getNextStartElement(xmlEventReader);
- if( !StaxParserUtil.hasTextAhead( xmlEventReader ))
- throw new ParsingException( "key size is expected ahead" );
+ if (!StaxParserUtil.hasTextAhead(xmlEventReader))
+ throw new ParsingException("key size is expected ahead");
String keySize = StaxParserUtil.getElementText(xmlEventReader);
try
- {
- responseToken.setKeySize(Long.parseLong( keySize ));
+ {
+ responseToken.setKeySize(Long.parseLong(keySize));
}
- catch( NumberFormatException e )
+ catch (NumberFormatException e)
{
- throw new ParsingException( e );
- }
- }
- else if( tag.equals( WSTrustConstants.ENTROPY ))
+ throw new ParsingException(e);
+ }
+ }
+ else if (tag.equals(WSTrustConstants.ENTROPY))
{
- subEvent = StaxParserUtil.getNextStartElement(xmlEventReader);
+ subEvent = StaxParserUtil.getNextStartElement(xmlEventReader);
EntropyType entropy = new EntropyType();
subEvent = StaxParserUtil.getNextStartElement(xmlEventReader);
- if( StaxParserUtil.matches(subEvent, WSTrustConstants.BINARY_SECRET ))
+ if (StaxParserUtil.matches(subEvent, WSTrustConstants.BINARY_SECRET))
{
BinarySecretType binarySecret = new BinarySecretType();
- Attribute typeAttribute = subEvent.getAttributeByName( new QName( "", "Type" ));
- binarySecret.setType( StaxParserUtil.getAttributeValue( typeAttribute ));
+ Attribute typeAttribute = subEvent.getAttributeByName(new QName("", "Type"));
+ binarySecret.setType(StaxParserUtil.getAttributeValue(typeAttribute));
- if( !StaxParserUtil.hasTextAhead( xmlEventReader ))
- throw new ParsingException( "binary secret value is expected ahead" );
+ if (!StaxParserUtil.hasTextAhead(xmlEventReader))
+ throw new ParsingException("binary secret value is expected ahead");
- binarySecret.setValue( StaxParserUtil.getElementText(xmlEventReader).getBytes() );
- entropy.getAny().add( binarySecret );
+ binarySecret.setValue(StaxParserUtil.getElementText(xmlEventReader).getBytes());
+ entropy.getAny().add(binarySecret);
}
responseToken.setEntropy(entropy);
}
- else if( tag.equals( WSTrustConstants.USE_KEY ))
+ else if (tag.equals(WSTrustConstants.USE_KEY))
{
- subEvent = StaxParserUtil.getNextStartElement(xmlEventReader);
- UseKeyType useKeyType = new UseKeyType();
- StaxParserUtil.validate( subEvent, WSTrustConstants.USE_KEY ) ;
+ subEvent = StaxParserUtil.getNextStartElement(xmlEventReader);
+ UseKeyType useKeyType = new UseKeyType();
+ StaxParserUtil.validate(subEvent, WSTrustConstants.USE_KEY);
- //We peek at the next start element as the stax source has to be in the START_ELEMENT mode
- subEvent = StaxParserUtil.peekNextStartElement(xmlEventReader);
- if( StaxParserUtil.matches(subEvent, X509CERTIFICATE ))
+ // We peek at the next start element as the stax source has to be in the START_ELEMENT mode
+ subEvent = StaxParserUtil.peekNextStartElement(xmlEventReader);
+ if (StaxParserUtil.matches(subEvent, X509CERTIFICATE))
{
Element domElement = StaxParserUtil.getDOMElement(xmlEventReader);
- //Element domElement = getX509CertificateAsDomElement( subEvent, xmlEventReader );
+ // Element domElement = getX509CertificateAsDomElement( subEvent, xmlEventReader );
- useKeyType.setAny( domElement );
- responseToken.setUseKey( useKeyType );
- }
- else if( StaxParserUtil.matches(subEvent, KEYVALUE ))
+ useKeyType.setAny(domElement);
+ responseToken.setUseKey(useKeyType);
+ }
+ else if (StaxParserUtil.matches(subEvent, KEYVALUE))
{
- //Element domElement = getKeyValueAsDomElement( subEvent, xmlEventReader );
- Element domElement = StaxParserUtil.getDOMElement(xmlEventReader);//
- useKeyType.setAny( domElement );
- responseToken.setUseKey( useKeyType );
+ Element domElement = StaxParserUtil.getDOMElement(xmlEventReader);
+ useKeyType.setAny(domElement);
+ responseToken.setUseKey(useKeyType);
}
- else throw new RuntimeException( "unsupported " + StaxParserUtil.getStartElementName( subEvent ));
+ else
+ throw new RuntimeException("unsupported " + StaxParserUtil.getStartElementName(subEvent));
}
- else if( tag.equals( WSTrustConstants.REQUESTED_TOKEN ))
- {
- responseToken.setRequestedSecurityToken( parseRequestedSecurityTokenType(xmlEventReader) );
+ else if (tag.equals(WSTrustConstants.REQUESTED_TOKEN_CANCELLED))
+ {
+ StaxParserUtil.getNextEndElement(xmlEventReader);
+ responseToken.setRequestedTokenCancelled(new RequestedTokenCancelledType());
}
- else if( tag.equals( WSTrustConstants.REQUESTED_ATTACHED_REFERENCE ))
+ else if (tag.equals(WSTrustConstants.REQUESTED_PROOF_TOKEN))
{
- responseToken.setRequestedAttachedReference( parseRequestedReference(xmlEventReader));
+ subEvent = StaxParserUtil.getNextStartElement(xmlEventReader);
+ RequestedProofTokenType requestedProofToken = new RequestedProofTokenType();
+ subEvent = StaxParserUtil.getNextStartElement(xmlEventReader);
+ if (StaxParserUtil.matches(subEvent, WSTrustConstants.BINARY_SECRET))
+ {
+ BinarySecretType binarySecret = new BinarySecretType();
+ Attribute typeAttribute = subEvent.getAttributeByName(new QName("", "Type"));
+ binarySecret.setType(StaxParserUtil.getAttributeValue(typeAttribute));
+
+ if (!StaxParserUtil.hasTextAhead(xmlEventReader))
+ throw new ParsingException("binary secret value is expected ahead");
+
+ binarySecret.setValue(StaxParserUtil.getElementText(xmlEventReader).getBytes());
+ requestedProofToken.setAny(binarySecret);
+ }
+ else if (StaxParserUtil.matches(subEvent, WSTrustConstants.COMPUTED_KEY))
+ {
+ ComputedKeyType computedKey = new ComputedKeyType();
+ if (!StaxParserUtil.hasTextAhead(xmlEventReader))
+ throw new ParsingException("computed key algorithm is expected ahead");
+ computedKey.setAlgorithm(StaxParserUtil.getElementText(xmlEventReader));
+ requestedProofToken.setAny(computedKey);
+ }
+ responseToken.setRequestedProofToken(requestedProofToken);
}
+ else if (tag.equals(WSTrustConstants.REQUESTED_TOKEN))
+ {
+ responseToken.setRequestedSecurityToken(parseRequestedSecurityTokenType(xmlEventReader));
+ }
+ else if (tag.equals(WSTrustConstants.REQUESTED_ATTACHED_REFERENCE))
+ {
+ responseToken.setRequestedAttachedReference(parseRequestedReference(xmlEventReader));
+ }
+ else if (tag.equals(WSTrustConstants.STATUS))
+ {
+ responseToken.setStatus(this.parseStatusType(xmlEventReader));
+ }
else
{
QName qname = subEvent.getName();
- ParserNamespaceSupport parser = ParserController.get( qname );
- if( parser == null )
- throw new RuntimeException( "Cannot parse " + qname );
+ ParserNamespaceSupport parser = ParserController.get(qname);
+ if (parser == null)
+ throw new RuntimeException("Cannot parse " + qname);
- Object parsedObject = parser.parse( xmlEventReader );
- if( parsedObject instanceof AppliesTo )
+ Object parsedObject = parser.parse(xmlEventReader);
+ if (parsedObject instanceof AppliesTo)
{
- responseToken.setAppliesTo( (AppliesTo) parsedObject );
+ responseToken.setAppliesTo((AppliesTo) parsedObject);
}
}
- }
+ }
catch (URISyntaxException e)
{
- throw new ParsingException( e );
- }
+ throw new ParsingException(e);
+ }
}
return responseToken;
@@ -275,28 +310,26 @@
* @see {@link ParserNamespaceSupport#supports(QName)}
*/
public boolean supports(QName qname)
- {
+ {
String nsURI = qname.getNamespaceURI();
String localPart = qname.getLocalPart();
- return WSTrustConstants.BASE_NAMESPACE.equals( nsURI )
- && WSTrustConstants.RST.equals( localPart );
- }
-
- private RequestedSecurityTokenType parseRequestedSecurityTokenType( XMLEventReader xmlEventReader ) throws ParsingException
+ return WSTrustConstants.BASE_NAMESPACE.equals(nsURI) && WSTrustConstants.RST.equals(localPart);
+ }
+
+ private StatusType parseStatusType(XMLEventReader xmlEventReader) throws ParsingException
{
- RequestedSecurityTokenType requestedSecurityTokenType = new RequestedSecurityTokenType();
-
+ StatusType status = new StatusType();
StartElement startElement = StaxParserUtil.getNextStartElement(xmlEventReader);
- StaxParserUtil.validate(startElement, WSTrustConstants.REQUESTED_TOKEN );
-
+ StaxParserUtil.validate(startElement, WSTrustConstants.STATUS);
+
XMLEvent xmlEvent = null;
- while( xmlEventReader.hasNext() )
+ while (xmlEventReader.hasNext())
{
xmlEvent = StaxParserUtil.peek(xmlEventReader);
- if( xmlEvent instanceof EndElement )
+ if (xmlEvent instanceof EndElement)
{
- if( StaxParserUtil.getEndElementName( (EndElement) xmlEvent ).equals( WSTrustConstants.REQUESTED_TOKEN ))
+ if (StaxParserUtil.getEndElementName((EndElement) xmlEvent).equals(WSTrustConstants.STATUS))
{
xmlEvent = StaxParserUtil.getNextEndElement(xmlEventReader);
break;
@@ -304,32 +337,71 @@
}
startElement = (StartElement) xmlEvent;
String tag = StaxParserUtil.getStartElementName(startElement);
-
- if( tag.equals( JBossSAMLConstants.ASSERTION.get() ))
+
+ if (tag.equals(WSTrustConstants.CODE))
{
- SAMLAssertionParser assertionParser = new SAMLAssertionParser();
- requestedSecurityTokenType.setAny( assertionParser.parse(xmlEventReader) );
+ startElement = StaxParserUtil.getNextStartElement(xmlEventReader);
+ StaxParserUtil.validate(startElement, WSTrustConstants.CODE);
+
+ if (!StaxParserUtil.hasTextAhead(xmlEventReader))
+ throw new ParsingException("Validation code is expected ahead");
+ status.setCode(StaxParserUtil.getElementText(xmlEventReader));
}
+ else if (tag.equals(WSTrustConstants.REASON))
+ {
+ startElement = StaxParserUtil.getNextStartElement(xmlEventReader);
+ StaxParserUtil.validate(startElement, WSTrustConstants.REASON);
+
+ if (!StaxParserUtil.hasTextAhead(xmlEventReader))
+ throw new ParsingException("Validation reason is expected ahead");
+ status.setReason(StaxParserUtil.getElementText(xmlEventReader));
+ }
}
-
+ return status;
+ }
+
+ private RequestedSecurityTokenType parseRequestedSecurityTokenType(XMLEventReader xmlEventReader)
+ throws ParsingException
+ {
+ RequestedSecurityTokenType requestedSecurityTokenType = new RequestedSecurityTokenType();
+
+ StartElement startElement = StaxParserUtil.getNextStartElement(xmlEventReader);
+ StaxParserUtil.validate(startElement, WSTrustConstants.REQUESTED_TOKEN);
+
+ XMLEvent xmlEvent = null;
+ while (xmlEventReader.hasNext())
+ {
+ xmlEvent = StaxParserUtil.peek(xmlEventReader);
+ if (xmlEvent instanceof EndElement)
+ {
+ if (StaxParserUtil.getEndElementName((EndElement) xmlEvent).equals(WSTrustConstants.REQUESTED_TOKEN))
+ {
+ xmlEvent = StaxParserUtil.getNextEndElement(xmlEventReader);
+ break;
+ }
+ }
+ Element tokenElement = StaxParserUtil.getDOMElement(xmlEventReader);
+ requestedSecurityTokenType.setAny(tokenElement);
+ }
+
return requestedSecurityTokenType;
}
-
- private RequestedReferenceType parseRequestedReference( XMLEventReader xmlEventReader ) throws ParsingException
+
+ private RequestedReferenceType parseRequestedReference(XMLEventReader xmlEventReader) throws ParsingException
{
StartElement startElement = StaxParserUtil.getNextStartElement(xmlEventReader);
- StaxParserUtil.validate(startElement, WSTrustConstants.REQUESTED_ATTACHED_REFERENCE );
-
+ StaxParserUtil.validate(startElement, WSTrustConstants.REQUESTED_ATTACHED_REFERENCE);
+
RequestedReferenceType ref = new RequestedReferenceType();
-
+
WSSecurityParser wsseParser = new WSSecurityParser();
SecurityTokenReferenceType secref = (SecurityTokenReferenceType) wsseParser.parse(xmlEventReader);
-
- ref.setSecurityTokenReference( secref );
-
+
+ ref.setSecurityTokenReference(secref);
+
EndElement endElement = StaxParserUtil.getNextEndElement(xmlEventReader);
- StaxParserUtil.validate(endElement, WSTrustConstants.REQUESTED_ATTACHED_REFERENCE );
-
- return ref;
+ StaxParserUtil.validate(endElement, WSTrustConstants.REQUESTED_ATTACHED_REFERENCE);
+
+ return ref;
}
}
\ No newline at end of file
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/wst/WSTrustOnBehalfOfParser.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/wst/WSTrustOnBehalfOfParser.java 2010-11-25 22:20:20 UTC (rev 566)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/wst/WSTrustOnBehalfOfParser.java 2010-11-30 00:32:39 UTC (rev 567)
@@ -70,6 +70,6 @@
String localPart = qname.getLocalPart();
return WSTrustConstants.BASE_NAMESPACE.equals( nsURI )
- && WSTrustConstants.On_BEHALF_OF.equals( localPart );
+ && WSTrustConstants.ON_BEHALF_OF.equals( localPart );
}
}
\ No newline at end of file
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/util/StaxUtil.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/util/StaxUtil.java 2010-11-25 22:20:20 UTC (rev 566)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/util/StaxUtil.java 2010-11-30 00:32:39 UTC (rev 567)
@@ -1,23 +1,19 @@
/*
- * JBoss, Home of Professional Open Source.
- * Copyright 2008, Red Hat Middleware LLC, and individual contributors
- * as indicated by the @author tags. See the copyright.txt file in the
- * distribution for a full listing of individual contributors.
- *
- * This is free software; you can redistribute it and/or modify it
- * under the terms of the GNU Lesser General Public License as
- * published by the Free Software Foundation; either version 2.1 of
- * the License, or (at your option) any later version.
- *
- * This software is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public
- * License along with this software; if not, write to the Free
- * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
- * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ * JBoss, Home of Professional Open Source. Copyright 2008, Red Hat Middleware LLC, and individual contributors as
+ * indicated by the @author tags. See the copyright.txt file in the distribution for a full listing of individual
+ * contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either version 2.1 of the License, or (at your option) any
+ * later version.
+ *
+ * This software is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied
+ * warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
+ * details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License along with this software; if not, write to
+ * the Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA, or see the FSF site:
+ * http://www.fsf.org.
*/
package org.picketlink.identity.federation.core.util;
@@ -40,19 +36,21 @@
/**
* Utility class that deals with StAX
+ *
* @author Anil.Saldhana(a)redhat.com
* @since Oct 19, 2010
*/
public class StaxUtil
-{
+{
private static ThreadLocal<Stack<String>> registeredNSStack = new ThreadLocal<Stack<String>>();
-
+
/**
* Flush the stream writer
+ *
* @param writer
* @throws ProcessingException
*/
- public static void flush( XMLStreamWriter writer ) throws ProcessingException
+ public static void flush(XMLStreamWriter writer) throws ProcessingException
{
try
{
@@ -60,48 +58,50 @@
}
catch (XMLStreamException e)
{
- throw new ProcessingException( e );
+ throw new ProcessingException(e);
}
}
/**
* Get an {@code XMLEventWriter}
+ *
* @param outStream
* @return
* @throws ProcessingException
*/
- public static XMLEventWriter getXMLEventWriter( final OutputStream outStream ) throws ProcessingException
+ public static XMLEventWriter getXMLEventWriter(final OutputStream outStream) throws ProcessingException
{
XMLOutputFactory xmlOutputFactory = XMLOutputFactory.newInstance();
try
{
- return xmlOutputFactory.createXMLEventWriter( outStream, "UTF-8" );
+ return xmlOutputFactory.createXMLEventWriter(outStream, "UTF-8");
}
catch (XMLStreamException e)
{
- throw new ProcessingException( e );
+ throw new ProcessingException(e);
}
}
/**
* Get an {@code XMLStreamWriter}
+ *
* @param outStream
* @return
* @throws ProcessingException
*/
- public static XMLStreamWriter getXMLStreamWriter( final OutputStream outStream ) throws ProcessingException
+ public static XMLStreamWriter getXMLStreamWriter(final OutputStream outStream) throws ProcessingException
{
XMLOutputFactory xmlOutputFactory = XMLOutputFactory.newInstance();
try
{
- return xmlOutputFactory.createXMLStreamWriter( outStream, "UTF-8" );
+ return xmlOutputFactory.createXMLStreamWriter(outStream, "UTF-8");
}
catch (XMLStreamException e)
{
- throw new ProcessingException( e );
+ throw new ProcessingException(e);
}
}
-
+
public static XMLStreamWriter getXMLStreamWriter(final Result result) throws ProcessingException
{
XMLOutputFactory factory = XMLOutputFactory.newInstance();
@@ -114,287 +114,305 @@
throw new ProcessingException(xe);
}
}
-
+
/**
* Set a prefix
+ *
* @param writer
* @param prefix
* @param nsURI
* @throws ProcessingException
*/
- public static void setPrefix( XMLStreamWriter writer, String prefix, String nsURI ) throws ProcessingException
+ public static void setPrefix(XMLStreamWriter writer, String prefix, String nsURI) throws ProcessingException
{
try
{
- writer.setPrefix(prefix, nsURI );
+ writer.setPrefix(prefix, nsURI);
}
catch (XMLStreamException e)
{
- throw new ProcessingException( e );
+ throw new ProcessingException(e);
}
}
-
+
/**
* Write an attribute
+ *
* @param writer
- * @param attributeName QName of the attribute
+ * @param attributeName
+ * QName of the attribute
* @param attributeValue
* @throws ProcessingException
*/
- public static void writeAttribute( XMLStreamWriter writer, QName attributeName, String attributeValue ) throws ProcessingException
+ public static void writeAttribute(XMLStreamWriter writer, QName attributeName, String attributeValue)
+ throws ProcessingException
{
try
{
- writer.writeAttribute( attributeName.getNamespaceURI() , attributeName.getLocalPart(), attributeValue );
+ writer.writeAttribute(attributeName.getPrefix(), attributeName.getNamespaceURI(),
+ attributeName.getLocalPart(), attributeValue);
}
catch (XMLStreamException e)
{
- throw new ProcessingException( e );
+ throw new ProcessingException(e);
}
}
/**
* Write an xml attribute
+ *
* @param writer
- * @param localName localpart
- * @param value value of the attribute
+ * @param localName
+ * localpart
+ * @param value
+ * value of the attribute
* @throws ProcessingException
*/
- public static void writeAttribute( XMLStreamWriter writer, String localName, String value ) throws ProcessingException
+ public static void writeAttribute(XMLStreamWriter writer, String localName, String value) throws ProcessingException
{
try
- {
+ {
writer.writeAttribute(localName, value);
}
catch (XMLStreamException e)
{
- throw new ProcessingException( e );
+ throw new ProcessingException(e);
}
}
-
+
/**
* Write an xml attribute
+ *
* @param writer
- * @param localName localpart
- * @param type typically xsi:type
- * @param value value of the attribute
+ * @param localName
+ * localpart
+ * @param type
+ * typically xsi:type
+ * @param value
+ * value of the attribute
* @throws ProcessingException
*/
- public static void writeAttribute( XMLStreamWriter writer, String localName, String type, String value ) throws ProcessingException
+ public static void writeAttribute(XMLStreamWriter writer, String localName, String type, String value)
+ throws ProcessingException
{
try
- {
- writer.writeAttribute( localName, type, value );
+ {
+ writer.writeAttribute(localName, type, value);
}
catch (XMLStreamException e)
{
- throw new ProcessingException( e );
+ throw new ProcessingException(e);
}
}
-
+
/**
* Write a string as text node
+ *
* @param writer
* @param value
* @throws ProcessingException
*/
- public static void writeCharacters( XMLStreamWriter writer, String value ) throws ProcessingException
+ public static void writeCharacters(XMLStreamWriter writer, String value) throws ProcessingException
{
try
- {
- writer.writeCharacters( value);
+ {
+ writer.writeCharacters(value);
}
catch (XMLStreamException e)
{
- throw new ProcessingException( e );
+ throw new ProcessingException(e);
}
}
-
+
/**
* Write the default namespace
+ *
* @param writer
* @param ns
* @throws ProcessingException
*/
- public static void writeDefaultNameSpace( XMLStreamWriter writer, String ns ) throws ProcessingException
+ public static void writeDefaultNameSpace(XMLStreamWriter writer, String ns) throws ProcessingException
{
try
{
- writer.writeDefaultNamespace( ns );
+ writer.writeDefaultNamespace(ns);
}
catch (XMLStreamException e)
{
- throw new ProcessingException( e );
+ throw new ProcessingException(e);
}
}
-
+
/**
* Write a DOM Node to the stream
+ *
* @param writer
* @param node
* @throws ProcessingException
*/
- public static void writeDOMNode( XMLStreamWriter writer, Node node ) throws ProcessingException
+ public static void writeDOMNode(XMLStreamWriter writer, Node node) throws ProcessingException
{
try
{
short nodeType = node.getNodeType();
-
- switch( nodeType )
+
+ switch (nodeType)
{
- case Node.ELEMENT_NODE:
- writeDOMElement( writer, (Element) node);
+ case Node.ELEMENT_NODE :
+ writeDOMElement(writer, (Element) node);
break;
- case Node.TEXT_NODE:
+ case Node.TEXT_NODE :
writer.writeCharacters(node.getNodeValue());
break;
- case Node.COMMENT_NODE:
+ case Node.COMMENT_NODE :
writer.writeComment(node.getNodeValue());
- break;
- case Node.CDATA_SECTION_NODE:
+ break;
+ case Node.CDATA_SECTION_NODE :
writer.writeCData(node.getNodeValue());
- break;
- default:
- //Don't care
+ break;
+ default :
+ // Don't care
}
}
catch (DOMException e)
{
- throw new ProcessingException( e );
+ throw new ProcessingException(e);
}
catch (XMLStreamException e)
{
- throw new ProcessingException( e );
- }
+ throw new ProcessingException(e);
+ }
}
-
/**
* Write DOM Element to the stream
+ *
* @param writer
* @param domElement
* @throws ProcessingException
*/
- public static void writeDOMElement( XMLStreamWriter writer, Element domElement ) throws ProcessingException
+ public static void writeDOMElement(XMLStreamWriter writer, Element domElement) throws ProcessingException
{
- if( registeredNSStack.get() == null )
+ if (registeredNSStack.get() == null)
{
- registeredNSStack.set( new Stack<String>() );
+ registeredNSStack.set(new Stack<String>());
}
String domElementPrefix = domElement.getPrefix();
-
- if (domElementPrefix == null)
+
+ if (domElementPrefix == null)
{
- domElementPrefix = "";
+ domElementPrefix = "";
}
-
+
String domElementNS = domElement.getNamespaceURI();
- if (domElementNS == null)
+ if (domElementNS == null)
{
- domElementNS = "";
+ domElementNS = "";
}
-
+
writeStartElement(writer, domElementPrefix, domElement.getLocalName(), domElementNS);
-
- //Should we register namespace
- if( domElementPrefix != "" && !registeredNSStack.get().contains(domElementNS) )
+ // Should we register namespace
+ if (domElementPrefix != "" && !registeredNSStack.get().contains(domElementNS))
{
- // writeNameSpace(writer, domElementPrefix, domElementNS );
- registeredNSStack.get().push( domElementNS );
+ // writeNameSpace(writer, domElementPrefix, domElementNS );
+ registeredNSStack.get().push(domElementNS);
}
// Deal with Attributes
NamedNodeMap attrs = domElement.getAttributes();
- for (int i = 0, len = attrs.getLength(); i < len; ++i)
+ for (int i = 0, len = attrs.getLength(); i < len; ++i)
{
- Attr attr = (Attr) attrs.item(i);
- String attributePrefix = attr.getPrefix();
- String attribLocalName = attr.getLocalName();
- String attribValue = attr.getValue();
+ Attr attr = (Attr) attrs.item(i);
+ String attributePrefix = attr.getPrefix();
+ String attribLocalName = attr.getLocalName();
+ String attribValue = attr.getValue();
- if (attributePrefix == null || attributePrefix.length() == 0)
- {
- if ( "xmlns".equals( attribLocalName ))
- {
- writeDefaultNameSpace( writer, attribValue );
- }
- else
- {
- writeAttribute( writer, attribLocalName, attribValue );
- }
- }
- else
- {
- if ( "xmlns".equals( attributePrefix ))
- {
- writeNameSpace( writer, attribLocalName, attribValue);
- }
- else
- {
- writeAttribute( writer, new QName( attr.getNamespaceURI(), attribLocalName, attributePrefix ), attribValue);
- }
- }
+ if (attributePrefix == null || attributePrefix.length() == 0)
+ {
+ if ("xmlns".equals(attribLocalName))
+ {
+ writeDefaultNameSpace(writer, attribValue);
+ }
+ else
+ {
+ writeAttribute(writer, attribLocalName, attribValue);
+ }
+ }
+ else
+ {
+ if ("xmlns".equals(attributePrefix))
+ {
+ writeNameSpace(writer, attribLocalName, attribValue);
+ }
+ else
+ {
+ writeAttribute(writer, new QName(attr.getNamespaceURI(), attribLocalName, attributePrefix), attribValue);
+ }
+ }
}
- for ( Node child = domElement.getFirstChild(); child != null; child = child.getNextSibling() )
+ for (Node child = domElement.getFirstChild(); child != null; child = child.getNextSibling())
{
- writeDOMNode( writer, child);
+ writeDOMNode(writer, child);
}
writeEndElement(writer);
}
-
-
+
/**
* Write a namespace
+ *
* @param writer
- * @param prefix prefix
- * @param ns Namespace URI
+ * @param prefix
+ * prefix
+ * @param ns
+ * Namespace URI
* @throws ProcessingException
*/
- public static void writeNameSpace( XMLStreamWriter writer, String prefix, String ns ) throws ProcessingException
+ public static void writeNameSpace(XMLStreamWriter writer, String prefix, String ns) throws ProcessingException
{
try
- {
+ {
writer.writeNamespace(prefix, ns);
}
catch (XMLStreamException e)
{
- throw new ProcessingException( e );
+ throw new ProcessingException(e);
}
}
/**
* Write a start element
+ *
* @param writer
* @param prefix
* @param localPart
* @param ns
* @throws ProcessingException
*/
- public static void writeStartElement( XMLStreamWriter writer, String prefix, String localPart, String ns ) throws ProcessingException
+ public static void writeStartElement(XMLStreamWriter writer, String prefix, String localPart, String ns)
+ throws ProcessingException
{
try
{
- writer.writeStartElement( prefix, localPart, ns);
+ writer.writeStartElement(prefix, localPart, ns);
}
catch (XMLStreamException e)
{
- throw new ProcessingException( e );
+ throw new ProcessingException(e);
}
}
/**
* <p>
- * Write an end element. The stream writer keeps track of which start element
- * needs to be closed with an end tag.
+ * Write an end element. The stream writer keeps track of which start element needs to be closed with an end tag.
* </p>
*
* @param writer
* @throws ProcessingException
*/
- public static void writeEndElement( XMLStreamWriter writer ) throws ProcessingException
+ public static void writeEndElement(XMLStreamWriter writer) throws ProcessingException
{
try
{
@@ -402,7 +420,7 @@
}
catch (XMLStreamException e)
{
- throw new ProcessingException( e );
+ throw new ProcessingException(e);
}
}
}
\ No newline at end of file
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/util/TransformerUtil.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/util/TransformerUtil.java 2010-11-25 22:20:20 UTC (rev 566)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/util/TransformerUtil.java 2010-11-30 00:32:39 UTC (rev 567)
@@ -301,7 +301,12 @@
{
Namespace namespace = namespaces.next();
QName name = namespace.getName();
- el.setAttributeNS(name.getNamespaceURI(), "xmlns:" + name.getLocalPart(), namespace.getNamespaceURI());
+ localPart = name.getLocalPart();
+ prefix = name.getPrefix();
+ if (prefix != null && prefix != "")
+ qual = (localPart != null && localPart != "") ? prefix + ":" + localPart : prefix;
+
+ el.setAttributeNS(name.getNamespaceURI(), qual, namespace.getNamespaceURI());
}
XMLEvent nextEvent = StaxParserUtil.peek(xmlEventReader);
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/util/XMLSignatureUtil.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/util/XMLSignatureUtil.java 2010-11-25 22:20:20 UTC (rev 566)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/util/XMLSignatureUtil.java 2010-11-30 00:32:39 UTC (rev 567)
@@ -92,7 +92,8 @@
private static XMLSignatureFactory fac = getXMLSignatureFactory();
- private static XMLSignatureFactory getXMLSignatureFactory()
+ @SuppressWarnings("restriction")
+private static XMLSignatureFactory getXMLSignatureFactory()
{
XMLSignatureFactory xsf = null;
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/PicketLinkSTS.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/PicketLinkSTS.java 2010-11-25 22:20:20 UTC (rev 566)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/PicketLinkSTS.java 2010-11-30 00:32:39 UTC (rev 567)
@@ -1,23 +1,19 @@
/*
- * JBoss, Home of Professional Open Source.
- * Copyright 2009, Red Hat Middleware LLC, and individual contributors
- * as indicated by the @author tags. See the copyright.txt file in the
- * distribution for a full listing of individual contributors.
- *
- * This is free software; you can redistribute it and/or modify it
- * under the terms of the GNU Lesser General Public License as
- * published by the Free Software Foundation; either version 2.1 of
- * the License, or (at your option) any later version.
- *
- * This software is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public
- * License along with this software; if not, write to the Free
- * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
- * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ * JBoss, Home of Professional Open Source. Copyright 2009, Red Hat Middleware LLC, and individual contributors as
+ * indicated by the @author tags. See the copyright.txt file in the distribution for a full listing of individual
+ * contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either version 2.1 of the License, or (at your option) any
+ * later version.
+ *
+ * This software is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied
+ * warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
+ * details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License along with this software; if not, write to
+ * the Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA, or see the FSF site:
+ * http://www.fsf.org.
*/
package org.picketlink.identity.federation.core.wstrust;
@@ -27,6 +23,7 @@
import javax.annotation.Resource;
import javax.xml.transform.Source;
+import javax.xml.transform.dom.DOMResult;
import javax.xml.transform.dom.DOMSource;
import javax.xml.ws.Provider;
import javax.xml.ws.Service;
@@ -45,6 +42,7 @@
import org.picketlink.identity.federation.core.wstrust.wrappers.RequestSecurityTokenCollection;
import org.picketlink.identity.federation.core.wstrust.wrappers.RequestSecurityTokenResponse;
import org.picketlink.identity.federation.core.wstrust.wrappers.RequestSecurityTokenResponseCollection;
+import org.picketlink.identity.federation.core.wstrust.writers.WSTrustResponseWriter;
import org.w3c.dom.Document;
/**
@@ -56,7 +54,7 @@
*/
@WebServiceProvider(serviceName = "PicketLinkSTS", portName = "PicketLinkSTSPort", targetNamespace = "urn:picketlink:identity-federation:sts", wsdlLocation = "WEB-INF/wsdl/PicketLinkSTS.wsdl")
@ServiceMode(value = Service.Mode.PAYLOAD)
-public class PicketLinkSTS implements Provider<Source>//SecurityTokenService
+public class PicketLinkSTS implements Provider<Source>// SecurityTokenService
{
private static Logger logger = Logger.getLogger(PicketLinkSTS.class);
@@ -107,9 +105,11 @@
* Process a security token request.
* </p>
*
- * @param request a {@code RequestSecurityToken} instance that contains the request information.
+ * @param request
+ * a {@code RequestSecurityToken} instance that contains the request information.
* @return a {@code Source} instance representing the marshalled response.
- * @throws WebServiceException Any exception encountered in handling token
+ * @throws WebServiceException
+ * Any exception encountered in handling token
*/
protected Source handleTokenRequest(RequestSecurityToken request)
{
@@ -163,7 +163,8 @@
* Process a collection of security token requests.
* </p>
*
- * @param requestCollection a {@code RequestSecurityTokenCollection} containing the various requests information.
+ * @param requestCollection
+ * a {@code RequestSecurityTokenCollection} containing the various requests information.
* @return a {@code Source} instance representing the marshalled response.
*/
protected Source handleTokenRequestCollection(RequestSecurityTokenCollection requestCollection)
@@ -176,7 +177,8 @@
* Marshalls the specified {@code RequestSecurityTokenResponse} into a {@code Source} instance.
* </p>
*
- * @param response the {@code RequestSecurityTokenResponse} to be marshalled.
+ * @param response
+ * the {@code RequestSecurityTokenResponse} to be marshalled.
* @return the resulting {@code Source} instance.
*/
protected Source marshallResponse(RequestSecurityTokenResponse response)
@@ -184,7 +186,18 @@
// add the single response to a RequestSecurityTokenResponse collection, as per the specification.
RequestSecurityTokenResponseCollection responseCollection = new RequestSecurityTokenResponseCollection();
responseCollection.addRequestSecurityTokenResponse(response);
- return WSTrustJAXBFactory.getInstance().marshallRequestSecurityTokenResponse(responseCollection);
+
+ try
+ {
+ DOMResult result = new DOMResult(DocumentUtil.createDocument());
+ WSTrustResponseWriter writer = new WSTrustResponseWriter(result);
+ writer.write(responseCollection);
+ return new DOMSource(result.getNode());
+ }
+ catch (Exception e)
+ {
+ throw new WebServiceException("Error writting response: " + e.getMessage(), e);
+ }
}
/**
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/STSClient.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/STSClient.java 2010-11-25 22:20:20 UTC (rev 566)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/STSClient.java 2010-11-30 00:32:39 UTC (rev 567)
@@ -34,11 +34,12 @@
import javax.xml.ws.Service.Mode;
import javax.xml.ws.soap.SOAPBinding;
+import org.picketlink.identity.federation.core.parsers.wst.WSTrustParser;
import org.picketlink.identity.federation.core.saml.v2.util.DocumentUtil;
import org.picketlink.identity.federation.core.wstrust.wrappers.RequestSecurityToken;
import org.picketlink.identity.federation.core.wstrust.wrappers.RequestSecurityTokenResponse;
import org.picketlink.identity.federation.core.wstrust.wrappers.RequestSecurityTokenResponseCollection;
-import org.picketlink.identity.federation.core.wstrust.writers.WSTrustRSTWriter;
+import org.picketlink.identity.federation.core.wstrust.writers.WSTrustRequestWriter;
import org.picketlink.identity.federation.ws.trust.CancelTargetType;
import org.picketlink.identity.federation.ws.trust.RenewTargetType;
import org.picketlink.identity.federation.ws.trust.StatusType;
@@ -92,8 +93,9 @@
/**
* Issues a Security Token for the ultimate recipient of the token.
*
- * @param endpointURI - The ultimate recipient of the token. This will be set at the AppliesTo for the
- * RequestSecurityToken which is an optional element so it may be null.
+ * @param endpointURI
+ * - The ultimate recipient of the token. This will be set at the AppliesTo for the RequestSecurityToken
+ * which is an optional element so it may be null.
* @return Element - The Security Token Element which will be of the TokenType configured for the endpointURI passed
* in.
* @throws WSTrustException
@@ -109,11 +111,14 @@
* Issues a Security Token from the STS. This methods has the option of specifying one or both of
* endpointURI/tokenType but at least one must specified.
*
- * @param endpointURI - The ultimate recipient of the token. This will be set at the AppliesTo for the
- * RequestSecurityToken which is an optional element so it may be null.
- * @param tokenType - The type of security token to be issued.
+ * @param endpointURI
+ * - The ultimate recipient of the token. This will be set at the AppliesTo for the RequestSecurityToken
+ * which is an optional element so it may be null.
+ * @param tokenType
+ * - The type of security token to be issued.
* @return Element - The Security Token Element issued.
- * @throws IllegalArgumentException If neither endpointURI nor tokenType was specified.
+ * @throws IllegalArgumentException
+ * If neither endpointURI nor tokenType was specified.
* @throws WSTrustException
*/
public Element issueToken(String endpointURI, String tokenType) throws WSTrustException
@@ -132,13 +137,18 @@
* Issues a security token on behalf of the specified principal.
* </p>
*
- * @param endpointURI the ultimate recipient of the token. This will be set at the AppliesTo for the
- * RequestSecurityToken which is an optional element so it may be null.
- * @param tokenType the type of the token to be issued.
- * @param principal the {@code Principal} to whom the token will be issued.
+ * @param endpointURI
+ * the ultimate recipient of the token. This will be set at the AppliesTo for the RequestSecurityToken
+ * which is an optional element so it may be null.
+ * @param tokenType
+ * the type of the token to be issued.
+ * @param principal
+ * the {@code Principal} to whom the token will be issued.
* @return an {@code Element} representing the issued security token.
- * @throws IllegalArgumentException If neither endpointURI nor tokenType was specified.
- * @throws WSTrustException if an error occurs while issuing the security token.
+ * @throws IllegalArgumentException
+ * If neither endpointURI nor tokenType was specified.
+ * @throws WSTrustException
+ * if an error occurs while issuing the security token.
*/
public Element issueTokenOnBehalfOf(String endpointURI, String tokenType, Principal principal)
throws WSTrustException
@@ -289,17 +299,24 @@
DOMSource requestSource = this.createSourceFromRequest(request);
Source response = dispatchLocal.get().invoke(requestSource);
- RequestSecurityTokenResponseCollection responseCollection = (RequestSecurityTokenResponseCollection) WSTrustJAXBFactory
- .getInstance().parseRequestSecurityTokenResponse(response);
- RequestSecurityTokenResponse tokenResponse = responseCollection.getRequestSecurityTokenResponses().get(0);
+ try
+ {
+ RequestSecurityTokenResponseCollection responseCollection = (RequestSecurityTokenResponseCollection) new WSTrustParser()
+ .parse(DocumentUtil.getSourceAsStream(response));
+ RequestSecurityTokenResponse tokenResponse = responseCollection.getRequestSecurityTokenResponses().get(0);
- StatusType status = tokenResponse.getStatus();
- if (status != null)
+ StatusType status = tokenResponse.getStatus();
+ if (status != null)
+ {
+ String code = status.getCode();
+ return WSTrustConstants.STATUS_CODE_VALID.equals(code);
+ }
+ return false;
+ }
+ catch (Exception e)
{
- String code = status.getCode();
- return WSTrustConstants.STATUS_CODE_VALID.equals(code);
+ throw new WSTrustException("Error parsing WS-Trust response: " + e.getMessage(), e);
}
- return false;
}
/**
@@ -307,9 +324,11 @@
* Cancels the specified security token by sending a WS-Trust cancel message to the STS.
* </p>
*
- * @param securityToken the security token to be canceled.
+ * @param securityToken
+ * the security token to be canceled.
* @return {@code true} if the token has been canceled by the STS; {@code false} otherwise.
- * @throws WSTrustException if an error occurs while processing the cancel request.
+ * @throws WSTrustException
+ * if an error occurs while processing the cancel request.
*/
public boolean cancelToken(Element securityToken) throws WSTrustException
{
@@ -321,18 +340,23 @@
request.setCancelTarget(cancelTarget);
request.setContext("context");
- // marshal the request and send it to the STS.
- WSTrustJAXBFactory jaxbFactory = WSTrustJAXBFactory.getInstance();
DOMSource requestSource = this.createSourceFromRequest(request);
Source response = dispatchLocal.get().invoke(requestSource);
// get the WS-Trust response and check for presence of the RequestTokenCanceled element.
- RequestSecurityTokenResponseCollection responseCollection = (RequestSecurityTokenResponseCollection) jaxbFactory
- .parseRequestSecurityTokenResponse(response);
- RequestSecurityTokenResponse tokenResponse = responseCollection.getRequestSecurityTokenResponses().get(0);
- if (tokenResponse.getRequestedTokenCancelled() != null)
- return true;
- return false;
+ try
+ {
+ RequestSecurityTokenResponseCollection responseCollection = (RequestSecurityTokenResponseCollection) new WSTrustParser()
+ .parse(DocumentUtil.getSourceAsStream(response));
+ RequestSecurityTokenResponse tokenResponse = responseCollection.getRequestSecurityTokenResponses().get(0);
+ if (tokenResponse.getRequestedTokenCancelled() != null)
+ return true;
+ return false;
+ }
+ catch (Exception e)
+ {
+ throw new WSTrustException("Error parsing WS-Trust response: " + e.getMessage(), e);
+ }
}
public Dispatch<Source> getDispatch()
@@ -345,7 +369,7 @@
try
{
DOMResult result = new DOMResult(DocumentUtil.createDocument());
- WSTrustRSTWriter writer = new WSTrustRSTWriter(result);
+ WSTrustRequestWriter writer = new WSTrustRequestWriter(result);
writer.write(request);
return new DOMSource(result.getNode());
}
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/StandardRequestHandler.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/StandardRequestHandler.java 2010-11-25 22:20:20 UTC (rev 566)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/StandardRequestHandler.java 2010-11-30 00:32:39 UTC (rev 567)
@@ -40,6 +40,7 @@
import org.picketlink.identity.federation.ws.policy.AppliesTo;
import org.picketlink.identity.federation.ws.trust.BinarySecretType;
import org.picketlink.identity.federation.ws.trust.ClaimsType;
+import org.picketlink.identity.federation.ws.trust.ComputedKeyType;
import org.picketlink.identity.federation.ws.trust.EntropyType;
import org.picketlink.identity.federation.ws.trust.ObjectFactory;
import org.picketlink.identity.federation.ws.trust.RequestedProofTokenType;
@@ -195,13 +196,13 @@
{
clientSecret = Base64.decode(new String(WSTrustUtil.getBinarySecret(clientEntropy)));
serverEntropy = new EntropyType();
- serverEntropy.getAny().add(objFactory.createBinarySecret(serverBinarySecret));
+ serverEntropy.getAny().add(serverBinarySecret);
}
if (clientSecret != null && clientSecret.length != 0)
{
// client secret has been specified - combine it with the sts secret.
- requestedProofToken.setAny(objFactory.createComputedKey(WSTrustConstants.CK_PSHA1));
+ requestedProofToken.setAny(new ComputedKeyType(WSTrustConstants.CK_PSHA1));
byte[] combinedSecret = null;
try
{
@@ -218,7 +219,7 @@
else
{
// client secret has not been specified - use the sts secret only.
- requestedProofToken.setAny(objFactory.createBinarySecret(serverBinarySecret));
+ requestedProofToken.setAny(serverBinarySecret);
requestContext.setProofTokenInfo(WSTrustUtil.createKeyInfo(serverBinarySecret.getValue(),
providerPublicKey, keyWrapAlgo));
}
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/WSTrustConstants.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/WSTrustConstants.java 2010-11-25 22:20:20 UTC (rev 566)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/WSTrustConstants.java 2010-11-30 00:32:39 UTC (rev 567)
@@ -87,7 +87,8 @@
String CREATED = "Created";
String ENTROPY = "Entropy";
String EXPIRES = "Expires";
- String On_BEHALF_OF = "OnBehalfOf";
+ String ON_BEHALF_OF = "OnBehalfOf";
+ String COMPUTED_KEY = "ComputedKey";
String KEY_SIZE = "KeySize";
String KEY_TYPE = "KeyType";
String LIFETIME = "Lifetime";
@@ -96,6 +97,8 @@
String RST_COLLECTION = "RequestSecurityTokenCollection";
String RSTR_COLLECTION = "RequestSecurityTokenResponseCollection";
String REQUESTED_TOKEN = "RequestedSecurityToken";
+ String REQUESTED_TOKEN_CANCELLED = "RequestedTokenCancelled";
+ String REQUESTED_PROOF_TOKEN = "RequestedProofToken";
String REQUESTED_ATTACHED_REFERENCE = "RequestedAttachedReference";
String REQUEST_TYPE = "RequestType";
String TOKEN_TYPE = "TokenType";
@@ -103,6 +106,9 @@
String RENEW_TARGET = "RenewTarget";
String VALIDATE_TARGET = "ValidateTarget";
String USE_KEY = "UseKey";
+ String STATUS = "Status";
+ String CODE = "Code";
+ String REASON = "Reason";
//Attribute Names
String RST_CONTEXT = "Context";
@@ -129,5 +135,6 @@
String PREFIX_11 = "wsse11";
String SECURITY_TOKEN_REFERENCE = "SecurityTokenReference";
String USERNAME_TOKEN = "UsernameToken";
+ String VALUE_TYPE = "ValueType";
}
}
\ No newline at end of file
Deleted: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/WSTrustJAXBFactory.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/WSTrustJAXBFactory.java 2010-11-25 22:20:20 UTC (rev 566)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/WSTrustJAXBFactory.java 2010-11-30 00:32:39 UTC (rev 567)
@@ -1,361 +0,0 @@
-/*
- * JBoss, Home of Professional Open Source.
- * Copyright 2009, Red Hat Middleware LLC, and individual contributors
- * as indicated by the @author tags. See the copyright.txt file in the
- * distribution for a full listing of individual contributors.
- *
- * This is free software; you can redistribute it and/or modify it
- * under the terms of the GNU Lesser General Public License as
- * published by the Free Software Foundation; either version 2.1 of
- * the License, or (at your option) any later version.
- *
- * This software is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public
- * License along with this software; if not, write to the Free
- * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
- * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
- */
-package org.picketlink.identity.federation.core.wstrust;
-
-import javax.xml.bind.Binder;
-import javax.xml.bind.JAXBElement;
-import javax.xml.bind.JAXBException;
-import javax.xml.bind.Marshaller;
-import javax.xml.bind.Unmarshaller;
-import javax.xml.transform.Source;
-
-import org.apache.log4j.Logger;
-import org.picketlink.identity.federation.core.saml.v2.common.SAMLDocumentHolder;
-import org.picketlink.identity.federation.core.saml.v2.util.DocumentUtil;
-import org.picketlink.identity.federation.core.util.JAXBUtil;
-import org.picketlink.identity.federation.core.wstrust.wrappers.BaseRequestSecurityToken;
-import org.picketlink.identity.federation.core.wstrust.wrappers.BaseRequestSecurityTokenResponse;
-import org.picketlink.identity.federation.core.wstrust.wrappers.RequestSecurityToken;
-import org.picketlink.identity.federation.core.wstrust.wrappers.RequestSecurityTokenResponse;
-import org.picketlink.identity.federation.core.wstrust.wrappers.RequestSecurityTokenResponseCollection;
-import org.picketlink.identity.federation.ws.trust.ObjectFactory;
-import org.picketlink.identity.federation.ws.trust.RequestSecurityTokenResponseCollectionType;
-import org.picketlink.identity.federation.ws.trust.RequestSecurityTokenType;
-import org.w3c.dom.Document;
-import org.w3c.dom.Element;
-import org.w3c.dom.Node;
-import org.w3c.dom.NodeList;
-
-/**
- * <p>
- * This factory implements utility methods for converting between JAXB model objects and XML source.
- * </p>
- *
- * @author <a href="mailto:sguilhen@redhat.com">Stefan Guilhen</a>
- */
-public class WSTrustJAXBFactory
-{
- private static Logger log = Logger.getLogger(WSTrustJAXBFactory.class);
-
- private boolean trace = log.isTraceEnabled();
-
- private static final WSTrustJAXBFactory instance = new WSTrustJAXBFactory();
-
- private Marshaller marshaller;
-
- private Unmarshaller unmarshaller;
-
- private Binder<Node> binder;
-
- private final ObjectFactory objectFactory;
-
- private ThreadLocal<SAMLDocumentHolder> holders = new ThreadLocal<SAMLDocumentHolder>();
-
- /**
- * <p>
- * Creates the {@code WSTrustJAXBFactory} singleton instance.
- * </p>
- */
- private WSTrustJAXBFactory()
- {
- try
- {
- this.marshaller = JAXBUtil.getMarshaller(this.getPackages());
- this.unmarshaller = JAXBUtil.getUnmarshaller(this.getPackages());
- this.binder = JAXBUtil.getJAXBContext(this.getPackages()).createBinder();
- this.objectFactory = new ObjectFactory();
- }
- catch (JAXBException e)
- {
- throw new RuntimeException(e.getMessage(), e);
- }
- }
-
- /**
- * <p>
- * Gets a reference to the singleton instance.
- * </p>
- *
- * @return a reference to the {@code WSTrustJAXBFactory} instance.
- */
- public static WSTrustJAXBFactory getInstance()
- {
- return instance;
- }
-
- private String getPackages()
- {
- StringBuilder packages = new StringBuilder();
- packages.append("org.picketlink.identity.federation.ws.addressing");
- packages.append(":org.picketlink.identity.federation.ws.policy");
- packages.append(":org.picketlink.identity.federation.ws.trust");
- packages.append(":org.picketlink.identity.federation.ws.wss.secext");
- packages.append(":org.picketlink.identity.federation.ws.wss.utility");
- packages.append(":org.picketlink.identity.xmlsec.w3.xmldsig");
- return packages.toString();
- }
-
- /**
- * <p>
- * Creates a {@code BaseRequestSecurityToken} from the specified XML source.
- * </p>
- *
- * @param request
- * the XML source containing the security token request message.
- * @return the constructed {@code BaseRequestSecurityToken} instance. It will be an instance of {@code
- * RequestSecurityToken} the message contains a single token request, and an instance of {@code
- * RequestSecurityTokenCollection} if multiples requests are being made in the same message.
- */
- @SuppressWarnings("unchecked")
- public BaseRequestSecurityToken parseRequestSecurityToken(Source request) throws WSTrustException
- {
- // if the request contains a validate, cancel, or renew target, we must preserve it from JAXB unmarshalling.
- try
- {
- Node documentNode = DocumentUtil.getNodeFromSource(request);
- Document document = documentNode instanceof Document ? (Document) documentNode : documentNode
- .getOwnerDocument();
-
- JAXBElement<RequestSecurityTokenType> jaxbRST;
- Node rst = this.findNodeByNameNS(document, "RequestSecurityToken", WSTrustConstants.BASE_NAMESPACE);
- if (rst == null)
- throw new RuntimeException("Request Security Token node not found");
-
- jaxbRST = (JAXBElement<RequestSecurityTokenType>) binder.unmarshal(rst);
-
- RequestSecurityTokenType rstt = jaxbRST.getValue();
-
- SAML2SecurityToken samlSecurityToken = new SAML2SecurityToken(rstt);
- holders.set(new SAMLDocumentHolder(samlSecurityToken, document));
- return new RequestSecurityToken(rstt);
- }
- catch (Exception e)
- {
- throw new WSTrustException("Error parsing security token request", e);
- }
- }
-
- /**
- * <p>
- * Creates a {@code BaseRequestSecurityTokenResponse} from the specified XML source.
- * </p>
- *
- * @param response
- * the XML source containing the security token response message.
- * @return the constructed {@code BaseRequestSecurityTokenResponse} instance. According to the WS-Trust
- * specification, the returned object will be an instance of {@code RequestSecurityTokenResponseCollection}.
- */
- public BaseRequestSecurityTokenResponse parseRequestSecurityTokenResponse(Source response) throws WSTrustException
- {
- // if the response contains an issued token, we must preserve it from the JAXB unmarshalling.
- Element tokenElement = null;
- Node documentNode = null;
- try
- {
- documentNode = DocumentUtil.getNodeFromSource(response);
- }
- catch (Exception e)
- {
- throw new WSTrustException("Failed to transform request source", e);
- }
-
- Document document = documentNode instanceof Document ? (Document) documentNode : documentNode.getOwnerDocument();
- Node requestedTokenNode = this.findNodeByNameNS(document, "RequestedSecurityToken",
- WSTrustConstants.BASE_NAMESPACE);
- if (requestedTokenNode != null)
- tokenElement = (Element) requestedTokenNode.getFirstChild();
-
- try
- {
- Object object = this.unmarshaller.unmarshal(documentNode);
- if (object instanceof JAXBElement)
- {
- JAXBElement<?> element = (JAXBElement<?>) object;
- if (element.getDeclaredType().equals(RequestSecurityTokenResponseCollectionType.class))
- {
- RequestSecurityTokenResponseCollection collection = new RequestSecurityTokenResponseCollection(
- (RequestSecurityTokenResponseCollectionType) element.getValue());
- // insert the security token in the parsed response.
- if (tokenElement != null)
- {
- RequestSecurityTokenResponse parsedResponse = collection.getRequestSecurityTokenResponses().get(0);
- parsedResponse.getRequestedSecurityToken().setAny(tokenElement);
- }
- return collection;
- }
- else
- throw new RuntimeException("Invalid response type: " + element.getDeclaredType());
- }
- else
- throw new RuntimeException("Invalid response type: " + object.getClass().getName());
- }
- catch (JAXBException e)
- {
- throw new RuntimeException("Failed to unmarshall security token response", e);
- }
- }
-
- /**
- * <p>
- * Creates a {@code javax.xml.transform.Source} from the specified request object.
- * </p>
- *
- * @param request
- * a {@code RequestSecurityToken} representing the object model of the security token request.
- * @return the constructed {@code Source} instance.
- */
- public Source marshallRequestSecurityToken(RequestSecurityToken request)
- {
- Element targetElement = null;
- // if the request has a validate, cancel, or renew target, we must preserve it from JAXB marshaling.
- String requestType = request.getRequestType().toString();
- if (requestType.equalsIgnoreCase(WSTrustConstants.VALIDATE_REQUEST) && request.getValidateTarget() != null)
- {
- targetElement = (Element) request.getValidateTarget().getAny();
- request.getValidateTarget().setAny(null);
- }
- else if (requestType.equalsIgnoreCase(WSTrustConstants.RENEW_REQUEST) && request.getRenewTarget() != null)
- {
- targetElement = (Element) request.getRenewTarget().getAny();
- request.getRenewTarget().setAny(null);
- }
- else if (requestType.equalsIgnoreCase(WSTrustConstants.CANCEL_REQUEST) && request.getCancelTarget() != null)
- {
- targetElement = (Element) request.getCancelTarget().getAny();
- request.getCancelTarget().setAny(null);
- }
-
- Document result = null;
- try
- {
- result = DocumentUtil.createDocument();
- this.marshaller.marshal(this.objectFactory.createRequestSecurityToken(request.getDelegate()), result);
-
- // insert the original target in the appropriate element.
- if (targetElement != null)
- {
- Node node = null;
- if (requestType.equalsIgnoreCase(WSTrustConstants.VALIDATE_REQUEST))
- node = this.findNodeByNameNS(result, "ValidateTarget", WSTrustConstants.BASE_NAMESPACE);
- else if (requestType.equalsIgnoreCase(WSTrustConstants.RENEW_REQUEST))
- node = this.findNodeByNameNS(result, "RenewTarget", WSTrustConstants.BASE_NAMESPACE);
- else if (requestType.equalsIgnoreCase(WSTrustConstants.CANCEL_REQUEST))
- node = this.findNodeByNameNS(result, "CancelTarget", WSTrustConstants.BASE_NAMESPACE);
- if (node == null)
- throw new RuntimeException("Unsupported request type:" + requestType);
- node.appendChild(result.importNode(targetElement, true));
- }
- }
- catch (Exception e)
- {
- throw new RuntimeException("Failed to marshall security token request", e);
- }
-
- return DocumentUtil.getXMLSource(result);
- }
-
- /**
- * <p>
- * Creates a {@code javax.xml.transform.Source} from the specified response object.
- * </p>
- *
- * @param collection
- * a {@code RequestSecurityTokenResponseCollection} representing the object model of the security token
- * response.
- * @return the constructed {@code Source} instance.
- */
- public Source marshallRequestSecurityTokenResponse(RequestSecurityTokenResponseCollection collection)
- {
- if (collection.getRequestSecurityTokenResponses().size() == 0)
- throw new IllegalArgumentException("The response collection must contain at least one response");
-
- // if the response contains an issued token, we must preserve it from the JAXB marshaling.
- Element tokenElement = null;
- RequestSecurityTokenResponse response = collection.getRequestSecurityTokenResponses().get(0);
- if (response.getRequestedSecurityToken() != null)
- {
- tokenElement = (Element) response.getRequestedSecurityToken().getAny();
- // we don't want to marshall any token - it will be inserted in the DOM document later.
- response.getRequestedSecurityToken().setAny(null);
- }
-
- Document result = null;
- try
- {
- // marshall the response to a document and insert the issued token directly on the document.
- result = DocumentUtil.createDocument();
- this.marshaller.marshal(this.objectFactory.createRequestSecurityTokenResponseCollection(collection
- .getDelegate()), result);
-
- // the document is a ws-trust template - we need to insert the token in the appropriate element.
- if (tokenElement != null)
- {
- Node node = this.findNodeByNameNS(result, "RequestedSecurityToken", WSTrustConstants.BASE_NAMESPACE);
- node.appendChild(result.importNode(tokenElement, true));
- }
- if (trace)
- {
- log.trace("Final RSTR doc:" + DocumentUtil.asString(result));
- }
-
- }
- catch (Exception e)
- {
- throw new RuntimeException("Failed to marshall security token response", e);
- }
- return DocumentUtil.getXMLSource(result);
- }
-
- /**
- * Return the {@code SAMLDocumentHolder} for the thread
- * @return
- */
- public SAMLDocumentHolder getSAMLDocumentHolderOnThread()
- {
- return holders.get();
- }
-
- /**
- * <p>
- * Finds in the specified document a node that matches the specified name and namespace.
- * </p>
- *
- * @param document
- * the {@code Document} instance upon which the search is made.
- * @param localName
- * a {@code String} containing the local name of the searched node.
- * @param namespace
- * a {@code String} containing the namespace of the searched node.
- * @return a {@code Node} representing the searched node. If more than one node is found in the document, the first
- * one will be returned. If no nodes were found according to the search parameters, then {@code null} is
- * returned.
- */
- private Node findNodeByNameNS(Document document, String localName, String namespace)
- {
- NodeList list = document.getElementsByTagNameNS(namespace, localName);
- if (list == null || list.getLength() == 0)
- // log("Unable to locate element " + localName + " with namespace " + namespace);
- return null;
- return list.item(0);
- }
-
-}
\ No newline at end of file
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/WSTrustUtil.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/WSTrustUtil.java 2010-11-25 22:20:20 UTC (rev 566)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/WSTrustUtil.java 2010-11-30 00:32:39 UTC (rev 567)
@@ -53,7 +53,6 @@
import org.picketlink.identity.federation.core.wstrust.wrappers.Lifetime;
import org.picketlink.identity.federation.ws.addressing.AttributedURIType;
import org.picketlink.identity.federation.ws.addressing.EndpointReferenceType;
-import org.picketlink.identity.federation.ws.addressing.ObjectFactory;
import org.picketlink.identity.federation.ws.policy.AppliesTo;
import org.picketlink.identity.federation.ws.trust.BinarySecretType;
import org.picketlink.identity.federation.ws.trust.EntropyType;
@@ -116,8 +115,7 @@
Map<QName, String> attributes)
{
SecurityTokenReferenceType securityTokenReference = new SecurityTokenReferenceType();
- securityTokenReference.getAny().add(
- new org.picketlink.identity.federation.ws.wss.secext.ObjectFactory().createKeyIdentifier(keyIdentifier));
+ securityTokenReference.getAny().add(keyIdentifier);
securityTokenReference.getOtherAttributes().putAll(attributes);
RequestedReferenceType reference = new RequestedReferenceType();
reference.setSecurityTokenReference(securityTokenReference);
@@ -140,7 +138,7 @@
EndpointReferenceType reference = new EndpointReferenceType();
reference.setAddress(attributedURI);
AppliesTo appliesTo = new AppliesTo();
- appliesTo.getAny().add(new ObjectFactory().createEndpointReference(reference));
+ appliesTo.getAny().add(reference);
return appliesTo;
}
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/plugins/saml/SAML20TokenProvider.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/plugins/saml/SAML20TokenProvider.java 2010-11-25 22:20:20 UTC (rev 566)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/plugins/saml/SAML20TokenProvider.java 2010-11-30 00:32:39 UTC (rev 567)
@@ -1,23 +1,19 @@
/*
- * JBoss, Home of Professional Open Source.
- * Copyright 2009, Red Hat Middleware LLC, and individual contributors
- * as indicated by the @author tags. See the copyright.txt file in the
- * distribution for a full listing of individual contributors.
- *
- * This is free software; you can redistribute it and/or modify it
- * under the terms of the GNU Lesser General Public License as
- * published by the Free Software Foundation; either version 2.1 of
- * the License, or (at your option) any later version.
- *
- * This software is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public
- * License along with this software; if not, write to the Free
- * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
- * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ * JBoss, Home of Professional Open Source. Copyright 2009, Red Hat Middleware LLC, and individual contributors as
+ * indicated by the @author tags. See the copyright.txt file in the distribution for a full listing of individual
+ * contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either version 2.1 of the License, or (at your option) any
+ * later version.
+ *
+ * This software is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied
+ * warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
+ * details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License along with this software; if not, write to
+ * the Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA, or see the FSF site:
+ * http://www.fsf.org.
*/
package org.picketlink.identity.federation.core.wstrust.plugins.saml;
@@ -167,8 +163,8 @@
this.attributeProvider.setProperties(this.properties);
}
else
- logger.warn("Attribute provider not installed: " + attributeProviderClassName +
- "is not an instance of SAML20TokenAttributeProvider");
+ logger.warn("Attribute provider not installed: " + attributeProviderClassName
+ + "is not an instance of SAML20TokenAttributeProvider");
}
catch (PrivilegedActionException pae)
{
@@ -182,7 +178,7 @@
* (non-Javadoc)
*
* @see org.picketlink.identity.federation.core.wstrust.SecurityTokenProvider#
- * cancelToken(org.picketlink.identity.federation.core.wstrust.WSTrustRequestContext)
+ * cancelToken(org.picketlink.identity.federation.core.wstrust.WSTrustRequestContext)
*/
public void cancelToken(WSTrustRequestContext context) throws WSTrustException
{
@@ -203,7 +199,7 @@
* (non-Javadoc)
*
* @see org.picketlink.identity.federation.core.wstrust.SecurityTokenProvider#
- * issueToken(org.picketlink.identity.federation.core.wstrust.WSTrustRequestContext)
+ * issueToken(org.picketlink.identity.federation.core.wstrust.WSTrustRequestContext)
*/
public void issueToken(WSTrustRequestContext context) throws WSTrustException
{
@@ -288,7 +284,8 @@
// set the SAML assertion attached reference.
KeyIdentifierType keyIdentifier = WSTrustUtil.createKeyIdentifier(SAMLUtil.SAML2_VALUE_TYPE, "#" + assertionID);
Map<QName, String> attributes = new HashMap<QName, String>();
- attributes.put(new QName(WSTrustConstants.WSSE11_NS, "TokenType"), SAMLUtil.SAML2_TOKEN_TYPE);
+ attributes.put(new QName(WSTrustConstants.WSSE11_NS, "TokenType", WSTrustConstants.WSSE.PREFIX_11),
+ SAMLUtil.SAML2_TOKEN_TYPE);
RequestedReferenceType attachedReference = WSTrustUtil.createRequestedReference(keyIdentifier, attributes);
context.setAttachedReference(attachedReference);
}
@@ -297,7 +294,7 @@
* (non-Javadoc)
*
* @see org.picketlink.identity.federation.core.wstrust.SecurityTokenProvider#
- * renewToken(org.picketlink.identity.federation.core.wstrust.WSTrustRequestContext)
+ * renewToken(org.picketlink.identity.federation.core.wstrust.WSTrustRequestContext)
*/
public void renewToken(WSTrustRequestContext context) throws WSTrustException
{
@@ -364,7 +361,7 @@
* (non-Javadoc)
*
* @see org.picketlink.identity.federation.core.wstrust.SecurityTokenProvider#
- * validateToken(org.picketlink.identity.federation.core.wstrust.WSTrustRequestContext)
+ * validateToken(org.picketlink.identity.federation.core.wstrust.WSTrustRequestContext)
*/
public void validateToken(WSTrustRequestContext context) throws WSTrustException
{
@@ -431,8 +428,9 @@
* <p>
* Checks whether the specified element is a SAMLV2.0 assertion or not.
* </p>
- *
- * @param element the {@code Element} being verified.
+ *
+ * @param element
+ * the {@code Element} being verified.
* @return {@code true} if the element is a SAMLV2.0 assertion; {@code false} otherwise.
*/
private boolean isAssertion(Element element)
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/writers/WSPolicyWriter.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/writers/WSPolicyWriter.java 2010-11-25 22:20:20 UTC (rev 566)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/writers/WSPolicyWriter.java 2010-11-30 00:32:39 UTC (rev 567)
@@ -66,10 +66,9 @@
{
for( Object content: contentList )
{
- JAXBElement<?> jaxb = (JAXBElement<?>) content;
- if( EndpointReferenceType.class.equals( jaxb.getDeclaredType() ) )
+ if( content instanceof EndpointReferenceType )
{
- EndpointReferenceType endpointReference = (EndpointReferenceType) jaxb.getValue();
+ EndpointReferenceType endpointReference = (EndpointReferenceType) content;
WSAddressingWriter wsAddressingWriter = new WSAddressingWriter(this.writer);
wsAddressingWriter.write(endpointReference);
}
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/writers/WSSecurityWriter.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/writers/WSSecurityWriter.java 2010-11-25 22:20:20 UTC (rev 566)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/writers/WSSecurityWriter.java 2010-11-30 00:32:39 UTC (rev 567)
@@ -1,27 +1,22 @@
/*
- * JBoss, Home of Professional Open Source.
- * Copyright 2008, Red Hat Middleware LLC, and individual contributors
- * as indicated by the @author tags. See the copyright.txt file in the
- * distribution for a full listing of individual contributors.
- *
- * This is free software; you can redistribute it and/or modify it
- * under the terms of the GNU Lesser General Public License as
- * published by the Free Software Foundation; either version 2.1 of
- * the License, or (at your option) any later version.
- *
- * This software is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public
- * License along with this software; if not, write to the Free
- * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
- * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ * JBoss, Home of Professional Open Source. Copyright 2008, Red Hat Middleware LLC, and individual contributors as
+ * indicated by the @author tags. See the copyright.txt file in the distribution for a full listing of individual
+ * contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either version 2.1 of the License, or (at your option) any
+ * later version.
+ *
+ * This software is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied
+ * warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
+ * details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License along with this software; if not, write to
+ * the Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA, or see the FSF site:
+ * http://www.fsf.org.
*/
package org.picketlink.identity.federation.core.wstrust.writers;
-
import static org.picketlink.identity.federation.core.wsse.WSSecurityConstants.ID;
import static org.picketlink.identity.federation.core.wsse.WSSecurityConstants.USERNAME;
import static org.picketlink.identity.federation.core.wsse.WSSecurityConstants.USERNAME_TOKEN;
@@ -30,52 +25,124 @@
import static org.picketlink.identity.federation.core.wsse.WSSecurityConstants.WSU_NS;
import static org.picketlink.identity.federation.core.wsse.WSSecurityConstants.WSU_PREFIX;
+import java.util.HashSet;
+import java.util.Map;
+import java.util.Set;
+
+import javax.xml.datatype.XMLGregorianCalendar;
import javax.xml.namespace.QName;
import javax.xml.stream.XMLStreamWriter;
import org.picketlink.identity.federation.core.exceptions.ProcessingException;
import org.picketlink.identity.federation.core.util.StaxUtil;
import org.picketlink.identity.federation.core.util.StringUtil;
+import org.picketlink.identity.federation.core.wstrust.WSTrustConstants;
import org.picketlink.identity.federation.ws.wss.secext.AttributedString;
+import org.picketlink.identity.federation.ws.wss.secext.KeyIdentifierType;
+import org.picketlink.identity.federation.ws.wss.secext.SecurityTokenReferenceType;
import org.picketlink.identity.federation.ws.wss.secext.UsernameTokenType;
/**
* Write WS-Security Elements
+ *
* @author Anil.Saldhana(a)redhat.com
* @since Nov 8, 2010
*/
public class WSSecurityWriter
{
private XMLStreamWriter writer;
-
+
public WSSecurityWriter(XMLStreamWriter writer)
{
this.writer = writer;
}
-
+
public void write(UsernameTokenType usernameToken) throws ProcessingException
{
- StaxUtil.writeStartElement( writer, WSSE_PREFIX, USERNAME_TOKEN, WSSE_NS );
- StaxUtil.writeNameSpace( writer, WSSE_PREFIX, WSSE_NS );
-
+ StaxUtil.writeStartElement(writer, WSSE_PREFIX, USERNAME_TOKEN, WSSE_NS);
+ StaxUtil.writeNameSpace(writer, WSSE_PREFIX, WSSE_NS);
+
String id = usernameToken.getId();
- if( StringUtil.isNullOrEmpty( id ))
- throw new ProcessingException( " Id on the UsernameToken is null" );
+ if (StringUtil.isNullOrEmpty(id))
+ throw new ProcessingException(" Id on the UsernameToken is null");
+
+ QName wsuIDQName = new QName(WSU_NS, ID, WSU_PREFIX);
+ StaxUtil.writeNameSpace(writer, WSU_PREFIX, WSU_NS);
+ StaxUtil.writeAttribute(writer, wsuIDQName, id);
+
+ AttributedString userNameAttr = usernameToken.getUsername();
+ if (userNameAttr == null)
+ throw new ProcessingException(" User Name is null on the UsernameToken");
+
+ StaxUtil.writeStartElement(writer, WSSE_PREFIX, USERNAME, WSSE_NS);
+ StaxUtil.writeCharacters(writer, userNameAttr.getValue());
+ StaxUtil.writeEndElement(writer);
+
+ StaxUtil.writeEndElement(writer);
+ StaxUtil.flush(writer);
+ }
+
+ public void writeLifetime(XMLGregorianCalendar created, XMLGregorianCalendar expires) throws ProcessingException
+ {
+ // write the created element.
+ StaxUtil.writeStartElement(this.writer, WSU_PREFIX, WSTrustConstants.CREATED, WSU_NS);
+ StaxUtil.writeNameSpace(this.writer, WSU_PREFIX, WSU_NS);
+ StaxUtil.writeCharacters(this.writer, created.toXMLFormat());
+ StaxUtil.writeEndElement(this.writer);
+
+ // write the expires element.
+ StaxUtil.writeStartElement(this.writer, WSU_PREFIX, WSTrustConstants.EXPIRES, WSU_NS);
+ StaxUtil.writeNameSpace(this.writer, WSU_PREFIX, WSU_NS);
+ StaxUtil.writeCharacters(this.writer, expires.toXMLFormat());
+ StaxUtil.writeEndElement(this.writer);
+
+ StaxUtil.flush(this.writer);
+ }
+
+ public void writeSecurityTokenReference(SecurityTokenReferenceType secRef) throws ProcessingException
+ {
+ Set<String> usedNamespaces = new HashSet<String>();
+ usedNamespaces.add(WSSE_NS);
- StaxUtil.setPrefix(writer, WSU_PREFIX, WSU_NS );
- QName wsuIDQName = new QName( WSU_NS, ID, WSU_PREFIX );
- StaxUtil.writeAttribute(writer, wsuIDQName, id );
- StaxUtil.writeNameSpace(writer, WSU_PREFIX, WSU_NS );
+ StaxUtil.writeStartElement(writer, WSSE_PREFIX, WSTrustConstants.WSSE.SECURITY_TOKEN_REFERENCE, WSSE_NS);
+ StaxUtil.writeNameSpace(writer, WSSE_PREFIX, WSSE_NS);
+
+ // write the id attribute, if available.
+ if (secRef.getId() != null && secRef.getId() != "")
+ {
+ QName wsuIDQName = new QName(WSU_NS, ID, WSU_PREFIX);
+ StaxUtil.writeNameSpace(writer, WSU_PREFIX, WSU_NS);
+ StaxUtil.writeAttribute(writer, wsuIDQName, secRef.getId());
+ usedNamespaces.add(WSU_NS);
+ }
+
+ // write all other attributes.
+ for (Map.Entry<QName, String> entry : secRef.getOtherAttributes().entrySet())
+ {
+ QName key = entry.getKey();
+ // check if the namespace needs to be written.
+ if (!usedNamespaces.contains(key.getNamespaceURI()))
+ {
+ StaxUtil.writeNameSpace(this.writer, key.getPrefix(), key.getNamespaceURI());
+ usedNamespaces.add(key.getNamespaceURI());
+ }
+ StaxUtil.writeAttribute(this.writer, key, entry.getValue());
+ }
- AttributedString userNameAttr = usernameToken.getUsername();
- if( userNameAttr == null )
- throw new ProcessingException( " User Name is null on the UsernameToken" );
+ // write the key identifier, if available.
+ for (Object obj : secRef.getAny())
+ {
+ if (obj instanceof KeyIdentifierType)
+ {
+ KeyIdentifierType keyId = (KeyIdentifierType) obj;
+ StaxUtil.writeStartElement(this.writer, WSSE_PREFIX, WSTrustConstants.WSSE.KEY_IDENTIFIER, WSSE_NS);
+ StaxUtil.writeAttribute(this.writer, WSTrustConstants.WSSE.VALUE_TYPE, keyId.getValueType());
+ StaxUtil.writeCharacters(this.writer, keyId.getValue());
+ StaxUtil.writeEndElement(this.writer);
+ }
+ }
- StaxUtil.writeStartElement( writer, WSSE_PREFIX, USERNAME, WSSE_NS );
- StaxUtil.writeCharacters(writer, userNameAttr.getValue() );
- StaxUtil.writeEndElement( writer );
-
- StaxUtil.writeEndElement( writer );
- StaxUtil.flush( writer );
+ StaxUtil.writeEndElement(this.writer);
+ StaxUtil.flush(this.writer);
}
}
\ No newline at end of file
Deleted: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/writers/WSTrustRSTWriter.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/writers/WSTrustRSTWriter.java 2010-11-25 22:20:20 UTC (rev 566)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/writers/WSTrustRSTWriter.java 2010-11-30 00:32:39 UTC (rev 567)
@@ -1,449 +0,0 @@
-/*
- * JBoss, Home of Professional Open Source.
- * Copyright 2008, Red Hat Middleware LLC, and individual contributors
- * as indicated by the @author tags. See the copyright.txt file in the
- * distribution for a full listing of individual contributors.
- *
- * This is free software; you can redistribute it and/or modify it
- * under the terms of the GNU Lesser General Public License as
- * published by the Free Software Foundation; either version 2.1 of
- * the License, or (at your option) any later version.
- *
- * This software is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public
- * License along with this software; if not, write to the Free
- * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
- * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
- */
-package org.picketlink.identity.federation.core.wstrust.writers;
-
-import static org.picketlink.identity.federation.core.wstrust.WSTrustConstants.BASE_NAMESPACE;
-import static org.picketlink.identity.federation.core.wstrust.WSTrustConstants.PREFIX;
-import static org.picketlink.identity.federation.core.wstrust.WSTrustConstants.RST;
-import static org.picketlink.identity.federation.core.wstrust.WSTrustConstants.RST_COLLECTION;
-import static org.picketlink.identity.federation.core.wstrust.WSTrustConstants.RST_CONTEXT;
-
-import java.io.OutputStream;
-import java.net.URI;
-import java.util.List;
-
-import javax.xml.stream.XMLStreamWriter;
-import javax.xml.transform.Result;
-
-import org.picketlink.identity.federation.core.exceptions.ProcessingException;
-import org.picketlink.identity.federation.core.saml.v2.writers.SAMLAssertionWriter;
-import org.picketlink.identity.federation.core.util.StaxUtil;
-import org.picketlink.identity.federation.core.wstrust.WSTrustConstants;
-import org.picketlink.identity.federation.core.wstrust.wrappers.RequestSecurityToken;
-import org.picketlink.identity.federation.core.wstrust.wrappers.RequestSecurityTokenCollection;
-import org.picketlink.identity.federation.saml.v2.assertion.AssertionType;
-import org.picketlink.identity.federation.ws.policy.AppliesTo;
-import org.picketlink.identity.federation.ws.trust.BinarySecretType;
-import org.picketlink.identity.federation.ws.trust.CancelTargetType;
-import org.picketlink.identity.federation.ws.trust.EntropyType;
-import org.picketlink.identity.federation.ws.trust.OnBehalfOfType;
-import org.picketlink.identity.federation.ws.trust.RenewTargetType;
-import org.picketlink.identity.federation.ws.trust.UseKeyType;
-import org.picketlink.identity.federation.ws.trust.ValidateTargetType;
-import org.picketlink.identity.federation.ws.wss.secext.UsernameTokenType;
-import org.picketlink.identity.xmlsec.w3.xmldsig.KeyValueType;
-import org.picketlink.identity.xmlsec.w3.xmldsig.RSAKeyValueType;
-import org.w3c.dom.Element;
-
-/**
- * Given a {@code RequestSecurityToken}, write into an {@code OutputStream}
- * @author Anil.Saldhana(a)redhat.com
- * @since Oct 19, 2010
- */
-public class WSTrustRSTWriter
-{
- private XMLStreamWriter writer;
-
- /**
- * <p>
- * Creates a {@code WSTrustRSTWriter} that writes {@code RequestSecurityToken} instances to the specified
- * {@code OutputStream}.
- * </p>
- *
- * @param out the stream where the request is to be written.
- * @throws ProcessingException if an error occurs while processing the request.
- */
- public WSTrustRSTWriter(OutputStream out) throws ProcessingException
- {
- this.writer = StaxUtil.getXMLStreamWriter(out);
- }
-
- /**
- * <p>
- * Creates a {@code WSTrustRSTWriter} that writes {@code RequestSecurityToken} instances to the specified
- * {@code Result}.
- * </p>
- *
- * @param result the {@code Result} where the request it to be written.
- * @throws ProcessingException if an error occurs while processing the request.
- */
- public WSTrustRSTWriter(Result result) throws ProcessingException
- {
- this.writer = StaxUtil.getXMLStreamWriter(result);
- }
-
- /**
- * <p>
- * Creates a {@code WSTrustRSTWriter} that uses the specified {@code XMLStreamWriter} to write the request
- * objects.
- * </p>
- *
- * @param writer the {@code XMLStreamWriter} to be used to write requests.
- */
- public WSTrustRSTWriter(XMLStreamWriter writer)
- {
- this.writer = writer;
- }
-
- /**
- * Write the {@code RequestSecurityTokenCollection} into the {@code OutputStream}
- * @param requestTokenCollection
- * @param out
- * @throws ProcessingException
- */
- public void write( RequestSecurityTokenCollection requestTokenCollection) throws ProcessingException
- {
- StaxUtil.writeStartElement( writer, PREFIX, RST_COLLECTION, BASE_NAMESPACE);
- StaxUtil.writeNameSpace( writer, PREFIX, BASE_NAMESPACE );
-
- List<RequestSecurityToken> tokenList = requestTokenCollection.getRequestSecurityTokens();
- if( tokenList == null )
- throw new ProcessingException( "RST list is null" );
-
- for( RequestSecurityToken token: tokenList )
- {
- write(token);
- }
-
- StaxUtil.writeEndElement( writer );
- StaxUtil.flush( writer );
- }
-
- /**
- * Write the {@code RequestSecurityToken} into the {@code OutputStream}
- * @param requestToken
- * @param out
- * @throws ProcessingException
- */
- public void write( RequestSecurityToken requestToken ) throws ProcessingException
- {
- StaxUtil.writeStartElement( writer, PREFIX, RST, BASE_NAMESPACE);
- StaxUtil.writeNameSpace( writer, PREFIX, BASE_NAMESPACE );
- String context = requestToken.getContext();
- StaxUtil.writeAttribute( writer, RST_CONTEXT, context );
-
- URI requestType = requestToken.getRequestType();
- if( requestType != null )
- {
- writeRequestType( writer, requestType );
- }
-
- URI tokenType = requestToken.getTokenType();
- if( tokenType != null )
- {
- writeTokenType( writer, tokenType );
- }
- //Deal with AppliesTo
- AppliesTo appliesTo = requestToken.getAppliesTo();
- if( appliesTo != null )
- {
- WSPolicyWriter wsPolicyWriter = new WSPolicyWriter(this.writer);
- wsPolicyWriter.write( appliesTo );
- }
-
- long keySize = requestToken.getKeySize();
- if (keySize != 0)
- {
- StaxUtil.writeStartElement(writer, PREFIX, WSTrustConstants.KEY_SIZE, BASE_NAMESPACE);
- StaxUtil.writeCharacters(writer, Long.toString(keySize));
- StaxUtil.writeEndElement(writer);
- }
-
- URI keyType = requestToken.getKeyType();
- if( keyType != null )
- {
- StaxUtil.writeStartElement( writer, PREFIX, WSTrustConstants.KEY_TYPE, BASE_NAMESPACE);
- StaxUtil.writeCharacters(writer, keyType.toString() );
- StaxUtil.writeEndElement( writer );
- }
- EntropyType entropy = requestToken.getEntropy();
- if( entropy != null )
- {
- writeEntropyType(entropy);
- }
-
- UseKeyType useKeyType = requestToken.getUseKey();
- if( useKeyType != null )
- {
- writeUseKeyType(useKeyType);
- }
-
- OnBehalfOfType onBehalfOf = requestToken.getOnBehalfOf();
- if( onBehalfOf != null )
- {
- writeOnBehalfOfType(onBehalfOf);
- }
-
- ValidateTargetType validateTarget = requestToken.getValidateTarget();
- if( validateTarget != null )
- {
- writeValidateTargetType(validateTarget);
- }
-
- CancelTargetType cancelTarget = requestToken.getCancelTarget();
- if( cancelTarget != null )
- {
- writeCancelTargetType(cancelTarget);
- }
-
- RenewTargetType renewTarget = requestToken.getRenewTarget();
- if (renewTarget != null)
- {
- writeRenewTargetType(renewTarget);
- }
-
- StaxUtil.writeEndElement( writer );
- StaxUtil.flush( writer );
- }
-
- /**
- * Write an {@code EntropyType} to stream
- * @param entropy
- * @throws ProcessingException
- */
- private void writeEntropyType(EntropyType entropy) throws ProcessingException
- {
- StaxUtil.writeStartElement( writer, PREFIX, WSTrustConstants.ENTROPY, BASE_NAMESPACE);
-
- List<Object> entropyList = entropy.getAny();
- if( entropyList != null )
- {
- for( Object entropyObj: entropyList )
- {
- if( entropyObj instanceof BinarySecretType )
- {
- BinarySecretType binarySecret = (BinarySecretType) entropyObj;
- writeBinarySecretType( writer, binarySecret );
- }
- }
- }
- StaxUtil.writeEndElement( writer );
- }
-
- /**
- * Write an {@code UseKeyType} to stream
- * @param useKeyType
- * @throws ProcessingException
- */
- private void writeUseKeyType(UseKeyType useKeyType) throws ProcessingException
- {
- StaxUtil.writeStartElement( writer, PREFIX, WSTrustConstants.USE_KEY, BASE_NAMESPACE);
-
- Object useKeyTypeValue = useKeyType.getAny();
- if( useKeyTypeValue instanceof Element )
- {
- Element domElement = (Element) useKeyTypeValue;
- StaxUtil.writeDOMElement( writer, domElement );
- }
- else if (useKeyTypeValue instanceof byte[])
- {
- byte[] certificate = (byte[]) useKeyTypeValue;
- StaxUtil.writeStartElement(writer, WSTrustConstants.XMLDSig.DSIG_PREFIX , WSTrustConstants.XMLDSig.X509CERT,
- WSTrustConstants.DSIG_NS);
- StaxUtil.writeNameSpace( writer, WSTrustConstants.XMLDSig.DSIG_PREFIX , WSTrustConstants.DSIG_NS);
- StaxUtil.writeCharacters(writer, new String(certificate));
- StaxUtil.writeEndElement(writer);
- }
- else if (useKeyTypeValue instanceof KeyValueType)
- {
- writeKeyValueType((KeyValueType) useKeyTypeValue);
- }
- else
- throw new RuntimeException( " Unknown use key type:" + useKeyTypeValue.getClass().getName() );
-
- StaxUtil.writeEndElement(writer);
- }
-
- private void writeKeyValueType(KeyValueType type) throws ProcessingException
- {
- StaxUtil.writeStartElement(writer, WSTrustConstants.XMLDSig.DSIG_PREFIX , WSTrustConstants.XMLDSig.KEYVALUE, WSTrustConstants.DSIG_NS);
- StaxUtil.writeNameSpace(writer, WSTrustConstants.XMLDSig.DSIG_PREFIX , WSTrustConstants.DSIG_NS);
- if (type.getContent().size() == 0)
- throw new ProcessingException("KeyValueType must contain at least one value");
-
- for (Object obj : type.getContent())
- {
- if (obj instanceof RSAKeyValueType)
- {
- RSAKeyValueType rsaKeyValue = (RSAKeyValueType) obj;
- writeRSAKeyValueType(rsaKeyValue);
- }
- }
- StaxUtil.writeEndElement(writer);
- }
-
- private void writeRSAKeyValueType(RSAKeyValueType type) throws ProcessingException
- {
- StaxUtil.writeStartElement(writer, "dsig", WSTrustConstants.XMLDSig.RSA_KEYVALUE , WSTrustConstants.DSIG_NS);
- // write the rsa key modulus.
- byte[] modulus = type.getModulus();
- StaxUtil.writeStartElement(writer, "dsig", WSTrustConstants.XMLDSig.MODULUS , WSTrustConstants.DSIG_NS);
- StaxUtil.writeCharacters(writer, new String(modulus));
- StaxUtil.writeEndElement(writer);
-
- // write the rsa key exponent.
- byte[] exponent = type.getExponent();
- StaxUtil.writeStartElement(writer, "dsig", WSTrustConstants.XMLDSig.EXPONENT , WSTrustConstants.DSIG_NS);
- StaxUtil.writeCharacters(writer, new String(exponent));
- StaxUtil.writeEndElement(writer);
-
- StaxUtil.writeEndElement(writer);
- }
- /**
- * Write an {@code OnBehalfOfType} to stream
- * @param onBehalfOf
- * @param out
- * @throws ProcessingException
- */
- private void writeOnBehalfOfType(OnBehalfOfType onBehalfOf) throws ProcessingException
- {
- StaxUtil.writeStartElement( writer, PREFIX, WSTrustConstants.On_BEHALF_OF, BASE_NAMESPACE);
- StaxUtil.writeCharacters(writer, "" );
-
- UsernameTokenType usernameToken = (UsernameTokenType) onBehalfOf.getAny();
- WSSecurityWriter wsseWriter = new WSSecurityWriter(this.writer);
- wsseWriter.write( usernameToken );
- StaxUtil.writeEndElement( writer );
- }
-
- /**
- * Write an {@code ValidateTargetType} to stream
- * @param validateTarget
- * @param out
- * @throws ProcessingException
- */
- private void writeValidateTargetType(ValidateTargetType validateTarget) throws ProcessingException
- {
- StaxUtil.writeStartElement( writer, PREFIX, WSTrustConstants.VALIDATE_TARGET, BASE_NAMESPACE);
-
- Object validateTargetObj = validateTarget.getAny();
- if (validateTargetObj != null)
- {
- if (validateTargetObj instanceof AssertionType)
- {
- AssertionType assertion = (AssertionType) validateTargetObj;
- SAMLAssertionWriter samlAssertionWriter = new SAMLAssertionWriter(this.writer);
- samlAssertionWriter.write(assertion);
- }
- else if (validateTargetObj instanceof Element)
- {
- StaxUtil.writeDOMElement(writer, (Element) validateTargetObj);
- }
- else
- throw new ProcessingException("Unknown validate target type=" + validateTargetObj.getClass().getName());
- }
- StaxUtil.writeEndElement( writer );
- }
-
- private void writeRenewTargetType(RenewTargetType renewTarget) throws ProcessingException
- {
- StaxUtil.writeStartElement( writer, PREFIX, WSTrustConstants.RENEW_TARGET, BASE_NAMESPACE);
-
- Object renewTargetObj = renewTarget.getAny();
- if (renewTargetObj != null)
- {
- if (renewTargetObj instanceof AssertionType)
- {
- AssertionType assertion = (AssertionType) renewTargetObj;
- SAMLAssertionWriter samlAssertionWriter = new SAMLAssertionWriter(this.writer);
- samlAssertionWriter.write(assertion);
- }
- else if (renewTargetObj instanceof Element)
- {
- StaxUtil.writeDOMElement(writer, (Element) renewTargetObj);
- }
- else
- throw new ProcessingException("Unknown renew target type=" + renewTargetObj.getClass().getName());
- }
- StaxUtil.writeEndElement( writer );
- }
-
- /**
- * Write an {@code CancelTargetType} to Stream
- * @param cancelTarget
- * @param out
- * @throws ProcessingException
- */
- private void writeCancelTargetType(CancelTargetType cancelTarget) throws ProcessingException
- {
- StaxUtil.writeStartElement( writer, PREFIX, WSTrustConstants.CANCEL_TARGET, BASE_NAMESPACE);
-
- Object cancelTargetObj = cancelTarget.getAny();
- if (cancelTargetObj != null)
- {
- if (cancelTargetObj instanceof AssertionType)
- {
- AssertionType assertion = (AssertionType) cancelTargetObj;
- SAMLAssertionWriter samlAssertionWriter = new SAMLAssertionWriter(this.writer);
- samlAssertionWriter.write(assertion);
- }
- else if (cancelTargetObj instanceof Element)
- {
- StaxUtil.writeDOMElement(writer, (Element) cancelTargetObj);
- }
- else
- throw new ProcessingException("Unknown cancel target type=" + cancelTargetObj.getClass().getName());
- }
- StaxUtil.writeEndElement( writer );
- }
-
- /**
- * Write a {@code BinarySecretType} to stream
- * @param writer
- * @param binarySecret
- * @throws ProcessingException
- */
- private void writeBinarySecretType( XMLStreamWriter writer, BinarySecretType binarySecret ) throws ProcessingException
- {
- StaxUtil.writeStartElement( writer, PREFIX, WSTrustConstants.BINARY_SECRET, BASE_NAMESPACE );
- String type = binarySecret.getType();
- StaxUtil.writeAttribute(writer, WSTrustConstants.TYPE, type );
- StaxUtil.writeCharacters(writer, new String( binarySecret.getValue() ) );
- StaxUtil.writeEndElement(writer);
- }
-
- /**
- * Write a Request Type
- * @param writer
- * @param uri
- * @throws ProcessingException
- */
- private void writeRequestType( XMLStreamWriter writer , URI uri ) throws ProcessingException
- {
- StaxUtil.writeStartElement( writer, PREFIX, WSTrustConstants.REQUEST_TYPE, BASE_NAMESPACE );
- StaxUtil.writeCharacters(writer, uri.toASCIIString() );
- StaxUtil.writeEndElement(writer);
- }
-
- /**
- * Write Token Type
- * @param writer
- * @param uri
- * @throws ProcessingException
- */
- private void writeTokenType( XMLStreamWriter writer , URI uri ) throws ProcessingException
- {
- StaxUtil.writeStartElement( writer, PREFIX, WSTrustConstants.TOKEN_TYPE, BASE_NAMESPACE );
- StaxUtil.writeCharacters(writer, uri.toASCIIString() );
- StaxUtil.writeEndElement(writer);
- }
-}
\ No newline at end of file
Copied: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/writers/WSTrustRequestWriter.java (from rev 562, federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/writers/WSTrustRSTWriter.java)
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/writers/WSTrustRequestWriter.java (rev 0)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/writers/WSTrustRequestWriter.java 2010-11-30 00:32:39 UTC (rev 567)
@@ -0,0 +1,447 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2008, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.picketlink.identity.federation.core.wstrust.writers;
+
+import static org.picketlink.identity.federation.core.wstrust.WSTrustConstants.BASE_NAMESPACE;
+import static org.picketlink.identity.federation.core.wstrust.WSTrustConstants.PREFIX;
+import static org.picketlink.identity.federation.core.wstrust.WSTrustConstants.RST;
+import static org.picketlink.identity.federation.core.wstrust.WSTrustConstants.RST_COLLECTION;
+import static org.picketlink.identity.federation.core.wstrust.WSTrustConstants.RST_CONTEXT;
+
+import java.io.OutputStream;
+import java.net.URI;
+import java.util.List;
+
+import javax.xml.stream.XMLStreamWriter;
+import javax.xml.transform.Result;
+
+import org.picketlink.identity.federation.core.exceptions.ProcessingException;
+import org.picketlink.identity.federation.core.saml.v2.writers.SAMLAssertionWriter;
+import org.picketlink.identity.federation.core.util.StaxUtil;
+import org.picketlink.identity.federation.core.wstrust.WSTrustConstants;
+import org.picketlink.identity.federation.core.wstrust.wrappers.RequestSecurityToken;
+import org.picketlink.identity.federation.core.wstrust.wrappers.RequestSecurityTokenCollection;
+import org.picketlink.identity.federation.saml.v2.assertion.AssertionType;
+import org.picketlink.identity.federation.ws.policy.AppliesTo;
+import org.picketlink.identity.federation.ws.trust.BinarySecretType;
+import org.picketlink.identity.federation.ws.trust.CancelTargetType;
+import org.picketlink.identity.federation.ws.trust.EntropyType;
+import org.picketlink.identity.federation.ws.trust.OnBehalfOfType;
+import org.picketlink.identity.federation.ws.trust.RenewTargetType;
+import org.picketlink.identity.federation.ws.trust.UseKeyType;
+import org.picketlink.identity.federation.ws.trust.ValidateTargetType;
+import org.picketlink.identity.federation.ws.wss.secext.UsernameTokenType;
+import org.picketlink.identity.xmlsec.w3.xmldsig.KeyValueType;
+import org.picketlink.identity.xmlsec.w3.xmldsig.RSAKeyValueType;
+import org.w3c.dom.Element;
+
+/**
+ * Given a {@code RequestSecurityToken}, write into an {@code OutputStream}
+ * @author Anil.Saldhana(a)redhat.com
+ * @since Oct 19, 2010
+ */
+public class WSTrustRequestWriter
+{
+ private XMLStreamWriter writer;
+
+ /**
+ * <p>
+ * Creates a {@code WSTrustRequestWriter} that writes {@code RequestSecurityToken} instances to the specified
+ * {@code OutputStream}.
+ * </p>
+ *
+ * @param out the stream where the request is to be written.
+ * @throws ProcessingException if an error occurs while processing the request.
+ */
+ public WSTrustRequestWriter(OutputStream out) throws ProcessingException
+ {
+ this.writer = StaxUtil.getXMLStreamWriter(out);
+ }
+
+ /**
+ * <p>
+ * Creates a {@code WSTrustRequestWriter} that writes {@code RequestSecurityToken} instances to the specified
+ * {@code Result}.
+ * </p>
+ *
+ * @param result the {@code Result} where the request it to be written.
+ * @throws ProcessingException if an error occurs while processing the request.
+ */
+ public WSTrustRequestWriter(Result result) throws ProcessingException
+ {
+ this.writer = StaxUtil.getXMLStreamWriter(result);
+ }
+
+ /**
+ * <p>
+ * Creates a {@code WSTrustRequestWriter} that uses the specified {@code XMLStreamWriter} to write the request
+ * objects.
+ * </p>
+ *
+ * @param writer the {@code XMLStreamWriter} to be used to write requests.
+ */
+ public WSTrustRequestWriter(XMLStreamWriter writer)
+ {
+ this.writer = writer;
+ }
+
+ /**
+ * Write the {@code RequestSecurityTokenCollection} into the {@code OutputStream}
+ * @param requestTokenCollection
+ * @param out
+ * @throws ProcessingException
+ */
+ public void write( RequestSecurityTokenCollection requestTokenCollection) throws ProcessingException
+ {
+ StaxUtil.writeStartElement( writer, PREFIX, RST_COLLECTION, BASE_NAMESPACE);
+ StaxUtil.writeNameSpace( writer, PREFIX, BASE_NAMESPACE );
+
+ List<RequestSecurityToken> tokenList = requestTokenCollection.getRequestSecurityTokens();
+ if( tokenList == null )
+ throw new ProcessingException( "RST list is null" );
+
+ for( RequestSecurityToken token: tokenList )
+ {
+ write(token);
+ }
+
+ StaxUtil.writeEndElement( writer );
+ StaxUtil.flush( writer );
+ }
+
+ /**
+ * Write the {@code RequestSecurityToken} into the {@code OutputStream}
+ * @param requestToken
+ * @param out
+ * @throws ProcessingException
+ */
+ public void write( RequestSecurityToken requestToken ) throws ProcessingException
+ {
+ StaxUtil.writeStartElement( writer, PREFIX, RST, BASE_NAMESPACE);
+ StaxUtil.writeNameSpace( writer, PREFIX, BASE_NAMESPACE );
+ String context = requestToken.getContext();
+ StaxUtil.writeAttribute( writer, RST_CONTEXT, context );
+
+ URI requestType = requestToken.getRequestType();
+ if( requestType != null )
+ {
+ writeRequestType( writer, requestType );
+ }
+
+ URI tokenType = requestToken.getTokenType();
+ if( tokenType != null )
+ {
+ writeTokenType( writer, tokenType );
+ }
+ //Deal with AppliesTo
+ AppliesTo appliesTo = requestToken.getAppliesTo();
+ if( appliesTo != null )
+ {
+ WSPolicyWriter wsPolicyWriter = new WSPolicyWriter(this.writer);
+ wsPolicyWriter.write( appliesTo );
+ }
+
+ long keySize = requestToken.getKeySize();
+ if (keySize != 0)
+ {
+ StaxUtil.writeStartElement(writer, PREFIX, WSTrustConstants.KEY_SIZE, BASE_NAMESPACE);
+ StaxUtil.writeCharacters(writer, Long.toString(keySize));
+ StaxUtil.writeEndElement(writer);
+ }
+
+ URI keyType = requestToken.getKeyType();
+ if( keyType != null )
+ {
+ StaxUtil.writeStartElement( writer, PREFIX, WSTrustConstants.KEY_TYPE, BASE_NAMESPACE);
+ StaxUtil.writeCharacters(writer, keyType.toString() );
+ StaxUtil.writeEndElement( writer );
+ }
+ EntropyType entropy = requestToken.getEntropy();
+ if( entropy != null )
+ {
+ writeEntropyType(entropy);
+ }
+
+ UseKeyType useKeyType = requestToken.getUseKey();
+ if( useKeyType != null )
+ {
+ writeUseKeyType(useKeyType);
+ }
+
+ OnBehalfOfType onBehalfOf = requestToken.getOnBehalfOf();
+ if( onBehalfOf != null )
+ {
+ writeOnBehalfOfType(onBehalfOf);
+ }
+
+ ValidateTargetType validateTarget = requestToken.getValidateTarget();
+ if( validateTarget != null )
+ {
+ writeValidateTargetType(validateTarget);
+ }
+
+ CancelTargetType cancelTarget = requestToken.getCancelTarget();
+ if( cancelTarget != null )
+ {
+ writeCancelTargetType(cancelTarget);
+ }
+
+ RenewTargetType renewTarget = requestToken.getRenewTarget();
+ if (renewTarget != null)
+ {
+ writeRenewTargetType(renewTarget);
+ }
+
+ StaxUtil.writeEndElement( writer );
+ StaxUtil.flush( writer );
+ }
+
+ /**
+ * Write an {@code EntropyType} to stream
+ * @param entropy
+ * @throws ProcessingException
+ */
+ private void writeEntropyType(EntropyType entropy) throws ProcessingException
+ {
+ StaxUtil.writeStartElement( writer, PREFIX, WSTrustConstants.ENTROPY, BASE_NAMESPACE);
+
+ List<Object> entropyList = entropy.getAny();
+ if( entropyList != null )
+ {
+ for( Object entropyObj: entropyList )
+ {
+ if( entropyObj instanceof BinarySecretType )
+ {
+ BinarySecretType binarySecret = (BinarySecretType) entropyObj;
+ writeBinarySecretType( writer, binarySecret );
+ }
+ }
+ }
+ StaxUtil.writeEndElement( writer );
+ }
+
+ /**
+ * Write an {@code UseKeyType} to stream
+ * @param useKeyType
+ * @throws ProcessingException
+ */
+ private void writeUseKeyType(UseKeyType useKeyType) throws ProcessingException
+ {
+ StaxUtil.writeStartElement( writer, PREFIX, WSTrustConstants.USE_KEY, BASE_NAMESPACE);
+
+ Object useKeyTypeValue = useKeyType.getAny();
+ if( useKeyTypeValue instanceof Element )
+ {
+ Element domElement = (Element) useKeyTypeValue;
+ StaxUtil.writeDOMElement( writer, domElement );
+ }
+ else if (useKeyTypeValue instanceof byte[])
+ {
+ byte[] certificate = (byte[]) useKeyTypeValue;
+ StaxUtil.writeStartElement(writer, WSTrustConstants.XMLDSig.DSIG_PREFIX , WSTrustConstants.XMLDSig.X509CERT,
+ WSTrustConstants.DSIG_NS);
+ StaxUtil.writeNameSpace( writer, WSTrustConstants.XMLDSig.DSIG_PREFIX , WSTrustConstants.DSIG_NS);
+ StaxUtil.writeCharacters(writer, new String(certificate));
+ StaxUtil.writeEndElement(writer);
+ }
+ else if (useKeyTypeValue instanceof KeyValueType)
+ {
+ writeKeyValueType((KeyValueType) useKeyTypeValue);
+ }
+ else
+ throw new RuntimeException( " Unknown use key type:" + useKeyTypeValue.getClass().getName() );
+
+ StaxUtil.writeEndElement(writer);
+ }
+
+ private void writeKeyValueType(KeyValueType type) throws ProcessingException
+ {
+ StaxUtil.writeStartElement(writer, WSTrustConstants.XMLDSig.DSIG_PREFIX , WSTrustConstants.XMLDSig.KEYVALUE, WSTrustConstants.DSIG_NS);
+ StaxUtil.writeNameSpace(writer, WSTrustConstants.XMLDSig.DSIG_PREFIX , WSTrustConstants.DSIG_NS);
+ if (type.getContent().size() == 0)
+ throw new ProcessingException("KeyValueType must contain at least one value");
+
+ for (Object obj : type.getContent())
+ {
+ if (obj instanceof RSAKeyValueType)
+ {
+ RSAKeyValueType rsaKeyValue = (RSAKeyValueType) obj;
+ writeRSAKeyValueType(rsaKeyValue);
+ }
+ }
+ StaxUtil.writeEndElement(writer);
+ }
+
+ private void writeRSAKeyValueType(RSAKeyValueType type) throws ProcessingException
+ {
+ StaxUtil.writeStartElement(writer, "dsig", WSTrustConstants.XMLDSig.RSA_KEYVALUE , WSTrustConstants.DSIG_NS);
+ // write the rsa key modulus.
+ byte[] modulus = type.getModulus();
+ StaxUtil.writeStartElement(writer, "dsig", WSTrustConstants.XMLDSig.MODULUS , WSTrustConstants.DSIG_NS);
+ StaxUtil.writeCharacters(writer, new String(modulus));
+ StaxUtil.writeEndElement(writer);
+
+ // write the rsa key exponent.
+ byte[] exponent = type.getExponent();
+ StaxUtil.writeStartElement(writer, "dsig", WSTrustConstants.XMLDSig.EXPONENT , WSTrustConstants.DSIG_NS);
+ StaxUtil.writeCharacters(writer, new String(exponent));
+ StaxUtil.writeEndElement(writer);
+
+ StaxUtil.writeEndElement(writer);
+ }
+ /**
+ * Write an {@code OnBehalfOfType} to stream
+ * @param onBehalfOf
+ * @param out
+ * @throws ProcessingException
+ */
+ private void writeOnBehalfOfType(OnBehalfOfType onBehalfOf) throws ProcessingException
+ {
+ StaxUtil.writeStartElement( writer, PREFIX, WSTrustConstants.ON_BEHALF_OF, BASE_NAMESPACE);
+ UsernameTokenType usernameToken = (UsernameTokenType) onBehalfOf.getAny();
+ WSSecurityWriter wsseWriter = new WSSecurityWriter(this.writer);
+ wsseWriter.write( usernameToken );
+ StaxUtil.writeEndElement( writer );
+ }
+
+ /**
+ * Write an {@code ValidateTargetType} to stream
+ * @param validateTarget
+ * @param out
+ * @throws ProcessingException
+ */
+ private void writeValidateTargetType(ValidateTargetType validateTarget) throws ProcessingException
+ {
+ StaxUtil.writeStartElement( writer, PREFIX, WSTrustConstants.VALIDATE_TARGET, BASE_NAMESPACE);
+
+ Object validateTargetObj = validateTarget.getAny();
+ if (validateTargetObj != null)
+ {
+ if (validateTargetObj instanceof AssertionType)
+ {
+ AssertionType assertion = (AssertionType) validateTargetObj;
+ SAMLAssertionWriter samlAssertionWriter = new SAMLAssertionWriter(this.writer);
+ samlAssertionWriter.write(assertion);
+ }
+ else if (validateTargetObj instanceof Element)
+ {
+ StaxUtil.writeDOMElement(writer, (Element) validateTargetObj);
+ }
+ else
+ throw new ProcessingException("Unknown validate target type=" + validateTargetObj.getClass().getName());
+ }
+ StaxUtil.writeEndElement( writer );
+ }
+
+ private void writeRenewTargetType(RenewTargetType renewTarget) throws ProcessingException
+ {
+ StaxUtil.writeStartElement( writer, PREFIX, WSTrustConstants.RENEW_TARGET, BASE_NAMESPACE);
+
+ Object renewTargetObj = renewTarget.getAny();
+ if (renewTargetObj != null)
+ {
+ if (renewTargetObj instanceof AssertionType)
+ {
+ AssertionType assertion = (AssertionType) renewTargetObj;
+ SAMLAssertionWriter samlAssertionWriter = new SAMLAssertionWriter(this.writer);
+ samlAssertionWriter.write(assertion);
+ }
+ else if (renewTargetObj instanceof Element)
+ {
+ StaxUtil.writeDOMElement(writer, (Element) renewTargetObj);
+ }
+ else
+ throw new ProcessingException("Unknown renew target type=" + renewTargetObj.getClass().getName());
+ }
+ StaxUtil.writeEndElement( writer );
+ }
+
+ /**
+ * Write an {@code CancelTargetType} to Stream
+ * @param cancelTarget
+ * @param out
+ * @throws ProcessingException
+ */
+ private void writeCancelTargetType(CancelTargetType cancelTarget) throws ProcessingException
+ {
+ StaxUtil.writeStartElement( writer, PREFIX, WSTrustConstants.CANCEL_TARGET, BASE_NAMESPACE);
+
+ Object cancelTargetObj = cancelTarget.getAny();
+ if (cancelTargetObj != null)
+ {
+ if (cancelTargetObj instanceof AssertionType)
+ {
+ AssertionType assertion = (AssertionType) cancelTargetObj;
+ SAMLAssertionWriter samlAssertionWriter = new SAMLAssertionWriter(this.writer);
+ samlAssertionWriter.write(assertion);
+ }
+ else if (cancelTargetObj instanceof Element)
+ {
+ StaxUtil.writeDOMElement(writer, (Element) cancelTargetObj);
+ }
+ else
+ throw new ProcessingException("Unknown cancel target type=" + cancelTargetObj.getClass().getName());
+ }
+ StaxUtil.writeEndElement( writer );
+ }
+
+ /**
+ * Write a {@code BinarySecretType} to stream
+ * @param writer
+ * @param binarySecret
+ * @throws ProcessingException
+ */
+ private void writeBinarySecretType( XMLStreamWriter writer, BinarySecretType binarySecret ) throws ProcessingException
+ {
+ StaxUtil.writeStartElement( writer, PREFIX, WSTrustConstants.BINARY_SECRET, BASE_NAMESPACE );
+ String type = binarySecret.getType();
+ StaxUtil.writeAttribute(writer, WSTrustConstants.TYPE, type );
+ StaxUtil.writeCharacters(writer, new String( binarySecret.getValue() ) );
+ StaxUtil.writeEndElement(writer);
+ }
+
+ /**
+ * Write a Request Type
+ * @param writer
+ * @param uri
+ * @throws ProcessingException
+ */
+ private void writeRequestType( XMLStreamWriter writer , URI uri ) throws ProcessingException
+ {
+ StaxUtil.writeStartElement( writer, PREFIX, WSTrustConstants.REQUEST_TYPE, BASE_NAMESPACE );
+ StaxUtil.writeCharacters(writer, uri.toASCIIString() );
+ StaxUtil.writeEndElement(writer);
+ }
+
+ /**
+ * Write Token Type
+ * @param writer
+ * @param uri
+ * @throws ProcessingException
+ */
+ private void writeTokenType( XMLStreamWriter writer , URI uri ) throws ProcessingException
+ {
+ StaxUtil.writeStartElement( writer, PREFIX, WSTrustConstants.TOKEN_TYPE, BASE_NAMESPACE );
+ StaxUtil.writeCharacters(writer, uri.toASCIIString() );
+ StaxUtil.writeEndElement(writer);
+ }
+}
\ No newline at end of file
Added: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/writers/WSTrustResponseWriter.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/writers/WSTrustResponseWriter.java (rev 0)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/writers/WSTrustResponseWriter.java 2010-11-30 00:32:39 UTC (rev 567)
@@ -0,0 +1,312 @@
+/*
+ * JBoss, Home of Professional Open Source. Copyright 2008, Red Hat Middleware LLC, and individual contributors as
+ * indicated by the @author tags. See the copyright.txt file in the distribution for a full listing of individual
+ * contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either version 2.1 of the License, or (at your option) any
+ * later version.
+ *
+ * This software is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied
+ * warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
+ * details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License along with this software; if not, write to
+ * the Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA, or see the FSF site:
+ * http://www.fsf.org.
+ */
+package org.picketlink.identity.federation.core.wstrust.writers;
+
+import java.io.OutputStream;
+import java.util.List;
+
+import javax.xml.stream.XMLStreamWriter;
+import javax.xml.transform.Result;
+
+import org.picketlink.identity.federation.core.exceptions.ProcessingException;
+import org.picketlink.identity.federation.core.saml.v2.writers.SAMLAssertionWriter;
+import org.picketlink.identity.federation.core.util.StaxUtil;
+import org.picketlink.identity.federation.core.wstrust.WSTrustConstants;
+import org.picketlink.identity.federation.core.wstrust.wrappers.Lifetime;
+import org.picketlink.identity.federation.core.wstrust.wrappers.RequestSecurityTokenResponse;
+import org.picketlink.identity.federation.core.wstrust.wrappers.RequestSecurityTokenResponseCollection;
+import org.picketlink.identity.federation.saml.v2.assertion.AssertionType;
+import org.picketlink.identity.federation.ws.trust.BinarySecretType;
+import org.picketlink.identity.federation.ws.trust.ComputedKeyType;
+import org.picketlink.identity.federation.ws.trust.EntropyType;
+import org.picketlink.identity.federation.ws.trust.RequestedProofTokenType;
+import org.picketlink.identity.federation.ws.trust.RequestedReferenceType;
+import org.picketlink.identity.federation.ws.trust.StatusType;
+import org.w3c.dom.Element;
+
+/**
+ * <p>
+ * A Stax writer for WS-Trust response messages.
+ * </p>
+ *
+ * @author <a href="mailto:sguilhen@redhat.com">Stefan Guilhen</a>
+ */
+public class WSTrustResponseWriter
+{
+ private XMLStreamWriter writer;
+
+ /**
+ * <p>
+ * Creates a {@code WSTrustResponseWriter} instance that writes WS-Trust response messages to the specified {@code
+ * OutputStream}.
+ * </p>
+ *
+ * @param stream
+ * the where the response is to be written.
+ * @throws ProcessingException
+ * if an error occurs when creating the {@code XMLStreamWriter} for the specified stream.
+ */
+ public WSTrustResponseWriter(OutputStream stream) throws ProcessingException
+ {
+ this.writer = StaxUtil.getXMLStreamWriter(stream);
+ }
+
+ /**
+ * <p>
+ * Creates a {@code WSTrustResponseWriter} instance that writes WS-Trust response messages to the specified {@code
+ * Result}.
+ * </p>
+ *
+ * @param result
+ * the {@code Result} object where the response is to be written.
+ * @throws ProcessingException
+ * if an error occurs when creating the {@code XMLStreamWriter} for the specified result.
+ */
+ public WSTrustResponseWriter(Result result) throws ProcessingException
+ {
+ this.writer = StaxUtil.getXMLStreamWriter(result);
+ }
+
+ /**
+ * <p>
+ * Creates a {@code WSTrustResponseWriter} instance that uses the specified {@code XMLStreamWriter} to write the
+ * WS-Trust response messages.
+ * </p>
+ *
+ * @param writer
+ * the {@code XMLStreamWriter} that will be used to write the response messages.
+ */
+ public WSTrustResponseWriter(XMLStreamWriter writer)
+ {
+ this.writer = writer;
+ }
+
+ /**
+ * <p>
+ * Writes the WS-Trust response message represented by the specified {@code RequestSecurityTokenResponseCollection}
+ * object.
+ * </p>
+ *
+ * @param collection
+ * the object that contains the WS-Trust response message to be written.
+ * @throws ProcessingException
+ * if an error occurs while writing the response message.
+ */
+ public void write(RequestSecurityTokenResponseCollection collection) throws ProcessingException
+ {
+ // write the "root" response collection element with its namespace.
+ StaxUtil.writeStartElement(this.writer, WSTrustConstants.PREFIX, WSTrustConstants.RSTR_COLLECTION,
+ WSTrustConstants.BASE_NAMESPACE);
+ StaxUtil.writeNameSpace(this.writer, WSTrustConstants.PREFIX, WSTrustConstants.BASE_NAMESPACE);
+
+ // write all individual response messages.
+ List<RequestSecurityTokenResponse> responses = collection.getRequestSecurityTokenResponses();
+ if (responses == null)
+ throw new ProcessingException("WS-Trust response message doesn't contain any response");
+
+ for (RequestSecurityTokenResponse response : responses)
+ this.write(response);
+
+ // write the response collection end element.
+ StaxUtil.writeEndElement(this.writer);
+ StaxUtil.flush(this.writer);
+ }
+
+ private void write(RequestSecurityTokenResponse response) throws ProcessingException
+ {
+ // write the response element and the context attribute.
+ StaxUtil.writeStartElement(this.writer, WSTrustConstants.PREFIX, WSTrustConstants.RSTR,
+ WSTrustConstants.BASE_NAMESPACE);
+ String context = response.getContext();
+ StaxUtil.writeAttribute(this.writer, WSTrustConstants.RST_CONTEXT, context);
+
+ // write the token type, if available.
+ if (response.getTokenType() != null)
+ {
+ StaxUtil.writeStartElement(this.writer, WSTrustConstants.PREFIX, WSTrustConstants.TOKEN_TYPE,
+ WSTrustConstants.BASE_NAMESPACE);
+ StaxUtil.writeCharacters(this.writer, response.getTokenType().toASCIIString());
+ StaxUtil.writeEndElement(this.writer);
+ }
+
+ // write the token lifetime, if available.
+ if (response.getLifetime() != null)
+ {
+ Lifetime lifetime = response.getLifetime();
+ StaxUtil.writeStartElement(this.writer, WSTrustConstants.PREFIX, WSTrustConstants.LIFETIME,
+ WSTrustConstants.BASE_NAMESPACE);
+ new WSSecurityWriter(this.writer).writeLifetime(lifetime.getCreated(), lifetime.getExpires());
+ StaxUtil.writeEndElement(this.writer);
+ }
+
+ // write the applies-to element, if available.
+ if (response.getAppliesTo() != null)
+ {
+ WSPolicyWriter policyWriter = new WSPolicyWriter(this.writer);
+ policyWriter.write(response.getAppliesTo());
+ }
+
+ // write the key size, if available.
+ if (response.getKeySize() != 0)
+ {
+ StaxUtil.writeStartElement(this.writer, WSTrustConstants.PREFIX, WSTrustConstants.KEY_SIZE,
+ WSTrustConstants.BASE_NAMESPACE);
+ StaxUtil.writeCharacters(this.writer, Long.toString(response.getKeySize()));
+ StaxUtil.writeEndElement(this.writer);
+ }
+
+ // write the key type, if available.
+ if (response.getKeyType() != null)
+ {
+ StaxUtil.writeStartElement(this.writer, WSTrustConstants.PREFIX, WSTrustConstants.KEY_TYPE,
+ WSTrustConstants.BASE_NAMESPACE);
+ StaxUtil.writeCharacters(this.writer, response.getKeyType().toString());
+ StaxUtil.writeEndElement(this.writer);
+ }
+
+ // write the security token, if available.
+ if (response.getRequestedSecurityToken() != null)
+ {
+ StaxUtil.writeStartElement(this.writer, WSTrustConstants.PREFIX, WSTrustConstants.REQUESTED_TOKEN,
+ WSTrustConstants.BASE_NAMESPACE);
+ Object securityToken = response.getRequestedSecurityToken().getAny();
+ if (securityToken != null)
+ {
+ if (securityToken instanceof AssertionType)
+ {
+ AssertionType assertion = (AssertionType) securityToken;
+ SAMLAssertionWriter samlAssertionWriter = new SAMLAssertionWriter(this.writer);
+ samlAssertionWriter.write(assertion);
+ }
+ else if (securityToken instanceof Element)
+ {
+ StaxUtil.writeDOMElement(this.writer, (Element) securityToken);
+ }
+ else
+ throw new ProcessingException("Unknown security token type=" + securityToken.getClass().getName());
+ }
+ StaxUtil.writeEndElement(this.writer);
+ }
+
+ // write the attached reference, if available.
+ if (response.getRequestedAttachedReference() != null)
+ {
+ RequestedReferenceType ref = response.getRequestedAttachedReference();
+ StaxUtil.writeStartElement(this.writer, WSTrustConstants.PREFIX,
+ WSTrustConstants.REQUESTED_ATTACHED_REFERENCE, WSTrustConstants.BASE_NAMESPACE);
+ new WSSecurityWriter(this.writer).writeSecurityTokenReference(ref.getSecurityTokenReference());
+ StaxUtil.writeEndElement(this.writer);
+ }
+
+ // write the requested proof token, if available.
+ if (response.getRequestedProofToken() != null)
+ {
+ RequestedProofTokenType requestedProof = response.getRequestedProofToken();
+ Object content = requestedProof.getAny();
+ if (content == null)
+ throw new ProcessingException("RequestedProofToken context cannot be empty");
+
+ StaxUtil.writeStartElement(this.writer, WSTrustConstants.PREFIX, WSTrustConstants.REQUESTED_PROOF_TOKEN,
+ WSTrustConstants.BASE_NAMESPACE);
+ if (content instanceof BinarySecretType)
+ {
+ BinarySecretType binarySecret = (BinarySecretType) content;
+ StaxUtil.writeStartElement(this.writer, WSTrustConstants.PREFIX, WSTrustConstants.BINARY_SECRET,
+ WSTrustConstants.BASE_NAMESPACE);
+ StaxUtil.writeAttribute(this.writer, WSTrustConstants.TYPE, binarySecret.getType());
+ StaxUtil.writeCharacters(this.writer, new String(binarySecret.getValue()));
+ StaxUtil.writeEndElement(this.writer);
+ }
+ else if (content instanceof ComputedKeyType)
+ {
+ ComputedKeyType computedKey = (ComputedKeyType) content;
+ StaxUtil.writeStartElement(this.writer, WSTrustConstants.PREFIX, WSTrustConstants.COMPUTED_KEY,
+ WSTrustConstants.BASE_NAMESPACE);
+ StaxUtil.writeCharacters(this.writer, computedKey.getAlgorithm());
+ StaxUtil.writeEndElement(this.writer);
+ }
+ StaxUtil.writeEndElement(this.writer);
+ }
+
+ // write the server entropy, if available.
+ if (response.getEntropy() != null)
+ {
+ EntropyType entropy = response.getEntropy();
+ StaxUtil.writeStartElement(this.writer, WSTrustConstants.PREFIX, WSTrustConstants.ENTROPY,
+ WSTrustConstants.BASE_NAMESPACE);
+
+ List<Object> entropyList = entropy.getAny();
+ if (entropyList != null && entropyList.size() != 0)
+ {
+ for (Object entropyObj : entropyList)
+ {
+ if (entropyObj instanceof BinarySecretType)
+ {
+ BinarySecretType binarySecret = (BinarySecretType) entropyObj;
+ StaxUtil.writeStartElement(this.writer, WSTrustConstants.PREFIX, WSTrustConstants.BINARY_SECRET,
+ WSTrustConstants.BASE_NAMESPACE);
+ StaxUtil.writeAttribute(this.writer, WSTrustConstants.TYPE, binarySecret.getType());
+ StaxUtil.writeCharacters(this.writer, new String(binarySecret.getValue()));
+ StaxUtil.writeEndElement(this.writer);
+ }
+ }
+ }
+ StaxUtil.writeEndElement(writer);
+ }
+
+ // write the validation status, if available.
+ if (response.getStatus() != null)
+ {
+ StatusType status = response.getStatus();
+ StaxUtil.writeStartElement(this.writer, WSTrustConstants.PREFIX, WSTrustConstants.STATUS,
+ WSTrustConstants.BASE_NAMESPACE);
+
+ // write the status code.
+ if (status.getCode() == null || status.getCode() == "")
+ throw new ProcessingException("Validation status code is missing");
+ StaxUtil.writeStartElement(this.writer, WSTrustConstants.PREFIX, WSTrustConstants.CODE,
+ WSTrustConstants.BASE_NAMESPACE);
+ StaxUtil.writeCharacters(this.writer, response.getStatus().getCode());
+ StaxUtil.writeEndElement(this.writer);
+
+ // write the status reason, if available.
+ if (status.getReason() != null)
+ {
+ StaxUtil.writeStartElement(this.writer, WSTrustConstants.PREFIX, WSTrustConstants.REASON,
+ WSTrustConstants.BASE_NAMESPACE);
+ StaxUtil.writeCharacters(this.writer, response.getStatus().getReason());
+ StaxUtil.writeEndElement(this.writer);
+ }
+
+ // write the status end element.
+ StaxUtil.writeEndElement(this.writer);
+ }
+
+ // write the cancel status, if available.
+ if (response.getRequestedTokenCancelled() != null)
+ {
+ StaxUtil.writeStartElement(this.writer, WSTrustConstants.PREFIX, WSTrustConstants.REQUESTED_TOKEN_CANCELLED,
+ WSTrustConstants.BASE_NAMESPACE);
+ StaxUtil.writeEndElement(this.writer);
+ }
+
+ // write the response end element.
+ StaxUtil.writeEndElement(this.writer);
+ StaxUtil.flush(writer);
+ }
+}
Deleted: federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/WST_SAML_ParsingPerfTestCase.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/WST_SAML_ParsingPerfTestCase.java 2010-11-25 22:20:20 UTC (rev 566)
+++ federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/WST_SAML_ParsingPerfTestCase.java 2010-11-30 00:32:39 UTC (rev 567)
@@ -1,100 +0,0 @@
-/*
- * JBoss, Home of Professional Open Source.
- * Copyright 2008, Red Hat Middleware LLC, and individual contributors
- * as indicated by the @author tags. See the copyright.txt file in the
- * distribution for a full listing of individual contributors.
- *
- * This is free software; you can redistribute it and/or modify it
- * under the terms of the GNU Lesser General Public License as
- * published by the Free Software Foundation; either version 2.1 of
- * the License, or (at your option) any later version.
- *
- * This software is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public
- * License along with this software; if not, write to the Free
- * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
- * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
- */
-package org.picketlink.test.identity.federation.core.parser;
-
-import java.io.ByteArrayInputStream;
-import java.io.InputStream;
-
-import javax.xml.transform.Source;
-
-import org.junit.Ignore;
-import org.junit.Test;
-import org.picketlink.identity.federation.core.parsers.wst.WSTrustParser;
-import org.picketlink.identity.federation.core.saml.v2.util.DocumentUtil;
-import org.picketlink.identity.federation.core.wstrust.WSTrustJAXBFactory;
-import org.w3c.dom.Document;
-
-/**
- * Some simple perf tests
- * @author Anil.Saldhana(a)redhat.com
- * @since Oct 14, 2010
- */
-public class WST_SAML_ParsingPerfTestCase
-{
- private int runs = 5000;
-
- String fileName = "parser/perf/wst-batch-validate-one.xml";
-
- /**
- * This test just tests some saml/wst payload performance
- * using JAXB and Stax.
- *
- * <b>NOTE:</b> For the test to work, just comment out @Ignore
- * @throws Exception
- */
- @Test
- @Ignore
- public void testParsingPerformance() throws Exception
- {
- ClassLoader tcl = Thread.currentThread().getContextClassLoader();
- InputStream configStream = tcl.getResourceAsStream( fileName );
-
- Document doc = DocumentUtil.getDocument( configStream );
- Source source = DocumentUtil.getXMLSource(doc);
-
-
- //JAXB way
- long start = System.currentTimeMillis();
- for( int i = 0 ; i < runs; i++ )
- {
- useJAXB( source );
- }
- long elapsedTimeMillis = System.currentTimeMillis() - start;
- System.out.println("JAXB, time spent for " + runs
- + " iterations = " + elapsedTimeMillis + " ms or " + elapsedTimeMillis/1000F + " secs");
-
- configStream = tcl.getResourceAsStream( fileName );
- byte[] xmlData = new byte[ configStream.available() ];
- configStream.read( xmlData );
-
- //Stax Way
- start = System.currentTimeMillis();
- for( int i = 0 ; i < runs; i++ )
- {
- useStax( new ByteArrayInputStream( xmlData ) );
- }
- elapsedTimeMillis = System.currentTimeMillis() - start;
- System.out.println("STAX, time spent for " + runs
- + " iterations = " + elapsedTimeMillis + " ms or " + elapsedTimeMillis/1000F + " secs");
- }
-
- private void useJAXB( Source source ) throws Exception
- {
- WSTrustJAXBFactory.getInstance().parseRequestSecurityToken(source);
- }
-
- private void useStax( InputStream configStream ) throws Exception
- {
- WSTrustParser parser = new WSTrustParser();
- parser.parse( configStream );
- }
-}
\ No newline at end of file
Modified: federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/wst/WSTResponseAssertionHOKCertificateTestCase.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/wst/WSTResponseAssertionHOKCertificateTestCase.java 2010-11-25 22:20:20 UTC (rev 566)
+++ federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/wst/WSTResponseAssertionHOKCertificateTestCase.java 2010-11-30 00:32:39 UTC (rev 567)
@@ -27,13 +27,13 @@
import java.io.InputStream;
import java.util.Map;
-import javax.xml.bind.JAXBElement;
import javax.xml.namespace.QName;
import org.junit.Test;
import org.picketlink.identity.federation.core.parsers.wst.WSTrustParser;
import org.picketlink.identity.federation.core.saml.v2.util.XMLTimeUtil;
import org.picketlink.identity.federation.core.wstrust.WSTrustConstants;
+import org.picketlink.identity.federation.core.wstrust.plugins.saml.SAMLUtil;
import org.picketlink.identity.federation.core.wstrust.wrappers.RequestSecurityTokenResponse;
import org.picketlink.identity.federation.core.wstrust.wrappers.RequestSecurityTokenResponseCollection;
import org.picketlink.identity.federation.saml.v2.assertion.AssertionType;
@@ -41,6 +41,7 @@
import org.picketlink.identity.federation.ws.trust.RequestedReferenceType;
import org.picketlink.identity.federation.ws.wss.secext.KeyIdentifierType;
import org.picketlink.identity.federation.ws.wss.secext.SecurityTokenReferenceType;
+import org.w3c.dom.Element;
/**
* @author Anil.Saldhana(a)redhat.com
@@ -68,13 +69,14 @@
assertEquals( XMLTimeUtil.parse( "2010-11-11T16:34:19.602Z" ), rstr.getLifetime().getCreated() );
assertEquals( XMLTimeUtil.parse( "2010-11-11T18:34:19.602Z" ), rstr.getLifetime().getExpires() );
- EndpointReferenceType endpoint = (EndpointReferenceType)((JAXBElement) rstr.getAppliesTo().getAny().get(0)).getValue();
+ EndpointReferenceType endpoint = (EndpointReferenceType) rstr.getAppliesTo().getAny().get(0);
assertEquals( "http://services.testcorp.org/provider2", endpoint.getAddress().getValue() );
assertEquals( 128, rstr.getKeySize() );
assertEquals( WSTrustConstants.KEY_TYPE_PUBLIC, rstr.getKeyType().toASCIIString() );
- AssertionType assertion = (AssertionType) rstr.getRequestedSecurityToken().getAny();
+ Element assertionElement = (Element) rstr.getRequestedSecurityToken().getAny();
+ AssertionType assertion = SAMLUtil.fromElement(assertionElement);
assertEquals( "ID_5a15fc70-daa1-4808-b70e-9cbf6b8e4d4f", assertion.getID() );
RequestedReferenceType ref = rstr.getRequestedAttachedReference();
Modified: federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/wst/WSTrustBatchValidateParsingTestCase.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/wst/WSTrustBatchValidateParsingTestCase.java 2010-11-25 22:20:20 UTC (rev 566)
+++ federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/wst/WSTrustBatchValidateParsingTestCase.java 2010-11-30 00:32:39 UTC (rev 567)
@@ -35,7 +35,7 @@
import org.picketlink.identity.federation.core.wstrust.WSTrustConstants;
import org.picketlink.identity.federation.core.wstrust.wrappers.RequestSecurityToken;
import org.picketlink.identity.federation.core.wstrust.wrappers.RequestSecurityTokenCollection;
-import org.picketlink.identity.federation.core.wstrust.writers.WSTrustRSTWriter;
+import org.picketlink.identity.federation.core.wstrust.writers.WSTrustRequestWriter;
/**
* Validate the parsing of wst-batch-validate.xml
@@ -69,7 +69,7 @@
//Now for the writing part
ByteArrayOutputStream baos = new ByteArrayOutputStream();
- WSTrustRSTWriter rstWriter = new WSTrustRSTWriter(baos);
+ WSTrustRequestWriter rstWriter = new WSTrustRequestWriter(baos);
rstWriter.write( requestCollection );
Modified: federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/wst/WSTrustCancelTargetSamlTestCase.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/wst/WSTrustCancelTargetSamlTestCase.java 2010-11-25 22:20:20 UTC (rev 566)
+++ federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/wst/WSTrustCancelTargetSamlTestCase.java 2010-11-30 00:32:39 UTC (rev 567)
@@ -38,7 +38,7 @@
import org.picketlink.identity.federation.core.saml.v2.util.DocumentUtil;
import org.picketlink.identity.federation.core.wstrust.WSTrustConstants;
import org.picketlink.identity.federation.core.wstrust.wrappers.RequestSecurityToken;
-import org.picketlink.identity.federation.core.wstrust.writers.WSTrustRSTWriter;
+import org.picketlink.identity.federation.core.wstrust.writers.WSTrustRequestWriter;
import org.picketlink.identity.federation.saml.v2.assertion.AssertionType;
import org.picketlink.identity.federation.saml.v2.assertion.ConditionsType;
import org.picketlink.identity.federation.saml.v2.assertion.NameIDType;
@@ -71,7 +71,7 @@
//Now for the writing part
ByteArrayOutputStream baos = new ByteArrayOutputStream();
- WSTrustRSTWriter rstWriter = new WSTrustRSTWriter(baos);
+ WSTrustRequestWriter rstWriter = new WSTrustRequestWriter(baos);
rstWriter.write(requestToken );
Modified: federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/wst/WSTrustIssueAppliesToTestCase.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/wst/WSTrustIssueAppliesToTestCase.java 2010-11-25 22:20:20 UTC (rev 566)
+++ federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/wst/WSTrustIssueAppliesToTestCase.java 2010-11-30 00:32:39 UTC (rev 567)
@@ -55,8 +55,7 @@
assertEquals( WSTrustConstants.ISSUE_REQUEST , requestToken.getRequestType().toASCIIString() );
AppliesTo appliesTo = requestToken.getAppliesTo();
- JAXBElement<EndpointReferenceType> jaxb = (JAXBElement<EndpointReferenceType>) appliesTo.getAny().get(0);
- EndpointReferenceType endpoint = jaxb.getValue();
+ EndpointReferenceType endpoint = (EndpointReferenceType) appliesTo.getAny().get(0);
assertEquals( "http://services.testcorp.org/provider2", endpoint.getAddress().getValue() );
}
}
\ No newline at end of file
Modified: federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/wst/WSTrustIssuePublicCertificateTestCase.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/wst/WSTrustIssuePublicCertificateTestCase.java 2010-11-25 22:20:20 UTC (rev 566)
+++ federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/wst/WSTrustIssuePublicCertificateTestCase.java 2010-11-30 00:32:39 UTC (rev 567)
@@ -27,15 +27,13 @@
import java.io.ByteArrayOutputStream;
import java.io.InputStream;
-import javax.xml.bind.JAXBElement;
-
import org.junit.Test;
import org.picketlink.identity.federation.core.parsers.wst.WSTRequestSecurityTokenParser;
import org.picketlink.identity.federation.core.parsers.wst.WSTrustParser;
import org.picketlink.identity.federation.core.saml.v2.util.DocumentUtil;
import org.picketlink.identity.federation.core.wstrust.WSTrustConstants;
import org.picketlink.identity.federation.core.wstrust.wrappers.RequestSecurityToken;
-import org.picketlink.identity.federation.core.wstrust.writers.WSTrustRSTWriter;
+import org.picketlink.identity.federation.core.wstrust.writers.WSTrustRequestWriter;
import org.picketlink.identity.federation.ws.addressing.EndpointReferenceType;
import org.picketlink.identity.federation.ws.policy.AppliesTo;
import org.picketlink.identity.federation.ws.trust.UseKeyType;
@@ -63,8 +61,7 @@
assertEquals( WSTrustConstants.ISSUE_REQUEST , requestToken.getRequestType().toASCIIString() );
AppliesTo appliesTo = requestToken.getAppliesTo();
- JAXBElement<EndpointReferenceType> jaxb = (JAXBElement<EndpointReferenceType>) appliesTo.getAny().get(0);
- EndpointReferenceType endpoint = jaxb.getValue();
+ EndpointReferenceType endpoint = (EndpointReferenceType) appliesTo.getAny().get(0);
assertEquals( "http://services.testcorp.org/provider2", endpoint.getAddress().getValue() );
@@ -77,7 +74,7 @@
//Now for the writing part
ByteArrayOutputStream baos = new ByteArrayOutputStream();
- WSTrustRSTWriter rstWriter = new WSTrustRSTWriter(baos);
+ WSTrustRequestWriter rstWriter = new WSTrustRequestWriter(baos);
rstWriter.write(requestToken );
Modified: federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/wst/WSTrustIssuePublicKeyTestCase.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/wst/WSTrustIssuePublicKeyTestCase.java 2010-11-25 22:20:20 UTC (rev 566)
+++ federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/wst/WSTrustIssuePublicKeyTestCase.java 2010-11-30 00:32:39 UTC (rev 567)
@@ -1,23 +1,19 @@
/*
- * JBoss, Home of Professional Open Source.
- * Copyright 2008, Red Hat Middleware LLC, and individual contributors
- * as indicated by the @author tags. See the copyright.txt file in the
- * distribution for a full listing of individual contributors.
- *
- * This is free software; you can redistribute it and/or modify it
- * under the terms of the GNU Lesser General Public License as
- * published by the Free Software Foundation; either version 2.1 of
- * the License, or (at your option) any later version.
- *
- * This software is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public
- * License along with this software; if not, write to the Free
- * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
- * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ * JBoss, Home of Professional Open Source. Copyright 2008, Red Hat Middleware LLC, and individual contributors as
+ * indicated by the @author tags. See the copyright.txt file in the distribution for a full listing of individual
+ * contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either version 2.1 of the License, or (at your option) any
+ * later version.
+ *
+ * This software is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied
+ * warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
+ * details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License along with this software; if not, write to
+ * the Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA, or see the FSF site:
+ * http://www.fsf.org.
*/
package org.picketlink.test.identity.federation.core.parser.wst;
@@ -27,15 +23,13 @@
import java.io.ByteArrayOutputStream;
import java.io.InputStream;
-import javax.xml.bind.JAXBElement;
-
import org.junit.Test;
import org.picketlink.identity.federation.core.parsers.wst.WSTRequestSecurityTokenParser;
import org.picketlink.identity.federation.core.parsers.wst.WSTrustParser;
import org.picketlink.identity.federation.core.saml.v2.util.DocumentUtil;
import org.picketlink.identity.federation.core.wstrust.WSTrustConstants;
import org.picketlink.identity.federation.core.wstrust.wrappers.RequestSecurityToken;
-import org.picketlink.identity.federation.core.wstrust.writers.WSTrustRSTWriter;
+import org.picketlink.identity.federation.core.wstrust.writers.WSTrustRequestWriter;
import org.picketlink.identity.federation.ws.addressing.EndpointReferenceType;
import org.picketlink.identity.federation.ws.policy.AppliesTo;
import org.picketlink.identity.federation.ws.trust.UseKeyType;
@@ -43,6 +37,7 @@
/**
* Validate parsing of RST with Use Key set to a RSA Public Key
+ *
* @author Anil.Saldhana(a)redhat.com
* @since Oct 18, 2010
*/
@@ -54,35 +49,33 @@
public void testPublicKey() throws Exception
{
ClassLoader tcl = Thread.currentThread().getContextClassLoader();
- InputStream configStream = tcl.getResourceAsStream( "parser/wst/wst-issue-public-key.xml" );
-
+ InputStream configStream = tcl.getResourceAsStream("parser/wst/wst-issue-public-key.xml");
+
WSTrustParser parser = new WSTrustParser();
- RequestSecurityToken requestToken = ( RequestSecurityToken ) parser.parse( configStream );
-
- assertEquals( "testcontext", requestToken.getContext() );
- assertEquals( WSTrustConstants.ISSUE_REQUEST , requestToken.getRequestType().toASCIIString() );
-
+ RequestSecurityToken requestToken = (RequestSecurityToken) parser.parse(configStream);
+
+ assertEquals("testcontext", requestToken.getContext());
+ assertEquals(WSTrustConstants.ISSUE_REQUEST, requestToken.getRequestType().toASCIIString());
+
AppliesTo appliesTo = requestToken.getAppliesTo();
- JAXBElement<EndpointReferenceType> jaxb = (JAXBElement<EndpointReferenceType>) appliesTo.getAny().get(0);
- EndpointReferenceType endpoint = jaxb.getValue();
- assertEquals( "http://services.testcorp.org/provider2", endpoint.getAddress().getValue() );
-
-
- assertEquals( "http://docs.oasis-open.org/ws-sx/ws-trust/200512/PublicKey", requestToken.getKeyType().toASCIIString() );
-
+ EndpointReferenceType endpoint = (EndpointReferenceType) appliesTo.getAny().get(0);
+ assertEquals("http://services.testcorp.org/provider2", endpoint.getAddress().getValue());
+
+ assertEquals("http://docs.oasis-open.org/ws-sx/ws-trust/200512/PublicKey", requestToken.getKeyType()
+ .toASCIIString());
+
UseKeyType useKeyType = requestToken.getUseKey();
- Element certEl = (Element) useKeyType.getAny();
-
- assertEquals( "ds:" + WSTRequestSecurityTokenParser.KEYVALUE, certEl.getTagName() );
-
+ Element certEl = (Element) useKeyType.getAny();
- //Now for the writing part
+ assertEquals("ds:" + WSTRequestSecurityTokenParser.KEYVALUE, certEl.getTagName());
+
+ // Now for the writing part
ByteArrayOutputStream baos = new ByteArrayOutputStream();
- WSTrustRSTWriter rstWriter = new WSTrustRSTWriter(baos);
+ WSTrustRequestWriter rstWriter = new WSTrustRequestWriter(baos);
- rstWriter.write(requestToken );
+ rstWriter.write(requestToken);
- System.out.println( new String( baos.toByteArray() ));
- DocumentUtil.getDocument( new ByteArrayInputStream( baos.toByteArray() ));
+ System.out.println(new String(baos.toByteArray()));
+ DocumentUtil.getDocument(new ByteArrayInputStream(baos.toByteArray()));
}
}
\ No newline at end of file
Modified: federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/wst/WSTrustIssueSymmetricKeyTestCase.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/wst/WSTrustIssueSymmetricKeyTestCase.java 2010-11-25 22:20:20 UTC (rev 566)
+++ federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/wst/WSTrustIssueSymmetricKeyTestCase.java 2010-11-30 00:32:39 UTC (rev 567)
@@ -27,14 +27,12 @@
import java.io.ByteArrayOutputStream;
import java.io.InputStream;
-import javax.xml.bind.JAXBElement;
-
import org.junit.Test;
import org.picketlink.identity.federation.core.parsers.wst.WSTrustParser;
import org.picketlink.identity.federation.core.saml.v2.util.DocumentUtil;
import org.picketlink.identity.federation.core.wstrust.WSTrustConstants;
import org.picketlink.identity.federation.core.wstrust.wrappers.RequestSecurityToken;
-import org.picketlink.identity.federation.core.wstrust.writers.WSTrustRSTWriter;
+import org.picketlink.identity.federation.core.wstrust.writers.WSTrustRequestWriter;
import org.picketlink.identity.federation.ws.addressing.EndpointReferenceType;
import org.picketlink.identity.federation.ws.policy.AppliesTo;
import org.picketlink.identity.federation.ws.trust.BinarySecretType;
@@ -61,8 +59,7 @@
assertEquals( WSTrustConstants.ISSUE_REQUEST , requestToken.getRequestType().toASCIIString() );
AppliesTo appliesTo = requestToken.getAppliesTo();
- JAXBElement<EndpointReferenceType> jaxb = (JAXBElement<EndpointReferenceType>) appliesTo.getAny().get(0);
- EndpointReferenceType endpoint = jaxb.getValue();
+ EndpointReferenceType endpoint = (EndpointReferenceType) appliesTo.getAny().get(0);
assertEquals( "http://services.testcorp.org/provider2", endpoint.getAddress().getValue() );
@@ -76,7 +73,7 @@
//Now for the writing part
ByteArrayOutputStream baos = new ByteArrayOutputStream();
- WSTrustRSTWriter rstWriter = new WSTrustRSTWriter(baos);
+ WSTrustRequestWriter rstWriter = new WSTrustRequestWriter(baos);
rstWriter.write(requestToken);
Modified: federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/wst/WSTrustIssueTestCase.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/wst/WSTrustIssueTestCase.java 2010-11-25 22:20:20 UTC (rev 566)
+++ federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/wst/WSTrustIssueTestCase.java 2010-11-30 00:32:39 UTC (rev 567)
@@ -32,7 +32,7 @@
import org.picketlink.identity.federation.core.saml.v2.util.DocumentUtil;
import org.picketlink.identity.federation.core.wstrust.WSTrustConstants;
import org.picketlink.identity.federation.core.wstrust.wrappers.RequestSecurityToken;
-import org.picketlink.identity.federation.core.wstrust.writers.WSTrustRSTWriter;
+import org.picketlink.identity.federation.core.wstrust.writers.WSTrustRequestWriter;
/**
* Validate simple RST parsing
@@ -56,7 +56,7 @@
//Now for the writing part
ByteArrayOutputStream baos = new ByteArrayOutputStream();
- WSTrustRSTWriter rstWriter = new WSTrustRSTWriter(baos);
+ WSTrustRequestWriter rstWriter = new WSTrustRequestWriter(baos);
rstWriter.write(requestToken);
Modified: federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/wst/WSTrustOnBehalfOfTestCase.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/wst/WSTrustOnBehalfOfTestCase.java 2010-11-25 22:20:20 UTC (rev 566)
+++ federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/wst/WSTrustOnBehalfOfTestCase.java 2010-11-30 00:32:39 UTC (rev 567)
@@ -32,7 +32,7 @@
import org.picketlink.identity.federation.core.saml.v2.util.DocumentUtil;
import org.picketlink.identity.federation.core.wstrust.WSTrustConstants;
import org.picketlink.identity.federation.core.wstrust.wrappers.RequestSecurityToken;
-import org.picketlink.identity.federation.core.wstrust.writers.WSTrustRSTWriter;
+import org.picketlink.identity.federation.core.wstrust.writers.WSTrustRequestWriter;
import org.picketlink.identity.federation.ws.trust.OnBehalfOfType;
import org.picketlink.identity.federation.ws.wss.secext.UsernameTokenType;
@@ -62,7 +62,7 @@
//Now for the writing part
ByteArrayOutputStream baos = new ByteArrayOutputStream();
- WSTrustRSTWriter rstWriter = new WSTrustRSTWriter(baos);
+ WSTrustRequestWriter rstWriter = new WSTrustRequestWriter(baos);
rstWriter.write(requestToken);
Modified: federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/wstrust/PicketLinkSTSUnitTestCase.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/wstrust/PicketLinkSTSUnitTestCase.java 2010-11-25 22:20:20 UTC (rev 566)
+++ federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/wstrust/PicketLinkSTSUnitTestCase.java 2010-11-30 00:32:39 UTC (rev 567)
@@ -48,6 +48,7 @@
import org.picketlink.identity.federation.core.config.STSType;
import org.picketlink.identity.federation.core.exceptions.ConfigurationException;
import org.picketlink.identity.federation.core.exceptions.ParsingException;
+import org.picketlink.identity.federation.core.parsers.wst.WSTrustParser;
import org.picketlink.identity.federation.core.saml.v2.common.IDGenerator;
import org.picketlink.identity.federation.core.saml.v2.util.DocumentUtil;
import org.picketlink.identity.federation.core.util.Base64;
@@ -58,7 +59,6 @@
import org.picketlink.identity.federation.core.wstrust.StandardRequestHandler;
import org.picketlink.identity.federation.core.wstrust.WSTrustConstants;
import org.picketlink.identity.federation.core.wstrust.WSTrustException;
-import org.picketlink.identity.federation.core.wstrust.WSTrustJAXBFactory;
import org.picketlink.identity.federation.core.wstrust.WSTrustRequestHandler;
import org.picketlink.identity.federation.core.wstrust.WSTrustUtil;
import org.picketlink.identity.federation.core.wstrust.plugins.saml.SAML20TokenProvider;
@@ -68,7 +68,7 @@
import org.picketlink.identity.federation.core.wstrust.wrappers.RequestSecurityToken;
import org.picketlink.identity.federation.core.wstrust.wrappers.RequestSecurityTokenResponse;
import org.picketlink.identity.federation.core.wstrust.wrappers.RequestSecurityTokenResponseCollection;
-import org.picketlink.identity.federation.core.wstrust.writers.WSTrustRSTWriter;
+import org.picketlink.identity.federation.core.wstrust.writers.WSTrustRequestWriter;
import org.picketlink.identity.federation.saml.v2.assertion.AssertionType;
import org.picketlink.identity.federation.saml.v2.assertion.AudienceRestrictionType;
import org.picketlink.identity.federation.saml.v2.assertion.ConditionAbstractType;
@@ -82,6 +82,7 @@
import org.picketlink.identity.federation.ws.policy.AppliesTo;
import org.picketlink.identity.federation.ws.trust.BinarySecretType;
import org.picketlink.identity.federation.ws.trust.CancelTargetType;
+import org.picketlink.identity.federation.ws.trust.ComputedKeyType;
import org.picketlink.identity.federation.ws.trust.EntropyType;
import org.picketlink.identity.federation.ws.trust.OnBehalfOfType;
import org.picketlink.identity.federation.ws.trust.RenewTargetType;
@@ -163,7 +164,8 @@
*
* </p>
*
- * @throws Exception if an error occurs while running the test.
+ * @throws Exception
+ * if an error occurs while running the test.
*/
public void testSTSConfiguration() throws Exception
{
@@ -241,7 +243,8 @@
*
* </p>
*
- * @throws Exception if an error occurs while running the test.
+ * @throws Exception
+ * if an error occurs while running the test.
*/
public void testInvokeCustom() throws Exception
{
@@ -252,9 +255,8 @@
// invoke the token service.
Source responseMessage = this.tokenService.invoke(requestMessage);
- BaseRequestSecurityTokenResponse baseResponse = WSTrustJAXBFactory.getInstance()
- .parseRequestSecurityTokenResponse(responseMessage);
-
+ BaseRequestSecurityTokenResponse baseResponse = (BaseRequestSecurityTokenResponse) new WSTrustParser()
+ .parse(DocumentUtil.getSourceAsStream(responseMessage));
// validate the security token response.
this.validateCustomTokenResponse(baseResponse);
}
@@ -294,7 +296,8 @@
*
* </p>
*
- * @throws Exception if an error occurs while running the test.
+ * @throws Exception
+ * if an error occurs while running the test.
*/
public void testInvokeSAML20() throws Exception
{
@@ -305,9 +308,8 @@
// invoke the token service.
Source responseMessage = this.tokenService.invoke(requestMessage);
- BaseRequestSecurityTokenResponse baseResponse = WSTrustJAXBFactory.getInstance()
- .parseRequestSecurityTokenResponse(responseMessage);
-
+ BaseRequestSecurityTokenResponse baseResponse = (BaseRequestSecurityTokenResponse) new WSTrustParser()
+ .parse(DocumentUtil.getSourceAsStream(responseMessage));
// validate the security token response.
this.validateSAMLAssertionResponse(baseResponse, "testcontext", "jduke", SAMLUtil.SAML2_BEARER_URI);
}
@@ -319,7 +321,8 @@
* case, the request should be handled by the custom {@code SpecialTokenProvider}.
* </p>
*
- * @throws Exception if an error occurs while running the test.
+ * @throws Exception
+ * if an error occurs while running the test.
*/
public void testInvokeCustomAppliesTo() throws Exception
{
@@ -330,8 +333,8 @@
// invoke the token service.
Source responseMessage = this.tokenService.invoke(requestMessage);
- BaseRequestSecurityTokenResponse baseResponse = WSTrustJAXBFactory.getInstance()
- .parseRequestSecurityTokenResponse(responseMessage);
+ BaseRequestSecurityTokenResponse baseResponse = (BaseRequestSecurityTokenResponse) new WSTrustParser()
+ .parse(DocumentUtil.getSourceAsStream(responseMessage));
// validate the security token response.
this.validateCustomTokenResponse(baseResponse);
@@ -344,7 +347,8 @@
* case, the request should be handled by the standard {@code SAML20TokenProvider}.
* </p>
*
- * @throws Exception if an error occurs while running the test.
+ * @throws Exception
+ * if an error occurs while running the test.
*/
public void testInvokeSAML20AppliesTo() throws Exception
{
@@ -354,8 +358,8 @@
// invoke the token service.
Source responseMessage = this.tokenService.invoke(requestMessage);
- BaseRequestSecurityTokenResponse baseResponse = WSTrustJAXBFactory.getInstance()
- .parseRequestSecurityTokenResponse(responseMessage);
+ BaseRequestSecurityTokenResponse baseResponse = (BaseRequestSecurityTokenResponse) new WSTrustParser()
+ .parse(DocumentUtil.getSourceAsStream(responseMessage));
// validate the security token response.
AssertionType assertion = this.validateSAMLAssertionResponse(baseResponse, "testcontext", "jduke",
@@ -380,7 +384,8 @@
* the request).
* </p>
*
- * @throws Exception if an error occurs while running the test.
+ * @throws Exception
+ * if an error occurs while running the test.
*/
public void testInvokeSAML20OnBehalfOf() throws Exception
{
@@ -394,8 +399,8 @@
// invoke the token service.
Source responseMessage = this.tokenService.invoke(requestMessage);
- BaseRequestSecurityTokenResponse baseResponse = WSTrustJAXBFactory.getInstance()
- .parseRequestSecurityTokenResponse(responseMessage);
+ BaseRequestSecurityTokenResponse baseResponse = (BaseRequestSecurityTokenResponse) new WSTrustParser()
+ .parse(DocumentUtil.getSourceAsStream(responseMessage));
// validate the security token response (assertion principal should be anotherduke as specified by OnBehalfOf).
this.validateSAMLAssertionResponse(baseResponse, "testcontext", "anotherduke", SAMLUtil.SAML2_SENDER_VOUCHES_URI);
@@ -408,7 +413,8 @@
* this key as the proof token. The WS-Trust response should contain the STS-generated key.
* </p>
*
- * @throws Exception if an error occurs while running the test.
+ * @throws Exception
+ * if an error occurs while running the test.
*/
@SuppressWarnings("rawtypes")
public void testInvokeSAML20WithSTSGeneratedSymmetricKey() throws Exception
@@ -423,8 +429,8 @@
// invoke the token service.
Source responseMessage = this.tokenService.invoke(requestMessage);
- BaseRequestSecurityTokenResponse baseResponse = WSTrustJAXBFactory.getInstance()
- .parseRequestSecurityTokenResponse(responseMessage);
+ BaseRequestSecurityTokenResponse baseResponse = (BaseRequestSecurityTokenResponse) new WSTrustParser()
+ .parse(DocumentUtil.getSourceAsStream(responseMessage));
// validate the security token response.
AssertionType assertion = this.validateSAMLAssertionResponse(baseResponse, "testcontext", "jduke",
@@ -439,10 +445,8 @@
RequestSecurityTokenResponse response = collection.getRequestSecurityTokenResponses().get(0);
RequestedProofTokenType proofToken = response.getRequestedProofToken();
assertNotNull("Unexpected null proof token", proofToken);
- assertTrue(proofToken.getAny() instanceof JAXBElement);
- JAXBElement proofElement = (JAXBElement) proofToken.getAny();
- assertEquals("Unexpected proof token content", BinarySecretType.class, proofElement.getDeclaredType());
- BinarySecretType serverBinarySecret = (BinarySecretType) proofElement.getValue();
+ assertTrue(proofToken.getAny() instanceof BinarySecretType);
+ BinarySecretType serverBinarySecret = (BinarySecretType) proofToken.getAny();
assertNotNull("Unexpected null secret", serverBinarySecret.getValue());
// default key size is 128 bits (16 bytes).
byte[] encodedSecret = serverBinarySecret.getValue();
@@ -457,7 +461,8 @@
* should include the STS key to allow reconstruction of the combined key and the algorithm used to combine the keys.
* </p>
*
- * @throws Exception if an error occurs while running the test.
+ * @throws Exception
+ * if an error occurs while running the test.
*/
@SuppressWarnings("rawtypes")
public void testInvokeSAML20WithCombinedSymmetricKey() throws Exception
@@ -482,8 +487,8 @@
// invoke the token service.
Source requestMessage = this.createSourceFromRequest(request);
Source responseMessage = this.tokenService.invoke(requestMessage);
- BaseRequestSecurityTokenResponse baseResponse = WSTrustJAXBFactory.getInstance()
- .parseRequestSecurityTokenResponse(responseMessage);
+ BaseRequestSecurityTokenResponse baseResponse = (BaseRequestSecurityTokenResponse) new WSTrustParser()
+ .parse(DocumentUtil.getSourceAsStream(responseMessage));
// validate the security token response.
AssertionType assertion = this.validateSAMLAssertionResponse(baseResponse, "testcontext", "jduke",
@@ -497,20 +502,15 @@
RequestSecurityTokenResponse response = collection.getRequestSecurityTokenResponses().get(0);
RequestedProofTokenType proofToken = response.getRequestedProofToken();
assertNotNull("Unexpected null proof token", proofToken);
- assertTrue(proofToken.getAny() instanceof JAXBElement);
- JAXBElement<?> proofElement = (JAXBElement<?>) proofToken.getAny();
+ assertTrue(proofToken.getAny() instanceof ComputedKeyType);
+ ComputedKeyType computedKey = (ComputedKeyType) proofToken.getAny();
+ assertEquals("Unexpected computed key algorithm", WSTrustConstants.CK_PSHA1, computedKey.getAlgorithm());
- // proof token should contain only the computed key algorithm.
- assertEquals("Unexpected proof token content", "ComputedKey", proofElement.getName().getLocalPart());
- assertEquals("Unexpected computed key algorithm", WSTrustConstants.CK_PSHA1, proofElement.getValue());
-
// server entropy must have been included in the response to allow reconstruction of the computed key.
EntropyType serverEntropy = response.getEntropy();
assertNotNull("Unexpected null server entropy");
assertEquals("Invalid number of elements in server entropy", 1, serverEntropy.getAny().size());
- JAXBElement serverEntropyContent = (JAXBElement) serverEntropy.getAny().get(0);
- assertEquals("Unexpected proof token content", BinarySecretType.class, serverEntropyContent.getDeclaredType());
- BinarySecretType serverBinarySecret = (BinarySecretType) serverEntropyContent.getValue();
+ BinarySecretType serverBinarySecret = (BinarySecretType) serverEntropy.getAny().get(0);
assertEquals("Unexpected binary secret type", WSTrustConstants.BS_TYPE_NONCE, serverBinarySecret.getType());
assertNotNull("Unexpected null secret value", serverBinarySecret.getValue());
// get the base64 decoded
@@ -524,7 +524,8 @@
* The STS must include the specified certificate in the SAML subject confirmation.
* </p>
*
- * @throws Exception if an error occurs while running the test.
+ * @throws Exception
+ * if an error occurs while running the test.
*/
public void testInvokeSAML20WithCertificate() throws Exception
{
@@ -542,9 +543,8 @@
// invoke the token service.
Source requestMessage = this.createSourceFromRequest(request);
Source responseMessage = this.tokenService.invoke(requestMessage);
- BaseRequestSecurityTokenResponse baseResponse = WSTrustJAXBFactory.getInstance()
- .parseRequestSecurityTokenResponse(responseMessage);
-
+ BaseRequestSecurityTokenResponse baseResponse = (BaseRequestSecurityTokenResponse) new WSTrustParser()
+ .parse(DocumentUtil.getSourceAsStream(responseMessage));
// validate the security token response.
AssertionType assertion = this.validateSAMLAssertionResponse(baseResponse, "testcontext", "jduke",
SAMLUtil.SAML2_HOLDER_OF_KEY_URI);
@@ -560,7 +560,8 @@
* STS must include the specified public key in the SAML subject confirmation.
* </p>
*
- * @throws Exception if an error occurs while running the test.
+ * @throws Exception
+ * if an error occurs while running the test.
*/
public void testInvokeSAML20WithPublicKey() throws Exception
{
@@ -579,8 +580,8 @@
// invoke the token service.
Source requestMessage = this.createSourceFromRequest(request);
Source responseMessage = this.tokenService.invoke(requestMessage);
- BaseRequestSecurityTokenResponse baseResponse = WSTrustJAXBFactory.getInstance()
- .parseRequestSecurityTokenResponse(responseMessage);
+ BaseRequestSecurityTokenResponse baseResponse = (BaseRequestSecurityTokenResponse) new WSTrustParser()
+ .parse(DocumentUtil.getSourceAsStream(responseMessage));
// validate the security token response.
AssertionType assertion = this.validateSAMLAssertionResponse(baseResponse, "testcontext", "jduke",
@@ -597,7 +598,8 @@
* the assertion validated, checking the validation results.
* </p>
*
- * @throws Exception if an error occurs while running the test.
+ * @throws Exception
+ * if an error occurs while running the test.
*/
public void testInvokeSAML20Validate() throws Exception
{
@@ -605,20 +607,19 @@
RequestSecurityToken request = this.createRequest("testcontext", WSTrustConstants.ISSUE_REQUEST,
SAMLUtil.SAML2_TOKEN_TYPE, null);
- // use the factory to marshall the request.
- WSTrustJAXBFactory factory = WSTrustJAXBFactory.getInstance();
Source requestMessage = this.createSourceFromRequest(request);
// invoke the token service.
Source responseMessage = this.tokenService.invoke(requestMessage);
- BaseRequestSecurityTokenResponse baseResponse = factory.parseRequestSecurityTokenResponse(responseMessage);
+ WSTrustParser parser = new WSTrustParser();
+ BaseRequestSecurityTokenResponse baseResponse = (BaseRequestSecurityTokenResponse) parser.parse(DocumentUtil
+ .getSourceAsStream(responseMessage));
// validate the response and get the SAML assertion from the request.
- this.validateSAMLAssertionResponse(baseResponse, "testcontext", "jduke",
- SAMLUtil.SAML2_BEARER_URI);
+ this.validateSAMLAssertionResponse(baseResponse, "testcontext", "jduke", SAMLUtil.SAML2_BEARER_URI);
RequestSecurityTokenResponseCollection collection = (RequestSecurityTokenResponseCollection) baseResponse;
Element assertion = (Element) collection.getRequestSecurityTokenResponses().get(0).getRequestedSecurityToken()
- .getAny();
+ .getAny();
// now construct a WS-Trust validate request with the generated assertion.
request = this.createRequest("validatecontext", WSTrustConstants.VALIDATE_REQUEST, WSTrustConstants.STATUS_TYPE,
@@ -629,7 +630,7 @@
// invoke the token service.
responseMessage = this.tokenService.invoke(this.createSourceFromRequest(request));
- baseResponse = factory.parseRequestSecurityTokenResponse(responseMessage);
+ baseResponse = (BaseRequestSecurityTokenResponse) parser.parse(DocumentUtil.getSourceAsStream(responseMessage));
// validate the response contents.
assertNotNull("Unexpected null response", baseResponse);
@@ -648,8 +649,8 @@
assertion.getFirstChild().getFirstChild().setNodeValue("Tempered Issuer");
request.getValidateTarget().setAny(assertion);
responseMessage = this.tokenService.invoke(this.createSourceFromRequest(request));
- collection = (RequestSecurityTokenResponseCollection) WSTrustJAXBFactory.getInstance()
- .parseRequestSecurityTokenResponse(responseMessage);
+ collection = (RequestSecurityTokenResponseCollection) parser.parse(DocumentUtil
+ .getSourceAsStream(responseMessage));
assertEquals("Unexpected number of responses", 1, collection.getRequestSecurityTokenResponses().size());
response = collection.getRequestSecurityTokenResponses().get(0);
assertEquals("Unexpected response context", "validatecontext", response.getContext());
@@ -666,7 +667,8 @@
* assertion renewed (i.e. get a new assertion with an updated lifetime).
* </p>
*
- * @throws Exception if an error occurs while running the test.
+ * @throws Exception
+ * if an error occurs while running the test.
*/
public void testInvokeSAML20Renew() throws Exception
{
@@ -674,13 +676,13 @@
RequestSecurityToken request = this.createRequest("testcontext", WSTrustConstants.ISSUE_REQUEST, null,
"http://services.testcorp.org/provider2");
- // use the factory to marshall the request.
- WSTrustJAXBFactory factory = WSTrustJAXBFactory.getInstance();
Source requestMessage = this.createSourceFromRequest(request);
// invoke the token service.
Source responseMessage = this.tokenService.invoke(requestMessage);
- BaseRequestSecurityTokenResponse baseResponse = factory.parseRequestSecurityTokenResponse(responseMessage);
+ WSTrustParser parser = new WSTrustParser();
+ BaseRequestSecurityTokenResponse baseResponse = (BaseRequestSecurityTokenResponse) parser.parse(DocumentUtil
+ .getSourceAsStream(responseMessage));
// validate the response and get the SAML assertion from the request.
this.validateSAMLAssertionResponse(baseResponse, "testcontext", "jduke", SAMLUtil.SAML2_BEARER_URI);
@@ -696,7 +698,7 @@
// invoke the token service.
responseMessage = this.tokenService.invoke(this.createSourceFromRequest(request));
- baseResponse = factory.parseRequestSecurityTokenResponse(responseMessage);
+ baseResponse = (BaseRequestSecurityTokenResponse) parser.parse(DocumentUtil.getSourceAsStream(responseMessage));
// validate the renew response contents and get the renewed token.
this.validateSAMLAssertionResponse(baseResponse, "renewcontext", "jduke", SAMLUtil.SAML2_BEARER_URI);
@@ -723,7 +725,8 @@
* the assertion. A canceled assertion cannot be renewed or considered valid anymore.
* </p>
*
- * @throws Exception if an error occurs while running the test.
+ * @throws Exception
+ * if an error occurs while running the test.
*/
public void testInvokeSAML20Cancel() throws Exception
{
@@ -731,13 +734,13 @@
RequestSecurityToken request = this.createRequest("testcontext", WSTrustConstants.ISSUE_REQUEST,
SAMLUtil.SAML2_TOKEN_TYPE, null);
- // use the factory to marshall the request.
- WSTrustJAXBFactory factory = WSTrustJAXBFactory.getInstance();
Source requestMessage = this.createSourceFromRequest(request);
// invoke the token service.
Source responseMessage = this.tokenService.invoke(requestMessage);
- BaseRequestSecurityTokenResponse baseResponse = factory.parseRequestSecurityTokenResponse(responseMessage);
+ WSTrustParser parser = new WSTrustParser();
+ BaseRequestSecurityTokenResponse baseResponse = (BaseRequestSecurityTokenResponse) parser.parse(DocumentUtil
+ .getSourceAsStream(responseMessage));
// validate the response and get the SAML assertion from the request.
this.validateSAMLAssertionResponse(baseResponse, "testcontext", "jduke", SAMLUtil.SAML2_BEARER_URI);
@@ -753,7 +756,7 @@
// invoke the token service.
responseMessage = this.tokenService.invoke(this.createSourceFromRequest(request));
- baseResponse = factory.parseRequestSecurityTokenResponse(responseMessage);
+ baseResponse = (BaseRequestSecurityTokenResponse) parser.parse(DocumentUtil.getSourceAsStream(responseMessage));
// validate the response contents.
assertNotNull("Unexpected null response", baseResponse);
@@ -773,7 +776,8 @@
// the response should contain a status indicating that the token is not valid.
responseMessage = this.tokenService.invoke(this.createSourceFromRequest(request));
- collection = (RequestSecurityTokenResponseCollection) factory.parseRequestSecurityTokenResponse(responseMessage);
+ collection = (RequestSecurityTokenResponseCollection) parser.parse(DocumentUtil
+ .getSourceAsStream(responseMessage));
assertEquals("Unexpected number of responses", 1, collection.getRequestSecurityTokenResponses().size());
response = collection.getRequestSecurityTokenResponses().get(0);
assertEquals("Unexpected response context", "validatecontext", response.getContext());
@@ -810,7 +814,8 @@
* security token service.
* </p>
*
- * @throws Exception if an error occurs while running the test.
+ * @throws Exception
+ * if an error occurs while running the test.
*/
public void testInvokeUnknownTokenType() throws Exception
{
@@ -840,7 +845,8 @@
* This test verifies if the token service is correctly identifying invalid issue requests.
* </p>
*
- * @throws Exception if an error occurs while running the test.
+ * @throws Exception
+ * if an error occurs while running the test.
*/
public void testInvalidIssueRequests() throws Exception
{
@@ -885,7 +891,8 @@
* This test verifies if the token service is correctly identifying invalid renew requests.
* </p>
*
- * @throws Exception if an error occurs while running the test.
+ * @throws Exception
+ * if an error occurs while running the test.
*/
public void testInvalidRenewRequests() throws Exception
{
@@ -944,7 +951,8 @@
* This test verifies if the token service is correctly identifying invalid validate requests.
* </p>
*
- * @throws Exception if an error occurs while running the test.
+ * @throws Exception
+ * if an error occurs while running the test.
*/
public void testInvalidValidateRequests() throws Exception
{
@@ -1003,7 +1011,8 @@
* This test verifies if the token service is correctly identifying invalid cancel requests.
* </p>
*
- * @throws Exception if an error occurs while running the test.
+ * @throws Exception
+ * if an error occurs while running the test.
*/
public void testInvalidCancelRequests() throws Exception
{
@@ -1063,8 +1072,10 @@
* SpecialTokenProvider}.
* </p>
*
- * @param baseResponse a reference to the WS-Trust response that was sent by the STS.
- * @throws Exception if one of the validation performed fail.
+ * @param baseResponse
+ * a reference to the WS-Trust response that was sent by the STS.
+ * @throws Exception
+ * if one of the validation performed fail.
*/
private void validateCustomTokenResponse(BaseRequestSecurityTokenResponse baseResponse) throws Exception
{
@@ -1089,10 +1100,11 @@
assertNotNull("Unexpected null token", token);
assertTrue("Unexpected token class", token instanceof Element);
Element element = (Element) requestedToken.getAny();
+ assertEquals("Unexpected root element name", "SpecialToken", element.getLocalName());
assertEquals("Unexpected namespace value", "http://www.tokens.org", element.getNamespaceURI());
-
- assertEquals("Unexpected attribute value", "http://www.tokens.org/SpecialToken", element.getAttributeNS(
- "http://www.tokens.org", "TokenType"));
+ assertEquals("Unexpected attribute value", "http://www.tokens.org/SpecialToken", element.getAttribute("TokenType"));
+ element = (Element) element.getFirstChild();
+ assertEquals("Unexpected child element name", "SpecialTokenValue", element.getLocalName());
assertEquals("Unexpected token value", "Principal:jduke", element.getFirstChild().getNodeValue());
}
@@ -1102,13 +1114,18 @@
* SAML20TokenProvider}.
* </p>
*
- * @param baseResponse a reference to the WS-Trust response that was sent by the STS.
- * @param context the expected name of the response context.
- * @param principal the principal that is expected to be seen in the assertion subject.
- * @param confirmationMethod the confirmation method that is expected to be seen in the assertion subject.
+ * @param baseResponse
+ * a reference to the WS-Trust response that was sent by the STS.
+ * @param context
+ * the expected name of the response context.
+ * @param principal
+ * the principal that is expected to be seen in the assertion subject.
+ * @param confirmationMethod
+ * the confirmation method that is expected to be seen in the assertion subject.
* @return the SAMLV2.0 assertion that has been extracted from the response. This object can be used by the test
* methods to perform extra validations depending on the scenario being tested.
- * @throws Exception if an error occurs while performing the validation.
+ * @throws Exception
+ * if an error occurs while performing the validation.
*/
private AssertionType validateSAMLAssertionResponse(BaseRequestSecurityTokenResponse baseResponse, String context,
String principal, String confirmationMethod) throws Exception
@@ -1134,8 +1151,7 @@
String tokenTypeAttr = securityRef.getOtherAttributes().get(new QName(WSTrustConstants.WSSE11_NS, "TokenType"));
assertNotNull("Required attribute TokenType is missing", tokenTypeAttr);
assertEquals("TokenType attribute has an unexpected value", SAMLUtil.SAML2_TOKEN_TYPE, tokenTypeAttr);
- JAXBElement<?> keyIdElement = (JAXBElement<?>) securityRef.getAny().get(0);
- KeyIdentifierType keyId = (KeyIdentifierType) keyIdElement.getValue();
+ KeyIdentifierType keyId = (KeyIdentifierType) securityRef.getAny().get(0);
assertEquals("Unexpected key value type", SAMLUtil.SAML2_VALUE_TYPE, keyId.getValueType());
assertNotNull("Unexpected null key identifier value", keyId.getValue());
@@ -1145,7 +1161,8 @@
assertNotNull("Unexpected null requested security token", requestedToken);
// unmarshall the SAMLV2.0 assertion.
- AssertionType assertion = SAMLUtil.fromElement((Element) requestedToken.getAny());
+ Element assertionElement = (Element) requestedToken.getAny();
+ AssertionType assertion = SAMLUtil.fromElement(assertionElement);
// verify the contents of the unmarshalled assertion.
assertNotNull("Invalid null assertion ID", assertion.getID());
@@ -1174,7 +1191,6 @@
assertEquals(lifetime.getCreated(), assertion.getConditions().getNotBefore());
assertEquals(lifetime.getExpires(), assertion.getConditions().getNotOnOrAfter());
- // verify if the assertion has been signed.
assertNotNull("Assertion should have been signed", assertion.getSignature());
return assertion;
@@ -1186,12 +1202,17 @@
* confirmation method has been used.
* </p>
*
- * @param subjectConfirmation the {@code SubjectConfirmationType} to be validated.
- * @param keyType the type of the proof-of-possession key (Symmetric or Public).
- * @param certificate the certificate used in the Public Key scenarios.
- * @param usePublicKey {@code true} if the certificate's Public Key was used as the proof-of-possession token;
- * {@code false} otherwise.
- * @throws Exception if an error occurs while performing the validation.
+ * @param subjectConfirmation
+ * the {@code SubjectConfirmationType} to be validated.
+ * @param keyType
+ * the type of the proof-of-possession key (Symmetric or Public).
+ * @param certificate
+ * the certificate used in the Public Key scenarios.
+ * @param usePublicKey
+ * {@code true} if the certificate's Public Key was used as the proof-of-possession token; {@code false}
+ * otherwise.
+ * @throws Exception
+ * if an error occurs while performing the validation.
*/
private void validateHolderOfKeyContents(SubjectConfirmationType subjectConfirmation, String keyType,
Certificate certificate, boolean usePublicKey) throws Exception
@@ -1261,10 +1282,14 @@
* Utility method that creates a simple WS-Trust request using the specified information.
* </p>
*
- * @param context a {@code String} that represents the request context.
- * @param requestType a {@code String} that represents the WS-Trust request type.
- * @param tokenType a {@code String} that represents the requested token type.
- * @param appliesToString a {@code String} that represents the URL of a service provider.
+ * @param context
+ * a {@code String} that represents the request context.
+ * @param requestType
+ * a {@code String} that represents the WS-Trust request type.
+ * @param tokenType
+ * a {@code String} that represents the requested token type.
+ * @param appliesToString
+ * a {@code String} that represents the URL of a service provider.
* @return the constructed {@code RequestSecurityToken} object.
*/
private RequestSecurityToken createRequest(String context, String requestType, String tokenType,
@@ -1276,15 +1301,7 @@
if (tokenType != null)
request.setTokenType(URI.create(tokenType));
if (appliesToString != null)
- {
- AttributedURIType attributedURI = new AttributedURIType();
- attributedURI.setValue(appliesToString);
- EndpointReferenceType reference = new EndpointReferenceType();
- reference.setAddress(attributedURI);
- AppliesTo appliesTo = new AppliesTo();
- appliesTo.getAny().add(new ObjectFactory().createEndpointReference(reference));
- request.setAppliesTo(appliesTo);
- }
+ request.setAppliesTo(WSTrustUtil.createAppliesTo(appliesToString));
return request;
}
@@ -1294,7 +1311,8 @@
* </p>
*
* @return an {@code Element} representing the unknown token.
- * @throws Exception if an error occurs while creating the token.
+ * @throws Exception
+ * if an error occurs while creating the token.
*/
private Element createUnknownToken() throws Exception
{
@@ -1315,11 +1333,15 @@
* Obtains the {@code Certificate} stored under the specified alias in the specified keystore.
* </p>
*
- * @param keyStoreFile the name of the file that contains a JKS keystore.
- * @param passwd the keystore password.
- * @param certificateAlias the alias of a certificate in the keystore.
+ * @param keyStoreFile
+ * the name of the file that contains a JKS keystore.
+ * @param passwd
+ * the keystore password.
+ * @param certificateAlias
+ * the alias of a certificate in the keystore.
* @return a reference to the {@code Certificate} stored under the given alias.
- * @throws Exception if an error occurs while handling the keystore.
+ * @throws Exception
+ * if an error occurs while handling the keystore.
*/
private Certificate getCertificate(String keyStoreFile, String passwd, String certificateAlias) throws Exception
{
@@ -1333,9 +1355,9 @@
private Source createSourceFromRequest(RequestSecurityToken request) throws Exception
{
- // write the request XML to a byte[]
+ // write the request XML to a DOMResult
DOMResult result = new DOMResult(DocumentUtil.createDocument());
- WSTrustRSTWriter writer = new WSTrustRSTWriter(result);
+ WSTrustRequestWriter writer = new WSTrustRequestWriter(result);
writer.write(request);
return new DOMSource(result.getNode());
}
@@ -1441,7 +1463,8 @@
* Sets the principal to be used in the test case.
* </p>
*
- * @param principal the {@code Principal} to be set.
+ * @param principal
+ * the {@code Principal} to be set.
*/
public void setUserPrincipal(Principal principal)
{
Modified: federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/wstrust/SAML20TokenProviderUnitTestCase.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/wstrust/SAML20TokenProviderUnitTestCase.java 2010-11-25 22:20:20 UTC (rev 566)
+++ federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/wstrust/SAML20TokenProviderUnitTestCase.java 2010-11-30 00:32:39 UTC (rev 567)
@@ -35,19 +35,22 @@
import javax.xml.bind.JAXBElement;
import javax.xml.bind.Unmarshaller;
import javax.xml.namespace.QName;
+import javax.xml.transform.Source;
+import javax.xml.transform.dom.DOMResult;
import javax.xml.transform.dom.DOMSource;
import junit.framework.TestCase;
+import org.picketlink.identity.federation.core.saml.v2.util.DocumentUtil;
import org.picketlink.identity.federation.core.wstrust.StandardSecurityToken;
import org.picketlink.identity.federation.core.wstrust.WSTrustConstants;
-import org.picketlink.identity.federation.core.wstrust.WSTrustJAXBFactory;
import org.picketlink.identity.federation.core.wstrust.WSTrustRequestContext;
import org.picketlink.identity.federation.core.wstrust.WSTrustUtil;
import org.picketlink.identity.federation.core.wstrust.plugins.saml.SAML20TokenProvider;
import org.picketlink.identity.federation.core.wstrust.plugins.saml.SAMLUtil;
import org.picketlink.identity.federation.core.wstrust.wrappers.Lifetime;
import org.picketlink.identity.federation.core.wstrust.wrappers.RequestSecurityToken;
+import org.picketlink.identity.federation.core.wstrust.writers.WSTrustRequestWriter;
import org.picketlink.identity.federation.saml.v2.assertion.AssertionType;
import org.picketlink.identity.federation.saml.v2.assertion.AudienceRestrictionType;
import org.picketlink.identity.federation.saml.v2.assertion.ConditionsType;
@@ -157,8 +160,7 @@
String tokenTypeAttr = securityRef.getOtherAttributes().get(new QName(WSTrustConstants.WSSE11_NS, "TokenType"));
assertNotNull("Required attribute TokenType is missing", tokenTypeAttr);
assertEquals("TokenType attribute has an unexpected value", SAMLUtil.SAML2_TOKEN_TYPE, tokenTypeAttr);
- JAXBElement<?> keyIdElement = (JAXBElement<?>) securityRef.getAny().get(0);
- KeyIdentifierType keyId = (KeyIdentifierType) keyIdElement.getValue();
+ KeyIdentifierType keyId = (KeyIdentifierType) securityRef.getAny().get(0);
assertEquals("Unexpected key value type", SAMLUtil.SAML2_VALUE_TYPE, keyId.getValueType());
assertNotNull("Unexpected null key identifier value", keyId.getValue());
assertEquals(assertion.getID(), keyId.getValue().substring(1));
@@ -346,7 +348,7 @@
validateTarget.setAny(assertion);
request.setValidateTarget(validateTarget);
// we need to set the request document in the request object for the test.
- DOMSource requestSource = (DOMSource) WSTrustJAXBFactory.getInstance().marshallRequestSecurityToken(request);
+ DOMSource requestSource = (DOMSource) this.createSourceFromRequest(request);
request.setRSTDocument((Document) requestSource.getNode());
WSTrustRequestContext context = new WSTrustRequestContext(request, new TestPrincipal("sguilhen"));
@@ -373,4 +375,12 @@
Certificate certificate = keyStore.getCertificate(certificateAlias);
return certificate;
}
+
+ private Source createSourceFromRequest(RequestSecurityToken request) throws Exception
+ {
+ DOMResult result = new DOMResult(DocumentUtil.createDocument());
+ WSTrustRequestWriter writer = new WSTrustRequestWriter(result);
+ writer.write(request);
+ return new DOMSource(result.getNode());
+ }
}
Deleted: federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/wstrust/STSClientUnitTestCase.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/wstrust/STSClientUnitTestCase.java 2010-11-25 22:20:20 UTC (rev 566)
+++ federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/wstrust/STSClientUnitTestCase.java 2010-11-30 00:32:39 UTC (rev 567)
@@ -1,283 +0,0 @@
-/*
- * JBoss, Home of Professional Open Source.
- * Copyright 2008, Red Hat Middleware LLC, and individual contributors
- * as indicated by the @author tags. See the copyright.txt file in the
- * distribution for a full listing of individual contributors.
- *
- * This is free software; you can redistribute it and/or modify it
- * under the terms of the GNU Lesser General Public License as
- * published by the Free Software Foundation; either version 2.1 of
- * the License, or (at your option) any later version.
- *
- * This software is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public
- * License along with this software; if not, write to the Free
- * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
- * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
- */
-package org.picketlink.test.identity.federation.core.wstrust;
-
-import java.net.MalformedURLException;
-import java.net.URI;
-import java.net.URL;
-import java.security.KeyStore;
-import java.security.PublicKey;
-import java.util.Map;
-
-import javax.xml.bind.JAXBException;
-import javax.xml.namespace.QName;
-import javax.xml.soap.SOAPBody;
-import javax.xml.soap.SOAPEnvelope;
-import javax.xml.soap.SOAPPart;
-import javax.xml.transform.Result;
-import javax.xml.transform.Source;
-import javax.xml.transform.Transformer;
-import javax.xml.transform.TransformerFactory;
-import javax.xml.transform.dom.DOMSource;
-import javax.xml.transform.stream.StreamResult;
-import javax.xml.ws.BindingProvider;
-import javax.xml.ws.Dispatch;
-import javax.xml.ws.Service;
-import javax.xml.ws.Service.Mode;
-import javax.xml.ws.soap.SOAPBinding;
-
-import junit.framework.TestCase;
-
-import org.picketlink.identity.federation.core.wstrust.STSClient;
-import org.picketlink.identity.federation.core.saml.v2.util.DocumentUtil;
-import org.picketlink.identity.federation.core.util.KeyStoreUtil;
-import org.picketlink.identity.federation.core.util.XMLSignatureUtil;
-import org.picketlink.identity.federation.core.wstrust.STSClientConfig;
-import org.picketlink.identity.federation.core.wstrust.WSTrustConstants;
-import org.picketlink.identity.federation.core.wstrust.WSTrustJAXBFactory;
-import org.picketlink.identity.federation.core.wstrust.STSClientConfig.Builder;
-import org.picketlink.identity.federation.core.wstrust.plugins.saml.SAMLUtil;
-import org.picketlink.identity.federation.core.wstrust.wrappers.RequestSecurityToken;
-import org.picketlink.identity.federation.core.wstrust.wrappers.RequestSecurityTokenResponse;
-import org.picketlink.identity.federation.core.wstrust.wrappers.RequestSecurityTokenResponseCollection;
-import org.picketlink.identity.federation.ws.trust.StatusType;
-import org.picketlink.identity.federation.ws.trust.ValidateTargetType;
-import org.w3c.dom.Document;
-import org.w3c.dom.Element;
-import org.w3c.dom.Node;
-import org.w3c.dom.NodeList;
-
-/**
- * Unit tests for WS-Trust STS Clients
- * @author Anil.Saldhana(a)redhat.com
- * @since Aug 26, 2009
- */
-public class STSClientUnitTestCase extends TestCase
-{
- //Specify whether this test is run as part of build
- private boolean usetest = false;
-
-
- public void testSTS() throws Exception
- {
- if(usetest == false)
- return;
-
- // create a dispatch object to invoke JBoss STSs.
- Dispatch<Source> dispatch = createDispatch();
-
- // create a custom token request message.
- RequestSecurityToken request = new RequestSecurityToken();
- request.setTokenType(URI.create(SAMLUtil.SAML2_TOKEN_TYPE));
- request.setRequestType(URI.create(WSTrustConstants.ISSUE_REQUEST));
- request.setContext("context");
-
- // send the token request to JBoss STS and get the response.
- WSTrustJAXBFactory jaxbFactory = WSTrustJAXBFactory.getInstance();
- DOMSource requestSource = (DOMSource) jaxbFactory.marshallRequestSecurityToken(request);
- Source response = dispatch.invoke(requestSource);
-
- Node documentNode = ((DOMSource) response).getNode();
- Document responseDoc = documentNode instanceof Document ? (Document) documentNode : documentNode.getOwnerDocument();
-
-
- Document myDocument = DocumentUtil.createDocument();
-
- Node importedNode = myDocument.importNode(responseDoc.getDocumentElement(), true);
-
- myDocument.appendChild(importedNode);
-
- NodeList nodes = null;
- if(responseDoc instanceof SOAPPart)
- {
- SOAPPart soapPart = (SOAPPart) responseDoc;
- SOAPEnvelope env = soapPart.getEnvelope();
- SOAPBody body = env.getBody();
- Node data = body.getFirstChild();
- nodes = ((Element)data).getElementsByTagName("RequestedSecurityToken");
- }
- else
- nodes = responseDoc.getElementsByTagNameNS(WSTrustConstants.BASE_NAMESPACE, "RequestedSecurityToken");
-
- assertNotNull("Nodelist not null", nodes);
- Node rstr = nodes.item(0);
- /*RequestSecurityTokenResponseCollection responseCollection = (RequestSecurityTokenResponseCollection) jaxbFactory.parseRequestSecurityTokenResponse(response);
- RequestSecurityTokenResponse tokenResponse = responseCollection.getRequestSecurityTokenResponses().get(0);
-
- // the SAML assertion is returned as an Element.
- Element assertion = (Element) tokenResponse.getRequestedSecurityToken().getAny();*/
- Element assertion = (Element) rstr.getFirstChild();
- System.out.println("NAMESPACE=" + assertion.getNamespaceURI());
-
-// PublicKey key = getValidatingKey();
-// Document validate = DocumentUtil.createDocument();
-// validate.appendChild(validate.importNode(assertion, true));
-// System.out.println("Is token valid? " + XMLSignatureUtil.validate(validate, key));
-
- // print the assertion for demonstration purposes.
- System.out.println("\nSuccessfully issued a standard SAMLV2.0 Assertion!");
- printAssertion(assertion);
-
- ClassLoader tcl = Thread.currentThread().getContextClassLoader();
- KeyStore ks = KeyStoreUtil.getKeyStore(tcl.getResource("keystore/sts_keystore.jks")
- , "testpass".toCharArray());
-
- PublicKey pk = KeyStoreUtil.getPublicKey(ks, "sts", "keypass".toCharArray());
-
- assertNotNull("Public key is not null", pk);
- Document tokenDocument = DocumentUtil.createDocument();
- importedNode = tokenDocument.importNode(assertion, true);
- tokenDocument.appendChild(importedNode);
-
- //System.out.println("Going to validate:" + DocumentUtil.getDocumentAsString(tokenDocument));
- //assertTrue("SignedInfo valid", XMLSignatureUtil.preCheckSignedInfo(tokenDocument));
- //Locally we will validate the assertion
- assertTrue("Recieved assertion sig valid", XMLSignatureUtil.validate(tokenDocument, pk));
-
- // let's validate the received SAML assertion.
- request.getAny().clear();
- request.setTokenType(URI.create(WSTrustConstants.STATUS_TYPE));
- request.setRequestType(URI.create(WSTrustConstants.VALIDATE_REQUEST));
- ValidateTargetType validateTarget = new ValidateTargetType();
- validateTarget.setAny(assertion);
- request.setValidateTarget(validateTarget);
-
- requestSource = (DOMSource) jaxbFactory.marshallRequestSecurityToken(request);
-
- response = dispatch.invoke(requestSource);
- RequestSecurityTokenResponseCollection
- responseCollection = (RequestSecurityTokenResponseCollection) jaxbFactory
- .parseRequestSecurityTokenResponse(response);
- RequestSecurityTokenResponse tokenResponse = responseCollection.getRequestSecurityTokenResponses().get(0);
-
- StatusType status = tokenResponse.getStatus();
- if (status != null)
- {
- String code = status.getCode();
- assertFalse("Signature is valid", WSTrustConstants.STATUS_CODE_INVALID.equals(code));
-
- System.out.println("\n\nSAMLV2.0 Assertion successfuly validated!");
- System.out.println("Validation status code: " + tokenResponse.getStatus().getCode());
- System.out.println("Validation status reason: " + tokenResponse.getStatus().getReason());
- }
- else
- System.out.println("\n\nFailed to validate SAMLV2.0 Assertion");
- }
-
- public void testIssue_Validate_Renew() throws Exception
- {
- if(usetest == false)
- return;
-
- String serviceName = "PicketLinkSTS";
- String portName = "PicketLinkSTSPort";
- String endpointAddress = "http://localhost:8080/jboss-sts/PicketLinkSTS";
- Builder builder = new STSClientConfig.Builder();
- STSClientConfig config = builder.serviceName(serviceName).portName(portName).endpointAddress(endpointAddress).username("admin").password("admin").build();
- STSClient client = new STSClient(config);
- Element token = client.issueToken(SAMLUtil.SAML2_TOKEN_TYPE);
- assertTrue("Token is valid" , client.validateToken(token));
-
- Element renewedToken = client.renewToken(SAMLUtil.SAML2_TOKEN_TYPE, token);
- System.out.println("Renewed Token=" + DocumentUtil.getNodeAsString(renewedToken));
- }
-
- public void testIssue_Validate_Renew_Using_AppliesTo() throws Exception
- {
- if(usetest == false)
- return;
-
- Builder stsConfigBuilder = new STSClientConfig.Builder();
- stsConfigBuilder.serviceName("PicketLinkSTS");
- stsConfigBuilder.portName("PicketLinkSTSPort");
- stsConfigBuilder.endpointAddress("http://localhost:8080/jboss-sts/PicketLinkSTS");
- stsConfigBuilder.username("admin").password("admin");
- STSClient client = new STSClient(stsConfigBuilder.build());
-
- // This endpointURI is specified in src/test/resource/jboss-sts.xml
- String endpointURI = "http://services.testcorp.org/provider2";
-
- Element token = client.issueTokenForEndpoint(endpointURI);
- assertTrue("Token is valid" , client.validateToken(token));
-
- Element renewedToken = client.renewToken(SAMLUtil.SAML2_TOKEN_TYPE, token);
- System.out.println("Renewed Token=" + DocumentUtil.getNodeAsString(renewedToken));
- }
-
- public void testIssue_Neither_AppliesTo_Or_TokenType_Specified()
- {
- if(usetest == false)
- return;
-
- Builder stsConfigBuilder = new STSClientConfig.Builder();
- stsConfigBuilder.serviceName("PicketLinkSTS");
- stsConfigBuilder.portName("PicketLinkSTSPort");
- stsConfigBuilder.endpointAddress("http://localhost:8080/jboss-sts/PicketLinkSTS");
- stsConfigBuilder.username("admin").password("admin");
- STSClient client = new STSClient(stsConfigBuilder.build());
-
- try
- {
- client.issueToken(null, null);
- fail("issueTokenForEndpoint should throw an exception if endpointURI and tokenType are null");
- }
- catch(Exception e)
- {
- assertTrue("Excpetion was not of type IllegalException", e instanceof IllegalArgumentException);
- }
- }
-
-
- private Dispatch<Source> createDispatch() throws MalformedURLException, JAXBException
- {
- // JBoss STS target information.
- String targetNS = "http://org.picketlink.trust/sts/";
- QName serviceName = new QName(targetNS, "PicketLinkSTS");
- QName portName = new QName(targetNS, "PicketLinkSTSPort");
- URL endpointAddress = new URL("http://localhost:8080/jboss-sts/PicketLinkSTS");
-// URL securityConfigURL = new File("jboss-wsse-client.xml").toURI().toURL();
-
- Service service = Service.create(serviceName);
- service.addPort(portName, SOAPBinding.SOAP11HTTP_BINDING, endpointAddress.toExternalForm());
-
- // create the dispatch, setting the client security configuration file.
- Dispatch<Source> dispatch = service.createDispatch(portName, Source.class, Mode.PAYLOAD);
-// ((ConfigProvider) dispatch).setSecurityConfig(securityConfigURL.toExternalForm());
-// ((ConfigProvider) dispatch).setConfigName("Standard WSSecurity Client");
-
- // add the username and password to the request context.
- Map<String, Object> reqContext = dispatch.getRequestContext();
- reqContext.put(BindingProvider.USERNAME_PROPERTY, "admin");
- reqContext.put(BindingProvider.PASSWORD_PROPERTY, "admin");
-
- return dispatch;
- }
-
- private void printAssertion(Element assertion) throws Exception
- {
- TransformerFactory tranFactory = TransformerFactory.newInstance();
- Transformer aTransformer = tranFactory.newTransformer();
- Source src = new DOMSource(assertion);
- Result dest = new StreamResult(System.out);
- aTransformer.transform(src, dest);
- }
-}
\ No newline at end of file
Modified: federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/wstrust/SpecialTokenProvider.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/wstrust/SpecialTokenProvider.java 2010-11-25 22:20:20 UTC (rev 566)
+++ federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/wstrust/SpecialTokenProvider.java 2010-11-30 00:32:39 UTC (rev 567)
@@ -95,10 +95,14 @@
String namespaceURI = "http://www.tokens.org";
Element root = doc.createElementNS(namespaceURI, "token:SpecialToken");
- root.appendChild(doc.createTextNode("Principal:" + caller));
+ Element child = doc.createElementNS(namespaceURI, "token:SpecialTokenValue");
+ child.appendChild(doc.createTextNode("Principal:" + caller));
+ root.appendChild(child);
String id = IDGenerator.create("ID_");
root.setAttributeNS(namespaceURI, "ID", id);
root.setAttributeNS(namespaceURI, "TokenType", tokenType.toString());
+ root.setAttributeNS("http://www.w3.org/2000/xmlns/", "xmlns:token", namespaceURI);
+
doc.appendChild(root);
SecurityToken token = new StandardSecurityToken(tokenType.toString(), root, id);
Deleted: federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/wstrust/WSTrustJAXBFactoryUnitTestCase.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/wstrust/WSTrustJAXBFactoryUnitTestCase.java 2010-11-25 22:20:20 UTC (rev 566)
+++ federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/wstrust/WSTrustJAXBFactoryUnitTestCase.java 2010-11-30 00:32:39 UTC (rev 567)
@@ -1,186 +0,0 @@
-/*
- * JBoss, Home of Professional Open Source.
- * Copyright 2009, Red Hat Middleware LLC, and individual contributors
- * as indicated by the @author tags. See the copyright.txt file in the
- * distribution for a full listing of individual contributors.
- *
- * This is free software; you can redistribute it and/or modify it
- * under the terms of the GNU Lesser General Public License as
- * published by the Free Software Foundation; either version 2.1 of
- * the License, or (at your option) any later version.
- *
- * This software is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public
- * License along with this software; if not, write to the Free
- * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
- * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
- */
-package org.picketlink.test.identity.federation.core.wstrust;
-
-import java.net.URI;
-
-import javax.xml.transform.Source;
-import javax.xml.transform.dom.DOMSource;
-
-import junit.framework.TestCase;
-
-import org.picketlink.identity.federation.core.saml.v2.util.DocumentUtil;
-import org.picketlink.identity.federation.core.wstrust.WSTrustJAXBFactory;
-import org.picketlink.identity.federation.core.wstrust.wrappers.BaseRequestSecurityToken;
-import org.picketlink.identity.federation.core.wstrust.wrappers.BaseRequestSecurityTokenResponse;
-import org.picketlink.identity.federation.core.wstrust.wrappers.RequestSecurityToken;
-import org.picketlink.identity.federation.core.wstrust.wrappers.RequestSecurityTokenResponse;
-import org.picketlink.identity.federation.core.wstrust.wrappers.RequestSecurityTokenResponseCollection;
-import org.w3c.dom.Document;
-
-/**
- * <p>
- * This {@code TestCase} tests the methods of the {@code WSTrustJAXBFactory}.
- * </p>
- *
- * @author <a href="mailto:sguilhen@redhat.com">Stefan Guilhen</a>
- */
-public class WSTrustJAXBFactoryUnitTestCase extends TestCase
-{
-
- /**
- * <p>
- * Tests parsing a WS-Trust request message.
- * </p>
- *
- * @throws Exception
- * if an error occurs while running the test.
- */
- public void testParseRequestSecurityToken() throws Exception
- {
- // load a sample ws-trust request from a test file.
- Document document = DocumentUtil
- .getDocument(this.getClass().getResourceAsStream("/wstrust/ws-trust-request.xml"));
-
- // encapsulate the request in a source object.
- Source source = new DOMSource(document);
-
- // parse the request using the WSTrustJAXBFactory.
- WSTrustJAXBFactory factory = WSTrustJAXBFactory.getInstance();
- BaseRequestSecurityToken baseRequest = factory.parseRequestSecurityToken(source);
- assertNotNull("Unexpected null request message", baseRequest);
-
- // check the contents of the parsed request.
- assertTrue("Unexpected request message type", baseRequest instanceof RequestSecurityToken);
- RequestSecurityToken parsedRequest = (RequestSecurityToken) baseRequest;
- assertEquals("Unexpected context name", "testcontext", parsedRequest.getContext());
- assertEquals("Unexpected token type", "http://www.tokens.org/SpecialToken", parsedRequest.getTokenType().toString());
- assertEquals("Unexpected request type", "http://docs.oasis-open.org/ws-sx/ws-trust/200512/Issue", parsedRequest
- .getRequestType().toString());
- }
-
- /**
- * <p>
- * Tests parsing a WS-Trust response message.
- * </p>
- *
- * @throws Exception
- * if an error occurs while running the test.
- */
- public void testParseRequestSecurityTokenResponse() throws Exception
- {
- // load a ws-trust response from a file.
- Document document = DocumentUtil.getDocument(this.getClass()
- .getResourceAsStream("/wstrust/ws-trust-response.xml"));
-
- // encapsulate the response in a source object.
- Source source = new DOMSource(document);
-
- // parse the response using the WSTrustJAXBFactory.
- WSTrustJAXBFactory factory = WSTrustJAXBFactory.getInstance();
- BaseRequestSecurityTokenResponse baseResponse = factory.parseRequestSecurityTokenResponse(source);
- assertNotNull("Unexpected null response message", baseResponse);
-
- // check the contents of the parsed response.
- assertTrue("Unexpected response message type", baseResponse instanceof RequestSecurityTokenResponseCollection);
- RequestSecurityTokenResponseCollection parsedCollection = (RequestSecurityTokenResponseCollection) baseResponse;
- assertNotNull("Unexpected null response list", parsedCollection.getRequestSecurityTokenResponses());
- assertEquals("Unexpected number of responses", 1, parsedCollection.getRequestSecurityTokenResponses().size());
-
- RequestSecurityTokenResponse parsedResponse = parsedCollection.getRequestSecurityTokenResponses().get(0);
- assertEquals("Unexpected context name", "testcontext", parsedResponse.getContext());
- assertEquals("Unexpected token type", "http://www.tokens.org/SpecialToken", parsedResponse.getTokenType()
- .toString());
- assertFalse(parsedResponse.isForwardable());
- }
-
- /**
- * <p>
- * Tests the marshalling of a WS-Trust request.
- * </p>
- *
- * @throws Exception
- * if an error occurs while running the test.
- */
- public void testMarshallRequestSecurityToken() throws Exception
- {
- // create a request object.
- RequestSecurityToken request = new RequestSecurityToken();
- request.setContext("testcontext");
- request.setTokenType(new URI("http://www.tokens.org/SpecialToken"));
- request.setRequestType(new URI("http://docs.oasis-open.org/ws-sx/ws-trust/200512/Issue"));
-
- // use the factory to marshall the request.
- WSTrustJAXBFactory factory = WSTrustJAXBFactory.getInstance();
- Source source = factory.marshallRequestSecurityToken(request);
- assertNotNull("Unexpected null source", source);
- assertTrue("Unexpected source type", source instanceof DOMSource);
-
- // at this point we know that the parsing works, so parse the generated source and compare to the original request.
- BaseRequestSecurityToken baseRequest = factory.parseRequestSecurityToken(source);
- assertNotNull("Unexpected null value for the parsed request", baseRequest);
- assertTrue("Unexpected parsed request type", baseRequest instanceof RequestSecurityToken);
- RequestSecurityToken parsedRequest = (RequestSecurityToken) baseRequest;
- assertEquals("Unexpected context value", request.getContext(), parsedRequest.getContext());
- assertTrue("Unexpected token type", request.getTokenType().equals(parsedRequest.getTokenType()));
- assertTrue("Unexpected request type", request.getRequestType().equals(parsedRequest.getRequestType()));
- }
-
- /**
- * <p>
- * Tests the marshalling of a WS-Trust response.
- * </p>
- *
- * @throws Exception
- * if an error occurs while running the test.
- */
- public void testMarshallRequestSecurityTokenResponse() throws Exception
- {
- // create a sample ws-trust response message.
- RequestSecurityTokenResponse response = new RequestSecurityTokenResponse();
- response.setContext("testcontext");
- response.setTokenType(new URI("http://www.tokens.org/SpecialToken"));
- response.setForwardable(false);
-
- RequestSecurityTokenResponseCollection collection = new RequestSecurityTokenResponseCollection();
- collection.addRequestSecurityTokenResponse(response);
-
- // use the factory to marshall the response.
- WSTrustJAXBFactory factory = WSTrustJAXBFactory.getInstance();
- Source source = factory.marshallRequestSecurityTokenResponse(collection);
- assertNotNull("Unexpected null source", source);
- assertTrue("Unexpected source type", source instanceof DOMSource);
-
- // at this point we know that the parsing works, so parse the generated source and compare to the original response.
- BaseRequestSecurityTokenResponse baseResponse = factory.parseRequestSecurityTokenResponse(source);
- assertNotNull("Unexpected null value for the parsed response", baseResponse);
- assertTrue("Unexpected parsed request type", baseResponse instanceof RequestSecurityTokenResponseCollection);
- RequestSecurityTokenResponseCollection parsedCollection = (RequestSecurityTokenResponseCollection) baseResponse;
- assertNotNull("Unexpected null response list", parsedCollection.getRequestSecurityTokenResponses());
- assertEquals("Unexpected number of responses", 1, parsedCollection.getRequestSecurityTokenResponses().size());
-
- RequestSecurityTokenResponse parsedResponse = parsedCollection.getRequestSecurityTokenResponses().get(0);
- assertEquals("Unexpected context value", response.getContext(), parsedResponse.getContext());
- assertTrue("Unexpected token type", response.getTokenType().equals(parsedResponse.getTokenType()));
- assertFalse(parsedResponse.isForwardable());
- }
-}
Added: federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/ws/trust/ComputedKeyType.java
===================================================================
--- federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/ws/trust/ComputedKeyType.java (rev 0)
+++ federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/ws/trust/ComputedKeyType.java 2010-11-30 00:32:39 UTC (rev 567)
@@ -0,0 +1,72 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2009, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.picketlink.identity.federation.ws.trust;
+
+public class ComputedKeyType
+{
+ private String algorithm;
+
+ /**
+ * <p>
+ * Creates an instance of {@code ComputedKeyType}.
+ * </p>
+ */
+ public ComputedKeyType()
+ {
+ }
+
+ /**
+ * <p>
+ * Creates an instance of {@code ComputedKeyType} with the specified algorithm.
+ * </p>
+ *
+ * @param algorithm the computed key algorithm.
+ */
+ public ComputedKeyType(String algorithm)
+ {
+ this.algorithm = algorithm;
+ }
+
+ /**
+ * <p>
+ * Obtains the algorithm used to compute the shared secret key.
+ * </p>
+ *
+ * @return a {@code String} representing the computed key algorithm.
+ */
+ public String getAlgorithm()
+ {
+ return this.algorithm;
+ }
+
+ /**
+ * <p>
+ * Sets the algorithm used to compute the shared secret key.
+ * </p>
+ *
+ * @param algorithm a {@code String} representing the computed key algorithm.
+ */
+ public void setAlgorithm(String algorithm)
+ {
+ this.algorithm = algorithm;
+ }
+}
14 years, 1 month
Picketlink SVN: r566 - in idm/branches/1.1.0: assembly and 18 other directories.
by picketlink-commits@lists.jboss.org
Author: bdaw
Date: 2010-11-25 17:20:20 -0500 (Thu, 25 Nov 2010)
New Revision: 566
Modified:
idm/branches/1.1.0/assembly/pom.xml
idm/branches/1.1.0/example/auth-simple/pom.xml
idm/branches/1.1.0/example/auth/pom.xml
idm/branches/1.1.0/example/simple/pom.xml
idm/branches/1.1.0/integration/deployer/pom.xml
idm/branches/1.1.0/integration/jboss5/pom.xml
idm/branches/1.1.0/integration/pom.xml
idm/branches/1.1.0/parent/pom.xml
idm/branches/1.1.0/picketlink-idm-api/pom.xml
idm/branches/1.1.0/picketlink-idm-auth/pom.xml
idm/branches/1.1.0/picketlink-idm-cache/pom.xml
idm/branches/1.1.0/picketlink-idm-common/pom.xml
idm/branches/1.1.0/picketlink-idm-core/pom.xml
idm/branches/1.1.0/picketlink-idm-docs/ReferenceGuide/pom.xml
idm/branches/1.1.0/picketlink-idm-docs/pom.xml
idm/branches/1.1.0/picketlink-idm-hibernate/pom.xml
idm/branches/1.1.0/picketlink-idm-ldap/pom.xml
idm/branches/1.1.0/picketlink-idm-spi/pom.xml
idm/branches/1.1.0/picketlink-idm-testsuite/pom.xml
idm/branches/1.1.0/pom.xml
Log:
[maven-release-plugin] prepare for next development iteration
Modified: idm/branches/1.1.0/assembly/pom.xml
===================================================================
--- idm/branches/1.1.0/assembly/pom.xml 2010-11-25 22:19:40 UTC (rev 565)
+++ idm/branches/1.1.0/assembly/pom.xml 2010-11-25 22:20:20 UTC (rev 566)
@@ -8,7 +8,7 @@
<parent>
<groupId>org.picketlink.idm</groupId>
<artifactId>picketlink-idm-parent</artifactId>
- <version>1.1.7.GA</version>
+ <version>1.1.8.CR01-SNAPSHOT</version>
<relativePath>../parent</relativePath>
</parent>
Modified: idm/branches/1.1.0/example/auth/pom.xml
===================================================================
--- idm/branches/1.1.0/example/auth/pom.xml 2010-11-25 22:19:40 UTC (rev 565)
+++ idm/branches/1.1.0/example/auth/pom.xml 2010-11-25 22:20:20 UTC (rev 566)
@@ -1,7 +1,7 @@
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
<modelVersion>4.0.0</modelVersion>
<groupId>org.picketlink.idm.example</groupId>
- <version>1.1.7.GA</version>
+ <version>1.1.8.CR01-SNAPSHOT</version>
<artifactId>example-auth</artifactId>
<packaging>jar</packaging>
<name>Example - JEE authentication</name>
Modified: idm/branches/1.1.0/example/auth-simple/pom.xml
===================================================================
--- idm/branches/1.1.0/example/auth-simple/pom.xml 2010-11-25 22:19:40 UTC (rev 565)
+++ idm/branches/1.1.0/example/auth-simple/pom.xml 2010-11-25 22:20:20 UTC (rev 566)
@@ -1,7 +1,7 @@
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
<modelVersion>4.0.0</modelVersion>
<groupId>org.picketlink.idm.example</groupId>
- <version>1.1.7.GA</version>
+ <version>1.1.8.CR01-SNAPSHOT</version>
<artifactId>example-auth-simple</artifactId>
<packaging>jar</packaging>
<name>Example - JEE authentication (using deployer)</name>
Modified: idm/branches/1.1.0/example/simple/pom.xml
===================================================================
--- idm/branches/1.1.0/example/simple/pom.xml 2010-11-25 22:19:40 UTC (rev 565)
+++ idm/branches/1.1.0/example/simple/pom.xml 2010-11-25 22:20:20 UTC (rev 566)
@@ -1,7 +1,7 @@
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
<modelVersion>4.0.0</modelVersion>
<groupId>org.picketlink.idm.example</groupId>
- <version>1.1.7.GA</version>
+ <version>1.1.8.CR01-SNAPSHOT</version>
<artifactId>example-simple</artifactId>
<packaging>jar</packaging>
<name>Example - Simple PicketLink IDM Maven2 project</name>
Modified: idm/branches/1.1.0/integration/deployer/pom.xml
===================================================================
--- idm/branches/1.1.0/integration/deployer/pom.xml 2010-11-25 22:19:40 UTC (rev 565)
+++ idm/branches/1.1.0/integration/deployer/pom.xml 2010-11-25 22:20:20 UTC (rev 566)
@@ -10,7 +10,7 @@
<parent>
<groupId>org.picketlink.idm</groupId>
<artifactId>picketlink-idm-integration</artifactId>
- <version>1.1.7.GA</version>
+ <version>1.1.8.CR01-SNAPSHOT</version>
</parent>
<properties>
Modified: idm/branches/1.1.0/integration/jboss5/pom.xml
===================================================================
--- idm/branches/1.1.0/integration/jboss5/pom.xml 2010-11-25 22:19:40 UTC (rev 565)
+++ idm/branches/1.1.0/integration/jboss5/pom.xml 2010-11-25 22:20:20 UTC (rev 566)
@@ -10,7 +10,7 @@
<parent>
<groupId>org.picketlink.idm</groupId>
<artifactId>picketlink-idm-integration</artifactId>
- <version>1.1.7.GA</version>
+ <version>1.1.8.CR01-SNAPSHOT</version>
</parent>
<dependencies>
Modified: idm/branches/1.1.0/integration/pom.xml
===================================================================
--- idm/branches/1.1.0/integration/pom.xml 2010-11-25 22:19:40 UTC (rev 565)
+++ idm/branches/1.1.0/integration/pom.xml 2010-11-25 22:20:20 UTC (rev 566)
@@ -12,7 +12,7 @@
<parent>
<groupId>org.picketlink.idm</groupId>
<artifactId>picketlink-idm-parent</artifactId>
- <version>1.1.7.GA</version>
+ <version>1.1.8.CR01-SNAPSHOT</version>
<relativePath>../parent/pom.xml</relativePath>
</parent>
Modified: idm/branches/1.1.0/parent/pom.xml
===================================================================
--- idm/branches/1.1.0/parent/pom.xml 2010-11-25 22:19:40 UTC (rev 565)
+++ idm/branches/1.1.0/parent/pom.xml 2010-11-25 22:20:20 UTC (rev 566)
@@ -8,7 +8,7 @@
<groupId>org.picketlink.idm</groupId>
<artifactId>picketlink-idm-parent</artifactId>
<packaging>pom</packaging>
- <version>1.1.7.GA</version>
+ <version>1.1.8.CR01-SNAPSHOT</version>
<name>PicketLink IDM- Parent</name>
<url>http://labs.jboss.org/portal/jbosssecurity/</url>
<description>PicketLink is a cross-cutting project that handles identity needs for the JEMS projects</description>
@@ -520,10 +520,4 @@
</dependency>
</dependencies>
</dependencyManagement>
-
- <scm>
- <connection>scm:svn:http://anonsvn.jboss.org/repos/maven/poms/jboss-parent-pom/tags/1...</connection>
- <developerConnection>scm:svn:https://svn.jboss.org/repos/maven/poms/jboss-parent-pom/tags/1.1....</developerConnection>
- <url>http://anonsvn.jboss.org/repos/maven/poms/jboss-parent-pom/tags/1.1.7.GA</url>
- </scm>
</project>
Modified: idm/branches/1.1.0/picketlink-idm-api/pom.xml
===================================================================
--- idm/branches/1.1.0/picketlink-idm-api/pom.xml 2010-11-25 22:19:40 UTC (rev 565)
+++ idm/branches/1.1.0/picketlink-idm-api/pom.xml 2010-11-25 22:20:20 UTC (rev 566)
@@ -2,7 +2,7 @@
<parent>
<groupId>org.picketlink.idm</groupId>
<artifactId>picketlink-idm-parent</artifactId>
- <version>1.1.7.GA</version>
+ <version>1.1.8.CR01-SNAPSHOT</version>
<relativePath>../parent</relativePath>
</parent>
<modelVersion>4.0.0</modelVersion>
Modified: idm/branches/1.1.0/picketlink-idm-auth/pom.xml
===================================================================
--- idm/branches/1.1.0/picketlink-idm-auth/pom.xml 2010-11-25 22:19:40 UTC (rev 565)
+++ idm/branches/1.1.0/picketlink-idm-auth/pom.xml 2010-11-25 22:20:20 UTC (rev 566)
@@ -2,7 +2,7 @@
<parent>
<groupId>org.picketlink.idm</groupId>
<artifactId>picketlink-idm-parent</artifactId>
- <version>1.1.7.GA</version>
+ <version>1.1.8.CR01-SNAPSHOT</version>
<relativePath>../parent</relativePath>
</parent>
<modelVersion>4.0.0</modelVersion>
Modified: idm/branches/1.1.0/picketlink-idm-cache/pom.xml
===================================================================
--- idm/branches/1.1.0/picketlink-idm-cache/pom.xml 2010-11-25 22:19:40 UTC (rev 565)
+++ idm/branches/1.1.0/picketlink-idm-cache/pom.xml 2010-11-25 22:20:20 UTC (rev 566)
@@ -2,7 +2,7 @@
<parent>
<groupId>org.picketlink.idm</groupId>
<artifactId>picketlink-idm-parent</artifactId>
- <version>1.1.7.GA</version>
+ <version>1.1.8.CR01-SNAPSHOT</version>
<relativePath>../parent</relativePath>
</parent>
<modelVersion>4.0.0</modelVersion>
Modified: idm/branches/1.1.0/picketlink-idm-common/pom.xml
===================================================================
--- idm/branches/1.1.0/picketlink-idm-common/pom.xml 2010-11-25 22:19:40 UTC (rev 565)
+++ idm/branches/1.1.0/picketlink-idm-common/pom.xml 2010-11-25 22:20:20 UTC (rev 566)
@@ -2,7 +2,7 @@
<parent>
<groupId>org.picketlink.idm</groupId>
<artifactId>picketlink-idm-parent</artifactId>
- <version>1.1.7.GA</version>
+ <version>1.1.8.CR01-SNAPSHOT</version>
<relativePath>../parent</relativePath>
</parent>
<modelVersion>4.0.0</modelVersion>
Modified: idm/branches/1.1.0/picketlink-idm-core/pom.xml
===================================================================
--- idm/branches/1.1.0/picketlink-idm-core/pom.xml 2010-11-25 22:19:40 UTC (rev 565)
+++ idm/branches/1.1.0/picketlink-idm-core/pom.xml 2010-11-25 22:20:20 UTC (rev 566)
@@ -2,7 +2,7 @@
<parent>
<groupId>org.picketlink.idm</groupId>
<artifactId>picketlink-idm-parent</artifactId>
- <version>1.1.7.GA</version>
+ <version>1.1.8.CR01-SNAPSHOT</version>
<relativePath>../parent</relativePath>
</parent>
<modelVersion>4.0.0</modelVersion>
Modified: idm/branches/1.1.0/picketlink-idm-docs/ReferenceGuide/pom.xml
===================================================================
--- idm/branches/1.1.0/picketlink-idm-docs/ReferenceGuide/pom.xml 2010-11-25 22:19:40 UTC (rev 565)
+++ idm/branches/1.1.0/picketlink-idm-docs/ReferenceGuide/pom.xml 2010-11-25 22:20:20 UTC (rev 566)
@@ -2,7 +2,7 @@
<parent>
<groupId>org.picketlink.idm</groupId>
<artifactId>picketlink-idm-parent</artifactId>
- <version>1.1.7.GA</version>
+ <version>1.1.8.CR01-SNAPSHOT</version>
<relativePath>../../parent</relativePath>
</parent>
Modified: idm/branches/1.1.0/picketlink-idm-docs/pom.xml
===================================================================
--- idm/branches/1.1.0/picketlink-idm-docs/pom.xml 2010-11-25 22:19:40 UTC (rev 565)
+++ idm/branches/1.1.0/picketlink-idm-docs/pom.xml 2010-11-25 22:20:20 UTC (rev 566)
@@ -2,7 +2,7 @@
<parent>
<groupId>org.picketlink.idm</groupId>
<artifactId>picketlink-idm-parent</artifactId>
- <version>1.1.7.GA</version>
+ <version>1.1.8.CR01-SNAPSHOT</version>
<relativePath>../parent</relativePath>
</parent>
<modelVersion>4.0.0</modelVersion>
Modified: idm/branches/1.1.0/picketlink-idm-hibernate/pom.xml
===================================================================
--- idm/branches/1.1.0/picketlink-idm-hibernate/pom.xml 2010-11-25 22:19:40 UTC (rev 565)
+++ idm/branches/1.1.0/picketlink-idm-hibernate/pom.xml 2010-11-25 22:20:20 UTC (rev 566)
@@ -2,7 +2,7 @@
<parent>
<groupId>org.picketlink.idm</groupId>
<artifactId>picketlink-idm-parent</artifactId>
- <version>1.1.7.GA</version>
+ <version>1.1.8.CR01-SNAPSHOT</version>
<relativePath>../parent</relativePath>
</parent>
<modelVersion>4.0.0</modelVersion>
Modified: idm/branches/1.1.0/picketlink-idm-ldap/pom.xml
===================================================================
--- idm/branches/1.1.0/picketlink-idm-ldap/pom.xml 2010-11-25 22:19:40 UTC (rev 565)
+++ idm/branches/1.1.0/picketlink-idm-ldap/pom.xml 2010-11-25 22:20:20 UTC (rev 566)
@@ -2,7 +2,7 @@
<parent>
<groupId>org.picketlink.idm</groupId>
<artifactId>picketlink-idm-parent</artifactId>
- <version>1.1.7.GA</version>
+ <version>1.1.8.CR01-SNAPSHOT</version>
<relativePath>../parent</relativePath>
</parent>
<modelVersion>4.0.0</modelVersion>
Modified: idm/branches/1.1.0/picketlink-idm-spi/pom.xml
===================================================================
--- idm/branches/1.1.0/picketlink-idm-spi/pom.xml 2010-11-25 22:19:40 UTC (rev 565)
+++ idm/branches/1.1.0/picketlink-idm-spi/pom.xml 2010-11-25 22:20:20 UTC (rev 566)
@@ -2,7 +2,7 @@
<parent>
<groupId>org.picketlink.idm</groupId>
<artifactId>picketlink-idm-parent</artifactId>
- <version>1.1.7.GA</version>
+ <version>1.1.8.CR01-SNAPSHOT</version>
<relativePath>../parent</relativePath>
</parent>
<modelVersion>4.0.0</modelVersion>
Modified: idm/branches/1.1.0/picketlink-idm-testsuite/pom.xml
===================================================================
--- idm/branches/1.1.0/picketlink-idm-testsuite/pom.xml 2010-11-25 22:19:40 UTC (rev 565)
+++ idm/branches/1.1.0/picketlink-idm-testsuite/pom.xml 2010-11-25 22:20:20 UTC (rev 566)
@@ -2,7 +2,7 @@
<parent>
<groupId>org.picketlink.idm</groupId>
<artifactId>picketlink-idm-parent</artifactId>
- <version>1.1.7.GA</version>
+ <version>1.1.8.CR01-SNAPSHOT</version>
<relativePath>../parent</relativePath>
</parent>
<modelVersion>4.0.0</modelVersion>
Modified: idm/branches/1.1.0/pom.xml
===================================================================
--- idm/branches/1.1.0/pom.xml 2010-11-25 22:19:40 UTC (rev 565)
+++ idm/branches/1.1.0/pom.xml 2010-11-25 22:20:20 UTC (rev 566)
@@ -2,7 +2,7 @@
<parent>
<groupId>org.picketlink.idm</groupId>
<artifactId>picketlink-idm-parent</artifactId>
- <version>1.1.7.GA</version>
+ <version>1.1.8.CR01-SNAPSHOT</version>
<relativePath>parent</relativePath>
</parent>
<modelVersion>4.0.0</modelVersion>
@@ -14,9 +14,9 @@
<description />
<scm>
- <connection>scm:svn:http://anonsvn.jboss.org/repos/picketlink/idm/tags/1.1.7.GA</connection>
- <developerConnection>scm:svn:https://svn.jboss.org/repos/picketlink/idm/tags/1.1.7.GA</developerConnection>
- <url>http://anonsvn.jboss.org/repos/maven/poms/jboss-parent-pom/tags/1.1.7.GA</url>
+ <connection>scm:svn:http://anonsvn.jboss.org/repos/picketlink/idm/branches/1.1.0</connection>
+ <developerConnection>scm:svn:https://svn.jboss.org/repos/picketlink/idm/branches/1.1.0</developerConnection>
+ <url>http://anonsvn.jboss.org/repos/maven/poms/jboss-parent-pom/tags/jboss-par...</url>
</scm>
<profiles>
14 years, 1 month