Picketlink SVN: r535 - in federation/trunk/picketlink-fed-core/src: main/java/org/picketlink/identity/federation/core/saml/v2/writers and 2 other directories.
by picketlink-commits@lists.jboss.org
Author: anil.saldhana(a)jboss.com
Date: 2010-11-05 11:50:37 -0400 (Fri, 05 Nov 2010)
New Revision: 535
Modified:
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/util/SAMLParserUtil.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/SAMLAssertionWriter.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/util/StaxUtil.java
federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/saml/SAMLAssertionParserTestCase.java
Log:
handle the x500 attributes properly
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/util/SAMLParserUtil.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/util/SAMLParserUtil.java 2010-11-04 21:47:35 UTC (rev 534)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/util/SAMLParserUtil.java 2010-11-05 15:50:37 UTC (rev 535)
@@ -95,7 +95,7 @@
if( x500EncodingAttr != null )
{
- attributeType.getOtherAttributes().put( x500EncodingName, StaxParserUtil.getAttributeValue( x500EncodingAttr ));
+ attributeType.getOtherAttributes().put( x500EncodingAttr.getName(), StaxParserUtil.getAttributeValue( x500EncodingAttr ));
}
Attribute name = startElement.getAttributeByName( new QName( JBossSAMLConstants.NAME.get() ));
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/SAMLAssertionWriter.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/SAMLAssertionWriter.java 2010-11-04 21:47:35 UTC (rev 534)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/SAMLAssertionWriter.java 2010-11-05 15:50:37 UTC (rev 535)
@@ -24,7 +24,10 @@
import static org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLURIConstants.ASSERTION_NSURI;
import java.io.OutputStream;
+import java.util.ArrayList;
+import java.util.Iterator;
import java.util.List;
+import java.util.Map;
import javax.xml.bind.JAXBElement;
import javax.xml.datatype.XMLGregorianCalendar;
@@ -190,7 +193,15 @@
ASSERTION_NSURI.get() );
StaxUtil.writeCharacters( writer, decl );
StaxUtil.writeEndElement( writer);
- }
+ }
+ else if( elName.getLocalPart().equals( JBossSAMLConstants.AUTHN_CONTEXT_CLASS_REF.get() ))
+ {
+ String decl = (String) el.getValue();
+ StaxUtil.writeStartElement( writer, ASSERTION_PREFIX, JBossSAMLConstants.AUTHN_CONTEXT_CLASS_REF.get() ,
+ ASSERTION_NSURI.get() );
+ StaxUtil.writeCharacters( writer, decl );
+ StaxUtil.writeEndElement( writer);
+ }
else
throw new RuntimeException( "Unsupported :" + elName );
}
@@ -225,6 +236,27 @@
StaxUtil.writeAttribute( writer, JBossSAMLConstants.NAME_FORMAT.get(), friendlyName );
}
+ //Take care of other attributes such as x500:encoding
+ Map<QName, String> otherAttribs = attributeType.getOtherAttributes();
+ if( otherAttribs != null )
+ {
+ List<String> nameSpacesDealt = new ArrayList<String>();
+
+ Iterator<QName> keySet = otherAttribs.keySet().iterator();
+ while( keySet != null && keySet.hasNext() )
+ {
+ QName qname = keySet.next();
+ String ns = qname.getNamespaceURI();
+ if( !nameSpacesDealt.contains( ns ))
+ {
+ StaxUtil.writeNameSpace(writer, qname.getPrefix(), ns );
+ nameSpacesDealt.add( ns );
+ }
+ String attribValue = otherAttribs.get( qname );
+ StaxUtil.writeAttribute(writer, qname, attribValue );
+ }
+ }
+
List<Object> attributeValues = attributeType.getAttributeValue();
if( attributeValues != null )
{
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/util/StaxUtil.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/util/StaxUtil.java 2010-11-04 21:47:35 UTC (rev 534)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/util/StaxUtil.java 2010-11-05 15:50:37 UTC (rev 535)
@@ -23,6 +23,7 @@
import java.io.OutputStream;
+import javax.xml.namespace.QName;
import javax.xml.stream.XMLEventWriter;
import javax.xml.stream.XMLOutputFactory;
import javax.xml.stream.XMLStreamException;
@@ -110,6 +111,25 @@
throw new ProcessingException( e );
}
}
+
+ /**
+ * Write an attribute
+ * @param writer
+ * @param attributeName QName of the attribute
+ * @param attributeValue
+ * @throws ProcessingException
+ */
+ public static void writeAttribute( XMLStreamWriter writer, QName attributeName, String attributeValue ) throws ProcessingException
+ {
+ try
+ {
+ writer.writeAttribute( attributeName.getNamespaceURI() , attributeName.getLocalPart(), attributeValue );
+ }
+ catch (XMLStreamException e)
+ {
+ throw new ProcessingException( e );
+ }
+ }
/**
* Write an xml attribute
Modified: federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/saml/SAMLAssertionParserTestCase.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/saml/SAMLAssertionParserTestCase.java 2010-11-04 21:47:35 UTC (rev 534)
+++ federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/saml/SAMLAssertionParserTestCase.java 2010-11-05 15:50:37 UTC (rev 535)
@@ -35,6 +35,7 @@
import org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLConstants;
import org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLURIConstants;
import org.picketlink.identity.federation.core.saml.v2.util.XMLTimeUtil;
+import org.picketlink.identity.federation.core.saml.v2.writers.SAMLAssertionWriter;
import org.picketlink.identity.federation.saml.v2.assertion.AssertionType;
import org.picketlink.identity.federation.saml.v2.assertion.AttributeStatementType;
import org.picketlink.identity.federation.saml.v2.assertion.AttributeType;
@@ -242,5 +243,8 @@
assertEquals( "https://sp.example.com/SAML2/SSO/POST", subjectConfirmationData.getRecipient());
}
}
+
+ SAMLAssertionWriter writer = new SAMLAssertionWriter();
+ writer.write(assertion, System.out );
}
}
\ No newline at end of file
14 years, 2 months
Picketlink SVN: r534 - federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/saml.
by picketlink-commits@lists.jboss.org
Author: anil.saldhana(a)jboss.com
Date: 2010-11-04 17:47:35 -0400 (Thu, 04 Nov 2010)
New Revision: 534
Modified:
federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/saml/SAMLAssertionParserTestCase.java
Log:
take care of x500 attributes
Modified: federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/saml/SAMLAssertionParserTestCase.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/saml/SAMLAssertionParserTestCase.java 2010-11-04 21:33:08 UTC (rev 533)
+++ federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/saml/SAMLAssertionParserTestCase.java 2010-11-04 21:47:35 UTC (rev 534)
@@ -39,8 +39,10 @@
import org.picketlink.identity.federation.saml.v2.assertion.AttributeStatementType;
import org.picketlink.identity.federation.saml.v2.assertion.AttributeType;
import org.picketlink.identity.federation.saml.v2.assertion.AudienceRestrictionType;
+import org.picketlink.identity.federation.saml.v2.assertion.AuthnStatementType;
import org.picketlink.identity.federation.saml.v2.assertion.ConditionsType;
import org.picketlink.identity.federation.saml.v2.assertion.NameIDType;
+import org.picketlink.identity.federation.saml.v2.assertion.StatementAbstractType;
import org.picketlink.identity.federation.saml.v2.assertion.SubjectConfirmationDataType;
import org.picketlink.identity.federation.saml.v2.assertion.SubjectConfirmationType;
import org.picketlink.identity.federation.saml.v2.assertion.SubjectType;
@@ -57,46 +59,44 @@
{
ClassLoader tcl = Thread.currentThread().getContextClassLoader();
InputStream configStream = tcl.getResourceAsStream( "parser/saml2/saml2-assertion.xml" );
-
+
SAMLParser parser = new SAMLParser();
AssertionType assertion = (AssertionType) parser.parse(configStream);
assertNotNull( assertion );
-
+
assertEquals( "ID_ab0392ef-b557-4453-95a8-a7e168da8ac5", assertion.getID() );
assertEquals( XMLTimeUtil.parse( "2010-09-30T19:13:37.869Z" ), assertion.getIssueInstant() );
//Issuer
assertEquals( "Test STS", assertion.getIssuer().getValue() );
-
+
//Subject
SubjectType subject = assertion.getSubject();
List<JAXBElement<?>> content = subject.getContent();
-
+
int size = content.size();
-
+
for( int i = 0 ; i < size; i++ )
{
JAXBElement<?> node = content.get(i);
if( node.getDeclaredType().equals( NameIDType.class ))
{
NameIDType subjectNameID = (NameIDType) node.getValue();
-
+
assertEquals( "jduke", subjectNameID.getValue() );
assertEquals( "urn:picketlink:identity-federation", subjectNameID.getNameQualifier() );
}
-
+
if( node.getDeclaredType().equals( ConditionsType.class ))
- {
-
+ {
//Conditions
ConditionsType conditions = (ConditionsType) node.getValue();
assertEquals( XMLTimeUtil.parse( "2010-09-30T19:13:37.869Z" ) , conditions.getNotBefore() );
- assertEquals( XMLTimeUtil.parse( "2010-09-30T21:13:37.869Z" ) , conditions.getNotOnOrAfter() );
-
+ assertEquals( XMLTimeUtil.parse( "2010-09-30T21:13:37.869Z" ) , conditions.getNotOnOrAfter() );
}
}
}
-
-
+
+
/**
* This test validates the parsing of audience restrictions inside the conditions
* @throws Exception
@@ -106,35 +106,35 @@
{
ClassLoader tcl = Thread.currentThread().getContextClassLoader();
InputStream configStream = tcl.getResourceAsStream( "parser/saml2/saml2-assertion-audiencerestriction.xml" );
-
+
SAMLParser parser = new SAMLParser();
AssertionType assertion = (AssertionType) parser.parse(configStream);
assertNotNull( assertion );
-
+
assertEquals( "ID_cf9efbf0-9d7f-4b4a-b77f-d83ecaafd374", assertion.getID() );
assertEquals( XMLTimeUtil.parse( "2010-09-30T19:13:37.911Z" ), assertion.getIssueInstant() );
assertEquals( "2.0", assertion.getVersion() );
-
+
//Issuer
assertEquals( "Test STS", assertion.getIssuer().getValue() );
-
+
//Subject
SubjectType subject = assertion.getSubject();
List<JAXBElement<?>> content = subject.getContent();
-
+
int size = content.size();
-
+
for( int i = 0 ; i < size; i++ )
{
JAXBElement<?> node = content.get(i);
if( node.getDeclaredType().equals( NameIDType.class ))
{
NameIDType subjectNameID = (NameIDType) node.getValue();
-
+
assertEquals( "jduke", subjectNameID.getValue() );
assertEquals( "urn:picketlink:identity-federation", subjectNameID.getNameQualifier() );
}
-
+
if( node.getDeclaredType().equals( ConditionsType.class ))
{
//Conditions
@@ -150,31 +150,61 @@
}
}
}
-
-
+
+
@Test
public void testAssertionWithX500Attribute() throws Exception
{
ClassLoader tcl = Thread.currentThread().getContextClassLoader();
InputStream configStream = tcl.getResourceAsStream( "parser/saml2/saml2-assertion-x500attrib.xml" );
-
+
SAMLParser parser = new SAMLParser();
AssertionType assertion = (AssertionType) parser.parse(configStream);
assertNotNull( assertion );
-
+
assertEquals( "ID_b07b804c-7c29-ea16-7300-4f3d6f7928ac", assertion.getID() );
assertEquals( XMLTimeUtil.parse( "2004-12-05T09:22:05Z" ), assertion.getIssueInstant() );
assertEquals( "2.0", assertion.getVersion() );
-
+
//Issuer
assertEquals( "https://idp.example.org/SAML2", assertion.getIssuer().getValue() );
-
+
+ List<StatementAbstractType> statements = assertion.getStatementOrAuthnStatementOrAuthzDecisionStatement();
+ assertEquals( 2, statements.size() );
+
+ AuthnStatementType authnStatement = (AuthnStatementType) statements.get(0);
+ assertEquals( XMLTimeUtil.parse( "2004-12-05T09:22:00Z" ), authnStatement.getAuthnInstant() );
+ assertEquals( "b07b804c-7c29-ea16-7300-4f3d6f7928ac", authnStatement.getSessionIndex() );
+
+
+ AttributeStatementType attributeStatement = (AttributeStatementType) statements.get( 1 );
+ List<Object> attributes = attributeStatement.getAttributeOrEncryptedAttribute();
+ assertEquals( 1, attributes.size() );
+ AttributeType attribute = (AttributeType) attributes.get(0);
+ assertEquals( "eduPersonAffiliation", attribute.getFriendlyName() );
+ assertEquals( "urn:oid:1.3.6.1.4.1.5923.1.1.1.1", attribute.getName() );
+ assertEquals( "urn:oasis:names:tc:SAML:2.0:attrname-format:uri", attribute.getNameFormat() );
+
+ //Ensure that we have x500:encoding
+ QName x500EncodingName = new QName( JBossSAMLURIConstants.X500_NSURI.get(),
+ JBossSAMLConstants.ENCODING.get() );
+ String encodingValue = attribute.getOtherAttributes().get( x500EncodingName );
+ assertEquals( "LDAP", encodingValue );
+
+ List<Object> attributeValues = attribute.getAttributeValue();
+ assertEquals( 2, attributeValues.size() );
+
+ String str = (String ) attributeValues.get( 0 );
+ if( ! ( str.equals( "member") || str.equals( "staff" )))
+ throw new RuntimeException( "attrib value not found" );
+
//Subject
SubjectType subject = assertion.getSubject();
List<JAXBElement<?>> content = subject.getContent();
-
+
int size = content.size();
-
+ assertEquals( 2, size );
+
for( int i = 0 ; i < size; i++ )
{
JAXBElement<?> node = content.get(i);
@@ -182,11 +212,11 @@
if( clazz.equals( NameIDType.class ))
{
NameIDType subjectNameID = (NameIDType) node.getValue();
-
+
assertEquals( "3f7b3dcf-1674-4ecd-92c8-1544f346baf8", subjectNameID.getValue() );
assertEquals( "urn:oasis:names:tc:SAML:2.0:nameid-format:transient", subjectNameID.getFormat() );
}
-
+
if( clazz.equals( ConditionsType.class ))
{
//Conditions
@@ -200,45 +230,17 @@
assertEquals( 1, audienceRestrictionType.getAudience().size() );
assertEquals( "https://sp.example.com/SAML2", audienceRestrictionType.getAudience().get( 0 ));
}
-
+
else if( clazz.equals( SubjectConfirmationType.class ))
{
SubjectConfirmationType subjectConfirmation = (SubjectConfirmationType) node.getValue();
assertEquals( "urn:oasis:names:tc:SAML:2.0:cm:bearer", subjectConfirmation.getMethod() );
-
+
SubjectConfirmationDataType subjectConfirmationData = subjectConfirmation.getSubjectConfirmationData();
assertEquals( "ID_aaf23196-1773-2113-474a-fe114412ab72", subjectConfirmationData.getInResponseTo() );
assertEquals( XMLTimeUtil.parse( "2004-12-05T09:27:05Z" ), subjectConfirmationData.getNotOnOrAfter() );
assertEquals( "https://sp.example.com/SAML2/SSO/POST", subjectConfirmationData.getRecipient());
}
-
- else if( clazz.equals( AttributeStatementType.class ))
- {
- AttributeStatementType attributeStatement = (AttributeStatementType) node.getValue();
- List<Object> attributes = attributeStatement.getAttributeOrEncryptedAttribute();
- assertEquals( 2, attributes.size() );
-
- for( Object attr: attributes )
- {
- AttributeType attribute = (AttributeType) attr;
- assertEquals( "eduPersonAffiliation", attribute.getFriendlyName() );
- assertEquals( "urn:oid:1.3.6.1.4.1.5923.1.1.1.1", attribute.getName() );
- assertEquals( "urn:oasis:names:tc:SAML:2.0:attrname-format:uri", attribute.getNameFormat() );
-
- //Ensure that we have x500:encoding
- QName x500EncodingName = new QName( JBossSAMLURIConstants.X500_NSURI.get(),
- JBossSAMLConstants.ENCODING.get() );
- String encodingValue = attribute.getOtherAttributes().get( x500EncodingName );
- assertEquals( "LDAP", encodingValue );
-
- List<Object> attributeValues = attribute.getAttributeValue();
- assertEquals( 1, attributeValues.size() );
-
- String str = (String ) attributeValues.get( 0 );
- if( ! ( str.equals( "member") || str.equals( "staff" )))
- throw new RuntimeException( "attrib value not found" );
- }
- }
}
}
}
\ No newline at end of file
14 years, 2 months
Picketlink SVN: r533 - in federation/trunk/picketlink-fed-core/src: main/java/org/picketlink/identity/federation/core/saml/v2/constants and 2 other directories.
by picketlink-commits@lists.jboss.org
Author: anil.saldhana(a)jboss.com
Date: 2010-11-04 17:33:08 -0400 (Thu, 04 Nov 2010)
New Revision: 533
Added:
federation/trunk/picketlink-fed-core/src/test/resources/parser/saml2/saml2-assertion-x500attrib.xml
Modified:
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/util/SAMLParserUtil.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/constants/JBossSAMLConstants.java
federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/saml/SAMLAssertionParserTestCase.java
Log:
take care of x500 attributes
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/util/SAMLParserUtil.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/util/SAMLParserUtil.java 2010-11-04 20:53:50 UTC (rev 532)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/util/SAMLParserUtil.java 2010-11-04 21:33:08 UTC (rev 533)
@@ -88,6 +88,16 @@
StartElement startElement = StaxParserUtil.getNextStartElement(xmlEventReader);
StaxParserUtil.validate( startElement, JBossSAMLConstants.ATTRIBUTE.get() );
+ //Look for X500 Encoding
+ QName x500EncodingName = new QName( JBossSAMLURIConstants.X500_NSURI.get(),
+ JBossSAMLConstants.ENCODING.get() );
+ Attribute x500EncodingAttr = startElement.getAttributeByName( x500EncodingName );
+
+ if( x500EncodingAttr != null )
+ {
+ attributeType.getOtherAttributes().put( x500EncodingName, StaxParserUtil.getAttributeValue( x500EncodingAttr ));
+ }
+
Attribute name = startElement.getAttributeByName( new QName( JBossSAMLConstants.NAME.get() ));
if( name == null )
throw new RuntimeException( "Required attribute Name in Attribute" );
@@ -211,6 +221,15 @@
EndElement endElement = StaxParserUtil.getNextEndElement(xmlEventReader);
StaxParserUtil.validate(endElement, JBossSAMLConstants.AUTHN_CONTEXT.get() );
}
+ else if( JBossSAMLConstants.AUTHN_CONTEXT_CLASS_REF.get().equals( tag ))
+ {
+ String text = StaxParserUtil.getElementText( xmlEventReader );
+
+ JAXBElement<?> acDeclRef = SAMLAssertionFactory.getObjectFactory().createAuthnContextClassRef(text );
+ authnContextType.getContent().add(acDeclRef);
+ EndElement endElement = StaxParserUtil.getNextEndElement(xmlEventReader);
+ StaxParserUtil.validate(endElement, JBossSAMLConstants.AUTHN_CONTEXT.get() );
+ }
else
throw new RuntimeException( "Unknown Tag:" + tag );
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/constants/JBossSAMLConstants.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/constants/JBossSAMLConstants.java 2010-11-04 20:53:50 UTC (rev 532)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/constants/JBossSAMLConstants.java 2010-11-04 21:33:08 UTC (rev 533)
@@ -38,6 +38,7 @@
AUDIENCE( "Audience" ),
AUDIENCE_RESTRICTION( "AudienceRestriction" ),
AUTHN_CONTEXT( "AuthnContext" ),
+ AUTHN_CONTEXT_CLASS_REF( "AuthnContextClassRef" ),
AUTHN_CONTEXT_DECLARATION_REF( "AuthnContextDeclRef" ),
AUTHN_INSTANT( "AuthnInstant" ),
AUTHN_REQUEST( "AuthnRequest" ),
@@ -45,6 +46,7 @@
CONDITIONS( "Conditions" ),
CONSENT( "Consent" ),
DESTINATION( "Destination" ),
+ ENCODING( "Encoding" ),
FORMAT( "Format" ),
FRIENDLY_NAME( "FriendlyName" ),
ID( "ID" ),
Modified: federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/saml/SAMLAssertionParserTestCase.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/saml/SAMLAssertionParserTestCase.java 2010-11-04 20:53:50 UTC (rev 532)
+++ federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/saml/SAMLAssertionParserTestCase.java 2010-11-04 21:33:08 UTC (rev 533)
@@ -28,14 +28,21 @@
import java.util.List;
import javax.xml.bind.JAXBElement;
+import javax.xml.namespace.QName;
import org.junit.Test;
import org.picketlink.identity.federation.core.parsers.saml.SAMLParser;
+import org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLConstants;
+import org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLURIConstants;
import org.picketlink.identity.federation.core.saml.v2.util.XMLTimeUtil;
import org.picketlink.identity.federation.saml.v2.assertion.AssertionType;
+import org.picketlink.identity.federation.saml.v2.assertion.AttributeStatementType;
+import org.picketlink.identity.federation.saml.v2.assertion.AttributeType;
import org.picketlink.identity.federation.saml.v2.assertion.AudienceRestrictionType;
import org.picketlink.identity.federation.saml.v2.assertion.ConditionsType;
import org.picketlink.identity.federation.saml.v2.assertion.NameIDType;
+import org.picketlink.identity.federation.saml.v2.assertion.SubjectConfirmationDataType;
+import org.picketlink.identity.federation.saml.v2.assertion.SubjectConfirmationType;
import org.picketlink.identity.federation.saml.v2.assertion.SubjectType;
/**
@@ -143,4 +150,95 @@
}
}
}
+
+
+ @Test
+ public void testAssertionWithX500Attribute() throws Exception
+ {
+ ClassLoader tcl = Thread.currentThread().getContextClassLoader();
+ InputStream configStream = tcl.getResourceAsStream( "parser/saml2/saml2-assertion-x500attrib.xml" );
+
+ SAMLParser parser = new SAMLParser();
+ AssertionType assertion = (AssertionType) parser.parse(configStream);
+ assertNotNull( assertion );
+
+ assertEquals( "ID_b07b804c-7c29-ea16-7300-4f3d6f7928ac", assertion.getID() );
+ assertEquals( XMLTimeUtil.parse( "2004-12-05T09:22:05Z" ), assertion.getIssueInstant() );
+ assertEquals( "2.0", assertion.getVersion() );
+
+ //Issuer
+ assertEquals( "https://idp.example.org/SAML2", assertion.getIssuer().getValue() );
+
+ //Subject
+ SubjectType subject = assertion.getSubject();
+ List<JAXBElement<?>> content = subject.getContent();
+
+ int size = content.size();
+
+ for( int i = 0 ; i < size; i++ )
+ {
+ JAXBElement<?> node = content.get(i);
+ Class<?> clazz = node.getDeclaredType();
+ if( clazz.equals( NameIDType.class ))
+ {
+ NameIDType subjectNameID = (NameIDType) node.getValue();
+
+ assertEquals( "3f7b3dcf-1674-4ecd-92c8-1544f346baf8", subjectNameID.getValue() );
+ assertEquals( "urn:oasis:names:tc:SAML:2.0:nameid-format:transient", subjectNameID.getFormat() );
+ }
+
+ if( clazz.equals( ConditionsType.class ))
+ {
+ //Conditions
+ ConditionsType conditions = (ConditionsType) node.getValue();
+ assertEquals( XMLTimeUtil.parse( "2004-12-05T09:17:05Z" ) , conditions.getNotBefore() );
+ assertEquals( XMLTimeUtil.parse( "2004-12-05T09:27:05Z" ) , conditions.getNotOnOrAfter() );
+
+ //Audience Restriction
+ AudienceRestrictionType audienceRestrictionType =
+ (AudienceRestrictionType) conditions.getConditionOrAudienceRestrictionOrOneTimeUse();
+ assertEquals( 1, audienceRestrictionType.getAudience().size() );
+ assertEquals( "https://sp.example.com/SAML2", audienceRestrictionType.getAudience().get( 0 ));
+ }
+
+ else if( clazz.equals( SubjectConfirmationType.class ))
+ {
+ SubjectConfirmationType subjectConfirmation = (SubjectConfirmationType) node.getValue();
+ assertEquals( "urn:oasis:names:tc:SAML:2.0:cm:bearer", subjectConfirmation.getMethod() );
+
+ SubjectConfirmationDataType subjectConfirmationData = subjectConfirmation.getSubjectConfirmationData();
+ assertEquals( "ID_aaf23196-1773-2113-474a-fe114412ab72", subjectConfirmationData.getInResponseTo() );
+ assertEquals( XMLTimeUtil.parse( "2004-12-05T09:27:05Z" ), subjectConfirmationData.getNotOnOrAfter() );
+ assertEquals( "https://sp.example.com/SAML2/SSO/POST", subjectConfirmationData.getRecipient());
+ }
+
+ else if( clazz.equals( AttributeStatementType.class ))
+ {
+ AttributeStatementType attributeStatement = (AttributeStatementType) node.getValue();
+ List<Object> attributes = attributeStatement.getAttributeOrEncryptedAttribute();
+ assertEquals( 2, attributes.size() );
+
+ for( Object attr: attributes )
+ {
+ AttributeType attribute = (AttributeType) attr;
+ assertEquals( "eduPersonAffiliation", attribute.getFriendlyName() );
+ assertEquals( "urn:oid:1.3.6.1.4.1.5923.1.1.1.1", attribute.getName() );
+ assertEquals( "urn:oasis:names:tc:SAML:2.0:attrname-format:uri", attribute.getNameFormat() );
+
+ //Ensure that we have x500:encoding
+ QName x500EncodingName = new QName( JBossSAMLURIConstants.X500_NSURI.get(),
+ JBossSAMLConstants.ENCODING.get() );
+ String encodingValue = attribute.getOtherAttributes().get( x500EncodingName );
+ assertEquals( "LDAP", encodingValue );
+
+ List<Object> attributeValues = attribute.getAttributeValue();
+ assertEquals( 1, attributeValues.size() );
+
+ String str = (String ) attributeValues.get( 0 );
+ if( ! ( str.equals( "member") || str.equals( "staff" )))
+ throw new RuntimeException( "attrib value not found" );
+ }
+ }
+ }
+ }
}
\ No newline at end of file
Added: federation/trunk/picketlink-fed-core/src/test/resources/parser/saml2/saml2-assertion-x500attrib.xml
===================================================================
--- federation/trunk/picketlink-fed-core/src/test/resources/parser/saml2/saml2-assertion-x500attrib.xml (rev 0)
+++ federation/trunk/picketlink-fed-core/src/test/resources/parser/saml2/saml2-assertion-x500attrib.xml 2010-11-04 21:33:08 UTC (rev 533)
@@ -0,0 +1,53 @@
+<saml:Assertion
+ xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion"
+ xmlns:xs="http://www.w3.org/2001/XMLSchema"
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ ID="ID_b07b804c-7c29-ea16-7300-4f3d6f7928ac"
+ Version="2.0"
+ IssueInstant="2004-12-05T09:22:05Z">
+ <saml:Issuer>https://idp.example.org/SAML2</saml:Issuer>
+ <ds:Signature
+ xmlns:ds="http://www.w3.org/2000/09/xmldsig#">...</ds:Signature>
+ <saml:Subject>
+ <saml:NameID
+ Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient">
+ 3f7b3dcf-1674-4ecd-92c8-1544f346baf8
+ </saml:NameID>
+ <saml:SubjectConfirmation
+ Method="urn:oasis:names:tc:SAML:2.0:cm:bearer">
+ <saml:SubjectConfirmationData
+ InResponseTo="ID_aaf23196-1773-2113-474a-fe114412ab72"
+ Recipient="https://sp.example.com/SAML2/SSO/POST"
+ NotOnOrAfter="2004-12-05T09:27:05Z"/>
+ </saml:SubjectConfirmation>
+ </saml:Subject>
+ <saml:Conditions
+ NotBefore="2004-12-05T09:17:05Z"
+ NotOnOrAfter="2004-12-05T09:27:05Z">
+ <saml:AudienceRestriction>
+ <saml:Audience>https://sp.example.com/SAML2</saml:Audience>
+ </saml:AudienceRestriction>
+ </saml:Conditions>
+ <saml:AuthnStatement
+ AuthnInstant="2004-12-05T09:22:00Z"
+ SessionIndex="b07b804c-7c29-ea16-7300-4f3d6f7928ac">
+ <saml:AuthnContext>
+ <saml:AuthnContextClassRef>
+ urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport
+ </saml:AuthnContextClassRef>
+ </saml:AuthnContext>
+ </saml:AuthnStatement>
+ <saml:AttributeStatement>
+ <saml:Attribute
+ xmlns:x500="urn:oasis:names:tc:SAML:2.0:profiles:attribute:X500"
+ x500:Encoding="LDAP"
+ NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"
+ Name="urn:oid:1.3.6.1.4.1.5923.1.1.1.1"
+ FriendlyName="eduPersonAffiliation">
+ <saml:AttributeValue
+ xsi:type="xs:string">member</saml:AttributeValue>
+ <saml:AttributeValue
+ xsi:type="xs:string">staff</saml:AttributeValue>
+ </saml:Attribute>
+ </saml:AttributeStatement>
+ </saml:Assertion>
\ No newline at end of file
14 years, 2 months
Picketlink SVN: r532 - federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/util.
by picketlink-commits@lists.jboss.org
Author: anil.saldhana(a)jboss.com
Date: 2010-11-04 16:53:50 -0400 (Thu, 04 Nov 2010)
New Revision: 532
Modified:
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/util/SAMLParserUtil.java
Log:
javadoc
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/util/SAMLParserUtil.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/util/SAMLParserUtil.java 2010-11-04 20:40:06 UTC (rev 531)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/util/SAMLParserUtil.java 2010-11-04 20:53:50 UTC (rev 532)
@@ -46,6 +46,12 @@
*/
public class SAMLParserUtil
{
+ /**
+ * Parse an {@code AttributeStatementType}
+ * @param xmlEventReader
+ * @return
+ * @throws ParsingException
+ */
public static AttributeStatementType parseAttributeStatement( XMLEventReader xmlEventReader ) throws ParsingException
{
AttributeStatementType attributeStatementType = new AttributeStatementType();
@@ -211,6 +217,12 @@
return authnContextType;
}
+ /**
+ * Parse a {@code NameIDType}
+ * @param xmlEventReader
+ * @return
+ * @throws ParsingException
+ */
public static NameIDType parseNameIDType( XMLEventReader xmlEventReader ) throws ParsingException
{
StartElement nameIDElement = StaxParserUtil.getNextStartElement( xmlEventReader );
@@ -241,9 +253,8 @@
}
String nameIDValue = StaxParserUtil.getElementText( xmlEventReader );
- nameID.setValue( nameIDValue );
+ nameID.setValue( nameIDValue );
-
return nameID;
}
}
\ No newline at end of file
14 years, 2 months
Picketlink SVN: r531 - in federation/trunk/picketlink-fed-core/src: main/java/org/picketlink/identity/federation/core/parsers/util and 2 other directories.
by picketlink-commits@lists.jboss.org
Author: anil.saldhana(a)jboss.com
Date: 2010-11-04 16:40:06 -0400 (Thu, 04 Nov 2010)
New Revision: 531
Added:
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/util/SAMLParserUtil.java
federation/trunk/picketlink-fed-core/src/test/resources/parser/saml2/saml2-response-assertion-subject.xml
Modified:
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLAssertionParser.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLResponseParser.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLSloResponseParser.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLSubjectParser.java
federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/saml/SAMLAssertionParserTestCase.java
federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/saml/SAMLResponseParserTestCase.java
Log:
take care of subjects and attributes
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLAssertionParser.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLAssertionParser.java 2010-11-04 17:16:37 UTC (rev 530)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLAssertionParser.java 2010-11-04 20:40:06 UTC (rev 531)
@@ -21,7 +21,6 @@
*/
package org.picketlink.identity.federation.core.parsers.saml;
-import javax.xml.bind.JAXBElement;
import javax.xml.namespace.QName;
import javax.xml.stream.XMLEventReader;
import javax.xml.stream.events.Attribute;
@@ -31,15 +30,13 @@
import org.picketlink.identity.federation.core.exceptions.ParsingException;
import org.picketlink.identity.federation.core.parsers.ParserNamespaceSupport;
+import org.picketlink.identity.federation.core.parsers.util.SAMLParserUtil;
import org.picketlink.identity.federation.core.parsers.util.StaxParserUtil;
import org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLConstants;
import org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLURIConstants;
-import org.picketlink.identity.federation.core.saml.v2.factories.SAMLAssertionFactory;
import org.picketlink.identity.federation.core.saml.v2.util.XMLTimeUtil;
import org.picketlink.identity.federation.saml.v2.assertion.AssertionType;
import org.picketlink.identity.federation.saml.v2.assertion.AttributeStatementType;
-import org.picketlink.identity.federation.saml.v2.assertion.AttributeType;
-import org.picketlink.identity.federation.saml.v2.assertion.AuthnContextType;
import org.picketlink.identity.federation.saml.v2.assertion.AuthnStatementType;
import org.picketlink.identity.federation.saml.v2.assertion.ConditionsType;
import org.picketlink.identity.federation.saml.v2.assertion.NameIDType;
@@ -123,12 +120,12 @@
}
else if( JBossSAMLConstants.AUTHN_STATEMENT.get().equalsIgnoreCase( tag ) )
{
- AuthnStatementType authnStatementType = parseAuthnStatement( xmlEventReader );
+ AuthnStatementType authnStatementType = SAMLParserUtil.parseAuthnStatement( xmlEventReader );
assertion.getStatementOrAuthnStatementOrAuthzDecisionStatement().add( authnStatementType );
}
else if( JBossSAMLConstants.ATTRIBUTE_STATEMENT.get().equalsIgnoreCase( tag ) )
{
- AttributeStatementType attributeStatementType = parseAttributeStatement( xmlEventReader );
+ AttributeStatementType attributeStatementType = SAMLParserUtil.parseAttributeStatement( xmlEventReader );
assertion.getStatementOrAuthnStatementOrAuthzDecisionStatement().add( attributeStatementType );
}
else throw new RuntimeException( "SAMLAssertionParser:: unknown: " + tag );
@@ -165,179 +162,4 @@
return assertion;
}
-
- /**
- * Parse the AuthnStatement inside the assertion
- * @param xmlEventReader
- * @return
- * @throws ParsingException
- */
- private AuthnStatementType parseAuthnStatement( XMLEventReader xmlEventReader ) throws ParsingException
- {
- AuthnStatementType authnStatementType = new AuthnStatementType();
-
- StartElement startElement = StaxParserUtil.getNextStartElement(xmlEventReader);
- String AUTHNSTATEMENT = JBossSAMLConstants.AUTHN_STATEMENT.get();
- StaxParserUtil.validate( startElement, AUTHNSTATEMENT );
-
- Attribute authnInstant = startElement.getAttributeByName( new QName( "AuthnInstant" ));
- if( authnInstant == null )
- throw new RuntimeException( "Required attribute AuthnInstant in " + AUTHNSTATEMENT );
- authnStatementType.setAuthnInstant( XMLTimeUtil.parse( StaxParserUtil.getAttributeValue( authnInstant )));
-
- Attribute sessionIndex = startElement.getAttributeByName( new QName( "SessionIndex" ));
- if( sessionIndex != null )
- authnStatementType.setSessionIndex( StaxParserUtil.getAttributeValue( sessionIndex ));
-
- //Get the next start element
- startElement = StaxParserUtil.peekNextStartElement( xmlEventReader );
- String tag = startElement.getName().getLocalPart();
- if( JBossSAMLConstants.AUTHN_CONTEXT.get().equals( tag ) )
- {
- authnStatementType.setAuthnContext( parseAuthnContextType( xmlEventReader ) );
- }
- else throw new RuntimeException( "Unknown tag:" + tag );
-
- EndElement endElement = StaxParserUtil.getNextEndElement(xmlEventReader);
- StaxParserUtil.validate(endElement, AUTHNSTATEMENT );
-
- return authnStatementType;
- }
-
- /**
- * Parse the AuthnStatement inside the assertion
- * @param xmlEventReader
- * @return
- * @throws ParsingException
- */
- private AttributeStatementType parseAttributeStatement( XMLEventReader xmlEventReader ) throws ParsingException
- {
- AttributeStatementType attributeStatementType = new AttributeStatementType();
-
- StartElement startElement = StaxParserUtil.getNextStartElement(xmlEventReader);
- String AUTHNSTATEMENT = JBossSAMLConstants.ATTRIBUTE_STATEMENT.get();
- StaxParserUtil.validate( startElement, AUTHNSTATEMENT );
-
- while( xmlEventReader.hasNext() )
- {
- //Get the next start element
- startElement = StaxParserUtil.peekNextStartElement( xmlEventReader );
- String tag = startElement.getName().getLocalPart();
- if( JBossSAMLConstants.ATTRIBUTE.get().equals( tag ) )
- {
- AttributeType attribute = parseAttribute(xmlEventReader);
- attributeStatementType.getAttributeOrEncryptedAttribute().add( attribute );
- }
- else throw new RuntimeException( "Unknown tag:" + tag );
- }
-
- /* EndElement endElement = StaxParserUtil.getNextEndElement(xmlEventReader);
- StaxParserUtil.validate(endElement,JBossSAMLConstants.ATTRIBUTE_STATEMENT.get() );
- */
- return attributeStatementType;
- }
-
- /**
- * Parse an {@code AttributeType}
- * @param xmlEventReader
- * @return
- * @throws ParsingException
- */
- private AttributeType parseAttribute( XMLEventReader xmlEventReader ) throws ParsingException
- {
- AttributeType attributeType = new AttributeType();
-
- StartElement startElement = StaxParserUtil.getNextStartElement(xmlEventReader);
- StaxParserUtil.validate( startElement, JBossSAMLConstants.ATTRIBUTE.get() );
-
- Attribute name = startElement.getAttributeByName( new QName( JBossSAMLConstants.NAME.get() ));
- if( name == null )
- throw new RuntimeException( "Required attribute Name in Attribute" );
- attributeType.setName( StaxParserUtil.getAttributeValue( name ));
-
- Attribute friendlyName = startElement.getAttributeByName( new QName( JBossSAMLConstants.FRIENDLY_NAME.get() ));
- if( friendlyName != null )
- attributeType.setFriendlyName( StaxParserUtil.getAttributeValue( friendlyName ));
-
- Attribute nameFormat = startElement.getAttributeByName( new QName( JBossSAMLConstants.NAME_FORMAT.get() ));
- if( nameFormat != null )
- attributeType.setNameFormat( StaxParserUtil.getAttributeValue( nameFormat ));
-
- while( xmlEventReader.hasNext() )
- {
- startElement = StaxParserUtil.peekNextStartElement(xmlEventReader);
- if( startElement == null )
- break;
- String tag = StaxParserUtil.getStartElementName(startElement);
-
- if( JBossSAMLConstants.ATTRIBUTE.get().equals( tag ))
- break;
-
- if( JBossSAMLConstants.ATTRIBUTE_VALUE.get().equals( tag ) )
- {
- Object attributeValue = parseAttributeValue(xmlEventReader);
- attributeType.getAttributeValue().add( attributeValue );
- }
- else throw new RuntimeException( "Unknown tag:" + tag );
- }
-
- return attributeType;
- }
-
- /**
- * Parse the AuthnContext Type inside the AuthnStatement
- * @param xmlEventReader
- * @return
- * @throws ParsingException
- */
- private AuthnContextType parseAuthnContextType( XMLEventReader xmlEventReader ) throws ParsingException
- {
- AuthnContextType authnContextType = new AuthnContextType();
-
- StartElement startElement = StaxParserUtil.getNextStartElement(xmlEventReader);
- StaxParserUtil.validate( startElement, JBossSAMLConstants.AUTHN_CONTEXT.get() );
-
- //Get the next start element
- startElement = StaxParserUtil.getNextStartElement(xmlEventReader);
- String tag = startElement.getName().getLocalPart();
-
- if( JBossSAMLConstants.AUTHN_CONTEXT_DECLARATION_REF.get().equals( tag ))
- {
- String text = StaxParserUtil.getElementText( xmlEventReader );
-
- JAXBElement<?> acDeclRef = SAMLAssertionFactory.getObjectFactory().createAuthnContextDeclRef( text );
- authnContextType.getContent().add(acDeclRef);
- EndElement endElement = StaxParserUtil.getNextEndElement(xmlEventReader);
- StaxParserUtil.validate(endElement, JBossSAMLConstants.AUTHN_CONTEXT.get() );
- }
- else
- throw new RuntimeException( "Unknown Tag:" + tag );
-
- return authnContextType;
- }
-
- /**
- * Parse Attribute value
- * @param xmlEventReader
- * @return
- * @throws ParsingException
- */
- private Object parseAttributeValue( XMLEventReader xmlEventReader ) throws ParsingException
- {
- StartElement startElement = StaxParserUtil.getNextStartElement(xmlEventReader);
- StaxParserUtil.validate( startElement, JBossSAMLConstants.ATTRIBUTE_VALUE.get() );
-
- Attribute type = startElement.getAttributeByName( new QName( JBossSAMLURIConstants.XSI_NSURI.get(),
- "type", "xsi"));
- if( type == null )
- throw new RuntimeException( "attribute value has no xsi type" );
-
- String typeValue = StaxParserUtil.getAttributeValue(type);
- if( typeValue.contains( ":string" ))
- {
- return StaxParserUtil.getElementText(xmlEventReader);
- }
-
- throw new RuntimeException( "Unsupported xsi:type=" + typeValue );
- }
}
\ No newline at end of file
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLResponseParser.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLResponseParser.java 2010-11-04 17:16:37 UTC (rev 530)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLResponseParser.java 2010-11-04 20:40:06 UTC (rev 531)
@@ -108,7 +108,5 @@
super.parseBaseAttributes( startElement, response );
return response;
- }
-
-
+ }
}
\ No newline at end of file
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLSloResponseParser.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLSloResponseParser.java 2010-11-04 17:16:37 UTC (rev 530)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLSloResponseParser.java 2010-11-04 20:40:06 UTC (rev 531)
@@ -103,4 +103,4 @@
return JBossSAMLURIConstants.PROTOCOL_NSURI.get().equals( qname.getNamespaceURI() )
&& LOGOUT_RESPONSE.equals( qname.getLocalPart() );
}
-}
+}
\ No newline at end of file
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLSubjectParser.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLSubjectParser.java 2010-11-04 17:16:37 UTC (rev 530)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLSubjectParser.java 2010-11-04 20:40:06 UTC (rev 531)
@@ -24,7 +24,6 @@
import javax.xml.bind.JAXBElement;
import javax.xml.namespace.QName;
import javax.xml.stream.XMLEventReader;
-import javax.xml.stream.XMLStreamException;
import javax.xml.stream.events.Attribute;
import javax.xml.stream.events.EndElement;
import javax.xml.stream.events.StartElement;
@@ -32,10 +31,13 @@
import org.picketlink.identity.federation.core.exceptions.ParsingException;
import org.picketlink.identity.federation.core.parsers.ParserNamespaceSupport;
+import org.picketlink.identity.federation.core.parsers.util.SAMLParserUtil;
import org.picketlink.identity.federation.core.parsers.util.StaxParserUtil;
import org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLConstants;
import org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLURIConstants;
+import org.picketlink.identity.federation.core.saml.v2.factories.SAMLAssertionFactory;
import org.picketlink.identity.federation.core.saml.v2.util.XMLTimeUtil;
+import org.picketlink.identity.federation.saml.v2.assertion.AttributeStatementType;
import org.picketlink.identity.federation.saml.v2.assertion.NameIDType;
import org.picketlink.identity.federation.saml.v2.assertion.ObjectFactory;
import org.picketlink.identity.federation.saml.v2.assertion.SubjectConfirmationDataType;
@@ -79,32 +81,9 @@
if( JBossSAMLConstants.NAMEID.get().equalsIgnoreCase( tag ) )
{
- try
- {
- StartElement nameIDElement = StaxParserUtil.getNextStartElement( xmlEventReader );
- Attribute nameQualifier = nameIDElement.getAttributeByName( new QName( JBossSAMLConstants.NAME_QUALIFIER.get() ));
- if( nameQualifier == null )
- nameQualifier = nameIDElement.getAttributeByName( new QName( JBossSAMLURIConstants.ASSERTION_NSURI.get(),
- JBossSAMLConstants.NAME_QUALIFIER.get() ));
-
- String nameIDValue = xmlEventReader.getElementText();
-
- NameIDType nameID = new NameIDType();
- nameID.setValue( nameIDValue );
- if( nameQualifier != null )
- {
- nameID.setNameQualifier( StaxParserUtil.getAttributeValue(nameQualifier) );
- }
-
- JAXBElement<NameIDType> jaxbNameID = objectFactory.createNameID( nameID );
- subject.getContent().add( jaxbNameID );
-
- //There is no need to get the end tag as the "getElementText" call above puts us past that
- }
- catch (XMLStreamException e)
- {
- throw new ParsingException( e );
- }
+ NameIDType nameID = SAMLParserUtil.parseNameIDType(xmlEventReader);
+ JAXBElement<NameIDType> jaxbNameID = objectFactory.createNameID( nameID );
+ subject.getContent().add( jaxbNameID );
}
else if( JBossSAMLConstants.SUBJECT_CONFIRMATION.get().equalsIgnoreCase( tag ) )
{
@@ -138,7 +117,13 @@
//Get the end tag
EndElement endElement = (EndElement) StaxParserUtil.getNextEvent(xmlEventReader);
StaxParserUtil.matches(endElement, JBossSAMLConstants.SUBJECT_CONFIRMATION.get() );
- }
+ }
+ else if( JBossSAMLConstants.ATTRIBUTE_STATEMENT.get().equals( tag ))
+ {
+ AttributeStatementType attributeStatement = SAMLParserUtil.parseAttributeStatement(xmlEventReader);
+ JAXBElement<?> jaxbEl = SAMLAssertionFactory.getObjectFactory().createAttributeStatement(attributeStatement);
+ subject.getContent().add( jaxbEl );
+ }
else throw new RuntimeException( "Unknown tag:" + tag );
}
Added: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/util/SAMLParserUtil.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/util/SAMLParserUtil.java (rev 0)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/util/SAMLParserUtil.java 2010-11-04 20:40:06 UTC (rev 531)
@@ -0,0 +1,249 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2008, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.picketlink.identity.federation.core.parsers.util;
+
+import javax.xml.bind.JAXBElement;
+import javax.xml.namespace.QName;
+import javax.xml.stream.XMLEventReader;
+import javax.xml.stream.events.Attribute;
+import javax.xml.stream.events.EndElement;
+import javax.xml.stream.events.StartElement;
+
+import org.picketlink.identity.federation.core.exceptions.ParsingException;
+import org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLConstants;
+import org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLURIConstants;
+import org.picketlink.identity.federation.core.saml.v2.factories.SAMLAssertionFactory;
+import org.picketlink.identity.federation.core.saml.v2.util.XMLTimeUtil;
+import org.picketlink.identity.federation.saml.v2.assertion.AttributeStatementType;
+import org.picketlink.identity.federation.saml.v2.assertion.AttributeType;
+import org.picketlink.identity.federation.saml.v2.assertion.AuthnContextType;
+import org.picketlink.identity.federation.saml.v2.assertion.AuthnStatementType;
+import org.picketlink.identity.federation.saml.v2.assertion.NameIDType;
+
+/**
+ * Utility methods for SAML Parser
+ * @author Anil.Saldhana(a)redhat.com
+ * @since Nov 4, 2010
+ */
+public class SAMLParserUtil
+{
+ public static AttributeStatementType parseAttributeStatement( XMLEventReader xmlEventReader ) throws ParsingException
+ {
+ AttributeStatementType attributeStatementType = new AttributeStatementType();
+
+ StartElement startElement = StaxParserUtil.getNextStartElement(xmlEventReader);
+ String AUTHNSTATEMENT = JBossSAMLConstants.ATTRIBUTE_STATEMENT.get();
+ StaxParserUtil.validate( startElement, AUTHNSTATEMENT );
+
+ while( xmlEventReader.hasNext() )
+ {
+ //Get the next start element
+ startElement = StaxParserUtil.peekNextStartElement( xmlEventReader );
+ String tag = startElement.getName().getLocalPart();
+ if( JBossSAMLConstants.ATTRIBUTE.get().equals( tag ) )
+ {
+ AttributeType attribute = parseAttribute(xmlEventReader);
+ attributeStatementType.getAttributeOrEncryptedAttribute().add( attribute );
+ }
+ else throw new RuntimeException( "Unknown tag:" + tag );
+ }
+ return attributeStatementType;
+ }
+
+ /**
+ * Parse an {@code AttributeType}
+ * @param xmlEventReader
+ * @return
+ * @throws ParsingException
+ */
+ public static AttributeType parseAttribute( XMLEventReader xmlEventReader ) throws ParsingException
+ {
+ AttributeType attributeType = new AttributeType();
+
+ StartElement startElement = StaxParserUtil.getNextStartElement(xmlEventReader);
+ StaxParserUtil.validate( startElement, JBossSAMLConstants.ATTRIBUTE.get() );
+
+ Attribute name = startElement.getAttributeByName( new QName( JBossSAMLConstants.NAME.get() ));
+ if( name == null )
+ throw new RuntimeException( "Required attribute Name in Attribute" );
+ attributeType.setName( StaxParserUtil.getAttributeValue( name ));
+
+ Attribute friendlyName = startElement.getAttributeByName( new QName( JBossSAMLConstants.FRIENDLY_NAME.get() ));
+ if( friendlyName != null )
+ attributeType.setFriendlyName( StaxParserUtil.getAttributeValue( friendlyName ));
+
+ Attribute nameFormat = startElement.getAttributeByName( new QName( JBossSAMLConstants.NAME_FORMAT.get() ));
+ if( nameFormat != null )
+ attributeType.setNameFormat( StaxParserUtil.getAttributeValue( nameFormat ));
+
+ while( xmlEventReader.hasNext() )
+ {
+ startElement = StaxParserUtil.peekNextStartElement(xmlEventReader);
+ if( startElement == null )
+ break;
+ String tag = StaxParserUtil.getStartElementName(startElement);
+
+ if( JBossSAMLConstants.ATTRIBUTE.get().equals( tag ))
+ break;
+
+ if( JBossSAMLConstants.ATTRIBUTE_VALUE.get().equals( tag ) )
+ {
+ Object attributeValue = parseAttributeValue(xmlEventReader);
+ attributeType.getAttributeValue().add( attributeValue );
+ }
+ else throw new RuntimeException( "Unknown tag:" + tag );
+ }
+
+ return attributeType;
+ }
+
+ /**
+ * Parse Attribute value
+ * @param xmlEventReader
+ * @return
+ * @throws ParsingException
+ */
+ public static Object parseAttributeValue( XMLEventReader xmlEventReader ) throws ParsingException
+ {
+ StartElement startElement = StaxParserUtil.getNextStartElement(xmlEventReader);
+ StaxParserUtil.validate( startElement, JBossSAMLConstants.ATTRIBUTE_VALUE.get() );
+
+ Attribute type = startElement.getAttributeByName( new QName( JBossSAMLURIConstants.XSI_NSURI.get(),
+ "type", "xsi"));
+ if( type == null )
+ throw new RuntimeException( "attribute value has no xsi type" );
+
+ String typeValue = StaxParserUtil.getAttributeValue(type);
+ if( typeValue.contains( ":string" ))
+ {
+ return StaxParserUtil.getElementText(xmlEventReader);
+ }
+
+ throw new RuntimeException( "Unsupported xsi:type=" + typeValue );
+ }
+
+ /**
+ * Parse the AuthnStatement inside the assertion
+ * @param xmlEventReader
+ * @return
+ * @throws ParsingException
+ */
+ public static AuthnStatementType parseAuthnStatement( XMLEventReader xmlEventReader ) throws ParsingException
+ {
+ AuthnStatementType authnStatementType = new AuthnStatementType();
+
+ StartElement startElement = StaxParserUtil.getNextStartElement(xmlEventReader);
+ String AUTHNSTATEMENT = JBossSAMLConstants.AUTHN_STATEMENT.get();
+ StaxParserUtil.validate( startElement, AUTHNSTATEMENT );
+
+ Attribute authnInstant = startElement.getAttributeByName( new QName( "AuthnInstant" ));
+ if( authnInstant == null )
+ throw new RuntimeException( "Required attribute AuthnInstant in " + AUTHNSTATEMENT );
+ authnStatementType.setAuthnInstant( XMLTimeUtil.parse( StaxParserUtil.getAttributeValue( authnInstant )));
+
+ Attribute sessionIndex = startElement.getAttributeByName( new QName( "SessionIndex" ));
+ if( sessionIndex != null )
+ authnStatementType.setSessionIndex( StaxParserUtil.getAttributeValue( sessionIndex ));
+
+ //Get the next start element
+ startElement = StaxParserUtil.peekNextStartElement( xmlEventReader );
+ String tag = startElement.getName().getLocalPart();
+ if( JBossSAMLConstants.AUTHN_CONTEXT.get().equals( tag ) )
+ {
+ authnStatementType.setAuthnContext( parseAuthnContextType( xmlEventReader ) );
+ }
+ else throw new RuntimeException( "Unknown tag:" + tag );
+
+ EndElement endElement = StaxParserUtil.getNextEndElement(xmlEventReader);
+ StaxParserUtil.validate(endElement, AUTHNSTATEMENT );
+
+ return authnStatementType;
+ }
+
+ /**
+ * Parse the AuthnContext Type inside the AuthnStatement
+ * @param xmlEventReader
+ * @return
+ * @throws ParsingException
+ */
+ public static AuthnContextType parseAuthnContextType( XMLEventReader xmlEventReader ) throws ParsingException
+ {
+ AuthnContextType authnContextType = new AuthnContextType();
+
+ StartElement startElement = StaxParserUtil.getNextStartElement(xmlEventReader);
+ StaxParserUtil.validate( startElement, JBossSAMLConstants.AUTHN_CONTEXT.get() );
+
+ //Get the next start element
+ startElement = StaxParserUtil.getNextStartElement(xmlEventReader);
+ String tag = startElement.getName().getLocalPart();
+
+ if( JBossSAMLConstants.AUTHN_CONTEXT_DECLARATION_REF.get().equals( tag ))
+ {
+ String text = StaxParserUtil.getElementText( xmlEventReader );
+
+ JAXBElement<?> acDeclRef = SAMLAssertionFactory.getObjectFactory().createAuthnContextDeclRef( text );
+ authnContextType.getContent().add(acDeclRef);
+ EndElement endElement = StaxParserUtil.getNextEndElement(xmlEventReader);
+ StaxParserUtil.validate(endElement, JBossSAMLConstants.AUTHN_CONTEXT.get() );
+ }
+ else
+ throw new RuntimeException( "Unknown Tag:" + tag );
+
+ return authnContextType;
+ }
+
+ public static NameIDType parseNameIDType( XMLEventReader xmlEventReader ) throws ParsingException
+ {
+ StartElement nameIDElement = StaxParserUtil.getNextStartElement( xmlEventReader );
+ NameIDType nameID = new NameIDType();
+
+ Attribute nameQualifier = nameIDElement.getAttributeByName( new QName( JBossSAMLConstants.NAME_QUALIFIER.get() ));
+ if( nameQualifier != null )
+ {
+ nameID.setNameQualifier( StaxParserUtil.getAttributeValue(nameQualifier) );
+ }
+
+ Attribute format = nameIDElement.getAttributeByName( new QName( JBossSAMLConstants.FORMAT.get() ));
+ if( format != null )
+ {
+ nameID.setFormat( StaxParserUtil.getAttributeValue( format ));
+ }
+
+ Attribute spProvidedID = nameIDElement.getAttributeByName( new QName( JBossSAMLConstants.SP_PROVIDED_ID.get() ));
+ if( spProvidedID != null )
+ {
+ nameID.setSPProvidedID( StaxParserUtil.getAttributeValue( spProvidedID ));
+ }
+
+ Attribute spNameQualifier = nameIDElement.getAttributeByName( new QName( JBossSAMLConstants.SP_NAME_QUALIFIER.get() ));
+ if( spNameQualifier != null )
+ {
+ nameID.setSPNameQualifier( StaxParserUtil.getAttributeValue( spNameQualifier ));
+ }
+
+ String nameIDValue = StaxParserUtil.getElementText( xmlEventReader );
+ nameID.setValue( nameIDValue );
+
+
+ return nameID;
+ }
+}
\ No newline at end of file
Modified: federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/saml/SAMLAssertionParserTestCase.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/saml/SAMLAssertionParserTestCase.java 2010-11-04 17:16:37 UTC (rev 530)
+++ federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/saml/SAMLAssertionParserTestCase.java 2010-11-04 20:40:06 UTC (rev 531)
@@ -113,10 +113,8 @@
//Subject
SubjectType subject = assertion.getSubject();
- List<JAXBElement<?>> content = subject.getContent();
+ List<JAXBElement<?>> content = subject.getContent();
-
-
int size = content.size();
for( int i = 0 ; i < size; i++ )
Modified: federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/saml/SAMLResponseParserTestCase.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/saml/SAMLResponseParserTestCase.java 2010-11-04 17:16:37 UTC (rev 530)
+++ federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/saml/SAMLResponseParserTestCase.java 2010-11-04 20:40:06 UTC (rev 531)
@@ -28,13 +28,19 @@
import java.util.List;
import javax.xml.bind.JAXBElement;
-
+
import org.junit.Test;
import org.picketlink.identity.federation.core.parsers.saml.SAMLParser;
import org.picketlink.identity.federation.core.saml.v2.util.XMLTimeUtil;
import org.picketlink.identity.federation.core.saml.v2.writers.SAMLResponseWriter;
import org.picketlink.identity.federation.saml.v2.assertion.AssertionType;
+import org.picketlink.identity.federation.saml.v2.assertion.AttributeStatementType;
+import org.picketlink.identity.federation.saml.v2.assertion.AttributeType;
import org.picketlink.identity.federation.saml.v2.assertion.AuthnStatementType;
+import org.picketlink.identity.federation.saml.v2.assertion.NameIDType;
+import org.picketlink.identity.federation.saml.v2.assertion.SubjectConfirmationDataType;
+import org.picketlink.identity.federation.saml.v2.assertion.SubjectConfirmationType;
+import org.picketlink.identity.federation.saml.v2.assertion.SubjectType;
import org.picketlink.identity.federation.saml.v2.protocol.ResponseType;
import org.picketlink.identity.federation.saml.v2.protocol.StatusType;
@@ -95,4 +101,91 @@
SAMLResponseWriter writer = new SAMLResponseWriter();
writer.write(response, System.out );
}
+
+ @Test
+ public void testAssertionWithSubjectAndAttributes() throws Exception
+ {
+ ClassLoader tcl = Thread.currentThread().getContextClassLoader();
+ InputStream configStream = tcl.getResourceAsStream( "parser/saml2/saml2-response-assertion-subject.xml" );
+
+ SAMLParser parser = new SAMLParser();
+ ResponseType response = ( ResponseType ) parser.parse(configStream);
+ assertNotNull( response );
+
+ assertEquals( "ID_45df1ea5-81e4-4147-a39a-43a4ef613f4e", response.getID() );
+ assertEquals( XMLTimeUtil.parse( "2010-11-04T00:19:16.847-05:00" ), response.getIssueInstant() );
+ assertEquals( "2.0", response.getVersion() );
+ assertEquals( "http://localhost:8080/employee/", response.getDestination() );
+ assertEquals( "ID_04ded476-d73c-48af-b3a9-232a52905ffb", response.getInResponseTo() );
+
+ //Issuer
+ assertEquals( "http://localhost:8080/idp/", response.getIssuer().getValue() );
+
+ //Status
+ StatusType status = response.getStatus();
+ assertEquals( "urn:oasis:names:tc:SAML:2.0:status:Success", status.getStatusCode().getValue() );
+
+ //Get the assertion
+ AssertionType assertion = (AssertionType) response.getAssertionOrEncryptedAssertion().get(0);
+ assertEquals( "ID_8be1534d-9155-4837-9f26-70ea2c15e327", assertion.getID() );
+ assertEquals( XMLTimeUtil.parse( "2010-11-04T00:19:16.842-05:00" ), assertion.getIssueInstant() );
+ assertEquals( "2.0", assertion.getVersion() );
+
+ assertEquals( "http://localhost:8080/idp/", assertion.getIssuer().getValue() );
+
+ //Subject
+ SubjectType subject = assertion.getSubject();
+ List<JAXBElement<?>> content = subject.getContent();
+
+ int size = content.size();
+
+ for( int i = 0 ; i < size; i++ )
+ {
+ JAXBElement<?> node = content.get(i);
+ Class<?> clazz = node.getDeclaredType();
+
+ if( clazz.equals( NameIDType.class ))
+ {
+ NameIDType subjectNameID = (NameIDType) node.getValue();
+
+ assertEquals( "anil", subjectNameID.getValue() );
+ assertEquals( "urn:oasis:names:tc:SAML:2.0:nameid-format:persistent", subjectNameID.getFormat() );
+ }
+
+ else if( clazz.equals( SubjectConfirmationType.class ))
+ {
+ SubjectConfirmationType subjectConfirmation = (SubjectConfirmationType) node.getValue();
+ assertEquals( "urn:oasis:names:tc:SAML:2.0:cm:bearer", subjectConfirmation.getMethod() );
+
+ SubjectConfirmationDataType subjectConfirmationData = subjectConfirmation.getSubjectConfirmationData();
+ assertEquals( "ID_04ded476-d73c-48af-b3a9-232a52905ffb", subjectConfirmationData.getInResponseTo() );
+ assertEquals( XMLTimeUtil.parse( "2010-11-04T00:19:16.842-05:00" ), subjectConfirmationData.getNotBefore() );
+ assertEquals( XMLTimeUtil.parse( "2010-11-04T00:19:16.842-05:00" ), subjectConfirmationData.getNotOnOrAfter() );
+ assertEquals( "http://localhost:8080/employee/", subjectConfirmationData.getRecipient());
+ }
+
+ else if( clazz.equals( AttributeStatementType.class ))
+ {
+ AttributeStatementType attributeStatement = (AttributeStatementType) node.getValue();
+ List<Object> attributes = attributeStatement.getAttributeOrEncryptedAttribute();
+ assertEquals( 2, attributes.size() );
+
+ for( Object attr: attributes )
+ {
+ AttributeType attribute = (AttributeType) attr;
+ assertEquals( "role", attribute.getFriendlyName() );
+ assertEquals( "role", attribute.getName() );
+ assertEquals( "role", attribute.getNameFormat() );
+ List<Object> attributeValues = attribute.getAttributeValue();
+ assertEquals( 1, attributeValues.size() );
+
+ String str = (String ) attributeValues.get( 0 );
+ if( ! ( str.equals( "employee") || str.equals( "manager" )))
+ throw new RuntimeException( "attrib value not found" );
+ }
+ }
+ else
+ throw new RuntimeException( "unknown" );
+ }
+ }
}
\ No newline at end of file
Added: federation/trunk/picketlink-fed-core/src/test/resources/parser/saml2/saml2-response-assertion-subject.xml
===================================================================
--- federation/trunk/picketlink-fed-core/src/test/resources/parser/saml2/saml2-response-assertion-subject.xml (rev 0)
+++ federation/trunk/picketlink-fed-core/src/test/resources/parser/saml2/saml2-response-assertion-subject.xml 2010-11-04 20:40:06 UTC (rev 531)
@@ -0,0 +1,36 @@
+<samlp:Response xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol"
+ xmlns="urn:oasis:names:tc:SAML:2.0:assertion" ID="ID_45df1ea5-81e4-4147-a39a-43a4ef613f4e"
+ Version="2.0" IssueInstant="2010-11-04T00:19:16.847-05:00" Destination="http://localhost:8080/employee/"
+ InResponseTo="ID_04ded476-d73c-48af-b3a9-232a52905ffb">
+ <Issuer>http://localhost:8080/idp/</Issuer>
+ <samlp:Status>
+ <samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"></samlp:StatusCode>
+ </samlp:Status>
+ <saml:Assertion xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion"
+ xmlns="urn:oasis:names:tc:SAML:2.0:assertion" ID="ID_8be1534d-9155-4837-9f26-70ea2c15e327"
+ Version="2.0" IssueInstant="2010-11-04T00:19:16.842-05:00">
+ <Issuer>http://localhost:8080/idp/</Issuer>
+ <saml:Subject>
+ <saml:NameID Format="urn:oasis:names:tc:SAML:2.0:nameid-format:persistent">anil</saml:NameID>
+ <saml:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer">
+ <saml:SubjectConfirmationData
+ InResponseTo="ID_04ded476-d73c-48af-b3a9-232a52905ffb" NotBefore="2010-11-04T00:19:16.842-05:00"
+ NotOnOrAfter="2010-11-04T00:19:16.842-05:00" Recipient="http://localhost:8080/employee/"></saml:SubjectConfirmationData>
+ </saml:SubjectConfirmation>
+ <saml:AttributeStatement>
+ <saml:Attribute Name="role" FriendlyName="role"
+ NameFormat="role">
+ <saml:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xmlns:xs="http://www.w3.org/2001/XMLSchema" xsi:type="xs:string">employee
+ </saml:AttributeValue>
+ </saml:Attribute>
+ <saml:Attribute Name="role" FriendlyName="role"
+ NameFormat="role">
+ <saml:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xmlns:xs="http://www.w3.org/2001/XMLSchema" xsi:type="xs:string">manager
+ </saml:AttributeValue>
+ </saml:Attribute>
+ </saml:AttributeStatement>
+ </saml:Subject>
+ </saml:Assertion>
+</samlp:Response>
\ No newline at end of file
14 years, 2 months
Picketlink SVN: r530 - in federation/trunk: picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml and 2 other directories.
by picketlink-commits@lists.jboss.org
Author: anil.saldhana(a)jboss.com
Date: 2010-11-04 13:16:37 -0400 (Thu, 04 Nov 2010)
New Revision: 530
Modified:
federation/trunk/picketlink-bindings/src/main/java/org/picketlink/identity/federation/bindings/tomcat/sp/SPRedirectFormAuthenticator.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLSloResponseParser.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/BaseWriter.java
federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/web/handlers/saml2/SAML2LogOutHandler.java
Log:
use stax parsing/writing
Modified: federation/trunk/picketlink-bindings/src/main/java/org/picketlink/identity/federation/bindings/tomcat/sp/SPRedirectFormAuthenticator.java
===================================================================
--- federation/trunk/picketlink-bindings/src/main/java/org/picketlink/identity/federation/bindings/tomcat/sp/SPRedirectFormAuthenticator.java 2010-11-04 16:51:05 UTC (rev 529)
+++ federation/trunk/picketlink-bindings/src/main/java/org/picketlink/identity/federation/bindings/tomcat/sp/SPRedirectFormAuthenticator.java 2010-11-04 17:16:37 UTC (rev 530)
@@ -298,6 +298,7 @@
}
catch (Exception e)
{
+ e.printStackTrace();
if(trace)
log.trace("Server Exception:", e);
throw new IOException("Server Exception:"+ e.getLocalizedMessage());
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLSloResponseParser.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLSloResponseParser.java 2010-11-04 16:51:05 UTC (rev 529)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLSloResponseParser.java 2010-11-04 17:16:37 UTC (rev 530)
@@ -34,8 +34,8 @@
import org.picketlink.identity.federation.core.parsers.util.StaxParserUtil;
import org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLConstants;
import org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLURIConstants;
-import org.picketlink.identity.federation.saml.v2.assertion.NameIDType;
-import org.picketlink.identity.federation.saml.v2.protocol.ResponseType;
+import org.picketlink.identity.federation.saml.v2.assertion.NameIDType;
+import org.picketlink.identity.federation.saml.v2.protocol.StatusResponseType;
/**
* Parse the SLO Response
@@ -51,7 +51,7 @@
StartElement startElement = StaxParserUtil.getNextStartElement(xmlEventReader);
StaxParserUtil.validate(startElement, LOGOUT_RESPONSE.get() );
- ResponseType response = parseBaseAttributes(startElement);
+ StatusResponseType response = parseBaseAttributes(startElement);
while( xmlEventReader.hasNext() )
{
@@ -72,12 +72,7 @@
{
startElement = StaxParserUtil.getNextStartElement( xmlEventReader );
StaxParserUtil.bypassElementBlock(xmlEventReader, JBossSAMLConstants.SIGNATURE.get() );
- }
- else if( JBossSAMLConstants.ASSERTION.get().equals( elementName ))
- {
- SAMLAssertionParser assertionParser = new SAMLAssertionParser();
- response.getAssertionOrEncryptedAssertion().add( assertionParser.parse(xmlEventReader));
- }
+ }
else if( JBossSAMLConstants.STATUS.get().equals( elementName ))
{
response.setStatus( parseStatus(xmlEventReader) );
@@ -92,9 +87,9 @@
* @return
* @throws ConfigurationException
*/
- private ResponseType parseBaseAttributes( StartElement startElement ) throws ParsingException
+ private StatusResponseType parseBaseAttributes( StartElement startElement ) throws ParsingException
{
- ResponseType response = new ResponseType();
+ StatusResponseType response = new StatusResponseType();
super.parseBaseAttributes( startElement, response );
return response;
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/BaseWriter.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/BaseWriter.java 2010-11-04 16:51:05 UTC (rev 529)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/BaseWriter.java 2010-11-04 17:16:37 UTC (rev 530)
@@ -96,6 +96,5 @@
{
if( writer == null )
writer = StaxUtil.getXMLStreamWriter( out );
- }
-
+ }
}
\ No newline at end of file
Modified: federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/web/handlers/saml2/SAML2LogOutHandler.java
===================================================================
--- federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/web/handlers/saml2/SAML2LogOutHandler.java 2010-11-04 16:51:05 UTC (rev 529)
+++ federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/web/handlers/saml2/SAML2LogOutHandler.java 2010-11-04 17:16:37 UTC (rev 530)
@@ -21,25 +21,24 @@
*/
package org.picketlink.identity.federation.web.handlers.saml2;
-import java.io.IOException;
-
import javax.servlet.ServletContext;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpSession;
-import javax.xml.bind.JAXBException;
import javax.xml.parsers.ParserConfigurationException;
import org.apache.log4j.Logger;
import org.picketlink.identity.federation.api.saml.v2.request.SAML2Request;
import org.picketlink.identity.federation.api.saml.v2.response.SAML2Response;
import org.picketlink.identity.federation.core.exceptions.ConfigurationException;
+import org.picketlink.identity.federation.core.exceptions.ParsingException;
import org.picketlink.identity.federation.core.exceptions.ProcessingException;
import org.picketlink.identity.federation.core.saml.v2.common.IDGenerator;
+import org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLConstants;
import org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLURIConstants;
import org.picketlink.identity.federation.core.saml.v2.interfaces.SAML2Handler;
import org.picketlink.identity.federation.core.saml.v2.interfaces.SAML2HandlerRequest;
+import org.picketlink.identity.federation.core.saml.v2.interfaces.SAML2HandlerRequest.GENERATE_REQUEST_TYPE;
import org.picketlink.identity.federation.core.saml.v2.interfaces.SAML2HandlerResponse;
-import org.picketlink.identity.federation.core.saml.v2.interfaces.SAML2HandlerRequest.GENERATE_REQUEST_TYPE;
import org.picketlink.identity.federation.core.saml.v2.util.XMLTimeUtil;
import org.picketlink.identity.federation.saml.v2.SAML2Object;
import org.picketlink.identity.federation.saml.v2.protocol.LogoutRequestType;
@@ -52,7 +51,6 @@
import org.picketlink.identity.federation.web.constants.GeneralConstants;
import org.picketlink.identity.federation.web.core.HTTPContext;
import org.picketlink.identity.federation.web.core.IdentityServer;
-import org.xml.sax.SAXException;
/**
* SAML2 LogOut Profile
@@ -303,8 +301,12 @@
{
throw new ProcessingException(pe);
}
- catch(JAXBException pe)
+ catch (ParsingException e)
{
+ throw new ProcessingException( e );
+ }
+ /*catch(JAXBException pe)
+ {
throw new ProcessingException(pe);
}
catch(IOException pe)
@@ -314,7 +316,7 @@
catch(SAXException pe)
{
throw new ProcessingException(pe);
- }
+ }*/
return;
}
@@ -345,6 +347,7 @@
statusResponse.setIssueInstant(XMLTimeUtil.getIssueInstant());
statusResponse.setInResponseTo(logOutRequestID);
statusResponse.setID(IDGenerator.create("ID_"));
+ statusResponse.setVersion( JBossSAMLConstants.VERSION_2_0.get() );
statusResponse.setIssuer(request.getIssuer());
@@ -353,7 +356,7 @@
SAML2Response saml2Response = new SAML2Response();
response.setResultingDocument(saml2Response.convert(statusResponse));
}
- catch(JAXBException je)
+ catch( ParsingException je)
{
throw new ProcessingException(je);
}
@@ -468,6 +471,7 @@
}
statusResponse.setInResponseTo(logOutRequest.getID());
statusResponse.setID(IDGenerator.create("ID_"));
+ statusResponse.setVersion( JBossSAMLConstants.VERSION_2_0.get() );
statusResponse.setIssuer(request.getIssuer());
14 years, 2 months
Picketlink SVN: r529 - federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml.
by picketlink-commits@lists.jboss.org
Author: anil.saldhana(a)jboss.com
Date: 2010-11-04 12:51:05 -0400 (Thu, 04 Nov 2010)
New Revision: 529
Modified:
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLSubjectParser.java
Log:
parse subject confirmation
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLSubjectParser.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLSubjectParser.java 2010-11-04 16:50:18 UTC (rev 528)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLSubjectParser.java 2010-11-04 16:51:05 UTC (rev 529)
@@ -35,8 +35,10 @@
import org.picketlink.identity.federation.core.parsers.util.StaxParserUtil;
import org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLConstants;
import org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLURIConstants;
+import org.picketlink.identity.federation.core.saml.v2.util.XMLTimeUtil;
import org.picketlink.identity.federation.saml.v2.assertion.NameIDType;
import org.picketlink.identity.federation.saml.v2.assertion.ObjectFactory;
+import org.picketlink.identity.federation.saml.v2.assertion.SubjectConfirmationDataType;
import org.picketlink.identity.federation.saml.v2.assertion.SubjectConfirmationType;
import org.picketlink.identity.federation.saml.v2.assertion.SubjectType;
@@ -80,7 +82,7 @@
try
{
StartElement nameIDElement = StaxParserUtil.getNextStartElement( xmlEventReader );
- Attribute nameQualifier = nameIDElement.getAttributeByName( new QName( "", JBossSAMLConstants.NAME_QUALIFIER.get() ));
+ Attribute nameQualifier = nameIDElement.getAttributeByName( new QName( JBossSAMLConstants.NAME_QUALIFIER.get() ));
if( nameQualifier == null )
nameQualifier = nameIDElement.getAttributeByName( new QName( JBossSAMLURIConstants.ASSERTION_NSURI.get(),
JBossSAMLConstants.NAME_QUALIFIER.get() ));
@@ -107,10 +109,7 @@
else if( JBossSAMLConstants.SUBJECT_CONFIRMATION.get().equalsIgnoreCase( tag ) )
{
StartElement subjectConfirmationElement = StaxParserUtil.getNextStartElement( xmlEventReader );
- Attribute method = subjectConfirmationElement.getAttributeByName( new QName( "", JBossSAMLConstants.METHOD.get() ));
- if( method == null )
- method = subjectConfirmationElement.getAttributeByName( new QName( JBossSAMLURIConstants.ASSERTION_NSURI.get(),
- JBossSAMLConstants.METHOD.get() ));
+ Attribute method = subjectConfirmationElement.getAttributeByName( new QName( JBossSAMLConstants.METHOD.get() ));
SubjectConfirmationType subjectConfirmationType = new SubjectConfirmationType();
@@ -118,6 +117,20 @@
{
subjectConfirmationType.setMethod( StaxParserUtil.getAttributeValue( method ) );
}
+
+ //There may be additional things under subject confirmation
+ xmlEvent = StaxParserUtil.peek(xmlEventReader);
+ if( xmlEvent instanceof StartElement )
+ {
+ StartElement startElement = (StartElement) xmlEvent;
+ String startTag = StaxParserUtil.getStartElementName(startElement);
+
+ if( startTag.equals( JBossSAMLConstants.SUBJECT_CONFIRMATION_DATA.get() ))
+ {
+ SubjectConfirmationDataType subjectConfirmationData = parseSubjectConfirmationData(xmlEventReader);
+ subjectConfirmationType.setSubjectConfirmationData( subjectConfirmationData );
+ }
+ }
JAXBElement<SubjectConfirmationType> jaxbSubjectConf = objectFactory.createSubjectConfirmation( subjectConfirmationType );
subject.getContent().add(jaxbSubjectConf);
@@ -143,4 +156,47 @@
return nsURI.equals( JBossSAMLURIConstants.ASSERTION_NSURI.get() )
&& localPart.equals( JBossSAMLConstants.SUBJECT.get() );
}
+
+ private SubjectConfirmationDataType parseSubjectConfirmationData( XMLEventReader xmlEventReader ) throws ParsingException
+ {
+ StartElement startElement = StaxParserUtil.getNextStartElement(xmlEventReader);
+ StaxParserUtil.validate(startElement, JBossSAMLConstants.SUBJECT_CONFIRMATION_DATA.get() );
+
+ SubjectConfirmationDataType subjectConfirmationData = new SubjectConfirmationDataType();
+
+ Attribute inResponseTo = startElement.getAttributeByName( new QName( JBossSAMLConstants.IN_RESPONSE_TO.get() ));
+ if( inResponseTo != null )
+ {
+ subjectConfirmationData.setInResponseTo( StaxParserUtil.getAttributeValue( inResponseTo ));
+ }
+
+ Attribute notBefore = startElement.getAttributeByName( new QName( JBossSAMLConstants.NOT_BEFORE.get() ));
+ if( notBefore != null )
+ {
+ subjectConfirmationData.setNotBefore( XMLTimeUtil.parse( StaxParserUtil.getAttributeValue( notBefore )));
+ }
+
+ Attribute notOnOrAfter = startElement.getAttributeByName( new QName( JBossSAMLConstants.NOT_ON_OR_AFTER.get() ));
+ if( notOnOrAfter != null )
+ {
+ subjectConfirmationData.setNotOnOrAfter( XMLTimeUtil.parse( StaxParserUtil.getAttributeValue( notOnOrAfter )));
+ }
+
+ Attribute recipient = startElement.getAttributeByName( new QName( JBossSAMLConstants.RECIPIENT.get() ));
+ if( recipient != null )
+ {
+ subjectConfirmationData.setRecipient( StaxParserUtil.getAttributeValue( recipient ));
+ }
+
+ Attribute address = startElement.getAttributeByName( new QName( JBossSAMLConstants.ADDRESS.get() ));
+ if( address != null )
+ {
+ subjectConfirmationData.setAddress( StaxParserUtil.getAttributeValue( address ));
+ }
+
+ //Get the end tag
+ EndElement endElement = (EndElement) StaxParserUtil.getNextEvent(xmlEventReader);
+ StaxParserUtil.matches(endElement, JBossSAMLConstants.SUBJECT_CONFIRMATION_DATA.get() );
+ return subjectConfirmationData;
+ }
}
\ No newline at end of file
14 years, 2 months
Picketlink SVN: r528 - in federation/trunk/picketlink-fed-api/src/main/java/org/picketlink/identity/federation/api/saml/v2: response and 1 other directory.
by picketlink-commits@lists.jboss.org
Author: anil.saldhana(a)jboss.com
Date: 2010-11-04 12:50:18 -0400 (Thu, 04 Nov 2010)
New Revision: 528
Modified:
federation/trunk/picketlink-fed-api/src/main/java/org/picketlink/identity/federation/api/saml/v2/request/SAML2Request.java
federation/trunk/picketlink-fed-api/src/main/java/org/picketlink/identity/federation/api/saml/v2/response/SAML2Response.java
Log:
stax parsing and writing
Modified: federation/trunk/picketlink-fed-api/src/main/java/org/picketlink/identity/federation/api/saml/v2/request/SAML2Request.java
===================================================================
--- federation/trunk/picketlink-fed-api/src/main/java/org/picketlink/identity/federation/api/saml/v2/request/SAML2Request.java 2010-11-04 16:49:46 UTC (rev 527)
+++ federation/trunk/picketlink-fed-api/src/main/java/org/picketlink/identity/federation/api/saml/v2/request/SAML2Request.java 2010-11-04 16:50:18 UTC (rev 528)
@@ -21,6 +21,7 @@
*/
package org.picketlink.identity.federation.api.saml.v2.request;
+import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
@@ -38,13 +39,16 @@
import org.picketlink.identity.federation.core.exceptions.ConfigurationException;
import org.picketlink.identity.federation.core.exceptions.ParsingException;
import org.picketlink.identity.federation.core.exceptions.ProcessingException;
+import org.picketlink.identity.federation.core.parsers.saml.SAMLParser;
import org.picketlink.identity.federation.core.saml.v2.common.IDGenerator;
import org.picketlink.identity.federation.core.saml.v2.common.SAMLDocumentHolder;
+import org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLConstants;
import org.picketlink.identity.federation.core.saml.v2.factories.JBossSAMLAuthnRequestFactory;
import org.picketlink.identity.federation.core.saml.v2.factories.JBossSAMLBaseFactory;
import org.picketlink.identity.federation.core.saml.v2.util.DocumentUtil;
import org.picketlink.identity.federation.core.saml.v2.util.JAXBElementMappingUtil;
import org.picketlink.identity.federation.core.saml.v2.util.XMLTimeUtil;
+import org.picketlink.identity.federation.core.saml.v2.writers.SAMLRequestWriter;
import org.picketlink.identity.federation.core.util.JAXBUtil;
import org.picketlink.identity.federation.saml.v2.SAML2Object;
import org.picketlink.identity.federation.saml.v2.assertion.NameIDType;
@@ -119,8 +123,7 @@
* @return
* @throws IOException
* @throws ParsingException
- */
- @SuppressWarnings("unchecked")
+ */
public SAML2Object getSAML2ObjectFromStream(InputStream is)
throws ConfigurationException, ParsingException,
ProcessingException
@@ -130,18 +133,22 @@
Document samlDocument = DocumentUtil.getDocument(is);
- try
- {
- Binder<Node> binder = getBinder();
+ /*try
+ {*/
+ /*Binder<Node> binder = getBinder();
JAXBElement<SAML2Object> jaxbAuthnRequestType = (JAXBElement<SAML2Object>) binder.unmarshal(samlDocument);
- SAML2Object requestType = jaxbAuthnRequestType.getValue();
+ SAML2Object requestType = jaxbAuthnRequestType.getValue();*/
+
+ SAMLParser samlParser = new SAMLParser();
+ SAML2Object requestType = (SAML2Object) samlParser.parse( DocumentUtil.getNodeAsStream( samlDocument ));
+
samlDocumentHolder = new SAMLDocumentHolder(requestType, samlDocument);
return requestType;
- }
+ /*}
catch (JAXBException e)
{
throw new ParsingException(e);
- }
+ }*/
}
/**
@@ -220,6 +227,7 @@
LogoutRequestType lrt = of.createLogoutRequestType();
lrt.setID(IDGenerator.create("ID_"));
lrt.setIssueInstant(XMLTimeUtil.getIssueInstant());
+ lrt.setVersion( JBossSAMLConstants.VERSION_2_0.get() );
//Create an issuer
NameIDType issuerNameID = JBossSAMLBaseFactory.createNameID();
@@ -275,20 +283,36 @@
* Return the DOM object
* @param rat
* @return
- * @throws SAXException
- * @throws IOException
- * @throws JAXBException
- * @throws ParserConfigurationException
+ * @throws ProcessingException
+ * @throws ParsingException
+ * @throws ConfigurationException
*/
+ /*public Document convert(RequestAbstractType rat)
+ throws SAXException, IOException, JAXBException, ConfigurationException */
+
public Document convert(RequestAbstractType rat)
- throws SAXException, IOException, JAXBException, ConfigurationException
+ throws ProcessingException, ConfigurationException, ParsingException
{
- JAXBContext jaxb = JAXBUtil.getJAXBContext(RequestAbstractType.class);
+ ByteArrayOutputStream bos = new ByteArrayOutputStream();
+
+ SAMLRequestWriter writer = new SAMLRequestWriter();
+ if( rat instanceof AuthnRequestType )
+ {
+ writer.write( (AuthnRequestType) rat, bos);
+ }
+ else if( rat instanceof LogoutRequestType )
+ {
+ writer.write( (LogoutRequestType) rat, bos);
+ }
+
+ return DocumentUtil.getDocument( new String( bos.toByteArray() ));
+
+ /*JAXBContext jaxb = JAXBUtil.getJAXBContext(RequestAbstractType.class);
Binder<Node> binder = jaxb.createBinder();
Document doc = DocumentUtil.createDocument();
binder.marshal(JAXBElementMappingUtil.get(rat), doc);
- return doc;
+ return doc;*/
}
/**
Modified: federation/trunk/picketlink-fed-api/src/main/java/org/picketlink/identity/federation/api/saml/v2/response/SAML2Response.java
===================================================================
--- federation/trunk/picketlink-fed-api/src/main/java/org/picketlink/identity/federation/api/saml/v2/response/SAML2Response.java 2010-11-04 16:49:46 UTC (rev 527)
+++ federation/trunk/picketlink-fed-api/src/main/java/org/picketlink/identity/federation/api/saml/v2/response/SAML2Response.java 2010-11-04 16:50:18 UTC (rev 528)
@@ -21,6 +21,11 @@
*/
package org.picketlink.identity.federation.api.saml.v2.response;
+import static org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLConstants.LOGOUT_RESPONSE;
+import static org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLURIConstants.PROTOCOL_NSURI;
+
+import java.io.ByteArrayInputStream;
+import java.io.ByteArrayOutputStream;
import java.io.InputStream;
import java.io.OutputStream;
import java.io.Writer;
@@ -33,12 +38,14 @@
import javax.xml.bind.Marshaller;
import javax.xml.bind.Unmarshaller;
import javax.xml.datatype.XMLGregorianCalendar;
+import javax.xml.namespace.QName;
import javax.xml.parsers.ParserConfigurationException;
import org.picketlink.identity.federation.core.constants.PicketLinkFederationConstants;
import org.picketlink.identity.federation.core.exceptions.ConfigurationException;
import org.picketlink.identity.federation.core.exceptions.ParsingException;
import org.picketlink.identity.federation.core.exceptions.ProcessingException;
+import org.picketlink.identity.federation.core.parsers.saml.SAMLParser;
import org.picketlink.identity.federation.core.saml.v2.common.SAMLDocumentHolder;
import org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLURIConstants;
import org.picketlink.identity.federation.core.saml.v2.exceptions.IssueInstantMissingException;
@@ -51,6 +58,7 @@
import org.picketlink.identity.federation.core.saml.v2.util.AssertionUtil;
import org.picketlink.identity.federation.core.saml.v2.util.DocumentUtil;
import org.picketlink.identity.federation.core.saml.v2.util.JAXBElementMappingUtil;
+import org.picketlink.identity.federation.core.saml.v2.writers.SAMLResponseWriter;
import org.picketlink.identity.federation.core.util.JAXBUtil;
import org.picketlink.identity.federation.saml.v2.SAML2Object;
import org.picketlink.identity.federation.saml.v2.assertion.ActionType;
@@ -270,8 +278,7 @@
* @throws ParsingException
* @throws ConfigurationException
* @throws ProcessingException
- */
- @SuppressWarnings("unchecked")
+ */
public SAML2Object getSAML2ObjectFromStream(InputStream is) throws ParsingException, ConfigurationException, ProcessingException
{
if(is == null)
@@ -279,18 +286,25 @@
Document samlResponseDocument = DocumentUtil.getDocument(is);
+ System.out.println( "RESPONSE=" + DocumentUtil.asString(samlResponseDocument));
+ /*
try
{
Binder<Node> binder = getBinder();
JAXBElement<SAML2Object> saml2Object = (JAXBElement<SAML2Object>) binder.unmarshal(samlResponseDocument);
SAML2Object responseType = saml2Object.getValue();
+ */
+ SAMLParser samlParser = new SAMLParser();
+ SAML2Object responseType = (SAML2Object) samlParser.parse( DocumentUtil.getNodeAsStream( samlResponseDocument ));
+
samlDocumentHolder = new SAMLDocumentHolder(responseType, samlResponseDocument);
return responseType;
+ /*
}
catch (JAXBException e)
{
throw new ParsingException(e);
- }
+ } */
}
/**
@@ -326,17 +340,40 @@
* Convert a SAML2 Response into a Document
* @param responseType
* @return
+ * @throws ParsingException
+ * @throws ConfigurationException
* @throws JAXBException
* @throws ParserConfigurationException
- */
- public Document convert(StatusResponseType responseType) throws JAXBException, ConfigurationException
+ *//*
+ public Document convert(StatusResponseType responseType) throws JAXBException, ConfigurationException*/
+
+
+ public Document convert(StatusResponseType responseType) throws ProcessingException, ConfigurationException, ParsingException
{
- JAXBContext jaxb = JAXBUtil.getJAXBContext(StatusResponseType.class);
+ ByteArrayOutputStream bos = new ByteArrayOutputStream();
+
+ SAMLResponseWriter writer = new SAMLResponseWriter();
+
+ if( responseType instanceof ResponseType )
+ {
+ ResponseType response = (ResponseType) responseType;
+ writer.write(response, bos );
+ }
+ else
+ {
+ writer.write(responseType, new QName( PROTOCOL_NSURI.get(), LOGOUT_RESPONSE.get(), "samlp"), bos );
+ }
+
+ //System.out.println( new String( bos.toByteArray() ) );
+ return DocumentUtil.getDocument( new ByteArrayInputStream( bos.toByteArray() ));
+
+ /*JAXBContext jaxb = JAXBUtil.getJAXBContext(StatusResponseType.class);
+ *
Binder<Node> binder = jaxb.createBinder();
Document responseDocument = DocumentUtil.createDocument();
binder.marshal(JAXBElementMappingUtil.get(responseType), responseDocument);
- return responseDocument;
+ return responseDocument; */
}
/**
14 years, 2 months
Picketlink SVN: r527 - federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers.
by picketlink-commits@lists.jboss.org
Author: anil.saldhana(a)jboss.com
Date: 2010-11-04 12:49:46 -0400 (Thu, 04 Nov 2010)
New Revision: 527
Modified:
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/SAMLRequestWriter.java
Log:
write destination and consent
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/SAMLRequestWriter.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/SAMLRequestWriter.java 2010-11-04 16:48:54 UTC (rev 526)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/SAMLRequestWriter.java 2010-11-04 16:49:46 UTC (rev 527)
@@ -107,6 +107,16 @@
StaxUtil.writeAttribute( writer, JBossSAMLConstants.VERSION.get(), logOutRequest.getVersion() );
StaxUtil.writeAttribute( writer, JBossSAMLConstants.ISSUE_INSTANT.get(), logOutRequest.getIssueInstant().toString() );
+ String destination = logOutRequest.getDestination();
+ if( StringUtil.isNotNull( destination ))
+ {
+ StaxUtil.writeAttribute( writer, JBossSAMLConstants.DESTINATION.get(),destination );
+ }
+
+ String consent = logOutRequest.getConsent();
+ if( StringUtil.isNotNull( consent ))
+ StaxUtil.writeAttribute( writer, JBossSAMLConstants.CONSENT.get(), consent );
+
NameIDType issuer = logOutRequest.getIssuer();
write( issuer, new QName( ASSERTION_NSURI.get(), JBossSAMLConstants.ISSUER.get() ), out );
14 years, 2 months
Picketlink SVN: r526 - federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml.
by picketlink-commits@lists.jboss.org
Author: anil.saldhana(a)jboss.com
Date: 2010-11-04 12:48:54 -0400 (Thu, 04 Nov 2010)
New Revision: 526
Modified:
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLAssertionParser.java
Log:
parse attributes
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLAssertionParser.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLAssertionParser.java 2010-11-04 16:48:13 UTC (rev 525)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLAssertionParser.java 2010-11-04 16:48:54 UTC (rev 526)
@@ -37,6 +37,8 @@
import org.picketlink.identity.federation.core.saml.v2.factories.SAMLAssertionFactory;
import org.picketlink.identity.federation.core.saml.v2.util.XMLTimeUtil;
import org.picketlink.identity.federation.saml.v2.assertion.AssertionType;
+import org.picketlink.identity.federation.saml.v2.assertion.AttributeStatementType;
+import org.picketlink.identity.federation.saml.v2.assertion.AttributeType;
import org.picketlink.identity.federation.saml.v2.assertion.AuthnContextType;
import org.picketlink.identity.federation.saml.v2.assertion.AuthnStatementType;
import org.picketlink.identity.federation.saml.v2.assertion.ConditionsType;
@@ -58,7 +60,7 @@
public Object parse(XMLEventReader xmlEventReader) throws ParsingException
{
StartElement startElement = StaxParserUtil.getNextStartElement(xmlEventReader);
- StaxParserUtil.matches(startElement, ASSERTION );
+ StaxParserUtil.validate(startElement, ASSERTION );
AssertionType assertion = parseBaseAttributes( startElement );
//Peek at the next event
@@ -92,23 +94,6 @@
String tag = StaxParserUtil.getStartElementName( peekedElement );
- /*if( tag.equals( JBossSAMLConstants.ASSERTION.get() ))
- {
- StartElement nextElement = StaxParserUtil.getNextStartElement(xmlEventReader);
- Attribute idAttribute = nextElement.getAttributeByName( new QName( JBossSAMLConstants.ID.get() ) );
- assertion.setID( StaxParserUtil.getAttributeValue( idAttribute ));
-
- Attribute versionAttribute = nextElement.getAttributeByName( new QName( JBossSAMLConstants.VERSION.get() ));
- assertion.setVersion( StaxParserUtil.getAttributeValue(versionAttribute) );
-
- Attribute issueInstantAttribute = nextElement.getAttributeByName( new QName( JBossSAMLConstants.ISSUE_INSTANT.get() ));
- if( issueInstantAttribute != null )
- {
- assertion.setIssueInstant( XMLTimeUtil.parse( StaxParserUtil.getAttributeValue(issueInstantAttribute )));
- }
- continue;
- }*/
-
if( tag.equals( JBossSAMLConstants.SIGNATURE.get() ) )
{
StaxParserUtil.bypassElementBlock(xmlEventReader, JBossSAMLConstants.SIGNATURE.get() );
@@ -141,6 +126,12 @@
AuthnStatementType authnStatementType = parseAuthnStatement( xmlEventReader );
assertion.getStatementOrAuthnStatementOrAuthzDecisionStatement().add( authnStatementType );
}
+ else if( JBossSAMLConstants.ATTRIBUTE_STATEMENT.get().equalsIgnoreCase( tag ) )
+ {
+ AttributeStatementType attributeStatementType = parseAttributeStatement( xmlEventReader );
+ assertion.getStatementOrAuthnStatementOrAuthzDecisionStatement().add( attributeStatementType );
+ }
+ else throw new RuntimeException( "SAMLAssertionParser:: unknown: " + tag );
}
return assertion;
}
@@ -187,7 +178,7 @@
StartElement startElement = StaxParserUtil.getNextStartElement(xmlEventReader);
String AUTHNSTATEMENT = JBossSAMLConstants.AUTHN_STATEMENT.get();
- StaxParserUtil.matches( startElement, AUTHNSTATEMENT );
+ StaxParserUtil.validate( startElement, AUTHNSTATEMENT );
Attribute authnInstant = startElement.getAttributeByName( new QName( "AuthnInstant" ));
if( authnInstant == null )
@@ -214,6 +205,86 @@
}
/**
+ * Parse the AuthnStatement inside the assertion
+ * @param xmlEventReader
+ * @return
+ * @throws ParsingException
+ */
+ private AttributeStatementType parseAttributeStatement( XMLEventReader xmlEventReader ) throws ParsingException
+ {
+ AttributeStatementType attributeStatementType = new AttributeStatementType();
+
+ StartElement startElement = StaxParserUtil.getNextStartElement(xmlEventReader);
+ String AUTHNSTATEMENT = JBossSAMLConstants.ATTRIBUTE_STATEMENT.get();
+ StaxParserUtil.validate( startElement, AUTHNSTATEMENT );
+
+ while( xmlEventReader.hasNext() )
+ {
+ //Get the next start element
+ startElement = StaxParserUtil.peekNextStartElement( xmlEventReader );
+ String tag = startElement.getName().getLocalPart();
+ if( JBossSAMLConstants.ATTRIBUTE.get().equals( tag ) )
+ {
+ AttributeType attribute = parseAttribute(xmlEventReader);
+ attributeStatementType.getAttributeOrEncryptedAttribute().add( attribute );
+ }
+ else throw new RuntimeException( "Unknown tag:" + tag );
+ }
+
+ /* EndElement endElement = StaxParserUtil.getNextEndElement(xmlEventReader);
+ StaxParserUtil.validate(endElement,JBossSAMLConstants.ATTRIBUTE_STATEMENT.get() );
+ */
+ return attributeStatementType;
+ }
+
+ /**
+ * Parse an {@code AttributeType}
+ * @param xmlEventReader
+ * @return
+ * @throws ParsingException
+ */
+ private AttributeType parseAttribute( XMLEventReader xmlEventReader ) throws ParsingException
+ {
+ AttributeType attributeType = new AttributeType();
+
+ StartElement startElement = StaxParserUtil.getNextStartElement(xmlEventReader);
+ StaxParserUtil.validate( startElement, JBossSAMLConstants.ATTRIBUTE.get() );
+
+ Attribute name = startElement.getAttributeByName( new QName( JBossSAMLConstants.NAME.get() ));
+ if( name == null )
+ throw new RuntimeException( "Required attribute Name in Attribute" );
+ attributeType.setName( StaxParserUtil.getAttributeValue( name ));
+
+ Attribute friendlyName = startElement.getAttributeByName( new QName( JBossSAMLConstants.FRIENDLY_NAME.get() ));
+ if( friendlyName != null )
+ attributeType.setFriendlyName( StaxParserUtil.getAttributeValue( friendlyName ));
+
+ Attribute nameFormat = startElement.getAttributeByName( new QName( JBossSAMLConstants.NAME_FORMAT.get() ));
+ if( nameFormat != null )
+ attributeType.setNameFormat( StaxParserUtil.getAttributeValue( nameFormat ));
+
+ while( xmlEventReader.hasNext() )
+ {
+ startElement = StaxParserUtil.peekNextStartElement(xmlEventReader);
+ if( startElement == null )
+ break;
+ String tag = StaxParserUtil.getStartElementName(startElement);
+
+ if( JBossSAMLConstants.ATTRIBUTE.get().equals( tag ))
+ break;
+
+ if( JBossSAMLConstants.ATTRIBUTE_VALUE.get().equals( tag ) )
+ {
+ Object attributeValue = parseAttributeValue(xmlEventReader);
+ attributeType.getAttributeValue().add( attributeValue );
+ }
+ else throw new RuntimeException( "Unknown tag:" + tag );
+ }
+
+ return attributeType;
+ }
+
+ /**
* Parse the AuthnContext Type inside the AuthnStatement
* @param xmlEventReader
* @return
@@ -224,7 +295,7 @@
AuthnContextType authnContextType = new AuthnContextType();
StartElement startElement = StaxParserUtil.getNextStartElement(xmlEventReader);
- StaxParserUtil.matches( startElement, JBossSAMLConstants.AUTHN_CONTEXT.get() );
+ StaxParserUtil.validate( startElement, JBossSAMLConstants.AUTHN_CONTEXT.get() );
//Get the next start element
startElement = StaxParserUtil.getNextStartElement(xmlEventReader);
@@ -244,4 +315,29 @@
return authnContextType;
}
+
+ /**
+ * Parse Attribute value
+ * @param xmlEventReader
+ * @return
+ * @throws ParsingException
+ */
+ private Object parseAttributeValue( XMLEventReader xmlEventReader ) throws ParsingException
+ {
+ StartElement startElement = StaxParserUtil.getNextStartElement(xmlEventReader);
+ StaxParserUtil.validate( startElement, JBossSAMLConstants.ATTRIBUTE_VALUE.get() );
+
+ Attribute type = startElement.getAttributeByName( new QName( JBossSAMLURIConstants.XSI_NSURI.get(),
+ "type", "xsi"));
+ if( type == null )
+ throw new RuntimeException( "attribute value has no xsi type" );
+
+ String typeValue = StaxParserUtil.getAttributeValue(type);
+ if( typeValue.contains( ":string" ))
+ {
+ return StaxParserUtil.getElementText(xmlEventReader);
+ }
+
+ throw new RuntimeException( "Unsupported xsi:type=" + typeValue );
+ }
}
\ No newline at end of file
14 years, 2 months