Picketlink SVN: r591 - in federation/trunk: picketlink-web/src/main/java/org/picketlink/identity/federation/web/roles and 1 other directory.
by picketlink-commits@lists.jboss.org
Author: anil.saldhana(a)jboss.com
Date: 2010-12-09 15:13:04 -0500 (Thu, 09 Dec 2010)
New Revision: 591
Modified:
federation/trunk/picketlink-fed-api/src/main/java/org/picketlink/identity/federation/api/saml/v2/request/SAML2Request.java
federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/web/roles/DefaultRoleGenerator.java
Log:
minor cosmetic
Modified: federation/trunk/picketlink-fed-api/src/main/java/org/picketlink/identity/federation/api/saml/v2/request/SAML2Request.java
===================================================================
--- federation/trunk/picketlink-fed-api/src/main/java/org/picketlink/identity/federation/api/saml/v2/request/SAML2Request.java 2010-12-09 20:12:48 UTC (rev 590)
+++ federation/trunk/picketlink-fed-api/src/main/java/org/picketlink/identity/federation/api/saml/v2/request/SAML2Request.java 2010-12-09 20:13:04 UTC (rev 591)
@@ -34,7 +34,6 @@
import javax.xml.bind.Unmarshaller;
import javax.xml.parsers.ParserConfigurationException;
-import org.picketlink.identity.federation.core.constants.PicketLinkFederationConstants;
import org.picketlink.identity.federation.core.exceptions.ConfigurationException;
import org.picketlink.identity.federation.core.exceptions.ParsingException;
import org.picketlink.identity.federation.core.exceptions.ProcessingException;
@@ -179,7 +178,7 @@
{
if(is == null)
throw new IllegalStateException("InputStream is null");
- String key = PicketLinkFederationConstants.JAXB_SCHEMA_VALIDATION;
+ //String key = PicketLinkFederationConstants.JAXB_SCHEMA_VALIDATION;
//boolean validate = Boolean.parseBoolean(SecurityActions.getSystemProperty(key, "false"));
Document samlDocument = DocumentUtil.getDocument( is );
Modified: federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/web/roles/DefaultRoleGenerator.java
===================================================================
--- federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/web/roles/DefaultRoleGenerator.java 2010-12-09 20:12:48 UTC (rev 590)
+++ federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/web/roles/DefaultRoleGenerator.java 2010-12-09 20:13:04 UTC (rev 591)
@@ -72,5 +72,4 @@
}
return roles;
}
-
}
\ No newline at end of file
14 years
Picketlink SVN: r590 - federation/trunk/picketlink-web/src/test/java/org/picketlink/test/identity/federation/web/workflow/saml2.
by picketlink-commits@lists.jboss.org
Author: anil.saldhana(a)jboss.com
Date: 2010-12-09 15:12:48 -0500 (Thu, 09 Dec 2010)
New Revision: 590
Modified:
federation/trunk/picketlink-web/src/test/java/org/picketlink/test/identity/federation/web/workflow/saml2/SAML2LogoutWorkflowUnitTestCase.java
Log:
use junit4
Modified: federation/trunk/picketlink-web/src/test/java/org/picketlink/test/identity/federation/web/workflow/saml2/SAML2LogoutWorkflowUnitTestCase.java
===================================================================
--- federation/trunk/picketlink-web/src/test/java/org/picketlink/test/identity/federation/web/workflow/saml2/SAML2LogoutWorkflowUnitTestCase.java 2010-12-09 20:11:59 UTC (rev 589)
+++ federation/trunk/picketlink-web/src/test/java/org/picketlink/test/identity/federation/web/workflow/saml2/SAML2LogoutWorkflowUnitTestCase.java 2010-12-09 20:12:48 UTC (rev 590)
@@ -21,6 +21,10 @@
*/
package org.picketlink.test.identity.federation.web.workflow.saml2;
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertNotNull;
+import static org.junit.Assert.assertTrue;
+
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.PrintWriter;
@@ -34,13 +38,12 @@
import javax.servlet.http.HttpSession;
import javax.servlet.http.HttpSessionEvent;
-import junit.framework.TestCase;
-
+import org.junit.Test;
import org.picketlink.identity.federation.api.saml.v2.request.SAML2Request;
import org.picketlink.identity.federation.core.saml.v2.util.DocumentUtil;
import org.picketlink.identity.federation.core.util.Base64;
import org.picketlink.identity.federation.newmodel.saml.v2.protocol.LogoutRequestType;
-import org.picketlink.identity.federation.saml.v2.SAML2Object;
+import org.picketlink.identity.federation.saml.v2.SAML2Object;
import org.picketlink.identity.federation.web.constants.GeneralConstants;
import org.picketlink.identity.federation.web.core.IdentityServer;
import org.picketlink.identity.federation.web.filters.SPFilter;
@@ -63,10 +66,10 @@
* @author Anil.Saldhana(a)redhat.com
* @since Oct 7, 2009
*/
-public class SAML2LogoutWorkflowUnitTestCase extends TestCase
+public class SAML2LogoutWorkflowUnitTestCase
{
private String profile = "saml2/logout";
- private ClassLoader tcl = Thread.currentThread().getContextClassLoader();
+ private ClassLoader tcl;
private String employee = "http://localhost:8080/employee/";
private String sales = "http://localhost:8080/sales/";
@@ -76,8 +79,11 @@
* @see {@code GeneralConstants#GLOBAL_LOGOUT}
* @throws Exception
*/
+ @Test
public void testSPFilterLogOutRequestGeneration() throws Exception
{
+ tcl = Thread.currentThread().getContextClassLoader();
+
MockHttpSession session = new MockHttpSession();
session.setAttribute(GeneralConstants.PRINCIPAL_ID, new Principal()
{
@@ -141,8 +147,10 @@
* f) employee app invalidates its session
* @throws Exception
*/
+ @Test
public void testSAML2LogOutFromIDPServlet() throws Exception
{
+ tcl = Thread.currentThread().getContextClassLoader();
MockHttpSession session = new MockHttpSession();
MockContextClassLoader mclIDP = setupTCL(profile + "/idp");
14 years
Picketlink SVN: r589 - federation/trunk/picketlink-web/src/test/java/org/picketlink/test/identity/federation/web/mock.
by picketlink-commits@lists.jboss.org
Author: anil.saldhana(a)jboss.com
Date: 2010-12-09 15:11:59 -0500 (Thu, 09 Dec 2010)
New Revision: 589
Modified:
federation/trunk/picketlink-web/src/test/java/org/picketlink/test/identity/federation/web/mock/MockContextClassLoader.java
Log:
check our classpath first
Modified: federation/trunk/picketlink-web/src/test/java/org/picketlink/test/identity/federation/web/mock/MockContextClassLoader.java
===================================================================
--- federation/trunk/picketlink-web/src/test/java/org/picketlink/test/identity/federation/web/mock/MockContextClassLoader.java 2010-12-09 20:11:29 UTC (rev 588)
+++ federation/trunk/picketlink-web/src/test/java/org/picketlink/test/identity/federation/web/mock/MockContextClassLoader.java 2010-12-09 20:11:59 UTC (rev 589)
@@ -55,7 +55,10 @@
public InputStream getResourceAsStream(String name)
{
if(profile == null)
- throw new RuntimeException("null profile");
- return delegate.getResourceAsStream(profile + "/" + name);
+ throw new RuntimeException("null profile");
+ InputStream is = super.getResourceAsStream(name);
+ if( is == null )
+ is = delegate.getResourceAsStream(profile + "/" + name);
+ return is;
}
}
\ No newline at end of file
14 years
Picketlink SVN: r588 - federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/web/servlets.
by picketlink-commits@lists.jboss.org
Author: anil.saldhana(a)jboss.com
Date: 2010-12-09 15:11:29 -0500 (Thu, 09 Dec 2010)
New Revision: 588
Modified:
federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/web/servlets/IDPServlet.java
Log:
change types
Modified: federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/web/servlets/IDPServlet.java
===================================================================
--- federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/web/servlets/IDPServlet.java 2010-12-09 19:38:58 UTC (rev 587)
+++ federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/web/servlets/IDPServlet.java 2010-12-09 20:11:29 UTC (rev 588)
@@ -74,9 +74,9 @@
import org.picketlink.identity.federation.core.saml.v2.util.HandlerUtil;
import org.picketlink.identity.federation.core.util.CoreConfigUtil;
import org.picketlink.identity.federation.core.util.XMLSignatureUtil;
-import org.picketlink.identity.federation.saml.v2.SAML2Object;
-import org.picketlink.identity.federation.saml.v2.protocol.RequestAbstractType;
-import org.picketlink.identity.federation.saml.v2.protocol.StatusResponseType;
+import org.picketlink.identity.federation.newmodel.saml.v2.protocol.RequestAbstractType;
+import org.picketlink.identity.federation.newmodel.saml.v2.protocol.StatusResponseType;
+import org.picketlink.identity.federation.saml.v2.SAML2Object;
import org.picketlink.identity.federation.web.constants.GeneralConstants;
import org.picketlink.identity.federation.web.core.HTTPContext;
import org.picketlink.identity.federation.web.core.IdentityServer;
14 years
Picketlink SVN: r587 - federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/factories.
by picketlink-commits@lists.jboss.org
Author: anil.saldhana(a)jboss.com
Date: 2010-12-09 14:38:58 -0500 (Thu, 09 Dec 2010)
New Revision: 587
Modified:
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/factories/JBossSAMLAuthnRequestFactory.java
Log:
dest can be null
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/factories/JBossSAMLAuthnRequestFactory.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/factories/JBossSAMLAuthnRequestFactory.java 2010-12-09 19:38:42 UTC (rev 586)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/factories/JBossSAMLAuthnRequestFactory.java 2010-12-09 19:38:58 UTC (rev 587)
@@ -55,7 +55,7 @@
*/
public static AuthnRequestType createAuthnRequestType(String id,
String assertionConsumerURL, String destination, String issuerValue) throws ConfigurationException
- {
+ {
XMLGregorianCalendar issueInstant = XMLTimeUtil.getIssueInstant();
AuthnRequestType authnRequest = new AuthnRequestType();
@@ -63,7 +63,10 @@
authnRequest.setVersion(JBossSAMLConstants.VERSION_2_0.get());
authnRequest.setAssertionConsumerServiceURL( NetworkUtil.createURI( assertionConsumerURL ));
authnRequest.setProtocolBinding( NetworkUtil.createURI( JBossSAMLConstants.HTTP_POST_BINDING.get() ));
- authnRequest.setDestination( NetworkUtil.createURI( destination ));
+ if( destination != null )
+ {
+ authnRequest.setDestination( NetworkUtil.createURI( destination ));
+ }
authnRequest.setIssueInstant(issueInstant);
//Create an issuer
14 years
Picketlink SVN: r586 - federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/util.
by picketlink-commits@lists.jboss.org
Author: anil.saldhana(a)jboss.com
Date: 2010-12-09 14:38:42 -0500 (Thu, 09 Dec 2010)
New Revision: 586
Modified:
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/util/NetworkUtil.java
Log:
add value check
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/util/NetworkUtil.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/util/NetworkUtil.java 2010-12-04 01:55:23 UTC (rev 585)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/util/NetworkUtil.java 2010-12-09 19:38:42 UTC (rev 586)
@@ -38,6 +38,9 @@
*/
public static URI createURI( String value )
{
+ if( value == null )
+ throw new IllegalArgumentException( "value is null" );
+
try
{
return new URI( value );
14 years
Picketlink SVN: r585 - in federation/trunk: picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers and 3 other directories.
by picketlink-commits@lists.jboss.org
Author: sguilhen(a)redhat.com
Date: 2010-12-03 20:55:23 -0500 (Fri, 03 Dec 2010)
New Revision: 585
Added:
federation/trunk/picketlink-xmlsec-model/src/main/java/org/picketlink/identity/xmlsec/w3/xmldsig/X509CertificateType.java
Modified:
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLStatusResponseTypeParser.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLSubjectParser.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/SAMLAssertionWriter.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/StandardRequestHandler.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/WSTrustConstants.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/WSTrustUtil.java
federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/wstrust/PicketLinkSTSUnitTestCase.java
federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/wstrust/SAML20TokenProviderUnitTestCase.java
Log:
Fixed PicketLink STS related test cases
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLStatusResponseTypeParser.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLStatusResponseTypeParser.java 2010-12-01 15:44:48 UTC (rev 584)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLStatusResponseTypeParser.java 2010-12-04 01:55:23 UTC (rev 585)
@@ -131,6 +131,11 @@
subStatusCodeType.setValue( NetworkUtil.createURI( StaxParserUtil.getAttributeValue( subValueAttr )));
}
statusCode.setStatusCode( subStatusCodeType );
+
+ // Go to Status code end element.
+ EndElement endElement = StaxParserUtil.getNextEndElement(xmlEventReader);
+ StaxParserUtil.validate(endElement, JBossSAMLConstants.STATUS_CODE.get());
+ continue;
}
else
break;
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLSubjectParser.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLSubjectParser.java 2010-12-01 15:44:48 UTC (rev 584)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLSubjectParser.java 2010-12-04 01:55:23 UTC (rev 585)
@@ -1,27 +1,22 @@
/*
- * JBoss, Home of Professional Open Source.
- * Copyright 2008, Red Hat Middleware LLC, and individual contributors
- * as indicated by the @author tags. See the copyright.txt file in the
- * distribution for a full listing of individual contributors.
- *
- * This is free software; you can redistribute it and/or modify it
- * under the terms of the GNU Lesser General Public License as
- * published by the Free Software Foundation; either version 2.1 of
- * the License, or (at your option) any later version.
- *
- * This software is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public
- * License along with this software; if not, write to the Free
- * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
- * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ * JBoss, Home of Professional Open Source. Copyright 2008, Red Hat Middleware LLC, and individual contributors as
+ * indicated by the @author tags. See the copyright.txt file in the distribution for a full listing of individual
+ * contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either version 2.1 of the License, or (at your option) any
+ * later version.
+ *
+ * This software is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied
+ * warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
+ * details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License along with this software; if not, write to
+ * the Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA, or see the FSF site:
+ * http://www.fsf.org.
*/
package org.picketlink.identity.federation.core.parsers.saml;
-import javax.xml.bind.JAXBElement;
import javax.xml.namespace.QName;
import javax.xml.stream.XMLEventReader;
import javax.xml.stream.events.Attribute;
@@ -43,204 +38,286 @@
import org.picketlink.identity.federation.newmodel.saml.v2.assertion.SubjectType;
import org.picketlink.identity.federation.newmodel.saml.v2.assertion.SubjectType.STSubType;
import org.picketlink.identity.xmlsec.w3.xmldsig.KeyInfoType;
+import org.picketlink.identity.xmlsec.w3.xmldsig.KeyValueType;
+import org.picketlink.identity.xmlsec.w3.xmldsig.RSAKeyValueType;
+import org.picketlink.identity.xmlsec.w3.xmldsig.X509CertificateType;
import org.picketlink.identity.xmlsec.w3.xmldsig.X509DataType;
/**
* Parse the saml subject
+ *
* @author Anil.Saldhana(a)redhat.com
* @since Oct 12, 2010
*/
public class SAMLSubjectParser implements ParserNamespaceSupport
-{
+{
/**
* @see {@link ParserNamespaceSupport#parse(XMLEventReader)}
*/
public Object parse(XMLEventReader xmlEventReader) throws ParsingException
- {
- StaxParserUtil.getNextEvent(xmlEventReader);
+ {
+ StaxParserUtil.getNextEvent(xmlEventReader);
- SubjectType subject = new SubjectType();
+ SubjectType subject = new SubjectType();
- //Peek at the next event
- while( xmlEventReader.hasNext() )
- {
+ // Peek at the next event
+ while (xmlEventReader.hasNext())
+ {
XMLEvent xmlEvent = StaxParserUtil.peek(xmlEventReader);
- if( xmlEvent instanceof EndElement )
+ if (xmlEvent instanceof EndElement)
{
- EndElement endElement = (EndElement) xmlEvent;
- if( StaxParserUtil.matches(endElement , JBossSAMLConstants.SUBJECT.get() ))
+ EndElement endElement = (EndElement) xmlEvent;
+ if (StaxParserUtil.matches(endElement, JBossSAMLConstants.SUBJECT.get()))
{
endElement = StaxParserUtil.getNextEndElement(xmlEventReader);
- break;
- }
+ break;
+ }
else
- throw new RuntimeException( "Unknown End Element:" + StaxParserUtil.getEndElementName( endElement ) );
+ throw new RuntimeException("Unknown End Element:" + StaxParserUtil.getEndElementName(endElement));
}
- StartElement peekedElement = StaxParserUtil.peekNextStartElement( xmlEventReader );
- if( peekedElement == null )
- break;
+ StartElement peekedElement = StaxParserUtil.peekNextStartElement(xmlEventReader);
+ if (peekedElement == null)
+ break;
- String tag = StaxParserUtil.getStartElementName( peekedElement );
+ String tag = StaxParserUtil.getStartElementName(peekedElement);
- if( JBossSAMLConstants.NAMEID.get().equalsIgnoreCase( tag ) )
+ if (JBossSAMLConstants.NAMEID.get().equalsIgnoreCase(tag))
{
NameIDType nameID = SAMLParserUtil.parseNameIDType(xmlEventReader);
STSubType subType = new STSubType();
subType.addBaseID(nameID);
- subject.setSubType( subType );
- }
- else if( JBossSAMLConstants.SUBJECT_CONFIRMATION.get().equalsIgnoreCase( tag ) )
+ subject.setSubType(subType);
+ }
+ else if (JBossSAMLConstants.SUBJECT_CONFIRMATION.get().equalsIgnoreCase(tag))
{
- StartElement subjectConfirmationElement = StaxParserUtil.getNextStartElement( xmlEventReader );
- Attribute method = subjectConfirmationElement.getAttributeByName( new QName( JBossSAMLConstants.METHOD.get() ));
+ StartElement subjectConfirmationElement = StaxParserUtil.getNextStartElement(xmlEventReader);
+ Attribute method = subjectConfirmationElement
+ .getAttributeByName(new QName(JBossSAMLConstants.METHOD.get()));
- SubjectConfirmationType subjectConfirmationType = new SubjectConfirmationType();
+ SubjectConfirmationType subjectConfirmationType = new SubjectConfirmationType();
- if( method != null )
+ if (method != null)
{
- subjectConfirmationType.setMethod( StaxParserUtil.getAttributeValue( method ) );
- }
-
- //There may be additional things under subject confirmation
+ subjectConfirmationType.setMethod(StaxParserUtil.getAttributeValue(method));
+ }
+
+ // There may be additional things under subject confirmation
xmlEvent = StaxParserUtil.peek(xmlEventReader);
- if( xmlEvent instanceof StartElement )
+ if (xmlEvent instanceof StartElement)
{
StartElement startElement = (StartElement) xmlEvent;
String startTag = StaxParserUtil.getStartElementName(startElement);
-
- if( startTag.equals( JBossSAMLConstants.SUBJECT_CONFIRMATION_DATA.get() ))
+
+ if (startTag.equals(JBossSAMLConstants.SUBJECT_CONFIRMATION_DATA.get()))
{
SubjectConfirmationDataType subjectConfirmationData = parseSubjectConfirmationData(xmlEventReader);
- subjectConfirmationType.setSubjectConfirmationData( subjectConfirmationData );
+ subjectConfirmationType.setSubjectConfirmationData(subjectConfirmationData);
}
}
subject.addConfirmation(subjectConfirmationType);
- //Get the end tag
+ // Get the end tag
EndElement endElement = (EndElement) StaxParserUtil.getNextEvent(xmlEventReader);
- StaxParserUtil.matches(endElement, JBossSAMLConstants.SUBJECT_CONFIRMATION.get() );
- }
- else throw new RuntimeException( "Unknown tag:" + tag );
- }
+ StaxParserUtil.matches(endElement, JBossSAMLConstants.SUBJECT_CONFIRMATION.get());
+ }
+ else
+ throw new RuntimeException("Unknown tag:" + tag);
+ }
return subject;
}
/**
* @see {@link ParserNamespaceSupport#supports(QName)}
*/
- public boolean supports( QName qname )
- {
+ public boolean supports(QName qname)
+ {
String nsURI = qname.getNamespaceURI();
String localPart = qname.getLocalPart();
-
- return nsURI.equals( JBossSAMLURIConstants.ASSERTION_NSURI.get() )
- && localPart.equals( JBossSAMLConstants.SUBJECT.get() );
+
+ return nsURI.equals(JBossSAMLURIConstants.ASSERTION_NSURI.get())
+ && localPart.equals(JBossSAMLConstants.SUBJECT.get());
}
-
- private SubjectConfirmationDataType parseSubjectConfirmationData( XMLEventReader xmlEventReader ) throws ParsingException
+
+ private SubjectConfirmationDataType parseSubjectConfirmationData(XMLEventReader xmlEventReader)
+ throws ParsingException
{
StartElement startElement = StaxParserUtil.getNextStartElement(xmlEventReader);
- StaxParserUtil.validate(startElement, JBossSAMLConstants.SUBJECT_CONFIRMATION_DATA.get() );
-
+ StaxParserUtil.validate(startElement, JBossSAMLConstants.SUBJECT_CONFIRMATION_DATA.get());
+
SubjectConfirmationDataType subjectConfirmationData = new SubjectConfirmationDataType();
-
- Attribute inResponseTo = startElement.getAttributeByName( new QName( JBossSAMLConstants.IN_RESPONSE_TO.get() ));
- if( inResponseTo != null )
+
+ Attribute inResponseTo = startElement.getAttributeByName(new QName(JBossSAMLConstants.IN_RESPONSE_TO.get()));
+ if (inResponseTo != null)
{
- subjectConfirmationData.setInResponseTo( StaxParserUtil.getAttributeValue( inResponseTo ));
- }
-
- Attribute notBefore = startElement.getAttributeByName( new QName( JBossSAMLConstants.NOT_BEFORE.get() ));
- if( notBefore != null )
+ subjectConfirmationData.setInResponseTo(StaxParserUtil.getAttributeValue(inResponseTo));
+ }
+
+ Attribute notBefore = startElement.getAttributeByName(new QName(JBossSAMLConstants.NOT_BEFORE.get()));
+ if (notBefore != null)
{
- subjectConfirmationData.setNotBefore( XMLTimeUtil.parse( StaxParserUtil.getAttributeValue( notBefore )));
+ subjectConfirmationData.setNotBefore(XMLTimeUtil.parse(StaxParserUtil.getAttributeValue(notBefore)));
}
-
- Attribute notOnOrAfter = startElement.getAttributeByName( new QName( JBossSAMLConstants.NOT_ON_OR_AFTER.get() ));
- if( notOnOrAfter != null )
+
+ Attribute notOnOrAfter = startElement.getAttributeByName(new QName(JBossSAMLConstants.NOT_ON_OR_AFTER.get()));
+ if (notOnOrAfter != null)
{
- subjectConfirmationData.setNotOnOrAfter( XMLTimeUtil.parse( StaxParserUtil.getAttributeValue( notOnOrAfter )));
+ subjectConfirmationData.setNotOnOrAfter(XMLTimeUtil.parse(StaxParserUtil.getAttributeValue(notOnOrAfter)));
}
-
- Attribute recipient = startElement.getAttributeByName( new QName( JBossSAMLConstants.RECIPIENT.get() ));
- if( recipient != null )
+
+ Attribute recipient = startElement.getAttributeByName(new QName(JBossSAMLConstants.RECIPIENT.get()));
+ if (recipient != null)
{
- subjectConfirmationData.setRecipient( StaxParserUtil.getAttributeValue( recipient ));
+ subjectConfirmationData.setRecipient(StaxParserUtil.getAttributeValue(recipient));
}
-
- Attribute address = startElement.getAttributeByName( new QName( JBossSAMLConstants.ADDRESS.get() ));
- if( address != null )
+
+ Attribute address = startElement.getAttributeByName(new QName(JBossSAMLConstants.ADDRESS.get()));
+ if (address != null)
{
- subjectConfirmationData.setAddress( StaxParserUtil.getAttributeValue( address ));
+ subjectConfirmationData.setAddress(StaxParserUtil.getAttributeValue(address));
}
-
+
XMLEvent xmlEvent = StaxParserUtil.peek(xmlEventReader);
- if( ! ( xmlEvent instanceof EndElement ))
+ if (!(xmlEvent instanceof EndElement))
{
startElement = StaxParserUtil.peekNextStartElement(xmlEventReader);
String tag = StaxParserUtil.getStartElementName(startElement);
- if( tag.equals( WSTrustConstants.XMLDSig.KEYINFO ))
+ if (tag.equals(WSTrustConstants.XMLDSig.KEYINFO))
{
- KeyInfoType keyInfo = parseKeyInfo(xmlEventReader);
+ KeyInfoType keyInfo = parseKeyInfo(xmlEventReader);
subjectConfirmationData.setAnyType(keyInfo);
- }
- else if( tag.equals( WSTrustConstants.XMLEnc.ENCRYPTED_KEY ))
+ }
+ else if (tag.equals(WSTrustConstants.XMLEnc.ENCRYPTED_KEY))
{
- subjectConfirmationData.setAnyType( StaxParserUtil.getDOMElement(xmlEventReader));
+ subjectConfirmationData.setAnyType(StaxParserUtil.getDOMElement(xmlEventReader));
}
else
- throw new RuntimeException( "Handle:" + tag );
+ throw new RuntimeException("Handle:" + tag);
}
- //Get the end tag
+ // Get the end tag
EndElement endElement = (EndElement) StaxParserUtil.getNextEvent(xmlEventReader);
- StaxParserUtil.matches(endElement, JBossSAMLConstants.SUBJECT_CONFIRMATION_DATA.get() );
+ StaxParserUtil.matches(endElement, JBossSAMLConstants.SUBJECT_CONFIRMATION_DATA.get());
return subjectConfirmationData;
}
-
- private KeyInfoType parseKeyInfo( XMLEventReader xmlEventReader ) throws ParsingException
+
+ private KeyInfoType parseKeyInfo(XMLEventReader xmlEventReader) throws ParsingException
{
KeyInfoType keyInfo = new KeyInfoType();
StartElement startElement = StaxParserUtil.getNextStartElement(xmlEventReader);
- StaxParserUtil.validate(startElement, WSTrustConstants.XMLDSig.KEYINFO );
-
+ StaxParserUtil.validate(startElement, WSTrustConstants.XMLDSig.KEYINFO);
+
XMLEvent xmlEvent = null;
String tag = null;
-
- while( xmlEventReader.hasNext() )
+
+ while (xmlEventReader.hasNext())
{
xmlEvent = StaxParserUtil.peek(xmlEventReader);
- if( xmlEvent instanceof EndElement )
+ if (xmlEvent instanceof EndElement)
{
- tag = StaxParserUtil.getEndElementName( (EndElement) xmlEvent );
- if( tag.equals( WSTrustConstants.XMLDSig.KEYINFO ))
+ tag = StaxParserUtil.getEndElementName((EndElement) xmlEvent);
+ if (tag.equals(WSTrustConstants.XMLDSig.KEYINFO))
{
xmlEvent = StaxParserUtil.getNextEndElement(xmlEventReader);
break;
}
else
- throw new RuntimeException( "unknown end element:" + tag );
+ throw new RuntimeException("unknown end element:" + tag);
}
startElement = (StartElement) xmlEvent;
tag = StaxParserUtil.getStartElementName(startElement);
- if( tag.equals( WSTrustConstants.XMLDSig.X509DATA ))
+ if (tag.equals(WSTrustConstants.XMLEnc.ENCRYPTED_KEY))
{
+ keyInfo.getContent().add(StaxParserUtil.getDOMElement(xmlEventReader));
+ }
+ else if (tag.equals(WSTrustConstants.XMLDSig.X509DATA))
+ {
startElement = StaxParserUtil.getNextStartElement(xmlEventReader);
X509DataType x509 = new X509DataType();
- //Let us go for the X509 certificate
+
+ // Let us go for the X509 certificate
startElement = StaxParserUtil.getNextStartElement(xmlEventReader);
- StaxParserUtil.validate(startElement, WSTrustConstants.XMLDSig.X509CERT );
+ StaxParserUtil.validate(startElement, WSTrustConstants.XMLDSig.X509CERT);
+ X509CertificateType cert = new X509CertificateType();
String certValue = StaxParserUtil.getElementText(xmlEventReader);
- QName qname = new QName( WSTrustConstants.DSIG_NS, WSTrustConstants.XMLDSig.X509CERT, WSTrustConstants.XMLDSig.DSIG_PREFIX );
- JAXBElement<?> cert = new JAXBElement<byte[]>( qname, byte[].class, certValue.getBytes() );
- x509.getX509IssuerSerialOrX509SKIOrX509SubjectName().add( cert );
+ cert.setEncodedCertificate(certValue.getBytes());
+ x509.getX509IssuerSerialOrX509SKIOrX509SubjectName().add(cert);
+
EndElement endElement = StaxParserUtil.getNextEndElement(xmlEventReader);
- StaxParserUtil.validate(endElement, WSTrustConstants.XMLDSig.X509DATA );
+ StaxParserUtil.validate(endElement, WSTrustConstants.XMLDSig.X509DATA);
+ keyInfo.getContent().add(x509);
}
- }
+ else if (tag.equals(WSTrustConstants.XMLDSig.KEYVALUE))
+ {
+ startElement = StaxParserUtil.getNextStartElement(xmlEventReader);
+ KeyValueType keyValue = new KeyValueType();
+
+ startElement = StaxParserUtil.peekNextStartElement(xmlEventReader);
+ tag = StaxParserUtil.getStartElementName(startElement);
+ if (tag.equals(WSTrustConstants.XMLDSig.RSA_KEYVALUE))
+ {
+ keyValue.getContent().add(this.parseRSAKeyValue(xmlEventReader));
+ }
+ else if (tag.equals(WSTrustConstants.XMLDSig.DSA_KEYVALUE))
+ {
+ // TODO: parse the DSA key contents.
+ }
+ else
+ throw new ParsingException("Unknown element: " + tag);
+
+ EndElement endElement = StaxParserUtil.getNextEndElement(xmlEventReader);
+ StaxParserUtil.validate(endElement, WSTrustConstants.XMLDSig.KEYVALUE);
+
+ keyInfo.getContent().add(keyValue);
+ }
+ }
return keyInfo;
- }
+ }
+
+ private RSAKeyValueType parseRSAKeyValue(XMLEventReader xmlEventReader) throws ParsingException
+ {
+ StartElement startElement = StaxParserUtil.getNextStartElement(xmlEventReader);
+ StaxParserUtil.validate(startElement, WSTrustConstants.XMLDSig.RSA_KEYVALUE);
+
+ XMLEvent xmlEvent = null;
+ String tag = null;
+
+ RSAKeyValueType rsaKeyValue = new RSAKeyValueType();
+
+ while (xmlEventReader.hasNext())
+ {
+ xmlEvent = StaxParserUtil.peek(xmlEventReader);
+ if (xmlEvent instanceof EndElement)
+ {
+ tag = StaxParserUtil.getEndElementName((EndElement) xmlEvent);
+ if (tag.equals(WSTrustConstants.XMLDSig.RSA_KEYVALUE))
+ {
+ xmlEvent = StaxParserUtil.getNextEndElement(xmlEventReader);
+ break;
+ }
+ else
+ throw new RuntimeException("unknown end element:" + tag);
+ }
+
+ startElement = (StartElement) xmlEvent;
+ tag = StaxParserUtil.getStartElementName(startElement);
+ if (tag.equals(WSTrustConstants.XMLDSig.MODULUS))
+ {
+ startElement = StaxParserUtil.getNextStartElement(xmlEventReader);
+ String text = StaxParserUtil.getElementText(xmlEventReader);
+ rsaKeyValue.setModulus(text.getBytes());
+ }
+ else if (tag.equals(WSTrustConstants.XMLDSig.EXPONENT))
+ {
+ startElement = StaxParserUtil.getNextStartElement(xmlEventReader);
+ String text = StaxParserUtil.getElementText(xmlEventReader);
+ rsaKeyValue.setExponent(text.getBytes());
+ }
+ else
+ throw new ParsingException("Unknown element: " + tag);
+ }
+ return rsaKeyValue;
+ }
}
\ No newline at end of file
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/SAMLAssertionWriter.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/SAMLAssertionWriter.java 2010-12-01 15:44:48 UTC (rev 584)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/SAMLAssertionWriter.java 2010-12-04 01:55:23 UTC (rev 585)
@@ -1,23 +1,19 @@
/*
- * JBoss, Home of Professional Open Source.
- * Copyright 2008, Red Hat Middleware LLC, and individual contributors
- * as indicated by the @author tags. See the copyright.txt file in the
- * distribution for a full listing of individual contributors.
- *
- * This is free software; you can redistribute it and/or modify it
- * under the terms of the GNU Lesser General Public License as
- * published by the Free Software Foundation; either version 2.1 of
- * the License, or (at your option) any later version.
- *
- * This software is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public
- * License along with this software; if not, write to the Free
- * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
- * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ * JBoss, Home of Professional Open Source. Copyright 2008, Red Hat Middleware LLC, and individual contributors as
+ * indicated by the @author tags. See the copyright.txt file in the distribution for a full listing of individual
+ * contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either version 2.1 of the License, or (at your option) any
+ * later version.
+ *
+ * This software is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied
+ * warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
+ * details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License along with this software; if not, write to
+ * the Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA, or see the FSF site:
+ * http://www.fsf.org.
*/
package org.picketlink.identity.federation.core.saml.v2.writers;
@@ -39,6 +35,7 @@
import org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLURIConstants;
import org.picketlink.identity.federation.core.util.StaxUtil;
import org.picketlink.identity.federation.core.util.StringUtil;
+import org.picketlink.identity.federation.core.wstrust.WSTrustConstants;
import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AdviceType;
import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AssertionType;
import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AttributeStatementType;
@@ -64,10 +61,13 @@
import org.picketlink.identity.federation.newmodel.saml.v2.assertion.SubjectType.STSubType;
import org.picketlink.identity.federation.newmodel.saml.v2.assertion.URIType;
import org.picketlink.identity.xmlsec.w3.xmldsig.KeyInfoType;
+import org.picketlink.identity.xmlsec.w3.xmldsig.X509CertificateType;
+import org.picketlink.identity.xmlsec.w3.xmldsig.X509DataType;
import org.w3c.dom.Element;
/**
* Write the SAML Assertion to stream
+ *
* @author Anil.Saldhana(a)redhat.com
* @since Nov 2, 2010
*/
@@ -77,416 +77,457 @@
{
super(writer);
}
-
+
/**
* Write an {@code AssertionType} to stream
+ *
* @param assertion
* @param out
* @throws ProcessingException
*/
- public void write( AssertionType assertion ) throws ProcessingException
+ public void write(AssertionType assertion) throws ProcessingException
{
- StaxUtil.writeStartElement( writer, ASSERTION_PREFIX, JBossSAMLConstants.ASSERTION.get() , ASSERTION_NSURI.get() );
- StaxUtil.writeNameSpace( writer, ASSERTION_PREFIX, ASSERTION_NSURI.get() );
- StaxUtil.writeDefaultNameSpace( writer, ASSERTION_NSURI.get() );
+ StaxUtil.writeStartElement(writer, ASSERTION_PREFIX, JBossSAMLConstants.ASSERTION.get(), ASSERTION_NSURI.get());
+ StaxUtil.writeNameSpace(writer, ASSERTION_PREFIX, ASSERTION_NSURI.get());
+ StaxUtil.writeDefaultNameSpace(writer, ASSERTION_NSURI.get());
- //Attributes
- StaxUtil.writeAttribute( writer, JBossSAMLConstants.ID.get(), assertion.getID() );
- StaxUtil.writeAttribute( writer, JBossSAMLConstants.VERSION.get(), assertion.getVersion() );
- StaxUtil.writeAttribute( writer, JBossSAMLConstants.ISSUE_INSTANT.get(), assertion.getIssueInstant().toString() );
+ // Attributes
+ StaxUtil.writeAttribute(writer, JBossSAMLConstants.ID.get(), assertion.getID());
+ StaxUtil.writeAttribute(writer, JBossSAMLConstants.VERSION.get(), assertion.getVersion());
+ StaxUtil.writeAttribute(writer, JBossSAMLConstants.ISSUE_INSTANT.get(), assertion.getIssueInstant().toString());
NameIDType issuer = assertion.getIssuer();
- if( issuer != null )
- write( issuer, new QName( ASSERTION_NSURI.get(), JBossSAMLConstants.ISSUER.get() ) );
-
+ if (issuer != null)
+ write(issuer, new QName(ASSERTION_NSURI.get(), JBossSAMLConstants.ISSUER.get()));
+
SubjectType subject = assertion.getSubject();
- if( subject != null )
+ if (subject != null)
{
write(subject);
}
-
+
ConditionsType conditions = assertion.getConditions();
- if( conditions != null )
+ if (conditions != null)
{
- StaxUtil.writeStartElement( writer, ASSERTION_PREFIX, JBossSAMLConstants.CONDITIONS.get() , ASSERTION_NSURI.get() );
-
- StaxUtil.writeAttribute( writer, JBossSAMLConstants.NOT_BEFORE.get(), conditions.getNotBefore().toString() );
- StaxUtil.writeAttribute( writer, JBossSAMLConstants.NOT_ON_OR_AFTER.get(), conditions.getNotOnOrAfter().toString() );
-
+ StaxUtil.writeStartElement(writer, ASSERTION_PREFIX, JBossSAMLConstants.CONDITIONS.get(), ASSERTION_NSURI
+ .get());
+
+ StaxUtil.writeAttribute(writer, JBossSAMLConstants.NOT_BEFORE.get(), conditions.getNotBefore().toString());
+ StaxUtil.writeAttribute(writer, JBossSAMLConstants.NOT_ON_OR_AFTER.get(), conditions.getNotOnOrAfter()
+ .toString());
+
List<ConditionAbstractType> typeOfConditions = conditions.getConditions();
- if( typeOfConditions != null )
+ if (typeOfConditions != null)
{
- for( ConditionAbstractType typeCondition: typeOfConditions )
+ for (ConditionAbstractType typeCondition : typeOfConditions)
{
- if( typeCondition instanceof AudienceRestrictionType )
+ if (typeCondition instanceof AudienceRestrictionType)
{
AudienceRestrictionType art = (AudienceRestrictionType) typeCondition;
- StaxUtil.writeStartElement( writer, ASSERTION_PREFIX, JBossSAMLConstants.AUDIENCE_RESTRICTION.get() , ASSERTION_NSURI.get() );
+ StaxUtil.writeStartElement(writer, ASSERTION_PREFIX, JBossSAMLConstants.AUDIENCE_RESTRICTION.get(),
+ ASSERTION_NSURI.get());
List<URI> audiences = art.getAudience();
- if( audiences != null )
+ if (audiences != null)
{
- for( URI audience: audiences )
+ for (URI audience : audiences)
{
- StaxUtil.writeStartElement( writer, ASSERTION_PREFIX, JBossSAMLConstants.AUDIENCE.get() , ASSERTION_NSURI.get() );
- StaxUtil.writeCharacters(writer, audience.toString() );
- StaxUtil.writeEndElement( writer);
+ StaxUtil.writeStartElement(writer, ASSERTION_PREFIX, JBossSAMLConstants.AUDIENCE.get(),
+ ASSERTION_NSURI.get());
+ StaxUtil.writeCharacters(writer, audience.toString());
+ StaxUtil.writeEndElement(writer);
}
}
- StaxUtil.writeEndElement( writer);
+ StaxUtil.writeEndElement(writer);
}
}
}
- StaxUtil.writeEndElement( writer);
+ StaxUtil.writeEndElement(writer);
}
-
+
AdviceType advice = assertion.getAdvice();
- if( advice != null )
- throw new RuntimeException( "Advice needs to be handled" );
-
+ if (advice != null)
+ throw new RuntimeException("Advice needs to be handled");
+
Set<StatementAbstractType> statements = assertion.getStatements();
- if( statements != null )
+ if (statements != null)
{
- for( StatementAbstractType statement: statements )
+ for (StatementAbstractType statement : statements)
{
- if( statement instanceof AuthnStatementType )
+ if (statement instanceof AuthnStatementType)
{
- write( ( AuthnStatementType )statement );
+ write((AuthnStatementType) statement);
}
- else if( statement instanceof AttributeStatementType )
+ else if (statement instanceof AttributeStatementType)
{
- write( ( AttributeStatementType )statement );
+ write((AttributeStatementType) statement);
}
- else
- throw new RuntimeException( "unknown statement type=" + statement.getClass().getName() );
+ else
+ throw new RuntimeException("unknown statement type=" + statement.getClass().getName());
}
}
-
- StaxUtil.writeEndElement( writer);
- StaxUtil.flush( writer );
- }
-
+
+ StaxUtil.writeEndElement(writer);
+ StaxUtil.flush(writer);
+ }
+
/**
* Write an {@code StatementAbstractType} to stream
+ *
* @param statement
* @param out
* @throws ProcessingException
*/
- public void write( StatementAbstractType statement ) throws ProcessingException
+ public void write(StatementAbstractType statement) throws ProcessingException
{
- //TODO: handle this section
- throw new RuntimeException( "NYI" );
+ // TODO: handle this section
+ throw new RuntimeException("NYI");
}
-
- public void write( AttributeStatementType statement ) throws ProcessingException
+
+ public void write(AttributeStatementType statement) throws ProcessingException
{
- StaxUtil.writeStartElement( writer, ASSERTION_PREFIX, JBossSAMLConstants.ATTRIBUTE_STATEMENT.get() , ASSERTION_NSURI.get() );
-
+ StaxUtil.writeStartElement(writer, ASSERTION_PREFIX, JBossSAMLConstants.ATTRIBUTE_STATEMENT.get(),
+ ASSERTION_NSURI.get());
+
List<ASTChoiceType> attributes = statement.getAttributes();
- if( attributes != null )
+ if (attributes != null)
{
- for( ASTChoiceType attr : attributes )
+ for (ASTChoiceType attr : attributes)
{
AttributeType attributeType = attr.getAttribute();
- if( attributeType != null )
+ if (attributeType != null)
{
- write( attributeType );
+ write(attributeType);
}
EncryptedElementType encType = attr.getEncryptedAssertion();
- if( encType != null )
- throw new RuntimeException( "unable to write as it is NYI" );
+ if (encType != null)
+ throw new RuntimeException("unable to write as it is NYI");
}
- }
+ }
- StaxUtil.writeEndElement( writer);
- StaxUtil.flush( writer );
+ StaxUtil.writeEndElement(writer);
+ StaxUtil.flush(writer);
}
-
-
+
/**
* Write an {@code AuthnStatementType} to stream
+ *
* @param authnStatement
* @param out
* @throws ProcessingException
*/
- public void write( AuthnStatementType authnStatement ) throws ProcessingException
+ public void write(AuthnStatementType authnStatement) throws ProcessingException
{
- StaxUtil.writeStartElement( writer, ASSERTION_PREFIX, JBossSAMLConstants.AUTHN_STATEMENT.get() , ASSERTION_NSURI.get() );
-
+ StaxUtil.writeStartElement(writer, ASSERTION_PREFIX, JBossSAMLConstants.AUTHN_STATEMENT.get(), ASSERTION_NSURI
+ .get());
+
XMLGregorianCalendar authnInstant = authnStatement.getAuthnInstant();
- if( authnInstant != null )
- {
- StaxUtil.writeAttribute( writer, JBossSAMLConstants.AUTHN_INSTANT.get(), authnInstant.toString() );
+ if (authnInstant != null)
+ {
+ StaxUtil.writeAttribute(writer, JBossSAMLConstants.AUTHN_INSTANT.get(), authnInstant.toString());
}
-
+
AuthnContextType authnContext = authnStatement.getAuthnContext();
- if( authnContext != null )
- write( authnContext );
+ if (authnContext != null)
+ write(authnContext);
- StaxUtil.writeEndElement( writer);
- StaxUtil.flush( writer );
+ StaxUtil.writeEndElement(writer);
+ StaxUtil.flush(writer);
}
-
+
/**
* Write an {@code AuthnContextType} to stream
+ *
* @param authContext
* @param out
* @throws ProcessingException
*/
- public void write( AuthnContextType authContext ) throws ProcessingException
+ public void write(AuthnContextType authContext) throws ProcessingException
{
- StaxUtil.writeStartElement( writer, ASSERTION_PREFIX, JBossSAMLConstants.AUTHN_CONTEXT.get() , ASSERTION_NSURI.get() );
-
+ StaxUtil.writeStartElement(writer, ASSERTION_PREFIX, JBossSAMLConstants.AUTHN_CONTEXT.get(), ASSERTION_NSURI
+ .get());
+
AuthnContextTypeSequence sequence = authContext.getSequence();
- if( sequence != null )
+ if (sequence != null)
{
AuthnContextClassRefType authnContextClassRefType = sequence.getClassRef();
- if( authnContextClassRefType != null )
+ if (authnContextClassRefType != null)
{
- StaxUtil.writeStartElement( writer, ASSERTION_PREFIX, JBossSAMLConstants.AUTHN_CONTEXT_CLASS_REF.get() ,
- ASSERTION_NSURI.get() );
- StaxUtil.writeCharacters( writer, authnContextClassRefType.getValue().toASCIIString() );
- StaxUtil.writeEndElement( writer);
- }
-
+ StaxUtil.writeStartElement(writer, ASSERTION_PREFIX, JBossSAMLConstants.AUTHN_CONTEXT_CLASS_REF.get(),
+ ASSERTION_NSURI.get());
+ StaxUtil.writeCharacters(writer, authnContextClassRefType.getValue().toASCIIString());
+ StaxUtil.writeEndElement(writer);
+ }
+
Set<URIType> uriTypes = sequence.getURIType();
- if( uriTypes != null )
+ if (uriTypes != null)
{
- for( URIType uriType: uriTypes )
+ for (URIType uriType : uriTypes)
{
- if( uriType instanceof AuthnContextDeclType )
+ if (uriType instanceof AuthnContextDeclType)
{
- StaxUtil.writeStartElement( writer, ASSERTION_PREFIX, JBossSAMLConstants.AUTHN_CONTEXT_DECLARATION.get() ,
- ASSERTION_NSURI.get() );
- StaxUtil.writeCharacters( writer, uriType.getValue().toASCIIString() );
- StaxUtil.writeEndElement( writer);
+ StaxUtil.writeStartElement(writer, ASSERTION_PREFIX, JBossSAMLConstants.AUTHN_CONTEXT_DECLARATION
+ .get(), ASSERTION_NSURI.get());
+ StaxUtil.writeCharacters(writer, uriType.getValue().toASCIIString());
+ StaxUtil.writeEndElement(writer);
}
- if( uriType instanceof AuthnContextDeclRefType )
+ if (uriType instanceof AuthnContextDeclRefType)
{
- StaxUtil.writeStartElement( writer, ASSERTION_PREFIX, JBossSAMLConstants.AUTHN_CONTEXT_DECLARATION_REF.get() ,
- ASSERTION_NSURI.get() );
- StaxUtil.writeCharacters( writer, uriType.getValue().toASCIIString() );
- StaxUtil.writeEndElement( writer);
+ StaxUtil.writeStartElement(writer, ASSERTION_PREFIX, JBossSAMLConstants.AUTHN_CONTEXT_DECLARATION_REF
+ .get(), ASSERTION_NSURI.get());
+ StaxUtil.writeCharacters(writer, uriType.getValue().toASCIIString());
+ StaxUtil.writeEndElement(writer);
}
}
- }
+ }
}
-
+
Set<URI> authAuthorities = authContext.getAuthenticatingAuthority();
- if( authAuthorities != null )
+ if (authAuthorities != null)
{
- for( URI aa: authAuthorities )
+ for (URI aa : authAuthorities)
{
- StaxUtil.writeStartElement( writer, ASSERTION_PREFIX, JBossSAMLConstants.AUTHENTICATING_AUTHORITY.get() ,
- ASSERTION_NSURI.get() );
- StaxUtil.writeCharacters( writer, aa.toASCIIString() );
- StaxUtil.writeEndElement( writer);
+ StaxUtil.writeStartElement(writer, ASSERTION_PREFIX, JBossSAMLConstants.AUTHENTICATING_AUTHORITY.get(),
+ ASSERTION_NSURI.get());
+ StaxUtil.writeCharacters(writer, aa.toASCIIString());
+ StaxUtil.writeEndElement(writer);
}
- }
+ }
- StaxUtil.writeEndElement( writer);
- StaxUtil.flush( writer );
+ StaxUtil.writeEndElement(writer);
+ StaxUtil.flush(writer);
}
-
+
/**
* Write an {@code AttributeType} to stream
+ *
* @param attributeType
* @param out
* @throws ProcessingException
*/
- public void write( AttributeType attributeType ) throws ProcessingException
+ public void write(AttributeType attributeType) throws ProcessingException
{
- StaxUtil.writeStartElement( writer, ASSERTION_PREFIX, JBossSAMLConstants.ATTRIBUTE.get() , ASSERTION_NSURI.get() );
+ StaxUtil.writeStartElement(writer, ASSERTION_PREFIX, JBossSAMLConstants.ATTRIBUTE.get(), ASSERTION_NSURI.get());
String attributeName = attributeType.getName();
- if( attributeName != null )
+ if (attributeName != null)
{
- StaxUtil.writeAttribute( writer, JBossSAMLConstants.NAME.get(), attributeName );
+ StaxUtil.writeAttribute(writer, JBossSAMLConstants.NAME.get(), attributeName);
}
-
+
String friendlyName = attributeType.getFriendlyName();
- if( StringUtil.isNotNull( friendlyName ))
+ if (StringUtil.isNotNull(friendlyName))
{
- StaxUtil.writeAttribute( writer, JBossSAMLConstants.FRIENDLY_NAME.get(), friendlyName );
+ StaxUtil.writeAttribute(writer, JBossSAMLConstants.FRIENDLY_NAME.get(), friendlyName);
}
-
+
String nameFormat = attributeType.getNameFormat();
- if( StringUtil.isNotNull( nameFormat ))
+ if (StringUtil.isNotNull(nameFormat))
{
- StaxUtil.writeAttribute( writer, JBossSAMLConstants.NAME_FORMAT.get(), nameFormat );
+ StaxUtil.writeAttribute(writer, JBossSAMLConstants.NAME_FORMAT.get(), nameFormat);
}
-
- //Take care of other attributes such as x500:encoding
+
+ // Take care of other attributes such as x500:encoding
Map<QName, String> otherAttribs = attributeType.getOtherAttributes();
- if( otherAttribs != null )
+ if (otherAttribs != null)
{
List<String> nameSpacesDealt = new ArrayList<String>();
-
+
Iterator<QName> keySet = otherAttribs.keySet().iterator();
- while( keySet != null && keySet.hasNext() )
+ while (keySet != null && keySet.hasNext())
{
QName qname = keySet.next();
String ns = qname.getNamespaceURI();
- if( !nameSpacesDealt.contains( ns ))
+ if (!nameSpacesDealt.contains(ns))
{
- StaxUtil.writeNameSpace(writer, qname.getPrefix(), ns );
- nameSpacesDealt.add( ns );
- }
- String attribValue = otherAttribs.get( qname );
- StaxUtil.writeAttribute(writer, qname, attribValue );
+ StaxUtil.writeNameSpace(writer, qname.getPrefix(), ns);
+ nameSpacesDealt.add(ns);
+ }
+ String attribValue = otherAttribs.get(qname);
+ StaxUtil.writeAttribute(writer, qname, attribValue);
}
}
-
+
List<Object> attributeValues = attributeType.getAttributeValue();
- if( attributeValues != null )
+ if (attributeValues != null)
{
- for( Object attributeValue : attributeValues )
+ for (Object attributeValue : attributeValues)
{
- if( attributeValue instanceof String )
- {
- StaxUtil.writeStartElement( writer, ASSERTION_PREFIX, JBossSAMLConstants.ATTRIBUTE_VALUE.get() , ASSERTION_NSURI.get() );
+ if (attributeValue instanceof String)
+ {
+ StaxUtil.writeStartElement(writer, ASSERTION_PREFIX, JBossSAMLConstants.ATTRIBUTE_VALUE.get(),
+ ASSERTION_NSURI.get());
- StaxUtil.writeNameSpace( writer, "xsi", JBossSAMLURIConstants.XSI_NSURI.get() );
- StaxUtil.writeNameSpace( writer, "xs", JBossSAMLURIConstants.XMLSCHEMA_NSURI.get() );
- StaxUtil.writeAttribute( writer, JBossSAMLURIConstants.XSI_NSURI.get(), "type", "xs:string");
- StaxUtil.writeCharacters(writer, (String) attributeValue );
+ StaxUtil.writeNameSpace(writer, "xsi", JBossSAMLURIConstants.XSI_NSURI.get());
+ StaxUtil.writeNameSpace(writer, "xs", JBossSAMLURIConstants.XMLSCHEMA_NSURI.get());
+ StaxUtil.writeAttribute(writer, JBossSAMLURIConstants.XSI_NSURI.get(), "type", "xs:string");
+ StaxUtil.writeCharacters(writer, (String) attributeValue);
- StaxUtil.writeEndElement( writer);
+ StaxUtil.writeEndElement(writer);
}
- else
- throw new RuntimeException( "Unsupported attribute value:" + attributeValue.getClass().getName() );
+ else
+ throw new RuntimeException("Unsupported attribute value:" + attributeValue.getClass().getName());
}
}
- StaxUtil.writeEndElement( writer);
- StaxUtil.flush( writer );
+ StaxUtil.writeEndElement(writer);
+ StaxUtil.flush(writer);
}
-
+
/**
* write an {@code SubjectType} to stream
+ *
* @param subject
* @param out
* @throws ProcessingException
*/
- public void write( SubjectType subject ) throws ProcessingException
+ public void write(SubjectType subject) throws ProcessingException
{
- StaxUtil.writeStartElement( writer, ASSERTION_PREFIX, JBossSAMLConstants.SUBJECT.get() , ASSERTION_NSURI.get() );
-
+ StaxUtil.writeStartElement(writer, ASSERTION_PREFIX, JBossSAMLConstants.SUBJECT.get(), ASSERTION_NSURI.get());
+
STSubType subType = subject.getSubType();
- if( subType != null )
+ if (subType != null)
{
BaseIDAbstractType baseID = subType.getBaseID();
- if( baseID instanceof NameIDType )
+ if (baseID instanceof NameIDType)
{
NameIDType nameIDType = (NameIDType) baseID;
- write( nameIDType, new QName( ASSERTION_NSURI.get(), JBossSAMLConstants.NAMEID.get(), ASSERTION_PREFIX) );
+ write(nameIDType, new QName(ASSERTION_NSURI.get(), JBossSAMLConstants.NAMEID.get(), ASSERTION_PREFIX));
}
EncryptedElementType enc = subType.getEncryptedID();
- if( enc != null )
- throw new RuntimeException( "NYI" );
+ if (enc != null)
+ throw new RuntimeException("NYI");
List<SubjectConfirmationType> confirmations = subType.getConfirmation();
- if( confirmations != null )
+ if (confirmations != null)
{
- for( SubjectConfirmationType confirmation: confirmations )
+ for (SubjectConfirmationType confirmation : confirmations)
{
- write( confirmation );
+ write(confirmation);
}
}
}
List<SubjectConfirmationType> subjectConfirmations = subject.getConfirmation();
- if( subjectConfirmations != null )
+ if (subjectConfirmations != null)
{
- for( SubjectConfirmationType subjectConfirmationType : subjectConfirmations )
+ for (SubjectConfirmationType subjectConfirmationType : subjectConfirmations)
{
- write( subjectConfirmationType );
+ write(subjectConfirmationType);
}
}
-
- StaxUtil.writeEndElement( writer);
- StaxUtil.flush( writer );
+ StaxUtil.writeEndElement(writer);
+ StaxUtil.flush(writer);
}
-
- private void write( BaseIDAbstractType baseId ) throws ProcessingException
+
+ private void write(BaseIDAbstractType baseId) throws ProcessingException
{
- throw new RuntimeException( "NYI");
+ throw new RuntimeException("NYI");
}
-
- private void write( SubjectConfirmationType subjectConfirmationType ) throws ProcessingException
+
+ private void write(SubjectConfirmationType subjectConfirmationType) throws ProcessingException
{
- StaxUtil.writeStartElement( writer, ASSERTION_PREFIX, JBossSAMLConstants.SUBJECT_CONFIRMATION.get(), ASSERTION_NSURI.get() );
-
- StaxUtil.writeAttribute(writer, JBossSAMLConstants.METHOD.get(), subjectConfirmationType.getMethod() );
-
+ StaxUtil.writeStartElement(writer, ASSERTION_PREFIX, JBossSAMLConstants.SUBJECT_CONFIRMATION.get(),
+ ASSERTION_NSURI.get());
+
+ StaxUtil.writeAttribute(writer, JBossSAMLConstants.METHOD.get(), subjectConfirmationType.getMethod());
+
BaseIDAbstractType baseID = subjectConfirmationType.getBaseID();
- if( baseID != null )
+ if (baseID != null)
{
- write( baseID );
+ write(baseID);
}
NameIDType nameIDType = subjectConfirmationType.getNameID();
- if( nameIDType != null )
+ if (nameIDType != null)
{
- write( nameIDType, new QName( ASSERTION_NSURI.get(), JBossSAMLConstants.NAMEID.get(), ASSERTION_PREFIX) );
+ write(nameIDType, new QName(ASSERTION_NSURI.get(), JBossSAMLConstants.NAMEID.get(), ASSERTION_PREFIX));
}
SubjectConfirmationDataType subjectConfirmationData = subjectConfirmationType.getSubjectConfirmationData();
- if( subjectConfirmationData != null )
+ if (subjectConfirmationData != null)
{
- write( subjectConfirmationData );
- }
- StaxUtil.writeEndElement( writer);
+ write(subjectConfirmationData);
+ }
+ StaxUtil.writeEndElement(writer);
}
-
- private void write( SubjectConfirmationDataType subjectConfirmationData ) throws ProcessingException
+
+ private void write(SubjectConfirmationDataType subjectConfirmationData) throws ProcessingException
{
- StaxUtil.writeStartElement( writer, ASSERTION_PREFIX, JBossSAMLConstants.SUBJECT_CONFIRMATION_DATA.get(), ASSERTION_NSURI.get() );
-
- //Let us look at attributes
+ StaxUtil.writeStartElement(writer, ASSERTION_PREFIX, JBossSAMLConstants.SUBJECT_CONFIRMATION_DATA.get(),
+ ASSERTION_NSURI.get());
+
+ // Let us look at attributes
String inResponseTo = subjectConfirmationData.getInResponseTo();
- if( StringUtil.isNotNull( inResponseTo ))
+ if (StringUtil.isNotNull(inResponseTo))
{
- StaxUtil.writeAttribute(writer, JBossSAMLConstants.IN_RESPONSE_TO.get(), inResponseTo );
+ StaxUtil.writeAttribute(writer, JBossSAMLConstants.IN_RESPONSE_TO.get(), inResponseTo);
}
-
+
XMLGregorianCalendar notBefore = subjectConfirmationData.getNotBefore();
- if( notBefore != null )
+ if (notBefore != null)
{
- StaxUtil.writeAttribute(writer, JBossSAMLConstants.NOT_BEFORE.get(),notBefore.toString() );
+ StaxUtil.writeAttribute(writer, JBossSAMLConstants.NOT_BEFORE.get(), notBefore.toString());
}
-
+
XMLGregorianCalendar notOnOrAfter = subjectConfirmationData.getNotOnOrAfter();
- if( notOnOrAfter != null )
+ if (notOnOrAfter != null)
{
- StaxUtil.writeAttribute(writer, JBossSAMLConstants.NOT_ON_OR_AFTER.get(),notOnOrAfter.toString() );
+ StaxUtil.writeAttribute(writer, JBossSAMLConstants.NOT_ON_OR_AFTER.get(), notOnOrAfter.toString());
}
-
+
String recipient = subjectConfirmationData.getRecipient();
- if( StringUtil.isNotNull( recipient ))
+ if (StringUtil.isNotNull(recipient))
{
- StaxUtil.writeAttribute(writer, JBossSAMLConstants.RECIPIENT.get(), recipient );
+ StaxUtil.writeAttribute(writer, JBossSAMLConstants.RECIPIENT.get(), recipient);
}
-
+
String address = subjectConfirmationData.getAddress();
- if( StringUtil.isNotNull( address ))
+ if (StringUtil.isNotNull(address))
{
- StaxUtil.writeAttribute(writer, JBossSAMLConstants.ADDRESS.get(), address );
+ StaxUtil.writeAttribute(writer, JBossSAMLConstants.ADDRESS.get(), address);
}
-
- Object anyType = subjectConfirmationData.getAnyType();
- if( anyType instanceof KeyInfoConfirmationDataType )
+
+ if (subjectConfirmationData instanceof KeyInfoConfirmationDataType)
{
- KeyInfoConfirmationDataType kicd = (KeyInfoConfirmationDataType) anyType;
- Element keyInfoElement = kicd.getKeyInfo();
- StaxUtil.writeDOMNode(writer, keyInfoElement);
+ KeyInfoConfirmationDataType kicd = (KeyInfoConfirmationDataType) subjectConfirmationData;
+ KeyInfoType keyInfo = (KeyInfoType) kicd.getAnyType();
+ if (keyInfo.getContent() == null || keyInfo.getContent().size() == 0)
+ throw new ProcessingException("Invalid KeyInfo object: content cannot be empty");
+ StaxUtil.writeStartElement(this.writer, WSTrustConstants.XMLDSig.DSIG_PREFIX,
+ WSTrustConstants.XMLDSig.KEYINFO, WSTrustConstants.XMLDSig.DSIG_NS);
+ StaxUtil.writeNameSpace(this.writer, WSTrustConstants.XMLDSig.DSIG_PREFIX, WSTrustConstants.XMLDSig.DSIG_NS);
+ // write the keyInfo content.
+ Object content = keyInfo.getContent().get(0);
+ if (content instanceof Element)
+ {
+ Element element = (Element) keyInfo.getContent().get(0);
+ StaxUtil.writeDOMNode(this.writer, element);
+ }
+ else if (content instanceof X509DataType)
+ {
+ X509DataType type = (X509DataType) content;
+ if (type.getX509IssuerSerialOrX509SKIOrX509SubjectName().size() == 0)
+ throw new ProcessingException("X509Data cannot be empy");
+ StaxUtil.writeStartElement(this.writer, WSTrustConstants.XMLDSig.DSIG_PREFIX,
+ WSTrustConstants.XMLDSig.X509DATA, WSTrustConstants.XMLDSig.DSIG_NS);
+ Object obj = type.getX509IssuerSerialOrX509SKIOrX509SubjectName().get(0);
+ if (obj instanceof Element)
+ {
+ Element element = (Element) obj;
+ StaxUtil.writeDOMElement(this.writer, element);
+ }
+ else if (obj instanceof X509CertificateType)
+ {
+ X509CertificateType cert = (X509CertificateType) obj;
+ StaxUtil.writeStartElement(this.writer, WSTrustConstants.XMLDSig.DSIG_PREFIX,
+ WSTrustConstants.XMLDSig.X509CERT, WSTrustConstants.XMLDSig.DSIG_NS);
+ StaxUtil.writeCharacters(this.writer, new String(cert.getEncodedCertificate()));
+ StaxUtil.writeEndElement(this.writer);
+ }
+ StaxUtil.writeEndElement(this.writer);
+ }
+ StaxUtil.writeEndElement(this.writer);
}
- else if( anyType instanceof KeyInfoType )
- {
- KeyInfoType keyInfo = (KeyInfoType) anyType;
- Element el = (Element) keyInfo.getContent().get(0);
- StaxUtil.writeDOMNode(writer, el);
- }
- else throw new RuntimeException( "Need to handle:" + anyType );
- StaxUtil.writeEndElement( writer);
- StaxUtil.flush( writer );
+ StaxUtil.writeEndElement(writer);
+ StaxUtil.flush(writer);
}
}
\ No newline at end of file
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/StandardRequestHandler.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/StandardRequestHandler.java 2010-12-01 15:44:48 UTC (rev 584)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/StandardRequestHandler.java 2010-12-04 01:55:23 UTC (rev 585)
@@ -233,17 +233,15 @@
{
UseKeyType useKeyType = request.getUseKey();
Object value = useKeyType.getAny();
- if (value instanceof JAXBElement<?> || value instanceof Element)
+ if (value instanceof Element)
{
- String elementName = (value instanceof Element)
- ? ((Element) value).getLocalName()
- : ((JAXBElement<?>) value).getName().getLocalPart();
+ String elementName = ((Element) value).getLocalName();
// if the specified key is a X509 certificate we must insert it into a X509Data element.
if (elementName.equals("X509Certificate"))
{
X509DataType data = new X509DataType();
data.getX509IssuerSerialOrX509SKIOrX509SubjectName().add(value);
- value = new org.picketlink.identity.xmlsec.w3.xmldsig.ObjectFactory().createX509Data(data);
+ value = data;
}
KeyInfoType keyInfo = new KeyInfoType();
keyInfo.getContent().add(value);
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/WSTrustConstants.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/WSTrustConstants.java 2010-12-01 15:44:48 UTC (rev 584)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/WSTrustConstants.java 2010-12-04 01:55:23 UTC (rev 585)
@@ -124,6 +124,7 @@
String MODULUS = "Modulus";
String DSIG_PREFIX = "ds";
String RSA_KEYVALUE = "RSAKeyValue";
+ String DSA_KEYVALUE = "DSAKeyValue";
String X509DATA = "X509Data";
String X509CERT = "X509Certificate";
}
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/WSTrustUtil.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/WSTrustUtil.java 2010-12-01 15:44:48 UTC (rev 584)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/WSTrustUtil.java 2010-12-04 01:55:23 UTC (rev 585)
@@ -66,6 +66,7 @@
import org.picketlink.identity.xmlsec.w3.xmldsig.KeyInfoType;
import org.picketlink.identity.xmlsec.w3.xmldsig.KeyValueType;
import org.picketlink.identity.xmlsec.w3.xmldsig.RSAKeyValueType;
+import org.picketlink.identity.xmlsec.w3.xmldsig.X509CertificateType;
import org.picketlink.identity.xmlsec.w3.xmldsig.X509DataType;
import org.w3c.dom.Document;
import org.w3c.dom.Element;
@@ -445,14 +446,14 @@
byte[] encodedCert = certificate.getEncoded();
// first create a X509DataType that contains the encoded certificate.
- org.picketlink.identity.xmlsec.w3.xmldsig.ObjectFactory factory = new org.picketlink.identity.xmlsec.w3.xmldsig.ObjectFactory();
- X509DataType dataType = factory.createX509DataType();
- dataType.getX509IssuerSerialOrX509SKIOrX509SubjectName().add(
- factory.createX509DataTypeX509Certificate(encodedCert));
-
+ X509DataType x509 = new X509DataType();
+ X509CertificateType cert = new X509CertificateType();
+ cert.setEncodedCertificate(Base64.encodeBytes(encodedCert).getBytes());
+ x509.getX509IssuerSerialOrX509SKIOrX509SubjectName().add(cert);
+
// set the X509DataType in the KeyInfoType.
keyInfo = new KeyInfoType();
- keyInfo.getContent().add(factory.createX509Data(dataType));
+ keyInfo.getContent().add(x509);
}
catch (Exception e)
{
Modified: federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/wstrust/PicketLinkSTSUnitTestCase.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/wstrust/PicketLinkSTSUnitTestCase.java 2010-12-01 15:44:48 UTC (rev 584)
+++ federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/wstrust/PicketLinkSTSUnitTestCase.java 2010-12-04 01:55:23 UTC (rev 585)
@@ -94,6 +94,7 @@
import org.picketlink.identity.xmlsec.w3.xmldsig.KeyInfoType;
import org.picketlink.identity.xmlsec.w3.xmldsig.KeyValueType;
import org.picketlink.identity.xmlsec.w3.xmldsig.RSAKeyValueType;
+import org.picketlink.identity.xmlsec.w3.xmldsig.X509CertificateType;
import org.picketlink.identity.xmlsec.w3.xmldsig.X509DataType;
import org.picketlink.identity.xmlsec.w3.xmlenc.EncryptedKeyType;
import org.w3c.dom.Document;
@@ -305,9 +306,8 @@
// invoke the token service.
Source responseMessage = this.tokenService.invoke(requestMessage);
- InputStream is = DocumentUtil.getSourceAsStream(responseMessage);
- BaseRequestSecurityTokenResponse baseResponse = (BaseRequestSecurityTokenResponse) new WSTrustParser()
- .parse( is );
+ InputStream is = DocumentUtil.getSourceAsStream(responseMessage);
+ BaseRequestSecurityTokenResponse baseResponse = (BaseRequestSecurityTokenResponse) new WSTrustParser().parse(is);
// validate the security token response.
this.validateSAMLAssertionResponse(baseResponse, "testcontext", "jduke", SAMLUtil.SAML2_BEARER_URI);
}
@@ -412,7 +412,7 @@
*
* @throws Exception
* if an error occurs while running the test.
- */
+ */
public void testInvokeSAML20WithSTSGeneratedSymmetricKey() throws Exception
{
// create a simple token request, asking for a SAMLv2.0 token.
@@ -432,7 +432,8 @@
AssertionType assertion = this.validateSAMLAssertionResponse(baseResponse, "testcontext", "jduke",
SAMLUtil.SAML2_HOLDER_OF_KEY_URI);
// validate the holder of key contents.
- SubjectConfirmationType subjConfirmation = (SubjectConfirmationType) assertion.getSubject().getConfirmation().get(0);
+ SubjectConfirmationType subjConfirmation = (SubjectConfirmationType) assertion.getSubject().getConfirmation()
+ .get(0);
this.validateHolderOfKeyContents(subjConfirmation, WSTrustConstants.KEY_TYPE_SYMMETRIC, null, false);
// check if the response contains the STS-generated key.
@@ -458,7 +459,7 @@
*
* @throws Exception
* if an error occurs while running the test.
- */
+ */
public void testInvokeSAML20WithCombinedSymmetricKey() throws Exception
{
// create a 64-bit random client secret.
@@ -488,7 +489,8 @@
AssertionType assertion = this.validateSAMLAssertionResponse(baseResponse, "testcontext", "jduke",
SAMLUtil.SAML2_HOLDER_OF_KEY_URI);
// validate the holder of key contents.
- SubjectConfirmationType subjConfirmation = (SubjectConfirmationType) assertion.getSubject().getConfirmation().get(1) ;
+ SubjectConfirmationType subjConfirmation = (SubjectConfirmationType) assertion.getSubject().getConfirmation()
+ .get(0);
this.validateHolderOfKeyContents(subjConfirmation, WSTrustConstants.KEY_TYPE_SYMMETRIC, null, false);
RequestSecurityTokenResponseCollection collection = (RequestSecurityTokenResponseCollection) baseResponse;
@@ -542,7 +544,8 @@
AssertionType assertion = this.validateSAMLAssertionResponse(baseResponse, "testcontext", "jduke",
SAMLUtil.SAML2_HOLDER_OF_KEY_URI);
// validate the holder of key contents.
- SubjectConfirmationType subjConfirmation = (SubjectConfirmationType) assertion.getSubject().getConfirmation().get(0);
+ SubjectConfirmationType subjConfirmation = (SubjectConfirmationType) assertion.getSubject().getConfirmation()
+ .get(0);
this.validateHolderOfKeyContents(subjConfirmation, WSTrustConstants.KEY_TYPE_PUBLIC, certificate, false);
}
@@ -579,7 +582,8 @@
AssertionType assertion = this.validateSAMLAssertionResponse(baseResponse, "testcontext", "jduke",
SAMLUtil.SAML2_HOLDER_OF_KEY_URI);
// validate the holder of key contents.
- SubjectConfirmationType subjConfirmation = (SubjectConfirmationType) assertion.getSubject().getConfirmation().get(0) ;
+ SubjectConfirmationType subjConfirmation = (SubjectConfirmationType) assertion.getSubject().getConfirmation()
+ .get(0);
this.validateHolderOfKeyContents(subjConfirmation, WSTrustConstants.KEY_TYPE_PUBLIC, certificate, true);
}
@@ -1093,7 +1097,8 @@
Element element = (Element) requestedToken.getAny();
assertEquals("Unexpected root element name", "SpecialToken", element.getLocalName());
assertEquals("Unexpected namespace value", "http://www.tokens.org", element.getNamespaceURI());
- assertEquals("Unexpected attribute value", "http://www.tokens.org/SpecialToken", element.getAttribute("TokenType"));
+ assertEquals("Unexpected attribute value", "http://www.tokens.org/SpecialToken", element
+ .getAttribute("TokenType"));
element = (Element) element.getFirstChild();
assertEquals("Unexpected child element name", "SpecialTokenValue", element.getLocalName());
assertEquals("Unexpected token value", "Principal:jduke", element.getFirstChild().getNodeValue());
@@ -1153,7 +1158,7 @@
// unmarshall the SAMLV2.0 assertion.
Element assertionElement = (Element) requestedToken.getAny();
- System.out.println( DocumentUtil.getNodeAsString(assertionElement));
+ System.out.println(DocumentUtil.getNodeAsString(assertionElement));
AssertionType assertion = SAMLUtil.fromElement(assertionElement);
// verify the contents of the unmarshalled assertion.
@@ -1168,11 +1173,11 @@
// validate the assertion subject.
assertNotNull("Unexpected null subject", assertion.getSubject());
SubjectType subject = assertion.getSubject();
-
+
NameIDType nameID = (NameIDType) subject.getSubType().getBaseID();
assertEquals("Unexpected name id qualifier", "urn:picketlink:identity-federation", nameID.getNameQualifier());
assertEquals("Unexpected name id value", principal, nameID.getValue());
-
+
SubjectConfirmationType subjType = (SubjectConfirmationType) subject.getConfirmation().get(0);
assertEquals("Unexpected confirmation method", confirmationMethod, subjType.getMethod());
@@ -1209,14 +1214,15 @@
{
SubjectConfirmationDataType subjConfirmationDataType = subjectConfirmation.getSubjectConfirmationData();
assertNotNull("Unexpected null subject confirmation data", subjConfirmationDataType);
- KeyInfoType keyInfo = (KeyInfoType)subjConfirmationDataType.getAnyType();
+ KeyInfoType keyInfo = (KeyInfoType) subjConfirmationDataType.getAnyType();
assertEquals("Unexpected key info content size", 1, keyInfo.getContent().size());
// if the key is a symmetric key, the KeyInfo should contain an encrypted element.
if (WSTrustConstants.KEY_TYPE_SYMMETRIC.equals(keyType))
{
- JAXBElement<?> encKeyElement = (JAXBElement<?>) keyInfo.getContent().get(0);
- assertEquals("Unexpected key info content type", EncryptedKeyType.class, encKeyElement.getDeclaredType());
+ Element encKeyElement = (Element) keyInfo.getContent().get(0);
+ assertEquals("Unexpected key info content type", WSTrustConstants.XMLEnc.ENCRYPTED_KEY, encKeyElement
+ .getLocalName());
}
// if the key is public, KeyInfo should either contain an encoded certificate or an encoded public key.
else if (WSTrustConstants.KEY_TYPE_PUBLIC.equals(keyType))
@@ -1224,19 +1230,15 @@
// if the public key has been used as proof, we should be able to retrieve it from KeyValueType.
if (usePublicKey == true)
{
- JAXBElement<?> keyValueElement = (JAXBElement<?>) keyInfo.getContent().get(0);
- assertEquals("Unexpected key info content type", KeyValueType.class, keyValueElement.getDeclaredType());
- KeyValueType keyValue = (KeyValueType) keyValueElement.getValue();
+ KeyValueType keyValue = (KeyValueType) keyInfo.getContent().get(0);
List<Object> keyValueContent = keyValue.getContent();
assertEquals("Unexpected key value content size", 1, keyValueContent.size());
- JAXBElement<?> rsaKeyValueElement = (JAXBElement<?>) keyValue.getContent().get(0);
- assertEquals("Unexpected key value content type", RSAKeyValueType.class, rsaKeyValueElement
- .getDeclaredType());
- RSAKeyValueType rsaKeyValue = (RSAKeyValueType) rsaKeyValueElement.getValue();
+ assertEquals("Unexpected key value content type", RSAKeyValueType.class, keyValueContent.get(0).getClass());
+ RSAKeyValueType rsaKeyValue = (RSAKeyValueType) keyValueContent.get(0);
// reconstruct the public key and check if it matches the public key of the provided certificate.
- BigInteger modulus = new BigInteger(1, rsaKeyValue.getModulus());
- BigInteger exponent = new BigInteger(1, rsaKeyValue.getExponent());
+ BigInteger modulus = new BigInteger(1, Base64.decode(new String(rsaKeyValue.getModulus())));
+ BigInteger exponent = new BigInteger(1, Base64.decode(new String(rsaKeyValue.getExponent())));
KeyFactory factory = KeyFactory.getInstance("RSA");
RSAPublicKeySpec spec = new RSAPublicKeySpec(modulus, exponent);
RSAPublicKey genKey = (RSAPublicKey) factory.generatePublic(spec);
@@ -1245,18 +1247,16 @@
// if the whole certificate was used as proof, we should be able to retrieve it from X509DataType.
else
{
- JAXBElement<?> x509DataElement = (JAXBElement<?>) keyInfo.getContent().get(0);
- assertEquals("Unexpected key info content type", X509DataType.class, x509DataElement.getDeclaredType());
- X509DataType x509Data = (X509DataType) x509DataElement.getValue();
+ X509DataType x509Data = (X509DataType) keyInfo.getContent().get(0);
assertEquals("Unexpected X509 data content size", 1, x509Data
.getX509IssuerSerialOrX509SKIOrX509SubjectName().size());
- JAXBElement<?> x509CertElement = (JAXBElement<?>) x509Data.getX509IssuerSerialOrX509SKIOrX509SubjectName()
- .get(0);
- assertEquals("Unexpected X509 data content type", byte[].class, x509CertElement.getDeclaredType());
- byte[] encodedCertificate = (byte[]) x509CertElement.getValue();
+ Object content = x509Data.getX509IssuerSerialOrX509SKIOrX509SubjectName().get(0);
+ assertTrue("Unexpected X509 data content type", content instanceof X509CertificateType);
+ byte[] encodedCertificate = ((X509CertificateType) content).getEncodedCertificate();
// reconstruct the certificate and check if it matches the provided certificate.
- ByteArrayInputStream byteInputStream = new ByteArrayInputStream(encodedCertificate);
+ ByteArrayInputStream byteInputStream = new ByteArrayInputStream(Base64.decode(encodedCertificate, 0,
+ encodedCertificate.length));
assertEquals("Invalid certificate in key info", certificate, CertificateFactory.getInstance("X.509")
.generateCertificate(byteInputStream));
}
Modified: federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/wstrust/SAML20TokenProviderUnitTestCase.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/wstrust/SAML20TokenProviderUnitTestCase.java 2010-12-01 15:44:48 UTC (rev 584)
+++ federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/wstrust/SAML20TokenProviderUnitTestCase.java 2010-12-04 01:55:23 UTC (rev 585)
@@ -1,23 +1,19 @@
/*
- * JBoss, Home of Professional Open Source.
- * Copyright 2009, Red Hat Middleware LLC, and individual contributors
- * as indicated by the @author tags. See the copyright.txt file in the
- * distribution for a full listing of individual contributors.
- *
- * This is free software; you can redistribute it and/or modify it
- * under the terms of the GNU Lesser General Public License as
- * published by the Free Software Foundation; either version 2.1 of
- * the License, or (at your option) any later version.
- *
- * This software is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public
- * License along with this software; if not, write to the Free
- * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
- * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ * JBoss, Home of Professional Open Source. Copyright 2009, Red Hat Middleware LLC, and individual contributors as
+ * indicated by the @author tags. See the copyright.txt file in the distribution for a full listing of individual
+ * contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either version 2.1 of the License, or (at your option) any
+ * later version.
+ *
+ * This software is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied
+ * warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
+ * details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License along with this software; if not, write to
+ * the Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA, or see the FSF site:
+ * http://www.fsf.org.
*/
package org.picketlink.test.identity.federation.core.wstrust;
@@ -34,7 +30,6 @@
import java.util.GregorianCalendar;
import java.util.HashMap;
-import javax.xml.bind.JAXBElement;
import javax.xml.namespace.QName;
import javax.xml.transform.Source;
import javax.xml.transform.dom.DOMResult;
@@ -43,6 +38,7 @@
import org.junit.Test;
import org.picketlink.identity.federation.core.parsers.saml.SAMLAssertionParser;
import org.picketlink.identity.federation.core.saml.v2.util.DocumentUtil;
+import org.picketlink.identity.federation.core.util.Base64;
import org.picketlink.identity.federation.core.wstrust.SecurityToken;
import org.picketlink.identity.federation.core.wstrust.WSTrustConstants;
import org.picketlink.identity.federation.core.wstrust.WSTrustRequestContext;
@@ -65,6 +61,7 @@
import org.picketlink.identity.federation.ws.wss.secext.KeyIdentifierType;
import org.picketlink.identity.federation.ws.wss.secext.SecurityTokenReferenceType;
import org.picketlink.identity.xmlsec.w3.xmldsig.KeyInfoType;
+import org.picketlink.identity.xmlsec.w3.xmldsig.X509CertificateType;
import org.picketlink.identity.xmlsec.w3.xmldsig.X509DataType;
import org.w3c.dom.Document;
import org.w3c.dom.Element;
@@ -80,22 +77,23 @@
{
private SAML20TokenProvider provider;
-
+
/**
* <p>
* Tests the issuance of a SAMLV2.0 Assertion.
* </p>
*
- * @throws Exception if an error occurs while running the test.
+ * @throws Exception
+ * if an error occurs while running the test.
*/
@Test
public void testIssueSAMLV20Token() throws Exception
- {
+ {
this.provider = new SAML20TokenProvider();
provider.initialize(new HashMap<String, String>());
-
+
SAMLAssertionParser assertionParser = new SAMLAssertionParser();
-
+
// create a WSTrustRequestContext with a simple WS-Trust request.
RequestSecurityToken request = new RequestSecurityToken();
request.setLifetime(WSTrustUtil.createDefaultLifetime(3600000));
@@ -110,17 +108,18 @@
assertNotNull("Unexpected null security token", context.getSecurityToken());
SecurityToken securityToken = context.getSecurityToken();
-
- AssertionType assertion = assertionParser.fromElement( (Element) securityToken.getTokenValue() );
- /*JAXBContext jaxbContext = JAXBContext.newInstance("org.picketlink.identity.federation.saml.v2.assertion");
- Unmarshaller unmarshaller = jaxbContext.createUnmarshaller();
- JAXBElement<?> parsedElement = (JAXBElement<?>) unmarshaller.unmarshal((Element) context.getSecurityToken()
- .getTokenValue());
- assertNotNull("Unexpected null element", parsedElement);
- assertEquals("Unexpected element type", AssertionType.class, parsedElement.getDeclaredType());
- AssertionType assertion = (AssertionType) parsedElement.getValue();
- StandardSecurityToken securityToken = (StandardSecurityToken) context.getSecurityToken();*/
+ AssertionType assertion = assertionParser.fromElement((Element) securityToken.getTokenValue());
+ /*
+ * JAXBContext jaxbContext = JAXBContext.newInstance("org.picketlink.identity.federation.saml.v2.assertion");
+ * Unmarshaller unmarshaller = jaxbContext.createUnmarshaller(); JAXBElement<?> parsedElement = (JAXBElement<?>)
+ * unmarshaller.unmarshal((Element) context.getSecurityToken() .getTokenValue());
+ * assertNotNull("Unexpected null element", parsedElement); assertEquals("Unexpected element type",
+ * AssertionType.class, parsedElement.getDeclaredType());
+ *
+ * AssertionType assertion = (AssertionType) parsedElement.getValue(); StandardSecurityToken securityToken =
+ * (StandardSecurityToken) context.getSecurityToken();
+ */
assertEquals("Unexpected token id", securityToken.getTokenID(), assertion.getID());
assertEquals("Unexpected token issuer", "PicketLinkSTS", assertion.getIssuer().getValue());
@@ -130,7 +129,7 @@
assertNotNull("Unexpected null value for NotBefore attribute", conditions.getNotBefore());
assertNotNull("Unexpected null value for NotOnOrAfter attribute", conditions.getNotOnOrAfter());
assertEquals("Unexpected number of conditions", 1, conditions.getConditions().size());
-
+
AudienceRestrictionType restrictionType = (AudienceRestrictionType) conditions.getConditions().get(0);
assertNotNull("Unexpected null audience list", restrictionType.getAudience());
assertEquals("Unexpected number of audience elements", 1, restrictionType.getAudience().size());
@@ -139,12 +138,12 @@
// check the contents of the assertion subject.
SubjectType subject = assertion.getSubject();
- assertNotNull("Unexpected null subject", subject);
-
+ assertNotNull("Unexpected null subject", subject);
+
NameIDType nameID = (NameIDType) subject.getSubType().getBaseID();
assertEquals("Unexpected name id qualifier", "urn:picketlink:identity-federation", nameID.getNameQualifier());
assertEquals("Unexpected name id", "sguilhen", nameID.getValue());
-
+
SubjectConfirmationType confirmation = (SubjectConfirmationType) subject.getConfirmation().get(0);
assertEquals("Unexpected confirmation method", SAMLUtil.SAML2_BEARER_URI, confirmation.getMethod());
@@ -164,11 +163,12 @@
/**
* <p>
- * This method tests the creation of SAMLV.20 assertions that contain a proof-of-possession token - that is,
+ * This method tests the creation of SAMLV.20 assertions that contain a proof-of-possession token - that is,
* assertions that use the Holder Of Key confirmation method.
* </p>
*
- * @throws Exception if an error occurs while running the test.
+ * @throws Exception
+ * if an error occurs while running the test.
*/
@Test
public void testIssueSAMLV20HolderOfKeyToken() throws Exception
@@ -198,31 +198,20 @@
AssertionType assertion = SAMLUtil.fromElement((Element) context.getSecurityToken().getTokenValue());
SubjectType subject = assertion.getSubject();
assertNotNull("Unexpected null subject", subject);
-
- /*assertEquals("Unexpected subject content size", 2, subject.getContent().size());
- JAXBElement<?> content = subject.getContent().get(0);
- assertEquals("Unexpected content type", NameIDType.class, content.getDeclaredType());
- */
-
+
NameIDType nameID = (NameIDType) subject.getSubType().getBaseID();
assertEquals("Unexpected name id qualifier", "urn:picketlink:identity-federation", nameID.getNameQualifier());
assertEquals("Unexpected name id", "sguilhen", nameID.getValue());
-
+
SubjectConfirmationType confirmation = (SubjectConfirmationType) subject.getConfirmation().get(0);
assertEquals("Unexpected confirmation method", SAMLUtil.SAML2_HOLDER_OF_KEY_URI, confirmation.getMethod());
-
- /*List<Object> confirmationContent = confirmation.getSubjectConfirmationData().getContent();
- assertEquals("Unexpected subject confirmation content size", 1, confirmationContent.size());
- JAXBElement<?> keyInfoElement = (JAXBElement<?>) confirmationContent.get(0);
- assertEquals("Unexpected subject confirmation context type", KeyInfoType.class, keyInfoElement.getDeclaredType());
- KeyInfoType keyInfo = (KeyInfoType) keyInfoElement.getValue();
- assertEquals("Unexpected key info content size", 1, keyInfo.getContent().size());
- JAXBElement<?> encKeyElement = (JAXBElement<?>) keyInfo.getContent().get(0);
- assertEquals("Unexpected key info content type", EncryptedKeyType.class, encKeyElement.getDeclaredType());*/
-
+
SubjectConfirmationDataType confirmData = confirmation.getSubjectConfirmationData();
-
KeyInfoType keyInfo = (KeyInfoType) confirmData.getAnyType();
+ assertEquals("Unexpected key info content size", 1, keyInfo.getContent().size());
+ Element encKeyElement = (Element) keyInfo.getContent().get(0);
+ assertEquals("Unexpected key info content type", WSTrustConstants.XMLEnc.ENCRYPTED_KEY, encKeyElement
+ .getLocalName());
// Now let's set an asymmetric proof of possession token in the context.
Certificate certificate = this.getCertificate("keystore/sts_keystore.jks", "testpass", "service1");
@@ -234,31 +223,30 @@
// check if the assertion has a subject confirmation that contains the encoded certificate.
assertion = SAMLUtil.fromElement((Element) context.getSecurityToken().getTokenValue());
- subject = assertion.getSubject();
+ subject = assertion.getSubject();
nameID = (NameIDType) subject.getSubType().getBaseID();
assertEquals("Unexpected name id qualifier", "urn:picketlink:identity-federation", nameID.getNameQualifier());
- assertEquals("Unexpected name id", "sguilhen", nameID.getValue());
+ assertEquals("Unexpected name id", "sguilhen", nameID.getValue());
confirmation = (SubjectConfirmationType) subject.getConfirmation().get(0);
assertEquals("Unexpected confirmation method", SAMLUtil.SAML2_HOLDER_OF_KEY_URI, confirmation.getMethod());
-
-
- /*confirmationContent = confirmation.getSubjectConfirmationData().getContent();
- assertEquals("Unexpected subject confirmation content size", 1, confirmationContent.size());
- keyInfoElement = (JAXBElement<?>) confirmationContent.get(0);
- assertEquals("Unexpected subject confirmation context type", KeyInfoType.class, keyInfoElement.getDeclaredType());*/
- keyInfo = (KeyInfoType)confirmation.getSubjectConfirmationData().getAnyType();
+
+ /*
+ * confirmationContent = confirmation.getSubjectConfirmationData().getContent();
+ * assertEquals("Unexpected subject confirmation content size", 1, confirmationContent.size()); keyInfoElement =
+ * (JAXBElement<?>) confirmationContent.get(0); assertEquals("Unexpected subject confirmation context type",
+ * KeyInfoType.class, keyInfoElement.getDeclaredType());
+ */
+ keyInfo = (KeyInfoType) confirmation.getSubjectConfirmationData().getAnyType();
assertEquals("Unexpected key info content size", 1, keyInfo.getContent().size());
// key info should contain a X509Data section with the encoded certificate.
- JAXBElement<?> x509DataElement = (JAXBElement<?>) keyInfo.getContent().get(0);
- assertEquals("Unexpected key info content type", X509DataType.class, x509DataElement.getDeclaredType());
- X509DataType x509Data = (X509DataType) x509DataElement.getValue();
+ X509DataType x509Data = (X509DataType) keyInfo.getContent().get(0);
assertEquals("Unexpected X509 data content size", 1, x509Data.getX509IssuerSerialOrX509SKIOrX509SubjectName()
.size());
- JAXBElement<?> x509CertElement = (JAXBElement<?>) x509Data.getX509IssuerSerialOrX509SKIOrX509SubjectName().get(0);
- assertEquals("Unexpected X509 data content type", byte[].class, x509CertElement.getDeclaredType());
+ X509CertificateType cert = (X509CertificateType) x509Data.getX509IssuerSerialOrX509SKIOrX509SubjectName().get(0);
+
// certificate should have been encoded to Base64, so we need to decode it first.
- byte[] encodedCert = (byte[]) x509CertElement.getValue();
+ byte[] encodedCert = Base64.decode(new String(cert.getEncodedCertificate()));
assertTrue("Invalid encoded certificate found", Arrays.equals(certificate.getEncoded(), encodedCert));
}
@@ -267,14 +255,15 @@
* Tests the validation of a SAMLV2.0 Assertion.
* </p>
*
- * @throws Exception if an error occurs while running the test.
+ * @throws Exception
+ * if an error occurs while running the test.
*/
@Test
public void testValidateSAMLV20Token() throws Exception
{
this.provider = new SAML20TokenProvider();
provider.initialize(new HashMap<String, String>());
-
+
// issue a SAMLV2.0 assertion.
WSTrustRequestContext context = this.createIssuingContext(WSTrustUtil.createDefaultLifetime(3600000));
this.provider.issueToken(context);
@@ -319,9 +308,11 @@
* test scenarios.
* </p>
*
- * @param lifetime the {@code Lifetime} of the assertion to be issued.
+ * @param lifetime
+ * the {@code Lifetime} of the assertion to be issued.
* @return the constructed {@code WSTrustRequestHandler} instance.
- * @throws Exception if an error occurs while creating the context.
+ * @throws Exception
+ * if an error occurs while creating the context.
*/
private WSTrustRequestContext createIssuingContext(Lifetime lifetime) throws Exception
{
@@ -343,9 +334,11 @@
* Creates a {@code WSTrustRequestContext} for validating the specified assertion.
* </p>
*
- * @param assertion an {@code Element} representing the SAMLV2.0 assertion to be validated.
+ * @param assertion
+ * an {@code Element} representing the SAMLV2.0 assertion to be validated.
* @return the constructed {@code WSTrustRequestContext} instance.
- * @throws Exception if an error occurs while creating the validating context.
+ * @throws Exception
+ * if an error occurs while creating the validating context.
*/
private WSTrustRequestContext createValidatingContext(Element assertion) throws Exception
{
@@ -368,11 +361,15 @@
* Obtains the {@code Certificate} stored under the specified alias in the specified keystore.
* </p>
*
- * @param keyStoreFile the name of the file that contains a JKS keystore.
- * @param passwd the keystore password.
- * @param certificateAlias the alias of a certificate in the keystore.
+ * @param keyStoreFile
+ * the name of the file that contains a JKS keystore.
+ * @param passwd
+ * the keystore password.
+ * @param certificateAlias
+ * the alias of a certificate in the keystore.
* @return a reference to the {@code Certificate} stored under the given alias.
- * @throws Exception if an error occurs while handling the keystore.
+ * @throws Exception
+ * if an error occurs while handling the keystore.
*/
private Certificate getCertificate(String keyStoreFile, String passwd, String certificateAlias) throws Exception
{
@@ -383,7 +380,7 @@
Certificate certificate = keyStore.getCertificate(certificateAlias);
return certificate;
}
-
+
private Source createSourceFromRequest(RequestSecurityToken request) throws Exception
{
DOMResult result = new DOMResult(DocumentUtil.createDocument());
Added: federation/trunk/picketlink-xmlsec-model/src/main/java/org/picketlink/identity/xmlsec/w3/xmldsig/X509CertificateType.java
===================================================================
--- federation/trunk/picketlink-xmlsec-model/src/main/java/org/picketlink/identity/xmlsec/w3/xmldsig/X509CertificateType.java (rev 0)
+++ federation/trunk/picketlink-xmlsec-model/src/main/java/org/picketlink/identity/xmlsec/w3/xmldsig/X509CertificateType.java 2010-12-04 01:55:23 UTC (rev 585)
@@ -0,0 +1,17 @@
+package org.picketlink.identity.xmlsec.w3.xmldsig;
+
+public class X509CertificateType
+{
+
+ private byte[] encodedCertificate;
+
+ public byte[] getEncodedCertificate()
+ {
+ return this.encodedCertificate;
+ }
+
+ public void setEncodedCertificate(byte[] encodedCertificate)
+ {
+ this.encodedCertificate = encodedCertificate;
+ }
+}
14 years, 1 month
Picketlink SVN: r584 - in federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers: wsse and 1 other directories.
by picketlink-commits@lists.jboss.org
Author: anil.saldhana(a)jboss.com
Date: 2010-12-01 10:44:48 -0500 (Wed, 01 Dec 2010)
New Revision: 584
Modified:
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLConditionsParser.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLStatusResponseTypeParser.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLSubjectParser.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/wsse/WSSecurityParser.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/wst/WSTRequestSecurityTokenParser.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/wst/WSTRequestSecurityTokenResponseParser.java
Log:
fixes
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLConditionsParser.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLConditionsParser.java 2010-12-01 15:38:54 UTC (rev 583)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLConditionsParser.java 2010-12-01 15:44:48 UTC (rev 584)
@@ -101,6 +101,8 @@
nextEndElement = StaxParserUtil.getNextEndElement(xmlEventReader);
break;
}
+ else
+ throw new RuntimeException( "unknown end element:" + StaxParserUtil.getEndElementName(nextEndElement));
}
String tag = null;
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLStatusResponseTypeParser.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLStatusResponseTypeParser.java 2010-12-01 15:38:54 UTC (rev 583)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLStatusResponseTypeParser.java 2010-12-01 15:44:48 UTC (rev 584)
@@ -143,6 +143,8 @@
EndElement endElement = StaxParserUtil.getNextEndElement(xmlEventReader);
if( StaxParserUtil.matches(endElement, STATUS ))
break;
+ else
+ throw new RuntimeException( "unknown end element:" + StaxParserUtil.getEndElementName( endElement ));
}
}
return status;
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLSubjectParser.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLSubjectParser.java 2010-12-01 15:38:54 UTC (rev 583)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLSubjectParser.java 2010-12-01 15:44:48 UTC (rev 584)
@@ -220,6 +220,8 @@
xmlEvent = StaxParserUtil.getNextEndElement(xmlEventReader);
break;
}
+ else
+ throw new RuntimeException( "unknown end element:" + tag );
}
startElement = (StartElement) xmlEvent;
tag = StaxParserUtil.getStartElementName(startElement);
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/wsse/WSSecurityParser.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/wsse/WSSecurityParser.java 2010-12-01 15:38:54 UTC (rev 583)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/wsse/WSSecurityParser.java 2010-12-01 15:44:48 UTC (rev 584)
@@ -151,6 +151,8 @@
endElement = StaxParserUtil.getNextEndElement(xmlEventReader);
break;
}
+ else
+ throw new RuntimeException( "unknown end element:" + tag );
}
startElement = (StartElement) xmlEvent;
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/wst/WSTRequestSecurityTokenParser.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/wst/WSTRequestSecurityTokenParser.java 2010-12-01 15:38:54 UTC (rev 583)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/wst/WSTRequestSecurityTokenParser.java 2010-12-01 15:44:48 UTC (rev 584)
@@ -86,7 +86,7 @@
if( endElementTag.equals( WSTrustConstants.RST ) )
break;
else
- throw new RuntimeException( "Unknown End Element:" + StaxParserUtil.getEndElementName( endElement ) );
+ throw new RuntimeException( "Unknown End Element:" + endElementTag );
}
try
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/wst/WSTRequestSecurityTokenResponseParser.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/wst/WSTRequestSecurityTokenResponseParser.java 2010-12-01 15:38:54 UTC (rev 583)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/wst/WSTRequestSecurityTokenResponseParser.java 2010-12-01 15:44:48 UTC (rev 584)
@@ -92,7 +92,7 @@
if (endElementTag.equals(WSTrustConstants.RSTR))
break;
else
- throw new RuntimeException( "Unknown End Element:" + StaxParserUtil.getEndElementName( endElement ) );
+ throw new RuntimeException( "Unknown End Element:" + endElementTag );
}
try
@@ -335,11 +335,14 @@
xmlEvent = StaxParserUtil.peek(xmlEventReader);
if (xmlEvent instanceof EndElement)
{
- if (StaxParserUtil.getEndElementName((EndElement) xmlEvent).equals(WSTrustConstants.STATUS))
+ String endElementTag = StaxParserUtil.getEndElementName((EndElement) xmlEvent);
+ if ( endElementTag.equals(WSTrustConstants.STATUS))
{
xmlEvent = StaxParserUtil.getNextEndElement(xmlEventReader);
break;
- }
+ }
+ else
+ throw new RuntimeException( "unknown end element:" + endElementTag );
}
startElement = (StartElement) xmlEvent;
String tag = StaxParserUtil.getStartElementName(startElement);
@@ -380,11 +383,14 @@
xmlEvent = StaxParserUtil.peek(xmlEventReader);
if (xmlEvent instanceof EndElement)
{
- if (StaxParserUtil.getEndElementName((EndElement) xmlEvent).equals(WSTrustConstants.REQUESTED_TOKEN))
+ String endElementTag = StaxParserUtil.getEndElementName( (EndElement) xmlEvent );
+ if ( endElementTag.equals(WSTrustConstants.REQUESTED_TOKEN))
{
xmlEvent = StaxParserUtil.getNextEndElement(xmlEventReader);
break;
}
+ else
+ throw new RuntimeException( "unknown end element:" + endElementTag );
}
Element tokenElement = StaxParserUtil.getDOMElement(xmlEventReader);
requestedSecurityTokenType.setAny(tokenElement);
14 years, 1 month
Picketlink SVN: r583 - in federation/trunk/picketlink-fed-core/src: main/java/org/picketlink/identity/federation/core/parsers/wst and 4 other directories.
by picketlink-commits@lists.jboss.org
Author: anil.saldhana(a)jboss.com
Date: 2010-12-01 10:38:54 -0500 (Wed, 01 Dec 2010)
New Revision: 583
Modified:
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLAssertionParser.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLRequestAbstractParser.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLSubjectParser.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/wst/WSTCancelTargetParser.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/wst/WSTRenewTargetParser.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/wst/WSTValidateTargetParser.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/SAMLAssertionWriter.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/WSTrustConstants.java
federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/wstrust/SAML20TokenProviderUnitTestCase.java
federation/trunk/picketlink-fed-core/src/test/resources/parser/saml2/saml2-assertion-x500attrib.xml
Log:
fixes
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLAssertionParser.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLAssertionParser.java 2010-12-01 14:34:05 UTC (rev 582)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLAssertionParser.java 2010-12-01 15:38:54 UTC (rev 583)
@@ -28,9 +28,6 @@
import javax.xml.stream.events.EndElement;
import javax.xml.stream.events.StartElement;
import javax.xml.stream.events.XMLEvent;
-import javax.xml.transform.Transformer;
-import javax.xml.transform.dom.DOMResult;
-import javax.xml.transform.stax.StAXSource;
import org.picketlink.identity.federation.core.exceptions.ConfigurationException;
import org.picketlink.identity.federation.core.exceptions.ParsingException;
@@ -41,10 +38,14 @@
import org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLConstants;
import org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLURIConstants;
import org.picketlink.identity.federation.core.saml.v2.util.DocumentUtil;
-import org.picketlink.identity.federation.core.saml.v2.util.XMLTimeUtil;
-import org.picketlink.identity.federation.core.util.TransformerUtil;
-import org.picketlink.identity.federation.newmodel.saml.v2.assertion.*;
-import org.w3c.dom.Document;
+import org.picketlink.identity.federation.core.saml.v2.util.XMLTimeUtil;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AssertionType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AttributeStatementType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AuthnStatementType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.ConditionsType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.EncryptedAssertionType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.NameIDType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.SubjectType;
import org.w3c.dom.Element;
/**
@@ -71,25 +72,10 @@
String startElementName = StaxParserUtil.getStartElementName(startElement);
if( startElementName.equals( JBossSAMLConstants.ENCRYPTED_ASSERTION.get() ))
{
- Document resultDocument;
- try
- {
- resultDocument = DocumentUtil.createDocument();
- DOMResult domResult = new DOMResult( resultDocument );
-
- //Let us parse <b><c><d> using transformer
- StAXSource source = new StAXSource(xmlEventReader);
-
- Transformer transformer = TransformerUtil.getStaxSourceToDomResultTransformer();
- transformer.transform( source, domResult );
- }
- catch ( Exception e)
- {
- throw new RuntimeException( e );
- }
+ Element domElement = StaxParserUtil.getDOMElement(xmlEventReader);
EncryptedAssertionType encryptedAssertion = new EncryptedAssertionType();
- encryptedAssertion.setEncryptedElement( resultDocument.getDocumentElement() );
+ encryptedAssertion.setEncryptedElement( domElement );
return encryptedAssertion;
}
@@ -134,25 +120,8 @@
String tag = StaxParserUtil.getStartElementName( peekedElement );
if( tag.equals( JBossSAMLConstants.SIGNATURE.get() ) )
- {
- Document resultDocument;
- try
- {
- resultDocument = DocumentUtil.createDocument();
- DOMResult domResult = new DOMResult( resultDocument );
-
- //Let us parse <b><c><d> using transformer
- StAXSource source = new StAXSource(xmlEventReader);
-
- Transformer transformer = TransformerUtil.getStaxSourceToDomResultTransformer();
- transformer.transform( source, domResult );
- }
- catch ( Exception e)
- {
- throw new RuntimeException( e );
- }
-
- assertion.setSignature( resultDocument.getDocumentElement() );
+ {
+ assertion.setSignature( StaxParserUtil.getDOMElement(xmlEventReader) );
continue;
}
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLRequestAbstractParser.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLRequestAbstractParser.java 2010-12-01 14:34:05 UTC (rev 582)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLRequestAbstractParser.java 2010-12-01 15:38:54 UTC (rev 583)
@@ -25,20 +25,14 @@
import javax.xml.stream.XMLEventReader;
import javax.xml.stream.events.Attribute;
import javax.xml.stream.events.StartElement;
-import javax.xml.transform.Transformer;
-import javax.xml.transform.dom.DOMResult;
-import javax.xml.transform.stax.StAXSource;
import org.picketlink.identity.federation.core.exceptions.ParsingException;
import org.picketlink.identity.federation.core.parsers.util.StaxParserUtil;
import org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLConstants;
-import org.picketlink.identity.federation.core.saml.v2.util.DocumentUtil;
import org.picketlink.identity.federation.core.saml.v2.util.XMLTimeUtil;
import org.picketlink.identity.federation.core.util.NetworkUtil;
-import org.picketlink.identity.federation.core.util.TransformerUtil;
import org.picketlink.identity.federation.newmodel.saml.v2.assertion.NameIDType;
import org.picketlink.identity.federation.newmodel.saml.v2.protocol.RequestAbstractType;
-import org.w3c.dom.Document;
/**
* Base Class for SAML Request Parsing
@@ -92,25 +86,8 @@
request.setIssuer( issuer );
}
else if( JBossSAMLConstants.SIGNATURE.get().equals( elementName ))
- {
- Document resultDocument;
- try
- {
- resultDocument = DocumentUtil.createDocument();
- DOMResult domResult = new DOMResult( resultDocument );
-
- //Let us parse <b><c><d> using transformer
- StAXSource source = new StAXSource(xmlEventReader);
-
- Transformer transformer = TransformerUtil.getStaxSourceToDomResultTransformer();
- transformer.transform( source, domResult );
- }
- catch ( Exception e)
- {
- throw new RuntimeException( e );
- }
-
- request.setSignature( resultDocument.getDocumentElement() );
+ {
+ request.setSignature( StaxParserUtil.getDOMElement(xmlEventReader) );
//StaxParserUtil.bypassElementBlock(xmlEventReader, JBossSAMLConstants.SIGNATURE.get() );
}
}
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLSubjectParser.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLSubjectParser.java 2010-12-01 14:34:05 UTC (rev 582)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLSubjectParser.java 2010-12-01 15:38:54 UTC (rev 583)
@@ -186,6 +186,12 @@
KeyInfoType keyInfo = parseKeyInfo(xmlEventReader);
subjectConfirmationData.setAnyType(keyInfo);
}
+ else if( tag.equals( WSTrustConstants.XMLEnc.ENCRYPTED_KEY ))
+ {
+ subjectConfirmationData.setAnyType( StaxParserUtil.getDOMElement(xmlEventReader));
+ }
+ else
+ throw new RuntimeException( "Handle:" + tag );
}
//Get the end tag
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/wst/WSTCancelTargetParser.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/wst/WSTCancelTargetParser.java 2010-12-01 14:34:05 UTC (rev 582)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/wst/WSTCancelTargetParser.java 2010-12-01 15:38:54 UTC (rev 583)
@@ -24,20 +24,15 @@
import javax.xml.namespace.QName;
import javax.xml.stream.XMLEventReader;
import javax.xml.stream.events.StartElement;
-import javax.xml.transform.dom.DOMResult;
-import javax.xml.transform.stax.StAXSource;
import org.picketlink.identity.federation.core.exceptions.ParsingException;
import org.picketlink.identity.federation.core.parsers.ParserNamespaceSupport;
import org.picketlink.identity.federation.core.parsers.saml.SAMLParser;
import org.picketlink.identity.federation.core.parsers.util.StaxParserUtil;
import org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLConstants;
-import org.picketlink.identity.federation.core.saml.v2.util.DocumentUtil;
-import org.picketlink.identity.federation.core.util.TransformerUtil;
import org.picketlink.identity.federation.core.wstrust.WSTrustConstants;
import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AssertionType;
import org.picketlink.identity.federation.ws.trust.CancelTargetType;
-import org.w3c.dom.Document;
/**
* Stax parser for the wst:CancelTarget element
@@ -70,13 +65,8 @@
{
// this is an unknown type - parse using the transformer.
try
- {
- Document resultDocument = DocumentUtil.createDocument();
- DOMResult domResult = new DOMResult(resultDocument);
- StAXSource source = new StAXSource(xmlEventReader);
- TransformerUtil.transform(TransformerUtil.getStaxSourceToDomResultTransformer(), source, domResult);
- Document doc = (Document) domResult.getNode();
- cancelTarget.setAny(doc.getDocumentElement());
+ {
+ cancelTarget.setAny( StaxParserUtil.getDOMElement(xmlEventReader) );
}
catch(Exception e)
{
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/wst/WSTRenewTargetParser.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/wst/WSTRenewTargetParser.java 2010-12-01 14:34:05 UTC (rev 582)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/wst/WSTRenewTargetParser.java 2010-12-01 15:38:54 UTC (rev 583)
@@ -20,20 +20,15 @@
import javax.xml.namespace.QName;
import javax.xml.stream.XMLEventReader;
import javax.xml.stream.events.StartElement;
-import javax.xml.transform.dom.DOMResult;
-import javax.xml.transform.stax.StAXSource;
import org.picketlink.identity.federation.core.exceptions.ParsingException;
import org.picketlink.identity.federation.core.parsers.ParserNamespaceSupport;
import org.picketlink.identity.federation.core.parsers.saml.SAMLParser;
import org.picketlink.identity.federation.core.parsers.util.StaxParserUtil;
import org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLConstants;
-import org.picketlink.identity.federation.core.saml.v2.util.DocumentUtil;
-import org.picketlink.identity.federation.core.util.TransformerUtil;
import org.picketlink.identity.federation.core.wstrust.WSTrustConstants;
import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AssertionType;
import org.picketlink.identity.federation.ws.trust.RenewTargetType;
-import org.w3c.dom.Document;
/**
* Stax parser for the wst:RenewTarget element
@@ -68,13 +63,8 @@
{
// this is an unknown type - parse using the transformer.
try
- {
- Document resultDocument = DocumentUtil.createDocument();
- DOMResult domResult = new DOMResult(resultDocument);
- StAXSource source = new StAXSource(xmlEventReader);
- TransformerUtil.transform(TransformerUtil.getStaxSourceToDomResultTransformer(), source, domResult);
- Document doc = (Document) domResult.getNode();
- renewTargetType.setAny(doc.getDocumentElement());
+ {
+ renewTargetType.setAny( StaxParserUtil.getDOMElement(xmlEventReader) );
}
catch(Exception e)
{
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/wst/WSTValidateTargetParser.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/wst/WSTValidateTargetParser.java 2010-12-01 14:34:05 UTC (rev 582)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/wst/WSTValidateTargetParser.java 2010-12-01 15:38:54 UTC (rev 583)
@@ -24,20 +24,15 @@
import javax.xml.namespace.QName;
import javax.xml.stream.XMLEventReader;
import javax.xml.stream.events.StartElement;
-import javax.xml.transform.dom.DOMResult;
-import javax.xml.transform.stax.StAXSource;
import org.picketlink.identity.federation.core.exceptions.ParsingException;
import org.picketlink.identity.federation.core.parsers.ParserNamespaceSupport;
import org.picketlink.identity.federation.core.parsers.saml.SAMLParser;
import org.picketlink.identity.federation.core.parsers.util.StaxParserUtil;
import org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLConstants;
-import org.picketlink.identity.federation.core.saml.v2.util.DocumentUtil;
-import org.picketlink.identity.federation.core.util.TransformerUtil;
import org.picketlink.identity.federation.core.wstrust.WSTrustConstants;
import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AssertionType;
import org.picketlink.identity.federation.ws.trust.ValidateTargetType;
-import org.w3c.dom.Document;
/**
* Stax parser for the wst:ValidateTarget element
@@ -70,13 +65,8 @@
{
// this is an unknown type - parse using the transformer.
try
- {
- Document resultDocument = DocumentUtil.createDocument();
- DOMResult domResult = new DOMResult(resultDocument);
- StAXSource source = new StAXSource(xmlEventReader);
- TransformerUtil.transform(TransformerUtil.getStaxSourceToDomResultTransformer(), source, domResult);
- Document doc = (Document) domResult.getNode();
- validateTargetType.setAny(doc.getDocumentElement());
+ {
+ validateTargetType.setAny( StaxParserUtil.getDOMElement(xmlEventReader) );
}
catch(Exception e)
{
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/SAMLAssertionWriter.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/SAMLAssertionWriter.java 2010-12-01 14:34:05 UTC (rev 582)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/SAMLAssertionWriter.java 2010-12-01 15:38:54 UTC (rev 583)
@@ -55,6 +55,7 @@
import org.picketlink.identity.federation.newmodel.saml.v2.assertion.ConditionAbstractType;
import org.picketlink.identity.federation.newmodel.saml.v2.assertion.ConditionsType;
import org.picketlink.identity.federation.newmodel.saml.v2.assertion.EncryptedElementType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.KeyInfoConfirmationDataType;
import org.picketlink.identity.federation.newmodel.saml.v2.assertion.NameIDType;
import org.picketlink.identity.federation.newmodel.saml.v2.assertion.StatementAbstractType;
import org.picketlink.identity.federation.newmodel.saml.v2.assertion.SubjectConfirmationDataType;
@@ -62,6 +63,8 @@
import org.picketlink.identity.federation.newmodel.saml.v2.assertion.SubjectType;
import org.picketlink.identity.federation.newmodel.saml.v2.assertion.SubjectType.STSubType;
import org.picketlink.identity.federation.newmodel.saml.v2.assertion.URIType;
+import org.picketlink.identity.xmlsec.w3.xmldsig.KeyInfoType;
+import org.w3c.dom.Element;
/**
* Write the SAML Assertion to stream
@@ -467,6 +470,21 @@
{
StaxUtil.writeAttribute(writer, JBossSAMLConstants.ADDRESS.get(), address );
}
+
+ Object anyType = subjectConfirmationData.getAnyType();
+ if( anyType instanceof KeyInfoConfirmationDataType )
+ {
+ KeyInfoConfirmationDataType kicd = (KeyInfoConfirmationDataType) anyType;
+ Element keyInfoElement = kicd.getKeyInfo();
+ StaxUtil.writeDOMNode(writer, keyInfoElement);
+ }
+ else if( anyType instanceof KeyInfoType )
+ {
+ KeyInfoType keyInfo = (KeyInfoType) anyType;
+ Element el = (Element) keyInfo.getContent().get(0);
+ StaxUtil.writeDOMNode(writer, el);
+ }
+ else throw new RuntimeException( "Need to handle:" + anyType );
StaxUtil.writeEndElement( writer);
StaxUtil.flush( writer );
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/WSTrustConstants.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/WSTrustConstants.java 2010-12-01 14:34:05 UTC (rev 582)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/WSTrustConstants.java 2010-12-01 15:38:54 UTC (rev 583)
@@ -128,6 +128,12 @@
String X509CERT = "X509Certificate";
}
+ public interface XMLEnc
+ {
+ String XMLENC_NS = "http://www.w3.org/2001/04/xmlenc#";
+ String ENCRYPTED_KEY = "EncryptedKey";
+ }
+
public interface WSSE
{
String KEY_IDENTIFIER = "KeyIdentifier";
Modified: federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/wstrust/SAML20TokenProviderUnitTestCase.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/wstrust/SAML20TokenProviderUnitTestCase.java 2010-12-01 14:34:05 UTC (rev 582)
+++ federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/wstrust/SAML20TokenProviderUnitTestCase.java 2010-12-01 15:38:54 UTC (rev 583)
@@ -21,6 +21,10 @@
*/
package org.picketlink.test.identity.federation.core.wstrust;
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertNotNull;
+import static org.junit.Assert.assertTrue;
+
import java.io.InputStream;
import java.net.URI;
import java.security.KeyStore;
@@ -36,8 +40,7 @@
import javax.xml.transform.dom.DOMResult;
import javax.xml.transform.dom.DOMSource;
-import junit.framework.TestCase;
-
+import org.junit.Test;
import org.picketlink.identity.federation.core.parsers.saml.SAMLAssertionParser;
import org.picketlink.identity.federation.core.saml.v2.util.DocumentUtil;
import org.picketlink.identity.federation.core.wstrust.SecurityToken;
@@ -73,19 +76,11 @@
*
* @author <a href="mailto:sguilhen@redhat.com">Stefan Guilhen</a>
*/
-public class SAML20TokenProviderUnitTestCase extends TestCase
+public class SAML20TokenProviderUnitTestCase
{
private SAML20TokenProvider provider;
- @Override
- protected void setUp() throws Exception
- {
- super.setUp();
- this.provider = new SAML20TokenProvider();
- provider.initialize(new HashMap<String, String>());
- }
-
/**
* <p>
* Tests the issuance of a SAMLV2.0 Assertion.
@@ -93,8 +88,12 @@
*
* @throws Exception if an error occurs while running the test.
*/
+ @Test
public void testIssueSAMLV20Token() throws Exception
- {
+ {
+ this.provider = new SAML20TokenProvider();
+ provider.initialize(new HashMap<String, String>());
+
SAMLAssertionParser assertionParser = new SAMLAssertionParser();
// create a WSTrustRequestContext with a simple WS-Trust request.
@@ -171,8 +170,12 @@
*
* @throws Exception if an error occurs while running the test.
*/
+ @Test
public void testIssueSAMLV20HolderOfKeyToken() throws Exception
{
+
+ this.provider = new SAML20TokenProvider();
+ provider.initialize(new HashMap<String, String>());
// create a WSTrustRequestContext with a simple WS-Trust request.
RequestSecurityToken request = new RequestSecurityToken();
request.setLifetime(WSTrustUtil.createDefaultLifetime(3600000));
@@ -266,9 +269,12 @@
*
* @throws Exception if an error occurs while running the test.
*/
+ @Test
public void testValidateSAMLV20Token() throws Exception
{
-
+ this.provider = new SAML20TokenProvider();
+ provider.initialize(new HashMap<String, String>());
+
// issue a SAMLV2.0 assertion.
WSTrustRequestContext context = this.createIssuingContext(WSTrustUtil.createDefaultLifetime(3600000));
this.provider.issueToken(context);
Modified: federation/trunk/picketlink-fed-core/src/test/resources/parser/saml2/saml2-assertion-x500attrib.xml
===================================================================
--- federation/trunk/picketlink-fed-core/src/test/resources/parser/saml2/saml2-assertion-x500attrib.xml 2010-12-01 14:34:05 UTC (rev 582)
+++ federation/trunk/picketlink-fed-core/src/test/resources/parser/saml2/saml2-assertion-x500attrib.xml 2010-12-01 15:38:54 UTC (rev 583)
@@ -7,7 +7,7 @@
IssueInstant="2004-12-05T09:22:05Z">
<saml:Issuer>https://idp.example.org/SAML2</saml:Issuer>
<ds:Signature
- xmlns:ds="http://www.w3.org/2000/09/xmldsig#">...</ds:Signature>
+ xmlns:ds="http://www.w3.org/2000/09/xmldsig#"></ds:Signature>
<saml:Subject>
<saml:NameID
Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient">
14 years, 1 month
Picketlink SVN: r582 - in federation/trunk/picketlink-fed-core/src: main/java/org/picketlink/identity/federation/core/saml/v2/constants and 3 other directories.
by picketlink-commits@lists.jboss.org
Author: anil.saldhana(a)jboss.com
Date: 2010-12-01 09:34:05 -0500 (Wed, 01 Dec 2010)
New Revision: 582
Modified:
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/util/SAMLParserUtil.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/constants/JBossSAMLURIConstants.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/util/StatementUtil.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/SAMLAssertionWriter.java
federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/saml/v2/X500AttributeUnitTestCase.java
Log:
fixes
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/util/SAMLParserUtil.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/util/SAMLParserUtil.java 2010-12-01 14:14:43 UTC (rev 581)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/util/SAMLParserUtil.java 2010-12-01 14:34:05 UTC (rev 582)
@@ -60,8 +60,8 @@
AttributeStatementType attributeStatementType = new AttributeStatementType();
StartElement startElement = StaxParserUtil.getNextStartElement(xmlEventReader);
- String AUTHNSTATEMENT = JBossSAMLConstants.ATTRIBUTE_STATEMENT.get();
- StaxParserUtil.validate( startElement, AUTHNSTATEMENT );
+ String ATTRIBSTATEMT = JBossSAMLConstants.ATTRIBUTE_STATEMENT.get();
+ StaxParserUtil.validate( startElement, ATTRIBSTATEMT );
while( xmlEventReader.hasNext() )
{
@@ -97,7 +97,7 @@
//Look for X500 Encoding
QName x500EncodingName = new QName( JBossSAMLURIConstants.X500_NSURI.get(),
- JBossSAMLConstants.ENCODING.get() );
+ JBossSAMLConstants.ENCODING.get(), JBossSAMLURIConstants.X500_PREFIX.get() );
Attribute x500EncodingAttr = startElement.getAttributeByName( x500EncodingName );
if( x500EncodingAttr != null )
@@ -156,7 +156,7 @@
{
return StaxParserUtil.getElementText(xmlEventReader);
}
-
+
throw new RuntimeException( "Unsupported xsi:type=" + typeValue );
}
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/constants/JBossSAMLURIConstants.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/constants/JBossSAMLURIConstants.java 2010-12-01 14:14:43 UTC (rev 581)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/constants/JBossSAMLURIConstants.java 2010-12-01 14:34:05 UTC (rev 582)
@@ -100,7 +100,8 @@
TRANSFORM_ENVELOPED_SIGNATURE("http://www.w3.org/2000/09/xmldsig#enveloped-signature"),
TRANSFORM_C14N_EXCL_OMIT_COMMENTS("http://www.w3.org/2001/10/xml-exc-c14n#WithComments"),
-
+
+ X500_PREFIX("x500"),
X500_NSURI("urn:oasis:names:tc:SAML:2.0:profiles:attribute:X500"),
XMLSCHEMA_NSURI("http://www.w3.org/2001/XMLSchema"),
XMLDSIG_NSURI("http://www.w3.org/2000/09/xmldsig#"),
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/util/StatementUtil.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/util/StatementUtil.java 2010-12-01 14:14:43 UTC (rev 581)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/util/StatementUtil.java 2010-12-01 14:34:05 UTC (rev 582)
@@ -42,7 +42,7 @@
*/
public class StatementUtil
{
- public static final QName X500_QNAME = new QName(JBossSAMLURIConstants.X500_NSURI.get(), "Encoding");
+ public static final QName X500_QNAME = new QName(JBossSAMLURIConstants.X500_NSURI.get(), "Encoding", JBossSAMLURIConstants.X500_PREFIX.get());
/**
* Create an attribute statement with all the attributes
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/SAMLAssertionWriter.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/SAMLAssertionWriter.java 2010-12-01 14:14:43 UTC (rev 581)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/SAMLAssertionWriter.java 2010-12-01 14:34:05 UTC (rev 582)
@@ -173,6 +173,7 @@
public void write( StatementAbstractType statement ) throws ProcessingException
{
//TODO: handle this section
+ throw new RuntimeException( "NYI" );
}
public void write( AttributeStatementType statement ) throws ProcessingException
@@ -310,7 +311,7 @@
String nameFormat = attributeType.getNameFormat();
if( StringUtil.isNotNull( nameFormat ))
{
- StaxUtil.writeAttribute( writer, JBossSAMLConstants.NAME_FORMAT.get(), friendlyName );
+ StaxUtil.writeAttribute( writer, JBossSAMLConstants.NAME_FORMAT.get(), nameFormat );
}
//Take care of other attributes such as x500:encoding
Modified: federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/saml/v2/X500AttributeUnitTestCase.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/saml/v2/X500AttributeUnitTestCase.java 2010-12-01 14:14:43 UTC (rev 581)
+++ federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/saml/v2/X500AttributeUnitTestCase.java 2010-12-01 14:34:05 UTC (rev 582)
@@ -85,7 +85,9 @@
*///marshaller.marshal(jaxb, System.out);
Document samlDom = DocumentUtil.getDocument(new String(baos.toByteArray()));
- NodeList nl = samlDom.getElementsByTagName("Attribute");
+ System.out.println( DocumentUtil.getDocumentAsString(samlDom));
+
+ NodeList nl = samlDom.getElementsByTagNameNS(JBossSAMLURIConstants.ASSERTION_NSURI.get() ,"Attribute");
assertEquals("nodes = 2", 2, nl.getLength());
String x500NS = JBossSAMLURIConstants.X500_NSURI.get();
14 years, 1 month