Picketlink SVN: r1023 - in federation/trunk/picketlink-fed-core/src: main/java/org/picketlink/identity/federation/core/parsers/saml/xacml and 12 other directories.
3:05 a.m.
Author: anil.saldhana(a)jboss.com
Date: 2011-06-22 21:05:52 -0400 (Wed, 22 Jun 2011)
New Revision: 1023
Added:
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAML11SubjectParser.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v1/
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v1/SAML11Constants.java
federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/saml/SAML11AssertionParserTestCase.java
federation/trunk/picketlink-fed-core/src/test/resources/parser/saml1/
federation/trunk/picketlink-fed-core/src/test/resources/parser/saml1/saml1-assertion.xml
Modified:
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLAssertionParser.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLAuthNRequestParser.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLParser.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLResponseParser.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLSloRequestParser.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLSloResponseParser.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLStatusResponseTypeParser.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/xacml/SAMLXACMLRequestParser.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/util/SAMLParserUtil.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/constants/JBossSAMLConstants.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/constants/JBossSAMLURIConstants.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/factories/JBossSAMLAuthnResponseFactory.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/factories/SAMLAssertionFactory.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/util/AssertionUtil.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/util/StringUtil.java
federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/identity/federation/core/wstrust/auth/Util.java
federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/saml/SAMLAssertionParserTestCase.java
federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/saml/v2/util/AssertionUtilUnitTestCase.java
Log:
PLFED-189: saml 1.1
Added:
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAML11SubjectParser.java
===================================================================
---
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAML11SubjectParser.java
(rev 0)
+++
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAML11SubjectParser.java 2011-06-23
01:05:52 UTC (rev 1023)
@@ -0,0 +1,331 @@
+/*
+ * JBoss, Home of Professional Open Source. Copyright 2008, Red Hat Middleware LLC, and
individual contributors as
+ * indicated by the @author tags. See the copyright.txt file in the distribution for a
full listing of individual
+ * contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it under the terms of the
GNU Lesser General Public
+ * License as published by the Free Software Foundation; either version 2.1 of the
License, or (at your option) any
+ * later version.
+ *
+ * This software is distributed in the hope that it will be useful, but WITHOUT ANY
WARRANTY; without even the implied
+ * warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser
General Public License for more
+ * details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License along with
this software; if not, write to
+ * the Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301
USA, or see the FSF site:
+ * http://www.fsf.org.
+ */
+package org.picketlink.identity.federation.core.parsers.saml;
+
+import java.net.URI;
+
+import javax.xml.namespace.QName;
+import javax.xml.stream.XMLEventReader;
+import javax.xml.stream.events.Attribute;
+import javax.xml.stream.events.EndElement;
+import javax.xml.stream.events.StartElement;
+import javax.xml.stream.events.XMLEvent;
+
+import org.picketlink.identity.federation.core.exceptions.ParsingException;
+import org.picketlink.identity.federation.core.parsers.ParserNamespaceSupport;
+import org.picketlink.identity.federation.core.parsers.util.StaxParserUtil;
+import org.picketlink.identity.federation.core.saml.v1.SAML11Constants;
+import org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLConstants;
+import org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLURIConstants;
+import org.picketlink.identity.federation.core.saml.v2.util.XMLTimeUtil;
+import org.picketlink.identity.federation.core.wstrust.WSTrustConstants;
+import org.picketlink.identity.federation.saml.v1.assertion.SAML11NameIdentifierType;
+import
org.picketlink.identity.federation.saml.v1.assertion.SAML11SubjectConfirmationType;
+import org.picketlink.identity.federation.saml.v1.assertion.SAML11SubjectType;
+import
org.picketlink.identity.federation.saml.v1.assertion.SAML11SubjectType.SAML11SubjectTypeChoice;
+import org.picketlink.identity.federation.saml.v2.assertion.SubjectConfirmationDataType;
+import org.picketlink.identity.xmlsec.w3.xmldsig.KeyInfoType;
+import org.picketlink.identity.xmlsec.w3.xmldsig.KeyValueType;
+import org.picketlink.identity.xmlsec.w3.xmldsig.RSAKeyValueType;
+import org.picketlink.identity.xmlsec.w3.xmldsig.X509CertificateType;
+import org.picketlink.identity.xmlsec.w3.xmldsig.X509DataType;
+
+/**
+ * Parse the saml subject
+ *
+ * @author Anil.Saldhana(a)redhat.com
+ * @since Oct 12, 2010
+ */
+public class SAML11SubjectParser implements ParserNamespaceSupport
+{
+ /**
+ * @see {@link ParserNamespaceSupport#parse(XMLEventReader)}
+ */
+ public Object parse(XMLEventReader xmlEventReader) throws ParsingException
+ {
+ StaxParserUtil.getNextEvent(xmlEventReader);
+
+ SAML11SubjectType subject = new SAML11SubjectType();
+
+ // Peek at the next event
+ while (xmlEventReader.hasNext())
+ {
+ XMLEvent xmlEvent = StaxParserUtil.peek(xmlEventReader);
+ if (xmlEvent instanceof EndElement)
+ {
+ EndElement endElement = (EndElement) xmlEvent;
+ if (StaxParserUtil.matches(endElement, JBossSAMLConstants.SUBJECT.get()))
+ {
+ endElement = StaxParserUtil.getNextEndElement(xmlEventReader);
+ break;
+ }
+ else
+ throw new RuntimeException("Unknown End Element:" +
StaxParserUtil.getEndElementName(endElement));
+ }
+
+ StartElement peekedElement =
StaxParserUtil.peekNextStartElement(xmlEventReader);
+ if (peekedElement == null)
+ break;
+
+ String tag = StaxParserUtil.getStartElementName(peekedElement);
+
+ if (SAML11Constants.NAME_IDENTIFIER.equalsIgnoreCase(tag))
+ {
+ peekedElement = StaxParserUtil.getNextStartElement(xmlEventReader);
+ SAML11NameIdentifierType nameID = new SAML11NameIdentifierType();
+ Attribute formatAtt = peekedElement.getAttributeByName(new
QName(SAML11Constants.FORMAT));
+ if (formatAtt != null)
+ {
+
nameID.setFormat(URI.create(StaxParserUtil.getAttributeValue(formatAtt)));
+ }
+
+ String val = StaxParserUtil.getElementText(xmlEventReader);
+ nameID.setNameQualifier(val);
+ SAML11SubjectTypeChoice subChoice = new SAML11SubjectTypeChoice(nameID);
+ subject.setChoice(subChoice);
+ }
+ else if (JBossSAMLConstants.SUBJECT_CONFIRMATION.get().equalsIgnoreCase(tag))
+ {
+ SAML11SubjectConfirmationType subjectConfirmationType = new
SAML11SubjectConfirmationType();
+ peekedElement = StaxParserUtil.getNextStartElement(xmlEventReader);
+
+ // There may be additional things under subject confirmation
+ xmlEvent = StaxParserUtil.peek(xmlEventReader);
+ if (xmlEvent instanceof StartElement)
+ {
+ StartElement startElement =
StaxParserUtil.getNextStartElement(xmlEventReader);
+ String startTag = StaxParserUtil.getStartElementName(startElement);
+
+ if (startTag.equals(SAML11Constants.CONFIRMATION_METHOD))
+ {
+ String method = StaxParserUtil.getElementText(xmlEventReader);
+ subjectConfirmationType.addConfirmation(URI.create(method));
+ }
+
+ if (startTag.equals(JBossSAMLConstants.SUBJECT_CONFIRMATION_DATA.get()))
+ {
+ SubjectConfirmationDataType subjectConfirmationData =
parseSubjectConfirmationData(xmlEventReader);
+
subjectConfirmationType.setSubjectConfirmationData(subjectConfirmationData);
+ }
+ }
+
+ subject.setSubjectConfirmation(subjectConfirmationType);
+
+ // Get the end tag
+ EndElement endElement = (EndElement)
StaxParserUtil.getNextEvent(xmlEventReader);
+ StaxParserUtil.matches(endElement,
JBossSAMLConstants.SUBJECT_CONFIRMATION.get());
+ }
+ else
+ throw new RuntimeException("Unknown tag:" + tag +
"::location=" + peekedElement.getLocation());
+ }
+ return subject;
+ }
+
+ /**
+ * @see {@link ParserNamespaceSupport#supports(QName)}
+ */
+ public boolean supports(QName qname)
+ {
+ String nsURI = qname.getNamespaceURI();
+ String localPart = qname.getLocalPart();
+
+ return nsURI.equals(JBossSAMLURIConstants.ASSERTION_NSURI.get())
+ && localPart.equals(JBossSAMLConstants.SUBJECT.get());
+ }
+
+ private SubjectConfirmationDataType parseSubjectConfirmationData(XMLEventReader
xmlEventReader)
+ throws ParsingException
+ {
+ StartElement startElement = StaxParserUtil.getNextStartElement(xmlEventReader);
+ StaxParserUtil.validate(startElement,
JBossSAMLConstants.SUBJECT_CONFIRMATION_DATA.get());
+
+ SubjectConfirmationDataType subjectConfirmationData = new
SubjectConfirmationDataType();
+
+ Attribute inResponseTo = startElement.getAttributeByName(new
QName(JBossSAMLConstants.IN_RESPONSE_TO.get()));
+ if (inResponseTo != null)
+ {
+
subjectConfirmationData.setInResponseTo(StaxParserUtil.getAttributeValue(inResponseTo));
+ }
+
+ Attribute notBefore = startElement.getAttributeByName(new
QName(JBossSAMLConstants.NOT_BEFORE.get()));
+ if (notBefore != null)
+ {
+
subjectConfirmationData.setNotBefore(XMLTimeUtil.parse(StaxParserUtil.getAttributeValue(notBefore)));
+ }
+
+ Attribute notOnOrAfter = startElement.getAttributeByName(new
QName(JBossSAMLConstants.NOT_ON_OR_AFTER.get()));
+ if (notOnOrAfter != null)
+ {
+
subjectConfirmationData.setNotOnOrAfter(XMLTimeUtil.parse(StaxParserUtil.getAttributeValue(notOnOrAfter)));
+ }
+
+ Attribute recipient = startElement.getAttributeByName(new
QName(JBossSAMLConstants.RECIPIENT.get()));
+ if (recipient != null)
+ {
+
subjectConfirmationData.setRecipient(StaxParserUtil.getAttributeValue(recipient));
+ }
+
+ Attribute address = startElement.getAttributeByName(new
QName(JBossSAMLConstants.ADDRESS.get()));
+ if (address != null)
+ {
+ subjectConfirmationData.setAddress(StaxParserUtil.getAttributeValue(address));
+ }
+
+ XMLEvent xmlEvent = StaxParserUtil.peek(xmlEventReader);
+ if (!(xmlEvent instanceof EndElement))
+ {
+ startElement = StaxParserUtil.peekNextStartElement(xmlEventReader);
+ String tag = StaxParserUtil.getStartElementName(startElement);
+ if (tag.equals(WSTrustConstants.XMLDSig.KEYINFO))
+ {
+ KeyInfoType keyInfo = parseKeyInfo(xmlEventReader);
+ subjectConfirmationData.setAnyType(keyInfo);
+ }
+ else if (tag.equals(WSTrustConstants.XMLEnc.ENCRYPTED_KEY))
+ {
+
subjectConfirmationData.setAnyType(StaxParserUtil.getDOMElement(xmlEventReader));
+ }
+ else
+ throw new RuntimeException("Handle:" + tag);
+ }
+
+ // Get the end tag
+ EndElement endElement = (EndElement) StaxParserUtil.getNextEvent(xmlEventReader);
+ StaxParserUtil.matches(endElement,
JBossSAMLConstants.SUBJECT_CONFIRMATION_DATA.get());
+ return subjectConfirmationData;
+ }
+
+ private KeyInfoType parseKeyInfo(XMLEventReader xmlEventReader) throws
ParsingException
+ {
+ KeyInfoType keyInfo = new KeyInfoType();
+ StartElement startElement = StaxParserUtil.getNextStartElement(xmlEventReader);
+ StaxParserUtil.validate(startElement, WSTrustConstants.XMLDSig.KEYINFO);
+
+ XMLEvent xmlEvent = null;
+ String tag = null;
+
+ while (xmlEventReader.hasNext())
+ {
+ xmlEvent = StaxParserUtil.peek(xmlEventReader);
+ if (xmlEvent instanceof EndElement)
+ {
+ tag = StaxParserUtil.getEndElementName((EndElement) xmlEvent);
+ if (tag.equals(WSTrustConstants.XMLDSig.KEYINFO))
+ {
+ xmlEvent = StaxParserUtil.getNextEndElement(xmlEventReader);
+ break;
+ }
+ else
+ throw new RuntimeException("unknown end element:" + tag);
+ }
+ startElement = (StartElement) xmlEvent;
+ tag = StaxParserUtil.getStartElementName(startElement);
+ if (tag.equals(WSTrustConstants.XMLEnc.ENCRYPTED_KEY))
+ {
+ keyInfo.addContent(StaxParserUtil.getDOMElement(xmlEventReader));
+ }
+ else if (tag.equals(WSTrustConstants.XMLDSig.X509DATA))
+ {
+ startElement = StaxParserUtil.getNextStartElement(xmlEventReader);
+ X509DataType x509 = new X509DataType();
+
+ // Let us go for the X509 certificate
+ startElement = StaxParserUtil.getNextStartElement(xmlEventReader);
+ StaxParserUtil.validate(startElement, WSTrustConstants.XMLDSig.X509CERT);
+
+ X509CertificateType cert = new X509CertificateType();
+ String certValue = StaxParserUtil.getElementText(xmlEventReader);
+ cert.setEncodedCertificate(certValue.getBytes());
+ x509.add(cert);
+
+ EndElement endElement = StaxParserUtil.getNextEndElement(xmlEventReader);
+ StaxParserUtil.validate(endElement, WSTrustConstants.XMLDSig.X509DATA);
+ keyInfo.addContent(x509);
+ }
+ else if (tag.equals(WSTrustConstants.XMLDSig.KEYVALUE))
+ {
+ startElement = StaxParserUtil.getNextStartElement(xmlEventReader);
+ KeyValueType keyValue = new KeyValueType();
+
+ startElement = StaxParserUtil.peekNextStartElement(xmlEventReader);
+ tag = StaxParserUtil.getStartElementName(startElement);
+ if (tag.equals(WSTrustConstants.XMLDSig.RSA_KEYVALUE))
+ {
+ keyValue.getContent().add(this.parseRSAKeyValue(xmlEventReader));
+ }
+ else if (tag.equals(WSTrustConstants.XMLDSig.DSA_KEYVALUE))
+ {
+ // TODO: parse the DSA key contents.
+ }
+ else
+ throw new ParsingException("Unknown element: " + tag);
+
+ EndElement endElement = StaxParserUtil.getNextEndElement(xmlEventReader);
+ StaxParserUtil.validate(endElement, WSTrustConstants.XMLDSig.KEYVALUE);
+
+ keyInfo.addContent(keyValue);
+ }
+ }
+ return keyInfo;
+ }
+
+ private RSAKeyValueType parseRSAKeyValue(XMLEventReader xmlEventReader) throws
ParsingException
+ {
+ StartElement startElement = StaxParserUtil.getNextStartElement(xmlEventReader);
+ StaxParserUtil.validate(startElement, WSTrustConstants.XMLDSig.RSA_KEYVALUE);
+
+ XMLEvent xmlEvent = null;
+ String tag = null;
+
+ RSAKeyValueType rsaKeyValue = new RSAKeyValueType();
+
+ while (xmlEventReader.hasNext())
+ {
+ xmlEvent = StaxParserUtil.peek(xmlEventReader);
+ if (xmlEvent instanceof EndElement)
+ {
+ tag = StaxParserUtil.getEndElementName((EndElement) xmlEvent);
+ if (tag.equals(WSTrustConstants.XMLDSig.RSA_KEYVALUE))
+ {
+ xmlEvent = StaxParserUtil.getNextEndElement(xmlEventReader);
+ break;
+ }
+ else
+ throw new RuntimeException("unknown end element:" + tag);
+ }
+
+ startElement = (StartElement) xmlEvent;
+ tag = StaxParserUtil.getStartElementName(startElement);
+ if (tag.equals(WSTrustConstants.XMLDSig.MODULUS))
+ {
+ startElement = StaxParserUtil.getNextStartElement(xmlEventReader);
+ String text = StaxParserUtil.getElementText(xmlEventReader);
+ rsaKeyValue.setModulus(text.getBytes());
+ }
+ else if (tag.equals(WSTrustConstants.XMLDSig.EXPONENT))
+ {
+ startElement = StaxParserUtil.getNextStartElement(xmlEventReader);
+ String text = StaxParserUtil.getElementText(xmlEventReader);
+ rsaKeyValue.setExponent(text.getBytes());
+ }
+ else
+ throw new ParsingException("Unknown element: " + tag);
+ }
+ return rsaKeyValue;
+ }
+}
\ No newline at end of file
Modified:
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLAssertionParser.java
===================================================================
---
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLAssertionParser.java 2011-06-23
01:04:12 UTC (rev 1022)
+++
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLAssertionParser.java 2011-06-23
01:05:52 UTC (rev 1023)
@@ -44,6 +44,7 @@
import org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLURIConstants;
import org.picketlink.identity.federation.core.saml.v2.util.DocumentUtil;
import org.picketlink.identity.federation.core.saml.v2.util.XMLTimeUtil;
+import org.picketlink.identity.federation.core.util.StringUtil;
import org.picketlink.identity.federation.saml.v2.assertion.AssertionType;
import org.picketlink.identity.federation.saml.v2.assertion.AttributeStatementType;
import org.picketlink.identity.federation.saml.v2.assertion.AuthnStatementType;
@@ -60,207 +61,213 @@
* @since Oct 12, 2010
*/
public class SAMLAssertionParser implements ParserNamespaceSupport
-{
- private String ASSERTION = JBossSAMLConstants.ASSERTION.get();
-
- public AssertionType fromElement( Element element ) throws ConfigurationException,
ProcessingException, ParsingException
+{
+ private final String ASSERTION = JBossSAMLConstants.ASSERTION.get();
+
+ public AssertionType fromElement(Element element) throws ConfigurationException,
ProcessingException,
+ ParsingException
{
- XMLEventReader xmlEventReader = StaxParserUtil.getXMLEventReader(
DocumentUtil.getNodeAsStream(element));
+ XMLEventReader xmlEventReader =
StaxParserUtil.getXMLEventReader(DocumentUtil.getNodeAsStream(element));
return (AssertionType) parse(xmlEventReader);
}
-
+
/**
* @see {@link ParserNamespaceSupport#parse(XMLEventReader)}
*/
public Object parse(XMLEventReader xmlEventReader) throws ParsingException
- {
+ {
StartElement startElement = StaxParserUtil.peekNextStartElement(xmlEventReader);
String startElementName = StaxParserUtil.getStartElementName(startElement);
- if( startElementName.equals( JBossSAMLConstants.ENCRYPTED_ASSERTION.get() ))
+ if (startElementName.equals(JBossSAMLConstants.ENCRYPTED_ASSERTION.get()))
{
Element domElement = StaxParserUtil.getDOMElement(xmlEventReader);
-
+
EncryptedAssertionType encryptedAssertion = new EncryptedAssertionType();
- encryptedAssertion.setEncryptedElement( domElement );
- return encryptedAssertion;
+ encryptedAssertion.setEncryptedElement(domElement);
+ return encryptedAssertion;
}
-
-
- startElement = StaxParserUtil.getNextStartElement(xmlEventReader);
-
+
+ startElement = StaxParserUtil.getNextStartElement(xmlEventReader);
+
//Special case: Encrypted Assertion
- StaxParserUtil.validate(startElement, ASSERTION );
- AssertionType assertion = parseBaseAttributes( startElement );
+ StaxParserUtil.validate(startElement, ASSERTION);
+ AssertionType assertion = parseBaseAttributes(startElement);
//Peek at the next event
- while( xmlEventReader.hasNext() )
- {
- XMLEvent xmlEvent = StaxParserUtil.peek( xmlEventReader );
- if( xmlEvent == null )
+ while (xmlEventReader.hasNext())
+ {
+ XMLEvent xmlEvent = StaxParserUtil.peek(xmlEventReader);
+ if (xmlEvent == null)
break;
-
- if( xmlEvent instanceof EndElement )
+
+ if (xmlEvent instanceof EndElement)
{
- xmlEvent = StaxParserUtil.getNextEvent( xmlEventReader );
+ xmlEvent = StaxParserUtil.getNextEvent(xmlEventReader);
EndElement endElement = (EndElement) xmlEvent;
- String endElementTag = StaxParserUtil.getEndElementName( endElement );
- if( endElementTag.equals( JBossSAMLConstants.ASSERTION.get() ) )
+ String endElementTag = StaxParserUtil.getEndElementName(endElement);
+ if (endElementTag.equals(JBossSAMLConstants.ASSERTION.get()))
break;
else
- throw new RuntimeException( "Unknown End Element:" +
endElementTag );
+ throw new RuntimeException("Unknown End Element:" +
endElementTag);
}
-
+
StartElement peekedElement = null;
- if( xmlEvent instanceof StartElement )
+ if (xmlEvent instanceof StartElement)
{
peekedElement = (StartElement) xmlEvent;
}
else
{
- peekedElement = StaxParserUtil.peekNextStartElement( xmlEventReader );
+ peekedElement = StaxParserUtil.peekNextStartElement(xmlEventReader);
}
- if( peekedElement == null )
- break;
+ if (peekedElement == null)
+ break;
- String tag = StaxParserUtil.getStartElementName( peekedElement );
+ String tag = StaxParserUtil.getStartElementName(peekedElement);
- if( tag.equals( JBossSAMLConstants.SIGNATURE.get() ) )
- {
- assertion.setSignature( StaxParserUtil.getDOMElement(xmlEventReader) );
- continue;
+ if (tag.equals(JBossSAMLConstants.SIGNATURE.get()))
+ {
+ assertion.setSignature(StaxParserUtil.getDOMElement(xmlEventReader));
+ continue;
}
- if( JBossSAMLConstants.ISSUER.get().equalsIgnoreCase( tag ) )
+ if (JBossSAMLConstants.ISSUER.get().equalsIgnoreCase(tag))
{
startElement = StaxParserUtil.getNextStartElement(xmlEventReader);
String issuerValue = StaxParserUtil.getElementText(xmlEventReader);
NameIDType issuer = new NameIDType();
- issuer.setValue( issuerValue );
+ issuer.setValue(issuerValue);
- assertion.setIssuer( issuer );
- }
- else if( JBossSAMLConstants.SUBJECT.get().equalsIgnoreCase( tag ) )
+ assertion.setIssuer(issuer);
+ }
+ else if (JBossSAMLConstants.SUBJECT.get().equalsIgnoreCase(tag))
{
SAMLSubjectParser subjectParser = new SAMLSubjectParser();
- assertion.setSubject( (SubjectType) subjectParser.parse(xmlEventReader));
+ assertion.setSubject((SubjectType) subjectParser.parse(xmlEventReader));
}
- else if( JBossSAMLConstants.CONDITIONS.get().equalsIgnoreCase( tag ) )
+ else if (JBossSAMLConstants.CONDITIONS.get().equalsIgnoreCase(tag))
{
SAMLConditionsParser conditionsParser = new SAMLConditionsParser();
- ConditionsType conditions = (ConditionsType)
conditionsParser.parse(xmlEventReader);
+ ConditionsType conditions = (ConditionsType)
conditionsParser.parse(xmlEventReader);
- assertion.setConditions( conditions );
- }
- else if( JBossSAMLConstants.AUTHN_STATEMENT.get().equalsIgnoreCase( tag ) )
+ assertion.setConditions(conditions);
+ }
+ else if (JBossSAMLConstants.AUTHN_STATEMENT.get().equalsIgnoreCase(tag))
{
- AuthnStatementType authnStatementType = SAMLParserUtil.parseAuthnStatement(
xmlEventReader );
- assertion.addStatement(authnStatementType);
+ AuthnStatementType authnStatementType =
SAMLParserUtil.parseAuthnStatement(xmlEventReader);
+ assertion.addStatement(authnStatementType);
}
- else if( JBossSAMLConstants.ATTRIBUTE_STATEMENT.get().equalsIgnoreCase( tag ) )
+ else if (JBossSAMLConstants.ATTRIBUTE_STATEMENT.get().equalsIgnoreCase(tag))
{
- AttributeStatementType attributeStatementType =
SAMLParserUtil.parseAttributeStatement( xmlEventReader );
- assertion.addStatement(attributeStatementType);
+ AttributeStatementType attributeStatementType =
SAMLParserUtil.parseAttributeStatement(xmlEventReader);
+ assertion.addStatement(attributeStatementType);
}
- else if( JBossSAMLConstants.STATEMENT.get().equalsIgnoreCase( tag ) )
- {
+ else if (JBossSAMLConstants.STATEMENT.get().equalsIgnoreCase(tag))
+ {
startElement = StaxParserUtil.getNextStartElement(xmlEventReader);
-
+
String xsiTypeValue = StaxParserUtil.getXSITypeValue(startElement);
- if(
xsiTypeValue.contains(JBossSAMLConstants.XACML_AUTHZ_DECISION_STATEMENT_TYPE.get() ))
+ if
(xsiTypeValue.contains(JBossSAMLConstants.XACML_AUTHZ_DECISION_STATEMENT_TYPE.get()))
{
XACMLAuthzDecisionStatementType authZStat = new
XACMLAuthzDecisionStatementType();
-
+
startElement = StaxParserUtil.peekNextStartElement(xmlEventReader);
tag = StaxParserUtil.getStartElementName(startElement);
-
- if( tag.contains( JBossSAMLConstants.RESPONSE.get() ) )
+
+ if (tag.contains(JBossSAMLConstants.RESPONSE.get()))
{
- authZStat.setResponse( getXACMLResponse( xmlEventReader ));
+ authZStat.setResponse(getXACMLResponse(xmlEventReader));
startElement = StaxParserUtil.peekNextStartElement(xmlEventReader);
//There may be request also
tag = StaxParserUtil.getStartElementName(startElement);
- if( tag.contains( JBossSAMLConstants.REQUEST.get() ) )
+ if (tag.contains(JBossSAMLConstants.REQUEST.get()))
{
- authZStat.setRequest( getXACMLRequest( xmlEventReader ));
+ authZStat.setRequest(getXACMLRequest(xmlEventReader));
}
- }
-
+ }
+
EndElement endElement = StaxParserUtil.getNextEndElement(xmlEventReader);
- StaxParserUtil.validate(endElement, JBossSAMLConstants.STATEMENT.get() );
+ StaxParserUtil.validate(endElement, JBossSAMLConstants.STATEMENT.get());
assertion.addStatement(authZStat);
- }
+ }
else
- throw new RuntimeException( "Unknown xsi:type=" + xsiTypeValue
);
+ throw new RuntimeException("Unknown xsi:type=" + xsiTypeValue);
}
- else throw new RuntimeException( "SAMLAssertionParser:: unknown: " +
tag + "::location=" + peekedElement.getLocation() );
+ else
+ throw new RuntimeException("SAMLAssertionParser:: unknown: " + tag
+ "::location="
+ + peekedElement.getLocation());
}
return assertion;
}
-
+
/**
* @see {@link ParserNamespaceSupport#supports(QName)}
*/
public boolean supports(QName qname)
- {
+ {
String nsURI = qname.getNamespaceURI();
String localPart = qname.getLocalPart();
-
- return nsURI.equals( JBossSAMLURIConstants.ASSERTION_NSURI.get() )
- && localPart.equals( JBossSAMLConstants.ASSERTION.get() );
- }
-
- private AssertionType parseBaseAttributes( StartElement nextElement ) throws
ParsingException
- {
- Attribute idAttribute = nextElement.getAttributeByName( new QName(
JBossSAMLConstants.ID.get() ) );
- String id = StaxParserUtil.getAttributeValue( idAttribute );
- Attribute versionAttribute = nextElement.getAttributeByName( new QName(
JBossSAMLConstants.VERSION.get() ));
- String version = StaxParserUtil.getAttributeValue(versionAttribute) ;
+ return nsURI.equals(JBossSAMLURIConstants.ASSERTION_NSURI.get())
+ && localPart.equals(JBossSAMLConstants.ASSERTION.get());
+ }
- Attribute issueInstantAttribute = nextElement.getAttributeByName( new QName(
JBossSAMLConstants.ISSUE_INSTANT.get() ));
- XMLGregorianCalendar issueInstant = XMLTimeUtil.parse(
StaxParserUtil.getAttributeValue(issueInstantAttribute ));
-
- return new AssertionType( id, issueInstant, version );
+ private AssertionType parseBaseAttributes(StartElement nextElement) throws
ParsingException
+ {
+ Attribute idAttribute = nextElement.getAttributeByName(new
QName(JBossSAMLConstants.ID.get()));
+ String id = StaxParserUtil.getAttributeValue(idAttribute);
+
+ Attribute versionAttribute = nextElement.getAttributeByName(new
QName(JBossSAMLConstants.VERSION.get()));
+ String version = StaxParserUtil.getAttributeValue(versionAttribute);
+ StringUtil.match(JBossSAMLConstants.VERSION_2_0.get(), version);
+
+ Attribute issueInstantAttribute = nextElement
+ .getAttributeByName(new QName(JBossSAMLConstants.ISSUE_INSTANT.get()));
+ XMLGregorianCalendar issueInstant =
XMLTimeUtil.parse(StaxParserUtil.getAttributeValue(issueInstantAttribute));
+
+ return new AssertionType(id, issueInstant);
}
-
+
@SuppressWarnings("unchecked")
- private ResponseType getXACMLResponse( XMLEventReader xmlEventReader ) throws
ParsingException
+ private ResponseType getXACMLResponse(XMLEventReader xmlEventReader) throws
ParsingException
{
Element xacmlResponse = StaxParserUtil.getDOMElement(xmlEventReader);
//xacml request
- String xacmlPath = "org.jboss.security.xacml.core.model.context";
+ String xacmlPath = "org.jboss.security.xacml.core.model.context";
try
{
- JAXBContext jaxb = JAXBContext.newInstance( xacmlPath );
+ JAXBContext jaxb = JAXBContext.newInstance(xacmlPath);
Unmarshaller un = jaxb.createUnmarshaller();
un.setEventHandler(new javax.xml.bind.helpers.DefaultValidationEventHandler());
- JAXBElement<ResponseType> jaxbResponseType =
(JAXBElement<ResponseType>) un.unmarshal(
DocumentUtil.getNodeAsStream(xacmlResponse));
- return jaxbResponseType.getValue();
+ JAXBElement<ResponseType> jaxbResponseType =
(JAXBElement<ResponseType>) un.unmarshal(DocumentUtil
+ .getNodeAsStream(xacmlResponse));
+ return jaxbResponseType.getValue();
}
- catch ( Exception e)
+ catch (Exception e)
{
- throw new ParsingException( e );
- }
+ throw new ParsingException(e);
+ }
}
-
+
@SuppressWarnings("unchecked")
- private RequestType getXACMLRequest( XMLEventReader xmlEventReader ) throws
ParsingException
+ private RequestType getXACMLRequest(XMLEventReader xmlEventReader) throws
ParsingException
{
Element xacmlRequest = StaxParserUtil.getDOMElement(xmlEventReader);
//xacml request
- String xacmlPath = "org.jboss.security.xacml.core.model.context";
+ String xacmlPath = "org.jboss.security.xacml.core.model.context";
try
{
- JAXBContext jaxb = JAXBContext.newInstance( xacmlPath );
+ JAXBContext jaxb = JAXBContext.newInstance(xacmlPath);
Unmarshaller un = jaxb.createUnmarshaller();
un.setEventHandler(new javax.xml.bind.helpers.DefaultValidationEventHandler());
- JAXBElement<RequestType> jaxbRequestType =
(JAXBElement<RequestType>) un.unmarshal(
DocumentUtil.getNodeAsStream(xacmlRequest));
- return jaxbRequestType.getValue();
+ JAXBElement<RequestType> jaxbRequestType =
(JAXBElement<RequestType>) un.unmarshal(DocumentUtil
+ .getNodeAsStream(xacmlRequest));
+ return jaxbRequestType.getValue();
}
- catch ( Exception e)
+ catch (Exception e)
{
- throw new ParsingException( e );
- }
- }
+ throw new ParsingException(e);
+ }
+ }
}
\ No newline at end of file
Modified:
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLAuthNRequestParser.java
===================================================================
---
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLAuthNRequestParser.java 2011-06-23
01:04:12 UTC (rev 1022)
+++
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLAuthNRequestParser.java 2011-06-23
01:05:52 UTC (rev 1023)
@@ -32,7 +32,7 @@
import org.picketlink.identity.federation.core.parsers.ParserNamespaceSupport;
import org.picketlink.identity.federation.core.parsers.util.StaxParserUtil;
import org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLConstants;
-import org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLURIConstants;
+import org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLURIConstants;
import org.picketlink.identity.federation.saml.v2.assertion.ConditionsType;
import org.picketlink.identity.federation.saml.v2.assertion.SubjectType;
import org.picketlink.identity.federation.saml.v2.protocol.AuthnRequestType;
@@ -50,49 +50,50 @@
* @see {@link ParserNamespaceSupport#parse(XMLEventReader)}
*/
public Object parse(XMLEventReader xmlEventReader) throws ParsingException
- {
+ {
//Get the startelement
StartElement startElement = StaxParserUtil.getNextStartElement(xmlEventReader);
- StaxParserUtil.validate(startElement, JBossSAMLConstants.AUTHN_REQUEST.get() );
-
- AuthnRequestType authnRequest = parseBaseAttributes( startElement );
-
- while( xmlEventReader.hasNext() )
+ StaxParserUtil.validate(startElement, JBossSAMLConstants.AUTHN_REQUEST.get());
+
+ AuthnRequestType authnRequest = parseBaseAttributes(startElement);
+
+ while (xmlEventReader.hasNext())
{
//Let us peek at the next start element
- startElement = StaxParserUtil.peekNextStartElement( xmlEventReader );
- if( startElement == null )
+ startElement = StaxParserUtil.peekNextStartElement(xmlEventReader);
+ if (startElement == null)
break;
super.parseCommonElements(startElement, xmlEventReader, authnRequest);
-
- String elementName = StaxParserUtil.getStartElementName( startElement );
-
- if( JBossSAMLConstants.NAMEID_POLICY.get().equals( elementName ))
+
+ String elementName = StaxParserUtil.getStartElementName(startElement);
+
+ if (JBossSAMLConstants.NAMEID_POLICY.get().equals(elementName))
{
- startElement = StaxParserUtil.getNextStartElement( xmlEventReader );
- authnRequest.setNameIDPolicy( getNameIDPolicy( startElement ));
+ startElement = StaxParserUtil.getNextStartElement(xmlEventReader);
+ authnRequest.setNameIDPolicy(getNameIDPolicy(startElement));
}
- else if( JBossSAMLConstants.SUBJECT.get().equals( elementName ))
- {
- authnRequest.setSubject( getSubject(xmlEventReader) );
+ else if (JBossSAMLConstants.SUBJECT.get().equals(elementName))
+ {
+ authnRequest.setSubject(getSubject(xmlEventReader));
}
- else if( JBossSAMLConstants.CONDITIONS.get().equals( elementName ))
- {
- authnRequest.setConditions( (ConditionsType) ( new
SAMLConditionsParser()).parse(xmlEventReader));
+ else if (JBossSAMLConstants.CONDITIONS.get().equals(elementName))
+ {
+ authnRequest.setConditions((ConditionsType) (new
SAMLConditionsParser()).parse(xmlEventReader));
}
- else if( JBossSAMLConstants.REQUESTED_AUTHN_CONTEXT.get().equals( elementName
))
- {
- authnRequest.setRequestedAuthnContext(
getRequestedAuthnContextType(xmlEventReader));
+ else if (JBossSAMLConstants.REQUESTED_AUTHN_CONTEXT.get().equals(elementName))
+ {
+
authnRequest.setRequestedAuthnContext(getRequestedAuthnContextType(xmlEventReader));
}
- else if( JBossSAMLConstants.ISSUER.get().equals( elementName ))
- {
+ else if (JBossSAMLConstants.ISSUER.get().equals(elementName))
+ {
continue;
}
- else if( JBossSAMLConstants.SIGNATURE.get().equals( elementName ))
- {
+ else if (JBossSAMLConstants.SIGNATURE.get().equals(elementName))
+ {
continue;
}
- else throw new RuntimeException( "Unknown Element:" + elementName +
"::location=" + startElement.getLocation() );
+ else
+ throw new RuntimeException("Unknown Element:" + elementName +
"::location=" + startElement.getLocation());
}
return authnRequest;
}
@@ -102,61 +103,64 @@
*/
public boolean supports(QName qname)
{
- return JBossSAMLURIConstants.PROTOCOL_NSURI.get().equals( qname.getNamespaceURI() )
;
+ return JBossSAMLURIConstants.PROTOCOL_NSURI.get().equals(qname.getNamespaceURI());
}
-
+
/**
* Parse the attributes at the authnrequesttype element
* @param startElement
* @return
* @throws ParsingException
*/
- private AuthnRequestType parseBaseAttributes( StartElement startElement ) throws
ParsingException
- {
+ private AuthnRequestType parseBaseAttributes(StartElement startElement) throws
ParsingException
+ {
super.parseRequiredAttributes(startElement);
- AuthnRequestType authnRequest = new AuthnRequestType( id, version, issueInstant );
+ AuthnRequestType authnRequest = new AuthnRequestType(id, issueInstant);
//Let us get the attributes
- super.parseBaseAttributes(startElement, authnRequest );
-
- Attribute assertionConsumerServiceURL = startElement.getAttributeByName( new QName(
"AssertionConsumerServiceURL" ));
- if( assertionConsumerServiceURL != null )
+ super.parseBaseAttributes(startElement, authnRequest);
+
+ Attribute assertionConsumerServiceURL = startElement.getAttributeByName(new
QName("AssertionConsumerServiceURL"));
+ if (assertionConsumerServiceURL != null)
{
- String uri = StaxParserUtil.getAttributeValue( assertionConsumerServiceURL );
- authnRequest.setAssertionConsumerServiceURL( URI.create(uri));
+ String uri = StaxParserUtil.getAttributeValue(assertionConsumerServiceURL);
+ authnRequest.setAssertionConsumerServiceURL(URI.create(uri));
}
-
- Attribute assertionConsumerServiceIndex = startElement.getAttributeByName( new
QName( "AssertionConsumerServiceIndex" ));
- if( assertionConsumerServiceIndex != null )
- authnRequest.setAssertionConsumerServiceIndex( Integer.parseInt(
StaxParserUtil.getAttributeValue( assertionConsumerServiceIndex )));
-
- Attribute protocolBinding = startElement.getAttributeByName( new QName(
"ProtocolBinding" ));
- if( protocolBinding != null )
- authnRequest.setProtocolBinding( URI.create( StaxParserUtil.getAttributeValue(
protocolBinding )));
-
- Attribute providerName = startElement.getAttributeByName( new QName(
"ProviderName" ));
- if( providerName != null )
- authnRequest.setProviderName( StaxParserUtil.getAttributeValue( providerName
));
-
- Attribute forceAuthn = startElement.getAttributeByName( new QName(
"ForceAuthn" ));
- if( forceAuthn != null )
+ Attribute assertionConsumerServiceIndex = startElement.getAttributeByName(new
QName(
+ "AssertionConsumerServiceIndex"));
+ if (assertionConsumerServiceIndex != null)
+ authnRequest.setAssertionConsumerServiceIndex(Integer.parseInt(StaxParserUtil
+ .getAttributeValue(assertionConsumerServiceIndex)));
+
+ Attribute protocolBinding = startElement.getAttributeByName(new
QName("ProtocolBinding"));
+ if (protocolBinding != null)
+
authnRequest.setProtocolBinding(URI.create(StaxParserUtil.getAttributeValue(protocolBinding)));
+
+ Attribute providerName = startElement.getAttributeByName(new
QName("ProviderName"));
+ if (providerName != null)
+ authnRequest.setProviderName(StaxParserUtil.getAttributeValue(providerName));
+
+ Attribute forceAuthn = startElement.getAttributeByName(new
QName("ForceAuthn"));
+ if (forceAuthn != null)
{
- authnRequest.setForceAuthn( Boolean.parseBoolean(
StaxParserUtil.getAttributeValue( forceAuthn ) ));
+
authnRequest.setForceAuthn(Boolean.parseBoolean(StaxParserUtil.getAttributeValue(forceAuthn)));
}
-
- Attribute isPassive = startElement.getAttributeByName( new QName(
"IsPassive" ));
- if( isPassive != null )
+
+ Attribute isPassive = startElement.getAttributeByName(new
QName("IsPassive"));
+ if (isPassive != null)
{
- authnRequest.setIsPassive( Boolean.parseBoolean(
StaxParserUtil.getAttributeValue( isPassive ) ));
+
authnRequest.setIsPassive(Boolean.parseBoolean(StaxParserUtil.getAttributeValue(isPassive)));
}
-
- Attribute attributeConsumingServiceIndex = startElement.getAttributeByName( new
QName( "AttributeConsumingServiceIndex" ));
- if( attributeConsumingServiceIndex != null )
- authnRequest.setAttributeConsumingServiceIndex( Integer.parseInt(
StaxParserUtil.getAttributeValue( attributeConsumingServiceIndex )));
-
- return authnRequest;
- }
-
+
+ Attribute attributeConsumingServiceIndex = startElement.getAttributeByName(new
QName(
+ "AttributeConsumingServiceIndex"));
+ if (attributeConsumingServiceIndex != null)
+ authnRequest.setAttributeConsumingServiceIndex(Integer.parseInt(StaxParserUtil
+ .getAttributeValue(attributeConsumingServiceIndex)));
+
+ return authnRequest;
+ }
+
/**
* Get the NameIDPolicy
* @param startElement
@@ -165,39 +169,41 @@
private NameIDPolicyType getNameIDPolicy(StartElement startElement)
{
NameIDPolicyType nameIDPolicy = new NameIDPolicyType();
- Attribute format = startElement.getAttributeByName( new QName( "Format"
));
- if( format != null )
- nameIDPolicy.setFormat( URI.create( StaxParserUtil.getAttributeValue( format
)));
-
- Attribute allowCreate = startElement.getAttributeByName( new QName(
"AllowCreate" ));
- if( allowCreate != null )
- nameIDPolicy.setAllowCreate( Boolean.parseBoolean(
StaxParserUtil.getAttributeValue( allowCreate )));
-
+ Attribute format = startElement.getAttributeByName(new QName("Format"));
+ if (format != null)
+ nameIDPolicy.setFormat(URI.create(StaxParserUtil.getAttributeValue(format)));
+
+ Attribute allowCreate = startElement.getAttributeByName(new
QName("AllowCreate"));
+ if (allowCreate != null)
+
nameIDPolicy.setAllowCreate(Boolean.parseBoolean(StaxParserUtil.getAttributeValue(allowCreate)));
+
return nameIDPolicy;
- }
-
- private SubjectType getSubject( XMLEventReader xmlEventReader ) throws
ParsingException
+ }
+
+ private SubjectType getSubject(XMLEventReader xmlEventReader) throws ParsingException
{
SAMLSubjectParser subjectParser = new SAMLSubjectParser();
return (SubjectType) subjectParser.parse(xmlEventReader);
}
-
- private RequestedAuthnContextType getRequestedAuthnContextType( XMLEventReader
xmlEventReader ) throws ParsingException
+
+ private RequestedAuthnContextType getRequestedAuthnContextType(XMLEventReader
xmlEventReader)
+ throws ParsingException
{
RequestedAuthnContextType ract = new RequestedAuthnContextType();
StartElement startElement = StaxParserUtil.getNextStartElement(xmlEventReader);
- StaxParserUtil.validate(startElement,
JBossSAMLConstants.REQUESTED_AUTHN_CONTEXT.get() );
-
+ StaxParserUtil.validate(startElement,
JBossSAMLConstants.REQUESTED_AUTHN_CONTEXT.get());
+
startElement = StaxParserUtil.getNextStartElement(xmlEventReader);
String elName = StaxParserUtil.getStartElementName(startElement);
-
- if( elName.equals( JBossSAMLConstants.AUTHN_CONTEXT_CLASS_REF.get() ))
+
+ if (elName.equals(JBossSAMLConstants.AUTHN_CONTEXT_CLASS_REF.get()))
{
String value = StaxParserUtil.getElementText(xmlEventReader);
ract.addAuthnContextClassRef(value);
}
- else throw new RuntimeException( "unknown :" + elName );
-
+ else
+ throw new RuntimeException("unknown :" + elName);
+
return ract;
}
}
\ No newline at end of file
Modified:
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLParser.java
===================================================================
---
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLParser.java 2011-06-23
01:04:12 UTC (rev 1022)
+++
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLParser.java 2011-06-23
01:05:52 UTC (rev 1023)
@@ -33,6 +33,7 @@
import
org.picketlink.identity.federation.core.parsers.saml.metadata.SAMLEntityDescriptorParser;
import
org.picketlink.identity.federation.core.parsers.saml.xacml.SAMLXACMLRequestParser;
import org.picketlink.identity.federation.core.parsers.util.StaxParserUtil;
+import org.picketlink.identity.federation.core.saml.v1.SAML11Constants;
import org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLConstants;
import org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLURIConstants;
@@ -42,94 +43,101 @@
* @since Oct 12, 2010
*/
public class SAMLParser extends AbstractParser
-{
+{
/**
* @see {@link ParserNamespaceSupport#parse(XMLEventReader)}
*/
public Object parse(XMLEventReader xmlEventReader) throws ParsingException
{
- while( xmlEventReader.hasNext() )
+ while (xmlEventReader.hasNext())
{
XMLEvent xmlEvent = StaxParserUtil.peek(xmlEventReader);
- if( xmlEvent instanceof StartElement )
+ if (xmlEvent instanceof StartElement)
{
StartElement startElement = (StartElement) xmlEvent;
QName startElementName = startElement.getName();
String nsURI = startElementName.getNamespaceURI();
-
+
String localPart = startElementName.getLocalPart();
- String elementName = StaxParserUtil.getStartElementName( startElement );
- if( elementName.equalsIgnoreCase( JBossSAMLConstants.ASSERTION.get() ))
+ String elementName = StaxParserUtil.getStartElementName(startElement);
+
+ if (elementName.equalsIgnoreCase(JBossSAMLConstants.ASSERTION.get()))
{
+ if (nsURI.equals(SAML11Constants.ASSERTION_11_NSURI))
+ {
+ SAML11AssertionParser saml11AssertionParser = new
SAML11AssertionParser();
+ return saml11AssertionParser.parse(xmlEventReader);
+ }
SAMLAssertionParser assertionParser = new SAMLAssertionParser();
- return assertionParser.parse( xmlEventReader );
+ return assertionParser.parse(xmlEventReader);
}
- else if( JBossSAMLURIConstants.PROTOCOL_NSURI.get().equals( nsURI )
&&
- JBossSAMLConstants.AUTHN_REQUEST.get().equals(
startElementName.getLocalPart() ))
+ else if (JBossSAMLURIConstants.PROTOCOL_NSURI.get().equals(nsURI)
+ &&
JBossSAMLConstants.AUTHN_REQUEST.get().equals(startElementName.getLocalPart()))
{
SAMLAuthNRequestParser authNRequestParser = new SAMLAuthNRequestParser();
- return authNRequestParser.parse( xmlEventReader );
+ return authNRequestParser.parse(xmlEventReader);
}
- else if( JBossSAMLURIConstants.PROTOCOL_NSURI.get().equals( nsURI )
&&
- JBossSAMLConstants.LOGOUT_REQUEST.get().equals(
startElementName.getLocalPart() ))
+ else if (JBossSAMLURIConstants.PROTOCOL_NSURI.get().equals(nsURI)
+ &&
JBossSAMLConstants.LOGOUT_REQUEST.get().equals(startElementName.getLocalPart()))
{
SAMLSloRequestParser sloParser = new SAMLSloRequestParser();
- return sloParser.parse( xmlEventReader );
+ return sloParser.parse(xmlEventReader);
}
- else if( JBossSAMLURIConstants.PROTOCOL_NSURI.get().equals( nsURI )
&&
- JBossSAMLConstants.LOGOUT_RESPONSE.get().equals(
startElementName.getLocalPart() ))
+ else if (JBossSAMLURIConstants.PROTOCOL_NSURI.get().equals(nsURI)
+ &&
JBossSAMLConstants.LOGOUT_RESPONSE.get().equals(startElementName.getLocalPart()))
{
SAMLSloResponseParser sloParser = new SAMLSloResponseParser();
- return sloParser.parse( xmlEventReader );
+ return sloParser.parse(xmlEventReader);
}
- else if( JBossSAMLURIConstants.PROTOCOL_NSURI.get().equals( nsURI )
&&
- JBossSAMLConstants.RESPONSE.get().equals(
startElementName.getLocalPart() ))
+ else if (JBossSAMLURIConstants.PROTOCOL_NSURI.get().equals(nsURI)
+ &&
JBossSAMLConstants.RESPONSE.get().equals(startElementName.getLocalPart()))
{
SAMLResponseParser responseParser = new SAMLResponseParser();
- return responseParser.parse( xmlEventReader );
+ return responseParser.parse(xmlEventReader);
}
- else if( JBossSAMLURIConstants.PROTOCOL_NSURI.get().equals( nsURI )
&&
- JBossSAMLConstants.REQUEST_ABSTRACT.get().equals(
startElementName.getLocalPart() ))
- {
- String xsiTypeValue = StaxParserUtil.getXSITypeValue(startElement);
- if( xsiTypeValue.contains(
JBossSAMLConstants.XACML_AUTHZ_DECISION_QUERY_TYPE.get() ))
+ else if (JBossSAMLURIConstants.PROTOCOL_NSURI.get().equals(nsURI)
+ &&
JBossSAMLConstants.REQUEST_ABSTRACT.get().equals(startElementName.getLocalPart()))
+ {
+ String xsiTypeValue = StaxParserUtil.getXSITypeValue(startElement);
+ if
(xsiTypeValue.contains(JBossSAMLConstants.XACML_AUTHZ_DECISION_QUERY_TYPE.get()))
{
SAMLXACMLRequestParser samlXacmlParser = new SAMLXACMLRequestParser();
- return samlXacmlParser.parse(xmlEventReader);
+ return samlXacmlParser.parse(xmlEventReader);
}
- throw new RuntimeException( "Unknown xsi:type=" + xsiTypeValue
);
+ throw new RuntimeException("Unknown xsi:type=" + xsiTypeValue);
}
- else if( JBossSAMLConstants.XACML_AUTHZ_DECISION_QUERY.get().equals(
localPart ) )
+ else if
(JBossSAMLConstants.XACML_AUTHZ_DECISION_QUERY.get().equals(localPart))
{
SAMLXACMLRequestParser samlXacmlParser = new SAMLXACMLRequestParser();
return samlXacmlParser.parse(xmlEventReader);
}
- else if( JBossSAMLConstants.ENTITY_DESCRIPTOR.get().equals( localPart ))
+ else if (JBossSAMLConstants.ENTITY_DESCRIPTOR.get().equals(localPart))
{
SAMLEntityDescriptorParser entityDescriptorParser = new
SAMLEntityDescriptorParser();
- return entityDescriptorParser.parse( xmlEventReader );
+ return entityDescriptorParser.parse(xmlEventReader);
}
- else if( JBossSAMLConstants.ENTITIES_DESCRIPTOR.get().equals( localPart ))
+ else if (JBossSAMLConstants.ENTITIES_DESCRIPTOR.get().equals(localPart))
{
SAMLEntitiesDescriptorParser entityDescriptorParser = new
SAMLEntitiesDescriptorParser();
- return entityDescriptorParser.parse( xmlEventReader );
+ return entityDescriptorParser.parse(xmlEventReader);
}
- else if( JBossSAMLURIConstants.ASSERTION_NSURI.get().equals(nsURI) )
+ else if (JBossSAMLURIConstants.ASSERTION_NSURI.get().equals(nsURI))
{
- SAMLAssertionParser assertionParser = new SAMLAssertionParser();
- return assertionParser.parse( xmlEventReader );
- }
- else throw new RuntimeException( "Unknown Tag:" + elementName +
"::location=" + startElement.getLocation() );
+ SAMLAssertionParser assertionParser = new SAMLAssertionParser();
+ return assertionParser.parse(xmlEventReader);
+ }
+ else
+ throw new RuntimeException("Unknown Tag:" + elementName +
"::location=" + startElement.getLocation());
}
else
{
- StaxParserUtil.getNextEvent(xmlEventReader);
+ StaxParserUtil.getNextEvent(xmlEventReader);
}
}
- throw new RuntimeException( "SAML Parsing has failed" );
+ throw new RuntimeException("SAML Parsing has failed");
}
/**
@@ -137,6 +145,6 @@
*/
public boolean supports(QName qname)
{
- return JBossSAMLURIConstants.ASSERTION_NSURI.get().equals( qname.getNamespaceURI()
);
+ return
JBossSAMLURIConstants.ASSERTION_NSURI.get().equals(qname.getNamespaceURI());
}
}
\ No newline at end of file
Modified:
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLResponseParser.java
===================================================================
---
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLResponseParser.java 2011-06-23
01:04:12 UTC (rev 1022)
+++
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLResponseParser.java 2011-06-23
01:05:52 UTC (rev 1023)
@@ -36,6 +36,7 @@
import org.picketlink.identity.federation.saml.v2.assertion.NameIDType;
import org.picketlink.identity.federation.saml.v2.protocol.ResponseType;
import org.picketlink.identity.federation.saml.v2.protocol.ResponseType.RTChoiceType;
+import org.picketlink.identity.federation.saml.v2.protocol.StatusResponseType;
import org.w3c.dom.Element;
/**
@@ -44,80 +45,79 @@
* @since Nov 2, 2010
*/
public class SAMLResponseParser extends SAMLStatusResponseTypeParser implements
ParserNamespaceSupport
-{
- private String RESPONSE = JBossSAMLConstants.RESPONSE.get();
+{
+ private final String RESPONSE = JBossSAMLConstants.RESPONSE.get();
+
/**
* @see {@link ParserNamespaceSupport#parse(XMLEventReader)}
*/
public Object parse(XMLEventReader xmlEventReader) throws ParsingException
- {
+ {
//Get the startelement
StartElement startElement = StaxParserUtil.getNextStartElement(xmlEventReader);
- StaxParserUtil.validate(startElement, RESPONSE );
-
- ResponseType response = parseBaseAttributes(startElement);
-
- while( xmlEventReader.hasNext() )
+ StaxParserUtil.validate(startElement, RESPONSE);
+
+ ResponseType response = (ResponseType) parseBaseAttributes(startElement);
+
+ while (xmlEventReader.hasNext())
{
//Let us peek at the next start element
- startElement = StaxParserUtil.peekNextStartElement( xmlEventReader );
- if( startElement == null )
+ startElement = StaxParserUtil.peekNextStartElement(xmlEventReader);
+ if (startElement == null)
break;
- String elementName = StaxParserUtil.getStartElementName( startElement );
-
- if( JBossSAMLConstants.ISSUER.get().equals( elementName ))
+ String elementName = StaxParserUtil.getStartElementName(startElement);
+
+ if (JBossSAMLConstants.ISSUER.get().equals(elementName))
{
- startElement = StaxParserUtil.getNextStartElement( xmlEventReader );
+ startElement = StaxParserUtil.getNextStartElement(xmlEventReader);
NameIDType issuer = new NameIDType();
- issuer.setValue( StaxParserUtil.getElementText( xmlEventReader ));
- response.setIssuer( issuer );
+ issuer.setValue(StaxParserUtil.getElementText(xmlEventReader));
+ response.setIssuer(issuer);
}
- else if( JBossSAMLConstants.SIGNATURE.get().equals( elementName ))
+ else if (JBossSAMLConstants.SIGNATURE.get().equals(elementName))
{
- startElement = StaxParserUtil.getNextStartElement( xmlEventReader );
- StaxParserUtil.bypassElementBlock(xmlEventReader,
JBossSAMLConstants.SIGNATURE.get() );
+ startElement = StaxParserUtil.getNextStartElement(xmlEventReader);
+ StaxParserUtil.bypassElementBlock(xmlEventReader,
JBossSAMLConstants.SIGNATURE.get());
}
- else if( JBossSAMLConstants.ASSERTION.get().equals( elementName ))
+ else if (JBossSAMLConstants.ASSERTION.get().equals(elementName))
{
- SAMLAssertionParser assertionParser = new SAMLAssertionParser();
- response.addAssertion( new RTChoiceType( (AssertionType)
assertionParser.parse(xmlEventReader ) ));
+ SAMLAssertionParser assertionParser = new SAMLAssertionParser();
+ response.addAssertion(new RTChoiceType((AssertionType)
assertionParser.parse(xmlEventReader)));
}
- else if( JBossSAMLConstants.STATUS.get().equals( elementName ))
+ else if (JBossSAMLConstants.STATUS.get().equals(elementName))
{
- response.setStatus( parseStatus(xmlEventReader) );
+ response.setStatus(parseStatus(xmlEventReader));
}
- else if( JBossSAMLConstants.ENCRYPTED_ASSERTION.get().equals( elementName ))
+ else if (JBossSAMLConstants.ENCRYPTED_ASSERTION.get().equals(elementName))
{
Element encryptedAssertion = StaxParserUtil.getDOMElement(xmlEventReader);
- response.addAssertion( new RTChoiceType( new
EncryptedAssertionType(encryptedAssertion ) ));
+ response.addAssertion(new RTChoiceType(new
EncryptedAssertionType(encryptedAssertion)));
}
else
- throw new RuntimeException( "Unknown tag=" + elementName +
"::location=" + startElement.getLocation() );
+ throw new RuntimeException("Unknown tag=" + elementName +
"::location=" + startElement.getLocation());
}
-
+
return response;
}
/**
* @see {@link ParserNamespaceSupport#supports(QName)}
- */
+ */
public boolean supports(QName qname)
{
- return JBossSAMLURIConstants.PROTOCOL_NSURI.get().equals( qname.getNamespaceURI()
)
- && RESPONSE.equals( qname.getLocalPart() );
+ return JBossSAMLURIConstants.PROTOCOL_NSURI.get().equals(qname.getNamespaceURI())
+ && RESPONSE.equals(qname.getLocalPart());
}
-
+
/**
* Parse the attributes at the response element
* @param startElement
* @return
* @throws ConfigurationException
*/
- private ResponseType parseBaseAttributes( StartElement startElement ) throws
ParsingException
- {
- ResponseType response = new ResponseType();
- super.parseBaseAttributes( startElement, response );
-
- return response;
- }
+ protected StatusResponseType parseBaseAttributes(StartElement startElement) throws
ParsingException
+ {
+ ResponseType response = new ResponseType(super.parseBaseAttributes(startElement));
+ return response;
+ }
}
\ No newline at end of file
Modified:
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLSloRequestParser.java
===================================================================
---
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLSloRequestParser.java 2011-06-23
01:04:12 UTC (rev 1022)
+++
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLSloRequestParser.java 2011-06-23
01:05:52 UTC (rev 1023)
@@ -33,7 +33,7 @@
import org.picketlink.identity.federation.core.parsers.ParserNamespaceSupport;
import org.picketlink.identity.federation.core.parsers.util.StaxParserUtil;
import org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLConstants;
-import org.picketlink.identity.federation.core.saml.v2.util.XMLTimeUtil;
+import org.picketlink.identity.federation.core.saml.v2.util.XMLTimeUtil;
import org.picketlink.identity.federation.saml.v2.protocol.LogoutRequestType;
/**
@@ -47,27 +47,27 @@
* @see {@link ParserNamespaceSupport#parse(XMLEventReader)}
*/
public Object parse(XMLEventReader xmlEventReader) throws ParsingException
- {
+ {
//Get the startelement
StartElement startElement = StaxParserUtil.getNextStartElement(xmlEventReader);
- StaxParserUtil.validate(startElement, LOGOUT_REQUEST.get() );
-
- LogoutRequestType logoutRequest = parseBaseAttributes( startElement );
-
- while( xmlEventReader.hasNext() )
+ StaxParserUtil.validate(startElement, LOGOUT_REQUEST.get());
+
+ LogoutRequestType logoutRequest = parseBaseAttributes(startElement);
+
+ while (xmlEventReader.hasNext())
{
//Let us peek at the next start element
- startElement = StaxParserUtil.peekNextStartElement( xmlEventReader );
- if( startElement == null )
+ startElement = StaxParserUtil.peekNextStartElement(xmlEventReader);
+ if (startElement == null)
break;
- String elementName = StaxParserUtil.getStartElementName( startElement );
-
- parseCommonElements(startElement, xmlEventReader, logoutRequest );
-
- if( JBossSAMLConstants.SESSION_INDEX.get().equals( elementName ))
+ String elementName = StaxParserUtil.getStartElementName(startElement);
+
+ parseCommonElements(startElement, xmlEventReader, logoutRequest);
+
+ if (JBossSAMLConstants.SESSION_INDEX.get().equals(elementName))
{
- startElement = StaxParserUtil.getNextStartElement( xmlEventReader );
- logoutRequest.getSessionIndex().add( StaxParserUtil.getElementText(
xmlEventReader ) );
+ startElement = StaxParserUtil.getNextStartElement(xmlEventReader);
+
logoutRequest.getSessionIndex().add(StaxParserUtil.getElementText(xmlEventReader));
}
}
return logoutRequest;
@@ -75,33 +75,32 @@
/**
* @see {@link ParserNamespaceSupport#supports(QName)}
- */
+ */
public boolean supports(QName qname)
{
- return PROTOCOL_NSURI.get().equals( qname.getNamespaceURI() )
- && LOGOUT_REQUEST.equals( qname.getLocalPart() );
+ return PROTOCOL_NSURI.get().equals(qname.getNamespaceURI()) &&
LOGOUT_REQUEST.equals(qname.getLocalPart());
}
-
+
/**
* Parse the attributes at the log out request element
* @param startElement
* @return
* @throws ParsingException
*/
- private LogoutRequestType parseBaseAttributes( StartElement startElement ) throws
ParsingException
- {
+ private LogoutRequestType parseBaseAttributes(StartElement startElement) throws
ParsingException
+ {
super.parseRequiredAttributes(startElement);
- LogoutRequestType logoutRequest = new LogoutRequestType( id, version, issueInstant
);
+ LogoutRequestType logoutRequest = new LogoutRequestType(id, issueInstant);
//Let us get the attributes
- super.parseBaseAttributes(startElement, logoutRequest );
-
- Attribute reason = startElement.getAttributeByName( new QName( "Reason"
));
- if( reason != null )
- logoutRequest.setReason( StaxParserUtil.getAttributeValue( reason ));
-
- Attribute notOnOrAfter = startElement.getAttributeByName( new QName(
"NotOnOrAfter" ));
- if( notOnOrAfter != null )
- logoutRequest.setNotOnOrAfter( XMLTimeUtil.parse(
StaxParserUtil.getAttributeValue( notOnOrAfter )));
- return logoutRequest;
+ super.parseBaseAttributes(startElement, logoutRequest);
+
+ Attribute reason = startElement.getAttributeByName(new QName("Reason"));
+ if (reason != null)
+ logoutRequest.setReason(StaxParserUtil.getAttributeValue(reason));
+
+ Attribute notOnOrAfter = startElement.getAttributeByName(new
QName("NotOnOrAfter"));
+ if (notOnOrAfter != null)
+
logoutRequest.setNotOnOrAfter(XMLTimeUtil.parse(StaxParserUtil.getAttributeValue(notOnOrAfter)));
+ return logoutRequest;
}
}
\ No newline at end of file
Modified:
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLSloResponseParser.java
===================================================================
---
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLSloResponseParser.java 2011-06-23
01:04:12 UTC (rev 1022)
+++
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLSloResponseParser.java 2011-06-23
01:05:52 UTC (rev 1023)
@@ -21,14 +21,12 @@
*/
package org.picketlink.identity.federation.core.parsers.saml;
-
import static
org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLConstants.LOGOUT_RESPONSE;
import javax.xml.namespace.QName;
import javax.xml.stream.XMLEventReader;
import javax.xml.stream.events.StartElement;
-import org.picketlink.identity.federation.core.exceptions.ConfigurationException;
import org.picketlink.identity.federation.core.exceptions.ParsingException;
import org.picketlink.identity.federation.core.parsers.ParserNamespaceSupport;
import org.picketlink.identity.federation.core.parsers.util.StaxParserUtil;
@@ -46,61 +44,47 @@
{
public Object parse(XMLEventReader xmlEventReader) throws ParsingException
- {
+ {
//Get the startelement
StartElement startElement = StaxParserUtil.getNextStartElement(xmlEventReader);
- StaxParserUtil.validate(startElement, LOGOUT_RESPONSE.get() );
+ StaxParserUtil.validate(startElement, LOGOUT_RESPONSE.get());
- StatusResponseType response = parseBaseAttributes(startElement);
+ StatusResponseType response = parseBaseAttributes(startElement);
- while( xmlEventReader.hasNext() )
+ while (xmlEventReader.hasNext())
{
//Let us peek at the next start element
- startElement = StaxParserUtil.peekNextStartElement( xmlEventReader );
- if( startElement == null )
+ startElement = StaxParserUtil.peekNextStartElement(xmlEventReader);
+ if (startElement == null)
break;
- String elementName = StaxParserUtil.getStartElementName( startElement );
+ String elementName = StaxParserUtil.getStartElementName(startElement);
- if( JBossSAMLConstants.ISSUER.get().equals( elementName ))
+ if (JBossSAMLConstants.ISSUER.get().equals(elementName))
{
- startElement = StaxParserUtil.getNextStartElement( xmlEventReader );
+ startElement = StaxParserUtil.getNextStartElement(xmlEventReader);
NameIDType issuer = new NameIDType();
- issuer.setValue( StaxParserUtil.getElementText( xmlEventReader ));
- response.setIssuer( issuer );
+ issuer.setValue(StaxParserUtil.getElementText(xmlEventReader));
+ response.setIssuer(issuer);
}
- else if( JBossSAMLConstants.SIGNATURE.get().equals( elementName ))
+ else if (JBossSAMLConstants.SIGNATURE.get().equals(elementName))
{
- startElement = StaxParserUtil.getNextStartElement( xmlEventReader );
- StaxParserUtil.bypassElementBlock(xmlEventReader,
JBossSAMLConstants.SIGNATURE.get() );
- }
- else if( JBossSAMLConstants.STATUS.get().equals( elementName ))
+ startElement = StaxParserUtil.getNextStartElement(xmlEventReader);
+ StaxParserUtil.bypassElementBlock(xmlEventReader,
JBossSAMLConstants.SIGNATURE.get());
+ }
+ else if (JBossSAMLConstants.STATUS.get().equals(elementName))
{
- response.setStatus( parseStatus(xmlEventReader) );
+ response.setStatus(parseStatus(xmlEventReader));
}
}
return response;
}
/**
- * Parse the attributes at the response element
- * @param startElement
- * @return
- * @throws ConfigurationException
- */
- private StatusResponseType parseBaseAttributes( StartElement startElement ) throws
ParsingException
- {
- StatusResponseType response = new StatusResponseType();
- super.parseBaseAttributes( startElement, response );
-
- return response;
- }
-
- /**
* @see {@link ParserNamespaceSupport#supports(QName)}
- */
+ */
public boolean supports(QName qname)
{
- return JBossSAMLURIConstants.PROTOCOL_NSURI.get().equals( qname.getNamespaceURI()
)
- && LOGOUT_RESPONSE.equals( qname.getLocalPart() );
+ return JBossSAMLURIConstants.PROTOCOL_NSURI.get().equals(qname.getNamespaceURI())
+ && LOGOUT_RESPONSE.equals(qname.getLocalPart());
}
}
\ No newline at end of file
Modified:
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLStatusResponseTypeParser.java
===================================================================
---
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLStatusResponseTypeParser.java 2011-06-23
01:04:12 UTC (rev 1022)
+++
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLStatusResponseTypeParser.java 2011-06-23
01:05:52 UTC (rev 1023)
@@ -23,6 +23,7 @@
import java.net.URI;
+import javax.xml.datatype.XMLGregorianCalendar;
import javax.xml.namespace.QName;
import javax.xml.stream.XMLEventReader;
import javax.xml.stream.events.Attribute;
@@ -34,6 +35,7 @@
import org.picketlink.identity.federation.core.parsers.util.StaxParserUtil;
import org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLConstants;
import org.picketlink.identity.federation.core.saml.v2.util.XMLTimeUtil;
+import org.picketlink.identity.federation.core.util.StringUtil;
import org.picketlink.identity.federation.saml.v2.protocol.StatusCodeType;
import org.picketlink.identity.federation.saml.v2.protocol.StatusResponseType;
import org.picketlink.identity.federation.saml.v2.protocol.StatusType;
@@ -51,23 +53,26 @@
* @param response
* @throws ParsingException
*/
- protected void parseBaseAttributes(StartElement startElement, StatusResponseType
response) throws ParsingException
+ protected StatusResponseType parseBaseAttributes(StartElement startElement) throws
ParsingException
{
Attribute idAttr = startElement.getAttributeByName(new QName("ID"));
if (idAttr == null)
throw new RuntimeException("ID attribute is missing");
- response.setID(StaxParserUtil.getAttributeValue(idAttr));
+ String id = StaxParserUtil.getAttributeValue(idAttr);
Attribute version = startElement.getAttributeByName(new
QName("Version"));
if (version == null)
throw new RuntimeException("Version attribute required in Response");
- response.setVersion(StaxParserUtil.getAttributeValue(version));
+ StringUtil.match(JBossSAMLConstants.VERSION_2_0.get(),
StaxParserUtil.getAttributeValue(version));
+
Attribute issueInstant = startElement.getAttributeByName(new
QName("IssueInstant"));
if (issueInstant == null)
throw new RuntimeException("IssueInstant attribute required in
Response");
-
response.setIssueInstant(XMLTimeUtil.parse(StaxParserUtil.getAttributeValue(issueInstant)));
+ XMLGregorianCalendar issueInstantVal =
XMLTimeUtil.parse(StaxParserUtil.getAttributeValue(issueInstant));
+ StatusResponseType response = new StatusResponseType(id, issueInstantVal);
+
Attribute destination = startElement.getAttributeByName(new
QName("Destination"));
if (destination != null)
response.setDestination(StaxParserUtil.getAttributeValue(destination));
@@ -79,6 +84,7 @@
Attribute inResponseTo = startElement.getAttributeByName(new
QName("InResponseTo"));
if (inResponseTo != null)
response.setInResponseTo(StaxParserUtil.getAttributeValue(inResponseTo));
+ return response;
}
/**
Modified:
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/xacml/SAMLXACMLRequestParser.java
===================================================================
---
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/xacml/SAMLXACMLRequestParser.java 2011-06-23
01:04:12 UTC (rev 1022)
+++
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/xacml/SAMLXACMLRequestParser.java 2011-06-23
01:05:52 UTC (rev 1023)
@@ -46,91 +46,94 @@
* @since Dec 16, 2010
*/
public class SAMLXACMLRequestParser extends SAMLRequestAbstractParser implements
ParserNamespaceSupport
-{
- public Object parse( XMLEventReader xmlEventReader ) throws ParsingException
+{
+ public Object parse(XMLEventReader xmlEventReader) throws ParsingException
{
StartElement startElement = StaxParserUtil.getNextStartElement(xmlEventReader);
String tag = StaxParserUtil.getStartElementName(startElement);
- if( tag.equals( JBossSAMLConstants.REQUEST_ABSTRACT.get() ))
+ if (tag.equals(JBossSAMLConstants.REQUEST_ABSTRACT.get()))
{
String xsiTypeValue = StaxParserUtil.getXSITypeValue(startElement);
- if( xsiTypeValue.contains(
JBossSAMLConstants.XACML_AUTHZ_DECISION_QUERY_TYPE.get() ))
+ if
(xsiTypeValue.contains(JBossSAMLConstants.XACML_AUTHZ_DECISION_QUERY_TYPE.get()))
{
- return parseXACMLAuthzDecisionQuery( startElement, xmlEventReader );
+ return parseXACMLAuthzDecisionQuery(startElement, xmlEventReader);
}
- else throw new RuntimeException( "Unknown xsi:type=" + xsiTypeValue );
+ else
+ throw new RuntimeException("Unknown xsi:type=" + xsiTypeValue);
}
- else if( tag.equals( JBossSAMLConstants.XACML_AUTHZ_DECISION_QUERY.get() ))
+ else if (tag.equals(JBossSAMLConstants.XACML_AUTHZ_DECISION_QUERY.get()))
{
return parseXACMLAuthzDecisionQuery(startElement, xmlEventReader);
}
-
- throw new RuntimeException( "Parsing Failed: Unknown Tag=" + tag +
"::location=" + startElement.getLocation() );
+
+ throw new RuntimeException("Parsing Failed: Unknown Tag=" + tag +
"::location=" + startElement.getLocation());
}
public boolean supports(QName qname)
{
return false;
}
-
+
@SuppressWarnings("unchecked")
- private XACMLAuthzDecisionQueryType parseXACMLAuthzDecisionQuery( StartElement
startElement,
- XMLEventReader xmlEventReader ) throws ParsingException
+ private XACMLAuthzDecisionQueryType parseXACMLAuthzDecisionQuery(StartElement
startElement,
+ XMLEventReader xmlEventReader) throws ParsingException
{
- super.parseRequiredAttributes( startElement );
-
- XACMLAuthzDecisionQueryType xacmlQuery = new XACMLAuthzDecisionQueryType(id,
version, issueInstant );
- super.parseBaseAttributes( startElement, xacmlQuery );
-
- String inputContextOnly = StaxParserUtil.getAttributeValue(startElement,
JBossSAMLConstants.INPUT_CONTEXT_ONLY.get() );
- if( inputContextOnly != null )
+ super.parseRequiredAttributes(startElement);
+
+ XACMLAuthzDecisionQueryType xacmlQuery = new XACMLAuthzDecisionQueryType(id,
issueInstant);
+ super.parseBaseAttributes(startElement, xacmlQuery);
+
+ String inputContextOnly = StaxParserUtil.getAttributeValue(startElement,
+ JBossSAMLConstants.INPUT_CONTEXT_ONLY.get());
+ if (inputContextOnly != null)
{
- xacmlQuery.setInputContextOnly( Boolean.parseBoolean( inputContextOnly ));
+ xacmlQuery.setInputContextOnly(Boolean.parseBoolean(inputContextOnly));
}
- String returnContext = StaxParserUtil.getAttributeValue(startElement,
JBossSAMLConstants.RETURN_CONTEXT.get() );
- if( returnContext != null )
+ String returnContext = StaxParserUtil.getAttributeValue(startElement,
JBossSAMLConstants.RETURN_CONTEXT.get());
+ if (returnContext != null)
{
- xacmlQuery.setReturnContext( Boolean.parseBoolean( returnContext ));
+ xacmlQuery.setReturnContext(Boolean.parseBoolean(returnContext));
}
-
+
//Go thru the children
- while( xmlEventReader.hasNext() )
+ while (xmlEventReader.hasNext())
{
XMLEvent xmlEvent = StaxParserUtil.peek(xmlEventReader);
- if( xmlEvent instanceof EndElement )
+ if (xmlEvent instanceof EndElement)
{
EndElement endElement = (EndElement) xmlEvent;
- if( ! (StaxParserUtil.matches(endElement,
JBossSAMLConstants.REQUEST_ABSTRACT.get() )
- || StaxParserUtil.matches(endElement,
JBossSAMLConstants.XACML_AUTHZ_DECISION_QUERY.get() ) ))
- throw new ParsingException( "Expected endelement RequestAbstract or
XACMLAuthzDecisionQuery" );
+ if (!(StaxParserUtil.matches(endElement,
JBossSAMLConstants.REQUEST_ABSTRACT.get()) || StaxParserUtil
+ .matches(endElement,
JBossSAMLConstants.XACML_AUTHZ_DECISION_QUERY.get())))
+ throw new ParsingException("Expected endelement RequestAbstract or
XACMLAuthzDecisionQuery");
break;
}
- startElement = StaxParserUtil.peekNextStartElement( xmlEventReader );
- if( startElement == null )
+ startElement = StaxParserUtil.peekNextStartElement(xmlEventReader);
+ if (startElement == null)
break;
- super.parseCommonElements(startElement, xmlEventReader, xacmlQuery);
+ super.parseCommonElements(startElement, xmlEventReader, xacmlQuery);
String tag = StaxParserUtil.getStartElementName(startElement);
-
- if( tag.equals( JBossSAMLConstants.REQUEST.get() ))
+
+ if (tag.equals(JBossSAMLConstants.REQUEST.get()))
{
Element xacmlRequest = StaxParserUtil.getDOMElement(xmlEventReader);
//xacml request
- String xacmlPath = "org.jboss.security.xacml.core.model.context";
+ String xacmlPath = "org.jboss.security.xacml.core.model.context";
try
{
- JAXBContext jaxb = JAXBContext.newInstance( xacmlPath );
+ JAXBContext jaxb = JAXBContext.newInstance(xacmlPath);
Unmarshaller un = jaxb.createUnmarshaller();
un.setEventHandler(new
javax.xml.bind.helpers.DefaultValidationEventHandler());
- JAXBElement<RequestType> jaxbRequestType =
(JAXBElement<RequestType>) un.unmarshal(
DocumentUtil.getNodeAsStream(xacmlRequest));
+ JAXBElement<RequestType> jaxbRequestType =
(JAXBElement<RequestType>) un.unmarshal(DocumentUtil
+ .getNodeAsStream(xacmlRequest));
RequestType req = jaxbRequestType.getValue();
xacmlQuery.setRequest(req);
}
- catch ( Exception e)
+ catch (Exception e)
{
- throw new ParsingException( e );
- }
- }
+ throw new ParsingException(e);
+ }
+ }
}
- return xacmlQuery;
+ return xacmlQuery;
}
}
\ No newline at end of file
Modified:
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/util/SAMLParserUtil.java
===================================================================
---
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/util/SAMLParserUtil.java 2011-06-23
01:04:12 UTC (rev 1022)
+++
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/util/SAMLParserUtil.java 2011-06-23
01:05:52 UTC (rev 1023)
@@ -35,11 +35,17 @@
import javax.xml.stream.events.XMLEvent;
import org.picketlink.identity.federation.core.exceptions.ParsingException;
+import org.picketlink.identity.federation.core.parsers.saml.SAML11SubjectParser;
+import org.picketlink.identity.federation.core.saml.v1.SAML11Constants;
import org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLConstants;
import org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLURIConstants;
import org.picketlink.identity.federation.core.saml.v2.util.XMLTimeUtil;
import org.picketlink.identity.federation.core.util.StringUtil;
+import
org.picketlink.identity.federation.saml.v1.assertion.SAML11AuthenticationStatementType;
+import org.picketlink.identity.federation.saml.v1.assertion.SAML11SubjectStatementType;
+import org.picketlink.identity.federation.saml.v1.assertion.SAML11SubjectType;
import org.picketlink.identity.federation.saml.v2.assertion.AttributeStatementType;
+import
org.picketlink.identity.federation.saml.v2.assertion.AttributeStatementType.ASTChoiceType;
import org.picketlink.identity.federation.saml.v2.assertion.AttributeType;
import org.picketlink.identity.federation.saml.v2.assertion.AuthnContextClassRefType;
import org.picketlink.identity.federation.saml.v2.assertion.AuthnContextDeclRefType;
@@ -47,7 +53,6 @@
import org.picketlink.identity.federation.saml.v2.assertion.AuthnStatementType;
import org.picketlink.identity.federation.saml.v2.assertion.NameIDType;
import org.picketlink.identity.federation.saml.v2.assertion.SubjectLocalityType;
-import
org.picketlink.identity.federation.saml.v2.assertion.AttributeStatementType.ASTChoiceType;
/**
* Utility methods for SAML Parser
@@ -365,6 +370,101 @@
}
/**
+ * Parse the AuthnStatement inside the assertion
+ * @param xmlEventReader
+ * @return
+ * @throws ParsingException
+ */
+ public static SAML11AuthenticationStatementType
parseAuthenticationStatement(XMLEventReader xmlEventReader)
+ throws ParsingException
+ {
+ StartElement startElement = StaxParserUtil.getNextStartElement(xmlEventReader);
+
+ StaxParserUtil.validate(startElement, SAML11Constants.AUTHENTICATION_STATEMENT);
+
+ Attribute authMethod = startElement.getAttributeByName(new
QName(SAML11Constants.AUTHENTICATION_METHOD));
+ if (authMethod == null)
+ throw new ParsingException(SAML11Constants.AUTHENTICATION_METHOD + "
attribute needed");
+
+ Attribute authInstant = startElement.getAttributeByName(new
QName(SAML11Constants.AUTHENTICATION_INSTANT));
+ if (authInstant == null)
+ throw new ParsingException(SAML11Constants.AUTHENTICATION_INSTANT + "
attribute needed");
+
+ SAML11AuthenticationStatementType authStat = new
SAML11AuthenticationStatementType(URI.create(StaxParserUtil
+ .getAttributeValue(authMethod)),
XMLTimeUtil.parse(StaxParserUtil.getAttributeValue(authInstant)));
+
+ while (xmlEventReader.hasNext())
+ {
+ XMLEvent xmlEvent = StaxParserUtil.peek(xmlEventReader);
+ if (xmlEvent == null)
+ break;
+
+ if (xmlEvent instanceof EndElement)
+ {
+ xmlEvent = StaxParserUtil.getNextEvent(xmlEventReader);
+ EndElement endElement = (EndElement) xmlEvent;
+ String endElementTag = StaxParserUtil.getEndElementName(endElement);
+ if (endElementTag.equals(SAML11Constants.AUTHENTICATION_STATEMENT))
+ break;
+ else
+ throw new RuntimeException("Unknown End Element:" +
endElementTag);
+ }
+ startElement = null;
+
+ if (xmlEvent instanceof StartElement)
+ {
+ startElement = (StartElement) xmlEvent;
+ }
+ else
+ {
+ startElement = StaxParserUtil.peekNextStartElement(xmlEventReader);
+ }
+ if (startElement == null)
+ break;
+
+ String tag = StaxParserUtil.getStartElementName(startElement);
+
+ if (JBossSAMLConstants.SUBJECT.get().equalsIgnoreCase(tag))
+ {
+ SAML11SubjectParser subjectParser = new SAML11SubjectParser();
+ SAML11SubjectType subject = (SAML11SubjectType)
subjectParser.parse(xmlEventReader);
+ SAML11SubjectStatementType subStat = new SAML11SubjectStatementType();
+ subStat.setSubject(subject);
+
+ authStat.setSubject(subject);
+ }
+
+ /*if (JBossSAMLConstants.SUBJECT_LOCALITY.get().equals(tag))
+ {
+ startElement = StaxParserUtil.getNextStartElement(xmlEventReader);
+ SubjectLocalityType subjectLocalityType = new SubjectLocalityType();
+ Attribute address = startElement.getAttributeByName(new
QName(JBossSAMLConstants.ADDRESS.get()));
+ if (address != null)
+ {
+
subjectLocalityType.setAddress(StaxParserUtil.getAttributeValue(address));
+ }
+ Attribute dns = startElement.getAttributeByName(new
QName(JBossSAMLConstants.DNS_NAME.get()));
+ if (dns != null)
+ {
+ subjectLocalityType.setDNSName(StaxParserUtil.getAttributeValue(dns));
+ }
+ authnStatementType.setSubjectLocality(subjectLocalityType);
+ StaxParserUtil.validate(StaxParserUtil.getNextEndElement(xmlEventReader),
+ JBossSAMLConstants.SUBJECT_LOCALITY.get());
+ }
+ else if (JBossSAMLConstants.AUTHN_CONTEXT.get().equals(tag))
+ {
+ authnStatementType.setAuthnContext(parseAuthnContextType(xmlEventReader));
+ }*/
+ else
+ throw new RuntimeException("Unknown tag:" + tag +
"::Location=" + startElement.getLocation());
+
+ }
+
+ return authStat;
+ }
+
+ /**
* Parse a {@code NameIDType}
* @param xmlEventReader
* @return
Added:
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v1/SAML11Constants.java
===================================================================
---
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v1/SAML11Constants.java
(rev 0)
+++
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v1/SAML11Constants.java 2011-06-23
01:05:52 UTC (rev 1023)
@@ -0,0 +1,51 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2008, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.picketlink.identity.federation.core.saml.v1;
+
+/**
+ * @author Anil.Saldhana(a)redhat.com
+ * @since Jun 22, 2011
+ */
+public interface SAML11Constants
+{
+ String ASSERTIONID = "AssertionID";
+
+ String ASSERTION_11_NSURI = "urn:oasis:names:tc:SAML:1.0:assertion";
+
+ String AUTHENTICATION_INSTANT = "AuthenticationInstant";
+
+ String AUTHENTICATION_METHOD = "AuthenticationMethod";
+
+ String AUTHENTICATION_STATEMENT = "AuthenticationStatement";
+
+ String CONFIRMATION_METHOD = "ConfirmationMethod";
+
+ String FORMAT = "Format";
+
+ String ISSUER = "Issuer";
+
+ String MAJOR_VERSION = "MajorVersion";
+
+ String MINOR_VERSION = "MinorVersion";
+
+ String NAME_IDENTIFIER = "NameIdentifier";
+}
\ No newline at end of file
Modified:
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/constants/JBossSAMLConstants.java
===================================================================
---
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/constants/JBossSAMLConstants.java 2011-06-23
01:04:12 UTC (rev 1022)
+++
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/constants/JBossSAMLConstants.java 2011-06-23
01:05:52 UTC (rev 1023)
@@ -31,7 +31,7 @@
ADDRESS( "Address" ),
ALLOW_CREATE( "AllowCreate" ),
ARTIFACT_RESOLUTION_SERVICE( "ArtifactResolutionService" ),
- ASSERTION( "Assertion" ),
+ ASSERTION( "Assertion" ),
ASSERTION_CONSUMER_SERVICE( "AssertionConsumerService" ),
ASSERTION_CONSUMER_SERVICE_URL( "AssertionConsumerServiceURL" ),
ASSERTION_CONSUMER_SERVICE_INDEX( "AssertionConsumerServiceIndex" ),
Modified:
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/constants/JBossSAMLURIConstants.java
===================================================================
---
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/constants/JBossSAMLURIConstants.java 2011-06-23
01:04:12 UTC (rev 1022)
+++
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/constants/JBossSAMLURIConstants.java 2011-06-23
01:05:52 UTC (rev 1023)
@@ -67,6 +67,8 @@
SAML_HTTP_POST_BINDING("urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"),
SAML_HTTP_REDIRECT_BINDING("urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect"),
+ SAML_11_NS("urn:oasis:names:tc:SAML:1.0:assertion"),
+
SUBJECT_CONFIRMATION_BEARER("urn:oasis:names:tc:SAML:2.0:cm:bearer"),
Modified:
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/factories/JBossSAMLAuthnResponseFactory.java
===================================================================
---
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/factories/JBossSAMLAuthnResponseFactory.java 2011-06-23
01:04:12 UTC (rev 1022)
+++
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/factories/JBossSAMLAuthnResponseFactory.java 2011-06-23
01:05:52 UTC (rev 1023)
@@ -41,9 +41,9 @@
import org.picketlink.identity.federation.saml.v2.assertion.SubjectConfirmationType;
import org.picketlink.identity.federation.saml.v2.assertion.SubjectType;
import org.picketlink.identity.federation.saml.v2.protocol.ResponseType;
+import org.picketlink.identity.federation.saml.v2.protocol.ResponseType.RTChoiceType;
import org.picketlink.identity.federation.saml.v2.protocol.StatusCodeType;
import org.picketlink.identity.federation.saml.v2.protocol.StatusType;
-import org.picketlink.identity.federation.saml.v2.protocol.ResponseType.RTChoiceType;
import org.w3c.dom.Element;
/**
@@ -52,7 +52,7 @@
* @since Dec 9, 2008
*/
public class JBossSAMLAuthnResponseFactory
-{
+{
/**
* Create a StatusType given the status code uri
* @param statusCodeURI
@@ -60,24 +60,15 @@
*/
public static StatusType createStatusType(String statusCodeURI)
{
- StatusCodeType sct = new StatusCodeType();
- sct.setValue( URI.create( statusCodeURI ));
-
- StatusType statusType = new StatusType();
+ StatusCodeType sct = new StatusCodeType();
+ sct.setValue(URI.create(statusCodeURI));
+
+ StatusType statusType = new StatusType();
statusType.setStatusCode(sct);
return statusType;
}
-
+
/**
- * Create an empty response type
- * @return
- */
- public static ResponseType createResponseType()
- {
- return new ResponseType();
- }
-
- /**
* Create a ResponseType
* @param ID id of the response
* @param sp holder with the information about the Service Provider
@@ -86,54 +77,53 @@
* @return
* @throws ConfigurationException
*/
- public static ResponseType createResponseType(String ID, SPInfoHolder sp,
IDPInfoHolder idp,
- IssuerInfoHolder issuerInfo) throws ConfigurationException
- {
+ public static ResponseType createResponseType(String ID, SPInfoHolder sp,
IDPInfoHolder idp,
+ IssuerInfoHolder issuerInfo) throws ConfigurationException
+ {
String responseDestinationURI = sp.getResponseDestinationURI();
-
- XMLGregorianCalendar issueInstant = XMLTimeUtil.getIssueInstant();
-
+
+ XMLGregorianCalendar issueInstant = XMLTimeUtil.getIssueInstant();
+
//Create an assertion
- String id = IDGenerator.create( "ID_" );
-
+ String id = IDGenerator.create("ID_");
+
//Create assertion -> subject
SubjectType subjectType = new SubjectType();
-
+
//subject -> nameid
NameIDType nameIDType = new NameIDType();
- nameIDType.setFormat( URI.create( idp.getNameIDFormat() ));
+ nameIDType.setFormat(URI.create(idp.getNameIDFormat()));
nameIDType.setValue(idp.getNameIDFormatValue());
-
+
SubjectType.STSubType subType = new SubjectType.STSubType();
- subType.addBaseID(nameIDType);
+ subType.addBaseID(nameIDType);
subjectType.setSubType(subType);
-
- SubjectConfirmationType subjectConfirmation = new SubjectConfirmationType();
- subjectConfirmation.setMethod( idp.getSubjectConfirmationMethod());
-
+
+ SubjectConfirmationType subjectConfirmation = new SubjectConfirmationType();
+ subjectConfirmation.setMethod(idp.getSubjectConfirmationMethod());
+
SubjectConfirmationDataType subjectConfirmationData = new
SubjectConfirmationDataType();
- subjectConfirmationData.setInResponseTo( sp.getRequestID() );
- subjectConfirmationData.setRecipient( responseDestinationURI );
+ subjectConfirmationData.setInResponseTo(sp.getRequestID());
+ subjectConfirmationData.setRecipient(responseDestinationURI);
subjectConfirmationData.setNotBefore(issueInstant);
subjectConfirmationData.setNotOnOrAfter(issueInstant);
-
+
subjectConfirmation.setSubjectConfirmationData(subjectConfirmationData);
subjectType.addConfirmation(subjectConfirmation);
-
- AssertionType assertionType = SAMLAssertionFactory.createAssertion(id,
- nameIDType , issueInstant, (ConditionsType) null, subjectType,
(List<StatementAbstractType>)null );
-
-
- ResponseType responseType = createResponseType(ID, issuerInfo, assertionType);
+
+ AssertionType assertionType = SAMLAssertionFactory.createAssertion(id, nameIDType,
issueInstant,
+ (ConditionsType) null, subjectType, (List<StatementAbstractType>)
null);
+
+ ResponseType responseType = createResponseType(ID, issuerInfo, assertionType);
//InResponseTo ID
responseType.setInResponseTo(sp.getRequestID());
//Destination
responseType.setDestination(responseDestinationURI);
-
+
return responseType;
- }
-
+ }
+
/**
* Create a Response Type
* @param ID
@@ -142,35 +132,27 @@
* @return
* @throws ConfigurationException
*/
- public static ResponseType createResponseType(String ID, IssuerInfoHolder issuerInfo,
AssertionType assertionType)
- throws ConfigurationException
+ public static ResponseType createResponseType(String ID, IssuerInfoHolder issuerInfo,
AssertionType assertionType)
+ throws ConfigurationException
{
- ResponseType responseType = new ResponseType();
- responseType.setVersion(issuerInfo.getSamlVersion());
-
- //ID
- responseType.setID(ID);
-
+ XMLGregorianCalendar issueInstant = XMLTimeUtil.getIssueInstant();
+ ResponseType responseType = new ResponseType(ID, issueInstant);
+
//Issuer
NameIDType issuer = issuerInfo.getIssuer();
responseType.setIssuer(issuer);
-
+
//Status
String statusCode = issuerInfo.getStatusCode();
- if(statusCode == null)
+ if (statusCode == null)
throw new IllegalArgumentException("issuerInfo missing status code");
-
- responseType.setStatus(createStatusType(statusCode) );
-
- XMLGregorianCalendar issueInstant = XMLTimeUtil.getIssueInstant();
-
- //IssueInstant
- responseType.setIssueInstant(issueInstant);
-
- responseType.addAssertion( new RTChoiceType( assertionType ));
- return responseType;
- }
-
+
+ responseType.setStatus(createStatusType(statusCode));
+
+ responseType.addAssertion(new RTChoiceType(assertionType));
+ return responseType;
+ }
+
/**
* Create a Response Type
* @param ID
@@ -179,33 +161,23 @@
* @return
* @throws ConfigurationException
*/
- public static ResponseType createResponseType(String ID, IssuerInfoHolder issuerInfo,
Element encryptedAssertion )
- throws ConfigurationException
+ public static ResponseType createResponseType(String ID, IssuerInfoHolder issuerInfo,
Element encryptedAssertion)
+ throws ConfigurationException
{
- ResponseType responseType = new ResponseType();
- responseType.setVersion(issuerInfo.getSamlVersion());
-
- //ID
- responseType.setID(ID);
-
+ ResponseType responseType = new ResponseType(ID, XMLTimeUtil.getIssueInstant());
+
//Issuer
NameIDType issuer = issuerInfo.getIssuer();
responseType.setIssuer(issuer);
-
+
//Status
String statusCode = issuerInfo.getStatusCode();
- if(statusCode == null)
+ if (statusCode == null)
throw new IllegalArgumentException("issuerInfo missing status code");
-
- responseType.setStatus(createStatusType(statusCode) );
-
- XMLGregorianCalendar issueInstant = XMLTimeUtil.getIssueInstant();
-
- //IssueInstant
- responseType.setIssueInstant(issueInstant);
-
-
- responseType.addAssertion( new RTChoiceType( new EncryptedAssertionType(
encryptedAssertion ) ));
- return responseType;
- }
+
+ responseType.setStatus(createStatusType(statusCode));
+
+ responseType.addAssertion(new RTChoiceType(new
EncryptedAssertionType(encryptedAssertion)));
+ return responseType;
+ }
}
\ No newline at end of file
Modified:
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/factories/SAMLAssertionFactory.java
===================================================================
---
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/factories/SAMLAssertionFactory.java 2011-06-23
01:04:12 UTC (rev 1022)
+++
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/factories/SAMLAssertionFactory.java 2011-06-23
01:05:52 UTC (rev 1023)
@@ -26,7 +26,6 @@
import javax.xml.datatype.XMLGregorianCalendar;
-import org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLConstants;
import org.picketlink.identity.federation.saml.v2.assertion.AssertionType;
import org.picketlink.identity.federation.saml.v2.assertion.AudienceRestrictionType;
import org.picketlink.identity.federation.saml.v2.assertion.ConditionAbstractType;
@@ -45,7 +44,7 @@
* @since Jan 28, 2009
*/
public class SAMLAssertionFactory
-{
+{
/**
* <p>
* Creates an {@code AudienceRestrictionType} with the specified values.
@@ -57,12 +56,12 @@
public static AudienceRestrictionType createAudienceRestriction(String... values)
{
AudienceRestrictionType audienceRestriction = new AudienceRestrictionType();
- if ( values != null )
+ if (values != null)
{
- for( String val: values )
+ for (String val : values)
{
- audienceRestriction.addAudience( URI.create( val ) );
- }
+ audienceRestriction.addAudience(URI.create(val));
+ }
}
return audienceRestriction;
}
@@ -80,8 +79,8 @@
public static NameIDType createNameID(String format, String qualifier, String value)
{
NameIDType nameID = new NameIDType();
- if( format != null )
- nameID.setFormat( URI.create( format ));
+ if (format != null)
+ nameID.setFormat(URI.create(format));
nameID.setNameQualifier(qualifier);
nameID.setValue(value);
return nameID;
@@ -103,14 +102,14 @@
ConditionsType conditions = new ConditionsType();
conditions.setNotBefore(notBefore);
conditions.setNotOnOrAfter(notOnOrAfter);
- if ( restrictions != null )
+ if (restrictions != null)
{
- for( ConditionAbstractType condition : restrictions )
+ for (ConditionAbstractType condition : restrictions)
{
conditions.addCondition(condition);
}
-
- }
+
+ }
return conditions;
}
@@ -124,11 +123,11 @@
*/
public static KeyInfoConfirmationDataType createKeyInfoConfirmation(KeyInfoType
keyInfo)
{
- KeyInfoConfirmationDataType type = new KeyInfoConfirmationDataType();
- type.setAnyType( keyInfo );
+ KeyInfoConfirmationDataType type = new KeyInfoConfirmationDataType();
+ type.setAnyType(keyInfo);
return type;
}
-
+
/**
* <p>
* Creates a {@code SubjectConfirmationType} object with the specified values.
@@ -161,17 +160,17 @@
*/
public static SubjectType createSubject(NameIDType nameID, SubjectConfirmationType
confirmation)
{
- SubjectType subject = new SubjectType();
+ SubjectType subject = new SubjectType();
if (nameID != null)
{
- SubjectType.STSubType subType = new SubjectType.STSubType();
+ SubjectType.STSubType subType = new SubjectType.STSubType();
subType.addConfirmation(confirmation);
subType.addBaseID(nameID);
subject.setSubType(subType);
- }
+ }
return subject;
- }
-
+ }
+
/**
* <p>
* Creates a SAMLV2 {@code AssertionType} with the specified values.
@@ -189,20 +188,20 @@
public static AssertionType createAssertion(String id, NameIDType issuerID,
XMLGregorianCalendar issueInstant,
ConditionsType conditions, SubjectType subject,
List<StatementAbstractType> statements)
{
- AssertionType assertion = new AssertionType( id, issueInstant,
JBossSAMLConstants.VERSION_2_0.get() );
- assertion.setIssuer(issuerID);
- if(conditions != null)
- assertion.setConditions(conditions);
- if(subject != null)
- assertion.setSubject(subject);
-
- if ( statements != null )
+ AssertionType assertion = new AssertionType(id, issueInstant);
+ assertion.setIssuer(issuerID);
+ if (conditions != null)
+ assertion.setConditions(conditions);
+ if (subject != null)
+ assertion.setSubject(subject);
+
+ if (statements != null)
{
- for( StatementAbstractType statement: statements )
+ for (StatementAbstractType statement : statements)
{
assertion.addStatement(statement);
}
- }
+ }
return assertion;
}
}
\ No newline at end of file
Modified:
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/util/AssertionUtil.java
===================================================================
---
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/util/AssertionUtil.java 2011-06-23
01:04:12 UTC (rev 1022)
+++
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/util/AssertionUtil.java 2011-06-23
01:05:52 UTC (rev 1023)
@@ -32,19 +32,18 @@
import org.apache.log4j.Logger;
import org.picketlink.identity.federation.core.exceptions.ConfigurationException;
import org.picketlink.identity.federation.core.exceptions.ProcessingException;
-import org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLConstants;
import
org.picketlink.identity.federation.core.saml.v2.exceptions.IssueInstantMissingException;
import org.picketlink.identity.federation.core.saml.v2.writers.SAMLAssertionWriter;
import org.picketlink.identity.federation.core.util.StaxUtil;
import org.picketlink.identity.federation.core.util.XMLSignatureUtil;
import org.picketlink.identity.federation.saml.v2.assertion.AssertionType;
import org.picketlink.identity.federation.saml.v2.assertion.AttributeStatementType;
+import
org.picketlink.identity.federation.saml.v2.assertion.AttributeStatementType.ASTChoiceType;
import org.picketlink.identity.federation.saml.v2.assertion.AttributeType;
import org.picketlink.identity.federation.saml.v2.assertion.ConditionsType;
import org.picketlink.identity.federation.saml.v2.assertion.NameIDType;
import org.picketlink.identity.federation.saml.v2.assertion.StatementAbstractType;
import org.picketlink.identity.federation.saml.v2.assertion.SubjectType;
-import
org.picketlink.identity.federation.saml.v2.assertion.AttributeStatementType.ASTChoiceType;
import org.picketlink.identity.federation.saml.v2.assertion.SubjectType.STSubType;
import org.w3c.dom.Document;
import org.w3c.dom.Element;
@@ -92,7 +91,7 @@
{
throw new RuntimeException(e);
}
- AssertionType assertion = new AssertionType(id, issueInstant,
JBossSAMLConstants.VERSION_2_0.get());
+ AssertionType assertion = new AssertionType(id, issueInstant);
assertion.setIssuer(issuer);
return assertion;
}
Modified:
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/util/StringUtil.java
===================================================================
---
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/util/StringUtil.java 2011-06-23
01:04:12 UTC (rev 1022)
+++
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/util/StringUtil.java 2011-06-23
01:05:52 UTC (rev 1023)
@@ -121,6 +121,17 @@
}
/**
+ * Match two strings else throw a {@link RuntimeException}
+ * @param first
+ * @param second
+ */
+ public static void match(String first, String second)
+ {
+ if (first.equals(second) == false)
+ throw new RuntimeException(first + " does not match with " + second);
+ }
+
+ /**
* Given a comma separated string, get the tokens as a {@link List}
* @param str
* @return
Modified:
federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/identity/federation/core/wstrust/auth/Util.java
===================================================================
---
federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/identity/federation/core/wstrust/auth/Util.java 2011-06-23
01:04:12 UTC (rev 1022)
+++
federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/identity/federation/core/wstrust/auth/Util.java 2011-06-23
01:05:52 UTC (rev 1023)
@@ -23,11 +23,9 @@
import java.util.HashMap;
import java.util.Map;
-import org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLConstants;
import org.picketlink.identity.federation.core.saml.v2.factories.JBossSAMLBaseFactory;
import org.picketlink.identity.federation.core.saml.v2.util.XMLTimeUtil;
-import org.picketlink.identity.federation.core.wstrust.auth.AbstractSTSLoginModule;
-import org.picketlink.identity.federation.core.wstrust.plugins.saml.SAMLUtil;
+import org.picketlink.identity.federation.core.wstrust.plugins.saml.SAMLUtil;
import org.picketlink.identity.federation.saml.v2.assertion.AssertionType;
import org.w3c.dom.Element;
@@ -39,23 +37,22 @@
*/
public final class Util
{
- private Util()
- {
- }
-
- public static Element createSamlToken() throws Exception
- {
- String id = "ID+" + JBossSAMLBaseFactory.createUUID();
- final AssertionType assertionType = new AssertionType( id,
XMLTimeUtil.getIssueInstant(),
- JBossSAMLConstants.VERSION_2_0.get() );
- return SAMLUtil.toElement(assertionType);
- }
-
- public static Map<String, String> allOptions()
- {
- Map<String, String> options = new HashMap<String, String>();
- options.put(AbstractSTSLoginModule.STS_CONFIG_FILE,
"wstrust/auth/jboss-sts-client.properties");
- return options;
- }
+ private Util()
+ {
+ }
+ public static Element createSamlToken() throws Exception
+ {
+ String id = "ID+" + JBossSAMLBaseFactory.createUUID();
+ final AssertionType assertionType = new AssertionType(id,
XMLTimeUtil.getIssueInstant());
+ return SAMLUtil.toElement(assertionType);
+ }
+
+ public static Map<String, String> allOptions()
+ {
+ Map<String, String> options = new HashMap<String, String>();
+ options.put(AbstractSTSLoginModule.STS_CONFIG_FILE,
"wstrust/auth/jboss-sts-client.properties");
+ return options;
+ }
+
}
Added:
federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/saml/SAML11AssertionParserTestCase.java
===================================================================
---
federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/saml/SAML11AssertionParserTestCase.java
(rev 0)
+++
federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/saml/SAML11AssertionParserTestCase.java 2011-06-23
01:05:52 UTC (rev 1023)
@@ -0,0 +1,80 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2008, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.picketlink.test.identity.federation.core.parser.saml;
+
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertNotNull;
+
+import java.io.InputStream;
+import java.net.URI;
+
+import org.junit.Test;
+import org.picketlink.identity.federation.core.parsers.saml.SAMLParser;
+import org.picketlink.identity.federation.core.saml.v2.util.XMLTimeUtil;
+import org.picketlink.identity.federation.saml.v1.assertion.SAML11AssertionType;
+import
org.picketlink.identity.federation.saml.v1.assertion.SAML11AuthenticationStatementType;
+import org.picketlink.identity.federation.saml.v1.assertion.SAML11ConditionsType;
+import
org.picketlink.identity.federation.saml.v1.assertion.SAML11SubjectConfirmationType;
+import org.picketlink.identity.federation.saml.v1.assertion.SAML11SubjectType;
+
+/**
+ * Unit Test the parsing of SAML 1.1 assertion
+ * @author Anil.Saldhana(a)redhat.com
+ * @since Jun 21, 2011
+ */
+public class SAML11AssertionParserTestCase
+{
+ @Test
+ public void testSAML11Assertion() throws Exception
+ {
+ ClassLoader tcl = Thread.currentThread().getContextClassLoader();
+ InputStream configStream =
tcl.getResourceAsStream("parser/saml1/saml1-assertion.xml");
+
+ SAMLParser parser = new SAMLParser();
+ SAML11AssertionType assertion = (SAML11AssertionType) parser.parse(configStream);
+ assertNotNull(assertion);
+
+ //Validate assertion
+ assertEquals(1, assertion.getMajorVersion());
+ assertEquals(1, assertion.getMinorVersion());
+ assertEquals("buGxcG4gILg5NlocyLccDz6iXrUa", assertion.getID());
+ assertEquals("https://idp.example.org/saml";, assertion.getIssuer());
+ assertEquals(XMLTimeUtil.parse("2002-06-19T17:05:37.795Z"),
assertion.getIssueInstant());
+
+ SAML11ConditionsType conditions = assertion.getConditions();
+ assertEquals(XMLTimeUtil.parse("2002-06-19T17:00:37.795Z"),
conditions.getNotBefore());
+ assertEquals(XMLTimeUtil.parse("2002-06-19T17:10:37.795Z"),
conditions.getNotOnOrAfter());
+
+ SAML11AuthenticationStatementType stat = (SAML11AuthenticationStatementType)
assertion.getStatements().get(0);
+ assertEquals("urn:oasis:names:tc:SAML:1.0:am:password",
stat.getAuthenticationMethod().toString());
+ assertEquals(XMLTimeUtil.parse("2002-06-19T17:05:17.706Z"),
stat.getAuthenticationInstant());
+
+ SAML11SubjectType subject = stat.getSubject();
+ SAML11SubjectType.SAML11SubjectTypeChoice choice = subject.getChoice();
+ assertEquals("user(a)idp.example.org",
choice.getNameID().getNameQualifier());
+ assertEquals("urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress",
choice.getNameID().getFormat().toString());
+
+ SAML11SubjectConfirmationType subjectConfirm = subject.getSubjectConfirmation();
+ URI confirmationMethod = subjectConfirm.getConfirmationMethod().get(0);
+ assertEquals("urn:oasis:names:tc:SAML:1.0:cm:bearer",
confirmationMethod.toString());
+ }
+}
\ No newline at end of file
Modified:
federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/saml/SAMLAssertionParserTestCase.java
===================================================================
---
federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/saml/SAMLAssertionParserTestCase.java 2011-06-23
01:04:12 UTC (rev 1022)
+++
federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/saml/SAMLAssertionParserTestCase.java 2011-06-23
01:05:52 UTC (rev 1023)
@@ -43,6 +43,7 @@
import org.picketlink.identity.federation.core.util.StaxUtil;
import org.picketlink.identity.federation.saml.v2.assertion.AssertionType;
import org.picketlink.identity.federation.saml.v2.assertion.AttributeStatementType;
+import
org.picketlink.identity.federation.saml.v2.assertion.AttributeStatementType.ASTChoiceType;
import org.picketlink.identity.federation.saml.v2.assertion.AttributeType;
import org.picketlink.identity.federation.saml.v2.assertion.AudienceRestrictionType;
import org.picketlink.identity.federation.saml.v2.assertion.AuthnStatementType;
@@ -52,7 +53,6 @@
import org.picketlink.identity.federation.saml.v2.assertion.SubjectConfirmationDataType;
import org.picketlink.identity.federation.saml.v2.assertion.SubjectConfirmationType;
import org.picketlink.identity.federation.saml.v2.assertion.SubjectType;
-import
org.picketlink.identity.federation.saml.v2.assertion.AttributeStatementType.ASTChoiceType;
import org.picketlink.identity.federation.saml.v2.assertion.SubjectType.STSubType;
/**
@@ -64,31 +64,31 @@
{
@Test
public void testSAMLAssertionParsing() throws Exception
- {
+ {
ClassLoader tcl = Thread.currentThread().getContextClassLoader();
- InputStream configStream = tcl.getResourceAsStream(
"parser/saml2/saml2-assertion.xml" );
+ InputStream configStream =
tcl.getResourceAsStream("parser/saml2/saml2-assertion.xml");
SAMLParser parser = new SAMLParser();
AssertionType assertion = (AssertionType) parser.parse(configStream);
- assertNotNull( assertion );
+ assertNotNull(assertion);
- assertEquals( "ID_ab0392ef-b557-4453-95a8-a7e168da8ac5",
assertion.getID() );
- assertEquals( XMLTimeUtil.parse( "2010-09-30T19:13:37.869Z" ),
assertion.getIssueInstant() );
+ assertEquals("ID_ab0392ef-b557-4453-95a8-a7e168da8ac5",
assertion.getID());
+ assertEquals(XMLTimeUtil.parse("2010-09-30T19:13:37.869Z"),
assertion.getIssueInstant());
//Issuer
- assertEquals( "Test STS", assertion.getIssuer().getValue() );
+ assertEquals("Test STS", assertion.getIssuer().getValue());
//Subject
SubjectType subject = assertion.getSubject();
-
+
STSubType subType = subject.getSubType();
NameIDType subjectNameID = (NameIDType) subType.getBaseID();
- assertEquals( "jduke", subjectNameID.getValue() );
- assertEquals( "urn:picketlink:identity-federation",
subjectNameID.getNameQualifier() );
-
- ConditionsType conditions = assertion.getConditions();
- assertEquals( XMLTimeUtil.parse( "2010-09-30T19:13:37.869Z" ) ,
conditions.getNotBefore() );
- assertEquals( XMLTimeUtil.parse( "2010-09-30T21:13:37.869Z" ) ,
conditions.getNotOnOrAfter() );
-
+ assertEquals("jduke", subjectNameID.getValue());
+ assertEquals("urn:picketlink:identity-federation",
subjectNameID.getNameQualifier());
+
+ ConditionsType conditions = assertion.getConditions();
+ assertEquals(XMLTimeUtil.parse("2010-09-30T19:13:37.869Z"),
conditions.getNotBefore());
+ assertEquals(XMLTimeUtil.parse("2010-09-30T21:13:37.869Z"),
conditions.getNotOnOrAfter());
+
/*List<JAXBElement<?>> content = subject.getContent();
int size = content.size();
@@ -112,152 +112,118 @@
assertEquals( XMLTimeUtil.parse( "2010-09-30T21:13:37.869Z" ) ,
conditions.getNotOnOrAfter() );
}
} */
- }
+ }
-
/**
* This test validates the parsing of audience restrictions inside the conditions
* @throws Exception
*/
@Test
public void testSAMLAssertionParsingWithAudienceRestriction() throws Exception
- {
+ {
ClassLoader tcl = Thread.currentThread().getContextClassLoader();
- InputStream configStream = tcl.getResourceAsStream(
"parser/saml2/saml2-assertion-audiencerestriction.xml" );
+ InputStream configStream =
tcl.getResourceAsStream("parser/saml2/saml2-assertion-audiencerestriction.xml");
SAMLParser parser = new SAMLParser();
AssertionType assertion = (AssertionType) parser.parse(configStream);
- assertNotNull( assertion );
+ assertNotNull(assertion);
- assertEquals( "ID_cf9efbf0-9d7f-4b4a-b77f-d83ecaafd374",
assertion.getID() );
- assertEquals( XMLTimeUtil.parse( "2010-09-30T19:13:37.911Z" ),
assertion.getIssueInstant() );
- assertEquals( "2.0", assertion.getVersion() );
+ assertEquals("ID_cf9efbf0-9d7f-4b4a-b77f-d83ecaafd374",
assertion.getID());
+ assertEquals(XMLTimeUtil.parse("2010-09-30T19:13:37.911Z"),
assertion.getIssueInstant());
+ assertEquals("2.0", assertion.getVersion());
//Issuer
- assertEquals( "Test STS", assertion.getIssuer().getValue() );
+ assertEquals("Test STS", assertion.getIssuer().getValue());
//Subject
SubjectType subject = assertion.getSubject();
-
+
STSubType subType = subject.getSubType();
NameIDType subjectNameID = (NameIDType) subType.getBaseID();
- assertEquals( "jduke", subjectNameID.getValue() );
- assertEquals( "urn:picketlink:identity-federation",
subjectNameID.getNameQualifier() );
-
- SubjectConfirmationType subjectConfirmation = subject.getConfirmation().get(0 );
- assertEquals( "urn:oasis:names:tc:SAML:2.0:cm:bearer",
subjectConfirmation.getMethod() );
-
- ConditionsType conditions = assertion.getConditions();
- assertEquals( XMLTimeUtil.parse( "2010-09-30T19:13:37.911Z" ) ,
conditions.getNotBefore() );
- assertEquals( XMLTimeUtil.parse( "2010-09-30T21:13:37.911Z" ) ,
conditions.getNotOnOrAfter() );
-
- AudienceRestrictionType audienceRestrictionType = (AudienceRestrictionType)
conditions.getConditions().get(0);
- assertEquals( 1, audienceRestrictionType.getAudience().size() );
- assertEquals( "http://services.testcorp.org/provider2",
audienceRestrictionType.getAudience().get( 0 ).toASCIIString());
-
- /*List<JAXBElement<?>> content = subject.getContent();
+ assertEquals("jduke", subjectNameID.getValue());
+ assertEquals("urn:picketlink:identity-federation",
subjectNameID.getNameQualifier());
- int size = content.size();
+ SubjectConfirmationType subjectConfirmation = subject.getConfirmation().get(0);
+ assertEquals("urn:oasis:names:tc:SAML:2.0:cm:bearer",
subjectConfirmation.getMethod());
- for( int i = 0 ; i < size; i++ )
- {
- JAXBElement<?> node = content.get(i);
- if( node.getDeclaredType().equals( NameIDType.class ))
- {
- NameIDType subjectNameID = (NameIDType) node.getValue();
+ ConditionsType conditions = assertion.getConditions();
+ assertEquals(XMLTimeUtil.parse("2010-09-30T19:13:37.911Z"),
conditions.getNotBefore());
+ assertEquals(XMLTimeUtil.parse("2010-09-30T21:13:37.911Z"),
conditions.getNotOnOrAfter());
- assertEquals( "jduke", subjectNameID.getValue() );
- assertEquals( "urn:picketlink:identity-federation",
subjectNameID.getNameQualifier() );
- }
+ AudienceRestrictionType audienceRestrictionType = (AudienceRestrictionType)
conditions.getConditions().get(0);
+ assertEquals(1, audienceRestrictionType.getAudience().size());
+ assertEquals("http://services.testcorp.org/provider2";,
audienceRestrictionType.getAudience().get(0)
+ .toASCIIString());
+ }
- if( node.getDeclaredType().equals( ConditionsType.class ))
- {
- //Conditions
- ConditionsType conditions = (ConditionsType) node.getValue();
- assertEquals( XMLTimeUtil.parse( "2010-09-30T19:13:37.911Z" ) ,
conditions.getNotBefore() );
- assertEquals( XMLTimeUtil.parse( "2010-09-30T21:13:37.911Z" ) ,
conditions.getNotOnOrAfter() );
-
- //Audience Restriction
- AudienceRestrictionType audienceRestrictionType =
- (AudienceRestrictionType)
conditions.getConditionOrAudienceRestrictionOrOneTimeUse();
- assertEquals( 1, audienceRestrictionType.getAudience().size() );
- assertEquals( "http://services.testcorp.org/provider2",
audienceRestrictionType.getAudience().get( 0 ));
- }
- }*/
- }
-
-
@Test
public void testAssertionWithX500Attribute() throws Exception
{
ClassLoader tcl = Thread.currentThread().getContextClassLoader();
- InputStream configStream = tcl.getResourceAsStream(
"parser/saml2/saml2-assertion-x500attrib.xml" );
+ InputStream configStream =
tcl.getResourceAsStream("parser/saml2/saml2-assertion-x500attrib.xml");
SAMLParser parser = new SAMLParser();
AssertionType assertion = (AssertionType) parser.parse(configStream);
- assertNotNull( assertion );
+ assertNotNull(assertion);
- assertEquals( "ID_b07b804c-7c29-ea16-7300-4f3d6f7928ac",
assertion.getID() );
- assertEquals( XMLTimeUtil.parse( "2004-12-05T09:22:05Z" ),
assertion.getIssueInstant() );
- assertEquals( "2.0", assertion.getVersion() );
+ assertEquals("ID_b07b804c-7c29-ea16-7300-4f3d6f7928ac",
assertion.getID());
+ assertEquals(XMLTimeUtil.parse("2004-12-05T09:22:05Z"),
assertion.getIssueInstant());
+ assertEquals("2.0", assertion.getVersion());
//Issuer
- assertEquals( "https://idp.example.org/SAML2",
assertion.getIssuer().getValue() );
+ assertEquals("https://idp.example.org/SAML2";,
assertion.getIssuer().getValue());
- Set<StatementAbstractType> statements = assertion.getStatements();
- assertEquals( 2, statements.size() );
+ Set<StatementAbstractType> statements = assertion.getStatements();
+ assertEquals(2, statements.size());
Iterator<StatementAbstractType> iter = statements.iterator();
AuthnStatementType authnStatement = (AuthnStatementType) iter.next();
- assertEquals( XMLTimeUtil.parse( "2004-12-05T09:22:00Z" ),
authnStatement.getAuthnInstant() );
- assertEquals( "b07b804c-7c29-ea16-7300-4f3d6f7928ac",
authnStatement.getSessionIndex() );
+ assertEquals(XMLTimeUtil.parse("2004-12-05T09:22:00Z"),
authnStatement.getAuthnInstant());
+ assertEquals("b07b804c-7c29-ea16-7300-4f3d6f7928ac",
authnStatement.getSessionIndex());
-
AttributeStatementType attributeStatement = (AttributeStatementType) iter.next();
List<ASTChoiceType> attributes = attributeStatement.getAttributes();
- assertEquals( 1, attributes.size() );
+ assertEquals(1, attributes.size());
AttributeType attribute = attributes.get(0).getAttribute();
- assertEquals( "eduPersonAffiliation", attribute.getFriendlyName() );
- assertEquals( "urn:oid:1.3.6.1.4.1.5923.1.1.1.1", attribute.getName() );
- assertEquals( "urn:oasis:names:tc:SAML:2.0:attrname-format:uri",
attribute.getNameFormat() );
+ assertEquals("eduPersonAffiliation", attribute.getFriendlyName());
+ assertEquals("urn:oid:1.3.6.1.4.1.5923.1.1.1.1", attribute.getName());
+ assertEquals("urn:oasis:names:tc:SAML:2.0:attrname-format:uri",
attribute.getNameFormat());
//Ensure that we have x500:encoding
- QName x500EncodingName = new QName( JBossSAMLURIConstants.X500_NSURI.get(),
- JBossSAMLConstants.ENCODING.get() );
- String encodingValue = attribute.getOtherAttributes().get( x500EncodingName );
- assertEquals( "LDAP", encodingValue );
+ QName x500EncodingName = new QName(JBossSAMLURIConstants.X500_NSURI.get(),
JBossSAMLConstants.ENCODING.get());
+ String encodingValue = attribute.getOtherAttributes().get(x500EncodingName);
+ assertEquals("LDAP", encodingValue);
List<Object> attributeValues = attribute.getAttributeValue();
- assertEquals( 2, attributeValues.size() );
+ assertEquals(2, attributeValues.size());
- String str = (String ) attributeValues.get( 0 );
- if( ! ( str.equals( "member") || str.equals( "staff" )))
- throw new RuntimeException( "attrib value not found" );
+ String str = (String) attributeValues.get(0);
+ if (!(str.equals("member") || str.equals("staff")))
+ throw new RuntimeException("attrib value not found");
//Subject
SubjectType subject = assertion.getSubject();
STSubType subType = subject.getSubType();
NameIDType subjectNameID = (NameIDType) subType.getBaseID();
- assertEquals( "3f7b3dcf-1674-4ecd-92c8-1544f346baf8",
subjectNameID.getValue() );
- assertEquals( "urn:oasis:names:tc:SAML:2.0:nameid-format:transient",
subjectNameID.getFormat().toString() );
-
- SubjectConfirmationType subjectConfirmation = subject.getConfirmation().get(0 );
- assertEquals( "urn:oasis:names:tc:SAML:2.0:cm:bearer",
subjectConfirmation.getMethod() );
-
+ assertEquals("3f7b3dcf-1674-4ecd-92c8-1544f346baf8",
subjectNameID.getValue());
+ assertEquals("urn:oasis:names:tc:SAML:2.0:nameid-format:transient",
subjectNameID.getFormat().toString());
+
+ SubjectConfirmationType subjectConfirmation = subject.getConfirmation().get(0);
+ assertEquals("urn:oasis:names:tc:SAML:2.0:cm:bearer",
subjectConfirmation.getMethod());
+
SubjectConfirmationDataType subjectConfirmationData =
subjectConfirmation.getSubjectConfirmationData();
- assertEquals( "ID_aaf23196-1773-2113-474a-fe114412ab72",
subjectConfirmationData.getInResponseTo() );
- assertEquals( XMLTimeUtil.parse( "2004-12-05T09:27:05Z" ),
subjectConfirmationData.getNotOnOrAfter() );
- assertEquals( "https://sp.example.com/SAML2/SSO/POST",
subjectConfirmationData.getRecipient());
-
+ assertEquals("ID_aaf23196-1773-2113-474a-fe114412ab72",
subjectConfirmationData.getInResponseTo());
+ assertEquals(XMLTimeUtil.parse("2004-12-05T09:27:05Z"),
subjectConfirmationData.getNotOnOrAfter());
+ assertEquals("https://sp.example.com/SAML2/SSO/POST";,
subjectConfirmationData.getRecipient());
+
ConditionsType conditions = assertion.getConditions();
- assertEquals( XMLTimeUtil.parse( "2004-12-05T09:17:05Z" ) ,
conditions.getNotBefore() );
- assertEquals( XMLTimeUtil.parse( "2004-12-05T09:27:05Z" ) ,
conditions.getNotOnOrAfter() );
-
+ assertEquals(XMLTimeUtil.parse("2004-12-05T09:17:05Z"),
conditions.getNotBefore());
+ assertEquals(XMLTimeUtil.parse("2004-12-05T09:27:05Z"),
conditions.getNotOnOrAfter());
+
AudienceRestrictionType audienceRestrictionType = (AudienceRestrictionType)
conditions.getConditions().get(0);
- assertEquals( 1, audienceRestrictionType.getAudience().size() );
- assertEquals( "https://sp.example.com/SAML2",
audienceRestrictionType.getAudience().get( 0 ).toString());
-
-
+ assertEquals(1, audienceRestrictionType.getAudience().size());
+ assertEquals("https://sp.example.com/SAML2";,
audienceRestrictionType.getAudience().get(0).toString());
+
/*List<JAXBElement<?>> content = subject.getContent();
int size = content.size();
@@ -300,14 +266,14 @@
assertEquals( "https://sp.example.com/SAML2/SSO/POST",
subjectConfirmationData.getRecipient());
}
} */
-
+
ByteArrayOutputStream baos = new ByteArrayOutputStream();
SAMLAssertionWriter writer = new
SAMLAssertionWriter(StaxUtil.getXMLStreamWriter(baos));
writer.write(assertion);
-
- System.out.println( new String( baos.toByteArray() ));
-
- ByteArrayInputStream bis = new ByteArrayInputStream( baos.toByteArray() );
- DocumentUtil.getDocument( bis ); //throws exceptions
+
+ System.out.println(new String(baos.toByteArray()));
+
+ ByteArrayInputStream bis = new ByteArrayInputStream(baos.toByteArray());
+ DocumentUtil.getDocument(bis); //throws exceptions
}
}
\ No newline at end of file
Modified:
federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/saml/v2/util/AssertionUtilUnitTestCase.java
===================================================================
---
federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/saml/v2/util/AssertionUtilUnitTestCase.java 2011-06-23
01:04:12 UTC (rev 1022)
+++
federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/saml/v2/util/AssertionUtilUnitTestCase.java 2011-06-23
01:05:52 UTC (rev 1023)
@@ -32,7 +32,6 @@
import org.junit.Test;
import org.picketlink.identity.federation.core.parsers.saml.SAMLParser;
-import org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLConstants;
import org.picketlink.identity.federation.core.saml.v2.util.AssertionUtil;
import org.picketlink.identity.federation.core.saml.v2.util.XMLTimeUtil;
import org.picketlink.identity.federation.saml.v2.assertion.AssertionType;
@@ -54,8 +53,7 @@
NameIDType nameIdType = new NameIDType();
nameIdType.setValue("somename");
- AssertionType assertion = new AssertionType("SomeID",
XMLTimeUtil.getIssueInstant(),
- JBossSAMLConstants.VERSION_2_0.get());
+ AssertionType assertion = new AssertionType("SomeID",
XMLTimeUtil.getIssueInstant());
assertion.setIssuer(nameIdType);
//Assertions with no conditions are everlasting
@@ -78,8 +76,7 @@
NameIDType nameIdType = new NameIDType();
nameIdType.setValue("somename");
- AssertionType assertion = new AssertionType("SomeID",
XMLTimeUtil.getIssueInstant(),
- JBossSAMLConstants.VERSION_2_0.get());
+ AssertionType assertion = new AssertionType("SomeID",
XMLTimeUtil.getIssueInstant());
assertion.setIssuer(nameIdType);
XMLGregorianCalendar now = XMLTimeUtil.getIssueInstant();
Added:
federation/trunk/picketlink-fed-core/src/test/resources/parser/saml1/saml1-assertion.xml
===================================================================
---
federation/trunk/picketlink-fed-core/src/test/resources/parser/saml1/saml1-assertion.xml
(rev 0)
+++
federation/trunk/picketlink-fed-core/src/test/resources/parser/saml1/saml1-assertion.xml 2011-06-23
01:05:52 UTC (rev 1023)
@@ -0,0 +1,25 @@
+<saml:Assertion
+ xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion"
+ MajorVersion="1" MinorVersion="1"
+ AssertionID="buGxcG4gILg5NlocyLccDz6iXrUa"
+ Issuer="https://idp.example.org/saml"
+ IssueInstant="2002-06-19T17:05:37.795Z">
+ <saml:Conditions
+ NotBefore="2002-06-19T17:00:37.795Z"
+ NotOnOrAfter="2002-06-19T17:10:37.795Z"/>
+ <saml:AuthenticationStatement
+ AuthenticationMethod="urn:oasis:names:tc:SAML:1.0:am:password"
+ AuthenticationInstant="2002-06-19T17:05:17.706Z">
+ <saml:Subject>
+ <saml:NameIdentifier
+ Format="urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress">
+ user(a)idp.example.org
+ </saml:NameIdentifier>
+ <saml:SubjectConfirmation>
+ <saml:ConfirmationMethod>
+ urn:oasis:names:tc:SAML:1.0:cm:bearer
+ </saml:ConfirmationMethod>
+ </saml:SubjectConfirmation>
+ </saml:Subject>
+ </saml:AuthenticationStatement>
+ </saml:Assertion>
\ No newline at end of file
4942
days inactive
4942
days old
picketlink-commits@lists.jboss.org
0 comments
1 participants
participants (1)
-
picketlink-commits@lists.jboss.org