November 2010 - picketlink-commits

Picketlink SVN: r575 - in federation/trunk: picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/util and 4 other directories.

by picketlink-commits＠lists.jboss.org

Author: anil.saldhana(a)jboss.com Date: 2010-11-30 17:48:15 -0500 (Tue, 30 Nov 2010) New Revision: 575 Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLAssertionParser.java federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLSubjectParser.java federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/util/SAMLParserUtil.java federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/SAMLAssertionWriter.java federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/saml/SAMLAssertionParserTestCase.java federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/saml/SAMLAuthnRequestParserTestCase.java federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/saml/SAMLResponseParserTestCase.java federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/saml/SAMLSloResponseParserTestCase.java federation/trunk/picketlink-fed-core/src/test/resources/parser/saml2/saml2-response-assertion-subject.xml federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/newmodel/saml/v2/assertion/AssertionType.java federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/newmodel/saml/v2/assertion/AuthnContextType.java Log: fixes Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLAssertionParser.java =================================================================== --- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLAssertionParser.java 2010-11-30 22:16:55 UTC (rev 574) +++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLAssertionParser.java 2010-11-30 22:48:15 UTC (rev 575) @@ -83,11 +83,8 @@ encryptedAssertion.setEncryptedElement( resultDocument.getDocumentElement() ); return encryptedAssertion; } - + - - - startElement = StaxParserUtil.getNextStartElement(xmlEventReader); //Special case: Encrypted Assertion Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLSubjectParser.java =================================================================== --- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLSubjectParser.java 2010-11-30 22:16:55 UTC (rev 574) +++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLSubjectParser.java 2010-11-30 22:48:15 UTC (rev 575) @@ -121,14 +121,7 @@ //Get the end tag EndElement endElement = (EndElement) StaxParserUtil.getNextEvent(xmlEventReader); StaxParserUtil.matches(endElement, JBossSAMLConstants.SUBJECT_CONFIRMATION.get() ); - } - else if( JBossSAMLConstants.ATTRIBUTE_STATEMENT.get().equals( tag )) - { - throw new RuntimeException( "NYI" ); - /*AttributeStatementType attributeStatement = SAMLParserUtil.parseAttributeStatement(xmlEventReader); - JAXBElement<?> jaxbEl = SAMLAssertionFactory.getObjectFactory().createAttributeStatement(attributeStatement); - subject.getContent().add( jaxbEl );*/ - } + } else throw new RuntimeException( "Unknown tag:" + tag ); } return subject; @@ -241,5 +234,5 @@ } } return keyInfo; - } + } } \ No newline at end of file Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/util/SAMLParserUtil.java =================================================================== --- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/util/SAMLParserUtil.java 2010-11-30 22:16:55 UTC (rev 574) +++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/util/SAMLParserUtil.java 2010-11-30 22:48:15 UTC (rev 575) @@ -37,7 +37,7 @@ import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AttributeStatementType.ASTChoiceType; import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AttributeType; import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AuthnContextClassRefType; -import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AuthnContextDeclType; +import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AuthnContextDeclRefType; import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AuthnContextType; import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AuthnStatementType; import org.picketlink.identity.federation.newmodel.saml.v2.assertion.NameIDType; @@ -220,7 +220,7 @@ { String text = StaxParserUtil.getElementText( xmlEventReader ); - AuthnContextDeclType aAuthnContextDeclType = new AuthnContextDeclType( NetworkUtil.createURI(text)); + AuthnContextDeclRefType aAuthnContextDeclType = new AuthnContextDeclRefType( NetworkUtil.createURI(text)); authnContextType.addURIType(aAuthnContextDeclType); EndElement endElement = StaxParserUtil.getNextEndElement(xmlEventReader); StaxParserUtil.validate(endElement, JBossSAMLConstants.AUTHN_CONTEXT.get() ); Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/SAMLAssertionWriter.java =================================================================== --- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/SAMLAssertionWriter.java 2010-11-30 22:16:55 UTC (rev 574) +++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/SAMLAssertionWriter.java 2010-11-30 22:48:15 UTC (rev 575) @@ -89,7 +89,8 @@ StaxUtil.writeAttribute( writer, JBossSAMLConstants.ISSUE_INSTANT.get(), assertion.getIssueInstant().toString() ); NameIDType issuer = assertion.getIssuer(); - write( issuer, new QName( ASSERTION_NSURI.get(), JBossSAMLConstants.ISSUER.get() ) ); + if( issuer != null ) + write( issuer, new QName( ASSERTION_NSURI.get(), JBossSAMLConstants.ISSUER.get() ) ); SubjectType subject = assertion.getSubject(); if( subject != null ) Modified: federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/saml/SAMLAssertionParserTestCase.java =================================================================== --- federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/saml/SAMLAssertionParserTestCase.java 2010-11-30 22:16:55 UTC (rev 574) +++ federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/saml/SAMLAssertionParserTestCase.java 2010-11-30 22:48:15 UTC (rev 575) @@ -31,7 +31,6 @@ import java.util.List; import java.util.Set; -import javax.xml.bind.JAXBElement; import javax.xml.namespace.QName; import org.junit.Test; @@ -41,9 +40,19 @@ import org.picketlink.identity.federation.core.saml.v2.util.DocumentUtil; import org.picketlink.identity.federation.core.saml.v2.util.XMLTimeUtil; import org.picketlink.identity.federation.core.saml.v2.writers.SAMLAssertionWriter; -import org.picketlink.identity.federation.core.util.StaxUtil; -import org.picketlink.identity.federation.newmodel.saml.v2.assertion.*; +import org.picketlink.identity.federation.core.util.StaxUtil; +import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AssertionType; +import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AttributeStatementType; import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AttributeStatementType.ASTChoiceType; +import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AttributeType; +import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AudienceRestrictionType; +import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AuthnStatementType; +import org.picketlink.identity.federation.newmodel.saml.v2.assertion.ConditionsType; +import org.picketlink.identity.federation.newmodel.saml.v2.assertion.NameIDType; +import org.picketlink.identity.federation.newmodel.saml.v2.assertion.StatementAbstractType; +import org.picketlink.identity.federation.newmodel.saml.v2.assertion.SubjectConfirmationDataType; +import org.picketlink.identity.federation.newmodel.saml.v2.assertion.SubjectConfirmationType; +import org.picketlink.identity.federation.newmodel.saml.v2.assertion.SubjectType; import org.picketlink.identity.federation.newmodel.saml.v2.assertion.SubjectType.STSubType; /** @@ -74,12 +83,12 @@ STSubType subType = subject.getSubType(); NameIDType subjectNameID = (NameIDType) subType.getBaseID(); assertEquals( "jduke", subjectNameID.getValue() ); - assertEquals( "urn:picketlink:identity-federation", subjectNameID.getNameQualifier() ); - SubjectConfirmationType subjectConfirmation = subject.getConfirmation().get(0 ); - SubjectConfirmationDataType subjectConfirmationDataType = subjectConfirmation.getSubjectConfirmationData(); - assertEquals( XMLTimeUtil.parse( "2010-09-30T19:13:37.869Z" ) , subjectConfirmationDataType.getNotBefore() ); - assertEquals( XMLTimeUtil.parse( "2010-09-30T21:13:37.869Z" ) , subjectConfirmationDataType.getNotOnOrAfter() ); + assertEquals( "urn:picketlink:identity-federation", subjectNameID.getNameQualifier() ); + ConditionsType conditions = assertion.getConditions(); + assertEquals( XMLTimeUtil.parse( "2010-09-30T19:13:37.869Z" ) , conditions.getNotBefore() ); + assertEquals( XMLTimeUtil.parse( "2010-09-30T21:13:37.869Z" ) , conditions.getNotOnOrAfter() ); + /*List<JAXBElement<?>> content = subject.getContent(); int size = content.size(); @@ -144,7 +153,7 @@ AudienceRestrictionType audienceRestrictionType = (AudienceRestrictionType) conditions.getConditions().get(0); assertEquals( 1, audienceRestrictionType.getAudience().size() ); - assertEquals( "http://services.testcorp.org/provider2", audienceRestrictionType.getAudience().get( 0 )); + assertEquals( "http://services.testcorp.org/provider2", audienceRestrictionType.getAudience().get( 0 ).toASCIIString()); /*List<JAXBElement<?>> content = subject.getContent(); @@ -230,7 +239,7 @@ STSubType subType = subject.getSubType(); NameIDType subjectNameID = (NameIDType) subType.getBaseID(); assertEquals( "3f7b3dcf-1674-4ecd-92c8-1544f346baf8", subjectNameID.getValue() ); - assertEquals( "urn:oasis:names:tc:SAML:2.0:nameid-format:transient", subjectNameID.getFormat() ); + assertEquals( "urn:oasis:names:tc:SAML:2.0:nameid-format:transient", subjectNameID.getFormat().toString() ); SubjectConfirmationType subjectConfirmation = subject.getConfirmation().get(0 ); assertEquals( "urn:oasis:names:tc:SAML:2.0:cm:bearer", subjectConfirmation.getMethod() ); @@ -246,7 +255,7 @@ AudienceRestrictionType audienceRestrictionType = (AudienceRestrictionType) conditions.getConditions().get(0); assertEquals( 1, audienceRestrictionType.getAudience().size() ); - assertEquals( "https://sp.example.com/SAML2", audienceRestrictionType.getAudience().get( 0 )); + assertEquals( "https://sp.example.com/SAML2", audienceRestrictionType.getAudience().get( 0 ).toString()); /*List<JAXBElement<?>> content = subject.getContent(); Modified: federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/saml/SAMLAuthnRequestParserTestCase.java =================================================================== --- federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/saml/SAMLAuthnRequestParserTestCase.java 2010-11-30 22:16:55 UTC (rev 574) +++ federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/saml/SAMLAuthnRequestParserTestCase.java 2010-11-30 22:48:15 UTC (rev 575) @@ -54,11 +54,11 @@ AuthnRequestType authnRequest = ( AuthnRequestType ) parser.parse(configStream); assertNotNull( "AuthnRequestType is not null", authnRequest ); - assertEquals( "http://localhost/org.eclipse.higgins.saml2idp.test/SAMLEndpoint", authnRequest.getAssertionConsumerServiceURL() ); - assertEquals( "http://localhost/org.eclipse.higgins.saml2idp.server/SAMLEndpoint", authnRequest.getDestination() ); + assertEquals( "http://localhost/org.eclipse.higgins.saml2idp.test/SAMLEndpoint", authnRequest.getAssertionConsumerServiceURL().toString() ); + assertEquals( "http://localhost/org.eclipse.higgins.saml2idp.server/SAMLEndpoint", authnRequest.getDestination().toString() ); assertEquals( "a2sffdlgdhgfg32fdldsdghdsgdgfdglgx", authnRequest.getID() ); assertEquals( XMLTimeUtil.parse( "2007-12-17T18:40:52.203Z" ), authnRequest.getIssueInstant() ); - assertEquals( "urn:oasis:names.tc:SAML:2.0:bindings:HTTP-Redirect", authnRequest.getProtocolBinding() ); + assertEquals( "urn:oasis:names.tc:SAML:2.0:bindings:HTTP-Redirect", authnRequest.getProtocolBinding().toString() ); assertEquals( "Test SAML2 SP", authnRequest.getProviderName() ); assertEquals( "2.0", authnRequest.getVersion() ); @@ -67,7 +67,7 @@ //NameID Policy NameIDPolicyType nameIDPolicy = authnRequest.getNameIDPolicy(); - assertEquals( "urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified", nameIDPolicy.getFormat() ); + assertEquals( "urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified", nameIDPolicy.getFormat().toString() ); assertEquals( Boolean.TRUE , nameIDPolicy.isAllowCreate() ); //Try out writing Modified: federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/saml/SAMLResponseParserTestCase.java =================================================================== --- federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/saml/SAMLResponseParserTestCase.java 2010-11-30 22:16:55 UTC (rev 574) +++ federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/saml/SAMLResponseParserTestCase.java 2010-11-30 22:48:15 UTC (rev 575) @@ -30,14 +30,12 @@ import java.util.Iterator; import java.util.List; -import javax.xml.bind.JAXBElement; - import org.junit.Test; import org.picketlink.identity.federation.core.parsers.saml.SAMLParser; import org.picketlink.identity.federation.core.saml.v2.util.DocumentUtil; import org.picketlink.identity.federation.core.saml.v2.util.XMLTimeUtil; import org.picketlink.identity.federation.core.saml.v2.writers.SAMLResponseWriter; -import org.picketlink.identity.federation.core.util.StaxUtil; +import org.picketlink.identity.federation.core.util.StaxUtil; import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AssertionType; import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AttributeStatementType; import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AttributeType; @@ -49,8 +47,9 @@ import org.picketlink.identity.federation.newmodel.saml.v2.assertion.SubjectConfirmationDataType; import org.picketlink.identity.federation.newmodel.saml.v2.assertion.SubjectConfirmationType; import org.picketlink.identity.federation.newmodel.saml.v2.assertion.SubjectType; -import org.picketlink.identity.federation.newmodel.saml.v2.protocol.*; +import org.picketlink.identity.federation.newmodel.saml.v2.protocol.ResponseType; import org.picketlink.identity.federation.newmodel.saml.v2.protocol.ResponseType.RTChoiceType; +import org.picketlink.identity.federation.newmodel.saml.v2.protocol.StatusType; /** * Validate the parsing of SAML2 Response @@ -78,7 +77,7 @@ //Status StatusType status = response.getStatus(); - assertEquals( "urn:oasis:names:tc:SAML:2.0:status:Success", status.getStatusCode().getValue() ); + assertEquals( "urn:oasis:names:tc:SAML:2.0:status:Success", status.getStatusCode().getValue().toString() ); List<RTChoiceType> assertionList = response.getAssertions(); assertEquals( 2, assertionList.size() ); @@ -149,7 +148,7 @@ //Status StatusType status = response.getStatus(); - assertEquals( "urn:oasis:names:tc:SAML:2.0:status:Success", status.getStatusCode().getValue() ); + assertEquals( "urn:oasis:names:tc:SAML:2.0:status:Success", status.getStatusCode().getValue().toString() ); //Get the assertion AssertionType assertion = (AssertionType) response.getAssertions().get(0).getAssertion(); @@ -164,7 +163,7 @@ NameIDType subjectNameID = (NameIDType) subject.getSubType().getBaseID(); assertEquals( "anil", subjectNameID.getValue() ); - assertEquals( "urn:oasis:names:tc:SAML:2.0:nameid-format:persistent", subjectNameID.getFormat() ); + assertEquals( "urn:oasis:names:tc:SAML:2.0:nameid-format:persistent", subjectNameID.getFormat().toString() ); SubjectConfirmationType subjectConfirmation = subject.getConfirmation().get(0); Modified: federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/saml/SAMLSloResponseParserTestCase.java =================================================================== --- federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/saml/SAMLSloResponseParserTestCase.java 2010-11-30 22:16:55 UTC (rev 574) +++ federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/saml/SAMLSloResponseParserTestCase.java 2010-11-30 22:48:15 UTC (rev 575) @@ -66,8 +66,8 @@ //Status StatusType status = response.getStatus(); - assertEquals( "urn:oasis:names:tc:SAML:2.0:status:Responder", status.getStatusCode().getValue() ); - assertEquals( "urn:oasis:names:tc:SAML:2.0:status:Success", status.getStatusCode().getStatusCode().getValue() ); + assertEquals( "urn:oasis:names:tc:SAML:2.0:status:Responder", status.getStatusCode().getValue().toString() ); + assertEquals( "urn:oasis:names:tc:SAML:2.0:status:Success", status.getStatusCode().getStatusCode().getValue().toString() ); //Let us do some writing - currently only visual inspection. We will do proper validation later. ByteArrayOutputStream baos = new ByteArrayOutputStream(); Modified: federation/trunk/picketlink-fed-core/src/test/resources/parser/saml2/saml2-response-assertion-subject.xml =================================================================== --- federation/trunk/picketlink-fed-core/src/test/resources/parser/saml2/saml2-response-assertion-subject.xml 2010-11-30 22:16:55 UTC (rev 574) +++ federation/trunk/picketlink-fed-core/src/test/resources/parser/saml2/saml2-response-assertion-subject.xml 2010-11-30 22:48:15 UTC (rev 575) @@ -17,6 +17,8 @@ InResponseTo="ID_04ded476-d73c-48af-b3a9-232a52905ffb" NotBefore="2010-11-04T00:19:16.842-05:00" NotOnOrAfter="2010-11-04T00:19:16.842-05:00" Recipient="http://localhost:8080/employee/"></saml:SubjectConfirmationData> </saml:SubjectConfirmation> + + </saml:Subject> <saml:AttributeStatement> <saml:Attribute Name="role" FriendlyName="role" NameFormat="role"> @@ -31,6 +33,5 @@ </saml:AttributeValue> </saml:Attribute> </saml:AttributeStatement> - </saml:Subject> </saml:Assertion> </samlp:Response> \ No newline at end of file Modified: federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/newmodel/saml/v2/assertion/AssertionType.java =================================================================== --- federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/newmodel/saml/v2/assertion/AssertionType.java 2010-11-30 22:16:55 UTC (rev 574) +++ federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/newmodel/saml/v2/assertion/AssertionType.java 2010-11-30 22:48:15 UTC (rev 575) @@ -23,8 +23,8 @@ import java.util.Collection; import java.util.Collections; +import java.util.LinkedHashSet; import java.util.Set; -import java.util.TreeSet; import javax.xml.datatype.XMLGregorianCalendar; @@ -70,7 +70,7 @@ private ConditionsType conditions; - private Set<StatementAbstractType> statements = new TreeSet<StatementAbstractType>(); + private Set<StatementAbstractType> statements = new LinkedHashSet<StatementAbstractType>(); public AssertionType(String iD, XMLGregorianCalendar issueInstant, String version) { Modified: federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/newmodel/saml/v2/assertion/AuthnContextType.java =================================================================== --- federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/newmodel/saml/v2/assertion/AuthnContextType.java 2010-11-30 22:16:55 UTC (rev 574) +++ federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/newmodel/saml/v2/assertion/AuthnContextType.java 2010-11-30 22:48:15 UTC (rev 575) @@ -25,8 +25,8 @@ import java.util.Arrays; import java.util.Collections; import java.util.HashSet; +import java.util.LinkedHashSet; import java.util.Set; -import java.util.TreeSet; @@ -64,7 +64,7 @@ */ public class AuthnContextType { - private Set<URI> authenticatingAuthority = new TreeSet<URI>(); + private Set<URI> authenticatingAuthority = new LinkedHashSet<URI>(); private AuthnContextTypeSequence sequence;

14 years

1
0
0 / 0

Picketlink SVN: r574 - in federation/trunk: picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers and 1 other directories.

by picketlink-commits＠lists.jboss.org

Author: anil.saldhana(a)jboss.com Date: 2010-11-30 17:16:55 -0500 (Tue, 30 Nov 2010) New Revision: 574 Modified: federation/trunk/picketlink-fed-api/src/test/java/org/picketlink/test/identity/federation/api/util/XMLEncryptionUnitTestCase.java federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/SAMLResponseWriter.java federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/util/StaxUtil.java Log: some fixes with xml enc Modified: federation/trunk/picketlink-fed-api/src/test/java/org/picketlink/test/identity/federation/api/util/XMLEncryptionUnitTestCase.java =================================================================== --- federation/trunk/picketlink-fed-api/src/test/java/org/picketlink/test/identity/federation/api/util/XMLEncryptionUnitTestCase.java 2010-11-30 21:48:59 UTC (rev 573) +++ federation/trunk/picketlink-fed-api/src/test/java/org/picketlink/test/identity/federation/api/util/XMLEncryptionUnitTestCase.java 2010-11-30 22:16:55 UTC (rev 574) @@ -21,9 +21,7 @@ */ package org.picketlink.test.identity.federation.api.util; -import java.io.ByteArrayInputStream; import java.io.InputStream; -import java.io.StringWriter; import java.security.KeyPair; import java.security.KeyPairGenerator; import java.security.PrivateKey; @@ -101,48 +99,8 @@ AssertionType assertion = (AssertionType) newRT.getAssertions().get(0).getAssertion(); assertEquals("testPrincipal", assertion.getIssuer().getValue()); - } + } - public void testEncryptAssertionWithMarshalling() throws Exception - { - KeyPair kp = this.getKeyPair("RSA"); - SecretKey sk = this.getSecretKey(); - - ResponseType rt = createResponse(); - Document responseDoc = sr.convert(rt); - - String assertionNS = JBossSAMLURIConstants.ASSERTION_NSURI.get(); - - QName assertionQName = new QName(assertionNS, "EncryptedAssertion", "saml"); - - Element docElement = XMLEncryptionUtil.encryptElementInDocument(responseDoc,kp.getPublic(), sk, - 128, assertionQName, true); - - EncryptedAssertionType eet = sr.getEncryptedAssertion(DocumentUtil.getNodeAsStream(docElement)); - rt.addAssertion( new RTChoiceType( eet )); - - StringWriter sw = new StringWriter(); - sr.marshall(rt, sw); - - - System.out.println( sw.toString() ); - - //Create a brand new ResponseType - ResponseType received = sr.getResponseType(new ByteArrayInputStream(sw.toString().getBytes("UTF-8"))); - - EncryptedAssertionType encryptedAssertionType = received.getAssertions().get(0).getEncryptedAssertion(); - Document eetDoc = sr.convert( encryptedAssertionType ); - - Element decryptedDocumentElement = XMLEncryptionUtil.decryptElementInDocument(eetDoc,kp.getPrivate()); - - //Let us use the encrypted doc element to decrypt it - ResponseType newRT = sr.getResponseType(DocumentUtil.getNodeAsStream(decryptedDocumentElement)); - - AssertionType assertion = newRT.getAssertions().get(0).getAssertion(); - assertEquals("http://identityurl", assertion.getIssuer().getValue()); - } - - public void testArbitraryXML() throws Exception { String myXML = "<somexml><a></a></somexml>"; Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/SAMLResponseWriter.java =================================================================== --- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/SAMLResponseWriter.java 2010-11-30 21:48:59 UTC (rev 573) +++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/SAMLResponseWriter.java 2010-11-30 22:16:55 UTC (rev 574) @@ -30,10 +30,8 @@ import javax.xml.namespace.QName; import javax.xml.stream.XMLStreamWriter; -import org.picketlink.identity.federation.core.exceptions.ConfigurationException; import org.picketlink.identity.federation.core.exceptions.ProcessingException; import org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLConstants; -import org.picketlink.identity.federation.core.saml.v2.util.DocumentUtil; import org.picketlink.identity.federation.core.util.StaxUtil; import org.picketlink.identity.federation.core.util.StringUtil; import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AssertionType; @@ -45,7 +43,6 @@ import org.picketlink.identity.federation.newmodel.saml.v2.protocol.StatusDetailType; import org.picketlink.identity.federation.newmodel.saml.v2.protocol.StatusResponseType; import org.picketlink.identity.federation.newmodel.saml.v2.protocol.StatusType; -import org.w3c.dom.Element; /** * Write a SAML Response to stream @@ -97,15 +94,7 @@ EncryptedAssertionType encryptedAssertion = choiceType.getEncryptedAssertion(); if( encryptedAssertion != null ) { - Element encryptedElement = encryptedAssertion.getEncryptedElement(); - try - { - StaxUtil.writeCharacters(writer, DocumentUtil.getNodeAsString(encryptedElement)); - } - catch (ConfigurationException e) - { - throw new ProcessingException( e ); - } + //Skip } } } Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/util/StaxUtil.java =================================================================== --- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/util/StaxUtil.java 2010-11-30 21:48:59 UTC (rev 573) +++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/util/StaxUtil.java 2010-11-30 22:16:55 UTC (rev 574) @@ -244,6 +244,25 @@ throw new ProcessingException(e); } } + + /** + * Write a string as text node + * + * @param writer + * @param value + * @throws ProcessingException + */ + public static void writeCData(XMLStreamWriter writer, String value) throws ProcessingException + { + try + { + writer.writeCData( value ); + } + catch (XMLStreamException e) + { + throw new ProcessingException(e); + } + } /** * Write the default namespace

14 years

1
0
0 / 0

Picketlink SVN: r573 - in federation/trunk: picketlink-bindings-jboss/src/test/java/org/picketlink/test/identity/federation/bindings/jboss/auth and 10 other directories.

by picketlink-commits＠lists.jboss.org

Author: anil.saldhana(a)jboss.com Date: 2010-11-30 16:48:59 -0500 (Tue, 30 Nov 2010) New Revision: 573 Modified: federation/trunk/picketlink-bindings-jboss/src/main/java/org/picketlink/identity/federation/bindings/jboss/auth/SAML20TokenRoleAttributeProvider.java federation/trunk/picketlink-bindings-jboss/src/test/java/org/picketlink/test/identity/federation/bindings/jboss/auth/STSMappingProviderUnitTestCase.java federation/trunk/picketlink-fed-api/src/main/java/org/picketlink/identity/federation/api/saml/v2/response/SAML2Response.java federation/trunk/picketlink-fed-api/src/test/java/org/picketlink/test/identity/federation/api/saml/v2/SignatureValidationUnitTestCase.java federation/trunk/picketlink-fed-api/src/test/java/org/picketlink/test/identity/federation/api/util/XMLEncryptionUnitTestCase.java federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLAssertionParser.java federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLParser.java federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLResponseParser.java federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLSloResponseParser.java federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLStatusResponseTypeParser.java federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLSubjectParser.java federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/util/SAMLParserUtil.java federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/constants/JBossSAMLConstants.java federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/factories/JBossSAMLBaseFactory.java federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/util/AssertionUtil.java federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/util/StatementUtil.java federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/SAMLAssertionWriter.java federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/SAMLResponseWriter.java federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/newmodel/saml/v2/assertion/AttributeType.java federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/newmodel/saml/v2/assertion/AuthnContextType.java Log: fixes Modified: federation/trunk/picketlink-bindings-jboss/src/main/java/org/picketlink/identity/federation/bindings/jboss/auth/SAML20TokenRoleAttributeProvider.java =================================================================== --- federation/trunk/picketlink-bindings-jboss/src/main/java/org/picketlink/identity/federation/bindings/jboss/auth/SAML20TokenRoleAttributeProvider.java 2010-11-30 16:56:07 UTC (rev 572) +++ federation/trunk/picketlink-bindings-jboss/src/main/java/org/picketlink/identity/federation/bindings/jboss/auth/SAML20TokenRoleAttributeProvider.java 2010-11-30 21:48:59 UTC (rev 573) @@ -84,8 +84,7 @@ else { AttributeStatementType attributeStatement = new AttributeStatementType(); - AttributeType rolesAttribute = new AttributeType(); - rolesAttribute.setName(tokenRoleAttributeName); + AttributeType rolesAttribute = new AttributeType( tokenRoleAttributeName ); attributeStatement.addAttribute( new ASTChoiceType(rolesAttribute) ); List<Object> roles = rolesAttribute.getAttributeValue(); Modified: federation/trunk/picketlink-bindings-jboss/src/test/java/org/picketlink/test/identity/federation/bindings/jboss/auth/STSMappingProviderUnitTestCase.java =================================================================== --- federation/trunk/picketlink-bindings-jboss/src/test/java/org/picketlink/test/identity/federation/bindings/jboss/auth/STSMappingProviderUnitTestCase.java 2010-11-30 16:56:07 UTC (rev 572) +++ federation/trunk/picketlink-bindings-jboss/src/test/java/org/picketlink/test/identity/federation/bindings/jboss/auth/STSMappingProviderUnitTestCase.java 2010-11-30 21:48:59 UTC (rev 573) @@ -78,9 +78,8 @@ AssertionType assertion = new AssertionType( "ID_SOME", XMLTimeUtil.getIssueInstant(), JBossSAMLConstants.VERSION_2_0.get()); AttributeStatementType attributeStatementType = new AttributeStatementType(); assertion.addStatement( attributeStatementType ); - AttributeType attributeType = new AttributeType(); - attributeStatementType.addAttribute( new ASTChoiceType(attributeType)); - attributeType.setName(roleAttributeName); + AttributeType attributeType = new AttributeType( roleAttributeName ); + attributeStatementType.addAttribute( new ASTChoiceType(attributeType)); attributeType.getAttributeValue().add(role1); attributeType.getAttributeValue().add(role2); Modified: federation/trunk/picketlink-fed-api/src/main/java/org/picketlink/identity/federation/api/saml/v2/response/SAML2Response.java =================================================================== --- federation/trunk/picketlink-fed-api/src/main/java/org/picketlink/identity/federation/api/saml/v2/response/SAML2Response.java 2010-11-30 16:56:07 UTC (rev 572) +++ federation/trunk/picketlink-fed-api/src/main/java/org/picketlink/identity/federation/api/saml/v2/response/SAML2Response.java 2010-11-30 21:48:59 UTC (rev 573) @@ -305,6 +305,8 @@ /*JAXBContext jaxb = JAXBUtil.getJAXBContext(EncryptedElementType.class); Binder<Node> binder = jaxb.createBinder(); */ + if( encryptedElementType == null ) + throw new IllegalArgumentException( "encryptedElementType is null "); Document doc = DocumentUtil.createDocument(); Node importedNode = doc.importNode( encryptedElementType.getEncryptedElement(), true ); doc.appendChild(importedNode); Modified: federation/trunk/picketlink-fed-api/src/test/java/org/picketlink/test/identity/federation/api/saml/v2/SignatureValidationUnitTestCase.java =================================================================== --- federation/trunk/picketlink-fed-api/src/test/java/org/picketlink/test/identity/federation/api/saml/v2/SignatureValidationUnitTestCase.java 2010-11-30 16:56:07 UTC (rev 572) +++ federation/trunk/picketlink-fed-api/src/test/java/org/picketlink/test/identity/federation/api/saml/v2/SignatureValidationUnitTestCase.java 2010-11-30 21:48:59 UTC (rev 573) @@ -28,10 +28,9 @@ import java.security.KeyPair; import java.security.KeyPairGenerator; -import javax.xml.bind.Binder; -import javax.xml.bind.JAXBElement; import javax.xml.crypto.dsig.SignatureMethod; +import org.junit.Test; import org.picketlink.identity.federation.api.saml.v2.request.SAML2Request; import org.picketlink.identity.federation.api.saml.v2.response.SAML2Response; import org.picketlink.identity.federation.api.saml.v2.sig.SAML2Signature; @@ -41,12 +40,11 @@ import org.picketlink.identity.federation.core.saml.v2.util.DocumentUtil; import org.picketlink.identity.federation.core.saml.v2.util.SignatureUtil; import org.picketlink.identity.federation.core.saml.v2.util.XMLTimeUtil; -import org.picketlink.identity.federation.core.util.XMLSignatureUtil; +import org.picketlink.identity.federation.core.util.XMLSignatureUtil; import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AssertionType; import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AuthnStatementType; import org.picketlink.identity.federation.newmodel.saml.v2.protocol.AuthnRequestType; import org.picketlink.identity.federation.newmodel.saml.v2.protocol.ResponseType; -import org.junit.Test; import org.w3c.dom.Document; import org.w3c.dom.Node; @@ -126,7 +124,6 @@ assertTrue(isValid); } - @SuppressWarnings("unchecked") @Test public void testSigningAnAssertionWithinResponse() throws Exception { Modified: federation/trunk/picketlink-fed-api/src/test/java/org/picketlink/test/identity/federation/api/util/XMLEncryptionUnitTestCase.java =================================================================== --- federation/trunk/picketlink-fed-api/src/test/java/org/picketlink/test/identity/federation/api/util/XMLEncryptionUnitTestCase.java 2010-11-30 16:56:07 UTC (rev 572) +++ federation/trunk/picketlink-fed-api/src/test/java/org/picketlink/test/identity/federation/api/util/XMLEncryptionUnitTestCase.java 2010-11-30 21:48:59 UTC (rev 573) @@ -22,6 +22,7 @@ package org.picketlink.test.identity.federation.api.util; import java.io.ByteArrayInputStream; +import java.io.InputStream; import java.io.StringWriter; import java.security.KeyPair; import java.security.KeyPairGenerator; @@ -79,22 +80,26 @@ Element docElement = XMLEncryptionUtil.encryptElementInDocument(responseDoc,kp.getPublic(), sk, 128, assertionQName, true); - - EncryptedAssertionType eet = sr.getEncryptedAssertion(DocumentUtil.getNodeAsStream(docElement)); + + // System.out.println( DocumentUtil.getNodeAsString(docElement)); + + InputStream is = DocumentUtil.getNodeAsStream( docElement ); + EncryptedAssertionType eet = sr.getEncryptedAssertion( is ); rt.addAssertion( new RTChoiceType( eet ) ); - RTChoiceType choiceType = rt.getAssertions().get(0); + RTChoiceType choiceType = rt.getAssertions().get(1); EncryptedAssertionType encryptedAssertionType = choiceType.getEncryptedAssertion(); Document eetDoc = sr.convert( encryptedAssertionType ); Element decryptedDocumentElement = XMLEncryptionUtil.decryptElementInDocument(eetDoc,kp.getPrivate()); + + //Let us use the encrypted doc element to decrypt it - //Let us use the encrypted doc element to decrypt it ResponseType newRT = sr.getResponseType(DocumentUtil.getNodeAsStream(decryptedDocumentElement)); AssertionType assertion = (AssertionType) newRT.getAssertions().get(0).getAssertion(); - assertEquals("http://identityurl", assertion.getIssuer().getValue()); + assertEquals("testPrincipal", assertion.getIssuer().getValue()); } @@ -119,6 +124,9 @@ StringWriter sw = new StringWriter(); sr.marshall(rt, sw); + + System.out.println( sw.toString() ); + //Create a brand new ResponseType ResponseType received = sr.getResponseType(new ByteArrayInputStream(sw.toString().getBytes("UTF-8"))); Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLAssertionParser.java =================================================================== --- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLAssertionParser.java 2010-11-30 16:56:07 UTC (rev 572) +++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLAssertionParser.java 2010-11-30 21:48:59 UTC (rev 573) @@ -28,6 +28,9 @@ import javax.xml.stream.events.EndElement; import javax.xml.stream.events.StartElement; import javax.xml.stream.events.XMLEvent; +import javax.xml.transform.Transformer; +import javax.xml.transform.dom.DOMResult; +import javax.xml.transform.stax.StAXSource; import org.picketlink.identity.federation.core.exceptions.ParsingException; import org.picketlink.identity.federation.core.parsers.ParserNamespaceSupport; @@ -35,8 +38,11 @@ import org.picketlink.identity.federation.core.parsers.util.StaxParserUtil; import org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLConstants; import org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLURIConstants; +import org.picketlink.identity.federation.core.saml.v2.util.DocumentUtil; import org.picketlink.identity.federation.core.saml.v2.util.XMLTimeUtil; +import org.picketlink.identity.federation.core.util.TransformerUtil; import org.picketlink.identity.federation.newmodel.saml.v2.assertion.*; +import org.w3c.dom.Document; /** * Parse the saml assertion @@ -52,7 +58,39 @@ */ public Object parse(XMLEventReader xmlEventReader) throws ParsingException { - StartElement startElement = StaxParserUtil.getNextStartElement(xmlEventReader); + StartElement startElement = StaxParserUtil.peekNextStartElement(xmlEventReader); + String startElementName = StaxParserUtil.getStartElementName(startElement); + if( startElementName.equals( JBossSAMLConstants.ENCRYPTED_ASSERTION.get() )) + { + Document resultDocument; + try + { + resultDocument = DocumentUtil.createDocument(); + DOMResult domResult = new DOMResult( resultDocument ); + + //Let us parse <c><d> using transformer + StAXSource source = new StAXSource(xmlEventReader); + + Transformer transformer = TransformerUtil.getStaxSourceToDomResultTransformer(); + transformer.transform( source, domResult ); + } + catch ( Exception e) + { + throw new RuntimeException( e ); + } + + EncryptedAssertionType encryptedAssertion = new EncryptedAssertionType(); + encryptedAssertion.setEncryptedElement( resultDocument.getDocumentElement() ); + return encryptedAssertion; + } + + + + + + startElement = StaxParserUtil.getNextStartElement(xmlEventReader); + + //Special case: Encrypted Assertion StaxParserUtil.validate(startElement, ASSERTION ); AssertionType assertion = parseBaseAttributes( startElement ); Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLParser.java =================================================================== --- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLParser.java 2010-11-30 16:56:07 UTC (rev 572) +++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLParser.java 2010-11-30 21:48:59 UTC (rev 573) @@ -85,8 +85,12 @@ SAMLResponseParser responseParser = new SAMLResponseParser(); return responseParser.parse( xmlEventReader ); } - else - throw new RuntimeException( "Unknown Tag:" + elementName ); + else if( JBossSAMLURIConstants.ASSERTION_NSURI.get().equals(nsURI) ) + { + SAMLAssertionParser assertionParser = new SAMLAssertionParser(); + return assertionParser.parse( xmlEventReader ); + } + else throw new RuntimeException( "Unknown Tag:" + elementName ); } else { Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLResponseParser.java =================================================================== --- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLResponseParser.java 2010-11-30 16:56:07 UTC (rev 572) +++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLResponseParser.java 2010-11-30 21:48:59 UTC (rev 573) @@ -31,8 +31,10 @@ import org.picketlink.identity.federation.core.parsers.util.StaxParserUtil; import org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLConstants; import org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLURIConstants; -import org.picketlink.identity.federation.saml.v2.assertion.NameIDType; -import org.picketlink.identity.federation.saml.v2.protocol.ResponseType; +import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AssertionType; +import org.picketlink.identity.federation.newmodel.saml.v2.assertion.NameIDType; +import org.picketlink.identity.federation.newmodel.saml.v2.protocol.ResponseType; +import org.picketlink.identity.federation.newmodel.saml.v2.protocol.ResponseType.RTChoiceType; /** * Parse the SAML Response @@ -76,7 +78,7 @@ else if( JBossSAMLConstants.ASSERTION.get().equals( elementName )) { SAMLAssertionParser assertionParser = new SAMLAssertionParser(); - response.getAssertionOrEncryptedAssertion().add( assertionParser.parse(xmlEventReader)); + response.addAssertion( new RTChoiceType( (AssertionType) assertionParser.parse(xmlEventReader ) )); } else if( JBossSAMLConstants.STATUS.get().equals( elementName )) { Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLSloResponseParser.java =================================================================== --- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLSloResponseParser.java 2010-11-30 16:56:07 UTC (rev 572) +++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLSloResponseParser.java 2010-11-30 21:48:59 UTC (rev 573) @@ -34,8 +34,8 @@ import org.picketlink.identity.federation.core.parsers.util.StaxParserUtil; import org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLConstants; import org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLURIConstants; -import org.picketlink.identity.federation.saml.v2.assertion.NameIDType; -import org.picketlink.identity.federation.saml.v2.protocol.StatusResponseType; +import org.picketlink.identity.federation.newmodel.saml.v2.assertion.NameIDType; +import org.picketlink.identity.federation.newmodel.saml.v2.protocol.StatusResponseType; /** * Parse the SLO Response Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLStatusResponseTypeParser.java =================================================================== --- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLStatusResponseTypeParser.java 2010-11-30 16:56:07 UTC (rev 572) +++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLStatusResponseTypeParser.java 2010-11-30 21:48:59 UTC (rev 573) @@ -32,9 +32,10 @@ import org.picketlink.identity.federation.core.parsers.util.StaxParserUtil; import org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLConstants; import org.picketlink.identity.federation.core.saml.v2.util.XMLTimeUtil; -import org.picketlink.identity.federation.saml.v2.protocol.StatusCodeType; -import org.picketlink.identity.federation.saml.v2.protocol.StatusResponseType; -import org.picketlink.identity.federation.saml.v2.protocol.StatusType; +import org.picketlink.identity.federation.core.util.NetworkUtil; +import org.picketlink.identity.federation.newmodel.saml.v2.protocol.StatusCodeType; +import org.picketlink.identity.federation.newmodel.saml.v2.protocol.StatusResponseType; +import org.picketlink.identity.federation.newmodel.saml.v2.protocol.StatusType; /** * Base Class for all Response Type parsing for SAML2 @@ -114,7 +115,7 @@ Attribute valueAttr = startElement.getAttributeByName( new QName( "Value" )); if( valueAttr != null ) { - statusCode.setValue( StaxParserUtil.getAttributeValue( valueAttr )); + statusCode.setValue( NetworkUtil.createURI( StaxParserUtil.getAttributeValue( valueAttr ) )); } status.setStatusCode( statusCode ); @@ -127,7 +128,7 @@ Attribute subValueAttr = startElement.getAttributeByName( new QName( "Value" )); if( subValueAttr != null ) { - subStatusCodeType.setValue( StaxParserUtil.getAttributeValue( subValueAttr )); + subStatusCodeType.setValue( NetworkUtil.createURI( StaxParserUtil.getAttributeValue( subValueAttr ))); } statusCode.setStatusCode( subStatusCodeType ); } Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLSubjectParser.java =================================================================== --- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLSubjectParser.java 2010-11-30 16:56:07 UTC (rev 572) +++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLSubjectParser.java 2010-11-30 21:48:59 UTC (rev 573) @@ -69,7 +69,10 @@ { EndElement endElement = (EndElement) xmlEvent; if( StaxParserUtil.matches(endElement , JBossSAMLConstants.SUBJECT.get() )) - break; + { + endElement = StaxParserUtil.getNextEndElement(xmlEventReader); + break; + } else throw new RuntimeException( "Unknown End Element:" + StaxParserUtil.getEndElementName( endElement ) ); } Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/util/SAMLParserUtil.java =================================================================== --- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/util/SAMLParserUtil.java 2010-11-30 16:56:07 UTC (rev 572) +++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/util/SAMLParserUtil.java 2010-11-30 21:48:59 UTC (rev 573) @@ -85,27 +85,27 @@ * @throws ParsingException */ public static AttributeType parseAttribute( XMLEventReader xmlEventReader ) throws ParsingException - { - AttributeType attributeType = new AttributeType(); - + { StartElement startElement = StaxParserUtil.getNextStartElement(xmlEventReader); StaxParserUtil.validate( startElement, JBossSAMLConstants.ATTRIBUTE.get() ); - + AttributeType attributeType = null; + + Attribute name = startElement.getAttributeByName( new QName( JBossSAMLConstants.NAME.get() )); + if( name == null ) + throw new RuntimeException( "Required attribute Name in Attribute" ); + attributeType = new AttributeType( StaxParserUtil.getAttributeValue( name )); + //Look for X500 Encoding QName x500EncodingName = new QName( JBossSAMLURIConstants.X500_NSURI.get(), JBossSAMLConstants.ENCODING.get() ); Attribute x500EncodingAttr = startElement.getAttributeByName( x500EncodingName ); if( x500EncodingAttr != null ) - { + { attributeType.getOtherAttributes().put( x500EncodingAttr.getName(), StaxParserUtil.getAttributeValue( x500EncodingAttr )); } - - Attribute name = startElement.getAttributeByName( new QName( JBossSAMLConstants.NAME.get() )); - if( name == null ) - throw new RuntimeException( "Required attribute Name in Attribute" ); - attributeType.setName( StaxParserUtil.getAttributeValue( name )); - + + Attribute friendlyName = startElement.getAttributeByName( new QName( JBossSAMLConstants.FRIENDLY_NAME.get() )); if( friendlyName != null ) attributeType.setFriendlyName( StaxParserUtil.getAttributeValue( friendlyName )); @@ -127,7 +127,7 @@ if( JBossSAMLConstants.ATTRIBUTE_VALUE.get().equals( tag ) ) { Object attributeValue = parseAttributeValue(xmlEventReader); - attributeType.getAttributeValue().add( attributeValue ); + attributeType.addAttributeValue( attributeValue ); } else throw new RuntimeException( "Unknown tag:" + tag ); } Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/constants/JBossSAMLConstants.java =================================================================== --- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/constants/JBossSAMLConstants.java 2010-11-30 16:56:07 UTC (rev 572) +++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/constants/JBossSAMLConstants.java 2010-11-30 21:48:59 UTC (rev 573) @@ -49,6 +49,7 @@ CONSENT( "Consent" ), DESTINATION( "Destination" ), ENCODING( "Encoding" ), + ENCRYPTED_ASSERTION( "EncryptedAssertion" ), FORMAT( "Format" ), FRIENDLY_NAME( "FriendlyName" ), ID( "ID" ), Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/factories/JBossSAMLBaseFactory.java =================================================================== --- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/factories/JBossSAMLBaseFactory.java 2010-11-30 16:56:07 UTC (rev 572) +++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/factories/JBossSAMLBaseFactory.java 2010-11-30 21:48:59 UTC (rev 573) @@ -55,9 +55,8 @@ */ public static AttributeType createAttributeForRole(String roleName) { - AttributeType att = new AttributeType(); - att.setFriendlyName("role"); - att.setName("role"); + AttributeType att = new AttributeType( "role" ); + att.setFriendlyName("role"); att.setNameFormat(JBossSAMLURIConstants.ATTRIBUTE_FORMAT_BASIC.get()); //rolename @@ -74,7 +73,7 @@ public static AttributeStatementType createAttributeStatement(String attributeValue) { AttributeStatementType attribStatement = new AttributeStatementType(); - AttributeType att = new AttributeType(); + AttributeType att = new AttributeType( attributeValue ); att.addAttributeValue(attributeValue); attribStatement.addAttribute( new ASTChoiceType( att )); Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/util/AssertionUtil.java =================================================================== --- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/util/AssertionUtil.java 2010-11-30 16:56:07 UTC (rev 572) +++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/util/AssertionUtil.java 2010-11-30 21:48:59 UTC (rev 573) @@ -74,8 +74,7 @@ public static AttributeType createAttribute(String name, String nameFormat, Object... attributeValues) { - AttributeType att = new AttributeType(); - att.setName(name); + AttributeType att = new AttributeType( name ); att.setNameFormat(nameFormat); if(attributeValues != null && attributeValues.length > 0) { Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/util/StatementUtil.java =================================================================== --- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/util/StatementUtil.java 2010-11-30 16:56:07 UTC (rev 572) +++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/util/StatementUtil.java 2010-11-30 21:48:59 UTC (rev 573) @@ -74,7 +74,7 @@ Collection<?> roles = (Collection<?>) value; for (Object role : roles) { - AttributeType roleAttr = new AttributeType(); + AttributeType roleAttr = new AttributeType( "Role" ); roleAttr.addAttributeValue(role); attrStatement.addAttribute( new ASTChoiceType( roleAttr )); } @@ -83,29 +83,33 @@ else { - AttributeType att = getX500Attribute(); + AttributeType att; Object value = attributes.get(key); if (AttributeConstants.EMAIL_ADDRESS.equals(key)) { - att.setFriendlyName(X500SAMLProfileConstants.EMAIL_ADDRESS.getFriendlyName()); - att.setName(X500SAMLProfileConstants.EMAIL_ADDRESS.get()); + att = getX500Attribute( X500SAMLProfileConstants.EMAIL_ADDRESS.get() ); + att.setFriendlyName(X500SAMLProfileConstants.EMAIL_ADDRESS.getFriendlyName()); } else if (AttributeConstants.EMPLOYEE_NUMBER.equals(key)) { - att.setFriendlyName(X500SAMLProfileConstants.EMPLOYEE_NUMBER.getFriendlyName()); - att.setName(X500SAMLProfileConstants.EMPLOYEE_NUMBER.get()); + att = getX500Attribute( X500SAMLProfileConstants.EMPLOYEE_NUMBER.get() ); + att.setFriendlyName(X500SAMLProfileConstants.EMPLOYEE_NUMBER.getFriendlyName()); } else if (AttributeConstants.GIVEN_NAME.equals(key)) { - att.setFriendlyName(X500SAMLProfileConstants.GIVENNAME.getFriendlyName()); - att.setName(X500SAMLProfileConstants.GIVENNAME.get()); + att = getX500Attribute( X500SAMLProfileConstants.GIVENNAME.get() ); + att.setFriendlyName(X500SAMLProfileConstants.GIVENNAME.getFriendlyName()); } else if (AttributeConstants.TELEPHONE.equals(key)) { + att = getX500Attribute( X500SAMLProfileConstants.TELEPHONE.get() ); att.setFriendlyName(X500SAMLProfileConstants.TELEPHONE.getFriendlyName()); att.setName(X500SAMLProfileConstants.TELEPHONE.get()); } + else + throw new RuntimeException( "Unknown:" + key ); + att.addAttributeValue( value ); attrStatement.addAttribute( new ASTChoiceType( att )); } @@ -123,16 +127,16 @@ AttributeStatementType attrStatement = new AttributeStatementType(); for (String role : roles) { - AttributeType attr = new AttributeType(); + AttributeType attr = new AttributeType( "Role" ); attr.addAttributeValue( role ); attrStatement.addAttribute( new ASTChoiceType( attr )); } return attrStatement; } - private static AttributeType getX500Attribute() + private static AttributeType getX500Attribute( String name ) { - AttributeType att = new AttributeType(); + AttributeType att = new AttributeType( name ); att.getOtherAttributes().put(X500_QNAME, "LDAP"); att.setNameFormat(JBossSAMLURIConstants.ATTRIBUTE_FORMAT_URI.get()); Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/SAMLAssertionWriter.java =================================================================== --- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/SAMLAssertionWriter.java 2010-11-30 16:56:07 UTC (rev 572) +++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/SAMLAssertionWriter.java 2010-11-30 21:48:59 UTC (rev 573) @@ -252,7 +252,11 @@ { StaxUtil.writeStartElement( writer, ASSERTION_PREFIX, JBossSAMLConstants.ATTRIBUTE.get() , ASSERTION_NSURI.get() ); - StaxUtil.writeAttribute( writer, JBossSAMLConstants.NAME.get(), attributeType.getName() ); + String attributeName = attributeType.getName(); + if( attributeName != null ) + { + StaxUtil.writeAttribute( writer, JBossSAMLConstants.NAME.get(), attributeName ); + } String friendlyName = attributeType.getFriendlyName(); if( StringUtil.isNotNull( friendlyName )) Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/SAMLResponseWriter.java =================================================================== --- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/SAMLResponseWriter.java 2010-11-30 16:56:07 UTC (rev 572) +++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/SAMLResponseWriter.java 2010-11-30 21:48:59 UTC (rev 573) @@ -30,11 +30,14 @@ import javax.xml.namespace.QName; import javax.xml.stream.XMLStreamWriter; +import org.picketlink.identity.federation.core.exceptions.ConfigurationException; import org.picketlink.identity.federation.core.exceptions.ProcessingException; import org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLConstants; +import org.picketlink.identity.federation.core.saml.v2.util.DocumentUtil; import org.picketlink.identity.federation.core.util.StaxUtil; import org.picketlink.identity.federation.core.util.StringUtil; import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AssertionType; +import org.picketlink.identity.federation.newmodel.saml.v2.assertion.EncryptedAssertionType; import org.picketlink.identity.federation.newmodel.saml.v2.assertion.NameIDType; import org.picketlink.identity.federation.newmodel.saml.v2.protocol.ResponseType; import org.picketlink.identity.federation.newmodel.saml.v2.protocol.ResponseType.RTChoiceType; @@ -42,6 +45,7 @@ import org.picketlink.identity.federation.newmodel.saml.v2.protocol.StatusDetailType; import org.picketlink.identity.federation.newmodel.saml.v2.protocol.StatusResponseType; import org.picketlink.identity.federation.newmodel.saml.v2.protocol.StatusType; +import org.w3c.dom.Element; /** * Write a SAML Response to stream @@ -85,10 +89,24 @@ for( RTChoiceType choiceType: choiceTypes ) { AssertionType assertion = choiceType.getAssertion(); - if( assertion instanceof AssertionType ) + if( assertion != null ) { assertionWriter.write( (AssertionType) assertion ); } + + EncryptedAssertionType encryptedAssertion = choiceType.getEncryptedAssertion(); + if( encryptedAssertion != null ) + { + Element encryptedElement = encryptedAssertion.getEncryptedElement(); + try + { + StaxUtil.writeCharacters(writer, DocumentUtil.getNodeAsString(encryptedElement)); + } + catch (ConfigurationException e) + { + throw new ProcessingException( e ); + } + } } } StaxUtil.writeEndElement( writer); Modified: federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/newmodel/saml/v2/assertion/AttributeType.java =================================================================== --- federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/newmodel/saml/v2/assertion/AttributeType.java 2010-11-30 16:56:07 UTC (rev 572) +++ federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/newmodel/saml/v2/assertion/AttributeType.java 2010-11-30 21:48:59 UTC (rev 573) @@ -57,6 +57,11 @@ protected String nameFormat; protected String friendlyName; private Map<QName, String> otherAttributes = new HashMap<QName, String>(); + + public AttributeType( String name ) + { + this.name = name; + } public void addAttributeValue( Object value ) { Modified: federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/newmodel/saml/v2/assertion/AuthnContextType.java =================================================================== --- federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/newmodel/saml/v2/assertion/AuthnContextType.java 2010-11-30 16:56:07 UTC (rev 572) +++ federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/newmodel/saml/v2/assertion/AuthnContextType.java 2010-11-30 21:48:59 UTC (rev 573) @@ -24,6 +24,7 @@ import java.net.URI; import java.util.Arrays; import java.util.Collections; +import java.util.HashSet; import java.util.Set; import java.util.TreeSet; @@ -67,7 +68,7 @@ private AuthnContextTypeSequence sequence; - private Set<URIType> URITypes; + private Set<URIType> URITypes = new HashSet<URIType>(); public void addAuthenticatingAuthority( URI aa )

14 years

1
0
0 / 0

Picketlink SVN: r572 - in federation/trunk: picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml and 2 other directories.

by picketlink-commits＠lists.jboss.org

Author: anil.saldhana(a)jboss.com Date: 2010-11-30 11:56:07 -0500 (Tue, 30 Nov 2010) New Revision: 572 Modified: federation/trunk/picketlink-fed-api/src/test/java/org/picketlink/test/identity/federation/api/saml/v2/SAML2AuthnRequestUnitTestCase.java federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLAuthNRequestParser.java federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLConditionsParser.java federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLRequestAbstractParser.java federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/constants/JBossSAMLConstants.java federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/SAMLRequestWriter.java Log: additional parsing guards Modified: federation/trunk/picketlink-fed-api/src/test/java/org/picketlink/test/identity/federation/api/saml/v2/SAML2AuthnRequestUnitTestCase.java =================================================================== --- federation/trunk/picketlink-fed-api/src/test/java/org/picketlink/test/identity/federation/api/saml/v2/SAML2AuthnRequestUnitTestCase.java 2010-11-30 16:20:18 UTC (rev 571) +++ federation/trunk/picketlink-fed-api/src/test/java/org/picketlink/test/identity/federation/api/saml/v2/SAML2AuthnRequestUnitTestCase.java 2010-11-30 16:56:07 UTC (rev 572) @@ -60,9 +60,9 @@ AuthnRequestType authnRequestType = request.getAuthnRequestType(resourceName); - assertEquals("http://www.example.com/", authnRequestType.getDestination()); + assertEquals("http://www.example.com/", authnRequestType.getDestination().toString()); assertEquals("urn:oasis:names:tc:SAML:2.0:consent:obtained", authnRequestType.getConsent()); - assertEquals("http://www.example.com/",authnRequestType.getAssertionConsumerServiceURL()); + assertEquals("http://www.example.com/",authnRequestType.getAssertionConsumerServiceURL().toString()); assertEquals(Integer.valueOf("0"), authnRequestType.getAttributeConsumingServiceIndex()); SubjectType subjectType = authnRequestType.getSubject(); @@ -71,7 +71,7 @@ STSubType subType = subjectType.getSubType(); NameIDType nameIDType = (NameIDType) subType.getBaseID(); - assertEquals("urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress",nameIDType.getFormat()); + assertEquals("urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress",nameIDType.getFormat().toString()); assertEquals("j.doe(a)company.com",nameIDType.getValue()); ConditionsType conditionsType = authnRequestType.getConditions(); Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLAuthNRequestParser.java =================================================================== --- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLAuthNRequestParser.java 2010-11-30 16:20:18 UTC (rev 571) +++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLAuthNRequestParser.java 2010-11-30 16:56:07 UTC (rev 572) @@ -30,10 +30,13 @@ import org.picketlink.identity.federation.core.parsers.ParserNamespaceSupport; import org.picketlink.identity.federation.core.parsers.util.StaxParserUtil; import org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLConstants; -import org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLURIConstants; +import org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLURIConstants; import org.picketlink.identity.federation.core.util.NetworkUtil; +import org.picketlink.identity.federation.newmodel.saml.v2.assertion.ConditionsType; +import org.picketlink.identity.federation.newmodel.saml.v2.assertion.SubjectType; import org.picketlink.identity.federation.newmodel.saml.v2.protocol.AuthnRequestType; import org.picketlink.identity.federation.newmodel.saml.v2.protocol.NameIDPolicyType; +import org.picketlink.identity.federation.newmodel.saml.v2.protocol.RequestedAuthnContextType; /** * Parse the SAML2 AuthnRequest @@ -68,8 +71,27 @@ startElement = StaxParserUtil.getNextStartElement( xmlEventReader ); authnRequest.setNameIDPolicy( getNameIDPolicy( startElement )); } - else - throw new RuntimeException( "Unknown Element:" + elementName ); + else if( JBossSAMLConstants.SUBJECT.get().equals( elementName )) + { + authnRequest.setSubject( getSubject(xmlEventReader) ); + } + else if( JBossSAMLConstants.CONDITIONS.get().equals( elementName )) + { + authnRequest.setConditions( (ConditionsType) ( new SAMLConditionsParser()).parse(xmlEventReader)); + } + else if( JBossSAMLConstants.REQUESTED_AUTHN_CONTEXT.get().equals( elementName )) + { + authnRequest.setRequestedAuthnContext( getRequestedAuthnContextType(xmlEventReader)); + } + else if( JBossSAMLConstants.ISSUER.get().equals( elementName )) + { + continue; + } + else if( JBossSAMLConstants.SIGNATURE.get().equals( elementName )) + { + continue; + } + else throw new RuntimeException( "Unknown Element:" + elementName ); } return authnRequest; } @@ -151,4 +173,29 @@ return nameIDPolicy; } + + private SubjectType getSubject( XMLEventReader xmlEventReader ) throws ParsingException + { + SAMLSubjectParser subjectParser = new SAMLSubjectParser(); + return (SubjectType) subjectParser.parse(xmlEventReader); + } + + private RequestedAuthnContextType getRequestedAuthnContextType( XMLEventReader xmlEventReader ) throws ParsingException + { + RequestedAuthnContextType ract = new RequestedAuthnContextType(); + StartElement startElement = StaxParserUtil.getNextStartElement(xmlEventReader); + StaxParserUtil.validate(startElement, JBossSAMLConstants.REQUESTED_AUTHN_CONTEXT.get() ); + + startElement = StaxParserUtil.getNextStartElement(xmlEventReader); + String elName = StaxParserUtil.getStartElementName(startElement); + + if( elName.equals( JBossSAMLConstants.AUTHN_CONTEXT_CLASS_REF.get() )) + { + String value = StaxParserUtil.getElementText(xmlEventReader); + ract.addAuthnContextClassRef(value); + } + else throw new RuntimeException( "unknown :" + elName ); + + return ract; + } } \ No newline at end of file Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLConditionsParser.java =================================================================== --- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLConditionsParser.java 2010-11-30 16:20:18 UTC (rev 571) +++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLConditionsParser.java 2010-11-30 16:56:07 UTC (rev 572) @@ -34,8 +34,9 @@ import org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLConstants; import org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLURIConstants; import org.picketlink.identity.federation.core.saml.v2.util.XMLTimeUtil; -import org.picketlink.identity.federation.saml.v2.assertion.AudienceRestrictionType; -import org.picketlink.identity.federation.saml.v2.assertion.ConditionsType; +import org.picketlink.identity.federation.core.util.NetworkUtil; +import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AudienceRestrictionType; +import org.picketlink.identity.federation.newmodel.saml.v2.assertion.ConditionsType; /** * Parse the <conditions> in the saml assertion @@ -113,7 +114,7 @@ if( JBossSAMLConstants.AUDIENCE_RESTRICTION.get().equals( tag ) ) { AudienceRestrictionType audienceRestriction = getAudienceRestriction(xmlEventReader); - conditions.getConditionOrAudienceRestrictionOrOneTimeUse().add( audienceRestriction ); + conditions.addCondition( audienceRestriction ); } else throw new RuntimeException( "Unknown tag:" + tag ); } @@ -155,7 +156,7 @@ throw new ParsingException( "audienceValue is expected ahead" ); String audienceValue = StaxParserUtil.getElementText( xmlEventReader ); - audience.getAudience().add( audienceValue ); + audience.addAudience( NetworkUtil.createURI( audienceValue )); XMLEvent xmlEvent = StaxParserUtil.peek(xmlEventReader); if( xmlEvent instanceof EndElement ) Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLRequestAbstractParser.java =================================================================== --- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLRequestAbstractParser.java 2010-11-30 16:20:18 UTC (rev 571) +++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLRequestAbstractParser.java 2010-11-30 16:56:07 UTC (rev 572) @@ -25,14 +25,20 @@ import javax.xml.stream.XMLEventReader; import javax.xml.stream.events.Attribute; import javax.xml.stream.events.StartElement; +import javax.xml.transform.Transformer; +import javax.xml.transform.dom.DOMResult; +import javax.xml.transform.stax.StAXSource; import org.picketlink.identity.federation.core.exceptions.ParsingException; -import org.picketlink.identity.federation.core.parsers.util.StaxParserUtil; +import org.picketlink.identity.federation.core.parsers.util.StaxParserUtil; import org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLConstants; -import org.picketlink.identity.federation.core.saml.v2.util.XMLTimeUtil; +import org.picketlink.identity.federation.core.saml.v2.util.DocumentUtil; +import org.picketlink.identity.federation.core.saml.v2.util.XMLTimeUtil; import org.picketlink.identity.federation.core.util.NetworkUtil; +import org.picketlink.identity.federation.core.util.TransformerUtil; import org.picketlink.identity.federation.newmodel.saml.v2.assertion.NameIDType; import org.picketlink.identity.federation.newmodel.saml.v2.protocol.RequestAbstractType; +import org.w3c.dom.Document; /** * Base Class for SAML Request Parsing @@ -86,9 +92,26 @@ request.setIssuer( issuer ); } else if( JBossSAMLConstants.SIGNATURE.get().equals( elementName )) - { - startElement = StaxParserUtil.getNextStartElement( xmlEventReader ); - StaxParserUtil.bypassElementBlock(xmlEventReader, JBossSAMLConstants.SIGNATURE.get() ); + { + Document resultDocument; + try + { + resultDocument = DocumentUtil.createDocument(); + DOMResult domResult = new DOMResult( resultDocument ); + + //Let us parse <c><d> using transformer + StAXSource source = new StAXSource(xmlEventReader); + + Transformer transformer = TransformerUtil.getStaxSourceToDomResultTransformer(); + transformer.transform( source, domResult ); + } + catch ( Exception e) + { + throw new RuntimeException( e ); + } + + request.setSignature( resultDocument.getDocumentElement() ); + //StaxParserUtil.bypassElementBlock(xmlEventReader, JBossSAMLConstants.SIGNATURE.get() ); } } } \ No newline at end of file Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/constants/JBossSAMLConstants.java =================================================================== --- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/constants/JBossSAMLConstants.java 2010-11-30 16:20:18 UTC (rev 571) +++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/constants/JBossSAMLConstants.java 2010-11-30 16:56:07 UTC (rev 572) @@ -67,6 +67,7 @@ NAME_QUALIFIER( "NameQualifier" ), NOT_BEFORE( "NotBefore" ), NOT_ON_OR_AFTER( "NotOnOrAfter" ), + REQUESTED_AUTHN_CONTEXT( "RequestedAuthnContext" ), RECIPIENT( "Recipient" ), RESPONSE( "Response" ), SESSION_INDEX( "SessionIndex" ), Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/SAMLRequestWriter.java =================================================================== --- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/SAMLRequestWriter.java 2010-11-30 16:20:18 UTC (rev 571) +++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/SAMLRequestWriter.java 2010-11-30 16:56:07 UTC (rev 572) @@ -80,8 +80,10 @@ StaxUtil.writeAttribute( writer, JBossSAMLConstants.ASSERTION_CONSUMER_SERVICE_URL.get(), assertionURL.toASCIIString() ); NameIDType issuer = request.getIssuer(); - write( issuer, new QName( ASSERTION_NSURI.get(), JBossSAMLConstants.ISSUER.get())); - + if( issuer != null ) + { + write( issuer, new QName( ASSERTION_NSURI.get(), JBossSAMLConstants.ISSUER.get())); + } NameIDPolicyType nameIDPolicy = request.getNameIDPolicy(); if( nameIDPolicy != null ) write( nameIDPolicy );

14 years

1
0
0 / 0

Picketlink SVN: r571 - in federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers: wst and 1 other directory.

by picketlink-commits＠lists.jboss.org

Author: anil.saldhana(a)jboss.com Date: 2010-11-30 11:20:18 -0500 (Tue, 30 Nov 2010) New Revision: 571 Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLAssertionParser.java federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLAuthNRequestParser.java federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLConditionsParser.java federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLSubjectParser.java federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/wst/WSTRequestSecurityTokenParser.java federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/wst/WSTRequestSecurityTokenResponseParser.java Log: add guards Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLAssertionParser.java =================================================================== --- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLAssertionParser.java 2010-11-30 16:07:32 UTC (rev 570) +++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLAssertionParser.java 2010-11-30 16:20:18 UTC (rev 571) @@ -70,6 +70,8 @@ String endElementTag = StaxParserUtil.getEndElementName( endElement ); if( endElementTag.equals( JBossSAMLConstants.ASSERTION.get() ) ) break; + else + throw new RuntimeException( "Unknown End Element:" + endElementTag ); } StartElement peekedElement = null; Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLAuthNRequestParser.java =================================================================== --- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLAuthNRequestParser.java 2010-11-30 16:07:32 UTC (rev 570) +++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLAuthNRequestParser.java 2010-11-30 16:20:18 UTC (rev 571) @@ -68,6 +68,8 @@ startElement = StaxParserUtil.getNextStartElement( xmlEventReader ); authnRequest.setNameIDPolicy( getNameIDPolicy( startElement )); } + else + throw new RuntimeException( "Unknown Element:" + elementName ); } return authnRequest; } Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLConditionsParser.java =================================================================== --- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLConditionsParser.java 2010-11-30 16:07:32 UTC (rev 570) +++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLConditionsParser.java 2010-11-30 16:20:18 UTC (rev 571) @@ -166,6 +166,8 @@ StaxParserUtil.getNextEvent(xmlEventReader); //Just get the end element break; } + else + throw new RuntimeException( "Unknown End Element:" + StaxParserUtil.getEndElementName( endElement ) ); } } return audience; Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLSubjectParser.java =================================================================== --- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLSubjectParser.java 2010-11-30 16:07:32 UTC (rev 570) +++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLSubjectParser.java 2010-11-30 16:20:18 UTC (rev 571) @@ -70,6 +70,8 @@ EndElement endElement = (EndElement) xmlEvent; if( StaxParserUtil.matches(endElement , JBossSAMLConstants.SUBJECT.get() )) break; + else + throw new RuntimeException( "Unknown End Element:" + StaxParserUtil.getEndElementName( endElement ) ); } StartElement peekedElement = StaxParserUtil.peekNextStartElement( xmlEventReader ); Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/wst/WSTRequestSecurityTokenParser.java =================================================================== --- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/wst/WSTRequestSecurityTokenParser.java 2010-11-30 16:07:32 UTC (rev 570) +++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/wst/WSTRequestSecurityTokenParser.java 2010-11-30 16:20:18 UTC (rev 571) @@ -85,6 +85,8 @@ String endElementTag = StaxParserUtil.getEndElementName( endElement ); if( endElementTag.equals( WSTrustConstants.RST ) ) break; + else + throw new RuntimeException( "Unknown End Element:" + StaxParserUtil.getEndElementName( endElement ) ); } try Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/wst/WSTRequestSecurityTokenResponseParser.java =================================================================== --- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/wst/WSTRequestSecurityTokenResponseParser.java 2010-11-30 16:07:32 UTC (rev 570) +++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/wst/WSTRequestSecurityTokenResponseParser.java 2010-11-30 16:20:18 UTC (rev 571) @@ -91,6 +91,8 @@ String endElementTag = StaxParserUtil.getEndElementName(endElement); if (endElementTag.equals(WSTrustConstants.RSTR)) break; + else + throw new RuntimeException( "Unknown End Element:" + StaxParserUtil.getEndElementName( endElement ) ); } try

14 years

1
0
0 / 0

Picketlink SVN: r570 - in federation/trunk: picketlink-bindings/src/main/java/org/picketlink/identity/federation/bindings/tomcat/sp and 17 other directories.

by picketlink-commits＠lists.jboss.org

Author: anil.saldhana(a)jboss.com Date: 2010-11-30 11:07:32 -0500 (Tue, 30 Nov 2010) New Revision: 570 Modified: federation/trunk/picketlink-bindings-jboss/src/main/java/org/picketlink/identity/federation/bindings/jboss/auth/SAML20TokenRoleAttributeProvider.java federation/trunk/picketlink-bindings-jboss/src/main/java/org/picketlink/identity/federation/bindings/jboss/auth/SAML2STSLoginModule.java federation/trunk/picketlink-bindings-jboss/src/main/java/org/picketlink/identity/federation/bindings/jboss/auth/mapping/STSGroupMappingProvider.java federation/trunk/picketlink-bindings-jboss/src/main/java/org/picketlink/identity/federation/bindings/jboss/auth/mapping/STSPrincipalMappingProvider.java federation/trunk/picketlink-bindings-jboss/src/test/java/org/picketlink/test/identity/federation/bindings/jboss/auth/STSMappingProviderUnitTestCase.java federation/trunk/picketlink-bindings/src/main/java/org/picketlink/identity/federation/bindings/tomcat/idp/IDPRedirectValve.java federation/trunk/picketlink-bindings/src/main/java/org/picketlink/identity/federation/bindings/tomcat/idp/IDPRedirectWithSignatureValve.java federation/trunk/picketlink-bindings/src/main/java/org/picketlink/identity/federation/bindings/tomcat/idp/IDPWebBrowserSSOValve.java federation/trunk/picketlink-bindings/src/main/java/org/picketlink/identity/federation/bindings/tomcat/sp/SPRedirectFormAuthenticator.java federation/trunk/picketlink-bindings/src/main/java/org/picketlink/identity/federation/bindings/tomcat/sp/SPRedirectSignatureFormAuthenticator.java federation/trunk/picketlink-bindings/src/main/java/org/picketlink/identity/federation/bindings/tomcat/sp/SPUtil.java federation/trunk/picketlink-bindings/src/test/java/org/picketlink/test/identity/federation/bindings/util/RedirectBindingSignatureUtilTestCase.java federation/trunk/picketlink-bindings/src/test/java/org/picketlink/test/identity/federation/bindings/util/RedirectBindingUtilTestCase.java federation/trunk/picketlink-bindings/src/test/java/org/picketlink/test/identity/federation/bindings/workflow/SAML2LogoutTomcatWorkflowUnitTestCase.java federation/trunk/picketlink-bindings/src/test/java/org/picketlink/test/identity/federation/bindings/workflow/SAML2PostTomcatWorkflowUnitTestCase.java federation/trunk/picketlink-fed-api/src/main/java/org/picketlink/identity/federation/api/saml/v2/request/SAML2Request.java federation/trunk/picketlink-fed-api/src/main/java/org/picketlink/identity/federation/api/saml/v2/response/SAML2Response.java federation/trunk/picketlink-fed-api/src/main/java/org/picketlink/identity/federation/api/saml/v2/sig/SAML2Signature.java federation/trunk/picketlink-fed-api/src/main/java/org/picketlink/identity/federation/api/soap/SOAPSAMLXACML.java federation/trunk/picketlink-fed-api/src/test/java/org/picketlink/test/identity/federation/api/saml/v2/DeflateEncodingDecodingUnitTestCase.java federation/trunk/picketlink-fed-api/src/test/java/org/picketlink/test/identity/federation/api/saml/v2/SAML2AuthnRequestUnitTestCase.java federation/trunk/picketlink-fed-api/src/test/java/org/picketlink/test/identity/federation/api/saml/v2/SAML2AuthnResponseUnitTestCase.java federation/trunk/picketlink-fed-api/src/test/java/org/picketlink/test/identity/federation/api/saml/v2/SAML2RequestUnitTestCase.java federation/trunk/picketlink-fed-api/src/test/java/org/picketlink/test/identity/federation/api/saml/v2/SignatureValidationUnitTestCase.java federation/trunk/picketlink-fed-api/src/test/java/org/picketlink/test/identity/federation/api/util/XMLEncryptionUnitTestCase.java federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/web/filters/SPFilter.java federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/web/handlers/saml2/SAML2AuthenticationHandler.java federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/web/handlers/saml2/SAML2LogOutHandler.java federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/web/servlets/saml/SOAPSAMLXACMLServlet.java federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/web/util/IDPWebRequestUtil.java federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/web/util/RedirectBindingSignatureUtil.java federation/trunk/picketlink-web/src/test/java/org/picketlink/test/identity/federation/web/saml/handlers/SAML2SignatureHandlerUnitTestCase.java federation/trunk/picketlink-web/src/test/java/org/picketlink/test/identity/federation/web/workflow/saml2/SAML2LogoutWorkflowUnitTestCase.java federation/trunk/picketlink-web/src/test/java/org/picketlink/test/identity/federation/web/workflow/saml2/SAML2PostWorkflowUnitTestCase.java Log: updated saml object model Modified: federation/trunk/picketlink-bindings/src/main/java/org/picketlink/identity/federation/bindings/tomcat/idp/IDPRedirectValve.java =================================================================== --- federation/trunk/picketlink-bindings/src/main/java/org/picketlink/identity/federation/bindings/tomcat/idp/IDPRedirectValve.java 2010-11-30 16:06:20 UTC (rev 569) +++ federation/trunk/picketlink-bindings/src/main/java/org/picketlink/identity/federation/bindings/tomcat/idp/IDPRedirectValve.java 2010-11-30 16:07:32 UTC (rev 570) @@ -33,7 +33,6 @@ import javax.servlet.ServletException; import javax.servlet.http.HttpServletResponse; -import javax.xml.bind.JAXBException; import org.apache.catalina.Context; import org.apache.catalina.Lifecycle; @@ -62,16 +61,15 @@ import org.picketlink.identity.federation.core.saml.v2.holders.IssuerInfoHolder; import org.picketlink.identity.federation.core.saml.v2.holders.SPInfoHolder; import org.picketlink.identity.federation.core.saml.v2.util.StatementUtil; -import org.picketlink.identity.federation.saml.v2.assertion.AssertionType; -import org.picketlink.identity.federation.saml.v2.assertion.AttributeStatementType; -import org.picketlink.identity.federation.saml.v2.protocol.AuthnRequestType; -import org.picketlink.identity.federation.saml.v2.protocol.RequestAbstractType; -import org.picketlink.identity.federation.saml.v2.protocol.ResponseType; +import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AssertionType; +import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AttributeStatementType; +import org.picketlink.identity.federation.newmodel.saml.v2.protocol.AuthnRequestType; +import org.picketlink.identity.federation.newmodel.saml.v2.protocol.RequestAbstractType; +import org.picketlink.identity.federation.newmodel.saml.v2.protocol.ResponseType; import org.picketlink.identity.federation.web.constants.GeneralConstants; import org.picketlink.identity.federation.web.util.ConfigurationUtil; import org.picketlink.identity.federation.web.util.HTTPRedirectUtil; import org.picketlink.identity.federation.web.util.RedirectBindingUtil; -import org.xml.sax.SAXException; /** * Valve at the IDP that supports the HTTP/Redirect Binding @@ -248,15 +246,7 @@ finalDest.append( getDestinationQueryString(urlEncodedResponse, relayState) ); HTTPRedirectUtil.sendRedirectForResponder(finalDest.toString(), response); - } - catch (JAXBException e) - { - throw new ParsingException(e); - } - catch (SAXException e) - { - throw new ParsingException(e); - } + } catch (IOException e) { throw new ProcessingException(e); @@ -322,37 +312,16 @@ InputStream is = RedirectBindingUtil.base64DeflateDecode(samlMessage); SAML2Request saml2Request = new SAML2Request(); - AuthnRequestType authnRequestType = null; - try - { - authnRequestType = saml2Request.getAuthnRequestType(is); - } - catch (JAXBException e2) - { - throw new ParsingException(e2); - } - catch (SAXException e2) - { - throw new ParsingException(e2); - } + AuthnRequestType authnRequestType = saml2Request.getAuthnRequestType(is); + if(authnRequestType == null) throw new IllegalStateException("AuthnRequest is null"); if(log.isTraceEnabled()) { StringWriter sw = new StringWriter(); - try - { - saml2Request.marshall(authnRequestType, sw); - } - catch (SAXException e) - { - log.trace(e); - } - catch (JAXBException e) - { - log.trace(e); - } + saml2Request.marshall(authnRequestType, sw); + log.trace("IDPRedirectValve::AuthnRequest="+sw.toString()); } SAML2Response saml2Response = new SAML2Response(); @@ -368,14 +337,14 @@ idp.setNameIDFormat(JBossSAMLURIConstants.NAMEID_FORMAT_PERSISTENT.get()); SPInfoHolder sp = new SPInfoHolder(); - sp.setResponseDestinationURI(authnRequestType.getAssertionConsumerServiceURL()); + sp.setResponseDestinationURI( authnRequestType.getAssertionConsumerServiceURL().toASCIIString() ); responseType = saml2Response.createResponseType(id, sp, idp, issuerHolder); //Add information on the roles List<String> roles = rg.generateRoles(userPrincipal); - AssertionType assertion = (AssertionType) responseType.getAssertionOrEncryptedAssertion().get(0); + AssertionType assertion = (AssertionType) responseType.getAssertions().get(0).getAssertion(); AttributeStatementType attrStatement = StatementUtil.createAttributeStatement(roles); - assertion.getStatementOrAuthnStatementOrAuthzDecisionStatement().add(attrStatement); + assertion.addStatement( attrStatement ); //Add timed conditions try @@ -391,18 +360,8 @@ if(log.isTraceEnabled()) { StringWriter sw = new StringWriter(); - try - { - saml2Response.marshall(responseType, sw); - } - catch (JAXBException e) - { - log.trace(e); - } - catch (SAXException e) - { - log.trace(e); - } + saml2Response.marshall(responseType, sw); + log.trace("IDPRedirectValve::Response="+sw.toString()); } Modified: federation/trunk/picketlink-bindings/src/main/java/org/picketlink/identity/federation/bindings/tomcat/idp/IDPRedirectWithSignatureValve.java =================================================================== --- federation/trunk/picketlink-bindings/src/main/java/org/picketlink/identity/federation/bindings/tomcat/idp/IDPRedirectWithSignatureValve.java 2010-11-30 16:06:20 UTC (rev 569) +++ federation/trunk/picketlink-bindings/src/main/java/org/picketlink/identity/federation/bindings/tomcat/idp/IDPRedirectWithSignatureValve.java 2010-11-30 16:07:32 UTC (rev 570) @@ -35,7 +35,6 @@ import java.util.List; import javax.crypto.SecretKey; -import javax.xml.bind.JAXBException; import javax.xml.namespace.QName; import org.apache.catalina.LifecycleException; @@ -56,12 +55,12 @@ import org.picketlink.identity.federation.core.util.CoreConfigUtil; import org.picketlink.identity.federation.core.util.XMLEncryptionUtil; import org.picketlink.identity.federation.core.util.XMLSignatureUtil; -import org.picketlink.identity.federation.saml.v2.assertion.EncryptedElementType; -import org.picketlink.identity.federation.saml.v2.protocol.ResponseType; +import org.picketlink.identity.federation.newmodel.saml.v2.assertion.EncryptedAssertionType; +import org.picketlink.identity.federation.newmodel.saml.v2.protocol.ResponseType; +import org.picketlink.identity.federation.newmodel.saml.v2.protocol.ResponseType.RTChoiceType; import org.picketlink.identity.federation.web.util.RedirectBindingSignatureUtil; import org.w3c.dom.Document; import org.w3c.dom.Element; -import org.xml.sax.SAXException; /** @@ -214,21 +213,13 @@ publicKey, sk, keyLength, assertionQName, true); - EncryptedElementType eet = saml2Response.getEncryptedAssertion(DocumentUtil.getNodeAsStream(encAssertion)); - responseType.getAssertionOrEncryptedAssertion().set(0, eet); + EncryptedAssertionType eet = saml2Response.getEncryptedAssertion(DocumentUtil.getNodeAsStream(encAssertion)); + responseType.addAssertion( new RTChoiceType( eet )); } catch (MalformedURLException e) { throw new ParsingException(e); - } - catch (JAXBException e) - { - throw new ParsingException(e); - } - catch (SAXException e) - { - throw new ParsingException(e); - } + } catch (Exception e) { throw new ProcessingException(e); @@ -238,18 +229,8 @@ if(log.isTraceEnabled()) { StringWriter sw = new StringWriter(); - try - { - saml2Response.marshall(responseType, sw); - } - catch (JAXBException e) - { - if(trace) log.trace(e); - } - catch (SAXException e) - { - if(trace) log.trace(e); - } + saml2Response.marshall(responseType, sw); + log.trace("IDPRedirectValveWithSignature::Response="+sw.toString()); } return responseType; Modified: federation/trunk/picketlink-bindings/src/main/java/org/picketlink/identity/federation/bindings/tomcat/idp/IDPWebBrowserSSOValve.java =================================================================== --- federation/trunk/picketlink-bindings/src/main/java/org/picketlink/identity/federation/bindings/tomcat/idp/IDPWebBrowserSSOValve.java 2010-11-30 16:06:20 UTC (rev 569) +++ federation/trunk/picketlink-bindings/src/main/java/org/picketlink/identity/federation/bindings/tomcat/idp/IDPWebBrowserSSOValve.java 2010-11-30 16:07:32 UTC (rev 570) @@ -88,8 +88,8 @@ import org.picketlink.identity.federation.core.util.StringUtil; import org.picketlink.identity.federation.core.util.XMLSignatureUtil; import org.picketlink.identity.federation.saml.v2.SAML2Object; -import org.picketlink.identity.federation.saml.v2.protocol.RequestAbstractType; -import org.picketlink.identity.federation.saml.v2.protocol.StatusResponseType; +import org.picketlink.identity.federation.newmodel.saml.v2.protocol.RequestAbstractType; +import org.picketlink.identity.federation.newmodel.saml.v2.protocol.StatusResponseType; import org.picketlink.identity.federation.web.constants.GeneralConstants; import org.picketlink.identity.federation.web.core.HTTPContext; import org.picketlink.identity.federation.web.core.IdentityServer; Modified: federation/trunk/picketlink-bindings/src/main/java/org/picketlink/identity/federation/bindings/tomcat/sp/SPRedirectFormAuthenticator.java =================================================================== --- federation/trunk/picketlink-bindings/src/main/java/org/picketlink/identity/federation/bindings/tomcat/sp/SPRedirectFormAuthenticator.java 2010-11-30 16:06:20 UTC (rev 569) +++ federation/trunk/picketlink-bindings/src/main/java/org/picketlink/identity/federation/bindings/tomcat/sp/SPRedirectFormAuthenticator.java 2010-11-30 16:07:32 UTC (rev 570) @@ -33,7 +33,6 @@ import javax.servlet.RequestDispatcher; import javax.servlet.ServletException; -import javax.xml.bind.JAXBException; import org.apache.catalina.Session; import org.apache.catalina.authenticator.Constants; @@ -53,8 +52,8 @@ import org.picketlink.identity.federation.core.saml.v2.interfaces.SAML2Handler; import org.picketlink.identity.federation.core.saml.v2.interfaces.SAML2HandlerResponse; import org.picketlink.identity.federation.core.saml.v2.util.DocumentUtil; -import org.picketlink.identity.federation.saml.v2.protocol.AuthnRequestType; -import org.picketlink.identity.federation.saml.v2.protocol.ResponseType; +import org.picketlink.identity.federation.newmodel.saml.v2.protocol.AuthnRequestType; +import org.picketlink.identity.federation.newmodel.saml.v2.protocol.ResponseType; import org.picketlink.identity.federation.web.constants.GeneralConstants; import org.picketlink.identity.federation.web.core.HTTPContext; import org.picketlink.identity.federation.web.process.ServiceProviderBaseProcessor; @@ -62,10 +61,9 @@ import org.picketlink.identity.federation.web.process.ServiceProviderSAMLResponseProcessor; import org.picketlink.identity.federation.web.util.HTTPRedirectUtil; import org.picketlink.identity.federation.web.util.RedirectBindingUtil; -import org.picketlink.identity.federation.web.util.ServerDetector; import org.picketlink.identity.federation.web.util.RedirectBindingUtil.RedirectBindingUtilDestHolder; +import org.picketlink.identity.federation.web.util.ServerDetector; import org.w3c.dom.Document; -import org.xml.sax.SAXException; /** * Authenticator at the Service Provider @@ -332,7 +330,7 @@ } protected String createSAMLRequestMessage(String relayState, Response response) - throws ServletException, ConfigurationException, SAXException, JAXBException, IOException + throws ServletException, ConfigurationException, IOException, ProcessingException { //create a saml request if(this.serviceURL == null) @@ -347,7 +345,7 @@ saml2Request.marshall(authnRequest, baos); String base64Request = RedirectBindingUtil.deflateBase64URLEncode(baos.toByteArray()); - String destination = authnRequest.getDestination(); + String destination = authnRequest.getDestination().toASCIIString(); String destinationQueryString = getDestinationQueryString(base64Request, relayState, true); @@ -416,7 +414,5 @@ throws IOException, GeneralSecurityException, ConfigurationException, ParsingException { throw new RuntimeException("This authenticator does not handle encryption"); - } - - + } } \ No newline at end of file Modified: federation/trunk/picketlink-bindings/src/main/java/org/picketlink/identity/federation/bindings/tomcat/sp/SPRedirectSignatureFormAuthenticator.java =================================================================== --- federation/trunk/picketlink-bindings/src/main/java/org/picketlink/identity/federation/bindings/tomcat/sp/SPRedirectSignatureFormAuthenticator.java 2010-11-30 16:06:20 UTC (rev 569) +++ federation/trunk/picketlink-bindings/src/main/java/org/picketlink/identity/federation/bindings/tomcat/sp/SPRedirectSignatureFormAuthenticator.java 2010-11-30 16:07:32 UTC (rev 570) @@ -29,8 +29,6 @@ import java.security.PublicKey; import java.util.List; -import javax.xml.bind.JAXBException; - import org.apache.catalina.Context; import org.apache.catalina.LifecycleException; import org.apache.catalina.connector.Request; @@ -48,8 +46,8 @@ import org.picketlink.identity.federation.core.saml.v2.util.SignatureUtil; import org.picketlink.identity.federation.core.util.CoreConfigUtil; import org.picketlink.identity.federation.core.util.XMLEncryptionUtil; -import org.picketlink.identity.federation.saml.v2.assertion.EncryptedElementType; -import org.picketlink.identity.federation.saml.v2.protocol.ResponseType; +import org.picketlink.identity.federation.newmodel.saml.v2.assertion.EncryptedElementType; +import org.picketlink.identity.federation.newmodel.saml.v2.protocol.ResponseType; import org.picketlink.identity.federation.web.constants.GeneralConstants; import org.picketlink.identity.federation.web.process.ServiceProviderBaseProcessor; import org.picketlink.identity.federation.web.util.RedirectBindingSignatureUtil; @@ -192,7 +190,7 @@ SAML2Response saml2Response = new SAML2Response(); PrivateKey privateKey = keyManager.getSigningKey(); - EncryptedElementType myEET = (EncryptedElementType) responseType.getAssertionOrEncryptedAssertion().get(0); + EncryptedElementType myEET = (EncryptedElementType) responseType.getAssertions().get(0).getEncryptedAssertion(); Document eetDoc = saml2Response.convert(myEET); Element decryptedDocumentElement = XMLEncryptionUtil.decryptElementInDocument(eetDoc,privateKey); @@ -200,10 +198,6 @@ //Let us use the encrypted doc element to decrypt it return saml2Response.getResponseType(DocumentUtil.getNodeAsStream(decryptedDocumentElement)); } - catch (JAXBException e) - { - throw new ConfigurationException(e); - } catch (Exception e) { throw new GeneralSecurityException(e); Modified: federation/trunk/picketlink-bindings/src/main/java/org/picketlink/identity/federation/bindings/tomcat/sp/SPUtil.java =================================================================== --- federation/trunk/picketlink-bindings/src/main/java/org/picketlink/identity/federation/bindings/tomcat/sp/SPUtil.java 2010-11-30 16:06:20 UTC (rev 569) +++ federation/trunk/picketlink-bindings/src/main/java/org/picketlink/identity/federation/bindings/tomcat/sp/SPUtil.java 2010-11-30 16:07:32 UTC (rev 570) @@ -25,8 +25,6 @@ import java.util.ArrayList; import java.util.List; -import javax.xml.bind.JAXBElement; - import org.apache.catalina.Context; import org.apache.catalina.connector.Request; import org.apache.catalina.realm.GenericPrincipal; @@ -37,14 +35,16 @@ import org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLURIConstants; import org.picketlink.identity.federation.core.saml.v2.exceptions.AssertionExpiredException; import org.picketlink.identity.federation.core.saml.v2.util.AssertionUtil; -import org.picketlink.identity.federation.saml.v2.assertion.AssertionType; -import org.picketlink.identity.federation.saml.v2.assertion.AttributeStatementType; -import org.picketlink.identity.federation.saml.v2.assertion.AttributeType; -import org.picketlink.identity.federation.saml.v2.assertion.NameIDType; -import org.picketlink.identity.federation.saml.v2.assertion.SubjectType; -import org.picketlink.identity.federation.saml.v2.protocol.AuthnRequestType; -import org.picketlink.identity.federation.saml.v2.protocol.ResponseType; -import org.picketlink.identity.federation.saml.v2.protocol.StatusType; +import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AssertionType; +import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AttributeStatementType; +import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AttributeStatementType.ASTChoiceType; +import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AttributeType; +import org.picketlink.identity.federation.newmodel.saml.v2.assertion.NameIDType; +import org.picketlink.identity.federation.newmodel.saml.v2.assertion.SubjectType; +import org.picketlink.identity.federation.newmodel.saml.v2.protocol.AuthnRequestType; +import org.picketlink.identity.federation.newmodel.saml.v2.protocol.ResponseType; +import org.picketlink.identity.federation.newmodel.saml.v2.protocol.ResponseType.RTChoiceType; +import org.picketlink.identity.federation.newmodel.saml.v2.protocol.StatusType; /** * Common code useful for a SP @@ -79,8 +79,7 @@ * @param serverEnvironment tomcat,jboss etc * @return * @throws AssertionExpiredException - */ - @SuppressWarnings("unchecked") + */ public Principal handleSAMLResponse(Request request, ResponseType responseType) throws ConfigurationException, AssertionExpiredException { @@ -93,35 +92,36 @@ if(statusType == null) throw new IllegalArgumentException("Status Type from the IDP is null"); - String statusValue = statusType.getStatusCode().getValue(); + String statusValue = statusType.getStatusCode().getValue().toASCIIString(); if(JBossSAMLURIConstants.STATUS_SUCCESS.get().equals(statusValue) == false) throw new SecurityException("IDP forbid the user"); - List<Object> assertions = responseType.getAssertionOrEncryptedAssertion(); + List<RTChoiceType> assertions = responseType.getAssertions(); if(assertions.size() == 0) throw new IllegalStateException("No assertions in reply from IDP"); - AssertionType assertion = (AssertionType)assertions.get(0); + AssertionType assertion = assertions.get(0).getAssertion(); //Check for validity of assertion boolean expiredAssertion = AssertionUtil.hasExpired(assertion); if(expiredAssertion) throw new AssertionExpiredException(); SubjectType subject = assertion.getSubject(); - JAXBElement<NameIDType> jnameID = (JAXBElement<NameIDType>) subject.getContent().get(0); - NameIDType nameID = jnameID.getValue(); + + //JAXBElement<NameIDType> jnameID = (JAXBElement<NameIDType>) subject.getContent().get(0); + NameIDType nameID = (NameIDType) subject.getSubType().getBaseID(); String userName = nameID.getValue(); List<String> roles = new ArrayList<String>(); //Set it on a thread local for JBID integrators - StatementLocal.statements.set(assertion.getStatementOrAuthnStatementOrAuthzDecisionStatement()); + StatementLocal.statements.set(assertion.getStatements() ); //Let us get the roles - AttributeStatementType attributeStatement = (AttributeStatementType) assertion.getStatementOrAuthnStatementOrAuthzDecisionStatement().get(0); - List<Object> attList = attributeStatement.getAttributeOrEncryptedAttribute(); - for(Object obj:attList) + AttributeStatementType attributeStatement = (AttributeStatementType) assertion.getStatements().iterator().next(); + List<ASTChoiceType> attList = attributeStatement.getAttributes(); + for( ASTChoiceType obj:attList) { - AttributeType attr = (AttributeType) obj; + AttributeType attr = (AttributeType) obj.getAttribute(); String roleName = (String) attr.getAttributeValue().get(0); roles.add(roleName); } Modified: federation/trunk/picketlink-bindings/src/test/java/org/picketlink/test/identity/federation/bindings/util/RedirectBindingSignatureUtilTestCase.java =================================================================== --- federation/trunk/picketlink-bindings/src/test/java/org/picketlink/test/identity/federation/bindings/util/RedirectBindingSignatureUtilTestCase.java 2010-11-30 16:06:20 UTC (rev 569) +++ federation/trunk/picketlink-bindings/src/test/java/org/picketlink/test/identity/federation/bindings/util/RedirectBindingSignatureUtilTestCase.java 2010-11-30 16:07:32 UTC (rev 570) @@ -31,7 +31,7 @@ import org.picketlink.identity.federation.core.saml.v2.factories.JBossSAMLAuthnRequestFactory; import org.picketlink.identity.federation.core.saml.v2.util.SignatureUtil; import org.picketlink.identity.federation.core.util.KeyStoreUtil; -import org.picketlink.identity.federation.saml.v2.protocol.AuthnRequestType; +import org.picketlink.identity.federation.newmodel.saml.v2.protocol.AuthnRequestType; import org.picketlink.identity.federation.web.util.RedirectBindingSignatureUtil; /** Modified: federation/trunk/picketlink-bindings/src/test/java/org/picketlink/test/identity/federation/bindings/util/RedirectBindingUtilTestCase.java =================================================================== --- federation/trunk/picketlink-bindings/src/test/java/org/picketlink/test/identity/federation/bindings/util/RedirectBindingUtilTestCase.java 2010-11-30 16:06:20 UTC (rev 569) +++ federation/trunk/picketlink-bindings/src/test/java/org/picketlink/test/identity/federation/bindings/util/RedirectBindingUtilTestCase.java 2010-11-30 16:07:32 UTC (rev 570) @@ -30,8 +30,8 @@ import org.picketlink.identity.federation.api.saml.v2.request.SAML2Request; import org.picketlink.identity.federation.core.saml.v2.common.IDGenerator; import org.picketlink.identity.federation.core.saml.v2.factories.JBossSAMLAuthnRequestFactory; -import org.picketlink.identity.federation.saml.v2.protocol.AuthnRequestType; -import org.picketlink.identity.federation.saml.v2.protocol.RequestAbstractType; +import org.picketlink.identity.federation.newmodel.saml.v2.protocol.AuthnRequestType; +import org.picketlink.identity.federation.newmodel.saml.v2.protocol.RequestAbstractType; import org.picketlink.identity.federation.web.util.RedirectBindingUtil; /** Modified: federation/trunk/picketlink-bindings/src/test/java/org/picketlink/test/identity/federation/bindings/workflow/SAML2LogoutTomcatWorkflowUnitTestCase.java =================================================================== --- federation/trunk/picketlink-bindings/src/test/java/org/picketlink/test/identity/federation/bindings/workflow/SAML2LogoutTomcatWorkflowUnitTestCase.java 2010-11-30 16:06:20 UTC (rev 569) +++ federation/trunk/picketlink-bindings/src/test/java/org/picketlink/test/identity/federation/bindings/workflow/SAML2LogoutTomcatWorkflowUnitTestCase.java 2010-11-30 16:07:32 UTC (rev 570) @@ -41,7 +41,7 @@ import org.picketlink.identity.federation.api.saml.v2.response.SAML2Response; import org.picketlink.identity.federation.bindings.tomcat.idp.IDPWebBrowserSSOValve; import org.picketlink.identity.federation.bindings.tomcat.sp.SPRedirectFormAuthenticator; -import org.picketlink.identity.federation.saml.v2.protocol.LogoutRequestType; +import org.picketlink.identity.federation.newmodel.saml.v2.protocol.LogoutRequestType; import org.picketlink.identity.federation.saml.v2.protocol.StatusResponseType; import org.picketlink.identity.federation.web.constants.GeneralConstants; import org.picketlink.identity.federation.web.core.IdentityServer; Modified: federation/trunk/picketlink-bindings/src/test/java/org/picketlink/test/identity/federation/bindings/workflow/SAML2PostTomcatWorkflowUnitTestCase.java =================================================================== --- federation/trunk/picketlink-bindings/src/test/java/org/picketlink/test/identity/federation/bindings/workflow/SAML2PostTomcatWorkflowUnitTestCase.java 2010-11-30 16:06:20 UTC (rev 569) +++ federation/trunk/picketlink-bindings/src/test/java/org/picketlink/test/identity/federation/bindings/workflow/SAML2PostTomcatWorkflowUnitTestCase.java 2010-11-30 16:07:32 UTC (rev 570) @@ -43,8 +43,8 @@ import org.picketlink.identity.federation.core.saml.v2.common.IDGenerator; import org.picketlink.identity.federation.core.saml.v2.util.DocumentUtil; import org.picketlink.identity.federation.core.util.Base64; -import org.picketlink.identity.federation.saml.v2.protocol.AuthnRequestType; -import org.picketlink.identity.federation.saml.v2.protocol.ResponseType; +import org.picketlink.identity.federation.newmodel.saml.v2.protocol.AuthnRequestType; +import org.picketlink.identity.federation.newmodel.saml.v2.protocol.ResponseType; import org.picketlink.identity.federation.web.constants.GeneralConstants; import org.picketlink.identity.federation.web.core.IdentityServer; import org.picketlink.identity.federation.web.util.PostBindingUtil; @@ -197,4 +197,4 @@ server.sessionCreated(new HttpSessionEvent(session)); return server; } -} +} \ No newline at end of file Modified: federation/trunk/picketlink-bindings-jboss/src/main/java/org/picketlink/identity/federation/bindings/jboss/auth/SAML20TokenRoleAttributeProvider.java =================================================================== --- federation/trunk/picketlink-bindings-jboss/src/main/java/org/picketlink/identity/federation/bindings/jboss/auth/SAML20TokenRoleAttributeProvider.java 2010-11-30 16:06:20 UTC (rev 569) +++ federation/trunk/picketlink-bindings-jboss/src/main/java/org/picketlink/identity/federation/bindings/jboss/auth/SAML20TokenRoleAttributeProvider.java 2010-11-30 16:07:32 UTC (rev 570) @@ -10,9 +10,10 @@ import org.apache.log4j.Logger; import org.jboss.security.SecurityContextAssociation; -import org.picketlink.identity.federation.core.wstrust.plugins.saml.SAML20TokenAttributeProvider; -import org.picketlink.identity.federation.saml.v2.assertion.AttributeStatementType; -import org.picketlink.identity.federation.saml.v2.assertion.AttributeType; +import org.picketlink.identity.federation.core.wstrust.plugins.saml.SAML20TokenAttributeProvider; +import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AttributeStatementType; +import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AttributeStatementType.ASTChoiceType; +import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AttributeType; /** * @@ -85,7 +86,7 @@ AttributeStatementType attributeStatement = new AttributeStatementType(); AttributeType rolesAttribute = new AttributeType(); rolesAttribute.setName(tokenRoleAttributeName); - attributeStatement.getAttributeOrEncryptedAttribute().add(rolesAttribute); + attributeStatement.addAttribute( new ASTChoiceType(rolesAttribute) ); List<Object> roles = rolesAttribute.getAttributeValue(); for( Principal rolePrincipal : subject.getPrincipals() ) Modified: federation/trunk/picketlink-bindings-jboss/src/main/java/org/picketlink/identity/federation/bindings/jboss/auth/SAML2STSLoginModule.java =================================================================== --- federation/trunk/picketlink-bindings-jboss/src/main/java/org/picketlink/identity/federation/bindings/jboss/auth/SAML2STSLoginModule.java 2010-11-30 16:06:20 UTC (rev 569) +++ federation/trunk/picketlink-bindings-jboss/src/main/java/org/picketlink/identity/federation/bindings/jboss/auth/SAML2STSLoginModule.java 2010-11-30 16:07:32 UTC (rev 570) @@ -32,23 +32,24 @@ import javax.security.auth.callback.Callback; import javax.security.auth.callback.CallbackHandler; import javax.security.auth.login.LoginException; -import javax.xml.bind.JAXBElement; import org.jboss.security.auth.callback.ObjectCallback; import org.jboss.security.auth.spi.AbstractServerLoginModule; import org.picketlink.identity.federation.bindings.jboss.subject.PicketLinkGroup; import org.picketlink.identity.federation.bindings.jboss.subject.PicketLinkPrincipal; import org.picketlink.identity.federation.core.wstrust.STSClient; +import org.picketlink.identity.federation.core.wstrust.STSClientConfig.Builder; import org.picketlink.identity.federation.core.wstrust.SamlCredential; import org.picketlink.identity.federation.core.wstrust.WSTrustException; -import org.picketlink.identity.federation.core.wstrust.STSClientConfig.Builder; import org.picketlink.identity.federation.core.wstrust.plugins.saml.SAMLUtil; -import org.picketlink.identity.federation.saml.v2.assertion.AssertionType; -import org.picketlink.identity.federation.saml.v2.assertion.AttributeStatementType; -import org.picketlink.identity.federation.saml.v2.assertion.AttributeType; -import org.picketlink.identity.federation.saml.v2.assertion.NameIDType; -import org.picketlink.identity.federation.saml.v2.assertion.StatementAbstractType; -import org.picketlink.identity.federation.saml.v2.assertion.SubjectType; +import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AssertionType; +import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AttributeStatementType; +import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AttributeStatementType.ASTChoiceType; +import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AttributeType; +import org.picketlink.identity.federation.newmodel.saml.v2.assertion.BaseIDAbstractType; +import org.picketlink.identity.federation.newmodel.saml.v2.assertion.NameIDType; +import org.picketlink.identity.federation.newmodel.saml.v2.assertion.StatementAbstractType; +import org.picketlink.identity.federation.newmodel.saml.v2.assertion.SubjectType; import org.w3c.dom.Element; /** @@ -183,15 +184,22 @@ SubjectType subject = assertion.getSubject(); if (subject != null) { - for (JAXBElement<?> element : subject.getContent()) + BaseIDAbstractType baseID = subject.getSubType().getBaseID(); + if( baseID instanceof NameIDType ) { + NameIDType nameID = (NameIDType) baseID; + this.principal = new PicketLinkPrincipal(nameID.getValue()); + } + + /*for (JAXBElement<?> element : subject.getContent()) + { if (element.getDeclaredType().equals(NameIDType.class)) { NameIDType nameID = (NameIDType) element.getValue(); this.principal = new PicketLinkPrincipal(nameID.getValue()); break; } - } + }*/ } } catch (Exception e) @@ -246,12 +254,12 @@ if (attributeStatement != null) { Set<Principal> roles = new HashSet<Principal>(); - List<Object> attributeList = attributeStatement.getAttributeOrEncryptedAttribute(); - for (Object obj : attributeList) + List<ASTChoiceType> attributeList = attributeStatement.getAttributes(); + for ( ASTChoiceType obj : attributeList ) { - if (obj instanceof AttributeType) + AttributeType attribute = obj.getAttribute(); + if( attribute != null ) { - AttributeType attribute = (AttributeType) obj; // if this is a role attribute, get its values and add them to the role set. if (attribute.getName().equals("role")) { @@ -280,7 +288,7 @@ */ private AttributeStatementType getAttributeStatement(AssertionType assertion) { - List<StatementAbstractType> statementList = assertion.getStatementOrAuthnStatementOrAuthzDecisionStatement(); + Set<StatementAbstractType> statementList = assertion.getStatements(); if (statementList.size() != 0) { for (StatementAbstractType statement : statementList) Modified: federation/trunk/picketlink-bindings-jboss/src/main/java/org/picketlink/identity/federation/bindings/jboss/auth/mapping/STSGroupMappingProvider.java =================================================================== --- federation/trunk/picketlink-bindings-jboss/src/main/java/org/picketlink/identity/federation/bindings/jboss/auth/mapping/STSGroupMappingProvider.java 2010-11-30 16:06:20 UTC (rev 569) +++ federation/trunk/picketlink-bindings-jboss/src/main/java/org/picketlink/identity/federation/bindings/jboss/auth/mapping/STSGroupMappingProvider.java 2010-11-30 16:07:32 UTC (rev 570) @@ -2,6 +2,7 @@ import java.util.List; import java.util.Map; +import java.util.Set; import javax.xml.bind.JAXBException; @@ -14,10 +15,11 @@ import org.picketlink.identity.federation.bindings.jboss.auth.SAML20TokenRoleAttributeProvider; import org.picketlink.identity.federation.core.wstrust.auth.AbstractSTSLoginModule; import org.picketlink.identity.federation.core.wstrust.plugins.saml.SAMLUtil; -import org.picketlink.identity.federation.saml.v2.assertion.AssertionType; -import org.picketlink.identity.federation.saml.v2.assertion.AttributeStatementType; -import org.picketlink.identity.federation.saml.v2.assertion.AttributeType; -import org.picketlink.identity.federation.saml.v2.assertion.StatementAbstractType; +import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AssertionType; +import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AttributeStatementType; +import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AttributeStatementType.ASTChoiceType; +import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AttributeType; +import org.picketlink.identity.federation.newmodel.saml.v2.assertion.StatementAbstractType; import org.w3c.dom.Element; /** @@ -112,11 +114,23 @@ if (attributeStatement != null) { RoleGroup rolesGroup = new SimpleRoleGroup(SAML20TokenRoleAttributeProvider.JBOSS_ROLE_PRINCIPAL_NAME); - List<Object> attributeList = attributeStatement.getAttributeOrEncryptedAttribute(); - for (Object obj : attributeList) + List<ASTChoiceType> attributeList = attributeStatement.getAttributes(); + for ( ASTChoiceType obj : attributeList) { - if (obj instanceof AttributeType) + AttributeType attribute = obj.getAttribute(); + if( attribute != null ) { + // if this is a role attribute, get its values and add them to the role set. + if (tokenRoleAttributeName.equals(attribute.getName())) + { + for (Object value : attribute.getAttributeValue()) + { + rolesGroup.addRole(new SimpleRole((String) value)); + } + } + } + /*if (obj instanceof AttributeType) + { AttributeType attribute = (AttributeType) obj; // if this is a role attribute, get its values and add them to the role set. if (tokenRoleAttributeName.equals(attribute.getName())) @@ -126,7 +140,7 @@ rolesGroup.addRole(new SimpleRole((String) value)); } } - } + }*/ } result.setMappedObject(rolesGroup); if (log.isDebugEnabled()) @@ -169,7 +183,7 @@ */ private AttributeStatementType getAttributeStatement(AssertionType assertion) { - List<StatementAbstractType> statementList = assertion.getStatementOrAuthnStatementOrAuthzDecisionStatement(); + Set<StatementAbstractType> statementList = assertion.getStatements(); if (statementList.size() != 0) { for (StatementAbstractType statement : statementList) @@ -180,4 +194,4 @@ } return null; } -} +} \ No newline at end of file Modified: federation/trunk/picketlink-bindings-jboss/src/main/java/org/picketlink/identity/federation/bindings/jboss/auth/mapping/STSPrincipalMappingProvider.java =================================================================== --- federation/trunk/picketlink-bindings-jboss/src/main/java/org/picketlink/identity/federation/bindings/jboss/auth/mapping/STSPrincipalMappingProvider.java 2010-11-30 16:06:20 UTC (rev 569) +++ federation/trunk/picketlink-bindings-jboss/src/main/java/org/picketlink/identity/federation/bindings/jboss/auth/mapping/STSPrincipalMappingProvider.java 2010-11-30 16:07:32 UTC (rev 570) @@ -3,7 +3,6 @@ import java.security.Principal; import java.util.Map; -import javax.xml.bind.JAXBElement; import javax.xml.bind.JAXBException; import org.apache.log4j.Logger; @@ -12,9 +11,10 @@ import org.jboss.security.mapping.providers.principal.AbstractPrincipalMappingProvider; import org.picketlink.identity.federation.core.wstrust.auth.AbstractSTSLoginModule; import org.picketlink.identity.federation.core.wstrust.plugins.saml.SAMLUtil; -import org.picketlink.identity.federation.saml.v2.assertion.AssertionType; -import org.picketlink.identity.federation.saml.v2.assertion.NameIDType; -import org.picketlink.identity.federation.saml.v2.assertion.SubjectType; +import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AssertionType; +import org.picketlink.identity.federation.newmodel.saml.v2.assertion.BaseIDAbstractType; +import org.picketlink.identity.federation.newmodel.saml.v2.assertion.NameIDType; +import org.picketlink.identity.federation.newmodel.saml.v2.assertion.SubjectType; import org.w3c.dom.Element; /** @@ -75,8 +75,20 @@ SubjectType subject = assertion.getSubject(); if (subject != null) { - for (JAXBElement<?> element : subject.getContent()) + BaseIDAbstractType baseID = subject.getSubType().getBaseID(); + if( baseID != null && baseID instanceof NameIDType ) { + NameIDType nameID = (NameIDType) baseID; + Principal mappedPrincipal = new SimplePrincipal(nameID.getValue()); + result.setMappedObject(mappedPrincipal); + if (log.isDebugEnabled()) + { + log.debug("Mapped principal to " + mappedPrincipal); + } + return; + } + /*for (JAXBElement<?> element : subject.getContent()) + { if (element.getDeclaredType().equals(NameIDType.class)) { NameIDType nameID = (NameIDType) element.getValue(); @@ -88,7 +100,7 @@ } return; } - } + }*/ } } catch (JAXBException e) Modified: federation/trunk/picketlink-bindings-jboss/src/test/java/org/picketlink/test/identity/federation/bindings/jboss/auth/STSMappingProviderUnitTestCase.java =================================================================== --- federation/trunk/picketlink-bindings-jboss/src/test/java/org/picketlink/test/identity/federation/bindings/jboss/auth/STSMappingProviderUnitTestCase.java 2010-11-30 16:06:20 UTC (rev 569) +++ federation/trunk/picketlink-bindings-jboss/src/test/java/org/picketlink/test/identity/federation/bindings/jboss/auth/STSMappingProviderUnitTestCase.java 2010-11-30 16:07:32 UTC (rev 570) @@ -25,9 +25,6 @@ import java.util.HashMap; import java.util.Map; -import javax.xml.bind.JAXBElement; -import javax.xml.namespace.QName; - import junit.framework.TestCase; import org.jboss.security.identity.RoleGroup; @@ -36,14 +33,17 @@ import org.picketlink.identity.federation.bindings.jboss.auth.SAML20TokenRoleAttributeProvider; import org.picketlink.identity.federation.bindings.jboss.auth.mapping.STSGroupMappingProvider; import org.picketlink.identity.federation.bindings.jboss.auth.mapping.STSPrincipalMappingProvider; -import org.picketlink.identity.federation.core.wstrust.WSTrustConstants; +import org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLConstants; +import org.picketlink.identity.federation.core.saml.v2.util.XMLTimeUtil; import org.picketlink.identity.federation.core.wstrust.auth.AbstractSTSLoginModule; import org.picketlink.identity.federation.core.wstrust.plugins.saml.SAMLUtil; -import org.picketlink.identity.federation.saml.v2.assertion.AssertionType; -import org.picketlink.identity.federation.saml.v2.assertion.AttributeStatementType; -import org.picketlink.identity.federation.saml.v2.assertion.AttributeType; -import org.picketlink.identity.federation.saml.v2.assertion.NameIDType; -import org.picketlink.identity.federation.saml.v2.assertion.SubjectType; +import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AssertionType; +import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AttributeStatementType; +import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AttributeStatementType.ASTChoiceType; +import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AttributeType; +import org.picketlink.identity.federation.newmodel.saml.v2.assertion.NameIDType; +import org.picketlink.identity.federation.newmodel.saml.v2.assertion.SubjectType; +import org.picketlink.identity.federation.newmodel.saml.v2.assertion.SubjectType.STSubType; import org.w3c.dom.Element; /** @@ -75,11 +75,11 @@ String role1 = "userRole1"; String role2 = "userRole2"; - AssertionType assertion = new AssertionType(); + AssertionType assertion = new AssertionType( "ID_SOME", XMLTimeUtil.getIssueInstant(), JBossSAMLConstants.VERSION_2_0.get()); AttributeStatementType attributeStatementType = new AttributeStatementType(); - assertion.getStatementOrAuthnStatementOrAuthzDecisionStatement().add(attributeStatementType); + assertion.addStatement( attributeStatementType ); AttributeType attributeType = new AttributeType(); - attributeStatementType.getAttributeOrEncryptedAttribute().add(attributeType); + attributeStatementType.addAttribute( new ASTChoiceType(attributeType)); attributeType.setName(roleAttributeName); attributeType.getAttributeValue().add(role1); attributeType.getAttributeValue().add(role2); @@ -112,16 +112,19 @@ { String userId = "babak"; - AssertionType assertion = new AssertionType(); + AssertionType assertion = new AssertionType( "ID_SOME", XMLTimeUtil.getIssueInstant(), JBossSAMLConstants.VERSION_2_0.get() ); SubjectType subjectType = new SubjectType(); assertion.setSubject(subjectType); - QName name = new QName(WSTrustConstants.SAML2_ASSERTION_NS, "NameID"); - Class<NameIDType> declaredType = NameIDType.class; + //QName name = new QName(WSTrustConstants.SAML2_ASSERTION_NS, "NameID"); NameIDType nameIDType = new NameIDType(); nameIDType.setValue(userId); - JAXBElement<NameIDType> jaxbElement = new JAXBElement<NameIDType>(name, declaredType, JAXBElement.GlobalScope.class, nameIDType); - subjectType.getContent().add(jaxbElement); + STSubType subType = new STSubType(); + subType.addBaseID( nameIDType ); + subjectType.setSubType( subType ); + /*JAXBElement<NameIDType> jaxbElement = new JAXBElement<NameIDType>(name, declaredType, JAXBElement.GlobalScope.class, nameIDType); + subjectType.getContent().add(jaxbElement);*/ + MappingResult<Principal> mappingResult = new MappingResult<Principal>(); Map<String, Object> contextMap = new HashMap<String, Object>(); Element assertionElement = SAMLUtil.toElement(assertion); Modified: federation/trunk/picketlink-fed-api/src/main/java/org/picketlink/identity/federation/api/saml/v2/request/SAML2Request.java =================================================================== --- federation/trunk/picketlink-fed-api/src/main/java/org/picketlink/identity/federation/api/saml/v2/request/SAML2Request.java 2010-11-30 16:06:20 UTC (rev 569) +++ federation/trunk/picketlink-fed-api/src/main/java/org/picketlink/identity/federation/api/saml/v2/request/SAML2Request.java 2010-11-30 16:07:32 UTC (rev 570) @@ -21,17 +21,16 @@ */ package org.picketlink.identity.federation.api.saml.v2.request; +import java.io.ByteArrayInputStream; import java.io.ByteArrayOutputStream; import java.io.IOException; import java.io.InputStream; import java.io.OutputStream; import java.io.Writer; -import javax.xml.bind.Binder; import javax.xml.bind.JAXBContext; import javax.xml.bind.JAXBElement; import javax.xml.bind.JAXBException; -import javax.xml.bind.Marshaller; import javax.xml.bind.Unmarshaller; import javax.xml.parsers.ParserConfigurationException; @@ -44,22 +43,20 @@ import org.picketlink.identity.federation.core.saml.v2.common.SAMLDocumentHolder; import org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLConstants; import org.picketlink.identity.federation.core.saml.v2.factories.JBossSAMLAuthnRequestFactory; -import org.picketlink.identity.federation.core.saml.v2.factories.JBossSAMLBaseFactory; import org.picketlink.identity.federation.core.saml.v2.util.DocumentUtil; -import org.picketlink.identity.federation.core.saml.v2.util.JAXBElementMappingUtil; import org.picketlink.identity.federation.core.saml.v2.util.XMLTimeUtil; import org.picketlink.identity.federation.core.saml.v2.writers.SAMLRequestWriter; +import org.picketlink.identity.federation.core.saml.v2.writers.SAMLResponseWriter; import org.picketlink.identity.federation.core.util.JAXBUtil; import org.picketlink.identity.federation.core.util.StaxUtil; +import org.picketlink.identity.federation.newmodel.saml.v2.assertion.NameIDType; +import org.picketlink.identity.federation.newmodel.saml.v2.profiles.xacml.protocol.XACMLAuthzDecisionQueryType; +import org.picketlink.identity.federation.newmodel.saml.v2.protocol.AuthnRequestType; +import org.picketlink.identity.federation.newmodel.saml.v2.protocol.LogoutRequestType; +import org.picketlink.identity.federation.newmodel.saml.v2.protocol.RequestAbstractType; +import org.picketlink.identity.federation.newmodel.saml.v2.protocol.ResponseType; import org.picketlink.identity.federation.saml.v2.SAML2Object; -import org.picketlink.identity.federation.saml.v2.assertion.NameIDType; -import org.picketlink.identity.federation.saml.v2.profiles.xacml.protocol.XACMLAuthzDecisionQueryType; -import org.picketlink.identity.federation.saml.v2.protocol.AuthnRequestType; -import org.picketlink.identity.federation.saml.v2.protocol.LogoutRequestType; -import org.picketlink.identity.federation.saml.v2.protocol.RequestAbstractType; -import org.picketlink.identity.federation.saml.v2.protocol.ResponseType; import org.w3c.dom.Document; -import org.w3c.dom.Node; import org.xml.sax.SAXException; /** @@ -92,33 +89,23 @@ /** * Get AuthnRequestType from a file * @param fileName file with the serialized AuthnRequestType - * @return AuthnRequestType - * @throws SAXException - * @throws JAXBException + * @return AuthnRequestType + * @throws ParsingException + * @throws ProcessingException + * @throws ConfigurationException * @throws IllegalArgumentException if the input fileName is null * IllegalStateException if the InputStream from the fileName is null */ - public AuthnRequestType getAuthnRequestType(String fileName) throws JAXBException, SAXException + public AuthnRequestType getAuthnRequestType(String fileName) throws ConfigurationException, ProcessingException, ParsingException { if(fileName == null) throw new IllegalArgumentException("fileName is null"); ClassLoader tcl = SecurityActions.getContextClassLoader(); InputStream is = tcl.getResourceAsStream(fileName); return getAuthnRequestType(is); - } + } /** - * Get the Binder - * @return - * @throws JAXBException - */ - public Binder<Node> getBinder() throws JAXBException - { - JAXBContext jaxb = JAXBUtil.getJAXBContext(RequestAbstractType.class); - return jaxb.createBinder(); - } - - /** * Get the Underlying SAML2Object from the input stream * @param is * @return @@ -160,49 +147,51 @@ * @throws ConfigurationException * @throws * @throws IllegalArgumentException inputstream is null - */ - @SuppressWarnings("unchecked") + */ public RequestAbstractType getRequestType(InputStream is) throws ParsingException, ConfigurationException, ProcessingException { if(is == null) throw new IllegalStateException("InputStream is null"); - - Document samlDocument = DocumentUtil.getDocument(is); - - try - { - Binder<Node> binder = getBinder(); + + Document samlDocument = DocumentUtil.getDocument( is ); + + SAMLParser samlParser = new SAMLParser(); + RequestAbstractType requestType = (RequestAbstractType) samlParser.parse( DocumentUtil.getNodeAsStream(samlDocument)); + + /*Binder<Node> binder = getBinder(); JAXBElement<RequestAbstractType> jaxbAuthnRequestType = (JAXBElement<RequestAbstractType>) binder.unmarshal(samlDocument); - RequestAbstractType requestType = jaxbAuthnRequestType.getValue(); - samlDocumentHolder = new SAMLDocumentHolder(requestType, samlDocument); - return requestType; - } - catch (JAXBException e) - { - throw new ParsingException(e); - } + RequestAbstractType requestType = jaxbAuthnRequestType.getValue();*/ + samlDocumentHolder = new SAMLDocumentHolder(requestType, samlDocument); + return requestType; } /** * Get the AuthnRequestType from an input stream * @param is Inputstream containing the AuthnRequest - * @return - * @throws SAXException - * @throws JAXBException + * @return + * @throws ParsingException + * @throws ProcessingException + * @throws ConfigurationException * @throws IllegalArgumentException inputstream is null - */ - @SuppressWarnings("unchecked") - public AuthnRequestType getAuthnRequestType(InputStream is) throws JAXBException, SAXException + */ + public AuthnRequestType getAuthnRequestType(InputStream is) throws ConfigurationException, ProcessingException, ParsingException { if(is == null) throw new IllegalStateException("InputStream is null"); String key = PicketLinkFederationConstants.JAXB_SCHEMA_VALIDATION; - boolean validate = Boolean.parseBoolean(SecurityActions.getSystemProperty(key, "false")); + //boolean validate = Boolean.parseBoolean(SecurityActions.getSystemProperty(key, "false")); - Unmarshaller un = JBossSAMLAuthnRequestFactory.getValidatingUnmarshaller(validate); + Document samlDocument = DocumentUtil.getDocument( is ); + + SAMLParser samlParser = new SAMLParser(); + AuthnRequestType requestType = (AuthnRequestType) samlParser.parse( DocumentUtil.getNodeAsStream(samlDocument)); + samlDocumentHolder = new SAMLDocumentHolder(requestType, samlDocument); + return requestType; + + /*Unmarshaller un = JBossSAMLAuthnRequestFactory.getValidatingUnmarshaller(validate); JAXBElement<AuthnRequestType> jaxbAuthnRequestType = (JAXBElement<AuthnRequestType>) un.unmarshal(is); - return jaxbAuthnRequestType.getValue(); + return jaxbAuthnRequestType.getValue();*/ } @@ -222,17 +211,16 @@ * @throws ConfigurationException */ public LogoutRequestType createLogoutRequest(String issuer) throws ConfigurationException - { - org.picketlink.identity.federation.saml.v2.protocol.ObjectFactory of - = new org.picketlink.identity.federation.saml.v2.protocol.ObjectFactory(); - LogoutRequestType lrt = of.createLogoutRequestType(); + { + LogoutRequestType lrt = new LogoutRequestType(); lrt.setID(IDGenerator.create("ID_")); lrt.setIssueInstant(XMLTimeUtil.getIssueInstant()); lrt.setVersion( JBossSAMLConstants.VERSION_2_0.get() ); //Create an issuer - NameIDType issuerNameID = JBossSAMLBaseFactory.createNameID(); + NameIDType issuerNameID = new NameIDType(); issuerNameID.setValue(issuer); + lrt.setIssuer(issuerNameID); return lrt; @@ -323,14 +311,14 @@ * @throws JAXBException * @throws ParserConfigurationException */ - public Document convert(ResponseType responseType) throws JAXBException, ConfigurationException + public Document convert( ResponseType responseType) throws ProcessingException, ParsingException, ConfigurationException { - JAXBContext jaxb = JAXBUtil.getJAXBContext(ResponseType.class); - Binder<Node> binder = jaxb.createBinder(); + ByteArrayOutputStream baos = new ByteArrayOutputStream(); + SAMLResponseWriter writer = new SAMLResponseWriter(StaxUtil.getXMLStreamWriter(baos)); + writer.write( responseType ); - Document doc = DocumentUtil.createDocument(); - binder.marshal(JAXBElementMappingUtil.get(responseType), doc); - return doc; + ByteArrayInputStream bis = new ByteArrayInputStream( baos.toByteArray() ); + return DocumentUtil.getDocument(bis); } /** @@ -340,14 +328,26 @@ * @throws JAXBException * @throws SAXException */ - public void marshall(RequestAbstractType requestType, OutputStream os) throws SAXException, JAXBException + public void marshall(RequestAbstractType requestType, OutputStream os) throws ProcessingException { - String key = PicketLinkFederationConstants.JAXB_SCHEMA_VALIDATION; + /*String key = PicketLinkFederationConstants.JAXB_SCHEMA_VALIDATION; boolean validate = Boolean.parseBoolean(SecurityActions.getSystemProperty(key, "false")); Marshaller marshaller = JBossSAMLAuthnRequestFactory.getValidatingMarshaller(validate); JAXBElement<?> j = JAXBElementMappingUtil.get(requestType); marshaller.marshal(j, os); + */ + SAMLRequestWriter samlRequestWriter = new SAMLRequestWriter( StaxUtil.getXMLStreamWriter(os)); + if( requestType instanceof AuthnRequestType ) + { + samlRequestWriter.write((AuthnRequestType)requestType ); + } + else if( requestType instanceof LogoutRequestType ) + { + samlRequestWriter.write((LogoutRequestType)requestType ); + } + else + throw new RuntimeException( "Unsupported" ); } /** @@ -357,13 +357,25 @@ * @throws JAXBException * @throws SAXException */ - public void marshall(RequestAbstractType requestType, Writer writer) throws SAXException, JAXBException + public void marshall(RequestAbstractType requestType, Writer writer) throws ProcessingException { - String key = PicketLinkFederationConstants.JAXB_SCHEMA_VALIDATION; + /*String key = PicketLinkFederationConstants.JAXB_SCHEMA_VALIDATION; boolean validate = Boolean.parseBoolean(SecurityActions.getSystemProperty(key, "false")); Marshaller marshaller = JBossSAMLAuthnRequestFactory.getValidatingMarshaller(validate); JAXBElement<?> j = JAXBElementMappingUtil.get(requestType); - marshaller.marshal(j, writer); + marshaller.marshal(j, writer);*/ + + SAMLRequestWriter samlRequestWriter = new SAMLRequestWriter( StaxUtil.getXMLStreamWriter( writer )); + if( requestType instanceof AuthnRequestType ) + { + samlRequestWriter.write((AuthnRequestType)requestType ); + } + else if( requestType instanceof LogoutRequestType ) + { + samlRequestWriter.write((LogoutRequestType)requestType ); + } + else + throw new RuntimeException( "Unsupported" ); } } \ No newline at end of file Modified: federation/trunk/picketlink-fed-api/src/main/java/org/picketlink/identity/federation/api/saml/v2/response/SAML2Response.java =================================================================== --- federation/trunk/picketlink-fed-api/src/main/java/org/picketlink/identity/federation/api/saml/v2/response/SAML2Response.java 2010-11-30 16:06:20 UTC (rev 569) +++ federation/trunk/picketlink-fed-api/src/main/java/org/picketlink/identity/federation/api/saml/v2/response/SAML2Response.java 2010-11-30 16:07:32 UTC (rev 570) @@ -31,17 +31,11 @@ import java.io.Writer; import java.util.Arrays; -import javax.xml.bind.Binder; -import javax.xml.bind.JAXBContext; -import javax.xml.bind.JAXBElement; import javax.xml.bind.JAXBException; -import javax.xml.bind.Marshaller; -import javax.xml.bind.Unmarshaller; import javax.xml.datatype.XMLGregorianCalendar; import javax.xml.namespace.QName; import javax.xml.parsers.ParserConfigurationException; -import org.picketlink.identity.federation.core.constants.PicketLinkFederationConstants; import org.picketlink.identity.federation.core.exceptions.ConfigurationException; import org.picketlink.identity.federation.core.exceptions.ParsingException; import org.picketlink.identity.federation.core.exceptions.ProcessingException; @@ -50,33 +44,29 @@ import org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLURIConstants; import org.picketlink.identity.federation.core.saml.v2.exceptions.IssueInstantMissingException; import org.picketlink.identity.federation.core.saml.v2.factories.JBossSAMLAuthnResponseFactory; -import org.picketlink.identity.federation.core.saml.v2.factories.SAMLAssertionFactory; -import org.picketlink.identity.federation.core.saml.v2.factories.SAMLProtocolFactory; import org.picketlink.identity.federation.core.saml.v2.holders.IDPInfoHolder; import org.picketlink.identity.federation.core.saml.v2.holders.IssuerInfoHolder; import org.picketlink.identity.federation.core.saml.v2.holders.SPInfoHolder; import org.picketlink.identity.federation.core.saml.v2.util.AssertionUtil; import org.picketlink.identity.federation.core.saml.v2.util.DocumentUtil; -import org.picketlink.identity.federation.core.saml.v2.util.JAXBElementMappingUtil; import org.picketlink.identity.federation.core.saml.v2.writers.SAMLResponseWriter; -import org.picketlink.identity.federation.core.util.JAXBUtil; +import org.picketlink.identity.federation.core.util.NetworkUtil; import org.picketlink.identity.federation.core.util.StaxUtil; +import org.picketlink.identity.federation.newmodel.saml.v2.assertion.ActionType; +import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AssertionType; +import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AuthnContextType; +import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AuthnStatementType; +import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AuthzDecisionStatementType; +import org.picketlink.identity.federation.newmodel.saml.v2.assertion.DecisionType; +import org.picketlink.identity.federation.newmodel.saml.v2.assertion.EncryptedAssertionType; +import org.picketlink.identity.federation.newmodel.saml.v2.assertion.EncryptedElementType; +import org.picketlink.identity.federation.newmodel.saml.v2.assertion.EvidenceType; +import org.picketlink.identity.federation.newmodel.saml.v2.assertion.NameIDType; +import org.picketlink.identity.federation.newmodel.saml.v2.protocol.ResponseType; +import org.picketlink.identity.federation.newmodel.saml.v2.protocol.StatusResponseType; import org.picketlink.identity.federation.saml.v2.SAML2Object; -import org.picketlink.identity.federation.saml.v2.assertion.ActionType; -import org.picketlink.identity.federation.saml.v2.assertion.AssertionType; -import org.picketlink.identity.federation.saml.v2.assertion.AuthnContextType; -import org.picketlink.identity.federation.saml.v2.assertion.AuthnStatementType; -import org.picketlink.identity.federation.saml.v2.assertion.AuthzDecisionStatementType; -import org.picketlink.identity.federation.saml.v2.assertion.DecisionType; -import org.picketlink.identity.federation.saml.v2.assertion.EncryptedElementType; -import org.picketlink.identity.federation.saml.v2.assertion.EvidenceType; -import org.picketlink.identity.federation.saml.v2.assertion.NameIDType; -import org.picketlink.identity.federation.saml.v2.assertion.ObjectFactory; -import org.picketlink.identity.federation.saml.v2.protocol.ResponseType; -import org.picketlink.identity.federation.saml.v2.protocol.StatusResponseType; import org.w3c.dom.Document; import org.w3c.dom.Node; -import org.xml.sax.SAXException; /** * API for dealing with SAML2 Response objects @@ -106,13 +96,11 @@ */ public AuthnStatementType createAuthnStatement(String authnContextDeclRef, XMLGregorianCalendar issueInstant) - { - ObjectFactory objectFactory = SAMLAssertionFactory.getObjectFactory(); - AuthnStatementType authnStatement = objectFactory.createAuthnStatementType(); - authnStatement.setAuthnInstant(issueInstant); - AuthnContextType act = objectFactory.createAuthnContextType(); + { + AuthnStatementType authnStatement = new AuthnStatementType( issueInstant ); + AuthnContextType act = new AuthnContextType(); String authContextDeclRef = JBossSAMLURIConstants.AC_PASSWORD_PROTECTED_TRANSPORT.get(); - act.getContent().add(objectFactory.createAuthnContextDeclRef(authContextDeclRef)); + act.addAuthenticatingAuthority( NetworkUtil.createURI( authContextDeclRef )); authnStatement.setAuthnContext(act); return authnStatement; } @@ -129,9 +117,8 @@ DecisionType decision, EvidenceType evidence, ActionType... actions) - { - ObjectFactory objectFactory = SAMLAssertionFactory.getObjectFactory(); - AuthzDecisionStatementType authzDecST = objectFactory.createAuthzDecisionStatementType(); + { + AuthzDecisionStatementType authzDecST = new AuthzDecisionStatementType(); authzDecST.setResource(resource); authzDecST.setDecision(decision); if(evidence != null) @@ -199,37 +186,39 @@ /** * Get an encrypted assertion from the stream * @param is - * @return - * @throws SAXException - * @throws JAXBException - */ - @SuppressWarnings("unchecked") - public EncryptedElementType getEncryptedAssertion(InputStream is) throws JAXBException, SAXException + * @return + * @throws ParsingException + */ + public EncryptedAssertionType getEncryptedAssertion(InputStream is) throws ParsingException { if(is == null) - throw new IllegalArgumentException("inputstream is null"); + throw new IllegalArgumentException( "inputstream is null" ); - Unmarshaller un = JBossSAMLAuthnResponseFactory.getUnmarshaller(); + SAMLParser samlParser = new SAMLParser(); + return ( EncryptedAssertionType ) samlParser.parse(is); + + /*Unmarshaller un = JBossSAMLAuthnResponseFactory.getUnmarshaller(); JAXBElement<EncryptedElementType> jaxb = (JAXBElement<EncryptedElementType>) un.unmarshal(is); - return jaxb.getValue(); + return jaxb.getValue(); */ } /** * Read an assertion from an input stream * @param is - * @return - * @throws JAXBException - * @throws SAXException - */ - @SuppressWarnings("unchecked") - public AssertionType getAssertionType(InputStream is) throws JAXBException, SAXException + * @return + * @throws ParsingException + */ + public AssertionType getAssertionType(InputStream is) throws ParsingException { if(is == null) - throw new IllegalArgumentException("inputstream is null"); + throw new IllegalArgumentException( "inputstream is null" ); - Unmarshaller un = JBossSAMLAuthnResponseFactory.getUnmarshaller(); + SAMLParser samlParser = new SAMLParser(); + return (AssertionType) samlParser.parse(is); + + /*Unmarshaller un = JBossSAMLAuthnResponseFactory.getUnmarshaller(); JAXBElement<AssertionType> jaxb = (JAXBElement<AssertionType>) un.unmarshal(is); - return jaxb.getValue(); + return jaxb.getValue(); */ } /** @@ -247,28 +236,24 @@ * @return * @throws ParsingException * @throws ConfigurationException - */ - @SuppressWarnings("unchecked") + */ public ResponseType getResponseType(InputStream is) throws ParsingException, ConfigurationException, ProcessingException { if(is == null) throw new IllegalArgumentException("inputstream is null"); - + Document samlResponseDocument = DocumentUtil.getDocument(is); - - try - { - Binder<Node> binder = getBinder(); + + SAMLParser samlParser = new SAMLParser(); + ResponseType responseType = (ResponseType) samlParser.parse( DocumentUtil.getNodeAsStream( samlResponseDocument )); + + + /*Binder<Node> binder = getBinder(); JAXBElement<ResponseType> jaxbResponseType = (JAXBElement<ResponseType>) binder.unmarshal(samlResponseDocument); - ResponseType responseType = jaxbResponseType.getValue(); - samlDocumentHolder = new SAMLDocumentHolder(responseType, samlResponseDocument); - return responseType; - } - catch (JAXBException e) - { - throw new ParsingException(e); - } + ResponseType responseType = jaxbResponseType.getValue();*/ + samlDocumentHolder = new SAMLDocumentHolder(responseType, samlResponseDocument); + return responseType; } @@ -311,33 +296,24 @@ /** * Convert an EncryptedElement into a Document * @param encryptedElementType - * @return - * @throws JAXBException - * @throws ParserConfigurationException + * @return + * @throws ConfigurationException */ public Document convert(EncryptedElementType encryptedElementType) - throws JAXBException, ConfigurationException - { - JAXBContext jaxb = JAXBUtil.getJAXBContext(EncryptedElementType.class); + throws ConfigurationException + { + /*JAXBContext jaxb = JAXBUtil.getJAXBContext(EncryptedElementType.class); Binder<Node> binder = jaxb.createBinder(); - + */ Document doc = DocumentUtil.createDocument(); - binder.marshal(JAXBElementMappingUtil.get(encryptedElementType), doc); + Node importedNode = doc.importNode( encryptedElementType.getEncryptedElement(), true ); + doc.appendChild(importedNode); + + //binder.marshal(JAXBElementMappingUtil.get(encryptedElementType), doc); return doc; } /** - * Get the Binder - * @return - * @throws JAXBException - */ - public Binder<Node> getBinder() throws JAXBException - { - JAXBContext jaxb = JAXBUtil.getJAXBContext(ResponseType.class); - return jaxb.createBinder(); - } - - /** * Convert a SAML2 Response into a Document * @param responseType * @return @@ -349,7 +325,7 @@ public Document convert(StatusResponseType responseType) throws JAXBException, ConfigurationException*/ - public Document convert(StatusResponseType responseType) throws ProcessingException, ConfigurationException, ParsingException + public Document convert( StatusResponseType responseType) throws ProcessingException, ConfigurationException, ParsingException { ByteArrayOutputStream bos = new ByteArrayOutputStream(); @@ -385,12 +361,11 @@ * * @param responseType * @param os - * @throws SAXException - * @throws JAXBException + * @throws ProcessingException */ - public void marshall(ResponseType responseType, OutputStream os) throws JAXBException, SAXException + public void marshall(ResponseType responseType, OutputStream os) throws ProcessingException { - String key = PicketLinkFederationConstants.JAXB_SCHEMA_VALIDATION; + /*String key = PicketLinkFederationConstants.JAXB_SCHEMA_VALIDATION; boolean validate = Boolean.parseBoolean(SecurityActions .getSystemProperty(key, "false")); @@ -398,20 +373,25 @@ .getValidatingMarshaller(validate); JAXBElement<ResponseType> jaxb = SAMLProtocolFactory.getObjectFactory() .createResponse(responseType); - marshaller.marshal(jaxb, os); + marshaller.marshal(jaxb, os); */ + + SAMLResponseWriter samlWriter = new SAMLResponseWriter( StaxUtil.getXMLStreamWriter(os)); + samlWriter.write(responseType); } /** * Marshall the ResponseType into a writer * @param responseType * @param writer - * @throws SAXException - * @throws JAXBException + * @throws ProcessingException */ - public void marshall(ResponseType responseType, Writer writer) throws JAXBException, SAXException + public void marshall(ResponseType responseType, Writer writer) throws ProcessingException { - Marshaller marshaller = JBossSAMLAuthnResponseFactory.getMarshaller(); + SAMLResponseWriter samlWriter = new SAMLResponseWriter( StaxUtil.getXMLStreamWriter( writer )); + samlWriter.write(responseType); + + /*Marshaller marshaller = JBossSAMLAuthnResponseFactory.getMarshaller(); JAXBElement<ResponseType> jaxb = SAMLProtocolFactory.getObjectFactory().createResponse(responseType); - marshaller.marshal(jaxb, writer); + marshaller.marshal(jaxb, writer);*/ } } \ No newline at end of file Modified: federation/trunk/picketlink-fed-api/src/main/java/org/picketlink/identity/federation/api/saml/v2/sig/SAML2Signature.java =================================================================== --- federation/trunk/picketlink-fed-api/src/main/java/org/picketlink/identity/federation/api/saml/v2/sig/SAML2Signature.java 2010-11-30 16:06:20 UTC (rev 569) +++ federation/trunk/picketlink-fed-api/src/main/java/org/picketlink/identity/federation/api/saml/v2/sig/SAML2Signature.java 2010-11-30 16:07:32 UTC (rev 570) @@ -41,9 +41,9 @@ import org.picketlink.identity.federation.core.exceptions.ProcessingException; import org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLURIConstants; import org.picketlink.identity.federation.core.saml.v2.util.DocumentUtil; -import org.picketlink.identity.federation.core.util.XMLSignatureUtil; -import org.picketlink.identity.federation.saml.v2.protocol.RequestAbstractType; -import org.picketlink.identity.federation.saml.v2.protocol.ResponseType; +import org.picketlink.identity.federation.core.util.XMLSignatureUtil; +import org.picketlink.identity.federation.newmodel.saml.v2.protocol.RequestAbstractType; +import org.picketlink.identity.federation.newmodel.saml.v2.protocol.ResponseType; import org.w3c.dom.Document; import org.w3c.dom.Node; import org.xml.sax.SAXException; Modified: federation/trunk/picketlink-fed-api/src/main/java/org/picketlink/identity/federation/api/soap/SOAPSAMLXACML.java =================================================================== --- federation/trunk/picketlink-fed-api/src/main/java/org/picketlink/identity/federation/api/soap/SOAPSAMLXACML.java 2010-11-30 16:06:20 UTC (rev 569) +++ federation/trunk/picketlink-fed-api/src/main/java/org/picketlink/identity/federation/api/soap/SOAPSAMLXACML.java 2010-11-30 16:07:32 UTC (rev 570) @@ -32,18 +32,14 @@ import org.picketlink.identity.federation.core.exceptions.ConfigurationException; import org.picketlink.identity.federation.core.exceptions.ProcessingException; -import org.picketlink.identity.federation.core.factories.SOAPFactory; -import org.picketlink.identity.federation.core.saml.v2.factories.SAMLAssertionFactory; +import org.picketlink.identity.federation.core.factories.SOAPFactory; import org.picketlink.identity.federation.core.saml.v2.util.SOAPSAMLXACMLUtil; import org.picketlink.identity.federation.core.saml.v2.util.XMLTimeUtil; +import org.picketlink.identity.federation.newmodel.saml.v2.assertion.NameIDType; +import org.picketlink.identity.federation.newmodel.saml.v2.profiles.xacml.protocol.XACMLAuthzDecisionQueryType; import org.picketlink.identity.federation.org.xmlsoap.schemas.soap.envelope.Body; import org.picketlink.identity.federation.org.xmlsoap.schemas.soap.envelope.Envelope; -import org.picketlink.identity.federation.org.xmlsoap.schemas.soap.envelope.Fault; -import org.picketlink.identity.federation.saml.v2.assertion.AssertionType; -import org.picketlink.identity.federation.saml.v2.assertion.NameIDType; -import org.picketlink.identity.federation.saml.v2.profiles.xacml.assertion.XACMLAuthzDecisionStatementType; -import org.picketlink.identity.federation.saml.v2.profiles.xacml.protocol.XACMLAuthzDecisionQueryType; -import org.picketlink.identity.federation.saml.v2.protocol.ResponseType; +import org.picketlink.identity.federation.org.xmlsoap.schemas.soap.envelope.Fault; import org.jboss.security.xacml.core.model.context.DecisionType; import org.jboss.security.xacml.core.model.context.RequestType; import org.jboss.security.xacml.core.model.context.ResultType; @@ -67,21 +63,21 @@ */ public Result send(String endpoint, String issuer, RequestType xacmlRequest) throws ProcessingException { + throw new RuntimeException( "NYI" );/* try { - XACMLAuthzDecisionQueryType queryType = SOAPSAMLXACMLUtil.createXACMLAuthzDecisionQueryType(); + XACMLAuthzDecisionQueryType queryType = new XACMLAuthzDecisionQueryType(); queryType.setRequest(xacmlRequest); //Create Issue Instant queryType.setIssueInstant(XMLTimeUtil.getIssueInstant()); //Create Issuer - NameIDType nameIDType = SAMLAssertionFactory.getObjectFactory().createNameIDType(); + NameIDType nameIDType = new NameIDType(); nameIDType.setValue(issuer); queryType.setIssuer(nameIDType); + - JAXBElement<?> jaxbQueryType = SOAPSAMLXACMLUtil.getJAXB(queryType); - Envelope envelope = createEnvelope(jaxbQueryType); JAXBElement<?> soapRequest = SOAPFactory.getObjectFactory().createEnvelope(envelope); @@ -125,7 +121,7 @@ catch (ConfigurationException e) { throw new ProcessingException(e); - } + }*/ } private Envelope createEnvelope(JAXBElement<?> jaxbElement) Modified: federation/trunk/picketlink-fed-api/src/test/java/org/picketlink/test/identity/federation/api/saml/v2/DeflateEncodingDecodingUnitTestCase.java =================================================================== --- federation/trunk/picketlink-fed-api/src/test/java/org/picketlink/test/identity/federation/api/saml/v2/DeflateEncodingDecodingUnitTestCase.java 2010-11-30 16:06:20 UTC (rev 569) +++ federation/trunk/picketlink-fed-api/src/test/java/org/picketlink/test/identity/federation/api/saml/v2/DeflateEncodingDecodingUnitTestCase.java 2010-11-30 16:07:32 UTC (rev 570) @@ -32,8 +32,8 @@ import org.picketlink.identity.federation.api.util.DeflateUtil; import org.picketlink.identity.federation.core.saml.v2.common.IDGenerator; import org.picketlink.identity.federation.core.saml.v2.factories.JBossSAMLAuthnRequestFactory; -import org.picketlink.identity.federation.core.util.Base64; -import org.picketlink.identity.federation.saml.v2.protocol.AuthnRequestType; +import org.picketlink.identity.federation.core.util.Base64; +import org.picketlink.identity.federation.newmodel.saml.v2.protocol.AuthnRequestType; /** * Unit test the DEFLATE compression Modified: federation/trunk/picketlink-fed-api/src/test/java/org/picketlink/test/identity/federation/api/saml/v2/SAML2AuthnRequestUnitTestCase.java =================================================================== --- federation/trunk/picketlink-fed-api/src/test/java/org/picketlink/test/identity/federation/api/saml/v2/SAML2AuthnRequestUnitTestCase.java 2010-11-30 16:06:20 UTC (rev 569) +++ federation/trunk/picketlink-fed-api/src/test/java/org/picketlink/test/identity/federation/api/saml/v2/SAML2AuthnRequestUnitTestCase.java 2010-11-30 16:07:32 UTC (rev 570) @@ -22,22 +22,22 @@ package org.picketlink.test.identity.federation.api.saml.v2; import java.io.ByteArrayOutputStream; +import java.net.URI; import java.util.List; -import javax.xml.bind.JAXBElement; - import junit.framework.TestCase; import org.picketlink.identity.federation.api.saml.v2.request.SAML2Request; import org.picketlink.identity.federation.core.saml.v2.common.IDGenerator; -import org.picketlink.identity.federation.saml.v2.assertion.AudienceRestrictionType; -import org.picketlink.identity.federation.saml.v2.assertion.ConditionAbstractType; -import org.picketlink.identity.federation.saml.v2.assertion.ConditionsType; -import org.picketlink.identity.federation.saml.v2.assertion.NameIDType; -import org.picketlink.identity.federation.saml.v2.assertion.SubjectType; -import org.picketlink.identity.federation.saml.v2.protocol.AuthnRequestType; -import org.picketlink.identity.federation.saml.v2.protocol.RequestedAuthnContextType; -import org.picketlink.identity.xmlsec.w3.xmldsig.SignatureType; +import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AudienceRestrictionType; +import org.picketlink.identity.federation.newmodel.saml.v2.assertion.ConditionAbstractType; +import org.picketlink.identity.federation.newmodel.saml.v2.assertion.ConditionsType; +import org.picketlink.identity.federation.newmodel.saml.v2.assertion.NameIDType; +import org.picketlink.identity.federation.newmodel.saml.v2.assertion.SubjectType; +import org.picketlink.identity.federation.newmodel.saml.v2.assertion.SubjectType.STSubType; +import org.picketlink.identity.federation.newmodel.saml.v2.protocol.AuthnRequestType; +import org.picketlink.identity.federation.newmodel.saml.v2.protocol.RequestedAuthnContextType; +import org.w3c.dom.Element; @@ -68,23 +68,22 @@ SubjectType subjectType = authnRequestType.getSubject(); assertNotNull(subjectType); - List<JAXBElement<?>> subjectContentList = subjectType.getContent(); - JAXBElement<?> elem1 = subjectContentList.get(0); - NameIDType nameIDType = (NameIDType) elem1.getValue(); + STSubType subType = subjectType.getSubType(); + NameIDType nameIDType = (NameIDType) subType.getBaseID(); assertEquals("urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress",nameIDType.getFormat()); assertEquals("j.doe(a)company.com",nameIDType.getValue()); ConditionsType conditionsType = authnRequestType.getConditions(); - List<ConditionAbstractType> conditions = conditionsType.getConditionOrAudienceRestrictionOrOneTimeUse(); + List<ConditionAbstractType> conditions = conditionsType.getConditions(); assertTrue(conditions.size() == 1); ConditionAbstractType condition = conditions.get(0); assertTrue(condition instanceof AudienceRestrictionType); AudienceRestrictionType audienceRestrictionType = (AudienceRestrictionType) condition; - List<String> audiences = audienceRestrictionType.getAudience(); + List<URI> audiences = audienceRestrictionType.getAudience(); assertTrue(audiences.size() == 1); - assertEquals("urn:foo:sp.example.org", audiences.get(0)); + assertEquals("urn:foo:sp.example.org", audiences.get(0).toASCIIString()); RequestedAuthnContextType requestedAuthnContext = authnRequestType.getRequestedAuthnContext(); assertEquals( "urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport" @@ -109,7 +108,7 @@ AuthnRequestType authnRequestType = request.getAuthnRequestType(resourceName); assertNotNull(authnRequestType); - SignatureType signatureType = authnRequestType.getSignature(); + Element signatureType = authnRequestType.getSignature(); assertNotNull("Signature is not null", signatureType); //Let us marshall it back to an output stream Modified: federation/trunk/picketlink-fed-api/src/test/java/org/picketlink/test/identity/federation/api/saml/v2/SAML2AuthnResponseUnitTestCase.java =================================================================== --- federation/trunk/picketlink-fed-api/src/test/java/org/picketlink/test/identity/federation/api/saml/v2/SAML2AuthnResponseUnitTestCase.java 2010-11-30 16:06:20 UTC (rev 569) +++ federation/trunk/picketlink-fed-api/src/test/java/org/picketlink/test/identity/federation/api/saml/v2/SAML2AuthnResponseUnitTestCase.java 2010-11-30 16:07:32 UTC (rev 570) @@ -31,8 +31,8 @@ import org.picketlink.identity.federation.core.saml.v2.factories.JBossSAMLAuthnResponseFactory; import org.picketlink.identity.federation.core.saml.v2.holders.IDPInfoHolder; import org.picketlink.identity.federation.core.saml.v2.holders.IssuerInfoHolder; -import org.picketlink.identity.federation.core.saml.v2.holders.SPInfoHolder; -import org.picketlink.identity.federation.saml.v2.protocol.ResponseType; +import org.picketlink.identity.federation.core.saml.v2.holders.SPInfoHolder; +import org.picketlink.identity.federation.newmodel.saml.v2.protocol.ResponseType; /** Modified: federation/trunk/picketlink-fed-api/src/test/java/org/picketlink/test/identity/federation/api/saml/v2/SAML2RequestUnitTestCase.java =================================================================== --- federation/trunk/picketlink-fed-api/src/test/java/org/picketlink/test/identity/federation/api/saml/v2/SAML2RequestUnitTestCase.java 2010-11-30 16:06:20 UTC (rev 569) +++ federation/trunk/picketlink-fed-api/src/test/java/org/picketlink/test/identity/federation/api/saml/v2/SAML2RequestUnitTestCase.java 2010-11-30 16:07:32 UTC (rev 570) @@ -23,8 +23,8 @@ import junit.framework.TestCase; -import org.picketlink.identity.federation.api.saml.v2.request.SAML2Request; -import org.picketlink.identity.federation.saml.v2.protocol.LogoutRequestType; +import org.picketlink.identity.federation.api.saml.v2.request.SAML2Request; +import org.picketlink.identity.federation.newmodel.saml.v2.protocol.LogoutRequestType; /** Modified: federation/trunk/picketlink-fed-api/src/test/java/org/picketlink/test/identity/federation/api/saml/v2/SignatureValidationUnitTestCase.java =================================================================== --- federation/trunk/picketlink-fed-api/src/test/java/org/picketlink/test/identity/federation/api/saml/v2/SignatureValidationUnitTestCase.java 2010-11-30 16:06:20 UTC (rev 569) +++ federation/trunk/picketlink-fed-api/src/test/java/org/picketlink/test/identity/federation/api/saml/v2/SignatureValidationUnitTestCase.java 2010-11-30 16:07:32 UTC (rev 570) @@ -41,11 +41,11 @@ import org.picketlink.identity.federation.core.saml.v2.util.DocumentUtil; import org.picketlink.identity.federation.core.saml.v2.util.SignatureUtil; import org.picketlink.identity.federation.core.saml.v2.util.XMLTimeUtil; -import org.picketlink.identity.federation.core.util.XMLSignatureUtil; -import org.picketlink.identity.federation.saml.v2.assertion.AssertionType; -import org.picketlink.identity.federation.saml.v2.assertion.AuthnStatementType; -import org.picketlink.identity.federation.saml.v2.protocol.AuthnRequestType; -import org.picketlink.identity.federation.saml.v2.protocol.ResponseType; +import org.picketlink.identity.federation.core.util.XMLSignatureUtil; +import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AssertionType; +import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AuthnStatementType; +import org.picketlink.identity.federation.newmodel.saml.v2.protocol.AuthnRequestType; +import org.picketlink.identity.federation.newmodel.saml.v2.protocol.ResponseType; import org.junit.Test; import org.w3c.dom.Document; import org.w3c.dom.Node; @@ -109,7 +109,7 @@ // Create an assertion AssertionType assertion = response.createAssertion(id, issuerInfo.getIssuer()); - assertion.getStatementOrAuthnStatementOrAuthzDecisionStatement().add(authnStatement); + assertion.addStatement( authnStatement ); KeyPairGenerator kpg = KeyPairGenerator.getInstance("DSA"); KeyPair kp = kpg.genKeyPair(); @@ -176,7 +176,7 @@ * Now the signed document is marshalled across the wire using dom * write */ - Binder<Node> binder = response.getBinder(); + //Binder<Node> binder = response.getBinder(); //We have to parse the dom coming from the stream and feed to binder Document readDoc = DocumentUtil.getDocument(DocumentUtil.getNodeAsStream(signedDoc)); @@ -191,9 +191,9 @@ // The client re-validates the signature. assertTrue("Signature is valid:", XMLSignatureUtil.validate(validatingDoc, kp.getPublic())); - JAXBElement<ResponseType> jaxbresponseType = (JAXBElement<ResponseType>) binder.unmarshal(readDoc); + /*JAXBElement<ResponseType> jaxbresponseType = (JAXBElement<ResponseType>) binder.unmarshal(readDoc); responseType = jaxbresponseType.getValue(); - assertNotNull(responseType); + assertNotNull(responseType); */ } /** Modified: federation/trunk/picketlink-fed-api/src/test/java/org/picketlink/test/identity/federation/api/util/XMLEncryptionUnitTestCase.java =================================================================== --- federation/trunk/picketlink-fed-api/src/test/java/org/picketlink/test/identity/federation/api/util/XMLEncryptionUnitTestCase.java 2010-11-30 16:06:20 UTC (rev 569) +++ federation/trunk/picketlink-fed-api/src/test/java/org/picketlink/test/identity/federation/api/util/XMLEncryptionUnitTestCase.java 2010-11-30 16:07:32 UTC (rev 570) @@ -45,10 +45,11 @@ import org.picketlink.identity.federation.core.saml.v2.util.DocumentUtil; import org.picketlink.identity.federation.core.saml.v2.util.StatementUtil; import org.picketlink.identity.federation.core.util.XMLEncryptionUtil; -import org.picketlink.identity.federation.saml.v2.assertion.AssertionType; -import org.picketlink.identity.federation.saml.v2.assertion.AttributeStatementType; -import org.picketlink.identity.federation.saml.v2.assertion.EncryptedElementType; -import org.picketlink.identity.federation.saml.v2.protocol.ResponseType; +import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AssertionType; +import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AttributeStatementType; +import org.picketlink.identity.federation.newmodel.saml.v2.assertion.EncryptedAssertionType; +import org.picketlink.identity.federation.newmodel.saml.v2.protocol.ResponseType; +import org.picketlink.identity.federation.newmodel.saml.v2.protocol.ResponseType.RTChoiceType; import org.w3c.dom.Document; import org.w3c.dom.Element; import org.w3c.dom.Node; @@ -79,18 +80,20 @@ Element docElement = XMLEncryptionUtil.encryptElementInDocument(responseDoc,kp.getPublic(), sk, 128, assertionQName, true); - EncryptedElementType eet = sr.getEncryptedAssertion(DocumentUtil.getNodeAsStream(docElement)); - rt.getAssertionOrEncryptedAssertion().set(0,eet); + EncryptedAssertionType eet = sr.getEncryptedAssertion(DocumentUtil.getNodeAsStream(docElement)); + rt.addAssertion( new RTChoiceType( eet ) ); - EncryptedElementType myeet = (EncryptedElementType) rt.getAssertionOrEncryptedAssertion().get(0); - Document eetDoc = sr.convert(myeet); + RTChoiceType choiceType = rt.getAssertions().get(0); + EncryptedAssertionType encryptedAssertionType = choiceType.getEncryptedAssertion(); + Document eetDoc = sr.convert( encryptedAssertionType ); + Element decryptedDocumentElement = XMLEncryptionUtil.decryptElementInDocument(eetDoc,kp.getPrivate()); //Let us use the encrypted doc element to decrypt it ResponseType newRT = sr.getResponseType(DocumentUtil.getNodeAsStream(decryptedDocumentElement)); - AssertionType assertion = (AssertionType) newRT.getAssertionOrEncryptedAssertion().get(0); + AssertionType assertion = (AssertionType) newRT.getAssertions().get(0).getAssertion(); assertEquals("http://identityurl", assertion.getIssuer().getValue()); } @@ -110,8 +113,8 @@ Element docElement = XMLEncryptionUtil.encryptElementInDocument(responseDoc,kp.getPublic(), sk, 128, assertionQName, true); - EncryptedElementType eet = sr.getEncryptedAssertion(DocumentUtil.getNodeAsStream(docElement)); - rt.getAssertionOrEncryptedAssertion().set(0,eet); + EncryptedAssertionType eet = sr.getEncryptedAssertion(DocumentUtil.getNodeAsStream(docElement)); + rt.addAssertion( new RTChoiceType( eet )); StringWriter sw = new StringWriter(); sr.marshall(rt, sw); @@ -119,15 +122,15 @@ //Create a brand new ResponseType ResponseType received = sr.getResponseType(new ByteArrayInputStream(sw.toString().getBytes("UTF-8"))); - EncryptedElementType myeet = (EncryptedElementType) received.getAssertionOrEncryptedAssertion().get(0); - Document eetDoc = sr.convert(myeet); + EncryptedAssertionType encryptedAssertionType = received.getAssertions().get(0).getEncryptedAssertion(); + Document eetDoc = sr.convert( encryptedAssertionType ); Element decryptedDocumentElement = XMLEncryptionUtil.decryptElementInDocument(eetDoc,kp.getPrivate()); //Let us use the encrypted doc element to decrypt it ResponseType newRT = sr.getResponseType(DocumentUtil.getNodeAsStream(decryptedDocumentElement)); - AssertionType assertion = (AssertionType) newRT.getAssertionOrEncryptedAssertion().get(0); + AssertionType assertion = newRT.getAssertions().get(0).getAssertion(); assertEquals("http://identityurl", assertion.getIssuer().getValue()); } @@ -210,10 +213,10 @@ SPInfoHolder sp = new SPInfoHolder(); sp.setResponseDestinationURI("http://service"); responseType = saml2Response.createResponseType(id, sp, idp, issuerHolder); - AssertionType assertion = (AssertionType) responseType.getAssertionOrEncryptedAssertion().get(0); + AssertionType assertion = (AssertionType) responseType.getAssertions().get(0).getAssertion(); AttributeStatementType attrStatement = StatementUtil.createAttributeStatement(roles); - assertion.getStatementOrAuthnStatementOrAuthzDecisionStatement().add(attrStatement); + assertion.addStatement( attrStatement ); //Add timed conditions saml2Response.createTimedConditions(assertion, 5000L); Modified: federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/web/filters/SPFilter.java =================================================================== --- federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/web/filters/SPFilter.java 2010-11-30 16:06:20 UTC (rev 569) +++ federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/web/filters/SPFilter.java 2010-11-30 16:07:32 UTC (rev 570) @@ -95,17 +95,18 @@ import org.picketlink.identity.federation.core.util.CoreConfigUtil; import org.picketlink.identity.federation.core.util.StringUtil; import org.picketlink.identity.federation.core.util.XMLSignatureUtil; -import org.picketlink.identity.federation.saml.v2.SAML2Object; -import org.picketlink.identity.federation.saml.v2.assertion.AssertionType; -import org.picketlink.identity.federation.saml.v2.assertion.AttributeStatementType; -import org.picketlink.identity.federation.saml.v2.assertion.AttributeType; -import org.picketlink.identity.federation.saml.v2.assertion.NameIDType; -import org.picketlink.identity.federation.saml.v2.assertion.SubjectType; -import org.picketlink.identity.federation.saml.v2.protocol.AuthnRequestType; -import org.picketlink.identity.federation.saml.v2.protocol.RequestAbstractType; -import org.picketlink.identity.federation.saml.v2.protocol.ResponseType; -import org.picketlink.identity.federation.saml.v2.protocol.StatusResponseType; -import org.picketlink.identity.federation.saml.v2.protocol.StatusType; +import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AssertionType; +import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AttributeStatementType; +import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AttributeStatementType.ASTChoiceType; +import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AttributeType; +import org.picketlink.identity.federation.newmodel.saml.v2.assertion.NameIDType; +import org.picketlink.identity.federation.newmodel.saml.v2.assertion.SubjectType; +import org.picketlink.identity.federation.newmodel.saml.v2.protocol.AuthnRequestType; +import org.picketlink.identity.federation.newmodel.saml.v2.protocol.RequestAbstractType; +import org.picketlink.identity.federation.newmodel.saml.v2.protocol.ResponseType; +import org.picketlink.identity.federation.newmodel.saml.v2.protocol.StatusResponseType; +import org.picketlink.identity.federation.newmodel.saml.v2.protocol.StatusType; +import org.picketlink.identity.federation.saml.v2.SAML2Object; import org.picketlink.identity.federation.web.constants.GeneralConstants; import org.picketlink.identity.federation.web.core.HTTPContext; import org.picketlink.identity.federation.web.interfaces.IRoleValidator; @@ -598,7 +599,7 @@ saml2Request.marshall(authnRequest, baos); String samlMessage = PostBindingUtil.base64Encode(baos.toString()); - String destination = authnRequest.getDestination(); + String destination = authnRequest.getDestination().toASCIIString(); PostBindingUtil.sendPost(new DestinationInfoHolder(destination, samlMessage, relayState), response, true); } @@ -727,32 +728,34 @@ if(statusType == null) throw new IllegalArgumentException("Status Type from the IDP is null"); - String statusValue = statusType.getStatusCode().getValue(); + String statusValue = statusType.getStatusCode().getValue().toASCIIString(); if(JBossSAMLURIConstants.STATUS_SUCCESS.get().equals(statusValue) == false) throw new SecurityException("IDP forbid the user"); - List<Object> assertions = responseType.getAssertionOrEncryptedAssertion(); + List<org.picketlink.identity.federation.newmodel.saml.v2.protocol.ResponseType.RTChoiceType> assertions = responseType.getAssertions(); if(assertions.size() == 0) throw new IllegalStateException("No assertions in reply from IDP"); - AssertionType assertion = (AssertionType)assertions.get(0); + AssertionType assertion = assertions.get(0).getAssertion(); //Check for validity of assertion boolean expiredAssertion = AssertionUtil.hasExpired(assertion); if(expiredAssertion) throw new AssertionExpiredException(); SubjectType subject = assertion.getSubject(); - JAXBElement<NameIDType> jnameID = (JAXBElement<NameIDType>) subject.getContent().get(0); - NameIDType nameID = jnameID.getValue(); + /*JAXBElement<NameIDType> jnameID = (JAXBElement<NameIDType>) subject.getContent().get(0); + NameIDType nameID = jnameID.getValue();*/ + NameIDType nameID = (NameIDType) subject.getSubType().getBaseID(); + final String userName = nameID.getValue(); List<String> roles = new ArrayList<String>(); //Let us get the roles - AttributeStatementType attributeStatement = (AttributeStatementType) assertion.getStatementOrAuthnStatementOrAuthzDecisionStatement().get(0); - List<Object> attList = attributeStatement.getAttributeOrEncryptedAttribute(); - for(Object obj:attList) + AttributeStatementType attributeStatement = (AttributeStatementType) assertion.getStatements().iterator().next(); + List<ASTChoiceType> attList = attributeStatement.getAttributes(); + for(ASTChoiceType obj:attList) { - AttributeType attr = (AttributeType) obj; + AttributeType attr = obj.getAttribute(); String roleName = (String) attr.getAttributeValue().get(0); roles.add(roleName); } Modified: federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/web/handlers/saml2/SAML2AuthenticationHandler.java =================================================================== --- federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/web/handlers/saml2/SAML2AuthenticationHandler.java 2010-11-30 16:06:20 UTC (rev 569) +++ federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/web/handlers/saml2/SAML2AuthenticationHandler.java 2010-11-30 16:07:32 UTC (rev 570) @@ -29,8 +29,6 @@ import javax.servlet.ServletContext; import javax.servlet.http.HttpSession; -import javax.xml.bind.JAXBElement; -import javax.xml.bind.JAXBException; import org.apache.log4j.Logger; import org.picketlink.identity.federation.api.saml.v2.request.SAML2Request; @@ -45,26 +43,27 @@ import org.picketlink.identity.federation.core.saml.v2.holders.IssuerInfoHolder; import org.picketlink.identity.federation.core.saml.v2.holders.SPInfoHolder; import org.picketlink.identity.federation.core.saml.v2.interfaces.SAML2HandlerRequest; -import org.picketlink.identity.federation.core.saml.v2.interfaces.SAML2HandlerResponse; import org.picketlink.identity.federation.core.saml.v2.interfaces.SAML2HandlerRequest.GENERATE_REQUEST_TYPE; +import org.picketlink.identity.federation.core.saml.v2.interfaces.SAML2HandlerResponse; import org.picketlink.identity.federation.core.saml.v2.util.AssertionUtil; import org.picketlink.identity.federation.core.saml.v2.util.StatementUtil; -import org.picketlink.identity.federation.saml.v2.assertion.AssertionType; -import org.picketlink.identity.federation.saml.v2.assertion.AttributeStatementType; -import org.picketlink.identity.federation.saml.v2.assertion.AttributeType; -import org.picketlink.identity.federation.saml.v2.assertion.EncryptedElementType; -import org.picketlink.identity.federation.saml.v2.assertion.NameIDType; -import org.picketlink.identity.federation.saml.v2.assertion.SubjectType; -import org.picketlink.identity.federation.saml.v2.protocol.AuthnRequestType; -import org.picketlink.identity.federation.saml.v2.protocol.ResponseType; -import org.picketlink.identity.federation.saml.v2.protocol.StatusType; +import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AssertionType; +import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AttributeStatementType; +import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AttributeStatementType.ASTChoiceType; +import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AttributeType; +import org.picketlink.identity.federation.newmodel.saml.v2.assertion.EncryptedAssertionType; +import org.picketlink.identity.federation.newmodel.saml.v2.assertion.NameIDType; +import org.picketlink.identity.federation.newmodel.saml.v2.assertion.SubjectType; +import org.picketlink.identity.federation.newmodel.saml.v2.protocol.AuthnRequestType; +import org.picketlink.identity.federation.newmodel.saml.v2.protocol.ResponseType; +import org.picketlink.identity.federation.newmodel.saml.v2.protocol.ResponseType.RTChoiceType; +import org.picketlink.identity.federation.newmodel.saml.v2.protocol.StatusType; import org.picketlink.identity.federation.web.constants.GeneralConstants; import org.picketlink.identity.federation.web.core.HTTPContext; import org.picketlink.identity.federation.web.core.IdentityServer; import org.picketlink.identity.federation.web.interfaces.IRoleValidator; import org.w3c.dom.Document; import org.w3c.dom.Node; -import org.xml.sax.SAXException; /** * Handles for dealing with SAML2 Authentication @@ -160,7 +159,7 @@ { Map<String,Object> attribs = (Map<String, Object>) request.getOptions().get(GeneralConstants.ATTRIBUTES); long assertionValidity = (Long) request.getOptions().get(GeneralConstants.ASSERTIONS_VALIDITY); - String destination = art.getAssertionConsumerServiceURL(); + String destination = art.getAssertionConsumerServiceURL().toASCIIString(); Document samlResponse = this.getResponse(destination, userPrincipal, roles, request.getIssuer().getValue(), attribs, @@ -216,10 +215,10 @@ responseType = saml2Response.createResponseType(id, sp, idp, issuerHolder); //Add information on the roles - AssertionType assertion = (AssertionType) responseType.getAssertionOrEncryptedAssertion().get(0); + AssertionType assertion = (AssertionType) responseType.getAssertions().get(0).getAssertion(); AttributeStatementType attrStatement = StatementUtil.createAttributeStatement(roles); - assertion.getStatementOrAuthnStatementOrAuthzDecisionStatement().add(attrStatement); + assertion.addStatement( attrStatement ); //Add timed conditions saml2Response.createTimedConditions(assertion, assertionValidity); @@ -228,7 +227,7 @@ if(attribs != null && attribs.size() > 0 ) { AttributeStatementType attStatement = StatementUtil.createAttributeStatement(attribs); - assertion.getStatementOrAuthnStatementOrAuthzDecisionStatement().add(attStatement); + assertion.addStatement( attStatement ); } //Lets see how the response looks like @@ -239,14 +238,10 @@ { saml2Response.marshall(responseType, sw); } - catch (JAXBException e) + catch ( ProcessingException e) { log.trace(e); - } - catch (SAXException e) - { - log.trace(e); - } + } log.trace("Response="+sw.toString()); } try @@ -291,12 +286,12 @@ { HTTPContext httpContext = (HTTPContext) request.getContext(); ResponseType responseType = (ResponseType) request.getSAML2Object(); - List<Object> assertions = responseType.getAssertionOrEncryptedAssertion(); + List<RTChoiceType> assertions = responseType.getAssertions(); if(assertions.size() == 0) throw new IllegalStateException("No assertions in reply from IDP"); - Object assertion = assertions.get(0); - if(assertion instanceof EncryptedElementType) + Object assertion = assertions.get(0).getEncryptedAssertion(); + if(assertion instanceof EncryptedAssertionType) { responseType = this.decryptAssertion(responseType); } @@ -323,8 +318,7 @@ { throw new RuntimeException("This authenticator does not handle encryption"); } - - @SuppressWarnings("unchecked") + private Principal handleSAMLResponse(ResponseType responseType, SAML2HandlerResponse response) throws ProcessingException { @@ -335,15 +329,15 @@ if(statusType == null) throw new IllegalArgumentException("Status Type from the IDP is null"); - String statusValue = statusType.getStatusCode().getValue(); + String statusValue = statusType.getStatusCode().getValue().toASCIIString(); if(JBossSAMLURIConstants.STATUS_SUCCESS.get().equals(statusValue) == false) throw new SecurityException("IDP forbid the user"); - List<Object> assertions = responseType.getAssertionOrEncryptedAssertion(); + List<RTChoiceType> assertions = responseType.getAssertions(); if(assertions.size() == 0) throw new IllegalStateException("No assertions in reply from IDP"); - AssertionType assertion = (AssertionType)assertions.get(0); + AssertionType assertion = assertions.get(0).getAssertion(); //Check for validity of assertion boolean expiredAssertion; try @@ -361,17 +355,20 @@ } SubjectType subject = assertion.getSubject(); - JAXBElement<NameIDType> jnameID = (JAXBElement<NameIDType>) subject.getContent().get(0); + /*JAXBElement<NameIDType> jnameID = (JAXBElement<NameIDType>) subject.getContent().get(0); NameIDType nameID = jnameID.getValue(); + */ + NameIDType nameID = (NameIDType) subject.getSubType().getBaseID(); + final String userName = nameID.getValue(); List<String> roles = new ArrayList<String>(); //Let us get the roles - AttributeStatementType attributeStatement = (AttributeStatementType) assertion.getStatementOrAuthnStatementOrAuthzDecisionStatement().get(0); - List<Object> attList = attributeStatement.getAttributeOrEncryptedAttribute(); - for(Object obj:attList) + AttributeStatementType attributeStatement = (AttributeStatementType) assertion.getStatements().iterator().next(); + List<ASTChoiceType> attList = attributeStatement.getAttributes(); + for(ASTChoiceType obj:attList) { - AttributeType attr = (AttributeType) obj; + AttributeType attr = obj.getAttribute(); List<Object> attributeValues = attr.getAttributeValue(); if( attributeValues != null) { Modified: federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/web/handlers/saml2/SAML2LogOutHandler.java =================================================================== --- federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/web/handlers/saml2/SAML2LogOutHandler.java 2010-11-30 16:06:20 UTC (rev 569) +++ federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/web/handlers/saml2/SAML2LogOutHandler.java 2010-11-30 16:07:32 UTC (rev 570) @@ -40,14 +40,13 @@ import org.picketlink.identity.federation.core.saml.v2.interfaces.SAML2HandlerRequest.GENERATE_REQUEST_TYPE; import org.picketlink.identity.federation.core.saml.v2.interfaces.SAML2HandlerResponse; import org.picketlink.identity.federation.core.saml.v2.util.XMLTimeUtil; -import org.picketlink.identity.federation.saml.v2.SAML2Object; -import org.picketlink.identity.federation.saml.v2.protocol.LogoutRequestType; -import org.picketlink.identity.federation.saml.v2.protocol.ObjectFactory; -import org.picketlink.identity.federation.saml.v2.protocol.RequestAbstractType; -import org.picketlink.identity.federation.saml.v2.protocol.ResponseType; -import org.picketlink.identity.federation.saml.v2.protocol.StatusCodeType; -import org.picketlink.identity.federation.saml.v2.protocol.StatusResponseType; -import org.picketlink.identity.federation.saml.v2.protocol.StatusType; +import org.picketlink.identity.federation.core.util.NetworkUtil; +import org.picketlink.identity.federation.newmodel.saml.v2.protocol.LogoutRequestType; +import org.picketlink.identity.federation.newmodel.saml.v2.protocol.ResponseType; +import org.picketlink.identity.federation.newmodel.saml.v2.protocol.StatusCodeType; +import org.picketlink.identity.federation.newmodel.saml.v2.protocol.StatusResponseType; +import org.picketlink.identity.federation.newmodel.saml.v2.protocol.StatusType; +import org.picketlink.identity.federation.saml.v2.SAML2Object; import org.picketlink.identity.federation.web.constants.GeneralConstants; import org.picketlink.identity.federation.web.core.HTTPContext; import org.picketlink.identity.federation.web.core.IdentityServer; @@ -64,9 +63,7 @@ private IDPLogOutHandler idp = new IDPLogOutHandler(); private SPLogOutHandler sp = new SPLogOutHandler(); - - private ObjectFactory objectFactory = new ObjectFactory(); - + /** * @see SAML2Handler#generateSAMLRequest(SAML2HandlerRequest, SAML2HandlerResponse) */ @@ -287,7 +284,7 @@ long assertionValidity = (Long) request.getOptions().get(GeneralConstants.ASSERTIONS_VALIDITY); lort.setNotOnOrAfter(XMLTimeUtil.add(lort.getIssueInstant(), assertionValidity)); - lort.setDestination(participant); + lort.setDestination( NetworkUtil.createURI( participant )); response.setResultingDocument(saml2Request.convert(lort)); response.setSendRequest(true); @@ -328,16 +325,16 @@ String originalIssuer) throws ConfigurationException, ParserConfigurationException, ProcessingException { - StatusResponseType statusResponse = objectFactory.createStatusResponseType(); + StatusResponseType statusResponse = new StatusResponseType(); //Status - StatusType statusType = objectFactory.createStatusType(); - StatusCodeType statusCodeType = objectFactory.createStatusCodeType(); - statusCodeType.setValue(JBossSAMLURIConstants.STATUS_RESPONDER.get()); + StatusType statusType = new StatusType(); + StatusCodeType statusCodeType = new StatusCodeType(); + statusCodeType.setValue( NetworkUtil.createURI( JBossSAMLURIConstants.STATUS_RESPONDER.get() )); //2nd level status code - StatusCodeType status2ndLevel = objectFactory.createStatusCodeType(); - status2ndLevel.setValue(JBossSAMLURIConstants.STATUS_SUCCESS.get()); + StatusCodeType status2ndLevel = new StatusCodeType(); + status2ndLevel.setValue( NetworkUtil.createURI( JBossSAMLURIConstants.STATUS_SUCCESS.get() )); statusCodeType.setStatusCode(status2ndLevel); statusType.setStatusCode(statusCodeType); @@ -445,16 +442,16 @@ session.invalidate(); //Invalidate the current session at the SP //Generate a Logout Response - StatusResponseType statusResponse = objectFactory.createStatusResponseType(); + StatusResponseType statusResponse = new StatusResponseType(); //Status - StatusType statusType = objectFactory.createStatusType(); - StatusCodeType statusCodeType = objectFactory.createStatusCodeType(); - statusCodeType.setValue(JBossSAMLURIConstants.STATUS_RESPONDER.get()); + StatusType statusType = new StatusType(); + StatusCodeType statusCodeType = new StatusCodeType(); + statusCodeType.setValue( NetworkUtil.createURI( JBossSAMLURIConstants.STATUS_RESPONDER.get() )); //2nd level status code - StatusCodeType status2ndLevel = objectFactory.createStatusCodeType(); - status2ndLevel.setValue(JBossSAMLURIConstants.STATUS_SUCCESS.get()); + StatusCodeType status2ndLevel = new StatusCodeType(); + status2ndLevel.setValue( NetworkUtil.createURI( JBossSAMLURIConstants.STATUS_SUCCESS.get() )); statusCodeType.setStatusCode(status2ndLevel); statusType.setStatusCode(statusCodeType); Modified: federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/web/servlets/saml/SOAPSAMLXACMLServlet.java =================================================================== --- federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/web/servlets/saml/SOAPSAMLXACMLServlet.java 2010-11-30 16:06:20 UTC (rev 569) +++ federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/web/servlets/saml/SOAPSAMLXACMLServlet.java 2010-11-30 16:07:32 UTC (rev 570) @@ -51,14 +51,11 @@ import org.picketlink.identity.federation.core.saml.v2.util.SOAPSAMLXACMLUtil; import org.picketlink.identity.federation.core.saml.v2.util.XMLTimeUtil; import org.picketlink.identity.federation.core.util.JAXBUtil; +import org.picketlink.identity.federation.newmodel.saml.v2.profiles.xacml.protocol.XACMLAuthzDecisionQueryType; +import org.picketlink.identity.federation.newmodel.saml.v2.protocol.RequestAbstractType; import org.picketlink.identity.federation.org.xmlsoap.schemas.soap.envelope.Body; import org.picketlink.identity.federation.org.xmlsoap.schemas.soap.envelope.Envelope; -import org.picketlink.identity.federation.org.xmlsoap.schemas.soap.envelope.Fault; -import org.picketlink.identity.federation.saml.v2.assertion.AssertionType; -import org.picketlink.identity.federation.saml.v2.assertion.StatementAbstractType; -import org.picketlink.identity.federation.saml.v2.profiles.xacml.assertion.XACMLAuthzDecisionStatementType; -import org.picketlink.identity.federation.saml.v2.profiles.xacml.protocol.XACMLAuthzDecisionQueryType; -import org.picketlink.identity.federation.saml.v2.protocol.RequestAbstractType; +import org.picketlink.identity.federation.org.xmlsoap.schemas.soap.envelope.Fault; import org.jboss.security.xacml.core.JBossPDP; import org.jboss.security.xacml.core.JBossRequestContext; import org.jboss.security.xacml.core.model.context.RequestType; @@ -145,7 +142,8 @@ @Override protected void service(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException { - JAXBElement<RequestAbstractType> jaxbRequestType = null; + throw new RuntimeException( "FIX" ); + /*JAXBElement<RequestAbstractType> jaxbRequestType = null; Envelope envelope = null; XACMLAuthzDecisionQueryType xacmlRequest = null; @@ -256,7 +254,7 @@ { log("marshalling exception",e); } - } + } */ } private PolicyDecisionPoint getPDP() throws PrivilegedActionException Modified: federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/web/util/IDPWebRequestUtil.java =================================================================== --- federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/web/util/IDPWebRequestUtil.java 2010-11-30 16:06:20 UTC (rev 569) +++ federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/web/util/IDPWebRequestUtil.java 2010-11-30 16:07:32 UTC (rev 570) @@ -38,7 +38,6 @@ import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; -import javax.xml.bind.JAXBException; import javax.xml.crypto.dsig.CanonicalizationMethod; import org.apache.log4j.Logger; @@ -63,12 +62,11 @@ import org.picketlink.identity.federation.core.saml.v2.holders.SPInfoHolder; import org.picketlink.identity.federation.core.saml.v2.util.DocumentUtil; import org.picketlink.identity.federation.core.saml.v2.util.StatementUtil; -import org.picketlink.identity.federation.saml.v2.assertion.AssertionType; -import org.picketlink.identity.federation.saml.v2.assertion.AttributeStatementType; -import org.picketlink.identity.federation.saml.v2.protocol.RequestAbstractType; -import org.picketlink.identity.federation.saml.v2.protocol.ResponseType; +import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AssertionType; +import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AttributeStatementType; +import org.picketlink.identity.federation.newmodel.saml.v2.protocol.RequestAbstractType; +import org.picketlink.identity.federation.newmodel.saml.v2.protocol.ResponseType; import org.w3c.dom.Document; -import org.xml.sax.SAXException; /** * Request Util @@ -220,10 +218,10 @@ responseType = saml2Response.createResponseType(id, sp, idp, issuerHolder); //Add information on the roles - AssertionType assertion = (AssertionType) responseType.getAssertionOrEncryptedAssertion().get(0); + AssertionType assertion = (AssertionType) responseType.getAssertions().get(0).getAssertion(); AttributeStatementType attrStatement = StatementUtil.createAttributeStatement(roles); - assertion.getStatementOrAuthnStatementOrAuthzDecisionStatement().add(attrStatement); + assertion.addStatement( attrStatement ); //Add timed conditions saml2Response.createTimedConditions(assertion, assertionValidity); @@ -236,7 +234,7 @@ Map<String, Object> attribs = attributeManager.getAttributes(userPrincipal, this.attribKeys); AttributeStatementType attStatement = StatementUtil.createAttributeStatement(attribs); - assertion.getStatementOrAuthnStatementOrAuthzDecisionStatement().add(attStatement); + assertion.addStatement( attStatement ); } catch(Exception e) { @@ -252,14 +250,10 @@ { saml2Response.marshall(responseType, sw); } - catch (JAXBException e) + catch ( ProcessingException e) { log.trace(e); - } - catch (SAXException e) - { - log.trace(e); - } + } log.trace("Response="+sw.toString()); } @@ -546,14 +540,10 @@ { saml2Response.marshall(responseType, sw); } - catch (JAXBException e) + catch ( ProcessingException e) { log.trace(e); - } - catch (SAXException e) - { - log.trace(e); - } + } log.trace("Response="+sw.toString()); } Modified: federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/web/util/RedirectBindingSignatureUtil.java =================================================================== --- federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/web/util/RedirectBindingSignatureUtil.java 2010-11-30 16:06:20 UTC (rev 569) +++ federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/web/util/RedirectBindingSignatureUtil.java 2010-11-30 16:07:32 UTC (rev 570) @@ -35,10 +35,13 @@ import org.picketlink.identity.federation.api.saml.v2.request.SAML2Request; import org.picketlink.identity.federation.api.saml.v2.response.SAML2Response; +import org.picketlink.identity.federation.core.exceptions.ConfigurationException; +import org.picketlink.identity.federation.core.exceptions.ParsingException; +import org.picketlink.identity.federation.core.exceptions.ProcessingException; import org.picketlink.identity.federation.core.saml.v2.util.DocumentUtil; -import org.picketlink.identity.federation.core.saml.v2.util.SignatureUtil; -import org.picketlink.identity.federation.saml.v2.protocol.AuthnRequestType; -import org.picketlink.identity.federation.saml.v2.protocol.ResponseType; +import org.picketlink.identity.federation.core.saml.v2.util.SignatureUtil; +import org.picketlink.identity.federation.newmodel.saml.v2.protocol.AuthnRequestType; +import org.picketlink.identity.federation.newmodel.saml.v2.protocol.ResponseType; import org.picketlink.identity.federation.web.constants.GeneralConstants; import org.w3c.dom.Document; import org.xml.sax.SAXException; @@ -152,13 +155,14 @@ /** * From the SAML Request URL, get the Request object * @param signedURL - * @return + * @return * @throws IOException - * @throws SAXException - * @throws JAXBException + * @throws ParsingException + * @throws ProcessingException + * @throws ConfigurationException */ public static AuthnRequestType getRequestFromSignedURL(String signedURL) - throws JAXBException, SAXException, IOException + throws ConfigurationException, ProcessingException, ParsingException, IOException { String samlRequestTokenValue = getTokenValue(signedURL, "SAMLRequest"); Modified: federation/trunk/picketlink-web/src/test/java/org/picketlink/test/identity/federation/web/saml/handlers/SAML2SignatureHandlerUnitTestCase.java =================================================================== --- federation/trunk/picketlink-web/src/test/java/org/picketlink/test/identity/federation/web/saml/handlers/SAML2SignatureHandlerUnitTestCase.java 2010-11-30 16:06:20 UTC (rev 569) +++ federation/trunk/picketlink-web/src/test/java/org/picketlink/test/identity/federation/web/saml/handlers/SAML2SignatureHandlerUnitTestCase.java 2010-11-30 16:07:32 UTC (rev 570) @@ -42,8 +42,8 @@ import org.picketlink.identity.federation.core.saml.v2.interfaces.SAML2HandlerConfig; import org.picketlink.identity.federation.core.saml.v2.interfaces.SAML2HandlerRequest; import org.picketlink.identity.federation.core.saml.v2.interfaces.SAML2HandlerResponse; -import org.picketlink.identity.federation.core.saml.v2.interfaces.SAML2HandlerRequest.GENERATE_REQUEST_TYPE; -import org.picketlink.identity.federation.saml.v2.protocol.AuthnRequestType; +import org.picketlink.identity.federation.core.saml.v2.interfaces.SAML2HandlerRequest.GENERATE_REQUEST_TYPE; +import org.picketlink.identity.federation.newmodel.saml.v2.protocol.AuthnRequestType; import org.picketlink.identity.federation.web.constants.GeneralConstants; import org.picketlink.identity.federation.web.core.HTTPContext; import org.picketlink.identity.federation.web.handlers.saml2.SAML2AuthenticationHandler; Modified: federation/trunk/picketlink-web/src/test/java/org/picketlink/test/identity/federation/web/workflow/saml2/SAML2LogoutWorkflowUnitTestCase.java =================================================================== --- federation/trunk/picketlink-web/src/test/java/org/picketlink/test/identity/federation/web/workflow/saml2/SAML2LogoutWorkflowUnitTestCase.java 2010-11-30 16:06:20 UTC (rev 569) +++ federation/trunk/picketlink-web/src/test/java/org/picketlink/test/identity/federation/web/workflow/saml2/SAML2LogoutWorkflowUnitTestCase.java 2010-11-30 16:07:32 UTC (rev 570) @@ -39,8 +39,8 @@ import org.picketlink.identity.federation.api.saml.v2.request.SAML2Request; import org.picketlink.identity.federation.core.saml.v2.util.DocumentUtil; import org.picketlink.identity.federation.core.util.Base64; -import org.picketlink.identity.federation.saml.v2.SAML2Object; -import org.picketlink.identity.federation.saml.v2.protocol.LogoutRequestType; +import org.picketlink.identity.federation.newmodel.saml.v2.protocol.LogoutRequestType; +import org.picketlink.identity.federation.saml.v2.SAML2Object; import org.picketlink.identity.federation.web.constants.GeneralConstants; import org.picketlink.identity.federation.web.core.IdentityServer; import org.picketlink.identity.federation.web.filters.SPFilter; Modified: federation/trunk/picketlink-web/src/test/java/org/picketlink/test/identity/federation/web/workflow/saml2/SAML2PostWorkflowUnitTestCase.java =================================================================== --- federation/trunk/picketlink-web/src/test/java/org/picketlink/test/identity/federation/web/workflow/saml2/SAML2PostWorkflowUnitTestCase.java 2010-11-30 16:06:20 UTC (rev 569) +++ federation/trunk/picketlink-web/src/test/java/org/picketlink/test/identity/federation/web/workflow/saml2/SAML2PostWorkflowUnitTestCase.java 2010-11-30 16:07:32 UTC (rev 570) @@ -36,9 +36,9 @@ import org.picketlink.identity.federation.api.saml.v2.response.SAML2Response; import org.picketlink.identity.federation.core.saml.v2.common.IDGenerator; import org.picketlink.identity.federation.core.saml.v2.util.DocumentUtil; -import org.picketlink.identity.federation.core.util.Base64; -import org.picketlink.identity.federation.saml.v2.protocol.AuthnRequestType; -import org.picketlink.identity.federation.saml.v2.protocol.ResponseType; +import org.picketlink.identity.federation.core.util.Base64; +import org.picketlink.identity.federation.newmodel.saml.v2.protocol.AuthnRequestType; +import org.picketlink.identity.federation.newmodel.saml.v2.protocol.ResponseType; import org.picketlink.identity.federation.web.constants.GeneralConstants; import org.picketlink.identity.federation.web.core.IdentityServer; import org.picketlink.identity.federation.web.filters.SPFilter;

14 years

1
0
0 / 0

Picketlink SVN: r569 - in federation/trunk/picketlink-fed-core/src: main/java/org/picketlink/identity/federation/core/parsers/saml and 19 other directories.

by picketlink-commits＠lists.jboss.org

Author: anil.saldhana(a)jboss.com Date: 2010-11-30 11:06:20 -0500 (Tue, 30 Nov 2010) New Revision: 569 Added: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/util/NetworkUtil.java federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/writers/WSTrustRSTWriter.java Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/factories/XACMLContextFactory.java federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLAssertionParser.java federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLAuthNRequestParser.java federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLRequestAbstractParser.java federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLSloRequestParser.java federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLSubjectParser.java federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/util/SAMLParserUtil.java federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/common/StatementLocal.java federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/constants/JBossSAMLConstants.java federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/factories/JBossSAMLAuthnRequestFactory.java federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/factories/JBossSAMLAuthnResponseFactory.java federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/factories/JBossSAMLBaseFactory.java federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/factories/SAMLAssertionFactory.java federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/holders/IssuerInfoHolder.java federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/impl/DefaultSAML2HandlerRequest.java federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/interfaces/SAML2HandlerRequest.java federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/util/AssertionUtil.java federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/util/JAXBElementMappingUtil.java federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/util/SOAPSAMLXACMLUtil.java federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/util/StatementUtil.java federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/BaseWriter.java federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/SAMLAssertionWriter.java federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/SAMLRequestWriter.java federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/SAMLResponseWriter.java federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/util/StaxUtil.java federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/StandardRequestHandler.java federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/plugins/saml/SAML20TokenAttributeProvider.java federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/plugins/saml/SAML20TokenProvider.java federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/plugins/saml/SAMLUtil.java federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/writers/WSPolicyWriter.java federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/writers/WSTrustRequestWriter.java federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/writers/WSTrustResponseWriter.java federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/identity/federation/core/wstrust/auth/Util.java federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/saml/SAMLAssertionParserTestCase.java federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/saml/SAMLAuthnRequestParserTestCase.java federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/saml/SAMLResponseParserTestCase.java federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/saml/SAMLSloRequestParserTestCase.java federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/saml/SAMLSloResponseParserTestCase.java federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/wst/WSTResponseAssertionHOKCertificateTestCase.java federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/saml/v2/X500AttributeUnitTestCase.java federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/saml/v2/util/AssertionUtilUnitTestCase.java federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/wstrust/PicketLinkSTSUnitTestCase.java federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/wstrust/SAML20TokenProviderUnitTestCase.java Log: updated saml object model Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/factories/XACMLContextFactory.java =================================================================== --- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/factories/XACMLContextFactory.java 2010-11-30 16:03:56 UTC (rev 568) +++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/factories/XACMLContextFactory.java 2010-11-30 16:06:20 UTC (rev 569) @@ -21,11 +21,9 @@ */ package org.picketlink.identity.federation.core.factories; -import org.picketlink.identity.federation.core.saml.v2.util.SOAPSAMLXACMLUtil; -import org.picketlink.identity.federation.saml.v2.profiles.xacml.assertion.XACMLAuthzDecisionStatementType; -import org.jboss.security.xacml.core.model.context.ObjectFactory; import org.jboss.security.xacml.core.model.context.RequestType; import org.jboss.security.xacml.core.model.context.ResponseType; +import org.picketlink.identity.federation.newmodel.saml.v2.profiles.xacml.assertion.XACMLAuthzDecisionStatementType; /** @@ -34,14 +32,7 @@ * @since Jul 30, 2009 */ public class XACMLContextFactory -{ - private static ObjectFactory _objectFactory = new ObjectFactory(); - - public static ObjectFactory getObjectFactory() - { - return _objectFactory; - } - +{ /** * Create an XACML Authorization Decision Statement Type * @param request @@ -51,7 +42,7 @@ public static XACMLAuthzDecisionStatementType createXACMLAuthzDecisionStatementType(RequestType request, ResponseType response) { - XACMLAuthzDecisionStatementType xacmlStatement = SOAPSAMLXACMLUtil.createXACMLAuthzDecisionStatementType(); + XACMLAuthzDecisionStatementType xacmlStatement = new XACMLAuthzDecisionStatementType(); xacmlStatement.setRequest(request); xacmlStatement.setResponse(response); return xacmlStatement; Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLAssertionParser.java =================================================================== --- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLAssertionParser.java 2010-11-30 16:03:56 UTC (rev 568) +++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLAssertionParser.java 2010-11-30 16:06:20 UTC (rev 569) @@ -21,6 +21,7 @@ */ package org.picketlink.identity.federation.core.parsers.saml; +import javax.xml.datatype.XMLGregorianCalendar; import javax.xml.namespace.QName; import javax.xml.stream.XMLEventReader; import javax.xml.stream.events.Attribute; @@ -34,13 +35,8 @@ import org.picketlink.identity.federation.core.parsers.util.StaxParserUtil; import org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLConstants; import org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLURIConstants; -import org.picketlink.identity.federation.core.saml.v2.util.XMLTimeUtil; -import org.picketlink.identity.federation.saml.v2.assertion.AssertionType; -import org.picketlink.identity.federation.saml.v2.assertion.AttributeStatementType; -import org.picketlink.identity.federation.saml.v2.assertion.AuthnStatementType; -import org.picketlink.identity.federation.saml.v2.assertion.ConditionsType; -import org.picketlink.identity.federation.saml.v2.assertion.NameIDType; -import org.picketlink.identity.federation.saml.v2.assertion.SubjectType; +import org.picketlink.identity.federation.core.saml.v2.util.XMLTimeUtil; +import org.picketlink.identity.federation.newmodel.saml.v2.assertion.*; /** * Parse the saml assertion @@ -121,12 +117,12 @@ else if( JBossSAMLConstants.AUTHN_STATEMENT.get().equalsIgnoreCase( tag ) ) { AuthnStatementType authnStatementType = SAMLParserUtil.parseAuthnStatement( xmlEventReader ); - assertion.getStatementOrAuthnStatementOrAuthzDecisionStatement().add( authnStatementType ); + assertion.addStatement(authnStatementType); } else if( JBossSAMLConstants.ATTRIBUTE_STATEMENT.get().equalsIgnoreCase( tag ) ) { - AttributeStatementType attributeStatementType = SAMLParserUtil.parseAttributeStatement( xmlEventReader ); - assertion.getStatementOrAuthnStatementOrAuthzDecisionStatement().add( attributeStatementType ); + AttributeStatementType attributeStatementType = SAMLParserUtil.parseAttributeStatement( xmlEventReader ); + assertion.addStatement(attributeStatementType); } else throw new RuntimeException( "SAMLAssertionParser:: unknown: " + tag ); } @@ -147,19 +143,15 @@ private AssertionType parseBaseAttributes( StartElement nextElement ) throws ParsingException { - AssertionType assertion = new AssertionType(); Attribute idAttribute = nextElement.getAttributeByName( new QName( JBossSAMLConstants.ID.get() ) ); - assertion.setID( StaxParserUtil.getAttributeValue( idAttribute )); + String id = StaxParserUtil.getAttributeValue( idAttribute ); Attribute versionAttribute = nextElement.getAttributeByName( new QName( JBossSAMLConstants.VERSION.get() )); - assertion.setVersion( StaxParserUtil.getAttributeValue(versionAttribute) ); + String version = StaxParserUtil.getAttributeValue(versionAttribute) ; Attribute issueInstantAttribute = nextElement.getAttributeByName( new QName( JBossSAMLConstants.ISSUE_INSTANT.get() )); - if( issueInstantAttribute != null ) - { - assertion.setIssueInstant( XMLTimeUtil.parse( StaxParserUtil.getAttributeValue(issueInstantAttribute ))); - } + XMLGregorianCalendar issueInstant = XMLTimeUtil.parse( StaxParserUtil.getAttributeValue(issueInstantAttribute )); - return assertion; + return new AssertionType( id, issueInstant, version ); } } \ No newline at end of file Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLAuthNRequestParser.java =================================================================== --- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLAuthNRequestParser.java 2010-11-30 16:03:56 UTC (rev 568) +++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLAuthNRequestParser.java 2010-11-30 16:06:20 UTC (rev 569) @@ -30,9 +30,10 @@ import org.picketlink.identity.federation.core.parsers.ParserNamespaceSupport; import org.picketlink.identity.federation.core.parsers.util.StaxParserUtil; import org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLConstants; -import org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLURIConstants; -import org.picketlink.identity.federation.saml.v2.protocol.AuthnRequestType; -import org.picketlink.identity.federation.saml.v2.protocol.NameIDPolicyType; +import org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLURIConstants; +import org.picketlink.identity.federation.core.util.NetworkUtil; +import org.picketlink.identity.federation.newmodel.saml.v2.protocol.AuthnRequestType; +import org.picketlink.identity.federation.newmodel.saml.v2.protocol.NameIDPolicyType; /** * Parse the SAML2 AuthnRequest @@ -93,7 +94,11 @@ Attribute assertionConsumerServiceURL = startElement.getAttributeByName( new QName( "AssertionConsumerServiceURL" )); if( assertionConsumerServiceURL != null ) - authnRequest.setAssertionConsumerServiceURL( StaxParserUtil.getAttributeValue( assertionConsumerServiceURL )); + { + String uri = StaxParserUtil.getAttributeValue( assertionConsumerServiceURL ); + authnRequest.setAssertionConsumerServiceURL( NetworkUtil.createURI(uri)); + } + Attribute assertionConsumerServiceIndex = startElement.getAttributeByName( new QName( "AssertionConsumerServiceIndex" )); if( assertionConsumerServiceIndex != null ) @@ -101,7 +106,7 @@ Attribute protocolBinding = startElement.getAttributeByName( new QName( "ProtocolBinding" )); if( protocolBinding != null ) - authnRequest.setProtocolBinding( StaxParserUtil.getAttributeValue( protocolBinding )); + authnRequest.setProtocolBinding( NetworkUtil.createURI( StaxParserUtil.getAttributeValue( protocolBinding ))); Attribute providerName = startElement.getAttributeByName( new QName( "ProviderName" )); if( providerName != null ) @@ -136,7 +141,7 @@ NameIDPolicyType nameIDPolicy = new NameIDPolicyType(); Attribute format = startElement.getAttributeByName( new QName( "Format" )); if( format != null ) - nameIDPolicy.setFormat( StaxParserUtil.getAttributeValue( format )); + nameIDPolicy.setFormat( NetworkUtil.createURI( StaxParserUtil.getAttributeValue( format ))); Attribute allowCreate = startElement.getAttributeByName( new QName( "AllowCreate" )); if( allowCreate != null ) Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLRequestAbstractParser.java =================================================================== --- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLRequestAbstractParser.java 2010-11-30 16:03:56 UTC (rev 568) +++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLRequestAbstractParser.java 2010-11-30 16:06:20 UTC (rev 569) @@ -29,9 +29,10 @@ import org.picketlink.identity.federation.core.exceptions.ParsingException; import org.picketlink.identity.federation.core.parsers.util.StaxParserUtil; import org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLConstants; -import org.picketlink.identity.federation.core.saml.v2.util.XMLTimeUtil; -import org.picketlink.identity.federation.saml.v2.assertion.NameIDType; -import org.picketlink.identity.federation.saml.v2.protocol.RequestAbstractType; +import org.picketlink.identity.federation.core.saml.v2.util.XMLTimeUtil; +import org.picketlink.identity.federation.core.util.NetworkUtil; +import org.picketlink.identity.federation.newmodel.saml.v2.assertion.NameIDType; +import org.picketlink.identity.federation.newmodel.saml.v2.protocol.RequestAbstractType; /** * Base Class for SAML Request Parsing @@ -65,7 +66,7 @@ Attribute destination = startElement.getAttributeByName( new QName( "Destination" )); if( destination != null ) - request.setDestination( StaxParserUtil.getAttributeValue( destination )); + request.setDestination( NetworkUtil.createURI( StaxParserUtil.getAttributeValue( destination ))); Attribute consent = startElement.getAttributeByName( new QName( "Consent" )); if( consent != null ) Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLSloRequestParser.java =================================================================== --- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLSloRequestParser.java 2010-11-30 16:03:56 UTC (rev 568) +++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLSloRequestParser.java 2010-11-30 16:06:20 UTC (rev 569) @@ -33,8 +33,8 @@ import org.picketlink.identity.federation.core.parsers.ParserNamespaceSupport; import org.picketlink.identity.federation.core.parsers.util.StaxParserUtil; import org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLConstants; -import org.picketlink.identity.federation.core.saml.v2.util.XMLTimeUtil; -import org.picketlink.identity.federation.saml.v2.protocol.LogoutRequestType; +import org.picketlink.identity.federation.core.saml.v2.util.XMLTimeUtil; +import org.picketlink.identity.federation.newmodel.saml.v2.protocol.LogoutRequestType; /** * Parse the Single Log Out requests Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLSubjectParser.java =================================================================== --- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLSubjectParser.java 2010-11-30 16:03:56 UTC (rev 568) +++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLSubjectParser.java 2010-11-30 16:06:20 UTC (rev 569) @@ -35,15 +35,13 @@ import org.picketlink.identity.federation.core.parsers.util.StaxParserUtil; import org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLConstants; import org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLURIConstants; -import org.picketlink.identity.federation.core.saml.v2.factories.SAMLAssertionFactory; import org.picketlink.identity.federation.core.saml.v2.util.XMLTimeUtil; import org.picketlink.identity.federation.core.wstrust.WSTrustConstants; -import org.picketlink.identity.federation.saml.v2.assertion.AttributeStatementType; -import org.picketlink.identity.federation.saml.v2.assertion.NameIDType; -import org.picketlink.identity.federation.saml.v2.assertion.ObjectFactory; -import org.picketlink.identity.federation.saml.v2.assertion.SubjectConfirmationDataType; -import org.picketlink.identity.federation.saml.v2.assertion.SubjectConfirmationType; -import org.picketlink.identity.federation.saml.v2.assertion.SubjectType; +import org.picketlink.identity.federation.newmodel.saml.v2.assertion.NameIDType; +import org.picketlink.identity.federation.newmodel.saml.v2.assertion.SubjectConfirmationDataType; +import org.picketlink.identity.federation.newmodel.saml.v2.assertion.SubjectConfirmationType; +import org.picketlink.identity.federation.newmodel.saml.v2.assertion.SubjectType; +import org.picketlink.identity.federation.newmodel.saml.v2.assertion.SubjectType.STSubType; import org.picketlink.identity.xmlsec.w3.xmldsig.KeyInfoType; import org.picketlink.identity.xmlsec.w3.xmldsig.X509DataType; @@ -53,9 +51,7 @@ * @since Oct 12, 2010 */ public class SAMLSubjectParser implements ParserNamespaceSupport -{ - private ObjectFactory objectFactory = new ObjectFactory(); - +{ /** * @see {@link ParserNamespaceSupport#parse(XMLEventReader)} */ @@ -85,8 +81,9 @@ if( JBossSAMLConstants.NAMEID.get().equalsIgnoreCase( tag ) ) { NameIDType nameID = SAMLParserUtil.parseNameIDType(xmlEventReader); - JAXBElement<NameIDType> jaxbNameID = objectFactory.createNameID( nameID ); - subject.getContent().add( jaxbNameID ); + STSubType subType = new STSubType(); + subType.addBaseID(nameID); + subject.setSubType( subType ); } else if( JBossSAMLConstants.SUBJECT_CONFIRMATION.get().equalsIgnoreCase( tag ) ) { @@ -114,8 +111,7 @@ } } - JAXBElement<SubjectConfirmationType> jaxbSubjectConf = objectFactory.createSubjectConfirmation( subjectConfirmationType ); - subject.getContent().add(jaxbSubjectConf); + subject.addConfirmation(subjectConfirmationType); //Get the end tag EndElement endElement = (EndElement) StaxParserUtil.getNextEvent(xmlEventReader); @@ -123,9 +119,10 @@ } else if( JBossSAMLConstants.ATTRIBUTE_STATEMENT.get().equals( tag )) { - AttributeStatementType attributeStatement = SAMLParserUtil.parseAttributeStatement(xmlEventReader); + throw new RuntimeException( "NYI" ); + /*AttributeStatementType attributeStatement = SAMLParserUtil.parseAttributeStatement(xmlEventReader); JAXBElement<?> jaxbEl = SAMLAssertionFactory.getObjectFactory().createAttributeStatement(attributeStatement); - subject.getContent().add( jaxbEl ); + subject.getContent().add( jaxbEl );*/ } else throw new RuntimeException( "Unknown tag:" + tag ); } @@ -143,8 +140,7 @@ return nsURI.equals( JBossSAMLURIConstants.ASSERTION_NSURI.get() ) && localPart.equals( JBossSAMLConstants.SUBJECT.get() ); } - - @SuppressWarnings({"unchecked", "rawtypes"}) + private SubjectConfirmationDataType parseSubjectConfirmationData( XMLEventReader xmlEventReader ) throws ParsingException { StartElement startElement = StaxParserUtil.getNextStartElement(xmlEventReader); @@ -189,11 +185,8 @@ String tag = StaxParserUtil.getStartElementName(startElement); if( tag.equals( WSTrustConstants.XMLDSig.KEYINFO )) { - KeyInfoType keyInfo = parseKeyInfo(xmlEventReader); - QName qname = new QName( WSTrustConstants.XMLDSig.DSIG_NS, WSTrustConstants.XMLDSig.KEYINFO, - WSTrustConstants.XMLDSig.DSIG_PREFIX ); - JAXBElement<?> jaxb = new JAXBElement(qname, KeyInfoType.class, keyInfo ); - subjectConfirmationData.getContent().add( jaxb ); + KeyInfoType keyInfo = parseKeyInfo(xmlEventReader); + subjectConfirmationData.setAnyType(keyInfo); } } Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/util/SAMLParserUtil.java =================================================================== --- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/util/SAMLParserUtil.java 2010-11-30 16:03:56 UTC (rev 568) +++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/util/SAMLParserUtil.java 2010-11-30 16:06:20 UTC (rev 569) @@ -21,7 +21,7 @@ */ package org.picketlink.identity.federation.core.parsers.util; -import javax.xml.bind.JAXBElement; +import javax.xml.datatype.XMLGregorianCalendar; import javax.xml.namespace.QName; import javax.xml.stream.XMLEventReader; import javax.xml.stream.events.Attribute; @@ -31,13 +31,16 @@ import org.picketlink.identity.federation.core.exceptions.ParsingException; import org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLConstants; import org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLURIConstants; -import org.picketlink.identity.federation.core.saml.v2.factories.SAMLAssertionFactory; import org.picketlink.identity.federation.core.saml.v2.util.XMLTimeUtil; -import org.picketlink.identity.federation.saml.v2.assertion.AttributeStatementType; -import org.picketlink.identity.federation.saml.v2.assertion.AttributeType; -import org.picketlink.identity.federation.saml.v2.assertion.AuthnContextType; -import org.picketlink.identity.federation.saml.v2.assertion.AuthnStatementType; -import org.picketlink.identity.federation.saml.v2.assertion.NameIDType; +import org.picketlink.identity.federation.core.util.NetworkUtil; +import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AttributeStatementType; +import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AttributeStatementType.ASTChoiceType; +import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AttributeType; +import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AuthnContextClassRefType; +import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AuthnContextDeclType; +import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AuthnContextType; +import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AuthnStatementType; +import org.picketlink.identity.federation.newmodel.saml.v2.assertion.NameIDType; /** * Utility methods for SAML Parser @@ -68,7 +71,7 @@ if( JBossSAMLConstants.ATTRIBUTE.get().equals( tag ) ) { AttributeType attribute = parseAttribute(xmlEventReader); - attributeStatementType.getAttributeOrEncryptedAttribute().add( attribute ); + attributeStatementType.addAttribute( new ASTChoiceType( attribute )); } else throw new RuntimeException( "Unknown tag:" + tag ); } @@ -165,7 +168,6 @@ */ public static AuthnStatementType parseAuthnStatement( XMLEventReader xmlEventReader ) throws ParsingException { - AuthnStatementType authnStatementType = new AuthnStatementType(); StartElement startElement = StaxParserUtil.getNextStartElement(xmlEventReader); String AUTHNSTATEMENT = JBossSAMLConstants.AUTHN_STATEMENT.get(); @@ -174,7 +176,9 @@ Attribute authnInstant = startElement.getAttributeByName( new QName( "AuthnInstant" )); if( authnInstant == null ) throw new RuntimeException( "Required attribute AuthnInstant in " + AUTHNSTATEMENT ); - authnStatementType.setAuthnInstant( XMLTimeUtil.parse( StaxParserUtil.getAttributeValue( authnInstant ))); + + XMLGregorianCalendar issueInstant = XMLTimeUtil.parse( StaxParserUtil.getAttributeValue( authnInstant )); + AuthnStatementType authnStatementType = new AuthnStatementType( issueInstant ); Attribute sessionIndex = startElement.getAttributeByName( new QName( "SessionIndex" )); if( sessionIndex != null ) @@ -216,8 +220,8 @@ { String text = StaxParserUtil.getElementText( xmlEventReader ); - JAXBElement<?> acDeclRef = SAMLAssertionFactory.getObjectFactory().createAuthnContextDeclRef( text ); - authnContextType.getContent().add(acDeclRef); + AuthnContextDeclType aAuthnContextDeclType = new AuthnContextDeclType( NetworkUtil.createURI(text)); + authnContextType.addURIType(aAuthnContextDeclType); EndElement endElement = StaxParserUtil.getNextEndElement(xmlEventReader); StaxParserUtil.validate(endElement, JBossSAMLConstants.AUTHN_CONTEXT.get() ); } @@ -225,8 +229,8 @@ { String text = StaxParserUtil.getElementText( xmlEventReader ); - JAXBElement<?> acDeclRef = SAMLAssertionFactory.getObjectFactory().createAuthnContextClassRef(text ); - authnContextType.getContent().add(acDeclRef); + AuthnContextClassRefType aAuthnContextClassRefType = new AuthnContextClassRefType( NetworkUtil.createURI(text)); + authnContextType.addURIType( aAuthnContextClassRefType ); EndElement endElement = StaxParserUtil.getNextEndElement(xmlEventReader); StaxParserUtil.validate(endElement, JBossSAMLConstants.AUTHN_CONTEXT.get() ); } @@ -256,7 +260,7 @@ Attribute format = nameIDElement.getAttributeByName( new QName( JBossSAMLConstants.FORMAT.get() )); if( format != null ) { - nameID.setFormat( StaxParserUtil.getAttributeValue( format )); + nameID.setFormat( NetworkUtil.createURI( StaxParserUtil.getAttributeValue( format )) ); } Attribute spProvidedID = nameIDElement.getAttributeByName( new QName( JBossSAMLConstants.SP_PROVIDED_ID.get() )); Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/common/StatementLocal.java =================================================================== --- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/common/StatementLocal.java 2010-11-30 16:03:56 UTC (rev 568) +++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/common/StatementLocal.java 2010-11-30 16:06:20 UTC (rev 569) @@ -21,9 +21,9 @@ */ package org.picketlink.identity.federation.core.saml.v2.common; -import java.util.List; +import java.util.Set; -import org.picketlink.identity.federation.saml.v2.assertion.StatementAbstractType; +import org.picketlink.identity.federation.newmodel.saml.v2.assertion.StatementAbstractType; /** * Thread Local holding the statements @@ -33,6 +33,6 @@ */ public class StatementLocal { - public static ThreadLocal<List<StatementAbstractType>> statements - = new InheritableThreadLocal<List<StatementAbstractType>>(); + public static ThreadLocal<Set<StatementAbstractType>> statements + = new InheritableThreadLocal<Set<StatementAbstractType>>(); } \ No newline at end of file Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/constants/JBossSAMLConstants.java =================================================================== --- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/constants/JBossSAMLConstants.java 2010-11-30 16:03:56 UTC (rev 568) +++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/constants/JBossSAMLConstants.java 2010-11-30 16:06:20 UTC (rev 569) @@ -38,7 +38,9 @@ AUDIENCE( "Audience" ), AUDIENCE_RESTRICTION( "AudienceRestriction" ), AUTHN_CONTEXT( "AuthnContext" ), + AUTHENTICATING_AUTHORITY( "AuthenticatingAuthority" ), AUTHN_CONTEXT_CLASS_REF( "AuthnContextClassRef" ), + AUTHN_CONTEXT_DECLARATION( "AuthnContextDecl" ), AUTHN_CONTEXT_DECLARATION_REF( "AuthnContextDeclRef" ), AUTHN_INSTANT( "AuthnInstant" ), AUTHN_REQUEST( "AuthnRequest" ), Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/factories/JBossSAMLAuthnRequestFactory.java =================================================================== --- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/factories/JBossSAMLAuthnRequestFactory.java 2010-11-30 16:03:56 UTC (rev 568) +++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/factories/JBossSAMLAuthnRequestFactory.java 2010-11-30 16:06:20 UTC (rev 569) @@ -21,7 +21,6 @@ */ package org.picketlink.identity.federation.core.saml.v2.factories; -import javax.xml.bind.JAXBElement; import javax.xml.bind.JAXBException; import javax.xml.bind.Marshaller; import javax.xml.bind.Unmarshaller; @@ -31,8 +30,9 @@ import org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLConstants; import org.picketlink.identity.federation.core.saml.v2.util.XMLTimeUtil; import org.picketlink.identity.federation.core.util.JAXBUtil; -import org.picketlink.identity.federation.saml.v2.assertion.NameIDType; -import org.picketlink.identity.federation.saml.v2.protocol.AuthnRequestType; +import org.picketlink.identity.federation.core.util.NetworkUtil; +import org.picketlink.identity.federation.newmodel.saml.v2.assertion.NameIDType; +import org.picketlink.identity.federation.newmodel.saml.v2.protocol.AuthnRequestType; import org.xml.sax.SAXException; /** @@ -46,16 +46,6 @@ private static String schemaLocation = "schema/saml/v2/saml-schema-protocol-2.0.xsd"; /** - * Create a AuthnRequestType - * @return - */ - public static AuthnRequestType createAuthnRequestType() - { - AuthnRequestType authnRequestType = SAMLProtocolFactory.getObjectFactory().createAuthnRequestType(); - return authnRequestType; - } - - /** * Create an AuthnRequestType * @param id Id of the request * @param assertionConsumerURL URL of the requestor where the response assertion is requested @@ -68,32 +58,21 @@ { XMLGregorianCalendar issueInstant = XMLTimeUtil.getIssueInstant(); - AuthnRequestType authnRequest = SAMLProtocolFactory.getObjectFactory().createAuthnRequestType(); + AuthnRequestType authnRequest = new AuthnRequestType(); authnRequest.setID(id); authnRequest.setVersion(JBossSAMLConstants.VERSION_2_0.get()); - authnRequest.setAssertionConsumerServiceURL(assertionConsumerURL); - authnRequest.setProtocolBinding(JBossSAMLConstants.HTTP_POST_BINDING.get()); - authnRequest.setDestination(destination); + authnRequest.setAssertionConsumerServiceURL( NetworkUtil.createURI( assertionConsumerURL )); + authnRequest.setProtocolBinding( NetworkUtil.createURI( JBossSAMLConstants.HTTP_POST_BINDING.get() )); + authnRequest.setDestination( NetworkUtil.createURI( destination )); authnRequest.setIssueInstant(issueInstant); //Create an issuer - NameIDType issuer = JBossSAMLBaseFactory.createNameID(); + NameIDType issuer = new NameIDType(); issuer.setValue(issuerValue); authnRequest.setIssuer(issuer); - return authnRequest; - - } - - /** - * Create a JAXBElement for the AuthnRequestType - * @param authnRequestType - * @return - */ - public static JAXBElement<AuthnRequestType> createAuthnRequestType(AuthnRequestType authnRequestType) - { - return SAMLProtocolFactory.getObjectFactory().createAuthnRequest(authnRequestType); + return authnRequest; } /** Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/factories/JBossSAMLAuthnResponseFactory.java =================================================================== --- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/factories/JBossSAMLAuthnResponseFactory.java 2010-11-30 16:03:56 UTC (rev 568) +++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/factories/JBossSAMLAuthnResponseFactory.java 2010-11-30 16:06:20 UTC (rev 569) @@ -21,7 +21,8 @@ */ package org.picketlink.identity.federation.core.saml.v2.factories; -import javax.xml.bind.JAXBElement; +import java.util.List; + import javax.xml.bind.JAXBException; import javax.xml.bind.Marshaller; import javax.xml.bind.Unmarshaller; @@ -33,14 +34,18 @@ import org.picketlink.identity.federation.core.saml.v2.holders.SPInfoHolder; import org.picketlink.identity.federation.core.saml.v2.util.XMLTimeUtil; import org.picketlink.identity.federation.core.util.JAXBUtil; -import org.picketlink.identity.federation.saml.v2.assertion.AssertionType; -import org.picketlink.identity.federation.saml.v2.assertion.NameIDType; -import org.picketlink.identity.federation.saml.v2.assertion.SubjectConfirmationDataType; -import org.picketlink.identity.federation.saml.v2.assertion.SubjectConfirmationType; -import org.picketlink.identity.federation.saml.v2.assertion.SubjectType; -import org.picketlink.identity.federation.saml.v2.protocol.ResponseType; -import org.picketlink.identity.federation.saml.v2.protocol.StatusCodeType; -import org.picketlink.identity.federation.saml.v2.protocol.StatusType; +import org.picketlink.identity.federation.core.util.NetworkUtil; +import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AssertionType; +import org.picketlink.identity.federation.newmodel.saml.v2.assertion.ConditionsType; +import org.picketlink.identity.federation.newmodel.saml.v2.assertion.NameIDType; +import org.picketlink.identity.federation.newmodel.saml.v2.assertion.StatementAbstractType; +import org.picketlink.identity.federation.newmodel.saml.v2.assertion.SubjectConfirmationDataType; +import org.picketlink.identity.federation.newmodel.saml.v2.assertion.SubjectConfirmationType; +import org.picketlink.identity.federation.newmodel.saml.v2.assertion.SubjectType; +import org.picketlink.identity.federation.newmodel.saml.v2.protocol.ResponseType; +import org.picketlink.identity.federation.newmodel.saml.v2.protocol.ResponseType.RTChoiceType; +import org.picketlink.identity.federation.newmodel.saml.v2.protocol.StatusCodeType; +import org.picketlink.identity.federation.newmodel.saml.v2.protocol.StatusType; import org.xml.sax.SAXException; /** @@ -60,10 +65,10 @@ */ public static StatusType createStatusType(String statusCodeURI) { - StatusCodeType sct = SAMLProtocolFactory.getObjectFactory().createStatusCodeType(); - sct.setValue(statusCodeURI); + StatusCodeType sct = new StatusCodeType(); + sct.setValue( NetworkUtil.createURI( statusCodeURI )); - StatusType statusType = SAMLProtocolFactory.getObjectFactory().createStatusType(); + StatusType statusType = new StatusType(); statusType.setStatusCode(sct); return statusType; } @@ -74,7 +79,7 @@ */ public static ResponseType createResponseType() { - return SAMLProtocolFactory.getObjectFactory().createResponseType(); + return new ResponseType(); } /** @@ -94,40 +99,36 @@ XMLGregorianCalendar issueInstant = XMLTimeUtil.getIssueInstant(); //Create an assertion - AssertionType assertionType = JBossSAMLBaseFactory.createAssertion(); - assertionType.setID("ID_" + JBossSAMLBaseFactory.createUUID()); - assertionType.setVersion(issuerInfo.getSamlVersion()); - assertionType.setIssueInstant(issueInstant); + String id = "ID_" + JBossSAMLBaseFactory.createUUID(); - assertionType.setIssuer(issuerInfo.getIssuer()); - //Create assertion -> subject - SubjectType subjectType = JBossSAMLBaseFactory.createSubject(); + SubjectType subjectType = new SubjectType(); //subject -> nameid - NameIDType nameIDType = JBossSAMLBaseFactory.createNameID(); - nameIDType.setFormat(idp.getNameIDFormat()); + NameIDType nameIDType = new NameIDType(); + nameIDType.setFormat( NetworkUtil.createURI( idp.getNameIDFormat() )); nameIDType.setValue(idp.getNameIDFormatValue()); - JAXBElement<NameIDType> jaxbNameIDType = JBossSAMLBaseFactory.createNameID(nameIDType); - subjectType.getContent().add(jaxbNameIDType); + SubjectType.STSubType subType = new SubjectType.STSubType(); + subType.addBaseID(nameIDType); - SubjectConfirmationType subjectConfirmation = - JBossSAMLBaseFactory.createSubjectConfirmation(idp.getSubjectConfirmationMethod()); - SubjectConfirmationDataType subjectConfirmationData = - JBossSAMLBaseFactory.createSubjectConfirmationData(sp.getRequestID(), - responseDestinationURI, issueInstant); - subjectConfirmationData.setRecipient(sp.getResponseDestinationURI()); + SubjectConfirmationType subjectConfirmation = new SubjectConfirmationType(); + subjectConfirmation.setMethod( idp.getSubjectConfirmationMethod()); + SubjectConfirmationDataType subjectConfirmationData = new SubjectConfirmationDataType(); + subjectConfirmationData.setInResponseTo( sp.getRequestID() ); + subjectConfirmationData.setRecipient( responseDestinationURI ); + subjectConfirmationData.setNotBefore(issueInstant); + subjectConfirmationData.setNotOnOrAfter(issueInstant); + subjectConfirmation.setSubjectConfirmationData(subjectConfirmationData); + + subjectType.addConfirmation(subjectConfirmation); - JAXBElement<SubjectConfirmationType> jaxbSubjectConfirmationType = - JBossSAMLBaseFactory.createSubjectConfirmation(subjectConfirmation); + AssertionType assertionType = SAMLAssertionFactory.createAssertion(id, + nameIDType , issueInstant, (ConditionsType) null, subjectType, (List<StatementAbstractType>)null ); - subjectType.getContent().add(jaxbSubjectConfirmationType); - assertionType.setSubject(subjectType); - ResponseType responseType = createResponseType(ID, issuerInfo, assertionType); //InResponseTo ID responseType.setInResponseTo(sp.getRequestID()); @@ -148,7 +149,7 @@ public static ResponseType createResponseType(String ID, IssuerInfoHolder issuerInfo, AssertionType assertionType) throws ConfigurationException { - ResponseType responseType = SAMLProtocolFactory.getObjectFactory().createResponseType(); + ResponseType responseType = new ResponseType(); responseType.setVersion(issuerInfo.getSamlVersion()); //ID @@ -168,11 +169,9 @@ XMLGregorianCalendar issueInstant = XMLTimeUtil.getIssueInstant(); //IssueInstant - responseType.setIssueInstant(issueInstant); - if(assertionType.getIssueInstant() == null) - assertionType.setIssueInstant(issueInstant); - - responseType.getAssertionOrEncryptedAssertion().add(assertionType); + responseType.setIssueInstant(issueInstant); + + responseType.addAssertion( new RTChoiceType( assertionType )); return responseType; } Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/factories/JBossSAMLBaseFactory.java =================================================================== --- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/factories/JBossSAMLBaseFactory.java 2010-11-30 16:03:56 UTC (rev 568) +++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/factories/JBossSAMLBaseFactory.java 2010-11-30 16:06:20 UTC (rev 569) @@ -22,18 +22,15 @@ package org.picketlink.identity.federation.core.saml.v2.factories; -import javax.xml.bind.JAXBElement; import javax.xml.datatype.XMLGregorianCalendar; import org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLURIConstants; -import org.picketlink.identity.federation.saml.v2.assertion.AssertionType; -import org.picketlink.identity.federation.saml.v2.assertion.AttributeStatementType; -import org.picketlink.identity.federation.saml.v2.assertion.AttributeType; -import org.picketlink.identity.federation.saml.v2.assertion.NameIDType; -import org.picketlink.identity.federation.saml.v2.assertion.ObjectFactory; -import org.picketlink.identity.federation.saml.v2.assertion.SubjectConfirmationDataType; -import org.picketlink.identity.federation.saml.v2.assertion.SubjectConfirmationType; -import org.picketlink.identity.federation.saml.v2.assertion.SubjectType; +import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AttributeStatementType; +import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AttributeStatementType.ASTChoiceType; +import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AttributeType; +import org.picketlink.identity.federation.newmodel.saml.v2.assertion.NameIDType; +import org.picketlink.identity.federation.newmodel.saml.v2.assertion.SubjectConfirmationDataType; +import org.picketlink.identity.federation.newmodel.saml.v2.assertion.SubjectConfirmationType; /** * Base methods for the factories @@ -41,25 +38,14 @@ * @since Dec 9, 2008 */ public class JBossSAMLBaseFactory -{ - private static ObjectFactory assertionObjectFactory = new ObjectFactory(); - +{ /** - * Create a plain assertion type - * @return - */ - public static AssertionType createAssertion() - { - return assertionObjectFactory.createAssertionType(); - } - - /** * Create an empty attribute statement * @return */ public static AttributeStatementType createAttributeStatement() { - return assertionObjectFactory.createAttributeStatementType(); + return new AttributeStatementType(); } /** @@ -69,13 +55,13 @@ */ public static AttributeType createAttributeForRole(String roleName) { - AttributeType att = assertionObjectFactory.createAttributeType(); + AttributeType att = new AttributeType(); att.setFriendlyName("role"); att.setName("role"); att.setNameFormat(JBossSAMLURIConstants.ATTRIBUTE_FORMAT_BASIC.get()); //rolename - att.getAttributeValue().add(roleName); + att.addAttributeValue( roleName ); return att; } @@ -87,67 +73,27 @@ */ public static AttributeStatementType createAttributeStatement(String attributeValue) { - AttributeStatementType attribStatement = assertionObjectFactory.createAttributeStatementType(); - AttributeType att = assertionObjectFactory.createAttributeType(); - JAXBElement<Object> attValue = assertionObjectFactory.createAttributeValue(attributeValue); - att.getAttributeValue().add(attValue); - attribStatement.getAttributeOrEncryptedAttribute().add(att); + AttributeStatementType attribStatement = new AttributeStatementType(); + AttributeType att = new AttributeType(); + att.addAttributeValue(attributeValue); + + attribStatement.addAttribute( new ASTChoiceType( att )); return attribStatement; } /** - * Create an empty name id - * @return - */ - public static NameIDType createNameID() - { - return assertionObjectFactory.createNameIDType(); - } - - /** - * Create the JAXBElement type of nameid - * @param nameIDType - * @return - */ - public static JAXBElement<NameIDType> createNameID(NameIDType nameIDType) - { - return assertionObjectFactory.createNameID(nameIDType); - } - - /** - * Create an empty subject - * @return - */ - public static SubjectType createSubject() - { - SubjectType subjectType = assertionObjectFactory.createSubjectType(); - return subjectType; - } - - /** * Create a Subject confirmation type given the method * @param method * @return */ public static SubjectConfirmationType createSubjectConfirmation(String method) { - SubjectConfirmationType sct = assertionObjectFactory.createSubjectConfirmationType(); + SubjectConfirmationType sct = new SubjectConfirmationType(); sct.setMethod(method); return sct; } /** - * Create a JAXBElement for subject confirmtation type - * @param sct - * @return - */ - - public static JAXBElement<SubjectConfirmationType> createSubjectConfirmation(SubjectConfirmationType sct) - { - return assertionObjectFactory.createSubjectConfirmation(sct); - } - - /** * Create a Subject Confirmation * @param inResponseTo * @param destinationURI @@ -157,7 +103,7 @@ public static SubjectConfirmationDataType createSubjectConfirmationData(String inResponseTo, String destinationURI, XMLGregorianCalendar issueInstant) { - SubjectConfirmationDataType subjectConfirmationData = assertionObjectFactory.createSubjectConfirmationDataType(); + SubjectConfirmationDataType subjectConfirmationData = new SubjectConfirmationDataType(); subjectConfirmationData.setInResponseTo(inResponseTo); subjectConfirmationData.setRecipient(destinationURI); subjectConfirmationData.setNotBefore(issueInstant); @@ -174,24 +120,16 @@ { return java.util.UUID.randomUUID().toString(); } + /** - * Get the Object Factory - * @return - */ - public static ObjectFactory getObjectFactory() - { - return assertionObjectFactory; - } - - /** * Return the NameIDType for the issuer * @param issuerID * @return */ public static NameIDType getIssuer(String issuerID) { - NameIDType nid = assertionObjectFactory.createNameIDType(); + NameIDType nid = new NameIDType(); nid.setValue(issuerID); return nid; } Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/factories/SAMLAssertionFactory.java =================================================================== --- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/factories/SAMLAssertionFactory.java 2010-11-30 16:03:56 UTC (rev 568) +++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/factories/SAMLAssertionFactory.java 2010-11-30 16:06:20 UTC (rev 569) @@ -21,39 +21,31 @@ */ package org.picketlink.identity.federation.core.saml.v2.factories; -import java.util.Arrays; import java.util.List; import javax.xml.datatype.XMLGregorianCalendar; import org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLConstants; -import org.picketlink.identity.federation.saml.v2.assertion.AssertionType; -import org.picketlink.identity.federation.saml.v2.assertion.AudienceRestrictionType; -import org.picketlink.identity.federation.saml.v2.assertion.ConditionAbstractType; -import org.picketlink.identity.federation.saml.v2.assertion.ConditionsType; -import org.picketlink.identity.federation.saml.v2.assertion.KeyInfoConfirmationDataType; -import org.picketlink.identity.federation.saml.v2.assertion.NameIDType; -import org.picketlink.identity.federation.saml.v2.assertion.ObjectFactory; -import org.picketlink.identity.federation.saml.v2.assertion.StatementAbstractType; -import org.picketlink.identity.federation.saml.v2.assertion.SubjectConfirmationType; -import org.picketlink.identity.federation.saml.v2.assertion.SubjectType; +import org.picketlink.identity.federation.core.util.NetworkUtil; +import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AssertionType; +import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AudienceRestrictionType; +import org.picketlink.identity.federation.newmodel.saml.v2.assertion.ConditionAbstractType; +import org.picketlink.identity.federation.newmodel.saml.v2.assertion.ConditionsType; +import org.picketlink.identity.federation.newmodel.saml.v2.assertion.KeyInfoConfirmationDataType; +import org.picketlink.identity.federation.newmodel.saml.v2.assertion.NameIDType; +import org.picketlink.identity.federation.newmodel.saml.v2.assertion.StatementAbstractType; +import org.picketlink.identity.federation.newmodel.saml.v2.assertion.SubjectConfirmationType; +import org.picketlink.identity.federation.newmodel.saml.v2.assertion.SubjectType; import org.picketlink.identity.xmlsec.w3.xmldsig.KeyInfoType; /** - * Get the SAML Assertion Object Factory + * Deal with {@code AssertionType} * * @author Anil.Saldhana(a)redhat.com * @since Jan 28, 2009 */ public class SAMLAssertionFactory -{ - private static ObjectFactory factory = new ObjectFactory(); - - public static ObjectFactory getObjectFactory() - { - return factory; - } - +{ /** * * Creates an {@code AudienceRestrictionType} with the specified values. @@ -65,8 +57,13 @@ public static AudienceRestrictionType createAudienceRestriction(String... values) { AudienceRestrictionType audienceRestriction = new AudienceRestrictionType(); - if (values != null) - audienceRestriction.getAudience().addAll(Arrays.asList(values)); + if ( values != null ) + { + for( String val: values ) + { + audienceRestriction.addAudience( NetworkUtil.createURI( val ) ); + } + } return audienceRestriction; } @@ -83,7 +80,7 @@ public static NameIDType createNameID(String format, String qualifier, String value) { NameIDType nameID = new NameIDType(); - nameID.setFormat(format); + nameID.setFormat( NetworkUtil.createURI( format )); nameID.setNameQualifier(qualifier); nameID.setValue(value); return nameID; @@ -105,8 +102,14 @@ ConditionsType conditions = new ConditionsType(); conditions.setNotBefore(notBefore); conditions.setNotOnOrAfter(notOnOrAfter); - if (restrictions != null) - conditions.getConditionOrAudienceRestrictionOrOneTimeUse().addAll(Arrays.asList(restrictions)); + if ( restrictions != null ) + { + for( ConditionAbstractType condition : restrictions ) + { + conditions.addCondition(condition); + } + + } return conditions; } @@ -120,8 +123,8 @@ */ public static KeyInfoConfirmationDataType createKeyInfoConfirmation(KeyInfoType keyInfo) { - KeyInfoConfirmationDataType type = getObjectFactory().createKeyInfoConfirmationDataType(); - type.getContent().add(new org.picketlink.identity.xmlsec.w3.xmldsig.ObjectFactory().createKeyInfo(keyInfo)); + KeyInfoConfirmationDataType type = new KeyInfoConfirmationDataType(); + type.setAnyType( keyInfo ); return type; } @@ -157,12 +160,13 @@ */ public static SubjectType createSubject(NameIDType nameID, SubjectConfirmationType confirmation) { - SubjectType subject = new SubjectType(); - ObjectFactory factory = getObjectFactory(); + SubjectType subject = new SubjectType(); if (nameID != null) - subject.getContent().add(factory.createNameID(nameID)); - if (confirmation != null) - subject.getContent().add(factory.createSubjectConfirmation(confirmation)); + { + SubjectType.STSubType subType = new SubjectType.STSubType(); + subType.addConfirmation(confirmation); + subType.addBaseID(nameID); + } return subject; } @@ -183,18 +187,20 @@ public static AssertionType createAssertion(String id, NameIDType issuerID, XMLGregorianCalendar issueInstant, ConditionsType conditions, SubjectType subject, List<StatementAbstractType> statements) { - AssertionType assertion = new AssertionType(); - assertion.setID(id); - assertion.setIssuer(issuerID); - assertion.setIssueInstant(issueInstant); + AssertionType assertion = new AssertionType( id, issueInstant, JBossSAMLConstants.VERSION_2_0.get() ); + assertion.setIssuer(issuerID); if(conditions != null) assertion.setConditions(conditions); if(subject != null) assertion.setSubject(subject); - assertion.setVersion(JBossSAMLConstants.VERSION_2_0.get()); - if (statements != null) - assertion.getStatementOrAuthnStatementOrAuthzDecisionStatement().addAll(statements); + if ( statements != null ) + { + for( StatementAbstractType statement: statements ) + { + assertion.addStatement(statement); + } + } return assertion; } } \ No newline at end of file Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/holders/IssuerInfoHolder.java =================================================================== --- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/holders/IssuerInfoHolder.java 2010-11-30 16:03:56 UTC (rev 568) +++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/holders/IssuerInfoHolder.java 2010-11-30 16:06:20 UTC (rev 569) @@ -23,8 +23,7 @@ import org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLConstants; import org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLURIConstants; -import org.picketlink.identity.federation.saml.v2.assertion.NameIDType; -import org.picketlink.identity.federation.saml.v2.assertion.ObjectFactory; +import org.picketlink.identity.federation.newmodel.saml.v2.assertion.NameIDType; /** * Holds info about the issuer for saml messages creation @@ -50,9 +49,8 @@ public IssuerInfoHolder(String issuerAsString) { if(issuerAsString == null) - throw new IllegalArgumentException("issuerAsString is null"); - ObjectFactory assertionObjectFactory = new ObjectFactory(); - issuer = assertionObjectFactory.createNameIDType(); + throw new IllegalArgumentException("issuerAsString is null"); + issuer = new NameIDType(); issuer.setValue(issuerAsString); } Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/impl/DefaultSAML2HandlerRequest.java =================================================================== --- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/impl/DefaultSAML2HandlerRequest.java 2010-11-30 16:03:56 UTC (rev 568) +++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/impl/DefaultSAML2HandlerRequest.java 2010-11-30 16:06:20 UTC (rev 569) @@ -30,7 +30,7 @@ import org.picketlink.identity.federation.core.saml.v2.interfaces.SAML2HandlerRequest; import org.picketlink.identity.federation.core.saml.v2.interfaces.SAML2Handler.HANDLER_TYPE; import org.picketlink.identity.federation.saml.v2.SAML2Object; -import org.picketlink.identity.federation.saml.v2.assertion.NameIDType; +import org.picketlink.identity.federation.newmodel.saml.v2.assertion.NameIDType; import org.w3c.dom.Document; /** Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/interfaces/SAML2HandlerRequest.java =================================================================== --- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/interfaces/SAML2HandlerRequest.java 2010-11-30 16:03:56 UTC (rev 568) +++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/interfaces/SAML2HandlerRequest.java 2010-11-30 16:06:20 UTC (rev 569) @@ -24,8 +24,8 @@ import java.util.Map; import org.picketlink.identity.federation.core.interfaces.ProtocolContext; -import org.picketlink.identity.federation.saml.v2.SAML2Object; -import org.picketlink.identity.federation.saml.v2.assertion.NameIDType; +import org.picketlink.identity.federation.newmodel.saml.v2.assertion.NameIDType; +import org.picketlink.identity.federation.saml.v2.SAML2Object; import org.w3c.dom.Document; /** Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/util/AssertionUtil.java =================================================================== --- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/util/AssertionUtil.java 2010-11-30 16:03:56 UTC (rev 568) +++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/util/AssertionUtil.java 2010-11-30 16:06:20 UTC (rev 569) @@ -27,13 +27,10 @@ import org.picketlink.identity.federation.core.exceptions.ConfigurationException; import org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLConstants; import org.picketlink.identity.federation.core.saml.v2.exceptions.IssueInstantMissingException; -import org.picketlink.identity.federation.core.saml.v2.factories.JBossSAMLBaseFactory; -import org.picketlink.identity.federation.core.saml.v2.factories.SAMLAssertionFactory; -import org.picketlink.identity.federation.saml.v2.assertion.AssertionType; -import org.picketlink.identity.federation.saml.v2.assertion.AttributeType; -import org.picketlink.identity.federation.saml.v2.assertion.ConditionsType; -import org.picketlink.identity.federation.saml.v2.assertion.NameIDType; -import org.picketlink.identity.federation.saml.v2.assertion.ObjectFactory; +import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AssertionType; +import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AttributeType; +import org.picketlink.identity.federation.newmodel.saml.v2.assertion.ConditionsType; +import org.picketlink.identity.federation.newmodel.saml.v2.assertion.NameIDType; /** * Utility to deal with assertions @@ -53,10 +50,17 @@ */ public static AssertionType createAssertion(String id, NameIDType issuer) { - AssertionType assertion = SAMLAssertionFactory.getObjectFactory().createAssertionType(); - assertion.setID(id); - assertion.setVersion(JBossSAMLConstants.VERSION_2_0.get()); - assertion.setIssuer(issuer); + XMLGregorianCalendar issueInstant = null; + try + { + issueInstant = XMLTimeUtil.getIssueInstant(); + } + catch (ConfigurationException e) + { + throw new RuntimeException( e ); + } + AssertionType assertion = new AssertionType( id, issueInstant, JBossSAMLConstants.VERSION_2_0.get() ); + assertion.setIssuer( issuer ); return assertion; } @@ -69,16 +73,15 @@ */ public static AttributeType createAttribute(String name, String nameFormat, Object... attributeValues) - { - ObjectFactory of = SAMLAssertionFactory.getObjectFactory(); - AttributeType att = of.createAttributeType(); + { + AttributeType att = new AttributeType(); att.setName(name); att.setNameFormat(nameFormat); if(attributeValues != null && attributeValues.length > 0) { for(Object attributeValue:attributeValues) { - att.getAttributeValue().add(of.createAttributeValue(attributeValue)); + att.addAttributeValue(attributeValue); } } @@ -99,7 +102,7 @@ if(issueInstant == null) throw new IssueInstantMissingException("assertion does not have issue instant"); XMLGregorianCalendar assertionValidityLength = XMLTimeUtil.add(issueInstant, durationInMilis); - ConditionsType conditionsType = JBossSAMLBaseFactory.getObjectFactory().createConditionsType(); + ConditionsType conditionsType = new ConditionsType(); conditionsType.setNotBefore(issueInstant); conditionsType.setNotOnOrAfter(assertionValidityLength); Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/util/JAXBElementMappingUtil.java =================================================================== --- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/util/JAXBElementMappingUtil.java 2010-11-30 16:03:56 UTC (rev 568) +++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/util/JAXBElementMappingUtil.java 2010-11-30 16:06:20 UTC (rev 569) @@ -97,7 +97,8 @@ */ public static JAXBElement<?> get(EncryptedElementType encryptedAssertion) { - return SAMLAssertionFactory.getObjectFactory().createEncryptedAssertion(encryptedAssertion); + throw new RuntimeException( "NYI" ); + //return SAMLAssertionFactory.getObjectFactory().createEncryptedAssertion(encryptedAssertion); } /** Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/util/SOAPSAMLXACMLUtil.java =================================================================== --- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/util/SOAPSAMLXACMLUtil.java 2010-11-30 16:03:56 UTC (rev 568) +++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/util/SOAPSAMLXACMLUtil.java 2010-11-30 16:06:20 UTC (rev 569) @@ -33,9 +33,8 @@ import org.picketlink.identity.federation.core.exceptions.ConfigurationException; import org.picketlink.identity.federation.core.exceptions.ProcessingException; import org.picketlink.identity.federation.core.util.JAXBUtil; -import org.picketlink.identity.federation.saml.v2.profiles.xacml.assertion.ObjectFactory; -import org.picketlink.identity.federation.saml.v2.profiles.xacml.assertion.XACMLAuthzDecisionStatementType; -import org.picketlink.identity.federation.saml.v2.profiles.xacml.protocol.XACMLAuthzDecisionQueryType; +import org.picketlink.identity.federation.newmodel.saml.v2.profiles.xacml.protocol.XACMLAuthzDecisionQueryType; +import org.picketlink.identity.federation.saml.v2.profiles.xacml.assertion.ObjectFactory; import org.w3c.dom.Element; /** @@ -84,26 +83,6 @@ return (XACMLAuthzDecisionQueryType)xacmlObject; } - public static XACMLAuthzDecisionQueryType createXACMLAuthzDecisionQueryType() - { - return queryTypeObjectFactory.createXACMLAuthzDecisionQueryType(); - } - - public static XACMLAuthzDecisionStatementType createXACMLAuthzDecisionStatementType() - { - return statementObjectFactory.createXACMLAuthzDecisionStatementType(); - } - - public static JAXBElement<XACMLAuthzDecisionQueryType> getJAXB(XACMLAuthzDecisionQueryType queryType) - { - return queryTypeObjectFactory.createXACMLAuthzDecisionQuery(queryType); - } - - public static JAXBElement<XACMLAuthzDecisionStatementType> getJAXB(XACMLAuthzDecisionStatementType stmtType) - { - return statementObjectFactory.createXACMLAuthzDecisionStatement(stmtType); - } - public static Marshaller getMarshaller() throws JAXBException { return JAXBUtil.getMarshaller(getPackage()); Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/util/StatementUtil.java =================================================================== --- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/util/StatementUtil.java 2010-11-30 16:03:56 UTC (rev 568) +++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/util/StatementUtil.java 2010-11-30 16:06:20 UTC (rev 569) @@ -31,10 +31,9 @@ import org.picketlink.identity.federation.core.constants.AttributeConstants; import org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLURIConstants; import org.picketlink.identity.federation.core.saml.v2.constants.X500SAMLProfileConstants; -import org.picketlink.identity.federation.core.saml.v2.factories.JBossSAMLBaseFactory; -import org.picketlink.identity.federation.saml.v2.assertion.AttributeStatementType; -import org.picketlink.identity.federation.saml.v2.assertion.AttributeType; -import org.picketlink.identity.federation.saml.v2.assertion.ObjectFactory; +import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AttributeStatementType; +import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AttributeStatementType.ASTChoiceType; +import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AttributeType; /** * Deals with SAML2 Statements @@ -43,10 +42,8 @@ */ public class StatementUtil { - public static final QName X500_QNAME = new QName(JBossSAMLURIConstants.X500_NSURI.get(), "Encoding"); + public static final QName X500_QNAME = new QName(JBossSAMLURIConstants.X500_NSURI.get(), "Encoding"); - private static ObjectFactory factory = new ObjectFactory(); - /** * Create an attribute statement with all the attributes * @param attributes a map with keys from {@link AttributeConstants} @@ -64,7 +61,7 @@ if (i == 0) { //Deal with the X500 Profile of SAML2 - attrStatement = JBossSAMLBaseFactory.createAttributeStatement(); + attrStatement = new AttributeStatementType(); i++; } @@ -77,8 +74,9 @@ Collection<?> roles = (Collection<?>) value; for (Object role : roles) { - AttributeType roleAttr = JBossSAMLBaseFactory.createAttributeForRole((String) role); - attrStatement.getAttributeOrEncryptedAttribute().add(factory.createAttribute(roleAttr)); + AttributeType roleAttr = new AttributeType(); + roleAttr.addAttributeValue(role); + attrStatement.addAttribute( new ASTChoiceType( roleAttr )); } } } @@ -108,8 +106,8 @@ att.setFriendlyName(X500SAMLProfileConstants.TELEPHONE.getFriendlyName()); att.setName(X500SAMLProfileConstants.TELEPHONE.get()); } - att.getAttributeValue().add(value); - attrStatement.getAttributeOrEncryptedAttribute().add(att); + att.addAttributeValue( value ); + attrStatement.addAttribute( new ASTChoiceType( att )); } } return attrStatement; @@ -122,18 +120,19 @@ */ public static AttributeStatementType createAttributeStatement(List<String> roles) { - AttributeStatementType attrStatement = JBossSAMLBaseFactory.createAttributeStatement(); + AttributeStatementType attrStatement = new AttributeStatementType(); for (String role : roles) { - AttributeType attr = JBossSAMLBaseFactory.createAttributeForRole(role); - attrStatement.getAttributeOrEncryptedAttribute().add(attr); + AttributeType attr = new AttributeType(); + attr.addAttributeValue( role ); + attrStatement.addAttribute( new ASTChoiceType( attr )); } return attrStatement; } private static AttributeType getX500Attribute() { - AttributeType att = factory.createAttributeType(); + AttributeType att = new AttributeType(); att.getOtherAttributes().put(X500_QNAME, "LDAP"); att.setNameFormat(JBossSAMLURIConstants.ATTRIBUTE_FORMAT_URI.get()); Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/BaseWriter.java =================================================================== --- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/BaseWriter.java 2010-11-30 16:03:56 UTC (rev 568) +++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/BaseWriter.java 2010-11-30 16:06:20 UTC (rev 569) @@ -21,14 +21,16 @@ */ package org.picketlink.identity.federation.core.saml.v2.writers; +import java.net.URI; + import javax.xml.namespace.QName; import javax.xml.stream.XMLStreamWriter; import org.picketlink.identity.federation.core.exceptions.ProcessingException; import org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLConstants; import org.picketlink.identity.federation.core.util.StaxUtil; -import org.picketlink.identity.federation.core.util.StringUtil; -import org.picketlink.identity.federation.saml.v2.assertion.NameIDType; +import org.picketlink.identity.federation.core.util.StringUtil; +import org.picketlink.identity.federation.newmodel.saml.v2.assertion.NameIDType; /** * Base Class for the Stax writers for SAML @@ -58,11 +60,11 @@ { StaxUtil.writeStartElement( writer, tag.getPrefix(), tag.getLocalPart() , tag.getNamespaceURI() ); - String format = nameIDType.getFormat(); - if( StringUtil.isNotNull( format )) + URI format = nameIDType.getFormat(); + if( format != null ) { - StaxUtil.writeAttribute( writer, JBossSAMLConstants.FORMAT.get(), format ); - } + StaxUtil.writeAttribute( writer, JBossSAMLConstants.FORMAT.get(), format.toASCIIString() ); + } String spProvidedID = nameIDType.getSPProvidedID(); if( StringUtil.isNotNull( spProvidedID )) Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/SAMLAssertionWriter.java =================================================================== --- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/SAMLAssertionWriter.java 2010-11-30 16:03:56 UTC (rev 568) +++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/SAMLAssertionWriter.java 2010-11-30 16:06:20 UTC (rev 569) @@ -23,12 +23,13 @@ import static org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLURIConstants.ASSERTION_NSURI; +import java.net.URI; import java.util.ArrayList; import java.util.Iterator; import java.util.List; import java.util.Map; +import java.util.Set; -import javax.xml.bind.JAXBElement; import javax.xml.datatype.XMLGregorianCalendar; import javax.xml.namespace.QName; import javax.xml.stream.XMLStreamWriter; @@ -38,17 +39,25 @@ import org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLURIConstants; import org.picketlink.identity.federation.core.util.StaxUtil; import org.picketlink.identity.federation.core.util.StringUtil; -import org.picketlink.identity.federation.saml.v2.assertion.AssertionType; -import org.picketlink.identity.federation.saml.v2.assertion.AttributeStatementType; -import org.picketlink.identity.federation.saml.v2.assertion.AttributeType; -import org.picketlink.identity.federation.saml.v2.assertion.AuthnContextType; -import org.picketlink.identity.federation.saml.v2.assertion.AuthnStatementType; -import org.picketlink.identity.federation.saml.v2.assertion.BaseIDAbstractType; -import org.picketlink.identity.federation.saml.v2.assertion.NameIDType; -import org.picketlink.identity.federation.saml.v2.assertion.StatementAbstractType; -import org.picketlink.identity.federation.saml.v2.assertion.SubjectConfirmationDataType; -import org.picketlink.identity.federation.saml.v2.assertion.SubjectConfirmationType; -import org.picketlink.identity.federation.saml.v2.assertion.SubjectType; +import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AssertionType; +import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AttributeStatementType; +import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AttributeStatementType.ASTChoiceType; +import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AttributeType; +import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AuthnContextClassRefType; +import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AuthnContextDeclRefType; +import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AuthnContextDeclType; +import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AuthnContextType; +import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AuthnContextType.AuthnContextTypeSequence; +import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AuthnStatementType; +import org.picketlink.identity.federation.newmodel.saml.v2.assertion.BaseIDAbstractType; +import org.picketlink.identity.federation.newmodel.saml.v2.assertion.EncryptedElementType; +import org.picketlink.identity.federation.newmodel.saml.v2.assertion.NameIDType; +import org.picketlink.identity.federation.newmodel.saml.v2.assertion.StatementAbstractType; +import org.picketlink.identity.federation.newmodel.saml.v2.assertion.SubjectConfirmationDataType; +import org.picketlink.identity.federation.newmodel.saml.v2.assertion.SubjectConfirmationType; +import org.picketlink.identity.federation.newmodel.saml.v2.assertion.SubjectType; +import org.picketlink.identity.federation.newmodel.saml.v2.assertion.SubjectType.STSubType; +import org.picketlink.identity.federation.newmodel.saml.v2.assertion.URIType; /** * Write the SAML Assertion to stream @@ -90,7 +99,7 @@ //TODO: conditions and advice - List<StatementAbstractType> statements = assertion.getStatementOrAuthnStatementOrAuthzDecisionStatement(); + Set<StatementAbstractType> statements = assertion.getStatements(); if( statements != null ) { for( StatementAbstractType statement: statements ) @@ -127,16 +136,19 @@ { StaxUtil.writeStartElement( writer, ASSERTION_PREFIX, JBossSAMLConstants.ATTRIBUTE_STATEMENT.get() , ASSERTION_NSURI.get() ); - List<Object> attributes = statement.getAttributeOrEncryptedAttribute(); + List<ASTChoiceType> attributes = statement.getAttributes(); if( attributes != null ) { - for( Object attr : attributes ) + for( ASTChoiceType attr : attributes ) { - if( attr instanceof AttributeType ) + AttributeType attributeType = attr.getAttribute(); + if( attributeType != null ) { - AttributeType attributeType = (AttributeType) attr; write( attributeType ); } + EncryptedElementType encType = attr.getEncryptedAssertion(); + if( encType != null ) + throw new RuntimeException( "unable to write as it is NYI" ); } } @@ -179,32 +191,52 @@ { StaxUtil.writeStartElement( writer, ASSERTION_PREFIX, JBossSAMLConstants.AUTHN_CONTEXT.get() , ASSERTION_NSURI.get() ); - List< JAXBElement<?> > subList = authContext.getContent(); - if( subList != null ) + AuthnContextTypeSequence sequence = authContext.getSequence(); + if( sequence != null ) { - for( JAXBElement<?> el: subList ) + AuthnContextClassRefType authnContextClassRefType = sequence.getClassRef(); + if( authnContextClassRefType != null ) { - QName elName = el.getName(); - if( elName.getLocalPart().equals( JBossSAMLConstants.AUTHN_CONTEXT_DECLARATION_REF.get() )) + StaxUtil.writeStartElement( writer, ASSERTION_PREFIX, JBossSAMLConstants.AUTHN_CONTEXT_CLASS_REF.get() , + ASSERTION_NSURI.get() ); + StaxUtil.writeCharacters( writer, authnContextClassRefType.getValue().toASCIIString() ); + StaxUtil.writeEndElement( writer); + } + + Set<URIType> uriTypes = sequence.getURIType(); + if( uriTypes != null ) + { + for( URIType uriType: uriTypes ) { - String decl = (String) el.getValue(); - StaxUtil.writeStartElement( writer, ASSERTION_PREFIX, JBossSAMLConstants.AUTHN_CONTEXT_DECLARATION_REF.get() , - ASSERTION_NSURI.get() ); - StaxUtil.writeCharacters( writer, decl ); - StaxUtil.writeEndElement( writer); - } - else if( elName.getLocalPart().equals( JBossSAMLConstants.AUTHN_CONTEXT_CLASS_REF.get() )) - { - String decl = (String) el.getValue(); - StaxUtil.writeStartElement( writer, ASSERTION_PREFIX, JBossSAMLConstants.AUTHN_CONTEXT_CLASS_REF.get() , - ASSERTION_NSURI.get() ); - StaxUtil.writeCharacters( writer, decl ); - StaxUtil.writeEndElement( writer); - } - else - throw new RuntimeException( "Unsupported :" + elName ); + if( uriType instanceof AuthnContextDeclType ) + { + StaxUtil.writeStartElement( writer, ASSERTION_PREFIX, JBossSAMLConstants.AUTHN_CONTEXT_DECLARATION.get() , + ASSERTION_NSURI.get() ); + StaxUtil.writeCharacters( writer, uriType.getValue().toASCIIString() ); + StaxUtil.writeEndElement( writer); + } + if( uriType instanceof AuthnContextDeclRefType ) + { + StaxUtil.writeStartElement( writer, ASSERTION_PREFIX, JBossSAMLConstants.AUTHN_CONTEXT_DECLARATION_REF.get() , + ASSERTION_NSURI.get() ); + StaxUtil.writeCharacters( writer, uriType.getValue().toASCIIString() ); + StaxUtil.writeEndElement( writer); + } + } + } + } + + Set<URI> authAuthorities = authContext.getAuthenticatingAuthority(); + if( authAuthorities != null ) + { + for( URI aa: authAuthorities ) + { + StaxUtil.writeStartElement( writer, ASSERTION_PREFIX, JBossSAMLConstants.AUTHENTICATING_AUTHORITY.get() , + ASSERTION_NSURI.get() ); + StaxUtil.writeCharacters( writer, aa.toASCIIString() ); + StaxUtil.writeEndElement( writer); } - } + } StaxUtil.writeEndElement( writer); StaxUtil.flush( writer ); @@ -287,48 +319,38 @@ */ public void write( SubjectType subject ) throws ProcessingException { - StaxUtil.writeStartElement( writer, ASSERTION_PREFIX, JBossSAMLConstants.SUBJECT.get() , ASSERTION_NSURI.get() ); - List<JAXBElement<?>> contentList = subject.getContent(); - if( contentList != null ) + StaxUtil.writeStartElement( writer, ASSERTION_PREFIX, JBossSAMLConstants.SUBJECT.get() , ASSERTION_NSURI.get() ); + + STSubType subType = subject.getSubType(); + if( subType != null ) { - for( JAXBElement<?> jaxbEl: contentList ) + BaseIDAbstractType baseID = subType.getBaseID(); + if( baseID instanceof NameIDType ) { - Class<?> declaredType = jaxbEl.getDeclaredType(); - if( declaredType.equals( SubjectConfirmationType.class) ) + NameIDType nameIDType = (NameIDType) baseID; + write( nameIDType, new QName( ASSERTION_NSURI.get(), JBossSAMLConstants.NAMEID.get(), ASSERTION_PREFIX) ); + } + EncryptedElementType enc = subType.getEncryptedID(); + if( enc != null ) + throw new RuntimeException( "NYI" ); + List<SubjectConfirmationType> confirmations = subType.getConfirmation(); + if( confirmations != null ) + { + for( SubjectConfirmationType confirmation: confirmations ) { - SubjectConfirmationType subjectConfirmationType = (SubjectConfirmationType) jaxbEl.getValue(); - StaxUtil.writeStartElement( writer, ASSERTION_PREFIX, JBossSAMLConstants.SUBJECT_CONFIRMATION.get(), ASSERTION_NSURI.get() ); - - StaxUtil.writeAttribute(writer, JBossSAMLConstants.METHOD.get(), subjectConfirmationType.getMethod() ); - - BaseIDAbstractType baseID = subjectConfirmationType.getBaseID(); - if( baseID != null ) - { - write( baseID ); - } - NameIDType nameIDType = subjectConfirmationType.getNameID(); - if( nameIDType != null ) - { - write( nameIDType, new QName( ASSERTION_NSURI.get(), JBossSAMLConstants.NAMEID.get(), ASSERTION_PREFIX) ); - } - SubjectConfirmationDataType subjectConfirmationData = subjectConfirmationType.getSubjectConfirmationData(); - if( subjectConfirmationData != null ) - { - write( subjectConfirmationData ); - } - - - StaxUtil.writeEndElement( writer); + write( confirmation ); } - else if( declaredType.equals( NameIDType.class )) - { - NameIDType nameIDType = (NameIDType) jaxbEl.getValue(); - write( nameIDType, new QName( ASSERTION_NSURI.get(), JBossSAMLConstants.NAMEID.get(), ASSERTION_PREFIX) ); - } - else - throw new RuntimeException( "SAMLAssertionWriter: NYI: declared Type:" + declaredType.getName() ); } } + List<SubjectConfirmationType> subjectConfirmations = subject.getConfirmation(); + if( subjectConfirmations != null ) + { + for( SubjectConfirmationType subjectConfirmationType : subjectConfirmations ) + { + write( subjectConfirmationType ); + } + } + StaxUtil.writeEndElement( writer); StaxUtil.flush( writer ); @@ -339,6 +361,30 @@ throw new RuntimeException( "NYI"); } + private void write( SubjectConfirmationType subjectConfirmationType ) throws ProcessingException + { + StaxUtil.writeStartElement( writer, ASSERTION_PREFIX, JBossSAMLConstants.SUBJECT_CONFIRMATION.get(), ASSERTION_NSURI.get() ); + + StaxUtil.writeAttribute(writer, JBossSAMLConstants.METHOD.get(), subjectConfirmationType.getMethod() ); + + BaseIDAbstractType baseID = subjectConfirmationType.getBaseID(); + if( baseID != null ) + { + write( baseID ); + } + NameIDType nameIDType = subjectConfirmationType.getNameID(); + if( nameIDType != null ) + { + write( nameIDType, new QName( ASSERTION_NSURI.get(), JBossSAMLConstants.NAMEID.get(), ASSERTION_PREFIX) ); + } + SubjectConfirmationDataType subjectConfirmationData = subjectConfirmationType.getSubjectConfirmationData(); + if( subjectConfirmationData != null ) + { + write( subjectConfirmationData ); + } + StaxUtil.writeEndElement( writer); + } + private void write( SubjectConfirmationDataType subjectConfirmationData ) throws ProcessingException { StaxUtil.writeStartElement( writer, ASSERTION_PREFIX, JBossSAMLConstants.SUBJECT_CONFIRMATION_DATA.get(), ASSERTION_NSURI.get() ); Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/SAMLRequestWriter.java =================================================================== --- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/SAMLRequestWriter.java 2010-11-30 16:03:56 UTC (rev 568) +++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/SAMLRequestWriter.java 2010-11-30 16:06:20 UTC (rev 569) @@ -24,17 +24,19 @@ import static org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLURIConstants.ASSERTION_NSURI; import static org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLURIConstants.PROTOCOL_NSURI; +import java.net.URI; + import javax.xml.namespace.QName; import javax.xml.stream.XMLStreamWriter; import org.picketlink.identity.federation.core.exceptions.ProcessingException; import org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLConstants; import org.picketlink.identity.federation.core.util.StaxUtil; -import org.picketlink.identity.federation.core.util.StringUtil; -import org.picketlink.identity.federation.saml.v2.assertion.NameIDType; -import org.picketlink.identity.federation.saml.v2.protocol.AuthnRequestType; -import org.picketlink.identity.federation.saml.v2.protocol.LogoutRequestType; -import org.picketlink.identity.federation.saml.v2.protocol.NameIDPolicyType; +import org.picketlink.identity.federation.core.util.StringUtil; +import org.picketlink.identity.federation.newmodel.saml.v2.assertion.NameIDType; +import org.picketlink.identity.federation.newmodel.saml.v2.protocol.AuthnRequestType; +import org.picketlink.identity.federation.newmodel.saml.v2.protocol.LogoutRequestType; +import org.picketlink.identity.federation.newmodel.saml.v2.protocol.NameIDPolicyType; /** * Writes a SAML2 Request Type to Stream @@ -65,17 +67,17 @@ StaxUtil.writeAttribute( writer, JBossSAMLConstants.VERSION.get(), request.getVersion() ); StaxUtil.writeAttribute( writer, JBossSAMLConstants.ISSUE_INSTANT.get(), request.getIssueInstant().toString() ); - String destination = request.getDestination(); - if( StringUtil.isNotNull( destination )) - StaxUtil.writeAttribute( writer, JBossSAMLConstants.DESTINATION.get(), destination ); + URI destination = request.getDestination(); + if( destination != null ) + StaxUtil.writeAttribute( writer, JBossSAMLConstants.DESTINATION.get(), destination.toASCIIString() ); String consent = request.getConsent(); if( StringUtil.isNotNull( consent )) StaxUtil.writeAttribute( writer, JBossSAMLConstants.CONSENT.get(), consent ); - String assertionURL = request.getAssertionConsumerServiceURL(); - if( StringUtil.isNotNull( assertionURL ) ) - StaxUtil.writeAttribute( writer, JBossSAMLConstants.ASSERTION_CONSUMER_SERVICE_URL.get(), assertionURL ); + URI assertionURL = request.getAssertionConsumerServiceURL(); + if( assertionURL != null ) + StaxUtil.writeAttribute( writer, JBossSAMLConstants.ASSERTION_CONSUMER_SERVICE_URL.get(), assertionURL.toASCIIString() ); NameIDType issuer = request.getIssuer(); write( issuer, new QName( ASSERTION_NSURI.get(), JBossSAMLConstants.ISSUER.get())); @@ -106,10 +108,10 @@ StaxUtil.writeAttribute( writer, JBossSAMLConstants.VERSION.get(), logOutRequest.getVersion() ); StaxUtil.writeAttribute( writer, JBossSAMLConstants.ISSUE_INSTANT.get(), logOutRequest.getIssueInstant().toString() ); - String destination = logOutRequest.getDestination(); - if( StringUtil.isNotNull( destination )) + URI destination = logOutRequest.getDestination(); + if( destination != null ) { - StaxUtil.writeAttribute( writer, JBossSAMLConstants.DESTINATION.get(),destination ); + StaxUtil.writeAttribute( writer, JBossSAMLConstants.DESTINATION.get(), destination.toASCIIString() ); } String consent = logOutRequest.getConsent(); @@ -133,10 +135,10 @@ { StaxUtil.writeStartElement( writer, PROTOCOL_PREFIX, JBossSAMLConstants.NAMEID_POLICY.get(), PROTOCOL_NSURI.get() ); - String format = nameIDPolicy.getFormat(); - if( StringUtil.isNotNull( format )) + URI format = nameIDPolicy.getFormat(); + if( format != null ) { - StaxUtil.writeAttribute( writer, JBossSAMLConstants.FORMAT.get(), format ); + StaxUtil.writeAttribute( writer, JBossSAMLConstants.FORMAT.get(), format.toASCIIString() ); } String spNameQualifier = nameIDPolicy.getSPNameQualifier(); Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/SAMLResponseWriter.java =================================================================== --- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/SAMLResponseWriter.java 2010-11-30 16:03:56 UTC (rev 568) +++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/SAMLResponseWriter.java 2010-11-30 16:06:20 UTC (rev 569) @@ -24,6 +24,7 @@ import static org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLURIConstants.ASSERTION_NSURI; import static org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLURIConstants.PROTOCOL_NSURI; +import java.net.URI; import java.util.List; import javax.xml.namespace.QName; @@ -33,13 +34,14 @@ import org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLConstants; import org.picketlink.identity.federation.core.util.StaxUtil; import org.picketlink.identity.federation.core.util.StringUtil; -import org.picketlink.identity.federation.saml.v2.assertion.AssertionType; -import org.picketlink.identity.federation.saml.v2.assertion.NameIDType; -import org.picketlink.identity.federation.saml.v2.protocol.ResponseType; -import org.picketlink.identity.federation.saml.v2.protocol.StatusCodeType; -import org.picketlink.identity.federation.saml.v2.protocol.StatusDetailType; -import org.picketlink.identity.federation.saml.v2.protocol.StatusResponseType; -import org.picketlink.identity.federation.saml.v2.protocol.StatusType; +import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AssertionType; +import org.picketlink.identity.federation.newmodel.saml.v2.assertion.NameIDType; +import org.picketlink.identity.federation.newmodel.saml.v2.protocol.ResponseType; +import org.picketlink.identity.federation.newmodel.saml.v2.protocol.ResponseType.RTChoiceType; +import org.picketlink.identity.federation.newmodel.saml.v2.protocol.StatusCodeType; +import org.picketlink.identity.federation.newmodel.saml.v2.protocol.StatusDetailType; +import org.picketlink.identity.federation.newmodel.saml.v2.protocol.StatusResponseType; +import org.picketlink.identity.federation.newmodel.saml.v2.protocol.StatusType; /** * Write a SAML Response to stream @@ -77,11 +79,12 @@ StatusType status = response.getStatus(); write( status ); - List<Object> assertions = response.getAssertionOrEncryptedAssertion(); - if( assertions != null ) + List<RTChoiceType> choiceTypes = response.getAssertions(); + if( choiceTypes != null ) { - for( Object assertion: assertions ) + for( RTChoiceType choiceType: choiceTypes ) { + AssertionType assertion = choiceType.getAssertion(); if( assertion instanceof AssertionType ) { assertionWriter.write( (AssertionType) assertion ); @@ -163,10 +166,10 @@ { StaxUtil.writeStartElement( writer, PROTOCOL_PREFIX, JBossSAMLConstants.STATUS_CODE.get() , PROTOCOL_NSURI.get() ); - String value = statusCodeType.getValue(); - if( StringUtil.isNotNull( value )) + URI value = statusCodeType.getValue(); + if( value != null ) { - StaxUtil.writeAttribute( writer, JBossSAMLConstants.VALUE.get(), value ); + StaxUtil.writeAttribute( writer, JBossSAMLConstants.VALUE.get(), value.toASCIIString() ); } StatusCodeType subStatusCode = statusCodeType.getStatusCode(); if( subStatusCode != null ) Added: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/util/NetworkUtil.java =================================================================== --- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/util/NetworkUtil.java (rev 0) +++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/util/NetworkUtil.java 2010-11-30 16:06:20 UTC (rev 569) @@ -0,0 +1,50 @@ +/* + * JBoss, Home of Professional Open Source. + * Copyright 2008, Red Hat Middleware LLC, and individual contributors + * as indicated by the @author tags. See the copyright.txt file in the + * distribution for a full listing of individual contributors. + * + * This is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * This software is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this software; if not, write to the Free + * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA + * 02110-1301 USA, or see the FSF site: http://www.fsf.org. + */ +package org.picketlink.identity.federation.core.util; + +import java.net.URI; +import java.net.URISyntaxException; + +/** + * General utility class for network related stuff + * @author Anil.Saldhana(a)redhat.com + * @since Nov 29, 2010 + */ +public class NetworkUtil +{ + /** + * Create {@code URI} + * @param value + * @return + */ + public static URI createURI( String value ) + { + try + { + return new URI( value ); + } + catch (URISyntaxException e) + { + throw new RuntimeException( "value is not of type URI:", e ); + } + } +} \ No newline at end of file Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/util/StaxUtil.java =================================================================== --- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/util/StaxUtil.java 2010-11-30 16:03:56 UTC (rev 568) +++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/util/StaxUtil.java 2010-11-30 16:06:20 UTC (rev 569) @@ -18,6 +18,7 @@ package org.picketlink.identity.federation.core.util; import java.io.OutputStream; +import java.io.Writer; import java.util.Stack; import javax.xml.namespace.QName; @@ -101,6 +102,26 @@ throw new ProcessingException(e); } } + + /** + * Get an {@code XMLStreamWriter} + * + * @param writer {@code Writer} + * @return + * @throws ProcessingException + */ + public static XMLStreamWriter getXMLStreamWriter(final Writer writer ) throws ProcessingException + { + XMLOutputFactory xmlOutputFactory = XMLOutputFactory.newInstance(); + try + { + return xmlOutputFactory.createXMLStreamWriter( writer ); + } + catch (XMLStreamException e) + { + throw new ProcessingException(e); + } + } public static XMLStreamWriter getXMLStreamWriter(final Result result) throws ProcessingException { Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/StandardRequestHandler.java =================================================================== --- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/StandardRequestHandler.java 2010-11-30 16:03:56 UTC (rev 568) +++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/StandardRequestHandler.java 2010-11-30 16:06:20 UTC (rev 569) @@ -42,7 +42,6 @@ import org.picketlink.identity.federation.ws.trust.ClaimsType; import org.picketlink.identity.federation.ws.trust.ComputedKeyType; import org.picketlink.identity.federation.ws.trust.EntropyType; -import org.picketlink.identity.federation.ws.trust.ObjectFactory; import org.picketlink.identity.federation.ws.trust.RequestedProofTokenType; import org.picketlink.identity.federation.ws.trust.RequestedSecurityTokenType; import org.picketlink.identity.federation.ws.trust.RequestedTokenCancelledType; @@ -183,8 +182,7 @@ { // symmetric key case: if client entropy is found, compute a key. If not, generate a new key. requestedProofToken = new RequestedProofTokenType(); - ObjectFactory objFactory = new ObjectFactory(); - + byte[] serverSecret = WSTrustUtil.createRandomSecret((int) keySize / 8); BinarySecretType serverBinarySecret = new BinarySecretType(); serverBinarySecret.setType(WSTrustConstants.BS_TYPE_NONCE); Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/plugins/saml/SAML20TokenAttributeProvider.java =================================================================== --- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/plugins/saml/SAML20TokenAttributeProvider.java 2010-11-30 16:03:56 UTC (rev 568) +++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/plugins/saml/SAML20TokenAttributeProvider.java 2010-11-30 16:06:20 UTC (rev 569) @@ -2,7 +2,7 @@ import java.util.Map; -import org.picketlink.identity.federation.saml.v2.assertion.AttributeStatementType; +import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AttributeStatementType; /** * Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/plugins/saml/SAML20TokenProvider.java =================================================================== --- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/plugins/saml/SAML20TokenProvider.java 2010-11-30 16:03:56 UTC (rev 568) +++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/plugins/saml/SAML20TokenProvider.java 2010-11-30 16:06:20 UTC (rev 569) @@ -43,16 +43,16 @@ import org.picketlink.identity.federation.core.wstrust.plugins.FileBasedRevocationRegistry; import org.picketlink.identity.federation.core.wstrust.plugins.JPABasedRevocationRegistry; import org.picketlink.identity.federation.core.wstrust.plugins.RevocationRegistry; -import org.picketlink.identity.federation.core.wstrust.wrappers.Lifetime; -import org.picketlink.identity.federation.saml.v2.assertion.AssertionType; -import org.picketlink.identity.federation.saml.v2.assertion.AttributeStatementType; -import org.picketlink.identity.federation.saml.v2.assertion.AudienceRestrictionType; -import org.picketlink.identity.federation.saml.v2.assertion.ConditionsType; -import org.picketlink.identity.federation.saml.v2.assertion.KeyInfoConfirmationDataType; -import org.picketlink.identity.federation.saml.v2.assertion.NameIDType; -import org.picketlink.identity.federation.saml.v2.assertion.StatementAbstractType; -import org.picketlink.identity.federation.saml.v2.assertion.SubjectConfirmationType; -import org.picketlink.identity.federation.saml.v2.assertion.SubjectType; +import org.picketlink.identity.federation.core.wstrust.wrappers.Lifetime; +import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AssertionType; +import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AttributeStatementType; +import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AudienceRestrictionType; +import org.picketlink.identity.federation.newmodel.saml.v2.assertion.ConditionsType; +import org.picketlink.identity.federation.newmodel.saml.v2.assertion.KeyInfoConfirmationDataType; +import org.picketlink.identity.federation.newmodel.saml.v2.assertion.NameIDType; +import org.picketlink.identity.federation.newmodel.saml.v2.assertion.StatementAbstractType; +import org.picketlink.identity.federation.newmodel.saml.v2.assertion.SubjectConfirmationType; +import org.picketlink.identity.federation.newmodel.saml.v2.assertion.SubjectType; import org.picketlink.identity.federation.ws.policy.AppliesTo; import org.picketlink.identity.federation.ws.trust.RequestedReferenceType; import org.picketlink.identity.federation.ws.trust.StatusType; @@ -262,7 +262,7 @@ AttributeStatementType attributeStatement = this.attributeProvider.getAttributeStatement(); if (attributeStatement != null) { - assertion.getStatementOrAuthnStatementOrAuthzDecisionStatement().add(attributeStatement); + assertion.addStatement( attributeStatement ); } } @@ -329,11 +329,14 @@ // create a new unique ID for the renewed assertion. String assertionID = IDGenerator.create("ID_"); + + List<StatementAbstractType> statements = new ArrayList<StatementAbstractType>(); + statements.addAll( oldAssertion.getStatements() ); // create the new assertion. AssertionType newAssertion = SAMLAssertionFactory.createAssertion(assertionID, oldAssertion.getIssuer(), context - .getRequestSecurityToken().getLifetime().getCreated(), conditions, oldAssertion.getSubject(), oldAssertion - .getStatementOrAuthnStatementOrAuthzDecisionStatement()); + .getRequestSecurityToken().getLifetime().getCreated(), conditions, oldAssertion.getSubject(), + statements ); // create a security token with the new assertion. Element assertionElement = null; Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/plugins/saml/SAMLUtil.java =================================================================== --- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/plugins/saml/SAMLUtil.java 2010-11-30 16:03:56 UTC (rev 568) +++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/plugins/saml/SAMLUtil.java 2010-11-30 16:06:20 UTC (rev 569) @@ -21,16 +21,18 @@ */ package org.picketlink.identity.federation.core.wstrust.plugins.saml; +import java.io.ByteArrayInputStream; +import java.io.ByteArrayOutputStream; + import javax.xml.bind.JAXBElement; import javax.xml.bind.JAXBException; -import javax.xml.bind.Marshaller; import javax.xml.bind.Unmarshaller; -import javax.xml.transform.dom.DOMResult; import org.picketlink.identity.federation.core.saml.v2.util.DocumentUtil; +import org.picketlink.identity.federation.core.saml.v2.writers.SAMLAssertionWriter; import org.picketlink.identity.federation.core.util.JAXBUtil; -import org.picketlink.identity.federation.saml.v2.assertion.AssertionType; -import org.picketlink.identity.federation.saml.v2.assertion.ObjectFactory; +import org.picketlink.identity.federation.core.util.StaxUtil; +import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AssertionType; import org.w3c.dom.Document; import org.w3c.dom.Element; @@ -65,13 +67,20 @@ * @throws Exception * if an error occurs while marshaling the assertion. */ - public static Element toElement(AssertionType assertion) throws Exception + public static Element toElement( AssertionType assertion ) throws Exception { - Document document = DocumentUtil.createDocument(); + /*Document document = DocumentUtil.createDocument(); DOMResult result = new DOMResult(document); - Marshaller marshaller = JAXBUtil.getMarshaller("org.picketlink.identity.federation.saml.v2.assertion"); + */ + ByteArrayOutputStream baos = new ByteArrayOutputStream(); + SAMLAssertionWriter writer = new SAMLAssertionWriter(StaxUtil.getXMLStreamWriter(baos)); + writer.write( assertion ); + + ByteArrayInputStream bis = new ByteArrayInputStream( baos.toByteArray() ); + Document document = DocumentUtil.getDocument( bis ); //throws exceptions + /*Marshaller marshaller = JAXBUtil.getMarshaller("org.picketlink.identity.federation.saml.v2.assertion"); marshaller.marshal(new ObjectFactory().createAssertion(assertion), result); - +*/ // normalize the document to remove unused namespaces. // DOMConfiguration docConfig = document.getDomConfig(); // docConfig.setParameter("namespaces", Boolean.TRUE); Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/writers/WSPolicyWriter.java =================================================================== --- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/writers/WSPolicyWriter.java 2010-11-30 16:03:56 UTC (rev 568) +++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/writers/WSPolicyWriter.java 2010-11-30 16:06:20 UTC (rev 569) @@ -28,7 +28,6 @@ import java.util.List; -import javax.xml.bind.JAXBElement; import javax.xml.stream.XMLStreamWriter; import org.picketlink.identity.federation.core.exceptions.ProcessingException; Copied: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/writers/WSTrustRSTWriter.java (from rev 560, federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/writers/WSTrustRSTWriter.java) =================================================================== --- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/writers/WSTrustRSTWriter.java (rev 0) +++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/writers/WSTrustRSTWriter.java 2010-11-30 16:06:20 UTC (rev 569) @@ -0,0 +1,449 @@ +/* + * JBoss, Home of Professional Open Source. + * Copyright 2008, Red Hat Middleware LLC, and individual contributors + * as indicated by the @author tags. See the copyright.txt file in the + * distribution for a full listing of individual contributors. + * + * This is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * This software is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this software; if not, write to the Free + * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA + * 02110-1301 USA, or see the FSF site: http://www.fsf.org. + */ +package org.picketlink.identity.federation.core.wstrust.writers; + +import static org.picketlink.identity.federation.core.wstrust.WSTrustConstants.BASE_NAMESPACE; +import static org.picketlink.identity.federation.core.wstrust.WSTrustConstants.PREFIX; +import static org.picketlink.identity.federation.core.wstrust.WSTrustConstants.RST; +import static org.picketlink.identity.federation.core.wstrust.WSTrustConstants.RST_COLLECTION; +import static org.picketlink.identity.federation.core.wstrust.WSTrustConstants.RST_CONTEXT; + +import java.io.OutputStream; +import java.net.URI; +import java.util.List; + +import javax.xml.stream.XMLStreamWriter; +import javax.xml.transform.Result; + +import org.picketlink.identity.federation.core.exceptions.ProcessingException; +import org.picketlink.identity.federation.core.saml.v2.writers.SAMLAssertionWriter; +import org.picketlink.identity.federation.core.util.StaxUtil; +import org.picketlink.identity.federation.core.wstrust.WSTrustConstants; +import org.picketlink.identity.federation.core.wstrust.wrappers.RequestSecurityToken; +import org.picketlink.identity.federation.core.wstrust.wrappers.RequestSecurityTokenCollection; +import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AssertionType; +import org.picketlink.identity.federation.ws.policy.AppliesTo; +import org.picketlink.identity.federation.ws.trust.BinarySecretType; +import org.picketlink.identity.federation.ws.trust.CancelTargetType; +import org.picketlink.identity.federation.ws.trust.EntropyType; +import org.picketlink.identity.federation.ws.trust.OnBehalfOfType; +import org.picketlink.identity.federation.ws.trust.RenewTargetType; +import org.picketlink.identity.federation.ws.trust.UseKeyType; +import org.picketlink.identity.federation.ws.trust.ValidateTargetType; +import org.picketlink.identity.federation.ws.wss.secext.UsernameTokenType; +import org.picketlink.identity.xmlsec.w3.xmldsig.KeyValueType; +import org.picketlink.identity.xmlsec.w3.xmldsig.RSAKeyValueType; +import org.w3c.dom.Element; + +/** + * Given a {@code RequestSecurityToken}, write into an {@code OutputStream} + * @author Anil.Saldhana(a)redhat.com + * @since Oct 19, 2010 + */ +public class WSTrustRSTWriter +{ + private XMLStreamWriter writer; + + /** + * + * Creates a {@code WSTrustRSTWriter} that writes {@code RequestSecurityToken} instances to the specified + * {@code OutputStream}. + * + * + * @param out the stream where the request is to be written. + * @throws ProcessingException if an error occurs while processing the request. + */ + public WSTrustRSTWriter(OutputStream out) throws ProcessingException + { + this.writer = StaxUtil.getXMLStreamWriter(out); + } + + /** + * + * Creates a {@code WSTrustRSTWriter} that writes {@code RequestSecurityToken} instances to the specified + * {@code Result}. + * + * + * @param result the {@code Result} where the request it to be written. + * @throws ProcessingException if an error occurs while processing the request. + */ + public WSTrustRSTWriter(Result result) throws ProcessingException + { + this.writer = StaxUtil.getXMLStreamWriter(result); + } + + /** + * + * Creates a {@code WSTrustRSTWriter} that uses the specified {@code XMLStreamWriter} to write the request + * objects. + * + * + * @param writer the {@code XMLStreamWriter} to be used to write requests. + */ + public WSTrustRSTWriter(XMLStreamWriter writer) + { + this.writer = writer; + } + + /** + * Write the {@code RequestSecurityTokenCollection} into the {@code OutputStream} + * @param requestTokenCollection + * @param out + * @throws ProcessingException + */ + public void write( RequestSecurityTokenCollection requestTokenCollection) throws ProcessingException + { + StaxUtil.writeStartElement( writer, PREFIX, RST_COLLECTION, BASE_NAMESPACE); + StaxUtil.writeNameSpace( writer, PREFIX, BASE_NAMESPACE ); + + List<RequestSecurityToken> tokenList = requestTokenCollection.getRequestSecurityTokens(); + if( tokenList == null ) + throw new ProcessingException( "RST list is null" ); + + for( RequestSecurityToken token: tokenList ) + { + write(token); + } + + StaxUtil.writeEndElement( writer ); + StaxUtil.flush( writer ); + } + + /** + * Write the {@code RequestSecurityToken} into the {@code OutputStream} + * @param requestToken + * @param out + * @throws ProcessingException + */ + public void write( RequestSecurityToken requestToken ) throws ProcessingException + { + StaxUtil.writeStartElement( writer, PREFIX, RST, BASE_NAMESPACE); + StaxUtil.writeNameSpace( writer, PREFIX, BASE_NAMESPACE ); + String context = requestToken.getContext(); + StaxUtil.writeAttribute( writer, RST_CONTEXT, context ); + + URI requestType = requestToken.getRequestType(); + if( requestType != null ) + { + writeRequestType( writer, requestType ); + } + + URI tokenType = requestToken.getTokenType(); + if( tokenType != null ) + { + writeTokenType( writer, tokenType ); + } + //Deal with AppliesTo + AppliesTo appliesTo = requestToken.getAppliesTo(); + if( appliesTo != null ) + { + WSPolicyWriter wsPolicyWriter = new WSPolicyWriter(this.writer); + wsPolicyWriter.write( appliesTo ); + } + + long keySize = requestToken.getKeySize(); + if (keySize != 0) + { + StaxUtil.writeStartElement(writer, PREFIX, WSTrustConstants.KEY_SIZE, BASE_NAMESPACE); + StaxUtil.writeCharacters(writer, Long.toString(keySize)); + StaxUtil.writeEndElement(writer); + } + + URI keyType = requestToken.getKeyType(); + if( keyType != null ) + { + StaxUtil.writeStartElement( writer, PREFIX, WSTrustConstants.KEY_TYPE, BASE_NAMESPACE); + StaxUtil.writeCharacters(writer, keyType.toString() ); + StaxUtil.writeEndElement( writer ); + } + EntropyType entropy = requestToken.getEntropy(); + if( entropy != null ) + { + writeEntropyType(entropy); + } + + UseKeyType useKeyType = requestToken.getUseKey(); + if( useKeyType != null ) + { + writeUseKeyType(useKeyType); + } + + OnBehalfOfType onBehalfOf = requestToken.getOnBehalfOf(); + if( onBehalfOf != null ) + { + writeOnBehalfOfType(onBehalfOf); + } + + ValidateTargetType validateTarget = requestToken.getValidateTarget(); + if( validateTarget != null ) + { + writeValidateTargetType(validateTarget); + } + + CancelTargetType cancelTarget = requestToken.getCancelTarget(); + if( cancelTarget != null ) + { + writeCancelTargetType(cancelTarget); + } + + RenewTargetType renewTarget = requestToken.getRenewTarget(); + if (renewTarget != null) + { + writeRenewTargetType(renewTarget); + } + + StaxUtil.writeEndElement( writer ); + StaxUtil.flush( writer ); + } + + /** + * Write an {@code EntropyType} to stream + * @param entropy + * @throws ProcessingException + */ + private void writeEntropyType(EntropyType entropy) throws ProcessingException + { + StaxUtil.writeStartElement( writer, PREFIX, WSTrustConstants.ENTROPY, BASE_NAMESPACE); + + List<Object> entropyList = entropy.getAny(); + if( entropyList != null ) + { + for( Object entropyObj: entropyList ) + { + if( entropyObj instanceof BinarySecretType ) + { + BinarySecretType binarySecret = (BinarySecretType) entropyObj; + writeBinarySecretType( writer, binarySecret ); + } + } + } + StaxUtil.writeEndElement( writer ); + } + + /** + * Write an {@code UseKeyType} to stream + * @param useKeyType + * @throws ProcessingException + */ + private void writeUseKeyType(UseKeyType useKeyType) throws ProcessingException + { + StaxUtil.writeStartElement( writer, PREFIX, WSTrustConstants.USE_KEY, BASE_NAMESPACE); + + Object useKeyTypeValue = useKeyType.getAny(); + if( useKeyTypeValue instanceof Element ) + { + Element domElement = (Element) useKeyTypeValue; + StaxUtil.writeDOMElement( writer, domElement ); + } + else if (useKeyTypeValue instanceof byte[]) + { + byte[] certificate = (byte[]) useKeyTypeValue; + StaxUtil.writeStartElement(writer, WSTrustConstants.XMLDSig.DSIG_PREFIX , WSTrustConstants.XMLDSig.X509CERT, + WSTrustConstants.DSIG_NS); + StaxUtil.writeNameSpace( writer, WSTrustConstants.XMLDSig.DSIG_PREFIX , WSTrustConstants.DSIG_NS); + StaxUtil.writeCharacters(writer, new String(certificate)); + StaxUtil.writeEndElement(writer); + } + else if (useKeyTypeValue instanceof KeyValueType) + { + writeKeyValueType((KeyValueType) useKeyTypeValue); + } + else + throw new RuntimeException( " Unknown use key type:" + useKeyTypeValue.getClass().getName() ); + + StaxUtil.writeEndElement(writer); + } + + private void writeKeyValueType(KeyValueType type) throws ProcessingException + { + StaxUtil.writeStartElement(writer, WSTrustConstants.XMLDSig.DSIG_PREFIX , WSTrustConstants.XMLDSig.KEYVALUE, WSTrustConstants.DSIG_NS); + StaxUtil.writeNameSpace(writer, WSTrustConstants.XMLDSig.DSIG_PREFIX , WSTrustConstants.DSIG_NS); + if (type.getContent().size() == 0) + throw new ProcessingException("KeyValueType must contain at least one value"); + + for (Object obj : type.getContent()) + { + if (obj instanceof RSAKeyValueType) + { + RSAKeyValueType rsaKeyValue = (RSAKeyValueType) obj; + writeRSAKeyValueType(rsaKeyValue); + } + } + StaxUtil.writeEndElement(writer); + } + + private void writeRSAKeyValueType(RSAKeyValueType type) throws ProcessingException + { + StaxUtil.writeStartElement(writer, "dsig", WSTrustConstants.XMLDSig.RSA_KEYVALUE , WSTrustConstants.DSIG_NS); + // write the rsa key modulus. + byte[] modulus = type.getModulus(); + StaxUtil.writeStartElement(writer, "dsig", WSTrustConstants.XMLDSig.MODULUS , WSTrustConstants.DSIG_NS); + StaxUtil.writeCharacters(writer, new String(modulus)); + StaxUtil.writeEndElement(writer); + + // write the rsa key exponent. + byte[] exponent = type.getExponent(); + StaxUtil.writeStartElement(writer, "dsig", WSTrustConstants.XMLDSig.EXPONENT , WSTrustConstants.DSIG_NS); + StaxUtil.writeCharacters(writer, new String(exponent)); + StaxUtil.writeEndElement(writer); + + StaxUtil.writeEndElement(writer); + } + /** + * Write an {@code OnBehalfOfType} to stream + * @param onBehalfOf + * @param out + * @throws ProcessingException + */ + private void writeOnBehalfOfType(OnBehalfOfType onBehalfOf) throws ProcessingException + { + StaxUtil.writeStartElement( writer, PREFIX, WSTrustConstants.ON_BEHALF_OF, BASE_NAMESPACE); + StaxUtil.writeCharacters(writer, "" ); + + UsernameTokenType usernameToken = (UsernameTokenType) onBehalfOf.getAny(); + WSSecurityWriter wsseWriter = new WSSecurityWriter(this.writer); + wsseWriter.write( usernameToken ); + StaxUtil.writeEndElement( writer ); + } + + /** + * Write an {@code ValidateTargetType} to stream + * @param validateTarget + * @param out + * @throws ProcessingException + */ + private void writeValidateTargetType(ValidateTargetType validateTarget) throws ProcessingException + { + StaxUtil.writeStartElement( writer, PREFIX, WSTrustConstants.VALIDATE_TARGET, BASE_NAMESPACE); + + Object validateTargetObj = validateTarget.getAny(); + if (validateTargetObj != null) + { + if (validateTargetObj instanceof AssertionType) + { + AssertionType assertion = (AssertionType) validateTargetObj; + SAMLAssertionWriter samlAssertionWriter = new SAMLAssertionWriter(this.writer); + samlAssertionWriter.write(assertion); + } + else if (validateTargetObj instanceof Element) + { + StaxUtil.writeDOMElement(writer, (Element) validateTargetObj); + } + else + throw new ProcessingException("Unknown validate target type=" + validateTargetObj.getClass().getName()); + } + StaxUtil.writeEndElement( writer ); + } + + private void writeRenewTargetType(RenewTargetType renewTarget) throws ProcessingException + { + StaxUtil.writeStartElement( writer, PREFIX, WSTrustConstants.RENEW_TARGET, BASE_NAMESPACE); + + Object renewTargetObj = renewTarget.getAny(); + if (renewTargetObj != null) + { + if (renewTargetObj instanceof AssertionType) + { + AssertionType assertion = (AssertionType) renewTargetObj; + SAMLAssertionWriter samlAssertionWriter = new SAMLAssertionWriter(this.writer); + samlAssertionWriter.write(assertion); + } + else if (renewTargetObj instanceof Element) + { + StaxUtil.writeDOMElement(writer, (Element) renewTargetObj); + } + else + throw new ProcessingException("Unknown renew target type=" + renewTargetObj.getClass().getName()); + } + StaxUtil.writeEndElement( writer ); + } + + /** + * Write an {@code CancelTargetType} to Stream + * @param cancelTarget + * @param out + * @throws ProcessingException + */ + private void writeCancelTargetType(CancelTargetType cancelTarget) throws ProcessingException + { + StaxUtil.writeStartElement( writer, PREFIX, WSTrustConstants.CANCEL_TARGET, BASE_NAMESPACE); + + Object cancelTargetObj = cancelTarget.getAny(); + if (cancelTargetObj != null) + { + if (cancelTargetObj instanceof AssertionType) + { + AssertionType assertion = (AssertionType) cancelTargetObj; + SAMLAssertionWriter samlAssertionWriter = new SAMLAssertionWriter(this.writer); + samlAssertionWriter.write(assertion); + } + else if (cancelTargetObj instanceof Element) + { + StaxUtil.writeDOMElement(writer, (Element) cancelTargetObj); + } + else + throw new ProcessingException("Unknown cancel target type=" + cancelTargetObj.getClass().getName()); + } + StaxUtil.writeEndElement( writer ); + } + + /** + * Write a {@code BinarySecretType} to stream + * @param writer + * @param binarySecret + * @throws ProcessingException + */ + private void writeBinarySecretType( XMLStreamWriter writer, BinarySecretType binarySecret ) throws ProcessingException + { + StaxUtil.writeStartElement( writer, PREFIX, WSTrustConstants.BINARY_SECRET, BASE_NAMESPACE ); + String type = binarySecret.getType(); + StaxUtil.writeAttribute(writer, WSTrustConstants.TYPE, type ); + StaxUtil.writeCharacters(writer, new String( binarySecret.getValue() ) ); + StaxUtil.writeEndElement(writer); + } + + /** + * Write a Request Type + * @param writer + * @param uri + * @throws ProcessingException + */ + private void writeRequestType( XMLStreamWriter writer , URI uri ) throws ProcessingException + { + StaxUtil.writeStartElement( writer, PREFIX, WSTrustConstants.REQUEST_TYPE, BASE_NAMESPACE ); + StaxUtil.writeCharacters(writer, uri.toASCIIString() ); + StaxUtil.writeEndElement(writer); + } + + /** + * Write Token Type + * @param writer + * @param uri + * @throws ProcessingException + */ + private void writeTokenType( XMLStreamWriter writer , URI uri ) throws ProcessingException + { + StaxUtil.writeStartElement( writer, PREFIX, WSTrustConstants.TOKEN_TYPE, BASE_NAMESPACE ); + StaxUtil.writeCharacters(writer, uri.toASCIIString() ); + StaxUtil.writeEndElement(writer); + } +} \ No newline at end of file Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/writers/WSTrustRequestWriter.java =================================================================== --- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/writers/WSTrustRequestWriter.java 2010-11-30 16:03:56 UTC (rev 568) +++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/writers/WSTrustRequestWriter.java 2010-11-30 16:06:20 UTC (rev 569) @@ -39,8 +39,8 @@ import org.picketlink.identity.federation.core.util.StaxUtil; import org.picketlink.identity.federation.core.wstrust.WSTrustConstants; import org.picketlink.identity.federation.core.wstrust.wrappers.RequestSecurityToken; -import org.picketlink.identity.federation.core.wstrust.wrappers.RequestSecurityTokenCollection; -import org.picketlink.identity.federation.saml.v2.assertion.AssertionType; +import org.picketlink.identity.federation.core.wstrust.wrappers.RequestSecurityTokenCollection; +import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AssertionType; import org.picketlink.identity.federation.ws.policy.AppliesTo; import org.picketlink.identity.federation.ws.trust.BinarySecretType; import org.picketlink.identity.federation.ws.trust.CancelTargetType; Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/writers/WSTrustResponseWriter.java =================================================================== --- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/writers/WSTrustResponseWriter.java 2010-11-30 16:03:56 UTC (rev 568) +++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/writers/WSTrustResponseWriter.java 2010-11-30 16:06:20 UTC (rev 569) @@ -29,8 +29,8 @@ import org.picketlink.identity.federation.core.wstrust.WSTrustConstants; import org.picketlink.identity.federation.core.wstrust.wrappers.Lifetime; import org.picketlink.identity.federation.core.wstrust.wrappers.RequestSecurityTokenResponse; -import org.picketlink.identity.federation.core.wstrust.wrappers.RequestSecurityTokenResponseCollection; -import org.picketlink.identity.federation.saml.v2.assertion.AssertionType; +import org.picketlink.identity.federation.core.wstrust.wrappers.RequestSecurityTokenResponseCollection; +import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AssertionType; import org.picketlink.identity.federation.ws.trust.BinarySecretType; import org.picketlink.identity.federation.ws.trust.ComputedKeyType; import org.picketlink.identity.federation.ws.trust.EntropyType; Modified: federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/identity/federation/core/wstrust/auth/Util.java =================================================================== --- federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/identity/federation/core/wstrust/auth/Util.java 2010-11-30 16:03:56 UTC (rev 568) +++ federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/identity/federation/core/wstrust/auth/Util.java 2010-11-30 16:06:20 UTC (rev 569) @@ -23,9 +23,12 @@ import java.util.HashMap; import java.util.Map; +import org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLConstants; +import org.picketlink.identity.federation.core.saml.v2.factories.JBossSAMLBaseFactory; +import org.picketlink.identity.federation.core.saml.v2.util.XMLTimeUtil; import org.picketlink.identity.federation.core.wstrust.auth.AbstractSTSLoginModule; -import org.picketlink.identity.federation.core.wstrust.plugins.saml.SAMLUtil; -import org.picketlink.identity.federation.saml.v2.assertion.AssertionType; +import org.picketlink.identity.federation.core.wstrust.plugins.saml.SAMLUtil; +import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AssertionType; import org.w3c.dom.Element; /** @@ -42,7 +45,9 @@ public static Element createSamlToken() throws Exception { - final AssertionType assertionType = new AssertionType(); + String id = "ID+" + JBossSAMLBaseFactory.createUUID(); + final AssertionType assertionType = new AssertionType( id, XMLTimeUtil.getIssueInstant(), + JBossSAMLConstants.VERSION_2_0.get() ); return SAMLUtil.toElement(assertionType); } Modified: federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/saml/SAMLAssertionParserTestCase.java =================================================================== --- federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/saml/SAMLAssertionParserTestCase.java 2010-11-30 16:03:56 UTC (rev 568) +++ federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/saml/SAMLAssertionParserTestCase.java 2010-11-30 16:06:20 UTC (rev 569) @@ -27,7 +27,9 @@ import java.io.ByteArrayInputStream; import java.io.ByteArrayOutputStream; import java.io.InputStream; +import java.util.Iterator; import java.util.List; +import java.util.Set; import javax.xml.bind.JAXBElement; import javax.xml.namespace.QName; @@ -39,18 +41,10 @@ import org.picketlink.identity.federation.core.saml.v2.util.DocumentUtil; import org.picketlink.identity.federation.core.saml.v2.util.XMLTimeUtil; import org.picketlink.identity.federation.core.saml.v2.writers.SAMLAssertionWriter; -import org.picketlink.identity.federation.core.util.StaxUtil; -import org.picketlink.identity.federation.saml.v2.assertion.AssertionType; -import org.picketlink.identity.federation.saml.v2.assertion.AttributeStatementType; -import org.picketlink.identity.federation.saml.v2.assertion.AttributeType; -import org.picketlink.identity.federation.saml.v2.assertion.AudienceRestrictionType; -import org.picketlink.identity.federation.saml.v2.assertion.AuthnStatementType; -import org.picketlink.identity.federation.saml.v2.assertion.ConditionsType; -import org.picketlink.identity.federation.saml.v2.assertion.NameIDType; -import org.picketlink.identity.federation.saml.v2.assertion.StatementAbstractType; -import org.picketlink.identity.federation.saml.v2.assertion.SubjectConfirmationDataType; -import org.picketlink.identity.federation.saml.v2.assertion.SubjectConfirmationType; -import org.picketlink.identity.federation.saml.v2.assertion.SubjectType; +import org.picketlink.identity.federation.core.util.StaxUtil; +import org.picketlink.identity.federation.newmodel.saml.v2.assertion.*; +import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AttributeStatementType.ASTChoiceType; +import org.picketlink.identity.federation.newmodel.saml.v2.assertion.SubjectType.STSubType; /** * Test the parsing of saml assertions @@ -76,7 +70,17 @@ //Subject SubjectType subject = assertion.getSubject(); - List<JAXBElement<?>> content = subject.getContent(); + + STSubType subType = subject.getSubType(); + NameIDType subjectNameID = (NameIDType) subType.getBaseID(); + assertEquals( "jduke", subjectNameID.getValue() ); + assertEquals( "urn:picketlink:identity-federation", subjectNameID.getNameQualifier() ); + SubjectConfirmationType subjectConfirmation = subject.getConfirmation().get(0 ); + SubjectConfirmationDataType subjectConfirmationDataType = subjectConfirmation.getSubjectConfirmationData(); + assertEquals( XMLTimeUtil.parse( "2010-09-30T19:13:37.869Z" ) , subjectConfirmationDataType.getNotBefore() ); + assertEquals( XMLTimeUtil.parse( "2010-09-30T21:13:37.869Z" ) , subjectConfirmationDataType.getNotOnOrAfter() ); + + /*List<JAXBElement<?>> content = subject.getContent(); int size = content.size(); @@ -98,7 +102,7 @@ assertEquals( XMLTimeUtil.parse( "2010-09-30T19:13:37.869Z" ) , conditions.getNotBefore() ); assertEquals( XMLTimeUtil.parse( "2010-09-30T21:13:37.869Z" ) , conditions.getNotOnOrAfter() ); } - } + } */ } @@ -125,7 +129,24 @@ //Subject SubjectType subject = assertion.getSubject(); - List<JAXBElement<?>> content = subject.getContent(); + + STSubType subType = subject.getSubType(); + NameIDType subjectNameID = (NameIDType) subType.getBaseID(); + assertEquals( "jduke", subjectNameID.getValue() ); + assertEquals( "urn:picketlink:identity-federation", subjectNameID.getNameQualifier() ); + + SubjectConfirmationType subjectConfirmation = subject.getConfirmation().get(0 ); + assertEquals( "urn:oasis:names:tc:SAML:2.0:cm:bearer", subjectConfirmation.getMethod() ); + + ConditionsType conditions = assertion.getConditions(); + assertEquals( XMLTimeUtil.parse( "2010-09-30T19:13:37.911Z" ) , conditions.getNotBefore() ); + assertEquals( XMLTimeUtil.parse( "2010-09-30T21:13:37.911Z" ) , conditions.getNotOnOrAfter() ); + + AudienceRestrictionType audienceRestrictionType = (AudienceRestrictionType) conditions.getConditions().get(0); + assertEquals( 1, audienceRestrictionType.getAudience().size() ); + assertEquals( "http://services.testcorp.org/provider2", audienceRestrictionType.getAudience().get( 0 )); + + /*List<JAXBElement<?>> content = subject.getContent(); int size = content.size(); @@ -153,7 +174,7 @@ assertEquals( 1, audienceRestrictionType.getAudience().size() ); assertEquals( "http://services.testcorp.org/provider2", audienceRestrictionType.getAudience().get( 0 )); } - } + }*/ } @@ -174,18 +195,19 @@ //Issuer assertEquals( "https://idp.example.org/SAML2", assertion.getIssuer().getValue() ); - List<StatementAbstractType> statements = assertion.getStatementOrAuthnStatementOrAuthzDecisionStatement(); + Set<StatementAbstractType> statements = assertion.getStatements(); assertEquals( 2, statements.size() ); - AuthnStatementType authnStatement = (AuthnStatementType) statements.get(0); + Iterator<StatementAbstractType> iter = statements.iterator(); + AuthnStatementType authnStatement = (AuthnStatementType) iter.next(); assertEquals( XMLTimeUtil.parse( "2004-12-05T09:22:00Z" ), authnStatement.getAuthnInstant() ); assertEquals( "b07b804c-7c29-ea16-7300-4f3d6f7928ac", authnStatement.getSessionIndex() ); - AttributeStatementType attributeStatement = (AttributeStatementType) statements.get( 1 ); - List<Object> attributes = attributeStatement.getAttributeOrEncryptedAttribute(); + AttributeStatementType attributeStatement = (AttributeStatementType) iter.next(); + List<ASTChoiceType> attributes = attributeStatement.getAttributes(); assertEquals( 1, attributes.size() ); - AttributeType attribute = (AttributeType) attributes.get(0); + AttributeType attribute = attributes.get(0).getAttribute(); assertEquals( "eduPersonAffiliation", attribute.getFriendlyName() ); assertEquals( "urn:oid:1.3.6.1.4.1.5923.1.1.1.1", attribute.getName() ); assertEquals( "urn:oasis:names:tc:SAML:2.0:attrname-format:uri", attribute.getNameFormat() ); @@ -205,7 +227,29 @@ //Subject SubjectType subject = assertion.getSubject(); - List<JAXBElement<?>> content = subject.getContent(); + STSubType subType = subject.getSubType(); + NameIDType subjectNameID = (NameIDType) subType.getBaseID(); + assertEquals( "3f7b3dcf-1674-4ecd-92c8-1544f346baf8", subjectNameID.getValue() ); + assertEquals( "urn:oasis:names:tc:SAML:2.0:nameid-format:transient", subjectNameID.getFormat() ); + + SubjectConfirmationType subjectConfirmation = subject.getConfirmation().get(0 ); + assertEquals( "urn:oasis:names:tc:SAML:2.0:cm:bearer", subjectConfirmation.getMethod() ); + + SubjectConfirmationDataType subjectConfirmationData = subjectConfirmation.getSubjectConfirmationData(); + assertEquals( "ID_aaf23196-1773-2113-474a-fe114412ab72", subjectConfirmationData.getInResponseTo() ); + assertEquals( XMLTimeUtil.parse( "2004-12-05T09:27:05Z" ), subjectConfirmationData.getNotOnOrAfter() ); + assertEquals( "https://sp.example.com/SAML2/SSO/POST", subjectConfirmationData.getRecipient()); + + ConditionsType conditions = assertion.getConditions(); + assertEquals( XMLTimeUtil.parse( "2004-12-05T09:17:05Z" ) , conditions.getNotBefore() ); + assertEquals( XMLTimeUtil.parse( "2004-12-05T09:27:05Z" ) , conditions.getNotOnOrAfter() ); + + AudienceRestrictionType audienceRestrictionType = (AudienceRestrictionType) conditions.getConditions().get(0); + assertEquals( 1, audienceRestrictionType.getAudience().size() ); + assertEquals( "https://sp.example.com/SAML2", audienceRestrictionType.getAudience().get( 0 )); + + + /*List<JAXBElement<?>> content = subject.getContent(); int size = content.size(); assertEquals( 2, size ); @@ -246,7 +290,7 @@ assertEquals( XMLTimeUtil.parse( "2004-12-05T09:27:05Z" ), subjectConfirmationData.getNotOnOrAfter() ); assertEquals( "https://sp.example.com/SAML2/SSO/POST", subjectConfirmationData.getRecipient()); } - } + } */ ByteArrayOutputStream baos = new ByteArrayOutputStream(); SAMLAssertionWriter writer = new SAMLAssertionWriter(StaxUtil.getXMLStreamWriter(baos)); Modified: federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/saml/SAMLAuthnRequestParserTestCase.java =================================================================== --- federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/saml/SAMLAuthnRequestParserTestCase.java 2010-11-30 16:03:56 UTC (rev 568) +++ federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/saml/SAMLAuthnRequestParserTestCase.java 2010-11-30 16:06:20 UTC (rev 569) @@ -33,9 +33,9 @@ import org.picketlink.identity.federation.core.saml.v2.util.DocumentUtil; import org.picketlink.identity.federation.core.saml.v2.util.XMLTimeUtil; import org.picketlink.identity.federation.core.saml.v2.writers.SAMLRequestWriter; -import org.picketlink.identity.federation.core.util.StaxUtil; -import org.picketlink.identity.federation.saml.v2.protocol.AuthnRequestType; -import org.picketlink.identity.federation.saml.v2.protocol.NameIDPolicyType; +import org.picketlink.identity.federation.core.util.StaxUtil; +import org.picketlink.identity.federation.newmodel.saml.v2.protocol.AuthnRequestType; +import org.picketlink.identity.federation.newmodel.saml.v2.protocol.NameIDPolicyType; /** * Validate the SAML2 AuthnRequest parse Modified: federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/saml/SAMLResponseParserTestCase.java =================================================================== --- federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/saml/SAMLResponseParserTestCase.java 2010-11-30 16:03:56 UTC (rev 568) +++ federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/saml/SAMLResponseParserTestCase.java 2010-11-30 16:06:20 UTC (rev 569) @@ -27,6 +27,7 @@ import java.io.ByteArrayInputStream; import java.io.ByteArrayOutputStream; import java.io.InputStream; +import java.util.Iterator; import java.util.List; import javax.xml.bind.JAXBElement; @@ -36,17 +37,20 @@ import org.picketlink.identity.federation.core.saml.v2.util.DocumentUtil; import org.picketlink.identity.federation.core.saml.v2.util.XMLTimeUtil; import org.picketlink.identity.federation.core.saml.v2.writers.SAMLResponseWriter; -import org.picketlink.identity.federation.core.util.StaxUtil; -import org.picketlink.identity.federation.saml.v2.assertion.AssertionType; -import org.picketlink.identity.federation.saml.v2.assertion.AttributeStatementType; -import org.picketlink.identity.federation.saml.v2.assertion.AttributeType; -import org.picketlink.identity.federation.saml.v2.assertion.AuthnStatementType; -import org.picketlink.identity.federation.saml.v2.assertion.NameIDType; -import org.picketlink.identity.federation.saml.v2.assertion.SubjectConfirmationDataType; -import org.picketlink.identity.federation.saml.v2.assertion.SubjectConfirmationType; -import org.picketlink.identity.federation.saml.v2.assertion.SubjectType; -import org.picketlink.identity.federation.saml.v2.protocol.ResponseType; -import org.picketlink.identity.federation.saml.v2.protocol.StatusType; +import org.picketlink.identity.federation.core.util.StaxUtil; +import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AssertionType; +import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AttributeStatementType; +import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AttributeType; +import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AuthnContextDeclRefType; +import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AuthnContextType; +import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AuthnStatementType; +import org.picketlink.identity.federation.newmodel.saml.v2.assertion.NameIDType; +import org.picketlink.identity.federation.newmodel.saml.v2.assertion.StatementAbstractType; +import org.picketlink.identity.federation.newmodel.saml.v2.assertion.SubjectConfirmationDataType; +import org.picketlink.identity.federation.newmodel.saml.v2.assertion.SubjectConfirmationType; +import org.picketlink.identity.federation.newmodel.saml.v2.assertion.SubjectType; +import org.picketlink.identity.federation.newmodel.saml.v2.protocol.*; +import org.picketlink.identity.federation.newmodel.saml.v2.protocol.ResponseType.RTChoiceType; /** * Validate the parsing of SAML2 Response @@ -76,31 +80,43 @@ StatusType status = response.getStatus(); assertEquals( "urn:oasis:names:tc:SAML:2.0:status:Success", status.getStatusCode().getValue() ); - List<Object> assertionList = response.getAssertionOrEncryptedAssertion(); + List<RTChoiceType> assertionList = response.getAssertions(); assertEquals( 2, assertionList.size() ); - AssertionType assertion1 = (AssertionType) assertionList.get( 0 ); + AssertionType assertion1 = assertionList.get( 0 ).getAssertion(); assertEquals( "ID_0be488d8-7089-4892-8aeb-83594c800706", assertion1.getID() ); assertEquals( XMLTimeUtil.parse( "2009-05-26T14:06:26.362-05:00" ), assertion1.getIssueInstant() ); assertEquals( "2.0", assertion1.getVersion() ); - assertEquals( "testIssuer", assertion1.getIssuer().getValue() ); - AuthnStatementType authnStatement = (AuthnStatementType) assertion1.getStatementOrAuthnStatementOrAuthzDecisionStatement().get( 0 ); + assertEquals( "testIssuer", assertion1.getIssuer().getValue() ) ; + + Iterator<StatementAbstractType> iterator = assertion1.getStatements().iterator(); + + AuthnStatementType authnStatement = (AuthnStatementType) iterator.next(); assertEquals( XMLTimeUtil.parse( "2009-05-26T14:06:26.359-05:00" ), authnStatement.getAuthnInstant() ); + + + AuthnContextType authnContext = authnStatement.getAuthnContext(); + + AuthnContextDeclRefType refType = (AuthnContextDeclRefType) authnContext.getURIType().iterator().next(); + assertEquals( "urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport", refType.getValue().toASCIIString() ); + /* JAXBElement<?> authnContextDeclRefJaxb = (JAXBElement<?>) authnStatement.getAuthnContext().getContent().get(0); - assertEquals( "urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport", authnContextDeclRefJaxb.getValue() ); + assertEquals( "urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport", authnContextDeclRefJaxb.getValue() );*/ - AssertionType assertion2 = (AssertionType) assertionList.get( 1 ); + AssertionType assertion2 = (AssertionType) assertionList.get( 1 ).getAssertion(); assertEquals( "ID_976d8310-658a-450d-be39-f33c73c8afa6", assertion2.getID() ); assertEquals( XMLTimeUtil.parse( "2009-05-26T14:06:26.363-05:00" ), assertion2.getIssueInstant() ); assertEquals( "2.0", assertion2.getVersion() ); assertEquals( "testIssuer", assertion2.getIssuer().getValue() ); - authnStatement = (AuthnStatementType) assertion2.getStatementOrAuthnStatementOrAuthzDecisionStatement().get( 0 ); + authnStatement = (AuthnStatementType) assertion2.getStatements().iterator().next(); assertEquals( XMLTimeUtil.parse( "2009-05-26T14:06:26.359-05:00" ), authnStatement.getAuthnInstant() ); - authnContextDeclRefJaxb = (JAXBElement<?>) authnStatement.getAuthnContext().getContent().get(0); - assertEquals( "urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport", authnContextDeclRefJaxb.getValue() ); + authnContext = authnStatement.getAuthnContext(); + refType = (AuthnContextDeclRefType) authnContext.getURIType().iterator().next(); + assertEquals( "urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport", refType.getValue().toASCIIString() ); + //Let us do some writing - currently only visual inspection. We will do proper validation later. ByteArrayOutputStream baos = new ByteArrayOutputStream(); SAMLResponseWriter writer = new SAMLResponseWriter(StaxUtil.getXMLStreamWriter(baos)); @@ -136,7 +152,7 @@ assertEquals( "urn:oasis:names:tc:SAML:2.0:status:Success", status.getStatusCode().getValue() ); //Get the assertion - AssertionType assertion = (AssertionType) response.getAssertionOrEncryptedAssertion().get(0); + AssertionType assertion = (AssertionType) response.getAssertions().get(0).getAssertion(); assertEquals( "ID_8be1534d-9155-4837-9f26-70ea2c15e327", assertion.getID() ); assertEquals( XMLTimeUtil.parse( "2010-11-04T00:19:16.842-05:00" ), assertion.getIssueInstant() ); assertEquals( "2.0", assertion.getVersion() ); @@ -145,8 +161,42 @@ //Subject SubjectType subject = assertion.getSubject(); - List<JAXBElement<?>> content = subject.getContent(); + NameIDType subjectNameID = (NameIDType) subject.getSubType().getBaseID(); + assertEquals( "anil", subjectNameID.getValue() ); + assertEquals( "urn:oasis:names:tc:SAML:2.0:nameid-format:persistent", subjectNameID.getFormat() ); + + SubjectConfirmationType subjectConfirmation = subject.getConfirmation().get(0); + + assertEquals( "urn:oasis:names:tc:SAML:2.0:cm:bearer", subjectConfirmation.getMethod() ); + + SubjectConfirmationDataType subjectConfirmationData = subjectConfirmation.getSubjectConfirmationData(); + assertEquals( "ID_04ded476-d73c-48af-b3a9-232a52905ffb", subjectConfirmationData.getInResponseTo() ); + assertEquals( XMLTimeUtil.parse( "2010-11-04T00:19:16.842-05:00" ), subjectConfirmationData.getNotBefore() ); + assertEquals( XMLTimeUtil.parse( "2010-11-04T00:19:16.842-05:00" ), subjectConfirmationData.getNotOnOrAfter() ); + assertEquals( "http://localhost:8080/employee/", subjectConfirmationData.getRecipient()); + + AttributeStatementType attributeStatement = (AttributeStatementType) assertion.getStatements().iterator().next(); + + List<org.picketlink.identity.federation.newmodel.saml.v2.assertion.AttributeStatementType.ASTChoiceType> attributes = attributeStatement.getAttributes(); + assertEquals( 2, attributes.size() ); + + for( org.picketlink.identity.federation.newmodel.saml.v2.assertion.AttributeStatementType.ASTChoiceType attr: attributes ) + { + AttributeType attribute = attr.getAttribute(); + assertEquals( "role", attribute.getFriendlyName() ); + assertEquals( "role", attribute.getName() ); + assertEquals( "role", attribute.getNameFormat() ); + List<Object> attributeValues = attribute.getAttributeValue(); + assertEquals( 1, attributeValues.size() ); + + String str = (String ) attributeValues.get( 0 ); + if( ! ( str.equals( "employee") || str.equals( "manager" ))) + throw new RuntimeException( "attrib value not found" ); + } + + /*List<JAXBElement<?>> content = subject.getContent(); + int size = content.size(); for( int i = 0 ; i < size; i++ ) @@ -196,6 +246,6 @@ } else throw new RuntimeException( "unknown" ); - } + } */ } } \ No newline at end of file Modified: federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/saml/SAMLSloRequestParserTestCase.java =================================================================== --- federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/saml/SAMLSloRequestParserTestCase.java 2010-11-30 16:03:56 UTC (rev 568) +++ federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/saml/SAMLSloRequestParserTestCase.java 2010-11-30 16:06:20 UTC (rev 569) @@ -33,8 +33,8 @@ import org.picketlink.identity.federation.core.saml.v2.util.DocumentUtil; import org.picketlink.identity.federation.core.saml.v2.util.XMLTimeUtil; import org.picketlink.identity.federation.core.saml.v2.writers.SAMLRequestWriter; -import org.picketlink.identity.federation.core.util.StaxUtil; -import org.picketlink.identity.federation.saml.v2.protocol.LogoutRequestType; +import org.picketlink.identity.federation.core.util.StaxUtil; +import org.picketlink.identity.federation.newmodel.saml.v2.protocol.LogoutRequestType; /** * Validate the parsing of SLO (log out) Request Modified: federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/saml/SAMLSloResponseParserTestCase.java =================================================================== --- federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/saml/SAMLSloResponseParserTestCase.java 2010-11-30 16:03:56 UTC (rev 568) +++ federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/saml/SAMLSloResponseParserTestCase.java 2010-11-30 16:06:20 UTC (rev 569) @@ -37,10 +37,9 @@ import org.picketlink.identity.federation.core.saml.v2.util.DocumentUtil; import org.picketlink.identity.federation.core.saml.v2.util.XMLTimeUtil; import org.picketlink.identity.federation.core.saml.v2.writers.SAMLResponseWriter; -import org.picketlink.identity.federation.core.util.StaxUtil; -import org.picketlink.identity.federation.saml.v2.protocol.StatusResponseType; -import org.picketlink.identity.federation.saml.v2.protocol.StatusType; - +import org.picketlink.identity.federation.core.util.StaxUtil; +import org.picketlink.identity.federation.newmodel.saml.v2.protocol.StatusResponseType; +import org.picketlink.identity.federation.newmodel.saml.v2.protocol.StatusType; /** * Validate the parsing of SLO Response * @author Anil.Saldhana(a)redhat.com Modified: federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/wst/WSTResponseAssertionHOKCertificateTestCase.java =================================================================== --- federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/wst/WSTResponseAssertionHOKCertificateTestCase.java 2010-11-30 16:03:56 UTC (rev 568) +++ federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/wst/WSTResponseAssertionHOKCertificateTestCase.java 2010-11-30 16:06:20 UTC (rev 569) @@ -35,8 +35,8 @@ import org.picketlink.identity.federation.core.wstrust.WSTrustConstants; import org.picketlink.identity.federation.core.wstrust.plugins.saml.SAMLUtil; import org.picketlink.identity.federation.core.wstrust.wrappers.RequestSecurityTokenResponse; -import org.picketlink.identity.federation.core.wstrust.wrappers.RequestSecurityTokenResponseCollection; -import org.picketlink.identity.federation.saml.v2.assertion.AssertionType; +import org.picketlink.identity.federation.core.wstrust.wrappers.RequestSecurityTokenResponseCollection; +import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AssertionType; import org.picketlink.identity.federation.ws.addressing.EndpointReferenceType; import org.picketlink.identity.federation.ws.trust.RequestedReferenceType; import org.picketlink.identity.federation.ws.wss.secext.KeyIdentifierType; Modified: federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/saml/v2/X500AttributeUnitTestCase.java =================================================================== --- federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/saml/v2/X500AttributeUnitTestCase.java 2010-11-30 16:03:56 UTC (rev 568) +++ federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/saml/v2/X500AttributeUnitTestCase.java 2010-11-30 16:06:20 UTC (rev 569) @@ -25,24 +25,22 @@ import java.util.HashMap; import java.util.Map; -import javax.xml.bind.JAXBElement; -import javax.xml.bind.Marshaller; - import junit.framework.TestCase; import org.picketlink.identity.federation.core.constants.AttributeConstants; import org.picketlink.identity.federation.core.saml.v2.common.IDGenerator; import org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLURIConstants; import org.picketlink.identity.federation.core.saml.v2.factories.JBossSAMLAuthnResponseFactory; -import org.picketlink.identity.federation.core.saml.v2.factories.SAMLProtocolFactory; import org.picketlink.identity.federation.core.saml.v2.holders.IDPInfoHolder; import org.picketlink.identity.federation.core.saml.v2.holders.IssuerInfoHolder; import org.picketlink.identity.federation.core.saml.v2.holders.SPInfoHolder; import org.picketlink.identity.federation.core.saml.v2.util.DocumentUtil; import org.picketlink.identity.federation.core.saml.v2.util.StatementUtil; -import org.picketlink.identity.federation.saml.v2.assertion.AssertionType; -import org.picketlink.identity.federation.saml.v2.assertion.AttributeStatementType; -import org.picketlink.identity.federation.saml.v2.protocol.ResponseType; +import org.picketlink.identity.federation.core.saml.v2.writers.SAMLResponseWriter; +import org.picketlink.identity.federation.core.util.StaxUtil; +import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AssertionType; +import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AttributeStatementType; +import org.picketlink.identity.federation.newmodel.saml.v2.protocol.ResponseType; import org.w3c.dom.Document; import org.w3c.dom.Element; import org.w3c.dom.Node; @@ -73,15 +71,18 @@ new SPInfoHolder(), idp, issuerHolder); assertNotNull(rt); - AssertionType assertion = (AssertionType) rt.getAssertionOrEncryptedAssertion().get(0); - assertion.getStatementOrAuthnStatementOrAuthzDecisionStatement().add(attrStat); + AssertionType assertion = (AssertionType) rt.getAssertions().get(0).getAssertion(); + assertion.addStatement( attrStat ); ByteArrayOutputStream baos = new ByteArrayOutputStream(); - Marshaller marshaller = JBossSAMLAuthnResponseFactory.getValidatingMarshaller(false); + SAMLResponseWriter writer = new SAMLResponseWriter( StaxUtil.getXMLStreamWriter(baos) ); + writer.write(rt); + + /*Marshaller marshaller = JBossSAMLAuthnResponseFactory.getValidatingMarshaller(false); JAXBElement<ResponseType> jaxb = SAMLProtocolFactory.getObjectFactory().createResponse(rt); marshaller.marshal(jaxb, baos); - //marshaller.marshal(jaxb, System.out); + *///marshaller.marshal(jaxb, System.out); Document samlDom = DocumentUtil.getDocument(new String(baos.toByteArray())); NodeList nl = samlDom.getElementsByTagName("Attribute"); Modified: federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/saml/v2/util/AssertionUtilUnitTestCase.java =================================================================== --- federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/saml/v2/util/AssertionUtilUnitTestCase.java 2010-11-30 16:03:56 UTC (rev 568) +++ federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/saml/v2/util/AssertionUtilUnitTestCase.java 2010-11-30 16:06:20 UTC (rev 569) @@ -26,32 +26,26 @@ import junit.framework.TestCase; import org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLConstants; -import org.picketlink.identity.federation.core.saml.v2.factories.SAMLAssertionFactory; import org.picketlink.identity.federation.core.saml.v2.util.AssertionUtil; import org.picketlink.identity.federation.core.saml.v2.util.XMLTimeUtil; -import org.picketlink.identity.federation.saml.v2.assertion.AssertionType; -import org.picketlink.identity.federation.saml.v2.assertion.ConditionsType; -import org.picketlink.identity.federation.saml.v2.assertion.NameIDType; -import org.picketlink.identity.federation.saml.v2.assertion.ObjectFactory; +import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AssertionType; +import org.picketlink.identity.federation.newmodel.saml.v2.assertion.ConditionsType; +import org.picketlink.identity.federation.newmodel.saml.v2.assertion.NameIDType; - /** * Unit test the AssertionUtil * @author Anil.Saldhana(a)redhat.com * @since Jun 3, 2009 */ public class AssertionUtilUnitTestCase extends TestCase -{ - private ObjectFactory of = SAMLAssertionFactory.getObjectFactory(); +{ public void testValidAssertion() throws Exception { - NameIDType nameIdType = of.createNameIDType(); + NameIDType nameIdType = new NameIDType(); nameIdType.setValue("somename"); - AssertionType assertion = of.createAssertionType(); - assertion.setID("SomeID"); - assertion.setVersion(JBossSAMLConstants.VERSION_2_0.get()); + AssertionType assertion = new AssertionType( "SomeID", XMLTimeUtil.getIssueInstant(), JBossSAMLConstants.VERSION_2_0.get() ); assertion.setIssuer(nameIdType); //Assertions with no conditions are everlasting @@ -61,7 +55,7 @@ XMLGregorianCalendar sometimeLater = XMLTimeUtil.add(now, 5555); - ConditionsType conditions = of.createConditionsType(); + ConditionsType conditions = new ConditionsType(); conditions.setNotBefore(now); conditions.setNotOnOrAfter(sometimeLater); assertion.setConditions(conditions); @@ -71,19 +65,17 @@ public void testExpiredAssertion() throws Exception { - NameIDType nameIdType = of.createNameIDType(); + NameIDType nameIdType = new NameIDType(); nameIdType.setValue("somename"); - AssertionType assertion = of.createAssertionType(); - assertion.setID("SomeID"); - assertion.setVersion(JBossSAMLConstants.VERSION_2_0.get()); + AssertionType assertion = new AssertionType( "SomeID", XMLTimeUtil.getIssueInstant(), JBossSAMLConstants.VERSION_2_0.get()); assertion.setIssuer(nameIdType); XMLGregorianCalendar now = XMLTimeUtil.getIssueInstant(); XMLGregorianCalendar sometimeAgo = XMLTimeUtil.subtract(now, 55555); - ConditionsType conditions = of.createConditionsType(); + ConditionsType conditions = new ConditionsType(); conditions.setNotBefore(XMLTimeUtil.subtract(now,55575)); conditions.setNotOnOrAfter(sometimeAgo); assertion.setConditions(conditions); Modified: federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/wstrust/PicketLinkSTSUnitTestCase.java =================================================================== --- federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/wstrust/PicketLinkSTSUnitTestCase.java 2010-11-30 16:03:56 UTC (rev 568) +++ federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/wstrust/PicketLinkSTSUnitTestCase.java 2010-11-30 16:06:20 UTC (rev 569) @@ -69,17 +69,14 @@ import org.picketlink.identity.federation.core.wstrust.wrappers.RequestSecurityTokenResponse; import org.picketlink.identity.federation.core.wstrust.wrappers.RequestSecurityTokenResponseCollection; import org.picketlink.identity.federation.core.wstrust.writers.WSTrustRequestWriter; -import org.picketlink.identity.federation.saml.v2.assertion.AssertionType; -import org.picketlink.identity.federation.saml.v2.assertion.AudienceRestrictionType; -import org.picketlink.identity.federation.saml.v2.assertion.ConditionAbstractType; -import org.picketlink.identity.federation.saml.v2.assertion.ConditionsType; -import org.picketlink.identity.federation.saml.v2.assertion.NameIDType; -import org.picketlink.identity.federation.saml.v2.assertion.SubjectConfirmationDataType; -import org.picketlink.identity.federation.saml.v2.assertion.SubjectConfirmationType; -import org.picketlink.identity.federation.ws.addressing.AttributedURIType; -import org.picketlink.identity.federation.ws.addressing.EndpointReferenceType; -import org.picketlink.identity.federation.ws.addressing.ObjectFactory; -import org.picketlink.identity.federation.ws.policy.AppliesTo; +import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AssertionType; +import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AudienceRestrictionType; +import org.picketlink.identity.federation.newmodel.saml.v2.assertion.ConditionAbstractType; +import org.picketlink.identity.federation.newmodel.saml.v2.assertion.ConditionsType; +import org.picketlink.identity.federation.newmodel.saml.v2.assertion.NameIDType; +import org.picketlink.identity.federation.newmodel.saml.v2.assertion.SubjectConfirmationDataType; +import org.picketlink.identity.federation.newmodel.saml.v2.assertion.SubjectConfirmationType; +import org.picketlink.identity.federation.newmodel.saml.v2.assertion.SubjectType; import org.picketlink.identity.federation.ws.trust.BinarySecretType; import org.picketlink.identity.federation.ws.trust.CancelTargetType; import org.picketlink.identity.federation.ws.trust.ComputedKeyType; @@ -367,9 +364,8 @@ // in this scenario, the conditions section should have an audience restriction. ConditionsType conditions = assertion.getConditions(); - assertEquals("Unexpected restriction list size", 1, conditions.getConditionOrAudienceRestrictionOrOneTimeUse() - .size()); - ConditionAbstractType abstractType = conditions.getConditionOrAudienceRestrictionOrOneTimeUse().get(0); + assertEquals("Unexpected restriction list size", 1, conditions.getConditions().size()); + ConditionAbstractType abstractType = conditions.getConditions().get(0); assertTrue("Unexpected restriction type", abstractType instanceof AudienceRestrictionType); AudienceRestrictionType audienceRestriction = (AudienceRestrictionType) abstractType; assertEquals("Unexpected audience restriction list size", 1, audienceRestriction.getAudience().size()); @@ -415,8 +411,7 @@ * * @throws Exception * if an error occurs while running the test. - */ - @SuppressWarnings("rawtypes") + */ public void testInvokeSAML20WithSTSGeneratedSymmetricKey() throws Exception { // create a simple token request, asking for a SAMLv2.0 token. @@ -436,8 +431,7 @@ AssertionType assertion = this.validateSAMLAssertionResponse(baseResponse, "testcontext", "jduke", SAMLUtil.SAML2_HOLDER_OF_KEY_URI); // validate the holder of key contents. - SubjectConfirmationType subjConfirmation = (SubjectConfirmationType) assertion.getSubject().getContent().get(1) - .getValue(); + SubjectConfirmationType subjConfirmation = (SubjectConfirmationType) assertion.getSubject().getConfirmation().get(1); this.validateHolderOfKeyContents(subjConfirmation, WSTrustConstants.KEY_TYPE_SYMMETRIC, null, false); // check if the response contains the STS-generated key. @@ -463,8 +457,7 @@ * * @throws Exception * if an error occurs while running the test. - */ - @SuppressWarnings("rawtypes") + */ public void testInvokeSAML20WithCombinedSymmetricKey() throws Exception { // create a 64-bit random client secret. @@ -494,8 +487,7 @@ AssertionType assertion = this.validateSAMLAssertionResponse(baseResponse, "testcontext", "jduke", SAMLUtil.SAML2_HOLDER_OF_KEY_URI); // validate the holder of key contents. - SubjectConfirmationType subjConfirmation = (SubjectConfirmationType) assertion.getSubject().getContent().get(1) - .getValue(); + SubjectConfirmationType subjConfirmation = (SubjectConfirmationType) assertion.getSubject().getConfirmation().get(1) ; this.validateHolderOfKeyContents(subjConfirmation, WSTrustConstants.KEY_TYPE_SYMMETRIC, null, false); RequestSecurityTokenResponseCollection collection = (RequestSecurityTokenResponseCollection) baseResponse; @@ -549,8 +541,7 @@ AssertionType assertion = this.validateSAMLAssertionResponse(baseResponse, "testcontext", "jduke", SAMLUtil.SAML2_HOLDER_OF_KEY_URI); // validate the holder of key contents. - SubjectConfirmationType subjConfirmation = (SubjectConfirmationType) assertion.getSubject().getContent().get(1) - .getValue(); + SubjectConfirmationType subjConfirmation = (SubjectConfirmationType) assertion.getSubject().getConfirmation().get(1); this.validateHolderOfKeyContents(subjConfirmation, WSTrustConstants.KEY_TYPE_PUBLIC, certificate, false); } @@ -587,8 +578,7 @@ AssertionType assertion = this.validateSAMLAssertionResponse(baseResponse, "testcontext", "jduke", SAMLUtil.SAML2_HOLDER_OF_KEY_URI); // validate the holder of key contents. - SubjectConfirmationType subjConfirmation = (SubjectConfirmationType) assertion.getSubject().getContent().get(1) - .getValue(); + SubjectConfirmationType subjConfirmation = (SubjectConfirmationType) assertion.getSubject().getConfirmation().get(1) ; this.validateHolderOfKeyContents(subjConfirmation, WSTrustConstants.KEY_TYPE_PUBLIC, certificate, true); } @@ -1175,15 +1165,13 @@ // validate the assertion subject. assertNotNull("Unexpected null subject", assertion.getSubject()); - List<JAXBElement<?>> content = assertion.getSubject().getContent(); - assertNotNull("Unexpected null subject content"); - assertEquals(2, content.size()); - assertEquals("Unexpected type found", NameIDType.class, content.get(0).getDeclaredType()); - NameIDType nameID = (NameIDType) content.get(0).getValue(); + SubjectType subject = assertion.getSubject(); + + NameIDType nameID = (NameIDType) subject.getSubType().getBaseID(); assertEquals("Unexpected name id qualifier", "urn:picketlink:identity-federation", nameID.getNameQualifier()); assertEquals("Unexpected name id value", principal, nameID.getValue()); - assertEquals("Unexpected type found", SubjectConfirmationType.class, content.get(1).getDeclaredType()); - SubjectConfirmationType subjType = (SubjectConfirmationType) content.get(1).getValue(); + + SubjectConfirmationType subjType = (SubjectConfirmationType) subject.getConfirmation().get(1); assertEquals("Unexpected confirmation method", confirmationMethod, subjType.getMethod()); // validate the assertion conditions. @@ -1219,11 +1207,7 @@ { SubjectConfirmationDataType subjConfirmationDataType = subjectConfirmation.getSubjectConfirmationData(); assertNotNull("Unexpected null subject confirmation data", subjConfirmationDataType); - List<Object> confirmationContent = subjConfirmationDataType.getContent(); - assertEquals("Unexpected subject confirmation content size", 1, confirmationContent.size()); - JAXBElement<?> keyInfoElement = (JAXBElement<?>) confirmationContent.get(0); - assertEquals("Unexpected subject confirmation context type", KeyInfoType.class, keyInfoElement.getDeclaredType()); - KeyInfoType keyInfo = (KeyInfoType) keyInfoElement.getValue(); + KeyInfoType keyInfo = (KeyInfoType)subjConfirmationDataType.getAnyType(); assertEquals("Unexpected key info content size", 1, keyInfo.getContent().size()); // if the key is a symmetric key, the KeyInfo should contain an encrypted element. Modified: federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/wstrust/SAML20TokenProviderUnitTestCase.java =================================================================== --- federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/wstrust/SAML20TokenProviderUnitTestCase.java 2010-11-30 16:03:56 UTC (rev 568) +++ federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/wstrust/SAML20TokenProviderUnitTestCase.java 2010-11-30 16:06:20 UTC (rev 569) @@ -50,13 +50,9 @@ import org.picketlink.identity.federation.core.wstrust.plugins.saml.SAMLUtil; import org.picketlink.identity.federation.core.wstrust.wrappers.Lifetime; import org.picketlink.identity.federation.core.wstrust.wrappers.RequestSecurityToken; -import org.picketlink.identity.federation.core.wstrust.writers.WSTrustRequestWriter; -import org.picketlink.identity.federation.saml.v2.assertion.AssertionType; -import org.picketlink.identity.federation.saml.v2.assertion.AudienceRestrictionType; -import org.picketlink.identity.federation.saml.v2.assertion.ConditionsType; -import org.picketlink.identity.federation.saml.v2.assertion.NameIDType; -import org.picketlink.identity.federation.saml.v2.assertion.SubjectConfirmationType; -import org.picketlink.identity.federation.saml.v2.assertion.SubjectType; +import org.picketlink.identity.federation.core.wstrust.writers.WSTrustRequestWriter; +import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AssertionType; +import org.picketlink.identity.federation.newmodel.saml.v2.assertion.ConditionsType; import org.picketlink.identity.federation.ws.trust.RequestedReferenceType; import org.picketlink.identity.federation.ws.trust.StatusType; import org.picketlink.identity.federation.ws.trust.ValidateTargetType; @@ -97,7 +93,9 @@ */ public void testIssueSAMLV20Token() throws Exception { - // create a WSTrustRequestContext with a simple WS-Trust request. + fail( "Work on this"); + + /*// create a WSTrustRequestContext with a simple WS-Trust request. RequestSecurityToken request = new RequestSecurityToken(); request.setLifetime(WSTrustUtil.createDefaultLifetime(3600000)); request.setAppliesTo(WSTrustUtil.createAppliesTo("http://services.testcorp.org/provider2")); @@ -163,7 +161,7 @@ KeyIdentifierType keyId = (KeyIdentifierType) securityRef.getAny().get(0); assertEquals("Unexpected key value type", SAMLUtil.SAML2_VALUE_TYPE, keyId.getValueType()); assertNotNull("Unexpected null key identifier value", keyId.getValue()); - assertEquals(assertion.getID(), keyId.getValue().substring(1)); + assertEquals(assertion.getID(), keyId.getValue().substring(1));*/ } /** @@ -176,7 +174,8 @@ */ public void testIssueSAMLV20HolderOfKeyToken() throws Exception { - // create a WSTrustRequestContext with a simple WS-Trust request. + fail( "work" ); + /*// create a WSTrustRequestContext with a simple WS-Trust request. RequestSecurityToken request = new RequestSecurityToken(); request.setLifetime(WSTrustUtil.createDefaultLifetime(3600000)); request.setAppliesTo(WSTrustUtil.createAppliesTo("http://services.testcorp.org/provider2")); @@ -254,7 +253,7 @@ assertEquals("Unexpected X509 data content type", byte[].class, x509CertElement.getDeclaredType()); // certificate should have been encoded to Base64, so we need to decode it first. byte[] encodedCert = (byte[]) x509CertElement.getValue(); - assertTrue("Invalid encoded certificate found", Arrays.equals(certificate.getEncoded(), encodedCert)); + assertTrue("Invalid encoded certificate found", Arrays.equals(certificate.getEncoded(), encodedCert));*/ } /**

14 years

1
0
0 / 0

Picketlink SVN: r568 - in federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/newmodel/saml/v2: assertion and 5 other directories.

by picketlink-commits＠lists.jboss.org

Author: anil.saldhana(a)jboss.com Date: 2010-11-30 11:03:56 -0500 (Tue, 30 Nov 2010) New Revision: 568 Added: federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/newmodel/saml/v2/profiles/ federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/newmodel/saml/v2/profiles/xacml/ federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/newmodel/saml/v2/profiles/xacml/assertion/ federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/newmodel/saml/v2/profiles/xacml/assertion/XACMLAuthzDecisionStatementType.java federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/newmodel/saml/v2/profiles/xacml/assertion/XACMLPolicyStatementType.java federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/newmodel/saml/v2/profiles/xacml/protocol/ federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/newmodel/saml/v2/profiles/xacml/protocol/XACMLAuthzDecisionQueryType.java federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/newmodel/saml/v2/profiles/xacml/protocol/XACMLPolicyQueryType.java Modified: federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/newmodel/saml/v2/assertion/AssertionType.java federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/newmodel/saml/v2/assertion/AttributeStatementType.java federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/newmodel/saml/v2/assertion/AuthzDecisionStatementType.java federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/newmodel/saml/v2/assertion/NameIDType.java federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/newmodel/saml/v2/assertion/SubjectType.java federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/newmodel/saml/v2/protocol/ResponseType.java Log: updated saml object model Modified: federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/newmodel/saml/v2/assertion/AssertionType.java =================================================================== --- federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/newmodel/saml/v2/assertion/AssertionType.java 2010-11-30 00:32:39 UTC (rev 567) +++ federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/newmodel/saml/v2/assertion/AssertionType.java 2010-11-30 16:03:56 UTC (rev 568) @@ -65,6 +65,8 @@ private AdviceType advice; private NameIDType issuer; + + private SubjectType subject; private ConditionsType conditions; @@ -82,6 +84,16 @@ return ID; } + public SubjectType getSubject() + { + return subject; + } + + public void setSubject(SubjectType subject) + { + this.subject = subject; + } + public XMLGregorianCalendar getIssueInstant() { return issueInstant; Modified: federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/newmodel/saml/v2/assertion/AttributeStatementType.java =================================================================== --- federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/newmodel/saml/v2/assertion/AttributeStatementType.java 2010-11-30 00:32:39 UTC (rev 567) +++ federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/newmodel/saml/v2/assertion/AttributeStatementType.java 2010-11-30 16:03:56 UTC (rev 568) @@ -51,9 +51,9 @@ public class AttributeStatementType extends StatementAbstractType { - protected List<ChoiceType> attributes = new ArrayList<ChoiceType>(); + protected List<ASTChoiceType> attributes = new ArrayList<ASTChoiceType>(); - public void addAttribute( ChoiceType attribute ) + public void addAttribute( ASTChoiceType attribute ) { attributes.add( attribute ); } @@ -61,22 +61,22 @@ /** * Gets the attributes. */ - public List<ChoiceType> getAttributes() + public List<ASTChoiceType> getAttributes() { return Collections.unmodifiableList( this.attributes ); } - public static class ChoiceType + public static class ASTChoiceType { private AttributeType attribute; private EncryptedElementType encryptedAssertion; - public ChoiceType(AttributeType attribute) + public ASTChoiceType(AttributeType attribute) { super(); this.attribute = attribute; } - public ChoiceType(EncryptedElementType encryptedAssertion) + public ASTChoiceType(EncryptedElementType encryptedAssertion) { super(); this.encryptedAssertion = encryptedAssertion; Modified: federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/newmodel/saml/v2/assertion/AuthzDecisionStatementType.java =================================================================== --- federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/newmodel/saml/v2/assertion/AuthzDecisionStatementType.java 2010-11-30 00:32:39 UTC (rev 567) +++ federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/newmodel/saml/v2/assertion/AuthzDecisionStatementType.java 2010-11-30 16:03:56 UTC (rev 568) @@ -22,6 +22,7 @@ package org.picketlink.identity.federation.newmodel.saml.v2.assertion; import java.util.ArrayList; +import java.util.Collections; import java.util.List; @@ -51,39 +52,23 @@ extends StatementAbstractType { - protected List<ActionType> action; + protected List<ActionType> action = new ArrayList<ActionType>(); protected EvidenceType evidence; protected String resource; protected DecisionType decision; /** - * Gets the value of the action property. - * - * - * This accessor method returns a reference to the live list, - * not a snapshot. Therefore any modification you make to the - * returned list will be present inside the JAXB object. - * This is why there is not a <CODE>set</CODE> method for the action property. - * - * - * For example, to add a new item, do as follows: - * <pre> - * getAction().add(newItem); - * </pre> - * - * - * - * Objects of the following type(s) are allowed in the list - * {@link ActionType } - * - * + * Gets the value of the action property. */ - public List<ActionType> getAction() { - if (action == null) { - action = new ArrayList<ActionType>(); - } - return this.action; + public List<ActionType> getAction() + { + return Collections.unmodifiableList( this.action ); } + + public void addAction( ActionType actionType ) + { + action.add(actionType); + } /** * Gets the value of the evidence property. Modified: federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/newmodel/saml/v2/assertion/NameIDType.java =================================================================== --- federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/newmodel/saml/v2/assertion/NameIDType.java 2010-11-30 00:32:39 UTC (rev 567) +++ federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/newmodel/saml/v2/assertion/NameIDType.java 2010-11-30 16:03:56 UTC (rev 568) @@ -47,10 +47,19 @@ </attributeGroup> */ + private String value; + private URI format; + private String sPProvidedID; - private URI format; - private String sPProvidedID; - + public String getValue() + { + return value; + } + public void setValue(String value) + { + this.value = value; + } + public String getsPProvidedID() { return sPProvidedID; Modified: federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/newmodel/saml/v2/assertion/SubjectType.java =================================================================== --- federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/newmodel/saml/v2/assertion/SubjectType.java 2010-11-30 00:32:39 UTC (rev 567) +++ federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/newmodel/saml/v2/assertion/SubjectType.java 2010-11-30 16:03:56 UTC (rev 568) @@ -58,14 +58,14 @@ { protected List<SubjectConfirmationType> subjectConfirmation = new ArrayList<SubjectConfirmationType>(); - protected SubType subType; + protected STSubType subType; - public SubType getSubType() + public STSubType getSubType() { return subType; } - public void setSubType(SubType subType) + public void setSubType(STSubType subType) { this.subType = subType; } @@ -85,9 +85,11 @@ subjectConfirmation.add( con ); } - public static class SubType + public static class STSubType { private BaseIDAbstractType baseID; + + private EncryptedElementType encryptedID; protected List<SubjectConfirmationType> subjectConfirmation = new ArrayList<SubjectConfirmationType>(); @@ -99,8 +101,18 @@ public BaseIDAbstractType getBaseID() { return baseID; + } + + public EncryptedElementType getEncryptedID() + { + return encryptedID; } + public void setEncryptedID(EncryptedElementType encryptedID) + { + this.encryptedID = encryptedID; + } + public void addConfirmation( SubjectConfirmationType con ) { subjectConfirmation.add( con ); Added: federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/newmodel/saml/v2/profiles/xacml/assertion/XACMLAuthzDecisionStatementType.java =================================================================== --- federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/newmodel/saml/v2/profiles/xacml/assertion/XACMLAuthzDecisionStatementType.java (rev 0) +++ federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/newmodel/saml/v2/profiles/xacml/assertion/XACMLAuthzDecisionStatementType.java 2010-11-30 16:03:56 UTC (rev 568) @@ -0,0 +1,102 @@ +/* + * JBoss, Home of Professional Open Source. + * Copyright 2008, Red Hat Middleware LLC, and individual contributors + * as indicated by the @author tags. See the copyright.txt file in the + * distribution for a full listing of individual contributors. + * + * This is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * This software is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this software; if not, write to the Free + * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA + * 02110-1301 USA, or see the FSF site: http://www.fsf.org. + */ +package org.picketlink.identity.federation.newmodel.saml.v2.profiles.xacml.assertion; + +import org.jboss.security.xacml.core.model.context.RequestType; +import org.jboss.security.xacml.core.model.context.ResponseType; +import org.picketlink.identity.federation.newmodel.saml.v2.assertion.StatementAbstractType; + + +/** + * Java class for XACMLAuthzDecisionStatementType complex type. + * + * The following schema fragment specifies the expected content contained within this class. + * + * <pre> + * <complexType name="XACMLAuthzDecisionStatementType"> + * <complexContent> + * <extension base="{urn:oasis:names:tc:SAML:2.0:assertion}StatementAbstractType"> + * <sequence> + * <element ref="{urn:oasis:names:tc:xacml:2.0:context:schema:os}Response"/> + * <element ref="{urn:oasis:names:tc:xacml:2.0:context:schema:os}Request" minOccurs="0"/> + * </sequence> + * </extension> + * </complexContent> + * </complexType> + * </pre> + * + * + */ +public class XACMLAuthzDecisionStatementType + extends StatementAbstractType +{ + protected ResponseType response; + protected RequestType request; + + /** + * Gets the value of the response property. + * + * @return + * possible object is + * {@link ResponseType } + * + */ + public ResponseType getResponse() { + return response; + } + + /** + * Sets the value of the response property. + * + * @param value + * allowed object is + * {@link ResponseType } + * + */ + public void setResponse(ResponseType value) { + this.response = value; + } + + /** + * Gets the value of the request property. + * + * @return + * possible object is + * {@link RequestType } + * + */ + public RequestType getRequest() { + return request; + } + + /** + * Sets the value of the request property. + * + * @param value + * allowed object is + * {@link RequestType } + * + */ + public void setRequest(RequestType value) { + this.request = value; + } +} \ No newline at end of file Added: federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/newmodel/saml/v2/profiles/xacml/assertion/XACMLPolicyStatementType.java =================================================================== --- federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/newmodel/saml/v2/profiles/xacml/assertion/XACMLPolicyStatementType.java (rev 0) +++ federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/newmodel/saml/v2/profiles/xacml/assertion/XACMLPolicyStatementType.java 2010-11-30 16:03:56 UTC (rev 568) @@ -0,0 +1,91 @@ +/* + * JBoss, Home of Professional Open Source. + * Copyright 2008, Red Hat Middleware LLC, and individual contributors + * as indicated by the @author tags. See the copyright.txt file in the + * distribution for a full listing of individual contributors. + * + * This is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * This software is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this software; if not, write to the Free + * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA + * 02110-1301 USA, or see the FSF site: http://www.fsf.org. + */ +package org.picketlink.identity.federation.newmodel.saml.v2.profiles.xacml.assertion; + +import java.util.ArrayList; +import java.util.List; + +import org.jboss.security.xacml.core.model.policy.PolicySetType; +import org.jboss.security.xacml.core.model.policy.PolicyType; +import org.picketlink.identity.federation.newmodel.saml.v2.assertion.StatementAbstractType; + +/** + * Java class for XACMLPolicyStatementType complex type. + * + * The following schema fragment specifies the expected content contained within this class. + * + * <pre> + * <complexType name="XACMLPolicyStatementType"> + * <complexContent> + * <extension base="{urn:oasis:names:tc:SAML:2.0:assertion}StatementAbstractType"> + * <choice maxOccurs="unbounded" minOccurs="0"> + * <element ref="{urn:oasis:names:tc:xacml:2.0:policy:schema:os}Policy"/> + * <element ref="{urn:oasis:names:tc:xacml:2.0:policy:schema:os}PolicySet"/> + * </choice> + * </extension> + * </complexContent> + * </complexType> + * </pre> + * + * + */ +public class XACMLPolicyStatementType + extends StatementAbstractType +{ + public static class ChoiceType + { + private PolicyType policy; + private PolicySetType policySet; + public PolicyType getPolicy() + { + return policy; + } + public void setPolicy(PolicyType policy) + { + this.policy = policy; + } + public PolicySetType getPolicySet() + { + return policySet; + } + public void setPolicySet(PolicySetType policySet) + { + this.policySet = policySet; + } + } + + protected List<ChoiceType> choiceTypeList = new ArrayList<ChoiceType>(); + + public void add(ChoiceType choice ) + { + choiceTypeList.add(choice); + } + + /** + * Gets the value of the choiceTypeList property. + */ + public List<ChoiceType> getChoiceType() + { + return choiceTypeList; + } + +} \ No newline at end of file Added: federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/newmodel/saml/v2/profiles/xacml/protocol/XACMLAuthzDecisionQueryType.java =================================================================== --- federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/newmodel/saml/v2/profiles/xacml/protocol/XACMLAuthzDecisionQueryType.java (rev 0) +++ federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/newmodel/saml/v2/profiles/xacml/protocol/XACMLAuthzDecisionQueryType.java 2010-11-30 16:03:56 UTC (rev 568) @@ -0,0 +1,136 @@ +/* + * JBoss, Home of Professional Open Source. + * Copyright 2008, Red Hat Middleware LLC, and individual contributors + * as indicated by the @author tags. See the copyright.txt file in the + * distribution for a full listing of individual contributors. + * + * This is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * This software is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this software; if not, write to the Free + * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA + * 02110-1301 USA, or see the FSF site: http://www.fsf.org. + */ +package org.picketlink.identity.federation.newmodel.saml.v2.profiles.xacml.protocol; + +import org.jboss.security.xacml.core.model.context.RequestType; +import org.picketlink.identity.federation.newmodel.saml.v2.protocol.RequestAbstractType; + + +/** + * Java class for XACMLAuthzDecisionQueryType complex type. + * + * The following schema fragment specifies the expected content contained within this class. + * + * <pre> + * <complexType name="XACMLAuthzDecisionQueryType"> + * <complexContent> + * <extension base="{urn:oasis:names:tc:SAML:2.0:protocol}RequestAbstractType"> + * <sequence> + * <element ref="{urn:oasis:names:tc:xacml:2.0:context:schema:os}Request"/> + * </sequence> + * <attribute name="InputContextOnly" type="{http://www.w3.org/2001/XMLSchema}boolean" default="false" /> + * <attribute name="ReturnContext" type="{http://www.w3.org/2001/XMLSchema}boolean" default="false" /> + * </extension> + * </complexContent> + * </complexType> + * </pre> + * + * + */ +public class XACMLAuthzDecisionQueryType + extends RequestAbstractType +{ + protected RequestType request; + protected Boolean inputContextOnly; + protected Boolean returnContext; + + /** + * Gets the value of the request property. + * + * @return + * possible object is + * {@link RequestType } + * + */ + public RequestType getRequest() { + return request; + } + + /** + * Sets the value of the request property. + * + * @param value + * allowed object is + * {@link RequestType } + * + */ + public void setRequest(RequestType value) { + this.request = value; + } + + /** + * Gets the value of the inputContextOnly property. + * + * @return + * possible object is + * {@link Boolean } + * + */ + public boolean isInputContextOnly() { + if (inputContextOnly == null) { + return false; + } else { + return inputContextOnly; + } + } + + /** + * Sets the value of the inputContextOnly property. + * + * @param value + * allowed object is + * {@link Boolean } + * + */ + public void setInputContextOnly(Boolean value) { + this.inputContextOnly = value; + } + + /** + * Gets the value of the returnContext property. + * + * @return + * possible object is + * {@link Boolean } + * + */ + public boolean isReturnContext() { + if (returnContext == null) { + return false; + } else { + return returnContext; + } + } + + /** + * Sets the value of the returnContext property. + * + * @param value + * allowed object is + * {@link Boolean } + * + */ + public void setReturnContext(Boolean value) { + this.returnContext = value; + } + +} \ No newline at end of file Added: federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/newmodel/saml/v2/profiles/xacml/protocol/XACMLPolicyQueryType.java =================================================================== --- federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/newmodel/saml/v2/profiles/xacml/protocol/XACMLPolicyQueryType.java (rev 0) +++ federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/newmodel/saml/v2/profiles/xacml/protocol/XACMLPolicyQueryType.java 2010-11-30 16:03:56 UTC (rev 568) @@ -0,0 +1,108 @@ +/* + * JBoss, Home of Professional Open Source. + * Copyright 2008, Red Hat Middleware LLC, and individual contributors + * as indicated by the @author tags. See the copyright.txt file in the + * distribution for a full listing of individual contributors. + * + * This is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * This software is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this software; if not, write to the Free + * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA + * 02110-1301 USA, or see the FSF site: http://www.fsf.org. + */ +package org.picketlink.identity.federation.newmodel.saml.v2.profiles.xacml.protocol; + +import org.jboss.security.xacml.core.model.context.RequestType; +import org.jboss.security.xacml.core.model.policy.IdReferenceType; +import org.jboss.security.xacml.core.model.policy.TargetType; +import org.picketlink.identity.federation.newmodel.saml.v2.protocol.RequestAbstractType; + + +/** + * Java class for XACMLPolicyQueryType complex type. + * + * The following schema fragment specifies the expected content contained within this class. + * + * <pre> + * <complexType name="XACMLPolicyQueryType"> + * <complexContent> + * <extension base="{urn:oasis:names:tc:SAML:2.0:protocol}RequestAbstractType"> + * <choice maxOccurs="unbounded" minOccurs="0"> + * <element ref="{urn:oasis:names:tc:xacml:2.0:context:schema:os}Request"/> + * <element ref="{urn:oasis:names:tc:xacml:2.0:policy:schema:os}Target"/> + * <element ref="{urn:oasis:names:tc:xacml:2.0:policy:schema:os}PolicySetIdReference"/> + * <element ref="{urn:oasis:names:tc:xacml:2.0:policy:schema:os}PolicyIdReference"/> + * </choice> + * </extension> + * </complexContent> + * </complexType> + * </pre> + * + * + */ +public class XACMLPolicyQueryType + extends RequestAbstractType +{ + public static class ChoiceType + { + private RequestType request; + private TargetType target; + private IdReferenceType policySetIDReference; + private IdReferenceType policyIdReference; + public RequestType getRequest() + { + return request; + } + public void setRequest(RequestType request) + { + this.request = request; + } + public TargetType getTarget() + { + return target; + } + public void setTarget(TargetType target) + { + this.target = target; + } + public IdReferenceType getPolicySetIDReference() + { + return policySetIDReference; + } + public void setPolicySetIDReference(IdReferenceType policySetIDReference) + { + this.policySetIDReference = policySetIDReference; + } + public IdReferenceType getPolicyIdReference() + { + return policyIdReference; + } + public void setPolicyIdReference(IdReferenceType policyIdReference) + { + this.policyIdReference = policyIdReference; + } + } + + protected ChoiceType choiceType; + + + + public ChoiceType getChoiceType() + { + return choiceType; + } + + public void setChoiceType(ChoiceType choiceType) + { + this.choiceType = choiceType; + } +} \ No newline at end of file Modified: federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/newmodel/saml/v2/protocol/ResponseType.java =================================================================== --- federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/newmodel/saml/v2/protocol/ResponseType.java 2010-11-30 00:32:39 UTC (rev 567) +++ federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/newmodel/saml/v2/protocol/ResponseType.java 2010-11-30 16:03:56 UTC (rev 568) @@ -25,8 +25,8 @@ import java.util.Collections; import java.util.List; -import org.picketlink.identity.federation.newmodel.saml.v2.assertion.EncryptedAssertionType; -import org.picketlink.identity.federation.saml.v2.assertion.AssertionType; +import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AssertionType; +import org.picketlink.identity.federation.newmodel.saml.v2.assertion.EncryptedAssertionType; /** * Java class for ResponseType complex type. @@ -51,9 +51,9 @@ public class ResponseType extends StatusResponseType { - protected List<ChoiceType> assertions = new ArrayList<ResponseType.ChoiceType>(); + protected List<RTChoiceType> assertions = new ArrayList<ResponseType.RTChoiceType>(); - public void addAssertion( ChoiceType choice ) + public void addAssertion( RTChoiceType choice ) { assertions.add(choice); } @@ -61,20 +61,20 @@ /** * Gets a read only list of assertions */ - public List<ChoiceType> getAssertions() + public List<RTChoiceType> getAssertions() { return Collections.unmodifiableList( assertions ); } - public static class ChoiceType + public static class RTChoiceType { private AssertionType assertion; private EncryptedAssertionType encryptedAssertion; - public ChoiceType(AssertionType assertion) + public RTChoiceType(AssertionType assertion) { this.assertion = assertion; } - public ChoiceType(EncryptedAssertionType encryptedAssertion) + public RTChoiceType(EncryptedAssertionType encryptedAssertion) { this.encryptedAssertion = encryptedAssertion; }

14 years

1
0
0 / 0

Picketlink SVN: r567 - in federation/trunk: picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/wsa and 9 other directories.

by picketlink-commits＠lists.jboss.org

Author: sguilhen(a)redhat.com Date: 2010-11-29 19:32:39 -0500 (Mon, 29 Nov 2010) New Revision: 567 Added: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/writers/WSTrustRequestWriter.java federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/writers/WSTrustResponseWriter.java federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/ws/trust/ComputedKeyType.java Removed: federation/trunk/picketlink-fed-api/src/test/java/org/picketlink/test/identity/federation/api/wstrust/ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/WSTrustJAXBFactory.java federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/writers/WSTrustRSTWriter.java federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/WST_SAML_ParsingPerfTestCase.java federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/wstrust/STSClientUnitTestCase.java federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/wstrust/WSTrustJAXBFactoryUnitTestCase.java Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/wsa/WSAddressingParser.java federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/wst/WSTRequestSecurityTokenParser.java federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/wst/WSTRequestSecurityTokenResponseParser.java federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/wst/WSTrustOnBehalfOfParser.java federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/util/StaxUtil.java federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/util/TransformerUtil.java federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/util/XMLSignatureUtil.java federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/PicketLinkSTS.java federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/STSClient.java federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/StandardRequestHandler.java federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/WSTrustConstants.java federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/WSTrustUtil.java federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/plugins/saml/SAML20TokenProvider.java federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/writers/WSPolicyWriter.java federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/writers/WSSecurityWriter.java federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/wst/WSTResponseAssertionHOKCertificateTestCase.java federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/wst/WSTrustBatchValidateParsingTestCase.java federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/wst/WSTrustCancelTargetSamlTestCase.java federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/wst/WSTrustIssueAppliesToTestCase.java federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/wst/WSTrustIssuePublicCertificateTestCase.java federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/wst/WSTrustIssuePublicKeyTestCase.java federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/wst/WSTrustIssueSymmetricKeyTestCase.java federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/wst/WSTrustIssueTestCase.java federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/wst/WSTrustOnBehalfOfTestCase.java federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/wstrust/PicketLinkSTSUnitTestCase.java federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/wstrust/SAML20TokenProviderUnitTestCase.java federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/wstrust/SpecialTokenProvider.java Log: PLFED-119: Stax is now used to write/parse WS-Trust response messages. Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/wsa/WSAddressingParser.java =================================================================== --- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/wsa/WSAddressingParser.java 2010-11-25 22:20:20 UTC (rev 566) +++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/wsa/WSAddressingParser.java 2010-11-30 00:32:39 UTC (rev 567) @@ -34,7 +34,6 @@ import org.picketlink.identity.federation.core.wstrust.WSTrustConstants; import org.picketlink.identity.federation.ws.addressing.AttributedURIType; import org.picketlink.identity.federation.ws.addressing.EndpointReferenceType; -import org.picketlink.identity.federation.ws.addressing.ObjectFactory; /** * @@ -87,7 +86,7 @@ EndElement endElement = (EndElement)xmlEvent; StaxParserUtil.validate( endElement, ENDPOINT_REFERENCE ); - return new ObjectFactory().createEndpointReference( reference ); + return reference; } } else Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/wst/WSTRequestSecurityTokenParser.java =================================================================== --- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/wst/WSTRequestSecurityTokenParser.java 2010-11-25 22:20:20 UTC (rev 566) +++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/wst/WSTRequestSecurityTokenParser.java 2010-11-30 00:32:39 UTC (rev 567) @@ -142,7 +142,7 @@ EndElement validateTargetEndElement = StaxParserUtil.getNextEndElement(xmlEventReader); StaxParserUtil.validate( validateTargetEndElement, WSTrustConstants.RENEW_TARGET ) ; } - else if( tag.equals( WSTrustConstants.On_BEHALF_OF )) + else if( tag.equals( WSTrustConstants.ON_BEHALF_OF )) { subEvent = StaxParserUtil.getNextStartElement(xmlEventReader); @@ -150,7 +150,7 @@ OnBehalfOfType onBehalfOf = (OnBehalfOfType) wstOnBehalfOfParser.parse(xmlEventReader); requestToken.setOnBehalfOf(onBehalfOf); EndElement onBehalfOfEndElement = StaxParserUtil.getNextEndElement(xmlEventReader); - StaxParserUtil.validate( onBehalfOfEndElement, WSTrustConstants.On_BEHALF_OF ) ; + StaxParserUtil.validate( onBehalfOfEndElement, WSTrustConstants.ON_BEHALF_OF ) ; } else if( tag.equals( WSTrustConstants.KEY_TYPE )) { Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/wst/WSTRequestSecurityTokenResponseParser.java =================================================================== --- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/wst/WSTRequestSecurityTokenResponseParser.java 2010-11-25 22:20:20 UTC (rev 566) +++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/wst/WSTRequestSecurityTokenResponseParser.java 2010-11-30 00:32:39 UTC (rev 567) @@ -1,23 +1,19 @@ /* - * JBoss, Home of Professional Open Source. - * Copyright 2008, Red Hat Middleware LLC, and individual contributors - * as indicated by the @author tags. See the copyright.txt file in the - * distribution for a full listing of individual contributors. - * - * This is free software; you can redistribute it and/or modify it - * under the terms of the GNU Lesser General Public License as - * published by the Free Software Foundation; either version 2.1 of - * the License, or (at your option) any later version. - * - * This software is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this software; if not, write to the Free - * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA - * 02110-1301 USA, or see the FSF site: http://www.fsf.org. + * JBoss, Home of Professional Open Source. Copyright 2008, Red Hat Middleware LLC, and individual contributors as + * indicated by the @author tags. See the copyright.txt file in the distribution for a full listing of individual + * contributors. + * + * This is free software; you can redistribute it and/or modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation; either version 2.1 of the License, or (at your option) any + * later version. + * + * This software is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied + * warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more + * details. + * + * You should have received a copy of the GNU Lesser General Public License along with this software; if not, write to + * the Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA, or see the FSF site: + * http://www.fsf.org. */ package org.picketlink.identity.federation.core.parsers.wst; @@ -34,20 +30,22 @@ import org.picketlink.identity.federation.core.exceptions.ParsingException; import org.picketlink.identity.federation.core.parsers.ParserController; import org.picketlink.identity.federation.core.parsers.ParserNamespaceSupport; -import org.picketlink.identity.federation.core.parsers.saml.SAMLAssertionParser; import org.picketlink.identity.federation.core.parsers.util.StaxParserUtil; import org.picketlink.identity.federation.core.parsers.wsse.WSSecurityParser; -import org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLConstants; import org.picketlink.identity.federation.core.wstrust.WSTrustConstants; import org.picketlink.identity.federation.core.wstrust.wrappers.Lifetime; import org.picketlink.identity.federation.core.wstrust.wrappers.RequestSecurityTokenResponse; import org.picketlink.identity.federation.ws.policy.AppliesTo; import org.picketlink.identity.federation.ws.trust.BinarySecretType; +import org.picketlink.identity.federation.ws.trust.ComputedKeyType; import org.picketlink.identity.federation.ws.trust.EntropyType; import org.picketlink.identity.federation.ws.trust.LifetimeType; import org.picketlink.identity.federation.ws.trust.OnBehalfOfType; +import org.picketlink.identity.federation.ws.trust.RequestedProofTokenType; import org.picketlink.identity.federation.ws.trust.RequestedReferenceType; import org.picketlink.identity.federation.ws.trust.RequestedSecurityTokenType; +import org.picketlink.identity.federation.ws.trust.RequestedTokenCancelledType; +import org.picketlink.identity.federation.ws.trust.StatusType; import org.picketlink.identity.federation.ws.trust.UseKeyType; import org.picketlink.identity.federation.ws.wss.secext.SecurityTokenReferenceType; import org.picketlink.identity.federation.ws.wss.utility.AttributedDateTime; @@ -55,12 +53,14 @@ /** * Parse the WS-Trust RequestSecurityToken + * * @author Anil.Saldhana(a)redhat.com * @since Oct 11, 2010 */ public class WSTRequestSecurityTokenResponseParser implements ParserNamespaceSupport -{ +{ public static final String X509CERTIFICATE = "X509Certificate"; + public static final String KEYVALUE = "KeyValue"; public static final String JDK_TRANSFORMER_PROPERTY = "picketlink.jdk.transformer"; @@ -69,203 +69,238 @@ * @see {@link ParserNamespaceSupport#parse(XMLEventReader)} */ public Object parse(XMLEventReader xmlEventReader) throws ParsingException - { - StartElement startElement = StaxParserUtil.getNextStartElement( xmlEventReader ); + { + StartElement startElement = StaxParserUtil.getNextStartElement(xmlEventReader); RequestSecurityTokenResponse responseToken = new RequestSecurityTokenResponse(); - QName contextQName = new QName( "", WSTrustConstants.RST_CONTEXT ); - Attribute contextAttribute = startElement.getAttributeByName( contextQName ); - String contextValue = StaxParserUtil.getAttributeValue( contextAttribute ); - responseToken.setContext( contextValue ); + QName contextQName = new QName("", WSTrustConstants.RST_CONTEXT); + Attribute contextAttribute = startElement.getAttributeByName(contextQName); + String contextValue = StaxParserUtil.getAttributeValue(contextAttribute); + responseToken.setContext(contextValue); - while( xmlEventReader.hasNext() ) + while (xmlEventReader.hasNext()) { - XMLEvent xmlEvent = StaxParserUtil.peek( xmlEventReader ); - if( xmlEvent == null ) + XMLEvent xmlEvent = StaxParserUtil.peek(xmlEventReader); + if (xmlEvent == null) break; - if( xmlEvent instanceof EndElement ) + if (xmlEvent instanceof EndElement) { - xmlEvent = StaxParserUtil.getNextEvent( xmlEventReader ); + xmlEvent = StaxParserUtil.getNextEvent(xmlEventReader); EndElement endElement = (EndElement) xmlEvent; - String endElementTag = StaxParserUtil.getEndElementName( endElement ); - if( endElementTag.equals( WSTrustConstants.RSTR ) ) + String endElementTag = StaxParserUtil.getEndElementName(endElement); + if (endElementTag.equals(WSTrustConstants.RSTR)) break; } try { - StartElement subEvent = StaxParserUtil.peekNextStartElement( xmlEventReader ); - if( subEvent == null ) + StartElement subEvent = StaxParserUtil.peekNextStartElement(xmlEventReader); + if (subEvent == null) break; - String tag = StaxParserUtil.getStartElementName( subEvent ); - if( tag.equals( WSTrustConstants.REQUEST_TYPE )) - { + String tag = StaxParserUtil.getStartElementName(subEvent); + if (tag.equals(WSTrustConstants.REQUEST_TYPE)) + { subEvent = StaxParserUtil.getNextStartElement(xmlEventReader); - if( !StaxParserUtil.hasTextAhead( xmlEventReader )) - throw new ParsingException( "request type is expected ahead" ); + if (!StaxParserUtil.hasTextAhead(xmlEventReader)) + throw new ParsingException("request type is expected ahead"); String value = StaxParserUtil.getElementText(xmlEventReader); - responseToken.setRequestType( new URI( value )); + responseToken.setRequestType(new URI(value)); } - else if( tag.equals( WSTrustConstants.LIFETIME )) + else if (tag.equals(WSTrustConstants.LIFETIME)) { subEvent = StaxParserUtil.getNextStartElement(xmlEventReader); - StaxParserUtil.validate(subEvent, WSTrustConstants.LIFETIME ); - - + StaxParserUtil.validate(subEvent, WSTrustConstants.LIFETIME); + LifetimeType lifeTime = new LifetimeType(); - //Get the Created + // Get the Created subEvent = StaxParserUtil.getNextStartElement(xmlEventReader); - String subTag = StaxParserUtil.getStartElementName( subEvent ); - if( subTag.equals( WSTrustConstants.CREATED )) - { + String subTag = StaxParserUtil.getStartElementName(subEvent); + if (subTag.equals(WSTrustConstants.CREATED)) + { AttributedDateTime created = new AttributedDateTime(); - created.setValue( StaxParserUtil.getElementText(xmlEventReader) ); - lifeTime.setCreated( created ); + created.setValue(StaxParserUtil.getElementText(xmlEventReader)); + lifeTime.setCreated(created); } subEvent = StaxParserUtil.getNextStartElement(xmlEventReader); - subTag = StaxParserUtil.getStartElementName( subEvent ); - - if( subTag.equals( WSTrustConstants.EXPIRES )) - { + subTag = StaxParserUtil.getStartElementName(subEvent); + + if (subTag.equals(WSTrustConstants.EXPIRES)) + { AttributedDateTime expires = new AttributedDateTime(); - expires.setValue( StaxParserUtil.getElementText(xmlEventReader) ); - lifeTime.setExpires( expires ); - } + expires.setValue(StaxParserUtil.getElementText(xmlEventReader)); + lifeTime.setExpires(expires); + } else - throw new RuntimeException( subTag + " was unexpected" ); - - responseToken.setLifetime( new Lifetime( lifeTime )); + throw new RuntimeException(subTag + " was unexpected"); + + responseToken.setLifetime(new Lifetime(lifeTime)); EndElement lifeTimeElement = StaxParserUtil.getNextEndElement(xmlEventReader); - StaxParserUtil.validate( lifeTimeElement, WSTrustConstants.LIFETIME ) ; + StaxParserUtil.validate(lifeTimeElement, WSTrustConstants.LIFETIME); } - else if( tag.equals( WSTrustConstants.TOKEN_TYPE )) + else if (tag.equals(WSTrustConstants.TOKEN_TYPE)) { subEvent = StaxParserUtil.getNextStartElement(xmlEventReader); - if( !StaxParserUtil.hasTextAhead( xmlEventReader )) - throw new ParsingException( "token type is expected ahead" ); + if (!StaxParserUtil.hasTextAhead(xmlEventReader)) + throw new ParsingException("token type is expected ahead"); String value = StaxParserUtil.getElementText(xmlEventReader); - responseToken.setTokenType( new URI( value )); - } - else if( tag.equals( WSTrustConstants.On_BEHALF_OF )) + responseToken.setTokenType(new URI(value)); + } + else if (tag.equals(WSTrustConstants.ON_BEHALF_OF)) { subEvent = StaxParserUtil.getNextStartElement(xmlEventReader); - WSTrustOnBehalfOfParser wstOnBehalfOfParser = new WSTrustOnBehalfOfParser(); - OnBehalfOfType onBehalfOf = (OnBehalfOfType) wstOnBehalfOfParser.parse(xmlEventReader); + WSTrustOnBehalfOfParser wstOnBehalfOfParser = new WSTrustOnBehalfOfParser(); + OnBehalfOfType onBehalfOf = (OnBehalfOfType) wstOnBehalfOfParser.parse(xmlEventReader); responseToken.setOnBehalfOf(onBehalfOf); EndElement onBehalfOfEndElement = StaxParserUtil.getNextEndElement(xmlEventReader); - StaxParserUtil.validate( onBehalfOfEndElement, WSTrustConstants.On_BEHALF_OF ) ; - } - else if( tag.equals( WSTrustConstants.KEY_TYPE )) + StaxParserUtil.validate(onBehalfOfEndElement, WSTrustConstants.ON_BEHALF_OF); + } + else if (tag.equals(WSTrustConstants.KEY_TYPE)) { subEvent = StaxParserUtil.getNextStartElement(xmlEventReader); - if( !StaxParserUtil.hasTextAhead( xmlEventReader )) - throw new ParsingException( "key type is expected ahead" ); + if (!StaxParserUtil.hasTextAhead(xmlEventReader)) + throw new ParsingException("key type is expected ahead"); String keyType = StaxParserUtil.getElementText(xmlEventReader); try { - URI keyTypeURI = new URI( keyType ); - responseToken.setKeyType( keyTypeURI ); + URI keyTypeURI = new URI(keyType); + responseToken.setKeyType(keyTypeURI); } - catch( URISyntaxException e ) + catch (URISyntaxException e) { - throw new ParsingException( e ); - } - } - else if( tag.equals( WSTrustConstants.KEY_SIZE )) + throw new ParsingException(e); + } + } + else if (tag.equals(WSTrustConstants.KEY_SIZE)) { subEvent = StaxParserUtil.getNextStartElement(xmlEventReader); - if( !StaxParserUtil.hasTextAhead( xmlEventReader )) - throw new ParsingException( "key size is expected ahead" ); + if (!StaxParserUtil.hasTextAhead(xmlEventReader)) + throw new ParsingException("key size is expected ahead"); String keySize = StaxParserUtil.getElementText(xmlEventReader); try - { - responseToken.setKeySize(Long.parseLong( keySize )); + { + responseToken.setKeySize(Long.parseLong(keySize)); } - catch( NumberFormatException e ) + catch (NumberFormatException e) { - throw new ParsingException( e ); - } - } - else if( tag.equals( WSTrustConstants.ENTROPY )) + throw new ParsingException(e); + } + } + else if (tag.equals(WSTrustConstants.ENTROPY)) { - subEvent = StaxParserUtil.getNextStartElement(xmlEventReader); + subEvent = StaxParserUtil.getNextStartElement(xmlEventReader); EntropyType entropy = new EntropyType(); subEvent = StaxParserUtil.getNextStartElement(xmlEventReader); - if( StaxParserUtil.matches(subEvent, WSTrustConstants.BINARY_SECRET )) + if (StaxParserUtil.matches(subEvent, WSTrustConstants.BINARY_SECRET)) { BinarySecretType binarySecret = new BinarySecretType(); - Attribute typeAttribute = subEvent.getAttributeByName( new QName( "", "Type" )); - binarySecret.setType( StaxParserUtil.getAttributeValue( typeAttribute )); + Attribute typeAttribute = subEvent.getAttributeByName(new QName("", "Type")); + binarySecret.setType(StaxParserUtil.getAttributeValue(typeAttribute)); - if( !StaxParserUtil.hasTextAhead( xmlEventReader )) - throw new ParsingException( "binary secret value is expected ahead" ); + if (!StaxParserUtil.hasTextAhead(xmlEventReader)) + throw new ParsingException("binary secret value is expected ahead"); - binarySecret.setValue( StaxParserUtil.getElementText(xmlEventReader).getBytes() ); - entropy.getAny().add( binarySecret ); + binarySecret.setValue(StaxParserUtil.getElementText(xmlEventReader).getBytes()); + entropy.getAny().add(binarySecret); } responseToken.setEntropy(entropy); } - else if( tag.equals( WSTrustConstants.USE_KEY )) + else if (tag.equals(WSTrustConstants.USE_KEY)) { - subEvent = StaxParserUtil.getNextStartElement(xmlEventReader); - UseKeyType useKeyType = new UseKeyType(); - StaxParserUtil.validate( subEvent, WSTrustConstants.USE_KEY ) ; + subEvent = StaxParserUtil.getNextStartElement(xmlEventReader); + UseKeyType useKeyType = new UseKeyType(); + StaxParserUtil.validate(subEvent, WSTrustConstants.USE_KEY); - //We peek at the next start element as the stax source has to be in the START_ELEMENT mode - subEvent = StaxParserUtil.peekNextStartElement(xmlEventReader); - if( StaxParserUtil.matches(subEvent, X509CERTIFICATE )) + // We peek at the next start element as the stax source has to be in the START_ELEMENT mode + subEvent = StaxParserUtil.peekNextStartElement(xmlEventReader); + if (StaxParserUtil.matches(subEvent, X509CERTIFICATE)) { Element domElement = StaxParserUtil.getDOMElement(xmlEventReader); - //Element domElement = getX509CertificateAsDomElement( subEvent, xmlEventReader ); + // Element domElement = getX509CertificateAsDomElement( subEvent, xmlEventReader ); - useKeyType.setAny( domElement ); - responseToken.setUseKey( useKeyType ); - } - else if( StaxParserUtil.matches(subEvent, KEYVALUE )) + useKeyType.setAny(domElement); + responseToken.setUseKey(useKeyType); + } + else if (StaxParserUtil.matches(subEvent, KEYVALUE)) { - //Element domElement = getKeyValueAsDomElement( subEvent, xmlEventReader ); - Element domElement = StaxParserUtil.getDOMElement(xmlEventReader);// - useKeyType.setAny( domElement ); - responseToken.setUseKey( useKeyType ); + Element domElement = StaxParserUtil.getDOMElement(xmlEventReader); + useKeyType.setAny(domElement); + responseToken.setUseKey(useKeyType); } - else throw new RuntimeException( "unsupported " + StaxParserUtil.getStartElementName( subEvent )); + else + throw new RuntimeException("unsupported " + StaxParserUtil.getStartElementName(subEvent)); } - else if( tag.equals( WSTrustConstants.REQUESTED_TOKEN )) - { - responseToken.setRequestedSecurityToken( parseRequestedSecurityTokenType(xmlEventReader) ); + else if (tag.equals(WSTrustConstants.REQUESTED_TOKEN_CANCELLED)) + { + StaxParserUtil.getNextEndElement(xmlEventReader); + responseToken.setRequestedTokenCancelled(new RequestedTokenCancelledType()); } - else if( tag.equals( WSTrustConstants.REQUESTED_ATTACHED_REFERENCE )) + else if (tag.equals(WSTrustConstants.REQUESTED_PROOF_TOKEN)) { - responseToken.setRequestedAttachedReference( parseRequestedReference(xmlEventReader)); + subEvent = StaxParserUtil.getNextStartElement(xmlEventReader); + RequestedProofTokenType requestedProofToken = new RequestedProofTokenType(); + subEvent = StaxParserUtil.getNextStartElement(xmlEventReader); + if (StaxParserUtil.matches(subEvent, WSTrustConstants.BINARY_SECRET)) + { + BinarySecretType binarySecret = new BinarySecretType(); + Attribute typeAttribute = subEvent.getAttributeByName(new QName("", "Type")); + binarySecret.setType(StaxParserUtil.getAttributeValue(typeAttribute)); + + if (!StaxParserUtil.hasTextAhead(xmlEventReader)) + throw new ParsingException("binary secret value is expected ahead"); + + binarySecret.setValue(StaxParserUtil.getElementText(xmlEventReader).getBytes()); + requestedProofToken.setAny(binarySecret); + } + else if (StaxParserUtil.matches(subEvent, WSTrustConstants.COMPUTED_KEY)) + { + ComputedKeyType computedKey = new ComputedKeyType(); + if (!StaxParserUtil.hasTextAhead(xmlEventReader)) + throw new ParsingException("computed key algorithm is expected ahead"); + computedKey.setAlgorithm(StaxParserUtil.getElementText(xmlEventReader)); + requestedProofToken.setAny(computedKey); + } + responseToken.setRequestedProofToken(requestedProofToken); } + else if (tag.equals(WSTrustConstants.REQUESTED_TOKEN)) + { + responseToken.setRequestedSecurityToken(parseRequestedSecurityTokenType(xmlEventReader)); + } + else if (tag.equals(WSTrustConstants.REQUESTED_ATTACHED_REFERENCE)) + { + responseToken.setRequestedAttachedReference(parseRequestedReference(xmlEventReader)); + } + else if (tag.equals(WSTrustConstants.STATUS)) + { + responseToken.setStatus(this.parseStatusType(xmlEventReader)); + } else { QName qname = subEvent.getName(); - ParserNamespaceSupport parser = ParserController.get( qname ); - if( parser == null ) - throw new RuntimeException( "Cannot parse " + qname ); + ParserNamespaceSupport parser = ParserController.get(qname); + if (parser == null) + throw new RuntimeException("Cannot parse " + qname); - Object parsedObject = parser.parse( xmlEventReader ); - if( parsedObject instanceof AppliesTo ) + Object parsedObject = parser.parse(xmlEventReader); + if (parsedObject instanceof AppliesTo) { - responseToken.setAppliesTo( (AppliesTo) parsedObject ); + responseToken.setAppliesTo((AppliesTo) parsedObject); } } - } + } catch (URISyntaxException e) { - throw new ParsingException( e ); - } + throw new ParsingException(e); + } } return responseToken; @@ -275,28 +310,26 @@ * @see {@link ParserNamespaceSupport#supports(QName)} */ public boolean supports(QName qname) - { + { String nsURI = qname.getNamespaceURI(); String localPart = qname.getLocalPart(); - return WSTrustConstants.BASE_NAMESPACE.equals( nsURI ) - && WSTrustConstants.RST.equals( localPart ); - } - - private RequestedSecurityTokenType parseRequestedSecurityTokenType( XMLEventReader xmlEventReader ) throws ParsingException + return WSTrustConstants.BASE_NAMESPACE.equals(nsURI) && WSTrustConstants.RST.equals(localPart); + } + + private StatusType parseStatusType(XMLEventReader xmlEventReader) throws ParsingException { - RequestedSecurityTokenType requestedSecurityTokenType = new RequestedSecurityTokenType(); - + StatusType status = new StatusType(); StartElement startElement = StaxParserUtil.getNextStartElement(xmlEventReader); - StaxParserUtil.validate(startElement, WSTrustConstants.REQUESTED_TOKEN ); - + StaxParserUtil.validate(startElement, WSTrustConstants.STATUS); + XMLEvent xmlEvent = null; - while( xmlEventReader.hasNext() ) + while (xmlEventReader.hasNext()) { xmlEvent = StaxParserUtil.peek(xmlEventReader); - if( xmlEvent instanceof EndElement ) + if (xmlEvent instanceof EndElement) { - if( StaxParserUtil.getEndElementName( (EndElement) xmlEvent ).equals( WSTrustConstants.REQUESTED_TOKEN )) + if (StaxParserUtil.getEndElementName((EndElement) xmlEvent).equals(WSTrustConstants.STATUS)) { xmlEvent = StaxParserUtil.getNextEndElement(xmlEventReader); break; @@ -304,32 +337,71 @@ } startElement = (StartElement) xmlEvent; String tag = StaxParserUtil.getStartElementName(startElement); - - if( tag.equals( JBossSAMLConstants.ASSERTION.get() )) + + if (tag.equals(WSTrustConstants.CODE)) { - SAMLAssertionParser assertionParser = new SAMLAssertionParser(); - requestedSecurityTokenType.setAny( assertionParser.parse(xmlEventReader) ); + startElement = StaxParserUtil.getNextStartElement(xmlEventReader); + StaxParserUtil.validate(startElement, WSTrustConstants.CODE); + + if (!StaxParserUtil.hasTextAhead(xmlEventReader)) + throw new ParsingException("Validation code is expected ahead"); + status.setCode(StaxParserUtil.getElementText(xmlEventReader)); } + else if (tag.equals(WSTrustConstants.REASON)) + { + startElement = StaxParserUtil.getNextStartElement(xmlEventReader); + StaxParserUtil.validate(startElement, WSTrustConstants.REASON); + + if (!StaxParserUtil.hasTextAhead(xmlEventReader)) + throw new ParsingException("Validation reason is expected ahead"); + status.setReason(StaxParserUtil.getElementText(xmlEventReader)); + } } - + return status; + } + + private RequestedSecurityTokenType parseRequestedSecurityTokenType(XMLEventReader xmlEventReader) + throws ParsingException + { + RequestedSecurityTokenType requestedSecurityTokenType = new RequestedSecurityTokenType(); + + StartElement startElement = StaxParserUtil.getNextStartElement(xmlEventReader); + StaxParserUtil.validate(startElement, WSTrustConstants.REQUESTED_TOKEN); + + XMLEvent xmlEvent = null; + while (xmlEventReader.hasNext()) + { + xmlEvent = StaxParserUtil.peek(xmlEventReader); + if (xmlEvent instanceof EndElement) + { + if (StaxParserUtil.getEndElementName((EndElement) xmlEvent).equals(WSTrustConstants.REQUESTED_TOKEN)) + { + xmlEvent = StaxParserUtil.getNextEndElement(xmlEventReader); + break; + } + } + Element tokenElement = StaxParserUtil.getDOMElement(xmlEventReader); + requestedSecurityTokenType.setAny(tokenElement); + } + return requestedSecurityTokenType; } - - private RequestedReferenceType parseRequestedReference( XMLEventReader xmlEventReader ) throws ParsingException + + private RequestedReferenceType parseRequestedReference(XMLEventReader xmlEventReader) throws ParsingException { StartElement startElement = StaxParserUtil.getNextStartElement(xmlEventReader); - StaxParserUtil.validate(startElement, WSTrustConstants.REQUESTED_ATTACHED_REFERENCE ); - + StaxParserUtil.validate(startElement, WSTrustConstants.REQUESTED_ATTACHED_REFERENCE); + RequestedReferenceType ref = new RequestedReferenceType(); - + WSSecurityParser wsseParser = new WSSecurityParser(); SecurityTokenReferenceType secref = (SecurityTokenReferenceType) wsseParser.parse(xmlEventReader); - - ref.setSecurityTokenReference( secref ); - + + ref.setSecurityTokenReference(secref); + EndElement endElement = StaxParserUtil.getNextEndElement(xmlEventReader); - StaxParserUtil.validate(endElement, WSTrustConstants.REQUESTED_ATTACHED_REFERENCE ); - - return ref; + StaxParserUtil.validate(endElement, WSTrustConstants.REQUESTED_ATTACHED_REFERENCE); + + return ref; } } \ No newline at end of file Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/wst/WSTrustOnBehalfOfParser.java =================================================================== --- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/wst/WSTrustOnBehalfOfParser.java 2010-11-25 22:20:20 UTC (rev 566) +++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/wst/WSTrustOnBehalfOfParser.java 2010-11-30 00:32:39 UTC (rev 567) @@ -70,6 +70,6 @@ String localPart = qname.getLocalPart(); return WSTrustConstants.BASE_NAMESPACE.equals( nsURI ) - && WSTrustConstants.On_BEHALF_OF.equals( localPart ); + && WSTrustConstants.ON_BEHALF_OF.equals( localPart ); } } \ No newline at end of file Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/util/StaxUtil.java =================================================================== --- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/util/StaxUtil.java 2010-11-25 22:20:20 UTC (rev 566) +++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/util/StaxUtil.java 2010-11-30 00:32:39 UTC (rev 567) @@ -1,23 +1,19 @@ /* - * JBoss, Home of Professional Open Source. - * Copyright 2008, Red Hat Middleware LLC, and individual contributors - * as indicated by the @author tags. See the copyright.txt file in the - * distribution for a full listing of individual contributors. - * - * This is free software; you can redistribute it and/or modify it - * under the terms of the GNU Lesser General Public License as - * published by the Free Software Foundation; either version 2.1 of - * the License, or (at your option) any later version. - * - * This software is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this software; if not, write to the Free - * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA - * 02110-1301 USA, or see the FSF site: http://www.fsf.org. + * JBoss, Home of Professional Open Source. Copyright 2008, Red Hat Middleware LLC, and individual contributors as + * indicated by the @author tags. See the copyright.txt file in the distribution for a full listing of individual + * contributors. + * + * This is free software; you can redistribute it and/or modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation; either version 2.1 of the License, or (at your option) any + * later version. + * + * This software is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied + * warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more + * details. + * + * You should have received a copy of the GNU Lesser General Public License along with this software; if not, write to + * the Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA, or see the FSF site: + * http://www.fsf.org. */ package org.picketlink.identity.federation.core.util; @@ -40,19 +36,21 @@ /** * Utility class that deals with StAX + * * @author Anil.Saldhana(a)redhat.com * @since Oct 19, 2010 */ public class StaxUtil -{ +{ private static ThreadLocal<Stack<String>> registeredNSStack = new ThreadLocal<Stack<String>>(); - + /** * Flush the stream writer + * * @param writer * @throws ProcessingException */ - public static void flush( XMLStreamWriter writer ) throws ProcessingException + public static void flush(XMLStreamWriter writer) throws ProcessingException { try { @@ -60,48 +58,50 @@ } catch (XMLStreamException e) { - throw new ProcessingException( e ); + throw new ProcessingException(e); } } /** * Get an {@code XMLEventWriter} + * * @param outStream * @return * @throws ProcessingException */ - public static XMLEventWriter getXMLEventWriter( final OutputStream outStream ) throws ProcessingException + public static XMLEventWriter getXMLEventWriter(final OutputStream outStream) throws ProcessingException { XMLOutputFactory xmlOutputFactory = XMLOutputFactory.newInstance(); try { - return xmlOutputFactory.createXMLEventWriter( outStream, "UTF-8" ); + return xmlOutputFactory.createXMLEventWriter(outStream, "UTF-8"); } catch (XMLStreamException e) { - throw new ProcessingException( e ); + throw new ProcessingException(e); } } /** * Get an {@code XMLStreamWriter} + * * @param outStream * @return * @throws ProcessingException */ - public static XMLStreamWriter getXMLStreamWriter( final OutputStream outStream ) throws ProcessingException + public static XMLStreamWriter getXMLStreamWriter(final OutputStream outStream) throws ProcessingException { XMLOutputFactory xmlOutputFactory = XMLOutputFactory.newInstance(); try { - return xmlOutputFactory.createXMLStreamWriter( outStream, "UTF-8" ); + return xmlOutputFactory.createXMLStreamWriter(outStream, "UTF-8"); } catch (XMLStreamException e) { - throw new ProcessingException( e ); + throw new ProcessingException(e); } } - + public static XMLStreamWriter getXMLStreamWriter(final Result result) throws ProcessingException { XMLOutputFactory factory = XMLOutputFactory.newInstance(); @@ -114,287 +114,305 @@ throw new ProcessingException(xe); } } - + /** * Set a prefix + * * @param writer * @param prefix * @param nsURI * @throws ProcessingException */ - public static void setPrefix( XMLStreamWriter writer, String prefix, String nsURI ) throws ProcessingException + public static void setPrefix(XMLStreamWriter writer, String prefix, String nsURI) throws ProcessingException { try { - writer.setPrefix(prefix, nsURI ); + writer.setPrefix(prefix, nsURI); } catch (XMLStreamException e) { - throw new ProcessingException( e ); + throw new ProcessingException(e); } } - + /** * Write an attribute + * * @param writer - * @param attributeName QName of the attribute + * @param attributeName + * QName of the attribute * @param attributeValue * @throws ProcessingException */ - public static void writeAttribute( XMLStreamWriter writer, QName attributeName, String attributeValue ) throws ProcessingException + public static void writeAttribute(XMLStreamWriter writer, QName attributeName, String attributeValue) + throws ProcessingException { try { - writer.writeAttribute( attributeName.getNamespaceURI() , attributeName.getLocalPart(), attributeValue ); + writer.writeAttribute(attributeName.getPrefix(), attributeName.getNamespaceURI(), + attributeName.getLocalPart(), attributeValue); } catch (XMLStreamException e) { - throw new ProcessingException( e ); + throw new ProcessingException(e); } } /** * Write an xml attribute + * * @param writer - * @param localName localpart - * @param value value of the attribute + * @param localName + * localpart + * @param value + * value of the attribute * @throws ProcessingException */ - public static void writeAttribute( XMLStreamWriter writer, String localName, String value ) throws ProcessingException + public static void writeAttribute(XMLStreamWriter writer, String localName, String value) throws ProcessingException { try - { + { writer.writeAttribute(localName, value); } catch (XMLStreamException e) { - throw new ProcessingException( e ); + throw new ProcessingException(e); } } - + /** * Write an xml attribute + * * @param writer - * @param localName localpart - * @param type typically xsi:type - * @param value value of the attribute + * @param localName + * localpart + * @param type + * typically xsi:type + * @param value + * value of the attribute * @throws ProcessingException */ - public static void writeAttribute( XMLStreamWriter writer, String localName, String type, String value ) throws ProcessingException + public static void writeAttribute(XMLStreamWriter writer, String localName, String type, String value) + throws ProcessingException { try - { - writer.writeAttribute( localName, type, value ); + { + writer.writeAttribute(localName, type, value); } catch (XMLStreamException e) { - throw new ProcessingException( e ); + throw new ProcessingException(e); } } - + /** * Write a string as text node + * * @param writer * @param value * @throws ProcessingException */ - public static void writeCharacters( XMLStreamWriter writer, String value ) throws ProcessingException + public static void writeCharacters(XMLStreamWriter writer, String value) throws ProcessingException { try - { - writer.writeCharacters( value); + { + writer.writeCharacters(value); } catch (XMLStreamException e) { - throw new ProcessingException( e ); + throw new ProcessingException(e); } } - + /** * Write the default namespace + * * @param writer * @param ns * @throws ProcessingException */ - public static void writeDefaultNameSpace( XMLStreamWriter writer, String ns ) throws ProcessingException + public static void writeDefaultNameSpace(XMLStreamWriter writer, String ns) throws ProcessingException { try { - writer.writeDefaultNamespace( ns ); + writer.writeDefaultNamespace(ns); } catch (XMLStreamException e) { - throw new ProcessingException( e ); + throw new ProcessingException(e); } } - + /** * Write a DOM Node to the stream + * * @param writer * @param node * @throws ProcessingException */ - public static void writeDOMNode( XMLStreamWriter writer, Node node ) throws ProcessingException + public static void writeDOMNode(XMLStreamWriter writer, Node node) throws ProcessingException { try { short nodeType = node.getNodeType(); - - switch( nodeType ) + + switch (nodeType) { - case Node.ELEMENT_NODE: - writeDOMElement( writer, (Element) node); + case Node.ELEMENT_NODE : + writeDOMElement(writer, (Element) node); break; - case Node.TEXT_NODE: + case Node.TEXT_NODE : writer.writeCharacters(node.getNodeValue()); break; - case Node.COMMENT_NODE: + case Node.COMMENT_NODE : writer.writeComment(node.getNodeValue()); - break; - case Node.CDATA_SECTION_NODE: + break; + case Node.CDATA_SECTION_NODE : writer.writeCData(node.getNodeValue()); - break; - default: - //Don't care + break; + default : + // Don't care } } catch (DOMException e) { - throw new ProcessingException( e ); + throw new ProcessingException(e); } catch (XMLStreamException e) { - throw new ProcessingException( e ); - } + throw new ProcessingException(e); + } } - /** * Write DOM Element to the stream + * * @param writer * @param domElement * @throws ProcessingException */ - public static void writeDOMElement( XMLStreamWriter writer, Element domElement ) throws ProcessingException + public static void writeDOMElement(XMLStreamWriter writer, Element domElement) throws ProcessingException { - if( registeredNSStack.get() == null ) + if (registeredNSStack.get() == null) { - registeredNSStack.set( new Stack<String>() ); + registeredNSStack.set(new Stack<String>()); } String domElementPrefix = domElement.getPrefix(); - - if (domElementPrefix == null) + + if (domElementPrefix == null) { - domElementPrefix = ""; + domElementPrefix = ""; } - + String domElementNS = domElement.getNamespaceURI(); - if (domElementNS == null) + if (domElementNS == null) { - domElementNS = ""; + domElementNS = ""; } - + writeStartElement(writer, domElementPrefix, domElement.getLocalName(), domElementNS); - - //Should we register namespace - if( domElementPrefix != "" && !registeredNSStack.get().contains(domElementNS) ) + // Should we register namespace + if (domElementPrefix != "" && !registeredNSStack.get().contains(domElementNS)) { - // writeNameSpace(writer, domElementPrefix, domElementNS ); - registeredNSStack.get().push( domElementNS ); + // writeNameSpace(writer, domElementPrefix, domElementNS ); + registeredNSStack.get().push(domElementNS); } // Deal with Attributes NamedNodeMap attrs = domElement.getAttributes(); - for (int i = 0, len = attrs.getLength(); i < len; ++i) + for (int i = 0, len = attrs.getLength(); i < len; ++i) { - Attr attr = (Attr) attrs.item(i); - String attributePrefix = attr.getPrefix(); - String attribLocalName = attr.getLocalName(); - String attribValue = attr.getValue(); + Attr attr = (Attr) attrs.item(i); + String attributePrefix = attr.getPrefix(); + String attribLocalName = attr.getLocalName(); + String attribValue = attr.getValue(); - if (attributePrefix == null || attributePrefix.length() == 0) - { - if ( "xmlns".equals( attribLocalName )) - { - writeDefaultNameSpace( writer, attribValue ); - } - else - { - writeAttribute( writer, attribLocalName, attribValue ); - } - } - else - { - if ( "xmlns".equals( attributePrefix )) - { - writeNameSpace( writer, attribLocalName, attribValue); - } - else - { - writeAttribute( writer, new QName( attr.getNamespaceURI(), attribLocalName, attributePrefix ), attribValue); - } - } + if (attributePrefix == null || attributePrefix.length() == 0) + { + if ("xmlns".equals(attribLocalName)) + { + writeDefaultNameSpace(writer, attribValue); + } + else + { + writeAttribute(writer, attribLocalName, attribValue); + } + } + else + { + if ("xmlns".equals(attributePrefix)) + { + writeNameSpace(writer, attribLocalName, attribValue); + } + else + { + writeAttribute(writer, new QName(attr.getNamespaceURI(), attribLocalName, attributePrefix), attribValue); + } + } } - for ( Node child = domElement.getFirstChild(); child != null; child = child.getNextSibling() ) + for (Node child = domElement.getFirstChild(); child != null; child = child.getNextSibling()) { - writeDOMNode( writer, child); + writeDOMNode(writer, child); } writeEndElement(writer); } - - + /** * Write a namespace + * * @param writer - * @param prefix prefix - * @param ns Namespace URI + * @param prefix + * prefix + * @param ns + * Namespace URI * @throws ProcessingException */ - public static void writeNameSpace( XMLStreamWriter writer, String prefix, String ns ) throws ProcessingException + public static void writeNameSpace(XMLStreamWriter writer, String prefix, String ns) throws ProcessingException { try - { + { writer.writeNamespace(prefix, ns); } catch (XMLStreamException e) { - throw new ProcessingException( e ); + throw new ProcessingException(e); } } /** * Write a start element + * * @param writer * @param prefix * @param localPart * @param ns * @throws ProcessingException */ - public static void writeStartElement( XMLStreamWriter writer, String prefix, String localPart, String ns ) throws ProcessingException + public static void writeStartElement(XMLStreamWriter writer, String prefix, String localPart, String ns) + throws ProcessingException { try { - writer.writeStartElement( prefix, localPart, ns); + writer.writeStartElement(prefix, localPart, ns); } catch (XMLStreamException e) { - throw new ProcessingException( e ); + throw new ProcessingException(e); } } /** * - * Write an end element. The stream writer keeps track of which start element - * needs to be closed with an end tag. + * Write an end element. The stream writer keeps track of which start element needs to be closed with an end tag. * * * @param writer * @throws ProcessingException */ - public static void writeEndElement( XMLStreamWriter writer ) throws ProcessingException + public static void writeEndElement(XMLStreamWriter writer) throws ProcessingException { try { @@ -402,7 +420,7 @@ } catch (XMLStreamException e) { - throw new ProcessingException( e ); + throw new ProcessingException(e); } } } \ No newline at end of file Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/util/TransformerUtil.java =================================================================== --- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/util/TransformerUtil.java 2010-11-25 22:20:20 UTC (rev 566) +++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/util/TransformerUtil.java 2010-11-30 00:32:39 UTC (rev 567) @@ -301,7 +301,12 @@ { Namespace namespace = namespaces.next(); QName name = namespace.getName(); - el.setAttributeNS(name.getNamespaceURI(), "xmlns:" + name.getLocalPart(), namespace.getNamespaceURI()); + localPart = name.getLocalPart(); + prefix = name.getPrefix(); + if (prefix != null && prefix != "") + qual = (localPart != null && localPart != "") ? prefix + ":" + localPart : prefix; + + el.setAttributeNS(name.getNamespaceURI(), qual, namespace.getNamespaceURI()); } XMLEvent nextEvent = StaxParserUtil.peek(xmlEventReader); Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/util/XMLSignatureUtil.java =================================================================== --- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/util/XMLSignatureUtil.java 2010-11-25 22:20:20 UTC (rev 566) +++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/util/XMLSignatureUtil.java 2010-11-30 00:32:39 UTC (rev 567) @@ -92,7 +92,8 @@ private static XMLSignatureFactory fac = getXMLSignatureFactory(); - private static XMLSignatureFactory getXMLSignatureFactory() + @SuppressWarnings("restriction") +private static XMLSignatureFactory getXMLSignatureFactory() { XMLSignatureFactory xsf = null; Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/PicketLinkSTS.java =================================================================== --- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/PicketLinkSTS.java 2010-11-25 22:20:20 UTC (rev 566) +++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/PicketLinkSTS.java 2010-11-30 00:32:39 UTC (rev 567) @@ -1,23 +1,19 @@ /* - * JBoss, Home of Professional Open Source. - * Copyright 2009, Red Hat Middleware LLC, and individual contributors - * as indicated by the @author tags. See the copyright.txt file in the - * distribution for a full listing of individual contributors. - * - * This is free software; you can redistribute it and/or modify it - * under the terms of the GNU Lesser General Public License as - * published by the Free Software Foundation; either version 2.1 of - * the License, or (at your option) any later version. - * - * This software is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this software; if not, write to the Free - * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA - * 02110-1301 USA, or see the FSF site: http://www.fsf.org. + * JBoss, Home of Professional Open Source. Copyright 2009, Red Hat Middleware LLC, and individual contributors as + * indicated by the @author tags. See the copyright.txt file in the distribution for a full listing of individual + * contributors. + * + * This is free software; you can redistribute it and/or modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation; either version 2.1 of the License, or (at your option) any + * later version. + * + * This software is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied + * warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more + * details. + * + * You should have received a copy of the GNU Lesser General Public License along with this software; if not, write to + * the Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA, or see the FSF site: + * http://www.fsf.org. */ package org.picketlink.identity.federation.core.wstrust; @@ -27,6 +23,7 @@ import javax.annotation.Resource; import javax.xml.transform.Source; +import javax.xml.transform.dom.DOMResult; import javax.xml.transform.dom.DOMSource; import javax.xml.ws.Provider; import javax.xml.ws.Service; @@ -45,6 +42,7 @@ import org.picketlink.identity.federation.core.wstrust.wrappers.RequestSecurityTokenCollection; import org.picketlink.identity.federation.core.wstrust.wrappers.RequestSecurityTokenResponse; import org.picketlink.identity.federation.core.wstrust.wrappers.RequestSecurityTokenResponseCollection; +import org.picketlink.identity.federation.core.wstrust.writers.WSTrustResponseWriter; import org.w3c.dom.Document; /** @@ -56,7 +54,7 @@ */ @WebServiceProvider(serviceName = "PicketLinkSTS", portName = "PicketLinkSTSPort", targetNamespace = "urn:picketlink:identity-federation:sts", wsdlLocation = "WEB-INF/wsdl/PicketLinkSTS.wsdl") @ServiceMode(value = Service.Mode.PAYLOAD) -public class PicketLinkSTS implements Provider<Source>//SecurityTokenService +public class PicketLinkSTS implements Provider<Source>// SecurityTokenService { private static Logger logger = Logger.getLogger(PicketLinkSTS.class); @@ -107,9 +105,11 @@ * Process a security token request. * * - * @param request a {@code RequestSecurityToken} instance that contains the request information. + * @param request + * a {@code RequestSecurityToken} instance that contains the request information. * @return a {@code Source} instance representing the marshalled response. - * @throws WebServiceException Any exception encountered in handling token + * @throws WebServiceException + * Any exception encountered in handling token */ protected Source handleTokenRequest(RequestSecurityToken request) { @@ -163,7 +163,8 @@ * Process a collection of security token requests. * * - * @param requestCollection a {@code RequestSecurityTokenCollection} containing the various requests information. + * @param requestCollection + * a {@code RequestSecurityTokenCollection} containing the various requests information. * @return a {@code Source} instance representing the marshalled response. */ protected Source handleTokenRequestCollection(RequestSecurityTokenCollection requestCollection) @@ -176,7 +177,8 @@ * Marshalls the specified {@code RequestSecurityTokenResponse} into a {@code Source} instance. * * - * @param response the {@code RequestSecurityTokenResponse} to be marshalled. + * @param response + * the {@code RequestSecurityTokenResponse} to be marshalled. * @return the resulting {@code Source} instance. */ protected Source marshallResponse(RequestSecurityTokenResponse response) @@ -184,7 +186,18 @@ // add the single response to a RequestSecurityTokenResponse collection, as per the specification. RequestSecurityTokenResponseCollection responseCollection = new RequestSecurityTokenResponseCollection(); responseCollection.addRequestSecurityTokenResponse(response); - return WSTrustJAXBFactory.getInstance().marshallRequestSecurityTokenResponse(responseCollection); + + try + { + DOMResult result = new DOMResult(DocumentUtil.createDocument()); + WSTrustResponseWriter writer = new WSTrustResponseWriter(result); + writer.write(responseCollection); + return new DOMSource(result.getNode()); + } + catch (Exception e) + { + throw new WebServiceException("Error writting response: " + e.getMessage(), e); + } } /** Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/STSClient.java =================================================================== --- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/STSClient.java 2010-11-25 22:20:20 UTC (rev 566) +++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/STSClient.java 2010-11-30 00:32:39 UTC (rev 567) @@ -34,11 +34,12 @@ import javax.xml.ws.Service.Mode; import javax.xml.ws.soap.SOAPBinding; +import org.picketlink.identity.federation.core.parsers.wst.WSTrustParser; import org.picketlink.identity.federation.core.saml.v2.util.DocumentUtil; import org.picketlink.identity.federation.core.wstrust.wrappers.RequestSecurityToken; import org.picketlink.identity.federation.core.wstrust.wrappers.RequestSecurityTokenResponse; import org.picketlink.identity.federation.core.wstrust.wrappers.RequestSecurityTokenResponseCollection; -import org.picketlink.identity.federation.core.wstrust.writers.WSTrustRSTWriter; +import org.picketlink.identity.federation.core.wstrust.writers.WSTrustRequestWriter; import org.picketlink.identity.federation.ws.trust.CancelTargetType; import org.picketlink.identity.federation.ws.trust.RenewTargetType; import org.picketlink.identity.federation.ws.trust.StatusType; @@ -92,8 +93,9 @@ /** * Issues a Security Token for the ultimate recipient of the token. * - * @param endpointURI - The ultimate recipient of the token. This will be set at the AppliesTo for the - * RequestSecurityToken which is an optional element so it may be null. + * @param endpointURI + * - The ultimate recipient of the token. This will be set at the AppliesTo for the RequestSecurityToken + * which is an optional element so it may be null. * @return Element - The Security Token Element which will be of the TokenType configured for the endpointURI passed * in. * @throws WSTrustException @@ -109,11 +111,14 @@ * Issues a Security Token from the STS. This methods has the option of specifying one or both of * endpointURI/tokenType but at least one must specified. * - * @param endpointURI - The ultimate recipient of the token. This will be set at the AppliesTo for the - * RequestSecurityToken which is an optional element so it may be null. - * @param tokenType - The type of security token to be issued. + * @param endpointURI + * - The ultimate recipient of the token. This will be set at the AppliesTo for the RequestSecurityToken + * which is an optional element so it may be null. + * @param tokenType + * - The type of security token to be issued. * @return Element - The Security Token Element issued. - * @throws IllegalArgumentException If neither endpointURI nor tokenType was specified. + * @throws IllegalArgumentException + * If neither endpointURI nor tokenType was specified. * @throws WSTrustException */ public Element issueToken(String endpointURI, String tokenType) throws WSTrustException @@ -132,13 +137,18 @@ * Issues a security token on behalf of the specified principal. * * - * @param endpointURI the ultimate recipient of the token. This will be set at the AppliesTo for the - * RequestSecurityToken which is an optional element so it may be null. - * @param tokenType the type of the token to be issued. - * @param principal the {@code Principal} to whom the token will be issued. + * @param endpointURI + * the ultimate recipient of the token. This will be set at the AppliesTo for the RequestSecurityToken + * which is an optional element so it may be null. + * @param tokenType + * the type of the token to be issued. + * @param principal + * the {@code Principal} to whom the token will be issued. * @return an {@code Element} representing the issued security token. - * @throws IllegalArgumentException If neither endpointURI nor tokenType was specified. - * @throws WSTrustException if an error occurs while issuing the security token. + * @throws IllegalArgumentException + * If neither endpointURI nor tokenType was specified. + * @throws WSTrustException + * if an error occurs while issuing the security token. */ public Element issueTokenOnBehalfOf(String endpointURI, String tokenType, Principal principal) throws WSTrustException @@ -289,17 +299,24 @@ DOMSource requestSource = this.createSourceFromRequest(request); Source response = dispatchLocal.get().invoke(requestSource); - RequestSecurityTokenResponseCollection responseCollection = (RequestSecurityTokenResponseCollection) WSTrustJAXBFactory - .getInstance().parseRequestSecurityTokenResponse(response); - RequestSecurityTokenResponse tokenResponse = responseCollection.getRequestSecurityTokenResponses().get(0); + try + { + RequestSecurityTokenResponseCollection responseCollection = (RequestSecurityTokenResponseCollection) new WSTrustParser() + .parse(DocumentUtil.getSourceAsStream(response)); + RequestSecurityTokenResponse tokenResponse = responseCollection.getRequestSecurityTokenResponses().get(0); - StatusType status = tokenResponse.getStatus(); - if (status != null) + StatusType status = tokenResponse.getStatus(); + if (status != null) + { + String code = status.getCode(); + return WSTrustConstants.STATUS_CODE_VALID.equals(code); + } + return false; + } + catch (Exception e) { - String code = status.getCode(); - return WSTrustConstants.STATUS_CODE_VALID.equals(code); + throw new WSTrustException("Error parsing WS-Trust response: " + e.getMessage(), e); } - return false; } /** @@ -307,9 +324,11 @@ * Cancels the specified security token by sending a WS-Trust cancel message to the STS. * * - * @param securityToken the security token to be canceled. + * @param securityToken + * the security token to be canceled. * @return {@code true} if the token has been canceled by the STS; {@code false} otherwise. - * @throws WSTrustException if an error occurs while processing the cancel request. + * @throws WSTrustException + * if an error occurs while processing the cancel request. */ public boolean cancelToken(Element securityToken) throws WSTrustException { @@ -321,18 +340,23 @@ request.setCancelTarget(cancelTarget); request.setContext("context"); - // marshal the request and send it to the STS. - WSTrustJAXBFactory jaxbFactory = WSTrustJAXBFactory.getInstance(); DOMSource requestSource = this.createSourceFromRequest(request); Source response = dispatchLocal.get().invoke(requestSource); // get the WS-Trust response and check for presence of the RequestTokenCanceled element. - RequestSecurityTokenResponseCollection responseCollection = (RequestSecurityTokenResponseCollection) jaxbFactory - .parseRequestSecurityTokenResponse(response); - RequestSecurityTokenResponse tokenResponse = responseCollection.getRequestSecurityTokenResponses().get(0); - if (tokenResponse.getRequestedTokenCancelled() != null) - return true; - return false; + try + { + RequestSecurityTokenResponseCollection responseCollection = (RequestSecurityTokenResponseCollection) new WSTrustParser() + .parse(DocumentUtil.getSourceAsStream(response)); + RequestSecurityTokenResponse tokenResponse = responseCollection.getRequestSecurityTokenResponses().get(0); + if (tokenResponse.getRequestedTokenCancelled() != null) + return true; + return false; + } + catch (Exception e) + { + throw new WSTrustException("Error parsing WS-Trust response: " + e.getMessage(), e); + } } public Dispatch<Source> getDispatch() @@ -345,7 +369,7 @@ try { DOMResult result = new DOMResult(DocumentUtil.createDocument()); - WSTrustRSTWriter writer = new WSTrustRSTWriter(result); + WSTrustRequestWriter writer = new WSTrustRequestWriter(result); writer.write(request); return new DOMSource(result.getNode()); } Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/StandardRequestHandler.java =================================================================== --- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/StandardRequestHandler.java 2010-11-25 22:20:20 UTC (rev 566) +++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/StandardRequestHandler.java 2010-11-30 00:32:39 UTC (rev 567) @@ -40,6 +40,7 @@ import org.picketlink.identity.federation.ws.policy.AppliesTo; import org.picketlink.identity.federation.ws.trust.BinarySecretType; import org.picketlink.identity.federation.ws.trust.ClaimsType; +import org.picketlink.identity.federation.ws.trust.ComputedKeyType; import org.picketlink.identity.federation.ws.trust.EntropyType; import org.picketlink.identity.federation.ws.trust.ObjectFactory; import org.picketlink.identity.federation.ws.trust.RequestedProofTokenType; @@ -195,13 +196,13 @@ { clientSecret = Base64.decode(new String(WSTrustUtil.getBinarySecret(clientEntropy))); serverEntropy = new EntropyType(); - serverEntropy.getAny().add(objFactory.createBinarySecret(serverBinarySecret)); + serverEntropy.getAny().add(serverBinarySecret); } if (clientSecret != null && clientSecret.length != 0) { // client secret has been specified - combine it with the sts secret. - requestedProofToken.setAny(objFactory.createComputedKey(WSTrustConstants.CK_PSHA1)); + requestedProofToken.setAny(new ComputedKeyType(WSTrustConstants.CK_PSHA1)); byte[] combinedSecret = null; try { @@ -218,7 +219,7 @@ else { // client secret has not been specified - use the sts secret only. - requestedProofToken.setAny(objFactory.createBinarySecret(serverBinarySecret)); + requestedProofToken.setAny(serverBinarySecret); requestContext.setProofTokenInfo(WSTrustUtil.createKeyInfo(serverBinarySecret.getValue(), providerPublicKey, keyWrapAlgo)); } Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/WSTrustConstants.java =================================================================== --- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/WSTrustConstants.java 2010-11-25 22:20:20 UTC (rev 566) +++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/WSTrustConstants.java 2010-11-30 00:32:39 UTC (rev 567) @@ -87,7 +87,8 @@ String CREATED = "Created"; String ENTROPY = "Entropy"; String EXPIRES = "Expires"; - String On_BEHALF_OF = "OnBehalfOf"; + String ON_BEHALF_OF = "OnBehalfOf"; + String COMPUTED_KEY = "ComputedKey"; String KEY_SIZE = "KeySize"; String KEY_TYPE = "KeyType"; String LIFETIME = "Lifetime"; @@ -96,6 +97,8 @@ String RST_COLLECTION = "RequestSecurityTokenCollection"; String RSTR_COLLECTION = "RequestSecurityTokenResponseCollection"; String REQUESTED_TOKEN = "RequestedSecurityToken"; + String REQUESTED_TOKEN_CANCELLED = "RequestedTokenCancelled"; + String REQUESTED_PROOF_TOKEN = "RequestedProofToken"; String REQUESTED_ATTACHED_REFERENCE = "RequestedAttachedReference"; String REQUEST_TYPE = "RequestType"; String TOKEN_TYPE = "TokenType"; @@ -103,6 +106,9 @@ String RENEW_TARGET = "RenewTarget"; String VALIDATE_TARGET = "ValidateTarget"; String USE_KEY = "UseKey"; + String STATUS = "Status"; + String CODE = "Code"; + String REASON = "Reason"; //Attribute Names String RST_CONTEXT = "Context"; @@ -129,5 +135,6 @@ String PREFIX_11 = "wsse11"; String SECURITY_TOKEN_REFERENCE = "SecurityTokenReference"; String USERNAME_TOKEN = "UsernameToken"; + String VALUE_TYPE = "ValueType"; } } \ No newline at end of file Deleted: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/WSTrustJAXBFactory.java =================================================================== --- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/WSTrustJAXBFactory.java 2010-11-25 22:20:20 UTC (rev 566) +++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/WSTrustJAXBFactory.java 2010-11-30 00:32:39 UTC (rev 567) @@ -1,361 +0,0 @@ -/* - * JBoss, Home of Professional Open Source. - * Copyright 2009, Red Hat Middleware LLC, and individual contributors - * as indicated by the @author tags. See the copyright.txt file in the - * distribution for a full listing of individual contributors. - * - * This is free software; you can redistribute it and/or modify it - * under the terms of the GNU Lesser General Public License as - * published by the Free Software Foundation; either version 2.1 of - * the License, or (at your option) any later version. - * - * This software is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this software; if not, write to the Free - * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA - * 02110-1301 USA, or see the FSF site: http://www.fsf.org. - */ -package org.picketlink.identity.federation.core.wstrust; - -import javax.xml.bind.Binder; -import javax.xml.bind.JAXBElement; -import javax.xml.bind.JAXBException; -import javax.xml.bind.Marshaller; -import javax.xml.bind.Unmarshaller; -import javax.xml.transform.Source; - -import org.apache.log4j.Logger; -import org.picketlink.identity.federation.core.saml.v2.common.SAMLDocumentHolder; -import org.picketlink.identity.federation.core.saml.v2.util.DocumentUtil; -import org.picketlink.identity.federation.core.util.JAXBUtil; -import org.picketlink.identity.federation.core.wstrust.wrappers.BaseRequestSecurityToken; -import org.picketlink.identity.federation.core.wstrust.wrappers.BaseRequestSecurityTokenResponse; -import org.picketlink.identity.federation.core.wstrust.wrappers.RequestSecurityToken; -import org.picketlink.identity.federation.core.wstrust.wrappers.RequestSecurityTokenResponse; -import org.picketlink.identity.federation.core.wstrust.wrappers.RequestSecurityTokenResponseCollection; -import org.picketlink.identity.federation.ws.trust.ObjectFactory; -import org.picketlink.identity.federation.ws.trust.RequestSecurityTokenResponseCollectionType; -import org.picketlink.identity.federation.ws.trust.RequestSecurityTokenType; -import org.w3c.dom.Document; -import org.w3c.dom.Element; -import org.w3c.dom.Node; -import org.w3c.dom.NodeList; - -/** - * - * This factory implements utility methods for converting between JAXB model objects and XML source. - * - * - * @author <a href="mailto:sguilhen@redhat.com">Stefan Guilhen</a> - */ -public class WSTrustJAXBFactory -{ - private static Logger log = Logger.getLogger(WSTrustJAXBFactory.class); - - private boolean trace = log.isTraceEnabled(); - - private static final WSTrustJAXBFactory instance = new WSTrustJAXBFactory(); - - private Marshaller marshaller; - - private Unmarshaller unmarshaller; - - private Binder<Node> binder; - - private final ObjectFactory objectFactory; - - private ThreadLocal<SAMLDocumentHolder> holders = new ThreadLocal<SAMLDocumentHolder>(); - - /** - * - * Creates the {@code WSTrustJAXBFactory} singleton instance. - * - */ - private WSTrustJAXBFactory() - { - try - { - this.marshaller = JAXBUtil.getMarshaller(this.getPackages()); - this.unmarshaller = JAXBUtil.getUnmarshaller(this.getPackages()); - this.binder = JAXBUtil.getJAXBContext(this.getPackages()).createBinder(); - this.objectFactory = new ObjectFactory(); - } - catch (JAXBException e) - { - throw new RuntimeException(e.getMessage(), e); - } - } - - /** - * - * Gets a reference to the singleton instance. - * - * - * @return a reference to the {@code WSTrustJAXBFactory} instance. - */ - public static WSTrustJAXBFactory getInstance() - { - return instance; - } - - private String getPackages() - { - StringBuilder packages = new StringBuilder(); - packages.append("org.picketlink.identity.federation.ws.addressing"); - packages.append(":org.picketlink.identity.federation.ws.policy"); - packages.append(":org.picketlink.identity.federation.ws.trust"); - packages.append(":org.picketlink.identity.federation.ws.wss.secext"); - packages.append(":org.picketlink.identity.federation.ws.wss.utility"); - packages.append(":org.picketlink.identity.xmlsec.w3.xmldsig"); - return packages.toString(); - } - - /** - * - * Creates a {@code BaseRequestSecurityToken} from the specified XML source. - * - * - * @param request - * the XML source containing the security token request message. - * @return the constructed {@code BaseRequestSecurityToken} instance. It will be an instance of {@code - * RequestSecurityToken} the message contains a single token request, and an instance of {@code - * RequestSecurityTokenCollection} if multiples requests are being made in the same message. - */ - @SuppressWarnings("unchecked") - public BaseRequestSecurityToken parseRequestSecurityToken(Source request) throws WSTrustException - { - // if the request contains a validate, cancel, or renew target, we must preserve it from JAXB unmarshalling. - try - { - Node documentNode = DocumentUtil.getNodeFromSource(request); - Document document = documentNode instanceof Document ? (Document) documentNode : documentNode - .getOwnerDocument(); - - JAXBElement<RequestSecurityTokenType> jaxbRST; - Node rst = this.findNodeByNameNS(document, "RequestSecurityToken", WSTrustConstants.BASE_NAMESPACE); - if (rst == null) - throw new RuntimeException("Request Security Token node not found"); - - jaxbRST = (JAXBElement<RequestSecurityTokenType>) binder.unmarshal(rst); - - RequestSecurityTokenType rstt = jaxbRST.getValue(); - - SAML2SecurityToken samlSecurityToken = new SAML2SecurityToken(rstt); - holders.set(new SAMLDocumentHolder(samlSecurityToken, document)); - return new RequestSecurityToken(rstt); - } - catch (Exception e) - { - throw new WSTrustException("Error parsing security token request", e); - } - } - - /** - * - * Creates a {@code BaseRequestSecurityTokenResponse} from the specified XML source. - * - * - * @param response - * the XML source containing the security token response message. - * @return the constructed {@code BaseRequestSecurityTokenResponse} instance. According to the WS-Trust - * specification, the returned object will be an instance of {@code RequestSecurityTokenResponseCollection}. - */ - public BaseRequestSecurityTokenResponse parseRequestSecurityTokenResponse(Source response) throws WSTrustException - { - // if the response contains an issued token, we must preserve it from the JAXB unmarshalling. - Element tokenElement = null; - Node documentNode = null; - try - { - documentNode = DocumentUtil.getNodeFromSource(response); - } - catch (Exception e) - { - throw new WSTrustException("Failed to transform request source", e); - } - - Document document = documentNode instanceof Document ? (Document) documentNode : documentNode.getOwnerDocument(); - Node requestedTokenNode = this.findNodeByNameNS(document, "RequestedSecurityToken", - WSTrustConstants.BASE_NAMESPACE); - if (requestedTokenNode != null) - tokenElement = (Element) requestedTokenNode.getFirstChild(); - - try - { - Object object = this.unmarshaller.unmarshal(documentNode); - if (object instanceof JAXBElement) - { - JAXBElement<?> element = (JAXBElement<?>) object; - if (element.getDeclaredType().equals(RequestSecurityTokenResponseCollectionType.class)) - { - RequestSecurityTokenResponseCollection collection = new RequestSecurityTokenResponseCollection( - (RequestSecurityTokenResponseCollectionType) element.getValue()); - // insert the security token in the parsed response. - if (tokenElement != null) - { - RequestSecurityTokenResponse parsedResponse = collection.getRequestSecurityTokenResponses().get(0); - parsedResponse.getRequestedSecurityToken().setAny(tokenElement); - } - return collection; - } - else - throw new RuntimeException("Invalid response type: " + element.getDeclaredType()); - } - else - throw new RuntimeException("Invalid response type: " + object.getClass().getName()); - } - catch (JAXBException e) - { - throw new RuntimeException("Failed to unmarshall security token response", e); - } - } - - /** - * - * Creates a {@code javax.xml.transform.Source} from the specified request object. - * - * - * @param request - * a {@code RequestSecurityToken} representing the object model of the security token request. - * @return the constructed {@code Source} instance. - */ - public Source marshallRequestSecurityToken(RequestSecurityToken request) - { - Element targetElement = null; - // if the request has a validate, cancel, or renew target, we must preserve it from JAXB marshaling. - String requestType = request.getRequestType().toString(); - if (requestType.equalsIgnoreCase(WSTrustConstants.VALIDATE_REQUEST) && request.getValidateTarget() != null) - { - targetElement = (Element) request.getValidateTarget().getAny(); - request.getValidateTarget().setAny(null); - } - else if (requestType.equalsIgnoreCase(WSTrustConstants.RENEW_REQUEST) && request.getRenewTarget() != null) - { - targetElement = (Element) request.getRenewTarget().getAny(); - request.getRenewTarget().setAny(null); - } - else if (requestType.equalsIgnoreCase(WSTrustConstants.CANCEL_REQUEST) && request.getCancelTarget() != null) - { - targetElement = (Element) request.getCancelTarget().getAny(); - request.getCancelTarget().setAny(null); - } - - Document result = null; - try - { - result = DocumentUtil.createDocument(); - this.marshaller.marshal(this.objectFactory.createRequestSecurityToken(request.getDelegate()), result); - - // insert the original target in the appropriate element. - if (targetElement != null) - { - Node node = null; - if (requestType.equalsIgnoreCase(WSTrustConstants.VALIDATE_REQUEST)) - node = this.findNodeByNameNS(result, "ValidateTarget", WSTrustConstants.BASE_NAMESPACE); - else if (requestType.equalsIgnoreCase(WSTrustConstants.RENEW_REQUEST)) - node = this.findNodeByNameNS(result, "RenewTarget", WSTrustConstants.BASE_NAMESPACE); - else if (requestType.equalsIgnoreCase(WSTrustConstants.CANCEL_REQUEST)) - node = this.findNodeByNameNS(result, "CancelTarget", WSTrustConstants.BASE_NAMESPACE); - if (node == null) - throw new RuntimeException("Unsupported request type:" + requestType); - node.appendChild(result.importNode(targetElement, true)); - } - } - catch (Exception e) - { - throw new RuntimeException("Failed to marshall security token request", e); - } - - return DocumentUtil.getXMLSource(result); - } - - /** - * - * Creates a {@code javax.xml.transform.Source} from the specified response object. - * - * - * @param collection - * a {@code RequestSecurityTokenResponseCollection} representing the object model of the security token - * response. - * @return the constructed {@code Source} instance. - */ - public Source marshallRequestSecurityTokenResponse(RequestSecurityTokenResponseCollection collection) - { - if (collection.getRequestSecurityTokenResponses().size() == 0) - throw new IllegalArgumentException("The response collection must contain at least one response"); - - // if the response contains an issued token, we must preserve it from the JAXB marshaling. - Element tokenElement = null; - RequestSecurityTokenResponse response = collection.getRequestSecurityTokenResponses().get(0); - if (response.getRequestedSecurityToken() != null) - { - tokenElement = (Element) response.getRequestedSecurityToken().getAny(); - // we don't want to marshall any token - it will be inserted in the DOM document later. - response.getRequestedSecurityToken().setAny(null); - } - - Document result = null; - try - { - // marshall the response to a document and insert the issued token directly on the document. - result = DocumentUtil.createDocument(); - this.marshaller.marshal(this.objectFactory.createRequestSecurityTokenResponseCollection(collection - .getDelegate()), result); - - // the document is a ws-trust template - we need to insert the token in the appropriate element. - if (tokenElement != null) - { - Node node = this.findNodeByNameNS(result, "RequestedSecurityToken", WSTrustConstants.BASE_NAMESPACE); - node.appendChild(result.importNode(tokenElement, true)); - } - if (trace) - { - log.trace("Final RSTR doc:" + DocumentUtil.asString(result)); - } - - } - catch (Exception e) - { - throw new RuntimeException("Failed to marshall security token response", e); - } - return DocumentUtil.getXMLSource(result); - } - - /** - * Return the {@code SAMLDocumentHolder} for the thread - * @return - */ - public SAMLDocumentHolder getSAMLDocumentHolderOnThread() - { - return holders.get(); - } - - /** - * - * Finds in the specified document a node that matches the specified name and namespace. - * - * - * @param document - * the {@code Document} instance upon which the search is made. - * @param localName - * a {@code String} containing the local name of the searched node. - * @param namespace - * a {@code String} containing the namespace of the searched node. - * @return a {@code Node} representing the searched node. If more than one node is found in the document, the first - * one will be returned. If no nodes were found according to the search parameters, then {@code null} is - * returned. - */ - private Node findNodeByNameNS(Document document, String localName, String namespace) - { - NodeList list = document.getElementsByTagNameNS(namespace, localName); - if (list == null || list.getLength() == 0) - // log("Unable to locate element " + localName + " with namespace " + namespace); - return null; - return list.item(0); - } - -} \ No newline at end of file Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/WSTrustUtil.java =================================================================== --- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/WSTrustUtil.java 2010-11-25 22:20:20 UTC (rev 566) +++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/WSTrustUtil.java 2010-11-30 00:32:39 UTC (rev 567) @@ -53,7 +53,6 @@ import org.picketlink.identity.federation.core.wstrust.wrappers.Lifetime; import org.picketlink.identity.federation.ws.addressing.AttributedURIType; import org.picketlink.identity.federation.ws.addressing.EndpointReferenceType; -import org.picketlink.identity.federation.ws.addressing.ObjectFactory; import org.picketlink.identity.federation.ws.policy.AppliesTo; import org.picketlink.identity.federation.ws.trust.BinarySecretType; import org.picketlink.identity.federation.ws.trust.EntropyType; @@ -116,8 +115,7 @@ Map<QName, String> attributes) { SecurityTokenReferenceType securityTokenReference = new SecurityTokenReferenceType(); - securityTokenReference.getAny().add( - new org.picketlink.identity.federation.ws.wss.secext.ObjectFactory().createKeyIdentifier(keyIdentifier)); + securityTokenReference.getAny().add(keyIdentifier); securityTokenReference.getOtherAttributes().putAll(attributes); RequestedReferenceType reference = new RequestedReferenceType(); reference.setSecurityTokenReference(securityTokenReference); @@ -140,7 +138,7 @@ EndpointReferenceType reference = new EndpointReferenceType(); reference.setAddress(attributedURI); AppliesTo appliesTo = new AppliesTo(); - appliesTo.getAny().add(new ObjectFactory().createEndpointReference(reference)); + appliesTo.getAny().add(reference); return appliesTo; } Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/plugins/saml/SAML20TokenProvider.java =================================================================== --- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/plugins/saml/SAML20TokenProvider.java 2010-11-25 22:20:20 UTC (rev 566) +++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/plugins/saml/SAML20TokenProvider.java 2010-11-30 00:32:39 UTC (rev 567) @@ -1,23 +1,19 @@ /* - * JBoss, Home of Professional Open Source. - * Copyright 2009, Red Hat Middleware LLC, and individual contributors - * as indicated by the @author tags. See the copyright.txt file in the - * distribution for a full listing of individual contributors. - * - * This is free software; you can redistribute it and/or modify it - * under the terms of the GNU Lesser General Public License as - * published by the Free Software Foundation; either version 2.1 of - * the License, or (at your option) any later version. - * - * This software is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this software; if not, write to the Free - * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA - * 02110-1301 USA, or see the FSF site: http://www.fsf.org. + * JBoss, Home of Professional Open Source. Copyright 2009, Red Hat Middleware LLC, and individual contributors as + * indicated by the @author tags. See the copyright.txt file in the distribution for a full listing of individual + * contributors. + * + * This is free software; you can redistribute it and/or modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation; either version 2.1 of the License, or (at your option) any + * later version. + * + * This software is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied + * warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more + * details. + * + * You should have received a copy of the GNU Lesser General Public License along with this software; if not, write to + * the Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA, or see the FSF site: + * http://www.fsf.org. */ package org.picketlink.identity.federation.core.wstrust.plugins.saml; @@ -167,8 +163,8 @@ this.attributeProvider.setProperties(this.properties); } else - logger.warn("Attribute provider not installed: " + attributeProviderClassName + - "is not an instance of SAML20TokenAttributeProvider"); + logger.warn("Attribute provider not installed: " + attributeProviderClassName + + "is not an instance of SAML20TokenAttributeProvider"); } catch (PrivilegedActionException pae) { @@ -182,7 +178,7 @@ * (non-Javadoc) * * @see org.picketlink.identity.federation.core.wstrust.SecurityTokenProvider# - * cancelToken(org.picketlink.identity.federation.core.wstrust.WSTrustRequestContext) + * cancelToken(org.picketlink.identity.federation.core.wstrust.WSTrustRequestContext) */ public void cancelToken(WSTrustRequestContext context) throws WSTrustException { @@ -203,7 +199,7 @@ * (non-Javadoc) * * @see org.picketlink.identity.federation.core.wstrust.SecurityTokenProvider# - * issueToken(org.picketlink.identity.federation.core.wstrust.WSTrustRequestContext) + * issueToken(org.picketlink.identity.federation.core.wstrust.WSTrustRequestContext) */ public void issueToken(WSTrustRequestContext context) throws WSTrustException { @@ -288,7 +284,8 @@ // set the SAML assertion attached reference. KeyIdentifierType keyIdentifier = WSTrustUtil.createKeyIdentifier(SAMLUtil.SAML2_VALUE_TYPE, "#" + assertionID); Map<QName, String> attributes = new HashMap<QName, String>(); - attributes.put(new QName(WSTrustConstants.WSSE11_NS, "TokenType"), SAMLUtil.SAML2_TOKEN_TYPE); + attributes.put(new QName(WSTrustConstants.WSSE11_NS, "TokenType", WSTrustConstants.WSSE.PREFIX_11), + SAMLUtil.SAML2_TOKEN_TYPE); RequestedReferenceType attachedReference = WSTrustUtil.createRequestedReference(keyIdentifier, attributes); context.setAttachedReference(attachedReference); } @@ -297,7 +294,7 @@ * (non-Javadoc) * * @see org.picketlink.identity.federation.core.wstrust.SecurityTokenProvider# - * renewToken(org.picketlink.identity.federation.core.wstrust.WSTrustRequestContext) + * renewToken(org.picketlink.identity.federation.core.wstrust.WSTrustRequestContext) */ public void renewToken(WSTrustRequestContext context) throws WSTrustException { @@ -364,7 +361,7 @@ * (non-Javadoc) * * @see org.picketlink.identity.federation.core.wstrust.SecurityTokenProvider# - * validateToken(org.picketlink.identity.federation.core.wstrust.WSTrustRequestContext) + * validateToken(org.picketlink.identity.federation.core.wstrust.WSTrustRequestContext) */ public void validateToken(WSTrustRequestContext context) throws WSTrustException { @@ -431,8 +428,9 @@ * * Checks whether the specified element is a SAMLV2.0 assertion or not. * - * - * @param element the {@code Element} being verified. + * + * @param element + * the {@code Element} being verified. * @return {@code true} if the element is a SAMLV2.0 assertion; {@code false} otherwise. */ private boolean isAssertion(Element element) Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/writers/WSPolicyWriter.java =================================================================== --- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/writers/WSPolicyWriter.java 2010-11-25 22:20:20 UTC (rev 566) +++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/writers/WSPolicyWriter.java 2010-11-30 00:32:39 UTC (rev 567) @@ -66,10 +66,9 @@ { for( Object content: contentList ) { - JAXBElement<?> jaxb = (JAXBElement<?>) content; - if( EndpointReferenceType.class.equals( jaxb.getDeclaredType() ) ) + if( content instanceof EndpointReferenceType ) { - EndpointReferenceType endpointReference = (EndpointReferenceType) jaxb.getValue(); + EndpointReferenceType endpointReference = (EndpointReferenceType) content; WSAddressingWriter wsAddressingWriter = new WSAddressingWriter(this.writer); wsAddressingWriter.write(endpointReference); } Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/writers/WSSecurityWriter.java =================================================================== --- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/writers/WSSecurityWriter.java 2010-11-25 22:20:20 UTC (rev 566) +++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/writers/WSSecurityWriter.java 2010-11-30 00:32:39 UTC (rev 567) @@ -1,27 +1,22 @@ /* - * JBoss, Home of Professional Open Source. - * Copyright 2008, Red Hat Middleware LLC, and individual contributors - * as indicated by the @author tags. See the copyright.txt file in the - * distribution for a full listing of individual contributors. - * - * This is free software; you can redistribute it and/or modify it - * under the terms of the GNU Lesser General Public License as - * published by the Free Software Foundation; either version 2.1 of - * the License, or (at your option) any later version. - * - * This software is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this software; if not, write to the Free - * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA - * 02110-1301 USA, or see the FSF site: http://www.fsf.org. + * JBoss, Home of Professional Open Source. Copyright 2008, Red Hat Middleware LLC, and individual contributors as + * indicated by the @author tags. See the copyright.txt file in the distribution for a full listing of individual + * contributors. + * + * This is free software; you can redistribute it and/or modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation; either version 2.1 of the License, or (at your option) any + * later version. + * + * This software is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied + * warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more + * details. + * + * You should have received a copy of the GNU Lesser General Public License along with this software; if not, write to + * the Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA, or see the FSF site: + * http://www.fsf.org. */ package org.picketlink.identity.federation.core.wstrust.writers; - import static org.picketlink.identity.federation.core.wsse.WSSecurityConstants.ID; import static org.picketlink.identity.federation.core.wsse.WSSecurityConstants.USERNAME; import static org.picketlink.identity.federation.core.wsse.WSSecurityConstants.USERNAME_TOKEN; @@ -30,52 +25,124 @@ import static org.picketlink.identity.federation.core.wsse.WSSecurityConstants.WSU_NS; import static org.picketlink.identity.federation.core.wsse.WSSecurityConstants.WSU_PREFIX; +import java.util.HashSet; +import java.util.Map; +import java.util.Set; + +import javax.xml.datatype.XMLGregorianCalendar; import javax.xml.namespace.QName; import javax.xml.stream.XMLStreamWriter; import org.picketlink.identity.federation.core.exceptions.ProcessingException; import org.picketlink.identity.federation.core.util.StaxUtil; import org.picketlink.identity.federation.core.util.StringUtil; +import org.picketlink.identity.federation.core.wstrust.WSTrustConstants; import org.picketlink.identity.federation.ws.wss.secext.AttributedString; +import org.picketlink.identity.federation.ws.wss.secext.KeyIdentifierType; +import org.picketlink.identity.federation.ws.wss.secext.SecurityTokenReferenceType; import org.picketlink.identity.federation.ws.wss.secext.UsernameTokenType; /** * Write WS-Security Elements + * * @author Anil.Saldhana(a)redhat.com * @since Nov 8, 2010 */ public class WSSecurityWriter { private XMLStreamWriter writer; - + public WSSecurityWriter(XMLStreamWriter writer) { this.writer = writer; } - + public void write(UsernameTokenType usernameToken) throws ProcessingException { - StaxUtil.writeStartElement( writer, WSSE_PREFIX, USERNAME_TOKEN, WSSE_NS ); - StaxUtil.writeNameSpace( writer, WSSE_PREFIX, WSSE_NS ); - + StaxUtil.writeStartElement(writer, WSSE_PREFIX, USERNAME_TOKEN, WSSE_NS); + StaxUtil.writeNameSpace(writer, WSSE_PREFIX, WSSE_NS); + String id = usernameToken.getId(); - if( StringUtil.isNullOrEmpty( id )) - throw new ProcessingException( " Id on the UsernameToken is null" ); + if (StringUtil.isNullOrEmpty(id)) + throw new ProcessingException(" Id on the UsernameToken is null"); + + QName wsuIDQName = new QName(WSU_NS, ID, WSU_PREFIX); + StaxUtil.writeNameSpace(writer, WSU_PREFIX, WSU_NS); + StaxUtil.writeAttribute(writer, wsuIDQName, id); + + AttributedString userNameAttr = usernameToken.getUsername(); + if (userNameAttr == null) + throw new ProcessingException(" User Name is null on the UsernameToken"); + + StaxUtil.writeStartElement(writer, WSSE_PREFIX, USERNAME, WSSE_NS); + StaxUtil.writeCharacters(writer, userNameAttr.getValue()); + StaxUtil.writeEndElement(writer); + + StaxUtil.writeEndElement(writer); + StaxUtil.flush(writer); + } + + public void writeLifetime(XMLGregorianCalendar created, XMLGregorianCalendar expires) throws ProcessingException + { + // write the created element. + StaxUtil.writeStartElement(this.writer, WSU_PREFIX, WSTrustConstants.CREATED, WSU_NS); + StaxUtil.writeNameSpace(this.writer, WSU_PREFIX, WSU_NS); + StaxUtil.writeCharacters(this.writer, created.toXMLFormat()); + StaxUtil.writeEndElement(this.writer); + + // write the expires element. + StaxUtil.writeStartElement(this.writer, WSU_PREFIX, WSTrustConstants.EXPIRES, WSU_NS); + StaxUtil.writeNameSpace(this.writer, WSU_PREFIX, WSU_NS); + StaxUtil.writeCharacters(this.writer, expires.toXMLFormat()); + StaxUtil.writeEndElement(this.writer); + + StaxUtil.flush(this.writer); + } + + public void writeSecurityTokenReference(SecurityTokenReferenceType secRef) throws ProcessingException + { + Set<String> usedNamespaces = new HashSet<String>(); + usedNamespaces.add(WSSE_NS); - StaxUtil.setPrefix(writer, WSU_PREFIX, WSU_NS ); - QName wsuIDQName = new QName( WSU_NS, ID, WSU_PREFIX ); - StaxUtil.writeAttribute(writer, wsuIDQName, id ); - StaxUtil.writeNameSpace(writer, WSU_PREFIX, WSU_NS ); + StaxUtil.writeStartElement(writer, WSSE_PREFIX, WSTrustConstants.WSSE.SECURITY_TOKEN_REFERENCE, WSSE_NS); + StaxUtil.writeNameSpace(writer, WSSE_PREFIX, WSSE_NS); + + // write the id attribute, if available. + if (secRef.getId() != null && secRef.getId() != "") + { + QName wsuIDQName = new QName(WSU_NS, ID, WSU_PREFIX); + StaxUtil.writeNameSpace(writer, WSU_PREFIX, WSU_NS); + StaxUtil.writeAttribute(writer, wsuIDQName, secRef.getId()); + usedNamespaces.add(WSU_NS); + } + + // write all other attributes. + for (Map.Entry<QName, String> entry : secRef.getOtherAttributes().entrySet()) + { + QName key = entry.getKey(); + // check if the namespace needs to be written. + if (!usedNamespaces.contains(key.getNamespaceURI())) + { + StaxUtil.writeNameSpace(this.writer, key.getPrefix(), key.getNamespaceURI()); + usedNamespaces.add(key.getNamespaceURI()); + } + StaxUtil.writeAttribute(this.writer, key, entry.getValue()); + } - AttributedString userNameAttr = usernameToken.getUsername(); - if( userNameAttr == null ) - throw new ProcessingException( " User Name is null on the UsernameToken" ); + // write the key identifier, if available. + for (Object obj : secRef.getAny()) + { + if (obj instanceof KeyIdentifierType) + { + KeyIdentifierType keyId = (KeyIdentifierType) obj; + StaxUtil.writeStartElement(this.writer, WSSE_PREFIX, WSTrustConstants.WSSE.KEY_IDENTIFIER, WSSE_NS); + StaxUtil.writeAttribute(this.writer, WSTrustConstants.WSSE.VALUE_TYPE, keyId.getValueType()); + StaxUtil.writeCharacters(this.writer, keyId.getValue()); + StaxUtil.writeEndElement(this.writer); + } + } - StaxUtil.writeStartElement( writer, WSSE_PREFIX, USERNAME, WSSE_NS ); - StaxUtil.writeCharacters(writer, userNameAttr.getValue() ); - StaxUtil.writeEndElement( writer ); - - StaxUtil.writeEndElement( writer ); - StaxUtil.flush( writer ); + StaxUtil.writeEndElement(this.writer); + StaxUtil.flush(this.writer); } } \ No newline at end of file Deleted: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/writers/WSTrustRSTWriter.java =================================================================== --- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/writers/WSTrustRSTWriter.java 2010-11-25 22:20:20 UTC (rev 566) +++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/writers/WSTrustRSTWriter.java 2010-11-30 00:32:39 UTC (rev 567) @@ -1,449 +0,0 @@ -/* - * JBoss, Home of Professional Open Source. - * Copyright 2008, Red Hat Middleware LLC, and individual contributors - * as indicated by the @author tags. See the copyright.txt file in the - * distribution for a full listing of individual contributors. - * - * This is free software; you can redistribute it and/or modify it - * under the terms of the GNU Lesser General Public License as - * published by the Free Software Foundation; either version 2.1 of - * the License, or (at your option) any later version. - * - * This software is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this software; if not, write to the Free - * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA - * 02110-1301 USA, or see the FSF site: http://www.fsf.org. - */ -package org.picketlink.identity.federation.core.wstrust.writers; - -import static org.picketlink.identity.federation.core.wstrust.WSTrustConstants.BASE_NAMESPACE; -import static org.picketlink.identity.federation.core.wstrust.WSTrustConstants.PREFIX; -import static org.picketlink.identity.federation.core.wstrust.WSTrustConstants.RST; -import static org.picketlink.identity.federation.core.wstrust.WSTrustConstants.RST_COLLECTION; -import static org.picketlink.identity.federation.core.wstrust.WSTrustConstants.RST_CONTEXT; - -import java.io.OutputStream; -import java.net.URI; -import java.util.List; - -import javax.xml.stream.XMLStreamWriter; -import javax.xml.transform.Result; - -import org.picketlink.identity.federation.core.exceptions.ProcessingException; -import org.picketlink.identity.federation.core.saml.v2.writers.SAMLAssertionWriter; -import org.picketlink.identity.federation.core.util.StaxUtil; -import org.picketlink.identity.federation.core.wstrust.WSTrustConstants; -import org.picketlink.identity.federation.core.wstrust.wrappers.RequestSecurityToken; -import org.picketlink.identity.federation.core.wstrust.wrappers.RequestSecurityTokenCollection; -import org.picketlink.identity.federation.saml.v2.assertion.AssertionType; -import org.picketlink.identity.federation.ws.policy.AppliesTo; -import org.picketlink.identity.federation.ws.trust.BinarySecretType; -import org.picketlink.identity.federation.ws.trust.CancelTargetType; -import org.picketlink.identity.federation.ws.trust.EntropyType; -import org.picketlink.identity.federation.ws.trust.OnBehalfOfType; -import org.picketlink.identity.federation.ws.trust.RenewTargetType; -import org.picketlink.identity.federation.ws.trust.UseKeyType; -import org.picketlink.identity.federation.ws.trust.ValidateTargetType; -import org.picketlink.identity.federation.ws.wss.secext.UsernameTokenType; -import org.picketlink.identity.xmlsec.w3.xmldsig.KeyValueType; -import org.picketlink.identity.xmlsec.w3.xmldsig.RSAKeyValueType; -import org.w3c.dom.Element; - -/** - * Given a {@code RequestSecurityToken}, write into an {@code OutputStream} - * @author Anil.Saldhana(a)redhat.com - * @since Oct 19, 2010 - */ -public class WSTrustRSTWriter -{ - private XMLStreamWriter writer; - - /** - * - * Creates a {@code WSTrustRSTWriter} that writes {@code RequestSecurityToken} instances to the specified - * {@code OutputStream}. - * - * - * @param out the stream where the request is to be written. - * @throws ProcessingException if an error occurs while processing the request. - */ - public WSTrustRSTWriter(OutputStream out) throws ProcessingException - { - this.writer = StaxUtil.getXMLStreamWriter(out); - } - - /** - * - * Creates a {@code WSTrustRSTWriter} that writes {@code RequestSecurityToken} instances to the specified - * {@code Result}. - * - * - * @param result the {@code Result} where the request it to be written. - * @throws ProcessingException if an error occurs while processing the request. - */ - public WSTrustRSTWriter(Result result) throws ProcessingException - { - this.writer = StaxUtil.getXMLStreamWriter(result); - } - - /** - * - * Creates a {@code WSTrustRSTWriter} that uses the specified {@code XMLStreamWriter} to write the request - * objects. - * - * - * @param writer the {@code XMLStreamWriter} to be used to write requests. - */ - public WSTrustRSTWriter(XMLStreamWriter writer) - { - this.writer = writer; - } - - /** - * Write the {@code RequestSecurityTokenCollection} into the {@code OutputStream} - * @param requestTokenCollection - * @param out - * @throws ProcessingException - */ - public void write( RequestSecurityTokenCollection requestTokenCollection) throws ProcessingException - { - StaxUtil.writeStartElement( writer, PREFIX, RST_COLLECTION, BASE_NAMESPACE); - StaxUtil.writeNameSpace( writer, PREFIX, BASE_NAMESPACE ); - - List<RequestSecurityToken> tokenList = requestTokenCollection.getRequestSecurityTokens(); - if( tokenList == null ) - throw new ProcessingException( "RST list is null" ); - - for( RequestSecurityToken token: tokenList ) - { - write(token); - } - - StaxUtil.writeEndElement( writer ); - StaxUtil.flush( writer ); - } - - /** - * Write the {@code RequestSecurityToken} into the {@code OutputStream} - * @param requestToken - * @param out - * @throws ProcessingException - */ - public void write( RequestSecurityToken requestToken ) throws ProcessingException - { - StaxUtil.writeStartElement( writer, PREFIX, RST, BASE_NAMESPACE); - StaxUtil.writeNameSpace( writer, PREFIX, BASE_NAMESPACE ); - String context = requestToken.getContext(); - StaxUtil.writeAttribute( writer, RST_CONTEXT, context ); - - URI requestType = requestToken.getRequestType(); - if( requestType != null ) - { - writeRequestType( writer, requestType ); - } - - URI tokenType = requestToken.getTokenType(); - if( tokenType != null ) - { - writeTokenType( writer, tokenType ); - } - //Deal with AppliesTo - AppliesTo appliesTo = requestToken.getAppliesTo(); - if( appliesTo != null ) - { - WSPolicyWriter wsPolicyWriter = new WSPolicyWriter(this.writer); - wsPolicyWriter.write( appliesTo ); - } - - long keySize = requestToken.getKeySize(); - if (keySize != 0) - { - StaxUtil.writeStartElement(writer, PREFIX, WSTrustConstants.KEY_SIZE, BASE_NAMESPACE); - StaxUtil.writeCharacters(writer, Long.toString(keySize)); - StaxUtil.writeEndElement(writer); - } - - URI keyType = requestToken.getKeyType(); - if( keyType != null ) - { - StaxUtil.writeStartElement( writer, PREFIX, WSTrustConstants.KEY_TYPE, BASE_NAMESPACE); - StaxUtil.writeCharacters(writer, keyType.toString() ); - StaxUtil.writeEndElement( writer ); - } - EntropyType entropy = requestToken.getEntropy(); - if( entropy != null ) - { - writeEntropyType(entropy); - } - - UseKeyType useKeyType = requestToken.getUseKey(); - if( useKeyType != null ) - { - writeUseKeyType(useKeyType); - } - - OnBehalfOfType onBehalfOf = requestToken.getOnBehalfOf(); - if( onBehalfOf != null ) - { - writeOnBehalfOfType(onBehalfOf); - } - - ValidateTargetType validateTarget = requestToken.getValidateTarget(); - if( validateTarget != null ) - { - writeValidateTargetType(validateTarget); - } - - CancelTargetType cancelTarget = requestToken.getCancelTarget(); - if( cancelTarget != null ) - { - writeCancelTargetType(cancelTarget); - } - - RenewTargetType renewTarget = requestToken.getRenewTarget(); - if (renewTarget != null) - { - writeRenewTargetType(renewTarget); - } - - StaxUtil.writeEndElement( writer ); - StaxUtil.flush( writer ); - } - - /** - * Write an {@code EntropyType} to stream - * @param entropy - * @throws ProcessingException - */ - private void writeEntropyType(EntropyType entropy) throws ProcessingException - { - StaxUtil.writeStartElement( writer, PREFIX, WSTrustConstants.ENTROPY, BASE_NAMESPACE); - - List<Object> entropyList = entropy.getAny(); - if( entropyList != null ) - { - for( Object entropyObj: entropyList ) - { - if( entropyObj instanceof BinarySecretType ) - { - BinarySecretType binarySecret = (BinarySecretType) entropyObj; - writeBinarySecretType( writer, binarySecret ); - } - } - } - StaxUtil.writeEndElement( writer ); - } - - /** - * Write an {@code UseKeyType} to stream - * @param useKeyType - * @throws ProcessingException - */ - private void writeUseKeyType(UseKeyType useKeyType) throws ProcessingException - { - StaxUtil.writeStartElement( writer, PREFIX, WSTrustConstants.USE_KEY, BASE_NAMESPACE); - - Object useKeyTypeValue = useKeyType.getAny(); - if( useKeyTypeValue instanceof Element ) - { - Element domElement = (Element) useKeyTypeValue; - StaxUtil.writeDOMElement( writer, domElement ); - } - else if (useKeyTypeValue instanceof byte[]) - { - byte[] certificate = (byte[]) useKeyTypeValue; - StaxUtil.writeStartElement(writer, WSTrustConstants.XMLDSig.DSIG_PREFIX , WSTrustConstants.XMLDSig.X509CERT, - WSTrustConstants.DSIG_NS); - StaxUtil.writeNameSpace( writer, WSTrustConstants.XMLDSig.DSIG_PREFIX , WSTrustConstants.DSIG_NS); - StaxUtil.writeCharacters(writer, new String(certificate)); - StaxUtil.writeEndElement(writer); - } - else if (useKeyTypeValue instanceof KeyValueType) - { - writeKeyValueType((KeyValueType) useKeyTypeValue); - } - else - throw new RuntimeException( " Unknown use key type:" + useKeyTypeValue.getClass().getName() ); - - StaxUtil.writeEndElement(writer); - } - - private void writeKeyValueType(KeyValueType type) throws ProcessingException - { - StaxUtil.writeStartElement(writer, WSTrustConstants.XMLDSig.DSIG_PREFIX , WSTrustConstants.XMLDSig.KEYVALUE, WSTrustConstants.DSIG_NS); - StaxUtil.writeNameSpace(writer, WSTrustConstants.XMLDSig.DSIG_PREFIX , WSTrustConstants.DSIG_NS); - if (type.getContent().size() == 0) - throw new ProcessingException("KeyValueType must contain at least one value"); - - for (Object obj : type.getContent()) - { - if (obj instanceof RSAKeyValueType) - { - RSAKeyValueType rsaKeyValue = (RSAKeyValueType) obj; - writeRSAKeyValueType(rsaKeyValue); - } - } - StaxUtil.writeEndElement(writer); - } - - private void writeRSAKeyValueType(RSAKeyValueType type) throws ProcessingException - { - StaxUtil.writeStartElement(writer, "dsig", WSTrustConstants.XMLDSig.RSA_KEYVALUE , WSTrustConstants.DSIG_NS); - // write the rsa key modulus. - byte[] modulus = type.getModulus(); - StaxUtil.writeStartElement(writer, "dsig", WSTrustConstants.XMLDSig.MODULUS , WSTrustConstants.DSIG_NS); - StaxUtil.writeCharacters(writer, new String(modulus)); - StaxUtil.writeEndElement(writer); - - // write the rsa key exponent. - byte[] exponent = type.getExponent(); - StaxUtil.writeStartElement(writer, "dsig", WSTrustConstants.XMLDSig.EXPONENT , WSTrustConstants.DSIG_NS); - StaxUtil.writeCharacters(writer, new String(exponent)); - StaxUtil.writeEndElement(writer); - - StaxUtil.writeEndElement(writer); - } - /** - * Write an {@code OnBehalfOfType} to stream - * @param onBehalfOf - * @param out - * @throws ProcessingException - */ - private void writeOnBehalfOfType(OnBehalfOfType onBehalfOf) throws ProcessingException - { - StaxUtil.writeStartElement( writer, PREFIX, WSTrustConstants.On_BEHALF_OF, BASE_NAMESPACE); - StaxUtil.writeCharacters(writer, "" ); - - UsernameTokenType usernameToken = (UsernameTokenType) onBehalfOf.getAny(); - WSSecurityWriter wsseWriter = new WSSecurityWriter(this.writer); - wsseWriter.write( usernameToken ); - StaxUtil.writeEndElement( writer ); - } - - /** - * Write an {@code ValidateTargetType} to stream - * @param validateTarget - * @param out - * @throws ProcessingException - */ - private void writeValidateTargetType(ValidateTargetType validateTarget) throws ProcessingException - { - StaxUtil.writeStartElement( writer, PREFIX, WSTrustConstants.VALIDATE_TARGET, BASE_NAMESPACE); - - Object validateTargetObj = validateTarget.getAny(); - if (validateTargetObj != null) - { - if (validateTargetObj instanceof AssertionType) - { - AssertionType assertion = (AssertionType) validateTargetObj; - SAMLAssertionWriter samlAssertionWriter = new SAMLAssertionWriter(this.writer); - samlAssertionWriter.write(assertion); - } - else if (validateTargetObj instanceof Element) - { - StaxUtil.writeDOMElement(writer, (Element) validateTargetObj); - } - else - throw new ProcessingException("Unknown validate target type=" + validateTargetObj.getClass().getName()); - } - StaxUtil.writeEndElement( writer ); - } - - private void writeRenewTargetType(RenewTargetType renewTarget) throws ProcessingException - { - StaxUtil.writeStartElement( writer, PREFIX, WSTrustConstants.RENEW_TARGET, BASE_NAMESPACE); - - Object renewTargetObj = renewTarget.getAny(); - if (renewTargetObj != null) - { - if (renewTargetObj instanceof AssertionType) - { - AssertionType assertion = (AssertionType) renewTargetObj; - SAMLAssertionWriter samlAssertionWriter = new SAMLAssertionWriter(this.writer); - samlAssertionWriter.write(assertion); - } - else if (renewTargetObj instanceof Element) - { - StaxUtil.writeDOMElement(writer, (Element) renewTargetObj); - } - else - throw new ProcessingException("Unknown renew target type=" + renewTargetObj.getClass().getName()); - } - StaxUtil.writeEndElement( writer ); - } - - /** - * Write an {@code CancelTargetType} to Stream - * @param cancelTarget - * @param out - * @throws ProcessingException - */ - private void writeCancelTargetType(CancelTargetType cancelTarget) throws ProcessingException - { - StaxUtil.writeStartElement( writer, PREFIX, WSTrustConstants.CANCEL_TARGET, BASE_NAMESPACE); - - Object cancelTargetObj = cancelTarget.getAny(); - if (cancelTargetObj != null) - { - if (cancelTargetObj instanceof AssertionType) - { - AssertionType assertion = (AssertionType) cancelTargetObj; - SAMLAssertionWriter samlAssertionWriter = new SAMLAssertionWriter(this.writer); - samlAssertionWriter.write(assertion); - } - else if (cancelTargetObj instanceof Element) - { - StaxUtil.writeDOMElement(writer, (Element) cancelTargetObj); - } - else - throw new ProcessingException("Unknown cancel target type=" + cancelTargetObj.getClass().getName()); - } - StaxUtil.writeEndElement( writer ); - } - - /** - * Write a {@code BinarySecretType} to stream - * @param writer - * @param binarySecret - * @throws ProcessingException - */ - private void writeBinarySecretType( XMLStreamWriter writer, BinarySecretType binarySecret ) throws ProcessingException - { - StaxUtil.writeStartElement( writer, PREFIX, WSTrustConstants.BINARY_SECRET, BASE_NAMESPACE ); - String type = binarySecret.getType(); - StaxUtil.writeAttribute(writer, WSTrustConstants.TYPE, type ); - StaxUtil.writeCharacters(writer, new String( binarySecret.getValue() ) ); - StaxUtil.writeEndElement(writer); - } - - /** - * Write a Request Type - * @param writer - * @param uri - * @throws ProcessingException - */ - private void writeRequestType( XMLStreamWriter writer , URI uri ) throws ProcessingException - { - StaxUtil.writeStartElement( writer, PREFIX, WSTrustConstants.REQUEST_TYPE, BASE_NAMESPACE ); - StaxUtil.writeCharacters(writer, uri.toASCIIString() ); - StaxUtil.writeEndElement(writer); - } - - /** - * Write Token Type - * @param writer - * @param uri - * @throws ProcessingException - */ - private void writeTokenType( XMLStreamWriter writer , URI uri ) throws ProcessingException - { - StaxUtil.writeStartElement( writer, PREFIX, WSTrustConstants.TOKEN_TYPE, BASE_NAMESPACE ); - StaxUtil.writeCharacters(writer, uri.toASCIIString() ); - StaxUtil.writeEndElement(writer); - } -} \ No newline at end of file Copied: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/writers/WSTrustRequestWriter.java (from rev 562, federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/writers/WSTrustRSTWriter.java) =================================================================== --- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/writers/WSTrustRequestWriter.java (rev 0) +++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/writers/WSTrustRequestWriter.java 2010-11-30 00:32:39 UTC (rev 567) @@ -0,0 +1,447 @@ +/* + * JBoss, Home of Professional Open Source. + * Copyright 2008, Red Hat Middleware LLC, and individual contributors + * as indicated by the @author tags. See the copyright.txt file in the + * distribution for a full listing of individual contributors. + * + * This is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * This software is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this software; if not, write to the Free + * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA + * 02110-1301 USA, or see the FSF site: http://www.fsf.org. + */ +package org.picketlink.identity.federation.core.wstrust.writers; + +import static org.picketlink.identity.federation.core.wstrust.WSTrustConstants.BASE_NAMESPACE; +import static org.picketlink.identity.federation.core.wstrust.WSTrustConstants.PREFIX; +import static org.picketlink.identity.federation.core.wstrust.WSTrustConstants.RST; +import static org.picketlink.identity.federation.core.wstrust.WSTrustConstants.RST_COLLECTION; +import static org.picketlink.identity.federation.core.wstrust.WSTrustConstants.RST_CONTEXT; + +import java.io.OutputStream; +import java.net.URI; +import java.util.List; + +import javax.xml.stream.XMLStreamWriter; +import javax.xml.transform.Result; + +import org.picketlink.identity.federation.core.exceptions.ProcessingException; +import org.picketlink.identity.federation.core.saml.v2.writers.SAMLAssertionWriter; +import org.picketlink.identity.federation.core.util.StaxUtil; +import org.picketlink.identity.federation.core.wstrust.WSTrustConstants; +import org.picketlink.identity.federation.core.wstrust.wrappers.RequestSecurityToken; +import org.picketlink.identity.federation.core.wstrust.wrappers.RequestSecurityTokenCollection; +import org.picketlink.identity.federation.saml.v2.assertion.AssertionType; +import org.picketlink.identity.federation.ws.policy.AppliesTo; +import org.picketlink.identity.federation.ws.trust.BinarySecretType; +import org.picketlink.identity.federation.ws.trust.CancelTargetType; +import org.picketlink.identity.federation.ws.trust.EntropyType; +import org.picketlink.identity.federation.ws.trust.OnBehalfOfType; +import org.picketlink.identity.federation.ws.trust.RenewTargetType; +import org.picketlink.identity.federation.ws.trust.UseKeyType; +import org.picketlink.identity.federation.ws.trust.ValidateTargetType; +import org.picketlink.identity.federation.ws.wss.secext.UsernameTokenType; +import org.picketlink.identity.xmlsec.w3.xmldsig.KeyValueType; +import org.picketlink.identity.xmlsec.w3.xmldsig.RSAKeyValueType; +import org.w3c.dom.Element; + +/** + * Given a {@code RequestSecurityToken}, write into an {@code OutputStream} + * @author Anil.Saldhana(a)redhat.com + * @since Oct 19, 2010 + */ +public class WSTrustRequestWriter +{ + private XMLStreamWriter writer; + + /** + * + * Creates a {@code WSTrustRequestWriter} that writes {@code RequestSecurityToken} instances to the specified + * {@code OutputStream}. + * + * + * @param out the stream where the request is to be written. + * @throws ProcessingException if an error occurs while processing the request. + */ + public WSTrustRequestWriter(OutputStream out) throws ProcessingException + { + this.writer = StaxUtil.getXMLStreamWriter(out); + } + + /** + * + * Creates a {@code WSTrustRequestWriter} that writes {@code RequestSecurityToken} instances to the specified + * {@code Result}. + * + * + * @param result the {@code Result} where the request it to be written. + * @throws ProcessingException if an error occurs while processing the request. + */ + public WSTrustRequestWriter(Result result) throws ProcessingException + { + this.writer = StaxUtil.getXMLStreamWriter(result); + } + + /** + * + * Creates a {@code WSTrustRequestWriter} that uses the specified {@code XMLStreamWriter} to write the request + * objects. + * + * + * @param writer the {@code XMLStreamWriter} to be used to write requests. + */ + public WSTrustRequestWriter(XMLStreamWriter writer) + { + this.writer = writer; + } + + /** + * Write the {@code RequestSecurityTokenCollection} into the {@code OutputStream} + * @param requestTokenCollection + * @param out + * @throws ProcessingException + */ + public void write( RequestSecurityTokenCollection requestTokenCollection) throws ProcessingException + { + StaxUtil.writeStartElement( writer, PREFIX, RST_COLLECTION, BASE_NAMESPACE); + StaxUtil.writeNameSpace( writer, PREFIX, BASE_NAMESPACE ); + + List<RequestSecurityToken> tokenList = requestTokenCollection.getRequestSecurityTokens(); + if( tokenList == null ) + throw new ProcessingException( "RST list is null" ); + + for( RequestSecurityToken token: tokenList ) + { + write(token); + } + + StaxUtil.writeEndElement( writer ); + StaxUtil.flush( writer ); + } + + /** + * Write the {@code RequestSecurityToken} into the {@code OutputStream} + * @param requestToken + * @param out + * @throws ProcessingException + */ + public void write( RequestSecurityToken requestToken ) throws ProcessingException + { + StaxUtil.writeStartElement( writer, PREFIX, RST, BASE_NAMESPACE); + StaxUtil.writeNameSpace( writer, PREFIX, BASE_NAMESPACE ); + String context = requestToken.getContext(); + StaxUtil.writeAttribute( writer, RST_CONTEXT, context ); + + URI requestType = requestToken.getRequestType(); + if( requestType != null ) + { + writeRequestType( writer, requestType ); + } + + URI tokenType = requestToken.getTokenType(); + if( tokenType != null ) + { + writeTokenType( writer, tokenType ); + } + //Deal with AppliesTo + AppliesTo appliesTo = requestToken.getAppliesTo(); + if( appliesTo != null ) + { + WSPolicyWriter wsPolicyWriter = new WSPolicyWriter(this.writer); + wsPolicyWriter.write( appliesTo ); + } + + long keySize = requestToken.getKeySize(); + if (keySize != 0) + { + StaxUtil.writeStartElement(writer, PREFIX, WSTrustConstants.KEY_SIZE, BASE_NAMESPACE); + StaxUtil.writeCharacters(writer, Long.toString(keySize)); + StaxUtil.writeEndElement(writer); + } + + URI keyType = requestToken.getKeyType(); + if( keyType != null ) + { + StaxUtil.writeStartElement( writer, PREFIX, WSTrustConstants.KEY_TYPE, BASE_NAMESPACE); + StaxUtil.writeCharacters(writer, keyType.toString() ); + StaxUtil.writeEndElement( writer ); + } + EntropyType entropy = requestToken.getEntropy(); + if( entropy != null ) + { + writeEntropyType(entropy); + } + + UseKeyType useKeyType = requestToken.getUseKey(); + if( useKeyType != null ) + { + writeUseKeyType(useKeyType); + } + + OnBehalfOfType onBehalfOf = requestToken.getOnBehalfOf(); + if( onBehalfOf != null ) + { + writeOnBehalfOfType(onBehalfOf); + } + + ValidateTargetType validateTarget = requestToken.getValidateTarget(); + if( validateTarget != null ) + { + writeValidateTargetType(validateTarget); + } + + CancelTargetType cancelTarget = requestToken.getCancelTarget(); + if( cancelTarget != null ) + { + writeCancelTargetType(cancelTarget); + } + + RenewTargetType renewTarget = requestToken.getRenewTarget(); + if (renewTarget != null) + { + writeRenewTargetType(renewTarget); + } + + StaxUtil.writeEndElement( writer ); + StaxUtil.flush( writer ); + } + + /** + * Write an {@code EntropyType} to stream + * @param entropy + * @throws ProcessingException + */ + private void writeEntropyType(EntropyType entropy) throws ProcessingException + { + StaxUtil.writeStartElement( writer, PREFIX, WSTrustConstants.ENTROPY, BASE_NAMESPACE); + + List<Object> entropyList = entropy.getAny(); + if( entropyList != null ) + { + for( Object entropyObj: entropyList ) + { + if( entropyObj instanceof BinarySecretType ) + { + BinarySecretType binarySecret = (BinarySecretType) entropyObj; + writeBinarySecretType( writer, binarySecret ); + } + } + } + StaxUtil.writeEndElement( writer ); + } + + /** + * Write an {@code UseKeyType} to stream + * @param useKeyType + * @throws ProcessingException + */ + private void writeUseKeyType(UseKeyType useKeyType) throws ProcessingException + { + StaxUtil.writeStartElement( writer, PREFIX, WSTrustConstants.USE_KEY, BASE_NAMESPACE); + + Object useKeyTypeValue = useKeyType.getAny(); + if( useKeyTypeValue instanceof Element ) + { + Element domElement = (Element) useKeyTypeValue; + StaxUtil.writeDOMElement( writer, domElement ); + } + else if (useKeyTypeValue instanceof byte[]) + { + byte[] certificate = (byte[]) useKeyTypeValue; + StaxUtil.writeStartElement(writer, WSTrustConstants.XMLDSig.DSIG_PREFIX , WSTrustConstants.XMLDSig.X509CERT, + WSTrustConstants.DSIG_NS); + StaxUtil.writeNameSpace( writer, WSTrustConstants.XMLDSig.DSIG_PREFIX , WSTrustConstants.DSIG_NS); + StaxUtil.writeCharacters(writer, new String(certificate)); + StaxUtil.writeEndElement(writer); + } + else if (useKeyTypeValue instanceof KeyValueType) + { + writeKeyValueType((KeyValueType) useKeyTypeValue); + } + else + throw new RuntimeException( " Unknown use key type:" + useKeyTypeValue.getClass().getName() ); + + StaxUtil.writeEndElement(writer); + } + + private void writeKeyValueType(KeyValueType type) throws ProcessingException + { + StaxUtil.writeStartElement(writer, WSTrustConstants.XMLDSig.DSIG_PREFIX , WSTrustConstants.XMLDSig.KEYVALUE, WSTrustConstants.DSIG_NS); + StaxUtil.writeNameSpace(writer, WSTrustConstants.XMLDSig.DSIG_PREFIX , WSTrustConstants.DSIG_NS); + if (type.getContent().size() == 0) + throw new ProcessingException("KeyValueType must contain at least one value"); + + for (Object obj : type.getContent()) + { + if (obj instanceof RSAKeyValueType) + { + RSAKeyValueType rsaKeyValue = (RSAKeyValueType) obj; + writeRSAKeyValueType(rsaKeyValue); + } + } + StaxUtil.writeEndElement(writer); + } + + private void writeRSAKeyValueType(RSAKeyValueType type) throws ProcessingException + { + StaxUtil.writeStartElement(writer, "dsig", WSTrustConstants.XMLDSig.RSA_KEYVALUE , WSTrustConstants.DSIG_NS); + // write the rsa key modulus. + byte[] modulus = type.getModulus(); + StaxUtil.writeStartElement(writer, "dsig", WSTrustConstants.XMLDSig.MODULUS , WSTrustConstants.DSIG_NS); + StaxUtil.writeCharacters(writer, new String(modulus)); + StaxUtil.writeEndElement(writer); + + // write the rsa key exponent. + byte[] exponent = type.getExponent(); + StaxUtil.writeStartElement(writer, "dsig", WSTrustConstants.XMLDSig.EXPONENT , WSTrustConstants.DSIG_NS); + StaxUtil.writeCharacters(writer, new String(exponent)); + StaxUtil.writeEndElement(writer); + + StaxUtil.writeEndElement(writer); + } + /** + * Write an {@code OnBehalfOfType} to stream + * @param onBehalfOf + * @param out + * @throws ProcessingException + */ + private void writeOnBehalfOfType(OnBehalfOfType onBehalfOf) throws ProcessingException + { + StaxUtil.writeStartElement( writer, PREFIX, WSTrustConstants.ON_BEHALF_OF, BASE_NAMESPACE); + UsernameTokenType usernameToken = (UsernameTokenType) onBehalfOf.getAny(); + WSSecurityWriter wsseWriter = new WSSecurityWriter(this.writer); + wsseWriter.write( usernameToken ); + StaxUtil.writeEndElement( writer ); + } + + /** + * Write an {@code ValidateTargetType} to stream + * @param validateTarget + * @param out + * @throws ProcessingException + */ + private void writeValidateTargetType(ValidateTargetType validateTarget) throws ProcessingException + { + StaxUtil.writeStartElement( writer, PREFIX, WSTrustConstants.VALIDATE_TARGET, BASE_NAMESPACE); + + Object validateTargetObj = validateTarget.getAny(); + if (validateTargetObj != null) + { + if (validateTargetObj instanceof AssertionType) + { + AssertionType assertion = (AssertionType) validateTargetObj; + SAMLAssertionWriter samlAssertionWriter = new SAMLAssertionWriter(this.writer); + samlAssertionWriter.write(assertion); + } + else if (validateTargetObj instanceof Element) + { + StaxUtil.writeDOMElement(writer, (Element) validateTargetObj); + } + else + throw new ProcessingException("Unknown validate target type=" + validateTargetObj.getClass().getName()); + } + StaxUtil.writeEndElement( writer ); + } + + private void writeRenewTargetType(RenewTargetType renewTarget) throws ProcessingException + { + StaxUtil.writeStartElement( writer, PREFIX, WSTrustConstants.RENEW_TARGET, BASE_NAMESPACE); + + Object renewTargetObj = renewTarget.getAny(); + if (renewTargetObj != null) + { + if (renewTargetObj instanceof AssertionType) + { + AssertionType assertion = (AssertionType) renewTargetObj; + SAMLAssertionWriter samlAssertionWriter = new SAMLAssertionWriter(this.writer); + samlAssertionWriter.write(assertion); + } + else if (renewTargetObj instanceof Element) + { + StaxUtil.writeDOMElement(writer, (Element) renewTargetObj); + } + else + throw new ProcessingException("Unknown renew target type=" + renewTargetObj.getClass().getName()); + } + StaxUtil.writeEndElement( writer ); + } + + /** + * Write an {@code CancelTargetType} to Stream + * @param cancelTarget + * @param out + * @throws ProcessingException + */ + private void writeCancelTargetType(CancelTargetType cancelTarget) throws ProcessingException + { + StaxUtil.writeStartElement( writer, PREFIX, WSTrustConstants.CANCEL_TARGET, BASE_NAMESPACE); + + Object cancelTargetObj = cancelTarget.getAny(); + if (cancelTargetObj != null) + { + if (cancelTargetObj instanceof AssertionType) + { + AssertionType assertion = (AssertionType) cancelTargetObj; + SAMLAssertionWriter samlAssertionWriter = new SAMLAssertionWriter(this.writer); + samlAssertionWriter.write(assertion); + } + else if (cancelTargetObj instanceof Element) + { + StaxUtil.writeDOMElement(writer, (Element) cancelTargetObj); + } + else + throw new ProcessingException("Unknown cancel target type=" + cancelTargetObj.getClass().getName()); + } + StaxUtil.writeEndElement( writer ); + } + + /** + * Write a {@code BinarySecretType} to stream + * @param writer + * @param binarySecret + * @throws ProcessingException + */ + private void writeBinarySecretType( XMLStreamWriter writer, BinarySecretType binarySecret ) throws ProcessingException + { + StaxUtil.writeStartElement( writer, PREFIX, WSTrustConstants.BINARY_SECRET, BASE_NAMESPACE ); + String type = binarySecret.getType(); + StaxUtil.writeAttribute(writer, WSTrustConstants.TYPE, type ); + StaxUtil.writeCharacters(writer, new String( binarySecret.getValue() ) ); + StaxUtil.writeEndElement(writer); + } + + /** + * Write a Request Type + * @param writer + * @param uri + * @throws ProcessingException + */ + private void writeRequestType( XMLStreamWriter writer , URI uri ) throws ProcessingException + { + StaxUtil.writeStartElement( writer, PREFIX, WSTrustConstants.REQUEST_TYPE, BASE_NAMESPACE ); + StaxUtil.writeCharacters(writer, uri.toASCIIString() ); + StaxUtil.writeEndElement(writer); + } + + /** + * Write Token Type + * @param writer + * @param uri + * @throws ProcessingException + */ + private void writeTokenType( XMLStreamWriter writer , URI uri ) throws ProcessingException + { + StaxUtil.writeStartElement( writer, PREFIX, WSTrustConstants.TOKEN_TYPE, BASE_NAMESPACE ); + StaxUtil.writeCharacters(writer, uri.toASCIIString() ); + StaxUtil.writeEndElement(writer); + } +} \ No newline at end of file Added: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/writers/WSTrustResponseWriter.java =================================================================== --- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/writers/WSTrustResponseWriter.java (rev 0) +++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/writers/WSTrustResponseWriter.java 2010-11-30 00:32:39 UTC (rev 567) @@ -0,0 +1,312 @@ +/* + * JBoss, Home of Professional Open Source. Copyright 2008, Red Hat Middleware LLC, and individual contributors as + * indicated by the @author tags. See the copyright.txt file in the distribution for a full listing of individual + * contributors. + * + * This is free software; you can redistribute it and/or modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation; either version 2.1 of the License, or (at your option) any + * later version. + * + * This software is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied + * warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more + * details. + * + * You should have received a copy of the GNU Lesser General Public License along with this software; if not, write to + * the Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA, or see the FSF site: + * http://www.fsf.org. + */ +package org.picketlink.identity.federation.core.wstrust.writers; + +import java.io.OutputStream; +import java.util.List; + +import javax.xml.stream.XMLStreamWriter; +import javax.xml.transform.Result; + +import org.picketlink.identity.federation.core.exceptions.ProcessingException; +import org.picketlink.identity.federation.core.saml.v2.writers.SAMLAssertionWriter; +import org.picketlink.identity.federation.core.util.StaxUtil; +import org.picketlink.identity.federation.core.wstrust.WSTrustConstants; +import org.picketlink.identity.federation.core.wstrust.wrappers.Lifetime; +import org.picketlink.identity.federation.core.wstrust.wrappers.RequestSecurityTokenResponse; +import org.picketlink.identity.federation.core.wstrust.wrappers.RequestSecurityTokenResponseCollection; +import org.picketlink.identity.federation.saml.v2.assertion.AssertionType; +import org.picketlink.identity.federation.ws.trust.BinarySecretType; +import org.picketlink.identity.federation.ws.trust.ComputedKeyType; +import org.picketlink.identity.federation.ws.trust.EntropyType; +import org.picketlink.identity.federation.ws.trust.RequestedProofTokenType; +import org.picketlink.identity.federation.ws.trust.RequestedReferenceType; +import org.picketlink.identity.federation.ws.trust.StatusType; +import org.w3c.dom.Element; + +/** + * + * A Stax writer for WS-Trust response messages. + * + * + * @author <a href="mailto:sguilhen@redhat.com">Stefan Guilhen</a> + */ +public class WSTrustResponseWriter +{ + private XMLStreamWriter writer; + + /** + * + * Creates a {@code WSTrustResponseWriter} instance that writes WS-Trust response messages to the specified {@code + * OutputStream}. + * + * + * @param stream + * the where the response is to be written. + * @throws ProcessingException + * if an error occurs when creating the {@code XMLStreamWriter} for the specified stream. + */ + public WSTrustResponseWriter(OutputStream stream) throws ProcessingException + { + this.writer = StaxUtil.getXMLStreamWriter(stream); + } + + /** + * + * Creates a {@code WSTrustResponseWriter} instance that writes WS-Trust response messages to the specified {@code + * Result}. + * + * + * @param result + * the {@code Result} object where the response is to be written. + * @throws ProcessingException + * if an error occurs when creating the {@code XMLStreamWriter} for the specified result. + */ + public WSTrustResponseWriter(Result result) throws ProcessingException + { + this.writer = StaxUtil.getXMLStreamWriter(result); + } + + /** + * + * Creates a {@code WSTrustResponseWriter} instance that uses the specified {@code XMLStreamWriter} to write the + * WS-Trust response messages. + * + * + * @param writer + * the {@code XMLStreamWriter} that will be used to write the response messages. + */ + public WSTrustResponseWriter(XMLStreamWriter writer) + { + this.writer = writer; + } + + /** + * + * Writes the WS-Trust response message represented by the specified {@code RequestSecurityTokenResponseCollection} + * object. + * + * + * @param collection + * the object that contains the WS-Trust response message to be written. + * @throws ProcessingException + * if an error occurs while writing the response message. + */ + public void write(RequestSecurityTokenResponseCollection collection) throws ProcessingException + { + // write the "root" response collection element with its namespace. + StaxUtil.writeStartElement(this.writer, WSTrustConstants.PREFIX, WSTrustConstants.RSTR_COLLECTION, + WSTrustConstants.BASE_NAMESPACE); + StaxUtil.writeNameSpace(this.writer, WSTrustConstants.PREFIX, WSTrustConstants.BASE_NAMESPACE); + + // write all individual response messages. + List<RequestSecurityTokenResponse> responses = collection.getRequestSecurityTokenResponses(); + if (responses == null) + throw new ProcessingException("WS-Trust response message doesn't contain any response"); + + for (RequestSecurityTokenResponse response : responses) + this.write(response); + + // write the response collection end element. + StaxUtil.writeEndElement(this.writer); + StaxUtil.flush(this.writer); + } + + private void write(RequestSecurityTokenResponse response) throws ProcessingException + { + // write the response element and the context attribute. + StaxUtil.writeStartElement(this.writer, WSTrustConstants.PREFIX, WSTrustConstants.RSTR, + WSTrustConstants.BASE_NAMESPACE); + String context = response.getContext(); + StaxUtil.writeAttribute(this.writer, WSTrustConstants.RST_CONTEXT, context); + + // write the token type, if available. + if (response.getTokenType() != null) + { + StaxUtil.writeStartElement(this.writer, WSTrustConstants.PREFIX, WSTrustConstants.TOKEN_TYPE, + WSTrustConstants.BASE_NAMESPACE); + StaxUtil.writeCharacters(this.writer, response.getTokenType().toASCIIString()); + StaxUtil.writeEndElement(this.writer); + } + + // write the token lifetime, if available. + if (response.getLifetime() != null) + { + Lifetime lifetime = response.getLifetime(); + StaxUtil.writeStartElement(this.writer, WSTrustConstants.PREFIX, WSTrustConstants.LIFETIME, + WSTrustConstants.BASE_NAMESPACE); + new WSSecurityWriter(this.writer).writeLifetime(lifetime.getCreated(), lifetime.getExpires()); + StaxUtil.writeEndElement(this.writer); + } + + // write the applies-to element, if available. + if (response.getAppliesTo() != null) + { + WSPolicyWriter policyWriter = new WSPolicyWriter(this.writer); + policyWriter.write(response.getAppliesTo()); + } + + // write the key size, if available. + if (response.getKeySize() != 0) + { + StaxUtil.writeStartElement(this.writer, WSTrustConstants.PREFIX, WSTrustConstants.KEY_SIZE, + WSTrustConstants.BASE_NAMESPACE); + StaxUtil.writeCharacters(this.writer, Long.toString(response.getKeySize())); + StaxUtil.writeEndElement(this.writer); + } + + // write the key type, if available. + if (response.getKeyType() != null) + { + StaxUtil.writeStartElement(this.writer, WSTrustConstants.PREFIX, WSTrustConstants.KEY_TYPE, + WSTrustConstants.BASE_NAMESPACE); + StaxUtil.writeCharacters(this.writer, response.getKeyType().toString()); + StaxUtil.writeEndElement(this.writer); + } + + // write the security token, if available. + if (response.getRequestedSecurityToken() != null) + { + StaxUtil.writeStartElement(this.writer, WSTrustConstants.PREFIX, WSTrustConstants.REQUESTED_TOKEN, + WSTrustConstants.BASE_NAMESPACE); + Object securityToken = response.getRequestedSecurityToken().getAny(); + if (securityToken != null) + { + if (securityToken instanceof AssertionType) + { + AssertionType assertion = (AssertionType) securityToken; + SAMLAssertionWriter samlAssertionWriter = new SAMLAssertionWriter(this.writer); + samlAssertionWriter.write(assertion); + } + else if (securityToken instanceof Element) + { + StaxUtil.writeDOMElement(this.writer, (Element) securityToken); + } + else + throw new ProcessingException("Unknown security token type=" + securityToken.getClass().getName()); + } + StaxUtil.writeEndElement(this.writer); + } + + // write the attached reference, if available. + if (response.getRequestedAttachedReference() != null) + { + RequestedReferenceType ref = response.getRequestedAttachedReference(); + StaxUtil.writeStartElement(this.writer, WSTrustConstants.PREFIX, + WSTrustConstants.REQUESTED_ATTACHED_REFERENCE, WSTrustConstants.BASE_NAMESPACE); + new WSSecurityWriter(this.writer).writeSecurityTokenReference(ref.getSecurityTokenReference()); + StaxUtil.writeEndElement(this.writer); + } + + // write the requested proof token, if available. + if (response.getRequestedProofToken() != null) + { + RequestedProofTokenType requestedProof = response.getRequestedProofToken(); + Object content = requestedProof.getAny(); + if (content == null) + throw new ProcessingException("RequestedProofToken context cannot be empty"); + + StaxUtil.writeStartElement(this.writer, WSTrustConstants.PREFIX, WSTrustConstants.REQUESTED_PROOF_TOKEN, + WSTrustConstants.BASE_NAMESPACE); + if (content instanceof BinarySecretType) + { + BinarySecretType binarySecret = (BinarySecretType) content; + StaxUtil.writeStartElement(this.writer, WSTrustConstants.PREFIX, WSTrustConstants.BINARY_SECRET, + WSTrustConstants.BASE_NAMESPACE); + StaxUtil.writeAttribute(this.writer, WSTrustConstants.TYPE, binarySecret.getType()); + StaxUtil.writeCharacters(this.writer, new String(binarySecret.getValue())); + StaxUtil.writeEndElement(this.writer); + } + else if (content instanceof ComputedKeyType) + { + ComputedKeyType computedKey = (ComputedKeyType) content; + StaxUtil.writeStartElement(this.writer, WSTrustConstants.PREFIX, WSTrustConstants.COMPUTED_KEY, + WSTrustConstants.BASE_NAMESPACE); + StaxUtil.writeCharacters(this.writer, computedKey.getAlgorithm()); + StaxUtil.writeEndElement(this.writer); + } + StaxUtil.writeEndElement(this.writer); + } + + // write the server entropy, if available. + if (response.getEntropy() != null) + { + EntropyType entropy = response.getEntropy(); + StaxUtil.writeStartElement(this.writer, WSTrustConstants.PREFIX, WSTrustConstants.ENTROPY, + WSTrustConstants.BASE_NAMESPACE); + + List<Object> entropyList = entropy.getAny(); + if (entropyList != null && entropyList.size() != 0) + { + for (Object entropyObj : entropyList) + { + if (entropyObj instanceof BinarySecretType) + { + BinarySecretType binarySecret = (BinarySecretType) entropyObj; + StaxUtil.writeStartElement(this.writer, WSTrustConstants.PREFIX, WSTrustConstants.BINARY_SECRET, + WSTrustConstants.BASE_NAMESPACE); + StaxUtil.writeAttribute(this.writer, WSTrustConstants.TYPE, binarySecret.getType()); + StaxUtil.writeCharacters(this.writer, new String(binarySecret.getValue())); + StaxUtil.writeEndElement(this.writer); + } + } + } + StaxUtil.writeEndElement(writer); + } + + // write the validation status, if available. + if (response.getStatus() != null) + { + StatusType status = response.getStatus(); + StaxUtil.writeStartElement(this.writer, WSTrustConstants.PREFIX, WSTrustConstants.STATUS, + WSTrustConstants.BASE_NAMESPACE); + + // write the status code. + if (status.getCode() == null || status.getCode() == "") + throw new ProcessingException("Validation status code is missing"); + StaxUtil.writeStartElement(this.writer, WSTrustConstants.PREFIX, WSTrustConstants.CODE, + WSTrustConstants.BASE_NAMESPACE); + StaxUtil.writeCharacters(this.writer, response.getStatus().getCode()); + StaxUtil.writeEndElement(this.writer); + + // write the status reason, if available. + if (status.getReason() != null) + { + StaxUtil.writeStartElement(this.writer, WSTrustConstants.PREFIX, WSTrustConstants.REASON, + WSTrustConstants.BASE_NAMESPACE); + StaxUtil.writeCharacters(this.writer, response.getStatus().getReason()); + StaxUtil.writeEndElement(this.writer); + } + + // write the status end element. + StaxUtil.writeEndElement(this.writer); + } + + // write the cancel status, if available. + if (response.getRequestedTokenCancelled() != null) + { + StaxUtil.writeStartElement(this.writer, WSTrustConstants.PREFIX, WSTrustConstants.REQUESTED_TOKEN_CANCELLED, + WSTrustConstants.BASE_NAMESPACE); + StaxUtil.writeEndElement(this.writer); + } + + // write the response end element. + StaxUtil.writeEndElement(this.writer); + StaxUtil.flush(writer); + } +} Deleted: federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/WST_SAML_ParsingPerfTestCase.java =================================================================== --- federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/WST_SAML_ParsingPerfTestCase.java 2010-11-25 22:20:20 UTC (rev 566) +++ federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/WST_SAML_ParsingPerfTestCase.java 2010-11-30 00:32:39 UTC (rev 567) @@ -1,100 +0,0 @@ -/* - * JBoss, Home of Professional Open Source. - * Copyright 2008, Red Hat Middleware LLC, and individual contributors - * as indicated by the @author tags. See the copyright.txt file in the - * distribution for a full listing of individual contributors. - * - * This is free software; you can redistribute it and/or modify it - * under the terms of the GNU Lesser General Public License as - * published by the Free Software Foundation; either version 2.1 of - * the License, or (at your option) any later version. - * - * This software is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this software; if not, write to the Free - * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA - * 02110-1301 USA, or see the FSF site: http://www.fsf.org. - */ -package org.picketlink.test.identity.federation.core.parser; - -import java.io.ByteArrayInputStream; -import java.io.InputStream; - -import javax.xml.transform.Source; - -import org.junit.Ignore; -import org.junit.Test; -import org.picketlink.identity.federation.core.parsers.wst.WSTrustParser; -import org.picketlink.identity.federation.core.saml.v2.util.DocumentUtil; -import org.picketlink.identity.federation.core.wstrust.WSTrustJAXBFactory; -import org.w3c.dom.Document; - -/** - * Some simple perf tests - * @author Anil.Saldhana(a)redhat.com - * @since Oct 14, 2010 - */ -public class WST_SAML_ParsingPerfTestCase -{ - private int runs = 5000; - - String fileName = "parser/perf/wst-batch-validate-one.xml"; - - /** - * This test just tests some saml/wst payload performance - * using JAXB and Stax. - * - * NOTE: For the test to work, just comment out @Ignore - * @throws Exception - */ - @Test - @Ignore - public void testParsingPerformance() throws Exception - { - ClassLoader tcl = Thread.currentThread().getContextClassLoader(); - InputStream configStream = tcl.getResourceAsStream( fileName ); - - Document doc = DocumentUtil.getDocument( configStream ); - Source source = DocumentUtil.getXMLSource(doc); - - - //JAXB way - long start = System.currentTimeMillis(); - for( int i = 0 ; i < runs; i++ ) - { - useJAXB( source ); - } - long elapsedTimeMillis = System.currentTimeMillis() - start; - System.out.println("JAXB, time spent for " + runs - + " iterations = " + elapsedTimeMillis + " ms or " + elapsedTimeMillis/1000F + " secs"); - - configStream = tcl.getResourceAsStream( fileName ); - byte[] xmlData = new byte[ configStream.available() ]; - configStream.read( xmlData ); - - //Stax Way - start = System.currentTimeMillis(); - for( int i = 0 ; i < runs; i++ ) - { - useStax( new ByteArrayInputStream( xmlData ) ); - } - elapsedTimeMillis = System.currentTimeMillis() - start; - System.out.println("STAX, time spent for " + runs - + " iterations = " + elapsedTimeMillis + " ms or " + elapsedTimeMillis/1000F + " secs"); - } - - private void useJAXB( Source source ) throws Exception - { - WSTrustJAXBFactory.getInstance().parseRequestSecurityToken(source); - } - - private void useStax( InputStream configStream ) throws Exception - { - WSTrustParser parser = new WSTrustParser(); - parser.parse( configStream ); - } -} \ No newline at end of file Modified: federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/wst/WSTResponseAssertionHOKCertificateTestCase.java =================================================================== --- federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/wst/WSTResponseAssertionHOKCertificateTestCase.java 2010-11-25 22:20:20 UTC (rev 566) +++ federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/wst/WSTResponseAssertionHOKCertificateTestCase.java 2010-11-30 00:32:39 UTC (rev 567) @@ -27,13 +27,13 @@ import java.io.InputStream; import java.util.Map; -import javax.xml.bind.JAXBElement; import javax.xml.namespace.QName; import org.junit.Test; import org.picketlink.identity.federation.core.parsers.wst.WSTrustParser; import org.picketlink.identity.federation.core.saml.v2.util.XMLTimeUtil; import org.picketlink.identity.federation.core.wstrust.WSTrustConstants; +import org.picketlink.identity.federation.core.wstrust.plugins.saml.SAMLUtil; import org.picketlink.identity.federation.core.wstrust.wrappers.RequestSecurityTokenResponse; import org.picketlink.identity.federation.core.wstrust.wrappers.RequestSecurityTokenResponseCollection; import org.picketlink.identity.federation.saml.v2.assertion.AssertionType; @@ -41,6 +41,7 @@ import org.picketlink.identity.federation.ws.trust.RequestedReferenceType; import org.picketlink.identity.federation.ws.wss.secext.KeyIdentifierType; import org.picketlink.identity.federation.ws.wss.secext.SecurityTokenReferenceType; +import org.w3c.dom.Element; /** * @author Anil.Saldhana(a)redhat.com @@ -68,13 +69,14 @@ assertEquals( XMLTimeUtil.parse( "2010-11-11T16:34:19.602Z" ), rstr.getLifetime().getCreated() ); assertEquals( XMLTimeUtil.parse( "2010-11-11T18:34:19.602Z" ), rstr.getLifetime().getExpires() ); - EndpointReferenceType endpoint = (EndpointReferenceType)((JAXBElement) rstr.getAppliesTo().getAny().get(0)).getValue(); + EndpointReferenceType endpoint = (EndpointReferenceType) rstr.getAppliesTo().getAny().get(0); assertEquals( "http://services.testcorp.org/provider2", endpoint.getAddress().getValue() ); assertEquals( 128, rstr.getKeySize() ); assertEquals( WSTrustConstants.KEY_TYPE_PUBLIC, rstr.getKeyType().toASCIIString() ); - AssertionType assertion = (AssertionType) rstr.getRequestedSecurityToken().getAny(); + Element assertionElement = (Element) rstr.getRequestedSecurityToken().getAny(); + AssertionType assertion = SAMLUtil.fromElement(assertionElement); assertEquals( "ID_5a15fc70-daa1-4808-b70e-9cbf6b8e4d4f", assertion.getID() ); RequestedReferenceType ref = rstr.getRequestedAttachedReference(); Modified: federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/wst/WSTrustBatchValidateParsingTestCase.java =================================================================== --- federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/wst/WSTrustBatchValidateParsingTestCase.java 2010-11-25 22:20:20 UTC (rev 566) +++ federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/wst/WSTrustBatchValidateParsingTestCase.java 2010-11-30 00:32:39 UTC (rev 567) @@ -35,7 +35,7 @@ import org.picketlink.identity.federation.core.wstrust.WSTrustConstants; import org.picketlink.identity.federation.core.wstrust.wrappers.RequestSecurityToken; import org.picketlink.identity.federation.core.wstrust.wrappers.RequestSecurityTokenCollection; -import org.picketlink.identity.federation.core.wstrust.writers.WSTrustRSTWriter; +import org.picketlink.identity.federation.core.wstrust.writers.WSTrustRequestWriter; /** * Validate the parsing of wst-batch-validate.xml @@ -69,7 +69,7 @@ //Now for the writing part ByteArrayOutputStream baos = new ByteArrayOutputStream(); - WSTrustRSTWriter rstWriter = new WSTrustRSTWriter(baos); + WSTrustRequestWriter rstWriter = new WSTrustRequestWriter(baos); rstWriter.write( requestCollection ); Modified: federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/wst/WSTrustCancelTargetSamlTestCase.java =================================================================== --- federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/wst/WSTrustCancelTargetSamlTestCase.java 2010-11-25 22:20:20 UTC (rev 566) +++ federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/wst/WSTrustCancelTargetSamlTestCase.java 2010-11-30 00:32:39 UTC (rev 567) @@ -38,7 +38,7 @@ import org.picketlink.identity.federation.core.saml.v2.util.DocumentUtil; import org.picketlink.identity.federation.core.wstrust.WSTrustConstants; import org.picketlink.identity.federation.core.wstrust.wrappers.RequestSecurityToken; -import org.picketlink.identity.federation.core.wstrust.writers.WSTrustRSTWriter; +import org.picketlink.identity.federation.core.wstrust.writers.WSTrustRequestWriter; import org.picketlink.identity.federation.saml.v2.assertion.AssertionType; import org.picketlink.identity.federation.saml.v2.assertion.ConditionsType; import org.picketlink.identity.federation.saml.v2.assertion.NameIDType; @@ -71,7 +71,7 @@ //Now for the writing part ByteArrayOutputStream baos = new ByteArrayOutputStream(); - WSTrustRSTWriter rstWriter = new WSTrustRSTWriter(baos); + WSTrustRequestWriter rstWriter = new WSTrustRequestWriter(baos); rstWriter.write(requestToken ); Modified: federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/wst/WSTrustIssueAppliesToTestCase.java =================================================================== --- federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/wst/WSTrustIssueAppliesToTestCase.java 2010-11-25 22:20:20 UTC (rev 566) +++ federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/wst/WSTrustIssueAppliesToTestCase.java 2010-11-30 00:32:39 UTC (rev 567) @@ -55,8 +55,7 @@ assertEquals( WSTrustConstants.ISSUE_REQUEST , requestToken.getRequestType().toASCIIString() ); AppliesTo appliesTo = requestToken.getAppliesTo(); - JAXBElement<EndpointReferenceType> jaxb = (JAXBElement<EndpointReferenceType>) appliesTo.getAny().get(0); - EndpointReferenceType endpoint = jaxb.getValue(); + EndpointReferenceType endpoint = (EndpointReferenceType) appliesTo.getAny().get(0); assertEquals( "http://services.testcorp.org/provider2", endpoint.getAddress().getValue() ); } } \ No newline at end of file Modified: federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/wst/WSTrustIssuePublicCertificateTestCase.java =================================================================== --- federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/wst/WSTrustIssuePublicCertificateTestCase.java 2010-11-25 22:20:20 UTC (rev 566) +++ federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/wst/WSTrustIssuePublicCertificateTestCase.java 2010-11-30 00:32:39 UTC (rev 567) @@ -27,15 +27,13 @@ import java.io.ByteArrayOutputStream; import java.io.InputStream; -import javax.xml.bind.JAXBElement; - import org.junit.Test; import org.picketlink.identity.federation.core.parsers.wst.WSTRequestSecurityTokenParser; import org.picketlink.identity.federation.core.parsers.wst.WSTrustParser; import org.picketlink.identity.federation.core.saml.v2.util.DocumentUtil; import org.picketlink.identity.federation.core.wstrust.WSTrustConstants; import org.picketlink.identity.federation.core.wstrust.wrappers.RequestSecurityToken; -import org.picketlink.identity.federation.core.wstrust.writers.WSTrustRSTWriter; +import org.picketlink.identity.federation.core.wstrust.writers.WSTrustRequestWriter; import org.picketlink.identity.federation.ws.addressing.EndpointReferenceType; import org.picketlink.identity.federation.ws.policy.AppliesTo; import org.picketlink.identity.federation.ws.trust.UseKeyType; @@ -63,8 +61,7 @@ assertEquals( WSTrustConstants.ISSUE_REQUEST , requestToken.getRequestType().toASCIIString() ); AppliesTo appliesTo = requestToken.getAppliesTo(); - JAXBElement<EndpointReferenceType> jaxb = (JAXBElement<EndpointReferenceType>) appliesTo.getAny().get(0); - EndpointReferenceType endpoint = jaxb.getValue(); + EndpointReferenceType endpoint = (EndpointReferenceType) appliesTo.getAny().get(0); assertEquals( "http://services.testcorp.org/provider2", endpoint.getAddress().getValue() ); @@ -77,7 +74,7 @@ //Now for the writing part ByteArrayOutputStream baos = new ByteArrayOutputStream(); - WSTrustRSTWriter rstWriter = new WSTrustRSTWriter(baos); + WSTrustRequestWriter rstWriter = new WSTrustRequestWriter(baos); rstWriter.write(requestToken ); Modified: federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/wst/WSTrustIssuePublicKeyTestCase.java =================================================================== --- federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/wst/WSTrustIssuePublicKeyTestCase.java 2010-11-25 22:20:20 UTC (rev 566) +++ federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/wst/WSTrustIssuePublicKeyTestCase.java 2010-11-30 00:32:39 UTC (rev 567) @@ -1,23 +1,19 @@ /* - * JBoss, Home of Professional Open Source. - * Copyright 2008, Red Hat Middleware LLC, and individual contributors - * as indicated by the @author tags. See the copyright.txt file in the - * distribution for a full listing of individual contributors. - * - * This is free software; you can redistribute it and/or modify it - * under the terms of the GNU Lesser General Public License as - * published by the Free Software Foundation; either version 2.1 of - * the License, or (at your option) any later version. - * - * This software is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this software; if not, write to the Free - * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA - * 02110-1301 USA, or see the FSF site: http://www.fsf.org. + * JBoss, Home of Professional Open Source. Copyright 2008, Red Hat Middleware LLC, and individual contributors as + * indicated by the @author tags. See the copyright.txt file in the distribution for a full listing of individual + * contributors. + * + * This is free software; you can redistribute it and/or modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation; either version 2.1 of the License, or (at your option) any + * later version. + * + * This software is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied + * warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more + * details. + * + * You should have received a copy of the GNU Lesser General Public License along with this software; if not, write to + * the Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA, or see the FSF site: + * http://www.fsf.org. */ package org.picketlink.test.identity.federation.core.parser.wst; @@ -27,15 +23,13 @@ import java.io.ByteArrayOutputStream; import java.io.InputStream; -import javax.xml.bind.JAXBElement; - import org.junit.Test; import org.picketlink.identity.federation.core.parsers.wst.WSTRequestSecurityTokenParser; import org.picketlink.identity.federation.core.parsers.wst.WSTrustParser; import org.picketlink.identity.federation.core.saml.v2.util.DocumentUtil; import org.picketlink.identity.federation.core.wstrust.WSTrustConstants; import org.picketlink.identity.federation.core.wstrust.wrappers.RequestSecurityToken; -import org.picketlink.identity.federation.core.wstrust.writers.WSTrustRSTWriter; +import org.picketlink.identity.federation.core.wstrust.writers.WSTrustRequestWriter; import org.picketlink.identity.federation.ws.addressing.EndpointReferenceType; import org.picketlink.identity.federation.ws.policy.AppliesTo; import org.picketlink.identity.federation.ws.trust.UseKeyType; @@ -43,6 +37,7 @@ /** * Validate parsing of RST with Use Key set to a RSA Public Key + * * @author Anil.Saldhana(a)redhat.com * @since Oct 18, 2010 */ @@ -54,35 +49,33 @@ public void testPublicKey() throws Exception { ClassLoader tcl = Thread.currentThread().getContextClassLoader(); - InputStream configStream = tcl.getResourceAsStream( "parser/wst/wst-issue-public-key.xml" ); - + InputStream configStream = tcl.getResourceAsStream("parser/wst/wst-issue-public-key.xml"); + WSTrustParser parser = new WSTrustParser(); - RequestSecurityToken requestToken = ( RequestSecurityToken ) parser.parse( configStream ); - - assertEquals( "testcontext", requestToken.getContext() ); - assertEquals( WSTrustConstants.ISSUE_REQUEST , requestToken.getRequestType().toASCIIString() ); - + RequestSecurityToken requestToken = (RequestSecurityToken) parser.parse(configStream); + + assertEquals("testcontext", requestToken.getContext()); + assertEquals(WSTrustConstants.ISSUE_REQUEST, requestToken.getRequestType().toASCIIString()); + AppliesTo appliesTo = requestToken.getAppliesTo(); - JAXBElement<EndpointReferenceType> jaxb = (JAXBElement<EndpointReferenceType>) appliesTo.getAny().get(0); - EndpointReferenceType endpoint = jaxb.getValue(); - assertEquals( "http://services.testcorp.org/provider2", endpoint.getAddress().getValue() ); - - - assertEquals( "http://docs.oasis-open.org/ws-sx/ws-trust/200512/PublicKey", requestToken.getKeyType().toASCIIString() ); - + EndpointReferenceType endpoint = (EndpointReferenceType) appliesTo.getAny().get(0); + assertEquals("http://services.testcorp.org/provider2", endpoint.getAddress().getValue()); + + assertEquals("http://docs.oasis-open.org/ws-sx/ws-trust/200512/PublicKey", requestToken.getKeyType() + .toASCIIString()); + UseKeyType useKeyType = requestToken.getUseKey(); - Element certEl = (Element) useKeyType.getAny(); - - assertEquals( "ds:" + WSTRequestSecurityTokenParser.KEYVALUE, certEl.getTagName() ); - + Element certEl = (Element) useKeyType.getAny(); - //Now for the writing part + assertEquals("ds:" + WSTRequestSecurityTokenParser.KEYVALUE, certEl.getTagName()); + + // Now for the writing part ByteArrayOutputStream baos = new ByteArrayOutputStream(); - WSTrustRSTWriter rstWriter = new WSTrustRSTWriter(baos); + WSTrustRequestWriter rstWriter = new WSTrustRequestWriter(baos); - rstWriter.write(requestToken ); + rstWriter.write(requestToken); - System.out.println( new String( baos.toByteArray() )); - DocumentUtil.getDocument( new ByteArrayInputStream( baos.toByteArray() )); + System.out.println(new String(baos.toByteArray())); + DocumentUtil.getDocument(new ByteArrayInputStream(baos.toByteArray())); } } \ No newline at end of file Modified: federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/wst/WSTrustIssueSymmetricKeyTestCase.java =================================================================== --- federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/wst/WSTrustIssueSymmetricKeyTestCase.java 2010-11-25 22:20:20 UTC (rev 566) +++ federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/wst/WSTrustIssueSymmetricKeyTestCase.java 2010-11-30 00:32:39 UTC (rev 567) @@ -27,14 +27,12 @@ import java.io.ByteArrayOutputStream; import java.io.InputStream; -import javax.xml.bind.JAXBElement; - import org.junit.Test; import org.picketlink.identity.federation.core.parsers.wst.WSTrustParser; import org.picketlink.identity.federation.core.saml.v2.util.DocumentUtil; import org.picketlink.identity.federation.core.wstrust.WSTrustConstants; import org.picketlink.identity.federation.core.wstrust.wrappers.RequestSecurityToken; -import org.picketlink.identity.federation.core.wstrust.writers.WSTrustRSTWriter; +import org.picketlink.identity.federation.core.wstrust.writers.WSTrustRequestWriter; import org.picketlink.identity.federation.ws.addressing.EndpointReferenceType; import org.picketlink.identity.federation.ws.policy.AppliesTo; import org.picketlink.identity.federation.ws.trust.BinarySecretType; @@ -61,8 +59,7 @@ assertEquals( WSTrustConstants.ISSUE_REQUEST , requestToken.getRequestType().toASCIIString() ); AppliesTo appliesTo = requestToken.getAppliesTo(); - JAXBElement<EndpointReferenceType> jaxb = (JAXBElement<EndpointReferenceType>) appliesTo.getAny().get(0); - EndpointReferenceType endpoint = jaxb.getValue(); + EndpointReferenceType endpoint = (EndpointReferenceType) appliesTo.getAny().get(0); assertEquals( "http://services.testcorp.org/provider2", endpoint.getAddress().getValue() ); @@ -76,7 +73,7 @@ //Now for the writing part ByteArrayOutputStream baos = new ByteArrayOutputStream(); - WSTrustRSTWriter rstWriter = new WSTrustRSTWriter(baos); + WSTrustRequestWriter rstWriter = new WSTrustRequestWriter(baos); rstWriter.write(requestToken); Modified: federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/wst/WSTrustIssueTestCase.java =================================================================== --- federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/wst/WSTrustIssueTestCase.java 2010-11-25 22:20:20 UTC (rev 566) +++ federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/wst/WSTrustIssueTestCase.java 2010-11-30 00:32:39 UTC (rev 567) @@ -32,7 +32,7 @@ import org.picketlink.identity.federation.core.saml.v2.util.DocumentUtil; import org.picketlink.identity.federation.core.wstrust.WSTrustConstants; import org.picketlink.identity.federation.core.wstrust.wrappers.RequestSecurityToken; -import org.picketlink.identity.federation.core.wstrust.writers.WSTrustRSTWriter; +import org.picketlink.identity.federation.core.wstrust.writers.WSTrustRequestWriter; /** * Validate simple RST parsing @@ -56,7 +56,7 @@ //Now for the writing part ByteArrayOutputStream baos = new ByteArrayOutputStream(); - WSTrustRSTWriter rstWriter = new WSTrustRSTWriter(baos); + WSTrustRequestWriter rstWriter = new WSTrustRequestWriter(baos); rstWriter.write(requestToken); Modified: federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/wst/WSTrustOnBehalfOfTestCase.java =================================================================== --- federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/wst/WSTrustOnBehalfOfTestCase.java 2010-11-25 22:20:20 UTC (rev 566) +++ federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/wst/WSTrustOnBehalfOfTestCase.java 2010-11-30 00:32:39 UTC (rev 567) @@ -32,7 +32,7 @@ import org.picketlink.identity.federation.core.saml.v2.util.DocumentUtil; import org.picketlink.identity.federation.core.wstrust.WSTrustConstants; import org.picketlink.identity.federation.core.wstrust.wrappers.RequestSecurityToken; -import org.picketlink.identity.federation.core.wstrust.writers.WSTrustRSTWriter; +import org.picketlink.identity.federation.core.wstrust.writers.WSTrustRequestWriter; import org.picketlink.identity.federation.ws.trust.OnBehalfOfType; import org.picketlink.identity.federation.ws.wss.secext.UsernameTokenType; @@ -62,7 +62,7 @@ //Now for the writing part ByteArrayOutputStream baos = new ByteArrayOutputStream(); - WSTrustRSTWriter rstWriter = new WSTrustRSTWriter(baos); + WSTrustRequestWriter rstWriter = new WSTrustRequestWriter(baos); rstWriter.write(requestToken); Modified: federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/wstrust/PicketLinkSTSUnitTestCase.java =================================================================== --- federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/wstrust/PicketLinkSTSUnitTestCase.java 2010-11-25 22:20:20 UTC (rev 566) +++ federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/wstrust/PicketLinkSTSUnitTestCase.java 2010-11-30 00:32:39 UTC (rev 567) @@ -48,6 +48,7 @@ import org.picketlink.identity.federation.core.config.STSType; import org.picketlink.identity.federation.core.exceptions.ConfigurationException; import org.picketlink.identity.federation.core.exceptions.ParsingException; +import org.picketlink.identity.federation.core.parsers.wst.WSTrustParser; import org.picketlink.identity.federation.core.saml.v2.common.IDGenerator; import org.picketlink.identity.federation.core.saml.v2.util.DocumentUtil; import org.picketlink.identity.federation.core.util.Base64; @@ -58,7 +59,6 @@ import org.picketlink.identity.federation.core.wstrust.StandardRequestHandler; import org.picketlink.identity.federation.core.wstrust.WSTrustConstants; import org.picketlink.identity.federation.core.wstrust.WSTrustException; -import org.picketlink.identity.federation.core.wstrust.WSTrustJAXBFactory; import org.picketlink.identity.federation.core.wstrust.WSTrustRequestHandler; import org.picketlink.identity.federation.core.wstrust.WSTrustUtil; import org.picketlink.identity.federation.core.wstrust.plugins.saml.SAML20TokenProvider; @@ -68,7 +68,7 @@ import org.picketlink.identity.federation.core.wstrust.wrappers.RequestSecurityToken; import org.picketlink.identity.federation.core.wstrust.wrappers.RequestSecurityTokenResponse; import org.picketlink.identity.federation.core.wstrust.wrappers.RequestSecurityTokenResponseCollection; -import org.picketlink.identity.federation.core.wstrust.writers.WSTrustRSTWriter; +import org.picketlink.identity.federation.core.wstrust.writers.WSTrustRequestWriter; import org.picketlink.identity.federation.saml.v2.assertion.AssertionType; import org.picketlink.identity.federation.saml.v2.assertion.AudienceRestrictionType; import org.picketlink.identity.federation.saml.v2.assertion.ConditionAbstractType; @@ -82,6 +82,7 @@ import org.picketlink.identity.federation.ws.policy.AppliesTo; import org.picketlink.identity.federation.ws.trust.BinarySecretType; import org.picketlink.identity.federation.ws.trust.CancelTargetType; +import org.picketlink.identity.federation.ws.trust.ComputedKeyType; import org.picketlink.identity.federation.ws.trust.EntropyType; import org.picketlink.identity.federation.ws.trust.OnBehalfOfType; import org.picketlink.identity.federation.ws.trust.RenewTargetType; @@ -163,7 +164,8 @@ * * * - * @throws Exception if an error occurs while running the test. + * @throws Exception + * if an error occurs while running the test. */ public void testSTSConfiguration() throws Exception { @@ -241,7 +243,8 @@ * * * - * @throws Exception if an error occurs while running the test. + * @throws Exception + * if an error occurs while running the test. */ public void testInvokeCustom() throws Exception { @@ -252,9 +255,8 @@ // invoke the token service. Source responseMessage = this.tokenService.invoke(requestMessage); - BaseRequestSecurityTokenResponse baseResponse = WSTrustJAXBFactory.getInstance() - .parseRequestSecurityTokenResponse(responseMessage); - + BaseRequestSecurityTokenResponse baseResponse = (BaseRequestSecurityTokenResponse) new WSTrustParser() + .parse(DocumentUtil.getSourceAsStream(responseMessage)); // validate the security token response. this.validateCustomTokenResponse(baseResponse); } @@ -294,7 +296,8 @@ * * * - * @throws Exception if an error occurs while running the test. + * @throws Exception + * if an error occurs while running the test. */ public void testInvokeSAML20() throws Exception { @@ -305,9 +308,8 @@ // invoke the token service. Source responseMessage = this.tokenService.invoke(requestMessage); - BaseRequestSecurityTokenResponse baseResponse = WSTrustJAXBFactory.getInstance() - .parseRequestSecurityTokenResponse(responseMessage); - + BaseRequestSecurityTokenResponse baseResponse = (BaseRequestSecurityTokenResponse) new WSTrustParser() + .parse(DocumentUtil.getSourceAsStream(responseMessage)); // validate the security token response. this.validateSAMLAssertionResponse(baseResponse, "testcontext", "jduke", SAMLUtil.SAML2_BEARER_URI); } @@ -319,7 +321,8 @@ * case, the request should be handled by the custom {@code SpecialTokenProvider}. * * - * @throws Exception if an error occurs while running the test. + * @throws Exception + * if an error occurs while running the test. */ public void testInvokeCustomAppliesTo() throws Exception { @@ -330,8 +333,8 @@ // invoke the token service. Source responseMessage = this.tokenService.invoke(requestMessage); - BaseRequestSecurityTokenResponse baseResponse = WSTrustJAXBFactory.getInstance() - .parseRequestSecurityTokenResponse(responseMessage); + BaseRequestSecurityTokenResponse baseResponse = (BaseRequestSecurityTokenResponse) new WSTrustParser() + .parse(DocumentUtil.getSourceAsStream(responseMessage)); // validate the security token response. this.validateCustomTokenResponse(baseResponse); @@ -344,7 +347,8 @@ * case, the request should be handled by the standard {@code SAML20TokenProvider}. * * - * @throws Exception if an error occurs while running the test. + * @throws Exception + * if an error occurs while running the test. */ public void testInvokeSAML20AppliesTo() throws Exception { @@ -354,8 +358,8 @@ // invoke the token service. Source responseMessage = this.tokenService.invoke(requestMessage); - BaseRequestSecurityTokenResponse baseResponse = WSTrustJAXBFactory.getInstance() - .parseRequestSecurityTokenResponse(responseMessage); + BaseRequestSecurityTokenResponse baseResponse = (BaseRequestSecurityTokenResponse) new WSTrustParser() + .parse(DocumentUtil.getSourceAsStream(responseMessage)); // validate the security token response. AssertionType assertion = this.validateSAMLAssertionResponse(baseResponse, "testcontext", "jduke", @@ -380,7 +384,8 @@ * the request). * * - * @throws Exception if an error occurs while running the test. + * @throws Exception + * if an error occurs while running the test. */ public void testInvokeSAML20OnBehalfOf() throws Exception { @@ -394,8 +399,8 @@ // invoke the token service. Source responseMessage = this.tokenService.invoke(requestMessage); - BaseRequestSecurityTokenResponse baseResponse = WSTrustJAXBFactory.getInstance() - .parseRequestSecurityTokenResponse(responseMessage); + BaseRequestSecurityTokenResponse baseResponse = (BaseRequestSecurityTokenResponse) new WSTrustParser() + .parse(DocumentUtil.getSourceAsStream(responseMessage)); // validate the security token response (assertion principal should be anotherduke as specified by OnBehalfOf). this.validateSAMLAssertionResponse(baseResponse, "testcontext", "anotherduke", SAMLUtil.SAML2_SENDER_VOUCHES_URI); @@ -408,7 +413,8 @@ * this key as the proof token. The WS-Trust response should contain the STS-generated key. * * - * @throws Exception if an error occurs while running the test. + * @throws Exception + * if an error occurs while running the test. */ @SuppressWarnings("rawtypes") public void testInvokeSAML20WithSTSGeneratedSymmetricKey() throws Exception @@ -423,8 +429,8 @@ // invoke the token service. Source responseMessage = this.tokenService.invoke(requestMessage); - BaseRequestSecurityTokenResponse baseResponse = WSTrustJAXBFactory.getInstance() - .parseRequestSecurityTokenResponse(responseMessage); + BaseRequestSecurityTokenResponse baseResponse = (BaseRequestSecurityTokenResponse) new WSTrustParser() + .parse(DocumentUtil.getSourceAsStream(responseMessage)); // validate the security token response. AssertionType assertion = this.validateSAMLAssertionResponse(baseResponse, "testcontext", "jduke", @@ -439,10 +445,8 @@ RequestSecurityTokenResponse response = collection.getRequestSecurityTokenResponses().get(0); RequestedProofTokenType proofToken = response.getRequestedProofToken(); assertNotNull("Unexpected null proof token", proofToken); - assertTrue(proofToken.getAny() instanceof JAXBElement); - JAXBElement proofElement = (JAXBElement) proofToken.getAny(); - assertEquals("Unexpected proof token content", BinarySecretType.class, proofElement.getDeclaredType()); - BinarySecretType serverBinarySecret = (BinarySecretType) proofElement.getValue(); + assertTrue(proofToken.getAny() instanceof BinarySecretType); + BinarySecretType serverBinarySecret = (BinarySecretType) proofToken.getAny(); assertNotNull("Unexpected null secret", serverBinarySecret.getValue()); // default key size is 128 bits (16 bytes). byte[] encodedSecret = serverBinarySecret.getValue(); @@ -457,7 +461,8 @@ * should include the STS key to allow reconstruction of the combined key and the algorithm used to combine the keys. * * - * @throws Exception if an error occurs while running the test. + * @throws Exception + * if an error occurs while running the test. */ @SuppressWarnings("rawtypes") public void testInvokeSAML20WithCombinedSymmetricKey() throws Exception @@ -482,8 +487,8 @@ // invoke the token service. Source requestMessage = this.createSourceFromRequest(request); Source responseMessage = this.tokenService.invoke(requestMessage); - BaseRequestSecurityTokenResponse baseResponse = WSTrustJAXBFactory.getInstance() - .parseRequestSecurityTokenResponse(responseMessage); + BaseRequestSecurityTokenResponse baseResponse = (BaseRequestSecurityTokenResponse) new WSTrustParser() + .parse(DocumentUtil.getSourceAsStream(responseMessage)); // validate the security token response. AssertionType assertion = this.validateSAMLAssertionResponse(baseResponse, "testcontext", "jduke", @@ -497,20 +502,15 @@ RequestSecurityTokenResponse response = collection.getRequestSecurityTokenResponses().get(0); RequestedProofTokenType proofToken = response.getRequestedProofToken(); assertNotNull("Unexpected null proof token", proofToken); - assertTrue(proofToken.getAny() instanceof JAXBElement); - JAXBElement<?> proofElement = (JAXBElement<?>) proofToken.getAny(); + assertTrue(proofToken.getAny() instanceof ComputedKeyType); + ComputedKeyType computedKey = (ComputedKeyType) proofToken.getAny(); + assertEquals("Unexpected computed key algorithm", WSTrustConstants.CK_PSHA1, computedKey.getAlgorithm()); - // proof token should contain only the computed key algorithm. - assertEquals("Unexpected proof token content", "ComputedKey", proofElement.getName().getLocalPart()); - assertEquals("Unexpected computed key algorithm", WSTrustConstants.CK_PSHA1, proofElement.getValue()); - // server entropy must have been included in the response to allow reconstruction of the computed key. EntropyType serverEntropy = response.getEntropy(); assertNotNull("Unexpected null server entropy"); assertEquals("Invalid number of elements in server entropy", 1, serverEntropy.getAny().size()); - JAXBElement serverEntropyContent = (JAXBElement) serverEntropy.getAny().get(0); - assertEquals("Unexpected proof token content", BinarySecretType.class, serverEntropyContent.getDeclaredType()); - BinarySecretType serverBinarySecret = (BinarySecretType) serverEntropyContent.getValue(); + BinarySecretType serverBinarySecret = (BinarySecretType) serverEntropy.getAny().get(0); assertEquals("Unexpected binary secret type", WSTrustConstants.BS_TYPE_NONCE, serverBinarySecret.getType()); assertNotNull("Unexpected null secret value", serverBinarySecret.getValue()); // get the base64 decoded @@ -524,7 +524,8 @@ * The STS must include the specified certificate in the SAML subject confirmation. * * - * @throws Exception if an error occurs while running the test. + * @throws Exception + * if an error occurs while running the test. */ public void testInvokeSAML20WithCertificate() throws Exception { @@ -542,9 +543,8 @@ // invoke the token service. Source requestMessage = this.createSourceFromRequest(request); Source responseMessage = this.tokenService.invoke(requestMessage); - BaseRequestSecurityTokenResponse baseResponse = WSTrustJAXBFactory.getInstance() - .parseRequestSecurityTokenResponse(responseMessage); - + BaseRequestSecurityTokenResponse baseResponse = (BaseRequestSecurityTokenResponse) new WSTrustParser() + .parse(DocumentUtil.getSourceAsStream(responseMessage)); // validate the security token response. AssertionType assertion = this.validateSAMLAssertionResponse(baseResponse, "testcontext", "jduke", SAMLUtil.SAML2_HOLDER_OF_KEY_URI); @@ -560,7 +560,8 @@ * STS must include the specified public key in the SAML subject confirmation. * * - * @throws Exception if an error occurs while running the test. + * @throws Exception + * if an error occurs while running the test. */ public void testInvokeSAML20WithPublicKey() throws Exception { @@ -579,8 +580,8 @@ // invoke the token service. Source requestMessage = this.createSourceFromRequest(request); Source responseMessage = this.tokenService.invoke(requestMessage); - BaseRequestSecurityTokenResponse baseResponse = WSTrustJAXBFactory.getInstance() - .parseRequestSecurityTokenResponse(responseMessage); + BaseRequestSecurityTokenResponse baseResponse = (BaseRequestSecurityTokenResponse) new WSTrustParser() + .parse(DocumentUtil.getSourceAsStream(responseMessage)); // validate the security token response. AssertionType assertion = this.validateSAMLAssertionResponse(baseResponse, "testcontext", "jduke", @@ -597,7 +598,8 @@ * the assertion validated, checking the validation results. * * - * @throws Exception if an error occurs while running the test. + * @throws Exception + * if an error occurs while running the test. */ public void testInvokeSAML20Validate() throws Exception { @@ -605,20 +607,19 @@ RequestSecurityToken request = this.createRequest("testcontext", WSTrustConstants.ISSUE_REQUEST, SAMLUtil.SAML2_TOKEN_TYPE, null); - // use the factory to marshall the request. - WSTrustJAXBFactory factory = WSTrustJAXBFactory.getInstance(); Source requestMessage = this.createSourceFromRequest(request); // invoke the token service. Source responseMessage = this.tokenService.invoke(requestMessage); - BaseRequestSecurityTokenResponse baseResponse = factory.parseRequestSecurityTokenResponse(responseMessage); + WSTrustParser parser = new WSTrustParser(); + BaseRequestSecurityTokenResponse baseResponse = (BaseRequestSecurityTokenResponse) parser.parse(DocumentUtil + .getSourceAsStream(responseMessage)); // validate the response and get the SAML assertion from the request. - this.validateSAMLAssertionResponse(baseResponse, "testcontext", "jduke", - SAMLUtil.SAML2_BEARER_URI); + this.validateSAMLAssertionResponse(baseResponse, "testcontext", "jduke", SAMLUtil.SAML2_BEARER_URI); RequestSecurityTokenResponseCollection collection = (RequestSecurityTokenResponseCollection) baseResponse; Element assertion = (Element) collection.getRequestSecurityTokenResponses().get(0).getRequestedSecurityToken() - .getAny(); + .getAny(); // now construct a WS-Trust validate request with the generated assertion. request = this.createRequest("validatecontext", WSTrustConstants.VALIDATE_REQUEST, WSTrustConstants.STATUS_TYPE, @@ -629,7 +630,7 @@ // invoke the token service. responseMessage = this.tokenService.invoke(this.createSourceFromRequest(request)); - baseResponse = factory.parseRequestSecurityTokenResponse(responseMessage); + baseResponse = (BaseRequestSecurityTokenResponse) parser.parse(DocumentUtil.getSourceAsStream(responseMessage)); // validate the response contents. assertNotNull("Unexpected null response", baseResponse); @@ -648,8 +649,8 @@ assertion.getFirstChild().getFirstChild().setNodeValue("Tempered Issuer"); request.getValidateTarget().setAny(assertion); responseMessage = this.tokenService.invoke(this.createSourceFromRequest(request)); - collection = (RequestSecurityTokenResponseCollection) WSTrustJAXBFactory.getInstance() - .parseRequestSecurityTokenResponse(responseMessage); + collection = (RequestSecurityTokenResponseCollection) parser.parse(DocumentUtil + .getSourceAsStream(responseMessage)); assertEquals("Unexpected number of responses", 1, collection.getRequestSecurityTokenResponses().size()); response = collection.getRequestSecurityTokenResponses().get(0); assertEquals("Unexpected response context", "validatecontext", response.getContext()); @@ -666,7 +667,8 @@ * assertion renewed (i.e. get a new assertion with an updated lifetime). * * - * @throws Exception if an error occurs while running the test. + * @throws Exception + * if an error occurs while running the test. */ public void testInvokeSAML20Renew() throws Exception { @@ -674,13 +676,13 @@ RequestSecurityToken request = this.createRequest("testcontext", WSTrustConstants.ISSUE_REQUEST, null, "http://services.testcorp.org/provider2"); - // use the factory to marshall the request. - WSTrustJAXBFactory factory = WSTrustJAXBFactory.getInstance(); Source requestMessage = this.createSourceFromRequest(request); // invoke the token service. Source responseMessage = this.tokenService.invoke(requestMessage); - BaseRequestSecurityTokenResponse baseResponse = factory.parseRequestSecurityTokenResponse(responseMessage); + WSTrustParser parser = new WSTrustParser(); + BaseRequestSecurityTokenResponse baseResponse = (BaseRequestSecurityTokenResponse) parser.parse(DocumentUtil + .getSourceAsStream(responseMessage)); // validate the response and get the SAML assertion from the request. this.validateSAMLAssertionResponse(baseResponse, "testcontext", "jduke", SAMLUtil.SAML2_BEARER_URI); @@ -696,7 +698,7 @@ // invoke the token service. responseMessage = this.tokenService.invoke(this.createSourceFromRequest(request)); - baseResponse = factory.parseRequestSecurityTokenResponse(responseMessage); + baseResponse = (BaseRequestSecurityTokenResponse) parser.parse(DocumentUtil.getSourceAsStream(responseMessage)); // validate the renew response contents and get the renewed token. this.validateSAMLAssertionResponse(baseResponse, "renewcontext", "jduke", SAMLUtil.SAML2_BEARER_URI); @@ -723,7 +725,8 @@ * the assertion. A canceled assertion cannot be renewed or considered valid anymore. * * - * @throws Exception if an error occurs while running the test. + * @throws Exception + * if an error occurs while running the test. */ public void testInvokeSAML20Cancel() throws Exception { @@ -731,13 +734,13 @@ RequestSecurityToken request = this.createRequest("testcontext", WSTrustConstants.ISSUE_REQUEST, SAMLUtil.SAML2_TOKEN_TYPE, null); - // use the factory to marshall the request. - WSTrustJAXBFactory factory = WSTrustJAXBFactory.getInstance(); Source requestMessage = this.createSourceFromRequest(request); // invoke the token service. Source responseMessage = this.tokenService.invoke(requestMessage); - BaseRequestSecurityTokenResponse baseResponse = factory.parseRequestSecurityTokenResponse(responseMessage); + WSTrustParser parser = new WSTrustParser(); + BaseRequestSecurityTokenResponse baseResponse = (BaseRequestSecurityTokenResponse) parser.parse(DocumentUtil + .getSourceAsStream(responseMessage)); // validate the response and get the SAML assertion from the request. this.validateSAMLAssertionResponse(baseResponse, "testcontext", "jduke", SAMLUtil.SAML2_BEARER_URI); @@ -753,7 +756,7 @@ // invoke the token service. responseMessage = this.tokenService.invoke(this.createSourceFromRequest(request)); - baseResponse = factory.parseRequestSecurityTokenResponse(responseMessage); + baseResponse = (BaseRequestSecurityTokenResponse) parser.parse(DocumentUtil.getSourceAsStream(responseMessage)); // validate the response contents. assertNotNull("Unexpected null response", baseResponse); @@ -773,7 +776,8 @@ // the response should contain a status indicating that the token is not valid. responseMessage = this.tokenService.invoke(this.createSourceFromRequest(request)); - collection = (RequestSecurityTokenResponseCollection) factory.parseRequestSecurityTokenResponse(responseMessage); + collection = (RequestSecurityTokenResponseCollection) parser.parse(DocumentUtil + .getSourceAsStream(responseMessage)); assertEquals("Unexpected number of responses", 1, collection.getRequestSecurityTokenResponses().size()); response = collection.getRequestSecurityTokenResponses().get(0); assertEquals("Unexpected response context", "validatecontext", response.getContext()); @@ -810,7 +814,8 @@ * security token service. * * - * @throws Exception if an error occurs while running the test. + * @throws Exception + * if an error occurs while running the test. */ public void testInvokeUnknownTokenType() throws Exception { @@ -840,7 +845,8 @@ * This test verifies if the token service is correctly identifying invalid issue requests. * * - * @throws Exception if an error occurs while running the test. + * @throws Exception + * if an error occurs while running the test. */ public void testInvalidIssueRequests() throws Exception { @@ -885,7 +891,8 @@ * This test verifies if the token service is correctly identifying invalid renew requests. * * - * @throws Exception if an error occurs while running the test. + * @throws Exception + * if an error occurs while running the test. */ public void testInvalidRenewRequests() throws Exception { @@ -944,7 +951,8 @@ * This test verifies if the token service is correctly identifying invalid validate requests. * * - * @throws Exception if an error occurs while running the test. + * @throws Exception + * if an error occurs while running the test. */ public void testInvalidValidateRequests() throws Exception { @@ -1003,7 +1011,8 @@ * This test verifies if the token service is correctly identifying invalid cancel requests. * * - * @throws Exception if an error occurs while running the test. + * @throws Exception + * if an error occurs while running the test. */ public void testInvalidCancelRequests() throws Exception { @@ -1063,8 +1072,10 @@ * SpecialTokenProvider}. * * - * @param baseResponse a reference to the WS-Trust response that was sent by the STS. - * @throws Exception if one of the validation performed fail. + * @param baseResponse + * a reference to the WS-Trust response that was sent by the STS. + * @throws Exception + * if one of the validation performed fail. */ private void validateCustomTokenResponse(BaseRequestSecurityTokenResponse baseResponse) throws Exception { @@ -1089,10 +1100,11 @@ assertNotNull("Unexpected null token", token); assertTrue("Unexpected token class", token instanceof Element); Element element = (Element) requestedToken.getAny(); + assertEquals("Unexpected root element name", "SpecialToken", element.getLocalName()); assertEquals("Unexpected namespace value", "http://www.tokens.org", element.getNamespaceURI()); - - assertEquals("Unexpected attribute value", "http://www.tokens.org/SpecialToken", element.getAttributeNS( - "http://www.tokens.org", "TokenType")); + assertEquals("Unexpected attribute value", "http://www.tokens.org/SpecialToken", element.getAttribute("TokenType")); + element = (Element) element.getFirstChild(); + assertEquals("Unexpected child element name", "SpecialTokenValue", element.getLocalName()); assertEquals("Unexpected token value", "Principal:jduke", element.getFirstChild().getNodeValue()); } @@ -1102,13 +1114,18 @@ * SAML20TokenProvider}. * * - * @param baseResponse a reference to the WS-Trust response that was sent by the STS. - * @param context the expected name of the response context. - * @param principal the principal that is expected to be seen in the assertion subject. - * @param confirmationMethod the confirmation method that is expected to be seen in the assertion subject. + * @param baseResponse + * a reference to the WS-Trust response that was sent by the STS. + * @param context + * the expected name of the response context. + * @param principal + * the principal that is expected to be seen in the assertion subject. + * @param confirmationMethod + * the confirmation method that is expected to be seen in the assertion subject. * @return the SAMLV2.0 assertion that has been extracted from the response. This object can be used by the test * methods to perform extra validations depending on the scenario being tested. - * @throws Exception if an error occurs while performing the validation. + * @throws Exception + * if an error occurs while performing the validation. */ private AssertionType validateSAMLAssertionResponse(BaseRequestSecurityTokenResponse baseResponse, String context, String principal, String confirmationMethod) throws Exception @@ -1134,8 +1151,7 @@ String tokenTypeAttr = securityRef.getOtherAttributes().get(new QName(WSTrustConstants.WSSE11_NS, "TokenType")); assertNotNull("Required attribute TokenType is missing", tokenTypeAttr); assertEquals("TokenType attribute has an unexpected value", SAMLUtil.SAML2_TOKEN_TYPE, tokenTypeAttr); - JAXBElement<?> keyIdElement = (JAXBElement<?>) securityRef.getAny().get(0); - KeyIdentifierType keyId = (KeyIdentifierType) keyIdElement.getValue(); + KeyIdentifierType keyId = (KeyIdentifierType) securityRef.getAny().get(0); assertEquals("Unexpected key value type", SAMLUtil.SAML2_VALUE_TYPE, keyId.getValueType()); assertNotNull("Unexpected null key identifier value", keyId.getValue()); @@ -1145,7 +1161,8 @@ assertNotNull("Unexpected null requested security token", requestedToken); // unmarshall the SAMLV2.0 assertion. - AssertionType assertion = SAMLUtil.fromElement((Element) requestedToken.getAny()); + Element assertionElement = (Element) requestedToken.getAny(); + AssertionType assertion = SAMLUtil.fromElement(assertionElement); // verify the contents of the unmarshalled assertion. assertNotNull("Invalid null assertion ID", assertion.getID()); @@ -1174,7 +1191,6 @@ assertEquals(lifetime.getCreated(), assertion.getConditions().getNotBefore()); assertEquals(lifetime.getExpires(), assertion.getConditions().getNotOnOrAfter()); - // verify if the assertion has been signed. assertNotNull("Assertion should have been signed", assertion.getSignature()); return assertion; @@ -1186,12 +1202,17 @@ * confirmation method has been used. * * - * @param subjectConfirmation the {@code SubjectConfirmationType} to be validated. - * @param keyType the type of the proof-of-possession key (Symmetric or Public). - * @param certificate the certificate used in the Public Key scenarios. - * @param usePublicKey {@code true} if the certificate's Public Key was used as the proof-of-possession token; - * {@code false} otherwise. - * @throws Exception if an error occurs while performing the validation. + * @param subjectConfirmation + * the {@code SubjectConfirmationType} to be validated. + * @param keyType + * the type of the proof-of-possession key (Symmetric or Public). + * @param certificate + * the certificate used in the Public Key scenarios. + * @param usePublicKey + * {@code true} if the certificate's Public Key was used as the proof-of-possession token; {@code false} + * otherwise. + * @throws Exception + * if an error occurs while performing the validation. */ private void validateHolderOfKeyContents(SubjectConfirmationType subjectConfirmation, String keyType, Certificate certificate, boolean usePublicKey) throws Exception @@ -1261,10 +1282,14 @@ * Utility method that creates a simple WS-Trust request using the specified information. * * - * @param context a {@code String} that represents the request context. - * @param requestType a {@code String} that represents the WS-Trust request type. - * @param tokenType a {@code String} that represents the requested token type. - * @param appliesToString a {@code String} that represents the URL of a service provider. + * @param context + * a {@code String} that represents the request context. + * @param requestType + * a {@code String} that represents the WS-Trust request type. + * @param tokenType + * a {@code String} that represents the requested token type. + * @param appliesToString + * a {@code String} that represents the URL of a service provider. * @return the constructed {@code RequestSecurityToken} object. */ private RequestSecurityToken createRequest(String context, String requestType, String tokenType, @@ -1276,15 +1301,7 @@ if (tokenType != null) request.setTokenType(URI.create(tokenType)); if (appliesToString != null) - { - AttributedURIType attributedURI = new AttributedURIType(); - attributedURI.setValue(appliesToString); - EndpointReferenceType reference = new EndpointReferenceType(); - reference.setAddress(attributedURI); - AppliesTo appliesTo = new AppliesTo(); - appliesTo.getAny().add(new ObjectFactory().createEndpointReference(reference)); - request.setAppliesTo(appliesTo); - } + request.setAppliesTo(WSTrustUtil.createAppliesTo(appliesToString)); return request; } @@ -1294,7 +1311,8 @@ * * * @return an {@code Element} representing the unknown token. - * @throws Exception if an error occurs while creating the token. + * @throws Exception + * if an error occurs while creating the token. */ private Element createUnknownToken() throws Exception { @@ -1315,11 +1333,15 @@ * Obtains the {@code Certificate} stored under the specified alias in the specified keystore. * * - * @param keyStoreFile the name of the file that contains a JKS keystore. - * @param passwd the keystore password. - * @param certificateAlias the alias of a certificate in the keystore. + * @param keyStoreFile + * the name of the file that contains a JKS keystore. + * @param passwd + * the keystore password. + * @param certificateAlias + * the alias of a certificate in the keystore. * @return a reference to the {@code Certificate} stored under the given alias. - * @throws Exception if an error occurs while handling the keystore. + * @throws Exception + * if an error occurs while handling the keystore. */ private Certificate getCertificate(String keyStoreFile, String passwd, String certificateAlias) throws Exception { @@ -1333,9 +1355,9 @@ private Source createSourceFromRequest(RequestSecurityToken request) throws Exception { - // write the request XML to a byte[] + // write the request XML to a DOMResult DOMResult result = new DOMResult(DocumentUtil.createDocument()); - WSTrustRSTWriter writer = new WSTrustRSTWriter(result); + WSTrustRequestWriter writer = new WSTrustRequestWriter(result); writer.write(request); return new DOMSource(result.getNode()); } @@ -1441,7 +1463,8 @@ * Sets the principal to be used in the test case. * * - * @param principal the {@code Principal} to be set. + * @param principal + * the {@code Principal} to be set. */ public void setUserPrincipal(Principal principal) { Modified: federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/wstrust/SAML20TokenProviderUnitTestCase.java =================================================================== --- federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/wstrust/SAML20TokenProviderUnitTestCase.java 2010-11-25 22:20:20 UTC (rev 566) +++ federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/wstrust/SAML20TokenProviderUnitTestCase.java 2010-11-30 00:32:39 UTC (rev 567) @@ -35,19 +35,22 @@ import javax.xml.bind.JAXBElement; import javax.xml.bind.Unmarshaller; import javax.xml.namespace.QName; +import javax.xml.transform.Source; +import javax.xml.transform.dom.DOMResult; import javax.xml.transform.dom.DOMSource; import junit.framework.TestCase; +import org.picketlink.identity.federation.core.saml.v2.util.DocumentUtil; import org.picketlink.identity.federation.core.wstrust.StandardSecurityToken; import org.picketlink.identity.federation.core.wstrust.WSTrustConstants; -import org.picketlink.identity.federation.core.wstrust.WSTrustJAXBFactory; import org.picketlink.identity.federation.core.wstrust.WSTrustRequestContext; import org.picketlink.identity.federation.core.wstrust.WSTrustUtil; import org.picketlink.identity.federation.core.wstrust.plugins.saml.SAML20TokenProvider; import org.picketlink.identity.federation.core.wstrust.plugins.saml.SAMLUtil; import org.picketlink.identity.federation.core.wstrust.wrappers.Lifetime; import org.picketlink.identity.federation.core.wstrust.wrappers.RequestSecurityToken; +import org.picketlink.identity.federation.core.wstrust.writers.WSTrustRequestWriter; import org.picketlink.identity.federation.saml.v2.assertion.AssertionType; import org.picketlink.identity.federation.saml.v2.assertion.AudienceRestrictionType; import org.picketlink.identity.federation.saml.v2.assertion.ConditionsType; @@ -157,8 +160,7 @@ String tokenTypeAttr = securityRef.getOtherAttributes().get(new QName(WSTrustConstants.WSSE11_NS, "TokenType")); assertNotNull("Required attribute TokenType is missing", tokenTypeAttr); assertEquals("TokenType attribute has an unexpected value", SAMLUtil.SAML2_TOKEN_TYPE, tokenTypeAttr); - JAXBElement<?> keyIdElement = (JAXBElement<?>) securityRef.getAny().get(0); - KeyIdentifierType keyId = (KeyIdentifierType) keyIdElement.getValue(); + KeyIdentifierType keyId = (KeyIdentifierType) securityRef.getAny().get(0); assertEquals("Unexpected key value type", SAMLUtil.SAML2_VALUE_TYPE, keyId.getValueType()); assertNotNull("Unexpected null key identifier value", keyId.getValue()); assertEquals(assertion.getID(), keyId.getValue().substring(1)); @@ -346,7 +348,7 @@ validateTarget.setAny(assertion); request.setValidateTarget(validateTarget); // we need to set the request document in the request object for the test. - DOMSource requestSource = (DOMSource) WSTrustJAXBFactory.getInstance().marshallRequestSecurityToken(request); + DOMSource requestSource = (DOMSource) this.createSourceFromRequest(request); request.setRSTDocument((Document) requestSource.getNode()); WSTrustRequestContext context = new WSTrustRequestContext(request, new TestPrincipal("sguilhen")); @@ -373,4 +375,12 @@ Certificate certificate = keyStore.getCertificate(certificateAlias); return certificate; } + + private Source createSourceFromRequest(RequestSecurityToken request) throws Exception + { + DOMResult result = new DOMResult(DocumentUtil.createDocument()); + WSTrustRequestWriter writer = new WSTrustRequestWriter(result); + writer.write(request); + return new DOMSource(result.getNode()); + } } Deleted: federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/wstrust/STSClientUnitTestCase.java =================================================================== --- federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/wstrust/STSClientUnitTestCase.java 2010-11-25 22:20:20 UTC (rev 566) +++ federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/wstrust/STSClientUnitTestCase.java 2010-11-30 00:32:39 UTC (rev 567) @@ -1,283 +0,0 @@ -/* - * JBoss, Home of Professional Open Source. - * Copyright 2008, Red Hat Middleware LLC, and individual contributors - * as indicated by the @author tags. See the copyright.txt file in the - * distribution for a full listing of individual contributors. - * - * This is free software; you can redistribute it and/or modify it - * under the terms of the GNU Lesser General Public License as - * published by the Free Software Foundation; either version 2.1 of - * the License, or (at your option) any later version. - * - * This software is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this software; if not, write to the Free - * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA - * 02110-1301 USA, or see the FSF site: http://www.fsf.org. - */ -package org.picketlink.test.identity.federation.core.wstrust; - -import java.net.MalformedURLException; -import java.net.URI; -import java.net.URL; -import java.security.KeyStore; -import java.security.PublicKey; -import java.util.Map; - -import javax.xml.bind.JAXBException; -import javax.xml.namespace.QName; -import javax.xml.soap.SOAPBody; -import javax.xml.soap.SOAPEnvelope; -import javax.xml.soap.SOAPPart; -import javax.xml.transform.Result; -import javax.xml.transform.Source; -import javax.xml.transform.Transformer; -import javax.xml.transform.TransformerFactory; -import javax.xml.transform.dom.DOMSource; -import javax.xml.transform.stream.StreamResult; -import javax.xml.ws.BindingProvider; -import javax.xml.ws.Dispatch; -import javax.xml.ws.Service; -import javax.xml.ws.Service.Mode; -import javax.xml.ws.soap.SOAPBinding; - -import junit.framework.TestCase; - -import org.picketlink.identity.federation.core.wstrust.STSClient; -import org.picketlink.identity.federation.core.saml.v2.util.DocumentUtil; -import org.picketlink.identity.federation.core.util.KeyStoreUtil; -import org.picketlink.identity.federation.core.util.XMLSignatureUtil; -import org.picketlink.identity.federation.core.wstrust.STSClientConfig; -import org.picketlink.identity.federation.core.wstrust.WSTrustConstants; -import org.picketlink.identity.federation.core.wstrust.WSTrustJAXBFactory; -import org.picketlink.identity.federation.core.wstrust.STSClientConfig.Builder; -import org.picketlink.identity.federation.core.wstrust.plugins.saml.SAMLUtil; -import org.picketlink.identity.federation.core.wstrust.wrappers.RequestSecurityToken; -import org.picketlink.identity.federation.core.wstrust.wrappers.RequestSecurityTokenResponse; -import org.picketlink.identity.federation.core.wstrust.wrappers.RequestSecurityTokenResponseCollection; -import org.picketlink.identity.federation.ws.trust.StatusType; -import org.picketlink.identity.federation.ws.trust.ValidateTargetType; -import org.w3c.dom.Document; -import org.w3c.dom.Element; -import org.w3c.dom.Node; -import org.w3c.dom.NodeList; - -/** - * Unit tests for WS-Trust STS Clients - * @author Anil.Saldhana(a)redhat.com - * @since Aug 26, 2009 - */ -public class STSClientUnitTestCase extends TestCase -{ - //Specify whether this test is run as part of build - private boolean usetest = false; - - - public void testSTS() throws Exception - { - if(usetest == false) - return; - - // create a dispatch object to invoke JBoss STSs. - Dispatch<Source> dispatch = createDispatch(); - - // create a custom token request message. - RequestSecurityToken request = new RequestSecurityToken(); - request.setTokenType(URI.create(SAMLUtil.SAML2_TOKEN_TYPE)); - request.setRequestType(URI.create(WSTrustConstants.ISSUE_REQUEST)); - request.setContext("context"); - - // send the token request to JBoss STS and get the response. - WSTrustJAXBFactory jaxbFactory = WSTrustJAXBFactory.getInstance(); - DOMSource requestSource = (DOMSource) jaxbFactory.marshallRequestSecurityToken(request); - Source response = dispatch.invoke(requestSource); - - Node documentNode = ((DOMSource) response).getNode(); - Document responseDoc = documentNode instanceof Document ? (Document) documentNode : documentNode.getOwnerDocument(); - - - Document myDocument = DocumentUtil.createDocument(); - - Node importedNode = myDocument.importNode(responseDoc.getDocumentElement(), true); - - myDocument.appendChild(importedNode); - - NodeList nodes = null; - if(responseDoc instanceof SOAPPart) - { - SOAPPart soapPart = (SOAPPart) responseDoc; - SOAPEnvelope env = soapPart.getEnvelope(); - SOAPBody body = env.getBody(); - Node data = body.getFirstChild(); - nodes = ((Element)data).getElementsByTagName("RequestedSecurityToken"); - } - else - nodes = responseDoc.getElementsByTagNameNS(WSTrustConstants.BASE_NAMESPACE, "RequestedSecurityToken"); - - assertNotNull("Nodelist not null", nodes); - Node rstr = nodes.item(0); - /*RequestSecurityTokenResponseCollection responseCollection = (RequestSecurityTokenResponseCollection) jaxbFactory.parseRequestSecurityTokenResponse(response); - RequestSecurityTokenResponse tokenResponse = responseCollection.getRequestSecurityTokenResponses().get(0); - - // the SAML assertion is returned as an Element. - Element assertion = (Element) tokenResponse.getRequestedSecurityToken().getAny();*/ - Element assertion = (Element) rstr.getFirstChild(); - System.out.println("NAMESPACE=" + assertion.getNamespaceURI()); - -// PublicKey key = getValidatingKey(); -// Document validate = DocumentUtil.createDocument(); -// validate.appendChild(validate.importNode(assertion, true)); -// System.out.println("Is token valid? " + XMLSignatureUtil.validate(validate, key)); - - // print the assertion for demonstration purposes. - System.out.println("\nSuccessfully issued a standard SAMLV2.0 Assertion!"); - printAssertion(assertion); - - ClassLoader tcl = Thread.currentThread().getContextClassLoader(); - KeyStore ks = KeyStoreUtil.getKeyStore(tcl.getResource("keystore/sts_keystore.jks") - , "testpass".toCharArray()); - - PublicKey pk = KeyStoreUtil.getPublicKey(ks, "sts", "keypass".toCharArray()); - - assertNotNull("Public key is not null", pk); - Document tokenDocument = DocumentUtil.createDocument(); - importedNode = tokenDocument.importNode(assertion, true); - tokenDocument.appendChild(importedNode); - - //System.out.println("Going to validate:" + DocumentUtil.getDocumentAsString(tokenDocument)); - //assertTrue("SignedInfo valid", XMLSignatureUtil.preCheckSignedInfo(tokenDocument)); - //Locally we will validate the assertion - assertTrue("Recieved assertion sig valid", XMLSignatureUtil.validate(tokenDocument, pk)); - - // let's validate the received SAML assertion. - request.getAny().clear(); - request.setTokenType(URI.create(WSTrustConstants.STATUS_TYPE)); - request.setRequestType(URI.create(WSTrustConstants.VALIDATE_REQUEST)); - ValidateTargetType validateTarget = new ValidateTargetType(); - validateTarget.setAny(assertion); - request.setValidateTarget(validateTarget); - - requestSource = (DOMSource) jaxbFactory.marshallRequestSecurityToken(request); - - response = dispatch.invoke(requestSource); - RequestSecurityTokenResponseCollection - responseCollection = (RequestSecurityTokenResponseCollection) jaxbFactory - .parseRequestSecurityTokenResponse(response); - RequestSecurityTokenResponse tokenResponse = responseCollection.getRequestSecurityTokenResponses().get(0); - - StatusType status = tokenResponse.getStatus(); - if (status != null) - { - String code = status.getCode(); - assertFalse("Signature is valid", WSTrustConstants.STATUS_CODE_INVALID.equals(code)); - - System.out.println("\n\nSAMLV2.0 Assertion successfuly validated!"); - System.out.println("Validation status code: " + tokenResponse.getStatus().getCode()); - System.out.println("Validation status reason: " + tokenResponse.getStatus().getReason()); - } - else - System.out.println("\n\nFailed to validate SAMLV2.0 Assertion"); - } - - public void testIssue_Validate_Renew() throws Exception - { - if(usetest == false) - return; - - String serviceName = "PicketLinkSTS"; - String portName = "PicketLinkSTSPort"; - String endpointAddress = "http://localhost:8080/jboss-sts/PicketLinkSTS"; - Builder builder = new STSClientConfig.Builder(); - STSClientConfig config = builder.serviceName(serviceName).portName(portName).endpointAddress(endpointAddress).username("admin").password("admin").build(); - STSClient client = new STSClient(config); - Element token = client.issueToken(SAMLUtil.SAML2_TOKEN_TYPE); - assertTrue("Token is valid" , client.validateToken(token)); - - Element renewedToken = client.renewToken(SAMLUtil.SAML2_TOKEN_TYPE, token); - System.out.println("Renewed Token=" + DocumentUtil.getNodeAsString(renewedToken)); - } - - public void testIssue_Validate_Renew_Using_AppliesTo() throws Exception - { - if(usetest == false) - return; - - Builder stsConfigBuilder = new STSClientConfig.Builder(); - stsConfigBuilder.serviceName("PicketLinkSTS"); - stsConfigBuilder.portName("PicketLinkSTSPort"); - stsConfigBuilder.endpointAddress("http://localhost:8080/jboss-sts/PicketLinkSTS"); - stsConfigBuilder.username("admin").password("admin"); - STSClient client = new STSClient(stsConfigBuilder.build()); - - // This endpointURI is specified in src/test/resource/jboss-sts.xml - String endpointURI = "http://services.testcorp.org/provider2"; - - Element token = client.issueTokenForEndpoint(endpointURI); - assertTrue("Token is valid" , client.validateToken(token)); - - Element renewedToken = client.renewToken(SAMLUtil.SAML2_TOKEN_TYPE, token); - System.out.println("Renewed Token=" + DocumentUtil.getNodeAsString(renewedToken)); - } - - public void testIssue_Neither_AppliesTo_Or_TokenType_Specified() - { - if(usetest == false) - return; - - Builder stsConfigBuilder = new STSClientConfig.Builder(); - stsConfigBuilder.serviceName("PicketLinkSTS"); - stsConfigBuilder.portName("PicketLinkSTSPort"); - stsConfigBuilder.endpointAddress("http://localhost:8080/jboss-sts/PicketLinkSTS"); - stsConfigBuilder.username("admin").password("admin"); - STSClient client = new STSClient(stsConfigBuilder.build()); - - try - { - client.issueToken(null, null); - fail("issueTokenForEndpoint should throw an exception if endpointURI and tokenType are null"); - } - catch(Exception e) - { - assertTrue("Excpetion was not of type IllegalException", e instanceof IllegalArgumentException); - } - } - - - private Dispatch<Source> createDispatch() throws MalformedURLException, JAXBException - { - // JBoss STS target information. - String targetNS = "http://org.picketlink.trust/sts/"; - QName serviceName = new QName(targetNS, "PicketLinkSTS"); - QName portName = new QName(targetNS, "PicketLinkSTSPort"); - URL endpointAddress = new URL("http://localhost:8080/jboss-sts/PicketLinkSTS"); -// URL securityConfigURL = new File("jboss-wsse-client.xml").toURI().toURL(); - - Service service = Service.create(serviceName); - service.addPort(portName, SOAPBinding.SOAP11HTTP_BINDING, endpointAddress.toExternalForm()); - - // create the dispatch, setting the client security configuration file. - Dispatch<Source> dispatch = service.createDispatch(portName, Source.class, Mode.PAYLOAD); -// ((ConfigProvider) dispatch).setSecurityConfig(securityConfigURL.toExternalForm()); -// ((ConfigProvider) dispatch).setConfigName("Standard WSSecurity Client"); - - // add the username and password to the request context. - Map<String, Object> reqContext = dispatch.getRequestContext(); - reqContext.put(BindingProvider.USERNAME_PROPERTY, "admin"); - reqContext.put(BindingProvider.PASSWORD_PROPERTY, "admin"); - - return dispatch; - } - - private void printAssertion(Element assertion) throws Exception - { - TransformerFactory tranFactory = TransformerFactory.newInstance(); - Transformer aTransformer = tranFactory.newTransformer(); - Source src = new DOMSource(assertion); - Result dest = new StreamResult(System.out); - aTransformer.transform(src, dest); - } -} \ No newline at end of file Modified: federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/wstrust/SpecialTokenProvider.java =================================================================== --- federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/wstrust/SpecialTokenProvider.java 2010-11-25 22:20:20 UTC (rev 566) +++ federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/wstrust/SpecialTokenProvider.java 2010-11-30 00:32:39 UTC (rev 567) @@ -95,10 +95,14 @@ String namespaceURI = "http://www.tokens.org"; Element root = doc.createElementNS(namespaceURI, "token:SpecialToken"); - root.appendChild(doc.createTextNode("Principal:" + caller)); + Element child = doc.createElementNS(namespaceURI, "token:SpecialTokenValue"); + child.appendChild(doc.createTextNode("Principal:" + caller)); + root.appendChild(child); String id = IDGenerator.create("ID_"); root.setAttributeNS(namespaceURI, "ID", id); root.setAttributeNS(namespaceURI, "TokenType", tokenType.toString()); + root.setAttributeNS("http://www.w3.org/2000/xmlns/", "xmlns:token", namespaceURI); + doc.appendChild(root); SecurityToken token = new StandardSecurityToken(tokenType.toString(), root, id); Deleted: federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/wstrust/WSTrustJAXBFactoryUnitTestCase.java =================================================================== --- federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/wstrust/WSTrustJAXBFactoryUnitTestCase.java 2010-11-25 22:20:20 UTC (rev 566) +++ federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/wstrust/WSTrustJAXBFactoryUnitTestCase.java 2010-11-30 00:32:39 UTC (rev 567) @@ -1,186 +0,0 @@ -/* - * JBoss, Home of Professional Open Source. - * Copyright 2009, Red Hat Middleware LLC, and individual contributors - * as indicated by the @author tags. See the copyright.txt file in the - * distribution for a full listing of individual contributors. - * - * This is free software; you can redistribute it and/or modify it - * under the terms of the GNU Lesser General Public License as - * published by the Free Software Foundation; either version 2.1 of - * the License, or (at your option) any later version. - * - * This software is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this software; if not, write to the Free - * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA - * 02110-1301 USA, or see the FSF site: http://www.fsf.org. - */ -package org.picketlink.test.identity.federation.core.wstrust; - -import java.net.URI; - -import javax.xml.transform.Source; -import javax.xml.transform.dom.DOMSource; - -import junit.framework.TestCase; - -import org.picketlink.identity.federation.core.saml.v2.util.DocumentUtil; -import org.picketlink.identity.federation.core.wstrust.WSTrustJAXBFactory; -import org.picketlink.identity.federation.core.wstrust.wrappers.BaseRequestSecurityToken; -import org.picketlink.identity.federation.core.wstrust.wrappers.BaseRequestSecurityTokenResponse; -import org.picketlink.identity.federation.core.wstrust.wrappers.RequestSecurityToken; -import org.picketlink.identity.federation.core.wstrust.wrappers.RequestSecurityTokenResponse; -import org.picketlink.identity.federation.core.wstrust.wrappers.RequestSecurityTokenResponseCollection; -import org.w3c.dom.Document; - -/** - * - * This {@code TestCase} tests the methods of the {@code WSTrustJAXBFactory}. - * - * - * @author <a href="mailto:sguilhen@redhat.com">Stefan Guilhen</a> - */ -public class WSTrustJAXBFactoryUnitTestCase extends TestCase -{ - - /** - * - * Tests parsing a WS-Trust request message. - * - * - * @throws Exception - * if an error occurs while running the test. - */ - public void testParseRequestSecurityToken() throws Exception - { - // load a sample ws-trust request from a test file. - Document document = DocumentUtil - .getDocument(this.getClass().getResourceAsStream("/wstrust/ws-trust-request.xml")); - - // encapsulate the request in a source object. - Source source = new DOMSource(document); - - // parse the request using the WSTrustJAXBFactory. - WSTrustJAXBFactory factory = WSTrustJAXBFactory.getInstance(); - BaseRequestSecurityToken baseRequest = factory.parseRequestSecurityToken(source); - assertNotNull("Unexpected null request message", baseRequest); - - // check the contents of the parsed request. - assertTrue("Unexpected request message type", baseRequest instanceof RequestSecurityToken); - RequestSecurityToken parsedRequest = (RequestSecurityToken) baseRequest; - assertEquals("Unexpected context name", "testcontext", parsedRequest.getContext()); - assertEquals("Unexpected token type", "http://www.tokens.org/SpecialToken", parsedRequest.getTokenType().toString()); - assertEquals("Unexpected request type", "http://docs.oasis-open.org/ws-sx/ws-trust/200512/Issue", parsedRequest - .getRequestType().toString()); - } - - /** - * - * Tests parsing a WS-Trust response message. - * - * - * @throws Exception - * if an error occurs while running the test. - */ - public void testParseRequestSecurityTokenResponse() throws Exception - { - // load a ws-trust response from a file. - Document document = DocumentUtil.getDocument(this.getClass() - .getResourceAsStream("/wstrust/ws-trust-response.xml")); - - // encapsulate the response in a source object. - Source source = new DOMSource(document); - - // parse the response using the WSTrustJAXBFactory. - WSTrustJAXBFactory factory = WSTrustJAXBFactory.getInstance(); - BaseRequestSecurityTokenResponse baseResponse = factory.parseRequestSecurityTokenResponse(source); - assertNotNull("Unexpected null response message", baseResponse); - - // check the contents of the parsed response. - assertTrue("Unexpected response message type", baseResponse instanceof RequestSecurityTokenResponseCollection); - RequestSecurityTokenResponseCollection parsedCollection = (RequestSecurityTokenResponseCollection) baseResponse; - assertNotNull("Unexpected null response list", parsedCollection.getRequestSecurityTokenResponses()); - assertEquals("Unexpected number of responses", 1, parsedCollection.getRequestSecurityTokenResponses().size()); - - RequestSecurityTokenResponse parsedResponse = parsedCollection.getRequestSecurityTokenResponses().get(0); - assertEquals("Unexpected context name", "testcontext", parsedResponse.getContext()); - assertEquals("Unexpected token type", "http://www.tokens.org/SpecialToken", parsedResponse.getTokenType() - .toString()); - assertFalse(parsedResponse.isForwardable()); - } - - /** - * - * Tests the marshalling of a WS-Trust request. - * - * - * @throws Exception - * if an error occurs while running the test. - */ - public void testMarshallRequestSecurityToken() throws Exception - { - // create a request object. - RequestSecurityToken request = new RequestSecurityToken(); - request.setContext("testcontext"); - request.setTokenType(new URI("http://www.tokens.org/SpecialToken")); - request.setRequestType(new URI("http://docs.oasis-open.org/ws-sx/ws-trust/200512/Issue")); - - // use the factory to marshall the request. - WSTrustJAXBFactory factory = WSTrustJAXBFactory.getInstance(); - Source source = factory.marshallRequestSecurityToken(request); - assertNotNull("Unexpected null source", source); - assertTrue("Unexpected source type", source instanceof DOMSource); - - // at this point we know that the parsing works, so parse the generated source and compare to the original request. - BaseRequestSecurityToken baseRequest = factory.parseRequestSecurityToken(source); - assertNotNull("Unexpected null value for the parsed request", baseRequest); - assertTrue("Unexpected parsed request type", baseRequest instanceof RequestSecurityToken); - RequestSecurityToken parsedRequest = (RequestSecurityToken) baseRequest; - assertEquals("Unexpected context value", request.getContext(), parsedRequest.getContext()); - assertTrue("Unexpected token type", request.getTokenType().equals(parsedRequest.getTokenType())); - assertTrue("Unexpected request type", request.getRequestType().equals(parsedRequest.getRequestType())); - } - - /** - * - * Tests the marshalling of a WS-Trust response. - * - * - * @throws Exception - * if an error occurs while running the test. - */ - public void testMarshallRequestSecurityTokenResponse() throws Exception - { - // create a sample ws-trust response message. - RequestSecurityTokenResponse response = new RequestSecurityTokenResponse(); - response.setContext("testcontext"); - response.setTokenType(new URI("http://www.tokens.org/SpecialToken")); - response.setForwardable(false); - - RequestSecurityTokenResponseCollection collection = new RequestSecurityTokenResponseCollection(); - collection.addRequestSecurityTokenResponse(response); - - // use the factory to marshall the response. - WSTrustJAXBFactory factory = WSTrustJAXBFactory.getInstance(); - Source source = factory.marshallRequestSecurityTokenResponse(collection); - assertNotNull("Unexpected null source", source); - assertTrue("Unexpected source type", source instanceof DOMSource); - - // at this point we know that the parsing works, so parse the generated source and compare to the original response. - BaseRequestSecurityTokenResponse baseResponse = factory.parseRequestSecurityTokenResponse(source); - assertNotNull("Unexpected null value for the parsed response", baseResponse); - assertTrue("Unexpected parsed request type", baseResponse instanceof RequestSecurityTokenResponseCollection); - RequestSecurityTokenResponseCollection parsedCollection = (RequestSecurityTokenResponseCollection) baseResponse; - assertNotNull("Unexpected null response list", parsedCollection.getRequestSecurityTokenResponses()); - assertEquals("Unexpected number of responses", 1, parsedCollection.getRequestSecurityTokenResponses().size()); - - RequestSecurityTokenResponse parsedResponse = parsedCollection.getRequestSecurityTokenResponses().get(0); - assertEquals("Unexpected context value", response.getContext(), parsedResponse.getContext()); - assertTrue("Unexpected token type", response.getTokenType().equals(parsedResponse.getTokenType())); - assertFalse(parsedResponse.isForwardable()); - } -} Added: federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/ws/trust/ComputedKeyType.java =================================================================== --- federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/ws/trust/ComputedKeyType.java (rev 0) +++ federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/ws/trust/ComputedKeyType.java 2010-11-30 00:32:39 UTC (rev 567) @@ -0,0 +1,72 @@ +/* + * JBoss, Home of Professional Open Source. + * Copyright 2009, Red Hat Middleware LLC, and individual contributors + * as indicated by the @author tags. See the copyright.txt file in the + * distribution for a full listing of individual contributors. + * + * This is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * This software is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this software; if not, write to the Free + * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA + * 02110-1301 USA, or see the FSF site: http://www.fsf.org. + */ +package org.picketlink.identity.federation.ws.trust; + +public class ComputedKeyType +{ + private String algorithm; + + /** + * + * Creates an instance of {@code ComputedKeyType}. + * + */ + public ComputedKeyType() + { + } + + /** + * + * Creates an instance of {@code ComputedKeyType} with the specified algorithm. + * + * + * @param algorithm the computed key algorithm. + */ + public ComputedKeyType(String algorithm) + { + this.algorithm = algorithm; + } + + /** + * + * Obtains the algorithm used to compute the shared secret key. + * + * + * @return a {@code String} representing the computed key algorithm. + */ + public String getAlgorithm() + { + return this.algorithm; + } + + /** + * + * Sets the algorithm used to compute the shared secret key. + * + * + * @param algorithm a {@code String} representing the computed key algorithm. + */ + public void setAlgorithm(String algorithm) + { + this.algorithm = algorithm; + } +}

14 years

1
0
0 / 0

Picketlink SVN: r566 - in idm/branches/1.1.0: assembly and 18 other directories.

by picketlink-commits＠lists.jboss.org

Author: bdaw Date: 2010-11-25 17:20:20 -0500 (Thu, 25 Nov 2010) New Revision: 566 Modified: idm/branches/1.1.0/assembly/pom.xml idm/branches/1.1.0/example/auth-simple/pom.xml idm/branches/1.1.0/example/auth/pom.xml idm/branches/1.1.0/example/simple/pom.xml idm/branches/1.1.0/integration/deployer/pom.xml idm/branches/1.1.0/integration/jboss5/pom.xml idm/branches/1.1.0/integration/pom.xml idm/branches/1.1.0/parent/pom.xml idm/branches/1.1.0/picketlink-idm-api/pom.xml idm/branches/1.1.0/picketlink-idm-auth/pom.xml idm/branches/1.1.0/picketlink-idm-cache/pom.xml idm/branches/1.1.0/picketlink-idm-common/pom.xml idm/branches/1.1.0/picketlink-idm-core/pom.xml idm/branches/1.1.0/picketlink-idm-docs/ReferenceGuide/pom.xml idm/branches/1.1.0/picketlink-idm-docs/pom.xml idm/branches/1.1.0/picketlink-idm-hibernate/pom.xml idm/branches/1.1.0/picketlink-idm-ldap/pom.xml idm/branches/1.1.0/picketlink-idm-spi/pom.xml idm/branches/1.1.0/picketlink-idm-testsuite/pom.xml idm/branches/1.1.0/pom.xml Log: [maven-release-plugin] prepare for next development iteration Modified: idm/branches/1.1.0/assembly/pom.xml =================================================================== --- idm/branches/1.1.0/assembly/pom.xml 2010-11-25 22:19:40 UTC (rev 565) +++ idm/branches/1.1.0/assembly/pom.xml 2010-11-25 22:20:20 UTC (rev 566) @@ -8,7 +8,7 @@ <parent> <groupId>org.picketlink.idm</groupId> <artifactId>picketlink-idm-parent</artifactId> - <version>1.1.7.GA</version> + <version>1.1.8.CR01-SNAPSHOT</version> <relativePath>../parent</relativePath> </parent> Modified: idm/branches/1.1.0/example/auth/pom.xml =================================================================== --- idm/branches/1.1.0/example/auth/pom.xml 2010-11-25 22:19:40 UTC (rev 565) +++ idm/branches/1.1.0/example/auth/pom.xml 2010-11-25 22:20:20 UTC (rev 566) @@ -1,7 +1,7 @@ <project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd"> <modelVersion>4.0.0</modelVersion> <groupId>org.picketlink.idm.example</groupId> - <version>1.1.7.GA</version> + <version>1.1.8.CR01-SNAPSHOT</version> <artifactId>example-auth</artifactId> <packaging>jar</packaging> <name>Example - JEE authentication</name> Modified: idm/branches/1.1.0/example/auth-simple/pom.xml =================================================================== --- idm/branches/1.1.0/example/auth-simple/pom.xml 2010-11-25 22:19:40 UTC (rev 565) +++ idm/branches/1.1.0/example/auth-simple/pom.xml 2010-11-25 22:20:20 UTC (rev 566) @@ -1,7 +1,7 @@ <project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd"> <modelVersion>4.0.0</modelVersion> <groupId>org.picketlink.idm.example</groupId> - <version>1.1.7.GA</version> + <version>1.1.8.CR01-SNAPSHOT</version> <artifactId>example-auth-simple</artifactId> <packaging>jar</packaging> <name>Example - JEE authentication (using deployer)</name> Modified: idm/branches/1.1.0/example/simple/pom.xml =================================================================== --- idm/branches/1.1.0/example/simple/pom.xml 2010-11-25 22:19:40 UTC (rev 565) +++ idm/branches/1.1.0/example/simple/pom.xml 2010-11-25 22:20:20 UTC (rev 566) @@ -1,7 +1,7 @@ <project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd"> <modelVersion>4.0.0</modelVersion> <groupId>org.picketlink.idm.example</groupId> - <version>1.1.7.GA</version> + <version>1.1.8.CR01-SNAPSHOT</version> <artifactId>example-simple</artifactId> <packaging>jar</packaging> <name>Example - Simple PicketLink IDM Maven2 project</name> Modified: idm/branches/1.1.0/integration/deployer/pom.xml =================================================================== --- idm/branches/1.1.0/integration/deployer/pom.xml 2010-11-25 22:19:40 UTC (rev 565) +++ idm/branches/1.1.0/integration/deployer/pom.xml 2010-11-25 22:20:20 UTC (rev 566) @@ -10,7 +10,7 @@ <parent> <groupId>org.picketlink.idm</groupId> <artifactId>picketlink-idm-integration</artifactId> - <version>1.1.7.GA</version> + <version>1.1.8.CR01-SNAPSHOT</version> </parent> <properties> Modified: idm/branches/1.1.0/integration/jboss5/pom.xml =================================================================== --- idm/branches/1.1.0/integration/jboss5/pom.xml 2010-11-25 22:19:40 UTC (rev 565) +++ idm/branches/1.1.0/integration/jboss5/pom.xml 2010-11-25 22:20:20 UTC (rev 566) @@ -10,7 +10,7 @@ <parent> <groupId>org.picketlink.idm</groupId> <artifactId>picketlink-idm-integration</artifactId> - <version>1.1.7.GA</version> + <version>1.1.8.CR01-SNAPSHOT</version> </parent> <dependencies> Modified: idm/branches/1.1.0/integration/pom.xml =================================================================== --- idm/branches/1.1.0/integration/pom.xml 2010-11-25 22:19:40 UTC (rev 565) +++ idm/branches/1.1.0/integration/pom.xml 2010-11-25 22:20:20 UTC (rev 566) @@ -12,7 +12,7 @@ <parent> <groupId>org.picketlink.idm</groupId> <artifactId>picketlink-idm-parent</artifactId> - <version>1.1.7.GA</version> + <version>1.1.8.CR01-SNAPSHOT</version> <relativePath>../parent/pom.xml</relativePath> </parent> Modified: idm/branches/1.1.0/parent/pom.xml =================================================================== --- idm/branches/1.1.0/parent/pom.xml 2010-11-25 22:19:40 UTC (rev 565) +++ idm/branches/1.1.0/parent/pom.xml 2010-11-25 22:20:20 UTC (rev 566) @@ -8,7 +8,7 @@ <groupId>org.picketlink.idm</groupId> <artifactId>picketlink-idm-parent</artifactId> <packaging>pom</packaging> - <version>1.1.7.GA</version> + <version>1.1.8.CR01-SNAPSHOT</version> <name>PicketLink IDM- Parent</name> <url>http://labs.jboss.org/portal/jbosssecurity/</url> <description>PicketLink is a cross-cutting project that handles identity needs for the JEMS projects</description> @@ -520,10 +520,4 @@ </dependency> </dependencies> </dependencyManagement> - - <scm> - <connection>scm:svn:http://anonsvn.jboss.org/repos/maven/poms/jboss-parent-pom/tags/1...</connection> - <developerConnection>scm:svn:https://svn.jboss.org/repos/maven/poms/jboss-parent-pom/tags/1.1....</developerConnection> - <url>http://anonsvn.jboss.org/repos/maven/poms/jboss-parent-pom/tags/1.1.7.GA</url> - </scm> </project> Modified: idm/branches/1.1.0/picketlink-idm-api/pom.xml =================================================================== --- idm/branches/1.1.0/picketlink-idm-api/pom.xml 2010-11-25 22:19:40 UTC (rev 565) +++ idm/branches/1.1.0/picketlink-idm-api/pom.xml 2010-11-25 22:20:20 UTC (rev 566) @@ -2,7 +2,7 @@ <parent> <groupId>org.picketlink.idm</groupId> <artifactId>picketlink-idm-parent</artifactId> - <version>1.1.7.GA</version> + <version>1.1.8.CR01-SNAPSHOT</version> <relativePath>../parent</relativePath> </parent> <modelVersion>4.0.0</modelVersion> Modified: idm/branches/1.1.0/picketlink-idm-auth/pom.xml =================================================================== --- idm/branches/1.1.0/picketlink-idm-auth/pom.xml 2010-11-25 22:19:40 UTC (rev 565) +++ idm/branches/1.1.0/picketlink-idm-auth/pom.xml 2010-11-25 22:20:20 UTC (rev 566) @@ -2,7 +2,7 @@ <parent> <groupId>org.picketlink.idm</groupId> <artifactId>picketlink-idm-parent</artifactId> - <version>1.1.7.GA</version> + <version>1.1.8.CR01-SNAPSHOT</version> <relativePath>../parent</relativePath> </parent> <modelVersion>4.0.0</modelVersion> Modified: idm/branches/1.1.0/picketlink-idm-cache/pom.xml =================================================================== --- idm/branches/1.1.0/picketlink-idm-cache/pom.xml 2010-11-25 22:19:40 UTC (rev 565) +++ idm/branches/1.1.0/picketlink-idm-cache/pom.xml 2010-11-25 22:20:20 UTC (rev 566) @@ -2,7 +2,7 @@ <parent> <groupId>org.picketlink.idm</groupId> <artifactId>picketlink-idm-parent</artifactId> - <version>1.1.7.GA</version> + <version>1.1.8.CR01-SNAPSHOT</version> <relativePath>../parent</relativePath> </parent> <modelVersion>4.0.0</modelVersion> Modified: idm/branches/1.1.0/picketlink-idm-common/pom.xml =================================================================== --- idm/branches/1.1.0/picketlink-idm-common/pom.xml 2010-11-25 22:19:40 UTC (rev 565) +++ idm/branches/1.1.0/picketlink-idm-common/pom.xml 2010-11-25 22:20:20 UTC (rev 566) @@ -2,7 +2,7 @@ <parent> <groupId>org.picketlink.idm</groupId> <artifactId>picketlink-idm-parent</artifactId> - <version>1.1.7.GA</version> + <version>1.1.8.CR01-SNAPSHOT</version> <relativePath>../parent</relativePath> </parent> <modelVersion>4.0.0</modelVersion> Modified: idm/branches/1.1.0/picketlink-idm-core/pom.xml =================================================================== --- idm/branches/1.1.0/picketlink-idm-core/pom.xml 2010-11-25 22:19:40 UTC (rev 565) +++ idm/branches/1.1.0/picketlink-idm-core/pom.xml 2010-11-25 22:20:20 UTC (rev 566) @@ -2,7 +2,7 @@ <parent> <groupId>org.picketlink.idm</groupId> <artifactId>picketlink-idm-parent</artifactId> - <version>1.1.7.GA</version> + <version>1.1.8.CR01-SNAPSHOT</version> <relativePath>../parent</relativePath> </parent> <modelVersion>4.0.0</modelVersion> Modified: idm/branches/1.1.0/picketlink-idm-docs/ReferenceGuide/pom.xml =================================================================== --- idm/branches/1.1.0/picketlink-idm-docs/ReferenceGuide/pom.xml 2010-11-25 22:19:40 UTC (rev 565) +++ idm/branches/1.1.0/picketlink-idm-docs/ReferenceGuide/pom.xml 2010-11-25 22:20:20 UTC (rev 566) @@ -2,7 +2,7 @@ <parent> <groupId>org.picketlink.idm</groupId> <artifactId>picketlink-idm-parent</artifactId> - <version>1.1.7.GA</version> + <version>1.1.8.CR01-SNAPSHOT</version> <relativePath>../../parent</relativePath> </parent> Modified: idm/branches/1.1.0/picketlink-idm-docs/pom.xml =================================================================== --- idm/branches/1.1.0/picketlink-idm-docs/pom.xml 2010-11-25 22:19:40 UTC (rev 565) +++ idm/branches/1.1.0/picketlink-idm-docs/pom.xml 2010-11-25 22:20:20 UTC (rev 566) @@ -2,7 +2,7 @@ <parent> <groupId>org.picketlink.idm</groupId> <artifactId>picketlink-idm-parent</artifactId> - <version>1.1.7.GA</version> + <version>1.1.8.CR01-SNAPSHOT</version> <relativePath>../parent</relativePath> </parent> <modelVersion>4.0.0</modelVersion> Modified: idm/branches/1.1.0/picketlink-idm-hibernate/pom.xml =================================================================== --- idm/branches/1.1.0/picketlink-idm-hibernate/pom.xml 2010-11-25 22:19:40 UTC (rev 565) +++ idm/branches/1.1.0/picketlink-idm-hibernate/pom.xml 2010-11-25 22:20:20 UTC (rev 566) @@ -2,7 +2,7 @@ <parent> <groupId>org.picketlink.idm</groupId> <artifactId>picketlink-idm-parent</artifactId> - <version>1.1.7.GA</version> + <version>1.1.8.CR01-SNAPSHOT</version> <relativePath>../parent</relativePath> </parent> <modelVersion>4.0.0</modelVersion> Modified: idm/branches/1.1.0/picketlink-idm-ldap/pom.xml =================================================================== --- idm/branches/1.1.0/picketlink-idm-ldap/pom.xml 2010-11-25 22:19:40 UTC (rev 565) +++ idm/branches/1.1.0/picketlink-idm-ldap/pom.xml 2010-11-25 22:20:20 UTC (rev 566) @@ -2,7 +2,7 @@ <parent> <groupId>org.picketlink.idm</groupId> <artifactId>picketlink-idm-parent</artifactId> - <version>1.1.7.GA</version> + <version>1.1.8.CR01-SNAPSHOT</version> <relativePath>../parent</relativePath> </parent> <modelVersion>4.0.0</modelVersion> Modified: idm/branches/1.1.0/picketlink-idm-spi/pom.xml =================================================================== --- idm/branches/1.1.0/picketlink-idm-spi/pom.xml 2010-11-25 22:19:40 UTC (rev 565) +++ idm/branches/1.1.0/picketlink-idm-spi/pom.xml 2010-11-25 22:20:20 UTC (rev 566) @@ -2,7 +2,7 @@ <parent> <groupId>org.picketlink.idm</groupId> <artifactId>picketlink-idm-parent</artifactId> - <version>1.1.7.GA</version> + <version>1.1.8.CR01-SNAPSHOT</version> <relativePath>../parent</relativePath> </parent> <modelVersion>4.0.0</modelVersion> Modified: idm/branches/1.1.0/picketlink-idm-testsuite/pom.xml =================================================================== --- idm/branches/1.1.0/picketlink-idm-testsuite/pom.xml 2010-11-25 22:19:40 UTC (rev 565) +++ idm/branches/1.1.0/picketlink-idm-testsuite/pom.xml 2010-11-25 22:20:20 UTC (rev 566) @@ -2,7 +2,7 @@ <parent> <groupId>org.picketlink.idm</groupId> <artifactId>picketlink-idm-parent</artifactId> - <version>1.1.7.GA</version> + <version>1.1.8.CR01-SNAPSHOT</version> <relativePath>../parent</relativePath> </parent> <modelVersion>4.0.0</modelVersion> Modified: idm/branches/1.1.0/pom.xml =================================================================== --- idm/branches/1.1.0/pom.xml 2010-11-25 22:19:40 UTC (rev 565) +++ idm/branches/1.1.0/pom.xml 2010-11-25 22:20:20 UTC (rev 566) @@ -2,7 +2,7 @@ <parent> <groupId>org.picketlink.idm</groupId> <artifactId>picketlink-idm-parent</artifactId> - <version>1.1.7.GA</version> + <version>1.1.8.CR01-SNAPSHOT</version> <relativePath>parent</relativePath> </parent> <modelVersion>4.0.0</modelVersion> @@ -14,9 +14,9 @@ <description /> <scm> - <connection>scm:svn:http://anonsvn.jboss.org/repos/picketlink/idm/tags/1.1.7.GA</connection> - <developerConnection>scm:svn:https://svn.jboss.org/repos/picketlink/idm/tags/1.1.7.GA</developerConnection> - <url>http://anonsvn.jboss.org/repos/maven/poms/jboss-parent-pom/tags/1.1.7.GA</url> + <connection>scm:svn:http://anonsvn.jboss.org/repos/picketlink/idm/branches/1.1.0</connection> + <developerConnection>scm:svn:https://svn.jboss.org/repos/picketlink/idm/branches/1.1.0</developerConnection> + <url>http://anonsvn.jboss.org/repos/maven/poms/jboss-parent-pom/tags/jboss-par...</url> </scm> <profiles>

14 years

1
0
0 / 0

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

picketlink-commits November 2010