Picketlink SVN: r515 - in federation/trunk/picketlink-fed-core/src: main/java/org/picketlink/identity/federation/core/saml/v2/constants and 3 other directories.
by picketlink-commits@lists.jboss.org
Author: anil.saldhana(a)jboss.com
Date: 2010-11-02 18:23:16 -0400 (Tue, 02 Nov 2010)
New Revision: 515
Added:
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLResponseParser.java
federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/saml/SAMLResponseParserTestCase.java
federation/trunk/picketlink-fed-core/src/test/resources/parser/saml2/saml2-response.xml
Modified:
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLAssertionParser.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLAuthNRequestParser.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLParser.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/constants/JBossSAMLConstants.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/util/XMLTimeUtil.java
Log:
PLFED-109: PLFED-110: add saml response parsing
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLAssertionParser.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLAssertionParser.java 2010-11-02 20:02:41 UTC (rev 514)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLAssertionParser.java 2010-11-02 22:23:16 UTC (rev 515)
@@ -21,8 +21,7 @@
*/
package org.picketlink.identity.federation.core.parsers.saml;
-import javax.xml.datatype.DatatypeConfigurationException;
-import javax.xml.datatype.DatatypeFactory;
+import javax.xml.bind.JAXBElement;
import javax.xml.namespace.QName;
import javax.xml.stream.XMLEventReader;
import javax.xml.stream.XMLStreamException;
@@ -36,7 +35,11 @@
import org.picketlink.identity.federation.core.parsers.util.StaxParserUtil;
import org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLConstants;
import org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLURIConstants;
+import org.picketlink.identity.federation.core.saml.v2.factories.SAMLAssertionFactory;
+import org.picketlink.identity.federation.core.saml.v2.util.XMLTimeUtil;
import org.picketlink.identity.federation.saml.v2.assertion.AssertionType;
+import org.picketlink.identity.federation.saml.v2.assertion.AuthnContextType;
+import org.picketlink.identity.federation.saml.v2.assertion.AuthnStatementType;
import org.picketlink.identity.federation.saml.v2.assertion.ConditionsType;
import org.picketlink.identity.federation.saml.v2.assertion.NameIDType;
import org.picketlink.identity.federation.saml.v2.assertion.SubjectType;
@@ -48,23 +51,17 @@
*/
public class SAMLAssertionParser implements ParserNamespaceSupport
{
+ private String ASSERTION = JBossSAMLConstants.ASSERTION.get();
+
/**
* @see {@link ParserNamespaceSupport#parse(XMLEventReader)}
*/
public Object parse(XMLEventReader xmlEventReader) throws ParsingException
- {
- DatatypeFactory dtf;
- try
- {
- dtf = DatatypeFactory.newInstance();
- }
- catch (DatatypeConfigurationException e )
- {
- throw new ParsingException( e );
- }
+ {
+ StartElement startElement = StaxParserUtil.getNextStartElement(xmlEventReader);
+ StaxParserUtil.matches(startElement, ASSERTION );
+ AssertionType assertion = parseBaseAttributes( startElement );
- AssertionType assertion = new AssertionType();
-
//Peek at the next event
while( xmlEventReader.hasNext() )
{
@@ -96,45 +93,37 @@
String tag = StaxParserUtil.getStartElementName( peekedElement );
- if( tag.equals( JBossSAMLConstants.ASSERTION.get() ))
+ /*if( tag.equals( JBossSAMLConstants.ASSERTION.get() ))
{
StartElement nextElement = StaxParserUtil.getNextStartElement(xmlEventReader);
- Attribute idAttribute = nextElement.getAttributeByName( new QName( "", JBossSAMLConstants.ID.get() ) );
+ Attribute idAttribute = nextElement.getAttributeByName( new QName( JBossSAMLConstants.ID.get() ) );
assertion.setID( StaxParserUtil.getAttributeValue( idAttribute ));
- Attribute versionAttribute = nextElement.getAttributeByName( new QName( "", JBossSAMLConstants.VERSION.get() ));
+ Attribute versionAttribute = nextElement.getAttributeByName( new QName( JBossSAMLConstants.VERSION.get() ));
assertion.setVersion( StaxParserUtil.getAttributeValue(versionAttribute) );
- Attribute issueInstantAttribute = nextElement.getAttributeByName( new QName( "", JBossSAMLConstants.ISSUE_INSTANT.get() ));
+ Attribute issueInstantAttribute = nextElement.getAttributeByName( new QName( JBossSAMLConstants.ISSUE_INSTANT.get() ));
if( issueInstantAttribute != null )
{
- assertion.setIssueInstant( dtf.newXMLGregorianCalendar( StaxParserUtil.getAttributeValue(issueInstantAttribute )));
+ assertion.setIssueInstant( XMLTimeUtil.parse( StaxParserUtil.getAttributeValue(issueInstantAttribute )));
}
continue;
- }
+ }*/
if( tag.equals( JBossSAMLConstants.SIGNATURE.get() ) )
{
- bypassXMLSignatureBlock( xmlEventReader );
+ StaxParserUtil.bypassElementBlock(xmlEventReader, JBossSAMLConstants.SIGNATURE.get() );
continue;
}
if( JBossSAMLConstants.ISSUER.get().equalsIgnoreCase( tag ) )
{
- try
- {
- StaxParserUtil.getNextStartElement( xmlEventReader );
- String issuerValue = xmlEventReader.getElementText();
+ startElement = StaxParserUtil.getNextStartElement(xmlEventReader);
+ String issuerValue = StaxParserUtil.getElementText(xmlEventReader);
+ NameIDType issuer = new NameIDType();
+ issuer.setValue( issuerValue );
- NameIDType issuer = new NameIDType();
- issuer.setValue( issuerValue );
-
- assertion.setIssuer( issuer );
- }
- catch (XMLStreamException e)
- {
- throw new ParsingException( e );
- }
+ assertion.setIssuer( issuer );
}
else if( JBossSAMLConstants.SUBJECT.get().equalsIgnoreCase( tag ) )
{
@@ -148,6 +137,11 @@
assertion.setConditions( conditions );
}
+ else if( JBossSAMLConstants.AUTHN_STATEMENT.get().equalsIgnoreCase( tag ) )
+ {
+ AuthnStatementType authnStatementType = parseAuthnStatement( xmlEventReader );
+ assertion.getStatementOrAuthnStatementOrAuthzDecisionStatement().add( authnStatementType );
+ }
}
return assertion;
}
@@ -162,15 +156,87 @@
return nsURI.equals( JBossSAMLURIConstants.ASSERTION_NSURI.get() )
&& localPart.equals( JBossSAMLConstants.ASSERTION.get() );
- }
+ }
+
+ private AssertionType parseBaseAttributes( StartElement nextElement ) throws ParsingException
+ {
+ AssertionType assertion = new AssertionType();
+ Attribute idAttribute = nextElement.getAttributeByName( new QName( JBossSAMLConstants.ID.get() ) );
+ assertion.setID( StaxParserUtil.getAttributeValue( idAttribute ));
+ Attribute versionAttribute = nextElement.getAttributeByName( new QName( JBossSAMLConstants.VERSION.get() ));
+ assertion.setVersion( StaxParserUtil.getAttributeValue(versionAttribute) );
+
+ Attribute issueInstantAttribute = nextElement.getAttributeByName( new QName( JBossSAMLConstants.ISSUE_INSTANT.get() ));
+ if( issueInstantAttribute != null )
+ {
+ assertion.setIssueInstant( XMLTimeUtil.parse( StaxParserUtil.getAttributeValue(issueInstantAttribute )));
+ }
+
+ return assertion;
+ }
+
/**
- * We really don't care about the ds:signature stuff for building the object model
+ * Parse the AuthnStatement inside the assertion
* @param xmlEventReader
+ * @return
* @throws ParsingException
*/
- private void bypassXMLSignatureBlock( XMLEventReader xmlEventReader ) throws ParsingException
+ private AuthnStatementType parseAuthnStatement( XMLEventReader xmlEventReader ) throws ParsingException
{
- StaxParserUtil.bypassElementBlock(xmlEventReader, JBossSAMLConstants.SIGNATURE.get() );
+ AuthnStatementType authnStatementType = new AuthnStatementType();
+
+ StartElement startElement = StaxParserUtil.getNextStartElement(xmlEventReader);
+ String AUTHNSTATEMENT = JBossSAMLConstants.AUTHN_STATEMENT.get();
+ StaxParserUtil.matches( startElement, AUTHNSTATEMENT );
+
+ Attribute authnInstant = startElement.getAttributeByName( new QName( "AuthnInstant" ));
+ authnStatementType.setAuthnInstant( XMLTimeUtil.parse( StaxParserUtil.getAttributeValue( authnInstant )));
+
+ //Get the next start element
+ startElement = StaxParserUtil.peekNextStartElement( xmlEventReader );
+ String tag = startElement.getName().getLocalPart();
+ if( JBossSAMLConstants.AUTHN_CONTEXT.get().equals( tag ) )
+ {
+ authnStatementType.setAuthnContext( parseAuthnContextType( xmlEventReader ) );
+ }
+ else throw new RuntimeException( "Unknown tag:" + tag );
+
+ EndElement endElement = StaxParserUtil.getNextEndElement(xmlEventReader);
+ StaxParserUtil.validate(endElement, AUTHNSTATEMENT );
+
+ return authnStatementType;
}
+
+ /**
+ * Parse the AuthnContext Type inside the AuthnStatement
+ * @param xmlEventReader
+ * @return
+ * @throws ParsingException
+ */
+ private AuthnContextType parseAuthnContextType( XMLEventReader xmlEventReader ) throws ParsingException
+ {
+ AuthnContextType authnContextType = new AuthnContextType();
+
+ StartElement startElement = StaxParserUtil.getNextStartElement(xmlEventReader);
+ StaxParserUtil.matches( startElement, JBossSAMLConstants.AUTHN_CONTEXT.get() );
+
+ //Get the next start element
+ startElement = StaxParserUtil.getNextStartElement(xmlEventReader);
+ String tag = startElement.getName().getLocalPart();
+
+ if( JBossSAMLConstants.AUTHN_CONTEXT_DECLARATION_REF.get().equals( tag ))
+ {
+ String text = StaxParserUtil.getElementText( xmlEventReader );
+
+ JAXBElement<?> acDeclRef = SAMLAssertionFactory.getObjectFactory().createAuthnContextDeclRef( text );
+ authnContextType.getContent().add(acDeclRef);
+ EndElement endElement = StaxParserUtil.getNextEndElement(xmlEventReader);
+ StaxParserUtil.validate(endElement, JBossSAMLConstants.AUTHN_CONTEXT.get() );
+ }
+ else
+ throw new RuntimeException( "Unknown Tag:" + tag );
+
+ return authnContextType;
+ }
}
\ No newline at end of file
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLAuthNRequestParser.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLAuthNRequestParser.java 2010-11-02 20:02:41 UTC (rev 514)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLAuthNRequestParser.java 2010-11-02 22:23:16 UTC (rev 515)
@@ -26,7 +26,6 @@
import javax.xml.stream.events.Attribute;
import javax.xml.stream.events.StartElement;
-import org.picketlink.identity.federation.core.exceptions.ConfigurationException;
import org.picketlink.identity.federation.core.exceptions.ParsingException;
import org.picketlink.identity.federation.core.parsers.ParserNamespaceSupport;
import org.picketlink.identity.federation.core.parsers.util.StaxParserUtil;
@@ -53,15 +52,7 @@
StartElement startElement = StaxParserUtil.getNextStartElement(xmlEventReader);
StaxParserUtil.validate(startElement, JBossSAMLConstants.AUTHN_REQUEST.get() );
- AuthnRequestType authnRequest = null;
- try
- {
- authnRequest = parseBaseAttributes( startElement );
- }
- catch (ConfigurationException e)
- {
- throw new ParsingException( e );
- }
+ AuthnRequestType authnRequest = parseBaseAttributes( startElement );
while( xmlEventReader.hasNext() )
{
@@ -103,10 +94,10 @@
/**
* Parse the attributes at the authnrequesttype element
* @param startElement
- * @return
- * @throws ConfigurationException
+ * @return
+ * @throws ParsingException
*/
- private AuthnRequestType parseBaseAttributes( StartElement startElement ) throws ConfigurationException
+ private AuthnRequestType parseBaseAttributes( StartElement startElement ) throws ParsingException
{
AuthnRequestType authnRequest = new AuthnRequestType();
//Let us get the attributes
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLParser.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLParser.java 2010-11-02 20:02:41 UTC (rev 514)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLParser.java 2010-11-02 22:23:16 UTC (rev 515)
@@ -52,6 +52,8 @@
if( xmlEvent instanceof StartElement )
{
StartElement startElement = (StartElement) xmlEvent;
+ QName startElementName = startElement.getName();
+ String nsURI = startElementName.getNamespaceURI();
String elementName = StaxParserUtil.getStartElementName( startElement );
if( elementName.equalsIgnoreCase( JBossSAMLConstants.ASSERTION.get() ))
@@ -59,11 +61,18 @@
SAMLAssertionParser assertionParser = new SAMLAssertionParser();
return assertionParser.parse( xmlEventReader );
}
- else if( JBossSAMLURIConstants.PROTOCOL_NSURI.get().equals( startElement.getName().getNamespaceURI() ) )
+ else if( JBossSAMLURIConstants.PROTOCOL_NSURI.get().equals( nsURI ) &&
+ JBossSAMLConstants.AUTHN_REQUEST.get().equals( startElementName.getLocalPart() ))
{
SAMLAuthNRequestParser authNRequestParser = new SAMLAuthNRequestParser();
return authNRequestParser.parse( xmlEventReader );
}
+ else if( JBossSAMLURIConstants.PROTOCOL_NSURI.get().equals( nsURI ) &&
+ JBossSAMLConstants.RESPONSE.get().equals( startElementName.getLocalPart() ))
+ {
+ SAMLResponseParser responseParser = new SAMLResponseParser();
+ return responseParser.parse( xmlEventReader );
+ }
else
throw new RuntimeException( "Unknown Tag:" + elementName );
}
Added: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLResponseParser.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLResponseParser.java (rev 0)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLResponseParser.java 2010-11-02 22:23:16 UTC (rev 515)
@@ -0,0 +1,188 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2008, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.picketlink.identity.federation.core.parsers.saml;
+
+import javax.xml.namespace.QName;
+import javax.xml.stream.XMLEventReader;
+import javax.xml.stream.events.Attribute;
+import javax.xml.stream.events.EndElement;
+import javax.xml.stream.events.StartElement;
+import javax.xml.stream.events.XMLEvent;
+
+import org.picketlink.identity.federation.core.exceptions.ConfigurationException;
+import org.picketlink.identity.federation.core.exceptions.ParsingException;
+import org.picketlink.identity.federation.core.parsers.ParserNamespaceSupport;
+import org.picketlink.identity.federation.core.parsers.util.StaxParserUtil;
+import org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLConstants;
+import org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLURIConstants;
+import org.picketlink.identity.federation.core.saml.v2.util.XMLTimeUtil;
+import org.picketlink.identity.federation.saml.v2.assertion.NameIDType;
+import org.picketlink.identity.federation.saml.v2.protocol.ResponseType;
+import org.picketlink.identity.federation.saml.v2.protocol.StatusCodeType;
+import org.picketlink.identity.federation.saml.v2.protocol.StatusType;
+
+/**
+ * Parse the SAML Response
+ * @author Anil.Saldhana(a)redhat.com
+ * @since Nov 2, 2010
+ */
+public class SAMLResponseParser implements ParserNamespaceSupport
+{
+ private String RESPONSE = JBossSAMLConstants.RESPONSE.get();
+ /**
+ * @see {@link ParserNamespaceSupport#parse(XMLEventReader)}
+ */
+ public Object parse(XMLEventReader xmlEventReader) throws ParsingException
+ {
+ //Get the startelement
+ StartElement startElement = StaxParserUtil.getNextStartElement(xmlEventReader);
+ StaxParserUtil.validate(startElement, RESPONSE );
+
+ ResponseType response = parseBaseAttributes(startElement);
+
+ while( xmlEventReader.hasNext() )
+ {
+ //Let us peek at the next start element
+ startElement = StaxParserUtil.peekNextStartElement( xmlEventReader );
+ if( startElement == null )
+ break;
+ String elementName = StaxParserUtil.getStartElementName( startElement );
+
+ if( JBossSAMLConstants.ISSUER.get().equals( elementName ))
+ {
+ startElement = StaxParserUtil.getNextStartElement( xmlEventReader );
+ NameIDType issuer = new NameIDType();
+ issuer.setValue( StaxParserUtil.getElementText( xmlEventReader ));
+ response.setIssuer( issuer );
+ }
+ else if( JBossSAMLConstants.SIGNATURE.get().equals( elementName ))
+ {
+ startElement = StaxParserUtil.getNextStartElement( xmlEventReader );
+ StaxParserUtil.bypassElementBlock(xmlEventReader, JBossSAMLConstants.SIGNATURE.get() );
+ }
+ else if( JBossSAMLConstants.ASSERTION.get().equals( elementName ))
+ {
+ SAMLAssertionParser assertionParser = new SAMLAssertionParser();
+ response.getAssertionOrEncryptedAssertion().add( assertionParser.parse(xmlEventReader));
+ }
+ else if( JBossSAMLConstants.STATUS.get().equals( elementName ))
+ {
+ response.setStatus( parseStatus(xmlEventReader) );
+ }
+ }
+
+ return response;
+ }
+
+ /**
+ * @see {@link ParserNamespaceSupport#supports(QName)}
+ */
+ public boolean supports(QName qname)
+ {
+ return JBossSAMLURIConstants.PROTOCOL_NSURI.get().equals( qname.getNamespaceURI() )
+ && RESPONSE.equals( qname.getLocalPart() );
+ }
+
+ /**
+ * Parse the attributes at the response element
+ * @param startElement
+ * @return
+ * @throws ConfigurationException
+ */
+ private ResponseType parseBaseAttributes( StartElement startElement ) throws ParsingException
+ {
+ ResponseType response = new ResponseType();
+ //Let us get the attributes
+ Attribute idAttr = startElement.getAttributeByName( new QName( "ID" ));
+ if( idAttr == null )
+ throw new RuntimeException( "ID attribute is missing" );
+ response.setID( StaxParserUtil.getAttributeValue( idAttr ));
+
+ Attribute inResponseTo = startElement.getAttributeByName( new QName( "InResponseTo" ));
+ if( inResponseTo != null )
+ response.setInResponseTo( StaxParserUtil.getAttributeValue( inResponseTo ));
+
+ Attribute destination = startElement.getAttributeByName( new QName( "Destination" ));
+ if( destination != null )
+ response.setDestination( StaxParserUtil.getAttributeValue( destination ));
+
+ Attribute issueInstant = startElement.getAttributeByName( new QName( "IssueInstant" ));
+ if( issueInstant != null )
+ {
+ response.setIssueInstant( XMLTimeUtil.parse( StaxParserUtil.getAttributeValue( issueInstant )));
+ }
+
+ Attribute version = startElement.getAttributeByName( new QName( "Version" ));
+ if( version != null )
+ response.setVersion( StaxParserUtil.getAttributeValue( version ));
+ return response;
+ }
+
+ /**
+ * Parse the status element
+ * @param xmlEventReader
+ * @return
+ * @throws ParsingException
+ */
+ private StatusType parseStatus( XMLEventReader xmlEventReader ) throws ParsingException
+ {
+ //Get the Start Element
+ StartElement startElement = StaxParserUtil.getNextStartElement(xmlEventReader);
+ String STATUS = JBossSAMLConstants.STATUS.get();
+ StaxParserUtil.validate(startElement, STATUS );
+
+ StatusType status = new StatusType();
+
+ while( xmlEventReader.hasNext() )
+ {
+ startElement = StaxParserUtil.peekNextStartElement(xmlEventReader);
+ QName startElementName = startElement.getName();
+ String elementTag = startElementName.getLocalPart();
+
+ StatusCodeType statusCode = new StatusCodeType();
+
+ if( JBossSAMLConstants.STATUS_CODE.get().equals( elementTag ))
+ {
+ startElement = StaxParserUtil.getNextStartElement(xmlEventReader);
+ Attribute valueAttr = startElement.getAttributeByName( new QName( "Value" ));
+ if( valueAttr != null )
+ {
+ statusCode.setValue( StaxParserUtil.getAttributeValue( valueAttr ));
+ }
+ //Get the next end element
+ StaxParserUtil.getNextEndElement(xmlEventReader);
+ }
+
+ status.setStatusCode( statusCode );
+
+ //Get the next end element
+ XMLEvent xmlEvent = StaxParserUtil.peek(xmlEventReader);
+ if( xmlEvent instanceof EndElement )
+ {
+ EndElement endElement = StaxParserUtil.getNextEndElement(xmlEventReader);
+ if( StaxParserUtil.matches(endElement, STATUS ))
+ break;
+ }
+ }
+ return status;
+ }
+}
\ No newline at end of file
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/constants/JBossSAMLConstants.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/constants/JBossSAMLConstants.java 2010-11-02 20:02:41 UTC (rev 514)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/constants/JBossSAMLConstants.java 2010-11-02 22:23:16 UTC (rev 515)
@@ -31,7 +31,10 @@
ASSERTION( "Assertion" ),
AUDIENCE( "Audience" ),
AUDIENCE_RESTRICTION( "AudienceRestriction" ),
+ AUTHN_CONTEXT( "AuthnContext" ),
+ AUTHN_CONTEXT_DECLARATION_REF( "AuthnContextDeclRef" ),
AUTHN_REQUEST( "AuthnRequest" ),
+ AUTHN_STATEMENT( "AuthnStatement" ),
CONDITIONS( "Conditions" ),
ID( "ID" ),
ISSUE_INSTANT( "IssueInstant" ),
@@ -44,9 +47,12 @@
NAME_QUALIFIER( "NameQualifier" ),
NOT_BEFORE( "NotBefore" ),
NOT_ON_OR_AFTER( "NotOnOrAfter" ),
+ RESPONSE( "Response" ),
SIGNATURE( "Signature" ),
SIGNATURE_SHA1_WITH_DSA("http://www.w3.org/2000/09/xmldsig#dsa-sha1"),
SIGNATURE_SHA1_WITH_RSA("http://www.w3.org/2000/09/xmldsig#rsa-sha1"),
+ STATUS( "Status" ),
+ STATUS_CODE( "StatusCode" ),
SUBJECT( "Subject" ),
SUBJECT_CONFIRMATION( "SubjectConfirmation" ),
VERSION( "Version" ),
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/util/XMLTimeUtil.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/util/XMLTimeUtil.java 2010-11-02 20:02:41 UTC (rev 514)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/util/XMLTimeUtil.java 2010-11-02 22:23:16 UTC (rev 515)
@@ -31,6 +31,7 @@
import javax.xml.datatype.XMLGregorianCalendar;
import org.picketlink.identity.federation.core.exceptions.ConfigurationException;
+import org.picketlink.identity.federation.core.exceptions.ParsingException;
/**
* Util class dealing with xml based time
@@ -154,9 +155,9 @@
* Given a string representing xml time, parse into {@code XMLGregorianCalendar}
* @param timeString
* @return
- * @throws ConfigurationException
+ * @throws ParsingException
*/
- public static XMLGregorianCalendar parse( String timeString ) throws ConfigurationException
+ public static XMLGregorianCalendar parse( String timeString ) throws ParsingException
{
DatatypeFactory factory = null;
try
@@ -165,7 +166,7 @@
}
catch (DatatypeConfigurationException e)
{
- throw new ConfigurationException( e );
+ throw new ParsingException( e );
}
return factory.newXMLGregorianCalendar( timeString );
}
Added: federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/saml/SAMLResponseParserTestCase.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/saml/SAMLResponseParserTestCase.java (rev 0)
+++ federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/saml/SAMLResponseParserTestCase.java 2010-11-02 22:23:16 UTC (rev 515)
@@ -0,0 +1,93 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2008, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.picketlink.test.identity.federation.core.parser.saml;
+
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertNotNull;
+
+import java.io.InputStream;
+import java.util.List;
+
+import javax.xml.bind.JAXBElement;
+
+import org.junit.Test;
+import org.picketlink.identity.federation.core.parsers.saml.SAMLParser;
+import org.picketlink.identity.federation.core.saml.v2.util.XMLTimeUtil;
+import org.picketlink.identity.federation.saml.v2.assertion.AssertionType;
+import org.picketlink.identity.federation.saml.v2.assertion.AuthnStatementType;
+import org.picketlink.identity.federation.saml.v2.protocol.ResponseType;
+import org.picketlink.identity.federation.saml.v2.protocol.StatusType;
+
+/**
+ * Validate the parsing of SAML2 Response
+ * @author Anil.Saldhana(a)redhat.com
+ * @since Nov 2, 2010
+ */
+public class SAMLResponseParserTestCase
+{
+ @Test
+ public void testSAMLResponseParse() throws Exception
+ {
+ ClassLoader tcl = Thread.currentThread().getContextClassLoader();
+ InputStream configStream = tcl.getResourceAsStream( "parser/saml2/saml2-response.xml" );
+
+ SAMLParser parser = new SAMLParser();
+ ResponseType response = ( ResponseType ) parser.parse(configStream);
+ assertNotNull( "ResponseType is not null", response );
+
+ assertEquals( XMLTimeUtil.parse( "2009-05-26T14:06:26.362-05:00" ), response.getIssueInstant() );
+ assertEquals( "2.0", response.getVersion() );
+ assertEquals( "ID_1164e0fc-576d-4797-b11c-3d049520f566", response.getID() );
+
+ //Issuer
+ assertEquals( "testIssuer", response.getIssuer().getValue() );
+
+ //Status
+ StatusType status = response.getStatus();
+ assertEquals( "urn:oasis:names:tc:SAML:2.0:status:Success", status.getStatusCode().getValue() );
+
+ List<Object> assertionList = response.getAssertionOrEncryptedAssertion();
+ assertEquals( 2, assertionList.size() );
+
+ AssertionType assertion1 = (AssertionType) assertionList.get( 0 );
+ assertEquals( "ID_0be488d8-7089-4892-8aeb-83594c800706", assertion1.getID() );
+ assertEquals( XMLTimeUtil.parse( "2009-05-26T14:06:26.362-05:00" ), assertion1.getIssueInstant() );
+ assertEquals( "2.0", assertion1.getVersion() );
+ assertEquals( "testIssuer", assertion1.getIssuer().getValue() );
+ AuthnStatementType authnStatement = (AuthnStatementType) assertion1.getStatementOrAuthnStatementOrAuthzDecisionStatement().get( 0 );
+ assertEquals( XMLTimeUtil.parse( "2009-05-26T14:06:26.359-05:00" ), authnStatement.getAuthnInstant() );
+ JAXBElement<?> authnContextDeclRefJaxb = (JAXBElement<?>) authnStatement.getAuthnContext().getContent().get(0);
+ assertEquals( "urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport", authnContextDeclRefJaxb.getValue() );
+
+
+ AssertionType assertion2 = (AssertionType) assertionList.get( 1 );
+ assertEquals( "ID_976d8310-658a-450d-be39-f33c73c8afa6", assertion2.getID() );
+ assertEquals( XMLTimeUtil.parse( "2009-05-26T14:06:26.363-05:00" ), assertion2.getIssueInstant() );
+ assertEquals( "2.0", assertion2.getVersion() );
+ assertEquals( "testIssuer", assertion2.getIssuer().getValue() );
+
+ authnStatement = (AuthnStatementType) assertion2.getStatementOrAuthnStatementOrAuthzDecisionStatement().get( 0 );
+ assertEquals( XMLTimeUtil.parse( "2009-05-26T14:06:26.359-05:00" ), authnStatement.getAuthnInstant() );
+ authnContextDeclRefJaxb = (JAXBElement<?>) authnStatement.getAuthnContext().getContent().get(0);
+ assertEquals( "urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport", authnContextDeclRefJaxb.getValue() );
+ }
+}
\ No newline at end of file
Added: federation/trunk/picketlink-fed-core/src/test/resources/parser/saml2/saml2-response.xml
===================================================================
--- federation/trunk/picketlink-fed-core/src/test/resources/parser/saml2/saml2-response.xml (rev 0)
+++ federation/trunk/picketlink-fed-core/src/test/resources/parser/saml2/saml2-response.xml 2010-11-02 22:23:16 UTC (rev 515)
@@ -0,0 +1,32 @@
+<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
+<ns3:Response xmlns="urn:oasis:names:tc:SAML:2.0:assertion"
+ xmlns:ns2="http://www.w3.org/2000/09/xmldsig#" xmlns:ns3="urn:oasis:names:tc:SAML:2.0:protocol"
+ xmlns:ns4="http://www.w3.org/2001/04/xmlenc#" IssueInstant="2009-05-26T14:06:26.362-05:00"
+ Version="2.0" ID="ID_1164e0fc-576d-4797-b11c-3d049520f566">
+ <Issuer>testIssuer</Issuer>
+ <ns3:Status>
+ <ns3:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success" />
+ </ns3:Status>
+ <Assertion IssueInstant="2009-05-26T14:06:26.362-05:00"
+ ID="ID_0be488d8-7089-4892-8aeb-83594c800706" Version="2.0">
+ <Issuer>testIssuer</Issuer>
+ <AuthnStatement AuthnInstant="2009-05-26T14:06:26.359-05:00">
+ <AuthnContext>
+ <AuthnContextDeclRef>
+ urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport
+ </AuthnContextDeclRef>
+ </AuthnContext>
+ </AuthnStatement>
+ </Assertion>
+ <Assertion IssueInstant="2009-05-26T14:06:26.363-05:00"
+ ID="ID_976d8310-658a-450d-be39-f33c73c8afa6" Version="2.0">
+ <Issuer>testIssuer</Issuer>
+ <AuthnStatement AuthnInstant="2009-05-26T14:06:26.359-05:00">
+ <AuthnContext>
+ <AuthnContextDeclRef>
+ urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport
+ </AuthnContextDeclRef>
+ </AuthnContext>
+ </AuthnStatement>
+ </Assertion>
+</ns3:Response>
\ No newline at end of file
14 years, 1 month
- 1
- 0
Picketlink SVN: r514 - in federation/trunk/picketlink-fed-core/src: test/java/org/picketlink/test/identity/federation/core/parser/saml and 1 other directories.
by picketlink-commits@lists.jboss.org
Author: anil.saldhana(a)jboss.com
Date: 2010-11-02 16:02:41 -0400 (Tue, 02 Nov 2010)
New Revision: 514
Added:
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLAuthNRequestParser.java
federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/saml/SAMLAuthnRequestParserTestCase.java
federation/trunk/picketlink-fed-core/src/test/resources/parser/saml2/saml2-authnrequest.xml
Modified:
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLAssertionParser.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLParser.java
Log:
PLFED-109: PLFED-110:
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLAssertionParser.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLAssertionParser.java 2010-11-02 20:01:49 UTC (rev 513)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLAssertionParser.java 2010-11-02 20:02:41 UTC (rev 514)
@@ -171,14 +171,6 @@
*/
private void bypassXMLSignatureBlock( XMLEventReader xmlEventReader ) throws ParsingException
{
- while ( xmlEventReader.hasNext() )
- {
- EndElement endElement = StaxParserUtil.getNextEndElement( xmlEventReader );
- if( endElement == null )
- return;
-
- if( StaxParserUtil.matches( endElement , JBossSAMLConstants.SIGNATURE.get() ) )
- return;
- }
+ StaxParserUtil.bypassElementBlock(xmlEventReader, JBossSAMLConstants.SIGNATURE.get() );
}
}
\ No newline at end of file
Added: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLAuthNRequestParser.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLAuthNRequestParser.java (rev 0)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLAuthNRequestParser.java 2010-11-02 20:02:41 UTC (rev 514)
@@ -0,0 +1,164 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2008, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.picketlink.identity.federation.core.parsers.saml;
+
+import javax.xml.namespace.QName;
+import javax.xml.stream.XMLEventReader;
+import javax.xml.stream.events.Attribute;
+import javax.xml.stream.events.StartElement;
+
+import org.picketlink.identity.federation.core.exceptions.ConfigurationException;
+import org.picketlink.identity.federation.core.exceptions.ParsingException;
+import org.picketlink.identity.federation.core.parsers.ParserNamespaceSupport;
+import org.picketlink.identity.federation.core.parsers.util.StaxParserUtil;
+import org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLConstants;
+import org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLURIConstants;
+import org.picketlink.identity.federation.core.saml.v2.util.XMLTimeUtil;
+import org.picketlink.identity.federation.saml.v2.assertion.NameIDType;
+import org.picketlink.identity.federation.saml.v2.protocol.AuthnRequestType;
+import org.picketlink.identity.federation.saml.v2.protocol.NameIDPolicyType;
+
+/**
+ * Parse the SAML2 AuthnRequest
+ * @author Anil.Saldhana(a)redhat.com
+ * @since Nov 2, 2010
+ */
+public class SAMLAuthNRequestParser implements ParserNamespaceSupport
+{
+ /**
+ * @see {@link ParserNamespaceSupport#parse(XMLEventReader)}
+ */
+ public Object parse(XMLEventReader xmlEventReader) throws ParsingException
+ {
+ //Get the startelement
+ StartElement startElement = StaxParserUtil.getNextStartElement(xmlEventReader);
+ StaxParserUtil.validate(startElement, JBossSAMLConstants.AUTHN_REQUEST.get() );
+
+ AuthnRequestType authnRequest = null;
+ try
+ {
+ authnRequest = parseBaseAttributes( startElement );
+ }
+ catch (ConfigurationException e)
+ {
+ throw new ParsingException( e );
+ }
+
+ while( xmlEventReader.hasNext() )
+ {
+ //Let us peek at the next start element
+ startElement = StaxParserUtil.peekNextStartElement( xmlEventReader );
+ if( startElement == null )
+ break;
+ String elementName = StaxParserUtil.getStartElementName( startElement );
+
+ if( JBossSAMLConstants.ISSUER.get().equals( elementName ))
+ {
+ startElement = StaxParserUtil.getNextStartElement( xmlEventReader );
+ NameIDType issuer = new NameIDType();
+ issuer.setValue( StaxParserUtil.getElementText( xmlEventReader ));
+ authnRequest.setIssuer( issuer );
+ }
+ else if( JBossSAMLConstants.SIGNATURE.get().equals( elementName ))
+ {
+ startElement = StaxParserUtil.getNextStartElement( xmlEventReader );
+ StaxParserUtil.bypassElementBlock(xmlEventReader, JBossSAMLConstants.SIGNATURE.get() );
+ }
+ else if( JBossSAMLConstants.NAMEID_POLICY.get().equals( elementName ))
+ {
+ startElement = StaxParserUtil.getNextStartElement( xmlEventReader );
+ authnRequest.setNameIDPolicy( getNameIDPolicy( startElement ));
+ }
+ }
+ return authnRequest;
+ }
+
+ /**
+ * @see {@link ParserNamespaceSupport#supports(QName)}
+ */
+ public boolean supports(QName qname)
+ {
+ return JBossSAMLURIConstants.PROTOCOL_NSURI.get().equals( qname.getNamespaceURI() ) ;
+ }
+
+ /**
+ * Parse the attributes at the authnrequesttype element
+ * @param startElement
+ * @return
+ * @throws ConfigurationException
+ */
+ private AuthnRequestType parseBaseAttributes( StartElement startElement ) throws ConfigurationException
+ {
+ AuthnRequestType authnRequest = new AuthnRequestType();
+ //Let us get the attributes
+ Attribute idAttr = startElement.getAttributeByName( new QName( "ID" ));
+ if( idAttr == null )
+ throw new RuntimeException( "ID attribute is missing" );
+ authnRequest.setID( StaxParserUtil.getAttributeValue( idAttr ));
+
+ Attribute assertionConsumerServiceURL = startElement.getAttributeByName( new QName( "AssertionConsumerServiceURL" ));
+ if( assertionConsumerServiceURL != null )
+ authnRequest.setAssertionConsumerServiceURL( StaxParserUtil.getAttributeValue( assertionConsumerServiceURL ));
+
+ Attribute destination = startElement.getAttributeByName( new QName( "Destination" ));
+ if( destination != null )
+ authnRequest.setDestination( StaxParserUtil.getAttributeValue( destination ));
+
+ Attribute issueInstant = startElement.getAttributeByName( new QName( "IssueInstant" ));
+ if( issueInstant != null )
+ {
+ authnRequest.setIssueInstant( XMLTimeUtil.parse( StaxParserUtil.getAttributeValue( issueInstant )));
+ }
+
+ Attribute protocolBinding = startElement.getAttributeByName( new QName( "ProtocolBinding" ));
+ if( protocolBinding != null )
+ authnRequest.setProtocolBinding( StaxParserUtil.getAttributeValue( protocolBinding ));
+
+ Attribute providerName = startElement.getAttributeByName( new QName( "ProviderName" ));
+ if( providerName != null )
+ authnRequest.setProviderName( StaxParserUtil.getAttributeValue( providerName ));
+
+ Attribute version = startElement.getAttributeByName( new QName( "Version" ));
+ if( version != null )
+ authnRequest.setVersion( StaxParserUtil.getAttributeValue( version ));
+ return authnRequest;
+ }
+
+ /**
+ * Get the NameIDPolicy
+ * @param startElement
+ * @return
+ */
+ private NameIDPolicyType getNameIDPolicy(StartElement startElement)
+ {
+ NameIDPolicyType nameIDPolicy = new NameIDPolicyType();
+ Attribute format = startElement.getAttributeByName( new QName( "Format" ));
+ if( format != null )
+ nameIDPolicy.setFormat( StaxParserUtil.getAttributeValue( format ));
+
+ Attribute allowCreate = startElement.getAttributeByName( new QName( "AllowCreate" ));
+ if( allowCreate != null )
+ nameIDPolicy.setAllowCreate( Boolean.parseBoolean( StaxParserUtil.getAttributeValue( allowCreate )));
+
+ return nameIDPolicy;
+ }
+}
\ No newline at end of file
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLParser.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLParser.java 2010-11-02 20:01:49 UTC (rev 513)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLParser.java 2010-11-02 20:02:41 UTC (rev 514)
@@ -58,7 +58,14 @@
{
SAMLAssertionParser assertionParser = new SAMLAssertionParser();
return assertionParser.parse( xmlEventReader );
- }
+ }
+ else if( JBossSAMLURIConstants.PROTOCOL_NSURI.get().equals( startElement.getName().getNamespaceURI() ) )
+ {
+ SAMLAuthNRequestParser authNRequestParser = new SAMLAuthNRequestParser();
+ return authNRequestParser.parse( xmlEventReader );
+ }
+ else
+ throw new RuntimeException( "Unknown Tag:" + elementName );
}
else
{
Added: federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/saml/SAMLAuthnRequestParserTestCase.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/saml/SAMLAuthnRequestParserTestCase.java (rev 0)
+++ federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/saml/SAMLAuthnRequestParserTestCase.java 2010-11-02 20:02:41 UTC (rev 514)
@@ -0,0 +1,68 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2008, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.picketlink.test.identity.federation.core.parser.saml;
+
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertNotNull;
+
+import java.io.InputStream;
+
+import org.junit.Test;
+import org.picketlink.identity.federation.core.parsers.saml.SAMLParser;
+import org.picketlink.identity.federation.core.saml.v2.util.XMLTimeUtil;
+import org.picketlink.identity.federation.saml.v2.protocol.AuthnRequestType;
+import org.picketlink.identity.federation.saml.v2.protocol.NameIDPolicyType;
+
+/**
+ * Validate the SAML2 AuthnRequest parse
+ * @author Anil.Saldhana(a)redhat.com
+ * @since Nov 2, 2010
+ */
+public class SAMLAuthnRequestParserTestCase
+{
+ @Test
+ public void testSAMLAuthnRequestParse() throws Exception
+ {
+ ClassLoader tcl = Thread.currentThread().getContextClassLoader();
+ InputStream configStream = tcl.getResourceAsStream( "parser/saml2/saml2-authnrequest.xml" );
+
+ SAMLParser parser = new SAMLParser();
+ AuthnRequestType authnRequest = ( AuthnRequestType ) parser.parse(configStream);
+ assertNotNull( "AuthnRequestType is not null", authnRequest );
+
+ assertEquals( "http://localhost/org.eclipse.higgins.saml2idp.test/SAMLEndpoint", authnRequest.getAssertionConsumerServiceURL() );
+ assertEquals( "http://localhost/org.eclipse.higgins.saml2idp.server/SAMLEndpoint", authnRequest.getDestination() );
+ assertEquals( "a2sffdlgdhgfg32fdldsdghdsgdgfdglgx", authnRequest.getID() );
+ assertEquals( XMLTimeUtil.parse( "2007-12-17T18:40:52.203Z" ), authnRequest.getIssueInstant() );
+ assertEquals( "urn:oasis:names.tc:SAML:2.0:bindings:HTTP-Redirect", authnRequest.getProtocolBinding() );
+ assertEquals( "Test SAML2 SP", authnRequest.getProviderName() );
+ assertEquals( "2.0", authnRequest.getVersion() );
+
+ //Issuer
+ assertEquals( "Test SAML2 SP", authnRequest.getIssuer().getValue() );
+
+ //NameID Policy
+ NameIDPolicyType nameIDPolicy = authnRequest.getNameIDPolicy();
+ assertEquals( "urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified", nameIDPolicy.getFormat() );
+ assertEquals( Boolean.TRUE , nameIDPolicy.isAllowCreate() );
+ }
+}
\ No newline at end of file
Added: federation/trunk/picketlink-fed-core/src/test/resources/parser/saml2/saml2-authnrequest.xml
===================================================================
--- federation/trunk/picketlink-fed-core/src/test/resources/parser/saml2/saml2-authnrequest.xml (rev 0)
+++ federation/trunk/picketlink-fed-core/src/test/resources/parser/saml2/saml2-authnrequest.xml 2010-11-02 20:02:41 UTC (rev 514)
@@ -0,0 +1,68 @@
+<!-- Picked up from http://wiki.eclipse.org/SAML2_IdP_Overview -->
+<samlp:AuthnRequest
+ AssertionConsumerServiceURL="http://localhost/org.eclipse.higgins.saml2idp.test/SAMLEndpoint"
+ Destination="http://localhost/org.eclipse.higgins.saml2idp.server/SAMLEndpoint"
+ ID="a2sffdlgdhgfg32fdldsdghdsgdgfdglgx"
+ IssueInstant="2007-12-17T18:40:52.203Z"
+ ProtocolBinding="urn:oasis:names.tc:SAML:2.0:bindings:HTTP-Redirect"
+ ProviderName="Test SAML2 SP" Version="2.0"
+ xmlns="urn:oasis:names:tc:SAML:2.0:assertion"
+ xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol"
+ xmlns:xenc="http://www.w3.org/2001/04/xmlenc#">
+
+ <Issuer>Test SAML2 SP</Issuer>
+
+ <Signature xmlns="http://www.w3.org/2000/09/xmldsig#">
+ <SignedInfo>
+ <CanonicalizationMethod
+ Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments" />
+ <SignatureMethod
+ Algorithm="http://www.w3.org/2000/09/xmldsig#dsa-sha1" />
+ <Reference URI="#ccocfkmlnocbajegpiheahonbcambbapiibggije">
+ <Transforms>
+ <Transform
+ Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature" />
+ </Transforms>
+ <DigestMethod
+ Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
+ <DigestValue>N1Aze93QqDxax3cmBgPmKFNdM8U=</DigestValue>
+ </Reference>
+ </SignedInfo>
+ <SignatureValue>
+ KjfZwX9RkNrr3Epo/yRfDiFhqBeJCO5lFe/Ni/leBvBH8FRCT3p+2w==
+ </SignatureValue>
+ <KeyInfo>
+ <KeyValue>
+ <DSAKeyValue>
+ <P>
+ vzIPsacspz2XUcXP0hmWx2u56y9t/nTZRKGyFcVi1K/bao0C+0KjvXKkAPNhBb9TzYsCZbtZNH3a
+ OSVvsw1XVYHCeneHAircY/oJ0BqfBBg4gQe1H/CPXwixI+zjBSF5pMOBq4etcsH+SD/JYj1NsRwn
+ /2yQccUjUKeapbHn8TVNwVRYwg5QZL9AQ4b/pGoqO+df3kIqUL7lVyW+l6XprtVQU9jen47c4KQ1
+ sodHHPwgoXmT27hLAedC0cu4UUYFjwgbEoS1UBUoNajmGFNFeMpEtj1j4cHRoiZIxwYgEqzanp2f
+ Lgq7LlMa07vIuZBk6jyrw77Mza7TqxFNoVO89w==
+ </P>
+ <Q>j/ukaZe37ncVwe4c/+GQex1Kqic=</Q>
+ <G>
+ fu8RMe0ijgLi4Pw/KY57HdIBjmBge4XG1fX8IoT2wxv4QFO+FmijCqCcOiWk3osVyJIjqGJyH4kq
+ RwvSZl6pd8FAdP1HfZDMwBP9ML6NpE5WAe+MP+b3ydoUqI25JqCS2H9DypUIHxqN+NaLTDm67O9m
+ tTSckEMbXiARccwgnEgyNCFFulmm8vh8L6iT+56pesCyykMp6PDDo8AI2U9SR5EzUAQe5Yl39fCp
+ lb7H+tbOBclal00OUXezRGNh5c6JlM5J6YpY/gll2D0nv3VtubVOlc104LIpvFzphF7x5hv5HvI+
+ jUemrFIx0I8C3lv+8Xndwe8YwszLRrxvNe0jPQ==
+ </G>
+ <Y>
+ vM9EhHB8cKakhExdDZ/1pnWFeZOBKgC/c1/OoY1wGh4yAz5zDkkZPg/dXpEOkWuz241WXipcUbym
+ L+lZXcT+bTs8CQdIkw738vopoJfT0r75fKd85lT1pRH/nQ4i82J+vHrqOrfFc5CryxxqCRkZP4DW
+ B5t62LBoIMMsrdsMVKpzCJmUgnnIY8B4maJe2BYVRBBhISGoBnTKSWxObUg30fIfRlVFFxtTeWq8
+ tPS9u+MI3HuFn0MPVL+TgBw24ufSWPEEUiZU0eDdjzF51/yTVqUCHYNJH7gG7kugrQ8LdKes7rfD
+ c9glkilm1iAcSCfNvqsktKcN+BCOaCdsQhT5yw==
+ </Y>
+ </DSAKeyValue>
+ </KeyValue>
+ </KeyInfo>
+ </Signature>
+
+ <samlp:NameIDPolicy Format="urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified"
+ AllowCreate="true"
+ />
+
+</samlp:AuthnRequest>
\ No newline at end of file
14 years, 1 month
- 1
- 0
Picketlink SVN: r513 - federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/constants.
by picketlink-commits@lists.jboss.org
Author: anil.saldhana(a)jboss.com
Date: 2010-11-02 16:01:49 -0400 (Tue, 02 Nov 2010)
New Revision: 513
Modified:
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/constants/JBossSAMLConstants.java
Log:
add constants
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/constants/JBossSAMLConstants.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/constants/JBossSAMLConstants.java 2010-11-02 20:00:47 UTC (rev 512)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/constants/JBossSAMLConstants.java 2010-11-02 20:01:49 UTC (rev 513)
@@ -31,6 +31,7 @@
ASSERTION( "Assertion" ),
AUDIENCE( "Audience" ),
AUDIENCE_RESTRICTION( "AudienceRestriction" ),
+ AUTHN_REQUEST( "AuthnRequest" ),
CONDITIONS( "Conditions" ),
ID( "ID" ),
ISSUE_INSTANT( "IssueInstant" ),
@@ -39,6 +40,7 @@
METADATA_MIME("application/samlmetadata+xml"),
METHOD( "Method" ),
NAMEID( "NameID" ),
+ NAMEID_POLICY( "NameIDPolicy" ),
NAME_QUALIFIER( "NameQualifier" ),
NOT_BEFORE( "NotBefore" ),
NOT_ON_OR_AFTER( "NotOnOrAfter" ),
14 years, 1 month
- 1
- 0
Picketlink SVN: r512 - federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/util.
by picketlink-commits@lists.jboss.org
Author: anil.saldhana(a)jboss.com
Date: 2010-11-02 16:00:47 -0400 (Tue, 02 Nov 2010)
New Revision: 512
Modified:
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/util/XMLTimeUtil.java
Log:
add method to parse XMLGregorianCalendar from time string
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/util/XMLTimeUtil.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/util/XMLTimeUtil.java 2010-11-02 20:00:09 UTC (rev 511)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/util/XMLTimeUtil.java 2010-11-02 20:00:47 UTC (rev 512)
@@ -149,4 +149,24 @@
return false;
return true;
}
+
+ /**
+ * Given a string representing xml time, parse into {@code XMLGregorianCalendar}
+ * @param timeString
+ * @return
+ * @throws ConfigurationException
+ */
+ public static XMLGregorianCalendar parse( String timeString ) throws ConfigurationException
+ {
+ DatatypeFactory factory = null;
+ try
+ {
+ factory = DatatypeFactory.newInstance();
+ }
+ catch (DatatypeConfigurationException e)
+ {
+ throw new ConfigurationException( e );
+ }
+ return factory.newXMLGregorianCalendar( timeString );
+ }
}
\ No newline at end of file
14 years, 1 month
- 1
- 0
Picketlink SVN: r511 - federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/util.
by picketlink-commits@lists.jboss.org
Author: anil.saldhana(a)jboss.com
Date: 2010-11-02 16:00:09 -0400 (Tue, 02 Nov 2010)
New Revision: 511
Modified:
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/util/StaxParserUtil.java
Log:
add method that can bypass an xml element block such as xml dsig
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/util/StaxParserUtil.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/util/StaxParserUtil.java 2010-10-25 16:46:42 UTC (rev 510)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/util/StaxParserUtil.java 2010-11-02 20:00:09 UTC (rev 511)
@@ -25,7 +25,7 @@
import javax.xml.stream.Location;
import javax.xml.stream.XMLEventReader;
-import javax.xml.stream.XMLInputFactory;
+import javax.xml.stream.XMLInputFactory;
import javax.xml.stream.XMLStreamException;
import javax.xml.stream.events.Attribute;
import javax.xml.stream.events.EndElement;
@@ -41,8 +41,27 @@
* @since Feb 8, 2010
*/
public class StaxParserUtil
-{
+{
/**
+ * Bypass an entire XML element block from startElement to endElement
+ * @param xmlEventReader
+ * @param tag Tag of the XML element that we need to bypass
+ * @throws ParsingException
+ */
+ public static void bypassElementBlock( XMLEventReader xmlEventReader, String tag ) throws ParsingException
+ {
+ while ( xmlEventReader.hasNext() )
+ {
+ EndElement endElement = getNextEndElement( xmlEventReader );
+ if( endElement == null )
+ return;
+
+ if( StaxParserUtil.matches( endElement , tag ) )
+ return;
+ }
+ }
+
+ /**
* Given an {@code Attribute}, get its trimmed value
* @param attribute
* @return
14 years, 1 month
- 1
- 0