Picketlink SVN: r1138 - in product/trunk/picketlink-core/src: main/java/org/picketlink/identity/federation/core/saml/v2/writers and 2 other directories.
by picketlink-commits@lists.jboss.org
Author: anil.saldhana(a)jboss.com
Date: 2011-07-28 11:26:45 -0400 (Thu, 28 Jul 2011)
New Revision: 1138
Modified:
product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/core/saml/v1/writers/SAML11AssertionWriter.java
product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/BaseWriter.java
product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/core/util/StaxUtil.java
product/trunk/picketlink-core/src/test/java/org/picketlink/test/identity/federation/api/saml/v2/SAML2ResponseUnitTestCase.java
Log:
merge r1137
Modified: product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/core/saml/v1/writers/SAML11AssertionWriter.java
===================================================================
--- product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/core/saml/v1/writers/SAML11AssertionWriter.java 2011-07-27 22:40:37 UTC (rev 1137)
+++ product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/core/saml/v1/writers/SAML11AssertionWriter.java 2011-07-28 15:26:45 UTC (rev 1138)
@@ -82,7 +82,7 @@
StaxUtil.writeDefaultNameSpace(writer, ns);
// Attributes
-// StaxUtil.writeAttribute(writer, JBossSAMLConstants.ID.get(), assertion.getID());
+ // StaxUtil.writeAttribute(writer, JBossSAMLConstants.ID.get(), assertion.getID());
StaxUtil.writeAttribute(writer, SAML11Constants.ASSERTIONID, assertion.getID());
StaxUtil.writeAttribute(writer, SAML11Constants.MAJOR_VERSION, assertion.getMajorVersion() + "");
StaxUtil.writeAttribute(writer, SAML11Constants.MINOR_VERSION, assertion.getMinorVersion() + "");
@@ -452,7 +452,7 @@
StaxUtil.writeNameSpace(writer, JBossSAMLURIConstants.XSI_PREFIX.get(), JBossSAMLURIConstants.XSI_NSURI.get());
StaxUtil.writeNameSpace(writer, "xs", JBossSAMLURIConstants.XMLSCHEMA_NSURI.get());
- StaxUtil.writeAttribute(writer, JBossSAMLURIConstants.XSI_NSURI.get(), "type", "xs:string");
+ StaxUtil.writeAttribute(writer, "xsi", JBossSAMLURIConstants.XSI_NSURI.get(), "type", "xs:string");
StaxUtil.writeCharacters(writer, attributeValue);
StaxUtil.writeEndElement(writer);
}
Property changes on: product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/core/saml/v1/writers/SAML11AssertionWriter.java
___________________________________________________________________
Added: svn:mergeinfo
+ /federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v1/writers/SAML11AssertionWriter.java:1133-1137
Modified: product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/BaseWriter.java
===================================================================
--- product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/BaseWriter.java 2011-07-27 22:40:37 UTC (rev 1137)
+++ product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/BaseWriter.java 2011-07-28 15:26:45 UTC (rev 1138)
@@ -205,7 +205,7 @@
StaxUtil.writeNameSpace(writer, JBossSAMLURIConstants.XSI_PREFIX.get(), JBossSAMLURIConstants.XSI_NSURI.get());
StaxUtil.writeNameSpace(writer, "xs", JBossSAMLURIConstants.XMLSCHEMA_NSURI.get());
- StaxUtil.writeAttribute(writer, JBossSAMLURIConstants.XSI_NSURI.get(), "type", "xs:string");
+ StaxUtil.writeAttribute(writer, "xsi", JBossSAMLURIConstants.XSI_NSURI.get(), "type", "xs:string");
StaxUtil.writeCharacters(writer, attributeValue);
StaxUtil.writeEndElement(writer);
}
Property changes on: product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/BaseWriter.java
___________________________________________________________________
Added: svn:mergeinfo
+ /federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/BaseWriter.java:1133-1137
Modified: product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/core/util/StaxUtil.java
===================================================================
--- product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/core/util/StaxUtil.java 2011-07-27 22:40:37 UTC (rev 1137)
+++ product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/core/util/StaxUtil.java 2011-07-28 15:26:45 UTC (rev 1138)
@@ -242,6 +242,32 @@
}
/**
+ * Write an xml attribute
+ *
+ * @param writer
+ * @param prefix prefix for the attribute
+ * @param localName
+ * localpart
+ * @param type
+ * typically xsi:type
+ * @param value
+ * value of the attribute
+ * @throws ProcessingException
+ */
+ public static void writeAttribute(XMLStreamWriter writer, String prefix, String localName, String type, String value)
+ throws ProcessingException
+ {
+ try
+ {
+ writer.writeAttribute(prefix, localName, type, value);
+ }
+ catch (XMLStreamException e)
+ {
+ throw new ProcessingException(e);
+ }
+ }
+
+ /**
* Write a string as text node
*
* @param writer
Property changes on: product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/core/util/StaxUtil.java
___________________________________________________________________
Added: svn:mergeinfo
+ /federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/util/StaxUtil.java:1098-1111,1133-1137
Modified: product/trunk/picketlink-core/src/test/java/org/picketlink/test/identity/federation/api/saml/v2/SAML2ResponseUnitTestCase.java
===================================================================
--- product/trunk/picketlink-core/src/test/java/org/picketlink/test/identity/federation/api/saml/v2/SAML2ResponseUnitTestCase.java 2011-07-27 22:40:37 UTC (rev 1137)
+++ product/trunk/picketlink-core/src/test/java/org/picketlink/test/identity/federation/api/saml/v2/SAML2ResponseUnitTestCase.java 2011-07-28 15:26:45 UTC (rev 1138)
@@ -23,6 +23,8 @@
import static org.junit.Assert.assertNotNull;
+import java.io.ByteArrayInputStream;
+import java.io.ByteArrayOutputStream;
import java.io.InputStream;
import java.security.Key;
import java.security.KeyPair;
@@ -42,6 +44,9 @@
import org.picketlink.identity.federation.core.saml.v2.util.AssertionUtil;
import org.picketlink.identity.federation.core.saml.v2.util.DocumentUtil;
import org.picketlink.identity.federation.core.saml.v2.util.StatementUtil;
+import org.picketlink.identity.federation.core.saml.v2.writers.SAMLResponseWriter;
+import org.picketlink.identity.federation.core.util.JAXPValidationUtil;
+import org.picketlink.identity.federation.core.util.StaxUtil;
import org.picketlink.identity.federation.saml.v2.SAML2Object;
import org.picketlink.identity.federation.saml.v2.assertion.AssertionType;
import org.picketlink.identity.federation.saml.v2.assertion.AttributeStatementType;
@@ -124,6 +129,18 @@
assertNotNull(signedDoc);
System.out.println("Signed Response=" + DocumentUtil.asString(signedDoc));
+
+ Document convertedDoc = samlResponse.convert(responseType);
+ assertNotNull(convertedDoc);
+
+ //Now for the writing part
+ ByteArrayOutputStream baos = new ByteArrayOutputStream();
+
+ SAMLResponseWriter samlWriter = new SAMLResponseWriter(StaxUtil.getXMLStreamWriter(baos));
+ samlWriter.write(responseType);
+
+ Document doc = DocumentUtil.getDocument(new ByteArrayInputStream(baos.toByteArray()));
+ JAXPValidationUtil.validate(DocumentUtil.getNodeAsStream(doc));
}
/**
Property changes on: product/trunk/picketlink-core/src/test/java/org/picketlink/test/identity/federation/api/saml/v2/SAML2ResponseUnitTestCase.java
___________________________________________________________________
Modified: svn:mergeinfo
- /federation/trunk/picketlink-fed-api/src/test/java/org/picketlink/test/identity/federation/api/saml/v2/SAML2ResponseUnitTestCase.java:1109-1132
+ /federation/trunk/picketlink-fed-api/src/test/java/org/picketlink/test/identity/federation/api/saml/v2/SAML2ResponseUnitTestCase.java:1109-1137
12 years, 9 months
Picketlink SVN: r1137 - in federation/trunk: picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v1/writers and 2 other directories.
by picketlink-commits@lists.jboss.org
Author: anil.saldhana(a)jboss.com
Date: 2011-07-27 18:40:37 -0400 (Wed, 27 Jul 2011)
New Revision: 1137
Modified:
federation/trunk/picketlink-fed-api/src/test/java/org/picketlink/test/identity/federation/api/saml/v2/SAML2ResponseUnitTestCase.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v1/writers/SAML11AssertionWriter.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/BaseWriter.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/util/StaxUtil.java
Log:
PLFED-216: new method in StaxUtil
Modified: federation/trunk/picketlink-fed-api/src/test/java/org/picketlink/test/identity/federation/api/saml/v2/SAML2ResponseUnitTestCase.java
===================================================================
--- federation/trunk/picketlink-fed-api/src/test/java/org/picketlink/test/identity/federation/api/saml/v2/SAML2ResponseUnitTestCase.java 2011-07-27 19:15:46 UTC (rev 1136)
+++ federation/trunk/picketlink-fed-api/src/test/java/org/picketlink/test/identity/federation/api/saml/v2/SAML2ResponseUnitTestCase.java 2011-07-27 22:40:37 UTC (rev 1137)
@@ -23,6 +23,8 @@
import static org.junit.Assert.assertNotNull;
+import java.io.ByteArrayInputStream;
+import java.io.ByteArrayOutputStream;
import java.io.InputStream;
import java.security.Key;
import java.security.KeyPair;
@@ -42,6 +44,9 @@
import org.picketlink.identity.federation.core.saml.v2.util.AssertionUtil;
import org.picketlink.identity.federation.core.saml.v2.util.DocumentUtil;
import org.picketlink.identity.federation.core.saml.v2.util.StatementUtil;
+import org.picketlink.identity.federation.core.saml.v2.writers.SAMLResponseWriter;
+import org.picketlink.identity.federation.core.util.JAXPValidationUtil;
+import org.picketlink.identity.federation.core.util.StaxUtil;
import org.picketlink.identity.federation.saml.v2.SAML2Object;
import org.picketlink.identity.federation.saml.v2.assertion.AssertionType;
import org.picketlink.identity.federation.saml.v2.assertion.AttributeStatementType;
@@ -124,6 +129,18 @@
assertNotNull(signedDoc);
System.out.println("Signed Response=" + DocumentUtil.asString(signedDoc));
+
+ Document convertedDoc = samlResponse.convert(responseType);
+ assertNotNull(convertedDoc);
+
+ //Now for the writing part
+ ByteArrayOutputStream baos = new ByteArrayOutputStream();
+
+ SAMLResponseWriter samlWriter = new SAMLResponseWriter(StaxUtil.getXMLStreamWriter(baos));
+ samlWriter.write(responseType);
+
+ Document doc = DocumentUtil.getDocument(new ByteArrayInputStream(baos.toByteArray()));
+ JAXPValidationUtil.validate(DocumentUtil.getNodeAsStream(doc));
}
/**
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v1/writers/SAML11AssertionWriter.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v1/writers/SAML11AssertionWriter.java 2011-07-27 19:15:46 UTC (rev 1136)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v1/writers/SAML11AssertionWriter.java 2011-07-27 22:40:37 UTC (rev 1137)
@@ -82,7 +82,7 @@
StaxUtil.writeDefaultNameSpace(writer, ns);
// Attributes
-// StaxUtil.writeAttribute(writer, JBossSAMLConstants.ID.get(), assertion.getID());
+ // StaxUtil.writeAttribute(writer, JBossSAMLConstants.ID.get(), assertion.getID());
StaxUtil.writeAttribute(writer, SAML11Constants.ASSERTIONID, assertion.getID());
StaxUtil.writeAttribute(writer, SAML11Constants.MAJOR_VERSION, assertion.getMajorVersion() + "");
StaxUtil.writeAttribute(writer, SAML11Constants.MINOR_VERSION, assertion.getMinorVersion() + "");
@@ -452,7 +452,7 @@
StaxUtil.writeNameSpace(writer, JBossSAMLURIConstants.XSI_PREFIX.get(), JBossSAMLURIConstants.XSI_NSURI.get());
StaxUtil.writeNameSpace(writer, "xs", JBossSAMLURIConstants.XMLSCHEMA_NSURI.get());
- StaxUtil.writeAttribute(writer, JBossSAMLURIConstants.XSI_NSURI.get(), "type", "xs:string");
+ StaxUtil.writeAttribute(writer, "xsi", JBossSAMLURIConstants.XSI_NSURI.get(), "type", "xs:string");
StaxUtil.writeCharacters(writer, attributeValue);
StaxUtil.writeEndElement(writer);
}
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/BaseWriter.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/BaseWriter.java 2011-07-27 19:15:46 UTC (rev 1136)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/BaseWriter.java 2011-07-27 22:40:37 UTC (rev 1137)
@@ -205,7 +205,7 @@
StaxUtil.writeNameSpace(writer, JBossSAMLURIConstants.XSI_PREFIX.get(), JBossSAMLURIConstants.XSI_NSURI.get());
StaxUtil.writeNameSpace(writer, "xs", JBossSAMLURIConstants.XMLSCHEMA_NSURI.get());
- StaxUtil.writeAttribute(writer, JBossSAMLURIConstants.XSI_NSURI.get(), "type", "xs:string");
+ StaxUtil.writeAttribute(writer, "xsi", JBossSAMLURIConstants.XSI_NSURI.get(), "type", "xs:string");
StaxUtil.writeCharacters(writer, attributeValue);
StaxUtil.writeEndElement(writer);
}
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/util/StaxUtil.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/util/StaxUtil.java 2011-07-27 19:15:46 UTC (rev 1136)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/util/StaxUtil.java 2011-07-27 22:40:37 UTC (rev 1137)
@@ -242,6 +242,32 @@
}
/**
+ * Write an xml attribute
+ *
+ * @param writer
+ * @param prefix prefix for the attribute
+ * @param localName
+ * localpart
+ * @param type
+ * typically xsi:type
+ * @param value
+ * value of the attribute
+ * @throws ProcessingException
+ */
+ public static void writeAttribute(XMLStreamWriter writer, String prefix, String localName, String type, String value)
+ throws ProcessingException
+ {
+ try
+ {
+ writer.writeAttribute(prefix, localName, type, value);
+ }
+ catch (XMLStreamException e)
+ {
+ throw new ProcessingException(e);
+ }
+ }
+
+ /**
* Write a string as text node
*
* @param writer
12 years, 9 months
Picketlink SVN: r1136 - in product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation: core/saml/v2/constants and 2 other directories.
by picketlink-commits@lists.jboss.org
Author: anil.saldhana(a)jboss.com
Date: 2011-07-27 15:15:46 -0400 (Wed, 27 Jul 2011)
New Revision: 1136
Modified:
product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/metadata/SAMLEntityDescriptorParser.java
product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/constants/JBossSAMLConstants.java
product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/SAMLMetadataWriter.java
product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/saml/v2/metadata/EntityDescriptorType.java
Log:
merge r1133 and 1134
Modified: product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/metadata/SAMLEntityDescriptorParser.java
===================================================================
--- product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/metadata/SAMLEntityDescriptorParser.java 2011-07-27 19:07:26 UTC (rev 1135)
+++ product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/metadata/SAMLEntityDescriptorParser.java 2011-07-27 19:15:46 UTC (rev 1136)
@@ -134,6 +134,18 @@
EDTChoiceType edtChoice = EDTChoiceType.oneValue(edtDescChoice);
entityDescriptorType.addChoiceType(edtChoice);
}
+ else if (JBossSAMLConstants.AUTHN_AUTHORITY_DESCRIPTOR.get().equals(localPart))
+ {
+ throw new ParsingException("AuthnAuthorityDescriptor type not supported");
+ }
+ else if (JBossSAMLConstants.AFFILIATION_DESCRIPTOR.get().equals(localPart))
+ {
+ throw new ParsingException("AffiliationDescriptor type not supported");
+ }
+ else if (JBossSAMLConstants.PDP_DESCRIPTOR.get().equals(localPart))
+ {
+ throw new ParsingException("PDPDescriptor type not supported");
+ }
else if (localPart.equals(JBossSAMLConstants.SIGNATURE.get()))
{
entityDescriptorType.setSignature(StaxParserUtil.getDOMElement(xmlEventReader));
@@ -148,6 +160,10 @@
{
entityDescriptorType.addContactPerson(parseContactPerson(xmlEventReader));
}
+ else if (JBossSAMLConstants.ADDITIONAL_METADATA_LOCATION.get().equals(localPart))
+ {
+ throw new ParsingException("AdditionalMetadataLocation type not supported");
+ }
else if (JBossSAMLConstants.EXTENSIONS.get().equalsIgnoreCase(localPart))
{
entityDescriptorType.setExtensions(parseExtensions(xmlEventReader));
Property changes on: product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/metadata/SAMLEntityDescriptorParser.java
___________________________________________________________________
Added: svn:mergeinfo
+ /federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/metadata/SAMLEntityDescriptorParser.java:1095-1096,1098-1134
Modified: product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/constants/JBossSAMLConstants.java
===================================================================
--- product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/constants/JBossSAMLConstants.java 2011-07-27 19:07:26 UTC (rev 1135)
+++ product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/constants/JBossSAMLConstants.java 2011-07-27 19:15:46 UTC (rev 1136)
@@ -29,6 +29,8 @@
public enum JBossSAMLConstants
{
ADDRESS( "Address" ),
+ ADDITIONAL_METADATA_LOCATION("AdditionalMetadataLocation"),
+ AFFILIATION_DESCRIPTOR("AffiliationDescriptor"),
ALLOW_CREATE( "AllowCreate" ),
ARTIFACT( "Artifact" ),
ARTIFACT_RESOLVE( "ArtifactResolve" ),
@@ -51,6 +53,7 @@
AUDIENCE_RESTRICTION( "AudienceRestriction" ),
AUTHN_CONTEXT( "AuthnContext" ),
AUTHENTICATING_AUTHORITY( "AuthenticatingAuthority" ),
+ AUTHN_AUTHORITY_DESCRIPTOR("AuthnAuthorityDescriptor"),
AUTHN_CONTEXT_CLASS_REF( "AuthnContextClassRef" ),
AUTHN_CONTEXT_DECLARATION( "AuthnContextDecl" ),
AUTHN_CONTEXT_DECLARATION_REF( "AuthnContextDeclRef" ),
@@ -111,6 +114,7 @@
ORGANIZATION_NAME( "OrganizationName" ),
ORGANIZATION_DISPLAY_NAME( "OrganizationDisplayName" ),
ORGANIZATION_URL( "OrganizationURL" ),
+ PDP_DESCRIPTOR("PDPDescriptor"),
PROTOCOL_BINDING( "ProtocolBinding" ),
PROTOCOL_SUPPORT_ENUMERATION( "protocolSupportEnumeration" ),
PROVIDER_NAME( "ProviderName" ),
Property changes on: product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/constants/JBossSAMLConstants.java
___________________________________________________________________
Added: svn:mergeinfo
+ /federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/constants/JBossSAMLConstants.java:1098-1134
Modified: product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/SAMLMetadataWriter.java
===================================================================
--- product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/SAMLMetadataWriter.java 2011-07-27 19:07:26 UTC (rev 1135)
+++ product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/SAMLMetadataWriter.java 2011-07-27 19:15:46 UTC (rev 1136)
@@ -34,6 +34,7 @@
import org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLURIConstants;
import org.picketlink.identity.federation.core.util.StaxUtil;
import org.picketlink.identity.federation.saml.v2.assertion.AttributeType;
+import org.picketlink.identity.federation.saml.v2.metadata.AdditionalMetadataLocationType;
import org.picketlink.identity.federation.saml.v2.metadata.AffiliationDescriptorType;
import org.picketlink.identity.federation.saml.v2.metadata.AttributeAuthorityDescriptorType;
import org.picketlink.identity.federation.saml.v2.metadata.AttributeConsumingServiceType;
@@ -53,6 +54,7 @@
import org.picketlink.identity.federation.saml.v2.metadata.LocalizedNameType;
import org.picketlink.identity.federation.saml.v2.metadata.LocalizedURIType;
import org.picketlink.identity.federation.saml.v2.metadata.OrganizationType;
+import org.picketlink.identity.federation.saml.v2.metadata.PDPDescriptorType;
import org.picketlink.identity.federation.saml.v2.metadata.RequestedAttributeType;
import org.picketlink.identity.federation.saml.v2.metadata.RoleDescriptorType;
import org.picketlink.identity.federation.saml.v2.metadata.SPSSODescriptorType;
@@ -184,6 +186,10 @@
AuthnAuthorityDescriptorType authNDesc = edtDescChoice.getAuthnDescriptor();
if (authNDesc != null)
throw new RuntimeException("NYI");
+
+ PDPDescriptorType pdpDesc = edtDescChoice.getPdpDescriptor();
+ if (pdpDesc != null)
+ throw new RuntimeException("NYI");
}
}
OrganizationType organization = entityDescriptor.getOrganization();
@@ -198,6 +204,10 @@
write(contact);
}
+ List<AdditionalMetadataLocationType> addl = entityDescriptor.getAdditionalMetadataLocation();
+ if (addl.size() > 0)
+ throw new RuntimeException("NYI");
+
StaxUtil.writeEndElement(writer);
StaxUtil.flush(writer);
}
Property changes on: product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/SAMLMetadataWriter.java
___________________________________________________________________
Modified: svn:mergeinfo
- /federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/SAMLMetadataWriter.java:1095-1096
+ /federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/SAMLMetadataWriter.java:1095-1096,1098-1134
Modified: product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/saml/v2/metadata/EntityDescriptorType.java
===================================================================
--- product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/saml/v2/metadata/EntityDescriptorType.java 2011-07-27 19:07:26 UTC (rev 1135)
+++ product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/saml/v2/metadata/EntityDescriptorType.java 2011-07-27 19:15:46 UTC (rev 1136)
@@ -337,6 +337,24 @@
}
/**
+ * Add a {@link AdditionalMetadataLocationType}
+ * @param amld
+ */
+ public void addAdditionalMetadataLocationType(AdditionalMetadataLocationType amld)
+ {
+ this.additionalMetadataLocation.add(amld);
+ }
+
+ /**
+ * Remove a {@link AdditionalMetadataLocationType}
+ * @param amld
+ */
+ public void removeAdditionalMetadataLocationType(AdditionalMetadataLocationType amld)
+ {
+ this.additionalMetadataLocation.remove(amld);
+ }
+
+ /**
* Gets the value of the additionalMetadataLocation property.
*
* <p>
Property changes on: product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/saml/v2/metadata/EntityDescriptorType.java
___________________________________________________________________
Added: svn:mergeinfo
+ /federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/saml/v2/metadata/EntityDescriptorType.java:1098-1134
12 years, 9 months
Picketlink SVN: r1135 - in product/trunk/picketlink-core/src: test/java/org/picketlink/test/identity/federation/api/saml/v2 and 1 other directory.
by picketlink-commits@lists.jboss.org
Author: anil.saldhana(a)jboss.com
Date: 2011-07-27 15:07:26 -0400 (Wed, 27 Jul 2011)
New Revision: 1135
Modified:
product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/api/saml/v2/response/SAML2Response.java
product/trunk/picketlink-core/src/test/java/org/picketlink/test/identity/federation/api/saml/v2/SAML2ResponseUnitTestCase.java
Log:
merge in r1132
Modified: product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/api/saml/v2/response/SAML2Response.java
===================================================================
--- product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/api/saml/v2/response/SAML2Response.java 2011-07-27 03:57:27 UTC (rev 1134)
+++ product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/api/saml/v2/response/SAML2Response.java 2011-07-27 19:07:26 UTC (rev 1135)
@@ -142,7 +142,70 @@
}
/**
+ * Construct a {@link ResponseType} without calling PicketLink STS for the assertion.
+ * The {@link AssertionType} is generated within this method
+ * @param ID id of the {@link ResponseType}
+ * @param sp
+ * @param idp
+ * @param issuerInfo
+ * @return
+ * @throws ConfigurationException
+ * @throws ProcessingException
+ */
+ public ResponseType createResponseType(String ID, SPInfoHolder sp, IDPInfoHolder idp, IssuerInfoHolder issuerInfo,
+ AssertionType assertion) throws ConfigurationException, ProcessingException
+ {
+ String responseDestinationURI = sp.getResponseDestinationURI();
+
+ XMLGregorianCalendar issueInstant = XMLTimeUtil.getIssueInstant();
+
+ //Create assertion -> subject
+ SubjectType subjectType = new SubjectType();
+
+ //subject -> nameid
+ NameIDType nameIDType = new NameIDType();
+ nameIDType.setFormat(URI.create(idp.getNameIDFormat()));
+ nameIDType.setValue(idp.getNameIDFormatValue());
+
+ SubjectType.STSubType subType = new SubjectType.STSubType();
+ subType.addBaseID(nameIDType);
+ subjectType.setSubType(subType);
+
+ SubjectConfirmationType subjectConfirmation = new SubjectConfirmationType();
+ subjectConfirmation.setMethod(idp.getSubjectConfirmationMethod());
+
+ SubjectConfirmationDataType subjectConfirmationData = new SubjectConfirmationDataType();
+ subjectConfirmationData.setInResponseTo(sp.getRequestID());
+ subjectConfirmationData.setRecipient(responseDestinationURI);
+ subjectConfirmationData.setNotBefore(issueInstant);
+ subjectConfirmationData.setNotOnOrAfter(issueInstant);
+
+ subjectConfirmation.setSubjectConfirmationData(subjectConfirmationData);
+
+ subjectType.addConfirmation(subjectConfirmation);
+
+ //Update the subjectConfirmationData expiry based on the assertion
+ if (assertion.getConditions() != null)
+ {
+ subjectConfirmationData.setNotOnOrAfter(assertion.getConditions().getNotOnOrAfter());
+ }
+
+ ResponseType responseType = createResponseType(ID, issuerInfo, assertion);
+ //InResponseTo ID
+ responseType.setInResponseTo(sp.getRequestID());
+ //Destination
+ responseType.setDestination(responseDestinationURI);
+
+ return responseType;
+ }
+
+ /**
* Create a ResponseType
+ *
+ * <b>NOTE:</b>: The PicketLink STS is used to issue/update the assertion
+ *
+ * If you want to control over the assertion being issued, then
+ * use {@link #createResponseType(String, SPInfoHolder, IDPInfoHolder, IssuerInfoHolder, AssertionType)}
* @param ID id of the response
* @param sp holder with the information about the Service Provider
* @param idp holder with the information on the Identity Provider
@@ -158,9 +221,6 @@
XMLGregorianCalendar issueInstant = XMLTimeUtil.getIssueInstant();
- //Create an assertion
- //String id = IDGenerator.create( "ID_" );
-
//Create assertion -> subject
SubjectType subjectType = new SubjectType();
@@ -204,7 +264,10 @@
assertionType = samlProtocolContext.getIssuedAssertion();
//Update the subjectConfirmationData expiry based on the assertion
- subjectConfirmationData.setNotOnOrAfter(assertionType.getConditions().getNotOnOrAfter());
+ if (assertionType.getConditions() != null)
+ {
+ subjectConfirmationData.setNotOnOrAfter(assertionType.getConditions().getNotOnOrAfter());
+ }
ResponseType responseType = createResponseType(ID, issuerInfo, assertionType);
//InResponseTo ID
Property changes on: product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/api/saml/v2/response/SAML2Response.java
___________________________________________________________________
Added: svn:mergeinfo
+ /federation/trunk/picketlink-fed-api/src/main/java/org/picketlink/identity/federation/api/saml/v2/response/SAML2Response.java:1098-1132
Modified: product/trunk/picketlink-core/src/test/java/org/picketlink/test/identity/federation/api/saml/v2/SAML2ResponseUnitTestCase.java
===================================================================
--- product/trunk/picketlink-core/src/test/java/org/picketlink/test/identity/federation/api/saml/v2/SAML2ResponseUnitTestCase.java 2011-07-27 03:57:27 UTC (rev 1134)
+++ product/trunk/picketlink-core/src/test/java/org/picketlink/test/identity/federation/api/saml/v2/SAML2ResponseUnitTestCase.java 2011-07-27 19:07:26 UTC (rev 1135)
@@ -24,17 +24,51 @@
import static org.junit.Assert.assertNotNull;
import java.io.InputStream;
+import java.security.Key;
+import java.security.KeyPair;
+import java.security.KeyStore;
+import java.security.PrivateKey;
+import java.security.cert.Certificate;
+import java.util.HashMap;
+import java.util.Map;
import org.junit.Test;
import org.picketlink.identity.federation.api.saml.v2.response.SAML2Response;
+import org.picketlink.identity.federation.api.saml.v2.sig.SAML2Signature;
+import org.picketlink.identity.federation.core.saml.v2.common.IDGenerator;
+import org.picketlink.identity.federation.core.saml.v2.holders.IDPInfoHolder;
+import org.picketlink.identity.federation.core.saml.v2.holders.IssuerInfoHolder;
+import org.picketlink.identity.federation.core.saml.v2.holders.SPInfoHolder;
+import org.picketlink.identity.federation.core.saml.v2.util.AssertionUtil;
+import org.picketlink.identity.federation.core.saml.v2.util.DocumentUtil;
+import org.picketlink.identity.federation.core.saml.v2.util.StatementUtil;
import org.picketlink.identity.federation.saml.v2.SAML2Object;
+import org.picketlink.identity.federation.saml.v2.assertion.AssertionType;
+import org.picketlink.identity.federation.saml.v2.assertion.AttributeStatementType;
+import org.picketlink.identity.federation.saml.v2.protocol.ResponseType;
+import org.picketlink.test.identity.federation.api.util.KeyUtilUnitTestCase;
+import org.w3c.dom.Document;
/**
+ * Unit test the {@link SAML2Response} API
* @author Anil.Saldhana(a)redhat.com
* @since Jul 21, 2011
*/
public class SAML2ResponseUnitTestCase
{
+ private final String keystoreLocation = "keystore/jbid_test_keystore.jks";
+
+ private final String keystorePass = "store123";
+
+ private final String keyPass = "test123";
+
+ private final String alias = "servercert";
+
+ /**
+ * Parse a {@link ResponseType} that contains ADFS Claims
+ * and then try to sign
+ * @throws Exception
+ */
@Test
public void parseADFSClaims() throws Exception
{
@@ -43,6 +77,75 @@
SAML2Response samlResponse = new SAML2Response();
SAML2Object samlObject = samlResponse.getSAML2ObjectFromStream(configStream);
assertNotNull(samlObject);
+
+ SAML2Signature sig = new SAML2Signature();
+ Document signedDoc = sig.sign((ResponseType) samlObject, getKeyPair());
+ assertNotNull(signedDoc);
+
+ System.out.println("Signed Response=" + DocumentUtil.asString(signedDoc));
}
+ /**
+ * This test constructs the {@link ResponseType}. An {@link AssertionType}
+ * is locally constructed and then passed to the construct method
+ * @throws Exception
+ */
+ @Test
+ public void constructAndSign() throws Exception
+ {
+ SAML2Response samlResponse = new SAML2Response();
+ String ID = IDGenerator.create("ID_");
+
+ IssuerInfoHolder issuerInfo = new IssuerInfoHolder("picketlink");
+
+ IDPInfoHolder idp = new IDPInfoHolder();
+ idp.setNameIDFormatValue("anil");
+
+ //create the service provider(in this case BAS) holder object
+ SPInfoHolder sp = new SPInfoHolder();
+ sp.setResponseDestinationURI("http://sombody");
+
+ Map<String, Object> attributes = new HashMap<String, Object>();
+
+ attributes.put("TOKEN_USER_ID", String.valueOf(2));
+ attributes.put("TOKEN_ORGANIZATION_DISPLAY_NAME", "Test Org");
+ attributes.put("TOKEN_USER_DISPLAY_NAME", "Test User");
+
+ AttributeStatementType attributeStatement = StatementUtil.createAttributeStatement(attributes);
+
+ String assertionId = IDGenerator.create("ID_");
+
+ AssertionType assertion = AssertionUtil.createAssertion(assertionId, issuerInfo.getIssuer());
+ assertion.addStatement(attributeStatement);
+
+ ResponseType responseType = samlResponse.createResponseType(ID, sp, idp, issuerInfo, assertion);
+ SAML2Signature sig = new SAML2Signature();
+ Document signedDoc = sig.sign(responseType, getKeyPair());
+ assertNotNull(signedDoc);
+
+ System.out.println("Signed Response=" + DocumentUtil.asString(signedDoc));
+ }
+
+ /**
+ * @see {@link KeyUtilUnitTestCase}
+ * @return
+ * @throws Exception
+ */
+ private KeyPair getKeyPair() throws Exception
+ {
+ ClassLoader tcl = Thread.currentThread().getContextClassLoader();
+ InputStream ksStream = tcl.getResourceAsStream(keystoreLocation);
+ assertNotNull("Input keystore stream is not null", ksStream);
+
+ KeyStore ks = KeyStore.getInstance(KeyStore.getDefaultType());
+ ks.load(ksStream, keystorePass.toCharArray());
+ assertNotNull("KeyStore is not null", ks);
+
+ Certificate cert = ks.getCertificate(alias);
+ assertNotNull("Cert not null", cert);
+
+ // Get private key
+ Key key = ks.getKey(alias, keyPass.toCharArray());
+ return new KeyPair(cert.getPublicKey(), (PrivateKey) key);
+ }
}
\ No newline at end of file
Property changes on: product/trunk/picketlink-core/src/test/java/org/picketlink/test/identity/federation/api/saml/v2/SAML2ResponseUnitTestCase.java
___________________________________________________________________
Added: svn:mergeinfo
+ /federation/trunk/picketlink-fed-api/src/test/java/org/picketlink/test/identity/federation/api/saml/v2/SAML2ResponseUnitTestCase.java:1109-1132
12 years, 9 months
Picketlink SVN: r1134 - federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers.
by picketlink-commits@lists.jboss.org
Author: anil.saldhana(a)jboss.com
Date: 2011-07-26 23:57:27 -0400 (Tue, 26 Jul 2011)
New Revision: 1134
Modified:
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/SAMLMetadataWriter.java
Log:
PLFED-115: addtl metadata writing
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/SAMLMetadataWriter.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/SAMLMetadataWriter.java 2011-07-27 03:54:32 UTC (rev 1133)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/SAMLMetadataWriter.java 2011-07-27 03:57:27 UTC (rev 1134)
@@ -34,6 +34,7 @@
import org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLURIConstants;
import org.picketlink.identity.federation.core.util.StaxUtil;
import org.picketlink.identity.federation.saml.v2.assertion.AttributeType;
+import org.picketlink.identity.federation.saml.v2.metadata.AdditionalMetadataLocationType;
import org.picketlink.identity.federation.saml.v2.metadata.AffiliationDescriptorType;
import org.picketlink.identity.federation.saml.v2.metadata.AttributeAuthorityDescriptorType;
import org.picketlink.identity.federation.saml.v2.metadata.AttributeConsumingServiceType;
@@ -53,6 +54,7 @@
import org.picketlink.identity.federation.saml.v2.metadata.LocalizedNameType;
import org.picketlink.identity.federation.saml.v2.metadata.LocalizedURIType;
import org.picketlink.identity.federation.saml.v2.metadata.OrganizationType;
+import org.picketlink.identity.federation.saml.v2.metadata.PDPDescriptorType;
import org.picketlink.identity.federation.saml.v2.metadata.RequestedAttributeType;
import org.picketlink.identity.federation.saml.v2.metadata.RoleDescriptorType;
import org.picketlink.identity.federation.saml.v2.metadata.SPSSODescriptorType;
@@ -184,6 +186,10 @@
AuthnAuthorityDescriptorType authNDesc = edtDescChoice.getAuthnDescriptor();
if (authNDesc != null)
throw new RuntimeException("NYI");
+
+ PDPDescriptorType pdpDesc = edtDescChoice.getPdpDescriptor();
+ if (pdpDesc != null)
+ throw new RuntimeException("NYI");
}
}
OrganizationType organization = entityDescriptor.getOrganization();
@@ -198,6 +204,10 @@
write(contact);
}
+ List<AdditionalMetadataLocationType> addl = entityDescriptor.getAdditionalMetadataLocation();
+ if (addl.size() > 0)
+ throw new RuntimeException("NYI");
+
StaxUtil.writeEndElement(writer);
StaxUtil.flush(writer);
}
12 years, 9 months
Picketlink SVN: r1133 - in federation/trunk: picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/constants and 1 other directories.
by picketlink-commits@lists.jboss.org
Author: anil.saldhana(a)jboss.com
Date: 2011-07-26 23:54:32 -0400 (Tue, 26 Jul 2011)
New Revision: 1133
Modified:
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/metadata/SAMLEntityDescriptorParser.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/constants/JBossSAMLConstants.java
federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/saml/v2/metadata/EntityDescriptorType.java
Log:
PLFED-115: addtl metadata parsing
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/metadata/SAMLEntityDescriptorParser.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/metadata/SAMLEntityDescriptorParser.java 2011-07-26 22:03:52 UTC (rev 1132)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/metadata/SAMLEntityDescriptorParser.java 2011-07-27 03:54:32 UTC (rev 1133)
@@ -134,6 +134,18 @@
EDTChoiceType edtChoice = EDTChoiceType.oneValue(edtDescChoice);
entityDescriptorType.addChoiceType(edtChoice);
}
+ else if (JBossSAMLConstants.AUTHN_AUTHORITY_DESCRIPTOR.get().equals(localPart))
+ {
+ throw new ParsingException("AuthnAuthorityDescriptor type not supported");
+ }
+ else if (JBossSAMLConstants.AFFILIATION_DESCRIPTOR.get().equals(localPart))
+ {
+ throw new ParsingException("AffiliationDescriptor type not supported");
+ }
+ else if (JBossSAMLConstants.PDP_DESCRIPTOR.get().equals(localPart))
+ {
+ throw new ParsingException("PDPDescriptor type not supported");
+ }
else if (localPart.equals(JBossSAMLConstants.SIGNATURE.get()))
{
entityDescriptorType.setSignature(StaxParserUtil.getDOMElement(xmlEventReader));
@@ -148,6 +160,10 @@
{
entityDescriptorType.addContactPerson(parseContactPerson(xmlEventReader));
}
+ else if (JBossSAMLConstants.ADDITIONAL_METADATA_LOCATION.get().equals(localPart))
+ {
+ throw new ParsingException("AdditionalMetadataLocation type not supported");
+ }
else if (JBossSAMLConstants.EXTENSIONS.get().equalsIgnoreCase(localPart))
{
entityDescriptorType.setExtensions(parseExtensions(xmlEventReader));
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/constants/JBossSAMLConstants.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/constants/JBossSAMLConstants.java 2011-07-26 22:03:52 UTC (rev 1132)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/constants/JBossSAMLConstants.java 2011-07-27 03:54:32 UTC (rev 1133)
@@ -29,6 +29,8 @@
public enum JBossSAMLConstants
{
ADDRESS( "Address" ),
+ ADDITIONAL_METADATA_LOCATION("AdditionalMetadataLocation"),
+ AFFILIATION_DESCRIPTOR("AffiliationDescriptor"),
ALLOW_CREATE( "AllowCreate" ),
ARTIFACT( "Artifact" ),
ARTIFACT_RESOLVE( "ArtifactResolve" ),
@@ -51,6 +53,7 @@
AUDIENCE_RESTRICTION( "AudienceRestriction" ),
AUTHN_CONTEXT( "AuthnContext" ),
AUTHENTICATING_AUTHORITY( "AuthenticatingAuthority" ),
+ AUTHN_AUTHORITY_DESCRIPTOR("AuthnAuthorityDescriptor"),
AUTHN_CONTEXT_CLASS_REF( "AuthnContextClassRef" ),
AUTHN_CONTEXT_DECLARATION( "AuthnContextDecl" ),
AUTHN_CONTEXT_DECLARATION_REF( "AuthnContextDeclRef" ),
@@ -111,6 +114,7 @@
ORGANIZATION_NAME( "OrganizationName" ),
ORGANIZATION_DISPLAY_NAME( "OrganizationDisplayName" ),
ORGANIZATION_URL( "OrganizationURL" ),
+ PDP_DESCRIPTOR("PDPDescriptor"),
PROTOCOL_BINDING( "ProtocolBinding" ),
PROTOCOL_SUPPORT_ENUMERATION( "protocolSupportEnumeration" ),
PROVIDER_NAME( "ProviderName" ),
Modified: federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/saml/v2/metadata/EntityDescriptorType.java
===================================================================
--- federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/saml/v2/metadata/EntityDescriptorType.java 2011-07-26 22:03:52 UTC (rev 1132)
+++ federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/saml/v2/metadata/EntityDescriptorType.java 2011-07-27 03:54:32 UTC (rev 1133)
@@ -337,6 +337,24 @@
}
/**
+ * Add a {@link AdditionalMetadataLocationType}
+ * @param amld
+ */
+ public void addAdditionalMetadataLocationType(AdditionalMetadataLocationType amld)
+ {
+ this.additionalMetadataLocation.add(amld);
+ }
+
+ /**
+ * Remove a {@link AdditionalMetadataLocationType}
+ * @param amld
+ */
+ public void removeAdditionalMetadataLocationType(AdditionalMetadataLocationType amld)
+ {
+ this.additionalMetadataLocation.remove(amld);
+ }
+
+ /**
* Gets the value of the additionalMetadataLocation property.
*
* <p>
12 years, 9 months
Picketlink SVN: r1132 - in federation/trunk/picketlink-fed-api/src: test/java/org/picketlink/test/identity/federation/api/saml/v2 and 1 other directory.
by picketlink-commits@lists.jboss.org
Author: anil.saldhana(a)jboss.com
Date: 2011-07-26 18:03:52 -0400 (Tue, 26 Jul 2011)
New Revision: 1132
Modified:
federation/trunk/picketlink-fed-api/src/main/java/org/picketlink/identity/federation/api/saml/v2/response/SAML2Response.java
federation/trunk/picketlink-fed-api/src/test/java/org/picketlink/test/identity/federation/api/saml/v2/SAML2ResponseUnitTestCase.java
Log:
PLFED-215: allow assertion as param
Modified: federation/trunk/picketlink-fed-api/src/main/java/org/picketlink/identity/federation/api/saml/v2/response/SAML2Response.java
===================================================================
--- federation/trunk/picketlink-fed-api/src/main/java/org/picketlink/identity/federation/api/saml/v2/response/SAML2Response.java 2011-07-26 18:56:56 UTC (rev 1131)
+++ federation/trunk/picketlink-fed-api/src/main/java/org/picketlink/identity/federation/api/saml/v2/response/SAML2Response.java 2011-07-26 22:03:52 UTC (rev 1132)
@@ -142,7 +142,70 @@
}
/**
+ * Construct a {@link ResponseType} without calling PicketLink STS for the assertion.
+ * The {@link AssertionType} is generated within this method
+ * @param ID id of the {@link ResponseType}
+ * @param sp
+ * @param idp
+ * @param issuerInfo
+ * @return
+ * @throws ConfigurationException
+ * @throws ProcessingException
+ */
+ public ResponseType createResponseType(String ID, SPInfoHolder sp, IDPInfoHolder idp, IssuerInfoHolder issuerInfo,
+ AssertionType assertion) throws ConfigurationException, ProcessingException
+ {
+ String responseDestinationURI = sp.getResponseDestinationURI();
+
+ XMLGregorianCalendar issueInstant = XMLTimeUtil.getIssueInstant();
+
+ //Create assertion -> subject
+ SubjectType subjectType = new SubjectType();
+
+ //subject -> nameid
+ NameIDType nameIDType = new NameIDType();
+ nameIDType.setFormat(URI.create(idp.getNameIDFormat()));
+ nameIDType.setValue(idp.getNameIDFormatValue());
+
+ SubjectType.STSubType subType = new SubjectType.STSubType();
+ subType.addBaseID(nameIDType);
+ subjectType.setSubType(subType);
+
+ SubjectConfirmationType subjectConfirmation = new SubjectConfirmationType();
+ subjectConfirmation.setMethod(idp.getSubjectConfirmationMethod());
+
+ SubjectConfirmationDataType subjectConfirmationData = new SubjectConfirmationDataType();
+ subjectConfirmationData.setInResponseTo(sp.getRequestID());
+ subjectConfirmationData.setRecipient(responseDestinationURI);
+ subjectConfirmationData.setNotBefore(issueInstant);
+ subjectConfirmationData.setNotOnOrAfter(issueInstant);
+
+ subjectConfirmation.setSubjectConfirmationData(subjectConfirmationData);
+
+ subjectType.addConfirmation(subjectConfirmation);
+
+ //Update the subjectConfirmationData expiry based on the assertion
+ if (assertion.getConditions() != null)
+ {
+ subjectConfirmationData.setNotOnOrAfter(assertion.getConditions().getNotOnOrAfter());
+ }
+
+ ResponseType responseType = createResponseType(ID, issuerInfo, assertion);
+ //InResponseTo ID
+ responseType.setInResponseTo(sp.getRequestID());
+ //Destination
+ responseType.setDestination(responseDestinationURI);
+
+ return responseType;
+ }
+
+ /**
* Create a ResponseType
+ *
+ * <b>NOTE:</b>: The PicketLink STS is used to issue/update the assertion
+ *
+ * If you want to control over the assertion being issued, then
+ * use {@link #createResponseType(String, SPInfoHolder, IDPInfoHolder, IssuerInfoHolder, AssertionType)}
* @param ID id of the response
* @param sp holder with the information about the Service Provider
* @param idp holder with the information on the Identity Provider
@@ -158,9 +221,6 @@
XMLGregorianCalendar issueInstant = XMLTimeUtil.getIssueInstant();
- //Create an assertion
- //String id = IDGenerator.create( "ID_" );
-
//Create assertion -> subject
SubjectType subjectType = new SubjectType();
@@ -204,7 +264,10 @@
assertionType = samlProtocolContext.getIssuedAssertion();
//Update the subjectConfirmationData expiry based on the assertion
- subjectConfirmationData.setNotOnOrAfter(assertionType.getConditions().getNotOnOrAfter());
+ if (assertionType.getConditions() != null)
+ {
+ subjectConfirmationData.setNotOnOrAfter(assertionType.getConditions().getNotOnOrAfter());
+ }
ResponseType responseType = createResponseType(ID, issuerInfo, assertionType);
//InResponseTo ID
Modified: federation/trunk/picketlink-fed-api/src/test/java/org/picketlink/test/identity/federation/api/saml/v2/SAML2ResponseUnitTestCase.java
===================================================================
--- federation/trunk/picketlink-fed-api/src/test/java/org/picketlink/test/identity/federation/api/saml/v2/SAML2ResponseUnitTestCase.java 2011-07-26 18:56:56 UTC (rev 1131)
+++ federation/trunk/picketlink-fed-api/src/test/java/org/picketlink/test/identity/federation/api/saml/v2/SAML2ResponseUnitTestCase.java 2011-07-26 22:03:52 UTC (rev 1132)
@@ -29,24 +29,33 @@
import java.security.KeyStore;
import java.security.PrivateKey;
import java.security.cert.Certificate;
+import java.util.HashMap;
+import java.util.Map;
import org.junit.Test;
import org.picketlink.identity.federation.api.saml.v2.response.SAML2Response;
import org.picketlink.identity.federation.api.saml.v2.sig.SAML2Signature;
+import org.picketlink.identity.federation.core.saml.v2.common.IDGenerator;
+import org.picketlink.identity.federation.core.saml.v2.holders.IDPInfoHolder;
+import org.picketlink.identity.federation.core.saml.v2.holders.IssuerInfoHolder;
+import org.picketlink.identity.federation.core.saml.v2.holders.SPInfoHolder;
+import org.picketlink.identity.federation.core.saml.v2.util.AssertionUtil;
import org.picketlink.identity.federation.core.saml.v2.util.DocumentUtil;
+import org.picketlink.identity.federation.core.saml.v2.util.StatementUtil;
import org.picketlink.identity.federation.saml.v2.SAML2Object;
+import org.picketlink.identity.federation.saml.v2.assertion.AssertionType;
+import org.picketlink.identity.federation.saml.v2.assertion.AttributeStatementType;
import org.picketlink.identity.federation.saml.v2.protocol.ResponseType;
import org.picketlink.test.identity.federation.api.util.KeyUtilUnitTestCase;
import org.w3c.dom.Document;
/**
- * Parse a {@link ResponseType} that contains A
+ * Unit test the {@link SAML2Response} API
* @author Anil.Saldhana(a)redhat.com
* @since Jul 21, 2011
*/
public class SAML2ResponseUnitTestCase
{
-
private final String keystoreLocation = "keystore/jbid_test_keystore.jks";
private final String keystorePass = "store123";
@@ -77,6 +86,47 @@
}
/**
+ * This test constructs the {@link ResponseType}. An {@link AssertionType}
+ * is locally constructed and then passed to the construct method
+ * @throws Exception
+ */
+ @Test
+ public void constructAndSign() throws Exception
+ {
+ SAML2Response samlResponse = new SAML2Response();
+ String ID = IDGenerator.create("ID_");
+
+ IssuerInfoHolder issuerInfo = new IssuerInfoHolder("picketlink");
+
+ IDPInfoHolder idp = new IDPInfoHolder();
+ idp.setNameIDFormatValue("anil");
+
+ //create the service provider(in this case BAS) holder object
+ SPInfoHolder sp = new SPInfoHolder();
+ sp.setResponseDestinationURI("http://sombody");
+
+ Map<String, Object> attributes = new HashMap<String, Object>();
+
+ attributes.put("TOKEN_USER_ID", String.valueOf(2));
+ attributes.put("TOKEN_ORGANIZATION_DISPLAY_NAME", "Test Org");
+ attributes.put("TOKEN_USER_DISPLAY_NAME", "Test User");
+
+ AttributeStatementType attributeStatement = StatementUtil.createAttributeStatement(attributes);
+
+ String assertionId = IDGenerator.create("ID_");
+
+ AssertionType assertion = AssertionUtil.createAssertion(assertionId, issuerInfo.getIssuer());
+ assertion.addStatement(attributeStatement);
+
+ ResponseType responseType = samlResponse.createResponseType(ID, sp, idp, issuerInfo, assertion);
+ SAML2Signature sig = new SAML2Signature();
+ Document signedDoc = sig.sign(responseType, getKeyPair());
+ assertNotNull(signedDoc);
+
+ System.out.println("Signed Response=" + DocumentUtil.asString(signedDoc));
+ }
+
+ /**
* @see {@link KeyUtilUnitTestCase}
* @return
* @throws Exception
12 years, 9 months
Picketlink SVN: r1131 - federation/trunk/picketlink-fed-api/src/test/java/org/picketlink/test/identity/federation/api/saml/v2.
by picketlink-commits@lists.jboss.org
Author: anil.saldhana(a)jboss.com
Date: 2011-07-26 14:56:56 -0400 (Tue, 26 Jul 2011)
New Revision: 1131
Modified:
federation/trunk/picketlink-fed-api/src/test/java/org/picketlink/test/identity/federation/api/saml/v2/SAML2ResponseUnitTestCase.java
Log:
test signing the response type
Modified: federation/trunk/picketlink-fed-api/src/test/java/org/picketlink/test/identity/federation/api/saml/v2/SAML2ResponseUnitTestCase.java
===================================================================
--- federation/trunk/picketlink-fed-api/src/test/java/org/picketlink/test/identity/federation/api/saml/v2/SAML2ResponseUnitTestCase.java 2011-07-26 17:28:17 UTC (rev 1130)
+++ federation/trunk/picketlink-fed-api/src/test/java/org/picketlink/test/identity/federation/api/saml/v2/SAML2ResponseUnitTestCase.java 2011-07-26 18:56:56 UTC (rev 1131)
@@ -24,17 +24,42 @@
import static org.junit.Assert.assertNotNull;
import java.io.InputStream;
+import java.security.Key;
+import java.security.KeyPair;
+import java.security.KeyStore;
+import java.security.PrivateKey;
+import java.security.cert.Certificate;
import org.junit.Test;
import org.picketlink.identity.federation.api.saml.v2.response.SAML2Response;
+import org.picketlink.identity.federation.api.saml.v2.sig.SAML2Signature;
+import org.picketlink.identity.federation.core.saml.v2.util.DocumentUtil;
import org.picketlink.identity.federation.saml.v2.SAML2Object;
+import org.picketlink.identity.federation.saml.v2.protocol.ResponseType;
+import org.picketlink.test.identity.federation.api.util.KeyUtilUnitTestCase;
+import org.w3c.dom.Document;
/**
+ * Parse a {@link ResponseType} that contains A
* @author Anil.Saldhana(a)redhat.com
* @since Jul 21, 2011
*/
public class SAML2ResponseUnitTestCase
{
+
+ private final String keystoreLocation = "keystore/jbid_test_keystore.jks";
+
+ private final String keystorePass = "store123";
+
+ private final String keyPass = "test123";
+
+ private final String alias = "servercert";
+
+ /**
+ * Parse a {@link ResponseType} that contains ADFS Claims
+ * and then try to sign
+ * @throws Exception
+ */
@Test
public void parseADFSClaims() throws Exception
{
@@ -43,6 +68,34 @@
SAML2Response samlResponse = new SAML2Response();
SAML2Object samlObject = samlResponse.getSAML2ObjectFromStream(configStream);
assertNotNull(samlObject);
+
+ SAML2Signature sig = new SAML2Signature();
+ Document signedDoc = sig.sign((ResponseType) samlObject, getKeyPair());
+ assertNotNull(signedDoc);
+
+ System.out.println("Signed Response=" + DocumentUtil.asString(signedDoc));
}
+ /**
+ * @see {@link KeyUtilUnitTestCase}
+ * @return
+ * @throws Exception
+ */
+ private KeyPair getKeyPair() throws Exception
+ {
+ ClassLoader tcl = Thread.currentThread().getContextClassLoader();
+ InputStream ksStream = tcl.getResourceAsStream(keystoreLocation);
+ assertNotNull("Input keystore stream is not null", ksStream);
+
+ KeyStore ks = KeyStore.getInstance(KeyStore.getDefaultType());
+ ks.load(ksStream, keystorePass.toCharArray());
+ assertNotNull("KeyStore is not null", ks);
+
+ Certificate cert = ks.getCertificate(alias);
+ assertNotNull("Cert not null", cert);
+
+ // Get private key
+ Key key = ks.getKey(alias, keyPass.toCharArray());
+ return new KeyPair(cert.getPublicKey(), (PrivateKey) key);
+ }
}
\ No newline at end of file
12 years, 9 months
Picketlink SVN: r1130 - in integration-tests/trunk/picketlink-int-webapps: claims and 4 other directories.
by picketlink-commits@lists.jboss.org
Author: anil.saldhana(a)jboss.com
Date: 2011-07-26 13:28:17 -0400 (Tue, 26 Jul 2011)
New Revision: 1130
Modified:
integration-tests/trunk/picketlink-int-webapps/
integration-tests/trunk/picketlink-int-webapps/claims/
integration-tests/trunk/picketlink-int-webapps/claims/src/
integration-tests/trunk/picketlink-int-webapps/claims/src/main/
integration-tests/trunk/picketlink-int-webapps/claims/src/main/webapp/
integration-tests/trunk/picketlink-int-webapps/claims/src/main/webapp/WEB-INF/
Log:
set svn ig
Property changes on: integration-tests/trunk/picketlink-int-webapps
___________________________________________________________________
Added: svn:ignore
+ .settings
target
target-eclipse
eclipse-target
.project
.classpath
.settings
.metadata
Property changes on: integration-tests/trunk/picketlink-int-webapps/claims
___________________________________________________________________
Added: svn:ignore
+ .settings
target
target-eclipse
eclipse-target
.project
.classpath
.settings
.metadata
Property changes on: integration-tests/trunk/picketlink-int-webapps/claims/src
___________________________________________________________________
Added: svn:ignore
+ .settings
target
target-eclipse
eclipse-target
.project
.classpath
.settings
.metadata
Property changes on: integration-tests/trunk/picketlink-int-webapps/claims/src/main
___________________________________________________________________
Added: svn:ignore
+ .settings
target
target-eclipse
eclipse-target
.project
.classpath
.settings
.metadata
Property changes on: integration-tests/trunk/picketlink-int-webapps/claims/src/main/webapp
___________________________________________________________________
Added: svn:ignore
+ .settings
target
target-eclipse
eclipse-target
.project
.classpath
.settings
.metadata
Property changes on: integration-tests/trunk/picketlink-int-webapps/claims/src/main/webapp/WEB-INF
___________________________________________________________________
Added: svn:ignore
+ .settings
target
target-eclipse
eclipse-target
.project
.classpath
.settings
.metadata
12 years, 9 months
Picketlink SVN: r1129 - in integration-tests/trunk: picketlink-saml-tests/src/test/java/org/picketlink/test/integration/saml2 and 1 other directory.
by picketlink-commits@lists.jboss.org
Author: anil.saldhana(a)jboss.com
Date: 2011-07-26 13:27:46 -0400 (Tue, 26 Jul 2011)
New Revision: 1129
Added:
integration-tests/trunk/picketlink-saml-tests/src/test/java/org/picketlink/test/integration/saml2/SAML2ResponseParsingUnitTestCase.java
Modified:
integration-tests/trunk/ant-scripts/ant-build.xml
Log:
PLFED-214: test the transformerutil changes
Modified: integration-tests/trunk/ant-scripts/ant-build.xml
===================================================================
--- integration-tests/trunk/ant-scripts/ant-build.xml 2011-07-26 16:37:51 UTC (rev 1128)
+++ integration-tests/trunk/ant-scripts/ant-build.xml 2011-07-26 17:27:46 UTC (rev 1129)
@@ -80,18 +80,8 @@
<param name="jbossas" value="${basedir}/target/jboss-5.1.0.GA"/>
</antcall>
<copy file="${basedir}/../common-dist/files/jboss-log4j.xml" todir="${JBAS5_DEPLOY}/../conf"/>
+ <copy file="${basedir}/../picketlink-int-webapps/claims/target/claims.war" todir="${JBAS5_DEPLOY}/picketlink/"/>
- <!--
- <mkdir dir="${JBAS5_DEPLOY}/picketlink" />
- <copy file="${localRepository}/org/picketlink/picketlink-bindings/${version}/picketlink-bindings-${version}.jar" todir="${JBAS5_DEPLOY}/picketlink"/>
- <copy file="${localRepository}/org/picketlink/picketlink-bindings-jboss/${version}/picketlink-bindings-jboss-${version}.jar" todir="${JBAS5_DEPLOY}/picketlink"/>
- <copy file="${localRepository}/org/picketlink/picketlink-fed/${version}/picketlink-fed-${version}.jar" todir="${JBAS5_DEPLOY}/picketlink"/>
- <unzip src="${localRepository}/org/picketlink/picketlink-fed-webapps-assembly/${version}/picketlink-fed-webapps-assembly-${version}.zip"
- dest="${JBAS5_DEPLOY}"/>
- <copy file="${localRepository}/org/openid4java/openid4java-nodeps/0.9.5/openid4java-nodeps-0.9.5.jar" todir="${JBAS5_DEPLOY}/picketlink"/>
-
- <chmod file="${basedir}/target/jboss-5.1.0.GA/bin/run.sh" perm="700"/>
- -->
</target>
<target name="copy-picketlink-jbas6">
@@ -99,6 +89,7 @@
<param name="deploy" value="${JBAS6_DEPLOY}"/>
<param name="jbossas" value="${basedir}/target/jboss-6.0.0.Final"/>
</antcall>
+ <copy file="${basedir}/../picketlink-int-webapps/claims/target/claims.war" todir="${JBAS6_DEPLOY}/picketlink/"/>
</target>
<target name="copy-sts-props-jbas5">
Added: integration-tests/trunk/picketlink-saml-tests/src/test/java/org/picketlink/test/integration/saml2/SAML2ResponseParsingUnitTestCase.java
===================================================================
--- integration-tests/trunk/picketlink-saml-tests/src/test/java/org/picketlink/test/integration/saml2/SAML2ResponseParsingUnitTestCase.java (rev 0)
+++ integration-tests/trunk/picketlink-saml-tests/src/test/java/org/picketlink/test/integration/saml2/SAML2ResponseParsingUnitTestCase.java 2011-07-26 17:27:46 UTC (rev 1129)
@@ -0,0 +1,54 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2008, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.picketlink.test.integration.saml2;
+
+import static org.junit.Assert.assertEquals;
+
+import org.junit.Test;
+
+import com.meterware.httpunit.GetMethodWebRequest;
+import com.meterware.httpunit.WebConversation;
+import com.meterware.httpunit.WebRequest;
+import com.meterware.httpunit.WebResponse;
+
+/**
+ * Test for parsing the SAML2 Response
+ * @author Anil.Saldhana(a)redhat.com
+ * @since Jul 26, 2011
+ */
+public class SAML2ResponseParsingUnitTestCase
+{
+ String CLAIMS_URL = "http://localhost:8080/claims/claimsprocess.jsp";
+
+ /**
+ * PLFED-214: Uses the claims.war in the picketlink-int-webapps setup
+ */
+ @Test
+ public void testADFSClaims() throws Exception
+ {
+ WebRequest serviceRequest1 = new GetMethodWebRequest( CLAIMS_URL );
+ WebConversation webConversation = new WebConversation();
+
+ WebResponse webResponse = webConversation.getResponse( serviceRequest1 );
+ assertEquals( 200, webResponse.getResponseCode());
+ }
+}
\ No newline at end of file
12 years, 9 months