[picketlink-commits] Picketlink SVN: r583 - in federation/trunk/picketlink-fed-core/src: main/java/org/picketlink/identity/federation/core/parsers/wst and 4 other directories.

Author: anil.saldhana(a)jboss.com Date: 2010-12-01 10:38:54 -0500 (Wed, 01 Dec 2010) New Revision: 583 Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLAssertionParser.java federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLRequestAbstractParser.java federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLSubjectParser.java federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/wst/WSTCancelTargetParser.java federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/wst/WSTRenewTargetParser.java federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/wst/WSTValidateTargetParser.java federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/SAMLAssertionWriter.java federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/WSTrustConstants.java federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/wstrust/SAML20TokenProviderUnitTestCase.java federation/trunk/picketlink-fed-core/src/test/resources/parser/saml2/saml2-assertion-x500attrib.xml Log: fixes Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLAssertionParser.java =================================================================== --- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLAssertionParser.java 2010-12-01 14:34:05 UTC (rev 582) +++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLAssertionParser.java 2010-12-01 15:38:54 UTC (rev 583) @@ -28,9 +28,6 @@ import javax.xml.stream.events.EndElement; import javax.xml.stream.events.StartElement; import javax.xml.stream.events.XMLEvent; -import javax.xml.transform.Transformer; -import javax.xml.transform.dom.DOMResult; -import javax.xml.transform.stax.StAXSource; import org.picketlink.identity.federation.core.exceptions.ConfigurationException; import org.picketlink.identity.federation.core.exceptions.ParsingException; @@ -41,10 +38,14 @@ import org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLConstants; import org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLURIConstants; import org.picketlink.identity.federation.core.saml.v2.util.DocumentUtil; -import org.picketlink.identity.federation.core.saml.v2.util.XMLTimeUtil; -import org.picketlink.identity.federation.core.util.TransformerUtil; -import org.picketlink.identity.federation.newmodel.saml.v2.assertion.*; -import org.w3c.dom.Document; +import org.picketlink.identity.federation.core.saml.v2.util.XMLTimeUtil; +import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AssertionType; +import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AttributeStatementType; +import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AuthnStatementType; +import org.picketlink.identity.federation.newmodel.saml.v2.assertion.ConditionsType; +import org.picketlink.identity.federation.newmodel.saml.v2.assertion.EncryptedAssertionType; +import org.picketlink.identity.federation.newmodel.saml.v2.assertion.NameIDType; +import org.picketlink.identity.federation.newmodel.saml.v2.assertion.SubjectType; import org.w3c.dom.Element; /** @@ -71,25 +72,10 @@ String startElementName = StaxParserUtil.getStartElementName(startElement); if( startElementName.equals( JBossSAMLConstants.ENCRYPTED_ASSERTION.get() )) { - Document resultDocument; - try - { - resultDocument = DocumentUtil.createDocument(); - DOMResult domResult = new DOMResult( resultDocument ); - - //Let us parse <b><c><d> using transformer - StAXSource source = new StAXSource(xmlEventReader); - - Transformer transformer = TransformerUtil.getStaxSourceToDomResultTransformer(); - transformer.transform( source, domResult ); - } - catch ( Exception e) - { - throw new RuntimeException( e ); - } + Element domElement = StaxParserUtil.getDOMElement(xmlEventReader); EncryptedAssertionType encryptedAssertion = new EncryptedAssertionType(); - encryptedAssertion.setEncryptedElement( resultDocument.getDocumentElement() ); + encryptedAssertion.setEncryptedElement( domElement ); return encryptedAssertion; } @@ -134,25 +120,8 @@ String tag = StaxParserUtil.getStartElementName( peekedElement ); if( tag.equals( JBossSAMLConstants.SIGNATURE.get() ) ) - { - Document resultDocument; - try - { - resultDocument = DocumentUtil.createDocument(); - DOMResult domResult = new DOMResult( resultDocument ); - - //Let us parse <b><c><d> using transformer - StAXSource source = new StAXSource(xmlEventReader); - - Transformer transformer = TransformerUtil.getStaxSourceToDomResultTransformer(); - transformer.transform( source, domResult ); - } - catch ( Exception e) - { - throw new RuntimeException( e ); - } - - assertion.setSignature( resultDocument.getDocumentElement() ); + { + assertion.setSignature( StaxParserUtil.getDOMElement(xmlEventReader) ); continue; } Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLRequestAbstractParser.java =================================================================== --- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLRequestAbstractParser.java 2010-12-01 14:34:05 UTC (rev 582) +++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLRequestAbstractParser.java 2010-12-01 15:38:54 UTC (rev 583) @@ -25,20 +25,14 @@ import javax.xml.stream.XMLEventReader; import javax.xml.stream.events.Attribute; import javax.xml.stream.events.StartElement; -import javax.xml.transform.Transformer; -import javax.xml.transform.dom.DOMResult; -import javax.xml.transform.stax.StAXSource; import org.picketlink.identity.federation.core.exceptions.ParsingException; import org.picketlink.identity.federation.core.parsers.util.StaxParserUtil; import org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLConstants; -import org.picketlink.identity.federation.core.saml.v2.util.DocumentUtil; import org.picketlink.identity.federation.core.saml.v2.util.XMLTimeUtil; import org.picketlink.identity.federation.core.util.NetworkUtil; -import org.picketlink.identity.federation.core.util.TransformerUtil; import org.picketlink.identity.federation.newmodel.saml.v2.assertion.NameIDType; import org.picketlink.identity.federation.newmodel.saml.v2.protocol.RequestAbstractType; -import org.w3c.dom.Document; /** * Base Class for SAML Request Parsing @@ -92,25 +86,8 @@ request.setIssuer( issuer ); } else if( JBossSAMLConstants.SIGNATURE.get().equals( elementName )) - { - Document resultDocument; - try - { - resultDocument = DocumentUtil.createDocument(); - DOMResult domResult = new DOMResult( resultDocument ); - - //Let us parse <b><c><d> using transformer - StAXSource source = new StAXSource(xmlEventReader); - - Transformer transformer = TransformerUtil.getStaxSourceToDomResultTransformer(); - transformer.transform( source, domResult ); - } - catch ( Exception e) - { - throw new RuntimeException( e ); - } - - request.setSignature( resultDocument.getDocumentElement() ); + { + request.setSignature( StaxParserUtil.getDOMElement(xmlEventReader) ); //StaxParserUtil.bypassElementBlock(xmlEventReader, JBossSAMLConstants.SIGNATURE.get() ); } } Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLSubjectParser.java =================================================================== --- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLSubjectParser.java 2010-12-01 14:34:05 UTC (rev 582) +++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLSubjectParser.java 2010-12-01 15:38:54 UTC (rev 583) @@ -186,6 +186,12 @@ KeyInfoType keyInfo = parseKeyInfo(xmlEventReader); subjectConfirmationData.setAnyType(keyInfo); } + else if( tag.equals( WSTrustConstants.XMLEnc.ENCRYPTED_KEY )) + { + subjectConfirmationData.setAnyType( StaxParserUtil.getDOMElement(xmlEventReader)); + } + else + throw new RuntimeException( "Handle:" + tag ); } //Get the end tag Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/wst/WSTCancelTargetParser.java =================================================================== --- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/wst/WSTCancelTargetParser.java 2010-12-01 14:34:05 UTC (rev 582) +++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/wst/WSTCancelTargetParser.java 2010-12-01 15:38:54 UTC (rev 583) @@ -24,20 +24,15 @@ import javax.xml.namespace.QName; import javax.xml.stream.XMLEventReader; import javax.xml.stream.events.StartElement; -import javax.xml.transform.dom.DOMResult; -import javax.xml.transform.stax.StAXSource; import org.picketlink.identity.federation.core.exceptions.ParsingException; import org.picketlink.identity.federation.core.parsers.ParserNamespaceSupport; import org.picketlink.identity.federation.core.parsers.saml.SAMLParser; import org.picketlink.identity.federation.core.parsers.util.StaxParserUtil; import org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLConstants; -import org.picketlink.identity.federation.core.saml.v2.util.DocumentUtil; -import org.picketlink.identity.federation.core.util.TransformerUtil; import org.picketlink.identity.federation.core.wstrust.WSTrustConstants; import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AssertionType; import org.picketlink.identity.federation.ws.trust.CancelTargetType; -import org.w3c.dom.Document; /** * Stax parser for the wst:CancelTarget element @@ -70,13 +65,8 @@ { // this is an unknown type - parse using the transformer. try - { - Document resultDocument = DocumentUtil.createDocument(); - DOMResult domResult = new DOMResult(resultDocument); - StAXSource source = new StAXSource(xmlEventReader); - TransformerUtil.transform(TransformerUtil.getStaxSourceToDomResultTransformer(), source, domResult); - Document doc = (Document) domResult.getNode(); - cancelTarget.setAny(doc.getDocumentElement()); + { + cancelTarget.setAny( StaxParserUtil.getDOMElement(xmlEventReader) ); } catch(Exception e) { Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/wst/WSTRenewTargetParser.java =================================================================== --- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/wst/WSTRenewTargetParser.java 2010-12-01 14:34:05 UTC (rev 582) +++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/wst/WSTRenewTargetParser.java 2010-12-01 15:38:54 UTC (rev 583) @@ -20,20 +20,15 @@ import javax.xml.namespace.QName; import javax.xml.stream.XMLEventReader; import javax.xml.stream.events.StartElement; -import javax.xml.transform.dom.DOMResult; -import javax.xml.transform.stax.StAXSource; import org.picketlink.identity.federation.core.exceptions.ParsingException; import org.picketlink.identity.federation.core.parsers.ParserNamespaceSupport; import org.picketlink.identity.federation.core.parsers.saml.SAMLParser; import org.picketlink.identity.federation.core.parsers.util.StaxParserUtil; import org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLConstants; -import org.picketlink.identity.federation.core.saml.v2.util.DocumentUtil; -import org.picketlink.identity.federation.core.util.TransformerUtil; import org.picketlink.identity.federation.core.wstrust.WSTrustConstants; import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AssertionType; import org.picketlink.identity.federation.ws.trust.RenewTargetType; -import org.w3c.dom.Document; /** * Stax parser for the wst:RenewTarget element @@ -68,13 +63,8 @@ { // this is an unknown type - parse using the transformer. try - { - Document resultDocument = DocumentUtil.createDocument(); - DOMResult domResult = new DOMResult(resultDocument); - StAXSource source = new StAXSource(xmlEventReader); - TransformerUtil.transform(TransformerUtil.getStaxSourceToDomResultTransformer(), source, domResult); - Document doc = (Document) domResult.getNode(); - renewTargetType.setAny(doc.getDocumentElement()); + { + renewTargetType.setAny( StaxParserUtil.getDOMElement(xmlEventReader) ); } catch(Exception e) { Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/wst/WSTValidateTargetParser.java =================================================================== --- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/wst/WSTValidateTargetParser.java 2010-12-01 14:34:05 UTC (rev 582) +++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/wst/WSTValidateTargetParser.java 2010-12-01 15:38:54 UTC (rev 583) @@ -24,20 +24,15 @@ import javax.xml.namespace.QName; import javax.xml.stream.XMLEventReader; import javax.xml.stream.events.StartElement; -import javax.xml.transform.dom.DOMResult; -import javax.xml.transform.stax.StAXSource; import org.picketlink.identity.federation.core.exceptions.ParsingException; import org.picketlink.identity.federation.core.parsers.ParserNamespaceSupport; import org.picketlink.identity.federation.core.parsers.saml.SAMLParser; import org.picketlink.identity.federation.core.parsers.util.StaxParserUtil; import org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLConstants; -import org.picketlink.identity.federation.core.saml.v2.util.DocumentUtil; -import org.picketlink.identity.federation.core.util.TransformerUtil; import org.picketlink.identity.federation.core.wstrust.WSTrustConstants; import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AssertionType; import org.picketlink.identity.federation.ws.trust.ValidateTargetType; -import org.w3c.dom.Document; /** * Stax parser for the wst:ValidateTarget element @@ -70,13 +65,8 @@ { // this is an unknown type - parse using the transformer. try - { - Document resultDocument = DocumentUtil.createDocument(); - DOMResult domResult = new DOMResult(resultDocument); - StAXSource source = new StAXSource(xmlEventReader); - TransformerUtil.transform(TransformerUtil.getStaxSourceToDomResultTransformer(), source, domResult); - Document doc = (Document) domResult.getNode(); - validateTargetType.setAny(doc.getDocumentElement()); + { + validateTargetType.setAny( StaxParserUtil.getDOMElement(xmlEventReader) ); } catch(Exception e) { Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/SAMLAssertionWriter.java =================================================================== --- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/SAMLAssertionWriter.java 2010-12-01 14:34:05 UTC (rev 582) +++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/SAMLAssertionWriter.java 2010-12-01 15:38:54 UTC (rev 583) @@ -55,6 +55,7 @@ import org.picketlink.identity.federation.newmodel.saml.v2.assertion.ConditionAbstractType; import org.picketlink.identity.federation.newmodel.saml.v2.assertion.ConditionsType; import org.picketlink.identity.federation.newmodel.saml.v2.assertion.EncryptedElementType; +import org.picketlink.identity.federation.newmodel.saml.v2.assertion.KeyInfoConfirmationDataType; import org.picketlink.identity.federation.newmodel.saml.v2.assertion.NameIDType; import org.picketlink.identity.federation.newmodel.saml.v2.assertion.StatementAbstractType; import org.picketlink.identity.federation.newmodel.saml.v2.assertion.SubjectConfirmationDataType; @@ -62,6 +63,8 @@ import org.picketlink.identity.federation.newmodel.saml.v2.assertion.SubjectType; import org.picketlink.identity.federation.newmodel.saml.v2.assertion.SubjectType.STSubType; import org.picketlink.identity.federation.newmodel.saml.v2.assertion.URIType; +import org.picketlink.identity.xmlsec.w3.xmldsig.KeyInfoType; +import org.w3c.dom.Element; /** * Write the SAML Assertion to stream @@ -467,6 +470,21 @@ { StaxUtil.writeAttribute(writer, JBossSAMLConstants.ADDRESS.get(), address ); } + + Object anyType = subjectConfirmationData.getAnyType(); + if( anyType instanceof KeyInfoConfirmationDataType ) + { + KeyInfoConfirmationDataType kicd = (KeyInfoConfirmationDataType) anyType; + Element keyInfoElement = kicd.getKeyInfo(); + StaxUtil.writeDOMNode(writer, keyInfoElement); + } + else if( anyType instanceof KeyInfoType ) + { + KeyInfoType keyInfo = (KeyInfoType) anyType; + Element el = (Element) keyInfo.getContent().get(0); + StaxUtil.writeDOMNode(writer, el); + } + else throw new RuntimeException( "Need to handle:" + anyType ); StaxUtil.writeEndElement( writer); StaxUtil.flush( writer ); Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/WSTrustConstants.java =================================================================== --- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/WSTrustConstants.java 2010-12-01 14:34:05 UTC (rev 582) +++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/WSTrustConstants.java 2010-12-01 15:38:54 UTC (rev 583) @@ -128,6 +128,12 @@ String X509CERT = "X509Certificate"; } + public interface XMLEnc + { + String XMLENC_NS = "http://www.w3.org/2001/04/xmlenc#"; + String ENCRYPTED_KEY = "EncryptedKey"; + } + public interface WSSE { String KEY_IDENTIFIER = "KeyIdentifier"; Modified: federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/wstrust/SAML20TokenProviderUnitTestCase.java =================================================================== --- federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/wstrust/SAML20TokenProviderUnitTestCase.java 2010-12-01 14:34:05 UTC (rev 582) +++ federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/wstrust/SAML20TokenProviderUnitTestCase.java 2010-12-01 15:38:54 UTC (rev 583) @@ -21,6 +21,10 @@ */ package org.picketlink.test.identity.federation.core.wstrust; +import static org.junit.Assert.assertEquals; +import static org.junit.Assert.assertNotNull; +import static org.junit.Assert.assertTrue; + import java.io.InputStream; import java.net.URI; import java.security.KeyStore; @@ -36,8 +40,7 @@ import javax.xml.transform.dom.DOMResult; import javax.xml.transform.dom.DOMSource; -import junit.framework.TestCase; - +import org.junit.Test; import org.picketlink.identity.federation.core.parsers.saml.SAMLAssertionParser; import org.picketlink.identity.federation.core.saml.v2.util.DocumentUtil; import org.picketlink.identity.federation.core.wstrust.SecurityToken; @@ -73,19 +76,11 @@ * * @author <a href="mailto:sguilhen@redhat.com">Stefan Guilhen</a> */ -public class SAML20TokenProviderUnitTestCase extends TestCase +public class SAML20TokenProviderUnitTestCase { private SAML20TokenProvider provider; - @Override - protected void setUp() throws Exception - { - super.setUp(); - this.provider = new SAML20TokenProvider(); - provider.initialize(new HashMap<String, String>()); - } - /** * <p> * Tests the issuance of a SAMLV2.0 Assertion. @@ -93,8 +88,12 @@ * * @throws Exception if an error occurs while running the test. */ + @Test public void testIssueSAMLV20Token() throws Exception - { + { + this.provider = new SAML20TokenProvider(); + provider.initialize(new HashMap<String, String>()); + SAMLAssertionParser assertionParser = new SAMLAssertionParser(); // create a WSTrustRequestContext with a simple WS-Trust request. @@ -171,8 +170,12 @@ * * @throws Exception if an error occurs while running the test. */ + @Test public void testIssueSAMLV20HolderOfKeyToken() throws Exception { + + this.provider = new SAML20TokenProvider(); + provider.initialize(new HashMap<String, String>()); // create a WSTrustRequestContext with a simple WS-Trust request. RequestSecurityToken request = new RequestSecurityToken(); request.setLifetime(WSTrustUtil.createDefaultLifetime(3600000)); @@ -266,9 +269,12 @@ * * @throws Exception if an error occurs while running the test. */ + @Test public void testValidateSAMLV20Token() throws Exception { - + this.provider = new SAML20TokenProvider(); + provider.initialize(new HashMap<String, String>()); + // issue a SAMLV2.0 assertion. WSTrustRequestContext context = this.createIssuingContext(WSTrustUtil.createDefaultLifetime(3600000)); this.provider.issueToken(context); Modified: federation/trunk/picketlink-fed-core/src/test/resources/parser/saml2/saml2-assertion-x500attrib.xml =================================================================== --- federation/trunk/picketlink-fed-core/src/test/resources/parser/saml2/saml2-assertion-x500attrib.xml 2010-12-01 14:34:05 UTC (rev 582) +++ federation/trunk/picketlink-fed-core/src/test/resources/parser/saml2/saml2-assertion-x500attrib.xml 2010-12-01 15:38:54 UTC (rev 583) @@ -7,7 +7,7 @@ IssueInstant="2004-12-05T09:22:05Z"> <saml:Issuer>https://idp.example.org/SAML2</saml:Issuer> <ds:Signature - xmlns:ds="http://www.w3.org/2000/09/xmldsig#">...</ds:Sig... + xmlns:ds="http://www.w3.org/2000/09/xmldsig#"></ds:Signat... <saml:Subject> <saml:NameID Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient">