Author: sguilhen(a)redhat.com
Date: 2011-02-01 13:22:40 -0500 (Tue, 01 Feb 2011)
New Revision: 696
Added:
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/sts/
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/sts/STSConfigParser.java
federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/config/STSConfigParserUnitTestCase.java
Modified:
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/sts/PicketLinkCoreSTS.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/PicketLinkSTS.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/StandardRequestHandler.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/WSTrustUtil.java
federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/wstrust/PicketLinkSTSUnitTestCase.java
federation/trunk/picketlink-fed-core/src/test/resources/parser/config/picketlink-sts.xml
Log:
PLFED-126: Implemented Stax-based parser for the STS configuration
Added:
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/sts/STSConfigParser.java
===================================================================
---
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/sts/STSConfigParser.java
(rev 0)
+++
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/sts/STSConfigParser.java 2011-02-01
18:22:40 UTC (rev 696)
@@ -0,0 +1,557 @@
+/*
+ * JBoss, Home of Professional Open Source. Copyright 2009, Red Hat Middleware LLC, and
individual contributors as
+ * indicated by the @author tags. See the copyright.txt file in the distribution for a
full listing of individual
+ * contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it under the terms of the
GNU Lesser General Public
+ * License as published by the Free Software Foundation; either version 2.1 of the
License, or (at your option) any
+ * later version.
+ *
+ * This software is distributed in the hope that it will be useful, but WITHOUT ANY
WARRANTY; without even the implied
+ * warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser
General Public License for more
+ * details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License along with
this software; if not, write to
+ * the Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301
USA, or see the FSF site:
+ *
http://www.fsf.org.
+ */
+package org.picketlink.identity.federation.core.parsers.sts;
+
+import javax.xml.namespace.QName;
+import javax.xml.stream.XMLEventReader;
+import javax.xml.stream.events.Attribute;
+import javax.xml.stream.events.EndElement;
+import javax.xml.stream.events.StartElement;
+import javax.xml.stream.events.XMLEvent;
+
+import org.picketlink.identity.federation.core.config.AuthPropertyType;
+import org.picketlink.identity.federation.core.config.ClaimsProcessorType;
+import org.picketlink.identity.federation.core.config.ClaimsProcessorsType;
+import org.picketlink.identity.federation.core.config.KeyProviderType;
+import org.picketlink.identity.federation.core.config.KeyValueType;
+import org.picketlink.identity.federation.core.config.STSType;
+import org.picketlink.identity.federation.core.config.ServiceProviderType;
+import org.picketlink.identity.federation.core.config.ServiceProvidersType;
+import org.picketlink.identity.federation.core.config.TokenProviderType;
+import org.picketlink.identity.federation.core.config.TokenProvidersType;
+import org.picketlink.identity.federation.core.exceptions.ParsingException;
+import org.picketlink.identity.federation.core.parsers.AbstractParser;
+import org.picketlink.identity.federation.core.parsers.util.StaxParserUtil;
+
+/**
+ * <p>
+ * A Stax parser for the STS configuration.
+ * </p>
+ *
+ * @author <a href="mailto:sguilhen@redhat.com">Stefan Guilhen</a>
+ */
+public class STSConfigParser extends AbstractParser
+{
+
+ private static final String CONFIG_NS =
"urn:picketlink:identity-federation:config:1.0";
+
+ // XML configuration elements.
+ private static final String ROOT_ELEMENT = "PicketLinkSTS";
+ private static final String KEY_PROVIDER_ELEMENT = "KeyProvider";
+ private static final String AUTH_ELEMENT = "Auth";
+ private static final String SIGNING_ALIAS_ELEMENT = "SigningAlias";
+ private static final String VALIDATING_ALIAS_ELEMENT = "ValidatingAlias";
+ private static final String REQUEST_HANDLER_ELEMENT = "RequestHandler";
+ private static final String PROPERTY_ELEMENT = "Property";
+ private static final String CLAIMS_PROCESSORS_ELEMENT = "ClaimsProcessors";
+ private static final String CLAIMS_PROCESSOR_ELEMENT = "ClaimsProcessor";
+ private static final String TOKEN_PROVIDERS_ELEMENT = "TokenProviders";
+ private static final String TOKEN_PROVIDER_ELEMENT = "TokenProvider";
+ private static final String SERVICE_PROVIDERS_ELEMENT = "ServiceProviders";
+ private static final String SERVICE_PROVIDER_ELEMENT = "ServiceProvider";
+
+ // XML configuration attributes.
+ private static final String STS_NAME_ATTRIB = "STSName";
+ private static final String TOKEN_TIMEOUT_ATTRIB = "TokenTimeout";
+ private static final String SIGN_TOKEN_ATTRIB = "SignToken";
+ private static final String ENCRYPT_TOKEN_ATTRIB = "EncryptToken";
+ private static final String CANON_METHOD_ATTRIB = "CanonicalizationMethod";
+ private static final String CLASS_NAME_ATTRIB = "ClassName";
+ private static final String KEY_ATTRIB = "Key";
+ private static final String VALUE_ATTRIB = "Value";
+ private static final String DIALECT_ATTRIB = "Dialect";
+ private static final String PROCESSOR_CLASS_ATTRIB = "ProcessorClass";
+ private static final String PROVIDER_CLASS_ATTRIB = "ProviderClass";
+ private static final String TOKEN_TYPE_ATTRIB = "TokenType";
+ private static final String TOKEN_ELEMENT_ATTRIB = "TokenElement";
+ private static final String TOKEN_ELEMENT_NS_ATTRIB = "TokenElementNS";
+ private static final String ENDPOINT_ATTRIB = "Endpoint";
+ private static final String TRUSTSTORE_ALIAS_ATTRIB = "TruststoreAlias";
+
+ /*
+ * (non-Javadoc)
+ *
+ * @see
org.picketlink.identity.federation.core.parsers.ParserNamespaceSupport#parse(javax.xml.stream.XMLEventReader)
+ */
+ @Override
+ public Object parse(XMLEventReader xmlEventReader) throws ParsingException
+ {
+ StartElement startElement = StaxParserUtil.getNextStartElement(xmlEventReader);
+ StaxParserUtil.validate(startElement, ROOT_ELEMENT);
+ STSType configType = new STSType();
+
+ // parse and set the root element attributes.
+ QName attributeQName = new QName("", STS_NAME_ATTRIB);
+ Attribute attribute = startElement.getAttributeByName(attributeQName);
+ if (attribute != null)
+ configType.setSTSName(StaxParserUtil.getAttributeValue(attribute));
+
+ attributeQName = new QName("", TOKEN_TIMEOUT_ATTRIB);
+ attribute = startElement.getAttributeByName(attributeQName);
+ if (attribute != null)
+
configType.setTokenTimeout(Integer.valueOf(StaxParserUtil.getAttributeValue(attribute)));
+
+ attributeQName = new QName("", SIGN_TOKEN_ATTRIB);
+ attribute = startElement.getAttributeByName(attributeQName);
+ if (attribute != null)
+
configType.setSignToken(Boolean.valueOf(StaxParserUtil.getAttributeValue(attribute)));
+
+ attributeQName = new QName("", ENCRYPT_TOKEN_ATTRIB);
+ attribute = startElement.getAttributeByName(attributeQName);
+ if (attribute != null)
+
configType.setEncryptToken(Boolean.valueOf(StaxParserUtil.getAttributeValue(attribute)));
+
+ attributeQName = new QName("", CANON_METHOD_ATTRIB);
+ attribute = startElement.getAttributeByName(attributeQName);
+ if (attribute != null)
+
configType.setCanonicalizationMethod(StaxParserUtil.getAttributeValue(attribute));
+
+ // parse the inner elements.
+ while (xmlEventReader.hasNext())
+ {
+ XMLEvent xmlEvent = StaxParserUtil.peek(xmlEventReader);
+ if (xmlEvent == null)
+ break;
+ if (xmlEvent instanceof EndElement)
+ {
+ EndElement endElement = (EndElement)
StaxParserUtil.getNextEvent(xmlEventReader);
+ String endElementName = StaxParserUtil.getEndElementName(endElement);
+ if (endElementName.equals(ROOT_ELEMENT))
+ break;
+ else
+ throw new RuntimeException("Unknown End Element:" +
endElementName);
+ }
+
+ StartElement subEvent = StaxParserUtil.peekNextStartElement(xmlEventReader);
+ if (subEvent == null)
+ break;
+ String elementName = StaxParserUtil.getStartElementName(subEvent);
+ if (KEY_PROVIDER_ELEMENT.equalsIgnoreCase(elementName))
+ {
+ configType.setKeyProvider(this.parseKeyProvider(xmlEventReader));
+ }
+ else if (REQUEST_HANDLER_ELEMENT.equalsIgnoreCase(elementName))
+ {
+ subEvent = StaxParserUtil.getNextStartElement(xmlEventReader);
+ if (!StaxParserUtil.hasTextAhead(xmlEventReader))
+ throw new ParsingException("Request handler class expected as element
value");
+ configType.setRequestHandler(StaxParserUtil.getElementText(xmlEventReader));
+ }
+ else if (CLAIMS_PROCESSORS_ELEMENT.equalsIgnoreCase(elementName))
+ {
+ configType.setClaimsProcessors(this.parseClaimsProcessors(xmlEventReader));
+ }
+ else if (TOKEN_PROVIDERS_ELEMENT.equalsIgnoreCase(elementName))
+ {
+ configType.setTokenProviders(this.parseTokenProviders(xmlEventReader));
+ }
+ else if (SERVICE_PROVIDERS_ELEMENT.equalsIgnoreCase(elementName))
+ {
+ configType.setServiceProviders(this.parseServiceProviders(xmlEventReader));
+ }
+ else
+ throw new ParsingException("Unknown Element: " + elementName);
+ }
+ return configType;
+ }
+
+ /*
+ * (non-Javadoc)
+ *
+ * @see
org.picketlink.identity.federation.core.parsers.ParserNamespaceSupport#supports(javax.xml.namespace.QName)
+ */
+ @Override
+ public boolean supports(QName qname)
+ {
+ return CONFIG_NS.equals(qname.getNamespaceURI());
+ }
+
+ /**
+ * <p>
+ * Parses the {@code KeyProvider} section of the STS configuration file. This section
is used to setup the keystore \
+ * that will be used to sign and encrypt security tokens.
+ * </p>
+ *
+ * @param xmlEventReader the reader used to parse the XML configuration file.
+ * @return a {@code KeyProviderType} instance that contains the parsed data.
+ * @throws ParsingException if an error occurs while parsing the XML file.
+ */
+ private KeyProviderType parseKeyProvider(XMLEventReader xmlEventReader) throws
ParsingException
+ {
+ StartElement startElement = StaxParserUtil.getNextStartElement(xmlEventReader);
+ StaxParserUtil.validate(startElement, KEY_PROVIDER_ELEMENT);
+
+ KeyProviderType keyProvider = new KeyProviderType();
+ // get the key provider class name attribute.
+ QName attributeQName = new QName("", CLASS_NAME_ATTRIB);
+ Attribute attribute = startElement.getAttributeByName(attributeQName);
+ if (attribute == null)
+ throw new ParsingException("The KeyProvider class name attribute must be
specified");
+ keyProvider.setClassName(StaxParserUtil.getAttributeValue(attribute));
+
+ // parse the inner elements.
+ while (xmlEventReader.hasNext())
+ {
+ XMLEvent xmlEvent = StaxParserUtil.peek(xmlEventReader);
+ if (xmlEvent == null)
+ break;
+ if (xmlEvent instanceof EndElement)
+ {
+ EndElement endElement = (EndElement)
StaxParserUtil.getNextEvent(xmlEventReader);
+ String endElementName = StaxParserUtil.getEndElementName(endElement);
+ if (endElementName.equals(KEY_PROVIDER_ELEMENT))
+ break;
+ else
+ throw new RuntimeException("Unknown End Element:" +
endElementName);
+ }
+
+ StartElement subEvent = StaxParserUtil.peekNextStartElement(xmlEventReader);
+ if (subEvent == null)
+ break;
+ String elementName = StaxParserUtil.getStartElementName(subEvent);
+
+ if (SIGNING_ALIAS_ELEMENT.equalsIgnoreCase(elementName))
+ {
+ subEvent = StaxParserUtil.getNextStartElement(xmlEventReader);
+ if (!StaxParserUtil.hasTextAhead(xmlEventReader))
+ throw new ParsingException("Signing alias expected as element
value");
+ keyProvider.setSigningAlias(StaxParserUtil.getElementText(xmlEventReader));
+ }
+ else if (VALIDATING_ALIAS_ELEMENT.equalsIgnoreCase(elementName))
+ {
+ subEvent = StaxParserUtil.getNextStartElement(xmlEventReader);
+ KeyValueType keyValue = new KeyValueType();
+ // parse the key and value attributes.
+ attributeQName = new QName("", KEY_ATTRIB);
+ attribute = subEvent.getAttributeByName(attributeQName);
+ if (attribute != null)
+ keyValue.setKey(StaxParserUtil.getAttributeValue(attribute));
+ attributeQName = new QName("", VALUE_ATTRIB);
+ attribute = subEvent.getAttributeByName(attributeQName);
+ if (attribute != null)
+ keyValue.setValue(StaxParserUtil.getAttributeValue(attribute));
+
+ EndElement endElement = StaxParserUtil.getNextEndElement(xmlEventReader);
+ StaxParserUtil.validate(endElement, VALIDATING_ALIAS_ELEMENT);
+ keyProvider.getValidatingAlias().add(keyValue);
+ }
+ else if (AUTH_ELEMENT.equalsIgnoreCase(elementName))
+ {
+ subEvent = StaxParserUtil.getNextStartElement(xmlEventReader);
+ AuthPropertyType authProperty = new AuthPropertyType();
+ // parse the key and value attributes.
+ attributeQName = new QName("", KEY_ATTRIB);
+ attribute = subEvent.getAttributeByName(attributeQName);
+ if (attribute != null)
+ authProperty.setKey(StaxParserUtil.getAttributeValue(attribute));
+ attributeQName = new QName("", VALUE_ATTRIB);
+ attribute = subEvent.getAttributeByName(attributeQName);
+ if (attribute != null)
+ authProperty.setValue(StaxParserUtil.getAttributeValue(attribute));
+
+ EndElement endElement = StaxParserUtil.getNextEndElement(xmlEventReader);
+ StaxParserUtil.validate(endElement, AUTH_ELEMENT);
+ keyProvider.getAuth().add(authProperty);
+ }
+ else
+ throw new ParsingException("Unknown Element: " + elementName);
+ }
+ return keyProvider;
+ }
+
+ /**
+ * <p>
+ * Parses the {@code ClaimsProcessors} section of the STS configuration file.
+ * </p>
+ *
+ * @param xmlEventReader the reader used to parse the XML configuration file.
+ * @return a {@code ClaimsProcessorsType} instance that contains the parsed data.
+ * @throws ParsingException if an error occurs while parsing the XML file.
+ */
+ private ClaimsProcessorsType parseClaimsProcessors(XMLEventReader xmlEventReader)
throws ParsingException
+ {
+ StartElement startElement = StaxParserUtil.getNextStartElement(xmlEventReader);
+ StaxParserUtil.validate(startElement, CLAIMS_PROCESSORS_ELEMENT);
+
+ ClaimsProcessorsType claimsProcessors = new ClaimsProcessorsType();
+
+ // parse all claims processors one by one.
+ while (xmlEventReader.hasNext())
+ {
+ XMLEvent xmlEvent = StaxParserUtil.peek(xmlEventReader);
+ if (xmlEvent == null)
+ break;
+ if (xmlEvent instanceof EndElement)
+ {
+ EndElement endElement = (EndElement)
StaxParserUtil.getNextEvent(xmlEventReader);
+ String endElementName = StaxParserUtil.getEndElementName(endElement);
+ if (endElementName.equals(CLAIMS_PROCESSORS_ELEMENT))
+ break;
+ else
+ throw new RuntimeException("Unknown End Element:" +
endElementName);
+ }
+
+ StartElement subEvent = StaxParserUtil.peekNextStartElement(xmlEventReader);
+ if (subEvent == null)
+ break;
+ String elementName = StaxParserUtil.getStartElementName(subEvent);
+
+ if (CLAIMS_PROCESSOR_ELEMENT.equalsIgnoreCase(elementName))
+ {
+ subEvent = StaxParserUtil.getNextStartElement(xmlEventReader);
+ StaxParserUtil.validate(subEvent, CLAIMS_PROCESSOR_ELEMENT);
+ ClaimsProcessorType claimsProcessor = new ClaimsProcessorType();
+
+ // parse the processor attributes (class and dialect).
+ QName attributeQName = new QName("", PROCESSOR_CLASS_ATTRIB);
+ Attribute attribute = subEvent.getAttributeByName(attributeQName);
+ if (attribute != null)
+
claimsProcessor.setProcessorClass(StaxParserUtil.getAttributeValue(attribute));
+ attributeQName = new QName("", DIALECT_ATTRIB);
+ attribute = subEvent.getAttributeByName(attributeQName);
+ if (attribute != null)
+ claimsProcessor.setDialect(StaxParserUtil.getAttributeValue(attribute));
+
+ // parse the processor properties.
+ while (xmlEventReader.hasNext())
+ {
+ xmlEvent = StaxParserUtil.peek(xmlEventReader);
+ if (xmlEvent == null)
+ break;
+ if (xmlEvent instanceof EndElement)
+ {
+ EndElement endElement = (EndElement)
StaxParserUtil.getNextEvent(xmlEventReader);
+ String endElementName = StaxParserUtil.getEndElementName(endElement);
+ if (endElementName.equals(CLAIMS_PROCESSOR_ELEMENT))
+ break;
+ else
+ throw new RuntimeException("Unknown End Element:" +
endElementName);
+ }
+
+ subEvent = StaxParserUtil.peekNextStartElement(xmlEventReader);
+ if (subEvent == null)
+ break;
+ elementName = StaxParserUtil.getStartElementName(subEvent);
+ if (PROPERTY_ELEMENT.equalsIgnoreCase(elementName))
+ {
+ // parse the property key and value.
+ subEvent = StaxParserUtil.getNextStartElement(xmlEventReader);
+ KeyValueType keyValue = new KeyValueType();
+ // parse the key and value attributes.
+ attributeQName = new QName("", KEY_ATTRIB);
+ attribute = subEvent.getAttributeByName(attributeQName);
+ if (attribute != null)
+ keyValue.setKey(StaxParserUtil.getAttributeValue(attribute));
+ attributeQName = new QName("", VALUE_ATTRIB);
+ attribute = subEvent.getAttributeByName(attributeQName);
+ if (attribute != null)
+ keyValue.setValue(StaxParserUtil.getAttributeValue(attribute));
+
+ EndElement endElement =
StaxParserUtil.getNextEndElement(xmlEventReader);
+ StaxParserUtil.validate(endElement, PROPERTY_ELEMENT);
+ claimsProcessor.getProperty().add(keyValue);
+ }
+ else
+ throw new ParsingException("Unknown Element: " +
elementName);
+ }
+ claimsProcessors.getClaimsProcessor().add(claimsProcessor);
+ }
+ else
+ throw new ParsingException("Unknown Element: " + elementName);
+ }
+ return claimsProcessors;
+ }
+
+ /**
+ * <p>
+ * Parses the {@code TokenProviders} section of the STS configuration file.
+ * </p>
+ *
+ * @param xmlEventReader the reader used to parse the XML configuration file.
+ * @return a {@code TokenProvidersType} instance that contains the parsed data.
+ * @throws ParsingException if an error occurs while parsing the XML file.
+ */
+ private TokenProvidersType parseTokenProviders(XMLEventReader xmlEventReader) throws
ParsingException
+ {
+ StartElement startElement = StaxParserUtil.getNextStartElement(xmlEventReader);
+ StaxParserUtil.validate(startElement, TOKEN_PROVIDERS_ELEMENT);
+
+ TokenProvidersType tokenProviders = new TokenProvidersType();
+
+ // parse all token providers one by one.
+ while (xmlEventReader.hasNext())
+ {
+ XMLEvent xmlEvent = StaxParserUtil.peek(xmlEventReader);
+ if (xmlEvent == null)
+ break;
+ if (xmlEvent instanceof EndElement)
+ {
+ EndElement endElement = (EndElement)
StaxParserUtil.getNextEvent(xmlEventReader);
+ String endElementName = StaxParserUtil.getEndElementName(endElement);
+ if (endElementName.equals(TOKEN_PROVIDERS_ELEMENT))
+ break;
+ else
+ throw new RuntimeException("Unknown End Element:" +
endElementName);
+ }
+
+ StartElement subEvent = StaxParserUtil.peekNextStartElement(xmlEventReader);
+ if (subEvent == null)
+ break;
+ String elementName = StaxParserUtil.getStartElementName(subEvent);
+
+ if (TOKEN_PROVIDER_ELEMENT.equalsIgnoreCase(elementName))
+ {
+ subEvent = StaxParserUtil.getNextStartElement(xmlEventReader);
+ StaxParserUtil.validate(subEvent, TOKEN_PROVIDER_ELEMENT);
+ TokenProviderType tokenProvider = new TokenProviderType();
+
+ // parse the provider attributes (provider class, token type, token element,
token namespace).
+ QName attributeQName = new QName("", PROVIDER_CLASS_ATTRIB);
+ Attribute attribute = subEvent.getAttributeByName(attributeQName);
+ if (attribute != null)
+
tokenProvider.setProviderClass(StaxParserUtil.getAttributeValue(attribute));
+ attributeQName = new QName("", TOKEN_TYPE_ATTRIB);
+ attribute = subEvent.getAttributeByName(attributeQName);
+ if (attribute != null)
+ tokenProvider.setTokenType(StaxParserUtil.getAttributeValue(attribute));
+ attributeQName = new QName("", TOKEN_ELEMENT_ATTRIB);
+ attribute = subEvent.getAttributeByName(attributeQName);
+ if (attribute != null)
+
tokenProvider.setTokenElement(StaxParserUtil.getAttributeValue(attribute));
+ attributeQName = new QName("", TOKEN_ELEMENT_NS_ATTRIB);
+ attribute = subEvent.getAttributeByName(attributeQName);
+ if (attribute != null)
+
tokenProvider.setTokenElementNS(StaxParserUtil.getAttributeValue(attribute));
+
+ // parse the provider properties.
+ while (xmlEventReader.hasNext())
+ {
+ xmlEvent = StaxParserUtil.peek(xmlEventReader);
+ if (xmlEvent == null)
+ break;
+ if (xmlEvent instanceof EndElement)
+ {
+ EndElement endElement = (EndElement)
StaxParserUtil.getNextEvent(xmlEventReader);
+ String endElementName = StaxParserUtil.getEndElementName(endElement);
+ if (endElementName.equals(TOKEN_PROVIDER_ELEMENT))
+ break;
+ else
+ throw new RuntimeException("Unknown End Element:" +
endElementName);
+ }
+
+ subEvent = StaxParserUtil.peekNextStartElement(xmlEventReader);
+ if (subEvent == null)
+ break;
+ elementName = StaxParserUtil.getStartElementName(subEvent);
+ if (PROPERTY_ELEMENT.equalsIgnoreCase(elementName))
+ {
+ // parse the property key and value.
+ subEvent = StaxParserUtil.getNextStartElement(xmlEventReader);
+ KeyValueType keyValue = new KeyValueType();
+ // parse the key and value attributes.
+ attributeQName = new QName("", KEY_ATTRIB);
+ attribute = subEvent.getAttributeByName(attributeQName);
+ if (attribute != null)
+ keyValue.setKey(StaxParserUtil.getAttributeValue(attribute));
+ attributeQName = new QName("", VALUE_ATTRIB);
+ attribute = subEvent.getAttributeByName(attributeQName);
+ if (attribute != null)
+ keyValue.setValue(StaxParserUtil.getAttributeValue(attribute));
+
+ EndElement endElement =
StaxParserUtil.getNextEndElement(xmlEventReader);
+ StaxParserUtil.validate(endElement, PROPERTY_ELEMENT);
+ tokenProvider.getProperty().add(keyValue);
+ }
+ else
+ throw new ParsingException("Unknown Element: " +
elementName);
+ }
+ tokenProviders.getTokenProvider().add(tokenProvider);
+ }
+ else
+ throw new ParsingException("Unknown Element: " + elementName);
+ }
+ return tokenProviders;
+ }
+
+ /**
+ * <p>
+ * Parses the {@code ServiceProviders} section of the STS configuration file.
+ * </p>
+ *
+ * @param xmlEventReader the reader used to parse the XML configuration file.
+ * @return a {@code ServiceProvidersType} instance that contains the parsed data.
+ * @throws ParsingException if an error occurs while parsing the XML file.
+ */
+ private ServiceProvidersType parseServiceProviders(XMLEventReader xmlEventReader)
throws ParsingException
+ {
+ StartElement startElement = StaxParserUtil.getNextStartElement(xmlEventReader);
+ StaxParserUtil.validate(startElement, SERVICE_PROVIDERS_ELEMENT);
+
+ ServiceProvidersType serviceProviders = new ServiceProvidersType();
+
+ // parse all token providers one by one.
+ while (xmlEventReader.hasNext())
+ {
+ XMLEvent xmlEvent = StaxParserUtil.peek(xmlEventReader);
+ if (xmlEvent == null)
+ break;
+ if (xmlEvent instanceof EndElement)
+ {
+ EndElement endElement = (EndElement)
StaxParserUtil.getNextEvent(xmlEventReader);
+ String endElementName = StaxParserUtil.getEndElementName(endElement);
+ if (endElementName.equals(SERVICE_PROVIDERS_ELEMENT))
+ break;
+ else
+ throw new RuntimeException("Unknown End Element:" +
endElementName);
+ }
+
+ StartElement subEvent = StaxParserUtil.peekNextStartElement(xmlEventReader);
+ if (subEvent == null)
+ break;
+ String elementName = StaxParserUtil.getStartElementName(subEvent);
+
+ if (SERVICE_PROVIDER_ELEMENT.equalsIgnoreCase(elementName))
+ {
+ subEvent = StaxParserUtil.getNextStartElement(xmlEventReader);
+ StaxParserUtil.validate(subEvent, SERVICE_PROVIDER_ELEMENT);
+ ServiceProviderType serviceProvider = new ServiceProviderType();
+
+ // parse the provider attributes (endpoint, token type and truststore
alias).
+ QName attributeQName = new QName("", TOKEN_TYPE_ATTRIB);
+ Attribute attribute = subEvent.getAttributeByName(attributeQName);
+ if (attribute != null)
+
serviceProvider.setTokenType(StaxParserUtil.getAttributeValue(attribute));
+ attributeQName = new QName("", ENDPOINT_ATTRIB);
+ attribute = subEvent.getAttributeByName(attributeQName);
+ if (attribute != null)
+ serviceProvider.setEndpoint(StaxParserUtil.getAttributeValue(attribute));
+ attributeQName = new QName("", TRUSTSTORE_ALIAS_ATTRIB);
+ attribute = subEvent.getAttributeByName(attributeQName);
+ if (attribute != null)
+
serviceProvider.setTruststoreAlias(StaxParserUtil.getAttributeValue(attribute));
+
+ EndElement endElement = StaxParserUtil.getNextEndElement(xmlEventReader);
+ StaxParserUtil.validate(endElement, SERVICE_PROVIDER_ELEMENT);
+ serviceProviders.getServiceProvider().add(serviceProvider);
+ }
+ else
+ throw new ParsingException("Unknown Element: " + elementName);
+ }
+ return serviceProviders;
+ }
+}
Modified:
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/sts/PicketLinkCoreSTS.java
===================================================================
---
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/sts/PicketLinkCoreSTS.java 2011-02-01
15:48:43 UTC (rev 695)
+++
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/sts/PicketLinkCoreSTS.java 2011-02-01
18:22:40 UTC (rev 696)
@@ -35,9 +35,9 @@
import org.picketlink.identity.federation.core.exceptions.ProcessingException;
import org.picketlink.identity.federation.core.interfaces.ProtocolContext;
import org.picketlink.identity.federation.core.interfaces.SecurityTokenProvider;
+import org.picketlink.identity.federation.core.parsers.sts.STSConfigParser;
import org.picketlink.identity.federation.core.wstrust.PicketLinkSTSConfiguration;
import org.picketlink.identity.federation.core.wstrust.STSConfiguration;
-import org.picketlink.identity.federation.core.wstrust.WSTrustUtil;
/**
* <p>
@@ -315,7 +315,7 @@
}
InputStream stream = configurationFileURL.openStream();
- STSType stsConfig = WSTrustUtil.getSTSConfiguration(stream);
+ STSType stsConfig = (STSType) new STSConfigParser().parse(stream);
STSConfiguration configuration = new PicketLinkSTSConfiguration(stsConfig);
if (logger.isInfoEnabled())
logger.info( fileName + " configuration file loaded");
Modified:
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/PicketLinkSTS.java
===================================================================
---
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/PicketLinkSTS.java 2011-02-01
15:48:43 UTC (rev 695)
+++
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/PicketLinkSTS.java 2011-02-01
18:22:40 UTC (rev 696)
@@ -37,6 +37,7 @@
import org.apache.log4j.Logger;
import org.picketlink.identity.federation.core.config.STSType;
import org.picketlink.identity.federation.core.exceptions.ConfigurationException;
+import org.picketlink.identity.federation.core.parsers.sts.STSConfigParser;
import org.picketlink.identity.federation.core.parsers.wst.WSTrustParser;
import org.picketlink.identity.federation.core.saml.v2.util.DocumentUtil;
import
org.picketlink.identity.federation.core.wstrust.wrappers.BaseRequestSecurityToken;
@@ -238,7 +239,7 @@
}
InputStream stream = configurationFileURL.openStream();
- STSType stsConfig = WSTrustUtil.getSTSConfiguration(stream);
+ STSType stsConfig = (STSType) new STSConfigParser().parse(stream);
STSConfiguration configuration = new PicketLinkSTSConfiguration(stsConfig);
if (logger.isInfoEnabled())
logger.info(STS_CONFIG_FILE + " configuration file loaded");
Modified:
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/StandardRequestHandler.java
===================================================================
---
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/StandardRequestHandler.java 2011-02-01
15:48:43 UTC (rev 695)
+++
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/StandardRequestHandler.java 2011-02-01
18:22:40 UTC (rev 696)
@@ -273,7 +273,7 @@
}
catch (ProcessingException e)
{
- throw new WSTrustException( "Exception during token issue::", e );
+ throw new WSTrustException(e.getMessage(), e);
}
if (requestContext.getSecurityToken() == null)
@@ -398,7 +398,7 @@
}
catch (ProcessingException e)
{
- throw new WSTrustException( "Exception during token renewal:", e );
+ throw new WSTrustException(e.getMessage(), e);
}
// create the WS-Trust response with the renewed token.
@@ -513,7 +513,7 @@
}
catch (ProcessingException e)
{
- throw new WSTrustException( "Exception during token validation:", e
);
+ throw new WSTrustException(e.getMessage(), e);
}
status = context.getStatus();
}
@@ -570,7 +570,7 @@
}
catch (ProcessingException e)
{
- throw new WSTrustException( "Exception during token cancellation:", e
);
+ throw new WSTrustException(e.getMessage(), e);
}
// if no exception has been raised, the token has been successfully canceled.
Modified:
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/WSTrustUtil.java
===================================================================
---
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/WSTrustUtil.java 2011-02-01
15:48:43 UTC (rev 695)
+++
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/WSTrustUtil.java 2011-02-01
18:22:40 UTC (rev 696)
@@ -21,7 +21,6 @@
*/
package org.picketlink.identity.federation.core.wstrust;
-import java.io.InputStream;
import java.io.OutputStream;
import java.net.URI;
import java.security.InvalidKeyException;
@@ -282,21 +281,6 @@
/**
* <p>
- * Given a stream of xml configuration (such as picketlink-sts.xml), return the
{@code STSType}
- * </p>
- * @param stream
- * @return {@code STSType}
- * @throws JAXBException
- */
- public static STSType getSTSConfiguration(InputStream stream) throws JAXBException
- {
- String pkgName = "org.picketlink.identity.federation.core.config";
- JAXBElement<STSType> element = (JAXBElement<STSType>)
JAXBUtil.getUnmarshaller(pkgName).unmarshal(stream);
- return element.getValue();
- }
-
- /**
- * <p>
* Marshall the {@code STSType} to an outputstream
* </p>
* @param stsConfiguration
Added:
federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/config/STSConfigParserUnitTestCase.java
===================================================================
---
federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/config/STSConfigParserUnitTestCase.java
(rev 0)
+++
federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/config/STSConfigParserUnitTestCase.java 2011-02-01
18:22:40 UTC (rev 696)
@@ -0,0 +1,152 @@
+/*
+ * JBoss, Home of Professional Open Source. Copyright 2009, Red Hat Middleware LLC, and
individual contributors as
+ * indicated by the @author tags. See the copyright.txt file in the distribution for a
full listing of individual
+ * contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it under the terms of the
GNU Lesser General Public
+ * License as published by the Free Software Foundation; either version 2.1 of the
License, or (at your option) any
+ * later version.
+ *
+ * This software is distributed in the hope that it will be useful, but WITHOUT ANY
WARRANTY; without even the implied
+ * warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser
General Public License for more
+ * details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License along with
this software; if not, write to
+ * the Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301
USA, or see the FSF site:
+ *
http://www.fsf.org.
+ */
+package org.picketlink.test.identity.federation.core.config;
+
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertNotNull;
+import static org.junit.Assert.assertNull;
+
+import java.io.InputStream;
+import java.util.List;
+
+import org.junit.Test;
+import org.picketlink.identity.federation.core.config.AuthPropertyType;
+import org.picketlink.identity.federation.core.config.ClaimsProcessorType;
+import org.picketlink.identity.federation.core.config.KeyProviderType;
+import org.picketlink.identity.federation.core.config.KeyValueType;
+import org.picketlink.identity.federation.core.config.STSType;
+import org.picketlink.identity.federation.core.config.ServiceProviderType;
+import org.picketlink.identity.federation.core.config.TokenProviderType;
+import org.picketlink.identity.federation.core.parsers.sts.STSConfigParser;
+
+/**
+ * <p>
+ * This class tests the STS configuration file parser.
+ * </p>
+ *
+ * @author <a href="mailto:sguilhen@redhat.com">Stefan Guilhen</a>
+ */
+public class STSConfigParserUnitTestCase
+{
+
+ /**
+ * <p>
+ * Parses a sample configuration file and verifies if the all data has been extracted
as expected.
+ * </p>
+ *
+ * @throws Exception if an error occurs while running the test.
+ */
+ @Test
+ public void testSTSConfiguration() throws Exception
+ {
+ ClassLoader tcl = Thread.currentThread().getContextClassLoader();
+ InputStream configStream =
tcl.getResourceAsStream("parser/config/picketlink-sts.xml");
+
+ // parse the test configuration file.
+ STSConfigParser parser = new STSConfigParser();
+ STSType stsType = (STSType) parser.parse(configStream);
+
+ // check if the STS attributes have been correctly set, including the ones with
default values.
+ assertEquals("PicketLinkSTS", stsType.getSTSName());
+ assertEquals(7200, stsType.getTokenTimeout());
+ assertEquals(true, stsType.isSignToken());
+ assertEquals(false, stsType.isEncryptToken());
+
assertEquals("http://www.w3.org/2001/10/xml-exc-c14n#WithComments",
stsType.getCanonicalizationMethod());
+
+ // check if the key provider has been set according to the configuration file.
+ KeyProviderType keyProvider = stsType.getKeyProvider();
+ assertNotNull(keyProvider);
+
assertEquals("org.picketlink.identity.federation.core.impl.KeyStoreKeyManager",
keyProvider.getClassName());
+ assertNull(keyProvider.getSigningAlias());
+ List<AuthPropertyType> authProperties = keyProvider.getAuth();
+ assertEquals(4, authProperties.size());
+ assertEquals("KeyStoreURL", authProperties.get(0).getKey());
+ assertEquals("sts_keystore.jks", authProperties.get(0).getValue());
+ assertEquals("KeyStorePass", authProperties.get(1).getKey());
+ assertEquals("testpass", authProperties.get(1).getValue());
+ assertEquals("SigningKeyAlias", authProperties.get(2).getKey());
+ assertEquals("sts", authProperties.get(2).getValue());
+ assertEquals("SigningKeyPass", authProperties.get(3).getKey());
+ assertEquals("keypass", authProperties.get(3).getValue());
+ List<KeyValueType> validatingAliases = keyProvider.getValidatingAlias();
+ assertEquals(2, validatingAliases.size());
+
assertEquals("http://services.testcorp.org/provider1",
validatingAliases.get(0).getKey());
+ assertEquals("service1", validatingAliases.get(0).getValue());
+
assertEquals("http://services.testcorp.org/provider2",
validatingAliases.get(1).getKey());
+ assertEquals("service2", validatingAliases.get(1).getValue());
+
+ // check if the request handler has been set according to the configuration file.
+ assertNotNull(stsType.getRequestHandler());
+
assertEquals("org.picketlink.identity.federation.core.wstrust.StandardRequestHandler",
stsType
+ .getRequestHandler());
+
+ // check if the claims processors have been set according to the configuration
file.
+ assertNotNull(stsType.getClaimsProcessors());
+ List<ClaimsProcessorType> claimsProcessors =
stsType.getClaimsProcessors().getClaimsProcessor();
+ assertEquals(2, claimsProcessors.size());
+ ClaimsProcessorType claimsProcessor = claimsProcessors.get(0);
+ assertEquals("org.picketlink.test.Processor1",
claimsProcessor.getProcessorClass());
+ assertEquals("urn:test-org:test-dialect:1.0",
claimsProcessor.getDialect());
+ assertEquals(0, claimsProcessor.getProperty().size());
+ claimsProcessor = claimsProcessors.get(1);
+ assertEquals("org.picketlink.test.Processor2",
claimsProcessor.getProcessorClass());
+ assertEquals("urn:test-org:test-dialect:2.0",
claimsProcessor.getDialect());
+ assertEquals(1, claimsProcessor.getProperty().size());
+ assertEquals("SomeKey", claimsProcessor.getProperty().get(0).getKey());
+ assertEquals("SomeValue",
claimsProcessor.getProperty().get(0).getValue());
+
+ // check if the token providers have been set according to the configuration file.
+ assertNotNull(stsType.getTokenProviders());
+ List<TokenProviderType> tokenProviders =
stsType.getTokenProviders().getTokenProvider();
+ assertEquals(2, tokenProviders.size());
+ TokenProviderType tokenProvider = tokenProviders.get(0);
+
assertEquals("org.picketlink.test.identity.federation.core.wstrust.SpecialTokenProvider",
tokenProvider
+ .getProviderClass());
+
assertEquals("http://www.tokens.org/SpecialToken",
tokenProvider.getTokenType());
+ assertEquals("SpecialToken", tokenProvider.getTokenElement());
+ assertEquals("http://www.tokens.org",
tokenProvider.getTokenElementNS());
+ assertEquals(2, tokenProvider.getProperty().size());
+ assertEquals("Property1", tokenProvider.getProperty().get(0).getKey());
+ assertEquals("Value1", tokenProvider.getProperty().get(0).getValue());
+ assertEquals("Property2", tokenProvider.getProperty().get(1).getKey());
+ assertEquals("Value2", tokenProvider.getProperty().get(1).getValue());
+ tokenProvider = tokenProviders.get(1);
+
assertEquals("org.picketlink.identity.federation.core.wstrust.plugins.saml.SAML20TokenProvider",
tokenProvider
+ .getProviderClass());
+
assertEquals("http://docs.oasis-open.org/wss/oasis-wss-saml-token-pr...;,
tokenProvider
+ .getTokenType());
+ assertEquals("Assertion", tokenProvider.getTokenElement());
+ assertEquals("urn:oasis:names:tc:SAML:2.0:assertion",
tokenProvider.getTokenElementNS());
+ assertEquals(0, tokenProvider.getProperty().size());
+
+ // finally check if the service providers have been set according to the
configuration file.
+ assertNotNull(stsType.getServiceProviders());
+ List<ServiceProviderType> serviceProviders =
stsType.getServiceProviders().getServiceProvider();
+ assertEquals(2, serviceProviders.size());
+ ServiceProviderType serviceProvider = serviceProviders.get(0);
+
assertEquals("http://services.testcorp.org/provider1",
serviceProvider.getEndpoint());
+
assertEquals("http://docs.oasis-open.org/wss/oasis-wss-saml-token-pr...;,
serviceProvider
+ .getTokenType());
+ assertEquals("service1", serviceProvider.getTruststoreAlias());
+ serviceProvider = serviceProviders.get(1);
+
assertEquals("http://services.testcorp.org/provider2",
serviceProvider.getEndpoint());
+
assertEquals("http://www.tokens.org/SpecialToken", serviceProvider
+ .getTokenType());
+ assertEquals("service2", serviceProvider.getTruststoreAlias());
+ }
+}
Modified:
federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/wstrust/PicketLinkSTSUnitTestCase.java
===================================================================
---
federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/wstrust/PicketLinkSTSUnitTestCase.java 2011-02-01
15:48:43 UTC (rev 695)
+++
federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/wstrust/PicketLinkSTSUnitTestCase.java 2011-02-01
18:22:40 UTC (rev 696)
@@ -48,6 +48,7 @@
import org.picketlink.identity.federation.core.exceptions.ConfigurationException;
import org.picketlink.identity.federation.core.exceptions.ParsingException;
import org.picketlink.identity.federation.core.interfaces.SecurityTokenProvider;
+import org.picketlink.identity.federation.core.parsers.sts.STSConfigParser;
import org.picketlink.identity.federation.core.parsers.wst.WSTrustParser;
import org.picketlink.identity.federation.core.saml.v2.common.IDGenerator;
import org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLConstants;
@@ -1384,7 +1385,7 @@
URL configURL =
Thread.currentThread().getContextClassLoader().getResource(configFileName);
stream = configURL.openStream();
- STSType stsConfig = WSTrustUtil.getSTSConfiguration(stream);
+ STSType stsConfig = (STSType) new STSConfigParser().parse(stream);
return new PicketLinkSTSConfiguration(stsConfig);
}
catch (Exception e)
Modified:
federation/trunk/picketlink-fed-core/src/test/resources/parser/config/picketlink-sts.xml
===================================================================
---
federation/trunk/picketlink-fed-core/src/test/resources/parser/config/picketlink-sts.xml 2011-02-01
15:48:43 UTC (rev 695)
+++
federation/trunk/picketlink-fed-core/src/test/resources/parser/config/picketlink-sts.xml 2011-02-01
18:22:40 UTC (rev 696)
@@ -6,8 +6,23 @@
<Auth Key="SigningKeyAlias" Value="sts"/>
<Auth Key="SigningKeyPass" Value="keypass"/>
<ValidatingAlias
Key="http://services.testcorp.org/provider1"
Value="service1"/>
+ <ValidatingAlias
Key="http://services.testcorp.org/provider2"
Value="service2"/>
</KeyProvider>
+ <RequestHandler>org.picketlink.identity.federation.core.wstrust.StandardRequestHandler</RequestHandler>
+ <ClaimsProcessors>
+ <ClaimsProcessor ProcessorClass="org.picketlink.test.Processor1"
Dialect="urn:test-org:test-dialect:1.0"/>
+ <ClaimsProcessor ProcessorClass="org.picketlink.test.Processor2"
Dialect="urn:test-org:test-dialect:2.0">
+ <Property Key="SomeKey" Value="SomeValue"/>
+ </ClaimsProcessor>
+ </ClaimsProcessors>
<TokenProviders>
+ <TokenProvider
ProviderClass="org.picketlink.test.identity.federation.core.wstrust.SpecialTokenProvider"
+
TokenType="http://www.tokens.org/SpecialToken"
+ TokenElement="SpecialToken"
+ TokenElementNS="http://www.tokens.org">
+ <Property Key="Property1" Value="Value1"/>
+ <Property Key="Property2" Value="Value2"/>
+ </TokenProvider>
<TokenProvider
ProviderClass="org.picketlink.identity.federation.core.wstrust.plugins.saml.SAML20TokenProvider"
TokenType="http://docs.oasis-open.org/wss/oasis-wss-saml-token-profi...
TokenElement="Assertion"
@@ -16,5 +31,7 @@
<ServiceProviders>
<ServiceProvider
Endpoint="http://services.testcorp.org/provider1"
TokenType="http://docs.oasis-open.org/wss/oasis-wss-saml-token-profi...
TruststoreAlias="service1"/>
+ <ServiceProvider
Endpoint="http://services.testcorp.org/provider2"
TokenType="http://www.tokens.org/SpecialToken"
+ TruststoreAlias="service2"/>
</ServiceProviders>
</PicketLinkSTS>