Author: anil.saldhana(a)jboss.com
Date: 2010-11-30 20:16:08 -0500 (Tue, 30 Nov 2010)
New Revision: 578
Modified:
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLAssertionParser.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/factories/SAMLAssertionFactory.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/SAMLAssertionWriter.java
federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/wstrust/PicketLinkSTSUnitTestCase.java
Log:
fixes
Modified:
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLAssertionParser.java
===================================================================
---
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLAssertionParser.java 2010-12-01
00:48:57 UTC (rev 577)
+++
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLAssertionParser.java 2010-12-01
01:16:08 UTC (rev 578)
@@ -126,7 +126,24 @@
if( tag.equals( JBossSAMLConstants.SIGNATURE.get() ) )
{
- StaxParserUtil.bypassElementBlock(xmlEventReader,
JBossSAMLConstants.SIGNATURE.get() );
+ Document resultDocument;
+ try
+ {
+ resultDocument = DocumentUtil.createDocument();
+ DOMResult domResult = new DOMResult( resultDocument );
+
+ //Let us parse <b><c><d> using transformer
+ StAXSource source = new StAXSource(xmlEventReader);
+
+ Transformer transformer =
TransformerUtil.getStaxSourceToDomResultTransformer();
+ transformer.transform( source, domResult );
+ }
+ catch ( Exception e)
+ {
+ throw new RuntimeException( e );
+ }
+
+ assertion.setSignature( resultDocument.getDocumentElement() );
continue;
}
Modified:
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/factories/SAMLAssertionFactory.java
===================================================================
---
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/factories/SAMLAssertionFactory.java 2010-12-01
00:48:57 UTC (rev 577)
+++
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/factories/SAMLAssertionFactory.java 2010-12-01
01:16:08 UTC (rev 578)
@@ -167,6 +167,7 @@
SubjectType.STSubType subType = new SubjectType.STSubType();
subType.addConfirmation(confirmation);
subType.addBaseID(nameID);
+ subject.setSubType(subType);
}
return subject;
}
Modified:
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/SAMLAssertionWriter.java
===================================================================
---
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/SAMLAssertionWriter.java 2010-12-01
00:48:57 UTC (rev 577)
+++
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/SAMLAssertionWriter.java 2010-12-01
01:16:08 UTC (rev 578)
@@ -39,10 +39,12 @@
import org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLURIConstants;
import org.picketlink.identity.federation.core.util.StaxUtil;
import org.picketlink.identity.federation.core.util.StringUtil;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AdviceType;
import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AssertionType;
import
org.picketlink.identity.federation.newmodel.saml.v2.assertion.AttributeStatementType;
import
org.picketlink.identity.federation.newmodel.saml.v2.assertion.AttributeStatementType.ASTChoiceType;
import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AttributeType;
+import
org.picketlink.identity.federation.newmodel.saml.v2.assertion.AudienceRestrictionType;
import
org.picketlink.identity.federation.newmodel.saml.v2.assertion.AuthnContextClassRefType;
import
org.picketlink.identity.federation.newmodel.saml.v2.assertion.AuthnContextDeclRefType;
import
org.picketlink.identity.federation.newmodel.saml.v2.assertion.AuthnContextDeclType;
@@ -50,6 +52,8 @@
import
org.picketlink.identity.federation.newmodel.saml.v2.assertion.AuthnContextType.AuthnContextTypeSequence;
import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AuthnStatementType;
import org.picketlink.identity.federation.newmodel.saml.v2.assertion.BaseIDAbstractType;
+import
org.picketlink.identity.federation.newmodel.saml.v2.assertion.ConditionAbstractType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.ConditionsType;
import
org.picketlink.identity.federation.newmodel.saml.v2.assertion.EncryptedElementType;
import org.picketlink.identity.federation.newmodel.saml.v2.assertion.NameIDType;
import
org.picketlink.identity.federation.newmodel.saml.v2.assertion.StatementAbstractType;
@@ -98,8 +102,46 @@
write(subject);
}
- //TODO: conditions and advice
+ ConditionsType conditions = assertion.getConditions();
+ if( conditions != null )
+ {
+ StaxUtil.writeStartElement( writer, ASSERTION_PREFIX,
JBossSAMLConstants.CONDITIONS.get() , ASSERTION_NSURI.get() );
+
+ StaxUtil.writeAttribute( writer, JBossSAMLConstants.NOT_BEFORE.get(),
conditions.getNotBefore().toString() );
+ StaxUtil.writeAttribute( writer, JBossSAMLConstants.NOT_ON_OR_AFTER.get(),
conditions.getNotOnOrAfter().toString() );
+
+ List<ConditionAbstractType> typeOfConditions =
conditions.getConditions();
+ if( typeOfConditions != null )
+ {
+ for( ConditionAbstractType typeCondition: typeOfConditions )
+ {
+ if( typeCondition instanceof AudienceRestrictionType )
+ {
+ AudienceRestrictionType art = (AudienceRestrictionType) typeCondition;
+ StaxUtil.writeStartElement( writer, ASSERTION_PREFIX,
JBossSAMLConstants.AUDIENCE_RESTRICTION.get() , ASSERTION_NSURI.get() );
+ List<URI> audiences = art.getAudience();
+ if( audiences != null )
+ {
+ for( URI audience: audiences )
+ {
+ StaxUtil.writeStartElement( writer, ASSERTION_PREFIX,
JBossSAMLConstants.AUDIENCE.get() , ASSERTION_NSURI.get() );
+ StaxUtil.writeCharacters(writer, audience.toString() );
+ StaxUtil.writeEndElement( writer);
+ }
+ }
+
+ StaxUtil.writeEndElement( writer);
+ }
+ }
+ }
+
+ StaxUtil.writeEndElement( writer);
+ }
+ AdviceType advice = assertion.getAdvice();
+ if( advice != null )
+ throw new RuntimeException( "Advice needs to be handled" );
+
Set<StatementAbstractType> statements = assertion.getStatements();
if( statements != null )
{
Modified:
federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/wstrust/PicketLinkSTSUnitTestCase.java
===================================================================
---
federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/wstrust/PicketLinkSTSUnitTestCase.java 2010-12-01
00:48:57 UTC (rev 577)
+++
federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/wstrust/PicketLinkSTSUnitTestCase.java 2010-12-01
01:16:08 UTC (rev 578)
@@ -371,7 +371,7 @@
AudienceRestrictionType audienceRestriction = (AudienceRestrictionType)
abstractType;
assertEquals("Unexpected audience restriction list size", 1,
audienceRestriction.getAudience().size());
assertEquals("Unexpected audience restriction item",
"http://services.testcorp.org/provider2",
- audienceRestriction.getAudience().get(0));
+ audienceRestriction.getAudience().get(0).toString());
}
/**
@@ -432,7 +432,7 @@
AssertionType assertion = this.validateSAMLAssertionResponse(baseResponse,
"testcontext", "jduke",
SAMLUtil.SAML2_HOLDER_OF_KEY_URI);
// validate the holder of key contents.
- SubjectConfirmationType subjConfirmation = (SubjectConfirmationType)
assertion.getSubject().getConfirmation().get(1);
+ SubjectConfirmationType subjConfirmation = (SubjectConfirmationType)
assertion.getSubject().getConfirmation().get(0);
this.validateHolderOfKeyContents(subjConfirmation,
WSTrustConstants.KEY_TYPE_SYMMETRIC, null, false);
// check if the response contains the STS-generated key.
@@ -1173,7 +1173,7 @@
assertEquals("Unexpected name id qualifier",
"urn:picketlink:identity-federation", nameID.getNameQualifier());
assertEquals("Unexpected name id value", principal, nameID.getValue());
- SubjectConfirmationType subjType = (SubjectConfirmationType)
subject.getConfirmation().get(1);
+ SubjectConfirmationType subjType = (SubjectConfirmationType)
subject.getConfirmation().get(0);
assertEquals("Unexpected confirmation method", confirmationMethod,
subjType.getMethod());
// validate the assertion conditions.