Author: anil.saldhana(a)jboss.com
Date: 2011-02-22 20:23:09 -0500 (Tue, 22 Feb 2011)
New Revision: 764
Added:
federation/trunk/picketlink-fed-core/src/test/resources/saml2/metadata/shib.idp-metadata.xml
Modified:
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/metadata/SAMLEntitiesDescriptorParser.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/metadata/SAMLEntityDescriptorParser.java
federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/saml/v2/metadata/SAMLMetadataParsingUnitTestCase.java
federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/newmodel/saml/v2/metadata/EntitiesDescriptorType.java
federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/newmodel/saml/v2/metadata/EntityDescriptorType.java
Log:
PLFED-139: update saml metadata parsing
Modified:
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/metadata/SAMLEntitiesDescriptorParser.java
===================================================================
---
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/metadata/SAMLEntitiesDescriptorParser.java 2011-02-22
21:00:35 UTC (rev 763)
+++
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/metadata/SAMLEntitiesDescriptorParser.java 2011-02-23
01:23:09 UTC (rev 764)
@@ -23,6 +23,7 @@
import javax.xml.namespace.QName;
import javax.xml.stream.XMLEventReader;
+import javax.xml.stream.events.Attribute;
import javax.xml.stream.events.EndElement;
import javax.xml.stream.events.StartElement;
import javax.xml.stream.events.XMLEvent;
@@ -32,6 +33,7 @@
import org.picketlink.identity.federation.core.parsers.util.StaxParserUtil;
import org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLConstants;
import org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLURIConstants;
+import org.picketlink.identity.federation.core.saml.v2.util.XMLTimeUtil;
import
org.picketlink.identity.federation.newmodel.saml.v2.metadata.EntitiesDescriptorType;
/**
@@ -50,6 +52,26 @@
EntitiesDescriptorType entitiesDescriptorType = new EntitiesDescriptorType();
+ //Parse the attributes
+ Attribute validUntil = startElement.getAttributeByName( new QName(
JBossSAMLConstants.VALID_UNTIL.get() ));
+ if( validUntil != null )
+ {
+ String validUntilValue = StaxParserUtil.getAttributeValue(validUntil);
+ entitiesDescriptorType.setValidUntil( XMLTimeUtil.parse(validUntilValue));
+ }
+
+ Attribute id = startElement.getAttributeByName( new QName(
JBossSAMLConstants.ID.get() ));
+ if( id != null )
+ {
+ entitiesDescriptorType.setID( StaxParserUtil.getAttributeValue(id));
+ }
+
+ Attribute cacheDuration = startElement.getAttributeByName( new QName(
JBossSAMLConstants.CACHE_DURATION.get() ));
+ if( cacheDuration != null )
+ {
+ entitiesDescriptorType.setCacheDuration( XMLTimeUtil.parseAsDuration(
StaxParserUtil.getAttributeValue( cacheDuration )) );
+ }
+
//Get the Child Elements
while( xmlEventReader.hasNext() )
{
@@ -67,7 +89,20 @@
{
SAMLEntityDescriptorParser entityParser = new SAMLEntityDescriptorParser();
entitiesDescriptorType.addEntityDescriptor(
entityParser.parse(xmlEventReader));
- }
+ }
+ else if( JBossSAMLConstants.EXTENSIONS.get().equalsIgnoreCase( localPart ))
+ {
+ StaxParserUtil.bypassElementBlock( xmlEventReader,
JBossSAMLConstants.EXTENSIONS.get() );
+ }
+ else if( JBossSAMLConstants.ENTITIES_DESCRIPTOR.get().equalsIgnoreCase(
localPart ))
+ {
+ SAMLEntitiesDescriptorParser parser = new SAMLEntitiesDescriptorParser();
+ entitiesDescriptorType.addEntityDescriptor( parser.parse(xmlEventReader));
+ }
+ else if( localPart.equals( JBossSAMLConstants.SIGNATURE.get() ) )
+ {
+ entitiesDescriptorType.setSignature(
StaxParserUtil.getDOMElement(xmlEventReader) );
+ }
else
throw new RuntimeException( "Unknown " + localPart );
}
Modified:
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/metadata/SAMLEntityDescriptorParser.java
===================================================================
---
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/metadata/SAMLEntityDescriptorParser.java 2011-02-22
21:00:35 UTC (rev 763)
+++
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/metadata/SAMLEntityDescriptorParser.java 2011-02-23
01:23:09 UTC (rev 764)
@@ -132,6 +132,10 @@
EDTChoiceType edtChoice = EDTChoiceType.oneValue( edtDescChoice );
entityDescriptorType.addChoiceType(edtChoice);
}
+ else if( localPart.equals( JBossSAMLConstants.SIGNATURE.get() ) )
+ {
+ entityDescriptorType.setSignature(
StaxParserUtil.getDOMElement(xmlEventReader) );
+ }
else if( JBossSAMLConstants.ORGANIZATION.get().equals( localPart ))
{
OrganizationType organization = parseOrganization(xmlEventReader);
@@ -142,6 +146,10 @@
{
entityDescriptorType.addContactPerson( parseContactPerson(xmlEventReader));
}
+ else if( JBossSAMLConstants.EXTENSIONS.get().equalsIgnoreCase( localPart ))
+ {
+ StaxParserUtil.bypassElementBlock( xmlEventReader,
JBossSAMLConstants.EXTENSIONS.get() );
+ }
else
throw new RuntimeException( "Unknown " + localPart );
}
@@ -243,7 +251,7 @@
}
else if( JBossSAMLConstants.EXTENSIONS.get().equalsIgnoreCase( localPart ))
{
- skipMetadataExtensions(xmlEventReader);
+ StaxParserUtil.bypassElementBlock(xmlEventReader,
JBossSAMLConstants.EXTENSIONS.get() );
}
else
throw new RuntimeException( "Unknown " + localPart );
@@ -361,7 +369,7 @@
}
else if( JBossSAMLConstants.EXTENSIONS.get().equalsIgnoreCase( localPart ))
{
- skipMetadataExtensions(xmlEventReader);
+ StaxParserUtil.bypassElementBlock( xmlEventReader,
JBossSAMLConstants.EXTENSIONS.get() );
}
else
throw new RuntimeException( "Unknown " + localPart );
@@ -442,6 +450,10 @@
startElement = StaxParserUtil.getNextStartElement(xmlEventReader);
attributeAuthority.addNameIDFormat(
StaxParserUtil.getElementText(xmlEventReader) );
}
+ else if( JBossSAMLConstants.EXTENSIONS.get().equalsIgnoreCase( localPart ))
+ {
+ StaxParserUtil.bypassElementBlock( xmlEventReader,
JBossSAMLConstants.EXTENSIONS.get() );
+ }
else
throw new RuntimeException( "Unknown " + localPart );
@@ -489,7 +501,11 @@
LocalizedURIType localName = new LocalizedURIType( langVal );
localName.setValue( URI.create( StaxParserUtil.getElementText( xmlEventReader
)));
org.addOrganizationURL( localName ) ;
- }
+ }
+ else if( JBossSAMLConstants.EXTENSIONS.get().equalsIgnoreCase( localPart ))
+ {
+ StaxParserUtil.bypassElementBlock( xmlEventReader,
JBossSAMLConstants.EXTENSIONS.get() );
+ }
else
throw new RuntimeException( "Unknown " + localPart );
}
@@ -544,6 +560,10 @@
startElement = StaxParserUtil.getNextStartElement(xmlEventReader);
contactType.addTelephone( StaxParserUtil.getElementText(xmlEventReader) );
}
+ else if( JBossSAMLConstants.EXTENSIONS.get().equalsIgnoreCase( localPart ))
+ {
+ StaxParserUtil.bypassElementBlock( xmlEventReader,
JBossSAMLConstants.EXTENSIONS.get() );
+ }
else
throw new RuntimeException( "Unknown " + localPart );
}
@@ -643,7 +663,11 @@
{
RequestedAttributeType attType = parseRequestedAttributeType(xmlEventReader,
startElement);
attributeConsumer.addRequestedAttribute(attType);
- }
+ }
+ else if( JBossSAMLConstants.EXTENSIONS.get().equalsIgnoreCase( localPart ))
+ {
+ StaxParserUtil.bypassElementBlock( xmlEventReader,
JBossSAMLConstants.EXTENSIONS.get() );
+ }
else
throw new RuntimeException( "Unknown " + localPart );
}
@@ -671,20 +695,4 @@
SAMLParserUtil.parseAttributeType(xmlEventReader, startElement,
JBossSAMLConstants.REQUESTED_ATTRIBUTE.get(), attributeType);
return attributeType;
}
-
- private void skipMetadataExtensions( XMLEventReader xmlEventReader ) throws
ParsingException
- {
- //Got to skip
- String endElementVal = "bogus";
-
- EndElement endElement = null;
- do
- {
- endElement = StaxParserUtil.getNextEndElement(xmlEventReader);
- if( endElement == null )
- throw new RuntimeException( "Exhausted all end elements when entered
Saml MD Extensions" );
- endElementVal = StaxParserUtil.getEndElementName(endElement);
- }
- while( !endElementVal.equals( JBossSAMLConstants.EXTENSIONS.get() ));
- }
}
\ No newline at end of file
Modified:
federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/saml/v2/metadata/SAMLMetadataParsingUnitTestCase.java
===================================================================
---
federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/saml/v2/metadata/SAMLMetadataParsingUnitTestCase.java 2011-02-22
21:00:35 UTC (rev 763)
+++
federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/saml/v2/metadata/SAMLMetadataParsingUnitTestCase.java 2011-02-23
01:23:09 UTC (rev 764)
@@ -106,5 +106,11 @@
EntitiesDescriptorType entities = (EntitiesDescriptorType) parser.parse(is);
assertNotNull(entities);
+
+ is = tcl.getResourceAsStream("saml2/metadata/shib.idp-metadata.xml");
+ assertNotNull("Inputstream not null", is);
+
+ EntityDescriptorType entity = (EntityDescriptorType) parser.parse(is);
+ assertNotNull( entity );
}
}
\ No newline at end of file
Added:
federation/trunk/picketlink-fed-core/src/test/resources/saml2/metadata/shib.idp-metadata.xml
===================================================================
---
federation/trunk/picketlink-fed-core/src/test/resources/saml2/metadata/shib.idp-metadata.xml
(rev 0)
+++
federation/trunk/picketlink-fed-core/src/test/resources/saml2/metadata/shib.idp-metadata.xml 2011-02-23
01:23:09 UTC (rev 764)
@@ -0,0 +1,87 @@
+<EntityDescriptor
entityID="https://idp-sandbox.xxxyyy.com/idp/shibboleth"
+ xmlns="urn:oasis:names:tc:SAML:2.0:metadata"
+
xmlns:ds="http://www.w3.org/2000/09/xmldsig#"
+ xmlns:shibmd="urn:mace:shibboleth:metadata:1.0"
+
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
+
+ <IDPSSODescriptor protocolSupportEnumeration="urn:mace:shibboleth:1.0
urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+
+ <Extensions>
+ <shibmd:Scope regexp="false">xxxyyy.com</shibmd:Scope>
+ </Extensions>
+
+ <KeyDescriptor>
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509Certificate>
+....
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+
+ <ArtifactResolutionService
Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding"
+
Location="http://idp-sandbox.xxxyyy.com:8443/idp/profile/SAML1/SOAP/ArtifactResolution"
+ index="1"/>
+
+ <ArtifactResolutionService
Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP"
+
Location="http://idp-sandbox.xxxyyy.com:8443/idp/profile/SAML2/SOAP/ArtifactResolution"
+ index="2"/>
+
+ <SingleLogoutService
Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect"
+
Location="http://idp-sandbox.xxxyyy.com/idp/profile/SAML2/Redirect/S...
+
ResponseLocation="http://idp-sandbox.xxxyyy.com/idp/profile/SAML2/Re...
+
+ <SingleLogoutService
Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"
+
Location="http://idp-sandbox.xxxyyy.com/idp/profile/SAML2/POST/SLO&q...
+
ResponseLocation="http://idp-sandbox.xxxyyy.com/idp/profile/SAML2/PO...
+
+ <SingleLogoutService
Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP"
+
Location="http://idp-sandbox.xxxyyy.com:8443/idp/profile/SAML2/SOAP/SLO" />
+
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+
<NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat>
+ <!--
<NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:persistent</NameIDFormat>
-->
+
+ <SingleSignOnService
Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest"
+
Location="http://idp-sandbox.xxxyyy.com/idp/profile/Shibboleth/SSO&q... />
+
+ <SingleSignOnService
Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"
+
Location="http://idp-sandbox.xxxyyy.com/idp/profile/SAML2/POST/SSO&q... />
+
+ <SingleSignOnService
Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign"
+
Location="http://idp-sandbox.xxxyyy.com/idp/profile/SAML2/POST-Simpl...
/>
+
+ <SingleSignOnService
Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect"
+
Location="http://idp-sandbox.xxxyyy.com/idp/profile/SAML2/Redirect/S... />
+ </IDPSSODescriptor>
+
+ <AttributeAuthorityDescriptor
protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol
urn:oasis:names:tc:SAML:2.0:protocol">
+
+ <Extensions>
+ <shibmd:Scope regexp="false">xxxyyy.com</shibmd:Scope>
+ </Extensions>
+
+ <KeyDescriptor>
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509Certificate>
+....
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+
+ <AttributeService
Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding"
+
Location="http://idp-sandbox.xxxyyy.com:8443/idp/profile/SAML1/SOAP/AttributeQuery"
/>
+
+ <AttributeService
Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP"
+
Location="http://idp-sandbox.xxxyyy.com:8443/idp/profile/SAML2/SOAP/AttributeQuery"
/>
+
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+
<NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat>
+
<!--<NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:persistent</NameIDFormat>
-->
+
+ </AttributeAuthorityDescriptor>
+
+</EntityDescriptor>
Modified:
federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/newmodel/saml/v2/metadata/EntitiesDescriptorType.java
===================================================================
---
federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/newmodel/saml/v2/metadata/EntitiesDescriptorType.java 2011-02-22
21:00:35 UTC (rev 763)
+++
federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/newmodel/saml/v2/metadata/EntitiesDescriptorType.java 2011-02-23
01:23:09 UTC (rev 764)
@@ -7,7 +7,7 @@
import javax.xml.datatype.Duration;
import javax.xml.datatype.XMLGregorianCalendar;
-import org.picketlink.identity.xmlsec.w3.xmldsig.SignatureType;
+import org.w3c.dom.Element;
/**
@@ -40,7 +40,7 @@
*/
public class EntitiesDescriptorType
{
- protected SignatureType signature;
+ protected Element signature;
protected ExtensionsType extensions;
protected List<Object> entityDescriptor = new ArrayList<Object>();
@@ -54,10 +54,10 @@
*
* @return
* possible object is
- * {@link SignatureType }
+ * {@link Element }
*
*/
- public SignatureType getSignature()
+ public Element getSignature()
{
return signature;
}
@@ -67,10 +67,10 @@
*
* @param value
* allowed object is
- * {@link SignatureType }
+ * {@link Element }
*
*/
- public void setSignature(SignatureType value)
+ public void setSignature(Element value)
{
this.signature = value;
}
Modified:
federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/newmodel/saml/v2/metadata/EntityDescriptorType.java
===================================================================
---
federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/newmodel/saml/v2/metadata/EntityDescriptorType.java 2011-02-22
21:00:35 UTC (rev 763)
+++
federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/newmodel/saml/v2/metadata/EntityDescriptorType.java 2011-02-23
01:23:09 UTC (rev 764)
@@ -7,7 +7,7 @@
import javax.xml.datatype.Duration;
import javax.xml.datatype.XMLGregorianCalendar;
-import org.picketlink.identity.xmlsec.w3.xmldsig.SignatureType;
+import org.w3c.dom.Element;
/**
@@ -143,7 +143,7 @@
}
}
- protected SignatureType signature;
+ protected Element signature;
protected ExtensionsType extensions;
protected List<EDTChoiceType> choiceType = new
ArrayList<EntityDescriptorType.EDTChoiceType>();
@@ -172,10 +172,10 @@
*
* @return
* possible object is
- * {@link SignatureType }
+ * {@link Element }
*
*/
- public SignatureType getSignature() {
+ public Element getSignature() {
return signature;
}
@@ -184,10 +184,10 @@
*
* @param value
* allowed object is
- * {@link SignatureType }
+ * {@link Element }
*
*/
- public void setSignature(SignatureType value) {
+ public void setSignature( Element value) {
this.signature = value;
}