Author: anil.saldhana(a)jboss.com Date: 2010-10-18 17:46:06 -0400 (Mon, 18 Oct 2010) New Revision: 487 Added: federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/wst/WSTrustIssuePublicCertificateTestCase.java Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/wst/WSTRequestSecurityTokenParser.java federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/WSTrustConstants.java Log: PLFED-109: parse the X509 cert as part of RST use key Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/wst/WSTRequestSecurityTokenParser.java =================================================================== --- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/wst/WSTRequestSecurityTokenParser.java 2010-10-18 21:45:30 UTC (rev 486) +++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/wst/WSTRequestSecurityTokenParser.java 2010-10-18 21:46:06 UTC (rev 487) @@ -23,24 +23,31 @@ import java.net.URI; import java.net.URISyntaxException; +import java.util.Iterator; import javax.xml.namespace.QName; import javax.xml.stream.XMLEventReader; import javax.xml.stream.events.Attribute; import javax.xml.stream.events.EndElement; +import javax.xml.stream.events.Namespace; import javax.xml.stream.events.StartElement; import javax.xml.stream.events.XMLEvent; +import org.picketlink.identity.federation.core.exceptions.ConfigurationException; import org.picketlink.identity.federation.core.exceptions.ParsingException; +import org.picketlink.identity.federation.core.exceptions.ProcessingException; import org.picketlink.identity.federation.core.parsers.ParserController; import org.picketlink.identity.federation.core.parsers.ParserNamespaceSupport; import org.picketlink.identity.federation.core.parsers.util.StaxParserUtil; +import org.picketlink.identity.federation.core.saml.v2.util.DocumentUtil; import org.picketlink.identity.federation.core.wstrust.WSTrustConstants; import org.picketlink.identity.federation.core.wstrust.wrappers.RequestSecurityToken; import org.picketlink.identity.federation.ws.policy.AppliesTo; import org.picketlink.identity.federation.ws.trust.CancelTargetType; import org.picketlink.identity.federation.ws.trust.OnBehalfOfType; +import org.picketlink.identity.federation.ws.trust.UseKeyType; import org.picketlink.identity.federation.ws.trust.ValidateTargetType; +import org.w3c.dom.Element; /** * Parse the WS-Trust RequestSecurityToken @@ -49,6 +56,8 @@ */ public class WSTRequestSecurityTokenParser implements ParserNamespaceSupport { + public static final String X509CERTIFICATE = "X509Certificate"; + /** * @see {@link ParserNamespaceSupport#parse(XMLEventReader)} */ @@ -108,7 +117,7 @@ EndElement cancelTargetEndElement = StaxParserUtil.getNextEndElement(xmlEventReader); StaxParserUtil.validate( cancelTargetEndElement, WSTrustConstants.CANCEL_TARGET ) ; } - else if( tag.equals( WSTrustConstants.VALIDATE_TARGET )) + else if( tag.equals( WSTrustConstants.VALIDATE_TARGET )) { subEvent = StaxParserUtil.getNextStartElement(xmlEventReader); @@ -118,7 +127,7 @@ EndElement validateTargetEndElement = StaxParserUtil.getNextEndElement(xmlEventReader); StaxParserUtil.validate( validateTargetEndElement, WSTrustConstants.VALIDATE_TARGET ) ; } - else if( tag.equals( WSTrustConstants.On_BEHALF_OF )) + else if( tag.equals( WSTrustConstants.On_BEHALF_OF )) { subEvent = StaxParserUtil.getNextStartElement(xmlEventReader); @@ -128,6 +137,37 @@ EndElement onBehalfOfEndElement = StaxParserUtil.getNextEndElement(xmlEventReader); StaxParserUtil.validate( onBehalfOfEndElement, WSTrustConstants.On_BEHALF_OF ) ; } + else if( tag.equals( WSTrustConstants.KEY_TYPE )) + { + subEvent = StaxParserUtil.getNextStartElement(xmlEventReader); + String keyType = StaxParserUtil.getElementText(xmlEventReader); + try + { + URI keyTypeURI = new URI( keyType ); + requestToken.setKeyType( keyTypeURI ); + } + catch( URISyntaxException e ) + { + throw new ParsingException( e ); + } + } + else if( tag.equals( WSTrustConstants.USE_KEY )) + { + subEvent = StaxParserUtil.getNextStartElement(xmlEventReader); + UseKeyType useKeyType = new UseKeyType(); + StaxParserUtil.validate( subEvent, WSTrustConstants.USE_KEY ) ; + + /** + * There has to be a better way of parsing a sub section into a DOM element + */ + subEvent = StaxParserUtil.getNextStartElement(xmlEventReader); + StaxParserUtil.validate( subEvent, X509CERTIFICATE ) ; + + Element domElement = getX509CertificateAsDomElement( subEvent, xmlEventReader ); + + useKeyType.setAny( domElement ); + requestToken.setUseKey( useKeyType ); + } else { QName qname = subEvent.getName(); @@ -162,4 +202,57 @@ return WSTrustConstants.BASE_NAMESPACE.equals( nsURI ) && WSTrustConstants.RST.equals( localPart ); } + + + private Element getX509CertificateAsDomElement( StartElement subEvent, XMLEventReader xmlEventReader ) throws ParsingException + { + StringBuilder builder = new StringBuilder(); + + QName subEventName = subEvent.getName(); + String prefix = subEventName.getPrefix(); + String localPart = subEventName.getLocalPart(); + + builder.append( "<" ).append( prefix ).append( ":").append( localPart ); + + @SuppressWarnings("unchecked") + Iterator<Attribute> iter = subEvent.getAttributes(); + + while( iter != null && iter.hasNext() ) + { + Attribute attr = iter.next(); + QName attrName = attr.getName(); + if( attrName.getNamespaceURI().equals( WSTrustConstants.DSIG_NS ) ) + { + builder.append( " ").append( prefix ).append( ":" ).append( attrName.getLocalPart() ); + builder.append( "=" ).append( StaxParserUtil.getAttributeValue( attr )); + } + } + + @SuppressWarnings("unchecked") + Iterator<Namespace> namespaces = subEvent.getNamespaces(); + while( namespaces != null && namespaces.hasNext() ) + { + Namespace namespace = namespaces.next(); + builder.append( " ").append( namespace.toString() ); + } + builder.append( ">" ); + builder.append( StaxParserUtil.getElementText(xmlEventReader) ); //We are at the end of tag + + builder.append( "</" ).append( prefix ).append( ":" ).append( localPart ).append( ">" ); + Element domElement = null; + try + { + domElement = DocumentUtil.getDocument( builder.toString() ).getDocumentElement() ; + } + catch (ConfigurationException e) + { + throw new ParsingException( e ); + } + catch (ProcessingException e) + { + throw new ParsingException( e ); + } + + return domElement; + } } \ No newline at end of file Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/WSTrustConstants.java =================================================================== --- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/WSTrustConstants.java 2010-10-18 21:45:30 UTC (rev 486) +++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/WSTrustConstants.java 2010-10-18 21:46:06 UTC (rev 487) @@ -83,12 +83,14 @@ //Element Names public static final String On_BEHALF_OF = "OnBehalfOf"; + public static final String KEY_TYPE = "KeyType"; public static final String RST = "RequestSecurityToken"; public static final String RST_COLLECTION = "RequestSecurityTokenCollection"; public static final String REQUEST_TYPE = "RequestType"; public static final String TOKEN_TYPE = "TokenType"; public static final String CANCEL_TARGET = "CancelTarget"; public static final String VALIDATE_TARGET = "ValidateTarget"; + public static final String USE_KEY = "UseKey"; //Attribute Names public static final String RST_CONTEXT = "Context"; Added: federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/wst/WSTrustIssuePublicCertificateTestCase.java =================================================================== --- federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/wst/WSTrustIssuePublicCertificateTestCase.java (rev 0) +++ federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/wst/WSTrustIssuePublicCertificateTestCase.java 2010-10-18 21:46:06 UTC (rev 487) @@ -0,0 +1,61 @@ +/* + * JBoss, Home of Professional Open Source. + * Copyright 2008, Red Hat Middleware LLC, and individual contributors + * as indicated by the @author tags. See the copyright.txt file in the + * distribution for a full listing of individual contributors. + * + * This is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * This software is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this software; if not, write to the Free + * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA + * 02110-1301 USA, or see the FSF site: http://www.fsf.org. + */ +package org.picketlink.test.identity.federation.core.parser.wst; + +import static org.junit.Assert.assertEquals; + +import java.io.InputStream; + +import org.junit.Test; +import org.picketlink.identity.federation.core.parsers.wst.WSTRequestSecurityTokenParser; +import org.picketlink.identity.federation.core.parsers.wst.WSTrustParser; +import org.picketlink.identity.federation.core.wstrust.WSTrustConstants; +import org.picketlink.identity.federation.core.wstrust.wrappers.RequestSecurityToken; +import org.picketlink.identity.federation.ws.trust.UseKeyType; +import org.w3c.dom.Element; + +/** + * Validate parsing of RST with Use Key set to a X509 certificate + * @author Anil.Saldhana(a)redhat.com + * @since Oct 18, 2010 + */ +public class WSTrustIssuePublicCertificateTestCase +{ + + @Test + public void testPublicCert() throws Exception + { + ClassLoader tcl = Thread.currentThread().getContextClassLoader(); + InputStream configStream = tcl.getResourceAsStream( "parser/wst/wst-issue-public-certificate.xml" ); + + WSTrustParser parser = new WSTrustParser(); + RequestSecurityToken requestToken = ( RequestSecurityToken ) parser.parse( configStream ); + + assertEquals( "testcontext", requestToken.getContext() ); + assertEquals( WSTrustConstants.ISSUE_REQUEST , requestToken.getRequestType().toASCIIString() ); + + UseKeyType useKeyType = requestToken.getUseKey(); + Element certEl = (Element) useKeyType.getAny(); + + assertEquals( "ds:" + WSTRequestSecurityTokenParser.X509CERTIFICATE, certEl.getTagName() ); + } +} \ No newline at end of file