Author: anil.saldhana(a)jboss.com
Date: 2011-03-16 16:06:26 -0400 (Wed, 16 Mar 2011)
New Revision: 823
Modified:
federation/trunk/picketlink-bindings/src/test/java/org/picketlink/test/identity/federation/bindings/workflow/PingFederateResponseTestCase.java
federation/trunk/picketlink-bindings/src/test/resources/saml2/post/ping/WEB-INF/picketlink-handlers.xml
federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/web/constants/GeneralConstants.java
federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/web/handlers/saml2/SAML2AttributeHandler.java
federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/web/process/SAMLHandlerChainProcessor.java
Log:
PLFED-159: the SAML2AttribHandler should key in by default name. We can configure if the
attrib on the sp side needs to be keyed by friendly name
Modified:
federation/trunk/picketlink-bindings/src/test/java/org/picketlink/test/identity/federation/bindings/workflow/PingFederateResponseTestCase.java
===================================================================
---
federation/trunk/picketlink-bindings/src/test/java/org/picketlink/test/identity/federation/bindings/workflow/PingFederateResponseTestCase.java 2011-03-16
04:25:50 UTC (rev 822)
+++
federation/trunk/picketlink-bindings/src/test/java/org/picketlink/test/identity/federation/bindings/workflow/PingFederateResponseTestCase.java 2011-03-16
20:06:26 UTC (rev 823)
@@ -21,6 +21,7 @@
*/
package org.picketlink.test.identity.federation.bindings.workflow;
+import static org.junit.Assert.assertEquals;
import static org.junit.Assert.assertNotNull;
import static org.junit.Assert.assertTrue;
@@ -31,6 +32,8 @@
import java.io.InputStream;
import java.io.PrintWriter;
import java.net.URL;
+import java.util.List;
+import java.util.Map;
import org.apache.catalina.deploy.LoginConfig;
import org.junit.Test;
@@ -52,72 +55,81 @@
*/
public class PingFederateResponseTestCase
{
- private String profile = "saml2/post";
- private ClassLoader tcl = Thread.currentThread().getContextClassLoader();
-
+ private final String profile = "saml2/post";
+
+ private final ClassLoader tcl = Thread.currentThread().getContextClassLoader();
+
+ @SuppressWarnings("unchecked")
@Test
public void testSP() throws Exception
- {
+ {
MockCatalinaSession session = new MockCatalinaSession();
//First we go to the employee application
MockCatalinaContextClassLoader mclSPEmp = setupTCL(profile + "/ping");
Thread.currentThread().setContextClassLoader(mclSPEmp);
SPPostFormAuthenticator spEmpl = new SPPostFormAuthenticator();
-
+
MockCatalinaContext context = new MockCatalinaContext();
spEmpl.setContainer(context);
- spEmpl.testStart();
-
+ spEmpl.testStart();
MockCatalinaRequest catalinaRequest = new MockCatalinaRequest();
catalinaRequest.setSession(session);
catalinaRequest.setContext(context);
-
- String idpResponse = PostBindingUtil.base64Encode( new String( readIDPResponse())
);
-
- catalinaRequest.setParameter( GeneralConstants.SAML_RESPONSE_KEY, idpResponse );
-
+
+ String idpResponse = PostBindingUtil.base64Encode(new String(readIDPResponse()));
+
+ catalinaRequest.setParameter(GeneralConstants.SAML_RESPONSE_KEY, idpResponse);
+
MockCatalinaResponse catalinaResponse = new MockCatalinaResponse();
ByteArrayOutputStream baos = new ByteArrayOutputStream();
catalinaResponse.setWriter(new PrintWriter(baos));
-
+
LoginConfig loginConfig = new LoginConfig();
- assertTrue( spEmpl.authenticate(catalinaRequest, catalinaResponse, loginConfig) );
+ assertTrue(spEmpl.authenticate(catalinaRequest, catalinaResponse, loginConfig));
+
+ Map<String, List<Object>> sessionMap = (Map<String,
List<Object>>) session
+ .getAttribute(GeneralConstants.SESSION_ATTRIBUTE_MAP);
+ assertNotNull(sessionMap);
+ assertEquals("asptest_email", sessionMap.get("email").get(0));
+ assertEquals("asptest_zipcode",
sessionMap.get("zipcode").get(0));
}
-
+
private byte[] readIDPResponse() throws IOException
{
- File file = new File(
tcl.getResource("responseIDP/pingidp.xml").getPath() );
- InputStream is = new FileInputStream( file );
- assertNotNull( is );
-
+ File file = new
File(tcl.getResource("responseIDP/pingidp.xml").getPath());
+ InputStream is = new FileInputStream(file);
+ assertNotNull(is);
+
long length = file.length();
// Create the byte array to hold the data
- byte[] bytes = new byte[(int)length];
+ byte[] bytes = new byte[(int) length];
// Read in the bytes
int offset = 0;
int numRead = 0;
- while (offset < bytes.length
- && (numRead=is.read(bytes, offset, bytes.length-offset)) >= 0) {
- offset += numRead;
+ while (offset < bytes.length && (numRead = is.read(bytes, offset,
bytes.length - offset)) >= 0)
+ {
+ offset += numRead;
}
// Ensure all the bytes have been read in
- if (offset < bytes.length) {
- throw new IOException("Could not completely read file
"+file.getName());
+ if (offset < bytes.length)
+ {
+ throw new IOException("Could not completely read file " +
file.getName());
}
// Close the input stream and return bytes
is.close();
- return bytes;
+ return bytes;
}
-
+
private MockCatalinaContextClassLoader setupTCL(String resource)
{
- URL[] urls = new URL[] {tcl.getResource(resource)};
-
+ URL[] urls = new URL[]
+ {tcl.getResource(resource)};
+
MockCatalinaContextClassLoader mcl = new MockCatalinaContextClassLoader(urls);
mcl.setDelegate(tcl);
mcl.setProfile(resource);
Modified:
federation/trunk/picketlink-bindings/src/test/resources/saml2/post/ping/WEB-INF/picketlink-handlers.xml
===================================================================
---
federation/trunk/picketlink-bindings/src/test/resources/saml2/post/ping/WEB-INF/picketlink-handlers.xml 2011-03-16
04:25:50 UTC (rev 822)
+++
federation/trunk/picketlink-bindings/src/test/resources/saml2/post/ping/WEB-INF/picketlink-handlers.xml 2011-03-16
20:06:26 UTC (rev 823)
@@ -1,5 +1,6 @@
<Handlers xmlns="urn:picketlink:identity-federation:handler:config:1.0">
<Handler
class="org.picketlink.identity.federation.web.handlers.saml2.SAML2IssuerTrustHandler"/>
<Handler
class="org.picketlink.identity.federation.web.handlers.saml2.SAML2LogOutHandler"/>
- <Handler
class="org.picketlink.identity.federation.web.handlers.saml2.SAML2AuthenticationHandler"/>
+ <Handler
class="org.picketlink.identity.federation.web.handlers.saml2.SAML2AuthenticationHandler"/>
+ <Handler
class="org.picketlink.identity.federation.web.handlers.saml2.SAML2AttributeHandler"/>
</Handlers>
\ No newline at end of file
Modified:
federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/web/constants/GeneralConstants.java
===================================================================
---
federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/web/constants/GeneralConstants.java 2011-03-16
04:25:50 UTC (rev 822)
+++
federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/web/constants/GeneralConstants.java 2011-03-16
20:06:26 UTC (rev 823)
@@ -38,6 +38,8 @@
String ATTRIBUTE_KEYS = "ATTRIBUTE_KEYS";
+ String ATTRIBUTE_CHOOSE_FRIENDLY_NAME = "ATTRIBUTE_CHOOSE_FRIENDLY_NAME";
+
String ATTIBUTE_MANAGER = "ATTRIBUTE_MANAGER";
String CANONICALIZATION_METHOD = "CANONICALIZATION_METHOD";
Modified:
federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/web/handlers/saml2/SAML2AttributeHandler.java
===================================================================
---
federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/web/handlers/saml2/SAML2AttributeHandler.java 2011-03-16
04:25:50 UTC (rev 822)
+++
federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/web/handlers/saml2/SAML2AttributeHandler.java 2011-03-16
20:06:26 UTC (rev 823)
@@ -40,6 +40,7 @@
import org.picketlink.identity.federation.core.saml.v2.interfaces.SAML2HandlerConfig;
import org.picketlink.identity.federation.core.saml.v2.interfaces.SAML2HandlerRequest;
import org.picketlink.identity.federation.core.saml.v2.interfaces.SAML2HandlerResponse;
+import org.picketlink.identity.federation.core.util.StringUtil;
import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AssertionType;
import
org.picketlink.identity.federation.newmodel.saml.v2.assertion.AttributeStatementType;
import
org.picketlink.identity.federation.newmodel.saml.v2.assertion.AttributeStatementType.ASTChoiceType;
@@ -50,7 +51,17 @@
import org.picketlink.identity.federation.web.core.HTTPContext;
/**
- * Handler dealing with attributes for SAML2
+ * <p>Handler dealing with attributes for SAML2</p>
+ * <p>
+ * <b>Configuration for handler:</b>
+ * </p>
+ * <p>
+ * <ul>
+ * <li>ATTRIBUTE_MANAGER: a fqn of the attribute manager class. This is an IDP
setting.</li>
+ * <li>ATTRIBUTE_KEYS: a comma separated list of string values representing
attributes to be sent. IDP setting.</li>
+ * <li>ATTRIBUTE_CHOOSE_FRIENDLY_NAME : set to true if you require attributes to be
keyed by friendly name rather than default name. SP Setting.</li>
+ * </ul>
+ * </p>
* @author Anil.Saldhana(a)redhat.com
* @since Oct 12, 2009
*/
@@ -64,6 +75,8 @@
protected List<String> attributeKeys = new ArrayList<String>();
+ protected boolean chooseFriendlyName = false;
+
@Override
public void initChainConfig(SAML2HandlerChainConfig handlerChainConfig) throws
ConfigurationException
{
@@ -88,6 +101,13 @@
List<String> ak = (List<String>)
this.handlerConfig.getParameter(GeneralConstants.ATTRIBUTE_KEYS);
if (ak != null)
this.attributeKeys.addAll(ak);
+
+ String chooseFriendlyNameStr = (String) handlerConfig
+ .getParameter(GeneralConstants.ATTRIBUTE_CHOOSE_FRIENDLY_NAME);
+ if (StringUtil.isNotNull(chooseFriendlyNameStr))
+ {
+ chooseFriendlyName = Boolean.parseBoolean(chooseFriendlyNameStr);
+ }
}
@SuppressWarnings("unchecked")
@@ -150,7 +170,7 @@
AssertionType assertion = (AssertionType)
request.getOptions().get(GeneralConstants.ASSERTION);
if (assertion == null)
- throw new RuntimeException("Assertion not found in the handler
request");
+ throw new RuntimeException("Assertion not found in the handler
request:" + request.getOptions());
Set<StatementAbstractType> statements = assertion.getStatements();
for (StatementAbstractType statement : statements)
{
@@ -168,7 +188,14 @@
attrMap = new HashMap<String, List<Object>>();
session.setAttribute(GeneralConstants.SESSION_ATTRIBUTE_MAP, attrMap);
}
- attrMap.put(attr.getFriendlyName(), attr.getAttributeValue());
+ if (chooseFriendlyName)
+ {
+ attrMap.put(attr.getFriendlyName(), attr.getAttributeValue());
+ }
+ else
+ {
+ attrMap.put(attr.getName(), attr.getAttributeValue());
+ }
}
}
}
Modified:
federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/web/process/SAMLHandlerChainProcessor.java
===================================================================
---
federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/web/process/SAMLHandlerChainProcessor.java 2011-03-16
04:25:50 UTC (rev 822)
+++
federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/web/process/SAMLHandlerChainProcessor.java 2011-03-16
20:06:26 UTC (rev 823)
@@ -22,7 +22,7 @@
package org.picketlink.identity.federation.web.process;
import java.io.IOException;
-import java.util.HashSet;
+import java.util.LinkedHashSet;
import java.util.Set;
import java.util.concurrent.locks.Lock;
@@ -31,7 +31,7 @@
import org.picketlink.identity.federation.core.saml.v2.interfaces.SAML2HandlerRequest;
import org.picketlink.identity.federation.core.saml.v2.interfaces.SAML2HandlerResponse;
import org.picketlink.identity.federation.newmodel.saml.v2.protocol.RequestAbstractType;
-import org.picketlink.identity.federation.saml.v2.SAML2Object;
+import org.picketlink.identity.federation.saml.v2.SAML2Object;
import org.picketlink.identity.federation.web.core.HTTPContext;
/**
@@ -41,20 +41,17 @@
*/
public class SAMLHandlerChainProcessor
{
- private Set<SAML2Handler> handlers = new HashSet<SAML2Handler>();
-
+ private final Set<SAML2Handler> handlers = new
LinkedHashSet<SAML2Handler>();
+
public SAMLHandlerChainProcessor(Set<SAML2Handler> handlers)
{
- this.handlers.addAll(handlers);
+ this.handlers.addAll(handlers);
}
-
- public void callHandlerChain(SAML2Object samlObject,
- SAML2HandlerRequest saml2HandlerRequest,
- SAML2HandlerResponse saml2HandlerResponse,
- HTTPContext httpContext,
- Lock chainLock)
- throws ProcessingException, IOException
- {
+
+ public void callHandlerChain(SAML2Object samlObject, SAML2HandlerRequest
saml2HandlerRequest,
+ SAML2HandlerResponse saml2HandlerResponse, HTTPContext httpContext, Lock
chainLock)
+ throws ProcessingException, IOException
+ {
try
{
chainLock.lock();
@@ -79,6 +76,6 @@
finally
{
chainLock.unlock();
- }
- }
+ }
+ }
}
\ No newline at end of file