Author: anil.saldhana(a)jboss.com
Date: 2011-06-24 13:48:39 -0400 (Fri, 24 Jun 2011)
New Revision: 1030
Added:
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAML11RequestParser.java
federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/saml/SAML11RequestParserTestCase.java
federation/trunk/picketlink-fed-core/src/test/resources/parser/saml1/saml1-request-attributequery.xml
federation/trunk/picketlink-fed-core/src/test/resources/parser/saml1/saml1-request-authquery.xml
Modified:
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAML11AssertionParser.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLParser.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/util/SAML11ParserUtil.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v1/SAML11Constants.java
federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/saml/v1/protocol/SAML11RequestType.java
Log:
more SAML11 parsing
Modified:
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAML11AssertionParser.java
===================================================================
---
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAML11AssertionParser.java 2011-06-23
22:25:12 UTC (rev 1029)
+++
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAML11AssertionParser.java 2011-06-24
17:48:39 UTC (rev 1030)
@@ -120,10 +120,8 @@
if (tag.equals(JBossSAMLConstants.SIGNATURE.get()))
{
assertion.setSignature(StaxParserUtil.getDOMElement(xmlEventReader));
- continue;
}
-
- if (JBossSAMLConstants.ISSUER.get().equalsIgnoreCase(tag))
+ else if (JBossSAMLConstants.ISSUER.get().equalsIgnoreCase(tag))
{
startElement = StaxParserUtil.getNextStartElement(xmlEventReader);
issuer = StaxParserUtil.getElementText(xmlEventReader);
Added:
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAML11RequestParser.java
===================================================================
---
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAML11RequestParser.java
(rev 0)
+++
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAML11RequestParser.java 2011-06-24
17:48:39 UTC (rev 1030)
@@ -0,0 +1,114 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2008, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site:
http://www.fsf.org.
+ */
+package org.picketlink.identity.federation.core.parsers.saml;
+
+import javax.xml.datatype.XMLGregorianCalendar;
+import javax.xml.namespace.QName;
+import javax.xml.stream.XMLEventReader;
+import javax.xml.stream.events.Attribute;
+import javax.xml.stream.events.StartElement;
+
+import org.picketlink.identity.federation.core.exceptions.ParsingException;
+import org.picketlink.identity.federation.core.parsers.ParserNamespaceSupport;
+import org.picketlink.identity.federation.core.parsers.util.SAML11ParserUtil;
+import org.picketlink.identity.federation.core.parsers.util.StaxParserUtil;
+import org.picketlink.identity.federation.core.saml.v1.SAML11Constants;
+import org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLConstants;
+import org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLURIConstants;
+import org.picketlink.identity.federation.core.saml.v2.util.XMLTimeUtil;
+import org.picketlink.identity.federation.saml.v1.protocol.SAML11AttributeQueryType;
+import
org.picketlink.identity.federation.saml.v1.protocol.SAML11AuthenticationQueryType;
+import org.picketlink.identity.federation.saml.v1.protocol.SAML11RequestType;
+
+/**
+ * Parse the SAML2 AuthnRequest
+ * @author Anil.Saldhana(a)redhat.com
+ * @since June 24, 2011
+ */
+public class SAML11RequestParser implements ParserNamespaceSupport
+{
+
+ protected SAML11RequestType parseRequiredAttributes(StartElement startElement) throws
ParsingException
+ {
+ Attribute idAttr = startElement.getAttributeByName(new
QName(SAML11Constants.REQUEST_ID));
+ if (idAttr == null)
+ throw new RuntimeException(SAML11Constants.REQUEST_ID + " attribute is
missing");
+
+ String id = StaxParserUtil.getAttributeValue(idAttr);
+
+ Attribute issueInstantAttr = startElement.getAttributeByName(new
QName("IssueInstant"));
+ if (issueInstantAttr == null)
+ throw new RuntimeException("IssueInstant attribute required in
Request");
+ XMLGregorianCalendar issueInstant =
XMLTimeUtil.parse(StaxParserUtil.getAttributeValue(issueInstantAttr));
+ return new SAML11RequestType(id, issueInstant);
+ }
+
+ /**
+ * @see {@link ParserNamespaceSupport#parse(XMLEventReader)}
+ */
+ public Object parse(XMLEventReader xmlEventReader) throws ParsingException
+ {
+ //Get the startelement
+ StartElement startElement = StaxParserUtil.getNextStartElement(xmlEventReader);
+ StaxParserUtil.validate(startElement, SAML11Constants.REQUEST);
+
+ SAML11RequestType request = parseRequiredAttributes(startElement);
+
+ while (xmlEventReader.hasNext())
+ {
+ //Let us peek at the next start element
+ startElement = StaxParserUtil.peekNextStartElement(xmlEventReader);
+ if (startElement == null)
+ break;
+
+ String elementName = StaxParserUtil.getStartElementName(startElement);
+
+ if (SAML11Constants.ATTRIBUTE_QUERY.equals(elementName))
+ {
+ startElement = StaxParserUtil.getNextStartElement(xmlEventReader);
+ SAML11AttributeQueryType query =
SAML11ParserUtil.parseSAML11AttributeQuery(xmlEventReader);
+ request.setQuery(query);
+ }
+ else if (SAML11Constants.AUTHENTICATION_QUERY.equals(elementName))
+ {
+ startElement = StaxParserUtil.getNextStartElement(xmlEventReader);
+ SAML11AuthenticationQueryType query =
SAML11ParserUtil.parseSAML11AuthenticationQuery(xmlEventReader);
+ request.setQuery(query);
+ }
+ else if (elementName.equals(JBossSAMLConstants.SIGNATURE.get()))
+ {
+ request.setSignature(StaxParserUtil.getDOMElement(xmlEventReader));
+ }
+ else
+ throw new RuntimeException("Unknown Element:" + elementName +
"::location=" + startElement.getLocation());
+ }
+ return request;
+ }
+
+ /**
+ * @see {@link ParserNamespaceSupport#supports(QName)}
+ */
+ public boolean supports(QName qname)
+ {
+ return JBossSAMLURIConstants.PROTOCOL_NSURI.get().equals(qname.getNamespaceURI());
+ }
+}
\ No newline at end of file
Modified:
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLParser.java
===================================================================
---
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLParser.java 2011-06-23
22:25:12 UTC (rev 1029)
+++
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLParser.java 2011-06-24
17:48:39 UTC (rev 1030)
@@ -130,6 +130,12 @@
SAML11ResponseParser responseParser = new SAML11ResponseParser();
return responseParser.parse(xmlEventReader);
}
+ else if (SAML11Constants.PROTOCOL_11_NSURI.equals(nsURI)
+ &&
SAML11Constants.REQUEST.equals(startElementName.getLocalPart()))
+ {
+ SAML11RequestParser reqParser = new SAML11RequestParser();
+ return reqParser.parse(xmlEventReader);
+ }
else
throw new RuntimeException("Unknown Tag:" + elementName +
"::location=" + startElement.getLocation());
}
Modified:
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/util/SAML11ParserUtil.java
===================================================================
---
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/util/SAML11ParserUtil.java 2011-06-23
22:25:12 UTC (rev 1029)
+++
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/util/SAML11ParserUtil.java 2011-06-24
17:48:39 UTC (rev 1030)
@@ -46,6 +46,8 @@
import org.picketlink.identity.federation.saml.v1.assertion.SAML11DecisionType;
import
org.picketlink.identity.federation.saml.v1.assertion.SAML11SubjectConfirmationType;
import org.picketlink.identity.federation.saml.v1.assertion.SAML11SubjectType;
+import org.picketlink.identity.federation.saml.v1.protocol.SAML11AttributeQueryType;
+import
org.picketlink.identity.federation.saml.v1.protocol.SAML11AuthenticationQueryType;
import org.picketlink.identity.federation.saml.v2.assertion.SubjectConfirmationDataType;
import org.picketlink.identity.xmlsec.w3.xmldsig.KeyInfoType;
import org.picketlink.identity.xmlsec.w3.xmldsig.KeyValueType;
@@ -61,7 +63,12 @@
*/
public class SAML11ParserUtil
{
-
+ /**
+ * Parse the {@link SAML11SubjectConfirmationType}
+ * @param xmlEventReader
+ * @return
+ * @throws ParsingException
+ */
public static SAML11SubjectConfirmationType
parseSAML11SubjectConfirmation(XMLEventReader xmlEventReader)
throws ParsingException
{
@@ -112,6 +119,12 @@
}
+ /**
+ * Parse the {@link SubjectConfirmationDataType}
+ * @param xmlEventReader
+ * @return
+ * @throws ParsingException
+ */
public static SubjectConfirmationDataType parseSubjectConfirmationData(XMLEventReader
xmlEventReader)
throws ParsingException
{
@@ -561,4 +574,88 @@
}
return rsaKeyValue;
}
+
+ /**
+ * Parse the {@link SAML11AttributeQueryType}
+ * @param xmlEventReader
+ * @return
+ * @throws ParsingException
+ */
+ public static SAML11AttributeQueryType parseSAML11AttributeQuery(XMLEventReader
xmlEventReader)
+ throws ParsingException
+ {
+ SAML11AttributeQueryType query = new SAML11AttributeQueryType();
+ StartElement startElement;
+ // There may be additional things under subject confirmation
+ while (xmlEventReader.hasNext())
+ {
+ XMLEvent xmlEvent = StaxParserUtil.peek(xmlEventReader);
+ if (xmlEvent instanceof EndElement)
+ {
+ EndElement endElement = StaxParserUtil.getNextEndElement(xmlEventReader);
+ if (StaxParserUtil.matches(endElement, SAML11Constants.ATTRIBUTE_QUERY))
+ break;
+ else
+ throw new ParsingException("Unknown end element:" +
StaxParserUtil.getEndElementName(endElement));
+ }
+
+ if (xmlEvent instanceof StartElement)
+ {
+ startElement = (StartElement) xmlEvent;
+
+ String startTag = StaxParserUtil.getStartElementName(startElement);
+
+ if (startTag.equals(JBossSAMLConstants.SUBJECT.get()))
+ {
+ SAML11SubjectParser parser = new SAML11SubjectParser();
+ query.setSubject((SAML11SubjectType) parser.parse(xmlEventReader));
+ }
+ else
+ throw new ParsingException("Unknown tag:" + startTag);
+ }
+ }
+ return query;
+ }
+
+ /**
+ * Parse the {@link SAML11AttributeQueryType}
+ * @param xmlEventReader
+ * @return
+ * @throws ParsingException
+ */
+ public static SAML11AuthenticationQueryType
parseSAML11AuthenticationQuery(XMLEventReader xmlEventReader)
+ throws ParsingException
+ {
+ SAML11AuthenticationQueryType query = new SAML11AuthenticationQueryType();
+ StartElement startElement;
+ // There may be additional things under subject confirmation
+ while (xmlEventReader.hasNext())
+ {
+ XMLEvent xmlEvent = StaxParserUtil.peek(xmlEventReader);
+ if (xmlEvent instanceof EndElement)
+ {
+ EndElement endElement = StaxParserUtil.getNextEndElement(xmlEventReader);
+ if (StaxParserUtil.matches(endElement,
SAML11Constants.AUTHENTICATION_QUERY))
+ break;
+ else
+ throw new ParsingException("Unknown end element:" +
StaxParserUtil.getEndElementName(endElement));
+ }
+
+ if (xmlEvent instanceof StartElement)
+ {
+ startElement = (StartElement) xmlEvent;
+
+ String startTag = StaxParserUtil.getStartElementName(startElement);
+
+ if (startTag.equals(JBossSAMLConstants.SUBJECT.get()))
+ {
+ SAML11SubjectParser parser = new SAML11SubjectParser();
+ query.setSubject((SAML11SubjectType) parser.parse(xmlEventReader));
+ }
+ else
+ throw new ParsingException("Unknown tag:" + startTag);
+ }
+ }
+ return query;
+ }
}
\ No newline at end of file
Modified:
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v1/SAML11Constants.java
===================================================================
---
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v1/SAML11Constants.java 2011-06-23
22:25:12 UTC (rev 1029)
+++
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v1/SAML11Constants.java 2011-06-24
17:48:39 UTC (rev 1030)
@@ -34,6 +34,8 @@
String ASSERTION_11_NSURI = "urn:oasis:names:tc:SAML:1.0:assertion";
+ String ATTRIBUTE_QUERY = "AttributeQuery";
+
String ATTRIBUTE_NAME = "AttributeName";
String ATTRIBUTE_NAMESPACE = "AttributeNamespace";
@@ -46,6 +48,8 @@
String AUTHENTICATION_METHOD = "AuthenticationMethod";
+ String AUTHENTICATION_QUERY = "AuthenticationQuery";
+
String AUTHENTICATION_STATEMENT = "AuthenticationStatement";
String AUTHORIZATION_DECISION_STATEMENT = "AuthorizationDecisionStatement";
@@ -70,5 +74,9 @@
String PROTOCOL_11_NSURI = "urn:oasis:names:tc:SAML:1.0:protocol";
+ String REQUEST = "Request";
+
+ String REQUEST_ID = "RequestID";
+
String RESOURCE = "Resource";
}
\ No newline at end of file
Added:
federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/saml/SAML11RequestParserTestCase.java
===================================================================
---
federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/saml/SAML11RequestParserTestCase.java
(rev 0)
+++
federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/saml/SAML11RequestParserTestCase.java 2011-06-24
17:48:39 UTC (rev 1030)
@@ -0,0 +1,93 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2008, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site:
http://www.fsf.org.
+ */
+package org.picketlink.test.identity.federation.core.parser.saml;
+
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertNotNull;
+import static org.junit.Assert.assertTrue;
+
+import java.io.InputStream;
+
+import org.junit.Test;
+import org.picketlink.identity.federation.core.parsers.saml.SAMLParser;
+import org.picketlink.identity.federation.core.saml.v2.util.XMLTimeUtil;
+import org.picketlink.identity.federation.saml.v1.assertion.SAML11SubjectType;
+import org.picketlink.identity.federation.saml.v1.protocol.SAML11AttributeQueryType;
+import
org.picketlink.identity.federation.saml.v1.protocol.SAML11AuthenticationQueryType;
+import org.picketlink.identity.federation.saml.v1.protocol.SAML11QueryAbstractType;
+import org.picketlink.identity.federation.saml.v1.protocol.SAML11RequestType;
+
+/**
+ * Unit Test SAML 1.1 Request Parsing
+ * @author Anil.Saldhana(a)redhat.com
+ * @since Jun 24, 2011
+ */
+public class SAML11RequestParserTestCase
+{
+ @Test
+ public void testSAML11RequestWithAuthQuery() throws Exception
+ {
+ ClassLoader tcl = Thread.currentThread().getContextClassLoader();
+ InputStream configStream =
tcl.getResourceAsStream("parser/saml1/saml1-request-authquery.xml");
+
+ SAMLParser parser = new SAMLParser();
+ SAML11RequestType request = (SAML11RequestType) parser.parse(configStream);
+ assertNotNull(request);
+
+ assertEquals(1, request.getMajorVersion());
+ assertEquals(1, request.getMinorVersion());
+ assertEquals("aaf23196-1773-2113-474a-fe114412ab72", request.getID());
+ assertEquals(XMLTimeUtil.parse("2006-07-17T22:26:40Z"),
request.getIssueInstant());
+
+ SAML11QueryAbstractType query = request.getQuery();
+ assertTrue(query instanceof SAML11AuthenticationQueryType);
+ SAML11AuthenticationQueryType attQuery = (SAML11AuthenticationQueryType) query;
+
+ SAML11SubjectType subject = attQuery.getSubject();
+ SAML11SubjectType.SAML11SubjectTypeChoice choice = subject.getChoice();
+ assertEquals("myusername", choice.getNameID().getValue());
+ }
+
+ @Test
+ public void testSAML11RequestWithAttributeQuery() throws Exception
+ {
+ ClassLoader tcl = Thread.currentThread().getContextClassLoader();
+ InputStream configStream =
tcl.getResourceAsStream("parser/saml1/saml1-request-attributequery.xml");
+
+ SAMLParser parser = new SAMLParser();
+ SAML11RequestType request = (SAML11RequestType) parser.parse(configStream);
+ assertNotNull(request);
+
+ assertEquals(1, request.getMajorVersion());
+ assertEquals(1, request.getMinorVersion());
+ assertEquals("aaf23196-1773-2113-474a-fe114412ab72", request.getID());
+ assertEquals(XMLTimeUtil.parse("2006-07-17T22:26:40Z"),
request.getIssueInstant());
+
+ SAML11QueryAbstractType query = request.getQuery();
+ assertTrue(query instanceof SAML11AttributeQueryType);
+ SAML11AttributeQueryType attQuery = (SAML11AttributeQueryType) query;
+
+ SAML11SubjectType subject = attQuery.getSubject();
+ SAML11SubjectType.SAML11SubjectTypeChoice choice = subject.getChoice();
+ assertEquals("testID", choice.getNameID().getValue());
+ }
+}
\ No newline at end of file
Added:
federation/trunk/picketlink-fed-core/src/test/resources/parser/saml1/saml1-request-attributequery.xml
===================================================================
---
federation/trunk/picketlink-fed-core/src/test/resources/parser/saml1/saml1-request-attributequery.xml
(rev 0)
+++
federation/trunk/picketlink-fed-core/src/test/resources/parser/saml1/saml1-request-attributequery.xml 2011-06-24
17:48:39 UTC (rev 1030)
@@ -0,0 +1,11 @@
+<samlp:Request xmlns:samlp="urn:oasis:names:tc:SAML:1.0:protocol"
+ xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion"
+ MajorVersion="1" MinorVersion="1"
+ RequestID="aaf23196-1773-2113-474a-fe114412ab72"
+ IssueInstant="2006-07-17T22:26:40Z" >
+ <samlp:AttributeQuery>
+ <saml:Subject>
+ <saml:NameIdentifier>testID</saml:NameIdentifier>
+ </saml:Subject>
+ </samlp:AttributeQuery>
+</samlp:Request>
\ No newline at end of file
Added:
federation/trunk/picketlink-fed-core/src/test/resources/parser/saml1/saml1-request-authquery.xml
===================================================================
---
federation/trunk/picketlink-fed-core/src/test/resources/parser/saml1/saml1-request-authquery.xml
(rev 0)
+++
federation/trunk/picketlink-fed-core/src/test/resources/parser/saml1/saml1-request-authquery.xml 2011-06-24
17:48:39 UTC (rev 1030)
@@ -0,0 +1,11 @@
+<samlp:Request xmlns:samlp="urn:oasis:names:tc:SAML:1.0:protocol"
+ RequestID="aaf23196-1773-2113-474a-fe114412ab72"
+ MajorVersion="1" MinorVersion="1"
+ IssueInstant="2006-07-17T22:26:40Z">
+ <samlp:AuthenticationQuery>
+ <saml:Subject xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion">
+ <saml:NameIdentifier
+ Format="urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified">myusername</saml:NameIdentifier>
+ </saml:Subject>
+ </samlp:AuthenticationQuery>
+</samlp:Request>
\ No newline at end of file
Modified:
federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/saml/v1/protocol/SAML11RequestType.java
===================================================================
---
federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/saml/v1/protocol/SAML11RequestType.java 2011-06-23
22:25:12 UTC (rev 1029)
+++
federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/saml/v1/protocol/SAML11RequestType.java 2011-06-24
17:48:39 UTC (rev 1030)
@@ -92,4 +92,14 @@
{
return Collections.unmodifiableList(assertionArtifact);
}
+
+ public SAML11QueryAbstractType getQuery()
+ {
+ return query;
+ }
+
+ public void setQuery(SAML11QueryAbstractType query)
+ {
+ this.query = query;
+ }
}
\ No newline at end of file