August 2010 - seam-commits - Jboss List Archives

Seam SVN: r13571 - in sandbox/encore/core/src: main/java/org/jboss/encore/grammar/java/ast and 8 other directories.

by seam-commits＠lists.jboss.org

Author: lincolnthree Date: 2010-08-06 14:43:46 -0400 (Fri, 06 Aug 2010) New Revision: 13571 Added: sandbox/encore/core/src/test/java/org/jboss/encore/test/ sandbox/encore/core/src/test/java/org/jboss/encore/test/grammar/ sandbox/encore/core/src/test/java/org/jboss/encore/test/grammar/java/ sandbox/encore/core/src/test/java/org/jboss/encore/test/grammar/java/FieldAnnotationTest.java sandbox/encore/core/src/test/java/org/jboss/encore/test/grammar/java/FieldTest.java sandbox/encore/core/src/test/java/org/jboss/encore/test/grammar/java/FieldVisibilityTest.java sandbox/encore/core/src/test/java/org/jboss/encore/test/grammar/java/JavaClassAnnotationTest.java sandbox/encore/core/src/test/java/org/jboss/encore/test/grammar/java/JavaClassTest.java sandbox/encore/core/src/test/java/org/jboss/encore/test/grammar/java/JavaClassVisibilityTest.java sandbox/encore/core/src/test/java/org/jboss/encore/test/grammar/java/MethodAnnotationTest.java sandbox/encore/core/src/test/java/org/jboss/encore/test/grammar/java/MethodTest.java sandbox/encore/core/src/test/java/org/jboss/encore/test/grammar/java/MethodVisibilityTest.java sandbox/encore/core/src/test/java/org/jboss/encore/test/grammar/java/common/ sandbox/encore/core/src/test/java/org/jboss/encore/test/grammar/java/common/AnnotationTest.java sandbox/encore/core/src/test/java/org/jboss/encore/test/grammar/java/common/VisibilityTest.java Removed: sandbox/encore/core/src/test/java/org/jboss/encore/grammar/java/ sandbox/encore/core/src/test/java/org/jboss/encore/test/grammar/java/AnnotationTest.java sandbox/encore/core/src/test/java/org/jboss/encore/test/grammar/java/ClassAnnotationTest.java sandbox/encore/core/src/test/java/org/jboss/encore/test/grammar/java/JavaClassTest.java sandbox/encore/core/src/test/java/org/jboss/encore/test/grammar/java/MethodAnnotationTest.java sandbox/encore/core/src/test/java/org/jboss/encore/test/grammar/java/MethodTest.java Modified: sandbox/encore/core/src/main/java/org/jboss/encore/grammar/java/Field.java sandbox/encore/core/src/main/java/org/jboss/encore/grammar/java/ast/AnnotationAccessor.java sandbox/encore/core/src/main/java/org/jboss/encore/grammar/java/ast/MethodFinderVisitor.java sandbox/encore/core/src/main/java/org/jboss/encore/grammar/java/ast/TypeDeclarationFinderVisitor.java sandbox/encore/core/src/main/java/org/jboss/encore/grammar/java/impl/AnnotationImpl.java sandbox/encore/core/src/main/java/org/jboss/encore/grammar/java/impl/FieldImpl.java sandbox/encore/core/src/main/java/org/jboss/encore/grammar/java/impl/ImportImpl.java sandbox/encore/core/src/main/java/org/jboss/encore/grammar/java/impl/JavaClassImpl.java sandbox/encore/core/src/main/java/org/jboss/encore/grammar/java/impl/MethodImpl.java sandbox/encore/core/src/main/java/org/jboss/encore/grammar/java/impl/ValuePairImpl.java sandbox/encore/core/src/main/java/org/jboss/encore/grammar/java/util/Strings.java Log: Implemented equals() and hashCode() on all impl types. Field types may now be set. Collections returned by getEtc*() methods now return unmodifiable collections. Modified: sandbox/encore/core/src/main/java/org/jboss/encore/grammar/java/Field.java =================================================================== --- sandbox/encore/core/src/main/java/org/jboss/encore/grammar/java/Field.java 2010-08-06 18:13:16 UTC (rev 13570) +++ sandbox/encore/core/src/main/java/org/jboss/encore/grammar/java/Field.java 2010-08-06 18:43:46 UTC (rev 13571) @@ -31,5 +31,21 @@ */ public interface Field extends Mutable, Internal, VisibilityScoped<Field>, AnnotationTarget<Field> { + String getName(); + Field setName(String name); + + String getType(); + + Field setType(Class<?> clazz); + + Field setType(String type); + + String getStringInitializer(); + + String getLiteralInitializer(); + + Field setLiteralInitializer(String value); + + Field setStringInitializer(String value); } Modified: sandbox/encore/core/src/main/java/org/jboss/encore/grammar/java/ast/AnnotationAccessor.java =================================================================== --- sandbox/encore/core/src/main/java/org/jboss/encore/grammar/java/ast/AnnotationAccessor.java 2010-08-06 18:13:16 UTC (rev 13570) +++ sandbox/encore/core/src/main/java/org/jboss/encore/grammar/java/ast/AnnotationAccessor.java 2010-08-06 18:43:46 UTC (rev 13571) @@ -23,6 +23,7 @@ package org.jboss.encore.grammar.java.ast; import java.util.ArrayList; +import java.util.Collections; import java.util.List; import org.eclipse.jdt.core.dom.BodyDeclaration; @@ -69,7 +70,7 @@ } } - return result; + return Collections.unmodifiableList(result); } public <T extends AnnotationTarget<?>> T removeAnnotation(T target, BodyDeclaration body, Annotation annotation) Modified: sandbox/encore/core/src/main/java/org/jboss/encore/grammar/java/ast/MethodFinderVisitor.java =================================================================== --- sandbox/encore/core/src/main/java/org/jboss/encore/grammar/java/ast/MethodFinderVisitor.java 2010-08-06 18:13:16 UTC (rev 13570) +++ sandbox/encore/core/src/main/java/org/jboss/encore/grammar/java/ast/MethodFinderVisitor.java 2010-08-06 18:43:46 UTC (rev 13571) @@ -23,6 +23,7 @@ import java.util.ArrayList; import java.util.Arrays; +import java.util.Collections; import java.util.List; import org.eclipse.jdt.core.dom.ASTNode; @@ -50,7 +51,7 @@ public List<MethodDeclaration> getMethods() { - return methods; + return Collections.unmodifiableList(methods); } public TypeDeclaration getParent() Modified: sandbox/encore/core/src/main/java/org/jboss/encore/grammar/java/ast/TypeDeclarationFinderVisitor.java =================================================================== --- sandbox/encore/core/src/main/java/org/jboss/encore/grammar/java/ast/TypeDeclarationFinderVisitor.java 2010-08-06 18:13:16 UTC (rev 13570) +++ sandbox/encore/core/src/main/java/org/jboss/encore/grammar/java/ast/TypeDeclarationFinderVisitor.java 2010-08-06 18:43:46 UTC (rev 13571) @@ -23,6 +23,7 @@ import java.util.ArrayList; import java.util.Arrays; +import java.util.Collections; import java.util.List; import org.eclipse.jdt.core.dom.ASTVisitor; @@ -46,7 +47,7 @@ public List<TypeDeclaration> getTypeDeclarations() { - return types; + return Collections.unmodifiableList(types); } } \ No newline at end of file Modified: sandbox/encore/core/src/main/java/org/jboss/encore/grammar/java/impl/AnnotationImpl.java =================================================================== --- sandbox/encore/core/src/main/java/org/jboss/encore/grammar/java/impl/AnnotationImpl.java 2010-08-06 18:13:16 UTC (rev 13570) +++ sandbox/encore/core/src/main/java/org/jboss/encore/grammar/java/impl/AnnotationImpl.java 2010-08-06 18:43:46 UTC (rev 13571) @@ -22,6 +22,7 @@ package org.jboss.encore.grammar.java.impl; import java.util.ArrayList; +import java.util.Collections; import java.util.List; import org.eclipse.jdt.core.dom.AST; @@ -170,7 +171,7 @@ { result.add(new ValuePairImpl(DEFAULT_VALUE, getLiteralValue())); } - return result; + return Collections.unmodifiableList(result); } @Override @@ -273,7 +274,7 @@ SingleMemberAnnotation anno = (SingleMemberAnnotation) temp.getAnnotations().get(0).getInternal(); Expression expression = anno.getValue(); - sa.setValue((Expression) ASTNode.copySubtree(annotation.getAST(), expression)); + sa.setValue((Expression) ASTNode.copySubtree(ast, expression)); } else { @@ -318,13 +319,13 @@ @Override public Annotation setStringValue(String value) { - return setLiteralValue("\"" + value + "\""); + return setLiteralValue(Strings.enquote(value)); } @Override public Annotation setStringValue(String name, String value) { - return setLiteralValue(name, "\"" + value + "\""); + return setLiteralValue(name, Strings.enquote(value)); } @Override @@ -373,4 +374,43 @@ } } + @Override + public int hashCode() + { + final int prime = 31; + int result = 1; + result = prime * result + ((annotation == null) ? 0 : annotation.hashCode()); + return result; + } + + @Override + public boolean equals(Object obj) + { + if (this == obj) + { + return true; + } + if (obj == null) + { + return false; + } + if (getClass() != obj.getClass()) + { + return false; + } + AnnotationImpl other = (AnnotationImpl) obj; + if (annotation == null) + { + if (other.annotation != null) + { + return false; + } + } + else if (!annotation.equals(other.annotation)) + { + return false; + } + return true; + } + } Modified: sandbox/encore/core/src/main/java/org/jboss/encore/grammar/java/impl/FieldImpl.java =================================================================== --- sandbox/encore/core/src/main/java/org/jboss/encore/grammar/java/impl/FieldImpl.java 2010-08-06 18:13:16 UTC (rev 13570) +++ sandbox/encore/core/src/main/java/org/jboss/encore/grammar/java/impl/FieldImpl.java 2010-08-06 18:43:46 UTC (rev 13571) @@ -26,12 +26,19 @@ import org.eclipse.jdt.core.dom.AST; import org.eclipse.jdt.core.dom.ASTNode; +import org.eclipse.jdt.core.dom.Expression; import org.eclipse.jdt.core.dom.FieldDeclaration; +import org.eclipse.jdt.core.dom.Modifier.ModifierKeyword; +import org.eclipse.jdt.core.dom.Name; +import org.eclipse.jdt.core.dom.SimpleType; +import org.eclipse.jdt.core.dom.VariableDeclarationFragment; import org.jboss.encore.grammar.java.Annotation; import org.jboss.encore.grammar.java.Field; import org.jboss.encore.grammar.java.JavaClass; import org.jboss.encore.grammar.java.JavaParser; import org.jboss.encore.grammar.java.ast.AnnotationAccessor; +import org.jboss.encore.grammar.java.ast.ModifierAccessor; +import org.jboss.encore.grammar.java.util.Strings; /** * @author <a href="mailto:lincolnbaxter@gmail.com">Lincoln Baxter, III</a> @@ -40,6 +47,7 @@ public class FieldImpl implements Field { private static AnnotationAccessor util = new AnnotationAccessor(); + private final ModifierAccessor ma = new ModifierAccessor(); private JavaClass parent; private AST ast; @@ -87,91 +95,272 @@ return field; } + /* + * Annotation Modifiers + */ @Override + public Annotation addAnnotation() + { + return util.addAnnotation(this, field); + } + + @Override + public Annotation addAnnotation(Class<?> clazz) + { + return util.addAnnotation(this, field, clazz); + } + + @Override + public Annotation addAnnotation(final String className) + { + return util.addAnnotation(this, field, className); + } + + @Override + public List<Annotation> getAnnotations() + { + return util.getAnnotations(this, field); + } + + @Override + public Field removeAnnotation(Annotation annotation) + { + return util.removeAnnotation(this, field, annotation); + } + + @Override + public String toString() + { + return field.toString(); + } + + /* + * Visibility Modifiers + */ + + @Override public boolean isPackagePrivate() { - return false; + return (!isPublic() && !isPrivate() && !isProtected()); } @Override public Field setPackagePrivate() { - return null; + ma.clearVisibility(field); + return this; } @Override public boolean isPublic() { - return false; + return ma.hasModifier(field, ModifierKeyword.PUBLIC_KEYWORD); } @Override public Field setPublic() { - return null; + ma.clearVisibility(field); + ma.addModifier(field, ModifierKeyword.PUBLIC_KEYWORD); + return this; } @Override public boolean isPrivate() { - return false; + return ma.hasModifier(field, ModifierKeyword.PRIVATE_KEYWORD); } @Override public Field setPrivate() { - return null; + ma.clearVisibility(field); + ma.addModifier(field, ModifierKeyword.PRIVATE_KEYWORD); + return this; } @Override public boolean isProtected() { - return false; + return ma.hasModifier(field, ModifierKeyword.PROTECTED_KEYWORD); } @Override public Field setProtected() { - return null; + ma.clearVisibility(field); + ma.addModifier(field, ModifierKeyword.PROTECTED_KEYWORD); + return this; } + @Override + public String getName() + { + String result = null; + for (Object f : field.fragments()) + { + if (f instanceof VariableDeclarationFragment) + { + VariableDeclarationFragment frag = (VariableDeclarationFragment) f; + result = frag.getName().getFullyQualifiedName(); + break; + } + } + return result; + } + + @Override + public Field setName(String name) + { + for (Object f : field.fragments()) + { + if (f instanceof VariableDeclarationFragment) + { + VariableDeclarationFragment frag = (VariableDeclarationFragment) f; + frag.setName(ast.newSimpleName(name)); + break; + } + } + return this; + } + + @Override + public String getType() + { + Object type = field.getStructuralProperty(FieldDeclaration.TYPE_PROPERTY); + return type.toString(); + } + + @Override + public Field setType(Class<?> clazz) + { + return setType(clazz.getSimpleName()); + } + + @Override + public Field setType(String type) + { + Name name = ast.newName(Strings.tokenizeClassName(type)); + SimpleType st = ast.newSimpleType(name); + field.setType(st); + return this; + } + /* - * Annotation Modifiers + * (non-Javadoc) + * + * @see org.jboss.encore.grammar.java.Field#getInitializer() */ @Override - public Annotation addAnnotation() + public String getLiteralInitializer() { - return util.addAnnotation(this, field); + String result = null; + for (Object f : field.fragments()) + { + if (f instanceof VariableDeclarationFragment) + { + VariableDeclarationFragment frag = (VariableDeclarationFragment) f; + result = frag.getInitializer().toString(); + break; + } + } + return result; } @Override - public Annotation addAnnotation(Class<?> clazz) + public String getStringInitializer() { - return util.addAnnotation(this, field, clazz); + String result = null; + for (Object f : field.fragments()) + { + if (f instanceof VariableDeclarationFragment) + { + VariableDeclarationFragment frag = (VariableDeclarationFragment) f; + result = Strings.unquote(frag.getInitializer().toString()); + break; + } + } + return result; } @Override - public Annotation addAnnotation(final String className) + public Field setLiteralInitializer(String value) { - return util.addAnnotation(this, field, className); + String stub = "public class Stub { private Field stub = " + value + " }"; + JavaClass temp = JavaParser.parse(stub); + FieldDeclaration internal = (FieldDeclaration) temp.getFields().get(0).getInternal(); + + for (Object f : internal.fragments()) + { + if (f instanceof VariableDeclarationFragment) + { + VariableDeclarationFragment tempFrag = (VariableDeclarationFragment) f; + VariableDeclarationFragment localFrag = getFragment(field); + localFrag.setInitializer((Expression) ASTNode.copySubtree(ast, tempFrag.getInitializer())); + break; + } + } + + return this; } @Override - public List<Annotation> getAnnotations() + public Field setStringInitializer(String value) { - return util.getAnnotations(this, field); + return setLiteralInitializer(Strings.enquote(value)); } + private VariableDeclarationFragment getFragment(FieldDeclaration field) + { + VariableDeclarationFragment result = null; + for (Object f : field.fragments()) + { + if (f instanceof VariableDeclarationFragment) + { + result = (VariableDeclarationFragment) f; + break; + } + } + return result; + } + @Override - public Field removeAnnotation(Annotation annotation) + public int hashCode() { - return util.removeAnnotation(this, field, annotation); + final int prime = 31; + int result = 1; + result = prime * result + ((field == null) ? 0 : field.hashCode()); + return result; } @Override - public String toString() + public boolean equals(Object obj) { - return field.toString(); + if (this == obj) + { + return true; + } + if (obj == null) + { + return false; + } + if (getClass() != obj.getClass()) + { + return false; + } + FieldImpl other = (FieldImpl) obj; + if (field == null) + { + if (other.field != null) + { + return false; + } + } + else if (!field.equals(other.field)) + { + return false; + } + return true; } } Modified: sandbox/encore/core/src/main/java/org/jboss/encore/grammar/java/impl/ImportImpl.java =================================================================== --- sandbox/encore/core/src/main/java/org/jboss/encore/grammar/java/impl/ImportImpl.java 2010-08-06 18:13:16 UTC (rev 13570) +++ sandbox/encore/core/src/main/java/org/jboss/encore/grammar/java/impl/ImportImpl.java 2010-08-06 18:43:46 UTC (rev 13571) @@ -26,6 +26,7 @@ import org.eclipse.jdt.core.dom.ImportDeclaration; import org.jboss.encore.grammar.java.Import; import org.jboss.encore.grammar.java.JavaClass; +import org.jboss.encore.grammar.java.util.Strings; /** * @author <a href="mailto:lincolnbaxter@gmail.com">Lincoln Baxter, III</a> @@ -67,7 +68,7 @@ @Override public Import setName(final String name) { - imprt.setName(ast.newName(tokenizeClassName(name))); + imprt.setName(ast.newName(Strings.tokenizeClassName(name))); return this; } @@ -96,9 +97,42 @@ return imprt; } - private String[] tokenizeClassName(final String className) + @Override + public int hashCode() { - String[] result = className.split("\\."); + final int prime = 31; + int result = 1; + result = prime * result + ((imprt == null) ? 0 : imprt.hashCode()); return result; } + + @Override + public boolean equals(Object obj) + { + if (this == obj) + { + return true; + } + if (obj == null) + { + return false; + } + if (getClass() != obj.getClass()) + { + return false; + } + ImportImpl other = (ImportImpl) obj; + if (imprt == null) + { + if (other.imprt != null) + { + return false; + } + } + else if (!imprt.equals(other.imprt)) + { + return false; + } + return true; + } } Modified: sandbox/encore/core/src/main/java/org/jboss/encore/grammar/java/impl/JavaClassImpl.java =================================================================== --- sandbox/encore/core/src/main/java/org/jboss/encore/grammar/java/impl/JavaClassImpl.java 2010-08-06 18:13:16 UTC (rev 13570) +++ sandbox/encore/core/src/main/java/org/jboss/encore/grammar/java/impl/JavaClassImpl.java 2010-08-06 18:43:46 UTC (rev 13571) @@ -23,6 +23,7 @@ import java.io.InputStream; import java.util.ArrayList; +import java.util.Collections; import java.util.List; import org.eclipse.jdt.core.dom.AST; @@ -221,7 +222,7 @@ results.add(new ImportImpl(this, i)); } - return results; + return Collections.unmodifiableList(results); } /* @@ -256,7 +257,7 @@ result.add(new FieldImpl(this, field)); } - return result; + return Collections.unmodifiableList(result); } @Override @@ -297,7 +298,7 @@ { result.add(new MethodImpl(this, methodDeclaration)); } - return result; + return Collections.unmodifiableList(result); } @Override @@ -508,7 +509,7 @@ } @Override - public boolean equals(final Object obj) + public boolean equals(Object obj) { if (this == obj) { Modified: sandbox/encore/core/src/main/java/org/jboss/encore/grammar/java/impl/MethodImpl.java =================================================================== --- sandbox/encore/core/src/main/java/org/jboss/encore/grammar/java/impl/MethodImpl.java 2010-08-06 18:13:16 UTC (rev 13570) +++ sandbox/encore/core/src/main/java/org/jboss/encore/grammar/java/impl/MethodImpl.java 2010-08-06 18:43:46 UTC (rev 13571) @@ -44,11 +44,11 @@ public class MethodImpl implements Method { private static AnnotationAccessor util = new AnnotationAccessor(); + private final ModifierAccessor ma = new ModifierAccessor(); private JavaClass parent = null; private AST ast = null; private CompilationUnit cu = null; - private final ModifierAccessor ma = new ModifierAccessor(); private final MethodDeclaration method; private void init(final JavaClass parent) @@ -168,6 +168,47 @@ } @Override + public String getReturnType() + { + String result = null; + if (!isConstructor() && (method.getReturnType2() != null)) + { + result = method.getReturnType2().toString(); + } + return result; + } + + @Override + public Method setReturnType(final Class<?> type) + { + return setReturnType(type.getSimpleName()); + } + + @Override + public Method setReturnType(final String type) + { + method.setReturnType2(ast.newSimpleType(ast.newSimpleName(type))); + return this; + } + + @Override + public boolean isReturnTypeVoid() + { + return getReturnType() == null; + } + + @Override + public Method setReturnTypeVoid() + { + method.setReturnType2(null); + return this; + } + + /* + * Abstract Modifiers + */ + + @Override public boolean isAbstract() { return ma.hasModifier(method, ModifierKeyword.ABSTRACT_KEYWORD); @@ -211,6 +252,10 @@ return this; } + /* + * Visibility Modifiers + */ + @Override public boolean isPackagePrivate() { @@ -266,44 +311,11 @@ return this; } - @Override - public String getReturnType() - { - String result = null; - if (!isConstructor() && (method.getReturnType2() != null)) - { - result = method.getReturnType2().toString(); - } - return result; - } + /* + * Interfaces + */ @Override - public Method setReturnType(final Class<?> type) - { - return setReturnType(type.getSimpleName()); - } - - @Override - public Method setReturnType(final String type) - { - method.setReturnType2(ast.newSimpleType(ast.newSimpleName(type))); - return this; - } - - @Override - public boolean isReturnTypeVoid() - { - return getReturnType() == null; - } - - @Override - public Method setReturnTypeVoid() - { - method.setReturnType2(null); - return this; - } - - @Override public String toString() { return method.toString(); @@ -327,12 +339,11 @@ final int prime = 31; int result = 1; result = prime * result + ((method == null) ? 0 : method.hashCode()); - result = prime * result + ((parent == null) ? 0 : parent.hashCode()); return result; } @Override - public boolean equals(final Object obj) + public boolean equals(Object obj) { if (this == obj) { @@ -358,17 +369,6 @@ { return false; } - if (parent == null) - { - if (other.parent != null) - { - return false; - } - } - else if (!parent.equals(other.parent)) - { - return false; - } return true; } } Modified: sandbox/encore/core/src/main/java/org/jboss/encore/grammar/java/impl/ValuePairImpl.java =================================================================== --- sandbox/encore/core/src/main/java/org/jboss/encore/grammar/java/impl/ValuePairImpl.java 2010-08-06 18:13:16 UTC (rev 13570) +++ sandbox/encore/core/src/main/java/org/jboss/encore/grammar/java/impl/ValuePairImpl.java 2010-08-06 18:43:46 UTC (rev 13571) @@ -60,4 +60,55 @@ return Strings.unquote(getLiteralValue()); } + @Override + public int hashCode() + { + final int prime = 31; + int result = 1; + result = prime * result + ((name == null) ? 0 : name.hashCode()); + result = prime * result + ((value == null) ? 0 : value.hashCode()); + return result; + } + + @Override + public boolean equals(Object obj) + { + if (this == obj) + { + return true; + } + if (obj == null) + { + return false; + } + if (getClass() != obj.getClass()) + { + return false; + } + ValuePairImpl other = (ValuePairImpl) obj; + if (name == null) + { + if (other.name != null) + { + return false; + } + } + else if (!name.equals(other.name)) + { + return false; + } + if (value == null) + { + if (other.value != null) + { + return false; + } + } + else if (!value.equals(other.value)) + { + return false; + } + return true; + } + } Modified: sandbox/encore/core/src/main/java/org/jboss/encore/grammar/java/util/Strings.java =================================================================== --- sandbox/encore/core/src/main/java/org/jboss/encore/grammar/java/util/Strings.java 2010-08-06 18:13:16 UTC (rev 13570) +++ sandbox/encore/core/src/main/java/org/jboss/encore/grammar/java/util/Strings.java 2010-08-06 18:43:46 UTC (rev 13571) @@ -39,4 +39,24 @@ } return result; } + + public static String enquote(String value) + { + String result = null; + if (value != null) + { + result = "\"" + value + "\""; + } + return result; + } + + public static String[] tokenizeClassName(final String className) + { + String[] result = null; + if (className != null) + { + result = className.split("\\."); + } + return result; + } } Copied: sandbox/encore/core/src/test/java/org/jboss/encore/test/grammar/java (from rev 13560, sandbox/encore/core/src/test/java/org/jboss/encore/grammar/java) Deleted: sandbox/encore/core/src/test/java/org/jboss/encore/test/grammar/java/AnnotationTest.java =================================================================== --- sandbox/encore/core/src/test/java/org/jboss/encore/grammar/java/AnnotationTest.java 2010-08-05 12:31:27 UTC (rev 13560) +++ sandbox/encore/core/src/test/java/org/jboss/encore/test/grammar/java/AnnotationTest.java 2010-08-06 18:43:46 UTC (rev 13571) @@ -1,216 +0,0 @@ -/* - * JBoss, Home of Professional Open Source - * Copyright 2010, Red Hat, Inc., and individual contributors - * by the @authors tag. See the copyright.txt in the distribution for a - * full listing of individual contributors. - * - * This is free software; you can redistribute it and/or modify it - * under the terms of the GNU Lesser General Public License as - * published by the Free Software Foundation; either version 2.1 of - * the License, or (at your option) any later version. - * - * This software is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this software; if not, write to the Free - * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA - * 02110-1301 USA, or see the FSF site: http://www.fsf.org. - */ -package org.jboss.encore.grammar.java; - -import static org.junit.Assert.assertEquals; -import static org.junit.Assert.assertFalse; -import static org.junit.Assert.assertTrue; - -import java.util.List; - -import org.junit.Before; -import org.junit.Test; - -/** - * @author <a href="mailto:lincolnbaxter@gmail.com">Lincoln Baxter, III</a> - */ -public abstract class AnnotationTest -{ - private AnnotationTarget<?> target; - - public void setTarget(AnnotationTarget<?> target) - { - this.target = target; - } - - @Before - public void reset() - { - resetTests(); - } - - public abstract void resetTests(); - - @Test - public void testParseAnnotation() throws Exception - { - List<Annotation> annotations = target.getAnnotations(); - assertEquals(3, annotations.size()); - assertEquals("deprecation", annotations.get(1).getStringValue()); - assertEquals("deprecation", annotations.get(1).getStringValue("value")); - assertEquals("value", annotations.get(1).getValues().get(0).getName()); - assertEquals("deprecation", annotations.get(1).getValues().get(0).getStringValue()); - - assertEquals("unchecked", annotations.get(2).getStringValue("value")); - assertEquals("unchecked", annotations.get(2).getStringValue()); - assertEquals("value", annotations.get(2).getValues().get(0).getName()); - assertEquals("unchecked", annotations.get(2).getValues().get(0).getStringValue()); - } - - @Test - public void testAddAnnotation() throws Exception - { - int size = target.getAnnotations().size(); - target.addAnnotation().setName("RequestScoped"); - List<Annotation> annotations = target.getAnnotations(); - assertEquals(size + 1, annotations.size()); - assertEquals("RequestScoped", annotations.get(annotations.size() - 1).getName()); - } - - @Test - public void testAddAnnotationByClass() throws Exception - { - int size = target.getAnnotations().size(); - target.addAnnotation(Test.class); - List<Annotation> annotations = target.getAnnotations(); - assertEquals(size + 1, annotations.size()); - assertEquals(Test.class.getName(), annotations.get(annotations.size() - 1).getName()); - target.applyChanges(); - assertTrue(target.toString().contains("@" + Test.class.getName())); - } - - @Test - public void testAddAnnotationByName() throws Exception - { - int size = target.getAnnotations().size(); - target.addAnnotation("RequestScoped"); - List<Annotation> annotations = target.getAnnotations(); - assertEquals(size + 1, annotations.size()); - assertEquals("RequestScoped", annotations.get(annotations.size() - 1).getName()); - target.applyChanges(); - assertTrue(target.toString().contains("@RequestScoped")); - } - - @Test - public void testCanAddAnnotationDuplicate() throws Exception - { - int size = target.getAnnotations().size(); - target.addAnnotation(Test.class); - target.addAnnotation(Test.class); - List<Annotation> annotations = target.getAnnotations(); - assertEquals(size + 2, annotations.size()); - assertEquals(Test.class.getName(), annotations.get(annotations.size() - 1).getName()); - assertEquals(Test.class.getName(), annotations.get(annotations.size() - 2).getName()); - target.applyChanges(); - String pattern = "@" + Test.class.getName() + " " + "@" + Test.class.getName(); - assertTrue(target.toString().contains(pattern)); - } - - @Test(expected = IllegalArgumentException.class) - public void testCannotAddAnnotationWithIllegalName() throws Exception - { - target.addAnnotation("sdf*(&#$%"); - } - - @Test - public void testAddLiteralValue() throws Exception - { - int size = target.getAnnotations().size(); - - target.addAnnotation(Test.class).setLiteralValue("435"); - target.applyChanges(); - - List<Annotation> annotations = target.getAnnotations(); - assertEquals(size + 1, annotations.size()); - - Annotation annotation = annotations.get(annotations.size() - 1); - assertEquals(Test.class.getName(), annotation.getName()); - assertEquals("435", annotation.getLiteralValue()); - } - - @Test - public void testAddObjectValue() throws Exception - { - int size = target.getAnnotations().size(); - - target.addAnnotation(Test.class).setLiteralValue("expected", "RuntimeException.class").setLiteralValue("foo", "bar"); - target.applyChanges(); - - List<Annotation> annotations = target.getAnnotations(); - assertEquals(size + 1, annotations.size()); - - Annotation annotation = annotations.get(annotations.size() - 1); - assertEquals(Test.class.getName(), annotation.getName()); - assertEquals(null, annotation.getLiteralValue()); - assertEquals("RuntimeException.class", annotation.getLiteralValue("expected")); - assertEquals("bar", annotation.getLiteralValue("foo")); - } - - @Test - public void testAddValueConvertsToNormalAnnotation() throws Exception - { - target.addAnnotation(Test.class).setLiteralValue("RuntimeException.class"); - target.applyChanges(); - Annotation annotation = target.getAnnotations().get(target.getAnnotations().size() - 1); - - assertEquals("RuntimeException.class", annotation.getLiteralValue()); - assertTrue(annotation.isSingleValue()); - - annotation.setLiteralValue("foo", "bar"); - assertFalse(annotation.isSingleValue()); - assertTrue(annotation.isNormal()); - - assertEquals("RuntimeException.class", annotation.getLiteralValue()); - assertEquals("RuntimeException.class", annotation.getLiteralValue("value")); - assertEquals("bar", annotation.getLiteralValue("foo")); - } - - @Test - public void testAnnotationBeginsAsMarker() throws Exception - { - Annotation anno = target.addAnnotation(Test.class); - assertTrue(anno.isMarker()); - assertFalse(anno.isSingleValue()); - assertFalse(anno.isNormal()); - - anno.setLiteralValue("\"Foo!\""); - assertFalse(anno.isMarker()); - assertTrue(anno.isSingleValue()); - assertFalse(anno.isNormal()); - - anno.setStringValue("bar", "Foo!"); - assertFalse(anno.isMarker()); - assertFalse(anno.isSingleValue()); - assertTrue(anno.isNormal()); - - assertEquals("\"Foo!\"", anno.getLiteralValue("bar")); - assertEquals("Foo!", anno.getStringValue("bar")); - - anno.removeAllValues(); - assertTrue(anno.isMarker()); - assertFalse(anno.isSingleValue()); - assertFalse(anno.isNormal()); - } - - @Test - public void testRemoveAllValues() throws Exception - { - target.addAnnotation(Test.class).setLiteralValue("expected", "RuntimeException.class"); - target.applyChanges(); - - List<Annotation> annotations = target.getAnnotations(); - Annotation annotation = annotations.get(annotations.size() - 1); - annotation.removeAllValues(); - - assertEquals(0, annotation.getValues().size()); - } -} Deleted: sandbox/encore/core/src/test/java/org/jboss/encore/test/grammar/java/ClassAnnotationTest.java =================================================================== --- sandbox/encore/core/src/test/java/org/jboss/encore/grammar/java/ClassAnnotationTest.java 2010-08-05 12:31:27 UTC (rev 13560) +++ sandbox/encore/core/src/test/java/org/jboss/encore/test/grammar/java/ClassAnnotationTest.java 2010-08-06 18:43:46 UTC (rev 13571) @@ -1,38 +0,0 @@ -/* - * JBoss, Home of Professional Open Source - * Copyright 2010, Red Hat, Inc., and individual contributors - * by the @authors tag. See the copyright.txt in the distribution for a - * full listing of individual contributors. - * - * This is free software; you can redistribute it and/or modify it - * under the terms of the GNU Lesser General Public License as - * published by the Free Software Foundation; either version 2.1 of - * the License, or (at your option) any later version. - * - * This software is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this software; if not, write to the Free - * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA - * 02110-1301 USA, or see the FSF site: http://www.fsf.org. - */ -package org.jboss.encore.grammar.java; - -import java.io.InputStream; - -/** - * @author <a href="mailto:lincolnbaxter@gmail.com">Lincoln Baxter, III</a> - */ -public class ClassAnnotationTest extends AnnotationTest -{ - @Override - public void resetTests() - { - InputStream stream = ClassAnnotationTest.class.getResourceAsStream("/org/jboss/encore/grammar/java/MockAnnotatedClassFile.java"); - JavaClass javaClass = JavaParser.parse(stream); - setTarget(javaClass); - } -} Copied: sandbox/encore/core/src/test/java/org/jboss/encore/test/grammar/java/FieldAnnotationTest.java (from rev 13561, sandbox/encore/core/src/test/java/org/jboss/encore/grammar/java/FieldAnnotationTest.java) =================================================================== --- sandbox/encore/core/src/test/java/org/jboss/encore/test/grammar/java/FieldAnnotationTest.java (rev 0) +++ sandbox/encore/core/src/test/java/org/jboss/encore/test/grammar/java/FieldAnnotationTest.java 2010-08-06 18:43:46 UTC (rev 13571) @@ -0,0 +1,42 @@ +/* + * JBoss, Home of Professional Open Source + * Copyright 2010, Red Hat, Inc., and individual contributors + * by the @authors tag. See the copyright.txt in the distribution for a + * full listing of individual contributors. + * + * This is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * This software is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this software; if not, write to the Free + * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA + * 02110-1301 USA, or see the FSF site: http://www.fsf.org. + */ +package org.jboss.encore.test.grammar.java; + +import java.io.InputStream; + +import org.jboss.encore.grammar.java.Field; +import org.jboss.encore.grammar.java.JavaParser; +import org.jboss.encore.test.grammar.java.common.AnnotationTest; + +/** + * @author <a href="mailto:lincolnbaxter@gmail.com">Lincoln Baxter, III</a> + */ +public class FieldAnnotationTest extends AnnotationTest +{ + @Override + public void resetTests() + { + InputStream stream = FieldAnnotationTest.class.getResourceAsStream("/org/jboss/encore/grammar/java/MockAnnotatedField.java"); + Field field = JavaParser.parse(stream).getFields().get(0); + setTarget(field); + } +} Copied: sandbox/encore/core/src/test/java/org/jboss/encore/test/grammar/java/FieldTest.java (from rev 13561, sandbox/encore/core/src/test/java/org/jboss/encore/grammar/java/FieldTest.java) =================================================================== --- sandbox/encore/core/src/test/java/org/jboss/encore/test/grammar/java/FieldTest.java (rev 0) +++ sandbox/encore/core/src/test/java/org/jboss/encore/test/grammar/java/FieldTest.java 2010-08-06 18:43:46 UTC (rev 13571) @@ -0,0 +1,144 @@ +/* + * JBoss, Home of Professional Open Source + * Copyright 2010, Red Hat, Inc., and individual contributors + * by the @authors tag. See the copyright.txt in the distribution for a + * full listing of individual contributors. + * + * This is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * This software is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this software; if not, write to the Free + * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA + * 02110-1301 USA, or see the FSF site: http://www.fsf.org. + */ +package org.jboss.encore.test.grammar.java; + +import static org.junit.Assert.assertEquals; +import static org.junit.Assert.assertTrue; + +import java.io.InputStream; + +import org.jboss.encore.grammar.java.Field; +import org.jboss.encore.grammar.java.JavaClass; +import org.jboss.encore.grammar.java.JavaParser; +import org.junit.Before; +import org.junit.Test; + +/** + * @author <a href="mailto:lincolnbaxter@gmail.com">Lincoln Baxter, III</a> + */ +public class FieldTest +{ + private InputStream stream; + private JavaClass javaClass; + private Field field; + + @Before + public void reset() + { + stream = FieldTest.class.getResourceAsStream("/org/jboss/encore/grammar/java/MockAnnotatedField.java"); + javaClass = JavaParser.parse(stream); + field = javaClass.getFields().get(javaClass.getFields().size() - 1); + } + + @Test + public void testParse() throws Exception + { + assertTrue(field instanceof Field); + assertEquals("field", field.getName()); + assertEquals("String", field.getType()); + } + + @Test + public void testSetName() throws Exception + { + assertEquals("field", field.getName()); + field.setName("newName"); + field.applyChanges(); + assertTrue(field.toString().contains("newName;")); + assertEquals("newName", field.getName()); + } + + @Test + public void testSetType() throws Exception + { + assertEquals("field", field.getName()); + field.setType(FieldTest.class); + field.applyChanges(); + assertTrue(field.toString().contains("FieldTest")); + assertEquals(FieldTest.class.getSimpleName(), field.getType()); + } + + @Test + public void testSetTypeString() throws Exception + { + assertEquals("field", field.getName()); + field.setType("FooBarType"); + field.applyChanges(); + assertTrue(field.toString().contains("FooBarType")); + assertEquals("FooBarType", field.getType()); + } + + @Test + public void testAddField() throws Exception + { + javaClass.addField("public Boolean flag = false;"); + Field fld = javaClass.getFields().get(javaClass.getFields().size() - 1); + fld.applyChanges(); + + assertTrue(fld.toString().contains("Boolean")); + assertEquals("Boolean", fld.getType()); + assertEquals("flag", fld.getName()); + assertEquals("false", fld.getLiteralInitializer()); + } + + @Test + public void testAddFieldInitializerLiteral() throws Exception + { + javaClass.addField("public int flag;").setLiteralInitializer("1234").setPrivate(); + Field fld = javaClass.getFields().get(javaClass.getFields().size() - 1); + fld.applyChanges(); + + assertEquals("int", fld.getType()); + assertEquals("flag", fld.getName()); + assertEquals("1234", fld.getLiteralInitializer()); + assertEquals("1234", fld.getStringInitializer()); + assertEquals("private int flag=1234;", fld.toString().trim()); + } + + @Test + public void testAddFieldInitializerString() throws Exception + { + javaClass.addField("public String flag;").setStringInitializer("american"); + Field fld = javaClass.getFields().get(javaClass.getFields().size() - 1); + fld.applyChanges(); + + assertEquals("String", fld.getType()); + assertEquals("flag", fld.getName()); + assertEquals("\"american\"", fld.getLiteralInitializer()); + assertEquals("american", fld.getStringInitializer()); + assertEquals("public String flag=\"american\";", fld.toString().trim()); + } + + @Test + public void testAddQualifiedFieldType() throws Exception + { + javaClass.addField().setName("flag").setType(String.class.getName()).setStringInitializer("american").setPrivate(); + Field fld = javaClass.getFields().get(javaClass.getFields().size() - 1); + fld.applyChanges(); + + assertEquals(String.class.getName(), fld.getType()); + assertEquals("flag", fld.getName()); + assertEquals("\"american\"", fld.getLiteralInitializer()); + assertEquals("american", fld.getStringInitializer()); + assertEquals("private java.lang.String flag=\"american\";", fld.toString().trim()); + } +} Added: sandbox/encore/core/src/test/java/org/jboss/encore/test/grammar/java/FieldVisibilityTest.java =================================================================== --- sandbox/encore/core/src/test/java/org/jboss/encore/test/grammar/java/FieldVisibilityTest.java (rev 0) +++ sandbox/encore/core/src/test/java/org/jboss/encore/test/grammar/java/FieldVisibilityTest.java 2010-08-06 18:43:46 UTC (rev 13571) @@ -0,0 +1,42 @@ +/* + * JBoss, Home of Professional Open Source + * Copyright 2010, Red Hat, Inc., and individual contributors + * by the @authors tag. See the copyright.txt in the distribution for a + * full listing of individual contributors. + * + * This is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * This software is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this software; if not, write to the Free + * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA + * 02110-1301 USA, or see the FSF site: http://www.fsf.org. + */ +package org.jboss.encore.test.grammar.java; + +import java.io.InputStream; + +import org.jboss.encore.grammar.java.Field; +import org.jboss.encore.grammar.java.JavaParser; +import org.jboss.encore.test.grammar.java.common.VisibilityTest; + +/** + * @author <a href="mailto:lincolnbaxter@gmail.com">Lincoln Baxter, III</a> + */ +public class FieldVisibilityTest extends VisibilityTest +{ + @Override + public void resetTests() + { + InputStream stream = FieldVisibilityTest.class.getResourceAsStream("/org/jboss/encore/grammar/java/MockAnnotatedField.java"); + Field field = JavaParser.parse(stream).getFields().get(0); + setTarget(field); + } +} Copied: sandbox/encore/core/src/test/java/org/jboss/encore/test/grammar/java/JavaClassAnnotationTest.java (from rev 13561, sandbox/encore/core/src/test/java/org/jboss/encore/grammar/java/JavaClassAnnotationTest.java) =================================================================== --- sandbox/encore/core/src/test/java/org/jboss/encore/test/grammar/java/JavaClassAnnotationTest.java (rev 0) +++ sandbox/encore/core/src/test/java/org/jboss/encore/test/grammar/java/JavaClassAnnotationTest.java 2010-08-06 18:43:46 UTC (rev 13571) @@ -0,0 +1,42 @@ +/* + * JBoss, Home of Professional Open Source + * Copyright 2010, Red Hat, Inc., and individual contributors + * by the @authors tag. See the copyright.txt in the distribution for a + * full listing of individual contributors. + * + * This is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * This software is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this software; if not, write to the Free + * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA + * 02110-1301 USA, or see the FSF site: http://www.fsf.org. + */ +package org.jboss.encore.test.grammar.java; + +import java.io.InputStream; + +import org.jboss.encore.grammar.java.JavaClass; +import org.jboss.encore.grammar.java.JavaParser; +import org.jboss.encore.test.grammar.java.common.AnnotationTest; + +/** + * @author <a href="mailto:lincolnbaxter@gmail.com">Lincoln Baxter, III</a> + */ +public class JavaClassAnnotationTest extends AnnotationTest +{ + @Override + public void resetTests() + { + InputStream stream = JavaClassAnnotationTest.class.getResourceAsStream("/org/jboss/encore/grammar/java/MockAnnotatedClass.java"); + JavaClass javaClass = JavaParser.parse(stream); + setTarget(javaClass); + } +} Deleted: sandbox/encore/core/src/test/java/org/jboss/encore/test/grammar/java/JavaClassTest.java =================================================================== --- sandbox/encore/core/src/test/java/org/jboss/encore/grammar/java/JavaClassTest.java 2010-08-05 12:31:27 UTC (rev 13560) +++ sandbox/encore/core/src/test/java/org/jboss/encore/test/grammar/java/JavaClassTest.java 2010-08-06 18:43:46 UTC (rev 13571) @@ -1,277 +0,0 @@ -/* - * JBoss, Home of Professional Open Source - * Copyright 2010, Red Hat, Inc., and individual contributors - * by the @authors tag. See the copyright.txt in the distribution for a - * full listing of individual contributors. - * - * This is free software; you can redistribute it and/or modify it - * under the terms of the GNU Lesser General Public License as - * published by the Free Software Foundation; either version 2.1 of - * the License, or (at your option) any later version. - * - * This software is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this software; if not, write to the Free - * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA - * 02110-1301 USA, or see the FSF site: http://www.fsf.org. - */ -package org.jboss.encore.grammar.java; - -import static org.junit.Assert.assertEquals; -import static org.junit.Assert.assertFalse; -import static org.junit.Assert.assertNull; -import static org.junit.Assert.assertTrue; - -import java.io.InputStream; -import java.net.URL; -import java.util.List; -import java.util.Map; - -import org.junit.Before; -import org.junit.Test; - -/** - * @author <a href="mailto:lincolnbaxter@gmail.com">Lincoln Baxter, III</a> - */ -public class JavaClassTest -{ - private InputStream stream; - private JavaClass javaClass; - - @Before - public void reset() - { - stream = JavaClassTest.class.getResourceAsStream("/org/jboss/encore/grammar/java/MockClassFile.java"); - javaClass = JavaParser.parse(stream); - } - - @Test - public void testApplyChangesRequiredForModification() throws Exception - { - assertEquals("MockClassFile", javaClass.getName()); - javaClass.setName("Telephone"); - assertEquals("Telephone", javaClass.getName()); - assertFalse(javaClass.toString().contains("Telephone")); - assertTrue(javaClass.toString().contains("MockClassFile")); - - javaClass.applyChanges(); - assertTrue(javaClass.toString().contains("Telephone")); - assertFalse(javaClass.toString().contains("MockClassFile")); - } - - @Test - public void testParse() throws Exception - { - assertEquals(URL.class.getName(), javaClass.getImports().get(0).getName()); - assertEquals(2, javaClass.getMethods().size()); - assertEquals("MockClassFile", javaClass.getName()); - assertTrue(javaClass.isPublic()); - assertFalse(javaClass.isAbstract()); - } - - @Test - public void testSetName() throws Exception - { - assertEquals("MockClassFile", javaClass.getName()); - javaClass.setName("Telephone"); - assertEquals("Telephone", javaClass.getName()); - } - - @Test - public void testSetNameUpdatesConstructorNames() throws Exception - { - assertEquals("MockClassFile", javaClass.getName()); - assertEquals("MockClassFile", javaClass.getMethods().get(0).getName()); - javaClass.setName("Telephone"); - assertEquals("Telephone", javaClass.getName()); - assertEquals("Telephone", javaClass.getMethods().get(0).getName()); - } - - @Test - public void testSetPackage() throws Exception - { - javaClass.setPackage("org.lincoln"); - assertEquals("org.lincoln", javaClass.getPackage()); - assertFalse(javaClass.isDefaultPackage()); - } - - @Test - public void testSetAbstract() throws Exception - { - javaClass.setAbstract(true); - assertTrue(javaClass.isAbstract()); - } - - @Test - public void testSetVisibilityPublic() throws Exception - { - javaClass.setPublic(); - assertFalse(javaClass.isPrivate()); - assertFalse(javaClass.isPackagePrivate()); - assertTrue(javaClass.isPublic()); - assertFalse(javaClass.isProtected()); - } - - @Test - public void testSetVisibilityPackagePrivate() throws Exception - { - javaClass.setPackagePrivate(); - assertTrue(javaClass.isPackagePrivate()); - assertFalse(javaClass.isPublic()); - assertFalse(javaClass.isPrivate()); - assertFalse(javaClass.isProtected()); - } - - @Test - public void testSetVisibilityPrivate() throws Exception - { - javaClass.setPrivate(); - assertTrue(javaClass.isPrivate()); - assertFalse(javaClass.isPackagePrivate()); - assertFalse(javaClass.isPublic()); - assertFalse(javaClass.isProtected()); - } - - @Test - public void testSetVisibilityProtected() throws Exception - { - javaClass.setProtected(); - assertFalse(javaClass.isPrivate()); - assertFalse(javaClass.isPackagePrivate()); - assertFalse(javaClass.isPublic()); - assertTrue(javaClass.isProtected()); - } - - @Test - public void testSetPackageDefault() throws Exception - { - javaClass.setDefaultPackage(); - assertNull(javaClass.getPackage()); - assertTrue(javaClass.isDefaultPackage()); - } - - @Test - public void testAddImport() throws Exception - { - javaClass.addImport(List.class.getName()); - assertEquals(2, javaClass.getImports().size()); - assertEquals(URL.class.getName(), javaClass.getImports().get(0).getName()); - assertEquals(List.class.getName(), javaClass.getImports().get(1).getName()); - } - - @Test - public void testAddImportsClasses() throws Exception - { - assertEquals(1, javaClass.getImports().size()); - - javaClass.addImports(List.class, Map.class); - - assertEquals(3, javaClass.getImports().size()); - assertEquals(Map.class.getName(), javaClass.getImports().get(2).getName()); - } - - @Test - public void testAddImportStatic() throws Exception - { - assertEquals(1, javaClass.getImports().size()); - javaClass.addImport(List.class).setStatic(true).applyChanges(); - assertEquals(2, javaClass.getImports().size()); - assertTrue(javaClass.getImports().get(1).isStatic()); - } - - @Test - public void testRemoveImportByClass() throws Exception - { - List<Import> imports = javaClass.getImports(); - assertEquals(1, imports.size()); - assertEquals(URL.class.getName(), imports.get(0).getName()); - - javaClass.removeImport(URL.class); - imports = javaClass.getImports(); - assertEquals(0, imports.size()); - } - - @Test - public void testRemoveImportByName() throws Exception - { - assertEquals(1, javaClass.getImports().size()); - assertEquals(URL.class.getName(), javaClass.getImports().get(0).getName()); - - javaClass.removeImport(URL.class.getName()); - assertEquals(0, javaClass.getImports().size()); - } - - @Test - public void testRemoveImportByReference() throws Exception - { - assertEquals(1, javaClass.getImports().size()); - assertEquals(URL.class.getName(), javaClass.getImports().get(0).getName()); - - javaClass.removeImport(javaClass.getImports().get(0)); - assertEquals(0, javaClass.getImports().size()); - } - - @Test - public void testAddMethod() throws Exception - { - javaClass.addMethod().setName("testMethod").setReturnTypeVoid().setBody("").applyChanges(); - List<Method> methods = javaClass.getMethods(); - assertEquals(3, methods.size()); - assertNull(methods.get(2).getReturnType()); - } - - @Test - public void testAddMethodFromString() throws Exception - { - javaClass.addMethod("public URL rewriteURL(String pattern, String replacement) { return null; }").setPackagePrivate().applyChanges(); - List<Method> methods = javaClass.getMethods(); - assertEquals(3, methods.size()); - assertEquals("URL", methods.get(2).getReturnType()); - assertEquals("rewriteURL", methods.get(2).getName()); - - String body = methods.get(2).getBody(); - assertEquals("return null;".replaceAll("\\s+", ""), body.replaceAll("\\s+", "")); - } - - @Test - public void testRemoveMethod() throws Exception - { - List<Method> methods = javaClass.getMethods(); - javaClass.removeMethod(methods.get(0)).applyChanges(); - methods = javaClass.getMethods(); - assertEquals(1, methods.size()); - } - - @Test - public void testAddConstructor() throws Exception - { - javaClass.addMethod().setName("testMethod").setConstructor(true).setProtected().setReturnType(String.class).setBody("System.out.println(\"I am a constructor!\");").applyChanges(); - Method method = javaClass.getMethods().get(javaClass.getMethods().size() - 1); - assertEquals(3, javaClass.getMethods().size()); - assertEquals(javaClass.getName(), method.getName()); - assertTrue(method.isProtected()); - assertTrue(method.isConstructor()); - assertNull(method.getReturnType()); - String body = method.getBody(); - assertEquals("System.out.println(\"I am a constructor!\");".replaceAll("\\s+", ""), body.replaceAll("\\s+", "")); - } - - @Test - public void testAddConstructorIngoresReturnTypeAndName() throws Exception - { - javaClass.addMethod().setName("testMethod").setConstructor(true).setPrivate().setReturnType(String.class).setBody("System.out.println(\"I am a constructor!\");").applyChanges(); - Method method = javaClass.getMethods().get(javaClass.getMethods().size() - 1); - assertEquals(3, javaClass.getMethods().size()); - assertTrue(method.isPrivate()); - assertTrue(method.isConstructor()); - assertNull(method.getReturnType()); - assertEquals(javaClass.getName(), method.getName()); - String body = method.getBody(); - assertEquals("System.out.println(\"I am a constructor!\");".replaceAll("\\s+", ""), body.replaceAll("\\s+", "")); - } - -} Copied: sandbox/encore/core/src/test/java/org/jboss/encore/test/grammar/java/JavaClassTest.java (from rev 13561, sandbox/encore/core/src/test/java/org/jboss/encore/grammar/java/JavaClassTest.java) =================================================================== --- sandbox/encore/core/src/test/java/org/jboss/encore/test/grammar/java/JavaClassTest.java (rev 0) +++ sandbox/encore/core/src/test/java/org/jboss/encore/test/grammar/java/JavaClassTest.java 2010-08-06 18:43:46 UTC (rev 13571) @@ -0,0 +1,241 @@ +/* + * JBoss, Home of Professional Open Source + * Copyright 2010, Red Hat, Inc., and individual contributors + * by the @authors tag. See the copyright.txt in the distribution for a + * full listing of individual contributors. + * + * This is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * This software is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this software; if not, write to the Free + * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA + * 02110-1301 USA, or see the FSF site: http://www.fsf.org. + */ +package org.jboss.encore.test.grammar.java; + +import static org.junit.Assert.assertEquals; +import static org.junit.Assert.assertFalse; +import static org.junit.Assert.assertNull; +import static org.junit.Assert.assertTrue; + +import java.io.InputStream; +import java.net.URL; +import java.util.List; +import java.util.Map; + +import org.jboss.encore.grammar.java.Import; +import org.jboss.encore.grammar.java.JavaClass; +import org.jboss.encore.grammar.java.JavaParser; +import org.jboss.encore.grammar.java.Method; +import org.junit.Before; +import org.junit.Test; + +/** + * @author <a href="mailto:lincolnbaxter@gmail.com">Lincoln Baxter, III</a> + */ +public class JavaClassTest +{ + private InputStream stream; + private JavaClass javaClass; + + @Before + public void reset() + { + stream = JavaClassTest.class.getResourceAsStream("/org/jboss/encore/grammar/java/MockClass.java"); + javaClass = JavaParser.parse(stream); + } + + @Test + public void testApplyChangesRequiredForModification() throws Exception + { + assertEquals("MockClass", javaClass.getName()); + javaClass.setName("Telephone"); + assertEquals("Telephone", javaClass.getName()); + assertFalse(javaClass.toString().contains("Telephone")); + assertTrue(javaClass.toString().contains("MockClass")); + + javaClass.applyChanges(); + assertTrue(javaClass.toString().contains("Telephone")); + assertFalse(javaClass.toString().contains("MockClass")); + } + + @Test + public void testParse() throws Exception + { + assertEquals(URL.class.getName(), javaClass.getImports().get(0).getName()); + assertEquals(2, javaClass.getMethods().size()); + assertEquals("MockClass", javaClass.getName()); + assertTrue(javaClass.isPublic()); + assertFalse(javaClass.isAbstract()); + } + + @Test + public void testSetName() throws Exception + { + assertEquals("MockClass", javaClass.getName()); + javaClass.setName("Telephone"); + assertEquals("Telephone", javaClass.getName()); + } + + @Test + public void testSetNameUpdatesConstructorNames() throws Exception + { + assertEquals("MockClass", javaClass.getName()); + assertEquals("MockClass", javaClass.getMethods().get(0).getName()); + javaClass.setName("Telephone"); + assertEquals("Telephone", javaClass.getName()); + assertEquals("Telephone", javaClass.getMethods().get(0).getName()); + } + + @Test + public void testSetPackage() throws Exception + { + javaClass.setPackage("org.lincoln"); + assertEquals("org.lincoln", javaClass.getPackage()); + assertFalse(javaClass.isDefaultPackage()); + } + + @Test + public void testSetAbstract() throws Exception + { + javaClass.setAbstract(true); + assertTrue(javaClass.isAbstract()); + } + + @Test + public void testSetPackageDefault() throws Exception + { + javaClass.setDefaultPackage(); + assertNull(javaClass.getPackage()); + assertTrue(javaClass.isDefaultPackage()); + } + + @Test + public void testAddImport() throws Exception + { + javaClass.addImport(List.class.getName()); + assertEquals(2, javaClass.getImports().size()); + assertEquals(URL.class.getName(), javaClass.getImports().get(0).getName()); + assertEquals(List.class.getName(), javaClass.getImports().get(1).getName()); + } + + @Test + public void testAddImportsClasses() throws Exception + { + assertEquals(1, javaClass.getImports().size()); + + javaClass.addImports(List.class, Map.class); + + assertEquals(3, javaClass.getImports().size()); + assertEquals(Map.class.getName(), javaClass.getImports().get(2).getName()); + } + + @Test + public void testAddImportStatic() throws Exception + { + assertEquals(1, javaClass.getImports().size()); + javaClass.addImport(List.class).setStatic(true).applyChanges(); + assertEquals(2, javaClass.getImports().size()); + assertTrue(javaClass.getImports().get(1).isStatic()); + } + + @Test + public void testRemoveImportByClass() throws Exception + { + List<Import> imports = javaClass.getImports(); + assertEquals(1, imports.size()); + assertEquals(URL.class.getName(), imports.get(0).getName()); + + javaClass.removeImport(URL.class); + imports = javaClass.getImports(); + assertEquals(0, imports.size()); + } + + @Test + public void testRemoveImportByName() throws Exception + { + assertEquals(1, javaClass.getImports().size()); + assertEquals(URL.class.getName(), javaClass.getImports().get(0).getName()); + + javaClass.removeImport(URL.class.getName()); + assertEquals(0, javaClass.getImports().size()); + } + + @Test + public void testRemoveImportByReference() throws Exception + { + assertEquals(1, javaClass.getImports().size()); + assertEquals(URL.class.getName(), javaClass.getImports().get(0).getName()); + + javaClass.removeImport(javaClass.getImports().get(0)); + assertEquals(0, javaClass.getImports().size()); + } + + @Test + public void testAddMethod() throws Exception + { + javaClass.addMethod().setName("testMethod").setReturnTypeVoid().setBody("").applyChanges(); + List<Method> methods = javaClass.getMethods(); + assertEquals(3, methods.size()); + assertNull(methods.get(2).getReturnType()); + } + + @Test + public void testAddMethodFromString() throws Exception + { + javaClass.addMethod("public URL rewriteURL(String pattern, String replacement) { return null; }").setPackagePrivate().applyChanges(); + List<Method> methods = javaClass.getMethods(); + assertEquals(3, methods.size()); + assertEquals("URL", methods.get(2).getReturnType()); + assertEquals("rewriteURL", methods.get(2).getName()); + + String body = methods.get(2).getBody(); + assertEquals("return null;".replaceAll("\\s+", ""), body.replaceAll("\\s+", "")); + } + + @Test + public void testRemoveMethod() throws Exception + { + List<Method> methods = javaClass.getMethods(); + javaClass.removeMethod(methods.get(0)).applyChanges(); + methods = javaClass.getMethods(); + assertEquals(1, methods.size()); + } + + @Test + public void testAddConstructor() throws Exception + { + javaClass.addMethod().setName("testMethod").setConstructor(true).setProtected().setReturnType(String.class).setBody("System.out.println(\"I am a constructor!\");").applyChanges(); + Method method = javaClass.getMethods().get(javaClass.getMethods().size() - 1); + assertEquals(3, javaClass.getMethods().size()); + assertEquals(javaClass.getName(), method.getName()); + assertTrue(method.isProtected()); + assertTrue(method.isConstructor()); + assertNull(method.getReturnType()); + String body = method.getBody(); + assertEquals("System.out.println(\"I am a constructor!\");".replaceAll("\\s+", ""), body.replaceAll("\\s+", "")); + } + + @Test + public void testAddConstructorIngoresReturnTypeAndName() throws Exception + { + javaClass.addMethod().setName("testMethod").setConstructor(true).setPrivate().setReturnType(String.class).setBody("System.out.println(\"I am a constructor!\");").applyChanges(); + Method method = javaClass.getMethods().get(javaClass.getMethods().size() - 1); + assertEquals(3, javaClass.getMethods().size()); + assertTrue(method.isPrivate()); + assertTrue(method.isConstructor()); + assertNull(method.getReturnType()); + assertEquals(javaClass.getName(), method.getName()); + String body = method.getBody(); + assertEquals("System.out.println(\"I am a constructor!\");".replaceAll("\\s+", ""), body.replaceAll("\\s+", "")); + } + +} Added: sandbox/encore/core/src/test/java/org/jboss/encore/test/grammar/java/JavaClassVisibilityTest.java =================================================================== --- sandbox/encore/core/src/test/java/org/jboss/encore/test/grammar/java/JavaClassVisibilityTest.java (rev 0) +++ sandbox/encore/core/src/test/java/org/jboss/encore/test/grammar/java/JavaClassVisibilityTest.java 2010-08-06 18:43:46 UTC (rev 13571) @@ -0,0 +1,42 @@ +/* + * JBoss, Home of Professional Open Source + * Copyright 2010, Red Hat, Inc., and individual contributors + * by the @authors tag. See the copyright.txt in the distribution for a + * full listing of individual contributors. + * + * This is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * This software is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this software; if not, write to the Free + * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA + * 02110-1301 USA, or see the FSF site: http://www.fsf.org. + */ +package org.jboss.encore.test.grammar.java; + +import java.io.InputStream; + +import org.jboss.encore.grammar.java.JavaClass; +import org.jboss.encore.grammar.java.JavaParser; +import org.jboss.encore.test.grammar.java.common.VisibilityTest; + +/** + * @author <a href="mailto:lincolnbaxter@gmail.com">Lincoln Baxter, III</a> + */ +public class JavaClassVisibilityTest extends VisibilityTest +{ + @Override + public void resetTests() + { + InputStream stream = JavaClassVisibilityTest.class.getResourceAsStream("/org/jboss/encore/grammar/java/MockClass.java"); + JavaClass clazz = JavaParser.parse(stream); + setTarget(clazz); + } +} Deleted: sandbox/encore/core/src/test/java/org/jboss/encore/test/grammar/java/MethodAnnotationTest.java =================================================================== --- sandbox/encore/core/src/test/java/org/jboss/encore/grammar/java/MethodAnnotationTest.java 2010-08-05 12:31:27 UTC (rev 13560) +++ sandbox/encore/core/src/test/java/org/jboss/encore/test/grammar/java/MethodAnnotationTest.java 2010-08-06 18:43:46 UTC (rev 13571) @@ -1,38 +0,0 @@ -/* - * JBoss, Home of Professional Open Source - * Copyright 2010, Red Hat, Inc., and individual contributors - * by the @authors tag. See the copyright.txt in the distribution for a - * full listing of individual contributors. - * - * This is free software; you can redistribute it and/or modify it - * under the terms of the GNU Lesser General Public License as - * published by the Free Software Foundation; either version 2.1 of - * the License, or (at your option) any later version. - * - * This software is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this software; if not, write to the Free - * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA - * 02110-1301 USA, or see the FSF site: http://www.fsf.org. - */ -package org.jboss.encore.grammar.java; - -import java.io.InputStream; - -/** - * @author <a href="mailto:lincolnbaxter@gmail.com">Lincoln Baxter, III</a> - */ -public class MethodAnnotationTest extends AnnotationTest -{ - @Override - public void resetTests() - { - InputStream stream = MethodAnnotationTest.class.getResourceAsStream("/org/jboss/encore/grammar/java/MockAnnotatedMethodFile.java"); - Method method = JavaParser.parse(stream).getMethods().get(0); - setTarget(method); - } -} Copied: sandbox/encore/core/src/test/java/org/jboss/encore/test/grammar/java/MethodAnnotationTest.java (from rev 13561, sandbox/encore/core/src/test/java/org/jboss/encore/grammar/java/MethodAnnotationTest.java) =================================================================== --- sandbox/encore/core/src/test/java/org/jboss/encore/test/grammar/java/MethodAnnotationTest.java (rev 0) +++ sandbox/encore/core/src/test/java/org/jboss/encore/test/grammar/java/MethodAnnotationTest.java 2010-08-06 18:43:46 UTC (rev 13571) @@ -0,0 +1,42 @@ +/* + * JBoss, Home of Professional Open Source + * Copyright 2010, Red Hat, Inc., and individual contributors + * by the @authors tag. See the copyright.txt in the distribution for a + * full listing of individual contributors. + * + * This is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * This software is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this software; if not, write to the Free + * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA + * 02110-1301 USA, or see the FSF site: http://www.fsf.org. + */ +package org.jboss.encore.test.grammar.java; + +import java.io.InputStream; + +import org.jboss.encore.grammar.java.JavaParser; +import org.jboss.encore.grammar.java.Method; +import org.jboss.encore.test.grammar.java.common.AnnotationTest; + +/** + * @author <a href="mailto:lincolnbaxter@gmail.com">Lincoln Baxter, III</a> + */ +public class MethodAnnotationTest extends AnnotationTest +{ + @Override + public void resetTests() + { + InputStream stream = MethodAnnotationTest.class.getResourceAsStream("/org/jboss/encore/grammar/java/MockAnnotatedMethod.java"); + Method method = JavaParser.parse(stream).getMethods().get(0); + setTarget(method); + } +} Deleted: sandbox/encore/core/src/test/java/org/jboss/encore/test/grammar/java/MethodTest.java =================================================================== --- sandbox/encore/core/src/test/java/org/jboss/encore/grammar/java/MethodTest.java 2010-08-05 12:31:27 UTC (rev 13560) +++ sandbox/encore/core/src/test/java/org/jboss/encore/test/grammar/java/MethodTest.java 2010-08-06 18:43:46 UTC (rev 13571) @@ -1,132 +0,0 @@ -/* - * JBoss, Home of Professional Open Source - * Copyright 2010, Red Hat, Inc., and individual contributors - * by the @authors tag. See the copyright.txt in the distribution for a - * full listing of individual contributors. - * - * This is free software; you can redistribute it and/or modify it - * under the terms of the GNU Lesser General Public License as - * published by the Free Software Foundation; either version 2.1 of - * the License, or (at your option) any later version. - * - * This software is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this software; if not, write to the Free - * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA - * 02110-1301 USA, or see the FSF site: http://www.fsf.org. - */ -package org.jboss.encore.grammar.java; - -import static org.junit.Assert.assertEquals; -import static org.junit.Assert.assertFalse; -import static org.junit.Assert.assertTrue; - -import java.io.InputStream; - -import org.junit.Before; -import org.junit.Test; - -/** - * @author <a href="mailto:lincolnbaxter@gmail.com">Lincoln Baxter, III</a> - */ -public class MethodTest -{ - private InputStream stream; - private JavaClass javaClass; - private Method method; - - @Before - public void reset() - { - stream = MethodTest.class.getResourceAsStream("/org/jboss/encore/grammar/java/MockClassFile.java"); - javaClass = JavaParser.parse(stream); - javaClass.addMethod("public URL rewriteURL(String pattern, String replacement) { return null; }"); - method = javaClass.getMethods().get(javaClass.getMethods().size() - 1); - } - - @Test - public void testSetName() throws Exception - { - assertEquals("rewriteURL", method.getName()); - method.setName("doSomething"); - assertEquals("doSomething", method.getName()); - } - - @Test - public void testSetReturnType() throws Exception - { - assertEquals("URL", method.getReturnType()); - method.setReturnType(Class.class); - assertEquals("Class", method.getReturnType()); - assertFalse(method.isReturnTypeVoid()); - } - - @Test - public void testSetReturnTypeVoid() throws Exception - { - assertEquals("URL", method.getReturnType()); - method.setReturnTypeVoid(); - assertEquals(null, method.getReturnType()); - assertTrue(method.isReturnTypeVoid()); - } - - @Test - public void testSetConstructor() throws Exception - { - assertFalse(method.isConstructor()); - method.setConstructor(true); - assertTrue(method.isConstructor()); - assertEquals(javaClass.getName(), method.getName()); - } - - @Test - public void testSetAbstract() throws Exception - { - method.setAbstract(true); - assertTrue(method.isAbstract()); - } - - @Test - public void testSetPublic() throws Exception - { - method.setPublic(); - assertTrue(method.isPublic()); - assertFalse(method.isPackagePrivate()); - assertFalse(method.isPrivate()); - assertFalse(method.isProtected()); - } - - @Test - public void testSetPrivate() throws Exception - { - method.setPrivate(); - assertFalse(method.isPublic()); - assertFalse(method.isPackagePrivate()); - assertTrue(method.isPrivate()); - assertFalse(method.isProtected()); - } - - @Test - public void testSetProtected() throws Exception - { - method.setProtected(); - assertFalse(method.isPublic()); - assertFalse(method.isPackagePrivate()); - assertFalse(method.isPrivate()); - assertTrue(method.isProtected()); - } - - @Test - public void testSetPackagePrivate() throws Exception - { - method.setPackagePrivate(); - assertFalse(method.isPublic()); - assertTrue(method.isPackagePrivate()); - assertFalse(method.isPrivate()); - assertFalse(method.isProtected()); - } -} Copied: sandbox/encore/core/src/test/java/org/jboss/encore/test/grammar/java/MethodTest.java (from rev 13561, sandbox/encore/core/src/test/java/org/jboss/encore/grammar/java/MethodTest.java) =================================================================== --- sandbox/encore/core/src/test/java/org/jboss/encore/test/grammar/java/MethodTest.java (rev 0) +++ sandbox/encore/core/src/test/java/org/jboss/encore/test/grammar/java/MethodTest.java 2010-08-06 18:43:46 UTC (rev 13571) @@ -0,0 +1,95 @@ +/* + * JBoss, Home of Professional Open Source + * Copyright 2010, Red Hat, Inc., and individual contributors + * by the @authors tag. See the copyright.txt in the distribution for a + * full listing of individual contributors. + * + * This is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * This software is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this software; if not, write to the Free + * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA + * 02110-1301 USA, or see the FSF site: http://www.fsf.org. + */ +package org.jboss.encore.test.grammar.java; + +import static org.junit.Assert.assertEquals; +import static org.junit.Assert.assertFalse; +import static org.junit.Assert.assertTrue; + +import java.io.InputStream; + +import org.jboss.encore.grammar.java.JavaClass; +import org.jboss.encore.grammar.java.JavaParser; +import org.jboss.encore.grammar.java.Method; +import org.junit.Before; +import org.junit.Test; + +/** + * @author <a href="mailto:lincolnbaxter@gmail.com">Lincoln Baxter, III</a> + */ +public class MethodTest +{ + private InputStream stream; + private JavaClass javaClass; + private Method method; + + @Before + public void reset() + { + stream = MethodTest.class.getResourceAsStream("/org/jboss/encore/grammar/java/MockClass.java"); + javaClass = JavaParser.parse(stream); + javaClass.addMethod("public URL rewriteURL(String pattern, String replacement) { return null; }"); + method = javaClass.getMethods().get(javaClass.getMethods().size() - 1); + } + + @Test + public void testSetName() throws Exception + { + assertEquals("rewriteURL", method.getName()); + method.setName("doSomething"); + assertEquals("doSomething", method.getName()); + } + + @Test + public void testSetReturnType() throws Exception + { + assertEquals("URL", method.getReturnType()); + method.setReturnType(Class.class); + assertEquals("Class", method.getReturnType()); + assertFalse(method.isReturnTypeVoid()); + } + + @Test + public void testSetReturnTypeVoid() throws Exception + { + assertEquals("URL", method.getReturnType()); + method.setReturnTypeVoid(); + assertEquals(null, method.getReturnType()); + assertTrue(method.isReturnTypeVoid()); + } + + @Test + public void testSetConstructor() throws Exception + { + assertFalse(method.isConstructor()); + method.setConstructor(true); + assertTrue(method.isConstructor()); + assertEquals(javaClass.getName(), method.getName()); + } + + @Test + public void testSetAbstract() throws Exception + { + method.setAbstract(true); + assertTrue(method.isAbstract()); + } +} Added: sandbox/encore/core/src/test/java/org/jboss/encore/test/grammar/java/MethodVisibilityTest.java =================================================================== --- sandbox/encore/core/src/test/java/org/jboss/encore/test/grammar/java/MethodVisibilityTest.java (rev 0) +++ sandbox/encore/core/src/test/java/org/jboss/encore/test/grammar/java/MethodVisibilityTest.java 2010-08-06 18:43:46 UTC (rev 13571) @@ -0,0 +1,42 @@ +/* + * JBoss, Home of Professional Open Source + * Copyright 2010, Red Hat, Inc., and individual contributors + * by the @authors tag. See the copyright.txt in the distribution for a + * full listing of individual contributors. + * + * This is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * This software is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this software; if not, write to the Free + * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA + * 02110-1301 USA, or see the FSF site: http://www.fsf.org. + */ +package org.jboss.encore.test.grammar.java; + +import java.io.InputStream; + +import org.jboss.encore.grammar.java.JavaParser; +import org.jboss.encore.grammar.java.Method; +import org.jboss.encore.test.grammar.java.common.VisibilityTest; + +/** + * @author <a href="mailto:lincolnbaxter@gmail.com">Lincoln Baxter, III</a> + */ +public class MethodVisibilityTest extends VisibilityTest +{ + @Override + public void resetTests() + { + InputStream stream = MethodVisibilityTest.class.getResourceAsStream("/org/jboss/encore/grammar/java/MockAnnotatedMethod.java"); + Method method = JavaParser.parse(stream).getMethods().get(0); + setTarget(method); + } +} Copied: sandbox/encore/core/src/test/java/org/jboss/encore/test/grammar/java/common/AnnotationTest.java (from rev 13560, sandbox/encore/core/src/test/java/org/jboss/encore/grammar/java/AnnotationTest.java) =================================================================== --- sandbox/encore/core/src/test/java/org/jboss/encore/test/grammar/java/common/AnnotationTest.java (rev 0) +++ sandbox/encore/core/src/test/java/org/jboss/encore/test/grammar/java/common/AnnotationTest.java 2010-08-06 18:43:46 UTC (rev 13571) @@ -0,0 +1,218 @@ +/* + * JBoss, Home of Professional Open Source + * Copyright 2010, Red Hat, Inc., and individual contributors + * by the @authors tag. See the copyright.txt in the distribution for a + * full listing of individual contributors. + * + * This is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * This software is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this software; if not, write to the Free + * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA + * 02110-1301 USA, or see the FSF site: http://www.fsf.org. + */ +package org.jboss.encore.test.grammar.java.common; + +import static org.junit.Assert.assertEquals; +import static org.junit.Assert.assertFalse; +import static org.junit.Assert.assertTrue; + +import java.util.List; + +import org.jboss.encore.grammar.java.Annotation; +import org.jboss.encore.grammar.java.AnnotationTarget; +import org.junit.Before; +import org.junit.Test; + +/** + * @author <a href="mailto:lincolnbaxter@gmail.com">Lincoln Baxter, III</a> + */ +public abstract class AnnotationTest +{ + private AnnotationTarget<?> target; + + public void setTarget(AnnotationTarget<?> target) + { + this.target = target; + } + + @Before + public void reset() + { + resetTests(); + } + + public abstract void resetTests(); + + @Test + public void testParseAnnotation() throws Exception + { + List<Annotation> annotations = target.getAnnotations(); + assertEquals(3, annotations.size()); + assertEquals("deprecation", annotations.get(1).getStringValue()); + assertEquals("deprecation", annotations.get(1).getStringValue("value")); + assertEquals("value", annotations.get(1).getValues().get(0).getName()); + assertEquals("deprecation", annotations.get(1).getValues().get(0).getStringValue()); + + assertEquals("unchecked", annotations.get(2).getStringValue("value")); + assertEquals("unchecked", annotations.get(2).getStringValue()); + assertEquals("value", annotations.get(2).getValues().get(0).getName()); + assertEquals("unchecked", annotations.get(2).getValues().get(0).getStringValue()); + } + + @Test + public void testAddAnnotation() throws Exception + { + int size = target.getAnnotations().size(); + target.addAnnotation().setName("RequestScoped"); + List<Annotation> annotations = target.getAnnotations(); + assertEquals(size + 1, annotations.size()); + assertEquals("RequestScoped", annotations.get(annotations.size() - 1).getName()); + } + + @Test + public void testAddAnnotationByClass() throws Exception + { + int size = target.getAnnotations().size(); + target.addAnnotation(Test.class); + List<Annotation> annotations = target.getAnnotations(); + assertEquals(size + 1, annotations.size()); + assertEquals(Test.class.getName(), annotations.get(annotations.size() - 1).getName()); + target.applyChanges(); + assertTrue(target.toString().contains("@" + Test.class.getName())); + } + + @Test + public void testAddAnnotationByName() throws Exception + { + int size = target.getAnnotations().size(); + target.addAnnotation("RequestScoped"); + List<Annotation> annotations = target.getAnnotations(); + assertEquals(size + 1, annotations.size()); + assertEquals("RequestScoped", annotations.get(annotations.size() - 1).getName()); + target.applyChanges(); + assertTrue(target.toString().contains("@RequestScoped")); + } + + @Test + public void testCanAddAnnotationDuplicate() throws Exception + { + int size = target.getAnnotations().size(); + target.addAnnotation(Test.class); + target.addAnnotation(Test.class); + List<Annotation> annotations = target.getAnnotations(); + assertEquals(size + 2, annotations.size()); + assertEquals(Test.class.getName(), annotations.get(annotations.size() - 1).getName()); + assertEquals(Test.class.getName(), annotations.get(annotations.size() - 2).getName()); + target.applyChanges(); + String pattern = "@" + Test.class.getName() + " " + "@" + Test.class.getName(); + assertTrue(target.toString().contains(pattern)); + } + + @Test(expected = IllegalArgumentException.class) + public void testCannotAddAnnotationWithIllegalName() throws Exception + { + target.addAnnotation("sdf*(&#$%"); + } + + @Test + public void testAddLiteralValue() throws Exception + { + int size = target.getAnnotations().size(); + + target.addAnnotation(Test.class).setLiteralValue("435"); + target.applyChanges(); + + List<Annotation> annotations = target.getAnnotations(); + assertEquals(size + 1, annotations.size()); + + Annotation annotation = annotations.get(annotations.size() - 1); + assertEquals(Test.class.getName(), annotation.getName()); + assertEquals("435", annotation.getLiteralValue()); + } + + @Test + public void testAddObjectValue() throws Exception + { + int size = target.getAnnotations().size(); + + target.addAnnotation(Test.class).setLiteralValue("expected", "RuntimeException.class").setLiteralValue("foo", "bar"); + target.applyChanges(); + + List<Annotation> annotations = target.getAnnotations(); + assertEquals(size + 1, annotations.size()); + + Annotation annotation = annotations.get(annotations.size() - 1); + assertEquals(Test.class.getName(), annotation.getName()); + assertEquals(null, annotation.getLiteralValue()); + assertEquals("RuntimeException.class", annotation.getLiteralValue("expected")); + assertEquals("bar", annotation.getLiteralValue("foo")); + } + + @Test + public void testAddValueConvertsToNormalAnnotation() throws Exception + { + target.addAnnotation(Test.class).setLiteralValue("RuntimeException.class"); + target.applyChanges(); + Annotation annotation = target.getAnnotations().get(target.getAnnotations().size() - 1); + + assertEquals("RuntimeException.class", annotation.getLiteralValue()); + assertTrue(annotation.isSingleValue()); + + annotation.setLiteralValue("foo", "bar"); + assertFalse(annotation.isSingleValue()); + assertTrue(annotation.isNormal()); + + assertEquals("RuntimeException.class", annotation.getLiteralValue()); + assertEquals("RuntimeException.class", annotation.getLiteralValue("value")); + assertEquals("bar", annotation.getLiteralValue("foo")); + } + + @Test + public void testAnnotationBeginsAsMarker() throws Exception + { + Annotation anno = target.addAnnotation(Test.class); + assertTrue(anno.isMarker()); + assertFalse(anno.isSingleValue()); + assertFalse(anno.isNormal()); + + anno.setLiteralValue("\"Foo!\""); + assertFalse(anno.isMarker()); + assertTrue(anno.isSingleValue()); + assertFalse(anno.isNormal()); + + anno.setStringValue("bar", "Foo!"); + assertFalse(anno.isMarker()); + assertFalse(anno.isSingleValue()); + assertTrue(anno.isNormal()); + + assertEquals("\"Foo!\"", anno.getLiteralValue("bar")); + assertEquals("Foo!", anno.getStringValue("bar")); + + anno.removeAllValues(); + assertTrue(anno.isMarker()); + assertFalse(anno.isSingleValue()); + assertFalse(anno.isNormal()); + } + + @Test + public void testRemoveAllValues() throws Exception + { + target.addAnnotation(Test.class).setLiteralValue("expected", "RuntimeException.class"); + target.applyChanges(); + + List<Annotation> annotations = target.getAnnotations(); + Annotation annotation = annotations.get(annotations.size() - 1); + annotation.removeAllValues(); + + assertEquals(0, annotation.getValues().size()); + } +} Added: sandbox/encore/core/src/test/java/org/jboss/encore/test/grammar/java/common/VisibilityTest.java =================================================================== --- sandbox/encore/core/src/test/java/org/jboss/encore/test/grammar/java/common/VisibilityTest.java (rev 0) +++ sandbox/encore/core/src/test/java/org/jboss/encore/test/grammar/java/common/VisibilityTest.java 2010-08-06 18:43:46 UTC (rev 13571) @@ -0,0 +1,90 @@ +/* + * JBoss, Home of Professional Open Source + * Copyright 2010, Red Hat, Inc., and individual contributors + * by the @authors tag. See the copyright.txt in the distribution for a + * full listing of individual contributors. + * + * This is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * This software is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this software; if not, write to the Free + * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA + * 02110-1301 USA, or see the FSF site: http://www.fsf.org. + */ +package org.jboss.encore.test.grammar.java.common; + +import static org.junit.Assert.assertFalse; +import static org.junit.Assert.assertTrue; + +import org.jboss.encore.grammar.java.VisibilityScoped; +import org.junit.Before; +import org.junit.Test; + +/** + * @author <a href="mailto:lincolnbaxter@gmail.com">Lincoln Baxter, III</a> + */ +public abstract class VisibilityTest +{ + private VisibilityScoped<?> target; + + public void setTarget(VisibilityScoped<?> target) + { + this.target = target; + } + + @Before + public void reset() + { + resetTests(); + } + + public abstract void resetTests(); + + @Test + public void testSetPublic() throws Exception + { + target.setPublic(); + assertTrue(target.isPublic()); + assertFalse(target.isPackagePrivate()); + assertFalse(target.isPrivate()); + assertFalse(target.isProtected()); + } + + @Test + public void testSetPrivate() throws Exception + { + target.setPrivate(); + assertFalse(target.isPublic()); + assertFalse(target.isPackagePrivate()); + assertTrue(target.isPrivate()); + assertFalse(target.isProtected()); + } + + @Test + public void testSetProtected() throws Exception + { + target.setProtected(); + assertFalse(target.isPublic()); + assertFalse(target.isPackagePrivate()); + assertFalse(target.isPrivate()); + assertTrue(target.isProtected()); + } + + @Test + public void testSetPackagePrivate() throws Exception + { + target.setPackagePrivate(); + assertFalse(target.isPublic()); + assertTrue(target.isPackagePrivate()); + assertFalse(target.isPrivate()); + assertFalse(target.isProtected()); + } +}

13 years, 9 months

1
0
0 / 0

Seam SVN: r13570 - modules/drools/trunk.

by seam-commits＠lists.jboss.org

Author: tsurdilovic Date: 2010-08-06 14:13:16 -0400 (Fri, 06 Aug 2010) New Revision: 13570 Modified: modules/drools/trunk/pom.xml Log: updated parent to version 3. added new profile Modified: modules/drools/trunk/pom.xml =================================================================== --- modules/drools/trunk/pom.xml 2010-08-06 16:31:35 UTC (rev 13569) +++ modules/drools/trunk/pom.xml 2010-08-06 18:13:16 UTC (rev 13570) @@ -5,7 +5,7 @@ <parent> <groupId>org.jboss.seam</groupId> <artifactId>seam-parent</artifactId> - <version>2</version> + <version>3</version> </parent> <artifactId>seam-drools-parent</artifactId> @@ -77,20 +77,48 @@ </dependencyManagement> <profiles> - <profile> - <id>distribution</id> - <activation> - <property> - <name>release</name> - </property> - </activation> - <modules> - <module>dist</module> - <module>docs</module> - </modules> - </profile> - </profiles> + <profile> + <id>jboss-public-repository</id> + <activation> + <property> + <name>jboss-public-repository</name> + <value>!false</value> + </property> + </activation> + <repositories> + <repository> + <id>jboss-public-repository-group</id> + <name>JBoss Public Maven Repository Group</name> + <url>http://repository.jboss.org/nexus/content/groups/public</url> + <releases> + <enabled>true</enabled> + <updatePolicy>never</updatePolicy> + </releases> + <snapshots> + <enabled>false</enabled> + <updatePolicy>never</updatePolicy> + </snapshots> + </repository> + </repositories> + <pluginRepositories> + <pluginRepository> + <id>jboss-public-repository-group</id> + <name>JBoss Public Maven Repository Group</name> + <url>http://repository.jboss.org/nexus/content/groups/public</url> + <releases> + <enabled>true</enabled> + <updatePolicy>never</updatePolicy> + </releases> + <snapshots> + <enabled>false</enabled> + <updatePolicy>never</updatePolicy> + </snapshots> + </pluginRepository> + </pluginRepositories> + </profile> + </profiles> + <scm> <connection>scm:svn:http://anonsvn.jboss.org/repos/seam/modules/drools/trunk</connection> <developerConnection>scm:svn:https://svn.jboss.org/repos/seam/modules/drools/trunk</developerConnection>

13 years, 9 months

1
0
0 / 0

Seam SVN: r13569 - in build/trunk: tools and 1 other directory.

by seam-commits＠lists.jboss.org

Author: pete.muir(a)jboss.org Date: 2010-08-06 12:31:35 -0400 (Fri, 06 Aug 2010) New Revision: 13569 Modified: build/trunk/parent/pom.xml build/trunk/tools/pom.xml Log: update to jboss repo Modified: build/trunk/parent/pom.xml =================================================================== --- build/trunk/parent/pom.xml 2010-08-06 16:30:02 UTC (rev 13568) +++ build/trunk/parent/pom.xml 2010-08-06 16:31:35 UTC (rev 13569) @@ -175,6 +175,49 @@ </dependencies> </dependencyManagement> + <profiles> + <profile> + <id>jboss-public-repository</id> + <activation> + <property> + <name>jboss-public-repository</name> + <value>!false</value> + </property> + </activation> + <repositories> + <repository> + <id>jboss-public-repository-group</id> + <name>JBoss Public Maven Repository Group</name> + <url>http://repository.jboss.org/nexus/content/groups/public</url> + <releases> + <enabled>true</enabled> + <updatePolicy>never</updatePolicy> + </releases> + <snapshots> + <enabled>false</enabled> + <updatePolicy>never</updatePolicy> + </snapshots> + </repository> + </repositories> + <pluginRepositories> + <pluginRepository> + <id>jboss-public-repository-group</id> + <name>JBoss Public Maven Repository Group</name> + <url>http://repository.jboss.org/nexus/content/groups/public</url> + <releases> + <enabled>true</enabled> + <updatePolicy>never</updatePolicy> + </releases> + <snapshots> + <enabled>false</enabled> + <updatePolicy>never</updatePolicy> + </snapshots> + </pluginRepository> + </pluginRepositories> + </profile> + </profiles> + + <scm> <connection>scm:svn:http://anonsvn.jboss.org/repos/seam/build/trunk/parent</connection> <developerConnection>scm:svn:https://svn.jboss.org/repos/seam/build/trunk/parent</developerConnection> Modified: build/trunk/tools/pom.xml =================================================================== --- build/trunk/tools/pom.xml 2010-08-06 16:30:02 UTC (rev 13568) +++ build/trunk/tools/pom.xml 2010-08-06 16:31:35 UTC (rev 13569) @@ -57,6 +57,49 @@ </dependency> </dependencies> + <profiles> + <profile> + <id>jboss-public-repository</id> + <activation> + <property> + <name>jboss-public-repository</name> + <value>!false</value> + </property> + </activation> + <repositories> + <repository> + <id>jboss-public-repository-group</id> + <name>JBoss Public Maven Repository Group</name> + <url>http://repository.jboss.org/nexus/content/groups/public</url> + <releases> + <enabled>true</enabled> + <updatePolicy>never</updatePolicy> + </releases> + <snapshots> + <enabled>false</enabled> + <updatePolicy>never</updatePolicy> + </snapshots> + </repository> + </repositories> + <pluginRepositories> + <pluginRepository> + <id>jboss-public-repository-group</id> + <name>JBoss Public Maven Repository Group</name> + <url>http://repository.jboss.org/nexus/content/groups/public</url> + <releases> + <enabled>true</enabled> + <updatePolicy>never</updatePolicy> + </releases> + <snapshots> + <enabled>false</enabled> + <updatePolicy>never</updatePolicy> + </snapshots> + </pluginRepository> + </pluginRepositories> + </profile> + </profiles> + + <scm> <connection>scm:svn:http://anonsvn.jboss.org/repos/seam/build/trunk/parent</connection> <developerConnection>scm:svn:https://svn.jboss.org/repos/seam/build/trunk/parent</developerConnection>

13 years, 9 months

1
0
0 / 0

Seam SVN: r13568 - in build/trunk: module-archetype and 1 other directory.

by seam-commits＠lists.jboss.org

Author: pete.muir(a)jboss.org Date: 2010-08-06 12:30:02 -0400 (Fri, 06 Aug 2010) New Revision: 13568 Modified: build/trunk/checkout.sh build/trunk/module-archetype/pom.xml Log: update to jboss repo Modified: build/trunk/checkout.sh =================================================================== --- build/trunk/checkout.sh 2010-08-06 16:28:43 UTC (rev 13567) +++ build/trunk/checkout.sh 2010-08-06 16:30:02 UTC (rev 13568) @@ -99,7 +99,7 @@ SVNARGS= SVNUPDATE=1 -MODULES="remoting drools faces international persistence security xml jms wicket servlet" +MODULES="documents drools faces international jbpm jms persistence remoting resteasy security servlet wicket xml" while getopts “hrd:v” OPTION do Modified: build/trunk/module-archetype/pom.xml =================================================================== --- build/trunk/module-archetype/pom.xml 2010-08-06 16:28:43 UTC (rev 13567) +++ build/trunk/module-archetype/pom.xml 2010-08-06 16:30:02 UTC (rev 13568) @@ -9,7 +9,7 @@ <parent> <groupId>org.jboss.weld</groupId> <artifactId>weld-parent</artifactId> - <version>12</version> + <version>13</version> </parent> <description> @@ -32,21 +32,47 @@ </developer> </developers> -  - <repositories> - <repository> - <id>oss.sonatype.org/jboss-snapshots</id> - <name>JBoss (Nexus) Snapshots Repository</name> - <url>http://oss.sonatype.org/content/repositories/jboss-snapshots</url> - <releases> - <enabled>false</enabled> - </releases> - <snapshots> - <enabled>true</enabled> - <updatePolicy>never</updatePolicy> - </snapshots> - </repository> - </repositories> + <profiles> + <profile> + <id>jboss-public-repository</id> + <activation> + <property> + <name>jboss-public-repository</name> + <value>!false</value> + </property> + </activation> + <repositories> + <repository> + <id>jboss-public-repository-group</id> + <name>JBoss Public Maven Repository Group</name> + <url>http://repository.jboss.org/nexus/content/groups/public</url> + <releases> + <enabled>true</enabled> + <updatePolicy>never</updatePolicy> + </releases> + <snapshots> + <enabled>false</enabled> + <updatePolicy>never</updatePolicy> + </snapshots> + </repository> + </repositories> + <pluginRepositories> + <pluginRepository> + <id>jboss-public-repository-group</id> + <name>JBoss Public Maven Repository Group</name> + <url>http://repository.jboss.org/nexus/content/groups/public</url> + <releases> + <enabled>true</enabled> + <updatePolicy>never</updatePolicy> + </releases> + <snapshots> + <enabled>false</enabled> + <updatePolicy>never</updatePolicy> + </snapshots> + </pluginRepository> + </pluginRepositories> + </profile> + </profiles> <scm> <connection>scm:svn:http://anonsvn.jboss.org/repos/seam/build/trunk/parent</connection>

13 years, 9 months

1
0
0 / 0

Seam SVN: r13567 - build/trunk/tools.

by seam-commits＠lists.jboss.org

Author: pete.muir(a)jboss.org Date: 2010-08-06 12:28:43 -0400 (Fri, 06 Aug 2010) New Revision: 13567 Modified: build/trunk/tools/pom.xml Log: update to jboss repo Modified: build/trunk/tools/pom.xml =================================================================== --- build/trunk/tools/pom.xml 2010-08-06 16:22:18 UTC (rev 13566) +++ build/trunk/tools/pom.xml 2010-08-06 16:28:43 UTC (rev 13567) @@ -11,7 +11,7 @@ <parent> <groupId>org.jboss.weld</groupId> <artifactId>weld-parent</artifactId> - <version>12</version> + <version>13</version> </parent> <description>

13 years, 9 months

1
0
0 / 0

Seam SVN: r13566 - build/trunk/parent.

by seam-commits＠lists.jboss.org

Author: pete.muir(a)jboss.org Date: 2010-08-06 12:22:18 -0400 (Fri, 06 Aug 2010) New Revision: 13566 Modified: build/trunk/parent/pom.xml Log: [maven-release-plugin] prepare for next development iteration Modified: build/trunk/parent/pom.xml =================================================================== --- build/trunk/parent/pom.xml 2010-08-06 16:22:11 UTC (rev 13565) +++ build/trunk/parent/pom.xml 2010-08-06 16:22:18 UTC (rev 13566) @@ -4,7 +4,7 @@ <groupId>org.jboss.seam</groupId> <artifactId>seam-parent</artifactId> <packaging>pom</packaging> - <version>3</version> + <version>4-SNAPSHOT</version> <name>Seam Parent</name> <parent> @@ -176,9 +176,9 @@ </dependencyManagement> <scm> - <connection>scm:svn:http://anonsvn.jboss.org/repos/seam/build/tags/seam-parent-3</connection> - <developerConnection>scm:svn:https://svn.jboss.org/repos/seam/build/tags/seam-parent-3</developerConnection> - <url>http://fisheye.jboss.org/browse/Seam/seam/build/tags/seam-parent-3</url> + <connection>scm:svn:http://anonsvn.jboss.org/repos/seam/build/trunk/parent</connection> + <developerConnection>scm:svn:https://svn.jboss.org/repos/seam/build/trunk/parent</developerConnection> + <url>http://fisheye.jboss.org/browse/Seam/seam/build/trunk/parent</url> </scm> </project>

13 years, 9 months

1
0
0 / 0

Seam SVN: r13565 - build/tags.

by seam-commits＠lists.jboss.org

Author: pete.muir(a)jboss.org Date: 2010-08-06 12:22:11 -0400 (Fri, 06 Aug 2010) New Revision: 13565 Added: build/tags/seam-parent-3/ Log: [maven-scm] copy for tag seam-parent-3 Copied: build/tags/seam-parent-3 (from rev 13564, build/trunk/parent)

13 years, 9 months

1
0
0 / 0

Seam SVN: r13564 - build/trunk/parent.

by seam-commits＠lists.jboss.org

Author: pete.muir(a)jboss.org Date: 2010-08-06 12:21:47 -0400 (Fri, 06 Aug 2010) New Revision: 13564 Modified: build/trunk/parent/pom.xml Log: [maven-release-plugin] prepare release seam-parent-3 Modified: build/trunk/parent/pom.xml =================================================================== --- build/trunk/parent/pom.xml 2010-08-06 16:20:58 UTC (rev 13563) +++ build/trunk/parent/pom.xml 2010-08-06 16:21:47 UTC (rev 13564) @@ -4,7 +4,7 @@ <groupId>org.jboss.seam</groupId> <artifactId>seam-parent</artifactId> <packaging>pom</packaging> - <version>3-SNAPSHOT</version> + <version>3</version> <name>Seam Parent</name> <parent> @@ -176,9 +176,9 @@ </dependencyManagement> <scm> - <connection>scm:svn:http://anonsvn.jboss.org/repos/seam/build/trunk/parent</connection> - <developerConnection>scm:svn:https://svn.jboss.org/repos/seam/build/trunk/parent</developerConnection> - <url>http://fisheye.jboss.org/browse/Seam/seam/build/trunk/parent</url> + <connection>scm:svn:http://anonsvn.jboss.org/repos/seam/build/tags/seam-parent-3</connection> + <developerConnection>scm:svn:https://svn.jboss.org/repos/seam/build/tags/seam-parent-3</developerConnection> + <url>http://fisheye.jboss.org/browse/Seam/seam/build/tags/seam-parent-3</url> </scm> </project>

13 years, 9 months

1
0
0 / 0

Seam SVN: r13563 - build/trunk/parent.

by seam-commits＠lists.jboss.org

Author: pete.muir(a)jboss.org Date: 2010-08-06 12:20:58 -0400 (Fri, 06 Aug 2010) New Revision: 13563 Modified: build/trunk/parent/pom.xml Log: update to jboss repo Modified: build/trunk/parent/pom.xml =================================================================== --- build/trunk/parent/pom.xml 2010-08-06 14:08:04 UTC (rev 13562) +++ build/trunk/parent/pom.xml 2010-08-06 16:20:58 UTC (rev 13563) @@ -10,7 +10,7 @@ <parent> <groupId>org.jboss.weld</groupId> <artifactId>weld-parent</artifactId> - <version>12</version> + <version>15</version> </parent> <description>

13 years, 9 months

1
0
0 / 0

Seam SVN: r13562 - in modules/security/trunk/impl: src/main and 11 other directories.

by seam-commits＠lists.jboss.org

Author: marcelkolsteren Date: 2010-08-06 10:08:04 -0400 (Fri, 06 Aug 2010) New Revision: 13562 Added: modules/security/trunk/impl/src/main/java/META-INF/ modules/security/trunk/impl/src/main/java/META-INF/MANIFEST.MF modules/security/trunk/impl/src/main/java/org/jboss/seam/security/external_authentication/ modules/security/trunk/impl/src/main/java/org/jboss/seam/security/external_authentication/ExternalAuthenticationFilter.java modules/security/trunk/impl/src/main/java/org/jboss/seam/security/external_authentication/ExternalAuthenticationService.java modules/security/trunk/impl/src/main/java/org/jboss/seam/security/external_authentication/ExternalAuthenticator.java modules/security/trunk/impl/src/main/java/org/jboss/seam/security/external_authentication/InternalAuthenticator.java modules/security/trunk/impl/src/main/java/org/jboss/seam/security/external_authentication/InvalidRequestException.java modules/security/trunk/impl/src/main/java/org/jboss/seam/security/external_authentication/LoggedInEvent.java modules/security/trunk/impl/src/main/java/org/jboss/seam/security/external_authentication/OpenIdConsumerManagerFactory.java modules/security/trunk/impl/src/main/java/org/jboss/seam/security/external_authentication/OpenIdPrincipal.java modules/security/trunk/impl/src/main/java/org/jboss/seam/security/external_authentication/OpenIdRequest.java modules/security/trunk/impl/src/main/java/org/jboss/seam/security/external_authentication/OpenIdSingleLoginReceiver.java modules/security/trunk/impl/src/main/java/org/jboss/seam/security/external_authentication/OpenIdSingleLoginSender.java modules/security/trunk/impl/src/main/java/org/jboss/seam/security/external_authentication/OpenIdXrdsProvider.java modules/security/trunk/impl/src/main/java/org/jboss/seam/security/external_authentication/PagesSupportingExternalAuthentication.java modules/security/trunk/impl/src/main/java/org/jboss/seam/security/external_authentication/RequestContext.java modules/security/trunk/impl/src/main/java/org/jboss/seam/security/external_authentication/RequestOrResponse.java modules/security/trunk/impl/src/main/java/org/jboss/seam/security/external_authentication/Requests.java modules/security/trunk/impl/src/main/java/org/jboss/seam/security/external_authentication/SamlConstants.java modules/security/trunk/impl/src/main/java/org/jboss/seam/security/external_authentication/SamlMessageFactory.java modules/security/trunk/impl/src/main/java/org/jboss/seam/security/external_authentication/SamlMessageReceiver.java modules/security/trunk/impl/src/main/java/org/jboss/seam/security/external_authentication/SamlMessageSender.java modules/security/trunk/impl/src/main/java/org/jboss/seam/security/external_authentication/SamlMetaDataProvider.java modules/security/trunk/impl/src/main/java/org/jboss/seam/security/external_authentication/SamlProfile.java modules/security/trunk/impl/src/main/java/org/jboss/seam/security/external_authentication/SamlSignatureUtilForPostBinding.java modules/security/trunk/impl/src/main/java/org/jboss/seam/security/external_authentication/SamlSignatureUtilForRedirectBinding.java modules/security/trunk/impl/src/main/java/org/jboss/seam/security/external_authentication/SamlSingleLogoutReceiver.java modules/security/trunk/impl/src/main/java/org/jboss/seam/security/external_authentication/SamlSingleLogoutSender.java modules/security/trunk/impl/src/main/java/org/jboss/seam/security/external_authentication/SamlSingleSignOnReceiver.java modules/security/trunk/impl/src/main/java/org/jboss/seam/security/external_authentication/SamlSingleSignOnSender.java modules/security/trunk/impl/src/main/java/org/jboss/seam/security/external_authentication/SamlUtils.java modules/security/trunk/impl/src/main/java/org/jboss/seam/security/external_authentication/SeamSamlPrincipal.java modules/security/trunk/impl/src/main/java/org/jboss/seam/security/external_authentication/configuration/ modules/security/trunk/impl/src/main/java/org/jboss/seam/security/external_authentication/configuration/Binding.java modules/security/trunk/impl/src/main/java/org/jboss/seam/security/external_authentication/configuration/Configuration.java modules/security/trunk/impl/src/main/java/org/jboss/seam/security/external_authentication/configuration/OpenIdConfiguration.java modules/security/trunk/impl/src/main/java/org/jboss/seam/security/external_authentication/configuration/SamlConfiguration.java modules/security/trunk/impl/src/main/java/org/jboss/seam/security/external_authentication/configuration/SamlEndpoint.java modules/security/trunk/impl/src/main/java/org/jboss/seam/security/external_authentication/configuration/SamlIdentityProvider.java modules/security/trunk/impl/src/main/java/org/jboss/seam/security/external_authentication/configuration/SamlService.java modules/security/trunk/impl/src/main/java/org/jboss/seam/security/external_authentication/configuration/ServiceProvider.java modules/security/trunk/impl/src/main/resources/schema/ modules/security/trunk/impl/src/main/resources/schema/config/ modules/security/trunk/impl/src/main/resources/schema/config/external-authentication-config.xsd modules/security/trunk/impl/src/main/resources/schema/samlv2/ modules/security/trunk/impl/src/main/resources/schema/samlv2/saml-schema-assertion-2.0.xsd modules/security/trunk/impl/src/main/resources/schema/samlv2/saml-schema-metadata-2.0.xsd modules/security/trunk/impl/src/main/resources/schema/samlv2/saml-schema-protocol-2.0.xsd modules/security/trunk/impl/src/main/resources/schema/samlv2/xenc-schema.xsd modules/security/trunk/impl/src/main/resources/schema/samlv2/xmldsig-core-schema.xsd modules/security/trunk/impl/src/main/resources/schema/xrds/ modules/security/trunk/impl/src/main/resources/schema/xrds/xrd.xsd modules/security/trunk/impl/src/main/resources/schema/xrds/xrds.xsd modules/security/trunk/impl/src/main/xjb/ modules/security/trunk/impl/src/main/xjb/config-bindings.xjb modules/security/trunk/impl/src/main/xjb/samlv2-bindings.xjb modules/security/trunk/impl/src/main/xjb/xrds-bindings.xjb Modified: modules/security/trunk/impl/pom.xml modules/security/trunk/impl/src/main/ Log: External authentication functionality (OpenID/SAMLv2), ported from the PicketLink Seam module. Not functional yet, and not integrated with the rest of the Seam Security module, but it compiles. Modified: modules/security/trunk/impl/pom.xml =================================================================== --- modules/security/trunk/impl/pom.xml 2010-08-05 17:54:51 UTC (rev 13561) +++ modules/security/trunk/impl/pom.xml 2010-08-06 14:08:04 UTC (rev 13562) @@ -14,6 +14,59 @@ <packaging>jar</packaging> <name>Seam Security Implementation</name> + <build> + <plugins> + <plugin> + <groupId>org.codehaus.mojo</groupId> + <artifactId>jaxb2-maven-plugin</artifactId> + <version>1.3</version> + <executions> + <execution> + <id>jaxb-saml</id> + <configuration> + <schemaDirectory>${basedir}/src/main/resources/schema/samlv2</schemaDirectory> + <outputDirectory>${basedir}/src/main/generated-source</outputDirectory> + <clearOutputDir>true</clearOutputDir> + <staleFile>${project.build.directory}/.staleFlag_saml</staleFile> + <bindingFiles>samlv2-bindings.xjb</bindingFiles> + </configuration> + <goals> + <goal>xjc</goal> + </goals> + </execution> + <execution> + <id>jaxb-xrds</id> + <configuration> + <schemaDirectory>${basedir}/src/main/resources/schema/xrds</schemaDirectory> + <packageName>org.jboss.seam.security.external_authentication.jaxb.xrds</packageName> + <outputDirectory>${basedir}/src/main/generated-source</outputDirectory> + <clearOutputDir>false</clearOutputDir> + <staleFile>${project.build.directory}/.staleFlag_xrds</staleFile> + <bindingFiles>xrds-bindings.xjb</bindingFiles> + </configuration> + <goals> + <goal>xjc</goal> + </goals> + </execution> + <execution> + <id>jaxb-config</id> + <configuration> + <schemaDirectory>${basedir}/src/main/resources/schema/config</schemaDirectory> + <packageName>org.jboss.seam.security.external_authentication.jaxb.config</packageName> + <outputDirectory>${basedir}/src/main/generated-source</outputDirectory> + <clearOutputDir>false</clearOutputDir> + <staleFile>${project.build.directory}/.staleFlag_config</staleFile> + <bindingFiles>config-bindings.xjb</bindingFiles> + </configuration> + <goals> + <goal>xjc</goal> + </goals> + </execution> + </executions> + </plugin> + </plugins> + </build> + <dependencies> <dependency> @@ -62,30 +115,30 @@ <artifactId>seam-drools-api</artifactId> <exclusions> - <exclusion> - <groupId>com.sun.xml.bind</groupId> - <artifactId>jaxb-impl</artifactId> - </exclusion> - <exclusion> - <groupId>com.sun.xml.bind</groupId> - <artifactId>jaxb-xjc</artifactId> - </exclusion> - <exclusion> - <groupId>org.drools</groupId> - <artifactId>drools-decisiontables</artifactId> - </exclusion> - <exclusion> - <groupId>org.drools</groupId> - <artifactId>drools-workitems</artifactId> - </exclusion> - <exclusion> - <groupId>org.drools</groupId> - <artifactId>drools-transformer-xstream</artifactId> - </exclusion> - <exclusion> - <groupId>javax.el</groupId> - <artifactId>el-api</artifactId> - </exclusion> + <exclusion> + <groupId>com.sun.xml.bind</groupId> + <artifactId>jaxb-impl</artifactId> + </exclusion> + <exclusion> + <groupId>com.sun.xml.bind</groupId> + <artifactId>jaxb-xjc</artifactId> + </exclusion> + <exclusion> + <groupId>org.drools</groupId> + <artifactId>drools-decisiontables</artifactId> + </exclusion> + <exclusion> + <groupId>org.drools</groupId> + <artifactId>drools-workitems</artifactId> + </exclusion> + <exclusion> + <groupId>org.drools</groupId> + <artifactId>drools-transformer-xstream</artifactId> + </exclusion> + <exclusion> + <groupId>javax.el</groupId> + <artifactId>el-api</artifactId> + </exclusion> </exclusions> </dependency> @@ -140,10 +193,10 @@ <groupId>org.picketlink.idm</groupId> <artifactId>picketlink-idm-core</artifactId> <exclusions> - <exclusion> - <groupId>log4j</groupId> - <artifactId>log4j</artifactId> - </exclusion> + <exclusion> + <groupId>log4j</groupId> + <artifactId>log4j</artifactId> + </exclusion> </exclusions> </dependency> @@ -153,6 +206,37 @@ <scope>provided</scope> </dependency> + <dependency> +  + <groupId>org.jboss.spec.javax.servlet</groupId> + <artifactId>jboss-servlet-api_3.0_spec</artifactId> + <scope>provided</scope> + </dependency> + + <dependency> +  + <groupId>javax.faces</groupId> + <artifactId>jsf-api</artifactId> + <scope>provided</scope> + </dependency> + + <dependency> + <groupId>org.openid4java</groupId> + <artifactId>openid4java</artifactId> + <version>0.9.5</version> + </dependency> + +  + <dependency> + <groupId>org.apache</groupId> + <artifactId>xmlsec</artifactId> + <version>1.4.3</version> + </dependency> + </dependencies> </project> Property changes on: modules/security/trunk/impl/src/main ___________________________________________________________________ Name: svn:ignore + generated-source Added: modules/security/trunk/impl/src/main/java/META-INF/MANIFEST.MF =================================================================== --- modules/security/trunk/impl/src/main/java/META-INF/MANIFEST.MF (rev 0) +++ modules/security/trunk/impl/src/main/java/META-INF/MANIFEST.MF 2010-08-06 14:08:04 UTC (rev 13562) @@ -0,0 +1,3 @@ +Manifest-Version: 1.0 +Class-Path: + Added: modules/security/trunk/impl/src/main/java/org/jboss/seam/security/external_authentication/ExternalAuthenticationFilter.java =================================================================== --- modules/security/trunk/impl/src/main/java/org/jboss/seam/security/external_authentication/ExternalAuthenticationFilter.java (rev 0) +++ modules/security/trunk/impl/src/main/java/org/jboss/seam/security/external_authentication/ExternalAuthenticationFilter.java 2010-08-06 14:08:04 UTC (rev 13562) @@ -0,0 +1,220 @@ +/* + * JBoss, Home of Professional Open Source + * Copyright 2010, Red Hat, Inc., and individual contributors + * by the @authors tag. See the copyright.txt in the distribution for a + * full listing of individual contributors. + * + * This is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * This software is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this software; if not, write to the Free + * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA + * 02110-1301 USA, or see the FSF site: http://www.fsf.org. + */ +package org.jboss.seam.security.external_authentication; + +import java.io.IOException; + +import javax.enterprise.inject.Instance; +import javax.inject.Inject; +import javax.servlet.Filter; +import javax.servlet.FilterChain; +import javax.servlet.FilterConfig; +import javax.servlet.ServletException; +import javax.servlet.ServletRequest; +import javax.servlet.ServletResponse; +import javax.servlet.annotation.WebFilter; +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; + +import org.jboss.seam.security.Identity; +import org.jboss.seam.security.external_authentication.configuration.Configuration; +import org.jboss.seam.security.external_authentication.configuration.SamlIdentityProvider; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +/** + * Seam Servlet Filter supporting SAMLv2 authentication. It implements the Web + * Browser SSO Profile. For outgoing authentication requests it can use either + * HTTP Post or HTTP Redirect binding. For the responses, it uses HTTP Post + * binding, with or without signature validation. + */ +@WebFilter +public class ExternalAuthenticationFilter implements Filter +{ + public static final String IDP_ENTITY_ID_PARAMETER = "idpEntityId"; + + public static final String RETURN_URL_PARAMETER = "returnUrl"; + + public static final String OPEN_ID_PARAMETER = "openId"; + + private final Logger log = LoggerFactory.getLogger(ExternalAuthenticationFilter.class); + + @Inject + private Configuration configuration; + + @Inject + private SamlMessageReceiver samlMessageReceiver; + + @Inject + private OpenIdSingleLoginReceiver openIdSingleLoginReceiver; + + @Inject + private SamlSingleSignOnSender samlSingleSignOnSender; + + @Inject + private OpenIdSingleLoginSender openIdSingleLoginSender; + + @Inject + private SamlSingleLogoutSender samlSingleLogoutSender; + + @Inject + private SamlMetaDataProvider samlMetaDataProvider; + + @Inject + private OpenIdXrdsProvider openIdXrdsProvider; + + @Inject + private Instance<Identity> identity; + + public void init(FilterConfig filterConfig) throws ServletException + { + configuration.setContextRoot(filterConfig.getServletContext().getContextPath()); + } + + public void doFilter(ServletRequest request, ServletResponse response, final FilterChain chain) throws IOException, ServletException + { + if (!(request instanceof HttpServletRequest)) + { + throw new ServletException("This filter can only process HttpServletRequest requests"); + } + + final HttpServletRequest httpRequest = (HttpServletRequest) request; + final HttpServletResponse httpResponse = (HttpServletResponse) response; + + final ExternalAuthenticationService service = determineService(httpRequest); + + if (service != null) + { + try + { + doFilter(httpRequest, httpResponse, service); + } + catch (InvalidRequestException e) + { + httpResponse.setStatus(HttpServletResponse.SC_BAD_REQUEST); + if (log.isInfoEnabled()) + { + log.info("Bad request received from {0} ({1})", new Object[] { e.getCause(), httpRequest.getRemoteHost(), e.getDescription() }); + } + } + } + else + { + // Request is not related to external authentication. Pass the request + // on to + // the next filter in the chain. + chain.doFilter(httpRequest, httpResponse); + } + } + + private void doFilter(HttpServletRequest httpRequest, HttpServletResponse httpResponse, ExternalAuthenticationService service) throws InvalidRequestException, IOException, ServletException + { + switch (service) + { + case OPEN_ID_SERVICE: + openIdSingleLoginReceiver.handleIncomingMessage(httpRequest, httpResponse); + break; + case SAML_SINGLE_LOGOUT_SERVICE: + samlMessageReceiver.handleIncomingSamlMessage(SamlProfile.SINGLE_LOGOUT, httpRequest, httpResponse); + break; + case SAML_ASSERTION_CONSUMER_SERVICE: + samlMessageReceiver.handleIncomingSamlMessage(SamlProfile.SINGLE_SIGN_ON, httpRequest, httpResponse); + break; + case AUTHENTICATION_SERVICE: + String returnUrl = httpRequest.getParameter(RETURN_URL_PARAMETER); + + String providerName = httpRequest.getParameter(IDP_ENTITY_ID_PARAMETER); + if (providerName != null) + { + SamlIdentityProvider identityProvider = configuration.getServiceProvider().getSamlConfiguration().getSamlIdentityProviderByEntityId(providerName); + + // User requested a page for which login is required. Return a page + // that instructs the browser to post an authentication request to + // the IDP. + if (identityProvider instanceof SamlIdentityProvider) + { + samlSingleSignOnSender.sendAuthenticationRequestToIDP(httpRequest, httpResponse, (SamlIdentityProvider) identityProvider, returnUrl); + } + else + { + throw new RuntimeException("Only SAML identity providers are supported in this version"); + } + } + else + { + String openId = httpRequest.getParameter(OPEN_ID_PARAMETER); + openIdSingleLoginSender.sendAuthRequest(openId, returnUrl, httpResponse); + } + break; + case LOGOUT_SERVICE: + if (!identity.get().isLoggedIn()) + { + throw new RuntimeException("User not logged in."); + } + // FIXME SeamSamlPrincipal principal = (SeamSamlPrincipal) + // identity.getPrincipal(); + SeamSamlPrincipal principal = (SeamSamlPrincipal) httpRequest.getUserPrincipal(); + SamlIdentityProvider idp = principal.getIdentityProvider(); + if (!(idp instanceof SamlIdentityProvider)) + { + throw new RuntimeException("Only SAML identity providers are supported in this version"); + } + + samlSingleLogoutSender.sendSingleLogoutRequestToIDP(httpRequest, httpResponse, identity.get()); + break; + case SAML_META_DATA_SERVICE: + + samlMetaDataProvider.writeMetaData(httpResponse.getOutputStream()); + httpResponse.setCharacterEncoding("UTF-8"); + httpResponse.setContentType("application/xml"); + httpResponse.flushBuffer(); + break; + case OPEN_ID_XRDS_SERVICE: + + openIdXrdsProvider.writeMetaData(httpResponse.getOutputStream()); + httpResponse.setCharacterEncoding("UTF-8"); + httpResponse.setContentType("application/xrds+xml"); + httpResponse.flushBuffer(); + break; + default: + throw new RuntimeException("Unsupported service " + service); + } + } + + private ExternalAuthenticationService determineService(HttpServletRequest httpRequest) + { + String path = ((HttpServletRequest) httpRequest).getRequestURI().replace(".seam", ""); + + for (ExternalAuthenticationService service : ExternalAuthenticationService.values()) + { + if (path.endsWith("/" + service.getName())) + { + return service; + } + } + return null; + } + + public void destroy() + { + } +} Property changes on: modules/security/trunk/impl/src/main/java/org/jboss/seam/security/external_authentication/ExternalAuthenticationFilter.java ___________________________________________________________________ Name: svn + eol-style=native Name: svn:keywords + Revision Author Date Added: modules/security/trunk/impl/src/main/java/org/jboss/seam/security/external_authentication/ExternalAuthenticationService.java =================================================================== --- modules/security/trunk/impl/src/main/java/org/jboss/seam/security/external_authentication/ExternalAuthenticationService.java (rev 0) +++ modules/security/trunk/impl/src/main/java/org/jboss/seam/security/external_authentication/ExternalAuthenticationService.java 2010-08-06 14:08:04 UTC (rev 13562) @@ -0,0 +1,52 @@ +/* + * JBoss, Home of Professional Open Source + * Copyright 2010, Red Hat, Inc., and individual contributors + * by the @authors tag. See the copyright.txt in the distribution for a + * full listing of individual contributors. + * + * This is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * This software is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this software; if not, write to the Free + * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA + * 02110-1301 USA, or see the FSF site: http://www.fsf.org. + */ +package org.jboss.seam.security.external_authentication; + +public enum ExternalAuthenticationService +{ + + AUTHENTICATION_SERVICE("AuthenticationService"), + + LOGOUT_SERVICE("LogoutService"), + + SAML_ASSERTION_CONSUMER_SERVICE("AssertionConsumerService"), + + SAML_SINGLE_LOGOUT_SERVICE("SingleLogoutService"), + + SAML_META_DATA_SERVICE("MetaDataService"), + + OPEN_ID_SERVICE("OpenIdService"), + + OPEN_ID_XRDS_SERVICE("OpenIdXrdsService"); + + private String name; + + private ExternalAuthenticationService(String name) + { + this.name = name; + } + + public String getName() + { + return name; + } +} Property changes on: modules/security/trunk/impl/src/main/java/org/jboss/seam/security/external_authentication/ExternalAuthenticationService.java ___________________________________________________________________ Name: svn + eol-style=native Name: svn:keywords + Revision Author Date Added: modules/security/trunk/impl/src/main/java/org/jboss/seam/security/external_authentication/ExternalAuthenticator.java =================================================================== --- modules/security/trunk/impl/src/main/java/org/jboss/seam/security/external_authentication/ExternalAuthenticator.java (rev 0) +++ modules/security/trunk/impl/src/main/java/org/jboss/seam/security/external_authentication/ExternalAuthenticator.java 2010-08-06 14:08:04 UTC (rev 13562) @@ -0,0 +1,174 @@ +/* + * JBoss, Home of Professional Open Source + * Copyright 2010, Red Hat, Inc., and individual contributors + * by the @authors tag. See the copyright.txt in the distribution for a + * full listing of individual contributors. + * + * This is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * This software is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this software; if not, write to the Free + * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA + * 02110-1301 USA, or see the FSF site: http://www.fsf.org. + */ +package org.jboss.seam.security.external_authentication; + +import java.io.IOException; +import java.io.UnsupportedEncodingException; +import java.net.URLEncoder; +import java.util.HashMap; +import java.util.Map; + +import javax.faces.context.FacesContext; +import javax.inject.Inject; +import javax.inject.Named; +import javax.servlet.annotation.WebFilter; + +import org.jboss.seam.security.Identity; +import org.jboss.seam.security.external_authentication.configuration.SamlIdentityProvider; +import org.jboss.seam.security.external_authentication.configuration.ServiceProvider; + +/** + * Filter that manages the external authentication of users (using, for example, + * SAML or OpenID). + */ +@Named("externalAuthenticator") +@WebFilter +// FIXME: page scope +public class ExternalAuthenticator +{ + private String returnUrl; + + private String openId; + + @Inject + private ServiceProvider serviceProvider; + + @Inject + private Identity identity; + + public void samlSignOn(String idpEntityId) + { + if (serviceProvider.getSamlConfiguration() == null) + { + throw new RuntimeException("SAML is not configured."); + } + + SamlIdentityProvider idp = serviceProvider.getSamlConfiguration().getSamlIdentityProviderByEntityId(idpEntityId); + if (idp == null) + { + throw new RuntimeException("Identity provider " + idpEntityId + " not found"); + } + + String authenticationServiceURL = serviceProvider.getServiceURL(ExternalAuthenticationService.AUTHENTICATION_SERVICE); + Map<String, String> params = new HashMap<String, String>(); + params.put(ExternalAuthenticationFilter.IDP_ENTITY_ID_PARAMETER, idpEntityId); + params.put(ExternalAuthenticationFilter.RETURN_URL_PARAMETER, returnUrl); + redirect(authenticationServiceURL, params); + } + + public void openIdSignOn() + { + openIdSignOn(openId); + } + + public void openIdSignOn(String openId) + { + if (serviceProvider.getOpenIdConfiguration() == null) + { + throw new RuntimeException("OpenID is not configured."); + } + String authenticationServiceURL = serviceProvider.getServiceURL(ExternalAuthenticationService.AUTHENTICATION_SERVICE); + Map<String, String> params = new HashMap<String, String>(); + params.put(ExternalAuthenticationFilter.RETURN_URL_PARAMETER, returnUrl); + params.put(ExternalAuthenticationFilter.OPEN_ID_PARAMETER, openId); + redirect(authenticationServiceURL, params); + } + + public void singleLogout() + { + if (!identity.isLoggedIn()) + { + throw new RuntimeException("Not logged in"); + } + if (false /* FIXME !(identity.getPrincipal() instanceof SeamSamlPrincipal) */) + { + throw new RuntimeException("Single logout is only supported for SAML"); + } + String logoutServiceURL = serviceProvider.getServiceURL(ExternalAuthenticationService.LOGOUT_SERVICE); + redirect(logoutServiceURL, null); + } + + private void redirect(String urlBase, Map<String, String> params) + { + StringBuilder url = new StringBuilder(); + url.append(urlBase); + if (params != null && params.size() > 0) + { + url.append("?"); + boolean first = true; + for (Map.Entry<String, String> paramEntry : params.entrySet()) + { + if (first) + { + first = false; + } + else + { + url.append("&"); + } + url.append(paramEntry.getKey()); + url.append("="); + try + { + String paramValue = paramEntry.getValue(); + if (paramValue == null || paramValue == "") + throw new RuntimeException("Param Key:" + paramEntry.getKey() + " has value that is null"); + url.append(URLEncoder.encode(paramValue, "UTF-8")); + } + catch (UnsupportedEncodingException e) + { + throw new RuntimeException(e); + } + } + } + + try + { + FacesContext.getCurrentInstance().getExternalContext().redirect(url.toString()); + } + catch (IOException e) + { + throw new RuntimeException(e); + + } + } + + public String getReturnUrl() + { + return returnUrl; + } + + public void setReturnUrl(String returnUrl) + { + this.returnUrl = returnUrl; + } + + public String getOpenId() + { + return openId; + } + + public void setOpenId(String openId) + { + this.openId = openId; + } +} Property changes on: modules/security/trunk/impl/src/main/java/org/jboss/seam/security/external_authentication/ExternalAuthenticator.java ___________________________________________________________________ Name: svn + eol-style=native Name: svn:keywords + Revision Author Date Added: modules/security/trunk/impl/src/main/java/org/jboss/seam/security/external_authentication/InternalAuthenticator.java =================================================================== --- modules/security/trunk/impl/src/main/java/org/jboss/seam/security/external_authentication/InternalAuthenticator.java (rev 0) +++ modules/security/trunk/impl/src/main/java/org/jboss/seam/security/external_authentication/InternalAuthenticator.java 2010-08-06 14:08:04 UTC (rev 13562) @@ -0,0 +1,78 @@ +/* + * JBoss, Home of Professional Open Source + * Copyright 2010, Red Hat, Inc., and individual contributors + * by the @authors tag. See the copyright.txt in the distribution for a + * full listing of individual contributors. + * + * This is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * This software is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this software; if not, write to the Free + * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA + * 02110-1301 USA, or see the FSF site: http://www.fsf.org. + */ +package org.jboss.seam.security.external_authentication; + +import java.security.Principal; +import java.util.LinkedList; +import java.util.List; + +import javax.enterprise.inject.spi.BeanManager; +import javax.inject.Inject; +import javax.inject.Named; +import javax.security.auth.login.LoginException; +import javax.servlet.http.HttpServletRequest; + +import org.jboss.seam.security.Identity; +import org.jboss.seam.security.events.LoginFailedEvent; +import org.jboss.seam.security.events.PostAuthenticateEvent; +import org.jboss.seam.security.external_authentication.configuration.ServiceProvider; + +@Named("internalAuthenticator") +public class InternalAuthenticator +{ + @Inject + private Identity identity; + + @Inject + private ServiceProvider serviceProvider; + + @Inject + private BeanManager beanManager; + + public boolean authenticate(Principal principal, HttpServletRequest httpRequest) + { + List<String> roles = new LinkedList<String>(); + Boolean internallyAuthenticated = null; // FIXME = + // serviceProvider.getInternalAuthenticationMethod().invoke(principal, + // roles); + + beanManager.fireEvent(new PostAuthenticateEvent()); + + if (internallyAuthenticated) + { + // FIXME identity.acceptExternallyAuthenticatedPrincipal(principal); + + for (String role : roles) + { + // FIXME identity.addRole(role); + } + + beanManager.fireEvent(new LoggedInEvent(null) /* FIXME: no user */); + } + else + { + beanManager.fireEvent(new LoginFailedEvent(new LoginException())); + } + + return internallyAuthenticated; + } +} Property changes on: modules/security/trunk/impl/src/main/java/org/jboss/seam/security/external_authentication/InternalAuthenticator.java ___________________________________________________________________ Name: svn + eol-style=native Name: svn:keywords + Revision Author Date Added: modules/security/trunk/impl/src/main/java/org/jboss/seam/security/external_authentication/InvalidRequestException.java =================================================================== --- modules/security/trunk/impl/src/main/java/org/jboss/seam/security/external_authentication/InvalidRequestException.java (rev 0) +++ modules/security/trunk/impl/src/main/java/org/jboss/seam/security/external_authentication/InvalidRequestException.java 2010-08-06 14:08:04 UTC (rev 13562) @@ -0,0 +1,61 @@ +/* + * JBoss, Home of Professional Open Source + * Copyright 2010, Red Hat, Inc., and individual contributors + * by the @authors tag. See the copyright.txt in the distribution for a + * full listing of individual contributors. + * + * This is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * This software is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this software; if not, write to the Free + * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA + * 02110-1301 USA, or see the FSF site: http://www.fsf.org. + */ +package org.jboss.seam.security.external_authentication; + +/** + * Exception thrown to indicate that the request is invalid. + */ +public class InvalidRequestException extends Exception +{ + private static final long serialVersionUID = -9127592026257210986L; + + private String description; + + private Exception cause; + + public InvalidRequestException(String description) + { + this(description, null); + } + + public InvalidRequestException(String description, Exception cause) + { + super(); + this.description = description; + this.cause = cause; + } + + public String getDescription() + { + return description; + } + + public Exception getCause() + { + return cause; + } + + public void setCause(Exception cause) + { + this.cause = cause; + } +} Property changes on: modules/security/trunk/impl/src/main/java/org/jboss/seam/security/external_authentication/InvalidRequestException.java ___________________________________________________________________ Name: svn + eol-style=native Name: svn:keywords + Revision Author Date Added: modules/security/trunk/impl/src/main/java/org/jboss/seam/security/external_authentication/LoggedInEvent.java =================================================================== --- modules/security/trunk/impl/src/main/java/org/jboss/seam/security/external_authentication/LoggedInEvent.java (rev 0) +++ modules/security/trunk/impl/src/main/java/org/jboss/seam/security/external_authentication/LoggedInEvent.java 2010-08-06 14:08:04 UTC (rev 13562) @@ -0,0 +1,32 @@ +/* + * JBoss, Home of Professional Open Source + * Copyright 2010, Red Hat, Inc., and individual contributors + * by the @authors tag. See the copyright.txt in the distribution for a + * full listing of individual contributors. + * + * This is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * This software is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this software; if not, write to the Free + * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA + * 02110-1301 USA, or see the FSF site: http://www.fsf.org. + */ +package org.jboss.seam.security.external_authentication; + +public class LoggedInEvent +{ + + public LoggedInEvent(Object object) + { + // TODO Auto-generated constructor stub + } + +} Property changes on: modules/security/trunk/impl/src/main/java/org/jboss/seam/security/external_authentication/LoggedInEvent.java ___________________________________________________________________ Name: svn + eol-style=native Name: svn:keywords + Revision Author Date Added: modules/security/trunk/impl/src/main/java/org/jboss/seam/security/external_authentication/OpenIdConsumerManagerFactory.java =================================================================== --- modules/security/trunk/impl/src/main/java/org/jboss/seam/security/external_authentication/OpenIdConsumerManagerFactory.java (rev 0) +++ modules/security/trunk/impl/src/main/java/org/jboss/seam/security/external_authentication/OpenIdConsumerManagerFactory.java 2010-08-06 14:08:04 UTC (rev 13562) @@ -0,0 +1,48 @@ +/* + * JBoss, Home of Professional Open Source + * Copyright 2010, Red Hat, Inc., and individual contributors + * by the @authors tag. See the copyright.txt in the distribution for a + * full listing of individual contributors. + * + * This is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * This software is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this software; if not, write to the Free + * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA + * 02110-1301 USA, or see the FSF site: http://www.fsf.org. + */ +package org.jboss.seam.security.external_authentication; + +import javax.enterprise.context.ApplicationScoped; +import javax.enterprise.inject.Produces; +import javax.inject.Inject; +import javax.inject.Named; + +import org.openid4java.consumer.ConsumerManager; + +@Named("openIdConsumerManager") +@ApplicationScoped +public class OpenIdConsumerManagerFactory +{ + private ConsumerManager consumerManager; + + @Produces + public ConsumerManager getConsumerManager() + { + return consumerManager; + } + + @Inject + public void startup() throws Exception + { + consumerManager = new ConsumerManager(); + } +} \ No newline at end of file Property changes on: modules/security/trunk/impl/src/main/java/org/jboss/seam/security/external_authentication/OpenIdConsumerManagerFactory.java ___________________________________________________________________ Name: svn + eol-style=native Name: svn:keywords + Revision Author Date Added: modules/security/trunk/impl/src/main/java/org/jboss/seam/security/external_authentication/OpenIdPrincipal.java =================================================================== --- modules/security/trunk/impl/src/main/java/org/jboss/seam/security/external_authentication/OpenIdPrincipal.java (rev 0) +++ modules/security/trunk/impl/src/main/java/org/jboss/seam/security/external_authentication/OpenIdPrincipal.java 2010-08-06 14:08:04 UTC (rev 13562) @@ -0,0 +1,65 @@ +/* + * JBoss, Home of Professional Open Source + * Copyright 2010, Red Hat, Inc., and individual contributors + * by the @authors tag. See the copyright.txt in the distribution for a + * full listing of individual contributors. + * + * This is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * This software is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this software; if not, write to the Free + * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA + * 02110-1301 USA, or see the FSF site: http://www.fsf.org. + */ +package org.jboss.seam.security.external_authentication; + +import java.net.URL; +import java.security.Principal; +import java.util.List; +import java.util.Map; + +public class OpenIdPrincipal implements Principal +{ + private String identifier; + + private URL openIdProvider; + + private Map<String, List<String>> attributes; + + public OpenIdPrincipal(String identifier, URL openIdProvider, Map<String, List<String>> attributes) + { + super(); + this.identifier = identifier; + this.openIdProvider = openIdProvider; + this.attributes = attributes; + } + + public String getName() + { + return identifier; + } + + public String getIdentifier() + { + return identifier; + } + + public URL getOpenIdProvider() + { + return openIdProvider; + } + + public Map<String, List<String>> getAttributes() + { + return attributes; + } + +} Property changes on: modules/security/trunk/impl/src/main/java/org/jboss/seam/security/external_authentication/OpenIdPrincipal.java ___________________________________________________________________ Name: svn + eol-style=native Name: svn:keywords + Revision Author Date Added: modules/security/trunk/impl/src/main/java/org/jboss/seam/security/external_authentication/OpenIdRequest.java =================================================================== --- modules/security/trunk/impl/src/main/java/org/jboss/seam/security/external_authentication/OpenIdRequest.java (rev 0) +++ modules/security/trunk/impl/src/main/java/org/jboss/seam/security/external_authentication/OpenIdRequest.java 2010-08-06 14:08:04 UTC (rev 13562) @@ -0,0 +1,56 @@ +/* + * JBoss, Home of Professional Open Source + * Copyright 2010, Red Hat, Inc., and individual contributors + * by the @authors tag. See the copyright.txt in the distribution for a + * full listing of individual contributors. + * + * This is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * This software is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this software; if not, write to the Free + * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA + * 02110-1301 USA, or see the FSF site: http://www.fsf.org. + */ +package org.jboss.seam.security.external_authentication; + +import javax.enterprise.context.SessionScoped; +import javax.inject.Named; + +import org.openid4java.discovery.DiscoveryInformation; + +@Named("openIdRequest") +@SessionScoped +public class OpenIdRequest +{ + private DiscoveryInformation discoveryInformation; + + private String returnUrl; + + public DiscoveryInformation getDiscoveryInformation() + { + return discoveryInformation; + } + + public void setDiscoveryInformation(DiscoveryInformation discoveryInformation) + { + this.discoveryInformation = discoveryInformation; + } + + public String getReturnUrl() + { + return returnUrl; + } + + public void setReturnUrl(String returnUrl) + { + this.returnUrl = returnUrl; + } +} Property changes on: modules/security/trunk/impl/src/main/java/org/jboss/seam/security/external_authentication/OpenIdRequest.java ___________________________________________________________________ Name: svn + eol-style=native Name: svn:keywords + Revision Author Date Added: modules/security/trunk/impl/src/main/java/org/jboss/seam/security/external_authentication/OpenIdSingleLoginReceiver.java =================================================================== --- modules/security/trunk/impl/src/main/java/org/jboss/seam/security/external_authentication/OpenIdSingleLoginReceiver.java (rev 0) +++ modules/security/trunk/impl/src/main/java/org/jboss/seam/security/external_authentication/OpenIdSingleLoginReceiver.java 2010-08-06 14:08:04 UTC (rev 13562) @@ -0,0 +1,139 @@ +/* + * JBoss, Home of Professional Open Source + * Copyright 2010, Red Hat, Inc., and individual contributors + * by the @authors tag. See the copyright.txt in the distribution for a + * full listing of individual contributors. + * + * This is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * This software is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this software; if not, write to the Free + * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA + * 02110-1301 USA, or see the FSF site: http://www.fsf.org. + */ +package org.jboss.seam.security.external_authentication; + +import java.io.IOException; +import java.net.URL; +import java.util.List; +import java.util.Map; + +import javax.enterprise.inject.spi.BeanManager; +import javax.inject.Inject; +import javax.inject.Named; +import javax.security.auth.login.LoginException; +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; + +import org.jboss.seam.security.events.LoginFailedEvent; +import org.jboss.seam.security.external_authentication.configuration.ServiceProvider; +import org.openid4java.OpenIDException; +import org.openid4java.consumer.ConsumerManager; +import org.openid4java.consumer.VerificationResult; +import org.openid4java.discovery.DiscoveryInformation; +import org.openid4java.discovery.Identifier; +import org.openid4java.message.AuthSuccess; +import org.openid4java.message.ParameterList; +import org.openid4java.message.ax.AxMessage; +import org.openid4java.message.ax.FetchResponse; + +@Named("openIdSingleLoginReceiver") +public class OpenIdSingleLoginReceiver +{ + @Inject + private OpenIdRequest openIdRequest; + + @Inject + private ConsumerManager openIdConsumerManager; + + @Inject + private InternalAuthenticator internalAuthenticator; + + @Inject + private ServiceProvider serviceProvider; + + @Inject + private BeanManager manager; + + @SuppressWarnings("unchecked") + public void handleIncomingMessage(HttpServletRequest httpRequest, HttpServletResponse httpResponse) throws InvalidRequestException + { + try + { + // extract the parameters from the authentication response + // (which comes in as a HTTP request from the OpenID provider) + ParameterList response = new ParameterList(httpRequest.getParameterMap()); + + // retrieve the previously stored discovery information + DiscoveryInformation discovered = openIdRequest.getDiscoveryInformation(); + + // extract the receiving URL from the HTTP request + StringBuffer receivingURL = httpRequest.getRequestURL(); + String queryString = httpRequest.getQueryString(); + if (queryString != null && queryString.length() > 0) + receivingURL.append("?").append(httpRequest.getQueryString()); + + // verify the response; ConsumerManager needs to be the same + // (static) instance used to place the authentication request + VerificationResult verification = openIdConsumerManager.verify(receivingURL.toString(), response, discovered); + + boolean authenticated = true; + + // examine the verification result and extract the verified identifier + Identifier identifier = verification.getVerifiedId(); + + if (identifier != null) + { + AuthSuccess authSuccess = (AuthSuccess) verification.getAuthResponse(); + + Map<String, List<String>> attributes = null; + if (authSuccess.hasExtension(AxMessage.OPENID_NS_AX)) + { + FetchResponse fetchResp = (FetchResponse) authSuccess.getExtension(AxMessage.OPENID_NS_AX); + + attributes = fetchResp.getAttributes(); + } + + OpenIdPrincipal principal = createPrincipal(identifier.getIdentifier(), discovered.getOPEndpoint(), attributes); + + authenticated = internalAuthenticator.authenticate(principal, httpRequest); + } + else + { + manager.fireEvent(new LoginFailedEvent(new LoginException())); + authenticated = false; + } + + if (authenticated) + { + httpResponse.sendRedirect(openIdRequest.getReturnUrl()); + } + else + { + httpResponse.sendRedirect(serviceProvider.getFailedAuthenticationUrl()); + } + } + catch (OpenIDException e) + { + throw new RuntimeException(e); + } + catch (IOException e) + { + throw new RuntimeException(e); + } + + } + + private OpenIdPrincipal createPrincipal(String identifier, URL openIdProvider, Map<String, List<String>> attributes) + { + return new OpenIdPrincipal(identifier, openIdProvider, attributes); + } +} Property changes on: modules/security/trunk/impl/src/main/java/org/jboss/seam/security/external_authentication/OpenIdSingleLoginReceiver.java ___________________________________________________________________ Name: svn + eol-style=native Name: svn:keywords + Revision Author Date Added: modules/security/trunk/impl/src/main/java/org/jboss/seam/security/external_authentication/OpenIdSingleLoginSender.java =================================================================== --- modules/security/trunk/impl/src/main/java/org/jboss/seam/security/external_authentication/OpenIdSingleLoginSender.java (rev 0) +++ modules/security/trunk/impl/src/main/java/org/jboss/seam/security/external_authentication/OpenIdSingleLoginSender.java 2010-08-06 14:08:04 UTC (rev 13562) @@ -0,0 +1,113 @@ +/* + * JBoss, Home of Professional Open Source + * Copyright 2010, Red Hat, Inc., and individual contributors + * by the @authors tag. See the copyright.txt in the distribution for a + * full listing of individual contributors. + * + * This is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * This software is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this software; if not, write to the Free + * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA + * 02110-1301 USA, or see the FSF site: http://www.fsf.org. + */ +package org.jboss.seam.security.external_authentication; + +import java.io.IOException; +import java.util.List; + +import javax.enterprise.inject.spi.BeanManager; +import javax.inject.Inject; +import javax.inject.Named; +import javax.security.auth.login.LoginException; +import javax.servlet.http.HttpServletResponse; + +import org.jboss.seam.security.events.LoginFailedEvent; +import org.jboss.seam.security.events.PreAuthenticateEvent; +import org.jboss.seam.security.external_authentication.configuration.ServiceProvider; +import org.jboss.seam.security.external_authentication.jaxb.config.OpenIdAttributeType; +import org.openid4java.OpenIDException; +import org.openid4java.consumer.ConsumerManager; +import org.openid4java.discovery.DiscoveryInformation; +import org.openid4java.message.AuthRequest; +import org.openid4java.message.ax.FetchRequest; + +@Named("org.jboss.seam.security.external_authentication.openIdSingleLoginSender") +public class OpenIdSingleLoginSender +{ + @Inject + private OpenIdRequest openIdRequest; + + @Inject + private ConsumerManager openIdConsumerManager; + + @Inject + private ServiceProvider serviceProvider; + + @Inject + private BeanManager manager; + + public String sendAuthRequest(String openId, String returnUrl, HttpServletResponse httpResponse) + { + try + { + @SuppressWarnings("unchecked") + List<DiscoveryInformation> discoveries = openIdConsumerManager.discover(openId); + + DiscoveryInformation discovered = openIdConsumerManager.associate(discoveries); + + openIdRequest.setDiscoveryInformation(discovered); + openIdRequest.setReturnUrl(returnUrl); + + String openIdServiceUrl = serviceProvider.getServiceURL(ExternalAuthenticationService.OPEN_ID_SERVICE); + String realm = serviceProvider.getOpenIdRealm(); + AuthRequest authReq = openIdConsumerManager.authenticate(discovered, openIdServiceUrl, realm); + + // Request attributes + List<OpenIdAttributeType> attributes = serviceProvider.getOpenIdConfiguration().getAttributes(); + if (attributes.size() > 0) + { + FetchRequest fetch = FetchRequest.createFetchRequest(); + for (OpenIdAttributeType attribute : attributes) + { + fetch.addAttribute(attribute.getAlias(), attribute.getTypeUri(), attribute.isRequired()); + } + // attach the extension to the authentication request + authReq.addExtension(fetch); + } + + String url = authReq.getDestinationUrl(true); + + manager.fireEvent(new PreAuthenticateEvent()); + + httpResponse.sendRedirect(url); + } + catch (OpenIDException e) + { + try + { + manager.fireEvent(new LoginFailedEvent(new LoginException())); + + httpResponse.sendRedirect(serviceProvider.getFailedAuthenticationUrl()); + } + catch (IOException e1) + { + throw new RuntimeException(e); + } + } + catch (IOException e) + { + throw new RuntimeException(e); + } + + return null; + } +} Property changes on: modules/security/trunk/impl/src/main/java/org/jboss/seam/security/external_authentication/OpenIdSingleLoginSender.java ___________________________________________________________________ Name: svn + eol-style=native Name: svn:keywords + Revision Author Date Added: modules/security/trunk/impl/src/main/java/org/jboss/seam/security/external_authentication/OpenIdXrdsProvider.java =================================================================== --- modules/security/trunk/impl/src/main/java/org/jboss/seam/security/external_authentication/OpenIdXrdsProvider.java (rev 0) +++ modules/security/trunk/impl/src/main/java/org/jboss/seam/security/external_authentication/OpenIdXrdsProvider.java 2010-08-06 14:08:04 UTC (rev 13562) @@ -0,0 +1,79 @@ +/* + * JBoss, Home of Professional Open Source + * Copyright 2010, Red Hat, Inc., and individual contributors + * by the @authors tag. See the copyright.txt in the distribution for a + * full listing of individual contributors. + * + * This is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * This software is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this software; if not, write to the Free + * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA + * 02110-1301 USA, or see the FSF site: http://www.fsf.org. + */ +package org.jboss.seam.security.external_authentication; + +import java.io.OutputStream; + +import javax.inject.Inject; +import javax.xml.bind.JAXBContext; +import javax.xml.bind.JAXBException; +import javax.xml.bind.Marshaller; + +import org.jboss.seam.security.external_authentication.configuration.ServiceProvider; +import org.jboss.seam.security.external_authentication.jaxb.xrds.ObjectFactory; +import org.jboss.seam.security.external_authentication.jaxb.xrds.Service; +import org.jboss.seam.security.external_authentication.jaxb.xrds.Type; +import org.jboss.seam.security.external_authentication.jaxb.xrds.URIPriorityAppendPattern; +import org.jboss.seam.security.external_authentication.jaxb.xrds.XRD; +import org.jboss.seam.security.external_authentication.jaxb.xrds.XRDS; +import org.openid4java.discovery.DiscoveryInformation; + +public class OpenIdXrdsProvider +{ + @Inject + private ServiceProvider serviceProvider; + + public void writeMetaData(OutputStream stream) + { + try + { + ObjectFactory objectFactory = new ObjectFactory(); + + XRDS xrds = objectFactory.createXRDS(); + + XRD xrd = objectFactory.createXRD(); + + Type type = objectFactory.createType(); + type.setValue(DiscoveryInformation.OPENID2_RP); + URIPriorityAppendPattern uri = objectFactory.createURIPriorityAppendPattern(); + uri.setValue(serviceProvider.getServiceURL(ExternalAuthenticationService.OPEN_ID_SERVICE)); + + Service service = objectFactory.createService(); + service.getType().add(type); + service.getURI().add(uri); + + xrd.getService().add(service); + + xrds.getOtherelement().add(xrd); + + JAXBContext jaxbContext = JAXBContext.newInstance("org.jboss.seam.security.external_authentication.jaxb.xrds"); + Marshaller marshaller = jaxbContext.createMarshaller(); + marshaller.setProperty(Marshaller.JAXB_ENCODING, "UTF-8"); + marshaller.setProperty(Marshaller.JAXB_FORMATTED_OUTPUT, Boolean.TRUE); + marshaller.marshal(xrds, stream); + } + catch (JAXBException e) + { + throw new RuntimeException(e); + } + } +} Property changes on: modules/security/trunk/impl/src/main/java/org/jboss/seam/security/external_authentication/OpenIdXrdsProvider.java ___________________________________________________________________ Name: svn + eol-style=native Name: svn:keywords + Revision Author Date Added: modules/security/trunk/impl/src/main/java/org/jboss/seam/security/external_authentication/PagesSupportingExternalAuthentication.java =================================================================== --- modules/security/trunk/impl/src/main/java/org/jboss/seam/security/external_authentication/PagesSupportingExternalAuthentication.java (rev 0) +++ modules/security/trunk/impl/src/main/java/org/jboss/seam/security/external_authentication/PagesSupportingExternalAuthentication.java 2010-08-06 14:08:04 UTC (rev 13562) @@ -0,0 +1,81 @@ +/* + * JBoss, Home of Professional Open Source + * Copyright 2010, Red Hat, Inc., and individual contributors + * by the @authors tag. See the copyright.txt in the distribution for a + * full listing of individual contributors. + * + * This is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * This software is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this software; if not, write to the Free + * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA + * 02110-1301 USA, or see the FSF site: http://www.fsf.org. + */ +package org.jboss.seam.security.external_authentication; + +/** + * Override of Seam's Pages component. It replaces the login page redirection method with a version + * that redirects to an URL that is filtered by the SamlAuthenticationFilter. + */ + +// FIXME + +//@ApplicationScoped +//@BypassInterceptors +//@Name("org.jboss.seam.navigation.pages") +//@Injectstall(precedence = Install.FRAMEWORK, classDependencies = "javax.faces.context.FacesContext") +//@Startup +//public class PagesSupportingExternalAuthentication extends Pages +//{ +// @Override +// public void redirectToLoginView() +// { +// notLoggedIn(); +// +// HttpServletRequest httpRequest = (HttpServletRequest) FacesContext.getCurrentInstance().getExternalContext() +// .getRequest(); +// +// StringBuffer returnUrl = httpRequest.getRequestURL(); +// +// ExternalAuthenticator externalAuthenticator = (ExternalAuthenticator) Component +// .getInstance(ExternalAuthenticator.class); +// externalAuthenticator.setReturnUrl(returnUrl.toString()); +// +// ServiceProvider serviceProvider = Configuration.instance().getServiceProvider(); +// +// // Use default SAML identity provider, if configured +// SamlConfiguration samlConfiguration = serviceProvider.getSamlConfiguration(); +// if (samlConfiguration != null && samlConfiguration.getDefaultIdentityProvider() != null) +// { +// externalAuthenticator.samlSignOn(samlConfiguration.getDefaultIdentityProvider().getEntityId()); +// } +// else +// { +// // Otherwise, use default OpenId identity provider, if configured +// OpenIdConfiguration openIdConfiguration = serviceProvider.getOpenIdConfiguration(); +// if (openIdConfiguration != null && openIdConfiguration.getDefaultOpenIdProvider() != null) +// { +// externalAuthenticator.openIdSignOn(openIdConfiguration.getDefaultOpenIdProvider()); +// } +// else +// { +// // Otherwise, redirect to the login view, so that the user can choose an IDP +// if (getLoginViewId() == null) +// { +// throw new RuntimeException("Login view id not specified in pages.xml."); +// } +// Map<String, Object> parameters = new HashMap<String, Object>(); +// parameters.put(ExternalAuthenticationFilter.RETURN_URL_PARAMETER, returnUrl); +// FacesManager.instance().redirect(getLoginViewId(), parameters, false); +// } +// } +// } +// } Property changes on: modules/security/trunk/impl/src/main/java/org/jboss/seam/security/external_authentication/PagesSupportingExternalAuthentication.java ___________________________________________________________________ Name: svn + eol-style=native Name: svn:keywords + Revision Author Date Added: modules/security/trunk/impl/src/main/java/org/jboss/seam/security/external_authentication/RequestContext.java =================================================================== --- modules/security/trunk/impl/src/main/java/org/jboss/seam/security/external_authentication/RequestContext.java (rev 0) +++ modules/security/trunk/impl/src/main/java/org/jboss/seam/security/external_authentication/RequestContext.java 2010-08-06 14:08:04 UTC (rev 13562) @@ -0,0 +1,75 @@ +/* + * JBoss, Home of Professional Open Source + * Copyright 2010, Red Hat, Inc., and individual contributors + * by the @authors tag. See the copyright.txt in the distribution for a + * full listing of individual contributors. + * + * This is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * This software is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this software; if not, write to the Free + * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA + * 02110-1301 USA, or see the FSF site: http://www.fsf.org. + */ +package org.jboss.seam.security.external_authentication; + +import org.jboss.seam.security.external_authentication.configuration.SamlIdentityProvider; + +/** + * Context of an authentication request. + * + */ +public class RequestContext +{ + private String id; + + private SamlIdentityProvider identityProvider; + + private String urlToRedirectToAfterLogin; + + public RequestContext(String id, SamlIdentityProvider identityProvider, String urlToRedirectToAfterLogin) + { + super(); + this.id = id; + this.identityProvider = identityProvider; + this.urlToRedirectToAfterLogin = urlToRedirectToAfterLogin; + } + + public String getId() + { + return id; + } + + public void setId(String id) + { + this.id = id; + } + + public SamlIdentityProvider getIdentityProvider() + { + return identityProvider; + } + + public void setIdentityProvider(SamlIdentityProvider identityProvider) + { + this.identityProvider = identityProvider; + } + + public String getUrlToRedirectToAfterLogin() + { + return urlToRedirectToAfterLogin; + } + + public void setUrlToRedirectToAfterLogin(String urlToRedirectToAfterLogin) + { + this.urlToRedirectToAfterLogin = urlToRedirectToAfterLogin; + } +} Property changes on: modules/security/trunk/impl/src/main/java/org/jboss/seam/security/external_authentication/RequestContext.java ___________________________________________________________________ Name: svn + eol-style=native Name: svn:keywords + Revision Author Date Added: modules/security/trunk/impl/src/main/java/org/jboss/seam/security/external_authentication/RequestOrResponse.java =================================================================== --- modules/security/trunk/impl/src/main/java/org/jboss/seam/security/external_authentication/RequestOrResponse.java (rev 0) +++ modules/security/trunk/impl/src/main/java/org/jboss/seam/security/external_authentication/RequestOrResponse.java 2010-08-06 14:08:04 UTC (rev 13562) @@ -0,0 +1,37 @@ +/* + * JBoss, Home of Professional Open Source + * Copyright 2010, Red Hat, Inc., and individual contributors + * by the @authors tag. See the copyright.txt in the distribution for a + * full listing of individual contributors. + * + * This is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * This software is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this software; if not, write to the Free + * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA + * 02110-1301 USA, or see the FSF site: http://www.fsf.org. + */ +package org.jboss.seam.security.external_authentication; + +public enum RequestOrResponse +{ + REQUEST, RESPONSE; + + public boolean isRequest() + { + return this == REQUEST; + } + + public boolean isResponse() + { + return this == RESPONSE; + } +} Property changes on: modules/security/trunk/impl/src/main/java/org/jboss/seam/security/external_authentication/RequestOrResponse.java ___________________________________________________________________ Name: svn + eol-style=native Name: svn:keywords + Revision Author Date Added: modules/security/trunk/impl/src/main/java/org/jboss/seam/security/external_authentication/Requests.java =================================================================== --- modules/security/trunk/impl/src/main/java/org/jboss/seam/security/external_authentication/Requests.java (rev 0) +++ modules/security/trunk/impl/src/main/java/org/jboss/seam/security/external_authentication/Requests.java 2010-08-06 14:08:04 UTC (rev 13562) @@ -0,0 +1,81 @@ +/* + * JBoss, Home of Professional Open Source + * Copyright 2010, Red Hat, Inc., and individual contributors + * by the @authors tag. See the copyright.txt in the distribution for a + * full listing of individual contributors. + * + * This is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * This software is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this software; if not, write to the Free + * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA + * 02110-1301 USA, or see the FSF site: http://www.fsf.org. + */ +package org.jboss.seam.security.external_authentication; + +import java.io.IOException; +import java.util.HashMap; +import java.util.Map; + +import javax.enterprise.context.SessionScoped; +import javax.servlet.http.HttpServletResponse; + +import org.jboss.seam.security.external_authentication.configuration.SamlIdentityProvider; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +/** + * Session scoped component that stores requests that have been sent to the + * identity provider. + */ +@SessionScoped +public class Requests +{ + private Map<String, RequestContext> requests = new HashMap<String, RequestContext>(); + + private Logger log = LoggerFactory.getLogger(Requests.class); + + public void addRequest(String id, SamlIdentityProvider identityProvider, String urlToRedirectToAfterLogin) + { + requests.put(id, new RequestContext(id, identityProvider, urlToRedirectToAfterLogin)); + } + + public RequestContext getRequest(String id) + { + return requests.get(id); + } + + public void removeRequest(String id) + { + requests.remove(id); + } + + public void redirect(String id, HttpServletResponse response) + { + String requestURL = requests.get(id).getUrlToRedirectToAfterLogin(); + if (requestURL == null) + { + throw new RuntimeException("Couldn't find URL to redirect to for request " + id); + } + try + { + if (log.isDebugEnabled()) + { + log.debug("Redirecting to " + requestURL); + } + response.sendRedirect(requestURL); + } + catch (IOException e) + { + throw new RuntimeException(e); + } + } +} Property changes on: modules/security/trunk/impl/src/main/java/org/jboss/seam/security/external_authentication/Requests.java ___________________________________________________________________ Name: svn + eol-style=native Name: svn:keywords + Revision Author Date Added: modules/security/trunk/impl/src/main/java/org/jboss/seam/security/external_authentication/SamlConstants.java =================================================================== --- modules/security/trunk/impl/src/main/java/org/jboss/seam/security/external_authentication/SamlConstants.java (rev 0) +++ modules/security/trunk/impl/src/main/java/org/jboss/seam/security/external_authentication/SamlConstants.java 2010-08-06 14:08:04 UTC (rev 13562) @@ -0,0 +1,59 @@ +/* + * JBoss, Home of Professional Open Source + * Copyright 2010, Red Hat, Inc., and individual contributors + * by the @authors tag. See the copyright.txt in the distribution for a + * full listing of individual contributors. + * + * This is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * This software is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this software; if not, write to the Free + * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA + * 02110-1301 USA, or see the FSF site: http://www.fsf.org. + */ +package org.jboss.seam.security.external_authentication; + +public class SamlConstants +{ + // Query string parameters used by the HTTP_Redirect binding + public static final String QSP_SAML_REQUEST = "SAMLRequest"; + + public static final String QSP_SAML_RESPONSE = "SAMLResponse"; + + public static final String QSP_SIGNATURE = "Signature"; + + public static final String QSP_SIG_ALG = "SigAlg"; + + public static final String QSP_RELAY_STATE = "RelayState"; + + public static final String HTTP_POST_BINDING = "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"; + + public static final String HTTP_REDIRECT_BINDING = "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect"; + + public static final String CONFIRMATION_METHOD_BEARER = "urn:oasis:names:tc:SAML:2.0:cm:bearer"; + + public static final String VERSION_2_0 = "2.0"; + + public static final String PROTOCOL_NSURI = "urn:oasis:names:tc:SAML:2.0:protocol"; + + public static final String STATUS_SUCCESS = "urn:oasis:names:tc:SAML:2.0:status:Success"; + + public static final String XMLDSIG_NSURI = "http://www.w3.org/2000/09/xmldsig#"; + + public static final String SIGNATURE_SHA1_WITH_DSA = "http://www.w3.org/2000/09/xmldsig#dsa-sha1"; + + public static final String SIGNATURE_SHA1_WITH_RSA = "http://www.w3.org/2000/09/xmldsig#rsa-sha1"; + + public static final String DSA_SIGNATURE_ALGORITHM = "SHA1withDSA"; + + public static final String RSA_SIGNATURE_ALGORITHM = "SHA1withRSA"; + +} Property changes on: modules/security/trunk/impl/src/main/java/org/jboss/seam/security/external_authentication/SamlConstants.java ___________________________________________________________________ Name: svn + eol-style=native Name: svn:keywords + Revision Author Date Added: modules/security/trunk/impl/src/main/java/org/jboss/seam/security/external_authentication/SamlMessageFactory.java =================================================================== --- modules/security/trunk/impl/src/main/java/org/jboss/seam/security/external_authentication/SamlMessageFactory.java (rev 0) +++ modules/security/trunk/impl/src/main/java/org/jboss/seam/security/external_authentication/SamlMessageFactory.java 2010-08-06 14:08:04 UTC (rev 13562) @@ -0,0 +1,128 @@ +/* + * JBoss, Home of Professional Open Source + * Copyright 2010, Red Hat, Inc., and individual contributors + * by the @authors tag. See the copyright.txt in the distribution for a + * full listing of individual contributors. + * + * This is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * This software is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this software; if not, write to the Free + * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA + * 02110-1301 USA, or see the FSF site: http://www.fsf.org. + */ +package org.jboss.seam.security.external_authentication; + +import java.util.UUID; + +import javax.inject.Inject; +import javax.naming.ConfigurationException; + +import org.jboss.seam.security.external_authentication.configuration.ServiceProvider; +import org.jboss.seam.security.external_authentication.jaxb.samlv2.assertion.NameIDType; +import org.jboss.seam.security.external_authentication.jaxb.samlv2.protocol.AuthnRequestType; +import org.jboss.seam.security.external_authentication.jaxb.samlv2.protocol.LogoutRequestType; +import org.jboss.seam.security.external_authentication.jaxb.samlv2.protocol.ObjectFactory; +import org.jboss.seam.security.external_authentication.jaxb.samlv2.protocol.RequestAbstractType; +import org.jboss.seam.security.external_authentication.jaxb.samlv2.protocol.StatusCodeType; +import org.jboss.seam.security.external_authentication.jaxb.samlv2.protocol.StatusResponseType; +import org.jboss.seam.security.external_authentication.jaxb.samlv2.protocol.StatusType; + +public class SamlMessageFactory +{ + @Inject + private ServiceProvider serviceProvider; + + public StatusResponseType createStatusResponse(RequestAbstractType request, String statusCode, String statusMessage) + { + ObjectFactory objectFactory = new ObjectFactory(); + org.jboss.seam.security.external_authentication.jaxb.samlv2.assertion.ObjectFactory assertionObjectFactory = new org.jboss.seam.security.external_authentication.jaxb.samlv2.assertion.ObjectFactory(); + + StatusResponseType response = objectFactory.createStatusResponseType(); + + response.setID(generateId()); + response.setIssueInstant(SamlUtils.getXMLGregorianCalendar()); + + NameIDType issuer = assertionObjectFactory.createNameIDType(); + issuer.setValue(serviceProvider.getSamlConfiguration().getEntityId()); + response.setIssuer(issuer); + + response.setVersion(SamlConstants.VERSION_2_0); + response.setInResponseTo(request.getID()); + + StatusCodeType statusCodeJaxb = objectFactory.createStatusCodeType(); + statusCodeJaxb.setValue(statusCode); + + StatusType statusType = objectFactory.createStatusType(); + statusType.setStatusCode(statusCodeJaxb); + if (statusMessage != null) + { + statusType.setStatusMessage(statusMessage); + } + + response.setStatus(statusType); + + return response; + } + + public AuthnRequestType createAuthnRequest() + { + ObjectFactory objectFactory = new ObjectFactory(); + org.jboss.seam.security.external_authentication.jaxb.samlv2.assertion.ObjectFactory assertionObjectFactory = new org.jboss.seam.security.external_authentication.jaxb.samlv2.assertion.ObjectFactory(); + + AuthnRequestType authnRequest = objectFactory.createAuthnRequestType(); + + authnRequest.setID(generateId()); + authnRequest.setIssueInstant(SamlUtils.getXMLGregorianCalendar()); + + NameIDType issuer = assertionObjectFactory.createNameIDType(); + issuer.setValue(serviceProvider.getSamlConfiguration().getEntityId()); + authnRequest.setIssuer(issuer); + + authnRequest.setVersion(SamlConstants.VERSION_2_0); + + // Fill in the optional fields that indicate where and how the response + // should be delivered. + authnRequest.setAssertionConsumerServiceURL(serviceProvider.getServiceURL(ExternalAuthenticationService.SAML_ASSERTION_CONSUMER_SERVICE)); + authnRequest.setProtocolBinding("urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"); + + return authnRequest; + } + + public LogoutRequestType createLogoutRequest(SeamSamlPrincipal principal) throws ConfigurationException + { + ObjectFactory objectFactory = new ObjectFactory(); + org.jboss.seam.security.external_authentication.jaxb.samlv2.assertion.ObjectFactory assertionObjectFactory = new org.jboss.seam.security.external_authentication.jaxb.samlv2.assertion.ObjectFactory(); + + LogoutRequestType logoutRequest = objectFactory.createLogoutRequestType(); + + logoutRequest.setID(generateId()); + logoutRequest.setIssueInstant(SamlUtils.getXMLGregorianCalendar()); + + NameIDType issuer = assertionObjectFactory.createNameIDType(); + issuer.setValue(serviceProvider.getSamlConfiguration().getEntityId()); + logoutRequest.setIssuer(issuer); + + NameIDType nameID = assertionObjectFactory.createNameIDType(); + nameID.setValue(principal.getNameId().getValue()); + logoutRequest.setNameID(nameID); + + logoutRequest.setVersion(SamlConstants.VERSION_2_0); + logoutRequest.getSessionIndex().add(principal.getSessionIndex()); + + return logoutRequest; + } + + private String generateId() + { + return "ID_" + UUID.randomUUID(); + } +} Property changes on: modules/security/trunk/impl/src/main/java/org/jboss/seam/security/external_authentication/SamlMessageFactory.java ___________________________________________________________________ Name: svn + eol-style=native Name: svn:keywords + Revision Author Date Added: modules/security/trunk/impl/src/main/java/org/jboss/seam/security/external_authentication/SamlMessageReceiver.java =================================================================== --- modules/security/trunk/impl/src/main/java/org/jboss/seam/security/external_authentication/SamlMessageReceiver.java (rev 0) +++ modules/security/trunk/impl/src/main/java/org/jboss/seam/security/external_authentication/SamlMessageReceiver.java 2010-08-06 14:08:04 UTC (rev 13562) @@ -0,0 +1,279 @@ +/* + * JBoss, Home of Professional Open Source + * Copyright 2010, Red Hat, Inc., and individual contributors + * by the @authors tag. See the copyright.txt in the distribution for a + * full listing of individual contributors. + * + * This is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * This software is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this software; if not, write to the Free + * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA + * 02110-1301 USA, or see the FSF site: http://www.fsf.org. + */ +package org.jboss.seam.security.external_authentication; + +import java.io.ByteArrayInputStream; +import java.io.IOException; +import java.io.InputStream; +import java.io.UnsupportedEncodingException; +import java.net.URLDecoder; +import java.util.zip.Inflater; +import java.util.zip.InflaterInputStream; + +import javax.inject.Inject; +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; +import javax.xml.bind.JAXBContext; +import javax.xml.bind.JAXBElement; +import javax.xml.bind.JAXBException; +import javax.xml.bind.Unmarshaller; +import javax.xml.parsers.DocumentBuilder; +import javax.xml.parsers.DocumentBuilderFactory; +import javax.xml.parsers.ParserConfigurationException; + +import org.jboss.seam.security.external_authentication.configuration.SamlIdentityProvider; +import org.jboss.seam.security.external_authentication.configuration.ServiceProvider; +import org.jboss.seam.security.external_authentication.jaxb.samlv2.protocol.RequestAbstractType; +import org.jboss.seam.security.external_authentication.jaxb.samlv2.protocol.StatusResponseType; +import org.jboss.seam.security.util.Base64; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; +import org.w3c.dom.Document; +import org.xml.sax.SAXException; + +public class SamlMessageReceiver +{ + private static final Logger log = LoggerFactory.getLogger(SamlMessageReceiver.class); + + @Inject + private Requests requests; + + @Inject + private SamlSingleLogoutReceiver samlSingleLogoutReceiver; + + @Inject + private SamlSingleSignOnReceiver samlSingleSignOnReceiver; + + @Inject + private ServiceProvider serviceProvider; + + @Inject + private SamlSignatureUtilForPostBinding signatureUtilForPostBinding; + + @Inject + private SamlSignatureUtilForRedirectBinding signatureUtilForRedirectBinding; + + private JAXBContext jaxbContext; + + @Inject + public void init() + { + try + { + jaxbContext = JAXBContext.newInstance(StatusResponseType.class); + } + catch (JAXBException e) + { + throw new RuntimeException(e); + } + } + + public void handleIncomingSamlMessage(SamlProfile samlProfile, HttpServletRequest httpRequest, HttpServletResponse httpResponse) throws InvalidRequestException + { + String samlRequestParam = httpRequest.getParameter(SamlConstants.QSP_SAML_REQUEST); + String samlResponseParam = httpRequest.getParameter(SamlConstants.QSP_SAML_RESPONSE); + + RequestOrResponse requestOrResponse; + String samlMessage; + + if (samlRequestParam != null && samlResponseParam == null) + { + samlMessage = samlRequestParam; + requestOrResponse = RequestOrResponse.REQUEST; + } + else if (samlRequestParam == null && samlResponseParam != null) + { + samlMessage = samlResponseParam; + requestOrResponse = RequestOrResponse.RESPONSE; + } + else + { + throw new InvalidRequestException("SAML message should either have a SAMLRequest parameter or a SAMLResponse parameter"); + } + + InputStream is; + if (httpRequest.getMethod().equals("POST")) + { + byte[] decodedMessage = Base64.decode(samlMessage); + is = new ByteArrayInputStream(decodedMessage); + } + else + { + String urlDecoded; + try + { + urlDecoded = URLDecoder.decode(samlMessage, "UTF-8"); + } + catch (UnsupportedEncodingException e) + { + throw new RuntimeException(e); + } + byte[] base64Decoded = Base64.decode(urlDecoded); + ByteArrayInputStream bais = new ByteArrayInputStream(base64Decoded); + is = new InflaterInputStream(bais, new Inflater(true)); + } + + Document document = getDocument(is); + String issuerEntityId; + RequestAbstractType samlRequest = null; + StatusResponseType samlResponse = null; + if (requestOrResponse.isRequest()) + { + samlRequest = getSamlRequest(document); + issuerEntityId = samlRequest.getIssuer().getValue(); + } + else + { + samlResponse = getSamlResponse(document); + issuerEntityId = samlResponse.getIssuer().getValue(); + } + if (log.isDebugEnabled()) + { + log.debug("Received from IDP: " + SamlUtils.getDocumentAsString(document)); + } + + SamlIdentityProvider idp = serviceProvider.getSamlConfiguration().getSamlIdentityProviderByEntityId(issuerEntityId); + if (idp == null) + { + throw new InvalidRequestException("Received message from unknown idp " + issuerEntityId); + } + + boolean validate; + if (samlProfile == SamlProfile.SINGLE_SIGN_ON) + { + validate = serviceProvider.getSamlConfiguration().isWantAssertionsSigned(); + } + else + { + validate = idp.isSingleLogoutMessagesSigned(); + } + + if (validate) + { + if (log.isDebugEnabled()) + { + log.debug("Validating the signature"); + } + if (httpRequest.getMethod().equals("POST")) + { + signatureUtilForPostBinding.validateSignature(idp, document); + } + else + { + signatureUtilForRedirectBinding.validateSignature(idp, httpRequest, requestOrResponse); + } + } + + RequestContext requestContext = null; + if (requestOrResponse.isResponse() && samlResponse.getInResponseTo() != null) + { + requestContext = requests.getRequest(samlResponse.getInResponseTo()); + if (requestContext == null) + { + throw new InvalidRequestException("No request that corresponds with the received response"); + } + else if (!(requestContext.getIdentityProvider().equals(idp))) + { + throw new InvalidRequestException("Identity provider of request and response do not match"); + } + } + + if (samlProfile == SamlProfile.SINGLE_SIGN_ON) + { + if (requestOrResponse.isRequest()) + { + throw new InvalidRequestException("Assertion consumer service can only process SAML responses"); + } + else + { + samlSingleSignOnReceiver.processIDPResponse(httpRequest, httpResponse, samlResponse, requestContext, idp); + } + } + else + { + if (requestOrResponse.isRequest()) + { + samlSingleLogoutReceiver.processIDPRequest(httpRequest, httpResponse, samlRequest, idp); + } + else + { + samlSingleLogoutReceiver.processIDPResponse(httpRequest, httpResponse, samlResponse, requestContext, idp); + } + } + } + + private RequestAbstractType getSamlRequest(Document document) throws InvalidRequestException + { + try + { + Unmarshaller unmarshaller = jaxbContext.createUnmarshaller(); + @SuppressWarnings("unchecked") + JAXBElement<RequestAbstractType> jaxbRequest = (JAXBElement<RequestAbstractType>) unmarshaller.unmarshal(document); + RequestAbstractType request = jaxbRequest.getValue(); + return request; + } + catch (JAXBException e) + { + throw new InvalidRequestException("SAML message could not be parsed", e); + } + } + + private StatusResponseType getSamlResponse(Document document) throws InvalidRequestException + { + try + { + Unmarshaller unmarshaller = jaxbContext.createUnmarshaller(); + @SuppressWarnings("unchecked") + JAXBElement<StatusResponseType> jaxbResponseType = (JAXBElement<StatusResponseType>) unmarshaller.unmarshal(document); + StatusResponseType statusResponse = jaxbResponseType.getValue(); + return statusResponse; + } + catch (JAXBException e) + { + throw new InvalidRequestException("SAML message could not be parsed", e); + } + } + + private Document getDocument(InputStream is) throws InvalidRequestException + { + try + { + DocumentBuilderFactory factory = DocumentBuilderFactory.newInstance(); + factory.setNamespaceAware(true); + factory.setXIncludeAware(true); + DocumentBuilder builder = factory.newDocumentBuilder(); + return builder.parse(is); + } + catch (ParserConfigurationException e) + { + throw new RuntimeException(e); + } + catch (SAXException e) + { + throw new InvalidRequestException("SAML request could not be parsed", e); + } + catch (IOException e) + { + throw new RuntimeException(e); + } + } +} Property changes on: modules/security/trunk/impl/src/main/java/org/jboss/seam/security/external_authentication/SamlMessageReceiver.java ___________________________________________________________________ Name: svn + eol-style=native Name: svn:keywords + Revision Author Date Added: modules/security/trunk/impl/src/main/java/org/jboss/seam/security/external_authentication/SamlMessageSender.java =================================================================== --- modules/security/trunk/impl/src/main/java/org/jboss/seam/security/external_authentication/SamlMessageSender.java (rev 0) +++ modules/security/trunk/impl/src/main/java/org/jboss/seam/security/external_authentication/SamlMessageSender.java 2010-08-06 14:08:04 UTC (rev 13562) @@ -0,0 +1,366 @@ +/* + * JBoss, Home of Professional Open Source + * Copyright 2010, Red Hat, Inc., and individual contributors + * by the @authors tag. See the copyright.txt in the distribution for a + * full listing of individual contributors. + * + * This is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * This software is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this software; if not, write to the Free + * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA + * 02110-1301 USA, or see the FSF site: http://www.fsf.org. + */ +package org.jboss.seam.security.external_authentication; + +import java.io.ByteArrayOutputStream; +import java.io.IOException; +import java.io.PrintWriter; +import java.io.UnsupportedEncodingException; +import java.net.URLEncoder; +import java.security.GeneralSecurityException; +import java.security.KeyPair; +import java.security.PrivateKey; +import java.security.PublicKey; +import java.util.zip.Deflater; +import java.util.zip.DeflaterOutputStream; + +import javax.inject.Inject; +import javax.inject.Named; +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; +import javax.xml.bind.Binder; +import javax.xml.bind.JAXBContext; +import javax.xml.bind.JAXBElement; +import javax.xml.bind.JAXBException; +import javax.xml.crypto.dsig.DigestMethod; +import javax.xml.crypto.dsig.SignatureMethod; +import javax.xml.parsers.DocumentBuilder; +import javax.xml.parsers.DocumentBuilderFactory; +import javax.xml.parsers.ParserConfigurationException; + +import org.jboss.seam.security.external_authentication.configuration.Binding; +import org.jboss.seam.security.external_authentication.configuration.SamlEndpoint; +import org.jboss.seam.security.external_authentication.configuration.SamlIdentityProvider; +import org.jboss.seam.security.external_authentication.configuration.SamlService; +import org.jboss.seam.security.external_authentication.configuration.ServiceProvider; +import org.jboss.seam.security.external_authentication.jaxb.samlv2.protocol.AuthnRequestType; +import org.jboss.seam.security.external_authentication.jaxb.samlv2.protocol.LogoutRequestType; +import org.jboss.seam.security.external_authentication.jaxb.samlv2.protocol.ObjectFactory; +import org.jboss.seam.security.external_authentication.jaxb.samlv2.protocol.RequestAbstractType; +import org.jboss.seam.security.external_authentication.jaxb.samlv2.protocol.StatusResponseType; +import org.jboss.seam.security.util.Base64; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; +import org.w3c.dom.Document; +import org.w3c.dom.Node; + +@Named("org.picketlink.identity.seam.federation.samlMessageSender") +public class SamlMessageSender +{ + private Logger log = LoggerFactory.getLogger(SamlMessageSender.class); + + @Inject + private ServiceProvider serviceProvider; + + @Inject + private SamlSignatureUtilForPostBinding signatureUtilForPostBinding; + + @Inject + private SamlSignatureUtilForRedirectBinding signatureUtilForRedirectBinding; + + private JAXBContext jaxbContextRequestAbstractType; + + private JAXBContext jaxbContextStatusResponseType; + + @Inject + public void init() + { + try + { + jaxbContextRequestAbstractType = JAXBContext.newInstance(RequestAbstractType.class); + jaxbContextStatusResponseType = JAXBContext.newInstance(StatusResponseType.class); + } + catch (JAXBException e) + { + throw new RuntimeException(e); + } + } + + public void sendRequestToIDP(HttpServletRequest request, HttpServletResponse response, SamlIdentityProvider samlIdentityProvider, SamlProfile profile, RequestAbstractType samlRequest) + { + Document message = null; + SamlEndpoint endpoint = null; + try + { + SamlService service = samlIdentityProvider.getService(profile); + endpoint = service.getEndpointForBinding(Binding.HTTP_Post); + if (endpoint == null) + { + endpoint = service.getEndpointForBinding(Binding.HTTP_Redirect); + } + if (endpoint == null) + { + throw new RuntimeException("Idp " + samlIdentityProvider.getEntityId() + " has no endpoint found for profile " + profile); + } + samlRequest.setDestination(endpoint.getLocation()); + + JAXBElement<?> requestElement; + if (samlRequest instanceof AuthnRequestType) + { + AuthnRequestType authnRequest = (AuthnRequestType) samlRequest; + requestElement = new ObjectFactory().createAuthnRequest(authnRequest); + } + else if (samlRequest instanceof LogoutRequestType) + { + LogoutRequestType logoutRequest = (LogoutRequestType) samlRequest; + requestElement = new ObjectFactory().createLogoutRequest(logoutRequest); + } + else + { + throw new RuntimeException("Currently only authentication and logout requests can be sent"); + } + + Binder<Node> binder = jaxbContextRequestAbstractType.createBinder(); + + DocumentBuilderFactory factory = DocumentBuilderFactory.newInstance(); + factory.setNamespaceAware(true); + factory.setXIncludeAware(true); + DocumentBuilder builder; + builder = factory.newDocumentBuilder(); + message = builder.newDocument(); + + binder.marshal(requestElement, message); + } + catch (JAXBException e) + { + throw new RuntimeException(e); + } + catch (ParserConfigurationException e) + { + throw new RuntimeException(e); + } + + sendMessageToIDP(request, response, samlIdentityProvider, message, RequestOrResponse.REQUEST, endpoint); + } + + public void sendResponseToIDP(HttpServletRequest request, HttpServletResponse response, SamlIdentityProvider samlIdentityProvider, SamlEndpoint endpoint, StatusResponseType samlResponse) + { + Document message = null; + try + { + samlResponse.setDestination(endpoint.getResponseLocation()); + + JAXBElement<StatusResponseType> responseElement; + if (endpoint.getService().getProfile().equals(SamlProfile.SINGLE_LOGOUT)) + { + responseElement = new ObjectFactory().createLogoutResponse(samlResponse); + } + else + { + throw new RuntimeException("Responses can currently only be created for the single logout service"); + } + + Binder<Node> binder = jaxbContextStatusResponseType.createBinder(); + + DocumentBuilderFactory factory = DocumentBuilderFactory.newInstance(); + factory.setNamespaceAware(true); + factory.setXIncludeAware(true); + DocumentBuilder builder; + builder = factory.newDocumentBuilder(); + message = builder.newDocument(); + + binder.marshal(responseElement, message); + } + catch (JAXBException e) + { + throw new RuntimeException(e); + } + catch (ParserConfigurationException e) + { + throw new RuntimeException(e); + } + + sendMessageToIDP(request, response, samlIdentityProvider, message, RequestOrResponse.RESPONSE, endpoint); + } + + private void sendMessageToIDP(HttpServletRequest request, HttpServletResponse response, SamlIdentityProvider samlIdentityProvider, Document message, RequestOrResponse requestOrResponse, SamlEndpoint endpoint) + { + if (log.isDebugEnabled()) + { + log.debug("Sending over to IDP: " + SamlUtils.getDocumentAsString(message)); + } + + try + { + boolean signMessage; + if (endpoint.getService().getProfile().equals(SamlProfile.SINGLE_SIGN_ON)) + { + signMessage = samlIdentityProvider.isWantAuthnRequestsSigned(); + } + else + { + signMessage = samlIdentityProvider.isWantSingleLogoutMessagesSigned(); + } + + PrivateKey privateKey = serviceProvider.getSamlConfiguration().getPrivateKey(); + + if (endpoint.getBinding() == Binding.HTTP_Redirect) + { + byte[] responseBytes = SamlUtils.getDocumentAsString(message).getBytes("UTF-8"); + + ByteArrayOutputStream baos = new ByteArrayOutputStream(); + Deflater deflater = new Deflater(Deflater.DEFLATED, true); + DeflaterOutputStream deflaterStream = new DeflaterOutputStream(baos, deflater); + deflaterStream.write(responseBytes); + deflaterStream.finish(); + + byte[] deflatedMsg = baos.toByteArray(); + String urlEncodedResponse = Base64.encodeBytes(deflatedMsg); + + String finalDest = endpoint.getLocation() + getQueryString(urlEncodedResponse, signMessage, requestOrResponse, privateKey); + SamlUtils.sendRedirect(finalDest, response); + } + else + { + if (signMessage) + { + PublicKey publicKey = serviceProvider.getSamlConfiguration().getCertificate().getPublicKey(); + signSAMLDocument(message, new KeyPair(publicKey, privateKey)); + } + byte[] responseBytes = SamlUtils.getDocumentAsString(message).getBytes("UTF-8"); + + String samlResponse = Base64.encodeBytes(responseBytes, Base64.DONT_BREAK_LINES); + + sendPost(endpoint.getLocation(), samlResponse, response, requestOrResponse.isRequest()); + + } + } + catch (IOException e) + { + throw new RuntimeException(e); + } + } + + private void signSAMLDocument(Document samlDocument, KeyPair keypair) + { + // Get the ID from the root + String id = samlDocument.getDocumentElement().getAttribute("ID"); + + String referenceURI = "#" + id; + + signatureUtilForPostBinding.sign(samlDocument, keypair, DigestMethod.SHA1, SignatureMethod.RSA_SHA1, referenceURI); + } + + private String getQueryString(String urlEncodedSamlMessage, boolean supportSignature, RequestOrResponse requestOrResponse, PrivateKey signingKey) + { + StringBuilder sb = new StringBuilder(); + sb.append("?"); + + if (supportSignature) + { + try + { + sb.append(getURLWithSignature(requestOrResponse, urlEncodedSamlMessage, signingKey)); + } + catch (IOException e) + { + throw new RuntimeException(e); + } + catch (GeneralSecurityException e) + { + throw new RuntimeException(e); + } + } + else + { + if (requestOrResponse == RequestOrResponse.REQUEST) + { + sb.append(SamlConstants.QSP_SAML_REQUEST); + } + else + { + sb.append(SamlConstants.QSP_SAML_RESPONSE); + } + sb.append("=").append(urlEncodedSamlMessage); + } + return sb.toString(); + } + + private void sendPost(String destination, String samlMessage, HttpServletResponse response, boolean request) throws IOException + { + String key = request ? SamlConstants.QSP_SAML_REQUEST : SamlConstants.QSP_SAML_RESPONSE; + + if (destination == null) + throw new IllegalStateException("Destination is null"); + + response.setContentType("text/html"); + PrintWriter out = response.getWriter(); + response.setCharacterEncoding("UTF-8"); + response.setHeader("Pragma", "no-cache"); + response.setHeader("Cache-Control", "no-cache, no-store"); + StringBuilder builder = new StringBuilder(); + + builder.append("<HTML>"); + builder.append("<HEAD>"); + if (request) + builder.append("<TITLE>HTTP Post Binding (Request)</TITLE>"); + else + builder.append("<TITLE>HTTP Post Binding Response (Response)</TITLE>"); + + builder.append("</HEAD>"); + builder.append("<BODY Onload=\"document.forms[0].submit()\">"); + + builder.append("<FORM METHOD=\"POST\" ACTION=\"" + destination + "\">"); + builder.append("<INPUT TYPE=\"HIDDEN\" NAME=\"" + key + "\"" + " VALUE=\"" + samlMessage + "\"/>"); + builder.append("</FORM></BODY></HTML>"); + + String str = builder.toString(); + out.println(str); + out.close(); + } + + private String getURLWithSignature(RequestOrResponse requestOrResponse, String urlEncodedResponse, PrivateKey signingKey) throws IOException, GeneralSecurityException + { + String messageParameter; + if (requestOrResponse == RequestOrResponse.REQUEST) + { + messageParameter = SamlConstants.QSP_SAML_REQUEST; + } + else + { + messageParameter = SamlConstants.QSP_SAML_RESPONSE; + } + + byte[] signature = signatureUtilForRedirectBinding.computeSignature(messageParameter + "=" + urlEncodedResponse, signingKey); + String sigAlgo = signingKey.getAlgorithm(); + + StringBuilder sb = new StringBuilder(); + sb.append(messageParameter + "=").append(urlEncodedResponse); + + try + { + sb.append("&").append(SamlConstants.QSP_SIG_ALG).append("="); + String sigAlg = signatureUtilForRedirectBinding.getXMLSignatureAlgorithmURI(sigAlgo); + sb.append(URLEncoder.encode(sigAlg, "UTF-8")); + + sb.append("&").append(SamlConstants.QSP_SIGNATURE).append("="); + String base64encodedSignature = Base64.encodeBytes(signature, Base64.DONT_BREAK_LINES); + sb.append(URLEncoder.encode(base64encodedSignature, "UTF-8")); + } + catch (UnsupportedEncodingException e) + { + throw new RuntimeException(e); + } + + return sb.toString(); + } +} Property changes on: modules/security/trunk/impl/src/main/java/org/jboss/seam/security/external_authentication/SamlMessageSender.java ___________________________________________________________________ Name: svn + eol-style=native Name: svn:keywords + Revision Author Date Added: modules/security/trunk/impl/src/main/java/org/jboss/seam/security/external_authentication/SamlMetaDataProvider.java =================================================================== --- modules/security/trunk/impl/src/main/java/org/jboss/seam/security/external_authentication/SamlMetaDataProvider.java (rev 0) +++ modules/security/trunk/impl/src/main/java/org/jboss/seam/security/external_authentication/SamlMetaDataProvider.java 2010-08-06 14:08:04 UTC (rev 13562) @@ -0,0 +1,130 @@ +/* + * JBoss, Home of Professional Open Source + * Copyright 2010, Red Hat, Inc., and individual contributors + * by the @authors tag. See the copyright.txt in the distribution for a + * full listing of individual contributors. + * + * This is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * This software is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this software; if not, write to the Free + * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA + * 02110-1301 USA, or see the FSF site: http://www.fsf.org. + */ +package org.jboss.seam.security.external_authentication; + +import java.io.OutputStream; +import java.security.cert.CertificateEncodingException; +import java.security.cert.X509Certificate; + +import javax.inject.Inject; +import javax.xml.bind.JAXBContext; +import javax.xml.bind.JAXBElement; +import javax.xml.bind.JAXBException; +import javax.xml.bind.Marshaller; + +import org.jboss.seam.security.external_authentication.configuration.ServiceProvider; +import org.jboss.seam.security.external_authentication.jaxb.samlv2.metadata.EntityDescriptorType; +import org.jboss.seam.security.external_authentication.jaxb.samlv2.metadata.IndexedEndpointType; +import org.jboss.seam.security.external_authentication.jaxb.samlv2.metadata.KeyDescriptorType; +import org.jboss.seam.security.external_authentication.jaxb.samlv2.metadata.KeyTypes; +import org.jboss.seam.security.external_authentication.jaxb.samlv2.metadata.ObjectFactory; +import org.jboss.seam.security.external_authentication.jaxb.samlv2.metadata.SPSSODescriptorType; +import org.jboss.seam.security.external_authentication.jaxb.xmldsig.KeyInfoType; +import org.jboss.seam.security.external_authentication.jaxb.xmldsig.X509DataType; + +public class SamlMetaDataProvider +{ + @Inject + private ServiceProvider serviceProvider; + + public void writeMetaData(OutputStream stream) + { + try + { + ObjectFactory metaDataFactory = new ObjectFactory(); + + IndexedEndpointType acsRedirectEndpoint = metaDataFactory.createIndexedEndpointType(); + acsRedirectEndpoint.setBinding(SamlConstants.HTTP_REDIRECT_BINDING); + acsRedirectEndpoint.setLocation(serviceProvider.getServiceURL(ExternalAuthenticationService.SAML_ASSERTION_CONSUMER_SERVICE)); + + IndexedEndpointType acsPostEndpoint = metaDataFactory.createIndexedEndpointType(); + acsPostEndpoint.setBinding(SamlConstants.HTTP_POST_BINDING); + acsPostEndpoint.setLocation(serviceProvider.getServiceURL(ExternalAuthenticationService.SAML_ASSERTION_CONSUMER_SERVICE)); + + IndexedEndpointType sloRedirectEndpoint = metaDataFactory.createIndexedEndpointType(); + sloRedirectEndpoint.setBinding(SamlConstants.HTTP_REDIRECT_BINDING); + sloRedirectEndpoint.setLocation(serviceProvider.getServiceURL(ExternalAuthenticationService.SAML_SINGLE_LOGOUT_SERVICE)); + + IndexedEndpointType sloPostEndpoint = metaDataFactory.createIndexedEndpointType(); + sloPostEndpoint.setBinding(SamlConstants.HTTP_POST_BINDING); + sloPostEndpoint.setLocation(serviceProvider.getServiceURL(ExternalAuthenticationService.SAML_SINGLE_LOGOUT_SERVICE)); + + SPSSODescriptorType spSsoDescriptor = metaDataFactory.createSPSSODescriptorType(); + spSsoDescriptor.setAuthnRequestsSigned(serviceProvider.getSamlConfiguration().isAuthnRequestsSigned()); + spSsoDescriptor.setWantAssertionsSigned(serviceProvider.getSamlConfiguration().isWantAssertionsSigned()); + + spSsoDescriptor.getAssertionConsumerService().add(acsRedirectEndpoint); + spSsoDescriptor.getAssertionConsumerService().add(acsPostEndpoint); + spSsoDescriptor.getSingleLogoutService().add(sloRedirectEndpoint); + spSsoDescriptor.getSingleLogoutService().add(sloPostEndpoint); + + spSsoDescriptor.getProtocolSupportEnumeration().add(SamlConstants.PROTOCOL_NSURI); + + spSsoDescriptor.getNameIDFormat().add("urn:oasis:names:tc:SAML:2.0:nameid-format:persistent"); + spSsoDescriptor.getNameIDFormat().add("urn:oasis:names:tc:SAML:2.0:nameid-format:transient"); + spSsoDescriptor.getNameIDFormat().add("urn:oasis:names:tc:SAML:2.0:nameid-format:unspecified"); + spSsoDescriptor.getNameIDFormat().add("urn:oasis:names:tc:SAML:2.0:nameid-format:emailAddress"); + + org.jboss.seam.security.external_authentication.jaxb.xmldsig.ObjectFactory signatureFactory = new org.jboss.seam.security.external_authentication.jaxb.xmldsig.ObjectFactory(); + + X509Certificate certificate = serviceProvider.getSamlConfiguration().getCertificate(); + if (certificate == null) + throw new RuntimeException("Certificate obtained from configuration is null"); + + JAXBElement<byte[]> X509Certificate; + try + { + X509Certificate = signatureFactory.createX509DataTypeX509Certificate(certificate.getEncoded()); + } + catch (CertificateEncodingException e) + { + throw new RuntimeException(e); + } + + X509DataType X509Data = signatureFactory.createX509DataType(); + X509Data.getX509IssuerSerialOrX509SKIOrX509SubjectName().add(X509Certificate); + + KeyInfoType keyInfo = signatureFactory.createKeyInfoType(); + keyInfo.getContent().add(signatureFactory.createX509Data(X509Data)); + + KeyDescriptorType keyDescriptor = metaDataFactory.createKeyDescriptorType(); + keyDescriptor.setUse(KeyTypes.SIGNING); + keyDescriptor.setKeyInfo(keyInfo); + + spSsoDescriptor.getKeyDescriptor().add(keyDescriptor); + + EntityDescriptorType entityDescriptor = metaDataFactory.createEntityDescriptorType(); + entityDescriptor.setEntityID(serviceProvider.getSamlConfiguration().getEntityId()); + entityDescriptor.getRoleDescriptorOrIDPSSODescriptorOrSPSSODescriptor().add(spSsoDescriptor); + + JAXBContext jaxbContext = JAXBContext.newInstance("org.picketlink.identity.federation.saml.v2.metadata"); + Marshaller marshaller = jaxbContext.createMarshaller(); + marshaller.setProperty(Marshaller.JAXB_ENCODING, "UTF-8"); + marshaller.setProperty(Marshaller.JAXB_FORMATTED_OUTPUT, Boolean.TRUE); + marshaller.marshal(metaDataFactory.createEntityDescriptor(entityDescriptor), stream); + } + catch (JAXBException e) + { + throw new RuntimeException(e); + } + } +} Property changes on: modules/security/trunk/impl/src/main/java/org/jboss/seam/security/external_authentication/SamlMetaDataProvider.java ___________________________________________________________________ Name: svn + eol-style=native Name: svn:keywords + Revision Author Date Added: modules/security/trunk/impl/src/main/java/org/jboss/seam/security/external_authentication/SamlProfile.java =================================================================== --- modules/security/trunk/impl/src/main/java/org/jboss/seam/security/external_authentication/SamlProfile.java (rev 0) +++ modules/security/trunk/impl/src/main/java/org/jboss/seam/security/external_authentication/SamlProfile.java 2010-08-06 14:08:04 UTC (rev 13562) @@ -0,0 +1,27 @@ +/* + * JBoss, Home of Professional Open Source + * Copyright 2010, Red Hat, Inc., and individual contributors + * by the @authors tag. See the copyright.txt in the distribution for a + * full listing of individual contributors. + * + * This is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * This software is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this software; if not, write to the Free + * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA + * 02110-1301 USA, or see the FSF site: http://www.fsf.org. + */ +package org.jboss.seam.security.external_authentication; + +public enum SamlProfile +{ + SINGLE_SIGN_ON, SINGLE_LOGOUT +} Property changes on: modules/security/trunk/impl/src/main/java/org/jboss/seam/security/external_authentication/SamlProfile.java ___________________________________________________________________ Name: svn + eol-style=native Name: svn:keywords + Revision Author Date Added: modules/security/trunk/impl/src/main/java/org/jboss/seam/security/external_authentication/SamlSignatureUtilForPostBinding.java =================================================================== --- modules/security/trunk/impl/src/main/java/org/jboss/seam/security/external_authentication/SamlSignatureUtilForPostBinding.java (rev 0) +++ modules/security/trunk/impl/src/main/java/org/jboss/seam/security/external_authentication/SamlSignatureUtilForPostBinding.java 2010-08-06 14:08:04 UTC (rev 13562) @@ -0,0 +1,199 @@ +/* + * JBoss, Home of Professional Open Source + * Copyright 2010, Red Hat, Inc., and individual contributors + * by the @authors tag. See the copyright.txt in the distribution for a + * full listing of individual contributors. + * + * This is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * This software is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this software; if not, write to the Free + * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA + * 02110-1301 USA, or see the FSF site: http://www.fsf.org. + */ +package org.jboss.seam.security.external_authentication; + +import java.security.AccessController; +import java.security.InvalidAlgorithmParameterException; +import java.security.Key; +import java.security.KeyException; +import java.security.KeyPair; +import java.security.NoSuchAlgorithmException; +import java.security.PrivateKey; +import java.security.PrivilegedAction; +import java.security.PublicKey; +import java.security.Security; +import java.util.Collections; +import java.util.List; + +import javax.xml.crypto.MarshalException; +import javax.xml.crypto.dsig.CanonicalizationMethod; +import javax.xml.crypto.dsig.DigestMethod; +import javax.xml.crypto.dsig.Reference; +import javax.xml.crypto.dsig.SignatureMethod; +import javax.xml.crypto.dsig.SignedInfo; +import javax.xml.crypto.dsig.Transform; +import javax.xml.crypto.dsig.XMLSignature; +import javax.xml.crypto.dsig.XMLSignatureException; +import javax.xml.crypto.dsig.XMLSignatureFactory; +import javax.xml.crypto.dsig.dom.DOMSignContext; +import javax.xml.crypto.dsig.dom.DOMValidateContext; +import javax.xml.crypto.dsig.keyinfo.KeyInfo; +import javax.xml.crypto.dsig.keyinfo.KeyInfoFactory; +import javax.xml.crypto.dsig.keyinfo.KeyValue; +import javax.xml.crypto.dsig.spec.C14NMethodParameterSpec; +import javax.xml.crypto.dsig.spec.TransformParameterSpec; + +import org.jboss.seam.security.external_authentication.configuration.SamlIdentityProvider; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; +import org.w3c.dom.Document; +import org.w3c.dom.NodeList; + +public class SamlSignatureUtilForPostBinding +{ + private Logger log = LoggerFactory.getLogger(SamlSignatureUtilForPostBinding.class); + + private XMLSignatureFactory fac = getXMLSignatureFactory(); + + private XMLSignatureFactory getXMLSignatureFactory() + { + if (Security.getProvider("DOM") != null) + { + return XMLSignatureFactory.getInstance("DOM"); + } + else + { + // No security provider found for the XML Digital Signature API (JSR + // 105). Probably we have to do with JDK 1.5 or lower. + // See + // http://weblogs.java.net/blog/2008/02/27/using-jsr-105-jdk-14-or-15. + // We assume that the reference implementation of JSR 105 is available + // at runtime. + return XMLSignatureFactory.getInstance("DOM", new org.jcp.xml.dsig.internal.dom.XMLDSigRI()); + } + } + + static + { + AccessController.doPrivileged(new PrivilegedAction<Object>() + { + public Object run() + { + System.setProperty("org.apache.xml.security.ignoreLineBreaks", "true"); + return null; + } + }); + }; + + public Document sign(Document doc, KeyPair keyPair, String digestMethod, String signatureMethod, String referenceURI) + { + if (log.isTraceEnabled()) + { + log.trace("Document to be signed={0}", new Object[] { SamlUtils.getDocumentAsString(doc) }); + } + PrivateKey signingKey = keyPair.getPrivate(); + PublicKey publicKey = keyPair.getPublic(); + + DOMSignContext dsc = new DOMSignContext(signingKey, doc.getDocumentElement()); + dsc.setDefaultNamespacePrefix("dsig"); + + try + { + DigestMethod digestMethodObj = fac.newDigestMethod(digestMethod, null); + Transform transform = fac.newTransform(Transform.ENVELOPED, (TransformParameterSpec) null); + + List<Transform> transformList = Collections.singletonList(transform); + Reference ref = fac.newReference(referenceURI, digestMethodObj, transformList, null, null); + + String canonicalizationMethodType = CanonicalizationMethod.EXCLUSIVE_WITH_COMMENTS; + CanonicalizationMethod canonicalizationMethod = fac.newCanonicalizationMethod(canonicalizationMethodType, (C14NMethodParameterSpec) null); + + List<Reference> referenceList = Collections.singletonList(ref); + SignatureMethod signatureMethodObj = fac.newSignatureMethod(signatureMethod, null); + SignedInfo si = fac.newSignedInfo(canonicalizationMethod, signatureMethodObj, referenceList); + + KeyInfoFactory kif = fac.getKeyInfoFactory(); + KeyValue kv = kif.newKeyValue(publicKey); + KeyInfo ki = kif.newKeyInfo(Collections.singletonList(kv)); + + XMLSignature signature = fac.newXMLSignature(si, ki); + + signature.sign(dsc); + } + catch (XMLSignatureException e) + { + throw new RuntimeException(e); + } + catch (NoSuchAlgorithmException e) + { + throw new RuntimeException(e); + } + catch (InvalidAlgorithmParameterException e) + { + throw new RuntimeException(e); + } + catch (KeyException e) + { + throw new RuntimeException(e); + } + catch (MarshalException e) + { + throw new RuntimeException(e); + + } + return doc; + } + + public void validateSignature(SamlIdentityProvider idp, Document signedDoc) throws InvalidRequestException + { + Key publicKey = idp.getPublicKey(); + + NodeList nl = signedDoc.getElementsByTagNameNS(XMLSignature.XMLNS, "Signature"); + if (nl == null || nl.getLength() == 0) + { + throw new InvalidRequestException("Signature element is not present or has zero length."); + } + + try + { + DOMValidateContext valContext = new DOMValidateContext(publicKey, nl.item(0)); + XMLSignature signature = fac.unmarshalXMLSignature(valContext); + boolean signatureValid = signature.validate(valContext); + + if (log.isTraceEnabled() && !signatureValid) + { + boolean sv = signature.getSignatureValue().validate(valContext); + log.trace("Signature validation status: " + sv); + + @SuppressWarnings("unchecked") + List<Reference> references = signature.getSignedInfo().getReferences(); + for (Reference ref : references) + { + log.trace("[Ref id=" + ref.getId() + ":uri=" + ref.getURI() + "] validity status:" + ref.validate(valContext)); + } + } + + if (!signatureValid) + { + throw new InvalidRequestException("Invalid signature."); + } + } + catch (XMLSignatureException e) + { + throw new RuntimeException(e); + } + catch (MarshalException e) + { + throw new RuntimeException(e); + } + } +} \ No newline at end of file Property changes on: modules/security/trunk/impl/src/main/java/org/jboss/seam/security/external_authentication/SamlSignatureUtilForPostBinding.java ___________________________________________________________________ Name: svn + eol-style=native Name: svn:keywords + Revision Author Date Added: modules/security/trunk/impl/src/main/java/org/jboss/seam/security/external_authentication/SamlSignatureUtilForRedirectBinding.java =================================================================== --- modules/security/trunk/impl/src/main/java/org/jboss/seam/security/external_authentication/SamlSignatureUtilForRedirectBinding.java (rev 0) +++ modules/security/trunk/impl/src/main/java/org/jboss/seam/security/external_authentication/SamlSignatureUtilForRedirectBinding.java 2010-08-06 14:08:04 UTC (rev 13562) @@ -0,0 +1,174 @@ +/* + * JBoss, Home of Professional Open Source + * Copyright 2010, Red Hat, Inc., and individual contributors + * by the @authors tag. See the copyright.txt in the distribution for a + * full listing of individual contributors. + * + * This is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * This software is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this software; if not, write to the Free + * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA + * 02110-1301 USA, or see the FSF site: http://www.fsf.org. + */ +package org.jboss.seam.security.external_authentication; + +import java.io.IOException; +import java.io.UnsupportedEncodingException; +import java.net.URLDecoder; +import java.net.URLEncoder; +import java.security.GeneralSecurityException; +import java.security.PrivateKey; +import java.security.PublicKey; +import java.security.Signature; + +import javax.servlet.http.HttpServletRequest; + +import org.jboss.seam.security.external_authentication.configuration.SamlIdentityProvider; +import org.jboss.seam.security.util.Base64; + +public class SamlSignatureUtilForRedirectBinding +{ + byte[] computeSignature(String requestOrResponseKeyValuePair, PrivateKey signingKey) throws IOException, GeneralSecurityException + { + StringBuilder sb = new StringBuilder(); + sb.append(requestOrResponseKeyValuePair); + String algo = signingKey.getAlgorithm(); + + String sigAlg = getXMLSignatureAlgorithmURI(algo); + sigAlg = URLEncoder.encode(sigAlg, "UTF-8"); + sb.append("&SigAlg=").append(sigAlg); + + byte[] sigValue = sign(sb.toString(), signingKey); + + return sigValue; + } + + private byte[] sign(String stringToBeSigned, PrivateKey signingKey) throws GeneralSecurityException + { + String algo = signingKey.getAlgorithm(); + Signature sig = getSignature(algo); + sig.initSign(signingKey); + sig.update(stringToBeSigned.getBytes()); + return sig.sign(); + } + + public void validateSignature(SamlIdentityProvider idp, HttpServletRequest httpRequest, RequestOrResponse requestOrResponse) throws InvalidRequestException + { + String sigValueParam = httpRequest.getParameter(SamlConstants.QSP_SIGNATURE); + if (sigValueParam == null) + { + throw new InvalidRequestException("Signature parameter is not present."); + } + + String decodedString; + try + { + decodedString = URLDecoder.decode(sigValueParam, "UTF-8"); + } + catch (UnsupportedEncodingException e) + { + throw new RuntimeException(e); + } + + byte[] sigValue = Base64.decode(decodedString); + + String samlMessageParameter; + if (requestOrResponse == RequestOrResponse.REQUEST) + { + samlMessageParameter = SamlConstants.QSP_SAML_REQUEST; + } + else + { + samlMessageParameter = SamlConstants.QSP_SAML_RESPONSE; + } + + // Construct the url again + String reqFromURL = httpRequest.getParameter(samlMessageParameter); + String relayStateFromURL = httpRequest.getParameter(SamlConstants.QSP_RELAY_STATE); + String sigAlgFromURL = httpRequest.getParameter(SamlConstants.QSP_SIG_ALG); + + StringBuilder sb = new StringBuilder(); + sb.append(samlMessageParameter).append("=").append(reqFromURL); + + if (relayStateFromURL != null && relayStateFromURL.length() != 0) + { + sb.append("&").append(SamlConstants.QSP_RELAY_STATE).append("=").append(relayStateFromURL); + } + sb.append("&").append(SamlConstants.QSP_SIG_ALG).append("=").append(sigAlgFromURL); + + PublicKey validatingKey = idp.getPublicKey(); + + boolean isValid; + try + { + isValid = validate(sb.toString().getBytes("UTF-8"), sigValue, validatingKey); + } + catch (UnsupportedEncodingException e) + { + throw new RuntimeException(e); + } + catch (GeneralSecurityException e) + { + throw new RuntimeException(e); + } + + if (!isValid) + { + throw new InvalidRequestException("Invalid signature."); + } + } + + private boolean validate(byte[] signedContent, byte[] signatureValue, PublicKey validatingKey) throws GeneralSecurityException + { + // We assume that the sigatureValue has the same algorithm as the public + // key + // If not, there will be an exception anyway + String algo = validatingKey.getAlgorithm(); + Signature sig = getSignature(algo); + + sig.initVerify(validatingKey); + sig.update(signedContent); + return sig.verify(signatureValue); + } + + private Signature getSignature(String algo) throws GeneralSecurityException + { + Signature sig = null; + + if ("DSA".equalsIgnoreCase(algo)) + { + sig = Signature.getInstance(SamlConstants.DSA_SIGNATURE_ALGORITHM); + } + else if ("RSA".equalsIgnoreCase(algo)) + { + sig = Signature.getInstance(SamlConstants.RSA_SIGNATURE_ALGORITHM); + } + else + throw new RuntimeException("Unknown signature algorithm:" + algo); + return sig; + } + + public String getXMLSignatureAlgorithmURI(String algo) + { + String xmlSignatureAlgo = null; + + if ("DSA".equalsIgnoreCase(algo)) + { + xmlSignatureAlgo = SamlConstants.SIGNATURE_SHA1_WITH_DSA; + } + else if ("RSA".equalsIgnoreCase(algo)) + { + xmlSignatureAlgo = SamlConstants.SIGNATURE_SHA1_WITH_RSA; + } + return xmlSignatureAlgo; + } +} \ No newline at end of file Property changes on: modules/security/trunk/impl/src/main/java/org/jboss/seam/security/external_authentication/SamlSignatureUtilForRedirectBinding.java ___________________________________________________________________ Name: svn + eol-style=native Name: svn:keywords + Revision Author Date Added: modules/security/trunk/impl/src/main/java/org/jboss/seam/security/external_authentication/SamlSingleLogoutReceiver.java =================================================================== --- modules/security/trunk/impl/src/main/java/org/jboss/seam/security/external_authentication/SamlSingleLogoutReceiver.java (rev 0) +++ modules/security/trunk/impl/src/main/java/org/jboss/seam/security/external_authentication/SamlSingleLogoutReceiver.java 2010-08-06 14:08:04 UTC (rev 13562) @@ -0,0 +1,94 @@ +/* + * JBoss, Home of Professional Open Source + * Copyright 2010, Red Hat, Inc., and individual contributors + * by the @authors tag. See the copyright.txt in the distribution for a + * full listing of individual contributors. + * + * This is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * This software is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this software; if not, write to the Free + * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA + * 02110-1301 USA, or see the FSF site: http://www.fsf.org. + */ +package org.jboss.seam.security.external_authentication; + +import java.io.IOException; + +import javax.inject.Inject; +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; + +import org.jboss.seam.security.Identity; +import org.jboss.seam.security.external_authentication.configuration.Binding; +import org.jboss.seam.security.external_authentication.configuration.SamlEndpoint; +import org.jboss.seam.security.external_authentication.configuration.SamlIdentityProvider; +import org.jboss.seam.security.external_authentication.configuration.ServiceProvider; +import org.jboss.seam.security.external_authentication.jaxb.samlv2.protocol.LogoutRequestType; +import org.jboss.seam.security.external_authentication.jaxb.samlv2.protocol.RequestAbstractType; +import org.jboss.seam.security.external_authentication.jaxb.samlv2.protocol.StatusResponseType; + +public class SamlSingleLogoutReceiver +{ + @Inject + private SamlMessageFactory samlMessageFactory; + + @Inject + private SamlMessageSender samlMessageSender; + + @Inject + private Identity identity; + + @Inject + private ServiceProvider serviceProvider; + + public void processIDPRequest(HttpServletRequest httpRequest, HttpServletResponse httpResponse, RequestAbstractType request, SamlIdentityProvider idp) throws InvalidRequestException + { + if (!(request instanceof LogoutRequestType)) + { + throw new InvalidRequestException("Request should be a single logout request."); + } + + if (!identity.isLoggedIn()) + { + throw new InvalidRequestException("No active session to logout."); + } + + // FIXME: Identity.instance().logout(); + + StatusResponseType response = samlMessageFactory.createStatusResponse(request, SamlConstants.STATUS_SUCCESS, null); + + Binding binding = httpRequest.getMethod().equals("POST") ? Binding.HTTP_Post : Binding.HTTP_Redirect; + SamlEndpoint endpoint = idp.getService(SamlProfile.SINGLE_LOGOUT).getEndpointForBinding(binding); + + samlMessageSender.sendResponseToIDP(httpRequest, httpResponse, idp, endpoint, response); + } + + public void processIDPResponse(HttpServletRequest httpRequest, HttpServletResponse httpResponse, StatusResponseType response, RequestContext requestContext, SamlIdentityProvider idp) + { + if (response.getStatus() != null && response.getStatus().getStatusCode().getValue().equals(SamlConstants.STATUS_SUCCESS)) + { + // FIXME Identity.instance().logout(); + } + else + { + throw new RuntimeException("Single logout failed. Status code: " + (response.getStatus() == null ? "null" : response.getStatus().getStatusCode().getValue())); + } + try + { + httpResponse.sendRedirect(serviceProvider.getLoggedOutUrl()); + } + catch (IOException e) + { + throw new RuntimeException(e); + } + } +} Property changes on: modules/security/trunk/impl/src/main/java/org/jboss/seam/security/external_authentication/SamlSingleLogoutReceiver.java ___________________________________________________________________ Name: svn + eol-style=native Name: svn:keywords + Revision Author Date Added: modules/security/trunk/impl/src/main/java/org/jboss/seam/security/external_authentication/SamlSingleLogoutSender.java =================================================================== --- modules/security/trunk/impl/src/main/java/org/jboss/seam/security/external_authentication/SamlSingleLogoutSender.java (rev 0) +++ modules/security/trunk/impl/src/main/java/org/jboss/seam/security/external_authentication/SamlSingleLogoutSender.java 2010-08-06 14:08:04 UTC (rev 13562) @@ -0,0 +1,65 @@ +/* + * JBoss, Home of Professional Open Source + * Copyright 2010, Red Hat, Inc., and individual contributors + * by the @authors tag. See the copyright.txt in the distribution for a + * full listing of individual contributors. + * + * This is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * This software is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this software; if not, write to the Free + * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA + * 02110-1301 USA, or see the FSF site: http://www.fsf.org. + */ +package org.jboss.seam.security.external_authentication; + +import javax.inject.Inject; +import javax.naming.ConfigurationException; +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; + +import org.jboss.seam.security.Identity; +import org.jboss.seam.security.external_authentication.configuration.SamlIdentityProvider; +import org.jboss.seam.security.external_authentication.jaxb.samlv2.protocol.LogoutRequestType; + +public class SamlSingleLogoutSender +{ + @Inject + private Requests requests; + + @Inject + private SamlMessageSender samlMessageSender; + + @Inject + private SamlMessageFactory samlMessageFactory; + + public void sendSingleLogoutRequestToIDP(HttpServletRequest request, HttpServletResponse response, Identity identity) + { + SeamSamlPrincipal principal = (SeamSamlPrincipal) null; // FIXME: + // identity.getPrincipal() + // is not + // available any + // more + SamlIdentityProvider idp = (SamlIdentityProvider) principal.getIdentityProvider(); + LogoutRequestType logoutRequest; + try + { + logoutRequest = samlMessageFactory.createLogoutRequest(principal); + requests.addRequest(logoutRequest.getID(), idp, null); + } + catch (ConfigurationException e) + { + throw new RuntimeException(e); + } + + samlMessageSender.sendRequestToIDP(request, response, idp, SamlProfile.SINGLE_LOGOUT, logoutRequest); + } +} Property changes on: modules/security/trunk/impl/src/main/java/org/jboss/seam/security/external_authentication/SamlSingleLogoutSender.java ___________________________________________________________________ Name: svn + eol-style=native Name: svn:keywords + Revision Author Date Added: modules/security/trunk/impl/src/main/java/org/jboss/seam/security/external_authentication/SamlSingleSignOnReceiver.java =================================================================== --- modules/security/trunk/impl/src/main/java/org/jboss/seam/security/external_authentication/SamlSingleSignOnReceiver.java (rev 0) +++ modules/security/trunk/impl/src/main/java/org/jboss/seam/security/external_authentication/SamlSingleSignOnReceiver.java 2010-08-06 14:08:04 UTC (rev 13562) @@ -0,0 +1,314 @@ +/* + * JBoss, Home of Professional Open Source + * Copyright 2010, Red Hat, Inc., and individual contributors + * by the @authors tag. See the copyright.txt in the distribution for a + * full listing of individual contributors. + * + * This is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * This software is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this software; if not, write to the Free + * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA + * 02110-1301 USA, or see the FSF site: http://www.fsf.org. + */ +package org.jboss.seam.security.external_authentication; + +import java.io.IOException; +import java.util.LinkedList; +import java.util.List; + +import javax.enterprise.inject.spi.BeanManager; +import javax.inject.Inject; +import javax.security.auth.login.LoginException; +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; +import javax.xml.bind.JAXBElement; +import javax.xml.datatype.DatatypeConstants; + +import org.jboss.seam.security.Identity; +import org.jboss.seam.security.events.LoginFailedEvent; +import org.jboss.seam.security.events.PostAuthenticateEvent; +import org.jboss.seam.security.external_authentication.configuration.SamlIdentityProvider; +import org.jboss.seam.security.external_authentication.configuration.ServiceProvider; +import org.jboss.seam.security.external_authentication.jaxb.samlv2.assertion.AssertionType; +import org.jboss.seam.security.external_authentication.jaxb.samlv2.assertion.AttributeStatementType; +import org.jboss.seam.security.external_authentication.jaxb.samlv2.assertion.AttributeType; +import org.jboss.seam.security.external_authentication.jaxb.samlv2.assertion.AuthnStatementType; +import org.jboss.seam.security.external_authentication.jaxb.samlv2.assertion.NameIDType; +import org.jboss.seam.security.external_authentication.jaxb.samlv2.assertion.StatementAbstractType; +import org.jboss.seam.security.external_authentication.jaxb.samlv2.assertion.SubjectConfirmationDataType; +import org.jboss.seam.security.external_authentication.jaxb.samlv2.assertion.SubjectConfirmationType; +import org.jboss.seam.security.external_authentication.jaxb.samlv2.protocol.ResponseType; +import org.jboss.seam.security.external_authentication.jaxb.samlv2.protocol.StatusResponseType; +import org.jboss.seam.security.external_authentication.jaxb.samlv2.protocol.StatusType; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +public class SamlSingleSignOnReceiver +{ + private Logger log = LoggerFactory.getLogger(SamlSingleSignOnReceiver.class); + + @Inject + private Requests requests; + + @Inject + private Identity identity; + + @Inject + private InternalAuthenticator internalAuthenticator; + + @Inject + private ServiceProvider serviceProvider; + + @Inject + private BeanManager beanManager; + + public void processIDPResponse(HttpServletRequest httpRequest, HttpServletResponse httpResponse, StatusResponseType statusResponse, RequestContext requestContext, SamlIdentityProvider idp) throws InvalidRequestException + { + StatusType status = statusResponse.getStatus(); + if (status == null) + { + throw new InvalidRequestException("Response does not contain a status"); + } + + String statusValue = status.getStatusCode().getValue(); + if (SamlConstants.STATUS_SUCCESS.equals(statusValue) == false) + { + throw new RuntimeException("IDP returned status " + statusValue); + } + + if (!(statusResponse instanceof ResponseType)) + { + throw new InvalidRequestException("Response does not have type ResponseType"); + } + + ResponseType response = (ResponseType) statusResponse; + + List<Object> assertions = response.getAssertionOrEncryptedAssertion(); + if (assertions.size() == 0) + { + throw new RuntimeException("IDP response does not contain assertions"); + } + + SeamSamlPrincipal principal = getAuthenticatedUser(response, requestContext); + if (principal == null) + { + try + { + beanManager.fireEvent(new PostAuthenticateEvent()); + beanManager.fireEvent(new LoginFailedEvent(new LoginException())); + + httpResponse.sendRedirect(serviceProvider.getFailedAuthenticationUrl()); + } + catch (IOException e) + { + throw new RuntimeException(e); + } + } + else + { + // Login the user, and redirect to the requested page. + principal.setIdentityProvider(idp); + loginUser(httpRequest, httpResponse, principal, requestContext); + } + } + + private SeamSamlPrincipal getAuthenticatedUser(ResponseType responseType, RequestContext requestContext) + { + SeamSamlPrincipal principal = null; + + for (Object assertion : responseType.getAssertionOrEncryptedAssertion()) + { + if (assertion instanceof AssertionType) + { + SeamSamlPrincipal assertionSubject = handleAssertion((AssertionType) assertion, requestContext); + if (principal == null) + { + principal = assertionSubject; + } + else + { + log.warn("Multiple authenticated users found in assertions. Using the first one."); + } + } + else + { + /* assertion instanceof EncryptedElementType */ + log.warn("Encountered encrypted assertion. Skipping it because decryption is not yet supported."); + } + } + return principal; + } + + private SeamSamlPrincipal handleAssertion(AssertionType assertion, RequestContext requestContext) + { + if (SamlUtils.hasAssertionExpired(assertion)) + { + log.warn("Received assertion not processed because it has expired."); + return null; + } + + AuthnStatementType authnStatement = extractValidAuthnStatement(assertion); + if (authnStatement == null) + { + log.warn("Received assertion not processed because it doesn't contain a valid authnStatement."); + return null; + } + + NameIDType nameId = validateSubjectAndExtractNameID(assertion, requestContext); + if (nameId == null) + { + log.warn("Received assertion not processed because it doesn't contain a valid subject."); + return null; + } + + SeamSamlPrincipal principal = new SeamSamlPrincipal(); + principal.setAssertion(assertion); + principal.setSessionIndex(authnStatement.getSessionIndex()); + principal.setNameId(nameId); + + for (StatementAbstractType statement : assertion.getStatementOrAuthnStatementOrAuthzDecisionStatement()) + { + if (statement instanceof AttributeStatementType) + { + AttributeStatementType attributeStatement = (AttributeStatementType) statement; + List<AttributeType> attributes = new LinkedList<AttributeType>(); + for (Object object : attributeStatement.getAttributeOrEncryptedAttribute()) + { + if (object instanceof AttributeType) + { + attributes.add((AttributeType) object); + } + else + { + log.warn("Encrypted attributes are not supported. Ignoring the attribute."); + } + } + principal.setAttributes(attributes); + } + } + + return principal; + } + + private AuthnStatementType extractValidAuthnStatement(AssertionType assertion) + { + for (StatementAbstractType statement : assertion.getStatementOrAuthnStatementOrAuthzDecisionStatement()) + { + if (statement instanceof AuthnStatementType) + { + AuthnStatementType authnStatement = (AuthnStatementType) statement; + return authnStatement; + } + } + + return null; + } + + private NameIDType validateSubjectAndExtractNameID(AssertionType assertion, RequestContext requestContext) + { + NameIDType nameId = null; + boolean validConfirmationFound = false; + + for (JAXBElement<?> contentElement : assertion.getSubject().getContent()) + { + if (contentElement.getValue() instanceof NameIDType) + { + nameId = (NameIDType) contentElement.getValue(); + } + if (contentElement.getValue() instanceof SubjectConfirmationType) + { + SubjectConfirmationType confirmation = (SubjectConfirmationType) contentElement.getValue(); + if (confirmation.getMethod().equals(SamlConstants.CONFIRMATION_METHOD_BEARER)) + { + SubjectConfirmationDataType confirmationData = confirmation.getSubjectConfirmationData(); + + boolean validRecipient = confirmationData.getRecipient().equals(serviceProvider.getServiceURL(ExternalAuthenticationService.SAML_ASSERTION_CONSUMER_SERVICE)); + + boolean notTooLate = confirmationData.getNotOnOrAfter().compare(SamlUtils.getXMLGregorianCalendar()) == DatatypeConstants.GREATER; + + boolean validInResponseTo = requestContext == null || confirmationData.getInResponseTo().equals(requestContext.getId()); + + if (validRecipient && notTooLate && validInResponseTo) + { + validConfirmationFound = true; + } + } + } + } + + if (validConfirmationFound) + { + return nameId; + } + else + { + return null; + } + } + + private void loginUser(HttpServletRequest httpRequest, HttpServletResponse httpResponse, SeamSamlPrincipal principal, RequestContext requestContext) + { + if (identity.isLoggedIn()) + { + throw new RuntimeException("User is already logged in."); + } + + boolean internallyAuthenticated = internalAuthenticator.authenticate(principal, httpRequest); + + try + { + if (internallyAuthenticated) + { + if (requestContext == null) + { + redirectForUnsolicitedAuthentication(httpRequest, httpResponse); + } + else + { + requests.redirect(requestContext.getId(), httpResponse); + } + } + else + { + httpResponse.sendRedirect(serviceProvider.getFailedAuthenticationUrl()); + } + } + catch (IOException e) + { + throw new RuntimeException(e); + } + } + + private void redirectForUnsolicitedAuthentication(HttpServletRequest httpRequest, HttpServletResponse httpResponse) throws IOException + { + String relayState = httpRequest.getParameter("RelayState"); + + /* Unsolicited authentication. */ + + if (relayState != null) + { + httpResponse.sendRedirect(relayState); + } + else + { + String unsolicitedAuthenticationUrl = serviceProvider.getUnsolicitedAuthenticationUrl(); + if (unsolicitedAuthenticationUrl != null) + { + httpResponse.sendRedirect(unsolicitedAuthenticationUrl); + } + else + { + throw new RuntimeException("Unsolicited login could not be handled because the unsolicitedAuthenticationViewId property has not been configured"); + } + } + } +} Property changes on: modules/security/trunk/impl/src/main/java/org/jboss/seam/security/external_authentication/SamlSingleSignOnReceiver.java ___________________________________________________________________ Name: svn + eol-style=native Name: svn:keywords + Revision Author Date Added: modules/security/trunk/impl/src/main/java/org/jboss/seam/security/external_authentication/SamlSingleSignOnSender.java =================================================================== --- modules/security/trunk/impl/src/main/java/org/jboss/seam/security/external_authentication/SamlSingleSignOnSender.java (rev 0) +++ modules/security/trunk/impl/src/main/java/org/jboss/seam/security/external_authentication/SamlSingleSignOnSender.java 2010-08-06 14:08:04 UTC (rev 13562) @@ -0,0 +1,35 @@ +package org.jboss.seam.security.external_authentication; + +import javax.enterprise.inject.spi.BeanManager; +import javax.inject.Inject; +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; + +import org.jboss.seam.security.events.PreAuthenticateEvent; +import org.jboss.seam.security.external_authentication.configuration.SamlIdentityProvider; +import org.jboss.seam.security.external_authentication.jaxb.samlv2.protocol.AuthnRequestType; + +public class SamlSingleSignOnSender +{ + @Inject + private Requests requests; + + @Inject + private SamlMessageFactory samlMessageFactory; + + @Inject + private SamlMessageSender samlMessageSender; + + @Inject + private BeanManager beanManager; + + public void sendAuthenticationRequestToIDP(HttpServletRequest request, HttpServletResponse response, SamlIdentityProvider samlIdentityProvider, String returnUrl) + { + AuthnRequestType authnRequest = samlMessageFactory.createAuthnRequest(); + requests.addRequest(authnRequest.getID(), samlIdentityProvider, returnUrl); + + beanManager.fireEvent(new PreAuthenticateEvent()); + + samlMessageSender.sendRequestToIDP(request, response, samlIdentityProvider, SamlProfile.SINGLE_SIGN_ON, authnRequest); + } +} Property changes on: modules/security/trunk/impl/src/main/java/org/jboss/seam/security/external_authentication/SamlSingleSignOnSender.java ___________________________________________________________________ Name: svn + eol-style=native Name: svn:keywords + Revision Author Date Added: modules/security/trunk/impl/src/main/java/org/jboss/seam/security/external_authentication/SamlUtils.java =================================================================== --- modules/security/trunk/impl/src/main/java/org/jboss/seam/security/external_authentication/SamlUtils.java (rev 0) +++ modules/security/trunk/impl/src/main/java/org/jboss/seam/security/external_authentication/SamlUtils.java 2010-08-06 14:08:04 UTC (rev 13562) @@ -0,0 +1,128 @@ +/* + * JBoss, Home of Professional Open Source + * Copyright 2010, Red Hat, Inc., and individual contributors + * by the @authors tag. See the copyright.txt in the distribution for a + * full listing of individual contributors. + * + * This is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * This software is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this software; if not, write to the Free + * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA + * 02110-1301 USA, or see the FSF site: http://www.fsf.org. + */ +package org.jboss.seam.security.external_authentication; + +import java.io.IOException; +import java.io.StringWriter; +import java.util.GregorianCalendar; + +import javax.servlet.http.HttpServletResponse; +import javax.xml.datatype.DatatypeConfigurationException; +import javax.xml.datatype.DatatypeConstants; +import javax.xml.datatype.DatatypeFactory; +import javax.xml.datatype.XMLGregorianCalendar; +import javax.xml.transform.OutputKeys; +import javax.xml.transform.Result; +import javax.xml.transform.Source; +import javax.xml.transform.Transformer; +import javax.xml.transform.TransformerException; +import javax.xml.transform.TransformerFactory; +import javax.xml.transform.dom.DOMSource; +import javax.xml.transform.stream.StreamResult; + +import org.jboss.seam.security.external_authentication.jaxb.samlv2.assertion.AssertionType; +import org.jboss.seam.security.external_authentication.jaxb.samlv2.assertion.ConditionsType; +import org.w3c.dom.Document; + +public class SamlUtils +{ + + public static XMLGregorianCalendar getXMLGregorianCalendar() + { + try + { + DatatypeFactory dtf = DatatypeFactory.newInstance(); + return dtf.newXMLGregorianCalendar(new GregorianCalendar()); + } + catch (DatatypeConfigurationException e) + { + throw new RuntimeException(e); + } + } + + public static boolean hasAssertionExpired(AssertionType assertion) + { + ConditionsType conditionsType = assertion.getConditions(); + if (conditionsType != null) + { + XMLGregorianCalendar now = getXMLGregorianCalendar(); + XMLGregorianCalendar notBefore = conditionsType.getNotBefore(); + XMLGregorianCalendar notOnOrAfter = conditionsType.getNotOnOrAfter(); + + int val = notBefore.compare(now); + if (val == DatatypeConstants.INDETERMINATE || val == DatatypeConstants.GREATER) + { + return true; + } + + val = notOnOrAfter.compare(now); + if (val != DatatypeConstants.GREATER) + { + return true; + } + + return false; + } + else + { + return false; + } + } + + public static String getDocumentAsString(Document document) + { + Source source = new DOMSource(document); + StringWriter sw = new StringWriter(); + + Result streamResult = new StreamResult(sw); + try + { + Transformer transformer = TransformerFactory.newInstance().newTransformer(); + transformer.setOutputProperty(OutputKeys.OMIT_XML_DECLARATION, "yes"); + transformer.setOutputProperty(OutputKeys.INDENT, "no"); + transformer.transform(source, streamResult); + } + catch (TransformerException e) + { + throw new RuntimeException(e); + } + + return sw.toString(); + } + + public static void sendRedirect(String destination, HttpServletResponse response) + { + response.setCharacterEncoding("UTF-8"); + response.setHeader("Location", destination); + response.setHeader("Pragma", "no-cache"); + response.setHeader("Cache-Control", "no-cache, no-store, must-revalidate,private"); + response.setStatus(HttpServletResponse.SC_MOVED_TEMPORARILY); + try + { + response.sendRedirect(destination); + } + catch (IOException e) + { + throw new RuntimeException(); + } + } +} Property changes on: modules/security/trunk/impl/src/main/java/org/jboss/seam/security/external_authentication/SamlUtils.java ___________________________________________________________________ Name: svn + eol-style=native Name: svn:keywords + Revision Author Date Added: modules/security/trunk/impl/src/main/java/org/jboss/seam/security/external_authentication/SeamSamlPrincipal.java =================================================================== --- modules/security/trunk/impl/src/main/java/org/jboss/seam/security/external_authentication/SeamSamlPrincipal.java (rev 0) +++ modules/security/trunk/impl/src/main/java/org/jboss/seam/security/external_authentication/SeamSamlPrincipal.java 2010-08-06 14:08:04 UTC (rev 13562) @@ -0,0 +1,99 @@ +/* + * JBoss, Home of Professional Open Source + * Copyright 2010, Red Hat, Inc., and individual contributors + * by the @authors tag. See the copyright.txt in the distribution for a + * full listing of individual contributors. + * + * This is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * This software is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this software; if not, write to the Free + * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA + * 02110-1301 USA, or see the FSF site: http://www.fsf.org. + */ +package org.jboss.seam.security.external_authentication; + +import java.security.Principal; +import java.util.LinkedList; +import java.util.List; + +import org.jboss.seam.security.external_authentication.configuration.SamlIdentityProvider; +import org.jboss.seam.security.external_authentication.jaxb.samlv2.assertion.AssertionType; +import org.jboss.seam.security.external_authentication.jaxb.samlv2.assertion.AttributeType; +import org.jboss.seam.security.external_authentication.jaxb.samlv2.assertion.NameIDType; + +public class SeamSamlPrincipal implements Principal +{ + private NameIDType nameId; + + private SamlIdentityProvider identityProvider; + + private List<AttributeType> attributes = new LinkedList<AttributeType>(); + + private String sessionIndex; + + private AssertionType assertion; + + public NameIDType getNameId() + { + return nameId; + } + + public void setNameId(NameIDType nameId) + { + this.nameId = nameId; + } + + public SamlIdentityProvider getIdentityProvider() + { + return identityProvider; + } + + public void setIdentityProvider(SamlIdentityProvider identityProvider) + { + this.identityProvider = identityProvider; + } + + public List<AttributeType> getAttributes() + { + return attributes; + } + + public void setAttributes(List<AttributeType> attributes) + { + this.attributes = attributes; + } + + public String getSessionIndex() + { + return sessionIndex; + } + + public void setSessionIndex(String sessionIndex) + { + this.sessionIndex = sessionIndex; + } + + public AssertionType getAssertion() + { + return assertion; + } + + public void setAssertion(AssertionType assertion) + { + this.assertion = assertion; + } + + public String getName() + { + return nameId.getValue(); + } +} Property changes on: modules/security/trunk/impl/src/main/java/org/jboss/seam/security/external_authentication/SeamSamlPrincipal.java ___________________________________________________________________ Name: svn + eol-style=native Name: svn:keywords + Revision Author Date Added: modules/security/trunk/impl/src/main/java/org/jboss/seam/security/external_authentication/configuration/Binding.java =================================================================== --- modules/security/trunk/impl/src/main/java/org/jboss/seam/security/external_authentication/configuration/Binding.java (rev 0) +++ modules/security/trunk/impl/src/main/java/org/jboss/seam/security/external_authentication/configuration/Binding.java 2010-08-06 14:08:04 UTC (rev 13562) @@ -0,0 +1,27 @@ +/* + * JBoss, Home of Professional Open Source + * Copyright 2010, Red Hat, Inc., and individual contributors + * by the @authors tag. See the copyright.txt in the distribution for a + * full listing of individual contributors. + * + * This is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * This software is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this software; if not, write to the Free + * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA + * 02110-1301 USA, or see the FSF site: http://www.fsf.org. + */ +package org.jboss.seam.security.external_authentication.configuration; + +public enum Binding +{ + HTTP_Redirect, HTTP_Post +} Property changes on: modules/security/trunk/impl/src/main/java/org/jboss/seam/security/external_authentication/configuration/Binding.java ___________________________________________________________________ Name: svn + eol-style=native Name: svn:keywords + Revision Author Date Added: modules/security/trunk/impl/src/main/java/org/jboss/seam/security/external_authentication/configuration/Configuration.java =================================================================== --- modules/security/trunk/impl/src/main/java/org/jboss/seam/security/external_authentication/configuration/Configuration.java (rev 0) +++ modules/security/trunk/impl/src/main/java/org/jboss/seam/security/external_authentication/configuration/Configuration.java 2010-08-06 14:08:04 UTC (rev 13562) @@ -0,0 +1,129 @@ +/* + * JBoss, Home of Professional Open Source + * Copyright 2010, Red Hat, Inc., and individual contributors + * by the @authors tag. See the copyright.txt in the distribution for a + * full listing of individual contributors. + * + * This is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * This software is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this software; if not, write to the Free + * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA + * 02110-1301 USA, or see the FSF site: http://www.fsf.org. + */ +package org.jboss.seam.security.external_authentication.configuration; + +import java.net.URL; +import java.util.HashMap; +import java.util.LinkedList; +import java.util.List; +import java.util.Map; + +import javax.enterprise.context.ApplicationScoped; +import javax.inject.Inject; +import javax.inject.Named; +import javax.xml.XMLConstants; +import javax.xml.bind.JAXBContext; +import javax.xml.bind.JAXBElement; +import javax.xml.bind.JAXBException; +import javax.xml.bind.Unmarshaller; +import javax.xml.validation.Schema; +import javax.xml.validation.SchemaFactory; + +import org.jboss.seam.security.external_authentication.jaxb.config.ExternalAuthenticationConfigType; +import org.jboss.seam.security.external_authentication.jaxb.config.ServiceProviderType; +import org.xml.sax.SAXException; + +@Named("configuration") +@ApplicationScoped +// FIXME @Startup +public class Configuration +{ + private final static String CONFIGURATION_FILE = "/external-authentication-config.xml"; + + private String contextRoot; + + private Map<String, ServiceProvider> serviceProviderMap = new HashMap<String, ServiceProvider>(); + + @Inject + public void init() + { + List<ServiceProvider> serviceProviders = new LinkedList<ServiceProvider>(); + ExternalAuthenticationConfigType externalAuthenticationConfig = readConfigurationFile(); + for (ServiceProviderType serviceProvider : externalAuthenticationConfig.getServiceProvider()) + { + serviceProviders.add(new ServiceProvider(this, serviceProvider)); + } + + for (ServiceProvider sp : serviceProviders) + { + if (serviceProviderMap.containsKey(sp.getHostname())) + { + throw new RuntimeException("Two service providers have the same hostname"); + } + serviceProviderMap.put(sp.getHostname(), sp); + } + } + + private ExternalAuthenticationConfigType readConfigurationFile() + { + ExternalAuthenticationConfigType externalAuthenticationConfig; + try + { + JAXBContext jaxbContext = JAXBContext.newInstance("org.jboss.seam.security.external_authentication.jaxb.config"); + Unmarshaller unmarshaller = jaxbContext.createUnmarshaller(); + URL schemaURL = getClass().getResource("/schema/config/external-authentication-config.xsd"); + Schema schema; + try + { + schema = SchemaFactory.newInstance(XMLConstants.W3C_XML_SCHEMA_NS_URI).newSchema(schemaURL); + } + catch (SAXException e) + { + throw new RuntimeException(e); + } + unmarshaller.setSchema(schema); + + JAXBElement<?> o = (JAXBElement<?>) unmarshaller.unmarshal(getClass().getResource(CONFIGURATION_FILE)); + externalAuthenticationConfig = (ExternalAuthenticationConfigType) o.getValue(); + } + catch (JAXBException e) + { + throw new RuntimeException(e); + } + return externalAuthenticationConfig; + } + + public void setContextRoot(String contextRoot) + { + this.contextRoot = contextRoot; + } + + public String getContextRoot() + { + return contextRoot; + } + + // FIXME @Factory(scope = ScopeType.EVENT, autoCreate = true, value = + // "org.jboss.seam.security.external_authentication.serviceProvider") + public ServiceProvider getServiceProvider() + { + String hostname = null; // FIXME = + // ServletContexts.instance().getRequest().getServerName(); + ; + return serviceProviderMap.get(hostname); + } + + public ServiceProvider getServiceProvider(String hostname) + { + return serviceProviderMap.get(hostname); + } +} Property changes on: modules/security/trunk/impl/src/main/java/org/jboss/seam/security/external_authentication/configuration/Configuration.java ___________________________________________________________________ Name: svn + eol-style=native Name: svn:keywords + Revision Author Date Added: modules/security/trunk/impl/src/main/java/org/jboss/seam/security/external_authentication/configuration/OpenIdConfiguration.java =================================================================== --- modules/security/trunk/impl/src/main/java/org/jboss/seam/security/external_authentication/configuration/OpenIdConfiguration.java (rev 0) +++ modules/security/trunk/impl/src/main/java/org/jboss/seam/security/external_authentication/configuration/OpenIdConfiguration.java 2010-08-06 14:08:04 UTC (rev 13562) @@ -0,0 +1,50 @@ +/* + * JBoss, Home of Professional Open Source + * Copyright 2010, Red Hat, Inc., and individual contributors + * by the @authors tag. See the copyright.txt in the distribution for a + * full listing of individual contributors. + * + * This is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * This software is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this software; if not, write to the Free + * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA + * 02110-1301 USA, or see the FSF site: http://www.fsf.org. + */ +package org.jboss.seam.security.external_authentication.configuration; + +import java.util.List; + +import org.jboss.seam.security.external_authentication.jaxb.config.OpenIdAttributeType; +import org.jboss.seam.security.external_authentication.jaxb.config.OpenIdConfigType; + +public class OpenIdConfiguration +{ + private List<OpenIdAttributeType> attributes; + + private String defaultOpenIdProvider; + + public OpenIdConfiguration(OpenIdConfigType openIdConfig) + { + attributes = openIdConfig.getAttribute(); + defaultOpenIdProvider = openIdConfig.getDefaultOpenIdProvider(); + } + + public List<OpenIdAttributeType> getAttributes() + { + return attributes; + } + + public String getDefaultOpenIdProvider() + { + return defaultOpenIdProvider; + } +} Property changes on: modules/security/trunk/impl/src/main/java/org/jboss/seam/security/external_authentication/configuration/OpenIdConfiguration.java ___________________________________________________________________ Name: svn + eol-style=native Name: svn:keywords + Revision Author Date Added: modules/security/trunk/impl/src/main/java/org/jboss/seam/security/external_authentication/configuration/SamlConfiguration.java =================================================================== --- modules/security/trunk/impl/src/main/java/org/jboss/seam/security/external_authentication/configuration/SamlConfiguration.java (rev 0) +++ modules/security/trunk/impl/src/main/java/org/jboss/seam/security/external_authentication/configuration/SamlConfiguration.java 2010-08-06 14:08:04 UTC (rev 13562) @@ -0,0 +1,271 @@ +/* + * JBoss, Home of Professional Open Source + * Copyright 2010, Red Hat, Inc., and individual contributors + * by the @authors tag. See the copyright.txt in the distribution for a + * full listing of individual contributors. + * + * This is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * This software is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this software; if not, write to the Free + * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA + * 02110-1301 USA, or see the FSF site: http://www.fsf.org. + */ +package org.jboss.seam.security.external_authentication.configuration; + +import java.io.IOException; +import java.io.InputStream; +import java.net.MalformedURLException; +import java.net.URL; +import java.security.KeyStore; +import java.security.KeyStoreException; +import java.security.NoSuchAlgorithmException; +import java.security.PrivateKey; +import java.security.UnrecoverableKeyException; +import java.security.cert.CertificateException; +import java.security.cert.X509Certificate; +import java.util.HashMap; +import java.util.LinkedList; +import java.util.List; +import java.util.Map; + +import javax.xml.bind.JAXBContext; +import javax.xml.bind.JAXBElement; +import javax.xml.bind.JAXBException; +import javax.xml.bind.Unmarshaller; + +import org.jboss.seam.security.external_authentication.jaxb.config.SamlConfigType; +import org.jboss.seam.security.external_authentication.jaxb.config.SamlIdentityProviderType; +import org.jboss.seam.security.external_authentication.jaxb.samlv2.metadata.EntitiesDescriptorType; +import org.jboss.seam.security.external_authentication.jaxb.samlv2.metadata.EntityDescriptorType; +import org.jboss.seam.security.external_authentication.jaxb.samlv2.metadata.IDPSSODescriptorType; +import org.jboss.seam.security.external_authentication.jaxb.samlv2.metadata.RoleDescriptorType; + +public class SamlConfiguration +{ + private static final String SAML_ENTITIES_FILE = "/saml-entities.xml"; + + private Map<String, IDPSSODescriptorType> idpMetaInfo = new HashMap<String, IDPSSODescriptorType>(); + + private String entityId; + + private SamlIdentityProvider defaultIdentityProvider; + + private List<SamlIdentityProvider> identityProviders = new LinkedList<SamlIdentityProvider>(); + + private boolean authnRequestsSigned = false; + + private boolean wantAssertionsSigned = false; + + private PrivateKey privateKey; + + private X509Certificate certificate; + + public SamlConfiguration(SamlConfigType samlConfig) + { + readSamlMetaInformation(); + + this.entityId = samlConfig.getServiceProviderEntityId(); + this.authnRequestsSigned = samlConfig.isAuthnRequestsSigned(); + this.wantAssertionsSigned = samlConfig.isWantAssertionsSigned(); + + for (SamlIdentityProviderType samlIdp : samlConfig.getSamlIdentityProvider()) + { + IDPSSODescriptorType idpSsoDescriptor = idpMetaInfo.get(samlIdp.getEntityId()); + if (idpSsoDescriptor == null) + { + throw new RuntimeException("Saml identity provider with entity id \"" + samlIdp.getEntityId() + "\" not found in metadata."); + } + SamlIdentityProvider samlIdentityProvider = new SamlIdentityProvider(samlIdp.getEntityId(), idpSsoDescriptor); + identityProviders.add(samlIdentityProvider); + + samlIdentityProvider.setWantSingleLogoutMessagesSigned(samlIdp.isWantSingleLogoutMessagesSigned()); + samlIdentityProvider.setSingleLogoutMessagesSigned(samlIdp.isSingleLogoutMessagesSigned()); + } + + boolean wantAuthnRequestsSigned = false; + + for (SamlIdentityProvider identityProvider : identityProviders) + { + if (identityProvider instanceof SamlIdentityProvider) + { + if (((SamlIdentityProvider) identityProvider).isWantAuthnRequestsSigned()) + { + wantAuthnRequestsSigned = true; + } + } + if (identityProvider.getEntityId().equals(samlConfig.getDefaultIdentityProvider())) + { + defaultIdentityProvider = identityProvider; + } + } + + if (wantAuthnRequestsSigned && !samlConfig.isAuthnRequestsSigned()) + { + throw new RuntimeException("Configuration error: at least one identity provider wants the authentication requests signed, but the service provider doesn't sign authentication requests."); + } + + String keyStoreUrl = samlConfig.getKeyStoreUrl(); + String keyStorePass = samlConfig.getKeyStorePass(); + String signingKeyAlias = samlConfig.getSigningKeyAlias(); + String signingKeyPass = samlConfig.getSigningKeyPass(); + if (signingKeyPass == null) + { + signingKeyPass = keyStorePass; + } + + getSigningKeyPair(keyStoreUrl, keyStorePass, signingKeyAlias, signingKeyPass); + } + + private void readSamlMetaInformation() + { + try + { + JAXBContext jaxbContext = JAXBContext.newInstance("org.picketlink.identity.federation.saml.v2.metadata"); + Unmarshaller unmarshaller = jaxbContext.createUnmarshaller(); + JAXBElement<?> o = (JAXBElement<?>) unmarshaller.unmarshal(getClass().getResource(SAML_ENTITIES_FILE)); + EntitiesDescriptorType entitiesDescriptor = (EntitiesDescriptorType) o.getValue(); + readEntitiesDescriptor(entitiesDescriptor); + } + catch (JAXBException e) + { + throw new RuntimeException(e); + } + } + + private void readEntitiesDescriptor(EntitiesDescriptorType entitiesDescriptor) + { + for (Object object : entitiesDescriptor.getEntityDescriptorOrEntitiesDescriptor()) + { + if (object instanceof EntityDescriptorType) + { + EntityDescriptorType entityDescriptor = (EntityDescriptorType) object; + String entityId = entityDescriptor.getEntityID(); + + for (RoleDescriptorType roleDescriptor : entityDescriptor.getRoleDescriptorOrIDPSSODescriptorOrSPSSODescriptor()) + { + if (roleDescriptor instanceof IDPSSODescriptorType) + { + IDPSSODescriptorType IDPSSODescriptor = (IDPSSODescriptorType) roleDescriptor; + idpMetaInfo.put(entityId, IDPSSODescriptor); + } + } + } + else + { + EntitiesDescriptorType descriptor = (EntitiesDescriptorType) object; + readEntitiesDescriptor(descriptor); + } + } + } + + private void getSigningKeyPair(String keyStoreUrl, String keyStorePass, String signingKeyAlias, String signingKeyPass) + { + final String classPathPrefix = "classpath:"; + + try + { + KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType()); + InputStream keyStoreStream; + if (keyStoreUrl.startsWith(classPathPrefix)) + { + keyStoreStream = getClass().getClassLoader().getResourceAsStream(keyStoreUrl.substring(classPathPrefix.length())); + } + else + { + keyStoreStream = new URL(keyStoreUrl).openStream(); + } + char[] keyStorePwd = keyStorePass != null ? keyStorePass.toCharArray() : null; + keyStore.load(keyStoreStream, keyStorePwd); + + certificate = (X509Certificate) keyStore.getCertificate(signingKeyAlias); + + char[] signingKeyPwd = signingKeyPass != null ? signingKeyPass.toCharArray() : null; + + privateKey = (PrivateKey) keyStore.getKey(signingKeyAlias, signingKeyPwd); + } + catch (KeyStoreException e) + { + throw new RuntimeException(e); + } + catch (NoSuchAlgorithmException e) + { + throw new RuntimeException(e); + } + catch (CertificateException e) + { + throw new RuntimeException(e); + } + catch (MalformedURLException e) + { + throw new RuntimeException(e); + } + catch (IOException e) + { + throw new RuntimeException(e); + } + catch (UnrecoverableKeyException e) + { + throw new RuntimeException(e); + } + } + + public String getEntityId() + { + return entityId; + } + + public SamlIdentityProvider getDefaultIdentityProvider() + { + return defaultIdentityProvider; + } + + public List<SamlIdentityProvider> getIdentityProviders() + { + return identityProviders; + } + + public boolean isAuthnRequestsSigned() + { + return authnRequestsSigned; + } + + public boolean isWantAssertionsSigned() + { + return wantAssertionsSigned; + } + + public PrivateKey getPrivateKey() + { + return privateKey; + } + + public X509Certificate getCertificate() + { + return certificate; + } + + public SamlIdentityProvider getSamlIdentityProviderByEntityId(String entityId) + { + for (SamlIdentityProvider identityProvider : identityProviders) + { + if (identityProvider instanceof SamlIdentityProvider) + { + SamlIdentityProvider samlIdentityProvider = (SamlIdentityProvider) identityProvider; + if (samlIdentityProvider.getEntityId().equals(entityId)) + { + return samlIdentityProvider; + } + } + } + return null; + } +} Property changes on: modules/security/trunk/impl/src/main/java/org/jboss/seam/security/external_authentication/configuration/SamlConfiguration.java ___________________________________________________________________ Name: svn + eol-style=native Name: svn:keywords + Revision Author Date Added: modules/security/trunk/impl/src/main/java/org/jboss/seam/security/external_authentication/configuration/SamlEndpoint.java =================================================================== --- modules/security/trunk/impl/src/main/java/org/jboss/seam/security/external_authentication/configuration/SamlEndpoint.java (rev 0) +++ modules/security/trunk/impl/src/main/java/org/jboss/seam/security/external_authentication/configuration/SamlEndpoint.java 2010-08-06 14:08:04 UTC (rev 13562) @@ -0,0 +1,62 @@ +/* + * JBoss, Home of Professional Open Source + * Copyright 2010, Red Hat, Inc., and individual contributors + * by the @authors tag. See the copyright.txt in the distribution for a + * full listing of individual contributors. + * + * This is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * This software is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this software; if not, write to the Free + * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA + * 02110-1301 USA, or see the FSF site: http://www.fsf.org. + */ +package org.jboss.seam.security.external_authentication.configuration; + +public class SamlEndpoint +{ + private Binding binding; + + private String location; + + private String responseLocation; + + private SamlService service; + + public SamlEndpoint(SamlService service, Binding binding, String location, String responseLocation) + { + super(); + this.service = service; + this.binding = binding; + this.location = location; + this.responseLocation = responseLocation; + } + + public SamlService getService() + { + return service; + } + + public Binding getBinding() + { + return binding; + } + + public String getLocation() + { + return location; + } + + public String getResponseLocation() + { + return responseLocation != null ? responseLocation : location; + } +} Property changes on: modules/security/trunk/impl/src/main/java/org/jboss/seam/security/external_authentication/configuration/SamlEndpoint.java ___________________________________________________________________ Name: svn + eol-style=native Name: svn:keywords + Revision Author Date Added: modules/security/trunk/impl/src/main/java/org/jboss/seam/security/external_authentication/configuration/SamlIdentityProvider.java =================================================================== --- modules/security/trunk/impl/src/main/java/org/jboss/seam/security/external_authentication/configuration/SamlIdentityProvider.java (rev 0) +++ modules/security/trunk/impl/src/main/java/org/jboss/seam/security/external_authentication/configuration/SamlIdentityProvider.java 2010-08-06 14:08:04 UTC (rev 13562) @@ -0,0 +1,149 @@ +/* + * JBoss, Home of Professional Open Source + * Copyright 2010, Red Hat, Inc., and individual contributors + * by the @authors tag. See the copyright.txt in the distribution for a + * full listing of individual contributors. + * + * This is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * This software is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this software; if not, write to the Free + * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA + * 02110-1301 USA, or see the FSF site: http://www.fsf.org. + */ +package org.jboss.seam.security.external_authentication.configuration; + +import java.security.PublicKey; +import java.util.HashMap; +import java.util.Map; + +import javax.security.cert.X509Certificate; +import javax.xml.bind.JAXBElement; + +import org.jboss.seam.security.external_authentication.SamlProfile; +import org.jboss.seam.security.external_authentication.jaxb.samlv2.metadata.IDPSSODescriptorType; +import org.jboss.seam.security.external_authentication.jaxb.samlv2.metadata.KeyDescriptorType; +import org.jboss.seam.security.external_authentication.jaxb.samlv2.metadata.KeyTypes; +import org.jboss.seam.security.external_authentication.jaxb.xmldsig.X509DataType; + +public class SamlIdentityProvider +{ + private String entityId; + + private Map<SamlProfile, SamlService> services = new HashMap<SamlProfile, SamlService>(); + + private PublicKey publicKey; + + private boolean wantAuthnRequestsSigned; + + private boolean wantSingleLogoutMessagesSigned; + + private boolean singleLogoutMessagesSigned; + + public SamlIdentityProvider(String entityId, IDPSSODescriptorType IDPSSODescriptor) + { + this.entityId = entityId; + + wantAuthnRequestsSigned = IDPSSODescriptor.isWantAuthnRequestsSigned(); + + services.put(SamlProfile.SINGLE_SIGN_ON, new SamlService(SamlProfile.SINGLE_SIGN_ON, IDPSSODescriptor.getSingleSignOnService())); + services.put(SamlProfile.SINGLE_LOGOUT, new SamlService(SamlProfile.SINGLE_LOGOUT, IDPSSODescriptor.getSingleLogoutService())); + + for (KeyDescriptorType keyDescriptor : IDPSSODescriptor.getKeyDescriptor()) + { + if (keyDescriptor.getUse().equals(KeyTypes.SIGNING)) + { + for (Object content : keyDescriptor.getKeyInfo().getContent()) + { + if (content instanceof JAXBElement<?> && ((JAXBElement<?>) content).getValue() instanceof X509DataType) + { + X509DataType X509Data = (X509DataType) ((JAXBElement<?>) content).getValue(); + for (Object object : X509Data.getX509IssuerSerialOrX509SKIOrX509SubjectName()) + { + if (object instanceof JAXBElement<?>) + { + JAXBElement<?> el = (JAXBElement<?>) object; + if (el.getName().getLocalPart().equals("X509Certificate")) + { + byte[] certificate = (byte[]) el.getValue(); + try + { + X509Certificate cert = X509Certificate.getInstance(certificate); + publicKey = cert.getPublicKey(); + } + catch (javax.security.cert.CertificateException e) + { + throw new RuntimeException(e); + } + } + } + } + } + } + } + } + } + + public String getEntityId() + { + return entityId; + } + + public void setEntityId(String entityId) + { + this.entityId = entityId; + } + + public SamlService getService(SamlProfile service) + { + return services.get(service); + } + + public PublicKey getPublicKey() + { + return publicKey; + } + + public void setPublicKey(PublicKey publicKey) + { + this.publicKey = publicKey; + } + + public boolean isWantAuthnRequestsSigned() + { + return wantAuthnRequestsSigned; + } + + public void setWantAuthnRequestsSigned(boolean wantAuthnRequestsSigned) + { + this.wantAuthnRequestsSigned = wantAuthnRequestsSigned; + } + + public boolean isWantSingleLogoutMessagesSigned() + { + return wantSingleLogoutMessagesSigned; + } + + public void setWantSingleLogoutMessagesSigned(boolean wantSingleLogoutMessagesSigned) + { + this.wantSingleLogoutMessagesSigned = wantSingleLogoutMessagesSigned; + } + + public boolean isSingleLogoutMessagesSigned() + { + return singleLogoutMessagesSigned; + } + + public void setSingleLogoutMessagesSigned(boolean singleLogoutMessagesSigned) + { + this.singleLogoutMessagesSigned = singleLogoutMessagesSigned; + } +} Property changes on: modules/security/trunk/impl/src/main/java/org/jboss/seam/security/external_authentication/configuration/SamlIdentityProvider.java ___________________________________________________________________ Name: svn + eol-style=native Name: svn:keywords + Revision Author Date Added: modules/security/trunk/impl/src/main/java/org/jboss/seam/security/external_authentication/configuration/SamlService.java =================================================================== --- modules/security/trunk/impl/src/main/java/org/jboss/seam/security/external_authentication/configuration/SamlService.java (rev 0) +++ modules/security/trunk/impl/src/main/java/org/jboss/seam/security/external_authentication/configuration/SamlService.java 2010-08-06 14:08:04 UTC (rev 13562) @@ -0,0 +1,85 @@ +/* + * JBoss, Home of Professional Open Source + * Copyright 2010, Red Hat, Inc., and individual contributors + * by the @authors tag. See the copyright.txt in the distribution for a + * full listing of individual contributors. + * + * This is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * This software is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this software; if not, write to the Free + * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA + * 02110-1301 USA, or see the FSF site: http://www.fsf.org. + */ +package org.jboss.seam.security.external_authentication.configuration; + +import java.util.LinkedList; +import java.util.List; + +import org.jboss.seam.security.external_authentication.jaxb.samlv2.metadata.EndpointType; +import org.jboss.seam.security.external_authentication.SamlProfile; + +public class SamlService +{ + private SamlProfile profile; + + private List<SamlEndpoint> serviceEndpoints = new LinkedList<SamlEndpoint>(); + + public SamlService(SamlProfile profile, List<EndpointType> endpoints) + { + this.profile = profile; + + for (EndpointType endpoint : endpoints) + { + Binding binding = null; + if (endpoint.getBinding().endsWith("HTTP-Redirect")) + { + binding = Binding.HTTP_Redirect; + } + else if (endpoint.getBinding().endsWith("HTTP-POST")) + { + binding = Binding.HTTP_Post; + } + else + { + // ignore other bindings + } + if (binding != null) + { + SamlEndpoint samlEndpoint = new SamlEndpoint(this, binding, endpoint.getLocation(), endpoint.getResponseLocation()); + serviceEndpoints.add(samlEndpoint); + } + } + } + + public SamlProfile getProfile() + { + return profile; + } + + public List<SamlEndpoint> getServiceEndpoints() + { + return serviceEndpoints; + } + + public SamlEndpoint getEndpointForBinding(Binding binding) + { + for (SamlEndpoint endpoint : serviceEndpoints) + { + if (endpoint.getBinding() == binding) + { + return endpoint; + } + } + + return null; + } +} Property changes on: modules/security/trunk/impl/src/main/java/org/jboss/seam/security/external_authentication/configuration/SamlService.java ___________________________________________________________________ Name: svn + eol-style=native Name: svn:keywords + Revision Author Date Added: modules/security/trunk/impl/src/main/java/org/jboss/seam/security/external_authentication/configuration/ServiceProvider.java =================================================================== --- modules/security/trunk/impl/src/main/java/org/jboss/seam/security/external_authentication/configuration/ServiceProvider.java (rev 0) +++ modules/security/trunk/impl/src/main/java/org/jboss/seam/security/external_authentication/configuration/ServiceProvider.java 2010-08-06 14:08:04 UTC (rev 13562) @@ -0,0 +1,171 @@ +/* + * JBoss, Home of Professional Open Source + * Copyright 2010, Red Hat, Inc., and individual contributors + * by the @authors tag. See the copyright.txt in the distribution for a + * full listing of individual contributors. + * + * This is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * This software is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this software; if not, write to the Free + * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA + * 02110-1301 USA, or see the FSF site: http://www.fsf.org. + */ +package org.jboss.seam.security.external_authentication.configuration; + +import java.net.MalformedURLException; +import java.net.URL; + +import javax.el.MethodExpression; + +import org.jboss.seam.security.external_authentication.ExternalAuthenticationService; +import org.jboss.seam.security.external_authentication.jaxb.config.ServiceProviderType; + +public class ServiceProvider +{ + private Configuration configuration; + + private SamlConfiguration samlConfiguration; + + private OpenIdConfiguration openIdConfiguration; + + private String hostname; + + private String protocol; + + private int port; + + private String loggedOutUrl; + + private String unsolicitedAuthenticationUrl; + + private String failedAuthenticationUrl; + + private MethodExpression internalAuthenticationMethod; + + public ServiceProvider(Configuration configuration, ServiceProviderType serviceProvider) + { + this.configuration = configuration; + + hostname = serviceProvider.getHostname(); + protocol = serviceProvider.getProtocol().value(); + + loggedOutUrl = serviceProvider.getLoggedOutUrl(); + unsolicitedAuthenticationUrl = serviceProvider.getUnsolicitedAuthenticationUrl(); + failedAuthenticationUrl = serviceProvider.getFailedAuthenticationUrl(); + + internalAuthenticationMethod = null; // FIXME = + // Expressions.instance().createMethodExpression(serviceProvider.getInternalAuthenticationMethod(), + // Boolean.class, Principal.class, + // List.class); + + if (serviceProvider.getPort() == null) + { + if (protocol.equals("http")) + { + port = 8080; + } + else + { + port = 8443; + } + } + else + { + port = serviceProvider.getPort().intValue(); + } + + if (serviceProvider.getSamlConfig() != null) + { + samlConfiguration = new SamlConfiguration(serviceProvider.getSamlConfig()); + } + + if (serviceProvider.getOpenIdConfig() != null) + { + openIdConfiguration = new OpenIdConfiguration(serviceProvider.getOpenIdConfig()); + } + } + + public String getServiceURL(ExternalAuthenticationService service) + { + String path = configuration.getContextRoot() + "/" + service.getName() + ".seam"; + return createURL(path); + } + + public String getOpenIdRealm() + { + return createURL(""); + } + + private String createURL(String path) + { + try + { + if (protocol.equals("http") && port == 80 || protocol.equals("https") && port == 443) + { + return new URL(protocol, hostname, path).toExternalForm(); + } + else + { + return new URL(protocol, hostname, port, path).toExternalForm(); + } + } + catch (MalformedURLException e) + { + throw new RuntimeException(e); + } + } + + public SamlConfiguration getSamlConfiguration() + { + return samlConfiguration; + } + + public OpenIdConfiguration getOpenIdConfiguration() + { + return openIdConfiguration; + } + + public String getHostname() + { + return hostname; + } + + public String getProtocol() + { + return protocol; + } + + public int getPort() + { + return port; + } + + public String getLoggedOutUrl() + { + return loggedOutUrl; + } + + public String getUnsolicitedAuthenticationUrl() + { + return unsolicitedAuthenticationUrl; + } + + public String getFailedAuthenticationUrl() + { + return failedAuthenticationUrl; + } + + public MethodExpression getInternalAuthenticationMethod() + { + return internalAuthenticationMethod; + } +} Property changes on: modules/security/trunk/impl/src/main/java/org/jboss/seam/security/external_authentication/configuration/ServiceProvider.java ___________________________________________________________________ Name: svn + eol-style=native Name: svn:keywords + Revision Author Date Added: modules/security/trunk/impl/src/main/resources/schema/config/external-authentication-config.xsd =================================================================== --- modules/security/trunk/impl/src/main/resources/schema/config/external-authentication-config.xsd (rev 0) +++ modules/security/trunk/impl/src/main/resources/schema/config/external-authentication-config.xsd 2010-08-06 14:08:04 UTC (rev 13562) @@ -0,0 +1,202 @@ +<?xml version="1.0" encoding="UTF-8"?> +<schema xmlns="http://www.w3.org/2001/XMLSchema" targetNamespace="urn:seam:security:external_authentication:config" + xmlns:tns="urn:seam:security:external_authentication:config" elementFormDefault="qualified"> + <complexType name="ExternalAuthenticationConfigType"> + <annotation> + <documentation> + Configuration for the external authentication of users + (using for example SAMLv2 or OpenID). + </documentation> + </annotation> + <sequence minOccurs="0" maxOccurs="unbounded"> + <element name="ServiceProvider" type="tns:ServiceProviderType" /> + </sequence> + </complexType> + <complexType name="ServiceProviderType"> + <annotation> + <documentation> + Configuration for one service provider (relying + party). + </documentation> + </annotation> + <sequence> + <element name="SamlConfig" type="tns:SamlConfigType" minOccurs="0" /> + <element name="OpenIdConfig" type="tns:OpenIdConfigType" minOccurs="0" /> + </sequence> + <attribute name="protocol" type="tns:ProtocolTypes" use="optional" default="https"> + <annotation> + <documentation>Protocol that is used for the service provider (http + or https). Default: https. + </documentation> + </annotation> + </attribute> + <attribute name="hostname" type="string" use="required"> + <annotation> + <documentation>Name of the system that hosts the application. + </documentation> + </annotation> + </attribute> + <attribute name="port" type="integer" use="optional"> + <annotation> + <documentation>Port that is used for the service provider. Default: + 8080 if the protocol is http, 8443 if the protocol is https. + </documentation> + </annotation> + </attribute> + <attribute name="unsolicitedAuthenticationUrl" type="string" use="required"> + <annotation> + <documentation>URL to which the browser should be redirected by + default after succesful unsolicited authentication (IDP initiated + login).</documentation> + </annotation> + </attribute> + <attribute name="loggedOutUrl" type="string" use="required"> + <annotation> + <documentation>URL where the browser is redirected to after a + succesful logout. + </documentation> + </annotation> + </attribute> + <attribute name="failedAuthenticationUrl" type="string" use="required"> + <annotation> + <documentation>URL where the browser is redirected to after + failed + authentication. + </documentation> + </annotation> + </attribute> + <attribute name="internalAuthenticationMethod" type="string" use="required"> + <annotation> + <documentation>After succesful external authentication, this method + is called, to determine whether the authenticated principal is + allowed to login. The principal is passed to this method. + </documentation> + </annotation> + </attribute> + </complexType> + <complexType name="SamlConfigType"> + <annotation> + <documentation> + Configuration for SAMLv2. + </documentation> + </annotation> + <sequence minOccurs="0" maxOccurs="unbounded"> + <element name="SamlIdentityProvider" type="tns:SamlIdentityProviderType" /> + </sequence> + <attribute name="authnRequestsSigned" type="boolean" use="optional" default="false"> + <annotation> + <documentation>Indicates whether the service provider signs outgoing + authentication requests.</documentation> + </annotation> + </attribute> + <attribute name="wantAssertionsSigned" type="boolean" use="optional" default="true"> + <annotation> + <documentation>Specifies whether assertions received from the IDP + are required to have a valid signature.</documentation> + </annotation> + </attribute> + <attribute name="serviceProviderEntityId" type="string" use="required"> + <annotation> + <documentation>SAML entity id for this service provider. + </documentation> + </annotation> + </attribute> + <attribute name="defaultIdentityProvider" type="string" use="optional"> + <annotation> + <documentation>Name of the default identity provider. + </documentation> + </annotation> + </attribute> + <attribute name="keyStoreUrl" type="string" use="required"> + <annotation> + <documentation>URL of the keystore.</documentation> + </annotation> + </attribute> + <attribute name="keyStorePass" type="string" use="required"> + <annotation> + <documentation>Password of the keystore.</documentation> + </annotation> + </attribute> + <attribute name="signingKeyAlias" type="string" use="required"> + <annotation> + <documentation>Alias of the key that is used for signing outgoing + messages.</documentation> + </annotation> + </attribute> + <attribute name="signingKeyPass" type="string" use="optional"> + <annotation> + <documentation>Password of the key that is used for signing outgoing + messages. Defaults to the keyStorePass.s</documentation> + </annotation> + </attribute> + </complexType> + <complexType name="OpenIdConfigType"> + <annotation> + <documentation> + Configuration for OpenID. + </documentation> + </annotation> + <sequence minOccurs="0" maxOccurs="unbounded"> + <element name="Attribute" type="tns:OpenIdAttributeType" /> + </sequence> + <attribute name="defaultOpenIdProvider" type="string" use="optional"> + <annotation> + <documentation>URL of the default OpenID provider. + </documentation> + </annotation> + </attribute> + </complexType> + <complexType name="OpenIdAttributeType"> + <annotation> + <documentation> + OpenId attribute. + </documentation> + </annotation> + <attribute name="Alias" type="string" use="required"> + <annotation> + <documentation>Alias.</documentation> + </annotation> + </attribute> + <attribute name="TypeUri" type="string" use="required"> + <annotation> + <documentation>The URI identifying the attribute type. + </documentation> + </annotation> + </attribute> + <attribute name="Required" type="boolean" use="required"> + <annotation> + <documentation>Indicates whether the attribute is required. + </documentation> + </annotation> + </attribute> + </complexType> + <simpleType name="ProtocolTypes"> + <restriction base="string"> + <enumeration value="http" /> + <enumeration value="https" /> + </restriction> + </simpleType> + <complexType name="SamlIdentityProviderType"> + <attribute name="entityId" type="string" use="required"> + <annotation> + <documentation>entity id of the SAML identity provider + </documentation> + </annotation> + </attribute> + <attribute name="singleLogoutMessagesSigned" type="boolean" use="optional" default="false"> + <annotation> + <documentation>Indicates whether outgoing logout requests and + responses are signed by the identity provider. + </documentation> + </annotation> + </attribute> + <attribute name="wantSingleLogoutMessagesSigned" type="boolean" use="optional" default="false"> + <annotation> + <documentation>Indicates whether the identity provider wants + incoming single logout requests and responses to be signed. + </documentation> + </annotation> + </attribute> + </complexType> + <element name="ExternalAuthenticationConfig" type="tns:ExternalAuthenticationConfigType" /> +</schema> \ No newline at end of file Added: modules/security/trunk/impl/src/main/resources/schema/samlv2/saml-schema-assertion-2.0.xsd =================================================================== --- modules/security/trunk/impl/src/main/resources/schema/samlv2/saml-schema-assertion-2.0.xsd (rev 0) +++ modules/security/trunk/impl/src/main/resources/schema/samlv2/saml-schema-assertion-2.0.xsd 2010-08-06 14:08:04 UTC (rev 13562) @@ -0,0 +1,283 @@ +<?xml version="1.0" encoding="US-ASCII"?> +<schema + targetNamespace="urn:oasis:names:tc:SAML:2.0:assertion" + xmlns="http://www.w3.org/2001/XMLSchema" + xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" + xmlns:ds="http://www.w3.org/2000/09/xmldsig#" + xmlns:xenc="http://www.w3.org/2001/04/xmlenc#" + elementFormDefault="unqualified" + attributeFormDefault="unqualified" + blockDefault="substitution" + version="2.0"> + <import namespace="http://www.w3.org/2000/09/xmldsig#" + schemaLocation="xmldsig-core-schema.xsd"/> + <import namespace="http://www.w3.org/2001/04/xmlenc#" + schemaLocation="xenc-schema.xsd"/> + <annotation> + <documentation> + Document identifier: saml-schema-assertion-2.0 + Location: http://docs.oasis-open.org/security/saml/v2.0/ + Revision history: + V1.0 (November, 2002): + Initial Standard Schema. + V1.1 (September, 2003): + Updates within the same V1.0 namespace. + V2.0 (March, 2005): + New assertion schema for SAML V2.0 namespace. + </documentation> + </annotation> + <attributeGroup name="IDNameQualifiers"> + <attribute name="NameQualifier" type="string" use="optional"/> + <attribute name="SPNameQualifier" type="string" use="optional"/> + </attributeGroup> + <element name="BaseID" type="saml:BaseIDAbstractType"/> + <complexType name="BaseIDAbstractType" abstract="true"> + <attributeGroup ref="saml:IDNameQualifiers"/> + </complexType> + <element name="NameID" type="saml:NameIDType"/> + <complexType name="NameIDType"> + <simpleContent> + <extension base="string"> + <attributeGroup ref="saml:IDNameQualifiers"/> + <attribute name="Format" type="anyURI" use="optional"/> + <attribute name="SPProvidedID" type="string" use="optional"/> + </extension> + </simpleContent> + </complexType> + <complexType name="EncryptedElementType"> + <sequence> + <element ref="xenc:EncryptedData"/> + <element ref="xenc:EncryptedKey" minOccurs="0" maxOccurs="unbounded"/> + </sequence> + </complexType> + <element name="EncryptedID" type="saml:EncryptedElementType"/> + <element name="Issuer" type="saml:NameIDType"/> + <element name="AssertionIDRef" type="NCName"/> + <element name="AssertionURIRef" type="anyURI"/> + <element name="Assertion" type="saml:AssertionType"/> + <complexType name="AssertionType"> + <sequence> + <element ref="saml:Issuer"/> + <element ref="ds:Signature" minOccurs="0"/> + <element ref="saml:Subject" minOccurs="0"/> + <element ref="saml:Conditions" minOccurs="0"/> + <element ref="saml:Advice" minOccurs="0"/> + <choice minOccurs="0" maxOccurs="unbounded"> + <element ref="saml:Statement"/> + <element ref="saml:AuthnStatement"/> + <element ref="saml:AuthzDecisionStatement"/> + <element ref="saml:AttributeStatement"/> + </choice> + </sequence> + <attribute name="Version" type="string" use="required"/> + <attribute name="ID" type="ID" use="required"/> + <attribute name="IssueInstant" type="dateTime" use="required"/> + </complexType> + <element name="Subject" type="saml:SubjectType"/> + <complexType name="SubjectType"> + <choice> + <sequence> + <choice> + <element ref="saml:BaseID"/> + <element ref="saml:NameID"/> + <element ref="saml:EncryptedID"/> + </choice> + <element ref="saml:SubjectConfirmation" minOccurs="0" maxOccurs="unbounded"/> + </sequence> + <element ref="saml:SubjectConfirmation" maxOccurs="unbounded"/> + </choice> + </complexType> + <element name="SubjectConfirmation" type="saml:SubjectConfirmationType"/> + <complexType name="SubjectConfirmationType"> + <sequence> + <choice minOccurs="0"> + <element ref="saml:BaseID"/> + <element ref="saml:NameID"/> + <element ref="saml:EncryptedID"/> + </choice> + <element ref="saml:SubjectConfirmationData" minOccurs="0"/> + </sequence> + <attribute name="Method" type="anyURI" use="required"/> + </complexType> + <element name="SubjectConfirmationData" type="saml:SubjectConfirmationDataType"/> + <complexType name="SubjectConfirmationDataType" mixed="true"> + <complexContent> + <restriction base="anyType"> + <sequence> + <any namespace="##any" processContents="lax" minOccurs="0" maxOccurs="unbounded"/> + </sequence> + <attribute name="NotBefore" type="dateTime" use="optional"/> + <attribute name="NotOnOrAfter" type="dateTime" use="optional"/> + <attribute name="Recipient" type="anyURI" use="optional"/> + <attribute name="InResponseTo" type="NCName" use="optional"/> + <attribute name="Address" type="string" use="optional"/> + <anyAttribute namespace="##other" processContents="lax"/> + </restriction> + </complexContent> + </complexType> + <complexType name="KeyInfoConfirmationDataType" mixed="false"> + <complexContent> + <restriction base="saml:SubjectConfirmationDataType"> + <sequence> + <element ref="ds:KeyInfo" maxOccurs="unbounded"/> + </sequence> + </restriction> + </complexContent> + </complexType> + <element name="Conditions" type="saml:ConditionsType"/> + <complexType name="ConditionsType"> + <choice minOccurs="0" maxOccurs="unbounded"> + <element ref="saml:Condition"/> + <element ref="saml:AudienceRestriction"/> + <element ref="saml:OneTimeUse"/> + <element ref="saml:ProxyRestriction"/> + </choice> + <attribute name="NotBefore" type="dateTime" use="optional"/> + <attribute name="NotOnOrAfter" type="dateTime" use="optional"/> + </complexType> + <element name="Condition" type="saml:ConditionAbstractType"/> + <complexType name="ConditionAbstractType" abstract="true"/> + <element name="AudienceRestriction" type="saml:AudienceRestrictionType"/> + <complexType name="AudienceRestrictionType"> + <complexContent> + <extension base="saml:ConditionAbstractType"> + <sequence> + <element ref="saml:Audience" maxOccurs="unbounded"/> + </sequence> + </extension> + </complexContent> + </complexType> + <element name="Audience" type="anyURI"/> + <element name="OneTimeUse" type="saml:OneTimeUseType" /> + <complexType name="OneTimeUseType"> + <complexContent> + <extension base="saml:ConditionAbstractType"/> + </complexContent> + </complexType> + <element name="ProxyRestriction" type="saml:ProxyRestrictionType"/> + <complexType name="ProxyRestrictionType"> + <complexContent> + <extension base="saml:ConditionAbstractType"> + <sequence> + <element ref="saml:Audience" minOccurs="0" maxOccurs="unbounded"/> + </sequence> + <attribute name="Count" type="nonNegativeInteger" use="optional"/> + </extension> + </complexContent> + </complexType> + <element name="Advice" type="saml:AdviceType"/> + <complexType name="AdviceType"> + <choice minOccurs="0" maxOccurs="unbounded"> + <element ref="saml:AssertionIDRef"/> + <element ref="saml:AssertionURIRef"/> + <element ref="saml:Assertion"/> + <element ref="saml:EncryptedAssertion"/> + <any namespace="##other" processContents="lax"/> + </choice> + </complexType> + <element name="EncryptedAssertion" type="saml:EncryptedElementType"/> + <element name="Statement" type="saml:StatementAbstractType"/> + <complexType name="StatementAbstractType" abstract="true"/> + <element name="AuthnStatement" type="saml:AuthnStatementType"/> + <complexType name="AuthnStatementType"> + <complexContent> + <extension base="saml:StatementAbstractType"> + <sequence> + <element ref="saml:SubjectLocality" minOccurs="0"/> + <element ref="saml:AuthnContext"/> + </sequence> + <attribute name="AuthnInstant" type="dateTime" use="required"/> + <attribute name="SessionIndex" type="string" use="optional"/> + <attribute name="SessionNotOnOrAfter" type="dateTime" use="optional"/> + </extension> + </complexContent> + </complexType> + <element name="SubjectLocality" type="saml:SubjectLocalityType"/> + <complexType name="SubjectLocalityType"> + <attribute name="Address" type="string" use="optional"/> + <attribute name="DNSName" type="string" use="optional"/> + </complexType> + <element name="AuthnContext" type="saml:AuthnContextType"/> + <complexType name="AuthnContextType"> + <sequence> + <choice> + <sequence> + <element ref="saml:AuthnContextClassRef"/> + <choice minOccurs="0"> + <element ref="saml:AuthnContextDecl"/> + <element ref="saml:AuthnContextDeclRef"/> + </choice> + </sequence> + <choice> + <element ref="saml:AuthnContextDecl"/> + <element ref="saml:AuthnContextDeclRef"/> + </choice> + </choice> + <element ref="saml:AuthenticatingAuthority" minOccurs="0" maxOccurs="unbounded"/> + </sequence> + </complexType> + <element name="AuthnContextClassRef" type="anyURI"/> + <element name="AuthnContextDeclRef" type="anyURI"/> + <element name="AuthnContextDecl" type="anyType"/> + <element name="AuthenticatingAuthority" type="anyURI"/> + <element name="AuthzDecisionStatement" type="saml:AuthzDecisionStatementType"/> + <complexType name="AuthzDecisionStatementType"> + <complexContent> + <extension base="saml:StatementAbstractType"> + <sequence> + <element ref="saml:Action" maxOccurs="unbounded"/> + <element ref="saml:Evidence" minOccurs="0"/> + </sequence> + <attribute name="Resource" type="anyURI" use="required"/> + <attribute name="Decision" type="saml:DecisionType" use="required"/> + </extension> + </complexContent> + </complexType> + <simpleType name="DecisionType"> + <restriction base="string"> + <enumeration value="Permit"/> + <enumeration value="Deny"/> + <enumeration value="Indeterminate"/> + </restriction> + </simpleType> + <element name="Action" type="saml:ActionType"/> + <complexType name="ActionType"> + <simpleContent> + <extension base="string"> + <attribute name="Namespace" type="anyURI" use="required"/> + </extension> + </simpleContent> + </complexType> + <element name="Evidence" type="saml:EvidenceType"/> + <complexType name="EvidenceType"> + <choice maxOccurs="unbounded"> + <element ref="saml:AssertionIDRef"/> + <element ref="saml:AssertionURIRef"/> + <element ref="saml:Assertion"/> + <element ref="saml:EncryptedAssertion"/> + </choice> + </complexType> + <element name="AttributeStatement" type="saml:AttributeStatementType"/> + <complexType name="AttributeStatementType"> + <complexContent> + <extension base="saml:StatementAbstractType"> + <choice maxOccurs="unbounded"> + <element ref="saml:Attribute"/> + <element ref="saml:EncryptedAttribute"/> + </choice> + </extension> + </complexContent> + </complexType> + <element name="Attribute" type="saml:AttributeType"/> + <complexType name="AttributeType"> + <sequence> + <element ref="saml:AttributeValue" minOccurs="0" maxOccurs="unbounded"/> + </sequence> + <attribute name="Name" type="string" use="required"/> + <attribute name="NameFormat" type="anyURI" use="optional"/> + <attribute name="FriendlyName" type="string" use="optional"/> + <anyAttribute namespace="##other" processContents="lax"/> + </complexType> + <element name="AttributeValue" type="anyType" nillable="true"/> + <element name="EncryptedAttribute" type="saml:EncryptedElementType"/> +</schema> Added: modules/security/trunk/impl/src/main/resources/schema/samlv2/saml-schema-metadata-2.0.xsd =================================================================== --- modules/security/trunk/impl/src/main/resources/schema/samlv2/saml-schema-metadata-2.0.xsd (rev 0) +++ modules/security/trunk/impl/src/main/resources/schema/samlv2/saml-schema-metadata-2.0.xsd 2010-08-06 14:08:04 UTC (rev 13562) @@ -0,0 +1,345 @@ +<?xml version="1.0" encoding="UTF-8"?> +<schema targetNamespace="urn:oasis:names:tc:SAML:2.0:metadata" + xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" + xmlns:xenc="http://www.w3.org/2001/04/xmlenc#" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" + xmlns="http://www.w3.org/2001/XMLSchema" elementFormDefault="unqualified" + attributeFormDefault="unqualified" blockDefault="substitution" version="2.0"> + <import namespace="http://www.w3.org/2000/09/xmldsig#" + schemaLocation="xmldsig-core-schema.xsd" /> + <import namespace="http://www.w3.org/2001/04/xmlenc#" + schemaLocation="xenc-schema.xsd" /> + <import namespace="urn:oasis:names:tc:SAML:2.0:assertion" + schemaLocation="saml-schema-assertion-2.0.xsd" /> + <import namespace="http://www.w3.org/XML/1998/namespace" + schemaLocation="http://www.w3.org/2001/xml.xsd" /> + <annotation> + <documentation> + Document identifier: saml-schema-metadata-2.0 + Location: http://docs.oasis-open.org/security/saml/v2.0/ + Revision history: + V2.0 (March, 2005): + Schema for SAML metadata, first published in SAML 2.0. + </documentation> + </annotation> + + <simpleType name="entityIDType"> + <restriction base="anyURI"> + <maxLength value="1024" /> + </restriction> + </simpleType> + <complexType name="localizedNameType"> + <simpleContent> + <extension base="string"> + <attribute ref="xml:lang" use="required" /> + </extension> + </simpleContent> + </complexType> + <complexType name="localizedURIType"> + <simpleContent> + <extension base="anyURI"> + <attribute ref="xml:lang" use="required" /> + </extension> + </simpleContent> + </complexType> + + <element name="Extensions" type="md:ExtensionsType" /> + <complexType final="#all" name="ExtensionsType"> + <sequence> + <any namespace="##other" processContents="lax" maxOccurs="unbounded" /> + </sequence> + </complexType> + + <complexType name="EndpointType"> + <sequence> + <any namespace="##other" processContents="lax" minOccurs="0" + maxOccurs="unbounded" /> + </sequence> + <attribute name="Binding" type="anyURI" use="required" /> + <attribute name="Location" type="anyURI" use="required" /> + <attribute name="ResponseLocation" type="anyURI" use="optional" /> + <anyAttribute namespace="##other" processContents="lax" /> + </complexType> + + <complexType name="IndexedEndpointType"> + <complexContent> + <extension base="md:EndpointType"> + <attribute name="index" type="unsignedShort" use="required" /> + <attribute name="isDefault" type="boolean" use="optional" /> + </extension> + </complexContent> + </complexType> + + <element name="EntitiesDescriptor" type="md:EntitiesDescriptorType" /> + <complexType name="EntitiesDescriptorType"> + <sequence> + <element ref="ds:Signature" minOccurs="0" /> + <element ref="md:Extensions" minOccurs="0" /> + <choice minOccurs="1" maxOccurs="unbounded"> + <element ref="md:EntityDescriptor" /> + <element ref="md:EntitiesDescriptor" /> + </choice> + </sequence> + <attribute name="validUntil" type="dateTime" use="optional" /> + <attribute name="cacheDuration" type="duration" use="optional" /> + <attribute name="ID" type="ID" use="optional" /> + <attribute name="Name" type="string" use="optional" /> + </complexType> + + <element name="EntityDescriptor" type="md:EntityDescriptorType" /> + <complexType name="EntityDescriptorType"> + <sequence> + <element ref="ds:Signature" minOccurs="0" /> + <element ref="md:Extensions" minOccurs="0" /> + <choice> + <choice maxOccurs="unbounded"> + <element ref="md:RoleDescriptor" /> + <element ref="md:IDPSSODescriptor" /> + <element ref="md:SPSSODescriptor" /> + <element ref="md:AuthnAuthorityDescriptor" /> + <element ref="md:AttributeAuthorityDescriptor" /> + <element ref="md:PDPDescriptor" /> + </choice> + <element ref="md:AffiliationDescriptor" /> + </choice> + <element ref="md:Organization" minOccurs="0" /> + <element ref="md:ContactPerson" minOccurs="0" maxOccurs="unbounded" /> + <element ref="md:AdditionalMetadataLocation" minOccurs="0" + maxOccurs="unbounded" /> + </sequence> + <attribute name="entityID" type="md:entityIDType" use="required" /> + <attribute name="validUntil" type="dateTime" use="optional" /> + <attribute name="cacheDuration" type="duration" use="optional" /> + <attribute name="ID" type="ID" use="optional" /> + <anyAttribute namespace="##other" processContents="lax" /> + </complexType> + + <element name="Organization" type="md:OrganizationType" /> + <complexType name="OrganizationType"> + <sequence> + <element ref="md:Extensions" minOccurs="0" /> + <element ref="md:OrganizationName" maxOccurs="unbounded" /> + <element ref="md:OrganizationDisplayName" maxOccurs="unbounded" /> + <element ref="md:OrganizationURL" maxOccurs="unbounded" /> + </sequence> + <anyAttribute namespace="##other" processContents="lax" /> + </complexType> + <element name="OrganizationName" type="md:localizedNameType" /> + <element name="OrganizationDisplayName" type="md:localizedNameType" /> + <element name="OrganizationURL" type="md:localizedURIType" /> + <element name="ContactPerson" type="md:ContactType" /> + <complexType name="ContactType"> + <sequence> + <element ref="md:Extensions" minOccurs="0" /> + <element ref="md:Company" minOccurs="0" /> + <element ref="md:GivenName" minOccurs="0" /> + <element ref="md:SurName" minOccurs="0" /> + <element ref="md:EmailAddress" minOccurs="0" maxOccurs="unbounded" /> + <element ref="md:TelephoneNumber" minOccurs="0" maxOccurs="unbounded" /> + </sequence> + <attribute name="contactType" type="md:ContactTypeType" use="required" /> + <anyAttribute namespace="##other" processContents="lax" /> + </complexType> + <element name="Company" type="string" /> + <element name="GivenName" type="string" /> + <element name="SurName" type="string" /> + <element name="EmailAddress" type="anyURI" /> + <element name="TelephoneNumber" type="string" /> + <simpleType name="ContactTypeType"> + <restriction base="string"> + <enumeration value="technical" /> + <enumeration value="support" /> + <enumeration value="administrative" /> + <enumeration value="billing" /> + <enumeration value="other" /> + </restriction> + </simpleType> + + <element name="AdditionalMetadataLocation" type="md:AdditionalMetadataLocationType" /> + <complexType name="AdditionalMetadataLocationType"> + <simpleContent> + <extension base="anyURI"> + <attribute name="namespace" type="anyURI" use="required" /> + </extension> + </simpleContent> + </complexType> + + <element name="RoleDescriptor" type="md:RoleDescriptorType" /> + <complexType name="RoleDescriptorType" abstract="true"> + <sequence> + <element ref="ds:Signature" minOccurs="0" /> + <element ref="md:Extensions" minOccurs="0" /> + <element ref="md:KeyDescriptor" minOccurs="0" maxOccurs="unbounded" /> + <element ref="md:Organization" minOccurs="0" /> + <element ref="md:ContactPerson" minOccurs="0" maxOccurs="unbounded" /> + </sequence> + <attribute name="ID" type="ID" use="optional" /> + <attribute name="validUntil" type="dateTime" use="optional" /> + <attribute name="cacheDuration" type="duration" use="optional" /> + <attribute name="protocolSupportEnumeration" type="md:anyURIListType" + use="required" /> + <attribute name="errorURL" type="anyURI" use="optional" /> + <anyAttribute namespace="##other" processContents="lax" /> + </complexType> + <simpleType name="anyURIListType"> + <list itemType="anyURI" /> + </simpleType> + + <element name="KeyDescriptor" type="md:KeyDescriptorType" /> + <complexType name="KeyDescriptorType"> + <sequence> + <element ref="ds:KeyInfo" /> + <element ref="md:EncryptionMethod" minOccurs="0" maxOccurs="unbounded" /> + </sequence> + <attribute name="use" type="md:KeyTypes" use="optional" /> + </complexType> + <simpleType name="KeyTypes"> + <restriction base="string"> + <enumeration value="encryption" /> + <enumeration value="signing" /> + </restriction> + </simpleType> + <element name="EncryptionMethod" type="xenc:EncryptionMethodType" /> + + <complexType name="SSODescriptorType" abstract="true"> + <complexContent> + <extension base="md:RoleDescriptorType"> + <sequence> + <element ref="md:ArtifactResolutionService" minOccurs="0" + maxOccurs="unbounded" /> + <element ref="md:SingleLogoutService" minOccurs="0" + maxOccurs="unbounded" /> + <element ref="md:ManageNameIDService" minOccurs="0" + maxOccurs="unbounded" /> + <element ref="md:NameIDFormat" minOccurs="0" maxOccurs="unbounded" /> + </sequence> + </extension> + </complexContent> + </complexType> + <element name="ArtifactResolutionService" type="md:IndexedEndpointType" /> + <element name="SingleLogoutService" type="md:EndpointType" /> + <element name="ManageNameIDService" type="md:EndpointType" /> + <element name="NameIDFormat" type="anyURI" /> + + <element name="IDPSSODescriptor" type="md:IDPSSODescriptorType" /> + <complexType name="IDPSSODescriptorType"> + <complexContent> + <extension base="md:SSODescriptorType"> + <sequence> + <element ref="md:SingleSignOnService" maxOccurs="unbounded" /> + <element ref="md:NameIDMappingService" minOccurs="0" + maxOccurs="unbounded" /> + <element ref="md:AssertionIDRequestService" minOccurs="0" + maxOccurs="unbounded" /> + <element ref="md:AttributeProfile" minOccurs="0" maxOccurs="unbounded" /> + <element ref="saml:Attribute" minOccurs="0" maxOccurs="unbounded" /> + </sequence> + <attribute name="WantAuthnRequestsSigned" type="boolean" + use="optional" /> + </extension> + </complexContent> + </complexType> + <element name="SingleSignOnService" type="md:EndpointType" /> + <element name="NameIDMappingService" type="md:EndpointType" /> + <element name="AssertionIDRequestService" type="md:EndpointType" /> + <element name="AttributeProfile" type="anyURI" /> + + <element name="SPSSODescriptor" type="md:SPSSODescriptorType" /> + <complexType name="SPSSODescriptorType"> + <complexContent> + <extension base="md:SSODescriptorType"> + <sequence> + <element ref="md:AssertionConsumerService" maxOccurs="unbounded" /> + <element ref="md:AttributeConsumingService" minOccurs="0" + maxOccurs="unbounded" /> + </sequence> + <attribute name="AuthnRequestsSigned" type="boolean" use="optional" /> + <attribute name="WantAssertionsSigned" type="boolean" use="optional" /> + </extension> + </complexContent> + </complexType> + <element name="AssertionConsumerService" type="md:IndexedEndpointType" /> + <element name="AttributeConsumingService" type="md:AttributeConsumingServiceType" /> + <complexType name="AttributeConsumingServiceType"> + <sequence> + <element ref="md:ServiceName" maxOccurs="unbounded" /> + <element ref="md:ServiceDescription" minOccurs="0" maxOccurs="unbounded" /> + <element ref="md:RequestedAttribute" maxOccurs="unbounded" /> + </sequence> + <attribute name="index" type="unsignedShort" use="required" /> + <attribute name="isDefault" type="boolean" use="optional" /> + </complexType> + <element name="ServiceName" type="md:localizedNameType" /> + <element name="ServiceDescription" type="md:localizedNameType" /> + <element name="RequestedAttribute" type="md:RequestedAttributeType" /> + <complexType name="RequestedAttributeType"> + <complexContent> + <extension base="saml:AttributeType"> + <attribute name="isRequired" type="boolean" use="optional" /> + </extension> + </complexContent> + </complexType> + + <element name="AuthnAuthorityDescriptor" type="md:AuthnAuthorityDescriptorType" /> + <complexType name="AuthnAuthorityDescriptorType"> + <complexContent> + <extension base="md:RoleDescriptorType"> + <sequence> + <element ref="md:AuthnQueryService" maxOccurs="unbounded" /> + <element ref="md:AssertionIDRequestService" minOccurs="0" + maxOccurs="unbounded" /> + <element ref="md:NameIDFormat" minOccurs="0" maxOccurs="unbounded" /> + </sequence> + </extension> + </complexContent> + </complexType> + <element name="AuthnQueryService" type="md:EndpointType" /> + + <element name="PDPDescriptor" type="md:PDPDescriptorType" /> + <complexType name="PDPDescriptorType"> + <complexContent> + <extension base="md:RoleDescriptorType"> + <sequence> + <element ref="md:AuthzService" maxOccurs="unbounded" /> + <element ref="md:AssertionIDRequestService" minOccurs="0" + maxOccurs="unbounded" /> + <element ref="md:NameIDFormat" minOccurs="0" maxOccurs="unbounded" /> + </sequence> + </extension> + </complexContent> + </complexType> + <element name="AuthzService" type="md:EndpointType" /> + + <element name="AttributeAuthorityDescriptor" type="md:AttributeAuthorityDescriptorType" /> + <complexType name="AttributeAuthorityDescriptorType"> + <complexContent> + <extension base="md:RoleDescriptorType"> + <sequence> + <element ref="md:AttributeService" maxOccurs="unbounded" /> + <element ref="md:AssertionIDRequestService" minOccurs="0" + maxOccurs="unbounded" /> + <element ref="md:NameIDFormat" minOccurs="0" maxOccurs="unbounded" /> + <element ref="md:AttributeProfile" minOccurs="0" maxOccurs="unbounded" /> + <element ref="saml:Attribute" minOccurs="0" maxOccurs="unbounded" /> + </sequence> + </extension> + </complexContent> + </complexType> + <element name="AttributeService" type="md:EndpointType" /> + + <element name="AffiliationDescriptor" type="md:AffiliationDescriptorType" /> + <complexType name="AffiliationDescriptorType"> + <sequence> + <element ref="ds:Signature" minOccurs="0" /> + <element ref="md:Extensions" minOccurs="0" /> + <element ref="md:AffiliateMember" maxOccurs="unbounded" /> + <element ref="md:KeyDescriptor" minOccurs="0" maxOccurs="unbounded" /> + </sequence> + <attribute name="affiliationOwnerID" type="md:entityIDType" + use="required" /> + <attribute name="validUntil" type="dateTime" use="optional" /> + <attribute name="cacheDuration" type="duration" use="optional" /> + <attribute name="ID" type="ID" use="optional" /> + <anyAttribute namespace="##other" processContents="lax" /> + </complexType> + <element name="AffiliateMember" type="md:entityIDType" /> +</schema> Added: modules/security/trunk/impl/src/main/resources/schema/samlv2/saml-schema-protocol-2.0.xsd =================================================================== --- modules/security/trunk/impl/src/main/resources/schema/samlv2/saml-schema-protocol-2.0.xsd (rev 0) +++ modules/security/trunk/impl/src/main/resources/schema/samlv2/saml-schema-protocol-2.0.xsd 2010-08-06 14:08:04 UTC (rev 13562) @@ -0,0 +1,302 @@ +<?xml version="1.0" encoding="UTF-8"?> +<schema + targetNamespace="urn:oasis:names:tc:SAML:2.0:protocol" + xmlns="http://www.w3.org/2001/XMLSchema" + xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" + xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" + xmlns:ds="http://www.w3.org/2000/09/xmldsig#" + elementFormDefault="unqualified" + attributeFormDefault="unqualified" + blockDefault="substitution" + version="2.0"> + <import namespace="urn:oasis:names:tc:SAML:2.0:assertion" + schemaLocation="saml-schema-assertion-2.0.xsd"/> + <import namespace="http://www.w3.org/2000/09/xmldsig#" + schemaLocation="xmldsig-core-schema.xsd"/> + <annotation> + <documentation> + Document identifier: saml-schema-protocol-2.0 + Location: http://docs.oasis-open.org/security/saml/v2.0/ + Revision history: + V1.0 (November, 2002): + Initial Standard Schema. + V1.1 (September, 2003): + Updates within the same V1.0 namespace. + V2.0 (March, 2005): + New protocol schema based in a SAML V2.0 namespace. + </documentation> + </annotation> + <complexType name="RequestAbstractType" abstract="true"> + <sequence> + <element ref="saml:Issuer" minOccurs="0"/> + <element ref="ds:Signature" minOccurs="0"/> + <element ref="samlp:Extensions" minOccurs="0"/> + </sequence> + <attribute name="ID" type="ID" use="required"/> + <attribute name="Version" type="string" use="required"/> + <attribute name="IssueInstant" type="dateTime" use="required"/> + <attribute name="Destination" type="anyURI" use="optional"/> + <attribute name="Consent" type="anyURI" use="optional"/> + </complexType> + <element name="Extensions" type="samlp:ExtensionsType"/> + <complexType name="ExtensionsType"> + <sequence> + <any namespace="##other" processContents="lax" maxOccurs="unbounded"/> + </sequence> + </complexType> + <complexType name="StatusResponseType"> + <sequence> + <element ref="saml:Issuer" minOccurs="0"/> + <element ref="ds:Signature" minOccurs="0"/> + <element ref="samlp:Extensions" minOccurs="0"/> + <element ref="samlp:Status"/> + </sequence> + <attribute name="ID" type="ID" use="required"/> + <attribute name="InResponseTo" type="NCName" use="optional"/> + <attribute name="Version" type="string" use="required"/> + <attribute name="IssueInstant" type="dateTime" use="required"/> + <attribute name="Destination" type="anyURI" use="optional"/> + <attribute name="Consent" type="anyURI" use="optional"/> + </complexType> + <element name="Status" type="samlp:StatusType"/> + <complexType name="StatusType"> + <sequence> + <element ref="samlp:StatusCode"/> + <element ref="samlp:StatusMessage" minOccurs="0"/> + <element ref="samlp:StatusDetail" minOccurs="0"/> + </sequence> + </complexType> + <element name="StatusCode" type="samlp:StatusCodeType"/> + <complexType name="StatusCodeType"> + <sequence> + <element ref="samlp:StatusCode" minOccurs="0"/> + </sequence> + <attribute name="Value" type="anyURI" use="required"/> + </complexType> + <element name="StatusMessage" type="string"/> + <element name="StatusDetail" type="samlp:StatusDetailType"/> + <complexType name="StatusDetailType"> + <sequence> + <any namespace="##any" processContents="lax" minOccurs="0" maxOccurs="unbounded"/> + </sequence> + </complexType> + <element name="AssertionIDRequest" type="samlp:AssertionIDRequestType"/> + <complexType name="AssertionIDRequestType"> + <complexContent> + <extension base="samlp:RequestAbstractType"> + <sequence> + <element ref="saml:AssertionIDRef" maxOccurs="unbounded"/> + </sequence> + </extension> + </complexContent> + </complexType> + <element name="SubjectQuery" type="samlp:SubjectQueryAbstractType"/> + <complexType name="SubjectQueryAbstractType" abstract="true"> + <complexContent> + <extension base="samlp:RequestAbstractType"> + <sequence> + <element ref="saml:Subject"/> + </sequence> + </extension> + </complexContent> + </complexType> + <element name="AuthnQuery" type="samlp:AuthnQueryType"/> + <complexType name="AuthnQueryType"> + <complexContent> + <extension base="samlp:SubjectQueryAbstractType"> + <sequence> + <element ref="samlp:RequestedAuthnContext" minOccurs="0"/> + </sequence> + <attribute name="SessionIndex" type="string" use="optional"/> + </extension> + </complexContent> + </complexType> + <element name="RequestedAuthnContext" type="samlp:RequestedAuthnContextType"/> + <complexType name="RequestedAuthnContextType"> + <choice> + <element ref="saml:AuthnContextClassRef" maxOccurs="unbounded"/> + <element ref="saml:AuthnContextDeclRef" maxOccurs="unbounded"/> + </choice> + <attribute name="Comparison" type="samlp:AuthnContextComparisonType" use="optional"/> + </complexType> + <simpleType name="AuthnContextComparisonType"> + <restriction base="string"> + <enumeration value="exact"/> + <enumeration value="minimum"/> + <enumeration value="maximum"/> + <enumeration value="better"/> + </restriction> + </simpleType> + <element name="AttributeQuery" type="samlp:AttributeQueryType"/> + <complexType name="AttributeQueryType"> + <complexContent> + <extension base="samlp:SubjectQueryAbstractType"> + <sequence> + <element ref="saml:Attribute" minOccurs="0" maxOccurs="unbounded"/> + </sequence> + </extension> + </complexContent> + </complexType> + <element name="AuthzDecisionQuery" type="samlp:AuthzDecisionQueryType"/> + <complexType name="AuthzDecisionQueryType"> + <complexContent> + <extension base="samlp:SubjectQueryAbstractType"> + <sequence> + <element ref="saml:Action" maxOccurs="unbounded"/> + <element ref="saml:Evidence" minOccurs="0"/> + </sequence> + <attribute name="Resource" type="anyURI" use="required"/> + </extension> + </complexContent> + </complexType> + <element name="AuthnRequest" type="samlp:AuthnRequestType"/> + <complexType name="AuthnRequestType"> + <complexContent> + <extension base="samlp:RequestAbstractType"> + <sequence> + <element ref="saml:Subject" minOccurs="0"/> + <element ref="samlp:NameIDPolicy" minOccurs="0"/> + <element ref="saml:Conditions" minOccurs="0"/> + <element ref="samlp:RequestedAuthnContext" minOccurs="0"/> + <element ref="samlp:Scoping" minOccurs="0"/> + </sequence> + <attribute name="ForceAuthn" type="boolean" use="optional"/> + <attribute name="IsPassive" type="boolean" use="optional"/> + <attribute name="ProtocolBinding" type="anyURI" use="optional"/> + <attribute name="AssertionConsumerServiceIndex" type="unsignedShort" use="optional"/> + <attribute name="AssertionConsumerServiceURL" type="anyURI" use="optional"/> + <attribute name="AttributeConsumingServiceIndex" type="unsignedShort" use="optional"/> + <attribute name="ProviderName" type="string" use="optional"/> + </extension> + </complexContent> + </complexType> + <element name="NameIDPolicy" type="samlp:NameIDPolicyType"/> + <complexType name="NameIDPolicyType"> + <attribute name="Format" type="anyURI" use="optional"/> + <attribute name="SPNameQualifier" type="string" use="optional"/> + <attribute name="AllowCreate" type="boolean" use="optional"/> + </complexType> + <element name="Scoping" type="samlp:ScopingType"/> + <complexType name="ScopingType"> + <sequence> + <element ref="samlp:IDPList" minOccurs="0"/> + <element ref="samlp:RequesterID" minOccurs="0" maxOccurs="unbounded"/> + </sequence> + <attribute name="ProxyCount" type="nonNegativeInteger" use="optional"/> + </complexType> + <element name="RequesterID" type="anyURI"/> + <element name="IDPList" type="samlp:IDPListType"/> + <complexType name="IDPListType"> + <sequence> + <element ref="samlp:IDPEntry" maxOccurs="unbounded"/> + <element ref="samlp:GetComplete" minOccurs="0"/> + </sequence> + </complexType> + <element name="IDPEntry" type="samlp:IDPEntryType"/> + <complexType name="IDPEntryType"> + <attribute name="ProviderID" type="anyURI" use="required"/> + <attribute name="Name" type="string" use="optional"/> + <attribute name="Loc" type="anyURI" use="optional"/> + </complexType> + <element name="GetComplete" type="anyURI"/> + <element name="Response" type="samlp:ResponseType"/> + <complexType name="ResponseType"> + <complexContent> + <extension base="samlp:StatusResponseType"> + <choice minOccurs="0" maxOccurs="unbounded"> + <element ref="saml:Assertion"/> + <element ref="saml:EncryptedAssertion"/> + </choice> + </extension> + </complexContent> + </complexType> + <element name="ArtifactResolve" type="samlp:ArtifactResolveType"/> + <complexType name="ArtifactResolveType"> + <complexContent> + <extension base="samlp:RequestAbstractType"> + <sequence> + <element ref="samlp:Artifact"/> + </sequence> + </extension> + </complexContent> + </complexType> + <element name="Artifact" type="string"/> + <element name="ArtifactResponse" type="samlp:ArtifactResponseType"/> + <complexType name="ArtifactResponseType"> + <complexContent> + <extension base="samlp:StatusResponseType"> + <sequence> + <any namespace="##any" processContents="lax" minOccurs="0"/> + </sequence> + </extension> + </complexContent> + </complexType> + <element name="ManageNameIDRequest" type="samlp:ManageNameIDRequestType"/> + <complexType name="ManageNameIDRequestType"> + <complexContent> + <extension base="samlp:RequestAbstractType"> + <sequence> + <choice> + <element ref="saml:NameID"/> + <element ref="saml:EncryptedID"/> + </choice> + <choice> + <element ref="samlp:NewID"/> + <element ref="samlp:NewEncryptedID"/> + <element ref="samlp:Terminate"/> + </choice> + </sequence> + </extension> + </complexContent> + </complexType> + <element name="NewID" type="string"/> + <element name="NewEncryptedID" type="saml:EncryptedElementType"/> + <element name="Terminate" type="samlp:TerminateType"/> + <complexType name="TerminateType"/> + <element name="ManageNameIDResponse" type="samlp:StatusResponseType"/> + <element name="LogoutRequest" type="samlp:LogoutRequestType"/> + <complexType name="LogoutRequestType"> + <complexContent> + <extension base="samlp:RequestAbstractType"> + <sequence> + <choice> + <element ref="saml:BaseID"/> + <element ref="saml:NameID"/> + <element ref="saml:EncryptedID"/> + </choice> + <element ref="samlp:SessionIndex" minOccurs="0" maxOccurs="unbounded"/> + </sequence> + <attribute name="Reason" type="string" use="optional"/> + <attribute name="NotOnOrAfter" type="dateTime" use="optional"/> + </extension> + </complexContent> + </complexType> + <element name="SessionIndex" type="string"/> + <element name="LogoutResponse" type="samlp:StatusResponseType"/> + <element name="NameIDMappingRequest" type="samlp:NameIDMappingRequestType"/> + <complexType name="NameIDMappingRequestType"> + <complexContent> + <extension base="samlp:RequestAbstractType"> + <sequence> + <choice> + <element ref="saml:BaseID"/> + <element ref="saml:NameID"/> + <element ref="saml:EncryptedID"/> + </choice> + <element ref="samlp:NameIDPolicy"/> + </sequence> + </extension> + </complexContent> + </complexType> + <element name="NameIDMappingResponse" type="samlp:NameIDMappingResponseType"/> + <complexType name="NameIDMappingResponseType"> + <complexContent> + <extension base="samlp:StatusResponseType"> + <choice> + <element ref="saml:NameID"/> + <element ref="saml:EncryptedID"/> + </choice> + </extension> + </complexContent> + </complexType> +</schema> Added: modules/security/trunk/impl/src/main/resources/schema/samlv2/xenc-schema.xsd =================================================================== --- modules/security/trunk/impl/src/main/resources/schema/samlv2/xenc-schema.xsd (rev 0) +++ modules/security/trunk/impl/src/main/resources/schema/samlv2/xenc-schema.xsd 2010-08-06 14:08:04 UTC (rev 13562) @@ -0,0 +1,135 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE schema PUBLIC "-//W3C//DTD XMLSchema 200102//EN" "http://www.w3.org/2001/XMLSchema.dtd" [ + <!ATTLIST schema + xmlns:xenc CDATA #FIXED 'http://www.w3.org/2001/04/xmlenc#' + xmlns:ds CDATA #FIXED 'http://www.w3.org/2000/09/xmldsig#'> + <!ENTITY xenc 'http://www.w3.org/2001/04/xmlenc#'> + <!ENTITY % p ''> + <!ENTITY % s ''> + ]> +<schema xmlns="http://www.w3.org/2001/XMLSchema" version="1.0" xmlns:xenc="http://www.w3.org/2001/04/xmlenc#" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" targetNamespace="http://www.w3.org/2001/04/xmlenc#" elementFormDefault="qualified"> + + <import namespace="http://www.w3.org/2000/09/xmldsig#" schemaLocation="xmldsig-core-schema.xsd"/> + + <complexType name="EncryptedType" abstract="true"> + <sequence> + <element name="EncryptionMethod" type="xenc:EncryptionMethodType" minOccurs="0"/> + <element ref="ds:KeyInfo" minOccurs="0"/> + <element ref="xenc:CipherData"/> + <element ref="xenc:EncryptionProperties" minOccurs="0"/> + </sequence> + <attribute name="Id" type="ID" use="optional"/> + <attribute name="Type" type="anyURI" use="optional"/> + <attribute name="MimeType" type="string" use="optional"/> + <attribute name="Encoding" type="anyURI" use="optional"/> + </complexType> + + <complexType name="EncryptionMethodType" mixed="true"> + <sequence> + <element name="KeySize" minOccurs="0" type="xenc:KeySizeType"/> + <element name="OAEPparams" minOccurs="0" type="base64Binary"/> + <any namespace="##other" minOccurs="0" maxOccurs="unbounded"/> + </sequence> + <attribute name="Algorithm" type="anyURI" use="required"/> + </complexType> + + <simpleType name="KeySizeType"> + <restriction base="integer"/> + </simpleType> + + <element name="CipherData" type="xenc:CipherDataType"/> + <complexType name="CipherDataType"> + <choice> + <element name="CipherValue" type="base64Binary"/> + <element ref="xenc:CipherReference"/> + </choice> + </complexType> + + <element name="CipherReference" type="xenc:CipherReferenceType"/> + <complexType name="CipherReferenceType"> + <choice> + <element name="Transforms" type="xenc:TransformsType" minOccurs="0"/> + </choice> + <attribute name="URI" type="anyURI" use="required"/> + </complexType> + + <complexType name="TransformsType"> + <sequence> + <element ref="ds:Transform" maxOccurs="unbounded"/> + </sequence> + </complexType> + + + <element name="EncryptedData" type="xenc:EncryptedDataType"/> + <complexType name="EncryptedDataType"> + <complexContent> + <extension base="xenc:EncryptedType"> + </extension> + </complexContent> + </complexType> + +  + + <element name="EncryptedKey" type="xenc:EncryptedKeyType"/> + <complexType name="EncryptedKeyType"> + <complexContent> + <extension base="xenc:EncryptedType"> + <sequence> + <element ref="xenc:ReferenceList" minOccurs="0"/> + <element name="CarriedKeyName" type="string" minOccurs="0"/> + </sequence> + <attribute name="Recipient" type="string" use="optional"/> + </extension> + </complexContent> + </complexType> + + <element name="AgreementMethod" type="xenc:AgreementMethodType"/> + <complexType name="AgreementMethodType" mixed="true"> + <sequence> + <element name="KA-Nonce" minOccurs="0" type="base64Binary"/> +  + <any namespace="##other" minOccurs="0" maxOccurs="unbounded"/> + <element name="OriginatorKeyInfo" minOccurs="0" type="ds:KeyInfoType"/> + <element name="RecipientKeyInfo" minOccurs="0" type="ds:KeyInfoType"/> + </sequence> + <attribute name="Algorithm" type="anyURI" use="required"/> + </complexType> + +  + + <element name="ReferenceList"> + <complexType> + <choice minOccurs="1" maxOccurs="unbounded"> + <element name="DataReference" type="xenc:ReferenceType"/> + <element name="KeyReference" type="xenc:ReferenceType"/> + </choice> + </complexType> + </element> + + <complexType name="ReferenceType"> + <sequence> + <any namespace="##other" minOccurs="0" maxOccurs="unbounded"/> + </sequence> + <attribute name="URI" type="anyURI" use="required"/> + </complexType> + + + <element name="EncryptionProperties" type="xenc:EncryptionPropertiesType"/> + <complexType name="EncryptionPropertiesType"> + <sequence> + <element ref="xenc:EncryptionProperty" maxOccurs="unbounded"/> + </sequence> + <attribute name="Id" type="ID" use="optional"/> + </complexType> + + <element name="EncryptionProperty" type="xenc:EncryptionPropertyType"/> + <complexType name="EncryptionPropertyType" mixed="true"> + <choice maxOccurs="unbounded"> + <any namespace="##other" processContents="lax"/> + </choice> + <attribute name="Target" type="anyURI" use="optional"/> + <attribute name="Id" type="ID" use="optional"/> + <anyAttribute namespace="http://www.w3.org/XML/1998/namespace"/> + </complexType> + +</schema> \ No newline at end of file Added: modules/security/trunk/impl/src/main/resources/schema/samlv2/xmldsig-core-schema.xsd =================================================================== --- modules/security/trunk/impl/src/main/resources/schema/samlv2/xmldsig-core-schema.xsd (rev 0) +++ modules/security/trunk/impl/src/main/resources/schema/samlv2/xmldsig-core-schema.xsd 2010-08-06 14:08:04 UTC (rev 13562) @@ -0,0 +1,308 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE schema PUBLIC "-//W3C//DTD XMLSchema 200102//EN" "http://www.w3.org/2001/XMLSchema.dtd" [ + <!ATTLIST schema + xmlns:ds CDATA #FIXED "http://www.w3.org/2000/09/xmldsig#"> + <!ENTITY dsig 'http://www.w3.org/2000/09/xmldsig#'> + <!ENTITY % p ''> + <!ENTITY % s ''> + ]> + +<schema xmlns="http://www.w3.org/2001/XMLSchema" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" targetNamespace="http://www.w3.org/2000/09/xmldsig#" version="0.1" elementFormDefault="qualified"> + + + +<simpleType name="CryptoBinary"> + <restriction base="base64Binary"> + </restriction> +</simpleType> + + + +<element name="Signature" type="ds:SignatureType"/> +<complexType name="SignatureType"> + <sequence> + <element ref="ds:SignedInfo"/> + <element ref="ds:SignatureValue"/> + <element ref="ds:KeyInfo" minOccurs="0"/> + <element ref="ds:Object" minOccurs="0" maxOccurs="unbounded"/> + </sequence> + <attribute name="Id" type="ID" use="optional"/> +</complexType> + + <element name="SignatureValue" type="ds:SignatureValueType"/> + <complexType name="SignatureValueType"> + <simpleContent> + <extension base="base64Binary"> + <attribute name="Id" type="ID" use="optional"/> + </extension> + </simpleContent> + </complexType> + + + +<element name="SignedInfo" type="ds:SignedInfoType"/> +<complexType name="SignedInfoType"> + <sequence> + <element ref="ds:CanonicalizationMethod"/> + <element ref="ds:SignatureMethod"/> + <element ref="ds:Reference" maxOccurs="unbounded"/> + </sequence> + <attribute name="Id" type="ID" use="optional"/> +</complexType> + + <element name="CanonicalizationMethod" type="ds:CanonicalizationMethodType"/> + <complexType name="CanonicalizationMethodType" mixed="true"> + <sequence> + <any namespace="##any" minOccurs="0" maxOccurs="unbounded"/> +  + </sequence> + <attribute name="Algorithm" type="anyURI" use="required"/> + </complexType> + + <element name="SignatureMethod" type="ds:SignatureMethodType"/> + <complexType name="SignatureMethodType" mixed="true"> + <sequence> + <element name="HMACOutputLength" minOccurs="0" type="ds:HMACOutputLengthType"/> + <any namespace="##other" minOccurs="0" maxOccurs="unbounded"/> +  + </sequence> + <attribute name="Algorithm" type="anyURI" use="required"/> + </complexType> + + + +<element name="Reference" type="ds:ReferenceType"/> +<complexType name="ReferenceType"> + <sequence> + <element ref="ds:Transforms" minOccurs="0"/> + <element ref="ds:DigestMethod"/> + <element ref="ds:DigestValue"/> + </sequence> + <attribute name="Id" type="ID" use="optional"/> + <attribute name="URI" type="anyURI" use="optional"/> + <attribute name="Type" type="anyURI" use="optional"/> +</complexType> + + <element name="Transforms" type="ds:TransformsType"/> + <complexType name="TransformsType"> + <sequence> + <element ref="ds:Transform" maxOccurs="unbounded"/> + </sequence> + </complexType> + + <element name="Transform" type="ds:TransformType"/> + <complexType name="TransformType" mixed="true"> + <choice minOccurs="0" maxOccurs="unbounded"> + <any namespace="##other" processContents="lax"/> +  + <element name="XPath" type="string"/> + </choice> + <attribute name="Algorithm" type="anyURI" use="required"/> + </complexType> + + + +<element name="DigestMethod" type="ds:DigestMethodType"/> +<complexType name="DigestMethodType" mixed="true"> + <sequence> + <any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded"/> + </sequence> + <attribute name="Algorithm" type="anyURI" use="required"/> +</complexType> + +<element name="DigestValue" type="ds:DigestValueType"/> +<simpleType name="DigestValueType"> + <restriction base="base64Binary"/> +</simpleType> + + + + + +<element name="KeyInfo" type="ds:KeyInfoType"/> +<complexType name="KeyInfoType" mixed="true"> + <choice maxOccurs="unbounded"> + <element ref="ds:KeyName"/> + <element ref="ds:KeyValue"/> + <element ref="ds:RetrievalMethod"/> + <element ref="ds:X509Data"/> + <element ref="ds:PGPData"/> + <element ref="ds:SPKIData"/> + <element ref="ds:MgmtData"/> + <any processContents="lax" namespace="##other"/> +  + </choice> + <attribute name="Id" type="ID" use="optional"/> +</complexType> + + <element name="KeyName" type="string"/> + <element name="MgmtData" type="string"/> + + <element name="KeyValue" type="ds:KeyValueType"/> + <complexType name="KeyValueType" mixed="true"> + <choice> + <element ref="ds:DSAKeyValue"/> + <element ref="ds:RSAKeyValue"/> + <any namespace="##other" processContents="lax"/> + </choice> + </complexType> + + <element name="RetrievalMethod" type="ds:RetrievalMethodType"/> + <complexType name="RetrievalMethodType"> + <sequence> + <element ref="ds:Transforms" minOccurs="0"/> + </sequence> + <attribute name="URI" type="anyURI"/> + <attribute name="Type" type="anyURI" use="optional"/> + </complexType> + + + +<element name="X509Data" type="ds:X509DataType"/> +<complexType name="X509DataType"> + <sequence maxOccurs="unbounded"> + <choice> + <element name="X509IssuerSerial" type="ds:X509IssuerSerialType"/> + <element name="X509SKI" type="base64Binary"/> + <element name="X509SubjectName" type="string"/> + <element name="X509Certificate" type="base64Binary"/> + <element name="X509CRL" type="base64Binary"/> + <any namespace="##other" processContents="lax"/> + </choice> + </sequence> +</complexType> + +<complexType name="X509IssuerSerialType"> + <sequence> + <element name="X509IssuerName" type="string"/> + <element name="X509SerialNumber" type="integer"/> + </sequence> +</complexType> + + + + + +<element name="PGPData" type="ds:PGPDataType"/> +<complexType name="PGPDataType"> + <choice> + <sequence> + <element name="PGPKeyID" type="base64Binary"/> + <element name="PGPKeyPacket" type="base64Binary" minOccurs="0"/> + <any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded"/> + </sequence> + <sequence> + <element name="PGPKeyPacket" type="base64Binary"/> + <any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded"/> + </sequence> + </choice> +</complexType> + + + + + +<element name="SPKIData" type="ds:SPKIDataType"/> +<complexType name="SPKIDataType"> + <sequence maxOccurs="unbounded"> + <element name="SPKISexp" type="base64Binary"/> + <any namespace="##other" processContents="lax" minOccurs="0"/> + </sequence> +</complexType> + + + + + + + +<element name="Object" type="ds:ObjectType"/> +<complexType name="ObjectType" mixed="true"> + <sequence minOccurs="0" maxOccurs="unbounded"> + <any namespace="##any" processContents="lax"/> + </sequence> + <attribute name="Id" type="ID" use="optional"/> + <attribute name="MimeType" type="string" use="optional"/>  + <attribute name="Encoding" type="anyURI" use="optional"/> +</complexType> + +<element name="Manifest" type="ds:ManifestType"/> +<complexType name="ManifestType"> + <sequence> + <element ref="ds:Reference" maxOccurs="unbounded"/> + </sequence> + <attribute name="Id" type="ID" use="optional"/> +</complexType> + +<element name="SignatureProperties" type="ds:SignaturePropertiesType"/> +<complexType name="SignaturePropertiesType"> + <sequence> + <element ref="ds:SignatureProperty" maxOccurs="unbounded"/> + </sequence> + <attribute name="Id" type="ID" use="optional"/> +</complexType> + + <element name="SignatureProperty" type="ds:SignaturePropertyType"/> + <complexType name="SignaturePropertyType" mixed="true"> + <choice maxOccurs="unbounded"> + <any namespace="##other" processContents="lax"/> +  + </choice> + <attribute name="Target" type="anyURI" use="required"/> + <attribute name="Id" type="ID" use="optional"/> + </complexType> + + + + + +<simpleType name="HMACOutputLengthType"> + <restriction base="integer"/> +</simpleType> + + + +<element name="DSAKeyValue" type="ds:DSAKeyValueType"/> +<complexType name="DSAKeyValueType"> + <sequence> + <sequence minOccurs="0"> + <element name="P" type="ds:CryptoBinary"/> + <element name="Q" type="ds:CryptoBinary"/> + </sequence> + <element name="G" type="ds:CryptoBinary" minOccurs="0"/> + <element name="Y" type="ds:CryptoBinary"/> + <element name="J" type="ds:CryptoBinary" minOccurs="0"/> + <sequence minOccurs="0"> + <element name="Seed" type="ds:CryptoBinary"/> + <element name="PgenCounter" type="ds:CryptoBinary"/> + </sequence> + </sequence> +</complexType> + +<element name="RSAKeyValue" type="ds:RSAKeyValueType"/> +<complexType name="RSAKeyValueType"> + <sequence> + <element name="Modulus" type="ds:CryptoBinary"/> + <element name="Exponent" type="ds:CryptoBinary"/> + </sequence> +</complexType> + + + + + +</schema> \ No newline at end of file Added: modules/security/trunk/impl/src/main/resources/schema/xrds/xrd.xsd =================================================================== --- modules/security/trunk/impl/src/main/resources/schema/xrds/xrd.xsd (rev 0) +++ modules/security/trunk/impl/src/main/resources/schema/xrds/xrd.xsd 2010-08-06 14:08:04 UTC (rev 13562) @@ -0,0 +1,205 @@ +<?xml version="1.0" encoding="UTF-8"?> +<xs:schema xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:xrd="xri://$xrd*($v*2.0)" targetNamespace="xri://$xrd*($v*2.0)" elementFormDefault="qualified"> +  + <xs:attributeGroup name="otherattribute"> + <xs:anyAttribute namespace="##other" processContents="lax"/> + </xs:attributeGroup> + <xs:group name="otherelement"> + <xs:choice> + <xs:any namespace="##other" processContents="lax"/> + <xs:any namespace="##local" processContents="lax"/> + </xs:choice> + </xs:group> + <xs:attributeGroup name="priorityAttrGrp"> + <xs:attribute name="priority" type="xs:nonNegativeInteger" use="optional"/> + </xs:attributeGroup> + <xs:attributeGroup name="codeAttrGrp"> + <xs:attribute name="code" type="xs:int" use="required"/> + </xs:attributeGroup> + <xs:attributeGroup name="verifyAttrGrp"> + <xs:attribute name="cid" use="optional"> + <xs:simpleType> + <xs:restriction base="xs:string"> + <xs:enumeration value="absent"/> + <xs:enumeration value="off"/> + <xs:enumeration value="verified"/> + <xs:enumeration value="failed"/> + </xs:restriction> + </xs:simpleType> + </xs:attribute> + <xs:attribute name="ceid" use="optional"> + <xs:simpleType> + <xs:restriction base="xs:string"> + <xs:enumeration value="absent"/> + <xs:enumeration value="off"/> + <xs:enumeration value="verified"/> + <xs:enumeration value="failed"/> + </xs:restriction> + </xs:simpleType> + </xs:attribute> + </xs:attributeGroup> + <xs:attributeGroup name="selectionAttrGrp"> + <xs:attribute name="match" use="optional" default="default"> + <xs:simpleType> + <xs:restriction base="xs:string"> + <xs:enumeration value="default"/> + <xs:enumeration value="any"/> + <xs:enumeration value="non-null"/> + <xs:enumeration value="null"/> + </xs:restriction> + </xs:simpleType> + </xs:attribute> + <xs:attribute name="select" type="xs:boolean" use="optional" default="false"/> + </xs:attributeGroup> + <xs:attributeGroup name="appendAttrGrp"> + <xs:attribute name="append" use="optional" default="none"> + <xs:simpleType> + <xs:restriction base="xs:string"> + <xs:enumeration value="none"/> + <xs:enumeration value="local"/> + <xs:enumeration value="authority"/> + <xs:enumeration value="path"/> + <xs:enumeration value="query"/> + <xs:enumeration value="qxri"/> + </xs:restriction> + </xs:simpleType> + </xs:attribute> + </xs:attributeGroup> + <xs:complexType name="URIPattern"> + <xs:simpleContent> + <xs:extension base="xs:anyURI"> + <xs:attributeGroup ref="xrd:otherattribute"/> + </xs:extension> + </xs:simpleContent> + </xs:complexType> + <xs:complexType name="URIPriorityPattern"> + <xs:simpleContent> + <xs:extension base="xrd:URIPattern"> + <xs:attributeGroup ref="xrd:priorityAttrGrp"/> + </xs:extension> + </xs:simpleContent> + </xs:complexType> + <xs:complexType name="URIPriorityAppendPattern"> + <xs:simpleContent> + <xs:extension base="xrd:URIPriorityPattern"> + <xs:attributeGroup ref="xrd:appendAttrGrp"/> + </xs:extension> + </xs:simpleContent> + </xs:complexType> + <xs:complexType name="StringPattern"> + <xs:simpleContent> + <xs:extension base="xs:string"> + <xs:attributeGroup ref="xrd:otherattribute"/> + </xs:extension> + </xs:simpleContent> + </xs:complexType> + <xs:complexType name="StringSelectionPattern"> + <xs:simpleContent> + <xs:extension base="xrd:StringPattern"> + <xs:attributeGroup ref="xrd:selectionAttrGrp"/> + </xs:extension> + </xs:simpleContent> + </xs:complexType> +  + <xs:element name="XRD"> + <xs:complexType> + <xs:sequence> + <xs:element ref="xrd:Query" minOccurs="0"/> + <xs:element ref="xrd:Status" minOccurs="0"/> + <xs:element ref="xrd:ServerStatus" minOccurs="0"/> + <xs:element ref="xrd:Expires" minOccurs="0"/> + <xs:element ref="xrd:ProviderID" minOccurs="0"/> + <xs:choice> + <xs:element ref="xrd:Redirect" minOccurs="0" maxOccurs="unbounded"/> + <xs:element ref="xrd:Ref" minOccurs="0" maxOccurs="unbounded"/> + </xs:choice> + <xs:element ref="xrd:LocalID" minOccurs="0" maxOccurs="unbounded"/> + <xs:element ref="xrd:EquivID" minOccurs="0" maxOccurs="unbounded"/> + <xs:element ref="xrd:CanonicalID" minOccurs="0" maxOccurs="unbounded"/> + <xs:element ref="xrd:CanonicalEquivID" minOccurs="0" maxOccurs="unbounded"/> + <xs:element ref="xrd:Service" minOccurs="0" maxOccurs="unbounded"/> + <xs:group ref="xrd:otherelement" minOccurs="0" maxOccurs="unbounded"/> + </xs:sequence> + <xs:attribute name="idref" type="xs:IDREF" use="optional"/> + <xs:attribute name="version" type="xs:string" use="optional" fixed="2.0"/> + <xs:attributeGroup ref="xrd:otherattribute"/> + </xs:complexType> + </xs:element> + <xs:element name="Query" type="xrd:StringPattern"/> + <xs:element name="Status"> + <xs:complexType> + <xs:simpleContent> + <xs:extension base="xrd:StringPattern"> + <xs:attributeGroup ref="xrd:codeAttrGrp"/> + <xs:attributeGroup ref="xrd:verifyAttrGrp"/> + <xs:attributeGroup ref="xrd:otherattribute"/> + </xs:extension> + </xs:simpleContent> + </xs:complexType> + </xs:element> + <xs:element name="ServerStatus"> + <xs:complexType> + <xs:simpleContent> + <xs:extension base="xrd:StringPattern"> + <xs:attributeGroup ref="xrd:codeAttrGrp"/> + <xs:attributeGroup ref="xrd:otherattribute"/> + </xs:extension> + </xs:simpleContent> + </xs:complexType> + </xs:element> + <xs:element name="Expires"> + <xs:complexType> + <xs:simpleContent> + <xs:extension base="xs:dateTime"> + <xs:attributeGroup ref="xrd:otherattribute"/> + </xs:extension> + </xs:simpleContent> + </xs:complexType> + </xs:element> + <xs:element name="ProviderID" type="xrd:URIPattern"/> + <xs:element name="Redirect" type="xrd:URIPriorityAppendPattern"/> + <xs:element name="Ref" type="xrd:URIPriorityPattern"/> + <xs:element name="LocalID"> + <xs:complexType> + <xs:simpleContent> + <xs:extension base="xrd:StringPattern"> + <xs:attributeGroup ref="xrd:priorityAttrGrp"/> + </xs:extension> + </xs:simpleContent> + </xs:complexType> + </xs:element> + <xs:element name="EquivID" type="xrd:URIPriorityPattern"/> + <xs:element name="CanonicalID" type="xrd:URIPriorityPattern"/> + <xs:element name="CanonicalEquivID" type="xrd:URIPriorityPattern"/> + <xs:element name="Service"> + <xs:complexType> + <xs:sequence> + <xs:element ref="xrd:ProviderID" minOccurs="0"/> + <xs:element ref="xrd:Type" minOccurs="0" maxOccurs="unbounded"/> + <xs:element ref="xrd:Path" minOccurs="0" maxOccurs="unbounded"/> + <xs:element ref="xrd:MediaType" minOccurs="0" maxOccurs="unbounded"/> + <xs:choice> + <xs:element ref="xrd:URI" minOccurs="0" maxOccurs="unbounded"/> + <xs:element ref="xrd:Redirect" minOccurs="0" maxOccurs="unbounded"/> + <xs:element ref="xrd:Ref" minOccurs="0" maxOccurs="unbounded"/> + </xs:choice> + <xs:element ref="xrd:LocalID" minOccurs="0" maxOccurs="unbounded"/> + <xs:group ref="xrd:otherelement" minOccurs="0" maxOccurs="unbounded"/> + </xs:sequence> + <xs:attributeGroup ref="xrd:priorityAttrGrp"/> + <xs:attributeGroup ref="xrd:otherattribute"/> + </xs:complexType> + </xs:element> + <xs:element name="Type"> + <xs:complexType> + <xs:simpleContent> + <xs:extension base="xrd:URIPattern"> + <xs:attributeGroup ref="xrd:selectionAttrGrp"/> + </xs:extension> + </xs:simpleContent> + </xs:complexType> + </xs:element> + <xs:element name="Path" type="xrd:StringSelectionPattern"/> + <xs:element name="MediaType" type="xrd:StringSelectionPattern"/> + <xs:element name="URI" type="xrd:URIPriorityAppendPattern"/> +</xs:schema> \ No newline at end of file Added: modules/security/trunk/impl/src/main/resources/schema/xrds/xrds.xsd =================================================================== --- modules/security/trunk/impl/src/main/resources/schema/xrds/xrds.xsd (rev 0) +++ modules/security/trunk/impl/src/main/resources/schema/xrds/xrds.xsd 2010-08-06 14:08:04 UTC (rev 13562) @@ -0,0 +1,25 @@ +<?xml version="1.0" encoding="UTF-8"?> +<xs:schema xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:xrds="xri://$xrds" targetNamespace="xri://$xrds" elementFormDefault="qualified"> +  + <xs:attributeGroup name="otherattribute"> + <xs:anyAttribute namespace="##other" processContents="lax"/> + </xs:attributeGroup> + <xs:group name="otherelement"> + <xs:choice> + <xs:any namespace="##other" processContents="lax"/> + <xs:any namespace="##local" processContents="lax"/> + </xs:choice> + </xs:group> +  + <xs:element name="XRDS"> + <xs:complexType> + <xs:sequence> + <xs:group ref="xrds:otherelement" minOccurs="0" maxOccurs="unbounded"/> + </xs:sequence> + <xs:attributeGroup ref="xrds:otherattribute"/> +  + <xs:attribute name="redirect" type="xs:anyURI" use="optional"/> + <xs:attribute name="ref" type="xs:anyURI" use="optional"/> + </xs:complexType> + </xs:element> +</xs:schema> \ No newline at end of file Added: modules/security/trunk/impl/src/main/xjb/config-bindings.xjb =================================================================== --- modules/security/trunk/impl/src/main/xjb/config-bindings.xjb (rev 0) +++ modules/security/trunk/impl/src/main/xjb/config-bindings.xjb 2010-08-06 14:08:04 UTC (rev 13562) @@ -0,0 +1,5 @@ +<?xml version="1.0" encoding="UTF-8"?> +<jaxb:bindings version="2.0" xmlns:jaxb="http://java.sun.com/xml/ns/jaxb" + xmlns:xs="http://www.w3.org/2001/XMLSchema"> + +</jaxb:bindings> \ No newline at end of file Added: modules/security/trunk/impl/src/main/xjb/samlv2-bindings.xjb =================================================================== --- modules/security/trunk/impl/src/main/xjb/samlv2-bindings.xjb (rev 0) +++ modules/security/trunk/impl/src/main/xjb/samlv2-bindings.xjb 2010-08-06 14:08:04 UTC (rev 13562) @@ -0,0 +1,48 @@ +<?xml version="1.0" encoding="UTF-8"?> +<jaxb:bindings version="2.0" xmlns:jaxb="http://java.sun.com/xml/ns/jaxb" + xmlns:xs="http://www.w3.org/2001/XMLSchema"> + + <jaxb:bindings + schemaLocation="../resources/schema/samlv2/saml-schema-assertion-2.0.xsd"> + <jaxb:bindings node="/xs:schema"> + <jaxb:schemaBindings> + <jaxb:package name="org.jboss.seam.security.external_authentication.jaxb.samlv2.assertion" /> + </jaxb:schemaBindings> + </jaxb:bindings> + </jaxb:bindings> + + <jaxb:bindings + schemaLocation="../resources/schema/samlv2/saml-schema-protocol-2.0.xsd"> + <jaxb:bindings node="/xs:schema"> + <jaxb:schemaBindings> + <jaxb:package name="org.jboss.seam.security.external_authentication.jaxb.samlv2.protocol" /> + </jaxb:schemaBindings> + </jaxb:bindings> + </jaxb:bindings> + + <jaxb:bindings + schemaLocation="../resources/schema/samlv2/saml-schema-metadata-2.0.xsd"> + <jaxb:bindings node="/xs:schema"> + <jaxb:schemaBindings> + <jaxb:package name="org.jboss.seam.security.external_authentication.jaxb.samlv2.metadata" /> + </jaxb:schemaBindings> + </jaxb:bindings> + </jaxb:bindings> + + <jaxb:bindings schemaLocation="../resources/schema/samlv2/xenc-schema.xsd"> + <jaxb:bindings node="/xs:schema"> + <jaxb:schemaBindings> + <jaxb:package name="org.jboss.seam.external_authentication.jaxb.xenc" /> + </jaxb:schemaBindings> + </jaxb:bindings> + </jaxb:bindings> + + <jaxb:bindings schemaLocation="../resources/schema/samlv2/xmldsig-core-schema.xsd"> + <jaxb:bindings node="/xs:schema"> + <jaxb:schemaBindings> + <jaxb:package name="org.jboss.seam.security.external_authentication.jaxb.xmldsig" /> + </jaxb:schemaBindings> + </jaxb:bindings> + </jaxb:bindings> + +</jaxb:bindings> \ No newline at end of file Added: modules/security/trunk/impl/src/main/xjb/xrds-bindings.xjb =================================================================== --- modules/security/trunk/impl/src/main/xjb/xrds-bindings.xjb (rev 0) +++ modules/security/trunk/impl/src/main/xjb/xrds-bindings.xjb 2010-08-06 14:08:04 UTC (rev 13562) @@ -0,0 +1,5 @@ +<?xml version="1.0" encoding="UTF-8"?> +<jaxb:bindings version="2.0" xmlns:jaxb="http://java.sun.com/xml/ns/jaxb" + xmlns:xs="http://www.w3.org/2001/XMLSchema"> + +</jaxb:bindings> \ No newline at end of file

13 years, 9 months

1
0
0 / 0

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

seam-commits August 2010