[jboss-cvs] Picketlink SVN: r553 - in federation/trunk/picketlink-fed-core/src: main/java/org/picketlink/identity/federation/core/parsers/util and 5 other directories.
jboss-cvs-commits at lists.jboss.org
jboss-cvs-commits at lists.jboss.org
Fri Nov 12 15:25:29 EST 2010
Author: anil.saldhana at jboss.com
Date: 2010-11-12 15:25:28 -0500 (Fri, 12 Nov 2010)
New Revision: 553
Added:
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/util/SecurityActions.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/wst/WSTRequestSecurityTokenResponseCollectionParser.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/wst/WSTRequestSecurityTokenResponseParser.java
federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/wst/WSTResponseAssertionHOKCertificateTestCase.java
Modified:
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLConditionsParser.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLSubjectParser.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/util/StaxParserUtil.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/wsp/WSPolicyParser.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/wsse/WSSecurityParser.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/wst/WSTRequestSecurityTokenParser.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/wst/WSTrustOnBehalfOfParser.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/wst/WSTrustParser.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/WSTrustConstants.java
Log:
PLFED-109: as wstrust response parsing
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLConditionsParser.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLConditionsParser.java 2010-11-11 17:43:49 UTC (rev 552)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLConditionsParser.java 2010-11-12 20:25:28 UTC (rev 553)
@@ -20,10 +20,7 @@
* 02110-1301 USA, or see the FSF site: http://www.fsf.org.
*/
package org.picketlink.identity.federation.core.parsers.saml;
-
-import javax.xml.datatype.DatatypeConfigurationException;
-import javax.xml.datatype.DatatypeFactory;
-import javax.xml.datatype.XMLGregorianCalendar;
+
import javax.xml.namespace.QName;
import javax.xml.stream.XMLEventReader;
import javax.xml.stream.events.Attribute;
@@ -36,6 +33,7 @@
import org.picketlink.identity.federation.core.parsers.util.StaxParserUtil;
import org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLConstants;
import org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLURIConstants;
+import org.picketlink.identity.federation.core.saml.v2.util.XMLTimeUtil;
import org.picketlink.identity.federation.saml.v2.assertion.AudienceRestrictionType;
import org.picketlink.identity.federation.saml.v2.assertion.ConditionsType;
@@ -56,16 +54,6 @@
StartElement conditionsElement = StaxParserUtil.getNextStartElement(xmlEventReader);
StaxParserUtil.validate(conditionsElement, JBossSAMLConstants.CONDITIONS.get() );
-
- DatatypeFactory dtf;
- try
- {
- dtf = DatatypeFactory.newInstance();
- }
- catch (DatatypeConfigurationException e )
- {
- throw new ParsingException( e );
- }
ConditionsType conditions = new ConditionsType();
@@ -87,17 +75,14 @@
if( notBeforeAttribute != null )
{
- String notBeforeValue = StaxParserUtil.getAttributeValue( notBeforeAttribute );
-
- XMLGregorianCalendar xmlcal = dtf.newXMLGregorianCalendar( notBeforeValue );
- conditions.setNotBefore( xmlcal );
+ String notBeforeValue = StaxParserUtil.getAttributeValue( notBeforeAttribute );
+ conditions.setNotBefore( XMLTimeUtil.parse(notBeforeValue) );
}
if( notAfterAttribute != null )
{
- String notAfterValue = StaxParserUtil.getAttributeValue( notAfterAttribute );
- XMLGregorianCalendar xmlcal = dtf.newXMLGregorianCalendar( notAfterValue );
- conditions.setNotOnOrAfter( xmlcal );
+ String notAfterValue = StaxParserUtil.getAttributeValue( notAfterAttribute );
+ conditions.setNotOnOrAfter( XMLTimeUtil.parse( notAfterValue ) );
}
@@ -111,7 +96,10 @@
{
EndElement nextEndElement = (EndElement) xmlEvent;
if( StaxParserUtil.matches(nextEndElement, JBossSAMLConstants.CONDITIONS.get() ))
- break;
+ {
+ nextEndElement = StaxParserUtil.getNextEndElement(xmlEventReader);
+ break;
+ }
}
String tag = null;
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLSubjectParser.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLSubjectParser.java 2010-11-11 17:43:49 UTC (rev 552)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLSubjectParser.java 2010-11-12 20:25:28 UTC (rev 553)
@@ -37,12 +37,15 @@
import org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLURIConstants;
import org.picketlink.identity.federation.core.saml.v2.factories.SAMLAssertionFactory;
import org.picketlink.identity.federation.core.saml.v2.util.XMLTimeUtil;
+import org.picketlink.identity.federation.core.wstrust.WSTrustConstants;
import org.picketlink.identity.federation.saml.v2.assertion.AttributeStatementType;
import org.picketlink.identity.federation.saml.v2.assertion.NameIDType;
import org.picketlink.identity.federation.saml.v2.assertion.ObjectFactory;
import org.picketlink.identity.federation.saml.v2.assertion.SubjectConfirmationDataType;
import org.picketlink.identity.federation.saml.v2.assertion.SubjectConfirmationType;
import org.picketlink.identity.federation.saml.v2.assertion.SubjectType;
+import org.picketlink.identity.xmlsec.w3.xmldsig.KeyInfoType;
+import org.picketlink.identity.xmlsec.w3.xmldsig.X509DataType;
/**
* Parse the saml subject
@@ -125,8 +128,7 @@
subject.getContent().add( jaxbEl );
}
else throw new RuntimeException( "Unknown tag:" + tag );
- }
-
+ }
return subject;
}
@@ -142,6 +144,7 @@
&& localPart.equals( JBossSAMLConstants.SUBJECT.get() );
}
+ @SuppressWarnings({"unchecked", "rawtypes"})
private SubjectConfirmationDataType parseSubjectConfirmationData( XMLEventReader xmlEventReader ) throws ParsingException
{
StartElement startElement = StaxParserUtil.getNextStartElement(xmlEventReader);
@@ -178,10 +181,67 @@
{
subjectConfirmationData.setAddress( StaxParserUtil.getAttributeValue( address ));
}
+
+ XMLEvent xmlEvent = StaxParserUtil.peek(xmlEventReader);
+ if( ! ( xmlEvent instanceof EndElement ))
+ {
+ startElement = StaxParserUtil.peekNextStartElement(xmlEventReader);
+ String tag = StaxParserUtil.getStartElementName(startElement);
+ if( tag.equals( WSTrustConstants.XMLDSig.KEYINFO ))
+ {
+ KeyInfoType keyInfo = parseKeyInfo(xmlEventReader);
+ QName qname = new QName( WSTrustConstants.XMLDSig.DSIG_NS, WSTrustConstants.XMLDSig.KEYINFO,
+ WSTrustConstants.XMLDSig.PREFIX );
+ JAXBElement<?> jaxb = new JAXBElement(qname, KeyInfoType.class, keyInfo );
+ subjectConfirmationData.getContent().add( jaxb );
+ }
+ }
//Get the end tag
EndElement endElement = (EndElement) StaxParserUtil.getNextEvent(xmlEventReader);
StaxParserUtil.matches(endElement, JBossSAMLConstants.SUBJECT_CONFIRMATION_DATA.get() );
return subjectConfirmationData;
}
+
+ private KeyInfoType parseKeyInfo( XMLEventReader xmlEventReader ) throws ParsingException
+ {
+ KeyInfoType keyInfo = new KeyInfoType();
+ StartElement startElement = StaxParserUtil.getNextStartElement(xmlEventReader);
+ StaxParserUtil.validate(startElement, WSTrustConstants.XMLDSig.KEYINFO );
+
+ XMLEvent xmlEvent = null;
+ String tag = null;
+
+ while( xmlEventReader.hasNext() )
+ {
+ xmlEvent = StaxParserUtil.peek(xmlEventReader);
+ if( xmlEvent instanceof EndElement )
+ {
+ tag = StaxParserUtil.getEndElementName( (EndElement) xmlEvent );
+ if( tag.equals( WSTrustConstants.XMLDSig.KEYINFO ))
+ {
+ xmlEvent = StaxParserUtil.getNextEndElement(xmlEventReader);
+ break;
+ }
+ }
+ startElement = (StartElement) xmlEvent;
+ tag = StaxParserUtil.getStartElementName(startElement);
+ if( tag.equals( WSTrustConstants.XMLDSig.X509DATA ))
+ {
+ startElement = StaxParserUtil.getNextStartElement(xmlEventReader);
+ X509DataType x509 = new X509DataType();
+ //Let us go for the X509 certificate
+ startElement = StaxParserUtil.getNextStartElement(xmlEventReader);
+ StaxParserUtil.validate(startElement, WSTrustConstants.XMLDSig.X509CERT );
+
+ String certValue = StaxParserUtil.getElementText(xmlEventReader);
+ QName qname = new QName( WSTrustConstants.DSIG_NS, WSTrustConstants.XMLDSig.X509CERT, WSTrustConstants.XMLDSig.PREFIX );
+ JAXBElement<?> cert = new JAXBElement<byte[]>( qname, byte[].class, certValue.getBytes() );
+ x509.getX509IssuerSerialOrX509SKIOrX509SubjectName().add( cert );
+ EndElement endElement = StaxParserUtil.getNextEndElement(xmlEventReader);
+ StaxParserUtil.validate(endElement, WSTrustConstants.XMLDSig.X509DATA );
+ }
+ }
+ return keyInfo;
+ }
}
\ No newline at end of file
Added: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/util/SecurityActions.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/util/SecurityActions.java (rev 0)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/util/SecurityActions.java 2010-11-12 20:25:28 UTC (rev 553)
@@ -0,0 +1,50 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2008, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.picketlink.identity.federation.core.parsers.util;
+
+import java.security.AccessController;
+import java.security.PrivilegedAction;
+
+/**
+ * Privileged Blocks
+ * @author Anil.Saldhana at redhat.com
+ * @since Oct 25, 2010
+ */
+public class SecurityActions
+{
+ /**
+ * Get a system property
+ * @param key
+ * @param defaultValue
+ * @return
+ */
+ static String getSystemProperty( final String key, final String defaultValue )
+ {
+ return AccessController.doPrivileged( new PrivilegedAction<String>()
+ {
+ public String run()
+ {
+ return System.getProperty( key, defaultValue );
+ }
+ } );
+ }
+}
\ No newline at end of file
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/util/StaxParserUtil.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/util/StaxParserUtil.java 2010-11-11 17:43:49 UTC (rev 552)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/util/StaxParserUtil.java 2010-11-12 20:25:28 UTC (rev 553)
@@ -31,8 +31,16 @@
import javax.xml.stream.events.EndElement;
import javax.xml.stream.events.StartElement;
import javax.xml.stream.events.XMLEvent;
+import javax.xml.transform.Transformer;
+import javax.xml.transform.dom.DOMResult;
+import javax.xml.transform.stax.StAXSource;
-import org.picketlink.identity.federation.core.exceptions.ParsingException;
+import org.picketlink.identity.federation.core.exceptions.ConfigurationException;
+import org.picketlink.identity.federation.core.exceptions.ParsingException;
+import org.picketlink.identity.federation.core.saml.v2.util.DocumentUtil;
+import org.picketlink.identity.federation.core.util.TransformerUtil;
+import org.w3c.dom.Document;
+import org.w3c.dom.Element;
/**
@@ -72,6 +80,52 @@
}
/**
+ * Given that the {@code XMLEventReader} is in {@code XMLStreamConstants.START_ELEMENT}
+ * mode, we parse into a DOM Element
+ * @param xmlEventReader
+ * @return
+ * @throws ParsingException
+ */
+ public static Element getDOMElement( XMLEventReader xmlEventReader ) throws ParsingException
+ {
+ Transformer transformer = null;
+
+ final String JDK_TRANSFORMER_PROPERTY = "picketlink.jdk.transformer";
+
+ boolean useJDKTransformer = Boolean.parseBoolean( SecurityActions.getSystemProperty(JDK_TRANSFORMER_PROPERTY, "false" ));
+
+ try
+ {
+ if( useJDKTransformer )
+ {
+ transformer = TransformerUtil.getTransformer();
+ }
+ else
+ {
+ transformer = TransformerUtil.getStaxSourceToDomResultTransformer();
+ }
+
+ Document resultDocument = DocumentUtil.createDocument();
+ DOMResult domResult = new DOMResult( resultDocument );
+
+ StAXSource source = new StAXSource( xmlEventReader );
+
+ TransformerUtil.transform( transformer, source, domResult );
+
+ Document doc = ( Document ) domResult.getNode();
+ return doc.getDocumentElement();
+ }
+ catch ( ConfigurationException e )
+ {
+ throw new ParsingException( e );
+ }
+ catch ( XMLStreamException e )
+ {
+ throw new ParsingException( e );
+ }
+ }
+
+ /**
* Get the element text.
* @param xmlEventReader
* @return A <b>trimmed</b> string value
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/wsp/WSPolicyParser.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/wsp/WSPolicyParser.java 2010-11-11 17:43:49 UTC (rev 552)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/wsp/WSPolicyParser.java 2010-11-12 20:25:28 UTC (rev 553)
@@ -23,6 +23,7 @@
import javax.xml.namespace.QName;
import javax.xml.stream.XMLEventReader;
+import javax.xml.stream.events.EndElement;
import javax.xml.stream.events.StartElement;
import javax.xml.stream.events.XMLEvent;
@@ -77,6 +78,9 @@
Object parsedObject = parser.parse( xmlEventReader );
appliesTo.getAny().add( parsedObject );
+
+ EndElement endElement = StaxParserUtil.getNextEndElement(xmlEventReader);
+ StaxParserUtil.validate(endElement, WSPolicyConstants.APPLIES_TO );
return appliesTo;
}
}
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/wsse/WSSecurityParser.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/wsse/WSSecurityParser.java 2010-11-11 17:43:49 UTC (rev 552)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/wsse/WSSecurityParser.java 2010-11-12 20:25:28 UTC (rev 553)
@@ -34,6 +34,8 @@
import org.picketlink.identity.federation.core.parsers.util.StaxParserUtil;
import org.picketlink.identity.federation.core.wstrust.WSTrustConstants;
import org.picketlink.identity.federation.ws.wss.secext.AttributedString;
+import org.picketlink.identity.federation.ws.wss.secext.KeyIdentifierType;
+import org.picketlink.identity.federation.ws.wss.secext.SecurityTokenReferenceType;
import org.picketlink.identity.federation.ws.wss.secext.UsernameTokenType;
/**
@@ -46,9 +48,7 @@
* @since Oct 14, 2010
*/
public class WSSecurityParser extends AbstractParser
-{
- public static final String USERNAME_TOKEN = "UsernameToken";
-
+{
/**
* @see {@link ParserNamespaceSupport#parse(XMLEventReader)}
*/
@@ -63,9 +63,8 @@
StartElement startElement = (StartElement) xmlEvent;
String elementName = StaxParserUtil.getStartElementName( startElement );
- if( elementName.equalsIgnoreCase( USERNAME_TOKEN ))
- {
- //Get the AppliesTo element
+ if( elementName.equalsIgnoreCase( WSTrustConstants.WSSE.USERNAME_TOKEN ))
+ {
startElement = StaxParserUtil.getNextStartElement(xmlEventReader);
UsernameTokenType userNameToken = new UsernameTokenType();
@@ -93,10 +92,14 @@
//Get the end element
EndElement onBehalfOfEndElement = StaxParserUtil.getNextEndElement(xmlEventReader);
- StaxParserUtil.validate( onBehalfOfEndElement, USERNAME_TOKEN ) ;
+ StaxParserUtil.validate( onBehalfOfEndElement, WSTrustConstants.WSSE.USERNAME_TOKEN ) ;
return userNameToken;
}
+ else if( elementName.equals( WSTrustConstants.WSSE.SECURITY_TOKEN_REFERENCE ))
+ {
+ return parseSecurityTokenReference(xmlEventReader);
+ }
}
else
{
@@ -115,4 +118,56 @@
return WSTrustConstants.WSSE_NS.equals( nsURI );
}
+
+ private SecurityTokenReferenceType parseSecurityTokenReference( XMLEventReader xmlEventReader ) throws ParsingException
+ {
+ StartElement startElement = StaxParserUtil.getNextStartElement(xmlEventReader);
+ StaxParserUtil.validate(startElement, WSTrustConstants.WSSE.SECURITY_TOKEN_REFERENCE );
+
+ SecurityTokenReferenceType securityTokenRef = new SecurityTokenReferenceType();
+
+ //Get the Token Type attribute
+ QName tokenType = new QName( WSTrustConstants.WSSE11_NS, WSTrustConstants.TOKEN_TYPE );
+ Attribute tokenTypeAttr = startElement.getAttributeByName( tokenType );
+ if(tokenTypeAttr != null )
+ {
+ tokenType = new QName( WSTrustConstants.WSSE11_NS, WSTrustConstants.TOKEN_TYPE, tokenTypeAttr.getName().getPrefix() );
+ securityTokenRef.getOtherAttributes().put( tokenType, StaxParserUtil.getAttributeValue( tokenTypeAttr ));
+ }
+
+ XMLEvent xmlEvent = null;
+ EndElement endElement = null;
+ String tag = null;
+
+ while( xmlEventReader.hasNext() )
+ {
+ xmlEvent = StaxParserUtil.peek(xmlEventReader);
+ if( xmlEvent instanceof EndElement )
+ {
+ endElement = (EndElement) xmlEvent;
+ tag = StaxParserUtil.getEndElementName(endElement);
+ if( tag.equals( WSTrustConstants.WSSE.SECURITY_TOKEN_REFERENCE ))
+ {
+ endElement = StaxParserUtil.getNextEndElement(xmlEventReader);
+ break;
+ }
+ }
+
+ startElement = (StartElement) xmlEvent;
+ tag = StaxParserUtil.getStartElementName(startElement);
+ if( tag.equals( WSTrustConstants.WSSE.KEY_IDENTIFIER ))
+ {
+ startElement = StaxParserUtil.getNextStartElement(xmlEventReader);
+ KeyIdentifierType keyIdentifierType = new KeyIdentifierType();
+
+ Attribute valueTypeAttr = startElement.getAttributeByName( new QName( WSTrustConstants.VALUE_TYPE ));
+ if( valueTypeAttr != null )
+ keyIdentifierType.setValueType( StaxParserUtil.getAttributeValue( valueTypeAttr ));
+ keyIdentifierType.setValue( StaxParserUtil.getElementText(xmlEventReader));
+ securityTokenRef.getAny().add( keyIdentifierType );
+ }
+ }
+
+ return securityTokenRef;
+ }
}
\ No newline at end of file
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/wst/WSTRequestSecurityTokenParser.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/wst/WSTRequestSecurityTokenParser.java 2010-11-11 17:43:49 UTC (rev 552)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/wst/WSTRequestSecurityTokenParser.java 2010-11-12 20:25:28 UTC (rev 553)
@@ -26,22 +26,15 @@
import javax.xml.namespace.QName;
import javax.xml.stream.XMLEventReader;
-import javax.xml.stream.XMLStreamException;
import javax.xml.stream.events.Attribute;
import javax.xml.stream.events.EndElement;
import javax.xml.stream.events.StartElement;
import javax.xml.stream.events.XMLEvent;
-import javax.xml.transform.Transformer;
-import javax.xml.transform.dom.DOMResult;
-import javax.xml.transform.stax.StAXSource;
-import org.picketlink.identity.federation.core.exceptions.ConfigurationException;
import org.picketlink.identity.federation.core.exceptions.ParsingException;
import org.picketlink.identity.federation.core.parsers.ParserController;
import org.picketlink.identity.federation.core.parsers.ParserNamespaceSupport;
import org.picketlink.identity.federation.core.parsers.util.StaxParserUtil;
-import org.picketlink.identity.federation.core.saml.v2.util.DocumentUtil;
-import org.picketlink.identity.federation.core.util.TransformerUtil;
import org.picketlink.identity.federation.core.wstrust.WSTrustConstants;
import org.picketlink.identity.federation.core.wstrust.wrappers.RequestSecurityToken;
import org.picketlink.identity.federation.ws.policy.AppliesTo;
@@ -52,7 +45,6 @@
import org.picketlink.identity.federation.ws.trust.RenewTargetType;
import org.picketlink.identity.federation.ws.trust.UseKeyType;
import org.picketlink.identity.federation.ws.trust.ValidateTargetType;
-import org.w3c.dom.Document;
import org.w3c.dom.Element;
/**
@@ -65,8 +57,6 @@
public static final String X509CERTIFICATE = "X509Certificate";
public static final String KEYVALUE = "KeyValue";
- public static final String JDK_TRANSFORMER_PROPERTY = "picketlink.jdk.transformer";
-
/**
* @see {@link ParserNamespaceSupport#parse(XMLEventReader)}
*/
@@ -225,7 +215,7 @@
subEvent = StaxParserUtil.peekNextStartElement(xmlEventReader);
if( StaxParserUtil.matches(subEvent, X509CERTIFICATE ))
{
- Element domElement = this.getDOMElement(xmlEventReader);
+ Element domElement = StaxParserUtil.getDOMElement(xmlEventReader);
//Element domElement = getX509CertificateAsDomElement( subEvent, xmlEventReader );
useKeyType.setAny( domElement );
@@ -234,7 +224,7 @@
else if( StaxParserUtil.matches(subEvent, KEYVALUE ))
{
//Element domElement = getKeyValueAsDomElement( subEvent, xmlEventReader );
- Element domElement = this.getDOMElement(xmlEventReader);//
+ Element domElement = StaxParserUtil.getDOMElement(xmlEventReader);//
useKeyType.setAny( domElement );
requestToken.setUseKey( useKeyType );
}
@@ -273,49 +263,5 @@
return WSTrustConstants.BASE_NAMESPACE.equals( nsURI )
&& WSTrustConstants.RST.equals( localPart );
- }
-
- /**
- * Given that the {@code XMLEventReader} is in {@code XMLStreamConstants.START_ELEMENT}
- * mode, we parse into a DOM Element
- * @param xmlEventReader
- * @return
- * @throws ParsingException
- */
- private Element getDOMElement( XMLEventReader xmlEventReader ) throws ParsingException
- {
- Transformer transformer = null;
-
- boolean useJDKTransformer = Boolean.parseBoolean( SecurityActions.getSystemProperty(JDK_TRANSFORMER_PROPERTY, "false" ));
-
- try
- {
- if( useJDKTransformer )
- {
- transformer = TransformerUtil.getTransformer();
- }
- else
- {
- transformer = TransformerUtil.getStaxSourceToDomResultTransformer();
- }
-
- Document resultDocument = DocumentUtil.createDocument();
- DOMResult domResult = new DOMResult( resultDocument );
-
- StAXSource source = new StAXSource( xmlEventReader );
-
- TransformerUtil.transform( transformer, source, domResult );
-
- Document doc = ( Document ) domResult.getNode();
- return doc.getDocumentElement();
- }
- catch ( ConfigurationException e )
- {
- throw new ParsingException( e );
- }
- catch ( XMLStreamException e )
- {
- throw new ParsingException( e );
- }
- }
+ }
}
\ No newline at end of file
Added: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/wst/WSTRequestSecurityTokenResponseCollectionParser.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/wst/WSTRequestSecurityTokenResponseCollectionParser.java (rev 0)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/wst/WSTRequestSecurityTokenResponseCollectionParser.java 2010-11-12 20:25:28 UTC (rev 553)
@@ -0,0 +1,78 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2008, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.picketlink.identity.federation.core.parsers.wst;
+
+import javax.xml.namespace.QName;
+import javax.xml.stream.XMLEventReader;
+import javax.xml.stream.events.StartElement;
+
+import org.picketlink.identity.federation.core.exceptions.ParsingException;
+import org.picketlink.identity.federation.core.parsers.ParserNamespaceSupport;
+import org.picketlink.identity.federation.core.parsers.util.StaxParserUtil;
+import org.picketlink.identity.federation.core.wstrust.WSTrustConstants;
+import org.picketlink.identity.federation.core.wstrust.wrappers.RequestSecurityTokenResponse;
+import org.picketlink.identity.federation.core.wstrust.wrappers.RequestSecurityTokenResponseCollection;
+
+/**
+ * Parse the WS-Trust RequestSecurityTokenResponse Collection
+ * @author Anil.Saldhana at redhat.com
+ * @since Nov 11, 2010
+ */
+public class WSTRequestSecurityTokenResponseCollectionParser implements ParserNamespaceSupport
+{
+ /**
+ * @see {@link ParserNamespaceSupport#parse(XMLEventReader)}
+ */
+ public Object parse( XMLEventReader xmlEventReader ) throws ParsingException
+ {
+ StaxParserUtil.getNextEvent(xmlEventReader);
+
+ RequestSecurityTokenResponseCollection requestCollection = new RequestSecurityTokenResponseCollection();
+
+ //Peek at the next event
+ while( xmlEventReader.hasNext() )
+ {
+ StartElement peekedElement = StaxParserUtil.peekNextStartElement( xmlEventReader );
+ if( peekedElement == null )
+ break;
+
+ String tag = StaxParserUtil.getStartElementName( peekedElement );
+
+ if( WSTrustConstants.RSTR.equalsIgnoreCase( tag ) )
+ {
+ WSTRequestSecurityTokenResponseParser rstrParser = new WSTRequestSecurityTokenResponseParser();
+ RequestSecurityTokenResponse rstr = ( RequestSecurityTokenResponse ) rstrParser.parse( xmlEventReader );
+ requestCollection.addRequestSecurityTokenResponse(rstr);
+ }
+ }
+ return requestCollection;
+ }
+
+ /**
+ * @see {@link ParserNamespaceSupport#supports(QName)}
+ */
+ public boolean supports( QName qname )
+ {
+ return ( qname.getNamespaceURI().equals( WSTrustConstants.BASE_NAMESPACE )
+ && qname.getLocalPart().equals( WSTrustConstants.RSTR_COLLECTION ) );
+ }
+}
\ No newline at end of file
Added: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/wst/WSTRequestSecurityTokenResponseParser.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/wst/WSTRequestSecurityTokenResponseParser.java (rev 0)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/wst/WSTRequestSecurityTokenResponseParser.java 2010-11-12 20:25:28 UTC (rev 553)
@@ -0,0 +1,335 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2008, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.picketlink.identity.federation.core.parsers.wst;
+
+import java.net.URI;
+import java.net.URISyntaxException;
+
+import javax.xml.namespace.QName;
+import javax.xml.stream.XMLEventReader;
+import javax.xml.stream.events.Attribute;
+import javax.xml.stream.events.EndElement;
+import javax.xml.stream.events.StartElement;
+import javax.xml.stream.events.XMLEvent;
+
+import org.picketlink.identity.federation.core.exceptions.ParsingException;
+import org.picketlink.identity.federation.core.parsers.ParserController;
+import org.picketlink.identity.federation.core.parsers.ParserNamespaceSupport;
+import org.picketlink.identity.federation.core.parsers.saml.SAMLAssertionParser;
+import org.picketlink.identity.federation.core.parsers.util.StaxParserUtil;
+import org.picketlink.identity.federation.core.parsers.wsse.WSSecurityParser;
+import org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLConstants;
+import org.picketlink.identity.federation.core.wstrust.WSTrustConstants;
+import org.picketlink.identity.federation.core.wstrust.wrappers.Lifetime;
+import org.picketlink.identity.federation.core.wstrust.wrappers.RequestSecurityTokenResponse;
+import org.picketlink.identity.federation.ws.policy.AppliesTo;
+import org.picketlink.identity.federation.ws.trust.BinarySecretType;
+import org.picketlink.identity.federation.ws.trust.EntropyType;
+import org.picketlink.identity.federation.ws.trust.LifetimeType;
+import org.picketlink.identity.federation.ws.trust.OnBehalfOfType;
+import org.picketlink.identity.federation.ws.trust.RequestedReferenceType;
+import org.picketlink.identity.federation.ws.trust.RequestedSecurityTokenType;
+import org.picketlink.identity.federation.ws.trust.UseKeyType;
+import org.picketlink.identity.federation.ws.wss.secext.SecurityTokenReferenceType;
+import org.picketlink.identity.federation.ws.wss.utility.AttributedDateTime;
+import org.w3c.dom.Element;
+
+/**
+ * Parse the WS-Trust RequestSecurityToken
+ * @author Anil.Saldhana at redhat.com
+ * @since Oct 11, 2010
+ */
+public class WSTRequestSecurityTokenResponseParser implements ParserNamespaceSupport
+{
+ public static final String X509CERTIFICATE = "X509Certificate";
+ public static final String KEYVALUE = "KeyValue";
+
+ public static final String JDK_TRANSFORMER_PROPERTY = "picketlink.jdk.transformer";
+
+ /**
+ * @see {@link ParserNamespaceSupport#parse(XMLEventReader)}
+ */
+ public Object parse(XMLEventReader xmlEventReader) throws ParsingException
+ {
+ StartElement startElement = StaxParserUtil.getNextStartElement( xmlEventReader );
+
+ RequestSecurityTokenResponse responseToken = new RequestSecurityTokenResponse();
+
+ QName contextQName = new QName( "", WSTrustConstants.RST_CONTEXT );
+ Attribute contextAttribute = startElement.getAttributeByName( contextQName );
+ String contextValue = StaxParserUtil.getAttributeValue( contextAttribute );
+ responseToken.setContext( contextValue );
+
+ while( xmlEventReader.hasNext() )
+ {
+ XMLEvent xmlEvent = StaxParserUtil.peek( xmlEventReader );
+ if( xmlEvent == null )
+ break;
+ if( xmlEvent instanceof EndElement )
+ {
+ xmlEvent = StaxParserUtil.getNextEvent( xmlEventReader );
+ EndElement endElement = (EndElement) xmlEvent;
+ String endElementTag = StaxParserUtil.getEndElementName( endElement );
+ if( endElementTag.equals( WSTrustConstants.RSTR ) )
+ break;
+ }
+
+ try
+ {
+ StartElement subEvent = StaxParserUtil.peekNextStartElement( xmlEventReader );
+ if( subEvent == null )
+ break;
+
+ String tag = StaxParserUtil.getStartElementName( subEvent );
+ if( tag.equals( WSTrustConstants.REQUEST_TYPE ))
+ {
+ subEvent = StaxParserUtil.getNextStartElement(xmlEventReader);
+
+ if( !StaxParserUtil.hasTextAhead( xmlEventReader ))
+ throw new ParsingException( "request type is expected ahead" );
+
+ String value = StaxParserUtil.getElementText(xmlEventReader);
+ responseToken.setRequestType( new URI( value ));
+ }
+ else if( tag.equals( WSTrustConstants.LIFETIME ))
+ {
+ subEvent = StaxParserUtil.getNextStartElement(xmlEventReader);
+ StaxParserUtil.validate(subEvent, WSTrustConstants.LIFETIME );
+
+
+ LifetimeType lifeTime = new LifetimeType();
+ //Get the Created
+ subEvent = StaxParserUtil.getNextStartElement(xmlEventReader);
+ String subTag = StaxParserUtil.getStartElementName( subEvent );
+ if( subTag.equals( WSTrustConstants.CREATED ))
+ {
+ AttributedDateTime created = new AttributedDateTime();
+ created.setValue( StaxParserUtil.getElementText(xmlEventReader) );
+ lifeTime.setCreated( created );
+ }
+ subEvent = StaxParserUtil.getNextStartElement(xmlEventReader);
+ subTag = StaxParserUtil.getStartElementName( subEvent );
+
+ if( subTag.equals( WSTrustConstants.EXPIRES ))
+ {
+ AttributedDateTime expires = new AttributedDateTime();
+ expires.setValue( StaxParserUtil.getElementText(xmlEventReader) );
+ lifeTime.setExpires( expires );
+ }
+ else
+ throw new RuntimeException( subTag + " was unexpected" );
+
+ responseToken.setLifetime( new Lifetime( lifeTime ));
+ EndElement lifeTimeElement = StaxParserUtil.getNextEndElement(xmlEventReader);
+ StaxParserUtil.validate( lifeTimeElement, WSTrustConstants.LIFETIME ) ;
+ }
+ else if( tag.equals( WSTrustConstants.TOKEN_TYPE ))
+ {
+ subEvent = StaxParserUtil.getNextStartElement(xmlEventReader);
+
+ if( !StaxParserUtil.hasTextAhead( xmlEventReader ))
+ throw new ParsingException( "token type is expected ahead" );
+
+ String value = StaxParserUtil.getElementText(xmlEventReader);
+ responseToken.setTokenType( new URI( value ));
+ }
+ else if( tag.equals( WSTrustConstants.On_BEHALF_OF ))
+ {
+ subEvent = StaxParserUtil.getNextStartElement(xmlEventReader);
+
+ WSTrustOnBehalfOfParser wstOnBehalfOfParser = new WSTrustOnBehalfOfParser();
+ OnBehalfOfType onBehalfOf = (OnBehalfOfType) wstOnBehalfOfParser.parse(xmlEventReader);
+ responseToken.setOnBehalfOf(onBehalfOf);
+ EndElement onBehalfOfEndElement = StaxParserUtil.getNextEndElement(xmlEventReader);
+ StaxParserUtil.validate( onBehalfOfEndElement, WSTrustConstants.On_BEHALF_OF ) ;
+ }
+ else if( tag.equals( WSTrustConstants.KEY_TYPE ))
+ {
+ subEvent = StaxParserUtil.getNextStartElement(xmlEventReader);
+ if( !StaxParserUtil.hasTextAhead( xmlEventReader ))
+ throw new ParsingException( "key type is expected ahead" );
+
+ String keyType = StaxParserUtil.getElementText(xmlEventReader);
+ try
+ {
+ URI keyTypeURI = new URI( keyType );
+ responseToken.setKeyType( keyTypeURI );
+ }
+ catch( URISyntaxException e )
+ {
+ throw new ParsingException( e );
+ }
+ }
+ else if( tag.equals( WSTrustConstants.KEY_SIZE ))
+ {
+ subEvent = StaxParserUtil.getNextStartElement(xmlEventReader);
+
+ if( !StaxParserUtil.hasTextAhead( xmlEventReader ))
+ throw new ParsingException( "key size is expected ahead" );
+
+ String keySize = StaxParserUtil.getElementText(xmlEventReader);
+ try
+ {
+ responseToken.setKeySize(Long.parseLong( keySize ));
+ }
+ catch( NumberFormatException e )
+ {
+ throw new ParsingException( e );
+ }
+ }
+ else if( tag.equals( WSTrustConstants.ENTROPY ))
+ {
+ subEvent = StaxParserUtil.getNextStartElement(xmlEventReader);
+ EntropyType entropy = new EntropyType();
+ subEvent = StaxParserUtil.getNextStartElement(xmlEventReader);
+ if( StaxParserUtil.matches(subEvent, WSTrustConstants.BINARY_SECRET ))
+ {
+ BinarySecretType binarySecret = new BinarySecretType();
+ Attribute typeAttribute = subEvent.getAttributeByName( new QName( "", "Type" ));
+ binarySecret.setType( StaxParserUtil.getAttributeValue( typeAttribute ));
+
+ if( !StaxParserUtil.hasTextAhead( xmlEventReader ))
+ throw new ParsingException( "binary secret value is expected ahead" );
+
+ binarySecret.setValue( StaxParserUtil.getElementText(xmlEventReader).getBytes() );
+ entropy.getAny().add( binarySecret );
+ }
+ responseToken.setEntropy(entropy);
+ }
+ else if( tag.equals( WSTrustConstants.USE_KEY ))
+ {
+ subEvent = StaxParserUtil.getNextStartElement(xmlEventReader);
+ UseKeyType useKeyType = new UseKeyType();
+ StaxParserUtil.validate( subEvent, WSTrustConstants.USE_KEY ) ;
+
+ //We peek at the next start element as the stax source has to be in the START_ELEMENT mode
+ subEvent = StaxParserUtil.peekNextStartElement(xmlEventReader);
+ if( StaxParserUtil.matches(subEvent, X509CERTIFICATE ))
+ {
+ Element domElement = StaxParserUtil.getDOMElement(xmlEventReader);
+ //Element domElement = getX509CertificateAsDomElement( subEvent, xmlEventReader );
+
+ useKeyType.setAny( domElement );
+ responseToken.setUseKey( useKeyType );
+ }
+ else if( StaxParserUtil.matches(subEvent, KEYVALUE ))
+ {
+ //Element domElement = getKeyValueAsDomElement( subEvent, xmlEventReader );
+ Element domElement = StaxParserUtil.getDOMElement(xmlEventReader);//
+ useKeyType.setAny( domElement );
+ responseToken.setUseKey( useKeyType );
+ }
+ else throw new RuntimeException( "unsupported " + StaxParserUtil.getStartElementName( subEvent ));
+ }
+ else if( tag.equals( WSTrustConstants.REQUESTED_TOKEN ))
+ {
+ responseToken.setRequestedSecurityToken( parseRequestedSecurityTokenType(xmlEventReader) );
+ }
+ else if( tag.equals( WSTrustConstants.REQUESTED_ATTACHED_REFERENCE ))
+ {
+ responseToken.setRequestedAttachedReference( parseRequestedReference(xmlEventReader));
+ }
+ else
+ {
+ QName qname = subEvent.getName();
+ ParserNamespaceSupport parser = ParserController.get( qname );
+ if( parser == null )
+ throw new RuntimeException( "Cannot parse " + qname );
+
+ Object parsedObject = parser.parse( xmlEventReader );
+ if( parsedObject instanceof AppliesTo )
+ {
+ responseToken.setAppliesTo( (AppliesTo) parsedObject );
+ }
+ }
+ }
+ catch (URISyntaxException e)
+ {
+ throw new ParsingException( e );
+ }
+ }
+
+ return responseToken;
+ }
+
+ /**
+ * @see {@link ParserNamespaceSupport#supports(QName)}
+ */
+ public boolean supports(QName qname)
+ {
+ String nsURI = qname.getNamespaceURI();
+ String localPart = qname.getLocalPart();
+
+ return WSTrustConstants.BASE_NAMESPACE.equals( nsURI )
+ && WSTrustConstants.RST.equals( localPart );
+ }
+
+ private RequestedSecurityTokenType parseRequestedSecurityTokenType( XMLEventReader xmlEventReader ) throws ParsingException
+ {
+ RequestedSecurityTokenType requestedSecurityTokenType = new RequestedSecurityTokenType();
+
+ StartElement startElement = StaxParserUtil.getNextStartElement(xmlEventReader);
+ StaxParserUtil.validate(startElement, WSTrustConstants.REQUESTED_TOKEN );
+
+ XMLEvent xmlEvent = null;
+ while( xmlEventReader.hasNext() )
+ {
+ xmlEvent = StaxParserUtil.peek(xmlEventReader);
+ if( xmlEvent instanceof EndElement )
+ {
+ if( StaxParserUtil.getEndElementName( (EndElement) xmlEvent ).equals( WSTrustConstants.REQUESTED_TOKEN ))
+ {
+ xmlEvent = StaxParserUtil.getNextEndElement(xmlEventReader);
+ break;
+ }
+ }
+ startElement = (StartElement) xmlEvent;
+ String tag = StaxParserUtil.getStartElementName(startElement);
+
+ if( tag.equals( JBossSAMLConstants.ASSERTION.get() ))
+ {
+ SAMLAssertionParser assertionParser = new SAMLAssertionParser();
+ requestedSecurityTokenType.setAny( assertionParser.parse(xmlEventReader) );
+ }
+ }
+
+ return requestedSecurityTokenType;
+ }
+
+ private RequestedReferenceType parseRequestedReference( XMLEventReader xmlEventReader ) throws ParsingException
+ {
+ StartElement startElement = StaxParserUtil.getNextStartElement(xmlEventReader);
+ StaxParserUtil.validate(startElement, WSTrustConstants.REQUESTED_ATTACHED_REFERENCE );
+
+ RequestedReferenceType ref = new RequestedReferenceType();
+
+ WSSecurityParser wsseParser = new WSSecurityParser();
+ SecurityTokenReferenceType secref = (SecurityTokenReferenceType) wsseParser.parse(xmlEventReader);
+
+ ref.setSecurityTokenReference( secref );
+
+ EndElement endElement = StaxParserUtil.getNextEndElement(xmlEventReader);
+ StaxParserUtil.validate(endElement, WSTrustConstants.REQUESTED_ATTACHED_REFERENCE );
+
+ return ref;
+ }
+}
\ No newline at end of file
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/wst/WSTrustOnBehalfOfParser.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/wst/WSTrustOnBehalfOfParser.java 2010-11-11 17:43:49 UTC (rev 552)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/wst/WSTrustOnBehalfOfParser.java 2010-11-12 20:25:28 UTC (rev 553)
@@ -49,7 +49,7 @@
StartElement startElement = StaxParserUtil.peekNextStartElement( xmlEventReader );
String tag = StaxParserUtil.getStartElementName( startElement );
- if( tag.equals( WSSecurityParser.USERNAME_TOKEN ) )
+ if( tag.equals( WSTrustConstants.WSSE.USERNAME_TOKEN ) )
{
WSSecurityParser wsseParser = new WSSecurityParser();
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/wst/WSTrustParser.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/wst/WSTrustParser.java 2010-11-11 17:43:49 UTC (rev 552)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/wst/WSTrustParser.java 2010-11-12 20:25:28 UTC (rev 553)
@@ -64,6 +64,16 @@
WSTRequestSecurityTokenParser wst = new WSTRequestSecurityTokenParser();
return wst.parse(xmlEventReader);
}
+ else if( elementName.equalsIgnoreCase( WSTrustConstants.RSTR_COLLECTION ))
+ {
+ WSTRequestSecurityTokenResponseCollectionParser wstrcoll = new WSTRequestSecurityTokenResponseCollectionParser();
+ return wstrcoll.parse(xmlEventReader);
+ }
+ else if( elementName.equalsIgnoreCase( WSTrustConstants.RSTR ))
+ {
+ WSTRequestSecurityTokenResponseParser wst = new WSTRequestSecurityTokenResponseParser();
+ return wst.parse(xmlEventReader);
+ }
}
else
{
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/WSTrustConstants.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/WSTrustConstants.java 2010-11-11 17:43:49 UTC (rev 552)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/WSTrustConstants.java 2010-11-12 20:25:28 UTC (rev 553)
@@ -31,73 +31,99 @@
* @author <a href="mailto:sguilhen at redhat.com">Stefan Guilhen</a>
* @author <a href="mailto:asaldhan at redhat.com">Anil Saldhana</a>
*/
-public class WSTrustConstants
+public interface WSTrustConstants
{
- public static final String BASE_NAMESPACE = "http://docs.oasis-open.org/ws-sx/ws-trust/200512";
- public static final String PREFIX = "wst";
+ String BASE_NAMESPACE = "http://docs.oasis-open.org/ws-sx/ws-trust/200512";
+ String PREFIX = "wst";
// WS-Trust request types
- public static final String BATCH_ISSUE_REQUEST = BASE_NAMESPACE + "/BatchIssue";
- public static final String ISSUE_REQUEST = BASE_NAMESPACE + "/Issue";
- public static final String RENEW_REQUEST = BASE_NAMESPACE + "/Renew";
- public static final String CANCEL_REQUEST = BASE_NAMESPACE + "/Cancel";
- public static final String VALIDATE_REQUEST = BASE_NAMESPACE + "/Validate";
- public static final String BATCH_VALIDATE_REQUEST = BASE_NAMESPACE + "/BatchValidate";
+ String BATCH_ISSUE_REQUEST = BASE_NAMESPACE + "/BatchIssue";
+ String ISSUE_REQUEST = BASE_NAMESPACE + "/Issue";
+ String RENEW_REQUEST = BASE_NAMESPACE + "/Renew";
+ String CANCEL_REQUEST = BASE_NAMESPACE + "/Cancel";
+ String VALIDATE_REQUEST = BASE_NAMESPACE + "/Validate";
+ String BATCH_VALIDATE_REQUEST = BASE_NAMESPACE + "/BatchValidate";
// WS-Trust validation constants.
- public static final String STATUS_TYPE = BASE_NAMESPACE + "/RSTR/Status";
- public static final String STATUS_CODE_VALID = BASE_NAMESPACE + "/status/valid";
- public static final String STATUS_CODE_INVALID = BASE_NAMESPACE + "/status/invalid";
+ String STATUS_TYPE = BASE_NAMESPACE + "/RSTR/Status";
+ String STATUS_CODE_VALID = BASE_NAMESPACE + "/status/valid";
+ String STATUS_CODE_INVALID = BASE_NAMESPACE + "/status/invalid";
// WS-Trust key types.
- public static final String KEY_TYPE_BEARER = BASE_NAMESPACE + "/Bearer";
- public static final String KEY_TYPE_SYMMETRIC = BASE_NAMESPACE + "/SymmetricKey";
- public static final String KEY_TYPE_PUBLIC = BASE_NAMESPACE + "/PublicKey";
+ String KEY_TYPE_BEARER = BASE_NAMESPACE + "/Bearer";
+ String KEY_TYPE_SYMMETRIC = BASE_NAMESPACE + "/SymmetricKey";
+ String KEY_TYPE_PUBLIC = BASE_NAMESPACE + "/PublicKey";
// WS-Trust binary secret types.
- public static final String BS_TYPE_ASYMMETRIC = BASE_NAMESPACE + "/AsymmetricKey";
- public static final String BS_TYPE_SYMMETRIC = BASE_NAMESPACE + "/SymmetricKey";
- public static final String BS_TYPE_NONCE = BASE_NAMESPACE + "/Nonce";
+ String BS_TYPE_ASYMMETRIC = BASE_NAMESPACE + "/AsymmetricKey";
+ String BS_TYPE_SYMMETRIC = BASE_NAMESPACE + "/SymmetricKey";
+ String BS_TYPE_NONCE = BASE_NAMESPACE + "/Nonce";
// WS-Trust computed key types.
- public static final String CK_PSHA1 = BASE_NAMESPACE + "/CK/PSHA1";
+ String CK_PSHA1 = BASE_NAMESPACE + "/CK/PSHA1";
// WSS namespaces values.
- public static final String WSA_NS = "http://www.w3.org/2005/08/addressing";
- public static final String WSP_NS = "http://schemas.xmlsoap.org/ws/2004/09/policy";
- public static final String WSU_NS = "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd";
- public static final String WSSE_NS = "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd";
- public static final String WSSE11_NS = "http://docs.oasis-open.org/wss/oasis-wss-wssecurity-secext-1.1.xsd";
- public static final String XENC_NS = "http://www.w3.org/2001/04/xmlenc#";
- public static final String DSIG_NS = "http://www.w3.org/2000/09/xmldsig#";
- public static final String SAML2_ASSERTION_NS = "urn:oasis:names:tc:SAML:2.0:assertion";
+ String WSA_NS = "http://www.w3.org/2005/08/addressing";
+ String WSP_NS = "http://schemas.xmlsoap.org/ws/2004/09/policy";
+ String WSU_NS = "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd";
+ String WSSE_NS = "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd";
+ String WSSE11_NS = "http://docs.oasis-open.org/wss/oasis-wss-wssecurity-secext-1.1.xsd";
+ String XENC_NS = "http://www.w3.org/2001/04/xmlenc#";
+ String DSIG_NS = "http://www.w3.org/2000/09/xmldsig#";
+ String SAML2_ASSERTION_NS = "urn:oasis:names:tc:SAML:2.0:assertion";
// WSS Fault codes
- public static final QName SECURITY_TOKEN_UNAVAILABLE = new QName(WSSE_NS, "SecurityTokenUnavailable");
- public static final QName INVALID_SECURITY_TOKEN = new QName(WSSE_NS, "InvalidSecurityToken");
- public static final QName INVALID_SECURITY = new QName(WSSE_NS, "InvalidSecurity");
- public static final QName FAILED_AUTHENTICATION = new QName(WSSE_NS, "FailedAuthentication");
+ QName SECURITY_TOKEN_UNAVAILABLE = new QName(WSSE_NS, "SecurityTokenUnavailable");
+ QName INVALID_SECURITY_TOKEN = new QName(WSSE_NS, "InvalidSecurityToken");
+ QName INVALID_SECURITY = new QName(WSSE_NS, "InvalidSecurity");
+ QName FAILED_AUTHENTICATION = new QName(WSSE_NS, "FailedAuthentication");
//Token Types
- public static final String SAML2_TOKEN_TYPE = "http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV2.0";
- public static final String RSTR_STATUS_TOKEN_TYPE = "http://docs.oasis-open.org/ws-sx/ws-trust/200512/RSTR/Status";
+ String SAML2_TOKEN_TYPE = "http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV2.0";
+ String RSTR_STATUS_TOKEN_TYPE = "http://docs.oasis-open.org/ws-sx/ws-trust/200512/RSTR/Status";
//Element Names
- public static final String BINARY_SECRET = "BinarySecret";
- public static final String ENTROPY = "Entropy";
- public static final String On_BEHALF_OF = "OnBehalfOf";
- public static final String KEY_SIZE = "KeySize";
- public static final String KEY_TYPE = "KeyType";
- public static final String RST = "RequestSecurityToken";
- public static final String RST_COLLECTION = "RequestSecurityTokenCollection";
- public static final String REQUEST_TYPE = "RequestType";
- public static final String TOKEN_TYPE = "TokenType";
- public static final String CANCEL_TARGET = "CancelTarget";
- public static final String RENEW_TARGET = "RenewTarget";
- public static final String VALIDATE_TARGET = "ValidateTarget";
- public static final String USE_KEY = "UseKey";
+ String BINARY_SECRET = "BinarySecret";
+ String CREATED = "Created";
+ String ENTROPY = "Entropy";
+ String EXPIRES = "Expires";
+ String On_BEHALF_OF = "OnBehalfOf";
+ String KEY_SIZE = "KeySize";
+ String KEY_TYPE = "KeyType";
+ String LIFETIME = "Lifetime";
+ String RST = "RequestSecurityToken";
+ String RSTR = "RequestSecurityTokenResponse";
+ String RST_COLLECTION = "RequestSecurityTokenCollection";
+ String RSTR_COLLECTION = "RequestSecurityTokenResponseCollection";
+ String REQUESTED_TOKEN = "RequestedSecurityToken";
+ String REQUESTED_ATTACHED_REFERENCE = "RequestedAttachedReference";
+ String REQUEST_TYPE = "RequestType";
+ String TOKEN_TYPE = "TokenType";
+ String CANCEL_TARGET = "CancelTarget";
+ String RENEW_TARGET = "RenewTarget";
+ String VALIDATE_TARGET = "ValidateTarget";
+ String USE_KEY = "UseKey";
//Attribute Names
- public static final String RST_CONTEXT = "Context";
- public static final String TYPE = "Type";
+ String RST_CONTEXT = "Context";
+ String TYPE = "Type";
+ String VALUE_TYPE = "ValueType";
+
+ public interface XMLDSig
+ {
+ String DSIG_NS = "http://www.w3.org/2000/09/xmldsig#";
+ String KEYINFO = "KeyInfo";
+ String PREFIX = "ds";
+ String X509DATA = "X509Data";
+ String X509CERT = "X509Certificate";
+ }
+
+ public interface WSSE
+ {
+ String KEY_IDENTIFIER = "KeyIdentifier";
+ String KEY_IDENTIFIER_VALUETYPE_SAML = "http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLID";
+ String PREFIX_11 = "wsse11";
+ String SECURITY_TOKEN_REFERENCE = "SecurityTokenReference";
+ String USERNAME_TOKEN = "UsernameToken";
+ }
}
\ No newline at end of file
Added: federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/wst/WSTResponseAssertionHOKCertificateTestCase.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/wst/WSTResponseAssertionHOKCertificateTestCase.java (rev 0)
+++ federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/wst/WSTResponseAssertionHOKCertificateTestCase.java 2010-11-12 20:25:28 UTC (rev 553)
@@ -0,0 +1,91 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2008, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.picketlink.test.identity.federation.core.parser.wst;
+
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertNotNull;
+
+import java.io.InputStream;
+import java.util.Map;
+
+import javax.xml.bind.JAXBElement;
+import javax.xml.namespace.QName;
+
+import org.junit.Test;
+import org.picketlink.identity.federation.core.parsers.wst.WSTrustParser;
+import org.picketlink.identity.federation.core.saml.v2.util.XMLTimeUtil;
+import org.picketlink.identity.federation.core.wstrust.WSTrustConstants;
+import org.picketlink.identity.federation.core.wstrust.wrappers.RequestSecurityTokenResponse;
+import org.picketlink.identity.federation.core.wstrust.wrappers.RequestSecurityTokenResponseCollection;
+import org.picketlink.identity.federation.saml.v2.assertion.AssertionType;
+import org.picketlink.identity.federation.ws.addressing.EndpointReferenceType;
+import org.picketlink.identity.federation.ws.trust.RequestedReferenceType;
+import org.picketlink.identity.federation.ws.wss.secext.KeyIdentifierType;
+import org.picketlink.identity.federation.ws.wss.secext.SecurityTokenReferenceType;
+
+/**
+ * @author Anil.Saldhana at redhat.com
+ * @since Nov 11, 2010
+ */
+public class WSTResponseAssertionHOKCertificateTestCase
+{
+
+ @SuppressWarnings("rawtypes")
+ @Test
+ public void testWST_RSTR_Assertion() throws Exception
+ {
+ ClassLoader tcl = Thread.currentThread().getContextClassLoader();
+ InputStream configStream = tcl.getResourceAsStream( "parser/wst/wst-response-assertion-hok-certificate.xml" );
+
+ WSTrustParser parser = new WSTrustParser();
+ RequestSecurityTokenResponseCollection coll = (RequestSecurityTokenResponseCollection) parser.parse(configStream);
+ assertEquals(1, coll.getRequestSecurityTokenResponses().size() );
+
+ RequestSecurityTokenResponse rstr = coll.getRequestSecurityTokenResponses().get(0);
+
+ assertEquals( "testcontext", rstr.getContext() );
+ assertEquals( WSTrustConstants.SAML2_TOKEN_TYPE, rstr.getTokenType().toASCIIString() );
+
+ assertEquals( XMLTimeUtil.parse( "2010-11-11T16:34:19.602Z" ), rstr.getLifetime().getCreated() );
+ assertEquals( XMLTimeUtil.parse( "2010-11-11T18:34:19.602Z" ), rstr.getLifetime().getExpires() );
+
+ EndpointReferenceType endpoint = (EndpointReferenceType)((JAXBElement) rstr.getAppliesTo().getAny().get(0)).getValue();
+ assertEquals( "http://services.testcorp.org/provider2", endpoint.getAddress().getValue() );
+
+ assertEquals( 128, rstr.getKeySize() );
+ assertEquals( WSTrustConstants.KEY_TYPE_PUBLIC, rstr.getKeyType().toASCIIString() );
+
+ AssertionType assertion = (AssertionType) rstr.getRequestedSecurityToken().getAny();
+ assertEquals( "ID_5a15fc70-daa1-4808-b70e-9cbf6b8e4d4f", assertion.getID() );
+
+ RequestedReferenceType ref = rstr.getRequestedAttachedReference();
+ SecurityTokenReferenceType secRef = ref.getSecurityTokenReference();
+ assertNotNull( secRef );
+ Map<QName, String> map = secRef.getOtherAttributes();
+ QName wsseTokenType = new QName( WSTrustConstants.WSSE11_NS, WSTrustConstants.TOKEN_TYPE, WSTrustConstants.WSSE.PREFIX_11 );
+ assertEquals( WSTrustConstants.SAML2_TOKEN_TYPE, map.get(wsseTokenType) );
+
+ KeyIdentifierType keyId = (KeyIdentifierType) secRef.getAny().get(0);
+ assertEquals( "#ID_5a15fc70-daa1-4808-b70e-9cbf6b8e4d4f", keyId.getValue() );
+ assertEquals( WSTrustConstants.WSSE.KEY_IDENTIFIER_VALUETYPE_SAML, keyId.getValueType() );
+ }
+}
\ No newline at end of file
More information about the jboss-cvs-commits
mailing list