[jboss-cvs] Picketlink SVN: r554 - in federation/trunk: picketlink-fed-api/src/main/java/org/picketlink/identity/federation/api/saml/v2/response and 9 other directories.
jboss-cvs-commits at lists.jboss.org
jboss-cvs-commits at lists.jboss.org
Tue Nov 16 15:57:33 EST 2010
Author: sguilhen at redhat.com
Date: 2010-11-16 15:57:31 -0500 (Tue, 16 Nov 2010)
New Revision: 554
Removed:
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/writers/AbstractWSWriter.java
Modified:
federation/trunk/picketlink-fed-api/src/main/java/org/picketlink/identity/federation/api/saml/v2/request/SAML2Request.java
federation/trunk/picketlink-fed-api/src/main/java/org/picketlink/identity/federation/api/saml/v2/response/SAML2Response.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/wst/WSTCancelTargetParser.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/wst/WSTRenewTargetParser.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/wst/WSTRequestSecurityTokenParser.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/wst/WSTValidateTargetParser.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/util/DocumentUtil.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/BaseWriter.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/SAMLAssertionWriter.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/SAMLRequestWriter.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/SAMLResponseWriter.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/util/StaxUtil.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/util/TransformerUtil.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/PicketLinkSTS.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/STSClient.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/StandardRequestHandler.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/WSTrustUtil.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/writers/WSAddressingWriter.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/writers/WSPolicyWriter.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/writers/WSSecurityWriter.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/writers/WSTrustRSTWriter.java
federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/saml/SAMLAssertionParserTestCase.java
federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/saml/SAMLAuthnRequestParserTestCase.java
federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/saml/SAMLResponseParserTestCase.java
federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/saml/SAMLSloRequestParserTestCase.java
federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/saml/SAMLSloResponseParserTestCase.java
federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/wst/WSTrustBatchValidateParsingTestCase.java
federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/wst/WSTrustCancelTargetSamlTestCase.java
federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/wst/WSTrustIssuePublicCertificateTestCase.java
federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/wst/WSTrustIssuePublicKeyTestCase.java
federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/wst/WSTrustIssueSymmetricKeyTestCase.java
federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/wst/WSTrustIssueTestCase.java
federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/wst/WSTrustOnBehalfOfTestCase.java
federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/wstrust/PicketLinkSTSUnitTestCase.java
Log:
PLFED-119: Using Stax now to generate and parse WS-Trust requests.
Modified: federation/trunk/picketlink-fed-api/src/main/java/org/picketlink/identity/federation/api/saml/v2/request/SAML2Request.java
===================================================================
--- federation/trunk/picketlink-fed-api/src/main/java/org/picketlink/identity/federation/api/saml/v2/request/SAML2Request.java 2010-11-12 20:25:28 UTC (rev 553)
+++ federation/trunk/picketlink-fed-api/src/main/java/org/picketlink/identity/federation/api/saml/v2/request/SAML2Request.java 2010-11-16 20:57:31 UTC (rev 554)
@@ -50,6 +50,7 @@
import org.picketlink.identity.federation.core.saml.v2.util.XMLTimeUtil;
import org.picketlink.identity.federation.core.saml.v2.writers.SAMLRequestWriter;
import org.picketlink.identity.federation.core.util.JAXBUtil;
+import org.picketlink.identity.federation.core.util.StaxUtil;
import org.picketlink.identity.federation.saml.v2.SAML2Object;
import org.picketlink.identity.federation.saml.v2.assertion.NameIDType;
import org.picketlink.identity.federation.saml.v2.profiles.xacml.protocol.XACMLAuthzDecisionQueryType;
@@ -295,14 +296,14 @@
{
ByteArrayOutputStream bos = new ByteArrayOutputStream();
- SAMLRequestWriter writer = new SAMLRequestWriter();
+ SAMLRequestWriter writer = new SAMLRequestWriter(StaxUtil.getXMLStreamWriter(bos));
if( rat instanceof AuthnRequestType )
{
- writer.write( (AuthnRequestType) rat, bos);
+ writer.write( (AuthnRequestType) rat);
}
else if( rat instanceof LogoutRequestType )
{
- writer.write( (LogoutRequestType) rat, bos);
+ writer.write( (LogoutRequestType) rat);
}
return DocumentUtil.getDocument( new String( bos.toByteArray() ));
Modified: federation/trunk/picketlink-fed-api/src/main/java/org/picketlink/identity/federation/api/saml/v2/response/SAML2Response.java
===================================================================
--- federation/trunk/picketlink-fed-api/src/main/java/org/picketlink/identity/federation/api/saml/v2/response/SAML2Response.java 2010-11-12 20:25:28 UTC (rev 553)
+++ federation/trunk/picketlink-fed-api/src/main/java/org/picketlink/identity/federation/api/saml/v2/response/SAML2Response.java 2010-11-16 20:57:31 UTC (rev 554)
@@ -60,6 +60,7 @@
import org.picketlink.identity.federation.core.saml.v2.util.JAXBElementMappingUtil;
import org.picketlink.identity.federation.core.saml.v2.writers.SAMLResponseWriter;
import org.picketlink.identity.federation.core.util.JAXBUtil;
+import org.picketlink.identity.federation.core.util.StaxUtil;
import org.picketlink.identity.federation.saml.v2.SAML2Object;
import org.picketlink.identity.federation.saml.v2.assertion.ActionType;
import org.picketlink.identity.federation.saml.v2.assertion.AssertionType;
@@ -352,16 +353,16 @@
{
ByteArrayOutputStream bos = new ByteArrayOutputStream();
- SAMLResponseWriter writer = new SAMLResponseWriter();
+ SAMLResponseWriter writer = new SAMLResponseWriter(StaxUtil.getXMLStreamWriter(bos));
if( responseType instanceof ResponseType )
{
ResponseType response = (ResponseType) responseType;
- writer.write(response, bos );
+ writer.write(response);
}
else
{
- writer.write(responseType, new QName( PROTOCOL_NSURI.get(), LOGOUT_RESPONSE.get(), "samlp"), bos );
+ writer.write(responseType, new QName( PROTOCOL_NSURI.get(), LOGOUT_RESPONSE.get(), "samlp"));
}
//System.out.println( new String( bos.toByteArray() ) );
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/wst/WSTCancelTargetParser.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/wst/WSTCancelTargetParser.java 2010-11-12 20:25:28 UTC (rev 553)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/wst/WSTCancelTargetParser.java 2010-11-16 20:57:31 UTC (rev 554)
@@ -24,15 +24,20 @@
import javax.xml.namespace.QName;
import javax.xml.stream.XMLEventReader;
import javax.xml.stream.events.StartElement;
+import javax.xml.transform.dom.DOMResult;
+import javax.xml.transform.stax.StAXSource;
import org.picketlink.identity.federation.core.exceptions.ParsingException;
import org.picketlink.identity.federation.core.parsers.ParserNamespaceSupport;
import org.picketlink.identity.federation.core.parsers.saml.SAMLParser;
import org.picketlink.identity.federation.core.parsers.util.StaxParserUtil;
import org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLConstants;
+import org.picketlink.identity.federation.core.saml.v2.util.DocumentUtil;
+import org.picketlink.identity.federation.core.util.TransformerUtil;
import org.picketlink.identity.federation.core.wstrust.WSTrustConstants;
import org.picketlink.identity.federation.saml.v2.assertion.AssertionType;
import org.picketlink.identity.federation.ws.trust.CancelTargetType;
+import org.w3c.dom.Document;
/**
* Stax parser for the wst:CancelTarget element
@@ -47,8 +52,12 @@
public Object parse(XMLEventReader xmlEventReader) throws ParsingException
{
CancelTargetType cancelTarget = new CancelTargetType();
-
- StartElement startElement = StaxParserUtil.peekNextStartElement( xmlEventReader );
+ StartElement startElement = StaxParserUtil.peekNextStartElement( xmlEventReader );
+ // null start element indicates that the token to be canceled hasn't been specified.
+ if (startElement == null)
+ {
+ throw new ParsingException("Unable to parse cancel token request: security token is null");
+ }
String tag = StaxParserUtil.getStartElementName( startElement );
if( tag.equals( JBossSAMLConstants.ASSERTION.get() ) )
@@ -57,7 +66,23 @@
AssertionType assertion = (AssertionType) assertionParser.parse( xmlEventReader );
cancelTarget.setAny( assertion );
}
-
+ else
+ {
+ // this is an unknown type - parse using the transformer.
+ try
+ {
+ Document resultDocument = DocumentUtil.createDocument();
+ DOMResult domResult = new DOMResult(resultDocument);
+ StAXSource source = new StAXSource(xmlEventReader);
+ TransformerUtil.transform(TransformerUtil.getStaxSourceToDomResultTransformer(), source, domResult);
+ Document doc = (Document) domResult.getNode();
+ cancelTarget.setAny(doc.getDocumentElement());
+ }
+ catch(Exception e)
+ {
+ throw new ParsingException("Error parsing security token: " + e.getMessage(), e);
+ }
+ }
return cancelTarget;
}
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/wst/WSTRenewTargetParser.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/wst/WSTRenewTargetParser.java 2010-11-12 20:25:28 UTC (rev 553)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/wst/WSTRenewTargetParser.java 2010-11-16 20:57:31 UTC (rev 554)
@@ -1,41 +1,43 @@
/*
- * JBoss, Home of Professional Open Source.
- * Copyright 2008, Red Hat Middleware LLC, and individual contributors
- * as indicated by the @author tags. See the copyright.txt file in the
- * distribution for a full listing of individual contributors.
- *
- * This is free software; you can redistribute it and/or modify it
- * under the terms of the GNU Lesser General Public License as
- * published by the Free Software Foundation; either version 2.1 of
- * the License, or (at your option) any later version.
- *
- * This software is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public
- * License along with this software; if not, write to the Free
- * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
- * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ * JBoss, Home of Professional Open Source. Copyright 2008, Red Hat Middleware LLC, and individual contributors as
+ * indicated by the @author tags. See the copyright.txt file in the distribution for a full listing of individual
+ * contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either version 2.1 of the License, or (at your option) any
+ * later version.
+ *
+ * This software is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied
+ * warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
+ * details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License along with this software; if not, write to
+ * the Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA, or see the FSF site:
+ * http://www.fsf.org.
*/
package org.picketlink.identity.federation.core.parsers.wst;
import javax.xml.namespace.QName;
import javax.xml.stream.XMLEventReader;
import javax.xml.stream.events.StartElement;
+import javax.xml.transform.dom.DOMResult;
+import javax.xml.transform.stax.StAXSource;
import org.picketlink.identity.federation.core.exceptions.ParsingException;
import org.picketlink.identity.federation.core.parsers.ParserNamespaceSupport;
import org.picketlink.identity.federation.core.parsers.saml.SAMLParser;
import org.picketlink.identity.federation.core.parsers.util.StaxParserUtil;
import org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLConstants;
+import org.picketlink.identity.federation.core.saml.v2.util.DocumentUtil;
+import org.picketlink.identity.federation.core.util.TransformerUtil;
import org.picketlink.identity.federation.core.wstrust.WSTrustConstants;
import org.picketlink.identity.federation.saml.v2.assertion.AssertionType;
import org.picketlink.identity.federation.ws.trust.RenewTargetType;
+import org.w3c.dom.Document;
/**
* Stax parser for the wst:RenewTarget element
+ *
* @author Anil.Saldhana at redhat.com
* @since Oct 13, 2010
*/
@@ -45,19 +47,40 @@
* @see {@link ParserNamespaceSupport#parse(XMLEventReader)}
*/
public Object parse(XMLEventReader xmlEventReader) throws ParsingException
- {
+ {
RenewTargetType renewTargetType = new RenewTargetType();
-
- StartElement startElement = StaxParserUtil.peekNextStartElement( xmlEventReader );
- String tag = StaxParserUtil.getStartElementName( startElement );
-
- if( tag.equals( JBossSAMLConstants.ASSERTION.get() ) )
+
+ StartElement startElement = StaxParserUtil.peekNextStartElement(xmlEventReader);
+ // null start element indicates that the original token hasn't been specified.
+ if (startElement == null)
{
+ throw new ParsingException("Unable to parse renew token request: security token is null");
+ }
+ String tag = StaxParserUtil.getStartElementName(startElement);
+
+ if (tag.equals(JBossSAMLConstants.ASSERTION.get()))
+ {
SAMLParser assertionParser = new SAMLParser();
- AssertionType assertion = (AssertionType) assertionParser.parse( xmlEventReader );
- renewTargetType.setAny( assertion );
+ AssertionType assertion = (AssertionType) assertionParser.parse(xmlEventReader);
+ renewTargetType.setAny(assertion);
}
-
+ else
+ {
+ // this is an unknown type - parse using the transformer.
+ try
+ {
+ Document resultDocument = DocumentUtil.createDocument();
+ DOMResult domResult = new DOMResult(resultDocument);
+ StAXSource source = new StAXSource(xmlEventReader);
+ TransformerUtil.transform(TransformerUtil.getStaxSourceToDomResultTransformer(), source, domResult);
+ Document doc = (Document) domResult.getNode();
+ renewTargetType.setAny(doc.getDocumentElement());
+ }
+ catch(Exception e)
+ {
+ throw new ParsingException("Error parsing security token: " + e.getMessage(), e);
+ }
+ }
return renewTargetType;
}
@@ -65,11 +88,10 @@
* @see {@link ParserNamespaceSupport#supports(QName)}
*/
public boolean supports(QName qname)
- {
+ {
String nsURI = qname.getNamespaceURI();
String localPart = qname.getLocalPart();
-
- return WSTrustConstants.BASE_NAMESPACE.equals( nsURI )
- && WSTrustConstants.RENEW_TARGET.equals( localPart );
- }
+
+ return WSTrustConstants.BASE_NAMESPACE.equals(nsURI) && WSTrustConstants.RENEW_TARGET.equals(localPart);
+ }
}
\ No newline at end of file
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/wst/WSTRequestSecurityTokenParser.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/wst/WSTRequestSecurityTokenParser.java 2010-11-12 20:25:28 UTC (rev 553)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/wst/WSTRequestSecurityTokenParser.java 2010-11-16 20:57:31 UTC (rev 554)
@@ -68,9 +68,11 @@
QName contextQName = new QName( "", WSTrustConstants.RST_CONTEXT );
Attribute contextAttribute = startElement.getAttributeByName( contextQName );
- String contextValue = StaxParserUtil.getAttributeValue( contextAttribute );
- requestToken.setContext( contextValue );
-
+ if (contextAttribute != null)
+ {
+ String contextValue = StaxParserUtil.getAttributeValue(contextAttribute);
+ requestToken.setContext(contextValue);
+ }
while( xmlEventReader.hasNext() )
{
XMLEvent xmlEvent = StaxParserUtil.peek( xmlEventReader );
@@ -125,7 +127,6 @@
else if( tag.equals( WSTrustConstants.VALIDATE_TARGET ))
{
subEvent = StaxParserUtil.getNextStartElement(xmlEventReader);
-
WSTValidateTargetParser wstValidateTargetParser = new WSTValidateTargetParser();
ValidateTargetType validateTarget = (ValidateTargetType) wstValidateTargetParser.parse( xmlEventReader );
requestToken.setValidateTarget( validateTarget );
@@ -135,7 +136,6 @@
else if( tag.equals( WSTrustConstants.RENEW_TARGET ))
{
subEvent = StaxParserUtil.getNextStartElement(xmlEventReader);
-
WSTRenewTargetParser wstValidateTargetParser = new WSTRenewTargetParser();
RenewTargetType validateTarget = (RenewTargetType) wstValidateTargetParser.parse( xmlEventReader );
requestToken.setRenewTarget( validateTarget );
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/wst/WSTValidateTargetParser.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/wst/WSTValidateTargetParser.java 2010-11-12 20:25:28 UTC (rev 553)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/wst/WSTValidateTargetParser.java 2010-11-16 20:57:31 UTC (rev 554)
@@ -24,15 +24,20 @@
import javax.xml.namespace.QName;
import javax.xml.stream.XMLEventReader;
import javax.xml.stream.events.StartElement;
+import javax.xml.transform.dom.DOMResult;
+import javax.xml.transform.stax.StAXSource;
import org.picketlink.identity.federation.core.exceptions.ParsingException;
import org.picketlink.identity.federation.core.parsers.ParserNamespaceSupport;
import org.picketlink.identity.federation.core.parsers.saml.SAMLParser;
import org.picketlink.identity.federation.core.parsers.util.StaxParserUtil;
import org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLConstants;
+import org.picketlink.identity.federation.core.saml.v2.util.DocumentUtil;
+import org.picketlink.identity.federation.core.util.TransformerUtil;
import org.picketlink.identity.federation.core.wstrust.WSTrustConstants;
import org.picketlink.identity.federation.saml.v2.assertion.AssertionType;
import org.picketlink.identity.federation.ws.trust.ValidateTargetType;
+import org.w3c.dom.Document;
/**
* Stax parser for the wst:ValidateTarget element
@@ -47,8 +52,12 @@
public Object parse(XMLEventReader xmlEventReader) throws ParsingException
{
ValidateTargetType validateTargetType = new ValidateTargetType();
-
StartElement startElement = StaxParserUtil.peekNextStartElement( xmlEventReader );
+ // null start element indicates that the token to be validated hasn't been specified.
+ if (startElement == null)
+ {
+ throw new ParsingException("Unable to parse validate token request: security token is null");
+ }
String tag = StaxParserUtil.getStartElementName( startElement );
if( tag.equals( JBossSAMLConstants.ASSERTION.get() ) )
@@ -57,7 +66,24 @@
AssertionType assertion = (AssertionType) assertionParser.parse( xmlEventReader );
validateTargetType.setAny( assertion );
}
-
+ else
+ {
+ // this is an unknown type - parse using the transformer.
+ try
+ {
+ Document resultDocument = DocumentUtil.createDocument();
+ DOMResult domResult = new DOMResult(resultDocument);
+ StAXSource source = new StAXSource(xmlEventReader);
+ TransformerUtil.transform(TransformerUtil.getStaxSourceToDomResultTransformer(), source, domResult);
+ Document doc = (Document) domResult.getNode();
+ validateTargetType.setAny(doc.getDocumentElement());
+ }
+ catch(Exception e)
+ {
+ throw new ParsingException("Error parsing security token: " + e.getMessage(), e);
+ }
+ }
+
return validateTargetType;
}
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/util/DocumentUtil.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/util/DocumentUtil.java 2010-11-12 20:25:28 UTC (rev 553)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/util/DocumentUtil.java 2010-11-16 20:57:31 UTC (rev 554)
@@ -277,9 +277,12 @@
*/
public static InputStream getNodeAsStream(Node node) throws ConfigurationException, ProcessingException
{
- Source source = new DOMSource(node);
+ return getSourceAsStream(new DOMSource(node));
+ }
+
+ public static InputStream getSourceAsStream(Source source) throws ConfigurationException, ProcessingException
+ {
ByteArrayOutputStream baos = new ByteArrayOutputStream();
-
Result streamResult = new StreamResult(baos);
// Write the DOM document to the stream
Transformer transformer = TransformerUtil.getTransformer();
@@ -292,11 +295,9 @@
throw new ProcessingException(e);
}
- ByteArrayInputStream bis = new ByteArrayInputStream(baos.toByteArray());
-
- return bis;
+ return new ByteArrayInputStream(baos.toByteArray());
}
-
+
/**
* Stream a DOM Node as a String
* @param node
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/BaseWriter.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/BaseWriter.java 2010-11-12 20:25:28 UTC (rev 553)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/BaseWriter.java 2010-11-16 20:57:31 UTC (rev 554)
@@ -21,8 +21,6 @@
*/
package org.picketlink.identity.federation.core.saml.v2.writers;
-import java.io.OutputStream;
-
import javax.xml.namespace.QName;
import javax.xml.stream.XMLStreamWriter;
@@ -44,6 +42,11 @@
protected XMLStreamWriter writer = null;
+ public BaseWriter(XMLStreamWriter writer) throws ProcessingException
+ {
+ this.writer = writer;
+ }
+
/**
* Write {@code NameIDType} to stream
* @param nameIDType
@@ -51,11 +54,8 @@
* @param out
* @throws ProcessingException
*/
- public void write( NameIDType nameIDType, QName tag, OutputStream out ) throws ProcessingException
+ public void write( NameIDType nameIDType, QName tag ) throws ProcessingException
{
- if( writer == null )
- writer = StaxUtil.getXMLStreamWriter( out );
-
StaxUtil.writeStartElement( writer, tag.getPrefix(), tag.getLocalPart() , tag.getNamespaceURI() );
String format = nameIDType.getFormat();
@@ -91,10 +91,4 @@
StaxUtil.writeEndElement( writer);
StaxUtil.flush( writer );
}
-
- protected void verifyWriter( OutputStream out ) throws ProcessingException
- {
- if( writer == null )
- writer = StaxUtil.getXMLStreamWriter( out );
- }
}
\ No newline at end of file
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/SAMLAssertionWriter.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/SAMLAssertionWriter.java 2010-11-12 20:25:28 UTC (rev 553)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/SAMLAssertionWriter.java 2010-11-16 20:57:31 UTC (rev 554)
@@ -23,7 +23,6 @@
import static org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLURIConstants.ASSERTION_NSURI;
-import java.io.OutputStream;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;
@@ -32,6 +31,7 @@
import javax.xml.bind.JAXBElement;
import javax.xml.datatype.XMLGregorianCalendar;
import javax.xml.namespace.QName;
+import javax.xml.stream.XMLStreamWriter;
import org.picketlink.identity.federation.core.exceptions.ProcessingException;
import org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLConstants;
@@ -57,16 +57,19 @@
*/
public class SAMLAssertionWriter extends BaseWriter
{
+ public SAMLAssertionWriter(XMLStreamWriter writer) throws ProcessingException
+ {
+ super(writer);
+ }
+
/**
* Write an {@code AssertionType} to stream
* @param assertion
* @param out
* @throws ProcessingException
*/
- public void write( AssertionType assertion, OutputStream out ) throws ProcessingException
+ public void write( AssertionType assertion ) throws ProcessingException
{
- verifyWriter( out );
-
StaxUtil.writeStartElement( writer, ASSERTION_PREFIX, JBossSAMLConstants.ASSERTION.get() , ASSERTION_NSURI.get() );
StaxUtil.writeNameSpace( writer, ASSERTION_PREFIX, ASSERTION_NSURI.get() );
StaxUtil.writeDefaultNameSpace( writer, ASSERTION_NSURI.get() );
@@ -77,12 +80,12 @@
StaxUtil.writeAttribute( writer, JBossSAMLConstants.ISSUE_INSTANT.get(), assertion.getIssueInstant().toString() );
NameIDType issuer = assertion.getIssuer();
- write( issuer, new QName( ASSERTION_NSURI.get(), JBossSAMLConstants.ISSUER.get() ), out );
+ write( issuer, new QName( ASSERTION_NSURI.get(), JBossSAMLConstants.ISSUER.get() ) );
SubjectType subject = assertion.getSubject();
if( subject != null )
{
- write(subject, out);
+ write(subject);
}
//TODO: conditions and advice
@@ -94,11 +97,11 @@
{
if( statement instanceof AuthnStatementType )
{
- write( ( AuthnStatementType )statement, out );
+ write( ( AuthnStatementType )statement );
}
else if( statement instanceof AttributeStatementType )
{
- write( ( AttributeStatementType )statement, out );
+ write( ( AttributeStatementType )statement );
}
else
throw new RuntimeException( "unknown statement type=" + statement.getClass().getName() );
@@ -115,15 +118,13 @@
* @param out
* @throws ProcessingException
*/
- public void write( StatementAbstractType statement, OutputStream out ) throws ProcessingException
+ public void write( StatementAbstractType statement ) throws ProcessingException
{
- verifyWriter( out );
//TODO: handle this section
}
- public void write( AttributeStatementType statement, OutputStream out ) throws ProcessingException
+ public void write( AttributeStatementType statement ) throws ProcessingException
{
- verifyWriter( out );
StaxUtil.writeStartElement( writer, ASSERTION_PREFIX, JBossSAMLConstants.ATTRIBUTE_STATEMENT.get() , ASSERTION_NSURI.get() );
List<Object> attributes = statement.getAttributeOrEncryptedAttribute();
@@ -134,7 +135,7 @@
if( attr instanceof AttributeType )
{
AttributeType attributeType = (AttributeType) attr;
- write( attributeType, out );
+ write( attributeType );
}
}
}
@@ -150,9 +151,8 @@
* @param out
* @throws ProcessingException
*/
- public void write( AuthnStatementType authnStatement, OutputStream out ) throws ProcessingException
+ public void write( AuthnStatementType authnStatement ) throws ProcessingException
{
- verifyWriter( out );
StaxUtil.writeStartElement( writer, ASSERTION_PREFIX, JBossSAMLConstants.AUTHN_STATEMENT.get() , ASSERTION_NSURI.get() );
XMLGregorianCalendar authnInstant = authnStatement.getAuthnInstant();
@@ -163,7 +163,7 @@
AuthnContextType authnContext = authnStatement.getAuthnContext();
if( authnContext != null )
- write( authnContext, out );
+ write( authnContext );
StaxUtil.writeEndElement( writer);
StaxUtil.flush( writer );
@@ -175,9 +175,8 @@
* @param out
* @throws ProcessingException
*/
- public void write( AuthnContextType authContext, OutputStream out ) throws ProcessingException
+ public void write( AuthnContextType authContext ) throws ProcessingException
{
- verifyWriter( out );
StaxUtil.writeStartElement( writer, ASSERTION_PREFIX, JBossSAMLConstants.AUTHN_CONTEXT.get() , ASSERTION_NSURI.get() );
List< JAXBElement<?> > subList = authContext.getContent();
@@ -217,9 +216,8 @@
* @param out
* @throws ProcessingException
*/
- public void write( AttributeType attributeType, OutputStream out ) throws ProcessingException
+ public void write( AttributeType attributeType ) throws ProcessingException
{
- verifyWriter( out );
StaxUtil.writeStartElement( writer, ASSERTION_PREFIX, JBossSAMLConstants.ATTRIBUTE.get() , ASSERTION_NSURI.get() );
StaxUtil.writeAttribute( writer, JBossSAMLConstants.NAME.get(), attributeType.getName() );
@@ -287,9 +285,8 @@
* @param out
* @throws ProcessingException
*/
- public void write( SubjectType subject, OutputStream out ) throws ProcessingException
+ public void write( SubjectType subject ) throws ProcessingException
{
- verifyWriter( out );
StaxUtil.writeStartElement( writer, ASSERTION_PREFIX, JBossSAMLConstants.SUBJECT.get() , ASSERTION_NSURI.get() );
List<JAXBElement<?>> contentList = subject.getContent();
if( contentList != null )
@@ -307,17 +304,17 @@
BaseIDAbstractType baseID = subjectConfirmationType.getBaseID();
if( baseID != null )
{
- write( baseID, out );
+ write( baseID );
}
NameIDType nameIDType = subjectConfirmationType.getNameID();
if( nameIDType != null )
{
- write( nameIDType, new QName( ASSERTION_NSURI.get(), JBossSAMLConstants.NAMEID.get(), ASSERTION_PREFIX), out );
+ write( nameIDType, new QName( ASSERTION_NSURI.get(), JBossSAMLConstants.NAMEID.get(), ASSERTION_PREFIX) );
}
SubjectConfirmationDataType subjectConfirmationData = subjectConfirmationType.getSubjectConfirmationData();
if( subjectConfirmationData != null )
{
- write( subjectConfirmationData, out );
+ write( subjectConfirmationData );
}
@@ -326,7 +323,7 @@
else if( declaredType.equals( NameIDType.class ))
{
NameIDType nameIDType = (NameIDType) jaxbEl.getValue();
- write( nameIDType, new QName( ASSERTION_NSURI.get(), JBossSAMLConstants.NAMEID.get(), ASSERTION_PREFIX), out );
+ write( nameIDType, new QName( ASSERTION_NSURI.get(), JBossSAMLConstants.NAMEID.get(), ASSERTION_PREFIX) );
}
else
throw new RuntimeException( "SAMLAssertionWriter: NYI: declared Type:" + declaredType.getName() );
@@ -337,14 +334,13 @@
StaxUtil.flush( writer );
}
- private void write( BaseIDAbstractType baseId, OutputStream out ) throws ProcessingException
+ private void write( BaseIDAbstractType baseId ) throws ProcessingException
{
throw new RuntimeException( "NYI");
}
- private void write( SubjectConfirmationDataType subjectConfirmationData, OutputStream out ) throws ProcessingException
+ private void write( SubjectConfirmationDataType subjectConfirmationData ) throws ProcessingException
{
- verifyWriter(out);
StaxUtil.writeStartElement( writer, ASSERTION_PREFIX, JBossSAMLConstants.SUBJECT_CONFIRMATION_DATA.get(), ASSERTION_NSURI.get() );
//Let us look at attributes
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/SAMLRequestWriter.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/SAMLRequestWriter.java 2010-11-12 20:25:28 UTC (rev 553)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/SAMLRequestWriter.java 2010-11-16 20:57:31 UTC (rev 554)
@@ -24,9 +24,8 @@
import static org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLURIConstants.ASSERTION_NSURI;
import static org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLURIConstants.PROTOCOL_NSURI;
-import java.io.OutputStream;
-
import javax.xml.namespace.QName;
+import javax.xml.stream.XMLStreamWriter;
import org.picketlink.identity.federation.core.exceptions.ProcessingException;
import org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLConstants;
@@ -44,18 +43,20 @@
*/
public class SAMLRequestWriter extends BaseWriter
{
+ public SAMLRequestWriter(XMLStreamWriter writer) throws ProcessingException
+ {
+ super(writer);
+ }
+
/**
* Write a {@code AuthnRequestType } to stream
* @param request
* @param out
* @throws ProcessingException
*/
- public void write( AuthnRequestType request, OutputStream out ) throws ProcessingException
+ public void write( AuthnRequestType request ) throws ProcessingException
{
- verifyWriter( out );
-
StaxUtil.writeStartElement( writer, PROTOCOL_PREFIX, JBossSAMLConstants.AUTHN_REQUEST.get() , PROTOCOL_NSURI.get() );
-
StaxUtil.writeNameSpace( writer, PROTOCOL_PREFIX, PROTOCOL_NSURI.get() );
StaxUtil.writeDefaultNameSpace( writer, ASSERTION_NSURI.get() );
@@ -77,11 +78,11 @@
StaxUtil.writeAttribute( writer, JBossSAMLConstants.ASSERTION_CONSUMER_SERVICE_URL.get(), assertionURL );
NameIDType issuer = request.getIssuer();
- write( issuer, new QName( ASSERTION_NSURI.get(), JBossSAMLConstants.ISSUER.get() ), out );
+ write( issuer, new QName( ASSERTION_NSURI.get(), JBossSAMLConstants.ISSUER.get()));
NameIDPolicyType nameIDPolicy = request.getNameIDPolicy();
if( nameIDPolicy != null )
- write( nameIDPolicy, out );
+ write( nameIDPolicy );
StaxUtil.writeEndElement( writer);
StaxUtil.flush( writer );
@@ -93,10 +94,8 @@
* @param out
* @throws ProcessingException
*/
- public void write( LogoutRequestType logOutRequest, OutputStream out ) throws ProcessingException
+ public void write( LogoutRequestType logOutRequest ) throws ProcessingException
{
- verifyWriter( out );
-
StaxUtil.writeStartElement( writer, PROTOCOL_PREFIX, JBossSAMLConstants.LOGOUT_REQUEST.get() , PROTOCOL_NSURI.get() );
StaxUtil.writeNameSpace( writer, PROTOCOL_PREFIX, PROTOCOL_NSURI.get() );
@@ -118,7 +117,7 @@
StaxUtil.writeAttribute( writer, JBossSAMLConstants.CONSENT.get(), consent );
NameIDType issuer = logOutRequest.getIssuer();
- write( issuer, new QName( ASSERTION_NSURI.get(), JBossSAMLConstants.ISSUER.get() ), out );
+ write( issuer, new QName( ASSERTION_NSURI.get(), JBossSAMLConstants.ISSUER.get()));
StaxUtil.writeEndElement( writer);
StaxUtil.flush( writer );
@@ -130,10 +129,8 @@
* @param out
* @throws ProcessingException
*/
- public void write( NameIDPolicyType nameIDPolicy, OutputStream out ) throws ProcessingException
+ public void write( NameIDPolicyType nameIDPolicy ) throws ProcessingException
{
- verifyWriter( out );
-
StaxUtil.writeStartElement( writer, PROTOCOL_PREFIX, JBossSAMLConstants.NAMEID_POLICY.get(), PROTOCOL_NSURI.get() );
String format = nameIDPolicy.getFormat();
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/SAMLResponseWriter.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/SAMLResponseWriter.java 2010-11-12 20:25:28 UTC (rev 553)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/SAMLResponseWriter.java 2010-11-16 20:57:31 UTC (rev 554)
@@ -24,11 +24,11 @@
import static org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLURIConstants.ASSERTION_NSURI;
import static org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLURIConstants.PROTOCOL_NSURI;
-import java.io.OutputStream;
import java.util.List;
import javax.xml.namespace.QName;
-
+import javax.xml.stream.XMLStreamWriter;
+
import org.picketlink.identity.federation.core.exceptions.ProcessingException;
import org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLConstants;
import org.picketlink.identity.federation.core.util.StaxUtil;
@@ -48,18 +48,22 @@
*/
public class SAMLResponseWriter extends BaseWriter
{
- private SAMLAssertionWriter assertionWriter = new SAMLAssertionWriter();
+ private SAMLAssertionWriter assertionWriter;
+ public SAMLResponseWriter(XMLStreamWriter writer) throws ProcessingException
+ {
+ super(writer);
+ this.assertionWriter = new SAMLAssertionWriter(writer);
+ }
+
/**
* Write a {@code ResponseType} to stream
* @param response
* @param out
* @throws ProcessingException
*/
- public void write( ResponseType response, OutputStream out ) throws ProcessingException
+ public void write( ResponseType response ) throws ProcessingException
{
- verifyWriter( out );
-
StaxUtil.writeStartElement( writer, PROTOCOL_PREFIX, JBossSAMLConstants.RESPONSE.get() , PROTOCOL_NSURI.get() );
StaxUtil.writeNameSpace( writer, PROTOCOL_PREFIX, PROTOCOL_NSURI.get() );
@@ -68,10 +72,10 @@
writeBaseAttributes( response );
NameIDType issuer = response.getIssuer();
- write( issuer, new QName( ASSERTION_NSURI.get(), JBossSAMLConstants.ISSUER.get() ), out );
+ write( issuer, new QName( ASSERTION_NSURI.get(), JBossSAMLConstants.ISSUER.get() ) );
StatusType status = response.getStatus();
- write( status, out );
+ write( status );
List<Object> assertions = response.getAssertionOrEncryptedAssertion();
if( assertions != null )
@@ -80,7 +84,7 @@
{
if( assertion instanceof AssertionType )
{
- assertionWriter.write( (AssertionType) assertion, out );
+ assertionWriter.write( (AssertionType) assertion );
}
}
}
@@ -95,10 +99,8 @@
* @param out
* @throws ProcessingException
*/
- public void write( StatusResponseType response, QName qname, OutputStream out ) throws ProcessingException
+ public void write( StatusResponseType response, QName qname ) throws ProcessingException
{
- verifyWriter( out );
-
if( qname == null )
{
StaxUtil.writeStartElement( writer, PROTOCOL_PREFIX, JBossSAMLConstants.STATUS_RESPONSE_TYPE.get() , PROTOCOL_NSURI.get() );
@@ -114,10 +116,10 @@
writeBaseAttributes( response );
NameIDType issuer = response.getIssuer();
- write( issuer, new QName( ASSERTION_NSURI.get(), JBossSAMLConstants.ISSUER.get() ), out );
+ write( issuer, new QName( ASSERTION_NSURI.get(), JBossSAMLConstants.ISSUER.get() ) );
StatusType status = response.getStatus();
- write( status, out );
+ write( status );
StaxUtil.writeEndElement( writer);
StaxUtil.flush( writer );
@@ -129,13 +131,12 @@
* @param out
* @throws ProcessingException
*/
- public void write( StatusType status, OutputStream out ) throws ProcessingException
+ public void write( StatusType status ) throws ProcessingException
{
- verifyWriter( out );
StaxUtil.writeStartElement( writer, PROTOCOL_PREFIX, JBossSAMLConstants.STATUS.get() , PROTOCOL_NSURI.get() );
StatusCodeType statusCodeType = status.getStatusCode();
- write( statusCodeType , out );
+ write( statusCodeType );
String statusMessage = status.getStatusMessage();
if( StringUtil.isNotNull( statusMessage ))
@@ -146,7 +147,7 @@
StatusDetailType statusDetail = status.getStatusDetail();
if( statusDetail != null )
- write( statusDetail, out );
+ write( statusDetail );
StaxUtil.writeEndElement( writer);
StaxUtil.flush( writer );
@@ -158,10 +159,8 @@
* @param out
* @throws ProcessingException
*/
- public void write( StatusCodeType statusCodeType, OutputStream out ) throws ProcessingException
+ public void write( StatusCodeType statusCodeType ) throws ProcessingException
{
- verifyWriter( out );
-
StaxUtil.writeStartElement( writer, PROTOCOL_PREFIX, JBossSAMLConstants.STATUS_CODE.get() , PROTOCOL_NSURI.get() );
String value = statusCodeType.getValue();
@@ -171,7 +170,7 @@
}
StatusCodeType subStatusCode = statusCodeType.getStatusCode();
if( subStatusCode != null )
- write( subStatusCode, out );
+ write( subStatusCode );
StaxUtil.writeEndElement( writer);
StaxUtil.flush( writer );
@@ -183,12 +182,9 @@
* @param out
* @throws ProcessingException
*/
- public void write( StatusDetailType statusDetailType, OutputStream out ) throws ProcessingException
+ public void write( StatusDetailType statusDetailType ) throws ProcessingException
{
- verifyWriter( out );
-
StaxUtil.writeStartElement( writer, PROTOCOL_PREFIX, JBossSAMLConstants.STATUS_CODE.get() , PROTOCOL_NSURI.get() );
-
StaxUtil.writeEndElement( writer);
StaxUtil.flush( writer );
}
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/util/StaxUtil.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/util/StaxUtil.java 2010-11-12 20:25:28 UTC (rev 553)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/util/StaxUtil.java 2010-11-16 20:57:31 UTC (rev 554)
@@ -29,6 +29,7 @@
import javax.xml.stream.XMLOutputFactory;
import javax.xml.stream.XMLStreamException;
import javax.xml.stream.XMLStreamWriter;
+import javax.xml.transform.Result;
import org.picketlink.identity.federation.core.exceptions.ProcessingException;
import org.w3c.dom.Attr;
@@ -101,6 +102,19 @@
}
}
+ public static XMLStreamWriter getXMLStreamWriter(final Result result) throws ProcessingException
+ {
+ XMLOutputFactory factory = XMLOutputFactory.newInstance();
+ try
+ {
+ return factory.createXMLStreamWriter(result);
+ }
+ catch (XMLStreamException xe)
+ {
+ throw new ProcessingException(xe);
+ }
+ }
+
/**
* Set a prefix
* @param writer
@@ -286,7 +300,7 @@
//Should we register namespace
if( domElementPrefix != "" && !registeredNSStack.get().contains(domElementNS) )
{
- writeNameSpace(writer, domElementPrefix, domElementNS );
+ // writeNameSpace(writer, domElementPrefix, domElementNS );
registeredNSStack.get().push( domElementNS );
}
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/util/TransformerUtil.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/util/TransformerUtil.java 2010-11-12 20:25:28 UTC (rev 553)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/util/TransformerUtil.java 2010-11-16 20:57:31 UTC (rev 554)
@@ -29,6 +29,7 @@
import javax.xml.stream.XMLEventReader;
import javax.xml.stream.events.Attribute;
import javax.xml.stream.events.EndElement;
+import javax.xml.stream.events.Namespace;
import javax.xml.stream.events.StartElement;
import javax.xml.stream.events.XMLEvent;
import javax.xml.transform.ErrorListener;
@@ -285,13 +286,24 @@
Attribute attr = attrs.next();
QName attrName = attr.getName();
ns = attrName.getNamespaceURI();
- qual = attrName.getPrefix() + ":" + attrName.getLocalPart();
+ prefix = attrName.getPrefix();
+ localPart = attrName.getLocalPart();
+ qual = prefix != null && prefix != "" ? prefix + ":" + localPart : localPart ;
doc.createAttributeNS( ns, qual );
el.setAttributeNS( ns, qual , attr.getValue() );
}
-
-
+
+ // look for namespaces
+ @SuppressWarnings("unchecked")
+ Iterator<Namespace> namespaces = startElement.getNamespaces();
+ while (namespaces != null && namespaces.hasNext())
+ {
+ Namespace namespace = namespaces.next();
+ QName name = namespace.getName();
+ el.setAttributeNS(name.getNamespaceURI(), "xmlns:" + name.getLocalPart(), namespace.getNamespaceURI());
+ }
+
XMLEvent nextEvent = StaxParserUtil.peek(xmlEventReader);
if( nextEvent.getEventType() == XMLEvent.CHARACTERS )
{
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/PicketLinkSTS.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/PicketLinkSTS.java 2010-11-12 20:25:28 UTC (rev 553)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/PicketLinkSTS.java 2010-11-16 20:57:31 UTC (rev 554)
@@ -38,7 +38,8 @@
import org.apache.log4j.Logger;
import org.picketlink.identity.federation.core.config.STSType;
import org.picketlink.identity.federation.core.exceptions.ConfigurationException;
-import org.picketlink.identity.federation.core.saml.v2.common.SAMLDocumentHolder;
+import org.picketlink.identity.federation.core.parsers.wst.WSTrustParser;
+import org.picketlink.identity.federation.core.saml.v2.util.DocumentUtil;
import org.picketlink.identity.federation.core.wstrust.wrappers.BaseRequestSecurityToken;
import org.picketlink.identity.federation.core.wstrust.wrappers.RequestSecurityToken;
import org.picketlink.identity.federation.core.wstrust.wrappers.RequestSecurityTokenCollection;
@@ -78,17 +79,23 @@
public Source invoke(Source request)
{
BaseRequestSecurityToken baseRequest;
+ Document document;
try
{
- baseRequest = WSTrustJAXBFactory.getInstance().parseRequestSecurityToken(request);
+ document = (Document) DocumentUtil.getNodeFromSource(request);
+ baseRequest = (BaseRequestSecurityToken) new WSTrustParser().parse(DocumentUtil.getSourceAsStream(request));
}
- catch (WSTrustException we)
+ catch (Exception e)
{
- throw new RuntimeException(we);
+ throw new WebServiceException("Exception parsing token request: " + e.getMessage(), e);
}
if (baseRequest instanceof RequestSecurityToken)
- return this.handleTokenRequest((RequestSecurityToken) baseRequest);
+ {
+ RequestSecurityToken req = (RequestSecurityToken) baseRequest;
+ req.setRSTDocument(document);
+ return this.handleTokenRequest(req);
+ }
else if (baseRequest instanceof RequestSecurityTokenCollection)
return this.handleTokenRequestCollection((RequestSecurityTokenCollection) baseRequest);
else
@@ -106,13 +113,6 @@
*/
protected Source handleTokenRequest(RequestSecurityToken request)
{
- SAMLDocumentHolder holder = WSTrustJAXBFactory.getInstance().getSAMLDocumentHolderOnThread();
-
- /**
- * The RST Document is very important for XML Signatures
- */
- request.setRSTDocument(holder.getSamlDocument());
-
if (this.config == null)
try
{
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/STSClient.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/STSClient.java 2010-11-12 20:25:28 UTC (rev 553)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/STSClient.java 2010-11-16 20:57:31 UTC (rev 554)
@@ -1,23 +1,19 @@
/*
- * JBoss, Home of Professional Open Source.
- * Copyright 2008, Red Hat Middleware LLC, and individual contributors
- * as indicated by the @author tags. See the copyright.txt file in the
- * distribution for a full listing of individual contributors.
- *
- * This is free software; you can redistribute it and/or modify it
- * under the terms of the GNU Lesser General Public License as
- * published by the Free Software Foundation; either version 2.1 of
- * the License, or (at your option) any later version.
- *
- * This software is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public
- * License along with this software; if not, write to the Free
- * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
- * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ * JBoss, Home of Professional Open Source. Copyright 2008, Red Hat Middleware LLC, and individual contributors as
+ * indicated by the @author tags. See the copyright.txt file in the distribution for a full listing of individual
+ * contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either version 2.1 of the License, or (at your option) any
+ * later version.
+ *
+ * This software is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied
+ * warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
+ * details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License along with this software; if not, write to
+ * the Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA, or see the FSF site:
+ * http://www.fsf.org.
*/
package org.picketlink.identity.federation.core.wstrust;
@@ -30,6 +26,7 @@
import javax.xml.soap.SOAPEnvelope;
import javax.xml.soap.SOAPPart;
import javax.xml.transform.Source;
+import javax.xml.transform.dom.DOMResult;
import javax.xml.transform.dom.DOMSource;
import javax.xml.ws.BindingProvider;
import javax.xml.ws.Dispatch;
@@ -41,6 +38,7 @@
import org.picketlink.identity.federation.core.wstrust.wrappers.RequestSecurityToken;
import org.picketlink.identity.federation.core.wstrust.wrappers.RequestSecurityTokenResponse;
import org.picketlink.identity.federation.core.wstrust.wrappers.RequestSecurityTokenResponseCollection;
+import org.picketlink.identity.federation.core.wstrust.writers.WSTrustRSTWriter;
import org.picketlink.identity.federation.ws.trust.CancelTargetType;
import org.picketlink.identity.federation.ws.trust.RenewTargetType;
import org.picketlink.identity.federation.ws.trust.StatusType;
@@ -94,10 +92,10 @@
/**
* Issues a Security Token for the ultimate recipient of the token.
*
- * @param endpointURI - The ultimate recipient of the token. This will be set at the AppliesTo for
- * the RequestSecurityToken which is an optional element so it may be null.
- * @return Element - The Security Token Element which will be of the TokenType configured
- * for the endpointURI passed in.
+ * @param endpointURI - The ultimate recipient of the token. This will be set at the AppliesTo for the
+ * RequestSecurityToken which is an optional element so it may be null.
+ * @return Element - The Security Token Element which will be of the TokenType configured for the endpointURI passed
+ * in.
* @throws WSTrustException
*/
public Element issueTokenForEndpoint(String endpointURI) throws WSTrustException
@@ -108,12 +106,11 @@
}
/**
- * Issues a Security Token from the STS. This methods has the option of
- * specifying one or both of endpointURI/tokenType but at least one must
- * specified.
+ * Issues a Security Token from the STS. This methods has the option of specifying one or both of
+ * endpointURI/tokenType but at least one must specified.
*
- * @param endpointURI - The ultimate recipient of the token. This will be set at the AppliesTo for
- * the RequestSecurityToken which is an optional element so it may be null.
+ * @param endpointURI - The ultimate recipient of the token. This will be set at the AppliesTo for the
+ * RequestSecurityToken which is an optional element so it may be null.
* @param tokenType - The type of security token to be issued.
* @return Element - The Security Token Element issued.
* @throws IllegalArgumentException If neither endpointURI nor tokenType was specified.
@@ -135,11 +132,11 @@
* Issues a security token on behalf of the specified principal.
* </p>
*
- * @param endpointURI the ultimate recipient of the token. This will be set at the AppliesTo for
- * the RequestSecurityToken which is an optional element so it may be null.
- * @param tokenType the type of the token to be issued.
- * @param principal the {@code Principal} to whom the token will be issued.
- * @return an {@code Element} representing the issued security token.
+ * @param endpointURI the ultimate recipient of the token. This will be set at the AppliesTo for the
+ * RequestSecurityToken which is an optional element so it may be null.
+ * @param tokenType the type of the token to be issued.
+ * @param principal the {@code Principal} to whom the token will be issued.
+ * @return an {@code Element} representing the issued security token.
* @throws IllegalArgumentException If neither endpointURI nor tokenType was specified.
* @throws WSTrustException if an error occurs while issuing the security token.
*/
@@ -169,7 +166,7 @@
rst.setTokenType(URI.create(tokenType));
return rst;
}
-
+
private RequestSecurityToken setOnBehalfOf(Principal principal, RequestSecurityToken request)
{
if (principal != null)
@@ -183,8 +180,7 @@
request.setRequestType(URI.create(WSTrustConstants.ISSUE_REQUEST));
if (request.getContext() == null)
request.setContext("default-context");
- WSTrustJAXBFactory jaxbFactory = WSTrustJAXBFactory.getInstance();
- DOMSource requestSource = (DOMSource) jaxbFactory.marshallRequestSecurityToken(request);
+ DOMSource requestSource = this.createSourceFromRequest(request);
Source response = dispatchLocal.get().invoke(requestSource);
NodeList nodes;
@@ -237,8 +233,7 @@
request.setRenewTarget(renewTarget);
// send the token request to JBoss STS and get the response.
- WSTrustJAXBFactory jaxbFactory = WSTrustJAXBFactory.getInstance();
- DOMSource requestSource = (DOMSource) jaxbFactory.marshallRequestSecurityToken(request);
+ DOMSource requestSource = this.createSourceFromRequest(request);
Source response = dispatchLocal.get().invoke(requestSource);
NodeList nodes;
@@ -291,13 +286,11 @@
validateTarget.setAny(token);
request.setValidateTarget(validateTarget);
- WSTrustJAXBFactory jaxbFactory = WSTrustJAXBFactory.getInstance();
+ DOMSource requestSource = this.createSourceFromRequest(request);
- DOMSource requestSource = (DOMSource) jaxbFactory.marshallRequestSecurityToken(request);
-
Source response = dispatchLocal.get().invoke(requestSource);
- RequestSecurityTokenResponseCollection responseCollection = (RequestSecurityTokenResponseCollection) jaxbFactory
- .parseRequestSecurityTokenResponse(response);
+ RequestSecurityTokenResponseCollection responseCollection = (RequestSecurityTokenResponseCollection) WSTrustJAXBFactory
+ .getInstance().parseRequestSecurityTokenResponse(response);
RequestSecurityTokenResponse tokenResponse = responseCollection.getRequestSecurityTokenResponses().get(0);
StatusType status = tokenResponse.getStatus();
@@ -326,10 +319,11 @@
CancelTargetType cancelTarget = new CancelTargetType();
cancelTarget.setAny(securityToken);
request.setCancelTarget(cancelTarget);
+ request.setContext("context");
// marshal the request and send it to the STS.
WSTrustJAXBFactory jaxbFactory = WSTrustJAXBFactory.getInstance();
- DOMSource requestSource = (DOMSource) jaxbFactory.marshallRequestSecurityToken(request);
+ DOMSource requestSource = this.createSourceFromRequest(request);
Source response = dispatchLocal.get().invoke(requestSource);
// get the WS-Trust response and check for presence of the RequestTokenCanceled element.
@@ -345,4 +339,19 @@
{
return dispatchLocal.get();
}
+
+ private DOMSource createSourceFromRequest(RequestSecurityToken request) throws WSTrustException
+ {
+ try
+ {
+ DOMResult result = new DOMResult(DocumentUtil.createDocument());
+ WSTrustRSTWriter writer = new WSTrustRSTWriter(result);
+ writer.write(request);
+ return new DOMSource(result.getNode());
+ }
+ catch (Exception e)
+ {
+ throw new WSTrustException("Error creating source from request: " + e.getMessage(), e);
+ }
+ }
}
\ No newline at end of file
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/StandardRequestHandler.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/StandardRequestHandler.java 2010-11-12 20:25:28 UTC (rev 553)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/StandardRequestHandler.java 2010-11-16 20:57:31 UTC (rev 554)
@@ -1,23 +1,19 @@
/*
- * JBoss, Home of Professional Open Source.
- * Copyright 2009, Red Hat Middleware LLC, and individual contributors
- * as indicated by the @author tags. See the copyright.txt file in the
- * distribution for a full listing of individual contributors.
- *
- * This is free software; you can redistribute it and/or modify it
- * under the terms of the GNU Lesser General Public License as
- * published by the Free Software Foundation; either version 2.1 of
- * the License, or (at your option) any later version.
- *
- * This software is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public
- * License along with this software; if not, write to the Free
- * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
- * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ * JBoss, Home of Professional Open Source. Copyright 2009, Red Hat Middleware LLC, and individual contributors as
+ * indicated by the @author tags. See the copyright.txt file in the distribution for a full listing of individual
+ * contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either version 2.1 of the License, or (at your option) any
+ * later version.
+ *
+ * This software is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied
+ * warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
+ * details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License along with this software; if not, write to
+ * the Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA, or see the FSF site:
+ * http://www.fsf.org.
*/
package org.picketlink.identity.federation.core.wstrust;
@@ -36,6 +32,7 @@
import org.apache.log4j.Logger;
import org.picketlink.identity.federation.core.exceptions.ProcessingException;
import org.picketlink.identity.federation.core.saml.v2.util.DocumentUtil;
+import org.picketlink.identity.federation.core.util.Base64;
import org.picketlink.identity.federation.core.util.XMLEncryptionUtil;
import org.picketlink.identity.federation.core.util.XMLSignatureUtil;
import org.picketlink.identity.federation.core.wstrust.wrappers.RequestSecurityToken;
@@ -96,10 +93,6 @@
if (trace)
log.trace("Issuing token for principal " + callerPrincipal);
- Document rstDocument = request.getRSTDocument();
- if (rstDocument == null)
- throw new IllegalArgumentException("Request does not contain the DOM Document");
-
SecurityTokenProvider provider = null;
// first try to obtain the security token provider using the applies-to contents.
@@ -191,18 +184,20 @@
requestedProofToken = new RequestedProofTokenType();
ObjectFactory objFactory = new ObjectFactory();
- byte[] clientSecret = null;
- EntropyType clientEntropy = request.getEntropy();
- if (clientEntropy != null)
- clientSecret = WSTrustUtil.getBinarySecret(clientEntropy);
-
byte[] serverSecret = WSTrustUtil.createRandomSecret((int) keySize / 8);
BinarySecretType serverBinarySecret = new BinarySecretType();
serverBinarySecret.setType(WSTrustConstants.BS_TYPE_NONCE);
- serverBinarySecret.setValue(serverSecret);
- serverEntropy = new EntropyType();
- serverEntropy.getAny().add(objFactory.createBinarySecret(serverBinarySecret));
+ serverBinarySecret.setValue(Base64.encodeBytes(serverSecret).getBytes());
+ byte[] clientSecret = null;
+ EntropyType clientEntropy = request.getEntropy();
+ if (clientEntropy != null)
+ {
+ clientSecret = Base64.decode(new String(WSTrustUtil.getBinarySecret(clientEntropy)));
+ serverEntropy = new EntropyType();
+ serverEntropy.getAny().add(objFactory.createBinarySecret(serverBinarySecret));
+ }
+
if (clientSecret != null && clientSecret.length != 0)
{
// client secret has been specified - combine it with the sts secret.
@@ -210,7 +205,8 @@
byte[] combinedSecret = null;
try
{
- combinedSecret = WSTrustUtil.P_SHA1(clientSecret, serverSecret, (int) keySize / 8);
+ combinedSecret = Base64
+ .encodeBytes(WSTrustUtil.P_SHA1(clientSecret, serverSecret, (int) keySize / 8)).getBytes();
}
catch (Exception e)
{
@@ -223,8 +219,8 @@
{
// client secret has not been specified - use the sts secret only.
requestedProofToken.setAny(objFactory.createBinarySecret(serverBinarySecret));
- requestContext
- .setProofTokenInfo(WSTrustUtil.createKeyInfo(serverSecret, providerPublicKey, keyWrapAlgo));
+ requestContext.setProofTokenInfo(WSTrustUtil.createKeyInfo(serverBinarySecret.getValue(),
+ providerPublicKey, keyWrapAlgo));
}
}
else if (WSTrustConstants.KEY_TYPE_PUBLIC.equalsIgnoreCase(keyType.toString()))
@@ -305,7 +301,8 @@
public RequestSecurityTokenResponse renew(RequestSecurityToken request, Principal callerPrincipal)
throws WSTrustException
{
- // first validate the provided token signature to make sure it has been issued by this STS and hasn't been tempered.
+ // first validate the provided token signature to make sure it has been issued by this STS and hasn't been
+ // tempered.
if (trace)
log.trace("Validating token for renew request " + request.getContext());
if (request.getRenewTargetElement() == null)
@@ -391,9 +388,6 @@
{
if (trace)
log.trace("Started validation for request " + request.getContext());
- Document rstDocument = request.getRSTDocument();
- if (rstDocument == null)
- throw new IllegalArgumentException("Request does not contain the DOM Document");
if (request.getValidateTargetElement() == null)
throw new WSTrustException("Unable to validate token: request does not have a validate target");
@@ -488,9 +482,6 @@
throws WSTrustException
{
// check if request contains all required elements.
- Document rstDocument = request.getRSTDocument();
- if (rstDocument == null)
- throw new IllegalArgumentException("Request does not contain the DOM Document");
if (request.getCancelTargetElement() == null)
throw new WSTrustException("Unable to cancel token: request does not have a cancel target");
@@ -530,7 +521,7 @@
{
rstrDocument = DocumentUtil.normalizeNamespaces(rstrDocument);
- //Sign the security token
+ // Sign the security token
if (this.configuration.signIssuedToken() && this.configuration.getSTSKeyPair() != null)
{
KeyPair keyPair = this.configuration.getSTSKeyPair();
@@ -544,9 +535,9 @@
if (trace)
log.trace("NamespaceURI of element to be signed:" + tokenElement.getNamespaceURI());
- //Set the CanonicalizationMethod if any
- XMLSignatureUtil.setCanonicalizationMethodType( configuration.getXMLDSigCanonicalizationMethod() );
-
+ // Set the CanonicalizationMethod if any
+ XMLSignatureUtil.setCanonicalizationMethodType(configuration.getXMLDSigCanonicalizationMethod());
+
rstrDocument = XMLSignatureUtil.sign(rstrDocument, tokenElement, keyPair, DigestMethod.SHA1,
signatureMethod, "#" + tokenElement.getAttribute("ID"));
if (trace)
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/WSTrustUtil.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/WSTrustUtil.java 2010-11-12 20:25:28 UTC (rev 553)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/WSTrustUtil.java 2010-11-16 20:57:31 UTC (rev 554)
@@ -47,6 +47,7 @@
import org.apache.xml.security.encryption.XMLCipher;
import org.picketlink.identity.federation.core.config.STSType;
import org.picketlink.identity.federation.core.saml.v2.util.DocumentUtil;
+import org.picketlink.identity.federation.core.util.Base64;
import org.picketlink.identity.federation.core.util.JAXBUtil;
import org.picketlink.identity.federation.core.util.XMLEncryptionUtil;
import org.picketlink.identity.federation.core.wstrust.wrappers.Lifetime;
@@ -243,7 +244,6 @@
*/
public static OnBehalfOfType createOnBehalfOfWithUsername(String username, String id)
{
- org.picketlink.identity.federation.ws.wss.secext.ObjectFactory secextFactory = new org.picketlink.identity.federation.ws.wss.secext.ObjectFactory();
AttributedString attrString = new AttributedString();
attrString.setValue(username);
UsernameTokenType usernameToken = new UsernameTokenType();
@@ -251,7 +251,7 @@
usernameToken.setUsername(attrString);
// create the OnBehalfOfType and set the UsernameTokenType.
OnBehalfOfType onBehalfOf = new OnBehalfOfType();
- onBehalfOf.setAny(secextFactory.createUsernameToken(usernameToken));
+ onBehalfOf.setAny(usernameToken);
return onBehalfOf;
}
@@ -271,10 +271,9 @@
for (Object obj : entropy.getAny())
{
- JAXBElement element = (JAXBElement) obj;
- if (element.getDeclaredType().equals(BinarySecretType.class))
+ if (obj instanceof BinarySecretType)
{
- BinarySecretType binarySecret = (BinarySecretType) element.getValue();
+ BinarySecretType binarySecret = (BinarySecretType) obj;
secret = binarySecret.getValue();
break;
}
@@ -476,7 +475,6 @@
*/
public static KeyValueType createKeyValue(PublicKey key)
{
- org.picketlink.identity.xmlsec.w3.xmldsig.ObjectFactory factory = new org.picketlink.identity.xmlsec.w3.xmldsig.ObjectFactory();
if (key instanceof RSAPublicKey)
{
RSAPublicKey pubKey = (RSAPublicKey) key;
@@ -484,11 +482,11 @@
byte[] exponent = pubKey.getPublicExponent().toByteArray();
RSAKeyValueType rsaKeyValue = new RSAKeyValueType();
- rsaKeyValue.setModulus(modulus);
- rsaKeyValue.setExponent(exponent);
+ rsaKeyValue.setModulus(Base64.encodeBytes(modulus).getBytes());
+ rsaKeyValue.setExponent(Base64.encodeBytes(exponent).getBytes());
KeyValueType keyValue = new KeyValueType();
- keyValue.getContent().add(factory.createRSAKeyValue(rsaKeyValue));
+ keyValue.getContent().add(rsaKeyValue);
return keyValue;
}
else if (key instanceof DSAPublicKey)
@@ -500,13 +498,13 @@
byte[] Y = pubKey.getY().toByteArray();
DSAKeyValueType dsaKeyValue = new DSAKeyValueType();
- dsaKeyValue.setP(P);
- dsaKeyValue.setQ(Q);
- dsaKeyValue.setG(G);
- dsaKeyValue.setY(Y);
+ dsaKeyValue.setP(Base64.encodeBytes(P).getBytes());
+ dsaKeyValue.setQ(Base64.encodeBytes(Q).getBytes());
+ dsaKeyValue.setG(Base64.encodeBytes(G).getBytes());
+ dsaKeyValue.setY(Base64.encodeBytes(Y).getBytes());
KeyValueType keyValue = new KeyValueType();
- keyValue.getContent().add(factory.createDSAKeyValue(dsaKeyValue));
+ keyValue.getContent().add(dsaKeyValue);
return keyValue;
}
else
Deleted: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/writers/AbstractWSWriter.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/writers/AbstractWSWriter.java 2010-11-12 20:25:28 UTC (rev 553)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/writers/AbstractWSWriter.java 2010-11-16 20:57:31 UTC (rev 554)
@@ -1,48 +0,0 @@
-/*
- * JBoss, Home of Professional Open Source.
- * Copyright 2008, Red Hat Middleware LLC, and individual contributors
- * as indicated by the @author tags. See the copyright.txt file in the
- * distribution for a full listing of individual contributors.
- *
- * This is free software; you can redistribute it and/or modify it
- * under the terms of the GNU Lesser General Public License as
- * published by the Free Software Foundation; either version 2.1 of
- * the License, or (at your option) any later version.
- *
- * This software is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public
- * License along with this software; if not, write to the Free
- * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
- * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
- */
-package org.picketlink.identity.federation.core.wstrust.writers;
-
-import java.io.OutputStream;
-
-import javax.xml.stream.XMLStreamWriter;
-
-import org.picketlink.identity.federation.core.exceptions.ProcessingException;
-import org.picketlink.identity.federation.core.util.StaxUtil;
-
-/**
- * Base class for the WS Stax Writers
- * @author Anil.Saldhana at redhat.com
- * @since Nov 5, 2010
- */
-public class AbstractWSWriter
-{
- protected XMLStreamWriter writer = null;
-
- protected void verifyWriter( OutputStream out ) throws ProcessingException
- {
- if( writer == null )
- {
- writer = StaxUtil.getXMLStreamWriter( out );
- }
- }
-
-}
\ No newline at end of file
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/writers/WSAddressingWriter.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/writers/WSAddressingWriter.java 2010-11-12 20:25:28 UTC (rev 553)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/writers/WSAddressingWriter.java 2010-11-16 20:57:31 UTC (rev 554)
@@ -27,7 +27,7 @@
import static org.picketlink.identity.federation.core.wsa.WSAddressingConstants.WSA_NS;
import static org.picketlink.identity.federation.core.wsa.WSAddressingConstants.WSA_PREFIX;
-import java.io.OutputStream;
+import javax.xml.stream.XMLStreamWriter;
import org.picketlink.identity.federation.core.exceptions.ProcessingException;
import org.picketlink.identity.federation.core.util.StaxUtil;
@@ -39,12 +39,17 @@
* @author Anil.Saldhana at redhat.com
* @since Nov 5, 2010
*/
-public class WSAddressingWriter extends AbstractWSWriter
+public class WSAddressingWriter
{
- public void write( EndpointReferenceType endpointReference, OutputStream out ) throws ProcessingException
+ private XMLStreamWriter writer;
+
+ public WSAddressingWriter(XMLStreamWriter writer)
{
- verifyWriter(out);
-
+ this.writer = writer;
+ }
+
+ public void write( EndpointReferenceType endpointReference) throws ProcessingException
+ {
StaxUtil.writeStartElement( writer, WSA_PREFIX, ENDPOINT_REFERENCE, WSA_NS );
StaxUtil.writeNameSpace( writer, WSA_PREFIX, WSA_NS );
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/writers/WSPolicyWriter.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/writers/WSPolicyWriter.java 2010-11-12 20:25:28 UTC (rev 553)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/writers/WSPolicyWriter.java 2010-11-16 20:57:31 UTC (rev 554)
@@ -26,10 +26,10 @@
import static org.picketlink.identity.federation.core.wspolicy.WSPolicyConstants.WSP_PREFIX;
import static org.picketlink.identity.federation.core.wstrust.WSTrustConstants.WSP_NS;
-import java.io.OutputStream;
import java.util.List;
import javax.xml.bind.JAXBElement;
+import javax.xml.stream.XMLStreamWriter;
import org.picketlink.identity.federation.core.exceptions.ProcessingException;
import org.picketlink.identity.federation.core.util.StaxUtil;
@@ -41,18 +41,22 @@
* @author Anil.Saldhana at redhat.com
* @since Nov 5, 2010
*/
-public class WSPolicyWriter extends AbstractWSWriter
+public class WSPolicyWriter
{
+ private XMLStreamWriter writer;
+
+ public WSPolicyWriter(XMLStreamWriter writer)
+ {
+ this.writer = writer;
+ }
/**
* Write an {@code AppliesTo} to the stream
* @param appliesTo
* @param out
* @throws ProcessingException
*/
- public void write( AppliesTo appliesTo, OutputStream out ) throws ProcessingException
+ public void write( AppliesTo appliesTo) throws ProcessingException
{
- verifyWriter(out);
-
StaxUtil.writeStartElement( writer, WSP_PREFIX, APPLIES_TO, WSP_NS );
StaxUtil.writeNameSpace( writer, WSP_PREFIX, WSP_NS );
StaxUtil.writeCharacters(writer, "" ); //Seems like JDK bug - not writing end character
@@ -66,8 +70,8 @@
if( EndpointReferenceType.class.equals( jaxb.getDeclaredType() ) )
{
EndpointReferenceType endpointReference = (EndpointReferenceType) jaxb.getValue();
- WSAddressingWriter wsAddressingWriter = new WSAddressingWriter();
- wsAddressingWriter.write(endpointReference, out);
+ WSAddressingWriter wsAddressingWriter = new WSAddressingWriter(this.writer);
+ wsAddressingWriter.write(endpointReference);
}
}
}
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/writers/WSSecurityWriter.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/writers/WSSecurityWriter.java 2010-11-12 20:25:28 UTC (rev 553)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/writers/WSSecurityWriter.java 2010-11-16 20:57:31 UTC (rev 554)
@@ -30,9 +30,8 @@
import static org.picketlink.identity.federation.core.wsse.WSSecurityConstants.WSU_NS;
import static org.picketlink.identity.federation.core.wsse.WSSecurityConstants.WSU_PREFIX;
-import java.io.OutputStream;
-
import javax.xml.namespace.QName;
+import javax.xml.stream.XMLStreamWriter;
import org.picketlink.identity.federation.core.exceptions.ProcessingException;
import org.picketlink.identity.federation.core.util.StaxUtil;
@@ -45,18 +44,17 @@
* @author Anil.Saldhana at redhat.com
* @since Nov 8, 2010
*/
-public class WSSecurityWriter extends AbstractWSWriter
+public class WSSecurityWriter
{
- /**
- * Write an {@code UsernameTokenType} to the stream
- * @param appliesTo
- * @param out
- * @throws ProcessingException
- */
- public void write( UsernameTokenType usernameToken, OutputStream out ) throws ProcessingException
+ private XMLStreamWriter writer;
+
+ public WSSecurityWriter(XMLStreamWriter writer)
{
- verifyWriter(out);
-
+ this.writer = writer;
+ }
+
+ public void write(UsernameTokenType usernameToken) throws ProcessingException
+ {
StaxUtil.writeStartElement( writer, WSSE_PREFIX, USERNAME_TOKEN, WSSE_NS );
StaxUtil.writeNameSpace( writer, WSSE_PREFIX, WSSE_NS );
@@ -79,5 +77,5 @@
StaxUtil.writeEndElement( writer );
StaxUtil.flush( writer );
- }
+ }
}
\ No newline at end of file
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/writers/WSTrustRSTWriter.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/writers/WSTrustRSTWriter.java 2010-11-12 20:25:28 UTC (rev 553)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/writers/WSTrustRSTWriter.java 2010-11-16 20:57:31 UTC (rev 554)
@@ -32,6 +32,7 @@
import java.util.List;
import javax.xml.stream.XMLStreamWriter;
+import javax.xml.transform.Result;
import org.picketlink.identity.federation.core.exceptions.ProcessingException;
import org.picketlink.identity.federation.core.saml.v2.writers.SAMLAssertionWriter;
@@ -45,9 +46,12 @@
import org.picketlink.identity.federation.ws.trust.CancelTargetType;
import org.picketlink.identity.federation.ws.trust.EntropyType;
import org.picketlink.identity.federation.ws.trust.OnBehalfOfType;
+import org.picketlink.identity.federation.ws.trust.RenewTargetType;
import org.picketlink.identity.federation.ws.trust.UseKeyType;
import org.picketlink.identity.federation.ws.trust.ValidateTargetType;
import org.picketlink.identity.federation.ws.wss.secext.UsernameTokenType;
+import org.picketlink.identity.xmlsec.w3.xmldsig.KeyValueType;
+import org.picketlink.identity.xmlsec.w3.xmldsig.RSAKeyValueType;
import org.w3c.dom.Element;
/**
@@ -55,17 +59,59 @@
* @author Anil.Saldhana at redhat.com
* @since Oct 19, 2010
*/
-public class WSTrustRSTWriter extends AbstractWSWriter
+public class WSTrustRSTWriter
{
+ private XMLStreamWriter writer;
+
/**
+ * <p>
+ * Creates a {@code WSTrustRSTWriter} that writes {@code RequestSecurityToken} instances to the specified
+ * {@code OutputStream}.
+ * </p>
+ *
+ * @param out the stream where the request is to be written.
+ * @throws ProcessingException if an error occurs while processing the request.
+ */
+ public WSTrustRSTWriter(OutputStream out) throws ProcessingException
+ {
+ this.writer = StaxUtil.getXMLStreamWriter(out);
+ }
+
+ /**
+ * <p>
+ * Creates a {@code WSTrustRSTWriter} that writes {@code RequestSecurityToken} instances to the specified
+ * {@code Result}.
+ * </p>
+ *
+ * @param result the {@code Result} where the request it to be written.
+ * @throws ProcessingException if an error occurs while processing the request.
+ */
+ public WSTrustRSTWriter(Result result) throws ProcessingException
+ {
+ this.writer = StaxUtil.getXMLStreamWriter(result);
+ }
+
+ /**
+ * <p>
+ * Creates a {@code WSTrustRSTWriter} that uses the specified {@code XMLStreamWriter} to write the request
+ * objects.
+ * </p>
+ *
+ * @param writer the {@code XMLStreamWriter} to be used to write requests.
+ */
+ public WSTrustRSTWriter(XMLStreamWriter writer)
+ {
+ this.writer = writer;
+ }
+
+ /**
* Write the {@code RequestSecurityTokenCollection} into the {@code OutputStream}
* @param requestTokenCollection
* @param out
* @throws ProcessingException
*/
- public void write( RequestSecurityTokenCollection requestTokenCollection, OutputStream out ) throws ProcessingException
+ public void write( RequestSecurityTokenCollection requestTokenCollection) throws ProcessingException
{
- verifyWriter(out);
StaxUtil.writeStartElement( writer, PREFIX, RST_COLLECTION, BASE_NAMESPACE);
StaxUtil.writeNameSpace( writer, PREFIX, BASE_NAMESPACE );
@@ -75,7 +121,7 @@
for( RequestSecurityToken token: tokenList )
{
- write(token, out);
+ write(token);
}
StaxUtil.writeEndElement( writer );
@@ -88,9 +134,8 @@
* @param out
* @throws ProcessingException
*/
- public void write( RequestSecurityToken requestToken, OutputStream out ) throws ProcessingException
+ public void write( RequestSecurityToken requestToken ) throws ProcessingException
{
- verifyWriter(out);
StaxUtil.writeStartElement( writer, PREFIX, RST, BASE_NAMESPACE);
StaxUtil.writeNameSpace( writer, PREFIX, BASE_NAMESPACE );
String context = requestToken.getContext();
@@ -111,10 +156,18 @@
AppliesTo appliesTo = requestToken.getAppliesTo();
if( appliesTo != null )
{
- WSPolicyWriter wsPolicyWriter = new WSPolicyWriter();
- wsPolicyWriter.write( appliesTo, out );
+ WSPolicyWriter wsPolicyWriter = new WSPolicyWriter(this.writer);
+ wsPolicyWriter.write( appliesTo );
}
+ long keySize = requestToken.getKeySize();
+ if (keySize != 0)
+ {
+ StaxUtil.writeStartElement(writer, PREFIX, WSTrustConstants.KEY_SIZE, BASE_NAMESPACE);
+ StaxUtil.writeCharacters(writer, Long.toString(keySize));
+ StaxUtil.writeEndElement(writer);
+ }
+
URI keyType = requestToken.getKeyType();
if( keyType != null )
{
@@ -137,22 +190,27 @@
OnBehalfOfType onBehalfOf = requestToken.getOnBehalfOf();
if( onBehalfOf != null )
{
- writeOnBehalfOfType(onBehalfOf, out);
+ writeOnBehalfOfType(onBehalfOf);
}
ValidateTargetType validateTarget = requestToken.getValidateTarget();
if( validateTarget != null )
{
-
- writeValidateTargetType(validateTarget, out);
+ writeValidateTargetType(validateTarget);
}
CancelTargetType cancelTarget = requestToken.getCancelTarget();
if( cancelTarget != null )
{
- writeCancelTargetType(cancelTarget, out);
+ writeCancelTargetType(cancelTarget);
}
+ RenewTargetType renewTarget = requestToken.getRenewTarget();
+ if (renewTarget != null)
+ {
+ writeRenewTargetType(renewTarget);
+ }
+
StaxUtil.writeEndElement( writer );
StaxUtil.flush( writer );
}
@@ -188,30 +246,81 @@
*/
private void writeUseKeyType(UseKeyType useKeyType) throws ProcessingException
{
+ StaxUtil.writeStartElement( writer, PREFIX, WSTrustConstants.USE_KEY, BASE_NAMESPACE);
+
Object useKeyTypeValue = useKeyType.getAny();
if( useKeyTypeValue instanceof Element )
{
Element domElement = (Element) useKeyTypeValue;
StaxUtil.writeDOMElement( writer, domElement );
}
+ else if (useKeyTypeValue instanceof byte[])
+ {
+ byte[] certificate = (byte[]) useKeyTypeValue;
+ StaxUtil.writeStartElement(writer, "dsig", "X509Certificate", WSTrustConstants.DSIG_NS);
+ StaxUtil.writeNameSpace( writer, "dsig", WSTrustConstants.DSIG_NS);
+ StaxUtil.writeCharacters(writer, new String(certificate));
+ StaxUtil.writeEndElement(writer);
+ }
+ else if (useKeyTypeValue instanceof KeyValueType)
+ {
+ writeKeyValueType((KeyValueType) useKeyTypeValue);
+ }
else
throw new RuntimeException( " Unknown use key type:" + useKeyTypeValue.getClass().getName() );
+
+ StaxUtil.writeEndElement(writer);
}
+ private void writeKeyValueType(KeyValueType type) throws ProcessingException
+ {
+ StaxUtil.writeStartElement(writer, "dsig", WSTrustConstants.KEY_VALUE, WSTrustConstants.DSIG_NS);
+ StaxUtil.writeNameSpace(writer, "dsig", WSTrustConstants.DSIG_NS);
+ if (type.getContent().size() == 0)
+ throw new ProcessingException("KeyValueType must contain at least one value");
+
+ for (Object obj : type.getContent())
+ {
+ if (obj instanceof RSAKeyValueType)
+ {
+ RSAKeyValueType rsaKeyValue = (RSAKeyValueType) obj;
+ writeRSAKeyValueType(rsaKeyValue);
+ }
+ }
+ StaxUtil.writeEndElement(writer);
+ }
+
+ private void writeRSAKeyValueType(RSAKeyValueType type) throws ProcessingException
+ {
+ StaxUtil.writeStartElement(writer, "dsig", "RSAKeyValue", WSTrustConstants.DSIG_NS);
+ // write the rsa key modulus.
+ byte[] modulus = type.getModulus();
+ StaxUtil.writeStartElement(writer, "dsig", "Modulus", WSTrustConstants.DSIG_NS);
+ StaxUtil.writeCharacters(writer, new String(modulus));
+ StaxUtil.writeEndElement(writer);
+
+ // write the rsa key exponent.
+ byte[] exponent = type.getExponent();
+ StaxUtil.writeStartElement(writer, "dsig", "Exponent", WSTrustConstants.DSIG_NS);
+ StaxUtil.writeCharacters(writer, new String(exponent));
+ StaxUtil.writeEndElement(writer);
+
+ StaxUtil.writeEndElement(writer);
+ }
/**
* Write an {@code OnBehalfOfType} to stream
* @param onBehalfOf
* @param out
* @throws ProcessingException
*/
- private void writeOnBehalfOfType(OnBehalfOfType onBehalfOf, OutputStream out) throws ProcessingException
+ private void writeOnBehalfOfType(OnBehalfOfType onBehalfOf) throws ProcessingException
{
StaxUtil.writeStartElement( writer, PREFIX, WSTrustConstants.On_BEHALF_OF, BASE_NAMESPACE);
StaxUtil.writeCharacters(writer, "" );
UsernameTokenType usernameToken = (UsernameTokenType) onBehalfOf.getAny();
- WSSecurityWriter wsseWriter = new WSSecurityWriter();
- wsseWriter.write( usernameToken, out );
+ WSSecurityWriter wsseWriter = new WSSecurityWriter(this.writer);
+ wsseWriter.write( usernameToken );
StaxUtil.writeEndElement( writer );
}
@@ -221,20 +330,49 @@
* @param out
* @throws ProcessingException
*/
- private void writeValidateTargetType(ValidateTargetType validateTarget, OutputStream out) throws ProcessingException
+ private void writeValidateTargetType(ValidateTargetType validateTarget) throws ProcessingException
{
StaxUtil.writeStartElement( writer, PREFIX, WSTrustConstants.VALIDATE_TARGET, BASE_NAMESPACE);
- StaxUtil.writeCharacters(writer, "" );
Object validateTargetObj = validateTarget.getAny();
- if( validateTargetObj instanceof AssertionType )
+ if (validateTargetObj != null)
{
- AssertionType assertion = (AssertionType) validateTargetObj;
- SAMLAssertionWriter samlAssertionWriter = new SAMLAssertionWriter();
- samlAssertionWriter.write(assertion, out);
+ if (validateTargetObj instanceof AssertionType)
+ {
+ AssertionType assertion = (AssertionType) validateTargetObj;
+ SAMLAssertionWriter samlAssertionWriter = new SAMLAssertionWriter(this.writer);
+ samlAssertionWriter.write(assertion);
+ }
+ else if (validateTargetObj instanceof Element)
+ {
+ StaxUtil.writeDOMElement(writer, (Element) validateTargetObj);
+ }
+ else
+ throw new ProcessingException("Unknown validate target type=" + validateTargetObj.getClass().getName());
}
- else throw new ProcessingException( "Unknown validate target type=" + validateTargetObj.getClass().getName() );
+ StaxUtil.writeEndElement( writer );
+ }
+
+ private void writeRenewTargetType(RenewTargetType renewTarget) throws ProcessingException
+ {
+ StaxUtil.writeStartElement( writer, PREFIX, WSTrustConstants.RENEW_TARGET, BASE_NAMESPACE);
+ Object renewTargetObj = renewTarget.getAny();
+ if (renewTargetObj != null)
+ {
+ if (renewTargetObj instanceof AssertionType)
+ {
+ AssertionType assertion = (AssertionType) renewTargetObj;
+ SAMLAssertionWriter samlAssertionWriter = new SAMLAssertionWriter(this.writer);
+ samlAssertionWriter.write(assertion);
+ }
+ else if (renewTargetObj instanceof Element)
+ {
+ StaxUtil.writeDOMElement(writer, (Element) renewTargetObj);
+ }
+ else
+ throw new ProcessingException("Unknown renew target type=" + renewTargetObj.getClass().getName());
+ }
StaxUtil.writeEndElement( writer );
}
@@ -244,20 +382,26 @@
* @param out
* @throws ProcessingException
*/
- private void writeCancelTargetType(CancelTargetType cancelTarget, OutputStream out) throws ProcessingException
+ private void writeCancelTargetType(CancelTargetType cancelTarget) throws ProcessingException
{
StaxUtil.writeStartElement( writer, PREFIX, WSTrustConstants.CANCEL_TARGET, BASE_NAMESPACE);
- StaxUtil.writeCharacters(writer, "" );
Object cancelTargetObj = cancelTarget.getAny();
- if( cancelTargetObj instanceof AssertionType )
+ if (cancelTargetObj != null)
{
- AssertionType assertion = (AssertionType) cancelTargetObj;
- SAMLAssertionWriter samlAssertionWriter = new SAMLAssertionWriter();
- samlAssertionWriter.write(assertion, out);
- }
- else throw new ProcessingException( "Unknown cancel target type=" + cancelTargetObj.getClass().getName() );
-
+ if (cancelTargetObj instanceof AssertionType)
+ {
+ AssertionType assertion = (AssertionType) cancelTargetObj;
+ SAMLAssertionWriter samlAssertionWriter = new SAMLAssertionWriter(this.writer);
+ samlAssertionWriter.write(assertion);
+ }
+ else if (cancelTargetObj instanceof Element)
+ {
+ StaxUtil.writeDOMElement(writer, (Element) cancelTargetObj);
+ }
+ else
+ throw new ProcessingException("Unknown cancel target type=" + cancelTargetObj.getClass().getName());
+ }
StaxUtil.writeEndElement( writer );
}
Modified: federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/saml/SAMLAssertionParserTestCase.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/saml/SAMLAssertionParserTestCase.java 2010-11-12 20:25:28 UTC (rev 553)
+++ federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/saml/SAMLAssertionParserTestCase.java 2010-11-16 20:57:31 UTC (rev 554)
@@ -39,6 +39,7 @@
import org.picketlink.identity.federation.core.saml.v2.util.DocumentUtil;
import org.picketlink.identity.federation.core.saml.v2.util.XMLTimeUtil;
import org.picketlink.identity.federation.core.saml.v2.writers.SAMLAssertionWriter;
+import org.picketlink.identity.federation.core.util.StaxUtil;
import org.picketlink.identity.federation.saml.v2.assertion.AssertionType;
import org.picketlink.identity.federation.saml.v2.assertion.AttributeStatementType;
import org.picketlink.identity.federation.saml.v2.assertion.AttributeType;
@@ -247,9 +248,9 @@
}
}
- SAMLAssertionWriter writer = new SAMLAssertionWriter();
ByteArrayOutputStream baos = new ByteArrayOutputStream();
- writer.write(assertion, baos );
+ SAMLAssertionWriter writer = new SAMLAssertionWriter(StaxUtil.getXMLStreamWriter(baos));
+ writer.write(assertion);
System.out.println( new String( baos.toByteArray() ));
Modified: federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/saml/SAMLAuthnRequestParserTestCase.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/saml/SAMLAuthnRequestParserTestCase.java 2010-11-12 20:25:28 UTC (rev 553)
+++ federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/saml/SAMLAuthnRequestParserTestCase.java 2010-11-16 20:57:31 UTC (rev 554)
@@ -33,6 +33,7 @@
import org.picketlink.identity.federation.core.saml.v2.util.DocumentUtil;
import org.picketlink.identity.federation.core.saml.v2.util.XMLTimeUtil;
import org.picketlink.identity.federation.core.saml.v2.writers.SAMLRequestWriter;
+import org.picketlink.identity.federation.core.util.StaxUtil;
import org.picketlink.identity.federation.saml.v2.protocol.AuthnRequestType;
import org.picketlink.identity.federation.saml.v2.protocol.NameIDPolicyType;
@@ -70,9 +71,9 @@
assertEquals( Boolean.TRUE , nameIDPolicy.isAllowCreate() );
//Try out writing
- SAMLRequestWriter writer = new SAMLRequestWriter();
ByteArrayOutputStream baos = new ByteArrayOutputStream();
- writer.write( authnRequest, baos );
+ SAMLRequestWriter writer = new SAMLRequestWriter(StaxUtil.getXMLStreamWriter(baos));
+ writer.write( authnRequest );
System.out.println( new String( baos.toByteArray() ));
Modified: federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/saml/SAMLResponseParserTestCase.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/saml/SAMLResponseParserTestCase.java 2010-11-12 20:25:28 UTC (rev 553)
+++ federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/saml/SAMLResponseParserTestCase.java 2010-11-16 20:57:31 UTC (rev 554)
@@ -36,6 +36,7 @@
import org.picketlink.identity.federation.core.saml.v2.util.DocumentUtil;
import org.picketlink.identity.federation.core.saml.v2.util.XMLTimeUtil;
import org.picketlink.identity.federation.core.saml.v2.writers.SAMLResponseWriter;
+import org.picketlink.identity.federation.core.util.StaxUtil;
import org.picketlink.identity.federation.saml.v2.assertion.AssertionType;
import org.picketlink.identity.federation.saml.v2.assertion.AttributeStatementType;
import org.picketlink.identity.federation.saml.v2.assertion.AttributeType;
@@ -101,9 +102,9 @@
assertEquals( "urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport", authnContextDeclRefJaxb.getValue() );
//Let us do some writing - currently only visual inspection. We will do proper validation later.
- SAMLResponseWriter writer = new SAMLResponseWriter();
ByteArrayOutputStream baos = new ByteArrayOutputStream();
- writer.write(response, baos );
+ SAMLResponseWriter writer = new SAMLResponseWriter(StaxUtil.getXMLStreamWriter(baos));
+ writer.write(response );
System.out.println( new String( baos.toByteArray() ));
Modified: federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/saml/SAMLSloRequestParserTestCase.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/saml/SAMLSloRequestParserTestCase.java 2010-11-12 20:25:28 UTC (rev 553)
+++ federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/saml/SAMLSloRequestParserTestCase.java 2010-11-16 20:57:31 UTC (rev 554)
@@ -33,6 +33,7 @@
import org.picketlink.identity.federation.core.saml.v2.util.DocumentUtil;
import org.picketlink.identity.federation.core.saml.v2.util.XMLTimeUtil;
import org.picketlink.identity.federation.core.saml.v2.writers.SAMLRequestWriter;
+import org.picketlink.identity.federation.core.util.StaxUtil;
import org.picketlink.identity.federation.saml.v2.protocol.LogoutRequestType;
/**
@@ -59,9 +60,9 @@
assertEquals( "http://localhost:8080/sales/", lotRequest.getIssuer().getValue() );
//Try out writing
- SAMLRequestWriter writer = new SAMLRequestWriter();
ByteArrayOutputStream baos = new ByteArrayOutputStream();
- writer.write( lotRequest, baos );
+ SAMLRequestWriter writer = new SAMLRequestWriter(StaxUtil.getXMLStreamWriter(baos));
+ writer.write( lotRequest );
System.out.println( new String( baos.toByteArray() ));
Modified: federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/saml/SAMLSloResponseParserTestCase.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/saml/SAMLSloResponseParserTestCase.java 2010-11-12 20:25:28 UTC (rev 553)
+++ federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/saml/SAMLSloResponseParserTestCase.java 2010-11-16 20:57:31 UTC (rev 554)
@@ -37,6 +37,7 @@
import org.picketlink.identity.federation.core.saml.v2.util.DocumentUtil;
import org.picketlink.identity.federation.core.saml.v2.util.XMLTimeUtil;
import org.picketlink.identity.federation.core.saml.v2.writers.SAMLResponseWriter;
+import org.picketlink.identity.federation.core.util.StaxUtil;
import org.picketlink.identity.federation.saml.v2.protocol.StatusResponseType;
import org.picketlink.identity.federation.saml.v2.protocol.StatusType;
@@ -70,8 +71,9 @@
assertEquals( "urn:oasis:names:tc:SAML:2.0:status:Success", status.getStatusCode().getStatusCode().getValue() );
//Let us do some writing - currently only visual inspection. We will do proper validation later.
- SAMLResponseWriter writer = new SAMLResponseWriter();ByteArrayOutputStream baos = new ByteArrayOutputStream();
- writer.write(response, new QName( PROTOCOL_NSURI.get(), LOGOUT_RESPONSE.get(), "samlp"), baos );
+ ByteArrayOutputStream baos = new ByteArrayOutputStream();
+ SAMLResponseWriter writer = new SAMLResponseWriter(StaxUtil.getXMLStreamWriter(baos));
+ writer.write(response, new QName( PROTOCOL_NSURI.get(), LOGOUT_RESPONSE.get(), "samlp"));
System.out.println( new String( baos.toByteArray() ));
Modified: federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/wst/WSTrustBatchValidateParsingTestCase.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/wst/WSTrustBatchValidateParsingTestCase.java 2010-11-12 20:25:28 UTC (rev 553)
+++ federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/wst/WSTrustBatchValidateParsingTestCase.java 2010-11-16 20:57:31 UTC (rev 554)
@@ -68,10 +68,10 @@
assertEquals( WSTrustConstants.RSTR_STATUS_TOKEN_TYPE , rst2.getTokenType().toASCIIString() );
//Now for the writing part
- WSTrustRSTWriter rstWriter = new WSTrustRSTWriter();
ByteArrayOutputStream baos = new ByteArrayOutputStream();
+ WSTrustRSTWriter rstWriter = new WSTrustRSTWriter(baos);
- rstWriter.write( requestCollection, baos );
+ rstWriter.write( requestCollection );
System.out.println( new String( baos.toByteArray() ));
DocumentUtil.getDocument( new ByteArrayInputStream( baos.toByteArray() ));
Modified: federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/wst/WSTrustCancelTargetSamlTestCase.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/wst/WSTrustCancelTargetSamlTestCase.java 2010-11-12 20:25:28 UTC (rev 553)
+++ federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/wst/WSTrustCancelTargetSamlTestCase.java 2010-11-16 20:57:31 UTC (rev 554)
@@ -70,10 +70,10 @@
validateAssertion( assertion );
//Now for the writing part
- WSTrustRSTWriter rstWriter = new WSTrustRSTWriter();
ByteArrayOutputStream baos = new ByteArrayOutputStream();
+ WSTrustRSTWriter rstWriter = new WSTrustRSTWriter(baos);
- rstWriter.write(requestToken, baos );
+ rstWriter.write(requestToken );
System.out.println( new String( baos.toByteArray() ));
DocumentUtil.getDocument( new ByteArrayInputStream( baos.toByteArray() ));
Modified: federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/wst/WSTrustIssuePublicCertificateTestCase.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/wst/WSTrustIssuePublicCertificateTestCase.java 2010-11-12 20:25:28 UTC (rev 553)
+++ federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/wst/WSTrustIssuePublicCertificateTestCase.java 2010-11-16 20:57:31 UTC (rev 554)
@@ -76,10 +76,10 @@
assertEquals( "ds:" + WSTRequestSecurityTokenParser.X509CERTIFICATE, certEl.getTagName() );
//Now for the writing part
- WSTrustRSTWriter rstWriter = new WSTrustRSTWriter();
ByteArrayOutputStream baos = new ByteArrayOutputStream();
+ WSTrustRSTWriter rstWriter = new WSTrustRSTWriter(baos);
- rstWriter.write(requestToken, baos );
+ rstWriter.write(requestToken );
System.out.println( new String( baos.toByteArray() ));
DocumentUtil.getDocument( new ByteArrayInputStream( baos.toByteArray() ));
Modified: federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/wst/WSTrustIssuePublicKeyTestCase.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/wst/WSTrustIssuePublicKeyTestCase.java 2010-11-12 20:25:28 UTC (rev 553)
+++ federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/wst/WSTrustIssuePublicKeyTestCase.java 2010-11-16 20:57:31 UTC (rev 554)
@@ -77,10 +77,10 @@
//Now for the writing part
- WSTrustRSTWriter rstWriter = new WSTrustRSTWriter();
ByteArrayOutputStream baos = new ByteArrayOutputStream();
+ WSTrustRSTWriter rstWriter = new WSTrustRSTWriter(baos);
- rstWriter.write(requestToken, baos );
+ rstWriter.write(requestToken );
System.out.println( new String( baos.toByteArray() ));
DocumentUtil.getDocument( new ByteArrayInputStream( baos.toByteArray() ));
Modified: federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/wst/WSTrustIssueSymmetricKeyTestCase.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/wst/WSTrustIssueSymmetricKeyTestCase.java 2010-11-12 20:25:28 UTC (rev 553)
+++ federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/wst/WSTrustIssueSymmetricKeyTestCase.java 2010-11-16 20:57:31 UTC (rev 554)
@@ -75,10 +75,10 @@
assertEquals( "M0/7qLpV49c=" , new String( binarySecret.getValue() ));
//Now for the writing part
- WSTrustRSTWriter rstWriter = new WSTrustRSTWriter();
ByteArrayOutputStream baos = new ByteArrayOutputStream();
+ WSTrustRSTWriter rstWriter = new WSTrustRSTWriter(baos);
- rstWriter.write(requestToken, baos );
+ rstWriter.write(requestToken);
System.out.println( new String( baos.toByteArray() ));
DocumentUtil.getDocument( new ByteArrayInputStream( baos.toByteArray() ));
Modified: federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/wst/WSTrustIssueTestCase.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/wst/WSTrustIssueTestCase.java 2010-11-12 20:25:28 UTC (rev 553)
+++ federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/wst/WSTrustIssueTestCase.java 2010-11-16 20:57:31 UTC (rev 554)
@@ -27,6 +27,8 @@
import java.io.ByteArrayOutputStream;
import java.io.InputStream;
+import javax.xml.transform.dom.DOMSource;
+
import org.junit.Test;
import org.picketlink.identity.federation.core.parsers.wst.WSTrustParser;
import org.picketlink.identity.federation.core.saml.v2.util.DocumentUtil;
@@ -55,10 +57,10 @@
assertEquals( WSTrustConstants.SAML2_TOKEN_TYPE, requestToken.getTokenType().toASCIIString() );
//Now for the writing part
- WSTrustRSTWriter rstWriter = new WSTrustRSTWriter();
ByteArrayOutputStream baos = new ByteArrayOutputStream();
+ WSTrustRSTWriter rstWriter = new WSTrustRSTWriter(baos);
- rstWriter.write(requestToken, baos );
+ rstWriter.write(requestToken);
System.out.println( new String( baos.toByteArray() ));
DocumentUtil.getDocument( new ByteArrayInputStream( baos.toByteArray() ));
Modified: federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/wst/WSTrustOnBehalfOfTestCase.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/wst/WSTrustOnBehalfOfTestCase.java 2010-11-12 20:25:28 UTC (rev 553)
+++ federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/wst/WSTrustOnBehalfOfTestCase.java 2010-11-16 20:57:31 UTC (rev 554)
@@ -61,10 +61,10 @@
assertEquals( "anotherduke", userNameToken.getUsername().getValue() );
//Now for the writing part
- WSTrustRSTWriter rstWriter = new WSTrustRSTWriter();
ByteArrayOutputStream baos = new ByteArrayOutputStream();
+ WSTrustRSTWriter rstWriter = new WSTrustRSTWriter(baos);
- rstWriter.write(requestToken, baos );
+ rstWriter.write(requestToken);
System.out.println( new String( baos.toByteArray() ));
DocumentUtil.getDocument( new ByteArrayInputStream( baos.toByteArray() ));
Modified: federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/wstrust/PicketLinkSTSUnitTestCase.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/wstrust/PicketLinkSTSUnitTestCase.java 2010-11-12 20:25:28 UTC (rev 553)
+++ federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/wstrust/PicketLinkSTSUnitTestCase.java 2010-11-16 20:57:31 UTC (rev 554)
@@ -36,6 +36,8 @@
import javax.xml.datatype.DatatypeConstants;
import javax.xml.namespace.QName;
import javax.xml.transform.Source;
+import javax.xml.transform.dom.DOMResult;
+import javax.xml.transform.dom.DOMSource;
import javax.xml.ws.EndpointReference;
import javax.xml.ws.WebServiceContext;
import javax.xml.ws.WebServiceException;
@@ -45,8 +47,10 @@
import org.picketlink.identity.federation.core.config.STSType;
import org.picketlink.identity.federation.core.exceptions.ConfigurationException;
+import org.picketlink.identity.federation.core.exceptions.ParsingException;
import org.picketlink.identity.federation.core.saml.v2.common.IDGenerator;
import org.picketlink.identity.federation.core.saml.v2.util.DocumentUtil;
+import org.picketlink.identity.federation.core.util.Base64;
import org.picketlink.identity.federation.core.wstrust.PicketLinkSTS;
import org.picketlink.identity.federation.core.wstrust.PicketLinkSTSConfiguration;
import org.picketlink.identity.federation.core.wstrust.STSConfiguration;
@@ -64,6 +68,7 @@
import org.picketlink.identity.federation.core.wstrust.wrappers.RequestSecurityToken;
import org.picketlink.identity.federation.core.wstrust.wrappers.RequestSecurityTokenResponse;
import org.picketlink.identity.federation.core.wstrust.wrappers.RequestSecurityTokenResponseCollection;
+import org.picketlink.identity.federation.core.wstrust.writers.WSTrustRSTWriter;
import org.picketlink.identity.federation.saml.v2.assertion.AssertionType;
import org.picketlink.identity.federation.saml.v2.assertion.AudienceRestrictionType;
import org.picketlink.identity.federation.saml.v2.assertion.ConditionAbstractType;
@@ -243,11 +248,8 @@
// create a simple token request, asking for a "special" test token.
RequestSecurityToken request = this.createRequest("testcontext", WSTrustConstants.ISSUE_REQUEST,
"http://www.tokens.org/SpecialToken", null);
+ Source requestMessage = this.createSourceFromRequest(request);
- // use the factory to marshall the request.
- WSTrustJAXBFactory factory = WSTrustJAXBFactory.getInstance();
- Source requestMessage = factory.marshallRequestSecurityToken(request);
-
// invoke the token service.
Source responseMessage = this.tokenService.invoke(requestMessage);
BaseRequestSecurityTokenResponse baseResponse = WSTrustJAXBFactory.getInstance()
@@ -299,11 +301,8 @@
// create a simple token request, asking for a SAMLv2.0 token.
RequestSecurityToken request = this.createRequest("testcontext", WSTrustConstants.ISSUE_REQUEST,
SAMLUtil.SAML2_TOKEN_TYPE, null);
+ Source requestMessage = this.createSourceFromRequest(request);
- // use the factory to marshall the request.
- WSTrustJAXBFactory factory = WSTrustJAXBFactory.getInstance();
- Source requestMessage = factory.marshallRequestSecurityToken(request);
-
// invoke the token service.
Source responseMessage = this.tokenService.invoke(requestMessage);
BaseRequestSecurityTokenResponse baseResponse = WSTrustJAXBFactory.getInstance()
@@ -327,11 +326,8 @@
// create a simple token request, this time using the applies to get to the token type.
RequestSecurityToken request = this.createRequest("testcontext", WSTrustConstants.ISSUE_REQUEST, null,
"http://services.testcorp.org/provider1");
+ Source requestMessage = this.createSourceFromRequest(request);
- // use the factory to marshall the request.
- WSTrustJAXBFactory factory = WSTrustJAXBFactory.getInstance();
- Source requestMessage = factory.marshallRequestSecurityToken(request);
-
// invoke the token service.
Source responseMessage = this.tokenService.invoke(requestMessage);
BaseRequestSecurityTokenResponse baseResponse = WSTrustJAXBFactory.getInstance()
@@ -354,11 +350,8 @@
{
RequestSecurityToken request = this.createRequest("testcontext", WSTrustConstants.ISSUE_REQUEST, null,
"http://services.testcorp.org/provider2");
+ Source requestMessage = this.createSourceFromRequest(request);
- // use the factory to marshall the request.
- WSTrustJAXBFactory factory = WSTrustJAXBFactory.getInstance();
- Source requestMessage = factory.marshallRequestSecurityToken(request);
-
// invoke the token service.
Source responseMessage = this.tokenService.invoke(requestMessage);
BaseRequestSecurityTokenResponse baseResponse = WSTrustJAXBFactory.getInstance()
@@ -397,9 +390,7 @@
OnBehalfOfType onBehalfOf = WSTrustUtil.createOnBehalfOfWithUsername("anotherduke", "id");
request.setOnBehalfOf(onBehalfOf);
- // use the factory to marshall the request.
- WSTrustJAXBFactory factory = WSTrustJAXBFactory.getInstance();
- Source requestMessage = factory.marshallRequestSecurityToken(request);
+ Source requestMessage = this.createSourceFromRequest(request);
// invoke the token service.
Source responseMessage = this.tokenService.invoke(requestMessage);
@@ -418,7 +409,7 @@
* </p>
*
* @throws Exception if an error occurs while running the test.
- */
+ */
@SuppressWarnings("rawtypes")
public void testInvokeSAML20WithSTSGeneratedSymmetricKey() throws Exception
{
@@ -428,11 +419,8 @@
// add a symmetric key type to the request, but don't supply any client key - STS should generate one.
request.setKeyType(URI.create(WSTrustConstants.KEY_TYPE_SYMMETRIC));
+ Source requestMessage = this.createSourceFromRequest(request);
- // use the factory to marshall the request.
- WSTrustJAXBFactory factory = WSTrustJAXBFactory.getInstance();
- Source requestMessage = factory.marshallRequestSecurityToken(request);
-
// invoke the token service.
Source responseMessage = this.tokenService.invoke(requestMessage);
BaseRequestSecurityTokenResponse baseResponse = WSTrustJAXBFactory.getInstance()
@@ -457,7 +445,8 @@
BinarySecretType serverBinarySecret = (BinarySecretType) proofElement.getValue();
assertNotNull("Unexpected null secret", serverBinarySecret.getValue());
// default key size is 128 bits (16 bytes).
- assertEquals("Unexpected secret size", 16, serverBinarySecret.getValue().length);
+ byte[] encodedSecret = serverBinarySecret.getValue();
+ assertEquals("Unexpected secret size", 16, Base64.decode(encodedSecret, 0, encodedSecret.length).length);
}
/**
@@ -469,7 +458,7 @@
* </p>
*
* @throws Exception if an error occurs while running the test.
- */
+ */
@SuppressWarnings("rawtypes")
public void testInvokeSAML20WithCombinedSymmetricKey() throws Exception
{
@@ -477,12 +466,11 @@
byte[] clientSecret = WSTrustUtil.createRandomSecret(8);
BinarySecretType clientBinarySecret = new BinarySecretType();
clientBinarySecret.setType(WSTrustConstants.BS_TYPE_NONCE);
- clientBinarySecret.setValue(clientSecret);
+ clientBinarySecret.setValue(Base64.encodeBytes(clientSecret).getBytes());
// set the client secret in the client entropy.
EntropyType clientEntropy = new EntropyType();
- clientEntropy.getAny().add(
- new org.picketlink.identity.federation.ws.trust.ObjectFactory().createBinarySecret(clientBinarySecret));
+ clientEntropy.getAny().add(clientBinarySecret);
// create a token request specifying the key type, key size, and client entropy.
RequestSecurityToken request = this.createRequest("testcontext", WSTrustConstants.ISSUE_REQUEST, null,
@@ -492,7 +480,7 @@
request.setKeySize(64);
// invoke the token service.
- Source requestMessage = WSTrustJAXBFactory.getInstance().marshallRequestSecurityToken(request);
+ Source requestMessage = this.createSourceFromRequest(request);
Source responseMessage = this.tokenService.invoke(requestMessage);
BaseRequestSecurityTokenResponse baseResponse = WSTrustJAXBFactory.getInstance()
.parseRequestSecurityTokenResponse(responseMessage);
@@ -525,7 +513,9 @@
BinarySecretType serverBinarySecret = (BinarySecretType) serverEntropyContent.getValue();
assertEquals("Unexpected binary secret type", WSTrustConstants.BS_TYPE_NONCE, serverBinarySecret.getType());
assertNotNull("Unexpected null secret value", serverBinarySecret.getValue());
- assertEquals("Unexpected secret size", 8, serverBinarySecret.getValue().length);
+ // get the base64 decoded
+ byte[] encodedSecret = serverBinarySecret.getValue();
+ assertEquals("Unexpected secret size", 8, Base64.decode(encodedSecret, 0, encodedSecret.length).length);
}
/**
@@ -545,14 +535,12 @@
// include a UseKey section that specifies the certificate in the request.
Certificate certificate = this.getCertificate("keystore/sts_keystore.jks", "testpass", "service1");
- JAXBElement<byte[]> certElement = new org.picketlink.identity.xmlsec.w3.xmldsig.ObjectFactory()
- .createX509DataTypeX509Certificate(certificate.getEncoded());
UseKeyType useKey = new UseKeyType();
- useKey.setAny(certElement);
+ useKey.setAny(Base64.encodeBytes(certificate.getEncoded()).getBytes());
request.setUseKey(useKey);
// invoke the token service.
- Source requestMessage = WSTrustJAXBFactory.getInstance().marshallRequestSecurityToken(request);
+ Source requestMessage = this.createSourceFromRequest(request);
Source responseMessage = this.tokenService.invoke(requestMessage);
BaseRequestSecurityTokenResponse baseResponse = WSTrustJAXBFactory.getInstance()
.parseRequestSecurityTokenResponse(responseMessage);
@@ -585,11 +573,11 @@
Certificate certificate = this.getCertificate("keystore/sts_keystore.jks", "testpass", "service1");
KeyValueType keyValue = WSTrustUtil.createKeyValue(certificate.getPublicKey());
UseKeyType useKey = new UseKeyType();
- useKey.setAny(new org.picketlink.identity.xmlsec.w3.xmldsig.ObjectFactory().createKeyValue(keyValue));
+ useKey.setAny(keyValue);
request.setUseKey(useKey);
// invoke the token service.
- Source requestMessage = WSTrustJAXBFactory.getInstance().marshallRequestSecurityToken(request);
+ Source requestMessage = this.createSourceFromRequest(request);
Source responseMessage = this.tokenService.invoke(requestMessage);
BaseRequestSecurityTokenResponse baseResponse = WSTrustJAXBFactory.getInstance()
.parseRequestSecurityTokenResponse(responseMessage);
@@ -619,17 +607,18 @@
// use the factory to marshall the request.
WSTrustJAXBFactory factory = WSTrustJAXBFactory.getInstance();
- Source requestMessage = factory.marshallRequestSecurityToken(request);
+ Source requestMessage = this.createSourceFromRequest(request);
// invoke the token service.
Source responseMessage = this.tokenService.invoke(requestMessage);
BaseRequestSecurityTokenResponse baseResponse = factory.parseRequestSecurityTokenResponse(responseMessage);
// validate the response and get the SAML assertion from the request.
- this.validateSAMLAssertionResponse(baseResponse, "testcontext", "jduke", SAMLUtil.SAML2_BEARER_URI);
+ this.validateSAMLAssertionResponse(baseResponse, "testcontext", "jduke",
+ SAMLUtil.SAML2_BEARER_URI);
RequestSecurityTokenResponseCollection collection = (RequestSecurityTokenResponseCollection) baseResponse;
Element assertion = (Element) collection.getRequestSecurityTokenResponses().get(0).getRequestedSecurityToken()
- .getAny();
+ .getAny();
// now construct a WS-Trust validate request with the generated assertion.
request = this.createRequest("validatecontext", WSTrustConstants.VALIDATE_REQUEST, WSTrustConstants.STATUS_TYPE,
@@ -639,7 +628,7 @@
request.setValidateTarget(validateTarget);
// invoke the token service.
- responseMessage = this.tokenService.invoke(factory.marshallRequestSecurityToken(request));
+ responseMessage = this.tokenService.invoke(this.createSourceFromRequest(request));
baseResponse = factory.parseRequestSecurityTokenResponse(responseMessage);
// validate the response contents.
@@ -658,7 +647,7 @@
// now let's temper the SAML assertion and try to validate it again.
assertion.getFirstChild().getFirstChild().setNodeValue("Tempered Issuer");
request.getValidateTarget().setAny(assertion);
- responseMessage = this.tokenService.invoke(factory.marshallRequestSecurityToken(request));
+ responseMessage = this.tokenService.invoke(this.createSourceFromRequest(request));
collection = (RequestSecurityTokenResponseCollection) WSTrustJAXBFactory.getInstance()
.parseRequestSecurityTokenResponse(responseMessage);
assertEquals("Unexpected number of responses", 1, collection.getRequestSecurityTokenResponses().size());
@@ -687,7 +676,7 @@
// use the factory to marshall the request.
WSTrustJAXBFactory factory = WSTrustJAXBFactory.getInstance();
- Source requestMessage = factory.marshallRequestSecurityToken(request);
+ Source requestMessage = this.createSourceFromRequest(request);
// invoke the token service.
Source responseMessage = this.tokenService.invoke(requestMessage);
@@ -706,7 +695,7 @@
request.setRenewTarget(renewTarget);
// invoke the token service.
- responseMessage = this.tokenService.invoke(factory.marshallRequestSecurityToken(request));
+ responseMessage = this.tokenService.invoke(this.createSourceFromRequest(request));
baseResponse = factory.parseRequestSecurityTokenResponse(responseMessage);
// validate the renew response contents and get the renewed token.
@@ -744,7 +733,7 @@
// use the factory to marshall the request.
WSTrustJAXBFactory factory = WSTrustJAXBFactory.getInstance();
- Source requestMessage = factory.marshallRequestSecurityToken(request);
+ Source requestMessage = this.createSourceFromRequest(request);
// invoke the token service.
Source responseMessage = this.tokenService.invoke(requestMessage);
@@ -763,7 +752,7 @@
request.setCancelTarget(cancelTarget);
// invoke the token service.
- responseMessage = this.tokenService.invoke(factory.marshallRequestSecurityToken(request));
+ responseMessage = this.tokenService.invoke(this.createSourceFromRequest(request));
baseResponse = factory.parseRequestSecurityTokenResponse(responseMessage);
// validate the response contents.
@@ -783,7 +772,7 @@
request.setValidateTarget(validateTarget);
// the response should contain a status indicating that the token is not valid.
- responseMessage = this.tokenService.invoke(factory.marshallRequestSecurityToken(request));
+ responseMessage = this.tokenService.invoke(this.createSourceFromRequest(request));
collection = (RequestSecurityTokenResponseCollection) factory.parseRequestSecurityTokenResponse(responseMessage);
assertEquals("Unexpected number of responses", 1, collection.getRequestSecurityTokenResponses().size());
response = collection.getRequestSecurityTokenResponses().get(0);
@@ -804,7 +793,7 @@
// we should receive an exception when renewing the token.
try
{
- this.tokenService.invoke(factory.marshallRequestSecurityToken(request));
+ this.tokenService.invoke(this.createSourceFromRequest(request));
fail("Renewing a canceled token should result in an exception being thrown");
}
catch (WebServiceException we)
@@ -829,9 +818,7 @@
RequestSecurityToken request = this.createRequest("testcontext", WSTrustConstants.ISSUE_REQUEST,
"http://www.tokens.org/UnknownToken", null);
- // use the factory to marshall the request.
- WSTrustJAXBFactory factory = WSTrustJAXBFactory.getInstance();
- Source requestMessage = factory.marshallRequestSecurityToken(request);
+ Source requestMessage = this.createSourceFromRequest(request);
// invoke the security token service.
try
@@ -859,8 +846,7 @@
{
// lets create an issue request that container neither an applies-to nor a token type.
RequestSecurityToken request = this.createRequest("testcontext", WSTrustConstants.ISSUE_REQUEST, null, null);
- WSTrustJAXBFactory factory = WSTrustJAXBFactory.getInstance();
- Source requestMessage = factory.marshallRequestSecurityToken(request);
+ Source requestMessage = this.createSourceFromRequest(request);
// invoke the token service. A WSTrustException should be raised.
try
@@ -879,7 +865,7 @@
// a request that asks for a public key to be used as proof key will fail if the public key is not available.
request.setTokenType(URI.create(SAMLUtil.SAML2_TOKEN_TYPE));
request.setKeyType(URI.create(WSTrustConstants.KEY_TYPE_PUBLIC));
- requestMessage = factory.marshallRequestSecurityToken(request);
+ requestMessage = this.createSourceFromRequest(request);
try
{
@@ -906,8 +892,7 @@
// first create a request that doesn't have a renew target element.
RequestSecurityToken request = this.createRequest("renewcontext", WSTrustConstants.RENEW_REQUEST,
SAMLUtil.SAML2_TOKEN_TYPE, null);
- WSTrustJAXBFactory factory = WSTrustJAXBFactory.getInstance();
- Source requestMessage = factory.marshallRequestSecurityToken(request);
+ Source requestMessage = this.createSourceFromRequest(request);
// invoke the token service.
try
@@ -924,7 +909,7 @@
// a request with an empty renew target should also result in a failure.
request.setRenewTarget(new RenewTargetType());
- requestMessage = factory.marshallRequestSecurityToken(request);
+ requestMessage = this.createSourceFromRequest(request);
try
{
this.tokenService.invoke(requestMessage);
@@ -933,13 +918,13 @@
catch (WebServiceException we)
{
assertNotNull("Unexpected null cause", we.getCause());
- assertTrue("Unexpected cause type", we.getCause() instanceof WSTrustException);
- assertEquals("Unable to renew token: security token is null", we.getCause().getMessage());
+ assertTrue("Unexpected cause type", we.getCause() instanceof ParsingException);
+ assertEquals("Unable to parse renew token request: security token is null", we.getCause().getMessage());
}
// a request to renew an unknown token (i.e. there's no provider can handle the token) should also fail.
request.getRenewTarget().setAny(this.createUnknownToken());
- requestMessage = factory.marshallRequestSecurityToken(request);
+ requestMessage = this.createSourceFromRequest(request);
try
{
this.tokenService.invoke(requestMessage);
@@ -966,8 +951,7 @@
// first create a request that doesn't have a validate target element.
RequestSecurityToken request = this.createRequest("validatecontext", WSTrustConstants.VALIDATE_REQUEST,
SAMLUtil.SAML2_TOKEN_TYPE, null);
- WSTrustJAXBFactory factory = WSTrustJAXBFactory.getInstance();
- Source requestMessage = factory.marshallRequestSecurityToken(request);
+ Source requestMessage = this.createSourceFromRequest(request);
// invoke the token service.
try
@@ -984,7 +968,7 @@
// a request with an empty validate target should also result in a failure.
request.setValidateTarget(new ValidateTargetType());
- requestMessage = factory.marshallRequestSecurityToken(request);
+ requestMessage = this.createSourceFromRequest(request);
try
{
this.tokenService.invoke(requestMessage);
@@ -993,13 +977,13 @@
catch (WebServiceException we)
{
assertNotNull("Unexpected null cause", we.getCause());
- assertTrue("Unexpected cause type", we.getCause() instanceof WSTrustException);
- assertEquals("Unable to validate token: security token is null", we.getCause().getMessage());
+ assertTrue("Unexpected cause type", we.getCause() instanceof ParsingException);
+ assertEquals("Unable to parse validate token request: security token is null", we.getCause().getMessage());
}
// a request to validate an unknown token (i.e. there's no provider can handle the token) should also fail.
request.getValidateTarget().setAny(this.createUnknownToken());
- requestMessage = factory.marshallRequestSecurityToken(request);
+ requestMessage = this.createSourceFromRequest(request);
try
{
this.tokenService.invoke(requestMessage);
@@ -1026,8 +1010,7 @@
// first create a request that doesn't have a cancel target element.
RequestSecurityToken request = this.createRequest("cancelcontext", WSTrustConstants.CANCEL_REQUEST,
SAMLUtil.SAML2_TOKEN_TYPE, null);
- WSTrustJAXBFactory factory = WSTrustJAXBFactory.getInstance();
- Source requestMessage = factory.marshallRequestSecurityToken(request);
+ Source requestMessage = this.createSourceFromRequest(request);
// invoke the token service.
try
@@ -1044,7 +1027,7 @@
// a request with an empty cancel target should also result in a failure.
request.setCancelTarget(new CancelTargetType());
- requestMessage = factory.marshallRequestSecurityToken(request);
+ requestMessage = this.createSourceFromRequest(request);
try
{
this.tokenService.invoke(requestMessage);
@@ -1053,13 +1036,13 @@
catch (WebServiceException we)
{
assertNotNull("Unexpected null cause", we.getCause());
- assertTrue("Unexpected cause type", we.getCause() instanceof WSTrustException);
- assertEquals("Unable to cancel token: security token is null", we.getCause().getMessage());
+ assertTrue("Unexpected cause type", we.getCause() instanceof ParsingException);
+ assertEquals("Unable to parse cancel token request: security token is null", we.getCause().getMessage());
}
// a request to cancel an unknown token (i.e. there's no provider can handle the token) should also fail.
request.getCancelTarget().setAny(this.createUnknownToken());
- requestMessage = factory.marshallRequestSecurityToken(request);
+ requestMessage = this.createSourceFromRequest(request);
try
{
this.tokenService.invoke(requestMessage);
@@ -1318,10 +1301,12 @@
Document doc = DocumentUtil.createDocument();
String namespaceURI = "http://www.unknowntoken.org";
Element root = doc.createElementNS(namespaceURI, "token:UnknownToken");
- root.appendChild(doc.createTextNode("Unknown content"));
+ Element child = doc.createElementNS(namespaceURI, "token:UnknownTokenValue");
+ child.appendChild(doc.createTextNode("Unknown content"));
+ root.appendChild(child);
String id = IDGenerator.create("ID_");
root.setAttributeNS(namespaceURI, "ID", id);
-
+ root.setAttributeNS("http://www.w3.org/2000/xmlns/", "xmlns:token", namespaceURI);
return root;
}
@@ -1346,6 +1331,15 @@
return certificate;
}
+ private Source createSourceFromRequest(RequestSecurityToken request) throws Exception
+ {
+ // write the request XML to a byte[]
+ DOMResult result = new DOMResult(DocumentUtil.createDocument());
+ WSTrustRSTWriter writer = new WSTrustRSTWriter(result);
+ writer.write(request);
+ return new DOMSource(result.getNode());
+ }
+
/**
* <p>
* Helper class that exposes the PicketLinkSTS methods as public for the tests to work.
More information about the jboss-cvs-commits
mailing list