[jboss-cvs] Picketlink SVN: r487 - in federation/trunk/picketlink-fed-core/src: main/java/org/picketlink/identity/federation/core/wstrust and 1 other directories.
jboss-cvs-commits at lists.jboss.org
jboss-cvs-commits at lists.jboss.org
Mon Oct 18 17:46:07 EDT 2010
Author: anil.saldhana at jboss.com
Date: 2010-10-18 17:46:06 -0400 (Mon, 18 Oct 2010)
New Revision: 487
Added:
federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/wst/WSTrustIssuePublicCertificateTestCase.java
Modified:
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/wst/WSTRequestSecurityTokenParser.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/WSTrustConstants.java
Log:
PLFED-109: parse the X509 cert as part of RST use key
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/wst/WSTRequestSecurityTokenParser.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/wst/WSTRequestSecurityTokenParser.java 2010-10-18 21:45:30 UTC (rev 486)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/wst/WSTRequestSecurityTokenParser.java 2010-10-18 21:46:06 UTC (rev 487)
@@ -23,24 +23,31 @@
import java.net.URI;
import java.net.URISyntaxException;
+import java.util.Iterator;
import javax.xml.namespace.QName;
import javax.xml.stream.XMLEventReader;
import javax.xml.stream.events.Attribute;
import javax.xml.stream.events.EndElement;
+import javax.xml.stream.events.Namespace;
import javax.xml.stream.events.StartElement;
import javax.xml.stream.events.XMLEvent;
+import org.picketlink.identity.federation.core.exceptions.ConfigurationException;
import org.picketlink.identity.federation.core.exceptions.ParsingException;
+import org.picketlink.identity.federation.core.exceptions.ProcessingException;
import org.picketlink.identity.federation.core.parsers.ParserController;
import org.picketlink.identity.federation.core.parsers.ParserNamespaceSupport;
import org.picketlink.identity.federation.core.parsers.util.StaxParserUtil;
+import org.picketlink.identity.federation.core.saml.v2.util.DocumentUtil;
import org.picketlink.identity.federation.core.wstrust.WSTrustConstants;
import org.picketlink.identity.federation.core.wstrust.wrappers.RequestSecurityToken;
import org.picketlink.identity.federation.ws.policy.AppliesTo;
import org.picketlink.identity.federation.ws.trust.CancelTargetType;
import org.picketlink.identity.federation.ws.trust.OnBehalfOfType;
+import org.picketlink.identity.federation.ws.trust.UseKeyType;
import org.picketlink.identity.federation.ws.trust.ValidateTargetType;
+import org.w3c.dom.Element;
/**
* Parse the WS-Trust RequestSecurityToken
@@ -49,6 +56,8 @@
*/
public class WSTRequestSecurityTokenParser implements ParserNamespaceSupport
{
+ public static final String X509CERTIFICATE = "X509Certificate";
+
/**
* @see {@link ParserNamespaceSupport#parse(XMLEventReader)}
*/
@@ -108,7 +117,7 @@
EndElement cancelTargetEndElement = StaxParserUtil.getNextEndElement(xmlEventReader);
StaxParserUtil.validate( cancelTargetEndElement, WSTrustConstants.CANCEL_TARGET ) ;
}
- else if( tag.equals( WSTrustConstants.VALIDATE_TARGET ))
+ else if( tag.equals( WSTrustConstants.VALIDATE_TARGET ))
{
subEvent = StaxParserUtil.getNextStartElement(xmlEventReader);
@@ -118,7 +127,7 @@
EndElement validateTargetEndElement = StaxParserUtil.getNextEndElement(xmlEventReader);
StaxParserUtil.validate( validateTargetEndElement, WSTrustConstants.VALIDATE_TARGET ) ;
}
- else if( tag.equals( WSTrustConstants.On_BEHALF_OF ))
+ else if( tag.equals( WSTrustConstants.On_BEHALF_OF ))
{
subEvent = StaxParserUtil.getNextStartElement(xmlEventReader);
@@ -128,6 +137,37 @@
EndElement onBehalfOfEndElement = StaxParserUtil.getNextEndElement(xmlEventReader);
StaxParserUtil.validate( onBehalfOfEndElement, WSTrustConstants.On_BEHALF_OF ) ;
}
+ else if( tag.equals( WSTrustConstants.KEY_TYPE ))
+ {
+ subEvent = StaxParserUtil.getNextStartElement(xmlEventReader);
+ String keyType = StaxParserUtil.getElementText(xmlEventReader);
+ try
+ {
+ URI keyTypeURI = new URI( keyType );
+ requestToken.setKeyType( keyTypeURI );
+ }
+ catch( URISyntaxException e )
+ {
+ throw new ParsingException( e );
+ }
+ }
+ else if( tag.equals( WSTrustConstants.USE_KEY ))
+ {
+ subEvent = StaxParserUtil.getNextStartElement(xmlEventReader);
+ UseKeyType useKeyType = new UseKeyType();
+ StaxParserUtil.validate( subEvent, WSTrustConstants.USE_KEY ) ;
+
+ /**
+ * There has to be a better way of parsing a sub section into a DOM element
+ */
+ subEvent = StaxParserUtil.getNextStartElement(xmlEventReader);
+ StaxParserUtil.validate( subEvent, X509CERTIFICATE ) ;
+
+ Element domElement = getX509CertificateAsDomElement( subEvent, xmlEventReader );
+
+ useKeyType.setAny( domElement );
+ requestToken.setUseKey( useKeyType );
+ }
else
{
QName qname = subEvent.getName();
@@ -162,4 +202,57 @@
return WSTrustConstants.BASE_NAMESPACE.equals( nsURI )
&& WSTrustConstants.RST.equals( localPart );
}
+
+
+ private Element getX509CertificateAsDomElement( StartElement subEvent, XMLEventReader xmlEventReader ) throws ParsingException
+ {
+ StringBuilder builder = new StringBuilder();
+
+ QName subEventName = subEvent.getName();
+ String prefix = subEventName.getPrefix();
+ String localPart = subEventName.getLocalPart();
+
+ builder.append( "<" ).append( prefix ).append( ":").append( localPart );
+
+ @SuppressWarnings("unchecked")
+ Iterator<Attribute> iter = subEvent.getAttributes();
+
+ while( iter != null && iter.hasNext() )
+ {
+ Attribute attr = iter.next();
+ QName attrName = attr.getName();
+ if( attrName.getNamespaceURI().equals( WSTrustConstants.DSIG_NS ) )
+ {
+ builder.append( " ").append( prefix ).append( ":" ).append( attrName.getLocalPart() );
+ builder.append( "=" ).append( StaxParserUtil.getAttributeValue( attr ));
+ }
+ }
+
+ @SuppressWarnings("unchecked")
+ Iterator<Namespace> namespaces = subEvent.getNamespaces();
+ while( namespaces != null && namespaces.hasNext() )
+ {
+ Namespace namespace = namespaces.next();
+ builder.append( " ").append( namespace.toString() );
+ }
+ builder.append( ">" );
+ builder.append( StaxParserUtil.getElementText(xmlEventReader) ); //We are at the end of tag
+
+ builder.append( "</" ).append( prefix ).append( ":" ).append( localPart ).append( ">" );
+ Element domElement = null;
+ try
+ {
+ domElement = DocumentUtil.getDocument( builder.toString() ).getDocumentElement() ;
+ }
+ catch (ConfigurationException e)
+ {
+ throw new ParsingException( e );
+ }
+ catch (ProcessingException e)
+ {
+ throw new ParsingException( e );
+ }
+
+ return domElement;
+ }
}
\ No newline at end of file
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/WSTrustConstants.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/WSTrustConstants.java 2010-10-18 21:45:30 UTC (rev 486)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/WSTrustConstants.java 2010-10-18 21:46:06 UTC (rev 487)
@@ -83,12 +83,14 @@
//Element Names
public static final String On_BEHALF_OF = "OnBehalfOf";
+ public static final String KEY_TYPE = "KeyType";
public static final String RST = "RequestSecurityToken";
public static final String RST_COLLECTION = "RequestSecurityTokenCollection";
public static final String REQUEST_TYPE = "RequestType";
public static final String TOKEN_TYPE = "TokenType";
public static final String CANCEL_TARGET = "CancelTarget";
public static final String VALIDATE_TARGET = "ValidateTarget";
+ public static final String USE_KEY = "UseKey";
//Attribute Names
public static final String RST_CONTEXT = "Context";
Added: federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/wst/WSTrustIssuePublicCertificateTestCase.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/wst/WSTrustIssuePublicCertificateTestCase.java (rev 0)
+++ federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/wst/WSTrustIssuePublicCertificateTestCase.java 2010-10-18 21:46:06 UTC (rev 487)
@@ -0,0 +1,61 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2008, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.picketlink.test.identity.federation.core.parser.wst;
+
+import static org.junit.Assert.assertEquals;
+
+import java.io.InputStream;
+
+import org.junit.Test;
+import org.picketlink.identity.federation.core.parsers.wst.WSTRequestSecurityTokenParser;
+import org.picketlink.identity.federation.core.parsers.wst.WSTrustParser;
+import org.picketlink.identity.federation.core.wstrust.WSTrustConstants;
+import org.picketlink.identity.federation.core.wstrust.wrappers.RequestSecurityToken;
+import org.picketlink.identity.federation.ws.trust.UseKeyType;
+import org.w3c.dom.Element;
+
+/**
+ * Validate parsing of RST with Use Key set to a X509 certificate
+ * @author Anil.Saldhana at redhat.com
+ * @since Oct 18, 2010
+ */
+public class WSTrustIssuePublicCertificateTestCase
+{
+
+ @Test
+ public void testPublicCert() throws Exception
+ {
+ ClassLoader tcl = Thread.currentThread().getContextClassLoader();
+ InputStream configStream = tcl.getResourceAsStream( "parser/wst/wst-issue-public-certificate.xml" );
+
+ WSTrustParser parser = new WSTrustParser();
+ RequestSecurityToken requestToken = ( RequestSecurityToken ) parser.parse( configStream );
+
+ assertEquals( "testcontext", requestToken.getContext() );
+ assertEquals( WSTrustConstants.ISSUE_REQUEST , requestToken.getRequestType().toASCIIString() );
+
+ UseKeyType useKeyType = requestToken.getUseKey();
+ Element certEl = (Element) useKeyType.getAny();
+
+ assertEquals( "ds:" + WSTRequestSecurityTokenParser.X509CERTIFICATE, certEl.getTagName() );
+ }
+}
\ No newline at end of file
More information about the jboss-cvs-commits
mailing list