[jboss-cvs] Picketlink SVN: r924 - in picketlink-seam/trunk/picketlink-seam/src: test/java/org/picketlink/test/identity/seam/federation and 1 other directory.
jboss-cvs-commits at lists.jboss.org
jboss-cvs-commits at lists.jboss.org
Tue May 3 06:13:50 EDT 2011
Author: jonananas
Date: 2011-05-03 06:13:49 -0400 (Tue, 03 May 2011)
New Revision: 924
Added:
picketlink-seam/trunk/picketlink-seam/src/test/java/org/picketlink/test/identity/seam/federation/SamlMetaDataProviderTestCase.java
Modified:
picketlink-seam/trunk/picketlink-seam/src/main/java/org/picketlink/identity/seam/federation/SamlMetaDataProvider.java
picketlink-seam/trunk/picketlink-seam/src/main/java/org/picketlink/identity/seam/federation/SamlSingleLogoutSender.java
picketlink-seam/trunk/picketlink-seam/src/test/java/org/picketlink/test/identity/seam/federation/SamlConfigurationUnitTestCase.java
Log:
PLFED-182 MetaDataService throws exception
- Added SamlMetaDataProviderTestCase
- SamlMetaDataProvider.getKeyInfoDOM now adds ds namespace
Modified: picketlink-seam/trunk/picketlink-seam/src/main/java/org/picketlink/identity/seam/federation/SamlMetaDataProvider.java
===================================================================
--- picketlink-seam/trunk/picketlink-seam/src/main/java/org/picketlink/identity/seam/federation/SamlMetaDataProvider.java 2011-05-03 08:29:14 UTC (rev 923)
+++ picketlink-seam/trunk/picketlink-seam/src/main/java/org/picketlink/identity/seam/federation/SamlMetaDataProvider.java 2011-05-03 10:13:49 UTC (rev 924)
@@ -58,43 +58,47 @@
public void writeMetaData(OutputStream stream)
{
try
- {
- String acsRedirectServiceURL = serviceProvider.getServiceURL(ExternalAuthenticationService.SAML_ASSERTION_CONSUMER_SERVICE);
- IndexedEndpointType acsRedirectEndpoint = new IndexedEndpointType( URI.create( SamlConstants.HTTP_REDIRECT_BINDING ), URI.create( acsRedirectServiceURL ));
+ {
+ String acsRedirectServiceURL = serviceProvider
+ .getServiceURL(ExternalAuthenticationService.SAML_ASSERTION_CONSUMER_SERVICE);
+ IndexedEndpointType acsRedirectEndpoint = new IndexedEndpointType(
+ URI.create(SamlConstants.HTTP_REDIRECT_BINDING), URI.create(acsRedirectServiceURL));
- String acsPostServiceURL = serviceProvider.getServiceURL(ExternalAuthenticationService.SAML_ASSERTION_CONSUMER_SERVICE);
- IndexedEndpointType acsPostEndpoint = new IndexedEndpointType( URI.create( SamlConstants.HTTP_POST_BINDING ), URI.create( acsPostServiceURL ) );
+ String acsPostServiceURL = serviceProvider
+ .getServiceURL(ExternalAuthenticationService.SAML_ASSERTION_CONSUMER_SERVICE);
+ IndexedEndpointType acsPostEndpoint = new IndexedEndpointType(URI.create(SamlConstants.HTTP_POST_BINDING),
+ URI.create(acsPostServiceURL));
- IndexedEndpointType sloRedirectEndpoint = new IndexedEndpointType( URI.create(SamlConstants.HTTP_REDIRECT_BINDING), URI.create(serviceProvider
- .getServiceURL(ExternalAuthenticationService.SAML_SINGLE_LOGOUT_SERVICE)) );
+ IndexedEndpointType sloRedirectEndpoint = new IndexedEndpointType(
+ URI.create(SamlConstants.HTTP_REDIRECT_BINDING), URI.create(serviceProvider
+ .getServiceURL(ExternalAuthenticationService.SAML_SINGLE_LOGOUT_SERVICE)));
- IndexedEndpointType sloPostEndpoint = new IndexedEndpointType( URI.create( SamlConstants.HTTP_POST_BINDING), URI.create( serviceProvider
- .getServiceURL(ExternalAuthenticationService.SAML_SINGLE_LOGOUT_SERVICE)) );
+ IndexedEndpointType sloPostEndpoint = new IndexedEndpointType(URI.create(SamlConstants.HTTP_POST_BINDING),
+ URI.create(serviceProvider.getServiceURL(ExternalAuthenticationService.SAML_SINGLE_LOGOUT_SERVICE)));
List<String> protocolSupport = new ArrayList<String>();
- protocolSupport.add( JBossSAMLURIConstants.PROTOCOL_NSURI.get() );
-
- SPSSODescriptorType spSsoDescriptor = new SPSSODescriptorType( protocolSupport );
+ protocolSupport.add(JBossSAMLURIConstants.PROTOCOL_NSURI.get());
+
+ SPSSODescriptorType spSsoDescriptor = new SPSSODescriptorType(protocolSupport);
spSsoDescriptor.setAuthnRequestsSigned(serviceProvider.getSamlConfiguration().isAuthnRequestsSigned());
spSsoDescriptor.setWantAssertionsSigned(serviceProvider.getSamlConfiguration().isWantAssertionsSigned());
- spSsoDescriptor.addAssertionConsumerService( acsRedirectEndpoint );
- spSsoDescriptor.addAssertionConsumerService( acsPostEndpoint );
- spSsoDescriptor.addSingleLogoutService( sloRedirectEndpoint );
- spSsoDescriptor.addSingleLogoutService( sloPostEndpoint );
+ spSsoDescriptor.addAssertionConsumerService(acsRedirectEndpoint);
+ spSsoDescriptor.addAssertionConsumerService(acsPostEndpoint);
+ spSsoDescriptor.addSingleLogoutService(sloRedirectEndpoint);
+ spSsoDescriptor.addSingleLogoutService(sloPostEndpoint);
- spSsoDescriptor.addNameIDFormat( "urn:oasis:names:tc:SAML:2.0:nameid-format:persistent");
- spSsoDescriptor.addNameIDFormat( "urn:oasis:names:tc:SAML:2.0:nameid-format:transient");
- spSsoDescriptor.addNameIDFormat( "urn:oasis:names:tc:SAML:2.0:nameid-format:unspecified");
- spSsoDescriptor.addNameIDFormat( "urn:oasis:names:tc:SAML:2.0:nameid-format:emailAddress");
-
+ spSsoDescriptor.addNameIDFormat("urn:oasis:names:tc:SAML:2.0:nameid-format:persistent");
+ spSsoDescriptor.addNameIDFormat("urn:oasis:names:tc:SAML:2.0:nameid-format:transient");
+ spSsoDescriptor.addNameIDFormat("urn:oasis:names:tc:SAML:2.0:nameid-format:unspecified");
+ spSsoDescriptor.addNameIDFormat("urn:oasis:names:tc:SAML:2.0:nameid-format:emailAddress");
X509Certificate certificate = serviceProvider.getSamlConfiguration().getCertificate();
- if(certificate == null)
+ if (certificate == null)
throw new RuntimeException("Certificate obtained from configuration is null");
- Element keyInfoElement = getKeyInfoDOM( certificate );
-
+ Element keyInfoElement = getKeyInfoDOM(certificate);
+
/*JAXBElement<byte[]> X509Certificate;
try
{
@@ -113,49 +117,56 @@
KeyDescriptorType keyDescriptor = new KeyDescriptorType();
keyDescriptor.setKeyInfo(keyInfoElement);
-
+
/*keyDescriptor.setUse(KeyTypes.SIGNING);
keyDescriptor.setKeyInfo(keyInfo);*/
- spSsoDescriptor.addKeyDescriptor( keyDescriptor );
+ spSsoDescriptor.addKeyDescriptor(keyDescriptor);
- EDTDescriptorChoiceType edtDescriptorChoice = new EDTDescriptorChoiceType( spSsoDescriptor );
+ EDTDescriptorChoiceType edtDescriptorChoice = new EDTDescriptorChoiceType(spSsoDescriptor);
List<EDTDescriptorChoiceType> edtChoices = new ArrayList<EntityDescriptorType.EDTDescriptorChoiceType>();
edtChoices.add(edtDescriptorChoice);
-
+
EDTChoiceType edtChoice = new EDTChoiceType(edtChoices);
-
- EntityDescriptorType entityDescriptor = new EntityDescriptorType( serviceProvider.getSamlConfiguration().getEntityId());
+
+ EntityDescriptorType entityDescriptor = new EntityDescriptorType(serviceProvider.getSamlConfiguration()
+ .getEntityId());
entityDescriptor.addChoiceType(edtChoice);
-
-
- SAMLMetadataWriter metadataWriter = new SAMLMetadataWriter( StaxUtil.getXMLStreamWriter( stream ) );
+
+ SAMLMetadataWriter metadataWriter = new SAMLMetadataWriter(StaxUtil.getXMLStreamWriter(stream));
metadataWriter.writeEntityDescriptor(entityDescriptor);
-
+
/*JAXBContext jaxbContext = JAXBContext.newInstance("org.picketlink.identity.federation.saml.v2.metadata");
Marshaller marshaller = jaxbContext.createMarshaller();
marshaller.setProperty(Marshaller.JAXB_ENCODING, "UTF-8");
marshaller.setProperty(Marshaller.JAXB_FORMATTED_OUTPUT, Boolean.TRUE);
marshaller.marshal(metaDataFactory.createEntityDescriptor(entityDescriptor), stream);*/
}
- catch ( Exception e)
+ catch (Exception e)
{
throw new RuntimeException(e);
}
}
-
- private Element getKeyInfoDOM( X509Certificate certificate )
- {
+
+ private Element getKeyInfoDOM(X509Certificate certificate)
+ {
try
{
- StringBuilder builder = new StringBuilder( "<ds:KeyInfo><ds:X509Data><ds:X509Certificate>");
- builder.append( KeyUtil.encodeAsString( certificate )).append( "</ds:X509Certificate></ds:X509Data></ds:KeyInfo>");
+ // TODO: JA This is not pretty, would prefer to create DOM directly
+ StringBuilder builder = new StringBuilder("<ds:KeyInfo xmlns:ds=\""
+ + JBossSAMLURIConstants.XMLDSIG_NSURI.get() + "\"><ds:X509Data><ds:X509Certificate>");
+ builder.append(KeyUtil.encodeAsString(certificate)).append("</ds:X509Certificate></ds:X509Data></ds:KeyInfo>");
return DocumentUtil.getDocument(builder.toString()).getDocumentElement();
}
- catch ( Exception e)
- {
- throw new RuntimeException( e );
+ catch (Exception e)
+ {
+ throw new RuntimeException(e);
}
-
+
}
-}
\ No newline at end of file
+
+ public void setServiceProvider(ServiceProvider serviceProvider)
+ {
+ this.serviceProvider = serviceProvider;
+ }
+}
Modified: picketlink-seam/trunk/picketlink-seam/src/main/java/org/picketlink/identity/seam/federation/SamlSingleLogoutSender.java
===================================================================
--- picketlink-seam/trunk/picketlink-seam/src/main/java/org/picketlink/identity/seam/federation/SamlSingleLogoutSender.java 2011-05-03 08:29:14 UTC (rev 923)
+++ picketlink-seam/trunk/picketlink-seam/src/main/java/org/picketlink/identity/seam/federation/SamlSingleLogoutSender.java 2011-05-03 10:13:49 UTC (rev 924)
@@ -29,7 +29,6 @@
import org.jboss.seam.annotations.In;
import org.jboss.seam.annotations.Name;
import org.jboss.seam.security.Identity;
-import org.picketlink.identity.federation.core.exceptions.ConfigurationException;
import org.picketlink.identity.federation.newmodel.saml.v2.protocol.LogoutRequestType;
import org.picketlink.identity.seam.federation.configuration.SamlIdentityProvider;
@@ -54,17 +53,10 @@
public void sendSingleLogoutRequestToIDP(HttpServletRequest request, HttpServletResponse response, Identity identity)
{
SeamSamlPrincipal principal = (SeamSamlPrincipal) identity.getPrincipal();
- SamlIdentityProvider idp = (SamlIdentityProvider) principal.getIdentityProvider();
+ SamlIdentityProvider idp = principal.getIdentityProvider();
LogoutRequestType logoutRequest;
- try
- {
- logoutRequest = samlMessageFactory.createLogoutRequest(principal);
- requests.addRequest(logoutRequest.getID(), idp, null);
- }
- catch (ConfigurationException e)
- {
- throw new RuntimeException(e);
- }
+ logoutRequest = samlMessageFactory.createLogoutRequest(principal);
+ requests.addRequest(logoutRequest.getID(), idp, null);
samlMessageSender.sendRequestToIDP(request, response, idp, SamlProfile.SINGLE_LOGOUT, logoutRequest);
}
Modified: picketlink-seam/trunk/picketlink-seam/src/test/java/org/picketlink/test/identity/seam/federation/SamlConfigurationUnitTestCase.java
===================================================================
--- picketlink-seam/trunk/picketlink-seam/src/test/java/org/picketlink/test/identity/seam/federation/SamlConfigurationUnitTestCase.java 2011-05-03 08:29:14 UTC (rev 923)
+++ picketlink-seam/trunk/picketlink-seam/src/test/java/org/picketlink/test/identity/seam/federation/SamlConfigurationUnitTestCase.java 2011-05-03 10:13:49 UTC (rev 924)
@@ -22,11 +22,6 @@
package org.picketlink.test.identity.seam.federation;
import static org.junit.Assert.*;
-import static org.junit.Assert.assertNotNull;
-import static org.junit.Assert.assertTrue;
-
-import static org.hamcrest.CoreMatchers.*;
-
import java.io.InputStream;
import java.util.HashMap;
import java.util.List;
@@ -39,11 +34,7 @@
import org.picketlink.identity.federation.newmodel.saml.v2.metadata.EntityDescriptorType.EDTChoiceType;
import org.picketlink.identity.federation.newmodel.saml.v2.metadata.EntityDescriptorType.EDTDescriptorChoiceType;
import org.picketlink.identity.federation.newmodel.saml.v2.metadata.IDPSSODescriptorType;
-import org.picketlink.identity.seam.federation.configuration.Configuration;
import org.picketlink.identity.seam.federation.configuration.SamlConfiguration;
-import org.picketlink.identity.seam.federation.configuration.SamlIdentityProvider;
-import org.picketlink.identity.seam.federation.configuration.ServiceProvider;
-import org.picketlink.identity.seam.federation.jaxb.config.SamlConfigType;
/**
* Unit test the {@link SamlConfiguration} class
Added: picketlink-seam/trunk/picketlink-seam/src/test/java/org/picketlink/test/identity/seam/federation/SamlMetaDataProviderTestCase.java
===================================================================
--- picketlink-seam/trunk/picketlink-seam/src/test/java/org/picketlink/test/identity/seam/federation/SamlMetaDataProviderTestCase.java (rev 0)
+++ picketlink-seam/trunk/picketlink-seam/src/test/java/org/picketlink/test/identity/seam/federation/SamlMetaDataProviderTestCase.java 2011-05-03 10:13:49 UTC (rev 924)
@@ -0,0 +1,58 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2011, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.picketlink.test.identity.seam.federation;
+
+import static org.hamcrest.CoreMatchers.is;
+import static org.junit.Assert.*;
+
+import java.io.ByteArrayOutputStream;
+import java.io.OutputStream;
+
+import org.junit.Test;
+import org.picketlink.identity.seam.federation.SamlMetaDataProvider;
+import org.picketlink.identity.seam.federation.configuration.Configuration;
+import org.picketlink.identity.seam.federation.configuration.ServiceProvider;
+
+/**
+ * @author Jonas Andersson
+ * @since 29 apr 2011
+ */
+public class SamlMetaDataProviderTestCase
+{
+
+ @Test
+ public void shouldReturnMetaData() throws Exception
+ {
+ Configuration config = new Configuration();
+ config.init();
+
+ SamlMetaDataProvider metaDataProvider = new SamlMetaDataProvider();
+ ServiceProvider serviceProvider = config.getServiceProvider("localhost");
+ assertNotNull(serviceProvider.getSamlConfiguration().getCertificate());
+ metaDataProvider.setServiceProvider(serviceProvider);
+ OutputStream stream = new ByteArrayOutputStream();
+ metaDataProvider.writeMetaData(stream);
+ assertThat(
+ stream.toString(),
+ is("<md:EntityDescriptor xmlns=\"urn:oasis:names:tc:SAML:2.0:metadata\" xmlns:md=\"urn:oasis:names:tc:SAML:2.0:metadata\" xmlns:saml=\"urn:oasis:names:tc:SAML:2.0:assertion\" xmlns:ds=\"http://www.w3.org/2000/09/xmldsig#\" entityID=\"http://localhost:8080/seam-sp\"><md:SPSSODescriptor protocolSupportEnumeration=\"urn:oasis:names:tc:SAML:2.0:protocol\" WantAuthnRequestsSigned=\"false\" WantAssertionsSigned=\"true\"><md:KeyDescriptor><ds:KeyInfo xmlns:ds=\"http://www.w3.org/2000/09/xmldsig#\"><ds:X509Data><ds:X509Certificate>MIICRzCCAbCgAwIBAgIES1yEQjANBgkqhkiG9w0BAQUFADBoMQswCQYDVQQGEwJVUzELMAkGA1UE\nCBMCQ0ExEDAOBgNVBAcTB1Vua25vd24xDjAMBgNVBAoTBUpCb3NzMRAwDgYDVQQLEwdVbmtub3du\nMRgwFgYDVQQDEw9QaWNrZXRMaW5rIFRlc3QwHhcNMTAwMTI0MTczMjUwWhcNMTAwNDI0MTczMjUw\nWjBoMQswCQYDVQQGEwJVUzELMAkGA1UECBMCQ0ExEDAOBgNVBAcTB1Vua25vd24xDjAMBgNVBAoT\nBUpCb3NzMRAwDgYDVQQLEwdVbmtub3duMRgwFgYDVQQDEw9QaWNrZXRMaW5rIFRlc3QwgZ8wDQYJ\nKoZIhvcNAQEBBQADgY0AMIGJAoGBAKBdNl0jaHPQqz7KydvX0ZI2hqJ+w!
Y9VSeA4uQViPYUvDLQQ\nlN/6XCySQmn4TZj2PDZ7X0Gf3p/wmpeTvcg5xDjAuHYfRLYM4r0maIGGCPMdyT94tqDoL28F+DWq\n1ty4hv/+SUx+rdLBe0r2u+JtVeeBAOxs6HA9ih47dXEu4fV5AgMBAAEwDQYJKoZIhvcNAQEFBQAD\ngYEAKFxUWw/QJA//rUNYjv3fgfQ+Sjhjjdh4lFDuYMcvkSAQLfNBwXy8gTAp+qxzmvgrRALlMMOt\nOzI3D9IuiLZkG/j2l7d7ILhwX210b1sKl4AIf/9wo4vQYlrhzszqYBwt9j7bhOe1Lm2uMJXX6WOP\nKVbytds53HGH/yyzoVz85Yc=</ds:X509Certificate></ds:X509Data></ds:KeyInfo></md:KeyDescriptor><md:SingleLogoutService Binding=\"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect\" Location=\"http://localhost:8080null/SingleLogoutService.seam\"></md:SingleLogoutService><md:SingleLogoutService Binding=\"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST\" Location=\"http://localhost:8080null/SingleLogoutService.seam\"></md:SingleLogoutService><md:NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:persistent</md:NameIDFormat><md:NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</md:NameIDFormat><md:NameIDFormat>urn:oasis:names:tc:SAML:2.!
0:nameid-format:unspecified</md:NameIDFormat><md:NameIDFormat>!
urn:oasi
s:names:tc:SAML:2.0:nameid-format:emailAddress</md:NameIDFormat><md:AssertionConsumerService Binding=\"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect\" Location=\"http://localhost:8080null/AssertionConsumerService.seam\" index=\"0\"></md:AssertionConsumerService><md:AssertionConsumerService Binding=\"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST\" Location=\"http://localhost:8080null/AssertionConsumerService.seam\" index=\"0\"></md:AssertionConsumerService></md:SPSSODescriptor></md:EntityDescriptor>"));
+ }
+}
More information about the jboss-cvs-commits
mailing list