[jboss-cvs] Picketlink SVN: r1368 - in federation/trunk/picketlink-web/src: test/java/org/picketlink/test/identity/federation/web/saml/handlers and 1 other directory.

jboss-cvs-commits at lists.jboss.org jboss-cvs-commits at lists.jboss.org
Fri Feb 3 11:47:39 EST 2012


Author: anil.saldhana at jboss.com
Date: 2012-02-03 11:47:37 -0500 (Fri, 03 Feb 2012)
New Revision: 1368

Modified:
   federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/web/handlers/saml2/SAML2InResponseToVerificationHandler.java
   federation/trunk/picketlink-web/src/test/java/org/picketlink/test/identity/federation/web/saml/handlers/SAML2InResponseToVerificationHandlerUnitTestCase.java
Log:
warnings removed

Modified: federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/web/handlers/saml2/SAML2InResponseToVerificationHandler.java
===================================================================
--- federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/web/handlers/saml2/SAML2InResponseToVerificationHandler.java	2012-02-03 15:25:53 UTC (rev 1367)
+++ federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/web/handlers/saml2/SAML2InResponseToVerificationHandler.java	2012-02-03 16:47:37 UTC (rev 1368)
@@ -23,6 +23,8 @@
 
 package org.picketlink.identity.federation.web.handlers.saml2;
 
+import javax.servlet.http.HttpSession;
+
 import org.apache.log4j.Logger;
 import org.picketlink.identity.federation.core.ErrorCodes;
 import org.picketlink.identity.federation.core.exceptions.ProcessingException;
@@ -31,8 +33,6 @@
 import org.picketlink.identity.federation.saml.v2.protocol.ResponseType;
 import org.picketlink.identity.federation.web.constants.GeneralConstants;
 
-import javax.servlet.http.HttpSession;
-
 /**
  * Handler is useful on SP side. It's used for verification that InResponseId from SAML Authentication Response is same
  * as ID of previously sent SAML Authentication request
@@ -44,7 +44,7 @@
    private static Logger log = Logger.getLogger(SAML2InResponseToVerificationHandler.class);
 
    private final boolean trace = log.isTraceEnabled();
-   
+
    @Override
    public void generateSAMLRequest(SAML2HandlerRequest request, SAML2HandlerResponse response)
          throws ProcessingException
@@ -56,7 +56,7 @@
          return;
 
       // Determine Id of of request, which is saved into session thanks to SAML2AuthenticationHandler
-      String authnRequestId = (String)request.getOptions().get(GeneralConstants.AUTH_REQUEST_ID);
+      String authnRequestId = (String) request.getOptions().get(GeneralConstants.AUTH_REQUEST_ID);
 
       // Save it into session for later use
       HttpSession session = BaseSAML2Handler.getHttpSession(request);
@@ -67,15 +67,15 @@
          log.trace("ID of authentication request " + authnRequestId + " saved into HTTP session.");
       }
    }
-   
-   @Override
+
    public void handleRequestType(SAML2HandlerRequest request, SAML2HandlerResponse response) throws ProcessingException
-   {      
+   {
    }
 
    @Override
-   public void handleStatusResponseType(SAML2HandlerRequest request, SAML2HandlerResponse response) throws ProcessingException
-   {      
+   public void handleStatusResponseType(SAML2HandlerRequest request, SAML2HandlerResponse response)
+         throws ProcessingException
+   {
       if (request.getSAML2Object() instanceof ResponseType == false)
          return;
 
@@ -85,14 +85,14 @@
       // Obtain inResponseTo ID from Authentication response      
       ResponseType responseType = (ResponseType) request.getSAML2Object();
       String inResponseTo = responseType.getInResponseTo();
-      
+
       // Obtain ID from session, which was saved before sending AuthnRequest
       HttpSession session = BaseSAML2Handler.getHttpSession(request);
-      String authnRequestId = (String)session.getAttribute(GeneralConstants.AUTH_REQUEST_ID);
-      
+      String authnRequestId = (String) session.getAttribute(GeneralConstants.AUTH_REQUEST_ID);
+
       // Remove it from session now
       session.removeAttribute(GeneralConstants.AUTH_REQUEST_ID);
-      
+
       // Compare both ID
       if (inResponseTo != null && inResponseTo.equals(authnRequestId))
       {
@@ -103,7 +103,8 @@
       }
       else
       {
-         log.error("Verification of InResponseTo failed. InResponseTo from SAML response is " + inResponseTo + ". Value of request Id from HTTP session is " + authnRequestId);
+         log.error("Verification of InResponseTo failed. InResponseTo from SAML response is " + inResponseTo
+               + ". Value of request Id from HTTP session is " + authnRequestId);
          throw new ProcessingException(ErrorCodes.AUTHN_REQUEST_ID_VERIFICATION_FAILED);
       }
    }

Modified: federation/trunk/picketlink-web/src/test/java/org/picketlink/test/identity/federation/web/saml/handlers/SAML2InResponseToVerificationHandlerUnitTestCase.java
===================================================================
--- federation/trunk/picketlink-web/src/test/java/org/picketlink/test/identity/federation/web/saml/handlers/SAML2InResponseToVerificationHandlerUnitTestCase.java	2012-02-03 15:25:53 UTC (rev 1367)
+++ federation/trunk/picketlink-web/src/test/java/org/picketlink/test/identity/federation/web/saml/handlers/SAML2InResponseToVerificationHandlerUnitTestCase.java	2012-02-03 16:47:37 UTC (rev 1368)
@@ -23,7 +23,16 @@
 
 package org.picketlink.test.identity.federation.web.saml.handlers;
 
+import java.io.ByteArrayInputStream;
+import java.io.InputStream;
+import java.security.Principal;
+import java.util.HashMap;
+import java.util.Map;
+
+import javax.servlet.http.HttpSession;
+
 import junit.framework.TestCase;
+
 import org.picketlink.identity.federation.api.saml.v2.response.SAML2Response;
 import org.picketlink.identity.federation.core.ErrorCodes;
 import org.picketlink.identity.federation.core.config.IDPType;
@@ -44,8 +53,8 @@
 import org.picketlink.identity.federation.core.saml.v2.interfaces.SAML2HandlerResponse;
 import org.picketlink.identity.federation.core.saml.v2.util.DocumentUtil;
 import org.picketlink.identity.federation.core.sts.PicketLinkCoreSTS;
+import org.picketlink.identity.federation.saml.v2.protocol.AuthnRequestType;
 import org.picketlink.identity.federation.saml.v2.protocol.ResponseType;
-import org.picketlink.identity.federation.saml.v2.protocol.AuthnRequestType;
 import org.picketlink.identity.federation.web.constants.GeneralConstants;
 import org.picketlink.identity.federation.web.core.HTTPContext;
 import org.picketlink.identity.federation.web.core.IdentityServer;
@@ -58,13 +67,6 @@
 import org.picketlink.test.identity.federation.web.mock.MockServletContext;
 import org.w3c.dom.Document;
 
-import javax.servlet.http.HttpSession;
-import java.io.ByteArrayInputStream;
-import java.io.InputStream;
-import java.security.Principal;
-import java.util.HashMap;
-import java.util.Map;
-
 /**
  * Unit test the {@link org.picketlink.identity.federation.web.handlers.saml2.SAML2InResponseToVerificationHandler}
  *
@@ -113,8 +115,6 @@
       request.setTypeOfRequestToBeGenerated(SAML2HandlerRequest.GENERATE_REQUEST_TYPE.AUTH);
       SAML2HandlerResponse response = new DefaultSAML2HandlerResponse();
 
-
-
       // 2) GENERATE SAML AUTHENTICATION REQUEST
 
       // Generate SAML AuthnRequest with handlers
@@ -127,41 +127,40 @@
       AuthnRequestType authnRequest = (AuthnRequestType) parser.parse(DocumentUtil.getNodeAsStream(samlReqDoc));
       assertEquals(authnRequest.getID(), servletRequest.getSession().getAttribute(GeneralConstants.AUTH_REQUEST_ID));
 
-
-
       // 3) SEND SAML AUTHENTICATION REQUEST TO IDP
 
       // Generate request and response for IDP
-      SAML2HandlerResponse handlerResponseFromIdp = sendRequestToIdp(authnRequest, samlReqDoc, httpContext, handlerConfig);
+      SAML2HandlerResponse handlerResponseFromIdp = sendRequestToIdp(authnRequest, samlReqDoc, httpContext,
+            handlerConfig);
 
       // Parse SAML response from IDP
       Document doc2response = handlerResponseFromIdp.getResultingDocument();
-      assertNotNull(doc2response);      
+      assertNotNull(doc2response);
       String responseString = DocumentUtil.asString(doc2response);
 
-
       // 4) PROCESS SAML RESPONSE FROM IDP. VERIFICATION OF InResponseId SHOULD BE SUCCESSFUL
 
       HandlerContext handlerContext = getHandlerRequestAndResponse(httpContext, issuerInfo, responseString);
 
       // Assert that ID from session is not null
-      String inResponseIdFromSession = (String)servletRequest.getSession().getAttribute(GeneralConstants.AUTH_REQUEST_ID);
+      String inResponseIdFromSession = (String) servletRequest.getSession().getAttribute(
+            GeneralConstants.AUTH_REQUEST_ID);
       assertNotNull(inResponseIdFromSession);
-      
+
       // Handle response from IDP
       authenticationHandler.handleStatusResponseType(handlerContext.request, handlerContext.response);
       verificationHandler.handleStatusResponseType(handlerContext.request, handlerContext.response);
-      
+
       // Verify that Id is not in session anymore. Becaue it was removed by SAML2ResponseIdVerificationHandler
       assertNull(servletRequest.getSession().getAttribute(GeneralConstants.AUTH_REQUEST_ID));
 
-
-
       // 5) CHANGE InResponseId IN SAML RESPONSE. VALIDATION MUST FAIL NOW.
 
       // Change InResponseId
-      String responseStringChangedId = responseString.replaceAll("InResponseTo=\"" + inResponseIdFromSession + "\"", "InResponseTo=\"ID_101dcb5e-f432-4f45-87cb-47daff92edef\"");
-      HandlerContext handlerContextChangedId = getHandlerRequestAndResponse(httpContext, issuerInfo, responseStringChangedId);
+      String responseStringChangedId = responseString.replaceAll("InResponseTo=\"" + inResponseIdFromSession + "\"",
+            "InResponseTo=\"ID_101dcb5e-f432-4f45-87cb-47daff92edef\"");
+      HandlerContext handlerContextChangedId = getHandlerRequestAndResponse(httpContext, issuerInfo,
+            responseStringChangedId);
 
       // Set Id to session again as it was removed in previous processing
       servletRequest.getSession().setAttribute(GeneralConstants.AUTH_REQUEST_ID, inResponseIdFromSession);
@@ -169,9 +168,11 @@
       // Handle response with changed Id. This time it should fail
       try
       {
-         authenticationHandler.handleStatusResponseType(handlerContextChangedId.request, handlerContextChangedId.response);
-         verificationHandler.handleStatusResponseType(handlerContextChangedId.request, handlerContextChangedId.response);
-         
+         authenticationHandler.handleStatusResponseType(handlerContextChangedId.request,
+               handlerContextChangedId.response);
+         verificationHandler
+               .handleStatusResponseType(handlerContextChangedId.request, handlerContextChangedId.response);
+
          fail("Verification of InResponseTo should fail.");
       }
       catch (ProcessingException pe)
@@ -179,12 +180,13 @@
          assertEquals(ErrorCodes.AUTHN_REQUEST_ID_VERIFICATION_FAILED, pe.getMessage());
       }
 
-
       // 6) REMOVE InResponseId FROM SAML RESPONSE. VALIDATION MUST FAIL NOW.
 
       // Remove inResponseId
-      String responseStringRemovedId = responseString.replaceAll("InResponseTo=\"" + inResponseIdFromSession + "\"", "");
-      HandlerContext handlerContextRemovedId = getHandlerRequestAndResponse(httpContext, issuerInfo, responseStringRemovedId);
+      String responseStringRemovedId = responseString
+            .replaceAll("InResponseTo=\"" + inResponseIdFromSession + "\"", "");
+      HandlerContext handlerContextRemovedId = getHandlerRequestAndResponse(httpContext, issuerInfo,
+            responseStringRemovedId);
 
       // Set Id to session again as it was removed in previous processing
       servletRequest.getSession().setAttribute(GeneralConstants.AUTH_REQUEST_ID, inResponseIdFromSession);
@@ -192,8 +194,10 @@
       // Now handle again response from IDP. This time it should also fail as InResponseTo is null
       try
       {
-         authenticationHandler.handleStatusResponseType(handlerContextRemovedId.request, handlerContextRemovedId.response);
-         verificationHandler.handleStatusResponseType(handlerContextRemovedId.request, handlerContextRemovedId.response);
+         authenticationHandler.handleStatusResponseType(handlerContextRemovedId.request,
+               handlerContextRemovedId.response);
+         verificationHandler
+               .handleStatusResponseType(handlerContextRemovedId.request, handlerContextRemovedId.response);
 
          fail("Verification of InResponseTo should fail.");
       }
@@ -214,13 +218,13 @@
     * @throws Exception
     */
    private SAML2HandlerResponse sendRequestToIdp(AuthnRequestType authnRequest, Document samlReqDoc,
-                                                 HTTPContext httpContext, SAML2HandlerConfig handlerConfig) throws Exception
+         HTTPContext httpContext, SAML2HandlerConfig handlerConfig) throws Exception
    {
       // Generate handler request and handler response for IDP
       IssuerInfoHolder issuerInfo = new IssuerInfoHolder("http://localhost:8080/idp/");
       SAMLDocumentHolder docHolder = new SAMLDocumentHolder(authnRequest, samlReqDoc);
-      SAML2HandlerRequest idpHandlerRequest = new DefaultSAML2HandlerRequest(httpContext, issuerInfo.getIssuer(), docHolder,
-            SAML2Handler.HANDLER_TYPE.IDP);
+      SAML2HandlerRequest idpHandlerRequest = new DefaultSAML2HandlerRequest(httpContext, issuerInfo.getIssuer(),
+            docHolder, SAML2Handler.HANDLER_TYPE.IDP);
       idpHandlerRequest.addOption(GeneralConstants.ASSERTIONS_VALIDITY, 10000l);
       SAML2HandlerResponse idpHandlerResponse = new DefaultSAML2HandlerResponse();
 
@@ -228,7 +232,7 @@
       Map<String, Object> chainOptionsIdp = new HashMap<String, Object>();
       IDPType idpType = new IDPType();
       chainOptionsIdp.put(GeneralConstants.CONFIGURATION, idpType);
-      chainOptionsIdp.put(GeneralConstants.ROLE_VALIDATOR_IGNORE, "true");      
+      chainOptionsIdp.put(GeneralConstants.ROLE_VALIDATOR_IGNORE, "true");
       SAML2HandlerChainConfig chainConfigIdp = new DefaultSAML2HandlerChainConfig(chainOptionsIdp);
 
       // Create and init handlers for IDP
@@ -242,7 +246,6 @@
       HttpSession session = BaseSAML2Handler.getHttpSession(idpHandlerRequest);
       session.setAttribute(GeneralConstants.PRINCIPAL_ID, new Principal()
       {
-         @Override
          public String getName()
          {
             return "testPrincipal";
@@ -263,31 +266,34 @@
 
       return idpHandlerResponse;
    }
-   
+
    private ResponseType getResponseTypeFromString(String responseString) throws Exception
    {
       InputStream is = new ByteArrayInputStream(responseString.getBytes());
       SAML2Response saml2Response = new SAML2Response();
       return saml2Response.getResponseType(is);
    }
-   
-   private HandlerContext getHandlerRequestAndResponse(HTTPContext httpContext, IssuerInfoHolder issuerInfo, String responseString) throws Exception
+
+   private HandlerContext getHandlerRequestAndResponse(HTTPContext httpContext, IssuerInfoHolder issuerInfo,
+         String responseString) throws Exception
    {
       ResponseType responseType = getResponseTypeFromString(responseString);
       SAML2Response saml2Response = new SAML2Response();
       Document doc = saml2Response.convert(responseType);
       SAMLDocumentHolder docHolder = new SAMLDocumentHolder(responseType, doc);
 
-      SAML2HandlerRequest request = new DefaultSAML2HandlerRequest(httpContext, issuerInfo.getIssuer(), docHolder, SAML2Handler.HANDLER_TYPE.SP);
+      SAML2HandlerRequest request = new DefaultSAML2HandlerRequest(httpContext, issuerInfo.getIssuer(), docHolder,
+            SAML2Handler.HANDLER_TYPE.SP);
       SAML2HandlerResponse response = new DefaultSAML2HandlerResponse();
       return new HandlerContext(request, response);
    }
-   
+
    private class HandlerContext
    {
-      private SAML2HandlerRequest request;
-      private SAML2HandlerResponse response;
-      
+      private final SAML2HandlerRequest request;
+
+      private final SAML2HandlerResponse response;
+
       private HandlerContext(SAML2HandlerRequest request, SAML2HandlerResponse response)
       {
          this.request = request;



More information about the jboss-cvs-commits mailing list