Search in sources :

Example 1 with SAMLRequesterException

use of com.sun.identity.saml.common.SAMLRequesterException in project OpenAM by OpenRock.

the class Request method parseContents.

/**
     * Checks the contents of the Request and set the class members accordingly.
     *
     * Used by this class only.
     * @param contents A List that contains the contents of the request. 
     *	      it could be a query, 1 or more <code>AssertionIDReference</code>,
     *	      or 1 or more <code>AssertionArtifact</code>.
     * @exception SAMLException when an error occurs during the process.
     */
private void parseContents(List contents) throws SAMLException {
    // check contents and set the contentType appropriately
    int length = 0;
    int i = 0;
    if ((contents == null) || ((length = contents.size()) == 0)) {
        SAMLUtils.debug.message("Request: empty content.");
        throw new SAMLRequesterException(SAMLUtils.bundle.getString("wrongInput"));
    }
    for (i = 0; i < length; i++) {
        Object temp = contents.get(i);
        if (temp instanceof AuthenticationQuery) {
            // make sure this is the first one on the list
            if ((contentType != NOT_SUPPORTED) || // and make sure there is no other elements on the list
            (i != (length - 1))) {
                if (SAMLUtils.debug.messageEnabled()) {
                    SAMLUtils.debug.message("Request: should contain only" + " one AuthenticationQuery.");
                }
                throw new SAMLRequesterException(SAMLUtils.bundle.getString("wrongInput"));
            }
            contentType = AUTHENTICATION_QUERY;
            query = (AuthenticationQuery) temp;
        } else if (temp instanceof AuthorizationDecisionQuery) {
            // make sure this is the first one on the list
            if ((contentType != NOT_SUPPORTED) || // and make sure there is no other elements on the list
            (i != (length - 1))) {
                if (SAMLUtils.debug.messageEnabled()) {
                    SAMLUtils.debug.message("Request: should contain only" + " one AuthorizationDecisionQuery.");
                }
                throw new SAMLRequesterException(SAMLUtils.bundle.getString("wrongInput"));
            }
            contentType = AUTHORIZATION_DECISION_QUERY;
            query = (AuthorizationDecisionQuery) temp;
        } else if (temp instanceof AttributeQuery) {
            // make sure this is the first one on the list
            if ((contentType != NOT_SUPPORTED) || // and make sure there is no other elements on the list
            (i != (length - 1))) {
                if (SAMLUtils.debug.messageEnabled()) {
                    SAMLUtils.debug.message("Request: should contain only" + " one AttributeQuery.");
                }
                throw new SAMLRequesterException(SAMLUtils.bundle.getString("wrongInput"));
            }
            contentType = ATTRIBUTE_QUERY;
            query = (AttributeQuery) temp;
        } else if (temp instanceof AssertionIDReference) {
            // the previously assigned elements are not AssertionIDReference
            if ((contentType != NOT_SUPPORTED) && (contentType != ASSERTION_ID_REFERENCE)) {
                if (SAMLUtils.debug.messageEnabled()) {
                    SAMLUtils.debug.message("Request: should contain" + " one or more AssertionIDReference.");
                }
                throw new SAMLRequesterException(SAMLUtils.bundle.getString("wrongInput"));
            }
            contentType = ASSERTION_ID_REFERENCE;
            if (assertionIDRefs == Collections.EMPTY_LIST) {
                assertionIDRefs = new ArrayList();
            }
            assertionIDRefs.add((AssertionIDReference) temp);
        } else if (temp instanceof AssertionArtifact) {
            // previously assigned elements are not AssertionArtifact:
            if ((contentType != NOT_SUPPORTED) && (contentType != ASSERTION_ARTIFACT)) {
                if (SAMLUtils.debug.messageEnabled()) {
                    SAMLUtils.debug.message("Request: should contain " + " one or more AssertionArtifact.");
                }
                throw new SAMLRequesterException(SAMLUtils.bundle.getString("wrongInput"));
            }
            contentType = ASSERTION_ARTIFACT;
            if (artifacts == Collections.EMPTY_LIST) {
                artifacts = new ArrayList();
            }
            artifacts.add((AssertionArtifact) temp);
        } else {
            // everything else
            SAMLUtils.debug.message("Request: wrong input.");
            throw new SAMLRequesterException(SAMLUtils.bundle.getString("wrongInput"));
        }
    }
}
Also used : ArrayList(java.util.ArrayList) SAMLRequesterException(com.sun.identity.saml.common.SAMLRequesterException) AssertionIDReference(com.sun.identity.saml.assertion.AssertionIDReference)

Example 2 with SAMLRequesterException

use of com.sun.identity.saml.common.SAMLRequesterException in project OpenAM by OpenRock.

the class Request method checkAndGetRespondWith.

private String checkAndGetRespondWith(String respondWith) throws SAMLException {
    if ((respondWith == null) || (respondWith.length() == 0)) {
        SAMLUtils.debug.message("Request: empty RespondWith Value.");
        throw new SAMLRequesterException(SAMLUtils.bundle.getString("wrongInput"));
    }
    if (respondWith.indexOf(":") == -1) {
        return (SAMLConstants.ASSERTION_PREFIX + respondWith);
    } else {
        StringTokenizer st = new StringTokenizer(respondWith, ":");
        if (st.countTokens() != 2) {
            SAMLUtils.debug.message("Request: wrong RespondWith value.");
            throw new SAMLRequesterException(SAMLUtils.bundle.getString("wrongInput"));
        }
        st.nextToken();
        String temp = st.nextToken().trim();
        if (temp.length() == 0) {
            SAMLUtils.debug.message("Request: wrong RespondWith value.");
            throw new SAMLRequesterException(SAMLUtils.bundle.getString("wrongInput"));
        }
        return (SAMLConstants.ASSERTION_PREFIX + temp);
    }
}
Also used : StringTokenizer(java.util.StringTokenizer) SAMLRequesterException(com.sun.identity.saml.common.SAMLRequesterException)

Example 3 with SAMLRequesterException

use of com.sun.identity.saml.common.SAMLRequesterException in project OpenAM by OpenRock.

the class Response method buildResponse.

private void buildResponse(String responseID, String inResponseTo, Status status, String recipient, List contents) throws SAMLException {
    if ((responseID == null) || (responseID.length() == 0)) {
        // generate one
        this.responseID = SAMLUtils.generateID();
        if (this.responseID == null) {
            throw new SAMLRequesterException(SAMLUtils.bundle.getString("errorGenerateID"));
        }
    } else {
        this.responseID = responseID;
    }
    this.inResponseTo = inResponseTo;
    this.recipient = recipient;
    issueInstant = new Date();
    if (status == null) {
        SAMLUtils.debug.message("Response: missing <Status>.");
        throw new SAMLRequesterException(SAMLUtils.bundle.getString("missingElement"));
    }
    this.status = status;
    if ((contents != null) && (contents != Collections.EMPTY_LIST)) {
        int length = contents.size();
        for (int i = 0; i < length; i++) {
            Object temp = contents.get(i);
            if (!(temp instanceof Assertion)) {
                if (SAMLUtils.debug.messageEnabled()) {
                    SAMLUtils.debug.message("Response: Wrong input " + "for Assertion.");
                }
                throw new SAMLRequesterException(SAMLUtils.bundle.getString("wrongInput"));
            }
        }
        assertions = contents;
    }
}
Also used : Assertion(com.sun.identity.saml.assertion.Assertion) SAMLRequesterException(com.sun.identity.saml.common.SAMLRequesterException) Date(java.util.Date)

Example 4 with SAMLRequesterException

use of com.sun.identity.saml.common.SAMLRequesterException in project OpenAM by OpenRock.

the class FSRequest method checkAndGetRespondWith.

/* Returns the value of <code>RespondWith</code> attribute.
     *
     * @return value of the <code>RespondWith</code> attribute.
     * @throws <code>SAMLException</code> on error.
     */
private String checkAndGetRespondWith(String respondWith) throws SAMLException {
    if ((respondWith == null) || (respondWith.length() == 0)) {
        FSUtils.debug.message("Request: empty RespondWith Value.");
        throw new SAMLRequesterException(FSUtils.BUNDLE_NAME, "wrongInput", null);
    }
    if (respondWith.indexOf(":") == -1) {
        return (SAMLConstants.ASSERTION_PREFIX + respondWith);
    } else {
        StringTokenizer st = new StringTokenizer(respondWith, ":");
        if (st.countTokens() != 2) {
            FSUtils.debug.message("Request: wrong RespondWith value.");
            throw new SAMLRequesterException(FSUtils.BUNDLE_NAME, "wrongInput", null);
        }
        st.nextToken();
        String temp = st.nextToken().trim();
        if (temp.length() == 0) {
            FSUtils.debug.message("Request: wrong RespondWith value.");
            throw new SAMLRequesterException(FSUtils.BUNDLE_NAME, "wrongInput", null);
        }
        return (SAMLConstants.ASSERTION_PREFIX + temp);
    }
}
Also used : StringTokenizer(java.util.StringTokenizer) SAMLRequesterException(com.sun.identity.saml.common.SAMLRequesterException)

Example 5 with SAMLRequesterException

use of com.sun.identity.saml.common.SAMLRequesterException in project OpenAM by OpenRock.

the class FSRequest method parseQuery.

/**
     * Parses the Query or <code>SubjectQuery</code> represented by
     * a DOM tree Node. It then checks and sets data members if it is a
     * supported query, such as <code>AuthenticationQuery</code>,
     * <code>AttributeQeury</code>, or <code>AuthorizationDecisionQuery</code>.
     *
     * @param child a <code>DOM</code> Node.
     * @throws <code>SAMLException</code> if the <code>Query</code> is invalid.
     */
private void parseQuery(Node child) throws SAMLException {
    NamedNodeMap nm = child.getAttributes();
    int len = nm.getLength();
    String attrName;
    String attrValue;
    Attr attr;
    boolean found = false;
    for (int j = 0; j < len; j++) {
        attr = (Attr) nm.item(j);
        attrName = attr.getLocalName();
        if ((attrName != null) && (attrName.equals("type"))) {
            attrValue = attr.getNodeValue();
            if (attrValue.equals("AuthenticationQueryType")) {
                if (contentType != NOT_SUPPORTED) {
                    if (FSUtils.debug.messageEnabled()) {
                        FSUtils.debug.message("Request(Element): should" + " contain only one AuthenticationQuery.");
                    }
                    throw new SAMLRequesterException(FSUtils.BUNDLE_NAME, "wrongInput", null);
                }
                contentType = AUTHENTICATION_QUERY;
                query = new AuthenticationQuery((Element) child);
            } else if (attrValue.equals("AuthorizationDecisionQueryType")) {
                if (contentType != NOT_SUPPORTED) {
                    if (FSUtils.debug.messageEnabled()) {
                        FSUtils.debug.message("Request(Element): should " + "contain one " + "AuthorizationDecisionQuery.");
                    }
                    throw new SAMLRequesterException(FSUtils.BUNDLE_NAME, "wrongInput", null);
                }
                contentType = AUTHORIZATION_DECISION_QUERY;
                query = new AuthorizationDecisionQuery((Element) child);
            } else if (attrValue.equals("AttributeQueryType")) {
                if (contentType != NOT_SUPPORTED) {
                    if (FSUtils.debug.messageEnabled()) {
                        FSUtils.debug.message("Request(Element): should " + "contain one AttributeQuery.");
                    }
                    throw new SAMLRequesterException(FSUtils.BUNDLE_NAME, "wrongInput", null);
                }
                contentType = ATTRIBUTE_QUERY;
                query = new AttributeQuery((Element) child);
            } else {
                if (FSUtils.debug.messageEnabled()) {
                    FSUtils.debug.message("Request(Element): This type of" + " " + attrName + " is not supported.");
                }
                throw new SAMLResponderException(FSUtils.BUNDLE_NAME, "queryNotSupported", null);
            }
            // check typevalue
            found = true;
            break;
        }
    // if found type attribute
    }
    // if not found type
    if (!found) {
        if (FSUtils.debug.messageEnabled()) {
            FSUtils.debug.message("Request(Element): missing" + " xsi:type definition in " + child.getLocalName());
        }
        throw new SAMLRequesterException(FSUtils.BUNDLE_NAME, "wrongInput", null);
    }
}
Also used : NamedNodeMap(org.w3c.dom.NamedNodeMap) AttributeQuery(com.sun.identity.saml.protocol.AttributeQuery) Element(org.w3c.dom.Element) SAMLRequesterException(com.sun.identity.saml.common.SAMLRequesterException) AuthenticationQuery(com.sun.identity.saml.protocol.AuthenticationQuery) AuthorizationDecisionQuery(com.sun.identity.saml.protocol.AuthorizationDecisionQuery) Attr(org.w3c.dom.Attr) SAMLResponderException(com.sun.identity.saml.common.SAMLResponderException)

Aggregations

SAMLRequesterException (com.sun.identity.saml.common.SAMLRequesterException)8 StringTokenizer (java.util.StringTokenizer)3 Element (org.w3c.dom.Element)3 Assertion (com.sun.identity.saml.assertion.Assertion)2 AssertionIDReference (com.sun.identity.saml.assertion.AssertionIDReference)2 SAMLException (com.sun.identity.saml.common.SAMLException)2 SAMLResponderException (com.sun.identity.saml.common.SAMLResponderException)2 ArrayList (java.util.ArrayList)2 Attr (org.w3c.dom.Attr)2 NamedNodeMap (org.w3c.dom.NamedNodeMap)2 AssertionManager (com.sun.identity.saml.AssertionManager)1 SAMLRequestVersionTooHighException (com.sun.identity.saml.common.SAMLRequestVersionTooHighException)1 SAMLRequestVersionTooLowException (com.sun.identity.saml.common.SAMLRequestVersionTooLowException)1 AssertionArtifact (com.sun.identity.saml.protocol.AssertionArtifact)1 AttributeQuery (com.sun.identity.saml.protocol.AttributeQuery)1 AuthenticationQuery (com.sun.identity.saml.protocol.AuthenticationQuery)1 AuthorizationDecisionQuery (com.sun.identity.saml.protocol.AuthorizationDecisionQuery)1 Query (com.sun.identity.saml.protocol.Query)1 Request (com.sun.identity.saml.protocol.Request)1 Response (com.sun.identity.saml.protocol.Response)1