use of com.sun.identity.saml.common.SAMLRequesterException in project OpenAM by OpenRock.
the class Request method parseContents.
/**
* Checks the contents of the Request and set the class members accordingly.
*
* Used by this class only.
* @param contents A List that contains the contents of the request.
* it could be a query, 1 or more <code>AssertionIDReference</code>,
* or 1 or more <code>AssertionArtifact</code>.
* @exception SAMLException when an error occurs during the process.
*/
private void parseContents(List contents) throws SAMLException {
// check contents and set the contentType appropriately
int length = 0;
int i = 0;
if ((contents == null) || ((length = contents.size()) == 0)) {
SAMLUtils.debug.message("Request: empty content.");
throw new SAMLRequesterException(SAMLUtils.bundle.getString("wrongInput"));
}
for (i = 0; i < length; i++) {
Object temp = contents.get(i);
if (temp instanceof AuthenticationQuery) {
// make sure this is the first one on the list
if ((contentType != NOT_SUPPORTED) || // and make sure there is no other elements on the list
(i != (length - 1))) {
if (SAMLUtils.debug.messageEnabled()) {
SAMLUtils.debug.message("Request: should contain only" + " one AuthenticationQuery.");
}
throw new SAMLRequesterException(SAMLUtils.bundle.getString("wrongInput"));
}
contentType = AUTHENTICATION_QUERY;
query = (AuthenticationQuery) temp;
} else if (temp instanceof AuthorizationDecisionQuery) {
// make sure this is the first one on the list
if ((contentType != NOT_SUPPORTED) || // and make sure there is no other elements on the list
(i != (length - 1))) {
if (SAMLUtils.debug.messageEnabled()) {
SAMLUtils.debug.message("Request: should contain only" + " one AuthorizationDecisionQuery.");
}
throw new SAMLRequesterException(SAMLUtils.bundle.getString("wrongInput"));
}
contentType = AUTHORIZATION_DECISION_QUERY;
query = (AuthorizationDecisionQuery) temp;
} else if (temp instanceof AttributeQuery) {
// make sure this is the first one on the list
if ((contentType != NOT_SUPPORTED) || // and make sure there is no other elements on the list
(i != (length - 1))) {
if (SAMLUtils.debug.messageEnabled()) {
SAMLUtils.debug.message("Request: should contain only" + " one AttributeQuery.");
}
throw new SAMLRequesterException(SAMLUtils.bundle.getString("wrongInput"));
}
contentType = ATTRIBUTE_QUERY;
query = (AttributeQuery) temp;
} else if (temp instanceof AssertionIDReference) {
// the previously assigned elements are not AssertionIDReference
if ((contentType != NOT_SUPPORTED) && (contentType != ASSERTION_ID_REFERENCE)) {
if (SAMLUtils.debug.messageEnabled()) {
SAMLUtils.debug.message("Request: should contain" + " one or more AssertionIDReference.");
}
throw new SAMLRequesterException(SAMLUtils.bundle.getString("wrongInput"));
}
contentType = ASSERTION_ID_REFERENCE;
if (assertionIDRefs == Collections.EMPTY_LIST) {
assertionIDRefs = new ArrayList();
}
assertionIDRefs.add((AssertionIDReference) temp);
} else if (temp instanceof AssertionArtifact) {
// previously assigned elements are not AssertionArtifact:
if ((contentType != NOT_SUPPORTED) && (contentType != ASSERTION_ARTIFACT)) {
if (SAMLUtils.debug.messageEnabled()) {
SAMLUtils.debug.message("Request: should contain " + " one or more AssertionArtifact.");
}
throw new SAMLRequesterException(SAMLUtils.bundle.getString("wrongInput"));
}
contentType = ASSERTION_ARTIFACT;
if (artifacts == Collections.EMPTY_LIST) {
artifacts = new ArrayList();
}
artifacts.add((AssertionArtifact) temp);
} else {
// everything else
SAMLUtils.debug.message("Request: wrong input.");
throw new SAMLRequesterException(SAMLUtils.bundle.getString("wrongInput"));
}
}
}
use of com.sun.identity.saml.common.SAMLRequesterException in project OpenAM by OpenRock.
the class Request method checkAndGetRespondWith.
private String checkAndGetRespondWith(String respondWith) throws SAMLException {
if ((respondWith == null) || (respondWith.length() == 0)) {
SAMLUtils.debug.message("Request: empty RespondWith Value.");
throw new SAMLRequesterException(SAMLUtils.bundle.getString("wrongInput"));
}
if (respondWith.indexOf(":") == -1) {
return (SAMLConstants.ASSERTION_PREFIX + respondWith);
} else {
StringTokenizer st = new StringTokenizer(respondWith, ":");
if (st.countTokens() != 2) {
SAMLUtils.debug.message("Request: wrong RespondWith value.");
throw new SAMLRequesterException(SAMLUtils.bundle.getString("wrongInput"));
}
st.nextToken();
String temp = st.nextToken().trim();
if (temp.length() == 0) {
SAMLUtils.debug.message("Request: wrong RespondWith value.");
throw new SAMLRequesterException(SAMLUtils.bundle.getString("wrongInput"));
}
return (SAMLConstants.ASSERTION_PREFIX + temp);
}
}
use of com.sun.identity.saml.common.SAMLRequesterException in project OpenAM by OpenRock.
the class Response method buildResponse.
private void buildResponse(String responseID, String inResponseTo, Status status, String recipient, List contents) throws SAMLException {
if ((responseID == null) || (responseID.length() == 0)) {
// generate one
this.responseID = SAMLUtils.generateID();
if (this.responseID == null) {
throw new SAMLRequesterException(SAMLUtils.bundle.getString("errorGenerateID"));
}
} else {
this.responseID = responseID;
}
this.inResponseTo = inResponseTo;
this.recipient = recipient;
issueInstant = new Date();
if (status == null) {
SAMLUtils.debug.message("Response: missing <Status>.");
throw new SAMLRequesterException(SAMLUtils.bundle.getString("missingElement"));
}
this.status = status;
if ((contents != null) && (contents != Collections.EMPTY_LIST)) {
int length = contents.size();
for (int i = 0; i < length; i++) {
Object temp = contents.get(i);
if (!(temp instanceof Assertion)) {
if (SAMLUtils.debug.messageEnabled()) {
SAMLUtils.debug.message("Response: Wrong input " + "for Assertion.");
}
throw new SAMLRequesterException(SAMLUtils.bundle.getString("wrongInput"));
}
}
assertions = contents;
}
}
use of com.sun.identity.saml.common.SAMLRequesterException in project OpenAM by OpenRock.
the class FSRequest method checkAndGetRespondWith.
/* Returns the value of <code>RespondWith</code> attribute.
*
* @return value of the <code>RespondWith</code> attribute.
* @throws <code>SAMLException</code> on error.
*/
private String checkAndGetRespondWith(String respondWith) throws SAMLException {
if ((respondWith == null) || (respondWith.length() == 0)) {
FSUtils.debug.message("Request: empty RespondWith Value.");
throw new SAMLRequesterException(FSUtils.BUNDLE_NAME, "wrongInput", null);
}
if (respondWith.indexOf(":") == -1) {
return (SAMLConstants.ASSERTION_PREFIX + respondWith);
} else {
StringTokenizer st = new StringTokenizer(respondWith, ":");
if (st.countTokens() != 2) {
FSUtils.debug.message("Request: wrong RespondWith value.");
throw new SAMLRequesterException(FSUtils.BUNDLE_NAME, "wrongInput", null);
}
st.nextToken();
String temp = st.nextToken().trim();
if (temp.length() == 0) {
FSUtils.debug.message("Request: wrong RespondWith value.");
throw new SAMLRequesterException(FSUtils.BUNDLE_NAME, "wrongInput", null);
}
return (SAMLConstants.ASSERTION_PREFIX + temp);
}
}
use of com.sun.identity.saml.common.SAMLRequesterException in project OpenAM by OpenRock.
the class FSRequest method parseQuery.
/**
* Parses the Query or <code>SubjectQuery</code> represented by
* a DOM tree Node. It then checks and sets data members if it is a
* supported query, such as <code>AuthenticationQuery</code>,
* <code>AttributeQeury</code>, or <code>AuthorizationDecisionQuery</code>.
*
* @param child a <code>DOM</code> Node.
* @throws <code>SAMLException</code> if the <code>Query</code> is invalid.
*/
private void parseQuery(Node child) throws SAMLException {
NamedNodeMap nm = child.getAttributes();
int len = nm.getLength();
String attrName;
String attrValue;
Attr attr;
boolean found = false;
for (int j = 0; j < len; j++) {
attr = (Attr) nm.item(j);
attrName = attr.getLocalName();
if ((attrName != null) && (attrName.equals("type"))) {
attrValue = attr.getNodeValue();
if (attrValue.equals("AuthenticationQueryType")) {
if (contentType != NOT_SUPPORTED) {
if (FSUtils.debug.messageEnabled()) {
FSUtils.debug.message("Request(Element): should" + " contain only one AuthenticationQuery.");
}
throw new SAMLRequesterException(FSUtils.BUNDLE_NAME, "wrongInput", null);
}
contentType = AUTHENTICATION_QUERY;
query = new AuthenticationQuery((Element) child);
} else if (attrValue.equals("AuthorizationDecisionQueryType")) {
if (contentType != NOT_SUPPORTED) {
if (FSUtils.debug.messageEnabled()) {
FSUtils.debug.message("Request(Element): should " + "contain one " + "AuthorizationDecisionQuery.");
}
throw new SAMLRequesterException(FSUtils.BUNDLE_NAME, "wrongInput", null);
}
contentType = AUTHORIZATION_DECISION_QUERY;
query = new AuthorizationDecisionQuery((Element) child);
} else if (attrValue.equals("AttributeQueryType")) {
if (contentType != NOT_SUPPORTED) {
if (FSUtils.debug.messageEnabled()) {
FSUtils.debug.message("Request(Element): should " + "contain one AttributeQuery.");
}
throw new SAMLRequesterException(FSUtils.BUNDLE_NAME, "wrongInput", null);
}
contentType = ATTRIBUTE_QUERY;
query = new AttributeQuery((Element) child);
} else {
if (FSUtils.debug.messageEnabled()) {
FSUtils.debug.message("Request(Element): This type of" + " " + attrName + " is not supported.");
}
throw new SAMLResponderException(FSUtils.BUNDLE_NAME, "queryNotSupported", null);
}
// check typevalue
found = true;
break;
}
// if found type attribute
}
// if not found type
if (!found) {
if (FSUtils.debug.messageEnabled()) {
FSUtils.debug.message("Request(Element): missing" + " xsi:type definition in " + child.getLocalName());
}
throw new SAMLRequesterException(FSUtils.BUNDLE_NAME, "wrongInput", null);
}
}
Aggregations