Example 16 with EncryptedID
use of com.sun.identity.saml2.assertion.EncryptedID in project OpenAM by OpenRock.
the class LogoutRequestImpl method toXMLString.
/**
* Returns the <code>LogoutRequest</code> in an XML document String format
* based on the <code>LogoutRequest</code> schema described above.
*
* @param includeNSPrefix Determines whether or not the namespace qualifier
* is prepended to the Element when converted
* @param declareNS Determines whether or not the namespace is declared
* within the Element.
* @return A XML String representing the <code>LogoutRequest</code>.
* @throws SAML2Exception if some error occurs during conversion to
* <code>String</code>.
*/
public String toXMLString(boolean includeNSPrefix, boolean declareNS) throws SAML2Exception {
if (isSigned && signedXMLString != null) {
return signedXMLString;
}
validateData();
StringBuffer xmlString = new StringBuffer(1000);
xmlString.append(SAML2Constants.START_TAG);
if (includeNSPrefix) {
xmlString.append(SAML2Constants.PROTOCOL_PREFIX);
}
xmlString.append(SAML2Constants.LOGOUT_REQUEST).append(SAML2Constants.SPACE);
if (declareNS) {
xmlString.append(SAML2Constants.PROTOCOL_DECLARE_STR).append(SAML2Constants.SPACE);
}
xmlString.append(SAML2Constants.ID).append(SAML2Constants.EQUAL).append(SAML2Constants.QUOTE).append(requestId).append(SAML2Constants.QUOTE).append(SAML2Constants.SPACE).append(SAML2Constants.VERSION).append(SAML2Constants.EQUAL).append(SAML2Constants.QUOTE).append(version).append(SAML2Constants.QUOTE).append(SAML2Constants.SPACE).append(SAML2Constants.ISSUE_INSTANT).append(SAML2Constants.EQUAL).append(SAML2Constants.QUOTE).append(DateUtils.toUTCDateFormat(issueInstant)).append(SAML2Constants.QUOTE);
if ((destinationURI != null) && (destinationURI.length() > 0)) {
xmlString.append(SAML2Constants.SPACE).append(SAML2Constants.DESTINATION).append(SAML2Constants.EQUAL).append(SAML2Constants.QUOTE).append(destinationURI).append(SAML2Constants.QUOTE);
}
if ((consent != null) && (consent.length() > 0)) {
xmlString.append(SAML2Constants.SPACE).append(SAML2Constants.CONSENT).append(SAML2Constants.EQUAL).append(SAML2Constants.QUOTE).append(consent).append(SAML2Constants.QUOTE);
}
if (notOnOrAfter != null) {
xmlString.append(SAML2Constants.SPACE).append(SAML2Constants.NOTONORAFTER).append(SAML2Constants.EQUAL).append(SAML2Constants.QUOTE).append(DateUtils.toUTCDateFormat(notOnOrAfter)).append(SAML2Constants.QUOTE);
}
if ((reason != null) && (reason.length() > 0)) {
xmlString.append(SAML2Constants.SPACE).append(SAML2Constants.REASON).append(SAML2Constants.EQUAL).append(SAML2Constants.QUOTE).append(reason).append(SAML2Constants.QUOTE);
}
xmlString.append(SAML2Constants.END_TAG);
if (nameID != null) {
String issuerString = nameID.toXMLString(includeNSPrefix, declareNS);
xmlString.append(issuerString);
}
if ((signatureString != null) && (signatureString.length() > 0)) {
xmlString.append(signatureString);
}
if (extensions != null) {
xmlString.append(extensions.toXMLString(includeNSPrefix, declareNS));
}
if (baseId != null) {
xmlString.append(baseId.toXMLString(includeNSPrefix, declareNS));
}
if (nameId != null) {
xmlString.append(nameId.toXMLString(includeNSPrefix, declareNS));
}
if (encryptedId != null) {
xmlString.append(encryptedId.toXMLString(includeNSPrefix, declareNS));
}
if (sessionIndexList != null && !sessionIndexList.isEmpty()) {
Iterator sessionIterator = sessionIndexList.iterator();
while (sessionIterator.hasNext()) {
ProtocolFactory protoFactory = ProtocolFactory.getInstance();
String sessionString = (String) sessionIterator.next();
SessionIndex sIndex = protoFactory.createSessionIndex(sessionString);
xmlString.append(sIndex.toXMLString(includeNSPrefix, declareNS));
}
}
xmlString.append(SAML2Constants.SAML2_END_TAG).append(SAML2Constants.LOGOUT_REQUEST).append(SAML2Constants.END_TAG);
return xmlString.toString();
}
Also used :
ProtocolFactory(com.sun.identity.saml2.protocol.ProtocolFactory)
SessionIndex(com.sun.identity.saml2.protocol.SessionIndex)
Iterator(java.util.Iterator)
Example 17 with EncryptedID
use of com.sun.identity.saml2.assertion.EncryptedID in project OpenAM by OpenRock.
the class LogoutRequestImpl method parseElement.
/**
* Parses the Docuemnt Element for this object.
*
* @param element the Document Element of this object.
* @throws SAML2Exception if error parsing the Document Element.
*/
private void parseElement(Element element) throws SAML2Exception {
AssertionFactory assertionFactory = AssertionFactory.getInstance();
ProtocolFactory protoFactory = ProtocolFactory.getInstance();
requestId = element.getAttribute(SAML2Constants.ID);
validateID(requestId);
version = element.getAttribute(SAML2Constants.VERSION);
validateVersion(version);
String issueInstantStr = element.getAttribute(SAML2Constants.ISSUE_INSTANT);
validateIssueInstant(issueInstantStr);
destinationURI = element.getAttribute(SAML2Constants.DESTINATION);
consent = element.getAttribute(SAML2Constants.CONSENT);
String notOnOrAfterStr = element.getAttribute(SAML2Constants.NOTONORAFTER);
validateNotOnOrAfterStr(notOnOrAfterStr);
reason = element.getAttribute(SAML2Constants.REASON);
String sessionIndexStr = null;
NodeList nList = element.getChildNodes();
if ((nList != null) && (nList.getLength() > 0)) {
for (int i = 0; i < nList.getLength(); i++) {
Node childNode = nList.item(i);
String cName = childNode.getLocalName();
if (cName != null) {
if (cName.equals(SAML2Constants.ISSUER)) {
nameID = assertionFactory.createIssuer((Element) childNode);
} else if (cName.equals(SAML2Constants.SIGNATURE)) {
signatureString = XMLUtils.print((Element) childNode);
isSigned = true;
} else if (cName.equals(SAML2Constants.EXTENSIONS)) {
extensions = protoFactory.createExtensions((Element) childNode);
} else if (cName.equals(SAML2Constants.BASEID)) {
baseId = assertionFactory.createBaseID((Element) childNode);
} else if (cName.equals(SAML2Constants.NAMEID)) {
nameId = assertionFactory.createNameID((Element) childNode);
} else if (cName.equals(SAML2Constants.ENCRYPTEDID)) {
encryptedId = assertionFactory.createEncryptedID((Element) childNode);
} else if (cName.equals(SAML2Constants.SESSION_INDEX)) {
if ((sessionIndexList == null) || (sessionIndexList.isEmpty())) {
sessionIndexList = new ArrayList();
}
sessionIndexStr = XMLUtils.getElementString((Element) childNode);
sessionIndexList.add(sessionIndexStr);
}
}
}
validateBaseIDorNameIDorEncryptedID();
if ((sessionIndexList != null) && (!sessionIndexList.isEmpty())) {
sessionIndexList = Collections.unmodifiableList(sessionIndexList);
}
}
}
Also used :
ProtocolFactory(com.sun.identity.saml2.protocol.ProtocolFactory)
AssertionFactory(com.sun.identity.saml2.assertion.AssertionFactory)
NodeList(org.w3c.dom.NodeList)
Node(org.w3c.dom.Node)
Element(org.w3c.dom.Element)
ArrayList(java.util.ArrayList)
Example 18 with EncryptedID
use of com.sun.identity.saml2.assertion.EncryptedID in project OpenAM by OpenRock.
the class ManageNameIDRequestImpl method parseElement.
private void parseElement(Element element) throws SAML2Exception {
AssertionFactory assertionFactory = AssertionFactory.getInstance();
ProtocolFactory protocolFactory = ProtocolFactory.getInstance();
// make sure that the input xml block is not null
if (element == null) {
if (SAML2SDKUtils.debug.messageEnabled()) {
SAML2SDKUtils.debug.message("ManageNameIDRequestImpl.parseElement: " + "Input is null.");
}
throw new SAML2Exception(SAML2SDKUtils.bundle.getString("nullInput"));
}
// Make sure this is an EncryptedAssertion.
String tag = null;
tag = element.getLocalName();
if ((tag == null) || (!tag.equals(elementName))) {
if (SAML2SDKUtils.debug.messageEnabled()) {
SAML2SDKUtils.debug.message("ManageNameIDRequestImpl.parseElement:" + "not ManageNameIDRequest.");
}
throw new SAML2Exception(SAML2SDKUtils.bundle.getString("wrongInput"));
}
requestId = element.getAttribute("ID");
validateID(requestId);
version = element.getAttribute(SAML2Constants.VERSION);
validateVersion(version);
String issueInstantStr = element.getAttribute("IssueInstant");
validateIssueInstant(issueInstantStr);
destinationURI = element.getAttribute("Destination");
consent = element.getAttribute("Consent");
NodeList nList = element.getChildNodes();
if ((nList != null) && (nList.getLength() > 0)) {
for (int i = 0; i < nList.getLength(); i++) {
Node childNode = nList.item(i);
String cName = childNode.getLocalName();
if (cName != null) {
if (cName.equals("Issuer")) {
nameID = assertionFactory.createIssuer((Element) childNode);
} else if (cName.equals("Signature")) {
signatureString = XMLUtils.getElementString((Element) childNode);
isSigned = true;
} else if (cName.equals("Extensions")) {
extensions = protocolFactory.createExtensions((Element) childNode);
} else if (cName.equals("NameID")) {
nameid = assertionFactory.createNameID((Element) childNode);
} else if (cName.equals("EncryptedID")) {
encryptedID = assertionFactory.createEncryptedID((Element) childNode);
} else if (cName.equals("NewID")) {
newID = protocolFactory.createNewID((Element) childNode);
} else if (cName.equals("NewEncryptedID")) {
newEncryptedID = protocolFactory.createNewEncryptedID((Element) childNode);
} else if (cName.equals("Terminate")) {
terminate = true;
}
}
}
}
}
Also used :
ProtocolFactory(com.sun.identity.saml2.protocol.ProtocolFactory)
SAML2Exception(com.sun.identity.saml2.common.SAML2Exception)
AssertionFactory(com.sun.identity.saml2.assertion.AssertionFactory)
NodeList(org.w3c.dom.NodeList)
Node(org.w3c.dom.Node)
Element(org.w3c.dom.Element)
Example 19 with EncryptedID
use of com.sun.identity.saml2.assertion.EncryptedID in project OpenAM by OpenRock.
the class NameIDMappingResponseImpl method parseElement.
private void parseElement(Element element) throws SAML2Exception {
AssertionFactory af = AssertionFactory.getInstance();
ProtocolFactory pf = ProtocolFactory.getInstance();
// make sure that the input xml block is not null
if (element == null) {
if (SAML2SDKUtils.debug.messageEnabled()) {
SAML2SDKUtils.debug.message("NameIDMappingResponseImpl.parseElement: Input is null.");
}
throw new SAML2Exception(SAML2SDKUtils.bundle.getString("nullInput"));
}
// Make sure this is an EncryptedAssertion.
String tag = null;
tag = element.getLocalName();
if ((tag == null) || (!tag.equals(elementName))) {
if (SAML2SDKUtils.debug.messageEnabled()) {
SAML2SDKUtils.debug.message("NameIDMappingResponseImpl.parseElement: " + "not ManageNameIDResponse.");
}
throw new SAML2Exception(SAML2SDKUtils.bundle.getString("wrongInput"));
}
responseId = element.getAttribute("ID");
validateID(responseId);
version = element.getAttribute("Version");
validateVersion(version);
String issueInstantStr = element.getAttribute("IssueInstant");
validateIssueInstant(issueInstantStr);
destination = element.getAttribute("Destination");
consent = element.getAttribute("Consent");
inResponseTo = element.getAttribute("InResponseTo");
NodeList nList = element.getChildNodes();
if ((nList != null) && (nList.getLength() > 0)) {
for (int i = 0; i < nList.getLength(); i++) {
Node childNode = nList.item(i);
String cName = childNode.getLocalName();
if (cName != null) {
if (cName.equals("Issuer")) {
issuer = af.createIssuer((Element) childNode);
} else if (cName.equals("Signature")) {
signatureString = XMLUtils.getElementString((Element) childNode);
isSigned = true;
} else if (cName.equals("Extensions")) {
extensions = pf.createExtensions((Element) childNode);
} else if (cName.equals("NameID")) {
nameID = af.createNameID((Element) childNode);
} else if (cName.equals("EncryptedID")) {
encryptedID = af.createEncryptedID((Element) childNode);
} else if (cName.equals("Status")) {
status = pf.createStatus((Element) childNode);
}
}
}
}
}
Also used :
ProtocolFactory(com.sun.identity.saml2.protocol.ProtocolFactory)
SAML2Exception(com.sun.identity.saml2.common.SAML2Exception)
AssertionFactory(com.sun.identity.saml2.assertion.AssertionFactory)
NodeList(org.w3c.dom.NodeList)
Node(org.w3c.dom.Node)
Element(org.w3c.dom.Element)
Example 20 with EncryptedID
use of com.sun.identity.saml2.assertion.EncryptedID in project OpenAM by OpenRock.
the class DefaultAccountMapper method getIdentity.
/**
* Returns the user's disntinguished name or the universal ID for the
* corresponding <code>SAML</code> <code>ManageNameIDRequest</code>.
* This method will be invoked by the <code>SAML</code> framework for
* retrieving the user identity while processing the
* <code>ManageIDRequest</code>.
* @param manageNameIDRequest <code>SAML</code>
* <code>ManageNameIDRequest</code> that needs to be mapped to the user.
* @param hostEntityID <code>EntityID</code> of the hosted provider.
* @param realm realm or the organization name that may be used to find
* the user information.
* @return user's disntinguished name or the universal ID.
* @exception SAML2Exception if any failure.
*/
public String getIdentity(ManageNameIDRequest manageNameIDRequest, String hostEntityID, String realm) throws SAML2Exception {
if (manageNameIDRequest == null) {
throw new SAML2Exception(bundle.getString("nullManageIDRequest"));
}
if (hostEntityID == null) {
throw new SAML2Exception(bundle.getString("nullHostEntityID"));
}
if (realm == null) {
throw new SAML2Exception(bundle.getString("nullRealm"));
}
NameID nameID = null;
EncryptedID encryptedID = manageNameIDRequest.getEncryptedID();
if (encryptedID != null) {
try {
final Set<PrivateKey> decryptionKeys = KeyUtil.getDecryptionKeys(getSSOConfig(realm, hostEntityID));
nameID = encryptedID.decrypt(decryptionKeys);
} catch (SAML2MetaException sme) {
debug.error("Unable to retrieve SAML entity config for entity: " + hostEntityID, sme);
}
} else {
nameID = manageNameIDRequest.getNameID();
}
String remoteEntityID = manageNameIDRequest.getIssuer().getValue();
if (debug.messageEnabled()) {
debug.message("DefaultAccountMapper.getIdentity(ManageNameIDReq)" + " realm = " + realm + " hostEntityID = " + hostEntityID);
}
try {
return dsProvider.getUserID(realm, SAML2Utils.getNameIDKeyMap(nameID, hostEntityID, remoteEntityID, realm, role));
} catch (DataStoreProviderException dse) {
debug.error("DefaultAccountMapper.getIdentity(MNIRequest,):" + " DataStoreProviderException", dse);
throw new SAML2Exception(dse.getMessage());
}
}
Also used :
SAML2Exception(com.sun.identity.saml2.common.SAML2Exception)
DataStoreProviderException(com.sun.identity.plugin.datastore.DataStoreProviderException)
PrivateKey(java.security.PrivateKey)
NameID(com.sun.identity.saml2.assertion.NameID)
EncryptedID(com.sun.identity.saml2.assertion.EncryptedID)
SAML2MetaException(com.sun.identity.saml2.meta.SAML2MetaException)
Aggregations
EncryptedID (com.sun.identity.saml2.assertion.EncryptedID)19
SAML2Exception (com.sun.identity.saml2.common.SAML2Exception)19
NameID (com.sun.identity.saml2.assertion.NameID)13
ArrayList (java.util.ArrayList)7
Element (org.w3c.dom.Element)7
Subject (com.sun.identity.saml2.assertion.Subject)6
EncInfo (com.sun.identity.saml2.key.EncInfo)6
List (java.util.List)6
DataStoreProviderException (com.sun.identity.plugin.datastore.DataStoreProviderException)5
AssertionFactory (com.sun.identity.saml2.assertion.AssertionFactory)5
SPSSODescriptorElement (com.sun.identity.saml2.jaxb.metadata.SPSSODescriptorElement)5
ProtocolFactory (com.sun.identity.saml2.protocol.ProtocolFactory)5
Node (org.w3c.dom.Node)5
NodeList (org.w3c.dom.NodeList)5
SAML2MetaException (com.sun.identity.saml2.meta.SAML2MetaException)4
NewEncryptedID (com.sun.identity.saml2.protocol.NewEncryptedID)4
PrivateKey (java.security.PrivateKey)4
Assertion (com.sun.identity.saml2.assertion.Assertion)3
IDPSSOConfigElement (com.sun.identity.saml2.jaxb.entityconfig.IDPSSOConfigElement)3
SPSSOConfigElement (com.sun.identity.saml2.jaxb.entityconfig.SPSSOConfigElement)3
