Search in sources :

Example 11 with Artifact

use of com.sun.identity.saml2.protocol.Artifact in project OpenAM by OpenRock.

the class ArtifactResolveImpl method parseElement.

private void parseElement(Element element) throws SAML2Exception {
    // make sure that the input xml block is not null
    if (element == null) {
        if (SAML2SDKUtils.debug.messageEnabled()) {
            SAML2SDKUtils.debug.message("ArtifactResolveImpl.parseElement: " + "element input is null.");
        }
        throw new SAML2Exception(SAML2SDKUtils.bundle.getString("nullInput"));
    }
    // Make sure this is an ArtifactResolve.
    String tag = null;
    tag = element.getLocalName();
    if ((tag == null) || (!tag.equals("ArtifactResolve"))) {
        if (SAML2SDKUtils.debug.messageEnabled()) {
            SAML2SDKUtils.debug.message("ArtifactResolveImpl.parseElement: " + "not ArtifactResolve.");
        }
        throw new SAML2Exception(SAML2SDKUtils.bundle.getString("wrongInput"));
    }
    // handle the attributes of <ArtifactResolve> element
    NamedNodeMap atts = ((Node) element).getAttributes();
    if (atts != null) {
        int length = atts.getLength();
        for (int i = 0; i < length; i++) {
            Attr attr = (Attr) atts.item(i);
            String attrName = attr.getName();
            String attrValue = attr.getValue().trim();
            if (attrName.equals("ID")) {
                requestId = attrValue;
            } else if (attrName.equals("Version")) {
                version = attrValue;
            } else if (attrName.equals("IssueInstant")) {
                try {
                    issueInstant = DateUtils.stringToDate(attrValue);
                } catch (ParseException pe) {
                    throw new SAML2Exception(pe.getMessage());
                }
            } else if (attrName.equals("Destination")) {
                destinationURI = attrValue;
            } else if (attrName.equals("Consent")) {
                consent = attrValue;
            }
        }
    }
    // handle child elements
    NodeList nl = element.getChildNodes();
    Node child;
    String childName;
    int length = nl.getLength();
    for (int i = 0; i < length; i++) {
        child = nl.item(i);
        if ((childName = child.getLocalName()) != null) {
            if (childName.equals("Issuer")) {
                if (nameID != null) {
                    if (SAML2SDKUtils.debug.messageEnabled()) {
                        SAML2SDKUtils.debug.message("ArtifactResolveImpl.parse" + "Element: included more than one Issuer.");
                    }
                    throw new SAML2Exception(SAML2SDKUtils.bundle.getString("moreElement"));
                }
                if (signatureString != null || extensions != null || artifact != null) {
                    if (SAML2SDKUtils.debug.messageEnabled()) {
                        SAML2SDKUtils.debug.message("ArtifactResolveImpl.parse" + "Element:wrong sequence.");
                    }
                    throw new SAML2Exception(SAML2SDKUtils.bundle.getString("schemaViolation"));
                }
                nameID = AssertionFactory.getInstance().createIssuer((Element) child);
            } else if (childName.equals("Signature")) {
                if (signatureString != null) {
                    if (SAML2SDKUtils.debug.messageEnabled()) {
                        SAML2SDKUtils.debug.message("ArtifactResolveImpl.parse" + "Element:included more than one Signature.");
                    }
                    throw new SAML2Exception(SAML2SDKUtils.bundle.getString("moreElement"));
                }
                if (extensions != null || artifact != null) {
                    if (SAML2SDKUtils.debug.messageEnabled()) {
                        SAML2SDKUtils.debug.message("ArtifactResolveImpl.parse" + "Element:wrong sequence.");
                    }
                    throw new SAML2Exception(SAML2SDKUtils.bundle.getString("schemaViolation"));
                }
                signatureString = XMLUtils.print((Element) child);
                isSigned = true;
            } else if (childName.equals("Extensions")) {
                if (extensions != null) {
                    if (SAML2SDKUtils.debug.messageEnabled()) {
                        SAML2SDKUtils.debug.message("ArtifactResolveImpl.parse" + "Element:included more than one Extensions.");
                    }
                    throw new SAML2Exception(SAML2SDKUtils.bundle.getString("moreElement"));
                }
                if (artifact != null) {
                    if (SAML2SDKUtils.debug.messageEnabled()) {
                        SAML2SDKUtils.debug.message("ArtifactResolveImpl.parse" + "Element:wrong sequence.");
                    }
                    throw new SAML2Exception(SAML2SDKUtils.bundle.getString("schemaViolation"));
                }
                extensions = ProtocolFactory.getInstance().createExtensions((Element) child);
            } else if (childName.equals("Artifact")) {
                if (artifact != null) {
                    if (SAML2SDKUtils.debug.messageEnabled()) {
                        SAML2SDKUtils.debug.message("ArtifactResolveImpl.parse" + "Element: included more than one Artifact.");
                    }
                    throw new SAML2Exception(SAML2SDKUtils.bundle.getString("moreElement"));
                }
                artifact = ProtocolFactory.getInstance().createArtifact((Element) child);
            } else {
                if (SAML2SDKUtils.debug.messageEnabled()) {
                    SAML2SDKUtils.debug.message("ArtifactResolveImpl.parse" + "Element: Invalid element:" + childName);
                }
                throw new SAML2Exception(SAML2SDKUtils.bundle.getString("invalidElement"));
            }
        }
    }
    validateData();
}
Also used : SAML2Exception(com.sun.identity.saml2.common.SAML2Exception) NamedNodeMap(org.w3c.dom.NamedNodeMap) Node(org.w3c.dom.Node) NodeList(org.w3c.dom.NodeList) Element(org.w3c.dom.Element) ParseException(java.text.ParseException) Attr(org.w3c.dom.Attr)

Example 12 with Artifact

use of com.sun.identity.saml2.protocol.Artifact in project OpenAM by OpenRock.

the class SPACSUtils method getIDPEntityID.

// Finds the IDP who sends the artifact;
private static String getIDPEntityID(Artifact art, HttpServletRequest request, HttpServletResponse response, String orgName, SAML2MetaManager metaManager) throws SAML2Exception, IOException {
    String sourceID = art.getSourceID();
    // find the idp
    String idpEntityID = null;
    try {
        Iterator iter = metaManager.getAllRemoteIdentityProviderEntities(orgName).iterator();
        String tmpSourceID = null;
        while (iter.hasNext()) {
            idpEntityID = (String) iter.next();
            tmpSourceID = SAML2Utils.generateSourceID(idpEntityID);
            if (sourceID.equals(tmpSourceID)) {
                break;
            }
            idpEntityID = null;
        }
        if (idpEntityID == null) {
            SAML2Utils.debug.error("SPACSUtils.getResponseFromGet: Unable " + "to find the IDP based on the SourceID in the artifact");
            String[] data = { art.getArtifactValue(), orgName };
            LogUtil.error(Level.INFO, LogUtil.IDP_NOT_FOUND, data, null);
            throw new SAML2Exception(SAML2Utils.bundle.getString("cannotFindIDP"));
        }
    } catch (SAML2Exception se) {
        String[] data = { art.getArtifactValue(), orgName };
        LogUtil.error(Level.INFO, LogUtil.IDP_NOT_FOUND, data, null);
        SAMLUtils.sendError(request, response, response.SC_INTERNAL_SERVER_ERROR, "cannotFindIDP", se.getMessage());
        throw se;
    }
    return idpEntityID;
}
Also used : SAML2Exception(com.sun.identity.saml2.common.SAML2Exception) Iterator(java.util.Iterator)

Example 13 with Artifact

use of com.sun.identity.saml2.protocol.Artifact in project OpenAM by OpenRock.

the class SPACSUtils method getIDPArtifactResolutionServiceUrl.

// Retrieves the ArtifactResolutionServiceURL for an IDP.
private static String getIDPArtifactResolutionServiceUrl(int endpointIndex, String idpEntityID, IDPSSODescriptorElement idp, HttpServletRequest request, HttpServletResponse response) throws SAML2Exception, IOException {
    // find the artifact resolution service url
    List arsList = idp.getArtifactResolutionService();
    ArtifactResolutionServiceElement ars = null;
    String location = null;
    String defaultLocation = null;
    String firstLocation = null;
    int index;
    boolean isDefault = false;
    for (int i = 0; i < arsList.size(); i++) {
        ars = (ArtifactResolutionServiceElement) arsList.get(i);
        location = ars.getLocation();
        //String binding = ars.getBinding();
        index = ars.getIndex();
        isDefault = ars.isIsDefault();
        if (index == endpointIndex) {
            break;
        }
        if (isDefault) {
            defaultLocation = location;
        }
        if (i == 0) {
            firstLocation = location;
        }
        location = null;
    }
    if (location == null || location.length() == 0) {
        location = defaultLocation;
        if (location == null || location.length() == 0) {
            location = firstLocation;
            if (location == null || location.length() == 0) {
                SAML2Utils.debug.error("SPACSUtils: Unable to get the " + "location of artifact resolution service for " + idpEntityID);
                String[] data = { idpEntityID };
                LogUtil.error(Level.INFO, LogUtil.ARTIFACT_RESOLUTION_URL_NOT_FOUND, data, null);
                SAMLUtils.sendError(request, response, response.SC_INTERNAL_SERVER_ERROR, "cannotFindArtifactResolutionUrl", SAML2Utils.bundle.getString("cannotFindArtifactResolutionUrl"));
                throw new SAML2Exception(SAML2Utils.bundle.getString("cannotFindArtifactResolutionUrl"));
            }
        }
    }
    if (SAML2Utils.debug.messageEnabled()) {
        SAML2Utils.debug.message("SPACSUtils: IDP artifact resolution " + "service url =" + location);
    }
    return location;
}
Also used : SAML2Exception(com.sun.identity.saml2.common.SAML2Exception) List(java.util.List) ArrayList(java.util.ArrayList) ArtifactResolutionServiceElement(com.sun.identity.saml2.jaxb.metadata.ArtifactResolutionServiceElement)

Aggregations

SAML2Exception (com.sun.identity.saml2.common.SAML2Exception)11 SAML2MetaException (com.sun.identity.saml2.meta.SAML2MetaException)6 ArtifactResolutionServiceElement (com.sun.identity.saml2.jaxb.metadata.ArtifactResolutionServiceElement)4 IDPSSODescriptorElement (com.sun.identity.saml2.jaxb.metadata.IDPSSODescriptorElement)4 Issuer (com.sun.identity.saml2.assertion.Issuer)3 SPSSODescriptorElement (com.sun.identity.saml2.jaxb.metadata.SPSSODescriptorElement)3 Artifact (com.sun.identity.saml2.protocol.Artifact)3 ArtifactResponse (com.sun.identity.saml2.protocol.ArtifactResponse)3 IOException (java.io.IOException)3 ArrayList (java.util.ArrayList)3 List (java.util.List)3 SOAPException (javax.xml.soap.SOAPException)3 SOAPMessage (javax.xml.soap.SOAPMessage)3 Element (org.w3c.dom.Element)3 AMConsoleException (com.sun.identity.console.base.model.AMConsoleException)2 KeyProvider (com.sun.identity.saml.xmlsig.KeyProvider)2 IDPSSOConfigElement (com.sun.identity.saml2.jaxb.entityconfig.IDPSSOConfigElement)2 ObjectFactory (com.sun.identity.saml2.jaxb.entityconfig.ObjectFactory)2 EntityDescriptorElement (com.sun.identity.saml2.jaxb.metadata.EntityDescriptorElement)2 SAML2MetaManager (com.sun.identity.saml2.meta.SAML2MetaManager)2