Example 6 with Extensions
use of com.sun.identity.saml2.protocol.Extensions in project OpenAM by OpenRock.
the class ResponseImpl method parseElement.
private void parseElement(Element element) throws SAML2Exception {
// make sure that the input xml block is not null
if (element == null) {
if (SAML2SDKUtils.debug.messageEnabled()) {
SAML2SDKUtils.debug.message("ResponseImpl.parseElement: " + "element input is null.");
}
throw new SAML2Exception(SAML2SDKUtils.bundle.getString("nullInput"));
}
// Make sure this is an Response.
String tag = null;
tag = element.getLocalName();
if ((tag == null) || (!tag.equals("Response"))) {
if (SAML2SDKUtils.debug.messageEnabled()) {
SAML2SDKUtils.debug.message("ResponseImpl.parseElement: " + "not Response.");
}
throw new SAML2Exception(SAML2SDKUtils.bundle.getString("wrongInput"));
}
// handle the attributes of <Response> element
NamedNodeMap atts = ((Node) element).getAttributes();
if (atts != null) {
int length = atts.getLength();
for (int i = 0; i < length; i++) {
Attr attr = (Attr) atts.item(i);
String attrName = attr.getName();
String attrValue = attr.getValue().trim();
if (attrName.equals("ID")) {
responseId = attrValue;
} else if (attrName.equals("InResponseTo")) {
inResponseTo = attrValue;
} else if (attrName.equals("Version")) {
version = attrValue;
} else if (attrName.equals("IssueInstant")) {
try {
issueInstant = DateUtils.stringToDate(attrValue);
} catch (ParseException pe) {
throw new SAML2Exception(pe.getMessage());
}
} else if (attrName.equals("Destination")) {
destination = attrValue;
} else if (attrName.equals("Consent")) {
consent = attrValue;
}
}
}
// handle child elements
NodeList nl = element.getChildNodes();
Node child;
String childName;
int length = nl.getLength();
for (int i = 0; i < length; i++) {
child = nl.item(i);
if ((childName = child.getLocalName()) != null) {
if (childName.equals("Issuer")) {
if (issuer != null) {
if (SAML2SDKUtils.debug.messageEnabled()) {
SAML2SDKUtils.debug.message("ResponseImpl.parse" + "Element: included more than one Issuer.");
}
throw new SAML2Exception(SAML2SDKUtils.bundle.getString("moreElement"));
}
if (signatureString != null || extensions != null || status != null || assertions != null || encAssertions != null) {
if (SAML2SDKUtils.debug.messageEnabled()) {
SAML2SDKUtils.debug.message("ResponseImpl.parse" + "Element:wrong sequence.");
}
throw new SAML2Exception(SAML2SDKUtils.bundle.getString("schemaViolation"));
}
issuer = AssertionFactory.getInstance().createIssuer((Element) child);
} else if (childName.equals("Signature")) {
if (signatureString != null) {
if (SAML2SDKUtils.debug.messageEnabled()) {
SAML2SDKUtils.debug.message("ResponseImpl.parse" + "Element:included more than one Signature.");
}
throw new SAML2Exception(SAML2SDKUtils.bundle.getString("moreElement"));
}
if (extensions != null || status != null || assertions != null || encAssertions != null) {
if (SAML2SDKUtils.debug.messageEnabled()) {
SAML2SDKUtils.debug.message("ResponseImpl.parse" + "Element:wrong sequence.");
}
throw new SAML2Exception(SAML2SDKUtils.bundle.getString("schemaViolation"));
}
signatureString = XMLUtils.print((Element) child, "UTF-8");
isSigned = true;
} else if (childName.equals("Extensions")) {
if (extensions != null) {
if (SAML2SDKUtils.debug.messageEnabled()) {
SAML2SDKUtils.debug.message("ResponseImpl.parse" + "Element:included more than one Extensions.");
}
throw new SAML2Exception(SAML2SDKUtils.bundle.getString("moreElement"));
}
if (status != null || assertions != null || encAssertions != null) {
if (SAML2SDKUtils.debug.messageEnabled()) {
SAML2SDKUtils.debug.message("ResponseImpl.parse" + "Element:wrong sequence.");
}
throw new SAML2Exception(SAML2SDKUtils.bundle.getString("schemaViolation"));
}
extensions = ProtocolFactory.getInstance().createExtensions((Element) child);
} else if (childName.equals("Status")) {
if (status != null) {
if (SAML2SDKUtils.debug.messageEnabled()) {
SAML2SDKUtils.debug.message("ResponseImpl.parse" + "Element: included more than one Status.");
}
throw new SAML2Exception(SAML2SDKUtils.bundle.getString("moreElement"));
}
if (assertions != null || encAssertions != null) {
if (SAML2SDKUtils.debug.messageEnabled()) {
SAML2SDKUtils.debug.message("ResponseImpl.parse" + "Element:wrong sequence.");
}
throw new SAML2Exception(SAML2SDKUtils.bundle.getString("schemaViolation"));
}
status = ProtocolFactory.getInstance().createStatus((Element) child);
} else if (childName.equals("Assertion")) {
if (assertions == null) {
assertions = new ArrayList();
}
Element canoEle = SAMLUtils.getCanonicalElement(child);
if (canoEle == null) {
throw new SAML2Exception(SAML2SDKUtils.bundle.getString("errorCanonical"));
}
assertions.add(AssertionFactory.getInstance().createAssertion(canoEle));
} else if (childName.equals("EncryptedAssertion")) {
if (encAssertions == null) {
encAssertions = new ArrayList();
}
encAssertions.add(AssertionFactory.getInstance().createEncryptedAssertion((Element) child));
} else {
if (SAML2SDKUtils.debug.messageEnabled()) {
SAML2SDKUtils.debug.message("ResponseImpl.parse" + "Element: Invalid element:" + childName);
}
throw new SAML2Exception(SAML2SDKUtils.bundle.getString("invalidElement"));
}
}
}
super.validateData();
if (assertions != null) {
Iterator iter = assertions.iterator();
while (iter.hasNext()) {
((Assertion) iter.next()).makeImmutable();
}
assertions = Collections.unmodifiableList(assertions);
}
if (encAssertions != null) {
encAssertions = Collections.unmodifiableList(encAssertions);
}
isMutable = false;
}
Also used :
SAML2Exception(com.sun.identity.saml2.common.SAML2Exception)
NamedNodeMap(org.w3c.dom.NamedNodeMap)
Node(org.w3c.dom.Node)
NodeList(org.w3c.dom.NodeList)
Element(org.w3c.dom.Element)
ArrayList(java.util.ArrayList)
Iterator(java.util.Iterator)
EncryptedAssertion(com.sun.identity.saml2.assertion.EncryptedAssertion)
Assertion(com.sun.identity.saml2.assertion.Assertion)
ParseException(java.text.ParseException)
Attr(org.w3c.dom.Attr)
Example 7 with Extensions
use of com.sun.identity.saml2.protocol.Extensions in project OpenAM by OpenRock.
the class LogoutResponseImpl method parseElement.
/**
* Parses the Docuemnt Element for this object.
*
* @param element the Document Element of this object.
* @throws SAML2Exception if error parsing the Document Element.
*/
private void parseElement(Element element) throws SAML2Exception {
AssertionFactory assertionFactory = AssertionFactory.getInstance();
ProtocolFactory protoFactory = ProtocolFactory.getInstance();
responseId = element.getAttribute(SAML2Constants.ID);
validateID(responseId);
version = element.getAttribute(SAML2Constants.VERSION);
validateVersion(version);
String issueInstantStr = element.getAttribute(SAML2Constants.ISSUE_INSTANT);
validateIssueInstant(issueInstantStr);
destination = element.getAttribute(SAML2Constants.DESTINATION);
consent = element.getAttribute(SAML2Constants.CONSENT);
inResponseTo = element.getAttribute(SAML2Constants.INRESPONSETO);
NodeList nList = element.getChildNodes();
if ((nList != null) && (nList.getLength() > 0)) {
for (int i = 0; i < nList.getLength(); i++) {
Node childNode = nList.item(i);
String cName = childNode.getLocalName();
if (cName != null) {
if (cName.equals(SAML2Constants.ISSUER)) {
issuer = assertionFactory.createIssuer((Element) childNode);
} else if (cName.equals(SAML2Constants.SIGNATURE)) {
signatureString = XMLUtils.getElementString((Element) childNode);
isSigned = true;
} else if (cName.equals(SAML2Constants.EXTENSIONS)) {
extensions = protoFactory.createExtensions((Element) childNode);
} else if (cName.equals(SAML2Constants.STATUS)) {
status = protoFactory.createStatus((Element) childNode);
validateStatus();
}
}
}
}
}
Also used :
ProtocolFactory(com.sun.identity.saml2.protocol.ProtocolFactory)
AssertionFactory(com.sun.identity.saml2.assertion.AssertionFactory)
NodeList(org.w3c.dom.NodeList)
Node(org.w3c.dom.Node)
Element(org.w3c.dom.Element)
Example 8 with Extensions
use of com.sun.identity.saml2.protocol.Extensions in project OpenAM by OpenRock.
the class ManageNameIDResponseImpl method parseElement.
private void parseElement(Element element) throws SAML2Exception {
AssertionFactory af = AssertionFactory.getInstance();
ProtocolFactory pf = ProtocolFactory.getInstance();
// make sure that the input xml block is not null
if (element == null) {
if (SAML2SDKUtils.debug.messageEnabled()) {
SAML2SDKUtils.debug.message("ManageNameIDResponseImpl.parseElement: Input is null.");
}
throw new SAML2Exception(SAML2SDKUtils.bundle.getString("nullInput"));
}
// Make sure this is an EncryptedAssertion.
String tag = null;
tag = element.getLocalName();
if ((tag == null) || (!tag.equals(elementName))) {
if (SAML2SDKUtils.debug.messageEnabled()) {
SAML2SDKUtils.debug.message("ManageNameIDResponseImpl.parseElement:" + "not ManageNameIDResponse.");
}
throw new SAML2Exception(SAML2SDKUtils.bundle.getString("wrongInput"));
}
responseId = element.getAttribute("ID");
validateID(responseId);
version = element.getAttribute("Version");
validateVersion(version);
String issueInstantStr = element.getAttribute("IssueInstant");
validateIssueInstant(issueInstantStr);
destination = element.getAttribute("Destination");
consent = element.getAttribute("Consent");
inResponseTo = element.getAttribute("InResponseTo");
NodeList nList = element.getChildNodes();
if ((nList != null) && (nList.getLength() > 0)) {
for (int i = 0; i < nList.getLength(); i++) {
Node childNode = nList.item(i);
String cName = childNode.getLocalName();
if (cName != null) {
if (cName.equals("Issuer")) {
issuer = af.createIssuer((Element) childNode);
} else if (cName.equals("Signature")) {
signatureString = XMLUtils.getElementString((Element) childNode);
isSigned = true;
} else if (cName.equals("Extensions")) {
extensions = pf.createExtensions((Element) childNode);
} else if (cName.equals("Status")) {
status = pf.createStatus((Element) childNode);
}
}
}
}
}
Also used :
ProtocolFactory(com.sun.identity.saml2.protocol.ProtocolFactory)
SAML2Exception(com.sun.identity.saml2.common.SAML2Exception)
AssertionFactory(com.sun.identity.saml2.assertion.AssertionFactory)
NodeList(org.w3c.dom.NodeList)
Node(org.w3c.dom.Node)
Element(org.w3c.dom.Element)
Example 9 with Extensions
use of com.sun.identity.saml2.protocol.Extensions in project OpenAM by OpenRock.
the class SAML2IDPProxyFRImpl method selectIDPBasedOnLOA.
private String selectIDPBasedOnLOA(List<String> idpList, String realm, AuthnRequest authnRequest) {
String classMethod = "selectIdPBasedOnLOA";
EntityDescriptorElement idpDesc = null;
Set authnRequestContextSet = null;
String idps = "";
try {
RequestedAuthnContext requestedAuthnContext = authnRequest.getRequestedAuthnContext();
if (requestedAuthnContext == null) {
//In this case we just simply return all the IdPs as each one should support a default AuthnContext.
return StringUtils.join(idpList, " ");
}
List listOfAuthnContexts = requestedAuthnContext.getAuthnContextClassRef();
debugMessage(classMethod, "listofAuthnContexts: " + listOfAuthnContexts);
try {
authnRequestContextSet = new HashSet(listOfAuthnContexts);
} catch (Exception ex1) {
authnRequestContextSet = new HashSet();
}
if ((idpList != null) && (!idpList.isEmpty())) {
Iterator idpI = idpList.iterator();
while (idpI.hasNext()) {
String idp = (String) idpI.next();
debugMessage(classMethod, "IDP is: " + idp);
idpDesc = SAML2Utils.getSAML2MetaManager().getEntityDescriptor(realm, idp);
if (idpDesc != null) {
ExtensionsType et = idpDesc.getExtensions();
if (et != null) {
debugMessage(classMethod, "Extensions found for idp: " + idp);
List idpExtensions = et.getAny();
if (idpExtensions != null || !idpExtensions.isEmpty()) {
debugMessage(classMethod, "Extensions content found for idp: " + idp);
Iterator idpExtensionsI = idpExtensions.iterator();
while (idpExtensionsI.hasNext()) {
EntityAttributesElement eael = (EntityAttributesElement) idpExtensionsI.next();
if (eael != null) {
debugMessage(classMethod, "Entity Attributes found for idp: " + idp);
List attribL = eael.getAttributeOrAssertion();
if (attribL != null || !attribL.isEmpty()) {
Iterator attrI = attribL.iterator();
while (attrI.hasNext()) {
AttributeElement ae = (AttributeElement) attrI.next();
// TODO: Verify what type of element this is (Attribute or assertion)
// For validation purposes
List av = ae.getAttributeValue();
if (av != null || !av.isEmpty()) {
debugMessage(classMethod, "Attribute Values found for idp: " + idp);
Iterator avI = av.iterator();
while (avI.hasNext()) {
AttributeValueElement ave = (AttributeValueElement) avI.next();
if (ave != null) {
List contentL = ave.getContent();
debugMessage(classMethod, "Attribute Value Elements found for idp: " + idp + "-->" + contentL);
if (contentL != null || !contentL.isEmpty()) {
Set idpContextSet = trimmedListToSet(contentL);
debugMessage(classMethod, "idpContextSet = " + idpContextSet);
idpContextSet.retainAll(authnRequestContextSet);
if (idpContextSet != null && !idpContextSet.isEmpty()) {
idps = idp + " " + idps;
debugMessage(classMethod, "Extension Values found for idp " + idp + ": " + idpContextSet);
}
}
}
}
}
}
}
}
}
}
} else {
debugMessage(classMethod, " No extensions found for IdP " + idp);
}
} else {
debugMessage(classMethod, "Configuration for the idp " + idp + " was not found in this system");
}
}
}
} catch (SAML2MetaException me) {
debugMessage(classMethod, "SOmething went wrong: " + me);
}
debugMessage(classMethod, " IDPList returns: " + idps);
return idps.trim();
}
Also used :
HashSet(java.util.HashSet)
Set(java.util.Set)
EntityAttributesElement(com.sun.identity.saml2.jaxb.metadataattr.EntityAttributesElement)
EntityDescriptorElement(com.sun.identity.saml2.jaxb.metadata.EntityDescriptorElement)
COTException(com.sun.identity.cot.COTException)
SAML2MetaException(com.sun.identity.saml2.meta.SAML2MetaException)
SAML2Exception(com.sun.identity.saml2.common.SAML2Exception)
RequestedAuthnContext(com.sun.identity.saml2.protocol.RequestedAuthnContext)
ExtensionsType(com.sun.identity.saml2.jaxb.metadata.ExtensionsType)
Iterator(java.util.Iterator)
ArrayList(java.util.ArrayList)
List(java.util.List)
AttributeValueElement(com.sun.identity.saml2.jaxb.assertion.AttributeValueElement)
AttributeElement(com.sun.identity.saml2.jaxb.assertion.AttributeElement)
SAML2MetaException(com.sun.identity.saml2.meta.SAML2MetaException)
HashSet(java.util.HashSet)
Example 10 with Extensions
use of com.sun.identity.saml2.protocol.Extensions in project OpenAM by OpenRock.
the class SPSSOFederate method createExtensions.
private static com.sun.identity.saml2.protocol.Extensions createExtensions(List extensionsList) throws SAML2Exception {
com.sun.identity.saml2.protocol.Extensions extensions = null;
if (extensionsList != null && !extensionsList.isEmpty()) {
extensions = ProtocolFactory.getInstance().createExtensions();
extensions.setAny(extensionsList);
}
return extensions;
}
Also used :
Extensions(com.sun.identity.saml2.protocol.Extensions)
Aggregations
SAML2Exception (com.sun.identity.saml2.common.SAML2Exception)11
Element (org.w3c.dom.Element)10
Node (org.w3c.dom.Node)9
NodeList (org.w3c.dom.NodeList)9
ProtocolFactory (com.sun.identity.saml2.protocol.ProtocolFactory)8
AssertionFactory (com.sun.identity.saml2.assertion.AssertionFactory)7
ArrayList (java.util.ArrayList)6
List (java.util.List)5
SAML2MetaException (com.sun.identity.saml2.meta.SAML2MetaException)4
Extensions (com.sun.identity.saml2.protocol.Extensions)4
Iterator (java.util.Iterator)4
SessionException (com.sun.identity.plugin.session.SessionException)3
IOException (java.io.IOException)3
ParseException (java.text.ParseException)3
Attr (org.w3c.dom.Attr)3
NamedNodeMap (org.w3c.dom.NamedNodeMap)3
Issuer (com.sun.identity.saml2.assertion.Issuer)2
Date (java.util.Date)2
HashSet (java.util.HashSet)2
Set (java.util.Set)2
