Search in sources :

Example 11 with ProtocolFactory

use of com.sun.identity.saml2.protocol.ProtocolFactory in project OpenAM by OpenRock.

the class AttributeQueryUtil method processAttributeQuery.

/**
     * Processes the <code>AttributeQuery</code> coming
     * from a requester.
     *
     * @param attrQuery the <code>AttributeQuery</code> object
     * @param request the <code>HttpServletRequest</code> object
     * @param response the <code>HttpServletResponse</code> object
     * @param attrAuthorityEntityID entity ID of attribute authority
     * @param realm the realm of hosted entity
     * @param attrQueryProfileAlias the attribute query profile alias
     *
     * @return the <code>Response</code> object
     * @exception SAML2Exception if the operation is not successful
     */
public static Response processAttributeQuery(AttributeQuery attrQuery, HttpServletRequest request, HttpServletResponse response, String attrAuthorityEntityID, String realm, String attrQueryProfileAlias) throws SAML2Exception {
    AttributeAuthorityMapper attrAuthorityMapper = getAttributeAuthorityMapper(realm, attrAuthorityEntityID, attrQueryProfileAlias);
    String attrQueryProfile = AttributeQueryUtil.getAttributeQueryProfile(attrQueryProfileAlias);
    try {
        attrAuthorityMapper.authenticateRequester(request, response, attrQuery, attrAuthorityEntityID, realm);
    } catch (SAML2Exception se) {
        if (SAML2Utils.debug.messageEnabled()) {
            SAML2Utils.debug.message("AttributeQueryUtil." + "processAttributeQuery: ", se);
        }
        return SAML2Utils.getErrorResponse(attrQuery, SAML2Constants.REQUESTER, null, se.getMessage(), null);
    }
    try {
        attrAuthorityMapper.validateAttributeQuery(request, response, attrQuery, attrAuthorityEntityID, realm);
    } catch (SAML2Exception se) {
        SAML2Utils.debug.error("AttributeQueryUtil.processAttributeQuery:", se);
        return SAML2Utils.getErrorResponse(attrQuery, SAML2Constants.REQUESTER, null, se.getMessage(), null);
    }
    Issuer issuer = attrQuery.getIssuer();
    String requesterEntityID = issuer.getValue();
    AttributeAuthorityDescriptorElement aad = null;
    try {
        aad = metaManager.getAttributeAuthorityDescriptor(realm, attrAuthorityEntityID);
    } catch (SAML2MetaException sme) {
        SAML2Utils.debug.error("AttributeQueryUtil.processAttributeQuery:", sme);
        return SAML2Utils.getErrorResponse(attrQuery, SAML2Constants.RESPONDER, null, SAML2Utils.bundle.getString("metaDataError"), null);
    }
    if (aad == null) {
        return SAML2Utils.getErrorResponse(attrQuery, SAML2Constants.REQUESTER, null, SAML2Utils.bundle.getString("attrAuthorityNotFound"), null);
    }
    Object identity = null;
    try {
        identity = attrAuthorityMapper.getIdentity(request, response, attrQuery, attrAuthorityEntityID, realm);
    } catch (SAML2Exception se) {
        if (SAML2Utils.debug.messageEnabled()) {
            SAML2Utils.debug.message("AttributeQueryUtil." + "processAttributeQuery: ", se);
        }
        return SAML2Utils.getErrorResponse(attrQuery, SAML2Constants.REQUESTER, SAML2Constants.UNKNOWN_PRINCIPAL, se.getMessage(), null);
    }
    if (identity == null) {
        if (SAML2Utils.debug.messageEnabled()) {
            SAML2Utils.debug.message("AttributeQueryUtil." + "processAttributeQuery: unable to find identity.");
        }
        return SAML2Utils.getErrorResponse(attrQuery, SAML2Constants.REQUESTER, SAML2Constants.UNKNOWN_PRINCIPAL, null, null);
    }
    // Addition to support changing of desired attributes list
    List desiredAttrs = (List) request.getAttribute("AttributeQueryUtil-desiredAttrs");
    if (desiredAttrs == null) {
        desiredAttrs = attrQuery.getAttributes();
    }
    try {
        desiredAttrs = verifyDesiredAttributes(aad.getAttribute(), desiredAttrs);
    } catch (SAML2Exception se) {
        return SAML2Utils.getErrorResponse(attrQuery, SAML2Constants.REQUESTER, SAML2Constants.INVALID_ATTR_NAME_OR_VALUE, null, null);
    }
    List attributes = attrAuthorityMapper.getAttributes(identity, attrQuery, attrAuthorityEntityID, realm);
    if (request.getAttribute("AttributeQueryUtil-storeAllAttributes") != null) {
        request.setAttribute("AttributeQueryUtil-allAttributes", attributes);
    }
    attributes = filterAttributes(attributes, desiredAttrs);
    ProtocolFactory protocolFactory = ProtocolFactory.getInstance();
    Response samlResp = protocolFactory.createResponse();
    List assertionList = new ArrayList();
    Assertion assertion = null;
    try {
        assertion = getAssertion(attrQuery, attrAuthorityEntityID, requesterEntityID, realm, attrQueryProfileAlias, attributes);
    } catch (SAML2Exception se) {
        if (SAML2Utils.debug.messageEnabled()) {
            SAML2Utils.debug.message("AttributeQueryUtil.processAttributeQuery:", se);
        }
        return SAML2Utils.getErrorResponse(attrQuery, SAML2Constants.RESPONDER, null, se.getMessage(), null);
    }
    EncryptedID encryptedID = attrQuery.getSubject().getEncryptedID();
    if (encryptedID != null) {
        EncryptedAssertion encryptedAssertion = null;
        try {
            signAssertion(assertion, realm, attrAuthorityEntityID, false);
            encryptedAssertion = encryptAssertion(assertion, encryptedID, attrAuthorityEntityID, requesterEntityID, realm, attrQueryProfileAlias);
        } catch (SAML2Exception se) {
            if (SAML2Utils.debug.messageEnabled()) {
                SAML2Utils.debug.message("AttributeQueryUtil.processAttributeQuery:", se);
            }
            return SAML2Utils.getErrorResponse(attrQuery, SAML2Constants.RESPONDER, null, se.getMessage(), null);
        }
        assertionList.add(encryptedAssertion);
        samlResp.setEncryptedAssertion(assertionList);
    } else {
        assertionList.add(assertion);
        samlResp.setAssertion(assertionList);
    }
    samlResp.setID(SAML2Utils.generateID());
    samlResp.setInResponseTo(attrQuery.getID());
    samlResp.setVersion(SAML2Constants.VERSION_2_0);
    samlResp.setIssueInstant(new Date());
    Status status = protocolFactory.createStatus();
    StatusCode statusCode = protocolFactory.createStatusCode();
    statusCode.setValue(SAML2Constants.SUCCESS);
    status.setStatusCode(statusCode);
    samlResp.setStatus(status);
    Issuer respIssuer = AssertionFactory.getInstance().createIssuer();
    respIssuer.setValue(attrAuthorityEntityID);
    samlResp.setIssuer(respIssuer);
    signResponse(samlResp, attrAuthorityEntityID, realm, false);
    return samlResp;
}
Also used : Status(com.sun.identity.saml2.protocol.Status) Issuer(com.sun.identity.saml2.assertion.Issuer) AttributeAuthorityDescriptorElement(com.sun.identity.saml2.jaxb.metadata.AttributeAuthorityDescriptorElement) ArrayList(java.util.ArrayList) EncryptedAssertion(com.sun.identity.saml2.assertion.EncryptedAssertion) Assertion(com.sun.identity.saml2.assertion.Assertion) EncryptedID(com.sun.identity.saml2.assertion.EncryptedID) StatusCode(com.sun.identity.saml2.protocol.StatusCode) Date(java.util.Date) AttributeAuthorityMapper(com.sun.identity.saml2.plugins.AttributeAuthorityMapper) SAML2Exception(com.sun.identity.saml2.common.SAML2Exception) ProtocolFactory(com.sun.identity.saml2.protocol.ProtocolFactory) Response(com.sun.identity.saml2.protocol.Response) HttpServletResponse(javax.servlet.http.HttpServletResponse) EncryptedAssertion(com.sun.identity.saml2.assertion.EncryptedAssertion) List(java.util.List) ArrayList(java.util.ArrayList) SAML2MetaException(com.sun.identity.saml2.meta.SAML2MetaException)

Example 12 with ProtocolFactory

use of com.sun.identity.saml2.protocol.ProtocolFactory in project OpenAM by OpenRock.

the class AuthnQueryUtil method processAuthnQuery.

/**
     * This method processes the <code>AuthnQuery</code> coming
     * from a requester.
     *
     * @param authnQuery the <code>AuthnQuery</code> object
     * @param request the <code>HttpServletRequest</code> object
     * @param response the <code>HttpServletResponse</code> object
     * @param authnAuthorityEntityID entity ID of authentication authority
     * @param realm the realm of hosted entity
     *
     * @return the <code>Response</code> object
     * @exception SAML2Exception if the operation is not successful
     */
public static Response processAuthnQuery(AuthnQuery authnQuery, HttpServletRequest request, HttpServletResponse response, String authnAuthorityEntityID, String realm) throws SAML2Exception {
    try {
        verifyAuthnQuery(authnQuery, authnAuthorityEntityID, realm);
    } catch (SAML2Exception se) {
        SAML2Utils.debug.error("AuthnQueryUtil.processAuthnQuery:", se);
        return SAML2Utils.getErrorResponse(authnQuery, SAML2Constants.REQUESTER, null, se.getMessage(), null);
    }
    Issuer issuer = authnQuery.getIssuer();
    String spEntityID = issuer.getValue();
    AuthnAuthorityDescriptorElement aad = null;
    SAML2MetaManager metaManager = SAML2Utils.getSAML2MetaManager();
    try {
        aad = metaManager.getAuthnAuthorityDescriptor(realm, authnAuthorityEntityID);
    } catch (SAML2MetaException sme) {
        SAML2Utils.debug.error("AuthnQueryUtil.processAuthnQuery:", sme);
        return SAML2Utils.getErrorResponse(authnQuery, SAML2Constants.RESPONDER, null, SAML2Utils.bundle.getString("metaDataError"), null);
    }
    if (aad == null) {
        return SAML2Utils.getErrorResponse(authnQuery, SAML2Constants.REQUESTER, null, SAML2Utils.bundle.getString("authnAuthorityNotFound"), null);
    }
    NameID nameID = getNameID(authnQuery.getSubject(), realm, authnAuthorityEntityID);
    if (nameID == null) {
        return SAML2Utils.getErrorResponse(authnQuery, SAML2Constants.REQUESTER, SAML2Constants.UNKNOWN_PRINCIPAL, null, null);
    }
    IDPAccountMapper idpAcctMapper = SAML2Utils.getIDPAccountMapper(realm, authnAuthorityEntityID);
    String userID = idpAcctMapper.getIdentity(nameID, authnAuthorityEntityID, spEntityID, realm);
    if (userID == null) {
        return SAML2Utils.getErrorResponse(authnQuery, SAML2Constants.REQUESTER, SAML2Constants.UNKNOWN_PRINCIPAL, null, null);
    }
    IDPAuthnContextMapper idpAuthnContextMapper = IDPSSOUtil.getIDPAuthnContextMapper(realm, authnAuthorityEntityID);
    // get assertion for matching authncontext using session
    List returnAssertions = new ArrayList();
    String qSessionIndex = authnQuery.getSessionIndex();
    RequestedAuthnContext requestedAC = authnQuery.getRequestedAuthnContext();
    List assertions = null;
    String cacheKey = userID.toLowerCase();
    AssertionFactory assertionFactory = AssertionFactory.getInstance();
    if (SAML2FailoverUtils.isSAML2FailoverEnabled()) {
        if (SAML2Utils.debug.messageEnabled()) {
            SAML2Utils.debug.message("AuthnQueryUtil.processAuthnQuery: " + "getting user assertions from DB. user = " + cacheKey);
        }
        List list = null;
        try {
            list = SAML2FailoverUtils.retrieveSAML2TokensWithSecondaryKey(cacheKey);
        } catch (SAML2TokenRepositoryException se) {
            SAML2Utils.debug.error("AuthnQueryUtil.processAuthnQuery: " + "Unable to obtain user assertions from CTS Repository. user = " + cacheKey, se);
        }
        if (list != null && !list.isEmpty()) {
            assertions = new ArrayList();
            for (Iterator iter = list.iterator(); iter.hasNext(); ) {
                String assertionStr = (String) iter.next();
                assertions.add(assertionFactory.createAssertion(assertionStr));
            }
        }
    } else {
        assertions = (List) IDPCache.assertionCache.get(cacheKey);
    }
    if ((assertions != null) && (!assertions.isEmpty())) {
        synchronized (assertions) {
            for (Iterator aIter = assertions.iterator(); aIter.hasNext(); ) {
                Assertion assertion = (Assertion) aIter.next();
                if (!assertion.isTimeValid()) {
                    if (SAML2Utils.debug.messageEnabled()) {
                        SAML2Utils.debug.message("AuthnQueryUtil.processAuthnQuery: " + " assertion " + assertion.getID() + " expired.");
                    }
                    continue;
                }
                List authnStmts = assertion.getAuthnStatements();
                for (Iterator asIter = authnStmts.iterator(); asIter.hasNext(); ) {
                    AuthnStatement authnStmt = (AuthnStatement) asIter.next();
                    AuthnContext authnStmtAC = authnStmt.getAuthnContext();
                    String sessionIndex = authnStmt.getSessionIndex();
                    String authnStmtACClassRef = authnStmtAC.getAuthnContextClassRef();
                    if (SAML2Utils.debug.messageEnabled()) {
                        SAML2Utils.debug.message("AuthnQueryUtil.processAuthnQuery: " + "authnStmtACClassRef is " + authnStmtACClassRef + ", sessionIndex = " + sessionIndex);
                    }
                    if ((qSessionIndex != null) && (qSessionIndex.length() != 0) && (!qSessionIndex.equals(sessionIndex))) {
                        continue;
                    }
                    if (requestedAC != null) {
                        List requestedACClassRefs = requestedAC.getAuthnContextClassRef();
                        String comparison = requestedAC.getComparison();
                        if (idpAuthnContextMapper.isAuthnContextMatching(requestedACClassRefs, authnStmtACClassRef, comparison, realm, authnAuthorityEntityID)) {
                            returnAssertions.add(assertion);
                            break;
                        }
                    } else {
                        returnAssertions.add(assertion);
                        break;
                    }
                }
            }
        }
    // end assertion iterator while.
    }
    ProtocolFactory protocolFactory = ProtocolFactory.getInstance();
    Response samlResp = protocolFactory.createResponse();
    if (!returnAssertions.isEmpty()) {
        samlResp.setAssertion(returnAssertions);
    }
    samlResp.setID(SAML2Utils.generateID());
    samlResp.setInResponseTo(authnQuery.getID());
    samlResp.setVersion(SAML2Constants.VERSION_2_0);
    samlResp.setIssueInstant(new Date());
    Status status = protocolFactory.createStatus();
    StatusCode statusCode = protocolFactory.createStatusCode();
    statusCode.setValue(SAML2Constants.SUCCESS);
    status.setStatusCode(statusCode);
    samlResp.setStatus(status);
    Issuer respIssuer = assertionFactory.createIssuer();
    respIssuer.setValue(authnAuthorityEntityID);
    samlResp.setIssuer(respIssuer);
    signResponse(samlResp, authnAuthorityEntityID, realm, false);
    return samlResp;
}
Also used : Status(com.sun.identity.saml2.protocol.Status) AuthnAuthorityDescriptorElement(com.sun.identity.saml2.jaxb.metadata.AuthnAuthorityDescriptorElement) IDPAccountMapper(com.sun.identity.saml2.plugins.IDPAccountMapper) IDPAuthnContextMapper(com.sun.identity.saml2.plugins.IDPAuthnContextMapper) Issuer(com.sun.identity.saml2.assertion.Issuer) NameID(com.sun.identity.saml2.assertion.NameID) ArrayList(java.util.ArrayList) EncryptedAssertion(com.sun.identity.saml2.assertion.EncryptedAssertion) Assertion(com.sun.identity.saml2.assertion.Assertion) SAML2MetaManager(com.sun.identity.saml2.meta.SAML2MetaManager) StatusCode(com.sun.identity.saml2.protocol.StatusCode) Date(java.util.Date) RequestedAuthnContext(com.sun.identity.saml2.protocol.RequestedAuthnContext) AuthnContext(com.sun.identity.saml2.assertion.AuthnContext) SAML2Exception(com.sun.identity.saml2.common.SAML2Exception) ProtocolFactory(com.sun.identity.saml2.protocol.ProtocolFactory) Response(com.sun.identity.saml2.protocol.Response) HttpServletResponse(javax.servlet.http.HttpServletResponse) RequestedAuthnContext(com.sun.identity.saml2.protocol.RequestedAuthnContext) AssertionFactory(com.sun.identity.saml2.assertion.AssertionFactory) Iterator(java.util.Iterator) AuthnStatement(com.sun.identity.saml2.assertion.AuthnStatement) ArrayList(java.util.ArrayList) List(java.util.List) SAML2TokenRepositoryException(org.forgerock.openam.federation.saml2.SAML2TokenRepositoryException) SAML2MetaException(com.sun.identity.saml2.meta.SAML2MetaException)

Example 13 with ProtocolFactory

use of com.sun.identity.saml2.protocol.ProtocolFactory in project OpenAM by OpenRock.

the class AuthnRequestImpl method parseDOMElement.

/** 
     * Parses the Docuemnt Element for this object.
     * 
     * @param element the Document Element of this object.
     * @throws SAML2Exception if error parsing the Document Element.
     */
protected void parseDOMElement(Element element) throws SAML2Exception {
    AssertionFactory assertionFactory = AssertionFactory.getInstance();
    ProtocolFactory protoFactory = ProtocolFactory.getInstance();
    requestId = element.getAttribute(SAML2Constants.ID);
    validateID(requestId);
    version = element.getAttribute(SAML2Constants.VERSION);
    validateVersion(version);
    String issueInstantStr = element.getAttribute(SAML2Constants.ISSUE_INSTANT);
    validateIssueInstant(issueInstantStr);
    destinationURI = element.getAttribute(SAML2Constants.DESTINATION);
    consent = element.getAttribute(SAML2Constants.CONSENT);
    NodeList nList = element.getChildNodes();
    if ((nList != null) && (nList.getLength() > 0)) {
        for (int i = 0; i < nList.getLength(); i++) {
            Node childNode = nList.item(i);
            String cName = childNode.getLocalName();
            if (cName != null) {
                if (cName.equals(SAML2Constants.ISSUER)) {
                    validateIssuer();
                    nameID = assertionFactory.createIssuer((Element) childNode);
                } else if (cName.equals(SAML2Constants.SIGNATURE)) {
                    validateSignature();
                    signatureString = XMLUtils.print((Element) childNode);
                    isSigned = true;
                } else if (cName.equals(SAML2Constants.EXTENSIONS)) {
                    validateExtensions();
                    extensions = protoFactory.createExtensions((Element) childNode);
                } else if (cName.equals(SAML2Constants.SUBJECT)) {
                    validateSubject();
                    subject = assertionFactory.createSubject((Element) childNode);
                } else if (cName.equals(SAML2Constants.NAMEIDPOLICY)) {
                    validateNameIDPolicy();
                    nameIDPolicy = protoFactory.createNameIDPolicy((Element) childNode);
                } else if (cName.equals(SAML2Constants.CONDITIONS)) {
                    validateConditions();
                    conditions = assertionFactory.createConditions((Element) childNode);
                } else if (cName.equals(SAML2Constants.REQ_AUTHN_CONTEXT)) {
                    validateReqAuthnContext();
                    reqAuthnContext = protoFactory.createRequestedAuthnContext((Element) childNode);
                } else if (cName.equals(SAML2Constants.SCOPING)) {
                    validateScoping();
                    scoping = protoFactory.createScoping((Element) childNode);
                }
            }
        }
    }
    // Get ForceAuthn Attribute
    String forceAuthnAttr = element.getAttribute(SAML2Constants.FORCEAUTHN);
    if ((forceAuthnAttr != null) && (forceAuthnAttr.length() > 0)) {
        forceAuthn = SAML2SDKUtils.booleanValueOf(forceAuthnAttr);
    }
    String isPassiveAttr = element.getAttribute(SAML2Constants.ISPASSIVE);
    if ((isPassiveAttr != null) && (isPassiveAttr.length() > 0)) {
        isPassive = SAML2SDKUtils.booleanValueOf(isPassiveAttr);
    }
    protocolBinding = element.getAttribute(SAML2Constants.PROTOBINDING);
    String index = element.getAttribute(SAML2Constants.ASSERTION_CONSUMER_SVC_INDEX);
    if ((index != null) && (index.length() > 0)) {
        assertionConsumerSvcIndex = new Integer(index);
        validateAssertionConsumerServiceIndex(assertionConsumerSvcIndex);
    }
    assertionConsumerServiceURL = XMLUtils.unescapeSpecialCharacters(element.getAttribute(SAML2Constants.ASSERTION_CONSUMER_SVC_URL));
    index = element.getAttribute(SAML2Constants.ATTR_CONSUMING_SVC_INDEX);
    if ((index != null) && (index.length() > 0)) {
        attrConsumingSvcIndex = new Integer(index);
        validateAttributeConsumingServiceIndex(attrConsumingSvcIndex);
    }
    providerName = element.getAttribute(SAML2Constants.PROVIDER_NAME);
}
Also used : ProtocolFactory(com.sun.identity.saml2.protocol.ProtocolFactory) AssertionFactory(com.sun.identity.saml2.assertion.AssertionFactory) NodeList(org.w3c.dom.NodeList) Node(org.w3c.dom.Node) Element(org.w3c.dom.Element)

Example 14 with ProtocolFactory

use of com.sun.identity.saml2.protocol.ProtocolFactory in project OpenAM by OpenRock.

the class LogoutRequestImpl method toXMLString.

/**
     * Returns the <code>LogoutRequest</code> in an XML document String format
     * based on the <code>LogoutRequest</code> schema described above.
     *
     * @param includeNSPrefix Determines whether or not the namespace qualifier
     *        is prepended to the Element when converted
     * @param declareNS Determines whether or not the namespace is declared
     *        within the Element.
     * @return A XML String representing the <code>LogoutRequest</code>.
     * @throws SAML2Exception if some error occurs during conversion to
     *         <code>String</code>.
     */
public String toXMLString(boolean includeNSPrefix, boolean declareNS) throws SAML2Exception {
    if (isSigned && signedXMLString != null) {
        return signedXMLString;
    }
    validateData();
    StringBuffer xmlString = new StringBuffer(1000);
    xmlString.append(SAML2Constants.START_TAG);
    if (includeNSPrefix) {
        xmlString.append(SAML2Constants.PROTOCOL_PREFIX);
    }
    xmlString.append(SAML2Constants.LOGOUT_REQUEST).append(SAML2Constants.SPACE);
    if (declareNS) {
        xmlString.append(SAML2Constants.PROTOCOL_DECLARE_STR).append(SAML2Constants.SPACE);
    }
    xmlString.append(SAML2Constants.ID).append(SAML2Constants.EQUAL).append(SAML2Constants.QUOTE).append(requestId).append(SAML2Constants.QUOTE).append(SAML2Constants.SPACE).append(SAML2Constants.VERSION).append(SAML2Constants.EQUAL).append(SAML2Constants.QUOTE).append(version).append(SAML2Constants.QUOTE).append(SAML2Constants.SPACE).append(SAML2Constants.ISSUE_INSTANT).append(SAML2Constants.EQUAL).append(SAML2Constants.QUOTE).append(DateUtils.toUTCDateFormat(issueInstant)).append(SAML2Constants.QUOTE);
    if ((destinationURI != null) && (destinationURI.length() > 0)) {
        xmlString.append(SAML2Constants.SPACE).append(SAML2Constants.DESTINATION).append(SAML2Constants.EQUAL).append(SAML2Constants.QUOTE).append(destinationURI).append(SAML2Constants.QUOTE);
    }
    if ((consent != null) && (consent.length() > 0)) {
        xmlString.append(SAML2Constants.SPACE).append(SAML2Constants.CONSENT).append(SAML2Constants.EQUAL).append(SAML2Constants.QUOTE).append(consent).append(SAML2Constants.QUOTE);
    }
    if (notOnOrAfter != null) {
        xmlString.append(SAML2Constants.SPACE).append(SAML2Constants.NOTONORAFTER).append(SAML2Constants.EQUAL).append(SAML2Constants.QUOTE).append(DateUtils.toUTCDateFormat(notOnOrAfter)).append(SAML2Constants.QUOTE);
    }
    if ((reason != null) && (reason.length() > 0)) {
        xmlString.append(SAML2Constants.SPACE).append(SAML2Constants.REASON).append(SAML2Constants.EQUAL).append(SAML2Constants.QUOTE).append(reason).append(SAML2Constants.QUOTE);
    }
    xmlString.append(SAML2Constants.END_TAG);
    if (nameID != null) {
        String issuerString = nameID.toXMLString(includeNSPrefix, declareNS);
        xmlString.append(issuerString);
    }
    if ((signatureString != null) && (signatureString.length() > 0)) {
        xmlString.append(signatureString);
    }
    if (extensions != null) {
        xmlString.append(extensions.toXMLString(includeNSPrefix, declareNS));
    }
    if (baseId != null) {
        xmlString.append(baseId.toXMLString(includeNSPrefix, declareNS));
    }
    if (nameId != null) {
        xmlString.append(nameId.toXMLString(includeNSPrefix, declareNS));
    }
    if (encryptedId != null) {
        xmlString.append(encryptedId.toXMLString(includeNSPrefix, declareNS));
    }
    if (sessionIndexList != null && !sessionIndexList.isEmpty()) {
        Iterator sessionIterator = sessionIndexList.iterator();
        while (sessionIterator.hasNext()) {
            ProtocolFactory protoFactory = ProtocolFactory.getInstance();
            String sessionString = (String) sessionIterator.next();
            SessionIndex sIndex = protoFactory.createSessionIndex(sessionString);
            xmlString.append(sIndex.toXMLString(includeNSPrefix, declareNS));
        }
    }
    xmlString.append(SAML2Constants.SAML2_END_TAG).append(SAML2Constants.LOGOUT_REQUEST).append(SAML2Constants.END_TAG);
    return xmlString.toString();
}
Also used : ProtocolFactory(com.sun.identity.saml2.protocol.ProtocolFactory) SessionIndex(com.sun.identity.saml2.protocol.SessionIndex) Iterator(java.util.Iterator)

Example 15 with ProtocolFactory

use of com.sun.identity.saml2.protocol.ProtocolFactory in project OpenAM by OpenRock.

the class LogoutRequestImpl method parseElement.

/**
     * Parses the Docuemnt Element for this object.
     *
     * @param element the Document Element of this object.
     * @throws SAML2Exception if error parsing the Document Element.
     */
private void parseElement(Element element) throws SAML2Exception {
    AssertionFactory assertionFactory = AssertionFactory.getInstance();
    ProtocolFactory protoFactory = ProtocolFactory.getInstance();
    requestId = element.getAttribute(SAML2Constants.ID);
    validateID(requestId);
    version = element.getAttribute(SAML2Constants.VERSION);
    validateVersion(version);
    String issueInstantStr = element.getAttribute(SAML2Constants.ISSUE_INSTANT);
    validateIssueInstant(issueInstantStr);
    destinationURI = element.getAttribute(SAML2Constants.DESTINATION);
    consent = element.getAttribute(SAML2Constants.CONSENT);
    String notOnOrAfterStr = element.getAttribute(SAML2Constants.NOTONORAFTER);
    validateNotOnOrAfterStr(notOnOrAfterStr);
    reason = element.getAttribute(SAML2Constants.REASON);
    String sessionIndexStr = null;
    NodeList nList = element.getChildNodes();
    if ((nList != null) && (nList.getLength() > 0)) {
        for (int i = 0; i < nList.getLength(); i++) {
            Node childNode = nList.item(i);
            String cName = childNode.getLocalName();
            if (cName != null) {
                if (cName.equals(SAML2Constants.ISSUER)) {
                    nameID = assertionFactory.createIssuer((Element) childNode);
                } else if (cName.equals(SAML2Constants.SIGNATURE)) {
                    signatureString = XMLUtils.print((Element) childNode);
                    isSigned = true;
                } else if (cName.equals(SAML2Constants.EXTENSIONS)) {
                    extensions = protoFactory.createExtensions((Element) childNode);
                } else if (cName.equals(SAML2Constants.BASEID)) {
                    baseId = assertionFactory.createBaseID((Element) childNode);
                } else if (cName.equals(SAML2Constants.NAMEID)) {
                    nameId = assertionFactory.createNameID((Element) childNode);
                } else if (cName.equals(SAML2Constants.ENCRYPTEDID)) {
                    encryptedId = assertionFactory.createEncryptedID((Element) childNode);
                } else if (cName.equals(SAML2Constants.SESSION_INDEX)) {
                    if ((sessionIndexList == null) || (sessionIndexList.isEmpty())) {
                        sessionIndexList = new ArrayList();
                    }
                    sessionIndexStr = XMLUtils.getElementString((Element) childNode);
                    sessionIndexList.add(sessionIndexStr);
                }
            }
        }
        validateBaseIDorNameIDorEncryptedID();
        if ((sessionIndexList != null) && (!sessionIndexList.isEmpty())) {
            sessionIndexList = Collections.unmodifiableList(sessionIndexList);
        }
    }
}
Also used : ProtocolFactory(com.sun.identity.saml2.protocol.ProtocolFactory) AssertionFactory(com.sun.identity.saml2.assertion.AssertionFactory) NodeList(org.w3c.dom.NodeList) Node(org.w3c.dom.Node) Element(org.w3c.dom.Element) ArrayList(java.util.ArrayList)

Aggregations

ProtocolFactory (com.sun.identity.saml2.protocol.ProtocolFactory)17 Element (org.w3c.dom.Element)11 AssertionFactory (com.sun.identity.saml2.assertion.AssertionFactory)9 Node (org.w3c.dom.Node)9 NodeList (org.w3c.dom.NodeList)9 SAML2Exception (com.sun.identity.saml2.common.SAML2Exception)7 ArrayList (java.util.ArrayList)6 Issuer (com.sun.identity.saml2.assertion.Issuer)4 Date (java.util.Date)4 List (java.util.List)4 Assertion (com.sun.identity.saml2.assertion.Assertion)3 SAML2MetaException (com.sun.identity.saml2.meta.SAML2MetaException)3 Response (com.sun.identity.saml2.protocol.Response)3 Status (com.sun.identity.saml2.protocol.Status)3 StatusCode (com.sun.identity.saml2.protocol.StatusCode)3 Iterator (java.util.Iterator)3 HttpServletResponse (javax.servlet.http.HttpServletResponse)3 EncryptedAssertion (com.sun.identity.saml2.assertion.EncryptedAssertion)2 EncryptedID (com.sun.identity.saml2.assertion.EncryptedID)2 NameID (com.sun.identity.saml2.assertion.NameID)2