Examples with Status com.sun.identity.saml2.protocol.Status used on opensource projects

Example 31 with Status

use of com.sun.identity.saml2.protocol.Status in project OpenAM by OpenRock.

the class NameIDMapping method processNameIDMappingRequest.

public static NameIDMappingResponse processNameIDMappingRequest(NameIDMappingRequest nimRequest, String realm, String idpEntityID) throws SAML2Exception {
    NameIDMappingResponse nimResponse = null;
    String spEntityID = nimRequest.getIssuer().getValue();
    if (spEntityID == null) {
        throw new SAML2Exception(SAML2Utils.bundle.getString("nullSPEntityID"));
    }
    String responseID = SAML2Utils.generateID();
    if (responseID == null) {
        SAML2Utils.debug.error(SAML2Utils.bundle.getString("failedToGenResponseID"));
    }
    nimResponse = pf.createNameIDMappingResponse();
    nimResponse.setID(responseID);
    nimResponse.setInResponseTo(nimRequest.getID());
    nimResponse.setVersion(SAML2Constants.VERSION_2_0);
    nimResponse.setIssueInstant(new Date());
    nimResponse.setIssuer(SAML2Utils.createIssuer(idpEntityID));
    SAML2Utils.verifyRequestIssuer(realm, idpEntityID, nimRequest.getIssuer(), nimRequest.getID());
    NameIDPolicy nameIDPolicy = nimRequest.getNameIDPolicy();
    String targetSPEntityID = nameIDPolicy.getSPNameQualifier();
    String format = nameIDPolicy.getFormat();
    Status status = null;
    if ((format != null) && (format.length() != 0) && (!format.equals(SAML2Constants.PERSISTENT)) && (!format.equals(SAML2Constants.UNSPECIFIED))) {
        nimResponse.setNameID(nimRequest.getNameID());
        nimResponse.setEncryptedID(nimRequest.getEncryptedID());
        status = SAML2Utils.generateStatus(SAML2Constants.INVALID_NAME_ID_POLICY, SAML2Utils.bundle.getString("targetNameIDFormatUnsupported"));
    } else if ((targetSPEntityID == null) || (targetSPEntityID.length() == 0) || targetSPEntityID.equals(spEntityID)) {
        nimResponse.setNameID(nimRequest.getNameID());
        nimResponse.setEncryptedID(nimRequest.getEncryptedID());
        status = SAML2Utils.generateStatus(SAML2Constants.INVALID_NAME_ID_POLICY, SAML2Utils.bundle.getString("targetNameIDNoChange"));
    } else {
        // check if source SP has account fed
        // if yes then get nameid of targetSP
        IDPAccountMapper idpAcctMapper = SAML2Utils.getIDPAccountMapper(realm, idpEntityID);
        NameID nameID = getNameID(nimRequest, realm, idpEntityID);
        String userID = idpAcctMapper.getIdentity(nameID, idpEntityID, spEntityID, realm);
        NameIDInfo targetNameIDInfo = null;
        if (userID != null) {
            targetNameIDInfo = AccountUtils.getAccountFederation(userID, idpEntityID, targetSPEntityID);
        }
        if (targetNameIDInfo == null) {
            nimResponse.setNameID(nimRequest.getNameID());
            nimResponse.setEncryptedID(nimRequest.getEncryptedID());
            status = SAML2Utils.generateStatus(SAML2Constants.INVALID_NAME_ID_POLICY, SAML2Utils.bundle.getString("targetNameIDNotFound"));
        } else {
            NameID targetSPNameID = targetNameIDInfo.getNameID();
            if (SAML2Utils.debug.messageEnabled()) {
                SAML2Utils.debug.message("NameIDMapping.processNameIDMappingRequest: " + "User ID = " + userID + ", name ID = " + targetSPNameID.toXMLString(true, true));
            }
            nimResponse.setEncryptedID(getEncryptedID(targetSPNameID, realm, spEntityID, SAML2Constants.SP_ROLE));
            status = SAML2Utils.generateStatus(SAML2Constants.SUCCESS, null);
        }
    }
    nimResponse.setStatus(status);
    signNIMResponse(nimResponse, realm, idpEntityID, false);
    return nimResponse;
}

Example 32 with Status

use of com.sun.identity.saml2.protocol.Status in project OpenAM by OpenRock.

the class LogoutUtil method setSessionIndex.

static void setSessionIndex(Status status, List sessionIndex) {
    try {
        StatusDetail sd = ProtocolFactory.getInstance().createStatusDetail();
        status.setStatusDetail(sd);
        if (sessionIndex != null && !sessionIndex.isEmpty()) {
            List details = new ArrayList();
            for (Iterator iter = sessionIndex.iterator(); iter.hasNext(); ) {
                String si = (String) iter.next();
                SessionIndex sIndex = ProtocolFactory.getInstance().createSessionIndex(si);
                details.add(sIndex.toXMLString(true, true));
            }
            sd.setAny(details);
        }
    } catch (SAML2Exception e) {
        debug.error("LogoutUtil.setSessionIndex: ", e);
    }
}

Example 33 with Status

use of com.sun.identity.saml2.protocol.Status in project OpenAM by OpenRock.

the class StatusImpl method parseElement.

/* Parses the <code>Status</code> Element. */
private void parseElement(Element element) throws SAML2Exception {
    ProtocolFactory protoFactory = ProtocolFactory.getInstance();
    NodeList nList = element.getChildNodes();
    if ((nList != null) && (nList.getLength() > 0)) {
        for (int i = 0; i < nList.getLength(); i++) {
            Node childNode = nList.item(i);
            String cName = childNode.getLocalName();
            if (cName != null) {
                if (cName.equals(SAML2Constants.STATUS_CODE)) {
                    statusCode = protoFactory.createStatusCode((Element) childNode);
                    validateStatusCode(statusCode);
                } else if (cName.equals(SAML2Constants.STATUS_MESSAGE)) {
                    statusMessage = XMLUtils.getElementString((Element) childNode);
                } else if (cName.equals(SAML2Constants.STATUS_DETAIL)) {
                    statusDetail = protoFactory.createStatusDetail((Element) childNode);
                }
            }
        }
    }
}

Example 34 with Status

use of com.sun.identity.saml2.protocol.Status in project OpenAM by OpenRock.

the class StatusImpl method toXMLString.

/**
     * Returns the <code>Status</code> in an XML document String format
     * based on the <code>Status</code> schema described above.
     *
     * @param includeNSPrefix Determines whether or not the namespace qualifier
     *        is prepended to the Element when converted
     * @param declareNS Determines whether or not the namespace is declared
     *        within the Element.
     * @return A XML String representing the <code>Status</code>.
     * @throws SAML2Exception if some error occurs during conversion to
     *         <code>String</code>.
     */
public String toXMLString(boolean includeNSPrefix, boolean declareNS) throws SAML2Exception {
    String xmlStr = null;
    if (statusCode != null) {
        StringBuffer xmlString = new StringBuffer(500);
        xmlString.append(SAML2Constants.START_TAG);
        if (includeNSPrefix) {
            xmlString.append(SAML2Constants.PROTOCOL_PREFIX);
        }
        xmlString.append(SAML2Constants.STATUS);
        if (declareNS) {
            xmlString.append(SAML2Constants.PROTOCOL_DECLARE_STR);
        }
        xmlString.append(SAML2Constants.END_TAG);
        xmlString.append(SAML2Constants.NEWLINE).append(statusCode.toXMLString(includeNSPrefix, declareNS));
        if ((statusMessage != null) && (statusMessage.length() != 0)) {
            ProtocolFactory protoFactory = ProtocolFactory.getInstance();
            StatusMessage sMessage = protoFactory.createStatusMessage(statusMessage);
            xmlString.append(SAML2Constants.NEWLINE).append(sMessage.toXMLString(includeNSPrefix, declareNS));
        }
        if (statusDetail != null) {
            xmlString.append(SAML2Constants.NEWLINE).append(statusDetail.toXMLString(includeNSPrefix, declareNS));
        }
        xmlString.append(SAML2Constants.NEWLINE).append(SAML2Constants.SAML2_END_TAG).append(SAML2Constants.STATUS).append(SAML2Constants.END_TAG);
        xmlStr = xmlString.toString();
    }
    return xmlStr;
}

Example 35 with Status

use of com.sun.identity.saml2.protocol.Status in project OpenAM by OpenRock.

the class SAML2Utils method getErrorResponse.

/**
     * Returns a <code>SAML Response</code> object containing error status
     *
     * @param request        the <code>RequestAbstract</code> object
     * @param code           the error code
     * @param subCode        teh second-level error code
     * @param statusMsg      the error message
     * @param issuerEntityID the entity id of the issuer
     * @return the <code>SAML Response</code> object containing error status
     * @throws SAML2Exception if the operation is not successful
     */
public static Response getErrorResponse(RequestAbstract request, String code, String subCode, String statusMsg, String issuerEntityID) throws SAML2Exception {
    String classMethod = "IDPSSOUtil.getErrorResponse: ";
    Response errResp = ProtocolFactory.getInstance().createResponse();
    errResp.setStatus(generateStatus(code, subCode, statusMsg));
    String responseID = SAML2Utils.generateID();
    if (responseID == null) {
        debug.error("Unable to generate response ID.");
        return null;
    }
    errResp.setID(responseID);
    if (request != null) {
        // sp initiated case, need to set InResponseTo attribute
        errResp.setInResponseTo(request.getID());
    }
    errResp.setVersion(SAML2Constants.VERSION_2_0);
    errResp.setIssueInstant(new Date());
    // set the idp entity id as the response issuer
    if (issuerEntityID != null) {
        Issuer issuer = AssertionFactory.getInstance().createIssuer();
        issuer.setValue(issuerEntityID);
        errResp.setIssuer(issuer);
    }
    if (debug.messageEnabled()) {
        debug.message(classMethod + "Error Response is : " + errResp.toXMLString());
    }
    return errResp;
}