// used by the constructors.
  private void parseElement(Element element) throws SAML2Exception {
    // make sure that the input xml block is not null
    if (element == null) {
      if (SAML2SDKUtils.debug.messageEnabled()) {
        SAML2SDKUtils.debug.message("AttributeStatementImpl." + "parseElement: Input is null.");
      }
      throw new SAML2Exception(SAML2SDKUtils.bundle.getString("nullInput"));
    }
    // Make sure this is an AttributeStatement.
    if (!SAML2SDKUtils.checkStatement(element, "AttributeStatement")) {
      if (SAML2SDKUtils.debug.messageEnabled()) {
        SAML2SDKUtils.debug.message(
            "AttributeStatementImpl." + "parseElement: not AttributeStatement.");
      }
      throw new SAML2Exception(SAML2SDKUtils.bundle.getString("wrongInput"));
    }

    // handle the sub elementsof the AuthnStatment
    NodeList nl = element.getChildNodes();
    Node child;
    String childName;
    int length = nl.getLength();
    for (int i = 0; i < length; i++) {
      child = nl.item(i);
      if ((childName = child.getLocalName()) != null) {
        if (childName.equals("Attribute")) {
          Attribute attr = AssertionFactory.getInstance().createAttribute((Element) child);
          if (attrs == null) {
            attrs = new ArrayList();
          }
          attrs.add(attr);
        } else if (childName.equals("EncryptedAttribute")) {
          EncryptedAttribute encAttr =
              AssertionFactory.getInstance().createEncryptedAttribute((Element) child);
          if (encAttrs == null) {
            encAttrs = new ArrayList();
          }
          encAttrs.add(encAttr);
        } else {
          if (SAML2SDKUtils.debug.messageEnabled()) {
            SAML2SDKUtils.debug.message(
                "AttributeStatementImpl." + "parse Element: Invalid element:" + childName);
          }
          throw new SAML2Exception(SAML2SDKUtils.bundle.getString("invalidElement"));
        }
      }
    }
    validateData();
    if (attrs != null) {
      attrs = Collections.unmodifiableList(attrs);
    }
    if (encAttrs != null) {
      encAttrs = Collections.unmodifiableList(encAttrs);
    }
    mutable = false;
  }
  @Test
  public void testHoKSubjectConfirmation() throws Exception {
    SubjectProvider subjectProvider =
        new DefaultSubjectProvider(
            Guice.createInjector(new MyModule()).getInstance(KeyInfoFactory.class));
    Date issueInstant = new Date();
    Subject subject =
        subjectProvider.get(
            SUBJECT_ID,
            AUDIENCE_ID,
            createSAML2Config(),
            SAML2SubjectConfirmation.HOLDER_OF_KEY,
            issueInstant,
            getProofState());
    assertEquals(SUBJECT_ID, subject.getNameID().getValue());
    assertEquals(NAME_ID_FORMAT, subject.getNameID().getFormat());

    SubjectConfirmation subjectConfirmation =
        (SubjectConfirmation) subject.getSubjectConfirmation().get(0);
    assertEquals(
        SAML2Constants.SUBJECT_CONFIRMATION_METHOD_HOLDER_OF_KEY, subjectConfirmation.getMethod());
    SubjectConfirmationData subjectConfirmationData =
        subjectConfirmation.getSubjectConfirmationData();
    assertTrue(subjectConfirmationData != null);
    assertEquals(subjectConfirmationData.getContentType(), KEY_INFO_CONFIRMATION_DATA_TYPE);
    // see if we can go from xml back to class instance.
    AssertionFactory.getInstance()
        .createSubjectConfirmationData(subjectConfirmationData.toXMLString(true, true));
  }
 /**
  * Returns an <code>EncryptedAttribute</code> object.
  *
  * @param recipientPublicKey Public key used to encrypt the data encryption (secret) key, it is
  *     the public key of the recipient of the XML document to be encrypted.
  * @param dataEncAlgorithm Data encryption algorithm.
  * @param dataEncStrength Data encryption strength.
  * @param recipientEntityID Unique identifier of the recipient, it is used as the index to the
  *     cached secret key so that the key can be reused for the same recipient; It can be null in
  *     which case the secret key will be generated every time and will not be cached and reused.
  *     Note that the generation of a secret key is a relatively expensive operation.
  * @return <code>EncryptedAttribute</code> object
  * @throws SAML2Exception if error occurs during the encryption process.
  */
 public EncryptedAttribute encrypt(
     Key recipientPublicKey,
     String dataEncAlgorithm,
     int dataEncStrength,
     String recipientEntityID)
     throws SAML2Exception {
   Element el =
       EncManager.getEncInstance()
           .encrypt(
               toXMLString(true, true),
               recipientPublicKey,
               dataEncAlgorithm,
               dataEncStrength,
               recipientEntityID,
               "EncryptedAttribute");
   return AssertionFactory.getInstance().createEncryptedAttribute(el);
 }
Exemple #4
0
 /**
  * Returns <code>Issuer</code> for the entity identifier.
  *
  * @param entityID entity identifier.
  * @return the <code>Issuer</code> object.
  * @exception <code>SAML2Exception</code> if there is an error creating the issuer.
  */
 private static Issuer createIssuer(String entityID) throws SAML2Exception {
   Issuer issuer = AssertionFactory.getInstance().createIssuer();
   issuer.setValue(entityID);
   return issuer;
 }