/** {@inheritDoc} */
protected void unmarshallTextContent(XMLObject xmlObject, Text content)
throws UnmarshallingException {
String textContent = DatatypeHelper.safeTrimOrNullString(content.getWholeText());
if (textContent != null) {
XSQName qname = (XSQName) xmlObject;
qname.setValue(XMLHelper.constructQName(textContent, XMLHelper.getElementAncestor(content)));
}
}
/** {@inheritDoc} */
protected void doParse(Element config, BeanDefinitionBuilder builder) {
log.info(
"Parsing configuration for profile handler: {}",
XMLHelper.getXSIType(config).getLocalPart());
builder.addPropertyValue("requestPaths", getRequestPaths(config));
}
/**
* Serializes an authentication request into a string.
*
* @param request the request to serialize
* @return the serialized form of the string
* @throws MarshallingException thrown if the request can not be marshalled and serialized
*/
protected String serializeRequest(AuthnRequest request) throws MarshallingException {
Marshaller marshaller = Configuration.getMarshallerFactory().getMarshaller(request);
Element requestElem = marshaller.marshall(request);
StringWriter writer = new StringWriter();
XMLHelper.writeNode(requestElem, writer);
return writer.toString();
}
/** {@inheritDoc} */
protected void marshallElementContent(XMLObject samlObject, Element domElement)
throws MarshallingException {
GetComplete gc = (GetComplete) samlObject;
if (gc.getGetComplete() != null) {
XMLHelper.appendTextContent(domElement, gc.getGetComplete());
}
}
private static String getMetadataAsString(final EntityDescriptor descriptor)
throws MarshallingException {
final MarshallerFactory marshallerFactory = Configuration.getMarshallerFactory();
final Marshaller marshaller = marshallerFactory.getMarshaller(descriptor);
final Element element = marshaller.marshall(descriptor);
return XMLHelper.nodeToString(element);
}
/** {@inheritDoc} */
protected void marshallElementContent(XMLObject xmlObject, Element domElement)
throws MarshallingException {
XSInteger xsiInteger = (XSInteger) xmlObject;
if (xsiInteger.getValue() != null) {
XMLHelper.appendTextContent(domElement, xsiInteger.getValue().toString());
}
}
/** {@inheritDoc} */
protected void doParse(
Element configElement, ParserContext parserContext, BeanDefinitionBuilder builder) {
super.doParse(configElement, parserContext, builder);
List<Element> ruleElements =
XMLHelper.getChildElementsByTagNameNS(
configElement, BasicMatchFunctorNamespaceHandler.NAMESPACE, "Rule");
builder.addConstructorArgValue(
SpringConfigurationUtils.parseInnerCustomElement(ruleElements.get(0), parserContext));
ruleElements =
XMLHelper.getChildElementsByTagNameNS(
configElement, BasicMatchFunctorNamespaceHandler.NAMESPACE, "RuleReference");
if (!ruleElements.isEmpty()) {
throw new BeanCreationException("RuleReference elements within a NOT rule are not supported");
}
}
/** {@inheritDoc} */
protected void processAttribute(XMLObject xmlObject, Attr attribute)
throws UnmarshallingException {
Embedded embedded = (Embedded) xmlObject;
String attrName = attribute.getLocalName();
if (Embedded.VALUE_TYPE_ATTRIB_NAME.equals(attrName)) {
embedded.setValueType(attribute.getValue());
} else {
XMLHelper.unmarshallToAttributeMap(embedded.getUnknownAttributes(), attribute);
}
}
@Test
public void testEncryptedAssertionWithRetrievalMethod() throws Exception {
EncryptedAssertion encrypted = encryptAssertion(false);
srt.getAssertions().clear();
srt.getEncryptedAssertions().add(encrypted);
System.out.println(XMLHelper.nodeToString(SAMLUtil.marshallObject(encrypted)));
response.decryptAssertion(credential, false);
assertNotNull(response.getAssertion());
}
/**
* Gets the list of request paths the profile handler handles.
*
* @param config profile handler configuration element
* @return list of request paths the profile handler handles
*/
protected List<String> getRequestPaths(Element config) {
ArrayList<String> requestPaths = new ArrayList<String>();
List<Element> requestPathElems = XMLHelper.getChildElementsByTagName(config, "RequestPath");
if (requestPathElems != null) {
for (Element requestPathElem : requestPathElems) {
requestPaths.add(DatatypeHelper.safeTrimOrNullString(requestPathElem.getTextContent()));
}
}
return requestPaths;
}
/** {@inheritDoc} */
protected void marshallAttributes(XMLObject xmlObject, Element domElement)
throws MarshallingException {
SignableSimpleXMLObject simpleXMLObject = (SignableSimpleXMLObject) xmlObject;
if (simpleXMLObject.getId() != null) {
domElement.setAttributeNS(
null, SignableSimpleXMLObject.ID_ATTRIB_NAME, simpleXMLObject.getId());
domElement.setIdAttributeNS(null, SignableSimpleXMLObject.ID_ATTRIB_NAME, true);
}
XMLHelper.marshallAttributeMap(simpleXMLObject.getUnknownAttributes(), domElement);
}
/*
* Create a fully formed SAML Request.
* @return The SAML Request as XML.
*/
public String buildAuthnRequest2String()
throws org.opensaml.xml.io.MarshallingException, BindingException, IOException,
ValidationException {
// build an AuthnRequest object
final AuthnRequestImpl auth = buildAuthnRequest();
// Now we must marshall the object for the transfer over the wire.
final Marshaller marshaller = Configuration.getMarshallerFactory().getMarshaller(auth);
final Element authDOM = marshaller.marshall(auth);
// We use a StringWriter to produce our XML output. This gets us XML where
// the encoding is UTF-8. We must have UTF-8 or bad things happen.
return XMLHelper.prettyPrintXML(authDOM);
}
/** {@inheritDoc} */
protected void processAttribute(XMLObject samlObject, Attr attribute)
throws UnmarshallingException {
EntityDescriptor entityDescriptor = (EntityDescriptor) samlObject;
if (attribute.getLocalName().equals(EntityDescriptor.ENTITY_ID_ATTRIB_NAME)) {
entityDescriptor.setEntityID(attribute.getValue());
} else if (attribute.getLocalName().equals(EntityDescriptor.ID_ATTRIB_NAME)) {
entityDescriptor.setID(attribute.getValue());
attribute.getOwnerElement().setIdAttributeNode(attribute, true);
} else if (attribute.getLocalName().equals(TimeBoundSAMLObject.VALID_UNTIL_ATTRIB_NAME)
&& !DatatypeHelper.isEmpty(attribute.getValue())) {
entityDescriptor.setValidUntil(
new DateTime(attribute.getValue(), ISOChronology.getInstanceUTC()));
} else if (attribute.getLocalName().equals(CacheableSAMLObject.CACHE_DURATION_ATTRIB_NAME)) {
entityDescriptor.setCacheDuration(XMLHelper.durationToLong(attribute.getValue()));
} else {
QName attribQName = XMLHelper.getNodeQName(attribute);
if (attribute.isId()) {
entityDescriptor.getUnknownAttributes().registerID(attribQName);
}
entityDescriptor.getUnknownAttributes().put(attribQName, attribute.getValue());
}
}
/** {@inheritDoc} */
protected void processAttribute(XMLObject samlObject, Attr attribute)
throws UnmarshallingException {
Response response = (Response) samlObject;
QName attrName = XMLHelper.getNodeQName(attribute);
if (Response.SOAP11_MUST_UNDERSTAND_ATTR_NAME.equals(attrName)) {
response.setSOAP11MustUnderstand(XSBooleanValue.valueOf(attribute.getValue()));
} else if (Response.SOAP11_ACTOR_ATTR_NAME.equals(attrName)) {
response.setSOAP11Actor(attribute.getValue());
} else if (Response.REF_TO_MESSAGE_ID_ATTRIB_NAME.equals(attribute.getLocalName())) {
response.setRefToMessageID(attribute.getValue());
} else {
super.processAttribute(samlObject, attribute);
}
}
/**
* DEFLATE (RFC1951) compresses the given SAML message.
*
* @param message SAML message
* @return DEFLATE compressed message
* @throws MessageEncodingException thrown if there is a problem compressing the message
*/
protected String deflateAndBase64Encode(SAMLObject message) throws MessageEncodingException {
log.debug("Deflating and Base64 encoding SAML message");
try {
String messageStr = XMLHelper.nodeToString(marshallMessage(message));
ByteArrayOutputStream bytesOut = new ByteArrayOutputStream();
Deflater deflater = new Deflater(Deflater.DEFLATED, true);
DeflaterOutputStream deflaterStream = new DeflaterOutputStream(bytesOut, deflater);
deflaterStream.write(messageStr.getBytes());
deflaterStream.finish();
return Base64.encodeBytes(bytesOut.toByteArray(), Base64.DONT_BREAK_LINES);
} catch (IOException e) {
throw new MessageEncodingException("Unable to DEFLATE and Base64 encode SAML message", e);
}
}
/**
* Encodes the SAML 2.0 based request XML object into its corresponding Base64 notation, based on
* the type of SAML 2.0 binding.
*
* @param requestMessage the {@link RequestAbstractType} XML object to be encoded
* @param binding the SAML 2.0 binding type
* @return encoded {@link String} corresponding to the request XML object
* @throws SSOException if an error occurs while encoding SAML2 request
*/
protected static String encodeRequestMessage(RequestAbstractType requestMessage, String binding)
throws SSOException {
Marshaller marshaller = Configuration.getMarshallerFactory().getMarshaller(requestMessage);
Element authDOM;
try {
// Marshall this element, and its children, and root them in a newly created Document
authDOM = marshaller.marshall(requestMessage);
} catch (MarshallingException e) {
throw new SSOException(
"Error occurred while encoding SAML2 request, failed to marshall the SAML 2.0. "
+ "Request element XMLObject to its corresponding W3C DOM element",
e);
}
StringWriter writer = new StringWriter();
// Writes the node out to the writer using the DOM
XMLHelper.writeNode(authDOM, writer);
if (SAMLConstants.SAML2_REDIRECT_BINDING_URI.equals(binding)) {
// Compress the message, Base 64 encode and URL encode
Deflater deflater = new Deflater(Deflater.DEFLATED, true);
ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
try (DeflaterOutputStream deflaterOutputStream =
new DeflaterOutputStream(byteArrayOutputStream, deflater)) {
deflaterOutputStream.write(writer.toString().getBytes(Charset.forName("UTF-8")));
} catch (IOException e) {
throw new SSOException("Error occurred while deflate encoding SAML2 request", e);
}
String encodedRequestMessage =
Base64.encodeBytes(byteArrayOutputStream.toByteArray(), Base64.DONT_BREAK_LINES);
try {
return URLEncoder.encode(encodedRequestMessage, "UTF-8").trim();
} catch (UnsupportedEncodingException e) {
throw new SSOException("Error occurred while encoding SAML2 request", e);
}
} else if (SAMLConstants.SAML2_POST_BINDING_URI.equals(binding)) {
return Base64.encodeBytes(
writer.toString().getBytes(Charset.forName("UTF-8")), Base64.DONT_BREAK_LINES);
} else {
logger.log(
Level.FINE,
"Unsupported SAML2 HTTP Binding. Defaulting to " + SAMLConstants.SAML2_POST_BINDING_URI);
return Base64.encodeBytes(
writer.toString().getBytes(Charset.forName("UTF-8")), Base64.DONT_BREAK_LINES);
}
}
/**
* Process attribute.
*
* @param samlObject the SAML object
* @param attribute the attribute
* @throws UnmarshallingException the unmarshalling exception
*/
protected final void processAttribute(final XMLObject samlObject, final Attr attribute)
throws UnmarshallingException {
final RequestedAttribute requestedAttr = (RequestedAttribute) samlObject;
if (attribute.getLocalName().equals(RequestedAttribute.NAME_ATTRIB_NAME)) {
requestedAttr.setName(attribute.getValue());
} else if (attribute.getLocalName().equals(RequestedAttribute.NAME_FORMAT_ATTR)) {
requestedAttr.setNameFormat(attribute.getValue());
} else if (attribute.getLocalName().equals(RequestedAttribute.FRIENDLY_NAME_ATT)) {
requestedAttr.setFriendlyName(attribute.getValue());
} else if (attribute.getLocalName().equals(RequestedAttribute.IS_REQUIRED_ATTR)) {
requestedAttr.setIsRequired(attribute.getValue());
} else {
final QName attribQName = XMLHelper.getNodeQName(attribute);
if (attribute.isId()) {
requestedAttr.getUnknownAttributes().registerID(attribQName);
}
requestedAttr.getUnknownAttributes().put(attribQName, attribute.getValue());
}
}
private String encodeRequestMessage(RequestAbstractType requestMessage) throws SAMLSSOException {
Marshaller marshaller = Configuration.getMarshallerFactory().getMarshaller(requestMessage);
Element authDOM = null;
try {
authDOM = marshaller.marshall(requestMessage);
/* Compress the message */
Deflater deflater = new Deflater(Deflater.DEFLATED, true);
ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
DeflaterOutputStream deflaterOutputStream =
new DeflaterOutputStream(byteArrayOutputStream, deflater);
StringWriter rspWrt = new StringWriter();
XMLHelper.writeNode(authDOM, rspWrt);
deflaterOutputStream.write(rspWrt.toString().getBytes());
deflaterOutputStream.close();
/* Encoding the compressed message */
String encodedRequestMessage =
Base64.encodeBytes(byteArrayOutputStream.toByteArray(), Base64.DONT_BREAK_LINES);
byteArrayOutputStream.write(byteArrayOutputStream.toByteArray());
byteArrayOutputStream.toString();
// log saml
if (log.isDebugEnabled()) {
log.debug("SAML Request : " + rspWrt.toString());
}
return URLEncoder.encode(encodedRequestMessage, "UTF-8").trim();
} catch (MarshallingException e) {
throw new SAMLSSOException("Error occurred while encoding SAML request", e);
} catch (UnsupportedEncodingException e) {
throw new SAMLSSOException("Error occurred while encoding SAML request", e);
} catch (IOException e) {
throw new SAMLSSOException("Error occurred while encoding SAML request", e);
}
}
protected String encodeRequestMessage(RequestAbstractType requestMessage, String binding)
throws SSOAgentException {
Marshaller marshaller = Configuration.getMarshallerFactory().getMarshaller(requestMessage);
Element authDOM = null;
try {
authDOM = marshaller.marshall(requestMessage);
StringWriter rspWrt = new StringWriter();
XMLHelper.writeNode(authDOM, rspWrt);
if (SAMLConstants.SAML2_REDIRECT_BINDING_URI.equals(binding)) {
// Compress the message, Base 64 encode and URL encode
Deflater deflater = new Deflater(Deflater.DEFLATED, true);
ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
DeflaterOutputStream deflaterOutputStream =
new DeflaterOutputStream(byteArrayOutputStream, deflater);
deflaterOutputStream.write(rspWrt.toString().getBytes(Charset.forName("UTF-8")));
deflaterOutputStream.close();
String encodedRequestMessage =
Base64.encodeBytes(byteArrayOutputStream.toByteArray(), Base64.DONT_BREAK_LINES);
return URLEncoder.encode(encodedRequestMessage, "UTF-8").trim();
} else if (SAMLConstants.SAML2_POST_BINDING_URI.equals(binding)) {
return Base64.encodeBytes(rspWrt.toString().getBytes(), Base64.DONT_BREAK_LINES);
} else {
LOGGER.log(
Level.FINE,
"Unsupported SAML2 HTTP Binding. Defaulting to "
+ SAMLConstants.SAML2_POST_BINDING_URI);
return Base64.encodeBytes(rspWrt.toString().getBytes(), Base64.DONT_BREAK_LINES);
}
} catch (MarshallingException e) {
throw new SSOAgentException("Error occurred while encoding SAML2 request", e);
} catch (UnsupportedEncodingException e) {
throw new SSOAgentException("Error occurred while encoding SAML2 request", e);
} catch (IOException e) {
throw new SSOAgentException("Error occurred while encoding SAML2 request", e);
}
}
/**
* Marshall element content.
*
* @param samlObject the SAML object
* @param domElement the DOM element
* @throws MarshallingException the marshalling exception
*/
protected final void marshallElementContent(final XMLObject samlObject, final Element domElement)
throws MarshallingException {
final EIDSectorShare sectorShare = (EIDSectorShare) samlObject;
XMLHelper.appendTextContent(domElement, sectorShare.getEIDSectorShare());
}
/** {@inheritDoc} */
protected void marshallElementContent(XMLObject samlObject, Element domElement)
throws MarshallingException {
AuthenticatingAuthority authenticatingAuthority = (AuthenticatingAuthority) samlObject;
XMLHelper.appendTextContent(domElement, authenticatingAuthority.getURI());
}