private static RSAKeyValueType parseRSAKeyValue(XMLEventReader xmlEventReader)
throws ParsingException {
StartElement startElement = StaxParserUtil.getNextStartElement(xmlEventReader);
StaxParserUtil.validate(startElement, WSTrustConstants.XMLDSig.RSA_KEYVALUE);
XMLEvent xmlEvent = null;
String tag = null;
RSAKeyValueType rsaKeyValue = new RSAKeyValueType();
while (xmlEventReader.hasNext()) {
xmlEvent = StaxParserUtil.peek(xmlEventReader);
if (xmlEvent instanceof EndElement) {
tag = StaxParserUtil.getEndElementName((EndElement) xmlEvent);
if (tag.equals(WSTrustConstants.XMLDSig.RSA_KEYVALUE)) {
xmlEvent = StaxParserUtil.getNextEndElement(xmlEventReader);
break;
} else throw logger.parserUnknownEndElement(tag);
}
startElement = (StartElement) xmlEvent;
tag = StaxParserUtil.getStartElementName(startElement);
if (tag.equals(WSTrustConstants.XMLDSig.MODULUS)) {
startElement = StaxParserUtil.getNextStartElement(xmlEventReader);
String text = StaxParserUtil.getElementText(xmlEventReader);
rsaKeyValue.setModulus(text.getBytes());
} else if (tag.equals(WSTrustConstants.XMLDSig.EXPONENT)) {
startElement = StaxParserUtil.getNextStartElement(xmlEventReader);
String text = StaxParserUtil.getElementText(xmlEventReader);
rsaKeyValue.setExponent(text.getBytes());
} else throw logger.parserUnknownTag(tag, startElement.getLocation());
}
return rsaKeyValue;
}
/**
* Parse the {@link SAML11AttributeQueryType}
*
* @param xmlEventReader
* @return
* @throws ParsingException
*/
public static SAML11AuthenticationQueryType parseSAML11AuthenticationQuery(
XMLEventReader xmlEventReader) throws ParsingException {
SAML11AuthenticationQueryType query = new SAML11AuthenticationQueryType();
StartElement startElement;
// There may be additional things under subject confirmation
while (xmlEventReader.hasNext()) {
XMLEvent xmlEvent = StaxParserUtil.peek(xmlEventReader);
if (xmlEvent instanceof EndElement) {
EndElement endElement = StaxParserUtil.getNextEndElement(xmlEventReader);
if (StaxParserUtil.matches(endElement, SAML11Constants.AUTHENTICATION_QUERY)) break;
else throw logger.parserUnknownEndElement(StaxParserUtil.getEndElementName(endElement));
}
if (xmlEvent instanceof StartElement) {
startElement = (StartElement) xmlEvent;
String startTag = StaxParserUtil.getStartElementName(startElement);
if (startTag.equals(JBossSAMLConstants.SUBJECT.get())) {
SAML11SubjectParser parser = new SAML11SubjectParser();
query.setSubject((SAML11SubjectType) parser.parse(xmlEventReader));
} else throw logger.parserUnknownTag(startTag, startElement.getLocation());
}
}
return query;
}
/**
* Parse an {@code AttributeStatementType}
*
* @param xmlEventReader
* @return
* @throws ParsingException
*/
public static AttributeStatementType parseAttributeStatement(XMLEventReader xmlEventReader)
throws ParsingException {
AttributeStatementType attributeStatementType = new AttributeStatementType();
StartElement startElement = StaxParserUtil.getNextStartElement(xmlEventReader);
String ATTRIBSTATEMT = JBossSAMLConstants.ATTRIBUTE_STATEMENT.get();
StaxParserUtil.validate(startElement, ATTRIBSTATEMT);
while (xmlEventReader.hasNext()) {
XMLEvent xmlEvent = StaxParserUtil.peek(xmlEventReader);
if (xmlEvent instanceof EndElement) {
EndElement endElement = StaxParserUtil.getNextEndElement(xmlEventReader);
StaxParserUtil.validate(endElement, JBossSAMLConstants.ATTRIBUTE_STATEMENT.get());
break;
}
// Get the next start element
startElement = StaxParserUtil.peekNextStartElement(xmlEventReader);
String tag = startElement.getName().getLocalPart();
if (JBossSAMLConstants.ATTRIBUTE.get().equals(tag)) {
AttributeType attribute = parseAttribute(xmlEventReader);
attributeStatementType.addAttribute(new ASTChoiceType(attribute));
} else throw logger.parserUnknownTag(tag, startElement.getLocation());
}
return attributeStatementType;
}
/** @see {@link ParserNamespaceSupport#parse(XMLEventReader)} */
public Object parse(XMLEventReader xmlEventReader) throws ParsingException {
// Get the startelement
StartElement startElement = StaxParserUtil.getNextStartElement(xmlEventReader);
StaxParserUtil.validate(startElement, RESPONSE);
ResponseType response = (ResponseType) parseBaseAttributes(startElement);
while (xmlEventReader.hasNext()) {
// Let us peek at the next start element
startElement = StaxParserUtil.peekNextStartElement(xmlEventReader);
if (startElement == null) break;
String elementName = StaxParserUtil.getStartElementName(startElement);
if (JBossSAMLConstants.ISSUER.get().equals(elementName)) {
startElement = StaxParserUtil.getNextStartElement(xmlEventReader);
NameIDType issuer = new NameIDType();
issuer.setValue(StaxParserUtil.getElementText(xmlEventReader));
response.setIssuer(issuer);
} else if (JBossSAMLConstants.SIGNATURE.get().equals(elementName)) {
Element sig = StaxParserUtil.getDOMElement(xmlEventReader);
response.setSignature(sig);
} else if (JBossSAMLConstants.ASSERTION.get().equals(elementName)) {
SAMLAssertionParser assertionParser = new SAMLAssertionParser();
response.addAssertion(
new RTChoiceType((AssertionType) assertionParser.parse(xmlEventReader)));
} else if (JBossSAMLConstants.STATUS.get().equals(elementName)) {
response.setStatus(parseStatus(xmlEventReader));
} else if (JBossSAMLConstants.ENCRYPTED_ASSERTION.get().equals(elementName)) {
Element encryptedAssertion = StaxParserUtil.getDOMElement(xmlEventReader);
response.addAssertion(new RTChoiceType(new EncryptedAssertionType(encryptedAssertion)));
} else throw logger.parserUnknownTag(elementName, startElement.getLocation());
}
return response;
}
/**
* Parse {@link org.keycloak.dom.saml.v1.assertion.SAML11ConditionsType}
*
* @param xmlEventReader
* @return
* @throws ParsingException
*/
public static SAML11ConditionsType parseSAML11Conditions(XMLEventReader xmlEventReader)
throws ParsingException {
StartElement startElement;
SAML11ConditionsType conditions = new SAML11ConditionsType();
StartElement conditionsElement = StaxParserUtil.getNextStartElement(xmlEventReader);
StaxParserUtil.validate(conditionsElement, JBossSAMLConstants.CONDITIONS.get());
String assertionNS = SAML11Constants.ASSERTION_11_NSURI;
QName notBeforeQName = new QName("", JBossSAMLConstants.NOT_BEFORE.get());
QName notBeforeQNameWithNS = new QName(assertionNS, JBossSAMLConstants.NOT_BEFORE.get());
QName notAfterQName = new QName("", JBossSAMLConstants.NOT_ON_OR_AFTER.get());
QName notAfterQNameWithNS = new QName(assertionNS, JBossSAMLConstants.NOT_ON_OR_AFTER.get());
Attribute notBeforeAttribute = conditionsElement.getAttributeByName(notBeforeQName);
if (notBeforeAttribute == null)
notBeforeAttribute = conditionsElement.getAttributeByName(notBeforeQNameWithNS);
Attribute notAfterAttribute = conditionsElement.getAttributeByName(notAfterQName);
if (notAfterAttribute == null)
notAfterAttribute = conditionsElement.getAttributeByName(notAfterQNameWithNS);
if (notBeforeAttribute != null) {
String notBeforeValue = StaxParserUtil.getAttributeValue(notBeforeAttribute);
conditions.setNotBefore(XMLTimeUtil.parse(notBeforeValue));
}
if (notAfterAttribute != null) {
String notAfterValue = StaxParserUtil.getAttributeValue(notAfterAttribute);
conditions.setNotOnOrAfter(XMLTimeUtil.parse(notAfterValue));
}
while (xmlEventReader.hasNext()) {
XMLEvent xmlEvent = StaxParserUtil.peek(xmlEventReader);
if (xmlEvent instanceof EndElement) {
EndElement end = StaxParserUtil.getNextEndElement(xmlEventReader);
if (StaxParserUtil.matches(end, JBossSAMLConstants.CONDITIONS.get())) break;
}
startElement = StaxParserUtil.peekNextStartElement(xmlEventReader);
if (startElement == null) break;
String tag = StaxParserUtil.getStartElementName(startElement);
if (SAML11Constants.AUDIENCE_RESTRICTION_CONDITION.equals(tag)) {
startElement = StaxParserUtil.getNextStartElement(xmlEventReader);
SAML11AudienceRestrictionCondition restrictCond = new SAML11AudienceRestrictionCondition();
startElement = StaxParserUtil.getNextStartElement(xmlEventReader);
if (StaxParserUtil.getStartElementName(startElement)
.equals(JBossSAMLConstants.AUDIENCE.get())) {
restrictCond.add(URI.create(StaxParserUtil.getElementText(xmlEventReader)));
}
EndElement theEndElement = StaxParserUtil.getNextEndElement(xmlEventReader);
StaxParserUtil.validate(theEndElement, SAML11Constants.AUDIENCE_RESTRICTION_CONDITION);
conditions.add(restrictCond);
} else throw logger.parserUnknownTag(tag, startElement.getLocation());
}
return conditions;
}
public static KeyInfoType parseKeyInfo(XMLEventReader xmlEventReader) throws ParsingException {
KeyInfoType keyInfo = new KeyInfoType();
StartElement startElement = StaxParserUtil.getNextStartElement(xmlEventReader);
StaxParserUtil.validate(startElement, WSTrustConstants.XMLDSig.KEYINFO);
XMLEvent xmlEvent = null;
String tag = null;
while (xmlEventReader.hasNext()) {
xmlEvent = StaxParserUtil.peek(xmlEventReader);
if (xmlEvent instanceof EndElement) {
tag = StaxParserUtil.getEndElementName((EndElement) xmlEvent);
if (tag.equals(WSTrustConstants.XMLDSig.KEYINFO)) {
xmlEvent = StaxParserUtil.getNextEndElement(xmlEventReader);
break;
} else throw logger.parserUnknownEndElement(tag);
}
startElement = (StartElement) xmlEvent;
tag = StaxParserUtil.getStartElementName(startElement);
if (tag.equals(WSTrustConstants.XMLEnc.ENCRYPTED_KEY)) {
keyInfo.addContent(StaxParserUtil.getDOMElement(xmlEventReader));
} else if (tag.equals(WSTrustConstants.XMLDSig.X509DATA)) {
startElement = StaxParserUtil.getNextStartElement(xmlEventReader);
X509DataType x509 = new X509DataType();
// Let us go for the X509 certificate
startElement = StaxParserUtil.getNextStartElement(xmlEventReader);
StaxParserUtil.validate(startElement, WSTrustConstants.XMLDSig.X509CERT);
X509CertificateType cert = new X509CertificateType();
String certValue = StaxParserUtil.getElementText(xmlEventReader);
cert.setEncodedCertificate(certValue.getBytes());
x509.add(cert);
EndElement endElement = StaxParserUtil.getNextEndElement(xmlEventReader);
StaxParserUtil.validate(endElement, WSTrustConstants.XMLDSig.X509DATA);
keyInfo.addContent(x509);
} else if (tag.equals(WSTrustConstants.XMLDSig.KEYVALUE)) {
startElement = StaxParserUtil.getNextStartElement(xmlEventReader);
KeyValueType keyValue = null;
startElement = StaxParserUtil.peekNextStartElement(xmlEventReader);
tag = StaxParserUtil.getStartElementName(startElement);
if (tag.equals(WSTrustConstants.XMLDSig.RSA_KEYVALUE)) {
keyValue = parseRSAKeyValue(xmlEventReader);
} else if (tag.equals(WSTrustConstants.XMLDSig.DSA_KEYVALUE)) {
keyValue = parseDSAKeyValue(xmlEventReader);
} else throw logger.parserUnknownTag(tag, startElement.getLocation());
EndElement endElement = StaxParserUtil.getNextEndElement(xmlEventReader);
StaxParserUtil.validate(endElement, WSTrustConstants.XMLDSig.KEYVALUE);
keyInfo.addContent(keyValue);
}
}
return keyInfo;
}
/**
* Parse the {@link SubjectConfirmationDataType}
*
* @param xmlEventReader
* @return
* @throws ParsingException
*/
public static SubjectConfirmationDataType parseSubjectConfirmationData(
XMLEventReader xmlEventReader) throws ParsingException {
StartElement startElement = StaxParserUtil.getNextStartElement(xmlEventReader);
StaxParserUtil.validate(startElement, JBossSAMLConstants.SUBJECT_CONFIRMATION_DATA.get());
SubjectConfirmationDataType subjectConfirmationData = new SubjectConfirmationDataType();
Attribute inResponseTo =
startElement.getAttributeByName(new QName(JBossSAMLConstants.IN_RESPONSE_TO.get()));
if (inResponseTo != null) {
subjectConfirmationData.setInResponseTo(StaxParserUtil.getAttributeValue(inResponseTo));
}
Attribute notBefore =
startElement.getAttributeByName(new QName(JBossSAMLConstants.NOT_BEFORE.get()));
if (notBefore != null) {
subjectConfirmationData.setNotBefore(
XMLTimeUtil.parse(StaxParserUtil.getAttributeValue(notBefore)));
}
Attribute notOnOrAfter =
startElement.getAttributeByName(new QName(JBossSAMLConstants.NOT_ON_OR_AFTER.get()));
if (notOnOrAfter != null) {
subjectConfirmationData.setNotOnOrAfter(
XMLTimeUtil.parse(StaxParserUtil.getAttributeValue(notOnOrAfter)));
}
Attribute recipient =
startElement.getAttributeByName(new QName(JBossSAMLConstants.RECIPIENT.get()));
if (recipient != null) {
subjectConfirmationData.setRecipient(StaxParserUtil.getAttributeValue(recipient));
}
Attribute address =
startElement.getAttributeByName(new QName(JBossSAMLConstants.ADDRESS.get()));
if (address != null) {
subjectConfirmationData.setAddress(StaxParserUtil.getAttributeValue(address));
}
XMLEvent xmlEvent = StaxParserUtil.peek(xmlEventReader);
if (!(xmlEvent instanceof EndElement)) {
startElement = StaxParserUtil.peekNextStartElement(xmlEventReader);
String tag = StaxParserUtil.getStartElementName(startElement);
if (tag.equals(WSTrustConstants.XMLDSig.KEYINFO)) {
KeyInfoType keyInfo = parseKeyInfo(xmlEventReader);
subjectConfirmationData.setAnyType(keyInfo);
} else if (tag.equals(WSTrustConstants.XMLEnc.ENCRYPTED_KEY)) {
subjectConfirmationData.setAnyType(StaxParserUtil.getDOMElement(xmlEventReader));
} else throw logger.parserUnknownTag(tag, startElement.getLocation());
}
// Get the end tag
EndElement endElement = (EndElement) StaxParserUtil.getNextEvent(xmlEventReader);
StaxParserUtil.matches(endElement, JBossSAMLConstants.SUBJECT_CONFIRMATION_DATA.get());
return subjectConfirmationData;
}
// TODO(corysmith): Move these to a wrapper class for XMLEventReader.
private static String parseReferenceFromElementAttribute(StartElement element, QName name)
throws XMLStreamException {
String value = getElementAttributeByName(element, name);
if (value.startsWith("?") || value.startsWith("@")) {
return value.substring(1);
}
throw new XMLStreamException(
String.format("Invalid resource reference from %s in %s", name, element),
element.getLocation());
}
/**
* Parses the {@code ServiceProviders} section of the STS configuration file.
*
* @param xmlEventReader the reader used to parse the XML configuration file.
* @return a {@code ServiceProvidersType} instance that contains the parsed data.
* @throws ParsingException if an error occurs while parsing the XML file.
*/
private ServiceProvidersType parseServiceProviders(XMLEventReader xmlEventReader)
throws ParsingException {
StartElement startElement = StaxParserUtil.getNextStartElement(xmlEventReader);
StaxParserUtil.validate(startElement, SERVICE_PROVIDERS_ELEMENT);
ServiceProvidersType serviceProviders = new ServiceProvidersType();
// parse all token providers one by one.
while (xmlEventReader.hasNext()) {
XMLEvent xmlEvent = StaxParserUtil.peek(xmlEventReader);
if (xmlEvent == null) break;
if (xmlEvent instanceof EndElement) {
EndElement endElement = (EndElement) StaxParserUtil.getNextEvent(xmlEventReader);
String endElementName = StaxParserUtil.getEndElementName(endElement);
if (endElementName.equals(SERVICE_PROVIDERS_ELEMENT)) break;
else throw logger.parserUnknownEndElement(endElementName);
}
StartElement subEvent = StaxParserUtil.peekNextStartElement(xmlEventReader);
if (subEvent == null) break;
String elementName = StaxParserUtil.getStartElementName(subEvent);
if (SERVICE_PROVIDER_ELEMENT.equalsIgnoreCase(elementName)) {
subEvent = StaxParserUtil.getNextStartElement(xmlEventReader);
StaxParserUtil.validate(subEvent, SERVICE_PROVIDER_ELEMENT);
ServiceProviderType serviceProvider = new ServiceProviderType();
// parse the provider attributes (endpoint, token type and truststore alias).
QName attributeQName = new QName("", TOKEN_TYPE_ATTRIB);
Attribute attribute = subEvent.getAttributeByName(attributeQName);
if (attribute != null)
serviceProvider.setTokenType(StaxParserUtil.getAttributeValue(attribute));
attributeQName = new QName("", ENDPOINT_ATTRIB);
attribute = subEvent.getAttributeByName(attributeQName);
if (attribute != null)
serviceProvider.setEndpoint(StaxParserUtil.getAttributeValue(attribute));
attributeQName = new QName("", TRUSTSTORE_ALIAS_ATTRIB);
attribute = subEvent.getAttributeByName(attributeQName);
if (attribute != null)
serviceProvider.setTruststoreAlias(StaxParserUtil.getAttributeValue(attribute));
EndElement endElement = StaxParserUtil.getNextEndElement(xmlEventReader);
StaxParserUtil.validate(endElement, SERVICE_PROVIDER_ELEMENT);
serviceProviders.add(serviceProvider);
} else throw logger.parserUnknownTag(elementName, subEvent.getLocation());
}
return serviceProviders;
}
/**
* Parse an {@code AttributeType}
*
* @param xmlEventReader
* @throws ParsingException
*/
public static void parseAttributeType(
XMLEventReader xmlEventReader,
StartElement startElement,
String rootTag,
AttributeType attributeType)
throws ParsingException {
// Look for X500 Encoding
QName x500EncodingName =
new QName(
JBossSAMLURIConstants.X500_NSURI.get(),
JBossSAMLConstants.ENCODING.get(),
JBossSAMLURIConstants.X500_PREFIX.get());
Attribute x500EncodingAttr = startElement.getAttributeByName(x500EncodingName);
if (x500EncodingAttr != null) {
attributeType
.getOtherAttributes()
.put(x500EncodingAttr.getName(), StaxParserUtil.getAttributeValue(x500EncodingAttr));
}
Attribute friendlyName =
startElement.getAttributeByName(new QName(JBossSAMLConstants.FRIENDLY_NAME.get()));
if (friendlyName != null)
attributeType.setFriendlyName(StaxParserUtil.getAttributeValue(friendlyName));
Attribute nameFormat =
startElement.getAttributeByName(new QName(JBossSAMLConstants.NAME_FORMAT.get()));
if (nameFormat != null)
attributeType.setNameFormat(StaxParserUtil.getAttributeValue(nameFormat));
while (xmlEventReader.hasNext()) {
XMLEvent xmlEvent = StaxParserUtil.peek(xmlEventReader);
if (xmlEvent instanceof EndElement) {
EndElement end = StaxParserUtil.getNextEndElement(xmlEventReader);
if (StaxParserUtil.matches(end, rootTag)) break;
}
startElement = StaxParserUtil.peekNextStartElement(xmlEventReader);
if (startElement == null) break;
String tag = StaxParserUtil.getStartElementName(startElement);
if (JBossSAMLConstants.ATTRIBUTE.get().equals(tag)) break;
if (JBossSAMLConstants.ATTRIBUTE_VALUE.get().equals(tag)) {
Object attributeValue = parseAttributeValue(xmlEventReader);
attributeType.addAttributeValue(attributeValue);
} else throw logger.parserUnknownTag(tag, startElement.getLocation());
}
}
public static SAML11AuthorizationDecisionStatementType parseSAML11AuthorizationDecisionStatement(
XMLEventReader xmlEventReader) throws ParsingException {
SAML11AuthorizationDecisionStatementType authzDecision = null;
StartElement startElement = StaxParserUtil.getNextStartElement(xmlEventReader);
StaxParserUtil.validate(startElement, SAML11Constants.AUTHORIZATION_DECISION_STATEMENT);
Attribute decision = startElement.getAttributeByName(new QName(SAML11Constants.DECISION));
if (decision == null) throw logger.parserRequiredAttribute("Decision");
String decisionValue = StaxParserUtil.getAttributeValue(decision);
Attribute resource = startElement.getAttributeByName(new QName(SAML11Constants.RESOURCE));
if (resource == null) throw logger.parserRequiredAttribute("Namespace");
String resValue = StaxParserUtil.getAttributeValue(resource);
authzDecision =
new SAML11AuthorizationDecisionStatementType(
URI.create(resValue), SAML11DecisionType.valueOf(decisionValue));
while (xmlEventReader.hasNext()) {
XMLEvent xmlEvent = StaxParserUtil.peek(xmlEventReader);
if (xmlEvent instanceof EndElement) {
EndElement end = StaxParserUtil.getNextEndElement(xmlEventReader);
if (StaxParserUtil.matches(end, SAML11Constants.AUTHORIZATION_DECISION_STATEMENT)) break;
}
startElement = StaxParserUtil.peekNextStartElement(xmlEventReader);
if (startElement == null) break;
String tag = StaxParserUtil.getStartElementName(startElement);
if (SAML11Constants.ACTION.equals(tag)) {
startElement = StaxParserUtil.getNextStartElement(xmlEventReader);
SAML11ActionType samlAction = new SAML11ActionType();
Attribute namespaceAttr =
startElement.getAttributeByName(new QName(SAML11Constants.NAMESPACE));
if (namespaceAttr != null) {
samlAction.setNamespace(StaxParserUtil.getAttributeValue(namespaceAttr));
}
samlAction.setValue(StaxParserUtil.getElementText(xmlEventReader));
authzDecision.addAction(samlAction);
} else if (JBossSAMLConstants.SUBJECT.get().equals(tag)) {
SAML11SubjectParser parser = new SAML11SubjectParser();
authzDecision.setSubject((SAML11SubjectType) parser.parse(xmlEventReader));
} else throw logger.parserUnknownTag(tag, startElement.getLocation());
}
return authzDecision;
}
/**
* Parse the {@link SAML11AuthorizationDecisionQueryType}
*
* @param xmlEventReader
* @return
* @throws ParsingException
*/
public static SAML11AuthorizationDecisionQueryType parseSAML11AuthorizationDecisionQueryType(
XMLEventReader xmlEventReader) throws ParsingException {
SAML11AuthorizationDecisionQueryType query = new SAML11AuthorizationDecisionQueryType();
StartElement startElement;
// There may be additional things under subject confirmation
while (xmlEventReader.hasNext()) {
XMLEvent xmlEvent = StaxParserUtil.peek(xmlEventReader);
if (xmlEvent instanceof EndElement) {
EndElement endElement = StaxParserUtil.getNextEndElement(xmlEventReader);
if (StaxParserUtil.matches(endElement, SAML11Constants.AUTHORIZATION_DECISION_QUERY)) break;
else throw logger.parserUnknownEndElement(StaxParserUtil.getEndElementName(endElement));
}
if (xmlEvent instanceof StartElement) {
startElement = (StartElement) xmlEvent;
String startTag = StaxParserUtil.getStartElementName(startElement);
if (startTag.equals(JBossSAMLConstants.SUBJECT.get())) {
SAML11SubjectParser parser = new SAML11SubjectParser();
query.setSubject((SAML11SubjectType) parser.parse(xmlEventReader));
} else if (startTag.equals(SAML11Constants.RESOURCE)) {
startElement = StaxParserUtil.getNextStartElement(xmlEventReader);
query.setResource(URI.create(StaxParserUtil.getElementText(xmlEventReader)));
} else if (startTag.equals(SAML11Constants.ACTION)) {
startElement = StaxParserUtil.getNextStartElement(xmlEventReader);
SAML11ActionType action = new SAML11ActionType();
Attribute nsAttr = startElement.getAttributeByName(new QName(SAML11Constants.NAMESPACE));
if (nsAttr != null) {
action.setNamespace(StaxParserUtil.getAttributeValue(nsAttr));
}
action.setValue(StaxParserUtil.getElementText(xmlEventReader));
query.add(action);
} else throw logger.parserUnknownTag(startTag, startElement.getLocation());
}
}
return query;
}
/**
* Parse the {@link org.keycloak.dom.saml.v1.assertion.SAML11SubjectConfirmationType}
*
* @param xmlEventReader
* @return
* @throws ParsingException
*/
public static SAML11SubjectConfirmationType parseSAML11SubjectConfirmation(
XMLEventReader xmlEventReader) throws ParsingException {
SAML11SubjectConfirmationType subjectConfirmationType = new SAML11SubjectConfirmationType();
StartElement startElement = StaxParserUtil.getNextStartElement(xmlEventReader);
// There may be additional things under subject confirmation
while (xmlEventReader.hasNext()) {
XMLEvent xmlEvent = StaxParserUtil.peek(xmlEventReader);
if (xmlEvent instanceof EndElement) {
EndElement endElement = StaxParserUtil.getNextEndElement(xmlEventReader);
StaxParserUtil.validate(endElement, JBossSAMLConstants.SUBJECT_CONFIRMATION.get());
break;
}
if (xmlEvent instanceof StartElement) {
startElement = (StartElement) xmlEvent;
String startTag = StaxParserUtil.getStartElementName(startElement);
if (startTag.equals(SAML11Constants.CONFIRMATION_METHOD)) {
startElement = StaxParserUtil.getNextStartElement(xmlEventReader);
String method = StaxParserUtil.getElementText(xmlEventReader);
subjectConfirmationType.addConfirmationMethod(URI.create(method));
} else if (startTag.equals(JBossSAMLConstants.SUBJECT_CONFIRMATION_DATA.get())) {
startElement = StaxParserUtil.getNextStartElement(xmlEventReader);
SubjectConfirmationDataType subjectConfirmationData =
parseSubjectConfirmationData(xmlEventReader);
subjectConfirmationType.setSubjectConfirmationData(subjectConfirmationData);
} else if (startTag.equals(JBossSAMLConstants.KEY_INFO.get())) {
Element keyInfo = StaxParserUtil.getDOMElement(xmlEventReader);
subjectConfirmationType.setKeyInfo(keyInfo);
} else throw logger.parserUnknownTag(startTag, startElement.getLocation());
}
}
return subjectConfirmationType;
}
/**
* Parse an {@code SAML11AttributeType}
*
* @param xmlEventReader
* @throws ParsingException
*/
public static void parseAttributeType(
XMLEventReader xmlEventReader,
StartElement startElement,
String rootTag,
SAML11AttributeType attributeType)
throws ParsingException {
while (xmlEventReader.hasNext()) {
XMLEvent xmlEvent = StaxParserUtil.peek(xmlEventReader);
if (xmlEvent instanceof EndElement) {
EndElement end = StaxParserUtil.getNextEndElement(xmlEventReader);
if (StaxParserUtil.matches(end, rootTag)) break;
}
startElement = StaxParserUtil.peekNextStartElement(xmlEventReader);
if (startElement == null) break;
String tag = StaxParserUtil.getStartElementName(startElement);
if (JBossSAMLConstants.ATTRIBUTE.get().equals(tag)) break;
if (JBossSAMLConstants.ATTRIBUTE_VALUE.get().equals(tag)) {
Object attributeValue = parseAttributeValue(xmlEventReader);
attributeType.add(attributeValue);
} else throw logger.parserUnknownTag(tag, startElement.getLocation());
}
}
public void parse(XMLEventReader input) throws XMLStreamException, XNIException {
XMLEvent currentEvent = input.peek();
if (currentEvent != null) {
int eventType = currentEvent.getEventType();
if (eventType != XMLStreamConstants.START_DOCUMENT
&& eventType != XMLStreamConstants.START_ELEMENT) {
throw new XMLStreamException();
}
fLocationWrapper.setLocation(currentEvent.getLocation());
fSchemaDOMParser.startDocument(fLocationWrapper, null, fNamespaceContext, null);
loop:
while (input.hasNext()) {
currentEvent = input.nextEvent();
eventType = currentEvent.getEventType();
switch (eventType) {
case XMLStreamConstants.START_ELEMENT:
++fDepth;
StartElement start = currentEvent.asStartElement();
fillQName(fElementQName, start.getName());
fLocationWrapper.setLocation(start.getLocation());
fNamespaceContext.setNamespaceContext(start.getNamespaceContext());
fillXMLAttributes(start);
fillDeclaredPrefixes(start);
addNamespaceDeclarations();
fNamespaceContext.pushContext();
fSchemaDOMParser.startElement(fElementQName, fAttributes, null);
break;
case XMLStreamConstants.END_ELEMENT:
EndElement end = currentEvent.asEndElement();
fillQName(fElementQName, end.getName());
fillDeclaredPrefixes(end);
fLocationWrapper.setLocation(end.getLocation());
fSchemaDOMParser.endElement(fElementQName, null);
fNamespaceContext.popContext();
--fDepth;
if (fDepth <= 0) {
break loop;
}
break;
case XMLStreamConstants.CHARACTERS:
sendCharactersToSchemaParser(currentEvent.asCharacters().getData(), false);
break;
case XMLStreamConstants.SPACE:
sendCharactersToSchemaParser(currentEvent.asCharacters().getData(), true);
break;
case XMLStreamConstants.CDATA:
fSchemaDOMParser.startCDATA(null);
sendCharactersToSchemaParser(currentEvent.asCharacters().getData(), false);
fSchemaDOMParser.endCDATA(null);
break;
case XMLStreamConstants.PROCESSING_INSTRUCTION:
ProcessingInstruction pi = (ProcessingInstruction) currentEvent;
fillProcessingInstruction(pi.getData());
fSchemaDOMParser.processingInstruction(pi.getTarget(), fTempString, null);
break;
case XMLStreamConstants.DTD:
/* There shouldn't be a DTD in the schema */
break;
case XMLStreamConstants.ENTITY_REFERENCE:
/* Not needed for schemas */
break;
case XMLStreamConstants.COMMENT:
/* No point in sending comments */
break;
case XMLStreamConstants.START_DOCUMENT:
fDepth++;
/* We automatically call startDocument before the loop */
break;
case XMLStreamConstants.END_DOCUMENT:
/* We automatically call endDocument after the loop */
break;
}
}
fLocationWrapper.setLocation(null);
fNamespaceContext.setNamespaceContext(null);
fSchemaDOMParser.endDocument(null);
}
}
/** @param tag the current tag (the one that needs a child) */
public MissingChildException(final StartElement tag) {
super(
"Tag " + tag.getName().getLocalPart() + " missing a child",
NullCleaner.assertNotNull(tag.getLocation()));
context = NullCleaner.assertNotNull(tag.getName());
}
/**
* Parse the AuthnContext Type inside the AuthnStatement
*
* @param xmlEventReader
* @return
* @throws ParsingException
*/
public static AuthnContextType parseAuthnContextType(XMLEventReader xmlEventReader)
throws ParsingException {
AuthnContextType authnContextType = new AuthnContextType();
StartElement startElement = StaxParserUtil.getNextStartElement(xmlEventReader);
StaxParserUtil.validate(startElement, JBossSAMLConstants.AUTHN_CONTEXT.get());
while (xmlEventReader.hasNext()) {
XMLEvent xmlEvent = StaxParserUtil.peek(xmlEventReader);
if (xmlEvent == null) break;
if (xmlEvent instanceof EndElement) {
xmlEvent = StaxParserUtil.getNextEvent(xmlEventReader);
EndElement endElement = (EndElement) xmlEvent;
String endElementTag = StaxParserUtil.getEndElementName(endElement);
if (endElementTag.equals(JBossSAMLConstants.AUTHN_CONTEXT.get())) break;
else throw logger.parserUnknownEndElement(endElementTag);
}
startElement = null;
if (xmlEvent instanceof StartElement) {
startElement = (StartElement) xmlEvent;
} else {
startElement = StaxParserUtil.peekNextStartElement(xmlEventReader);
}
if (startElement == null) break;
String tag = StaxParserUtil.getStartElementName(startElement);
if (JBossSAMLConstants.AUTHN_CONTEXT_DECLARATION.get().equals(tag)) {
startElement = StaxParserUtil.getNextStartElement(xmlEventReader);
Element dom = StaxParserUtil.getDOMElement(xmlEventReader);
AuthnContextDeclType authnContextDecl = new AuthnContextDeclType(dom);
AuthnContextType.AuthnContextTypeSequence authnContextSequence =
authnContextType.new AuthnContextTypeSequence();
authnContextSequence.setAuthnContextDecl(authnContextDecl);
authnContextType.setSequence(authnContextSequence);
EndElement endElement = StaxParserUtil.getNextEndElement(xmlEventReader);
StaxParserUtil.validate(endElement, JBossSAMLConstants.AUTHN_CONTEXT_DECLARATION.get());
} else if (JBossSAMLConstants.AUTHN_CONTEXT_DECLARATION_REF.get().equals(tag)) {
startElement = StaxParserUtil.getNextStartElement(xmlEventReader);
String text = StaxParserUtil.getElementText(xmlEventReader);
AuthnContextDeclRefType aAuthnContextDeclType =
new AuthnContextDeclRefType(URI.create(text));
authnContextType.addURIType(aAuthnContextDeclType);
} else if (JBossSAMLConstants.AUTHN_CONTEXT_CLASS_REF.get().equals(tag)) {
startElement = StaxParserUtil.getNextStartElement(xmlEventReader);
String text = StaxParserUtil.getElementText(xmlEventReader);
AuthnContextClassRefType aAuthnContextClassRefType =
new AuthnContextClassRefType(URI.create(text));
AuthnContextType.AuthnContextTypeSequence authnContextSequence =
authnContextType.new AuthnContextTypeSequence();
authnContextSequence.setClassRef(aAuthnContextClassRefType);
authnContextType.setSequence(authnContextSequence);
} else if (JBossSAMLConstants.AUTHENTICATING_AUTHORITY.get().equals(tag)) {
startElement = StaxParserUtil.getNextStartElement(xmlEventReader);
String text = StaxParserUtil.getElementText(xmlEventReader);
authnContextType.addAuthenticatingAuthority(URI.create(text));
} else throw logger.parserUnknownTag(tag, startElement.getLocation());
}
return authnContextType;
}
/**
* Parse the AuthnStatement inside the assertion
*
* @param xmlEventReader
* @return
* @throws ParsingException
*/
public static AuthnStatementType parseAuthnStatement(XMLEventReader xmlEventReader)
throws ParsingException {
StartElement startElement = StaxParserUtil.getNextStartElement(xmlEventReader);
String AUTHNSTATEMENT = JBossSAMLConstants.AUTHN_STATEMENT.get();
StaxParserUtil.validate(startElement, AUTHNSTATEMENT);
Attribute authnInstant = startElement.getAttributeByName(new QName("AuthnInstant"));
if (authnInstant == null) throw logger.parserRequiredAttribute("AuthnInstant");
XMLGregorianCalendar issueInstant =
XMLTimeUtil.parse(StaxParserUtil.getAttributeValue(authnInstant));
AuthnStatementType authnStatementType = new AuthnStatementType(issueInstant);
Attribute sessionIndex = startElement.getAttributeByName(new QName("SessionIndex"));
if (sessionIndex != null)
authnStatementType.setSessionIndex(StaxParserUtil.getAttributeValue(sessionIndex));
while (xmlEventReader.hasNext()) {
XMLEvent xmlEvent = StaxParserUtil.peek(xmlEventReader);
if (xmlEvent == null) break;
if (xmlEvent instanceof EndElement) {
xmlEvent = StaxParserUtil.getNextEvent(xmlEventReader);
EndElement endElement = (EndElement) xmlEvent;
String endElementTag = StaxParserUtil.getEndElementName(endElement);
if (endElementTag.equals(AUTHNSTATEMENT)) break;
else throw logger.parserUnknownEndElement(endElementTag);
}
startElement = null;
if (xmlEvent instanceof StartElement) {
startElement = (StartElement) xmlEvent;
} else {
startElement = StaxParserUtil.peekNextStartElement(xmlEventReader);
}
if (startElement == null) break;
String tag = StaxParserUtil.getStartElementName(startElement);
if (JBossSAMLConstants.SUBJECT_LOCALITY.get().equals(tag)) {
startElement = StaxParserUtil.getNextStartElement(xmlEventReader);
SubjectLocalityType subjectLocalityType = new SubjectLocalityType();
Attribute address =
startElement.getAttributeByName(new QName(JBossSAMLConstants.ADDRESS.get()));
if (address != null) {
subjectLocalityType.setAddress(StaxParserUtil.getAttributeValue(address));
}
Attribute dns =
startElement.getAttributeByName(new QName(JBossSAMLConstants.DNS_NAME.get()));
if (dns != null) {
subjectLocalityType.setDNSName(StaxParserUtil.getAttributeValue(dns));
}
authnStatementType.setSubjectLocality(subjectLocalityType);
StaxParserUtil.validate(
StaxParserUtil.getNextEndElement(xmlEventReader),
JBossSAMLConstants.SUBJECT_LOCALITY.get());
} else if (JBossSAMLConstants.AUTHN_CONTEXT.get().equals(tag)) {
authnStatementType.setAuthnContext(parseAuthnContextType(xmlEventReader));
} else throw logger.parserUnknownTag(tag, startElement.getLocation());
}
return authnStatementType;
}
/*
* (non-Javadoc)
*
* @see org.picketlink.identity.federation.core.parsers.ParserNamespaceSupport#parse(javax.xml.stream.XMLEventReader)
*/
public Object parse(XMLEventReader xmlEventReader) throws ParsingException {
StartElement startElement = StaxParserUtil.getNextStartElement(xmlEventReader);
StaxParserUtil.validate(startElement, ROOT_ELEMENT);
STSType configType = new STSType();
// parse and set the root element attributes.
QName attributeQName = new QName("", STS_NAME_ATTRIB);
Attribute attribute = startElement.getAttributeByName(attributeQName);
if (attribute != null) configType.setSTSName(StaxParserUtil.getAttributeValue(attribute));
attributeQName = new QName("", TOKEN_TIMEOUT_ATTRIB);
attribute = startElement.getAttributeByName(attributeQName);
if (attribute != null)
configType.setTokenTimeout(Integer.valueOf(StaxParserUtil.getAttributeValue(attribute)));
attributeQName = new QName("", CLOCK_SKEW_ATTRIB);
attribute = startElement.getAttributeByName(attributeQName);
if (attribute != null)
configType.setClockSkew(Integer.valueOf(StaxParserUtil.getAttributeValue(attribute)));
attributeQName = new QName("", SIGN_TOKEN_ATTRIB);
attribute = startElement.getAttributeByName(attributeQName);
if (attribute != null)
configType.setSignToken(Boolean.valueOf(StaxParserUtil.getAttributeValue(attribute)));
attributeQName = new QName("", ENCRYPT_TOKEN_ATTRIB);
attribute = startElement.getAttributeByName(attributeQName);
if (attribute != null)
configType.setEncryptToken(Boolean.valueOf(StaxParserUtil.getAttributeValue(attribute)));
attributeQName = new QName("", CANON_METHOD_ATTRIB);
attribute = startElement.getAttributeByName(attributeQName);
if (attribute != null)
configType.setCanonicalizationMethod(StaxParserUtil.getAttributeValue(attribute));
// parse the inner elements.
while (xmlEventReader.hasNext()) {
XMLEvent xmlEvent = StaxParserUtil.peek(xmlEventReader);
if (xmlEvent == null) break;
if (xmlEvent instanceof EndElement) {
EndElement endElement = (EndElement) StaxParserUtil.getNextEvent(xmlEventReader);
String endElementName = StaxParserUtil.getEndElementName(endElement);
if (endElementName.equals(ROOT_ELEMENT)) break;
else throw logger.parserUnknownEndElement(endElementName);
}
StartElement subEvent = StaxParserUtil.peekNextStartElement(xmlEventReader);
if (subEvent == null) break;
String elementName = StaxParserUtil.getStartElementName(subEvent);
if (KEY_PROVIDER_ELEMENT.equalsIgnoreCase(elementName)) {
configType.setKeyProvider(this.parseKeyProvider(xmlEventReader));
} else if (REQUEST_HANDLER_ELEMENT.equalsIgnoreCase(elementName)) {
subEvent = StaxParserUtil.getNextStartElement(xmlEventReader);
if (!StaxParserUtil.hasTextAhead(xmlEventReader))
throw new ParsingException(ErrorCodes.EXPECTED_TEXT_VALUE + "RequestHandler");
configType.setRequestHandler(StaxParserUtil.getElementText(xmlEventReader));
} else if (CLAIMS_PROCESSORS_ELEMENT.equalsIgnoreCase(elementName)) {
configType.setClaimsProcessors(this.parseClaimsProcessors(xmlEventReader));
} else if (TOKEN_PROVIDERS_ELEMENT.equalsIgnoreCase(elementName)) {
configType.setTokenProviders(this.parseTokenProviders(xmlEventReader));
} else if (SERVICE_PROVIDERS_ELEMENT.equalsIgnoreCase(elementName)) {
configType.setServiceProviders(this.parseServiceProviders(xmlEventReader));
} else throw logger.parserUnknownTag(elementName, subEvent.getLocation());
}
return configType;
}
/**
* Parses the {@code KeyProvider} section of the STS configuration file. This section is used to
* setup the keystore \ that will be used to sign and encrypt security tokens.
*
* @param xmlEventReader the reader used to parse the XML configuration file.
* @return a {@code KeyProviderType} instance that contains the parsed data.
* @throws ParsingException if an error occurs while parsing the XML file.
*/
private KeyProviderType parseKeyProvider(XMLEventReader xmlEventReader) throws ParsingException {
StartElement startElement = StaxParserUtil.getNextStartElement(xmlEventReader);
StaxParserUtil.validate(startElement, KEY_PROVIDER_ELEMENT);
KeyProviderType keyProvider = new KeyProviderType();
// get the key provider class name attribute.
QName attributeQName = new QName("", CLASS_NAME_ATTRIB);
Attribute attribute = startElement.getAttributeByName(attributeQName);
if (attribute == null) throw logger.parserRequiredAttribute("ClassName");
keyProvider.setClassName(StaxParserUtil.getAttributeValue(attribute));
// parse the inner elements.
while (xmlEventReader.hasNext()) {
XMLEvent xmlEvent = StaxParserUtil.peek(xmlEventReader);
if (xmlEvent == null) break;
if (xmlEvent instanceof EndElement) {
EndElement endElement = (EndElement) StaxParserUtil.getNextEvent(xmlEventReader);
String endElementName = StaxParserUtil.getEndElementName(endElement);
if (endElementName.equals(KEY_PROVIDER_ELEMENT)) break;
else throw logger.parserUnknownEndElement(endElementName);
}
StartElement subEvent = StaxParserUtil.peekNextStartElement(xmlEventReader);
if (subEvent == null) break;
String elementName = StaxParserUtil.getStartElementName(subEvent);
if (SIGNING_ALIAS_ELEMENT.equalsIgnoreCase(elementName)) {
subEvent = StaxParserUtil.getNextStartElement(xmlEventReader);
if (!StaxParserUtil.hasTextAhead(xmlEventReader))
throw logger.parserExpectedTextValue("SigningAlias");
keyProvider.setSigningAlias(StaxParserUtil.getElementText(xmlEventReader));
} else if (VALIDATING_ALIAS_ELEMENT.equalsIgnoreCase(elementName)) {
subEvent = StaxParserUtil.getNextStartElement(xmlEventReader);
KeyValueType keyValue = new KeyValueType();
// parse the key and value attributes.
attributeQName = new QName("", KEY_ATTRIB);
attribute = subEvent.getAttributeByName(attributeQName);
if (attribute != null) keyValue.setKey(StaxParserUtil.getAttributeValue(attribute));
attributeQName = new QName("", VALUE_ATTRIB);
attribute = subEvent.getAttributeByName(attributeQName);
if (attribute != null) keyValue.setValue(StaxParserUtil.getAttributeValue(attribute));
EndElement endElement = StaxParserUtil.getNextEndElement(xmlEventReader);
StaxParserUtil.validate(endElement, VALIDATING_ALIAS_ELEMENT);
keyProvider.add(keyValue);
} else if (AUTH_ELEMENT.equalsIgnoreCase(elementName)) {
subEvent = StaxParserUtil.getNextStartElement(xmlEventReader);
AuthPropertyType authProperty = new AuthPropertyType();
// parse the key and value attributes.
attributeQName = new QName("", KEY_ATTRIB);
attribute = subEvent.getAttributeByName(attributeQName);
if (attribute != null) authProperty.setKey(StaxParserUtil.getAttributeValue(attribute));
attributeQName = new QName("", VALUE_ATTRIB);
attribute = subEvent.getAttributeByName(attributeQName);
if (attribute != null) authProperty.setValue(StaxParserUtil.getAttributeValue(attribute));
EndElement endElement = StaxParserUtil.getNextEndElement(xmlEventReader);
StaxParserUtil.validate(endElement, AUTH_ELEMENT);
keyProvider.add(authProperty);
} else throw logger.parserUnknownTag(elementName, subEvent.getLocation());
}
return keyProvider;
}
/**
* Parses the {@code ClaimsProcessors} section of the STS configuration file.
*
* @param xmlEventReader the reader used to parse the XML configuration file.
* @return a {@code ClaimsProcessorsType} instance that contains the parsed data.
* @throws ParsingException if an error occurs while parsing the XML file.
*/
private ClaimsProcessorsType parseClaimsProcessors(XMLEventReader xmlEventReader)
throws ParsingException {
StartElement startElement = StaxParserUtil.getNextStartElement(xmlEventReader);
StaxParserUtil.validate(startElement, CLAIMS_PROCESSORS_ELEMENT);
ClaimsProcessorsType claimsProcessors = new ClaimsProcessorsType();
// parse all claims processors one by one.
while (xmlEventReader.hasNext()) {
XMLEvent xmlEvent = StaxParserUtil.peek(xmlEventReader);
if (xmlEvent == null) break;
if (xmlEvent instanceof EndElement) {
EndElement endElement = (EndElement) StaxParserUtil.getNextEvent(xmlEventReader);
String endElementName = StaxParserUtil.getEndElementName(endElement);
if (endElementName.equals(CLAIMS_PROCESSORS_ELEMENT)) break;
else throw logger.parserUnknownEndElement(endElementName);
}
StartElement subEvent = StaxParserUtil.peekNextStartElement(xmlEventReader);
if (subEvent == null) break;
String elementName = StaxParserUtil.getStartElementName(subEvent);
if (CLAIMS_PROCESSOR_ELEMENT.equalsIgnoreCase(elementName)) {
subEvent = StaxParserUtil.getNextStartElement(xmlEventReader);
StaxParserUtil.validate(subEvent, CLAIMS_PROCESSOR_ELEMENT);
ClaimsProcessorType claimsProcessor = new ClaimsProcessorType();
// parse the processor attributes (class and dialect).
QName attributeQName = new QName("", PROCESSOR_CLASS_ATTRIB);
Attribute attribute = subEvent.getAttributeByName(attributeQName);
if (attribute != null)
claimsProcessor.setProcessorClass(StaxParserUtil.getAttributeValue(attribute));
attributeQName = new QName("", DIALECT_ATTRIB);
attribute = subEvent.getAttributeByName(attributeQName);
if (attribute != null)
claimsProcessor.setDialect(StaxParserUtil.getAttributeValue(attribute));
// parse the processor properties.
while (xmlEventReader.hasNext()) {
xmlEvent = StaxParserUtil.peek(xmlEventReader);
if (xmlEvent == null) break;
if (xmlEvent instanceof EndElement) {
EndElement endElement = (EndElement) StaxParserUtil.getNextEvent(xmlEventReader);
String endElementName = StaxParserUtil.getEndElementName(endElement);
if (endElementName.equals(CLAIMS_PROCESSOR_ELEMENT)) break;
else throw logger.parserUnknownEndElement(endElementName);
}
subEvent = StaxParserUtil.peekNextStartElement(xmlEventReader);
if (subEvent == null) break;
elementName = StaxParserUtil.getStartElementName(subEvent);
if (PROPERTY_ELEMENT.equalsIgnoreCase(elementName)) {
// parse the property key and value.
subEvent = StaxParserUtil.getNextStartElement(xmlEventReader);
KeyValueType keyValue = new KeyValueType();
// parse the key and value attributes.
attributeQName = new QName("", KEY_ATTRIB);
attribute = subEvent.getAttributeByName(attributeQName);
if (attribute != null) keyValue.setKey(StaxParserUtil.getAttributeValue(attribute));
attributeQName = new QName("", VALUE_ATTRIB);
attribute = subEvent.getAttributeByName(attributeQName);
if (attribute != null) keyValue.setValue(StaxParserUtil.getAttributeValue(attribute));
EndElement endElement = StaxParserUtil.getNextEndElement(xmlEventReader);
StaxParserUtil.validate(endElement, PROPERTY_ELEMENT);
claimsProcessor.add(keyValue);
} else throw logger.parserUnknownTag(elementName, subEvent.getLocation());
}
claimsProcessors.add(claimsProcessor);
} else throw logger.parserUnknownTag(elementName, subEvent.getLocation());
}
return claimsProcessors;
}
/**
* Parse the AuthnStatement inside the assertion
*
* @param xmlEventReader
* @return
* @throws ParsingException
*/
public static SAML11AuthenticationStatementType parseAuthenticationStatement(
XMLEventReader xmlEventReader) throws ParsingException {
StartElement startElement = StaxParserUtil.getNextStartElement(xmlEventReader);
StaxParserUtil.validate(startElement, SAML11Constants.AUTHENTICATION_STATEMENT);
Attribute authMethod =
startElement.getAttributeByName(new QName(SAML11Constants.AUTHENTICATION_METHOD));
if (authMethod == null)
throw logger.parserRequiredAttribute(SAML11Constants.AUTHENTICATION_METHOD);
Attribute authInstant =
startElement.getAttributeByName(new QName(SAML11Constants.AUTHENTICATION_INSTANT));
if (authInstant == null)
throw logger.parserRequiredAttribute(SAML11Constants.AUTHENTICATION_INSTANT);
SAML11AuthenticationStatementType authStat =
new SAML11AuthenticationStatementType(
URI.create(StaxParserUtil.getAttributeValue(authMethod)),
XMLTimeUtil.parse(StaxParserUtil.getAttributeValue(authInstant)));
while (xmlEventReader.hasNext()) {
XMLEvent xmlEvent = StaxParserUtil.peek(xmlEventReader);
if (xmlEvent == null) break;
if (xmlEvent instanceof EndElement) {
xmlEvent = StaxParserUtil.getNextEvent(xmlEventReader);
EndElement endElement = (EndElement) xmlEvent;
String endElementTag = StaxParserUtil.getEndElementName(endElement);
if (endElementTag.equals(SAML11Constants.AUTHENTICATION_STATEMENT)) break;
else throw logger.parserUnknownEndElement(endElementTag);
}
startElement = null;
if (xmlEvent instanceof StartElement) {
startElement = (StartElement) xmlEvent;
} else {
startElement = StaxParserUtil.peekNextStartElement(xmlEventReader);
}
if (startElement == null) break;
String tag = StaxParserUtil.getStartElementName(startElement);
if (JBossSAMLConstants.SUBJECT.get().equalsIgnoreCase(tag)) {
SAML11SubjectParser subjectParser = new SAML11SubjectParser();
SAML11SubjectType subject = (SAML11SubjectType) subjectParser.parse(xmlEventReader);
SAML11SubjectStatementType subStat = new SAML11SubjectStatementType();
subStat.setSubject(subject);
authStat.setSubject(subject);
} else if (JBossSAMLConstants.SUBJECT_LOCALITY.get().equals(tag)) {
startElement = StaxParserUtil.getNextStartElement(xmlEventReader);
SAML11SubjectLocalityType subjectLocalityType = new SAML11SubjectLocalityType();
Attribute address = startElement.getAttributeByName(new QName(SAML11Constants.IP_ADDRESS));
if (address != null) {
subjectLocalityType.setIpAddress(StaxParserUtil.getAttributeValue(address));
}
Attribute dns = startElement.getAttributeByName(new QName(SAML11Constants.DNS_ADDRESS));
if (dns != null) {
subjectLocalityType.setDnsAddress(StaxParserUtil.getAttributeValue(dns));
}
authStat.setSubjectLocality(subjectLocalityType);
StaxParserUtil.validate(
StaxParserUtil.getNextEndElement(xmlEventReader),
JBossSAMLConstants.SUBJECT_LOCALITY.get());
} else if (SAML11Constants.AUTHORITY_BINDING.equals(tag)) {
Attribute authorityKindAttr =
startElement.getAttributeByName(new QName(SAML11Constants.AUTHORITY_KIND));
if (authorityKindAttr == null) throw logger.parserRequiredAttribute("AuthorityKind");
Attribute locationAttr =
startElement.getAttributeByName(new QName(SAML11Constants.LOCATION));
if (locationAttr == null) throw logger.parserRequiredAttribute("Location");
URI location = URI.create(StaxParserUtil.getAttributeValue(locationAttr));
Attribute bindingAttr = startElement.getAttributeByName(new QName(SAML11Constants.BINDING));
if (bindingAttr == null) throw logger.parserRequiredAttribute("Binding");
URI binding = URI.create(StaxParserUtil.getAttributeValue(bindingAttr));
QName authorityKind = QName.valueOf(StaxParserUtil.getAttributeValue(authorityKindAttr));
SAML11AuthorityBindingType authorityBinding =
new SAML11AuthorityBindingType(authorityKind, location, binding);
authStat.add(authorityBinding);
} else throw logger.parserUnknownTag("", startElement.getLocation());
}
return authStat;
}
/**
* Parses the {@code TokenProviders} section of the STS configuration file.
*
* @param xmlEventReader the reader used to parse the XML configuration file.
* @return a {@code TokenProvidersType} instance that contains the parsed data.
* @throws ParsingException if an error occurs while parsing the XML file.
*/
private TokenProvidersType parseTokenProviders(XMLEventReader xmlEventReader)
throws ParsingException {
StartElement startElement = StaxParserUtil.getNextStartElement(xmlEventReader);
StaxParserUtil.validate(startElement, TOKEN_PROVIDERS_ELEMENT);
TokenProvidersType tokenProviders = new TokenProvidersType();
// parse all token providers one by one.
while (xmlEventReader.hasNext()) {
XMLEvent xmlEvent = StaxParserUtil.peek(xmlEventReader);
if (xmlEvent == null) break;
if (xmlEvent instanceof EndElement) {
EndElement endElement = (EndElement) StaxParserUtil.getNextEvent(xmlEventReader);
String endElementName = StaxParserUtil.getEndElementName(endElement);
if (endElementName.equals(TOKEN_PROVIDERS_ELEMENT)) break;
else throw logger.parserUnknownEndElement(endElementName);
}
StartElement subEvent = StaxParserUtil.peekNextStartElement(xmlEventReader);
if (subEvent == null) break;
String elementName = StaxParserUtil.getStartElementName(subEvent);
if (TOKEN_PROVIDER_ELEMENT.equalsIgnoreCase(elementName)) {
subEvent = StaxParserUtil.getNextStartElement(xmlEventReader);
StaxParserUtil.validate(subEvent, TOKEN_PROVIDER_ELEMENT);
TokenProviderType tokenProvider = new TokenProviderType();
// parse the provider attributes (provider class, token type, token element, token
// namespace).
QName attributeQName = new QName("", PROVIDER_CLASS_ATTRIB);
Attribute attribute = subEvent.getAttributeByName(attributeQName);
if (attribute != null)
tokenProvider.setProviderClass(StaxParserUtil.getAttributeValue(attribute));
attributeQName = new QName("", TOKEN_TYPE_ATTRIB);
attribute = subEvent.getAttributeByName(attributeQName);
if (attribute != null)
tokenProvider.setTokenType(StaxParserUtil.getAttributeValue(attribute));
attributeQName = new QName("", TOKEN_ELEMENT_ATTRIB);
attribute = subEvent.getAttributeByName(attributeQName);
if (attribute != null)
tokenProvider.setTokenElement(StaxParserUtil.getAttributeValue(attribute));
attributeQName = new QName("", TOKEN_ELEMENT_NS_ATTRIB);
attribute = subEvent.getAttributeByName(attributeQName);
if (attribute != null)
tokenProvider.setTokenElementNS(StaxParserUtil.getAttributeValue(attribute));
// parse the provider properties.
while (xmlEventReader.hasNext()) {
xmlEvent = StaxParserUtil.peek(xmlEventReader);
if (xmlEvent == null) break;
if (xmlEvent instanceof EndElement) {
EndElement endElement = (EndElement) StaxParserUtil.getNextEvent(xmlEventReader);
String endElementName = StaxParserUtil.getEndElementName(endElement);
if (endElementName.equals(TOKEN_PROVIDER_ELEMENT)) break;
else throw logger.parserUnknownEndElement(endElementName);
}
subEvent = StaxParserUtil.peekNextStartElement(xmlEventReader);
if (subEvent == null) break;
elementName = StaxParserUtil.getStartElementName(subEvent);
if (PROPERTY_ELEMENT.equalsIgnoreCase(elementName)) {
// parse the property key and value.
subEvent = StaxParserUtil.getNextStartElement(xmlEventReader);
KeyValueType keyValue = new KeyValueType();
// parse the key and value attributes.
attributeQName = new QName("", KEY_ATTRIB);
attribute = subEvent.getAttributeByName(attributeQName);
if (attribute != null) keyValue.setKey(StaxParserUtil.getAttributeValue(attribute));
attributeQName = new QName("", VALUE_ATTRIB);
attribute = subEvent.getAttributeByName(attributeQName);
if (attribute != null) keyValue.setValue(StaxParserUtil.getAttributeValue(attribute));
EndElement endElement = StaxParserUtil.getNextEndElement(xmlEventReader);
StaxParserUtil.validate(endElement, PROPERTY_ELEMENT);
tokenProvider.add(keyValue);
} else throw logger.parserUnknownTag(elementName, subEvent.getLocation());
}
tokenProviders.add(tokenProvider);
} else throw logger.parserUnknownTag(elementName, subEvent.getLocation());
}
return tokenProviders;
}