/* * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER. * * Copyright (c) 2006 Sun Microsystems Inc. All Rights Reserved * * The contents of this file are subject to the terms * of the Common Development and Distribution License * (the License). You may not use this file except in * compliance with the License. * * You can obtain a copy of the License at * https://opensso.dev.java.net/public/CDDLv1.0.html or * opensso/legal/CDDLv1.0.txt * See the License for the specific language governing * permission and limitations under the License. * * When distributing Covered Code, include this CDDL * Header Notice in each file and include the License file * at opensso/legal/CDDLv1.0.txt. * If applicable, add the following below the CDDL Header, * with the fields enclosed by brackets [] replaced by * your own identifying information: * "Portions Copyrighted [year] [name of copyright owner]" * * $Id: FSLogoutNotification.java,v 1.4 2008/06/25 05:46:44 qcheng Exp $ * * Portions Copyrighted 2014-2016 ForgeRock AS. */ package com.sun.identity.federation.message; import static org.forgerock.openam.utils.Time.*; import com.sun.identity.shared.xml.XMLUtils; import com.sun.identity.shared.encode.Base64; import com.sun.identity.shared.encode.URLEncDec; import com.sun.identity.shared.DateUtils; import com.sun.identity.saml.common.SAMLConstants; import com.sun.identity.saml.common.SAMLUtils; import com.sun.identity.saml.common.SAMLException; import com.sun.identity.saml.common.SAMLResponderException; import com.sun.identity.saml.protocol.AbstractRequest; import com.sun.identity.saml.assertion.NameIdentifier; import com.sun.identity.saml.xmlsig.XMLSignatureManager; import com.sun.identity.federation.message.common.FSMsgException; import com.sun.identity.federation.common.FSUtils; import com.sun.identity.federation.common.IFSConstants; import javax.servlet.http.HttpServletRequest; import java.text.ParseException; import java.util.ArrayList; import java.util.Collections; import java.util.Date; import java.util.Iterator; import java.util.List; import org.w3c.dom.Element; import org.w3c.dom.Node; import org.w3c.dom.NodeList; import org.w3c.dom.Document; /** * This class contains methods to construct a LogoutRequest * object. * * @supported.all.api * @deprecated since 12.0.0 */ @Deprecated public class FSLogoutNotification extends AbstractRequest { private String providerId; private NameIdentifier nameIdentifier; protected String sessionIndex; protected String xmlString = null; protected String signatureString = null; protected String id = null; private String relayState = null; protected Date notOnOrAfter = null; /** * Default Constructor. */ public FSLogoutNotification() { setIssueInstant(newDate()); } /** * Constructor creates FSLogoutNotification object * from Document Element. * * @param root the Document Element object. * @throws FSMsgException if there is an error creating this * object. */ public FSLogoutNotification(Element root) throws FSMsgException { String tag = null; if (root == null) { FSUtils.debug.message("FSLogoutNotification(Element): null input."); throw new FSMsgException("nullInput",null); } if (((tag = root.getLocalName()) == null) || (!tag.equals(IFSConstants.LOGOUT_REQUEST))) { FSUtils.debug.message("FSLogoutNotification(Element): wrong input"); throw new FSMsgException("wrongInput",null); } // get the IssueInstant Attribute String instantString = root.getAttribute(IFSConstants.ISSUE_INSTANT); if ((instantString == null) || (instantString.length() == 0)) { FSUtils.debug.message( "LogoutRequest(Element): missing IssueInstant"); String[] args = { IFSConstants.ISSUE_INSTANT }; throw new FSMsgException("missingAttribute",args); } else { try { issueInstant = DateUtils.stringToDate(instantString); } catch (Exception e) { if (FSUtils.debug.messageEnabled()) { FSUtils.debug.message("LogoutRequest(Element): could not " + "parse IssueInstant:" + e.getMessage()); } throw new FSMsgException("wrongInput",null); } } // get the NotOnOrAfter Attribute String notAfter = root.getAttribute(IFSConstants.NOT_ON_OR_AFTER); if (notAfter != null && notAfter.length() != 0) { try { notOnOrAfter = DateUtils.stringToDate(notAfter); } catch (Exception ex) { if(FSUtils.debug.messageEnabled()) { FSUtils.debug.message("LogoutRequest(Element): unable to" + "parse not on or after", ex); } } } int length = 0; id = root.getAttribute(IFSConstants.ID); requestID = root.getAttribute(IFSConstants.REQUEST_ID); parseMajorVersion(root.getAttribute(IFSConstants.MAJOR_VERSION)); parseMinorVersion(root.getAttribute(IFSConstants.MINOR_VERSION)); NodeList contentnl = root.getChildNodes(); Node child; String nodeName; length = contentnl.getLength(); for (int i = 0; i < length; i++) { child = contentnl.item(i); if ((nodeName = child.getLocalName()) != null) { if (nodeName.equals(IFSConstants.RESPONDWITH)) { if (respondWiths == Collections.EMPTY_LIST) { respondWiths = new ArrayList(); } respondWiths.add( XMLUtils.getElementValue((Element) child)); } else if (nodeName.equals(IFSConstants.SIGNATURE)) { } else if (nodeName.equals(IFSConstants.PROVIDER_ID)) { if (providerId != null) { if (FSUtils.debug.messageEnabled()) { FSUtils.debug.message("FSLogoutNotification " + "(Element): should contain only " + "one ProviderID."); } throw new FSMsgException("wrongInput",null); } providerId = XMLUtils.getElementValue((Element) child); } else if (nodeName.equals(IFSConstants.RELAY_STATE)) { if (relayState != null) { if (FSUtils.debug.messageEnabled()) { FSUtils.debug.message("FSLogoutNotification " + "(Element): should contain only one " + "relayState."); } throw new FSMsgException("wrongInput",null); } relayState = XMLUtils.getElementValue((Element) child); } else if (nodeName.equals(IFSConstants.NAME_IDENTIFIER)) { try { this.nameIdentifier = new NameIdentifier((Element) child); } catch(SAMLException ex){ if (FSUtils.debug.messageEnabled()) { FSUtils.debug.message("FSLogoutNotification " + "(Element): SAMLException while " + "nconstructing ameidentifier"); } throw new FSMsgException("nameIdentifierCreateError", null,ex); } } else if (nodeName.equals(IFSConstants.SESSION_INDEX)) { if (sessionIndex != null) { if (FSUtils.debug.messageEnabled()) { FSUtils.debug.message( "FSLogoutNotification(Element): " + "should contain only one SessionIndex."); } throw new FSMsgException("wrongInput",null); } sessionIndex = XMLUtils.getElementValue((Element) child); } else { if (FSUtils.debug.messageEnabled()) { FSUtils.debug.message("FSLogoutNotification(Element): " + "invalid node" + nodeName); } throw new FSMsgException("wrongInput",null); } } } List signs = XMLUtils.getElementsByTagNameNS1(root, SAMLConstants.XMLSIG_NAMESPACE_URI, SAMLConstants.XMLSIG_ELEMENT_NAME); int signsSize = signs.size(); if (signsSize == 1) { Element elem = (Element)signs.get(0); setSignature(elem); xmlString = XMLUtils.print(root); signed = true; } else if (signsSize != 0) { if (FSUtils.debug.messageEnabled()) { FSUtils.debug.message( "FSLogoutNotification(Element): included more than" + " one Signature element."); } throw new FSMsgException("moreElement",null); } //end check for signature } /** * Consturctor creates FSLogoutNotification object. * * @param requestId the RequestId attribute. * @param providerID the ProviderID attribute. * @param nameId the NameIdentifier object. * @param relayState the RelayState attribute. * @throws FSMsgException if there is an error creating * this object. */ public FSLogoutNotification(String requestId,String providerID, NameIdentifier nameId, String relayState) throws FSMsgException { setIssueInstant(newDate()); if ((requestId != null) && (requestId.length() != 0)) { requestID = requestId; } else { requestID = SAMLUtils.generateID(); if (requestID == null) { FSUtils.debug.error( "FSLogoutNotification: couldn't generate RequestID."); throw new FSMsgException("errorGenerateID",null); } } this.relayState = relayState; this.providerId = providerID; this.nameIdentifier = nameId; } /** * Returns the value of id attribute. * * @return the value of id attribute. * @see #setID(String) */ public String getID(){ return id; } /** * Sets the value of id attribute. * * @param id the value of id attribute. * @see #getID() */ public void setID(String id){ this.id = id; } /** * Sets the value of RelayState attribute. * * @param relayState the value of RelayState attribute. */ public void setRelayState(String relayState) { this.relayState = relayState; } /** * Returns the value of RelayState attribute. * * @return the value of RelayState attribute. */ public String getRelayState() { return this.relayState; } /** * Returns a signed XML string. * * @return a signed XML string. */ public String getSignatureString(){ return signatureString; } /** * Returns the value of MinorVersion attribute. * * @return the value of MinorVersion attribute. * @see #setMinorVersion(int) */ public int getMinorVersion() { return minorVersion; } /** * Sets the value of MinorVersion attribute. * * @param version the value of MinorVersion attribute. * @see #getMinorVersion() */ public void setMinorVersion(int version) { minorVersion = version; } /** * Returns the string representation of this object. * * @param includeNS determines whether or not the namespace qualifier * is prepended to the Element when converted * @param declareNS : Determines whether or not the namespace is declared * within the Element. * @return a string containing the valid XML for this element * @throws FSMsgException if there is an error creating * XML string from this object. */ public String toXMLString(boolean includeNS, boolean declareNS) throws FSMsgException { return toXMLString(includeNS, declareNS, false); } /** * Returns the string representation of this object. * * @param includeNS determines whether or not the namespace qualifier * is prepended to the Element when converted * @param declareNS Determines whether or not the namespace is declared * within the Element. * @param includeHeader Determines whether the output include the xml * declaration header. * @return a string containing the valid XML for this element * @throws FSMsgException if there is an error creating * XML string from this object. */ public String toXMLString(boolean includeNS,boolean declareNS, boolean includeHeader) throws FSMsgException { if((providerId == null) || (providerId.length() == 0)){ FSUtils.debug.error("FSLogoutNotification.toXMLString: " + "providerId is null in the request with requestId:" + requestID); String[] args = { requestID }; throw new FSMsgException("nullProviderIdWRequestId" , args); } if ((requestID == null) || (requestID.length() == 0)){ requestID = SAMLUtils.generateID(); if (requestID == null) { FSUtils.debug.error("FSLogoutNotification.toXMLString: " + "couldn't generate RequestID."); throw new FSMsgException("errorGenerateID",null); } } StringBuffer xml = new StringBuffer(300); if (includeHeader) { xml.append(IFSConstants.XML_PREFIX) .append(IFSConstants.DEFAULT_ENCODING) .append(IFSConstants.QUOTE) .append(IFSConstants.SPACE) .append(IFSConstants.QUESTION_MARK) .append(IFSConstants.RIGHT_ANGLE) .append(IFSConstants.NL); } String prefix = ""; String uri = ""; String uriSAML = ""; if (includeNS) { prefix = IFSConstants.LIB_PREFIX; } if (declareNS) { if(minorVersion == IFSConstants.FF_12_PROTOCOL_MINOR_VERSION) { uri = IFSConstants.LIB_12_NAMESPACE_STRING; } else { uri = IFSConstants.LIB_NAMESPACE_STRING; } uriSAML = IFSConstants.assertionDeclareStr; } String instantString = DateUtils.toUTCDateFormat(issueInstant); if (notOnOrAfter == null) { notOnOrAfter = new Date(issueInstant.getTime() + IFSConstants.ASSERTION_TIMEOUT_ALLOWED_DIFFERENCE); } String notAfter = DateUtils.toUTCDateFormat(notOnOrAfter); if (requestID != null){ xml.append(IFSConstants.LEFT_ANGLE) .append(prefix) .append(IFSConstants.LOGOUT_REQUEST) .append(uri) .append(uriSAML); if (minorVersion == IFSConstants.FF_11_PROTOCOL_MINOR_VERSION && id != null && !(id.length() == 0)) { xml.append(IFSConstants.SPACE) .append(IFSConstants.ID) .append(IFSConstants.EQUAL_TO) .append(IFSConstants.QUOTE) .append(id) .append(IFSConstants.QUOTE) .append(IFSConstants.SPACE); } xml.append(IFSConstants.SPACE) .append(IFSConstants.REQUEST_ID) .append(IFSConstants.EQUAL_TO) .append(IFSConstants.QUOTE) .append(requestID) .append(IFSConstants.QUOTE) .append(IFSConstants.SPACE) .append(IFSConstants.SPACE) .append(IFSConstants.MAJOR_VERSION) .append(IFSConstants.EQUAL_TO) .append(IFSConstants.QUOTE) .append(majorVersion) .append(IFSConstants.QUOTE) .append(IFSConstants.SPACE) .append(IFSConstants.SPACE) .append(IFSConstants.MINOR_VERSION) .append(IFSConstants.EQUAL_TO) .append(IFSConstants.QUOTE) .append(minorVersion) .append(IFSConstants.QUOTE) .append(IFSConstants.SPACE) .append(IFSConstants.SPACE) .append(IFSConstants.ISSUE_INSTANT) .append(IFSConstants.EQUAL_TO) .append(IFSConstants.QUOTE) .append(instantString) .append(IFSConstants.QUOTE); if (minorVersion == IFSConstants.FF_12_PROTOCOL_MINOR_VERSION) { xml.append(IFSConstants.SPACE) .append(IFSConstants.NOT_ON_OR_AFTER) .append(IFSConstants.EQUAL_TO) .append(IFSConstants.QUOTE) .append(notAfter) .append(IFSConstants.QUOTE); } xml.append(IFSConstants.RIGHT_ANGLE); if((respondWiths != null) && (respondWiths != Collections.EMPTY_LIST)) { Iterator i = respondWiths.iterator(); while (i.hasNext()) { xml.append(IFSConstants.LEFT_ANGLE) .append(prefix) .append(IFSConstants.RESPONDWITH) .append(IFSConstants.RIGHT_ANGLE) .append((String) i.next()) .append(IFSConstants.START_END_ELEMENT) .append(prefix) .append(IFSConstants.RESPONDWITH) .append(IFSConstants.RIGHT_ANGLE); } } if (signed) { if (signatureString != null) { xml.append(signatureString); } else if (signature != null) { signatureString = XMLUtils.print(signature); xml.append(signatureString); } } xml.append(IFSConstants.LEFT_ANGLE) .append(prefix) .append(IFSConstants.PROVIDER_ID) .append(uri) .append(IFSConstants.RIGHT_ANGLE) .append(providerId) .append(IFSConstants.START_END_ELEMENT) .append(prefix) .append(IFSConstants.PROVIDER_ID) .append(IFSConstants.RIGHT_ANGLE); if (nameIdentifier != null) { xml.append(nameIdentifier.toString()); } if ((sessionIndex != null) && sessionIndex.length() != 0){ xml.append("<").append(prefix).append("SessionIndex"). append(uri). append(">").append(sessionIndex).append(""); } if (relayState != null && relayState.length() != 0) { xml.append(IFSConstants.LEFT_ANGLE) .append(prefix) .append(IFSConstants.RELAY_STATE) .append(uri) .append(IFSConstants.RIGHT_ANGLE) .append(relayState) .append(IFSConstants.START_END_ELEMENT) .append(prefix) .append(IFSConstants.RELAY_STATE) .append(IFSConstants.RIGHT_ANGLE); } xml.append(IFSConstants.START_END_ELEMENT) .append(prefix) .append(IFSConstants.LOGOUT_REQUEST) .append(IFSConstants.RIGHT_ANGLE); } else { if (FSUtils.debug.messageEnabled()) { FSUtils.debug.message("FSLogoutNotification.toString: " + "requestID is null "); } throw new FSMsgException("nullRequestID",null); } return xml.toString(); } /** * Returns the string representation of this object. * * @return a string containing the valid XML for this element * @throws FSMsgException if there is an error creating * XML string from this object. */ public String toXMLString() throws FSMsgException { return toXMLString(true, true); } /** * Constructor create FSLogoutNotification from a * XML string. * * @param xml the XML string. * @throws FSMsgException if there is an error creating * this object. */ public static FSLogoutNotification parseXML(String xml) throws FSMsgException { Document doc = XMLUtils.toDOMDocument(xml, FSUtils.debug); if (doc == null) { if (FSUtils.debug.messageEnabled()) { FSUtils.debug.message("FSLogoutNotification.parseXML:Error " + "while parsing input xml string"); } throw new FSMsgException("parseError",null); } Element root = doc.getDocumentElement(); return new FSLogoutNotification(root); } /** * Returns value of ProviderID attribute. * * @return value of ProviderID attribute. * @see #setProviderId(String) */ public String getProviderId() { return providerId; } /** * Sets value of ProviderID attribute. * * @param providerID value of ProviderID attribute. * @see #getProviderId() */ public void setProviderId(String providerID) { this.providerId = providerID; } /** * Returns value of SessionIndex attribute. * * @return value of SessionIndex attribute. * @see #setSessionIndex(String) */ public String getSessionIndex() { return sessionIndex; } /** * Sets value of SessionIndex attribute. * * @param sessionIndex value of SessionIndex attribute. * @see #getSessionIndex */ public void setSessionIndex(String sessionIndex) { this.sessionIndex = sessionIndex; } /** * Returns the NameIdentifier object. * * @return the NameIdentifier object. * @see #setNameIdentifier(NameIdentifier) */ public NameIdentifier getNameIdentifier() { return nameIdentifier; } /** * Sets the NameIdentifier object. * * @param nameId the NameIdentifier object. * @see #getNameIdentifier */ public void setNameIdentifier(NameIdentifier nameId) { this.nameIdentifier = nameId; } /** * Returns an URL Encoded String. * * @return a url encoded query string. * @throws FSMsgException if there is an error. */ public String toURLEncodedQueryString() throws FSMsgException { if((providerId == null) || (providerId.length() == 0)){ FSUtils.debug.error("FSLogoutNotification.toURLEncodedQueryString: " + "providerId is null in the request with requestId:" + requestID); String[] args = { requestID }; throw new FSMsgException("nullProviderIdWRequestId",args); } if ((requestID == null) || (requestID.length() == 0)){ requestID = SAMLUtils.generateID(); if (requestID == null) { FSUtils.debug.error( "FSLogoutNotification.toURLEncodedQueryString: " + "couldn't generate RequestID."); throw new FSMsgException("errorGenerateID",null); } } StringBuffer urlEncodedAuthnReq = new StringBuffer(300); urlEncodedAuthnReq.append(IFSConstants.REQUEST_ID) .append(IFSConstants.EQUAL_TO) .append(URLEncDec.encode(requestID)) .append(IFSConstants.AMPERSAND) .append(IFSConstants.MAJOR_VERSION) .append(IFSConstants.EQUAL_TO) .append(majorVersion) .append(IFSConstants.AMPERSAND) .append(IFSConstants.MINOR_VERSION) .append(IFSConstants.EQUAL_TO) .append(minorVersion) .append(IFSConstants.AMPERSAND); if(issueInstant != null){ urlEncodedAuthnReq.append(IFSConstants.ISSUE_INSTANT) .append(IFSConstants.EQUAL_TO) .append(URLEncDec.encode( DateUtils.toUTCDateFormat(issueInstant))) .append(IFSConstants.AMPERSAND); if(minorVersion == IFSConstants.FF_12_PROTOCOL_MINOR_VERSION) { notOnOrAfter = new Date(issueInstant.getTime() + IFSConstants.ASSERTION_TIMEOUT_ALLOWED_DIFFERENCE); urlEncodedAuthnReq.append(IFSConstants.NOT_ON_OR_AFTER) .append(IFSConstants.EQUAL_TO) .append(URLEncDec.encode( DateUtils.toUTCDateFormat(notOnOrAfter))) .append(IFSConstants.AMPERSAND); } } else { FSUtils.debug.error("FSLogoutNotification." + "toURLEncodedQueryString: issueInstant missing"); String[] args = { IFSConstants.ISSUE_INSTANT }; throw new FSMsgException("missingAttribute",args); } if (providerId != null && providerId.length() != 0) { urlEncodedAuthnReq.append(IFSConstants.PROVIDER_ID) .append(IFSConstants.EQUAL_TO) .append(URLEncDec.encode(providerId)) .append(IFSConstants.AMPERSAND); } if (sessionIndex != null && sessionIndex.length() != 0) { urlEncodedAuthnReq.append(IFSConstants.SESSION_INDEX) .append(IFSConstants.EQUAL_TO) .append(URLEncDec.encode(sessionIndex)) .append(IFSConstants.AMPERSAND); } if (relayState != null && relayState.length() != 0) { urlEncodedAuthnReq.append(IFSConstants.RELAY_STATE) .append(IFSConstants.EQUAL_TO) .append(URLEncDec.encode(relayState)) .append(IFSConstants.AMPERSAND); } if (nameIdentifier != null) { if (nameIdentifier.getName() != null && nameIdentifier.getName().length() != 0) { urlEncodedAuthnReq.append(IFSConstants.NAME) .append(IFSConstants.EQUAL_TO) .append(URLEncDec.encode( nameIdentifier.getName())) .append(IFSConstants.AMPERSAND) .append(IFSConstants.NAME_IDENTIFIER) .append(IFSConstants.EQUAL_TO) .append(URLEncDec.encode( nameIdentifier.getName())) .append(IFSConstants.AMPERSAND); } if (nameIdentifier.getNameQualifier() != null && nameIdentifier.getNameQualifier().length() != 0) { urlEncodedAuthnReq.append(IFSConstants.NAME_QUALIFIER) .append(IFSConstants.EQUAL_TO) .append(URLEncDec.encode( nameIdentifier.getNameQualifier())) .append(IFSConstants.AMPERSAND); } if (nameIdentifier.getFormat() != null && nameIdentifier.getFormat().length() != 0) { urlEncodedAuthnReq.append(IFSConstants.NAME_FORMAT) .append(IFSConstants.EQUAL_TO) .append(URLEncDec.encode( nameIdentifier.getFormat())) .append(IFSConstants.AMPERSAND); } } return urlEncodedAuthnReq.toString(); } /** * Returns a Base64 Encoded String. * * @return a Base64 Encoded String. * @throws FSMsgException if there is an error encoding * the string. */ public String toBASE64EncodedString() throws FSMsgException { if((providerId == null) || (providerId.length() == 0)){ FSUtils.debug.error("FSLogoutNotification.toURLEncodedQueryString: " + "providerId is null in the request with requestId:" + requestID); String[] args = { requestID }; throw new FSMsgException("nullProviderIdWRequestId",args); } if ((requestID == null) || (requestID.length() == 0)){ requestID = SAMLUtils.generateID(); if (requestID == null) { FSUtils.debug.error( "FSLogoutNotification.toURLEncodedQueryString: " + "couldn't generate RequestID."); throw new FSMsgException("errorGenerateID",null); } } return Base64.encode(this.toXMLString().getBytes()); } /** * Returns FSLogoutNotification object. The * object is created by parsing the HttpServletRequest * object. * * @param request the HttpServletRequest object. * @return FSLogoutNotification object. * @throws FSMsgException if there is an error * creating FSAuthnRequest object. */ public static FSLogoutNotification parseURLEncodedRequest( HttpServletRequest request) throws FSMsgException { try { FSLogoutNotification retLogoutNotification = new FSLogoutNotification(); String requestID = request.getParameter("RequestID"); if(requestID != null) { retLogoutNotification.requestID = requestID; } else { String[] args = { IFSConstants.REQUEST_ID }; throw new FSMsgException("missingAttribute",args); } try{ retLogoutNotification.majorVersion = Integer.parseInt(request.getParameter( IFSConstants.MAJOR_VERSION)); FSUtils.debug.message("Majorversion : " + retLogoutNotification.majorVersion); retLogoutNotification.minorVersion = Integer.parseInt(request.getParameter( IFSConstants.MINOR_VERSION)); FSUtils.debug.message("Minorversion : " + retLogoutNotification.minorVersion); } catch (NumberFormatException ex) { FSUtils.debug.message("FSLogoutNotification. " + "parseURLEncodedRequest:Major/Minor version problem"); throw new FSMsgException("invalidNumber",null); } String instantString = request.getParameter(IFSConstants.ISSUE_INSTANT); if (instantString == null || instantString.length() == 0) { String[] args = { IFSConstants.ISSUE_INSTANT }; throw new FSMsgException("missingAttribute",args); } try{ retLogoutNotification.issueInstant = DateUtils.stringToDate(instantString); } catch (ParseException e){ throw new FSMsgException("parseError",null); } String notAfter = request.getParameter(IFSConstants.NOT_ON_OR_AFTER); if (notAfter != null && notAfter.length() != 0) { try { retLogoutNotification.notOnOrAfter = DateUtils.stringToDate(notAfter); } catch (ParseException pe) { FSUtils.debug.message("FSLogoutNotification.parseURLEncoded" + "Request: parsing exception", pe); } } String providerId = request.getParameter(IFSConstants.PROVIDER_ID); if (providerId != null) { retLogoutNotification.providerId = providerId; } else { throw new FSMsgException("missingElement",null); } String sessionIndex = request.getParameter(IFSConstants.SESSION_INDEX); if (sessionIndex != null) { retLogoutNotification.sessionIndex = sessionIndex; } String relayState = request.getParameter(IFSConstants.RELAY_STATE); if (relayState != null) { retLogoutNotification.relayState = relayState; } String nameFormat = request.getParameter(IFSConstants.NAME_FORMAT); String nameQualifier = request.getParameter(IFSConstants.NAME_QUALIFIER); String name = request.getParameter(IFSConstants.NAME); if (name == null) { name = request.getParameter(IFSConstants.NAME_IDENTIFIER); } if (name == null) { throw new FSMsgException("missingElement",null); } retLogoutNotification.nameIdentifier = new NameIdentifier(name, nameQualifier, nameFormat); FSUtils.debug.message("Returning Logout Object"); return retLogoutNotification; } catch(Exception e) { throw new FSMsgException("parseError",null); } } /** * Sets the MajorVersion by parsing the version string. * * @param majorVer a String representing the MajorVersion to * be set. * @throws FSMsgException when the version mismatchs. */ private void parseMajorVersion(String majorVer) throws FSMsgException { try { majorVersion = Integer.parseInt(majorVer); } catch (NumberFormatException e) { if (FSUtils.debug.messageEnabled()) { FSUtils.debug.message("FSLogoutNotification(Element): invalid " + "MajorVersion", e); } throw new FSMsgException("wrongInput",null); } if (majorVersion != SAMLConstants.PROTOCOL_MAJOR_VERSION) { if (majorVersion > SAMLConstants.PROTOCOL_MAJOR_VERSION) { if (FSUtils.debug.messageEnabled()) { FSUtils.debug.message("FSLogoutNotification(Element): " + "MajorVersion of the LogoutRequest is too high."); } throw new FSMsgException("requestVersionTooHigh",null); } else { if (FSUtils.debug.messageEnabled()) { FSUtils.debug.message("FSLogoutNotification(Element): " + "MajorVersion of the LogoutRequest is too low."); } throw new FSMsgException("requestVersionTooLow",null); } } } /** * Sets the MinorVersion by parsing the version string. * * @param minorVer a String representing the MinorVersion to * be set. * @throws FSMsgException when the version mismatchs. */ private void parseMinorVersion(String minorVer) throws FSMsgException { try { minorVersion = Integer.parseInt(minorVer); } catch (NumberFormatException e) { if (FSUtils.debug.messageEnabled()) { FSUtils.debug.message("FSLogoutNotification(Element): invalid " + "MinorVersion", e); } throw new FSMsgException("wrongInput",null); } if (minorVersion > IFSConstants.FF_12_PROTOCOL_MINOR_VERSION) { FSUtils.debug.error("FSLogoutNotification(Element): " + "MinorVersion of the LogoutRequest is too high."); throw new FSMsgException("requestVersionTooHigh",null); } else if (minorVersion < IFSConstants.FF_11_PROTOCOL_MINOR_VERSION) { FSUtils.debug.error("FSLogoutNotification(Element): " + "MinorVersion of the LogoutRequest is too low."); throw new FSMsgException("requestVersionTooLow",null); } } /** * Unsupported operation. */ public void signXML() throws SAMLException { throw new SAMLException(FSUtils.BUNDLE_NAME, "unsupportedOperation",null); } /** * Signs the FSLogoutNotification object. * * @param certAlias the Certificate Alias * @throws SAMLException if * FSFederationTerminationNotification * cannot be signed. */ public void signXML(String certAlias) throws SAMLException { FSUtils.debug.message("FSLogoutNotification.signXML: Called"); if (signed) { if (FSUtils.debug.messageEnabled()) { FSUtils.debug.message("FSLogoutNotification.signXML: " + "the assertion is already signed."); } throw new SAMLResponderException(FSUtils.BUNDLE_NAME, "alreadySigned",null); } if (certAlias == null || certAlias.length() == 0) { throw new SAMLResponderException(FSUtils.BUNDLE_NAME, "cannotFindCertAlias",null); } try{ XMLSignatureManager manager = XMLSignatureManager.getInstance(); if (minorVersion == IFSConstants.FF_11_PROTOCOL_MINOR_VERSION) { signatureString = manager.signXML(this.toXMLString(true, true), certAlias,null,IFSConstants.ID, this.id, false); } else if (minorVersion == IFSConstants.FF_12_PROTOCOL_MINOR_VERSION) { signatureString = manager.signXML( this.toXMLString(true, true), certAlias, null, IFSConstants.REQUEST_ID, this.getRequestID(), false); } else { if (FSUtils.debug.messageEnabled()) { FSUtils.debug.message("invalid minor version."); } } signature = XMLUtils.toDOMDocument(signatureString, FSUtils.debug) .getDocumentElement(); signed = true; xmlString = this.toXMLString(true, true); } catch(Exception e){ throw new SAMLResponderException(FSUtils.BUNDLE_NAME, "signFailed",null); } } /** * Sets the Element signature. * * @param elem the Element object * @return true if signature is set otherwise false */ public boolean setSignature(Element elem) { signatureString = XMLUtils.print(elem); return super.setSignature(elem); } }