identity/workflow/ImportSAML2MetaData.java

4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster/**
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER.
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster *
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster * Copyright (c) 2008 Sun Microsystems Inc. All Rights Reserved
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster *
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster * The contents of this file are subject to the terms
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster * of the Common Development and Distribution License
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster * (the License). You may not use this file except in
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster * compliance with the License.
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster *
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster * You can obtain a copy of the License at
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster * https://opensso.dev.java.net/public/CDDLv1.0.html or
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster * opensso/legal/CDDLv1.0.txt
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster * See the License for the specific language governing
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster * permission and limitations under the License.
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster *
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster * When distributing Covered Code, include this CDDL
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster * Header Notice in each file and include the License file
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster * at opensso/legal/CDDLv1.0.txt.
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster * If applicable, add the following below the CDDL Header,
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster * with the fields enclosed by brackets [] replaced by
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster * your own identifying information:
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster * "Portions Copyrighted [year] [name of copyright owner]"
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster *
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster * $Id: ImportSAML2MetaData.java,v 1.5 2008/07/08 01:12:01 exu Exp $
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster *
1a09ec0264aacab68f85b04c150957647557a35dPeter Major * Portions Copyrighted 2011-2014 ForgeRock AS.
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster */
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Fosterpackage com.sun.identity.workflow;
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Fosterimport com.sun.identity.saml2.meta.SAML2MetaException;
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Fosterimport com.sun.identity.saml2.meta.SAML2MetaManager;
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Fosterimport com.sun.identity.saml2.meta.SAML2MetaUtils;
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Fosterimport com.sun.identity.saml2.jaxb.entityconfig.BaseConfigType;
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Fosterimport com.sun.identity.saml2.jaxb.entityconfig.EntityConfigElement;
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Fosterimport com.sun.identity.shared.debug.Debug;
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Fosterimport com.sun.identity.shared.xml.XMLUtils;
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Fosterimport java.util.List;
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Fosterimport javax.xml.bind.JAXBException;
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Fosterimport org.w3c.dom.Document;
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster/**
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster * Import SAML2 Metadata.
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster */
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Fosterpublic class ImportSAML2MetaData {
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster
1a09ec0264aacab68f85b04c150957647557a35dPeter Major    private static final Debug DEBUG = Debug.getInstance("workflow");
1a09ec0264aacab68f85b04c150957647557a35dPeter Major
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster    private ImportSAML2MetaData() {
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster    }
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster    /**
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster     * Imports meta and extended metadata.
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster     *
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster     * @param realm Realm of the entity.
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster     * @param metadata Meta data.
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster     * @param extended extended data.
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster     * @return realm and entity ID.
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster     */
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster    public static String[] importData(
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster        String realm,
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster        String metadata,
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster        String extended
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster    ) throws  WorkflowException {
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster        String entityID = null;
c067200d753b3e9fba1a4a217a35b6c5aaaebbfaMark de Reeper
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster        try {
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster            SAML2MetaManager metaManager = new SAML2MetaManager();
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster            EntityConfigElement configElt = null;
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster            if (extended != null) {
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster                Object obj = SAML2MetaUtils.convertStringToJAXB(extended);
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster                configElt = (obj instanceof EntityConfigElement) ?
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster                    (EntityConfigElement)obj : null;
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster                if (configElt != null && configElt.isHosted()) {
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster                    List config =
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster                    configElt.getIDPSSOConfigOrSPSSOConfigOrAuthnAuthorityConfig();
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster                    if (!config.isEmpty()) {
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster                        BaseConfigType bConfig = (BaseConfigType)
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster                            config.iterator().next();
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster                        realm = SAML2MetaUtils.getRealmByMetaAlias(
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster                            bConfig.getMetaAlias());
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster                    }
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster                }
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster            }
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster
c067200d753b3e9fba1a4a217a35b6c5aaaebbfaMark de Reeper            // Load the metadata if it has been provided
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster            if (metadata != null) {
c067200d753b3e9fba1a4a217a35b6c5aaaebbfaMark de Reeper                entityID = importSAML2MetaData(metaManager, realm, metadata);
c067200d753b3e9fba1a4a217a35b6c5aaaebbfaMark de Reeper            }
c067200d753b3e9fba1a4a217a35b6c5aaaebbfaMark de Reeper            // Load the extended metadata if it has been provided
c067200d753b3e9fba1a4a217a35b6c5aaaebbfaMark de Reeper            if (configElt != null) {
c067200d753b3e9fba1a4a217a35b6c5aaaebbfaMark de Reeper                metaManager.createEntityConfig(realm, configElt);
c067200d753b3e9fba1a4a217a35b6c5aaaebbfaMark de Reeper            }
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster        } catch (SAML2MetaException e) {
1a09ec0264aacab68f85b04c150957647557a35dPeter Major            DEBUG.error("An error occurred while importing the SAML metadata", e);
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster            throw new WorkflowException(e.getMessage());
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster        } catch (JAXBException e) {
1a09ec0264aacab68f85b04c150957647557a35dPeter Major            DEBUG.error("An error occurred while importing the SAML metadata", e);
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster            throw new WorkflowException(e.getMessage());
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster        }
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster        String[] results = {realm, entityID};
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster        return results;
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster    }
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster
c067200d753b3e9fba1a4a217a35b6c5aaaebbfaMark de Reeper   private static String importSAML2MetaData(SAML2MetaManager metaManager, String realm,
c067200d753b3e9fba1a4a217a35b6c5aaaebbfaMark de Reeper           String metadata)
c067200d753b3e9fba1a4a217a35b6c5aaaebbfaMark de Reeper            throws SAML2MetaException, JAXBException, WorkflowException {
c067200d753b3e9fba1a4a217a35b6c5aaaebbfaMark de Reeper
c067200d753b3e9fba1a4a217a35b6c5aaaebbfaMark de Reeper       String result = null;
c067200d753b3e9fba1a4a217a35b6c5aaaebbfaMark de Reeper
1a09ec0264aacab68f85b04c150957647557a35dPeter Major       Document doc = XMLUtils.toDOMDocument(metadata, DEBUG);
c067200d753b3e9fba1a4a217a35b6c5aaaebbfaMark de Reeper       if (doc == null) {
c067200d753b3e9fba1a4a217a35b6c5aaaebbfaMark de Reeper           throw new WorkflowException(
c067200d753b3e9fba1a4a217a35b6c5aaaebbfaMark de Reeper                   "import-entity-exception-invalid-descriptor", null);
c067200d753b3e9fba1a4a217a35b6c5aaaebbfaMark de Reeper       } else {
c067200d753b3e9fba1a4a217a35b6c5aaaebbfaMark de Reeper           List<String> entityIds = SAML2MetaUtils.importSAML2Document(metaManager, realm, doc);
c067200d753b3e9fba1a4a217a35b6c5aaaebbfaMark de Reeper           if (entityIds.isEmpty()) {
c067200d753b3e9fba1a4a217a35b6c5aaaebbfaMark de Reeper               throw new WorkflowException(
c067200d753b3e9fba1a4a217a35b6c5aaaebbfaMark de Reeper                       "import-entity-exception-invalid-descriptor", null);
c067200d753b3e9fba1a4a217a35b6c5aaaebbfaMark de Reeper           } else {
c067200d753b3e9fba1a4a217a35b6c5aaaebbfaMark de Reeper               result = entityIds.iterator().next();
c067200d753b3e9fba1a4a217a35b6c5aaaebbfaMark de Reeper           }
c067200d753b3e9fba1a4a217a35b6c5aaaebbfaMark de Reeper       }
c067200d753b3e9fba1a4a217a35b6c5aaaebbfaMark de Reeper
c067200d753b3e9fba1a4a217a35b6c5aaaebbfaMark de Reeper       return result;
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster    }
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster}
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster