federation/services/FSDefaultRealmAttributeMapper.java

a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster/**
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster *
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Copyright (c) 2007 Sun Microsystems Inc. All Rights Reserved
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster *
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * The contents of this file are subject to the terms
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * of the Common Development and Distribution License
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * (the License). You may not use this file except in
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * compliance with the License.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster *
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * You can obtain a copy of the License at
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * https://opensso.dev.java.net/public/CDDLv1.0.html or
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * opensso/legal/CDDLv1.0.txt
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * See the License for the specific language governing
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * permission and limitations under the License.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster *
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * When distributing Covered Code, include this CDDL
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Header Notice in each file and include the License file
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * at opensso/legal/CDDLv1.0.txt.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * If applicable, add the following below the CDDL Header,
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * with the fields enclosed by brackets [] replaced by
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * your own identifying information:
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * "Portions Copyrighted [year] [name of copyright owner]"
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster *
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * $Id: FSDefaultRealmAttributeMapper.java,v 1.2 2008/06/25 05:46:53 qcheng Exp $
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster *
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster */
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Fosterpackage com.sun.identity.federation.services;
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Fosterimport com.sun.identity.federation.common.FSUtils;
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Fosterimport com.sun.identity.federation.common.IFSConstants;
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Fosterimport com.sun.identity.federation.jaxb.entityconfig.SPDescriptorConfigElement;
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Fosterimport com.sun.identity.federation.meta.IDFFMetaException;
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Fosterimport com.sun.identity.federation.meta.IDFFMetaManager;
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Fosterimport com.sun.identity.federation.meta.IDFFMetaUtils;
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Fosterimport com.sun.identity.federation.services.util.FSServiceUtils;
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Fosterimport com.sun.identity.saml.assertion.Attribute;
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Fosterimport com.sun.identity.saml.assertion.AttributeStatement;
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Fosterimport com.sun.identity.saml.common.SAMLException;
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Fosterimport com.sun.identity.shared.xml.XMLUtils;
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Fosterimport java.util.HashMap;
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Fosterimport java.util.Iterator;
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Fosterimport java.util.List;
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Fosterimport java.util.Map;
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Fosterimport org.w3c.dom.Element;
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster/**
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * This class <code>FSDefaultRealmAttributeMapper</code> is the default
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * implementation of the <code>FSRealmAttributeMapper</code> used at the service
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * provider(SP) and configurable through provider's local configuration.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * The default implementation reads the assertion attributes and
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * map to the configured attribute map that is defined in Provider's
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * local configuration. The attributes will be populated to the
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * session of the user for the consumption of any
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * dependent applications. If the configuration is not defined, then the
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * attributes in the assertion themselves will be populated.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster */
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Fosterpublic class FSDefaultRealmAttributeMapper implements FSRealmAttributeMapper {
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster    /**
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster     * Returns the attribute map for the given list of
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster     * <code>AttributeStatement</code>s.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster     * @param statements list of <code>AttributeStatements</code>s.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster     * @param realm The realm under which the entity resides.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster     * @param hostEntityId Hosted provider entity id.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster     * @param remoteEntityId Remote provider entity id.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster     * @param token Single sign-on session token.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster     * @return map of attribute values. The  map will have the key as the
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster     *             attribute name and the map value is the attribute value
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster     *             that are passed via the single sign-on assertion.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster     */
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster    public Map getAttributes(
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster        List statements,
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster        String realm,
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster        String hostEntityId,
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster        String remoteEntityId,
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster        Object token)
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster    {
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster        Map map = new HashMap();
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster        if (statements == null || statements.size() == 0) {
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster            return map;
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster        }
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster        Map configMap = null;
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster        try {
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster            IDFFMetaManager metaManager = FSUtils.getIDFFMetaManager();
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster            if (metaManager != null) {
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster                SPDescriptorConfigElement spConfig =
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster                    metaManager.getSPDescriptorConfig(realm, hostEntityId);
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster                if (spConfig != null) {
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster                    Map attributes = IDFFMetaUtils.getAttributes(spConfig);
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster                    configMap = FSServiceUtils.parseAttributeConfig((List)
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster                        attributes.get(IFSConstants.SP_ATTRIBUTE_MAP));
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster                }
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster            }
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster        } catch (IDFFMetaException fme) {
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster            FSUtils.debug.error("FSDefaultAttributeMapper.getAttributes:" +
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster                " Unable to read configuration map.", fme);
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster            return map;
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster        }
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster        if (FSUtils.debug.messageEnabled()) {
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster            FSUtils.debug.message(
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster                "FSDefaultAttributeMapper.getAttributeMap: Configured map " +
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster                configMap);
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster        }
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster        for (Iterator iter = statements.iterator(); iter.hasNext();) {
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster            AttributeStatement statement = (AttributeStatement)iter.next();
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster            List attributes = statement.getAttribute();
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster            if (attributes == null || attributes.size() == 0) {
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster                continue;
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster            }
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster            Iterator iter1 = attributes.iterator();
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster            while (iter1.hasNext()) {
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster                Attribute attribute = (Attribute)iter1.next();
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster                List values = null;
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster                try {
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster                    values = attribute.getAttributeValue();
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster                } catch (SAMLException ex) {
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster                    if (FSUtils.debug.messageEnabled()) {
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster                        FSUtils.debug.message("FSDefaultAttributeMapper.get" +
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster                            "Attributes: Exception", ex);
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster                    }
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster                    continue;
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster                }
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster                if (values == null || values.size() == 0) {
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster                    continue;
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster                }
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster                String attributeName = attribute.getAttributeName();
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster                if (configMap != null && !configMap.isEmpty()) {
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster                    String realAttrName = (String)configMap.get(attributeName);
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster                    if (realAttrName != null && realAttrName.length() > 0) {
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster                        attributeName = realAttrName;
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster                    }
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster                }
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster                //Retrieve the first only one.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster                String valueString = XMLUtils.getElementValue(
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster                        (Element)values.get(0));
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster                if (valueString != null && valueString.length() > 0) {
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster                    map.put(attributeName, valueString);
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster                }
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster            }
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster        }
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster        return map;
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster    }
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster}