a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Copyright (c) 2006 Sun Microsystems Inc. All Rights Reserved
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * The contents of this file are subject to the terms
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * of the Common Development and Distribution License
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * (the License). You may not use this file except in
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * compliance with the License.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * You can obtain a copy of the License at
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * https://opensso.dev.java.net/public/CDDLv1.0.html or
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * See the License for the specific language governing
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * permission and limitations under the License.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * When distributing Covered Code, include this CDDL
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Header Notice in each file and include the License file
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * If applicable, add the following below the CDDL Header,
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * with the fields enclosed by brackets [] replaced by
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * your own identifying information:
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * "Portions Copyrighted [year] [name of copyright owner]"
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * $Id: Conditions.java,v 1.4 2008/06/25 05:47:32 qcheng Exp $
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Fosterimport com.sun.identity.saml.common.SAMLUtilsCommon;
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Fosterimport com.sun.identity.saml.common.SAMLConstants;
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Fosterimport com.sun.identity.saml.common.SAMLException;
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Fosterimport com.sun.identity.saml.common.SAMLRequesterException;
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster *This <code>Conditions</code> is a set of <code>Condition</code>.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster *The validity of an <code>Assertion</code> MAY be subject to a set of
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster *<code>Conditions</code>. Each <code>Condition</code> evaluates to a value
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster *that is Valid, Invalid or Indeterminate.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster *@supported.all.api
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster A Set containing all the AudienceRestrictionCondition elements for this
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster <code>Conditions</code> object
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster private Set _arcs= Collections.synchronizedSet(new HashSet());
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster protected DoNotCacheCondition doNotCache = null;
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Default Constructor
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Constructs an instance of <code>Conditions</code>.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param notBefore specifies the earliest time instant at which the
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * assertion is valid.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param notOnOrAfter specifies the time instant at which the assertion
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * has expired.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @exception SAMLException if the <code>notBefore</code> instant is after
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * <code>notOnOrAfter</code> instant.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster public Conditions(java.util.Date notBefore, java.util.Date notOnOrAfter)
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster SAMLUtilsCommon.debug.message("Conditions: invalid "
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster + " notBefore or notOnOrAfter");
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster SAMLUtilsCommon.bundle.getString("wrongInput")) ;
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Constructs an instance of <code>Conditions</code>.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param notBefore specifies the earliest time instant at which the
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * assertion is valid.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param notOnOrAfter specifies the time instant at which the assertion
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * has expired.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param condition <code>Condition</code> object
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param arc the <code><AudienceRestrictionCondition></code> to be
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * added.Can be null, if no audience restriction.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @exception SAMLException if there is a problem in input data and it
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * cannot be processed correctly.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster public Conditions(java.util.Date notBefore, java.util.Date notOnOrAfter,
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster Condition condition, AudienceRestrictionCondition arc)
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster if ((notBefore != null) && (notOnOrAfter != null)) {
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster SAMLUtilsCommon.debug.message("Conditions: invalid data");
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster SAMLUtilsCommon.bundle.getString("wrongInput")) ;
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Constructs an instance of <code>Conditions</code>.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param notBefore specifies the earliest time instant at which the
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * assertion is valid.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param notOnOrAfter specifies the time instant at which the assertion
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * has expired.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param condition <code>Condition</code> object
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param arc the <code><AudienceRestrictionCondition></code> to be
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * added. Can be null, if no audience restriction.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param doNotCacheCnd <code>DoNotCacheCondition</code> object
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @exception SAMLException if there is a problem in input data and it
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * cannot be processed correctly.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster public Conditions(java.util.Date notBefore, java.util.Date notOnOrAfter,
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster Condition condition, AudienceRestrictionCondition arc,
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Constructs a <code>Conditions</code> element from an existing XML block.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param conditionsElement A <code>org.w3c.dom.Element</code> representing
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * DOM tree for <code>Conditions</code> object
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @exception SAMLException if it could not process the Element properly,
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * implying that there is an error in the sender or in the
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * element definition.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster public Conditions(org.w3c.dom.Element conditionsElement)
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster SAMLUtilsCommon.debug.message("Conditions: local name missing");
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster throw new SAMLRequesterException(SAMLUtilsCommon.bundle.getString
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster ("nullInput")) ;
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster "Conditions: invalid root element");
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster "Conditions: could not parse "
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster + "NotBefore or NotOnOrAfter ");
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster SAMLUtilsCommon.debug.message("Conditions: could not " +
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster "parse NotBefore or NotOnOrAfter ");
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster SAMLUtilsCommon.bundle.getString("wrongInput")+
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster NodeList nl = conditionsElement.getChildNodes();
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster if (child.getNodeType() != Node.ELEMENT_NODE) {
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster if (childName.equals("AudienceRestrictionCondition")) {
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster _arcs.add(createAudienceRestrictionCondition((Element)child));
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster } else if (childName.equals("DoNotCacheCondition")) {
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster doNotCache = createDoNotCacheCondition((Element)child);
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster // may be extension type defined by xsi:type
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster String type = ((Element)child).getAttribute("xsi:type");
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster if (type.equals("AudienceRestrictionCondition")) {
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster } else if (type.equals("DoNotCacheCondition")) {
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster doNotCache = createDoNotCacheCondition((Element)child);
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster SAMLUtilsCommon.debug.message("Conditions: unsupported "
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster + "condition, cannot determine extension ");
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster "unsupportedCondition"));
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Returns the earliest time at which the assertion is valid held in this
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * <code>Conditions</code> object.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @return A Date containing the <code>NotBefore</code> time held within
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * this <code>Conditions</code> element.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Returns the time instant held within this <code>Conditions</code> object
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * at which the <code>Assertion</code> has expired.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @return time instant (at which assertion has expired) held within this
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * <code>Conditions</code> element.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Adds an audience restriction condition within this
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * <code>Conditions</code> Element.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param arc a <code>AudienceRestrictionCondition</code> to be added to
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * this <code>Conditions</code>.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @return true if the operation succeeds.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster public boolean addAudienceRestrictionCondition(
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster return true;
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster return false;
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Returns true if a specific Date falls within the validity interval of
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * this set of conditions.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param someTime Any time in milliseconds.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @return true if <code>someDate</code> is within the valid interval of the
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * <code>Conditions</code>.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster public boolean checkDateValidity(long someTime) {
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster return true;
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster return true;
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster return true;
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster } else if ((someTime >= _notBefore.getTime()) &&
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster return true;
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster return false;
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Returns a set of the <code>AudienceRestrictionCondition</code> elements
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * held within this <code>Conditions</code> element.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @return A set of the audience restriction conditions. Each element
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * contained within is an object of
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * <code>AudienceRestrictionCondition</code> type.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster public java.util.Set getAudienceRestrictionCondition() {
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Removes an audience restriction condition
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * <code>AudienceRestrictionCondition</code>from this
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * <code>Conditions</code> object wherein the specified audience has been
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param audience A string representing audience.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @return true if the operation succeeds.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster public boolean removeAudienceRestrictionCondition(String audience) {
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster return false;
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Sets <code>DoNotCacheCondition</code> elements held within this
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * <code>Conditions</code> element.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param doNotCacheCnd an <code>DoNotCacheCondition</code> object.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster public void setDoNotCacheCondition(DoNotCacheCondition doNotCacheCnd) {
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Returns <code>DoNotCacheCondition</code> elements held within this
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * <code>Conditions</code> element
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @return an <code>DoNotCacheCondition</code> object if Conditions contains
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * any <code>DoNotCacheCondition</code>, otherwise return null.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster public DoNotCacheCondition getDoNotCacheCondition() {
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Returns a String representation of the element.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @return A string containing the valid XML for this element
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * By default name space name is prepended to the element name
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * example <code><saml:Conditions></code>.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster // call toString() with includeNS true by default and declareNS false
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Returns a String representation of the <code><Conditions></code>
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param includeNS Determines whether or not the namespace qualifier is
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * prepended to the Element when converted
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param declareNS Determines whether or not the namespace is declared
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * within the Element.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @return A string containing the valid XML for this element.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster public java.lang.String toString(boolean includeNS, boolean declareNS) {
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster xml.append("<").append(appendNS).append("Conditions").append(" ").
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster .append(DateUtils.toUTCDateFormat(_notOnOrAfter))
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster xml.append(((AudienceRestrictionCondition)it.next()).
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster // false above as we dont want to have nested multiple
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster // declarations of namespace
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster xml.append(doNotCache.toString(includeNS, false));
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster String o = SAMLUtilsCommon.makeEndElementTagXML("Conditions",includeNS);
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster createAudienceRestrictionCondition(Element audienceRestrictionElement)
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster return new AudienceRestrictionCondition(audienceRestrictionElement);
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster createDoNotCacheCondition(Element doNotCacheConditionElement)