/**
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER.
*
* Copyright (c) 2006 Sun Microsystems Inc. All Rights Reserved
*
* The contents of this file are subject to the terms
* of the Common Development and Distribution License
* (the License). You may not use this file except in
* compliance with the License.
*
* You can obtain a copy of the License at
* See the License for the specific language governing
* permission and limitations under the License.
*
* When distributing Covered Code, include this CDDL
* Header Notice in each file and include the License file
* at opensso/legal/CDDLv1.0.txt.
* If applicable, add the following below the CDDL Header,
* with the fields enclosed by brackets [] replaced by
* your own identifying information:
* "Portions Copyrighted [year] [name of copyright owner]"
*
* $Id: AssertionImpl.java,v 1.8 2009/05/09 15:43:59 mallas Exp $
*
* Portions Copyrighted 2015 ForgeRock AS.
*/
/**
* The <code>Assertion</code> element is a package of information
* that supplies one or more <code>Statement</code> made by an issuer.
* There are three kinds of assertions: Authentication, Authorization Decision,
* and Attribute assertions.
*/
private boolean isMutable = true;
"AuthzDecisionStatement";
"AttributeStatement";
/**
* Default constructor
*/
public AssertionImpl() {
}
/**
* This constructor is used to build <code>Assertion</code> object from a
* XML string.
*
* @param xml A <code>java.lang.String</code> representing
* a <code>Assertion</code> object
* @exception SAML2Exception if it could not process the XML string
*/
} else {
"AssertionImpl.processElement(): invalid XML input");
"errorObtainingElement"));
}
}
}
/**
* This constructor is used to build <code>Assertion</code> object from a
* block of existing XML that has already been built into a DOM.
*
* @param element A <code>org.w3c.dom.Element</code> representing
* DOM tree for <code>Assertion</code> object
* @exception SAML2Exception if it could not process the Element
*/
}
}
"AssertionImpl.processElement(): invalid root element");
"invalid_element"));
}
"AssertionImpl.processElement(): local name missing");
"missing_local_name"));
}
"AssertionImpl.processElement(): invalid local name " +
elemName);
"invalid_local_name"));
}
// starts processing attributes
"AssertionImpl.processElement(): version missing");
"missing_assertion_version"));
}
"AssertionImpl.processElement(): assertion id missing");
"missing_assertion_id"));
}
"AssertionImpl.processElement(): issue instant missing");
"missing_issue_instant"));
}
try {
} catch (ParseException pe) {
"AssertionImpl.processElement(): invalid issue instant");
"invalid_date_format"));
}
// starts processing subelements
if (numOfNodes < 1) {
"AssertionImpl.processElement(): assertion has no subelements");
"missing_subelements"));
}
int nextElem = 0;
if (++nextElem >= numOfNodes) {
+ " assertion has no subelements");
"missing_subelements"));
}
}
// The first subelement should be <Issuer>
" the first element is not <Issuer>");
"missing_subelement_issuer"));
}
if (++nextElem >= numOfNodes) {
return;
}
if (++nextElem >= numOfNodes) {
return;
}
}
// The next subelement may be <ds:Signature>
if (++nextElem >= numOfNodes) {
return;
}
if (++nextElem >= numOfNodes) {
return;
}
}
} else {
}
// The next subelement may be <Subject>
if (++nextElem >= numOfNodes) {
return;
}
if (++nextElem >= numOfNodes) {
return;
}
}
} else {
}
// The next subelement may be <Conditions>
if (++nextElem >= numOfNodes) {
return;
}
if (++nextElem >= numOfNodes) {
return;
}
}
} else {
conditions = null;
}
// The next subelement may be <Advice>
nextElem++;
} else {
}
// The next subelements are all statements
while (nextElem < numOfNodes) {
} else {
} else {
"AssertionImpl.processElement(): " +
"unexpected subelement " + childName);
getString("unexpected_subelement"));
}
}
}
}
nextElem++;
}
}
/**
* Returns the version number of the assertion.
*
* @return The version number of the assertion.
*/
return version;
}
/**
* Sets the version number of the assertion.
*
* @param version the version number.
* @exception SAML2Exception if the object is immutable
*/
if (!isMutable) {
"objectImmutable"));
}
}
/**
* Returns the time when the assertion was issued
*
* @return the time of the assertion issued
*/
return issueInstant;
}
/**
* Set the time when the assertion was issued
*
* @param issueInstant the issue time of the assertion
* @exception SAML2Exception if the object is immutable
*/
if (!isMutable) {
"objectImmutable"));
}
this.issueInstant = issueInstant;
}
/**
* Returns the subject of the assertion
*
* @return the subject of the assertion
*/
return subject;
}
/**
* Sets the subject of the assertion
*
* @param subject the subject of the assertion
* @exception SAML2Exception if the object is immutable
*/
if (!isMutable) {
"objectImmutable"));
}
}
/**
* Returns the advice of the assertion
*
* @return the advice of the assertion
*/
return advice;
}
/**
* Sets the advice of the assertion
*
* @param advice the advice of the assertion
* @exception SAML2Exception if the object is immutable
*/
if (!isMutable) {
"objectImmutable"));
}
}
/**
* Returns the signature of the assertion
*
* @return the signature of the assertion
*/
return signature;
}
/**
* Returns the conditions of the assertion
*
* @return the conditions of the assertion
*/
return conditions;
}
/**
* Sets the conditions of the assertion
*
* @param conditions the conditions of the assertion
* @exception SAML2Exception if the object is immutable
*/
if (!isMutable) {
"objectImmutable"));
}
this.conditions = conditions;
}
/**
* Returns the id of the assertion
*
* @return the id of the assertion
*/
return id;
}
/**
* Sets the id of the assertion
*
* @param id the id of the assertion
* @exception SAML2Exception if the object is immutable
*/
if (!isMutable) {
"objectImmutable"));
}
}
/**
* Returns the statements of the assertion
*
* @return the statements of the assertion
*/
return statements;
}
/**
* Returns the Authn statements of the assertion
*
* @return the Authn statements of the assertion
*/
return authnStatements;
}
/**
* Returns the <code>AuthzDecisionStatements</code> of the assertion
*
* @return the <code>AuthzDecisionStatements</code> of the assertion
*/
return authzDecisionStatements;
}
/**
* Returns the attribute statements of the assertion
*
* @return the attribute statements of the assertion
*/
return attributeStatements;
}
/**
* Sets the statements of the assertion
*
* @param statements the statements of the assertion
* @exception SAML2Exception if the object is immutable
*/
if (!isMutable) {
"objectImmutable"));
}
this.statements = statements;
}
/**
* Sets the <code>AuthnStatements</code> of the assertion
*
* @param statements the <code>AuthnStatements</code> of the assertion
* @exception SAML2Exception if the object is immutable
*/
if (!isMutable) {
"objectImmutable"));
}
}
/**
* Sets the <code>AuthzDecisionStatements</code> of the assertion
*
* @param statements the <code>AuthzDecisionStatements</code> of
* the assertion
* @exception SAML2Exception if the object is immutable
*/
throws SAML2Exception {
if (!isMutable) {
"objectImmutable"));
}
}
/**
* Sets the attribute statements of the assertion
*
* @param statements the attribute statements of the assertion
* @exception SAML2Exception if the object is immutable
*/
if (!isMutable) {
"objectImmutable"));
}
}
/**
* Returns the issuer of the assertion
*
* @return the issuer of the assertion
*/
return issuer;
}
/**
* Sets the issuer of the assertion
*
* @param issuer the issuer of the assertion
* @exception SAML2Exception if the object is immutable
*/
if (!isMutable) {
"objectImmutable"));
}
}
/**
* Return whether the assertion is signed
*
* @return true if the assertion is signed; false otherwise.
*/
public boolean isSigned() {
}
throws SAML2Exception {
if (isSignatureValid == null) {
if (signedXMLString == null) {
signedXMLString = toXMLString(true, true);
}
}
return isSignatureValid.booleanValue();
}
/**
* Sign the Assertion.
*
* @param privateKey Signing key
* @param cert Certificate which contain the public key correlated to
* the signing key; It if is not null, then the signature
* will include the certificate; Otherwise, the signature
* will not include any certificate
* @exception SAML2Exception if it could not sign the assertion.
*/
public void sign(
) throws SAML2Exception {
toXMLString(true, true),
getID(),
);
getDocumentElement(), "UTF-8");
}
/**
* Returns an <code>EncryptedAssertion</code> object.
*
* @param recipientPublicKey Public key used to encrypt the data encryption
* (secret) key, it is the public key of the
* recipient of the XML document to be encrypted.
* @param dataEncAlgorithm Data encryption algorithm.
* @param dataEncStrength Data encryption strength.
* @param recipientEntityID Unique identifier of the recipient, it is used
* as the index to the cached secret key so that
* the key can be reused for the same recipient;
* It can be null in which case the secret key will
* be generated every time and will not be cached
* and reused. Note that the generation of a secret
* key is a relatively expensive operation.
* @return <code>EncryptedAssertion</code> object
* @throws SAML2Exception if error occurs during the encryption process.
*/
int dataEncStrength,
) throws SAML2Exception {
toXMLString(true, true),
"EncryptedAssertion"
);
return AssertionFactory.getInstance().
}
/**
* Gets the validity of the assertion evaluating its conditions if
* specified.
*
* @return false if conditions is invalid based on it lying between
* <code>NotBefore</code> (current time inclusive) and
* <code>NotOnOrAfter</code> (current time exclusive) values
* and true otherwise or if no conditions specified.
*/
public boolean isTimeValid() {
if (conditions == null) {
return true;
}
else {
}
}
/**
* Returns a String representation
* @param includeNSPrefix Determines whether or not the namespace
* qualifier is prepended to the Element when converted
* @param declareNS Determines whether or not the namespace is declared
* within the Element.
* @return A String representation
* @exception SAML2Exception if something is wrong during conversion
*/
throws SAML2Exception {
return signedXMLString;
}
if (declareNS) {
}
if (includeNSPrefix) {
}
"AssertionImpl.toXMLString(): version missing");
"missing_assertion_version"));
}
"AssertionImpl.toXMLString(): assertion id missing");
"missing_assertion_id"));
}
if (issueInstant == null) {
"AssertionImpl.toXMLString(): issue instant missing");
"missing_issue_instant"));
}
"AssertionImpl.toXMLString(): issuer missing");
"missing_subelement_issuer"));
}
}
}
if (conditions != null) {
}
}
int length = 0;
if (statements != null) {
for (int i = 0; i < length; i++) {
}
}
if (authnStatements != null) {
for (int i = 0; i < length; i++) {
}
}
if (authzDecisionStatements != null) {
for (int i = 0; i < length; i++) {
}
}
if (attributeStatements != null) {
for (int i = 0; i < length; i++) {
}
}
append(">\n");
//return SAML2Utils.removeNewLineChars(sb.toString());
}
/**
* Returns a String representation
*
* @return A String representation
* @exception SAML2Exception if something is wrong during conversion
*/
return this.toXMLString(true, false);
}
/**
* Makes the object immutable
*/
public void makeImmutable() {
if (isMutable) {
if (authnStatements != null) {
for (int i = 0; i < length; i++) {
}
}
if (authzDecisionStatements != null) {
for (int i = 0; i < length; i++) {
}
}
if (attributeStatements != null) {
for (int i = 0; i < length; i++) {
}
}
if (statements != null) {
}
if (conditions != null) {
}
}
}
}
isMutable = false;
}
}
/**
* Returns true if the object is mutable
*
* @return true if the object is mutable
*/
public boolean isMutable() {
return isMutable;
}
}