a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Copyright (c) 2006 Sun Microsystems Inc. All Rights Reserved
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * The contents of this file are subject to the terms
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * of the Common Development and Distribution License
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * (the License). You may not use this file except in
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * compliance with the License.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * You can obtain a copy of the License at
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * https://opensso.dev.java.net/public/CDDLv1.0.html or
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * See the License for the specific language governing
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * permission and limitations under the License.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * When distributing Covered Code, include this CDDL
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Header Notice in each file and include the License file
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * If applicable, add the following below the CDDL Header,
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * with the fields enclosed by brackets [] replaced by
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * your own identifying information:
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * "Portions Copyrighted [year] [name of copyright owner]"
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * $Id: FSRequest.java,v 1.3 2008/06/25 05:46:45 qcheng Exp $
f948ca04a28ccfeed9633bf4b0fb0d2c59c37478David Luna * Portions Copyrighted 2014 ForgeRock AS
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Portions Copyrighted 2012 ForgeRock AS
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Fosterimport com.sun.identity.saml.common.SAMLConstants;
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Fosterimport com.sun.identity.saml.common.SAMLException;
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Fosterimport com.sun.identity.saml.common.SAMLResponderException;
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Fosterimport com.sun.identity.saml.common.SAMLRequesterException;
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Fosterimport com.sun.identity.saml.common.SAMLRequestVersionTooHighException;
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Fosterimport com.sun.identity.saml.common.SAMLRequestVersionTooLowException;
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Fosterimport com.sun.identity.saml.xmlsig.XMLSignatureManager;
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Fosterimport com.sun.identity.saml.protocol.AssertionArtifact;
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Fosterimport com.sun.identity.saml.protocol.AttributeQuery;
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Fosterimport com.sun.identity.saml.protocol.AuthenticationQuery;
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Fosterimport com.sun.identity.saml.protocol.AuthorizationDecisionQuery;
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Fosterimport com.sun.identity.saml.assertion.AssertionIDReference;
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Fosterimport com.sun.identity.federation.common.FSUtils;
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Fosterimport com.sun.identity.federation.common.IFSConstants;
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * This class represents a Liberty <code>Request</code>.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * It extends from the abstract base class <code>AbstractRequest</code>.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @supported.all.api
f948ca04a28ccfeed9633bf4b0fb0d2c59c37478David Luna * @deprecated since 12.0.0
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * data members
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Returns the value of <code>id</code> attribute.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @return the value of <code>id</code> attribute.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @see #setID(String)
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Sets the value of <code>id</code> attribute.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param id the value of <code>id</code> attribute.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @see #getID()
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Default Constructor.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Constructor creates <code>Request</code> object. This
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * shall only be used at the client side to construct a
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * <code>Request</code> object.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * NOTE: The content here is just the body for the Request. The
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * constructor will add <code>MajorVersion</code>,
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * <code>MinorVersion</code>, etc. to form a complete Request.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param requestId the request identifier, if this
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * value is null then one will be generated.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param query <code>AuthenticationQuery</code> to be included in
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * the Request.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @throws <code>SAMLException</code> on error.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster public FSRequest(String requestId, Query query) throws SAMLException {
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Constructor creates <code>Request</code> object. This
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * shall only be used at the client side to construct a
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * <code>Request</code> object.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * NOTE: The content here is just the body for the Request. The
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * constructor will add <code>MajorVersion</code>,
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * <code>MinorVersion</code>, etc. to form a complete Request.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param requestId the request identifier, if this
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * value is null then one will be generated.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param contents a <code>List</code> of objects that are the contents
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * of Request that the client wants to send to the server.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * It could be an :
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * <code>AuthenticationQuery</code>,
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * <code>AuthorizationDecisionQuery</code>,
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * <code>AttributeQuery</code>, 1 or more
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * <code>AssertionIDReference</code>, or 1 or more of
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * <code>AssertionArtifact</code>.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @throws <code>SAMLException</code> throws errors on exception.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster public FSRequest(String requestId, List contents) throws SAMLException {
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Returns the <code>MinorVersion</code>.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @return the <code>MinorVersion</code>.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @see #setMinorVersion(int)
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Sets the <code>MinorVersion</code>.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param version the <code>MinorVersion</code>.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @see #getMinorVersion()
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Parses the <code>XML</code> Document String to construct a
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * <code>Request</code> object. This method shall only be used at the server
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * side to reconstruct a Request object based on the XML document
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * received from client.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param xml the <code>XML</code> Document string.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @return the <code>Request</code> object.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @throws <code>SAMLException</code> on error.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster public static Request parseXML(String xml) throws SAMLException {
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster // parse the xml string
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster Document doc = XMLUtils.toDOMDocument(xml, FSUtils.debug);
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Constructor creates a <code>FSRequest</code> object from
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * a <code>XML</code> Document Element.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param root the <code>XML</code> Document Element.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @throws <code>SAMLException</code> on error.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster public FSRequest(Element root) throws SAMLException {
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster // Make sure this is a Request
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster FSUtils.debug.message("Request(Element): null input.");
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster throw new SAMLRequesterException(FSUtils.BUNDLE_NAME,
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster FSUtils.debug.message("Request(Element): wrong input");
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster throw new SAMLRequesterException(FSUtils.BUNDLE_NAME,
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster List signs = XMLUtils.getElementsByTagNameNS1(root,
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster XMLSignatureManager manager = XMLSignatureManager.getInstance();
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster FSUtils.debug.message("Request(Element): couldn't verify"
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster + " Request's signature.");
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster FSUtils.debug.message("Request(Element): included more than"
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster + " one Signature element.");
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster throw new SAMLRequesterException(FSUtils.BUNDLE_NAME,
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster // Attribute RequestID
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster if ((requestID == null) || (requestID.length() == 0)) {
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster FSUtils.debug.message("Request(Element): Request doesn't "
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster + "have a RequestID.");
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster throw new SAMLRequesterException(FSUtils.BUNDLE_NAME,
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster // Attribute MajorVersion
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster parseMajorVersion(root.getAttribute("MajorVersion"));
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster // Attribute MinorVersion
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster parseMinorVersion(root.getAttribute("MinorVersion"));
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster // Attribute IssueInstant
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster String instantString = root.getAttribute("IssueInstant");
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster if ((instantString == null) || (instantString.length() == 0)) {
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster FSUtils.debug.message("Request(Element): missing IssueInstant");
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster String[] args = { IFSConstants.ISSUE_INSTANT };
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster throw new SAMLRequesterException(FSUtils.BUNDLE_NAME,
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster issueInstant = DateUtils.stringToDate(instantString);
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster "Request(Element): could not parse IssueInstant", e);
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster throw new SAMLRequesterException(FSUtils.BUNDLE_NAME,
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster // get the contents of the request
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster for (int i = 0, length = contentnl.getLength(); i < length; i++) {
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster if ((nodeName = child.getLocalName()) != null) {
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster respondWith = XMLUtils.getElementValue((Element) child);
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster FSUtils.debug.message("Request(Element): wrong "
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster + "RespondWith value.");
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster throw new SAMLRequesterException(FSUtils.BUNDLE_NAME,
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster } else if (nodeName.equals("AuthenticationQuery")) {
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster // make sure the content is not assigned already
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster FSUtils.debug.message("Request(Element): should"
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster + "contain only one AuthenticationQuery.");
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster throw new SAMLRequesterException(FSUtils.BUNDLE_NAME,
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster query = new AuthenticationQuery((Element) child);
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster } else if (nodeName.equals("AuthorizationDecisionQuery")) {
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster // make sure content is not assigned already
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster FSUtils.debug.message("Request(Element): should"
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster + "contain only one "
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster + "AuthorizationDecisionQuery.");
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster throw new SAMLRequesterException(FSUtils.BUNDLE_NAME,
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster query = new AuthorizationDecisionQuery((Element) child);
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster } else if (nodeName.equals("AttributeQuery")) {
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster // make sure content is not assigned already
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster FSUtils.debug.message("Request(Element): should"
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster + "contain only one AttributeQuery.");
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster throw new SAMLRequesterException(FSUtils.BUNDLE_NAME,
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster } else if (nodeName.equals("AssertionIDReference")) {
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster // make sure the content has no other elements assigned
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster + "contained mixed contents.");
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster throw new SAMLRequesterException(FSUtils.BUNDLE_NAME,
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster if (assertionIDRefs == Collections.EMPTY_LIST) {
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster } else if (nodeName.equals("AssertionArtifact")) {
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster // make sure the content has no other elements assigned
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster + "contained mixed contents.");
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster throw new SAMLRequesterException(FSUtils.BUNDLE_NAME,
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster FSUtils.debug.message("Request(Element): invalid"
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster throw new SAMLRequesterException(FSUtils.BUNDLE_NAME,
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster } // check nodeName
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster } // if nodeName != null
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster } // done for the nodelist loop
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster FSUtils.debug.message("Request: empty content.");
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster throw new SAMLRequesterException(FSUtils.BUNDLE_NAME,
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster /* Returns the value of <code>RespondWith</code> attribute.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @return value of the <code>RespondWith</code> attribute.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @throws <code>SAMLException</code> on error.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster private String checkAndGetRespondWith(String respondWith)
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster if ((respondWith == null) || (respondWith.length() == 0)) {
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster FSUtils.debug.message("Request: empty RespondWith Value.");
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster throw new SAMLRequesterException(FSUtils.BUNDLE_NAME,
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster return (SAMLConstants.ASSERTION_PREFIX + respondWith);
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster StringTokenizer st = new StringTokenizer(respondWith, ":");
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster FSUtils.debug.message("Request: wrong RespondWith value.");
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster throw new SAMLRequesterException(FSUtils.BUNDLE_NAME,
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster FSUtils.debug.message("Request: wrong RespondWith value.");
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster throw new SAMLRequesterException(FSUtils.BUNDLE_NAME,
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster return (SAMLConstants.ASSERTION_PREFIX + temp);
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Sets the <code>MajorVersion</code> by parsing the version string.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param majorVer a String representing the <code>MajorVersion</code> to
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @throws <code>FSMsgException</code> on error.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster private void parseMajorVersion(String majorVer) throws SAMLException {
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster FSUtils.debug.message("Request(Element): invalid "
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster + "MajorVersion", e);
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster throw new SAMLRequesterException(FSUtils.BUNDLE_NAME,
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster if (majorVersion != SAMLConstants.PROTOCOL_MAJOR_VERSION) {
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster if (majorVersion > SAMLConstants.PROTOCOL_MAJOR_VERSION) {
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster FSUtils.debug.message("Request(Element):MajorVersion of "
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster + "the Request is too high.");
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster FSUtils.BUNDLE_NAME,"requestVersionTooHigh",null);
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster FSUtils.debug.message("Request(Element):MajorVersion of "
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster + "the Request is too low.");
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster throw new SAMLRequestVersionTooLowException(FSUtils.BUNDLE_NAME,
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Sets the <code>MinorVersion</code> by parsing the version string.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param minorVer a String representing the <code>MinorVersion</code> to
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @throws <code>SAMLException</code> when the version mismatchs.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster private void parseMinorVersion(String minorVer) throws SAMLException {
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster FSUtils.debug.message("Request(Element): invalid "
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster + "MinorVersion", e);
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster throw new SAMLRequesterException(FSUtils.BUNDLE_NAME,
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster if(minorVersion > IFSConstants.FF_12_SAML_PROTOCOL_MINOR_VERSION) {
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster FSUtils.debug.error("Request(Element): MinorVersion"
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster + " of the Request is too high.");
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster throw new SAMLRequestVersionTooHighException(FSUtils.BUNDLE_NAME,
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster IFSConstants.FF_11_SAML_PROTOCOL_MINOR_VERSION) {
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster FSUtils.debug.error("Request(Element): MinorVersion"
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster + " of the Request is too low.");
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster throw new SAMLRequestVersionTooLowException(FSUtils.BUNDLE_NAME,
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Parses the Query or <code>SubjectQuery</code> represented by
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * a DOM tree Node. It then checks and sets data members if it is a
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * supported query, such as <code>AuthenticationQuery</code>,
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * <code>AttributeQeury</code>, or <code>AuthorizationDecisionQuery</code>.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param child a <code>DOM</code> Node.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @throws <code>SAMLException</code> if the <code>Query</code> is invalid.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster private void parseQuery(Node child) throws SAMLException {
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster boolean found = false;
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster if ((attrName != null) && (attrName.equals("type"))) {
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster if (attrValue.equals("AuthenticationQueryType")) {
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster FSUtils.debug.message("Request(Element): should"
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster + " contain only one AuthenticationQuery.");
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster throw new SAMLRequesterException(FSUtils.BUNDLE_NAME,
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster query = new AuthenticationQuery((Element) child);
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster "AuthorizationDecisionQueryType")) {
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster FSUtils.debug.message("Request(Element): should "
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster + "contain one "
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster + "AuthorizationDecisionQuery.");
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster throw new SAMLRequesterException(FSUtils.BUNDLE_NAME,
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster query = new AuthorizationDecisionQuery((Element) child);
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster } else if (attrValue.equals("AttributeQueryType")) {
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster FSUtils.debug.message("Request(Element): should "
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster + "contain one AttributeQuery.");
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster throw new SAMLRequesterException(FSUtils.BUNDLE_NAME,
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster FSUtils.debug.message("Request(Element): This type of"
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster throw new SAMLResponderException(FSUtils.BUNDLE_NAME,
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster } // check typevalue
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster } // if found type attribute
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster } // end attribute for loop
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster // if not found type
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster FSUtils.debug.message("Request(Element): missing"
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster + " xsi:type definition in " + child.getLocalName());
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster throw new SAMLRequesterException(FSUtils.BUNDLE_NAME,
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Creates a String representation of the <code><samlp:Request></code>
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @return a <code>XML</code> String representing the request.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster return toXMLString(true, true);
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Creates a String representation of the <code><samlp:Request></code>
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param includeNS Determines whether or not the names pace qualifier
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * is prepended to the Element when converted
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param declareNS Determines whether or not the name space is declared
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * within the Element.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @return a string containing the valid XML for this object.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster public String toXMLString(boolean includeNS, boolean declareNS) {
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster return toXMLString(includeNS, declareNS, false);
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Creates a String representation of the <code><samlp:Request></code>
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param includeNS Determines whether or not the name space qualifier
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * is prepended to the Element when converted
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param declareNS Determines whether or not the name space is declared
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * within the Element.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param includeHeader Determines whether the output include the XML
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * declaration header.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @return a string containing the valid XML for this object.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster public String toXMLString(boolean includeNS,boolean declareNS,
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster xml.append("<?xml version=\"1.0\" encoding=\"").
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster append(SAMLConstants.DEFAULT_ENCODING).append("\" ?>\n");
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster if(minorVersion == IFSConstants.FF_12_SAML_PROTOCOL_MINOR_VERSION){
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster String instantString = DateUtils.toUTCDateFormat(issueInstant);
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster xml.append("<").append(prefix).append("Request").append(uri).
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster //append(" xmlns=\"http://www.w3.org/2000/xmlns/\"").append(uri).
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster append(" ").append(liburi).append(" ").append(uriXSI);
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster if(minorVersion == IFSConstants.FF_11_SAML_PROTOCOL_MINOR_VERSION) {
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster xml.append(" RequestID=\"").append(requestID).append("\"").
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster append(" MajorVersion=\"").append(majorVersion).append("\"").
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster append(" MinorVersion=\"").append(minorVersion).append("\"").
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster append(" IssueInstant=\"").append(instantString).append("\"");
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster if(minorVersion == IFSConstants.FF_11_SAML_PROTOCOL_MINOR_VERSION) {
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster xml.append(" xsi:type").append("=\"").append(libprefix).
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster if((respondWiths != null) && (respondWiths != Collections.EMPTY_LIST)){
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster while (i.hasNext()) {
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster xml.append("<").append(prefix).append("RespondWith>");
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster if (respondWith.startsWith(SAMLConstants.ASSERTION_PREFIX)) {
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster xml.append(checkAndGetRespondWith(respondWith));
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster xml.append("</").append(prefix).append("RespondWith>");
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster xml.append(((AttributeQuery)query).toString(includeNS, false));
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster while (j.hasNext()) {
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster toString(true, true));
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster while (j.hasNext()) {
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster xml.append("</").append(prefix).append("Request>");