Request.java revision ccf9d4a5c6453fa9f8b839baeee25147865fbb7d
/*
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER.
*
* Copyright (c) 2006 Sun Microsystems Inc. All Rights Reserved
*
* The contents of this file are subject to the terms
* of the Common Development and Distribution License
* (the License). You may not use this file except in
* compliance with the License.
*
* You can obtain a copy of the License at
* See the License for the specific language governing
* permission and limitations under the License.
*
* When distributing Covered Code, include this CDDL
* Header Notice in each file and include the License file
* at opensso/legal/CDDLv1.0.txt.
* If applicable, add the following below the CDDL Header,
* with the fields enclosed by brackets [] replaced by
* your own identifying information:
* "Portions Copyrighted [year] [name of copyright owner]"
*
* $Id: Request.java,v 1.2 2008/06/25 05:47:37 qcheng Exp $
*
* Portions Copyrighted 2016 ForgeRock AS.
*/
/**
* This <code>Request</code> class represents a Request XML document.
* It extends from the abstract base class <code>AbstractRequest</code>.
*
* @supported.all.api
*/
public class Request extends AbstractRequest {
/*
* data members
*/
protected int contentType = NOT_SUPPORTED;
// Request ID attribute name
/**
* The request is not supported.
*/
public final static int NOT_SUPPORTED = -1;
/**
* The request is an Authentication Query.
*/
public final static int AUTHENTICATION_QUERY = 0;
/**
* The request is an Authorization Decision Query.
*/
public final static int AUTHORIZATION_DECISION_QUERY = 1;
/**
* The request is an Assertion ID Reference.
*/
public final static int ASSERTION_ID_REFERENCE = 2;
/**
* The request is an Assertion Artifact.
*/
public final static int ASSERTION_ARTIFACT = 3;
/**
* The request is an Attribute Query.
*/
public final static int ATTRIBUTE_QUERY = 4;
/*
* Constructors
*/
protected Request() {}
/**
* Method to sign the Request.
* @exception SAMLException if could not sign the Request.
*/
public void signXML() throws SAMLException {
if (signed) {
+ "already signed.");
}
throw new SAMLException(
}
"com.sun.identity.saml.xmlsig.certalias");
+ "this site's cert Alias.");
}
throw new SAMLResponderException(
}
// this block is used for later return of signature element by
// getSignature() method
} else {
// sign with SAML 1.1 spec & include cert in KeyInfo
}
signed = true;
}
/**
* This constructor shall only be used at the client side to construct a
* Request object.
* NOTE: The content here is just the body for the Request. The
* constructor will add <code>MajorVersion</code>,
* <code>MinorVersion</code>, etc. to form a complete Request.
* @param respondWiths A List of Strings representing
* <code>RespondWith</code> elements. It could be null when there is
* no <code><RespondWith></code>. Each string could be prefixed
* by <code>saml:</code>. If it is not prefixed, or prefixed by a
* prefix other than <code>saml:</code>, <code>saml:</code> will be
* used instead.
* @param requestId If it's null, the constructor will create one.
* @param contents A List of objects that are the contents of Request that
* the client wants to send to the server. It could be an
* <code>AuthenticationQuery</code>,
* <code>AuthorizationDecisionQuery</code>,
* <code>AttributeQuery</code>, 1 or more
* <code>AssertionIDReference</code>, or 1 or more of
* <code>AssertionArtifact</code>.
* @exception SAMLException if an error occurs.
*/
if ((respondWiths != null) &&
+ "RespondWith");
}
throw new SAMLRequesterException(
}
if ((this.respondWiths == null) ||
this.respondWiths = new ArrayList();
}
}
}
} else {
// random generate one
throw new SAMLRequesterException(
}
}
issueInstant = newDate();
}
throws SAMLException
{
throw new SAMLRequesterException(
}
} else {
throw new SAMLRequesterException(
}
throw new SAMLRequesterException(
}
}
}
/**
* Checks the contents of the Request and set the class members accordingly.
*
* Used by this class only.
* @param contents A List that contains the contents of the request.
* it could be a query, 1 or more <code>AssertionIDReference</code>,
* or 1 or more <code>AssertionArtifact</code>.
* @exception SAMLException when an error occurs during the process.
*/
// check contents and set the contentType appropriately
int length = 0;
int i = 0;
throw new SAMLRequesterException(
}
for (i = 0; i < length; i++) {
if (temp instanceof AuthenticationQuery) {
// make sure this is the first one on the list
if ((contentType != NOT_SUPPORTED) ||
// and make sure there is no other elements on the list
(i != (length - 1))) {
+ " one AuthenticationQuery.");
}
throw new SAMLRequesterException(
}
} else if (temp instanceof AuthorizationDecisionQuery) {
// make sure this is the first one on the list
if ((contentType != NOT_SUPPORTED) ||
// and make sure there is no other elements on the list
(i != (length - 1))) {
+ " one AuthorizationDecisionQuery.");
}
throw new SAMLRequesterException(
}
} else if (temp instanceof AttributeQuery) {
// make sure this is the first one on the list
if ((contentType != NOT_SUPPORTED) ||
// and make sure there is no other elements on the list
(i != (length - 1))) {
+ " one AttributeQuery.");
}
throw new SAMLRequesterException(
}
} else if (temp instanceof AssertionIDReference) {
// if this is not the first element on the list , and if the
// the previously assigned elements are not AssertionIDReference
if ((contentType != NOT_SUPPORTED) &&
(contentType != ASSERTION_ID_REFERENCE)) {
+ " one or more AssertionIDReference.");
}
throw new SAMLRequesterException(
}
assertionIDRefs = new ArrayList();
}
} else if (temp instanceof AssertionArtifact) {
// if this is not the first element on the list, and if the
// previously assigned elements are not AssertionArtifact:
if ((contentType != NOT_SUPPORTED) &&
(contentType != ASSERTION_ARTIFACT)) {
+ " one or more AssertionArtifact.");
}
throw new SAMLRequesterException(
}
}
} else { // everything else
throw new SAMLRequesterException(
}
}
}
/**
* This constructor shall only be used at the client side to construct a
* Request object.
* NOTE: The content here is just the body for the Request. The
* constructor will add <code>MajorVersion</code>,
* <code>MinorVersion</code>, etc. to form a complete Request.
*
* @param requestId If it's null, the constructor will create one.
* @param query A Query to be included in the Request.
* @throws SAMLException if an error occurs.
*/
} else {
// random generate one
throw new SAMLRequesterException(
}
}
throw new SAMLRequesterException(
}
if (query instanceof AuthenticationQuery) {
} else if (query instanceof AuthorizationDecisionQuery) {
} else if (query instanceof AttributeQuery) {
} else {
+ " supported.");
}
throw new SAMLResponderException(
}
issueInstant = newDate();
}
/**
* This constructor shall only be used at the client side to construct a
* Request object.
* NOTE: The content here is just the body for the Request. The
* constructor will add <code>MajorVersion</code>,
* <code>MinorVersion</code>, etc. to form a complete Request.
*
* @param requestId If it's null, the constructor will create one.
* @param contents A List of objects that are the contents of Request that
* the client wants to send to the server. It could be an
* <code>AuthenticationQuery</code>,
* <code>AuthorizationDecisionQuery</code>,
* <code>AttributeQuery</code>, 1 or more
* <code>AssertionIDReference</code>, or 1 or more of
* <code>AssertionArtifact</code>.
* @throws SAMLException if an error occurs.
*/
} else {
// random generate one
throw new SAMLRequesterException(
}
}
issueInstant = newDate();
}
/**
* This method shall only be used at the server side to reconstruct
* a Request object based on the XML document received from client.
* The schema of this XML document is described above.
*
* @param xml The Request XML String.
* NOTE: this is a complete SAML request XML string with
* <code>RequestID</code>, <code>MajorVersion</code>, etc.
* @return Request object
* @exception SAMLException if an error occurs.
*/
// parse the xml string
}
/**
* Constructor.
*
* @param root <code>Request</code> element
* @throws SAMLException
*/
// Make sure this is a Request
throw new SAMLRequesterException(
}
throw new SAMLRequesterException(
}
if (signsSize == 1) {
if (!valid) {
+ " Request's signature.");
}
}
signed = true;
} else if (signsSize != 0) {
+ " one Signature element.");
}
throw new SAMLRequesterException(
}
// Attribute RequestID
+ "have a RequestID.");
}
throw new SAMLRequesterException(
}
// Attribute MajorVersion
// Attribute MinorVersion
// Attribute IssueInstant
throw new SAMLRequesterException(
} else {
try {
} catch (ParseException e) {
"Request(Element): could not parse IssueInstant", e);
"wrongInput"));
}
}
// get the contents of the request
+ "RespondWith value.");
}
throw new SAMLRequesterException(
}
respondWiths = new ArrayList();
}
// make sure the content is not assigned already
if (contentType != NOT_SUPPORTED) {
+ "contain only one AuthenticationQuery.");
}
throw new SAMLRequesterException(
}
// make sure content is not assigned already
if (contentType != NOT_SUPPORTED) {
+ "contain only one "
+ "AuthorizationDecisionQuery.");
}
throw new SAMLRequesterException(
}
// make sure content is not assigned already
if (contentType != NOT_SUPPORTED) {
+ "contain only one AttributeQuery.");
}
throw new SAMLRequesterException(
}
// make sure the content has no other elements assigned
if ((contentType != NOT_SUPPORTED) &&
(contentType != ASSERTION_ID_REFERENCE)) {
+ "contained mixed contents.");
}
throw new SAMLRequesterException(
}
assertionIDRefs = new ArrayList();
}
// make sure the content has no other elements assigned
if ((contentType != NOT_SUPPORTED) &&
(contentType != ASSERTION_ARTIFACT)) {
+ "contained mixed contents.");
}
throw new SAMLRequesterException(
}
}
} else {
+ " node" + nodeName);
}
throw new SAMLRequesterException(
} // check nodeName
} // if nodeName != null
} // done for the nodelist loop
if (contentType == NOT_SUPPORTED) {
throw new SAMLRequesterException(
}
}
/**
* Parse the input and set the majorVersion accordingly.
* @param majorVer a String representing the MajorVersion to be set.
* @exception SAMLException when the version mismatchs.
*/
throws SAMLException {
try {
} catch (NumberFormatException e) {
+ "MajorVersion", e);
}
throw new SAMLRequesterException(
}
+ "the Request is too high.");
}
} else {
+ "the Request is too low.");
}
}
}
}
/**
* Parse the input and set the minorVersion accordingly.
* @param minorVer a String representing the MinorVersion to be set.
* @exception SAMLException when the version mismatchs.
*/
throws SAMLException {
try {
} catch (NumberFormatException e) {
+ "MinorVersion", e);
}
throw new SAMLRequesterException(
}
+ " of the Request is too high.");
}
+ " of the Request is too low.");
}
}
}
/**
* This method parses the Query or SubjectQuery represented by a DOM tree
* Node. It then checks and sets data members if it is a supported query,
* such as AuthenticationQuery, AttributeQeury, or
* <code>AuthorizationDecisionQuery</code>.
* @param child A DOM Node to be parsed.
* @exception SAMLException if it's not a supported query.
*/
boolean found = false;
for (int j = 0; j < len; j++) {
if (contentType != NOT_SUPPORTED) {
+ " contain only one AuthenticationQuery.");
}
throw new SAMLRequesterException(
}
"AuthorizationDecisionQueryType")) {
if (contentType != NOT_SUPPORTED) {
+ "contain one AuthorizationDecisionQuery.");
}
throw new SAMLRequesterException(SAMLUtils.
}
if (contentType != NOT_SUPPORTED) {
+ "contain one AttributeQuery.");
}
throw new SAMLRequesterException(SAMLUtils.
}
} else {
}
throw new SAMLResponderException(
} // check typevalue
found = true;
break;
} // if found type attribute
} // end attribute for loop
// if not found type
if (!found) {
}
throw new SAMLRequesterException(
}
}
/**
* Gets the query of the Request.
*
* @return the query included in the request; or null if the
* <code>contentType</code> of the request is not
* <code>AUTHENTICATION_QUERY</code>,
* <code>AUTHORIZATION_DECISION_QUERY</code>, or
* <code>ATTRIBUTE_QUERY</code>.
*/
return query;
}
/**
* Gets the <code>AssertionIDReference</code>(s) of the Request.
* @return a List of <code>AssertionIDReference</code>s included in the
* request; or <code>Collections.EMPTY_LIST</code> if the
* <code>contentType</code> of the request is not
* <code>ASSERTION_ID_REFERENCE</code>.
*/
public List getAssertionIDReference() {
return assertionIDRefs;
}
/**
* Gets the <code>AssertionArtifact</code>(s) of the Request.
* @return a List of <code>AssertionArtifact</code>s included in the
* request; or <code>Collections.EMPTY_LIST</code> if the
* <code>contentType</code> of the request is not
* <code>ASSERTION_ARTIFACT</code>.
*/
public List getAssertionArtifact() {
return artifacts;
}
/**
* Returns the type of content this Request has.
*
* @return The type of the content. The possible values are defined in
* Request.
*/
public int getContentType() {
return contentType;
}
/**
* Set the signature for the Response.
*
* @param elem <code>ds:Signature</code> element
* @return true if the operation succeeds.
*/
return super.setSignature(elem);
}
/**
* This method translates the request to an XML document String based on
* the Request schema described above.
* NOTE: this is a complete SAML request XML string with
* <code>RequestID</code>, <code>MajorVersion</code>, etc.
*
* @return An XML String representing the request.
*/
return toString(true, true);
}
/**
* Returns a String representation of the
* <code><samlp:Request></code> element.
*
* @param includeNS Determines whether or not the namespace qualifier
* is prepended to the Element when converted
* @param declareNS Determines whether or not the namespace is declared
* within the Element.
* @return A string containing the valid XML for this element
*/
}
/**
* Returns a String representation of the
* <code><samlp:Request></code> element.
*
* @param includeNS Determines whether or not the namespace qualifier
* is prepended to the Element when converted
* @param declareNS Determines whether or not the namespace is declared
* within the Element.
* @param includeHeader Determines whether the output include the XML
* declaration header.
* @return A string containing the valid XML for this element
*/
boolean declareNS,
boolean includeHeader)
{
return xmlString;
}
if (includeHeader) {
}
if (includeNS) {
}
if (declareNS) {
}
append(">\n");
while (i.hasNext()) {
} else {
try {
} catch (SAMLException e) {
}
}
}
}
if (signed) {
if (signatureString != null) {
}
}
Iterator j;
switch (contentType) {
case AUTHENTICATION_QUERY:
break;
false));
break;
case ATTRIBUTE_QUERY:
break;
case ASSERTION_ID_REFERENCE:
j = assertionIDRefs.iterator();
while (j.hasNext()) {
toString(true, true));
}
break;
case ASSERTION_ARTIFACT:
while (j.hasNext()) {
}
break;
default:
break;
}
}
}