SAML2MetaUtils.java revision 1563dad27ad07914e8f2ab1de04925eed4e188a4
/**
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER.
*
* Copyright (c) 2006 Sun Microsystems Inc. All Rights Reserved
*
* The contents of this file are subject to the terms
* of the Common Development and Distribution License
* (the License). You may not use this file except in
* compliance with the License.
*
* You can obtain a copy of the License at
* See the License for the specific language governing
* permission and limitations under the License.
*
* When distributing Covered Code, include this CDDL
* Header Notice in each file and include the License file
* at opensso/legal/CDDLv1.0.txt.
* If applicable, add the following below the CDDL Header,
* with the fields enclosed by brackets [] replaced by
* your own identifying information:
* "Portions Copyrighted [year] [name of copyright owner]"
*
* $Id: SAML2MetaUtils.java,v 1.9 2009/09/21 17:28:12 exu Exp $
*
*/
/**
* Portions Copyrighted 2010-2013 ForgeRock Inc
*/
// import com.sun.identity.saml2.jaxb.metadataattr.ObjectFactory;
/**
* The <code>SAML2MetaUtils</code> provides metadata related util methods.
*/
public final class SAML2MetaUtils {
protected static ResourceBundle resourceBundle =
private static final String JAXB_PACKAGES =
"com.sun.identity.saml2.jaxb.xmlenc:" +
"com.sun.identity.saml2.jaxb.xmlsig:" +
"com.sun.identity.saml2.jaxb.assertion:" +
"com.sun.identity.saml2.jaxb.metadata:" +
"com.sun.identity.saml2.jaxb.metadataattr:" +
"com.sun.identity.saml2.jaxb.entityconfig:" +
"com.sun.identity.saml2.jaxb.schema";
private static final String JAXB_PACKAGE_LIST_PROP =
"com.sun.identity.liberty.ws.jaxb.packageList";
private static final String PROP_JAXB_FORMATTED_OUTPUT =
"jaxb.formatted.output";
private static final String PROP_NAMESPACE_PREFIX_MAPPER =
"com.sun.xml.bind.namespacePrefixMapper";
private static NamespacePrefixMapperImpl nsPrefixMapper =
new NamespacePrefixMapperImpl();
static {
try {
} else {
}
if (debug.messageEnabled()) {
"jaxbPackages = " + jaxbPackages);
}
} catch (JAXBException jaxbe) {
}
}
private SAML2MetaUtils() {
}
/**
* Returns <code>JAXB</code> context for the metadata service.
* @return <code>JAXB</code> context object.
*/
public static JAXBContext getMetaJAXBContext() {
return jaxbContext;
}
/**
* Converts a <code>String</code> object to a JAXB object.
* @param str a <code>String</code> object
* @return a JAXB object converted from the <code>String</code> object.
* @exception JAXBException if an error occurs while converting
* <code>String</code> object
*/
throws JAXBException {
}
/**
* Reads from the <code>InputStream</code> and converts to a JAXB object.
* @param is a <code>InputStream</code> object
* @return a JAXB object converted from the <code>InputStream</code> object.
* @exception JAXBException if an error occurs while converting
* <code>InputStream</code> object
*/
throws JAXBException {
}
/**
* Converts a <code>Node</code> object to a JAXB object.
* @param node a <code>Node</code> object
* @return a JAXB object converted from the <code>Node</code> object.
* @exception JAXBException if an error occurs while converting
* <code>Node</code> object
*/
throws JAXBException {
//no need to get SAXSource, since the node is already created by using
//a secure XML parser
}
/**
* Converts a JAXB object to a <code>String</code> object.
* @param jaxbObj a JAXB object
* @return a <code>String</code> representing the JAXB object.
* @exception JAXBException if an error occurs while converting JAXB object
*/
throws JAXBException {
}
/**
* Converts a JAXB object and writes to an <code>OutputStream</code> object.
* @param jaxbObj a JAXB object
* @param os an <code>OutputStream</code> object
* @exception JAXBException if an error occurs while converting JAXB object
*/
throws JAXBException {
}
/**
* Converts a JAXB object to a <code>String</code> object and creates a
* <code>Map</code>. The key is 'attrName' and the value is a
* <code>Set</code> contains the <code>String</code> object.
* @param attrName attribute name
* @param jaxbObj a JAXB object
* @return a <code>Map</code>. The key is 'attrName' and the value is a
* <code>Set</code> contains the <code>String</code> object
* converted from the JAXB object.
* @exception JAXBException if an error occurs while converting JAXB object
*/
throws JAXBException {
return attrs;
}
/**
* Gets attribute value pairs from <code>BaseConfigType</code> and
* put in a <code>Map</code>. The key is attribute name and the value is
* a <code>List</code> of attribute values;
* @param config the <code>BaseConfigType</code> object
* @return a attrbute value <code>Map</code>
*/
}
return attrMap;
}
/**
* Returns the realm by parsing the metaAlias. MetaAlias format is
* <pre>
* <realm>/<any string without '/'> for non-root realm or
* /<any string without '/'> for root realm.
* </pre>
* @param metaAlias The metaAlias.
* @return the realm associated with the metaAlias.
*/
return null;
}
return "/";
}
}
/**
* Returns metaAlias embedded in uri.
* @param uri The uri string.
* @return the metaAlias embedded in uri or null if not found.
*/
return null;
}
return null;
}
}
/**
* Returns first policy decision point descriptor in an entity descriptor.
*
* @param eDescriptor The entity descriptor.
* @return policy decision point descriptor or null if it is not found.
*/
public static XACMLPDPDescriptorElement getPolicyDecisionPointDescriptor(
{
if (eDescriptor != null) {
) {
if (obj instanceof XACMLPDPDescriptorElement) {
}
}
}
return descriptor;
}
/**
* Returns first policy enforcement point descriptor in an entity
* descriptor.
*
* @param eDescriptor The entity descriptor.
* @return policy enforcement point descriptor or null if it is not found.
*/
public static XACMLAuthzDecisionQueryDescriptorElement
{
if (eDescriptor != null) {
) {
if (obj instanceof XACMLAuthzDecisionQueryDescriptorElement) {
}
}
}
return descriptor;
}
/**
* Returns first service provider's SSO descriptor in an entity
* descriptor.
* @param eDescriptor The entity descriptor.
* @return <code>SPSSODescriptorElement</code> for the entity or null if
* not found.
*/
public static SPSSODescriptorElement getSPSSODescriptor(
{
if (eDescriptor == null) {
return null;
}
// TODO: may need to cache to avoid using instanceof
if (obj instanceof SPSSODescriptorElement) {
return (SPSSODescriptorElement)obj;
}
}
return null;
}
/**
* Returns first identity provider's SSO descriptor in an entity
* descriptor.
* @param eDescriptor The entity descriptor.
* @return <code>IDPSSODescriptorElement</code> for the entity or null if
* not found.
*/
public static IDPSSODescriptorElement getIDPSSODescriptor(
{
if (eDescriptor == null) {
return null;
}
if (obj instanceof IDPSSODescriptorElement) {
return (IDPSSODescriptorElement)obj;
}
}
return null;
}
/**
* Returns attribute authority descriptor in an entity descriptor.
*
* @param eDescriptor The entity descriptor.
* @return an <code>AttributeAuthorityDescriptorElement</code> object for
* the entity or null if not found.
*/
public static AttributeAuthorityDescriptorElement
{
if (eDescriptor == null) {
return null;
}
if (obj instanceof AttributeAuthorityDescriptorElement) {
return (AttributeAuthorityDescriptorElement)obj;
}
}
return null;
}
/**
* Returns attribute query descriptor in an entity descriptor.
*
* @param eDescriptor The entity descriptor.
* @return an <code>AttributeQueryDescriptorElement</code> object for
* the entity or null if not found.
*/
public static AttributeQueryDescriptorElement
{
if (eDescriptor == null) {
return null;
}
if (obj instanceof AttributeQueryDescriptorElement) {
return (AttributeQueryDescriptorElement)obj;
}
}
return null;
}
/**
* Returns authentication authority descriptor in an entity descriptor.
*
* @param eDescriptor The entity descriptor.
* @return an <code>AuthnAuthorityDescriptorElement</code> object for
* the entity or null if not found.
*/
public static AuthnAuthorityDescriptorElement
{
if (eDescriptor == null) {
return null;
}
if (obj instanceof AuthnAuthorityDescriptorElement) {
return (AuthnAuthorityDescriptorElement)obj;
}
}
return null;
}
/**
* Get the first value of set by given key searching in the given map.
* return null if <code>attrMap</code> is null or <code>key</code>
* is null.
*
* @param attrMap Map of which set is to be added.
* @param key Key of the entry to be added.
* @return the first value of a matching set by the given key.
*/
}
}
return retValue;
}
/**
* Adds a set of a given value to a map. Set will not be added if
* <code>attrMap</code> is null or <code>value</code> is null or
* <code>key</code> is null.
*
* @param attrMap Map of which set is to be added.
* @param key Key of the entry to be added.
* @param value Value to be added to the Set.
*/
}
}
/**
* Returns first service provider's SSO configuration in an entity.
* @param eConfig <code>EntityConfigElement</code> of the entity to
* be retrieved.
* @return <code>SPSSOConfigElement</code> for the entity or null if not
* found.
* @throws SAML2MetaException if unable to retrieve the first service
* provider's SSO configuration.
*/
throws SAML2MetaException {
return null;
}
if (obj instanceof SPSSOConfigElement) {
return (SPSSOConfigElement)obj;
}
}
return null;
}
/**
* Returns first identity provider's SSO configuration in an entity
* @param eConfig <code>EntityConfigElement</code> of the entity to
* be retrieved.
* @return <code>IDPSSOConfigElement</code> for the entity or null if not
* found.
* @throws SAML2MetaException if unable to retrieve the first identity
* provider's SSO configuration.
*/
public static IDPSSOConfigElement getIDPSSOConfig(
return null;
}
if (obj instanceof IDPSSOConfigElement) {
return (IDPSSOConfigElement)obj;
}
}
return null;
}
boolean sign)
throws SAML2MetaException {
try {
if (descriptor == null) {
return null;
}
if (sign) {
}
}
xmlstr);
}
return xmlstr;
} catch (JAXBException e) {
throw new SAML2MetaException(e.getMessage());
}
}
/**
*
* @param metadata A string representing an EntityDescriptorElement XML document
* @return EntityDescriptorElement an EntityDescriptorElement from the passed metadata
* @throws SAML2MetaException If there was a problem with the parsed metadata
* @throws JAXBException If there was a problem parsing the metadata
*/
throws SAML2MetaException, JAXBException {
throw new SAML2MetaException("Null document");
}
throw new SAML2MetaException("Invalid descriptor");
}
return (element instanceof EntityDescriptorElement) ?
}
/**
* For the given XML metadata document representing either a SAML2 EntityDescriptorElement or EntitiesDescriptorElement,
* return a list of entityId's for all the Entities created. Carries out a signature validation of the document as
* part of the import process.
* @param metaManager An instance of the SAML2MetaManager, used to do the actual create.
* @param realm The realm to create the Entities in
* @param doc The XML document that represents either an EntityDescriptorElement or EntitiesDescriptorElement
* @return A list of all entityId's imported or an empty list if no Entities were imported.
* @throws SAML2MetaException for any issues as a result of trying to create the Entities.
* @throws JAXBException for any issues converting the document into a JAXB document.
*/
if (element instanceof EntityDescriptorElement) {
}
} else if (element instanceof EntitiesDescriptorElement) {
}
if (debug.messageEnabled()) {
}
return result;
}
private static Object preProcessSAML2Document(Document doc) throws SAML2MetaException, JAXBException {
// Remove any Extensions elements as these are currently not supported.
return obj;
}
if (o instanceof EntityDescriptorElement) {
(EntityDescriptorElement) o);
}
}
}
}
return result;
}
if (debug.messageEnabled()) {
+ "Removing non-SAML2 role from entity "
+ descriptor.getEntityID());
}
}
}
}
return result;
}
return obj;
} else {
return convertStringToJAXB(replaced);
}
}
if (length == 0) {
return;
}
for (int i = 0; i < length; i++) {
">";
}
}
}
}
}
int index =
if (index == -1) {
return xmlstr;
}
if (index2 == -1) {
return xmlstr;
}
return xmlstr;
}
}