001/** 002 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER. 003 * 004 * Copyright (c) 2006 Sun Microsystems Inc. All Rights Reserved 005 * 006 * The contents of this file are subject to the terms 007 * of the Common Development and Distribution License 008 * (the License). You may not use this file except in 009 * compliance with the License. 010 * 011 * You can obtain a copy of the License at 012 * https://opensso.dev.java.net/public/CDDLv1.0.html or 013 * opensso/legal/CDDLv1.0.txt 014 * See the License for the specific language governing 015 * permission and limitations under the License. 016 * 017 * When distributing Covered Code, include this CDDL 018 * Header Notice in each file and include the License file 019 * at opensso/legal/CDDLv1.0.txt. 020 * If applicable, add the following below the CDDL Header, 021 * with the fields enclosed by brackets [] replaced by 022 * your own identifying information: 023 * "Portions Copyrighted [year] [name of copyright owner]" 024 * 025 * $Id: FSNameRegistrationRequest.java,v 1.4 2008/06/25 05:46:44 qcheng Exp $ 026 * Portions Copyrighted 2014 ForgeRock AS 027 */ 028 029package com.sun.identity.federation.message; 030 031import com.sun.identity.federation.common.FSUtils; 032import com.sun.identity.federation.common.IFSConstants; 033import com.sun.identity.federation.message.common.FSMsgException; 034import com.sun.identity.federation.message.common.IDPProvidedNameIdentifier; 035import com.sun.identity.federation.message.common.OldProvidedNameIdentifier; 036import com.sun.identity.federation.message.common.SPProvidedNameIdentifier; 037import com.sun.identity.saml.common.SAMLConstants; 038import com.sun.identity.saml.common.SAMLUtils; 039import com.sun.identity.saml.common.SAMLException; 040import com.sun.identity.saml.common.SAMLResponderException; 041import com.sun.identity.saml.protocol.AbstractRequest; 042import com.sun.identity.saml.xmlsig.XMLSignatureManager; 043import com.sun.identity.shared.DateUtils; 044import com.sun.identity.shared.encode.Base64; 045import com.sun.identity.shared.encode.URLEncDec; 046import com.sun.identity.shared.xml.XMLUtils; 047import java.util.ArrayList; 048import java.util.Collections; 049import java.util.Date; 050import java.util.Iterator; 051import java.util.List; 052import java.text.ParseException; 053import javax.servlet.http.HttpServletRequest; 054import org.w3c.dom.Element; 055import org.w3c.dom.Node; 056import org.w3c.dom.NodeList; 057import org.w3c.dom.Document; 058 059 060/** 061 * This class contains methods to create <code>NameRegistrationRequest</code> 062 * object. 063 * 064 * @supported.all.api 065 * @deprecated since 12.0.0 066 */ 067@Deprecated 068 069public class FSNameRegistrationRequest extends AbstractRequest { 070 private String providerId; 071 private SPProvidedNameIdentifier spProvidedNameIdentifier; 072 private IDPProvidedNameIdentifier idpProvidedNameIdentifier; 073 private OldProvidedNameIdentifier oldProvidedNameIdentifier; 074 private String relayState = ""; 075 protected String xmlString; 076 protected String signatureString; 077 protected String id; 078 protected int minorVersion = 0; 079 080 /** 081 * Default Constructor. 082 */ 083 084 public FSNameRegistrationRequest() { 085 setIssueInstant(new Date()); 086 } 087 088 /** 089 * Returns the value of <code>id</code> attribute. 090 * 091 * @return the value of <code>id</code> attribute. 092 * @see #setID(String) 093 */ 094 public String getID(){ 095 return id; 096 } 097 098 /** 099 * Sets the value of <code>id</code> attribute. 100 * 101 * @param id the value of <code>id</code> attribute. 102 * @see #getID() 103 */ 104 public void setID(String id){ 105 this.id = id; 106 } 107 /** 108 * Returns the value of <code>RelayState</code> attribute. 109 * 110 * @return the value of <code>RelayState</code> attribute. 111 * @see #setRelayState(String) 112 */ 113 114 public String getRelayState(){ 115 return relayState; 116 } 117 118 /** 119 * Set the value of <code>RelayState</code> attribute. 120 * 121 * @param relayState the value of <code>RelayState</code> attribute. 122 * @see #getRelayState() 123 */ 124 public void setRelayState(String relayState) { 125 this.relayState = relayState; 126 } 127 128 129 /** 130 * Returns the signed <code>XML</code> string. 131 * 132 * @return the signed <code>XML</code> string. 133 */ 134 public String getSignatureString(){ 135 return signatureString; 136 } 137 138 139 /** 140 * Constructor creates the <code>FSNameRegistrationRequest</code> 141 * object. 142 * 143 * @param requestId the value of <code>RequestID</code> attribute. 144 * @param respondWiths the value of <code>RespondWiths</code> attribute. 145 * @param providerId the value of <code>ProviderID</code> attribute. 146 * @param spProvidedNameIdentifier the Service Provider 147 * <code>NameIdentifier</code>. 148 * @param idpProvidedNameIdentifier the Identity Provider 149 * <code>NameIdentifier</code>. 150 * @param oldProvidedNameIdentifier the Original Provider 151 * <code>NameIdentifier</code>. 152 * @param relayState the value of <code>RelayState</code> attribute. 153 * @throws FSMsgException if there is an error creating this object. 154 */ 155 public FSNameRegistrationRequest( 156 String requestId, 157 List respondWiths, 158 String providerId, 159 SPProvidedNameIdentifier spProvidedNameIdentifier, 160 IDPProvidedNameIdentifier idpProvidedNameIdentifier, 161 OldProvidedNameIdentifier oldProvidedNameIdentifier, 162 String relayState) throws FSMsgException { 163 164 int length = 0; 165 setIssueInstant(new Date()); 166 if ((respondWiths != null) && 167 (respondWiths != Collections.EMPTY_LIST)) { 168 length = respondWiths.size(); 169 for (int i = 0; i < length; i++) { 170 Object temp = respondWiths.get(i); 171 if (!(temp instanceof String)) { 172 if (FSUtils.debug.messageEnabled()) { 173 FSUtils.debug.message("NameRegistrationRequest: " 174 + "wrong input for RespondWith"); 175 } 176 throw new FSMsgException("wrongInput", null); 177 } 178 } 179 this.respondWiths = respondWiths; 180 } 181 182 if ((requestId != null) && (requestId.length() != 0)) { 183 requestID = requestId; 184 } else { 185 // random generate one 186 requestID = SAMLUtils.generateID(); 187 if (requestID == null) { 188 FSUtils.debug.error("FSNameRegistrationRequest: " 189 + "couldn't generate RequestID."); 190 throw new FSMsgException("errorGenerateID", null); 191 } 192 } 193 this.providerId=providerId; 194 this.spProvidedNameIdentifier=spProvidedNameIdentifier; 195 this.idpProvidedNameIdentifier=idpProvidedNameIdentifier; 196 this.oldProvidedNameIdentifier=oldProvidedNameIdentifier; 197 this.relayState = relayState; 198 } 199 200 /** 201 * Constructor creates <code>FSNameRegistrationRequest</code>> object 202 * from a Document Element. 203 * 204 * @param root the Document Element. 205 * @throws FSMsgException if there is an error creating 206 * this object. 207 */ 208 public FSNameRegistrationRequest(Element root) throws FSMsgException { 209 String tag = null; 210 if (root == null) { 211 FSUtils.debug.message( 212 "FSNameRegistrationRequest(Element): null input."); 213 throw new FSMsgException("nullInput",null); 214 } 215 if (((tag = root.getLocalName()) == null) || 216 (!tag.equals("RegisterNameIdentifierRequest"))) { 217 FSUtils.debug.message( 218 "FSNameRegistrationRequest(Element): wrong input"); 219 throw new FSMsgException("wrongInput",null); 220 } 221 222 // Attribute IssueInstant 223 String instantString = root.getAttribute(IFSConstants.ISSUE_INSTANT); 224 if ((instantString == null) || (instantString.length() == 0)) { 225 FSUtils.debug.error("FSNameRegistrationRequest(Element):" + 226 "missing IssueInstant"); 227 String[] args = { IFSConstants.ISSUE_INSTANT }; 228 throw new FSMsgException("missingAttribute",args); 229 } else { 230 try { 231 issueInstant = DateUtils.stringToDate(instantString); 232 } catch (ParseException e) { 233 FSUtils.debug.error( 234 "FSNameRegistrationRequest(Element): " + 235 "could not parse IssueInstant" , e); 236 throw new FSMsgException("wrongInput",null); 237 } 238 } 239 240 int length = 0; 241 id = root.getAttribute("id"); 242 requestID = root.getAttribute("RequestID"); 243 parseMajorVersion(root.getAttribute("MajorVersion")); 244 parseMinorVersion(root.getAttribute("MinorVersion")); 245 NodeList contentnl = root.getChildNodes(); 246 Node child; 247 String nodeName; 248 length = contentnl.getLength(); 249 for (int i = 0; i < length; i++) { 250 child = contentnl.item(i); 251 if ((nodeName = child.getLocalName()) != null) { 252 if (nodeName.equals("RespondWith")) { 253 if (respondWiths == Collections.EMPTY_LIST) { 254 respondWiths = new ArrayList(); 255 } 256 respondWiths.add( 257 XMLUtils.getElementValue((Element) child)); 258 } else if (nodeName.equals(IFSConstants.SIGNATURE)) { 259 } else if (nodeName.equals("ProviderID")) { 260 if (providerId != null) { 261 if (FSUtils.debug.messageEnabled()) { 262 FSUtils.debug.message( 263 "FSNameRegistrationRequest(Element): " 264 + "should contain only one ProviderID."); 265 } 266 throw new FSMsgException("wrongInput",null); 267 } 268 providerId = XMLUtils.getElementValue((Element) child); 269 } else if (nodeName.equals("SPProvidedNameIdentifier")) { 270 spProvidedNameIdentifier = 271 new SPProvidedNameIdentifier((Element) child); 272 } else if (nodeName.equals("IDPProvidedNameIdentifier")) { 273 idpProvidedNameIdentifier = 274 new IDPProvidedNameIdentifier((Element) child); 275 } else if (nodeName.equals("OldProvidedNameIdentifier")) { 276 oldProvidedNameIdentifier = 277 new OldProvidedNameIdentifier((Element) child); 278 }else if (nodeName.equals("RelayState")) { 279 relayState = XMLUtils.getElementValue((Element) child); 280 }else { 281 if (FSUtils.debug.messageEnabled()) { 282 FSUtils.debug.message( 283 "FSNameRegistrationRequest(Element): " 284 + "invalid node" + nodeName); 285 } 286 throw new FSMsgException("wrongInput",null); 287 } 288 } 289 } 290 List signs = XMLUtils.getElementsByTagNameNS1(root, 291 SAMLConstants.XMLSIG_NAMESPACE_URI, 292 SAMLConstants.XMLSIG_ELEMENT_NAME); 293 int signsSize = signs.size(); 294 if (signsSize == 1) { 295 Element elem = (Element)signs.get(0); 296 setSignature(elem); 297 xmlString = XMLUtils.print(root); 298 signed = true; 299 } else if (signsSize != 0) { 300 FSUtils.debug.error("FSNameRegistrationRequest(Element): " + 301 "included more than one Signature element."); 302 throw new FSMsgException( "moreElement",null); 303 } 304 //end check for signature 305 } 306 307 /** 308 * Returns the <code>MinorVersion</code>. 309 * 310 * @return the <code>MinorVersion</code>. 311 * @see #setMinorVersion(int) 312 */ 313 public int getMinorVersion() { 314 return minorVersion; 315 } 316 317 /** 318 * Sets the <code>MinorVersion</code>. 319 * 320 * @param version the <code>MinorVersion</code>. 321 * @see #getMinorVersion() 322 */ 323 public void setMinorVersion(int version) { 324 minorVersion = version; 325 } 326 327 public static FSNameRegistrationRequest parseXML(String xml) 328 throws FSMsgException { 329 Document doc = XMLUtils.toDOMDocument(xml, FSUtils.debug); 330 if (doc == null) { 331 FSUtils.debug.error("FSNameRegistrationRequest.parseXML:Error " + 332 "while parsing input xml string"); 333 throw new FSMsgException("parseError",null); 334 } 335 Element root = doc.getDocumentElement(); 336 return new FSNameRegistrationRequest(root); 337 } 338 339 /** 340 * Returns a String representation of the Logout Response. 341 * 342 * @return a string containing the valid XML for this element 343 * @throws FSMsgException if there is an error converting 344 * this object ot a string. 345 */ 346 public String toXMLString() throws FSMsgException { 347 return toXMLString(true, true); 348 } 349 350 /** 351 * Returns a String representation of the Logout Response. 352 * 353 * @param includeNS : Determines whether or not the namespace qualifier 354 * is prepended to the Element when converted 355 * @param declareNS : Determines whether or not the namespace is declared 356 * within the Element. 357 * @return a string containing the valid XML for this element 358 * @throws FSMsgException if there is an error converting 359 * this object ot a string. 360 */ 361 public String toXMLString(boolean includeNS, boolean declareNS) 362 throws FSMsgException { 363 return toXMLString(includeNS, declareNS, false); 364 } 365 366 /** 367 * Returns a String representation of the Logout Response. 368 * 369 * @param includeNS Determines whether or not the namespace qualifier 370 * is prepended to the Element when converted 371 * @param declareNS Determines whether or not the namespace is declared 372 * within the Element. 373 * @param includeHeader Determines whether the output include the xml 374 * declaration header. 375 * @return a string containing the valid XML for this element 376 * @throws FSMsgException if there is an error converting 377 * this object ot a string. 378 */ 379 public String toXMLString(boolean includeNS,boolean declareNS, 380 boolean includeHeader) throws FSMsgException { 381 if((providerId == null) || (providerId.length() == 0)){ 382 FSUtils.debug.error("FSNameRegistrationRequest.toXMLString: " 383 + "providerId is null in the request with requestId:" 384 + requestID); 385 String[] args = { requestID }; 386 throw new FSMsgException("nullProviderIdWRequestId",args); 387 } 388 if ((requestID == null) || (requestID.length() == 0)){ 389 requestID = SAMLUtils.generateID(); 390 if (requestID == null) { 391 FSUtils.debug.error("FSNameRegistrationRequest.toXMLString: " 392 + "couldn't generate RequestID."); 393 throw new FSMsgException("errorGenerateID",null); 394 } 395 } 396 397 StringBuffer xml = new StringBuffer(1000); 398 if (includeHeader) { 399 xml.append("<?xml version=\"1.0\" encoding=\""). 400 append(IFSConstants.DEFAULT_ENCODING).append("\" ?>\n"); 401 } 402 String prefix = ""; 403 String uri = ""; 404 String uriSAML = ""; 405 if (includeNS) { 406 prefix = IFSConstants.LIB_PREFIX; 407 } 408 if (declareNS) { 409 if (minorVersion == IFSConstants.FF_12_PROTOCOL_MINOR_VERSION) { 410 uri = IFSConstants.LIB_12_NAMESPACE_STRING; 411 } else { 412 uri = IFSConstants.LIB_NAMESPACE_STRING; 413 } 414 uriSAML = IFSConstants.assertionDeclareStr; 415 } 416 417 String instantString = DateUtils.toUTCDateFormat(issueInstant); 418 419 if(requestID != null){ 420 xml.append("<").append(prefix). 421 append("RegisterNameIdentifierRequest"). 422 append(uri).append(uriSAML); 423 if (minorVersion == IFSConstants.FF_11_PROTOCOL_MINOR_VERSION && 424 id != null && !(id.length() == 0)){ 425 xml.append(" id=\"").append(id).append("\" "); 426 } 427 xml.append(" RequestID=\"").append(requestID).append("\" "). 428 append(" MajorVersion=\"").append(majorVersion).append("\" "). 429 append(" MinorVersion=\"").append(minorVersion).append("\" "). 430 append(" IssueInstant=\"").append(instantString).append("\""). 431 append(">"); 432 if((respondWiths != null) && 433 (respondWiths != Collections.EMPTY_LIST)) { 434 Iterator i = respondWiths.iterator(); 435 while (i.hasNext()) { 436 xml.append("<").append(prefix).append("RespondWith>"). 437 append((String) i.next()).append("</").append(prefix). 438 append("RespondWith>"); 439 } 440 } 441 if (signed) { 442 if (signatureString != null) { 443 xml.append(signatureString); 444 } else if (signature != null) { 445 signatureString = XMLUtils.print(signature); 446 xml.append(signatureString); 447 } 448 } 449 450 xml.append("<").append(prefix).append("ProviderID").append(">"). 451 append(providerId). 452 append("</").append(prefix).append("ProviderID").append(">"); 453 if(idpProvidedNameIdentifier != null && 454 idpProvidedNameIdentifier.getName().length() != 0) { 455 xml.append(idpProvidedNameIdentifier.toXMLString()); 456 } 457 if(spProvidedNameIdentifier != null && 458 spProvidedNameIdentifier.getName().length() != 0) { 459 xml.append(spProvidedNameIdentifier.toXMLString()); 460 } 461 if(oldProvidedNameIdentifier != null && 462 oldProvidedNameIdentifier.getName().length() != 0) { 463 xml.append(oldProvidedNameIdentifier.toXMLString()); 464 } 465 if(relayState != null) { 466 xml.append("<").append(prefix).append("RelayState").append(">"). 467 append(relayState).append("</").append(prefix). 468 append("RelayState").append(">"); 469 } 470 xml.append("</").append(prefix). 471 append("RegisterNameIdentifierRequest>"); 472 } else { 473 FSUtils.debug.error("FSNameRegistrationRequest.toString: " + 474 "requestID is null "); 475 throw new FSMsgException("nullRequestID",null); 476 } 477 478 return xml.toString(); 479 } 480 481 /** 482 * Returns the Identity Provider's <code>NameIdentifier</code>. 483 * 484 * @return the Identity Provider's <code>NameIdentifier</code>. 485 */ 486 public IDPProvidedNameIdentifier getIDPProvidedNameIdentifier() { 487 return idpProvidedNameIdentifier; 488 } 489 490 /** 491 * Returns the original <code>NameIdentifier</code>. 492 * 493 * @return the original <code>NameIdentifier</code>. 494 */ 495 public OldProvidedNameIdentifier getOldProvidedNameIdentifier() { 496 return oldProvidedNameIdentifier; 497 } 498 499 /** 500 * Returns the value of <code>ProviderID</code> attribute. 501 * 502 * @return the value of <code>ProviderID</code> attribute. 503 * @see #setProviderId(String). 504 */ 505 public String getProviderId() { 506 return this.providerId; 507 } 508 509 /** 510 * Sets the Identity Provider's <code>NameIdentifier</code>. 511 * 512 * @param nameIdentifier the Identity Provider's 513 * <code>NameIdentifier</code>. 514 * @see #getIDPProvidedNameIdentifier 515 */ 516 public void setIDPProvidedNameIdentifier( 517 IDPProvidedNameIdentifier nameIdentifier) { 518 idpProvidedNameIdentifier=nameIdentifier; 519 } 520 521 /** 522 * Sets the original <code>NameIdentifier</code>. 523 * 524 * @param nameIdentifier the original provider's 525 * <code>NameIdentifier</code>. 526 * @see #getOldProvidedNameIdentifier 527 */ 528 529 public void setOldProvidedNameIdentifier( 530 OldProvidedNameIdentifier nameIdentifier) { 531 oldProvidedNameIdentifier=nameIdentifier; 532 } 533 /** 534 * Sets the Service Provider's <code>NameIdentifier</code>. 535 * 536 * @param nameIdentifier the Identity Provider's 537 * <code>NameIdentifier</code>. 538 * @see #getSPProvidedNameIdentifier 539 */ 540 public void setSPProvidedNameIdentifier( 541 SPProvidedNameIdentifier nameIdentifier) { 542 spProvidedNameIdentifier=nameIdentifier; 543 } 544 545 /** 546 * Sets the value of <code>ProviderID</code> attribute. 547 * 548 * @param providerId the value of <code>ProviderID</code> attribute. 549 */ 550 public void setProviderId(String providerId) { 551 this.providerId = providerId; 552 } 553 554 /** 555 * Returns the <code>NameIdentifier</code> provided by 556 * the Service Provider. 557 * 558 * @return the <code>NameIdentifier</code> provided by 559 * the Service Provider. 560 * @see #setSPProvidedNameIdentifier(SPProvidedNameIdentifier) 561 */ 562 public SPProvidedNameIdentifier getSPProvidedNameIdentifier() { 563 return spProvidedNameIdentifier; 564 } 565 566 /** 567 * Returns a Base64 Encoded String. 568 * 569 * @return a Base64 Encoded String. 570 * @throws FSMsgException if there is an error encoding the string. 571 */ 572 public String toBASE64EncodedString() throws FSMsgException { 573 if ((providerId == null) || (providerId.length() == 0)) { 574 FSUtils.debug.error( 575 "FSNameRegistrationRequest.toBASE64EncodedString: " 576 + "providerId is null in the request with requestId:" 577 + requestID); 578 String[] args = { requestID }; 579 throw new FSMsgException("nullProviderIdWRequestId",args); 580 } 581 if ((requestID == null) || (requestID.length() == 0)){ 582 requestID = SAMLUtils.generateID(); 583 if (requestID == null) { 584 FSUtils.debug.error( 585 "FSNameRegistrationRequest.toBASE64EncodedString: " 586 + "couldn't generate RequestID."); 587 throw new FSMsgException("errorGenerateID",null); 588 } 589 } 590 return Base64.encode(this.toXMLString().getBytes()); 591 } 592 593 /** 594 * Sets the <code>MajorVersion</code> by parsing the version string. 595 * 596 * @param majorVer a String representing the <code>MajorVersion</code> to 597 * be set. 598 * @throws FSMsgException on error. 599 */ 600 private void parseMajorVersion(String majorVer) throws FSMsgException { 601 try { 602 majorVersion = Integer.parseInt(majorVer); 603 } catch (NumberFormatException e) { 604 if (FSUtils.debug.messageEnabled()) { 605 FSUtils.debug.message("FSNameRegistrationRequest(Element): " 606 + "invalid MajorVersion", e); 607 } 608 throw new FSMsgException("wrongInput",null); 609 } 610 611 if (majorVersion != SAMLConstants.PROTOCOL_MAJOR_VERSION) { 612 if (majorVersion > SAMLConstants.PROTOCOL_MAJOR_VERSION) { 613 if (FSUtils.debug.messageEnabled()) { 614 FSUtils.debug.message("FSNameRegistrationRequest(Element): " 615 + "MajorVersion of the RegisterNameIdentifierRequest" 616 + "is too high."); 617 } 618 throw new FSMsgException("requestVersionTooHigh",null); 619 } else { 620 if (FSUtils.debug.messageEnabled()) { 621 FSUtils.debug.message("FSNameRegistrationRequest(Element): " 622 + "MajorVersion of the RegisterNameIdentifierRequest" 623 + "is too low."); 624 } 625 throw new FSMsgException("requestVersionTooLow",null); 626 } 627 } 628 } 629 630 /** 631 * Sets the <code>MinorVersion</code> by parsing the version string. 632 * 633 * @param minorVer a String representing the <code>MinorVersion</code> to 634 * be set. 635 * @throws SAMLException when the version mismatchs. 636 */ 637 private void parseMinorVersion(String minorVer) throws FSMsgException { 638 try { 639 minorVersion = Integer.parseInt(minorVer); 640 } catch (NumberFormatException e) { 641 if (FSUtils.debug.messageEnabled()) { 642 FSUtils.debug.message( 643 "FSNameRegis(Element): " 644 + "invalid MinorVersion", e); 645 } 646 throw new FSMsgException("wrongInput",null); 647 } 648 649 if (minorVersion > IFSConstants.FF_12_PROTOCOL_MINOR_VERSION) { 650 FSUtils.debug.error("FSNameRegisNot(Element):MinorVersion of" 651 + " the Response is too high."); 652 throw new FSMsgException("responseVersionTooHigh",null); 653 } else if (minorVersion < IFSConstants.FF_11_PROTOCOL_MINOR_VERSION) { 654 FSUtils.debug.error("FSNameRegis(Element):MinorVersion of" 655 + " the Response is too low."); 656 throw new FSMsgException("responseVersionTooLow",null); 657 } 658 } 659 660 661 public void signXML() { 662 663 } 664 /** 665 * Signs the <code>FSNameRegistrationRequest</code> object. 666 * 667 * @param certAlias the Certificate Alias. 668 * @throws SAMLException if this object cannot be signed. 669 */ 670 public void signXML(String certAlias) throws SAMLException { 671 FSUtils.debug.message("FSNameRegistrationRequest.signXML: Called"); 672 if (signed) { 673 if (FSUtils.debug.messageEnabled()) { 674 FSUtils.debug.message("FSNameRegistrationRequest.signXML: " 675 + "the assertion is already signed."); 676 } 677 throw new SAMLResponderException(FSUtils.BUNDLE_NAME, 678 "alreadySigned",null); 679 } 680 if (certAlias == null || certAlias.length() == 0) { 681 throw new SAMLResponderException(FSUtils.BUNDLE_NAME, 682 "cannotFindCertAlias",null); 683 } 684 try{ 685 XMLSignatureManager manager = XMLSignatureManager.getInstance(); 686 if (minorVersion == IFSConstants.FF_11_PROTOCOL_MINOR_VERSION) { 687 signatureString = manager.signXML( 688 this.toXMLString(true, true), 689 certAlias,null,IFSConstants.ID, 690 this.id, false); 691 } else if (minorVersion == 692 IFSConstants.FF_12_PROTOCOL_MINOR_VERSION) { 693 signatureString = manager.signXML( 694 this.toXMLString(true, true), 695 certAlias,null,IFSConstants.REQUEST_ID, 696 this.getRequestID(), false); 697 } else { 698 if (FSUtils.debug.messageEnabled()) { 699 FSUtils.debug.message("invalid minor version."); 700 } 701 } 702 703 signature = 704 XMLUtils.toDOMDocument(signatureString, FSUtils.debug) 705 .getDocumentElement(); 706 signed = true; 707 xmlString = this.toXMLString(true, true); 708 } catch(Exception e){ 709 throw new SAMLResponderException( 710 FSUtils.BUNDLE_NAME,"signFailed",null); 711 } 712 } 713 714 /** 715 * Sets the Signature. 716 * 717 * @param elem the Document Element. 718 * @return true if success otherwise false. 719 */ 720 public boolean setSignature(Element elem) { 721 signatureString = XMLUtils.print(elem); 722 return super.setSignature(elem); 723 } 724 725 /** 726 * Returns an URL Encoded String. 727 * 728 * @return a url encoded query string. 729 * @throws FSMsgException if there is an error. 730 */ 731 public String toURLEncodedQueryString() throws FSMsgException { 732 if((providerId == null) || (providerId.length() == 0)) { 733 FSUtils.debug.error("FSNameRegistrationRequest." + 734 "toURLEncodedQueryString: providerId is null in the request " + 735 "with requestId: " + requestID); 736 throw new FSMsgException("nullProviderID",null); 737 } 738 if((requestID == null) || (requestID.length() == 0)){ 739 requestID = SAMLUtils.generateID(); 740 if(requestID == null) { 741 FSUtils.debug.error("FSNameRegistrationRequest." + 742 "toURLEncodedQueryString: couldn't generate RequestID."); 743 throw new FSMsgException("errorGenerateID",null); 744 } 745 } 746 StringBuffer urlEncodedAuthnReq = new StringBuffer(300); 747 urlEncodedAuthnReq.append("RequestID="). 748 append(URLEncDec.encode(requestID)). 749 append(IFSConstants.AMPERSAND); 750 urlEncodedAuthnReq.append("MajorVersion="). 751 append(majorVersion). 752 append(IFSConstants.AMPERSAND); 753 urlEncodedAuthnReq.append("MinorVersion="). 754 append(minorVersion). 755 append(IFSConstants.AMPERSAND); 756 urlEncodedAuthnReq.append("RelayState="). 757 append(URLEncDec.encode(relayState)). 758 append(IFSConstants.AMPERSAND); 759 760 if (issueInstant != null){ 761 urlEncodedAuthnReq.append("IssueInstant=") 762 .append(URLEncDec.encode( 763 DateUtils.toUTCDateFormat(issueInstant))) 764 .append(IFSConstants.AMPERSAND); 765 } else { 766 FSUtils.debug.error("FSNameRegistrationRequest." 767 + "toURLEncodedQueryString: issueInstant missing"); 768 String[] args = { IFSConstants.ISSUE_INSTANT }; 769 throw new FSMsgException("missingAttribute",args); 770 } 771 if (providerId != null && providerId.length() > 0) { 772 urlEncodedAuthnReq.append("ProviderID="). 773 append(URLEncDec.encode(providerId)). 774 append(IFSConstants.AMPERSAND); 775 } 776 777 if(spProvidedNameIdentifier != null) { 778 if (spProvidedNameIdentifier.getName() != null && 779 spProvidedNameIdentifier.getName().length() != 0) { 780 urlEncodedAuthnReq.append("SPProvidedNameIdentifier="). 781 append(URLEncDec.encode( 782 spProvidedNameIdentifier.getName())). 783 append(IFSConstants.AMPERSAND); 784 } 785 786 if(spProvidedNameIdentifier.getNameQualifier() != null && 787 spProvidedNameIdentifier.getNameQualifier().length() != 0) { 788 urlEncodedAuthnReq.append("SPNameQualifier="). 789 append(URLEncDec.encode( 790 spProvidedNameIdentifier.getNameQualifier())). 791 append(IFSConstants.AMPERSAND); 792 } 793 if (spProvidedNameIdentifier.getFormat() != null && 794 spProvidedNameIdentifier.getFormat().length() != 0) { 795 urlEncodedAuthnReq.append("SPNameFormat="). 796 append(URLEncDec.encode( 797 spProvidedNameIdentifier.getFormat())). 798 append(IFSConstants.AMPERSAND); 799 } 800 } 801 802 if (oldProvidedNameIdentifier != null) { 803 if (oldProvidedNameIdentifier.getName() != null && 804 oldProvidedNameIdentifier.getName().length() != 0) { 805 urlEncodedAuthnReq.append("OldProvidedNameIdentifier="). 806 append(URLEncDec.encode( 807 oldProvidedNameIdentifier.getName())). 808 append(IFSConstants.AMPERSAND); 809 } 810 if (oldProvidedNameIdentifier.getNameQualifier() != null && 811 oldProvidedNameIdentifier.getNameQualifier().length() != 0) { 812 urlEncodedAuthnReq.append("OldNameQualifier="). 813 append(URLEncDec.encode( 814 oldProvidedNameIdentifier.getNameQualifier())). 815 append(IFSConstants.AMPERSAND); 816 } 817 if (oldProvidedNameIdentifier.getFormat() != null&& 818 oldProvidedNameIdentifier.getFormat().length() != 0) { 819 urlEncodedAuthnReq.append("OldNameFormat="). 820 append(URLEncDec.encode( 821 oldProvidedNameIdentifier.getFormat())). 822 append(IFSConstants.AMPERSAND); 823 } 824 } 825 826 if (idpProvidedNameIdentifier != null) { 827 if (idpProvidedNameIdentifier.getName() != null && 828 idpProvidedNameIdentifier.getName().length() != 0){ 829 urlEncodedAuthnReq.append("IDPProvidedNameIdentifier="). 830 append(URLEncDec.encode( 831 idpProvidedNameIdentifier.getName())). 832 append(IFSConstants.AMPERSAND); 833 } 834 if (idpProvidedNameIdentifier.getNameQualifier() != null && 835 idpProvidedNameIdentifier.getNameQualifier().length() != 0) { 836 urlEncodedAuthnReq.append("IDPNameQualifier="). 837 append(URLEncDec.encode( 838 idpProvidedNameIdentifier.getNameQualifier())). 839 append(IFSConstants.AMPERSAND); 840 } 841 if(idpProvidedNameIdentifier.getFormat() != null&& 842 idpProvidedNameIdentifier.getFormat().length() != 0) { 843 urlEncodedAuthnReq.append("IDPNameFormat="). 844 append(URLEncDec.encode( 845 idpProvidedNameIdentifier.getFormat())). 846 append(IFSConstants.AMPERSAND); 847 } 848 } 849 return urlEncodedAuthnReq.toString(); 850 } 851 852 /** 853 * Returns <code>FSNameRegistrationRequest</code> object. The 854 * object is creating by parsing the <code>HttpServletRequest</code> 855 * object. 856 * 857 * @param request the <code>HttpServletRequest</code> object. 858 * @throws FSMsgException if there is an error 859 * creating this object. 860 * @throws SAMLException if there is an error. 861 */ 862 public static FSNameRegistrationRequest parseURLEncodedRequest( 863 HttpServletRequest request) throws FSMsgException, SAMLException { 864 FSNameRegistrationRequest retNameRegistrationRequest = 865 new FSNameRegistrationRequest(); 866 try { 867 FSUtils.debug.message("checking minor version"); 868 retNameRegistrationRequest.majorVersion = 869 Integer.parseInt(request.getParameter("MajorVersion")); 870 retNameRegistrationRequest.minorVersion = 871 Integer.parseInt(request.getParameter("MinorVersion")); 872 } catch(NumberFormatException ex){ 873 FSUtils.debug.error("FSNameRegistrationRequest.parseURLEncoded" + 874 "Request: Invalid versions", ex); 875 throw new FSMsgException("invalidNumber",null); 876 } 877 FSUtils.debug.message("checking RequestID"); 878 if(request.getParameter("RequestID")!= null) { 879 retNameRegistrationRequest.requestID = 880 request.getParameter("RequestID"); 881 } else { 882 FSUtils.debug.error("FSNameRegistrationRequest.parseURLEncoded" + 883 "Request: RequestID not found"); 884 String[] args = { IFSConstants.REQUEST_ID }; 885 throw new FSMsgException("missingAttribute",args); 886 } 887 FSUtils.debug.message("checking instantString"); 888 String instantString = request.getParameter("IssueInstant"); 889 FSUtils.debug.message("instantString : " + instantString); 890 if(instantString == null || 891 instantString.length() == 0) { 892 FSUtils.debug.error("FSNameRegistrationRequest.parseURLEncoded" + 893 "Request: IssueInstant not found"); 894 String[] args = { IFSConstants.ISSUE_INSTANT }; 895 throw new FSMsgException("missingAttribute",args); 896 } 897 try{ 898 FSUtils.debug.message( 899 "calling : DateUtils.stringToDate.issueInstant"); 900 retNameRegistrationRequest.issueInstant = 901 DateUtils.stringToDate(instantString); 902 } catch (ParseException e){ 903 FSUtils.debug.error("FSNameRegistrationRequest.parseURLEncoded" + 904 "Request: Can not parse IssueInstant", e); 905 throw new FSMsgException("parseError",null); 906 } 907 908 if(request.getParameter("ProviderID")!= null){ 909 retNameRegistrationRequest.providerId = 910 request.getParameter("ProviderID"); 911 } else { 912 FSUtils.debug.error("FSNameRegistrationRequest.parseURLEncoded" + 913 "Request: Can not find ProviderID"); 914 throw new FSMsgException("missingElement",null); 915 } 916 FSUtils.debug.message("start identifier processing"); 917 String spNameFormat = ""; 918 String spNameQualifier = ""; 919 String spName = ""; 920 921 if(request.getParameter("SPNameFormat") != null) { 922 spNameFormat = request.getParameter("SPNameFormat"); 923 } 924 925 if(request.getParameter("SPNameQualifier") != null) { 926 spNameQualifier = request.getParameter("SPNameQualifier"); 927 } 928 929 if(request.getParameter("SPProvidedNameIdentifier") != null) { 930 spName = request.getParameter("SPProvidedNameIdentifier"); 931 } 932 if(spName != null && !(spName.length() < 1)) { 933 retNameRegistrationRequest.setSPProvidedNameIdentifier( 934 new SPProvidedNameIdentifier(spName, spNameQualifier, 935 spNameFormat)); 936 } 937 938 String idpNameFormat = null; 939 String idpNameQualifier = null; 940 String idpName = null; 941 942 if (request.getParameter("IDPNameFormat") != null) { 943 idpNameFormat = request.getParameter("IDPNameFormat"); 944 } 945 946 if (request.getParameter("IDPNameQualifier") != null) { 947 idpNameQualifier = request.getParameter("IDPNameQualifier"); 948 } 949 950 if (request.getParameter("IDPProvidedNameIdentifier") != null) { 951 idpName = request.getParameter("IDPProvidedNameIdentifier"); 952 } 953 if (idpName != null && !(idpName.length() < 1)) { 954 retNameRegistrationRequest.idpProvidedNameIdentifier = 955 new IDPProvidedNameIdentifier(idpName, idpNameQualifier, 956 idpNameFormat); 957 } 958 959 String oldNameFormat = null; 960 String oldNameQualifier = null; 961 String oldName = null; 962 963 if (request.getParameter("OldNameFormat") != null) { 964 oldNameFormat = request.getParameter("OldNameFormat"); 965 } 966 967 if (request.getParameter("OldNameQualifier") != null) { 968 oldNameQualifier = request.getParameter("OldNameQualifier"); 969 } 970 971 if (request.getParameter("OldProvidedNameIdentifier") != null) { 972 oldName = request.getParameter("OldProvidedNameIdentifier"); 973 } 974 975 if (oldName != null && !(oldName.length() < 1)) { 976 retNameRegistrationRequest.oldProvidedNameIdentifier = 977 new OldProvidedNameIdentifier(oldName, oldNameQualifier, 978 oldNameFormat); 979 } 980 981 if(request.getParameter("RelayState") != null) { 982 retNameRegistrationRequest.relayState = 983 request.getParameter("RelayState"); 984 } 985 return retNameRegistrationRequest; 986 } 987}
Copyright © 2010-2017, ForgeRock All Rights Reserved.