001/** 002 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER. 003 * 004 * Copyright (c) 2006 Sun Microsystems Inc. All Rights Reserved 005 * 006 * The contents of this file are subject to the terms 007 * of the Common Development and Distribution License 008 * (the License). You may not use this file except in 009 * compliance with the License. 010 * 011 * You can obtain a copy of the License at 012 * https://opensso.dev.java.net/public/CDDLv1.0.html or 013 * opensso/legal/CDDLv1.0.txt 014 * See the License for the specific language governing 015 * permission and limitations under the License. 016 * 017 * When distributing Covered Code, include this CDDL 018 * Header Notice in each file and include the License file 019 * at opensso/legal/CDDLv1.0.txt. 020 * If applicable, add the following below the CDDL Header, 021 * with the fields enclosed by brackets [] replaced by 022 * your own identifying information: 023 * "Portions Copyrighted [year] [name of copyright owner]" 024 * 025 * $Id: FSAuthenticationStatement.java,v 1.2 2008/06/25 05:46:43 qcheng Exp $ 026 * Portions Copyrighted 2014 ForgeRock AS 027 */ 028 029package com.sun.identity.federation.message; 030 031import com.sun.identity.federation.common.IFSConstants; 032import com.sun.identity.federation.common.FSUtils; 033import com.sun.identity.federation.message.common.AuthnContext; 034import com.sun.identity.federation.message.common.FSMsgException; 035import com.sun.identity.saml.assertion.AuthenticationStatement; 036import com.sun.identity.saml.assertion.AuthorityBinding; 037import com.sun.identity.saml.assertion.Subject; 038import com.sun.identity.saml.assertion.SubjectLocality; 039import com.sun.identity.saml.common.SAMLConstants; 040import com.sun.identity.saml.common.SAMLException; 041import com.sun.identity.shared.DateUtils; 042import java.text.ParseException; 043import java.util.ArrayList; 044import java.util.Date; 045import java.util.Iterator; 046import java.util.List; 047import org.w3c.dom.Attr; 048import org.w3c.dom.Element; 049import org.w3c.dom.NamedNodeMap; 050import org.w3c.dom.Node; 051import org.w3c.dom.NodeList; 052 053/** 054 * The <code>FSAuthenticationStatement</code> element represents an 055 * authentication statement by the issuer that it's subject was authenticated 056 * by a particular means at a particular time. 057 * 058 * @supported.all.api 059 * @deprecated since 12.0.0 060 */ 061@Deprecated 062 063public class FSAuthenticationStatement extends AuthenticationStatement { 064 065 protected Date reauthenticateOnOrAfter; 066 protected String sessionIndex = null; 067 protected AuthnContext _authnContext; 068 protected int minorVersion = IFSConstants.FF_11_PROTOCOL_MINOR_VERSION; 069 070 /** 071 * Default Constructor. 072 */ 073 public FSAuthenticationStatement(){ 074 } 075 076 /** 077 * Constructor to create <code>FSAuthenticationStatement</code> object. 078 * 079 * @param authMethod the Authentication method in the statement. 080 * @param authInstant the authentication date in the statement. 081 * @param subject the Subject in the statement. 082 * @param authnContext the Authentication Context. 083 * @throws FSMsgException if there is error 084 * creating the object. 085 * @throws SAMLException if the version is incorrect. 086 */ 087 public FSAuthenticationStatement( 088 String authMethod, 089 Date authInstant, 090 Subject subject, 091 AuthnContext authnContext 092 ) throws FSMsgException, SAMLException { 093 super(authMethod, authInstant, subject); 094 if (authnContext == null) { 095 if (FSUtils.debug.messageEnabled()) { 096 FSUtils.debug.message("FSAuthenticationStatement: missing" + 097 "AuthnContext"); 098 } 099 } else { 100 this._authnContext = authnContext; 101 } 102 } 103 104 /** 105 * Constructor for create <code>FSAuthenticationStatement</code> object. 106 * 107 * @param authMethod the Authentication method in the statement. 108 * @param authInstant the authentication date in the statement. 109 * @param subject the <code>Subject</code> in the statement. 110 * @param subjectLocality the <code>SubjectLocality</code> in the statement. 111 * @param authorityBinding a List of <code>AuthorityBinding</code> objects. 112 * @param authnContext the Authentication Context. 113 * @throws FSMsgException if there is an error 114 * creating the object. 115 * @throws SAMLException on error. 116 */ 117 public FSAuthenticationStatement( 118 String authMethod, 119 Date authInstant, 120 Subject subject, 121 SubjectLocality subjectLocality, 122 List authorityBinding, 123 AuthnContext authnContext 124 ) throws FSMsgException, SAMLException { 125 super(authMethod, 126 authInstant, 127 subject, 128 subjectLocality, 129 authorityBinding); 130 131 // check if the AuthnContext is null 132 if (authnContext == null) { 133 if (FSUtils.debug.messageEnabled()) { 134 FSUtils.debug.message("FSAuthenticationStatement: missing" + 135 "AuthnContext."); 136 } 137 } else { 138 this._authnContext = authnContext; 139 } 140 } 141 142 /** 143 * Constructs an <code>FSAuthenticationStatement</code> object from a 144 * Document Element. 145 * 146 * @param element the Document Element object. 147 * @throws FSMsgException if document element is null 148 * or required attributes cannot be retrieved from the element. 149 * @throws SAMLException on error. 150 */ 151 public FSAuthenticationStatement(Element element) 152 throws FSMsgException, SAMLException { 153 FSUtils.debug.message("FSAuthenticationStatement(Element): Called"); 154 if (element == null) { 155 FSUtils.debug.message("FSAuthenticationStatement: null input."); 156 throw new FSMsgException("nullInput",null); 157 } 158 int i = 0; 159 //handle the attributes of AuthenticationStatement 160 NamedNodeMap atts = ((Node)element).getAttributes(); 161 int attCount = atts.getLength(); 162 for (i = 0; i < attCount; i++) { 163 Node att = atts.item(i); 164 if (att.getNodeType() == Node.ATTRIBUTE_NODE) { 165 String attName = att.getLocalName(); 166 if (attName == null || attName.length() == 0) { 167 if (FSUtils.debug.messageEnabled()) { 168 FSUtils.debug.message("FSAuthenticationStatement:" + 169 "Attribute name is either null or empty."); 170 } 171 throw new FSMsgException("nullInput", null); 172 } 173 if (attName.equals(IFSConstants.AUTHENTICATION_METHOD)) { 174 _authenticationMethod = ((Attr)att).getValue().trim(); 175 } else if (attName.equals(IFSConstants.AUTHENTICATION_INSTANT)){ 176 try { 177 _authenticationInstant = 178 DateUtils.stringToDate(((Attr)att).getValue()); 179 } catch (ParseException pe ) { 180 FSUtils.debug.error("FSAuthenticationStatement:" + 181 "StringToDate: ", pe); 182 throw new FSMsgException("wrongDateFormat",null); 183 } // end of try...catch 184 } else if (attName.equals(IFSConstants.REAUTH_ON_OR_AFTER)) { 185 try { 186 reauthenticateOnOrAfter = 187 DateUtils.stringToDate(((Attr)att).getValue()); 188 } catch (ParseException pe ) { 189 FSUtils.debug.error("FSAuthenticationStatement:" + 190 "StringToDate: ", pe); 191 throw new FSMsgException("wrongDateFormat",null); 192 } 193 } else if (attName.equals(IFSConstants.SESSION_INDEX)) { 194 sessionIndex = 195 ((Attr)att).getValue().trim(); 196 } 197 } 198 } // end of for loop 199 //Handle the children elements of AuthenticationStatement 200 NodeList nodes = element.getChildNodes(); 201 int nodeCount = nodes.getLength(); 202 if (nodeCount > 0) { 203 for (i = 0; i < nodeCount; i++) { 204 Node currentNode = nodes.item(i); 205 if (currentNode.getNodeType() == Node.ELEMENT_NODE) { 206 String tagName = currentNode.getLocalName(); 207 String tagNS = currentNode.getNamespaceURI(); 208 if ((tagName == null) || tagName.length() == 0 || 209 tagNS == null || tagNS.length() == 0) { 210 if (FSUtils.debug.messageEnabled()) { 211 FSUtils.debug.message("FSAuthenticationStatement: "+ 212 "The tag name or tag namespace of child" + 213 " element is either null or empty."); 214 } 215 throw new FSMsgException("nullInput",null); 216 } 217 if (tagName.equals(IFSConstants.AUTH_SUBJECT)) { 218 if (this._subject != null) { 219 if (FSUtils.debug.messageEnabled()) { 220 FSUtils.debug.message( 221 "FSAuthenticationStatement" + 222 ":should only contain one subject"); 223 } 224 throw new FSMsgException("oneElement",null); 225 } else { 226 this._subject = 227 new FSSubject((Element) currentNode); 228 } 229 } else if (tagName.equals(IFSConstants.SUBJECT_LOCALITY)) { 230 if (_subjectLocality != null) { 231 if (FSUtils.debug.messageEnabled()) { 232 FSUtils.debug.message( 233 "FSAuthenticationStatement"+ 234 "Statement: should at most " + 235 "contain one SubjectLocality."); 236 } 237 throw new FSMsgException("oneElement",null); 238 } else { 239 _subjectLocality = 240 new SubjectLocality((Element)currentNode); 241 } 242 } else if (tagName.equals(IFSConstants.AUTHN_CONTEXT) && 243 (tagNS.equals( 244 IFSConstants.libertyMessageNamespaceURI)|| 245 tagNS.equals(IFSConstants.FF_12_XML_NS))) { 246 247 if (_authnContext != null) { 248 if (FSUtils.debug.messageEnabled()) { 249 FSUtils.debug.message("FSAuthentication"+ 250 "Statement: should not contain more " + 251 "than one AuthnContext element."); 252 } 253 throw new FSMsgException("oneElement",null); 254 } else { 255 _authnContext = 256 new AuthnContext((Element)currentNode); 257 } 258 } else if (tagName.equals(IFSConstants.AUTHORITY_BINDING)) { 259 if (_authorityBinding == null) { 260 _authorityBinding = new ArrayList(); 261 } 262 if ((_authorityBinding.add(new AuthorityBinding( 263 (Element)currentNode))) == false) { 264 if (FSUtils.debug.messageEnabled()) { 265 FSUtils.debug.message( 266 "FSAuthenticationStatement"+ 267 ": failed to add to the" + 268 " AuthorityBinding list."); 269 } 270 throw new FSMsgException("addListError",null); 271 } 272 } else { 273 if (FSUtils.debug.messageEnabled()) { 274 FSUtils.debug.message("FSAuthenticationStatement:"+ 275 "Wrong element " 276 + tagName + "included."); 277 } 278 throw new FSMsgException("wrongInput",null); 279 } 280 } // end of if (currentNode.getNodeType() == Node.ELEMENT_NODE) 281 } // end of for loop 282 } // end of if (nodeCount > 0) 283 // check if the subject is null 284 if (this._subject == null) { 285 if (FSUtils.debug.messageEnabled()) { 286 FSUtils.debug.message("FSAuthenticationStatement should " + 287 "contain one subject."); 288 } 289 throw new FSMsgException("missingElement",null); 290 } 291 FSUtils.debug.message("FSAuthenticationStatement(Element): leaving"); 292 } 293 294 295 /** 296 * Returns the value of <code>SessionIndex</code> attribute. 297 * 298 * @return the value of </code>SessionIndex</code> attribute. 299 * @see #setSessionIndex(String) 300 */ 301 public String getSessionIndex(){ 302 return sessionIndex; 303 } 304 305 /** 306 * Sets the <code>SessionIndex</code> attribute. 307 * 308 * @param sessionIndex the value of <code>SessionIndex</code> attribute. 309 * @see #getSessionIndex 310 */ 311 public void setSessionIndex(String sessionIndex){ 312 this.sessionIndex = sessionIndex; 313 } 314 315 /** 316 * Returns the re-authentication date for this 317 * authentication statement. 318 * 319 * @return the re-authentication date for this object. 320 * @see #setReauthenticateOnOrAfter 321 */ 322 public Date getReauthenticateOnOrAfter(){ 323 return reauthenticateOnOrAfter; 324 } 325 326 /** 327 * Sets re-authentication date for this authentication 328 * statement. 329 * 330 * @param reauthenticateOnOrAfter the date object. 331 * @see #getReauthenticateOnOrAfter 332 */ 333 public void setReauthenticateOnOrAfter(Date reauthenticateOnOrAfter){ 334 this.reauthenticateOnOrAfter = reauthenticateOnOrAfter; 335 } 336 337 /** 338 * Returns the Authentication Context in this 339 * authentication statement. 340 * 341 * @return the Authentication Context object. 342 * @see #setAuthnContext(AuthnContext) 343 */ 344 public AuthnContext getAuthnContext(){ 345 return _authnContext; 346 } 347 348 /** 349 * Sets the Authentication Context object. 350 * 351 * @param authnContext the Authentication Context object. 352 * @see #getAuthnContext 353 */ 354 public void setAuthnContext(AuthnContext authnContext){ 355 this._authnContext = authnContext; 356 } 357 358 /** 359 * Returns the value of <code>MinorVersion</code> attribute. 360 * 361 * @return the value of <code>MinorVersion</code> attribute. 362 * @see #setMinorVersion(int) 363 */ 364 public int getMinorVersion() { 365 return minorVersion; 366 } 367 368 /** 369 * Sets the value of <code>MinorVersion</code> attribute. 370 * 371 * @param version the <code>MinorVersion</code> attribute. 372 * @see #getMinorVersion 373 */ 374 public void setMinorVersion(int version) { 375 minorVersion = version; 376 } 377 378 /** 379 * Returns a String representation of this object. 380 * 381 * @throws FSMsgException if there is an error creating 382 * the string. 383 * @return a String representation of this Object. 384 */ 385 public String toXMLString() throws FSMsgException { 386 return (toXMLString(true, false)); 387 } 388 389 /** 390 * Returns a String representation of this object. 391 * 392 * @param includeNS Determines whether or not the namespace qualifier is 393 * prepended to the Element when converted 394 * @param declareNS Determines whether or not the namespace is declared 395 * within the Element. 396 * @return A string containing the valid XML for this object. 397 * @throws FSMsgException if there is an error creating 398 * the string. 399 */ 400 public String toXMLString(boolean includeNS,boolean declareNS) 401 throws FSMsgException { 402 StringBuffer result = new StringBuffer(1000); 403 String prefix = ""; 404 String libprefix = ""; 405 String uri = ""; 406 String liburi = ""; 407 if (includeNS) { 408 prefix = SAMLConstants.ASSERTION_PREFIX; 409 libprefix = IFSConstants.LIB_PREFIX; 410 } 411 if (declareNS) { 412 if (minorVersion == IFSConstants.FF_12_PROTOCOL_MINOR_VERSION) { 413 liburi = IFSConstants.LIB_12_NAMESPACE_STRING; 414 } else { 415 liburi = IFSConstants.LIB_NAMESPACE_STRING; 416 } 417 uri = SAMLConstants.assertionDeclareStr; 418 } 419 420 result.append(IFSConstants.LEFT_ANGLE).append(prefix) 421 .append(IFSConstants.AUTHENTICATIONSTATEMENT) 422 .append(uri).append(IFSConstants.SPACE).append(liburi) 423 .append(IFSConstants.SPACE); 424 425 if ((_authenticationMethod != null) && 426 _authenticationMethod.length() != 0) { 427 result.append(IFSConstants.AUTHENTICATION_METHOD).append("=\"") 428 .append(_authenticationMethod).append("\" "); 429 } 430 431 if (_authenticationInstant != null) { 432 result.append(IFSConstants.AUTHENTICATION_INSTANT).append("=\"") 433 .append(DateUtils.toUTCDateFormat(_authenticationInstant)) 434 .append("\" "); 435 } 436 437 if (reauthenticateOnOrAfter != null) { 438 result.append(IFSConstants.REAUTH_ON_OR_AFTER).append("=\"") 439 .append(DateUtils.toUTCDateFormat(reauthenticateOnOrAfter)) 440 .append("\" "); 441 } 442 443 if (sessionIndex != null) { 444 result.append(IFSConstants.SESSION_INDEX).append("=\"") 445 .append(sessionIndex).append("\" "); 446 } 447 448 result.append("xsi:type") 449 .append("=\"") 450 .append(libprefix) 451 .append(IFSConstants.AUTHENTICATIONSTATEMENT_TYPE) 452 .append(IFSConstants.QUOTE) 453 .append(IFSConstants.RIGHT_ANGLE); 454 455 if (getSubject() != null) { 456 result.append( 457 ((FSSubject)getSubject()).toXMLString(includeNS, false)); 458 } 459 460 if (_subjectLocality != null) { 461 result.append(_subjectLocality.toString(includeNS, false)); 462 } 463 464 if ((_authorityBinding != null) && (!_authorityBinding.isEmpty())) { 465 Iterator iter = this.getAuthorityBinding().iterator(); 466 while (iter.hasNext()) { 467 AuthorityBinding authBinding = 468 (AuthorityBinding)iter.next(); 469 result.append(authBinding.toString(includeNS, false)); 470 } 471 } 472 if (_authnContext != null) { 473 result.append(_authnContext.toXMLString(includeNS, false)); 474 } 475 result.append(IFSConstants.START_END_ELEMENT).append(prefix) 476 .append(IFSConstants.AUTHENTICATIONSTATEMENT) 477 .append(IFSConstants.RIGHT_ANGLE); 478 return(result.toString()); 479 } 480}
Copyright © 2010-2017, ForgeRock All Rights Reserved.