001/**
002 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER.
003 *
004 * Copyright (c) 2006 Sun Microsystems Inc. All Rights Reserved
005 *
006 * The contents of this file are subject to the terms
007 * of the Common Development and Distribution License
008 * (the License). You may not use this file except in
009 * compliance with the License.
010 *
011 * You can obtain a copy of the License at
012 * https://opensso.dev.java.net/public/CDDLv1.0.html or
013 * opensso/legal/CDDLv1.0.txt
014 * See the License for the specific language governing
015 * permission and limitations under the License.
016 *
017 * When distributing Covered Code, include this CDDL
018 * Header Notice in each file and include the License file
019 * at opensso/legal/CDDLv1.0.txt.
020 * If applicable, add the following below the CDDL Header,
021 * with the fields enclosed by brackets [] replaced by
022 * your own identifying information:
023 * "Portions Copyrighted [year] [name of copyright owner]"
024 *
025 * $Id: FSNameIdentifierMappingRequest.java,v 1.2 2008/06/25 05:46:44 qcheng Exp $
026 * Portions Copyrighted 2014 ForgeRock AS
027 */
028
029package com.sun.identity.federation.message;
030
031import com.sun.identity.shared.xml.XMLUtils;
032
033import com.sun.identity.shared.Constants;
034import com.sun.identity.shared.DateUtils;
035import com.sun.identity.common.SystemConfigurationUtil;
036
037import com.sun.identity.federation.common.FSUtils;
038import com.sun.identity.federation.common.IFSConstants;
039import com.sun.identity.federation.message.common.FSMsgException;
040
041import com.sun.identity.saml.assertion.NameIdentifier;
042import com.sun.identity.saml.common.SAMLConstants;
043import com.sun.identity.saml.common.SAMLUtils;
044import com.sun.identity.saml.common.SAMLException;
045import com.sun.identity.saml.common.SAMLResponderException;
046
047import com.sun.identity.saml.protocol.AbstractRequest;
048
049import com.sun.identity.saml.xmlsig.XMLSignatureManager;
050
051import java.util.Date;
052import java.util.List;
053
054import org.w3c.dom.Document;
055import org.w3c.dom.Element;
056import org.w3c.dom.Node;
057import org.w3c.dom.NodeList;
058
059/**
060 * The class <code>FSNameIdentifierMappingRequest</code> is used to
061 * create or parse <code>NameIdentifierMappingRequest<code>.
062 *
063 * @supported.all.api
064 * @deprecated since 12.0.0
065 */
066@Deprecated
067public class FSNameIdentifierMappingRequest extends AbstractRequest {
068    
069    private String providerID;
070    private NameIdentifier nameIdentifier;
071    private String targetNamespace;
072    private int minorVersion = IFSConstants.FF_12_PROTOCOL_MINOR_VERSION;
073    private String signatureString;
074    
075    /**
076     * Constructor to create <code> FSNameIdentifierMappingRequest<code>.
077     *
078     * @param providerID the requesting provider's ID
079     * @param nameIdentifier the <code>NameIdentifier</code> qualified by the
080     *        requesting service provider
081     * @param targetNamespace the provider ID of the other service provider
082     *                        which the requesting service provider would
083     *                        subsequently communicate with
084     * @throws FSMsgException if there is an error creating the object.
085     */
086    public FSNameIdentifierMappingRequest(String providerID,
087            NameIdentifier nameIdentifier, String targetNamespace)
088            throws FSMsgException {
089        this.providerID = providerID;
090        this.nameIdentifier = nameIdentifier;
091        this.targetNamespace = targetNamespace;
092        this.requestID = SAMLUtils.generateID();
093        setIssueInstant(new Date());
094    }
095    
096    /**
097     * Constructor to create <code> FSNameIdentifierMappingRequest<code> from
098     * the Document Element.
099     *
100     * @param root the <code>NameIdentifierMappingRequest</code> Document
101     *        element.
102     * @throws FSMsgException if there is an error.
103     */
104    public FSNameIdentifierMappingRequest(Element root) throws FSMsgException {
105        if (root == null) {
106            FSUtils.debug.message(
107                    "FSNameIdentifierMappingRequest: null element input.");
108            throw new FSMsgException("nullInputParameter",null);
109        }
110        String tag = null;
111        if (((tag = root.getLocalName()) == null) ||
112                (!tag.equals(IFSConstants.NAMEID_MAPPING_REQUEST))) {
113            FSUtils.debug.message(
114                    "FSNameIdentifierMappingRequest: wrong input");
115            throw new FSMsgException("wrongInput",null);
116        }
117        
118        // get IssueInstant
119        String instantString = root.getAttribute(IFSConstants.ISSUE_INSTANT);
120        if (instantString==null || instantString.length()==0) {
121            FSUtils.debug.error("FSNameIdentifierMappingRequest: " +
122                    "missing IssueInstant");
123            String[] args = { IFSConstants.ISSUE_INSTANT };
124            throw new FSMsgException("missingAttribute",args);
125        } else {
126            try {
127                issueInstant = DateUtils.stringToDate(instantString);
128            } catch (Exception e) {
129                FSUtils.debug.error("FSNameIdentifierMappingRequest: " +
130                        "could not parse IssueInstant.", e);
131                throw new FSMsgException("wrongInput",null);
132            }
133        }
134        
135        // get RequestID
136        requestID = root.getAttribute(IFSConstants.REQUEST_ID);
137        
138        // get and check versions
139        parseMajorVersion(root.getAttribute(IFSConstants.MAJOR_VERSION));
140        parseMinorVersion(root.getAttribute(IFSConstants.MINOR_VERSION));
141        
142        // get ProviderID, NameIdentifier & TargetNamespace
143        NodeList contentnl = root.getChildNodes();
144        Node child;
145        String nodeName;
146        int length = contentnl.getLength();
147        for (int i = 0; i < length; i++) {
148            child = contentnl.item(i);
149            if ((nodeName = child.getLocalName()) != null) {
150                if (nodeName.equals(IFSConstants.PROVIDER_ID)) {
151                    providerID = XMLUtils.getElementValue((Element) child);
152                } else if (nodeName.equals(IFSConstants.NAME_IDENTIFIER)) {
153                    try {
154                        nameIdentifier =
155                                new NameIdentifier((Element) child);
156                    } catch (SAMLException samle) {
157                        FSUtils.debug.error("FSNameIdentifierMappingRequest: " +
158                                "unable to initialize NameIdentifier", samle);
159                        throw new FSMsgException(
160                                "nameIdentifierCreateError",null,samle);
161                    }
162                } else if (nodeName.equals(IFSConstants.TARGET_NAME_SPACE)) {
163                    targetNamespace = XMLUtils.getElementValue((Element) child);
164                }
165            }
166        }
167        
168        // get signature
169        List signs = XMLUtils.getElementsByTagNameNS1(
170                root,
171                SAMLConstants.XMLSIG_NAMESPACE_URI,
172                SAMLConstants.XMLSIG_ELEMENT_NAME);
173        int signsSize = signs.size();
174        if (signsSize == 1) {
175            Element elem = (Element)signs.get(0);
176            setSignature(elem);
177            signed = true;
178        } else if (signsSize != 0) {
179            FSUtils.debug.error("FSNameIdentifierMappingRequest: " +
180                    "included more than one Signature element.");
181            throw new FSMsgException("moreElement",null);
182        }
183    }
184    
185    /**
186     * Returns <code>FSNameIdentifierMappingRequest</code> object. This
187     * object is created by parsing the <code>XML</code> string.
188     *
189     * @param xml <code>XML</code> String
190     * @return the <code>FSNameIdentifierMappingRequest</code> object.
191     * @throws FSMsgException if there is an error creating this object.
192     */
193    public static FSNameIdentifierMappingRequest parseXML(String xml)
194    throws FSMsgException {
195        Document doc = XMLUtils.toDOMDocument(xml, FSUtils.debug);
196        if (doc == null) {
197            FSUtils.debug.error("FSNameIdentifierMappingRequest.parseXML: " +
198                    "error while parsing input xml string");
199            throw new FSMsgException("parseError",null);
200        }
201        Element root = doc.getDocumentElement();
202        return new FSNameIdentifierMappingRequest(root);
203    }
204    
205    /**
206     * Returns the <code>ProviderID</code> attribute. This
207     * is the requesting Service Providers's identifier.
208     *
209     * @return the <code>ProviderID</code> attribute.
210     */
211    public String getProviderID() {
212        return providerID;
213    }
214    
215    /**
216     * Returns the <code>NameIdentifier</code> object  qualified by the
217     * requesting service provider .
218     *
219     * @return the <code>NameIdentifier</code> object  qualified by the
220     * requesting service provider .
221     */
222    public NameIdentifier getNameIdentifier() {
223        return nameIdentifier;
224    }
225    
226    /**
227     *  Returns the value of <code>TargetNamespace</code> attribute.
228     *
229     * @return the value of <code>TargetNamespace</code> attribute.
230     */
231    public String getTargetNamespace() {
232        return targetNamespace;
233    }
234    
235    /**
236     * Sets the <code>MajorVersion</code> by parsing the version string.
237     *
238     * @param majorVer a String representing the <code>MajorVersion</code> to
239     *        be set.
240     * @throws FSMsgException when the version mismatches.
241     */
242    private void parseMajorVersion(String version) throws FSMsgException {
243        try {
244            majorVersion = Integer.parseInt(version);
245        } catch (NumberFormatException e) {
246            if (FSUtils.debug.messageEnabled()) {
247                FSUtils.debug.message("FSNameIdentifierMappingRequest." +
248                        "parseMajorVersion: invalid MajorVersion: " + version, e);
249            }
250            throw new FSMsgException("wrongInput",null);
251        }
252        
253        if (majorVersion != SAMLConstants.PROTOCOL_MAJOR_VERSION) {
254            if (majorVersion > SAMLConstants.PROTOCOL_MAJOR_VERSION) {
255                if (FSUtils.debug.messageEnabled()) {
256                    FSUtils.debug.message("FSNameIdentifierMappingRequest." +
257                            "parseMajorVersion: MajorVersion is too high");
258                }
259                throw new FSMsgException("requestVersionTooHigh",null);
260            } else {
261                if (FSUtils.debug.messageEnabled()) {
262                    FSUtils.debug.message("FSNameIdentifierMappingRequest." +
263                            "parseMajorVersion: MajorVersion is too low");
264                }
265                throw new FSMsgException("requestVersionTooLow",null);
266            }
267        }
268    }
269    
270    /**
271     * Sets the <code>MinorVersion</code> by parsing the version string.
272     *
273     * @param minorVer a String representing the <code>MinorVersion</code> to
274     *        be set.
275     * @throws FSMsgException when the version mismatches.
276     */
277    private void parseMinorVersion(String version) throws FSMsgException {
278        try {
279            minorVersion = Integer.parseInt(version);
280        } catch (NumberFormatException e) {
281            if (FSUtils.debug.messageEnabled()) {
282                FSUtils.debug.message("FSNameIdentifierMappingRequest." +
283                        "parseMinorVersion: invalid MinorVersion: " + version, e);
284            }
285            throw new FSMsgException("wrongInput",null);
286        }
287
288        if (minorVersion > IFSConstants.FF_12_PROTOCOL_MINOR_VERSION) {
289            if (FSUtils.debug.messageEnabled()) {
290                FSUtils.debug.message("FSNameIdentifierMappingRequest." +
291                    "parseMinorVersion: MinorVersion is too high");
292            }
293            throw new FSMsgException("requestVersionTooHigh",null);
294        } else if (minorVersion < IFSConstants.FF_11_PROTOCOL_MINOR_VERSION) {
295            if (FSUtils.debug.messageEnabled()) {
296                FSUtils.debug.message("FSNameIdentifierMappingRequest." +
297                    "parseMinorVersion: MinorVersion is too low");
298            }
299            throw new FSMsgException("requestVersionTooLow",null);
300        }
301    }
302    
303    /**
304     * Signs the XML document representing
305     * <code>NameIdentifierMappingRequest</code> using the certificate
306     * indicated by the property "com.sun.identity.saml.xmlsig.certalias"
307     * in AMConfig.properties file.
308     *
309     * @throws SAMLException if there is an error signing the XML document.
310     */
311    public void signXML() throws SAMLException {
312        String certAlias = SystemConfigurationUtil.getProperty(
313                Constants.SAML_XMLSIG_CERT_ALIAS);
314        signXML(certAlias);
315    }
316    
317    /**
318     * Signs the XML document representing
319     * <code>NameIdentifierMappingRequest</code> using the specified
320     * certificate.
321     *
322     * @param certAlias the alias (name) of the certificate used for signing
323     *                   the XML document
324     * @throws SAMLException it there is an error.
325     */
326    public void signXML(String certAlias) throws SAMLException {
327        FSUtils.debug.message("FSNameIdentifierMappingRequest.signXML");
328        if (signed) {
329            if (FSUtils.debug.messageEnabled()) {
330                FSUtils.debug.message("FSNameIdentifierMappingRequest.signXML: "
331                        + "the request is already signed.");
332            }
333            throw new SAMLResponderException(FSUtils.BUNDLE_NAME,
334                    "alreadySigned",null);
335        }
336        if (certAlias==null || certAlias.length()==0) {
337            if (FSUtils.debug.messageEnabled()) {
338                FSUtils.debug.message("FSNameIdentifierMappingRequest.signXML: "
339                        + "null certAlias");
340            }
341            throw new SAMLResponderException(FSUtils.BUNDLE_NAME,
342                    "cannotFindCertAlias",null);
343        }
344        try {
345            XMLSignatureManager manager = XMLSignatureManager.getInstance();
346            signatureString = manager.signXML(this.toXMLString(true, true),
347                    certAlias, (String) null, IFSConstants.REQUEST_ID,
348                    this.getRequestID(), false);
349            signature = XMLUtils.toDOMDocument(signatureString, FSUtils.debug)
350            .getDocumentElement();
351            signed = true;
352        } catch (Exception e){
353            FSUtils.debug.error("FSNameIdentifierMappingRequest.signXML: " +
354                    "unable to sign", e);
355            throw new SAMLResponderException(FSUtils.BUNDLE_NAME,
356                    "signFailed",null);
357            
358        }
359    }
360    
361    /**
362     * Returns the string representation of this object.
363     * This method translates the response to an XML document string.
364     *
365     * @return An XML String representing the response. NOTE: this is a
366     *         complete SAML response xml string with ResponseID,
367     *         MajorVersion, etc.
368     */
369    
370    public String toXMLString() throws FSMsgException {
371        return toXMLString(true, true);
372    }
373    
374    /**
375     * Returns the string representation of this object.
376     *
377     * @return An XML String representing the response.
378     * @throws FSMsgException if there is an error converting
379     *         this object ot a string.
380     */
381    public String toXMLString(boolean includeNS, boolean declareNS)
382    throws FSMsgException {
383        return toXMLString(includeNS, declareNS, false);
384    }
385    
386    /**
387     * Returns a String representation of the &lt;samlp:Response&gt; element.
388     *
389     * @param includeNS Determines whether or not the namespace qualifier
390     *        is prepended to the Element when converted
391     * @param declareNS Determines whether or not the namespace is declared
392     *        within the Element.
393     * @param includeHeader Determines whether the output include the xml
394     *        declaration header.
395     * @return a string containing the valid XML for this element
396     * @throws FSMsgException if there is an error converting
397     *         this object ot a string.
398     */
399    public String toXMLString(boolean includeNS, boolean declareNS,
400            boolean includeHeader) throws FSMsgException {
401        
402        String prefix = "";
403        String uriLIB = "";
404        String uriSAML = "";
405        if (includeNS) {
406            prefix = IFSConstants.LIB_PREFIX;
407        }
408        if (declareNS) {
409            uriLIB = IFSConstants.LIB_12_NAMESPACE_STRING;
410            uriSAML = IFSConstants.assertionDeclareStr;
411        }
412        String instantString = null;
413        try {
414            instantString = DateUtils.toUTCDateFormat(issueInstant);
415        } catch (Exception e) {
416            FSUtils.debug.error("FSNameIdentifierMappingRequest.toXMLString: " +
417                    "could not convert issueInstant to String.", e);
418        }
419        
420        // construct xml request
421        StringBuffer xml = new StringBuffer(1000);
422        if (includeHeader) {
423            xml.append(IFSConstants.XML_PREFIX)
424            .append(IFSConstants.DEFAULT_ENCODING)
425            .append(IFSConstants.QUOTE)
426            .append(IFSConstants.SPACE)
427            .append(IFSConstants.QUESTION_MARK)
428            .append(IFSConstants.RIGHT_ANGLE)
429            .append(IFSConstants.NL);
430        }
431        xml.append(IFSConstants.LEFT_ANGLE)
432        .append(prefix)
433        .append(IFSConstants.NAMEID_MAPPING_REQUEST)
434        .append(uriLIB).append(uriSAML)
435        .append(IFSConstants.SPACE)
436        .append(IFSConstants.REQUEST_ID)
437        .append(IFSConstants.EQUAL_TO)
438        .append(IFSConstants.QUOTE)
439        .append(requestID)
440        .append(IFSConstants.QUOTE)
441        .append(IFSConstants.SPACE)
442        .append(IFSConstants.SPACE)
443        .append(IFSConstants.MAJOR_VERSION)
444        .append(IFSConstants.EQUAL_TO)
445        .append(IFSConstants.QUOTE)
446        .append(majorVersion)
447        .append(IFSConstants.QUOTE)
448        .append(IFSConstants.SPACE)
449        .append(IFSConstants.SPACE)
450        .append(IFSConstants.MINOR_VERSION)
451        .append(IFSConstants.EQUAL_TO)
452        .append(IFSConstants.QUOTE)
453        .append(minorVersion)
454        .append(IFSConstants.QUOTE)
455        .append(IFSConstants.SPACE)
456        .append(IFSConstants.SPACE)
457        .append(IFSConstants.ISSUE_INSTANT)
458        .append(IFSConstants.EQUAL_TO)
459        .append(IFSConstants.QUOTE)
460        .append(instantString)
461        .append(IFSConstants.QUOTE)
462        .append(IFSConstants.SPACE)
463        .append(IFSConstants.RIGHT_ANGLE);
464        
465        if (signed) {
466            if (signatureString != null) {
467                xml.append(signatureString);
468            } else if (signature != null) {
469                signatureString = XMLUtils.print(signature);
470                xml.append(signatureString);
471            }
472        }
473        xml.append(IFSConstants.LEFT_ANGLE)
474        .append(prefix)
475        .append(IFSConstants.PROVIDER_ID)
476        .append(IFSConstants.RIGHT_ANGLE)
477        .append(providerID)
478        .append(IFSConstants.START_END_ELEMENT)
479        .append(prefix)
480        .append(IFSConstants.PROVIDER_ID)
481        .append(IFSConstants.RIGHT_ANGLE);
482        
483        if (nameIdentifier != null) {
484            xml.append(nameIdentifier.toString());
485        }
486        
487        xml.append(IFSConstants.LEFT_ANGLE)
488        .append(prefix)
489        .append(IFSConstants.TARGET_NAME_SPACE)
490        .append(IFSConstants.RIGHT_ANGLE)
491        .append(targetNamespace)
492        .append(IFSConstants.START_END_ELEMENT)
493        .append(prefix)
494        .append(IFSConstants.TARGET_NAME_SPACE)
495        .append(IFSConstants.RIGHT_ANGLE)
496        .append(IFSConstants.START_END_ELEMENT)
497        .append(prefix)
498        .append(IFSConstants.NAMEID_MAPPING_REQUEST)
499        .append(IFSConstants.RIGHT_ANGLE);
500        
501        return xml.toString();
502    }
503}




























































Copyright © 2010-2017, ForgeRock All Rights Reserved.