001/** 002 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER. 003 * 004 * Copyright (c) 2006 Sun Microsystems Inc. All Rights Reserved 005 * 006 * The contents of this file are subject to the terms 007 * of the Common Development and Distribution License 008 * (the License). You may not use this file except in 009 * compliance with the License. 010 * 011 * You can obtain a copy of the License at 012 * https://opensso.dev.java.net/public/CDDLv1.0.html or 013 * opensso/legal/CDDLv1.0.txt 014 * See the License for the specific language governing 015 * permission and limitations under the License. 016 * 017 * When distributing Covered Code, include this CDDL 018 * Header Notice in each file and include the License file 019 * at opensso/legal/CDDLv1.0.txt. 020 * If applicable, add the following below the CDDL Header, 021 * with the fields enclosed by brackets [] replaced by 022 * your own identifying information: 023 * "Portions Copyrighted [year] [name of copyright owner]" 024 * 025 * $Id: FSNameIdentifierMappingRequest.java,v 1.2 2008/06/25 05:46:44 qcheng Exp $ 026 * Portions Copyrighted 2014 ForgeRock AS 027 */ 028 029package com.sun.identity.federation.message; 030 031import com.sun.identity.shared.xml.XMLUtils; 032 033import com.sun.identity.shared.Constants; 034import com.sun.identity.shared.DateUtils; 035import com.sun.identity.common.SystemConfigurationUtil; 036 037import com.sun.identity.federation.common.FSUtils; 038import com.sun.identity.federation.common.IFSConstants; 039import com.sun.identity.federation.message.common.FSMsgException; 040 041import com.sun.identity.saml.assertion.NameIdentifier; 042import com.sun.identity.saml.common.SAMLConstants; 043import com.sun.identity.saml.common.SAMLUtils; 044import com.sun.identity.saml.common.SAMLException; 045import com.sun.identity.saml.common.SAMLResponderException; 046 047import com.sun.identity.saml.protocol.AbstractRequest; 048 049import com.sun.identity.saml.xmlsig.XMLSignatureManager; 050 051import java.util.Date; 052import java.util.List; 053 054import org.w3c.dom.Document; 055import org.w3c.dom.Element; 056import org.w3c.dom.Node; 057import org.w3c.dom.NodeList; 058 059/** 060 * The class <code>FSNameIdentifierMappingRequest</code> is used to 061 * create or parse <code>NameIdentifierMappingRequest<code>. 062 * 063 * @supported.all.api 064 * @deprecated since 12.0.0 065 */ 066@Deprecated 067public class FSNameIdentifierMappingRequest extends AbstractRequest { 068 069 private String providerID; 070 private NameIdentifier nameIdentifier; 071 private String targetNamespace; 072 private int minorVersion = IFSConstants.FF_12_PROTOCOL_MINOR_VERSION; 073 private String signatureString; 074 075 /** 076 * Constructor to create <code> FSNameIdentifierMappingRequest<code>. 077 * 078 * @param providerID the requesting provider's ID 079 * @param nameIdentifier the <code>NameIdentifier</code> qualified by the 080 * requesting service provider 081 * @param targetNamespace the provider ID of the other service provider 082 * which the requesting service provider would 083 * subsequently communicate with 084 * @throws FSMsgException if there is an error creating the object. 085 */ 086 public FSNameIdentifierMappingRequest(String providerID, 087 NameIdentifier nameIdentifier, String targetNamespace) 088 throws FSMsgException { 089 this.providerID = providerID; 090 this.nameIdentifier = nameIdentifier; 091 this.targetNamespace = targetNamespace; 092 this.requestID = SAMLUtils.generateID(); 093 setIssueInstant(new Date()); 094 } 095 096 /** 097 * Constructor to create <code> FSNameIdentifierMappingRequest<code> from 098 * the Document Element. 099 * 100 * @param root the <code>NameIdentifierMappingRequest</code> Document 101 * element. 102 * @throws FSMsgException if there is an error. 103 */ 104 public FSNameIdentifierMappingRequest(Element root) throws FSMsgException { 105 if (root == null) { 106 FSUtils.debug.message( 107 "FSNameIdentifierMappingRequest: null element input."); 108 throw new FSMsgException("nullInputParameter",null); 109 } 110 String tag = null; 111 if (((tag = root.getLocalName()) == null) || 112 (!tag.equals(IFSConstants.NAMEID_MAPPING_REQUEST))) { 113 FSUtils.debug.message( 114 "FSNameIdentifierMappingRequest: wrong input"); 115 throw new FSMsgException("wrongInput",null); 116 } 117 118 // get IssueInstant 119 String instantString = root.getAttribute(IFSConstants.ISSUE_INSTANT); 120 if (instantString==null || instantString.length()==0) { 121 FSUtils.debug.error("FSNameIdentifierMappingRequest: " + 122 "missing IssueInstant"); 123 String[] args = { IFSConstants.ISSUE_INSTANT }; 124 throw new FSMsgException("missingAttribute",args); 125 } else { 126 try { 127 issueInstant = DateUtils.stringToDate(instantString); 128 } catch (Exception e) { 129 FSUtils.debug.error("FSNameIdentifierMappingRequest: " + 130 "could not parse IssueInstant.", e); 131 throw new FSMsgException("wrongInput",null); 132 } 133 } 134 135 // get RequestID 136 requestID = root.getAttribute(IFSConstants.REQUEST_ID); 137 138 // get and check versions 139 parseMajorVersion(root.getAttribute(IFSConstants.MAJOR_VERSION)); 140 parseMinorVersion(root.getAttribute(IFSConstants.MINOR_VERSION)); 141 142 // get ProviderID, NameIdentifier & TargetNamespace 143 NodeList contentnl = root.getChildNodes(); 144 Node child; 145 String nodeName; 146 int length = contentnl.getLength(); 147 for (int i = 0; i < length; i++) { 148 child = contentnl.item(i); 149 if ((nodeName = child.getLocalName()) != null) { 150 if (nodeName.equals(IFSConstants.PROVIDER_ID)) { 151 providerID = XMLUtils.getElementValue((Element) child); 152 } else if (nodeName.equals(IFSConstants.NAME_IDENTIFIER)) { 153 try { 154 nameIdentifier = 155 new NameIdentifier((Element) child); 156 } catch (SAMLException samle) { 157 FSUtils.debug.error("FSNameIdentifierMappingRequest: " + 158 "unable to initialize NameIdentifier", samle); 159 throw new FSMsgException( 160 "nameIdentifierCreateError",null,samle); 161 } 162 } else if (nodeName.equals(IFSConstants.TARGET_NAME_SPACE)) { 163 targetNamespace = XMLUtils.getElementValue((Element) child); 164 } 165 } 166 } 167 168 // get signature 169 List signs = XMLUtils.getElementsByTagNameNS1( 170 root, 171 SAMLConstants.XMLSIG_NAMESPACE_URI, 172 SAMLConstants.XMLSIG_ELEMENT_NAME); 173 int signsSize = signs.size(); 174 if (signsSize == 1) { 175 Element elem = (Element)signs.get(0); 176 setSignature(elem); 177 signed = true; 178 } else if (signsSize != 0) { 179 FSUtils.debug.error("FSNameIdentifierMappingRequest: " + 180 "included more than one Signature element."); 181 throw new FSMsgException("moreElement",null); 182 } 183 } 184 185 /** 186 * Returns <code>FSNameIdentifierMappingRequest</code> object. This 187 * object is created by parsing the <code>XML</code> string. 188 * 189 * @param xml <code>XML</code> String 190 * @return the <code>FSNameIdentifierMappingRequest</code> object. 191 * @throws FSMsgException if there is an error creating this object. 192 */ 193 public static FSNameIdentifierMappingRequest parseXML(String xml) 194 throws FSMsgException { 195 Document doc = XMLUtils.toDOMDocument(xml, FSUtils.debug); 196 if (doc == null) { 197 FSUtils.debug.error("FSNameIdentifierMappingRequest.parseXML: " + 198 "error while parsing input xml string"); 199 throw new FSMsgException("parseError",null); 200 } 201 Element root = doc.getDocumentElement(); 202 return new FSNameIdentifierMappingRequest(root); 203 } 204 205 /** 206 * Returns the <code>ProviderID</code> attribute. This 207 * is the requesting Service Providers's identifier. 208 * 209 * @return the <code>ProviderID</code> attribute. 210 */ 211 public String getProviderID() { 212 return providerID; 213 } 214 215 /** 216 * Returns the <code>NameIdentifier</code> object qualified by the 217 * requesting service provider . 218 * 219 * @return the <code>NameIdentifier</code> object qualified by the 220 * requesting service provider . 221 */ 222 public NameIdentifier getNameIdentifier() { 223 return nameIdentifier; 224 } 225 226 /** 227 * Returns the value of <code>TargetNamespace</code> attribute. 228 * 229 * @return the value of <code>TargetNamespace</code> attribute. 230 */ 231 public String getTargetNamespace() { 232 return targetNamespace; 233 } 234 235 /** 236 * Sets the <code>MajorVersion</code> by parsing the version string. 237 * 238 * @param majorVer a String representing the <code>MajorVersion</code> to 239 * be set. 240 * @throws FSMsgException when the version mismatches. 241 */ 242 private void parseMajorVersion(String version) throws FSMsgException { 243 try { 244 majorVersion = Integer.parseInt(version); 245 } catch (NumberFormatException e) { 246 if (FSUtils.debug.messageEnabled()) { 247 FSUtils.debug.message("FSNameIdentifierMappingRequest." + 248 "parseMajorVersion: invalid MajorVersion: " + version, e); 249 } 250 throw new FSMsgException("wrongInput",null); 251 } 252 253 if (majorVersion != SAMLConstants.PROTOCOL_MAJOR_VERSION) { 254 if (majorVersion > SAMLConstants.PROTOCOL_MAJOR_VERSION) { 255 if (FSUtils.debug.messageEnabled()) { 256 FSUtils.debug.message("FSNameIdentifierMappingRequest." + 257 "parseMajorVersion: MajorVersion is too high"); 258 } 259 throw new FSMsgException("requestVersionTooHigh",null); 260 } else { 261 if (FSUtils.debug.messageEnabled()) { 262 FSUtils.debug.message("FSNameIdentifierMappingRequest." + 263 "parseMajorVersion: MajorVersion is too low"); 264 } 265 throw new FSMsgException("requestVersionTooLow",null); 266 } 267 } 268 } 269 270 /** 271 * Sets the <code>MinorVersion</code> by parsing the version string. 272 * 273 * @param minorVer a String representing the <code>MinorVersion</code> to 274 * be set. 275 * @throws FSMsgException when the version mismatches. 276 */ 277 private void parseMinorVersion(String version) throws FSMsgException { 278 try { 279 minorVersion = Integer.parseInt(version); 280 } catch (NumberFormatException e) { 281 if (FSUtils.debug.messageEnabled()) { 282 FSUtils.debug.message("FSNameIdentifierMappingRequest." + 283 "parseMinorVersion: invalid MinorVersion: " + version, e); 284 } 285 throw new FSMsgException("wrongInput",null); 286 } 287 288 if (minorVersion > IFSConstants.FF_12_PROTOCOL_MINOR_VERSION) { 289 if (FSUtils.debug.messageEnabled()) { 290 FSUtils.debug.message("FSNameIdentifierMappingRequest." + 291 "parseMinorVersion: MinorVersion is too high"); 292 } 293 throw new FSMsgException("requestVersionTooHigh",null); 294 } else if (minorVersion < IFSConstants.FF_11_PROTOCOL_MINOR_VERSION) { 295 if (FSUtils.debug.messageEnabled()) { 296 FSUtils.debug.message("FSNameIdentifierMappingRequest." + 297 "parseMinorVersion: MinorVersion is too low"); 298 } 299 throw new FSMsgException("requestVersionTooLow",null); 300 } 301 } 302 303 /** 304 * Signs the XML document representing 305 * <code>NameIdentifierMappingRequest</code> using the certificate 306 * indicated by the property "com.sun.identity.saml.xmlsig.certalias" 307 * in AMConfig.properties file. 308 * 309 * @throws SAMLException if there is an error signing the XML document. 310 */ 311 public void signXML() throws SAMLException { 312 String certAlias = SystemConfigurationUtil.getProperty( 313 Constants.SAML_XMLSIG_CERT_ALIAS); 314 signXML(certAlias); 315 } 316 317 /** 318 * Signs the XML document representing 319 * <code>NameIdentifierMappingRequest</code> using the specified 320 * certificate. 321 * 322 * @param certAlias the alias (name) of the certificate used for signing 323 * the XML document 324 * @throws SAMLException it there is an error. 325 */ 326 public void signXML(String certAlias) throws SAMLException { 327 FSUtils.debug.message("FSNameIdentifierMappingRequest.signXML"); 328 if (signed) { 329 if (FSUtils.debug.messageEnabled()) { 330 FSUtils.debug.message("FSNameIdentifierMappingRequest.signXML: " 331 + "the request is already signed."); 332 } 333 throw new SAMLResponderException(FSUtils.BUNDLE_NAME, 334 "alreadySigned",null); 335 } 336 if (certAlias==null || certAlias.length()==0) { 337 if (FSUtils.debug.messageEnabled()) { 338 FSUtils.debug.message("FSNameIdentifierMappingRequest.signXML: " 339 + "null certAlias"); 340 } 341 throw new SAMLResponderException(FSUtils.BUNDLE_NAME, 342 "cannotFindCertAlias",null); 343 } 344 try { 345 XMLSignatureManager manager = XMLSignatureManager.getInstance(); 346 signatureString = manager.signXML(this.toXMLString(true, true), 347 certAlias, (String) null, IFSConstants.REQUEST_ID, 348 this.getRequestID(), false); 349 signature = XMLUtils.toDOMDocument(signatureString, FSUtils.debug) 350 .getDocumentElement(); 351 signed = true; 352 } catch (Exception e){ 353 FSUtils.debug.error("FSNameIdentifierMappingRequest.signXML: " + 354 "unable to sign", e); 355 throw new SAMLResponderException(FSUtils.BUNDLE_NAME, 356 "signFailed",null); 357 358 } 359 } 360 361 /** 362 * Returns the string representation of this object. 363 * This method translates the response to an XML document string. 364 * 365 * @return An XML String representing the response. NOTE: this is a 366 * complete SAML response xml string with ResponseID, 367 * MajorVersion, etc. 368 */ 369 370 public String toXMLString() throws FSMsgException { 371 return toXMLString(true, true); 372 } 373 374 /** 375 * Returns the string representation of this object. 376 * 377 * @return An XML String representing the response. 378 * @throws FSMsgException if there is an error converting 379 * this object ot a string. 380 */ 381 public String toXMLString(boolean includeNS, boolean declareNS) 382 throws FSMsgException { 383 return toXMLString(includeNS, declareNS, false); 384 } 385 386 /** 387 * Returns a String representation of the <samlp:Response> element. 388 * 389 * @param includeNS Determines whether or not the namespace qualifier 390 * is prepended to the Element when converted 391 * @param declareNS Determines whether or not the namespace is declared 392 * within the Element. 393 * @param includeHeader Determines whether the output include the xml 394 * declaration header. 395 * @return a string containing the valid XML for this element 396 * @throws FSMsgException if there is an error converting 397 * this object ot a string. 398 */ 399 public String toXMLString(boolean includeNS, boolean declareNS, 400 boolean includeHeader) throws FSMsgException { 401 402 String prefix = ""; 403 String uriLIB = ""; 404 String uriSAML = ""; 405 if (includeNS) { 406 prefix = IFSConstants.LIB_PREFIX; 407 } 408 if (declareNS) { 409 uriLIB = IFSConstants.LIB_12_NAMESPACE_STRING; 410 uriSAML = IFSConstants.assertionDeclareStr; 411 } 412 String instantString = null; 413 try { 414 instantString = DateUtils.toUTCDateFormat(issueInstant); 415 } catch (Exception e) { 416 FSUtils.debug.error("FSNameIdentifierMappingRequest.toXMLString: " + 417 "could not convert issueInstant to String.", e); 418 } 419 420 // construct xml request 421 StringBuffer xml = new StringBuffer(1000); 422 if (includeHeader) { 423 xml.append(IFSConstants.XML_PREFIX) 424 .append(IFSConstants.DEFAULT_ENCODING) 425 .append(IFSConstants.QUOTE) 426 .append(IFSConstants.SPACE) 427 .append(IFSConstants.QUESTION_MARK) 428 .append(IFSConstants.RIGHT_ANGLE) 429 .append(IFSConstants.NL); 430 } 431 xml.append(IFSConstants.LEFT_ANGLE) 432 .append(prefix) 433 .append(IFSConstants.NAMEID_MAPPING_REQUEST) 434 .append(uriLIB).append(uriSAML) 435 .append(IFSConstants.SPACE) 436 .append(IFSConstants.REQUEST_ID) 437 .append(IFSConstants.EQUAL_TO) 438 .append(IFSConstants.QUOTE) 439 .append(requestID) 440 .append(IFSConstants.QUOTE) 441 .append(IFSConstants.SPACE) 442 .append(IFSConstants.SPACE) 443 .append(IFSConstants.MAJOR_VERSION) 444 .append(IFSConstants.EQUAL_TO) 445 .append(IFSConstants.QUOTE) 446 .append(majorVersion) 447 .append(IFSConstants.QUOTE) 448 .append(IFSConstants.SPACE) 449 .append(IFSConstants.SPACE) 450 .append(IFSConstants.MINOR_VERSION) 451 .append(IFSConstants.EQUAL_TO) 452 .append(IFSConstants.QUOTE) 453 .append(minorVersion) 454 .append(IFSConstants.QUOTE) 455 .append(IFSConstants.SPACE) 456 .append(IFSConstants.SPACE) 457 .append(IFSConstants.ISSUE_INSTANT) 458 .append(IFSConstants.EQUAL_TO) 459 .append(IFSConstants.QUOTE) 460 .append(instantString) 461 .append(IFSConstants.QUOTE) 462 .append(IFSConstants.SPACE) 463 .append(IFSConstants.RIGHT_ANGLE); 464 465 if (signed) { 466 if (signatureString != null) { 467 xml.append(signatureString); 468 } else if (signature != null) { 469 signatureString = XMLUtils.print(signature); 470 xml.append(signatureString); 471 } 472 } 473 xml.append(IFSConstants.LEFT_ANGLE) 474 .append(prefix) 475 .append(IFSConstants.PROVIDER_ID) 476 .append(IFSConstants.RIGHT_ANGLE) 477 .append(providerID) 478 .append(IFSConstants.START_END_ELEMENT) 479 .append(prefix) 480 .append(IFSConstants.PROVIDER_ID) 481 .append(IFSConstants.RIGHT_ANGLE); 482 483 if (nameIdentifier != null) { 484 xml.append(nameIdentifier.toString()); 485 } 486 487 xml.append(IFSConstants.LEFT_ANGLE) 488 .append(prefix) 489 .append(IFSConstants.TARGET_NAME_SPACE) 490 .append(IFSConstants.RIGHT_ANGLE) 491 .append(targetNamespace) 492 .append(IFSConstants.START_END_ELEMENT) 493 .append(prefix) 494 .append(IFSConstants.TARGET_NAME_SPACE) 495 .append(IFSConstants.RIGHT_ANGLE) 496 .append(IFSConstants.START_END_ELEMENT) 497 .append(prefix) 498 .append(IFSConstants.NAMEID_MAPPING_REQUEST) 499 .append(IFSConstants.RIGHT_ANGLE); 500 501 return xml.toString(); 502 } 503}
Copyright © 2010-2017, ForgeRock All Rights Reserved.