001/** 002 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER. 003 * 004 * Copyright (c) 2006 Sun Microsystems Inc. All Rights Reserved 005 * 006 * The contents of this file are subject to the terms 007 * of the Common Development and Distribution License 008 * (the License). You may not use this file except in 009 * compliance with the License. 010 * 011 * You can obtain a copy of the License at 012 * https://opensso.dev.java.net/public/CDDLv1.0.html or 013 * opensso/legal/CDDLv1.0.txt 014 * See the License for the specific language governing 015 * permission and limitations under the License. 016 * 017 * When distributing Covered Code, include this CDDL 018 * Header Notice in each file and include the License file 019 * at opensso/legal/CDDLv1.0.txt. 020 * If applicable, add the following below the CDDL Header, 021 * with the fields enclosed by brackets [] replaced by 022 * your own identifying information: 023 * "Portions Copyrighted [year] [name of copyright owner]" 024 * 025 * $Id: SASLResponse.java,v 1.2 2008/06/25 05:47:08 qcheng Exp $ 026 * Portions Copyrighted 2014 ForgeRock AS. 027 */ 028 029 030package com.sun.identity.liberty.ws.authnsvc.protocol; 031 032import java.util.ArrayList; 033import java.util.Iterator; 034import java.util.List; 035 036import org.w3c.dom.Document; 037import org.w3c.dom.Element; 038import org.w3c.dom.Node; 039import org.w3c.dom.NodeList; 040 041import javax.xml.namespace.QName; 042 043import com.sun.identity.shared.xml.XMLUtils; 044import com.sun.identity.shared.encode.Base64; 045import com.sun.identity.liberty.ws.authnsvc.AuthnSvcConstants; 046import com.sun.identity.liberty.ws.authnsvc.AuthnSvcException; 047import com.sun.identity.liberty.ws.authnsvc.AuthnSvcUtils; 048import com.sun.identity.liberty.ws.disco.common.DiscoConstants; 049import com.sun.identity.liberty.ws.disco.ResourceOffering; 050import com.sun.identity.liberty.ws.soapbinding.Utils; 051 052/** 053 * The <code>SASLResponse</code> class represents <code>SASLResponse</code> 054 * element defined in Authentication Service schema. 055 * 056 * @supported.all.api 057 * @deprecated since 12.0.0 058 */ 059@Deprecated 060public class SASLResponse { 061 062 /** 063 * Continue status where the server expects the client to send another 064 * <code>SASLRequest</code> 065 */ 066 public static final String CONTINUE = "continue"; 067 068 /** 069 * Abort status where the server is aborting the authentication exchange. 070 */ 071 public static final String ABORT = "abort"; 072 073 /** 074 * OK status where the server considers the authentication exchange to have 075 * successfully completed. 076 */ 077 public static final String OK = "OK"; 078 079 private String statusCode = null; 080 private PasswordTransforms passwordTransforms = null; 081 private byte[] data = null; 082 private ResourceOffering resourceOffering = null; 083 private List credentials = null; 084 private String serverMechanism = null; 085 private String id = null; 086 private String messageID = null; 087 private String refToMessageID = null; 088 089 /** 090 * Constructs a <code>SASLResponse</code> instance. 091 * 092 * @param statusCode Status Code. 093 */ 094 public SASLResponse(String statusCode) { 095 this.statusCode = statusCode; 096 } 097 098 /** 099 * Constructs a <code>SASLResponse</code> with a 100 * <code>org.w3c.dom.Element</code>. 101 * @param element a <code>SASLResponse</code> element 102 * @exception AuthnSvcException if an error occurs while parsing the 103 * <code>SASLResponse</code> element 104 */ 105 public SASLResponse(Element element) throws AuthnSvcException { 106 Element statusE = null; 107 Element ptE = null; 108 Element dataE = null; 109 Element roE = null; 110 Element credentialsE = null; 111 112 NodeList nl = element.getChildNodes(); 113 int length = nl.getLength(); 114 115 int i; 116 for(i = 0; i < length; i++) { 117 Node child = nl.item(i); 118 if (child.getNodeType() == Node.ELEMENT_NODE) { 119 Element childElement = (Element)child; 120 String localName = childElement.getLocalName(); 121 String namespaceURI = childElement.getNamespaceURI(); 122 123 if (AuthnSvcConstants.NS_AUTHN_SVC.equals(namespaceURI) && 124 AuthnSvcConstants.TAG_STATUS.equals(localName)){ 125 statusE = childElement; 126 break; 127 } else { 128 throw new AuthnSvcException("missingStatus"); 129 } 130 } 131 } 132 133 String statusCodeStr = XMLUtils.getNodeAttributeValue( 134 statusE, 135 AuthnSvcConstants.ATTR_CODE); 136 QName statusCodeQN = Utils.convertStringToQName(statusCodeStr, 137 statusE); 138 if (!AuthnSvcConstants.NS_AUTHN_SVC 139 .equals(statusCodeQN.getNamespaceURI())) { 140 throw new AuthnSvcException("invalidStatusCodeNS"); 141 } 142 143 statusCode = statusCodeQN.getLocalPart(); 144 145 for(i = i + 1; i < length; i++) { 146 Node child = nl.item(i); 147 if (child.getNodeType() == Node.ELEMENT_NODE) { 148 Element childElement = (Element)child; 149 String localName = childElement.getLocalName(); 150 String namespaceURI = childElement.getNamespaceURI(); 151 if (AuthnSvcConstants.NS_AUTHN_SVC.equals(namespaceURI)) { 152 if (AuthnSvcConstants.TAG_STATUS.equals(localName)) { 153 throw new AuthnSvcException("tooManyStatus"); 154 } else if(AuthnSvcConstants.TAG_PASSWORD_TRANSFORMS 155 .equals(localName)){ 156 if (ptE != null) { 157 throw new AuthnSvcException("tooManyPT"); 158 } else if (dataE != null || roE != null || 159 credentialsE != null) { 160 throw new AuthnSvcException("invalidSeq"); 161 } 162 ptE = childElement; 163 } else if(AuthnSvcConstants.TAG_DATA.equals(localName)){ 164 if (dataE != null) { 165 throw new AuthnSvcException("tooManyData"); 166 } else if (roE != null || credentialsE != null) { 167 throw new AuthnSvcException("invalidSeq"); 168 } 169 dataE = childElement; 170 } else if(AuthnSvcConstants.TAG_CREDENTIALS 171 .equals(localName)){ 172 if (credentialsE != null) { 173 throw new AuthnSvcException("tooManyCr"); 174 } 175 credentialsE = childElement; 176 } else { 177 throw new AuthnSvcException("invalidChild"); 178 } 179 } else if (DiscoConstants.DISCO_NS.equals(namespaceURI) && 180 AuthnSvcConstants.TAG_RESOURCE_OFFERING 181 .equals(localName)) { 182 if (roE != null) { 183 throw new AuthnSvcException("tooManyRO"); 184 } else if (credentialsE != null) { 185 throw new AuthnSvcException("invalidSeq"); 186 } 187 roE = childElement; 188 } else { 189 throw new AuthnSvcException("invalidChild"); 190 } 191 } 192 } 193 194 if (ptE != null) { 195 passwordTransforms = new PasswordTransforms(ptE); 196 } 197 198 data = AuthnSvcUtils.decodeDataElement(dataE); 199 200 if (roE != null) { 201 try { 202 resourceOffering = new ResourceOffering(roE); 203 } catch (Exception ex) { 204 throw new AuthnSvcException(ex); 205 } 206 } 207 208 if (credentialsE != null) { 209 credentials = new ArrayList(); 210 nl = credentialsE.getChildNodes(); 211 for(i = 0; i < nl.getLength(); i++) { 212 Node child = nl.item(i); 213 if (child.getNodeType() == Node.ELEMENT_NODE) { 214 credentials.add(child); 215 } 216 } 217 } 218 219 serverMechanism = XMLUtils.getNodeAttributeValue( 220 element, 221 AuthnSvcConstants.ATTR_SERVER_MECHANISM); 222 223 id = XMLUtils.getNodeAttributeValue(element, 224 AuthnSvcConstants.ATTR_id); 225 226 } 227 228 /** 229 * Returns value of attribute 'code' of Element 'Status'. 230 * @return value of attribute 'code' of Element 'Status' 231 * @see #setStatusCode(String) 232 */ 233 public String getStatusCode() 234 { 235 return statusCode; 236 } 237 238 /** 239 * Returns child Element 'PasswordTransforms'. 240 * @return child Element 'PasswordTransforms' 241 * @see #setPasswordTransforms(PasswordTransforms) 242 */ 243 public PasswordTransforms getPasswordTransforms() 244 { 245 return passwordTransforms; 246 } 247 248 /** 249 * Returns value of Element 'Data'. 250 * @return value of Element 'Data' 251 * @see #setData(byte[]) 252 */ 253 public byte[] getData() 254 { 255 return data; 256 } 257 258 /** 259 * Returns Element <code>ResourceOffering</code>. 260 * @return Element <code>ResourceOffering</code>. 261 * @see #setResourceOffering(ResourceOffering) 262 */ 263 public ResourceOffering getResourceOffering() { 264 return resourceOffering; 265 } 266 267 /** 268 * Returns a list of child Element of 'Credentials' Element. 269 * @return a list of child Element of 'Credentials' Element 270 * @see #setCredentials(List) 271 */ 272 public List getCredentials() { 273 return credentials; 274 } 275 276 /** 277 * Returns value of <code>serverMechanism</code> attribute. 278 * @return value of <code>serverMechanism</code> attribute 279 * @see #setServerMechanism(String) 280 */ 281 public String getServerMechanism() { 282 return serverMechanism; 283 } 284 285 /** 286 * Returns value of <code>id</code> attribute. 287 * @return value of <code>id</code> attribute 288 * @see #setId(String) 289 */ 290 public String getId() { 291 return id; 292 } 293 294 /** 295 * Returns value of <code>messageID</code> attribute of 296 * <code>CorrelationHeader</code>. 297 * @return value of <code>messageID</code> attribute 298 * @see #setMessageID(String) 299 */ 300 public String getMessageID() { 301 return messageID; 302 } 303 304 /** 305 * Returns value of <code>refToMessageID</code> attribute of 306 * <code>CorrelationHeader</code>. 307 * @return value of <code>refToMessageID</code> attribute 308 * @see #setRefToMessageID(String) 309 */ 310 public String getRefToMessageID() { 311 return refToMessageID; 312 } 313 314 /** 315 * Sets value of attribute 'code' of Element 'Status'. 316 * @param statusCode value of attribute 'code' of Element 'Status' 317 * @see #getStatusCode() 318 */ 319 public void setStatusCode(String statusCode) { 320 this.statusCode = statusCode; 321 } 322 323 /** 324 * Sets child Element 'PasswordTransforms' 325 * @param passwordTransforms Element 'PasswordTransforms' 326 * @see #getPasswordTransforms() 327 */ 328 public void setPasswordTransforms(PasswordTransforms passwordTransforms) 329 { 330 this.passwordTransforms = passwordTransforms; 331 } 332 333 /** 334 * Sets value of Element 'Data'. 335 * @param data value of Element 'Data' 336 * @see #getData() 337 */ 338 public void setData(byte[] data) { 339 this.data = data; 340 } 341 342 /** 343 * Sets Element <code>ResourceOffering</code>. 344 * @param resourceOffering Element <code>ResourceOffering</code> 345 * @see #getResourceOffering() 346 */ 347 public void setResourceOffering(ResourceOffering resourceOffering) { 348 this.resourceOffering = resourceOffering; 349 } 350 351 /** 352 * Sets a list of child Elements of 'Credentials' Element. 353 * @param credentials a list of child Elements of 'Credentials' Element 354 * @see #getCredentials() 355 */ 356 public void setCredentials(List credentials) { 357 this.credentials = credentials; 358 } 359 360 /** 361 * Sets value of <code>mechanism</code> attribute. 362 * @param serverMechanism value of <code>mechanism</code> attribute 363 * @see #getServerMechanism() 364 */ 365 public void setServerMechanism(String serverMechanism) { 366 this.serverMechanism = serverMechanism; 367 } 368 369 /** 370 * Sets value of <code>id</code> attribute. 371 * @param id value of <code>id</code> attribute 372 * @see #getId() 373 */ 374 public void setId(String id) { 375 this.id = id; 376 } 377 378 /** 379 * Sets value of <code>messageID</code> attribute of 380 * <code>CorrelationHeader</code>. 381 * @param messageID value of <code>messageID</code> attribute 382 * @see #getMessageID() 383 */ 384 public void setMessageID(String messageID) { 385 this.messageID = messageID; 386 } 387 388 /** 389 * Sets value of <code>refToMessageID</code> attribute of 390 * <code>CorrelationHeader</code>. 391 * @param refToMessageID value of <code>refToMessageID</code> attribute 392 * @see #getRefToMessageID() 393 */ 394 public void setRefToMessageID(String refToMessageID) { 395 this.refToMessageID = refToMessageID; 396 } 397 398 /** 399 * Returns <code>SASLResponse</code> in <code>org.w3c.dom.Element</code> 400 * format. 401 * 402 * @return <code>SASLResponse</code> in <code>org.w3c.dom.Element</code> 403 * format. 404 * @exception AuthnSvcException if an error occurs while creating the 405 * <code>SASLResponse</code> element 406 */ 407 public Element toElement() throws AuthnSvcException { 408 Document doc = null; 409 try { 410 doc = XMLUtils.newDocument(); 411 } catch (Exception ex) { 412 AuthnSvcUtils.debug.error("SASLResponse:toElement", ex); 413 throw new AuthnSvcException(ex.getMessage()); 414 } 415 416 Element saslRespE = doc.createElementNS(AuthnSvcConstants.NS_AUTHN_SVC, 417 AuthnSvcConstants.PTAG_SASL_RESPONSE); 418 saslRespE.setAttributeNS(AuthnSvcConstants.NS_XML, 419 AuthnSvcConstants.XMLNS_AUTHN_SVC, 420 AuthnSvcConstants.NS_AUTHN_SVC); 421 saslRespE.setAttributeNS(AuthnSvcConstants.NS_XML, 422 AuthnSvcConstants.XMLNS_DISCO, 423 DiscoConstants.DISCO_NS); 424 425 Element statusE = doc.createElementNS(AuthnSvcConstants.NS_AUTHN_SVC, 426 AuthnSvcConstants.PTAG_STATUS); 427 statusE.setAttributeNS(null, AuthnSvcConstants.ATTR_CODE, 428 AuthnSvcConstants.PREFIX_AUTHN_SVC + ":" + statusCode); 429 saslRespE.appendChild(statusE); 430 431 if (passwordTransforms != null) { 432 passwordTransforms.addToParent(saslRespE); 433 } 434 435 if (data != null) { 436 Element dataE = doc.createElementNS(AuthnSvcConstants.NS_AUTHN_SVC, 437 AuthnSvcConstants.PTAG_DATA); 438 dataE.appendChild(doc.createTextNode(Base64.encode(data))); 439 saslRespE.appendChild(dataE); 440 } 441 442 if (resourceOffering != null) { 443 Document roDoc = 444 XMLUtils.toDOMDocument(resourceOffering.toString(), 445 AuthnSvcUtils.debug); 446 if (roDoc == null) { 447 throw new AuthnSvcException("invalidRO"); 448 } 449 saslRespE.appendChild(doc.importNode(roDoc.getDocumentElement(), 450 true)); 451 } 452 453 if (credentials != null && !credentials.isEmpty()) { 454 Element credentialsE = 455 doc.createElementNS(AuthnSvcConstants.NS_AUTHN_SVC, 456 AuthnSvcConstants.PTAG_CREDENTIALS); 457 Iterator iter = credentials.iterator(); 458 while (iter.hasNext()) { 459 credentialsE.appendChild(doc.importNode((Element)iter.next(), 460 true)); 461 } 462 saslRespE.appendChild(credentialsE); 463 } 464 465 if (serverMechanism != null) { 466 saslRespE.setAttributeNS(null, 467 AuthnSvcConstants.ATTR_SERVER_MECHANISM, 468 serverMechanism); 469 } 470 471 if (id != null) { 472 saslRespE.setAttributeNS(null, AuthnSvcConstants.ATTR_id, id); 473 } 474 475 doc.appendChild(saslRespE); 476 return doc.getDocumentElement(); 477 } 478}