Author: prabath
Date: Mon Jan 21 02:06:04 2008
New Revision: 12594
Log:
OpenID integration
Modified:
trunk/solutions/identity/modules/identity-provider/src/main/java/org/wso2/solutions/identity/sts/IdentityTokenIssuer.java
Modified:
trunk/solutions/identity/modules/identity-provider/src/main/java/org/wso2/solutions/identity/sts/IdentityTokenIssuer.java
==============================================================================
---
trunk/solutions/identity/modules/identity-provider/src/main/java/org/wso2/solutions/identity/sts/IdentityTokenIssuer.java
(original)
+++
trunk/solutions/identity/modules/identity-provider/src/main/java/org/wso2/solutions/identity/sts/IdentityTokenIssuer.java
Mon Jan 21 02:06:04 2008
@@ -82,16 +82,17 @@
import org.wso2.utils.ServerConfiguration;
/**
- * This is the main token issuer implementation identity provider.
- * Two types of credential mechanisms are supported:
+ * This is the main token issuer implementation identity provider. Two types of
+ * credential mechanisms are supported:
*
- * <ul><li>Username and Password Credential</li>
+ * <ul>
+ * <li>Username and Password Credential</li>
* <li>Self-issued Token Credential</li>
* </ul>
*
- * Supported list of claims can be configured and the values of those
supported
- * claims will be obtained from the user store setup to work with the
- * identity provider.
+ * Supported list of claims can be configured and the values of those supported
+ * claims will be obtained from the user store setup to work with the identity
+ * provider.
*/
public class IdentityTokenIssuer implements TokenIssuer {
@@ -129,7 +130,7 @@
+ "\n\n");
}
- ipData = new IdentityProviderData(data);
+ ipData = getIdentityProviderData(data);
boolean isValidCard = isValidCard(ipData.getCardID());
if (debug) {
@@ -158,7 +159,9 @@
/**
* Create the response SOAP envelope.
- * @param data WS-Trust information in the issue request.
+ *
+ * @param data
+ * WS-Trust information in the issue request.
* @return response SOAP envelope.
* @throws TrustException
*/
@@ -255,7 +258,8 @@
} catch (Exception e) {
log.error(e.getMessage());
try {
- ReportAdmin.record(ipData.getUserIdentifier(),
ActionDO.ACTION_TOKEN_ISSUE_FAILURE, e.getMessage());
+ ReportAdmin.record(ipData.getUserIdentifier(),
+ ActionDO.ACTION_TOKEN_ISSUE_FAILURE, e.getMessage());
} catch (IdentityProviderException e1) {
throw new TrustException(TrustException.REQUEST_FAILED, e1);
}
@@ -269,21 +273,30 @@
/**
* Create the <code>wst:RequstedSecurityTokenRespoonse</code> element.
- * @param data WS-Trust information in the issue request
- * @param notBefore Created time
- * @param notAfter Expiration time
- * @param env Response SOAP envelope
- * @param doc <code>org.w3.dom.Document</code> instance of the response
SOAP envelope
- * @param assertion SAML Assertion to be sent in the response.
- * @param encryptedKey Key used to encrypt the SAML assertion.
+ *
+ * @param data
+ * WS-Trust information in the issue request
+ * @param notBefore
+ * Created time
+ * @param notAfter
+ * Expiration time
+ * @param env
+ * Response SOAP envelope
+ * @param doc
+ * <code>org.w3.dom.Document</code> instance of the
+ * response SOAP envelope
+ * @param assertion
+ * SAML Assertion to be sent in the response.
+ * @param encryptedKey
+ * Key used to encrypt the SAML assertion.
* @return <code>wst:RequstedSecurityTokenRespoonse</code> element.
* @throws TrustException
* @throws SAMLException
*/
- protected OMElement createRSTR(RahasData data, Date notBefore, Date
notAfter,
- SOAPEnvelope env, Document doc, SAMLAssertion assertion,
- WSSecEncryptedKey encryptedKey) throws TrustException,
- SAMLException, IdentityProviderException {
+ protected OMElement createRSTR(RahasData data, Date notBefore,
+ Date notAfter, SOAPEnvelope env, Document doc,
+ SAMLAssertion assertion, WSSecEncryptedKey encryptedKey)
+ throws TrustException, SAMLException, IdentityProviderException {
if (log.isDebugEnabled()) {
log.debug("Begin RSTR Element creation.");
}
@@ -373,8 +386,11 @@
/**
* Create and add wst:AttachedReference element
- * @param rstrElem wst:RequestSecurityToken element
- * @param id Token identifier
+ *
+ * @param rstrElem
+ * wst:RequestSecurityToken element
+ * @param id
+ * Token identifier
*/
protected void createAttachedRef(OMElement rstrElem, String id) {
OMFactory fac = rstrElem.getOMFactory();
@@ -396,8 +412,11 @@
/**
* Create and add wst:UnattachedReference element
- * @param rstrElem wst:RequestSecurityToken element
- * @param id Token identifier
+ *
+ * @param rstrElem
+ * wst:RequestSecurityToken element
+ * @param id
+ * Token identifier
*/
protected void createUnattachedRef(OMElement rstrElem, String id) {
OMFactory fac = rstrElem.getOMFactory();
@@ -420,6 +439,7 @@
/**
* Encrypt the given SAML Assertion element with the given key information.
+ *
* @param doc
* @param assertionElement
* @param encryptedKey
@@ -448,9 +468,12 @@
/**
* Create the DisplayToken element according to CardSpace specifications.
- * @param rahasData Information from the WS-Trust request.
- * @param ipData CardSpace specific meta-data for this issuance.
- * @return The DisplayToken element.
+ *
+ * @param rahasData
+ * Information from the WS-Trust request.
+ * @param ipData
+ * CardSpace specific meta-data for this issuance.
+ * @return The DisplayToken element.
*/
protected OMElement createDisplayToken(OMElement rstrElem,
IdentityProviderData ipData) throws IdentityProviderException {
@@ -474,17 +497,19 @@
RequestedClaimData claim = (RequestedClaimData) ite.next();
if (claim.uri.equals(IdentityConstants.CLAIM_PPID)) {
- //PPID display token
- IdentityProviderUtil.createDisplayClaim(displayToken,
ipData
- .getDisplayName(claim.uri), IdentityUtil
- .getPPIDDisplayValue(claim.value), claim.uri);
+ // PPID display token
+ IdentityProviderUtil.createDisplayClaim(displayToken,
+ ipData.getDisplayName(claim.uri), IdentityUtil
+ .getPPIDDisplayValue(claim.value),
+ claim.uri);
} else {
- IdentityProviderUtil.createDisplayClaim(displayToken,
ipData
- .getDisplayName(claim.uri), claim.value,
claim.uri);
+ IdentityProviderUtil.createDisplayClaim(displayToken,
+ ipData.getDisplayName(claim.uri), claim.value,
+ claim.uri);
}
}
} catch (Exception e) {
- throw new IdentityProviderException(e.getMessage(),e);
+ throw new IdentityProviderException(e.getMessage(), e);
}
if (log.isDebugEnabled()) {
@@ -496,8 +521,11 @@
/**
* Create SAML attribute statements for the response token.
- * @param ipData Meta-data for this issuer.
- * @param rahasData WS-Trust common information in the issue request.
+ *
+ * @param ipData
+ * Meta-data for this issuer.
+ * @param rahasData
+ * WS-Trust common information in the issue request.
* @return An array of SAML attribute statements
* @throws SAMLException
* @throws IdentityProviderException
@@ -532,7 +560,7 @@
int index = uri.lastIndexOf("/");
- if(claim.value == null) {
+ if (claim.value == null) {
throw new IdentityProviderException(
"noValueForRequestedAttribute",
new String[] { claim.uri });
@@ -544,8 +572,7 @@
new String[] { uri });
}
SAMLAttribute attr = new SAMLAttribute(uri.substring(index + 1, uri
- .length()), uri.substring(0, index) , null, -1,
- list);
+ .length()), uri.substring(0, index), null, -1, list);
assertionList.add(attr);
}
@@ -565,11 +592,15 @@
/**
* Obtain the ppid for the given user for the given rp.
- * @param rahasData WS-Trust information in the issue request.
- * @param name Name of the user/subject.
- * @param appliesToEpr EPR element in wst:AppliesTo element.
- * @return PPID value. If there's already an issued token then the ppid
- * value will be reused.
+ *
+ * @param rahasData
+ * WS-Trust information in the issue request.
+ * @param name
+ * Name of the user/subject.
+ * @param appliesToEpr
+ * EPR element in wst:AppliesTo element.
+ * @return PPID value. If there's already an issued token then the ppid
+ * value will be reused.
* @throws IdentityProviderException
*/
private String getPPID(RahasData rahasData, String name,
@@ -586,8 +617,7 @@
hostName = ppidValueDOs[i].getRelyingParty().getHostName();
} else if (ppidValueDOs[i].getPersonalRelyingParty() != null) {
hostName = ppidValueDOs[i].getPersonalRelyingParty()
- .getIdentifier()
- .getHostName();
+ .getIdentifier().getHostName();
}
if (hostName == null) {
@@ -601,22 +631,22 @@
}
if (ppidValueDO != null) {
- //If we have already issued a PPID
- //Then return that value
+ // If we have already issued a PPID
+ // Then return that value
return ppidValueDO.getPpid();
} else {
- //A new request targeted for a new RP
+ // A new request targeted for a new RP
String newPpid = Base64.encode(UUIDGenerator.getUUID().getBytes());
ppidValueDO = new PPIDValueDO();
ppidValueDO.setUserId(name);
ppidValueDO.setPpid(newPpid);
- //If the host is globally trusted
+ // If the host is globally trusted
RelyingPartyDO rp = db.getRelyingParty(appliesToHostName);
if (rp != null) {
ppidValueDO.setRelyingParty(rp);
} else {
- //Else the host MUST be personally trusted
+ // Else the host MUST be personally trusted
ppidValueDO.setPersonalRelyingParty(db.getPersonalRelyingParty(
name, appliesToHostName));
}
@@ -631,7 +661,7 @@
* [EMAIL PROTECTED]
*/
public void setConfigurationElement(OMElement configElement) {
- //Nothing to do
+ // Nothing to do
}
/**
@@ -645,13 +675,15 @@
* [EMAIL PROTECTED]
*/
public void setConfigurationParamName(String configParamName) {
- //Nothing to do
+ // Nothing to do
}
/**
- * Check whether the information card referenced in the token request is
- * a valid managed information card issued by the identity provider.
- * @param cardId Identifier of the information card.
+ * Check whether the information card referenced in the token request is a
+ * valid managed information card issued by the identity provider.
+ *
+ * @param cardId
+ * Identifier of the information card.
* @return Whether the card is valid or not.
* @throws IdentityProviderException
*/
@@ -675,5 +707,10 @@
return retval;
}
-
+
+ protected IdentityProviderData getIdentityProviderData(RahasData rahasData)
+ throws Exception {
+ return new IdentityProviderData(rahasData);
+ }
+
}
_______________________________________________
Identity-dev mailing list
[email protected]
http://wso2.org/cgi-bin/mailman/listinfo/identity-dev
