Author: dimuthul
Date: Mon Feb 18 03:24:05 2008
New Revision: 13856
Log:
Fixing an issue in the SAML token validator.
Modified:
trunk/solutions/identity/modules/identity-provider/src/main/java/org/wso2/solutions/identity/admin/UserProfileAdmin.java
trunk/solutions/identity/modules/identity-provider/src/main/java/org/wso2/solutions/identity/persistence/IPPersistenceManager.java
trunk/solutions/identity/modules/identity-provider/src/main/java/org/wso2/solutions/identity/persistence/dao/UserProfileDAO.java
trunk/solutions/identity/modules/identity-provider/src/main/java/org/wso2/solutions/identity/sts/saml/SAML1TokenBuilder.java
trunk/solutions/identity/modules/identity-provider/src/main/java/org/wso2/solutions/identity/sts/saml/SAML2TokenBuilder.java
Modified:
trunk/solutions/identity/modules/identity-provider/src/main/java/org/wso2/solutions/identity/admin/UserProfileAdmin.java
==============================================================================
---
trunk/solutions/identity/modules/identity-provider/src/main/java/org/wso2/solutions/identity/admin/UserProfileAdmin.java
(original)
+++
trunk/solutions/identity/modules/identity-provider/src/main/java/org/wso2/solutions/identity/admin/UserProfileAdmin.java
Mon Feb 18 03:24:05 2008
@@ -17,23 +17,28 @@
throws IdentityProviderException {
dbman.create(userProfile);
}
-
+
public void deleteUserProfile(String userId, String profileName)
throws IdentityProviderException {
UserProfileDO userProfile = dbman.getUserProfile(userId, profileName);
dbman.delete(userProfile);
}
-
- public UserProfileDO[] getUserProfiles(String userId){
+
+ public UserProfileDO[] getUserProfiles(String userId) {
return dbman.getUserProfiles(userId);
- }
-
- public UserProfileValuesDO[] getUserProfileValues(String userId,String
profileName){
- return dbman.getUserProfileValues(userId, profileName);
}
-
- public void setUserProfileValues(UserProfileValuesDO[] values){
- //TODO
+
+ /**
+ * Get user profile values
+ * @param userId
+ * @param profileName
+ * @return
+ */
+ public UserProfileValuesDO[] getUserProfileValues(String userId,
+ String profileName) {
+ return dbman.getUserProfileValues(userId, profileName);
}
+
+
}
Modified:
trunk/solutions/identity/modules/identity-provider/src/main/java/org/wso2/solutions/identity/persistence/IPPersistenceManager.java
==============================================================================
---
trunk/solutions/identity/modules/identity-provider/src/main/java/org/wso2/solutions/identity/persistence/IPPersistenceManager.java
(original)
+++
trunk/solutions/identity/modules/identity-provider/src/main/java/org/wso2/solutions/identity/persistence/IPPersistenceManager.java
Mon Feb 18 03:24:05 2008
@@ -176,7 +176,7 @@
ClaimDAO dao = new ClaimDAO(hbConfig);
return dao.getAllEnabledClaims();
}
-
+
/**
* Provides all claims that are mapped and enabled.
*
@@ -236,8 +236,6 @@
dao.backupExpiredCards();
}
-
-
public RelyingPartyDO[] getAllRelyingParties() {
RelyingPartyDAO dao = new RelyingPartyDAO(hbConfig);
return dao.getAllRelyingParties();
@@ -308,7 +306,6 @@
return dao.getRealm(className);
}
-
public void RevokeInfoCard(InfoCardDO infoCard)
throws IdentityProviderException {
InfoCardDAO icDao = new InfoCardDAO(hbConfig);
@@ -327,8 +324,7 @@
return dao.getAllRevokedInfoCards();
}
- public UserTrustedRPDO[] getAllPersonalRelyingParties(
- String userId) {
+ public UserTrustedRPDO[] getAllPersonalRelyingParties(String userId) {
UserPersonalRelyingPartyDAO dao = new UserPersonalRelyingPartyDAO(
hbConfig);
return dao.getAllPersonalRelyingParties(userId);
@@ -414,13 +410,13 @@
IssuedTokenDAO dao = new IssuedTokenDAO(hbConfig);
return dao.getTokensGroupedByCardAndUser();
}
-
+
public IssuedTokensDO[] getAllTokensOfUser(String username) {
IssuedTokenDAO dao = new IssuedTokenDAO(hbConfig);
return dao.getTokensForUser(username);
}
-
- public IssuedTokensDO[] getTokensForUser(String userId){
+
+ public IssuedTokensDO[] getTokensForUser(String userId) {
IssuedTokenDAO dao = new IssuedTokenDAO(hbConfig);
return dao.getTokensForUser(userId);
}
@@ -436,34 +432,34 @@
IssuedTokenDAO dao = new IssuedTokenDAO(hbConfig);
return dao.getTokenDetailsForCardAndUser(cardId, userId);
}
-
- public String extractPrimaryUserName(String ppid){
+
+ public String extractPrimaryUserName(String ppid) {
RegisteredInfoCardInfoDAO dao = new
RegisteredInfoCardInfoDAO(hbConfig);
return dao.extractPrimaryUserName(ppid);
}
-
+
public OpenIDUserRPDO[] getOpenIDUserRP(String userId, String rpUrl) {
OpenIDUserRPDAO dao = new OpenIDUserRPDAO(hbConfig);
return dao.getOpenIDUserRP(userId, rpUrl);
}
-
+
public OpenIDUserRPDO[] getOpenIDUserRP(String userId) {
OpenIDUserRPDAO dao = new OpenIDUserRPDAO(hbConfig);
return dao.getOpenIDUserRP(userId);
}
-
- public UserProfileDO[] getUserProfiles(String userId){
+
+ public UserProfileDO[] getUserProfiles(String userId) {
UserProfileDAO dao = new UserProfileDAO(hbConfig);
return dao.getUserProfiles(userId);
}
-
-
- public UserProfileDO getUserProfile(String userId, String profileName){
+
+ public UserProfileDO getUserProfile(String userId, String profileName) {
UserProfileDAO dao = new UserProfileDAO(hbConfig);
return dao.getUserProfile(userId, profileName);
}
-
- public UserProfileValuesDO[] getUserProfileValues(String userId,String
profileName){
+
+ public UserProfileValuesDO[] getUserProfileValues(String userId,
+ String profileName) {
UserProfileDAO dao = new UserProfileDAO(hbConfig);
return dao.getUserProfileValues(userId, profileName);
}
Modified:
trunk/solutions/identity/modules/identity-provider/src/main/java/org/wso2/solutions/identity/persistence/dao/UserProfileDAO.java
==============================================================================
---
trunk/solutions/identity/modules/identity-provider/src/main/java/org/wso2/solutions/identity/persistence/dao/UserProfileDAO.java
(original)
+++
trunk/solutions/identity/modules/identity-provider/src/main/java/org/wso2/solutions/identity/persistence/dao/UserProfileDAO.java
Mon Feb 18 03:24:05 2008
@@ -1,6 +1,7 @@
package org.wso2.solutions.identity.persistence.dao;
import java.util.List;
+import java.util.Map;
import org.hibernate.Query;
import org.hibernate.Session;
@@ -94,4 +95,36 @@
return profileValues;
}
+ /**
+ * If value is there - then update it else add it
+ * @param userId
+ * @param profileName
+ * @param attributeName
+ * @param attributeValue
+ */
+ public void setUserProfileValues(String userId, String profileName,
+ Map properties) {
+
+ Session session = hbConfig.getCurrentSession();
+ Transaction tx = session.beginTransaction();
+ UserProfileValuesDO[] profileValues = new UserProfileValuesDO[0];
+ try {
+ String stmt = "from UserProfileValuesDO as value where
value.profile.userId = '"
+ + userId + "' and value.profile.profileName =
'"+profileName+"'";
+
+ Query query = session.createQuery(stmt);
+ List lst = query.list();
+
+
+ } catch (Throwable e) {
+ tx.rollback();
+ String msg = messages
+ .getMessage("errorQuerryingRegisteredInfoCardInfo");
+ log.error(msg, e);
+ throw new RuntimeException(msg, e);
+ } finally {
+ hbConfig.closeSession();
+ }
+ }
+
}
Modified:
trunk/solutions/identity/modules/identity-provider/src/main/java/org/wso2/solutions/identity/sts/saml/SAML1TokenBuilder.java
==============================================================================
---
trunk/solutions/identity/modules/identity-provider/src/main/java/org/wso2/solutions/identity/sts/saml/SAML1TokenBuilder.java
(original)
+++
trunk/solutions/identity/modules/identity-provider/src/main/java/org/wso2/solutions/identity/sts/saml/SAML1TokenBuilder.java
Mon Feb 18 03:24:05 2008
@@ -12,7 +12,6 @@
import org.apache.commons.logging.LogFactory;
import org.apache.rahas.RahasData;
import org.apache.xml.security.c14n.Canonicalizer;
-import org.apache.xml.security.signature.XMLSignature;
import org.apache.xml.security.utils.Base64;
import org.joda.time.DateTime;
import org.opensaml.saml1.core.Assertion;
@@ -152,7 +151,7 @@
throws IdentityProviderException {
Signature signature = (Signature)
buildXMLObject(Signature.DEFAULT_ELEMENT_NAME);
signature.setSigningCredential(cred);
- signature.setSignatureAlgorithm(XMLSignature.ALGO_ID_SIGNATURE_RSA);
+ signature.setSignatureAlgorithm(signatureAlgorithm);
signature
.setCanonicalizationAlgorithm(Canonicalizer.ALGO_ID_C14N_EXCL_OMIT_COMMENTS);
Modified:
trunk/solutions/identity/modules/identity-provider/src/main/java/org/wso2/solutions/identity/sts/saml/SAML2TokenBuilder.java
==============================================================================
---
trunk/solutions/identity/modules/identity-provider/src/main/java/org/wso2/solutions/identity/sts/saml/SAML2TokenBuilder.java
(original)
+++
trunk/solutions/identity/modules/identity-provider/src/main/java/org/wso2/solutions/identity/sts/saml/SAML2TokenBuilder.java
Mon Feb 18 03:24:05 2008
@@ -1,5 +1,6 @@
package org.wso2.solutions.identity.sts.saml;
+import java.security.cert.CertificateEncodingException;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;
@@ -11,7 +12,7 @@
import org.apache.commons.logging.LogFactory;
import org.apache.rahas.RahasData;
import org.apache.xml.security.c14n.Canonicalizer;
-import org.apache.xml.security.signature.XMLSignature;
+import org.apache.xml.security.utils.Base64;
import org.joda.time.DateTime;
import org.opensaml.saml2.core.Assertion;
import org.opensaml.saml2.core.Attribute;
@@ -32,8 +33,11 @@
import org.opensaml.xml.schema.XSString;
import org.opensaml.xml.schema.impl.XSStringBuilder;
import org.opensaml.xml.security.x509.X509Credential;
+import org.opensaml.xml.signature.KeyInfo;
import org.opensaml.xml.signature.Signature;
import org.opensaml.xml.signature.Signer;
+import org.opensaml.xml.signature.X509Certificate;
+import org.opensaml.xml.signature.X509Data;
import org.w3c.dom.Element;
import org.wso2.solutions.identity.IdentityConstants;
import org.wso2.solutions.identity.IdentityProviderException;
@@ -133,9 +137,24 @@
throws IdentityProviderException {
Signature signature = (Signature)
buildXMLObject(Signature.DEFAULT_ELEMENT_NAME);
signature.setSigningCredential(cred);
- signature.setSignatureAlgorithm(XMLSignature.ALGO_ID_SIGNATURE_RSA);
+ signature.setSignatureAlgorithm(signatureAlgorithm);
signature
.setCanonicalizationAlgorithm(Canonicalizer.ALGO_ID_C14N_EXCL_OMIT_COMMENTS);
+
+
+ try {
+ KeyInfo keyInfo =
(KeyInfo)buildXMLObject(KeyInfo.DEFAULT_ELEMENT_NAME);
+ X509Data data = (X509Data)
buildXMLObject(X509Data.DEFAULT_ELEMENT_NAME);
+ X509Certificate cert = (X509Certificate)
buildXMLObject(X509Certificate.DEFAULT_ELEMENT_NAME);
+ String value =
Base64.encode(cred.getEntityCertificate().getEncoded());
+ cert.setValue(value);
+ data.getX509Certificates().add(cert);
+ keyInfo.getX509Datas().add(data);
+ signature.setKeyInfo(keyInfo);
+ } catch (CertificateEncodingException e) {
+ throw new IdentityProviderException("errorGettingCert");
+ }
+
assertion.setSignature(signature);
signatureList.add(signature);
}
_______________________________________________
Identity-dev mailing list
[email protected]
http://wso2.org/cgi-bin/mailman/listinfo/identity-dev
