Author: dimuthul
Date: Thu Feb 21 03:30:49 2008
New Revision: 13960
Log:
Adding SAML2TestCase
Fixing the test failure
Formatting the code.
Modified:
trunk/solutions/identity/modules/identity-provider/src/main/java/org/wso2/solutions/identity/sts/saml/SAML1TokenBuilder.java
trunk/solutions/identity/modules/identity-provider/src/main/java/org/wso2/solutions/identity/sts/saml/SAML2TokenBuilder.java
trunk/solutions/identity/modules/identity-provider/src/main/java/org/wso2/solutions/identity/sts/saml/SignKeyDataHolder.java
trunk/solutions/identity/modules/identity-provider/src/test/java/org/wso2/solutions/identity/sts/saml/SAML1TokenBuilderSimulator.java
trunk/solutions/identity/modules/identity-provider/src/test/java/org/wso2/solutions/identity/sts/saml/SAML1TokenBuilderTest.java
trunk/solutions/identity/modules/identity-provider/src/test/java/org/wso2/solutions/identity/sts/saml/X509CredentialImpl.java
trunk/solutions/identity/modules/identity-provider/src/test/resources/wso2identity.hbm.xml
trunk/solutions/identity/modules/token-verifier-core/src/main/java/org/wso2/solutions/identity/saml/relyingparty/SAMLTokenVerifier.java
Modified:
trunk/solutions/identity/modules/identity-provider/src/main/java/org/wso2/solutions/identity/sts/saml/SAML1TokenBuilder.java
==============================================================================
---
trunk/solutions/identity/modules/identity-provider/src/main/java/org/wso2/solutions/identity/sts/saml/SAML1TokenBuilder.java
(original)
+++
trunk/solutions/identity/modules/identity-provider/src/main/java/org/wso2/solutions/identity/sts/saml/SAML1TokenBuilder.java
Thu Feb 21 03:30:49 2008
@@ -137,20 +137,21 @@
signature.setSignatureAlgorithm(signatureAlgorithm);
signature
.setCanonicalizationAlgorithm(Canonicalizer.ALGO_ID_C14N_EXCL_OMIT_COMMENTS);
-
+
try {
- KeyInfo keyInfo =
(KeyInfo)buildXMLObject(KeyInfo.DEFAULT_ELEMENT_NAME);
+ KeyInfo keyInfo = (KeyInfo)
buildXMLObject(KeyInfo.DEFAULT_ELEMENT_NAME);
X509Data data = (X509Data)
buildXMLObject(X509Data.DEFAULT_ELEMENT_NAME);
X509Certificate cert = (X509Certificate)
buildXMLObject(X509Certificate.DEFAULT_ELEMENT_NAME);
- String value =
Base64.encode(cred.getEntityCertificate().getEncoded());
+ String value = Base64.encode(cred.getEntityCertificate()
+ .getEncoded());
cert.setValue(value);
data.getX509Certificates().add(cert);
keyInfo.getX509Datas().add(data);
signature.setKeyInfo(keyInfo);
} catch (CertificateEncodingException e) {
- throw new IdentityProviderException("errorGettingCert");
+ throw new IdentityProviderException("errorGettingCert");
}
-
+
assertion.setSignature(signature);
signatureList.add(signature);
}
Modified:
trunk/solutions/identity/modules/identity-provider/src/main/java/org/wso2/solutions/identity/sts/saml/SAML2TokenBuilder.java
==============================================================================
---
trunk/solutions/identity/modules/identity-provider/src/main/java/org/wso2/solutions/identity/sts/saml/SAML2TokenBuilder.java
(original)
+++
trunk/solutions/identity/modules/identity-provider/src/main/java/org/wso2/solutions/identity/sts/saml/SAML2TokenBuilder.java
Thu Feb 21 03:30:49 2008
@@ -30,7 +30,9 @@
import org.opensaml.xml.io.Marshaller;
import org.opensaml.xml.io.MarshallerFactory;
import org.opensaml.xml.io.MarshallingException;
+import org.opensaml.xml.schema.XSBase64Binary;
import org.opensaml.xml.schema.XSString;
+import org.opensaml.xml.schema.impl.XSBase64BinaryBuilder;
import org.opensaml.xml.schema.impl.XSStringBuilder;
import org.opensaml.xml.security.x509.X509Credential;
import org.opensaml.xml.signature.KeyInfo;
@@ -49,10 +51,10 @@
private static Log log = LogFactory.getLog(SAML2TokenBuilder.class);
- private Assertion assertion = null;
- private AttributeStatement attributeStmt = null;
- private List signatureList = new ArrayList();
- private Element signedAssertion = null;
+ protected Assertion assertion = null;
+ protected AttributeStatement attributeStmt = null;
+ protected List signatureList = new ArrayList();
+ protected Element signedAssertion = null;
public static final String CONF_KEY =
"urn:oasis:names:tc:SAML:2.0:cm:holder-of-key";
@@ -87,14 +89,27 @@
XMLObjectBuilderFactory builderFactory = Configuration
.getBuilderFactory();
- XSStringBuilder attributeValueBuilder = (XSStringBuilder)
builderFactory
- .getBuilder(XSString.TYPE_NAME);
-
- XSString stringValue = attributeValueBuilder.buildObject(
- AttributeValue.DEFAULT_ELEMENT_NAME, XSString.TYPE_NAME);
- stringValue.setValue(claim.value);
- attribute.getAttributeValues().add(stringValue);
+ // TODO remove this else if condition after WSO2 IS supports claim
+ // types properly
+ if (claim.uri.equals(IdentityConstants.CLAIM_PPID)) {
+ XSBase64BinaryBuilder ppidValueBuilder =
(XSBase64BinaryBuilder) builderFactory
+ .getBuilder(XSBase64Binary.TYPE_NAME);
+ XSBase64Binary ppidValue = ppidValueBuilder.buildObject(
+ AttributeValue.DEFAULT_ELEMENT_NAME,
+ XSBase64Binary.TYPE_NAME);
+ ppidValue.setValue(claim.value);
+ attribute.getAttributeValues().add(ppidValue);
+ } else {
+ XSStringBuilder attributeValueBuilder = (XSStringBuilder)
builderFactory
+ .getBuilder(XSString.TYPE_NAME);
+
+ XSString stringValue = attributeValueBuilder
+ .buildObject(AttributeValue.DEFAULT_ELEMENT_NAME,
+ XSString.TYPE_NAME);
+ stringValue.setValue(claim.value);
+ attribute.getAttributeValues().add(stringValue);
+ }
attributeStmt.getAttributes().add(attribute);
}
}
@@ -140,21 +155,21 @@
signature.setSignatureAlgorithm(signatureAlgorithm);
signature
.setCanonicalizationAlgorithm(Canonicalizer.ALGO_ID_C14N_EXCL_OMIT_COMMENTS);
-
-
+
try {
- KeyInfo keyInfo =
(KeyInfo)buildXMLObject(KeyInfo.DEFAULT_ELEMENT_NAME);
+ KeyInfo keyInfo = (KeyInfo)
buildXMLObject(KeyInfo.DEFAULT_ELEMENT_NAME);
X509Data data = (X509Data)
buildXMLObject(X509Data.DEFAULT_ELEMENT_NAME);
X509Certificate cert = (X509Certificate)
buildXMLObject(X509Certificate.DEFAULT_ELEMENT_NAME);
- String value =
Base64.encode(cred.getEntityCertificate().getEncoded());
+ String value = Base64.encode(cred.getEntityCertificate()
+ .getEncoded());
cert.setValue(value);
data.getX509Certificates().add(cert);
keyInfo.getX509Datas().add(data);
signature.setKeyInfo(keyInfo);
} catch (CertificateEncodingException e) {
- throw new IdentityProviderException("errorGettingCert");
+ throw new IdentityProviderException("errorGettingCert");
}
-
+
assertion.setSignature(signature);
signatureList.add(signature);
}
Modified:
trunk/solutions/identity/modules/identity-provider/src/main/java/org/wso2/solutions/identity/sts/saml/SignKeyDataHolder.java
==============================================================================
---
trunk/solutions/identity/modules/identity-provider/src/main/java/org/wso2/solutions/identity/sts/saml/SignKeyDataHolder.java
(original)
+++
trunk/solutions/identity/modules/identity-provider/src/main/java/org/wso2/solutions/identity/sts/saml/SignKeyDataHolder.java
Thu Feb 21 03:30:49 2008
@@ -48,6 +48,7 @@
issuerCerts = KeyUtil.getServiceCertificateChain(keyAlias);
signatureAlgorithm = XMLSignature.ALGO_ID_SIGNATURE_RSA;
+
String pubKeyAlgo = issuerCerts[0].getPublicKey().getAlgorithm();
if (pubKeyAlgo.equalsIgnoreCase("DSA")) {
signatureAlgorithm = XMLSignature.ALGO_ID_SIGNATURE_DSA;
Modified:
trunk/solutions/identity/modules/identity-provider/src/test/java/org/wso2/solutions/identity/sts/saml/SAML1TokenBuilderSimulator.java
==============================================================================
---
trunk/solutions/identity/modules/identity-provider/src/test/java/org/wso2/solutions/identity/sts/saml/SAML1TokenBuilderSimulator.java
(original)
+++
trunk/solutions/identity/modules/identity-provider/src/test/java/org/wso2/solutions/identity/sts/saml/SAML1TokenBuilderSimulator.java
Thu Feb 21 03:30:49 2008
@@ -23,7 +23,7 @@
public void createStatement(IdentityProviderData ipData, RahasData
rahasData)
throws IdentityProviderException {
-
+
attributeStmt = (AttributeStatement)
buildXMLObject(AttributeStatement.DEFAULT_ELEMENT_NAME);
Subject subject = (Subject)
buildXMLObject(Subject.DEFAULT_ELEMENT_NAME);
@@ -33,27 +33,27 @@
subjectConf.getConfirmationMethods().add(confMethod);
subject.setSubjectConfirmation(subjectConf);
- String uri = "http://www.test.dialect/name";;
- int index = uri.lastIndexOf("/");
- String attrName = uri.substring(index + 1, uri.length());
- String attrNamespace = uri.substring(0, index);
-
- Attribute attribute = (Attribute)
buildXMLObject(Attribute.DEFAULT_ELEMENT_NAME);
- attribute.setAttributeName(attrName);
- attribute.setAttributeNamespace(attrNamespace);
-
- XMLObjectBuilderFactory builderFactory = Configuration
- .getBuilderFactory();
-
- XSAnyBuilder attributeValueBuilder = (XSAnyBuilder) builderFactory
- .getBuilder(XSAny.TYPE_NAME);
-
- XSAny stringValue = attributeValueBuilder.buildObject(
- AttributeValue.DEFAULT_ELEMENT_NAME, null);
- stringValue.setTextContent("test");
-
- attribute.getAttributeValues().add(stringValue);
- attributeStmt.getAttributes().add(attribute);
+ String uri = "http://www.test.dialect/name";;
+ int index = uri.lastIndexOf("/");
+ String attrName = uri.substring(index + 1, uri.length());
+ String attrNamespace = uri.substring(0, index);
+
+ Attribute attribute = (Attribute)
buildXMLObject(Attribute.DEFAULT_ELEMENT_NAME);
+ attribute.setAttributeName(attrName);
+ attribute.setAttributeNamespace(attrNamespace);
+
+ XMLObjectBuilderFactory builderFactory = Configuration
+ .getBuilderFactory();
+
+ XSAnyBuilder attributeValueBuilder = (XSAnyBuilder) builderFactory
+ .getBuilder(XSAny.TYPE_NAME);
+
+ XSAny stringValue = attributeValueBuilder.buildObject(
+ AttributeValue.DEFAULT_ELEMENT_NAME, null);
+ stringValue.setTextContent("test");
+
+ attribute.getAttributeValues().add(stringValue);
+ attributeStmt.getAttributes().add(attribute);
}
}
Modified:
trunk/solutions/identity/modules/identity-provider/src/test/java/org/wso2/solutions/identity/sts/saml/SAML1TokenBuilderTest.java
==============================================================================
---
trunk/solutions/identity/modules/identity-provider/src/test/java/org/wso2/solutions/identity/sts/saml/SAML1TokenBuilderTest.java
(original)
+++
trunk/solutions/identity/modules/identity-provider/src/test/java/org/wso2/solutions/identity/sts/saml/SAML1TokenBuilderTest.java
Thu Feb 21 03:30:49 2008
@@ -33,6 +33,8 @@
builder.marshellAndSign();
Element elemSAML = builder.getSAMLasDOM();
+ //now we have to compare something.
+ //let's compare
// String val = DOM2Writer.nodeToString(elemSAML);
// System.out.println(val);
Modified:
trunk/solutions/identity/modules/identity-provider/src/test/java/org/wso2/solutions/identity/sts/saml/X509CredentialImpl.java
==============================================================================
---
trunk/solutions/identity/modules/identity-provider/src/test/java/org/wso2/solutions/identity/sts/saml/X509CredentialImpl.java
(original)
+++
trunk/solutions/identity/modules/identity-provider/src/test/java/org/wso2/solutions/identity/sts/saml/X509CredentialImpl.java
Thu Feb 21 03:30:49 2008
@@ -25,8 +25,9 @@
private KeyStore store = null;
public X509CredentialImpl() throws Exception {
- InputStream in =
this.getClass().getClassLoader().getResourceAsStream("wso2is.jks");
- //InputStream in = new FileInputStream("wso2is.jks");
+ InputStream in = this.getClass().getClassLoader().getResourceAsStream(
+ "wso2is.jks");
+ // InputStream in = new FileInputStream("wso2is.jks");
store = KeyStore.getInstance("JKS");
store.load(in, "wso2is".toCharArray());
@@ -103,7 +104,7 @@
try {
cert = (X509Certificate) store.getCertificate("localhost");
-
+
} catch (KeyStoreException e) {
// TODO Auto-generated catch block
e.printStackTrace();
Modified:
trunk/solutions/identity/modules/identity-provider/src/test/resources/wso2identity.hbm.xml
==============================================================================
---
trunk/solutions/identity/modules/identity-provider/src/test/resources/wso2identity.hbm.xml
(original)
+++
trunk/solutions/identity/modules/identity-provider/src/test/resources/wso2identity.hbm.xml
Thu Feb 21 03:30:49 2008
@@ -287,44 +287,13 @@
</id>
<property name="lastUpdatedTime" type="timestamp"
column="c_last_updated" not-null="true"/>
<property name="rpUrl" column="rp_url" not-null="true"/>
- <property name="userId" column="user_id" not-null="true"/>
+ <property name="userName" column="user_name" not-null="true"/>
<property name="isTrustedAlways" column="is_trusted_always"
not-null="true"/>
<property name="visitCount" column="visit_count" not-null="true"/>
+ <property name="defaultProfileName" column="default_profile_name"
not-null="true"/>
<property name="lastVisit" column="last_visit" type="timestamp"
not-null="true"/>
</class>
- <!-- ######################################################### -->
- <!-- #### UserProfileDO(user_profile) #### -->
- <!-- ######################################################### -->
- <class
name="org.wso2.solutions.identity.persistence.dataobject.UserProfileDO"
- table="openid_user_profile">
- <id name="id" column="id">
- <generator class="native"/>
- </id>
- <property name="lastUpdatedTime" type="timestamp"
column="c_last_updated" not-null="true"/>
- <property name="userId" column="user_id" not-null="true"/>
- <property name="profileName" column="profile_name" not-null="true"/>
- <property name="isDefault" column="is_default" not-null="true"/>
- <set name="profileProperties" lazy="true" cascade="all">
- <key column="profile_id"/>
- <one-to-many
class="org.wso2.solutions.identity.persistence.dataobject.UserProfileValuesDO"/>
- </set>
- </class>
-
- <!-- ######################################################### -->
- <!-- #### UserProfileValuesDO(user_profile_values) #### -->
- <!-- ######################################################### -->
- <class
name="org.wso2.solutions.identity.persistence.dataobject.UserProfileValuesDO"
- table="openid_user_profile">
- <id name="id" column="id">
- <generator class="native"/>
- </id>
- <property name="lastUpdatedTime" type="timestamp"
column="c_last_updated" not-null="true"/>
- <property name="attributeName" column="attribute_name"
not-null="true"/>
- <property name="attributeValue" column="attribute_value"/>
- <many-to-one name="profile" column="profile_id"/>
- </class>
-
<!-- #################################################### -->
<!-- ##### ParameterDO(any utility parameters needed)##### -->
Modified:
trunk/solutions/identity/modules/token-verifier-core/src/main/java/org/wso2/solutions/identity/saml/relyingparty/SAMLTokenVerifier.java
==============================================================================
---
trunk/solutions/identity/modules/token-verifier-core/src/main/java/org/wso2/solutions/identity/saml/relyingparty/SAMLTokenVerifier.java
(original)
+++
trunk/solutions/identity/modules/token-verifier-core/src/main/java/org/wso2/solutions/identity/saml/relyingparty/SAMLTokenVerifier.java
Thu Feb 21 03:30:49 2008
@@ -199,48 +199,49 @@
if (!validationPolicy
.equals(TokenVerifierConstants.PROMISCUOUS)) {
-
+
if (signingCert == null)
throw new RelyingPartyException("signingCertNull");
-
+
/*
do certificate validation
for blacklist, whitelist and cert-validity
*/
-
+
signingCert.checkValidity();
-
+
if (isLoadedFromMessage) {
-
if(!IssuerCertificateUtil.checkSystemStoree(signingCert,
- trustStore, systemStore)){
+ if (!IssuerCertificateUtil.checkSystemStoree(
+ signingCert, trustStore, systemStore)) {
isValid = false;
}
}
if (validationPolicy
.equals(TokenVerifierConstants.BLACK_LIST)) {
- if(!IssuerCertificateUtil.doBlackListCheck(rpData
- .getBlackList(), signingCert)){
+ if (!IssuerCertificateUtil.doBlackListCheck(rpData
+ .getBlackList(), signingCert)) {
isValid = false;
}
}
if (validationPolicy
.equals(TokenVerifierConstants.WHITE_LIST)) {
- if(!IssuerCertificateUtil.doWhiteListCheck(rpData
- .getWhiteList(), signingCert)){
+ if (!IssuerCertificateUtil.doWhiteListCheck(rpData
+ .getWhiteList(), signingCert)) {
isValid = false;
}
}
}
}
- if(isValid){
- SignatureValidator validator = new
SignatureValidator(credential);
+ if (isValid) {
+ SignatureValidator validator = new SignatureValidator(
+ credential);
validator.validate(sig);
holder.populateAttributeTable(this.attributeTable);
}
-
+
} catch (Exception e) {
log.debug(e);
throw new RelyingPartyException("errorInTokenVerification",
_______________________________________________
Identity-dev mailing list
[email protected]
http://wso2.org/cgi-bin/mailman/listinfo/identity-dev
