SES-82 Temporarily adding PAOS libraries until their availability in …

…the OpenSAML project
sannies · Mar 26, 2011 · 305528c · 305528c
1 parent 9858f6a
commit 305528c
Show file tree

Hide file tree

Showing 25 changed files with 1,648 additions and 0 deletions.
diff --git a/spring-security-saml/saml2-core/src/main/java/org/opensaml/PaosBootstrap.java b/spring-security-saml/saml2-core/src/main/java/org/opensaml/PaosBootstrap.java
@@ -0,0 +1,31 @@
+/*
+ * Copyright 2010 Jonathan Tellier
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.opensaml;
+
+import org.opensaml.xml.ConfigurationException;
+
+public class PaosBootstrap extends DefaultBootstrap {
+
+    /** XMLTooling configuration file for PAOS binding */
+    private static String[] paosXmlToolingConfig = { "/liberty-paos-config.xml" };
+
+    public static synchronized void bootstrap() throws ConfigurationException {
+        DefaultBootstrap.bootstrap();
+        DefaultBootstrap.initializeXMLTooling(paosXmlToolingConfig);
+    }
+
+}
diff --git a/...aml/saml2-core/src/main/java/org/opensaml/liberty/binding/decoding/HTTPPAOS11Decoder.java b/...aml/saml2-core/src/main/java/org/opensaml/liberty/binding/decoding/HTTPPAOS11Decoder.java
@@ -0,0 +1,77 @@
+/*
+ * Copyright 2010 Jonathan Tellier
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.opensaml.liberty.binding.decoding;
+
+import java.util.ArrayList;
+import java.util.List;
+
+import javax.xml.namespace.QName;
+
+import org.opensaml.common.binding.SAMLMessageContext;
+import org.opensaml.common.xml.SAMLConstants;
+import org.opensaml.saml2.binding.decoding.HTTPSOAP11Decoder;
+import org.opensaml.saml2.ecp.RelayState;
+import org.opensaml.saml2.ecp.impl.RelayStateImpl;
+import org.opensaml.ws.message.MessageContext;
+import org.opensaml.ws.message.decoder.MessageDecodingException;
+import org.opensaml.ws.soap.soap11.Envelope;
+import org.opensaml.xml.XMLObject;
+import org.opensaml.xml.parse.ParserPool;
+
+public class HTTPPAOS11Decoder extends HTTPSOAP11Decoder {
+
+    public HTTPPAOS11Decoder() {
+        super();
+        initUnderstoodHeaders();
+    }
+
+    public HTTPPAOS11Decoder(ParserPool pool) {
+        super(pool);
+        initUnderstoodHeaders();
+    }
+
+    private void initUnderstoodHeaders() {
+        QName paosResponse = new QName(SAMLConstants.PAOS_NS,
+                "Response", SAMLConstants.PAOS_PREFIX);
+
+        List<QName> headerNames = new ArrayList<QName>();
+        headerNames.add(paosResponse);
+
+        setUnderstoodHeaders(headerNames);
+    }
+
+    @Override
+    protected void doDecode(MessageContext messageContext)
+            throws MessageDecodingException {
+        super.doDecode(messageContext);
+
+        // Setting the RelayState in the message context
+        SAMLMessageContext samlMsgCtx = (SAMLMessageContext) messageContext;
+        Envelope soapMessage = (Envelope) samlMsgCtx.getInboundMessage();
+
+        List<XMLObject> relayStateHeader = soapMessage.getHeader().getUnknownXMLObjects(
+                new QName(SAMLConstants.SAML20ECP_NS,
+                        RelayState.DEFAULT_ELEMENT_LOCAL_NAME,
+                        SAMLConstants.SAML20ECP_PREFIX));
+
+        if (relayStateHeader.size() == 1
+            && relayStateHeader.get(0) instanceof RelayStateImpl) {
+            samlMsgCtx.setRelayState(((RelayStateImpl) relayStateHeader.get(0)).getValue());
+        }
+    }
+
+}
diff --git a/...aml/saml2-core/src/main/java/org/opensaml/liberty/binding/encoding/HTTPPAOS11Encoder.java b/...aml/saml2-core/src/main/java/org/opensaml/liberty/binding/encoding/HTTPPAOS11Encoder.java
@@ -0,0 +1,135 @@
+/*
+ * Copyright 2010 Jonathan Tellier
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.opensaml.liberty.binding.encoding;
+
+import org.opensaml.Configuration;
+import org.opensaml.common.SAMLObject;
+import org.opensaml.common.binding.SAMLMessageContext;
+import org.opensaml.common.xml.SAMLConstants;
+import org.opensaml.saml2.binding.encoding.BaseSAML2MessageEncoder;
+import org.opensaml.saml2.binding.encoding.HTTPSOAP11Encoder;
+import org.opensaml.ws.message.MessageContext;
+import org.opensaml.ws.message.encoder.MessageEncodingException;
+import org.opensaml.ws.soap.common.SOAPObjectBuilder;
+import org.opensaml.ws.soap.soap11.Body;
+import org.opensaml.ws.soap.soap11.Envelope;
+import org.opensaml.ws.transport.http.HTTPOutTransport;
+import org.opensaml.ws.transport.http.HTTPTransportUtils;
+import org.opensaml.xml.XMLObject;
+import org.opensaml.xml.XMLObjectBuilderFactory;
+import org.opensaml.xml.util.XMLHelper;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.w3c.dom.Element;
+
+import java.io.IOException;
+import java.io.OutputStreamWriter;
+import java.io.UnsupportedEncodingException;
+import java.io.Writer;
+
+public class HTTPPAOS11Encoder extends BaseSAML2MessageEncoder {
+
+    /**
+     * Logger
+     */
+    private final Logger log = LoggerFactory.getLogger(HTTPSOAP11Encoder.class);
+
+    @Override
+    protected void doEncode(MessageContext messageContext) throws MessageEncodingException {
+
+        if (!(messageContext instanceof SAMLMessageContext)) {
+            log.error("Invalid message context type, this encoder only support SAMLMessageContext");
+            throw new MessageEncodingException(
+                    "Invalid message context type, this encoder only support SAMLMessageContext");
+        }
+
+        if (!(messageContext.getOutboundMessageTransport() instanceof HTTPOutTransport)) {
+            log.error("Invalid outbound message transport type, this encoder only support HTTPOutTransport");
+            throw new MessageEncodingException(
+                    "Invalid outbound message transport type, this encoder only support HTTPOutTransport");
+        }
+
+        // Contains the message body
+        SAMLMessageContext samlMsgCtx = (SAMLMessageContext) messageContext;
+        SAMLObject samlMessage = samlMsgCtx.getOutboundSAMLMessage();
+        if (samlMessage == null) {
+            throw new MessageEncodingException("No outbound SAML message contained in message context");
+        }
+
+        signMessage(samlMsgCtx);
+
+        // Contains the entire envelope with any specified headers, but no body
+        XMLObject outboundEnveloppe = samlMsgCtx.getOutboundMessage();
+
+        Envelope envelope = buildPAOSMessage(samlMessage, outboundEnveloppe);
+        Element envelopeElem = marshallMessage(envelope);
+
+        try {
+            HTTPOutTransport outTransport = (HTTPOutTransport) messageContext.getOutboundMessageTransport();
+            HTTPTransportUtils.addNoCacheHeaders(outTransport);
+            HTTPTransportUtils.setUTF8Encoding(outTransport);
+            HTTPTransportUtils.setContentType(outTransport, "text/xml");
+            outTransport.setHeader("SOAPAction", "http://www.oasis-open.org/committees/security");
+            Writer out = new OutputStreamWriter(outTransport.getOutgoingStream(), "UTF-8");
+            XMLHelper.writeNode(envelopeElem, out);
+            out.flush();
+        } catch (UnsupportedEncodingException e) {
+            log.error("JVM does not support required UTF-8 encoding");
+            throw new MessageEncodingException("JVM does not support required UTF-8 encoding");
+        } catch (IOException e) {
+            log.error("Unable to write message content to outbound stream", e);
+            throw new MessageEncodingException("Unable to write message content to outbound stream", e);
+        }
+
+    }
+
+    protected Envelope buildPAOSMessage(SAMLObject samlMessage, XMLObject outboundEnvelope) {
+
+        Envelope envelope;
+        XMLObjectBuilderFactory builderFactory = Configuration.getBuilderFactory();
+
+        if (outboundEnvelope != null && outboundEnvelope instanceof Envelope) {
+            // We already have a complete envelope with specified headers that we want to keep.
+            envelope = (Envelope) outboundEnvelope;
+        } else {
+            // We don't have an existing envelope, so we create it.
+            SOAPObjectBuilder<Envelope> envBuilder = (SOAPObjectBuilder<Envelope>) builderFactory.getBuilder(Envelope.DEFAULT_ELEMENT_NAME);
+            envelope = envBuilder.buildObject();
+        }
+
+        SOAPObjectBuilder<Body> bodyBuilder = (SOAPObjectBuilder<Body>) builderFactory.getBuilder(Body.DEFAULT_ELEMENT_NAME);
+        Body body = bodyBuilder.buildObject();
+        body.getUnknownXMLObjects().add(samlMessage);
+        envelope.setBody(body);
+
+        return envelope;
+
+    }
+
+    public String getBindingURI() {
+        return SAMLConstants.SAML2_PAOS_BINDING_URI;
+    }
+
+    public boolean providesMessageConfidentiality(MessageContext messageContext) throws MessageEncodingException {
+        return messageContext.getOutboundMessageTransport().isConfidential();
+    }
+
+    public boolean providesMessageIntegrity(MessageContext messageContext) throws MessageEncodingException {
+        return messageContext.getOutboundMessageTransport().isIntegrityProtected();
+    }
+
+}
diff --git a/spring-security-saml/saml2-core/src/main/java/org/opensaml/liberty/paos/Request.java b/spring-security-saml/saml2-core/src/main/java/org/opensaml/liberty/paos/Request.java
@@ -0,0 +1,98 @@
+/*
+ * Copyright 2010 Jonathan Tellier
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.opensaml.liberty.paos;
+
+import javax.xml.namespace.QName;
+
+import org.opensaml.common.SAMLObject;
+import org.opensaml.common.xml.SAMLConstants;
+import org.opensaml.ws.soap.soap11.ActorBearing;
+import org.opensaml.ws.soap.soap11.MustUnderstandBearing;
+
+/**
+ * Liberty Alliance PAOS Request header.
+ */
+public interface Request extends SAMLObject, MustUnderstandBearing,
+        ActorBearing {
+
+    /** Element local name. */
+    public static final String DEFAULT_ELEMENT_LOCAL_NAME = "Request";
+
+    /** Default element name. */
+    public static final QName DEFAULT_ELEMENT_NAME =
+        new QName(SAMLConstants.PAOS_NS, DEFAULT_ELEMENT_LOCAL_NAME,
+                SAMLConstants.PAOS_PREFIX);
+
+    /** Local name of the XSI type. */
+    public static final String TYPE_LOCAL_NAME = "RequestType";
+
+    /** QName of the XSI type. */
+    public static final QName TYPE_NAME =
+        new QName(SAMLConstants.PAOS_NS, TYPE_LOCAL_NAME, SAMLConstants.PAOS_PREFIX);
+
+    /** responseConsumerURL attribute name. */
+    public static final String RESPONSE_CONSUMER_URL_ATTRIB_NAME = "responseConsumerURL";
+
+    /** service attribute name. */
+    public static final String SERVICE_ATTRIB_NAME = "service";
+
+    /** messageID attribute name. */
+    public static final String MESSAGE_ID_ATTRIB_NAME = "messageID";
+
+    /**
+     * Get the responseConsumerURL attribute value.
+     * 
+     * @return the responseConsumerURL attribute value
+     */
+    public String getResponseConsumerURL();
+
+    /**
+     * Set the responseConsumerURL attribute value.
+     * 
+     * @param newResponseConsumerURL the new responseConsumerURL attribute value
+     */
+    public void setResponseConsumerURL(String newResponseConsumerURL);
+
+    /**
+     * Get the service attribute value.
+     * 
+     * @return the service attribute value
+     */
+    public String getService();
+
+    /**
+     * Set the service attribute value.
+     * 
+     * @param newService the new service attribute value
+     */
+    public void setService(String newService);
+
+    /**
+     * Get the messageID attribute value.
+     * 
+     * @return the messageID attribute value
+     */
+    public String getMessageID();
+
+    /**
+     * Set the messageID attribute value.
+     * 
+     * @param newMessageID the new messageID attribute value
+     */
+    public void setMessageID(String newMessageID);
+
+}