You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@syncope.apache.org by co...@apache.org on 2017/09/01 17:26:40 UTC
syncope git commit: SYNCOPE-1195 - Remove copy of OpenSAMLUtil when
WSS4J 2.1.11 is out
Repository: syncope
Updated Branches:
refs/heads/2_0_X 367dd7c8b -> 068720834
SYNCOPE-1195 - Remove copy of OpenSAMLUtil when WSS4J 2.1.11 is out
Project: http://git-wip-us.apache.org/repos/asf/syncope/repo
Commit: http://git-wip-us.apache.org/repos/asf/syncope/commit/06872083
Tree: http://git-wip-us.apache.org/repos/asf/syncope/tree/06872083
Diff: http://git-wip-us.apache.org/repos/asf/syncope/diff/06872083
Branch: refs/heads/2_0_X
Commit: 068720834b11bb5cb5db8e35dffe04ef0ed881fe
Parents: 367dd7c
Author: Colm O hEigeartaigh <co...@apache.org>
Authored: Fri Sep 1 18:26:27 2017 +0100
Committer: Colm O hEigeartaigh <co...@apache.org>
Committed: Fri Sep 1 18:26:27 2017 +0100
----------------------------------------------------------------------
.../syncope/core/logic/saml2/OpenSAMLUtil.java | 141 -------------------
.../core/logic/saml2/SAML2ReaderWriter.java | 5 +-
pom.xml | 2 +-
3 files changed, 4 insertions(+), 144 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/syncope/blob/06872083/ext/saml2sp/logic/src/main/java/org/apache/syncope/core/logic/saml2/OpenSAMLUtil.java
----------------------------------------------------------------------
diff --git a/ext/saml2sp/logic/src/main/java/org/apache/syncope/core/logic/saml2/OpenSAMLUtil.java b/ext/saml2sp/logic/src/main/java/org/apache/syncope/core/logic/saml2/OpenSAMLUtil.java
deleted file mode 100644
index ff197d4..0000000
--- a/ext/saml2sp/logic/src/main/java/org/apache/syncope/core/logic/saml2/OpenSAMLUtil.java
+++ /dev/null
@@ -1,141 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-
-package org.apache.syncope.core.logic.saml2;
-
-import org.apache.wss4j.common.ext.WSSecurityException;
-import org.opensaml.core.xml.XMLObject;
-import org.opensaml.core.xml.config.XMLObjectProviderRegistrySupport;
-import org.opensaml.core.xml.io.Marshaller;
-import org.opensaml.core.xml.io.MarshallerFactory;
-import org.opensaml.core.xml.io.MarshallingException;
-import org.opensaml.saml.common.SignableSAMLObject;
-import org.opensaml.xmlsec.signature.Signature;
-import org.opensaml.xmlsec.signature.support.SignatureException;
-import org.opensaml.xmlsec.signature.support.Signer;
-import org.opensaml.xmlsec.signature.support.SignerProvider;
-import org.w3c.dom.Document;
-import org.w3c.dom.DocumentFragment;
-import org.w3c.dom.Element;
-
-/**
- * Class OpenSAMLUtil provides static helper methods for the OpenSaml library.
- * TODO Remove once we pick up WSS4J 2.1.11 - See https://issues.apache.org/jira/browse/WSS-613
- */
-final class OpenSAMLUtil {
-
- private OpenSAMLUtil() {
- // Complete
- }
-
- /**
- * Convert a SAML Assertion from a XMLObject to a DOM Element
- *
- * @param xmlObject of type XMLObject
- * @param doc of type Document
- * @param signObject whether to sign the XMLObject during marshalling
- * @return Element
- * @throws WSSecurityException
- */
- public static Element toDom(
- final XMLObject xmlObject,
- final Document doc,
- final boolean signObject
- ) throws WSSecurityException {
- MarshallerFactory marshallerFactory = XMLObjectProviderRegistrySupport.getMarshallerFactory();
- Marshaller marshaller = marshallerFactory.getMarshaller(xmlObject);
- Element element = null;
- DocumentFragment frag = doc == null ? null : doc.createDocumentFragment();
- try {
- if (frag != null) {
- while (doc.getFirstChild() != null) {
- frag.appendChild(doc.removeChild(doc.getFirstChild()));
- }
- }
- try {
- if (doc == null) {
- element = marshaller.marshall(xmlObject);
- } else {
- element = marshaller.marshall(xmlObject, doc);
- }
- } catch (MarshallingException ex) {
- throw new WSSecurityException(WSSecurityException.ErrorCode.FAILURE, ex, "empty",
- new Object[] {"Error marshalling a SAML assertion"});
- }
-
- if (signObject) {
- signXMLObject(xmlObject);
- }
- } finally {
- if (frag != null) {
- while (doc.getFirstChild() != null) {
- doc.removeChild(doc.getFirstChild());
- }
- doc.appendChild(frag);
- }
- }
- return element;
- }
-
- private static void signXMLObject(final XMLObject xmlObject) throws WSSecurityException {
- if (xmlObject instanceof org.opensaml.saml.saml1.core.Response) {
- org.opensaml.saml.saml1.core.Response response =
- (org.opensaml.saml.saml1.core.Response) xmlObject;
-
- // Sign any Assertions
- if (response.getAssertions() != null) {
- for (org.opensaml.saml.saml1.core.Assertion assertion : response.getAssertions()) {
- signObject(assertion.getSignature());
- }
- }
-
- signObject(response.getSignature());
- } else if (xmlObject instanceof org.opensaml.saml.saml2.core.Response) {
- org.opensaml.saml.saml2.core.Response response =
- (org.opensaml.saml.saml2.core.Response) xmlObject;
-
- // Sign any Assertions
- if (response.getAssertions() != null) {
- for (org.opensaml.saml.saml2.core.Assertion assertion : response.getAssertions()) {
- signObject(assertion.getSignature());
- }
- }
-
- signObject(response.getSignature());
- } else if (xmlObject instanceof SignableSAMLObject) {
- signObject(((SignableSAMLObject) xmlObject).getSignature());
- }
- }
-
- private static void signObject(final Signature signature) throws WSSecurityException {
- if (signature != null) {
- ClassLoader loader = Thread.currentThread().getContextClassLoader();
- try {
- Thread.currentThread().setContextClassLoader(SignerProvider.class.getClassLoader());
- Signer.signObject(signature);
- } catch (SignatureException ex) {
- throw new WSSecurityException(WSSecurityException.ErrorCode.FAILURE, ex, "empty",
- new Object[] {"Error signing a SAML assertion"});
- } finally {
- Thread.currentThread().setContextClassLoader(loader);
- }
- }
- }
-
-}
http://git-wip-us.apache.org/repos/asf/syncope/blob/06872083/ext/saml2sp/logic/src/main/java/org/apache/syncope/core/logic/saml2/SAML2ReaderWriter.java
----------------------------------------------------------------------
diff --git a/ext/saml2sp/logic/src/main/java/org/apache/syncope/core/logic/saml2/SAML2ReaderWriter.java b/ext/saml2sp/logic/src/main/java/org/apache/syncope/core/logic/saml2/SAML2ReaderWriter.java
index 973c38e..ff64284 100644
--- a/ext/saml2sp/logic/src/main/java/org/apache/syncope/core/logic/saml2/SAML2ReaderWriter.java
+++ b/ext/saml2sp/logic/src/main/java/org/apache/syncope/core/logic/saml2/SAML2ReaderWriter.java
@@ -50,6 +50,7 @@ import org.apache.syncope.common.lib.types.SignatureAlgorithm;
import org.apache.syncope.core.logic.init.SAML2SPLoader;
import org.apache.wss4j.common.crypto.Merlin;
import org.apache.wss4j.common.ext.WSSecurityException;
+import org.apache.wss4j.common.saml.OpenSAMLUtil;
import org.apache.xml.security.algorithms.JCEMapper;
import org.opensaml.core.xml.XMLObject;
import org.opensaml.saml.common.SignableSAMLObject;
@@ -150,7 +151,7 @@ public class SAML2ReaderWriter {
// parse the provided SAML response
Document responseDoc = StaxUtils.read(new InputStreamReader(tokenStream, StandardCharsets.UTF_8));
- XMLObject responseObject = org.apache.wss4j.common.saml.OpenSAMLUtil.fromDom(responseDoc.getDocumentElement());
+ XMLObject responseObject = OpenSAMLUtil.fromDom(responseDoc.getDocumentElement());
if (LOG.isDebugEnabled()) {
try {
@@ -168,7 +169,7 @@ public class SAML2ReaderWriter {
}
public void sign(final SignableSAMLObject signableObject) throws SecurityException {
- org.opensaml.xmlsec.signature.Signature signature = org.apache.wss4j.common.saml.OpenSAMLUtil.buildSignature();
+ org.opensaml.xmlsec.signature.Signature signature = OpenSAMLUtil.buildSignature();
signature.setCanonicalizationAlgorithm(SignatureConstants.ALGO_ID_C14N_EXCL_OMIT_COMMENTS);
signature.setSignatureAlgorithm(sigAlgo);
signature.setSigningCredential(loader.getCredential());
http://git-wip-us.apache.org/repos/asf/syncope/blob/06872083/pom.xml
----------------------------------------------------------------------
diff --git a/pom.xml b/pom.xml
index a505f8e..2274871 100644
--- a/pom.xml
+++ b/pom.xml
@@ -615,7 +615,7 @@ under the License.
<dependency>
<groupId>org.apache.wss4j</groupId>
<artifactId>wss4j-ws-security-dom</artifactId>
- <version>2.1.10</version>
+ <version>2.1.11</version>
<exclusions>
<exclusion>
<groupId>org.jasypt</groupId>