You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@syncope.apache.org by il...@apache.org on 2017/08/03 07:11:02 UTC
[2/2] syncope git commit: White noise: format
White noise: format
Project: http://git-wip-us.apache.org/repos/asf/syncope/repo
Commit: http://git-wip-us.apache.org/repos/asf/syncope/commit/e3467bf4
Tree: http://git-wip-us.apache.org/repos/asf/syncope/tree/e3467bf4
Diff: http://git-wip-us.apache.org/repos/asf/syncope/diff/e3467bf4
Branch: refs/heads/master
Commit: e3467bf4bfa58db7788f3993c3b333a41e9d37f1
Parents: acf98a4
Author: Francesco Chicchiriccò <il...@apache.org>
Authored: Thu Aug 3 09:08:06 2017 +0200
Committer: Francesco Chicchiriccò <il...@apache.org>
Committed: Thu Aug 3 09:10:42 2017 +0200
----------------------------------------------------------------------
.../syncope/fit/core/SAML2CallbackHandler.java | 49 ++++++-------
.../apache/syncope/fit/core/SAML2ITCase.java | 54 ++++++--------
.../core/SAML2PResponseComponentBuilder.java | 77 +++++++-------------
3 files changed, 76 insertions(+), 104 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/syncope/blob/e3467bf4/fit/core-reference/src/test/java/org/apache/syncope/fit/core/SAML2CallbackHandler.java
----------------------------------------------------------------------
diff --git a/fit/core-reference/src/test/java/org/apache/syncope/fit/core/SAML2CallbackHandler.java b/fit/core-reference/src/test/java/org/apache/syncope/fit/core/SAML2CallbackHandler.java
index f80d4b9..1ffdfb2 100644
--- a/fit/core-reference/src/test/java/org/apache/syncope/fit/core/SAML2CallbackHandler.java
+++ b/fit/core-reference/src/test/java/org/apache/syncope/fit/core/SAML2CallbackHandler.java
@@ -1,31 +1,28 @@
-/**
+/*
* Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
+ * or more contributor license agreements. See the NOTICE file
* distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
+ * regarding copyright ownership. The ASF licenses this file
* to you under the Apache License, Version 2.0 (the
* "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
+ * with the License. You may obtain a copy of the License at
*
- * http://www.apache.org/licenses/LICENSE-2.0
+ * http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
+ * KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
-
package org.apache.syncope.fit.core;
import java.io.IOException;
import java.util.Collections;
-
import javax.security.auth.callback.Callback;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.callback.UnsupportedCallbackException;
-
import org.apache.wss4j.common.saml.SAMLCallback;
import org.apache.wss4j.common.saml.bean.AuthenticationStatementBean;
import org.apache.wss4j.common.saml.bean.ConditionsBean;
@@ -38,35 +35,37 @@ import org.apache.wss4j.common.saml.builder.SAML2Constants;
* A Callback Handler implementation for a SAML 2 assertion.
*/
public class SAML2CallbackHandler implements CallbackHandler {
+
private String subjectName = "uid=joe,ou=people,ou=saml-demo,o=example.com";
+
private String subjectQualifier = "www.example.com";
+
private String issuer;
+
private ConditionsBean conditions;
+
private SubjectConfirmationDataBean subjectConfirmationData;
+
private String subjectConfirmationMethod = SAML2Constants.CONF_BEARER;
- public void handle(Callback[] callbacks)
- throws IOException, UnsupportedCallbackException {
- for (int i = 0; i < callbacks.length; i++) {
- if (callbacks[i] instanceof SAMLCallback) {
- SAMLCallback callback = (SAMLCallback) callbacks[i];
- callback.setSamlVersion(Version.SAML_20);
- callback.setIssuer(issuer);
+ @Override
+ public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException {
+ for (Callback callback : callbacks) {
+ if (callback instanceof SAMLCallback) {
+ SAMLCallback samlCallback = (SAMLCallback) callback;
+ samlCallback.setSamlVersion(Version.SAML_20);
+ samlCallback.setIssuer(issuer);
if (conditions != null) {
- callback.setConditions(conditions);
+ samlCallback.setConditions(conditions);
}
-
- SubjectBean subjectBean =
- new SubjectBean(
- subjectName, subjectQualifier, subjectConfirmationMethod
- );
+ SubjectBean subjectBean = new SubjectBean(subjectName, subjectQualifier, subjectConfirmationMethod);
subjectBean.setSubjectConfirmationData(subjectConfirmationData);
- callback.setSubject(subjectBean);
+ samlCallback.setSubject(subjectBean);
AuthenticationStatementBean authBean = new AuthenticationStatementBean();
authBean.setAuthenticationMethod("Password");
- callback.setAuthenticationStatementData(Collections.singletonList(authBean));
+ samlCallback.setAuthenticationStatementData(Collections.singletonList(authBean));
} else {
- throw new UnsupportedCallbackException(callbacks[i], "Unrecognized Callback");
+ throw new UnsupportedCallbackException(callback, "Unrecognized Callback");
}
}
}
http://git-wip-us.apache.org/repos/asf/syncope/blob/e3467bf4/fit/core-reference/src/test/java/org/apache/syncope/fit/core/SAML2ITCase.java
----------------------------------------------------------------------
diff --git a/fit/core-reference/src/test/java/org/apache/syncope/fit/core/SAML2ITCase.java b/fit/core-reference/src/test/java/org/apache/syncope/fit/core/SAML2ITCase.java
index 55838b8..68626d0 100644
--- a/fit/core-reference/src/test/java/org/apache/syncope/fit/core/SAML2ITCase.java
+++ b/fit/core-reference/src/test/java/org/apache/syncope/fit/core/SAML2ITCase.java
@@ -31,10 +31,8 @@ import java.nio.charset.StandardCharsets;
import java.security.KeyStore;
import java.util.Collections;
import java.util.Optional;
-
import javax.ws.rs.core.MediaType;
import javax.ws.rs.core.Response;
-
import org.apache.commons.codec.binary.Base64;
import org.apache.cxf.helpers.DOMUtils;
import org.apache.cxf.jaxrs.client.WebClient;
@@ -82,13 +80,13 @@ public class SAML2ITCase extends AbstractITCase {
private static SyncopeClient anonymous;
@BeforeClass
- public static void setupAnonymousClient() {
+ public static void setup() {
anonymous = new SyncopeClientFactoryBean().
setAddress(ADDRESS).
create(new AnonymousAuthenticationHandler(ANONYMOUS_UNAME, ANONYMOUS_KEY));
WSSConfig.init();
- OpenSAMLUtil.initSamlEngine();
+ OpenSAMLUtil.initSamlEngine(false);
}
@BeforeClass
@@ -198,7 +196,7 @@ public class SAML2ITCase extends AbstractITCase {
// Get a valid login request for the Fediz realm
SAML2SPService saml2Service = anonymous.getService(SAML2SPService.class);
SAML2RequestTO loginRequest =
- saml2Service.createLoginRequest(ADDRESS, "urn:org:apache:cxf:fediz:idp:realm-A");
+ saml2Service.createLoginRequest(ADDRESS, "urn:org:apache:cxf:fediz:idp:realm-A");
assertNotNull(loginRequest);
assertEquals("https://localhost:8443/fediz-idp/saml/up", loginRequest.getIdpServiceAddress());
@@ -229,7 +227,7 @@ public class SAML2ITCase extends AbstractITCase {
JwsJwtCompactConsumer relayState = new JwsJwtCompactConsumer(response.getRelayState());
String inResponseTo = relayState.getJwtClaims().getSubject();
- org.opensaml.saml.saml2.core.Response samlResponse = createResponse(doc, inResponseTo);
+ org.opensaml.saml.saml2.core.Response samlResponse = createResponse(inResponseTo);
Element responseElement = OpenSAMLUtil.toDom(samlResponse, doc);
String responseStr = DOM2Writer.nodeToString(responseElement);
@@ -248,7 +246,7 @@ public class SAML2ITCase extends AbstractITCase {
// Get a valid login request for the Fediz realm
SAML2SPService saml2Service = anonymous.getService(SAML2SPService.class);
SAML2RequestTO loginRequest =
- saml2Service.createLoginRequest(ADDRESS, "urn:org:apache:cxf:fediz:idp:realm-A");
+ saml2Service.createLoginRequest(ADDRESS, "urn:org:apache:cxf:fediz:idp:realm-A");
assertNotNull(loginRequest);
SAML2ReceivedResponseTO response = new SAML2ReceivedResponseTO();
@@ -260,7 +258,7 @@ public class SAML2ITCase extends AbstractITCase {
String inResponseTo = relayState.getJwtClaims().getSubject();
org.opensaml.saml.saml2.core.Response samlResponse =
- createResponse(doc, inResponseTo, false, SAML2Constants.CONF_SENDER_VOUCHES);
+ createResponse(inResponseTo, false, SAML2Constants.CONF_SENDER_VOUCHES);
Element responseElement = OpenSAMLUtil.toDom(samlResponse, doc);
String responseStr = DOM2Writer.nodeToString(responseElement);
@@ -282,7 +280,7 @@ public class SAML2ITCase extends AbstractITCase {
// Get a valid login request for the Fediz realm
SAML2SPService saml2Service = anonymous.getService(SAML2SPService.class);
SAML2RequestTO loginRequest =
- saml2Service.createLoginRequest(ADDRESS, "urn:org:apache:cxf:fediz:idp:realm-A");
+ saml2Service.createLoginRequest(ADDRESS, "urn:org:apache:cxf:fediz:idp:realm-A");
assertNotNull(loginRequest);
SAML2ReceivedResponseTO response = new SAML2ReceivedResponseTO();
@@ -293,7 +291,7 @@ public class SAML2ITCase extends AbstractITCase {
JwsJwtCompactConsumer relayState = new JwsJwtCompactConsumer(response.getRelayState());
String inResponseTo = relayState.getJwtClaims().getSubject();
- org.opensaml.saml.saml2.core.Response samlResponse = createResponse(doc, inResponseTo);
+ org.opensaml.saml.saml2.core.Response samlResponse = createResponse(inResponseTo);
Element responseElement = OpenSAMLUtil.toDom(samlResponse, doc);
doc.appendChild(responseElement);
@@ -301,24 +299,24 @@ public class SAML2ITCase extends AbstractITCase {
// Get Assertion Element
Element assertionElement =
- (Element)responseElement.getElementsByTagNameNS(SAMLConstants.SAML20_NS, "Assertion").item(0);
+ (Element) responseElement.getElementsByTagNameNS(SAMLConstants.SAML20_NS, "Assertion").item(0);
assertNotNull(assertionElement);
// Clone it, strip the Signature, modify the Subject, change Subj Conf
- Element clonedAssertion = (Element)assertionElement.cloneNode(true);
+ Element clonedAssertion = (Element) assertionElement.cloneNode(true);
clonedAssertion.setAttributeNS(null, "ID", "_12345623562");
Element sigElement =
- (Element)clonedAssertion.getElementsByTagNameNS(WSConstants.SIG_NS, "Signature").item(0);
+ (Element) clonedAssertion.getElementsByTagNameNS(WSConstants.SIG_NS, "Signature").item(0);
clonedAssertion.removeChild(sigElement);
Element subjElement =
- (Element)clonedAssertion.getElementsByTagNameNS(SAMLConstants.SAML20_NS, "Subject").item(0);
+ (Element) clonedAssertion.getElementsByTagNameNS(SAMLConstants.SAML20_NS, "Subject").item(0);
Element subjNameIdElement =
- (Element)subjElement.getElementsByTagNameNS(SAMLConstants.SAML20_NS, "NameID").item(0);
+ (Element) subjElement.getElementsByTagNameNS(SAMLConstants.SAML20_NS, "NameID").item(0);
subjNameIdElement.setTextContent("verdi");
Element subjConfElement =
- (Element)subjElement.getElementsByTagNameNS(SAMLConstants.SAML20_NS, "SubjectConfirmation").item(0);
+ (Element) subjElement.getElementsByTagNameNS(SAMLConstants.SAML20_NS, "SubjectConfirmation").item(0);
subjConfElement.setAttributeNS(null, "Method", SAML2Constants.CONF_SENDER_VOUCHES);
// Now insert the modified cloned Assertion into the Response after the other assertion
@@ -333,20 +331,18 @@ public class SAML2ITCase extends AbstractITCase {
assertEquals("puccini", loginResponse.getNameID());
}
- private org.opensaml.saml.saml2.core.Response createResponse(Document doc, String inResponseTo) throws Exception {
- return createResponse(doc, inResponseTo, true, SAML2Constants.CONF_BEARER);
+ private org.opensaml.saml.saml2.core.Response createResponse(final String inResponseTo) throws Exception {
+ return createResponse(inResponseTo, true, SAML2Constants.CONF_BEARER);
}
- private org.opensaml.saml.saml2.core.Response createResponse(Document doc, String inResponseTo,
- boolean signAssertion, String subjectConfMethod) throws Exception {
- Status status =
- SAML2PResponseComponentBuilder.createStatus(
- SAMLProtocolResponseValidator.SAML2_STATUSCODE_SUCCESS, null
- );
+ private org.opensaml.saml.saml2.core.Response createResponse(
+ final String inResponseTo, final boolean signAssertion, final String subjectConfMethod) throws Exception {
+
+ Status status = SAML2PResponseComponentBuilder.createStatus(
+ SAMLProtocolResponseValidator.SAML2_STATUSCODE_SUCCESS, null);
org.opensaml.saml.saml2.core.Response response =
- SAML2PResponseComponentBuilder.createSAMLResponse(
- inResponseTo, "urn:org:apache:cxf:fediz:idp:realm-A", status
- );
+ SAML2PResponseComponentBuilder.createSAMLResponse(
+ inResponseTo, "urn:org:apache:cxf:fediz:idp:realm-A", status);
response.setDestination("http://recipient.apache.org");
// Create an AuthenticationAssertion
@@ -381,7 +377,7 @@ public class SAML2ITCase extends AbstractITCase {
ClassLoader loader = Loader.getClassLoader(SAML2ITCase.class);
InputStream input = Merlin.loadInputStream(loader, "stsrealm_a.jks");
keyStore.load(input, "storepass".toCharArray());
- ((Merlin)issuerCrypto).setKeyStore(keyStore);
+ ((Merlin) issuerCrypto).setKeyStore(keyStore);
assertion.signAssertion("realma", "realma", issuerCrypto, false);
}
@@ -390,6 +386,4 @@ public class SAML2ITCase extends AbstractITCase {
return response;
}
-
-
}
http://git-wip-us.apache.org/repos/asf/syncope/blob/e3467bf4/fit/core-reference/src/test/java/org/apache/syncope/fit/core/SAML2PResponseComponentBuilder.java
----------------------------------------------------------------------
diff --git a/fit/core-reference/src/test/java/org/apache/syncope/fit/core/SAML2PResponseComponentBuilder.java b/fit/core-reference/src/test/java/org/apache/syncope/fit/core/SAML2PResponseComponentBuilder.java
index 75ad465..f83d372 100644
--- a/fit/core-reference/src/test/java/org/apache/syncope/fit/core/SAML2PResponseComponentBuilder.java
+++ b/fit/core-reference/src/test/java/org/apache/syncope/fit/core/SAML2PResponseComponentBuilder.java
@@ -1,29 +1,25 @@
-/**
+/*
* Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
+ * or more contributor license agreements. See the NOTICE file
* distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
+ * regarding copyright ownership. The ASF licenses this file
* to you under the Apache License, Version 2.0 (the
* "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
+ * with the License. You may obtain a copy of the License at
*
- * http://www.apache.org/licenses/LICENSE-2.0
+ * http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
+ * KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
-
package org.apache.syncope.fit.core;
import java.util.UUID;
-
import org.joda.time.DateTime;
-import org.opensaml.core.xml.XMLObjectBuilderFactory;
-import org.opensaml.core.xml.config.XMLObjectProviderRegistrySupport;
import org.opensaml.saml.common.SAMLObjectBuilder;
import org.opensaml.saml.common.SAMLVersion;
import org.opensaml.saml.saml2.core.AuthnContextClassRef;
@@ -32,10 +28,16 @@ import org.opensaml.saml.saml2.core.Response;
import org.opensaml.saml.saml2.core.Status;
import org.opensaml.saml.saml2.core.StatusCode;
import org.opensaml.saml.saml2.core.StatusMessage;
+import org.opensaml.saml.saml2.core.impl.AuthnContextClassRefBuilder;
+import org.opensaml.saml.saml2.core.impl.IssuerBuilder;
+import org.opensaml.saml.saml2.core.impl.ResponseBuilder;
+import org.opensaml.saml.saml2.core.impl.StatusBuilder;
+import org.opensaml.saml.saml2.core.impl.StatusCodeBuilder;
+import org.opensaml.saml.saml2.core.impl.StatusMessageBuilder;
/**
-* A (basic) set of utility methods to construct SAML 2.0 Protocol Response statements
-*/
+ * A (basic) set of utility methods to construct SAML 2.0 Protocol Response statements.
+ */
public final class SAML2PResponseComponentBuilder {
private static SAMLObjectBuilder<Response> responseBuilder;
@@ -50,22 +52,9 @@ public final class SAML2PResponseComponentBuilder {
private static SAMLObjectBuilder<AuthnContextClassRef> authnContextClassRefBuilder;
- private static XMLObjectBuilderFactory builderFactory =
- XMLObjectProviderRegistrySupport.getBuilderFactory();
-
- private SAML2PResponseComponentBuilder() {
-
- }
-
- @SuppressWarnings("unchecked")
- public static Response createSAMLResponse(
- String inResponseTo,
- String issuer,
- Status status
- ) {
+ public static Response createSAMLResponse(final String inResponseTo, final String issuer, final Status status) {
if (responseBuilder == null) {
- responseBuilder = (SAMLObjectBuilder<Response>)
- builderFactory.getBuilder(Response.DEFAULT_ELEMENT_NAME);
+ responseBuilder = new ResponseBuilder();
}
Response response = responseBuilder.buildObject();
@@ -79,13 +68,9 @@ public final class SAML2PResponseComponentBuilder {
return response;
}
- @SuppressWarnings("unchecked")
- public static Issuer createIssuer(
- String issuerValue
- ) {
+ public static Issuer createIssuer(final String issuerValue) {
if (issuerBuilder == null) {
- issuerBuilder = (SAMLObjectBuilder<Issuer>)
- builderFactory.getBuilder(Issuer.DEFAULT_ELEMENT_NAME);
+ issuerBuilder = new IssuerBuilder();
}
Issuer issuer = issuerBuilder.buildObject();
issuer.setValue(issuerValue);
@@ -93,22 +78,15 @@ public final class SAML2PResponseComponentBuilder {
return issuer;
}
- @SuppressWarnings("unchecked")
- public static Status createStatus(
- String statusCodeValue,
- String statusMessage
- ) {
+ public static Status createStatus(final String statusCodeValue, final String statusMessage) {
if (statusBuilder == null) {
- statusBuilder = (SAMLObjectBuilder<Status>)
- builderFactory.getBuilder(Status.DEFAULT_ELEMENT_NAME);
+ statusBuilder = new StatusBuilder();
}
if (statusCodeBuilder == null) {
- statusCodeBuilder = (SAMLObjectBuilder<StatusCode>)
- builderFactory.getBuilder(StatusCode.DEFAULT_ELEMENT_NAME);
+ statusCodeBuilder = new StatusCodeBuilder();
}
if (statusMessageBuilder == null) {
- statusMessageBuilder = (SAMLObjectBuilder<StatusMessage>)
- builderFactory.getBuilder(StatusMessage.DEFAULT_ELEMENT_NAME);
+ statusMessageBuilder = new StatusMessageBuilder();
}
Status status = statusBuilder.buildObject();
@@ -126,11 +104,9 @@ public final class SAML2PResponseComponentBuilder {
return status;
}
- @SuppressWarnings("unchecked")
- public static AuthnContextClassRef createAuthnContextClassRef(String newAuthnContextClassRef) {
+ public static AuthnContextClassRef createAuthnContextClassRef(final String newAuthnContextClassRef) {
if (authnContextClassRefBuilder == null) {
- authnContextClassRefBuilder = (SAMLObjectBuilder<AuthnContextClassRef>)
- builderFactory.getBuilder(AuthnContextClassRef.DEFAULT_ELEMENT_NAME);
+ authnContextClassRefBuilder = new AuthnContextClassRefBuilder();
}
AuthnContextClassRef authnContextClassRef = authnContextClassRefBuilder.buildObject();
@@ -139,4 +115,7 @@ public final class SAML2PResponseComponentBuilder {
return authnContextClassRef;
}
-}
\ No newline at end of file
+ private SAML2PResponseComponentBuilder() {
+ // private constructor for static utility class
+ }
+}