• Home
• org.apache.ws.security
• wss4j
• 1.6.2
• source code
• OpenSAMLUtil.java

×

Project download

Many resources are needed to download a project. Please understand that we have to compensate our server costs. Thank you in advance.
Project price only 1 $

You can buy this project and download/modify it how often you want.

org.apache.ws.security.saml.ext.OpenSAMLUtil Maven / Gradle / Ivy

/**
 * Licensed to the Apache Software Foundation (ASF) under one
 * or more contributor license agreements. See the NOTICE file
 * distributed with this work for additional information
 * regarding copyright ownership. The ASF licenses this file
 * to you under the Apache License, Version 2.0 (the
 * "License"); you may not use this file except in compliance
 * with the License. You may obtain a copy of the License at
 *
 * http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing,
 * software distributed under the License is distributed on an
 * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
 * KIND, either express or implied. See the License for the
 * specific language governing permissions and limitations
 * under the License.
 */

package org.apache.ws.security.saml.ext;

import javax.xml.namespace.QName;

import org.apache.ws.security.WSSecurityException;
import org.opensaml.xml.*;
import org.opensaml.xml.io.*;
import org.opensaml.xml.signature.Signature;
import org.opensaml.xml.signature.SignatureException;
import org.opensaml.xml.signature.Signer;
import org.w3c.dom.Document;
import org.w3c.dom.Element;

/**
 * Class OpenSAMLUtil provides static helper methods for the OpenSaml library
 * 

 * Created on May 18, 2009
 */
public class OpenSAMLUtil {
    private static final org.apache.commons.logging.Log log = 
        org.apache.commons.logging.LogFactory.getLog(OpenSAMLUtil.class);

    private static XMLObjectBuilderFactory builderFactory;
    private static MarshallerFactory marshallerFactory;
    private static UnmarshallerFactory unmarshallerFactory;
    private static boolean samlEngineInitialized = false;

    /**
     * Initialise the SAML library
     */
    public synchronized static void initSamlEngine() {
        if (!samlEngineInitialized) {
            if (log.isDebugEnabled()) {
                log.debug("Initilizing the opensaml2 library...");
            }
            try {
                OpenSAMLBootstrap.bootstrap();
                builderFactory = Configuration.getBuilderFactory();
                marshallerFactory = Configuration.getMarshallerFactory();
                unmarshallerFactory = Configuration.getUnmarshallerFactory();
                samlEngineInitialized = true;
                if (log.isDebugEnabled()) {
                    log.debug("opensaml2 library bootstrap complete");
                }
            } catch (ConfigurationException e) {
                log.error(
                    "Unable to bootstrap the opensaml2 library - all SAML operations will fail", 
                    e
                );
            }
        }
    }

    /**
     * Convert a SAML Assertion from a DOM Element to an XMLObject
     *
     * @param root of type Element
     * @return XMLObject
     * @throws UnmarshallingException
     */
    public static XMLObject fromDom(Element root) throws WSSecurityException {
        Unmarshaller unmarshaller = unmarshallerFactory.getUnmarshaller(root);
        try {
            return unmarshaller.unmarshall(root);
        } catch (UnmarshallingException ex) {
            throw new WSSecurityException("Error unmarshalling a SAML assertion", ex);
        }
    }

    /**
     * Convert a SAML Assertion from a XMLObject to a DOM Element
     *
     * @param xmlObject of type XMLObject
     * @param doc  of type Document
     * @return Element
     * @throws MarshallingException
     * @throws SignatureException
     */
    public static Element toDom(
        XMLObject xmlObject, 
        Document doc
    ) throws WSSecurityException {
        Marshaller marshaller = marshallerFactory.getMarshaller(xmlObject);
        Element element = null;
        Element orig = doc == null ? null : doc.getDocumentElement();
        try {
            if (orig != null) {
                doc.removeChild(orig);
            }
            try {
                if (doc == null) {
                    element = marshaller.marshall(xmlObject);
                } else {
                    element = marshaller.marshall(xmlObject, doc);
                } 
            } catch (MarshallingException ex) {
                throw new WSSecurityException("Error marshalling a SAML assertion", ex);
            }
    
            // Sign the assertion if the signature element is present.
            if (xmlObject instanceof org.opensaml.saml2.core.Assertion) {
                org.opensaml.saml2.core.Assertion saml2 = 
                    (org.opensaml.saml2.core.Assertion) xmlObject;
                // if there is a signature, but it hasn't already been signed
                if (saml2.getSignature() != null) {
                    if (log.isDebugEnabled()) {
                        log.debug("Signing SAML v2.0 assertion...");
                    }
                    try {
                        Signer.signObject(saml2.getSignature());
                    } catch (SignatureException ex) {
                        throw new WSSecurityException("Error signing a SAML assertion", ex);
                    }
                }
            } else if (xmlObject instanceof org.opensaml.saml1.core.Assertion) {
                org.opensaml.saml1.core.Assertion saml1 = 
                    (org.opensaml.saml1.core.Assertion) xmlObject;
                // if there is a signature, but it hasn't already been signed
                if (saml1.getSignature() != null) {
                    if (log.isDebugEnabled()) {
                        log.debug("Signing SAML v1.1 assertion...");
                    }
                    try {
                        Signer.signObject(saml1.getSignature());
                    } catch (SignatureException ex) {
                        throw new WSSecurityException("Error signing a SAML assertion", ex);
                    }
                }
            }
        } finally {
            if (doc != null && doc.getDocumentElement() != orig) {
                if (doc.getDocumentElement() != null) {
                    doc.removeChild(doc.getDocumentElement());
                }
                if (orig != null) {
                    doc.appendChild(orig);
                }
            }
        }
        return element;
    }
    
    /**
     * Method buildSignature ...
     *
     * @return Signature
     */
    @SuppressWarnings("unchecked")
    public static Signature buildSignature() {
        QName qName = Signature.DEFAULT_ELEMENT_NAME;
        XMLObjectBuilder builder = builderFactory.getBuilder(qName);
        if (builder == null) {
            log.error(
                "Unable to retrieve builder for object QName " 
                + qName
            );
            return null;
        }
        return 
            (Signature)builder.buildObject(
                 qName.getNamespaceURI(), qName.getLocalPart(), qName.getPrefix()
             );
    }
    
    /**
     * Method isMethodSenderVouches ...
     *
     * @param confirmMethod of type String
     * @return boolean
     */
    public static boolean isMethodSenderVouches(String confirmMethod) {
        return 
            confirmMethod != null && confirmMethod.startsWith("urn:oasis:names:tc:SAML:") 
                && confirmMethod.endsWith(":cm:sender-vouches");
    }
    
    /**
     * Method isMethodHolderOfKey ...
     *
     * @param confirmMethod of type String
     * @return boolean
     */
    public static boolean isMethodHolderOfKey(String confirmMethod) {
        return 
            confirmMethod != null && confirmMethod.startsWith("urn:oasis:names:tc:SAML:") 
                && confirmMethod.endsWith(":cm:holder-of-key");
    }

}