package at.gv.egovernment.moa.id.auth.parser; import java.io.ByteArrayInputStream; import java.io.InputStream; import java.util.ArrayList; import java.util.List; import org.w3c.dom.Element; import org.w3c.dom.traversal.NodeIterator; import at.gv.egovernment.moa.id.AuthenticationException; import at.gv.egovernment.moa.id.ParseException; import at.gv.egovernment.moa.id.auth.data.CreateXMLSignatureResponse; import at.gv.egovernment.moa.id.auth.data.SAMLAttribute; import at.gv.egovernment.moa.util.Constants; import at.gv.egovernment.moa.util.DOMUtils; import at.gv.egovernment.moa.util.XPathUtils; /** * Parses an <InfoboxReadResponse> returned from * the security layer * * @author Stefan Knirsch * @version $Id$ */ public class CreateXMLSignatureResponseParser { // // XPath namespace prefix shortcuts // /** Xpath prefix for reaching SAML Namespaces */ private static final String SAML = Constants.SAML_PREFIX + ":"; /** Xpath prefix for reaching XML-DSIG Namespaces */ private static final String DSIG = Constants.DSIG_PREFIX + ":"; /** Xpath expression to the root element */ private static final String ROOT = ":CreateXMLSignatureResponse/"; /** Xpath expression to the SAML:Assertion element */ private static final String SAML_ASSERTION_XPATH = ROOT + SAML + "Assertion"; /** Xpath expression to the SAML:NameIdentifier element */ private static final String SAML_SUBJECT_NAME_IDENTIFIER_XPATH = SAML_ASSERTION_XPATH + "/" + SAML + "AttributeStatement/" + SAML + "Subject/" + SAML + "NameIdentifier"; /** Xpath expression to the AttributeStatement element */ private static final String SAML_ATTRIBUTE_XPATH = SAML_ASSERTION_XPATH + "/" + SAML + "AttributeStatement/" + SAML + "Attribute"; /** Xpath expression to the AttributeValue element */ private static final String SAML_ATTRIBUTE_VALUE_XPATH = SAML + "AttributeValue"; /** This is the root element of the CreateXMLsignatureResponse */ private Element sigResponse_; /** * Parses and validates the document given as string and extracts the * root element. * * @param xmlResponse <CreateXMLSignatureResponse> as String * * @throws AuthenticationException if any authentication error occurs * @throws ParseException if an element cannot be parsed */ public CreateXMLSignatureResponseParser(String xmlResponse) throws AuthenticationException, ParseException { try { InputStream s = new ByteArrayInputStream(xmlResponse.getBytes("UTF-8")); init(s); } catch (Throwable t) { throw new ParseException("parser.01", new Object[] { t.toString()}, t); } } /** * Parses and validates the document given as stream and extracts the * root element. * * @param xmlResponse <CreateXMLSignatureResponse> as String * * @throws AuthenticationException if any authentication error occurs * @throws ParseException if an element cannot be parsed */ public CreateXMLSignatureResponseParser(InputStream is) throws AuthenticationException, ParseException { init(is); } /** * Constructor for CreateXMLSignatureResponseParser. * The incoming Element will be used for further operations * @param xmlResponse <InfoboxReadResponse> as InputStream */ public CreateXMLSignatureResponseParser(Element xmlResponse) { sigResponse_ = xmlResponse; } /** * Initializes the parser. * Parses and validates the document given as stream and extracts the * root element. * * @param is The CreateXMLSignatureResponse as stream. * @throws AuthenticationException if an authentication error occurs. * @throws ParseException If an error occurs on parsing the the document. */ private void init(InputStream is) throws AuthenticationException, ParseException { try { Element responseElem = DOMUtils.parseXmlValidating(is); if ("CreateXMLSignatureResponse".equals(responseElem.getLocalName())) { sigResponse_ = responseElem; } else { ErrorResponseParser erp = new ErrorResponseParser(responseElem); throw new AuthenticationException("auth.08", new Object[] { erp.getErrorCode(), erp.getErrorInfo()}); } } catch (Throwable t) { throw new ParseException("parser.01", new Object[] { t.toString()}, t); } } /** * Unmarshalls the <@link sigResponse> to an * <CreateXMLSignatureResponse> object. * * @return a <CreateXMLSignatureResponse> object * @throws ParseException */ public CreateXMLSignatureResponse parseResponse() throws ParseException { CreateXMLSignatureResponse cResp; try { cResp = new CreateXMLSignatureResponse(); String slPrefix = XPathUtils.getSlPrefix(sigResponse_); cResp.setSamlNameIdentifier(XPathUtils.getElementValue(sigResponse_, "/" + slPrefix + SAML_SUBJECT_NAME_IDENTIFIER_XPATH, null)); cResp.setSamlAssertion((Element) XPathUtils.selectSingleNode(sigResponse_, "/" + slPrefix + SAML_ASSERTION_XPATH)); NodeIterator attrIter = XPathUtils.selectNodeIterator(sigResponse_, "/" + slPrefix + SAML_ATTRIBUTE_XPATH); Element samlAttr; List samlAttributes = new ArrayList(); while ((samlAttr = (Element) attrIter.nextNode()) != null) { String attrName = XPathUtils.getAttributeValue(samlAttr, "@AttributeName", ""); String attrNamespace = XPathUtils.getAttributeValue(samlAttr, "@AttributeNamespace", ""); Object attrValue; if ("wbPK".equals(attrName)) { Element attrValueElem = (Element)XPathUtils.selectSingleNode(samlAttr, SAML_ATTRIBUTE_VALUE_XPATH); attrValue = DOMUtils.getElementFromNodeList(attrValueElem.getChildNodes()); } else { attrValue = XPathUtils.getElementValue(samlAttr, SAML_ATTRIBUTE_VALUE_XPATH, ""); } samlAttributes.add(new SAMLAttribute(attrName, attrNamespace, attrValue)); } SAMLAttribute[] result = new SAMLAttribute[samlAttributes.size()]; samlAttributes.toArray(result); cResp.setSamlAttributes(result); } catch (Throwable t) { throw new ParseException("parser.01", new Object[] { t.toString()}, t); } return cResp; } // public CreateXMLSignatureResponse parseResponse() throws ParseException { // CreateXMLSignatureResponse cResp; // try { // cResp = new CreateXMLSignatureResponse(); // Element samlAssertion = (Element)sigResponse.getElementsByTagNameNS(Constants.SAML_NS_URI, "Assertion").item(0); // cResp.setSamlAssertion(samlAssertion); // Element samlAttributeStatement = (Element)samlAssertion.getElementsByTagNameNS(Constants.SAML_NS_URI, "AttributeStatement").item(0); // Element samlSubject = (Element)samlAttributeStatement.getElementsByTagNameNS(Constants.SAML_NS_URI, "Subject").item(0); // Element samlNameIdentifier = (Element)samlSubject.getElementsByTagNameNS(Constants.SAML_NS_URI, "NameIdentifier").item(0); // cResp.setSamlNameIdentifier(samlNameIdentifier.getFirstChild().getNodeValue()); // NodeList nl = samlAttributeStatement.getElementsByTagNameNS(Constants.SAML_NS_URI, "Attribute"); // List samlAttributes = new ArrayList(); // for (int i=0; i