import java.util.ArrayList;
import java.util.List;
import org.w3c.dom.Element;
import org.w3c.dom.traversal.NodeIterator;
import at.gv.egovernment.moa.util.Constants;
import at.gv.egovernment.moa.util.DOMUtils;
import at.gv.egovernment.moa.util.XPathUtils;
* Parses an <InfoboxReadResponse>
returned from
* the security layer
* @author Stefan Knirsch
* @version $Id$
public class CreateXMLSignatureResponseParser {
// XPath namespace prefix shortcuts
/** Xpath prefix for reaching SAML Namespaces */
private static final String SAML = Constants.SAML_PREFIX + ":";
/** Xpath prefix for reaching XML-DSIG Namespaces */
private static final String DSIG = Constants.DSIG_PREFIX + ":";
/** Xpath expression to the root element */
private static final String ROOT = ":CreateXMLSignatureResponse/";
/** Xpath expression to the SAML:Assertion element */
private static final String SAML_ASSERTION_XPATH = ROOT + SAML + "Assertion";
/** Xpath expression to the SAML:NameIdentifier element */
private static final String SAML_SUBJECT_NAME_IDENTIFIER_XPATH = SAML_ASSERTION_XPATH + "/" + SAML + "AttributeStatement/" + SAML + "Subject/" + SAML + "NameIdentifier";
/** Xpath expression to the AttributeStatement element */
private static final String SAML_ATTRIBUTE_XPATH = SAML_ASSERTION_XPATH + "/" + SAML + "AttributeStatement/" + SAML + "Attribute";
/** Xpath expression to the AttributeValue element */
private static final String SAML_ATTRIBUTE_VALUE_XPATH = SAML + "AttributeValue";
/** This is the root element of the CreateXMLsignatureResponse */
private Element sigResponse_;
* Parses and validates the document given as string and extracts the
* root element.
* @param xmlResponse <CreateXMLSignatureResponse>
as String
* @throws AuthenticationException if any authentication error occurs
* @throws ParseException if an element cannot be parsed
public CreateXMLSignatureResponseParser(String xmlResponse) throws AuthenticationException, ParseException {
try {
InputStream s = new ByteArrayInputStream(xmlResponse.getBytes("UTF-8"));
catch (Throwable t) {
throw new ParseException("parser.01", new Object[] { t.toString()}, t);
* Parses and validates the document given as stream and extracts the
* root element.
* @param is <InfoboxReadResponse>
as InputStream
* @throws AuthenticationException If any authentication error occurs
* @throws ParseException If an element cannot be parsed
public CreateXMLSignatureResponseParser(InputStream is) throws AuthenticationException, ParseException {
* Constructor for CreateXMLSignatureResponseParser.
* The incoming Element will be used for further operations
* @param xmlResponse <InfoboxReadResponse>
as InputStream
public CreateXMLSignatureResponseParser(Element xmlResponse) {
sigResponse_ = xmlResponse;
* Initializes the parser.
* Parses and validates the document given as stream and extracts the
* root element.
* @param is The CreateXMLSignatureResponse as stream.
* @throws AuthenticationException if an authentication error occurs.
* @throws ParseException If an error occurs on parsing the the document.
private void init(InputStream is) throws AuthenticationException, ParseException {
try {
Element responseElem = DOMUtils.parseXmlValidating(is);
if ("CreateXMLSignatureResponse".equals(responseElem.getLocalName())) {
sigResponse_ = responseElem;
} else {
ErrorResponseParser erp = new ErrorResponseParser(responseElem);
throw new AuthenticationException("auth.08", new Object[] { erp.getErrorCode(), erp.getErrorInfo()});
} catch (Throwable t) {
throw new ParseException("parser.01", new Object[] { t.toString()}, t);
* Unmarshalls the <@link sigResponse> to an
* <CreateXMLSignatureResponse>
* @return a <CreateXMLSignatureResponse>
* @throws ParseException
public CreateXMLSignatureResponse parseResponse() throws ParseException {
CreateXMLSignatureResponse cResp;
try {
cResp = new CreateXMLSignatureResponse();
String slPrefix = XPathUtils.getSlPrefix(sigResponse_);
cResp.setSamlNameIdentifier(XPathUtils.getElementValue(sigResponse_, "/" + slPrefix + SAML_SUBJECT_NAME_IDENTIFIER_XPATH, null));
cResp.setSamlAssertion((Element) XPathUtils.selectSingleNode(sigResponse_, "/" + slPrefix + SAML_ASSERTION_XPATH));
NodeIterator attrIter = XPathUtils.selectNodeIterator(sigResponse_, "/" + slPrefix + SAML_ATTRIBUTE_XPATH);
Element samlAttr;
List samlAttributes = new ArrayList();
while ((samlAttr = (Element) attrIter.nextNode()) != null) {
String attrName = XPathUtils.getAttributeValue(samlAttr, "@AttributeName", "");
String attrNamespace = XPathUtils.getAttributeValue(samlAttr, "@AttributeNamespace", "");
Object attrValue;
Element attrValueElem = (Element)XPathUtils.selectSingleNode(samlAttr, SAML_ATTRIBUTE_VALUE_XPATH);
attrValue = DOMUtils.getElementFromNodeList(attrValueElem.getChildNodes());
if (attrValue == null) {
if (null!=attrValueElem.getFirstChild()) {
attrValue = attrValueElem.getFirstChild().getNodeValue();
} else {
attrValue = "";
samlAttributes.add(new SAMLAttribute(attrName, attrNamespace, attrValue));
SAMLAttribute[] result = new SAMLAttribute[samlAttributes.size()];
catch (Throwable t) {
throw new ParseException("parser.01", new Object[] { t.toString()}, t);
return cResp;
// public CreateXMLSignatureResponse parseResponse() throws ParseException {
// CreateXMLSignatureResponse cResp;
// try {
// cResp = new CreateXMLSignatureResponse();
// Element samlAssertion = (Element)sigResponse.getElementsByTagNameNS(Constants.SAML_NS_URI, "Assertion").item(0);
// cResp.setSamlAssertion(samlAssertion);
// Element samlAttributeStatement = (Element)samlAssertion.getElementsByTagNameNS(Constants.SAML_NS_URI, "AttributeStatement").item(0);
// Element samlSubject = (Element)samlAttributeStatement.getElementsByTagNameNS(Constants.SAML_NS_URI, "Subject").item(0);
// Element samlNameIdentifier = (Element)samlSubject.getElementsByTagNameNS(Constants.SAML_NS_URI, "NameIdentifier").item(0);
// cResp.setSamlNameIdentifier(samlNameIdentifier.getFirstChild().getNodeValue());
// NodeList nl = samlAttributeStatement.getElementsByTagNameNS(Constants.SAML_NS_URI, "Attribute");
// List samlAttributes = new ArrayList();
// for (int i=0; i