Mercurial > dive4elements > river
comparison flys-client/src/main/java/org/dive4elements/river/client/server/auth/was/Assertion.java @ 5834:f507086aa94b
Repaired internal references.
author | Sascha L. Teichmann <teichmann@intevation.de> |
---|---|
date | Thu, 25 Apr 2013 12:31:32 +0200 |
parents | flys-client/src/main/java/de/intevation/flys/client/server/auth/was/Assertion.java@adcb8aee1910 |
children | 821a02bbfb4e |
comparison
equal
deleted
inserted
replaced
5833:a2bdc0f524e8 | 5834:f507086aa94b |
---|---|
1 package de.intevation.flys.client.server.auth.was; | |
2 | |
3 import java.text.ParseException; | |
4 import java.text.SimpleDateFormat; | |
5 import java.util.Iterator; | |
6 import java.util.Date; | |
7 import java.util.List; | |
8 import java.util.LinkedList; | |
9 | |
10 import org.apache.log4j.Logger; | |
11 | |
12 import org.jdom.Element; | |
13 | |
14 public class Assertion { | |
15 | |
16 private static Logger logger = Logger.getLogger(Assertion.class); | |
17 | |
18 private Element assertion; | |
19 private LinkedList<String> roles; | |
20 private String assertion_id; | |
21 private String user_id; | |
22 private String name_id; | |
23 private String group_id; | |
24 private String group_name; | |
25 private Date notbefore; | |
26 private Date notonorafter; | |
27 private Signature signature; | |
28 | |
29 private static final String ATTR_CONT_USER_ID = | |
30 "urn:conterra:names:sdi-suite:policy:attribute:user-id"; | |
31 private static final String ATTR_CONT_GROUP_ID = | |
32 "urn:conterra:names:sdi-suite:policy:attribute:group-id"; | |
33 private static final String ATTR_CONT_GROUP_NAME = | |
34 "urn:conterra:names:sdi-suite:policy:attribute:group-name"; | |
35 private static final String ATTR_CONT_ROLE = | |
36 "urn:conterra:names:sdi-suite:policy:attribute:role"; | |
37 | |
38 | |
39 public Assertion(Element assertion) { | |
40 this.assertion = assertion; | |
41 this.roles = new LinkedList<String>(); | |
42 | |
43 this.assertion_id = assertion.getAttributeValue("AssertionID"); | |
44 | |
45 this.parseContition(); | |
46 this.parseAttributeStatement(); | |
47 } | |
48 | |
49 private void parseContition() { | |
50 Element condition = this.assertion.getChild("Conditions", | |
51 Namespaces.SAML_NS_ASSERT); | |
52 if (condition != null) { | |
53 SimpleDateFormat dateformat = new SimpleDateFormat(); | |
54 // format should be "yyyy-MM-dd'T'HH:mm:ss.SSSXXX" but that's only | |
55 // available in java 7+ | |
56 dateformat.applyPattern("yyyy-MM-dd'T'HH:mm:ss.SSS'Z'"); | |
57 String from = condition.getAttributeValue("NotBefore"); | |
58 if (from != null) { | |
59 try { | |
60 this.notbefore = dateformat.parse(from); | |
61 } | |
62 catch(ParseException e) { | |
63 logger.error("Unknown datetime format for Condition " + | |
64 "NotBefore " + from); | |
65 } | |
66 } | |
67 | |
68 String until = condition.getAttributeValue("NotOnOrAfter"); | |
69 logger.debug("Session is valid until " + until); | |
70 if (until != null) { | |
71 try { | |
72 this.notonorafter = dateformat.parse(until); | |
73 } | |
74 catch(ParseException e) { | |
75 logger.error("Unknown datetime format for Condition " + | |
76 "NotOnOrAfter " + until); | |
77 } | |
78 } | |
79 } | |
80 } | |
81 | |
82 private void parseAttributeStatement() { | |
83 Element attrstatement = this.assertion.getChild("AttributeStatement", | |
84 Namespaces.SAML_NS_ASSERT); | |
85 if (attrstatement != null) { | |
86 | |
87 Element subject = attrstatement.getChild("Subject", | |
88 Namespaces.SAML_NS_ASSERT); | |
89 if (subject != null) { | |
90 this.name_id = subject.getChildText("NameIdentifier", | |
91 Namespaces.SAML_NS_ASSERT); | |
92 } | |
93 | |
94 List attributes = attrstatement.getChildren("Attribute", | |
95 Namespaces.SAML_NS_ASSERT); | |
96 for(Iterator i = attributes.iterator(); i.hasNext();) { | |
97 Element attr = (Element)i.next(); | |
98 String attrname = attr.getAttributeValue("AttributeName"); | |
99 if (attrname.equals(ATTR_CONT_USER_ID)) { | |
100 this.user_id = this.getAttributeValue(attr); | |
101 } | |
102 else if (attrname.equals(ATTR_CONT_GROUP_ID)) { | |
103 this.group_id = this.getAttributeValue(attr); | |
104 } | |
105 else if (attrname.equals(ATTR_CONT_GROUP_NAME)) { | |
106 this.group_name = this.getAttributeValue(attr); | |
107 } | |
108 else if (attrname.equals(ATTR_CONT_ROLE)) { | |
109 List roles = attr.getChildren("AttributeValue", | |
110 Namespaces.SAML_NS_ASSERT); | |
111 for(Iterator j = roles.iterator(); j.hasNext();) { | |
112 Element role = (Element)j.next(); | |
113 this.roles.add(role.getText()); | |
114 } | |
115 } | |
116 else { | |
117 logger.debug("Unknown AttributeName " + attrname + | |
118 " found while parsing AttributeStatement."); | |
119 } | |
120 } | |
121 } | |
122 } | |
123 | |
124 private String getAttributeValue(Element attr) { | |
125 return attr.getChildText("AttributeValue", Namespaces.SAML_NS_ASSERT); | |
126 } | |
127 | |
128 public List<String> getRoles() { | |
129 return this.roles; | |
130 } | |
131 | |
132 public Boolean isValid() { | |
133 // TODO: | |
134 // check signature digest | |
135 // check signature value | |
136 // check signature cert | |
137 return false; | |
138 } | |
139 | |
140 public Signature getSiganture() { | |
141 if (this.signature == null) { | |
142 Element signature = this.assertion.getChild("Signature", | |
143 Namespaces.XML_SIG_NS); | |
144 if (signature != null) { | |
145 this.signature = new Signature(signature); | |
146 } | |
147 } | |
148 return this.signature; | |
149 } | |
150 | |
151 public String getUserID() { | |
152 return this.user_id; | |
153 } | |
154 | |
155 public String getNameID() { | |
156 return this.name_id; | |
157 } | |
158 | |
159 public String getGroupID() { | |
160 return this.group_id; | |
161 } | |
162 | |
163 public String getGroupName() { | |
164 return this.group_name; | |
165 } | |
166 | |
167 public String getID() { | |
168 return this.assertion_id; | |
169 } | |
170 | |
171 public Date getFrom() { | |
172 return this.notbefore; | |
173 } | |
174 | |
175 public Date getUntil() { | |
176 return this.notonorafter; | |
177 } | |
178 } | |
179 // vim: set fileencoding=utf-8 ts=4 sw=4 et si tw=80: |