--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/gwt-client/src/main/java/org/dive4elements/river/client/server/auth/was/Response.java	Thu Apr 25 15:23:37 2013 +0200
@@ -0,0 +1,118 @@
+package org.dive4elements.river.client.server.auth.was;
+
+import java.io.IOException;
+import java.io.InputStream;
+import java.util.List;
+
+import org.apache.commons.codec.binary.Base64InputStream;
+
+import org.apache.http.HttpEntity;
+
+import org.apache.log4j.Logger;
+
+import org.jdom.Document;
+import org.jdom.Element;
+import org.jdom.JDOMException;
+import org.jdom.input.SAXBuilder;
+
+import org.dive4elements.river.client.server.auth.Authentication;
+import org.dive4elements.river.client.server.auth.AuthenticationException;
+
+import org.dive4elements.river.client.server.features.Features;
+
+public class Response implements Authentication {
+
+    private static Logger logger = Logger.getLogger(Response.class);
+
+    private Element root;
+    private Assertion assertion;
+    private String username;
+    private String password;
+    private Features features;
+
+
+    public Response(HttpEntity entity, String username, String password, Features features) throws AuthenticationException, IOException {
+
+        if (entity == null) {
+            throw new ServiceException("Invalid response");
+        }
+
+        String contenttype = entity.getContentType().getValue();
+
+        try {
+            InputStream in = entity.getContent();
+
+            if (!contenttype.equals("application/vnd.ogc.se_xml")) {
+                // XXX: Assume base64 encoded content.
+                in = new Base64InputStream(in);
+            }
+
+            SAXBuilder builder = new SAXBuilder();
+            Document doc = builder.build(in);
+            Element root = doc.getRootElement();
+            String rname = root.getName();
+
+            if (rname != null && rname.equals("ServiceExceptionReport")) {
+                throw new ServiceException(root.getChildText("ServiceException"));
+            }
+
+            this.root = root;
+            this.username = username;
+            this.password = password;
+            this.features = features;
+
+        }
+        catch(JDOMException e) {
+            throw new AuthenticationException(e);
+        }
+    }
+
+    public Element getRoot() {
+        return this.root;
+    }
+
+    @Override
+    public boolean isSuccess() {
+        String status = getStatus();
+        return status != null && status.equals("samlp:Success");
+    }
+
+    public String getStatus() {
+        Element status = this.root.getChild("Status", Namespaces.SAML_NS_PROTO);
+        if (status == null) {
+            return null;
+        }
+        Element statuscode = status.getChild("StatusCode",
+                Namespaces.SAML_NS_PROTO);
+        if (statuscode == null) {
+            return null;
+        }
+        return statuscode.getAttributeValue("Value");
+    }
+
+    public Assertion getAssertion() {
+        if (this.assertion == null && this.root != null) {
+            Element assertion = this.root.getChild("Assertion",
+                    Namespaces.SAML_NS_ASSERT);
+            if (assertion != null) {
+                this.assertion = new Assertion(assertion);
+            }
+        }
+        return this.assertion;
+    }
+
+    @Override
+    public User getUser() throws AuthenticationException {
+        Assertion assertion = this.getAssertion();
+        if (assertion == null) {
+            throw new AuthenticationException("Response doesn't contain an assertion");
+        }
+        List<String> features = this.features.getFeatures(
+                this.assertion.getRoles());
+        logger.debug("User " + this.username + " with features " + features +
+                     " successfully authenticated.");
+        return new User(this.username, this.password, assertion.getNameID(),
+                this.assertion.getRoles(), assertion, features);
+    }
+}
+// vim: set si et fileencoding=utf-8 ts=4 sw=4 tw=80: