/** * Convert an EncryptedElement into a Document * @param encryptedElementType * @return * @throws ConfigurationException */ public Document convert(EncryptedElementType encryptedElementType) throws ConfigurationException { if (encryptedElementType == null) throw new IllegalArgumentException(ErrorCodes.NULL_ARGUMENT + "encryptedElementType"); Document doc = DocumentUtil.createDocument(); Node importedNode = doc.importNode(encryptedElementType.getEncryptedElement(), true); doc.appendChild(importedNode); return doc; }
/** * Given an assertion element, validate the signature * @param assertionElement * @param publicKey the {@link PublicKey} * @return */ public static boolean isSignatureValid(Element assertionElement, PublicKey publicKey) { try { Document doc = DocumentUtil.createDocument(); Node n = doc.importNode(assertionElement, true); doc.appendChild(n); return XMLSignatureUtil.validate(doc, publicKey); } catch (Exception e) { log.error("Cannot validate signature of assertion", e); } return false; }
/** * Given an assertion element, validate the signature * @param assertionElement * @param publicKey the {@link PublicKey} * @return */ public static boolean isSignatureValid(Element assertionElement, PublicKey publicKey) { try { Document doc = DocumentUtil.createDocument(); Node n = doc.importNode(assertionElement, true); doc.appendChild(n); return XMLSignatureUtil.validate(doc, publicKey); } catch (Exception e) { log.error("Cannot validate signature of assertion", e); } return false; }
/** * Create a KeyInfoType * * @return */ public static Element createKeyInfo(String id) { Document doc = null; try { doc = DocumentUtil.createDocument(); } catch (ConfigurationException e) { throw new RuntimeException(e); } Element keyInfoEl = doc.createElementNS(JBossSAMLURIConstants.XMLDSIG_NSURI.get(), JBossSAMLConstants.KEY_INFO.get()); keyInfoEl.setAttribute("Id", id); return keyInfoEl; } }
/** * Convert an EncryptedElement into a Document * * @param encryptedElementType * @return * @throws ConfigurationException */ public Document convert(EncryptedElementType encryptedElementType) throws ConfigurationException { if (encryptedElementType == null) throw logger.nullArgumentError("encryptedElementType"); Document doc = DocumentUtil.createDocument(); Node importedNode = doc.importNode(encryptedElementType.getEncryptedElement(), true); doc.appendChild(importedNode); return doc; }
private DOMSource createSourceFromRequest(RequestSecurityToken request) throws WSTrustException { try { DOMResult result = new DOMResult(DocumentUtil.createDocument()); WSTrustRequestWriter writer = new WSTrustRequestWriter(result); writer.write(request); return new DOMSource(result.getNode()); } catch (Exception e) { throw new WSTrustException( ErrorCodes.PROCESSING_EXCEPTION + "creating source from request: " + e.getMessage(), e); } }
private DOMSource createSourceFromRequest(RequestSecurityToken request) throws WSTrustException { try { DOMResult result = new DOMResult(DocumentUtil.createDocument()); WSTrustRequestWriter writer = new WSTrustRequestWriter(result); writer.write(request); return new DOMSource(result.getNode()); } catch (Exception e) { throw new WSTrustException( ErrorCodes.PROCESSING_EXCEPTION + "creating source from request: " + e.getMessage(), e); } }
/** * Create a KeyInfoType * @return */ public static Element createKeyInfo( String id ) { Document doc = null; try { doc = DocumentUtil.createDocument(); } catch (ConfigurationException e) { throw new RuntimeException( e ); } Element keyInfoEl = doc.createElementNS( JBossSAMLURIConstants.XMLDSIG_NSURI.get(), JBossSAMLConstants.KEY_INFO.get() ); keyInfoEl.setAttribute( "Id", id ); return keyInfoEl; } }
private DOMSource createSourceFromRequest(RequestSecurityToken request) throws WSTrustException { try { DOMResult result = new DOMResult(DocumentUtil.createDocument()); WSTrustRequestWriter writer = new WSTrustRequestWriter(result); writer.write(request); return new DOMSource(result.getNode()); } catch (Exception e) { throw new WSTrustException(logger.processingError(e)); } }
/** * Given an assertion element, validate the signature * * @param assertionElement * @param publicKey the {@link PublicKey} * @return */ public static boolean isSignatureValid(Element assertionElement, PublicKey publicKey) { try { Document doc = DocumentUtil.createDocument(); Node n = doc.importNode(assertionElement, true); doc.appendChild(n); return new SAML2Signature().validate(doc, publicKey); } catch (Exception e) { logger.signatureAssertionValidationError(e); } return false; }
/** * <p> * Marshalls the specified {@code RequestSecurityTokenResponse} into a {@code Source} instance. * </p> * * @param response the {@code RequestSecurityTokenResponse} to be marshalled. * @return the resulting {@code Source} instance. */ protected Source marshallResponse(RequestSecurityTokenResponse response) { // add the single response to a RequestSecurityTokenResponse collection, as per the specification. RequestSecurityTokenResponseCollection responseCollection = new RequestSecurityTokenResponseCollection(); responseCollection.addRequestSecurityTokenResponse(response); try { DOMResult result = new DOMResult(DocumentUtil.createDocument()); WSTrustResponseWriter writer = new WSTrustResponseWriter(result); writer.write(responseCollection); return new DOMSource(result.getNode()); } catch (Exception e) { throw logger.stsWSResponseWritingError(e); } }
/** * <p> * Marshalls the specified {@code RequestSecurityTokenResponse} into a {@code Source} instance. * </p> * * @param response * the {@code RequestSecurityTokenResponse} to be marshalled. * @return the resulting {@code Source} instance. */ protected Source marshallResponse(RequestSecurityTokenResponse response) { // add the single response to a RequestSecurityTokenResponse collection, as per the specification. RequestSecurityTokenResponseCollection responseCollection = new RequestSecurityTokenResponseCollection(); responseCollection.addRequestSecurityTokenResponse(response); try { DOMResult result = new DOMResult(DocumentUtil.createDocument()); WSTrustResponseWriter writer = new WSTrustResponseWriter(result); writer.write(responseCollection); return new DOMSource(result.getNode()); } catch (Exception e) { throw new WebServiceException(ErrorCodes.STS_RESPONSE_WRITING_ERROR + e.getMessage(), e); } }
/** * <p> * Marshalls the specified {@code RequestSecurityTokenResponse} into a {@code Source} instance. * </p> * * @param response * the {@code RequestSecurityTokenResponse} to be marshalled. * @return the resulting {@code Source} instance. */ protected Source marshallResponse(RequestSecurityTokenResponse response) { // add the single response to a RequestSecurityTokenResponse collection, as per the specification. RequestSecurityTokenResponseCollection responseCollection = new RequestSecurityTokenResponseCollection(); responseCollection.addRequestSecurityTokenResponse(response); try { DOMResult result = new DOMResult(DocumentUtil.createDocument()); WSTrustResponseWriter writer = new WSTrustResponseWriter(result); writer.write(responseCollection); return new DOMSource(result.getNode()); } catch (Exception e) { throw new WebServiceException(ErrorCodes.STS_RESPONSE_WRITING_ERROR + e.getMessage(), e); } }
/** * Given that the {@code XMLEventReader} is in {@code XMLStreamConstants.START_ELEMENT} mode, we parse into a DOM Element * * @param xmlEventReader * @return * @throws ParsingException */ public static Element getDOMElement(XMLEventReader xmlEventReader) throws ParsingException { Transformer transformer = null; final String JDK_TRANSFORMER_PROPERTY = "picketlink.jdk.transformer"; boolean useJDKTransformer = Boolean.parseBoolean(SecurityActions.getSystemProperty(JDK_TRANSFORMER_PROPERTY, "false")); try { if (useJDKTransformer) { transformer = TransformerUtil.getTransformer(); } else { transformer = TransformerUtil.getStaxSourceToDomResultTransformer(); } Document resultDocument = DocumentUtil.createDocument(); DOMResult domResult = new DOMResult(resultDocument); Source source = new StAXSource(xmlEventReader); TransformerUtil.transform(transformer, source, domResult); Document doc = (Document) domResult.getNode(); return doc.getDocumentElement(); } catch (ConfigurationException e) { throw logger.parserException(e); } catch (XMLStreamException e) { throw logger.parserException(e); } }
Document resultDocument = DocumentUtil.createDocument(); DOMResult domResult = new DOMResult(resultDocument);
message = DocumentUtil.createDocument(); binder.marshal(responseElement, message);
Document document = DocumentUtil.createDocument();
private ResponseType decryptAssertion(ResponseType responseType, PrivateKey privateKey) throws ProcessingException { if (privateKey == null) throw new IllegalArgumentException(ErrorCodes.NULL_ARGUMENT + "privateKey"); SAML2Response saml2Response = new SAML2Response(); try { Document doc = saml2Response.convert(responseType); Element enc = DocumentUtil.getElement(doc, new QName(JBossSAMLConstants.ENCRYPTED_ASSERTION.get())); if (enc == null) throw new ProcessingException(ErrorCodes.NULL_VALUE + "Null encrypted assertion element"); String oldID = enc.getAttribute(JBossSAMLConstants.ID.get()); Document newDoc = DocumentUtil.createDocument(); Node importedNode = newDoc.importNode(enc, true); newDoc.appendChild(importedNode); Element decryptedDocumentElement = XMLEncryptionUtil.decryptElementInDocument(newDoc, privateKey); SAMLParser parser = new SAMLParser(); JAXPValidationUtil.checkSchemaValidation(decryptedDocumentElement); AssertionType assertion = (AssertionType) parser.parse(StaxParserUtil.getXMLEventReader(DocumentUtil .getNodeAsStream(decryptedDocumentElement))); responseType.replaceAssertion(oldID, new RTChoiceType(assertion)); return responseType; } catch (Exception e) { throw new ProcessingException(e); } }
private ResponseType decryptAssertion(ResponseType responseType, PrivateKey privateKey) throws ProcessingException { if (privateKey == null) throw new IllegalArgumentException(ErrorCodes.NULL_ARGUMENT + "privateKey"); SAML2Response saml2Response = new SAML2Response(); try { Document doc = saml2Response.convert(responseType); Element enc = DocumentUtil.getElement(doc, new QName(JBossSAMLConstants.ENCRYPTED_ASSERTION.get())); if (enc == null) throw new ProcessingException(ErrorCodes.NULL_VALUE + "Null encrypted assertion element"); String oldID = enc.getAttribute(JBossSAMLConstants.ID.get()); Document newDoc = DocumentUtil.createDocument(); Node importedNode = newDoc.importNode(enc, true); newDoc.appendChild(importedNode); Element decryptedDocumentElement = XMLEncryptionUtil.decryptElementInDocument(newDoc, privateKey); SAMLParser parser = new SAMLParser(); JAXPValidationUtil.checkSchemaValidation(decryptedDocumentElement); AssertionType assertion = (AssertionType) parser.parse(StaxParserUtil.getXMLEventReader(DocumentUtil .getNodeAsStream(decryptedDocumentElement))); responseType.replaceAssertion(oldID, new RTChoiceType(assertion)); return responseType; } catch (Exception e) { throw new ProcessingException(e); } }
private ResponseType decryptAssertion(ResponseType responseType, PrivateKey privateKey) throws ProcessingException { if (privateKey == null) throw logger.nullArgumentError("privateKey"); SAML2Response saml2Response = new SAML2Response(); try { Document doc = saml2Response.convert(responseType); Element enc = DocumentUtil.getElement(doc, new QName(JBossSAMLConstants.ENCRYPTED_ASSERTION.get())); if (enc == null) throw logger.samlHandlerNullEncryptedAssertion(); String oldID = enc.getAttribute(JBossSAMLConstants.ID.get()); Document newDoc = DocumentUtil.createDocument(); Node importedNode = newDoc.importNode(enc, true); newDoc.appendChild(importedNode); Element decryptedDocumentElement = XMLEncryptionUtil.decryptElementInDocument(newDoc, privateKey); SAMLParser parser = new SAMLParser(); JAXPValidationUtil.checkSchemaValidation(decryptedDocumentElement); AssertionType assertion = (AssertionType) parser.parse(StaxParserUtil.getXMLEventReader(DocumentUtil .getNodeAsStream(decryptedDocumentElement))); responseType.replaceAssertion(oldID, new RTChoiceType(assertion)); return responseType; } catch (Exception e) { throw logger.processingError(e); } }