com.sun.identity.saml2.common
Class SAML2SDKUtils

java.lang.Object
  com.sun.identity.saml2.common.SAML2SDKUtils

Direct Known Subclasses:

XACMLSDKUtils

public class SAML2SDKUtils
extends Object

The SAML2SDKUtils contains utility methods for SAML 2.0 implementation.

Field Summary

static String	ACTION
static String	ADVICE
static String	ARTIFACT
static String	ARTIFACT_RESOLVE
static String	ARTIFACT_RESPONSE
static String	ASSERTION
static String	ASSERTION_ID_REF
static String	ASSERTION_ID_REQUEST
static String	ATTRIBUTE
static String	ATTRIBUTE_QUERY
static String	ATTRIBUTE_STATEMENT
static String	AUDIENCE_RESTRICTION
static String	AUTHN_CONTEXT
static String	AUTHN_QUERY
static String	AUTHN_REQUEST
static String	AUTHN_STATEMENT
static String	AUTHZ_DECISION_STATEMENT
static String	BASEID
static ResourceBundle	bundle
static String	BUNDLE_NAME
static String	CONDITION
static String	CONDITIONS
static com.sun.identity.shared.debug.Debug	debug
static String	ECP_RELAY_STATE
static String	ECP_REQUEST
static String	ECP_RESPONSE
static String	ENCRYPTED_ASSERTION
static String	ENCRYPTED_ATTRIBUTE
static String	ENCRYPTED_ELEMENT
static String	ENCRYPTEDID
static String	EVIDENCE
static String	EXTENSIONS
static String	GET_COMPLETE
static String	IDPENTRY
static String	IDPLIST
static String	ISSUER
static String	KEYINFO_CONFIRMATION_DATA
static String	LOGOUT_REQUEST
static String	LOGOUT_RESPONSE
static String	MANAGE_NAMEID_REQUEST
static String	MANAGE_NAMEID_RESPONSE
static String	NAMEID
static String	NAMEID_POLICY
static String	NAMEIDMAPPING_REQ
static String	NAMEIDMAPPING_RES
static String	NEW_ENCRYPTEDID
static String	NEWID
static String	ONE_TIME_USE
static String	PROXY_RESTRICTION
static SecureRandom	random
static String	REQUESTED_AUTHN_CONTEXT
static String	REQUESTERID
static String	RESPONSE
protected static String	SAML2ID_PREFIX
static String	SCOPING
static String	SESSION_INDEX
static String	STATEMENT
static String	STATUS
static String	STATUS_CODE
static String	STATUS_DETAIL
static String	STATUS_MESSAGE
static String	STATUS_RESPONSE
static String	SUBJECT
static String	SUBJECT_CONFIRMATION
static String	SUBJECT_CONFIRMATION_DATA
static String	SUBJECT_LOCALITY

Constructor Summary

protected

SAML2SDKUtils() Protected contstructor.

Method Summary

static Boolean	booleanValueOf(String value) Returns the boolean value as a Boolean object.
static String	byteArrayToHexString(byte[] byteArray) Converts byte array to Hex String.
static String	byteArrayToString(byte[] bytes) Converts byte array to String.
static boolean	checkStatement(Element element, String statementname) Verifies if an element is a type of a specific statement.
static String	createSOAPMessageString(String xmlString) Creates SOAPMessage with the input XML String as message body.
static String	fillInBasicAuthInfo(BaseConfigType config, String locationURL) Fills in basic auth user and password inside the location URL if configuration is done properly
static String	generateID() Generates ID.
static String	generateMessageHandle() Generates message handle used in an Artifact.
static List	getDiscoveryBootStrapCredentials(HttpServletRequest request) Gets the Discovery bootstrap credentials.
static ResourceOffering	getDiscoveryBootStrapResourceOffering(HttpServletRequest request) Gets the Discovery bootstrap resource offering in an attribute statement.
static Object	getObjectInstance(String iName) Returns default object instance for a given interface.
static Object	getObjectInstance(String iName, byte[] typecode, int endpointIndex, String sourceID, String messageHandle) Returns new object instance with given parameters.
static Object	getObjectInstance(String iName, Element value) Returns new object instance taking Element parameter in constructor.
static Object	getObjectInstance(String iName, String value) Returns new object instance taking String parameter in constructor.
static byte[]	hexStringToByteArray(String hexString) Converts Hex String to Byte Array.
static byte[]	intToTwoBytes(int i) Converts integer to byte array.
static String	removeDeployUri(String uri) Removes deployment URI from the pass down string.
static Boolean	StringToBoolean(String str) Converts a value of XML boolean type to Boolean object.
static byte[]	stringToByteArray(String input) Converts String to Byte Array.
static int	twoBytesToInt(byte[] bytes) Converts two bytes to an integer.

Field Detail

debug

public static com.sun.identity.shared.debug.Debug debug

BUNDLE_NAME

public static final String BUNDLE_NAME

See Also:

Constant Field Values

bundle

public static ResourceBundle bundle

SAML2ID_PREFIX

protected static final String SAML2ID_PREFIX

See Also:

Constant Field Values

random

public static SecureRandom random

ACTION

public static final String ACTION

See Also:

Constant Field Values

ADVICE

public static final String ADVICE

See Also:

Constant Field Values

ASSERTION

public static final String ASSERTION

See Also:

Constant Field Values

ASSERTION_ID_REF

public static final String ASSERTION_ID_REF

See Also:

Constant Field Values

ASSERTION_ID_REQUEST

public static final String ASSERTION_ID_REQUEST

See Also:

Constant Field Values

ATTRIBUTE

public static final String ATTRIBUTE

See Also:

Constant Field Values

ATTRIBUTE_STATEMENT

public static final String ATTRIBUTE_STATEMENT

See Also:

Constant Field Values

AUDIENCE_RESTRICTION

public static final String AUDIENCE_RESTRICTION

See Also:

Constant Field Values

AUTHN_CONTEXT

public static final String AUTHN_CONTEXT

See Also:

Constant Field Values

AUTHN_STATEMENT

public static final String AUTHN_STATEMENT

See Also:

Constant Field Values

AUTHZ_DECISION_STATEMENT

public static final String AUTHZ_DECISION_STATEMENT

See Also:

Constant Field Values

BASEID

public static final String BASEID

See Also:

Constant Field Values

CONDITION

public static final String CONDITION

See Also:

Constant Field Values

CONDITIONS

public static final String CONDITIONS

See Also:

Constant Field Values

ENCRYPTED_ASSERTION

public static final String ENCRYPTED_ASSERTION

See Also:

Constant Field Values

ENCRYPTED_ATTRIBUTE

public static final String ENCRYPTED_ATTRIBUTE

See Also:

Constant Field Values

ENCRYPTED_ELEMENT

public static final String ENCRYPTED_ELEMENT

See Also:

Constant Field Values

ENCRYPTEDID

public static final String ENCRYPTEDID

See Also:

Constant Field Values

EVIDENCE

public static final String EVIDENCE

See Also:

Constant Field Values

ISSUER

public static final String ISSUER

See Also:

Constant Field Values

KEYINFO_CONFIRMATION_DATA

public static final String KEYINFO_CONFIRMATION_DATA

See Also:

Constant Field Values

NAMEID

public static final String NAMEID

See Also:

Constant Field Values

ONE_TIME_USE

public static final String ONE_TIME_USE

See Also:

Constant Field Values

PROXY_RESTRICTION

public static final String PROXY_RESTRICTION

See Also:

Constant Field Values

STATEMENT

public static final String STATEMENT

See Also:

Constant Field Values

SUBJECT_CONFIRMATION_DATA

public static final String SUBJECT_CONFIRMATION_DATA

See Also:

Constant Field Values

SUBJECT_CONFIRMATION

public static final String SUBJECT_CONFIRMATION

See Also:

Constant Field Values

SUBJECT

public static final String SUBJECT

See Also:

Constant Field Values

SUBJECT_LOCALITY

public static final String SUBJECT_LOCALITY

See Also:

Constant Field Values

ARTIFACT

public static final String ARTIFACT

See Also:

Constant Field Values

ARTIFACT_RESOLVE

public static final String ARTIFACT_RESOLVE

See Also:

Constant Field Values

ARTIFACT_RESPONSE

public static final String ARTIFACT_RESPONSE

See Also:

Constant Field Values

ATTRIBUTE_QUERY

public static final String ATTRIBUTE_QUERY

See Also:

Constant Field Values

AUTHN_QUERY

public static final String AUTHN_QUERY

See Also:

Constant Field Values

AUTHN_REQUEST

public static final String AUTHN_REQUEST

See Also:

Constant Field Values

ECP_RELAY_STATE

public static final String ECP_RELAY_STATE

See Also:

Constant Field Values

ECP_REQUEST

public static final String ECP_REQUEST

See Also:

Constant Field Values

ECP_RESPONSE

public static final String ECP_RESPONSE

See Also:

Constant Field Values

EXTENSIONS

public static final String EXTENSIONS

See Also:

Constant Field Values

GET_COMPLETE

public static final String GET_COMPLETE

See Also:

Constant Field Values

IDPENTRY

public static final String IDPENTRY

See Also:

Constant Field Values

IDPLIST

public static final String IDPLIST

See Also:

Constant Field Values

LOGOUT_REQUEST

public static final String LOGOUT_REQUEST

See Also:

Constant Field Values

LOGOUT_RESPONSE

public static final String LOGOUT_RESPONSE

See Also:

Constant Field Values

MANAGE_NAMEID_REQUEST

public static final String MANAGE_NAMEID_REQUEST

See Also:

Constant Field Values

MANAGE_NAMEID_RESPONSE

public static final String MANAGE_NAMEID_RESPONSE

See Also:

Constant Field Values

NAMEID_POLICY

public static final String NAMEID_POLICY

See Also:

Constant Field Values

NEW_ENCRYPTEDID

public static final String NEW_ENCRYPTEDID

See Also:

Constant Field Values

NEWID

public static final String NEWID

See Also:

Constant Field Values

REQUESTED_AUTHN_CONTEXT

public static final String REQUESTED_AUTHN_CONTEXT

See Also:

Constant Field Values

REQUESTERID

public static final String REQUESTERID

See Also:

Constant Field Values

RESPONSE

public static final String RESPONSE

See Also:

Constant Field Values

SCOPING

public static final String SCOPING

See Also:

Constant Field Values

SESSION_INDEX

public static final String SESSION_INDEX

See Also:

Constant Field Values

STATUS_CODE

public static final String STATUS_CODE

See Also:

Constant Field Values

STATUS_DETAIL

public static final String STATUS_DETAIL

See Also:

Constant Field Values

STATUS

public static final String STATUS

See Also:

Constant Field Values

STATUS_MESSAGE

public static final String STATUS_MESSAGE

See Also:

Constant Field Values

STATUS_RESPONSE

public static final String STATUS_RESPONSE

See Also:

Constant Field Values

NAMEIDMAPPING_REQ

public static final String NAMEIDMAPPING_REQ

See Also:

Constant Field Values

NAMEIDMAPPING_RES

public static final String NAMEIDMAPPING_RES

See Also:

Constant Field Values

Constructor Detail

SAML2SDKUtils

protected SAML2SDKUtils()

Protected contstructor.

Method Detail

getObjectInstance

public static Object getObjectInstance(String iName)

Returns default object instance for a given interface.

Parameters:

iName - name of the interface.

Returns:

object instance corresponding to the interface implementation. return null if the object instance could not be obtained.

getObjectInstance

public static Object getObjectInstance(String iName,
                                       String value)

Returns new object instance taking String parameter in constructor.

Parameters:

iName - name of the interface.

value - String value to be used as parameter in constructor.

Returns:

object instance corresponding to the interface implementation. return null if the object instance could not be obtained.

getObjectInstance

public static Object getObjectInstance(String iName,
                                       Element value)

Returns new object instance taking Element parameter in constructor.

Parameters:

iName - name of the interface.

value - Element value to be used as parameter in constructor.

Returns:

object instance corresponding to the interface implementation. return null if the object instance could not be obtained.

getObjectInstance

public static Object getObjectInstance(String iName,
                                       byte[] typecode,
                                       int endpointIndex,
                                       String sourceID,
                                       String messageHandle)

Returns new object instance with given parameters.

Parameters:

iName - name of the interface.

typecode - type code.

endpointIndex - end point index.

sourceID - source ID.

messageHandle - message handler.

Returns:

object instance corresponding to the interface implementation. return null if the object instance could not be obtained.

checkStatement

public static boolean checkStatement(Element element,
                                     String statementname)

Verifies if an element is a type of a specific statement. Currently, this method is used by class AuthnStatementImpl, AuthzDecisionStatement and AttributeStatementImpl.

Parameters:

element - a DOM Element which needs to be verified.

statementname - A specific name of a statement, for example, AuthnStatement, AuthzStatement or AttributeStatement

Returns:

true if the element is of the specific type; false otherwise.

byteArrayToString

public static String byteArrayToString(byte[] bytes)

Converts byte array to String.

Parameters:

bytes - Byte Array to be converted.

Returns:

result of the conversion.

intToTwoBytes

public static byte[] intToTwoBytes(int i)
                            throws SAML2Exception

Converts integer to byte array.

Parameters:

i - an integer value between 0 and 65535.

Returns:

a byte array whose length is 2.

Throws:

SAML2Exception - if the input is not between 0 and 65535.

twoBytesToInt

public static int twoBytesToInt(byte[] bytes)
                         throws SAML2Exception

Converts two bytes to an integer.

Parameters:

bytes - byte array whose length is 2.

Returns:

an integer value between 0 and 65535.

Throws:

SAML2Exception - if the input is null or the length is not 2.

generateMessageHandle

public static String generateMessageHandle()

Generates message handle used in an Artifact.

Returns:

String format of 20-byte sequence identifying a message.

stringToByteArray

public static byte[] stringToByteArray(String input)

Converts String to Byte Array.

Parameters:

input - String to be converted.

Returns:

result of the conversion.

byteArrayToHexString

public static String byteArrayToHexString(byte[] byteArray)

Converts byte array to Hex String.

Parameters:

byteArray - Byte Array to be converted.

Returns:

result of the conversion.

hexStringToByteArray

public static byte[] hexStringToByteArray(String hexString)

Converts Hex String to Byte Array.

Parameters:

hexString - Hex String to be converted.

Returns:

result of the conversion.

generateID

public static String generateID()

Generates ID.

Returns:

ID value.

getDiscoveryBootStrapResourceOffering

public static ResourceOffering getDiscoveryBootStrapResourceOffering(HttpServletRequest request)

Gets the Discovery bootstrap resource offering in an attribute statement. After a single sign-on with an Identity Provider, a service provider may get Discovery service esource Offerings through a SAML2 assertion. This APIs helps in retrieving the resource offerings if the user has been authenticated through the SAML2 SSO. It will need to have a valid single sign on token (generated through the SAML2 SSO).

Parameters:

request - HttpServletRequest associated with a user session.

Returns:

ResourceOffering Discovery Resource Offering, null if there is any failure or if there is not one

getDiscoveryBootStrapCredentials

public static List getDiscoveryBootStrapCredentials(HttpServletRequest request)

Gets the Discovery bootstrap credentials. After a single sign-on with an Identity Provider, a service provider may get Discovery bootstrap resource offerings and credentials through a SAML assertion. This APIs helps in retrieving the credentials if the user has been authenticated through the SAML2 SSO. It will need to have a valid single sign on token (generated through the SAML2 SSO).

Parameters:

request - HttpServletRequest associated with a user session.

Returns:

List of SecurityAssertions, null if there is any failure or if there is not one

createSOAPMessageString

public static String createSOAPMessageString(String xmlString)
                                      throws SAML2Exception

Creates SOAPMessage with the input XML String as message body.

Parameters:

xmlString - XML string to be put into SOAPMessage body.

Returns:

newly created SOAPMessage.

Throws:

javax.xml.soap.SOAPException - if it cannot create the SOAPMessage.

SAML2Exception

fillInBasicAuthInfo

public static String fillInBasicAuthInfo(BaseConfigType config,
                                         String locationURL)

Fills in basic auth user and password inside the location URL if configuration is done properly

Parameters:

config - Either an SPSSOConfigElement object , an IDPSSOConfigElement object or PEPConfigElement.

locationURL - The original location URL which is to be inserted with user:password@ before the hostname part and after //

Returns:

The modified location URL with the basic auth user and password if configured properly

StringToBoolean

public static Boolean StringToBoolean(String str)
                               throws SAML2Exception

Converts a value of XML boolean type to Boolean object.

Parameters:

str - a value of XML boolean type

Returns:

a Boolean object.

Throws:

SAML2Exception - if there is a syntax error

removeDeployUri

public static String removeDeployUri(String uri)

Removes deployment URI from the pass down string. i.e. from "/opensso/ArtifactResolver/metaAlias/idp" to "/ArtifactResolver/metaAlias/idp".

Parameters:

uri - the URI string which the deployment uri is to be removed return string without deployment uri

booleanValueOf

public static Boolean booleanValueOf(String value)

Returns the boolean value as a Boolean object.

Parameters:

value - boolean value true or false.