View Javadoc

1   /*
2    * Copyright [2007] [University Corporation for Advanced Internet Development, Inc.]
3    *
4    * Licensed under the Apache License, Version 2.0 (the "License");
5    * you may not use this file except in compliance with the License.
6    * You may obtain a copy of the License at
7    *
8    * http://www.apache.org/licenses/LICENSE-2.0
9    *
10   * Unless required by applicable law or agreed to in writing, software
11   * distributed under the License is distributed on an "AS IS" BASIS,
12   * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13   * See the License for the specific language governing permissions and
14   * limitations under the License.
15   */
16  
17  package edu.internet2.middleware.shibboleth.common.config.relyingparty.saml;
18  
19  import java.util.ArrayList;
20  import java.util.List;
21  import java.util.Map;
22  
23  import javax.xml.namespace.QName;
24  
25  import org.opensaml.xml.util.DatatypeHelper;
26  import org.opensaml.xml.util.XMLHelper;
27  import org.springframework.beans.factory.support.BeanDefinitionBuilder;
28  import org.springframework.beans.factory.xml.AbstractSingleBeanDefinitionParser;
29  import org.springframework.beans.factory.xml.ParserContext;
30  import org.w3c.dom.Element;
31  
32  import edu.internet2.middleware.shibboleth.common.relyingparty.provider.CryptoOperationRequirementLevel;
33  
34  /**
35   * Base Spring configuration parser for SAML profile configurations.
36   */
37  public abstract class AbstractSAMLProfileConfigurationBeanDefinitionParser extends AbstractSingleBeanDefinitionParser {
38  
39      /** {@inheritDoc} */
40      protected void doParse(Element element, ParserContext parserContext, BeanDefinitionBuilder builder) {
41          builder.setLazyInit(true);
42          Map<QName, List<Element>> children = XMLHelper.getChildElements(element);
43  
44          List<Element> audienceElems = children.get(new QName(SAMLRelyingPartyNamespaceHandler.NAMESPACE, "Audience"));
45          if (audienceElems != null && audienceElems.size() > 0) {
46              ArrayList<String> audiences = new ArrayList<String>();
47              for (Element audienceElem : audienceElems) {
48                  audiences.add(DatatypeHelper.safeTrimOrNullString(audienceElem.getTextContent()));
49              }
50              builder.addPropertyValue("audiences", audiences);
51          }
52  
53          String secCredRef = DatatypeHelper.safeTrimOrNullString(element.getAttributeNS(null, "signingCredentialRef"));
54          if (secCredRef != null) {
55              builder.addDependsOn(secCredRef);
56              builder.addPropertyReference("signingCredential", secCredRef);
57          }
58  
59          if (element.hasAttributeNS(null, "assertionLifetime")) {
60              builder.addPropertyValue("assertionLifetime", Long.parseLong(DatatypeHelper.safeTrimOrNullString(element
61                      .getAttributeNS(null, "assertionLifetime"))));
62          } else {
63              builder.addPropertyValue("assertionLifetime", 300000L);
64          }
65  
66          String artifactType = DatatypeHelper.safeTrimOrNullString(element.getAttributeNS(null, "outboundArtifactType"));
67          if (artifactType != null) {
68              byte[] artifactTypeBytes = DatatypeHelper.intToByteArray(Integer.parseInt(artifactType));
69              byte[] trimmedArtifactTypeBytes = { artifactTypeBytes[2], artifactTypeBytes[3] };
70              builder.addPropertyValue("outboundArtifactType", trimmedArtifactTypeBytes);
71          }
72  
73          if (element.hasAttributeNS(null, "signRequests")) {
74              builder.addPropertyValue("signRequests", CryptoOperationRequirementLevel.valueOf(element.getAttributeNS(
75                      null, "signRequests")));
76          } else {
77              builder.addPropertyValue("signRequests", CryptoOperationRequirementLevel.conditional);
78          }
79          
80          if (element.hasAttributeNS(null, "signResponses")) {
81              builder.addPropertyValue("signResponses", CryptoOperationRequirementLevel.valueOf(element.getAttributeNS(
82                      null, "signResponses")));
83          } else {
84              builder.addPropertyValue("signResponses", CryptoOperationRequirementLevel.conditional);
85          }
86  
87          if (element.hasAttributeNS(null, "signAssertions")) {
88              builder.addPropertyValue("signAssertions", CryptoOperationRequirementLevel.valueOf(element.getAttributeNS(
89                      null, "signAssertions")));
90          } else {
91              builder.addPropertyValue("signAssertions", CryptoOperationRequirementLevel.never);
92          }
93  
94          String secPolRef = DatatypeHelper.safeTrimOrNullString(element.getAttributeNS(null, "securityPolicyRef"));
95          if (secPolRef != null) {
96              builder.addDependsOn(secPolRef);
97              builder.addPropertyReference("profileSecurityPolicy", secPolRef);
98          }
99      }
100 
101     /** {@inheritDoc} */
102     protected boolean shouldGenerateId() {
103         return true;
104     }
105 }