1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17 package edu.internet2.middleware.shibboleth.common.config.relyingparty.saml;
18
19 import java.util.List;
20 import java.util.Map;
21
22 import javax.xml.namespace.QName;
23
24 import org.opensaml.xml.util.DatatypeHelper;
25 import org.opensaml.xml.util.LazyList;
26 import org.opensaml.xml.util.XMLHelper;
27 import org.springframework.beans.factory.support.BeanDefinitionBuilder;
28 import org.springframework.beans.factory.xml.AbstractSingleBeanDefinitionParser;
29 import org.springframework.beans.factory.xml.ParserContext;
30 import org.w3c.dom.Element;
31
32 import edu.internet2.middleware.shibboleth.common.config.SpringConfigurationUtils;
33 import edu.internet2.middleware.shibboleth.common.relyingparty.provider.CryptoOperationRequirementLevel;
34
35
36
37
38 public abstract class AbstractSAMLProfileConfigurationBeanDefinitionParser extends AbstractSingleBeanDefinitionParser {
39
40
41 protected void doParse(Element element, ParserContext parserContext, BeanDefinitionBuilder builder) {
42 builder.setLazyInit(true);
43 Map<QName, List<Element>> children = XMLHelper.getChildElements(element);
44
45 List<Element> audienceElems = children.get(new QName(SAMLRelyingPartyNamespaceHandler.NAMESPACE, "Audience"));
46 if (audienceElems != null && audienceElems.size() > 0) {
47 LazyList<String> audiences = new LazyList<String>();
48 for (Element audienceElem : audienceElems) {
49 audiences.add(DatatypeHelper.safeTrimOrNullString(audienceElem.getTextContent()));
50 }
51 builder.addPropertyValue("audiences", audiences);
52 }
53
54 String secCredRef = DatatypeHelper.safeTrimOrNullString(element.getAttributeNS(null, "signingCredentialRef"));
55 if (secCredRef != null) {
56 builder.addDependsOn(secCredRef);
57 builder.addPropertyReference("signingCredential", secCredRef);
58 }
59
60 long lifetime = 300000L;
61 if (element.hasAttributeNS(null, "assertionLifetime")) {
62 lifetime = SpringConfigurationUtils.parseDurationToMillis(
63 "'assertionLifetime' on profile configuration of type " + XMLHelper.getXSIType(element), element
64 .getAttributeNS(null, "assertionLifetime"), 0);
65 }
66 builder.addPropertyValue("assertionLifetime", 300000L);
67
68 String artifactType = DatatypeHelper.safeTrimOrNullString(element.getAttributeNS(null, "outboundArtifactType"));
69 if (artifactType != null) {
70 byte[] artifactTypeBytes = DatatypeHelper.intToByteArray(Integer.parseInt(artifactType));
71 byte[] trimmedArtifactTypeBytes = { artifactTypeBytes[2], artifactTypeBytes[3] };
72 builder.addPropertyValue("outboundArtifactType", trimmedArtifactTypeBytes);
73 }
74
75 if (element.hasAttributeNS(null, "signRequests")) {
76 builder.addPropertyValue("signRequests", CryptoOperationRequirementLevel.valueOf(element.getAttributeNS(
77 null, "signRequests")));
78 } else {
79 builder.addPropertyValue("signRequests", CryptoOperationRequirementLevel.conditional);
80 }
81
82 if (element.hasAttributeNS(null, "signResponses")) {
83 builder.addPropertyValue("signResponses", CryptoOperationRequirementLevel.valueOf(element.getAttributeNS(
84 null, "signResponses")));
85 } else {
86 builder.addPropertyValue("signResponses", CryptoOperationRequirementLevel.never);
87 }
88
89 if (element.hasAttributeNS(null, "signAssertions")) {
90 builder.addPropertyValue("signAssertions", CryptoOperationRequirementLevel.valueOf(element.getAttributeNS(
91 null, "signAssertions")));
92 } else {
93 builder.addPropertyValue("signAssertions", CryptoOperationRequirementLevel.conditional);
94 }
95
96 String secPolRef = DatatypeHelper.safeTrimOrNullString(element.getAttributeNS(null, "securityPolicyRef"));
97 if (secPolRef != null) {
98 builder.addDependsOn(secPolRef);
99 builder.addPropertyReference("profileSecurityPolicy", secPolRef);
100 }
101 }
102
103
104 protected boolean shouldGenerateId() {
105 return true;
106 }
107 }