SAMLTestUtils.java

/**
 * Copyright (c) Istituto Nazionale di Fisica Nucleare (INFN). 2006-2016
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
 *     http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 */
package it.infn.cnaf.voms.test.saml_client;

import it.infn.cnaf.voms.saml.axis_serializers.DeserializerFactory;
import it.infn.cnaf.voms.saml.axis_serializers.SerializerFactory;
import it.infn.cnaf.voms.saml.axis_skeletons.AttributeAuthorityPortType;
import it.infn.cnaf.voms.saml.axis_skeletons.AttributeAuthorityServiceLocator;

import java.net.URL;
import java.util.UUID;

import javax.xml.rpc.encoding.TypeMapping;
import javax.xml.transform.OutputKeys;
import javax.xml.transform.Transformer;
import javax.xml.transform.TransformerFactory;
import javax.xml.transform.dom.DOMSource;
import javax.xml.transform.stream.StreamResult;

import org.glite.security.voms.service.admin.VOMSAdmin;
import org.glite.security.voms.service.admin.VOMSAdminServiceLocator;
import org.glite.security.voms.service.attributes.VOMSAttributes;
import org.glite.security.voms.service.attributes.VOMSAttributesServiceLocator;
import org.joda.time.DateTime;
import org.opensaml.Configuration;
import org.opensaml.common.SAMLVersion;
import org.opensaml.saml2.core.AttributeQuery;
import org.opensaml.saml2.core.Issuer;
import org.opensaml.saml2.core.NameID;
import org.opensaml.saml2.core.Response;
import org.opensaml.saml2.core.Subject;
import org.opensaml.saml2.core.impl.AttributeQueryBuilder;
import org.opensaml.saml2.core.impl.IssuerBuilder;
import org.opensaml.saml2.core.impl.NameIDBuilder;
import org.opensaml.saml2.core.impl.SubjectBuilder;
import org.opensaml.xml.XMLObject;
import org.opensaml.xml.XMLObjectBuilderFactory;
import org.opensaml.xml.io.Marshaller;
import org.opensaml.xml.io.MarshallerFactory;
import org.w3c.dom.Element;

import eu.emi.security.authn.x509.impl.OpensslNameUtils;

public class SAMLTestUtils {

  public static VOMSAdmin getVOMSAdminService(String host, String vo)
    throws Exception {

    String url = String.format("https://%s:8443/voms/%s/services/VOMSAdmin",
      host, vo);

    VOMSAdminServiceLocator loc = new VOMSAdminServiceLocator();
    return loc.getVOMSAdmin(new URL(url));

  }

  public static VOMSAttributes getVOMSAttributesService(String host, String vo)
    throws Exception {

    String url = String.format(
      "https://%s:8443/voms/%s/services/VOMSAttributes", host, vo);

    VOMSAttributesServiceLocator loc = new VOMSAttributesServiceLocator();
    return loc.getVOMSAttributes(new URL(url));

  }

  public static AttributeAuthorityPortType getVOMSSAMLService(String host,
    String vo) throws Exception {

    String url = String.format("https://%s:8443/voms/%s/services/VOMSSaml",
      host, vo);

    AttributeAuthorityServiceLocator loc = new AttributeAuthorityServiceLocator();
    TypeMapping typeMapping = loc.getTypeMappingRegistry()
      .getDefaultTypeMapping();

    typeMapping.register(AttributeQuery.class, AttributeQuery.TYPE_NAME,
      new SerializerFactory(), new DeserializerFactory());

    typeMapping.register(Response.class, Response.TYPE_NAME,
      new SerializerFactory(), new DeserializerFactory());

    AttributeAuthorityPortType aa = loc.getAttributeAuthorityPortType(new URL(
      url));

    return aa;

  }

  public static AttributeQuery buildAttributeQuery(String userDn, String voName)
    throws Exception {

    XMLObjectBuilderFactory bf = Configuration.getBuilderFactory();

    AttributeQueryBuilder qb = (AttributeQueryBuilder) bf
      .getBuilder(AttributeQuery.DEFAULT_ELEMENT_NAME);

    AttributeQuery query = qb.buildObject();

    query.setID(UUID.randomUUID().toString());
    query.setVersion(SAMLVersion.VERSION_20);

    query.setIssueInstant(new DateTime());

    IssuerBuilder issuerBuilder = (IssuerBuilder) bf
      .getBuilder(Issuer.DEFAULT_ELEMENT_NAME);

    Issuer issuer = issuerBuilder.buildObject();

    // Convert to rfc2253
    String opensslDn = OpensslNameUtils.opensslToRfc2253(userDn);

    issuer.setValue(opensslDn);
    issuer.setFormat(NameID.X509_SUBJECT);

    query.setIssuer(issuer);

    SubjectBuilder subjectBuilder = (SubjectBuilder) bf
      .getBuilder(Subject.DEFAULT_ELEMENT_NAME);
    Subject subject = subjectBuilder.buildObject();

    NameIDBuilder nameIdBuilder = (NameIDBuilder) bf
      .getBuilder(NameID.DEFAULT_ELEMENT_NAME);

    NameID requester = nameIdBuilder.buildObject();
    requester.setFormat(NameID.X509_SUBJECT);
    requester.setValue(opensslDn);

    subject.setNameID(requester);

    query.setSubject(subject);

    return query;
  }

  public static void printXMLObject(XMLObject xmlObject) throws Exception {

    Element element;

    MarshallerFactory marshallerFactory = Configuration.getMarshallerFactory();

    Marshaller marshaller = marshallerFactory.getMarshaller(xmlObject);
    element = marshaller.marshall(xmlObject);

    Transformer tr = TransformerFactory.newInstance().newTransformer();

    tr.setOutputProperty(OutputKeys.INDENT, "yes");
    tr.setOutputProperty(OutputKeys.METHOD, "xml");

    tr.setOutputProperty("{http://xml.apache.org/xslt}indent-amount",
      String.valueOf(4));

    tr.transform(new DOMSource(element), new StreamResult(System.out));

  }

}