Coverage Report

Coverage Report - org.kuali.student.security.saml.service.SamlIssuerServiceImpl

Classes in this File

Line Coverage

Branch Coverage

Complexity

SamlIssuerServiceImpl

0/66

0/8

2.556

 /**
  * Copyright 2010 The Kuali Foundation Licensed under the
  * Educational Community License, Version 2.0 (the "License"); you may
  * not use this file except in compliance with the License. You may
  * obtain a copy of the License at
  *
  * http://www.osedu.org/licenses/ECL-2.0
  *
  * Unless required by applicable law or agreed to in writing,
  * software distributed under the License is distributed on an "AS IS"
  * BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
  * or implied. See the License for the specific language governing
  * permissions and limitations under the License.
  */
 
 package org.kuali.student.security.saml.service;
 
 import java.io.BufferedReader;
 import java.io.InputStreamReader;
 import java.io.StringWriter;
 import java.io.UnsupportedEncodingException;
 import java.net.HttpURLConnection;
 import java.net.URL;
 import java.net.URLEncoder;
 import java.util.HashMap;
 import java.util.Map;
 
 import javax.jws.WebService;
 import javax.xml.transform.Transformer;
 import javax.xml.transform.TransformerFactory;
 import javax.xml.transform.dom.DOMSource;
 import javax.xml.transform.stream.StreamResult;
 
 import org.jasig.cas.client.util.CommonUtils;
 import org.jasig.cas.client.util.XmlUtils;
 import org.kuali.student.security.exceptions.KSSecurityException;
 import org.kuali.student.security.util.SamlUtils;
 import org.opensaml.SAMLAssertion;
 import org.w3c.dom.Document;
 
 @WebService(endpointInterface = "org.kuali.student.security.saml.service.SamlIssuerService", serviceName = "SamlIssuerService", portName = "SamlIssuerService", targetNamespace = "http://student.kuali.org/wsdl/security/saml")
 public class SamlIssuerServiceImpl implements SamlIssuerService {
     
     private String casServerUrl;
     private String samlIssuerForUser;
     private String proxyCallBackUrl;
     
     public String validateCasProxyTicket(String proxyTicketId, String proxyTargetService) throws KSSecurityException{
         
         String url = constructUrl(proxyTicketId, proxyTargetService);
         HttpURLConnection conn = null;
         
         try {
             URL constructedUrl = new URL(url);
             conn = (HttpURLConnection) constructedUrl.openConnection();
 
             BufferedReader in = new BufferedReader(new InputStreamReader(conn.getInputStream()));
 
             String line;
             StringBuffer stringBuffer = new StringBuffer(255);
             String response;
 
             while ((line = in.readLine()) != null) {
                 stringBuffer.append(line);
             }
             
             response = stringBuffer.toString();
             String error = XmlUtils.getTextForElement(response, "authenticationFailure");
 
             if (CommonUtils.isNotEmpty(error)) {
                 return error;
             }
 
             String user = XmlUtils.getTextForElement(response, "user");
             String pgt  = XmlUtils.getTextForElement(response, "proxyGrantingTicket");
             String proxies = XmlUtils.getTextForElement(response, "proxies");
             
             Map<String,String> samlProperties = new HashMap<String,String>();
             samlProperties.put("user", user.trim());
             samlProperties.put("proxyGrantingTicket", pgt.trim());
             samlProperties.put("proxies", proxies.trim());
             samlProperties.put("samlIssuerForUser", samlIssuerForUser.trim());
             
             SamlUtils.setSamlProperties(samlProperties);
             SAMLAssertion samlAssertion = SamlUtils.createAssertion();
             
             Document signedSAML = SamlUtils.signAssertion(samlAssertion);
             
             // transform the saml DOM into a writer, and return as a string response
             DOMSource domSource = new DOMSource(signedSAML);
             StringWriter writer = new StringWriter();
             StreamResult result = new StreamResult(writer);
             
             TransformerFactory tf = TransformerFactory.newInstance();
             Transformer transformer;
             
             transformer = tf.newTransformer();
             transformer.transform(domSource, result);
             
             writer.flush();
             
             return writer.toString();
             
         } catch (final Exception e) {
             throw new KSSecurityException(e);
         } finally {
             if (conn != null) {
                 conn.disconnect();
             }
         }
     }
     
     private String constructUrl(String proxyTicketId, String proxyTargetService) throws KSSecurityException{
         try {
             return this.casServerUrl + (this.casServerUrl.endsWith("/") ? "" : "/") + "proxyValidate" + "?ticket=" 
             + proxyTicketId + "&service=" + URLEncoder.encode(proxyTargetService, "UTF-8") 
             + "&pgtUrl=" + URLEncoder.encode(proxyCallBackUrl, "UTF-8");
         } catch (UnsupportedEncodingException e) {
             throw new KSSecurityException(e);
         }
     }
 
     /* Use this method when not using a CAS proxy. 
      * Example if the ProxyTicketRetrieverFilter useCasProxyMechanism = false
      */
     public String getSamlPrincipal(String principal) throws KSSecurityException{
         try {      
             Map<String,String> samlProperties = new HashMap<String,String>();
             samlProperties.put("user", principal);
             samlProperties.put("proxyGrantingTicket", "");
             samlProperties.put("proxies", "");
             samlProperties.put("samlIssuerForUser", samlIssuerForUser.trim());
             
             SamlUtils.setSamlProperties(samlProperties);
             SAMLAssertion samlAssertion = SamlUtils.createAssertion();
             
             Document signedSAML = SamlUtils.signAssertion(samlAssertion);
             
             // transform the saml DOM into a writer, and return as a string response
             DOMSource domSource = new DOMSource(signedSAML);
             StringWriter writer = new StringWriter();
             StreamResult result = new StreamResult(writer);
             
             TransformerFactory tf = TransformerFactory.newInstance();
             Transformer transformer;
             
             transformer = tf.newTransformer();
             transformer.transform(domSource, result);
             
             writer.flush();
             
             return writer.toString();
             
         } catch (final Exception e) {
             throw new KSSecurityException(e);
         } 
 
     }
     
     public String getCasServerUrl() {
         return casServerUrl;
     }
 
     public void setCasServerUrl(String casServerUrl) {
         this.casServerUrl = casServerUrl;
     }
 
     public String getSamlIssuerForUser() {
         return samlIssuerForUser;
     }
 
     public void setSamlIssuerForUser(String samlIssuerForUser) {
         this.samlIssuerForUser = samlIssuerForUser;
     }
 
     public String getProxyCallBackUrl() {
         return proxyCallBackUrl;
     }
 
     public void setProxyCallBackUrl(String proxyCallBackUrl) {
         this.proxyCallBackUrl = proxyCallBackUrl;
     }
 }

1		/**
2		* Copyright 2010 The Kuali Foundation Licensed under the
3		* Educational Community License, Version 2.0 (the "License"); you may
4		* not use this file except in compliance with the License. You may
5		* obtain a copy of the License at
6		*
7		* http://www.osedu.org/licenses/ECL-2.0
8		*
9		* Unless required by applicable law or agreed to in writing,
10		* software distributed under the License is distributed on an "AS IS"
11		* BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
12		* or implied. See the License for the specific language governing
13		* permissions and limitations under the License.
14		*/
15
16		package org.kuali.student.security.saml.service;
17
18		import java.io.BufferedReader;
19		import java.io.InputStreamReader;
20		import java.io.StringWriter;
21		import java.io.UnsupportedEncodingException;
22		import java.net.HttpURLConnection;
23		import java.net.URL;
24		import java.net.URLEncoder;
25		import java.util.HashMap;
26		import java.util.Map;
27
28		import javax.jws.WebService;
29		import javax.xml.transform.Transformer;
30		import javax.xml.transform.TransformerFactory;
31		import javax.xml.transform.dom.DOMSource;
32		import javax.xml.transform.stream.StreamResult;
33
34		import org.jasig.cas.client.util.CommonUtils;
35		import org.jasig.cas.client.util.XmlUtils;
36		import org.kuali.student.security.exceptions.KSSecurityException;
37		import org.kuali.student.security.util.SamlUtils;
38		import org.opensaml.SAMLAssertion;
39		import org.w3c.dom.Document;
40
41		@WebService(endpointInterface = "org.kuali.student.security.saml.service.SamlIssuerService", serviceName = "SamlIssuerService", portName = "SamlIssuerService", targetNamespace = "http://student.kuali.org/wsdl/security/saml")
42	0	public class SamlIssuerServiceImpl implements SamlIssuerService {
43
44		private String casServerUrl;
45		private String samlIssuerForUser;
46		private String proxyCallBackUrl;
47
48		public String validateCasProxyTicket(String proxyTicketId, String proxyTargetService) throws KSSecurityException{
49
50	0	String url = constructUrl(proxyTicketId, proxyTargetService);
51	0	HttpURLConnection conn = null;
52
53		try {
54	0	URL constructedUrl = new URL(url);
55	0	conn = (HttpURLConnection) constructedUrl.openConnection();
56
57	0	BufferedReader in = new BufferedReader(new InputStreamReader(conn.getInputStream()));
58
59		String line;
60	0	StringBuffer stringBuffer = new StringBuffer(255);
61		String response;
62
63	0	while ((line = in.readLine()) != null) {
64	0	stringBuffer.append(line);
65		}
66
67	0	response = stringBuffer.toString();
68	0	String error = XmlUtils.getTextForElement(response, "authenticationFailure");
69
70	0	if (CommonUtils.isNotEmpty(error)) {
71	0	return error;
72		}
73
74	0	String user = XmlUtils.getTextForElement(response, "user");
75	0	String pgt = XmlUtils.getTextForElement(response, "proxyGrantingTicket");
76	0	String proxies = XmlUtils.getTextForElement(response, "proxies");
77
78	0	Map<String,String> samlProperties = new HashMap<String,String>();
79	0	samlProperties.put("user", user.trim());
80	0	samlProperties.put("proxyGrantingTicket", pgt.trim());
81	0	samlProperties.put("proxies", proxies.trim());
82	0	samlProperties.put("samlIssuerForUser", samlIssuerForUser.trim());
83
84	0	SamlUtils.setSamlProperties(samlProperties);
85	0	SAMLAssertion samlAssertion = SamlUtils.createAssertion();
86
87	0	Document signedSAML = SamlUtils.signAssertion(samlAssertion);
88
89		// transform the saml DOM into a writer, and return as a string response
90	0	DOMSource domSource = new DOMSource(signedSAML);
91	0	StringWriter writer = new StringWriter();
92	0	StreamResult result = new StreamResult(writer);
93
94	0	TransformerFactory tf = TransformerFactory.newInstance();
95		Transformer transformer;
96
97	0	transformer = tf.newTransformer();
98	0	transformer.transform(domSource, result);
99
100	0	writer.flush();
101
102	0	return writer.toString();
103
104	0	} catch (final Exception e) {
105	0	throw new KSSecurityException(e);
106		} finally {
107	0	if (conn != null) {
108	0	conn.disconnect();
109		}
110		}
111		}
112
113		private String constructUrl(String proxyTicketId, String proxyTargetService) throws KSSecurityException{
114		try {
115	0	return this.casServerUrl + (this.casServerUrl.endsWith("/") ? "" : "/") + "proxyValidate" + "?ticket="
116		+ proxyTicketId + "&service=" + URLEncoder.encode(proxyTargetService, "UTF-8")
117		+ "&pgtUrl=" + URLEncoder.encode(proxyCallBackUrl, "UTF-8");
118	0	} catch (UnsupportedEncodingException e) {
119	0	throw new KSSecurityException(e);
120		}
121		}
122
123		/* Use this method when not using a CAS proxy.
124		* Example if the ProxyTicketRetrieverFilter useCasProxyMechanism = false
125		*/
126		public String getSamlPrincipal(String principal) throws KSSecurityException{
127		try {
128	0	Map<String,String> samlProperties = new HashMap<String,String>();
129	0	samlProperties.put("user", principal);
130	0	samlProperties.put("proxyGrantingTicket", "");
131	0	samlProperties.put("proxies", "");
132	0	samlProperties.put("samlIssuerForUser", samlIssuerForUser.trim());
133
134	0	SamlUtils.setSamlProperties(samlProperties);
135	0	SAMLAssertion samlAssertion = SamlUtils.createAssertion();
136
137	0	Document signedSAML = SamlUtils.signAssertion(samlAssertion);
138
139		// transform the saml DOM into a writer, and return as a string response
140	0	DOMSource domSource = new DOMSource(signedSAML);
141	0	StringWriter writer = new StringWriter();
142	0	StreamResult result = new StreamResult(writer);
143
144	0	TransformerFactory tf = TransformerFactory.newInstance();
145		Transformer transformer;
146
147	0	transformer = tf.newTransformer();
148	0	transformer.transform(domSource, result);
149
150	0	writer.flush();
151
152	0	return writer.toString();
153
154	0	} catch (final Exception e) {
155	0	throw new KSSecurityException(e);
156		}
157
158		}
159
160		public String getCasServerUrl() {
161	0	return casServerUrl;
162		}
163
164		public void setCasServerUrl(String casServerUrl) {
165	0	this.casServerUrl = casServerUrl;
166	0	}
167
168		public String getSamlIssuerForUser() {
169	0	return samlIssuerForUser;
170		}
171
172		public void setSamlIssuerForUser(String samlIssuerForUser) {
173	0	this.samlIssuerForUser = samlIssuerForUser;
174	0	}
175
176		public String getProxyCallBackUrl() {
177	0	return proxyCallBackUrl;
178		}
179
180		public void setProxyCallBackUrl(String proxyCallBackUrl) {
181	0	this.proxyCallBackUrl = proxyCallBackUrl;
182	0	}
183		}