DiscoveryServiceHandler xref

From b5c41b83249677bf1dec46de4a7ce97fee55729e Mon Sep 17 00:00:00 2001 From: Leif Johansson Date: Thu, 3 Nov 2011 10:53:40 +0100 Subject: import 1.1.3 --- .../shibboleth/wayf/DiscoveryServiceHandler.html | 1016 -------------------- 1 file changed, 1016 deletions(-) delete mode 100644 doc/src-xref/edu/internet2/middleware/shibboleth/wayf/DiscoveryServiceHandler.html (limited to 'doc/src-xref/edu/internet2/middleware/shibboleth/wayf/DiscoveryServiceHandler.html') diff --git a/doc/src-xref/edu/internet2/middleware/shibboleth/wayf/DiscoveryServiceHandler.html b/doc/src-xref/edu/internet2/middleware/shibboleth/wayf/DiscoveryServiceHandler.html deleted file mode 100644 index 9f4e4ed..0000000 --- a/doc/src-xref/edu/internet2/middleware/shibboleth/wayf/DiscoveryServiceHandler.html +++ /dev/null @@ -1,1016 +0,0 @@ - - - - -DiscoveryServiceHandler xref - - - -
View Javadoc
-
-1   /**
-2    * Copyright [2006] [University Corporation for Advanced Internet Development, Inc.]
-3    *
-4    * Licensed under the Apache License, Version 2.0 (the "License");
-5    * you may not use this file except in compliance with the License.
-6    * You may obtain a copy of the License at
-7    *
-8    * http://www.apache.org/licenses/LICENSE-2.0
-9    *
-10   * Unless required by applicable law or agreed to in writing, software
-11   * distributed under the License is distributed on an "AS IS" BASIS,
-12   * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-13   * See the License for the specific language governing permissions and
-14   * limitations under the License.
-15   */
-16  package edu.internet2.middleware.shibboleth.wayf;
-17  
-18  import java.io.IOException;
-19  import java.io.UnsupportedEncodingException;
-20  import java.net.MalformedURLException;
-21  import java.net.URL;
-22  import java.net.URLDecoder;
-23  import java.net.URLEncoder;
-24  import java.util.ArrayList;
-25  import java.util.Collection;
-26  import java.util.Comparator;
-27  import java.util.Date;
-28  import java.util.HashSet;
-29  import java.util.Hashtable;
-30  import java.util.List;
-31  import java.util.Locale;
-32  import java.util.Map;
-33  import java.util.Set;
-34  import java.util.TreeSet;
-35  
-36  import javax.servlet.RequestDispatcher;
-37  import javax.servlet.ServletException;
-38  import javax.servlet.http.HttpServletRequest;
-39  import javax.servlet.http.HttpServletResponse;
-40  
-41  import org.opensaml.saml2.common.Extensions;
-42  import org.opensaml.saml2.metadata.EntityDescriptor;
-43  import org.opensaml.saml2.metadata.RoleDescriptor;
-44  import org.opensaml.saml2.metadata.SPSSODescriptor;
-45  import org.opensaml.xml.XMLObject;
-46  import org.slf4j.Logger;
-47  import org.slf4j.LoggerFactory;
-48  import org.w3c.dom.Element;
-49  import org.w3c.dom.NodeList;
-50  
-51  import edu.internet2.middleware.shibboleth.common.ShibbolethConfigurationException;
-52  import edu.internet2.middleware.shibboleth.wayf.plugins.Plugin;
-53  import edu.internet2.middleware.shibboleth.wayf.plugins.PluginContext;
-54  import edu.internet2.middleware.shibboleth.wayf.plugins.PluginMetadataParameter;
-55  import edu.internet2.middleware.shibboleth.wayf.plugins.WayfRequestHandled;
-56  
-57  /**
-58    * Specific handler for each version of the Discovery Service. 
-59    */
-60  public class DiscoveryServiceHandler {
-61  
-62      /*
-63       * Protcol parameters - Old.
-64       */
-65      /**
-66       * Shire is the SP Assertion Consumer endpoint.
-67       */
-68      private static final String SHIRE_PARAM_NAME = "shire";
-69      /**
-70       * TargetName is where we are trying to get to.
-71       */
-72      private static final String TARGET_PARAM_NAME = "target";
-73      /**
-74       * time is to do with replay attack.
-75       */
-76      private static final String TIME_PARAM_NAME = "time";
-77      /**
-78       * This is the ID (in the metadata) of the SP.
-79       */
-80      private static final String PROVIDERID_PARAM_NAME = "providerId";
-81      
-82      /*
-83       * Protocol parameters - New
-84       */
-85      /**
-86       * The SP id.
-87       */
-88      private static final String ENTITYID_PARAM_NAME = "entityID";
-89      /**
-90       * Where to send the request back to.
-91       */
-92      private static final String RETURN_PARAM_NAME = "return";
-93      /**
-94       * "return" is an invalid attribute, so we use returnX.
-95       */
-96      private static final String RETURN_ATTRIBUTE_NAME = "returnX";
-97      /**
-98       * Alternatively the index of where to send the address back to.
-99       */
-100     private static final String RETURN_INDEX_NAME = "returnIndex";
-101     
-102     /**
-103      * What value to put the ID of the selected metadata into.
-104      */
-105     private static final String RETURNID_PARAM_NAME = "returnIDParam";
-106     
-107     /**
-108      * What returnIDParam defaults to.
-109      */
-110     private static final String RETURNID_DEFAULT_VALUE = "entityID";
-111     /**
-112      * Whether we are allowed to interact.
-113      */
-114     private static final String ISPASSIVE_PARAM_NAME = "isPassive";
-115     
-116     /**
-117      * Whether we understand this or not.
-118      */
-119     private static final String POLICY_PARAM_NAME = "policy";
-120 
-121     /**
-122      * The only policy we know about.
-123      */
-124     private static final String KNOWN_POLICY_NAME 
-125         = "urn:oasis:names:tc:SAML:profiles:SSO:idp-discoveryprotocol:single";
-126     
-127     /**
-128      * Mandatory Serialization constant.
-129      */
-130     private static final  Logger LOG = LoggerFactory.getLogger(DiscoveryServiceHandler.class.getName());
-131 
-132     /**
-133      * The location defines the last part of the URL which distinguished this handler. 
-134      */
-135     private final String location;
-136     
-137     /**
-138      * If isDefault is true then if there is a mismatch then this handler is used.  
-139      */
-140     private final boolean isDefault;
-141     
-142     /**
-143      * Config handles detailed behavior.
-144      */
-145     private final HandlerConfig config;
-146     
-147     /**
-148      * The list of all the metadata providers that this discovery handler believes in.
-149      */
-150     private final List <IdPSiteSet> siteSets;
-151     
-152     /**
-153      * The list of all the plugins that this hanlder has had configured.
-154      */
-155     private final List <Plugin> plugins;
-156     
-157     /**
-158      * Constructor to create and configure the handler.
-159      * @param config - DOM Element with configuration information.
-160      * @param federations - Supplies all known providers which will be included if so configured.
-161      * @param plugins - Supplies all known plugins which will be included if configured in. 
-162      * @param defaultConfig - The default configurations.
-163      * @throws ShibbolethConfigurationException - if we find something odd in the config file. 
-164      */
-165     protected DiscoveryServiceHandler(Element config, 
-166                                       Hashtable <String, IdPSiteSet> federations,
-167                                       Hashtable <String, Plugin> plugins, 
-168                                       HandlerConfig defaultConfig) throws ShibbolethConfigurationException
-169     {
-170         siteSets = new ArrayList <IdPSiteSet>(federations.size());
-171         this.plugins = new ArrayList <Plugin>(plugins.size());
-172 
-173         //
-174         // Collect the Configuration from the XML
-175         //
-176         
-177         this.config = new HandlerConfig(config, defaultConfig);
-178         
-179         location = config.getAttribute("location");
-180         
-181         if (location == null || location.equals("")) {
-182                 
-183                 LOG.error("DiscoveryService must have a location specified");
-184                 throw new ShibbolethConfigurationException("DiscoveryService must have a location specified");  
-185         }
-186         
-187         //
-188         // Is this the default WAYF?
-189         //
-190         
-191         String attribute = config.getAttribute("default");
-192         if (attribute != null && !attribute.equals("")) {
-193                 isDefault = Boolean.valueOf(attribute).booleanValue();
-194         } else {
-195                 isDefault = true;
-196         }
-197         
-198         //
-199         // Which federations (sitesets) do we care about?
-200         //
-201         
-202         NodeList list = config.getElementsByTagName("Federation");
-203                 
-204         for (int i = 0; i < list.getLength(); i++ ) {
-205                     
-206             attribute = ((Element) list.item(i)).getAttribute("identifier");
-207                     
-208                 IdPSiteSet siteset = federations.get(attribute);
-209                 
-210                 if (siteset == null) {
-211                     LOG.error("Handler " + location + ": could not find metadata for <Federation> with identifier " + attribute + ".");
-212                     throw new ShibbolethConfigurationException(
-213                            "Handler " + location + ": could not find metadata for  <Federation> identifier " + attribute + ".");
-214                 }
-215                 
-216                 siteSets.add(siteset);
-217         }
-218 
-219         if (siteSets.size() == 0) {
-220             //
-221             // No Federations explicitly named pick em all
-222             //
-223             siteSets.addAll(federations.values());
-224         }
-225         
-226         //
-227         // Now, which plugins?
-228         //
-229 
-230         list = config.getElementsByTagName("PluginInstance");
-231         
-232         for (int i = 0; i < list.getLength(); i++ ) {
-233                     
-234             attribute = ((Element) list.item(i)).getAttribute("identifier");
-235                     
-236                 Plugin plugin = plugins.get(attribute);
-237                 
-238                 if (plugin == null) {
-239                     LOG.error("Handler " + location + ": could not find plugin for identifier " + attribute);
-240                     throw new ShibbolethConfigurationException(
-241                               "Handler " + location + ": could not find plugin for identifier " + attribute);
-242                 }
-243                 
-244                 this.plugins.add(plugin);
-245         }
-246 
-247         //
-248         // So now tell every IdPSite about every plugin.
-249         //
-250         // Note that there is only one idpsite per metadatafile per WAYF and that the discovery 
-251         // services share them, so the data explosion is only number(IdpSites) * number(Plugins) not
-252         // number(IdpSites) * number(Plugins) * number(DiscoverHandlers)
-253         
-254         for (IdPSiteSet site: siteSets) {
-255             for (Plugin plugin: this.plugins) {
-256                 site.addPlugin(plugin);
-257             }
-258         }
-259     }
-260     
-261     
-262     //
-263     // Standard Beany Methods
-264     //
-265     /**
-266      * The 'Name' of the service. the path used to identify the ServiceHandler.
-267      * @return the path used to identify the ServiceHandler.
-268      */
-269     
-270     protected String getLocation() {
-271         return location;
-272     }
-273 
-274     /**
-275      * Whether this is the default service.
-276      * @return is it?
-277      */
-278     protected boolean isDefault() {
-279         return isDefault;
-280     }
-281     
-282     //
-283     // Now the bits that deal with the user request
-284     //
-285 
-286     public void doGet(HttpServletRequest req, HttpServletResponse res) {
-287         
-288         String policy = req.getParameter(POLICY_PARAM_NAME);
-289         
-290         if (null != policy && !KNOWN_POLICY_NAME.equals(policy)) {
-291             //
-292             // unknown policy
-293             //
-294             LOG.error("Unknown policy " + policy);
-295             handleError(req, res, "Unknown policy " + policy);
-296             return;
-297         }
-298         
-299         //
-300         // Decide how to route the request based on query string
-301         //
-302         String requestType = req.getParameter("action");
-303         
-304         if (requestType == null || requestType.equals("")) {
-305             requestType = "lookup";
-306         }
-307         
-308         try {
-309 
-310             if (requestType.equals("search")) {
-311                     
-312                 String parameter = req.getParameter("string"); 
-313                 if (parameter != null && parameter.equals("")) {
-314                         parameter = null;
-315                 }
-316                 handleLookup(req, res, parameter);
-317                     
-318             } else if (requestType.equals("selection")) {
-319                     
-320                 handleSelection(req, res);
-321             } else {
-322                 handleLookup(req, res, null);
-323             }
-324         } catch (WayfException we) {
-325             LOG.error("Error processing DS request:", we);
-326             handleError(req, res, we.getLocalizedMessage());
-327         } catch (WayfRequestHandled we) {
-328             //
-329             // Yuck - a sucess path involving an exception
-330             //
-331         }
-332 
-333     }
-334         
-335     /**
-336      * When the WAYF user has selected something we look it up, tell the plugins and then dispatch to the Idp.
-337      *  
-338      * @param req - standard J2EE stuff
-339      * @param res - standard J2EE stuff
-340      * @throws WayfRequestHandled - if one of the plugins has done the dispatch
-341      * @throws WayfException - if we had an errors
-342      */
-343     private void handleSelection(HttpServletRequest req, 
-344                                  HttpServletResponse res) throws WayfRequestHandled, WayfException 
-345      {
-346             
-347         String idpName = req.getParameter("origin");
-348         LOG.debug("Processing handle selection: " + idpName);
-349 
-350         String sPName = getSPId(req);
-351 
-352         if (idpName == null || idpName.equals("")) {
-353             handleLookup(req, res, null);
-354             return;
-355         }
-356 
-357         if (getValue(req, SHIRE_PARAM_NAME) == null) {
-358             //
-359             // 2.0 protocol
-360             //
-361             setupReturnAddress(sPName, req);
-362         }
-363         //
-364         // Notify plugins
-365         //
-366         IdPSite site = null; 
-367         
-368         for (Plugin plugin:plugins) {
-369             for (IdPSiteSet idPSiteSet: siteSets) {
-370                 PluginMetadataParameter param = idPSiteSet.paramFor(plugin);
-371                 plugin.selected(req, res, param, idpName);
-372                 if (site == null && idPSiteSet.containsIdP(idpName)) {
-373                     site = idPSiteSet.getSite(idpName);
-374                 }
-375             }
-376         }
-377         
-378         if (site == null) {
-379             handleLookup(req, res, null);
-380         } else {
-381             forwardRequest(req, res, site);
-382         }
-383     }
-384 
-385 
-386     /**
-387      * This sets up the parameter RETURN_ATTRIBUTE_NAME with the return address 
-388      * harvested from the reqest.
-389      * <ul><le>If a "return" parameter is present we check in the metadata for spoofing 
-390      *         and then set up from there </le>
-391      *     <le>If "returnID" is specified we get this from the metadata</le>
-392      *     <le>If nothing is provided we get the default from the metadata (if provided)</le>
-393      *     <le>Otherwise we whine</le>
-394      * </ul>     
-395      * @param spName - the name of the Service provider.
-396      * @param req - The request.
-397      * @throws WayfException - if we spot spoofing or there is no defaumlt 
-398      */
-399     private void setupReturnAddress(String spName, HttpServletRequest req) throws WayfException{
-400         
-401         DiscoveryResponseImpl[] discoveryServices;
-402         Set<XMLObject> objects = new HashSet<XMLObject>();
-403         String defaultName = null;
-404         
-405         for (IdPSiteSet metadataProvider:siteSets) {
-406             
-407             //
-408             // Only do work if the SP makes sense
-409             //
-410 
-411             if (metadataProvider.containsSP(spName)) {
-412                
-413                 //
-414                 // The name makes sense so let's get the entity and from that
-415                 // all of its roles
-416                 //
-417                 
-418                 EntityDescriptor entity = metadataProvider.getEntity(spName);
-419                 List<RoleDescriptor> roles = entity.getRoleDescriptors();
-420                 
-421                 for (RoleDescriptor role:roles) {
-422                     
-423                     //
-424                     // Check every role
-425                     //
-426                     
-427                     if (role instanceof SPSSODescriptor) {
-428                         
-429                         //
-430                         // And grab hold of all the extensions for SPSSO descriptors
-431                         //
-432                         
-433                         Extensions exts = role.getExtensions();
-434                         if (exts != null) {
-435                             objects.addAll(exts.getOrderedChildren());
-436                         }
-437                     }
-438                 }
-439             }
-440         }
-441         
-442         //
-443         // Now, let's strip out everything which isn't a DiscoveryService
-444         //
-445         
-446         discoveryServices = new DiscoveryResponseImpl[objects.size()];
-447         int dsCount = 0;
-448         
-449         for (XMLObject obj:objects) {
-450             if (obj instanceof DiscoveryResponseImpl) {
-451                 DiscoveryResponseImpl ds = (DiscoveryResponseImpl) obj;
-452                 discoveryServices[dsCount++] = ds;
-453                 if (ds.isDefault() || null == defaultName) {
-454                     defaultName = ds.getLocation();
-455                 }
-456             }
-457         }
-458         
-459         //
-460         // Now process the return parameters.  The name is either a parameter
-461         // called RETURN_PARAM_NAME or an attributes called RETURN_ATTRIBUTE_NAME
-462         //
-463         String returnName = req.getParameter(RETURN_PARAM_NAME);
-464         
-465         if (returnName == null || returnName.length() == 0) {
-466             returnName = getValue(req, RETURN_ATTRIBUTE_NAME);
-467         }
-468         
-469         //
-470         // Return index is only ever a parameter
-471         //
-472         
-473         String returnIndex = req.getParameter(RETURN_INDEX_NAME);
-474         
-475         if (returnName != null && returnName.length() != 0) {
-476             //
-477             // Given something so we have to police it.
-478             //
-479             String nameNoParam = returnName;
-480             URL providedReturnURL;
-481             int index = nameNoParam.indexOf('?');
-482             boolean found = false;
-483             
-484             if (index >= 0) {
-485                 nameNoParam = nameNoParam.substring(0,index);
-486             }
-487             
-488             try {
-489                 providedReturnURL = new URL(nameNoParam);                
-490             } catch (MalformedURLException e) {
-491                 throw new WayfException("Couldn't parse provided return name " + nameNoParam, e);
-492             }
-493             
-494             
-495             for (DiscoveryResponseImpl disc: discoveryServices) {
-496                 if (equalsURL(disc, providedReturnURL)) {
-497                     found = true;
-498                     break;
-499                 }
-500             }
-501             if (!found) {
-502                 throw new WayfException("Couldn't find endpoint " + nameNoParam + " in metadata");
-503             }
-504         } else if (returnIndex != null && returnIndex.length() != 0) {
-505             
-506             int index; 
-507             try {
-508                 index = Integer.parseInt(returnIndex);
-509             } catch (NumberFormatException e) {
-510                 throw new WayfException("Couldn't convert " + returnIndex + " into an index");
-511             }
-512             //
-513             // So look throught to find the endpoint with the correct index
-514             //
-515 
-516             boolean found = false;
-517             
-518             for (DiscoveryResponseImpl disc: discoveryServices) {
-519                 if (index  == disc.getIndex()) {
-520                     found = true;
-521                     returnName = disc.getLocation();
-522                     break;
-523                 }
-524             }
-525             if (!found) {
-526                 throw new WayfException("Couldn't not find endpoint " + returnIndex + "in metadata");
-527             }
-528         } else {
-529             //
-530             // No name, not index, so we want the default
-531             //
-532             returnName = defaultName;
-533         }
-534         //
-535         // So by now returnName has the correct value, either harvested from or
-536         // policed against the metadata
-537         //
-538         req.setAttribute(RETURN_ATTRIBUTE_NAME, returnName);
-539     }
-540 
-541     /**
-542      * Helper function to see whather the provided endpoint in the metadata matches the 
-543      * provided return URL in the request.
-544      * 
-545      * @param discovery
-546      * @param providedName
-547      * @return
-548      */
-549     private static boolean equalsURL(DiscoveryResponseImpl discovery, URL providedName) {
-550         
-551         //
-552         // Nothing provided - no match
-553         //
-554         if (null == discovery) {
-555             return false;
-556         }
-557         
-558         URL discoveryName;
-559         try {
-560             discoveryName = new URL(discovery.getLocation());
-561         } catch (MalformedURLException e) {
-562             //
-563             // Something bad happened.  Log it (it is only of interest to the sysadmin, not to the user)
-564             //
-565             LOG.warn("Found invalid discovery end point : " + discovery.getLocation(), e);
-566             return false;
-567         }
-568         
-569         return providedName.equals(discoveryName);
-570         
-571     }
-572 
-573     /**
-574      * Displays a Discovery Service selection page, having first consulted the plugins as needed.
-575      * @param req Describes the request
-576      * @param res Describes the response
-577      * @param searchName What are we looking for?
-578      * 
-579      * @throws WayfRequestHandled if a plugin has dealt with the request
-580      * @throws WayfException in case of an error.
-581      */
-582     private void handleLookup(HttpServletRequest req, 
-583                               HttpServletResponse res, 
-584                               String searchName) throws WayfException, WayfRequestHandled {
-585         
-586         String shire = getValue(req, SHIRE_PARAM_NAME);
-587         String providerId = getSPId(req);
-588         boolean twoZeroProtocol = (shire == null);
-589         boolean isPassive = (twoZeroProtocol && 
-590                              "true".equalsIgnoreCase(getValue(req, ISPASSIVE_PARAM_NAME)));
-591 
-592         Collection <IdPSiteSetEntry> siteLists = null;
-593         Collection<IdPSite> searchResults = null;
-594         
-595         if (config.getProvideListOfLists()) {
-596             siteLists = new ArrayList <IdPSiteSetEntry>(siteSets.size());
-597         }
-598 
-599         Collection <IdPSite> sites = null;
-600         Comparator<IdPSite> comparator = new IdPSite.Compare(req);
-601        
-602         if (config.getProvideList()) {
-603             sites = new TreeSet<IdPSite>(comparator);
-604         }
-605 
-606         if (searchName != null && !searchName.equals("")) {
-607             searchResults = new TreeSet<IdPSite>(comparator);
-608         }
-609 
-610         LOG.debug("Processing Idp Lookup for : " + providerId);
-611 
-612         //
-613         // Iterate over all the sitesets and if they know about the SP pass them to the plugins
-614         // and then add them too the list
-615         //
-616 
-617         PluginContext[] ctx = new PluginContext[plugins.size()];
-618         List<IdPSite> hintList = new ArrayList<IdPSite>();
-619         
-620         if (twoZeroProtocol) {
-621             setupReturnAddress(providerId, req);
-622         }
-623         //
-624         // By having siteLists and sites as parameters we only iterate over 
-625         // the metadata arrays once.
-626         //
-627         try {   
-628             for (IdPSiteSet metadataProvider:siteSets) {
-629                 
-630                 //
-631                 // Only do work if the SP makes sense
-632                 //
-633 
-634                 if (metadataProvider.containsSP(providerId) || !config.getLookupSp()) {
-635 
-636                     Collection <IdPSite> search = null;
-637                     
-638                     if (searchResults != null) {
-639                         search = new TreeSet<IdPSite>(comparator);
-640                     }
-641 
-642                     Map <String, IdPSite> theseSites = metadataProvider.getIdPSites(searchName, config, search);
-643                     
-644                     //
-645                     // Consult the plugins
-646                     //
-647                     for (int i = 0; i < plugins.size(); i++) {
-648                             
-649                         Plugin plugin = plugins.get(i);
-650                         
-651                         if (searchResults == null) {
-652                             //
-653                             // This was a search
-654                             //
-655                             ctx[i] = plugin.lookup(req, 
-656                                                    res, 
-657                                                    metadataProvider.paramFor(plugin), 
-658                                                    theseSites, 
-659                                                    ctx[i], 
-660                                                    hintList);
-661                         } else {
-662                             ctx[i] = plugin.search(req, 
-663                                                    res, 
-664                                                    metadataProvider.paramFor(plugin), 
-665                                                    searchName, 
-666                                                    theseSites, 
-667                                                    ctx[i], 
-668                                                    searchResults, 
-669                                                    hintList);
-670                         }
-671                     }
-672                     
-673                     if (null == theseSites || theseSites.isEmpty()) {
-674                         continue;
-675                     }
-676                     
-677                     //
-678                         
-679                     // Accumulate any per-metadata provider information
-680                     // 
-681             
-682                     Collection<IdPSite> values = new TreeSet<IdPSite>(comparator);
-683                     if (null != theseSites) {
-684                         values.addAll(theseSites.values());
-685                     }
-686                     
-687                     if (siteLists != null) {
-688                         siteLists.add(new IdPSiteSetEntry(metadataProvider,values));
-689                     }
-690                             
-691                     if (sites != null) {
-692                         sites.addAll(values);
-693                     }
-694                     
-695                     if (searchResults != null) {
-696                         searchResults.addAll(search);
-697                     }
-698                 }
-699             }
-700             
-701             if (isPassive) {
-702                 //
-703                 // No GUI intervention.
-704                 //
-705                 if (0 != hintList.size()) {
-706                     //
-707                     // We found a candidate, hand it back
-708                     //
-709                     forwardRequest(req, res, hintList.get(0));
-710                 } else {
-711                     forwardRequest(req, res, null);
-712                 }   
-713                 return;
-714             }
-715             
-716             //
-717             // Now set up all the funky stuff that the JSP needs.  Firstly the protocol
-718             // specific parameters which will come back to us
-719             //
-720             
-721             if (twoZeroProtocol) {
-722                 //
-723                 // The return address was set up in setupReturnAddress
-724                 //
-725                 String returnString = (String) req.getAttribute(RETURN_ATTRIBUTE_NAME);
-726                 if (null == returnString || 0 == returnString.length()) {
-727                     throw new WayfException("Parameter " + RETURN_PARAM_NAME + " not supplied");
-728                 }
-729 
-730                 String returnId = getValue(req, RETURNID_PARAM_NAME);
-731                 if (null == returnId || 0 == returnId.length()) {
-732                     returnId = RETURNID_DEFAULT_VALUE;
-733                 }
-734                 //
-735                 // Return *means* something so we cannot use it as an attribute
-736                 //
-737                 req.setAttribute(RETURN_ATTRIBUTE_NAME, returnString);
-738                 req.setAttribute(RETURNID_PARAM_NAME, returnId);
-739                 req.setAttribute(ENTITYID_PARAM_NAME, providerId);
-740                 
-741             } else {
-742                 String target = getValue(req, TARGET_PARAM_NAME);
-743                 if (null == target || 0 == target.length()) {
-744                     throw new WayfException("Could not extract target from provided parameters");
-745                 }
-746                 req.setAttribute(SHIRE_PARAM_NAME, shire);
-747                 req.setAttribute(TARGET_PARAM_NAME, target);
-748                 req.setAttribute(PROVIDERID_PARAM_NAME, providerId);
-749                 //
-750                 // Time is in unix format
-751                 //
-752                 req.setAttribute("time", new Long(new Date().getTime() / 1000).toString()); 
-753                 
-754             }
-755             
-756             //
-757             // Setup the stuff that the GUI wants.  
-758             //
-759                 
-760             setDisplayLanguage(sites, req);
-761             req.setAttribute("sites", sites);
-762             if (null != siteLists) {
-763                 for (IdPSiteSetEntry siteSetEntry:siteLists) {
-764                     setDisplayLanguage(siteSetEntry.getSites(), req);
-765                 }
-766             }
-767                 
-768             req.setAttribute("siteLists", siteLists);
-769             req.setAttribute("requestURL", req.getRequestURI().toString());
-770 
-771             if (searchResults != null) {
-772                 if (searchResults.size() != 0) {
-773                     setDisplayLanguage(searchResults, req);
-774                     req.setAttribute("searchresults", searchResults);
-775                 } else {
-776                     req.setAttribute("searchResultsEmpty", "true");
-777                 }
-778             }
-779 
-780             if (hintList.size() > 0) {
-781                 setDisplayLanguage(hintList, req);
-782                 req.setAttribute("cookieList", hintList);
-783             }
-784 
-785             LOG.debug("Displaying WAYF selection page.");
-786             RequestDispatcher rd = req.getRequestDispatcher(config.getJspFile());
-787 
-788             //
-789             // And off to the jsp
-790             //
-791             rd.forward(req, res);
-792         } catch (IOException ioe) {
-793             LOG.error("Problem displaying WAYF UI.\n" +  ioe.getMessage());
-794             throw new WayfException("Problem displaying WAYF UI", ioe);
-795         } catch (ServletException se) {
-796             LOG.error("Problem displaying WAYF UI.\n" +  se.getMessage());
-797             throw new WayfException("Problem displaying WAYF UI", se);
-798         }
-799     }
-800 
-801     /**
-802      * Prior to display we set the display language from the
-803      * browser. There is probably a proper way to do this using
-804      * jsp, but I want to keep the API between JSP and java the same 1.3->2.0
-805      * @param sites - the sites we need to impact
-806      * @param req - from whiuch we get the locale
-807      */
-808     private void setDisplayLanguage(Collection<IdPSite> sites, HttpServletRequest req) {
-809         
-810         if (null == sites) {
-811             return;
-812         }
-813         Locale locale = req.getLocale();
-814         if (null == locale) {
-815             Locale.getDefault();
-816         }
-817         String lang = locale.getLanguage();
-818 
-819         for (IdPSite site : sites) {
-820             site.setDisplayLanguage(lang);
-821         }
-822     }
-823 
-824 
-825     /**
-826      * Uses an HTTP Status 307 redirect to forward the user to the IdP or the SP.
-827      * 
-828      * @param req request under consideration
-829      * @param res response under construction
-830      * @param site The Idp
-831      * @throws WayfException if bad things happen.
-832      */
-833     public static void forwardRequest(HttpServletRequest req, HttpServletResponse res, IdPSite site)
-834                     throws WayfException {
-835 
-836         String shire = getValue(req, SHIRE_PARAM_NAME);
-837         String providerId = getSPId(req);
-838         boolean twoZeroProtocol = (shire == null);
-839 
-840         if (!twoZeroProtocol) {
-841             String handleService = site.getAddressForWAYF(); 
-842             if (handleService != null ) {
-843 
-844                 String target = getValue(req, TARGET_PARAM_NAME);
-845                 if (null == target || 0 == target.length()) {
-846                     throw new WayfException("Could not extract target from provided parameters");
-847                 }
-848 
-849                 LOG.info("Redirecting to selected Handle Service: " + handleService);
-850                 try {
-851                     StringBuffer buffer = new StringBuffer(handleService +  
-852                        "?" + TARGET_PARAM_NAME + "=");
-853                     buffer.append(URLEncoder.encode(target, "UTF-8"));
-854                     buffer.append("&" + SHIRE_PARAM_NAME + "=");
-855                     buffer.append(URLEncoder.encode(shire, "UTF-8"));
-856                     buffer.append("&" + PROVIDERID_PARAM_NAME + "=");
-857                     buffer.append(URLEncoder.encode(providerId, "UTF-8"));
-858                          
-859                     //
-860                     // Time is as per U**X
-861                     //
-862                     buffer.append("&" +  TIME_PARAM_NAME + "=");
-863                     buffer.append(new Long(new Date().getTime() / 1000).toString());
-864                     res.sendRedirect(buffer.toString());
-865                 } catch (IOException ioe) {
-866                     //
-867                     // That failed.  
-868                     //
-869                     throw new WayfException("Error forwarding to IdP: \n" + ioe.getMessage());
-870                 }
-871             } else {
-872                 String s = "Error finding to IdP: " + site.getDisplayName(req); 
-873                 LOG.error(s);
-874                 throw new WayfException(s);
-875             }
-876         } else {
-877             String returnUrl = (String) req.getAttribute(RETURN_ATTRIBUTE_NAME);
-878             
-879             if (null == returnUrl || 0 == returnUrl.length()) {
-880                 throw new WayfException("Could not find return parameter");
-881             }
-882             try {
-883                 returnUrl = URLDecoder.decode(returnUrl, "UTF-8");
-884             } catch (UnsupportedEncodingException e) {
-885                 throw new WayfException("Did not understand parameter ", e);
-886             }
-887             String redirect;
-888             if (site != null) {
-889                 StringBuffer buffer = new StringBuffer(returnUrl);
-890                 //
-891                 // If we were given anybody to lookup, construct the URL
-892                 //
-893                 String returnParam = getValue(req, RETURNID_PARAM_NAME);
-894                 if (null == returnParam || 0 == returnParam.length()) {
-895                     returnParam = RETURNID_DEFAULT_VALUE;
-896                 }              
-897                 //
-898                 // Do we add a '?' or a '&' for the parameters
-899                 //
-900 
-901                 if (returnUrl.indexOf('?') >= 0) {
-902                     //
-903                     // there is a parameter already.  Add a '&'
-904                     //
-905                     buffer.append("&" + returnParam + "=");
-906                 } else {
-907                     //
-908                     // No parameter.  Use ?
-909                     //
-910                     buffer.append("?" + returnParam + "=");
-911                 }
-912                 buffer.append(site.getName());
-913                 redirect =  buffer.toString();
-914             } else {
-915                 //
-916                 // Just send it back
-917                 //
-918                 redirect = returnUrl;
-919             }
-920             
-921             LOG.debug("Dispatching to " + redirect);
-922             
-923             try {
-924                 res.sendRedirect(redirect);
-925             } catch (IOException ioe) {
-926                 //
-927                 // That failed.  
-928                 //
-929                 throw new WayfException("Error forwarding back to Sp: \n" + ioe.getMessage());
-930             }         
-931         }
-932     }
-933 
-934     /**
-935      * Handles all "recoverable" errors in WAYF processing by logging the error and forwarding the user to an
-936      * appropriate error page.
-937      * 
-938      * @param req request under consideration
-939      * @param res response under construction
-940      * @param message - what so say
-941      */
-942     private void handleError(HttpServletRequest req, HttpServletResponse res, String message) {
-943 
-944         LOG.debug("Displaying WAYF error page.");
-945         req.setAttribute("errorText", message);
-946         req.setAttribute("requestURL", req.getRequestURI().toString());
-947         RequestDispatcher rd = req.getRequestDispatcher(config.getErrorJspFile());
-948 
-949         try {
-950             rd.forward(req, res);
-951         } catch (IOException ioe) {
-952             LOG.error("Problem trying to display WAYF error page: " + ioe.toString());
-953         } catch (ServletException se) {
-954             LOG.error("Problem trying to display WAYF error page: " + se.toString());
-955         }
-956     }
-957 
-958     /**
-959      * Gets the value for the parameter either from the parameter or from jsp.
-960      * @param req - the request.
-961      * @param name - the name of the parameter.
-962      * @return - result
-963      */
-964     private static String getValue(HttpServletRequest req, String name) {
-965 
-966         
-967         String value = req.getParameter(name); 
-968         if (value != null) {
-969             return value;
-970         }
-971         return (String) req.getAttribute(name);
-972     }
-973 
-974     private static String getSPId(HttpServletRequest req) throws WayfException {
-975 
-976         //
-977         // Try first with 2.0 version
-978         //
-979         String param = req.getParameter(ENTITYID_PARAM_NAME);
-980         if (param != null && !(param.length() == 0)) {
-981             return param;
-982         } 
-983         
-984         param = (String) req.getAttribute(ENTITYID_PARAM_NAME);
-985         if (param != null && !(param.length() == 0)) {
-986             return param;
-987         }       
-988         //
-989         // So Try with 1.3 version
-990         //
-991         param = req.getParameter(PROVIDERID_PARAM_NAME);
-992         if (param != null && !(param.length() == 0)) {
-993             return param;
-994         } 
-995         
-996         param = (String) req.getAttribute(PROVIDERID_PARAM_NAME);
-997         if (param != null && !(param.length() == 0)) {
-998             return param;
-999         } 
-1000         throw new WayfException("Could not locate SP identifier in parameters");
-1001     }   
-1002 }
-
- - -- cgit v1.1