From a78cb1f0a9688dc3117903690b84b60103692c95 Mon Sep 17 00:00:00 2001 From: Shinsuke Sugaya Date: Sun, 5 Jul 2026 11:23:08 +0900 Subject: [PATCH] refactor: apply Java naming conventions and idiom cleanup Behavior-preserving cleanup of the java-saml sources. No public or protected API changes (class/method/field/constant/enum names, signatures, and constant values are all unchanged), so downstream consumers are unaffected. The full test suite passes unchanged (core 415, toolkit 92). Naming (locals, private fields, and private methods only; public accessor names left untouched): - Fix the leading-uppercase local `AssertionDataNodes` -> `assertionDataNodes`. - Fix snake_case (`cert_begin`/`end_cert`), acronym casing (`nameID`, `spX509cert`, `wantXMLValidation`, `uniqueIDPrefix`, ...), and typos (`errorAcumulator`, `stausCode`, `childs`, `decompresser`, `idpDescryptorXPath`, `idvalue`, ...). Idioms (behavior-preserving): - `size() != 0` -> `isEmpty()`; verbose null checks -> `StringUtils.isNotEmpty`. - Hoist per-call `HashSet` builds to a static `Set.of(...)`; ternary returns; drop redundant boxing / `toString()` / parentheses / generic type-witnesses. - Explicit `"UTF-8"` / `Charset.forName("UTF-8")` -> `StandardCharsets.UTF_8` (byte-identical); parameterized logging (identical rendered text); `public final static` -> `public static final`. Dead code: - Remove an unused `LOGGER` field and its imports in `IdPMetadataParser`, a commented-out block and an unused parameter in `SettingsBuilder`, and dead comment lines in `SamlResponse`. Samples and tests: - Fix broken package imports in the sample JSPs (they referenced a non-existent package and could not compile at runtime). - Correct stale `@see` package paths in `AuthTest` javadoc. Preserve the original null contract of `Util.isAlgorithmWhitelisted` (returns false for a null algorithm) after hoisting its set to an immutable `Set.of`. --- .../saml2/core/authn/AuthnRequest.java | 32 +- .../saml2/core/authn/SamlResponse.java | 105 +++--- .../InvalidKeySpecRuntimeException.java | 2 +- .../exception/SAMLSignatureException.java | 2 +- .../exception/X509CertificateException.java | 2 +- .../core/exception/XMLParsingException.java | 2 +- .../codelibs/saml2/core/http/HttpRequest.java | 6 +- .../saml2/core/logout/LogoutRequest.java | 51 ++- .../saml2/core/logout/LogoutResponse.java | 20 +- .../core/logout/LogoutResponseParams.java | 4 +- .../codelibs/saml2/core/model/Contact.java | 8 +- .../saml2/core/model/RequestedAttribute.java | 2 +- .../core/model/SubjectConfirmationIssue.java | 2 +- .../saml2/core/model/hsm/AzureKeyVault.java | 7 +- .../core/settings/IdPMetadataParser.java | 47 ++- .../saml2/core/settings/Metadata.java | 43 +-- .../saml2/core/settings/Saml2Settings.java | 137 ++++---- .../saml2/core/settings/SettingsBuilder.java | 304 ++++++++---------- .../org/codelibs/saml2/core/util/Util.java | 139 ++++---- .../src/main/webapp/acs.jsp | 13 +- .../src/main/webapp/attrs.jsp | 23 +- .../src/main/webapp/dologin.jsp | 2 +- .../src/main/webapp/dologout.jsp | 28 +- .../src/main/webapp/metadata.jsp | 2 +- .../src/main/webapp/sls.jsp | 7 +- .../main/java/org/codelibs/saml2/Auth.java | 135 ++++---- .../codelibs/saml2/servlet/ServletUtils.java | 17 +- .../org/codelibs/saml2/test/AuthTest.java | 168 +++++----- 28 files changed, 590 insertions(+), 720 deletions(-) diff --git a/core/src/main/java/org/codelibs/saml2/core/authn/AuthnRequest.java b/core/src/main/java/org/codelibs/saml2/core/authn/AuthnRequest.java index 400ca62..e4b79db 100644 --- a/core/src/main/java/org/codelibs/saml2/core/authn/AuthnRequest.java +++ b/core/src/main/java/org/codelibs/saml2/core/authn/AuthnRequest.java @@ -115,7 +115,7 @@ public AuthnRequest(final Saml2Settings settings, final AuthnRequestParams param final StringSubstitutor substitutor = generateSubstitutor(params, settings); authnRequestString = postProcessXml(substitutor.replace(getAuthnRequestTemplate()), params, settings); - LOGGER.debug("AuthNRequest --> " + authnRequestString); + LOGGER.debug("AuthNRequest --> {}", authnRequestString); } /** @@ -218,27 +218,27 @@ private StringSubstitutor generateSubstitutor(final AuthnRequestParams params, f String subjectStr = ""; final String nameIdValueReq = params.getNameIdValueReq(); if (nameIdValueReq != null && !nameIdValueReq.isEmpty()) { - final String nameIDFormat = settings.getSpNameIDFormat(); + final String nameIdFormat = settings.getSpNameIDFormat(); subjectStr = ""; - subjectStr += "" + Util.toXml(nameIdValueReq) + ""; + subjectStr += "" + Util.toXml(nameIdValueReq) + ""; subjectStr += ""; subjectStr += ""; } valueMap.put("subjectStr", subjectStr); - String nameIDPolicyStr = ""; + String nameIdPolicyStr = ""; if (params.isSetNameIdPolicy()) { - String nameIDPolicyFormat = settings.getSpNameIDFormat(); + String nameIdPolicyFormat = settings.getSpNameIDFormat(); if (settings.getWantNameIdEncrypted()) { - nameIDPolicyFormat = Constants.NAMEID_ENCRYPTED; + nameIdPolicyFormat = Constants.NAMEID_ENCRYPTED; } String allowCreateStr = ""; if (params.isAllowCreate()) { allowCreateStr = " AllowCreate=\"true\""; } - nameIDPolicyStr = ""; + nameIdPolicyStr = ""; } - valueMap.put("nameIDPolicyStr", nameIDPolicyStr); + valueMap.put("nameIDPolicyStr", nameIdPolicyStr); String providerStr = ""; final Organization organization = settings.getOrganization(); @@ -252,7 +252,7 @@ private StringSubstitutor generateSubstitutor(final AuthnRequestParams params, f final String issueInstantString = Util.formatDateTime(issueInstant.getTimeInMillis()); valueMap.put("issueInstant", issueInstantString); - valueMap.put("id", Util.toXml(String.valueOf(id))); + valueMap.put("id", Util.toXml(id)); valueMap.put("assertionConsumerServiceURL", Util.toXml(String.valueOf(settings.getSpAssertionConsumerServiceUrl()))); valueMap.put("protocolBinding", Util.toXml(settings.getSpAssertionConsumerServiceBinding())); valueMap.put("spEntityid", Util.toXml(settings.getSpEntityId())); @@ -261,12 +261,14 @@ private StringSubstitutor generateSubstitutor(final AuthnRequestParams params, f final List requestedAuthnContexts = settings.getRequestedAuthnContext(); if (requestedAuthnContexts != null && !requestedAuthnContexts.isEmpty()) { final String requestedAuthnContextCmp = settings.getRequestedAuthnContextComparison(); - requestedAuthnContextStr = ""; + final StringBuilder requestedAuthnContextBuilder = + new StringBuilder(""); for (final String requestedAuthnContext : requestedAuthnContexts) { - requestedAuthnContextStr += - "" + Util.toXml(requestedAuthnContext) + ""; + requestedAuthnContextBuilder.append("").append(Util.toXml(requestedAuthnContext)) + .append(""); } - requestedAuthnContextStr += ""; + requestedAuthnContextBuilder.append(""); + requestedAuthnContextStr = requestedAuthnContextBuilder.toString(); } valueMap.put("requestedAuthnContextStr", requestedAuthnContextStr); @@ -277,13 +279,13 @@ private StringSubstitutor generateSubstitutor(final AuthnRequestParams params, f /** * @return the AuthnRequest's template */ - private static StringBuilder getAuthnRequestTemplate() { + private static String getAuthnRequestTemplate() { final StringBuilder template = new StringBuilder(); template.append( ""); template.append("${spEntityid}"); template.append("${subjectStr}${nameIDPolicyStr}${requestedAuthnContextStr}"); - return template; + return template.toString(); } /** diff --git a/core/src/main/java/org/codelibs/saml2/core/authn/SamlResponse.java b/core/src/main/java/org/codelibs/saml2/core/authn/SamlResponse.java index 88f276d..615dbb7 100644 --- a/core/src/main/java/org/codelibs/saml2/core/authn/SamlResponse.java +++ b/core/src/main/java/org/codelibs/saml2/core/authn/SamlResponse.java @@ -7,6 +7,7 @@ import java.time.temporal.ChronoUnit; import java.util.ArrayList; import java.util.Calendar; +import java.util.Collections; import java.util.HashMap; import java.util.LinkedHashMap; import java.util.List; @@ -350,7 +351,7 @@ public boolean isValid(final String requestId) { if (expiresAt == null) { final List notOnOrAfters = getAssertionNotOnOrAfter(); expiresAt = notOnOrAfters.isEmpty() ? Instant.now().plusSeconds(settings.getClockDrift() + 300) - : java.util.Collections.min(notOnOrAfters); + : Collections.min(notOnOrAfters); } if (replayCache.registerAndCheck(assertionId, expiresAt)) { throw new ValidationException("The Assertion was already processed (replay detected): " + assertionId, @@ -389,24 +390,24 @@ private void validateSubjectConfirmation(final String responseInResponseTo) { final NodeList subjectConfirmationDataNodes = scn.getChildNodes(); for (int c = 0; c < subjectConfirmationDataNodes.getLength(); c++) { - if (subjectConfirmationDataNodes.item(c).getLocalName() != null - && "SubjectConfirmationData".equals(subjectConfirmationDataNodes.item(c).getLocalName())) { + final Node subjectConfirmationDataNode = subjectConfirmationDataNodes.item(c); + if ("SubjectConfirmationData".equals(subjectConfirmationDataNode.getLocalName())) { - final Node recipient = subjectConfirmationDataNodes.item(c).getAttributes().getNamedItem("Recipient"); + final Node recipient = subjectConfirmationDataNode.getAttributes().getNamedItem("Recipient"); final SubjectConfirmationIssue issue = validateRecipient(recipient, i); if (issue != null) { validationIssues.add(issue); continue; } - final Node inResponseTo = subjectConfirmationDataNodes.item(c).getAttributes().getNamedItem("InResponseTo"); + final Node inResponseTo = subjectConfirmationDataNode.getAttributes().getNamedItem("InResponseTo"); if (inResponseTo == null && responseInResponseTo != null || inResponseTo != null && !inResponseTo.getNodeValue().equals(responseInResponseTo)) { validationIssues.add(new SubjectConfirmationIssue(i, "SubjectConfirmationData has an invalid InResponseTo value")); continue; } - final Node notOnOrAfter = subjectConfirmationDataNodes.item(c).getAttributes().getNamedItem("NotOnOrAfter"); + final Node notOnOrAfter = subjectConfirmationDataNode.getAttributes().getNamedItem("NotOnOrAfter"); if (notOnOrAfter == null) { validationIssues .add(new SubjectConfirmationIssue(i, "SubjectConfirmationData doesn't contain a NotOnOrAfter attribute")); @@ -420,7 +421,7 @@ private void validateSubjectConfirmation(final String responseInResponseTo) { continue; } - final Node notBefore = subjectConfirmationDataNodes.item(c).getAttributes().getNamedItem("NotBefore"); + final Node notBefore = subjectConfirmationDataNode.getAttributes().getNamedItem("NotBefore"); if (notBefore != null) { Instant nb = Util.parseDateTime(notBefore.getNodeValue()); nb = ChronoUnit.SECONDS.addTo(nb, settings.getClockDrift() * -1); @@ -460,7 +461,7 @@ public Map getNameIdData() { return this.nameIdData; } try { - final Map nameIdData = new HashMap<>(); + final Map data = new HashMap<>(); final NodeList encryptedIDNodes = this.queryAssertion("/saml:Subject/saml:EncryptedID"); NodeList nameIdNodes; @@ -498,25 +499,25 @@ public Map getNameIdData() { throw new ValidationException("An empty NameID value found", ValidationException.EMPTY_NAMEID); } - nameIdData.put("Value", value); + data.put("Value", value); if (nameIdElem.hasAttribute("Format")) { - nameIdData.put("Format", nameIdElem.getAttribute("Format")); + data.put("Format", nameIdElem.getAttribute("Format")); } if (nameIdElem.hasAttribute("SPNameQualifier")) { final String spNameQualifier = nameIdElem.getAttribute("SPNameQualifier"); validateSpNameQualifier(spNameQualifier); - nameIdData.put("SPNameQualifier", spNameQualifier); + data.put("SPNameQualifier", spNameQualifier); } if (nameIdElem.hasAttribute("NameQualifier")) { - nameIdData.put("NameQualifier", nameIdElem.getAttribute("NameQualifier")); + data.put("NameQualifier", nameIdElem.getAttribute("NameQualifier")); } } } else if (settings.getWantNameId()) { throw new ValidationException("No name id found in Document.", ValidationException.NO_NAMEID); } - this.nameIdData = nameIdData; - return nameIdData; + this.nameIdData = data; + return data; } catch (SAMLException e) { throw e; } catch (DOMException e) { @@ -531,13 +532,13 @@ public Map getNameIdData() { * */ public String getNameId() { - final Map nameIdData = getNameIdData(); - String nameID = null; - if (!nameIdData.isEmpty()) { - LOGGER.debug("SAMLResponse has NameID --> {}", nameIdData.get("Value")); - nameID = nameIdData.get("Value"); + final Map data = getNameIdData(); + String nameId = null; + if (!data.isEmpty()) { + LOGGER.debug("SAMLResponse has NameID --> {}", data.get("Value")); + nameId = data.get("Value"); } - return nameID; + return nameId; } /** @@ -547,13 +548,13 @@ public String getNameId() { * */ public String getNameIdFormat() { - final Map nameIdData = getNameIdData(); - String nameidFormat = null; - if (!nameIdData.isEmpty() && nameIdData.containsKey("Format")) { - LOGGER.debug("SAMLResponse has NameID Format --> {}", nameIdData.get("Format")); - nameidFormat = nameIdData.get("Format"); + final Map data = getNameIdData(); + String nameIdFormat = null; + if (!data.isEmpty() && data.containsKey("Format")) { + LOGGER.debug("SAMLResponse has NameID Format --> {}", data.get("Format")); + nameIdFormat = data.get("Format"); } - return nameidFormat; + return nameIdFormat; } /** @@ -563,11 +564,11 @@ public String getNameIdFormat() { * */ public String getNameIdNameQualifier() { - final Map nameIdData = getNameIdData(); + final Map data = getNameIdData(); String nameQualifier = null; - if (!nameIdData.isEmpty() && nameIdData.containsKey("NameQualifier")) { - LOGGER.debug("SAMLResponse has NameID NameQualifier --> " + nameIdData.get("NameQualifier")); - nameQualifier = nameIdData.get("NameQualifier"); + if (!data.isEmpty() && data.containsKey("NameQualifier")) { + LOGGER.debug("SAMLResponse has NameID NameQualifier --> {}", data.get("NameQualifier")); + nameQualifier = data.get("NameQualifier"); } return nameQualifier; } @@ -579,11 +580,11 @@ public String getNameIdNameQualifier() { * */ public String getNameIdSPNameQualifier() { - final Map nameIdData = getNameIdData(); + final Map data = getNameIdData(); String spNameQualifier = null; - if (!nameIdData.isEmpty() && nameIdData.containsKey("SPNameQualifier")) { - LOGGER.debug("SAMLResponse has NameID NameQualifier --> " + nameIdData.get("SPNameQualifier")); - spNameQualifier = nameIdData.get("SPNameQualifier"); + if (!data.isEmpty() && data.containsKey("SPNameQualifier")) { + LOGGER.debug("SAMLResponse has NameID NameQualifier --> {}", data.get("SPNameQualifier")); + spNameQualifier = data.get("SPNameQualifier"); } return spNameQualifier; } @@ -609,7 +610,7 @@ public Map> getAttributes() { ValidationException.DUPLICATED_ATTRIBUTE_NAME_FOUND); } - final NodeList childrens = nodes.item(i).getChildNodes(); + final NodeList children = nodes.item(i).getChildNodes(); List attrValues = null; if (attributes.containsKey(attName) && settings.isAllowRepeatAttributeName()) { @@ -617,9 +618,9 @@ public Map> getAttributes() { } else { attrValues = new ArrayList<>(); } - for (int j = 0; j < childrens.getLength(); j++) { - if ("AttributeValue".equals(childrens.item(j).getLocalName())) { - String attrValue = childrens.item(j).getTextContent(); + for (int j = 0; j < children.getLength(); j++) { + if ("AttributeValue".equals(children.item(j).getLocalName())) { + String attrValue = children.item(j).getTextContent(); if (attrValue != null && settings.isTrimAttributeValues()) { attrValue = attrValue.trim(); } @@ -629,7 +630,7 @@ public Map> getAttributes() { attributes.put(attName, attrValues); } - LOGGER.debug("SAMLResponse has attributes: {}", attributes.toString()); + LOGGER.debug("SAMLResponse has attributes: {}", attributes); } else { LOGGER.debug("SAMLResponse has no attributes"); } @@ -685,10 +686,7 @@ public static SamlResponseStatus getStatus(final Document dom) { */ public Boolean checkOneCondition() { final NodeList entries = this.queryAssertion("/saml:Conditions"); - if (entries.getLength() == 1) { - return true; - } - return false; + return entries.getLength() == 1; } /** @@ -700,10 +698,7 @@ public Boolean checkOneCondition() { */ public Boolean checkOneAuthnStatement() { final NodeList entries = this.queryAssertion("/saml:AuthnStatement"); - if (entries.getLength() == 1) { - return true; - } - return false; + return entries.getLength() == 1; } /** @@ -933,8 +928,8 @@ public boolean validateNumAssertions() { */ public ArrayList processSignedElements() { final ArrayList signedElements = new ArrayList<>(); - final ArrayList verifiedSeis = new ArrayList<>(); - final ArrayList verifiedIds = new ArrayList<>(); + final List verifiedSeis = new ArrayList<>(); + final List verifiedIds = new ArrayList<>(); final NodeList signNodes = query("//ds:Signature", null); for (int i = 0; i < signNodes.getLength(); i++) { @@ -1011,7 +1006,7 @@ public boolean validateSignedElements(final ArrayList signedElements) { final Map occurrences = new HashMap<>(); for (final String e : signedElements) { if (occurrences.containsKey(e)) { - occurrences.put(e, occurrences.get(e).intValue() + 1); + occurrences.put(e, occurrences.get(e) + 1); } else { occurrences.put(e, 1); } @@ -1027,7 +1022,7 @@ public boolean validateSignedElements(final ArrayList signedElements) { } // check that the signed elements found here, are the ones that will be verified - // by org.codelibs.saml2.core.core.util.Util.validateSign() + // by org.codelibs.saml2.core.util.Util.validateSign() if (occurrences.containsKey(responseTag)) { final NodeList expectedSignatureNode = query(Util.RESPONSE_SIGNATURE_XPATH, null); if (expectedSignatureNode.getLength() != 1) { @@ -1189,7 +1184,6 @@ protected NodeList queryAssertion(final String assertionXpath) { * @return DOMNodeList The queried nodes */ protected NodeList query(final String nameQuery, final Node context) { - // LOGGER.debug("Executing query " + nameQuery); return Util.query(getSAMLResponseDocument(), nameQuery, context); } @@ -1225,19 +1219,18 @@ private Document decryptAssertion(final Document dom) { } // We need to Remove the saml:EncryptedAssertion Node - final NodeList AssertionDataNodes = Util.query(dom, "/samlp:Response/saml:EncryptedAssertion/saml:Assertion"); - if (AssertionDataNodes.getLength() == 0) { + final NodeList assertionDataNodes = Util.query(dom, "/samlp:Response/saml:EncryptedAssertion/saml:Assertion"); + if (assertionDataNodes.getLength() == 0) { throw new ValidationException("No /samlp:Response/saml:EncryptedAssertion/saml:Assertion element found", ValidationException.MISSING_ENCRYPTED_ELEMENT); } - final Node assertionNode = AssertionDataNodes.item(0); + final Node assertionNode = assertionDataNodes.item(0); assertionNode.getParentNode().getParentNode().replaceChild(assertionNode, assertionNode.getParentNode()); // In order to avoid Signature Validation errors we need to rebuild the dom. // https://groups.google.com/forum/#!topic/opensaml-users/gpXvwaZ53NA final String xmlStr = Util.convertDocumentToString(dom); - // LOGGER.debug("Decrypted SAMLResponse --> " + xmlStr); return Util.convertStringToDocument(xmlStr); } diff --git a/core/src/main/java/org/codelibs/saml2/core/exception/InvalidKeySpecRuntimeException.java b/core/src/main/java/org/codelibs/saml2/core/exception/InvalidKeySpecRuntimeException.java index 7f81b80..9b6642e 100644 --- a/core/src/main/java/org/codelibs/saml2/core/exception/InvalidKeySpecRuntimeException.java +++ b/core/src/main/java/org/codelibs/saml2/core/exception/InvalidKeySpecRuntimeException.java @@ -15,7 +15,7 @@ public class InvalidKeySpecRuntimeException extends RuntimeException { * * @param e the underlying invalid key spec exception */ - public InvalidKeySpecRuntimeException(InvalidKeySpecException e) { + public InvalidKeySpecRuntimeException(final InvalidKeySpecException e) { super(e); } } diff --git a/core/src/main/java/org/codelibs/saml2/core/exception/SAMLSignatureException.java b/core/src/main/java/org/codelibs/saml2/core/exception/SAMLSignatureException.java index 1d691d0..23a3c4a 100644 --- a/core/src/main/java/org/codelibs/saml2/core/exception/SAMLSignatureException.java +++ b/core/src/main/java/org/codelibs/saml2/core/exception/SAMLSignatureException.java @@ -13,7 +13,7 @@ public class SAMLSignatureException extends SAMLException { * * @param e the underlying exception */ - public SAMLSignatureException(Exception e) { + public SAMLSignatureException(final Exception e) { super(e); } diff --git a/core/src/main/java/org/codelibs/saml2/core/exception/X509CertificateException.java b/core/src/main/java/org/codelibs/saml2/core/exception/X509CertificateException.java index 490f604..8b44ed6 100644 --- a/core/src/main/java/org/codelibs/saml2/core/exception/X509CertificateException.java +++ b/core/src/main/java/org/codelibs/saml2/core/exception/X509CertificateException.java @@ -15,7 +15,7 @@ public class X509CertificateException extends SAMLException { * * @param e the underlying certificate exception */ - public X509CertificateException(CertificateException e) { + public X509CertificateException(final CertificateException e) { super(e); } diff --git a/core/src/main/java/org/codelibs/saml2/core/exception/XMLParsingException.java b/core/src/main/java/org/codelibs/saml2/core/exception/XMLParsingException.java index b7db964..706c60d 100644 --- a/core/src/main/java/org/codelibs/saml2/core/exception/XMLParsingException.java +++ b/core/src/main/java/org/codelibs/saml2/core/exception/XMLParsingException.java @@ -14,7 +14,7 @@ public class XMLParsingException extends SAMLException { * @param message the detail message * @param cause the underlying cause of the parsing failure */ - public XMLParsingException(String message, Throwable cause) { + public XMLParsingException(final String message, final Throwable cause) { super(message, cause); } diff --git a/core/src/main/java/org/codelibs/saml2/core/http/HttpRequest.java b/core/src/main/java/org/codelibs/saml2/core/http/HttpRequest.java index 711037f..04d44ea 100644 --- a/core/src/main/java/org/codelibs/saml2/core/http/HttpRequest.java +++ b/core/src/main/java/org/codelibs/saml2/core/http/HttpRequest.java @@ -24,7 +24,7 @@ public final class HttpRequest { /** An immutable empty map used as the default set of request parameters. */ - public static final Map> EMPTY_PARAMETERS = Collections.> emptyMap(); + public static final Map> EMPTY_PARAMETERS = Collections.emptyMap(); private final String requestURL; private final Map> parameters; @@ -87,7 +87,7 @@ public HttpRequest addParameter(final String name, final String value) { checkNotNull(name, "name"); checkNotNull(value, "value"); - final List oldValues = parameters.containsKey(name) ? parameters.get(name) : new ArrayList<>(); + final List oldValues = parameters.getOrDefault(name, new ArrayList<>()); final List newValues = new ArrayList<>(oldValues); newValues.add(value); final Map> params = new HashMap<>(parameters); @@ -140,7 +140,7 @@ public String getParameter(final String name) { */ public List getParameters(final String name) { final List values = parameters.get(name); - return values != null ? values : Collections. emptyList(); + return values != null ? values : Collections.emptyList(); } /** diff --git a/core/src/main/java/org/codelibs/saml2/core/logout/LogoutRequest.java b/core/src/main/java/org/codelibs/saml2/core/logout/LogoutRequest.java index a70ce9e..9d98663 100644 --- a/core/src/main/java/org/codelibs/saml2/core/logout/LogoutRequest.java +++ b/core/src/main/java/org/codelibs/saml2/core/logout/LogoutRequest.java @@ -294,16 +294,10 @@ protected String postProcessXml(final String logoutRequestXml, final LogoutReque * */ public String getEncodedLogoutRequest(Boolean deflated) { - String encodedLogoutRequest; if (deflated == null) { deflated = settings.isCompressRequestEnabled(); } - if (deflated) { - encodedLogoutRequest = Util.deflatedBase64encoded(getLogoutRequestXml()); - } else { - encodedLogoutRequest = Util.base64encoder(getLogoutRequestXml()); - } - return encodedLogoutRequest; + return deflated ? Util.deflatedBase64encoded(getLogoutRequestXml()) : Util.base64encoder(getLogoutRequestXml()); } /** @@ -467,7 +461,7 @@ public boolean isValid() { // Check destination if (rootElement.hasAttribute("Destination")) { final String destinationUrl = rootElement.getAttribute("Destination"); - if ((destinationUrl != null) && (!destinationUrl.isEmpty() && !destinationUrl.equals(currentUrl))) { + if (!destinationUrl.isEmpty() && !destinationUrl.equals(currentUrl)) { throw new ValidationException("The LogoutRequest was received at " + currentUrl + " instead of " + destinationUrl, ValidationException.WRONG_DESTINATION); } @@ -494,7 +488,7 @@ public boolean isValid() { final List certList = new ArrayList<>(); final List multipleCertList = settings.getIdpx509certMulti(); - if (multipleCertList != null && multipleCertList.size() != 0) { + if (multipleCertList != null && !multipleCertList.isEmpty()) { certList.addAll(multipleCertList); } @@ -519,7 +513,7 @@ public boolean isValid() { final String relayState = request.getEncodedParameter("RelayState"); - StringBuilder signedQuery = new StringBuilder("SAMLRequest=").append(request.getEncodedParameter("SAMLRequest")); + final StringBuilder signedQuery = new StringBuilder("SAMLRequest=").append(request.getEncodedParameter("SAMLRequest")); if (relayState != null && !relayState.isEmpty()) { signedQuery.append("&RelayState=").append(relayState); @@ -679,8 +673,7 @@ public static Map getNameIdData(final Document samlLogoutRequest final boolean trimValue, final Collection allowedKeyTransportAlgorithms) { try { final NodeList encryptedIDNodes = Util.query(samlLogoutRequestDocument, "/samlp:LogoutRequest/saml:EncryptedID"); - NodeList nameIdNodes; - Element nameIdElem; + final NodeList nameIdNodes; if (encryptedIDNodes.getLength() == 1) { if (key == null) { @@ -701,31 +694,29 @@ public static Map getNameIdData(final Document samlLogoutRequest if ((nameIdNodes == null) || (nameIdNodes.getLength() != 1)) { throw new ValidationException("No name id found in Logout Request.", ValidationException.NO_NAMEID); } - nameIdElem = (Element) nameIdNodes.item(0); + final Element nameIdElem = (Element) nameIdNodes.item(0); final Map nameIdData = new HashMap<>(); - if (nameIdElem != null) { - String value = nameIdElem.getTextContent(); - if (value != null && trimValue) { - value = value.trim(); - } - nameIdData.put("Value", value); + String value = nameIdElem.getTextContent(); + if (value != null && trimValue) { + value = value.trim(); + } + nameIdData.put("Value", value); - if (nameIdElem.hasAttribute("Format")) { - nameIdData.put("Format", nameIdElem.getAttribute("Format")); - } - if (nameIdElem.hasAttribute("SPNameQualifier")) { - nameIdData.put("SPNameQualifier", nameIdElem.getAttribute("SPNameQualifier")); - } - if (nameIdElem.hasAttribute("NameQualifier")) { - nameIdData.put("NameQualifier", nameIdElem.getAttribute("NameQualifier")); - } + if (nameIdElem.hasAttribute("Format")) { + nameIdData.put("Format", nameIdElem.getAttribute("Format")); + } + if (nameIdElem.hasAttribute("SPNameQualifier")) { + nameIdData.put("SPNameQualifier", nameIdElem.getAttribute("SPNameQualifier")); + } + if (nameIdElem.hasAttribute("NameQualifier")) { + nameIdData.put("NameQualifier", nameIdElem.getAttribute("NameQualifier")); } return nameIdData; - } catch (SAMLException e) { + } catch (final SAMLException e) { throw e; - } catch (DOMException e) { + } catch (final DOMException e) { throw new XMLParsingException("Failed to get NameID Data.", e); } } diff --git a/core/src/main/java/org/codelibs/saml2/core/logout/LogoutResponse.java b/core/src/main/java/org/codelibs/saml2/core/logout/LogoutResponse.java index e41a87d..b7f987e 100644 --- a/core/src/main/java/org/codelibs/saml2/core/logout/LogoutResponse.java +++ b/core/src/main/java/org/codelibs/saml2/core/logout/LogoutResponse.java @@ -134,16 +134,10 @@ public LogoutResponse(final Saml2Settings settings, final LogoutResponseParams p * */ public String getEncodedLogoutResponse(Boolean deflated) { - String encodedLogoutResponse; if (deflated == null) { deflated = settings.isCompressResponseEnabled(); } - if (deflated) { - encodedLogoutResponse = Util.deflatedBase64encoded(getLogoutResponseXml()); - } else { - encodedLogoutResponse = Util.base64encoder(getLogoutResponseXml()); - } - return encodedLogoutResponse; + return deflated ? Util.deflatedBase64encoded(getLogoutResponseXml()) : Util.base64encoder(getLogoutResponseXml()); } /** @@ -171,13 +165,13 @@ public String getLogoutResponseXml() { * @return the ID of the Response */ public String getId() { - String idvalue = null; + String idValue = null; if (id != null) { - idvalue = id; + idValue = id; } else if (logoutResponseDocument != null) { - idvalue = logoutResponseDocument.getDocumentElement().getAttributes().getNamedItem("ID").getNodeValue(); + idValue = logoutResponseDocument.getDocumentElement().getAttributes().getNamedItem("ID").getNodeValue(); } - return idvalue; + return idValue; } /** @@ -256,7 +250,7 @@ public boolean isValid(final String requestId) { final List certList = new ArrayList<>(); final List multipleCertList = settings.getIdpx509certMulti(); - if (multipleCertList != null && multipleCertList.size() != 0) { + if (multipleCertList != null && !multipleCertList.isEmpty()) { certList.addAll(multipleCertList); } @@ -279,7 +273,7 @@ public boolean isValid(final String requestId) { return false; } - StringBuilder signedQuery = new StringBuilder("SAMLResponse=").append(request.getEncodedParameter("SAMLResponse")); + final StringBuilder signedQuery = new StringBuilder("SAMLResponse=").append(request.getEncodedParameter("SAMLResponse")); final String relayState = request.getEncodedParameter("RelayState"); if (relayState != null && !relayState.isEmpty()) { diff --git a/core/src/main/java/org/codelibs/saml2/core/logout/LogoutResponseParams.java b/core/src/main/java/org/codelibs/saml2/core/logout/LogoutResponseParams.java index e421be0..e82a332 100644 --- a/core/src/main/java/org/codelibs/saml2/core/logout/LogoutResponseParams.java +++ b/core/src/main/java/org/codelibs/saml2/core/logout/LogoutResponseParams.java @@ -65,11 +65,11 @@ public LogoutResponseParams(final String inResponseTo, final String statusCode) * the response status; should not be null */ public LogoutResponseParams(final String inResponseTo, final SamlResponseStatus responseStatus) { - this.inResponseTo = inResponseTo; - this.responseStatus = responseStatus; if (responseStatus == null) { throw new IllegalArgumentException("response status must not be null"); } + this.inResponseTo = inResponseTo; + this.responseStatus = responseStatus; } /** diff --git a/core/src/main/java/org/codelibs/saml2/core/model/Contact.java b/core/src/main/java/org/codelibs/saml2/core/model/Contact.java index d74b93d..a04b7a2 100644 --- a/core/src/main/java/org/codelibs/saml2/core/model/Contact.java +++ b/core/src/main/java/org/codelibs/saml2/core/model/Contact.java @@ -28,7 +28,7 @@ public class Contact { /** * Contact surname */ - private final String surName; + private final String surname; /** * Contact email @@ -80,7 +80,7 @@ public Contact(final String contactType, final String company, final String give this.contactType = contactType != null ? contactType : ""; this.company = company; this.givenName = givenName; - this.surName = surName; + this.surname = surName; this.emailAddresses = emailAddresses != null ? emailAddresses : Collections.emptyList(); this.telephoneNumbers = telephoneNumbers != null ? telephoneNumbers : Collections.emptyList(); } @@ -102,7 +102,7 @@ public final String getContactType() { */ @Deprecated public final String getEmailAddress() { - return emailAddresses.size() > 0 ? emailAddresses.get(0) : null; + return !emailAddresses.isEmpty() ? emailAddresses.get(0) : null; } /** @@ -129,7 +129,7 @@ public final String getGivenName() { * @return the contact surname */ public final String getSurName() { - return surName; + return surname; } /** diff --git a/core/src/main/java/org/codelibs/saml2/core/model/RequestedAttribute.java b/core/src/main/java/org/codelibs/saml2/core/model/RequestedAttribute.java index 8c1de09..effe22a 100644 --- a/core/src/main/java/org/codelibs/saml2/core/model/RequestedAttribute.java +++ b/core/src/main/java/org/codelibs/saml2/core/model/RequestedAttribute.java @@ -68,7 +68,7 @@ public final String getName() { /** * Returns the RequestedAttribute friendly name. * - * @return string the RequestedAttribute fiendlyname + * @return string the RequestedAttribute friendlyName */ public final String getFriendlyName() { return friendlyName; diff --git a/core/src/main/java/org/codelibs/saml2/core/model/SubjectConfirmationIssue.java b/core/src/main/java/org/codelibs/saml2/core/model/SubjectConfirmationIssue.java index fa795da..f10f7f8 100644 --- a/core/src/main/java/org/codelibs/saml2/core/model/SubjectConfirmationIssue.java +++ b/core/src/main/java/org/codelibs/saml2/core/model/SubjectConfirmationIssue.java @@ -29,7 +29,7 @@ public SubjectConfirmationIssue(final int subjectConfirmationIndex, final String public static String prettyPrintIssues(final List subjectConfirmationDataIssues) { final StringBuilder subjectConfirmationDataIssuesMsg = new StringBuilder("A valid SubjectConfirmation was not found on this Response"); - if (subjectConfirmationDataIssues.size() > 0) { + if (!subjectConfirmationDataIssues.isEmpty()) { subjectConfirmationDataIssuesMsg.append(": "); } for (int i = 0; i < subjectConfirmationDataIssues.size(); i++) { diff --git a/core/src/main/java/org/codelibs/saml2/core/model/hsm/AzureKeyVault.java b/core/src/main/java/org/codelibs/saml2/core/model/hsm/AzureKeyVault.java index 2ef053a..8e81465 100644 --- a/core/src/main/java/org/codelibs/saml2/core/model/hsm/AzureKeyVault.java +++ b/core/src/main/java/org/codelibs/saml2/core/model/hsm/AzureKeyVault.java @@ -1,6 +1,7 @@ package org.codelibs.saml2.core.model.hsm; import java.util.HashMap; +import java.util.Map; import org.codelibs.saml2.core.util.Constants; @@ -23,7 +24,7 @@ public class AzureKeyVault extends HSM { private final String tenantId; private final String keyVaultId; private CryptographyClient akvClient; - private final HashMap algorithmMapping; + private final Map algorithmMapping; /** * Constructor to initialise an HSM object. @@ -49,8 +50,8 @@ public AzureKeyVault(final String clientId, final String clientCredentials, fina * * @return The algorithm mapping. */ - private HashMap createAlgorithmMapping() { - final HashMap mapping = new HashMap<>(); + private Map createAlgorithmMapping() { + final Map mapping = new HashMap<>(); mapping.put(Constants.RSA_1_5, KeyWrapAlgorithm.RSA1_5); mapping.put(Constants.RSA_OAEP_MGF1P, KeyWrapAlgorithm.RSA_OAEP); diff --git a/core/src/main/java/org/codelibs/saml2/core/settings/IdPMetadataParser.java b/core/src/main/java/org/codelibs/saml2/core/settings/IdPMetadataParser.java index 6f994dc..5d5a8d3 100644 --- a/core/src/main/java/org/codelibs/saml2/core/settings/IdPMetadataParser.java +++ b/core/src/main/java/org/codelibs/saml2/core/settings/IdPMetadataParser.java @@ -12,9 +12,8 @@ import org.codelibs.saml2.core.exception.XMLParsingException; import org.codelibs.saml2.core.util.Constants; import org.codelibs.saml2.core.util.Util; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; import org.w3c.dom.Document; +import org.w3c.dom.NamedNodeMap; import org.w3c.dom.Node; import org.w3c.dom.NodeList; import org.xml.sax.InputSource; @@ -40,11 +39,6 @@ */ public class IdPMetadataParser { - /** - * Private property to construct a logger for this class. - */ - private static final Logger LOGGER = LoggerFactory.getLogger(IdPMetadataParser.class); - /** * Default constructor. */ @@ -67,31 +61,32 @@ public IdPMetadataParser() { * * @return Mapped values with metadata info in Saml2Settings format */ - public static Map parseXML(final Document xmlDocument, String entityId, final String desiredNameIdFormat, + public static Map parseXML(final Document xmlDocument, final String entityId, final String desiredNameIdFormat, final String desiredSSOBinding, final String desiredSLOBinding) { final Map metadataInfo = new LinkedHashMap<>(); - String customIdPStr = ""; + String customIdpStr = ""; if (entityId != null && !entityId.isEmpty()) { - customIdPStr = "[@entityID=\"" + entityId + "\"]"; + customIdpStr = "[@entityID=\"" + entityId + "\"]"; } - final String idpDescryptorXPath = "//md:EntityDescriptor" + customIdPStr + "/md:IDPSSODescriptor"; + final String idpDescriptorXPath = "//md:EntityDescriptor" + customIdpStr + "/md:IDPSSODescriptor"; - final NodeList idpDescriptorNodes = Util.query(xmlDocument, idpDescryptorXPath); + final NodeList idpDescriptorNodes = Util.query(xmlDocument, idpDescriptorXPath); if (idpDescriptorNodes.getLength() > 0) { final Node idpDescriptorNode = idpDescriptorNodes.item(0); - if (entityId == null || entityId.isEmpty()) { - final Node entityIDNode = idpDescriptorNode.getParentNode().getAttributes().getNamedItem("entityID"); - if (entityIDNode != null) { - entityId = entityIDNode.getNodeValue(); + String resolvedEntityId = entityId; + if (resolvedEntityId == null || resolvedEntityId.isEmpty()) { + final Node entityIdNode = idpDescriptorNode.getParentNode().getAttributes().getNamedItem("entityID"); + if (entityIdNode != null) { + resolvedEntityId = entityIdNode.getNodeValue(); } } - if (entityId != null && !entityId.isEmpty()) { - metadataInfo.put(SettingsBuilder.IDP_ENTITYID_PROPERTY_KEY, entityId); + if (resolvedEntityId != null && !resolvedEntityId.isEmpty()) { + metadataInfo.put(SettingsBuilder.IDP_ENTITYID_PROPERTY_KEY, resolvedEntityId); } NodeList ssoNodes = @@ -100,10 +95,11 @@ public static Map parseXML(final Document xmlDocument, String en ssoNodes = Util.query(xmlDocument, "./md:SingleSignOnService", idpDescriptorNode); } if (ssoNodes.getLength() > 0) { + final NamedNodeMap ssoAttributes = ssoNodes.item(0).getAttributes(); metadataInfo.put(SettingsBuilder.IDP_SINGLE_SIGN_ON_SERVICE_URL_PROPERTY_KEY, - ssoNodes.item(0).getAttributes().getNamedItem("Location").getNodeValue()); + ssoAttributes.getNamedItem("Location").getNodeValue()); metadataInfo.put(SettingsBuilder.IDP_SINGLE_SIGN_ON_SERVICE_BINDING_PROPERTY_KEY, - ssoNodes.item(0).getAttributes().getNamedItem("Binding").getNodeValue()); + ssoAttributes.getNamedItem("Binding").getNodeValue()); } NodeList sloNodes = @@ -112,11 +108,12 @@ public static Map parseXML(final Document xmlDocument, String en sloNodes = Util.query(xmlDocument, "./md:SingleLogoutService", idpDescriptorNode); } if (sloNodes.getLength() > 0) { + final NamedNodeMap sloAttributes = sloNodes.item(0).getAttributes(); metadataInfo.put(SettingsBuilder.IDP_SINGLE_LOGOUT_SERVICE_URL_PROPERTY_KEY, - sloNodes.item(0).getAttributes().getNamedItem("Location").getNodeValue()); + sloAttributes.getNamedItem("Location").getNodeValue()); metadataInfo.put(SettingsBuilder.IDP_SINGLE_LOGOUT_SERVICE_BINDING_PROPERTY_KEY, - sloNodes.item(0).getAttributes().getNamedItem("Binding").getNodeValue()); - final Node responseLocationNode = sloNodes.item(0).getAttributes().getNamedItem("ResponseLocation"); + sloAttributes.getNamedItem("Binding").getNodeValue()); + final Node responseLocationNode = sloAttributes.getNamedItem("ResponseLocation"); if (responseLocationNode != null) { metadataInfo.put(SettingsBuilder.IDP_SINGLE_LOGOUT_SERVICE_RESPONSE_URL_PROPERTY_KEY, responseLocationNode.getNodeValue()); @@ -382,7 +379,7 @@ public static Map parseRemoteXML(final URL xmlURL, final String try (InputStream is = xmlURL.openStream()) { final Document xmlDocument = Util.parseXML(new InputSource(is)); return parseXML(xmlDocument, entityId, desiredNameIdFormat, desiredSSOBinding, desiredSLOBinding); - } catch (IOException e) { + } catch (final IOException e) { throw new XMLParsingException("Failed to parse a remote XML: " + xmlURL, e); } } @@ -418,7 +415,7 @@ public static Map parseRemoteXML(final URL xmlURL, final String try (InputStream is = xmlURL.openStream()) { final Document xmlDocument = Util.parseXML(new InputSource(is)); return parseXML(xmlDocument, entityId, desiredNameIdFormat, desiredSSOBinding, desiredSLOBinding, trustedSigningCert); - } catch (IOException e) { + } catch (final IOException e) { throw new XMLParsingException("Failed to parse a remote XML: " + xmlURL, e); } } diff --git a/core/src/main/java/org/codelibs/saml2/core/settings/Metadata.java b/core/src/main/java/org/codelibs/saml2/core/settings/Metadata.java index 0fbec45..f592cc9 100644 --- a/core/src/main/java/org/codelibs/saml2/core/settings/Metadata.java +++ b/core/src/main/java/org/codelibs/saml2/core/settings/Metadata.java @@ -41,7 +41,7 @@ public class Metadata { /** * AttributeConsumingService */ - private AttributeConsumingService attributeConsumingService = null; + private AttributeConsumingService attributeConsumingService; /** * Generated metadata in string format @@ -143,7 +143,7 @@ protected String postProcessXml(final String metadataXml, final Saml2Settings se private StringSubstitutor generateSubstitutor(final Saml2Settings settings) { final Map valueMap = new HashMap<>(); - final Boolean wantsEncrypted = settings.getWantAssertionsEncrypted() || settings.getWantNameIdEncrypted(); + final boolean wantsEncrypted = settings.getWantAssertionsEncrypted() || settings.getWantNameIdEncrypted(); valueMap.put("id", Util.toXml(Util.generateUniqueID(settings.getUniqueIDPrefix()))); String validUntilTimeStr = ""; @@ -170,7 +170,7 @@ private StringSubstitutor generateSubstitutor(final Saml2Settings settings) { valueMap.put("strAttributeConsumingService", getAttributeConsumingServiceXml()); - valueMap.put("strKeyDescriptor", toX509KeyDescriptorsXML(settings.getSPcert(), settings.getSPcertNew(), wantsEncrypted)); + valueMap.put("strKeyDescriptor", toX509KeyDescriptorsXml(settings.getSPcert(), settings.getSPcertNew(), wantsEncrypted)); valueMap.put("strContacts", toContactsXml(settings.getContacts())); valueMap.put("strOrganization", toOrganizationXml(settings.getOrganization())); @@ -210,18 +210,18 @@ private static StringBuilder getMetadataTemplate() { * @return the AttributeConsumingService section of the metadata's template */ private String getAttributeConsumingServiceXml() { - final StringBuilder attributeConsumingServiceXML = new StringBuilder(); + final StringBuilder attributeConsumingServiceXml = new StringBuilder(); if (attributeConsumingService != null) { final String serviceName = attributeConsumingService.getServiceName(); final String serviceDescription = attributeConsumingService.getServiceDescription(); final List requestedAttributes = attributeConsumingService.getRequestedAttributes(); - attributeConsumingServiceXML.append(""); + attributeConsumingServiceXml.append(""); if (serviceName != null && !serviceName.isEmpty()) { - attributeConsumingServiceXML.append("" + Util.toXml(serviceName) + ""); + attributeConsumingServiceXml.append("" + Util.toXml(serviceName) + ""); } if (serviceDescription != null && !serviceDescription.isEmpty()) { - attributeConsumingServiceXML + attributeConsumingServiceXml .append("" + Util.toXml(serviceDescription) + ""); } if (requestedAttributes != null && !requestedAttributes.isEmpty()) { @@ -232,40 +232,41 @@ private String getAttributeConsumingServiceXml() { final Boolean isRequired = requestedAttribute.isRequired(); final List attrValues = requestedAttribute.getAttributeValues(); - String contentStr = ""); for (final String attrValue : attrValues) { - contentStr += "" - + Util.toXml(attrValue) + ""; + contentStr.append("" + + Util.toXml(attrValue) + ""); } - attributeConsumingServiceXML.append(contentStr + ""); + contentStr.append(""); } else { - attributeConsumingServiceXML.append(contentStr + " />"); + contentStr.append(" />"); } + attributeConsumingServiceXml.append(contentStr); } } - attributeConsumingServiceXML.append(""); + attributeConsumingServiceXml.append(""); } - return attributeConsumingServiceXML.toString(); + return attributeConsumingServiceXml.toString(); } /** @@ -329,13 +330,13 @@ private String toOrganizationXml(final Organization organization) { * * @return the KeyDescriptor section of the metadata's template */ - private String toX509KeyDescriptorsXML(final X509Certificate certCurrent, final X509Certificate certNew, final Boolean wantsEncrypted) { + private String toX509KeyDescriptorsXml(final X509Certificate certCurrent, final X509Certificate certNew, final boolean wantsEncrypted) { final StringBuilder keyDescriptorXml = new StringBuilder(); + final Base64 encoder = new Base64(64); final List certs = Arrays.asList(certCurrent, certNew); for (final X509Certificate cert : certs) { if (cert != null) { - final Base64 encoder = new Base64(64); try { final byte[] encodedCert = cert.getEncoded(); final String certString = new String(encoder.encode(encodedCert)); diff --git a/core/src/main/java/org/codelibs/saml2/core/settings/Saml2Settings.java b/core/src/main/java/org/codelibs/saml2/core/settings/Saml2Settings.java index 0d938bf..3895ae1 100644 --- a/core/src/main/java/org/codelibs/saml2/core/settings/Saml2Settings.java +++ b/core/src/main/java/org/codelibs/saml2/core/settings/Saml2Settings.java @@ -4,8 +4,6 @@ import java.security.PrivateKey; import java.security.cert.X509Certificate; import java.util.ArrayList; -import java.util.HashSet; -import java.util.LinkedList; import java.util.List; import java.util.Set; @@ -42,55 +40,55 @@ public Saml2Settings() { // Toolkit settings private boolean strict = true; - private boolean debug = false; + private boolean debug; // SP private String spEntityId = ""; - private URL spAssertionConsumerServiceUrl = null; + private URL spAssertionConsumerServiceUrl; private String spAssertionConsumerServiceBinding = Constants.BINDING_HTTP_POST; - private URL spSingleLogoutServiceUrl = null; + private URL spSingleLogoutServiceUrl; private String spSingleLogoutServiceBinding = Constants.BINDING_HTTP_REDIRECT; - private String spNameIDFormat = Constants.NAMEID_UNSPECIFIED; - private X509Certificate spX509cert = null; - private X509Certificate spX509certNew = null; - private PrivateKey spPrivateKey = null; - private HSM hsm = null; - private ReplayCache replayCache = null; + private String spNameIdFormat = Constants.NAMEID_UNSPECIFIED; + private X509Certificate spX509Cert; + private X509Certificate spX509CertNew; + private PrivateKey spPrivateKey; + private HSM hsm; + private ReplayCache replayCache; // IdP private String idpEntityId = ""; - private URL idpSingleSignOnServiceUrl = null; + private URL idpSingleSignOnServiceUrl; private String idpSingleSignOnServiceBinding = Constants.BINDING_HTTP_REDIRECT; - private URL idpSingleLogoutServiceUrl = null; - private URL idpSingleLogoutServiceResponseUrl = null; + private URL idpSingleLogoutServiceUrl; + private URL idpSingleLogoutServiceResponseUrl; private String idpSingleLogoutServiceBinding = Constants.BINDING_HTTP_REDIRECT; - private X509Certificate idpx509cert = null; - private List idpx509certMulti = null; - private String idpCertFingerprint = null; + private X509Certificate idpX509Cert; + private List idpX509CertMulti; + private String idpCertFingerprint; private String idpCertFingerprintAlgorithm = "sha1"; // Security - private boolean nameIdEncrypted = false; - private boolean authnRequestsSigned = false; - private boolean logoutRequestSigned = false; - private boolean logoutResponseSigned = false; - private boolean wantMessagesSigned = false; - private boolean wantAssertionsSigned = false; - private boolean wantAssertionsEncrypted = false; + private boolean nameIdEncrypted; + private boolean authnRequestsSigned; + private boolean logoutRequestSigned; + private boolean logoutResponseSigned; + private boolean wantMessagesSigned; + private boolean wantAssertionsSigned; + private boolean wantAssertionsEncrypted; private boolean wantNameId = true; - private boolean wantNameIdEncrypted = false; - private boolean signMetadata = false; + private boolean wantNameIdEncrypted; + private boolean signMetadata; private List requestedAuthnContext = new ArrayList<>(); private String requestedAuthnContextComparison = "exact"; - private boolean wantXMLValidation = true; + private boolean wantXmlValidation = true; private String signatureAlgorithm = Constants.RSA_SHA256; private String digestAlgorithm = Constants.SHA256; private String nameIdEncryptionAlgorithm = Constants.RSA_1_5; - private Set allowedKeyTransportAlgorithms = null; - private boolean rejectUnsolicitedResponsesWithInResponseTo = false; - private boolean allowRepeatAttributeName = false; - private boolean rejectDeprecatedAlg = false; - private String uniqueIDPrefix = null; + private Set allowedKeyTransportAlgorithms; + private boolean rejectUnsolicitedResponsesWithInResponseTo; + private boolean allowRepeatAttributeName; + private boolean rejectDeprecatedAlg; + private String uniqueIdPrefix; private long clockDrift = Constants.ALLOWED_CLOCK_DRIFT; // Compress @@ -98,14 +96,14 @@ public Saml2Settings() { private boolean compressResponse = true; // Parsing - private boolean trimNameIds = false; - private boolean trimAttributeValues = false; + private boolean trimNameIds; + private boolean trimAttributeValues; // Misc - private List contacts = new LinkedList<>(); - private Organization organization = null; + private List contacts = new ArrayList<>(); + private Organization organization; - private boolean spValidationOnly = false; + private boolean spValidationOnly; /** * Returns whether strict mode is enabled. @@ -164,10 +162,10 @@ public final String getSpSingleLogoutServiceBinding() { /** * Returns the Service Provider NameID format. * - * @return the spNameIDFormat setting value + * @return the spNameIdFormat setting value */ public final String getSpNameIDFormat() { - return spNameIDFormat; + return spNameIdFormat; } /** @@ -191,19 +189,19 @@ public boolean getRejectDeprecatedAlg() { /** * Returns the Service Provider X.509 certificate. * - * @return the spX509cert setting value + * @return the spX509Cert setting value */ public final X509Certificate getSPcert() { - return spX509cert; + return spX509Cert; } /** * Returns the new Service Provider X.509 certificate used for certificate rollover. * - * @return the spX509certNew setting value + * @return the spX509CertNew setting value */ public final X509Certificate getSPcertNew() { - return spX509certNew; + return spX509CertNew; } /** @@ -276,10 +274,10 @@ public final String getIdpSingleLogoutServiceBinding() { /** * Returns the Identity Provider X.509 certificate. * - * @return the idpx509cert setting value + * @return the idpX509Cert setting value */ public final X509Certificate getIdpx509cert() { - return idpx509cert; + return idpX509Cert; } /** @@ -309,10 +307,10 @@ public final String getIdpCertFingerprintAlgorithm() { /** * Returns the list of additional Identity Provider X.509 certificates. * - * @return the idpx509certMulti setting value + * @return the idpX509CertMulti setting value */ public List getIdpx509certMulti() { - return idpx509certMulti; + return idpX509CertMulti; } /** @@ -435,10 +433,10 @@ public String getRequestedAuthnContextComparison() { /** * Returns whether XML schema validation is performed on SAML messages. * - * @return the wantXMLValidation setting value + * @return the wantXmlValidation setting value */ public boolean getWantXMLValidation() { - return wantXMLValidation; + return wantXmlValidation; } /** @@ -494,7 +492,7 @@ public Organization getOrganization() { * @return Unique ID prefix */ public String getUniqueIDPrefix() { - return this.uniqueIDPrefix; + return this.uniqueIdPrefix; } /** @@ -641,7 +639,7 @@ protected final void setSpSingleLogoutServiceBinding(final String spSingleLogout * the spNameIDFormat value to be set */ protected final void setSpNameIDFormat(final String spNameIDFormat) { - this.spNameIDFormat = spNameIDFormat; + this.spNameIdFormat = spNameIDFormat; } /** @@ -671,7 +669,7 @@ public void setRejectDeprecatedAlg(final boolean rejectDeprecatedAlg) { * the spX509cert value to be set in X509Certificate format */ protected final void setSpX509cert(final X509Certificate spX509cert) { - this.spX509cert = spX509cert; + this.spX509Cert = spX509cert; } /** @@ -681,7 +679,7 @@ protected final void setSpX509cert(final X509Certificate spX509cert) { * the spX509certNew value to be set in X509Certificate format */ protected final void setSpX509certNew(final X509Certificate spX509certNew) { - this.spX509certNew = spX509certNew; + this.spX509CertNew = spX509certNew; } /** @@ -701,7 +699,7 @@ protected final void setSpPrivateKey(final PrivateKey spPrivateKey) { * the Unique ID prefix used when generating Unique ID */ protected final void setUniqueIDPrefix(final String uniqueIDPrefix) { - this.uniqueIDPrefix = uniqueIDPrefix; + this.uniqueIdPrefix = uniqueIDPrefix; } /** @@ -771,7 +769,7 @@ protected final void setIdpSingleLogoutServiceBinding(final String idpSingleLogo * the idpX509cert value to be set in X509Certificate format */ protected final void setIdpx509cert(final X509Certificate idpX509cert) { - this.idpx509cert = idpX509cert; + this.idpX509Cert = idpX509cert; } /** @@ -811,7 +809,7 @@ protected final void setIdpCertFingerprintAlgorithm(final String idpCertFingerpr * @param idpx509certMulti the idpx509certMulti to set */ public void setIdpx509certMulti(final List idpx509certMulti) { - this.idpx509certMulti = idpx509certMulti; + this.idpX509CertMulti = idpx509certMulti; } /** @@ -943,7 +941,7 @@ public void setRequestedAuthnContextComparison(final String requestedAuthnContex * the wantXMLValidation value to be set. Based on it the SP will validate SAML messages against the XML scheme */ public void setWantXMLValidation(final boolean wantXMLValidation) { - this.wantXMLValidation = wantXMLValidation; + this.wantXmlValidation = wantXMLValidation; } /** @@ -1188,13 +1186,15 @@ public List checkIdPSettings() { LOGGER.warn(errorMsg); } - if (!checkIdpx509certRequired() && !checkRequired(this.getIdpCertFingerprint())) { + final boolean idpx509certRequired = checkIdpx509certRequired(); + + if (!idpx509certRequired && !checkRequired(this.getIdpCertFingerprint())) { errorMsg = "idp_cert_or_fingerprint_not_found_and_required"; errors.add(errorMsg); LOGGER.warn(errorMsg); } - if (!checkIdpx509certRequired() && this.getNameIdEncrypted()) { + if (!idpx509certRequired && this.getNameIdEncrypted()) { errorMsg = "idp_cert_not_found_and_required"; errors.add(errorMsg); LOGGER.warn(errorMsg); @@ -1246,12 +1246,8 @@ public List checkSPSettings() { final List contacts = this.getContacts(); if (!contacts.isEmpty()) { - final Set validTypes = new HashSet<>(); - validTypes.add(Constants.CONTACT_TYPE_TECHNICAL); - validTypes.add(Constants.CONTACT_TYPE_SUPPORT); - validTypes.add(Constants.CONTACT_TYPE_ADMINISTRATIVE); - validTypes.add(Constants.CONTACT_TYPE_BILLING); - validTypes.add(Constants.CONTACT_TYPE_OTHER); + final Set validTypes = Set.of(Constants.CONTACT_TYPE_TECHNICAL, Constants.CONTACT_TYPE_SUPPORT, + Constants.CONTACT_TYPE_ADMINISTRATIVE, Constants.CONTACT_TYPE_BILLING, Constants.CONTACT_TYPE_OTHER); for (final Contact contact : contacts) { if (!validTypes.contains(contact.getContactType())) { errorMsg = "contact_type_invalid"; @@ -1295,7 +1291,7 @@ public boolean checkSPCerts() { final X509Certificate cert = getSPcert(); final PrivateKey key = getSPkey(); - return (cert != null && key != null); + return cert != null && key != null; } /** @@ -1308,7 +1304,7 @@ public boolean checkSPCerts() { * @return true if the SP settings are valid */ private boolean checkRequired(final Object value) { - if ((value == null) || (value instanceof String s && s.isEmpty())) { + if (value == null || (value instanceof String s && s.isEmpty())) { return false; } @@ -1344,12 +1340,11 @@ public boolean getSPValidationOnly() { * */ public String getSPMetadata() { - final Metadata metadataObj = new Metadata(this); - String metadataString = metadataObj.getMetadataString(); + final Metadata metadata = new Metadata(this); + String metadataString = metadata.getMetadataString(); // Check if must be signed - final boolean signMetadata = this.getSignMetadata(); - if (signMetadata) { + if (getSignMetadata()) { // Note: Currently only SP privateKey/certificate are supported for metadata signing. // Future enhancement: Support signing with custom key/certificate pairs for more flexible // key management scenarios (e.g., separate metadata signing keys, key rotation). diff --git a/core/src/main/java/org/codelibs/saml2/core/settings/SettingsBuilder.java b/core/src/main/java/org/codelibs/saml2/core/settings/SettingsBuilder.java index b3d317a..d2f387f 100644 --- a/core/src/main/java/org/codelibs/saml2/core/settings/SettingsBuilder.java +++ b/core/src/main/java/org/codelibs/saml2/core/settings/SettingsBuilder.java @@ -65,136 +65,136 @@ public SettingsBuilder() { /** * Saml2Settings object */ - private Saml2Settings saml2Setting; + private Saml2Settings saml2Settings; /** Property key for the strict mode flag ({@code onelogin.saml2.strict}). */ - public final static String STRICT_PROPERTY_KEY = "onelogin.saml2.strict"; + public static final String STRICT_PROPERTY_KEY = "onelogin.saml2.strict"; /** Property key for the debug mode flag ({@code onelogin.saml2.debug}). */ - public final static String DEBUG_PROPERTY_KEY = "onelogin.saml2.debug"; + public static final String DEBUG_PROPERTY_KEY = "onelogin.saml2.debug"; // SP /** Property key for the SP entity ID ({@code onelogin.saml2.sp.entityid}). */ - public final static String SP_ENTITYID_PROPERTY_KEY = "onelogin.saml2.sp.entityid"; + public static final String SP_ENTITYID_PROPERTY_KEY = "onelogin.saml2.sp.entityid"; /** Property key for the SP Assertion Consumer Service URL ({@code onelogin.saml2.sp.assertion_consumer_service.url}). */ - public final static String SP_ASSERTION_CONSUMER_SERVICE_URL_PROPERTY_KEY = "onelogin.saml2.sp.assertion_consumer_service.url"; + public static final String SP_ASSERTION_CONSUMER_SERVICE_URL_PROPERTY_KEY = "onelogin.saml2.sp.assertion_consumer_service.url"; /** Property key for the SP Assertion Consumer Service binding ({@code onelogin.saml2.sp.assertion_consumer_service.binding}). */ - public final static String SP_ASSERTION_CONSUMER_SERVICE_BINDING_PROPERTY_KEY = "onelogin.saml2.sp.assertion_consumer_service.binding"; + public static final String SP_ASSERTION_CONSUMER_SERVICE_BINDING_PROPERTY_KEY = "onelogin.saml2.sp.assertion_consumer_service.binding"; /** Property key for the SP Single Logout Service URL ({@code onelogin.saml2.sp.single_logout_service.url}). */ - public final static String SP_SINGLE_LOGOUT_SERVICE_URL_PROPERTY_KEY = "onelogin.saml2.sp.single_logout_service.url"; + public static final String SP_SINGLE_LOGOUT_SERVICE_URL_PROPERTY_KEY = "onelogin.saml2.sp.single_logout_service.url"; /** Property key for the SP Single Logout Service binding ({@code onelogin.saml2.sp.single_logout_service.binding}). */ - public final static String SP_SINGLE_LOGOUT_SERVICE_BINDING_PROPERTY_KEY = "onelogin.saml2.sp.single_logout_service.binding"; + public static final String SP_SINGLE_LOGOUT_SERVICE_BINDING_PROPERTY_KEY = "onelogin.saml2.sp.single_logout_service.binding"; /** Property key for the SP NameID format ({@code onelogin.saml2.sp.nameidformat}). */ - public final static String SP_NAMEIDFORMAT_PROPERTY_KEY = "onelogin.saml2.sp.nameidformat"; + public static final String SP_NAMEIDFORMAT_PROPERTY_KEY = "onelogin.saml2.sp.nameidformat"; /** Property key for the SP X.509 certificate ({@code onelogin.saml2.sp.x509cert}). */ - public final static String SP_X509CERT_PROPERTY_KEY = "onelogin.saml2.sp.x509cert"; + public static final String SP_X509CERT_PROPERTY_KEY = "onelogin.saml2.sp.x509cert"; /** Property key for the SP private key ({@code onelogin.saml2.sp.privatekey}). */ - public final static String SP_PRIVATEKEY_PROPERTY_KEY = "onelogin.saml2.sp.privatekey"; + public static final String SP_PRIVATEKEY_PROPERTY_KEY = "onelogin.saml2.sp.privatekey"; /** Property key for the SP new X.509 certificate used during certificate rotation ({@code onelogin.saml2.sp.x509certNew}). */ - public final static String SP_X509CERTNEW_PROPERTY_KEY = "onelogin.saml2.sp.x509certNew"; + public static final String SP_X509CERTNEW_PROPERTY_KEY = "onelogin.saml2.sp.x509certNew"; /** Property key prefix for SP contact entries ({@code onelogin.saml2.sp.contact}). */ - public final static String SP_CONTACT_PROPERTY_KEY_PREFIX = "onelogin.saml2.sp.contact"; + public static final String SP_CONTACT_PROPERTY_KEY_PREFIX = "onelogin.saml2.sp.contact"; /** Property key suffix for the SP contact type ({@code contactType}). */ - public final static String SP_CONTACT_CONTACT_TYPE_PROPERTY_KEY_SUFFIX = "contactType"; + public static final String SP_CONTACT_CONTACT_TYPE_PROPERTY_KEY_SUFFIX = "contactType"; /** Property key suffix for the SP contact company name ({@code company}). */ - public final static String SP_CONTACT_COMPANY_PROPERTY_KEY_SUFFIX = "company"; + public static final String SP_CONTACT_COMPANY_PROPERTY_KEY_SUFFIX = "company"; /** Property key suffix for the SP contact given name ({@code given_name}). */ - public final static String SP_CONTACT_GIVEN_NAME_PROPERTY_KEY_SUFFIX = "given_name"; + public static final String SP_CONTACT_GIVEN_NAME_PROPERTY_KEY_SUFFIX = "given_name"; /** Property key suffix for the SP contact surname ({@code sur_name}). */ - public final static String SP_CONTACT_SUR_NAME_PROPERTY_KEY_SUFFIX = "sur_name"; + public static final String SP_CONTACT_SUR_NAME_PROPERTY_KEY_SUFFIX = "sur_name"; /** Property key prefix for the SP contact e-mail addresses ({@code email_address}). */ - public final static String SP_CONTACT_EMAIL_ADDRESS_PROPERTY_KEY_PREFIX = "email_address"; + public static final String SP_CONTACT_EMAIL_ADDRESS_PROPERTY_KEY_PREFIX = "email_address"; /** Property key prefix for the SP contact telephone numbers ({@code telephone_number}). */ - public final static String SP_CONTACT_TELEPHONE_NUMBER_PROPERTY_KEY_PREFIX = "telephone_number"; + public static final String SP_CONTACT_TELEPHONE_NUMBER_PROPERTY_KEY_PREFIX = "telephone_number"; // KeyStore /** Property key for the KeyStore instance holding the SP keys ({@code onelogin.saml2.keystore.store}). */ - public final static String KEYSTORE_KEY = "onelogin.saml2.keystore.store"; + public static final String KEYSTORE_KEY = "onelogin.saml2.keystore.store"; /** Property key for the KeyStore alias of the SP entry ({@code onelogin.saml2.keystore.alias}). */ - public final static String KEYSTORE_ALIAS = "onelogin.saml2.keystore.alias"; + public static final String KEYSTORE_ALIAS = "onelogin.saml2.keystore.alias"; /** Property key for the KeyStore key password ({@code onelogin.saml2.keystore.key.password}). */ - public final static String KEYSTORE_KEY_PASSWORD = "onelogin.saml2.keystore.key.password"; + public static final String KEYSTORE_KEY_PASSWORD = "onelogin.saml2.keystore.key.password"; // IDP /** Property key for the IdP entity ID ({@code onelogin.saml2.idp.entityid}). */ - public final static String IDP_ENTITYID_PROPERTY_KEY = "onelogin.saml2.idp.entityid"; + public static final String IDP_ENTITYID_PROPERTY_KEY = "onelogin.saml2.idp.entityid"; /** Property key for the IdP Single Sign-On Service URL ({@code onelogin.saml2.idp.single_sign_on_service.url}). */ - public final static String IDP_SINGLE_SIGN_ON_SERVICE_URL_PROPERTY_KEY = "onelogin.saml2.idp.single_sign_on_service.url"; + public static final String IDP_SINGLE_SIGN_ON_SERVICE_URL_PROPERTY_KEY = "onelogin.saml2.idp.single_sign_on_service.url"; /** Property key for the IdP Single Sign-On Service binding ({@code onelogin.saml2.idp.single_sign_on_service.binding}). */ - public final static String IDP_SINGLE_SIGN_ON_SERVICE_BINDING_PROPERTY_KEY = "onelogin.saml2.idp.single_sign_on_service.binding"; + public static final String IDP_SINGLE_SIGN_ON_SERVICE_BINDING_PROPERTY_KEY = "onelogin.saml2.idp.single_sign_on_service.binding"; /** Property key for the IdP Single Logout Service URL ({@code onelogin.saml2.idp.single_logout_service.url}). */ - public final static String IDP_SINGLE_LOGOUT_SERVICE_URL_PROPERTY_KEY = "onelogin.saml2.idp.single_logout_service.url"; + public static final String IDP_SINGLE_LOGOUT_SERVICE_URL_PROPERTY_KEY = "onelogin.saml2.idp.single_logout_service.url"; /** Property key for the IdP Single Logout Service response URL ({@code onelogin.saml2.idp.single_logout_service.response.url}). */ - public final static String IDP_SINGLE_LOGOUT_SERVICE_RESPONSE_URL_PROPERTY_KEY = + public static final String IDP_SINGLE_LOGOUT_SERVICE_RESPONSE_URL_PROPERTY_KEY = "onelogin.saml2.idp.single_logout_service.response.url"; /** Property key for the IdP Single Logout Service binding ({@code onelogin.saml2.idp.single_logout_service.binding}). */ - public final static String IDP_SINGLE_LOGOUT_SERVICE_BINDING_PROPERTY_KEY = "onelogin.saml2.idp.single_logout_service.binding"; + public static final String IDP_SINGLE_LOGOUT_SERVICE_BINDING_PROPERTY_KEY = "onelogin.saml2.idp.single_logout_service.binding"; /** Property key for the IdP X.509 certificate ({@code onelogin.saml2.idp.x509cert}). */ - public final static String IDP_X509CERT_PROPERTY_KEY = "onelogin.saml2.idp.x509cert"; + public static final String IDP_X509CERT_PROPERTY_KEY = "onelogin.saml2.idp.x509cert"; /** Property key prefix for multiple IdP X.509 certificates ({@code onelogin.saml2.idp.x509certMulti}). */ - public final static String IDP_X509CERTMULTI_PROPERTY_KEY = "onelogin.saml2.idp.x509certMulti"; + public static final String IDP_X509CERTMULTI_PROPERTY_KEY = "onelogin.saml2.idp.x509certMulti"; /** Property key for the IdP certificate fingerprint ({@code onelogin.saml2.idp.certfingerprint}). */ - public final static String CERTFINGERPRINT_PROPERTY_KEY = "onelogin.saml2.idp.certfingerprint"; + public static final String CERTFINGERPRINT_PROPERTY_KEY = "onelogin.saml2.idp.certfingerprint"; /** Property key for the IdP certificate fingerprint algorithm ({@code onelogin.saml2.idp.certfingerprint_algorithm}). */ - public final static String CERTFINGERPRINT_ALGORITHM_PROPERTY_KEY = "onelogin.saml2.idp.certfingerprint_algorithm"; + public static final String CERTFINGERPRINT_ALGORITHM_PROPERTY_KEY = "onelogin.saml2.idp.certfingerprint_algorithm"; // Security /** Property key controlling whether the NameID is encrypted ({@code onelogin.saml2.security.nameid_encrypted}). */ - public final static String SECURITY_NAMEID_ENCRYPTED = "onelogin.saml2.security.nameid_encrypted"; + public static final String SECURITY_NAMEID_ENCRYPTED = "onelogin.saml2.security.nameid_encrypted"; /** Property key controlling whether AuthnRequests are signed ({@code onelogin.saml2.security.authnrequest_signed}). */ - public final static String SECURITY_AUTHREQUEST_SIGNED = "onelogin.saml2.security.authnrequest_signed"; + public static final String SECURITY_AUTHREQUEST_SIGNED = "onelogin.saml2.security.authnrequest_signed"; /** Property key controlling whether LogoutRequests are signed ({@code onelogin.saml2.security.logoutrequest_signed}). */ - public final static String SECURITY_LOGOUTREQUEST_SIGNED = "onelogin.saml2.security.logoutrequest_signed"; + public static final String SECURITY_LOGOUTREQUEST_SIGNED = "onelogin.saml2.security.logoutrequest_signed"; /** Property key controlling whether LogoutResponses are signed ({@code onelogin.saml2.security.logoutresponse_signed}). */ - public final static String SECURITY_LOGOUTRESPONSE_SIGNED = "onelogin.saml2.security.logoutresponse_signed"; + public static final String SECURITY_LOGOUTRESPONSE_SIGNED = "onelogin.saml2.security.logoutresponse_signed"; /** Property key controlling whether received messages must be signed ({@code onelogin.saml2.security.want_messages_signed}). */ - public final static String SECURITY_WANT_MESSAGES_SIGNED = "onelogin.saml2.security.want_messages_signed"; + public static final String SECURITY_WANT_MESSAGES_SIGNED = "onelogin.saml2.security.want_messages_signed"; /** Property key controlling whether received assertions must be signed ({@code onelogin.saml2.security.want_assertions_signed}). */ - public final static String SECURITY_WANT_ASSERTIONS_SIGNED = "onelogin.saml2.security.want_assertions_signed"; + public static final String SECURITY_WANT_ASSERTIONS_SIGNED = "onelogin.saml2.security.want_assertions_signed"; /** Property key controlling whether received assertions must be encrypted ({@code onelogin.saml2.security.want_assertions_encrypted}). */ - public final static String SECURITY_WANT_ASSERTIONS_ENCRYPTED = "onelogin.saml2.security.want_assertions_encrypted"; + public static final String SECURITY_WANT_ASSERTIONS_ENCRYPTED = "onelogin.saml2.security.want_assertions_encrypted"; /** Property key controlling whether a NameID is required in responses ({@code onelogin.saml2.security.want_nameid}). */ - public final static String SECURITY_WANT_NAMEID = "onelogin.saml2.security.want_nameid"; + public static final String SECURITY_WANT_NAMEID = "onelogin.saml2.security.want_nameid"; /** Property key controlling whether the received NameID must be encrypted ({@code onelogin.saml2.security.want_nameid_encrypted}). */ - public final static String SECURITY_WANT_NAMEID_ENCRYPTED = "onelogin.saml2.security.want_nameid_encrypted"; + public static final String SECURITY_WANT_NAMEID_ENCRYPTED = "onelogin.saml2.security.want_nameid_encrypted"; /** Property key controlling whether the SP metadata is signed ({@code onelogin.saml2.security.sign_metadata}). */ - public final static String SECURITY_SIGN_METADATA = "onelogin.saml2.security.sign_metadata"; + public static final String SECURITY_SIGN_METADATA = "onelogin.saml2.security.sign_metadata"; /** Property key for the requested authentication context(s) ({@code onelogin.saml2.security.requested_authncontext}). */ - public final static String SECURITY_REQUESTED_AUTHNCONTEXT = "onelogin.saml2.security.requested_authncontext"; + public static final String SECURITY_REQUESTED_AUTHNCONTEXT = "onelogin.saml2.security.requested_authncontext"; /** Property key for the requested authentication context comparison ({@code onelogin.saml2.security.requested_authncontextcomparison}). */ - public final static String SECURITY_REQUESTED_AUTHNCONTEXTCOMPARISON = "onelogin.saml2.security.requested_authncontextcomparison"; + public static final String SECURITY_REQUESTED_AUTHNCONTEXTCOMPARISON = "onelogin.saml2.security.requested_authncontextcomparison"; /** Property key controlling whether XML schema validation is performed ({@code onelogin.saml2.security.want_xml_validation}). */ - public final static String SECURITY_WANT_XML_VALIDATION = "onelogin.saml2.security.want_xml_validation"; + public static final String SECURITY_WANT_XML_VALIDATION = "onelogin.saml2.security.want_xml_validation"; /** Property key for the signature algorithm used when signing ({@code onelogin.saml2.security.signature_algorithm}). */ - public final static String SECURITY_SIGNATURE_ALGORITHM = "onelogin.saml2.security.signature_algorithm"; + public static final String SECURITY_SIGNATURE_ALGORITHM = "onelogin.saml2.security.signature_algorithm"; /** Property key for the digest algorithm used when signing ({@code onelogin.saml2.security.digest_algorithm}). */ - public final static String SECURITY_DIGEST_ALGORITHM = "onelogin.saml2.security.digest_algorithm"; + public static final String SECURITY_DIGEST_ALGORITHM = "onelogin.saml2.security.digest_algorithm"; /** Property key for the key transport algorithm used to encrypt the NameID ({@code onelogin.saml2.security.nameid_encryption_algorithm}). */ - public final static String SECURITY_NAMEID_ENCRYPTION_ALGORITHM = "onelogin.saml2.security.nameid_encryption_algorithm"; + public static final String SECURITY_NAMEID_ENCRYPTION_ALGORITHM = "onelogin.saml2.security.nameid_encryption_algorithm"; /** Property key for the comma-separated allow-list of key transport algorithms accepted on decrypt ({@code onelogin.saml2.security.allowed_key_transport_algorithms}). */ - public final static String SECURITY_ALLOWED_KEY_TRANSPORT_ALGORITHMS = "onelogin.saml2.security.allowed_key_transport_algorithms"; + public static final String SECURITY_ALLOWED_KEY_TRANSPORT_ALGORITHMS = "onelogin.saml2.security.allowed_key_transport_algorithms"; /** Property key controlling whether unsolicited responses with an InResponseTo attribute are rejected ({@code onelogin.saml2.security.reject_unsolicited_responses_with_inresponseto}). */ - public final static String SECURITY_REJECT_UNSOLICITED_RESPONSES_WITH_INRESPONSETO = + public static final String SECURITY_REJECT_UNSOLICITED_RESPONSES_WITH_INRESPONSETO = "onelogin.saml2.security.reject_unsolicited_responses_with_inresponseto"; /** Property key controlling whether duplicated attribute names are allowed ({@code onelogin.saml2.security.allow_duplicated_attribute_name}). */ - public final static String SECURITY_ALLOW_REPEAT_ATTRIBUTE_NAME_PROPERTY_KEY = + public static final String SECURITY_ALLOW_REPEAT_ATTRIBUTE_NAME_PROPERTY_KEY = "onelogin.saml2.security.allow_duplicated_attribute_name"; /** Property key controlling whether deprecated cryptographic algorithms are rejected ({@code onelogin.saml2.security.reject_deprecated_alg}). */ - public final static String SECURITY_REJECT_DEPRECATED_ALGORITHM = "onelogin.saml2.security.reject_deprecated_alg"; + public static final String SECURITY_REJECT_DEPRECATED_ALGORITHM = "onelogin.saml2.security.reject_deprecated_alg"; // Compress /** Property key controlling whether outgoing requests are compressed ({@code onelogin.saml2.compress.request}). */ - public final static String COMPRESS_REQUEST = "onelogin.saml2.compress.request"; + public static final String COMPRESS_REQUEST = "onelogin.saml2.compress.request"; /** Property key controlling whether outgoing responses are compressed ({@code onelogin.saml2.compress.response}). */ - public final static String COMPRESS_RESPONSE = "onelogin.saml2.compress.response"; + public static final String COMPRESS_RESPONSE = "onelogin.saml2.compress.response"; // Parsing /** Property key controlling whether NameID values are trimmed during parsing ({@code onelogin.saml2.parsing.trim_name_ids}). */ - public final static String PARSING_TRIM_NAME_IDS = "onelogin.saml2.parsing.trim_name_ids"; + public static final String PARSING_TRIM_NAME_IDS = "onelogin.saml2.parsing.trim_name_ids"; /** Property key controlling whether attribute values are trimmed during parsing ({@code onelogin.saml2.parsing.trim_attribute_values}). */ - public final static String PARSING_TRIM_ATTRIBUTE_VALUES = "onelogin.saml2.parsing.trim_attribute_values"; + public static final String PARSING_TRIM_ATTRIBUTE_VALUES = "onelogin.saml2.parsing.trim_attribute_values"; // Misc /** @@ -203,39 +203,39 @@ public SettingsBuilder() { * @deprecated use the indexed {@code onelogin.saml2.sp.contact} properties instead */ @Deprecated - public final static String CONTACT_TECHNICAL_GIVEN_NAME = "onelogin.saml2.contacts.technical.given_name"; + public static final String CONTACT_TECHNICAL_GIVEN_NAME = "onelogin.saml2.contacts.technical.given_name"; /** * Property key for the legacy technical contact e-mail address ({@code onelogin.saml2.contacts.technical.email_address}). * * @deprecated use the indexed {@code onelogin.saml2.sp.contact} properties instead */ @Deprecated - public final static String CONTACT_TECHNICAL_EMAIL_ADDRESS = "onelogin.saml2.contacts.technical.email_address"; + public static final String CONTACT_TECHNICAL_EMAIL_ADDRESS = "onelogin.saml2.contacts.technical.email_address"; /** * Property key for the legacy support contact given name ({@code onelogin.saml2.contacts.support.given_name}). * * @deprecated use the indexed {@code onelogin.saml2.sp.contact} properties instead */ @Deprecated - public final static String CONTACT_SUPPORT_GIVEN_NAME = "onelogin.saml2.contacts.support.given_name"; + public static final String CONTACT_SUPPORT_GIVEN_NAME = "onelogin.saml2.contacts.support.given_name"; /** * Property key for the legacy support contact e-mail address ({@code onelogin.saml2.contacts.support.email_address}). * * @deprecated use the indexed {@code onelogin.saml2.sp.contact} properties instead */ @Deprecated - public final static String CONTACT_SUPPORT_EMAIL_ADDRESS = "onelogin.saml2.contacts.support.email_address"; + public static final String CONTACT_SUPPORT_EMAIL_ADDRESS = "onelogin.saml2.contacts.support.email_address"; /** Property key for the organization name ({@code onelogin.saml2.organization.name}). */ - public final static String ORGANIZATION_NAME = "onelogin.saml2.organization.name"; + public static final String ORGANIZATION_NAME = "onelogin.saml2.organization.name"; /** Property key for the organization display name ({@code onelogin.saml2.organization.displayname}). */ - public final static String ORGANIZATION_DISPLAYNAME = "onelogin.saml2.organization.displayname"; + public static final String ORGANIZATION_DISPLAYNAME = "onelogin.saml2.organization.displayname"; /** Property key for the organization URL ({@code onelogin.saml2.organization.url}). */ - public final static String ORGANIZATION_URL = "onelogin.saml2.organization.url"; + public static final String ORGANIZATION_URL = "onelogin.saml2.organization.url"; /** Property key for the organization language ({@code onelogin.saml2.organization.lang}). */ - public final static String ORGANIZATION_LANG = "onelogin.saml2.organization.lang"; + public static final String ORGANIZATION_LANG = "onelogin.saml2.organization.lang"; /** Property key for the prefix used to generate unique IDs ({@code onelogin.saml2.unique_id_prefix}). */ - public final static String UNIQUE_ID_PREFIX_PROPERTY_KEY = "onelogin.saml2.unique_id_prefix"; + public static final String UNIQUE_ID_PREFIX_PROPERTY_KEY = "onelogin.saml2.unique_id_prefix"; /** * Load settings from the file @@ -350,7 +350,7 @@ public Saml2Settings build() { */ public Saml2Settings build(final Saml2Settings saml2Setting) { - this.saml2Setting = saml2Setting; + this.saml2Settings = saml2Setting; final Boolean strict = loadBooleanProperty(STRICT_PROPERTY_KEY); if (strict != null) { @@ -378,7 +378,7 @@ public Saml2Settings build(final Saml2Settings saml2Setting) { saml2Setting.setOrganization(org); } - final String uniqueIdPrefix = loadUniqueIDPrefix(); + final String uniqueIdPrefix = loadUniqueIdPrefix(); if (StringUtils.isNotEmpty(uniqueIdPrefix)) { saml2Setting.setUniqueIDPrefix(uniqueIdPrefix); } else if (saml2Setting.getUniqueIDPrefix() == null) { @@ -398,54 +398,54 @@ public Saml2Settings build(final Saml2Settings saml2Setting) { * Loads the IdP settings from the properties file */ private void loadIdpSetting() { - final String idpEntityID = loadStringProperty(IDP_ENTITYID_PROPERTY_KEY); - if (idpEntityID != null) { - saml2Setting.setIdpEntityId(idpEntityID); + final String idpEntityId = loadStringProperty(IDP_ENTITYID_PROPERTY_KEY); + if (idpEntityId != null) { + saml2Settings.setIdpEntityId(idpEntityId); } final URL idpSingleSignOnServiceUrl = loadURLProperty(IDP_SINGLE_SIGN_ON_SERVICE_URL_PROPERTY_KEY); if (idpSingleSignOnServiceUrl != null) { - saml2Setting.setIdpSingleSignOnServiceUrl(idpSingleSignOnServiceUrl); + saml2Settings.setIdpSingleSignOnServiceUrl(idpSingleSignOnServiceUrl); } final String idpSingleSignOnServiceBinding = loadStringProperty(IDP_SINGLE_SIGN_ON_SERVICE_BINDING_PROPERTY_KEY); if (idpSingleSignOnServiceBinding != null) { - saml2Setting.setIdpSingleSignOnServiceBinding(idpSingleSignOnServiceBinding); + saml2Settings.setIdpSingleSignOnServiceBinding(idpSingleSignOnServiceBinding); } final URL idpSingleLogoutServiceUrl = loadURLProperty(IDP_SINGLE_LOGOUT_SERVICE_URL_PROPERTY_KEY); if (idpSingleLogoutServiceUrl != null) { - saml2Setting.setIdpSingleLogoutServiceUrl(idpSingleLogoutServiceUrl); + saml2Settings.setIdpSingleLogoutServiceUrl(idpSingleLogoutServiceUrl); } final URL idpSingleLogoutServiceResponseUrl = loadURLProperty(IDP_SINGLE_LOGOUT_SERVICE_RESPONSE_URL_PROPERTY_KEY); if (idpSingleLogoutServiceResponseUrl != null) { - saml2Setting.setIdpSingleLogoutServiceResponseUrl(idpSingleLogoutServiceResponseUrl); + saml2Settings.setIdpSingleLogoutServiceResponseUrl(idpSingleLogoutServiceResponseUrl); } final String idpSingleLogoutServiceBinding = loadStringProperty(IDP_SINGLE_LOGOUT_SERVICE_BINDING_PROPERTY_KEY); if (idpSingleLogoutServiceBinding != null) { - saml2Setting.setIdpSingleLogoutServiceBinding(idpSingleLogoutServiceBinding); + saml2Settings.setIdpSingleLogoutServiceBinding(idpSingleLogoutServiceBinding); } - final List idpX509certMulti = loadCertificateListFromProp(IDP_X509CERTMULTI_PROPERTY_KEY); - if (idpX509certMulti != null) { - saml2Setting.setIdpx509certMulti(idpX509certMulti); + final List idpX509CertMulti = loadCertificateListFromProp(IDP_X509CERTMULTI_PROPERTY_KEY); + if (idpX509CertMulti != null) { + saml2Settings.setIdpx509certMulti(idpX509CertMulti); } - final X509Certificate idpX509cert = loadCertificateFromProp(IDP_X509CERT_PROPERTY_KEY); - if (idpX509cert != null) { - saml2Setting.setIdpx509cert(idpX509cert); + final X509Certificate idpX509Cert = loadCertificateFromProp(IDP_X509CERT_PROPERTY_KEY); + if (idpX509Cert != null) { + saml2Settings.setIdpx509cert(idpX509Cert); } final String idpCertFingerprint = loadStringProperty(CERTFINGERPRINT_PROPERTY_KEY); if (idpCertFingerprint != null) { - saml2Setting.setIdpCertFingerprint(idpCertFingerprint); + saml2Settings.setIdpCertFingerprint(idpCertFingerprint); } final String idpCertFingerprintAlgorithm = loadStringProperty(CERTFINGERPRINT_ALGORITHM_PROPERTY_KEY); - if (idpCertFingerprintAlgorithm != null && !idpCertFingerprintAlgorithm.isEmpty()) { - saml2Setting.setIdpCertFingerprintAlgorithm(idpCertFingerprintAlgorithm); + if (StringUtils.isNotEmpty(idpCertFingerprintAlgorithm)) { + saml2Settings.setIdpCertFingerprintAlgorithm(idpCertFingerprintAlgorithm); } } @@ -455,82 +455,82 @@ private void loadIdpSetting() { private void loadSecuritySetting() { final Boolean nameIdEncrypted = loadBooleanProperty(SECURITY_NAMEID_ENCRYPTED); if (nameIdEncrypted != null) { - saml2Setting.setNameIdEncrypted(nameIdEncrypted); + saml2Settings.setNameIdEncrypted(nameIdEncrypted); } final Boolean authnRequestsSigned = loadBooleanProperty(SECURITY_AUTHREQUEST_SIGNED); if (authnRequestsSigned != null) { - saml2Setting.setAuthnRequestsSigned(authnRequestsSigned); + saml2Settings.setAuthnRequestsSigned(authnRequestsSigned); } final Boolean logoutRequestSigned = loadBooleanProperty(SECURITY_LOGOUTREQUEST_SIGNED); if (logoutRequestSigned != null) { - saml2Setting.setLogoutRequestSigned(logoutRequestSigned); + saml2Settings.setLogoutRequestSigned(logoutRequestSigned); } final Boolean logoutResponseSigned = loadBooleanProperty(SECURITY_LOGOUTRESPONSE_SIGNED); if (logoutResponseSigned != null) { - saml2Setting.setLogoutResponseSigned(logoutResponseSigned); + saml2Settings.setLogoutResponseSigned(logoutResponseSigned); } final Boolean wantMessagesSigned = loadBooleanProperty(SECURITY_WANT_MESSAGES_SIGNED); if (wantMessagesSigned != null) { - saml2Setting.setWantMessagesSigned(wantMessagesSigned); + saml2Settings.setWantMessagesSigned(wantMessagesSigned); } final Boolean wantAssertionsSigned = loadBooleanProperty(SECURITY_WANT_ASSERTIONS_SIGNED); if (wantAssertionsSigned != null) { - saml2Setting.setWantAssertionsSigned(wantAssertionsSigned); + saml2Settings.setWantAssertionsSigned(wantAssertionsSigned); } final Boolean wantAssertionsEncrypted = loadBooleanProperty(SECURITY_WANT_ASSERTIONS_ENCRYPTED); if (wantAssertionsEncrypted != null) { - saml2Setting.setWantAssertionsEncrypted(wantAssertionsEncrypted); + saml2Settings.setWantAssertionsEncrypted(wantAssertionsEncrypted); } final Boolean wantNameId = loadBooleanProperty(SECURITY_WANT_NAMEID); if (wantNameId != null) { - saml2Setting.setWantNameId(wantNameId); + saml2Settings.setWantNameId(wantNameId); } final Boolean wantNameIdEncrypted = loadBooleanProperty(SECURITY_WANT_NAMEID_ENCRYPTED); if (wantNameIdEncrypted != null) { - saml2Setting.setWantNameIdEncrypted(wantNameIdEncrypted); + saml2Settings.setWantNameIdEncrypted(wantNameIdEncrypted); } - final Boolean wantXMLValidation = loadBooleanProperty(SECURITY_WANT_XML_VALIDATION); - if (wantXMLValidation != null) { - saml2Setting.setWantXMLValidation(wantXMLValidation); + final Boolean wantXmlValidation = loadBooleanProperty(SECURITY_WANT_XML_VALIDATION); + if (wantXmlValidation != null) { + saml2Settings.setWantXMLValidation(wantXmlValidation); } final Boolean signMetadata = loadBooleanProperty(SECURITY_SIGN_METADATA); if (signMetadata != null) { - saml2Setting.setSignMetadata(signMetadata); + saml2Settings.setSignMetadata(signMetadata); } final List requestedAuthnContext = loadListProperty(SECURITY_REQUESTED_AUTHNCONTEXT); if (requestedAuthnContext != null) { - saml2Setting.setRequestedAuthnContext(requestedAuthnContext); + saml2Settings.setRequestedAuthnContext(requestedAuthnContext); } final String requestedAuthnContextComparison = loadStringProperty(SECURITY_REQUESTED_AUTHNCONTEXTCOMPARISON); - if (requestedAuthnContextComparison != null && !requestedAuthnContextComparison.isEmpty()) { - saml2Setting.setRequestedAuthnContextComparison(requestedAuthnContextComparison); + if (StringUtils.isNotEmpty(requestedAuthnContextComparison)) { + saml2Settings.setRequestedAuthnContextComparison(requestedAuthnContextComparison); } final String signatureAlgorithm = loadStringProperty(SECURITY_SIGNATURE_ALGORITHM); - if (signatureAlgorithm != null && !signatureAlgorithm.isEmpty()) { - saml2Setting.setSignatureAlgorithm(signatureAlgorithm); + if (StringUtils.isNotEmpty(signatureAlgorithm)) { + saml2Settings.setSignatureAlgorithm(signatureAlgorithm); } final String digestAlgorithm = loadStringProperty(SECURITY_DIGEST_ALGORITHM); - if (digestAlgorithm != null && !digestAlgorithm.isEmpty()) { - saml2Setting.setDigestAlgorithm(digestAlgorithm); + if (StringUtils.isNotEmpty(digestAlgorithm)) { + saml2Settings.setDigestAlgorithm(digestAlgorithm); } final String nameIdEncryptionAlgorithm = loadStringProperty(SECURITY_NAMEID_ENCRYPTION_ALGORITHM); - if (nameIdEncryptionAlgorithm != null && !nameIdEncryptionAlgorithm.isEmpty()) { - saml2Setting.setNameIdEncryptionAlgorithm(nameIdEncryptionAlgorithm); + if (StringUtils.isNotEmpty(nameIdEncryptionAlgorithm)) { + saml2Settings.setNameIdEncryptionAlgorithm(nameIdEncryptionAlgorithm); } final List allowedKeyTransportAlgorithms = loadListProperty(SECURITY_ALLOWED_KEY_TRANSPORT_ALGORITHMS); @@ -541,23 +541,23 @@ private void loadSecuritySetting() { allowedKeyTransportAlgorithmsSet.add(allowedKeyTransportAlgorithm.trim()); } } - saml2Setting.setAllowedKeyTransportAlgorithms(allowedKeyTransportAlgorithmsSet); + saml2Settings.setAllowedKeyTransportAlgorithms(allowedKeyTransportAlgorithmsSet); } final Boolean rejectUnsolicitedResponsesWithInResponseTo = loadBooleanProperty(SECURITY_REJECT_UNSOLICITED_RESPONSES_WITH_INRESPONSETO); if (rejectUnsolicitedResponsesWithInResponseTo != null) { - saml2Setting.setRejectUnsolicitedResponsesWithInResponseTo(rejectUnsolicitedResponsesWithInResponseTo); + saml2Settings.setRejectUnsolicitedResponsesWithInResponseTo(rejectUnsolicitedResponsesWithInResponseTo); } final Boolean allowRepeatAttributeName = loadBooleanProperty(SECURITY_ALLOW_REPEAT_ATTRIBUTE_NAME_PROPERTY_KEY); if (allowRepeatAttributeName != null) { - saml2Setting.setAllowRepeatAttributeName(allowRepeatAttributeName); + saml2Settings.setAllowRepeatAttributeName(allowRepeatAttributeName); } final Boolean rejectDeprecatedAlg = loadBooleanProperty(SECURITY_REJECT_DEPRECATED_ALGORITHM); if (rejectDeprecatedAlg != null) { - saml2Setting.setRejectDeprecatedAlg(rejectDeprecatedAlg); + saml2Settings.setRejectDeprecatedAlg(rejectDeprecatedAlg); } } @@ -567,12 +567,12 @@ private void loadSecuritySetting() { private void loadCompressSetting() { final Boolean compressRequest = loadBooleanProperty(COMPRESS_REQUEST); if (compressRequest != null) { - saml2Setting.setCompressRequest(compressRequest); + saml2Settings.setCompressRequest(compressRequest); } final Boolean compressResponse = loadBooleanProperty(COMPRESS_RESPONSE); if (compressResponse != null) { - saml2Setting.setCompressResponse(compressResponse); + saml2Settings.setCompressResponse(compressResponse); } } @@ -582,12 +582,12 @@ private void loadCompressSetting() { private void loadParsingSetting() { final Boolean trimNameIds = loadBooleanProperty(PARSING_TRIM_NAME_IDS); if (trimNameIds != null) { - saml2Setting.setTrimNameIds(trimNameIds); + saml2Settings.setTrimNameIds(trimNameIds); } final Boolean trimAttributeValues = loadBooleanProperty(PARSING_TRIM_ATTRIBUTE_VALUES); if (trimAttributeValues != null) { - saml2Setting.setTrimAttributeValues(trimAttributeValues); + saml2Settings.setTrimAttributeValues(trimAttributeValues); } } @@ -622,12 +622,12 @@ private List loadContacts() { // then build each contact // multiple indexed services specified final List contacts = - contactProps.entrySet().stream().map(entry -> loadContact(entry.getValue(), entry.getKey())).collect(Collectors.toList()); + contactProps.entrySet().stream().map(entry -> loadContact(entry.getValue())).collect(Collectors.toList()); // append legacy contacts if present final String technicalGn = loadStringProperty(CONTACT_TECHNICAL_GIVEN_NAME); final String technicalEmailAddress = loadStringProperty(CONTACT_TECHNICAL_EMAIL_ADDRESS); - if ((technicalGn != null && !technicalGn.isEmpty()) || (technicalEmailAddress != null && !technicalEmailAddress.isEmpty())) { + if (StringUtils.isNotEmpty(technicalGn) || StringUtils.isNotEmpty(technicalEmailAddress)) { final Contact technical = new Contact(Constants.CONTACT_TYPE_TECHNICAL, technicalGn, technicalEmailAddress); contacts.add(technical); } @@ -635,7 +635,7 @@ private List loadContacts() { final String supportGn = loadStringProperty(CONTACT_SUPPORT_GIVEN_NAME); final String supportEmailAddress = loadStringProperty(CONTACT_SUPPORT_EMAIL_ADDRESS); - if ((supportGn != null && !supportGn.isEmpty()) || (supportEmailAddress != null && !supportEmailAddress.isEmpty())) { + if (StringUtils.isNotEmpty(supportGn) || StringUtils.isNotEmpty(supportEmailAddress)) { final Contact support = new Contact(Constants.CONTACT_TYPE_SUPPORT, supportGn, supportEmailAddress); contacts.add(support); } @@ -648,11 +648,9 @@ private List loadContacts() { * * @param contactProps * a map containing the contact settings - * @param index - * the contact index * @return the loaded contact */ - private Contact loadContact(final Map contactProps, final int index) { + private Contact loadContact(final Map contactProps) { final String contactType = loadStringProperty(SP_CONTACT_CONTACT_TYPE_PROPERTY_KEY_SUFFIX, contactProps); final String company = loadStringProperty(SP_CONTACT_COMPANY_PROPERTY_KEY_SUFFIX, contactProps); final String givenName = loadStringProperty(SP_CONTACT_GIVEN_NAME_PROPERTY_KEY_SUFFIX, contactProps); @@ -815,7 +813,7 @@ private List toStringList(final Map indexedValues) { /** * Loads the unique ID prefix. Uses default if property not set. */ - private String loadUniqueIDPrefix() { + private String loadUniqueIdPrefix() { return loadStringProperty(UNIQUE_ID_PREFIX_PROPERTY_KEY); } @@ -823,34 +821,34 @@ private String loadUniqueIDPrefix() { * Loads the SP settings from the properties file */ private void loadSpSetting() { - final String spEntityID = loadStringProperty(SP_ENTITYID_PROPERTY_KEY); - if (spEntityID != null) { - saml2Setting.setSpEntityId(spEntityID); + final String spEntityId = loadStringProperty(SP_ENTITYID_PROPERTY_KEY); + if (spEntityId != null) { + saml2Settings.setSpEntityId(spEntityId); } final URL assertionConsumerServiceUrl = loadURLProperty(SP_ASSERTION_CONSUMER_SERVICE_URL_PROPERTY_KEY); if (assertionConsumerServiceUrl != null) { - saml2Setting.setSpAssertionConsumerServiceUrl(assertionConsumerServiceUrl); + saml2Settings.setSpAssertionConsumerServiceUrl(assertionConsumerServiceUrl); } final String spAssertionConsumerServiceBinding = loadStringProperty(SP_ASSERTION_CONSUMER_SERVICE_BINDING_PROPERTY_KEY); if (spAssertionConsumerServiceBinding != null) { - saml2Setting.setSpAssertionConsumerServiceBinding(spAssertionConsumerServiceBinding); + saml2Settings.setSpAssertionConsumerServiceBinding(spAssertionConsumerServiceBinding); } final URL spSingleLogoutServiceUrl = loadURLProperty(SP_SINGLE_LOGOUT_SERVICE_URL_PROPERTY_KEY); if (spSingleLogoutServiceUrl != null) { - saml2Setting.setSpSingleLogoutServiceUrl(spSingleLogoutServiceUrl); + saml2Settings.setSpSingleLogoutServiceUrl(spSingleLogoutServiceUrl); } final String spSingleLogoutServiceBinding = loadStringProperty(SP_SINGLE_LOGOUT_SERVICE_BINDING_PROPERTY_KEY); if (spSingleLogoutServiceBinding != null) { - saml2Setting.setSpSingleLogoutServiceBinding(spSingleLogoutServiceBinding); + saml2Settings.setSpSingleLogoutServiceBinding(spSingleLogoutServiceBinding); } - final String spNameIDFormat = loadStringProperty(SP_NAMEIDFORMAT_PROPERTY_KEY); - if (spNameIDFormat != null && !spNameIDFormat.isEmpty()) { - saml2Setting.setSpNameIDFormat(spNameIDFormat); + final String spNameIdFormat = loadStringProperty(SP_NAMEIDFORMAT_PROPERTY_KEY); + if (StringUtils.isNotEmpty(spNameIdFormat)) { + saml2Settings.setSpNameIDFormat(spNameIdFormat); } final boolean keyStoreEnabled = this.samlData.get(KEYSTORE_KEY) != null && this.samlData.get(KEYSTORE_ALIAS) != null @@ -872,15 +870,15 @@ private void loadSpSetting() { } if (spX509cert != null) { - saml2Setting.setSpX509cert(spX509cert); + saml2Settings.setSpX509cert(spX509cert); } if (spPrivateKey != null) { - saml2Setting.setSpPrivateKey(spPrivateKey); + saml2Settings.setSpPrivateKey(spPrivateKey); } final X509Certificate spX509certNew = loadCertificateFromProp(SP_X509CERTNEW_PROPERTY_KEY); if (spX509certNew != null) { - saml2Setting.setSpX509certNew(spX509certNew); + saml2Settings.setSpX509certNew(spX509certNew); } } @@ -937,6 +935,7 @@ private Boolean loadBooleanProperty(final String propertyKey) { * * @return the value */ + @SuppressWarnings("unchecked") private List loadListProperty(final String propertyKey) { final Object propValue = samlData.get(propertyKey); if (isString(propValue)) { @@ -1081,10 +1080,8 @@ protected X509Certificate loadCertificateFromProp(final String propertyKey) { private List loadCertificateListFromProp(final String propertyKey) { final List list = new ArrayList<>(); - int i = 0; - while (true) { + for (int i = 0;; i++) { final Object propValue = samlData.get(propertyKey + "." + i); - i++; if (propValue == null) { break; @@ -1096,39 +1093,6 @@ private List loadCertificateListFromProp(final String propertyK return list; } - /** - * Loads a property of the type X509Certificate from file - * - * @param filename the file name of the file that contains the X509Certificate - * - * @return the X509Certificate object - */ - /* - protected X509Certificate loadCertificateFromFile(String filename) { - String certString = null; - try { - certString = Util.getFileAsString(filename.trim()); - } catch (URISyntaxException e) { - LOGGER.error("SAMLSevereException loading certificate from file.", e); - return null; - } - catch (IOException e) { - LOGGER.error("SAMLSevereException loading certificate from file.", e); - return null; - } - - try { - return Util.loadCert(certString); - } catch (CertificateException e) { - LOGGER.error("SAMLSevereException loading certificate from file.", e); - return null; - } catch (UnsupportedEncodingException e) { - LOGGER.error("the certificate is not in correct format.", e); - return null; - } - } - */ - /** * Loads a property of the type PrivateKey from the Properties object * diff --git a/core/src/main/java/org/codelibs/saml2/core/util/Util.java b/core/src/main/java/org/codelibs/saml2/core/util/Util.java index 6c615f6..d7f1bd8 100644 --- a/core/src/main/java/org/codelibs/saml2/core/util/Util.java +++ b/core/src/main/java/org/codelibs/saml2/core/util/Util.java @@ -8,11 +8,9 @@ import java.io.InputStream; import java.io.OutputStream; import java.io.StringReader; -import java.io.UnsupportedEncodingException; import java.net.URL; import java.net.URLDecoder; import java.net.URLEncoder; -import java.nio.charset.Charset; import java.nio.charset.StandardCharsets; import java.security.InvalidKeyException; import java.security.Key; @@ -130,6 +128,9 @@ public final class Util { private static final Set DEPRECATED_ALGOS = new HashSet<>(Arrays.asList(Constants.RSA_SHA1, Constants.DSA_SHA1)); + private static final Set WHITELISTED_ALGORITHMS = + Set.of(Constants.DSA_SHA1, Constants.RSA_SHA1, Constants.RSA_SHA256, Constants.RSA_SHA384, Constants.RSA_SHA512); + static { System.setProperty("org.apache.xml.security.ignoreLineBreaks", "true"); org.apache.xml.security.Init.init(); @@ -184,7 +185,7 @@ public static Document loadXML(final String xml) { } LOGGER.warn("Detected use of ENTITY in XML, disabled to prevent XXE/XEE attacks"); } catch (final Exception e) { - LOGGER.warn("Load XML error: " + e.getMessage(), e); + LOGGER.warn("Load XML error: {}", e.getMessage(), e); } return null; @@ -241,13 +242,8 @@ public Iterator getPrefixes(final String namespaceURI) { }); try { - NodeList nodeList; - if (context == null) { - nodeList = (NodeList) xpath.evaluate(query, dom, XPathConstants.NODESET); - } else { - nodeList = (NodeList) xpath.evaluate(query, context, XPathConstants.NODESET); - } - return nodeList; + final Node contextNode = context == null ? dom : context; + return (NodeList) xpath.evaluate(query, contextNode, XPathConstants.NODESET); } catch (XPathExpressionException e) { throw new XMLParsingException("Failed to evaluate " + query, e); } @@ -295,15 +291,15 @@ public static boolean validateXML(final Document xmlDocument, final URL schemaUr validator.setProperty(XMLConstants.ACCESS_EXTERNAL_SCHEMA, ""); } - final XMLErrorAccumulatorHandler errorAcumulator = new XMLErrorAccumulatorHandler(); - validator.setErrorHandler(errorAcumulator); + final XMLErrorAccumulatorHandler errorAccumulator = new XMLErrorAccumulatorHandler(); + validator.setErrorHandler(errorAccumulator); final Source xmlSource = new DOMSource(xmlDocument); validator.validate(xmlSource); - final boolean isValid = !errorAcumulator.hasError(); + final boolean isValid = !errorAccumulator.hasError(); if (!isValid) { - LOGGER.warn("Errors found when validating SAML response with schema: {}", errorAcumulator.getErrorXML()); + LOGGER.warn("Errors found when validating SAML response with schema: {}", errorAccumulator.getErrorXML()); } return isValid; } catch (final Exception e) { @@ -336,36 +332,36 @@ public static Document convertStringToDocument(final String xmlStr) { * @return the Document object */ public static Document parseXML(final InputSource inputSource) { - final DocumentBuilderFactory docfactory = DocumentBuilderFactory.newInstance(); - docfactory.setNamespaceAware(true); + final DocumentBuilderFactory docFactory = DocumentBuilderFactory.newInstance(); + docFactory.setNamespaceAware(true); // do not expand entity reference nodes - docfactory.setExpandEntityReferences(false); + docFactory.setExpandEntityReferences(false); - docfactory.setAttribute("http://java.sun.com/xml/jaxp/properties/schemaLanguage", XMLConstants.W3C_XML_SCHEMA_NS_URI); + docFactory.setAttribute("http://java.sun.com/xml/jaxp/properties/schemaLanguage", XMLConstants.W3C_XML_SCHEMA_NS_URI); // Add various options explicitly to prevent XXE attacks. // (adding try/catch around every setAttribute just in case a specific parser does not support it. // do not include external general entities - setDocumentBuilderFactoryAttribute(docfactory, "http://xml.org/sax/features/external-general-entities", Boolean.FALSE); + setDocumentBuilderFactoryAttribute(docFactory, "http://xml.org/sax/features/external-general-entities", Boolean.FALSE); // do not include external parameter entities or the external DTD subset - setDocumentBuilderFactoryAttribute(docfactory, "http://xml.org/sax/features/external-parameter-entities", Boolean.FALSE); - setDocumentBuilderFactoryAttribute(docfactory, "http://apache.org/xml/features/disallow-doctype-decl", Boolean.TRUE); - setDocumentBuilderFactoryAttribute(docfactory, "http://javax.xml.XMLConstants/feature/secure-processing", Boolean.TRUE); + setDocumentBuilderFactoryAttribute(docFactory, "http://xml.org/sax/features/external-parameter-entities", Boolean.FALSE); + setDocumentBuilderFactoryAttribute(docFactory, "http://apache.org/xml/features/disallow-doctype-decl", Boolean.TRUE); + setDocumentBuilderFactoryAttribute(docFactory, "http://javax.xml.XMLConstants/feature/secure-processing", Boolean.TRUE); // ignore the external DTD completely - setDocumentBuilderFactoryAttribute(docfactory, "http://apache.org/xml/features/nonvalidating/load-external-dtd", Boolean.FALSE); + setDocumentBuilderFactoryAttribute(docFactory, "http://apache.org/xml/features/nonvalidating/load-external-dtd", Boolean.FALSE); // build the grammar but do not use the default attributes and attribute types information it contains - setDocumentBuilderFactoryAttribute(docfactory, "http://apache.org/xml/features/nonvalidating/load-dtd-grammar", Boolean.FALSE); + setDocumentBuilderFactoryAttribute(docFactory, "http://apache.org/xml/features/nonvalidating/load-dtd-grammar", Boolean.FALSE); try { - docfactory.setFeature(XMLConstants.FEATURE_SECURE_PROCESSING, true); + docFactory.setFeature(XMLConstants.FEATURE_SECURE_PROCESSING, true); } catch (final Exception e) { LOGGER.debug("Cannot set {} to {}", true, XMLConstants.FEATURE_SECURE_PROCESSING, e); } try { - final DocumentBuilder builder = docfactory.newDocumentBuilder(); - final XMLErrorAccumulatorHandler errorAcumulator = new XMLErrorAccumulatorHandler(); - builder.setErrorHandler(errorAcumulator); + final DocumentBuilder builder = docFactory.newDocumentBuilder(); + final XMLErrorAccumulatorHandler errorAccumulator = new XMLErrorAccumulatorHandler(); + builder.setErrorHandler(errorAccumulator); final Document doc = builder.parse(inputSource); // Loop through the doc and tag every element with an ID attribute @@ -392,9 +388,9 @@ public static Document parseXML(final InputSource inputSource) { } } - private static void setDocumentBuilderFactoryAttribute(DocumentBuilderFactory docfactory, String name, Object value) { + private static void setDocumentBuilderFactoryAttribute(DocumentBuilderFactory docFactory, String name, Object value) { try { - docfactory.setAttribute(name, value); + docFactory.setAttribute(name, value); } catch (final Exception e) { LOGGER.debug("Cannot set {} to {}", value, name, e); } @@ -650,15 +646,15 @@ public static String calculateX509Fingerprint(final X509Certificate x509cert) { * @return the formated PEM string */ public static String convertToPem(final X509Certificate certificate) { - String pemCert = ""; + String pemCert = StringUtils.EMPTY; try { final Base64 encoder = new Base64(64); - final String cert_begin = "-----BEGIN CERTIFICATE-----\n"; - final String end_cert = "-----END CERTIFICATE-----"; + final String certBegin = "-----BEGIN CERTIFICATE-----\n"; + final String certEnd = "-----END CERTIFICATE-----"; final byte[] derCert = certificate.getEncoded(); final String pemCertPre = new String(encoder.encode(derCert)); - pemCert = cert_begin + pemCertPre + end_cert; + pemCert = certBegin + pemCertPre + certEnd; } catch (final Exception e) { LOGGER.debug("Certificate encoding exception.", e); @@ -684,7 +680,7 @@ public static String getFileAsString(final String relativeResourcePath) { final ByteArrayOutputStream bytes = new ByteArrayOutputStream(); copyBytes(new BufferedInputStream(is), bytes); - return bytes.toString("utf-8"); + return bytes.toString(StandardCharsets.UTF_8); } catch (final IOException e) { throw new IORuntimeException(e); } @@ -715,17 +711,17 @@ public static String base64decodedInflated(final String input) { // Inflater try { - final Inflater decompresser = new Inflater(true); - decompresser.setInput(decoded); + final Inflater decompressor = new Inflater(true); + decompressor.setInput(decoded); final byte[] result = new byte[1024]; StringBuilder inflated = new StringBuilder(); long limit = 0; - while (!decompresser.finished() && limit < 150) { - final int resultLength = decompresser.inflate(result); + while (!decompressor.finished() && limit < 150) { + final int resultLength = decompressor.inflate(result); limit += 1; - inflated.append(new String(result, 0, resultLength, "UTF-8")); + inflated.append(new String(result, 0, resultLength, StandardCharsets.UTF_8)); } - decompresser.end(); + decompressor.end(); return inflated.toString(); } catch (final Exception e) { LOGGER.debug("Failed to decode {}", input, e); @@ -746,7 +742,7 @@ public static String deflatedBase64encoded(final String input) { final ByteArrayOutputStream bytesOut = new ByteArrayOutputStream(); final Deflater deflater = new Deflater(Deflater.DEFLATED, true); try (final DeflaterOutputStream deflaterStream = new DeflaterOutputStream(bytesOut, deflater)) { - deflaterStream.write(input.getBytes(Charset.forName("UTF-8"))); + deflaterStream.write(input.getBytes(StandardCharsets.UTF_8)); deflaterStream.finish(); } catch (final IOException e) { throw new IORuntimeException(e); @@ -970,8 +966,6 @@ public static boolean validateSign(final Document doc, final List whiteListedAlgorithm = new HashSet<>(); - whiteListedAlgorithm.add(Constants.DSA_SHA1); - whiteListedAlgorithm.add(Constants.RSA_SHA1); - whiteListedAlgorithm.add(Constants.RSA_SHA256); - whiteListedAlgorithm.add(Constants.RSA_SHA384); - whiteListedAlgorithm.add(Constants.RSA_SHA512); - - boolean whitelisted = false; - if (whiteListedAlgorithm.contains(alg)) { - whitelisted = true; - } - - return whitelisted; + // Preserve the original null contract: an immutable Set.of(...) throws on contains(null), + // whereas the previous HashSet returned false for a null algorithm. + return alg != null && WHITELISTED_ALGORITHMS.contains(alg); } /** @@ -1409,10 +1393,11 @@ private static void validateEncryptedData(final Element encryptedDataElement) { ValidationException.KEYINFO_NOT_FOUND_IN_ENCRYPTED_DATA); } - final NodeList childs = keyInfoInEncData.item(0).getChildNodes(); - for (int i = 0; i < childs.getLength(); i++) { - if (childs.item(i).getLocalName() != null && "RetrievalMethod".equals(childs.item(i).getLocalName())) { - final Element retrievalMethodElem = (Element) childs.item(i); + final NodeList children = keyInfoInEncData.item(0).getChildNodes(); + for (int i = 0; i < children.getLength(); i++) { + final Node child = children.item(i); + if (child.getLocalName() != null && "RetrievalMethod".equals(child.getLocalName())) { + final Element retrievalMethodElem = (Element) child; if (!"http://www.w3.org/2001/04/xmlenc#EncryptedKey".equals(retrievalMethodElem.getAttribute("Type"))) { throw new ValidationException("Unsupported Retrieval Method found", ValidationException.UNSUPPORTED_RETRIEVAL_METHOD); } @@ -1423,7 +1408,7 @@ private static void validateEncryptedData(final Element encryptedDataElement) { ((Element) encryptedDataElement.getParentNode()).getElementsByTagNameNS(Constants.NS_XENC, "EncryptedKey"); for (int j = 0; j < encryptedKeyNodes.getLength(); j++) { if (((Element) encryptedKeyNodes.item(j)).getAttribute("Id").equals(uri)) { - keyInfoInEncData.item(0).replaceChild(encryptedKeyNodes.item(j), childs.item(i)); + keyInfoInEncData.item(0).replaceChild(encryptedKeyNodes.item(j), child); } } } @@ -1704,7 +1689,7 @@ public static boolean validateBinarySignature(final String signedQuery, final by break; } } catch (final Exception e) { - LOGGER.warn("SAMLSevereException executing validateSign: " + e.getMessage(), e); + LOGGER.warn("SAMLSevereException executing validateSign: {}", e.getMessage(), e); } } return valid; @@ -1735,8 +1720,8 @@ public static SamlResponseStatus getStatus(final String statusXpath, final Docum if (codeEntry.getLength() == 0) { throw new ValidationException("Missing Status Code on response", ValidationException.MISSING_STATUS_CODE); } - final String stausCode = codeEntry.item(0).getAttributes().getNamedItem("Value").getNodeValue(); - final SamlResponseStatus status = new SamlResponseStatus(stausCode); + final String statusCode = codeEntry.item(0).getAttributes().getNamedItem("Value").getNodeValue(); + final SamlResponseStatus status = new SamlResponseStatus(statusCode); final NodeList subStatusCodeEntry = Util.query(dom, statusXpath + "/samlp:StatusCode/samlp:StatusCode", statusEntry.item(0)); if (subStatusCodeEntry.getLength() > 0) { @@ -1923,7 +1908,7 @@ private static SecretKey generateSymmetricKey() { * @return A unique string */ public static String generateUniqueID(String prefix) { - if (prefix == null || StringUtils.isEmpty(prefix)) { + if (StringUtils.isEmpty(prefix)) { prefix = Util.UNIQUE_ID_PREFIX; } return prefix + UUID.randomUUID(); @@ -2013,11 +1998,11 @@ public static Long getCurrentTimeStamp() { public static long getExpireTime(final String cacheDuration, final String validUntil) { long expireTime = 0; try { - if (cacheDuration != null && !StringUtils.isEmpty(cacheDuration)) { + if (StringUtils.isNotEmpty(cacheDuration)) { expireTime = parseDuration(cacheDuration); } - if (validUntil != null && !StringUtils.isEmpty(validUntil)) { + if (StringUtils.isNotEmpty(validUntil)) { final Instant dt = Util.parseDateTime(validUntil); final long validUntilTimeInt = dt.toEpochMilli() / 1000; if (expireTime == 0 || expireTime > validUntilTimeInt) { @@ -2025,7 +2010,7 @@ public static long getExpireTime(final String cacheDuration, final String validU } } } catch (final Exception e) { - LOGGER.error("SAMLSevereException executing getExpireTime: " + e.getMessage(), e); + LOGGER.error("SAMLSevereException executing getExpireTime: {}", e.getMessage(), e); } return expireTime; } @@ -2043,7 +2028,7 @@ public static long getExpireTime(final String cacheDuration, final String validU public static long getExpireTime(final String cacheDuration, final long validUntil) { long expireTime = 0; try { - if (cacheDuration != null && !StringUtils.isEmpty(cacheDuration)) { + if (StringUtils.isNotEmpty(cacheDuration)) { expireTime = parseDuration(cacheDuration); } @@ -2051,7 +2036,7 @@ public static long getExpireTime(final String cacheDuration, final long validUnt expireTime = validUntil; } } catch (final Exception e) { - LOGGER.error("SAMLSevereException executing getExpireTime: " + e.getMessage(), e); + LOGGER.error("SAMLSevereException executing getExpireTime: {}", e.getMessage(), e); } return expireTime; } @@ -2093,19 +2078,11 @@ public static String toXml(final String text) { } private static String toStringUtf8(final byte[] bytes) { - try { - return new String(bytes, "UTF-8"); - } catch (final UnsupportedEncodingException e) { - throw new IllegalStateException(e); - } + return new String(bytes, StandardCharsets.UTF_8); } private static byte[] toBytesUtf8(final String str) { - try { - return str.getBytes("UTF-8"); - } catch (final UnsupportedEncodingException e) { - throw new IllegalStateException(e); - } + return str.getBytes(StandardCharsets.UTF_8); } private static Clock clock = Clock.systemUTC(); diff --git a/samples/java-saml-tookit-jspsample/src/main/webapp/acs.jsp b/samples/java-saml-tookit-jspsample/src/main/webapp/acs.jsp index ae5fb12..f8c4541 100644 --- a/samples/java-saml-tookit-jspsample/src/main/webapp/acs.jsp +++ b/samples/java-saml-tookit-jspsample/src/main/webapp/acs.jsp @@ -1,6 +1,5 @@ -<%@page import="org.codelibs.saml2.core.core.toolkit.Auth"%> -<%@page import="org.codelibs.saml2.core.core.toolkit.servlet.ServletUtils"%> -<%@page import="java.util.Collection"%> +<%@page import="org.codelibs.saml2.Auth"%> +<%@page import="org.codelibs.saml2.servlet.ServletUtils"%> <%@page import="java.util.List"%> <%@page import="java.util.Map"%> <%@page import="org.apache.commons.lang3.StringUtils" %> @@ -91,11 +90,9 @@ <% - Collection keys = attributes.keySet(); - for(String name :keys){ - out.println("" + name + ""); - List values = attributes.get(name); - for(String value :values) { + for (Map.Entry> entry : attributes.entrySet()) { + out.println("" + entry.getKey() + ""); + for(String value : entry.getValue()) { out.println("
  • " + value + "
  • "); } diff --git a/samples/java-saml-tookit-jspsample/src/main/webapp/attrs.jsp b/samples/java-saml-tookit-jspsample/src/main/webapp/attrs.jsp index 80f6d2d..62e3936 100644 --- a/samples/java-saml-tookit-jspsample/src/main/webapp/attrs.jsp +++ b/samples/java-saml-tookit-jspsample/src/main/webapp/attrs.jsp @@ -1,6 +1,4 @@ -<%@page import="org.codelibs.saml2.core.core.toolkit.Auth"%> -<%@page import="java.util.Collection"%> -<%@page import="java.util.Enumeration"%> +<%@page import="org.codelibs.saml2.Auth"%> <%@page import="java.util.HashMap"%> <%@page import="java.util.List"%> <%@page import="java.util.Map"%> @@ -27,16 +25,7 @@

    A Java SAML Toolkit

    <% - Boolean found = false; - @SuppressWarnings("unchecked") - Enumeration elems = (Enumeration) session.getAttributeNames(); - - while (elems.hasMoreElements() && !found) { - String value = (String) elems.nextElement(); - if (value.equals("attributes") || value.equals("nameId")) { - found = true; - } - } + boolean found = session.getAttribute("attributes") != null || session.getAttribute("nameId") != null; if (found) { String nameId = (String) session.getAttribute("nameId"); @@ -64,11 +53,9 @@ <% - Collection keys = attributes.keySet(); - for(String name :keys){ - out.println("" + name + ""); - List values = attributes.get(name); - for(String value :values) { + for (Map.Entry> entry : attributes.entrySet()) { + out.println("" + entry.getKey() + ""); + for(String value : entry.getValue()) { out.println("
  • " + value + "
  • "); } diff --git a/samples/java-saml-tookit-jspsample/src/main/webapp/dologin.jsp b/samples/java-saml-tookit-jspsample/src/main/webapp/dologin.jsp index a5ab601..07047d5 100644 --- a/samples/java-saml-tookit-jspsample/src/main/webapp/dologin.jsp +++ b/samples/java-saml-tookit-jspsample/src/main/webapp/dologin.jsp @@ -1,4 +1,4 @@ -<%@page import="org.codelibs.saml2.core.core.toolkit.Auth"%> +<%@page import="org.codelibs.saml2.Auth"%> <%@page language="java" contentType="text/html; charset=UTF-8" pageEncoding="UTF-8"%> diff --git a/samples/java-saml-tookit-jspsample/src/main/webapp/dologout.jsp b/samples/java-saml-tookit-jspsample/src/main/webapp/dologout.jsp index 609ec57..06bb5fa 100644 --- a/samples/java-saml-tookit-jspsample/src/main/webapp/dologout.jsp +++ b/samples/java-saml-tookit-jspsample/src/main/webapp/dologout.jsp @@ -1,4 +1,5 @@ -<%@page import="org.codelibs.saml2.core.core.toolkit.Auth"%> +<%@page import="org.codelibs.saml2.Auth"%> +<%@page import="java.util.Objects"%> <%@ page language="java" contentType="text/html; charset=UTF-8" pageEncoding="UTF-8"%> @@ -9,26 +10,11 @@ <% Auth auth = new Auth(request, response); - String nameId = null; - if (session.getAttribute("nameId") != null) { - nameId = session.getAttribute("nameId").toString(); - } - String nameIdFormat = null; - if (session.getAttribute("nameIdFormat") != null) { - nameIdFormat = session.getAttribute("nameIdFormat").toString(); - } - String nameidNameQualifier = null; - if (session.getAttribute("nameidNameQualifier") != null) { - nameidNameQualifier = session.getAttribute("nameidNameQualifier").toString(); - } - String nameidSPNameQualifier = null; - if (session.getAttribute("nameidSPNameQualifier") != null) { - nameidSPNameQualifier = session.getAttribute("nameidSPNameQualifier").toString(); - } - String sessionIndex = null; - if (session.getAttribute("sessionIndex") != null) { - sessionIndex = session.getAttribute("sessionIndex").toString(); - } + String nameId = Objects.toString(session.getAttribute("nameId"), null); + String nameIdFormat = Objects.toString(session.getAttribute("nameIdFormat"), null); + String nameidNameQualifier = Objects.toString(session.getAttribute("nameidNameQualifier"), null); + String nameidSPNameQualifier = Objects.toString(session.getAttribute("nameidSPNameQualifier"), null); + String sessionIndex = Objects.toString(session.getAttribute("sessionIndex"), null); auth.logout(null, nameId, sessionIndex, nameIdFormat, nameidNameQualifier, nameidSPNameQualifier); %> diff --git a/samples/java-saml-tookit-jspsample/src/main/webapp/metadata.jsp b/samples/java-saml-tookit-jspsample/src/main/webapp/metadata.jsp index 7ef8b46..f5b306d 100644 --- a/samples/java-saml-tookit-jspsample/src/main/webapp/metadata.jsp +++ b/samples/java-saml-tookit-jspsample/src/main/webapp/metadata.jsp @@ -1,4 +1,4 @@ -<%@page import="java.util.*,org.codelibs.saml2.core.core.toolkit.Auth,org.codelibs.saml2.core.core.toolkit.settings.Saml2Settings" language="java" contentType="application/xhtml+xml"%><% +<%@page import="java.util.List,org.codelibs.saml2.Auth,org.codelibs.saml2.core.settings.Saml2Settings" language="java" contentType="application/xhtml+xml"%><% Auth auth = new Auth(); Saml2Settings settings = auth.getSettings(); settings.setSPValidationOnly(true); diff --git a/samples/java-saml-tookit-jspsample/src/main/webapp/sls.jsp b/samples/java-saml-tookit-jspsample/src/main/webapp/sls.jsp index d4748e2..3184f14 100644 --- a/samples/java-saml-tookit-jspsample/src/main/webapp/sls.jsp +++ b/samples/java-saml-tookit-jspsample/src/main/webapp/sls.jsp @@ -1,8 +1,5 @@ -<%@page import="org.codelibs.saml2.core.core.toolkit.Auth"%> -<%@page import="java.util.Collection"%> -<%@page import="java.util.HashMap"%> +<%@page import="org.codelibs.saml2.Auth"%> <%@page import="java.util.List"%> -<%@page import="java.util.Map"%> <%@ page language="java" contentType="text/html; charset=UTF-8" pageEncoding="UTF-8"%> @@ -32,7 +29,7 @@ List errors = auth.getErrors(); if (errors.isEmpty()) { - out.println("

    Sucessfully logged out

    "); + out.println("

    Successfully logged out

    "); out.println("Login"); } else { out.println("

    "); diff --git a/toolkit/src/main/java/org/codelibs/saml2/Auth.java b/toolkit/src/main/java/org/codelibs/saml2/Auth.java index a67f5b6..c60afa0 100644 --- a/toolkit/src/main/java/org/codelibs/saml2/Auth.java +++ b/toolkit/src/main/java/org/codelibs/saml2/Auth.java @@ -277,8 +277,7 @@ public Auth(final Saml2Settings settings, final HttpServletRequest request, fina // Check settings final List settingsErrors = settings.checkSettings(); if (!settingsErrors.isEmpty()) { - String errorMsg = "Invalid settings: "; - errorMsg += StringUtils.join(settingsErrors, ", "); + final String errorMsg = "Invalid settings: " + StringUtils.join(settingsErrors, ", "); LOGGER.warn(errorMsg); throw new SettingsException(errorMsg, SettingsException.SETTINGS_INVALID); } @@ -570,32 +569,28 @@ public String login(final String relayState, final AuthnRequestParams authnReque * @return the SSO URL with the AuthNRequest if stay = True * */ - public String login(String relayState, final AuthnRequestParams authnRequestParams, final Boolean stay, - Map parameters) { + public String login(final String relayState, final AuthnRequestParams authnRequestParams, final Boolean stay, + final Map parameters) { final AuthnRequest authnRequest = samlMessageFactory.createAuthnRequest(settings, authnRequestParams); - if (parameters == null) { - parameters = new HashMap<>(); - } + final Map requestParameters = parameters == null ? new HashMap<>() : parameters; final String samlRequest = authnRequest.getEncodedAuthnRequest(); - parameters.put("SAMLRequest", samlRequest); + requestParameters.put("SAMLRequest", samlRequest); - if (relayState == null) { - relayState = ServletUtils.getSelfRoutedURLNoQuery(request); - } + final String effectiveRelayState = relayState == null ? ServletUtils.getSelfRoutedURLNoQuery(request) : relayState; - if (!relayState.isEmpty()) { - parameters.put("RelayState", relayState); + if (!effectiveRelayState.isEmpty()) { + requestParameters.put("RelayState", effectiveRelayState); } if (settings.getAuthnRequestsSigned()) { final String sigAlg = settings.getSignatureAlgorithm(); - final String signature = this.buildRequestSignature(samlRequest, relayState, sigAlg); + final String signature = this.buildRequestSignature(samlRequest, effectiveRelayState, sigAlg); - parameters.put("SigAlg", sigAlg); - parameters.put("Signature", signature); + requestParameters.put("SigAlg", sigAlg); + requestParameters.put("Signature", signature); } final String ssoUrl = getSSOurl(); @@ -606,7 +601,7 @@ public String login(String relayState, final AuthnRequestParams authnRequestPara if (!stay) { LOGGER.debug("AuthNRequest sent to {} --> {}", ssoUrl, samlRequest); } - return ServletUtils.sendRedirect(response, ssoUrl, parameters, stay); + return ServletUtils.sendRedirect(response, ssoUrl, requestParameters, stay); } /** @@ -732,31 +727,27 @@ public String logout(final String relayState, final String nameId, final String * @return the SLO URL with the LogoutRequest if stay = True * */ - public String logout(String relayState, final LogoutRequestParams logoutRequestParams, final Boolean stay, - Map parameters) { + public String logout(final String relayState, final LogoutRequestParams logoutRequestParams, final Boolean stay, + final Map parameters) { - if (parameters == null) { - parameters = new HashMap<>(); - } + final Map requestParameters = parameters == null ? new HashMap<>() : parameters; final LogoutRequest logoutRequest = samlMessageFactory.createOutgoingLogoutRequest(settings, logoutRequestParams); final String samlLogoutRequest = logoutRequest.getEncodedLogoutRequest(); - parameters.put("SAMLRequest", samlLogoutRequest); + requestParameters.put("SAMLRequest", samlLogoutRequest); - if (relayState == null) { - relayState = ServletUtils.getSelfRoutedURLNoQuery(request); - } + final String effectiveRelayState = relayState == null ? ServletUtils.getSelfRoutedURLNoQuery(request) : relayState; - if (!relayState.isEmpty()) { - parameters.put("RelayState", relayState); + if (!effectiveRelayState.isEmpty()) { + requestParameters.put("RelayState", effectiveRelayState); } if (settings.getLogoutRequestSigned()) { final String sigAlg = settings.getSignatureAlgorithm(); - final String signature = this.buildRequestSignature(samlLogoutRequest, relayState, sigAlg); + final String signature = this.buildRequestSignature(samlLogoutRequest, effectiveRelayState, sigAlg); - parameters.put("SigAlg", sigAlg); - parameters.put("Signature", signature); + requestParameters.put("SigAlg", sigAlg); + requestParameters.put("Signature", signature); } final String sloUrl = getSLOurl(); @@ -767,7 +758,7 @@ public String logout(String relayState, final LogoutRequestParams logoutRequestP if (!stay) { LOGGER.debug("Logout request sent to {} --> {}", sloUrl, samlLogoutRequest); } - return ServletUtils.sendRedirect(response, sloUrl, parameters, stay); + return ServletUtils.sendRedirect(response, sloUrl, requestParameters, stay); } /** @@ -1153,7 +1144,7 @@ public void processResponse(final String requestId) { lastMessageIssueInstant = samlResponse.getResponseIssueInstant(); lastAssertionId = samlResponse.getAssertionId(); lastAssertionNotOnOrAfter = samlResponse.getAssertionNotOnOrAfter(); - LOGGER.debug("processResponse success --> " + samlResponseParameter); + LOGGER.debug("processResponse success --> {}", samlResponseParameter); } else { errorReason = samlResponse.getError(); validationException = samlResponse.getValidationException(); @@ -1226,7 +1217,7 @@ public String processSLO(final Boolean keepLocalSession, final String requestId, } else { lastMessageId = logoutResponse.getId(); lastMessageIssueInstant = logoutResponse.getIssueInstant(); - LOGGER.debug("processSLO success --> " + samlResponseParameter); + LOGGER.debug("processSLO success --> {}", samlResponseParameter); if (!keepLocalSession) { request.getSession().invalidate(); } @@ -1244,50 +1235,48 @@ public String processSLO(final Boolean keepLocalSession, final String requestId, errorReason = logoutRequest.getError(); validationException = logoutRequest.getValidationException(); return null; - } else { - lastMessageId = logoutRequest.getId(); - lastMessageIssueInstant = logoutRequest.getIssueInstant(); - LOGGER.debug("processSLO success --> " + samlRequestParameter); - if (!keepLocalSession) { - request.getSession().invalidate(); - } + } + lastMessageId = logoutRequest.getId(); + lastMessageIssueInstant = logoutRequest.getIssueInstant(); + LOGGER.debug("processSLO success --> {}", samlRequestParameter); + if (!keepLocalSession) { + request.getSession().invalidate(); + } - final String inResponseTo = logoutRequest.id; - final LogoutResponse logoutResponseBuilder = samlMessageFactory.createOutgoingLogoutResponse(settings, - new LogoutResponseParams(inResponseTo, Constants.STATUS_SUCCESS)); - lastResponse = logoutResponseBuilder.getLogoutResponseXml(); + final String inResponseTo = logoutRequest.getId(); + final LogoutResponse logoutResponseBuilder = samlMessageFactory.createOutgoingLogoutResponse(settings, + new LogoutResponseParams(inResponseTo, Constants.STATUS_SUCCESS)); + lastResponse = logoutResponseBuilder.getLogoutResponseXml(); - final String samlLogoutResponse = logoutResponseBuilder.getEncodedLogoutResponse(); + final String samlLogoutResponse = logoutResponseBuilder.getEncodedLogoutResponse(); - final Map parameters = new LinkedHashMap<>(); + final Map parameters = new LinkedHashMap<>(); - parameters.put("SAMLResponse", samlLogoutResponse); + parameters.put("SAMLResponse", samlLogoutResponse); - final String relayState = request.getParameter("RelayState"); - if (relayState != null) { - parameters.put("RelayState", relayState); - } + final String relayState = request.getParameter("RelayState"); + if (relayState != null) { + parameters.put("RelayState", relayState); + } - if (settings.getLogoutResponseSigned()) { - final String sigAlg = settings.getSignatureAlgorithm(); - final String signature = this.buildResponseSignature(samlLogoutResponse, relayState, sigAlg); + if (settings.getLogoutResponseSigned()) { + final String sigAlg = settings.getSignatureAlgorithm(); + final String signature = this.buildResponseSignature(samlLogoutResponse, relayState, sigAlg); - parameters.put("SigAlg", sigAlg); - parameters.put("Signature", signature); - } + parameters.put("SigAlg", sigAlg); + parameters.put("Signature", signature); + } - final String sloUrl = getSLOResponseUrl(); + final String sloUrl = getSLOResponseUrl(); - if (!stay) { - LOGGER.debug("Logout response sent to {} --> {}", sloUrl, samlLogoutResponse); - } - return ServletUtils.sendRedirect(response, sloUrl, parameters, stay); + if (!stay) { + LOGGER.debug("Logout response sent to {} --> {}", sloUrl, samlLogoutResponse); } - } else { - errors.add("invalid_binding"); - final String errorMsg = "SAML LogoutRequest/LogoutResponse not found. Only supported HTTP_REDIRECT Binding"; - throw new SAMLSevereException(errorMsg, SAMLSevereException.SAML_LOGOUTMESSAGE_NOT_FOUND); + return ServletUtils.sendRedirect(response, sloUrl, parameters, stay); } + errors.add("invalid_binding"); + final String errorMsg = "SAML LogoutRequest/LogoutResponse not found. Only supported HTTP_REDIRECT Binding"; + throw new SAMLSevereException(errorMsg, SAMLSevereException.SAML_LOGOUTMESSAGE_NOT_FOUND); } /** @@ -1551,7 +1540,7 @@ public String buildResponseSignature(final String samlResponse, final String rel * @return the base64 encoded signature * */ - private String buildSignature(final String samlMessage, final String relayState, String signAlgorithm, final String type) { + private String buildSignature(final String samlMessage, final String relayState, final String signAlgorithm, final String type) { String signature = ""; if (!settings.checkSPCerts()) { @@ -1562,19 +1551,17 @@ private String buildSignature(final String samlMessage, final String relayState, final PrivateKey key = settings.getSPkey(); - StringBuilder msg = new StringBuilder().append(type).append("=").append(Util.urlEncoder(samlMessage)); + final StringBuilder msg = new StringBuilder().append(type).append("=").append(Util.urlEncoder(samlMessage)); if (StringUtils.isNotEmpty(relayState)) { msg.append("&RelayState=").append(Util.urlEncoder(relayState)); } - if (StringUtils.isEmpty(signAlgorithm)) { - signAlgorithm = Constants.RSA_SHA1; - } + final String algorithm = StringUtils.isEmpty(signAlgorithm) ? Constants.RSA_SHA1 : signAlgorithm; - msg.append("&SigAlg=").append(Util.urlEncoder(signAlgorithm)); + msg.append("&SigAlg=").append(Util.urlEncoder(algorithm)); try { - signature = Util.base64encoder(Util.sign(msg.toString(), key, signAlgorithm)); + signature = Util.base64encoder(Util.sign(msg.toString(), key, algorithm)); } catch (InvalidKeyRuntimeException | NoSuchAlgorithmRuntimeException | SAMLSignatureException e) { final String errorMsg = "buildSignature error." + e.getMessage(); LOGGER.warn(errorMsg, e); diff --git a/toolkit/src/main/java/org/codelibs/saml2/servlet/ServletUtils.java b/toolkit/src/main/java/org/codelibs/saml2/servlet/ServletUtils.java index 5fa3567..df7f6b0 100644 --- a/toolkit/src/main/java/org/codelibs/saml2/servlet/ServletUtils.java +++ b/toolkit/src/main/java/org/codelibs/saml2/servlet/ServletUtils.java @@ -154,32 +154,33 @@ public static String getSelfRoutedURLNoQuery(HttpServletRequest request) { * @see jakarta.servlet.http.HttpServletResponse#sendRedirect(String) */ public static String sendRedirect(HttpServletResponse response, String location, Map parameters, Boolean stay) { - String target = location; + final StringBuilder target = new StringBuilder(location); if (!parameters.isEmpty()) { boolean first = !location.contains("?"); for (Map.Entry parameter : parameters.entrySet()) { if (first) { - target += "?"; + target.append("?"); first = false; } else { - target += "&"; + target.append("&"); } - target += parameter.getKey(); + target.append(parameter.getKey()); if (!parameter.getValue().isEmpty()) { - target += "=" + Util.urlEncoder(parameter.getValue()); + target.append("=").append(Util.urlEncoder(parameter.getValue())); } } } + final String targetUrl = target.toString(); if (!stay) { try { - response.sendRedirect(target); + response.sendRedirect(targetUrl); } catch (IOException e) { throw new IORuntimeException(e); } } - return target; + return targetUrl; } /** @@ -211,7 +212,7 @@ public static void sendRedirect(HttpServletResponse response, String location, M * @see HttpServletResponse#sendRedirect(String) */ public static void sendRedirect(HttpServletResponse response, String location) { - Map parameters = new HashMap(); + Map parameters = new HashMap<>(); sendRedirect(response, location, parameters); } } diff --git a/toolkit/src/test/java/org/codelibs/saml2/test/AuthTest.java b/toolkit/src/test/java/org/codelibs/saml2/test/AuthTest.java index 55402bb..6714507 100644 --- a/toolkit/src/test/java/org/codelibs/saml2/test/AuthTest.java +++ b/toolkit/src/test/java/org/codelibs/saml2/test/AuthTest.java @@ -118,7 +118,7 @@ private KeyStoreSettings getKeyStoreSettings() * @throws IOException * @throws Error * - * @see org.codelibs.saml2.core.core.toolkit.Auth + * @see org.codelibs.saml2.Auth */ @Test public void testConstructor() throws IOException, SettingsException, SAMLSevereException { @@ -139,7 +139,7 @@ public void testConstructor() throws IOException, SettingsException, SAMLSevereE * @throws IOException * @throws Error * - * @see org.codelibs.saml2.core.core.toolkit.Auth + * @see org.codelibs.saml2.Auth */ @Test public void testConstructorWithFilename() throws IOException, SettingsException, SAMLSevereException { @@ -163,7 +163,7 @@ public void testConstructorWithFilename() throws IOException, SettingsException, * @throws KeyStoreException * @throws UnrecoverableKeyException * - * @see org.codelibs.saml2.core.core.toolkit.Auth + * @see org.codelibs.saml2.Auth */ @Test public void testConstructorWithFilenameAndKeyStore() throws IOException, SettingsException, SAMLSevereException, @@ -188,7 +188,7 @@ public void testConstructorWithFilenameAndKeyStore() throws IOException, Setting * @throws URISyntaxException * @throws Error * - * @see org.codelibs.saml2.core.core.toolkit.Auth + * @see org.codelibs.saml2.Auth */ @Test public void testConstructorWithReqRes() throws IOException, SettingsException, URISyntaxException, SAMLSevereException { @@ -217,7 +217,7 @@ public void testConstructorWithReqRes() throws IOException, SettingsException, U * @throws CertificateException * @throws NoSuchAlgorithmException * - * @see org.codelibs.saml2.core.core.toolkit.Auth + * @see org.codelibs.saml2.Auth */ @Test public void testConstructorWithReqResAndKeyStore() throws IOException, SettingsException, URISyntaxException, SAMLSevereException, @@ -244,7 +244,7 @@ public void testConstructorWithReqResAndKeyStore() throws IOException, SettingsE * @throws URISyntaxException * @throws Error * - * @see org.codelibs.saml2.core.core.toolkit.Auth + * @see org.codelibs.saml2.Auth */ @Test public void testConstructorWithFilenameReqRes() throws IOException, SettingsException, URISyntaxException, SAMLSevereException { @@ -270,7 +270,7 @@ public void testConstructorWithFilenameReqRes() throws IOException, SettingsExce * @throws URISyntaxException * @throws Error * - * @see org.codelibs.saml2.core.core.toolkit.Auth + * @see org.codelibs.saml2.Auth */ @Test public void testConstructorWithSettingsReqRes() throws IOException, SettingsException, URISyntaxException, SAMLSevereException { @@ -294,7 +294,7 @@ public void testConstructorWithSettingsReqRes() throws IOException, SettingsExce * @throws URISyntaxException * @throws Error * - * @see org.codelibs.saml2.core.core.toolkit.Auth + * @see org.codelibs.saml2.Auth */ @Test public void testConstructorInvalidSettings() throws IOException, SettingsException, URISyntaxException, SAMLSevereException { @@ -318,7 +318,7 @@ public void testConstructorInvalidSettings() throws IOException, SettingsExcepti * @throws IOException * @throws Error * - * @see org.codelibs.saml2.core.core.toolkit.Auth#getSettings + * @see org.codelibs.saml2.Auth#getSettings */ @Test public void testGetSettings() throws IOException, SettingsException, SAMLSevereException { @@ -348,7 +348,7 @@ public void testGetSettings() throws IOException, SettingsException, SAMLSevereE * @throws URISyntaxException * @throws Error * - * @see org.codelibs.saml2.core.core.toolkit.Auth#setStrict + * @see org.codelibs.saml2.Auth#setStrict */ @Test public void testSetStrict() throws IOException, SettingsException, URISyntaxException, SAMLSevereException { @@ -369,7 +369,7 @@ public void testSetStrict() throws IOException, SettingsException, URISyntaxExce * @throws URISyntaxException * @throws Error * - * @see org.codelibs.saml2.core.core.toolkit.Auth#setReplayCache + * @see org.codelibs.saml2.Auth#setReplayCache */ @Test public void testSetReplayCache() throws IOException, SettingsException, URISyntaxException, SAMLSevereException { @@ -389,7 +389,7 @@ public void testSetReplayCache() throws IOException, SettingsException, URISynta * @throws URISyntaxException * @throws Error * - * @see org.codelibs.saml2.core.core.toolkit.Auth#isDebugActive + * @see org.codelibs.saml2.Auth#isDebugActive */ @Test public void testIsDebugActive() throws IOException, SettingsException, URISyntaxException, SAMLSevereException { @@ -417,7 +417,7 @@ public void testIsDebugActive() throws IOException, SettingsException, URISyntax * @throws SettingsException * @throws Error * - * @see org.codelibs.saml2.core.core.toolkit.Auth#getSSOurl + * @see org.codelibs.saml2.Auth#getSSOurl */ @Test public void testGetSSOurl() throws URISyntaxException, IOException, SettingsException, SAMLSevereException { @@ -440,7 +440,7 @@ public void testGetSSOurl() throws URISyntaxException, IOException, SettingsExce * @throws SettingsException * @throws Error * - * @see org.codelibs.saml2.core.core.toolkit.Auth#getSLOurl + * @see org.codelibs.saml2.Auth#getSLOurl */ @Test public void testGetSLOurl() throws URISyntaxException, IOException, SettingsException, SAMLSevereException { @@ -463,7 +463,7 @@ public void testGetSLOurl() throws URISyntaxException, IOException, SettingsExce * @throws SettingsException * @throws Error * - * @see org.codelibs.saml2.core.core.toolkit.Auth#getSLOResponseUrl + * @see org.codelibs.saml2.Auth#getSLOResponseUrl */ @Test public void testGetSLOResponseUrl() throws URISyntaxException, IOException, SettingsException, SAMLSevereException { @@ -486,7 +486,7 @@ public void testGetSLOResponseUrl() throws URISyntaxException, IOException, Sett * @throws SettingsException * @throws Error * - * @see org.codelibs.saml2.core.core.toolkit.Auth#getSLOResponseUrl + * @see org.codelibs.saml2.Auth#getSLOResponseUrl */ @Test public void testGetSLOResponseUrlNull() throws URISyntaxException, IOException, SettingsException, SAMLSevereException { @@ -506,7 +506,7 @@ public void testGetSLOResponseUrlNull() throws URISyntaxException, IOException, * * @throws Exception * - * @see org.codelibs.saml2.core.core.toolkit.Auth#processResponse + * @see org.codelibs.saml2.Auth#processResponse */ @Test public void testProcessNoResponse() throws Exception { @@ -535,10 +535,10 @@ public void testProcessNoResponse() throws Exception { * * @throws Exception * - * @see org.codelibs.saml2.core.core.toolkit.Auth#processResponse - * @see org.codelibs.saml2.core.core.toolkit.Auth#getAttributes - * @see org.codelibs.saml2.core.core.toolkit.Auth#getAttribute - * @see org.codelibs.saml2.core.core.toolkit.Auth#getAttributesName + * @see org.codelibs.saml2.Auth#processResponse + * @see org.codelibs.saml2.Auth#getAttributes + * @see org.codelibs.saml2.Auth#getAttribute + * @see org.codelibs.saml2.Auth#getAttributesName */ @Test public void testProcessResponse() throws Exception { @@ -598,7 +598,7 @@ public void testProcessResponse() throws Exception { * * @throws Exception * - * @see org.codelibs.saml2.core.core.toolkit.Auth#processSLO + * @see org.codelibs.saml2.Auth#processSLO */ @Test public void testProcessResponseStatusResponder() throws Exception { @@ -632,7 +632,7 @@ public void testProcessResponseStatusResponder() throws Exception { * * @throws Exception * - * @see org.codelibs.saml2.core.core.toolkit.Auth#processSLO + * @see org.codelibs.saml2.Auth#processSLO */ @Test public void testProcessSLONoMessage() throws Exception { @@ -662,7 +662,7 @@ public void testProcessSLONoMessage() throws Exception { * * @throws Exception * - * @see org.codelibs.saml2.core.core.toolkit.Auth#processSLO + * @see org.codelibs.saml2.Auth#processSLO */ @Test public void testProcessSLORequestKeepSession() throws Exception { @@ -692,7 +692,7 @@ public void testProcessSLORequestKeepSession() throws Exception { * * @throws Exception * - * @see org.codelibs.saml2.core.core.toolkit.Auth#processSLO + * @see org.codelibs.saml2.Auth#processSLO */ @Test public void testProcessSLORequestRemoveSession() throws Exception { @@ -721,7 +721,7 @@ public void testProcessSLORequestRemoveSession() throws Exception { * * @throws Exception * - * @see org.codelibs.saml2.core.core.toolkit.Auth#processSLO + * @see org.codelibs.saml2.Auth#processSLO */ @Test public void testProcessSLORequestStay() throws Exception { @@ -750,7 +750,7 @@ public void testProcessSLORequestStay() throws Exception { * * @throws Exception * - * @see org.codelibs.saml2.core.core.toolkit.Auth#processSLO + * @see org.codelibs.saml2.Auth#processSLO */ @Test public void testProcessSLORequestStayFalse() throws Exception { @@ -782,7 +782,7 @@ public void testProcessSLORequestStayFalse() throws Exception { * * @throws Exception * - * @see org.codelibs.saml2.core.core.toolkit.Auth#processSLO + * @see org.codelibs.saml2.Auth#processSLO */ @Test public void testProcessSLORequestStayTrue() throws Exception { @@ -812,7 +812,7 @@ public void testProcessSLORequestStayTrue() throws Exception { * * @throws Exception * - * @see org.codelibs.saml2.core.core.toolkit.Auth#processSLO + * @see org.codelibs.saml2.Auth#processSLO */ @Test public void testProcessSLORequestSignRes() throws Exception { @@ -848,7 +848,7 @@ public void testProcessSLORequestSignRes() throws Exception { * * @throws Exception * - * @see org.codelibs.saml2.core.core.toolkit.Auth#processSLO + * @see org.codelibs.saml2.Auth#processSLO */ @Test public void testProcessSLORequestInvalid() throws Exception { @@ -879,7 +879,7 @@ public void testProcessSLORequestInvalid() throws Exception { * * @throws Exception * - * @see org.codelibs.saml2.core.core.toolkit.Auth#processSLO + * @see org.codelibs.saml2.Auth#processSLO */ @Test public void testProcessSLOResponseKeepSession() throws Exception { @@ -906,7 +906,7 @@ public void testProcessSLOResponseKeepSession() throws Exception { * * @throws Exception * - * @see org.codelibs.saml2.core.core.toolkit.Auth#processSLO + * @see org.codelibs.saml2.Auth#processSLO */ @Test public void testProcessSLOResponseRemoveSession() throws Exception { @@ -933,7 +933,7 @@ public void testProcessSLOResponseRemoveSession() throws Exception { * * @throws Exception * - * @see org.codelibs.saml2.core.core.toolkit.Auth#processSLO + * @see org.codelibs.saml2.Auth#processSLO */ @Test public void testProcessSLOResponseWrongRequestId() throws Exception { @@ -964,7 +964,7 @@ public void testProcessSLOResponseWrongRequestId() throws Exception { * * @throws Exception * - * @see org.codelibs.saml2.core.core.toolkit.Auth#processSLO + * @see org.codelibs.saml2.Auth#processSLO */ @Test public void testProcessSLOResponseStatusResponder() throws Exception { @@ -992,9 +992,9 @@ public void testProcessSLOResponseStatusResponder() throws Exception { * * @throws Exception * - * @see org.codelibs.saml2.core.core.toolkit.Auth#isAuthenticated - * @see org.codelibs.saml2.core.core.toolkit.Auth#getErrors - * @see org.codelibs.saml2.core.core.toolkit.Auth#getLastErrorReason + * @see org.codelibs.saml2.Auth#isAuthenticated + * @see org.codelibs.saml2.Auth#getErrors + * @see org.codelibs.saml2.Auth#getLastErrorReason */ @Test public void testIsAuthenticated() throws Exception { @@ -1049,7 +1049,7 @@ public void testIsAuthenticated() throws Exception { * * @throws Exception * - * @see org.codelibs.saml2.core.core.toolkit.Auth#getNameId + * @see org.codelibs.saml2.Auth#getNameId */ @Test public void testGetNameID() throws Exception { @@ -1091,7 +1091,7 @@ public void testGetNameID() throws Exception { * * @throws Exception * - * @see org.codelibs.saml2.core.core.toolkit.Auth#getNameIdFormat + * @see org.codelibs.saml2.Auth#getNameIdFormat */ @Test public void testGetNameIdFormat() throws Exception { @@ -1132,7 +1132,7 @@ public void testGetNameIdFormat() throws Exception { * * @throws Exception * - * @see org.codelibs.saml2.core.core.toolkit.Auth#getNameIdNameQualifier + * @see org.codelibs.saml2.Auth#getNameIdNameQualifier */ @Test public void testGetNameIdNameQualifier() throws Exception { @@ -1163,7 +1163,7 @@ public void testGetNameIdNameQualifier() throws Exception { * * @throws Exception * - * @see org.codelibs.saml2.core.core.toolkit.Auth#getNameIdSPNameQualifier + * @see org.codelibs.saml2.Auth#getNameIdSPNameQualifier */ @Test public void testGetNameIdSPNameQualifier() throws Exception { @@ -1194,7 +1194,7 @@ public void testGetNameIdSPNameQualifier() throws Exception { * * @throws Exception * - * @see org.codelibs.saml2.core.core.toolkit.authn.SamlResponse#getNameId + * @see org.codelibs.saml2.core.authn.SamlResponse#getNameId */ @Test public void testGetNameIDEncWithNoKey() throws Exception { @@ -1216,7 +1216,7 @@ public void testGetNameIDEncWithNoKey() throws Exception { * * @throws Exception * - * @see org.codelibs.saml2.core.core.toolkit.authn.SamlResponse#getAttributes + * @see org.codelibs.saml2.core.authn.SamlResponse#getAttributes */ @Test public void testOnlyRetrieveAssertionWithIDThatMatchesSignatureReference() throws Exception { @@ -1239,7 +1239,7 @@ public void testOnlyRetrieveAssertionWithIDThatMatchesSignatureReference() throw * * @throws Exception * - * @see org.codelibs.saml2.core.core.toolkit.Auth#getSessionIndex + * @see org.codelibs.saml2.Auth#getSessionIndex */ @Test public void testGetSessionIndex() throws Exception { @@ -1286,7 +1286,7 @@ public void testGetAssertionDetails() throws Exception { * * @throws Exception * - * @see org.codelibs.saml2.core.core.toolkit.Auth#getSessionExpiration + * @see org.codelibs.saml2.Auth#getSessionExpiration */ @Test public void testGetSessionExpiration() throws Exception { @@ -1321,7 +1321,7 @@ public void testGetSessionExpiration() throws Exception { * @throws URISyntaxException * @throws Error * - * @see org.codelibs.saml2.core.core.toolkit.Auth#login + * @see org.codelibs.saml2.Auth#login */ @Test public void testLogin() throws IOException, SettingsException, URISyntaxException, SAMLSevereException { @@ -1350,7 +1350,7 @@ public void testLogin() throws IOException, SettingsException, URISyntaxExceptio * @throws URISyntaxException * @throws Error * - * @see org.codelibs.saml2.core.core.toolkit.Auth#login + * @see org.codelibs.saml2.Auth#login */ @Test public void testLoginWithRelayState() throws IOException, SettingsException, URISyntaxException, SAMLSevereException { @@ -1380,7 +1380,7 @@ public void testLoginWithRelayState() throws IOException, SettingsException, URI * @throws URISyntaxException * @throws Error * - * @see org.codelibs.saml2.core.core.toolkit.Auth#login + * @see org.codelibs.saml2.Auth#login */ @Test public void testLoginWithoutRelayState() throws IOException, SettingsException, URISyntaxException, SAMLSevereException { @@ -1411,7 +1411,7 @@ public void testLoginWithoutRelayState() throws IOException, SettingsException, * @throws URISyntaxException * @throws Error * - * @see org.codelibs.saml2.core.core.toolkit.Auth#login + * @see org.codelibs.saml2.Auth#login */ @Test public void testLoginWithExtraParameters() throws IOException, SettingsException, URISyntaxException, SAMLSevereException { @@ -1442,7 +1442,7 @@ public void testLoginWithExtraParameters() throws IOException, SettingsException * @throws URISyntaxException * @throws Error * - * @see org.codelibs.saml2.core.core.toolkit.Auth#login + * @see org.codelibs.saml2.Auth#login */ @Test public void testLoginStay() throws IOException, SettingsException, URISyntaxException, SAMLSevereException { @@ -1476,7 +1476,7 @@ public void testLoginStay() throws IOException, SettingsException, URISyntaxExce * @throws URISyntaxException * @throws Error * - * @see org.codelibs.saml2.core.core.toolkit.Auth#login + * @see org.codelibs.saml2.Auth#login */ @Test public void testLoginSubject() throws IOException, SettingsException, URISyntaxException, SAMLSevereException { @@ -1527,7 +1527,7 @@ public void testLoginSubject() throws IOException, SettingsException, URISyntaxE * @throws URISyntaxException * @throws Error * - * @see org.codelibs.saml2.core.core.toolkit.Auth#login + * @see org.codelibs.saml2.Auth#login */ @Test public void testLoginSignedFail() throws IOException, SettingsException, URISyntaxException, SAMLSevereException { @@ -1556,7 +1556,7 @@ public void testLoginSignedFail() throws IOException, SettingsException, URISynt * @throws URISyntaxException * @throws Error * - * @see org.codelibs.saml2.core.core.toolkit.Auth#login + * @see org.codelibs.saml2.Auth#login */ @Test public void testLoginSigned() throws IOException, SettingsException, URISyntaxException, SAMLSevereException { @@ -1592,7 +1592,7 @@ public void testLoginSigned() throws IOException, SettingsException, URISyntaxEx * @throws XMLSecurityException * @throws Error * - * @see org.codelibs.saml2.core.core.toolkit.Auth#logout + * @see org.codelibs.saml2.Auth#logout */ @Test public void testLogout() throws IOException, SettingsException, XMLSecurityException, SAMLSevereException { @@ -1622,7 +1622,7 @@ public void testLogout() throws IOException, SettingsException, XMLSecurityExcep * @throws XMLSecurityException * @throws Error * - * @see org.codelibs.saml2.core.core.toolkit.Auth#logout + * @see org.codelibs.saml2.Auth#logout */ @Test public void testLogoutWithExtraParameters() throws IOException, SettingsException, XMLSecurityException, SAMLSevereException { @@ -1652,7 +1652,7 @@ public void testLogoutWithExtraParameters() throws IOException, SettingsExceptio * @throws XMLSecurityException * @throws Error * - * @see org.codelibs.saml2.core.core.toolkit.Auth#logout + * @see org.codelibs.saml2.Auth#logout */ @Test public void testLogoutWithRelayState() throws IOException, SettingsException, XMLSecurityException, SAMLSevereException { @@ -1683,7 +1683,7 @@ public void testLogoutWithRelayState() throws IOException, SettingsException, XM * @throws XMLSecurityException * @throws Error * - * @see org.codelibs.saml2.core.core.toolkit.Auth#logout + * @see org.codelibs.saml2.Auth#logout */ @Test public void testLogoutWithoutRelayState() throws IOException, SettingsException, XMLSecurityException, SAMLSevereException { @@ -1715,7 +1715,7 @@ public void testLogoutWithoutRelayState() throws IOException, SettingsException, * @throws XMLSecurityException * @throws Error * - * @see org.codelibs.saml2.core.core.toolkit.Auth#logout + * @see org.codelibs.saml2.Auth#logout */ @Test public void testLogoutStay() throws IOException, SettingsException, XMLSecurityException, SAMLSevereException { @@ -1749,7 +1749,7 @@ public void testLogoutStay() throws IOException, SettingsException, XMLSecurityE * @throws XMLSecurityException * @throws Error * - * @see org.codelibs.saml2.core.core.toolkit.Auth#logout + * @see org.codelibs.saml2.Auth#logout */ @Test public void testLogoutSignedFail() throws IOException, SettingsException, XMLSecurityException, SAMLSevereException { @@ -1778,7 +1778,7 @@ public void testLogoutSignedFail() throws IOException, SettingsException, XMLSec * @throws XMLSecurityException * @throws Error * - * @see org.codelibs.saml2.core.core.toolkit.Auth#logout + * @see org.codelibs.saml2.Auth#logout */ @Test public void testLogoutSigned() throws IOException, SettingsException, XMLSecurityException, SAMLSevereException { @@ -1814,7 +1814,7 @@ public void testLogoutSigned() throws IOException, SettingsException, XMLSecurit * @throws SettingsException * @throws Error * - * @see org.codelibs.saml2.core.core.toolkit.Auth#buildRequestSignature + * @see org.codelibs.saml2.Auth#buildRequestSignature */ @Test public void testBuildRequestSignatureInvalidSP() throws URISyntaxException, IOException, SettingsException, SAMLSevereException { @@ -1838,7 +1838,7 @@ public void testBuildRequestSignatureInvalidSP() throws URISyntaxException, IOEx * @throws SettingsException * @throws Error * - * @see org.codelibs.saml2.core.core.toolkit.Auth#buildRequestSignature + * @see org.codelibs.saml2.Auth#buildRequestSignature */ @Test public void testBuildRequestSignatureRsaSha1() throws URISyntaxException, IOException, SettingsException, SAMLSevereException { @@ -1865,7 +1865,7 @@ public void testBuildRequestSignatureRsaSha1() throws URISyntaxException, IOExce * @throws SettingsException * @throws Error * - * @see org.codelibs.saml2.core.core.toolkit.Auth#buildRequestSignature + * @see org.codelibs.saml2.Auth#buildRequestSignature */ @Test(expected = IllegalArgumentException.class) public void testBuildRequestSignatureDsaSha1() throws URISyntaxException, IOException, SettingsException, SAMLSevereException { @@ -1886,7 +1886,7 @@ public void testBuildRequestSignatureDsaSha1() throws URISyntaxException, IOExce * @throws SettingsException * @throws Error * - * @see org.codelibs.saml2.core.core.toolkit.Auth#buildRequestSignature + * @see org.codelibs.saml2.Auth#buildRequestSignature */ @Test public void testBuildRequestSignatureRsaSha256() throws URISyntaxException, IOException, SettingsException, SAMLSevereException { @@ -1910,7 +1910,7 @@ public void testBuildRequestSignatureRsaSha256() throws URISyntaxException, IOEx * @throws SettingsException * @throws Error * - * @see org.codelibs.saml2.core.core.toolkit.Auth#buildRequestSignature + * @see org.codelibs.saml2.Auth#buildRequestSignature */ @Test public void testBuildRequestSignatureRsaSha384() throws URISyntaxException, IOException, SettingsException, SAMLSevereException { @@ -1934,7 +1934,7 @@ public void testBuildRequestSignatureRsaSha384() throws URISyntaxException, IOEx * @throws SettingsException * @throws Error * - * @see org.codelibs.saml2.core.core.toolkit.Auth#buildRequestSignature + * @see org.codelibs.saml2.Auth#buildRequestSignature */ @Test public void testBuildRequestSignatureRsaSha512() throws URISyntaxException, IOException, SettingsException, SAMLSevereException { @@ -1958,7 +1958,7 @@ public void testBuildRequestSignatureRsaSha512() throws URISyntaxException, IOEx * @throws SettingsException * @throws Error * - * @see org.codelibs.saml2.core.core.toolkit.Auth#buildResponseSignature + * @see org.codelibs.saml2.Auth#buildResponseSignature */ @Test public void testBuildResponseSignatureRsaSha1() throws URISyntaxException, IOException, SettingsException, SAMLSevereException { @@ -1985,7 +1985,7 @@ public void testBuildResponseSignatureRsaSha1() throws URISyntaxException, IOExc * @throws SettingsException * @throws Error * - * @see org.codelibs.saml2.core.core.toolkit.Auth#buildResponseSignature + * @see org.codelibs.saml2.Auth#buildResponseSignature */ @Test(expected = IllegalArgumentException.class) public void testBuildResponseSignatureDsaSha1() throws URISyntaxException, IOException, SettingsException, SAMLSevereException { @@ -2006,7 +2006,7 @@ public void testBuildResponseSignatureDsaSha1() throws URISyntaxException, IOExc * @throws SettingsException * @throws Error * - * @see org.codelibs.saml2.core.core.toolkit.Auth#buildResponseSignature + * @see org.codelibs.saml2.Auth#buildResponseSignature */ @Test public void testBuildResponseSignatureRsaSha256() throws URISyntaxException, IOException, SettingsException, SAMLSevereException { @@ -2030,7 +2030,7 @@ public void testBuildResponseSignatureRsaSha256() throws URISyntaxException, IOE * @throws SettingsException * @throws Error * - * @see org.codelibs.saml2.core.core.toolkit.Auth#buildResponseSignature + * @see org.codelibs.saml2.Auth#buildResponseSignature */ @Test public void testBuildResponseSignatureRsaSha384() throws URISyntaxException, IOException, SettingsException, SAMLSevereException { @@ -2054,7 +2054,7 @@ public void testBuildResponseSignatureRsaSha384() throws URISyntaxException, IOE * @throws SettingsException * @throws Error * - * @see org.codelibs.saml2.core.core.toolkit.Auth#buildResponseSignature + * @see org.codelibs.saml2.Auth#buildResponseSignature */ @Test public void testBuildResponseSignatureRsaSha512() throws URISyntaxException, IOException, SettingsException, SAMLSevereException { @@ -2077,7 +2077,7 @@ public void testBuildResponseSignatureRsaSha512() throws URISyntaxException, IOE * @throws SettingsException * @throws Error * - * @see org.codelibs.saml2.core.core.toolkit.Auth#buildSignature + * @see org.codelibs.saml2.Auth#buildSignature */ @Test public void testBuildSignature() throws URISyntaxException, IOException, SettingsException, SAMLSevereException { @@ -2148,7 +2148,7 @@ public void testBuildSignature() throws URISyntaxException, IOException, Setting * @throws SettingsException * @throws Error * - * @see org.codelibs.saml2.core.core.toolkit.Auth#getLastRequestXML + * @see org.codelibs.saml2.Auth#getLastRequestXML */ @Test public void testGetLastAuthNRequest() throws IOException, SettingsException, SAMLSevereException { @@ -2175,7 +2175,7 @@ public void testGetLastAuthNRequest() throws IOException, SettingsException, SAM * @throws XMLSecurityException * @throws Error * - * @see org.codelibs.saml2.core.core.toolkit.Auth#getLastRequestXML + * @see org.codelibs.saml2.Auth#getLastRequestXML */ @Test public void testGetLastLogoutRequestSent() throws IOException, SettingsException, XMLSecurityException, SAMLSevereException { @@ -2199,7 +2199,7 @@ public void testGetLastLogoutRequestSent() throws IOException, SettingsException * * @throws Exception * - * @see org.codelibs.saml2.core.core.toolkit.Auth#getLastRequestXML + * @see org.codelibs.saml2.Auth#getLastRequestXML */ @Test public void testGetLastLogoutRequestReceived() throws Exception { @@ -2222,7 +2222,7 @@ public void testGetLastLogoutRequestReceived() throws Exception { * * @throws Exception * - * @see org.codelibs.saml2.core.core.toolkit.Auth#getLastResponseXML + * @see org.codelibs.saml2.Auth#getLastResponseXML */ @Test public void testGetLastSAMLResponse() throws Exception { @@ -2253,7 +2253,7 @@ public void testGetLastSAMLResponse() throws Exception { * * @throws Exception * - * @see org.codelibs.saml2.core.core.toolkit.Auth#getLastResponseXML + * @see org.codelibs.saml2.Auth#getLastResponseXML */ @Test public void testGetLastLogoutResponseSent() throws Exception { @@ -2277,7 +2277,7 @@ public void testGetLastLogoutResponseSent() throws Exception { * * @throws Exception * - * @see org.codelibs.saml2.core.core.toolkit.Auth#getLastResponseXML + * @see org.codelibs.saml2.Auth#getLastResponseXML */ @Test public void testGetLastLogoutResponseReceived() throws Exception { @@ -2302,7 +2302,7 @@ private static class FactoryInvokedException extends RuntimeException { * * @throws Exception * - * @see org.codelibs.saml2.core.core.toolkit.Auth#setAuthnRequestFactory(org.codelibs.saml2.core.core.toolkit.factory.SamlOutgoingMessageFactory) + * @see org.codelibs.saml2.Auth#setAuthnRequestFactory(org.codelibs.saml2.factory.SamlOutgoingMessageFactory) */ @Test(expected = FactoryInvokedException.class) public void testAuthnRequestFactory() throws Exception { @@ -2336,7 +2336,7 @@ public AuthnRequest createAuthnRequest(Saml2Settings settings, AuthnRequestParam * * @throws Exception * - * @see org.codelibs.saml2.core.core.toolkit.Auth#setSamlResponseFactory(org.codelibs.saml2.core.core.toolkit.factory.SamlReceivedMessageFactory) + * @see org.codelibs.saml2.Auth#setSamlResponseFactory(org.codelibs.saml2.factory.SamlReceivedMessageFactory) */ @Test(expected = FactoryInvokedException.class) public void testSamlResponseFactory() throws Exception { @@ -2373,7 +2373,7 @@ public SamlResponse createSamlResponse(Saml2Settings settings, HttpRequest reque * * @throws Exception * - * @see org.codelibs.saml2.core.core.toolkit.Auth#setOutgoingLogoutRequestFactory(org.codelibs.saml2.core.core.toolkit.factory.SamlOutgoingMessageFactory) + * @see org.codelibs.saml2.Auth#setOutgoingLogoutRequestFactory(org.codelibs.saml2.factory.SamlOutgoingMessageFactory) */ @Test(expected = FactoryInvokedException.class) public void testOutgoingLogoutRequestFactory() throws Exception { @@ -2409,7 +2409,7 @@ public LogoutRequest createOutgoingLogoutRequest(Saml2Settings settings, LogoutR * * @throws Exception * - * @see org.codelibs.saml2.core.core.toolkit.Auth#setReceivedLogoutRequestFactory(org.codelibs.saml2.core.core.toolkit.factory.SamlReceivedMessageFactory) + * @see org.codelibs.saml2.Auth#setReceivedLogoutRequestFactory(org.codelibs.saml2.factory.SamlReceivedMessageFactory) */ @Test(expected = FactoryInvokedException.class) public void testIncomingLogoutRequestFactory() throws Exception { @@ -2449,7 +2449,7 @@ public LogoutRequest createIncomingLogoutRequest(Saml2Settings settings, HttpReq * * @throws Exception * - * @see org.codelibs.saml2.core.core.toolkit.Auth#setOutgoingLogoutResponseFactory(org.codelibs.saml2.core.core.toolkit.factory.SamlOutgoingMessageFactory) + * @see org.codelibs.saml2.Auth#setOutgoingLogoutResponseFactory(org.codelibs.saml2.factory.SamlOutgoingMessageFactory) */ @Test(expected = FactoryInvokedException.class) public void testOutgoingLogoutResponseFactory() throws Exception { @@ -2493,7 +2493,7 @@ public LogoutResponse createOutgoingLogoutResponse(Saml2Settings settings, Logou * * @throws Exception * - * @see org.codelibs.saml2.core.core.toolkit.Auth#setReceivedLogoutResponseFactory(org.codelibs.saml2.core.core.toolkit.factory.SamlReceivedMessageFactory) + * @see org.codelibs.saml2.Auth#setReceivedLogoutResponseFactory(org.codelibs.saml2.factory.SamlReceivedMessageFactory) */ @Test(expected = FactoryInvokedException.class) public void testIncomingLogoutResponseFactory() throws Exception {