Clover Coverage Report
Coverage timestamp: Sun Mar 23 2008 08:24:39 GMT
25   200   7   3.57
10   55   0.52   7
7     1.86  
1    
 
 
  ShibbolethPrincipal       Line # 93 25 7 78.6% 0.78571427
 
No Tests
 
1    /*
2    * Copyright (c) 2000-2005, University of Salford
3    * All rights reserved.
4    *
5    * Redistribution and use in source and binary forms, with or without
6    * modification, are permitted provided that the following conditions are met:
7    *
8    * Redistributions of source code must retain the above copyright notice, this
9    * list of conditions and the following disclaimer.
10    *
11    * Redistributions in binary form must reproduce the above copyright notice,
12    * this list of conditions and the following disclaimer in the documentation
13    * and/or other materials provided with the distribution.
14    *
15    * Neither the name of the University of Salford nor the names of its
16    * contributors may be used to endorse or promote products derived from this
17    * software without specific prior written permission.
18    *
19    * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
20    * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
21    * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
22    * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE
23    * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
24    * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
25    * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
26    * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
27    * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
28    * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
29    * POSSIBILITY OF SUCH DAMAGE.
30    */
31    /*
32    * Copyright (c) 2006, University of Kent
33    * All rights reserved.
34    *
35    * Redistribution and use in source and binary forms, with or without
36    * modification, are permitted provided that the following conditions are met:
37    *
38    * Redistributions of source code must retain the above copyright notice, this
39    * list of conditions and the following disclaimer.
40    *
41    * Redistributions in binary form must reproduce the above copyright notice,
42    * this list of conditions and the following disclaimer in the documentation
43    * and/or other materials provided with the distribution.
44    *
45    * 1. Neither the name of the University of Kent nor the names of its
46    * contributors may be used to endorse or promote products derived from this
47    * software without specific prior written permission.
48    *
49    * 2. THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS
50    * IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,
51    * THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
52    * PURPOSE ARE DISCLAIMED.
53    *
54    * 3. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE
55    * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
56    * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
57    * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
58    * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
59    * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
60    * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
61    * POSSIBILITY OF SUCH DAMAGE.
62    *
63    * 4. YOU AGREE THAT THE EXCLUSIONS IN PARAGRAPHS 2 AND 3 ABOVE ARE REASONABLE
64    * IN THE CIRCUMSTANCES. IN PARTICULAR, YOU ACKNOWLEDGE (1) THAT THIS
65    * SOFTWARE HAS BEEN MADE AVAILABLE TO YOU FREE OF CHARGE, (2) THAT THIS
66    * SOFTWARE IS NOT "PRODUCT" QUALITY, BUT HAS BEEN PRODUCED BY A RESEARCH
67    * GROUP WHO DESIRE TO MAKE THIS SOFTWARE FREELY AVAILABLE TO PEOPLE WHO WISH
68    * TO USE IT, AND (3) THAT BECAUSE THIS SOFTWARE IS NOT OF "PRODUCT" QUALITY
69    * IT IS INEVITABLE THAT THERE WILL BE BUGS AND ERRORS, AND POSSIBLY MORE
70    * SERIOUS FAULTS, IN THIS SOFTWARE.
71    *
72    * 5. This license is governed, except to the extent that local laws
73    * necessarily apply, by the laws of England and Wales.
74    */
75   
76    package issrg.shibboleth;
77   
78    import java.security.Principal;
79    import issrg.utils.repository.Entry;
80    import issrg.pba.rbac.BadURLException;
81    import issrg.pba.rbac.URLHandler;
82   
83    /**
84    * This class is used to represent a Principal obtained from Shibboleth
85    * attributes. The attribute format is determined by the way Shibboleth SP
86    * exports the values obtained from SAML into Apache headers.
87    *
88    * <p>Shibboleth attributes don't contain the name of the holder, but contain
89    * the identifier of the issuer - the scope. Therefore ShibbolethPrincipal
90    * represents the Entry of the issuer and the attributes issued to another
91    * entity.
92    */
 
93    public class ShibbolethPrincipal implements Principal, Entry {
94    String scopeDomain;
95    String attributeType;
96    String attributeValue;
97    String url;
98   
 
99  0 toggle protected ShibbolethPrincipal(){}
100   
101    /**
102    * This constructor can be used to construct Shibboleth Principal using a URL.
103    * It will identify the ISSUER of a Shibboleth attribute.
104    *
105    * <p>The format of this URL is as follows: "shib:" [&lt;attribute type&gt;=&lt;attribute value&gt;@] &lt;domain&gt;
106    *
107    * <p>If attribute type and value are present, they are extracted. Otherwise,
108    * the URL identifies the Domain and is rendered to be the Issuer of the
109    * attribute.
110    *
111    * @param url - the URL, as specified above
112    * @throws BadURLException if the URL doesn't correspond to this syntax
113    */
 
114  11 toggle public ShibbolethPrincipal (String url) throws BadURLException {
115  11 this.url=url;
116   
117  11 String proto = URLHandler.getProtocolName(url);
118   
119  11 if (proto.intern()!=ShibbolethURLHandler.SHIBBOLETH_PROTOCOL){
120  0 throw new BadURLException("shib: protocol was expected, but "+proto+" was found in "+this.url);
121    }
122   
123  11 int idx = url.indexOf(":"); // idx can't be less than 0 - shib: is definitely there
124   
125  11 if (idx+1>=url.length()){
126  0 throw new BadURLException("Bad URL: "+this.url+" is too short");
127    }
128   
129  11 url = url.substring(idx+1);
130    // now url is pure attributeType=attributeValue@domain
131   
132    //chop off the domain
133  11 idx = url.lastIndexOf("@"); // the domain value doesn't have "@" in it
134  11 if (idx<0){ // no domain spec - no attribute type, no value
135  2 scopeDomain = url;
136    }else{
137  9 if (idx+1>=url.length()){
138  0 throw new BadURLException("Bad URL: scope domain was expected after '@' at "+idx+" in "+this.url);
139    }
140   
141  9 scopeDomain = url.substring(idx+1);
142  9 url = url.substring(0, idx);
143   
144  9 idx = url.indexOf("="); // yes, the attribute type cannot contain any '='
145    // ...and it should be there, if '@' is there
146  9 if (idx<0 || idx+1>=url.length()){
147  0 throw new BadURLException("Bad URL: attribute type and value were expected after '=' at "+idx+" in "+this.url);
148    }
149   
150  9 attributeType = url.substring(0, idx);
151  9 attributeValue = url.substring(idx+1);
152    }
153    }
154   
155    /**
156    * This method returns the Principal of the issuer Entry.
157    *
158    * @return Principal representing the Issuer Entry
159    */
 
160  18 toggle public Principal getEntryName(){
161  18 return this;
162    }
163   
164    /**
165    * When used as an Entry, this method returns the name; i.e.&nbsp;the name
166    * of the issuer as a String.
167    */
 
168  13 toggle public String getName(){
169  13 return scopeDomain;
170    }
171   
172    /**
173    * This method returns the Entry representing the issuer.
174    */
 
175  18 toggle public Entry getIssuerEntry(){
176  18 return this;
177    }
178   
179    /**
180    * This method returns the attribute type as obtained from the URL at
181    * construction time.
182    *
183    * @return attribute type; may be null, if the URL did not contain any
184    * attribute
185    */
 
186  9 toggle public String getAttributeType(){
187  9 return attributeType;
188    }
189   
190    /**
191    * This method returns the attribute value as obtained from the URL at
192    * construction time.
193    *
194    * @return attribute value; may be null, if the URL did not contain any
195    * attribute
196    */
 
197  9 toggle public String getAttributeValue(){
198  9 return attributeValue;
199    }
200    }