Merge pull request #77 from onelogin/servletless

Merge Servletless branch

Author: pitbulk

.travis.yml

@@ -4,4 +4,4 @@ jdk:
   - oraclejdk7
 install: true
 after_success:
-  - mvn clean test jacoco:report coveralls:report
+  - mvn clean test org.jacoco:jacoco-maven-plugin:report org.eluder.coveralls:coveralls-maven-plugin:report

core/.gitignore

@@ -8,56 +8,42 @@
 
 	<packaging>jar</packaging>
 	<name>OneLogin java-saml Toolkit Core</name>
-	<artifactId>java-saml</artifactId>
+	<artifactId>java-saml-core</artifactId>
 
 	<dependencies>
 		<!-- for test -->
 		<dependency>
 			<groupId>org.hamcrest</groupId>
 			<artifactId>hamcrest-core</artifactId>
-			<version>1.3</version>
 			<scope>test</scope>
 		</dependency>
 		<dependency>
 			<groupId>org.hamcrest</groupId>
 			<artifactId>hamcrest-library</artifactId>
-			<version>1.3</version>
 			<scope>test</scope>
 		</dependency>
 		<dependency>
 			<groupId>junit</groupId>
 			<artifactId>junit</artifactId>
-			<version>${junitVersion}</version>
 			<scope>test</scope>
 		</dependency>
 		<dependency>
 			<groupId>org.mockito</groupId>
 			<artifactId>mockito-core</artifactId>
-			<version>1.10.19</version>
 			<scope>test</scope>
 		</dependency>
 
 		<!-- for log -->
 		<dependency>
 			<groupId>org.slf4j</groupId>
 			<artifactId>slf4j-api</artifactId>
-			<version>${slf4jVersion}</version>
 		</dependency>
 		<dependency>
 			<groupId>ch.qos.logback</groupId>
 			<artifactId>logback-classic</artifactId>
-			<version>${logbackVersion}</version>
 			<scope>test</scope>
 		</dependency>
 
-		<!-- httprequest and httpresponse -->
-		<dependency>
-			<groupId>javax.servlet</groupId>
-			<artifactId>servlet-api</artifactId>
-			<version>2.5</version>
-			<scope>provided</scope>
-		</dependency>
-
 		<!-- date and time library for Java -->
 		<dependency>
 			<groupId>joda-time</groupId>
@@ -101,6 +87,17 @@
 					</execution>
 				</executions>
 			</plugin>
+			<plugin>
+				<groupId>org.apache.maven.plugins</groupId>
+				<artifactId>maven-jar-plugin</artifactId>
+				<executions>
+					<execution>
+						<goals>
+							<goal>test-jar</goal>
+						</goals>
+					</execution>
+				</executions>
+			</plugin>
 			<plugin>
 				<groupId>org.apache.maven.plugins</groupId>
 				<artifactId>maven-surefire-plugin</artifactId>
@@ -111,8 +108,9 @@
 			</plugin>
 		</plugins>
 	</build>
-
+<!--
 	<properties>
 		<jacoco.agent.argLine />
 	</properties>
+-->
 </project>

core/pom.xml

@@ -7,10 +7,8 @@
 import java.util.List;
 import java.util.Map;
 
-import javax.servlet.http.HttpServletRequest;
 import javax.xml.xpath.XPathExpressionException;
 
-import com.onelogin.saml2.model.SubjectConfirmationIssue;
 import org.apache.commons.lang3.ObjectUtils;
 import org.joda.time.DateTime;
 import org.joda.time.Instant;
@@ -22,8 +20,10 @@
 import org.w3c.dom.Node;
 import org.w3c.dom.NodeList;
 
-import com.onelogin.saml2.settings.Saml2Settings;
+import com.onelogin.saml2.http.HttpRequest;
 import com.onelogin.saml2.model.SamlResponseStatus;
+import com.onelogin.saml2.model.SubjectConfirmationIssue;
+import com.onelogin.saml2.settings.Saml2Settings;
 import com.onelogin.saml2.util.Constants;
 import com.onelogin.saml2.util.SchemaFactory;
 import com.onelogin.saml2.util.Util;
@@ -82,15 +82,15 @@ public class SamlResponse {
 	 * @param settings
 	 *              Saml2Settings object. Setting data
 	 * @param request
-     *				HttpServletRequest object to be processed (Contains GET and POST parameters, session, ...).
+	 *				the HttpRequest object to be processed (Contains GET and POST parameters, request URL, ...).
      *
-	 * @throws Exception 
+	 * @throws Exception
 	 */
-	public SamlResponse(Saml2Settings settings, HttpServletRequest request) throws Exception {
+	public SamlResponse(Saml2Settings settings, HttpRequest request) throws Exception {
 		this.settings = settings;
 
-		if (request != null) {			
-			currentUrl = request.getRequestURL().toString();
+		if (request != null) {
+			currentUrl = request.getRequestURL();
 			loadXmlFromBase64(request.getParameter("SAMLResponse"));
 		}
 	}
@@ -616,6 +616,8 @@ public String getSessionIndex() throws XPathExpressionException {
 
 	/**
 	 * @return the ID of the assertion in the Response
+	 * @throws XPathExpressionException
+	 *
 	 */
 	public String getAssertionId() throws XPathExpressionException {
 		validateNumAssertions();
@@ -625,6 +627,8 @@ public String getAssertionId() throws XPathExpressionException {
 
 	/**
 	 * @return a list of NotOnOrAfter values from SubjectConfirmationData nodes in this Response
+	 * @throws XPathExpressionException
+	 *
 	 */
 	public List<Instant> getAssertionNotOnOrAfter() throws XPathExpressionException {
 		final NodeList notOnOrAfterNodes = queryAssertion("/saml:Subject/saml:SubjectConfirmation/saml:SubjectConfirmationData");

core/src/main/java/com/onelogin/saml2/authn/SamlResponse.java

@@ -0,0 +1,143 @@
+package com.onelogin.saml2.http;
+
+import static com.onelogin.saml2.util.Preconditions.checkNotNull;
+import static java.util.Collections.unmodifiableList;
+import static java.util.Collections.unmodifiableMap;
+
+import java.util.ArrayList;
+import java.util.Collections;
+import java.util.HashMap;
+import java.util.List;
+import java.util.Map;
+import java.util.Objects;
+
+/**
+ * Framework-agnostic representation of an HTTP request.
+ *
+ * @since 2.0.0
+ */
+public final class HttpRequest {
+    private final String requestURL;
+    private final Map<String, List<String>> parameters;
+
+    /**
+     * Creates a new HttpRequest.
+     *
+     * @param requestURL the request URL (up to but not including query parameters)
+     * @throws NullPointerException if requestURL is null
+     */
+    public HttpRequest(String requestURL) {
+        this(requestURL, Collections.<String, List<String>>emptyMap());
+    }
+
+    /**
+     * Creates a new HttpRequest.
+     *
+     * @param requestURL  the request URL (up to but not including query parameters)
+     * @param parameters the request query parameters
+     * @throws NullPointerException if any of the parameters is null
+     */
+    public HttpRequest(String requestURL, Map<String, List<String>> parameters) {
+        this.requestURL = checkNotNull(requestURL, "requestURL");
+        this.parameters = unmodifiableCopyOf(checkNotNull(parameters, "queryParams"));
+    }
+
+    /**
+     * @param name  the query parameter name
+     * @param value the query parameter value
+     * @return a new HttpRequest with the given query parameter added
+     * @throws NullPointerException if any of the parameters is null
+     */
+    public HttpRequest addParameter(String name, String value) {
+        checkNotNull(name, "name");
+        checkNotNull(value, "value");
+
+        final List<String> oldValues = parameters.containsKey(name) ? parameters.get(name) : new ArrayList<String>();
+        final List<String> newValues = new ArrayList<>(oldValues);
+        newValues.add(value);
+        final Map<String, List<String>> params = new HashMap<>(parameters);
+        params.put(name, newValues);
+
+        return new HttpRequest(requestURL, params);
+    }
+
+    /**
+     * @param name  the query parameter name
+     * @return a new HttpRequest with the given query parameter removed
+     * @throws NullPointerException if any of the parameters is null
+     */
+    public HttpRequest removeParameter(String name) {
+        checkNotNull(name, "name");
+
+        final Map<String, List<String>> params = new HashMap<>(parameters);
+        params.remove(name);
+
+        return new HttpRequest(requestURL, params);
+    }
+    
+    /**
+     * The URL the client used to make the request. Includes a protocol, server name, port number, and server path, but
+     * not the query string parameters.
+     *
+     * @return the request URL
+     */
+    public String getRequestURL() {
+        return requestURL;
+    }
+
+    /**
+     * @param name the query parameter name
+     * @return the first value for the parameter, or null
+     */
+    public String getParameter(String name) {
+        List<String> values = getParameters(name);
+        return values.isEmpty() ? null : values.get(0);
+    }
+
+    /**
+     * @param name the query parameter name
+     * @return a List containing all values for the parameter
+     */
+    public List<String> getParameters(String name) {
+        List<String> values = parameters.get(name);
+        return values != null ? values : Collections.<String>emptyList();
+    }
+
+    /**
+     * @return a map of all query parameters
+     */
+    public Map<String, List<String>> getParameters() {
+        return parameters;
+    }
+
+    @Override
+    public boolean equals(Object o) {
+        if (this == o) return true;
+        if (o == null || getClass() != o.getClass()) return false;
+        HttpRequest that = (HttpRequest) o;
+        return Objects.equals(requestURL, that.requestURL) &&
+                Objects.equals(parameters, that.parameters);
+    }
+
+    @Override
+    public int hashCode() {
+        return Objects.hash(requestURL, parameters);
+    }
+
+    @Override
+    public String toString() {
+        return "HttpRequest{" +
+                "requestURL='" + requestURL + '\'' +
+                ", parameters=" + parameters +
+                '}';
+    }
+
+    private static Map<String, List<String>> unmodifiableCopyOf(Map<String, List<String>> orig) {
+        Map<String, List<String>> copy = new HashMap<>();
+        for (Map.Entry<String, List<String>> entry : orig.entrySet()) {
+            copy.put(entry.getKey(), unmodifiableList(new ArrayList<>(entry.getValue())));
+        }
+
+        return unmodifiableMap(copy);
+    }
+}

core/src/main/java/com/onelogin/saml2/http/HttpRequest.java

@@ -10,7 +10,6 @@
 import java.util.List;
 import java.util.Map;
 
-import javax.servlet.http.HttpServletRequest;
 import javax.xml.xpath.XPathExpressionException;
 
 import org.apache.commons.lang3.text.StrSubstitutor;
@@ -22,6 +21,7 @@
 import org.w3c.dom.NodeList;
 
 import com.onelogin.saml2.exception.XMLEntityException;
+import com.onelogin.saml2.http.HttpRequest;
 import com.onelogin.saml2.settings.Saml2Settings;
 import com.onelogin.saml2.util.Util;
 import com.onelogin.saml2.util.Constants;
@@ -54,9 +54,9 @@ public class LogoutRequest {
 	private final Saml2Settings settings;
 
 	/**
-     * HttpServletRequest object to be processed (Contains GET and POST parameters, session, ...).
+     * HttpRequest object to be processed (Contains GET and POST parameters, request URL, ...).
      */
-	private HttpServletRequest request;
+	private final HttpRequest request;
 
 	/**
      * NameID.
@@ -89,15 +89,15 @@ public class LogoutRequest {
 	 * @param settings
 	 *              OneLogin_Saml2_Settings
 	 * @param request
-     *              HttpServletRequest object to be processed (Contains GET and POST parameters, session, ...).
+     *              the HttpRequest object to be processed (Contains GET and POST parameters, request URL, ...).
 	 * @param nameId
 	 *              The NameID that will be set in the LogoutRequest.
 	 * @param sessionIndex
 	 *              The SessionIndex (taken from the SAML Response in the SSO process).
 	 *
 	 * @throws XMLEntityException 
 	 */
-	public LogoutRequest(Saml2Settings settings, HttpServletRequest request, String nameId, String sessionIndex) throws XMLEntityException {
+	public LogoutRequest(Saml2Settings settings, HttpRequest request, String nameId, String sessionIndex) throws XMLEntityException {
 		this.settings = settings;
 		this.request = request;
 
@@ -140,11 +140,11 @@ public LogoutRequest(Saml2Settings settings) throws XMLEntityException {
 	 * @param settings
 	 *            OneLogin_Saml2_Settings
 	 * @param request
-     *              HttpServletRequest object to be processed (Contains GET and POST parameters, session, ...).
+     *              the HttpRequest object to be processed (Contains GET and POST parameters, request URL, ...).
      *
 	 * @throws XMLEntityException 
 	 */
-	public LogoutRequest(Saml2Settings settings, HttpServletRequest request) throws XMLEntityException {
+	public LogoutRequest(Saml2Settings settings, HttpRequest request) throws XMLEntityException {
 		this(settings, request, null, null);
 	}
 
@@ -246,7 +246,7 @@ public Boolean isValid() throws XMLEntityException {
 			}
 
 			if (this.request == null) {
-				throw new Exception("The HttpServletRequest of the current host was not established");
+				throw new Exception("The HttpRequest of the current host was not established");
 			}
 
 			if (this.currentUrl == null || this.currentUrl.isEmpty()) {