Merge pull request #1 from onelogin/tag-id-attributes

christianbpedersen · christianbpedersen · commit 71987201553a · 2013-10-01T17:31:32.000-07:00
ID attribute fix
diff --git a/com/onelogin/saml/Response.java b/com/onelogin/saml/Response.java
@@ -18,6 +18,9 @@
 import org.xml.sax.SAXException;
 
 import com.onelogin.AccountSettings;
+import java.lang.reflect.Method;
+import org.w3c.dom.Element;
+import org.w3c.dom.Node;
 
 public class Response {
 	
@@ -47,20 +50,24 @@ public void loadXmlFromBase64(String response) throws ParserConfigurationExcepti
 		loadXml(decodedS);	
 	}
 	
-	public boolean isValid() throws Exception {
-		NodeList nodes = xmlDoc.getElementsByTagNameNS(XMLSignature.XMLNS, "Signature");
-								
-		if(nodes==null || nodes.getLength()==0){
-			throw new Exception("Can't find signature in document.");
-		}
-		
-		X509Certificate cert = certificate.getX509Cert();		
-		DOMValidateContext ctx = new DOMValidateContext(cert.getPublicKey() , nodes.item(0));				
-		XMLSignatureFactory sigF = XMLSignatureFactory.getInstance("DOM");
-		XMLSignature xmlSignature = sigF.unmarshalXMLSignature(ctx);
-		
-		return xmlSignature.validate(ctx);
-	}
+        public boolean isValid() throws Exception {
+            NodeList nodes = xmlDoc.getElementsByTagNameNS(XMLSignature.XMLNS, "Signature");
+
+            if (nodes == null || nodes.getLength() == 0) {
+                throw new Exception("Can't find signature in document.");
+            }
+
+            if (setIdAttributeExists()) {
+                tagIdAttributes(xmlDoc);
+            }
+
+            X509Certificate cert = certificate.getX509Cert();
+            DOMValidateContext ctx = new DOMValidateContext(cert.getPublicKey(), nodes.item(0));
+            XMLSignatureFactory sigF = XMLSignatureFactory.getInstance("DOM");
+            XMLSignature xmlSignature = sigF.unmarshalXMLSignature(ctx);
+
+            return xmlSignature.validate(ctx);
+        }
 	
 	public String getNameId() throws Exception {
 		NodeList nodes = xmlDoc.getElementsByTagNameNS("urn:oasis:names:tc:SAML:2.0:assertion", "NameID");		
@@ -71,4 +78,27 @@ public String getNameId() throws Exception {
 
 		return nodes.item(0).getTextContent();
 	}
+        
+        private void tagIdAttributes(Document xmlDoc) {
+            NodeList nodeList = xmlDoc.getElementsByTagName("*");
+            for (int i = 0; i < nodeList.getLength(); i++) {
+                Node node = nodeList.item(i);
+                if (node.getNodeType() == Node.ELEMENT_NODE) {
+                    if (node.getAttributes().getNamedItem("ID") != null) {
+                        ((Element) node).setIdAttribute("ID", true);
+                    }
+                }
+            }
+        }
+
+        private boolean setIdAttributeExists() {
+            for (Method method : Element.class.getDeclaredMethods()) {
+                if (method.getName().equals("setIdAttribute")) {
+                    return true;
+                }
+            }
+            return false;
+        }
+
+        
 }
