Fixed Deflated probelm and Added getAttributes, getAttribute methods.

Fixed deflated SAML request and added two methods for getting
attributes.

Author: mexmarv

com/onelogin/saml/AuthRequest.java

@@ -1,103 +1,121 @@
 package com.onelogin.saml;
 
+import com.onelogin.AccountSettings;
+import com.onelogin.AppSettings;
 import java.io.ByteArrayOutputStream;
-import java.nio.charset.Charset;
+import java.io.IOException;
 import java.text.SimpleDateFormat;
 import java.util.Date;
 import java.util.UUID;
-
+import java.util.zip.Deflater;
+import java.util.zip.DeflaterOutputStream;
 import javax.xml.stream.XMLOutputFactory;
 import javax.xml.stream.XMLStreamException;
 import javax.xml.stream.XMLStreamWriter;
-
 import org.apache.commons.codec.binary.Base64;
 
-import com.onelogin.AccountSettings;
-import com.onelogin.AppSettings;
-
 public class AuthRequest {
-	
-	private String id;
-	private String issueInstant;
-	private AppSettings appSettings;
+
+    private final String id;
+	private final String issueInstant;
+	private final AppSettings appSettings;
 	public static final int base64 = 1;
-	
-	public AuthRequest(AppSettings appSettings, AccountSettings accountSettings){		
-		this.appSettings = appSettings;
-		id="_"+UUID.randomUUID().toString();		
+        private Deflater deflater;
+
+	public AuthRequest(AppSettings appSettings, AccountSettings accountSettings){
+            this.appSettings = appSettings;
+		id="_"+UUID.randomUUID().toString();
 		SimpleDateFormat simpleDf = new SimpleDateFormat("yyyy-MM-dd'T'H:mm:ss'Z'");
-		issueInstant = simpleDf.format(new Date());		
+		issueInstant = simpleDf.format(new Date());
 	}
-	
-	public String getRequest(int format) throws XMLStreamException {
-		ByteArrayOutputStream baos = new ByteArrayOutputStream();		
+
+	public String getRequest(int format) throws XMLStreamException, IOException {
+        String result = "";
+
+		ByteArrayOutputStream baos = new ByteArrayOutputStream();
+
 		XMLOutputFactory factory = XMLOutputFactory.newInstance();
 		XMLStreamWriter writer = factory.createXMLStreamWriter(baos);
-					
+
 		writer.writeStartElement("samlp", "AuthnRequest", "urn:oasis:names:tc:SAML:2.0:protocol");
 		writer.writeNamespace("samlp","urn:oasis:names:tc:SAML:2.0:protocol");
-		
+
 		writer.writeAttribute("ID", id);
 		writer.writeAttribute("Version", "2.0");
 		writer.writeAttribute("IssueInstant", this.issueInstant);
 		writer.writeAttribute("ProtocolBinding", "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST");
 		writer.writeAttribute("AssertionConsumerServiceURL", this.appSettings.getAssertionConsumerServiceUrl());
-		
+
 		writer.writeStartElement("saml","Issuer","urn:oasis:names:tc:SAML:2.0:assertion");
 		writer.writeNamespace("saml","urn:oasis:names:tc:SAML:2.0:assertion");
 		writer.writeCharacters(this.appSettings.getIssuer());
 		writer.writeEndElement();
-		
+
 		writer.writeStartElement("samlp", "NameIDPolicy", "urn:oasis:names:tc:SAML:2.0:protocol");
-		
+
 		writer.writeAttribute("Format", "urn:oasis:names:tc:SAML:2.0:nameid-format:unspecified");
 		writer.writeAttribute("AllowCreate", "true");
 		writer.writeEndElement();
-		
+
 		writer.writeStartElement("samlp","RequestedAuthnContext","urn:oasis:names:tc:SAML:2.0:protocol");
-		
+
 		writer.writeAttribute("Comparison", "exact");
-		writer.writeEndElement();
-		
+
 		writer.writeStartElement("saml","AuthnContextClassRef","urn:oasis:names:tc:SAML:2.0:assertion");
 		writer.writeNamespace("saml", "urn:oasis:names:tc:SAML:2.0:assertion");
 		writer.writeCharacters("urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport");
 		writer.writeEndElement();
-		
+
 		writer.writeEndElement();
-		writer.flush();		
-		
-		if (format == base64) {
-			byte [] encoded = Base64.encodeBase64Chunked(baos.toByteArray());
-			String result = new String(encoded,Charset.forName("UTF-8"));
-						
-			return result;
-		}
-						
-		return null;
+                writer.writeEndElement();
+		writer.flush();
+                
+                result = encodeSAMLRequest(baos.toByteArray());
+                return result;
 	}
-	
- 	public static String getRidOfCRLF(String what) {
-		String lf = "%0D";
-		String cr = "%0A";
-		String now = lf;
-
-		int index = what.indexOf(now);
-		StringBuffer r = new StringBuffer();
-
-		while (index!=-1) {
-			r.append(what.substring(0,index));
-			what = what.substring(index+3,what.length());
-			
-			if (now.equals(lf)) {
-				now = cr;
-			} else {
-				now = lf;
-			}
-			
-			index = what.indexOf(now);
-		}
-		return r.toString();
-	}		
+
+    public static String getRidOfCRLF(String what) {
+            String lf = "%0D";
+	    String cr = "%0A";
+	    String now = lf;
+
+	    int index = what.indexOf(now);
+	    StringBuilder r = new StringBuilder();
+
+	    while (index!=-1) {
+		    r.append(what.substring(0,index));
+		    what = what.substring(index+3,what.length());
+
+		    if (now.equals(lf)) {
+			    now = cr;
+		    } else {
+			    now = lf;
+		    }
+
+		    index = what.indexOf(now);
+	    }
+	    return r.toString();
+    }
+
+    private String encodeSAMLRequest(byte[] pSAMLRequest) throws RuntimeException {
+
+        Base64 base64Encoder = new Base64();
+
+        try {
+            ByteArrayOutputStream byteArray = new ByteArrayOutputStream();
+            Deflater deflater = new Deflater(Deflater.DEFAULT_COMPRESSION, true);
+
+            DeflaterOutputStream def = new DeflaterOutputStream(byteArray, deflater);
+            def.write(pSAMLRequest);
+            def.close();
+            byteArray.close();
+
+            String stream = new String(base64Encoder.encode(byteArray.toByteArray()));
+
+            return stream;
+        } catch (Exception e) {
+            throw new RuntimeException(e);
+        }
+  }
 
 }

com/onelogin/saml/Response.java

@@ -1,57 +1,58 @@
 package com.onelogin.saml;
 
+import com.onelogin.AccountSettings;
 import java.io.ByteArrayInputStream;
 import java.io.IOException;
+import java.lang.reflect.Method;
 import java.security.cert.CertificateException;
 import java.security.cert.X509Certificate;
-
+import java.util.ArrayList;
+import java.util.HashMap;
+import java.util.Iterator;
+import java.util.Map;
 import javax.xml.XMLConstants;
 import javax.xml.crypto.dsig.XMLSignature;
 import javax.xml.crypto.dsig.XMLSignatureFactory;
 import javax.xml.crypto.dsig.dom.DOMValidateContext;
 import javax.xml.parsers.DocumentBuilder;
 import javax.xml.parsers.DocumentBuilderFactory;
 import javax.xml.parsers.ParserConfigurationException;
-
 import org.apache.commons.codec.binary.Base64;
 import org.w3c.dom.Document;
-import org.w3c.dom.NodeList;
-import org.xml.sax.SAXException;
-
-import com.onelogin.AccountSettings;
-import java.lang.reflect.Method;
 import org.w3c.dom.Element;
+import org.w3c.dom.NamedNodeMap;
 import org.w3c.dom.Node;
+import org.w3c.dom.NodeList;
+import org.xml.sax.SAXException;
 
 public class Response {
-	
+
 	private Document xmlDoc;
-	private AccountSettings accountSettings;
-	private Certificate certificate;
-	
+	private final AccountSettings accountSettings;
+	private final Certificate certificate;
+
 	public Response(AccountSettings accountSettings) throws CertificateException {
 		this.accountSettings = accountSettings;
 		certificate = new Certificate();
 		certificate.loadCertificate(this.accountSettings.getCertificate());
 	}
-	
+
 	public void loadXml(String xml) throws ParserConfigurationException, SAXException, IOException {
 		DocumentBuilderFactory fty = DocumentBuilderFactory.newInstance();
 		fty.setNamespaceAware(true);
 		fty.setFeature(XMLConstants.FEATURE_SECURE_PROCESSING, true);
 		DocumentBuilder builder = fty.newDocumentBuilder();
 		ByteArrayInputStream bais = new ByteArrayInputStream(xml.getBytes());
-		xmlDoc = builder.parse(bais);		
+		xmlDoc = builder.parse(bais);
 	}
-	
-	
+
 	public void loadXmlFromBase64(String response) throws ParserConfigurationException, SAXException, IOException {
 		Base64 base64 = new Base64();
-		byte [] decodedB = base64.decode(response);		
-		String decodedS = new String(decodedB);				
-		loadXml(decodedS);	
+		byte [] decodedB = base64.decode(response);
+		String decodedS = new String(decodedB);
+		loadXml(decodedS);
 	}
-	
+
         public boolean isValid() throws Exception {
             NodeList nodes = xmlDoc.getElementsByTagNameNS(XMLSignature.XMLNS, "Signature");
 
@@ -70,28 +71,45 @@ public boolean isValid() throws Exception {
 
             return xmlSignature.validate(ctx);
         }
-	
+
 	public String getNameId() throws Exception {
-		NodeList nodes = xmlDoc.getElementsByTagNameNS("urn:oasis:names:tc:SAML:2.0:assertion", "NameID");		
+            NodeList nodes = xmlDoc.getElementsByTagNameNS("urn:oasis:names:tc:SAML:2.0:assertion", "NameID");
 
-		if(nodes.getLength()==0){
-			throw new Exception("No name id found in document");
-		}		
+            if(nodes.getLength()==0){
+		throw new Exception("No name id found in document");
+            }
 
-		return nodes.item(0).getTextContent();
-	}
+            return nodes.item(0).getTextContent();
+	}   
 
-        private void tagIdAttributes(Document xmlDoc) {
-            NodeList nodeList = xmlDoc.getElementsByTagName("*");
-            for (int i = 0; i < nodeList.getLength(); i++) {
-                Node node = nodeList.item(i);
-                if (node.getNodeType() == Node.ELEMENT_NODE) {
-                    if (node.getAttributes().getNamedItem("ID") != null) {
-                        ((Element) node).setIdAttribute("ID", true);
-                    }
-                }
+        public String getAttribute(String name) {
+        HashMap attributes = getAttributes();
+        if (!attributes.isEmpty()) {
+            return attributes.get(name).toString();
             }
+        return null;
         }
+                        
+        public HashMap getAttributes() {
+            HashMap<String,ArrayList> attributes = new HashMap<>();                   
+            NodeList nodes = xmlDoc.getElementsByTagNameNS("urn:oasis:names:tc:SAML:2.0:assertion", "Attribute");
+
+            if(nodes.getLength()!=0){
+                for (int i = 0; i < nodes.getLength(); i++) {
+                NamedNodeMap attrName = nodes.item(i).getAttributes();
+                String attName = attrName.getNamedItem("Name").getNodeValue();
+                NodeList children = nodes.item(i).getChildNodes();
+                
+                ArrayList<String> attrValues = new ArrayList<String>();
+                for (int j = 0; j < children.getLength(); j++) {
+                    attrValues.add(children.item(j).getTextContent());
+                      }
+                attributes.put(attName, attrValues);
+                }
+            } else
+                return null;
+        return attributes;
+	} 
 
         private boolean setIdAttributeExists() {
             for (Method method : Element.class.getDeclaredMethods()) {
@@ -102,5 +120,10 @@ private boolean setIdAttributeExists() {
             return false;
         }
 
-        
+    private void tagIdAttributes(Document xmlDoc) {
+        throw new UnsupportedOperationException("Not supported yet."); //To change body of generated methods, choose Tools | Templates.
+    }
+    
+    
+
 }