LogoutRequest and LogoutResponse no longer depend on javax.servlet. Added removeParameter method to HttpRequest class

Author: pitbulk

core/src/main/java/com/onelogin/saml2/authn/SamlResponse.java

@@ -616,6 +616,8 @@ public String getSessionIndex() throws XPathExpressionException {
 
 	/**
 	 * @return the ID of the assertion in the Response
+	 * @throws XPathExpressionException
+	 *
 	 */
 	public String getAssertionId() throws XPathExpressionException {
 		validateNumAssertions();
@@ -625,6 +627,8 @@ public String getAssertionId() throws XPathExpressionException {
 
 	/**
 	 * @return a list of NotOnOrAfter values from SubjectConfirmationData nodes in this Response
+	 * @throws XPathExpressionException
+	 *
 	 */
 	public List<Instant> getAssertionNotOnOrAfter() throws XPathExpressionException {
 		final NodeList notOnOrAfterNodes = queryAssertion("/saml:Subject/saml:SubjectConfirmation/saml:SubjectConfirmationData");

core/src/main/java/com/onelogin/saml2/http/HttpRequest.java

@@ -61,6 +61,20 @@ public HttpRequest addParameter(String name, String value) {
         return new HttpRequest(requestURL, params);
     }
 
+    /**
+     * @param name  the query parameter name
+     * @return a new HttpRequest with the given query parameter removed
+     * @throws NullPointerException if any of the parameters is null
+     */
+    public HttpRequest removeParameter(String name) {
+        checkNotNull(name, "name");
+
+        final Map<String, List<String>> params = new HashMap<>(parameters);
+        params.remove(name);
+
+        return new HttpRequest(requestURL, params);
+    }
+    
     /**
      * The URL the client used to make the request. Includes a protocol, server name, port number, and server path, but
      * not the query string parameters.

…onelogin/saml2/logout/LogoutRequest.java …onelogin/saml2/logout/LogoutRequest.javatoolkit/src/main/java/com/onelogin/saml2/logout/LogoutRequest.java renamed to core/src/main/java/com/onelogin/saml2/logout/LogoutRequest.java toolkit/src/main/java/com/onelogin/saml2/logout/LogoutRequest.java renamed to core/src/main/java/com/onelogin/saml2/logout/LogoutRequest.java

@@ -10,7 +10,6 @@
 import java.util.List;
 import java.util.Map;
 
-import javax.servlet.http.HttpServletRequest;
 import javax.xml.xpath.XPathExpressionException;
 
 import org.apache.commons.lang3.text.StrSubstitutor;
@@ -22,6 +21,7 @@
 import org.w3c.dom.NodeList;
 
 import com.onelogin.saml2.exception.XMLEntityException;
+import com.onelogin.saml2.http.HttpRequest;
 import com.onelogin.saml2.settings.Saml2Settings;
 import com.onelogin.saml2.util.Util;
 import com.onelogin.saml2.util.Constants;
@@ -54,9 +54,9 @@ public class LogoutRequest {
 	private final Saml2Settings settings;
 
 	/**
-     * HttpServletRequest object to be processed (Contains GET and POST parameters, session, ...).
+     * HttpRequest object to be processed (Contains GET and POST parameters, request URL, ...).
      */
-	private HttpServletRequest request;
+	private final HttpRequest request;
 
 	/**
      * NameID.
@@ -89,15 +89,15 @@ public class LogoutRequest {
 	 * @param settings
 	 *              OneLogin_Saml2_Settings
 	 * @param request
-     *              HttpServletRequest object to be processed (Contains GET and POST parameters, session, ...).
+     *              the HttpRequest object to be processed (Contains GET and POST parameters, request URL, ...).
 	 * @param nameId
 	 *              The NameID that will be set in the LogoutRequest.
 	 * @param sessionIndex
 	 *              The SessionIndex (taken from the SAML Response in the SSO process).
 	 *
 	 * @throws XMLEntityException 
 	 */
-	public LogoutRequest(Saml2Settings settings, HttpServletRequest request, String nameId, String sessionIndex) throws XMLEntityException {
+	public LogoutRequest(Saml2Settings settings, HttpRequest request, String nameId, String sessionIndex) throws XMLEntityException {
 		this.settings = settings;
 		this.request = request;
 
@@ -140,11 +140,11 @@ public LogoutRequest(Saml2Settings settings) throws XMLEntityException {
 	 * @param settings
 	 *            OneLogin_Saml2_Settings
 	 * @param request
-     *              HttpServletRequest object to be processed (Contains GET and POST parameters, session, ...).
+     *              the HttpRequest object to be processed (Contains GET and POST parameters, request URL, ...).
      *
 	 * @throws XMLEntityException 
 	 */
-	public LogoutRequest(Saml2Settings settings, HttpServletRequest request) throws XMLEntityException {
+	public LogoutRequest(Saml2Settings settings, HttpRequest request) throws XMLEntityException {
 		this(settings, request, null, null);
 	}
 
@@ -246,7 +246,7 @@ public Boolean isValid() throws XMLEntityException {
 			}
 
 			if (this.request == null) {
-				throw new Exception("The HttpServletRequest of the current host was not established");
+				throw new Exception("The HttpRequest of the current host was not established");
 			}
 
 			if (this.currentUrl == null || this.currentUrl.isEmpty()) {

…nelogin/saml2/logout/LogoutResponse.java …nelogin/saml2/logout/LogoutResponse.javatoolkit/src/main/java/com/onelogin/saml2/logout/LogoutResponse.java renamed to core/src/main/java/com/onelogin/saml2/logout/LogoutResponse.java toolkit/src/main/java/com/onelogin/saml2/logout/LogoutResponse.java renamed to core/src/main/java/com/onelogin/saml2/logout/LogoutResponse.java

@@ -7,7 +7,6 @@
 import java.util.HashMap;
 import java.util.Map;
 
-import javax.servlet.http.HttpServletRequest;
 import javax.xml.xpath.XPathExpressionException;
 
 import org.apache.commons.lang3.text.StrSubstitutor;
@@ -18,6 +17,7 @@
 import org.w3c.dom.NodeList;
 
 import com.onelogin.saml2.exception.XMLEntityException;
+import com.onelogin.saml2.http.HttpRequest;
 import com.onelogin.saml2.settings.Saml2Settings;
 import com.onelogin.saml2.util.Constants;
 import com.onelogin.saml2.util.SchemaFactory;
@@ -55,9 +55,9 @@ public class LogoutResponse {
 	private final Saml2Settings settings;
 
 	/**
-     * HttpServletRequest object to be processed (Contains GET and POST parameters, session, ...).
+     * HttpRequest object to be processed (Contains GET and POST parameters, request URL, ...).
      */
-	private final HttpServletRequest request;
+	private final HttpRequest request;
 
 	/**
 	 * URL of the current host + current view
@@ -85,11 +85,11 @@ public class LogoutResponse {
 	 * @param settings
 	 *              OneLogin_Saml2_Settings
 	 * @param request
-     *              HttpServletRequest object to be processed (Contains GET and POST parameters, session, ...).
+     *              the HttpRequest object to be processed (Contains GET and POST parameters, request URL, ...).
      *
 	 * @throws XMLEntityException 
 	 */
-	public LogoutResponse(Saml2Settings settings, HttpServletRequest request) throws XMLEntityException {
+	public LogoutResponse(Saml2Settings settings, HttpRequest request) throws XMLEntityException {
 		this.settings = settings;
 		this.request = request;
 
@@ -139,12 +139,6 @@ public Boolean isValid(String requestId) {
 				throw new Exception("SAML Logout Response is not loaded");
 			}
 
-			/* No possible right now
-			if (request == null) {
-				throw new Exception("The HttpServletRequest of the current host was not established");
-			}
-			*/
-
 			if (this.currentUrl == null || this.currentUrl.isEmpty()) {
 				throw new Exception("The URL of the current host was not established");
 			}

core/src/test/java/com/onelogin/saml2/http/HttpRequestTest.java

@@ -4,7 +4,9 @@
 import static java.util.Collections.singletonMap;
 import static org.hamcrest.CoreMatchers.equalTo;
 import static org.hamcrest.CoreMatchers.nullValue;
+import static org.junit.Assert.assertNull;
 import static org.junit.Assert.assertThat;
+import static org.junit.Assert.assertTrue;
 
 import java.util.Arrays;
 import java.util.Collections;
@@ -54,4 +56,23 @@ public void testAddParameter() throws Exception {
         assertThat(request.getParameters(name), equalTo(singletonList(value)));
         assertThat(request.getParameter(name), equalTo(value));
     }
+
+    @Test
+    public void testRemoveParameter() throws Exception {
+        final String url = "some_url";
+        final String name = "name";
+        final String value = "value";
+
+        HttpRequest request = new HttpRequest(url).addParameter(name, value);
+        assertThat(request.getRequestURL(), equalTo(url));
+        assertThat(request.getParameters(), equalTo(singletonMap(name, singletonList(value))));
+        assertThat(request.getParameters(name), equalTo(singletonList(value)));
+        assertThat(request.getParameter(name), equalTo(value));
+        
+        request = request.removeParameter(name);
+        assertThat(request.getRequestURL(), equalTo(url));
+        assertTrue(request.getParameters().isEmpty());
+        assertTrue(request.getParameters(name).isEmpty());
+        assertNull(request.getParameter(name));
+    }
 }