Polish LogoutRequest constructors and Auth.logout overloadings

This refactor is pretty much the same done with AuthnRequest and
AuthnRequestParams: in this case, the params class encapsulates all the
logout request input parameters used whenever a new logout request is
created for subsequent sending. This as well allows to reduce the number
of LogoutRequest constructor and Auth.logout() overloadings, allows
an extension to use a customized input param object which is also passed
to postProcessXml and eases Auth extensibility.

Author: mauromol

core/src/main/java/com/onelogin/saml2/logout/LogoutRequest.java

@@ -21,7 +21,6 @@
 import org.w3c.dom.NodeList;
 
 import com.onelogin.saml2.exception.ValidationError;
-import com.onelogin.saml2.exception.XMLEntityException;
 import com.onelogin.saml2.exception.SettingsException;
 import com.onelogin.saml2.http.HttpRequest;
 import com.onelogin.saml2.settings.Saml2Settings;
@@ -60,31 +59,6 @@ public class LogoutRequest {
      */
 	private final HttpRequest request;
 
-	/**
-     * NameID.
-     */	
-	private String nameId;
-
-	/**
-     * NameID Format.
-     */
-	private String nameIdFormat;
-
-	/**
-     * nameId NameQualifier
-     */
-	private String nameIdNameQualifier;
-
-	/**
-     * nameId SP NameQualifier
-     */
-	private String nameIdSPNameQualifier;
-	
-	/**
-     * SessionIndex. When the user is logged, this stored it from the AuthnStatement of the SAML Response
-     */
-	private String sessionIndex;
-
 	/**
 	 * URL of the current host + current view
 	 */
@@ -117,7 +91,14 @@ public class LogoutRequest {
 	 *				The NameID NameQualifier that will be set in the LogoutRequest.
 	 * @param nameIdSPNameQualifier
 	 *				The SP Name Qualifier that will be set in the LogoutRequest.
+	 *
+	 * @deprecated use {@link #LogoutRequest(Saml2Settings, HttpRequest)} to build a
+	 *             received request from the HTTP request, or
+	 *             {@link #LogoutRequest(Saml2Settings, LogoutRequestParams)} with
+	 *             {@link LogoutRequestParams#LogoutRequestParams(String, String, String, String, String)}
+	 *             to build a new request to be sent
 	 */
+	@Deprecated
 	public LogoutRequest(Saml2Settings settings, HttpRequest request, String nameId, String sessionIndex, String nameIdFormat, String nameIdNameQualifier, String nameIdSPNameQualifier) {
 		this.settings = settings;
 		this.request = request;
@@ -130,16 +111,12 @@ public LogoutRequest(Saml2Settings settings, HttpRequest request, String nameId,
 		}
 
 		if (samlLogoutRequest == null) {
+			LogoutRequestParams params = new LogoutRequestParams(sessionIndex, nameId, nameIdFormat, nameIdNameQualifier, nameIdSPNameQualifier);
 			id = Util.generateUniqueID(settings.getUniqueIDPrefix());
 			issueInstant = Calendar.getInstance();
-			this.nameId = nameId;
-			this.nameIdFormat = nameIdFormat;
-			this.nameIdNameQualifier = nameIdNameQualifier;
-			this.nameIdSPNameQualifier = nameIdSPNameQualifier;
-			this.sessionIndex = sessionIndex;
 
-			StrSubstitutor substitutor = generateSubstitutor(settings);
-			logoutRequestString = postProcessXml(substitutor.replace(getLogoutRequestTemplate()), settings);
+			StrSubstitutor substitutor = generateSubstitutor(params, settings);
+			logoutRequestString = postProcessXml(substitutor.replace(getLogoutRequestTemplate()), params, settings);
 		} else {
 			logoutRequestString = Util.base64decodedInflated(samlLogoutRequest);
 			Document doc = Util.loadXML(logoutRequestString);
@@ -163,7 +140,14 @@ public LogoutRequest(Saml2Settings settings, HttpRequest request, String nameId,
 	 *              The nameIdFormat that will be set in the LogoutRequest.
 	 * @param nameIdNameQualifier
 	 *				The NameID NameQualifier will be set in the LogoutRequest.
+	 *
+	 * @deprecated use {@link #LogoutRequest(Saml2Settings, HttpRequest)} to build a
+	 *             received request from the HTTP request, or
+	 *             {@link #LogoutRequest(Saml2Settings, LogoutRequestParams)} with
+	 *             {@link LogoutRequestParams#LogoutRequestParams(String, String, String, String)}
+	 *             to build a new request to be sent
 	 */
+	@Deprecated
 	public LogoutRequest(Saml2Settings settings, HttpRequest request, String nameId, String sessionIndex, String nameIdFormat, String nameIdNameQualifier) {
 		this(settings, request, nameId, sessionIndex, nameIdFormat, nameIdNameQualifier, null);
 	}
@@ -181,7 +165,14 @@ public LogoutRequest(Saml2Settings settings, HttpRequest request, String nameId,
 	 *              The SessionIndex (taken from the SAML Response in the SSO process).
 	 * @param nameIdFormat
 	 *              The nameIdFormat that will be set in the LogoutRequest.
+	 *
+	 * @deprecated use {@link #LogoutRequest(Saml2Settings, HttpRequest)} to build a
+	 *             received request from the HTTP request, or
+	 *             {@link #LogoutRequest(Saml2Settings, LogoutRequestParams)} with
+	 *             {@link LogoutRequestParams#LogoutRequestParams(String, String, String)}
+	 *             to build a new request to be sent
 	 */
+	@Deprecated
 	public LogoutRequest(Saml2Settings settings, HttpRequest request, String nameId, String sessionIndex, String nameIdFormat) {
 		this(settings, request, nameId, sessionIndex, nameIdFormat, null);
 	}
@@ -197,23 +188,34 @@ public LogoutRequest(Saml2Settings settings, HttpRequest request, String nameId,
 	 *              The NameID that will be set in the LogoutRequest.
 	 * @param sessionIndex
 	 *              The SessionIndex (taken from the SAML Response in the SSO process).
+	 *
+	 * @deprecated use {@link #LogoutRequest(Saml2Settings, HttpRequest)} to build a
+	 *             received request from the HTTP request, or
+	 *             {@link #LogoutRequest(Saml2Settings, LogoutRequestParams)} with
+	 *             {@link LogoutRequestParams#LogoutRequestParams(String, String)}
+	 *             to build a new request to be sent
 	 */
+	@Deprecated
 	public LogoutRequest(Saml2Settings settings, HttpRequest request, String nameId, String sessionIndex) {
 		this(settings, request, nameId, sessionIndex, null);
 	}
 
 	/**
-	 * Constructs the LogoutRequest object.
+	 * Constructs a LogoutRequest object when a new request should be generated
+	 * and sent.
 	 *
 	 * @param settings
 	 *            OneLogin_Saml2_Settings
+	 *
+	 * @see #LogoutRequest(Saml2Settings, LogoutRequestParams)
 	 */
 	public LogoutRequest(Saml2Settings settings) {
-		this(settings, null, null, null);
+		this(settings, new LogoutRequestParams());
 	}
 
 	/**
-	 * Constructs the LogoutRequest object.
+	 * Constructs the LogoutRequest object when a received request should be extracted
+	 * from the HTTP request and parsed.
 	 *
 	 * @param settings
 	 *            OneLogin_Saml2_Settings
@@ -224,6 +226,26 @@ public LogoutRequest(Saml2Settings settings, HttpRequest request) {
 		this(settings, request, null, null);
 	}
 
+	/**
+	 * Constructs the LogoutRequest object when a new request should be generated
+	 * and sent.
+	 *
+	 * @param settings
+	 *              OneLogin_Saml2_Settings
+	 * @param params
+	 *              a set of authentication request input parameters that shape the
+	 *              request to create
+	 */
+	public LogoutRequest(Saml2Settings settings, LogoutRequestParams params) {
+		this.settings = settings;
+		this.request = null;
+		id = Util.generateUniqueID(settings.getUniqueIDPrefix());
+		issueInstant = Calendar.getInstance();
+
+		StrSubstitutor substitutor = generateSubstitutor(params, settings);
+		logoutRequestString = postProcessXml(substitutor.replace(getLogoutRequestTemplate()), params, settings);
+	}
+
 	/**
 	 * Allows for an extension class to post-process the LogoutRequest XML generated
 	 * for this request, in order to customize the result.
@@ -237,12 +259,14 @@ public LogoutRequest(Saml2Settings settings, HttpRequest request) {
 	 * @param logoutRequestXml
 	 *              the XML produced for this LogoutRequest by the standard
 	 *              implementation provided by {@link LogoutRequest}
+	 * @param params
+	 *              the logout request input parameters
 	 * @param settings
 	 *              the settings
 	 * @return the post-processed XML for this LogoutRequest, which will then be
 	 *         returned by any call to {@link #getLogoutRequestXml()}
 	 */
-	protected String postProcessXml(final String logoutRequestXml, final Saml2Settings settings) {
+	protected String postProcessXml(final String logoutRequestXml, final LogoutRequestParams params, final Saml2Settings settings) {
 		return logoutRequestXml;
 	}
 
@@ -286,12 +310,14 @@ public String getLogoutRequestXml() {
 	/**
 	 * Substitutes LogoutRequest variables within a string by values.
 	 *
+	 * @param params
+	 *              the logout request input parameters
 	 * @param settings
-	 * 				Saml2Settings object. Setting data
+	 *              Saml2Settings object. Setting data
 	 * 
-	 * @return the StrSubstitutor object of the LogoutRequest 
+	 * @return the StrSubstitutor object of the LogoutRequest
 	 */
-	private StrSubstitutor generateSubstitutor(Saml2Settings settings) {
+	private StrSubstitutor generateSubstitutor(LogoutRequestParams params, Saml2Settings settings) {
 		Map<String, String> valueMap = new HashMap<String, String>();
 
 		valueMap.put("id", Util.toXml(id));		
@@ -308,14 +334,16 @@ private StrSubstitutor generateSubstitutor(Saml2Settings settings) {
 
 		valueMap.put("issuer", Util.toXml(settings.getSpEntityId()));
 
+		String nameId = params.getNameId();
+		String requestedNameIdFormat = params.getNameIdFormat();
 		String nameIdFormat = null;
-		String spNameQualifier = this.nameIdSPNameQualifier;
-		String nameQualifier = this.nameIdNameQualifier;
+		String spNameQualifier = params.getNameIdSPNameQualifier();
+		String nameQualifier = params.getNameIdNameQualifier();
 		if (nameId != null) {
-			if (this.nameIdFormat == null && !settings.getSpNameIDFormat().equals(Constants.NAMEID_UNSPECIFIED)) {
+			if (requestedNameIdFormat == null && !settings.getSpNameIDFormat().equals(Constants.NAMEID_UNSPECIFIED)) {
 				nameIdFormat = settings.getSpNameIDFormat();
 			} else {
-				nameIdFormat = this.nameIdFormat;
+				nameIdFormat = requestedNameIdFormat;
 			}
 		} else {
 			nameId = settings.getIdpEntityId();
@@ -348,6 +376,7 @@ private StrSubstitutor generateSubstitutor(Saml2Settings settings) {
 		valueMap.put("nameIdStr", nameIdStr);
 
 		String sessionIndexStr = "";
+		String sessionIndex = params.getSessionIndex();
 		if (sessionIndex != null) {
 			sessionIndexStr = " <samlp:SessionIndex>" + Util.toXml(sessionIndex) + "</samlp:SessionIndex>";
 		}

core/src/main/java/com/onelogin/saml2/logout/LogoutRequestParams.java

@@ -0,0 +1,162 @@
+package com.onelogin.saml2.logout;
+
+/**
+ * Input parameters for a SAML 2 logout request.
+ */
+public class LogoutRequestParams {
+
+	/**
+	 * SessionIndex. When the user is logged, this stored it from the AuthnStatement
+	 * of the SAML Response
+	 */
+	private String sessionIndex;
+
+	/**
+	 * NameID.
+	 */
+	private String nameId;
+
+	/**
+	 * NameID Format.
+	 */
+	private String nameIdFormat;
+
+	/**
+	 * nameId NameQualifier
+	 */
+	private String nameIdNameQualifier;
+
+	/**
+	 * nameId SP NameQualifier
+	 */
+	private String nameIdSPNameQualifier;
+
+	/** Create an empty set of logout request input parameters. */
+	public LogoutRequestParams() {
+	}
+
+	/**
+	 * Create a set of logout request input parameters.
+	 *
+	 * @param sessionIndex
+	 *              the session index
+	 * @param nameId
+	 *              the name id of the user to log out
+	 */
+	public LogoutRequestParams(String sessionIndex, String nameId) {
+		this(sessionIndex, nameId, null, null, null);
+	}
+
+	/**
+	 * Create a set of logout request input parameters.
+	 *
+	 * @param sessionIndex
+	 *              the session index
+	 * @param nameId
+	 *              the name id of the user to log out
+	 * @param nameIdFormat
+	 *              the name id format
+	 */
+	public LogoutRequestParams(String sessionIndex, String nameId, String nameIdFormat) {
+		this(sessionIndex, nameId, nameIdFormat, null, null);
+	}
+
+	/**
+	 * Create a set of logout request input parameters.
+	 *
+	 * @param sessionIndex
+	 *              the session index
+	 * @param nameId
+	 *              the name id of the user to log out
+	 * @param nameIdFormat
+	 *              the name id format
+	 * @param nameIdNameQualifier
+	 *              the name id qualifier
+	 */
+	public LogoutRequestParams(String sessionIndex, String nameId, String nameIdFormat, String nameIdNameQualifier) {
+		this(sessionIndex, nameId, nameIdFormat, nameIdNameQualifier, null);
+	}
+
+	/**
+	 * Create a set of logout request input parameters.
+	 *
+	 * @param sessionIndex
+	 *              the session index
+	 * @param nameId
+	 *              the name id of the user to log out
+	 * @param nameIdFormat
+	 *              the name id format
+	 * @param nameIdNameQualifier
+	 *              the name id qualifier
+	 * @param nameIdSPNameQualifier
+	 *              the name id SP qualifier
+	 */
+	public LogoutRequestParams(String sessionIndex, String nameId, String nameIdFormat, String nameIdNameQualifier,
+	            String nameIdSPNameQualifier) {
+		this.sessionIndex = sessionIndex;
+		this.nameId = nameId;
+		this.nameIdFormat = nameIdFormat;
+		this.nameIdNameQualifier = nameIdNameQualifier;
+		this.nameIdSPNameQualifier = nameIdSPNameQualifier;
+	}
+
+	/**
+	 * Create a set of logout request input parameters, by copying them from another
+	 * set.
+	 *
+	 * @param source
+	 *              the source set of logout request input parameters
+	 */
+	protected LogoutRequestParams(LogoutRequestParams source) {
+		this.sessionIndex = source.getSessionIndex();
+		this.nameId = source.getNameId();
+		this.nameIdFormat = source.getNameIdFormat();
+		this.nameIdNameQualifier = source.getNameIdNameQualifier();
+		this.nameIdSPNameQualifier = source.getNameIdSPNameQualifier();
+	}
+
+	/**
+	 * @return the name ID
+	 */
+	protected String getNameId() {
+		return nameId;
+	}
+
+	/**
+	 * Sets the name ID
+	 * 
+	 * @param nameId
+	 *              the name ID to set
+	 */
+	protected void setNameId(String nameId) {
+		this.nameId = nameId;
+	}
+
+	/**
+	 * @return the name ID format
+	 */
+	protected String getNameIdFormat() {
+		return nameIdFormat;
+	}
+
+	/**
+	 * @return the name ID name qualifier
+	 */
+	protected String getNameIdNameQualifier() {
+		return nameIdNameQualifier;
+	}
+
+	/**
+	 * @return the name ID SP name qualifier
+	 */
+	protected String getNameIdSPNameQualifier() {
+		return nameIdSPNameQualifier;
+	}
+
+	/**
+	 * @return the session index
+	 */
+	protected String getSessionIndex() {
+		return sessionIndex;
+	}
+}