Fix namespace problems with Element.getTagName()
[java-idp.git] / src / edu / internet2 / middleware / shibboleth / common / NameMapper.java
1 /*
2  * The Shibboleth License, Version 1. Copyright (c) 2002 University Corporation
3  * for Advanced Internet Development, Inc. All rights reserved
4  * 
5  * 
6  * Redistribution and use in source and binary forms, with or without
7  * modification, are permitted provided that the following conditions are met:
8  * 
9  * Redistributions of source code must retain the above copyright notice, this
10  * list of conditions and the following disclaimer.
11  * 
12  * Redistributions in binary form must reproduce the above copyright notice,
13  * this list of conditions and the following disclaimer in the documentation
14  * and/or other materials provided with the distribution, if any, must include
15  * the following acknowledgment: "This product includes software developed by
16  * the University Corporation for Advanced Internet Development
17  * <http://www.ucaid.edu> Internet2 Project. Alternately, this acknowledegement
18  * may appear in the software itself, if and wherever such third-party
19  * acknowledgments normally appear.
20  * 
21  * Neither the name of Shibboleth nor the names of its contributors, nor
22  * Internet2, nor the University Corporation for Advanced Internet Development,
23  * Inc., nor UCAID may be used to endorse or promote products derived from this
24  * software without specific prior written permission. For written permission,
25  * please contact shibboleth@shibboleth.org
26  * 
27  * Products derived from this software may not be called Shibboleth, Internet2,
28  * UCAID, or the University Corporation for Advanced Internet Development, nor
29  * may Shibboleth appear in their name, without prior written permission of the
30  * University Corporation for Advanced Internet Development.
31  * 
32  * 
33  * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
34  * AND WITH ALL FAULTS. ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
35  * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A
36  * PARTICULAR PURPOSE, AND NON-INFRINGEMENT ARE DISCLAIMED AND THE ENTIRE RISK
37  * OF SATISFACTORY QUALITY, PERFORMANCE, ACCURACY, AND EFFORT IS WITH LICENSEE.
38  * IN NO EVENT SHALL THE COPYRIGHT OWNER, CONTRIBUTORS OR THE UNIVERSITY
39  * CORPORATION FOR ADVANCED INTERNET DEVELOPMENT, INC. BE LIABLE FOR ANY
40  * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
41  * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
42  * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
43  * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
44  * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
45  * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
46  */
47
48 package edu.internet2.middleware.shibboleth.common;
49
50 import java.io.StringReader;
51 import java.lang.reflect.Constructor;
52 import java.net.URI;
53 import java.net.URISyntaxException;
54 import java.util.Collections;
55 import java.util.HashMap;
56 import java.util.Map;
57
58 import org.apache.log4j.Logger;
59 import org.apache.xerces.parsers.DOMParser;
60 import org.opensaml.SAMLNameIdentifier;
61 import org.w3c.dom.Element;
62 import org.xml.sax.InputSource;
63
64 import edu.internet2.middleware.shibboleth.hs.provider.SharedMemoryShibHandle;
65
66 /**
67  * Facility for managing mappings from SAML Name Identifiers to local <code>AuthNPrincipal</code>
68  * objects. Mappings are registered by Name Identifier format.
69  * 
70  * @author Walter Hoehn
71  * @see NameIdentifierMapping
72  */
73 public class NameMapper {
74
75         private static Logger log = Logger.getLogger(NameMapper.class.getName());
76         protected Map byFormat = new HashMap();
77         private static Map registeredMappingTypes = Collections.synchronizedMap(new HashMap());
78         /** Indicated of whether mappings have been added */
79         protected boolean initialized = false;
80         /** Mapping to use if no other mappings have been added */
81         protected SharedMemoryShibHandle defaultMapping;
82
83         //Preload aliases for bundled mappings
84         static {
85                 try {
86                         registeredMappingTypes.put(
87                                 "CryptoHandleGenerator",
88                                 Class.forName("edu.internet2.middleware.shibboleth.hs.provider.CryptoShibHandle"));
89
90                         registeredMappingTypes.put(
91                                 "SharedMemoryShibHandle",
92                                 Class.forName("edu.internet2.middleware.shibboleth.hs.provider.SharedMemoryShibHandle"));
93
94                         registeredMappingTypes.put(
95                                 "Principal",
96                                 Class.forName("edu.internet2.middleware.shibboleth.common.PrincipalNameIdentifier"));
97
98                 } catch (ClassNotFoundException e) {
99                         log.error("Unable to pre-register Name mapping implementation types.");
100                 }
101         }
102
103         public NameMapper() {
104                 try {
105                         //Load the default mapping
106                         String rawConfig =
107                                 "<?xml version=\"1.0\" encoding=\"UTF-8\"?>"
108                                         + "<NameMapping format=\"urn:mace:shibboleth:1.0:nameIdentifier\""
109                                         + "             handleTTL=\"1800\"/>";
110                         DOMParser parser = new DOMParser();
111                         parser.parse(new InputSource(new StringReader(rawConfig)));
112                         defaultMapping = new SharedMemoryShibHandle(parser.getDocument().getDocumentElement());
113
114                 } catch (Exception e) {
115                         log.error("Unable to register default Name Identifier Mapping.");
116                         initialize();
117                 }
118         }
119
120         protected void initialize() {
121                 initialized = true;
122                 defaultMapping = null;
123         }
124
125         /**
126          * 
127          * Constructs a <code>NameIdentifierMapping</code> based on XML
128          * configuration data and adds it to this <code>NameMapper</code>,
129          * registering it according to its format.
130          * 
131          * @param e
132          *            An XML representation of a <code>NameIdentifierMapping</code>
133          * 
134          * @throws NameIdentifierMappingException
135          *             If the mapping could not be constructed according to the
136          *             supplied configuration
137          */
138         public void addNameMapping(Element e) throws NameIdentifierMappingException {
139                 
140                 if (!e.getLocalName().equals("NameMapping")) {
141                         throw new IllegalArgumentException();
142                 }
143                 
144                 log.info("Found Name Mapping. Loading...");
145
146                 String type = ((Element) e).getAttribute("type");
147                 String implementation = ((Element) e).getAttribute("class");
148                 if (type != null && (!type.equals("")) && implementation != null && (!implementation.equals(""))) {
149                         log.error("Name Mapping has both a \"type\" and a \"class\" attribute. Only \"type\" will take effect.");
150                 }
151
152                 if (type != null && (!type.equals(""))) {
153
154                         Class registeredImplementation = (Class) registeredMappingTypes.get(type);
155                         if (registeredImplementation == null) {
156                                 log.error("Name Mapping refers to an unregistered implementation type.");
157                                 throw new NameIdentifierMappingException("Invalid mapping implementation specified.");
158                         }
159
160                         log.debug(
161                                 "Found type ("
162                                         + type
163                                         + ") registered with an implementation class of ("
164                                         + registeredImplementation.getName()
165                                         + ").");
166                         addNameMapping(loadNameIdentifierMapping(registeredImplementation, e));
167
168                 } else if (implementation != null && (!implementation.equals(""))) {
169
170                         try {
171                                 Class implementorClass = Class.forName(implementation);
172                                 addNameMapping(loadNameIdentifierMapping(implementorClass, e));
173
174                         } catch (ClassNotFoundException cnfe) {
175                                 log.error("Name Mapping refers to an implementation class that cannot be loaded: " + cnfe);
176                                 throw new NameIdentifierMappingException("Invalid mapping implementation specified.");
177                         }
178
179                 } else {
180                         log.error("Name Mapping requires either a \"type\" or a \"class\" attribute.");
181                         throw new NameIdentifierMappingException("No mapping implementation specified.");
182                 }
183
184         }
185
186         /**
187          * Adds a <code>NameIdentifierMapping</code> to this <code>NameMapper</code>,
188          * registering it according to its format.
189          * 
190          * @param mapping
191          *            the mapping to add
192          */
193         public void addNameMapping(NameIdentifierMapping mapping) {
194
195                 initialize();
196
197                 if (byFormat.containsKey(mapping.getNameIdentifierFormat())) {
198                         log.error("Attempted to register multiple Name Mappings with the same format.  Skipping duplicates...");
199                         return;
200                 }
201                 byFormat.put(mapping.getNameIdentifierFormat(), mapping);
202
203         }
204
205         /**
206          * Returns the <code>NameIdentifierMapping</code> registered for a given
207          * format
208          * 
209          * @param format
210          *            the registered format
211          * @return the mapping or <tt>null</tt> if no mapping is registered for
212          *         the given format
213          */
214         public NameIdentifierMapping getNameIdentifierMapping(URI format) {
215                 if (!initialized) {
216                         return defaultMapping;
217                 }
218                 return (NameIdentifierMapping) byFormat.get(format);
219         }
220
221         protected NameIdentifierMapping loadNameIdentifierMapping(Class implementation, Element config)
222                 throws NameIdentifierMappingException {
223
224                 try {
225                         Class[] params = new Class[] { Element.class };
226                         Constructor implementorConstructor = implementation.getConstructor(params);
227                         Object[] args = new Object[] { config };
228                         log.debug("Initializing Name Identifier Mapping of type (" + implementation.getName() + ").");
229                         return (NameIdentifierMapping) implementorConstructor.newInstance(args);
230
231                 } catch (NoSuchMethodException nsme) {
232                         log.error(
233                                 "Failed to instantiate a Name Identifier Mapping: NameIdentifierMapping "
234                                         + "implementation must contain a constructor that accepts an Element object for "
235                                         + "configuration data.");
236                         throw new NameIdentifierMappingException("Failed to instantiate a Name Identifier Mapping.");
237
238                 } catch (Exception e) {
239                         log.error("Failed to instantiate a Name Identifier Mapping: " + e + ":" + e.getCause());
240                         throw new NameIdentifierMappingException("Failed to instantiate a Name Identifier Mapping: " + e);
241
242                 }
243
244         }
245
246         /**
247          * Maps a SAML Name Identifier to a local principal using the appropriate
248          * registered mapping.
249          * 
250          * @param nameId
251          *            the SAML Name Identifier that should be converted
252          * @param sProv
253          *            the provider initiating the request
254          * @param idProv
255          *            the provider handling the request
256          * @return the local principal
257          * @throws NameIdentifierMappingException
258          *             If the <code>NameMapper</code> encounters an internal
259          *             error
260          * @throws InvalidNameIdentifierException
261          *             If the <code>SAMLNameIdentifier</code> contains invalid
262          *             data
263          */
264         public AuthNPrincipal getPrincipal(SAMLNameIdentifier nameId, ServiceProvider sProv, IdentityProvider idProv)
265                 throws NameIdentifierMappingException, InvalidNameIdentifierException {
266
267                 NameIdentifierMapping mapping = null;
268                 try {
269                         mapping = getNameIdentifierMapping(new URI(nameId.getFormat()));
270                 } catch (URISyntaxException e) {
271                         log.error("Invalid Name Identifier format.");
272                 }
273                 if (mapping == null) {
274                         throw new InvalidNameIdentifierException("Name Identifier format not registered.");
275                 }
276                 return mapping.getPrincipal(nameId, sProv, idProv);
277         }
278
279 }