Google Git
Sign in
code / plexi / hourly / 43cd24b2f666e1f44743816a97d9654ad1d014c5 / . / coverage / com.google.enterprise.adaptor.SamlAssertionConsumerHandler.html
blob: ebac4f81c61a2c9c883191c070474f7c9053dcf3 [file] [log] [blame]
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8"/>
<title>Coverage Report</title>
<link title="Style" type="text/css" rel="stylesheet" href="css/main.css"/>
<script type="text/javascript" src="js/popup.js"></script>
</head>
<body>
<h5>Coverage Report - com.google.enterprise.adaptor.SamlAssertionConsumerHandler</h5>
<div class="separator">&nbsp;</div>
<table class="report">
<thead><tr> <td class="heading">Classes in this File</td> <td class="heading"><a class="dfn" href="help.html" onclick="popupwindow('help.html'); return false;">Line Coverage</a></td> <td class="heading"><a class="dfn" href="help.html" onclick="popupwindow('help.html'); return false;">Branch Coverage</a></td> <td class="heading"><a class="dfn" href="help.html" onclick="popupwindow('help.html'); return false;">Complexity</a></td></tr></thead>
<tr><td><a href="com.google.enterprise.adaptor.SamlAssertionConsumerHandler.html">SamlAssertionConsumerHandler</a></td><td><table cellpadding="0px" cellspacing="0px" class="percentgraph"><tr class="percentgraph"><td align="right" class="percentgraph" width="40">100%</td><td class="percentgraph"><div class="percentgraph"><div class="greenbar" style="width:100px"><span class="text">61/61</span></div></div></td></tr></table></td><td><table cellpadding="0px" cellspacing="0px" class="percentgraph"><tr class="percentgraph"><td align="right" class="percentgraph" width="40">91%</td><td class="percentgraph"><div class="percentgraph"><div class="greenbar" style="width:91px"><span class="text">22/24</span></div></div></td></tr></table></td><td class="value"><span class="hidden">7.666666666666667;</span>7.667</td></tr>
</table>
<div class="separator">&nbsp;</div>
<table cellspacing="0" cellpadding="0" class="src">
<tr> <td class="numLine">&nbsp;1</td> <td class="nbHits">&nbsp;</td>
<td class="src"><pre class="src">&nbsp;<span class="comment">// Copyright 2011 Google Inc. All Rights Reserved.</span></pre></td></tr>
<tr> <td class="numLine">&nbsp;2</td> <td class="nbHits">&nbsp;</td>
<td class="src"><pre class="src">&nbsp;<span class="comment">//</span></pre></td></tr>
<tr> <td class="numLine">&nbsp;3</td> <td class="nbHits">&nbsp;</td>
<td class="src"><pre class="src">&nbsp;<span class="comment">// Licensed under the Apache License, Version 2.0 (the "License");</span></pre></td></tr>
<tr> <td class="numLine">&nbsp;4</td> <td class="nbHits">&nbsp;</td>
<td class="src"><pre class="src">&nbsp;<span class="comment">// you may not use this file except in compliance with the License.</span></pre></td></tr>
<tr> <td class="numLine">&nbsp;5</td> <td class="nbHits">&nbsp;</td>
<td class="src"><pre class="src">&nbsp;<span class="comment">// You may obtain a copy of the License at</span></pre></td></tr>
<tr> <td class="numLine">&nbsp;6</td> <td class="nbHits">&nbsp;</td>
<td class="src"><pre class="src">&nbsp;<span class="comment">//</span></pre></td></tr>
<tr> <td class="numLine">&nbsp;7</td> <td class="nbHits">&nbsp;</td>
<td class="src"><pre class="src">&nbsp;<span class="comment">// http://www.apache.org/licenses/LICENSE-2.0</span></pre></td></tr>
<tr> <td class="numLine">&nbsp;8</td> <td class="nbHits">&nbsp;</td>
<td class="src"><pre class="src">&nbsp;<span class="comment">//</span></pre></td></tr>
<tr> <td class="numLine">&nbsp;9</td> <td class="nbHits">&nbsp;</td>
<td class="src"><pre class="src">&nbsp;<span class="comment">// Unless required by applicable law or agreed to in writing, software</span></pre></td></tr>
<tr> <td class="numLine">&nbsp;10</td> <td class="nbHits">&nbsp;</td>
<td class="src"><pre class="src">&nbsp;<span class="comment">// distributed under the License is distributed on an "AS IS" BASIS,</span></pre></td></tr>
<tr> <td class="numLine">&nbsp;11</td> <td class="nbHits">&nbsp;</td>
<td class="src"><pre class="src">&nbsp;<span class="comment">// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.</span></pre></td></tr>
<tr> <td class="numLine">&nbsp;12</td> <td class="nbHits">&nbsp;</td>
<td class="src"><pre class="src">&nbsp;<span class="comment">// See the License for the specific language governing permissions and</span></pre></td></tr>
<tr> <td class="numLine">&nbsp;13</td> <td class="nbHits">&nbsp;</td>
<td class="src"><pre class="src">&nbsp;<span class="comment">// limitations under the License.</span></pre></td></tr>
<tr> <td class="numLine">&nbsp;14</td> <td class="nbHits">&nbsp;</td>
<td class="src"><pre class="src">&nbsp;</pre></td></tr>
<tr> <td class="numLine">&nbsp;15</td> <td class="nbHits">&nbsp;</td>
<td class="src"><pre class="src">&nbsp;<span class="keyword">package</span> com.google.enterprise.adaptor;</pre></td></tr>
<tr> <td class="numLine">&nbsp;16</td> <td class="nbHits">&nbsp;</td>
<td class="src"><pre class="src">&nbsp;</pre></td></tr>
<tr> <td class="numLine">&nbsp;17</td> <td class="nbHits">&nbsp;</td>
<td class="src"><pre class="src">&nbsp;<span class="keyword">import</span> com.google.enterprise.secmgr.authncontroller.ExportedState;</pre></td></tr>
<tr> <td class="numLine">&nbsp;18</td> <td class="nbHits">&nbsp;</td>
<td class="src"><pre class="src">&nbsp;<span class="keyword">import</span> com.google.enterprise.secmgr.modules.SamlClient;</pre></td></tr>
<tr> <td class="numLine">&nbsp;19</td> <td class="nbHits">&nbsp;</td>
<td class="src"><pre class="src">&nbsp;<span class="keyword">import</span> com.google.enterprise.secmgr.servlets.ResponseParser;</pre></td></tr>
<tr> <td class="numLine">&nbsp;20</td> <td class="nbHits">&nbsp;</td>
<td class="src"><pre class="src">&nbsp;</pre></td></tr>
<tr> <td class="numLine">&nbsp;21</td> <td class="nbHits">&nbsp;</td>
<td class="src"><pre class="src">&nbsp;<span class="keyword">import</span> com.sun.net.httpserver.HttpExchange;</pre></td></tr>
<tr> <td class="numLine">&nbsp;22</td> <td class="nbHits">&nbsp;</td>
<td class="src"><pre class="src">&nbsp;</pre></td></tr>
<tr> <td class="numLine">&nbsp;23</td> <td class="nbHits">&nbsp;</td>
<td class="src"><pre class="src">&nbsp;<span class="keyword">import</span> org.joda.time.DateTime;</pre></td></tr>
<tr> <td class="numLine">&nbsp;24</td> <td class="nbHits">&nbsp;</td>
<td class="src"><pre class="src">&nbsp;<span class="keyword">import</span> org.opensaml.saml2.core.Response;</pre></td></tr>
<tr> <td class="numLine">&nbsp;25</td> <td class="nbHits">&nbsp;</td>
<td class="src"><pre class="src">&nbsp;<span class="keyword">import</span> org.opensaml.saml2.core.StatusCode;</pre></td></tr>
<tr> <td class="numLine">&nbsp;26</td> <td class="nbHits">&nbsp;</td>
<td class="src"><pre class="src">&nbsp;</pre></td></tr>
<tr> <td class="numLine">&nbsp;27</td> <td class="nbHits">&nbsp;</td>
<td class="src"><pre class="src">&nbsp;<span class="keyword">import</span> java.io.IOException;</pre></td></tr>
<tr> <td class="numLine">&nbsp;28</td> <td class="nbHits">&nbsp;</td>
<td class="src"><pre class="src">&nbsp;<span class="keyword">import</span> java.net.HttpURLConnection;</pre></td></tr>
<tr> <td class="numLine">&nbsp;29</td> <td class="nbHits">&nbsp;</td>
<td class="src"><pre class="src">&nbsp;<span class="keyword">import</span> java.net.URI;</pre></td></tr>
<tr> <td class="numLine">&nbsp;30</td> <td class="nbHits">&nbsp;</td>
<td class="src"><pre class="src">&nbsp;<span class="keyword">import</span> java.nio.charset.Charset;</pre></td></tr>
<tr> <td class="numLine">&nbsp;31</td> <td class="nbHits">&nbsp;</td>
<td class="src"><pre class="src">&nbsp;<span class="keyword">import</span> java.util.Date;</pre></td></tr>
<tr> <td class="numLine">&nbsp;32</td> <td class="nbHits">&nbsp;</td>
<td class="src"><pre class="src">&nbsp;<span class="keyword">import</span> java.util.Set;</pre></td></tr>
<tr> <td class="numLine">&nbsp;33</td> <td class="nbHits">&nbsp;</td>
<td class="src"><pre class="src">&nbsp;<span class="keyword">import</span> java.util.logging.Level;</pre></td></tr>
<tr> <td class="numLine">&nbsp;34</td> <td class="nbHits">&nbsp;</td>
<td class="src"><pre class="src">&nbsp;<span class="keyword">import</span> java.util.logging.Logger;</pre></td></tr>
<tr> <td class="numLine">&nbsp;35</td> <td class="nbHits">&nbsp;</td>
<td class="src"><pre class="src">&nbsp;</pre></td></tr>
<tr> <td class="numLine">&nbsp;36</td> <td class="nbHits">&nbsp;</td>
<td class="src"><pre class="src">&nbsp;<span class="comment">/**</span></pre></td></tr>
<tr> <td class="numLine">&nbsp;37</td> <td class="nbHits">&nbsp;</td>
<td class="src"><pre class="src">&nbsp;<span class="comment"> * A servlet that implements the SAML "assertion consumer" role for SAML</span></pre></td></tr>
<tr> <td class="numLine">&nbsp;38</td> <td class="nbHits">&nbsp;</td>
<td class="src"><pre class="src">&nbsp;<span class="comment"> * credentials gathering. Once the client has been authenticated with the GSA,</span></pre></td></tr>
<tr> <td class="numLine">&nbsp;39</td> <td class="nbHits">&nbsp;</td>
<td class="src"><pre class="src">&nbsp;<span class="comment"> * the SSO service will redirect the client to us and include a SAML response.</span></pre></td></tr>
<tr> <td class="numLine">&nbsp;40</td> <td class="nbHits">&nbsp;</td>
<td class="src"><pre class="src">&nbsp;<span class="comment"> * This {@code Handler} interprets the response and updates our knowledge about</span></pre></td></tr>
<tr> <td class="numLine">&nbsp;41</td> <td class="nbHits">&nbsp;</td>
<td class="src"><pre class="src">&nbsp;<span class="comment"> * the client, followed by redirecting the client back to the original page they</span></pre></td></tr>
<tr> <td class="numLine">&nbsp;42</td> <td class="nbHits">&nbsp;</td>
<td class="src"><pre class="src">&nbsp;<span class="comment"> * tried to visit.</span></pre></td></tr>
<tr> <td class="numLine">&nbsp;43</td> <td class="nbHits">&nbsp;</td>
<td class="src"><pre class="src">&nbsp;<span class="comment"> */</span></pre></td></tr>
<tr> <td class="numLine">&nbsp;44</td> <td class="nbHits">&nbsp;</td>
<td class="src"><pre class="src">&nbsp;<span class="keyword">class</span> SamlAssertionConsumerHandler <span class="keyword">extends</span> AbstractHandler {</pre></td></tr>
<tr> <td class="numLineCover">&nbsp;45</td> <td class="nbHitsCovered">&nbsp;1</td> <td class="src"><pre class="src">&nbsp; <span class="keyword">private</span> <span class="keyword">static</span> <span class="keyword">final</span> Logger log = Logger.getLogger(</pre></td></tr>
<tr> <td class="numLine">&nbsp;46</td> <td class="nbHits">&nbsp;</td>
<td class="src"><pre class="src">&nbsp; SamlAssertionConsumerHandler.<span class="keyword">class</span>.getName());</pre></td></tr>
<tr> <td class="numLine">&nbsp;47</td> <td class="nbHits">&nbsp;</td>
<td class="src"><pre class="src">&nbsp;</pre></td></tr>
<tr> <td class="numLine">&nbsp;48</td> <td class="nbHits">&nbsp;</td>
<td class="src"><pre class="src">&nbsp; <span class="comment">/**</span></pre></td></tr>
<tr> <td class="numLine">&nbsp;49</td> <td class="nbHits">&nbsp;</td>
<td class="src"><pre class="src">&nbsp;<span class="comment"> * Manager that contains the {@link AuthnState} populated by {@link</span></pre></td></tr>
<tr> <td class="numLine">&nbsp;50</td> <td class="nbHits">&nbsp;</td>
<td class="src"><pre class="src">&nbsp;<span class="comment"> * AuthnHandler}.</span></pre></td></tr>
<tr> <td class="numLine">&nbsp;51</td> <td class="nbHits">&nbsp;</td>
<td class="src"><pre class="src">&nbsp;<span class="comment"> */</span></pre></td></tr>
<tr> <td class="numLine">&nbsp;52</td> <td class="nbHits">&nbsp;</td>
<td class="src"><pre class="src">&nbsp; <span class="keyword">private</span> <span class="keyword">final</span> SessionManager&lt;HttpExchange&gt; sessionManager;</pre></td></tr>
<tr> <td class="numLine">&nbsp;53</td> <td class="nbHits">&nbsp;</td>
<td class="src"><pre class="src">&nbsp;</pre></td></tr>
<tr> <td class="numLine">&nbsp;54</td> <td class="nbHits">&nbsp;</td>
<td class="src"><pre class="src">&nbsp; <span class="comment">/**</span></pre></td></tr>
<tr> <td class="numLine">&nbsp;55</td> <td class="nbHits">&nbsp;</td>
<td class="src"><pre class="src">&nbsp;<span class="comment"> * @param sessionManager manager to use to find authn attempts in progress</span></pre></td></tr>
<tr> <td class="numLine">&nbsp;56</td> <td class="nbHits">&nbsp;</td>
<td class="src"><pre class="src">&nbsp;<span class="comment"> */</span></pre></td></tr>
<tr> <td class="numLine">&nbsp;57</td> <td class="nbHits">&nbsp;</td>
<td class="src"><pre class="src">&nbsp; SamlAssertionConsumerHandler(String fallbackHostname, Charset defaultEncoding,</pre></td></tr>
<tr> <td class="numLine">&nbsp;58</td> <td class="nbHits">&nbsp;</td>
<td class="src"><pre class="src">&nbsp; SessionManager&lt;HttpExchange&gt; sessionManager) {</pre></td></tr>
<tr> <td class="numLineCover">&nbsp;59</td> <td class="nbHitsCovered">&nbsp;11</td> <td class="src"><pre class="src">&nbsp; <span class="keyword">super</span>(fallbackHostname, defaultEncoding);</pre></td></tr>
<tr> <td class="numLineCover">&nbsp;60</td> <td class="nbHitsCovered">&nbsp;11</td> <td class="src"><pre class="src">&nbsp; <span class="keyword">this</span>.sessionManager = sessionManager;</pre></td></tr>
<tr> <td class="numLineCover">&nbsp;61</td> <td class="nbHitsCovered">&nbsp;11</td> <td class="src"><pre class="src">&nbsp; SecurityManagerConfig.load();</pre></td></tr>
<tr> <td class="numLineCover">&nbsp;62</td> <td class="nbHitsCovered">&nbsp;11</td> <td class="src"><pre class="src">&nbsp; }</pre></td></tr>
<tr> <td class="numLine">&nbsp;63</td> <td class="nbHits">&nbsp;</td>
<td class="src"><pre class="src">&nbsp;</pre></td></tr>
<tr> <td class="numLine">&nbsp;64</td> <td class="nbHits">&nbsp;</td>
<td class="src"><pre class="src">&nbsp; @Override</pre></td></tr>
<tr> <td class="numLine">&nbsp;65</td> <td class="nbHits">&nbsp;</td>
<td class="src"><pre class="src">&nbsp; <span class="keyword">public</span> <span class="keyword">void</span> meteredHandle(HttpExchange ex) <span class="keyword">throws</span> IOException {</pre></td></tr>
<tr> <td class="numLineCover">&nbsp;66</td> <td class="nbHitsCovered">&nbsp;10</td> <td class="src"><pre class="src">&nbsp; String requestMethod = ex.getRequestMethod();</pre></td></tr>
<tr> <td class="numLineCover">&nbsp;67</td> <td class="nbHitsCovered"><a title="Line 67: Conditional coverage 100% (2/2).">&nbsp;10</a></td> <td class="src"><pre class="src">&nbsp;<a title="Line 67: Conditional coverage 100% (2/2)."> <span class="keyword">if</span> (!<span class="string">"GET"</span>.equals(requestMethod)) {</a></pre></td></tr>
<tr> <td class="numLineCover">&nbsp;68</td> <td class="nbHitsCovered">&nbsp;1</td> <td class="src"><pre class="src">&nbsp; cannedRespond(ex, HttpURLConnection.HTTP_BAD_METHOD,</pre></td></tr>
<tr> <td class="numLine">&nbsp;69</td> <td class="nbHits">&nbsp;</td>
<td class="src"><pre class="src">&nbsp; Translation.HTTP_BAD_METHOD);</pre></td></tr>
<tr> <td class="numLineCover">&nbsp;70</td> <td class="nbHitsCovered">&nbsp;1</td> <td class="src"><pre class="src">&nbsp; <span class="keyword">return</span>;</pre></td></tr>
<tr> <td class="numLine">&nbsp;71</td> <td class="nbHits">&nbsp;</td>
<td class="src"><pre class="src">&nbsp; }</pre></td></tr>
<tr> <td class="numLineCover">&nbsp;72</td> <td class="nbHitsCovered">&nbsp;9</td> <td class="src"><pre class="src">&nbsp; Session session = sessionManager.getSession(ex);</pre></td></tr>
<tr> <td class="numLineCover">&nbsp;73</td> <td class="nbHitsCovered">&nbsp;9</td> <td class="src"><pre class="src">&nbsp; AuthnState authnState = (AuthnState) session.getAttribute(</pre></td></tr>
<tr> <td class="numLine">&nbsp;74</td> <td class="nbHits">&nbsp;</td>
<td class="src"><pre class="src">&nbsp; AuthnState.SESSION_ATTR_NAME);</pre></td></tr>
<tr> <td class="numLineCover">&nbsp;75</td> <td class="nbHitsCovered"><a title="Line 75: Conditional coverage 100% (2/2).">&nbsp;9</a></td> <td class="src"><pre class="src">&nbsp;<a title="Line 75: Conditional coverage 100% (2/2)."> <span class="keyword">if</span> (authnState == <span class="keyword">null</span>) {</a></pre></td></tr>
<tr> <td class="numLineCover">&nbsp;76</td> <td class="nbHitsCovered">&nbsp;1</td> <td class="src"><pre class="src">&nbsp; cannedRespond(ex, HttpURLConnection.HTTP_CONFLICT,</pre></td></tr>
<tr> <td class="numLine">&nbsp;77</td> <td class="nbHits">&nbsp;</td>
<td class="src"><pre class="src">&nbsp; Translation.AUTHN_UNKNOWN_SESSION);</pre></td></tr>
<tr> <td class="numLineCover">&nbsp;78</td> <td class="nbHitsCovered">&nbsp;1</td> <td class="src"><pre class="src">&nbsp; <span class="keyword">return</span>;</pre></td></tr>
<tr> <td class="numLine">&nbsp;79</td> <td class="nbHits">&nbsp;</td>
<td class="src"><pre class="src">&nbsp; }</pre></td></tr>
<tr> <td class="numLineCover">&nbsp;80</td> <td class="nbHitsCovered"><a title="Line 80: Conditional coverage 100% (2/2).">&nbsp;8</a></td> <td class="src"><pre class="src">&nbsp;<a title="Line 80: Conditional coverage 100% (2/2)."> <span class="keyword">if</span> (authnState.isAuthenticated()) {</a></pre></td></tr>
<tr> <td class="numLine">&nbsp;81</td> <td class="nbHits">&nbsp;</td>
<td class="src"><pre class="src">&nbsp; <span class="comment">// TODO(ejona): keep track of each request, so that we can redirect here</span></pre></td></tr>
<tr> <td class="numLineCover">&nbsp;82</td> <td class="nbHitsCovered">&nbsp;1</td> <td class="src"><pre class="src">&nbsp; cannedRespond(ex, HttpURLConnection.HTTP_CONFLICT,</pre></td></tr>
<tr> <td class="numLine">&nbsp;83</td> <td class="nbHits">&nbsp;</td>
<td class="src"><pre class="src">&nbsp; Translation.AUTHN_RETRY);</pre></td></tr>
<tr> <td class="numLineCover">&nbsp;84</td> <td class="nbHitsCovered">&nbsp;1</td> <td class="src"><pre class="src">&nbsp; <span class="keyword">return</span>;</pre></td></tr>
<tr> <td class="numLine">&nbsp;85</td> <td class="nbHits">&nbsp;</td>
<td class="src"><pre class="src">&nbsp; }</pre></td></tr>
<tr> <td class="numLineCover">&nbsp;86</td> <td class="nbHitsCovered">&nbsp;7</td> <td class="src"><pre class="src">&nbsp; SamlClient client = authnState.getSamlClient();</pre></td></tr>
<tr> <td class="numLineCover">&nbsp;87</td> <td class="nbHitsCovered">&nbsp;7</td> <td class="src"><pre class="src">&nbsp; URI origUri = authnState.getOriginalUri();</pre></td></tr>
<tr> <td class="numLineCover">&nbsp;88</td> <td class="nbHitsUncovered"><a title="Line 88: Conditional coverage 75% (3/4) [each condition: 100%, 50%].">&nbsp;7</a></td> <td class="src"><pre class="src"><span class="srcUncovered">&nbsp;<a title="Line 88: Conditional coverage 75% (3/4) [each condition: 100%, 50%]."> <span class="keyword">if</span> (client == <span class="keyword">null</span> || origUri == <span class="keyword">null</span>) {</a></span></pre></td></tr>
<tr> <td class="numLineCover">&nbsp;89</td> <td class="nbHitsCovered">&nbsp;1</td> <td class="src"><pre class="src">&nbsp; cannedRespond(ex, HttpURLConnection.HTTP_INTERNAL_ERROR,</pre></td></tr>
<tr> <td class="numLine">&nbsp;90</td> <td class="nbHits">&nbsp;</td>
<td class="src"><pre class="src">&nbsp; Translation.AUTHN_NOT_STARTED);</pre></td></tr>
<tr> <td class="numLineCover">&nbsp;91</td> <td class="nbHitsCovered">&nbsp;1</td> <td class="src"><pre class="src">&nbsp; <span class="keyword">return</span>;</pre></td></tr>
<tr> <td class="numLine">&nbsp;92</td> <td class="nbHits">&nbsp;</td>
<td class="src"><pre class="src">&nbsp; }</pre></td></tr>
<tr> <td class="numLine">&nbsp;93</td> <td class="nbHits">&nbsp;</td>
<td class="src"><pre class="src">&nbsp; <span class="keyword">boolean</span> authnSuccess;</pre></td></tr>
<tr> <td class="numLine">&nbsp;94</td> <td class="nbHits">&nbsp;</td>
<td class="src"><pre class="src">&nbsp; <span class="comment">// GET implies the assertion is being sent with the artifact binding.</span></pre></td></tr>
<tr> <td class="numLineCover">&nbsp;95</td> <td class="nbHitsCovered">&nbsp;6</td> <td class="src"><pre class="src">&nbsp; log.info(<span class="string">"Received assertion via artifact binding"</span>);</pre></td></tr>
<tr> <td class="numLineCover">&nbsp;96</td> <td class="nbHitsCovered">&nbsp;6</td> <td class="src"><pre class="src">&nbsp; Response samlResponse = client.decodeArtifactResponse(getRequestUri(ex),</pre></td></tr>
<tr> <td class="numLine">&nbsp;97</td> <td class="nbHits">&nbsp;</td>
<td class="src"><pre class="src">&nbsp; <span class="keyword">new</span> HttpExchangeInTransportAdapter(ex));</pre></td></tr>
<tr> <td class="numLineCover">&nbsp;98</td> <td class="nbHitsCovered">&nbsp;6</td> <td class="src"><pre class="src">&nbsp; authnSuccess = consumeAssertion(client, samlResponse,</pre></td></tr>
<tr> <td class="numLine">&nbsp;99</td> <td class="nbHits">&nbsp;</td>
<td class="src"><pre class="src">&nbsp; client.getArtifactAssertionConsumerService().getLocation(),</pre></td></tr>
<tr> <td class="numLine">&nbsp;100</td> <td class="nbHits">&nbsp;</td>
<td class="src"><pre class="src">&nbsp; authnState);</pre></td></tr>
<tr> <td class="numLine">&nbsp;101</td> <td class="nbHits">&nbsp;</td>
<td class="src"><pre class="src">&nbsp;</pre></td></tr>
<tr> <td class="numLineCover">&nbsp;102</td> <td class="nbHitsCovered"><a title="Line 102: Conditional coverage 100% (2/2).">&nbsp;6</a></td> <td class="src"><pre class="src">&nbsp;<a title="Line 102: Conditional coverage 100% (2/2)."> <span class="keyword">if</span> (authnSuccess) {</a></pre></td></tr>
<tr> <td class="numLineCover">&nbsp;103</td> <td class="nbHitsCovered">&nbsp;2</td> <td class="src"><pre class="src">&nbsp; sendRedirect(ex, origUri); </pre></td></tr>
<tr> <td class="numLine">&nbsp;104</td> <td class="nbHits">&nbsp;</td>
<td class="src"><pre class="src">&nbsp; } <span class="keyword">else</span> {</pre></td></tr>
<tr> <td class="numLineCover">&nbsp;105</td> <td class="nbHitsCovered">&nbsp;4</td> <td class="src"><pre class="src">&nbsp; cannedRespond(ex, HttpURLConnection.HTTP_FORBIDDEN,</pre></td></tr>
<tr> <td class="numLine">&nbsp;106</td> <td class="nbHits">&nbsp;</td>
<td class="src"><pre class="src">&nbsp; Translation.HTTP_FORBIDDEN_AUTHN_FAILURE);</pre></td></tr>
<tr> <td class="numLine">&nbsp;107</td> <td class="nbHits">&nbsp;</td>
<td class="src"><pre class="src">&nbsp; }</pre></td></tr>
<tr> <td class="numLineCover">&nbsp;108</td> <td class="nbHitsCovered">&nbsp;6</td> <td class="src"><pre class="src">&nbsp; }</pre></td></tr>
<tr> <td class="numLine">&nbsp;109</td> <td class="nbHits">&nbsp;</td>
<td class="src"><pre class="src">&nbsp;</pre></td></tr>
<tr> <td class="numLine">&nbsp;110</td> <td class="nbHits">&nbsp;</td>
<td class="src"><pre class="src">&nbsp; <span class="keyword">private</span> <span class="keyword">boolean</span> consumeAssertion(SamlClient client, Response samlResponse,</pre></td></tr>
<tr> <td class="numLine">&nbsp;111</td> <td class="nbHits">&nbsp;</td>
<td class="src"><pre class="src">&nbsp; String recipient, AuthnState authnState) {</pre></td></tr>
<tr> <td class="numLineCover">&nbsp;112</td> <td class="nbHitsCovered"><a title="Line 112: Conditional coverage 100% (2/2).">&nbsp;6</a></td> <td class="src"><pre class="src">&nbsp;<a title="Line 112: Conditional coverage 100% (2/2)."> <span class="keyword">if</span> (samlResponse == <span class="keyword">null</span>) {</a></pre></td></tr>
<tr> <td class="numLineCover">&nbsp;113</td> <td class="nbHitsCovered">&nbsp;1</td> <td class="src"><pre class="src">&nbsp; log.warning(<span class="string">"SAML response is missing"</span>);</pre></td></tr>
<tr> <td class="numLineCover">&nbsp;114</td> <td class="nbHitsCovered">&nbsp;1</td> <td class="src"><pre class="src">&nbsp; authnState.failAttempt();</pre></td></tr>
<tr> <td class="numLineCover">&nbsp;115</td> <td class="nbHitsCovered">&nbsp;1</td> <td class="src"><pre class="src">&nbsp; <span class="keyword">return</span> <span class="keyword">false</span>;</pre></td></tr>
<tr> <td class="numLine">&nbsp;116</td> <td class="nbHits">&nbsp;</td>
<td class="src"><pre class="src">&nbsp; }</pre></td></tr>
<tr> <td class="numLine">&nbsp;117</td> <td class="nbHits">&nbsp;</td>
<td class="src"><pre class="src">&nbsp;</pre></td></tr>
<tr> <td class="numLine">&nbsp;118</td> <td class="nbHits">&nbsp;</td>
<td class="src"><pre class="src">&nbsp; <span class="comment">// "some session id" is trash that is used for logging in the</span></pre></td></tr>
<tr> <td class="numLine">&nbsp;119</td> <td class="nbHits">&nbsp;</td>
<td class="src"><pre class="src">&nbsp; <span class="comment">// ResponseParser. We have no need for it, but we need to provide a value.</span></pre></td></tr>
<tr> <td class="numLineCover">&nbsp;120</td> <td class="nbHitsCovered">&nbsp;5</td> <td class="src"><pre class="src">&nbsp; ResponseParser parser = ResponseParser.make(</pre></td></tr>
<tr> <td class="numLine">&nbsp;121</td> <td class="nbHits">&nbsp;</td>
<td class="src"><pre class="src">&nbsp; client, recipient, samlResponse, <span class="string">"some session id"</span>);</pre></td></tr>
<tr> <td class="numLineCover">&nbsp;122</td> <td class="nbHitsCovered"><a title="Line 122: Conditional coverage 100% (2/2).">&nbsp;5</a></td> <td class="src"><pre class="src">&nbsp;<a title="Line 122: Conditional coverage 100% (2/2)."> <span class="keyword">if</span> (!parser.isResponseValid()) {</a></pre></td></tr>
<tr> <td class="numLineCover">&nbsp;123</td> <td class="nbHitsCovered">&nbsp;1</td> <td class="src"><pre class="src">&nbsp; log.warning(<span class="string">"SAML response is invalid"</span>);</pre></td></tr>
<tr> <td class="numLineCover">&nbsp;124</td> <td class="nbHitsCovered">&nbsp;1</td> <td class="src"><pre class="src">&nbsp; authnState.failAttempt();</pre></td></tr>
<tr> <td class="numLineCover">&nbsp;125</td> <td class="nbHitsCovered">&nbsp;1</td> <td class="src"><pre class="src">&nbsp; <span class="keyword">return</span> <span class="keyword">false</span>;</pre></td></tr>
<tr> <td class="numLine">&nbsp;126</td> <td class="nbHits">&nbsp;</td>
<td class="src"><pre class="src">&nbsp; }</pre></td></tr>
<tr> <td class="numLine">&nbsp;127</td> <td class="nbHits">&nbsp;</td>
<td class="src"><pre class="src">&nbsp;</pre></td></tr>
<tr> <td class="numLineCover">&nbsp;128</td> <td class="nbHitsCovered">&nbsp;4</td> <td class="src"><pre class="src">&nbsp; String code = parser.getResponseStatus();</pre></td></tr>
<tr> <td class="numLineCover">&nbsp;129</td> <td class="nbHitsCovered">&nbsp;4</td> <td class="src"><pre class="src">&nbsp; log.log(Level.INFO, <span class="string">"status code = {0}"</span>, <span class="keyword">new</span> Object[] {code});</pre></td></tr>
<tr> <td class="numLineCover">&nbsp;130</td> <td class="nbHitsCovered"><a title="Line 130: Conditional coverage 100% (2/2).">&nbsp;4</a></td> <td class="src"><pre class="src">&nbsp;<a title="Line 130: Conditional coverage 100% (2/2)."> <span class="keyword">if</span> (!code.equals(StatusCode.SUCCESS_URI)) {</a></pre></td></tr>
<tr> <td class="numLineCover">&nbsp;131</td> <td class="nbHitsCovered">&nbsp;1</td> <td class="src"><pre class="src">&nbsp; log.log(Level.WARNING, <span class="string">"SAML IdP failed to resolve: {0}"</span>,</pre></td></tr>
<tr> <td class="numLine">&nbsp;132</td> <td class="nbHits">&nbsp;</td>
<td class="src"><pre class="src">&nbsp; <span class="keyword">new</span> Object[] {code});</pre></td></tr>
<tr> <td class="numLineCover">&nbsp;133</td> <td class="nbHitsCovered">&nbsp;1</td> <td class="src"><pre class="src">&nbsp; authnState.failAttempt();</pre></td></tr>
<tr> <td class="numLineCover">&nbsp;134</td> <td class="nbHitsCovered">&nbsp;1</td> <td class="src"><pre class="src">&nbsp; <span class="keyword">return</span> <span class="keyword">false</span>;</pre></td></tr>
<tr> <td class="numLine">&nbsp;135</td> <td class="nbHits">&nbsp;</td>
<td class="src"><pre class="src">&nbsp; }</pre></td></tr>
<tr> <td class="numLine">&nbsp;136</td> <td class="nbHits">&nbsp;</td>
<td class="src"><pre class="src">&nbsp;</pre></td></tr>
<tr> <td class="numLineCover">&nbsp;137</td> <td class="nbHitsCovered"><a title="Line 137: Conditional coverage 100% (2/2).">&nbsp;3</a></td> <td class="src"><pre class="src">&nbsp;<a title="Line 137: Conditional coverage 100% (2/2)."> <span class="keyword">if</span> (!parser.areAssertionsValid()) {</a></pre></td></tr>
<tr> <td class="numLineCover">&nbsp;138</td> <td class="nbHitsCovered">&nbsp;1</td> <td class="src"><pre class="src">&nbsp; log.warning(<span class="string">"One or more SAML assertions are invalid"</span>);</pre></td></tr>
<tr> <td class="numLineCover">&nbsp;139</td> <td class="nbHitsCovered">&nbsp;1</td> <td class="src"><pre class="src">&nbsp; authnState.failAttempt();</pre></td></tr>
<tr> <td class="numLineCover">&nbsp;140</td> <td class="nbHitsCovered">&nbsp;1</td> <td class="src"><pre class="src">&nbsp; <span class="keyword">return</span> <span class="keyword">false</span>;</pre></td></tr>
<tr> <td class="numLine">&nbsp;141</td> <td class="nbHits">&nbsp;</td>
<td class="src"><pre class="src">&nbsp; }</pre></td></tr>
<tr> <td class="numLineCover">&nbsp;142</td> <td class="nbHitsCovered">&nbsp;2</td> <td class="src"><pre class="src">&nbsp; String subjectName = parser.getSubject();</pre></td></tr>
<tr> <td class="numLineCover">&nbsp;143</td> <td class="nbHitsCovered">&nbsp;2</td> <td class="src"><pre class="src">&nbsp; Set&lt;String&gt; groups = <span class="keyword">null</span>;</pre></td></tr>
<tr> <td class="numLineCover">&nbsp;144</td> <td class="nbHitsCovered">&nbsp;2</td> <td class="src"><pre class="src">&nbsp; String password = <span class="keyword">null</span>;</pre></td></tr>
<tr> <td class="numLine">&nbsp;145</td> <td class="nbHits">&nbsp;</td>
<td class="src"><pre class="src">&nbsp;</pre></td></tr>
<tr> <td class="numLineCover">&nbsp;146</td> <td class="nbHitsCovered">&nbsp;2</td> <td class="src"><pre class="src">&nbsp; ExportedState state = parser.getExportedState();</pre></td></tr>
<tr> <td class="numLineCover">&nbsp;147</td> <td class="nbHitsCovered"><a title="Line 147: Conditional coverage 100% (2/2).">&nbsp;2</a></td> <td class="src"><pre class="src">&nbsp;<a title="Line 147: Conditional coverage 100% (2/2)."> <span class="keyword">if</span> (state != <span class="keyword">null</span>) {</a></pre></td></tr>
<tr> <td class="numLine">&nbsp;148</td> <td class="nbHits">&nbsp;</td>
<td class="src"><pre class="src">&nbsp; <span class="comment">// Groups is also available via parser.getGroups, but this handles the</span></pre></td></tr>
<tr> <td class="numLine">&nbsp;149</td> <td class="nbHits">&nbsp;</td>
<td class="src"><pre class="src">&nbsp; <span class="comment">// state == null case more appropriately for our usage.</span></pre></td></tr>
<tr> <td class="numLineCover">&nbsp;150</td> <td class="nbHitsCovered">&nbsp;1</td> <td class="src"><pre class="src">&nbsp; groups = state.getPviCredentials().getGroups();</pre></td></tr>
<tr> <td class="numLineCover">&nbsp;151</td> <td class="nbHitsCovered">&nbsp;1</td> <td class="src"><pre class="src">&nbsp; password = state.getPviCredentials().getPassword();</pre></td></tr>
<tr> <td class="numLine">&nbsp;152</td> <td class="nbHits">&nbsp;</td>
<td class="src"><pre class="src">&nbsp; }</pre></td></tr>
<tr> <td class="numLineCover">&nbsp;153</td> <td class="nbHitsCovered">&nbsp;2</td> <td class="src"><pre class="src">&nbsp; DateTime expirationDateTime = parser.getExpirationTime();</pre></td></tr>
<tr> <td class="numLineCover">&nbsp;154</td> <td class="nbHitsUncovered"><a title="Line 154: Conditional coverage 50% (1/2).">&nbsp;2</a></td> <td class="src"><pre class="src"><span class="srcUncovered">&nbsp;<a title="Line 154: Conditional coverage 50% (1/2)."> <span class="keyword">long</span> expirationTime = (expirationDateTime == <span class="keyword">null</span>)</a></span></pre></td></tr>
<tr> <td class="numLine">&nbsp;155</td> <td class="nbHits">&nbsp;</td>
<td class="src"><pre class="src">&nbsp; ? Long.MAX_VALUE : expirationDateTime.getMillis();</pre></td></tr>
<tr> <td class="numLineCover">&nbsp;156</td> <td class="nbHitsCovered">&nbsp;2</td> <td class="src"><pre class="src">&nbsp; log.log(Level.INFO, <span class="string">"SAML subject {0} verified {1}"</span>,</pre></td></tr>
<tr> <td class="numLine">&nbsp;157</td> <td class="nbHits">&nbsp;</td>
<td class="src"><pre class="src">&nbsp; <span class="keyword">new</span> Object[] {subjectName, <span class="keyword">new</span> Date(expirationTime)});</pre></td></tr>
<tr> <td class="numLineCover">&nbsp;158</td> <td class="nbHitsCovered">&nbsp;2</td> <td class="src"><pre class="src">&nbsp; AuthnIdentity identity = <span class="keyword">new</span> AuthnIdentityImpl.Builder(subjectName)</pre></td></tr>
<tr> <td class="numLine">&nbsp;159</td> <td class="nbHits">&nbsp;</td>
<td class="src"><pre class="src">&nbsp; .setGroups(groups).setPassword(password).build();</pre></td></tr>
<tr> <td class="numLineCover">&nbsp;160</td> <td class="nbHitsCovered">&nbsp;2</td> <td class="src"><pre class="src">&nbsp; authnState.authenticated(identity, expirationTime);</pre></td></tr>
<tr> <td class="numLineCover">&nbsp;161</td> <td class="nbHitsCovered">&nbsp;2</td> <td class="src"><pre class="src">&nbsp; <span class="keyword">return</span> <span class="keyword">true</span>;</pre></td></tr>
<tr> <td class="numLine">&nbsp;162</td> <td class="nbHits">&nbsp;</td>
<td class="src"><pre class="src">&nbsp; }</pre></td></tr>
<tr> <td class="numLine">&nbsp;163</td> <td class="nbHits">&nbsp;</td>
<td class="src"><pre class="src">&nbsp;}</pre></td></tr>
</table>
<div class="footer">Report generated by <a href="http://cobertura.sourceforge.net/" target="_top">Cobertura</a> 1.9.4.1 on 3/19/12 11:00 AM.</div>
</body>
</html>