| <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" |
| "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> |
| <html> |
| <head> |
| <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"/> |
| <title>Coverage Report</title> |
| <link title="Style" type="text/css" rel="stylesheet" href="css/main.css"/> |
| <script type="text/javascript" src="js/popup.js"></script> |
| </head> |
| <body> |
| <h5>Coverage Report - com.google.enterprise.adaptor.secmgr.servlets.ResponseParser</h5> |
| <div class="separator"> </div> |
| <table class="report"> |
| <thead><tr> <td class="heading">Classes in this File</td> <td class="heading"><a class="dfn" href="help.html" onclick="popupwindow('help.html'); return false;">Line Coverage</a></td> <td class="heading"><a class="dfn" href="help.html" onclick="popupwindow('help.html'); return false;">Branch Coverage</a></td> <td class="heading"><a class="dfn" href="help.html" onclick="popupwindow('help.html'); return false;">Complexity</a></td></tr></thead> |
| <tr><td><a href="com.google.enterprise.adaptor.secmgr.servlets.ResponseParser.html">ResponseParser</a></td><td><table cellpadding="0px" cellspacing="0px" class="percentgraph"><tr class="percentgraph"><td align="right" class="percentgraph" width="40">11</td><td class="percentgraph"><div class="percentgraph"><div class="greenbar" style="width:86px"><span class="text">71/82</span></div></div></td></tr></table></td><td><table cellpadding="0px" cellspacing="0px" class="percentgraph"><tr class="percentgraph"><td align="right" class="percentgraph" width="40">50</td><td class="percentgraph"><div class="percentgraph"><div class="greenbar" style="width:58px"><span class="text">70/120</span></div></div></td></tr></table></td><td class="value"><span class="hidden">2.586206896551724;</span>2.586</td></tr> |
| <tr><td><a href="com.google.enterprise.adaptor.secmgr.servlets.ResponseParser.html">ResponseParser$1</a></td><td><table cellpadding="0px" cellspacing="0px" class="percentgraph"><tr class="percentgraph"><td align="right" class="percentgraph" width="40">0</td><td class="percentgraph"><div class="percentgraph"><div class="greenbar" style="width:100px"><span class="text">2/2</span></div></div></td></tr></table></td><td><table cellpadding="0px" cellspacing="0px" class="percentgraph"><tr class="percentgraph"><td align="right" class="percentgraph" width="40"><a class="dfn" href="help.html" onclick="popupwindow('help.html'); return false;">N/A</a></td><td class="percentgraph"><div class="percentgraph"><div class="na" style="width:100px"><span class="text"><a class="dfn" href="help.html" onclick="popupwindow('help.html'); return false;">N/A</a></span></div></div></td></tr></table></td><td class="value"><span class="hidden">2.586206896551724;</span>2.586</td></tr> |
| <tr><td><a href="com.google.enterprise.adaptor.secmgr.servlets.ResponseParser.html">ResponseParser$2</a></td><td><table cellpadding="0px" cellspacing="0px" class="percentgraph"><tr class="percentgraph"><td align="right" class="percentgraph" width="40">0</td><td class="percentgraph"><div class="percentgraph"><div class="greenbar" style="width:100px"><span class="text">2/2</span></div></div></td></tr></table></td><td><table cellpadding="0px" cellspacing="0px" class="percentgraph"><tr class="percentgraph"><td align="right" class="percentgraph" width="40"><a class="dfn" href="help.html" onclick="popupwindow('help.html'); return false;">N/A</a></td><td class="percentgraph"><div class="percentgraph"><div class="na" style="width:100px"><span class="text"><a class="dfn" href="help.html" onclick="popupwindow('help.html'); return false;">N/A</a></span></div></div></td></tr></table></td><td class="value"><span class="hidden">2.586206896551724;</span>2.586</td></tr> |
| |
| </table> |
| <div class="separator"> </div> |
| <table cellspacing="0" cellpadding="0" class="src"> |
| <tr> <td class="numLine"> 1</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment">// Copyright 2009 Google Inc.</span></pre></td></tr> |
| <tr> <td class="numLine"> 2</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment">//</span></pre></td></tr> |
| <tr> <td class="numLine"> 3</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment">// Licensed under the Apache License, Version 2.0 (the "License");</span></pre></td></tr> |
| <tr> <td class="numLine"> 4</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment">// you may not use this file except in compliance with the License.</span></pre></td></tr> |
| <tr> <td class="numLine"> 5</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment">// You may obtain a copy of the License at</span></pre></td></tr> |
| <tr> <td class="numLine"> 6</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment">//</span></pre></td></tr> |
| <tr> <td class="numLine"> 7</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment">// http://www.apache.org/licenses/LICENSE-2.0</span></pre></td></tr> |
| <tr> <td class="numLine"> 8</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment">//</span></pre></td></tr> |
| <tr> <td class="numLine"> 9</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment">// Unless required by applicable law or agreed to in writing, software</span></pre></td></tr> |
| <tr> <td class="numLine"> 10</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment">// distributed under the License is distributed on an "AS IS" BASIS,</span></pre></td></tr> |
| <tr> <td class="numLine"> 11</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment">// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.</span></pre></td></tr> |
| <tr> <td class="numLine"> 12</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment">// See the License for the specific language governing permissions and</span></pre></td></tr> |
| <tr> <td class="numLine"> 13</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment">// limitations under the License.</span></pre></td></tr> |
| <tr> <td class="numLine"> 14</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> </pre></td></tr> |
| <tr> <td class="numLine"> 15</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="keyword">package</span> com.google.enterprise.adaptor.secmgr.servlets;</pre></td></tr> |
| <tr> <td class="numLine"> 16</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> </pre></td></tr> |
| <tr> <td class="numLine"> 17</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="keyword">import</span> com.google.common.annotations.VisibleForTesting;</pre></td></tr> |
| <tr> <td class="numLine"> 18</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="keyword">import</span> com.google.common.base.Predicate;</pre></td></tr> |
| <tr> <td class="numLine"> 19</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="keyword">import</span> com.google.common.base.Strings;</pre></td></tr> |
| <tr> <td class="numLine"> 20</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="keyword">import</span> com.google.common.collect.ImmutableSet;</pre></td></tr> |
| <tr> <td class="numLine"> 21</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="keyword">import</span> com.google.common.collect.Iterables;</pre></td></tr> |
| <tr> <td class="numLine"> 22</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="keyword">import</span> com.google.enterprise.adaptor.secmgr.authncontroller.ExportedState;</pre></td></tr> |
| <tr> <td class="numLine"> 23</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="keyword">import</span> com.google.enterprise.adaptor.secmgr.common.SecurityManagerUtil;</pre></td></tr> |
| <tr> <td class="numLine"> 24</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="keyword">import</span> com.google.enterprise.adaptor.secmgr.modules.SamlClient;</pre></td></tr> |
| <tr> <td class="numLine"> 25</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="keyword">import</span> com.google.enterprise.adaptor.secmgr.saml.OpenSamlUtil;</pre></td></tr> |
| <tr> <td class="numLine"> 26</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="keyword">import</span> com.google.enterprise.adaptor.secmgr.saml.SamlLogUtil;</pre></td></tr> |
| <tr> <td class="numLine"> 27</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> </pre></td></tr> |
| <tr> <td class="numLine"> 28</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="keyword">import</span> org.joda.time.DateTime;</pre></td></tr> |
| <tr> <td class="numLine"> 29</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="keyword">import</span> org.joda.time.DateTimeComparator;</pre></td></tr> |
| <tr> <td class="numLine"> 30</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="keyword">import</span> org.joda.time.DateTimeUtils;</pre></td></tr> |
| <tr> <td class="numLine"> 31</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="keyword">import</span> org.opensaml.saml2.core.Assertion;</pre></td></tr> |
| <tr> <td class="numLine"> 32</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="keyword">import</span> org.opensaml.saml2.core.Attribute;</pre></td></tr> |
| <tr> <td class="numLine"> 33</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="keyword">import</span> org.opensaml.saml2.core.AttributeStatement;</pre></td></tr> |
| <tr> <td class="numLine"> 34</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="keyword">import</span> org.opensaml.saml2.core.Audience;</pre></td></tr> |
| <tr> <td class="numLine"> 35</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="keyword">import</span> org.opensaml.saml2.core.AudienceRestriction;</pre></td></tr> |
| <tr> <td class="numLine"> 36</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="keyword">import</span> org.opensaml.saml2.core.Conditions;</pre></td></tr> |
| <tr> <td class="numLine"> 37</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="keyword">import</span> org.opensaml.saml2.core.Issuer;</pre></td></tr> |
| <tr> <td class="numLine"> 38</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="keyword">import</span> org.opensaml.saml2.core.NameIDType;</pre></td></tr> |
| <tr> <td class="numLine"> 39</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="keyword">import</span> org.opensaml.saml2.core.Response;</pre></td></tr> |
| <tr> <td class="numLine"> 40</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="keyword">import</span> org.opensaml.saml2.core.Subject;</pre></td></tr> |
| <tr> <td class="numLine"> 41</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="keyword">import</span> org.opensaml.saml2.core.SubjectConfirmation;</pre></td></tr> |
| <tr> <td class="numLine"> 42</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="keyword">import</span> org.opensaml.saml2.core.SubjectConfirmationData;</pre></td></tr> |
| <tr> <td class="numLine"> 43</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="keyword">import</span> org.opensaml.xml.XMLObject;</pre></td></tr> |
| <tr> <td class="numLine"> 44</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> </pre></td></tr> |
| <tr> <td class="numLine"> 45</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="keyword">import</span> java.io.IOException;</pre></td></tr> |
| <tr> <td class="numLine"> 46</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="keyword">import</span> java.util.List;</pre></td></tr> |
| <tr> <td class="numLine"> 47</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="keyword">import</span> java.util.logging.Level;</pre></td></tr> |
| <tr> <td class="numLine"> 48</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="keyword">import</span> java.util.logging.Logger;</pre></td></tr> |
| <tr> <td class="numLine"> 49</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> </pre></td></tr> |
| <tr> <td class="numLine"> 50</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="keyword">import</span> javax.annotation.concurrent.Immutable;</pre></td></tr> |
| <tr> <td class="numLine"> 51</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> </pre></td></tr> |
| <tr> <td class="numLine"> 52</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment">/**</span></pre></td></tr> |
| <tr> <td class="numLine"> 53</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> * A parser to disassemble and validate a SAML Response element.</span></pre></td></tr> |
| <tr> <td class="numLine"> 54</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> */</span></pre></td></tr> |
| <tr> <td class="numLine"> 55</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> @Immutable</pre></td></tr> |
| <tr> <td class="numLineCover"> 56</td> <td class="nbHitsCovered"> 8</td> <td class="src"><pre class="src"> <span class="keyword">public</span> <span class="keyword">final</span> <span class="keyword">class</span> ResponseParser {</pre></td></tr> |
| <tr> <td class="numLineCover"> 57</td> <td class="nbHitsCovered"> 1</td> <td class="src"><pre class="src"> <span class="keyword">private</span> <span class="keyword">static</span> <span class="keyword">final</span> Logger LOGGER = Logger.getLogger(ResponseParser.<span class="keyword">class</span>.getName());</pre></td></tr> |
| <tr> <td class="numLineCover"> 58</td> <td class="nbHitsCovered"> 1</td> <td class="src"><pre class="src"> <span class="keyword">private</span> <span class="keyword">static</span> <span class="keyword">final</span> DateTimeComparator dtComparator = DateTimeComparator.getInstance();</pre></td></tr> |
| <tr> <td class="numLine"> 59</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> </pre></td></tr> |
| <tr> <td class="numLine"> 60</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="keyword">private</span> <span class="keyword">final</span> SamlClient client;</pre></td></tr> |
| <tr> <td class="numLine"> 61</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="keyword">private</span> <span class="keyword">final</span> String recipient;</pre></td></tr> |
| <tr> <td class="numLine"> 62</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="keyword">private</span> <span class="keyword">final</span> Response response;</pre></td></tr> |
| <tr> <td class="numLine"> 63</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="keyword">private</span> <span class="keyword">final</span> String sessionId;</pre></td></tr> |
| <tr> <td class="numLine"> 64</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="keyword">private</span> <span class="keyword">final</span> <span class="keyword">long</span> now;</pre></td></tr> |
| <tr> <td class="numLine"> 65</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="keyword">private</span> <span class="keyword">final</span> Assertion assertion;</pre></td></tr> |
| <tr> <td class="numLine"> 66</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> </pre></td></tr> |
| <tr> <td class="numLineCover"> 67</td> <td class="nbHitsCovered"> 5</td> <td class="src"><pre class="src"> <span class="keyword">private</span> ResponseParser(SamlClient client, String recipient, Response response, String sessionId) {</pre></td></tr> |
| <tr> <td class="numLineCover"> 68</td> <td class="nbHitsCovered"> 5</td> <td class="src"><pre class="src"> <span class="keyword">this</span>.client = client;</pre></td></tr> |
| <tr> <td class="numLineCover"> 69</td> <td class="nbHitsCovered"> 5</td> <td class="src"><pre class="src"> <span class="keyword">this</span>.recipient = recipient;</pre></td></tr> |
| <tr> <td class="numLineCover"> 70</td> <td class="nbHitsCovered"> 5</td> <td class="src"><pre class="src"> <span class="keyword">this</span>.response = response;</pre></td></tr> |
| <tr> <td class="numLineCover"> 71</td> <td class="nbHitsCovered"> 5</td> <td class="src"><pre class="src"> <span class="keyword">this</span>.sessionId = sessionId;</pre></td></tr> |
| <tr> <td class="numLineCover"> 72</td> <td class="nbHitsCovered"> 5</td> <td class="src"><pre class="src"> <span class="keyword">this</span>.now = DateTimeUtils.currentTimeMillis();</pre></td></tr> |
| <tr> <td class="numLineCover"> 73</td> <td class="nbHitsCovered"> 5</td> <td class="src"><pre class="src"> <span class="keyword">this</span>.assertion = findSuitableAssertion();</pre></td></tr> |
| <tr> <td class="numLineCover"> 74</td> <td class="nbHitsCovered"> 5</td> <td class="src"><pre class="src"> }</pre></td></tr> |
| <tr> <td class="numLine"> 75</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> </pre></td></tr> |
| <tr> <td class="numLine"> 76</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="keyword">public</span> <span class="keyword">static</span> ResponseParser make(SamlClient client, String recipient, Response response,</pre></td></tr> |
| <tr> <td class="numLine"> 77</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> String sessionId) {</pre></td></tr> |
| <tr> <td class="numLineCover"> 78</td> <td class="nbHitsCovered"> 5</td> <td class="src"><pre class="src"> <span class="keyword">return</span> <span class="keyword">new</span> ResponseParser(client, recipient, response, sessionId);</pre></td></tr> |
| <tr> <td class="numLine"> 79</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> }</pre></td></tr> |
| <tr> <td class="numLine"> 80</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> </pre></td></tr> |
| <tr> <td class="numLine"> 81</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment">/** Log messages as info. */</span></pre></td></tr> |
| <tr> <td class="numLine"> 82</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="keyword">private</span> <span class="keyword">void</span> inform(String... messages) {</pre></td></tr> |
| <tr> <td class="numLineCover"> 83</td> <td class="nbHitsCovered"><a title="Line 83: Conditional coverage 100% (2/2)."> 8</a></td> <td class="src"><pre class="src"> <a title="Line 83: Conditional coverage 100% (2/2)."> <span class="keyword">for</span> (String message : messages) {</a></pre></td></tr> |
| <tr> <td class="numLineCover"> 84</td> <td class="nbHitsCovered"> 4</td> <td class="src"><pre class="src"> LOGGER.info(SecurityManagerUtil.sessionLogMessage(sessionId, message));</pre></td></tr> |
| <tr> <td class="numLine"> 85</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> }</pre></td></tr> |
| <tr> <td class="numLineCover"> 86</td> <td class="nbHitsCovered"> 4</td> <td class="src"><pre class="src"> }</pre></td></tr> |
| <tr> <td class="numLine"> 87</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> </pre></td></tr> |
| <tr> <td class="numLine"> 88</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment">/** Log messages as warnings. */</span></pre></td></tr> |
| <tr> <td class="numLine"> 89</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="keyword">private</span> <span class="keyword">void</span> warn(String... messages) {</pre></td></tr> |
| <tr> <td class="numLineCover"> 90</td> <td class="nbHitsCovered"><a title="Line 90: Conditional coverage 100% (2/2)."> 22</a></td> <td class="src"><pre class="src"> <a title="Line 90: Conditional coverage 100% (2/2)."> <span class="keyword">for</span> (String message : messages) {</a></pre></td></tr> |
| <tr> <td class="numLineCover"> 91</td> <td class="nbHitsCovered"> 11</td> <td class="src"><pre class="src"> LOGGER.warning(SecurityManagerUtil.sessionLogMessage(sessionId, message));</pre></td></tr> |
| <tr> <td class="numLine"> 92</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> }</pre></td></tr> |
| <tr> <td class="numLineCover"> 93</td> <td class="nbHitsCovered"> 11</td> <td class="src"><pre class="src"> }</pre></td></tr> |
| <tr> <td class="numLine"> 94</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> </pre></td></tr> |
| <tr> <td class="numLine"> 95</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment">/**</span></pre></td></tr> |
| <tr> <td class="numLine"> 96</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> * If condition is false then log messages as warnings.</span></pre></td></tr> |
| <tr> <td class="numLine"> 97</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> * <p></span></pre></td></tr> |
| <tr> <td class="numLine"> 98</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> * This method is used to modify a chain of &amp;&amp; boolean conditions.</span></pre></td></tr> |
| <tr> <td class="numLine"> 99</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> * For example:</span></pre></td></tr> |
| <tr> <td class="numLine"> 100</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> * <pre></span></pre></td></tr> |
| <tr> <td class="numLine"> 101</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> * return name != null</span></pre></td></tr> |
| <tr> <td class="numLine"> 102</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> * && isValidName(name)</span></pre></td></tr> |
| <tr> <td class="numLine"> 103</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> * && hasSession(name);</span></pre></td></tr> |
| <tr> <td class="numLine"> 104</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> * </pre></span></pre></td></tr> |
| <tr> <td class="numLine"> 105</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> * becomes:</span></pre></td></tr> |
| <tr> <td class="numLine"> 106</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> * <pre></span></pre></td></tr> |
| <tr> <td class="numLine"> 107</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> * return warnIfFalse(name != null, "Name is null")</span></pre></td></tr> |
| <tr> <td class="numLine"> 108</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> * && warnIfFalse(isValidName(name), "Invalid name: " + name)</span></pre></td></tr> |
| <tr> <td class="numLine"> 109</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> * && warnIfFalse(hasSession(name), "Missing session for: " + name);</span></pre></td></tr> |
| <tr> <td class="numLine"> 110</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> * </pre></span></pre></td></tr> |
| <tr> <td class="numLine"> 111</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> * <p></span></pre></td></tr> |
| <tr> <td class="numLine"> 112</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> * @return value of condition</span></pre></td></tr> |
| <tr> <td class="numLine"> 113</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> */</span></pre></td></tr> |
| <tr> <td class="numLine"> 114</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="keyword">private</span> <span class="keyword">boolean</span> warnIfFalse(<span class="keyword">boolean</span> condition, String ... messages) {</pre></td></tr> |
| <tr> <td class="numLineCover"> 115</td> <td class="nbHitsCovered"><a title="Line 115: Conditional coverage 100% (2/2)."> 158</a></td> <td class="src"><pre class="src"> <a title="Line 115: Conditional coverage 100% (2/2)."> <span class="keyword">if</span> (!condition) {</a></pre></td></tr> |
| <tr> <td class="numLineCover"> 116</td> <td class="nbHitsCovered"> 7</td> <td class="src"><pre class="src"> warn(messages);</pre></td></tr> |
| <tr> <td class="numLine"> 117</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> }</pre></td></tr> |
| <tr> <td class="numLineCover"> 118</td> <td class="nbHitsCovered"> 158</td> <td class="src"><pre class="src"> <span class="keyword">return</span> condition;</pre></td></tr> |
| <tr> <td class="numLine"> 119</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> }</pre></td></tr> |
| <tr> <td class="numLine"> 120</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> </pre></td></tr> |
| <tr> <td class="numLine"> 121</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment">// to avoid having 3 try/catch loops in findSuitableAssertionHelper</span></pre></td></tr> |
| <tr> <td class="numLine"> 122</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="keyword">private</span> Assertion findSuitableAssertion() {</pre></td></tr> |
| <tr> <td class="numLine"> 123</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="keyword">try</span> {</pre></td></tr> |
| <tr> <td class="numLineCover"> 124</td> <td class="nbHitsCovered"> 5</td> <td class="src"><pre class="src"> <span class="keyword">return</span> findSuitableAssertionHelper();</pre></td></tr> |
| <tr> <td class="numLineCover"> 125</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> } <span class="keyword">catch</span> (IOException e) {</span></pre></td></tr> |
| <tr> <td class="numLineCover"> 126</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> LOGGER.log(Level.WARNING, <span class="string">"An error occurred but logger could not parse "</span></span></pre></td></tr> |
| <tr> <td class="numLine"> 127</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> + <span class="string">"the SamlResponse object."</span>, e);</pre></td></tr> |
| <tr> <td class="numLineCover"> 128</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> <span class="keyword">return</span> <span class="keyword">null</span>;</span></pre></td></tr> |
| <tr> <td class="numLine"> 129</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> }</pre></td></tr> |
| <tr> <td class="numLine"> 130</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> }</pre></td></tr> |
| <tr> <td class="numLine"> 131</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> </pre></td></tr> |
| <tr> <td class="numLine"> 132</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment">// TODO(cph): This logic is inadequate, but more or less the same as what the</span></pre></td></tr> |
| <tr> <td class="numLine"> 133</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment">// GSA does. Instead of trying to find a single valid assertion, we should</span></pre></td></tr> |
| <tr> <td class="numLine"> 134</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment">// analyze the assertions as a whole and combine their content. The SAML spec</span></pre></td></tr> |
| <tr> <td class="numLine"> 135</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment">// allows the IdP to include arbitrary numbers of assertions, and with each</span></pre></td></tr> |
| <tr> <td class="numLine"> 136</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment">// assertion an arbitrary number of statements. The spec explicitly states</span></pre></td></tr> |
| <tr> <td class="numLine"> 137</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment">// that an assertion with multiple statements is completely equivalent to</span></pre></td></tr> |
| <tr> <td class="numLine"> 138</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment">// multiple assertions, each with a single statement (provided the other parts</span></pre></td></tr> |
| <tr> <td class="numLine"> 139</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment">// of the assertions match one another). It's the responsibility of the</span></pre></td></tr> |
| <tr> <td class="numLine"> 140</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment">// relying party (us) to make sense of the information in whatever form the</span></pre></td></tr> |
| <tr> <td class="numLine"> 141</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment">// IdP sends it.</span></pre></td></tr> |
| <tr> <td class="numLine"> 142</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="keyword">private</span> Assertion findSuitableAssertionHelper() <span class="keyword">throws</span> IOException {</pre></td></tr> |
| <tr> <td class="numLineCover"> 143</td> <td class="nbHitsCovered"><a title="Line 143: Conditional coverage 100% (2/2)."> 5</a></td> <td class="src"><pre class="src"> <a title="Line 143: Conditional coverage 100% (2/2)."> <span class="keyword">if</span> (response.getAssertions().isEmpty()) {</a></pre></td></tr> |
| <tr> <td class="numLineCover"> 144</td> <td class="nbHitsCovered"> 1</td> <td class="src"><pre class="src"> warn(SamlLogUtil.xmlMessage(</pre></td></tr> |
| <tr> <td class="numLine"> 145</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="string">"Received no assertions in this response."</span>, response));</pre></td></tr> |
| <tr> <td class="numLine"> 146</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> }</pre></td></tr> |
| <tr> <td class="numLine"> 147</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> </pre></td></tr> |
| <tr> <td class="numLineCover"> 148</td> <td class="nbHitsCovered"><a title="Line 148: Conditional coverage 100% (2/2)."> 5</a></td> <td class="src"><pre class="src"> <a title="Line 148: Conditional coverage 100% (2/2)."> <span class="keyword">for</span> (Assertion assertion : response.getAssertions()) {</a></pre></td></tr> |
| <tr> <td class="numLineCover"> 149</td> <td class="nbHitsCovered"><a title="Line 149: Conditional coverage 100% (2/2)."> 4</a></td> <td class="src"><pre class="src"> <a title="Line 149: Conditional coverage 100% (2/2)."> <span class="keyword">if</span> (isAssertionValid(assertion)) {</a></pre></td></tr> |
| <tr> <td class="numLineCover"> 150</td> <td class="nbHitsCovered"> 3</td> <td class="src"><pre class="src"> <span class="keyword">return</span> assertion;</pre></td></tr> |
| <tr> <td class="numLine"> 151</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> }</pre></td></tr> |
| <tr> <td class="numLineCover"> 152</td> <td class="nbHitsCovered"> 1</td> <td class="src"><pre class="src"> warn(SamlLogUtil.xmlMessage(</pre></td></tr> |
| <tr> <td class="numLine"> 153</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="string">"Rejected assertion because it was invalid"</span>, assertion));</pre></td></tr> |
| <tr> <td class="numLine"> 154</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> }</pre></td></tr> |
| <tr> <td class="numLineCover"> 155</td> <td class="nbHitsCovered"> 2</td> <td class="src"><pre class="src"> warn(SamlLogUtil.xmlMessage(</pre></td></tr> |
| <tr> <td class="numLine"> 156</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="string">"Could not find a valid assertion for this response"</span>, response));</pre></td></tr> |
| <tr> <td class="numLineCover"> 157</td> <td class="nbHitsCovered"> 2</td> <td class="src"><pre class="src"> <span class="keyword">return</span> <span class="keyword">null</span>;</pre></td></tr> |
| <tr> <td class="numLine"> 158</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> }</pre></td></tr> |
| <tr> <td class="numLine"> 159</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> </pre></td></tr> |
| <tr> <td class="numLine"> 160</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment">/**</span></pre></td></tr> |
| <tr> <td class="numLine"> 161</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> * Is the response element valid?</span></pre></td></tr> |
| <tr> <td class="numLine"> 162</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> */</span></pre></td></tr> |
| <tr> <td class="numLine"> 163</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="keyword">public</span> <span class="keyword">boolean</span> isResponseValid() {</pre></td></tr> |
| <tr> <td class="numLineCover"> 164</td> <td class="nbHitsCovered"> 5</td> <td class="src"><pre class="src"> Issuer issuer = response.getIssuer();</pre></td></tr> |
| <tr> <td class="numLineCover"> 165</td> <td class="nbHitsUncovered"><a title="Line 165: Conditional coverage 75% (3/4) [each condition: 100%, 50%]."> 5</a></td> <td class="src"><pre class="src"><span class="srcUncovered"> <a title="Line 165: Conditional coverage 75% (3/4) [each condition: 100%, 50%]."> <span class="keyword">return</span> issuer == <span class="keyword">null</span> || isValidIssuer(issuer);</a></span></pre></td></tr> |
| <tr> <td class="numLine"> 166</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> }</pre></td></tr> |
| <tr> <td class="numLine"> 167</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> </pre></td></tr> |
| <tr> <td class="numLine"> 168</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment">/**</span></pre></td></tr> |
| <tr> <td class="numLine"> 169</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> * Get the response status code.</span></pre></td></tr> |
| <tr> <td class="numLine"> 170</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> * Must satisfy {@link #isResponseValid} prior to calling.</span></pre></td></tr> |
| <tr> <td class="numLine"> 171</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> */</span></pre></td></tr> |
| <tr> <td class="numLine"> 172</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="keyword">public</span> String getResponseStatus() {</pre></td></tr> |
| <tr> <td class="numLineCover"> 173</td> <td class="nbHitsCovered"> 4</td> <td class="src"><pre class="src"> <span class="keyword">return</span> response.getStatus().getStatusCode().getValue();</pre></td></tr> |
| <tr> <td class="numLine"> 174</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> }</pre></td></tr> |
| <tr> <td class="numLine"> 175</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> </pre></td></tr> |
| <tr> <td class="numLine"> 176</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment">/**</span></pre></td></tr> |
| <tr> <td class="numLine"> 177</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> * Are the assertions contained in this response valid?</span></pre></td></tr> |
| <tr> <td class="numLine"> 178</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> * Meaningful only when response status is "success".</span></pre></td></tr> |
| <tr> <td class="numLine"> 179</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> */</span></pre></td></tr> |
| <tr> <td class="numLine"> 180</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="keyword">public</span> <span class="keyword">boolean</span> areAssertionsValid() {</pre></td></tr> |
| <tr> <td class="numLineCover"> 181</td> <td class="nbHitsCovered"><a title="Line 181: Conditional coverage 100% (2/2)."> 3</a></td> <td class="src"><pre class="src"> <a title="Line 181: Conditional coverage 100% (2/2)."> <span class="keyword">return</span> assertion != <span class="keyword">null</span>;</a></pre></td></tr> |
| <tr> <td class="numLine"> 182</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> }</pre></td></tr> |
| <tr> <td class="numLine"> 183</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> </pre></td></tr> |
| <tr> <td class="numLine"> 184</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment">/**</span></pre></td></tr> |
| <tr> <td class="numLine"> 185</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> * Get the asserted subject.</span></pre></td></tr> |
| <tr> <td class="numLine"> 186</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> * Must satisfy {@link #areAssertionsValid} prior to calling.</span></pre></td></tr> |
| <tr> <td class="numLine"> 187</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> */</span></pre></td></tr> |
| <tr> <td class="numLine"> 188</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="keyword">public</span> String getSubject() {</pre></td></tr> |
| <tr> <td class="numLineCover"> 189</td> <td class="nbHitsCovered"> 2</td> <td class="src"><pre class="src"> <span class="keyword">return</span> assertion.getSubject().getNameID().getValue();</pre></td></tr> |
| <tr> <td class="numLine"> 190</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> }</pre></td></tr> |
| <tr> <td class="numLine"> 191</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> </pre></td></tr> |
| <tr> <td class="numLine"> 192</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment">/**</span></pre></td></tr> |
| <tr> <td class="numLine"> 193</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> * Get the expiration time for the subject verification.</span></pre></td></tr> |
| <tr> <td class="numLine"> 194</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> * Must satisfy {@link #areAssertionsValid} prior to calling.</span></pre></td></tr> |
| <tr> <td class="numLine"> 195</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> *</span></pre></td></tr> |
| <tr> <td class="numLine"> 196</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> * @return The expiration time, or null if there is none.</span></pre></td></tr> |
| <tr> <td class="numLine"> 197</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> */</span></pre></td></tr> |
| <tr> <td class="numLine"> 198</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="keyword">public</span> DateTime getExpirationTime() {</pre></td></tr> |
| <tr> <td class="numLineCover"> 199</td> <td class="nbHitsCovered"> 2</td> <td class="src"><pre class="src"> DateTime time1 = assertion.getConditions().getNotOnOrAfter();</pre></td></tr> |
| <tr> <td class="numLineCover"> 200</td> <td class="nbHitsCovered"> 2</td> <td class="src"><pre class="src"> List<SubjectConfirmation> confirmations = assertion.getSubject().getSubjectConfirmations();</pre></td></tr> |
| <tr> <td class="numLineCover"> 201</td> <td class="nbHitsUncovered"><a title="Line 201: Conditional coverage 50% (1/2)."> 2</a></td> <td class="src"><pre class="src"><span class="srcUncovered"> <a title="Line 201: Conditional coverage 50% (1/2)."> <span class="keyword">if</span> (confirmations.isEmpty()) {</a></span></pre></td></tr> |
| <tr> <td class="numLineCover"> 202</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> <span class="keyword">return</span> time1;</span></pre></td></tr> |
| <tr> <td class="numLine"> 203</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> }</pre></td></tr> |
| <tr> <td class="numLineCover"> 204</td> <td class="nbHitsCovered"> 2</td> <td class="src"><pre class="src"> DateTime time2 = Iterables.find(confirmations, bearerPredicate)</pre></td></tr> |
| <tr> <td class="numLine"> 205</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> .getSubjectConfirmationData()</pre></td></tr> |
| <tr> <td class="numLine"> 206</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> .getNotOnOrAfter();</pre></td></tr> |
| <tr> <td class="numLineCover"> 207</td> <td class="nbHitsUncovered"><a title="Line 207: Conditional coverage 25% (1/4) [each condition: 50%, 0%]."> 2</a></td> <td class="src"><pre class="src"><span class="srcUncovered"> <a title="Line 207: Conditional coverage 25% (1/4) [each condition: 50%, 0%]."> <span class="keyword">return</span> (time1 == <span class="keyword">null</span> || dtComparator.compare(time1, time2) > 0) ? time2 : time1;</a></span></pre></td></tr> |
| <tr> <td class="numLine"> 208</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> }</pre></td></tr> |
| <tr> <td class="numLine"> 209</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> </pre></td></tr> |
| <tr> <td class="numLine"> 210</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment">/**</span></pre></td></tr> |
| <tr> <td class="numLine"> 211</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> * Gets an exported-state object. This information is a security manager</span></pre></td></tr> |
| <tr> <td class="numLine"> 212</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> * extension. Must satisfy {@link #areAssertionsValid} prior to calling.</span></pre></td></tr> |
| <tr> <td class="numLine"> 213</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> */</span></pre></td></tr> |
| <tr> <td class="numLine"> 214</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="keyword">public</span> ExportedState getExportedState() {</pre></td></tr> |
| <tr> <td class="numLineCover"> 215</td> <td class="nbHitsCovered"> 2</td> <td class="src"><pre class="src"> <span class="keyword">return</span> getExportedState(assertion);</pre></td></tr> |
| <tr> <td class="numLine"> 216</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> }</pre></td></tr> |
| <tr> <td class="numLine"> 217</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> </pre></td></tr> |
| <tr> <td class="numLine"> 218</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment">/**</span></pre></td></tr> |
| <tr> <td class="numLine"> 219</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> * Gets an exported-state object from a given assertion. This information is</span></pre></td></tr> |
| <tr> <td class="numLine"> 220</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> * a security manager extension.</span></pre></td></tr> |
| <tr> <td class="numLine"> 221</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> *</span></pre></td></tr> |
| <tr> <td class="numLine"> 222</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> * @param assertion The assertion to get the identities from.</span></pre></td></tr> |
| <tr> <td class="numLine"> 223</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> * @return A exported-state object, or {@code null} if there's none.</span></pre></td></tr> |
| <tr> <td class="numLine"> 224</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> */</span></pre></td></tr> |
| <tr> <td class="numLine"> 225</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> @VisibleForTesting</pre></td></tr> |
| <tr> <td class="numLine"> 226</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="keyword">public</span> <span class="keyword">static</span> ExportedState getExportedState(Assertion assertion) {</pre></td></tr> |
| <tr> <td class="numLineCover"> 227</td> <td class="nbHitsCovered"><a title="Line 227: Conditional coverage 100% (2/2)."> 2</a></td> <td class="src"><pre class="src"> <a title="Line 227: Conditional coverage 100% (2/2)."> <span class="keyword">for</span> (AttributeStatement attributeStatement : assertion.getAttributeStatements()) {</a></pre></td></tr> |
| <tr> <td class="numLineCover"> 228</td> <td class="nbHitsUncovered"><a title="Line 228: Conditional coverage 50% (1/2)."> 1</a></td> <td class="src"><pre class="src"><span class="srcUncovered"> <a title="Line 228: Conditional coverage 50% (1/2)."> <span class="keyword">for</span> (Attribute attribute : attributeStatement.getAttributes()) {</a></span></pre></td></tr> |
| <tr> <td class="numLineCover"> 229</td> <td class="nbHitsUncovered"><a title="Line 229: Conditional coverage 50% (1/2)."> 1</a></td> <td class="src"><pre class="src"><span class="srcUncovered"> <a title="Line 229: Conditional coverage 50% (1/2)."> <span class="keyword">if</span> (ExportedState.ATTRIBUTE_NAME.equals(attribute.getName())) {</a></span></pre></td></tr> |
| <tr> <td class="numLineCover"> 230</td> <td class="nbHitsCovered"> 1</td> <td class="src"><pre class="src"> List<XMLObject> attributeValues = attribute.getAttributeValues();</pre></td></tr> |
| <tr> <td class="numLineCover"> 231</td> <td class="nbHitsUncovered"><a title="Line 231: Conditional coverage 50% (1/2)."> 1</a></td> <td class="src"><pre class="src"><span class="srcUncovered"> <a title="Line 231: Conditional coverage 50% (1/2)."> <span class="keyword">if</span> (attributeValues.size() == 1) {</a></span></pre></td></tr> |
| <tr> <td class="numLineCover"> 232</td> <td class="nbHitsCovered"> 1</td> <td class="src"><pre class="src"> XMLObject attributeValue = attributeValues.get(0);</pre></td></tr> |
| <tr> <td class="numLineCover"> 233</td> <td class="nbHitsCovered"> 1</td> <td class="src"><pre class="src"> String textContent = attributeValue.getDOM().getTextContent();</pre></td></tr> |
| <tr> <td class="numLineCover"> 234</td> <td class="nbHitsCovered"> 1</td> <td class="src"><pre class="src"> <span class="keyword">return</span> ExportedState.fromJsonString(textContent);</pre></td></tr> |
| <tr> <td class="numLine"> 235</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> }</pre></td></tr> |
| <tr> <td class="numLineCover"> 236</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> }</span></pre></td></tr> |
| <tr> <td class="numLine"> 237</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> }</pre></td></tr> |
| <tr> <td class="numLine"> 238</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> }</pre></td></tr> |
| <tr> <td class="numLineCover"> 239</td> <td class="nbHitsCovered"> 1</td> <td class="src"><pre class="src"> <span class="keyword">return</span> <span class="keyword">null</span>;</pre></td></tr> |
| <tr> <td class="numLine"> 240</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> }</pre></td></tr> |
| <tr> <td class="numLine"> 241</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> </pre></td></tr> |
| <tr> <td class="numLine"> 242</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment">/**</span></pre></td></tr> |
| <tr> <td class="numLine"> 243</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> * Get any groups that are provided by the assertions.</span></pre></td></tr> |
| <tr> <td class="numLine"> 244</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> * This information is a security manager extension.</span></pre></td></tr> |
| <tr> <td class="numLine"> 245</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> * Must satisfy {@link #areAssertionsValid} prior to calling.</span></pre></td></tr> |
| <tr> <td class="numLine"> 246</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> */</span></pre></td></tr> |
| <tr> <td class="numLine"> 247</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="keyword">public</span> ImmutableSet<String> getGroups() {</pre></td></tr> |
| <tr> <td class="numLineCover"> 248</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> <span class="keyword">return</span> getGroups(assertion);</span></pre></td></tr> |
| <tr> <td class="numLine"> 249</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> }</pre></td></tr> |
| <tr> <td class="numLine"> 250</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> </pre></td></tr> |
| <tr> <td class="numLine"> 251</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment">/**</span></pre></td></tr> |
| <tr> <td class="numLine"> 252</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> * Gets any groups that are provided by a given assertion. This information</span></pre></td></tr> |
| <tr> <td class="numLine"> 253</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> * is a security manager extension.</span></pre></td></tr> |
| <tr> <td class="numLine"> 254</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> *</span></pre></td></tr> |
| <tr> <td class="numLine"> 255</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> * @param assertion An assertion to get the groups from.</span></pre></td></tr> |
| <tr> <td class="numLine"> 256</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> * @return An immutable set of the groups found; may be empty.</span></pre></td></tr> |
| <tr> <td class="numLine"> 257</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> */</span></pre></td></tr> |
| <tr> <td class="numLine"> 258</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> @VisibleForTesting</pre></td></tr> |
| <tr> <td class="numLine"> 259</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="keyword">public</span> <span class="keyword">static</span> ImmutableSet<String> getGroups(Assertion assertion) {</pre></td></tr> |
| <tr> <td class="numLineCover"> 260</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> ExportedState state = getExportedState(assertion);</span></pre></td></tr> |
| <tr> <td class="numLineCover"> 261</td> <td class="nbHitsUncovered"><a title="Line 261: Conditional coverage 0% (0/2)."> 0</a></td> <td class="src"><pre class="src"><span class="srcUncovered"> <a title="Line 261: Conditional coverage 0% (0/2)."> <span class="keyword">return</span> (state != <span class="keyword">null</span>)</a></span></pre></td></tr> |
| <tr> <td class="numLine"> 262</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> ? state.getPviCredentials().getGroups()</pre></td></tr> |
| <tr> <td class="numLine"> 263</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> : ImmutableSet.<String>of();</pre></td></tr> |
| <tr> <td class="numLine"> 264</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> }</pre></td></tr> |
| <tr> <td class="numLine"> 265</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> </pre></td></tr> |
| <tr> <td class="numLine"> 266</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment">// **************** Validation primitives ****************</span></pre></td></tr> |
| <tr> <td class="numLine"> 267</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> </pre></td></tr> |
| <tr> <td class="numLine"> 268</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="keyword">private</span> <span class="keyword">boolean</span> isAssertionValid(Assertion assertion) {</pre></td></tr> |
| <tr> <td class="numLineCover"> 269</td> <td class="nbHitsCovered"> 4</td> <td class="src"><pre class="src"> String validityDescription</pre></td></tr> |
| <tr> <td class="numLine"> 270</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> = <span class="string">"is empty (of statements): "</span> + assertion.getAuthnStatements().isEmpty()</pre></td></tr> |
| <tr> <td class="numLine"> 271</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> + <span class="string">", assertion issuer: "</span> + assertion.getIssuer()</pre></td></tr> |
| <tr> <td class="numLine"> 272</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> + <span class="string">", is valid issuer: "</span> + isValidIssuer(assertion.getIssuer())</pre></td></tr> |
| <tr> <td class="numLine"> 273</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> + <span class="string">", is valid subject: "</span> + isValidSubject(assertion.getSubject())</pre></td></tr> |
| <tr> <td class="numLine"> 274</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> + <span class="string">", are valid conditions: "</span> + isValidConditions(assertion.getConditions());</pre></td></tr> |
| <tr> <td class="numLineCover"> 275</td> <td class="nbHitsCovered"> 4</td> <td class="src"><pre class="src"> inform(validityDescription);</pre></td></tr> |
| <tr> <td class="numLine"> 276</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> </pre></td></tr> |
| <tr> <td class="numLineCover"> 277</td> <td class="nbHitsUncovered"><a title="Line 277: Conditional coverage 60% (6/10) [each condition: 50%, 50%, 50%, 100%, 50%]."> 4</a></td> <td class="src"><pre class="src"><span class="srcUncovered"> <a title="Line 277: Conditional coverage 60% (6/10) [each condition: 50%, 50%, 50%, 100%, 50%]."> <span class="keyword">return</span> !assertion.getAuthnStatements().isEmpty()</a></span></pre></td></tr> |
| <tr> <td class="numLine"> 278</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> && (assertion.getIssuer() != <span class="keyword">null</span>)</pre></td></tr> |
| <tr> <td class="numLine"> 279</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> && isValidIssuer(assertion.getIssuer())</pre></td></tr> |
| <tr> <td class="numLine"> 280</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> && isValidSubject(assertion.getSubject())</pre></td></tr> |
| <tr> <td class="numLine"> 281</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> && isValidConditions(assertion.getConditions());</pre></td></tr> |
| <tr> <td class="numLine"> 282</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> }</pre></td></tr> |
| <tr> <td class="numLine"> 283</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> </pre></td></tr> |
| <tr> <td class="numLine"> 284</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="keyword">private</span> <span class="keyword">boolean</span> isValidIssuer(Issuer issuer) {</pre></td></tr> |
| <tr> <td class="numLineCover"> 285</td> <td class="nbHitsUncovered"><a title="Line 285: Conditional coverage 50% (4/8) [each condition: 50%, 0%, 50%, 100%]."> 9</a></td> <td class="src"><pre class="src"><span class="srcUncovered"> <a title="Line 285: Conditional coverage 50% (4/8) [each condition: 50%, 0%, 50%, 100%]."> <span class="keyword">return</span> warnIfFalse(issuer.getFormat() == <span class="keyword">null</span> || NameIDType.ENTITY.equals(issuer.getFormat()),</a></span></pre></td></tr> |
| <tr> <td class="numLine"> 286</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="string">"Issuer contains a format: "</span> + issuer.getFormat() +</pre></td></tr> |
| <tr> <td class="numLine"> 287</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="string">" but is not equal to expected format: "</span> + NameIDType.ENTITY)</pre></td></tr> |
| <tr> <td class="numLine"> 288</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> && warnIfFalse(client.getPeerEntity().getEntityID().equals(issuer.getValue()),</pre></td></tr> |
| <tr> <td class="numLine"> 289</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="string">"Issuer value: "</span> + issuer.getValue() + <span class="string">" is not equals to "</span></pre></td></tr> |
| <tr> <td class="numLine"> 290</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> + <span class="string">"expected value: "</span> + client.getPeerEntity().getEntityID());</pre></td></tr> |
| <tr> <td class="numLine"> 291</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> }</pre></td></tr> |
| <tr> <td class="numLine"> 292</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> </pre></td></tr> |
| <tr> <td class="numLine"> 293</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="keyword">private</span> <span class="keyword">boolean</span> isValidSubject(Subject subject) {</pre></td></tr> |
| <tr> <td class="numLineCover"> 294</td> <td class="nbHitsUncovered"><a title="Line 294: Conditional coverage 62% (5/8) [each condition: 50%, 50%, 50%, 100%]."> 8</a></td> <td class="src"><pre class="src"><span class="srcUncovered"> <a title="Line 294: Conditional coverage 62% (5/8) [each condition: 50%, 50%, 50%, 100%]."> <span class="keyword">return</span> warnIfFalse(subject != <span class="keyword">null</span>, <span class="string">"Subject is null."</span>)</a></span></pre></td></tr> |
| <tr> <td class="numLine"> 295</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> && warnIfFalse(hasValidId(subject), <span class="string">"Subject has an invalid ID."</span>)</pre></td></tr> |
| <tr> <td class="numLine"> 296</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> && warnIfFalse(areValidSubjectConfirmations(subject.getSubjectConfirmations()),</pre></td></tr> |
| <tr> <td class="numLine"> 297</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="string">"Subject does not have valid confirmations."</span>);</pre></td></tr> |
| <tr> <td class="numLine"> 298</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> }</pre></td></tr> |
| <tr> <td class="numLine"> 299</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> </pre></td></tr> |
| <tr> <td class="numLine"> 300</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment">// This is a security manager requirement; it's not mandated by the spec.</span></pre></td></tr> |
| <tr> <td class="numLine"> 301</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="keyword">private</span> <span class="keyword">boolean</span> hasValidId(Subject subject) {</pre></td></tr> |
| <tr> <td class="numLineCover"> 302</td> <td class="nbHitsUncovered"><a title="Line 302: Conditional coverage 50% (8/16) [each condition: 50%, 50%, 50%, 50%, 50%, 50%, 50%, 50%]."> 8</a></td> <td class="src"><pre class="src"><span class="srcUncovered"> <a title="Line 302: Conditional coverage 50% (8/16) [each condition: 50%, 50%, 50%, 50%, 50%, 50%, 50%, 50%]."> <span class="keyword">return</span> warnIfFalse(subject.getBaseID() == <span class="keyword">null</span>, <span class="string">"Subject BaseID is not null."</span>)</a></span></pre></td></tr> |
| <tr> <td class="numLine"> 303</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> && warnIfFalse(subject.getNameID() != <span class="keyword">null</span>, <span class="string">"Subject NameID is null"</span>)</pre></td></tr> |
| <tr> <td class="numLine"> 304</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> && warnIfFalse(!Strings.isNullOrEmpty(subject.getNameID().getValue()),</pre></td></tr> |
| <tr> <td class="numLine"> 305</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="string">"Subject NameID string is null or empty."</span>)</pre></td></tr> |
| <tr> <td class="numLine"> 306</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> && warnIfFalse(subject.getEncryptedID() == <span class="keyword">null</span>, <span class="string">"Subject contains an EncryptedID."</span>);</pre></td></tr> |
| <tr> <td class="numLine"> 307</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> }</pre></td></tr> |
| <tr> <td class="numLine"> 308</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> </pre></td></tr> |
| <tr> <td class="numLine"> 309</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="keyword">private</span> <span class="keyword">boolean</span> areValidSubjectConfirmations(List<SubjectConfirmation> confirmations) {</pre></td></tr> |
| <tr> <td class="numLineCover"> 310</td> <td class="nbHitsUncovered"><a title="Line 310: Conditional coverage 50% (1/2)."> 8</a></td> <td class="src"><pre class="src"><span class="srcUncovered"> <a title="Line 310: Conditional coverage 50% (1/2)."> <span class="keyword">if</span> (confirmations.isEmpty()) {</a></span></pre></td></tr> |
| <tr> <td class="numLine"> 311</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment">// This violates the SAML spec, but the GSA has historically ignored this</span></pre></td></tr> |
| <tr> <td class="numLine"> 312</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment">// information, so we must allow it.</span></pre></td></tr> |
| <tr> <td class="numLineCover"> 313</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> warn(<span class="string">"SAML assertion received without subject confirmation"</span>);</span></pre></td></tr> |
| <tr> <td class="numLineCover"> 314</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> <span class="keyword">return</span> <span class="keyword">true</span>;</span></pre></td></tr> |
| <tr> <td class="numLine"> 315</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> }</pre></td></tr> |
| <tr> <td class="numLineCover"> 316</td> <td class="nbHitsCovered"> 8</td> <td class="src"><pre class="src"> Iterable<SubjectConfirmation> bearers = Iterables.filter(confirmations, bearerPredicate);</pre></td></tr> |
| <tr> <td class="numLineCover"> 317</td> <td class="nbHitsUncovered"><a title="Line 317: Conditional coverage 66% (4/6) [each condition: 50%, 50%, 100%]."> 8</a></td> <td class="src"><pre class="src"><span class="srcUncovered"> <a title="Line 317: Conditional coverage 66% (4/6) [each condition: 50%, 50%, 100%]."> <span class="keyword">return</span> warnIfFalse(!Iterables.isEmpty(bearers), <span class="string">"SubjectConfirmations contains no bearers."</span>)</a></span></pre></td></tr> |
| <tr> <td class="numLine"> 318</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> && warnIfFalse(Iterables.all(bearers, validBearerPredicate),</pre></td></tr> |
| <tr> <td class="numLine"> 319</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="string">"SubjectConfirmations were invalid."</span>);</pre></td></tr> |
| <tr> <td class="numLine"> 320</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> }</pre></td></tr> |
| <tr> <td class="numLine"> 321</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> </pre></td></tr> |
| <tr> <td class="numLineCover"> 322</td> <td class="nbHitsCovered"> 5</td> <td class="src"><pre class="src"> <span class="keyword">private</span> Predicate<SubjectConfirmation> bearerPredicate =</pre></td></tr> |
| <tr> <td class="numLineCover"> 323</td> <td class="nbHitsCovered"> 23</td> <td class="src"><pre class="src"> <span class="keyword">new</span> Predicate<SubjectConfirmation>() {</pre></td></tr> |
| <tr> <td class="numLine"> 324</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="keyword">public</span> <span class="keyword">boolean</span> apply(SubjectConfirmation confirmation) {</pre></td></tr> |
| <tr> <td class="numLineCover"> 325</td> <td class="nbHitsCovered"> 18</td> <td class="src"><pre class="src"> <span class="keyword">return</span> OpenSamlUtil.BEARER_METHOD.equals(confirmation.getMethod());</pre></td></tr> |
| <tr> <td class="numLine"> 326</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> }</pre></td></tr> |
| <tr> <td class="numLine"> 327</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> };</pre></td></tr> |
| <tr> <td class="numLine"> 328</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> </pre></td></tr> |
| <tr> <td class="numLineCover"> 329</td> <td class="nbHitsCovered"> 5</td> <td class="src"><pre class="src"> <span class="keyword">private</span> Predicate<SubjectConfirmation> validBearerPredicate =</pre></td></tr> |
| <tr> <td class="numLineCover"> 330</td> <td class="nbHitsCovered"> 13</td> <td class="src"><pre class="src"> <span class="keyword">new</span> Predicate<SubjectConfirmation>() {</pre></td></tr> |
| <tr> <td class="numLine"> 331</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="keyword">public</span> <span class="keyword">boolean</span> apply(SubjectConfirmation bearer) {</pre></td></tr> |
| <tr> <td class="numLineCover"> 332</td> <td class="nbHitsCovered"> 8</td> <td class="src"><pre class="src"> <span class="keyword">return</span> isValidSubjectConfirmationData(bearer.getSubjectConfirmationData());</pre></td></tr> |
| <tr> <td class="numLine"> 333</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> }</pre></td></tr> |
| <tr> <td class="numLine"> 334</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> };</pre></td></tr> |
| <tr> <td class="numLine"> 335</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> </pre></td></tr> |
| <tr> <td class="numLine"> 336</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="keyword">private</span> <span class="keyword">boolean</span> isValidSubjectConfirmationData(SubjectConfirmationData data) {</pre></td></tr> |
| <tr> <td class="numLineCover"> 337</td> <td class="nbHitsUncovered"><a title="Line 337: Conditional coverage 66% (4/6) [each condition: 50%, 50%, 100%]."> 8</a></td> <td class="src"><pre class="src"><span class="srcUncovered"> <a title="Line 337: Conditional coverage 66% (4/6) [each condition: 50%, 50%, 100%]."> <span class="keyword">return</span> warnIfFalse(recipient.equals(data.getRecipient()),</a></span></pre></td></tr> |
| <tr> <td class="numLine"> 338</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="string">"SubjectConfirmationData - recipient not equals : "</span> + recipient +</pre></td></tr> |
| <tr> <td class="numLine"> 339</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="string">"but was instead: "</span> + data.getRecipient())</pre></td></tr> |
| <tr> <td class="numLine"> 340</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> && warnIfFalse(isValidExpiration(data.getNotOnOrAfter()), <span class="string">"Invalid expiration."</span>)</pre></td></tr> |
| <tr> <td class="numLine"> 341</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> && warnIfFalse(client.getRequestId().equals((data.getInResponseTo())),</pre></td></tr> |
| <tr> <td class="numLine"> 342</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="string">"Assertion inResponseTo: "</span> + data.getInResponseTo() +</pre></td></tr> |
| <tr> <td class="numLine"> 343</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="string">" was not equal to this client's RequestID: "</span> + client.getRequestId());</pre></td></tr> |
| <tr> <td class="numLine"> 344</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> }</pre></td></tr> |
| <tr> <td class="numLine"> 345</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> </pre></td></tr> |
| <tr> <td class="numLine"> 346</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="keyword">private</span> <span class="keyword">boolean</span> isValidExpiration(DateTime expiration) {</pre></td></tr> |
| <tr> <td class="numLineCover"> 347</td> <td class="nbHitsUncovered"><a title="Line 347: Conditional coverage 50% (3/6) [each condition: 50%, 50%, 50%]."> 8</a></td> <td class="src"><pre class="src"><span class="srcUncovered"> <a title="Line 347: Conditional coverage 50% (3/6) [each condition: 50%, 50%, 50%]."> <span class="keyword">return</span> warnIfFalse(expiration != <span class="keyword">null</span>, <span class="string">"Assertion expiration was null."</span>) &&</a></span></pre></td></tr> |
| <tr> <td class="numLine"> 348</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> warnIfFalse(SecurityManagerUtil.isRemoteOnOrAfterTimeValid(expiration.getMillis(), now),</pre></td></tr> |
| <tr> <td class="numLine"> 349</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="string">"The assertion's expiration time is invalid."</span>,</pre></td></tr> |
| <tr> <td class="numLine"> 350</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="string">"Security Manager Current Time: "</span> + <span class="keyword">new</span> DateTime(now).toString(),</pre></td></tr> |
| <tr> <td class="numLine"> 351</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="string">"Assertion expiration:"</span> + <span class="keyword">new</span> DateTime(expiration.getMillis()).toString());</pre></td></tr> |
| <tr> <td class="numLine"> 352</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> }</pre></td></tr> |
| <tr> <td class="numLine"> 353</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> </pre></td></tr> |
| <tr> <td class="numLine"> 354</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment">// TODO(cph): This code needs to handle <OneTimeUse> and <ProxyRestriction></span></pre></td></tr> |
| <tr> <td class="numLine"> 355</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment">// conditions.</span></pre></td></tr> |
| <tr> <td class="numLine"> 356</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="keyword">private</span> <span class="keyword">boolean</span> isValidConditions(Conditions conditions) {</pre></td></tr> |
| <tr> <td class="numLineCover"> 357</td> <td class="nbHitsUncovered"><a title="Line 357: Conditional coverage 50% (5/10) [each condition: 50%, 50%, 50%, 50%, 50%]."> 7</a></td> <td class="src"><pre class="src"><span class="srcUncovered"> <a title="Line 357: Conditional coverage 50% (5/10) [each condition: 50%, 50%, 50%, 50%, 50%]."> <span class="keyword">return</span> warnIfFalse(conditions != <span class="keyword">null</span>, <span class="string">"Assertion conditions was null."</span>)</a></span></pre></td></tr> |
| <tr> <td class="numLine"> 358</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> && warnIfFalse(isValidConditionNotBefore(conditions.getNotBefore()),</pre></td></tr> |
| <tr> <td class="numLine"> 359</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="string">"ConditionNotBefore is invalid: "</span> + conditions.getNotBefore())</pre></td></tr> |
| <tr> <td class="numLine"> 360</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> && warnIfFalse(isValidConditionNotOnOrAfter(conditions.getNotOnOrAfter()),</pre></td></tr> |
| <tr> <td class="numLine"> 361</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="string">"ConditionNotOnOrAfter is invalid: "</span> + conditions.getNotOnOrAfter())</pre></td></tr> |
| <tr> <td class="numLine"> 362</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> && warnIfFalse(isValidConditionAudienceRestrictions(conditions.getAudienceRestrictions()),</pre></td></tr> |
| <tr> <td class="numLine"> 363</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="string">"ConditionAudienceRestrictions is invalid: "</span> +</pre></td></tr> |
| <tr> <td class="numLine"> 364</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> conditions.getAudienceRestrictions());</pre></td></tr> |
| <tr> <td class="numLine"> 365</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> }</pre></td></tr> |
| <tr> <td class="numLine"> 366</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> </pre></td></tr> |
| <tr> <td class="numLine"> 367</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="keyword">private</span> <span class="keyword">boolean</span> isValidConditionNotBefore(DateTime notBefore) {</pre></td></tr> |
| <tr> <td class="numLineCover"> 368</td> <td class="nbHitsUncovered"><a title="Line 368: Conditional coverage 50% (2/4) [each condition: 50%, 50%]."> 7</a></td> <td class="src"><pre class="src"><span class="srcUncovered"> <a title="Line 368: Conditional coverage 50% (2/4) [each condition: 50%, 50%]."> <span class="keyword">return</span> notBefore == <span class="keyword">null</span> ||</a></span></pre></td></tr> |
| <tr> <td class="numLine"> 369</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> SecurityManagerUtil.isRemoteBeforeTimeValid(notBefore.getMillis(), now);</pre></td></tr> |
| <tr> <td class="numLine"> 370</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> }</pre></td></tr> |
| <tr> <td class="numLine"> 371</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> </pre></td></tr> |
| <tr> <td class="numLine"> 372</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="keyword">private</span> <span class="keyword">boolean</span> isValidConditionNotOnOrAfter(DateTime notOnOrAfter) {</pre></td></tr> |
| <tr> <td class="numLineCover"> 373</td> <td class="nbHitsUncovered"><a title="Line 373: Conditional coverage 25% (1/4) [each condition: 50%, 0%]."> 7</a></td> <td class="src"><pre class="src"><span class="srcUncovered"> <a title="Line 373: Conditional coverage 25% (1/4) [each condition: 50%, 0%]."> <span class="keyword">return</span> notOnOrAfter == <span class="keyword">null</span> ||</a></span></pre></td></tr> |
| <tr> <td class="numLine"> 374</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> SecurityManagerUtil.isRemoteOnOrAfterTimeValid(notOnOrAfter.getMillis(), now);</pre></td></tr> |
| <tr> <td class="numLine"> 375</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> }</pre></td></tr> |
| <tr> <td class="numLine"> 376</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> </pre></td></tr> |
| <tr> <td class="numLine"> 377</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="keyword">private</span> <span class="keyword">boolean</span> isValidConditionAudienceRestrictions(List<AudienceRestriction> restrictions) {</pre></td></tr> |
| <tr> <td class="numLineCover"> 378</td> <td class="nbHitsCovered"> 7</td> <td class="src"><pre class="src"> String localEntityId = client.getLocalEntity().getEntityID();</pre></td></tr> |
| <tr> <td class="numLineCover"> 379</td> <td class="nbHitsUncovered"><a title="Line 379: Conditional coverage 50% (1/2)."> 7</a></td> <td class="src"><pre class="src"><span class="srcUncovered"> <a title="Line 379: Conditional coverage 50% (1/2)."> <span class="keyword">for</span> (AudienceRestriction restriction : restrictions) {</a></span></pre></td></tr> |
| <tr> <td class="numLineCover"> 380</td> <td class="nbHitsUncovered"><a title="Line 380: Conditional coverage 50% (1/2)."> 7</a></td> <td class="src"><pre class="src"><span class="srcUncovered"> <a title="Line 380: Conditional coverage 50% (1/2)."> <span class="keyword">for</span> (Audience audience : restriction.getAudiences()) {</a></span></pre></td></tr> |
| <tr> <td class="numLineCover"> 381</td> <td class="nbHitsUncovered"><a title="Line 381: Conditional coverage 50% (1/2)."> 7</a></td> <td class="src"><pre class="src"><span class="srcUncovered"> <a title="Line 381: Conditional coverage 50% (1/2)."> <span class="keyword">if</span> (localEntityId.equals(audience.getAudienceURI())) {</a></span></pre></td></tr> |
| <tr> <td class="numLineCover"> 382</td> <td class="nbHitsCovered"> 7</td> <td class="src"><pre class="src"> <span class="keyword">return</span> <span class="keyword">true</span>;</pre></td></tr> |
| <tr> <td class="numLine"> 383</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> }</pre></td></tr> |
| <tr> <td class="numLine"> 384</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> }</pre></td></tr> |
| <tr> <td class="numLine"> 385</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> }</pre></td></tr> |
| <tr> <td class="numLineCover"> 386</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> <span class="keyword">return</span> <span class="keyword">false</span>;</span></pre></td></tr> |
| <tr> <td class="numLine"> 387</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> }</pre></td></tr> |
| <tr> <td class="numLine"> 388</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> }</pre></td></tr> |
| </table> |
| |
| <div class="footer">Report generated by <a href="http://cobertura.sourceforge.net/" target="_top">Cobertura</a> 1.9.4.1.</div> |
| </body> |
| </html> |