| // Copyright 2014 Google Inc. All Rights Reserved. |
| // |
| // Licensed under the Apache License, Version 2.0 (the "License"); |
| // you may not use this file except in compliance with the License. |
| // You may obtain a copy of the License at |
| // |
| // http://www.apache.org/licenses/LICENSE-2.0 |
| // |
| // Unless required by applicable law or agreed to in writing, software |
| // distributed under the License is distributed on an "AS IS" BASIS, |
| // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
| // See the License for the specific language governing permissions and |
| // limitations under the License. |
| |
| package com.google.enterprise.adaptor.sharepoint; |
| |
| import com.google.common.annotations.VisibleForTesting; |
| import com.google.common.base.Strings; |
| import com.google.enterprise.adaptor.sharepoint.SamlAuthenticationHandler.HttpPostClient; |
| import com.google.enterprise.adaptor.sharepoint.SamlAuthenticationHandler.HttpPostClientImpl; |
| |
| import java.io.IOException; |
| import java.io.StringReader; |
| import java.net.URL; |
| import java.util.HashMap; |
| import java.util.Map; |
| import java.util.logging.Level; |
| import java.util.logging.Logger; |
| |
| import javax.xml.parsers.DocumentBuilder; |
| import javax.xml.parsers.DocumentBuilderFactory; |
| import javax.xml.parsers.ParserConfigurationException; |
| |
| import org.w3c.dom.DOMException; |
| import org.w3c.dom.Document; |
| import org.w3c.dom.NodeList; |
| import org.xml.sax.InputSource; |
| import org.xml.sax.SAXException; |
| |
| /** |
| * SamlHandshakeManager implementation for Live Authentication |
| * to request Live authentication token and extract authentication cookie. |
| */ |
| public class LiveAuthenticationHandshakeManager |
| extends AdfsHandshakeManager { |
| private static final Logger log |
| = Logger.getLogger(LiveAuthenticationHandshakeManager.class.getName()); |
| private static final String LIVE_STS |
| = "https://login.microsoftonline.com/extSTS.srf"; |
| private static final String LIVE_LOGIN_URL |
| = "/_forms/default.aspx?wa=wsignin1.0"; |
| |
| public static class Builder { |
| private final String username; |
| private final String password; |
| private final String sharePointUrl; |
| private String stsendpoint; |
| private final String stsrealm; |
| private final HttpPostClient httpClient; |
| private String login; |
| private String trustLocation; |
| |
| public Builder(String sharePointUrl, String username, String password) { |
| this(sharePointUrl, username, password, new HttpPostClientImpl()); |
| } |
| |
| @VisibleForTesting |
| Builder(String sharePointUrl, String username, String password, |
| HttpPostClient httpClient) { |
| if (sharePointUrl == null || username == null || password == null |
| || httpClient == null) { |
| throw new NullPointerException(); |
| } |
| this.sharePointUrl = sharePointUrl; |
| this.username = username; |
| this.password = password; |
| this.httpClient = httpClient; |
| this.login = sharePointUrl + LIVE_LOGIN_URL; |
| this.trustLocation = ""; |
| this.stsendpoint = LIVE_STS; |
| this.stsrealm = sharePointUrl; |
| } |
| |
| public Builder setLoginUrl(String login) { |
| this.login = login; |
| return this; |
| } |
| |
| public Builder setStsendpoint(String stsendpoint) { |
| this.stsendpoint = stsendpoint; |
| return this; |
| } |
| |
| public LiveAuthenticationHandshakeManager build() { |
| if (Strings.isNullOrEmpty(stsendpoint) || Strings.isNullOrEmpty(login)) { |
| throw new NullPointerException(); |
| } |
| return new LiveAuthenticationHandshakeManager(sharePointUrl, username, |
| password, stsendpoint, stsrealm, login, trustLocation, httpClient); |
| } |
| } |
| |
| private LiveAuthenticationHandshakeManager(String sharePointUrl, |
| String username, String password, String stsendpoint, String stsrealm, |
| String login, String trustLocation, HttpPostClient httpClient) { |
| super(sharePointUrl, username, password, stsendpoint, |
| stsrealm, login, trustLocation, httpClient); |
| } |
| |
| @Override |
| @VisibleForTesting |
| String extractToken(String tokenResponse) throws IOException { |
| if (tokenResponse == null) { |
| throw new IOException("tokenResponse is null"); |
| } |
| try { |
| DocumentBuilderFactory dbf = DocumentBuilderFactory.newInstance(); |
| dbf.setNamespaceAware(true); |
| DocumentBuilder db = dbf.newDocumentBuilder(); |
| Document document |
| = db.parse(new InputSource(new StringReader(tokenResponse))); |
| NodeList nodes |
| = document.getElementsByTagNameNS( |
| "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-" |
| + "wssecurity-secext-1.0.xsd", "BinarySecurityToken"); |
| if (nodes == null || nodes.getLength() == 0) { |
| log.log(Level.WARNING, "Live Authentication token not available" |
| + " in response {0}", tokenResponse); |
| throw new IOException( |
| "Live Authentication token not available in response"); |
| } |
| String token = nodes.item(0).getTextContent(); |
| log.log(Level.FINER, "Live Authentication Token {0}", token); |
| return token; |
| } catch (ParserConfigurationException ex) { |
| throw new IOException(ex); |
| } catch (SAXException ex) { |
| throw new IOException(ex); |
| } catch (DOMException ex) { |
| throw new IOException(ex); |
| } |
| } |
| |
| @Override |
| public String getAuthenticationCookie(String token) throws IOException { |
| URL u = new URL(login); |
| Map<String, String> requestProperties = new HashMap<String, String>(); |
| requestProperties.put("SOAPAction", stsendpoint); |
| SamlAuthenticationHandler.PostResponseInfo postResponse |
| = httpClient.issuePostRequest(u, requestProperties, token); |
| return postResponse.getPostResponseHeaderField("Set-Cookie"); |
| } |
| } |
