IDFedLSInputResolver.java
/*
* Copyright 2016 Red Hat, Inc. and/or its affiliates
* and other contributors as indicated by the @author tags.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.keycloak.saml.processing.core.util;
import org.keycloak.saml.common.util.SecurityActions;
import java.io.IOException;
import java.io.InputStream;
import java.io.Reader;
import java.net.URL;
import java.util.Collection;
import java.util.Collections;
import java.util.HashSet;
import java.util.LinkedHashMap;
import java.util.Map;
import org.jboss.logging.Logger;
import org.w3c.dom.ls.LSInput;
import org.w3c.dom.ls.LSResourceResolver;
/**
* An LSResource Resolver for schema validation
*
* @author Anil.Saldhana@redhat.com
* @since Jun 9, 2009
*/
public class IDFedLSInputResolver implements LSResourceResolver {
protected static final Logger logger = Logger.getLogger(IDFedLSInputResolver.class);
private static final Map<String, String> schemaLocationMap;
static {
Map<String, String> schemaLocations = new LinkedHashMap<>();
// XML Schema/DTD
schemaLocations.put("datatypes.dtd", "schema/w3c/xmlschema/datatypes.dtd");
schemaLocations.put("XMLSchema.dtd", "schema/w3c/xmlschema/XMLSchema.dtd");
schemaLocations.put("http://www.w3.org/2001/XMLSchema.dtd", "schema/w3c/xmlschema/XMLSchema.dtd");
schemaLocations.put("http://www.w3.org/2001/xml.xsd", "schema/w3c/xmlschema/xml.xsd");
// XML DSIG
schemaLocations.put("http://www.w3.org/2000/09/xmldsig#", "schema/w3c/xmldsig/xmldsig-core-schema.xsd");
schemaLocations.put("http://www.w3.org/TR/2002/REC-xmldsig-core-20020212/xmldsig-core-schema.xsd",
"schema/w3c/xmldsig/xmldsig-core-schema.xsd");
schemaLocations.put("http://www.w3.org/TR/xmldsig-core/xmldsig-core-schema.xsd", "schema/w3c/xmldsig/xmldsig-core-schema.xsd");
// XML Enc
schemaLocations.put("http://www.w3.org/2001/04/xmlenc#", "schema/w3c/xmlenc/xenc-schema.xsd");
schemaLocations.put("http://www.w3.org/TR/2002/REC-xmlenc-core-20021210/xenc-schema.xsd",
"schema/w3c/xmlenc/xenc-schema.xsd");
// XACML
schemaLocations.put("access_control-xacml-2.0-context-schema-os.xsd",
"schema/xacml/access_control-xacml-2.0-context-schema-os.xsd");
schemaLocations.put("http://docs.oasis-open.org/xacml/2.0/access_control-xacml-2.0-context-schema-os.xsd",
"schema/xacml/access_control-xacml-2.0-context-schema-os.xsd");
schemaLocations.put("access_control-xacml-2.0-policy-schema-os.xsd",
"schema/xacml/access_control-xacml-2.0-policy-schema-os.xsd");
// SAML
schemaLocations.put("saml-schema-assertion-2.0.xsd", "schema/saml/v2/saml-schema-assertion-2.0.xsd");
schemaLocations.put("http://www.oasis-open.org/committees/download.php/11027/sstc-saml-schema-assertion-2.0.xsd", "schema/saml/v2/saml-schema-assertion-2.0.xsd");
schemaLocations.put("saml-schema-protocol-2.0.xsd", "schema/saml/v2/saml-schema-protocol-2.0.xsd");
schemaLocations.put("http://www.oasis-open.org/committees/download.php/11026/sstc-saml-schema-protocol-2.0.xsd", "schema/saml/v2/saml-schema-protocol-2.0.xsd");
schemaLocations.put("saml-schema-metadata-2.0.xsd", "schema/saml/v2/saml-schema-metadata-2.0.xsd");
schemaLocations.put("saml-schema-x500-2.0.xsd", "schema/saml/v2/saml-schema-x500-2.0.xsd");
schemaLocations.put("saml-schema-xacml-2.0.xsd", "schema/saml/v2/saml-schema-xacml-2.0.xsd");
schemaLocations.put("saml-schema-xacml-2.0.xsd", "schema/saml/v2/saml-schema-xacml-2.0.xsd");
schemaLocations.put("saml-schema-authn-context-2.0.xsd", "schema/saml/v2/saml-schema-authn-context-2.0.xsd");
schemaLocations.put("saml-schema-authn-context-types-2.0.xsd",
"schema/saml/v2/saml-schema-authn-context-types-2.0.xsd");
schemaLocations.put("saml-schema-assertion-1.0.xsd", "schema/saml/v1/saml-schema-assertion-1.0.xsd");
schemaLocations.put("oasis-sstc-saml-schema-assertion-1.1.xsd",
"schema/saml/v1/oasis-sstc-saml-schema-assertion-1.1.xsd");
schemaLocations.put("saml-schema-protocol-1.1.xsd", "schema/saml/v1/saml-schema-protocol-1.1.xsd");
schemaLocations.put("access_control-xacml-2.0-saml-assertion-schema-os.xsd",
"schema/saml/v2/access_control-xacml-2.0-saml-assertion-schema-os.xsd");
schemaLocations.put("access_control-xacml-2.0-saml-protocol-schema-os.xsd",
"schema/saml/v2/access_control-xacml-2.0-saml-protocol-schema-os.xsd");
// WS-T
schemaLocations.put("http://docs.oasis-open.org/ws-sx/ws-trust/200512", "schema/wstrust/v1_3/ws-trust-1.3.xsd");
schemaLocations.put("http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd",
"schema/wstrust/v1_3/oasis-200401-wss-wssecurity-secext-1.0.xsd");
schemaLocations.put("http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd",
"schema/wstrust/v1_3/oasis-200401-wss-wssecurity-utility-1.0.xsd");
schemaLocations.put("http://schemas.xmlsoap.org/ws/2004/09/policy", "schema/wstrust/v1_3/ws-policy.xsd");
schemaLocations.put("http://schemas.xmlsoap.org/ws/2004/09/policy/ws-policy.xsd", "schema/wstrust/v1_3/ws-policy.xsd");
schemaLocations.put("http://www.w3.org/2005/08/addressing", "schema/wstrust/v1_3/ws-addr.xsd");
schemaLocations.put("http://www.w3.org/2006/03/addressing/ws-addr.xsd", "schema/wstrust/v1_3/ws-addr.xsd");
schemaLocationMap = Collections.unmodifiableMap(schemaLocations);
}
public static Collection<String> schemas() {
Collection<String> schemaValues = new HashSet<>(schemaLocationMap.values());
schemaValues.remove("schema/w3c/xmlschema/datatypes.dtd");
schemaValues.remove("schema/w3c/xmlschema/XMLSchema.dtd");
logger.info("Considered the schemas:" + schemaValues);
return schemaValues;
}
public IDFedLSInput resolveResource(String type, String namespaceURI, final String publicId, final String systemId, final String baseURI) {
if (systemId == null) {
throw new IllegalArgumentException("Expected systemId");
}
final String loc = schemaLocationMap.get(systemId);
if (loc == null) {
return null;
}
return new IDFedLSInput(baseURI, loc, publicId, systemId);
}
public static class IDFedLSInput implements LSInput {
private final String baseURI;
private final String loc;
private final String publicId;
private final String systemId;
public IDFedLSInput(String baseURI, String loc, String publicID, String systemID) {
this.baseURI = baseURI;
this.loc = loc;
this.publicId = publicID;
this.systemId = systemID;
}
public String getBaseURI() {
return baseURI;
}
public InputStream getByteStream() {
URL url = SecurityActions.loadResource(getClass(), loc);
InputStream is;
try {
is = url.openStream();
} catch (IOException e) {
throw new RuntimeException(e);
}
if (is == null) {
throw new RuntimeException("inputstream is null for " + loc);
}
return is;
}
public boolean getCertifiedText() {
return false;
}
public Reader getCharacterStream() {
return null;
}
public String getEncoding() {
return null;
}
public String getPublicId() {
return publicId;
}
public String getStringData() {
return null;
}
public String getSystemId() {
return systemId;
}
public void setBaseURI(String baseURI) {
}
public void setByteStream(InputStream byteStream) {
}
public void setCertifiedText(boolean certifiedText) {
}
public void setCharacterStream(Reader characterStream) {
}
public void setEncoding(String encoding) {
}
public void setPublicId(String publicId) {
}
public void setStringData(String stringData) {
}
public void setSystemId(String systemId) {
}
@Override
public String toString() {
return "IDFedLSInput [baseURI=" + baseURI + ", loc=" + loc + ", publicId=" + publicId + ", systemId="
+ systemId + "]";
}
}
}