Add hooks to retrieve last-sent and last-received requests and responses

Author: pitbulk

core/src/main/java/com/onelogin/saml2/authn/AuthnRequest.java

@@ -131,7 +131,7 @@ public String getEncodedAuthnRequest() throws IOException {
 	/**
 	 * @return unsigned plain-text AuthnRequest. 
 	 */
-	protected String getAuthnRequestXml() {
+	public String getAuthnRequestXml() {
 		return authnRequestString;
 	}
 

core/src/main/java/com/onelogin/saml2/authn/SamlResponse.java

@@ -59,6 +59,12 @@ public class SamlResponse {
 	 * A DOMDocument object loaded from the SAML Response (Decrypted).
 	 */
 	private Document decryptedDocument;
+
+	/**
+	 * A DOMDocument class loaded from the original decrypted assertion.
+     * used in order to avoid signature validation conflicts due namespace issues
+	 */
+	private Document originalDecryptedAssertion;
 
 	/**
 	 * URL of the current host + current view
@@ -1001,4 +1007,32 @@ private Document decryptAssertion(Document dom) throws Exception {
 		// LOGGER.debug("Decrypted SAMLResponse --> " + xmlStr);
 		return doc;
 	}
+
+	/**
+	 * @return the SAMLResponse XML, If the Assertion of the SAMLResponse was encrypted,  
+	 *         returns the XML with the assertion decrypted
+	 */
+	public String getSAMLResponseXml() {
+		String xml;
+		if (encrypted) {
+			xml = Util.convertDocumentToString(decryptedDocument);
+		} else {
+        	xml = samlResponseString;
+		}
+		return xml; 
+	}
+
+	/**
+	 * @return the SAMLResponse Document, If the Assertion of the SAMLResponse was encrypted,  
+	 *         returns the Document with the assertion decrypted
+	 */
+	protected Document getSAMLResponseDocument() {
+		Document doc;
+		if (encrypted) {
+			doc = decryptedDocument;
+		} else {
+        	doc = samlResponseDocument;
+		}
+		return doc;
+	}
 }

core/src/main/java/com/onelogin/saml2/logout/LogoutRequest.java

@@ -181,7 +181,7 @@ public String getEncodedLogoutRequest() throws IOException {
 	/**
 	 * @return the plain XML Logout Request
 	 */
-	protected String getLogoutRequestXml() {
+	public String getLogoutRequestXml() {
 		return logoutRequestString;
 	}
 

core/src/main/java/com/onelogin/saml2/logout/LogoutResponse.java

@@ -139,7 +139,7 @@ public String getEncodedLogoutResponse() throws IOException {
 	/**
 	 * @return the plain XML Logout Response
 	 */
-	protected String getLogoutResponseXml() {
+	public String getLogoutResponseXml() {
 		return logoutResponseString;
 	}
 

core/src/test/java/com/onelogin/saml2/test/authn/AuthnRequestTest.java

@@ -32,7 +32,7 @@ public void testGetEncodedAuthnRequestSimulated() throws Exception {
 		final String authnRequestString = Util.getFileAsString("data/requests/authn_request.xml");
 		AuthnRequest authnRequest = new AuthnRequest(settings) {
 			@Override
-			protected String getAuthnRequestXml() {
+			public String getAuthnRequestXml() {
 				return authnRequestString;
 			}
 		};
@@ -56,7 +56,7 @@ protected String getAuthnRequestXml() {
 		settings.setCompressRequest(true);		
 		authnRequest = new AuthnRequest(settings) {
 			@Override
-			protected String getAuthnRequestXml() {
+			public String getAuthnRequestXml() {
 				return authnRequestString;
 			}
 		};
@@ -66,7 +66,7 @@ protected String getAuthnRequestXml() {
 		settings.setCompressRequest(false);
 		authnRequest = new AuthnRequest(settings) {
 			@Override
-			protected String getAuthnRequestXml() {
+			public String getAuthnRequestXml() {
 				return authnRequestString;
 			}
 		};
@@ -100,6 +100,21 @@ public void testGetEncodedAuthnRequestOnlySettings() throws Exception {
 		assertThat(authnRequestStr, containsString("ProviderName=\"SP Java Example\""));
 	}
 
+	/**
+	 * Tests the getAuthnRequestXml method of AuthnRequest
+	 *
+	 * @throws Exception
+	 * 
+	 * @see com.onelogin.saml2.authn.getAuthnRequestXml
+	 */
+	@Test
+	public void testGetAuthnRequestXml() throws Exception {
+		Saml2Settings settings = new SettingsBuilder().fromFile("config/config.min.properties").build();
+		AuthnRequest authnRequest = new AuthnRequest(settings);
+		String authnRequestXML = authnRequest.getAuthnRequestXml();
+		assertThat(authnRequestXML, containsString("<samlp:AuthnRequest"));
+	}
+
 	/**
 	 * Tests the AuthnRequest Constructor
 	 * The creation of a deflated SAML Request with the different values of ForceAuthn
@@ -257,8 +272,15 @@ public void testAuthNContext() throws Exception {
 		assertThat(authnRequestStr, containsString("<saml:AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:X509</saml:AuthnContextClassRef>"));
 	}
 
+	/**
+	 * Tests the getId method of AuthnRequest
+	 *
+	 * @throws Exception
+	 * 
+	 * @see com.onelogin.saml2.authn.getId
+	 */
 	@Test
-	public void testAuthNId() throws Exception
+	public void testGetId() throws Exception
 	{
 		Saml2Settings settings = new SettingsBuilder().fromFile("config/config.min.properties").build();
 

core/src/test/java/com/onelogin/saml2/test/authn/AuthnResponseTest.java

@@ -2,6 +2,7 @@
 
 import com.onelogin.saml2.authn.SamlResponse;
 import com.onelogin.saml2.http.HttpRequest;
+import com.onelogin.saml2.logout.LogoutResponse;
 import com.onelogin.saml2.model.SamlResponseStatus;
 import com.onelogin.saml2.settings.Saml2Settings;
 import com.onelogin.saml2.settings.SettingsBuilder;
@@ -103,6 +104,31 @@ public void testNamespaces() throws Exception {
 		assertEquals(expectedLastName, attributes.get("LastName"));
 	}
 
+	/**
+	 * Tests the getSAMLResponseXml method of SamlResponse
+	 *
+	 * @throws Exception
+	 * 
+	 * @see com.onelogin.saml2.authn.SamlResponse#getSAMLResponseXml
+	 */
+	@Test
+	public void testGetSAMLResponseXml() throws Exception {
+		Saml2Settings settings = new SettingsBuilder().fromFile("config/config.my.properties").build();
+
+		final String requestURL = "/";
+		String samlResponseEncoded = Util.getFileAsString("data/responses/response1.xml.base64");
+
+		SamlResponse samlResponse = new SamlResponse(settings, newHttpRequest(requestURL, samlResponseEncoded));
+		String samlResponseXML =  samlResponse.getSAMLResponseXml();
+		assertThat(samlResponseXML, containsString("<samlp:Response"));
+
+		samlResponseEncoded = Util.getFileAsString("data/responses/valid_encrypted_assertion.xml.base64");
+		samlResponse = new SamlResponse(settings, newHttpRequest(requestURL, samlResponseEncoded));
+		samlResponseXML =  samlResponse.getSAMLResponseXml();
+		assertThat(samlResponseXML, containsString("<samlp:Response"));
+		assertThat(samlResponseXML, containsString("<saml:Assertion"));
+	}
+
 	/**
 	 * Tests the getNameId method of SamlResponse
 	 *

core/src/test/java/com/onelogin/saml2/test/logout/LogoutRequestTest.java

@@ -24,6 +24,7 @@
 
 import com.onelogin.saml2.logout.LogoutRequest;
 import com.onelogin.saml2.http.HttpRequest;
+import com.onelogin.saml2.authn.AuthnRequest;
 import com.onelogin.saml2.exception.XMLEntityException;
 import com.onelogin.saml2.settings.Saml2Settings;
 import com.onelogin.saml2.settings.SettingsBuilder;
@@ -45,7 +46,7 @@ public void testGetEncodedLogoutRequestSimulated() throws Exception {
 		final String logoutRequestString = Util.getFileAsString("data/logout_requests/logout_request.xml");
 		LogoutRequest logoutRequest = new LogoutRequest(settings) {
 			@Override
-			protected String getLogoutRequestXml() {
+			public String getLogoutRequestXml() {
 				return logoutRequestString;
 			}
 		};
@@ -69,7 +70,7 @@ protected String getLogoutRequestXml() {
 		settings.setCompressRequest(true);
 		logoutRequest = new LogoutRequest(settings) {
 			@Override
-			protected String getLogoutRequestXml() {
+			public String getLogoutRequestXml() {
 				return logoutRequestString;
 			}
 		};
@@ -79,7 +80,7 @@ protected String getLogoutRequestXml() {
 		settings.setCompressRequest(false);
 		logoutRequest = new LogoutRequest(settings) {
 			@Override
-			protected String getLogoutRequestXml() {
+			public String getLogoutRequestXml() {
 				return logoutRequestString;
 			}
 		};
@@ -168,7 +169,7 @@ public void testConstructorWithSessionIndex() throws Exception {
 	@Test
 	public void testConstructorWithEncryptedNameID() throws Exception {
 		Saml2Settings settings = new SettingsBuilder().fromFile("config/config.all.properties").build();
-		LogoutRequest logoutRequest = new LogoutRequest(settings); 
+		LogoutRequest logoutRequest = new LogoutRequest(settings);
 		String logoutRequestStringBase64 = logoutRequest.getEncodedLogoutRequest();
 		String logoutRequestStr = Util.base64decodedInflated(logoutRequestStringBase64);
 		assertThat(logoutRequestStr, containsString("<saml:EncryptedID><xenc:EncryptedData"));
@@ -179,7 +180,30 @@ public void testConstructorWithEncryptedNameID() throws Exception {
 		logoutRequestStr = Util.base64decodedInflated(logoutRequestStringBase64);
 		assertThat(logoutRequestStr, not(containsString("<saml:EncryptedID><xenc:EncryptedData")));
 	}
-	
+
+	/**
+	 * Tests the getLogoutRequestXml method of LogoutRequest
+	 *
+	 * @throws Exception
+	 * 
+	 * @see com.onelogin.saml2.logout.getLogoutRequestXml
+	 */
+	@Test
+	public void testGetLogoutRequestXml() throws Exception {
+		Saml2Settings settings = new SettingsBuilder().fromFile("config/config.min.properties").build();
+		LogoutRequest logoutRequest = new LogoutRequest(settings);
+		String logoutRequestXML = logoutRequest.getLogoutRequestXml();
+		assertThat(logoutRequestXML, containsString("<samlp:LogoutRequest"));
+
+		String samlRequestEncoded = Util.getFileAsString("data/logout_requests/logout_request.xml.base64");
+		String requestURL = "/";
+		HttpRequest httpRequest = newHttpRequest(requestURL, samlRequestEncoded);
+		logoutRequest = new LogoutRequest(settings, httpRequest);
+		logoutRequestXML = logoutRequest.getLogoutRequestXml();
+		assertThat(logoutRequestXML, containsString("<samlp:LogoutRequest"));
+		
+	}
+
 	/**
 	 * Tests the getNameIdData method of LogoutRequest
 	 * Case: Able to get the NameIdData

core/src/test/java/com/onelogin/saml2/test/logout/LogoutResponseTest.java

@@ -18,6 +18,7 @@
 
 import com.onelogin.saml2.exception.XMLEntityException;
 import com.onelogin.saml2.http.HttpRequest;
+import com.onelogin.saml2.logout.LogoutRequest;
 import com.onelogin.saml2.logout.LogoutResponse;
 import com.onelogin.saml2.settings.Saml2Settings;
 import com.onelogin.saml2.settings.SettingsBuilder;
@@ -42,7 +43,7 @@ public void testGetEncodedLogoutResponseSimulated() throws Exception {
 
 		LogoutResponse logoutResponseBuilder = new LogoutResponse(settings, httpRequest) {
 			@Override
-			protected String getLogoutResponseXml() {
+			public String getLogoutResponseXml() {
 				return logoutResponseString;
 			}
 		};
@@ -57,7 +58,7 @@ protected String getLogoutResponseXml() {
 
 		LogoutResponse logoutResponse = new LogoutResponse(settings, httpRequest) {
 			@Override
-			protected String getLogoutResponseXml() {
+			public String getLogoutResponseXml() {
 				return logoutResponseString;
 			}
 		};
@@ -77,7 +78,7 @@ protected String getLogoutResponseXml() {
 		settings.setCompressResponse(true);
 		logoutResponse = new LogoutResponse(settings, httpRequest) {
 			@Override
-			protected String getLogoutResponseXml() {
+			public String getLogoutResponseXml() {
 				return logoutResponseString;
 			}
 		};
@@ -87,7 +88,7 @@ protected String getLogoutResponseXml() {
 		settings.setCompressResponse(false);
 		logoutResponse = new LogoutResponse(settings, httpRequest) {
 			@Override
-			protected String getLogoutResponseXml() {
+			public String getLogoutResponseXml() {
 				return logoutResponseString;
 			}
 		};
@@ -153,6 +154,30 @@ public void testBuild() throws IOException, XMLEntityException, URISyntaxExcepti
 		assertThat(logoutRequestStr, containsString("InResponseTo=\"inResponseValue\""));
 	}
 
+	/**
+	 * Tests the getLogoutResponseXml method of LogoutResponse
+	 *
+	 * @throws Exception
+	 * 
+	 * @see com.onelogin.saml2.logout.getLogoutResponseXml
+	 */
+	@Test
+	public void testGetLogoutRequestXml() throws Exception {
+		Saml2Settings settings = new SettingsBuilder().fromFile("config/config.min.properties").build();
+		LogoutResponse logoutResponse = new LogoutResponse(settings, null);
+		logoutResponse.build();
+		String logoutResponseXML = logoutResponse.getLogoutResponseXml();
+		assertThat(logoutResponseXML, containsString("<samlp:LogoutResponse"));
+
+		String samlResponseEncoded = Util.getFileAsString("data/logout_responses/logout_response.xml.base64");
+		String requestURL = "/";
+		HttpRequest httpRequest = newHttpRequest(requestURL, samlResponseEncoded);
+		logoutResponse = new LogoutResponse(settings, httpRequest);
+		logoutResponseXML = logoutResponse.getLogoutResponseXml();
+		assertThat(logoutResponseXML, containsString("<samlp:LogoutResponse"));
+		
+	}
+
 	/**
 	 * Tests the getStatus method of LogoutResponse
 	 *