From 17a1a339873992a06f134eebbbf836cc3a0825b1 Mon Sep 17 00:00:00 2001
From: Hynek Mlnarik <hmlnarik@redhat.com>
Date: Wed, 26 Sep 2018 10:10:55 +0200
Subject: [PATCH] KEYCLOAK-7740 Support parsing of xs:date type

---
 .../assertion/SAMLAttributeValueParser.java   |   3 +
 .../core/parsers/saml/SAMLParserTest.java     | 144 +++++++++---------
 ...ml20-assertion-anytype-attribute-value.xml |   6 +
 3 files changed, 80 insertions(+), 73 deletions(-)

diff --git a/saml-core/src/main/java/org/keycloak/saml/processing/core/parsers/saml/assertion/SAMLAttributeValueParser.java b/saml-core/src/main/java/org/keycloak/saml/processing/core/parsers/saml/assertion/SAMLAttributeValueParser.java
index 272c03282d..215e75e3a6 100644
--- a/saml-core/src/main/java/org/keycloak/saml/processing/core/parsers/saml/assertion/SAMLAttributeValueParser.java
+++ b/saml-core/src/main/java/org/keycloak/saml/processing/core/parsers/saml/assertion/SAMLAttributeValueParser.java
@@ -23,6 +23,7 @@ import org.keycloak.saml.common.exceptions.ParsingException;
 import org.keycloak.saml.common.parsers.StaxParser;
 import org.keycloak.saml.common.util.StaxParserUtil;
 import org.keycloak.saml.processing.core.parsers.util.SAMLParserUtil;
+import org.keycloak.saml.processing.core.saml.v2.util.XMLTimeUtil;
 import java.io.StringWriter;
 import java.util.Objects;
 import javax.xml.namespace.QName;
@@ -98,6 +99,8 @@ public class SAMLAttributeValueParser implements StaxParser {
             return parseAnyTypeAsString(xmlEventReader);
         } else if(typeValue.contains(":base64Binary")){
             return StaxParserUtil.getElementText(xmlEventReader);
+        } else if(typeValue.contains(":date")){
+            return XMLTimeUtil.parse(StaxParserUtil.getElementText(xmlEventReader));
         } else if(typeValue.contains(":boolean")){
             return StaxParserUtil.getElementText(xmlEventReader);
         }
diff --git a/saml-core/src/test/java/org/keycloak/saml/processing/core/parsers/saml/SAMLParserTest.java b/saml-core/src/test/java/org/keycloak/saml/processing/core/parsers/saml/SAMLParserTest.java
index 870ec5139e..c16ed72b61 100644
--- a/saml-core/src/test/java/org/keycloak/saml/processing/core/parsers/saml/SAMLParserTest.java
+++ b/saml-core/src/test/java/org/keycloak/saml/processing/core/parsers/saml/SAMLParserTest.java
@@ -942,87 +942,85 @@ public class SAMLParserTest {
 
     @Test
     public void testSaml20AssertionsAnyTypeAttributeValue() throws Exception {
+        AssertionType assertion = assertParsed("saml20-assertion-anytype-attribute-value.xml", AssertionType.class);
 
-        String[] xmlSamples = {
-                "saml20-assertion-anytype-attribute-value.xml",
-                "saml20-assertion-example.xml"
-        };
+        AttributeStatementType attributeStatementType = assertion.getAttributeStatements().iterator().next();
+        assertThat(attributeStatementType.getAttributes(), hasSize(5));
 
-        for (String fileName: xmlSamples) {
-            try (InputStream st = SAMLParserTest.class.getResourceAsStream(fileName)) {
-                Object parsedObject = parser.parse(st);
-                assertThat("Problem detected in " + fileName + " sample.", parsedObject, instanceOf(AssertionType.class));
-                checkCheckParsedResult(fileName, (AssertionType)parsedObject);
-            } catch (Exception e) {
-                throw new Exception("Problem detected in " + fileName + " sample.", e);
+        for (AttributeStatementType.ASTChoiceType choiceType: attributeStatementType.getAttributes()) {
+            AttributeType attr = choiceType.getAttribute();
+            String attrName = attr.getName();
+            Object value = attr.getAttributeValue().get(0);
+            // test selected attributes
+            switch (attrName) {
+                case "attr:type:string":
+                    assertThat(value, is((Object) "CITIZEN"));
+                    break;
+                case "attr:notype:string":
+                    assertThat(value, instanceOf(String.class));
+                    assertThat(value, is((Object) "CITIZEN"));
+                    break;
+                case "attr:notype:element":
+                    assertThat(value, instanceOf(String.class));
+                    assertThat((String) value, containsString("hospitaal x"));
+                    value = attr.getAttributeValue().get(1);
+                    assertThat(value, instanceOf(String.class));
+                    assertThat((String) value, containsString("hopital x"));
+                    break;
+                case "founded":
+                    assertThat(value, is((Object) XMLTimeUtil.parse("2002-05-30T09:30:10-06:00")));
+                    break;
+                case "expanded":
+                    assertThat(value, is((Object) XMLTimeUtil.parse("2002-06-30")));
+                    break;
+                default:
+                    break;
             }
         }
     }
 
-    private void checkCheckParsedResult(String fileName, AssertionType assertion) throws Exception {
+    @Test
+    public void testSaml20AssertionExample() throws Exception {
+        AssertionType assertion = assertParsed("saml20-assertion-example.xml", AssertionType.class);
+
         AttributeStatementType attributeStatementType = assertion.getAttributeStatements().iterator().next();
-        if ("saml20-assertion-anytype-attribute-value.xml".equals(fileName)) {
-            assertTrue("There has to be 3 attributes", attributeStatementType.getAttributes().size() == 3);
-            for (AttributeStatementType.ASTChoiceType choiceType: attributeStatementType.getAttributes()) {
-                AttributeType attr = choiceType.getAttribute();
-                String attrName = attr.getName();
-                String attrValueStatement = "unexpected value of attribute " + attrName + " of " + fileName;
-                String attrTypeStatement = "unexpected type of attribute " + attrName + " of " + fileName;
-                // test selected attributes
-                if (attrName.equals("attr:type:string")) {
-                    assertEquals(attrValueStatement, attr.getAttributeValue().get(0), "CITIZEN");
-                } else if (attrName.equals("attr:notype:string")) {
-                    assertThat(attrTypeStatement, attr.getAttributeValue().get(0), instanceOf(String.class));
-                    String value = (String)attr.getAttributeValue().get(0);
-                    assertEquals(attrValueStatement, value, "CITIZEN");
-                } else if (attrName.equals("attr:notype:element")) {
-                    assertThat(attrTypeStatement, attr.getAttributeValue().get(0), instanceOf(String.class));
-                    String value = (String)attr.getAttributeValue().get(0);
-                    assertThat(attrValueStatement, value, containsString("hospitaal x"));
-                    value = (String)attr.getAttributeValue().get(1);
-                    assertThat(attrValueStatement, value, containsString("hopital x"));
-                }
+        assertThat(attributeStatementType.getAttributes(), hasSize(9));
+
+        for (AttributeStatementType.ASTChoiceType choiceType: attributeStatementType.getAttributes()) {
+            AttributeType attr = choiceType.getAttribute();
+            String attrName = attr.getName();
+            Object value = attr.getAttributeValue().get(0);
+            // test selected attributes
+            switch (attrName) {
+                case "portal_id":
+                    assertEquals(value, "060D00000000SHZ");
+                    break;
+                case "organization_id":
+                    assertThat(value, instanceOf(String.class));
+                    assertThat((String) value, containsString("<n3:stuff xmlns:n3=\"ftp://example.org\">00DD0000000F7L5</n3:stuff>"));
+                    break;
+                case "has_sub_organization":
+                    assertThat(value, is((Object) "true"));
+                    break;
+                case "anytype_test":
+                    assertThat(value, instanceOf(String.class));
+                    assertThat((String) value, containsString("<elem2>val2</elem2>"));
+                    break;
+                case "anytype_no_xml_test":
+                    assertThat(value, is((Object) "value_no_xml"));
+                    break;
+                case "logouturl":
+                    assertThat(value, is((Object) "http://www.salesforce.com/security/del_auth/SsoLogoutPage.html"));
+                    break;
+                case "nil_value_attribute":
+                    assertNull(value);
+                    break;
+                case "status":
+                    assertThat(value, is((Object) "<status><code><status>XYZ</status></code></status>"));
+                    break;
+                default:
+                    break;
             }
-        } else if ("saml20-assertion-example.xml".equals(fileName)) {
-            assertThat("There has to be 9 attributes", attributeStatementType.getAttributes().size(), is(9));
-            for (AttributeStatementType.ASTChoiceType choiceType: attributeStatementType.getAttributes()) {
-                AttributeType attr = choiceType.getAttribute();
-                String attrName = attr.getName();
-                String attrValueStatement = "unexpected value of attribute " + attrName + " of " + fileName;
-                String attrTypeStatement = "unexpected type of attribute " + attrName + " of " + fileName;
-                // test selected attributes
-                if (attrName.equals("portal_id")) {
-                    assertEquals(attrValueStatement, attr.getAttributeValue().get(0), "060D00000000SHZ");
-                } else if (attrName.equals("organization_id")) {
-                    assertThat(attrTypeStatement, attr.getAttributeValue().get(0), instanceOf(String.class));
-                    String value = (String)attr.getAttributeValue().get(0);
-                    assertThat(attrValueStatement, value, containsString("<n3:stuff xmlns:n3=\"ftp://example.org\">00DD0000000F7L5</n3:stuff>"));
-                } else if (attrName.equals("has_sub_organization")) {
-                    assertThat(attrTypeStatement, attr.getAttributeValue().get(0), instanceOf(String.class));
-                    String value = (String)attr.getAttributeValue().get(0);
-                    assertThat(attrValueStatement, value, containsString("true"));
-                } else if (attrName.equals("anytype_test")) {
-                    assertThat(attrTypeStatement, attr.getAttributeValue().get(0), instanceOf(String.class));
-                    String value = (String)attr.getAttributeValue().get(0);
-                    assertThat(attrValueStatement, value, containsString("<elem2>val2</elem2>"));
-                } else if (attrName.equals("anytype_no_xml_test")) {
-                    assertThat(attrTypeStatement, attr.getAttributeValue().get(0), instanceOf(String.class));
-                    String value = (String)attr.getAttributeValue().get(0);
-                    assertEquals(attrValueStatement, value, "value_no_xml");
-                } else if (attrName.equals("logouturl")) {
-                    assertThat(attrTypeStatement, attr.getAttributeValue().get(0), instanceOf(String.class));
-                    String value = (String)attr.getAttributeValue().get(0);
-                    assertEquals(attrValueStatement, value, "http://www.salesforce.com/security/del_auth/SsoLogoutPage.html");
-                } else if (attrName.equals("nil_value_attribute")) {
-                    assertNull(attrValueStatement, attr.getAttributeValue().get(0));
-                } else if (attrName.equals("status")) {
-                    assertThat(attrTypeStatement, attr.getAttributeValue().get(0), instanceOf(String.class));
-                    String value = (String)attr.getAttributeValue().get(0);
-                    assertThat(attrValueStatement, value, containsString("<status><code><status>XYZ</status></code></status>"));
-                }
-            }
-        } else {
-            throw new RuntimeException("test error: wrong file name to check");
         }
     }
 
diff --git a/saml-core/src/test/resources/org/keycloak/saml/processing/core/parsers/saml/saml20-assertion-anytype-attribute-value.xml b/saml-core/src/test/resources/org/keycloak/saml/processing/core/parsers/saml/saml20-assertion-anytype-attribute-value.xml
index f4b78861e0..c532a02187 100644
--- a/saml-core/src/test/resources/org/keycloak/saml/processing/core/parsers/saml/saml20-assertion-anytype-attribute-value.xml
+++ b/saml-core/src/test/resources/org/keycloak/saml/processing/core/parsers/saml/saml20-assertion-anytype-attribute-value.xml
@@ -15,5 +15,11 @@
                 <ns4:Name xml:lang="fr" xmlns="urn:be:fgov:ehealth:aa:complextype:v1" xmlns:ns4="urn:be:fgov:ehealth:aa:complextype:v1">hopital x</ns4:Name>
             </saml2:AttributeValue>
         </saml2:Attribute>
+        <saml2:Attribute FriendlyName="Organisation Founded" Name="founded" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
+            <saml2:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:date">2002-05-30T09:30:10-06:00</saml2:AttributeValue>
+        </saml2:Attribute>
+        <saml2:Attribute FriendlyName="Organisation Expanded" Name="expanded" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
+            <saml2:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:date">2002-06-30</saml2:AttributeValue>
+        </saml2:Attribute>
     </saml2:AttributeStatement>
 </saml2:Assertion>