libre.sh/keycloak-scim
3
0
Fork 0
Code Issues 15 Pull requests Releases 1 Packages Activity Actions

[KEYCLOAK-4979] make schema location map unmodifiable after initial setup + log message change

Browse source
This commit is contained in:
pskopek 2017-11-15 18:13:14 +01:00 committed by Hynek Mlnařík
parent 5f20df00d0
commit a993f6fb75
1 changed files with 44 additions and 41 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

85
saml-core/src/main/java/org/keycloak/saml/processing/core/util/IDFedLSInputResolver.java
View file

@ -21,6 +21,7 @@ import java.io.InputStream;
import java.io.Reader;
import java.net.URL;
import java.util.Collection;
import java.util.Collections;
import java.util.HashSet;
import java.util.LinkedHashMap;
import java.util.Map;
@ -39,69 +40,71 @@ public class IDFedLSInputResolver implements LSResourceResolver {
protected static final Logger logger = Logger.getLogger(IDFedLSInputResolver.class);
private static Map<String, String> schemaLocationMap = new LinkedHashMap<String, String>(); // thread safe for reading
private static final Map<String, String> schemaLocationMap;
static {
Map<String, String> schemaLocations = new LinkedHashMap<>();
// XML Schema/DTD
schemaLocationMap.put("datatypes.dtd", "schema/w3c/xmlschema/datatypes.dtd");
schemaLocationMap.put("XMLSchema.dtd", "schema/w3c/xmlschema/XMLSchema.dtd");
schemaLocationMap.put("http://www.w3.org/2001/XMLSchema.dtd", "schema/w3c/xmlschema/XMLSchema.dtd");
schemaLocationMap.put("http://www.w3.org/2001/xml.xsd", "schema/w3c/xmlschema/xml.xsd");
schemaLocations.put("datatypes.dtd", "schema/w3c/xmlschema/datatypes.dtd");
schemaLocations.put("XMLSchema.dtd", "schema/w3c/xmlschema/XMLSchema.dtd");
schemaLocations.put("http://www.w3.org/2001/XMLSchema.dtd", "schema/w3c/xmlschema/XMLSchema.dtd");
schemaLocations.put("http://www.w3.org/2001/xml.xsd", "schema/w3c/xmlschema/xml.xsd");
// XML DSIG
schemaLocationMap.put("http://www.w3.org/2000/09/xmldsig#", "schema/w3c/xmldsig/xmldsig-core-schema.xsd");
schemaLocationMap.put("http://www.w3.org/TR/2002/REC-xmldsig-core-20020212/xmldsig-core-schema.xsd",
schemaLocations.put("http://www.w3.org/2000/09/xmldsig#", "schema/w3c/xmldsig/xmldsig-core-schema.xsd");
schemaLocations.put("http://www.w3.org/TR/2002/REC-xmldsig-core-20020212/xmldsig-core-schema.xsd",
"schema/w3c/xmldsig/xmldsig-core-schema.xsd");
schemaLocationMap.put("http://www.w3.org/TR/xmldsig-core/xmldsig-core-schema.xsd", "schema/w3c/xmldsig/xmldsig-core-schema.xsd");
schemaLocations.put("http://www.w3.org/TR/xmldsig-core/xmldsig-core-schema.xsd", "schema/w3c/xmldsig/xmldsig-core-schema.xsd");
// XML Enc
schemaLocationMap.put("http://www.w3.org/2001/04/xmlenc#", "schema/w3c/xmlenc/xenc-schema.xsd");
schemaLocationMap.put("http://www.w3.org/TR/2002/REC-xmlenc-core-20021210/xenc-schema.xsd",
schemaLocations.put("http://www.w3.org/2001/04/xmlenc#", "schema/w3c/xmlenc/xenc-schema.xsd");
schemaLocations.put("http://www.w3.org/TR/2002/REC-xmlenc-core-20021210/xenc-schema.xsd",
"schema/w3c/xmlenc/xenc-schema.xsd");
// XACML
schemaLocationMap.put("access_control-xacml-2.0-context-schema-os.xsd",
schemaLocations.put("access_control-xacml-2.0-context-schema-os.xsd",
"schema/xacml/access_control-xacml-2.0-context-schema-os.xsd");
schemaLocationMap.put("http://docs.oasis-open.org/xacml/2.0/access_control-xacml-2.0-context-schema-os.xsd",
"schema/xacml/access_control-xacml-2.0-context-schema-os.xsd");
schemaLocationMap.put("access_control-xacml-2.0-policy-schema-os.xsd",
schemaLocations.put("http://docs.oasis-open.org/xacml/2.0/access_control-xacml-2.0-context-schema-os.xsd",
"schema/xacml/access_control-xacml-2.0-context-schema-os.xsd");
schemaLocations.put("access_control-xacml-2.0-policy-schema-os.xsd",
"schema/xacml/access_control-xacml-2.0-policy-schema-os.xsd");
// SAML
schemaLocationMap.put("saml-schema-assertion-2.0.xsd", "schema/saml/v2/saml-schema-assertion-2.0.xsd");
schemaLocationMap.put("http://www.oasis-open.org/committees/download.php/11027/sstc-saml-schema-assertion-2.0.xsd", "schema/saml/v2/saml-schema-assertion-2.0.xsd");
schemaLocationMap.put("saml-schema-protocol-2.0.xsd", "schema/saml/v2/saml-schema-protocol-2.0.xsd");
schemaLocationMap.put("http://www.oasis-open.org/committees/download.php/11026/sstc-saml-schema-protocol-2.0.xsd", "schema/saml/v2/saml-schema-protocol-2.0.xsd");
schemaLocationMap.put("saml-schema-metadata-2.0.xsd", "schema/saml/v2/saml-schema-metadata-2.0.xsd");
schemaLocationMap.put("saml-schema-x500-2.0.xsd", "schema/saml/v2/saml-schema-x500-2.0.xsd");
schemaLocationMap.put("saml-schema-xacml-2.0.xsd", "schema/saml/v2/saml-schema-xacml-2.0.xsd");
schemaLocationMap.put("saml-schema-xacml-2.0.xsd", "schema/saml/v2/saml-schema-xacml-2.0.xsd");
schemaLocationMap.put("saml-schema-authn-context-2.0.xsd", "schema/saml/v2/saml-schema-authn-context-2.0.xsd");
schemaLocationMap.put("saml-schema-authn-context-types-2.0.xsd",
schemaLocations.put("saml-schema-assertion-2.0.xsd", "schema/saml/v2/saml-schema-assertion-2.0.xsd");
schemaLocations.put("http://www.oasis-open.org/committees/download.php/11027/sstc-saml-schema-assertion-2.0.xsd", "schema/saml/v2/saml-schema-assertion-2.0.xsd");
schemaLocations.put("saml-schema-protocol-2.0.xsd", "schema/saml/v2/saml-schema-protocol-2.0.xsd");
schemaLocations.put("http://www.oasis-open.org/committees/download.php/11026/sstc-saml-schema-protocol-2.0.xsd", "schema/saml/v2/saml-schema-protocol-2.0.xsd");
schemaLocations.put("saml-schema-metadata-2.0.xsd", "schema/saml/v2/saml-schema-metadata-2.0.xsd");
schemaLocations.put("saml-schema-x500-2.0.xsd", "schema/saml/v2/saml-schema-x500-2.0.xsd");
schemaLocations.put("saml-schema-xacml-2.0.xsd", "schema/saml/v2/saml-schema-xacml-2.0.xsd");
schemaLocations.put("saml-schema-xacml-2.0.xsd", "schema/saml/v2/saml-schema-xacml-2.0.xsd");
schemaLocations.put("saml-schema-authn-context-2.0.xsd", "schema/saml/v2/saml-schema-authn-context-2.0.xsd");
schemaLocations.put("saml-schema-authn-context-types-2.0.xsd",
"schema/saml/v2/saml-schema-authn-context-types-2.0.xsd");
schemaLocationMap.put("saml-schema-assertion-1.0.xsd", "schema/saml/v1/saml-schema-assertion-1.0.xsd");
schemaLocationMap.put("oasis-sstc-saml-schema-assertion-1.1.xsd",
schemaLocations.put("saml-schema-assertion-1.0.xsd", "schema/saml/v1/saml-schema-assertion-1.0.xsd");
schemaLocations.put("oasis-sstc-saml-schema-assertion-1.1.xsd",
"schema/saml/v1/oasis-sstc-saml-schema-assertion-1.1.xsd");
schemaLocationMap.put("saml-schema-protocol-1.1.xsd", "schema/saml/v1/saml-schema-protocol-1.1.xsd");
schemaLocations.put("saml-schema-protocol-1.1.xsd", "schema/saml/v1/saml-schema-protocol-1.1.xsd");
schemaLocationMap.put("access_control-xacml-2.0-saml-assertion-schema-os.xsd",
schemaLocations.put("access_control-xacml-2.0-saml-assertion-schema-os.xsd",
"schema/saml/v2/access_control-xacml-2.0-saml-assertion-schema-os.xsd");
schemaLocationMap.put("access_control-xacml-2.0-saml-protocol-schema-os.xsd",
schemaLocations.put("access_control-xacml-2.0-saml-protocol-schema-os.xsd",
"schema/saml/v2/access_control-xacml-2.0-saml-protocol-schema-os.xsd");
// WS-T
schemaLocationMap.put("http://docs.oasis-open.org/ws-sx/ws-trust/200512", "schema/wstrust/v1_3/ws-trust-1.3.xsd");
schemaLocationMap.put("http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd",
schemaLocations.put("http://docs.oasis-open.org/ws-sx/ws-trust/200512", "schema/wstrust/v1_3/ws-trust-1.3.xsd");
schemaLocations.put("http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd",
"schema/wstrust/v1_3/oasis-200401-wss-wssecurity-secext-1.0.xsd");
schemaLocationMap.put("http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd",
schemaLocations.put("http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd",
"schema/wstrust/v1_3/oasis-200401-wss-wssecurity-utility-1.0.xsd");
schemaLocationMap.put("http://schemas.xmlsoap.org/ws/2004/09/policy", "schema/wstrust/v1_3/ws-policy.xsd");
schemaLocationMap.put("http://schemas.xmlsoap.org/ws/2004/09/policy/ws-policy.xsd", "schema/wstrust/v1_3/ws-policy.xsd");
schemaLocationMap.put("http://www.w3.org/2005/08/addressing", "schema/wstrust/v1_3/ws-addr.xsd");
schemaLocationMap.put("http://www.w3.org/2006/03/addressing/ws-addr.xsd", "schema/wstrust/v1_3/ws-addr.xsd");
schemaLocations.put("http://schemas.xmlsoap.org/ws/2004/09/policy", "schema/wstrust/v1_3/ws-policy.xsd");
schemaLocations.put("http://schemas.xmlsoap.org/ws/2004/09/policy/ws-policy.xsd", "schema/wstrust/v1_3/ws-policy.xsd");
schemaLocations.put("http://www.w3.org/2005/08/addressing", "schema/wstrust/v1_3/ws-addr.xsd");
schemaLocations.put("http://www.w3.org/2006/03/addressing/ws-addr.xsd", "schema/wstrust/v1_3/ws-addr.xsd");
schemaLocationMap = Collections.unmodifiableMap(schemaLocations);
}
public static Collection<String> schemas() {
@ -116,12 +119,12 @@ public class IDFedLSInputResolver implements LSResourceResolver {
if (systemId == null) {
throw new IllegalArgumentException("Expected systemId");
}
final String loc = schemaLocationMap.get(systemId);
if (loc == null) {
return null;
}
return new IDFedLSInput(baseURI, loc, publicId, systemId);
}
@ -210,7 +213,7 @@ public class IDFedLSInputResolver implements LSResourceResolver {
@Override
public String toString() {
return "PicketLinkLSInput [baseURI=" + baseURI + ", loc=" + loc + ", publicId=" + publicId + ", systemId="
return "IDFedLSInput [baseURI=" + baseURI + ", loc=" + loc + ", publicId=" + publicId + ", systemId="
+ systemId + "]";
}
}