diff --git a/saml-core/src/main/java/org/keycloak/saml/processing/core/util/IDFedLSInputResolver.java b/saml-core/src/main/java/org/keycloak/saml/processing/core/util/IDFedLSInputResolver.java index c5c3c95ddf..299ddaa46a 100755 --- a/saml-core/src/main/java/org/keycloak/saml/processing/core/util/IDFedLSInputResolver.java +++ b/saml-core/src/main/java/org/keycloak/saml/processing/core/util/IDFedLSInputResolver.java @@ -21,6 +21,7 @@ import java.io.InputStream; import java.io.Reader; import java.net.URL; import java.util.Collection; +import java.util.Collections; import java.util.HashSet; import java.util.LinkedHashMap; import java.util.Map; @@ -39,69 +40,71 @@ public class IDFedLSInputResolver implements LSResourceResolver { protected static final Logger logger = Logger.getLogger(IDFedLSInputResolver.class); - private static Map schemaLocationMap = new LinkedHashMap(); // thread safe for reading + private static final Map schemaLocationMap; static { + Map schemaLocations = new LinkedHashMap<>(); // XML Schema/DTD - schemaLocationMap.put("datatypes.dtd", "schema/w3c/xmlschema/datatypes.dtd"); - schemaLocationMap.put("XMLSchema.dtd", "schema/w3c/xmlschema/XMLSchema.dtd"); - schemaLocationMap.put("http://www.w3.org/2001/XMLSchema.dtd", "schema/w3c/xmlschema/XMLSchema.dtd"); - schemaLocationMap.put("http://www.w3.org/2001/xml.xsd", "schema/w3c/xmlschema/xml.xsd"); + schemaLocations.put("datatypes.dtd", "schema/w3c/xmlschema/datatypes.dtd"); + schemaLocations.put("XMLSchema.dtd", "schema/w3c/xmlschema/XMLSchema.dtd"); + schemaLocations.put("http://www.w3.org/2001/XMLSchema.dtd", "schema/w3c/xmlschema/XMLSchema.dtd"); + schemaLocations.put("http://www.w3.org/2001/xml.xsd", "schema/w3c/xmlschema/xml.xsd"); // XML DSIG - schemaLocationMap.put("http://www.w3.org/2000/09/xmldsig#", "schema/w3c/xmldsig/xmldsig-core-schema.xsd"); - schemaLocationMap.put("http://www.w3.org/TR/2002/REC-xmldsig-core-20020212/xmldsig-core-schema.xsd", + schemaLocations.put("http://www.w3.org/2000/09/xmldsig#", "schema/w3c/xmldsig/xmldsig-core-schema.xsd"); + schemaLocations.put("http://www.w3.org/TR/2002/REC-xmldsig-core-20020212/xmldsig-core-schema.xsd", "schema/w3c/xmldsig/xmldsig-core-schema.xsd"); - schemaLocationMap.put("http://www.w3.org/TR/xmldsig-core/xmldsig-core-schema.xsd", "schema/w3c/xmldsig/xmldsig-core-schema.xsd"); + schemaLocations.put("http://www.w3.org/TR/xmldsig-core/xmldsig-core-schema.xsd", "schema/w3c/xmldsig/xmldsig-core-schema.xsd"); // XML Enc - schemaLocationMap.put("http://www.w3.org/2001/04/xmlenc#", "schema/w3c/xmlenc/xenc-schema.xsd"); - schemaLocationMap.put("http://www.w3.org/TR/2002/REC-xmlenc-core-20021210/xenc-schema.xsd", + schemaLocations.put("http://www.w3.org/2001/04/xmlenc#", "schema/w3c/xmlenc/xenc-schema.xsd"); + schemaLocations.put("http://www.w3.org/TR/2002/REC-xmlenc-core-20021210/xenc-schema.xsd", "schema/w3c/xmlenc/xenc-schema.xsd"); // XACML - schemaLocationMap.put("access_control-xacml-2.0-context-schema-os.xsd", + schemaLocations.put("access_control-xacml-2.0-context-schema-os.xsd", "schema/xacml/access_control-xacml-2.0-context-schema-os.xsd"); - schemaLocationMap.put("http://docs.oasis-open.org/xacml/2.0/access_control-xacml-2.0-context-schema-os.xsd", - "schema/xacml/access_control-xacml-2.0-context-schema-os.xsd"); - schemaLocationMap.put("access_control-xacml-2.0-policy-schema-os.xsd", + schemaLocations.put("http://docs.oasis-open.org/xacml/2.0/access_control-xacml-2.0-context-schema-os.xsd", + "schema/xacml/access_control-xacml-2.0-context-schema-os.xsd"); + schemaLocations.put("access_control-xacml-2.0-policy-schema-os.xsd", "schema/xacml/access_control-xacml-2.0-policy-schema-os.xsd"); // SAML - schemaLocationMap.put("saml-schema-assertion-2.0.xsd", "schema/saml/v2/saml-schema-assertion-2.0.xsd"); - schemaLocationMap.put("http://www.oasis-open.org/committees/download.php/11027/sstc-saml-schema-assertion-2.0.xsd", "schema/saml/v2/saml-schema-assertion-2.0.xsd"); - schemaLocationMap.put("saml-schema-protocol-2.0.xsd", "schema/saml/v2/saml-schema-protocol-2.0.xsd"); - schemaLocationMap.put("http://www.oasis-open.org/committees/download.php/11026/sstc-saml-schema-protocol-2.0.xsd", "schema/saml/v2/saml-schema-protocol-2.0.xsd"); - schemaLocationMap.put("saml-schema-metadata-2.0.xsd", "schema/saml/v2/saml-schema-metadata-2.0.xsd"); - schemaLocationMap.put("saml-schema-x500-2.0.xsd", "schema/saml/v2/saml-schema-x500-2.0.xsd"); - schemaLocationMap.put("saml-schema-xacml-2.0.xsd", "schema/saml/v2/saml-schema-xacml-2.0.xsd"); - schemaLocationMap.put("saml-schema-xacml-2.0.xsd", "schema/saml/v2/saml-schema-xacml-2.0.xsd"); - schemaLocationMap.put("saml-schema-authn-context-2.0.xsd", "schema/saml/v2/saml-schema-authn-context-2.0.xsd"); - schemaLocationMap.put("saml-schema-authn-context-types-2.0.xsd", + schemaLocations.put("saml-schema-assertion-2.0.xsd", "schema/saml/v2/saml-schema-assertion-2.0.xsd"); + schemaLocations.put("http://www.oasis-open.org/committees/download.php/11027/sstc-saml-schema-assertion-2.0.xsd", "schema/saml/v2/saml-schema-assertion-2.0.xsd"); + schemaLocations.put("saml-schema-protocol-2.0.xsd", "schema/saml/v2/saml-schema-protocol-2.0.xsd"); + schemaLocations.put("http://www.oasis-open.org/committees/download.php/11026/sstc-saml-schema-protocol-2.0.xsd", "schema/saml/v2/saml-schema-protocol-2.0.xsd"); + schemaLocations.put("saml-schema-metadata-2.0.xsd", "schema/saml/v2/saml-schema-metadata-2.0.xsd"); + schemaLocations.put("saml-schema-x500-2.0.xsd", "schema/saml/v2/saml-schema-x500-2.0.xsd"); + schemaLocations.put("saml-schema-xacml-2.0.xsd", "schema/saml/v2/saml-schema-xacml-2.0.xsd"); + schemaLocations.put("saml-schema-xacml-2.0.xsd", "schema/saml/v2/saml-schema-xacml-2.0.xsd"); + schemaLocations.put("saml-schema-authn-context-2.0.xsd", "schema/saml/v2/saml-schema-authn-context-2.0.xsd"); + schemaLocations.put("saml-schema-authn-context-types-2.0.xsd", "schema/saml/v2/saml-schema-authn-context-types-2.0.xsd"); - schemaLocationMap.put("saml-schema-assertion-1.0.xsd", "schema/saml/v1/saml-schema-assertion-1.0.xsd"); - schemaLocationMap.put("oasis-sstc-saml-schema-assertion-1.1.xsd", + schemaLocations.put("saml-schema-assertion-1.0.xsd", "schema/saml/v1/saml-schema-assertion-1.0.xsd"); + schemaLocations.put("oasis-sstc-saml-schema-assertion-1.1.xsd", "schema/saml/v1/oasis-sstc-saml-schema-assertion-1.1.xsd"); - schemaLocationMap.put("saml-schema-protocol-1.1.xsd", "schema/saml/v1/saml-schema-protocol-1.1.xsd"); + schemaLocations.put("saml-schema-protocol-1.1.xsd", "schema/saml/v1/saml-schema-protocol-1.1.xsd"); - schemaLocationMap.put("access_control-xacml-2.0-saml-assertion-schema-os.xsd", + schemaLocations.put("access_control-xacml-2.0-saml-assertion-schema-os.xsd", "schema/saml/v2/access_control-xacml-2.0-saml-assertion-schema-os.xsd"); - schemaLocationMap.put("access_control-xacml-2.0-saml-protocol-schema-os.xsd", + schemaLocations.put("access_control-xacml-2.0-saml-protocol-schema-os.xsd", "schema/saml/v2/access_control-xacml-2.0-saml-protocol-schema-os.xsd"); - - + + // WS-T - schemaLocationMap.put("http://docs.oasis-open.org/ws-sx/ws-trust/200512", "schema/wstrust/v1_3/ws-trust-1.3.xsd"); - schemaLocationMap.put("http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd", + schemaLocations.put("http://docs.oasis-open.org/ws-sx/ws-trust/200512", "schema/wstrust/v1_3/ws-trust-1.3.xsd"); + schemaLocations.put("http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd", "schema/wstrust/v1_3/oasis-200401-wss-wssecurity-secext-1.0.xsd"); - schemaLocationMap.put("http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd", + schemaLocations.put("http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd", "schema/wstrust/v1_3/oasis-200401-wss-wssecurity-utility-1.0.xsd"); - schemaLocationMap.put("http://schemas.xmlsoap.org/ws/2004/09/policy", "schema/wstrust/v1_3/ws-policy.xsd"); - schemaLocationMap.put("http://schemas.xmlsoap.org/ws/2004/09/policy/ws-policy.xsd", "schema/wstrust/v1_3/ws-policy.xsd"); - schemaLocationMap.put("http://www.w3.org/2005/08/addressing", "schema/wstrust/v1_3/ws-addr.xsd"); - schemaLocationMap.put("http://www.w3.org/2006/03/addressing/ws-addr.xsd", "schema/wstrust/v1_3/ws-addr.xsd"); + schemaLocations.put("http://schemas.xmlsoap.org/ws/2004/09/policy", "schema/wstrust/v1_3/ws-policy.xsd"); + schemaLocations.put("http://schemas.xmlsoap.org/ws/2004/09/policy/ws-policy.xsd", "schema/wstrust/v1_3/ws-policy.xsd"); + schemaLocations.put("http://www.w3.org/2005/08/addressing", "schema/wstrust/v1_3/ws-addr.xsd"); + schemaLocations.put("http://www.w3.org/2006/03/addressing/ws-addr.xsd", "schema/wstrust/v1_3/ws-addr.xsd"); + schemaLocationMap = Collections.unmodifiableMap(schemaLocations); } public static Collection schemas() { @@ -116,12 +119,12 @@ public class IDFedLSInputResolver implements LSResourceResolver { if (systemId == null) { throw new IllegalArgumentException("Expected systemId"); } - + final String loc = schemaLocationMap.get(systemId); if (loc == null) { return null; } - + return new IDFedLSInput(baseURI, loc, publicId, systemId); } @@ -210,7 +213,7 @@ public class IDFedLSInputResolver implements LSResourceResolver { @Override public String toString() { - return "PicketLinkLSInput [baseURI=" + baseURI + ", loc=" + loc + ", publicId=" + publicId + ", systemId=" + return "IDFedLSInput [baseURI=" + baseURI + ", loc=" + loc + ", publicId=" + publicId + ", systemId=" + systemId + "]"; } }