Fix saml-core issues without changing Java version

saml-core/pom.xml

@@ -31,8 +31,8 @@
     <description/>
 
     <properties>
-        <maven.compiler.target>1.8</maven.compiler.target>
+        <maven.compiler.target>1.7</maven.compiler.target>
-        <maven.compiler.source>1.8</maven.compiler.source>
+        <maven.compiler.source>1.7</maven.compiler.source>
 
         <timestamp>${maven.build.timestamp}</timestamp>
         <skip.security-manager.tests>true</skip.security-manager.tests>

saml-core/src/main/java/org/keycloak/saml/common/util/TransformerUtil.java

@@ -23,6 +23,7 @@ import org.keycloak.saml.common.constants.GeneralConstants;
 import org.keycloak.saml.common.exceptions.ConfigurationException;
 import org.keycloak.saml.common.exceptions.ParsingException;
 import org.keycloak.saml.common.exceptions.ProcessingException;
+import org.keycloak.saml.processing.core.util.FixXMLConstants;
 import org.w3c.dom.Document;
 import org.w3c.dom.Element;
 import org.w3c.dom.Node;
@@ -116,9 +117,9 @@ public class TransformerUtil {
                     logger.warn("XML External Entity switches are not supported.  You may get XML injection vulnerabilities.");
                 }
                 try {
-                    transformerFactory.setAttribute(XMLConstants.ACCESS_EXTERNAL_DTD, "");
+                    transformerFactory.setAttribute(FixXMLConstants.ACCESS_EXTERNAL_DTD, "");
 
-                    transformerFactory.setAttribute(XMLConstants.ACCESS_EXTERNAL_STYLESHEET, "");
+                    transformerFactory.setAttribute(FixXMLConstants.ACCESS_EXTERNAL_STYLESHEET, "");
                 } catch (Exception ignored) {
                     // some platforms don't support this.   For example our testsuite pulls Selenium which requires Xalan 2.7.1
                     logger.warn("XML External Entity switches are not supported.  You may get XML injection vulnerabilities.");

saml-core/src/main/java/org/keycloak/saml/processing/core/util/FixXMLConstants.java

@@ -0,0 +1,16 @@
+package org.keycloak.saml.processing.core.util;
+
+/**
+ * Constants copied from XMLConstants to work around issues with IntelliJ
+ *
+ * See https://issues.redhat.com/browse/KEYCLOAK-19403
+ */
+public class FixXMLConstants {
+
+    public static final String ACCESS_EXTERNAL_DTD = "http://javax.xml.XMLConstants/property/accessExternalDTD";
+
+    public static final String ACCESS_EXTERNAL_SCHEMA = "http://javax.xml.XMLConstants/property/accessExternalSchema";
+
+    public static final String ACCESS_EXTERNAL_STYLESHEET = "http://javax.xml.XMLConstants/property/accessExternalStylesheet";
+
+}

saml-core/src/main/java/org/keycloak/saml/processing/core/util/JAXPValidationUtil.java

@@ -98,8 +98,8 @@ public class JAXPValidationUtil {
             // Do not optimize the following into setProperty(...) && setProperty(...).
             // This way if it fails in the first setProperty, it will try the subsequent setProperty anyway
             // which it would not due to short-circuiting in case of an && expression.
-            boolean successful1 = setProperty(validator, XMLConstants.ACCESS_EXTERNAL_DTD, "");
+            boolean successful1 = setProperty(validator, FixXMLConstants.ACCESS_EXTERNAL_DTD, "");
-            successful1 &= setProperty(validator, XMLConstants.ACCESS_EXTERNAL_SCHEMA, "");
+            successful1 &= setProperty(validator, FixXMLConstants.ACCESS_EXTERNAL_SCHEMA, "");
             boolean successful2 = setFeature(validator, feature_disallow_doctype_decl, true);
             successful2 &= setFeature(validator, feature_external_general_entities, false);
             successful2 &= setFeature(validator, feature_external_parameter_entities, false);