/*
   
    * The OpenSAML License, Version 1.
   
    * Copyright (c) 2002
   
    * University Corporation for Advanced Internet Development, Inc.
   
    * All rights reserved
  
   *
  
   *
  
   * Redistribution and use in source and binary forms, with or without
  
   * modification, are permitted provided that the following conditions are met:
  
   *
  
   * Redistributions of source code must retain the above copyright notice, this
  
   * list of conditions and the following disclaimer.
  
   *
  
   * Redistributions in binary form must reproduce the above copyright notice,
  
   * this list of conditions and the following disclaimer in the documentation
  
   * and/or other materials provided with the distribution, if any, must include
  
   * the following acknowledgment: "This product includes software developed by
  
   * the University Corporation for Advanced Internet Development
  
   * <http://www.ucaid.edu>Internet2 Project. Alternately, this acknowledegement
  
   * may appear in the software itself, if and wherever such third-party
  
   * acknowledgments normally appear.
  
   *
  
   * Neither the name of OpenSAML nor the names of its contributors, nor
  
   * Internet2, nor the University Corporation for Advanced Internet Development,
  
   * Inc., nor UCAID may be used to endorse or promote products derived from this
  
   * software without specific prior written permission. For written permission,
  
   * please contact opensaml@opensaml.org
  
   *
  
   * Products derived from this software may not be called OpenSAML, Internet2,
  
   * UCAID, or the University Corporation for Advanced Internet Development, nor
  
   * may OpenSAML appear in their name, without prior written permission of the
  
   * University Corporation for Advanced Internet Development.
  
   *
  
   *
  
   * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
  
   * AND WITH ALL FAULTS. ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
  
   * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A
  
   * PARTICULAR PURPOSE, AND NON-INFRINGEMENT ARE DISCLAIMED AND THE ENTIRE RISK
  
   * OF SATISFACTORY QUALITY, PERFORMANCE, ACCURACY, AND EFFORT IS WITH LICENSEE.
  
   * IN NO EVENT SHALL THE COPYRIGHT OWNER, CONTRIBUTORS OR THE UNIVERSITY
  
   * CORPORATION FOR ADVANCED INTERNET DEVELOPMENT, INC. BE LIABLE FOR ANY DIRECT,
  
   * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
  
   * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
  
   * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
  
   * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
  
   * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
  
   * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
  
   */
  
  
  
  package org.opensciencegrid.authz.saml;
 
 
 
 import java.io.IOException;
 
 import java.io.InputStream;
 
 import java.lang.reflect.Constructor;
 
 import java.util.Collection;
 
 import java.util.Hashtable;
 
 import java.util.Iterator;
 
 import java.util.ArrayList;
 
 
 
 import org.apache.log4j.Category;
 
 import org.apache.log4j.NDC;
 
 import org.w3c.dom.*;
 
 
 
 import org.opensaml.v1_0_1.*;
 
 
 
 /***
 
  *  Basic XACMLObligation implementation that
 
  *  can hold rudimentary attribute values 
 
  *  <p>
 
  *  The current implementation supports only a 
 
  *  single attribute assignment per obligation object.
 
  *
 
  * @author     Markus Lorch based on code examples from the OpenSAML project
 
  * @created    October 28, 2004
 
  * modified    January 6, 2005 - support opensaml 1.0.1, added namespaces
 
  *
 
 */
 
 
 
 
 
 public class XACMLObligation extends SAMLObject implements Cloneable
 
 {
 
 
 
     /***  ObligationID */
 
     protected String obligationId = null;
 
 
 
     /***  FullFillOn Attribute */
 
     protected String fullfillOn = null;
 
 
 
     /*** Attribute ID */
 
     protected String attributeId = null;
 
 
 
     /*** Dataype of the attribute */
 
     protected String datatype = null;
 
 
 
     /*** Attribute Value */
 
     protected String value = null;
 
 
 
     /*** Logging */
 
     static Category log = Category.getInstance("XACMLObligation");
 
 
 
     /***
 
      *  Builds an XACML Obligation
 
      *
 
      * @param  obligationId       Name of the obligation
 
      * @param  fullfillOn         the fullfillOn property ("Permit", "Deny")
 
      * @param  attributeId        the attribute name
 
      * @param  dataype                  The schema type of attribute value
 
      * @param  value              the attribute value
 
      * @exception  SAMLException  Thrown if obligation cannot be built from the
 
      *      supplied information
 
      */
 
 
 
     public XACMLObligation(String obligationId, String fullfillOn, String attributeId, String datatype, String value)
 
         throws SAMLException
 
     {
 
         if (obligationId == null || obligationId.length() == 0 )
 
             throw new MalformedException(SAMLException.RESPONDER, "XACMLObligation() requires ObligationID");
 
         if (fullfillOn == null || fullfillOn.length() ==0 )
 
             throw new MalformedException(SAMLException.RESPONDER, "XACMLObligation() requires FullfillOn");
 
         if (attributeId == null || attributeId.length() == 0 || datatype == null || datatype.length() == 0)
 
             throw new MalformedException(SAMLException.RESPONDER, "XACMLObligation() requires AttributeID and DataType");
 
 
 
         this.obligationId = obligationId;
 
         this.fullfillOn = fullfillOn;
 
         this.attributeId = attributeId;
 
         this.datatype = datatype;
 
         this.value = value;
 
 
 
     }
 
 
 
     
 
     /*** creates and empty (uninitialized) XACMLObligation objext */
 
 
 
     public XACMLObligation() {
 
     }
 
 
 
 
 
     /***
 
      *  Reconstructs an XACML Obligation from a DOM tree
 
      *
 
      * @param  e                  The root of a DOM tree
 
      * @exception  SAMLException  Thrown if the object cannot be constructed
 
      */
 
 
 
     public XACMLObligation(Element e)
 
         throws SAMLException
 
     {
 
         this.fromDOM(e);
 
     }
 
 
 
 
 
     /***
 
      *  Reconstructs an XACML Obligation from a stream
 
      *
 
      * @param  in                   A stream containing XML
 
      * @exception  SAMLException  Raised if an exception occurs while constructing
 
      *                              the object.
 
      */
 
     public XACMLObligation(InputStream in)
 
         throws SAMLException
 
     {
 
         this.fromDOM(fromStream(in));
 
     }
 
 
 
     /***
 
      *  Initialization of obligation from a DOM element.<P>
 
      *
 
      *
 
      * @param  e                   Root element of a DOM tree
 
      * @exception  SAMLException   Raised if an exception occurs while constructing
 
      *                              the object.
 
      */
 
     public void fromDOM(Element e)
 
         throws SAMLException
 
     {
 
         super.fromDOM(e);
 
 
 
 
 
         if  (config.getBooleanProperty("org.opensaml.strict-dom-checking") &&
 
              !XML.isElementNamed(e,OSGXML.SAML_EXT_NS,"XACMLObligation"))
 
         {
 
                 throw new MalformedException(SAMLException.REQUESTER, "XACMLObligation.fromDOM() requires "
 
                                                  +OSGXML.SAML_EXT_NS+":XACMLObligation at root");
 
         }
 
 
 
         obligationId = e.getAttributeNS(null, "ObligationId");
 
         fullfillOn   = e.getAttributeNS(null, "FullfillOn");
 
 
 
         // Iterate over AttributeAssignments
 
 
 
         NodeList nlist = e.getElementsByTagNameNS(OSGXML.SAML_EXT_NS, "AttributeAssignment");
 
         //NodeList nlist = e.getElementsByTagName("AttributeAssignment");
 
         if (nlist.getLength() > 0)
 
         {
 
             for (int i = 0; i < nlist.getLength(); i++)
 
             {
 
                 // this implementation supports only a single attribute assignment per obligation
 
 
 
                 attributeId =  ((Element) nlist.item(i)).getAttribute("AttributeId");
 
                 datatype =  ((Element) nlist.item(i)).getAttribute("Datatype");
 
                 value =   ((Element) nlist.item(i)).getFirstChild().getNodeValue();
 
             }
 
         } else {
 
             throw new MalformedException("XACMLObligation requires at least one attribute assignment");
 
         }
 
        
 
 
 
         log.debug("parsed obligation with id "+ obligationId + " to be fullfilled on " + fullfillOn);
 
         log.debug("attribute id is "+attributeId+ " of datatype " + datatype);
 
         log.debug("and attribute value is "+value);
 
 
 
      }
 
 
 
     /***
 
      *  Overridden method to return a DOM tree representing the attribute<P>
 
      *
 
      * @param  doc  A Document object to use in manufacturing the tree
 
      * @return      Root "Attribute" element of a DOM tree
 
      */
 
     public Node toDOM(Document doc) throws SAMLException
 
     {
 
         if ((root = super.toDOM(doc)) != null)
 
             return root;
 
 
 
         Element a = doc.createElementNS("opensciencegrid:authorization:saml","XACMLObligation");
 
         //a.setAttributeNS(XML.XMLNS_NS, "xmlns", "opensciencegrid:authorization:saml");
 
 	a.setAttributeNS(null,"ObligationId", obligationId);
 
         a.setAttributeNS(null,"FullfillOn", fullfillOn);
 
 
 
         Element b = doc.createElementNS("opensciencegrid:authorization:saml","AttributeAssignment");
 
         //b.setAttributeNS(XML.XMLNS_NS, "xmlns", "opensciencegrid:authorization:saml");
 
         b.setAttributeNS(null,"AttributeId", attributeId);
 
         b.setAttributeNS(null,"Datatype", datatype);
 
 
 
         b.appendChild(doc.createTextNode(value));
 
 
 
         a.appendChild(b);
 
 
 
         return root = a;
 
     }
 
 
 
     /***
 
      *  Copies a SAML object such that no dependencies exist between the original
 
      *  and the copy
 
      *
 
      * @return      The new object
 
      * @see java.lang.Object#clone()
 
      */
 
     public Object clone()
 
         throws CloneNotSupportedException
 
     {
 
         try {
 
           XACMLObligation dup=new XACMLObligation(obligationId, fullfillOn, attributeId, datatype, value);
 
           return (Object) dup;
 
         }
 
         catch (Exception e) {
 
           throw new CloneNotSupportedException(e.getMessage());
 
         }
 
 
 
     }
 
 
 
     public String getObligationId() {
 
         return obligationId;
 
     }
 
 
 
     public String getFullfillOn() {
 
         return fullfillOn;
 
     }
 
 
 
     public String getAttributeId() {
 
         return attributeId;
 
     }
 
 
 
     public String getDatatype() {
 
         return datatype;
 
     }
 
 
 
     public String getValue() {
 
         return value;
 
     }
 
 
 
 
 
 }