Merge pull request SAML-Toolkits#367 from mauromol/improve-sp-contacts

Improve SP contacts

Author: pitbulk

README.md

@@ -250,6 +250,31 @@ onelogin.saml2.sp.x509certNew =
 # If you have     PKCS#1   BEGIN RSA PRIVATE KEY  convert it by   openssl pkcs8 -topk8 -inform pem -nocrypt -in sp.rsa_key -outform pem -out sp.pem
 onelogin.saml2.sp.privatekey =
 
+# Organization
+onelogin.saml2.organization.name = SP Java 
+onelogin.saml2.organization.displayname = SP Java Example
+onelogin.saml2.organization.url = http://sp.example.com
+onelogin.saml2.organization.lang = en
+
+# Contacts (use indexes to specify multiple contacts, multiple e-mail addresses per contact, multiple phone numbers per contact)
+onelogin.saml2.sp.contact[0].contactType=administrative
+onelogin.saml2.sp.contact[0].company=ACME
+onelogin.saml2.sp.contact[0].given_name=Guy
+onelogin.saml2.sp.contact[0].sur_name=Administrative
+onelogin.saml2.sp.contact[0].email_address[0][email protected]
+onelogin.saml2.sp.contact[0].email_address[1][email protected]
+onelogin.saml2.sp.contact[0].telephone_number[0]=+1-123456789
+onelogin.saml2.sp.contact[0].telephone_number[1]=+1-987654321
+onelogin.saml2.sp.contact[1].contactType=other
+onelogin.saml2.sp.contact[1].company=Big Corp
+onelogin.saml2.sp.contact[1].email_address[email protected]
+
+# Legacy contacts (legacy way to specify just a technical and a support contact with minimal info) 
+onelogin.saml2.contacts.technical.given_name = Technical Guy
+onelogin.saml2.contacts.technical.email_address = [email protected]
+onelogin.saml2.contacts.support.given_name = Support Guy
+onelogin.saml2.contacts.support.email_address = [email protected]
+
 ## Identity Provider Data that we want connect with our SP ##
 
 # Identifier of the IdP entity  (must be a URI)
@@ -374,18 +399,6 @@ onelogin.saml2.security.reject_deprecated_alg = true
 onelogin.saml2.parsing.trim_name_ids = false
 onelogin.saml2.parsing.trim_attribute_values = false
 
-# Organization
-onelogin.saml2.organization.name = SP Java 
-onelogin.saml2.organization.displayname = SP Java Example
-onelogin.saml2.organization.url = http://sp.example.com
-onelogin.saml2.organization.lang = en
-
-# Contacts
-onelogin.saml2.contacts.technical.given_name = Technical Guy
-onelogin.saml2.contacts.technical.email_address = [email protected]
-onelogin.saml2.contacts.support.given_name = Support Guy
-onelogin.saml2.contacts.support.email_address = [email protected]
-
 # Prefix used in generated Unique IDs.
 # Optional, defaults to ONELOGIN_ or full ID is like ONELOGIN_ebb0badd-4f60-4b38-b20a-a8e01f0592b1.
 # At minimun, the prefix can be non-numeric character such as "_".

core/src/main/java/com/onelogin/saml2/model/Contact.java

@@ -1,5 +1,8 @@
 package com.onelogin.saml2.model;
 
+import java.util.Arrays;
+import java.util.Collections;
+import java.util.List;
 
 /**
  * Contact class of OneLogin's Java Toolkit.
@@ -8,34 +11,78 @@
  */
 public class Contact {
 	/**
-     * Contact type
-     */
+       * Contact type
+       */
 	private final String contactType;
 
 	/**
-     * Contact given name
-     */
+	 * Contact company
+	 */
+	private final String company;
+	
+	/**
+       * Contact given name
+       */
 	private final String givenName;
+	
+	/**
+	 * Contact surname
+	 */
+	private final String surName;
 
 	/**
-     * Contact email
-     */
-	private final String emailAddress;
+       * Contact email
+       */
+	private final List<String> emailAddresses;
 
 	/**
-	 * Constructor
+	 * Contact phone number
+	 */
+	private final List<String> telephoneNumbers;
+	
+	/**
+	 * Constructor to specify minimal contact data.
+	 * <p>
+	 * To maintain backward compatibility, a <code>null</code> given name and a
+	 * <code>null</code> e-mail address are handled as being empty strings.
 	 *
 	 * @param contactType
-	 *              String. Contact type
+	 *              Contact type
 	 * @param givenName
-     *				String. Contact given name
+	 *              Contact given name
 	 * @param emailAddress
-     *				String. Contact email
+	 *              Contact e-mail
+	 * @deprecated use {@link #Contact(String, String, String, String, List, List)}
 	 */
+	@Deprecated
 	public Contact(String contactType, String givenName, String emailAddress) {
+		this(contactType, null, givenName != null ? givenName : "", null,
+		            Arrays.asList(emailAddress != null ? emailAddress : ""), null);
+	}
+
+	/**
+	 * Constructor
+	 *
+	 * @param contactType
+	 *              Contact type
+	 * @param givenName
+	 *              Contact given name
+	 * @param surName
+	 *              Contact surname
+	 * @param company
+	 *              Contact company
+	 * @param emailAddresses
+	 *              Contact e-mails
+	 * @param telephoneNumbers
+	 *              Contact phone numbers
+	 */
+	public Contact(String contactType, String company, String givenName, String surName, List<String> emailAddresses, List<String> telephoneNumbers) {
 		this.contactType = contactType != null? contactType : "";
-		this.givenName = givenName != null? givenName : "";
-		this.emailAddress = emailAddress != null? emailAddress : "";
+		this.company = company;
+		this.givenName = givenName;
+		this.surName = surName;
+		this.emailAddresses = emailAddresses != null? emailAddresses: Collections.emptyList();
+		this.telephoneNumbers = telephoneNumbers != null? telephoneNumbers: Collections.emptyList();
 	}
 
 	/**
@@ -46,17 +93,46 @@ public final String getContactType() {
 	}
 
 	/**
-	 * @return string the contact email
+	 * @return the contact email
+	 * @deprecated this returns just the first e-mail address in {@link #getEmailAddresses()}
 	 */
+	@Deprecated
 	public final String getEmailAddress() {
-		return emailAddress;
+		return emailAddresses.size() > 0? emailAddresses.get(0): null;
 	}
 
 	/**
-	 * @return string the contact given name
+	 * @return a list containing the contact e-mail addresses (never <code>null</code>)
+	 */
+	public final List<String> getEmailAddresses() {
+		return emailAddresses;
+	}
+
+	/**
+	 * @return the contact given name
 	 */
 	public final String getGivenName() {
 		return givenName;
 	}
+	
+	/**
+	 * @return the contact surname
+	 */
+	public final String getSurName() {
+		return surName;
+	}
+	
+	/**
+	 * @return the contact company
+	 */
+	public final String getCompany() {
+		return company;
+	}
 
+	/**
+	 * @return a list containing the contact phone numbers (never <code>null</code>)
+	 */
+	public final List<String> getTelephoneNumbers() {
+		return telephoneNumbers;
+	}
 }

core/src/main/java/com/onelogin/saml2/settings/Metadata.java

@@ -277,8 +277,21 @@ private String toContactsXml(List<Contact> contacts) {
 
 		for (Contact contact : contacts) {
 			contactsXml.append("<md:ContactPerson contactType=\"" + Util.toXml(contact.getContactType()) + "\">");
-			contactsXml.append("<md:GivenName>" + Util.toXml(contact.getGivenName()) + "</md:GivenName>");
-			contactsXml.append("<md:EmailAddress>" + Util.toXml(contact.getEmailAddress()) + "</md:EmailAddress>");
+			final String company = contact.getCompany();
+			if(company != null)
+				contactsXml.append("<md:Company>" + Util.toXml(company) + "</md:Company>");
+			final String givenName = contact.getGivenName();
+			if(givenName != null)
+				contactsXml.append("<md:GivenName>" + Util.toXml(givenName) + "</md:GivenName>");
+			final String surName = contact.getSurName();
+			if(surName != null)
+				contactsXml.append("<md:SurName>" + Util.toXml(surName) + "</md:SurName>");
+			final List<String> emailAddresses = contact.getEmailAddresses();
+			emailAddresses.forEach(emailAddress -> contactsXml
+			            .append("<md:EmailAddress>" + Util.toXml(emailAddress) + "</md:EmailAddress>"));
+			final List<String> telephoneNumbers = contact.getTelephoneNumbers();
+			telephoneNumbers.forEach(telephoneNumber -> contactsXml
+			            .append("<md:TelephoneNumber>" + Util.toXml(telephoneNumber) + "</md:TelephoneNumber>"));
 			contactsXml.append("</md:ContactPerson>");
 		}
 

core/src/main/java/com/onelogin/saml2/settings/Saml2Settings.java

@@ -5,10 +5,14 @@
 import java.security.cert.CertificateEncodingException;
 import java.security.cert.X509Certificate;
 import java.util.ArrayList;
+import java.util.HashSet;
 import java.util.LinkedList;
 import java.util.List;
+import java.util.Set;
 
 import com.onelogin.saml2.model.hsm.HSM;
+
+import org.apache.commons.lang3.StringUtils;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.w3c.dom.Document;
@@ -1015,24 +1019,25 @@ public List<String> checkSPSettings() {
 
 		List<Contact> contacts = this.getContacts();
 		if (!contacts.isEmpty()) {
-/*			
-			List<String> validTypes = new ArrayList<String>();
-			validTypes.add("technical");
-			validTypes.add("support");
-			validTypes.add("administrative");
-			validTypes.add("billing");
-			validTypes.add("other");
-*/
+			Set<String> validTypes = new HashSet<>();
+			validTypes.add(Constants.CONTACT_TYPE_TECHNICAL);
+			validTypes.add(Constants.CONTACT_TYPE_SUPPORT);
+			validTypes.add(Constants.CONTACT_TYPE_ADMINISTRATIVE);
+			validTypes.add(Constants.CONTACT_TYPE_BILLING);
+			validTypes.add(Constants.CONTACT_TYPE_OTHER);
 			for (Contact contact : contacts) {
-/*
 				if (!validTypes.contains(contact.getContactType())) {
 					errorMsg = "contact_type_invalid";
 					errors.add(errorMsg);
 					LOGGER.error(errorMsg);
 				}
-*/
-
-				if (contact.getEmailAddress().isEmpty() || contact.getGivenName().isEmpty()) {
+				if ((contact.getEmailAddresses().isEmpty()
+				            || contact.getEmailAddresses().stream().allMatch(StringUtils::isEmpty))
+				            && (contact.getTelephoneNumbers().isEmpty() || contact.getTelephoneNumbers()
+				                        .stream().allMatch(StringUtils::isEmpty))
+				            && StringUtils.isEmpty(contact.getCompany())
+				            && StringUtils.isEmpty(contact.getGivenName())
+				            && StringUtils.isEmpty(contact.getSurName())) {
 					errorMsg = "contact_not_enough_data";
 					errors.add(errorMsg);
 					LOGGER.error(errorMsg);