Add support for multiple fully-fledged contacts for SP

It's now possible to specify an arbitrary number of contacts, with all
the information supported by the SAML 2.0 specification, including
multiple e-mail addresses and multiple phone numbers per contact. Since
this is indeed information related to the Service Provider (which
appears in the SP metadata), the new (indexed) properties used to
declare contacts have been put in the "onelogin.saml2.sp" namespace and
their parsing uses the same technique used to support multiple Attribute
Consuming Services.
The legacy way to specify just a technical and a support contacts is
still supported (these "legacy" contacts are appended as the last two
ones). The Contact class has been enhanced to support all ContactType
attributes supported by the SAML 2.0 specification but still exposes the
old constructor and single e-mail address getter (although being
deprecated) to provide a 100% backward compatible API.

Fixes SAML-Toolkits#326.

Author: mauromol

README.md

@@ -250,6 +250,31 @@ onelogin.saml2.sp.x509certNew =
 # If you have     PKCS#1   BEGIN RSA PRIVATE KEY  convert it by   openssl pkcs8 -topk8 -inform pem -nocrypt -in sp.rsa_key -outform pem -out sp.pem
 onelogin.saml2.sp.privatekey =
 
+# Organization
+onelogin.saml2.organization.name = SP Java 
+onelogin.saml2.organization.displayname = SP Java Example
+onelogin.saml2.organization.url = http://sp.example.com
+onelogin.saml2.organization.lang = en
+
+# Contacts (use indexes to specify multiple contacts, multiple e-mail addresses per contact, multiple phone numbers per contact)
+onelogin.saml2.sp.contact[0].contactType=administrative
+onelogin.saml2.sp.contact[0].company=ACME
+onelogin.saml2.sp.contact[0].given_name=Guy
+onelogin.saml2.sp.contact[0].sur_name=Administrative
+onelogin.saml2.sp.contact[0].email_address[0][email protected]
+onelogin.saml2.sp.contact[0].email_address[1][email protected]
+onelogin.saml2.sp.contact[0].telephone_number[0]=+1-123456789
+onelogin.saml2.sp.contact[0].telephone_number[1]=+1-987654321
+onelogin.saml2.sp.contact[1].contactType=other
+onelogin.saml2.sp.contact[1].company=Big Corp
+onelogin.saml2.sp.contact[1].email_address[email protected]
+
+# Legacy contacts (legacy way to specify just a technical and a support contact with minimal info) 
+onelogin.saml2.contacts.technical.given_name = Technical Guy
+onelogin.saml2.contacts.technical.email_address = [email protected]
+onelogin.saml2.contacts.support.given_name = Support Guy
+onelogin.saml2.contacts.support.email_address = [email protected]
+
 ## Identity Provider Data that we want connect with our SP ##
 
 # Identifier of the IdP entity  (must be a URI)
@@ -374,18 +399,6 @@ onelogin.saml2.security.reject_deprecated_alg = true
 onelogin.saml2.parsing.trim_name_ids = false
 onelogin.saml2.parsing.trim_attribute_values = false
 
-# Organization
-onelogin.saml2.organization.name = SP Java 
-onelogin.saml2.organization.displayname = SP Java Example
-onelogin.saml2.organization.url = http://sp.example.com
-onelogin.saml2.organization.lang = en
-
-# Contacts
-onelogin.saml2.contacts.technical.given_name = Technical Guy
-onelogin.saml2.contacts.technical.email_address = [email protected]
-onelogin.saml2.contacts.support.given_name = Support Guy
-onelogin.saml2.contacts.support.email_address = [email protected]
-
 # Prefix used in generated Unique IDs.
 # Optional, defaults to ONELOGIN_ or full ID is like ONELOGIN_ebb0badd-4f60-4b38-b20a-a8e01f0592b1.
 # At minimun, the prefix can be non-numeric character such as "_".

core/src/main/java/com/onelogin/saml2/model/Contact.java

@@ -1,5 +1,8 @@
 package com.onelogin.saml2.model;
 
+import java.util.Arrays;
+import java.util.Collections;
+import java.util.List;
 
 /**
  * Contact class of OneLogin's Java Toolkit.
@@ -8,34 +11,78 @@
  */
 public class Contact {
 	/**
-     * Contact type
-     */
+       * Contact type
+       */
 	private final String contactType;
 
 	/**
-     * Contact given name
-     */
+	 * Contact company
+	 */
+	private final String company;
+	
+	/**
+       * Contact given name
+       */
 	private final String givenName;
+	
+	/**
+	 * Contact surname
+	 */
+	private final String surName;
 
 	/**
-     * Contact email
-     */
-	private final String emailAddress;
+       * Contact email
+       */
+	private final List<String> emailAddresses;
 
 	/**
-	 * Constructor
+	 * Contact phone number
+	 */
+	private final List<String> telephoneNumbers;
+	
+	/**
+	 * Constructor to specify minimal contact data.
+	 * <p>
+	 * To maintain backward compatibility, a <code>null</code> given name and a
+	 * <code>null</code> e-mail address are handled as being empty strings.
 	 *
 	 * @param contactType
-	 *              String. Contact type
+	 *              Contact type
 	 * @param givenName
-     *				String. Contact given name
+	 *              Contact given name
 	 * @param emailAddress
-     *				String. Contact email
+	 *              Contact e-mail
+	 * @deprecated use {@link #Contact(String, String, String, String, List, List)}
 	 */
+	@Deprecated
 	public Contact(String contactType, String givenName, String emailAddress) {
+		this(contactType, null, givenName != null ? givenName : "", null,
+		            Arrays.asList(emailAddress != null ? emailAddress : ""), null);
+	}
+
+	/**
+	 * Constructor
+	 *
+	 * @param contactType
+	 *              Contact type
+	 * @param givenName
+	 *              Contact given name
+	 * @param surName
+	 *              Contact surname
+	 * @param company
+	 *              Contact company
+	 * @param emailAddresses
+	 *              Contact e-mails
+	 * @param telephoneNumbers
+	 *              Contact phone numbers
+	 */
+	public Contact(String contactType, String company, String givenName, String surName, List<String> emailAddresses, List<String> telephoneNumbers) {
 		this.contactType = contactType != null? contactType : "";
-		this.givenName = givenName != null? givenName : "";
-		this.emailAddress = emailAddress != null? emailAddress : "";
+		this.company = company;
+		this.givenName = givenName;
+		this.surName = surName;
+		this.emailAddresses = emailAddresses != null? emailAddresses: Collections.emptyList();
+		this.telephoneNumbers = telephoneNumbers != null? telephoneNumbers: Collections.emptyList();
 	}
 
 	/**
@@ -46,17 +93,46 @@ public final String getContactType() {
 	}
 
 	/**
-	 * @return string the contact email
+	 * @return the contact email
+	 * @deprecated this returns just the first e-mail address in {@link #getEmailAddresses()}
 	 */
+	@Deprecated
 	public final String getEmailAddress() {
-		return emailAddress;
+		return emailAddresses.size() > 0? emailAddresses.get(0): null;
 	}
 
 	/**
-	 * @return string the contact given name
+	 * @return a list containing the contact e-mail addresses (never <code>null</code>)
+	 */
+	public final List<String> getEmailAddresses() {
+		return emailAddresses;
+	}
+
+	/**
+	 * @return the contact given name
 	 */
 	public final String getGivenName() {
 		return givenName;
 	}
+	
+	/**
+	 * @return the contact surname
+	 */
+	public final String getSurName() {
+		return surName;
+	}
+	
+	/**
+	 * @return the contact company
+	 */
+	public final String getCompany() {
+		return company;
+	}
 
+	/**
+	 * @return a list containing the contact phone numbers (never <code>null</code>)
+	 */
+	public final List<String> getTelephoneNumbers() {
+		return telephoneNumbers;
+	}
 }

core/src/main/java/com/onelogin/saml2/settings/Metadata.java

@@ -277,8 +277,21 @@ private String toContactsXml(List<Contact> contacts) {
 
 		for (Contact contact : contacts) {
 			contactsXml.append("<md:ContactPerson contactType=\"" + Util.toXml(contact.getContactType()) + "\">");
-			contactsXml.append("<md:GivenName>" + Util.toXml(contact.getGivenName()) + "</md:GivenName>");
-			contactsXml.append("<md:EmailAddress>" + Util.toXml(contact.getEmailAddress()) + "</md:EmailAddress>");
+			final String company = contact.getCompany();
+			if(company != null)
+				contactsXml.append("<md:Company>" + Util.toXml(company) + "</md:Company>");
+			final String givenName = contact.getGivenName();
+			if(givenName != null)
+				contactsXml.append("<md:GivenName>" + Util.toXml(givenName) + "</md:GivenName>");
+			final String surName = contact.getSurName();
+			if(surName != null)
+				contactsXml.append("<md:SurName>" + Util.toXml(surName) + "</md:SurName>");
+			final List<String> emailAddresses = contact.getEmailAddresses();
+			emailAddresses.forEach(emailAddress -> contactsXml
+			            .append("<md:EmailAddress>" + Util.toXml(emailAddress) + "</md:EmailAddress>"));
+			final List<String> telephoneNumbers = contact.getTelephoneNumbers();
+			telephoneNumbers.forEach(telephoneNumber -> contactsXml
+			            .append("<md:TelephoneNumber>" + Util.toXml(telephoneNumber) + "</md:TelephoneNumber>"));
 			contactsXml.append("</md:ContactPerson>");
 		}
 

core/src/main/java/com/onelogin/saml2/settings/Saml2Settings.java

@@ -9,6 +9,8 @@
 import java.util.List;
 
 import com.onelogin.saml2.model.hsm.HSM;
+
+import org.apache.commons.lang3.StringUtils;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.w3c.dom.Document;
@@ -1032,7 +1034,10 @@ public List<String> checkSPSettings() {
 				}
 */
 
-				if (contact.getEmailAddress().isEmpty() || contact.getGivenName().isEmpty()) {
+				if (contact.getEmailAddresses().isEmpty() || contact.getEmailAddresses().stream().allMatch(StringUtils::isEmpty) || 
+						(StringUtils.isEmpty(contact.getCompany()) && 
+						StringUtils.isEmpty(contact.getGivenName()) && 
+						StringUtils.isEmpty(contact.getSurName()))) {
 					errorMsg = "contact_not_enough_data";
 					errors.add(errorMsg);
 					LOGGER.error(errorMsg);