org.opensaml.saml.saml2.core.StatusCode Java Examples

@Test
public void shouldHandleNoMatchSaml() throws Exception {
    EntityDescriptor entityDescriptor = createEntityDescriptorWithSigningCertificate(TEST_RP_PUBLIC_SIGNING_CERT);
    when(hubMetadataResolver.resolve(any())).thenReturn(ImmutableList.of(entityDescriptor));

    Status noMatchStatus = aStatus().
        withStatusCode(
            aStatusCode()
                .withValue(StatusCode.RESPONDER)
                .withSubStatusCode(aStatusCode().withValue(SamlStatusCode.NO_MATCH).build())
                .build())
        .build();
    Response response = signResponse(createNoAttributeResponseBuilder(noMatchStatus), testRpSigningCredential);

    TranslatedMatchingResponseBody result = (TranslatedMatchingResponseBody) matchingResponseService.convertTranslatedResponseBody(
        responseToBase64StringTransformer.apply(response),
        response.getInResponseTo(),
        LevelOfAssurance.LEVEL_2,
        VERIFY_SERVICE_PROVIDER_ENTITY_ID
    );

    assertThat(result.getScenario()).isEqualTo(NO_MATCH);
}
 

/**
 * Decode and validate saml logout response with valid signature.
 *
 * @throws Throwable the throwable
 */
@Test
public void decodeAndValidateSamlLogoutResponseWithValidSignature() throws Throwable {
  /*
   * To avoid annoying code test, the IDP and the SP have the same public key
   */
  //Retrieve the saml client
  SamlClient client = getKeyCloakClient(true);
  //Retrieve the new encoded logout response
  String encodedLogoutResponse = client.getSamlLogoutResponse(StatusCode.SUCCESS);
  //Decode the encoded logout response to check it is signed
  String decodedResponse = decode(encodedLogoutResponse);
  assertTrue(decodedResponse.contains(Signature.DEFAULT_ELEMENT_LOCAL_NAME));
  //Decode and valid the logout response
  SamlLogoutResponse logoutResponse =
      decodeAndValidateSamlLogoutResponse(encodedLogoutResponse, "POST");
  assertTrue(logoutResponse.isValid());
}
 

/**
 * Decode and validate saml logout response with invalid signature.
 *
 * @throws Throwable the throwable
 */
@Test
public void decodeAndValidateSamlLogoutResponseWithInvalidSignature() throws Throwable {
  SamlClient client = getKeyCloakClient(true);
  String encodedSamlLogoutResponse = client.getSamlLogoutResponse(StatusCode.SUCCESS);
  //Corrupt the signature  (decode => corrupt => encode)
  String decodedSamlLogoutResponse = decode(encodedSamlLogoutResponse);
  int index = decodedSamlLogoutResponse.indexOf("<ds:SignatureValue>") + 19;
  String s = decodedSamlLogoutResponse.substring(index);
  decodedSamlLogoutResponse = encode(decodedSamlLogoutResponse.subSequence(0, index) + "XXX" + s);

  try {
    decodeAndValidateSamlLogoutResponse(decodedSamlLogoutResponse, "POST");
    fail("We must have an exception if the signature isn't valid");
  } catch (SamlException ignore) {
  }
}
 

private HttpResponse fail(ServiceRequestContext ctx,
                          LogoutRequest logoutRequest,
                          SamlEndpoint sloResEndpoint) {
    // Try to send a LogoutResponse with the following status code. It's one of the top-level status code
    // which is defined in SAML 2.0 specifications.
    //
    // "urn:oasis:names:tc:SAML:2.0:status:Responder"
    // - The request could not be performed due to an error on the part of the SAML responder
    //   or SAML authority.
    final LogoutResponse failureResponse = createLogoutResponse(logoutRequest, StatusCode.RESPONDER);
    try {
        return respond(failureResponse, sloResEndpoint);
    } catch (SamlException e) {
        return fail(ctx, e);
    }
}
 

private ResponseBuilder createUnsignedAttributeResponseBuilder() {
    return aResponse()
            .withStatus(
                    aStatus().
                            withStatusCode(aStatusCode().withValue(StatusCode.SUCCESS).build())
                            .build())
            .withNoDefaultAssertion()
            .addEncryptedAssertion(aDefaultAssertion()
                    .addAttributeStatement(
                            anAttributeStatement()
                                    .addAttribute(new SimpleStringAttributeBuilder()
                                            .withName(IdaConstants.Eidas_Attributes.UnsignedAssertions.EidasSamlResponse.NAME)
                                            .withSimpleStringValue("eidasSaml")
                                            .build())
                                    .build())
                    .buildWithEncrypterCredential(encryptionCredentialFactory.getEncryptingCredential())
            );

}
 

@Test
public void shouldFailWhenInResponseToDoesNotMatchRequestId() throws Exception {
    expectedException.expect(SamlResponseValidationException.class);
    expectedException.expectMessage(String.format("Expected InResponseTo to be some-incorrect-request-id, but was %s", DEFAULT_REQUEST_ID));

    EntityDescriptor entityDescriptor = createEntityDescriptorWithSigningCertificate(TEST_RP_PUBLIC_SIGNING_CERT);
    when(hubMetadataResolver.resolve(any())).thenReturn(ImmutableList.of(entityDescriptor));

    Status successStatus = aStatus().
        withStatusCode(aStatusCode().withValue(StatusCode.SUCCESS).build())
        .build();
    Response response = signResponse(createNoAttributeResponseBuilder(successStatus), testRpSigningCredential);

    matchingResponseService.convertTranslatedResponseBody(
        responseToBase64StringTransformer.apply(response),
        "some-incorrect-request-id",
        LevelOfAssurance.LEVEL_2,
        VERIFY_SERVICE_PROVIDER_ENTITY_ID
    );
}
 

@Test
public void shouldFailValidationWhenHubResponseIsNotSigned() throws Exception {
    expectedException.expect(SamlTransformationErrorException.class);
    expectedException.expectMessage("SAML Validation Specification: Message signature is not signed");

    Status successStatus = aStatus().
        withStatusCode(aStatusCode().withValue(StatusCode.SUCCESS).build())
        .build();
    Response response = createNoAttributeResponseBuilder(successStatus).withoutSigning().build();
    EntityDescriptor entityDescriptor = createEntityDescriptorWithSigningCertificate(TEST_RP_PUBLIC_SIGNING_CERT);

    when(hubMetadataResolver.resolve(any())).thenReturn(ImmutableList.of(entityDescriptor));

    matchingResponseService.convertTranslatedResponseBody(
        responseToBase64StringTransformer.apply(response),
        response.getInResponseTo(),
        LevelOfAssurance.LEVEL_2,
        VERIFY_SERVICE_PROVIDER_ENTITY_ID
    );
}
 

@Test
public void shouldFailValidationWhenHubMetadataDoesNotContainCorrectCertificate() throws Exception {
    expectedException.expect(SamlTransformationErrorException.class);
    expectedException.expectMessage("SAML Validation Specification: Signature was not valid.");

    Status successStatus = aStatus().
        withStatusCode(aStatusCode().withValue(StatusCode.SUCCESS).build())
        .build();
    Response response = signResponse(createNoAttributeResponseBuilder(successStatus), testRpSigningCredential);
    EntityDescriptor entityDescriptor = createEntityDescriptorWithSigningCertificate(TEST_PUBLIC_CERT);

    when(hubMetadataResolver.resolve(any())).thenReturn(ImmutableList.of(entityDescriptor));

    matchingResponseService.convertTranslatedResponseBody(
        responseToBase64StringTransformer.apply(response),
        response.getInResponseTo(),
        LevelOfAssurance.LEVEL_2,
        VERIFY_SERVICE_PROVIDER_ENTITY_ID
    );
}
 

@Test
public void shouldFailWhenUnrecognizedSubStatus() throws Exception {
    expectedException.expect(SamlResponseValidationException.class);
    expectedException.expectMessage("Unknown SAML sub-status: UNKNOWN");

    EntityDescriptor entityDescriptor = createEntityDescriptorWithSigningCertificate(TEST_RP_PUBLIC_SIGNING_CERT);
    when(hubMetadataResolver.resolve(any())).thenReturn(ImmutableList.of(entityDescriptor));

    Status noMatchStatus = aStatus().
        withStatusCode(
            aStatusCode()
                .withValue(StatusCode.RESPONDER)
                .withSubStatusCode(aStatusCode().withValue("UNKNOWN").build())
                .build())
        .build();
    Response response = signResponse(createNoAttributeResponseBuilder(noMatchStatus), testRpSigningCredential);

    matchingResponseService.convertTranslatedResponseBody(
        responseToBase64StringTransformer.apply(response),
        response.getInResponseTo(),
        LevelOfAssurance.LEVEL_2,
        VERIFY_SERVICE_PROVIDER_ENTITY_ID
    );
}
 

@Test
public void shouldHandleAuthenticationFailedSaml() throws Exception {
    EntityDescriptor entityDescriptor = createEntityDescriptorWithSigningCertificate(TEST_RP_PUBLIC_SIGNING_CERT);
    when(hubMetadataResolver.resolve(any())).thenReturn(ImmutableList.of(entityDescriptor));

    Status noMatchStatus = aStatus().
        withStatusCode(
            aStatusCode()
                .withValue(StatusCode.RESPONDER)
                .withSubStatusCode(aStatusCode().withValue(StatusCode.AUTHN_FAILED).build())
                .build())
        .build();
    Response response = signResponse(createNoAttributeResponseBuilder(noMatchStatus), testRpSigningCredential);

    TranslatedMatchingResponseBody result = (TranslatedMatchingResponseBody) matchingResponseService.convertTranslatedResponseBody(
        responseToBase64StringTransformer.apply(response),
        response.getInResponseTo(),
        LevelOfAssurance.LEVEL_2,
        VERIFY_SERVICE_PROVIDER_ENTITY_ID
    );

    assertThat(result.getScenario()).isEqualTo(AUTHENTICATION_FAILED);
}
 

@Test
public void shouldHandleNoAuthnContextSaml() throws Exception {
    EntityDescriptor entityDescriptor = createEntityDescriptorWithSigningCertificate(TEST_RP_PUBLIC_SIGNING_CERT);
    when(hubMetadataResolver.resolve(any())).thenReturn(ImmutableList.of(entityDescriptor));

    Status noMatchStatus = aStatus().
        withStatusCode(
            aStatusCode()
                .withValue(StatusCode.RESPONDER)
                .withSubStatusCode(aStatusCode().withValue(StatusCode.NO_AUTHN_CONTEXT).build())
                .build())
        .build();
    Response response = signResponse(createNoAttributeResponseBuilder(noMatchStatus), testRpSigningCredential);

    TranslatedMatchingResponseBody result = (TranslatedMatchingResponseBody) matchingResponseService.convertTranslatedResponseBody(
        responseToBase64StringTransformer.apply(response),
        response.getInResponseTo(),
        LevelOfAssurance.LEVEL_2,
        VERIFY_SERVICE_PROVIDER_ENTITY_ID
    );

    assertThat(result.getScenario()).isEqualTo(CANCELLATION);
}
 

@Test
public void shouldHandleRequestErrorSaml() throws Exception {
    EntityDescriptor entityDescriptor = createEntityDescriptorWithSigningCertificate(TEST_RP_PUBLIC_SIGNING_CERT);
    when(hubMetadataResolver.resolve(any())).thenReturn(ImmutableList.of(entityDescriptor));

    Status noMatchStatus = aStatus().
        withStatusCode(
            aStatusCode()
                .withValue(StatusCode.RESPONDER)
                .withSubStatusCode(aStatusCode().withValue(StatusCode.REQUESTER).build())
                .build())
        .build();
    Response response = signResponse(createNoAttributeResponseBuilder(noMatchStatus), testRpSigningCredential);

    TranslatedMatchingResponseBody result = (TranslatedMatchingResponseBody) matchingResponseService.convertTranslatedResponseBody(
        responseToBase64StringTransformer.apply(response),
        response.getInResponseTo(),
        LevelOfAssurance.LEVEL_2,
        VERIFY_SERVICE_PROVIDER_ENTITY_ID
    );

    assertThat(result.getScenario()).isEqualTo(REQUEST_ERROR);
}
 

@Test
public void matchingResponseServiceShouldHandleAccountCreationSaml() throws Exception {
    EntityDescriptor entityDescriptor = createEntityDescriptorWithSigningCertificate(TEST_RP_PUBLIC_SIGNING_CERT);
    when(hubMetadataResolver.resolve(any())).thenReturn(ImmutableList.of(entityDescriptor));

    Status successStatus = aStatus().
        withStatusCode(aStatusCode().withValue(StatusCode.SUCCESS).build())
        .build();
    Response response = signResponse(createAttributeResponseBuilder(successStatus), testRpSigningCredential);

    TranslatedMatchingResponseBody result = (TranslatedMatchingResponseBody) matchingResponseService.convertTranslatedResponseBody(
        responseToBase64StringTransformer.apply(response),
        response.getInResponseTo(),
        LevelOfAssurance.LEVEL_2,
        VERIFY_SERVICE_PROVIDER_ENTITY_ID
    );

    assertThat(result.getScenario()).isEqualTo(ACCOUNT_CREATION);
    assertThat(result.getAttributes()).isNotNull();
}
 

@Test
public void matchingResponseServiceShouldHandleSuccessMatchSaml() throws Exception {
    EntityDescriptor entityDescriptor = createEntityDescriptorWithSigningCertificate(TEST_RP_PUBLIC_SIGNING_CERT);
    when(hubMetadataResolver.resolve(any())).thenReturn(ImmutableList.of(entityDescriptor));

    Status successStatus = aStatus().
        withStatusCode(aStatusCode().withValue(StatusCode.SUCCESS).build())
        .build();
    Response response = signResponse(createNoAttributeResponseBuilder(successStatus), testRpSigningCredential);

    TranslatedResponseBody result = matchingResponseService.convertTranslatedResponseBody(
        responseToBase64StringTransformer.apply(response),
        response.getInResponseTo(),
        LevelOfAssurance.LEVEL_2,
        VERIFY_SERVICE_PROVIDER_ENTITY_ID
    );

    assertThat(result).isEqualTo(new TranslatedMatchingResponseBody(
        SUCCESS_MATCH,
        "some-pid",
        LevelOfAssurance.LEVEL_2,
        null
    ));
}
 

private LogoutResponse createLogoutResponse(LogoutRequest logoutRequest,
                                            String statusCode) {
    final StatusCode success = build(StatusCode.DEFAULT_ELEMENT_NAME);
    success.setValue(statusCode);

    final Status status = build(Status.DEFAULT_ELEMENT_NAME);
    status.setStatusCode(success);

    final Issuer me = build(Issuer.DEFAULT_ELEMENT_NAME);
    me.setValue(entityId);

    final LogoutResponse logoutResponse = build(LogoutResponse.DEFAULT_ELEMENT_NAME);
    logoutResponse.setIssuer(me);
    logoutResponse.setID(requestIdManager.newId());
    logoutResponse.setIssueInstant(DateTime.now());
    logoutResponse.setStatus(status);
    logoutResponse.setInResponseTo(logoutRequest.getID());

    return logoutResponse;
}
 

@Override
public TranslatedNonMatchingResponseBody translateResponderCode(StatusCode statusCode) {
    Optional.ofNullable(statusCode.getStatusCode())
        .orElseThrow(() -> new SamlResponseValidationException("Missing status code for non-Success response"));
    String subStatus = statusCode.getStatusCode().getValue();

    switch (subStatus) {
        case StatusCode.REQUESTER:
            return new TranslatedNonMatchingResponseBody(NonMatchingScenario.REQUEST_ERROR, null, null, null);
        case StatusCode.NO_AUTHN_CONTEXT:
            return new TranslatedNonMatchingResponseBody(NonMatchingScenario.NO_AUTHENTICATION, null, null, null);
        case StatusCode.AUTHN_FAILED:
            return new TranslatedNonMatchingResponseBody(NonMatchingScenario.AUTHENTICATION_FAILED, null, null, null);
        default:
            throw new SamlResponseValidationException(String.format("Unknown SAML sub-status: %s", subStatus));
    }
}
 

public static Status createStatus(final String statusCodeValue, final String statusMessage) {
    if (statusBuilder == null) {
        statusBuilder = new StatusBuilder();
    }
    if (statusCodeBuilder == null) {
        statusCodeBuilder = new StatusCodeBuilder();
    }
    if (statusMessageBuilder == null) {
        statusMessageBuilder = new StatusMessageBuilder();
    }

    Status status = statusBuilder.buildObject();

    StatusCode statusCode = statusCodeBuilder.buildObject();
    statusCode.setValue(statusCodeValue);
    status.setStatusCode(statusCode);

    if (statusMessage != null) {
        StatusMessage statusMessageObject = statusMessageBuilder.buildObject();
        statusMessageObject.setMessage(statusMessage);
        status.setStatusMessage(statusMessageObject);
    }

    return status;
}
 

@Override
public TranslatedResponseBody translateResponderCode(StatusCode statusCode) {
    Optional.ofNullable(statusCode.getStatusCode())
        .orElseThrow(() -> new SamlResponseValidationException("Missing status code for non-Success response"));
    String subStatus = statusCode.getStatusCode().getValue();

    switch (subStatus) {
        case SamlStatusCode.NO_MATCH:
            return new TranslatedMatchingResponseBody(MatchingScenario.NO_MATCH, null, null, null);
        case StatusCode.REQUESTER:
            return new TranslatedMatchingResponseBody(MatchingScenario.REQUEST_ERROR, null, null, null);
        case StatusCode.NO_AUTHN_CONTEXT:
            return new TranslatedMatchingResponseBody(MatchingScenario.CANCELLATION, null, null, null);
        case StatusCode.AUTHN_FAILED:
            return new TranslatedMatchingResponseBody(MatchingScenario.AUTHENTICATION_FAILED, null, null, null);
        default:
            throw new SamlResponseValidationException(String.format("Unknown SAML sub-status: %s", subStatus));
    }
}
 

@Test
public void shouldThrowExceptionWhenNonSuccessResponseCalledWithUnrecognisedStatus() {
    expectedException.expect(SamlResponseValidationException.class);
    expectedException.expectMessage("Unknown SAML sub-status: urn:oasis:names:tc:SAML:2.0:status:NoAvailableIDP");

    StatusCode statusCode = aStatusCode()
        .withValue(StatusCode.RESPONDER)
        .withSubStatusCode(aStatusCode().withValue(StatusCode.NO_AVAILABLE_IDP).build())
        .build();
    responderResponseTranslator.translateResponderCode(statusCode);
}
 

/**
 * Decode and validate saml logout invalid response.
 *
 * @throws Throwable the throwable
 */
@Test
public void decodeAndValidateSamlLogoutInvalidResponse() throws Throwable {
  //Retrieve the saml client
  SamlClient client = getKeyCloakClient(false);
  //Retrieve the new encoded logout response with error status
  String encodedLogoutResponse = client.getSamlLogoutResponse(StatusCode.NO_AVAILABLE_IDP);
  SamlLogoutResponse logoutResponse =
      decodeAndValidateSamlLogoutResponse(encodedLogoutResponse, "POST");
  assertTrue(logoutResponse.isNotValid());
}
 

/**
 * Validate status.
 *
 * @param response the response
 * @throws SamlException the saml exception
 */
private static void validateStatus(StatusResponseType response) throws SamlException {

  String statusCode = response.getStatus().getStatusCode().getValue();

  if (!StatusCode.SUCCESS.equals(statusCode)) {
    throw new SamlException("Invalid status code: " + statusCode);
  }
}
 

/**
 * Gets saml logout response.
 *
 * @param status  the status code @See StatusCode.java
 * @param statMsg the status message
 * @return saml logout response
 * @throws SamlException the saml exception
 */
public String getSamlLogoutResponse(final String status, final String statMsg)
    throws SamlException {
  LogoutResponse response = (LogoutResponse) buildSamlObject(LogoutResponse.DEFAULT_ELEMENT_NAME);
  response.setID("z" + UUID.randomUUID().toString()); // ADFS needs IDs to start with a letter

  response.setVersion(SAMLVersion.VERSION_20);
  response.setIssueInstant(DateTime.now());

  Issuer issuer = (Issuer) buildSamlObject(Issuer.DEFAULT_ELEMENT_NAME);
  issuer.setValue(relyingPartyIdentifier);
  response.setIssuer(issuer);

  //Status
  Status stat = (Status) buildSamlObject(Status.DEFAULT_ELEMENT_NAME);
  StatusCode statCode = new StatusCodeBuilder().buildObject();
  statCode.setValue(status);
  stat.setStatusCode(statCode);
  if (statMsg != null) {
    StatusMessage statMessage = new StatusMessageBuilder().buildObject();
    statMessage.setMessage(statMsg);
    stat.setStatusMessage(statMessage);
  }
  response.setStatus(stat);
  //Add a signature into the response
  signSAMLObject(response);

  StringWriter stringWriter;
  try {
    stringWriter = marshallXmlObject(response);
  } catch (MarshallingException ex) {
    throw new SamlException("Error while marshalling SAML request to XML", ex);
  }

  logger.trace("Issuing SAML Logout request: " + stringWriter.toString());

  return Base64.encodeBase64String(stringWriter.toString().getBytes(StandardCharsets.UTF_8));
}
 

@Test
public void shouldReturnScenarioRequestErrorWhenRequesterStatus() {
    StatusCode statusCode = aStatusCode()
        .withValue(StatusCode.RESPONDER)
        .withSubStatusCode(aStatusCode().withValue(StatusCode.REQUESTER).build())
        .build();
    TranslatedResponseBody response = msaAssertionService.translateResponderCode(statusCode);
    assertThat(response.getScenario()).isEqualTo(MatchingScenario.REQUEST_ERROR);
}
 

/**
 * Decode and validate saml logout valid response.
 *
 * @throws Throwable the throwable
 */
@Test
public void decodeAndValidateSamlLogoutValidResponse() throws Throwable {
  //Retrieve the saml client
  SamlClient client = getKeyCloakClient(false);
  //Retrieve the new encoded logout response with valid status
  String encodedLogoutResponse = client.getSamlLogoutResponse(StatusCode.SUCCESS);
  SamlLogoutResponse logoutResponse =
      decodeAndValidateSamlLogoutResponse(encodedLogoutResponse, "POST");
  assertTrue(logoutResponse.isValid());
}
 

/**
 * Decode and validate saml logout valid response with signature.
 *
 * @throws Throwable the throwable
 */
@Test
public void decodeAndValidateSamlLogoutValidResponseWithSignature() throws Throwable {
  //Retrieve the saml client
  SamlClient client = getKeyCloakClient(true);
  //Retrieve the new encoded logout response with valid status
  String encodedLogoutResponse = client.getSamlLogoutResponse(StatusCode.SUCCESS);
  SamlLogoutResponse logoutResponse =
      decodeAndValidateSamlLogoutResponse(encodedLogoutResponse, "POST");
  assertTrue(logoutResponse.isValid());
}
 

/**
 * Gets saml logout response returns an encoded response.
 *
 * @throws Throwable the throwable
 */
@Test
public void getSamlLogoutResponseReturnsAnEncodedResponse() throws Throwable {
  SamlClient client = getKeyCloakClient(false);

  String decoded =
      new String(
          Base64.decodeBase64(client.getSamlLogoutResponse(StatusCode.SUCCESS, null)),
          StandardCharsets.UTF_8);
  assertTrue(decoded.contains(">myidentifier<"));
  assertTrue(decoded.contains(StatusCode.SUCCESS));
}
 

@SuppressWarnings("unchecked")
public static Status createStatus(
    String statusCodeValue,
    String statusMessage
) {
    if (statusBuilder == null) {
        statusBuilder = (SAMLObjectBuilder<Status>)
            builderFactory.getBuilder(Status.DEFAULT_ELEMENT_NAME);
    }
    if (statusCodeBuilder == null) {
        statusCodeBuilder = (SAMLObjectBuilder<StatusCode>)
            builderFactory.getBuilder(StatusCode.DEFAULT_ELEMENT_NAME);
    }
    if (statusMessageBuilder == null) {
        statusMessageBuilder = (SAMLObjectBuilder<StatusMessage>)
            builderFactory.getBuilder(StatusMessage.DEFAULT_ELEMENT_NAME);
    }

    Status status = statusBuilder.buildObject();

    StatusCode statusCode = statusCodeBuilder.buildObject();
    statusCode.setValue(statusCodeValue);
    status.setStatusCode(statusCode);

    if (statusMessage != null) {
        StatusMessage statusMessageObject = statusMessageBuilder.buildObject();
        statusMessageObject.setMessage(statusMessage);
        status.setStatusMessage(statusMessageObject);
    }

    return status;
}
 

@SuppressWarnings("unchecked")
public static Status createStatus(
    String statusCodeValue,
    String statusMessage
) {
    if (statusBuilder == null) {
        statusBuilder = (SAMLObjectBuilder<Status>)
            builderFactory.getBuilder(Status.DEFAULT_ELEMENT_NAME);
    }
    if (statusCodeBuilder == null) {
        statusCodeBuilder = (SAMLObjectBuilder<StatusCode>)
            builderFactory.getBuilder(StatusCode.DEFAULT_ELEMENT_NAME);
    }
    if (statusMessageBuilder == null) {
        statusMessageBuilder = (SAMLObjectBuilder<StatusMessage>)
            builderFactory.getBuilder(StatusMessage.DEFAULT_ELEMENT_NAME);
    }

    Status status = statusBuilder.buildObject();

    StatusCode statusCode = statusCodeBuilder.buildObject();
    statusCode.setValue(statusCodeValue);
    status.setStatusCode(statusCode);

    if (statusMessage != null) {
        StatusMessage statusMessageObject = statusMessageBuilder.buildObject();
        statusMessageObject.setMessage(statusMessage);
        status.setStatusMessage(statusMessageObject);
    }

    return status;
}
 

@SuppressWarnings("unchecked")
public static Status createStatus(
    String statusCodeValue,
    String statusMessage
) {
    if (statusBuilder == null) {
        statusBuilder = (SAMLObjectBuilder<Status>)
            builderFactory.getBuilder(Status.DEFAULT_ELEMENT_NAME);
    }
    if (statusCodeBuilder == null) {
        statusCodeBuilder = (SAMLObjectBuilder<StatusCode>)
            builderFactory.getBuilder(StatusCode.DEFAULT_ELEMENT_NAME);
    }
    if (statusMessageBuilder == null) {
        statusMessageBuilder = (SAMLObjectBuilder<StatusMessage>)
            builderFactory.getBuilder(StatusMessage.DEFAULT_ELEMENT_NAME);
    }

    Status status = statusBuilder.buildObject();

    StatusCode statusCode = statusCodeBuilder.buildObject();
    statusCode.setValue(statusCodeValue);
    status.setStatusCode(statusCode);

    if (statusMessage != null) {
        StatusMessage statusMessageObject = statusMessageBuilder.buildObject();
        statusMessageObject.setMessage(statusMessage);
        status.setStatusMessage(statusMessageObject);
    }

    return status;
}
 

@SuppressWarnings("unchecked")
public static Status createStatus(
    String statusCodeValue,
    String statusMessage
) {
    if (statusBuilder == null) {
        statusBuilder = (SAMLObjectBuilder<Status>)
            builderFactory.getBuilder(Status.DEFAULT_ELEMENT_NAME);
    }
    if (statusCodeBuilder == null) {
        statusCodeBuilder = (SAMLObjectBuilder<StatusCode>)
            builderFactory.getBuilder(StatusCode.DEFAULT_ELEMENT_NAME);
    }
    if (statusMessageBuilder == null) {
        statusMessageBuilder = (SAMLObjectBuilder<StatusMessage>)
            builderFactory.getBuilder(StatusMessage.DEFAULT_ELEMENT_NAME);
    }

    Status status = statusBuilder.buildObject();

    StatusCode statusCode = statusCodeBuilder.buildObject();
    statusCode.setValue(statusCodeValue);
    status.setStatusCode(statusCode);

    if (statusMessage != null) {
        StatusMessage statusMessageObject = statusMessageBuilder.buildObject();
        statusMessageObject.setMessage(statusMessage);
        status.setStatusMessage(statusMessageObject);
    }

    return status;
}