org.apache.xml.security.utils.resolver.ResourceResolverContext Java Examples

The following examples show how to use org.apache.xml.security.utils.resolver.ResourceResolverContext. You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
Source File: DocumentResolver.java    From freehealth-connector with GNU Affero General Public License v3.0 6 votes vote down vote up
public XMLSignatureInput engineResolveURI(ResourceResolverContext context) throws ResourceResolverException {
   String id = context.attr.getNodeValue();
   if (id.startsWith("#")) {
      id = id.substring(1);
   }

   if (LOG.isDebugEnabled()) {
      try {
         LOG.debug("Selected document: " + ConnectorXmlUtils.flatten(ConnectorXmlUtils.toString((Source)(new DOMSource(this.doc)))));
      } catch (TechnicalConnectorException var5) {
         LOG.error(var5.getMessage());
      }
   }

   Node selectedElem = this.doc.getElementById(id);
   if (LOG.isDebugEnabled()) {
      LOG.debug("Try to catch an Element with ID " + id + " and Element was " + selectedElem);
   }

   this.processElement(context.attr, context.baseUri, selectedElem, id);
   XMLSignatureInput result = new XMLSignatureInput(selectedElem);
   result.setExcludeComments(true);
   result.setMIMEType("text/xml");
   result.setSourceURI(context.baseUri != null ? context.baseUri.concat(context.attr.getNodeValue()) : context.attr.getNodeValue());
   return result;
}
 
Example #2
Source File: DetachedSignatureResolverTest.java    From dss with GNU Lesser General Public License v2.1 6 votes vote down vote up
@Test
public void nullListAndNullAttribute() throws ResourceResolverException {
	Exception exception = assertThrows(ResourceResolverException.class, () -> {
		DetachedSignatureResolver resolver = new DetachedSignatureResolver(null, DigestAlgorithm.SHA256);

		Attr attr = null;

		// Empty
		ResourceResolverContext context = new ResourceResolverContext(attr, null, false);
		assertTrue(resolver.engineCanResolveURI(context));

		// will throw ResourceResolverException
		resolver.engineResolveURI(context);
	});
	assertEquals("Unable to find document (detached signature)", exception.getMessage());
}
 
Example #3
Source File: DetachedSignatureResolverTest.java    From dss with GNU Lesser General Public License v2.1 6 votes vote down vote up
@Test
public void nullAttribute() throws ResourceResolverException {
	Exception exception = assertThrows(ResourceResolverException.class, () -> {
		DetachedSignatureResolver resolver = new DetachedSignatureResolver(Collections.<DSSDocument>emptyList(), DigestAlgorithm.SHA256);

		Attr attr = null;

		// Empty
		ResourceResolverContext context = new ResourceResolverContext(attr, null, false);
		assertTrue(resolver.engineCanResolveURI(context));

		// will throw ResourceResolverException
		resolver.engineResolveURI(context);
	});
	assertEquals("Unable to find document (detached signature)", exception.getMessage());
}
 
Example #4
Source File: DetachedSignatureResolverTest.java    From dss with GNU Lesser General Public License v2.1 6 votes vote down vote up
@Test
public void nullAttributeTwoDocs() throws ResourceResolverException {
	Exception exception = assertThrows(ResourceResolverException.class, () -> {
		DetachedSignatureResolver resolver = new DetachedSignatureResolver(
				Arrays.<DSSDocument> asList(new InMemoryDocument(new byte[] { 1, 2, 3 }), new InMemoryDocument(new byte[] { 2, 3 })), DigestAlgorithm.SHA256);

		Attr attr = null;

		ResourceResolverContext context = new ResourceResolverContext(attr, null, false);
		assertTrue(resolver.engineCanResolveURI(context));

		// 2 docs + no name -> exception
		resolver.engineResolveURI(context);
	});
	assertEquals("Unable to find document (detached signature)", exception.getMessage());
}
 
Example #5
Source File: DetachedSignatureResolverTest.java    From dss with GNU Lesser General Public License v2.1 6 votes vote down vote up
@Test
public void emptyAttribute() throws ResourceResolverException {
	Exception exception = assertThrows(ResourceResolverException.class, () -> {
		DetachedSignatureResolver resolver = new DetachedSignatureResolver(Collections.<DSSDocument>emptyList(), DigestAlgorithm.SHA256);

		Attr attr = mock(Attr.class);

		// Empty
		when(attr.getNodeValue()).thenReturn("");
		ResourceResolverContext context = new ResourceResolverContext(attr, null, false);
		assertFalse(resolver.engineCanResolveURI(context));

		// will throw ResourceResolverException
		resolver.engineResolveURI(context);
	});
	assertEquals("Unable to find document (detached signature)", exception.getMessage());
}
 
Example #6
Source File: DetachedSignatureResolverTest.java    From dss with GNU Lesser General Public License v2.1 6 votes vote down vote up
@Test
public void documentNameWithEmptyList() throws ResourceResolverException {
	Exception exception = assertThrows(ResourceResolverException.class, () -> {
		DetachedSignatureResolver resolver = new DetachedSignatureResolver(Collections.<DSSDocument>emptyList(), DigestAlgorithm.SHA256);

		Attr attr = mock(Attr.class);

		// document name + no document in the list
		when(attr.getNodeValue()).thenReturn("sample.xml");
		ResourceResolverContext context = new ResourceResolverContext(attr, null, false);
		assertTrue(resolver.engineCanResolveURI(context));

		// will throw ResourceResolverException
		resolver.engineResolveURI(context);
	});
	assertEquals("Unable to find document (detached signature)", exception.getMessage());
}
 
Example #7
Source File: DetachedSignatureResolverTest.java    From dss with GNU Lesser General Public License v2.1 6 votes vote down vote up
@Test
public void engineCanResolveURIWithWrongDocumentNameInList() throws ResourceResolverException {
	Exception exception = assertThrows(ResourceResolverException.class, () -> {
		DetachedSignatureResolver resolver = new DetachedSignatureResolver(
				Arrays.<DSSDocument>asList(new InMemoryDocument(new byte[] { 1, 2, 3 }, "toto.xml", MimeType.XML)),
				DigestAlgorithm.SHA256);

		Attr attr = mock(Attr.class);

		// document name + wrong document in the list
		when(attr.getNodeValue()).thenReturn("sample.xml");
		ResourceResolverContext context = new ResourceResolverContext(attr, null, false);
		assertTrue(resolver.engineCanResolveURI(context));

		// doc not found -> exception
		resolver.engineResolveURI(context);
	});
	assertEquals("Unable to find document 'sample.xml' (detached signature)", exception.getMessage());
}
 
Example #8
Source File: DocumentResolver.java    From freehealth-connector with GNU Affero General Public License v3.0 6 votes vote down vote up
public XMLSignatureInput engineResolveURI(ResourceResolverContext context) throws ResourceResolverException {
   String id = context.attr.getNodeValue();
   if (id.startsWith("#")) {
      id = id.substring(1);
   }

   if (LOG.isDebugEnabled()) {
      try {
         LOG.debug("Selected document: " + ConnectorXmlUtils.flatten(ConnectorXmlUtils.toString((Source)(new DOMSource(this.doc)))));
      } catch (TechnicalConnectorException var5) {
         LOG.error(var5.getMessage());
      }
   }

   Node selectedElem = this.doc.getElementById(id);
   if (LOG.isDebugEnabled()) {
      LOG.debug("Try to catch an Element with ID " + id + " and Element was " + selectedElem);
   }

   this.processElement(context.attr, context.baseUri, selectedElem, id);
   XMLSignatureInput result = new XMLSignatureInput(selectedElem);
   result.setExcludeComments(true);
   result.setMIMEType("text/xml");
   result.setSourceURI(context.baseUri != null ? context.baseUri.concat(context.attr.getNodeValue()) : context.attr.getNodeValue());
   return result;
}
 
Example #9
Source File: DocumentResolver.java    From freehealth-connector with GNU Affero General Public License v3.0 6 votes vote down vote up
public XMLSignatureInput engineResolveURI(ResourceResolverContext context) throws ResourceResolverException {
   String id = context.attr.getNodeValue();
   if (id.startsWith("#")) {
      id = id.substring(1);
   }

   if (LOG.isDebugEnabled()) {
      try {
         LOG.debug("Selected document: " + ConnectorXmlUtils.flatten(ConnectorXmlUtils.toString((Source)(new DOMSource(this.doc)))));
      } catch (TechnicalConnectorException var5) {
         LOG.error(var5.getMessage());
      }
   }

   Node selectedElem = this.doc.getElementById(id);
   if (LOG.isDebugEnabled()) {
      LOG.debug("Try to catch an Element with ID " + id + " and Element was " + selectedElem);
   }

   this.processElement(context.attr, context.baseUri, selectedElem, id);
   XMLSignatureInput result = new XMLSignatureInput(selectedElem);
   result.setExcludeComments(true);
   result.setMIMEType("text/xml");
   result.setSourceURI(context.baseUri != null ? context.baseUri.concat(context.attr.getNodeValue()) : context.attr.getNodeValue());
   return result;
}
 
Example #10
Source File: DocumentResolver.java    From freehealth-connector with GNU Affero General Public License v3.0 6 votes vote down vote up
public XMLSignatureInput engineResolveURI(ResourceResolverContext context) throws ResourceResolverException {
   String id = context.attr.getNodeValue();
   if (id.startsWith("#")) {
      id = id.substring(1);
   }

   if (LOG.isDebugEnabled()) {
      try {
         LOG.debug("Selected document: " + ConnectorXmlUtils.flatten(ConnectorXmlUtils.toString((Source)(new DOMSource(this.doc)))));
      } catch (TechnicalConnectorException var5) {
         LOG.error(var5.getMessage());
      }
   }

   Node selectedElem = this.doc.getElementById(id);
   if (LOG.isDebugEnabled()) {
      LOG.debug("Try to catch an Element with ID " + id + " and Element was " + selectedElem);
   }

   this.processElement(context.attr, context.baseUri, selectedElem, id);
   XMLSignatureInput result = new XMLSignatureInput(selectedElem);
   result.setExcludeComments(true);
   result.setMIMEType("text/xml");
   result.setSourceURI(context.baseUri != null ? context.baseUri.concat(context.attr.getNodeValue()) : context.attr.getNodeValue());
   return result;
}
 
Example #11
Source File: DocumentResolver.java    From freehealth-connector with GNU Affero General Public License v3.0 6 votes vote down vote up
public XMLSignatureInput engineResolveURI(ResourceResolverContext context) throws ResourceResolverException {
   String id = context.attr.getNodeValue();
   if (id.startsWith("#")) {
      id = id.substring(1);
   }

   if (LOG.isDebugEnabled()) {
      try {
         LOG.debug("Selected document: " + ConnectorXmlUtils.flatten(ConnectorXmlUtils.toString((Source)(new DOMSource(this.doc)))));
      } catch (TechnicalConnectorException var5) {
         LOG.error(var5.getMessage());
      }
   }

   Node selectedElem = this.doc.getElementById(id);
   if (LOG.isDebugEnabled()) {
      LOG.debug("Try to catch an Element with ID " + id + " and Element was " + selectedElem);
   }

   this.processElement(context.attr, context.baseUri, selectedElem, id);
   XMLSignatureInput result = new XMLSignatureInput(selectedElem);
   result.setExcludeComments(true);
   result.setMIMEType("text/xml");
   result.setSourceURI(context.baseUri != null ? context.baseUri.concat(context.attr.getNodeValue()) : context.attr.getNodeValue());
   return result;
}
 
Example #12
Source File: DetachedSignatureResolverTest.java    From dss with GNU Lesser General Public License v2.1 5 votes vote down vote up
@Test
public void engineCanResolveURIWithDocumentNameInList() throws ResourceResolverException {
	DetachedSignatureResolver resolver = new DetachedSignatureResolver(
			Arrays.<DSSDocument>asList(new InMemoryDocument(new byte[] { 1, 2, 3 }, "sample.xml", MimeType.XML)),
			DigestAlgorithm.SHA256);

	Attr attr = mock(Attr.class);

	when(attr.getNodeValue()).thenReturn("sample.xml");
	ResourceResolverContext context = new ResourceResolverContext(attr, null, false);
	assertTrue(resolver.engineCanResolveURI(context));

	assertNotNull(resolver.engineResolveURI(context));
}
 
Example #13
Source File: DetachedSignatureResolverTest.java    From dss with GNU Lesser General Public License v2.1 5 votes vote down vote up
@Test
public void engineCanResolveURIWithDigestDocumentNoName() throws ResourceResolverException {
	DigestDocument doc = new DigestDocument(DigestAlgorithm.SHA256, "abcdef");
	// doc.setName("sample.xml");
	DetachedSignatureResolver resolver = new DetachedSignatureResolver(Arrays.<DSSDocument>asList(doc), DigestAlgorithm.SHA256);

	Attr attr = mock(Attr.class);

	when(attr.getNodeValue()).thenReturn("sample.xml");
	ResourceResolverContext context = new ResourceResolverContext(attr, null, false);
	assertTrue(resolver.engineCanResolveURI(context));

	assertNotNull(resolver.engineResolveURI(context));
}
 
Example #14
Source File: DetachedSignatureResolverTest.java    From dss with GNU Lesser General Public License v2.1 5 votes vote down vote up
@Test
public void engineCanResolveURIWithDocumentNoNameInList() throws ResourceResolverException {
	DetachedSignatureResolver resolver = new DetachedSignatureResolver(Arrays.<DSSDocument>asList(new InMemoryDocument(new byte[] { 1, 2, 3 })),
			DigestAlgorithm.SHA256);

	Attr attr = mock(Attr.class);

	// document name + only one document
	when(attr.getNodeValue()).thenReturn("sample.xml");
	ResourceResolverContext context = new ResourceResolverContext(attr, null, false);
	assertTrue(resolver.engineCanResolveURI(context));

	assertNotNull(resolver.engineResolveURI(context));
}
 
Example #15
Source File: DetachedSignatureResolverTest.java    From dss with GNU Lesser General Public License v2.1 5 votes vote down vote up
@Test
public void engineCanResolveURIWithDocumentNameInListOfMultiples() throws ResourceResolverException {
	DetachedSignatureResolver resolver = new DetachedSignatureResolver(
			Arrays.<DSSDocument>asList(new InMemoryDocument(new byte[] { 1, 2, 3 }, "sample.xml", MimeType.XML),
			new InMemoryDocument(new byte[] { 2, 3 }, "sample2.xml", MimeType.XML)), DigestAlgorithm.SHA256);

	Attr attr = mock(Attr.class);

	when(attr.getNodeValue()).thenReturn("sample.xml");
	ResourceResolverContext context = new ResourceResolverContext(attr, null, false);
	assertTrue(resolver.engineCanResolveURI(context));

	assertNotNull(resolver.engineResolveURI(context));
}
 
Example #16
Source File: DetachedSignatureResolverTest.java    From dss with GNU Lesser General Public License v2.1 5 votes vote down vote up
@Test
public void attributeIsAnchor() {
	DetachedSignatureResolver resolver = new DetachedSignatureResolver(Collections.<DSSDocument>emptyList(), DigestAlgorithm.SHA256);

	Attr attr = mock(Attr.class);

	when(attr.getNodeValue()).thenReturn("#id_tag");
	ResourceResolverContext context = new ResourceResolverContext(attr, null, false);
	assertFalse(resolver.engineCanResolveURI(context));
}
 
Example #17
Source File: DetachedSignatureResolverTest.java    From dss with GNU Lesser General Public License v2.1 5 votes vote down vote up
@Test
public void engineCanResolveURIWithDigestDocument() throws ResourceResolverException {
	DigestDocument doc = new DigestDocument(DigestAlgorithm.SHA256, "abcdef");
	doc.setName("sample.xml");
	DetachedSignatureResolver resolver = new DetachedSignatureResolver(Arrays.<DSSDocument>asList(doc), DigestAlgorithm.SHA256);

	Attr attr = mock(Attr.class);

	when(attr.getNodeValue()).thenReturn("sample.xml");
	ResourceResolverContext context = new ResourceResolverContext(attr, null, false);
	assertTrue(resolver.engineCanResolveURI(context));

	assertNotNull(resolver.engineResolveURI(context));
}
 
Example #18
Source File: DetachedSignatureResolverTest.java    From dss with GNU Lesser General Public License v2.1 5 votes vote down vote up
@Test
public void nullAttributeOneDoc() throws ResourceResolverException {
	DetachedSignatureResolver resolver = new DetachedSignatureResolver(Arrays.<DSSDocument>asList(new InMemoryDocument(new byte[] { 1, 2, 3 })),
			DigestAlgorithm.SHA256);

	Attr attr = null;

	ResourceResolverContext context = new ResourceResolverContext(attr, null, false);
	assertTrue(resolver.engineCanResolveURI(context));

	assertNotNull(resolver.engineResolveURI(context));
}
 
Example #19
Source File: DocumentResolver.java    From freehealth-connector with GNU Affero General Public License v3.0 5 votes vote down vote up
public boolean engineCanResolveURI(ResourceResolverContext context) {
   String id = context.attr.getNodeValue();
   if (id.startsWith("#")) {
      id = id.substring(1);
   }

   LOG.debug("Searching deep for id [" + id + "]");
   if (this.hasAttribute(this.doc.getDocumentElement(), id)) {
      LOG.debug("Found id [" + id + "] deep in document");
      return true;
   } else {
      LOG.debug("Unable resolve attribute with id [" + id + "]");
      return false;
   }
}
 
Example #20
Source File: DetachedSignatureResolver.java    From dss with GNU Lesser General Public License v2.1 5 votes vote down vote up
@Override
public XMLSignatureInput engineResolveURI(ResourceResolverContext context) throws ResourceResolverException {
	DSSDocument document = getCurrentDocument(context);
	if (document instanceof DigestDocument) {
		DigestDocument digestDoc = (DigestDocument) document;
		return new XMLSignatureInput(digestDoc.getDigest(digestAlgorithm));
	} else {
		return createFromCommonDocument(document);
	}
}
 
Example #21
Source File: OtherSignerTests.java    From xades4j with GNU Lesser General Public License v3.0 5 votes vote down vote up
@Override
public XMLSignatureInput engineResolveURI(ResourceResolverContext context) throws ResourceResolverException
{
    XMLSignatureInput input = new XMLSignatureInput(context.attr.getValue().getBytes());
    resolveCount++;
    return input;
}
 
Example #22
Source File: DocumentResolver.java    From freehealth-connector with GNU Affero General Public License v3.0 5 votes vote down vote up
public boolean engineCanResolveURI(ResourceResolverContext context) {
   String id = context.attr.getNodeValue();
   if (id.startsWith("#")) {
      id = id.substring(1);
   }

   LOG.debug("Searching deep for id [" + id + "]");
   if (this.hasAttribute(this.doc.getDocumentElement(), id)) {
      LOG.debug("Found id [" + id + "] deep in document");
      return true;
   } else {
      LOG.debug("Unable resolve attribute with id [" + id + "]");
      return false;
   }
}
 
Example #23
Source File: DocumentResolver.java    From freehealth-connector with GNU Affero General Public License v3.0 5 votes vote down vote up
public boolean engineCanResolveURI(ResourceResolverContext context) {
   String id = context.attr.getNodeValue();
   if (id.startsWith("#")) {
      id = id.substring(1);
   }

   LOG.debug("Searching deep for id [" + id + "]");
   if (this.hasAttribute(this.doc.getDocumentElement(), id)) {
      LOG.debug("Found id [" + id + "] deep in document");
      return true;
   } else {
      LOG.debug("Unable resolve attribute with id [" + id + "]");
      return false;
   }
}
 
Example #24
Source File: DocumentResolver.java    From freehealth-connector with GNU Affero General Public License v3.0 5 votes vote down vote up
public boolean engineCanResolveURI(ResourceResolverContext context) {
   String id = context.attr.getNodeValue();
   if (id.startsWith("#")) {
      id = id.substring(1);
   }

   LOG.debug("Searching deep for id [" + id + "]");
   if (this.hasAttribute(this.doc.getDocumentElement(), id)) {
      LOG.debug("Found id [" + id + "] deep in document");
      return true;
   } else {
      LOG.debug("Unable resolve attribute with id [" + id + "]");
      return false;
   }
}
 
Example #25
Source File: DocumentResolver.java    From freehealth-connector with GNU Affero General Public License v3.0 5 votes vote down vote up
public boolean engineCanResolveURI(ResourceResolverContext context) {
   String id = context.attr.getNodeValue();
   if (id.startsWith("#")) {
      id = id.substring(1);
   }

   LOG.debug("Searching deep for id [" + id + "]");
   if (this.hasAttribute(this.doc.getDocumentElement(), id)) {
      LOG.debug("Found id [" + id + "] deep in document");
      return true;
   } else {
      LOG.debug("Unable resolve attribute with id [" + id + "]");
      return false;
   }
}
 
Example #26
Source File: EnforcedResolverFragment.java    From dss with GNU Lesser General Public License v2.1 4 votes vote down vote up
@Override
public boolean engineCanResolveURI(ResourceResolverContext context) {
	return checkValueForXpathInjection(context.uriToResolve) && super.engineCanResolveURI(context);
}
 
Example #27
Source File: DetachedSignatureResolver.java    From dss with GNU Lesser General Public License v2.1 4 votes vote down vote up
private boolean definedFilename(ResourceResolverContext context) {
	Attr uriAttr = context.attr;
	return uriAttr != null && Utils.isStringNotBlank(uriAttr.getNodeValue()) && !uriAttr.getNodeValue().startsWith("#");
}
 
Example #28
Source File: DetachedSignatureResolver.java    From dss with GNU Lesser General Public License v2.1 4 votes vote down vote up
private boolean nullURI(ResourceResolverContext context) {
	return context.attr == null;
}
 
Example #29
Source File: DetachedSignatureResolver.java    From dss with GNU Lesser General Public License v2.1 4 votes vote down vote up
@Override
public boolean engineCanResolveURI(ResourceResolverContext context) {
	return (nullURI(context) || definedFilename(context));
}
 
Example #30
Source File: OtherSignerTests.java    From xades4j with GNU Lesser General Public License v3.0 4 votes vote down vote up
@Override
public boolean engineCanResolveURI(ResourceResolverContext context)
{
    return context.attr.getValue().startsWith("xades4j:");
}