Java Code Examples for org.apache.cxf.helpers.DOMUtils#getFirstChildWithName()
The following examples show how to use
org.apache.cxf.helpers.DOMUtils#getFirstChildWithName() .
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
| Source File: SecurityToken.java From steady with Apache License 2.0 | 6 votes |
|
/**
* @param lifetimeElem
* @throws TrustException
*/
private void processLifeTime(Element lifetimeElem) {
try {
Element createdElem =
DOMUtils.getFirstChildWithName(lifetimeElem,
WSConstants.WSU_NS,
WSConstants.CREATED_LN);
DateFormat zulu = new XmlSchemaDateFormat();
this.created = zulu.parse(DOMUtils.getContent(createdElem));
Element expiresElem =
DOMUtils.getFirstChildWithName(lifetimeElem,
WSConstants.WSU_NS,
WSConstants.EXPIRES_LN);
this.expires = zulu.parse(DOMUtils.getContent(expiresElem));
} catch (ParseException e) {
//shouldn't happen
}
}
Example 2
| Source File: SecurityToken.java From cxf with Apache License 2.0 | 6 votes |
|
/**
* @param lifetimeElem
* @throws TrustException
*/
private void processLifeTime(Element lifetimeElem) {
try {
Element createdElem =
DOMUtils.getFirstChildWithName(lifetimeElem,
WSS4JConstants.WSU_NS,
WSS4JConstants.CREATED_LN);
if (createdElem == null) {
// The spec says that if there is no Created Element in the Lifetime, then take the current time
this.created = Instant.now();
} else {
this.created = ZonedDateTime.parse(DOMUtils.getContent(createdElem)).toInstant();
}
Element expiresElem =
DOMUtils.getFirstChildWithName(lifetimeElem,
WSS4JConstants.WSU_NS,
WSS4JConstants.EXPIRES_LN);
if (expiresElem != null) {
this.expires = ZonedDateTime.parse(DOMUtils.getContent(expiresElem)).toInstant();
}
} catch (DateTimeParseException e) {
//shouldn't happen
}
}
Example 3
| Source File: SecurityToken.java From steady with Apache License 2.0 | 6 votes |
|
/**
* @param lifetimeElem
* @throws TrustException
*/
private void processLifeTime(Element lifetimeElem) {
try {
Element createdElem =
DOMUtils.getFirstChildWithName(lifetimeElem,
WSConstants.WSU_NS,
WSConstants.CREATED_LN);
DateFormat zulu = new XmlSchemaDateFormat();
this.created = zulu.parse(DOMUtils.getContent(createdElem));
Element expiresElem =
DOMUtils.getFirstChildWithName(lifetimeElem,
WSConstants.WSU_NS,
WSConstants.EXPIRES_LN);
this.expires = zulu.parse(DOMUtils.getContent(expiresElem));
} catch (ParseException e) {
//shouldn't happen
}
}
Example 4
| Source File: JettyServerEngineFactoryParser.java From cxf with Apache License 2.0 | 6 votes |
|
protected Metadata parseEngineHandlers(List<Element> engines, ComponentMetadata enclosingComponent,
ParserContext context) {
MutableMapMetadata map = context.createMetadata(MutableMapMetadata.class);
map.setKeyType("java.lang.String");
map.setValueType("java.util.List");
for (Element engine : engines) {
String port = engine.getAttribute("port");
ValueMetadata keyValue = createValue(context, port);
Element handlers = DOMUtils
.getFirstChildWithName(engine, HTTPJettyTransportNamespaceHandler.JETTY_TRANSPORT,
"handlers");
if (handlers != null) {
Metadata valValue = parseListData(context, enclosingComponent, handlers);
map.addEntry(keyValue, valValue);
}
}
return map;
}
Example 5
| Source File: RequiredPartsPolicyValidator.java From cxf with Apache License 2.0 | 5 votes |
|
/**
* Validate policies.
*/
public void validatePolicies(PolicyValidatorParameters parameters, Collection<AssertionInfo> ais) {
Element header = parameters.getSoapHeader();
for (AssertionInfo ai : ais) {
RequiredParts rp = (RequiredParts)ai.getAssertion();
ai.setAsserted(true);
for (Header h : rp.getHeaders()) {
QName qName = new QName(h.getNamespace(), h.getName());
if (header == null || DOMUtils.getFirstChildWithName(header, qName) == null) {
ai.setNotAsserted("No header element of name " + qName + " found.");
}
}
}
}
Example 6
| Source File: SourceGenerator.java From cxf with Apache License 2.0 | 5 votes |
|
private String getDocText(Element el) {
Element doc = DOMUtils.getFirstChildWithName(el, getWadlNamespace(), "doc");
if (doc != null) {
return DOMUtils.getContent(doc);
}
return null;
}
Example 7
| Source File: SAML2ITCase.java From syncope with Apache License 2.0 | 5 votes |
|
@Test
public void spMetadata() {
assumeTrue(SAML2SPDetector.isSAML2SPAvailable());
try {
SAML2SPService service = anonymous.getService(SAML2SPService.class);
WebClient.client(service).accept(MediaType.APPLICATION_XML_TYPE);
Response response = service.getMetadata(ADDRESS, "saml2sp");
assertNotNull(response);
Document responseDoc = StaxUtils.read(
new InputStreamReader((InputStream) response.getEntity(), StandardCharsets.UTF_8));
assertEquals("EntityDescriptor", responseDoc.getDocumentElement().getLocalName());
assertEquals("urn:oasis:names:tc:SAML:2.0:metadata", responseDoc.getDocumentElement().getNamespaceURI());
// Get the signature
QName signatureQName = new QName(SignatureConstants.XMLSIG_NS, "Signature");
Element signatureElement =
DOMUtils.getFirstChildWithName(responseDoc.getDocumentElement(), signatureQName);
assertNotNull(signatureElement);
// Validate the signature
XMLSignature signature = new XMLSignature(signatureElement, null);
KeyStore keystore = KeyStore.getInstance("JKS");
keystore.load(Loader.getResourceAsStream("keystore"), "changeit".toCharArray());
assertTrue(signature.checkSignatureValue((X509Certificate) keystore.getCertificate("sp")));
} catch (Exception e) {
LOG.error("During SAML 2.0 SP metadata parsing", e);
fail(e::getMessage);
}
}
Example 8
| Source File: JavaFirstPolicyServiceTest.java From cxf with Apache License 2.0 | 5 votes |
|
private String getOperationPolicyReferenceId(Element operationElement, String policyNamespace) {
Element policyReference = DOMUtils.getFirstChildWithName(operationElement, policyNamespace,
"PolicyReference");
if (policyReference != null) {
return policyReference.getAttributeNS(null, "URI");
}
return null;
}
Example 9
| Source File: SecurityContextTokenBuilder.java From steady with Apache License 2.0 | 4 votes |
|
public Assertion build(Element element, AssertionBuilderFactory factory)
throws IllegalArgumentException {
SPConstants consts = SP11Constants.SP_NS.equals(element.getNamespaceURI())
? SP11Constants.INSTANCE : SP12Constants.INSTANCE;
SecurityContextToken contextToken = new SecurityContextToken(consts);
String includeAttr = DOMUtils.getAttribute(element, consts.getIncludeToken());
if (includeAttr != null) {
contextToken.setInclusion(consts.getInclusionFromAttributeValue(includeAttr));
}
element = PolicyConstants.findPolicyElement(element);
if (element == null && consts != SP11Constants.INSTANCE) {
throw new IllegalArgumentException(
"sp:SecurityContextToken/wsp:Policy must have a value"
);
}
if (element != null) {
if (DOMUtils.getFirstChildWithName(element,
consts.getNamespace(),
SPConstants.REQUIRE_DERIVED_KEYS) != null) {
contextToken.setDerivedKeys(true);
}
if (DOMUtils.getFirstChildWithName(element,
consts.getNamespace(),
SPConstants.REQUIRE_EXTERNAL_URI_REFERENCE) != null) {
contextToken.setRequireExternalUriRef(true);
}
if (DOMUtils.getFirstChildWithName(element,
consts.getNamespace(),
SPConstants.SC10_SECURITY_CONTEXT_TOKEN) != null) {
contextToken.setSc10SecurityContextToken(true);
}
if (DOMUtils.getFirstChildWithName(element,
consts.getNamespace(),
SPConstants.SC13_SECURITY_CONTEXT_TOKEN) != null) {
contextToken.setSc13SecurityContextToken(true);
}
}
return contextToken;
}
Example 10
| Source File: X509TokenBuilder.java From steady with Apache License 2.0 | 4 votes |
|
public Assertion build(Element element, AssertionBuilderFactory factory)
throws IllegalArgumentException {
SPConstants consts = SP11Constants.SP_NS.equals(element.getNamespaceURI())
? SP11Constants.INSTANCE : SP12Constants.INSTANCE;
X509Token x509Token = new X509Token(consts);
x509Token.setOptional(PolicyConstants.isOptional(element));
x509Token.setIgnorable(PolicyConstants.isIgnorable(element));
Element policyElement = DOMUtils.getFirstElement(element);
if (policyElement == null && consts != SP11Constants.INSTANCE) {
throw new IllegalArgumentException(
"sp:X509Token/wsp:Policy must have a value"
);
}
// Process token inclusion
String includeAttr = DOMUtils.getAttribute(element, consts.getIncludeToken());
if (includeAttr != null) {
SPConstants.IncludeTokenType inclusion
= consts.getInclusionFromAttributeValue(includeAttr);
x509Token.setInclusion(inclusion);
}
if (policyElement != null) {
if (DOMUtils.getFirstChildWithName(policyElement, consts.getRequiredDerivedKeys()) != null) {
x509Token.setDerivedKeys(true);
} else if (DOMUtils.getFirstChildWithName(policyElement,
SP12Constants.REQUIRE_IMPLIED_DERIVED_KEYS) != null) {
x509Token.setImpliedDerivedKeys(true);
} else if (DOMUtils.getFirstChildWithName(policyElement,
SP12Constants.REQUIRE_EXPLICIT_DERIVED_KEYS) != null) {
x509Token.setExplicitDerivedKeys(true);
}
}
Policy policy = builder.getPolicy(DOMUtils.getFirstElement(element));
policy = policy.normalize(builder.getPolicyRegistry(), false);
for (Iterator<List<Assertion>> iterator = policy.getAlternatives(); iterator.hasNext();) {
processAlternative(iterator.next(), x509Token, consts);
/*
* since there should be only one alternative
*/
break;
}
return x509Token;
}
Example 11
| Source File: Trust13Builder.java From steady with Apache License 2.0 | 4 votes |
|
public Assertion build(Element element, AssertionBuilderFactory factory) {
element = PolicyConstants.findPolicyElement(element);
if (element == null) {
throw new IllegalArgumentException(
"Trust13 assertion doesn't contain any Policy");
}
Trust13 trust13 = new Trust13(SP12Constants.INSTANCE);
if (DOMUtils
.getFirstChildWithName(element, SP12Constants.MUST_SUPPORT_CLIENT_CHALLENGE) != null) {
trust13.setMustSupportClientChallenge(true);
}
if (DOMUtils
.getFirstChildWithName(element, SP12Constants.MUST_SUPPORT_SERVER_CHALLENGE) != null) {
trust13.setMustSupportServerChallenge(true);
}
if (DOMUtils.getFirstChildWithName(element, SP12Constants.REQUIRE_CLIENT_ENTROPY) != null) {
trust13.setRequireClientEntropy(true);
}
if (DOMUtils.getFirstChildWithName(element, SP12Constants.REQUIRE_SERVER_ENTROPY) != null) {
trust13.setRequireServerEntropy(true);
}
if (DOMUtils.getFirstChildWithName(element, SP12Constants.MUST_SUPPORT_ISSUED_TOKENS) != null) {
trust13.setMustSupportIssuedTokens(true);
}
if (DOMUtils.getFirstChildWithName(element,
SP12Constants.REQUIRE_REQUEST_SECURITY_TOKEN_COLLECTION) != null) {
trust13.setRequireRequestSecurityTokenCollection(true);
}
if (DOMUtils.getFirstChildWithName(element, SP12Constants.REQUIRE_APPLIES_TO) != null) {
trust13.setRequireAppliesTo(true);
}
return trust13;
}
Example 12
| Source File: STSClient.java From steady with Apache License 2.0 | 4 votes |
|
protected List<SecurityToken> validateSecurityToken(SecurityToken tok, String tokentype)
throws Exception {
STSResponse response = validate(tok, tokentype);
Element el = getDocumentElement(response.getResponse());
if ("RequestSecurityTokenResponseCollection".equals(el.getLocalName())) {
el = DOMUtils.getFirstElement(el);
}
if (!"RequestSecurityTokenResponse".equals(el.getLocalName())) {
throw new Fault("Unexpected element " + el.getLocalName(), LOG);
}
el = DOMUtils.getFirstElement(el);
String reason = null;
boolean valid = false;
List<SecurityToken> tokens = new LinkedList<SecurityToken>();
while (el != null) {
if ("Status".equals(el.getLocalName())) {
Element e2 = DOMUtils.getFirstChildWithName(el, el.getNamespaceURI(), "Code");
String s = DOMUtils.getContent(e2);
valid = s.endsWith("/status/valid");
e2 = DOMUtils.getFirstChildWithName(el, el.getNamespaceURI(), "Reason");
if (e2 != null) {
reason = DOMUtils.getContent(e2);
}
} else if ("RequestedSecurityToken".equals(el.getLocalName())) {
Element requestedSecurityTokenElement = DOMUtils.getFirstElement(el);
String id = findID(null, null, requestedSecurityTokenElement);
if (StringUtils.isEmpty(id)) {
throw new TrustException("NO_ID", LOG);
}
SecurityToken requestedSecurityToken = new SecurityToken(id);
requestedSecurityToken.setToken(requestedSecurityTokenElement);
tokens.add(requestedSecurityToken);
}
el = DOMUtils.getNextElement(el);
}
if (!valid) {
throw new TrustException(LOG, "VALIDATION_FAILED", reason);
}
if (tokens.isEmpty()) {
tokens.add(tok);
}
return tokens;
}
Example 13
| Source File: X509TokenBuilder.java From steady with Apache License 2.0 | 4 votes |
|
public Assertion build(Element element, AssertionBuilderFactory factory)
throws IllegalArgumentException {
SPConstants consts = SP11Constants.SP_NS.equals(element.getNamespaceURI())
? SP11Constants.INSTANCE : SP12Constants.INSTANCE;
X509Token x509Token = new X509Token(consts);
x509Token.setOptional(PolicyConstants.isOptional(element));
x509Token.setIgnorable(PolicyConstants.isIgnorable(element));
Element policyElement = DOMUtils.getFirstElement(element);
if (policyElement == null && consts != SP11Constants.INSTANCE) {
throw new IllegalArgumentException(
"sp:X509Token/wsp:Policy must have a value"
);
}
// Process token inclusion
String includeAttr = DOMUtils.getAttribute(element, consts.getIncludeToken());
if (includeAttr != null) {
SPConstants.IncludeTokenType inclusion
= consts.getInclusionFromAttributeValue(includeAttr);
x509Token.setInclusion(inclusion);
}
if (policyElement != null) {
if (DOMUtils.getFirstChildWithName(policyElement, consts.getRequiredDerivedKeys()) != null) {
x509Token.setDerivedKeys(true);
} else if (DOMUtils.getFirstChildWithName(policyElement,
SP12Constants.REQUIRE_IMPLIED_DERIVED_KEYS) != null) {
x509Token.setImpliedDerivedKeys(true);
} else if (DOMUtils.getFirstChildWithName(policyElement,
SP12Constants.REQUIRE_EXPLICIT_DERIVED_KEYS) != null) {
x509Token.setExplicitDerivedKeys(true);
}
}
Policy policy = builder.getPolicy(DOMUtils.getFirstElement(element));
policy = policy.normalize(builder.getPolicyRegistry(), false);
for (Iterator<List<Assertion>> iterator = policy.getAlternatives(); iterator.hasNext();) {
processAlternative(iterator.next(), x509Token, consts);
/*
* since there should be only one alternative
*/
break;
}
return x509Token;
}
Example 14
| Source File: SecureConversationTokenBuilder.java From steady with Apache License 2.0 | 4 votes |
|
public Assertion build(Element element, AssertionBuilderFactory factory)
throws IllegalArgumentException {
SPConstants consts = SP11Constants.SP_NS.equals(element.getNamespaceURI())
? SP11Constants.INSTANCE : SP12Constants.INSTANCE;
SecureConversationToken conversationToken = new SecureConversationToken(consts);
conversationToken.setOptional(PolicyConstants.isOptional(element));
conversationToken.setIgnorable(PolicyConstants.isIgnorable(element));
String attribute = DOMUtils.getAttribute(element, consts.getIncludeToken());
if (attribute != null) {
conversationToken.setInclusion(consts.getInclusionFromAttributeValue(attribute.trim()));
}
Element elem = DOMUtils.getFirstElement(element);
boolean foundPolicy = false;
while (elem != null) {
QName qn = DOMUtils.getElementQName(elem);
if (Constants.isPolicyElement(qn)) {
foundPolicy = true;
if (DOMUtils.getFirstChildWithName(elem,
consts.getNamespace(),
SPConstants.REQUIRE_DERIVED_KEYS) != null) {
conversationToken.setDerivedKeys(true);
} else if (DOMUtils.getFirstChildWithName(elem,
SP12Constants
.REQUIRE_IMPLIED_DERIVED_KEYS)
!= null) {
conversationToken.setImpliedDerivedKeys(true);
} else if (DOMUtils.getFirstChildWithName(elem,
SP12Constants
.REQUIRE_EXPLICIT_DERIVED_KEYS)
!= null) {
conversationToken.setExplicitDerivedKeys(true);
}
if (DOMUtils.getFirstChildWithName(elem,
consts.getNamespace(),
SPConstants.REQUIRE_EXTERNAL_URI_REFERENCE) != null) {
conversationToken.setRequireExternalUriRef(true);
}
if (DOMUtils.getFirstChildWithName(elem,
consts.getNamespace(),
SPConstants.SC10_SECURITY_CONTEXT_TOKEN) != null) {
conversationToken.setSc10SecurityContextToken(true);
}
if (DOMUtils.getFirstChildWithName(elem,
consts.getNamespace(),
SPConstants.SC13_SECURITY_CONTEXT_TOKEN) != null) {
conversationToken.setSc13SecurityContextToken(true);
}
Element bootstrapPolicyElement = DOMUtils.getFirstChildWithName(elem,
consts.getNamespace(),
SPConstants.BOOTSTRAP_POLICY);
if (bootstrapPolicyElement != null) {
Policy policy = builder.getPolicy(DOMUtils.getFirstElement(bootstrapPolicyElement));
conversationToken.setBootstrapPolicy(policy);
}
} else if (consts.getNamespace().equals(qn.getNamespaceURI())
&& SPConstants.ISSUER.equals(qn.getLocalPart())) {
conversationToken.setIssuerEpr(DOMUtils.getFirstElement(elem));
}
elem = DOMUtils.getNextElement(elem);
}
if (!foundPolicy && consts != SP11Constants.INSTANCE) {
throw new IllegalArgumentException(
"sp:SecureConversationToken/wsp:Policy must have a value"
);
}
return conversationToken;
}
Example 15
| Source File: Trust13Builder.java From steady with Apache License 2.0 | 4 votes |
|
public Assertion build(Element element, AssertionBuilderFactory factory) {
element = PolicyConstants.findPolicyElement(element);
if (element == null) {
throw new IllegalArgumentException(
"Trust13 assertion doesn't contain any Policy");
}
Trust13 trust13 = new Trust13(SP12Constants.INSTANCE);
if (DOMUtils
.getFirstChildWithName(element, SP12Constants.MUST_SUPPORT_CLIENT_CHALLENGE) != null) {
trust13.setMustSupportClientChallenge(true);
}
if (DOMUtils
.getFirstChildWithName(element, SP12Constants.MUST_SUPPORT_SERVER_CHALLENGE) != null) {
trust13.setMustSupportServerChallenge(true);
}
if (DOMUtils.getFirstChildWithName(element, SP12Constants.REQUIRE_CLIENT_ENTROPY) != null) {
trust13.setRequireClientEntropy(true);
}
if (DOMUtils.getFirstChildWithName(element, SP12Constants.REQUIRE_SERVER_ENTROPY) != null) {
trust13.setRequireServerEntropy(true);
}
if (DOMUtils.getFirstChildWithName(element, SP12Constants.MUST_SUPPORT_ISSUED_TOKENS) != null) {
trust13.setMustSupportIssuedTokens(true);
}
if (DOMUtils.getFirstChildWithName(element,
SP12Constants.REQUIRE_REQUEST_SECURITY_TOKEN_COLLECTION) != null) {
trust13.setRequireRequestSecurityTokenCollection(true);
}
if (DOMUtils.getFirstChildWithName(element, SP12Constants.REQUIRE_APPLIES_TO) != null) {
trust13.setRequireAppliesTo(true);
}
return trust13;
}
Example 16
| Source File: SecurityContextTokenBuilder.java From steady with Apache License 2.0 | 4 votes |
|
public Assertion build(Element element, AssertionBuilderFactory factory)
throws IllegalArgumentException {
SPConstants consts = SP11Constants.SP_NS.equals(element.getNamespaceURI())
? SP11Constants.INSTANCE : SP12Constants.INSTANCE;
SecurityContextToken contextToken = new SecurityContextToken(consts);
String includeAttr = DOMUtils.getAttribute(element, consts.getIncludeToken());
if (includeAttr != null) {
contextToken.setInclusion(consts.getInclusionFromAttributeValue(includeAttr));
}
element = PolicyConstants.findPolicyElement(element);
if (element == null && consts != SP11Constants.INSTANCE) {
throw new IllegalArgumentException(
"sp:SecurityContextToken/wsp:Policy must have a value"
);
}
if (element != null) {
if (DOMUtils.getFirstChildWithName(element,
consts.getNamespace(),
SPConstants.REQUIRE_DERIVED_KEYS) != null) {
contextToken.setDerivedKeys(true);
}
if (DOMUtils.getFirstChildWithName(element,
consts.getNamespace(),
SPConstants.REQUIRE_EXTERNAL_URI_REFERENCE) != null) {
contextToken.setRequireExternalUriRef(true);
}
if (DOMUtils.getFirstChildWithName(element,
consts.getNamespace(),
SPConstants.SC10_SECURITY_CONTEXT_TOKEN) != null) {
contextToken.setSc10SecurityContextToken(true);
}
if (DOMUtils.getFirstChildWithName(element,
consts.getNamespace(),
SPConstants.SC13_SECURITY_CONTEXT_TOKEN) != null) {
contextToken.setSc13SecurityContextToken(true);
}
}
return contextToken;
}
Example 17
| Source File: X509TokenBuilder.java From steady with Apache License 2.0 | 4 votes |
|
public Assertion build(Element element, AssertionBuilderFactory factory)
throws IllegalArgumentException {
SPConstants consts = SP11Constants.SP_NS.equals(element.getNamespaceURI())
? SP11Constants.INSTANCE : SP12Constants.INSTANCE;
X509Token x509Token = new X509Token(consts);
x509Token.setOptional(PolicyConstants.isOptional(element));
x509Token.setIgnorable(PolicyConstants.isIgnorable(element));
Element policyElement = DOMUtils.getFirstElement(element);
if (policyElement == null && consts != SP11Constants.INSTANCE) {
throw new IllegalArgumentException(
"sp:X509Token/wsp:Policy must have a value"
);
}
// Process token inclusion
String includeAttr = DOMUtils.getAttribute(element, consts.getIncludeToken());
if (includeAttr != null) {
SPConstants.IncludeTokenType inclusion
= consts.getInclusionFromAttributeValue(includeAttr);
x509Token.setInclusion(inclusion);
}
if (policyElement != null) {
if (DOMUtils.getFirstChildWithName(policyElement, consts.getRequiredDerivedKeys()) != null) {
x509Token.setDerivedKeys(true);
} else if (DOMUtils.getFirstChildWithName(policyElement,
SP12Constants.REQUIRE_IMPLIED_DERIVED_KEYS) != null) {
x509Token.setImpliedDerivedKeys(true);
} else if (DOMUtils.getFirstChildWithName(policyElement,
SP12Constants.REQUIRE_EXPLICIT_DERIVED_KEYS) != null) {
x509Token.setExplicitDerivedKeys(true);
}
}
Policy policy = builder.getPolicy(DOMUtils.getFirstElement(element));
policy = policy.normalize(builder.getPolicyRegistry(), false);
for (Iterator<List<Assertion>> iterator = policy.getAlternatives(); iterator.hasNext();) {
processAlternative(iterator.next(), x509Token, consts);
/*
* since there should be only one alternative
*/
break;
}
return x509Token;
}
Example 18
| Source File: SecurityContextTokenBuilder.java From steady with Apache License 2.0 | 4 votes |
|
public Assertion build(Element element, AssertionBuilderFactory factory)
throws IllegalArgumentException {
SPConstants consts = SP11Constants.SP_NS.equals(element.getNamespaceURI())
? SP11Constants.INSTANCE : SP12Constants.INSTANCE;
SecurityContextToken contextToken = new SecurityContextToken(consts);
String includeAttr = DOMUtils.getAttribute(element, consts.getIncludeToken());
if (includeAttr != null) {
contextToken.setInclusion(consts.getInclusionFromAttributeValue(includeAttr));
}
element = PolicyConstants.findPolicyElement(element);
if (element == null && consts != SP11Constants.INSTANCE) {
throw new IllegalArgumentException(
"sp:SecurityContextToken/wsp:Policy must have a value"
);
}
if (element != null) {
if (DOMUtils.getFirstChildWithName(element,
consts.getNamespace(),
SPConstants.REQUIRE_DERIVED_KEYS) != null) {
contextToken.setDerivedKeys(true);
}
if (DOMUtils.getFirstChildWithName(element,
consts.getNamespace(),
SPConstants.REQUIRE_EXTERNAL_URI_REFERENCE) != null) {
contextToken.setRequireExternalUriRef(true);
}
if (DOMUtils.getFirstChildWithName(element,
consts.getNamespace(),
SPConstants.SC10_SECURITY_CONTEXT_TOKEN) != null) {
contextToken.setSc10SecurityContextToken(true);
}
if (DOMUtils.getFirstChildWithName(element,
consts.getNamespace(),
SPConstants.SC13_SECURITY_CONTEXT_TOKEN) != null) {
contextToken.setSc13SecurityContextToken(true);
}
}
return contextToken;
}
Example 19
| Source File: Trust13Builder.java From steady with Apache License 2.0 | 4 votes |
|
public Assertion build(Element element, AssertionBuilderFactory factory) {
element = PolicyConstants.findPolicyElement(element);
if (element == null) {
throw new IllegalArgumentException(
"Trust13 assertion doesn't contain any Policy");
}
Trust13 trust13 = new Trust13(SP12Constants.INSTANCE);
if (DOMUtils
.getFirstChildWithName(element, SP12Constants.MUST_SUPPORT_CLIENT_CHALLENGE) != null) {
trust13.setMustSupportClientChallenge(true);
}
if (DOMUtils
.getFirstChildWithName(element, SP12Constants.MUST_SUPPORT_SERVER_CHALLENGE) != null) {
trust13.setMustSupportServerChallenge(true);
}
if (DOMUtils.getFirstChildWithName(element, SP12Constants.REQUIRE_CLIENT_ENTROPY) != null) {
trust13.setRequireClientEntropy(true);
}
if (DOMUtils.getFirstChildWithName(element, SP12Constants.REQUIRE_SERVER_ENTROPY) != null) {
trust13.setRequireServerEntropy(true);
}
if (DOMUtils.getFirstChildWithName(element, SP12Constants.MUST_SUPPORT_ISSUED_TOKENS) != null) {
trust13.setMustSupportIssuedTokens(true);
}
if (DOMUtils.getFirstChildWithName(element,
SP12Constants.REQUIRE_REQUEST_SECURITY_TOKEN_COLLECTION) != null) {
trust13.setRequireRequestSecurityTokenCollection(true);
}
if (DOMUtils.getFirstChildWithName(element, SP12Constants.REQUIRE_APPLIES_TO) != null) {
trust13.setRequireAppliesTo(true);
}
return trust13;
}
Example 20
| Source File: STSClient.java From steady with Apache License 2.0 | 4 votes |
|
protected List<SecurityToken> validateSecurityToken(SecurityToken tok, String tokentype)
throws Exception {
STSResponse response = validate(tok, tokentype);
Element el = getDocumentElement(response.getResponse());
if ("RequestSecurityTokenResponseCollection".equals(el.getLocalName())) {
el = DOMUtils.getFirstElement(el);
}
if (!"RequestSecurityTokenResponse".equals(el.getLocalName())) {
throw new Fault("Unexpected element " + el.getLocalName(), LOG);
}
el = DOMUtils.getFirstElement(el);
String reason = null;
boolean valid = false;
List<SecurityToken> tokens = new LinkedList<SecurityToken>();
while (el != null) {
if ("Status".equals(el.getLocalName())) {
Element e2 = DOMUtils.getFirstChildWithName(el, el.getNamespaceURI(), "Code");
String s = DOMUtils.getContent(e2);
valid = s.endsWith("/status/valid");
e2 = DOMUtils.getFirstChildWithName(el, el.getNamespaceURI(), "Reason");
if (e2 != null) {
reason = DOMUtils.getContent(e2);
}
} else if ("RequestedSecurityToken".equals(el.getLocalName())) {
Element requestedSecurityTokenElement = DOMUtils.getFirstElement(el);
String id = findID(null, null, requestedSecurityTokenElement);
if (StringUtils.isEmpty(id)) {
throw new TrustException("NO_ID", LOG);
}
SecurityToken requestedSecurityToken = new SecurityToken(id);
requestedSecurityToken.setToken(requestedSecurityTokenElement);
tokens.add(requestedSecurityToken);
}
el = DOMUtils.getNextElement(el);
}
if (!valid) {
throw new TrustException(LOG, "VALIDATION_FAILED", reason);
}
if (tokens.isEmpty()) {
tokens.add(tok);
}
return tokens;
}
