View Javadoc
1   /**
2    * Licensed to the Apache Software Foundation (ASF) under one
3    * or more contributor license agreements. See the NOTICE file
4    * distributed with this work for additional information
5    * regarding copyright ownership. The ASF licenses this file
6    * to you under the Apache License, Version 2.0 (the
7    * "License"); you may not use this file except in compliance
8    * with the License. You may obtain a copy of the License at
9    *
10   * http://www.apache.org/licenses/LICENSE-2.0
11   *
12   * Unless required by applicable law or agreed to in writing,
13   * software distributed under the License is distributed on an
14   * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
15   * KIND, either express or implied. See the License for the
16   * specific language governing permissions and limitations
17   * under the License.
18   */
19  
20  package org.apache.wss4j.dom.handler;
21  
22  import java.io.IOException;
23  import java.util.ArrayList;
24  import java.util.List;
25  
26  import javax.security.auth.callback.Callback;
27  import javax.security.auth.callback.CallbackHandler;
28  import javax.security.auth.callback.UnsupportedCallbackException;
29  import javax.xml.parsers.DocumentBuilderFactory;
30  
31  import org.apache.wss4j.common.ext.WSPasswordCallback;
32  import org.apache.wss4j.common.util.SOAPUtil;
33  import org.apache.wss4j.common.util.XMLUtils;
34  import org.apache.wss4j.dom.WSConstants;
35  import org.apache.wss4j.dom.common.CustomHandler;
36  
37  import org.apache.wss4j.dom.engine.WSSConfig;
38  import org.apache.wss4j.dom.engine.WSSecurityEngine;
39  import org.apache.wss4j.dom.engine.WSSecurityEngineResult;
40  import org.apache.wss4j.dom.message.WSSecTimestamp;
41  import org.apache.wss4j.dom.message.token.Timestamp;
42  
43  import org.junit.jupiter.api.Test;
44  import org.w3c.dom.Document;
45  import org.w3c.dom.Element;
46  
47  import static org.junit.jupiter.api.Assertions.assertNotNull;
48  
49  
50  /**
51   * A test to add a Custom Token to an outbound message
52   */
53  public class CustomTokenTest {
54      private static final org.slf4j.Logger LOG =
55          org.slf4j.LoggerFactory.getLogger(CustomTokenTest.class);
56  
57      // Add a Timestamp via a "Custom Token"
58      @Test
59      public void testCustomTokenTimestamp() throws Exception {
60          // Create a Timestamp manually
61          DocumentBuilderFactory dbf = DocumentBuilderFactory.newInstance();
62          dbf.setNamespaceAware(true);
63          Document timestampDoc = dbf.newDocumentBuilder().newDocument();
64  
65          WSSecTimestamp timestamp = new WSSecTimestamp(timestampDoc);
66          timestamp.setTimeToLive(300);
67          timestamp.prepare();
68          Element timestampElement = timestamp.getElement();
69  
70          final WSSConfig cfg = WSSConfig.getNewInstance();
71          final RequestData reqData = new RequestData();
72          reqData.setWssConfig(cfg);
73          java.util.Map<String, Object> messageContext = new java.util.TreeMap<>();
74          messageContext.put(
75              WSHandlerConstants.PW_CALLBACK_REF, new CustomCallbackHandler(timestampElement)
76          );
77          reqData.setMsgContext(messageContext);
78  
79          final Document doc = SOAPUtil.toSOAPPart(SOAPUtil.SAMPLE_SOAP_MSG);
80          CustomHandler handler = new CustomHandler();
81          List<HandlerAction> actions = new ArrayList<>();
82          actions.add(new HandlerAction(WSConstants.CUSTOM_TOKEN, null));
83          handler.send(
84              doc,
85              reqData,
86              actions,
87              true
88          );
89  
90          if (LOG.isDebugEnabled()) {
91              String outputString =
92                  XMLUtils.prettyDocumentToString(doc);
93              LOG.debug(outputString);
94          }
95  
96          WSSecurityEngine secEngine = new WSSecurityEngine();
97          WSHandlerResult wsResults =
98              secEngine.processSecurityHeader(doc, null, null, null);
99          WSSecurityEngineResult actionResult =
100             wsResults.getActionResults().get(WSConstants.TS).get(0);
101         assertNotNull(actionResult);
102 
103         Timestamp receivedTimestamp =
104             (Timestamp)actionResult.get(WSSecurityEngineResult.TAG_TIMESTAMP);
105         assertNotNull(receivedTimestamp);
106     }
107 
108     private static class CustomCallbackHandler implements CallbackHandler {
109 
110         private final Element customElement;
111 
112         public CustomCallbackHandler(Element customElement) {
113             this.customElement = customElement;
114         }
115 
116         @Override
117         public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException {
118             for (Callback callback : callbacks) {
119                 if (callback instanceof WSPasswordCallback) {
120                     WSPasswordCallback passwordCallback = (WSPasswordCallback)callback;
121                     if (passwordCallback.getUsage() == WSPasswordCallback.CUSTOM_TOKEN) {
122                         passwordCallback.setCustomToken(customElement);
123                         return;
124                     }
125                 }
126             }
127 
128         }
129 
130     }
131 
132 }