View Javadoc
1   /**
2    * Licensed to the Apache Software Foundation (ASF) under one
3    * or more contributor license agreements. See the NOTICE file
4    * distributed with this work for additional information
5    * regarding copyright ownership. The ASF licenses this file
6    * to you under the Apache License, Version 2.0 (the
7    * "License"); you may not use this file except in compliance
8    * with the License. You may obtain a copy of the License at
9    *
10   * http://www.apache.org/licenses/LICENSE-2.0
11   *
12   * Unless required by applicable law or agreed to in writing,
13   * software distributed under the License is distributed on an
14   * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
15   * KIND, either express or implied. See the License for the
16   * specific language governing permissions and limitations
17   * under the License.
18   */
19  
20  package org.apache.wss4j.common.saml;
21  
22  import org.apache.wss4j.common.crypto.Crypto;
23  import org.apache.wss4j.common.saml.bean.AdviceBean;
24  import org.apache.wss4j.common.saml.bean.AttributeStatementBean;
25  import org.apache.wss4j.common.saml.bean.AuthDecisionStatementBean;
26  import org.apache.wss4j.common.saml.bean.AuthenticationStatementBean;
27  import org.apache.wss4j.common.saml.bean.ConditionsBean;
28  import org.apache.wss4j.common.saml.bean.SubjectBean;
29  import org.apache.wss4j.common.saml.bean.Version;
30  import org.opensaml.saml.common.SAMLVersion;
31  import org.w3c.dom.Element;
32  
33  import javax.security.auth.callback.Callback;
34  
35  import java.util.ArrayList;
36  import java.util.List;
37  
38  
39  /**
40   * Class SAMLCallback will be called by the <code>SamlAssertionWrapper</code> during the creation
41   * of SAML statements (authentication, attribute, and authz decision). Alternatively, the
42   * "assertionElement" member of this class can be set instead, for a pre-existing SAML
43   * Assertion.
44   */
45  public class SAMLCallback implements Callback {
46  
47      /**
48       * The SAML Version of the Assertion to create
49       */
50      private SAMLVersion samlVersion;
51  
52      /**
53       * SAML subject representation
54       */
55      private SubjectBean subject;
56  
57      /**
58       * The issuer of the Assertion
59       */
60      private String issuer;
61  
62      /**
63       * The issuer format of the Assertion
64       */
65      private String issuerFormat;
66  
67      /**
68       * The issuer qualifier of the Assertion
69       */
70      private String issuerQualifier;
71  
72      /**
73       * SAML Conditions representation
74       */
75      private ConditionsBean conditions;
76  
77      /**
78       * SAML Advice representation
79       */
80      private AdviceBean advice;
81  
82      /**
83       * A list of <code>AuthenticationStatementBean</code> values
84       */
85      private List<AuthenticationStatementBean> authenticationStatementData;
86  
87      /**
88       * A list of <code>AttributeStatementBean</code> values
89       */
90      private List<AttributeStatementBean> attributeStatementData;
91  
92      /**
93       * A list of <code>AuthDecisionStatementBean</code> values
94       */
95      private List<AuthDecisionStatementBean> authDecisionStatementData;
96  
97      /**
98       * A DOM Element representation of this SAML Assertion
99       */
100     private Element assertionElement;
101 
102     private boolean signAssertion;
103 
104     private String issuerKeyName;
105 
106     private String issuerKeyPassword;
107 
108     private Crypto issuerCrypto;
109 
110     private boolean sendKeyValue;
111 
112     private String canonicalizationAlgorithm;
113 
114     private String signatureAlgorithm;
115 
116     private String signatureDigestAlgorithm;
117 
118     /**
119      * Constructor SAMLCallback creates a new SAMLCallback instance.
120      */
121     public SAMLCallback() {
122         authenticationStatementData = new ArrayList<>();
123         attributeStatementData = new ArrayList<>();
124         authDecisionStatementData = new ArrayList<>();
125     }
126 
127     /**
128      * Method getAuthenticationStatementData returns the authenticationStatementData of this
129      * SAMLCallback object.
130      *
131      * @return the authenticationStatementData (type List<AuthenticationStatementBean>) of
132      *         this SAMLCallback object.
133      */
134     public List<AuthenticationStatementBean> getAuthenticationStatementData() {
135         return authenticationStatementData;
136     }
137 
138     /**
139      * Method setAuthenticationStatementData sets the authenticationStatementData of this
140      * SAMLCallback object.
141      *
142      * @param authenticationStatementData the authenticationStatementData of this
143      *        SAMLCallback object.
144      */
145     public void setAuthenticationStatementData(
146         List<AuthenticationStatementBean> authenticationStatementData
147     ) {
148         this.authenticationStatementData = authenticationStatementData;
149     }
150 
151     /**
152      * Method getAttributeStatementData returns the attributeStatementData of this
153      * SAMLCallback object.
154      *
155      * @return the attributeStatementData (type List<AttributeStatementBean>) of this
156      *         SAMLCallback object.
157      */
158     public List<AttributeStatementBean> getAttributeStatementData() {
159         return attributeStatementData;
160     }
161 
162     /**
163      * Method setAttributeStatementData sets the attributeStatementData of this SAMLCallback object.
164      *
165      * @param attributeStatementData the attributeStatementData of this SAMLCallback object.
166      */
167     public void setAttributeStatementData(List<AttributeStatementBean> attributeStatementData) {
168         this.attributeStatementData = attributeStatementData;
169     }
170 
171     /**
172      * Method getAuthDecisionStatementData returns the authDecisionStatementData of this
173      * SAMLCallback object.
174      *
175      * @return the authDecisionStatementData (type List<AuthDecisionStatementBean>) of this
176      *         SAMLCallback object.
177      */
178     public List<AuthDecisionStatementBean> getAuthDecisionStatementData() {
179         return authDecisionStatementData;
180     }
181 
182     /**
183      * Method setAuthDecisionStatementData sets the authDecisionStatementData of this
184      * SAMLCallback object.
185      *
186      * @param authDecisionStatementData the authDecisionStatementData of this
187      *        SAMLCallback object.
188      */
189     public void setAuthDecisionStatementData(
190         List<AuthDecisionStatementBean> authDecisionStatementData
191     ) {
192         this.authDecisionStatementData = authDecisionStatementData;
193     }
194 
195     /**
196      * Method getSubject returns the subject of this SAMLCallback object.
197      *
198      * @return the subject (type SubjectBean) of this SAMLCallback object.
199      */
200     public SubjectBean getSubject() {
201         if (subject != null) {
202             return subject;
203         }
204 
205         // SAML 1.1 case
206         if (authenticationStatementData != null) {
207             for (AuthenticationStatementBean bean : authenticationStatementData) {
208                 if (bean.getSubject() != null) {
209                     return bean.getSubject();
210                 }
211             }
212         }
213 
214         if (attributeStatementData != null) {
215             for (AttributeStatementBean bean : attributeStatementData) {
216                 if (bean.getSubject() != null) {
217                     return bean.getSubject();
218                 }
219             }
220         }
221 
222         if (authDecisionStatementData != null) {
223             for (AuthDecisionStatementBean bean : authDecisionStatementData) {
224                 if (bean.getSubject() != null) {
225                     return bean.getSubject();
226                 }
227             }
228         }
229 
230         return null;
231     }
232 
233     /**
234      * Method setSubject sets the subject of this SAMLCallback object.
235      *
236      * @param subject the subject of this SAMLCallback object.
237      */
238     public void setSubject(SubjectBean subject) {
239         this.subject = subject;
240     }
241 
242     /**
243      * Method getIssuer returns the issuer of this SAMLCallback object.
244      *
245      * @return the issuer of this SAMLCallback object.
246      */
247     public String getIssuer() {
248         return issuer;
249     }
250 
251     /**
252      * Method setIssuer sets the issuer of this SAMLCallback object.
253      *
254      * @param issuer the issuer of this SAMLCallback object.
255      */
256     public void setIssuer(String issuer) {
257         this.issuer = issuer;
258     }
259 
260     /**
261      * Method getConditions returns the conditions of this SAMLCallback object.
262      *
263      * @return the conditions (type ConditionsBean) of this SAMLCallback object.
264      */
265     public ConditionsBean getConditions() {
266         return conditions;
267     }
268 
269     /**
270      * Method setConditions sets the conditions of this SAMLCallback object.
271      *
272      * @param conditions the conditions of this SAMLCallback object.
273      */
274     public void setConditions(ConditionsBean conditions) {
275         this.conditions = conditions;
276     }
277 
278     /**
279      * Set the SAMLVersion of the assertion to create
280      * @param samlVersion the SAMLVersion of the assertion to create
281      */
282     @Deprecated
283     public void setSamlVersion(SAMLVersion samlVersion) {
284         this.samlVersion = samlVersion;
285     }
286 
287     /**
288      * Get the SAMLVersion of the assertion to create
289      * @return the SAMLVersion of the assertion to create
290      */
291     public SAMLVersion getSamlVersion() {
292         return samlVersion;
293     }
294 
295     /**
296      * Set the SAML Version of the assertion to create
297      * @param samlVersion the SAML Version of the assertion to create
298      */
299     public void setSamlVersion(Version samlVersion) {
300         if (samlVersion == Version.SAML_20) {
301             this.samlVersion = SAMLVersion.VERSION_20;
302         } else if (samlVersion == Version.SAML_11) {
303             this.samlVersion = SAMLVersion.VERSION_11;
304         } else if (samlVersion == Version.SAML_10) {
305             this.samlVersion = SAMLVersion.VERSION_10;
306         }
307     }
308 
309     /**
310      * Set the DOM representation of this SAML Assertion
311      * @param assertionElement the DOM representation of this SAML Assertion
312      */
313     public void setAssertionElement(Element assertionElement) {
314         this.assertionElement = assertionElement;
315     }
316 
317     /**
318      * Get the DOM representation of this SAML Assertion
319      * @return the DOM representation of this SAML Assertion
320      */
321     public Element getAssertionElement() {
322         return assertionElement;
323     }
324 
325     public boolean isSignAssertion() {
326         return signAssertion;
327     }
328 
329     public void setSignAssertion(boolean signAssertion) {
330         this.signAssertion = signAssertion;
331     }
332 
333     public String getIssuerKeyName() {
334         return issuerKeyName;
335     }
336 
337     public void setIssuerKeyName(String issuerKeyName) {
338         this.issuerKeyName = issuerKeyName;
339     }
340 
341     public String getIssuerKeyPassword() {
342         return issuerKeyPassword;
343     }
344 
345     public void setIssuerKeyPassword(String issuerKeyPassword) {
346         this.issuerKeyPassword = issuerKeyPassword;
347     }
348 
349     public Crypto getIssuerCrypto() {
350         return issuerCrypto;
351     }
352 
353     public void setIssuerCrypto(Crypto issuerCrypto) {
354         this.issuerCrypto = issuerCrypto;
355     }
356 
357     public boolean isSendKeyValue() {
358         return sendKeyValue;
359     }
360 
361     public void setSendKeyValue(boolean sendKeyValue) {
362         this.sendKeyValue = sendKeyValue;
363     }
364 
365     public String getCanonicalizationAlgorithm() {
366         return canonicalizationAlgorithm;
367     }
368 
369     public void setCanonicalizationAlgorithm(String canonicalizationAlgorithm) {
370         this.canonicalizationAlgorithm = canonicalizationAlgorithm;
371     }
372 
373     public String getSignatureAlgorithm() {
374         return signatureAlgorithm;
375     }
376 
377     public void setSignatureAlgorithm(String signatureAlgorithm) {
378         this.signatureAlgorithm = signatureAlgorithm;
379     }
380 
381     public String getSignatureDigestAlgorithm() {
382         return signatureDigestAlgorithm;
383     }
384 
385     public void setSignatureDigestAlgorithm(String signatureDigestAlgorithm) {
386         this.signatureDigestAlgorithm = signatureDigestAlgorithm;
387     }
388 
389     public AdviceBean getAdvice() {
390         return advice;
391     }
392 
393     public void setAdvice(AdviceBean advice) {
394         this.advice = advice;
395     }
396 
397     public String getIssuerFormat() {
398         return issuerFormat;
399     }
400 
401     public void setIssuerFormat(String issuerFormat) {
402         this.issuerFormat = issuerFormat;
403     }
404 
405     public String getIssuerQualifier() {
406         return issuerQualifier;
407     }
408 
409     public void setIssuerQualifier(String issuerQualifier) {
410         this.issuerQualifier = issuerQualifier;
411     }
412 }