View Javadoc
1   /**
2    * Licensed to the Apache Software Foundation (ASF) under one
3    * or more contributor license agreements. See the NOTICE file
4    * distributed with this work for additional information
5    * regarding copyright ownership. The ASF licenses this file
6    * to you under the Apache License, Version 2.0 (the
7    * "License"); you may not use this file except in compliance
8    * with the License. You may obtain a copy of the License at
9    *
10   * http://www.apache.org/licenses/LICENSE-2.0
11   *
12   * Unless required by applicable law or agreed to in writing,
13   * software distributed under the License is distributed on an
14   * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
15   * KIND, either express or implied. See the License for the
16   * specific language governing permissions and limitations
17   * under the License.
18   */
19  
20  package org.apache.wss4j.dom.action;
21  
22  import javax.security.auth.callback.CallbackHandler;
23  
24  import org.apache.wss4j.common.SecurityActionToken;
25  import org.apache.wss4j.common.ext.WSSecurityException;
26  import org.apache.wss4j.common.saml.SamlAssertionWrapper;
27  import org.apache.wss4j.common.saml.SAMLCallback;
28  import org.apache.wss4j.common.saml.SAMLUtil;
29  import org.apache.wss4j.dom.handler.RequestData;
30  import org.apache.wss4j.dom.handler.WSHandler;
31  import org.apache.wss4j.dom.handler.WSHandlerConstants;
32  import org.apache.wss4j.dom.message.WSSecSAMLToken;
33  
34  public class SAMLTokenUnsignedAction implements Action {
35  
36      public void execute(WSHandler handler, SecurityActionToken actionToken, RequestData reqData)
37              throws WSSecurityException {
38          WSSecSAMLToken builder = new WSSecSAMLToken(reqData.getSecHeader());
39          builder.setIdAllocator(reqData.getWssConfig().getIdAllocator());
40          builder.setWsDocInfo(reqData.getWsDocInfo());
41          builder.setExpandXopInclude(reqData.isExpandXopInclude());
42  
43          CallbackHandler samlCallbackHandler =
44                  handler.getCallbackHandler(
45                      WSHandlerConstants.SAML_CALLBACK_CLASS,
46                      WSHandlerConstants.SAML_CALLBACK_REF,
47                      reqData
48                  );
49          if (samlCallbackHandler == null) {
50              throw new WSSecurityException(
51                  WSSecurityException.ErrorCode.FAILURE,
52                  "noSAMLCallbackHandler"
53              );
54          }
55          SAMLCallback samlCallback = new SAMLCallback();
56          SAMLUtil.doSAMLCallback(samlCallbackHandler, samlCallback);
57  
58          SamlAssertionWrapper samlAssertion = new SamlAssertionWrapper(samlCallback);
59          if (samlCallback.isSignAssertion()) {
60              samlAssertion.signAssertion(
61                  samlCallback.getIssuerKeyName(),
62                  samlCallback.getIssuerKeyPassword(),
63                  samlCallback.getIssuerCrypto(),
64                  samlCallback.isSendKeyValue(),
65                  samlCallback.getCanonicalizationAlgorithm(),
66                  samlCallback.getSignatureAlgorithm()
67              );
68          }
69  
70          // add the SAMLAssertion Token to the SOAP Envelope
71          builder.build(samlAssertion);
72  
73          byte[] signatureValue = samlAssertion.getSignatureValue();
74          if (signatureValue != null) {
75              reqData.getSignatureValues().add(signatureValue);
76          }
77      }
78  }