View Javadoc
1   /**
2    * Licensed to the Apache Software Foundation (ASF) under one
3    * or more contributor license agreements. See the NOTICE file
4    * distributed with this work for additional information
5    * regarding copyright ownership. The ASF licenses this file
6    * to you under the Apache License, Version 2.0 (the
7    * "License"); you may not use this file except in compliance
8    * with the License. You may obtain a copy of the License at
9    *
10   * http://www.apache.org/licenses/LICENSE-2.0
11   *
12   * Unless required by applicable law or agreed to in writing,
13   * software distributed under the License is distributed on an
14   * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
15   * KIND, either express or implied. See the License for the
16   * specific language governing permissions and limitations
17   * under the License.
18   */
19  package org.apache.wss4j.policy.model;
20  
21  import org.apache.neethi.Assertion;
22  import org.apache.neethi.Policy;
23  import org.apache.wss4j.policy.SPConstants;
24  import org.w3c.dom.Element;
25  
26  import javax.xml.namespace.QName;
27  import java.util.*;
28  
29  public class HttpsToken extends AbstractToken {
30  
31      public enum AuthenticationType {
32          HttpBasicAuthentication,
33          HttpDigestAuthentication,
34          RequireClientCertificate;
35  
36          private static final Map<String, AuthenticationType> LOOKUP = new HashMap<>();
37  
38          static {
39              for (AuthenticationType u : EnumSet.allOf(AuthenticationType.class)) {
40                  LOOKUP.put(u.name(), u);
41              }
42          }
43  
44          public static AuthenticationType lookUp(String name) {
45              return LOOKUP.get(name);
46          }
47      }
48  
49      private AuthenticationType authenticationType;
50  
51      public HttpsToken(SPConstants.SPVersion version, SPConstants.IncludeTokenType includeTokenType,
52                        Element issuer, String issuerName, Element claims, Policy nestedPolicy,
53                        boolean requireClientCert) {
54          super(version, includeTokenType, issuer, issuerName, claims, nestedPolicy);
55  
56          parseNestedPolicy(nestedPolicy, this);
57  
58          if (requireClientCert) {
59              setAuthenticationType(AuthenticationType.RequireClientCertificate);
60          }
61      }
62  
63      @Override
64      public QName getName() {
65          return getVersion().getSPConstants().getHttpsToken();
66      }
67  
68      @Override
69      public boolean equals(Object object) {
70          if (object == this) {
71              return true;
72          }
73          if (!(object instanceof HttpsToken)) {
74              return false;
75          }
76  
77          HttpsToken that = (HttpsToken)object;
78          if (authenticationType != that.authenticationType) {
79              return false;
80          }
81  
82          return super.equals(object);
83      }
84  
85      @Override
86      public int hashCode() {
87          int result = 17;
88          if (authenticationType != null) {
89              result = 31 * result + authenticationType.hashCode();
90          }
91  
92          return 31 * result + super.hashCode();
93      }
94  
95      @Override
96      protected AbstractSecurityAssertion cloneAssertion(Policy nestedPolicy) {
97          boolean requireClientCert = authenticationType == AuthenticationType.RequireClientCertificate;
98          return new HttpsToken(getVersion(), getIncludeTokenType(), getIssuer(), getIssuerName(),
99                                getClaims(), nestedPolicy, requireClientCert);
100     }
101 
102     protected void parseNestedPolicy(Policy nestedPolicy, HttpsToken httpsToken) {
103         Iterator<List<Assertion>> alternatives = nestedPolicy.getAlternatives();
104         //we just process the first alternative
105         //this means that if we have a compact policy only the first alternative is visible
106         //in contrary to a normalized policy where just one alternative exists
107         if (alternatives.hasNext()) {
108             List<Assertion> assertions = alternatives.next();
109             for (Assertion assertion : assertions) {
110                 String assertionName = assertion.getName().getLocalPart();
111                 AuthenticationType authenticationType = AuthenticationType.lookUp(assertionName);
112                 if (authenticationType != null) {
113                     if (httpsToken.getAuthenticationType() != null) {
114                         throw new IllegalArgumentException(SPConstants.ERR_INVALID_POLICY);
115                     }
116                     httpsToken.setAuthenticationType(authenticationType);
117                     continue;
118                 }
119             }
120         }
121     }
122 
123     public AuthenticationType getAuthenticationType() {
124         return authenticationType;
125     }
126 
127     protected void setAuthenticationType(AuthenticationType authenticationType) {
128         this.authenticationType = authenticationType;
129     }
130 }