1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19 package org.apache.wss4j.policy.model;
20
21 import org.apache.neethi.Assertion;
22 import org.apache.neethi.Constants;
23 import org.apache.neethi.Policy;
24 import org.apache.wss4j.policy.SPConstants;
25 import org.apache.wss4j.policy.SPUtils;
26 import org.w3c.dom.Element;
27
28 import javax.xml.namespace.QName;
29 import javax.xml.stream.XMLStreamException;
30 import javax.xml.stream.XMLStreamWriter;
31 import java.util.Iterator;
32 import java.util.List;
33
34 public class IssuedToken extends AbstractToken {
35
36 private Element requestSecurityTokenTemplate;
37 private boolean requireExternalReference;
38 private boolean requireInternalReference;
39
40 public IssuedToken(SPConstants.SPVersion version, SPConstants.IncludeTokenType includeTokenType,
41 Element issuer, String issuerName, Element requestSecurityTokenTemplate, Element claims,
42 Policy nestedPolicy) {
43 super(version, includeTokenType, issuer, issuerName, claims, nestedPolicy);
44 setRequestSecurityTokenTemplate(requestSecurityTokenTemplate);
45
46 parseNestedPolicy(nestedPolicy, this);
47 }
48
49 @Override
50 public QName getName() {
51 return getVersion().getSPConstants().getIssuedToken();
52 }
53
54 @Override
55 public boolean equals(Object object) {
56 if (object == this) {
57 return true;
58 }
59 if (!(object instanceof IssuedToken)) {
60 return false;
61 }
62
63 IssuedToken that = (IssuedToken)object;
64 if (requireExternalReference != that.requireExternalReference
65 || requireInternalReference != that.requireInternalReference) {
66 return false;
67 }
68
69 if (requestSecurityTokenTemplate == null && that.requestSecurityTokenTemplate != null
70 || requestSecurityTokenTemplate != null && that.requestSecurityTokenTemplate == null) {
71 return false;
72 }
73
74 if (requestSecurityTokenTemplate != null
75 && !DOM2Writer.nodeToString(requestSecurityTokenTemplate).equals(
76 DOM2Writer.nodeToString(that.requestSecurityTokenTemplate))) {
77 return false;
78 }
79
80 return super.equals(object);
81 }
82
83 @Override
84 public int hashCode() {
85 int result = 17;
86 if (requestSecurityTokenTemplate != null) {
87 result = 31 * result + DOM2Writer.nodeToString(requestSecurityTokenTemplate).hashCode();
88 }
89 result = 31 * result + Boolean.hashCode(requireExternalReference);
90 result = 31 * result + Boolean.hashCode(requireInternalReference);
91
92 return 31 * result + super.hashCode();
93 }
94
95 @Override
96 public void serialize(XMLStreamWriter writer) throws XMLStreamException {
97 writer.writeStartElement(getName().getPrefix(), getName().getLocalPart(), getName().getNamespaceURI());
98 writer.writeNamespace(getName().getPrefix(), getName().getNamespaceURI());
99 if (getIncludeTokenType() != null) {
100 writer.writeAttribute(
101 getVersion().getSPConstants().getIncludeToken().getPrefix(),
102 getVersion().getSPConstants().getIncludeToken().getNamespaceURI(),
103 getVersion().getSPConstants().getIncludeToken().getLocalPart(),
104 getVersion().getSPConstants().getAttributeValueFromInclusion(getIncludeTokenType())
105 );
106 }
107 if (!isNormalized() && isOptional()) {
108 writer.writeAttribute(Constants.ATTR_WSP,
109 writer.getNamespaceContext().getNamespaceURI(Constants.ATTR_WSP),
110 Constants.ATTR_OPTIONAL, "true");
111 }
112 if (isIgnorable()) {
113 writer.writeAttribute(Constants.ATTR_WSP,
114 writer.getNamespaceContext().getNamespaceURI(Constants.ATTR_WSP),
115 Constants.ATTR_IGNORABLE, "true");
116 }
117 if (getIssuer() != null) {
118 SPUtils.serialize(getIssuer(), writer);
119 }
120 if (getIssuerName() != null) {
121 writer.writeStartElement(
122 getVersion().getSPConstants().getIssuerName().getPrefix(),
123 getVersion().getSPConstants().getIssuerName().getLocalPart(),
124 getVersion().getSPConstants().getIssuerName().getNamespaceURI()
125 );
126 writer.writeCharacters(getIssuerName());
127 writer.writeEndElement();
128 }
129 if (getClaims() != null) {
130 SPUtils.serialize(getClaims(), writer);
131 }
132 SPUtils.serialize(getRequestSecurityTokenTemplate(), writer);
133 getPolicy().serialize(writer);
134 writer.writeEndElement();
135 }
136
137 @Override
138 protected AbstractSecurityAssertion cloneAssertion(Policy nestedPolicy) {
139 return new IssuedToken(getVersion(), getIncludeTokenType(), getIssuer(), getIssuerName(),
140 getRequestSecurityTokenTemplate(), getClaims(), nestedPolicy);
141 }
142
143 protected void parseNestedPolicy(Policy nestedPolicy, IssuedToken issuedToken) {
144 Iterator<List<Assertion>> alternatives = nestedPolicy.getAlternatives();
145
146
147
148 if (alternatives.hasNext()) {
149 List<Assertion> assertions = alternatives.next();
150 for (Assertion assertion : assertions) {
151 String assertionName = assertion.getName().getLocalPart();
152 String assertionNamespace = assertion.getName().getNamespaceURI();
153 DerivedKeys derivedKeys = DerivedKeys.lookUp(assertionName);
154 if (derivedKeys != null) {
155 if (issuedToken.getDerivedKeys() != null) {
156 throw new IllegalArgumentException(SPConstants.ERR_INVALID_POLICY);
157 }
158 issuedToken.setDerivedKeys(derivedKeys);
159 continue;
160 }
161
162 QName requireExternalRef = getVersion().getSPConstants().getRequireExternalReference();
163 if (requireExternalRef.getLocalPart().equals(assertionName)
164 && requireExternalRef.getNamespaceURI().equals(assertionNamespace)) {
165 if (issuedToken.isRequireExternalReference()) {
166 throw new IllegalArgumentException(SPConstants.ERR_INVALID_POLICY);
167 }
168 issuedToken.setRequireExternalReference(true);
169 continue;
170 }
171
172 QName requireInternalRef = getVersion().getSPConstants().getRequireInternalReference();
173 if (requireInternalRef.getLocalPart().equals(assertionName)
174 && requireInternalRef.getNamespaceURI().equals(assertionNamespace)) {
175 if (issuedToken.isRequireInternalReference()) {
176 throw new IllegalArgumentException(SPConstants.ERR_INVALID_POLICY);
177 }
178 issuedToken.setRequireInternalReference(true);
179 continue;
180 }
181 }
182 }
183 }
184
185 public boolean isRequireExternalReference() {
186 return requireExternalReference;
187 }
188
189 protected void setRequireExternalReference(boolean requireExternalReference) {
190 this.requireExternalReference = requireExternalReference;
191 }
192
193 public boolean isRequireInternalReference() {
194 return requireInternalReference;
195 }
196
197 protected void setRequireInternalReference(boolean requireInternalReference) {
198 this.requireInternalReference = requireInternalReference;
199 }
200
201 public Element getRequestSecurityTokenTemplate() {
202 return requestSecurityTokenTemplate;
203 }
204
205 protected void setRequestSecurityTokenTemplate(Element requestSecurityTokenTemplate) {
206 this.requestSecurityTokenTemplate = requestSecurityTokenTemplate;
207 }
208 }