View Javadoc
1   /**
2    * Licensed to the Apache Software Foundation (ASF) under one
3    * or more contributor license agreements. See the NOTICE file
4    * distributed with this work for additional information
5    * regarding copyright ownership. The ASF licenses this file
6    * to you under the Apache License, Version 2.0 (the
7    * "License"); you may not use this file except in compliance
8    * with the License. You may obtain a copy of the License at
9    *
10   * http://www.apache.org/licenses/LICENSE-2.0
11   *
12   * Unless required by applicable law or agreed to in writing,
13   * software distributed under the License is distributed on an
14   * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
15   * KIND, either express or implied. See the License for the
16   * specific language governing permissions and limitations
17   * under the License.
18   */
19  package org.apache.wss4j.policy.model;
20  
21  import org.apache.neethi.Assertion;
22  import org.apache.neethi.Policy;
23  import org.apache.wss4j.policy.SPConstants;
24  import org.w3c.dom.Element;
25  
26  import javax.xml.namespace.QName;
27  import java.util.Iterator;
28  import java.util.List;
29  
30  public class SecureConversationToken extends SecurityContextToken {
31  
32      private BootstrapPolicy bootstrapPolicy;
33  
34      private boolean mustNotSendCancel;
35      private boolean mustNotSendAmend;
36      private boolean mustNotSendRenew;
37  
38      public SecureConversationToken(SPConstants.SPVersion version, SPConstants.IncludeTokenType includeTokenType,
39                                     Element issuer, String issuerName, Element claims, Policy nestedPolicy) {
40          super(version, includeTokenType, issuer, issuerName, claims, nestedPolicy);
41  
42          parseNestedPolicy(nestedPolicy, this);
43      }
44  
45      @Override
46      public QName getName() {
47          return getVersion().getSPConstants().getSecureConversationToken();
48      }
49  
50      @Override
51      public boolean equals(Object object) {
52          if (object == this) {
53              return true;
54          }
55          if (!(object instanceof SecureConversationToken)) {
56              return false;
57          }
58  
59          SecureConversationToken that = (SecureConversationToken)object;
60          if (mustNotSendCancel != that.mustNotSendCancel
61              || mustNotSendAmend != that.mustNotSendAmend
62              || mustNotSendRenew != that.mustNotSendRenew) {
63              return false;
64          }
65  
66          return super.equals(object);
67      }
68  
69      @Override
70      public int hashCode() {
71          int result = 17;
72          result = 31 * result + Boolean.hashCode(mustNotSendCancel);
73          result = 31 * result + Boolean.hashCode(mustNotSendAmend);
74          result = 31 * result + Boolean.hashCode(mustNotSendRenew);
75  
76          return 31 * result + super.hashCode();
77      }
78  
79      @Override
80      protected AbstractSecurityAssertion cloneAssertion(Policy nestedPolicy) {
81          return new SecureConversationToken(getVersion(), getIncludeTokenType(), getIssuer(),
82                                             getIssuerName(), getClaims(), nestedPolicy);
83      }
84  
85      protected void parseNestedPolicy(Policy nestedPolicy, SecureConversationToken secureConversationToken) {
86          Iterator<List<Assertion>> alternatives = nestedPolicy.getAlternatives();
87          //we just process the first alternative
88          //this means that if we have a compact policy only the first alternative is visible
89          //in contrary to a normalized policy where just one alternative exists
90          if (alternatives.hasNext()) {
91              List<Assertion> assertions = alternatives.next();
92              for (Assertion assertion : assertions) {
93                  String assertionName = assertion.getName().getLocalPart();
94                  String assertionNamespace = assertion.getName().getNamespaceURI();
95                  QName mustNotSendCancel = getVersion().getSPConstants().getMustNotSendCancel();
96                  if (mustNotSendCancel.getLocalPart().equals(assertionName)
97                      && mustNotSendCancel.getNamespaceURI().equals(assertionNamespace)) {
98                      if (secureConversationToken.isMustNotSendCancel()) {
99                          throw new IllegalArgumentException(SPConstants.ERR_INVALID_POLICY);
100                     }
101                     secureConversationToken.setMustNotSendCancel(true);
102                     continue;
103                 }
104 
105                 QName mustNotSendAmend = getVersion().getSPConstants().getMustNotSendAmend();
106                 if (mustNotSendAmend.getLocalPart().equals(assertionName)
107                     && mustNotSendAmend.getNamespaceURI().equals(assertionNamespace)) {
108                     if (secureConversationToken.isMustNotSendAmend()) {
109                         throw new IllegalArgumentException(SPConstants.ERR_INVALID_POLICY);
110                     }
111                     secureConversationToken.setMustNotSendAmend(true);
112                     continue;
113                 }
114 
115                 QName mustNotSendRenew = getVersion().getSPConstants().getMustNotSendRenew();
116                 if (mustNotSendRenew.getLocalPart().equals(assertionName)
117                     && mustNotSendRenew.getNamespaceURI().equals(assertionNamespace)) {
118                     if (secureConversationToken.isMustNotSendRenew()) {
119                         throw new IllegalArgumentException(SPConstants.ERR_INVALID_POLICY);
120                     }
121                     secureConversationToken.setMustNotSendRenew(true);
122                     continue;
123                 }
124 
125                 QName bootstrapPolicy = getVersion().getSPConstants().getBootstrapPolicy();
126                 if (bootstrapPolicy.getLocalPart().equals(assertionName)
127                     && bootstrapPolicy.getNamespaceURI().equals(assertionNamespace)) {
128                     if (secureConversationToken.getBootstrapPolicy() != null) {
129                         throw new IllegalArgumentException(SPConstants.ERR_INVALID_POLICY);
130                     }
131                     BootstrapPolicy bootstrap = (BootstrapPolicy) assertion;
132                     secureConversationToken.setBootstrapPolicy(bootstrap);
133                     continue;
134                 }
135             }
136         }
137     }
138 
139     public boolean isMustNotSendCancel() {
140         return mustNotSendCancel;
141     }
142 
143     protected void setMustNotSendCancel(boolean mustNotSendCancel) {
144         this.mustNotSendCancel = mustNotSendCancel;
145     }
146 
147     public boolean isMustNotSendAmend() {
148         return mustNotSendAmend;
149     }
150 
151     protected void setMustNotSendAmend(boolean mustNotSendAmend) {
152         this.mustNotSendAmend = mustNotSendAmend;
153     }
154 
155     public boolean isMustNotSendRenew() {
156         return mustNotSendRenew;
157     }
158 
159     protected void setMustNotSendRenew(boolean mustNotSendRenew) {
160         this.mustNotSendRenew = mustNotSendRenew;
161     }
162 
163     public BootstrapPolicy getBootstrapPolicy() {
164         return bootstrapPolicy;
165     }
166 
167     protected void setBootstrapPolicy(BootstrapPolicy bootstrapPolicy) {
168         this.bootstrapPolicy = bootstrapPolicy;
169     }
170 }