1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19 package org.apache.wss4j.policy.model;
20
21 import org.apache.neethi.Assertion;
22 import org.apache.neethi.Policy;
23 import org.apache.wss4j.policy.SPConstants;
24 import org.w3c.dom.Element;
25
26 import javax.xml.namespace.QName;
27 import java.util.Iterator;
28 import java.util.List;
29
30 public class SpnegoContextToken extends AbstractToken {
31
32 private boolean mustNotSendCancel;
33 private boolean mustNotSendAmend;
34 private boolean mustNotSendRenew;
35
36 public SpnegoContextToken(SPConstants.SPVersion version, SPConstants.IncludeTokenType includeTokenType,
37 Element issuer, String issuerName, Element claims, Policy nestedPolicy) {
38 super(version, includeTokenType, issuer, issuerName, claims, nestedPolicy);
39
40 parseNestedPolicy(nestedPolicy, this);
41 }
42
43 @Override
44 public QName getName() {
45 return getVersion().getSPConstants().getSpnegoContextToken();
46 }
47
48 @Override
49 public boolean equals(Object object) {
50 if (object == this) {
51 return true;
52 }
53 if (!(object instanceof SpnegoContextToken)) {
54 return false;
55 }
56
57 SpnegoContextToken that = (SpnegoContextToken)object;
58 if (mustNotSendCancel != that.mustNotSendCancel
59 || mustNotSendAmend != that.mustNotSendAmend
60 || mustNotSendRenew != that.mustNotSendRenew) {
61 return false;
62 }
63
64 return super.equals(object);
65 }
66
67 @Override
68 public int hashCode() {
69 int result = 17;
70 result = 31 * result + Boolean.hashCode(mustNotSendCancel);
71 result = 31 * result + Boolean.hashCode(mustNotSendAmend);
72 result = 31 * result + Boolean.hashCode(mustNotSendRenew);
73
74 return 31 * result + super.hashCode();
75 }
76
77 @Override
78 protected AbstractSecurityAssertion cloneAssertion(Policy nestedPolicy) {
79 return new SpnegoContextToken(getVersion(), getIncludeTokenType(), getIssuer(),
80 getIssuerName(), getClaims(), nestedPolicy);
81 }
82
83 protected void parseNestedPolicy(Policy nestedPolicy, SpnegoContextToken spnegoContextToken) {
84 Iterator<List<Assertion>> alternatives = nestedPolicy.getAlternatives();
85
86
87
88 if (alternatives.hasNext()) {
89 List<Assertion> assertions = alternatives.next();
90 for (Assertion assertion : assertions) {
91 String assertionName = assertion.getName().getLocalPart();
92 String assertionNamespace = assertion.getName().getNamespaceURI();
93 DerivedKeys derivedKeys = DerivedKeys.lookUp(assertionName);
94 if (derivedKeys != null) {
95 if (spnegoContextToken.getDerivedKeys() != null) {
96 throw new IllegalArgumentException(SPConstants.ERR_INVALID_POLICY);
97 }
98 spnegoContextToken.setDerivedKeys(derivedKeys);
99 continue;
100 }
101
102 QName mustNotSendCancel = getVersion().getSPConstants().getMustNotSendCancel();
103 if (mustNotSendCancel.getLocalPart().equals(assertionName)
104 && mustNotSendCancel.getNamespaceURI().equals(assertionNamespace)) {
105 if (spnegoContextToken.isMustNotSendCancel()) {
106 throw new IllegalArgumentException(SPConstants.ERR_INVALID_POLICY);
107 }
108 spnegoContextToken.setMustNotSendCancel(true);
109 continue;
110 }
111 QName mustNotSendAmend = getVersion().getSPConstants().getMustNotSendAmend();
112 if (mustNotSendAmend.getLocalPart().equals(assertionName)
113 && mustNotSendAmend.getNamespaceURI().equals(assertionNamespace)) {
114 if (spnegoContextToken.isMustNotSendAmend()) {
115 throw new IllegalArgumentException(SPConstants.ERR_INVALID_POLICY);
116 }
117 spnegoContextToken.setMustNotSendAmend(true);
118 continue;
119 }
120 QName mustNotSendRenew = getVersion().getSPConstants().getMustNotSendRenew();
121 if (mustNotSendRenew.getLocalPart().equals(assertionName)
122 && mustNotSendRenew.getNamespaceURI().equals(assertionNamespace)) {
123 if (spnegoContextToken.isMustNotSendRenew()) {
124 throw new IllegalArgumentException(SPConstants.ERR_INVALID_POLICY);
125 }
126 spnegoContextToken.setMustNotSendRenew(true);
127 continue;
128 }
129 }
130 }
131 }
132
133 public boolean isMustNotSendCancel() {
134 return mustNotSendCancel;
135 }
136
137 protected void setMustNotSendCancel(boolean mustNotSendCancel) {
138 this.mustNotSendCancel = mustNotSendCancel;
139 }
140
141 public boolean isMustNotSendAmend() {
142 return mustNotSendAmend;
143 }
144
145 protected void setMustNotSendAmend(boolean mustNotSendAmend) {
146 this.mustNotSendAmend = mustNotSendAmend;
147 }
148
149 public boolean isMustNotSendRenew() {
150 return mustNotSendRenew;
151 }
152
153 protected void setMustNotSendRenew(boolean mustNotSendRenew) {
154 this.mustNotSendRenew = mustNotSendRenew;
155 }
156 }