View Javadoc
1   /**
2    * Licensed to the Apache Software Foundation (ASF) under one
3    * or more contributor license agreements. See the NOTICE file
4    * distributed with this work for additional information
5    * regarding copyright ownership. The ASF licenses this file
6    * to you under the Apache License, Version 2.0 (the
7    * "License"); you may not use this file except in compliance
8    * with the License. You may obtain a copy of the License at
9    *
10   * http://www.apache.org/licenses/LICENSE-2.0
11   *
12   * Unless required by applicable law or agreed to in writing,
13   * software distributed under the License is distributed on an
14   * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
15   * KIND, either express or implied. See the License for the
16   * specific language governing permissions and limitations
17   * under the License.
18   */
19  package org.apache.wss4j.policy.model;
20  
21  import org.apache.neethi.Assertion;
22  import org.apache.neethi.Policy;
23  import org.apache.neethi.PolicyComponent;
24  import org.apache.neethi.PolicyContainingAssertion;
25  import org.apache.wss4j.policy.SPConstants;
26  
27  import javax.xml.namespace.QName;
28  import javax.xml.stream.XMLStreamException;
29  import javax.xml.stream.XMLStreamWriter;
30  import java.util.Iterator;
31  import java.util.List;
32  
33  public class Wss10 extends AbstractSecurityAssertion implements PolicyContainingAssertion {
34  
35      private Policy nestedPolicy;
36      private boolean mustSupportRefKeyIdentifier;
37      private boolean mustSupportRefIssuerSerial;
38      private boolean mustSupportRefExternalURI;
39      private boolean mustSupportRefEmbeddedToken;
40  
41      public Wss10(SPConstants.SPVersion version, Policy nestedPolicy) {
42          super(version);
43          this.nestedPolicy = nestedPolicy;
44  
45          parseNestedWss10Policy(nestedPolicy, this);
46      }
47  
48      @Override
49      public Policy getPolicy() {
50          return this.nestedPolicy;
51      }
52  
53      @Override
54      public QName getName() {
55          return getVersion().getSPConstants().getWss10();
56      }
57  
58      @Override
59      public boolean equals(Object object) {
60          if (object == this) {
61              return true;
62          }
63          if (!(object instanceof Wss10)) {
64              return false;
65          }
66  
67          Wss10 that = (Wss10)object;
68          if (mustSupportRefKeyIdentifier != that.mustSupportRefKeyIdentifier
69              || mustSupportRefIssuerSerial != that.mustSupportRefIssuerSerial
70              || mustSupportRefExternalURI != that.mustSupportRefExternalURI
71              || mustSupportRefEmbeddedToken != that.mustSupportRefEmbeddedToken) {
72              return false;
73          }
74  
75          return super.equals(object);
76      }
77  
78      @Override
79      public int hashCode() {
80          int result = 17;
81          result = 31 * result + Boolean.hashCode(mustSupportRefKeyIdentifier);
82          result = 31 * result + Boolean.hashCode(mustSupportRefIssuerSerial);
83          result = 31 * result + Boolean.hashCode(mustSupportRefExternalURI);
84          result = 31 * result + Boolean.hashCode(mustSupportRefEmbeddedToken);
85  
86          return 31 * result + super.hashCode();
87      }
88  
89      @Override
90      public PolicyComponent normalize() {
91          return super.normalize(getPolicy());
92      }
93  
94      @Override
95      public void serialize(XMLStreamWriter writer) throws XMLStreamException {
96          super.serialize(writer, getPolicy());
97      }
98  
99      @Override
100     protected AbstractSecurityAssertion cloneAssertion(Policy nestedPolicy) {
101         return new Wss10(getVersion(), nestedPolicy);
102     }
103 
104     protected void parseNestedWss10Policy(Policy nestedPolicy, Wss10 wss10) {
105         Iterator<List<Assertion>> alternatives = nestedPolicy.getAlternatives();
106         //we just process the first alternative
107         //this means that if we have a compact policy only the first alternative is visible
108         //in contrary to a normalized policy where just one alternative exists
109         if (alternatives.hasNext()) {
110             List<Assertion> assertions = alternatives.next();
111             for (Assertion assertion : assertions) {
112                 String assertionName = assertion.getName().getLocalPart();
113                 String assertionNamespace = assertion.getName().getNamespaceURI();
114 
115                 QName mustSupportRefKeyIdentifier = getVersion().getSPConstants().getMustSupportRefKeyIdentifier();
116                 if (mustSupportRefKeyIdentifier.getLocalPart().equals(assertionName)
117                     && mustSupportRefKeyIdentifier.getNamespaceURI().equals(assertionNamespace)) {
118                     if (wss10.isMustSupportRefKeyIdentifier()) {
119                         throw new IllegalArgumentException(SPConstants.ERR_INVALID_POLICY);
120                     }
121                     wss10.setMustSupportRefKeyIdentifier(true);
122                     continue;
123                 }
124 
125                 QName mustSupportRefIssuerSerial = getVersion().getSPConstants().getMustSupportRefIssuerSerial();
126                 if (mustSupportRefIssuerSerial.getLocalPart().equals(assertionName)
127                     && mustSupportRefIssuerSerial.getNamespaceURI().equals(assertionNamespace)) {
128                     if (wss10.isMustSupportRefIssuerSerial()) {
129                         throw new IllegalArgumentException(SPConstants.ERR_INVALID_POLICY);
130                     }
131                     wss10.setMustSupportRefIssuerSerial(true);
132                     continue;
133                 }
134 
135                 QName mustSupportRefExternal = getVersion().getSPConstants().getMustSupportRefExternalUri();
136                 if (mustSupportRefExternal.getLocalPart().equals(assertionName)
137                     && mustSupportRefExternal.getNamespaceURI().equals(assertionNamespace)) {
138                     if (wss10.isMustSupportRefExternalURI()) {
139                         throw new IllegalArgumentException(SPConstants.ERR_INVALID_POLICY);
140                     }
141                     wss10.setMustSupportRefExternalURI(true);
142                     continue;
143                 }
144 
145                 QName mustSupportRefEmbedded = getVersion().getSPConstants().getMustSupportRefEmbeddedToken();
146                 if (mustSupportRefEmbedded.getLocalPart().equals(assertionName)
147                     && mustSupportRefEmbedded.getNamespaceURI().equals(assertionNamespace)) {
148                     if (wss10.isMustSupportRefEmbeddedToken()) {
149                         throw new IllegalArgumentException(SPConstants.ERR_INVALID_POLICY);
150                     }
151                     wss10.setMustSupportRefEmbeddedToken(true);
152                     continue;
153                 }
154             }
155         }
156     }
157 
158     public boolean isMustSupportRefKeyIdentifier() {
159         return mustSupportRefKeyIdentifier;
160     }
161 
162     protected void setMustSupportRefKeyIdentifier(boolean mustSupportRefKeyIdentifier) {
163         this.mustSupportRefKeyIdentifier = mustSupportRefKeyIdentifier;
164     }
165 
166     public boolean isMustSupportRefIssuerSerial() {
167         return mustSupportRefIssuerSerial;
168     }
169 
170     protected void setMustSupportRefIssuerSerial(boolean mustSupportRefIssuerSerial) {
171         this.mustSupportRefIssuerSerial = mustSupportRefIssuerSerial;
172     }
173 
174     public boolean isMustSupportRefExternalURI() {
175         return mustSupportRefExternalURI;
176     }
177 
178     protected void setMustSupportRefExternalURI(boolean mustSupportRefExternalURI) {
179         this.mustSupportRefExternalURI = mustSupportRefExternalURI;
180     }
181 
182     public boolean isMustSupportRefEmbeddedToken() {
183         return mustSupportRefEmbeddedToken;
184     }
185 
186     protected void setMustSupportRefEmbeddedToken(boolean mustSupportRefEmbeddedToken) {
187         this.mustSupportRefEmbeddedToken = mustSupportRefEmbeddedToken;
188     }
189 }