View Javadoc
1   /**
2    * Licensed to the Apache Software Foundation (ASF) under one
3    * or more contributor license agreements. See the NOTICE file
4    * distributed with this work for additional information
5    * regarding copyright ownership. The ASF licenses this file
6    * to you under the Apache License, Version 2.0 (the
7    * "License"); you may not use this file except in compliance
8    * with the License. You may obtain a copy of the License at
9    *
10   * http://www.apache.org/licenses/LICENSE-2.0
11   *
12   * Unless required by applicable law or agreed to in writing,
13   * software distributed under the License is distributed on an
14   * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
15   * KIND, either express or implied. See the License for the
16   * specific language governing permissions and limitations
17   * under the License.
18   */
19  package org.apache.wss4j.policy.model;
20  
21  import org.apache.neethi.Assertion;
22  import org.apache.neethi.Policy;
23  import org.apache.wss4j.policy.SPConstants;
24  
25  import javax.xml.namespace.QName;
26  import java.util.Iterator;
27  import java.util.List;
28  
29  public class Wss11 extends Wss10 {
30  
31      private boolean mustSupportRefThumbprint;
32      private boolean mustSupportRefEncryptedKey;
33      private boolean requireSignatureConfirmation;
34  
35      public Wss11(SPConstants.SPVersion version, Policy nestedPolicy) {
36          super(version, nestedPolicy);
37  
38          parseNestedWss11Policy(nestedPolicy, this);
39      }
40  
41      @Override
42      public QName getName() {
43          return getVersion().getSPConstants().getWss11();
44      }
45  
46      @Override
47      public boolean equals(Object object) {
48          if (object == this) {
49              return true;
50          }
51          if (!(object instanceof Wss11)) {
52              return false;
53          }
54  
55          Wss11 that = (Wss11)object;
56          if (mustSupportRefThumbprint != that.mustSupportRefThumbprint
57              || mustSupportRefEncryptedKey != that.mustSupportRefEncryptedKey
58              || requireSignatureConfirmation != that.requireSignatureConfirmation) {
59              return false;
60          }
61  
62          return super.equals(object);
63      }
64  
65      @Override
66      public int hashCode() {
67          int result = 17;
68          result = 31 * result + Boolean.hashCode(mustSupportRefThumbprint);
69          result = 31 * result + Boolean.hashCode(mustSupportRefEncryptedKey);
70          result = 31 * result + Boolean.hashCode(requireSignatureConfirmation);
71  
72          return 31 * result + super.hashCode();
73      }
74  
75      @Override
76      protected AbstractSecurityAssertion cloneAssertion(Policy nestedPolicy) {
77          return new Wss11(getVersion(), nestedPolicy);
78      }
79  
80      protected void parseNestedWss11Policy(Policy nestedPolicy, Wss11 wss11) {
81          Iterator<List<Assertion>> alternatives = nestedPolicy.getAlternatives();
82          //we just process the first alternative
83          //this means that if we have a compact policy only the first alternative is visible
84          //in contrary to a normalized policy where just one alternative exists
85          if (alternatives.hasNext()) {
86              List<Assertion> assertions = alternatives.next();
87              for (Assertion assertion : assertions) {
88                  String assertionName = assertion.getName().getLocalPart();
89                  String assertionNamespace = assertion.getName().getNamespaceURI();
90  
91                  QName mustSupportRefThumbprint = getVersion().getSPConstants().getMustSupportRefThumbprint();
92                  if (mustSupportRefThumbprint.getLocalPart().equals(assertionName)
93                      && mustSupportRefThumbprint.getNamespaceURI().equals(assertionNamespace)) {
94                      if (wss11.isMustSupportRefThumbprint()) {
95                          throw new IllegalArgumentException(SPConstants.ERR_INVALID_POLICY);
96                      }
97                      wss11.setMustSupportRefThumbprint(true);
98                      continue;
99                  }
100 
101                 QName mustSupportRefEncryptedKey = getVersion().getSPConstants().getMustSupportRefEncryptedKey();
102                 if (mustSupportRefEncryptedKey.getLocalPart().equals(assertionName)
103                     && mustSupportRefEncryptedKey.getNamespaceURI().equals(assertionNamespace)) {
104                     if (wss11.isMustSupportRefEncryptedKey()) {
105                         throw new IllegalArgumentException(SPConstants.ERR_INVALID_POLICY);
106                     }
107                     wss11.setMustSupportRefEncryptedKey(true);
108                     continue;
109                 }
110 
111                 QName requireSigConf = getVersion().getSPConstants().getRequireSignatureConfirmation();
112                 if (requireSigConf.getLocalPart().equals(assertionName)
113                     && requireSigConf.getNamespaceURI().equals(assertionNamespace)) {
114                     if (wss11.isRequireSignatureConfirmation()) {
115                         throw new IllegalArgumentException(SPConstants.ERR_INVALID_POLICY);
116                     }
117                     wss11.setRequireSignatureConfirmation(true);
118                     continue;
119                 }
120             }
121         }
122     }
123 
124     public boolean isMustSupportRefThumbprint() {
125         return mustSupportRefThumbprint;
126     }
127 
128     protected void setMustSupportRefThumbprint(boolean mustSupportRefThumbprint) {
129         this.mustSupportRefThumbprint = mustSupportRefThumbprint;
130     }
131 
132     public boolean isMustSupportRefEncryptedKey() {
133         return mustSupportRefEncryptedKey;
134     }
135 
136     protected void setMustSupportRefEncryptedKey(boolean mustSupportRefEncryptedKey) {
137         this.mustSupportRefEncryptedKey = mustSupportRefEncryptedKey;
138     }
139 
140     public boolean isRequireSignatureConfirmation() {
141         return requireSignatureConfirmation;
142     }
143 
144     protected void setRequireSignatureConfirmation(boolean requireSignatureConfirmation) {
145         this.requireSignatureConfirmation = requireSignatureConfirmation;
146     }
147 }