View Javadoc
1   /**
2    * Licensed to the Apache Software Foundation (ASF) under one
3    * or more contributor license agreements. See the NOTICE file
4    * distributed with this work for additional information
5    * regarding copyright ownership. The ASF licenses this file
6    * to you under the Apache License, Version 2.0 (the
7    * "License"); you may not use this file except in compliance
8    * with the License. You may obtain a copy of the License at
9    *
10   * http://www.apache.org/licenses/LICENSE-2.0
11   *
12   * Unless required by applicable law or agreed to in writing,
13   * software distributed under the License is distributed on an
14   * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
15   * KIND, either express or implied. See the License for the
16   * specific language governing permissions and limitations
17   * under the License.
18   */
19  package org.apache.wss4j.policy.stax.assertionStates;
20  
21  import org.apache.wss4j.policy.AssertionState;
22  import org.apache.wss4j.common.WSSPolicyException;
23  import org.apache.wss4j.policy.model.AbstractSecurityAssertion;
24  import org.apache.wss4j.policy.model.Header;
25  import org.apache.wss4j.policy.model.RequiredParts;
26  import org.apache.xml.security.stax.securityEvent.SecurityEvent;
27  import org.apache.xml.security.stax.securityEvent.SecurityEventConstants;
28  import org.apache.wss4j.policy.stax.Assertable;
29  import org.apache.wss4j.policy.stax.DummyPolicyAsserter;
30  import org.apache.wss4j.policy.stax.PolicyAsserter;
31  import org.apache.wss4j.stax.ext.WSSConstants;
32  import org.apache.wss4j.stax.securityEvent.RequiredPartSecurityEvent;
33  import org.apache.wss4j.stax.securityEvent.WSSecurityEventConstants;
34  import org.apache.wss4j.stax.utils.WSSUtils;
35  
36  import javax.xml.namespace.QName;
37  
38  import java.util.*;
39  
40  /**
41   * WSP1.3, 4.3.2 RequiredParts Assertion
42   */
43  public class RequiredPartsAssertionState extends AssertionState implements Assertable {
44  
45      private final Map<Header, Boolean> headers = new HashMap<>();
46      private PolicyAsserter policyAsserter;
47      private final boolean soap12;
48  
49      public RequiredPartsAssertionState(AbstractSecurityAssertion assertion,
50                                         PolicyAsserter policyAsserter,
51                                         boolean asserted,
52                                         boolean soap12) {
53          super(assertion, asserted);
54  
55          RequiredParts requiredParts = (RequiredParts) assertion;
56          for (int i = 0; i < requiredParts.getHeaders().size(); i++) {
57              Header header = requiredParts.getHeaders().get(i);
58              headers.put(header, Boolean.FALSE);
59          }
60  
61          this.policyAsserter = policyAsserter;
62          if (this.policyAsserter == null) {
63              this.policyAsserter = new DummyPolicyAsserter();
64          }
65  
66          if (asserted) {
67              policyAsserter.assertPolicy(getAssertion());
68          }
69  
70          this.soap12 = soap12;
71      }
72  
73      @Override
74      public SecurityEventConstants.Event[] getSecurityEventType() {
75          return new SecurityEventConstants.Event[]{
76                  WSSecurityEventConstants.REQUIRED_PART
77          };
78      }
79  
80      @Override
81      public boolean assertEvent(SecurityEvent securityEvent) throws WSSPolicyException {
82          RequiredPartSecurityEvent requiredPartSecurityEvent = (RequiredPartSecurityEvent) securityEvent;
83  
84          Iterator<Map.Entry<Header, Boolean>> elementMapIterator = headers.entrySet().iterator();
85          while (elementMapIterator.hasNext()) {
86              Map.Entry<Header, Boolean> next = elementMapIterator.next();
87              Header header = next.getKey();
88              QName headerQName = new QName(header.getNamespace(), header.getName() == null ? "" : header.getName());
89  
90              List<QName> headerPath = new LinkedList<>();
91              if (soap12) {
92                  headerPath.addAll(WSSConstants.SOAP_12_HEADER_PATH);
93              } else {
94                  headerPath.addAll(WSSConstants.SOAP_11_HEADER_PATH);
95              }
96              headerPath.add(headerQName);
97  
98              if (WSSUtils.pathMatches(headerPath, requiredPartSecurityEvent.getElementPath(), header.getName() == null)) {
99                  next.setValue(Boolean.TRUE);
100                 break;
101             }
102         }
103         //if we return false here other required elements will trigger a PolicyViolationException
104         policyAsserter.assertPolicy(getAssertion());
105         return true;
106     }
107 
108     @Override
109     public boolean isAsserted() {
110         clearErrorMessage();
111         Iterator<Map.Entry<Header, Boolean>> elementMapIterator = headers.entrySet().iterator();
112         while (elementMapIterator.hasNext()) {
113             Map.Entry<Header, Boolean> next = elementMapIterator.next();
114             if (Boolean.FALSE.equals(next.getValue())) {
115                 setErrorMessage("Element " + next.getKey().toString() + " must be present");
116                 policyAsserter.unassertPolicy(getAssertion(), getErrorMessage());
117                 return false;
118             }
119         }
120         policyAsserter.assertPolicy(getAssertion());
121         return true;
122     }
123 }