View Javadoc
1   /**
2    * Licensed to the Apache Software Foundation (ASF) under one
3    * or more contributor license agreements. See the NOTICE file
4    * distributed with this work for additional information
5    * regarding copyright ownership. The ASF licenses this file
6    * to you under the Apache License, Version 2.0 (the
7    * "License"); you may not use this file except in compliance
8    * with the License. You may obtain a copy of the License at
9    *
10   * http://www.apache.org/licenses/LICENSE-2.0
11   *
12   * Unless required by applicable law or agreed to in writing,
13   * software distributed under the License is distributed on an
14   * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
15   * KIND, either express or implied. See the License for the
16   * specific language governing permissions and limitations
17   * under the License.
18   */
19  package org.apache.wss4j.stax.impl.processor.output;
20  
21  import java.util.ArrayList;
22  import java.util.List;
23  
24  import javax.xml.namespace.QName;
25  import javax.xml.stream.XMLStreamException;
26  
27  import org.apache.wss4j.stax.ext.WSSConstants;
28  import org.apache.wss4j.stax.ext.WSSSecurityProperties;
29  import org.apache.wss4j.stax.utils.WSSUtils;
30  import org.apache.xml.security.exceptions.XMLSecurityException;
31  import org.apache.xml.security.stax.ext.AbstractOutputProcessor;
32  import org.apache.xml.security.stax.ext.OutputProcessorChain;
33  import org.apache.xml.security.stax.ext.stax.XMLSecAttribute;
34  import org.apache.xml.security.stax.ext.stax.XMLSecEvent;
35  import org.apache.xml.security.stax.impl.util.IDGenerator;
36  import org.apache.xml.security.stax.securityEvent.SecurityEvent;
37  import org.apache.xml.security.stax.securityEvent.SecurityEventConstants;
38  import org.apache.xml.security.stax.securityEvent.SignatureValueSecurityEvent;
39  import org.apache.xml.security.utils.XMLUtils;
40  
41  public class SignatureConfirmationOutputProcessor extends AbstractOutputProcessor {
42  
43      public SignatureConfirmationOutputProcessor() throws XMLSecurityException {
44          super();
45          addBeforeProcessor(WSSSignatureOutputProcessor.class);
46          addBeforeProcessor(EncryptOutputProcessor.class);
47      }
48  
49      @Override
50      public void processEvent(XMLSecEvent xmlSecEvent, OutputProcessorChain outputProcessorChain)
51              throws XMLStreamException, XMLSecurityException {
52  
53          outputProcessorChain.processEvent(xmlSecEvent);
54  
55          if (WSSUtils.isSecurityHeaderElement(xmlSecEvent, ((WSSSecurityProperties) getSecurityProperties()).getActor())) {
56  
57              final QName headerElementName = WSSConstants.TAG_WSSE11_SIG_CONF;
58  
59              OutputProcessorChain subOutputProcessorChain = outputProcessorChain.createSubChain(this);
60  
61              boolean aSignatureFound = false;
62  
63              List<SecurityEvent> requestSecurityEvents = outputProcessorChain.getSecurityContext().getAsList(SecurityEvent.class);
64              for (int i = 0; i < requestSecurityEvents.size(); i++) {
65                  SecurityEvent securityEvent = requestSecurityEvents.get(i);
66                  if (SecurityEventConstants.SignatureValue.equals(securityEvent.getSecurityEventType())) {
67                      aSignatureFound = true;
68                      SignatureValueSecurityEvent signatureValueSecurityEvent = (SignatureValueSecurityEvent) securityEvent;
69  
70                      OutputProcessorUtils.updateSecurityHeaderOrder(outputProcessorChain, headerElementName, getAction(), false);
71  
72                      List<XMLSecAttribute> attributes = new ArrayList<>(2);
73                      attributes.add(createAttribute(WSSConstants.ATT_WSU_ID, IDGenerator.generateID(null)));
74                      String base64SigValue =
75                          XMLUtils.encodeToString(signatureValueSecurityEvent.getSignatureValue());
76                      attributes.add(createAttribute(WSSConstants.ATT_NULL_VALUE, base64SigValue));
77                      createStartElementAndOutputAsEvent(subOutputProcessorChain, headerElementName, true, attributes);
78                      createEndElementAndOutputAsEvent(subOutputProcessorChain, headerElementName);
79                  }
80              }
81  
82              if (!aSignatureFound) {
83                  OutputProcessorUtils.updateSecurityHeaderOrder(outputProcessorChain, headerElementName, getAction(), false);
84                  List<XMLSecAttribute> attributes = new ArrayList<>(1);
85                  attributes.add(createAttribute(WSSConstants.ATT_WSU_ID, IDGenerator.generateID(null)));
86                  createStartElementAndOutputAsEvent(subOutputProcessorChain, headerElementName, true, attributes);
87                  createEndElementAndOutputAsEvent(subOutputProcessorChain, headerElementName);
88              }
89  
90              outputProcessorChain.removeProcessor(this);
91          }
92      }
93  }