1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19 package org.apache.wss4j.stax.impl.processor.output;
20
21 import java.util.ArrayList;
22 import java.util.List;
23
24 import javax.xml.namespace.QName;
25 import javax.xml.stream.XMLStreamException;
26
27 import org.apache.wss4j.stax.ext.WSSConstants;
28 import org.apache.wss4j.stax.ext.WSSSecurityProperties;
29 import org.apache.wss4j.stax.utils.WSSUtils;
30 import org.apache.xml.security.exceptions.XMLSecurityException;
31 import org.apache.xml.security.stax.ext.AbstractOutputProcessor;
32 import org.apache.xml.security.stax.ext.OutputProcessorChain;
33 import org.apache.xml.security.stax.ext.stax.XMLSecAttribute;
34 import org.apache.xml.security.stax.ext.stax.XMLSecEvent;
35 import org.apache.xml.security.stax.impl.util.IDGenerator;
36 import org.apache.xml.security.stax.securityEvent.SecurityEvent;
37 import org.apache.xml.security.stax.securityEvent.SecurityEventConstants;
38 import org.apache.xml.security.stax.securityEvent.SignatureValueSecurityEvent;
39 import org.apache.xml.security.utils.XMLUtils;
40
41 public class SignatureConfirmationOutputProcessor extends AbstractOutputProcessor {
42
43 public SignatureConfirmationOutputProcessor() throws XMLSecurityException {
44 super();
45 addBeforeProcessor(WSSSignatureOutputProcessor.class);
46 addBeforeProcessor(EncryptOutputProcessor.class);
47 }
48
49 @Override
50 public void processEvent(XMLSecEvent xmlSecEvent, OutputProcessorChain outputProcessorChain)
51 throws XMLStreamException, XMLSecurityException {
52
53 outputProcessorChain.processEvent(xmlSecEvent);
54
55 if (WSSUtils.isSecurityHeaderElement(xmlSecEvent, ((WSSSecurityProperties) getSecurityProperties()).getActor())) {
56
57 final QName headerElementName = WSSConstants.TAG_WSSE11_SIG_CONF;
58
59 OutputProcessorChain subOutputProcessorChain = outputProcessorChain.createSubChain(this);
60
61 boolean aSignatureFound = false;
62
63 List<SecurityEvent> requestSecurityEvents = outputProcessorChain.getSecurityContext().getAsList(SecurityEvent.class);
64 for (int i = 0; i < requestSecurityEvents.size(); i++) {
65 SecurityEvent securityEvent = requestSecurityEvents.get(i);
66 if (SecurityEventConstants.SignatureValue.equals(securityEvent.getSecurityEventType())) {
67 aSignatureFound = true;
68 SignatureValueSecurityEvent signatureValueSecurityEvent = (SignatureValueSecurityEvent) securityEvent;
69
70 OutputProcessorUtils.updateSecurityHeaderOrder(outputProcessorChain, headerElementName, getAction(), false);
71
72 List<XMLSecAttribute> attributes = new ArrayList<>(2);
73 attributes.add(createAttribute(WSSConstants.ATT_WSU_ID, IDGenerator.generateID(null)));
74 String base64SigValue =
75 XMLUtils.encodeToString(signatureValueSecurityEvent.getSignatureValue());
76 attributes.add(createAttribute(WSSConstants.ATT_NULL_VALUE, base64SigValue));
77 createStartElementAndOutputAsEvent(subOutputProcessorChain, headerElementName, true, attributes);
78 createEndElementAndOutputAsEvent(subOutputProcessorChain, headerElementName);
79 }
80 }
81
82 if (!aSignatureFound) {
83 OutputProcessorUtils.updateSecurityHeaderOrder(outputProcessorChain, headerElementName, getAction(), false);
84 List<XMLSecAttribute> attributes = new ArrayList<>(1);
85 attributes.add(createAttribute(WSSConstants.ATT_WSU_ID, IDGenerator.generateID(null)));
86 createStartElementAndOutputAsEvent(subOutputProcessorChain, headerElementName, true, attributes);
87 createEndElementAndOutputAsEvent(subOutputProcessorChain, headerElementName);
88 }
89
90 outputProcessorChain.removeProcessor(this);
91 }
92 }
93 }