View Javadoc
1   /**
2    * Licensed to the Apache Software Foundation (ASF) under one
3    * or more contributor license agreements. See the NOTICE file
4    * distributed with this work for additional information
5    * regarding copyright ownership. The ASF licenses this file
6    * to you under the Apache License, Version 2.0 (the
7    * "License"); you may not use this file except in compliance
8    * with the License. You may obtain a copy of the License at
9    *
10   * http://www.apache.org/licenses/LICENSE-2.0
11   *
12   * Unless required by applicable law or agreed to in writing,
13   * software distributed under the License is distributed on an
14   * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
15   * KIND, either express or implied. See the License for the
16   * specific language governing permissions and limitations
17   * under the License.
18   */
19  package org.apache.wss4j.stax.impl.processor.output;
20  
21  import java.time.Instant;
22  import java.time.ZoneOffset;
23  import java.time.format.DateTimeFormatter;
24  
25  import javax.xml.namespace.QName;
26  import javax.xml.stream.XMLStreamException;
27  
28  import org.apache.wss4j.common.util.DateUtil;
29  import org.apache.wss4j.stax.ext.WSSConstants;
30  import org.apache.wss4j.stax.ext.WSSSecurityProperties;
31  import org.apache.wss4j.stax.utils.WSSUtils;
32  import org.apache.xml.security.exceptions.XMLSecurityException;
33  import org.apache.xml.security.stax.ext.AbstractOutputProcessor;
34  import org.apache.xml.security.stax.ext.OutputProcessorChain;
35  import org.apache.xml.security.stax.ext.stax.XMLSecEvent;
36  
37  public class TimestampOutputProcessor extends AbstractOutputProcessor {
38  
39      public TimestampOutputProcessor() throws XMLSecurityException {
40          super();
41          addBeforeProcessor(WSSSignatureOutputProcessor.class);
42          addBeforeProcessor(EncryptOutputProcessor.class);
43      }
44  
45      /*
46      <wsu:Timestamp wsu:Id="Timestamp-1247751600"
47          xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
48              <wsu:Created xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
49                  2009-08-31T05:37:57.391Z
50              </wsu:Created>
51              <wsu:Expires xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
52                  2009-08-31T05:52:57.391Z
53              </wsu:Expires>
54          </wsu:Timestamp>
55       */
56  
57      @Override
58      public void processEvent(XMLSecEvent xmlSecEvent, OutputProcessorChain outputProcessorChain)
59              throws XMLStreamException, XMLSecurityException {
60  
61          outputProcessorChain.processEvent(xmlSecEvent);
62  
63          if (WSSUtils.isSecurityHeaderElement(xmlSecEvent, ((WSSSecurityProperties) getSecurityProperties()).getActor())) {
64  
65              final QName headerElementName = WSSConstants.TAG_WSU_TIMESTAMP;
66              OutputProcessorUtils.updateSecurityHeaderOrder(outputProcessorChain, headerElementName, getAction(), false);
67  
68              Instant created = Instant.now();
69  
70              int ttl = ((WSSSecurityProperties) getSecurityProperties()).getTimestampTTL();
71              Instant expires = created.plusSeconds(ttl);
72  
73              OutputProcessorChain subOutputProcessorChain = outputProcessorChain.createSubChain(this);
74              //wsu:id is optional and will be added when signing...
75              createStartElementAndOutputAsEvent(subOutputProcessorChain, headerElementName, true, null);
76              createStartElementAndOutputAsEvent(subOutputProcessorChain, WSSConstants.TAG_WSU_CREATED, false, null);
77              DateTimeFormatter formatter = DateUtil.getDateTimeFormatter(true);
78              createCharactersAndOutputAsEvent(subOutputProcessorChain, created.atZone(ZoneOffset.UTC).format(formatter));
79              createEndElementAndOutputAsEvent(subOutputProcessorChain, WSSConstants.TAG_WSU_CREATED);
80              createStartElementAndOutputAsEvent(subOutputProcessorChain, WSSConstants.TAG_WSU_EXPIRES, false, null);
81              createCharactersAndOutputAsEvent(subOutputProcessorChain, expires.atZone(ZoneOffset.UTC).format(formatter));
82              createEndElementAndOutputAsEvent(subOutputProcessorChain, WSSConstants.TAG_WSU_EXPIRES);
83              createEndElementAndOutputAsEvent(subOutputProcessorChain, headerElementName);
84  
85              outputProcessorChain.removeProcessor(this);
86          }
87      }
88  }