1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19 package org.apache.wss4j.stax.impl.securityToken;
20
21 import java.io.IOException;
22 import java.security.Key;
23
24 import javax.crypto.spec.SecretKeySpec;
25 import javax.security.auth.callback.Callback;
26 import javax.security.auth.callback.UnsupportedCallbackException;
27
28 import org.apache.wss4j.common.ext.WSPasswordCallback;
29 import org.apache.wss4j.common.ext.WSSecurityException;
30 import org.apache.wss4j.stax.ext.WSInboundSecurityContext;
31 import org.apache.wss4j.stax.ext.WSSSecurityProperties;
32 import org.apache.wss4j.stax.securityToken.WSSecurityTokenConstants;
33 import org.apache.xml.security.algorithms.JCEMapper;
34 import org.apache.xml.security.exceptions.XMLSecurityException;
35 import org.apache.xml.security.stax.ext.XMLSecurityConstants;
36 import org.apache.xml.security.stax.impl.securityToken.AbstractInboundSecurityToken;
37 import org.apache.xml.security.stax.securityToken.SecurityTokenConstants.TokenType;
38 import org.w3c.dom.Element;
39
40 public class ExternalSecurityTokenImpl extends AbstractInboundSecurityToken {
41
42 private Element tokenElement;
43 private byte[] key;
44
45 public ExternalSecurityTokenImpl(WSInboundSecurityContext wsInboundSecurityContext, String id,
46 WSSecurityTokenConstants.KeyIdentifier keyIdentifier,
47 WSSSecurityProperties securityProperties,
48 boolean included) throws WSSecurityException {
49 super(wsInboundSecurityContext, id, keyIdentifier, included);
50 if (securityProperties.getCallbackHandler() != null) {
51
52 WSPasswordCallback pwcb =
53 new WSPasswordCallback(id, WSPasswordCallback.CUSTOM_TOKEN);
54 try {
55 securityProperties.getCallbackHandler().handle(new Callback[]{pwcb});
56 } catch (IOException | UnsupportedCallbackException e) {
57 throw new WSSecurityException(WSSecurityException.ErrorCode.FAILURE, e, "noPassword");
58 }
59
60 this.tokenElement = pwcb.getCustomToken();
61 this.key = pwcb.getKey();
62 }
63
64 if (this.tokenElement == null) {
65 throw new WSSecurityException(
66 WSSecurityException.ErrorCode.SECURITY_TOKEN_UNAVAILABLE, "noToken",
67 new Object[] {id}
68 );
69 }
70 }
71
72 @Override
73 protected Key getKey(String algorithmURI, XMLSecurityConstants.AlgorithmUsage algorithmUsage, String correlationID)
74 throws XMLSecurityException {
75 String keyAlgorithm = JCEMapper.getJCEKeyAlgorithmFromURI(algorithmURI);
76 return new SecretKeySpec(key, keyAlgorithm);
77 }
78
79 @Override
80 public TokenType getTokenType() {
81 if ("SecurityContextToken".equals(tokenElement.getLocalName())) {
82 return WSSecurityTokenConstants.SECURITY_CONTEXT_TOKEN;
83 }
84 return null;
85 }
86
87 }