View Javadoc
1   /**
2    * Licensed to the Apache Software Foundation (ASF) under one
3    * or more contributor license agreements. See the NOTICE file
4    * distributed with this work for additional information
5    * regarding copyright ownership. The ASF licenses this file
6    * to you under the Apache License, Version 2.0 (the
7    * "License"); you may not use this file except in compliance
8    * with the License. You may obtain a copy of the License at
9    *
10   * http://www.apache.org/licenses/LICENSE-2.0
11   *
12   * Unless required by applicable law or agreed to in writing,
13   * software distributed under the License is distributed on an
14   * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
15   * KIND, either express or implied. See the License for the
16   * specific language governing permissions and limitations
17   * under the License.
18   */
19  package org.apache.wss4j.stax.impl.securityToken;
20  
21  import java.security.Key;
22  
23  import javax.crypto.spec.SecretKeySpec;
24  
25  import org.apache.wss4j.common.util.UsernameTokenUtil;
26  import org.apache.wss4j.stax.securityToken.WSSecurityTokenConstants;
27  import org.apache.xml.security.exceptions.XMLSecurityException;
28  import org.apache.xml.security.stax.config.JCEAlgorithmMapper;
29  import org.apache.xml.security.stax.impl.securityToken.GenericOutboundSecurityToken;
30  
31  public class OutboundUsernameSecurityToken extends GenericOutboundSecurityToken {
32  
33      private String username;
34      private String password;
35      private String createdTime;
36      private byte[] nonce;
37      private byte[] salt;
38      private int iterations;
39  
40      public OutboundUsernameSecurityToken(String username, String password, String createdTime,
41                                           byte[] nonce, String id, byte[] salt, int iterations) {
42          super(id, WSSecurityTokenConstants.USERNAME_TOKEN);
43          this.username = username;
44          this.password = password;
45          this.createdTime = createdTime;
46          this.nonce = nonce;
47          this.salt = salt;
48          this.iterations = iterations;
49      }
50  
51      public String getUsername() {
52          return username;
53      }
54  
55      public String getPassword() {
56          return password;
57      }
58  
59      public String getCreated() {
60          return createdTime;
61      }
62  
63      public byte[] getNonce() {
64          return nonce;
65      }
66  
67      @Override
68      public Key getSecretKey(String algorithmURI) throws XMLSecurityException {
69          Key key = super.getSecretKey(algorithmURI);
70          if (key != null) {
71              return key;
72          }
73  
74          byte[] secretToken =
75              UsernameTokenUtil.generateDerivedKey(getPassword(), salt, iterations);
76  
77          String algoFamily = JCEAlgorithmMapper.getJCEKeyAlgorithmFromURI(algorithmURI);
78          key = new SecretKeySpec(secretToken, algoFamily);
79          setSecretKey(algorithmURI, key);
80          return key;
81  
82      }
83  
84  }