1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20 package org.apache.wss4j.dom.message;
21
22 import org.apache.wss4j.dom.WSConstants;
23
24 import org.apache.wss4j.common.ext.WSSecurityException;
25 import org.apache.wss4j.common.util.UsernameTokenUtil;
26 import org.apache.wss4j.common.util.WSCurrentTimeSource;
27 import org.apache.wss4j.common.util.WSTimeSource;
28 import org.apache.wss4j.dom.message.token.UsernameToken;
29 import org.apache.wss4j.dom.util.WSSecurityUtil;
30 import org.w3c.dom.Document;
31 import org.w3c.dom.Element;
32
33
34
35
36
37
38 public class WSSecUsernameToken extends WSSecBase {
39 private static final org.slf4j.Logger LOG =
40 org.slf4j.LoggerFactory.getLogger(WSSecUsernameToken.class);
41
42 private String passwordType = WSConstants.PASSWORD_DIGEST;
43 private UsernameToken ut;
44 private boolean nonce;
45 private boolean created;
46 private boolean useDerivedKey;
47 private int iteration = UsernameToken.DEFAULT_ITERATION;
48 private boolean passwordsAreEncoded;
49 private boolean precisionInMilliSeconds = true;
50 private WSTimeSource wsTimeSource = new WSCurrentTimeSource();
51
52 public WSSecUsernameToken(WSSecHeader securityHeader) {
53 super(securityHeader);
54 }
55
56 public WSSecUsernameToken(Document doc) {
57 super(doc);
58 }
59
60
61
62
63
64
65
66
67
68
69
70 public void setPasswordType(String pwType) {
71 this.passwordType = pwType;
72 }
73
74
75
76
77 public void addNonce() {
78 nonce = true;
79 }
80
81
82
83
84 public void addCreated() {
85 created = true;
86 }
87
88
89
90
91
92 public void addDerivedKey(int iteration) {
93 passwordType = null;
94 useDerivedKey = true;
95 if (iteration > 0) {
96 this.iteration = iteration;
97 }
98 }
99
100
101
102
103
104
105
106
107
108
109
110
111 public byte[] getDerivedKey(byte[] saltValue) throws WSSecurityException {
112 if (ut == null || !useDerivedKey) {
113 return new byte[0];
114 }
115 if (passwordsAreEncoded) {
116 return UsernameTokenUtil.generateDerivedKey(org.apache.xml.security.utils.XMLUtils.decode(password),
117 saltValue, iteration);
118 } else {
119 return UsernameTokenUtil.generateDerivedKey(password, saltValue, iteration);
120 }
121 }
122
123
124
125
126
127 public void setPasswordsAreEncoded(boolean passwordsAreEncoded) {
128 this.passwordsAreEncoded = passwordsAreEncoded;
129 }
130
131
132
133
134 public boolean getPasswordsAreEncoded() {
135 return passwordsAreEncoded;
136 }
137
138
139
140
141
142
143
144
145
146 public String getId() {
147 if (ut == null) {
148 return null;
149 }
150 return ut.getID();
151 }
152
153
154
155
156
157
158
159
160
161
162 public void prepare() {
163 prepare(null);
164 }
165
166 public void prepare(byte[] saltValue) {
167 ut = new UsernameToken(precisionInMilliSeconds, getDocument(), wsTimeSource, passwordType);
168 ut.setPasswordsAreEncoded(passwordsAreEncoded);
169 ut.setName(user);
170 if (useDerivedKey) {
171 ut.addSalt(getDocument(), saltValue);
172 ut.addIteration(getDocument(), iteration);
173 } else {
174 ut.setPassword(password);
175 }
176 if (nonce) {
177 ut.addNonce(getDocument());
178 }
179 if (created) {
180 ut.addCreated(precisionInMilliSeconds, wsTimeSource, getDocument());
181 }
182 ut.setID(getIdAllocator().createId("UsernameToken-", ut));
183 if (addWSUNamespace) {
184 ut.addWSUNamespace();
185 }
186 }
187
188
189
190
191
192
193
194
195
196 public void prependToHeader() {
197 Element securityHeaderElement = getSecurityHeader().getSecurityHeaderElement();
198 WSSecurityUtil.prependChildElement(securityHeaderElement, ut.getElement());
199 }
200
201
202
203
204
205
206
207
208
209 public void appendToHeader() {
210 Element securityHeaderElement = getSecurityHeader().getSecurityHeaderElement();
211 securityHeaderElement.appendChild(ut.getElement());
212 }
213
214
215
216
217
218
219
220
221
222
223
224
225 public Document build(byte[] salt) {
226 LOG.debug("Begin add username token...");
227
228 prepare(salt);
229 prependToHeader();
230
231 return getDocument();
232 }
233
234 public Document build() {
235 return build(null);
236 }
237
238
239
240
241
242
243
244
245
246
247 public Element getUsernameTokenElement() {
248 return ut.getElement();
249 }
250
251 public boolean isPrecisionInMilliSeconds() {
252 return precisionInMilliSeconds;
253 }
254
255 public void setPrecisionInMilliSeconds(boolean precisionInMilliSeconds) {
256 this.precisionInMilliSeconds = precisionInMilliSeconds;
257 }
258
259 public WSTimeSource getWsTimeSource() {
260 return wsTimeSource;
261 }
262
263 public void setWsTimeSource(WSTimeSource wsTimeSource) {
264 this.wsTimeSource = wsTimeSource;
265 }
266 }