1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19 package org.apache.wss4j.policy.model;
20
21 import org.apache.neethi.Assertion;
22 import org.apache.neethi.Policy;
23 import org.apache.wss4j.policy.SPConstants;
24 import org.w3c.dom.Element;
25
26 import javax.xml.namespace.QName;
27 import java.util.*;
28
29 public class RelToken extends AbstractToken {
30
31 public enum RelTokenType {
32 WssRelV10Token10,
33 WssRelV20Token10,
34 WssRelV10Token11,
35 WssRelV20Token11;
36
37 private static final Map<String, RelTokenType> LOOKUP = new HashMap<>();
38
39 static {
40 for (RelTokenType u : EnumSet.allOf(RelTokenType.class)) {
41 LOOKUP.put(u.name(), u);
42 }
43 }
44
45 public static RelTokenType lookUp(String name) {
46 return LOOKUP.get(name);
47 }
48 }
49
50 private boolean requireKeyIdentifierReference;
51 private RelTokenType relTokenType;
52
53 public RelToken(SPConstants.SPVersion version, SPConstants.IncludeTokenType includeTokenType,
54 Element issuer, String issuerName, Element claims, Policy nestedPolicy) {
55 super(version, includeTokenType, issuer, issuerName, claims, nestedPolicy);
56
57 parseNestedPolicy(nestedPolicy, this);
58 }
59
60 @Override
61 public QName getName() {
62 return getVersion().getSPConstants().getRelToken();
63 }
64
65 @Override
66 public boolean equals(Object object) {
67 if (object == this) {
68 return true;
69 }
70 if (!(object instanceof RelToken)) {
71 return false;
72 }
73
74 RelToken that = (RelToken)object;
75 if (requireKeyIdentifierReference != that.requireKeyIdentifierReference) {
76 return false;
77 }
78 if (relTokenType != that.relTokenType) {
79 return false;
80 }
81
82 return super.equals(object);
83 }
84
85 @Override
86 public int hashCode() {
87 int result = 17;
88 if (relTokenType != null) {
89 result = 31 * result + relTokenType.hashCode();
90 }
91 result = 31 * result + Boolean.hashCode(requireKeyIdentifierReference);
92
93 return 31 * result + super.hashCode();
94 }
95
96 @Override
97 protected AbstractSecurityAssertion cloneAssertion(Policy nestedPolicy) {
98 return new RelToken(getVersion(), getIncludeTokenType(), getIssuer(), getIssuerName(),
99 getClaims(), nestedPolicy);
100 }
101
102 protected void parseNestedPolicy(Policy nestedPolicy, RelToken relToken) {
103 Iterator<List<Assertion>> alternatives = nestedPolicy.getAlternatives();
104
105
106
107 if (alternatives.hasNext()) {
108 List<Assertion> assertions = alternatives.next();
109 for (Assertion assertion : assertions) {
110 String assertionName = assertion.getName().getLocalPart();
111 String assertionNamespace = assertion.getName().getNamespaceURI();
112 DerivedKeys derivedKeys = DerivedKeys.lookUp(assertionName);
113 if (derivedKeys != null) {
114 if (relToken.getDerivedKeys() != null) {
115 throw new IllegalArgumentException(SPConstants.ERR_INVALID_POLICY);
116 }
117 relToken.setDerivedKeys(derivedKeys);
118 continue;
119 }
120 QName requireKeyIdentifierRef =
121 getVersion().getSPConstants().getRequireKeyIdentifierReference();
122 if (requireKeyIdentifierRef.getLocalPart().equals(assertionName)
123 && requireKeyIdentifierRef.getNamespaceURI().equals(assertionNamespace)) {
124 if (relToken.isRequireKeyIdentifierReference()) {
125 throw new IllegalArgumentException(SPConstants.ERR_INVALID_POLICY);
126 }
127 relToken.setRequireKeyIdentifierReference(true);
128 continue;
129 }
130 RelTokenType samlTokenType = RelTokenType.lookUp(assertionName);
131 if (samlTokenType != null) {
132 if (relToken.getRelTokenType() != null) {
133 throw new IllegalArgumentException(SPConstants.ERR_INVALID_POLICY);
134 }
135 relToken.setRelTokenType(samlTokenType);
136 continue;
137 }
138 }
139 }
140 }
141
142 public boolean isRequireKeyIdentifierReference() {
143 return requireKeyIdentifierReference;
144 }
145
146 public void setRequireKeyIdentifierReference(boolean requireKeyIdentifierReference) {
147 this.requireKeyIdentifierReference = requireKeyIdentifierReference;
148 }
149
150 public RelTokenType getRelTokenType() {
151 return relTokenType;
152 }
153
154 protected void setRelTokenType(RelTokenType relTokenType) {
155 this.relTokenType = relTokenType;
156 }
157 }