1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19 package org.apache.wss4j.policy.model;
20
21 import org.apache.neethi.Assertion;
22 import org.apache.neethi.Policy;
23 import org.apache.neethi.PolicyComponent;
24 import org.apache.neethi.PolicyContainingAssertion;
25 import org.apache.wss4j.policy.SPConstants;
26
27 import javax.xml.namespace.QName;
28 import javax.xml.stream.XMLStreamException;
29 import javax.xml.stream.XMLStreamWriter;
30
31 import java.util.ArrayList;
32 import java.util.Iterator;
33 import java.util.List;
34
35 public class SupportingTokens extends AbstractSecurityAssertion implements PolicyContainingAssertion {
36
37 private QName supportingTokenType;
38 private final List<AbstractToken> tokens = new ArrayList<>();
39 private AlgorithmSuite algorithmSuite;
40 private SignedParts signedParts;
41 private SignedElements signedElements;
42 private EncryptedParts encryptedParts;
43 private EncryptedElements encryptedElements;
44 private Policy nestedPolicy;
45
46 public SupportingTokens(SPConstants.SPVersion version, QName supportingTokenType, Policy nestedPolicy) {
47 super(version);
48 this.supportingTokenType = supportingTokenType;
49 this.nestedPolicy = nestedPolicy;
50
51 parseNestedPolicy(nestedPolicy, this);
52 }
53
54 @Override
55 public QName getName() {
56 return supportingTokenType;
57 }
58
59 @Override
60 public boolean equals(Object object) {
61 if (object == this) {
62 return true;
63 }
64
65 if (!(object instanceof SupportingTokens)) {
66 return false;
67 }
68
69 SupportingTokens that = (SupportingTokens)object;
70 if (supportingTokenType != null && !supportingTokenType.equals(that.supportingTokenType)
71 || supportingTokenType == null && that.supportingTokenType != null) {
72 return false;
73 }
74 if (algorithmSuite != null && !algorithmSuite.equals(that.algorithmSuite)
75 || algorithmSuite == null && that.algorithmSuite != null) {
76 return false;
77 }
78 if (signedParts != null && !signedParts.equals(that.signedParts)
79 || signedParts == null && that.signedParts != null) {
80 return false;
81 }
82 if (signedElements != null && !signedElements.equals(that.signedElements)
83 || signedElements == null && that.signedElements != null) {
84 return false;
85 }
86 if (encryptedParts != null && !encryptedParts.equals(that.encryptedParts)
87 || encryptedParts == null && that.encryptedParts != null) {
88 return false;
89 }
90 if (encryptedElements != null && !encryptedElements.equals(that.encryptedElements)
91 || encryptedElements == null && that.encryptedElements != null) {
92 return false;
93 }
94 if (!tokens.equals(that.tokens)) {
95 return false;
96 }
97
98 return super.equals(object);
99 }
100
101 @Override
102 public int hashCode() {
103 int result = 17;
104 if (supportingTokenType != null) {
105 result = 31 * result + supportingTokenType.hashCode();
106 }
107 if (algorithmSuite != null) {
108 result = 31 * result + algorithmSuite.hashCode();
109 }
110 if (signedParts != null) {
111 result = 31 * result + signedParts.hashCode();
112 }
113 if (signedElements != null) {
114 result = 31 * result + signedElements.hashCode();
115 }
116 if (encryptedParts != null) {
117 result = 31 * result + encryptedParts.hashCode();
118 }
119 if (encryptedElements != null) {
120 result = 31 * result + encryptedElements.hashCode();
121 }
122 result = 31 * result + tokens.hashCode();
123
124 return 31 * result + super.hashCode();
125 }
126
127 @Override
128 public void serialize(XMLStreamWriter writer) throws XMLStreamException {
129 super.serialize(writer, getPolicy());
130 }
131
132 @Override
133 public PolicyComponent normalize() {
134 return super.normalize(getPolicy());
135 }
136
137 @Override
138 protected AbstractSecurityAssertion cloneAssertion(Policy nestedPolicy) {
139 return new SupportingTokens(getVersion(), getName(), nestedPolicy);
140 }
141
142 @Override
143 public Policy getPolicy() {
144 return nestedPolicy;
145 }
146
147 protected void parseNestedPolicy(Policy nestedPolicy, SupportingTokens supportingTokens) {
148 Iterator<List<Assertion>> alternatives = nestedPolicy.getAlternatives();
149
150
151
152 if (alternatives.hasNext()) {
153 List<Assertion> assertions = alternatives.next();
154 for (Assertion assertion : assertions) {
155 String assertionName = assertion.getName().getLocalPart();
156 String assertionNamespace = assertion.getName().getNamespaceURI();
157 if (assertion instanceof AbstractToken) {
158 AbstractToken abstractToken = (AbstractToken) assertion;
159 supportingTokens.addToken(abstractToken);
160 abstractToken.setParentAssertion(supportingTokens);
161 continue;
162 }
163
164 QName algSuite = getVersion().getSPConstants().getAlgorithmSuite();
165 if (algSuite.getLocalPart().equals(assertionName)
166 && algSuite.getNamespaceURI().equals(assertionNamespace)) {
167 if (supportingTokens.getAlgorithmSuite() != null) {
168 throw new IllegalArgumentException(SPConstants.ERR_INVALID_POLICY);
169 }
170 supportingTokens.setAlgorithmSuite((AlgorithmSuite) assertion);
171 continue;
172 }
173
174 QName signedParts = getVersion().getSPConstants().getSignedParts();
175 if (signedParts.getLocalPart().equals(assertionName)
176 && signedParts.getNamespaceURI().equals(assertionNamespace)) {
177 if (supportingTokens.getSignedParts() != null) {
178 throw new IllegalArgumentException(SPConstants.ERR_INVALID_POLICY);
179 }
180 supportingTokens.setSignedParts((SignedParts) assertion);
181 continue;
182 }
183
184 QName signedElements = getVersion().getSPConstants().getSignedElements();
185 if (signedElements.getLocalPart().equals(assertionName)
186 && signedElements.getNamespaceURI().equals(assertionNamespace)) {
187 if (supportingTokens.getSignedElements() != null) {
188 throw new IllegalArgumentException(SPConstants.ERR_INVALID_POLICY);
189 }
190 supportingTokens.setSignedElements((SignedElements) assertion);
191 continue;
192 }
193
194 QName encryptedParts = getVersion().getSPConstants().getEncryptedParts();
195 if (encryptedParts.getLocalPart().equals(assertionName)
196 && encryptedParts.getNamespaceURI().equals(assertionNamespace)) {
197 if (supportingTokens.getEncryptedParts() != null) {
198 throw new IllegalArgumentException(SPConstants.ERR_INVALID_POLICY);
199 }
200 supportingTokens.setEncryptedParts((EncryptedParts) assertion);
201 continue;
202 }
203
204 QName encryptedElements = getVersion().getSPConstants().getEncryptedElements();
205 if (encryptedElements.getLocalPart().equals(assertionName)
206 && encryptedElements.getNamespaceURI().equals(assertionNamespace)) {
207 if (supportingTokens.getEncryptedElements() != null) {
208 throw new IllegalArgumentException(SPConstants.ERR_INVALID_POLICY);
209 }
210 supportingTokens.setEncryptedElements((EncryptedElements) assertion);
211 continue;
212 }
213 }
214 }
215 }
216
217 public List<AbstractToken> getTokens() {
218 return tokens;
219 }
220
221 public void addToken(AbstractToken token) {
222 this.tokens.add(token);
223 }
224
225 public AlgorithmSuite getAlgorithmSuite() {
226 return algorithmSuite;
227 }
228
229 protected void setAlgorithmSuite(AlgorithmSuite algorithmSuite) {
230 this.algorithmSuite = algorithmSuite;
231 }
232
233 public SignedParts getSignedParts() {
234 return signedParts;
235 }
236
237 protected void setSignedParts(SignedParts signedParts) {
238 this.signedParts = signedParts;
239 }
240
241 public SignedElements getSignedElements() {
242 return signedElements;
243 }
244
245 protected void setSignedElements(SignedElements signedElements) {
246 this.signedElements = signedElements;
247 }
248
249 public EncryptedParts getEncryptedParts() {
250 return encryptedParts;
251 }
252
253 protected void setEncryptedParts(EncryptedParts encryptedParts) {
254 this.encryptedParts = encryptedParts;
255 }
256
257 public EncryptedElements getEncryptedElements() {
258 return encryptedElements;
259 }
260
261 protected void setEncryptedElements(EncryptedElements encryptedElements) {
262 this.encryptedElements = encryptedElements;
263 }
264
265
266
267
268 public boolean isEncryptedToken() {
269 QName name = getName();
270 return name != null && name.getLocalPart().contains("Encrypted");
271 }
272
273
274
275
276 public boolean isEndorsing() {
277 QName name = getName();
278 return name != null && name.getLocalPart().contains("Endorsing");
279 }
280
281 }