1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19 package org.apache.wss4j.policy.model;
20
21 import org.apache.neethi.Assertion;
22 import org.apache.neethi.Policy;
23 import org.apache.neethi.PolicyComponent;
24 import org.apache.neethi.PolicyContainingAssertion;
25 import org.apache.wss4j.policy.SPConstants;
26
27 import javax.xml.namespace.QName;
28 import javax.xml.stream.XMLStreamException;
29 import javax.xml.stream.XMLStreamWriter;
30 import java.util.Iterator;
31 import java.util.List;
32
33 public class Trust10 extends AbstractSecurityAssertion implements PolicyContainingAssertion {
34
35 private Policy nestedPolicy;
36 private boolean mustSupportClientChallenge;
37 private boolean mustSupportServerChallenge;
38 private boolean requireClientEntropy;
39 private boolean requireServerEntropy;
40 private boolean mustSupportIssuedTokens;
41
42 public Trust10(SPConstants.SPVersion version, Policy nestedPolicy) {
43 super(version);
44 this.nestedPolicy = nestedPolicy;
45
46 parseNestedTrust10Policy(nestedPolicy, this);
47 }
48
49 @Override
50 public Policy getPolicy() {
51 return nestedPolicy;
52 }
53
54 @Override
55 public QName getName() {
56 return getVersion().getSPConstants().getTrust10();
57 }
58
59 @Override
60 public boolean equals(Object object) {
61 if (object == this) {
62 return true;
63 }
64 if (!(object instanceof Trust10)) {
65 return false;
66 }
67
68 Trust10 that = (Trust10)object;
69 if (mustSupportClientChallenge != that.mustSupportClientChallenge
70 || mustSupportServerChallenge != that.mustSupportServerChallenge
71 || requireClientEntropy != that.requireClientEntropy
72 || requireServerEntropy != that.requireServerEntropy
73 || mustSupportIssuedTokens != that.mustSupportIssuedTokens) {
74 return false;
75 }
76
77 return super.equals(object);
78 }
79
80 @Override
81 public int hashCode() {
82 int result = 17;
83 result = 31 * result + Boolean.hashCode(mustSupportClientChallenge);
84 result = 31 * result + Boolean.hashCode(mustSupportServerChallenge);
85 result = 31 * result + Boolean.hashCode(requireClientEntropy);
86 result = 31 * result + Boolean.hashCode(requireServerEntropy);
87 result = 31 * result + Boolean.hashCode(mustSupportIssuedTokens);
88
89 return 31 * result + super.hashCode();
90 }
91
92 @Override
93 public PolicyComponent normalize() {
94 return super.normalize(getPolicy());
95 }
96
97 @Override
98 public void serialize(XMLStreamWriter writer) throws XMLStreamException {
99 super.serialize(writer, getPolicy());
100 }
101
102 @Override
103 protected AbstractSecurityAssertion cloneAssertion(Policy nestedPolicy) {
104 return new Trust10(getVersion(), nestedPolicy);
105 }
106
107 protected void parseNestedTrust10Policy(Policy nestedPolicy, Trust10 trust10) {
108 Iterator<List<Assertion>> alternatives = nestedPolicy.getAlternatives();
109
110
111
112 if (alternatives.hasNext()) {
113 List<Assertion> assertions = alternatives.next();
114 for (Assertion assertion : assertions) {
115 String assertionName = assertion.getName().getLocalPart();
116 String assertionNamespace = assertion.getName().getNamespaceURI();
117
118 QName mustSupportClientChallenge = getVersion().getSPConstants().getMustSupportClientChallenge();
119 if (mustSupportClientChallenge.getLocalPart().equals(assertionName)
120 && mustSupportClientChallenge.getNamespaceURI().equals(assertionNamespace)) {
121 if (trust10.isMustSupportClientChallenge()) {
122 throw new IllegalArgumentException(SPConstants.ERR_INVALID_POLICY);
123 }
124 trust10.setMustSupportClientChallenge(true);
125 continue;
126 }
127
128 QName mustSupportServerChallenge = getVersion().getSPConstants().getMustSupportServerChallenge();
129 if (mustSupportServerChallenge.getLocalPart().equals(assertionName)
130 && mustSupportServerChallenge.getNamespaceURI().equals(assertionNamespace)) {
131 if (trust10.isMustSupportServerChallenge()) {
132 throw new IllegalArgumentException(SPConstants.ERR_INVALID_POLICY);
133 }
134 trust10.setMustSupportServerChallenge(true);
135 continue;
136 }
137
138 QName requireClientEntropy = getVersion().getSPConstants().getRequireClientEntropy();
139 if (requireClientEntropy.getLocalPart().equals(assertionName)
140 && requireClientEntropy.getNamespaceURI().equals(assertionNamespace)) {
141 if (trust10.isRequireClientEntropy()) {
142 throw new IllegalArgumentException(SPConstants.ERR_INVALID_POLICY);
143 }
144 trust10.setRequireClientEntropy(true);
145 continue;
146 }
147
148 QName requireServerEntropy = getVersion().getSPConstants().getRequireServerEntropy();
149 if (requireServerEntropy.getLocalPart().equals(assertionName)
150 && requireServerEntropy.getNamespaceURI().equals(assertionNamespace)) {
151 if (trust10.isRequireServerEntropy()) {
152 throw new IllegalArgumentException(SPConstants.ERR_INVALID_POLICY);
153 }
154 trust10.setRequireServerEntropy(true);
155 continue;
156 }
157
158 QName mustSupportIssuedTokens = getVersion().getSPConstants().getMustSupportIssuedTokens();
159 if (mustSupportIssuedTokens.getLocalPart().equals(assertionName)
160 && mustSupportIssuedTokens.getNamespaceURI().equals(assertionNamespace)) {
161 if (trust10.isMustSupportIssuedTokens()) {
162 throw new IllegalArgumentException(SPConstants.ERR_INVALID_POLICY);
163 }
164 trust10.setMustSupportIssuedTokens(true);
165 continue;
166 }
167 }
168 }
169 }
170
171 public boolean isMustSupportClientChallenge() {
172 return mustSupportClientChallenge;
173 }
174
175 protected void setMustSupportClientChallenge(boolean mustSupportClientChallenge) {
176 this.mustSupportClientChallenge = mustSupportClientChallenge;
177 }
178
179 public boolean isMustSupportServerChallenge() {
180 return mustSupportServerChallenge;
181 }
182
183 protected void setMustSupportServerChallenge(boolean mustSupportServerChallenge) {
184 this.mustSupportServerChallenge = mustSupportServerChallenge;
185 }
186
187 public boolean isRequireClientEntropy() {
188 return requireClientEntropy;
189 }
190
191 protected void setRequireClientEntropy(boolean requireClientEntropy) {
192 this.requireClientEntropy = requireClientEntropy;
193 }
194
195 public boolean isRequireServerEntropy() {
196 return requireServerEntropy;
197 }
198
199 protected void setRequireServerEntropy(boolean requireServerEntropy) {
200 this.requireServerEntropy = requireServerEntropy;
201 }
202
203 public boolean isMustSupportIssuedTokens() {
204 return mustSupportIssuedTokens;
205 }
206
207 protected void setMustSupportIssuedTokens(boolean mustSupportIssuedTokens) {
208 this.mustSupportIssuedTokens = mustSupportIssuedTokens;
209 }
210 }