1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19 package org.apache.wss4j.stax.impl.processor.input;
20
21 import org.apache.wss4j.binding.wss11.SignatureConfirmationType;
22 import org.apache.wss4j.common.bsp.BSPRule;
23 import org.apache.wss4j.common.ext.WSSecurityException;
24 import org.apache.wss4j.stax.ext.WSInboundSecurityContext;
25 import org.apache.wss4j.stax.securityEvent.SignatureConfirmationSecurityEvent;
26 import org.apache.xml.security.exceptions.XMLSecurityException;
27 import org.apache.xml.security.stax.ext.AbstractInputSecurityHeaderHandler;
28 import org.apache.xml.security.stax.ext.InputProcessorChain;
29 import org.apache.xml.security.stax.ext.XMLSecurityProperties;
30 import org.apache.xml.security.stax.ext.stax.XMLSecEvent;
31
32 import jakarta.xml.bind.JAXBElement;
33 import java.util.Deque;
34
35
36
37
38 public class SignatureConfirmationInputHandler extends AbstractInputSecurityHeaderHandler {
39
40 @Override
41 public void handle(final InputProcessorChain inputProcessorChain, final XMLSecurityProperties securityProperties,
42 Deque<XMLSecEvent> eventQueue, Integer index) throws XMLSecurityException {
43
44 @SuppressWarnings("unchecked")
45 final SignatureConfirmationType signatureConfirmationType =
46 ((JAXBElement<SignatureConfirmationType>) parseStructure(eventQueue, index, securityProperties)).getValue();
47
48 checkBSPCompliance(inputProcessorChain, signatureConfirmationType);
49
50 inputProcessorChain.getSecurityContext().putAsList(SignatureConfirmationType.class, signatureConfirmationType);
51
52
53 SignatureConfirmationSecurityEvent signatureConfirmationSecurityEvent = new SignatureConfirmationSecurityEvent();
54 signatureConfirmationSecurityEvent.setSignatureValue(signatureConfirmationType.getValue());
55 inputProcessorChain.getSecurityContext().registerSecurityEvent(signatureConfirmationSecurityEvent);
56 }
57
58 private void checkBSPCompliance(InputProcessorChain inputProcessorChain, SignatureConfirmationType signatureConfirmationType)
59 throws WSSecurityException {
60 if (signatureConfirmationType.getId() == null) {
61 ((WSInboundSecurityContext) inputProcessorChain.getSecurityContext()).handleBSPRule(BSPRule.R5441);
62 }
63 }
64 }