1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19 package org.apache.wss4j.stax.impl.transformer;
20
21 import org.apache.wss4j.common.ext.Attachment;
22 import org.apache.wss4j.common.util.CRLFOutputStream;
23 import org.apache.xml.security.exceptions.XMLSecurityException;
24 import org.apache.xml.security.stax.ext.XMLSecurityConstants;
25 import org.apache.xml.security.stax.ext.stax.XMLSecEvent;
26 import org.apache.xml.security.stax.impl.transformer.TransformIdentity;
27 import org.apache.xml.security.stax.impl.transformer.canonicalizer.Canonicalizer20010315_ExclOmitCommentsTransformer;
28
29 import javax.xml.stream.XMLStreamException;
30
31 import java.io.InputStream;
32 import java.util.Map;
33
34 public class AttachmentContentSignatureTransform extends TransformIdentity {
35
36 public static final String ATTACHMENT = "attachment";
37
38 private Attachment attachment;
39
40 @Override
41 public XMLSecurityConstants.TransformMethod getPreferredTransformMethod(XMLSecurityConstants.TransformMethod forInput) {
42 switch (forInput) {
43 case XMLSecEvent:
44 return XMLSecurityConstants.TransformMethod.InputStream;
45 case InputStream:
46 return XMLSecurityConstants.TransformMethod.InputStream;
47 default:
48 throw new IllegalArgumentException("Unsupported class " + forInput.name());
49 }
50 }
51
52 @Override
53 public void setProperties(Map<String, Object> properties) throws XMLSecurityException {
54 this.attachment = (Attachment) properties.get(ATTACHMENT);
55 }
56
57 protected Attachment getAttachment() {
58 return attachment;
59 }
60
61
62
63
64
65
66
67
68
69 @Override
70 public void transform(XMLSecEvent xmlSecEvent) throws XMLStreamException {
71 throw new UnsupportedOperationException("transform(XMLSecEvent) not allowed");
72 }
73
74 @Override
75 public void transform(InputStream inputStream) throws XMLStreamException {
76 String mimeType = getAttachment().getMimeType();
77
78 if (mimeType != null
79 && (mimeType.matches("(?i)(text/xml).*")
80 || mimeType.matches("(?i)(application/xml).*")
81 || mimeType.matches("(?i)(application|image)/.*\\+xml.*"))) {
82
83
84
85
86
87
88
89
90
91
92 Canonicalizer20010315_ExclOmitCommentsTransformer canon =
93 new Canonicalizer20010315_ExclOmitCommentsTransformer();
94 try {
95 canon.setOutputStream(getOutputStream());
96 } catch (XMLSecurityException e) {
97 throw new XMLStreamException(e);
98 }
99 canon.transform(inputStream);
100
101 } else if (mimeType != null && mimeType.matches("(?i)(text/).*")) {
102 CRLFOutputStream crlfOutputStream = new CRLFOutputStream(getOutputStream());
103 try {
104 setOutputStream(crlfOutputStream);
105 } catch (XMLSecurityException e) {
106 throw new XMLStreamException(e);
107 }
108 super.transform(inputStream);
109 } else {
110 super.transform(inputStream);
111 }
112 }
113 }