View Javadoc
1   /**
2    * Licensed to the Apache Software Foundation (ASF) under one
3    * or more contributor license agreements. See the NOTICE file
4    * distributed with this work for additional information
5    * regarding copyright ownership. The ASF licenses this file
6    * to you under the Apache License, Version 2.0 (the
7    * "License"); you may not use this file except in compliance
8    * with the License. You may obtain a copy of the License at
9    *
10   * http://www.apache.org/licenses/LICENSE-2.0
11   *
12   * Unless required by applicable law or agreed to in writing,
13   * software distributed under the License is distributed on an
14   * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
15   * KIND, either express or implied. See the License for the
16   * specific language governing permissions and limitations
17   * under the License.
18   */
19  package org.apache.wss4j.policy.model;
20  
21  import org.apache.neethi.Assertion;
22  import org.apache.neethi.Policy;
23  import org.apache.wss4j.policy.SPConstants;
24  import org.w3c.dom.Element;
25  
26  import javax.xml.namespace.QName;
27  import java.util.Iterator;
28  import java.util.List;
29  
30  public class SecurityContextToken extends AbstractToken {
31  
32      private boolean requireExternalUriReference;
33      private boolean sc13SecurityContextToken;
34      private boolean sc10SecurityContextToken;
35  
36      public SecurityContextToken(SPConstants.SPVersion version, SPConstants.IncludeTokenType includeTokenType,
37                                  Element issuer, String issuerName, Element claims, Policy nestedPolicy) {
38          super(version, includeTokenType, issuer, issuerName, claims, nestedPolicy);
39  
40          parseNestedSecurityContextTokenPolicy(nestedPolicy, this);
41      }
42  
43      @Override
44      public QName getName() {
45          return getVersion().getSPConstants().getSecurityContextToken();
46      }
47  
48      @Override
49      public boolean equals(Object object) {
50          if (object == this) {
51              return true;
52          }
53          if (!(object instanceof SecurityContextToken)) {
54              return false;
55          }
56  
57          SecurityContextToken that = (SecurityContextToken)object;
58          if (requireExternalUriReference != that.requireExternalUriReference
59              || sc13SecurityContextToken != that.sc13SecurityContextToken
60              || sc10SecurityContextToken != that.sc10SecurityContextToken) {
61              return false;
62          }
63  
64          return super.equals(object);
65      }
66  
67      @Override
68      public int hashCode() {
69          int result = 17;
70          result = 31 * result + Boolean.hashCode(requireExternalUriReference);
71          result = 31 * result + Boolean.hashCode(sc13SecurityContextToken);
72          result = 31 * result + Boolean.hashCode(sc10SecurityContextToken);
73  
74          return 31 * result + super.hashCode();
75      }
76  
77      @Override
78      protected AbstractSecurityAssertion cloneAssertion(Policy nestedPolicy) {
79          return new SecurityContextToken(getVersion(), getIncludeTokenType(), getIssuer(),
80                                          getIssuerName(), getClaims(), nestedPolicy);
81      }
82  
83      protected void parseNestedSecurityContextTokenPolicy(Policy nestedPolicy,
84                                                           SecurityContextToken securityContextToken) {
85          Iterator<List<Assertion>> alternatives = nestedPolicy.getAlternatives();
86          //we just process the first alternative
87          //this means that if we have a compact policy only the first alternative is visible
88          //in contrary to a normalized policy where just one alternative exists
89          if (alternatives.hasNext()) {
90              List<Assertion> assertions = alternatives.next();
91              for (Assertion assertion : assertions) {
92                  String assertionName = assertion.getName().getLocalPart();
93                  String assertionNamespace = assertion.getName().getNamespaceURI();
94                  DerivedKeys derivedKeys = DerivedKeys.lookUp(assertionName);
95                  if (derivedKeys != null) {
96                      if (securityContextToken.getDerivedKeys() != null) {
97                          throw new IllegalArgumentException(SPConstants.ERR_INVALID_POLICY);
98                      }
99                      securityContextToken.setDerivedKeys(derivedKeys);
100                     continue;
101                 }
102 
103                 QName requireExternalUriRef = getVersion().getSPConstants().getRequireExternalUriReference();
104                 if (requireExternalUriRef.getLocalPart().equals(assertionName)
105                     && requireExternalUriRef.getNamespaceURI().equals(assertionNamespace)) {
106                     if (securityContextToken.isRequireExternalUriReference()) {
107                         throw new IllegalArgumentException(SPConstants.ERR_INVALID_POLICY);
108                     }
109                     securityContextToken.setRequireExternalUriReference(true);
110                     continue;
111                 }
112 
113                 QName sc13SCT = getVersion().getSPConstants().getSc13SecurityContextToken();
114                 if (sc13SCT.getLocalPart().equals(assertionName)
115                     && sc13SCT.getNamespaceURI().equals(assertionNamespace)) {
116                     if (securityContextToken.isSc13SecurityContextToken()) {
117                         throw new IllegalArgumentException(SPConstants.ERR_INVALID_POLICY);
118                     }
119                     securityContextToken.setSc13SecurityContextToken(true);
120                     continue;
121                 }
122 
123                 QName sc10SCT = getVersion().getSPConstants().getSc10SecurityContextToken();
124                 if (sc10SCT.getLocalPart().equals(assertionName)
125                     && sc10SCT.getNamespaceURI().equals(assertionNamespace)) {
126                     if (securityContextToken.isSc10SecurityContextToken()) {
127                         throw new IllegalArgumentException(SPConstants.ERR_INVALID_POLICY);
128                     }
129                     securityContextToken.setSc10SecurityContextToken(true);
130                     continue;
131                 }
132             }
133         }
134     }
135 
136     public boolean isRequireExternalUriReference() {
137         return requireExternalUriReference;
138     }
139 
140     protected void setRequireExternalUriReference(boolean requireExternalUriReference) {
141         this.requireExternalUriReference = requireExternalUriReference;
142     }
143 
144     public boolean isSc13SecurityContextToken() {
145         return sc13SecurityContextToken;
146     }
147 
148     protected void setSc13SecurityContextToken(boolean sc13SecurityContextToken) {
149         this.sc13SecurityContextToken = sc13SecurityContextToken;
150     }
151 
152     public boolean isSc10SecurityContextToken() {
153         return sc10SecurityContextToken;
154     }
155 
156     protected void setSc10SecurityContextToken(boolean sc10SecurityContextToken) {
157         this.sc10SecurityContextToken = sc10SecurityContextToken;
158     }
159 }