use of oasis.names.tc.xacml._3_0.core.schema.wd_17.StatusDetail in project core by authzforce.
the class BaseXacmlJsonResultPostprocessor method toJson.
private static JSONObject toJson(final Status status) {
/*
* Weirdness: StatusCode is optional in XACML/JSON Status although mandatory in XACML/XML Status
*/
final Map<String, Object> statusJsonObject = HashCollections.newUpdatableMap(3);
statusJsonObject.put("StatusCode", toJson(status.getStatusCode()));
final String statusMsg = status.getStatusMessage();
if (statusMsg != null) {
statusJsonObject.put("StatusMessage", statusMsg);
}
final StatusDetail statusDetail = status.getStatusDetail();
assert statusDetail == null;
return new JSONObject(statusJsonObject);
}
use of oasis.names.tc.xacml._3_0.core.schema.wd_17.StatusDetail in project core-pdp-api by authzforce.
the class XacmlJaxbParsingUtils method parseXacmlJaxbResult.
/**
* Parse/convert XACML/XML Result into AuthzForce decision result
*
* @param xacmlResult
* XACML/XML Result (XML-schema-derived JAXB model)
* @param attributeValueFactories
* AttributeValue factories (registry of datatype-specific parsers)
* @return decision result in AuthzForce data model
*/
public static DecisionResult parseXacmlJaxbResult(final Result xacmlResult, final AttributeValueFactoryRegistry attributeValueFactories) {
final PolicyIdentifierList xacmlPolicyIdentifiers = xacmlResult.getPolicyIdentifierList();
final ImmutableList<PrimaryPolicyMetadata> immutableApplicablePolicyIdList;
if (xacmlPolicyIdentifiers == null) {
immutableApplicablePolicyIdList = null;
} else {
final List<PrimaryPolicyMetadata> applicablePolicyIdentifiers = xacmlPolicyIdentifiers.getPolicyIdReferencesAndPolicySetIdReferences().stream().map(jaxbElt -> {
final IdReferenceType idRef = jaxbElt.getValue();
return new BasePrimaryPolicyMetadata(jaxbElt.getName().getLocalPart().equals("PolicyIdReference") ? TopLevelPolicyElementType.POLICY : TopLevelPolicyElementType.POLICY_SET, idRef.getValue(), new PolicyVersion(idRef.getVersion()));
}).collect(Collectors.toList());
immutableApplicablePolicyIdList = ImmutableList.copyOf(applicablePolicyIdentifiers);
}
final Obligations xacmlObligations = xacmlResult.getObligations();
final List<Obligation> nonNullXacmlObligationList;
if (xacmlObligations == null) {
nonNullXacmlObligationList = Collections.emptyList();
} else {
final List<Obligation> xacmlObligationList = xacmlObligations.getObligations();
nonNullXacmlObligationList = xacmlObligationList == null ? Collections.emptyList() : xacmlObligationList;
}
final AssociatedAdvice xacmlAdvice = xacmlResult.getAssociatedAdvice();
final List<Advice> nonNullXacmlAdviceList;
if (xacmlAdvice == null) {
nonNullXacmlAdviceList = Collections.emptyList();
} else {
final List<Advice> xacmlAdviceList = xacmlAdvice.getAdvices();
nonNullXacmlAdviceList = xacmlAdviceList == null ? Collections.emptyList() : xacmlAdviceList;
}
final ImmutableList<PepAction> pepActions;
if (nonNullXacmlObligationList.isEmpty() && nonNullXacmlAdviceList.isEmpty()) {
pepActions = ImmutableList.of();
} else {
final List<PepAction> mutablePepActions = new ArrayList<>(nonNullXacmlObligationList.size() + nonNullXacmlAdviceList.size());
nonNullXacmlObligationList.forEach(xacmlOb -> mutablePepActions.add(new PepAction(xacmlOb.getObligationId(), true, xacmlToAuthzForceAttributeAssignments(xacmlOb.getAttributeAssignments(), attributeValueFactories))));
nonNullXacmlAdviceList.forEach(xacmlAd -> mutablePepActions.add(new PepAction(xacmlAd.getAdviceId(), false, xacmlToAuthzForceAttributeAssignments(xacmlAd.getAttributeAssignments(), attributeValueFactories))));
pepActions = ImmutableList.copyOf(mutablePepActions);
}
final Status status = xacmlResult.getStatus();
final Optional<ImmutableXacmlStatus> optImmutableStatus;
if (status == null) {
optImmutableStatus = Optional.empty();
} else {
// StatusDetail not supported and should be null
assert status.getStatusDetail() == null;
optImmutableStatus = Optional.of(new ImmutableXacmlStatus(status.getStatusCode(), status.getStatusMessage()));
}
switch(xacmlResult.getDecision()) {
case DENY:
return DecisionResults.getDeny(optImmutableStatus, pepActions, immutableApplicablePolicyIdList);
case PERMIT:
return DecisionResults.getPermit(optImmutableStatus, pepActions, immutableApplicablePolicyIdList);
case NOT_APPLICABLE:
return DecisionResults.getNotApplicable(optImmutableStatus);
default:
// Some XACML Status must be defined for Indeterminate Results
assert optImmutableStatus.isPresent();
return DecisionResults.newIndeterminate(null, new IndeterminateEvaluationException(optImmutableStatus.get()), immutableApplicablePolicyIdList);
}
}
Aggregations