Examples with MapNamespaceContext - org.apache.cxf.helpers.MapNamespaceContext

Example 6 with MapNamespaceContext

use of org.apache.cxf.helpers.MapNamespaceContext in project cxf by apache.

the class AbstractBindingBuilder method getElements.

/**
 * Identifies the portions of the message to be signed/encrypted.
 *
 * @param encryptionModifier
 *            indicates the scope of the crypto operation over matched
 *            elements. Either "Content" or "Element".
 * @param xpaths
 *            any XPath expressions to sign/encrypt matches
 * @param found
 *            a list of elements that have previously been tagged for
 *            signing/encryption. Populated with additional matches found by
 *            this method and used to prevent including the same element
 *            twice under the same operation.
 * @param forceId
 *         force adding a wsu:Id onto the elements.  Recommended for signatures.
 * @return a configured list of {@code WSEncryptionPart}s suitable for
 *         processing by WSS4J
 * @throws SOAPException
 *             if there is an error extracting SOAP content from the SAAJ
 *             model
 */
protected List<WSEncryptionPart> getElements(String encryptionModifier, List<org.apache.wss4j.policy.model.XPath> xpaths, List<Element> found, boolean forceId) throws SOAPException {
    List<WSEncryptionPart> result = new ArrayList<>();
    if (xpaths != null && !xpaths.isEmpty()) {
        boolean useSTRTransform = MessageUtils.getContextualBoolean(message, SecurityConstants.USE_STR_TRANSFORM, true);
        XPathFactory factory = XPathFactory.newInstance();
        for (org.apache.wss4j.policy.model.XPath xPath : xpaths) {
            XPath xpath = factory.newXPath();
            if (xPath.getPrefixNamespaceMap() != null) {
                xpath.setNamespaceContext(new MapNamespaceContext(xPath.getPrefixNamespaceMap()));
            }
            NodeList list = null;
            try {
                Element envelope = saaj.getSOAPPart().getEnvelope();
                envelope = (Element) DOMUtils.getDomElement(envelope);
                list = (NodeList) xpath.evaluate(xPath.getXPath(), envelope, XPathConstants.NODESET);
            } catch (XPathExpressionException e) {
                LOG.log(Level.WARNING, "Failure in evaluating an XPath expression", e);
            }
            if (list != null) {
                for (int x = 0; x < list.getLength(); x++) {
                    Element el = (Element) list.item(x);
                    if (!found.contains(el)) {
                        found.add(el);
                        WSEncryptionPart part = null;
                        boolean saml1 = WSS4JConstants.SAML_NS.equals(el.getNamespaceURI()) && "Assertion".equals(el.getLocalName());
                        boolean saml2 = WSS4JConstants.SAML2_NS.equals(el.getNamespaceURI()) && "Assertion".equals(el.getLocalName());
                        if (useSTRTransform && (saml1 || saml2)) {
                            String id = saml2 ? el.getAttributeNS(null, "ID") : el.getAttributeNS(null, "AssertionID");
                            SecurityTokenReference secRef = createSTRForSamlAssertion(el.getOwnerDocument(), id, saml1, false);
                            Element clone = cloneElement(secRef.getElement());
                            addSupportingElement(clone);
                            part = new WSEncryptionPart("STRTransform", null, "Element");
                            part.setId(secRef.getID());
                            part.setElement(clone);
                        } else {
                            String id = setIdOnElement(el, forceId);
                            part = new WSEncryptionPart(id, encryptionModifier);
                            part.setElement(el);
                        }
                        part.setXpath(xPath.getXPath());
                        result.add(part);
                    }
                }
            }
        }
    }
    return result;
}

Also used : XPath(javax.xml.xpath.XPath) WSEncryptionPart(org.apache.wss4j.common.WSEncryptionPart) XPathExpressionException(javax.xml.xpath.XPathExpressionException) NodeList(org.w3c.dom.NodeList) Element(org.w3c.dom.Element) ArrayList(java.util.ArrayList) MapNamespaceContext(org.apache.cxf.helpers.MapNamespaceContext) XPathFactory(javax.xml.xpath.XPathFactory) SecurityTokenReference(org.apache.wss4j.common.token.SecurityTokenReference)

Example 7 with MapNamespaceContext

use of org.apache.cxf.helpers.MapNamespaceContext in project cxf by apache.

the class AbstractSupportingTokenPolicyValidator method validateSignedEncryptedElements.

/**
 * Validate SignedElements or EncryptedElements policies
 */
private boolean validateSignedEncryptedElements(RequiredElements elements, boolean content, List<WSSecurityEngineResult> protResults, List<WSSecurityEngineResult> tokenResults, Message message) {
    if (elements == null) {
        return true;
    }
    List<org.apache.wss4j.policy.model.XPath> xpaths = elements.getXPaths();
    if (xpaths != null && !xpaths.isEmpty()) {
        SOAPMessage soapMessage = message.getContent(SOAPMessage.class);
        Element soapEnvelope = soapMessage.getSOAPPart().getDocumentElement();
        // XPathFactory and XPath are not thread-safe so we must recreate them
        // each request.
        final XPathFactory factory = XPathFactory.newInstance();
        final XPath xpath = factory.newXPath();
        MapNamespaceContext namespaceContext = new MapNamespaceContext();
        for (org.apache.wss4j.policy.model.XPath xPath : xpaths) {
            Map<String, String> namespaceMap = xPath.getPrefixNamespaceMap();
            if (namespaceMap != null) {
                namespaceContext.addNamespaces(namespaceMap);
            }
        }
        xpath.setNamespaceContext(namespaceContext);
        for (org.apache.wss4j.policy.model.XPath xPath : xpaths) {
            if (!checkXPathResult(soapEnvelope, xpath, xPath.getXPath(), protResults, tokenResults)) {
                return false;
            }
        }
    }
    return true;
}

Also used : XPath(javax.xml.xpath.XPath) Element(org.w3c.dom.Element) MapNamespaceContext(org.apache.cxf.helpers.MapNamespaceContext) SOAPMessage(javax.xml.soap.SOAPMessage) XPathFactory(javax.xml.xpath.XPathFactory)

Example 8 with MapNamespaceContext

use of org.apache.cxf.helpers.MapNamespaceContext in project cxf by apache.

the class AbstractAegisTest method writeObjectToElement.

protected Element writeObjectToElement(AegisType type, Object bean, Context context) {
    Element element = createElement("urn:Bean", "root", "b");
    ElementWriter writer = getElementWriter(element, new MapNamespaceContext());
    type.writeObject(bean, writer, getContext());
    writer.close();
    return element;
}

Also used : Element(org.w3c.dom.Element) MapNamespaceContext(org.apache.cxf.helpers.MapNamespaceContext) ElementWriter(org.apache.cxf.aegis.xml.stax.ElementWriter)

Aggregations

MapNamespaceContext (org.apache.cxf.helpers.MapNamespaceContext)8 Element (org.w3c.dom.Element)7 XPath (javax.xml.xpath.XPath)6 XPathFactory (javax.xml.xpath.XPathFactory)6 ArrayList (java.util.ArrayList)2 SOAPMessage (javax.xml.soap.SOAPMessage)2 XPathExpressionException (javax.xml.xpath.XPathExpressionException)2 ElementWriter (org.apache.cxf.aegis.xml.stax.ElementWriter)2 AssertionInfo (org.apache.cxf.ws.policy.AssertionInfo)2 WSSecurityException (org.apache.wss4j.common.ext.WSSecurityException)2 WSDataRef (org.apache.wss4j.dom.WSDataRef)2 RequiredElements (org.apache.wss4j.policy.model.RequiredElements)2 NodeList (org.w3c.dom.NodeList)2 HashSet (java.util.HashSet)1 QName (javax.xml.namespace.QName)1 SOAPEnvelope (javax.xml.soap.SOAPEnvelope)1 SOAPException (javax.xml.soap.SOAPException)1 AegisContext (org.apache.cxf.aegis.AegisContext)1 Context (org.apache.cxf.aegis.Context)1 AegisType (org.apache.cxf.aegis.type.AegisType)1