Search in sources :

Example 6 with LifetimeType

use of org.apache.cxf.ws.security.sts.provider.model.LifetimeType in project cxf by apache.

the class TokenIssueOperation method createResponse.

protected RequestSecurityTokenResponseType createResponse(EncryptionProperties encryptionProperties, TokenProviderResponse tokenResponse, TokenRequirements tokenRequirements, KeyRequirements keyRequirements) throws WSSecurityException {
    RequestSecurityTokenResponseType response = QNameConstants.WS_TRUST_FACTORY.createRequestSecurityTokenResponseType();
    String context = tokenRequirements.getContext();
    if (context != null) {
        response.setContext(context);
    }
    // TokenType
    JAXBElement<String> jaxbTokenType = QNameConstants.WS_TRUST_FACTORY.createTokenType(tokenRequirements.getTokenType());
    response.getAny().add(jaxbTokenType);
    // RequestedSecurityToken
    RequestedSecurityTokenType requestedTokenType = QNameConstants.WS_TRUST_FACTORY.createRequestedSecurityTokenType();
    JAXBElement<RequestedSecurityTokenType> requestedToken = QNameConstants.WS_TRUST_FACTORY.createRequestedSecurityToken(requestedTokenType);
    tokenWrapper.wrapToken(tokenResponse.getToken(), requestedTokenType);
    response.getAny().add(requestedToken);
    if (returnReferences) {
        // RequestedAttachedReference
        TokenReference attachedReference = tokenResponse.getAttachedReference();
        RequestedReferenceType requestedAttachedReferenceType = null;
        if (attachedReference != null) {
            requestedAttachedReferenceType = createRequestedReference(attachedReference, true);
        } else {
            requestedAttachedReferenceType = createRequestedReference(tokenResponse.getTokenId(), tokenRequirements.getTokenType(), true);
        }
        JAXBElement<RequestedReferenceType> requestedAttachedReference = QNameConstants.WS_TRUST_FACTORY.createRequestedAttachedReference(requestedAttachedReferenceType);
        response.getAny().add(requestedAttachedReference);
        // RequestedUnattachedReference
        TokenReference unAttachedReference = tokenResponse.getUnAttachedReference();
        RequestedReferenceType requestedUnattachedReferenceType = null;
        if (unAttachedReference != null) {
            requestedUnattachedReferenceType = createRequestedReference(unAttachedReference, false);
        } else {
            requestedUnattachedReferenceType = createRequestedReference(tokenResponse.getTokenId(), tokenRequirements.getTokenType(), false);
        }
        JAXBElement<RequestedReferenceType> requestedUnattachedReference = QNameConstants.WS_TRUST_FACTORY.createRequestedUnattachedReference(requestedUnattachedReferenceType);
        response.getAny().add(requestedUnattachedReference);
    }
    // AppliesTo
    response.getAny().add(tokenRequirements.getAppliesTo());
    // RequestedProofToken
    if (tokenResponse.isComputedKey() && keyRequirements.getComputedKeyAlgorithm() != null) {
        JAXBElement<String> computedKey = QNameConstants.WS_TRUST_FACTORY.createComputedKey(keyRequirements.getComputedKeyAlgorithm());
        RequestedProofTokenType requestedProofTokenType = QNameConstants.WS_TRUST_FACTORY.createRequestedProofTokenType();
        requestedProofTokenType.setAny(computedKey);
        JAXBElement<RequestedProofTokenType> requestedProofToken = QNameConstants.WS_TRUST_FACTORY.createRequestedProofToken(requestedProofTokenType);
        response.getAny().add(requestedProofToken);
    } else if (tokenResponse.getEntropy() != null) {
        Object token = constructSecretToken(tokenResponse.getEntropy(), encryptionProperties, keyRequirements);
        RequestedProofTokenType requestedProofTokenType = QNameConstants.WS_TRUST_FACTORY.createRequestedProofTokenType();
        requestedProofTokenType.setAny(token);
        JAXBElement<RequestedProofTokenType> requestedProofToken = QNameConstants.WS_TRUST_FACTORY.createRequestedProofToken(requestedProofTokenType);
        response.getAny().add(requestedProofToken);
    }
    // Entropy
    if (tokenResponse.isComputedKey() && tokenResponse.getEntropy() != null) {
        Object token = constructSecretToken(tokenResponse.getEntropy(), encryptionProperties, keyRequirements);
        EntropyType entropyType = QNameConstants.WS_TRUST_FACTORY.createEntropyType();
        entropyType.getAny().add(token);
        JAXBElement<EntropyType> entropyElement = QNameConstants.WS_TRUST_FACTORY.createEntropy(entropyType);
        response.getAny().add(entropyElement);
    }
    // Lifetime
    if (includeLifetimeElement) {
        LifetimeType lifetime = createLifetime(tokenResponse.getCreated(), tokenResponse.getExpires());
        JAXBElement<LifetimeType> lifetimeType = QNameConstants.WS_TRUST_FACTORY.createLifetime(lifetime);
        response.getAny().add(lifetimeType);
    }
    // KeySize
    long keySize = tokenResponse.getKeySize();
    if (keySize <= 0) {
        keySize = keyRequirements.getKeySize();
    }
    if (keyRequirements.getKeySize() > 0) {
        JAXBElement<Long> keySizeType = QNameConstants.WS_TRUST_FACTORY.createKeySize(keySize);
        response.getAny().add(keySizeType);
    }
    return response;
}
Also used : RequestedProofTokenType(org.apache.cxf.ws.security.sts.provider.model.RequestedProofTokenType) RequestedReferenceType(org.apache.cxf.ws.security.sts.provider.model.RequestedReferenceType) RequestSecurityTokenResponseType(org.apache.cxf.ws.security.sts.provider.model.RequestSecurityTokenResponseType) RequestedSecurityTokenType(org.apache.cxf.ws.security.sts.provider.model.RequestedSecurityTokenType) JAXBElement(javax.xml.bind.JAXBElement) EntropyType(org.apache.cxf.ws.security.sts.provider.model.EntropyType) LifetimeType(org.apache.cxf.ws.security.sts.provider.model.LifetimeType) TokenReference(org.apache.cxf.sts.token.provider.TokenReference)

Example 7 with LifetimeType

use of org.apache.cxf.ws.security.sts.provider.model.LifetimeType in project cxf by apache.

the class RequestParser method parseTokenRequirements.

/**
 * Parse the Token requirements into the TokenRequirements argument.
 */
private static boolean parseTokenRequirements(JAXBElement<?> jaxbElement, TokenRequirements tokenRequirements, Map<String, Object> messageContext, List<ClaimsParser> claimsParsers) {
    if (QNameConstants.TOKEN_TYPE.equals(jaxbElement.getName())) {
        String tokenType = (String) jaxbElement.getValue();
        tokenRequirements.setTokenType(tokenType);
    } else if (QNameConstants.ON_BEHALF_OF.equals(jaxbElement.getName())) {
        OnBehalfOfType onBehalfOfType = (OnBehalfOfType) jaxbElement.getValue();
        ReceivedToken onBehalfOf = new ReceivedToken(onBehalfOfType.getAny());
        tokenRequirements.setOnBehalfOf(onBehalfOf);
    } else if (QNameConstants.ACT_AS.equals(jaxbElement.getName())) {
        ActAsType actAsType = (ActAsType) jaxbElement.getValue();
        ReceivedToken actAs = new ReceivedToken(actAsType.getAny());
        tokenRequirements.setActAs(actAs);
    } else if (QNameConstants.LIFETIME.equals(jaxbElement.getName())) {
        LifetimeType lifetimeType = (LifetimeType) jaxbElement.getValue();
        Lifetime lifetime = new Lifetime();
        if (lifetimeType.getCreated() != null) {
            lifetime.setCreated(lifetimeType.getCreated().getValue());
        }
        if (lifetimeType.getExpires() != null) {
            lifetime.setExpires(lifetimeType.getExpires().getValue());
        }
        tokenRequirements.setLifetime(lifetime);
    } else if (QNameConstants.VALIDATE_TARGET.equals(jaxbElement.getName())) {
        ValidateTargetType validateTargetType = (ValidateTargetType) jaxbElement.getValue();
        ReceivedToken validateTarget = new ReceivedToken(validateTargetType.getAny());
        if (isTokenReferenced(validateTarget.getToken())) {
            Element target = fetchTokenElementFromReference(validateTarget.getToken(), messageContext);
            validateTarget = new ReceivedToken(target);
        }
        tokenRequirements.setValidateTarget(validateTarget);
    } else if (QNameConstants.CANCEL_TARGET.equals(jaxbElement.getName())) {
        CancelTargetType cancelTargetType = (CancelTargetType) jaxbElement.getValue();
        ReceivedToken cancelTarget = new ReceivedToken(cancelTargetType.getAny());
        if (isTokenReferenced(cancelTarget.getToken())) {
            Element target = fetchTokenElementFromReference(cancelTarget.getToken(), messageContext);
            cancelTarget = new ReceivedToken(target);
        }
        tokenRequirements.setCancelTarget(cancelTarget);
    } else if (QNameConstants.RENEW_TARGET.equals(jaxbElement.getName())) {
        RenewTargetType renewTargetType = (RenewTargetType) jaxbElement.getValue();
        ReceivedToken renewTarget = new ReceivedToken(renewTargetType.getAny());
        if (isTokenReferenced(renewTarget.getToken())) {
            Element target = fetchTokenElementFromReference(renewTarget.getToken(), messageContext);
            renewTarget = new ReceivedToken(target);
        }
        tokenRequirements.setRenewTarget(renewTarget);
    } else if (QNameConstants.CLAIMS.equals(jaxbElement.getName())) {
        ClaimsType claimsType = (ClaimsType) jaxbElement.getValue();
        ClaimCollection requestedClaims = parseClaims(claimsType, claimsParsers);
        tokenRequirements.setPrimaryClaims(requestedClaims);
    } else if (QNameConstants.RENEWING.equals(jaxbElement.getName())) {
        RenewingType renewingType = (RenewingType) jaxbElement.getValue();
        Renewing renewing = new Renewing();
        if (renewingType.isAllow() != null) {
            renewing.setAllowRenewing(renewingType.isAllow());
        }
        if (renewingType.isOK() != null) {
            renewing.setAllowRenewingAfterExpiry(renewingType.isOK());
        }
        tokenRequirements.setRenewing(renewing);
    } else if (QNameConstants.PARTICIPANTS.equals(jaxbElement.getName())) {
        ParticipantsType participantsType = (ParticipantsType) jaxbElement.getValue();
        Participants participants = parseParticipants(participantsType);
        tokenRequirements.setParticipants(participants);
    } else {
        return false;
    }
    return true;
}
Also used : ClaimsType(org.apache.cxf.ws.security.sts.provider.model.ClaimsType) JAXBElement(javax.xml.bind.JAXBElement) Element(org.w3c.dom.Element) CancelTargetType(org.apache.cxf.ws.security.sts.provider.model.CancelTargetType) ActAsType(org.apache.cxf.ws.security.sts.provider.model.wstrust14.ActAsType) OnBehalfOfType(org.apache.cxf.ws.security.sts.provider.model.OnBehalfOfType) RenewTargetType(org.apache.cxf.ws.security.sts.provider.model.RenewTargetType) LifetimeType(org.apache.cxf.ws.security.sts.provider.model.LifetimeType) ValidateTargetType(org.apache.cxf.ws.security.sts.provider.model.ValidateTargetType) ClaimCollection(org.apache.cxf.rt.security.claims.ClaimCollection) RenewingType(org.apache.cxf.ws.security.sts.provider.model.RenewingType) ParticipantsType(org.apache.cxf.ws.security.sts.provider.model.ParticipantsType)

Aggregations

LifetimeType (org.apache.cxf.ws.security.sts.provider.model.LifetimeType)7 RequestSecurityTokenResponseType (org.apache.cxf.ws.security.sts.provider.model.RequestSecurityTokenResponseType)4 JAXBElement (javax.xml.bind.JAXBElement)3 TokenReference (org.apache.cxf.sts.token.provider.TokenReference)3 RequestedReferenceType (org.apache.cxf.ws.security.sts.provider.model.RequestedReferenceType)3 RequestedSecurityTokenType (org.apache.cxf.ws.security.sts.provider.model.RequestedSecurityTokenType)3 Instant (java.time.Instant)2 AttributedDateTime (org.apache.cxf.ws.security.sts.provider.model.utility.AttributedDateTime)2 ArrayList (java.util.ArrayList)1 WrappedMessageContext (org.apache.cxf.jaxws.context.WrappedMessageContext)1 MessageImpl (org.apache.cxf.message.MessageImpl)1 ClaimCollection (org.apache.cxf.rt.security.claims.ClaimCollection)1 STSPropertiesMBean (org.apache.cxf.sts.STSPropertiesMBean)1 StaticSTSProperties (org.apache.cxf.sts.StaticSTSProperties)1 ServiceMBean (org.apache.cxf.sts.service.ServiceMBean)1 StaticService (org.apache.cxf.sts.service.StaticService)1 TokenProvider (org.apache.cxf.sts.token.provider.TokenProvider)1 CancelTargetType (org.apache.cxf.ws.security.sts.provider.model.CancelTargetType)1 ClaimsType (org.apache.cxf.ws.security.sts.provider.model.ClaimsType)1 EntropyType (org.apache.cxf.ws.security.sts.provider.model.EntropyType)1