Example 1 with ObjectFactory
use of org.apache.cxf.ws.security.sts.provider.model.ObjectFactory in project cxf by apache.
the class RESTSecurityTokenServiceImpl method issueToken.
private RequestSecurityTokenResponseType issueToken(String tokenType, String keyType, List<String> requestedClaims, String appliesTo) {
String tokenTypeToUse = tokenType;
if (tokenTypeMap != null && tokenTypeMap.containsKey(tokenTypeToUse)) {
tokenTypeToUse = tokenTypeMap.get(tokenTypeToUse);
}
String keyTypeToUse = keyType;
if (DEFAULT_KEY_TYPE_MAP.containsKey(keyTypeToUse)) {
keyTypeToUse = DEFAULT_KEY_TYPE_MAP.get(keyTypeToUse);
}
ObjectFactory of = new ObjectFactory();
RequestSecurityTokenType request = of.createRequestSecurityTokenType();
request.getAny().add(of.createTokenType(tokenTypeToUse));
request.getAny().add(of.createRequestType("http://docs.oasis-open.org/ws-sx/ws-trust/200512/Issue"));
String desiredKeyType = keyTypeToUse != null ? keyTypeToUse : defaultKeyType;
request.getAny().add(of.createKeyType(desiredKeyType));
// Add the TLS client Certificate as the UseKey Element if the KeyType is PublicKey
if (STSConstants.PUBLIC_KEY_KEYTYPE.equals(desiredKeyType)) {
X509Certificate clientCert = getTLSClientCertificate();
if (clientCert != null) {
Document doc = DOMUtils.getEmptyDocument();
Element keyInfoElement = doc.createElementNS("http://www.w3.org/2000/09/xmldsig#", "KeyInfo");
try {
X509Data certElem = new X509Data(doc);
certElem.addCertificate(clientCert);
keyInfoElement.appendChild(certElem.getElement());
UseKeyType useKeyType = of.createUseKeyType();
useKeyType.setAny(keyInfoElement);
JAXBElement<UseKeyType> useKey = of.createUseKey(useKeyType);
request.getAny().add(useKey);
} catch (XMLSecurityException ex) {
LOG.warning(ex.getMessage());
}
}
}
// Claims
if (requestedClaims == null || requestedClaims.isEmpty()) {
requestedClaims = defaultClaims;
}
if (requestedClaims != null && !requestedClaims.isEmpty()) {
ClaimsType claimsType = of.createClaimsType();
claimsType.setDialect(CLAIM_TYPE_NS);
JAXBElement<ClaimsType> claims = of.createClaims(claimsType);
for (String claim : requestedClaims) {
if (claimTypeMap != null && claimTypeMap.containsKey(claim)) {
claim = claimTypeMap.get(claim);
}
Document doc = DOMUtils.createDocument();
Element claimElement = doc.createElementNS(CLAIM_TYPE_NS, CLAIM_TYPE);
claimElement.setAttributeNS(null, "Uri", claim);
claimElement.setAttributeNS(null, "Optional", Boolean.toString(requestClaimsOptional));
claimsType.getAny().add(claimElement);
}
request.getAny().add(claims);
}
if (appliesTo != null) {
String wspNamespace = "http://www.w3.org/ns/ws-policy";
Document doc = DOMUtils.createDocument();
Element appliesToElement = doc.createElementNS(wspNamespace, "AppliesTo");
String addressingNamespace = "http://www.w3.org/2005/08/addressing";
Element eprElement = doc.createElementNS(addressingNamespace, "EndpointReference");
Element addressElement = doc.createElementNS(addressingNamespace, "Address");
addressElement.setTextContent(appliesTo);
eprElement.appendChild(addressElement);
appliesToElement.appendChild(eprElement);
request.getAny().add(appliesToElement);
}
// request.setContext(null);
return processRequest(Action.issue, request);
}
Also used :
ObjectFactory(org.apache.cxf.ws.security.sts.provider.model.ObjectFactory)
ClaimsType(org.apache.cxf.ws.security.sts.provider.model.ClaimsType)
RequestSecurityTokenType(org.apache.cxf.ws.security.sts.provider.model.RequestSecurityTokenType)
JAXBElement(javax.xml.bind.JAXBElement)
Element(org.w3c.dom.Element)
UseKeyType(org.apache.cxf.ws.security.sts.provider.model.UseKeyType)
Document(org.w3c.dom.Document)
X509Data(org.apache.xml.security.keys.content.X509Data)
X509Certificate(java.security.cert.X509Certificate)
XMLSecurityException(org.apache.xml.security.exceptions.XMLSecurityException)
Example 2 with ObjectFactory
use of org.apache.cxf.ws.security.sts.provider.model.ObjectFactory in project cxf by apache.
the class SecurityTokenServiceProvider method invoke.
public Source invoke(Source request) {
final Source response;
try {
Object obj = convertToJAXBObject(request);
Object operationImpl = null;
Method method = null;
if (obj instanceof RequestSecurityTokenCollectionType) {
operationImpl = operationMap.get(WSTRUST_REQUESTTYPE_REQUESTCOLLECTION);
method = OPERATION_METHODS.get(WSTRUST_REQUESTTYPE_REQUESTCOLLECTION);
} else {
RequestSecurityTokenType rst = (RequestSecurityTokenType) obj;
List<?> objectList = rst.getAny();
for (Object o : objectList) {
if (o instanceof JAXBElement) {
QName qname = ((JAXBElement<?>) o).getName();
if (qname.equals(new QName(WSTRUST_13_NAMESPACE, WSTRUST_REQUESTTYPE_ELEMENTNAME))) {
String val = ((JAXBElement<?>) o).getValue().toString();
operationImpl = operationMap.get(val);
method = OPERATION_METHODS.get(val);
break;
}
}
}
}
if (operationImpl == null || method == null) {
throw new Exception("Implementation for this operation not found.");
}
obj = method.invoke(operationImpl, obj, context.getUserPrincipal(), context.getMessageContext());
if (obj == null) {
throw new Exception("Error in implementation class.");
}
if (obj instanceof RequestSecurityTokenResponseCollectionType) {
RequestSecurityTokenResponseCollectionType tokenResponse = (RequestSecurityTokenResponseCollectionType) obj;
response = new JAXBSource(jaxbContext, new ObjectFactory().createRequestSecurityTokenResponseCollection(tokenResponse));
} else {
RequestSecurityTokenResponseType tokenResponse = (RequestSecurityTokenResponseType) obj;
response = new JAXBSource(jaxbContext, new ObjectFactory().createRequestSecurityTokenResponse(tokenResponse));
}
} catch (InvocationTargetException ex) {
Throwable cause = ex.getCause();
throw createSOAPFault(cause);
} catch (Exception ex) {
throw createSOAPFault(ex);
}
return response;
}
Also used :
QName(javax.xml.namespace.QName)
RequestSecurityTokenType(org.apache.cxf.ws.security.sts.provider.model.RequestSecurityTokenType)
RequestSecurityTokenResponseType(org.apache.cxf.ws.security.sts.provider.model.RequestSecurityTokenResponseType)
Method(java.lang.reflect.Method)
RequestSecurityTokenCollectionType(org.apache.cxf.ws.security.sts.provider.model.RequestSecurityTokenCollectionType)
JAXBElement(javax.xml.bind.JAXBElement)
RequestSecurityTokenResponseCollectionType(org.apache.cxf.ws.security.sts.provider.model.RequestSecurityTokenResponseCollectionType)
Source(javax.xml.transform.Source)
JAXBSource(javax.xml.bind.util.JAXBSource)
InvocationTargetException(java.lang.reflect.InvocationTargetException)
JAXBSource(javax.xml.bind.util.JAXBSource)
InvocationTargetException(java.lang.reflect.InvocationTargetException)
ObjectFactory(org.apache.cxf.ws.security.sts.provider.model.ObjectFactory)
Aggregations
JAXBElement (javax.xml.bind.JAXBElement)2
ObjectFactory (org.apache.cxf.ws.security.sts.provider.model.ObjectFactory)2
RequestSecurityTokenType (org.apache.cxf.ws.security.sts.provider.model.RequestSecurityTokenType)2
InvocationTargetException (java.lang.reflect.InvocationTargetException)1
Method (java.lang.reflect.Method)1
X509Certificate (java.security.cert.X509Certificate)1
JAXBSource (javax.xml.bind.util.JAXBSource)1
QName (javax.xml.namespace.QName)1
Source (javax.xml.transform.Source)1
ClaimsType (org.apache.cxf.ws.security.sts.provider.model.ClaimsType)1
RequestSecurityTokenCollectionType (org.apache.cxf.ws.security.sts.provider.model.RequestSecurityTokenCollectionType)1
RequestSecurityTokenResponseCollectionType (org.apache.cxf.ws.security.sts.provider.model.RequestSecurityTokenResponseCollectionType)1
RequestSecurityTokenResponseType (org.apache.cxf.ws.security.sts.provider.model.RequestSecurityTokenResponseType)1
UseKeyType (org.apache.cxf.ws.security.sts.provider.model.UseKeyType)1
XMLSecurityException (org.apache.xml.security.exceptions.XMLSecurityException)1
X509Data (org.apache.xml.security.keys.content.X509Data)1
Document (org.w3c.dom.Document)1
Element (org.w3c.dom.Element)1
