Examples with SamlTokenType org.apache.wss4j.policy.model.SamlToken.SamlTokenType used on opensource projects

Search in sources :

Example 1 with SamlTokenType

use of org.apache.wss4j.policy.model.SamlToken.SamlTokenType in project cxf by apache.

the class SamlTokenInterceptor method addSamlToken.

private SamlAssertionWrapper addSamlToken(SamlToken token, SoapMessage message) throws WSSecurityException {
    // 
    // Get the SAML CallbackHandler
    // 
    Object o = SecurityUtils.getSecurityPropertyValue(SecurityConstants.SAML_CALLBACK_HANDLER, message);
    CallbackHandler handler = null;
    if (o instanceof CallbackHandler) {
        handler = (CallbackHandler) o;
    } else if (o instanceof String) {
        try {
            handler = (CallbackHandler) ClassLoaderUtils.loadClass((String) o, this.getClass()).newInstance();
        } catch (Exception e) {
            handler = null;
        }
    }
    if (handler == null) {
        return null;
    }
    AssertionInfoMap aim = message.get(AssertionInfoMap.class);
    SAMLCallback samlCallback = new SAMLCallback();
    SamlTokenType tokenType = token.getSamlTokenType();
    if (tokenType == SamlTokenType.WssSamlV11Token10 || tokenType == SamlTokenType.WssSamlV11Token11) {
        samlCallback.setSamlVersion(Version.SAML_11);
        PolicyUtils.assertPolicy(aim, "WssSamlV11Token10");
        PolicyUtils.assertPolicy(aim, "WssSamlV11Token11");
    } else if (tokenType == SamlTokenType.WssSamlV20Token11) {
        samlCallback.setSamlVersion(Version.SAML_20);
        PolicyUtils.assertPolicy(aim, "WssSamlV20Token11");
    }
    SAMLUtil.doSAMLCallback(handler, samlCallback);
    SamlAssertionWrapper assertion = new SamlAssertionWrapper(samlCallback);
    if (samlCallback.isSignAssertion()) {
        String issuerName = samlCallback.getIssuerKeyName();
        if (issuerName == null) {
            String userNameKey = SecurityConstants.SIGNATURE_USERNAME;
            issuerName = (String) SecurityUtils.getSecurityPropertyValue(userNameKey, message);
        }
        String password = samlCallback.getIssuerKeyPassword();
        if (password == null) {
            password = (String) SecurityUtils.getSecurityPropertyValue(SecurityConstants.PASSWORD, message);
            if (StringUtils.isEmpty(password)) {
                password = getPassword(issuerName, token, WSPasswordCallback.SIGNATURE, message);
            }
        }
        Crypto crypto = samlCallback.getIssuerCrypto();
        if (crypto == null) {
            crypto = getCrypto(token, SecurityConstants.SIGNATURE_CRYPTO, SecurityConstants.SIGNATURE_PROPERTIES, message);
        }
        assertion.signAssertion(issuerName, password, crypto, samlCallback.isSendKeyValue(), samlCallback.getCanonicalizationAlgorithm(), samlCallback.getSignatureAlgorithm());
    }
    return assertion;
}
Also used : SamlTokenType(org.apache.wss4j.policy.model.SamlToken.SamlTokenType) CallbackHandler(javax.security.auth.callback.CallbackHandler) Crypto(org.apache.wss4j.common.crypto.Crypto) SamlAssertionWrapper(org.apache.wss4j.common.saml.SamlAssertionWrapper) SAMLCallback(org.apache.wss4j.common.saml.SAMLCallback) WSSecurityException(org.apache.wss4j.common.ext.WSSecurityException) AssertionInfoMap(org.apache.cxf.ws.policy.AssertionInfoMap)

Example 2 with SamlTokenType

use of org.apache.wss4j.policy.model.SamlToken.SamlTokenType in project cxf by apache.

the class SamlTokenInterceptor method checkVersion.

/**
 * Check the policy version against the received assertion
 */
private boolean checkVersion(AssertionInfoMap aim, SamlToken samlToken, SamlAssertionWrapper assertionWrapper) {
    SamlTokenType tokenType = samlToken.getSamlTokenType();
    if ((tokenType == SamlTokenType.WssSamlV11Token10 || tokenType == SamlTokenType.WssSamlV11Token11) && assertionWrapper.getSamlVersion() != SAMLVersion.VERSION_11) {
        return false;
    } else if (tokenType == SamlTokenType.WssSamlV20Token11 && assertionWrapper.getSamlVersion() != SAMLVersion.VERSION_20) {
        return false;
    }
    PolicyUtils.assertPolicy(aim, new QName(samlToken.getVersion().getNamespace(), tokenType.name()));
    return true;
}
Also used : SamlTokenType(org.apache.wss4j.policy.model.SamlToken.SamlTokenType) QName(javax.xml.namespace.QName)

Example 3 with SamlTokenType

use of org.apache.wss4j.policy.model.SamlToken.SamlTokenType in project cxf by apache.

the class AbstractBindingBuilder method addSamlToken.

protected SamlAssertionWrapper addSamlToken(SamlToken token) throws WSSecurityException {
    assertToken(token);
    if (!isTokenRequired(token.getIncludeTokenType())) {
        return null;
    }
    // 
    // Get the SAML CallbackHandler
    // 
    Object o = SecurityUtils.getSecurityPropertyValue(SecurityConstants.SAML_CALLBACK_HANDLER, message);
    if (o == null) {
        SecurityToken securityToken = getSecurityToken();
        if (securityToken != null) {
            Element tokenElement = securityToken.getToken();
            String namespace = tokenElement.getNamespaceURI();
            String localname = tokenElement.getLocalName();
            SamlTokenType tokenType = token.getSamlTokenType();
            if ((tokenType == SamlTokenType.WssSamlV11Token10 || tokenType == SamlTokenType.WssSamlV11Token11) && WSS4JConstants.SAML_NS.equals(namespace) && "Assertion".equals(localname)) {
                return new SamlAssertionWrapper(tokenElement);
            } else if (tokenType == SamlTokenType.WssSamlV20Token11 && WSS4JConstants.SAML2_NS.equals(namespace) && "Assertion".equals(localname)) {
                return new SamlAssertionWrapper(tokenElement);
            }
        }
    }
    SAMLCallback samlCallback = new SAMLCallback();
    SamlTokenType tokenType = token.getSamlTokenType();
    if (tokenType == SamlTokenType.WssSamlV11Token10 || tokenType == SamlTokenType.WssSamlV11Token11) {
        samlCallback.setSamlVersion(Version.SAML_11);
    } else if (tokenType == SamlTokenType.WssSamlV20Token11) {
        samlCallback.setSamlVersion(Version.SAML_20);
    }
    try {
        CallbackHandler handler = SecurityUtils.getCallbackHandler(o);
        if (handler == null) {
            unassertPolicy(token, "No SAML CallbackHandler available");
            return null;
        }
        SAMLUtil.doSAMLCallback(handler, samlCallback);
    } catch (Exception ex) {
        throw new WSSecurityException(WSSecurityException.ErrorCode.FAILURE, ex);
    }
    SamlAssertionWrapper assertion = new SamlAssertionWrapper(samlCallback);
    if (samlCallback.isSignAssertion()) {
        String issuerName = samlCallback.getIssuerKeyName();
        if (issuerName == null) {
            String userNameKey = SecurityConstants.SIGNATURE_USERNAME;
            issuerName = (String) SecurityUtils.getSecurityPropertyValue(userNameKey, message);
        }
        String password = samlCallback.getIssuerKeyPassword();
        if (password == null) {
            password = getPassword(issuerName, token, WSPasswordCallback.SIGNATURE);
        }
        Crypto crypto = samlCallback.getIssuerCrypto();
        if (crypto == null) {
            crypto = getSignatureCrypto();
        }
        assertion.signAssertion(issuerName, password, crypto, samlCallback.isSendKeyValue(), samlCallback.getCanonicalizationAlgorithm(), samlCallback.getSignatureAlgorithm(), samlCallback.getSignatureDigestAlgorithm());
    }
    return assertion;
}
Also used : SecurityToken(org.apache.cxf.ws.security.tokenstore.SecurityToken) SamlTokenType(org.apache.wss4j.policy.model.SamlToken.SamlTokenType) CallbackHandler(javax.security.auth.callback.CallbackHandler) AttachmentCallbackHandler(org.apache.cxf.ws.security.wss4j.AttachmentCallbackHandler) Crypto(org.apache.wss4j.common.crypto.Crypto) Element(org.w3c.dom.Element) SamlAssertionWrapper(org.apache.wss4j.common.saml.SamlAssertionWrapper) SAMLCallback(org.apache.wss4j.common.saml.SAMLCallback) WSSecurityException(org.apache.wss4j.common.ext.WSSecurityException) SOAPException(javax.xml.soap.SOAPException) WSSecurityException(org.apache.wss4j.common.ext.WSSecurityException) XMLStreamException(javax.xml.stream.XMLStreamException) XPathExpressionException(javax.xml.xpath.XPathExpressionException)

Example 4 with SamlTokenType

use of org.apache.wss4j.policy.model.SamlToken.SamlTokenType in project cxf by apache.

the class AbstractStaxBindingHandler method addSamlToken.

protected SecurePart addSamlToken(SamlToken token, boolean signed, boolean endorsing) throws WSSecurityException {
    assertToken(token);
    IncludeTokenType includeToken = token.getIncludeTokenType();
    if (!isTokenRequired(includeToken)) {
        return null;
    }
    // 
    // Get the SAML CallbackHandler
    // 
    Object o = SecurityUtils.getSecurityPropertyValue(SecurityConstants.SAML_CALLBACK_HANDLER, message);
    try {
        CallbackHandler handler = SecurityUtils.getCallbackHandler(o);
        if (handler == null) {
            unassertPolicy(token, "No SAML CallbackHandler available");
            return null;
        }
        properties.setSamlCallbackHandler(handler);
    } catch (Exception ex) {
        throw new WSSecurityException(WSSecurityException.ErrorCode.FAILURE, ex);
    }
    // Action
    WSSConstants.Action actionToPerform = WSSConstants.SAML_TOKEN_UNSIGNED;
    if (signed || endorsing) {
        actionToPerform = WSSConstants.SAML_TOKEN_SIGNED;
    }
    properties.addAction(actionToPerform);
    QName qname = WSSConstants.TAG_SAML2_ASSERTION;
    SamlTokenType tokenType = token.getSamlTokenType();
    if (tokenType == SamlTokenType.WssSamlV11Token10 || tokenType == SamlTokenType.WssSamlV11Token11) {
        qname = WSSConstants.TAG_SAML_ASSERTION;
    }
    return new SecurePart(qname, Modifier.Element);
}
Also used : SecurePart(org.apache.xml.security.stax.ext.SecurePart) SamlTokenType(org.apache.wss4j.policy.model.SamlToken.SamlTokenType) CallbackHandler(javax.security.auth.callback.CallbackHandler) WSSConstants(org.apache.wss4j.stax.ext.WSSConstants) QName(javax.xml.namespace.QName) IncludeTokenType(org.apache.wss4j.policy.SPConstants.IncludeTokenType) WSSecurityException(org.apache.wss4j.common.ext.WSSecurityException) SOAPException(javax.xml.soap.SOAPException) UnsupportedCallbackException(javax.security.auth.callback.UnsupportedCallbackException) WSSecurityException(org.apache.wss4j.common.ext.WSSecurityException) XMLSecurityException(org.apache.xml.security.exceptions.XMLSecurityException) IOException(java.io.IOException)

Aggregations

SamlTokenType (org.apache.wss4j.policy.model.SamlToken.SamlTokenType)4 CallbackHandler (javax.security.auth.callback.CallbackHandler)3 WSSecurityException (org.apache.wss4j.common.ext.WSSecurityException)3 QName (javax.xml.namespace.QName)2 SOAPException (javax.xml.soap.SOAPException)2 Crypto (org.apache.wss4j.common.crypto.Crypto)2 SAMLCallback (org.apache.wss4j.common.saml.SAMLCallback)2 SamlAssertionWrapper (org.apache.wss4j.common.saml.SamlAssertionWrapper)2 IOException (java.io.IOException)1 UnsupportedCallbackException (javax.security.auth.callback.UnsupportedCallbackException)1 XMLStreamException (javax.xml.stream.XMLStreamException)1 XPathExpressionException (javax.xml.xpath.XPathExpressionException)1 AssertionInfoMap (org.apache.cxf.ws.policy.AssertionInfoMap)1 SecurityToken (org.apache.cxf.ws.security.tokenstore.SecurityToken)1 AttachmentCallbackHandler (org.apache.cxf.ws.security.wss4j.AttachmentCallbackHandler)1 IncludeTokenType (org.apache.wss4j.policy.SPConstants.IncludeTokenType)1 WSSConstants (org.apache.wss4j.stax.ext.WSSConstants)1 XMLSecurityException (org.apache.xml.security.exceptions.XMLSecurityException)1 SecurePart (org.apache.xml.security.stax.ext.SecurePart)1 Element (org.w3c.dom.Element)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial