Examples with XPath - org.apache.wss4j.policy.model.XPath

Example 1 with XPath

use of org.apache.wss4j.policy.model.XPath in project cxf by apache.

the class AbstractStaxBindingHandler method getSignedParts.

/**
 * Identifies the portions of the message to be signed
 */
protected List<SecurePart> getSignedParts() throws SOAPException {
    SignedParts parts = null;
    SignedElements elements = null;
    AssertionInfoMap aim = message.get(AssertionInfoMap.class);
    AssertionInfo assertionInfo = PolicyUtils.getFirstAssertionByLocalname(aim, SPConstants.SIGNED_PARTS);
    if (assertionInfo != null) {
        parts = (SignedParts) assertionInfo.getAssertion();
        assertionInfo.setAsserted(true);
    }
    assertionInfo = PolicyUtils.getFirstAssertionByLocalname(aim, SPConstants.SIGNED_ELEMENTS);
    if (assertionInfo != null) {
        elements = (SignedElements) assertionInfo.getAssertion();
        assertionInfo.setAsserted(true);
    }
    List<SecurePart> signedParts = new ArrayList<>();
    if (parts != null) {
        if (parts.isBody()) {
            QName soapBody = new QName(WSSConstants.NS_SOAP12, "Body");
            SecurePart securePart = new SecurePart(soapBody, Modifier.Element);
            signedParts.add(securePart);
        }
        for (Header head : parts.getHeaders()) {
            String localName = head.getName();
            if (localName == null) {
                localName = "*";
            }
            QName qname = new QName(head.getNamespace(), localName);
            SecurePart securePart = new SecurePart(qname, Modifier.Element);
            securePart.setRequired(false);
            signedParts.add(securePart);
        }
        Attachments attachments = parts.getAttachments();
        if (attachments != null) {
            Modifier modifier = Modifier.Element;
            if (attachments.isContentSignatureTransform()) {
                modifier = Modifier.Content;
            }
            SecurePart securePart = new SecurePart("cid:Attachments", modifier);
            securePart.setRequired(false);
            signedParts.add(securePart);
        }
    }
    if (elements != null && elements.getXPaths() != null) {
        for (XPath xPath : elements.getXPaths()) {
            List<QName> qnames = org.apache.wss4j.policy.stax.PolicyUtils.getElementPath(xPath);
            if (!qnames.isEmpty()) {
                SecurePart securePart = new SecurePart(qnames.get(qnames.size() - 1), Modifier.Element);
                signedParts.add(securePart);
            }
        }
    }
    return signedParts;
}

Also used : XPath(org.apache.wss4j.policy.model.XPath) AssertionInfo(org.apache.cxf.ws.policy.AssertionInfo) QName(javax.xml.namespace.QName) SignedElements(org.apache.wss4j.policy.model.SignedElements) ArrayList(java.util.ArrayList) Attachments(org.apache.wss4j.policy.model.Attachments) AssertionInfoMap(org.apache.cxf.ws.policy.AssertionInfoMap) SecurePart(org.apache.xml.security.stax.ext.SecurePart) Header(org.apache.wss4j.policy.model.Header) SignedParts(org.apache.wss4j.policy.model.SignedParts) Modifier(org.apache.xml.security.stax.ext.SecurePart.Modifier)

Example 2 with XPath

use of org.apache.wss4j.policy.model.XPath in project cxf by apache.

the class AbstractStaxBindingHandler method getEncryptedParts.

/**
 * Identifies the portions of the message to be encrypted
 */
protected List<SecurePart> getEncryptedParts() throws SOAPException {
    EncryptedParts parts = null;
    EncryptedElements elements = null;
    ContentEncryptedElements celements = null;
    AssertionInfoMap aim = message.get(AssertionInfoMap.class);
    Collection<AssertionInfo> ais = PolicyUtils.getAllAssertionsByLocalname(aim, SPConstants.ENCRYPTED_PARTS);
    if (!ais.isEmpty()) {
        for (AssertionInfo ai : ais) {
            parts = (EncryptedParts) ai.getAssertion();
            ai.setAsserted(true);
        }
    }
    ais = PolicyUtils.getAllAssertionsByLocalname(aim, SPConstants.ENCRYPTED_ELEMENTS);
    if (!ais.isEmpty()) {
        for (AssertionInfo ai : ais) {
            elements = (EncryptedElements) ai.getAssertion();
            ai.setAsserted(true);
        }
    }
    ais = PolicyUtils.getAllAssertionsByLocalname(aim, SPConstants.CONTENT_ENCRYPTED_ELEMENTS);
    if (!ais.isEmpty()) {
        for (AssertionInfo ai : ais) {
            celements = (ContentEncryptedElements) ai.getAssertion();
            ai.setAsserted(true);
        }
    }
    List<SecurePart> encryptedParts = new ArrayList<>();
    if (parts != null) {
        if (parts.isBody()) {
            QName soapBody = new QName(WSSConstants.NS_SOAP12, "Body");
            SecurePart securePart = new SecurePart(soapBody, Modifier.Content);
            encryptedParts.add(securePart);
        }
        for (Header head : parts.getHeaders()) {
            String localName = head.getName();
            if (localName == null) {
                localName = "*";
            }
            QName qname = new QName(head.getNamespace(), localName);
            SecurePart securePart = new SecurePart(qname, Modifier.Element);
            securePart.setRequired(false);
            encryptedParts.add(securePart);
        }
        Attachments attachments = parts.getAttachments();
        if (attachments != null) {
            SecurePart securePart = new SecurePart("cid:Attachments", Modifier.Element);
            if (MessageUtils.getContextualBoolean(message, SecurityConstants.USE_ATTACHMENT_ENCRYPTION_CONTENT_ONLY_TRANSFORM, false)) {
                securePart.setModifier(Modifier.Content);
            }
            securePart.setRequired(false);
            encryptedParts.add(securePart);
        }
    }
    if (elements != null && elements.getXPaths() != null) {
        for (XPath xPath : elements.getXPaths()) {
            List<QName> qnames = org.apache.wss4j.policy.stax.PolicyUtils.getElementPath(xPath);
            if (!qnames.isEmpty()) {
                SecurePart securePart = new SecurePart(qnames.get(qnames.size() - 1), Modifier.Element);
                encryptedParts.add(securePart);
            }
        }
    }
    if (celements != null && celements.getXPaths() != null) {
        for (XPath xPath : celements.getXPaths()) {
            List<QName> qnames = org.apache.wss4j.policy.stax.PolicyUtils.getElementPath(xPath);
            if (!qnames.isEmpty()) {
                SecurePart securePart = new SecurePart(qnames.get(qnames.size() - 1), Modifier.Content);
                encryptedParts.add(securePart);
            }
        }
    }
    return encryptedParts;
}

Also used : XPath(org.apache.wss4j.policy.model.XPath) EncryptedParts(org.apache.wss4j.policy.model.EncryptedParts) AssertionInfo(org.apache.cxf.ws.policy.AssertionInfo) ContentEncryptedElements(org.apache.wss4j.policy.model.ContentEncryptedElements) QName(javax.xml.namespace.QName) ArrayList(java.util.ArrayList) Attachments(org.apache.wss4j.policy.model.Attachments) AssertionInfoMap(org.apache.cxf.ws.policy.AssertionInfoMap) ContentEncryptedElements(org.apache.wss4j.policy.model.ContentEncryptedElements) EncryptedElements(org.apache.wss4j.policy.model.EncryptedElements) SecurePart(org.apache.xml.security.stax.ext.SecurePart) Header(org.apache.wss4j.policy.model.Header)

Example 3 with XPath

use of org.apache.wss4j.policy.model.XPath in project cxf by apache.

the class StaxTransportBindingHandler method signPartsAndElements.

/**
 * Identifies the portions of the message to be signed/encrypted.
 */
private void signPartsAndElements(SignedParts signedParts, SignedElements signedElements) throws SOAPException {
    WSSSecurityProperties properties = getProperties();
    List<SecurePart> signatureParts = properties.getSignatureSecureParts();
    // Add timestamp
    if (timestampAdded) {
        SecurePart part = new SecurePart(new QName(WSSConstants.NS_WSU10, "Timestamp"), Modifier.Element);
        signatureParts.add(part);
    }
    // Add SignedParts
    if (signedParts != null) {
        if (signedParts.isBody()) {
            SecurePart part = new SecurePart(new QName(WSSConstants.NS_SOAP11, "Body"), Modifier.Element);
            signatureParts.add(part);
        }
        for (Header head : signedParts.getHeaders()) {
            SecurePart part = new SecurePart(new QName(head.getNamespace(), head.getName()), Modifier.Element);
            part.setRequired(false);
            signatureParts.add(part);
        }
    }
    // Handle SignedElements
    if (signedElements != null && signedElements.getXPaths() != null) {
        for (XPath xPath : signedElements.getXPaths()) {
            List<QName> qnames = org.apache.wss4j.policy.stax.PolicyUtils.getElementPath(xPath);
            if (!qnames.isEmpty()) {
                SecurePart part = new SecurePart(qnames.get(qnames.size() - 1), Modifier.Element);
                signatureParts.add(part);
            }
        }
    }
}

Also used : SecurePart(org.apache.xml.security.stax.ext.SecurePart) XPath(org.apache.wss4j.policy.model.XPath) WSSSecurityProperties(org.apache.wss4j.stax.ext.WSSSecurityProperties) Header(org.apache.wss4j.policy.model.Header) QName(javax.xml.namespace.QName)

Aggregations

QName (javax.xml.namespace.QName)3 Header (org.apache.wss4j.policy.model.Header)3 XPath (org.apache.wss4j.policy.model.XPath)3 SecurePart (org.apache.xml.security.stax.ext.SecurePart)3 ArrayList (java.util.ArrayList)2 AssertionInfo (org.apache.cxf.ws.policy.AssertionInfo)2 AssertionInfoMap (org.apache.cxf.ws.policy.AssertionInfoMap)2 Attachments (org.apache.wss4j.policy.model.Attachments)2 ContentEncryptedElements (org.apache.wss4j.policy.model.ContentEncryptedElements)1 EncryptedElements (org.apache.wss4j.policy.model.EncryptedElements)1 EncryptedParts (org.apache.wss4j.policy.model.EncryptedParts)1 SignedElements (org.apache.wss4j.policy.model.SignedElements)1 SignedParts (org.apache.wss4j.policy.model.SignedParts)1 WSSSecurityProperties (org.apache.wss4j.stax.ext.WSSSecurityProperties)1 Modifier (org.apache.xml.security.stax.ext.SecurePart.Modifier)1