use of org.apache.xml.security.signature.XMLSignatureInput in project santuario-java by apache.
the class ResolverDirectHTTP method engineResolveURI.
/**
* {@inheritDoc}
*/
@Override
public XMLSignatureInput engineResolveURI(ResourceResolverContext context) throws ResourceResolverException {
try {
// calculate new URI
URI uriNew = getNewURI(context.uriToResolve, context.baseUri);
URL url = uriNew.toURL();
URLConnection urlConnection = openConnection(url);
// check if Basic authentication is required
String auth = urlConnection.getHeaderField("WWW-Authenticate");
if (auth != null && auth.startsWith("Basic")) {
// do http basic authentication
String user = engineGetProperty(ResolverDirectHTTP.properties[ResolverDirectHTTP.HttpBasicUser]);
String pass = engineGetProperty(ResolverDirectHTTP.properties[ResolverDirectHTTP.HttpBasicPass]);
if (user != null && pass != null) {
urlConnection = openConnection(url);
String password = user + ":" + pass;
String encodedPassword = Base64.getMimeEncoder().encodeToString(password.getBytes(StandardCharsets.ISO_8859_1));
// set authentication property in the http header
urlConnection.setRequestProperty("Authorization", "Basic " + encodedPassword);
}
}
String mimeType = urlConnection.getHeaderField("Content-Type");
try (ByteArrayOutputStream baos = new ByteArrayOutputStream();
InputStream inputStream = urlConnection.getInputStream()) {
byte[] buf = new byte[4096];
int read = 0;
int summarized = 0;
while ((read = inputStream.read(buf)) >= 0) {
baos.write(buf, 0, read);
summarized += read;
}
LOG.debug("Fetched {} bytes from URI {}", summarized, uriNew.toString());
XMLSignatureInput result = new XMLSignatureInput(baos.toByteArray());
result.setSecureValidation(context.secureValidation);
result.setSourceURI(uriNew.toString());
result.setMIMEType(mimeType);
return result;
}
} catch (URISyntaxException ex) {
throw new ResourceResolverException(ex, context.uriToResolve, context.baseUri, "generic.EmptyMessage");
} catch (MalformedURLException ex) {
throw new ResourceResolverException(ex, context.uriToResolve, context.baseUri, "generic.EmptyMessage");
} catch (IOException ex) {
throw new ResourceResolverException(ex, context.uriToResolve, context.baseUri, "generic.EmptyMessage");
} catch (IllegalArgumentException e) {
throw new ResourceResolverException(e, context.uriToResolve, context.baseUri, "generic.EmptyMessage");
}
}
use of org.apache.xml.security.signature.XMLSignatureInput in project santuario-java by apache.
the class ResolverFragment method engineResolveURI.
/**
* {@inheritDoc}
*/
@Override
public XMLSignatureInput engineResolveURI(ResourceResolverContext context) throws ResourceResolverException {
Document doc = context.attr.getOwnerElement().getOwnerDocument();
Node selectedElem = null;
if (context.uriToResolve.equals("")) {
/*
* Identifies the node-set (minus any comment nodes) of the XML
* resource containing the signature
*/
LOG.debug("ResolverFragment with empty URI (means complete document)");
selectedElem = doc;
} else {
/*
* URI="#chapter1"
* Identifies a node-set containing the element with ID attribute
* value 'chapter1' of the XML resource containing the signature.
* XML Signature (and its applications) modify this node-set to
* include the element plus all descendants including namespaces and
* attributes -- but not comments.
*/
String id = context.uriToResolve.substring(1);
selectedElem = doc.getElementById(id);
if (selectedElem == null) {
Object[] exArgs = { id };
throw new ResourceResolverException("signature.Verification.MissingID", exArgs, context.uriToResolve, context.baseUri);
}
if (context.secureValidation) {
Element start = context.attr.getOwnerDocument().getDocumentElement();
if (!XMLUtils.protectAgainstWrappingAttack(start, id)) {
Object[] exArgs = { id };
throw new ResourceResolverException("signature.Verification.MultipleIDs", exArgs, context.uriToResolve, context.baseUri);
}
}
LOG.debug("Try to catch an Element with ID {} and Element was {}", id, selectedElem);
}
XMLSignatureInput result = new XMLSignatureInput(selectedElem);
result.setSecureValidation(context.secureValidation);
result.setExcludeComments(true);
result.setMIMEType("text/xml");
if (context.baseUri != null && context.baseUri.length() > 0) {
result.setSourceURI(context.baseUri.concat(context.uriToResolve));
} else {
result.setSourceURI(context.uriToResolve);
}
return result;
}
Aggregations