Java Code Examples for org.apache.cxf.ws.security.tokenstore.SecurityToken#setTokenType()
The following examples show how to use
org.apache.cxf.ws.security.tokenstore.SecurityToken#setTokenType() .
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
| Source File: STSClient.java From steady with Apache License 2.0 | 6 votes |
|
public SecurityToken requestSecurityToken(
String appliesTo, String action, String requestType, String binaryExchange
) throws Exception {
STSResponse response = issue(appliesTo, action, requestType, binaryExchange);
SecurityToken token =
createSecurityToken(getDocumentElement(response.getResponse()), response.getEntropy());
if (response.getCert() != null) {
token.setX509Certificate(response.getCert(), response.getCrypto());
}
if (token.getTokenType() == null) {
String tokenTypeFromTemplate = getTokenTypeFromTemplate();
if (tokenTypeFromTemplate != null) {
token.setTokenType(tokenTypeFromTemplate);
} else if (tokenType != null) {
token.setTokenType(tokenType);
}
}
return token;
}
Example 2
| Source File: IssuedTokenInterceptorProvider.java From steady with Apache License 2.0 | 6 votes |
|
private SecurityToken createSecurityToken(
AssertionWrapper assertionWrapper
) {
SecurityToken token = new SecurityToken(assertionWrapper.getId());
SAMLKeyInfo subjectKeyInfo = assertionWrapper.getSubjectKeyInfo();
if (subjectKeyInfo != null) {
token.setSecret(subjectKeyInfo.getSecret());
X509Certificate[] certs = subjectKeyInfo.getCerts();
if (certs != null && certs.length > 0) {
token.setX509Certificate(certs[0], null);
}
}
if (assertionWrapper.getSaml1() != null) {
token.setTokenType(WSConstants.WSS_SAML_TOKEN_TYPE);
} else if (assertionWrapper.getSaml2() != null) {
token.setTokenType(WSConstants.WSS_SAML2_TOKEN_TYPE);
}
token.setToken(assertionWrapper.getElement());
return token;
}
Example 3
| Source File: IssuedTokenInterceptorProvider.java From steady with Apache License 2.0 | 6 votes |
|
private SecurityToken createSecurityToken(
AssertionWrapper assertionWrapper
) {
SecurityToken token = new SecurityToken(assertionWrapper.getId());
SAMLKeyInfo subjectKeyInfo = assertionWrapper.getSubjectKeyInfo();
if (subjectKeyInfo != null) {
token.setSecret(subjectKeyInfo.getSecret());
X509Certificate[] certs = subjectKeyInfo.getCerts();
if (certs != null && certs.length > 0) {
token.setX509Certificate(certs[0], null);
}
}
if (assertionWrapper.getSaml1() != null) {
token.setTokenType(WSConstants.WSS_SAML_TOKEN_TYPE);
} else if (assertionWrapper.getSaml2() != null) {
token.setTokenType(WSConstants.WSS_SAML2_TOKEN_TYPE);
}
token.setToken(assertionWrapper.getElement());
return token;
}
Example 4
| Source File: STSClient.java From cxf with Apache License 2.0 | 6 votes |
|
public SecurityToken requestSecurityToken(
String appliesTo, String action, String requestType, String binaryExchange
) throws Exception {
STSResponse response = issue(appliesTo, action, requestType, binaryExchange);
SecurityToken token =
createSecurityToken(getDocumentElement(response.getResponse()), response.getEntropy());
inlineAttachments(token, response.getAttachments());
if (response.getCert() != null) {
token.setX509Certificate(response.getCert(), response.getCrypto());
}
if (token.getTokenType() == null) {
String tokenTypeFromTemplate = getTokenTypeFromTemplate();
if (tokenTypeFromTemplate != null) {
token.setTokenType(tokenTypeFromTemplate);
} else if (tokenType != null) {
token.setTokenType(tokenType);
}
}
return token;
}
Example 5
| Source File: AbstractBindingBuilder.java From steady with Apache License 2.0 | 6 votes |
|
/**
* Store a SAML Assertion as a SecurityToken
*/
protected void storeAssertionAsSecurityToken(AssertionWrapper assertion) {
String id = findIDFromSamlToken(assertion.getElement());
if (id == null) {
return;
}
SecurityToken secToken = new SecurityToken(id);
if (assertion.getSaml2() != null) {
secToken.setTokenType(WSConstants.WSS_SAML2_TOKEN_TYPE);
} else {
secToken.setTokenType(WSConstants.WSS_SAML_TOKEN_TYPE);
}
secToken.setToken(assertion.getElement());
getTokenStore().add(secToken);
message.setContextualProperty(SecurityConstants.TOKEN_ID, secToken.getId());
}
Example 6
| Source File: STSClient.java From steady with Apache License 2.0 | 6 votes |
|
public SecurityToken requestSecurityToken(
String appliesTo, String action, String requestType, String binaryExchange
) throws Exception {
STSResponse response = issue(appliesTo, action, requestType, binaryExchange);
SecurityToken token =
createSecurityToken(getDocumentElement(response.getResponse()), response.getEntropy());
if (response.getCert() != null) {
token.setX509Certificate(response.getCert(), response.getCrypto());
}
if (token.getTokenType() == null) {
String tokenTypeFromTemplate = getTokenTypeFromTemplate();
if (tokenTypeFromTemplate != null) {
token.setTokenType(tokenTypeFromTemplate);
} else if (tokenType != null) {
token.setTokenType(tokenType);
}
}
return token;
}
Example 7
| Source File: AbstractBindingBuilder.java From steady with Apache License 2.0 | 6 votes |
|
/**
* Store a SAML Assertion as a SecurityToken
*/
protected void storeAssertionAsSecurityToken(AssertionWrapper assertion) {
String id = findIDFromSamlToken(assertion.getElement());
if (id == null) {
return;
}
SecurityToken secToken = new SecurityToken(id);
if (assertion.getSaml2() != null) {
secToken.setTokenType(WSConstants.WSS_SAML2_TOKEN_TYPE);
} else {
secToken.setTokenType(WSConstants.WSS_SAML_TOKEN_TYPE);
}
secToken.setToken(assertion.getElement());
getTokenStore().add(secToken);
message.setContextualProperty(SecurityConstants.TOKEN_ID, secToken.getId());
}
Example 8
| Source File: AbstractBindingBuilder.java From steady with Apache License 2.0 | 6 votes |
|
/**
* Store a SAML Assertion as a SecurityToken
*/
protected void storeAssertionAsSecurityToken(AssertionWrapper assertion) {
String id = findIDFromSamlToken(assertion.getElement());
if (id == null) {
return;
}
SecurityToken secToken = new SecurityToken(id);
if (assertion.getSaml2() != null) {
secToken.setTokenType(WSConstants.WSS_SAML2_TOKEN_TYPE);
} else {
secToken.setTokenType(WSConstants.WSS_SAML_TOKEN_TYPE);
}
secToken.setToken(assertion.getElement());
getTokenStore().add(secToken);
message.setContextualProperty(SecurityConstants.TOKEN_ID, secToken.getId());
}
Example 9
| Source File: IssuedTokenInterceptorProvider.java From steady with Apache License 2.0 | 6 votes |
|
private SecurityToken createSecurityToken(
AssertionWrapper assertionWrapper
) {
SecurityToken token = new SecurityToken(assertionWrapper.getId());
SAMLKeyInfo subjectKeyInfo = assertionWrapper.getSubjectKeyInfo();
if (subjectKeyInfo != null) {
token.setSecret(subjectKeyInfo.getSecret());
X509Certificate[] certs = subjectKeyInfo.getCerts();
if (certs != null && certs.length > 0) {
token.setX509Certificate(certs[0], null);
}
}
if (assertionWrapper.getSaml1() != null) {
token.setTokenType(WSConstants.WSS_SAML_TOKEN_TYPE);
} else if (assertionWrapper.getSaml2() != null) {
token.setTokenType(WSConstants.WSS_SAML2_TOKEN_TYPE);
}
token.setToken(assertionWrapper.getElement());
return token;
}
Example 10
| Source File: IssuedTokenPolicyValidator.java From cxf with Apache License 2.0 | 5 votes |
|
private SecurityToken createSecurityToken(BinarySecurity binarySecurityToken) {
SecurityToken token = new SecurityToken(binarySecurityToken.getID());
token.setToken(binarySecurityToken.getElement());
token.setSecret(binarySecurityToken.getToken());
token.setTokenType(binarySecurityToken.getValueType());
return token;
}
Example 11
| Source File: NegotiationUtils.java From steady with Apache License 2.0 | 5 votes |
|
/**
* Return true on successfully parsing a SecurityContextToken result
*/
static boolean parseSCTResult(SoapMessage message) {
List<WSHandlerResult> results =
CastUtils.cast((List<?>)message.get(WSHandlerConstants.RECV_RESULTS));
if (results == null) {
return false;
}
for (WSHandlerResult rResult : results) {
List<WSSecurityEngineResult> wsSecEngineResults = rResult.getResults();
for (WSSecurityEngineResult wser : wsSecEngineResults) {
Integer actInt = (Integer)wser.get(WSSecurityEngineResult.TAG_ACTION);
if (actInt.intValue() == WSConstants.SCT) {
SecurityContextToken tok =
(SecurityContextToken)wser.get(WSSecurityEngineResult.TAG_SECURITY_CONTEXT_TOKEN);
message.getExchange().put(SecurityConstants.TOKEN_ID, tok.getIdentifier());
byte[] secret = (byte[])wser.get(WSSecurityEngineResult.TAG_SECRET);
if (secret != null) {
SecurityToken token = new SecurityToken(tok.getIdentifier());
token.setToken(tok.getElement());
token.setSecret(secret);
token.setTokenType(tok.getTokenType());
getTokenStore(message).add(token);
}
return true;
}
}
}
return false;
}
Example 12
| Source File: NegotiationUtils.java From steady with Apache License 2.0 | 5 votes |
|
/**
* Return true on successfully parsing a SecurityContextToken result
*/
static boolean parseSCTResult(SoapMessage message) {
List<WSHandlerResult> results =
CastUtils.cast((List<?>)message.get(WSHandlerConstants.RECV_RESULTS));
if (results == null) {
return false;
}
for (WSHandlerResult rResult : results) {
List<WSSecurityEngineResult> wsSecEngineResults = rResult.getResults();
for (WSSecurityEngineResult wser : wsSecEngineResults) {
Integer actInt = (Integer)wser.get(WSSecurityEngineResult.TAG_ACTION);
if (actInt.intValue() == WSConstants.SCT) {
SecurityContextToken tok =
(SecurityContextToken)wser.get(WSSecurityEngineResult.TAG_SECURITY_CONTEXT_TOKEN);
message.getExchange().put(SecurityConstants.TOKEN_ID, tok.getIdentifier());
byte[] secret = (byte[])wser.get(WSSecurityEngineResult.TAG_SECRET);
if (secret != null) {
SecurityToken token = new SecurityToken(tok.getIdentifier());
token.setToken(tok.getElement());
token.setSecret(secret);
token.setTokenType(tok.getTokenType());
getTokenStore(message).add(token);
}
return true;
}
}
}
return false;
}
Example 13
| Source File: KerberosTokenPolicyValidator.java From cxf with Apache License 2.0 | 5 votes |
|
private SecurityToken createSecurityToken(KerberosSecurity binarySecurityToken) {
SecurityToken token = new SecurityToken(binarySecurityToken.getID());
token.setToken(binarySecurityToken.getElement());
token.setTokenType(binarySecurityToken.getValueType());
byte[] tokenBytes = binarySecurityToken.getToken();
try {
token.setSHA1(XMLUtils.encodeToString(KeyUtils.generateDigest(tokenBytes)));
} catch (WSSecurityException e) {
// Just consume this for now as it isn't critical...
}
return token;
}
Example 14
| Source File: STSClient.java From steady with Apache License 2.0 | 5 votes |
|
public SecurityToken renewSecurityToken(SecurityToken tok) throws Exception {
STSResponse response = renew(tok);
SecurityToken token = createSecurityToken(getDocumentElement(response.getResponse()), null);
if (token.getTokenType() == null) {
String tokenTypeFromTemplate = getTokenTypeFromTemplate();
if (tokenTypeFromTemplate != null) {
token.setTokenType(tokenTypeFromTemplate);
} else if (tokenType != null) {
token.setTokenType(tokenType);
}
}
return token;
}
Example 15
| Source File: IssuedTokenInterceptorProvider.java From steady with Apache License 2.0 | 5 votes |
|
private SecurityToken createSecurityToken(BinarySecurity binarySecurityToken) {
SecurityToken token = new SecurityToken(binarySecurityToken.getID());
token.setToken(binarySecurityToken.getElement());
token.setSecret(binarySecurityToken.getToken());
token.setTokenType(binarySecurityToken.getValueType());
return token;
}
Example 16
| Source File: SecureConversationInInterceptor.java From steady with Apache License 2.0 | 4 votes |
|
void doIssue(
Element requestEl,
Exchange exchange,
Element binaryExchange,
W3CDOMStreamWriter writer,
String prefix,
String namespace
) throws Exception {
if (STSUtils.WST_NS_05_12.equals(namespace)) {
writer.writeStartElement(prefix, "RequestSecurityTokenResponseCollection", namespace);
}
writer.writeStartElement(prefix, "RequestSecurityTokenResponse", namespace);
byte clientEntropy[] = null;
int keySize = 256;
long ttl = 300000L;
String tokenType = null;
Element el = DOMUtils.getFirstElement(requestEl);
while (el != null) {
String localName = el.getLocalName();
if (namespace.equals(el.getNamespaceURI())) {
if ("Entropy".equals(localName)) {
Element bs = DOMUtils.getFirstElement(el);
if (bs != null) {
clientEntropy = Base64.decode(bs.getTextContent());
}
} else if ("KeySize".equals(localName)) {
keySize = Integer.parseInt(el.getTextContent());
} else if ("TokenType".equals(localName)) {
tokenType = el.getTextContent();
}
}
el = DOMUtils.getNextElement(el);
}
// Check received KeySize
if (keySize < 128 || keySize > 512) {
keySize = 256;
}
writer.writeStartElement(prefix, "RequestedSecurityToken", namespace);
SecurityContextToken sct =
new SecurityContextToken(NegotiationUtils.getWSCVersion(tokenType), writer.getDocument());
Date created = new Date();
Date expires = new Date();
expires.setTime(created.getTime() + ttl);
SecurityToken token = new SecurityToken(sct.getIdentifier(), created, expires);
token.setToken(sct.getElement());
token.setTokenType(sct.getTokenType());
writer.getCurrentNode().appendChild(sct.getElement());
writer.writeEndElement();
writer.writeStartElement(prefix, "RequestedAttachedReference", namespace);
token.setAttachedReference(
writeSecurityTokenReference(writer, "#" + sct.getID(), tokenType)
);
writer.writeEndElement();
writer.writeStartElement(prefix, "RequestedUnattachedReference", namespace);
token.setUnattachedReference(
writeSecurityTokenReference(writer, sct.getIdentifier(), tokenType)
);
writer.writeEndElement();
writeLifetime(writer, created, expires, prefix, namespace);
byte[] secret = writeProofToken(prefix, namespace, writer, clientEntropy, keySize);
token.setSecret(secret);
((TokenStore)exchange.get(Endpoint.class).getEndpointInfo()
.getProperty(TokenStore.class.getName())).add(token);
writer.writeEndElement();
if (STSUtils.WST_NS_05_12.equals(namespace)) {
writer.writeEndElement();
}
}
Example 17
| Source File: SecureConversationInInterceptor.java From steady with Apache License 2.0 | 4 votes |
|
void doIssue(
Element requestEl,
Exchange exchange,
Element binaryExchange,
W3CDOMStreamWriter writer,
String prefix,
String namespace
) throws Exception {
if (STSUtils.WST_NS_05_12.equals(namespace)) {
writer.writeStartElement(prefix, "RequestSecurityTokenResponseCollection", namespace);
}
writer.writeStartElement(prefix, "RequestSecurityTokenResponse", namespace);
byte clientEntropy[] = null;
int keySize = 256;
long ttl = 300000L;
String tokenType = null;
Element el = DOMUtils.getFirstElement(requestEl);
while (el != null) {
String localName = el.getLocalName();
if (namespace.equals(el.getNamespaceURI())) {
if ("Entropy".equals(localName)) {
Element bs = DOMUtils.getFirstElement(el);
if (bs != null) {
clientEntropy = Base64.decode(bs.getTextContent());
}
} else if ("KeySize".equals(localName)) {
keySize = Integer.parseInt(el.getTextContent());
} else if ("TokenType".equals(localName)) {
tokenType = el.getTextContent();
}
}
el = DOMUtils.getNextElement(el);
}
// Check received KeySize
if (keySize < 128 || keySize > 512) {
keySize = 256;
}
writer.writeStartElement(prefix, "RequestedSecurityToken", namespace);
SecurityContextToken sct =
new SecurityContextToken(NegotiationUtils.getWSCVersion(tokenType), writer.getDocument());
Date created = new Date();
Date expires = new Date();
expires.setTime(created.getTime() + ttl);
SecurityToken token = new SecurityToken(sct.getIdentifier(), created, expires);
token.setToken(sct.getElement());
token.setTokenType(sct.getTokenType());
writer.getCurrentNode().appendChild(sct.getElement());
writer.writeEndElement();
writer.writeStartElement(prefix, "RequestedAttachedReference", namespace);
token.setAttachedReference(
writeSecurityTokenReference(writer, "#" + sct.getID(), tokenType)
);
writer.writeEndElement();
writer.writeStartElement(prefix, "RequestedUnattachedReference", namespace);
token.setUnattachedReference(
writeSecurityTokenReference(writer, sct.getIdentifier(), tokenType)
);
writer.writeEndElement();
writeLifetime(writer, created, expires, prefix, namespace);
byte[] secret = writeProofToken(prefix, namespace, writer, clientEntropy, keySize);
token.setSecret(secret);
((TokenStore)exchange.get(Endpoint.class).getEndpointInfo()
.getProperty(TokenStore.class.getName())).add(token);
writer.writeEndElement();
if (STSUtils.WST_NS_05_12.equals(namespace)) {
writer.writeEndElement();
}
}
Example 18
| Source File: KerberosTokenInterceptorProvider.java From steady with Apache License 2.0 | 4 votes |
|
private static SecurityToken createSecurityToken(KerberosSecurity binarySecurityToken) {
SecurityToken token = new SecurityToken(binarySecurityToken.getID());
token.setToken(binarySecurityToken.getElement());
token.setTokenType(binarySecurityToken.getValueType());
return token;
}
Example 19
| Source File: SecureConversationInInterceptor.java From steady with Apache License 2.0 | 4 votes |
|
void doIssue(
Element requestEl,
Exchange exchange,
Element binaryExchange,
W3CDOMStreamWriter writer,
String prefix,
String namespace
) throws Exception {
if (STSUtils.WST_NS_05_12.equals(namespace)) {
writer.writeStartElement(prefix, "RequestSecurityTokenResponseCollection", namespace);
}
writer.writeStartElement(prefix, "RequestSecurityTokenResponse", namespace);
byte clientEntropy[] = null;
int keySize = 256;
long ttl = 300000L;
String tokenType = null;
Element el = DOMUtils.getFirstElement(requestEl);
while (el != null) {
String localName = el.getLocalName();
if (namespace.equals(el.getNamespaceURI())) {
if ("Entropy".equals(localName)) {
Element bs = DOMUtils.getFirstElement(el);
if (bs != null) {
clientEntropy = Base64.decode(bs.getTextContent());
}
} else if ("KeySize".equals(localName)) {
keySize = Integer.parseInt(el.getTextContent());
} else if ("TokenType".equals(localName)) {
tokenType = el.getTextContent();
}
}
el = DOMUtils.getNextElement(el);
}
// Check received KeySize
if (keySize < 128 || keySize > 512) {
keySize = 256;
}
writer.writeStartElement(prefix, "RequestedSecurityToken", namespace);
SecurityContextToken sct =
new SecurityContextToken(NegotiationUtils.getWSCVersion(tokenType), writer.getDocument());
Date created = new Date();
Date expires = new Date();
expires.setTime(created.getTime() + ttl);
SecurityToken token = new SecurityToken(sct.getIdentifier(), created, expires);
token.setToken(sct.getElement());
token.setTokenType(sct.getTokenType());
writer.getCurrentNode().appendChild(sct.getElement());
writer.writeEndElement();
writer.writeStartElement(prefix, "RequestedAttachedReference", namespace);
token.setAttachedReference(
writeSecurityTokenReference(writer, "#" + sct.getID(), tokenType)
);
writer.writeEndElement();
writer.writeStartElement(prefix, "RequestedUnattachedReference", namespace);
token.setUnattachedReference(
writeSecurityTokenReference(writer, sct.getIdentifier(), tokenType)
);
writer.writeEndElement();
writeLifetime(writer, created, expires, prefix, namespace);
byte[] secret = writeProofToken(prefix, namespace, writer, clientEntropy, keySize);
token.setSecret(secret);
((TokenStore)exchange.get(Endpoint.class).getEndpointInfo()
.getProperty(TokenStore.class.getName())).add(token);
writer.writeEndElement();
if (STSUtils.WST_NS_05_12.equals(namespace)) {
writer.writeEndElement();
}
}
Example 20
| Source File: KerberosTokenInterceptorProvider.java From steady with Apache License 2.0 | 4 votes |
|
private static SecurityToken createSecurityToken(KerberosSecurity binarySecurityToken) {
SecurityToken token = new SecurityToken(binarySecurityToken.getID());
token.setToken(binarySecurityToken.getElement());
token.setTokenType(binarySecurityToken.getValueType());
return token;
}
