You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@ws.apache.org by co...@apache.org on 2020/04/15 14:50:23 UTC

[ws-wss4j] 02/02: Picking up some changes from Santuario

This is an automated email from the ASF dual-hosted git repository.

coheigea pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/ws-wss4j.git

commit df0747948fa5f770a7907afafb1c2966dcf3001e
Author: Colm O hEigeartaigh <co...@apache.org>
AuthorDate: Wed Apr 15 15:46:02 2020 +0100

    Picking up some changes from Santuario
---
 .../org/apache/wss4j/stax/ext/WSSSecurePart.java   | 67 ++++++++++++++++++++++
 .../processor/output/SAMLTokenOutputProcessor.java | 10 ++--
 .../output/WSSSignatureOutputProcessor.java        |  5 +-
 3 files changed, 77 insertions(+), 5 deletions(-)

diff --git a/ws-security-stax/src/main/java/org/apache/wss4j/stax/ext/WSSSecurePart.java b/ws-security-stax/src/main/java/org/apache/wss4j/stax/ext/WSSSecurePart.java
new file mode 100644
index 0000000..4d5e4b2
--- /dev/null
+++ b/ws-security-stax/src/main/java/org/apache/wss4j/stax/ext/WSSSecurePart.java
@@ -0,0 +1,67 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.wss4j.stax.ext;
+
+import javax.xml.namespace.QName;
+
+import org.apache.xml.security.stax.ext.SecurePart;
+
+/**
+ * Extend the Apache Santuario SecurePart class with some additional configuration for WSS
+ */
+public class WSSSecurePart extends SecurePart {
+
+    private String idToReference;
+
+    public WSSSecurePart(QName name, Modifier modifier) {
+        super(name, modifier);
+    }
+
+    public WSSSecurePart(QName name, Modifier modifier, String[] transforms, String digestMethod) {
+        super(name, modifier, transforms, digestMethod);
+    }
+
+    public WSSSecurePart(QName name, boolean generateXPointer, Modifier modifier) {
+        super(name, generateXPointer, modifier);
+    }
+
+    public WSSSecurePart(QName name, boolean generateXPointer, Modifier modifier, String[] transforms, String digestMethod) {
+        super(name, generateXPointer, modifier, transforms, digestMethod);
+    }
+
+    public WSSSecurePart(String externalReference) {
+        super(externalReference);
+    }
+
+    public WSSSecurePart(String externalReference, Modifier modifier) {
+        super(externalReference, modifier);
+    }
+
+    public WSSSecurePart(String externalReference, String[] transforms, String digestMethod) {
+        super(externalReference, transforms, digestMethod);
+    }
+
+    public String getIdToReference() {
+        return idToReference;
+    }
+
+    public void setIdToReference(String idToReference) {
+        this.idToReference = idToReference;
+    }
+}
\ No newline at end of file
diff --git a/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/output/SAMLTokenOutputProcessor.java b/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/output/SAMLTokenOutputProcessor.java
index 4047d46..6e22962 100644
--- a/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/output/SAMLTokenOutputProcessor.java
+++ b/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/output/SAMLTokenOutputProcessor.java
@@ -41,6 +41,7 @@ import org.apache.wss4j.common.saml.bean.KeyInfoBean;
 import org.apache.wss4j.common.saml.bean.SubjectBean;
 import org.apache.wss4j.stax.ext.WSSConfigurationException;
 import org.apache.wss4j.stax.ext.WSSConstants;
+import org.apache.wss4j.stax.ext.WSSSecurePart;
 import org.apache.wss4j.stax.ext.WSSSecurityProperties;
 import org.apache.wss4j.stax.securityEvent.WSSecurityEventConstants;
 import org.apache.wss4j.stax.securityToken.WSSecurityTokenConstants;
@@ -210,10 +211,11 @@ public class SAMLTokenOutputProcessor extends AbstractOutputProcessor {
             finalSAMLTokenOutputProcessor.init(outputProcessorChain);
 
             if (includeSTR) {
-                SecurePart securePart =
-                        new SecurePart(
-                                new QName(WSSConstants.SOAPMESSAGE_NS10_STR_TRANSFORM),
-                                tokenId, securityTokenReferenceId, SecurePart.Modifier.Element);
+                WSSSecurePart securePart =
+                        new WSSSecurePart(
+                                new QName(WSSConstants.SOAPMESSAGE_NS10_STR_TRANSFORM), SecurePart.Modifier.Element);
+                securePart.setIdToSign(tokenId);
+                securePart.setIdToReference(securityTokenReferenceId);
                 outputProcessorChain.getSecurityContext().putAsMap(WSSConstants.SIGNATURE_PARTS, tokenId, securePart);
             }
 
diff --git a/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/output/WSSSignatureOutputProcessor.java b/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/output/WSSSignatureOutputProcessor.java
index 2d28fb3..53420d3 100644
--- a/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/output/WSSSignatureOutputProcessor.java
+++ b/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/output/WSSSignatureOutputProcessor.java
@@ -38,6 +38,7 @@ import org.apache.wss4j.common.ext.AttachmentResultCallback;
 import org.apache.wss4j.common.ext.WSSecurityException;
 import org.apache.wss4j.common.util.AttachmentUtils;
 import org.apache.wss4j.stax.ext.WSSConstants;
+import org.apache.wss4j.stax.ext.WSSSecurePart;
 import org.apache.wss4j.stax.ext.WSSSecurityProperties;
 import org.apache.wss4j.stax.impl.transformer.AttachmentContentSignatureTransform;
 import org.apache.wss4j.stax.utils.WSSUtils;
@@ -111,7 +112,9 @@ public class WSSSignatureOutputProcessor extends AbstractSignatureOutputProcesso
                         }
                     } else {
                         if (WSSConstants.SOAPMESSAGE_NS10_STR_TRANSFORM.equals(securePart.getName().getLocalPart())) {
-                            signaturePartDef.setSigRefId(securePart.getIdToReference());
+                            if (securePart instanceof WSSSecurePart) {
+                                signaturePartDef.setSigRefId(((WSSSecurePart)securePart).getIdToReference());
+                            }
                             String[] transforms = new String[]{
                                     WSSConstants.SOAPMESSAGE_NS10_STR_TRANSFORM,
                                     WSSConstants.NS_C14N_EXCL