You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cxf.apache.org by as...@apache.org on 2013/06/20 18:24:38 UTC
svn commit: r1495079 - in /cxf/trunk/services/xkms:
xkms-common/src/main/java/org/apache/cxf/xkms/handlers/
xkms-osgi/src/main/resources/OSGI-INF/blueprint/
xkms-service/src/main/java/org/apache/cxf/xkms/service/
xkms-war/src/main/webapp/WEB-INF/ xkms-...
Author: ashakirin
Date: Thu Jun 20 16:24:37 2013
New Revision: 1495079
URL: http://svn.apache.org/r1495079
Log:
XKMS: refactored interfaces names
Added:
cxf/trunk/services/xkms/xkms-common/src/main/java/org/apache/cxf/xkms/handlers/Register.java
cxf/trunk/services/xkms/xkms-x509-handlers/src/main/java/org/apache/cxf/xkms/x509/handlers/X509Register.java
Removed:
cxf/trunk/services/xkms/xkms-common/src/main/java/org/apache/cxf/xkms/handlers/KeyRegisterHandler.java
cxf/trunk/services/xkms/xkms-x509-handlers/src/main/java/org/apache/cxf/xkms/x509/handlers/X509RegisterHandler.java
Modified:
cxf/trunk/services/xkms/xkms-osgi/src/main/resources/OSGI-INF/blueprint/cxf-endpoint.xml
cxf/trunk/services/xkms/xkms-osgi/src/main/resources/OSGI-INF/blueprint/xkms-key-handlers.xml
cxf/trunk/services/xkms/xkms-service/src/main/java/org/apache/cxf/xkms/service/XKMSService.java
cxf/trunk/services/xkms/xkms-war/src/main/webapp/WEB-INF/xkms-endpoint.xml
cxf/trunk/services/xkms/xkms-war/src/main/webapp/WEB-INF/xkms-key-handlers.xml
Added: cxf/trunk/services/xkms/xkms-common/src/main/java/org/apache/cxf/xkms/handlers/Register.java
URL: http://svn.apache.org/viewvc/cxf/trunk/services/xkms/xkms-common/src/main/java/org/apache/cxf/xkms/handlers/Register.java?rev=1495079&view=auto
==============================================================================
--- cxf/trunk/services/xkms/xkms-common/src/main/java/org/apache/cxf/xkms/handlers/Register.java (added)
+++ cxf/trunk/services/xkms/xkms-common/src/main/java/org/apache/cxf/xkms/handlers/Register.java Thu Jun 20 16:24:37 2013
@@ -0,0 +1,40 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.cxf.xkms.handlers;
+
+import org.apache.cxf.xkms.model.xkms.RegisterRequestType;
+import org.apache.cxf.xkms.model.xkms.RegisterResultType;
+import org.apache.cxf.xkms.model.xkms.ReissueRequestType;
+import org.apache.cxf.xkms.model.xkms.ReissueResultType;
+import org.apache.cxf.xkms.model.xkms.RequestAbstractType;
+import org.apache.cxf.xkms.model.xkms.RevokeRequestType;
+import org.apache.cxf.xkms.model.xkms.RevokeResultType;
+
+public interface Register {
+
+ boolean canProcess(RequestAbstractType request);
+
+ RegisterResultType register(RegisterRequestType request, RegisterResultType response);
+
+ ReissueResultType reissue(ReissueRequestType request, ReissueResultType response);
+
+ RevokeResultType revoke(RevokeRequestType request, RevokeResultType response);
+
+}
Modified: cxf/trunk/services/xkms/xkms-osgi/src/main/resources/OSGI-INF/blueprint/cxf-endpoint.xml
URL: http://svn.apache.org/viewvc/cxf/trunk/services/xkms/xkms-osgi/src/main/resources/OSGI-INF/blueprint/cxf-endpoint.xml?rev=1495079&r1=1495078&r2=1495079&view=diff
==============================================================================
--- cxf/trunk/services/xkms/xkms-osgi/src/main/resources/OSGI-INF/blueprint/cxf-endpoint.xml (original)
+++ cxf/trunk/services/xkms/xkms-osgi/src/main/resources/OSGI-INF/blueprint/cxf-endpoint.xml Thu Jun 20 16:24:37 2013
@@ -34,7 +34,7 @@
</property>
<property name="keyRegisterHandlers">
<list>
- <ref component-id="registerHandler" />
+ <ref component-id="x509Register" />
</list>
</property>
</bean>
Modified: cxf/trunk/services/xkms/xkms-osgi/src/main/resources/OSGI-INF/blueprint/xkms-key-handlers.xml
URL: http://svn.apache.org/viewvc/cxf/trunk/services/xkms/xkms-osgi/src/main/resources/OSGI-INF/blueprint/xkms-key-handlers.xml?rev=1495079&r1=1495078&r2=1495079&view=diff
==============================================================================
--- cxf/trunk/services/xkms/xkms-osgi/src/main/resources/OSGI-INF/blueprint/xkms-key-handlers.xml (original)
+++ cxf/trunk/services/xkms/xkms-osgi/src/main/resources/OSGI-INF/blueprint/xkms-key-handlers.xml Thu Jun 20 16:24:37 2013
@@ -65,8 +65,8 @@
<argument ref="certificateRepo" />
</bean>
- <bean id="registerHandler"
- class="org.apache.cxf.xkms.x509.handlers.X509RegisterHandler">
+ <bean id="x509Register"
+ class="org.apache.cxf.xkms.x509.handlers.X509Register">
<argument ref="certificateRepo" />
</bean>
Modified: cxf/trunk/services/xkms/xkms-service/src/main/java/org/apache/cxf/xkms/service/XKMSService.java
URL: http://svn.apache.org/viewvc/cxf/trunk/services/xkms/xkms-service/src/main/java/org/apache/cxf/xkms/service/XKMSService.java?rev=1495079&r1=1495078&r2=1495079&view=diff
==============================================================================
--- cxf/trunk/services/xkms/xkms-service/src/main/java/org/apache/cxf/xkms/service/XKMSService.java (original)
+++ cxf/trunk/services/xkms/xkms-service/src/main/java/org/apache/cxf/xkms/service/XKMSService.java Thu Jun 20 16:24:37 2013
@@ -26,8 +26,8 @@ import java.util.logging.Logger;
import org.apache.cxf.common.logging.LogUtils;
import org.apache.cxf.xkms.exception.ExceptionMapper;
-import org.apache.cxf.xkms.handlers.KeyRegisterHandler;
import org.apache.cxf.xkms.handlers.Locator;
+import org.apache.cxf.xkms.handlers.Register;
import org.apache.cxf.xkms.handlers.Validator;
import org.apache.cxf.xkms.handlers.XKMSConstants;
import org.apache.cxf.xkms.model.xkms.CompoundRequestType;
@@ -68,7 +68,7 @@ public class XKMSService implements XKMS
private List<Validator> validators = new ArrayList<Validator>();
- private List<KeyRegisterHandler> keyRegisterHandlers = new ArrayList<KeyRegisterHandler>();
+ private List<Register> keyRegisterHandlers = new ArrayList<Register>();
@Override
public ReissueResultType reissue(ReissueRequestType request) {
@@ -76,7 +76,7 @@ public class XKMSService implements XKMS
validateRequest(request);
ReissueResultType response = XKMSResponseFactory.createResponse(request, new ReissueResultType());
try {
- for (KeyRegisterHandler handler : keyRegisterHandlers) {
+ for (Register handler : keyRegisterHandlers) {
if (handler.canProcess(request)) {
return handler.reissue(request, response);
}
@@ -105,7 +105,7 @@ public class XKMSService implements XKMS
validateRequest(request);
RegisterResultType response = XKMSResponseFactory.createResponse(request, new RegisterResultType());
try {
- for (KeyRegisterHandler handler : keyRegisterHandlers) {
+ for (Register handler : keyRegisterHandlers) {
if (handler.canProcess(request)) {
return handler.register(request, response);
}
@@ -134,7 +134,7 @@ public class XKMSService implements XKMS
validateRequest(request);
RevokeResultType response = XKMSResponseFactory.createResponse(request, new RevokeResultType());
try {
- for (KeyRegisterHandler handler : keyRegisterHandlers) {
+ for (Register handler : keyRegisterHandlers) {
if (handler.canProcess(request)) {
return handler.revoke(request, response);
}
@@ -264,7 +264,7 @@ public class XKMSService implements XKMS
this.validators = validators;
}
- public void setKeyRegisterHandlers(List<KeyRegisterHandler> keyRegisterHandlers) {
+ public void setKeyRegisterHandlers(List<Register> keyRegisterHandlers) {
this.keyRegisterHandlers = keyRegisterHandlers;
}
Modified: cxf/trunk/services/xkms/xkms-war/src/main/webapp/WEB-INF/xkms-endpoint.xml
URL: http://svn.apache.org/viewvc/cxf/trunk/services/xkms/xkms-war/src/main/webapp/WEB-INF/xkms-endpoint.xml?rev=1495079&r1=1495078&r2=1495079&view=diff
==============================================================================
--- cxf/trunk/services/xkms/xkms-war/src/main/webapp/WEB-INF/xkms-endpoint.xml (original)
+++ cxf/trunk/services/xkms/xkms-war/src/main/webapp/WEB-INF/xkms-endpoint.xml Thu Jun 20 16:24:37 2013
@@ -51,7 +51,7 @@
</property>
<property name="keyRegisterHandlers">
<list>
- <ref bean="registerHandler" />
+ <ref bean="x509Register" />
</list>
</property>
</bean>
Modified: cxf/trunk/services/xkms/xkms-war/src/main/webapp/WEB-INF/xkms-key-handlers.xml
URL: http://svn.apache.org/viewvc/cxf/trunk/services/xkms/xkms-war/src/main/webapp/WEB-INF/xkms-key-handlers.xml?rev=1495079&r1=1495078&r2=1495079&view=diff
==============================================================================
--- cxf/trunk/services/xkms/xkms-war/src/main/webapp/WEB-INF/xkms-key-handlers.xml (original)
+++ cxf/trunk/services/xkms/xkms-war/src/main/webapp/WEB-INF/xkms-key-handlers.xml Thu Jun 20 16:24:37 2013
@@ -35,8 +35,8 @@
<constructor-arg ref="certificateRepo" />
</bean>
- <bean id="registerHandler"
- class="org.apache.cxf.xkms.x509.handlers.X509RegisterHandler">
+ <bean id="x509Register"
+ class="org.apache.cxf.xkms.x509.handlers.X509Register">
<constructor-arg ref="certificateRepo" />
</bean>
Added: cxf/trunk/services/xkms/xkms-x509-handlers/src/main/java/org/apache/cxf/xkms/x509/handlers/X509Register.java
URL: http://svn.apache.org/viewvc/cxf/trunk/services/xkms/xkms-x509-handlers/src/main/java/org/apache/cxf/xkms/x509/handlers/X509Register.java?rev=1495079&view=auto
==============================================================================
--- cxf/trunk/services/xkms/xkms-x509-handlers/src/main/java/org/apache/cxf/xkms/x509/handlers/X509Register.java (added)
+++ cxf/trunk/services/xkms/xkms-x509-handlers/src/main/java/org/apache/cxf/xkms/x509/handlers/X509Register.java Thu Jun 20 16:24:37 2013
@@ -0,0 +1,141 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.cxf.xkms.x509.handlers;
+
+import java.io.ByteArrayInputStream;
+import java.security.cert.CertificateException;
+import java.security.cert.CertificateFactory;
+import java.security.cert.X509Certificate;
+import java.util.ArrayList;
+import java.util.List;
+
+import javax.xml.bind.JAXBElement;
+
+import org.apache.cxf.xkms.handlers.Register;
+import org.apache.cxf.xkms.model.xkms.KeyBindingEnum;
+import org.apache.cxf.xkms.model.xkms.KeyBindingType;
+import org.apache.cxf.xkms.model.xkms.PrototypeKeyBindingType;
+import org.apache.cxf.xkms.model.xkms.RegisterRequestType;
+import org.apache.cxf.xkms.model.xkms.RegisterResultType;
+import org.apache.cxf.xkms.model.xkms.ReissueRequestType;
+import org.apache.cxf.xkms.model.xkms.ReissueResultType;
+import org.apache.cxf.xkms.model.xkms.RequestAbstractType;
+import org.apache.cxf.xkms.model.xkms.RespondWithEnum;
+import org.apache.cxf.xkms.model.xkms.RevokeRequestType;
+import org.apache.cxf.xkms.model.xkms.RevokeResultType;
+import org.apache.cxf.xkms.model.xkms.StatusType;
+import org.apache.cxf.xkms.model.xkms.UseKeyWithType;
+import org.apache.cxf.xkms.model.xmldsig.KeyInfoType;
+import org.apache.cxf.xkms.model.xmldsig.X509DataType;
+import org.apache.cxf.xkms.x509.repo.CertificateRepo;
+import org.apache.cxf.xkms.x509.utils.X509Utils;
+
+public class X509Register implements Register {
+
+ protected final CertificateFactory certFactory;
+ private CertificateRepo certRepo;
+
+ public X509Register(CertificateRepo certRepo) throws CertificateException {
+ this.certRepo = certRepo;
+ certFactory = CertificateFactory.getInstance("X.509");
+ }
+
+ @Override
+ public boolean canProcess(RequestAbstractType request) {
+ List<String> respondWithList = request.getRespondWith();
+ if ((respondWithList != null) && !(respondWithList.isEmpty())) {
+ return respondWithList.contains(RespondWithEnum.HTTP_WWW_W_3_ORG_2002_03_XKMS_X_509_CERT);
+ } else {
+ // Default handler
+ return true;
+ }
+ }
+
+ @Override
+ public RegisterResultType register(RegisterRequestType request, RegisterResultType response) {
+ try {
+ PrototypeKeyBindingType binding = request.getPrototypeKeyBinding();
+ X509Utils.assertElementNotNull(binding, PrototypeKeyBindingType.class);
+ KeyInfoType keyInfo = binding.getKeyInfo();
+ X509Utils.assertElementNotNull(binding, KeyInfoType.class);
+ List<UseKeyWithType> useKeyWithList = binding.getUseKeyWith();
+ if (useKeyWithList == null || useKeyWithList.size() != 1) {
+ throw new IllegalArgumentException("Exactly one useKeyWith element needed");
+ //TODO standard requires support for multiple useKeyWith attributes
+ }
+ UseKeyWithType useKeyWith = useKeyWithList.get(0);
+ List<X509Certificate> certList = getCertsFromKeyInfo(keyInfo);
+ if (certList.size() != 1) {
+ throw new IllegalArgumentException("Must provide one X509Certificate");
+ }
+ X509Certificate cert = certList.get(0);
+ certRepo.saveCertificate(cert, useKeyWith);
+
+ KeyBindingType responseBinding = prepareResponseBinding(binding);
+ response.getKeyBinding().add(responseBinding);
+ return response;
+ } catch (CertificateException e) {
+ throw new RuntimeException(e.getMessage(), e);
+ }
+ }
+
+ private KeyBindingType prepareResponseBinding(PrototypeKeyBindingType binding) {
+ KeyBindingType responseBinding = new KeyBindingType();
+ responseBinding.setKeyInfo(binding.getKeyInfo());
+ StatusType status = new StatusType();
+ status.setStatusValue(KeyBindingEnum.HTTP_WWW_W_3_ORG_2002_03_XKMS_VALID);
+ responseBinding.setStatus(status);
+ return responseBinding;
+ }
+
+ @Override
+ public ReissueResultType reissue(ReissueRequestType request, ReissueResultType response) {
+ throw new UnsupportedOperationException("This service does not support reissue");
+ }
+
+ @Override
+ public RevokeResultType revoke(RevokeRequestType request, RevokeResultType response) {
+ throw new UnsupportedOperationException("This service does not support revoke");
+ }
+
+ private List<X509Certificate> getCertsFromKeyInfo(KeyInfoType keyInfo) throws CertificateException {
+ List<X509Certificate> certList = new ArrayList<X509Certificate>();
+ for (Object key : keyInfo.getContent()) {
+ if (key instanceof JAXBElement) {
+ Object value = ((JAXBElement<?>) key).getValue();
+ if (value instanceof X509DataType) {
+ X509DataType x509Data = (X509DataType) value;
+ List<Object> data = x509Data.getX509IssuerSerialOrX509SKIOrX509SubjectName();
+ for (Object certO : data) {
+ JAXBElement<?> certO2 = (JAXBElement<?>) certO;
+ if (certO2.getDeclaredType() == byte[].class) {
+ byte[] certContent = (byte[]) certO2.getValue();
+ X509Certificate cert = (X509Certificate) certFactory
+ .generateCertificate(new ByteArrayInputStream(certContent));
+ certList.add(cert);
+ }
+ }
+ }
+ }
+
+ }
+ return certList;
+ }
+
+}