You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@ws.apache.org by co...@apache.org on 2015/07/07 18:16:49 UTC

svn commit: r1689709 - /webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/processor/SignatureProcessor.java

Author: coheigea
Date: Tue Jul  7 16:16:48 2015
New Revision: 1689709

URL: http://svn.apache.org/r1689709
Log:
Refinement of previous commit

Modified:
    webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/processor/SignatureProcessor.java

Modified: webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/processor/SignatureProcessor.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/processor/SignatureProcessor.java?rev=1689709&r1=1689708&r2=1689709&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/processor/SignatureProcessor.java (original)
+++ webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/processor/SignatureProcessor.java Tue Jul  7 16:16:48 2015
@@ -30,7 +30,6 @@ import java.util.ArrayList;
 import java.util.Arrays;
 import java.util.Date;
 import java.util.List;
-import java.util.Map;
 
 import javax.xml.crypto.Data;
 import javax.xml.crypto.MarshalException;
@@ -64,7 +63,6 @@ import org.apache.wss4j.common.ext.WSSec
 import org.apache.wss4j.common.principal.PublicKeyPrincipalImpl;
 import org.apache.wss4j.common.principal.UsernameTokenPrincipal;
 import org.apache.wss4j.common.principal.WSDerivedKeyTokenPrincipal;
-import org.apache.wss4j.common.token.BinarySecurity;
 import org.apache.wss4j.common.token.SecurityTokenReference;
 import org.apache.wss4j.common.util.KeyUtils;
 import org.apache.wss4j.common.util.XMLUtils;
@@ -477,62 +475,24 @@ public class SignatureProcessor implemen
             Element element = callbackLookup.getAndRegisterElement(uri, null, true, context);
             if (element == null) {
                 wsDocInfo.setTokenOnContext(uri, context);
-            } else if ("BinarySecurityToken".equals(element.getLocalName())
-                && WSConstants.WSSE_NS.equals(element.getNamespaceURI())
-                && isXopInclude(element)) {
-                // We don't write out the xop:Include bytes into the BinarySecurityToken by default
-                // But if the BST is signed, then we have to, or else Signature validation fails...
-                handleXopInclude(element, wsDocInfo);
             } else {
-                // Handle EncryptedData children that might store the bytes in the attachment
-                List<Element> encElements = 
-                    XMLUtils.findElements(element, "EncryptedData", WSConstants.ENC_NS);
-                for (Element encElement : encElements) {
-                    Element xencCipherValue = EncryptionUtils.getCipherValueFromEncryptedData(encElement);
-                    
-                    String xopURI = EncryptionUtils.getXOPURIFromCipherValue(xencCipherValue);
+                // Look for xop:Include Nodes
+                List<Element> includeElements = 
+                    XMLUtils.findElements(element, "Include", WSConstants.XOP_NS);
+                for (Element includeElement : includeElements) {
+                    String xopURI = includeElement.getAttributeNS(null, "href");
                     if (xopURI != null) {
                         // Store the bytes in the attachment to calculate the signature
                         byte[] attachmentBytes = WSSecurityUtil.getBytesFromAttachment(xopURI, data);
                         String encodedBytes = Base64.encode(attachmentBytes);
 
-                        Element includeElement =
-                            XMLUtils.getDirectChildElement(xencCipherValue, "Include", WSConstants.XOP_NS);
-
                         Node newCipherValueChild = 
-                            encElement.getOwnerDocument().createTextNode(encodedBytes);
-                        xencCipherValue.replaceChild(newCipherValueChild, includeElement);
+                            includeElement.getOwnerDocument().createTextNode(encodedBytes);
+                        includeElement.getParentNode().replaceChild(newCipherValueChild, includeElement);
                     }
                 }
             }
         }
-    }
-    
-    private boolean isXopInclude(Element element) {
-        Element elementChild =
-            XMLUtils.getDirectChildElement(element, "Include", WSConstants.XOP_NS);
-        if (elementChild != null && elementChild.hasAttributeNS(null, "href")) {
-            String xopUri = elementChild.getAttributeNS(null, "href");
-            if (xopUri != null && xopUri.startsWith("cid:")) {
-                return true;
-            }
-        }
-        return false;
-    }
-    
-    private void handleXopInclude(Element element, WSDocInfo wsDocInfo) {
-        Map<Integer, List<WSSecurityEngineResult>> actionResults = wsDocInfo.getActionResults();
-        if (actionResults != null && actionResults.containsKey(WSConstants.BST)) {
-            for (WSSecurityEngineResult result : actionResults.get(WSConstants.BST)) {
-                Element token = (Element)result.get(WSSecurityEngineResult.TAG_TOKEN_ELEMENT);
-                if (element.equals(token)) {
-                    BinarySecurity binarySecurity = 
-                        (BinarySecurity)result.get(WSSecurityEngineResult.TAG_BINARY_SECURITY_TOKEN);
-                    binarySecurity.encodeRawToken();
-                    return;
-                }
-            }
-        }
     }
     
     /**