You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cxf.apache.org by co...@apache.org on 2016/05/19 13:55:51 UTC
cxf git commit: Adding initial StaxSerializer for XML Security
Repository: cxf
Updated Branches:
refs/heads/master 62130bce8 -> 3cfc25def
Adding initial StaxSerializer for XML Security
Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/3cfc25de
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/3cfc25de
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/3cfc25de
Branch: refs/heads/master
Commit: 3cfc25def74eec26cb1a673b55540e2d1c3ca267
Parents: 62130bc
Author: Colm O hEigeartaigh <co...@apache.org>
Authored: Thu May 19 14:55:12 2016 +0100
Committer: Colm O hEigeartaigh <co...@apache.org>
Committed: Thu May 19 14:55:12 2016 +0100
----------------------------------------------------------------------
.../cxf/ws/security/wss4j/StaxSerializer.java | 104 +++++++++++++++++++
.../ws/security/wss4j/WSS4JInInterceptor.java | 1 +
2 files changed, 105 insertions(+)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/cxf/blob/3cfc25de/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/StaxSerializer.java
----------------------------------------------------------------------
diff --git a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/StaxSerializer.java b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/StaxSerializer.java
new file mode 100644
index 0000000..9af3d2f
--- /dev/null
+++ b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/StaxSerializer.java
@@ -0,0 +1,104 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.cxf.ws.security.wss4j;
+
+import java.io.ByteArrayInputStream;
+import java.io.StringReader;
+
+import javax.xml.stream.XMLStreamException;
+import javax.xml.stream.XMLStreamReader;
+import javax.xml.stream.XMLStreamWriter;
+import javax.xml.transform.dom.DOMResult;
+
+import org.w3c.dom.Document;
+import org.w3c.dom.DocumentFragment;
+import org.w3c.dom.Node;
+import org.xml.sax.InputSource;
+
+import org.apache.cxf.staxutils.StaxUtils;
+import org.apache.xml.security.encryption.AbstractSerializer;
+import org.apache.xml.security.encryption.XMLEncryptionException;
+
+/**
+ * Converts <code>String</code>s into <code>Node</code>s and visa versa using CXF's StaxUtils
+ */
+public class StaxSerializer extends AbstractSerializer {
+
+ /**
+ * @param source
+ * @param ctx
+ * @return the Node resulting from the parse of the source
+ * @throws XMLEncryptionException
+ */
+ public Node deserialize(byte[] source, Node ctx) throws XMLEncryptionException {
+ byte[] fragment = createContext(source, ctx);
+ return deserialize(ctx, new InputSource(new ByteArrayInputStream(fragment)));
+ }
+
+ /**
+ * @param source
+ * @param ctx
+ * @return the Node resulting from the parse of the source
+ * @throws XMLEncryptionException
+ */
+ public Node deserialize(String source, Node ctx) throws XMLEncryptionException {
+ String fragment = createContext(source, ctx);
+ return deserialize(ctx, new InputSource(new StringReader(fragment)));
+ }
+
+ /**
+ * @param ctx
+ * @param inputSource
+ * @return the Node resulting from the parse of the source
+ * @throws XMLEncryptionException
+ */
+ private Node deserialize(Node ctx, InputSource inputSource) throws XMLEncryptionException {
+
+ Document contextDocument = null;
+ if (Node.DOCUMENT_NODE == ctx.getNodeType()) {
+ contextDocument = (Document)ctx;
+ } else {
+ contextDocument = ctx.getOwnerDocument();
+ }
+
+ XMLStreamReader reader = StaxUtils.createXMLStreamReader(inputSource);
+
+ // Import to a dummy fragment
+ DocumentFragment dummyFragment = contextDocument.createDocumentFragment();
+ XMLStreamWriter writer = StaxUtils.createXMLStreamWriter(new DOMResult(dummyFragment));
+
+ try {
+ StaxUtils.copy(reader, writer);
+ } catch (XMLStreamException ex) {
+ throw new XMLEncryptionException(ex);
+ }
+
+ // Remove the "dummy" wrapper
+ DocumentFragment result = contextDocument.createDocumentFragment();
+ Node child = dummyFragment.getFirstChild().getFirstChild();
+ while (child != null) {
+ Node nextChild = child.getNextSibling();
+ result.appendChild(child);
+ child = nextChild;
+ }
+
+ return result;
+ }
+
+}
http://git-wip-us.apache.org/repos/asf/cxf/blob/3cfc25de/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/WSS4JInInterceptor.java
----------------------------------------------------------------------
diff --git a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/WSS4JInInterceptor.java b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/WSS4JInInterceptor.java
index 1a0a758..b506853 100644
--- a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/WSS4JInInterceptor.java
+++ b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/WSS4JInInterceptor.java
@@ -196,6 +196,7 @@ public class WSS4JInInterceptor extends AbstractWSS4JInterceptor {
config = engine.getWssConfig();
}
reqData.setWssConfig(config);
+ // reqData.setEncryptionSerializer(new StaxSerializer());
// Add Audience Restrictions for SAML
configureAudienceRestriction(msg, reqData);