neethi/src/secpolicy/builder/security_context_token_builder.c - axis-axis2-c-core - Git at Google

 /*
  * Licensed to the Apache Software Foundation (ASF) under one or more
  * contributor license agreements.  See the NOTICE file distributed with
  * this work for additional information regarding copyright ownership.
  * The ASF licenses this file to You under the Apache License, Version 2.0
  * (the "License"); you may not use this file except in compliance with
  * the License.  You may obtain a copy of the License at
  *
  *      http://www.apache.org/licenses/LICENSE-2.0
  *
  * Unless required by applicable law or agreed to in writing, software
  * distributed under the License is distributed on an "AS IS" BASIS,
  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  * See the License for the specific language governing permissions and
  * limitations under the License.
  */

 #include <rp_security_context_token_builder.h>
 #include <neethi_operator.h>
 #include <neethi_policy.h>
 #include <neethi_exactlyone.h>
 #include <neethi_all.h>
 #include <neethi_engine.h>

 /*private functions*/

 axis2_status_t AXIS2_CALL
 security_context_token_process_alternatives(
     const axutil_env_t *env,
     neethi_all_t *all,
     rp_security_context_token_t * security_context_token);

 /***********************************/

 AXIS2_EXTERN neethi_assertion_t *AXIS2_CALL
 rp_security_context_token_builder_build(
     const axutil_env_t *env,
     axiom_node_t *node,
     axiom_element_t *element,
     axis2_char_t *sp_ns_uri,
     axis2_bool_t is_secure_conversation_token)
 {
     rp_security_context_token_t *security_context_token = NULL;
     neethi_policy_t *policy = NULL;
     axiom_node_t *child_node = NULL;
     axiom_element_t *child_element = NULL;
     axiom_children_iterator_t *children_iter = NULL;
     axutil_array_list_t *alternatives = NULL;
     neethi_operator_t *component = NULL;
     neethi_all_t *all = NULL;
     axis2_char_t *inclusion_value = NULL;
     axutil_qname_t *qname = NULL;
     neethi_assertion_t *assertion = NULL;
     neethi_policy_t *normalized_policy = NULL;

     security_context_token = rp_security_context_token_create(env);
     qname = axutil_qname_create(env, RP_INCLUDE_TOKEN, sp_ns_uri, RP_SP_PREFIX);
     inclusion_value = axiom_element_get_attribute_value(element, env, qname);
     axutil_qname_free(qname, env);
     qname = NULL;

     rp_security_context_token_set_inclusion(security_context_token, env, inclusion_value);
     rp_security_context_token_set_is_secure_conversation_token(security_context_token, env,
         is_secure_conversation_token);

     if(!axutil_strcmp(sp_ns_uri, RP_SP_NS_11))
     {
         rp_security_context_token_set_sc10_security_context_token(security_context_token, env,
             AXIS2_TRUE);
     }
     else
     {
         rp_security_context_token_set_sc10_security_context_token(security_context_token, env,
             AXIS2_FALSE);
     }

     child_node = axiom_node_get_first_element(node, env);
     if(!child_node)
     {
         return NULL;
     }

     children_iter = axiom_element_get_children(element, env, node);
     if(children_iter)
     {
         while(axiom_children_iterator_has_next(children_iter, env))
         {
             child_node = axiom_children_iterator_next(children_iter, env);
             if(child_node)
             {
                 if(axiom_node_get_node_type(child_node, env) == AXIOM_ELEMENT)
                 {
                     child_element = (axiom_element_t *)axiom_node_get_data_element(child_node, env);
                     if(child_element)
                     {
                         axis2_char_t *localname = NULL;
                         localname = axiom_element_get_localname(child_element, env);
                         if(axutil_strcmp(localname, RP_ISSUER) == 0)
                         {
                             axis2_char_t *ns = NULL;
                             axutil_qname_t *node_qname = NULL;

                             node_qname = axiom_element_get_qname(child_element, env, child_node);
                             if(!node_qname)
                             {
                                 AXIS2_LOG_ERROR(env->log, AXIS2_LOG_SI,
                                     "[neethi] Cannot get qname from element %s.", localname);
                                 return NULL;
                             }

                             ns = axutil_qname_get_uri(node_qname, env);
                             if(!ns)
                             {
                                 AXIS2_LOG_ERROR(env->log, AXIS2_LOG_SI,
                                     "[neethi] Cannot get namespace from element %s.", localname);
                                 return NULL;
                             }
                             if(!(axutil_strcmp(ns, RP_SP_NS_11) && axutil_strcmp(ns, RP_SP_NS_12)))
                             {
                                 axis2_char_t *issuer = NULL;
                                 issuer = axiom_element_get_text(child_element, env, child_node);
                                 rp_security_context_token_set_issuer(security_context_token, env,
                                     issuer);
                             }
                             else
                             {
                                 AXIS2_LOG_ERROR(env->log, AXIS2_LOG_SI,
                                     "[neethi] Unknown Assertion %s with namespace %s", localname,
                                     ns);
                                 return NULL;
                             }
                         }
                         else
                         {
                             policy = neethi_engine_get_policy(env, child_node, child_element);
                             if(!policy)
                             {
                                 return NULL;
                             }
                             normalized_policy = neethi_engine_get_normalize(env, AXIS2_FALSE,
                                 policy);
                             neethi_policy_free(policy, env);
                             policy = NULL;
                             alternatives = neethi_policy_get_alternatives(normalized_policy, env);
                             component = (neethi_operator_t *)axutil_array_list_get(alternatives,
                                 env, 0);
                             all = (neethi_all_t *)neethi_operator_get_value(component, env);
                             security_context_token_process_alternatives(env, all,
                                 security_context_token);

                             assertion = neethi_assertion_create_with_args(env,
                                 (AXIS2_FREE_VOID_ARG)rp_security_context_token_free,
                                 security_context_token, ASSERTION_TYPE_SECURITY_CONTEXT_TOKEN);

                             neethi_policy_free(normalized_policy, env);
                             normalized_policy = NULL;
                         }
                     }
                 }
             }
         }
     }
     return assertion;
 }

 axis2_status_t AXIS2_CALL
 security_context_token_process_alternatives(
     const axutil_env_t *env,
     neethi_all_t *all,
     rp_security_context_token_t * security_context_token)
 {
     neethi_operator_t *operator = NULL;
     axutil_array_list_t *arraylist = NULL;
     neethi_assertion_t *assertion = NULL;
     neethi_assertion_type_t type;

     int i = 0;

     arraylist = neethi_all_get_policy_components(all, env);

     for(i = 0; i < axutil_array_list_size(arraylist, env); i++)
     {
         operator = (neethi_operator_t *)axutil_array_list_get(arraylist, env, i);
         assertion = (neethi_assertion_t *)neethi_operator_get_value(operator, env);
         type = neethi_assertion_get_type(assertion, env);

         if(type == ASSERTION_TYPE_REQUIRE_DERIVED_KEYS_SC10)
         {
             rp_security_context_token_set_derivedkey(security_context_token, env, DERIVEKEY_NEEDED);
             rp_security_context_token_set_derivedkey_version(security_context_token, env,
                 DERIVEKEY_VERSION_SC10);
         }
         else if(type == ASSERTION_TYPE_REQUIRE_DERIVED_KEYS_SC13)
         {
             rp_security_context_token_set_derivedkey(security_context_token, env, DERIVEKEY_NEEDED);
             rp_security_context_token_set_derivedkey_version(security_context_token, env,
                 DERIVEKEY_VERSION_SC13);
         }
         else if(type == ASSERTION_TYPE_REQUIRE_EXTERNAL_URI)
         {
             rp_security_context_token_set_require_external_uri_ref(security_context_token, env,
                 AXIS2_TRUE);
         }
         else if(type == ASSERTION_TYPE_SC10_SECURITY_CONTEXT_TOKEN)
         {
             rp_security_context_token_set_sc10_security_context_token(security_context_token, env,
                 AXIS2_TRUE);
         }
         else if(type == ASSERTION_TYPE_SC13_SECURITY_CONTEXT_TOKEN)
         {
             rp_security_context_token_set_sc10_security_context_token(security_context_token, env,
                 AXIS2_FALSE);
         }
         else if(type == ASSERTION_TYPE_ISSUER)
         {
             axis2_char_t *issuer = NULL;
             issuer = (axis2_char_t *)neethi_assertion_get_value(assertion, env);
             rp_security_context_token_set_issuer(security_context_token, env, issuer);
         }
         else if(type == ASSERTION_TYPE_BOOTSTRAP_POLICY)
         {
             neethi_policy_t *bootstrap_policy = NULL;
             bootstrap_policy = (neethi_policy_t *)neethi_assertion_get_value(assertion, env);
             rp_security_context_token_set_bootstrap_policy(security_context_token, env,
                 bootstrap_policy);
         }
         else
             return AXIS2_FAILURE;
     }
     return AXIS2_SUCCESS;
 }
	/*
	* Licensed to the Apache Software Foundation (ASF) under one or more
	* contributor license agreements. See the NOTICE file distributed with
	* this work for additional information regarding copyright ownership.
	* The ASF licenses this file to You under the Apache License, Version 2.0
	* (the "License"); you may not use this file except in compliance with
	* the License. You may obtain a copy of the License at
	*
	* http://www.apache.org/licenses/LICENSE-2.0
	*
	* Unless required by applicable law or agreed to in writing, software
	* distributed under the License is distributed on an "AS IS" BASIS,
	* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
	* See the License for the specific language governing permissions and
	* limitations under the License.
	*/

	#include <rp_security_context_token_builder.h>
	#include <neethi_operator.h>
	#include <neethi_policy.h>
	#include <neethi_exactlyone.h>
	#include <neethi_all.h>
	#include <neethi_engine.h>

	/private functions/

	axis2_status_t AXIS2_CALL
	security_context_token_process_alternatives(
	const axutil_env_t *env,
	neethi_all_t *all,
	rp_security_context_token_t * security_context_token);

	/***********************************/

	AXIS2_EXTERN neethi_assertion_t *AXIS2_CALL
	rp_security_context_token_builder_build(
	const axutil_env_t *env,
	axiom_node_t *node,
	axiom_element_t *element,
	axis2_char_t *sp_ns_uri,
	axis2_bool_t is_secure_conversation_token)
	{
	rp_security_context_token_t *security_context_token = NULL;
	neethi_policy_t *policy = NULL;
	axiom_node_t *child_node = NULL;
	axiom_element_t *child_element = NULL;
	axiom_children_iterator_t *children_iter = NULL;
	axutil_array_list_t *alternatives = NULL;
	neethi_operator_t *component = NULL;
	neethi_all_t *all = NULL;
	axis2_char_t *inclusion_value = NULL;
	axutil_qname_t *qname = NULL;
	neethi_assertion_t *assertion = NULL;
	neethi_policy_t *normalized_policy = NULL;

	security_context_token = rp_security_context_token_create(env);
	qname = axutil_qname_create(env, RP_INCLUDE_TOKEN, sp_ns_uri, RP_SP_PREFIX);
	inclusion_value = axiom_element_get_attribute_value(element, env, qname);
	axutil_qname_free(qname, env);
	qname = NULL;

	rp_security_context_token_set_inclusion(security_context_token, env, inclusion_value);
	rp_security_context_token_set_is_secure_conversation_token(security_context_token, env,
	is_secure_conversation_token);

	if(!axutil_strcmp(sp_ns_uri, RP_SP_NS_11))
	{
	rp_security_context_token_set_sc10_security_context_token(security_context_token, env,
	AXIS2_TRUE);
	}
	else
	{
	rp_security_context_token_set_sc10_security_context_token(security_context_token, env,
	AXIS2_FALSE);
	}

	child_node = axiom_node_get_first_element(node, env);
	if(!child_node)
	{
	return NULL;
	}

	children_iter = axiom_element_get_children(element, env, node);
	if(children_iter)
	{
	while(axiom_children_iterator_has_next(children_iter, env))
	{
	child_node = axiom_children_iterator_next(children_iter, env);
	if(child_node)
	{
	if(axiom_node_get_node_type(child_node, env) == AXIOM_ELEMENT)
	{
	child_element = (axiom_element_t *)axiom_node_get_data_element(child_node, env);
	if(child_element)
	{
	axis2_char_t *localname = NULL;
	localname = axiom_element_get_localname(child_element, env);
	if(axutil_strcmp(localname, RP_ISSUER) == 0)
	{
	axis2_char_t *ns = NULL;
	axutil_qname_t *node_qname = NULL;

	node_qname = axiom_element_get_qname(child_element, env, child_node);
	if(!node_qname)
	{
	AXIS2_LOG_ERROR(env->log, AXIS2_LOG_SI,
	"[neethi] Cannot get qname from element %s.", localname);
	return NULL;
	}

	ns = axutil_qname_get_uri(node_qname, env);
	if(!ns)
	{
	AXIS2_LOG_ERROR(env->log, AXIS2_LOG_SI,
	"[neethi] Cannot get namespace from element %s.", localname);
	return NULL;
	}
	if(!(axutil_strcmp(ns, RP_SP_NS_11) && axutil_strcmp(ns, RP_SP_NS_12)))
	{
	axis2_char_t *issuer = NULL;
	issuer = axiom_element_get_text(child_element, env, child_node);
	rp_security_context_token_set_issuer(security_context_token, env,
	issuer);
	}
	else
	{
	AXIS2_LOG_ERROR(env->log, AXIS2_LOG_SI,
	"[neethi] Unknown Assertion %s with namespace %s", localname,
	ns);
	return NULL;
	}
	}
	else
	{
	policy = neethi_engine_get_policy(env, child_node, child_element);
	if(!policy)
	{
	return NULL;
	}
	normalized_policy = neethi_engine_get_normalize(env, AXIS2_FALSE,
	policy);
	neethi_policy_free(policy, env);
	policy = NULL;
	alternatives = neethi_policy_get_alternatives(normalized_policy, env);
	component = (neethi_operator_t *)axutil_array_list_get(alternatives,
	env, 0);
	all = (neethi_all_t *)neethi_operator_get_value(component, env);
	security_context_token_process_alternatives(env, all,
	security_context_token);

	assertion = neethi_assertion_create_with_args(env,
	(AXIS2_FREE_VOID_ARG)rp_security_context_token_free,
	security_context_token, ASSERTION_TYPE_SECURITY_CONTEXT_TOKEN);

	neethi_policy_free(normalized_policy, env);
	normalized_policy = NULL;
	}
	}
	}
	}
	}
	}
	return assertion;
	}

	axis2_status_t AXIS2_CALL
	security_context_token_process_alternatives(
	const axutil_env_t *env,
	neethi_all_t *all,
	rp_security_context_token_t * security_context_token)
	{
	neethi_operator_t *operator = NULL;
	axutil_array_list_t *arraylist = NULL;
	neethi_assertion_t *assertion = NULL;
	neethi_assertion_type_t type;

	int i = 0;

	arraylist = neethi_all_get_policy_components(all, env);

	for(i = 0; i < axutil_array_list_size(arraylist, env); i++)
	{
	operator = (neethi_operator_t *)axutil_array_list_get(arraylist, env, i);
	assertion = (neethi_assertion_t *)neethi_operator_get_value(operator, env);
	type = neethi_assertion_get_type(assertion, env);

	if(type == ASSERTION_TYPE_REQUIRE_DERIVED_KEYS_SC10)
	{
	rp_security_context_token_set_derivedkey(security_context_token, env, DERIVEKEY_NEEDED);
	rp_security_context_token_set_derivedkey_version(security_context_token, env,
	DERIVEKEY_VERSION_SC10);
	}
	else if(type == ASSERTION_TYPE_REQUIRE_DERIVED_KEYS_SC13)
	{
	rp_security_context_token_set_derivedkey(security_context_token, env, DERIVEKEY_NEEDED);
	rp_security_context_token_set_derivedkey_version(security_context_token, env,
	DERIVEKEY_VERSION_SC13);
	}
	else if(type == ASSERTION_TYPE_REQUIRE_EXTERNAL_URI)
	{
	rp_security_context_token_set_require_external_uri_ref(security_context_token, env,
	AXIS2_TRUE);
	}
	else if(type == ASSERTION_TYPE_SC10_SECURITY_CONTEXT_TOKEN)
	{
	rp_security_context_token_set_sc10_security_context_token(security_context_token, env,
	AXIS2_TRUE);
	}
	else if(type == ASSERTION_TYPE_SC13_SECURITY_CONTEXT_TOKEN)
	{
	rp_security_context_token_set_sc10_security_context_token(security_context_token, env,
	AXIS2_FALSE);
	}
	else if(type == ASSERTION_TYPE_ISSUER)
	{
	axis2_char_t *issuer = NULL;
	issuer = (axis2_char_t *)neethi_assertion_get_value(assertion, env);
	rp_security_context_token_set_issuer(security_context_token, env, issuer);
	}
	else if(type == ASSERTION_TYPE_BOOTSTRAP_POLICY)
	{
	neethi_policy_t *bootstrap_policy = NULL;
	bootstrap_policy = (neethi_policy_t *)neethi_assertion_get_value(assertion, env);
	rp_security_context_token_set_bootstrap_policy(security_context_token, env,
	bootstrap_policy);
	}
	else
	return AXIS2_FAILURE;
	}
	return AXIS2_SUCCESS;
	}