| /* |
| * Licensed to the Apache Software Foundation (ASF) under one or more |
| * contributor license agreements. See the NOTICE file distributed with |
| * this work for additional information regarding copyright ownership. |
| * The ASF licenses this file to You under the Apache License, Version 2.0 |
| * (the "License"); you may not use this file except in compliance with |
| * the License. You may obtain a copy of the License at |
| * |
| * http://www.apache.org/licenses/LICENSE-2.0 |
| * |
| * Unless required by applicable law or agreed to in writing, software |
| * distributed under the License is distributed on an "AS IS" BASIS, |
| * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
| * See the License for the specific language governing permissions and |
| * limitations under the License. |
| */ |
| |
| #ifndef RAMPART_SCT_PROVIDER_UTILITY_H |
| #define RAMPART_SCT_PROVIDER_UTILITY_H |
| |
| /** |
| * @file rampart_sct_provider_utility.h |
| * @brief Utility methods using Security context token provider module |
| */ |
| |
| /** |
| * @defgroup sct_provider Security Context Token provider |
| * @ingroup rampart_utils |
| * @{ |
| */ |
| |
| #include <axis2_defines.h> |
| #include <axutil_env.h> |
| #include <axis2_msg_ctx.h> |
| #include <axis2_conf_ctx.h> |
| #include <rampart_context.h> |
| #include <secconv_security_context_token.h> |
| #include <axutil_hash.h> |
| |
| #ifdef __cplusplus |
| extern "C" |
| { |
| #endif |
| |
| /** |
| * Finds security context token and gets shared secret. |
| * returned buffer should NOT be cleared by the caller |
| * @param env Pointer to environment struct |
| * @param token rampart policy property of the token |
| * @param is_encryption boolean showing whether the token is needed for encryption or signature |
| * @param rampart_context pointer to rampart context structure |
| * @param msg_ctx pointer to message context structure |
| * @returns shared secret of the security context token. returned buffer should NOT be freed |
| */ |
| AXIS2_EXTERN oxs_buffer_t *AXIS2_CALL |
| sct_provider_get_secret( |
| const axutil_env_t* env, |
| rp_property_t *token, |
| axis2_bool_t is_encryption, |
| rampart_context_t* rampart_context, |
| axis2_msg_ctx_t* msg_ctx); |
| |
| /** |
| * Finds security context token and gets shared secret. |
| * returned buffer should NOT be cleared by the caller |
| * @param env Pointer to environment struct |
| * @param sct_id id of security context token |
| * @param rampart_context pointer to rampart context structure |
| * @param msg_ctx pointer to message context structure |
| * @returns shared secret of the security context token. returned buffer should NOT be freed |
| */ |
| AXIS2_EXTERN oxs_buffer_t *AXIS2_CALL |
| sct_provider_get_secret_using_id( |
| const axutil_env_t* env, |
| axis2_char_t* sct_id, |
| rampart_context_t* rampart_context, |
| axis2_msg_ctx_t* msg_ctx); |
| |
| /** |
| * Finds security context token and gets the xml representation of token |
| * @param env Pointer to environment struct |
| * @param token rampart policy property of the token |
| * @param is_encryption boolean showing whether the token is needed for encryption or signature |
| * @param rampart_context pointer to rampart context structure |
| * @param msg_ctx pointer to message context structure |
| * @returns shared secret of the security context token. returned buffer should NOT be freed |
| */ |
| AXIS2_EXTERN axiom_node_t *AXIS2_CALL |
| sct_provider_get_token( |
| const axutil_env_t* env, |
| rp_property_t *token, |
| axis2_bool_t is_encryption, |
| rampart_context_t* rampart_context, |
| axis2_msg_ctx_t* msg_ctx); |
| |
| /** |
| * Finds security context token and gets the xml representation of key reference. This reference |
| * is used when security context token is included in the message |
| * @param env Pointer to environment struct |
| * @param token rampart policy property of the token |
| * @param is_encryption boolean showing whether the token is needed for encryption or signature |
| * @param rampart_context pointer to rampart context structure |
| * @param msg_ctx pointer to message context structure |
| * @returns shared secret of the security context token. returned buffer should NOT be freed |
| */ |
| AXIS2_EXTERN axiom_node_t* AXIS2_CALL |
| sct_provider_get_attached_reference( |
| const axutil_env_t* env, |
| rp_property_t *token, |
| axis2_bool_t is_encryption, |
| rampart_context_t* rampart_context, |
| axis2_msg_ctx_t* msg_ctx); |
| |
| /** |
| * Finds security context token and gets the xml representation of key reference. This reference |
| * is used when security context token is NOT included in the message |
| * @param env Pointer to environment struct |
| * @param token rampart policy property of the token |
| * @param is_encryption boolean showing whether the token is needed for encryption or signature |
| * @param rampart_context pointer to rampart context structure |
| * @param msg_ctx pointer to message context structure |
| * @returns shared secret of the security context token. returned buffer should NOT be freed |
| */ |
| AXIS2_EXTERN axiom_node_t* AXIS2_CALL |
| sct_provider_get_unattached_reference( |
| const axutil_env_t* env, |
| rp_property_t *token, |
| axis2_bool_t is_encryption, |
| rampart_context_t* rampart_context, |
| axis2_msg_ctx_t* msg_ctx); |
| |
| /** |
| * Validates whether security context token is valid or not. Normally, we can directly send |
| * true as response. But if syntax of security context token is altered/added by using |
| * extensible mechanism (e.g having sessions, etc.) then user can implement this method. |
| * Axiom representation of the sct will be given as the parameter, because if sct is extended, |
| * we don't know the syntax. Method writer can implement whatever needed. |
| * @param env Pointer to environment struct |
| * @param sct_node axiom node representation of security context token. |
| * @param rampart_context pointer to rampart context structure |
| * @param msg_ctx pointer to message context structure |
| * @returns AXIS2_TRUE is sct is valid. AXIS2_FALSE otherwise. |
| */ |
| AXIS2_EXTERN axis2_status_t AXIS2_CALL |
| sct_provider_validate_security_context_token( |
| const axutil_env_t *env, |
| axiom_node_t *sct_node, |
| rampart_context_t *rampart_context, |
| axis2_msg_ctx_t *msg_ctx); |
| |
| /** |
| * Default implementation of obtain sct function. If neither sct_provider nor user defined |
| * obtain function is given, this function will be used. (obtain_security_context_token_fn) |
| * @param env pointer to environment struct |
| * @param is_encryption boolean denotes sct is needed for encryption or signature |
| * @param msg_ctx pointer to message context structure |
| * @param sct_id identifier of security context token. Can be NULL |
| * @param sct_id_type type of sct id. can be global, local or unknown |
| * @param user_params parameter provided by user (not used in this method) |
| * return security context token if found. NULL otherwise. |
| */ |
| AXIS2_EXTERN void* AXIS2_CALL |
| sct_provider_obtain_sct_default( |
| const axutil_env_t *env, |
| axis2_bool_t is_encryption, |
| axis2_msg_ctx_t* msg_ctx, |
| axis2_char_t *sct_id, |
| int sct_id_type, |
| void* user_params); |
| |
| /** |
| * Default implementation of store sct function. If neither sct_provider nor user defined |
| * store function is given, this function will be used. (store_security_context_token_fn) |
| * @param env pointer to environment struct |
| * @param msg_ctx pointer to message context structure |
| * @param sct_global_id global identifier of security context token. Can be NULL |
| * @param sct_local_id local identifier of security context token. Can be NULL |
| * @param sct security context token to be stored |
| * @param user_params parameter provided by user (not used in this method) |
| * return AXIS2_SUCCESS if stored. AXIS2_FAILURE otherwise. |
| */ |
| AXIS2_EXTERN axis2_status_t AXIS2_CALL |
| sct_provider_store_sct_default( |
| const axutil_env_t *env, |
| axis2_msg_ctx_t* msg_ctx, |
| axis2_char_t *sct_global_id, |
| axis2_char_t *sct_local_id, |
| void *sct, |
| void *user_params); |
| |
| /** |
| * Default implementation of delete sct function. If neither sct_provider nor user defined |
| * store function is given, this function will be used. (delete_security_context_token_fn) |
| * @param env pointer to environment struct |
| * @param msg_ctx pointer to message context structure |
| * @param sct_id identifier of security context token. Should not be NULL. |
| * @param sct_id_type type of sct id. can be global or local. |
| * @param user_params parameter provided by user (not used in this method) |
| * @return AXIS2_SUCCESS if deleted. AXIS2_FAILURE otherwise. |
| */ |
| AXIS2_EXTERN axis2_status_t AXIS2_CALL |
| sct_provider_delete_sct_default( |
| const axutil_env_t *env, |
| axis2_msg_ctx_t* msg_ctx, |
| axis2_char_t *sct_id, |
| int sct_id_type, |
| void* user_params); |
| |
| /** |
| * Default implementation of validate sct function. If neither sct_provider nor user defined |
| * store function is given, this function will be used. (validate_security_context_token_fn) |
| * @param env pointer to environment struct |
| * @param sct_node axiom representation of security context token |
| * @param user_params parameter provided by user (not used in this method) |
| * @return AXIS2_SUCCESS if valid. AXIS2_FAILURE otherwise. |
| */ |
| AXIS2_EXTERN axis2_status_t AXIS2_CALL |
| sct_provider_validate_sct_default( |
| const axutil_env_t *env, |
| axiom_node_t *sct_node, |
| axis2_msg_ctx_t *msg_ctx, |
| void *user_params); |
| |
| |
| /** @} */ |
| #ifdef __cplusplus |
| } |
| #endif |
| |
| #endif /* RAMPART_SCT_PROVIDER_UTILITY_H */ |
| |
| |
