| <?xml version="1.0" encoding="UTF-8"?><!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xmlns="http://www.w3.org/1999/xhtml" lang="en"><head><meta http-equiv="Content-Type" content="text/html;charset=UTF-8"/><link rel="stylesheet" href="../.resources/report.css" type="text/css"/><link rel="shortcut icon" href="../.resources/report.gif" type="image/gif"/><title>Token.java</title><link rel="stylesheet" href="../.resources/prettify.css" type="text/css"/><script type="text/javascript" src="../.resources/prettify.js"></script></head><body onload="window['PR_TAB_WIDTH']=4;prettyPrint()"><div class="breadcrumb" id="breadcrumb"><span class="right"><a href="../.sessions.html" class="el_session">Sessions</a></span><a href="../index.html" class="el_report">Coverage Report</a> > <a href="index.html" class="el_package">org.apache.rahas</a> > <span class="el_source">Token.java</span></div><h1>Token.java</h1><pre class="source lang-java linenums">/* |
| * Copyright 2004,2005 The Apache Software Foundation. |
| * |
| * Licensed under the Apache License, Version 2.0 (the "License"); |
| * you may not use this file except in compliance with the License. |
| * You may obtain a copy of the License at |
| * |
| * http://www.apache.org/licenses/LICENSE-2.0 |
| * |
| * Unless required by applicable law or agreed to in writing, software |
| * distributed under the License is distributed on an "AS IS" BASIS, |
| * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
| * See the License for the specific language governing permissions and |
| * limitations under the License. |
| */ |
| |
| package org.apache.rahas; |
| |
| import org.apache.axiom.om.OMElement; |
| import org.apache.axiom.om.OMException; |
| import org.apache.axiom.om.OMFactory; |
| import org.apache.axiom.om.impl.builder.StAXOMBuilder; |
| import org.apache.axiom.om.impl.dom.DOOMAbstractFactory; |
| import org.apache.commons.logging.Log; |
| import org.apache.commons.logging.LogFactory; |
| import org.apache.ws.security.WSConstants; |
| import org.apache.ws.security.util.XmlSchemaDateFormat; |
| |
| import javax.xml.namespace.QName; |
| import javax.xml.stream.XMLInputFactory; |
| import javax.xml.stream.XMLStreamException; |
| import javax.xml.stream.XMLStreamReader; |
| |
| import java.io.ByteArrayInputStream; |
| import java.io.Externalizable; |
| import java.io.IOException; |
| import java.io.InputStream; |
| import java.io.ObjectInput; |
| import java.io.ObjectOutput; |
| import java.io.Reader; |
| import java.io.StringReader; |
| import java.io.UnsupportedEncodingException; |
| import java.text.DateFormat; |
| import java.text.ParseException; |
| import java.util.Date; |
| import java.util.Properties; |
| |
| /** |
| * This represents a security token which can have either one of 4 states. <ul> <li>ISSUED</li> <li>EXPIRED</li> |
| * <li>CACELLED</li> <li>RENEWED</li> </ul> Also this holds the <code>OMElement</code>s representing the token in its |
| * present state and the previous state. |
| * <p/> |
| * These tokens are stored using the storage mechanism provided via the <code>TokenStorage</code> interface. |
| * |
| * @see org.apache.rahas.TokenStorage |
| */ |
| public class Token implements Externalizable { |
| |
| <span class="fc" id="L59"> private static Log log = LogFactory.getLog(Token.class);</span> |
| |
| public final static int ISSUED = 1; |
| |
| public final static int EXPIRED = 2; |
| |
| public final static int CANCELLED = 3; |
| |
| public final static int RENEWED = 4; |
| |
| /** |
| * Token identifier |
| */ |
| private String id; |
| |
| /** |
| * Current state of the token |
| */ |
| <span class="fc" id="L77"> private int state = -1;</span> |
| |
| /** |
| * The actual token in its current state |
| */ |
| private OMElement token; |
| |
| /** |
| * The token in its previous state |
| */ |
| private OMElement previousToken; |
| |
| /** |
| * The RequestedAttachedReference element NOTE : The oasis-200401-wss-soap-message-security-1.0 spec allows an |
| * extensibility mechanism for wsse:SecurityTokenReference and wsse:Reference. Hence we cannot limit to the |
| * wsse:SecurityTokenReference\wsse:Reference case and only hold the URI and the ValueType values. |
| */ |
| private OMElement attachedReference; |
| |
| /** |
| * The RequestedUnattachedReference element NOTE : The oasis-200401-wss-soap-message-security-1.0 spec allows an |
| * extensibility mechanism for wsse:SecurityTokenRefence and wsse:Reference. Hence we cannot limit to the |
| * wsse:SecurityTokenReference\wsse:Reference case and only hold the URI and the ValueType values. |
| */ |
| private OMElement unattachedReference; |
| |
| /** |
| * A bag to hold any other properties |
| */ |
| private Properties properties; |
| |
| /** |
| * A flag to assist the TokenStorage |
| */ |
| private boolean changed; |
| |
| /** |
| * The secret associated with the Token |
| */ |
| private byte[] secret; |
| |
| /** |
| * Created time |
| */ |
| private Date created; |
| |
| /** |
| * Expiration time |
| */ |
| private Date expires; |
| |
| /** |
| * Issuer end point address |
| */ |
| private String issuerAddress; |
| |
| private String encrKeySha1Value; |
| |
| <span class="fc" id="L135"> public Token() {</span> |
| <span class="fc" id="L136"> }</span> |
| |
| <span class="fc" id="L138"> public Token(String id, Date created, Date expires) {</span> |
| <span class="fc" id="L139"> this.id = id;</span> |
| <span class="fc" id="L140"> this.created = created;</span> |
| <span class="fc" id="L141"> this.expires = expires;</span> |
| <span class="fc" id="L142"> }</span> |
| |
| public Token(String id, OMElement tokenElem, Date created, Date expires) |
| <span class="fc" id="L145"> throws TrustException {</span> |
| <span class="fc" id="L146"> this.id = id;</span> |
| <span class="fc" id="L147"> StAXOMBuilder stAXOMBuilder =</span> |
| new StAXOMBuilder(DOOMAbstractFactory.getOMFactory(), tokenElem.getXMLStreamReader()); |
| <span class="fc" id="L149"> stAXOMBuilder.setNamespaceURIInterning(true);</span> |
| <span class="fc" id="L150"> this.token = stAXOMBuilder.getDocumentElement();</span> |
| <span class="fc" id="L151"> this.created = created;</span> |
| <span class="fc" id="L152"> this.expires = expires;</span> |
| <span class="fc" id="L153"> }</span> |
| |
| public Token(String id, OMElement tokenElem, OMElement lifetimeElem) |
| <span class="fc" id="L156"> throws TrustException {</span> |
| <span class="fc" id="L157"> this.id = id;</span> |
| <span class="fc" id="L158"> StAXOMBuilder stAXOMBuilder =</span> |
| new StAXOMBuilder(DOOMAbstractFactory.getOMFactory(), tokenElem.getXMLStreamReader()); |
| <span class="fc" id="L160"> stAXOMBuilder.setNamespaceURIInterning(true);</span> |
| <span class="fc" id="L161"> this.token = stAXOMBuilder.getDocumentElement();</span> |
| <span class="fc" id="L162"> this.processLifeTime(lifetimeElem);</span> |
| <span class="fc" id="L163"> }</span> |
| |
| /** |
| * @param lifetimeElem |
| * @throws TrustException |
| */ |
| private void processLifeTime(OMElement lifetimeElem) |
| throws TrustException { |
| try { |
| <span class="fc" id="L172"> DateFormat zulu = new XmlSchemaDateFormat();</span> |
| <span class="fc" id="L173"> OMElement createdElem =</span> |
| lifetimeElem.getFirstChildWithName(new QName(WSConstants.WSU_NS, WSConstants.CREATED_LN)); |
| <span class="fc" id="L175"> this.created = zulu.parse(createdElem.getText());</span> |
| |
| <span class="fc" id="L177"> OMElement expiresElem =</span> |
| lifetimeElem.getFirstChildWithName(new QName(WSConstants.WSU_NS, WSConstants.EXPIRES_LN)); |
| <span class="fc" id="L179"> this.expires = zulu.parse(expiresElem.getText());</span> |
| <span class="nc" id="L180"> } catch (OMException e) {</span> |
| <span class="nc" id="L181"> throw new TrustException("lifeTimeProcessingError", new String[]{lifetimeElem.toString()}, e);</span> |
| <span class="nc" id="L182"> } catch (ParseException e) {</span> |
| <span class="nc" id="L183"> throw new TrustException("lifeTimeProcessingError", new String[]{lifetimeElem.toString()}, e);</span> |
| <span class="fc" id="L184"> }</span> |
| <span class="fc" id="L185"> }</span> |
| |
| /** |
| * @return Returns the changed. |
| */ |
| public boolean isChanged() { |
| <span class="nc" id="L191"> return changed;</span> |
| } |
| |
| /** |
| * @param chnaged The changed to set. |
| */ |
| public void setChanged(boolean chnaged) { |
| <span class="nc" id="L198"> this.changed = chnaged;</span> |
| <span class="nc" id="L199"> }</span> |
| |
| /** |
| * @return Returns the properties. |
| */ |
| public Properties getProperties() { |
| <span class="nc" id="L205"> return properties;</span> |
| } |
| |
| /** |
| * @param properties The properties to set. |
| */ |
| public void setProperties(Properties properties) { |
| <span class="nc" id="L212"> this.properties = properties;</span> |
| <span class="nc" id="L213"> }</span> |
| |
| /** |
| * @return Returns the state. |
| */ |
| public int getState() { |
| <span class="fc" id="L219"> return state;</span> |
| } |
| |
| /** |
| * @param state The state to set. |
| */ |
| public void setState(int state) { |
| <span class="fc" id="L226"> this.state = state;</span> |
| <span class="fc" id="L227"> }</span> |
| |
| /** |
| * @return Returns the token. |
| */ |
| public OMElement getToken() { |
| <span class="fc" id="L233"> return token;</span> |
| } |
| |
| /** |
| * @param token The token to set. |
| */ |
| public void setToken(OMElement token) { |
| <span class="nc" id="L240"> this.token = token;</span> |
| <span class="nc" id="L241"> }</span> |
| |
| /** |
| * @return Returns the id. |
| */ |
| public String getId() { |
| <span class="fc" id="L247"> return id;</span> |
| } |
| |
| /** |
| * @return Returns the presivousToken. |
| */ |
| public OMElement getPreviousToken() { |
| <span class="nc" id="L254"> return previousToken;</span> |
| } |
| |
| /** |
| * @param presivousToken The presivousToken to set. |
| */ |
| public void setPreviousToken(OMElement presivousToken) { |
| <span class="fc" id="L261"> this.previousToken = new StAXOMBuilder(DOOMAbstractFactory.getOMFactory(), presivousToken.getXMLStreamReader())</span> |
| .getDocumentElement(); |
| <span class="fc" id="L263"> }</span> |
| |
| /** |
| * @return Returns the secret. |
| */ |
| public byte[] getSecret() { |
| <span class="fc" id="L269"> return secret;</span> |
| } |
| |
| /** |
| * @param secret The secret to set. |
| */ |
| public void setSecret(byte[] secret) { |
| <span class="fc" id="L276"> this.secret = secret;</span> |
| <span class="fc" id="L277"> }</span> |
| |
| /** |
| * @return Returns the attachedReference. |
| */ |
| public OMElement getAttachedReference() { |
| <span class="fc" id="L283"> return attachedReference;</span> |
| } |
| |
| /** |
| * @param attachedReference The attachedReference to set. |
| */ |
| public void setAttachedReference(OMElement attachedReference) { |
| <span class="pc bpc" id="L290" title="1 of 2 branches missed."> if (attachedReference != null) {</span> |
| <span class="fc" id="L291"> this.attachedReference =</span> |
| new StAXOMBuilder(DOOMAbstractFactory.getOMFactory(), attachedReference.getXMLStreamReader()) |
| .getDocumentElement(); |
| } |
| <span class="fc" id="L295"> }</span> |
| |
| /** |
| * @return Returns the unattachedReference. |
| */ |
| public OMElement getUnattachedReference() { |
| <span class="fc" id="L301"> return unattachedReference;</span> |
| } |
| |
| /** |
| * @param unattachedReference The unattachedReference to set. |
| */ |
| public void setUnattachedReference(OMElement unattachedReference) { |
| <span class="pc bpc" id="L308" title="1 of 2 branches missed."> if (unattachedReference != null) {</span> |
| <span class="fc" id="L309"> this.unattachedReference =</span> |
| new StAXOMBuilder(DOOMAbstractFactory.getOMFactory(), unattachedReference.getXMLStreamReader()) |
| .getDocumentElement(); |
| } |
| <span class="fc" id="L313"> }</span> |
| |
| /** |
| * @return Returns the created. |
| */ |
| public Date getCreated() { |
| <span class="fc" id="L319"> return created;</span> |
| } |
| |
| /** |
| * @return Returns the expires. |
| */ |
| public Date getExpires() { |
| <span class="fc" id="L326"> return expires;</span> |
| } |
| |
| /** |
| * @param expires The expires to set. |
| */ |
| public void setExpires(Date expires) { |
| <span class="nc" id="L333"> this.expires = expires;</span> |
| <span class="nc" id="L334"> }</span> |
| |
| public String getIssuerAddress() { |
| <span class="nc" id="L337"> return issuerAddress;</span> |
| } |
| |
| public void setIssuerAddress(String issuerAddress) { |
| <span class="fc" id="L341"> this.issuerAddress = issuerAddress;</span> |
| <span class="fc" id="L342"> }</span> |
| |
| /** |
| * Implementing serialize logic according to our own protocol. We had to follow this, because |
| * OMElement class is not serializable. Making OMElement serializable will have an huge impact |
| * on other components. Therefore implementing serialization logic according to a manual |
| * protocol. |
| * @param out Stream which writes serialized bytes. |
| * @throws IOException If unable to serialize particular member. |
| */ |
| public void writeExternal(ObjectOutput out) |
| throws IOException { |
| |
| <span class="fc" id="L355"> out.writeObject(this.id);</span> |
| |
| <span class="fc" id="L357"> out.writeInt(this.state);</span> |
| |
| <span class="fc" id="L359"> String stringElement = convertOMElementToString(this.token);</span> |
| <span class="fc" id="L360"> out.writeObject(stringElement);</span> |
| |
| <span class="fc" id="L362"> stringElement = convertOMElementToString(this.previousToken);</span> |
| <span class="fc" id="L363"> out.writeObject(stringElement);</span> |
| |
| <span class="fc" id="L365"> stringElement = convertOMElementToString(this.attachedReference);</span> |
| <span class="fc" id="L366"> out.writeObject(stringElement);</span> |
| |
| <span class="fc" id="L368"> stringElement = convertOMElementToString(this.unattachedReference);</span> |
| <span class="fc" id="L369"> out.writeObject(stringElement);</span> |
| |
| <span class="fc" id="L371"> out.writeObject(this.properties);</span> |
| |
| <span class="fc" id="L373"> out.writeBoolean(this.changed);</span> |
| |
| <span class="fc" id="L375"> int secretLength = 0;</span> |
| <span class="pc bpc" id="L376" title="1 of 2 branches missed."> if (null != this.secret) {</span> |
| <span class="nc" id="L377"> secretLength = this.secret.length;</span> |
| } |
| |
| // First write the length of secret |
| <span class="fc" id="L381"> out.writeInt(secretLength);</span> |
| <span class="pc bpc" id="L382" title="1 of 2 branches missed."> if (0 != secretLength) {</span> |
| <span class="nc" id="L383"> out.write(this.secret);</span> |
| } |
| |
| <span class="fc" id="L386"> out.writeObject(this.created);</span> |
| |
| <span class="fc" id="L388"> out.writeObject(this.expires);</span> |
| |
| <span class="fc" id="L390"> out.writeObject(this.issuerAddress);</span> |
| |
| <span class="fc" id="L392"> out.writeObject(this.encrKeySha1Value);</span> |
| <span class="fc" id="L393"> }</span> |
| |
| /** |
| * Implementing de-serialization logic in accordance with the serialization logic. |
| * @param in Stream which used to read data. |
| * @throws IOException If unable to de-serialize particular data member. |
| * @throws ClassNotFoundException |
| */ |
| public void readExternal(ObjectInput in) |
| throws IOException, ClassNotFoundException { |
| |
| <span class="fc" id="L404"> this.id = (String)in.readObject();</span> |
| |
| <span class="fc" id="L406"> this.state = in.readInt();</span> |
| |
| <span class="fc" id="L408"> String stringElement = (String)in.readObject();</span> |
| <span class="fc" id="L409"> this.token = convertStringToOMElement(stringElement);</span> |
| |
| <span class="fc" id="L411"> stringElement = (String)in.readObject();</span> |
| <span class="fc" id="L412"> this.previousToken = convertStringToOMElement(stringElement);</span> |
| |
| <span class="fc" id="L414"> stringElement = (String)in.readObject();</span> |
| <span class="fc" id="L415"> this.attachedReference = convertStringToOMElement(stringElement);</span> |
| |
| <span class="fc" id="L417"> stringElement = (String)in.readObject();</span> |
| <span class="fc" id="L418"> this.unattachedReference = convertStringToOMElement(stringElement);</span> |
| |
| <span class="fc" id="L420"> this.properties = (Properties)in.readObject();</span> |
| |
| <span class="fc" id="L422"> this.changed = in.readBoolean();</span> |
| |
| // Read the length of the secret |
| <span class="fc" id="L425"> int secretLength = in.readInt();</span> |
| |
| <span class="pc bpc" id="L427" title="1 of 2 branches missed."> if (0 != secretLength) {</span> |
| <span class="nc" id="L428"> byte[] buffer = new byte[secretLength];</span> |
| <span class="nc bnc" id="L429" title="All 2 branches missed."> if (secretLength != in.read(buffer)) {</span> |
| <span class="nc" id="L430"> throw new IllegalStateException("Bytes read from the secret key is not equal to serialized length");</span> |
| } |
| <span class="nc" id="L432"> this.secret = buffer;</span> |
| <span class="nc" id="L433"> }else{</span> |
| <span class="fc" id="L434"> this.secret = null;</span> |
| } |
| |
| <span class="fc" id="L437"> this.created = (Date)in.readObject();</span> |
| |
| <span class="fc" id="L439"> this.expires = (Date)in.readObject();</span> |
| |
| <span class="fc" id="L441"> this.issuerAddress = (String)in.readObject();</span> |
| |
| <span class="fc" id="L443"> this.encrKeySha1Value = (String)in.readObject();</span> |
| <span class="fc" id="L444"> }</span> |
| |
| private String convertOMElementToString(OMElement element) |
| throws IOException { |
| <span class="fc" id="L448"> String serializedToken = "";</span> |
| |
| <span class="fc bfc" id="L450" title="All 2 branches covered."> if (null == element) {</span> |
| <span class="fc" id="L451"> return serializedToken;</span> |
| } |
| |
| try { |
| <span class="fc" id="L455"> serializedToken = element.toStringWithConsume();</span> |
| <span class="nc" id="L456"> } catch (XMLStreamException e) {</span> |
| <span class="nc" id="L457"> throw new IOException("Could not serialize token OM element");</span> |
| <span class="fc" id="L458"> }</span> |
| |
| <span class="fc" id="L460"> return serializedToken;</span> |
| } |
| |
| private OMElement convertStringToOMElement(String stringElement) |
| throws IOException { |
| |
| <span class="pc bpc" id="L466" title="1 of 4 branches missed."> if (null == stringElement || stringElement.trim().equals("")) {</span> |
| <span class="fc" id="L467"> return null;</span> |
| } |
| |
| try { |
| <span class="fc" id="L471"> Reader in = new StringReader(stringElement);</span> |
| <span class="fc" id="L472"> XMLStreamReader parser = XMLInputFactory.newInstance().createXMLStreamReader(in);</span> |
| <span class="fc" id="L473"> StAXOMBuilder builder = new StAXOMBuilder(parser);</span> |
| <span class="fc" id="L474"> OMElement documentElement = builder.getDocumentElement();</span> |
| |
| <span class="fc" id="L476"> XMLStreamReader llomReader = documentElement.getXMLStreamReader();</span> |
| <span class="fc" id="L477"> OMFactory doomFactory = DOOMAbstractFactory.getOMFactory();</span> |
| <span class="fc" id="L478"> StAXOMBuilder doomBuilder = new StAXOMBuilder(doomFactory, llomReader);</span> |
| <span class="fc" id="L479"> return doomBuilder.getDocumentElement();</span> |
| |
| <span class="nc" id="L481"> } catch (XMLStreamException e) {</span> |
| <span class="nc" id="L482"> log.error("Cannot convert de-serialized string to OMElement. Could not create XML stream.", e);</span> |
| // IOException only has a constructor supporting exception chaining starting with Java 1.6 |
| <span class="nc" id="L484"> IOException ex = new IOException("Cannot convert de-serialized string to OMElement. Could not create XML stream.");</span> |
| <span class="nc" id="L485"> ex.initCause(e);</span> |
| <span class="nc" id="L486"> throw ex;</span> |
| } |
| } |
| } |
| </pre><div class="footer"><span class="right">Created with <a href="http://www.eclemma.org/jacoco">JaCoCo</a> 0.6.1.201212231917</span></div></body></html> |