| <?xml version="1.0" encoding="UTF-8"?><!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xmlns="http://www.w3.org/1999/xhtml" lang="en"><head><meta http-equiv="Content-Type" content="text/html;charset=UTF-8"/><link rel="stylesheet" href="../.resources/report.css" type="text/css"/><link rel="shortcut icon" href="../.resources/report.gif" type="image/gif"/><title>SAMLTokenRenewer.java</title><link rel="stylesheet" href="../.resources/prettify.css" type="text/css"/><script type="text/javascript" src="../.resources/prettify.js"></script></head><body onload="window['PR_TAB_WIDTH']=4;prettyPrint()"><div class="breadcrumb" id="breadcrumb"><span class="right"><a href="../.sessions.html" class="el_session">Sessions</a></span><a href="../index.html" class="el_report">Coverage Report</a> > <a href="index.html" class="el_package">org.apache.rahas.impl</a> > <span class="el_source">SAMLTokenRenewer.java</span></div><h1>SAMLTokenRenewer.java</h1><pre class="source lang-java linenums">package org.apache.rahas.impl; |
| |
| import java.text.DateFormat; |
| import java.util.Date; |
| |
| import org.apache.axiom.om.OMElement; |
| import org.apache.axiom.om.OMNode; |
| import org.apache.axiom.soap.SOAPEnvelope; |
| import org.apache.axis2.context.MessageContext; |
| import org.apache.axis2.description.Parameter; |
| import org.apache.rahas.RahasConstants; |
| import org.apache.rahas.RahasData; |
| import org.apache.rahas.Token; |
| import org.apache.rahas.TokenRenewer; |
| import org.apache.rahas.TokenStorage; |
| import org.apache.rahas.TrustException; |
| import org.apache.rahas.TrustUtil; |
| import org.apache.rahas.impl.util.CommonUtil; |
| import org.apache.rahas.impl.util.SAMLUtils; |
| import org.apache.ws.security.components.crypto.Crypto; |
| import org.apache.ws.security.util.XmlSchemaDateFormat; |
| import org.joda.time.DateTime; |
| import org.opensaml.saml1.core.Assertion; |
| import org.opensaml.saml1.core.Conditions; |
| import org.w3c.dom.Element; |
| import org.w3c.dom.Node; |
| |
| @SuppressWarnings({"UnusedDeclaration"}) |
| <span class="nc" id="L29">public class SAMLTokenRenewer implements TokenRenewer {</span> |
| |
| private String configParamName; |
| |
| private OMElement configElement; |
| |
| private String configFile; |
| |
| public SOAPEnvelope renew(RahasData data) throws TrustException { |
| |
| // retrieve the message context |
| <span class="nc" id="L40"> MessageContext inMsgCtx = data.getInMessageContext();</span> |
| |
| <span class="nc" id="L42"> SAMLTokenIssuerConfig config = null;</span> |
| <span class="nc bnc" id="L43" title="All 2 branches missed."> if (this.configElement != null) {</span> |
| <span class="nc" id="L44"> config = new SAMLTokenIssuerConfig(configElement</span> |
| .getFirstChildWithName(SAMLTokenIssuerConfig.SAML_ISSUER_CONFIG)); |
| } |
| |
| // Look for the file |
| <span class="nc bnc" id="L49" title="All 4 branches missed."> if (config == null && this.configFile != null) {</span> |
| <span class="nc" id="L50"> config = new SAMLTokenIssuerConfig(this.configFile);</span> |
| } |
| |
| // Look for the param |
| <span class="nc bnc" id="L54" title="All 4 branches missed."> if (config == null && this.configParamName != null) {</span> |
| <span class="nc" id="L55"> Parameter param = inMsgCtx.getParameter(this.configParamName);</span> |
| <span class="nc bnc" id="L56" title="All 4 branches missed."> if (param != null && param.getParameterElement() != null) {</span> |
| <span class="nc" id="L57"> config = new SAMLTokenIssuerConfig(param</span> |
| .getParameterElement().getFirstChildWithName( |
| SAMLTokenIssuerConfig.SAML_ISSUER_CONFIG)); |
| } else { |
| <span class="nc" id="L61"> throw new TrustException("expectedParameterMissing",</span> |
| new String[]{this.configParamName}); |
| } |
| } |
| |
| <span class="nc bnc" id="L66" title="All 2 branches missed."> if (config == null) {</span> |
| <span class="nc" id="L67"> throw new TrustException("configurationIsNull");</span> |
| } |
| |
| // retrieve the list of tokens from the message context |
| <span class="nc" id="L71"> TokenStorage tkStorage = TrustUtil.getTokenStore(inMsgCtx);</span> |
| |
| // Create envelope |
| <span class="nc" id="L74"> SOAPEnvelope env = TrustUtil.createSOAPEnvelope(inMsgCtx</span> |
| .getEnvelope().getNamespace().getNamespaceURI()); |
| |
| // Create RSTR element, with respective version |
| OMElement rstrElem; |
| <span class="nc" id="L79"> int wstVersion = data.getVersion();</span> |
| <span class="nc bnc" id="L80" title="All 2 branches missed."> if (RahasConstants.VERSION_05_02 == wstVersion) {</span> |
| <span class="nc" id="L81"> rstrElem = TrustUtil.createRequestSecurityTokenResponseElement(</span> |
| wstVersion, env.getBody()); |
| } else { |
| <span class="nc" id="L84"> OMElement rstrcElem = TrustUtil</span> |
| .createRequestSecurityTokenResponseCollectionElement( |
| wstVersion, env.getBody()); |
| <span class="nc" id="L87"> rstrElem = TrustUtil.createRequestSecurityTokenResponseElement(</span> |
| wstVersion, rstrcElem); |
| } |
| |
| Crypto crypto; |
| <span class="nc" id="L92"> ClassLoader classLoader = inMsgCtx.getAxisService().getClassLoader();</span> |
| <span class="nc bnc" id="L93" title="All 2 branches missed."> if (config.cryptoElement != null) {</span> |
| // crypto props defined as elements |
| <span class="nc" id="L95"> crypto = CommonUtil.getCrypto(TrustUtil</span> |
| .toProperties(config.cryptoElement), classLoader); |
| } else { |
| // crypto props defined in a properties file |
| <span class="nc" id="L99"> crypto = CommonUtil.getCrypto(config.cryptoPropertiesFile, classLoader);</span> |
| } |
| |
| // Create TokenType element |
| <span class="nc" id="L103"> TrustUtil.createTokenTypeElement(wstVersion, rstrElem).setText(</span> |
| RahasConstants.TOK_TYPE_SAML_10); |
| |
| // Creation and expiration times |
| <span class="nc" id="L107"> Date creationTime = new Date();</span> |
| <span class="nc" id="L108"> Date expirationTime = new Date();</span> |
| <span class="nc" id="L109"> expirationTime.setTime(creationTime.getTime() + config.ttl);</span> |
| |
| // Use GMT time in milliseconds |
| <span class="nc" id="L112"> DateFormat zulu = new XmlSchemaDateFormat();</span> |
| |
| // Add the Lifetime element |
| <span class="nc" id="L115"> TrustUtil.createLifetimeElement(wstVersion, rstrElem, zulu</span> |
| .format(creationTime), zulu.format(expirationTime)); |
| |
| // Obtain the token |
| <span class="nc" id="L119"> Token tk = tkStorage.getToken(data.getTokenId());</span> |
| |
| <span class="nc" id="L121"> OMElement assertionOMElement = tk.getToken();</span> |
| Assertion samlAssertion; |
| |
| |
| <span class="nc" id="L125"> samlAssertion = SAMLUtils.buildAssertion((Element) assertionOMElement);</span> |
| <span class="nc bnc" id="L126" title="All 2 branches missed."> if (samlAssertion.getConditions() == null) {</span> |
| <span class="nc" id="L127"> samlAssertion.setConditions((Conditions) SAMLUtils.buildXMLObject(Conditions.DEFAULT_ELEMENT_NAME));</span> |
| } |
| |
| <span class="nc" id="L130"> samlAssertion.getConditions().setNotBefore(new DateTime(creationTime));</span> |
| <span class="nc" id="L131"> samlAssertion.getConditions().setNotOnOrAfter(new DateTime(expirationTime));</span> |
| |
| // sign the assertion |
| <span class="nc" id="L134"> SAMLUtils.signAssertion(samlAssertion, crypto, config.getIssuerKeyAlias(), config.getIssuerKeyPassword());</span> |
| |
| // Create the RequestedSecurityToken element and add the SAML token |
| // to it |
| <span class="nc" id="L138"> OMElement reqSecTokenElem = TrustUtil</span> |
| .createRequestedSecurityTokenElement(wstVersion, rstrElem); |
| |
| <span class="nc" id="L141"> Node tempNode = samlAssertion.getDOM();</span> |
| <span class="nc" id="L142"> reqSecTokenElem.addChild((OMNode) ((Element) rstrElem)</span> |
| .getOwnerDocument().importNode(tempNode, true)); |
| |
| <span class="nc" id="L145"> return env;</span> |
| |
| } |
| |
| /** |
| * {@inheritDoc} |
| */ |
| public void setConfigurationFile(String configFile) { |
| <span class="nc" id="L153"> this.configFile = configFile;</span> |
| |
| <span class="nc" id="L155"> }</span> |
| |
| /** |
| * {@inheritDoc} |
| */ |
| public void setConfigurationElement(OMElement configElement) { |
| <span class="nc" id="L161"> this.configElement = configElement;</span> |
| <span class="nc" id="L162"> }</span> |
| |
| /** |
| * {@inheritDoc} |
| */ |
| public void setConfigurationParamName(String configParamName) { |
| <span class="nc" id="L168"> this.configParamName = configParamName;</span> |
| <span class="nc" id="L169"> }</span> |
| |
| |
| } |
| </pre><div class="footer"><span class="right">Created with <a href="http://www.eclemma.org/jacoco">JaCoCo</a> 0.6.1.201212231917</span></div></body></html> |