| <?xml version="1.0" encoding="UTF-8"?><!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xmlns="http://www.w3.org/1999/xhtml" lang="en"><head><meta http-equiv="Content-Type" content="text/html;charset=UTF-8"/><link rel="stylesheet" href="../.resources/report.css" type="text/css"/><link rel="shortcut icon" href="../.resources/report.gif" type="image/gif"/><title>SAMLTokenIssuerConfig.java</title><link rel="stylesheet" href="../.resources/prettify.css" type="text/css"/><script type="text/javascript" src="../.resources/prettify.js"></script></head><body onload="window['PR_TAB_WIDTH']=4;prettyPrint()"><div class="breadcrumb" id="breadcrumb"><span class="right"><a href="../.sessions.html" class="el_session">Sessions</a></span><a href="../index.html" class="el_report">Coverage Report</a> > <a href="index.html" class="el_package">org.apache.rahas.impl</a> > <span class="el_source">SAMLTokenIssuerConfig.java</span></div><h1>SAMLTokenIssuerConfig.java</h1><pre class="source lang-java linenums">/* |
| * Copyright 2004,2005 The Apache Software Foundation. |
| * |
| * Licensed under the Apache License, Version 2.0 (the "License"); |
| * you may not use this file except in compliance with the License. |
| * You may obtain a copy of the License at |
| * |
| * http://www.apache.org/licenses/LICENSE-2.0 |
| * |
| * Unless required by applicable law or agreed to in writing, software |
| * distributed under the License is distributed on an "AS IS" BASIS, |
| * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
| * See the License for the specific language governing permissions and |
| * limitations under the License. |
| */ |
| |
| package org.apache.rahas.impl; |
| |
| import org.apache.axiom.om.OMAbstractFactory; |
| import org.apache.axiom.om.OMAttribute; |
| import org.apache.axiom.om.OMElement; |
| import org.apache.axiom.om.OMFactory; |
| import org.apache.axiom.om.OMXMLBuilderFactory; |
| import org.apache.axiom.om.OMXMLParserWrapper; |
| import org.apache.axis2.description.Parameter; |
| import org.apache.commons.logging.Log; |
| import org.apache.commons.logging.LogFactory; |
| import org.apache.rahas.TrustException; |
| import org.apache.rahas.TrustUtil; |
| import org.apache.rahas.impl.util.CommonUtil; |
| import org.apache.rahas.impl.util.SAMLCallbackHandler; |
| import org.apache.ws.security.WSSecurityException; |
| import org.apache.ws.security.components.crypto.Crypto; |
| import org.apache.ws.security.components.crypto.CryptoFactory; |
| |
| import javax.xml.namespace.QName; |
| import java.io.FileInputStream; |
| import java.security.cert.X509Certificate; |
| import java.util.Enumeration; |
| import java.util.HashMap; |
| import java.util.Iterator; |
| import java.util.Map; |
| import java.util.Properties; |
| |
| /** |
| * Configuration manager for the <code>SAMLTokenIssuer</code> |
| * |
| * @see SAMLTokenIssuer |
| */ |
| public class SAMLTokenIssuerConfig extends AbstractIssuerConfig { |
| |
| |
| <span class="pc" id="L53"> Log log = LogFactory.getLog(SAMLTokenIssuerConfig.class);</span> |
| |
| /** |
| * The QName of the configuration element of the SAMLTokenIssuer |
| */ |
| <span class="fc" id="L58"> public final static QName SAML_ISSUER_CONFIG = new QName("saml-issuer-config");</span> |
| |
| /** |
| * Element name to include the alias of the private key to sign the response or |
| * the issued token |
| */ |
| <span class="fc" id="L64"> private final static QName ISSUER_KEY_ALIAS = new QName("issuerKeyAlias");</span> |
| |
| /** |
| * Element name to include the password of the private key to sign the response or the issued |
| * token |
| */ |
| <span class="fc" id="L70"> private final static QName ISSUER_KEY_PASSWD = new QName("issuerKeyPassword");</span> |
| |
| /** |
| * Element name of the attribute call-back handler |
| */ |
| <span class="fc" id="L75"> private final static QName ATTR_CALLBACK_HANDLER_NAME = new QName("attrCallbackHandlerName");</span> |
| |
| /** |
| * Element to specify the lifetime of the SAMLToken |
| * Dafaults to 300000 milliseconds (5 mins) |
| */ |
| <span class="fc" id="L81"> private final static QName TTL = new QName("timeToLive");</span> |
| |
| /** |
| * Element to list the trusted services |
| */ |
| <span class="fc" id="L86"> private final static QName TRUSTED_SERVICES = new QName("trusted-services");</span> |
| |
| <span class="fc" id="L88"> private final static QName KEY_SIZE = new QName("keySize");</span> |
| |
| <span class="fc" id="L90"> private final static QName SERVICE = new QName("service");</span> |
| <span class="fc" id="L91"> private final static QName ALIAS = new QName("alias");</span> |
| |
| <span class="fc" id="L93"> public final static QName USE_SAML_ATTRIBUTE_STATEMENT = new QName("useSAMLAttributeStatement");</span> |
| |
| <span class="fc" id="L95"> public final static QName ISSUER_NAME = new QName("issuerName");</span> |
| |
| <span class="fc" id="L97"> public final static QName SAML_CALLBACK_CLASS = new QName("dataCallbackHandlerClass");</span> |
| |
| protected String issuerKeyAlias; |
| protected String issuerKeyPassword; |
| protected String issuerName; |
| |
| // TODO in next major release convert this to a typed map |
| <span class="pc" id="L104"> protected Map trustedServices = new HashMap();</span> |
| protected String trustStorePropFile; |
| protected SAMLCallbackHandler callbackHandler; |
| protected String callbackHandlerName; |
| |
| /** |
| * Create a new configuration with issuer name and crypto information |
| * @param issuerName Name of the issuer |
| * @param cryptoProviderClassName WSS4J Crypto impl class name |
| * @param cryptoProps Configuration properties of crypto impl |
| */ |
| <span class="nc" id="L115"> public SAMLTokenIssuerConfig(String issuerName, String cryptoProviderClassName, Properties cryptoProps) {</span> |
| <span class="nc" id="L116"> this.issuerName = issuerName;</span> |
| <span class="nc" id="L117"> this.setCryptoProperties(cryptoProviderClassName, cryptoProps);</span> |
| <span class="nc" id="L118"> }</span> |
| |
| /** |
| * Create a SAMLTokenIssuer configuration with a config file picked from the |
| * given location. |
| * @param configFilePath Path to the config file |
| * @throws TrustException |
| */ |
| <span class="fc" id="L126"> public SAMLTokenIssuerConfig(String configFilePath) throws TrustException {</span> |
| FileInputStream fis; |
| OMXMLParserWrapper builder; |
| try { |
| <span class="fc" id="L130"> fis = new FileInputStream(configFilePath);</span> |
| <span class="fc" id="L131"> builder = OMXMLBuilderFactory.createOMBuilder(fis);</span> |
| <span class="nc" id="L132"> } catch (Exception e) {</span> |
| <span class="nc" id="L133"> throw new TrustException("errorLoadingConfigFile",</span> |
| new String[] { configFilePath }, e); |
| <span class="fc" id="L135"> }</span> |
| <span class="fc" id="L136"> this.load(builder.getDocumentElement());</span> |
| <span class="fc" id="L137"> }</span> |
| |
| /** |
| * Create a SAMLTokenIssuer configuration using the give config element |
| * @param elem Configuration element as an <code>OMElement</code> |
| * @throws TrustException |
| */ |
| <span class="fc" id="L144"> public SAMLTokenIssuerConfig(OMElement elem) throws TrustException {</span> |
| <span class="fc" id="L145"> this.load(elem);</span> |
| <span class="fc" id="L146"> }</span> |
| |
| private void load(OMElement elem) throws TrustException { |
| <span class="fc" id="L149"> OMElement proofKeyElem = elem.getFirstChildWithName(PROOF_KEY_TYPE);</span> |
| <span class="pc bpc" id="L150" title="1 of 2 branches missed."> if (proofKeyElem != null) {</span> |
| <span class="fc" id="L151"> this.proofKeyType = proofKeyElem.getText().trim();</span> |
| } |
| |
| <span class="fc" id="L154"> OMElement callbackNameElem = elem.getFirstChildWithName(ATTR_CALLBACK_HANDLER_NAME);</span> |
| <span class="pc bpc" id="L155" title="1 of 2 branches missed."> if (callbackNameElem != null) {</span> |
| <span class="nc" id="L156"> this.callbackHandlerName = callbackNameElem.getText().trim();</span> |
| } |
| |
| //The alias of the private key |
| <span class="fc" id="L160"> OMElement userElem = elem.getFirstChildWithName(ISSUER_KEY_ALIAS);</span> |
| <span class="pc bpc" id="L161" title="1 of 2 branches missed."> if (userElem != null) {</span> |
| <span class="fc" id="L162"> this.issuerKeyAlias = userElem.getText().trim();</span> |
| } |
| |
| <span class="pc bpc" id="L165" title="2 of 4 branches missed."> if (this.issuerKeyAlias == null || "".equals(this.issuerKeyAlias)) {</span> |
| <span class="nc" id="L166"> throw new TrustException("samlIssuerKeyAliasMissing");</span> |
| } |
| |
| <span class="fc" id="L169"> OMElement issuerKeyPasswdElem = elem.getFirstChildWithName(ISSUER_KEY_PASSWD);</span> |
| <span class="pc bpc" id="L170" title="1 of 2 branches missed."> if (issuerKeyPasswdElem != null) {</span> |
| <span class="fc" id="L171"> this.issuerKeyPassword = issuerKeyPasswdElem.getText().trim();</span> |
| } |
| |
| <span class="pc bpc" id="L174" title="2 of 4 branches missed."> if (this.issuerKeyPassword == null || "".equals(this.issuerKeyPassword)) {</span> |
| <span class="nc" id="L175"> throw new TrustException("samlIssuerKeyPasswdMissing");</span> |
| } |
| |
| <span class="fc" id="L178"> OMElement issuerNameElem = elem.getFirstChildWithName(ISSUER_NAME);</span> |
| <span class="pc bpc" id="L179" title="1 of 2 branches missed."> if (issuerNameElem != null) {</span> |
| <span class="fc" id="L180"> this.issuerName = issuerNameElem.getText().trim();</span> |
| } |
| |
| <span class="pc bpc" id="L183" title="2 of 4 branches missed."> if (this.issuerName == null || "".equals(this.issuerName)) {</span> |
| <span class="nc" id="L184"> throw new TrustException("samlIssuerNameMissing");</span> |
| } |
| |
| <span class="fc" id="L187"> this.cryptoPropertiesElement = elem.getFirstChildWithName(CRYPTO_PROPERTIES);</span> |
| <span class="pc bpc" id="L188" title="1 of 2 branches missed."> if (this.cryptoPropertiesElement != null) {</span> |
| <span class="pc bpc" id="L189" title="1 of 2 branches missed."> if ((this.cryptoElement =</span> |
| this.cryptoPropertiesElement .getFirstChildWithName(CRYPTO)) == null){ |
| // no children. Hence, prop file should have been defined |
| <span class="nc" id="L192"> this.cryptoPropertiesFile = this.cryptoPropertiesElement .getText().trim();</span> |
| } |
| // else Props should be defined as children of a crypto element |
| } |
| |
| <span class="fc" id="L197"> OMElement keyCompElem = elem.getFirstChildWithName(KeyComputation.KEY_COMPUTATION);</span> |
| <span class="pc bpc" id="L198" title="3 of 6 branches missed."> if (keyCompElem != null && keyCompElem.getText() != null && !"".equals(keyCompElem.getText())) {</span> |
| <span class="fc" id="L199"> this.keyComputation = Integer.parseInt(keyCompElem.getText());</span> |
| } |
| |
| //time to live |
| <span class="fc" id="L203"> OMElement ttlElem = elem.getFirstChildWithName(TTL);</span> |
| <span class="pc bpc" id="L204" title="1 of 2 branches missed."> if (ttlElem != null) {</span> |
| try { |
| <span class="fc" id="L206"> this.ttl = Long.parseLong(ttlElem.getText().trim());</span> |
| <span class="nc" id="L207"> } catch (NumberFormatException e) {</span> |
| <span class="nc" id="L208"> throw new TrustException("invlidTTL");</span> |
| <span class="fc" id="L209"> }</span> |
| } |
| |
| <span class="fc" id="L212"> OMElement keySizeElem = elem.getFirstChildWithName(KEY_SIZE);</span> |
| <span class="pc bpc" id="L213" title="1 of 2 branches missed."> if (keySizeElem != null) {</span> |
| try { |
| <span class="fc" id="L215"> this.keySize = Integer.parseInt(keySizeElem.getText().trim());</span> |
| <span class="nc" id="L216"> } catch (NumberFormatException e) {</span> |
| <span class="nc" id="L217"> throw new TrustException("invalidKeysize");</span> |
| <span class="fc" id="L218"> }</span> |
| } |
| |
| <span class="pc bpc" id="L221" title="1 of 2 branches missed."> this.addRequestedAttachedRef = elem</span> |
| .getFirstChildWithName(ADD_REQUESTED_ATTACHED_REF) != null; |
| <span class="pc bpc" id="L223" title="1 of 2 branches missed."> this.addRequestedUnattachedRef = elem</span> |
| .getFirstChildWithName(ADD_REQUESTED_UNATTACHED_REF) != null; |
| |
| //Process trusted services |
| <span class="fc" id="L227"> OMElement trustedServices = elem.getFirstChildWithName(TRUSTED_SERVICES);</span> |
| |
| /* |
| * If there are trusted services add them to a list |
| * Only trusts myself to issue tokens to : |
| * In this case the STS is embedded in the service as well and |
| * the issued token can only be used with that particular service |
| * since the response secret is encrypted by the service's public key |
| */ |
| <span class="pc bpc" id="L236" title="1 of 2 branches missed."> if (trustedServices != null) {</span> |
| //Now process the trusted services |
| <span class="fc" id="L238"> Iterator servicesIter = trustedServices.getChildrenWithName(SERVICE);</span> |
| <span class="fc bfc" id="L239" title="All 2 branches covered."> while (servicesIter.hasNext()) {</span> |
| <span class="fc" id="L240"> OMElement service = (OMElement) servicesIter.next();</span> |
| <span class="fc" id="L241"> OMAttribute aliasAttr = service.getAttribute(ALIAS);</span> |
| <span class="pc bpc" id="L242" title="1 of 2 branches missed."> if (aliasAttr == null) {</span> |
| //The certificate alias is a must |
| <span class="nc" id="L244"> throw new TrustException("aliasMissingForService",</span> |
| new String[]{service.getText().trim()}); |
| } |
| <span class="pc bpc" id="L247" title="1 of 2 branches missed."> if (this.trustedServices == null) {</span> |
| <span class="nc" id="L248"> this.trustedServices = new HashMap();</span> |
| } |
| |
| //Add the trusted service and the alias to the map of services |
| <span class="fc" id="L252"> this.trustedServices.put(service.getText().trim(), aliasAttr.getAttributeValue());</span> |
| <span class="fc" id="L253"> }</span> |
| |
| //There maybe no trusted services as well, Therefore do not |
| //throw an exception when there are no trusted in the list at the |
| //moment |
| } |
| |
| |
| <span class="fc" id="L261"> OMElement attrElemet = elem.getFirstChildWithName(SAML_CALLBACK_CLASS);</span> |
| <span class="fc bfc" id="L262" title="All 2 branches covered."> if (attrElemet != null) {</span> |
| try { |
| <span class="fc" id="L264"> String value = attrElemet.getText();</span> |
| <span class="fc" id="L265"> Class handlerClass = Class.forName(value);</span> |
| <span class="fc" id="L266"> this.callbackHandler = (SAMLCallbackHandler)handlerClass.newInstance();</span> |
| <span class="nc" id="L267"> } catch (ClassNotFoundException e) {</span> |
| <span class="nc" id="L268"> log.error("Error loading class" , e);</span> |
| <span class="nc" id="L269"> throw new TrustException("Error loading class" , e);</span> |
| <span class="nc" id="L270"> } catch (InstantiationException e) {</span> |
| <span class="nc" id="L271"> log.error("Error instantiating class" , e);</span> |
| <span class="nc" id="L272"> throw new TrustException("Error instantiating class" , e);</span> |
| <span class="nc" id="L273"> } catch (IllegalAccessException e) {</span> |
| <span class="nc" id="L274"> log.error("Illegal Access" , e);</span> |
| <span class="nc" id="L275"> throw new TrustException("Illegal Access" , e);</span> |
| <span class="fc" id="L276"> }</span> |
| } |
| |
| |
| <span class="fc" id="L280"> }</span> |
| |
| /** |
| * Generate an Axis2 parameter for this configuration |
| * @return An Axis2 Parameter instance with configuration information |
| */ |
| public Parameter getParameter() { |
| <span class="nc" id="L287"> Parameter param = new Parameter();</span> |
| |
| <span class="nc" id="L289"> OMFactory fac = OMAbstractFactory.getOMFactory();</span> |
| |
| <span class="nc" id="L291"> OMElement paramElem = fac.createOMElement("Parameter", null);</span> |
| <span class="nc" id="L292"> paramElem.addAttribute("name", SAML_ISSUER_CONFIG.getLocalPart(), null);</span> |
| |
| <span class="nc" id="L294"> OMElement configElem = fac.createOMElement(SAML_ISSUER_CONFIG, paramElem);</span> |
| |
| <span class="nc" id="L296"> OMElement issuerNameElem = fac.createOMElement(ISSUER_NAME, configElem);</span> |
| <span class="nc" id="L297"> issuerNameElem.setText(this.issuerName);</span> |
| |
| <span class="nc" id="L299"> OMElement issuerKeyAliasElem = fac.createOMElement(ISSUER_KEY_ALIAS, configElem);</span> |
| <span class="nc" id="L300"> issuerKeyAliasElem.setText(this.issuerKeyAlias);</span> |
| |
| <span class="nc" id="L302"> OMElement issuerKeyPasswd = fac.createOMElement(ISSUER_KEY_PASSWD, configElem);</span> |
| <span class="nc" id="L303"> issuerKeyPasswd.setText(this.issuerKeyPassword);</span> |
| |
| <span class="nc" id="L305"> OMElement callbackHandlerName = fac.createOMElement(ATTR_CALLBACK_HANDLER_NAME, configElem);</span> |
| <span class="nc" id="L306"> callbackHandlerName.setText(this.callbackHandlerName);</span> |
| |
| <span class="nc" id="L308"> OMElement timeToLive = fac.createOMElement(TTL, configElem);</span> |
| <span class="nc" id="L309"> timeToLive.setText(String.valueOf(this.ttl));</span> |
| |
| <span class="nc" id="L311"> configElem.addChild(this.cryptoPropertiesElement);</span> |
| |
| <span class="nc" id="L313"> OMElement keySizeElem = fac.createOMElement(KEY_SIZE, configElem);</span> |
| <span class="nc" id="L314"> keySizeElem.setText(Integer.toString(this.keySize));</span> |
| |
| <span class="nc bnc" id="L316" title="All 2 branches missed."> if(this.addRequestedAttachedRef) {</span> |
| <span class="nc" id="L317"> fac.createOMElement(ADD_REQUESTED_ATTACHED_REF, configElem);</span> |
| } |
| <span class="nc bnc" id="L319" title="All 2 branches missed."> if(this.addRequestedUnattachedRef) {</span> |
| <span class="nc" id="L320"> fac.createOMElement(ADD_REQUESTED_UNATTACHED_REF, configElem);</span> |
| } |
| |
| <span class="nc" id="L323"> OMElement keyCompElem = fac.createOMElement(KeyComputation.KEY_COMPUTATION, configElem);</span> |
| <span class="nc" id="L324"> keyCompElem.setText(Integer.toString(this.keyComputation));</span> |
| |
| <span class="nc" id="L326"> OMElement proofKeyTypeElem = fac.createOMElement(PROOF_KEY_TYPE, configElem);</span> |
| <span class="nc" id="L327"> proofKeyTypeElem.setText(this.proofKeyType);</span> |
| |
| <span class="nc" id="L329"> OMElement trustedServicesElem = fac.createOMElement(TRUSTED_SERVICES, configElem);</span> |
| <span class="nc bnc" id="L330" title="All 2 branches missed."> for (Iterator iterator = this.trustedServices.keySet().iterator(); iterator.hasNext();) {</span> |
| <span class="nc" id="L331"> String service = (String) iterator.next();</span> |
| <span class="nc" id="L332"> OMElement serviceElem = fac.createOMElement(SERVICE, trustedServicesElem);</span> |
| <span class="nc" id="L333"> serviceElem.setText(service);</span> |
| <span class="nc" id="L334"> serviceElem.addAttribute("alias", (String)this.trustedServices.get(service), null);</span> |
| |
| <span class="nc" id="L336"> }</span> |
| |
| <span class="nc" id="L338"> param.setName(SAML_ISSUER_CONFIG.getLocalPart());</span> |
| <span class="nc" id="L339"> param.setParameterElement(paramElem);</span> |
| <span class="nc" id="L340"> param.setValue(paramElem);</span> |
| <span class="nc" id="L341"> param.setParameterType(Parameter.OM_PARAMETER);</span> |
| |
| <span class="nc" id="L343"> return param;</span> |
| } |
| |
| public void setIssuerKeyAlias(String issuerKeyAlias) { |
| <span class="nc" id="L347"> this.issuerKeyAlias = issuerKeyAlias;</span> |
| <span class="nc" id="L348"> }</span> |
| |
| public String getIssuerKeyAlias() { |
| <span class="fc" id="L351"> return issuerKeyAlias;</span> |
| } |
| |
| public void setIssuerKeyPassword(String issuerKeyPassword) { |
| <span class="nc" id="L355"> this.issuerKeyPassword = issuerKeyPassword;</span> |
| <span class="nc" id="L356"> }</span> |
| |
| public String getIssuerKeyPassword() { |
| <span class="fc" id="L359"> return issuerKeyPassword;</span> |
| } |
| |
| public void setIssuerName(String issuerName) { |
| <span class="nc" id="L363"> this.issuerName = issuerName;</span> |
| <span class="nc" id="L364"> }</span> |
| |
| public void setTrustedServices(Map trustedServices) { |
| <span class="nc" id="L367"> this.trustedServices = trustedServices;</span> |
| <span class="nc" id="L368"> }</span> |
| |
| public void setTrustStorePropFile(String trustStorePropFile) { |
| <span class="nc" id="L371"> this.trustStorePropFile = trustStorePropFile;</span> |
| <span class="nc" id="L372"> }</span> |
| |
| /** |
| * Add a new trusted service endpoint address with its certificate |
| * @param address Service endpoint address |
| * @param alias certificate alias |
| */ |
| public void addTrustedServiceEndpointAddress(String address, String alias) { |
| <span class="nc" id="L380"> this.trustedServices.put(address, alias);</span> |
| <span class="nc" id="L381"> }</span> |
| |
| /** |
| * Set crypto information using WSS4J mechanisms |
| * |
| * @param providerClassName |
| * Provider class - an implementation of |
| * org.apache.ws.security.components.crypto.Crypto |
| * @param props Configuration properties |
| */ |
| public void setCryptoProperties(String providerClassName, Properties props) { |
| <span class="nc" id="L392"> OMFactory fac = OMAbstractFactory.getOMFactory();</span> |
| <span class="nc" id="L393"> this.cryptoPropertiesElement= fac.createOMElement(CRYPTO_PROPERTIES);</span> |
| <span class="nc" id="L394"> OMElement cryptoElem = fac.createOMElement(CRYPTO, this.cryptoPropertiesElement);</span> |
| <span class="nc" id="L395"> cryptoElem.addAttribute(PROVIDER.getLocalPart(), providerClassName, null);</span> |
| <span class="nc" id="L396"> Enumeration keys = props.keys();</span> |
| <span class="nc bnc" id="L397" title="All 2 branches missed."> while (keys.hasMoreElements()) {</span> |
| <span class="nc" id="L398"> String prop = (String) keys.nextElement();</span> |
| <span class="nc" id="L399"> String value = (String)props.get(prop);</span> |
| <span class="nc" id="L400"> OMElement propElem = fac.createOMElement(PROPERTY, cryptoElem);</span> |
| <span class="nc" id="L401"> propElem.setText(value);</span> |
| <span class="nc" id="L402"> propElem.addAttribute("name", prop, null);</span> |
| <span class="nc" id="L403"> }</span> |
| <span class="nc" id="L404"> }</span> |
| |
| /** |
| * Return the list of trusted services as a <code>java.util.Map</code>. |
| * The services addresses are the keys and cert aliases available under |
| * those keys. |
| * @return |
| */ |
| public Map getTrustedServices() { |
| <span class="fc" id="L413"> return trustedServices;</span> |
| } |
| |
| @Deprecated |
| public SAMLCallbackHandler getCallbackHander() { |
| <span class="nc" id="L418"> return callbackHandler;</span> |
| } |
| |
| @Deprecated |
| public void setCallbackHander(SAMLCallbackHandler callbackHandler) { |
| <span class="nc" id="L423"> this.callbackHandler = callbackHandler;</span> |
| <span class="nc" id="L424"> }</span> |
| |
| public SAMLCallbackHandler getCallbackHandler() { |
| <span class="fc" id="L427"> return callbackHandler;</span> |
| } |
| |
| public String getIssuerName() { |
| <span class="fc" id="L431"> return issuerName;</span> |
| } |
| |
| public String getTrustStorePropFile() { |
| <span class="nc" id="L435"> return trustStorePropFile;</span> |
| } |
| |
| public void setCallbackHandler(SAMLCallbackHandler callbackHandler) { |
| <span class="fc" id="L439"> this.callbackHandler = callbackHandler;</span> |
| <span class="fc" id="L440"> }</span> |
| |
| public String getCallbackHandlerName() { |
| <span class="fc" id="L443"> return callbackHandlerName;</span> |
| } |
| |
| public void setCallbackHandlerName(String callbackHandlerName) { |
| <span class="fc" id="L447"> this.callbackHandlerName = callbackHandlerName;</span> |
| <span class="fc" id="L448"> }</span> |
| |
| /** |
| * Uses the <code>wst:AppliesTo</code> to figure out the certificate to |
| * encrypt the secret in the SAML token |
| * |
| * @param crypto |
| * @param serviceAddress |
| * The address of the service |
| * @return |
| * @throws org.apache.rahas.TrustException If unable to find certificate by given alias. |
| */ |
| public X509Certificate getServiceCert(Crypto crypto, String serviceAddress) throws TrustException { |
| |
| <span class="pc bpc" id="L462" title="1 of 4 branches missed."> if (serviceAddress != null && !"".equals(serviceAddress)) {</span> |
| <span class="fc" id="L463"> String alias = (String) this.trustedServices.get(serviceAddress);</span> |
| <span class="pc bpc" id="L464" title="1 of 2 branches missed."> if (alias != null) {</span> |
| <span class="fc" id="L465"> return CommonUtil.getCertificateByAlias(crypto, alias);</span> |
| } else { |
| <span class="nc" id="L467"> alias = (String) this.trustedServices.get("*");</span> |
| |
| <span class="nc bnc" id="L469" title="All 2 branches missed."> if (alias == null) {</span> |
| <span class="nc" id="L470"> throw new TrustException("aliasMissingForService", new String[]{serviceAddress});</span> |
| } |
| |
| <span class="nc" id="L473"> return CommonUtil.getCertificateByAlias(crypto, alias);</span> |
| } |
| } else { |
| <span class="fc" id="L476"> String alias = (String) this.trustedServices.get("*");</span> |
| |
| <span class="pc bpc" id="L478" title="1 of 2 branches missed."> if (alias == null) {</span> |
| <span class="nc" id="L479"> throw new TrustException("aliasMissingForService", new String[]{serviceAddress});</span> |
| } |
| |
| <span class="fc" id="L482"> return CommonUtil.getCertificateByAlias(crypto, alias);</span> |
| } |
| |
| } |
| |
| /** |
| * This method will create a Crypto object based on property values defined in cryptoElement or |
| * cryptoPropertiesFile. |
| * @param classLoader A class loader to pass into CryptoFactory. |
| * @return A Crypto object |
| * @throws TrustException If an error occurred while creating the Crypto object. |
| */ |
| public Crypto getIssuerCrypto(ClassLoader classLoader) throws TrustException { |
| |
| try { |
| <span class="pc bpc" id="L497" title="1 of 2 branches missed."> if (this.cryptoElement != null) {</span> |
| // crypto props defined as elements |
| <span class="fc" id="L499"> return CryptoFactory.getInstance(TrustUtil</span> |
| .toProperties(this.cryptoElement), classLoader); |
| } else { |
| // crypto props defined in a properties file |
| <span class="nc" id="L503"> return CryptoFactory.getInstance(this.cryptoPropertiesFile,</span> |
| classLoader); |
| } |
| |
| <span class="nc" id="L507"> } catch (WSSecurityException e) {</span> |
| <span class="nc" id="L508"> throw new TrustException("errorLoadingCryptoProperties", e);</span> |
| } |
| |
| } |
| |
| } |
| </pre><div class="footer"><span class="right">Created with <a href="http://www.eclemma.org/jacoco">JaCoCo</a> 0.6.1.201212231917</span></div></body></html> |
