| /** |
| * Licensed to the Apache Software Foundation (ASF) under one |
| * or more contributor license agreements. See the NOTICE file |
| * distributed with this work for additional information |
| * regarding copyright ownership. The ASF licenses this file |
| * to you under the Apache License, Version 2.0 (the |
| * "License"); you may not use this file except in compliance |
| * with the License. You may obtain a copy of the License at |
| * |
| * http://www.apache.org/licenses/LICENSE-2.0 |
| * |
| * Unless required by applicable law or agreed to in writing, |
| * software distributed under the License is distributed on an |
| * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY |
| * KIND, either express or implied. See the License for the |
| * specific language governing permissions and limitations |
| * under the License. |
| */ |
| |
| package org.apache.wss4j.dom.callback; |
| |
| import java.util.Collections; |
| import java.util.List; |
| |
| import javax.xml.crypto.dom.DOMCryptoContext; |
| |
| import org.apache.wss4j.dom.WSConstants; |
| import org.apache.wss4j.common.ext.WSSecurityException; |
| import org.apache.wss4j.common.util.XMLUtils; |
| import org.apache.wss4j.dom.util.WSSecurityUtil; |
| import org.w3c.dom.Document; |
| import org.w3c.dom.Element; |
| |
| /** |
| * This class uses a DOM-based approach to locate Elements that are referenced via an Id. |
| */ |
| public class DOMCallbackLookup implements CallbackLookup { |
| |
| private Document doc; |
| |
| public DOMCallbackLookup(Document doc) { |
| this.doc = doc; |
| } |
| |
| /** |
| * Get the DOM element that corresponds to the given id and ValueType reference. The Id can |
| * be a wsu:Id or else an Id attribute, or a SAML Id when the ValueType refers to a SAML |
| * Assertion. |
| * |
| * @param id The id of the element to locate |
| * @param valueType The ValueType attribute of the element to locate (can be null) |
| * @param checkMultipleElements If true then go through the entire tree and return |
| * null if there are multiple elements with the same Id |
| * @return the located element |
| * @throws WSSecurityException |
| */ |
| public Element getElement( |
| String id, String valueType, boolean checkMultipleElements |
| ) throws WSSecurityException { |
| return getAndRegisterElement(id, valueType, checkMultipleElements, null); |
| } |
| |
| /** |
| * Get the DOM element that corresponds to the given id and ValueType reference. The Id can |
| * be a wsu:Id or else an Id attribute, or a SAML Id when the ValueType refers to a SAML |
| * Assertion. The implementation is also responsible to register the retrieved Element on the |
| * DOMCryptoContext argument, so that the XML Signature implementation can find the Element. |
| * |
| * @param id The id of the element to locate |
| * @param valueType The ValueType attribute of the element to locate (can be null) |
| * @param checkMultipleElements If true then go through the entire tree and return |
| * null if there are multiple elements with the same Id |
| * @param context The DOMCryptoContext to store the Element in |
| * @return the located element |
| * @throws WSSecurityException |
| */ |
| public Element getAndRegisterElement( |
| String id, String valueType, boolean checkMultipleElements, DOMCryptoContext context |
| ) throws WSSecurityException { |
| String idToMatch = XMLUtils.getIDFromReference(id); |
| |
| // |
| // Try the SOAP Body first |
| // |
| Element bodyElement = getSOAPBody(); |
| if (bodyElement != null) { |
| String cId = bodyElement.getAttributeNS(WSConstants.WSU_NS, "Id"); |
| if (cId.equals(idToMatch)) { |
| if (context != null) { |
| context.setIdAttributeNS(bodyElement, WSConstants.WSU_NS, "Id"); |
| } |
| return bodyElement; |
| } |
| } |
| // Otherwise do a general search |
| Element foundElement = |
| XMLUtils.findElementById(doc.getDocumentElement(), idToMatch, checkMultipleElements); |
| if (foundElement != null) { |
| if (context != null) { |
| if (foundElement.hasAttributeNS(WSConstants.WSU_NS, "Id") |
| && idToMatch.equals(foundElement.getAttributeNS(WSConstants.WSU_NS, "Id"))) { |
| context.setIdAttributeNS(foundElement, WSConstants.WSU_NS, "Id"); |
| } |
| if (foundElement.hasAttributeNS(null, "Id") |
| && idToMatch.equals(foundElement.getAttributeNS(null, "Id"))) { |
| context.setIdAttributeNS(foundElement, null, "Id"); |
| } |
| } |
| return foundElement; |
| } |
| |
| // |
| // Try to find a SAML Assertion Element if the ValueType corresponds to a SAML Assertion |
| // (or is empty) |
| // |
| if (WSConstants.WSS_SAML_KI_VALUE_TYPE.equals(valueType) |
| || WSConstants.WSS_SAML2_KI_VALUE_TYPE.equals(valueType) |
| || "".equals(valueType) |
| || valueType == null) { |
| foundElement = |
| XMLUtils.findSAMLAssertionElementById( |
| doc.getDocumentElement(), idToMatch |
| ); |
| if (foundElement != null) { |
| if (context != null) { |
| if (foundElement.hasAttributeNS(null, "ID") |
| && idToMatch.equals(foundElement.getAttributeNS(null, "ID"))) { |
| context.setIdAttributeNS(foundElement, null, "ID"); |
| } |
| if (foundElement.hasAttributeNS(null, "AssertionID") |
| && idToMatch.equals(foundElement.getAttributeNS(null, "AssertionID"))) { |
| context.setIdAttributeNS(foundElement, null, "AssertionID"); |
| } |
| } |
| return foundElement; |
| } |
| } |
| |
| return null; |
| } |
| |
| /** |
| * Get the DOM element(s) that correspond to the given localname/namespace. |
| * @param localname The localname of the Element(s) |
| * @param namespace The namespace of the Element(s) |
| * @return the located element(s) |
| * @throws WSSecurityException |
| */ |
| public List<Element> getElements( |
| String localname, String namespace |
| ) throws WSSecurityException { |
| // |
| // Try the SOAP Body first |
| // |
| Element bodyElement = getSOAPBody(); |
| if (WSConstants.ELEM_BODY.equals(localname) && bodyElement.getNamespaceURI().equals(namespace)) { |
| return Collections.singletonList(bodyElement); |
| } |
| return XMLUtils.findElements(doc.getDocumentElement(), localname, namespace); |
| } |
| |
| |
| /** |
| * Get the SOAP Body |
| */ |
| public Element getSOAPBody() { |
| return WSSecurityUtil.findBodyElement(doc); |
| } |
| } |