All Downloads are FREE. Search and download functionalities are using the official Maven repository.

microsoft.exchange.webservices.data.credential.WSSecurityBasedCredentials Maven / Gradle / Ivy

The newest version!
/*
 * The MIT License
 * Copyright (c) 2012 Microsoft Corporation
 *
 * Permission is hereby granted, free of charge, to any person obtaining a copy
 * of this software and associated documentation files (the "Software"), to deal
 * in the Software without restriction, including without limitation the rights
 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
 * copies of the Software, and to permit persons to whom the Software is
 * furnished to do so, subject to the following conditions:
 *
 * The above copyright notice and this permission notice shall be included in
 * all copies or substantial portions of the Software.
 *
 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
 * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
 * THE SOFTWARE.
 */

package microsoft.exchange.webservices.data.credential;

import microsoft.exchange.webservices.data.core.EwsUtilities;

import javax.xml.stream.XMLStreamException;
import javax.xml.stream.XMLStreamWriter;

import java.net.URI;
import java.net.URISyntaxException;
import java.util.Calendar;

/**
 * WSSecurityBasedCredentials is the base class for all credential classes using
 * WS-Security.
 */
public abstract class WSSecurityBasedCredentials extends ExchangeCredentials {

  /**
   * The security token.
   */
  private String securityToken;

  /**
   * The ews url.
   */
  private URI ewsUrl;

  protected static final String wsuTimeStampFormat =
      "" +
          "{0:yyyy'-'MM'-'dd'T'HH':'mm':'ss'Z'}" +
          "{1:yyyy'-'MM'-'dd'T'HH':'mm':'ss'Z'}" +
          "";
  //kavi-start
  // WS-Security SecExt 1.0 Namespace (and the namespace prefix we will use
  // for it).
  /** The Constant WSSecuritySecExt10NamespacePrefix. */
  //protected static final String WSSecuritySecExt10NamespacePrefix = "wsse";

  /** The Constant WSSecuritySecExt10Namespace. */
  //protected static final String WSSecuritySecExt10Namespace =
  //	"http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd";

  // WS-Addressing 1.0 Namespace (and the namespace prefix we will use for
  // it).


  /** The Constant WSAddressing10NamespacePrefix. */
  //protected static final String WSAddressing10NamespacePrefix = "wsa";

  /** The Constant WSAddressing10Namespace. */
  //protected static final String WSAddressing10Namespace =
  //	"http://www.w3.org/2005/08/addressing";

  //kavi end

  // The WS-Addressing headers format string to use for adding the
  // WS-Addressing headers.
  // Fill-Ins: %s = Web method name; %s = EWS URL
  /**
   * The Constant WsAddressingHeadersFormat.
   */
  protected static final String wsAddressingHeadersFormat =
      "http://schemas.microsoft.com/exchange/services/2006/messages/%s"
          +
          "http://www.w3.org/2005/08/addressing/anonymous" +
          "" +
          "%s";

  // The WS-Security header format string to use for adding the WS-Security
  // header.
  // Fill-Ins:
  // %s = EncryptedData block (the token)
  /**
   * The Constant WsSecurityHeaderFormat.
   */
  protected static final String wsSecurityHeaderFormat =
      "" +
          "  %s" + // EncryptedData (token)
          "";

  private boolean addTimestamp;

  // / Path suffix for WS-Security endpoint.
  /**
   * The Constant WsSecurityPathSuffix.
   */
  protected static final String wsSecurityPathSuffix = "/wssecurity";

  /**
   * Initializes a new instance of the WSSecurityBasedCredentials class.
   */
  protected WSSecurityBasedCredentials() {
  }

  /**
   * Initializes a new instance of the WSSecurityBasedCredentials class.
   *
   * @param securityToken The security token.
   */
  protected WSSecurityBasedCredentials(String securityToken) {
    this.securityToken = securityToken;
  }

  /**
   * Initializes a new instance of the WSSecurityBasedCredentials class.
   *
   * @param securityToken The security token.
   * @param addTimestamp  Timestamp should be added.
   */
  protected WSSecurityBasedCredentials(String securityToken, boolean addTimestamp) {
    this.securityToken = securityToken;
    this.addTimestamp = addTimestamp;
  }

  /**
   * This method is called to pre-authenticate credential before a service
   * request is made.
   */
  @Override public void preAuthenticate() {
    // Nothing special to do here.
  }

  /**
   * Emit the extra namespace aliases used for WS-Security and WS-Addressing.
   *
   * @param writer the writer
   * @throws XMLStreamException the XML stream exception
   */
  @Override public void emitExtraSoapHeaderNamespaceAliases(XMLStreamWriter writer)
      throws XMLStreamException {
    writer.writeAttribute(
        "xmlns",
        "",
        EwsUtilities.WSSecuritySecExtNamespacePrefix,
        EwsUtilities.WSSecuritySecExtNamespace);
    writer.writeAttribute(
        "xmlns",
        "",
        EwsUtilities.WSAddressingNamespacePrefix,
        EwsUtilities.WSAddressingNamespace);
  }

  /**
   * Serialize the WS-Security and WS-Addressing SOAP headers.
   *
   * @param writer the writer
   * @param webMethodName the Web method being called
   * @throws XMLStreamException the XML stream exception
   */
  @Override public void serializeExtraSoapHeaders(XMLStreamWriter writer, String webMethodName) throws XMLStreamException {
    this.serializeWSAddressingHeaders(writer, webMethodName);
    this.serializeWSSecurityHeaders(writer);
  }

  /**
   * Creates the WS-Addressing headers necessary to send with an outgoing request.
   *
   * @param xmlWriter the XML writer to serialize the headers to
   * @param webMethodName the Web method being called
   * @throws XMLStreamException the XML stream exception
   */
  private void serializeWSAddressingHeaders(XMLStreamWriter xmlWriter,
      String webMethodName) throws XMLStreamException {
    EwsUtilities.ewsAssert(webMethodName != null,
        "WSSecurityBasedCredentials.SerializeWSAddressingHeaders",
        "Web method name cannot be null!");

    EwsUtilities.ewsAssert(this.ewsUrl != null,
        "WSSecurityBasedCredentials.SerializeWSAddressingHeaders",
        "EWS Url cannot be null!");

    // Format the WS-Addressing headers.
    String wsAddressingHeaders = String.format(
        WSSecurityBasedCredentials.wsAddressingHeadersFormat,
        webMethodName, this.ewsUrl);

    // And write them out...
    xmlWriter.writeCharacters(wsAddressingHeaders);
  }

  /**
   * Creates the WS-Security header necessary to send with an outgoing request.
   *
   * @param xmlWriter The XML writer to serialize the headers to
   * @throws XMLStreamException the XML stream exception
   */
  @Override public void serializeWSSecurityHeaders(XMLStreamWriter xmlWriter)
      throws XMLStreamException {
    EwsUtilities.ewsAssert(this.securityToken != null,
        "WSSecurityBasedCredentials.SerializeWSSecurityHeaders",
        "Security token cannot be null!");

    // 
    //   2007-09-20T01:13:10.468Z
    //   2007-09-20T01:18:10.468Z
    // 
    //
    String timestamp = null;
    if (this.addTimestamp) {
      Calendar utcNow = Calendar.getInstance();
      utcNow.add(Calendar.MINUTE, 5);
      timestamp = String.format(WSSecurityBasedCredentials.wsuTimeStampFormat, utcNow, utcNow);

    }

    // Format the WS-Security header based on all the information we have.
    String wsSecurityHeader = String.format(
        WSSecurityBasedCredentials.wsSecurityHeaderFormat,
        timestamp + this.securityToken);

    // And write the header out...
    xmlWriter.writeCharacters(wsSecurityHeader);
  }

  /**
   * Adjusts the URL based on the credential.
   *
   * @param url The URL.
   * @return Adjust URL.
   * @throws java.net.URISyntaxException the uRI syntax exception
   */
  @Override public URI adjustUrl(URI url) throws URISyntaxException {
    return new URI(getUriWithoutWSSecurity(url) + WSSecurityBasedCredentials.wsSecurityPathSuffix);
  }

  /**
   * Gets the security token.
   */
  protected String getSecurityToken() {
    return this.securityToken;
  }

  /**
   * Sets the security token.
   */
  protected void setSecurityToken(String value) {
    securityToken = value;
  }

  /**
   * Gets the EWS URL.
   */
  protected URI getEwsUrl() {
    return this.ewsUrl;
  }

  /**
   * Sets the EWS URL.
   */
  protected void setEwsUrl(URI value) {
    ewsUrl = value;
  }
}




© 2015 - 2024 Weber Informatics LLC | Privacy Policy