All Downloads are FREE. Search and download functionalities are using the official Maven repository.

org.apache.cxf.xkms.service.XKMSService Maven / Gradle / Ivy

The newest version!
/**
 * Licensed to the Apache Software Foundation (ASF) under one
 * or more contributor license agreements. See the NOTICE file
 * distributed with this work for additional information
 * regarding copyright ownership. The ASF licenses this file
 * to you under the Apache License, Version 2.0 (the
 * "License"); you may not use this file except in compliance
 * with the License. You may obtain a copy of the License at
 *
 * http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing,
 * software distributed under the License is distributed on an
 * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
 * KIND, either express or implied. See the License for the
 * specific language governing permissions and limitations
 * under the License.
 */

package org.apache.cxf.xkms.service;

import java.util.ArrayList;
import java.util.List;
import java.util.logging.Level;
import java.util.logging.Logger;

import org.apache.cxf.common.logging.LogUtils;
import org.apache.cxf.xkms.exception.ExceptionMapper;
import org.apache.cxf.xkms.handlers.Locator;
import org.apache.cxf.xkms.handlers.Register;
import org.apache.cxf.xkms.handlers.Validator;
import org.apache.cxf.xkms.handlers.XKMSConstants;
import org.apache.cxf.xkms.model.xkms.CompoundRequestType;
import org.apache.cxf.xkms.model.xkms.CompoundResultType;
import org.apache.cxf.xkms.model.xkms.KeyBindingAbstractType;
import org.apache.cxf.xkms.model.xkms.KeyBindingEnum;
import org.apache.cxf.xkms.model.xkms.KeyBindingType;
import org.apache.cxf.xkms.model.xkms.KeyUsageEnum;
import org.apache.cxf.xkms.model.xkms.LocateRequestType;
import org.apache.cxf.xkms.model.xkms.LocateResultType;
import org.apache.cxf.xkms.model.xkms.MessageAbstractType;
import org.apache.cxf.xkms.model.xkms.PendingRequestType;
import org.apache.cxf.xkms.model.xkms.RecoverRequestType;
import org.apache.cxf.xkms.model.xkms.RecoverResultType;
import org.apache.cxf.xkms.model.xkms.RegisterRequestType;
import org.apache.cxf.xkms.model.xkms.RegisterResultType;
import org.apache.cxf.xkms.model.xkms.ReissueRequestType;
import org.apache.cxf.xkms.model.xkms.ReissueResultType;
import org.apache.cxf.xkms.model.xkms.ResultMinorEnum;
import org.apache.cxf.xkms.model.xkms.ResultType;
import org.apache.cxf.xkms.model.xkms.RevokeRequestType;
import org.apache.cxf.xkms.model.xkms.RevokeResultType;
import org.apache.cxf.xkms.model.xkms.StatusRequestType;
import org.apache.cxf.xkms.model.xkms.StatusResultType;
import org.apache.cxf.xkms.model.xkms.StatusType;
import org.apache.cxf.xkms.model.xkms.UnverifiedKeyBindingType;
import org.apache.cxf.xkms.model.xkms.ValidateRequestType;
import org.apache.cxf.xkms.model.xkms.ValidateResultType;
import org.w3._2002._03.xkms_wsdl.XKMSPortType;

public class XKMSService implements XKMSPortType {

    protected static final Logger LOG = LogUtils.getL7dLogger(XKMSService.class);

    private String serviceName = XKMSConstants.XKMS_ENDPOINT_NAME;
    private List locators = new ArrayList<>();
    private List validators = new ArrayList<>();
    private List keyRegisterHandlers = new ArrayList<>();
    private boolean enableXKRSS = true;
    private boolean logExceptions;

    @Override
    public ReissueResultType reissue(ReissueRequestType request) {
        ReissueResultType response = XKMSResponseFactory.createResponse(request, new ReissueResultType());
        try {
            assertXKRSSAllowed();
            validateRequest(request);
            for (Register handler : keyRegisterHandlers) {
                if (handler.canProcess(request)) {
                    return handler.reissue(request, response);
                }
            }
            throw new UnsupportedOperationException("Service was unable to handle your request");
        } catch (Exception e) {
            return handleException("reissue", e, response);
        }
    }


    @Override
    public CompoundResultType compound(CompoundRequestType request) {
        validateRequest(request);

        RuntimeException ex = new UnsupportedOperationException("XKMS compound request is currently not supported");
        CompoundResultType response = XKMSResponseFactory.createResponse(request, new CompoundResultType());
        return handleException("compound", ex, response);
    }

    @Override
    public RegisterResultType register(RegisterRequestType request) {
        RegisterResultType response = XKMSResponseFactory.createResponse(request, new RegisterResultType());
        try {
            assertXKRSSAllowed();
            validateRequest(request);

            for (Register handler : keyRegisterHandlers) {
                if (handler.canProcess(request)) {
                    return handler.register(request, response);
                }
            }
            throw new UnsupportedOperationException("Service was unable to handle your request");
        } catch (Exception e) {
            return handleException("register", e, response);
        }
    }

    @Override
    public ResultType pending(PendingRequestType request) {
        validateRequest(request);

        return ExceptionMapper.toResponse(new UnsupportedOperationException("XKMS request is currently not supported"),
                XKMSResponseFactory.createResponse(request, new ResultType()));
    }

    @Override
    public RevokeResultType revoke(RevokeRequestType request) {
        RevokeResultType response = XKMSResponseFactory.createResponse(request, new RevokeResultType());
        try {
            assertXKRSSAllowed();
            validateRequest(request);
            for (Register handler : keyRegisterHandlers) {
                if (handler.canProcess(request)) {
                    return handler.revoke(request, response);
                }
            }
            throw new UnsupportedOperationException("Service was unable to handle your request");
        } catch (Exception e) {
            return handleException("revoke", e, response);
        }
    }

    @Override
    public LocateResultType locate(LocateRequestType request) {
        LocateResultType response = XKMSResponseFactory.createResponse(request, new LocateResultType());
        try {
            validateRequest(request);
            // Search
            for (Locator locator : locators) {
                UnverifiedKeyBindingType keyBinding = locator.locate(request);
                if (keyBinding != null) {
                    response.getUnverifiedKeyBinding().add(keyBinding);
                    return response;
                }
            }
            // No matches found
            response.setResultMinor(ResultMinorEnum.HTTP_WWW_W_3_ORG_2002_03_XKMS_NO_MATCH.value());
            return response;
        } catch (Exception e) {
            return handleException("locate", e, response);
        }
    }

    @Override
    public RecoverResultType recover(RecoverRequestType request) {
        RecoverResultType response = XKMSResponseFactory.createResponse(request, new RecoverResultType());
        try {
            assertXKRSSAllowed();
            validateRequest(request);
            for (Register handler : keyRegisterHandlers) {
                if (handler.canProcess(request)) {
                    return handler.recover(request, response);
                }
            }
            throw new UnsupportedOperationException("Service was unable to handle your request");
        } catch (Exception e) {
            return handleException("recover", e, response);
        }
    }

    @Override
    public StatusResultType status(StatusRequestType request) {
        validateRequest(request);

        return ExceptionMapper.toResponse(new UnsupportedOperationException("XKMS request is currently not supported"),
                XKMSResponseFactory.createResponse(request, new StatusResultType()));
    }

    @Override
    public ValidateResultType validate(ValidateRequestType request) {
        ValidateResultType response = XKMSResponseFactory.createResponse(request, new ValidateResultType());
        try {
            validateRequest(request);

            // Create basic response
            KeyBindingType binding = createKeyBinding(response);

            // Validate request
            for (Validator validator : validators) {
                StatusType status = validator.validate(request);
                addValidationReasons(binding, status);
            }

            resolveValidationStatus(binding);
            return response;
        } catch (Exception e) {
            return handleException("recover", e, response);
        }
    }

    private  T handleException(String method, Exception e, T response) {
        if (logExceptions) {
            LOG.log(Level.SEVERE, "Error during " + method + ": " + e.getMessage(), e);
        }
        return ExceptionMapper.toResponse(e, response);
    }

    /**
     * Performs basic validations on request message to ensure XKMS standard is applied correctly.
     *
     * The following validations are performed: 1) Check if a request ID is set 2) Check if service name equals this
     * XKMS service instance
     *
     * @param request XKMS request
     */
    private void validateRequest(MessageAbstractType request) {
        // Check if ID is set
        if (request.getId() == null || request.getId().isEmpty()) {
            throw new IllegalArgumentException("Message Id is not set");
        }
        // Check if Service matches this instance
        if (!serviceName.equals(request.getService())) {
            throw new IllegalArgumentException("Service " + request.getService()
                                               + " is not responsible to process request");
        }
    }

    // TODO refactoring into factory class?
    public static KeyBindingType createKeyBinding(ValidateResultType result) {
        KeyBindingType binding = new KeyBindingType();
        binding.setId(XKMSResponseFactory.generateUniqueID());
        result.getKeyBinding().add(binding);

        StatusType status = new StatusType();
        binding.setStatus(status);

        return binding;
    }

    private void addValidationReasons(KeyBindingType binding, StatusType status) {
        StatusType resultStatus = binding.getStatus();
        resultStatus.getValidReason().addAll(status.getValidReason());
        resultStatus.getInvalidReason().addAll(status.getInvalidReason());
        resultStatus.getIndeterminateReason().addAll(status.getIndeterminateReason());
    }

    public void setServiceName(String serviceName) {
        this.serviceName = serviceName;
    }

    public void setLocators(List locators) {
        this.locators = locators;
    }

    public void setValidators(List validators) {
        this.validators = validators;
    }

    public void setKeyRegisterHandlers(List keyRegisterHandlers) {
        this.keyRegisterHandlers = keyRegisterHandlers;
    }

    /**
     * http://www.w3.org/TR/xkms2/#XKMS_2_0_Section_4_1 [206]
     *
     * If no (or indeterminate) reasons are present total status is INDETERMINATE.
     * If no invalid and indeterminate reasons are present status is VALID.
     * If invalid reasons are present status is INVALID.
     *
     * @param binding KeyBinding to check validation reasons for
     */
    private void resolveValidationStatus(KeyBindingType binding) {
        StatusType status = binding.getStatus();
        status.setStatusValue(KeyBindingEnum.HTTP_WWW_W_3_ORG_2002_03_XKMS_INDETERMINATE);
        if (!status.getValidReason().isEmpty() && status.getIndeterminateReason().isEmpty()) {
            status.setStatusValue(KeyBindingEnum.HTTP_WWW_W_3_ORG_2002_03_XKMS_VALID);
        }
        if (!status.getInvalidReason().isEmpty()) {
            status.setStatusValue(KeyBindingEnum.HTTP_WWW_W_3_ORG_2002_03_XKMS_INVALID);
            // Only return invalid reasons
            status.getValidReason().clear();
        }
    }

    /**
     * Sets encryption, signature and exchange as key usage for provided keyBinding.
     *
     * @param keyBinding KeyBinding to set KeyUsage within
     */
    protected void setKeyUsageAll(KeyBindingAbstractType keyBinding) {
        keyBinding.getKeyUsage().add(KeyUsageEnum.HTTP_WWW_W_3_ORG_2002_03_XKMS_ENCRYPTION);
        keyBinding.getKeyUsage().add(KeyUsageEnum.HTTP_WWW_W_3_ORG_2002_03_XKMS_SIGNATURE);
        keyBinding.getKeyUsage().add(KeyUsageEnum.HTTP_WWW_W_3_ORG_2002_03_XKMS_EXCHANGE);
    }

    public void setEnableXKRSS(boolean enableXKRSS) {
        this.enableXKRSS = enableXKRSS;
        LOG.info("enableXKRSS:" + enableXKRSS);
    }

    public void setLogExceptions(boolean logExceptions) {
        this.logExceptions = logExceptions;
    }

    private void assertXKRSSAllowed() {
        if (!enableXKRSS) {
            throw new UnsupportedOperationException("XKRSS Operations are disabled");
        }
    }
}





© 2015 - 2025 Weber Informatics LLC | Privacy Policy