org.apache.rahas.impl.TokenCancelerImpl Maven / Gradle / Ivy
/*
* Copyright 2004,2005 The Apache Software Foundation.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.apache.rahas.impl;
import org.apache.rahas.TokenCanceler;
import org.apache.rahas.RahasData;
import org.apache.rahas.TrustException;
import org.apache.rahas.TrustUtil;
import org.apache.rahas.RahasConstants;
import org.apache.rahas.TokenStorage;
import org.apache.rahas.Token;
import org.apache.ws.security.WSConstants;
import org.apache.ws.security.message.token.Reference;
import org.apache.ws.security.message.token.SecurityTokenReference;
import org.apache.axiom.soap.SOAPEnvelope;
import org.apache.axiom.om.OMElement;
import org.apache.axiom.om.OMAttribute;
import org.apache.axis2.description.Parameter;
import org.apache.axis2.context.MessageContext;
import javax.xml.namespace.QName;
/**
*
*/
public class TokenCancelerImpl implements TokenCanceler {
private String configFile;
private OMElement configElement;
private String configParamName;
/**
* Cancel the token specified in the request.
*
* @param data A populated RahasData instance
* @return Response SOAPEnveloper
* @throws org.apache.rahas.TrustException
*
*/
public SOAPEnvelope cancel(RahasData data) throws TrustException {
TokenCancelerConfig config = null;
if (this.configElement != null) {
config = TokenCancelerConfig.load(configElement.
getFirstChildWithName(SCTIssuerConfig.SCT_ISSUER_CONFIG));
}
// Look for the file
if (config == null && this.configFile != null) {
config = TokenCancelerConfig.load(this.configFile);
}
// Look for the param
if (config == null && this.configParamName != null) {
Parameter param = data.getInMessageContext().getParameter(this.configParamName);
if (param != null && param.getParameterElement() != null) {
config = TokenCancelerConfig.load(param.getParameterElement()
.getFirstChildWithName(SCTIssuerConfig.SCT_ISSUER_CONFIG));
} else {
throw new TrustException("expectedParameterMissing",
new String[]{this.configParamName});
}
}
if (config == null) {
throw new TrustException("missingConfiguration",
new String[]{SCTIssuerConfig.SCT_ISSUER_CONFIG
.getLocalPart()});
}
OMElement rstEle = data.getRstElement();
QName cancelTagetQName = new QName(data.getWstNs(), RahasConstants.CancelBindingLocalNames.CANCEL_TARGET);
OMElement cancelTargetEle = rstEle.getFirstChildWithName(cancelTagetQName);
if (cancelTargetEle == null) {
throw new TrustException("requiredElementNotFound",
new String[]{cancelTagetQName.toString()});
}
OMElement secTokenRefEle = cancelTargetEle
.getFirstChildWithName(new QName(WSConstants.WSSE_NS,
SecurityTokenReference.SECURITY_TOKEN_REFERENCE));
String tokenId;
if (secTokenRefEle != null) {
/*
*/
OMElement referenceEle = secTokenRefEle.getFirstChildWithName(Reference.TOKEN);
if (referenceEle != null) {
OMAttribute uri = referenceEle.getAttribute(new QName(
RahasConstants.CancelBindingLocalNames.URI));
if (uri != null) {
tokenId = uri.getAttributeValue();
if (tokenId.charAt(0) == '#') {
tokenId = tokenId.substring(1);
}
} else {
throw new TrustException("cannotDetermineTokenId");
}
} else {
throw new TrustException("cannotDetermineTokenId");
}
} else {
// TODO: we need to handle situation where the token itself is contained within the
// TODO: element
throw new TrustException("cannotDetermineTokenId");
}
// Cancel the token
MessageContext inMsgCtx = data.getInMessageContext();
TokenStorage tokenStore = TrustUtil.getTokenStore(inMsgCtx);
Token token = tokenStore.getToken(tokenId);
if (token == null) {
throw new TrustException("tokenNotFound", new String[]{tokenId});
}
token.setState(Token.CANCELLED);
tokenStore.update(token);
// Create the response SOAP Envelope
SOAPEnvelope responseEnv =
TrustUtil.
createSOAPEnvelope(inMsgCtx.getEnvelope().getNamespace().getNamespaceURI());
OMElement rstrElem;
int version = data.getVersion();
if (RahasConstants.VERSION_05_02 == version) {
rstrElem = TrustUtil
.createRequestSecurityTokenResponseElement(version, responseEnv.getBody());
} else {
OMElement rstrcElem = TrustUtil
.createRequestSecurityTokenResponseCollectionElement(
version, responseEnv.getBody());
rstrElem = TrustUtil.createRequestSecurityTokenResponseElement(version, rstrcElem);
}
TrustUtil.createRequestedTokenCanceledElement(version, rstrElem);
return responseEnv;
}
/**
* Set the configuration file of this TokenCanceller.
*
* This is the text value of the <configuration-file> element of the
* token-dispatcher-configuration
*
* @param configFile
*/
public void setConfigurationFile(String configFile) {
this.configFile = configFile;
}
/**
* Set the configuration element of this TokenCanceller.
*
* This is the <configuration> element of the
* token-dispatcher-configuration
*
* @param configElement OMElement representing the configuation
*/
public void setConfigurationElement(OMElement configElement) {
this.configElement = configElement;
}
/**
* Set the name of the configuration parameter.
*
* If this is used then there must be a
* org.apache.axis2.description.Parameter object available in
* the via the messageContext when the TokenIssuer is called.
*
* @param configParamName
* @see org.apache.axis2.description.Parameter
*/
public void setConfigurationParamName(String configParamName) {
this.configParamName = configParamName;
}
/**
* Returns the wsa:Action of the response.
*
* @param data A populated RahasData instance
* @return Returns the wsa:Action of the response
* @throws org.apache.rahas.TrustException
*
*/
public String getResponseAction(RahasData data) throws TrustException {
return TrustUtil.getActionValue(data.getVersion(), RahasConstants.RSTR_ACTION_CANCEL);
}
}