Package org.apache.rahas

Examples of org.apache.rahas.Token


        OMElement tokenTypeElem = TrustUtil.createTokenTypeElement(version, rst);
        tokenTypeElem.setText(tokenType);
       
        TokenStorage store = TrustUtil.getTokenStore(configCtx);
       
        Token token = store.getToken(tokenId);
       
        if ( token != null) {
           
            OMElement str = token.getUnattachedReference();    
           
            if (str == null) {
                str = token.getAttachedReference();
            }
           
            TrustUtil.createRenewTargetElement(this.version, rst,str);
           
           
View Full Code Here


        // Create Status element
        OMElement statusElement = createMessageElement(wstVersion,
                rstrElem, RahasConstants.LocalNames.STATUS);

        // Obtain the token
        Token tk = tkStorage.getToken(data.getTokenId());

        // create the crypto object
        PublicKey issuerPBKey = getIssuerPublicKey(inMsgCtx);

        boolean valid = isValid(tk, issuerPBKey);
View Full Code Here

        }

        // Cancel the token
        MessageContext inMsgCtx = data.getInMessageContext();
        TokenStorage tokenStore = TrustUtil.getTokenStore(inMsgCtx);
        Token token = tokenStore.getToken(tokenId);
        if (token == null) {
            throw new TrustException("tokenNotFound", new String[]{tokenId});
        }
        token.setState(Token.CANCELLED);
        tokenStore.update(token);

        // Create the response SOAP Envelope
        SOAPEnvelope responseEnv =
                TrustUtil.
View Full Code Here

            // Create the RequestedSecurityToken element and add the SAML token
            // to it
            OMElement reqSecTokenElem = TrustUtil
                    .createRequestedSecurityTokenElement(wstVersion, rstrElem);
            Token assertionToken;
            try {
                Node tempNode = assertion.toDOM();
                reqSecTokenElem.addChild((OMNode) ((Element) rstrElem)
                        .getOwnerDocument().importNode(tempNode, true));

                // Store the token
                assertionToken = new Token(assertion.getId(),
                        (OMElement) assertion.toDOM(), creationTime,
                        expirationTime);

                // At this point we definitely have the secret
                // Otherwise it should fail with an exception earlier
                assertionToken.setSecret(data.getEphmeralKey());
                TrustUtil.getTokenStore(inMsgCtx).add(assertionToken);

            } catch (SAMLException e) {
                throw new TrustException("samlConverstionError", e);
            }
View Full Code Here

                }
                //Store the token
                try {
                    TokenStorage store = rmd.getTokenStorage();
                    if (store.getToken(samlAssertionHandler.getAssertionId()) == null) {
                        Token token = new Token(samlAssertionHandler.getAssertionId(),
                                samlAssertionHandler.getAssertionElement(),
                                samlAssertionHandler.getDateNotBefore(),
                                samlAssertionHandler.getDateNotOnOrAfter());

                        token.setSecret(samlAssertionHandler.
                                getAssertionKeyInfoSecret(signatureCrypto, tokenCallbackHandler));
                        store.add(token);
                    }
                } catch (Exception e) {
                    throw new RampartException(
View Full Code Here

                String id = pc.getIdentifier();
               
                if((pc.getUsage() == WSPasswordCallback.SECURITY_CONTEXT_TOKEN ||
                        pc.getUsage() == WSPasswordCallback.CUSTOM_TOKEN) &&
                        this.store != null) {
                    Token tok;
                    try {
                        //Pick up the token from the token store
                        tok = this.store.getToken(id);
                        if(tok != null) {
                            //Get the secret and set it in the callback object
                            pc.setKey(tok.getSecret());
                            pc.setCustomToken((Element)tok.getToken());
                        }
                    } catch (Exception e) {
                        e.printStackTrace();
                        throw new IOException(e.getMessage());
                    }
                } else if (pc.getUsage() == WSPasswordCallback.SECRET_KEY){
                  try {

                        String[] tokenIdentifiers = this.store.getTokenIdentifiers();
                  Token tok;

                  for (int j = 0 ; j < tokenIdentifiers.length ; j++) {
                   
                      tok = this.store.getToken(tokenIdentifiers[j]);
                     
                      if (tok instanceof EncryptedKeyToken &&
                          ((EncryptedKeyToken)tok).getSHA1().equals(id)){                       
                          pc.setKey(tok.getSecret());
                          pc.setCustomToken((Element)tok.getToken());

                                    tokenIdentifier = tokenIdentifiers[j];
                      }
                  }
                 
View Full Code Here

        Date creationTime = new Date();
        Date expirationTime = new Date();
       
        expirationTime.setTime(creationTime.getTime() + 300000);
       
        Token token = new Token(sct.getIdentifier(), (OMElement)sct.getElement(), creationTime, expirationTime);
        token.setSecret(encrKeyBuilder.getEphemeralKey());
       
        config.getTokenStore().add(token);
       
        SOAPEnvelope env = config.getMsgCtx().getEnvelope();
View Full Code Here

        Document doc = config.getDocument();

        WSSecHeader secHeader = new WSSecHeader();
        secHeader.insertSecurityHeader(doc);

        Token tempToken = config.getTokenStore().getToken(
                config.getContextIdentifier());
        byte[] tempSecret = tempToken.getSecret();

        SecurityContextToken sct = new SecurityContextToken((Element) doc
                .importNode((Element) tempToken.getToken(), true));

        // Derived key encryption
        WSSecDKEncrypt encrBuilder = new WSSecDKEncrypt();
        encrBuilder.setSymmetricEncAlgorithm(WSConstants.AES_128);
        OMElement attachedReference = tempToken.getAttachedReference();
        if(attachedReference != null) {
            encrBuilder.setExternalKey(tempSecret, (Element) doc.importNode(
                    (Element) attachedReference, true));
        } else {
            String tokenId = sct.getID();
View Full Code Here

                    rstr.getFirstChildWithName(new QName(RahasConstants.WST_NS_05_12,
                                                         RahasConstants.IssuanceBindingLocalNames.
                                                                 REQUESTED_SECURITY_TOKEN));
            ns = RahasConstants.WST_NS_05_12;
        }
        Token token = null;
        if (rstElem != null) {
            OMElement sctElem = rstElem.getFirstElement();
            if (sctElem != null) {
                SecurityContextToken sct = new SecurityContextToken(
                        (Element) sctElem);
                token = new Token(sct.getIdentifier(), sctElem, rstr
                        .getFirstChildWithName(new QName(ns,
                                                         RahasConstants.IssuanceBindingLocalNames.
                                                                 LIFETIME)));
                resgisterContext(sct.getIdentifier(), config);
            } else {
                throw new RampartException("sctMissingInResponse");
            }
        } else {
            throw new TrustException("reqestedSecTokMissing");
        }

        // Process RequestedProofToken and extract the secret
        byte[] secret = null;
        OMElement rpt = rstr.getFirstChildWithName(new QName(ns,
                                                             RahasConstants.LocalNames.
                                                                     REQUESTED_PROOF_TOKEN));
        if (rpt != null) {
            OMElement elem = rpt.getFirstElement();

            if (WSConstants.ENC_KEY_LN.equals(elem.getLocalName())
                && WSConstants.ENC_NS.equals(elem.getNamespace().getNamespaceURI())) {
                // Handle the xenc:EncryptedKey case
                EncryptedKeyProcessor processor = new EncryptedKeyProcessor();
                processor.handleToken((Element) elem, null, Util
                        .getCryptoInstace(config),
                                      getCallbackHandlerInstance(config), null, new Vector(),
                                      null);
                secret = processor.getDecryptedBytes();
            } else if (RahasConstants.LocalNames.BINARY_SECRET.equals(elem.getLocalName()) &&
                       RahasConstants.WST_NS_05_02.equals(elem.getNamespace().getNamespaceURI()))
            {
                // Handle the wst:BinarySecret case
                secret = Base64.decode(elem.getText());
            } else {
                throw new TrustException("notSupported", new String[]{"{"
                                                                      + elem.getNamespace().getNamespaceURI() + "}"
                                                                      + elem.getLocalName()});
            }
        } else {
            throw new TrustException("rptMissing");
        }

        // Check for attached ref
        OMElement reqAttElem =
                rstr.getFirstChildWithName(new QName(RahasConstants.WST_NS_05_02,
                                                     RahasConstants.IssuanceBindingLocalNames.
                                                             REQUESTED_ATTACHED_REFERENCE));
        OMElement reqAttRef = reqAttElem == null ? null : reqAttElem
                .getFirstElement();

        OMElement reqUnattElem =
                rstr.getFirstChildWithName(new QName(RahasConstants.WST_NS_05_02,
                                                     RahasConstants.IssuanceBindingLocalNames.
                                                             REQUESTED_UNATTACHED_REFERENCE));
        OMElement reqUnattRef = reqUnattElem == null ? null : reqUnattElem
                .getFirstElement();

        token.setAttachedReference(reqAttRef);
        token.setUnattachedReference(reqUnattRef);
        token.setSecret(secret);
        config.getTokenStore().add(token);
    }
View Full Code Here

        OMElement lifeTimeEle =
                rstr.getFirstChildWithName(new QName(ns,
                                                     RahasConstants.IssuanceBindingLocalNames.
                                                             LIFETIME));

        Token token = new Token(id, tokenElem, lifeTimeEle);
        token.setAttachedReference(reqAttRef);
        token.setUnattachedReference(reqUnattRef);

        //Handle proof token
        OMElement rpt =
                rstr.getFirstChildWithName(new QName(ns,
                                                     RahasConstants.LocalNames.
                                                             REQUESTED_PROOF_TOKEN));

        byte[] secret = null;

        if (rpt != null) {
            OMElement child = rpt.getFirstElement();
            if (child == null) {
                throw new TrustException("invalidRPT");
            }
            if (child.getQName().equals(new QName(ns,
                                                  RahasConstants.LocalNames.
                                                          BINARY_SECRET))) {
                //First check for the binary secret
                String b64Secret = child.getText();
                secret = Base64.decode(b64Secret);
            } else if (child.getQName().equals(new QName(ns, WSConstants.ENC_KEY_LN))) {
                try {
                    Element domChild = (Element) new StAXOMBuilder(
                            DOOMAbstractFactory.getOMFactory(), child
                            .getXMLStreamReader()).getDocumentElement();

                    EncryptedKeyProcessor processor = new EncryptedKeyProcessor();

                    processor.handleToken(domChild, null, this.crypto,
                                          this.cbHandler, null, new Vector(),
                                          null);

                    secret = processor.getDecryptedBytes();
                } catch (WSSecurityException e) {
                    throw new TrustException("errorInProcessingEncryptedKey", e);
                }
            } else if (child.getQName().equals(new QName(ns,
                                                         RahasConstants.IssuanceBindingLocalNames.
                                                                 COMPUTED_KEY))) {
                //Handle the computed key

                //Get service entropy
                OMElement serviceEntrElem = rstr
                        .getFirstChildWithName(new QName(ns,
                                                         RahasConstants.IssuanceBindingLocalNames.
                                                                 ENTROPY));

                OMElement binSecElem = serviceEntrElem.getFirstElement();

                if (binSecElem != null && binSecElem.getText() != null
                    && !"".equals(binSecElem.getText().trim())) {

                    byte[] serviceEntr = Base64.decode(binSecElem.getText());

                    //Right now we only use PSHA1 as the computed key algo                   
                    P_SHA1 p_sha1 = new P_SHA1();

                    int length = (this.keySize > 0) ? keySize
                                 : this.algorithmSuite
                            .getMaximumSymmetricKeyLength();
                    try {
                        secret = p_sha1.createKey(this.requestorEntropy, serviceEntr, 0, length/8);
                    } catch (ConversationException e) {
                        throw new TrustException("keyDerivationError", e);
                    }
                } else {
                    //Service entropy missing
                    throw new TrustException("serviceEntropyMissing");
                }
            }

        } else {
            if (this.requestorEntropy != null) {
                //Use requestor entropy as the key
                secret = this.requestorEntropy;
            }
        }
        token.setSecret(secret);
        return token;
    }
View Full Code Here

TOP

Related Classes of org.apache.rahas.Token

Copyright © 2018 www.massapicom. All rights reserved.
All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.