cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From cohei...@apache.org
Subject git commit: Removing file from source
Date Fri, 20 Jun 2014 16:15:28 GMT
Repository: cxf-fediz
Updated Branches:
  refs/heads/master 08af52b6f -> 785697e87


Removing file from source


Project: http://git-wip-us.apache.org/repos/asf/cxf-fediz/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf-fediz/commit/785697e8
Tree: http://git-wip-us.apache.org/repos/asf/cxf-fediz/tree/785697e8
Diff: http://git-wip-us.apache.org/repos/asf/cxf-fediz/diff/785697e8

Branch: refs/heads/master
Commit: 785697e87bf46303568a23464534a58b4f20d392
Parents: 08af52b
Author: Colm O hEigeartaigh <coheigea@apache.org>
Authored: Fri Jun 20 17:15:02 2014 +0100
Committer: Colm O hEigeartaigh <coheigea@apache.org>
Committed: Fri Jun 20 17:15:02 2014 +0100

----------------------------------------------------------------------
 .../fediz/core/processor/SAMLProcessorImpl.java | 648 -------------------
 1 file changed, 648 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/785697e8/plugins/core/src/main/java/org/apache/cxf/fediz/core/processor/SAMLProcessorImpl.java
----------------------------------------------------------------------
diff --git a/plugins/core/src/main/java/org/apache/cxf/fediz/core/processor/SAMLProcessorImpl.java
b/plugins/core/src/main/java/org/apache/cxf/fediz/core/processor/SAMLProcessorImpl.java
deleted file mode 100644
index 6ebe954..0000000
--- a/plugins/core/src/main/java/org/apache/cxf/fediz/core/processor/SAMLProcessorImpl.java
+++ /dev/null
@@ -1,648 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-
-package org.apache.cxf.fediz.core.processor;
-
-import java.io.ByteArrayInputStream;
-import java.io.IOException;
-import java.net.MalformedURLException;
-import java.net.URL;
-import java.net.URLEncoder;
-import java.text.DateFormat;
-import java.text.ParseException;
-import java.util.ArrayList;
-import java.util.Date;
-import java.util.List;
-import java.util.UUID;
-
-import javax.security.auth.callback.Callback;
-import javax.security.auth.callback.CallbackHandler;
-import javax.security.auth.callback.UnsupportedCallbackException;
-import javax.servlet.http.HttpServletRequest;
-
-import org.w3c.dom.Document;
-import org.w3c.dom.Element;
-
-import org.apache.cxf.fediz.core.FederationConstants;
-import org.apache.cxf.fediz.core.TokenValidator;
-import org.apache.cxf.fediz.core.TokenValidatorRequest;
-import org.apache.cxf.fediz.core.TokenValidatorResponse;
-import org.apache.cxf.fediz.core.config.FederationProtocol;
-import org.apache.cxf.fediz.core.config.FedizContext;
-import org.apache.cxf.fediz.core.config.KeyManager;
-import org.apache.cxf.fediz.core.config.SAMLProtocol;
-import org.apache.cxf.fediz.core.exception.ProcessingException;
-import org.apache.cxf.fediz.core.exception.ProcessingException.TYPE;
-import org.apache.cxf.fediz.core.metadata.MetadataWriter;
-import org.apache.cxf.fediz.core.samlsso.AuthnRequestBuilder;
-import org.apache.cxf.fediz.core.samlsso.CompressionUtils;
-import org.apache.cxf.fediz.core.samlsso.DefaultAuthnRequestBuilder;
-import org.apache.cxf.fediz.core.spi.IDPCallback;
-import org.apache.cxf.fediz.core.util.DOMUtils;
-import org.apache.wss4j.common.ext.WSPasswordCallback;
-import org.apache.wss4j.common.ext.WSSecurityException;
-import org.apache.wss4j.common.saml.OpenSAMLUtil;
-import org.apache.wss4j.common.util.DOM2Writer;
-import org.apache.wss4j.dom.WSConstants;
-import org.apache.wss4j.dom.WSDataRef;
-import org.apache.wss4j.dom.WSDocInfo;
-import org.apache.wss4j.dom.WSSConfig;
-import org.apache.wss4j.dom.WSSecurityEngine;
-import org.apache.wss4j.dom.WSSecurityEngineResult;
-import org.apache.wss4j.dom.handler.RequestData;
-import org.apache.wss4j.dom.processor.EncryptedDataProcessor;
-import org.apache.wss4j.dom.processor.Processor;
-import org.apache.wss4j.dom.util.XmlSchemaDateFormat;
-import org.apache.xml.security.utils.Base64;
-import org.joda.time.DateTime;
-import org.opensaml.saml2.core.AuthnRequest;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-public class SAMLProcessorImpl implements FedizProcessor {
-
-    private static final Logger LOG = LoggerFactory.getLogger(SAMLProcessorImpl.class);
-
-    /**
-     * Default constructor
-     */
-    public SAMLProcessorImpl() {
-        super();
-    }
-
-    @Override
-    public FedizResponse processRequest(FedizRequest request,
-                                             FedizContext config)
-        throws ProcessingException {
-        
-        if (!(config.getProtocol() instanceof SAMLProtocol)) {
-            LOG.error("Unsupported protocol");
-            throw new IllegalStateException("Unsupported protocol");
-        }
-        FedizResponse response = null;
-        if (FederationConstants.ACTION_SIGNIN.equals(request.getWa())) {
-            response = this.processSignInRequest(request, config);
-        } else {
-            LOG.error("Invalid action '" + request.getWa() + "'");
-            throw new ProcessingException(TYPE.INVALID_REQUEST);
-        }
-        return response;
-    }
-    
-
-    public Document getMetaData(FedizContext config) throws ProcessingException {
-        return new MetadataWriter().getMetaData(config);
-    }
-    
-    protected FedizResponse processSignInRequest(
-            FedizRequest request, FedizContext config)
-        throws ProcessingException {
-        
-        byte[] wresult = request.getWresult().getBytes();
-
-        Document doc = null;
-        Element el = null;
-        try {
-            doc = DOMUtils.readXml(new ByteArrayInputStream(wresult));
-            el = doc.getDocumentElement();
-
-        } catch (Exception e) {
-            LOG.warn("Failed to parse wresult: " + e.getMessage());
-            throw new ProcessingException(TYPE.INVALID_REQUEST);
-        }
-
-        if ("RequestSecurityTokenResponseCollection".equals(el.getLocalName())) {
-            el = DOMUtils.getFirstElement(el);
-        }
-        if (!"RequestSecurityTokenResponse".equals(el.getLocalName())) {
-            LOG.warn("Unexpected root element of wresult: '" + el.getLocalName() + "'");
-            throw new ProcessingException(TYPE.INVALID_REQUEST);
-        }
-        el = DOMUtils.getFirstElement(el);
-        Element rst = null;
-        Element lifetimeElem = null;
-        String tt = null;
-
-        while (el != null) {
-            String ln = el.getLocalName();
-            if (FederationConstants.WS_TRUST_13_NS.equals(el.getNamespaceURI()) 
-                || FederationConstants.WS_TRUST_2005_02_NS.equals(el.getNamespaceURI()))
{
-                if ("Lifetime".equals(ln)) {
-                    lifetimeElem = el;
-                } else if ("RequestedSecurityToken".equals(ln)) {
-                    rst = DOMUtils.getFirstElement(el);
-                } else if ("TokenType".equals(ln)) {
-                    tt = DOMUtils.getContent(el);
-                }
-            }
-            el = DOMUtils.getNextElement(el);
-        }
-        if (LOG.isDebugEnabled()) {
-            LOG.debug("RST: " + ((rst != null) ? rst.toString() : "null"));
-            LOG.debug("Lifetime: "
-                    + ((lifetimeElem != null) ? lifetimeElem.toString()
-                            : "null"));
-            LOG.debug("Tokentype: " + ((tt != null) ? tt.toString() : "null"));
-        }
-        if (rst == null) {
-            LOG.warn("RequestedSecurityToken element not found in wresult");
-            throw new ProcessingException(TYPE.BAD_REQUEST);
-        }
-        LifeTime lifeTime = null;
-        if (lifetimeElem != null) {
-            lifeTime = processLifeTime(lifetimeElem);
-        }
-
-        if (config.isDetectExpiredTokens() && lifeTime != null) {
-            Date currentDate = new Date();
-            if (currentDate.after(lifeTime.getExpires())) {
-                LOG.warn("RSTR Lifetime expired");
-                throw new ProcessingException(TYPE.TOKEN_EXPIRED);
-            }
-            DateTime currentTime = new DateTime();
-            DateTime validFrom = new DateTime(lifeTime.created);
-            currentTime = currentTime.plusSeconds(config.getMaximumClockSkew().intValue());
-            if (validFrom.isAfter(currentTime)) {
-                LOG.debug("RSTR Lifetime not yet valid");
-                throw new ProcessingException(TYPE.TOKEN_INVALID);
-            }
-        }
-        
-        // Check to see if RST is encrypted
-        if ("EncryptedData".equals(rst.getLocalName())
-            && WSConstants.ENC_NS.equals(rst.getNamespaceURI())) {
-            Element decryptedRST = decryptEncryptedRST(rst, config);
-            if (decryptedRST != null) {
-                rst = decryptedRST;
-            }
-        }
-        
-        TokenValidatorResponse validatorResponse = null;
-        List<TokenValidator> validators = ((FederationProtocol)config.getProtocol()).getTokenValidators();
-        for (TokenValidator validator : validators) {
-            boolean canHandle = false;
-            if (tt != null) {
-                canHandle = validator.canHandleTokenType(tt);
-            } else {
-                canHandle = validator.canHandleToken(rst);
-            }
-            if (canHandle) {
-                try {
-                    TokenValidatorRequest validatorRequest = 
-                        new TokenValidatorRequest(rst, request.getCerts());
-                    validatorResponse = validator.validateAndProcessToken(validatorRequest,
config);
-                } catch (ProcessingException ex) {
-                    throw ex;
-                } catch (Exception ex) {
-                    LOG.warn("Failed to validate token", ex);
-                    throw new ProcessingException(TYPE.TOKEN_INVALID);
-                }
-                break;
-            } else {
-                LOG.warn("No security token validator found for '" + tt + "'");
-                throw new ProcessingException(TYPE.BAD_REQUEST);
-            }
-        }
-
-        // Check whether token already used for signin
-        if (validatorResponse.getUniqueTokenId() != null
-                && config.isDetectReplayedTokens()) {
-            // Check whether token has already been processed once, prevent
-            // replay attack
-            if (!config.getTokenReplayCache().contains(validatorResponse.getUniqueTokenId()))
{
-                // not cached
-                Date expires = null;
-                if (lifeTime != null && lifeTime.getExpires() != null) {
-                    expires = lifeTime.getExpires();
-                } else {
-                    expires = validatorResponse.getExpires();
-                }
-                if (expires != null) {
-                    Date currentTime = new Date();
-                    long ttl = expires.getTime() - currentTime.getTime();
-                    config.getTokenReplayCache().add(validatorResponse.getUniqueTokenId(),
ttl / 1000L);
-                } else {
-                    config.getTokenReplayCache().add(validatorResponse.getUniqueTokenId());
-                }
-            } else {
-                LOG.error("Replay attack with token id: " + validatorResponse.getUniqueTokenId());
-                throw new ProcessingException("Replay attack with token id: "
-                        + validatorResponse.getUniqueTokenId(), TYPE.TOKEN_REPLAY);
-            }
-        }
-
-        FedizResponse fedResponse = new FedizResponse(
-                validatorResponse.getUsername(), validatorResponse.getIssuer(),
-                validatorResponse.getRoles(), validatorResponse.getClaims(),
-                validatorResponse.getAudience(),
-                (lifeTime != null) ? lifeTime.getCreated() : null,
-                        (lifeTime != null) ? lifeTime.getExpires() : null, rst,
-                            validatorResponse.getUniqueTokenId());
-
-        return fedResponse;
-    }
-    
-    private Element decryptEncryptedRST(
-        Element encryptedRST,
-        FedizContext config
-    ) throws ProcessingException {
-
-        KeyManager decryptionKeyManager = config.getDecryptionKey();
-        if (decryptionKeyManager == null || decryptionKeyManager.getCrypto() == null) {
-            LOG.debug(
-                "We must have a decryption Crypto instance configured to decrypt encrypted
tokens"
-            );
-            throw new ProcessingException(TYPE.BAD_REQUEST);
-        }
-        String keyPassword = decryptionKeyManager.getKeyPassword();
-        if (keyPassword == null) {
-            LOG.debug(
-                "We must have a decryption key password to decrypt encrypted tokens"
-            );
-            throw new ProcessingException(TYPE.BAD_REQUEST);
-        }
-        
-        EncryptedDataProcessor proc = new EncryptedDataProcessor();
-        WSDocInfo docInfo = new WSDocInfo(encryptedRST.getOwnerDocument());
-        RequestData data = new RequestData();
-        
-        // Disable WSS4J processing of the (decrypted) SAML Token
-        WSSConfig wssConfig = WSSConfig.getNewInstance();
-        wssConfig.setProcessor(WSSecurityEngine.SAML_TOKEN, new NOOpProcessor());
-        wssConfig.setProcessor(WSSecurityEngine.SAML2_TOKEN, new NOOpProcessor());
-        data.setWssConfig(wssConfig);
-        
-        data.setDecCrypto(decryptionKeyManager.getCrypto());
-        data.setCallbackHandler(new DecryptionCallbackHandler(keyPassword));
-        try {
-            List<WSSecurityEngineResult> result =
-                proc.handleToken(encryptedRST, data, docInfo);
-            if (result.size() > 0) {
-                @SuppressWarnings("unchecked")
-                List<WSDataRef> dataRefs = 
-                    (List<WSDataRef>)result.get(result.size() - 1).get(WSSecurityEngineResult.TAG_DATA_REF_URIS);
-                if (dataRefs != null && dataRefs.size() > 0) {
-                    return dataRefs.get(0).getProtectedElement();
-                }
-            }
-        } catch (WSSecurityException e) {
-            LOG.debug(e.getMessage(), e);
-            throw new ProcessingException(TYPE.TOKEN_INVALID);
-        }
-        return null;
-    }
-
-    private LifeTime processLifeTime(Element lifetimeElem) throws ProcessingException {
-        try {
-            Element createdElem = DOMUtils.getFirstChildWithName(lifetimeElem,
-                    WSConstants.WSU_NS, WSConstants.CREATED_LN);
-            DateFormat zulu = new XmlSchemaDateFormat();
-
-            Date created = zulu.parse(DOMUtils.getContent(createdElem));
-
-            Element expiresElem = DOMUtils.getFirstChildWithName(lifetimeElem,
-                    WSConstants.WSU_NS, WSConstants.EXPIRES_LN);
-            Date expires = zulu.parse(DOMUtils.getContent(expiresElem));
-
-            return new LifeTime(created, expires);
-
-        } catch (ParseException e) {
-            LOG.error("Failed to parse lifetime element in wresult: " + e.getMessage());
-            throw new ProcessingException(TYPE.BAD_REQUEST);
-        }
-    }
-
-    public class LifeTime {
-
-        private Date created;
-        private Date expires;
-
-        public LifeTime(Date created, Date expires) {
-            this.created = created;
-            this.expires = expires;
-        }
-
-        public Date getCreated() {
-            return created;
-        }
-
-        public Date getExpires() {
-            return expires;
-        }
-
-    }
-
-    @Override
-    public String createSignInRequest(HttpServletRequest request, FedizContext config)
-        throws ProcessingException {
-
-        String redirectURL = null;
-        try {
-            if (!(config.getProtocol() instanceof SAMLProtocol)) {
-                LOG.error("Unsupported protocol");
-                throw new IllegalStateException("Unsupported protocol");
-            }
-            
-            String issuerURL = resolveIssuer(request, config);
-            LOG.info("Issuer url: " + issuerURL);
-            if (issuerURL != null && issuerURL.length() > 0) {
-                redirectURL = issuerURL;
-            }
-            
-            AuthnRequestBuilder authnRequestBuilder = new DefaultAuthnRequestBuilder();
-            
-            Document doc = DOMUtils.createDocument();
-            doc.appendChild(doc.createElement("root"));
-     
-            // Create the AuthnRequest
-            AuthnRequest authnRequest = 
-                authnRequestBuilder.createAuthnRequest(
-                    "http://issuer.com", "http://issuer2.com"
-                );
-            Element authnRequestElement = OpenSAMLUtil.toDom(authnRequest, doc);
-            String authnRequestEncoded = encodeAuthnRequest(authnRequestElement);
-            
-            //SamlRequestInfo info = new SamlRequestInfo();
-            //info.setSamlRequest(authnRequestEncoded);
-            
-            String relayState = URLEncoder.encode(UUID.randomUUID().toString(), "UTF-8");
-            
-            String urlEncodedRequest = 
-                URLEncoder.encode(authnRequestEncoded, "UTF-8");
-            
-            StringBuilder sb = new StringBuilder();
-            sb.append("SAMLRequest").append('=').append(urlEncodedRequest);
-            sb.append("RelayState").append('=').append(relayState);
-            
-            /*
-            String contextCookie = createCookie(SSOConstants.RELAY_STATE,
-                                                info.getRelayState(),
-                                                info.getWebAppContext(),
-                                                info.getWebAppDomain());
-            
-            context.abortWith(Response.seeOther(ub.build())
-                           .header(HttpHeaders.CACHE_CONTROL, "no-cache, no-store")
-                           .header("Pragma", "no-cache") 
-                           .header(HttpHeaders.SET_COOKIE, contextCookie)
-                           .build());
-            */
-            
-            redirectURL = redirectURL + "?" + sb.toString();
-        } catch (Exception ex) {
-            LOG.error("Failed to create SignInRequest", ex);
-            throw new ProcessingException("Failed to create SignInRequest");
-        }        
-        return redirectURL;
-    }
-    
-    protected String encodeAuthnRequest(Element authnRequest) throws IOException {
-        String requestMessage = DOM2Writer.nodeToString(authnRequest);
-
-        byte[] deflatedBytes = CompressionUtils.deflate(requestMessage.getBytes("UTF-8"));
-
-        return Base64.encode(deflatedBytes);
-    }
-
-    @Override
-    public String createSignOutRequest(HttpServletRequest request, FedizContext config)
-        throws ProcessingException {
-
-        String redirectURL = null;
-        try {
-            if (!(config.getProtocol() instanceof FederationProtocol)) {
-                LOG.error("Unsupported protocol");
-                throw new IllegalStateException("Unsupported protocol");
-            }
-
-            String issuerURL = resolveIssuer(request, config);
-            LOG.info("Issuer url: " + issuerURL);
-            if (issuerURL != null && issuerURL.length() > 0) {
-                redirectURL = issuerURL;
-            }
-
-            StringBuilder sb = new StringBuilder();
-            sb.append(FederationConstants.PARAM_ACTION).append('=').append(FederationConstants.ACTION_SIGNOUT);
-
-            String logoutRedirectTo = config.getLogoutRedirectTo();
-            if (logoutRedirectTo != null && !logoutRedirectTo.isEmpty()) {
-
-                if (logoutRedirectTo.startsWith("/")) {
-                    logoutRedirectTo = extractFullContextPath(request).concat(logoutRedirectTo.substring(1));
-                } else {
-                    logoutRedirectTo = extractFullContextPath(request).concat(logoutRedirectTo);
-                }
-
-                LOG.debug("wreply=" + logoutRedirectTo);
-
-                sb.append('&').append(FederationConstants.PARAM_REPLY).append('=');
-                sb.append(URLEncoder.encode(logoutRedirectTo, "UTF-8"));
-            }
-
-            redirectURL = redirectURL + "?" + sb.toString();
-        } catch (Exception ex) {
-            LOG.error("Failed to create SignInRequest", ex);
-            throw new ProcessingException("Failed to create SignInRequest");
-        }
-        return redirectURL;
-    }
-/*
-    private String resolveSignInQuery(HttpServletRequest request, FedizContext config)
-        throws IOException, UnsupportedCallbackException, UnsupportedEncodingException {
-        Object signInQueryObj = ((FederationProtocol)config.getProtocol()).getSignInQuery();
-        String signInQuery = null;
-        if (signInQueryObj != null) {
-            if (signInQueryObj instanceof String) {
-                signInQuery = (String)signInQueryObj;
-            } else if (signInQueryObj instanceof CallbackHandler) {
-                CallbackHandler frCB = (CallbackHandler)signInQueryObj;
-                SignInQueryCallback callback = new SignInQueryCallback(request);
-                frCB.handle(new Callback[] {callback});
-                Map<String, String> signInQueryMap = callback.getSignInQueryParamMap();
-                StringBuilder sbQuery = new StringBuilder();
-                for (String key : signInQueryMap.keySet()) {
-                    if (sbQuery.length() > 0) {
-                        sbQuery.append("&");
-                    }
-                    sbQuery.append(key).append('=').
-                    append(URLEncoder.encode(signInQueryMap.get(key), "UTF-8"));
-                }
-                signInQuery = sbQuery.toString();
-               
-            }
-        }
-        return signInQuery;
-    }
-
-    private String resolveFreshness(HttpServletRequest request, FedizContext config) throws
IOException,
-        UnsupportedCallbackException {
-        Object freshnessObj = ((FederationProtocol)config.getProtocol()).getFreshness();
-        String freshness = null;
-        if (freshnessObj != null) {
-            if (freshnessObj instanceof String) {
-                freshness = (String)freshnessObj;
-            } else if (freshnessObj instanceof CallbackHandler) {
-                CallbackHandler frCB = (CallbackHandler)freshnessObj;
-                FreshnessCallback callback = new FreshnessCallback(request);
-                frCB.handle(new Callback[] {callback});
-                freshness = callback.getFreshness();
-            }
-        }
-        return freshness;
-    }
-
-    private String resolveHomeRealm(HttpServletRequest request, FedizContext config) throws
IOException,
-        UnsupportedCallbackException {
-        Object homeRealmObj = ((FederationProtocol)config.getProtocol()).getHomeRealm();
-        String homeRealm = null;
-        if (homeRealmObj != null) {
-            if (homeRealmObj instanceof String) {
-                homeRealm = (String)homeRealmObj;
-            } else if (homeRealmObj instanceof CallbackHandler) {
-                CallbackHandler hrCB = (CallbackHandler)homeRealmObj;
-                HomeRealmCallback callback = new HomeRealmCallback(request);
-                hrCB.handle(new Callback[] {callback});
-                homeRealm = callback.getHomeRealm();
-            }
-        }
-        return homeRealm;
-    }
-
-    private String resolveAuthenticationType(HttpServletRequest request, FedizContext config)
-        throws IOException, UnsupportedCallbackException {
-        Object wAuthObj = ((FederationProtocol)config.getProtocol()).getAuthenticationType();
-        String wAuth = null;
-        if (wAuthObj != null) {
-            if (wAuthObj instanceof String) {
-                wAuth = (String)wAuthObj;
-            } else if (wAuthObj instanceof CallbackHandler) {
-                CallbackHandler wauthCB = (CallbackHandler)wAuthObj;
-                WAuthCallback callback = new WAuthCallback(request);
-                wauthCB.handle(new Callback[] {callback});
-                wAuth = callback.getWauth();
-            }  
-        }
-        return wAuth;
-    }
-    
-    private String resolveRequest(HttpServletRequest request, FedizContext config)
-        throws IOException, UnsupportedCallbackException {
-        Object wReqObj = ((FederationProtocol)config.getProtocol()).getRequest();
-        String wReq = null;
-        if (wReqObj != null) {
-            if (wReqObj instanceof String) {
-                wReq = (String)wReqObj;
-            } else if (wReqObj instanceof CallbackHandler) {
-                CallbackHandler wauthCB = (CallbackHandler)wReqObj;
-                WReqCallback callback = new WReqCallback(request);
-                wauthCB.handle(new Callback[] {callback});
-                wReq = callback.getWreq();
-            }  
-        }
-        return wReq;
-    }
-*/
-    private String resolveIssuer(HttpServletRequest request, FedizContext config) throws
IOException,
-        UnsupportedCallbackException {
-        Object issuerObj = config.getProtocol().getIssuer();
-        String issuerURL = null;
-        if (issuerObj instanceof String) {
-            issuerURL = (String)issuerObj;
-        } else if (issuerObj instanceof CallbackHandler) {
-            CallbackHandler issuerCB = (CallbackHandler)issuerObj;
-            IDPCallback callback = new IDPCallback(request);
-            issuerCB.handle(new Callback[] {callback});
-            issuerURL = callback.getIssuerUrl().toString();
-        }
-        return issuerURL;
-    }
-/*
-    private String resolveWTRealm(HttpServletRequest request, FedizContext config) throws
IOException,
-        UnsupportedCallbackException {
-        Object wtRealmObj = ((FederationProtocol)config.getProtocol()).getRealm();
-        String wtRealm = null;
-        if (wtRealmObj != null) {
-            if (wtRealmObj instanceof String) {
-                wtRealm = (String)wtRealmObj;
-            } else if (wtRealmObj instanceof CallbackHandler) {
-                CallbackHandler hrCB = (CallbackHandler)wtRealmObj;
-                RealmCallback callback = new RealmCallback(request);
-                hrCB.handle(new Callback[] {callback});
-                wtRealm = callback.getRealm();
-            }
-        } else {
-            wtRealm = extractFullContextPath(request); //default value
-        }
-        return wtRealm;
-    }
-
-*/
-    private String extractFullContextPath(HttpServletRequest request) throws MalformedURLException
{
-        String result = null;
-        String contextPath = request.getContextPath();
-        String requestUrl = request.getRequestURL().toString();
-        String requestPath = new URL(requestUrl).getPath();
-        // Cut request path of request url and add context path if not ROOT
-        if (requestPath != null && requestPath.length() > 0) {
-            int lastIndex = requestUrl.lastIndexOf(requestPath);
-            result = requestUrl.substring(0, lastIndex);
-        } else {
-            result = requestUrl;
-        }
-        if (contextPath != null && contextPath.length() > 0) {
-            // contextPath contains starting slash
-            result = result + contextPath + "/";
-        } else {
-            result = result + "/";
-        }
-        return result;
-    }
-    
-    private static class DecryptionCallbackHandler implements CallbackHandler {
-        
-        private final String password;
-        
-        public DecryptionCallbackHandler(String password) {
-            this.password = password;
-        }
-
-        @Override
-        public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException
{
-            for (int i = 0; i < callbacks.length; i++) {
-                if (callbacks[i] instanceof WSPasswordCallback) {
-                    WSPasswordCallback pc = (WSPasswordCallback) callbacks[i];
-                    pc.setPassword(password);
-                } else {
-                    throw new UnsupportedCallbackException(callbacks[i], "Unrecognized Callback");
-                }
-            }
-        }
-        
-    }
-
-    private static class NOOpProcessor implements Processor {
-
-        @Override
-        public List<WSSecurityEngineResult> handleToken(Element arg0, RequestData arg1,
WSDocInfo arg2)
-            throws WSSecurityException {
-            return new ArrayList<WSSecurityEngineResult>();
-        }
-        
-    }
-
-}


Mime
View raw message