ws-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From gi...@apache.org
Subject svn commit: r1383498 [1/2] - in /webservices/wss4j/trunk: ws-security-policy-stax/src/main/java/org/apache/ws/security/policy/stax/assertionStates/ ws-security-policy-stax/src/test/java/org/apache/ws/security/policy/stax/test/ ws-security-stax/src/main...
Date Tue, 11 Sep 2012 17:59:52 GMT
Author: giger
Date: Tue Sep 11 17:59:51 2012
New Revision: 1383498

URL: http://svn.apache.org/viewvc?rev=1383498&view=rev
Log:
Adapt changes from santuario in r1383463.

Added:
    webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/ws/security/stax/impl/securityToken/OutboundUsernameSecurityToken.java   (with props)
    webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/ws/security/stax/impl/securityToken/UsernameToken.java   (with props)
Removed:
    webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/ws/security/stax/impl/securityToken/ProcessorInfoSecurityToken.java
Modified:
    webservices/wss4j/trunk/ws-security-policy-stax/src/main/java/org/apache/ws/security/policy/stax/assertionStates/SamlTokenAssertionState.java
    webservices/wss4j/trunk/ws-security-policy-stax/src/main/java/org/apache/ws/security/policy/stax/assertionStates/X509TokenAssertionState.java
    webservices/wss4j/trunk/ws-security-policy-stax/src/test/java/org/apache/ws/security/policy/stax/test/AbstractPolicyTestBase.java
    webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/ws/security/stax/impl/processor/input/BinarySecurityTokenInputHandler.java
    webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/ws/security/stax/impl/processor/input/DerivedKeyTokenInputHandler.java
    webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/ws/security/stax/impl/processor/input/SAMLTokenInputHandler.java
    webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/ws/security/stax/impl/processor/input/SecurityContextTokenInputHandler.java
    webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/ws/security/stax/impl/processor/input/SecurityTokenReferenceInputHandler.java
    webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/ws/security/stax/impl/processor/input/UsernameTokenInputHandler.java
    webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/ws/security/stax/impl/processor/output/BinarySecurityTokenOutputProcessor.java
    webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/ws/security/stax/impl/processor/output/DerivedKeyTokenOutputProcessor.java
    webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/ws/security/stax/impl/processor/output/EncryptOutputProcessor.java
    webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/ws/security/stax/impl/processor/output/EncryptedKeyOutputProcessor.java
    webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/ws/security/stax/impl/processor/output/SAMLTokenOutputProcessor.java
    webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/ws/security/stax/impl/processor/output/SecurityContextTokenOutputProcessor.java
    webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/ws/security/stax/impl/processor/output/UsernameTokenOutputProcessor.java
    webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/ws/security/stax/impl/processor/output/WSSSignatureEndingOutputProcessor.java
    webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/ws/security/stax/impl/securityToken/HttpsSecurityToken.java
    webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/ws/security/stax/impl/securityToken/SAMLSecurityToken.java
    webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/ws/security/stax/impl/securityToken/SecureConversationSecurityToken.java
    webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/ws/security/stax/impl/securityToken/SecurityTokenFactoryImpl.java
    webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/ws/security/stax/impl/securityToken/SecurityTokenReference.java
    webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/ws/security/stax/impl/securityToken/ThumbprintSHA1SecurityToken.java
    webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/ws/security/stax/impl/securityToken/UsernameSecurityToken.java
    webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/ws/security/stax/impl/securityToken/X509DataSecurityToken.java
    webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/ws/security/stax/impl/securityToken/X509PKIPathv1SecurityToken.java
    webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/ws/security/stax/impl/securityToken/X509SecurityToken.java
    webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/ws/security/stax/impl/securityToken/X509_V3SecurityToken.java
    webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/ws/security/stax/securityEvent/HttpsTokenSecurityEvent.java
    webservices/wss4j/trunk/ws-security-stax/src/test/java/org/apache/ws/security/stax/test/AbstractTestBase.java
    webservices/wss4j/trunk/ws-security-stax/src/test/java/org/apache/ws/security/stax/test/DerivedKeyTokenTest.java
    webservices/wss4j/trunk/ws-security-stax/src/test/java/org/apache/ws/security/stax/test/InboundWSSecurityContextImplTest.java

Modified: webservices/wss4j/trunk/ws-security-policy-stax/src/main/java/org/apache/ws/security/policy/stax/assertionStates/SamlTokenAssertionState.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-policy-stax/src/main/java/org/apache/ws/security/policy/stax/assertionStates/SamlTokenAssertionState.java?rev=1383498&r1=1383497&r2=1383498&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-policy-stax/src/main/java/org/apache/ws/security/policy/stax/assertionStates/SamlTokenAssertionState.java (original)
+++ webservices/wss4j/trunk/ws-security-policy-stax/src/main/java/org/apache/ws/security/policy/stax/assertionStates/SamlTokenAssertionState.java Tue Sep 11 17:59:51 2012
@@ -27,7 +27,7 @@ import org.apache.ws.security.stax.ext.W
 import org.apache.ws.security.stax.securityEvent.SamlTokenSecurityEvent;
 import org.apache.ws.security.stax.securityEvent.WSSecurityEventConstants;
 import org.apache.xml.security.stax.ext.XMLSecurityException;
-import org.apache.xml.security.stax.impl.securityToken.AbstractSecurityToken;
+import org.apache.xml.security.stax.impl.securityToken.AbstractInboundSecurityToken;
 import org.apache.xml.security.stax.securityEvent.SecurityEventConstants;
 import org.apache.xml.security.stax.securityEvent.TokenSecurityEvent;
 
@@ -63,7 +63,7 @@ public class SamlTokenAssertionState ext
             setErrorMessage("IssuerName in Policy (" + samlToken.getIssuerName() + ") didn't match with the one in the SamlToken (" + samlTokenSecurityEvent.getIssuerName() + ")");
             return false;
         }
-        if (samlToken.isRequireKeyIdentifierReference() && ((AbstractSecurityToken) samlTokenSecurityEvent.getSecurityToken()).getKeyIdentifierType() != WSSConstants.WSSKeyIdentifierType.X509_KEY_IDENTIFIER) {
+        if (samlToken.isRequireKeyIdentifierReference() && ((AbstractInboundSecurityToken) samlTokenSecurityEvent.getSecurityToken()).getKeyIdentifierType() != WSSConstants.WSSKeyIdentifierType.X509_KEY_IDENTIFIER) {
             setErrorMessage("Policy enforces KeyIdentifierReference but we got " + samlTokenSecurityEvent.getSecurityToken().getTokenType());
             return false;
         }

Modified: webservices/wss4j/trunk/ws-security-policy-stax/src/main/java/org/apache/ws/security/policy/stax/assertionStates/X509TokenAssertionState.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-policy-stax/src/main/java/org/apache/ws/security/policy/stax/assertionStates/X509TokenAssertionState.java?rev=1383498&r1=1383497&r2=1383498&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-policy-stax/src/main/java/org/apache/ws/security/policy/stax/assertionStates/X509TokenAssertionState.java (original)
+++ webservices/wss4j/trunk/ws-security-policy-stax/src/main/java/org/apache/ws/security/policy/stax/assertionStates/X509TokenAssertionState.java Tue Sep 11 17:59:51 2012
@@ -25,7 +25,7 @@ import org.apache.ws.security.policy.mod
 import org.apache.ws.security.stax.ext.WSSConstants;
 import org.apache.xml.security.stax.ext.XMLSecurityConstants;
 import org.apache.xml.security.stax.ext.XMLSecurityException;
-import org.apache.xml.security.stax.impl.securityToken.AbstractSecurityToken;
+import org.apache.xml.security.stax.impl.securityToken.AbstractInboundSecurityToken;
 import org.apache.xml.security.stax.securityEvent.SecurityEventConstants;
 import org.apache.xml.security.stax.securityEvent.TokenSecurityEvent;
 import org.apache.xml.security.stax.securityEvent.X509TokenSecurityEvent;
@@ -60,7 +60,7 @@ public class X509TokenAssertionState ext
 
         X509Token x509Token = (X509Token) abstractToken;
 
-        AbstractSecurityToken securityToken = (AbstractSecurityToken) tokenSecurityEvent.getSecurityToken();
+        AbstractInboundSecurityToken securityToken = (AbstractInboundSecurityToken) tokenSecurityEvent.getSecurityToken();
         XMLSecurityConstants.TokenType tokenType = securityToken.getTokenType();
         if (!(WSSConstants.X509V3Token.equals(tokenType)
                 || WSSConstants.X509V1Token.equals(tokenType)

Modified: webservices/wss4j/trunk/ws-security-policy-stax/src/test/java/org/apache/ws/security/policy/stax/test/AbstractPolicyTestBase.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-policy-stax/src/test/java/org/apache/ws/security/policy/stax/test/AbstractPolicyTestBase.java?rev=1383498&r1=1383497&r2=1383498&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-policy-stax/src/test/java/org/apache/ws/security/policy/stax/test/AbstractPolicyTestBase.java (original)
+++ webservices/wss4j/trunk/ws-security-policy-stax/src/test/java/org/apache/ws/security/policy/stax/test/AbstractPolicyTestBase.java Tue Sep 11 17:59:51 2012
@@ -25,7 +25,6 @@ import org.apache.ws.security.policy.sta
 import org.apache.ws.security.stax.ext.WSSConstants;
 import org.apache.ws.security.stax.impl.securityToken.X509SecurityToken;
 import org.apache.ws.security.stax.test.AbstractTestBase;
-import org.apache.xml.security.stax.ext.XMLSecurityConstants;
 import org.apache.xml.security.stax.ext.XMLSecurityException;
 import org.w3c.dom.Document;
 import org.w3c.dom.Element;
@@ -39,9 +38,7 @@ import javax.xml.parsers.ParserConfigura
 import java.io.ByteArrayInputStream;
 import java.io.IOException;
 import java.io.InputStreamReader;
-import java.security.Key;
 import java.security.KeyStore;
-import java.security.PublicKey;
 import java.security.cert.Certificate;
 import java.security.cert.X509Certificate;
 
@@ -86,47 +83,29 @@ public class AbstractPolicyTestBase exte
         final KeyStore keyStore = KeyStore.getInstance("jks");
         keyStore.load(this.getClass().getClassLoader().getResourceAsStream("transmitter.jks"), "default".toCharArray());
 
-        return new X509SecurityToken(tokenType, null, null, null, "", WSSConstants.WSSKeyIdentifierType.THUMBPRINT_IDENTIFIER) {
+        X509SecurityToken x509SecurityToken = new X509SecurityToken(tokenType, null, null, null, "", WSSConstants.WSSKeyIdentifierType.THUMBPRINT_IDENTIFIER) {
             @Override
             protected String getAlias() throws XMLSecurityException {
                 return keyAlias;
             }
+        };
+        x509SecurityToken.setSecretKey("", keyStore.getKey(keyAlias, "default".toCharArray()));
+        x509SecurityToken.setPublicKey(keyStore.getCertificate(keyAlias).getPublicKey());
 
-            @Override
-            public Key getSecretKey(String algorithmURI, XMLSecurityConstants.KeyUsage keyUsage, String correlationID) throws XMLSecurityException {
-                try {
-                    return keyStore.getKey(keyAlias, "default".toCharArray());
-                } catch (Exception e) {
-                    throw new XMLSecurityException(e.getMessage(), e);
-                }
-            }
-
-            @Override
-            public PublicKey getPublicKey(String algorithmURI, XMLSecurityConstants.KeyUsage keyUsage, String correlationID) throws XMLSecurityException {
-                try {
-                    return keyStore.getCertificate(keyAlias).getPublicKey();
-                } catch (Exception e) {
-                    throw new XMLSecurityException(e.getMessage(), e);
-                }
-            }
+        Certificate[] certificates;
+        try {
+            certificates = keyStore.getCertificateChain(keyAlias);
+        } catch (Exception e) {
+            throw new XMLSecurityException(e.getMessage(), e);
+        }
 
-            @Override
-            public X509Certificate[] getX509Certificates() throws XMLSecurityException {
-                Certificate[] certificates;
-                try {
-                    certificates = keyStore.getCertificateChain(keyAlias);
-                } catch (Exception e) {
-                    throw new XMLSecurityException(e.getMessage(), e);
-                }
-
-                X509Certificate[] x509Certificates = new X509Certificate[certificates.length];
-                for (int i = 0; i < certificates.length; i++) {
-                    Certificate certificate = certificates[i];
-                    x509Certificates[i] = (X509Certificate) certificate;
-                }
-                return x509Certificates;
-            }
-        };
+        X509Certificate[] x509Certificates = new X509Certificate[certificates.length];
+        for (int i = 0; i < certificates.length; i++) {
+            Certificate certificate = certificates[i];
+            x509Certificates[i] = (X509Certificate) certificate;
+        }
+        x509SecurityToken.setX509Certificates(x509Certificates);
+        return x509SecurityToken;
     }
 
     protected String loadResourceAsString(String resource, String encoding) throws IOException {

Modified: webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/ws/security/stax/impl/processor/input/BinarySecurityTokenInputHandler.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/ws/security/stax/impl/processor/input/BinarySecurityTokenInputHandler.java?rev=1383498&r1=1383497&r2=1383498&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/ws/security/stax/impl/processor/input/BinarySecurityTokenInputHandler.java (original)
+++ webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/ws/security/stax/impl/processor/input/BinarySecurityTokenInputHandler.java Tue Sep 11 17:59:51 2012
@@ -18,12 +18,7 @@
  */
 package org.apache.ws.security.stax.impl.processor.input;
 
-import java.util.Deque;
-import java.util.List;
-
-import javax.xml.bind.JAXBElement;
-import javax.xml.namespace.QName;
-
+import org.apache.commons.codec.binary.Base64;
 import org.apache.commons.logging.Log;
 import org.apache.commons.logging.LogFactory;
 import org.apache.ws.security.binding.wss10.BinarySecurityTokenType;
@@ -33,18 +28,19 @@ import org.apache.ws.security.common.ext
 import org.apache.ws.security.stax.ext.WSSConstants;
 import org.apache.ws.security.stax.ext.WSSSecurityProperties;
 import org.apache.ws.security.stax.ext.WSSecurityContext;
-import org.apache.ws.security.stax.impl.securityToken.SecurityTokenFactoryImpl;
-import org.apache.xml.security.stax.ext.AbstractInputSecurityHeaderHandler;
-import org.apache.xml.security.stax.ext.InputProcessorChain;
-import org.apache.xml.security.stax.ext.SecurityToken;
-import org.apache.xml.security.stax.ext.SecurityTokenProvider;
-import org.apache.xml.security.stax.ext.XMLSecurityConfigurationException;
-import org.apache.xml.security.stax.ext.XMLSecurityException;
-import org.apache.xml.security.stax.ext.XMLSecurityProperties;
+import org.apache.ws.security.stax.impl.securityToken.X509PKIPathv1SecurityToken;
+import org.apache.ws.security.stax.impl.securityToken.X509SecurityToken;
+import org.apache.ws.security.stax.impl.securityToken.X509_V3SecurityToken;
+import org.apache.xml.security.stax.ext.*;
 import org.apache.xml.security.stax.ext.stax.XMLSecEvent;
 import org.apache.xml.security.stax.impl.util.IDGenerator;
 import org.apache.xml.security.stax.securityEvent.X509TokenSecurityEvent;
 
+import javax.xml.bind.JAXBElement;
+import javax.xml.namespace.QName;
+import java.util.Deque;
+import java.util.List;
+
 /**
  * Processor for the BinarySecurityToken XML Structure
  *
@@ -52,8 +48,8 @@ import org.apache.xml.security.stax.secu
  * @version $Revision$ $Date$
  */
 public class BinarySecurityTokenInputHandler extends AbstractInputSecurityHeaderHandler {
-    
-    private static final transient Log log = 
+
+    private static final transient Log log =
             LogFactory.getLog(BinarySecurityTokenInputHandler.class);
 
     @Override
@@ -76,7 +72,7 @@ public class BinarySecurityTokenInputHan
 
         final SecurityTokenProvider securityTokenProvider = new SecurityTokenProvider() {
 
-            private SecurityToken binarySecurityToken = null;
+            private X509SecurityToken binarySecurityToken = null;
 
             public SecurityToken getSecurityToken() throws XMLSecurityException {
                 if (this.binarySecurityToken != null) {
@@ -84,19 +80,38 @@ public class BinarySecurityTokenInputHan
                 }
                 Crypto crypto = null;
                 try {
-                    crypto = ((WSSSecurityProperties)securityProperties).getSignatureVerificationCrypto();
+                    crypto = ((WSSSecurityProperties) securityProperties).getSignatureVerificationCrypto();
                 } catch (XMLSecurityConfigurationException e) {
                     log.debug(e.getMessage(), e);
                     //ignore
                 }
                 if (crypto == null) {
-                    crypto = ((WSSSecurityProperties)securityProperties).getDecryptionCrypto();
+                    crypto = ((WSSSecurityProperties) securityProperties).getDecryptionCrypto();
+                }
+
+                //only Base64Encoding is supported
+                if (!WSSConstants.SOAPMESSAGE_NS10_BASE64_ENCODING.equals(binarySecurityTokenType.getEncodingType())) {
+                    throw new WSSecurityException(
+                            WSSecurityException.ErrorCode.INVALID_SECURITY_TOKEN, "badEncoding", binarySecurityTokenType.getEncodingType());
                 }
-                this.binarySecurityToken = SecurityTokenFactoryImpl.getSecurityToken(
-                        binarySecurityTokenType,
-                        securityContext,
-                        crypto,
-                        securityProperties.getCallbackHandler());
+
+                byte[] securityTokenData = Base64.decodeBase64(binarySecurityTokenType.getValue());
+
+                if (WSSConstants.NS_X509_V3_TYPE.equals(binarySecurityTokenType.getValueType())) {
+                    this.binarySecurityToken = new X509_V3SecurityToken(
+                            (WSSecurityContext) securityContext, crypto, securityProperties.getCallbackHandler(),
+                            securityTokenData, binarySecurityTokenType.getId(), WSSConstants.WSSKeyIdentifierType.SECURITY_TOKEN_DIRECT_REFERENCE
+                    );
+                } else if (WSSConstants.NS_X509PKIPathv1.equals(binarySecurityTokenType.getValueType())) {
+                    this.binarySecurityToken = new X509PKIPathv1SecurityToken(
+                            (WSSecurityContext) securityContext, crypto, securityProperties.getCallbackHandler(),
+                            securityTokenData, binarySecurityTokenType.getId(), WSSConstants.WSSKeyIdentifierType.SECURITY_TOKEN_DIRECT_REFERENCE
+                    );
+                } else {
+                    throw new WSSecurityException(
+                            WSSecurityException.ErrorCode.INVALID_SECURITY_TOKEN, "invalidValueType", binarySecurityTokenType.getValueType());
+                }
+
                 this.binarySecurityToken.setElementPath(elementPath);
                 this.binarySecurityToken.setXMLSecEvent(responsibleXMLSecStartXMLEvent);
                 return this.binarySecurityToken;
@@ -111,7 +126,7 @@ public class BinarySecurityTokenInputHan
 
         //fire a tokenSecurityEvent
         X509TokenSecurityEvent x509TokenSecurityEvent = new X509TokenSecurityEvent();
-        x509TokenSecurityEvent.setSecurityToken(securityTokenProvider.getSecurityToken());
+        x509TokenSecurityEvent.setSecurityToken((SecurityToken) securityTokenProvider.getSecurityToken());
         x509TokenSecurityEvent.setCorrelationID(binarySecurityTokenType.getId());
         securityContext.registerSecurityEvent(x509TokenSecurityEvent);
     }

Modified: webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/ws/security/stax/impl/processor/input/DerivedKeyTokenInputHandler.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/ws/security/stax/impl/processor/input/DerivedKeyTokenInputHandler.java?rev=1383498&r1=1383497&r2=1383498&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/ws/security/stax/impl/processor/input/DerivedKeyTokenInputHandler.java (original)
+++ webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/ws/security/stax/impl/processor/input/DerivedKeyTokenInputHandler.java Tue Sep 11 17:59:51 2012
@@ -19,11 +19,11 @@
 package org.apache.ws.security.stax.impl.processor.input;
 
 import org.apache.ws.security.binding.wssc.AbstractDerivedKeyTokenType;
+import org.apache.ws.security.common.derivedKey.DerivedKeyUtils;
 import org.apache.ws.security.common.ext.WSSecurityException;
 import org.apache.ws.security.stax.ext.WSSConstants;
 import org.apache.ws.security.stax.ext.WSSSecurityProperties;
 import org.apache.ws.security.stax.ext.WSSecurityContext;
-import org.apache.ws.security.common.derivedKey.DerivedKeyUtils;
 import org.apache.ws.security.stax.impl.securityToken.SAMLSecurityToken;
 import org.apache.ws.security.stax.impl.securityToken.SecurityTokenFactoryImpl;
 import org.apache.ws.security.stax.impl.securityToken.UsernameSecurityToken;
@@ -31,7 +31,7 @@ import org.apache.ws.security.stax.secur
 import org.apache.xml.security.stax.config.JCEAlgorithmMapper;
 import org.apache.xml.security.stax.ext.*;
 import org.apache.xml.security.stax.ext.stax.XMLSecEvent;
-import org.apache.xml.security.stax.impl.securityToken.AbstractSecurityToken;
+import org.apache.xml.security.stax.impl.securityToken.AbstractInboundSecurityToken;
 import org.apache.xml.security.stax.impl.util.IDGenerator;
 import org.apache.xml.security.stax.securityEvent.AlgorithmSuiteSecurityEvent;
 
@@ -39,7 +39,6 @@ import javax.crypto.spec.SecretKeySpec;
 import javax.xml.bind.JAXBElement;
 import javax.xml.namespace.QName;
 import java.security.Key;
-import java.security.PublicKey;
 import java.util.Deque;
 import java.util.List;
 
@@ -70,16 +69,18 @@ public class DerivedKeyTokenInputHandler
 
         SecurityTokenProvider securityTokenProvider = new SecurityTokenProvider() {
 
-            private AbstractSecurityToken derivedKeySecurityToken = null;
+            private AbstractInboundSecurityToken derivedKeySecurityToken = null;
 
+            @Override
             public SecurityToken getSecurityToken() throws XMLSecurityException {
 
                 if (this.derivedKeySecurityToken != null) {
                     return this.derivedKeySecurityToken;
                 }
 
-                this.derivedKeySecurityToken = new AbstractSecurityToken(
-                        (WSSecurityContext) inputProcessorChain.getSecurityContext(), null,
+                //todo implement interface to access all derivedKeys? The same would be needed in UserNameToken
+                this.derivedKeySecurityToken = new AbstractInboundSecurityToken(
+                        (WSSecurityContext) inputProcessorChain.getSecurityContext(), securityProperties.getCallbackHandler(),
                         derivedKeyTokenType.getId(), null) {
 
                     private SecurityToken referencedSecurityToken = null;
@@ -91,7 +92,7 @@ public class DerivedKeyTokenInputHandler
 
                         this.referencedSecurityToken = SecurityTokenFactoryImpl.getSecurityToken(
                                 derivedKeyTokenType.getSecurityTokenReference(),
-                                ((WSSSecurityProperties)securityProperties).getDecryptionCrypto(),
+                                ((WSSSecurityProperties) securityProperties).getDecryptionCrypto(),
                                 securityProperties.getCallbackHandler(),
                                 inputProcessorChain.getSecurityContext()
                         );
@@ -99,10 +100,7 @@ public class DerivedKeyTokenInputHandler
                         return this.referencedSecurityToken;
                     }
 
-                    public boolean isAsymmetric() {
-                        return false;
-                    }
-
+                    @Override
                     protected Key getKey(String algorithmURI, XMLSecurityConstants.KeyUsage keyUsage,
                                          String correlationID) throws XMLSecurityException {
                         byte[] secret;
@@ -110,11 +108,7 @@ public class DerivedKeyTokenInputHandler
                         if (referencedSecurityToken != null) {
                             if (referencedSecurityToken instanceof UsernameSecurityToken) {
                                 UsernameSecurityToken usernameSecurityToken = (UsernameSecurityToken) referencedSecurityToken;
-                                secret = usernameSecurityToken.generateDerivedKey(
-                                        usernameSecurityToken.getPassword(),
-                                        usernameSecurityToken.getSalt(),
-                                        usernameSecurityToken.getIteration()
-                                );
+                                secret = usernameSecurityToken.generateDerivedKey();
                             } else if (referencedSecurityToken instanceof SAMLSecurityToken) {
                                 SAMLSecurityToken samlSecurityToken = (SAMLSecurityToken) referencedSecurityToken;
                                 secret = samlSecurityToken.getSamlKeyInfo().getSecret();
@@ -158,16 +152,11 @@ public class DerivedKeyTokenInputHandler
                     }
 
                     @Override
-                    protected PublicKey getPubKey(String algorithmURI, XMLSecurityConstants.KeyUsage keyUsage,
-                                                  String correlationID)
-                            throws XMLSecurityException {
-                        return null;
-                    }
-
                     public SecurityToken getKeyWrappingToken() throws XMLSecurityException {
                         return getReferencedSecurityToken();
                     }
 
+                    @Override
                     public WSSConstants.TokenType getTokenType() {
                         return WSSConstants.DerivedKeyToken;
                     }
@@ -177,6 +166,7 @@ public class DerivedKeyTokenInputHandler
                 return this.derivedKeySecurityToken;
             }
 
+            @Override
             public String getId() {
                 return derivedKeyTokenType.getId();
             }
@@ -185,7 +175,7 @@ public class DerivedKeyTokenInputHandler
 
         //fire a tokenSecurityEvent
         DerivedKeyTokenSecurityEvent derivedKeyTokenSecurityEvent = new DerivedKeyTokenSecurityEvent();
-        derivedKeyTokenSecurityEvent.setSecurityToken(securityTokenProvider.getSecurityToken());
+        derivedKeyTokenSecurityEvent.setSecurityToken((SecurityToken) securityTokenProvider.getSecurityToken());
         derivedKeyTokenSecurityEvent.setCorrelationID(derivedKeyTokenType.getId());
         ((WSSecurityContext) inputProcessorChain.getSecurityContext()).registerSecurityEvent(derivedKeyTokenSecurityEvent);
     }

Modified: webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/ws/security/stax/impl/processor/input/SAMLTokenInputHandler.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/ws/security/stax/impl/processor/input/SAMLTokenInputHandler.java?rev=1383498&r1=1383497&r2=1383498&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/ws/security/stax/impl/processor/input/SAMLTokenInputHandler.java (original)
+++ webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/ws/security/stax/impl/processor/input/SAMLTokenInputHandler.java Tue Sep 11 17:59:51 2012
@@ -24,7 +24,9 @@ import org.apache.ws.security.common.ext
 import org.apache.ws.security.common.saml.AssertionWrapper;
 import org.apache.ws.security.common.saml.OpenSAMLUtil;
 import org.apache.ws.security.common.saml.SAMLKeyInfo;
-import org.apache.ws.security.stax.ext.*;
+import org.apache.ws.security.stax.ext.WSSConstants;
+import org.apache.ws.security.stax.ext.WSSSecurityProperties;
+import org.apache.ws.security.stax.ext.WSSecurityContext;
 import org.apache.ws.security.stax.impl.saml.WSSSAMLKeyInfoProcessor;
 import org.apache.ws.security.stax.impl.securityToken.SAMLSecurityToken;
 import org.apache.ws.security.stax.securityEvent.SamlTokenSecurityEvent;
@@ -46,7 +48,6 @@ import javax.xml.stream.events.Attribute
 import javax.xml.stream.events.Comment;
 import javax.xml.stream.events.Namespace;
 import javax.xml.stream.events.ProcessingInstruction;
-
 import java.math.BigInteger;
 import java.security.PublicKey;
 import java.security.cert.CertificateExpiredException;
@@ -85,16 +86,16 @@ public class SAMLTokenInputHandler exten
             );
             // Verify trust on the signature
             final SAMLKeyInfo samlIssuerKeyInfo = assertionWrapper.getSignatureKeyInfo();
-            verifySignedAssertion(samlIssuerKeyInfo, 
+            verifySignedAssertion(samlIssuerKeyInfo,
                     (WSSSecurityProperties) securityProperties);
         }
         // Parse the HOK subject if it exists
         assertionWrapper.parseHOKSubject(
                 new WSSSAMLKeyInfoProcessor(),
-                ((WSSSecurityProperties)securityProperties).getSignatureVerificationCrypto(),
+                ((WSSSecurityProperties) securityProperties).getSignatureVerificationCrypto(),
                 securityProperties.getCallbackHandler()
         );
-        
+
         // TODO move this into a Validator eventually
         String confirmMethod = null;
         List<String> methods = assertionWrapper.getConfirmationMethods();
@@ -110,7 +111,7 @@ public class SAMLTokenInputHandler exten
                 throw new WSSecurityException(WSSecurityException.ErrorCode.FAILURE, "invalidSAMLsecurity");
             }
         }
-        
+
         final SAMLKeyInfo samlSubjectKeyInfo = assertionWrapper.getSubjectKeyInfo();
 
         if (logger.isDebugEnabled()) {
@@ -122,7 +123,7 @@ public class SAMLTokenInputHandler exten
 
         SecurityTokenProvider securityTokenProvider = new SecurityTokenProvider() {
 
-            private SecurityToken securityToken = null;
+            private SAMLSecurityToken securityToken = null;
 
             @Override
             public SecurityToken getSecurityToken() throws XMLSecurityException {
@@ -132,8 +133,8 @@ public class SAMLTokenInputHandler exten
 
                 this.securityToken = new SAMLSecurityToken(assertionWrapper.getSamlVersion(), samlSubjectKeyInfo,
                         assertionWrapper.getIssuerString(),
-                        (WSSecurityContext) inputProcessorChain.getSecurityContext(), 
-                        ((WSSSecurityProperties)securityProperties).getSignatureVerificationCrypto(),
+                        (WSSecurityContext) inputProcessorChain.getSecurityContext(),
+                        ((WSSSecurityProperties) securityProperties).getSignatureVerificationCrypto(),
                         securityProperties.getCallbackHandler(), assertionWrapper.getId(), null);
 
                 this.securityToken.setElementPath(elementPath);
@@ -150,7 +151,7 @@ public class SAMLTokenInputHandler exten
 
         //fire a tokenSecurityEvent
         SamlTokenSecurityEvent samlTokenSecurityEvent = new SamlTokenSecurityEvent();
-        samlTokenSecurityEvent.setSecurityToken(securityTokenProvider.getSecurityToken());
+        samlTokenSecurityEvent.setSecurityToken((SecurityToken) securityTokenProvider.getSecurityToken());
         ((WSSecurityContext) inputProcessorChain.getSecurityContext()).registerSecurityEvent(samlTokenSecurityEvent);
     }
 
@@ -260,7 +261,7 @@ public class SAMLTokenInputHandler exten
         }
         return currentNode;
     }
-    
+
     /**
      * Verify trust in the signature of a signed Assertion. This method is separate so that
      * the user can override if if they want.
@@ -329,7 +330,7 @@ public class SAMLTokenInputHandler exten
             );
         }
     }
-    
+
     /**
      * Check to see if the certificate argument is in the keystore
      *
@@ -367,7 +368,7 @@ public class SAMLTokenInputHandler exten
         return false;
     }
 
-    
+
     /**
      * Evaluate whether a given certificate should be trusted.
      * <p/>

Modified: webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/ws/security/stax/impl/processor/input/SecurityContextTokenInputHandler.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/ws/security/stax/impl/processor/input/SecurityContextTokenInputHandler.java?rev=1383498&r1=1383497&r2=1383498&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/ws/security/stax/impl/processor/input/SecurityContextTokenInputHandler.java (original)
+++ webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/ws/security/stax/impl/processor/input/SecurityContextTokenInputHandler.java Tue Sep 11 17:59:51 2012
@@ -21,19 +21,20 @@ package org.apache.ws.security.stax.impl
 import org.apache.ws.security.binding.wssc.AbstractSecurityContextTokenType;
 import org.apache.ws.security.common.ext.WSPasswordCallback;
 import org.apache.ws.security.common.ext.WSSecurityException;
-import org.apache.ws.security.stax.ext.*;
+import org.apache.ws.security.stax.ext.WSSConstants;
+import org.apache.ws.security.stax.ext.WSSUtils;
+import org.apache.ws.security.stax.ext.WSSecurityContext;
 import org.apache.ws.security.stax.securityEvent.SecurityContextTokenSecurityEvent;
 import org.apache.xml.security.stax.config.JCEAlgorithmMapper;
 import org.apache.xml.security.stax.ext.*;
 import org.apache.xml.security.stax.ext.stax.XMLSecEvent;
-import org.apache.xml.security.stax.impl.securityToken.AbstractSecurityToken;
+import org.apache.xml.security.stax.impl.securityToken.AbstractInboundSecurityToken;
 import org.apache.xml.security.stax.impl.util.IDGenerator;
 
 import javax.crypto.spec.SecretKeySpec;
 import javax.xml.bind.JAXBElement;
 import javax.xml.namespace.QName;
 import java.security.Key;
-import java.security.PublicKey;
 import java.util.Deque;
 import java.util.List;
 
@@ -63,50 +64,54 @@ public class SecurityContextTokenInputHa
         final List<QName> elementPath = getElementPath(eventQueue);
         final XMLSecEvent responsibleXMLSecStartXMLEvent = getResponsibleStartXMLEvent(eventQueue, index);
 
-        final SecurityToken securityContextToken =
-                new AbstractSecurityToken(
+        final AbstractInboundSecurityToken securityContextToken =
+                new AbstractInboundSecurityToken(
                         (WSSecurityContext) inputProcessorChain.getSecurityContext(),
-                        null, securityContextTokenType.getId(), null) {
+                        securityProperties.getCallbackHandler(), securityContextTokenType.getId(), null) {
 
+                    @Override
                     public boolean isAsymmetric() {
                         return false;
                     }
 
+                    @Override
                     public Key getKey(String algorithmURI, XMLSecurityConstants.KeyUsage keyUsage,
                                       String correlationID) throws XMLSecurityException {
+
+                        Key key = getSecretKey().get(algorithmURI);
+                        if (key != null) {
+                            return key;
+                        }
+
                         String algo = JCEAlgorithmMapper.translateURItoJCEID(algorithmURI);
                         WSPasswordCallback passwordCallback = new WSPasswordCallback(identifier, WSPasswordCallback.Usage.SECURITY_CONTEXT_TOKEN);
                         WSSUtils.doSecretKeyCallback(securityProperties.getCallbackHandler(), passwordCallback, null);
                         if (passwordCallback.getKey() == null) {
                             throw new WSSecurityException(WSSecurityException.ErrorCode.FAILURE, "noKey", securityContextTokenType.getId());
                         }
-                        return new SecretKeySpec(passwordCallback.getKey(), algo);
+                        key = new SecretKeySpec(passwordCallback.getKey(), algo);
+                        setSecretKey(algorithmURI, key);
+                        return key;
                     }
 
                     @Override
-                    public PublicKey getPubKey(String algorithmURI, XMLSecurityConstants.KeyUsage keyUsage,
-                                               String correlationID) throws XMLSecurityException {
-                        return null;
-                    }
-
-                    public SecurityToken getKeyWrappingToken() {
-                        return null;
-                    }
-
                     public WSSConstants.TokenType getTokenType() {
                         //todo and set externalUriRef
                         return WSSConstants.SecurityContextToken;
                     }
                 };
+
         securityContextToken.setElementPath(elementPath);
         securityContextToken.setXMLSecEvent(responsibleXMLSecStartXMLEvent);
 
         SecurityTokenProvider securityTokenProvider = new SecurityTokenProvider() {
 
+            @Override
             public SecurityToken getSecurityToken() throws WSSecurityException {
                 return securityContextToken;
             }
 
+            @Override
             public String getId() {
                 return securityContextTokenType.getId();
             }
@@ -115,17 +120,19 @@ public class SecurityContextTokenInputHa
 
         //fire a tokenSecurityEvent
         SecurityContextTokenSecurityEvent securityContextTokenSecurityEvent = new SecurityContextTokenSecurityEvent();
-        securityContextTokenSecurityEvent.setSecurityToken(securityTokenProvider.getSecurityToken());
+        securityContextTokenSecurityEvent.setSecurityToken((SecurityToken) securityTokenProvider.getSecurityToken());
         securityContextTokenSecurityEvent.setCorrelationID(securityContextTokenType.getId());
         ((WSSecurityContext) inputProcessorChain.getSecurityContext()).registerSecurityEvent(securityContextTokenSecurityEvent);
 
         //also register a SecurityProvider with the identifier. @see SecurityContexTest#testSCTKDKTSignAbsolute
         SecurityTokenProvider securityTokenProviderDirectReference = new SecurityTokenProvider() {
 
+            @Override
             public SecurityToken getSecurityToken() throws WSSecurityException {
                 return securityContextToken;
             }
 
+            @Override
             public String getId() {
                 return identifier;
             }

Modified: webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/ws/security/stax/impl/processor/input/SecurityTokenReferenceInputHandler.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/ws/security/stax/impl/processor/input/SecurityTokenReferenceInputHandler.java?rev=1383498&r1=1383497&r2=1383498&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/ws/security/stax/impl/processor/input/SecurityTokenReferenceInputHandler.java (original)
+++ webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/ws/security/stax/impl/processor/input/SecurityTokenReferenceInputHandler.java Tue Sep 11 17:59:51 2012
@@ -24,7 +24,8 @@ import org.apache.ws.security.common.ext
 import org.apache.ws.security.stax.ext.WSSConstants;
 import org.apache.ws.security.stax.ext.WSSSecurityProperties;
 import org.apache.ws.security.stax.ext.WSSUtils;
-import org.apache.ws.security.stax.impl.securityToken.SecurityTokenFactoryImpl;
+import org.apache.ws.security.stax.ext.WSSecurityContext;
+import org.apache.ws.security.stax.impl.securityToken.SecurityTokenReference;
 import org.apache.xml.security.stax.ext.*;
 import org.apache.xml.security.stax.ext.stax.XMLSecEndElement;
 import org.apache.xml.security.stax.ext.stax.XMLSecEvent;
@@ -129,16 +130,25 @@ public class SecurityTokenReferenceInput
 
                             private SecurityToken securityToken = null;
 
+                            @Override
                             public SecurityToken getSecurityToken() throws XMLSecurityException {
                                 if (this.securityToken != null) {
                                     return this.securityToken;
                                 }
-                                this.securityToken = SecurityTokenFactoryImpl.getSecurityToken(
-                                        attributeValue, xmlSecEventList, getSecurityProperties().getCallbackHandler(),
-                                        inputProcessorChain.getSecurityContext(), securityTokenReferenceId);
-                                return this.securityToken;
+
+                                SecurityTokenProvider securityTokenProvider =
+                                        inputProcessorChain.getSecurityContext().getSecurityTokenProvider(attributeValue);
+                                SecurityToken securityToken = securityTokenProvider.getSecurityToken();
+                                return this.securityToken = new SecurityTokenReference(
+                                        securityToken,
+                                        xmlSecEventList,
+                                        (WSSecurityContext) inputProcessorChain.getSecurityContext(),
+                                        getSecurityProperties().getCallbackHandler(),
+                                        securityTokenReferenceId,
+                                        WSSConstants.WSSKeyIdentifierType.SECURITY_TOKEN_REFERENCE);
                             }
 
+                            @Override
                             public String getId() {
                                 return securityTokenReferenceId;
                             }

Modified: webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/ws/security/stax/impl/processor/input/UsernameTokenInputHandler.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/ws/security/stax/impl/processor/input/UsernameTokenInputHandler.java?rev=1383498&r1=1383497&r2=1383498&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/ws/security/stax/impl/processor/input/UsernameTokenInputHandler.java (original)
+++ webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/ws/security/stax/impl/processor/input/UsernameTokenInputHandler.java Tue Sep 11 17:59:51 2012
@@ -30,8 +30,11 @@ import org.apache.ws.security.binding.ws
 import org.apache.ws.security.common.bsp.BSPRule;
 import org.apache.ws.security.common.ext.WSPasswordCallback;
 import org.apache.ws.security.common.ext.WSSecurityException;
-import org.apache.ws.security.stax.ext.*;
-import org.apache.ws.security.stax.impl.securityToken.SecurityTokenFactoryImpl;
+import org.apache.ws.security.stax.ext.WSSConstants;
+import org.apache.ws.security.stax.ext.WSSSecurityProperties;
+import org.apache.ws.security.stax.ext.WSSUtils;
+import org.apache.ws.security.stax.ext.WSSecurityContext;
+import org.apache.ws.security.stax.impl.securityToken.UsernameSecurityToken;
 import org.apache.ws.security.stax.securityEvent.UsernameTokenSecurityEvent;
 import org.apache.xml.security.stax.ext.*;
 import org.apache.xml.security.stax.ext.stax.XMLSecEvent;
@@ -85,10 +88,10 @@ public class UsernameTokenInputHandler e
         if (salt != null && (passwordType != null || iteration == null)) {
             throw new WSSecurityException(WSSecurityException.ErrorCode.INVALID_SECURITY_TOKEN, "badTokenType01");
         }
-        
+
         boolean handleCustomPasswordTypes = false;
-        handleCustomPasswordTypes = ((WSSSecurityProperties)securityProperties).getHandleCustomPasswordTypes();
-        
+        handleCustomPasswordTypes = ((WSSSecurityProperties) securityProperties).getHandleCustomPasswordTypes();
+
         final byte[] nonceVal;
         final String created;
 
@@ -169,7 +172,7 @@ public class UsernameTokenInputHandler e
             }
             passwordType.setValue(pwCb.getPassword());
         } else if ((usernameTokenPasswordType == WSSConstants.UsernameTokenPasswordType.PASSWORD_TEXT)
-            || (passwordType != null && passwordType.getValue() != null 
+                || (passwordType != null && passwordType.getValue() != null
                 && usernameTokenPasswordType == WSSConstants.UsernameTokenPasswordType.PASSWORD_NONE)) {
             nonceVal = null;
             created = null;
@@ -191,7 +194,7 @@ public class UsernameTokenInputHandler e
                 throw new WSSecurityException(WSSecurityException.ErrorCode.FAILED_AUTHENTICATION);
             }
             passwordType.setValue(pwCb.getPassword());
-        } else if (passwordType != null && passwordType.getValue() != null && usernameTokenPasswordType == null) { 
+        } else if (passwordType != null && passwordType.getValue() != null && usernameTokenPasswordType == null) {
             if (!handleCustomPasswordTypes) {
                 throw new WSSecurityException(WSSecurityException.ErrorCode.FAILED_AUTHENTICATION);
             }
@@ -232,15 +235,15 @@ public class UsernameTokenInputHandler e
 
         SecurityTokenProvider securityTokenProvider = new SecurityTokenProvider() {
 
-            private SecurityToken securityToken = null;
+            private UsernameSecurityToken securityToken = null;
 
             public SecurityToken getSecurityToken() throws WSSecurityException {
                 if (this.securityToken != null) {
                     return this.securityToken;
                 }
-                this.securityToken = SecurityTokenFactoryImpl.getSecurityToken(username.getValue(), password,
-                        created, nonceVal, salt, iteration, (WSSecurityContext) inputProcessorChain.getSecurityContext(),
-                        usernameTokenType.getId());
+                this.securityToken = new UsernameSecurityToken(username.getValue(), password, created, nonceVal, salt, iteration,
+                        (WSSecurityContext) inputProcessorChain.getSecurityContext(), usernameTokenType.getId(),
+                        WSSConstants.WSSKeyIdentifierType.SECURITY_TOKEN_DIRECT_REFERENCE);
                 this.securityToken.setElementPath(elementPath);
                 this.securityToken.setXMLSecEvent(responsibleStartXMLEvent);
                 return this.securityToken;
@@ -255,7 +258,7 @@ public class UsernameTokenInputHandler e
         //fire a tokenSecurityEvent
         UsernameTokenSecurityEvent usernameTokenSecurityEvent = new UsernameTokenSecurityEvent();
         usernameTokenSecurityEvent.setUsernameTokenPasswordType(usernameTokenPasswordType);
-        usernameTokenSecurityEvent.setSecurityToken(securityTokenProvider.getSecurityToken());
+        usernameTokenSecurityEvent.setSecurityToken((SecurityToken) securityTokenProvider.getSecurityToken());
         usernameTokenSecurityEvent.setUsernameTokenProfile(WSSConstants.NS_USERNAMETOKEN_PROFILE11);
         usernameTokenSecurityEvent.setCorrelationID(usernameTokenType.getId());
         ((WSSecurityContext) inputProcessorChain.getSecurityContext()).registerSecurityEvent(usernameTokenSecurityEvent);

Modified: webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/ws/security/stax/impl/processor/output/BinarySecurityTokenOutputProcessor.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/ws/security/stax/impl/processor/output/BinarySecurityTokenOutputProcessor.java?rev=1383498&r1=1383497&r2=1383498&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/ws/security/stax/impl/processor/output/BinarySecurityTokenOutputProcessor.java (original)
+++ webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/ws/security/stax/impl/processor/output/BinarySecurityTokenOutputProcessor.java Tue Sep 11 17:59:51 2012
@@ -21,11 +21,14 @@ package org.apache.ws.security.stax.impl
 import org.apache.ws.security.common.crypto.CryptoType;
 import org.apache.ws.security.common.ext.WSPasswordCallback;
 import org.apache.ws.security.common.ext.WSSecurityException;
-import org.apache.ws.security.stax.ext.*;
+import org.apache.ws.security.stax.ext.WSSConstants;
+import org.apache.ws.security.stax.ext.WSSSecurityProperties;
+import org.apache.ws.security.stax.ext.WSSUtils;
 import org.apache.xml.security.stax.ext.*;
 import org.apache.xml.security.stax.ext.stax.XMLSecEvent;
 import org.apache.xml.security.stax.ext.stax.XMLSecStartElement;
-import org.apache.xml.security.stax.impl.securityToken.AbstractSecurityToken;
+import org.apache.xml.security.stax.impl.securityToken.GenericOutboundSecurityToken;
+import org.apache.xml.security.stax.impl.securityToken.OutboundSecurityToken;
 import org.apache.xml.security.stax.impl.util.IDGenerator;
 import org.apache.xml.security.stax.securityEvent.SecurityEvent;
 import org.apache.xml.security.stax.securityEvent.TokenSecurityEvent;
@@ -33,7 +36,6 @@ import org.apache.xml.security.stax.secu
 import javax.xml.stream.XMLStreamConstants;
 import javax.xml.stream.XMLStreamException;
 import java.security.Key;
-import java.security.PublicKey;
 import java.security.cert.X509Certificate;
 import java.util.List;
 
@@ -59,17 +61,17 @@ public class BinarySecurityTokenOutputPr
                     || action.equals(WSSConstants.SAML_TOKEN_SIGNED)
                     || action.equals(WSSConstants.SIGNATURE_WITH_DERIVED_KEY)) {
 
-                String alias = ((WSSSecurityProperties)getSecurityProperties()).getSignatureUser();
+                String alias = ((WSSSecurityProperties) getSecurityProperties()).getSignatureUser();
                 WSPasswordCallback pwCb = new WSPasswordCallback(alias, WSPasswordCallback.Usage.SIGNATURE);
                 WSSUtils.doPasswordCallback(getSecurityProperties().getCallbackHandler(), pwCb);
                 String password = pwCb.getPassword();
                 if (password == null) {
                     throw new WSSecurityException(WSSecurityException.ErrorCode.FAILED_SIGNATURE, "noPassword", alias);
                 }
-                key = ((WSSSecurityProperties)getSecurityProperties()).getSignatureCrypto().getPrivateKey(alias, password);
+                key = ((WSSSecurityProperties) getSecurityProperties()).getSignatureCrypto().getPrivateKey(alias, password);
                 CryptoType cryptoType = new CryptoType(CryptoType.TYPE.ALIAS);
                 cryptoType.setAlias(alias);
-                x509Certificates = ((WSSSecurityProperties)getSecurityProperties()).getSignatureCrypto().getX509Certificates(cryptoType);
+                x509Certificates = ((WSSSecurityProperties) getSecurityProperties()).getSignatureCrypto().getX509Certificates(cryptoType);
                 if (x509Certificates == null || x509Certificates.length == 0) {
                     throw new WSSecurityException(WSSecurityException.ErrorCode.FAILED_SIGNATURE, "noUserCertsFound", alias);
                 }
@@ -88,11 +90,11 @@ public class BinarySecurityTokenOutputPr
                     x509Certificates[0] = x509Certificate;
                 } else {
                     CryptoType cryptoType = new CryptoType(CryptoType.TYPE.ALIAS);
-                    cryptoType.setAlias(((WSSSecurityProperties)getSecurityProperties()).getEncryptionUser());
-                    x509Certificates = ((WSSSecurityProperties)getSecurityProperties()).getEncryptionCrypto().getX509Certificates(cryptoType);
+                    cryptoType.setAlias(((WSSSecurityProperties) getSecurityProperties()).getEncryptionUser());
+                    x509Certificates = ((WSSSecurityProperties) getSecurityProperties()).getEncryptionCrypto().getX509Certificates(cryptoType);
                     if (x509Certificates == null || x509Certificates.length == 0) {
-                        throw new WSSecurityException(WSSecurityException.ErrorCode.FAILED_ENCRYPTION, "noUserCertsFound", 
-                                ((WSSSecurityProperties)getSecurityProperties()).getEncryptionUser());
+                        throw new WSSecurityException(WSSecurityException.ErrorCode.FAILED_ENCRYPTION, "noUserCertsFound",
+                                ((WSSSecurityProperties) getSecurityProperties()).getEncryptionUser());
                     }
                 }
                 key = null;
@@ -101,45 +103,13 @@ public class BinarySecurityTokenOutputPr
                 key = null;
             }
 
-            final AbstractSecurityToken binarySecurityToken = new AbstractSecurityToken(bstId) {
-
-                @Override
-                public boolean isAsymmetric() {
-                    return true;
-                }
-
-                @Override
-                public Key getKey(String algorithmURI, XMLSecurityConstants.KeyUsage keyUsage,
-                                  String correlationID) throws WSSecurityException {
-                    return key;
-                }
-
-                @Override
-                public PublicKey getPubKey(String algorithmURI, XMLSecurityConstants.KeyUsage keyUsage,
-                                           String correlationID) throws WSSecurityException {
-                    return x509Certificates[0].getPublicKey();
-                }
-
-                @Override
-                public X509Certificate[] getX509Certificates() throws WSSecurityException {
-                    return x509Certificates;
-                }
-
-                @Override
-                public SecurityToken getKeyWrappingToken() {
-                    return null;
-                }
-
-                @Override
-                public WSSConstants.TokenType getTokenType() {
-                    return null;
-                }
-            };
-
+            final GenericOutboundSecurityToken binarySecurityToken =
+                    new GenericOutboundSecurityToken(bstId, WSSConstants.X509V3Token, key, x509Certificates);
             final SecurityTokenProvider binarySecurityTokenProvider = new SecurityTokenProvider() {
 
+                @SuppressWarnings("unchecked")
                 @Override
-                public SecurityToken getSecurityToken() throws WSSecurityException {
+                public OutboundSecurityToken getSecurityToken() throws WSSecurityException {
                     return binarySecurityToken;
                 }
 
@@ -219,9 +189,9 @@ public class BinarySecurityTokenOutputPr
 
     class FinalBinarySecurityTokenOutputProcessor extends AbstractOutputProcessor {
 
-        private final SecurityToken securityToken;
+        private final OutboundSecurityToken securityToken;
 
-        FinalBinarySecurityTokenOutputProcessor(SecurityToken securityToken) throws XMLSecurityException {
+        FinalBinarySecurityTokenOutputProcessor(OutboundSecurityToken securityToken) throws XMLSecurityException {
             super();
             this.addAfterProcessor(BinarySecurityTokenOutputProcessor.class.getName());
             this.securityToken = securityToken;

Modified: webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/ws/security/stax/impl/processor/output/DerivedKeyTokenOutputProcessor.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/ws/security/stax/impl/processor/output/DerivedKeyTokenOutputProcessor.java?rev=1383498&r1=1383497&r2=1383498&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/ws/security/stax/impl/processor/output/DerivedKeyTokenOutputProcessor.java (original)
+++ webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/ws/security/stax/impl/processor/output/DerivedKeyTokenOutputProcessor.java Tue Sep 11 17:59:51 2012
@@ -19,18 +19,21 @@
 package org.apache.ws.security.stax.impl.processor.output;
 
 import org.apache.commons.codec.binary.Base64;
-import org.apache.ws.security.common.ext.WSPasswordCallback;
-import org.apache.ws.security.common.ext.WSSecurityException;
-import org.apache.ws.security.stax.ext.*;
 import org.apache.ws.security.common.derivedKey.AlgoFactory;
 import org.apache.ws.security.common.derivedKey.ConversationException;
 import org.apache.ws.security.common.derivedKey.DerivationAlgorithm;
+import org.apache.ws.security.common.ext.WSPasswordCallback;
+import org.apache.ws.security.common.ext.WSSecurityException;
+import org.apache.ws.security.stax.ext.WSSConstants;
+import org.apache.ws.security.stax.ext.WSSSecurityProperties;
+import org.apache.ws.security.stax.ext.WSSUtils;
 import org.apache.xml.security.stax.config.JCEAlgorithmMapper;
 import org.apache.xml.security.stax.ext.*;
 import org.apache.xml.security.stax.ext.stax.XMLSecAttribute;
 import org.apache.xml.security.stax.ext.stax.XMLSecEvent;
 import org.apache.xml.security.stax.ext.stax.XMLSecStartElement;
-import org.apache.xml.security.stax.impl.securityToken.AbstractSecurityToken;
+import org.apache.xml.security.stax.impl.securityToken.GenericOutboundSecurityToken;
+import org.apache.xml.security.stax.impl.securityToken.OutboundSecurityToken;
 import org.apache.xml.security.stax.impl.util.IDGenerator;
 
 import javax.crypto.spec.SecretKeySpec;
@@ -38,12 +41,9 @@ import javax.xml.stream.XMLStreamConstan
 import javax.xml.stream.XMLStreamException;
 import java.io.UnsupportedEncodingException;
 import java.security.Key;
-import java.security.PublicKey;
 import java.security.cert.X509Certificate;
 import java.util.ArrayList;
-import java.util.Hashtable;
 import java.util.List;
-import java.util.Map;
 
 /**
  * @author $Author$
@@ -67,7 +67,7 @@ public class DerivedKeyTokenOutputProces
             if (wrappingSecurityTokenProvider == null) {
                 throw new WSSecurityException(WSSecurityException.ErrorCode.FAILED_ENCRYPTION);
             }
-            final SecurityToken wrappingSecurityToken = wrappingSecurityTokenProvider.getSecurityToken();
+            final OutboundSecurityToken wrappingSecurityToken = wrappingSecurityTokenProvider.getSecurityToken();
             if (wrappingSecurityToken == null) {
                 throw new WSSecurityException(WSSecurityException.ErrorCode.FAILED_ENCRYPTION);
             }
@@ -116,7 +116,7 @@ public class DerivedKeyTokenOutputProces
                     }
                     secret = passwordCallback.getKey();
                 } else {
-                    secret = wrappingSecurityToken.getSecretKey(null, null, null).getEncoded();
+                    secret = wrappingSecurityToken.getSecretKey("").getEncoded();
                 }
 
                 derivedKeyBytes = derivationAlgorithm.createKey(secret, seed, offset, length);
@@ -124,56 +124,34 @@ public class DerivedKeyTokenOutputProces
                 throw new WSSecurityException(e.getMessage(), e);
             }
 
-            final AbstractSecurityToken derivedKeySecurityToken = new AbstractSecurityToken(wsuIdDKT) {
-
-                private final Map<String, Key> keyTable = new Hashtable<String, Key>();
+            final GenericOutboundSecurityToken derivedKeySecurityToken = new GenericOutboundSecurityToken(wsuIdDKT, WSSConstants.DerivedKeyToken) {
 
                 @Override
-                public boolean isAsymmetric() {
-                    return false;
-                }
+                public Key getSecretKey(String algorithmURI) throws WSSecurityException {
 
-                @Override
-                public Key getKey(String algorithmURI, XMLSecurityConstants.KeyUsage keyUsage,
-                                  String correlationID) throws WSSecurityException {
-                    if (keyTable.containsKey(algorithmURI)) {
-                        return keyTable.get(algorithmURI);
-                    } else {
-                        String algoFamily = JCEAlgorithmMapper.getJCERequiredKeyFromURI(algorithmURI);
-                        Key key = new SecretKeySpec(derivedKeyBytes, algoFamily);
-                        keyTable.put(algorithmURI, key);
+                    Key key = null;
+                    try {
+                        key = super.getSecretKey(algorithmURI);
+                    } catch (XMLSecurityException e) {
+                        throw new WSSecurityException(e.getMessage(), e);
+                    }
+                    if (key != null) {
                         return key;
                     }
-                }
-
-                @Override
-                public PublicKey getPubKey(String algorithmURI, XMLSecurityConstants.KeyUsage keyUsage,
-                                           String correlationID) throws WSSecurityException {
-                    return null;
-                }
-
-                @Override
-                public X509Certificate[] getX509Certificates() throws WSSecurityException {
-                    return null;
-                }
-
-                @Override
-                public SecurityToken getKeyWrappingToken() {
-                    return wrappingSecurityToken;
-                }
-
-                @Override
-                public WSSConstants.TokenType getTokenType() {
-                    return null;
+                    String algoFamily = JCEAlgorithmMapper.getJCERequiredKeyFromURI(algorithmURI);
+                    key = new SecretKeySpec(derivedKeyBytes, algoFamily);
+                    setSecretKey(algorithmURI, key);
+                    return key;
                 }
             };
 
+            derivedKeySecurityToken.setKeyWrappingToken(wrappingSecurityToken);
             wrappingSecurityToken.addWrappedToken(derivedKeySecurityToken);
 
             SecurityTokenProvider derivedKeysecurityTokenProvider = new SecurityTokenProvider() {
 
                 @Override
-                public SecurityToken getSecurityToken() throws WSSecurityException {
+                public OutboundSecurityToken getSecurityToken() throws WSSecurityException {
                     return derivedKeySecurityToken;
                 }
 
@@ -205,12 +183,12 @@ public class DerivedKeyTokenOutputProces
 
     class FinalDerivedKeyTokenOutputProcessor extends AbstractOutputProcessor {
 
-        private final SecurityToken securityToken;
+        private final OutboundSecurityToken securityToken;
         private final int offset;
         private final int length;
         private final String nonce;
 
-        FinalDerivedKeyTokenOutputProcessor(SecurityToken securityToken, int offset, int length, String nonce) throws XMLSecurityException {
+        FinalDerivedKeyTokenOutputProcessor(OutboundSecurityToken securityToken, int offset, int length, String nonce) throws XMLSecurityException {
 
             super();
             this.securityToken = securityToken;
@@ -253,7 +231,7 @@ public class DerivedKeyTokenOutputProces
 
         protected void createSecurityTokenReferenceStructureForDerivedKey(
                 OutputProcessorChain outputProcessorChain,
-                SecurityToken securityToken,
+                OutboundSecurityToken securityToken,
                 WSSConstants.KeyIdentifierType keyIdentifierType,
                 WSSConstants.DerivedKeyTokenReference derivedKeyTokenReference,
                 boolean useSingleCertificate)

Modified: webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/ws/security/stax/impl/processor/output/EncryptOutputProcessor.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/ws/security/stax/impl/processor/output/EncryptOutputProcessor.java?rev=1383498&r1=1383497&r2=1383498&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/ws/security/stax/impl/processor/output/EncryptOutputProcessor.java (original)
+++ webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/ws/security/stax/impl/processor/output/EncryptOutputProcessor.java Tue Sep 11 17:59:51 2012
@@ -22,16 +22,13 @@ import org.apache.commons.logging.Log;
 import org.apache.commons.logging.LogFactory;
 import org.apache.ws.security.stax.ext.WSSConstants;
 import org.apache.ws.security.stax.ext.WSSUtils;
-import org.apache.xml.security.stax.ext.OutputProcessorChain;
-import org.apache.xml.security.stax.ext.SecurePart;
-import org.apache.xml.security.stax.ext.SecurityTokenProvider;
-import org.apache.xml.security.stax.ext.XMLSecurityConstants;
-import org.apache.xml.security.stax.ext.XMLSecurityException;
+import org.apache.xml.security.stax.ext.*;
 import org.apache.xml.security.stax.ext.stax.XMLSecAttribute;
 import org.apache.xml.security.stax.ext.stax.XMLSecEvent;
 import org.apache.xml.security.stax.ext.stax.XMLSecStartElement;
 import org.apache.xml.security.stax.impl.EncryptionPartDef;
 import org.apache.xml.security.stax.impl.processor.output.AbstractEncryptOutputProcessor;
+import org.apache.xml.security.stax.impl.securityToken.OutboundSecurityToken;
 import org.apache.xml.security.stax.impl.util.IDGenerator;
 
 import javax.crypto.NoSuchPaddingException;
@@ -83,11 +80,12 @@ public class EncryptOutputProcessor exte
                     try {
                         String tokenId = outputProcessorChain.getSecurityContext().get(WSSConstants.PROP_USE_THIS_TOKEN_ID_FOR_ENCRYPTION);
                         SecurityTokenProvider securityTokenProvider = outputProcessorChain.getSecurityContext().getSecurityTokenProvider(tokenId);
+                        OutboundSecurityToken securityToken = securityTokenProvider.getSecurityToken();
                         EncryptionPartDef encryptionPartDef = new EncryptionPartDef();
                         encryptionPartDef.setModifier(securePart.getModifier());
                         encryptionPartDef.setEncRefId(IDGenerator.generateID(null));
                         encryptionPartDef.setKeyId(securityTokenProvider.getId());
-                        encryptionPartDef.setSymmetricKey(securityTokenProvider.getSecurityToken().getSecretKey(getSecurityProperties().getEncryptionSymAlgorithm(), null, null));
+                        encryptionPartDef.setSymmetricKey(securityToken.getSecretKey(getSecurityProperties().getEncryptionSymAlgorithm()));
                         outputProcessorChain.getSecurityContext().putAsList(EncryptionPartDef.class, encryptionPartDef);
                         internalEncryptionOutputProcessor =
                                 new InternalEncryptionOutputProcessor(

Modified: webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/ws/security/stax/impl/processor/output/EncryptedKeyOutputProcessor.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/ws/security/stax/impl/processor/output/EncryptedKeyOutputProcessor.java?rev=1383498&r1=1383497&r2=1383498&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/ws/security/stax/impl/processor/output/EncryptedKeyOutputProcessor.java (original)
+++ webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/ws/security/stax/impl/processor/output/EncryptedKeyOutputProcessor.java Tue Sep 11 17:59:51 2012
@@ -28,7 +28,8 @@ import org.apache.xml.security.stax.ext.
 import org.apache.xml.security.stax.ext.stax.XMLSecAttribute;
 import org.apache.xml.security.stax.ext.stax.XMLSecEvent;
 import org.apache.xml.security.stax.ext.stax.XMLSecStartElement;
-import org.apache.xml.security.stax.impl.securityToken.AbstractSecurityToken;
+import org.apache.xml.security.stax.impl.securityToken.GenericOutboundSecurityToken;
+import org.apache.xml.security.stax.impl.securityToken.OutboundSecurityToken;
 import org.apache.xml.security.stax.impl.util.IDGenerator;
 
 import javax.crypto.Cipher;
@@ -40,7 +41,6 @@ import javax.xml.stream.XMLStreamExcepti
 import java.security.InvalidKeyException;
 import java.security.Key;
 import java.security.NoSuchAlgorithmException;
-import java.security.PublicKey;
 import java.security.cert.X509Certificate;
 import java.util.ArrayList;
 import java.util.List;
@@ -67,7 +67,7 @@ public class EncryptedKeyOutputProcessor
             if (wrappingSecurityTokenProvider == null) {
                 throw new WSSecurityException(WSSecurityException.ErrorCode.FAILED_ENCRYPTION);
             }
-            final SecurityToken wrappingSecurityToken = wrappingSecurityTokenProvider.getSecurityToken();
+            final OutboundSecurityToken wrappingSecurityToken = wrappingSecurityTokenProvider.getSecurityToken();
             if (wrappingSecurityToken == null) {
                 throw new WSSecurityException(WSSecurityException.ErrorCode.FAILED_ENCRYPTION);
             }
@@ -91,40 +91,15 @@ public class EncryptedKeyOutputProcessor
 
             final String ekId = IDGenerator.generateID(null);
 
-            final AbstractSecurityToken encryptedKeySecurityToken = new AbstractSecurityToken(ekId) {
-
-                public boolean isAsymmetric() {
-                    return false;
-                }
-
-                public Key getKey(String algorithmURI, XMLSecurityConstants.KeyUsage keyUsage,
-                                  String correlationID) throws XMLSecurityException {
-                    return symmetricKey;
-                }
-
-                public PublicKey getPubKey(String algorithmURI, XMLSecurityConstants.KeyUsage keyUsage,
-                                           String correlationID) throws XMLSecurityException {
-                    return null;
-                }
-
-                public X509Certificate[] getX509Certificates() throws XMLSecurityException {
-                    return null;
-                }
-
-                public SecurityToken getKeyWrappingToken() {
-                    return wrappingSecurityToken;
-                }
-
-                public WSSConstants.TokenType getTokenType() {
-                    return null;
-                }
-            };
+            final GenericOutboundSecurityToken encryptedKeySecurityToken = new GenericOutboundSecurityToken(ekId, WSSConstants.EncryptedKeyToken, symmetricKey);
+            encryptedKeySecurityToken.setKeyWrappingToken(wrappingSecurityToken);
             wrappingSecurityToken.addWrappedToken(encryptedKeySecurityToken);
 
             final SecurityTokenProvider encryptedKeySecurityTokenProvider = new SecurityTokenProvider() {
 
+                @SuppressWarnings("unchecked")
                 @Override
-                public SecurityToken getSecurityToken() throws XMLSecurityException {
+                public OutboundSecurityToken getSecurityToken() throws XMLSecurityException {
                     return encryptedKeySecurityToken;
                 }
 
@@ -171,9 +146,9 @@ public class EncryptedKeyOutputProcessor
 
     class FinalEncryptedKeyOutputProcessor extends AbstractOutputProcessor {
 
-        private final SecurityToken securityToken;
+        private final OutboundSecurityToken securityToken;
 
-        FinalEncryptedKeyOutputProcessor(SecurityToken securityToken) throws XMLSecurityException {
+        FinalEncryptedKeyOutputProcessor(OutboundSecurityToken securityToken) throws XMLSecurityException {
             super();
             this.addAfterProcessor(FinalEncryptedKeyOutputProcessor.class.getName());
             this.securityToken = securityToken;
@@ -220,7 +195,11 @@ public class EncryptedKeyOutputProcessor
                     createStartElementAndOutputAsEvent(subOutputProcessorChain, WSSConstants.TAG_xenc_EncryptionMethod, false, attributes);
                     createEndElementAndOutputAsEvent(subOutputProcessorChain, WSSConstants.TAG_xenc_EncryptionMethod);
                     createStartElementAndOutputAsEvent(subOutputProcessorChain, WSSConstants.TAG_dsig_KeyInfo, true, null);
-                    createSecurityTokenReferenceStructureForEncryptedKey(subOutputProcessorChain, securityToken, ((WSSSecurityProperties) getSecurityProperties()).getEncryptionKeyIdentifierType(), getSecurityProperties().isUseSingleCert());
+                    createSecurityTokenReferenceStructureForEncryptedKey(
+                            subOutputProcessorChain, securityToken,
+                            ((WSSSecurityProperties) getSecurityProperties()).getEncryptionKeyIdentifierType(),
+                            getSecurityProperties().isUseSingleCert()
+                    );
                     createEndElementAndOutputAsEvent(subOutputProcessorChain, WSSConstants.TAG_dsig_KeyInfo);
                     createStartElementAndOutputAsEvent(subOutputProcessorChain, WSSConstants.TAG_xenc_CipherData, false, null);
                     createStartElementAndOutputAsEvent(subOutputProcessorChain, WSSConstants.TAG_xenc_CipherValue, false, null);
@@ -231,7 +210,7 @@ public class EncryptedKeyOutputProcessor
                         Cipher cipher = Cipher.getInstance(jceid);
                         cipher.init(Cipher.WRAP_MODE, x509Certificate);
 
-                        Key secretKey = securityToken.getSecretKey(null, null, null);
+                        Key secretKey = securityToken.getSecretKey("");
 
                         int blockSize = cipher.getBlockSize();
                         if (blockSize > 0 && blockSize < secretKey.getEncoded().length) {
@@ -269,7 +248,7 @@ public class EncryptedKeyOutputProcessor
 
         protected void createSecurityTokenReferenceStructureForEncryptedKey(
                 OutputProcessorChain outputProcessorChain,
-                SecurityToken securityToken,
+                OutboundSecurityToken securityToken,
                 WSSConstants.KeyIdentifierType keyIdentifierType,
                 boolean useSingleCertificate)
                 throws XMLStreamException, XMLSecurityException {

Modified: webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/ws/security/stax/impl/processor/output/SAMLTokenOutputProcessor.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/ws/security/stax/impl/processor/output/SAMLTokenOutputProcessor.java?rev=1383498&r1=1383497&r2=1383498&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/ws/security/stax/impl/processor/output/SAMLTokenOutputProcessor.java (original)
+++ webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/ws/security/stax/impl/processor/output/SAMLTokenOutputProcessor.java Tue Sep 11 17:59:51 2012
@@ -18,34 +18,30 @@
  */
 package org.apache.ws.security.stax.impl.processor.output;
 
-import org.opensaml.common.SAMLVersion;
 import org.apache.ws.security.common.crypto.CryptoType;
 import org.apache.ws.security.common.ext.WSPasswordCallback;
 import org.apache.ws.security.common.ext.WSSecurityException;
-import org.apache.ws.security.common.saml.AssertionWrapper;
-import org.apache.ws.security.common.saml.OpenSAMLUtil;
-import org.apache.ws.security.common.saml.SAMLCallback;
-import org.apache.ws.security.common.saml.SAMLKeyInfo;
-import org.apache.ws.security.common.saml.SAMLUtil;
+import org.apache.ws.security.common.saml.*;
 import org.apache.ws.security.common.saml.bean.KeyInfoBean;
 import org.apache.ws.security.common.saml.bean.SubjectBean;
-import org.apache.ws.security.stax.ext.*;
-import org.apache.ws.security.stax.impl.securityToken.SAMLSecurityToken;
+import org.apache.ws.security.stax.ext.WSSConstants;
+import org.apache.ws.security.stax.ext.WSSSecurityProperties;
+import org.apache.ws.security.stax.ext.WSSUtils;
 import org.apache.xml.security.stax.ext.*;
 import org.apache.xml.security.stax.ext.stax.XMLSecAttribute;
 import org.apache.xml.security.stax.ext.stax.XMLSecEvent;
 import org.apache.xml.security.stax.ext.stax.XMLSecNamespace;
 import org.apache.xml.security.stax.ext.stax.XMLSecStartElement;
-import org.apache.xml.security.stax.impl.securityToken.AbstractSecurityToken;
+import org.apache.xml.security.stax.impl.securityToken.GenericOutboundSecurityToken;
+import org.apache.xml.security.stax.impl.securityToken.OutboundSecurityToken;
 import org.apache.xml.security.stax.impl.util.IDGenerator;
+import org.opensaml.common.SAMLVersion;
 import org.w3c.dom.*;
 
 import javax.xml.namespace.QName;
 import javax.xml.stream.XMLStreamConstants;
 import javax.xml.stream.XMLStreamException;
-import java.security.Key;
 import java.security.PrivateKey;
-import java.security.PublicKey;
 import java.security.cert.X509Certificate;
 import java.util.ArrayList;
 import java.util.List;
@@ -117,7 +113,7 @@ public class SAMLTokenOutputProcessor ex
                     if (keyInfoBean != null) {
                         X509Certificate x509Certificate = keyInfoBean.getCertificate();
                         if (x509Certificate != null) {
-                            String alias = ((WSSSecurityProperties)getSecurityProperties()).getSignatureCrypto().getX509Identifier(x509Certificate);
+                            String alias = ((WSSSecurityProperties) getSecurityProperties()).getSignatureCrypto().getX509Identifier(x509Certificate);
                             if (alias == null) {
                                 throw new WSSecurityException(WSSecurityException.ErrorCode.FAILURE, "aliasIsNull");
                             }
@@ -125,8 +121,8 @@ public class SAMLTokenOutputProcessor ex
                             WSSUtils.doPasswordCallback(getSecurityProperties().getCallbackHandler(), wsPasswordCallback);
                             CryptoType cryptoType = new CryptoType(CryptoType.TYPE.ALIAS);
                             cryptoType.setAlias(alias);
-                            certificates = ((WSSSecurityProperties)getSecurityProperties()).getSignatureCrypto().getX509Certificates(cryptoType);
-                            privateKey = ((WSSSecurityProperties)getSecurityProperties()).getSignatureCrypto().getPrivateKey(alias, wsPasswordCallback.getPassword());
+                            certificates = ((WSSSecurityProperties) getSecurityProperties()).getSignatureCrypto().getX509Certificates(cryptoType);
+                            privateKey = ((WSSSecurityProperties) getSecurityProperties()).getSignatureCrypto().getPrivateKey(alias, wsPasswordCallback.getPassword());
                         }
                     }
                 }
@@ -145,43 +141,18 @@ public class SAMLTokenOutputProcessor ex
 
             final PrivateKey secretKey = privateKey;
 
-            final AbstractSecurityToken securityToken;
+            final GenericOutboundSecurityToken securityToken;
             SecurityTokenProvider securityTokenProvider;
             if (senderVouches) {
-                securityToken = new AbstractSecurityToken(binarySecurityTokenId) {
-
-                    public boolean isAsymmetric() {
-                        return true;
-                    }
-
-                    public Key getKey(String algorithmURI, XMLSecurityConstants.KeyUsage keyUsage,
-                                      String correlationID) throws WSSecurityException {
-                        return secretKey;
-                    }
-
-                    public PublicKey getPubKey(String algorithmURI, XMLSecurityConstants.KeyUsage keyUsage,
-                                               String correlationID) throws WSSecurityException {
-                        return x509Certificates[0].getPublicKey();
-                    }
-
-                    public X509Certificate[] getX509Certificates() throws WSSecurityException {
-                        return x509Certificates;
-                    }
-
-                    public SecurityToken getKeyWrappingToken() {
-                        return null;
-                    }
-
-                    public WSSConstants.TokenType getTokenType() {
-                        //todo pkiPathToken etc?
-                        return WSSConstants.X509V3Token;
-                    }
-                };
+                securityToken = new GenericOutboundSecurityToken(binarySecurityTokenId,
+                        WSSConstants.X509V3Token, secretKey, x509Certificates);
             } else {
                 securityToken = null;
             }
 
-            final FinalSAMLTokenOutputProcessor finalSAMLTokenOutputProcessor = new FinalSAMLTokenOutputProcessor(securityToken, samlAssertionWrapper, securityTokenReferenceId, binarySecurityTokenId, senderVouches);
+            final FinalSAMLTokenOutputProcessor finalSAMLTokenOutputProcessor =
+                    new FinalSAMLTokenOutputProcessor(securityToken, samlAssertionWrapper,
+                            securityTokenReferenceId, binarySecurityTokenId, senderVouches);
             finalSAMLTokenOutputProcessor.setXMLSecurityProperties(getSecurityProperties());
             finalSAMLTokenOutputProcessor.setAction(getAction());
             finalSAMLTokenOutputProcessor.init(outputProcessorChain);
@@ -190,8 +161,9 @@ public class SAMLTokenOutputProcessor ex
 
                 securityTokenProvider = new SecurityTokenProvider() {
 
+                    @SuppressWarnings("unchecked")
                     @Override
-                    public SecurityToken getSecurityToken() throws WSSecurityException {
+                    public OutboundSecurityToken getSecurityToken() throws WSSecurityException {
                         return securityToken;
                     }
 
@@ -207,16 +179,23 @@ public class SAMLTokenOutputProcessor ex
             } else {
                 securityTokenProvider = new SecurityTokenProvider() {
 
-                    private SAMLSecurityToken samlSecurityToken;
+                    private GenericOutboundSecurityToken samlSecurityToken;
 
+                    @SuppressWarnings("unchecked")
                     @Override
-                    public SecurityToken getSecurityToken() throws XMLSecurityException {
+                    public OutboundSecurityToken getSecurityToken() throws XMLSecurityException {
                         if (this.samlSecurityToken != null) {
                             return this.samlSecurityToken;
                         }
-                        this.samlSecurityToken = new SAMLSecurityToken(
-                                samlCallback.getSamlVersion(), samlKeyInfo, (WSSecurityContext) outputProcessorChain.getSecurityContext(),
-                                ((WSSSecurityProperties)getSecurityProperties()).getSignatureCrypto(), getSecurityProperties().getCallbackHandler(), tokenId);
+                        XMLSecurityConstants.TokenType tokenType;
+                        if (samlCallback.getSamlVersion() == SAMLVersion.VERSION_10) {
+                            tokenType = WSSConstants.Saml10Token;
+                        } else if (samlCallback.getSamlVersion() == SAMLVersion.VERSION_11) {
+                            tokenType = WSSConstants.Saml11Token;
+                        } else {
+                            tokenType = WSSConstants.Saml20Token;
+                        }
+                        this.samlSecurityToken = new GenericOutboundSecurityToken(tokenId, tokenType, samlKeyInfo.getPrivateKey(), samlKeyInfo.getCerts());
                         this.samlSecurityToken.setProcessor(finalSAMLTokenOutputProcessor);
                         return this.samlSecurityToken;
                     }
@@ -245,13 +224,13 @@ public class SAMLTokenOutputProcessor ex
 
     class FinalSAMLTokenOutputProcessor extends AbstractOutputProcessor {
 
-        private final SecurityToken securityToken;
+        private final OutboundSecurityToken securityToken;
         private final AssertionWrapper assertionWrapper;
         private final String securityTokenReferenceId;
         private final String binarySecurityTokenReferenceId;
         private boolean senderVouches = false;
 
-        FinalSAMLTokenOutputProcessor(SecurityToken securityToken, AssertionWrapper assertionWrapper,
+        FinalSAMLTokenOutputProcessor(OutboundSecurityToken securityToken, AssertionWrapper assertionWrapper,
                                       String securityTokenReferenceId, String binarySecurityTokenReferenceId,
                                       boolean senderVouches) throws XMLSecurityException {
             super();



Mime
View raw message