ws-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From gi...@apache.org
Subject svn commit: r1383498 [2/2] - in /webservices/wss4j/trunk: ws-security-policy-stax/src/main/java/org/apache/ws/security/policy/stax/assertionStates/ ws-security-policy-stax/src/test/java/org/apache/ws/security/policy/stax/test/ ws-security-stax/src/main...
Date Tue, 11 Sep 2012 17:59:52 GMT
Modified: webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/ws/security/stax/impl/processor/output/SecurityContextTokenOutputProcessor.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/ws/security/stax/impl/processor/output/SecurityContextTokenOutputProcessor.java?rev=1383498&r1=1383497&r2=1383498&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/ws/security/stax/impl/processor/output/SecurityContextTokenOutputProcessor.java (original)
+++ webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/ws/security/stax/impl/processor/output/SecurityContextTokenOutputProcessor.java Tue Sep 11 17:59:51 2012
@@ -26,7 +26,8 @@ import org.apache.xml.security.stax.ext.
 import org.apache.xml.security.stax.ext.stax.XMLSecAttribute;
 import org.apache.xml.security.stax.ext.stax.XMLSecEvent;
 import org.apache.xml.security.stax.ext.stax.XMLSecStartElement;
-import org.apache.xml.security.stax.impl.securityToken.AbstractSecurityToken;
+import org.apache.xml.security.stax.impl.securityToken.GenericOutboundSecurityToken;
+import org.apache.xml.security.stax.impl.securityToken.OutboundSecurityToken;
 import org.apache.xml.security.stax.impl.util.IDGenerator;
 
 import javax.xml.stream.XMLStreamConstants;
@@ -58,7 +59,7 @@ public class SecurityContextTokenOutputP
             if (wrappingSecurityTokenProvider == null) {
                 throw new WSSecurityException(WSSecurityException.ErrorCode.FAILED_ENCRYPTION);
             }
-            final SecurityToken wrappingSecurityToken = wrappingSecurityTokenProvider.getSecurityToken();
+            final OutboundSecurityToken wrappingSecurityToken = wrappingSecurityTokenProvider.getSecurityToken();
             if (wrappingSecurityToken == null) {
                 throw new WSSecurityException(WSSecurityException.ErrorCode.FAILED_ENCRYPTION);
             }
@@ -66,51 +67,30 @@ public class SecurityContextTokenOutputP
             final String wsuId = IDGenerator.generateID(null);
             final String identifier = IDGenerator.generateID(null);
 
-            final AbstractSecurityToken securityContextSecurityToken = new AbstractSecurityToken(wsuId) {
+            final GenericOutboundSecurityToken securityContextSecurityToken = new GenericOutboundSecurityToken(wsuId, WSSConstants.SecurityContextToken) {
 
                 @Override
-                public boolean isAsymmetric() {
-                    return wrappingSecurityToken.isAsymmetric();
+                public Key getSecretKey(String algorithmURI) throws XMLSecurityException {
+                    return wrappingSecurityToken.getSecretKey(algorithmURI);
                 }
 
                 @Override
-                public Key getKey(String algorithmURI, XMLSecurityConstants.KeyUsage keyUsage,
-                                  String correlationID) throws XMLSecurityException {
-                    return wrappingSecurityToken.getSecretKey(algorithmURI, keyUsage, correlationID);
-                }
-
-                @Override
-                public PublicKey getPubKey(String algorithmURI, XMLSecurityConstants.KeyUsage keyUsage,
-                                           String correlationID) throws XMLSecurityException {
-                    return wrappingSecurityToken.getPublicKey(algorithmURI, keyUsage, correlationID);
+                public PublicKey getPublicKey() throws XMLSecurityException {
+                    return wrappingSecurityToken.getPublicKey();
                 }
 
                 @Override
                 public X509Certificate[] getX509Certificates() throws XMLSecurityException {
                     return wrappingSecurityToken.getX509Certificates();
                 }
-
-                @Override
-                public void verify() throws XMLSecurityException {
-                    wrappingSecurityToken.verify();
-                }
-
-                @Override
-                public SecurityToken getKeyWrappingToken() {
-                    return wrappingSecurityToken;
-                }
-
-                @Override
-                public WSSConstants.TokenType getTokenType() {
-                    return WSSConstants.SecurityContextToken;
-                }
             };
             wrappingSecurityToken.addWrappedToken(securityContextSecurityToken);
 
             SecurityTokenProvider securityContextSecurityTokenProvider = new SecurityTokenProvider() {
 
+                @SuppressWarnings("unchecked")
                 @Override
-                public SecurityToken getSecurityToken() throws WSSecurityException {
+                public OutboundSecurityToken getSecurityToken() throws WSSecurityException {
                     return securityContextSecurityToken;
                 }
 
@@ -120,7 +100,8 @@ public class SecurityContextTokenOutputP
                 }
             };
 
-            FinalSecurityContextTokenOutputProcessor finalSecurityContextTokenOutputProcessor = new FinalSecurityContextTokenOutputProcessor(securityContextSecurityToken, identifier);
+            FinalSecurityContextTokenOutputProcessor finalSecurityContextTokenOutputProcessor =
+                    new FinalSecurityContextTokenOutputProcessor(securityContextSecurityToken, identifier);
             finalSecurityContextTokenOutputProcessor.setXMLSecurityProperties(getSecurityProperties());
             finalSecurityContextTokenOutputProcessor.setAction(getAction());
             XMLSecurityConstants.Action action = getAction();
@@ -152,10 +133,10 @@ public class SecurityContextTokenOutputP
 
     class FinalSecurityContextTokenOutputProcessor extends AbstractOutputProcessor {
 
-        private final SecurityToken securityToken;
+        private final OutboundSecurityToken securityToken;
         private final String identifier;
 
-        FinalSecurityContextTokenOutputProcessor(SecurityToken securityToken, String identifier) throws XMLSecurityException {
+        FinalSecurityContextTokenOutputProcessor(OutboundSecurityToken securityToken, String identifier) throws XMLSecurityException {
             super();
             this.securityToken = securityToken;
             this.identifier = identifier;

Modified: webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/ws/security/stax/impl/processor/output/UsernameTokenOutputProcessor.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/ws/security/stax/impl/processor/output/UsernameTokenOutputProcessor.java?rev=1383498&r1=1383497&r2=1383498&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/ws/security/stax/impl/processor/output/UsernameTokenOutputProcessor.java (original)
+++ webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/ws/security/stax/impl/processor/output/UsernameTokenOutputProcessor.java Tue Sep 11 17:59:51 2012
@@ -21,12 +21,15 @@ package org.apache.ws.security.stax.impl
 import org.apache.commons.codec.binary.Base64;
 import org.apache.ws.security.common.ext.WSPasswordCallback;
 import org.apache.ws.security.common.ext.WSSecurityException;
-import org.apache.ws.security.stax.ext.*;
-import org.apache.ws.security.stax.impl.securityToken.UsernameSecurityToken;
+import org.apache.ws.security.stax.ext.WSSConstants;
+import org.apache.ws.security.stax.ext.WSSSecurityProperties;
+import org.apache.ws.security.stax.ext.WSSUtils;
+import org.apache.ws.security.stax.impl.securityToken.OutboundUsernameSecurityToken;
 import org.apache.xml.security.stax.ext.*;
 import org.apache.xml.security.stax.ext.stax.XMLSecAttribute;
 import org.apache.xml.security.stax.ext.stax.XMLSecEvent;
 import org.apache.xml.security.stax.ext.stax.XMLSecStartElement;
+import org.apache.xml.security.stax.impl.securityToken.OutboundSecurityToken;
 import org.apache.xml.security.stax.impl.util.IDGenerator;
 
 import javax.xml.datatype.XMLGregorianCalendar;
@@ -69,22 +72,20 @@ public class UsernameTokenOutputProcesso
 
             final OutputProcessor outputProcessor = this;
 
-            final UsernameSecurityToken usernameSecurityToken =
-                    new UsernameSecurityToken(
-                            ((WSSSecurityProperties) getSecurityProperties()).getTokenUser(),
+            final OutboundUsernameSecurityToken usernameSecurityToken =
+                    new OutboundUsernameSecurityToken(((WSSSecurityProperties) getSecurityProperties()).getTokenUser(),
                             password,
-                            created != null ? created.toXMLFormat() : null,
+                            created.toXMLFormat(),
                             nonceValue,
-                            null,
-                            null,
                             wsuId
                     );
             usernameSecurityToken.setProcessor(outputProcessor);
 
             SecurityTokenProvider securityTokenProvider = new SecurityTokenProvider() {
 
+                @SuppressWarnings("unchecked")
                 @Override
-                public SecurityToken getSecurityToken() throws WSSecurityException {
+                public OutboundSecurityToken getSecurityToken() throws WSSecurityException {
                     return usernameSecurityToken;
                 }
 

Modified: webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/ws/security/stax/impl/processor/output/WSSSignatureEndingOutputProcessor.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/ws/security/stax/impl/processor/output/WSSSignatureEndingOutputProcessor.java?rev=1383498&r1=1383497&r2=1383498&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/ws/security/stax/impl/processor/output/WSSSignatureEndingOutputProcessor.java (original)
+++ webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/ws/security/stax/impl/processor/output/WSSSignatureEndingOutputProcessor.java Tue Sep 11 17:59:51 2012
@@ -18,8 +18,10 @@
  */
 package org.apache.ws.security.stax.impl.processor.output;
 
+import org.apache.ws.security.stax.ext.WSSConstants;
+import org.apache.ws.security.stax.ext.WSSSecurityProperties;
+import org.apache.ws.security.stax.ext.WSSUtils;
 import org.apache.xml.security.stax.ext.OutputProcessorChain;
-import org.apache.xml.security.stax.ext.SecurityToken;
 import org.apache.xml.security.stax.ext.XMLSecurityConstants;
 import org.apache.xml.security.stax.ext.XMLSecurityException;
 import org.apache.xml.security.stax.ext.stax.XMLSecAttribute;
@@ -28,11 +30,9 @@ import org.apache.xml.security.stax.ext.
 import org.apache.xml.security.stax.impl.SignaturePartDef;
 import org.apache.xml.security.stax.impl.algorithms.SignatureAlgorithm;
 import org.apache.xml.security.stax.impl.processor.output.AbstractSignatureEndingOutputProcessor;
+import org.apache.xml.security.stax.impl.securityToken.OutboundSecurityToken;
 import org.apache.xml.security.stax.impl.util.IDGenerator;
 import org.apache.xml.security.stax.securityEvent.SignatureValueSecurityEvent;
-import org.apache.ws.security.stax.ext.WSSConstants;
-import org.apache.ws.security.stax.ext.WSSSecurityProperties;
-import org.apache.ws.security.stax.ext.WSSUtils;
 
 import javax.xml.namespace.QName;
 import javax.xml.stream.XMLStreamConstants;
@@ -90,7 +90,7 @@ public class WSSSignatureEndingOutputPro
     @Override
     protected void createKeyInfoStructureForSignature(
             OutputProcessorChain outputProcessorChain,
-            SecurityToken securityToken,
+            OutboundSecurityToken securityToken,
             boolean useSingleCertificate)
             throws XMLStreamException, XMLSecurityException {
 

Modified: webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/ws/security/stax/impl/securityToken/HttpsSecurityToken.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/ws/security/stax/impl/securityToken/HttpsSecurityToken.java?rev=1383498&r1=1383497&r2=1383498&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/ws/security/stax/impl/securityToken/HttpsSecurityToken.java (original)
+++ webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/ws/security/stax/impl/securityToken/HttpsSecurityToken.java Tue Sep 11 17:59:51 2012
@@ -21,22 +21,17 @@ package org.apache.ws.security.stax.impl
 import org.apache.ws.security.common.ext.WSSecurityException;
 import org.apache.ws.security.stax.ext.WSSConstants;
 import org.apache.ws.security.stax.ext.WSSecurityContext;
-import org.apache.xml.security.stax.ext.SecurityToken;
-import org.apache.xml.security.stax.ext.XMLSecurityConstants;
-import org.apache.xml.security.stax.impl.securityToken.AbstractSecurityToken;
+import org.apache.xml.security.stax.impl.securityToken.AbstractInboundSecurityToken;
 import org.apache.xml.security.stax.impl.util.IDGenerator;
 
-import java.security.Key;
-import java.security.PublicKey;
 import java.security.cert.X509Certificate;
 
 /**
  * @author $Author$
  * @version $Revision$ $Date$
  */
-public class HttpsSecurityToken extends AbstractSecurityToken {
+public class HttpsSecurityToken extends AbstractInboundSecurityToken {
 
-    private X509Certificate x509Certificate;
     private String username;
     private final AuthenticationType authenticationType;
 
@@ -48,7 +43,7 @@ public class HttpsSecurityToken extends 
 
     public HttpsSecurityToken(X509Certificate x509Certificate, WSSecurityContext wsSecurityContext) throws WSSecurityException {
         super(wsSecurityContext, null, IDGenerator.generateID(null), null);
-        this.x509Certificate = x509Certificate;
+        setX509Certificates(new X509Certificate[]{x509Certificate});
         this.authenticationType = AuthenticationType.httpsClientAuthentication;
     }
 
@@ -62,39 +57,11 @@ public class HttpsSecurityToken extends 
         this.username = username;
     }
 
-    public X509Certificate[] getX509Certificates() throws WSSecurityException {
-        return new X509Certificate[]{this.x509Certificate};
-    }
-
-    public boolean isAsymmetric() {
-        return true;
-    }
-
-    protected Key getKey(String algorithmURI, XMLSecurityConstants.KeyUsage keyUsage,
-                         String correlationID) throws WSSecurityException {
-        return null;
-    }
-
-    protected PublicKey getPubKey(String algorithmURI, XMLSecurityConstants.KeyUsage keyUsage,
-                                  String correlationID) throws WSSecurityException {
-        if (x509Certificate != null) {
-            return x509Certificate.getPublicKey();
-        }
-        return null;
-    }
-
-    public SecurityToken getKeyWrappingToken() {
-        return null;
-    }
-
+    @Override
     public WSSConstants.TokenType getTokenType() {
         return WSSConstants.HttpsToken;
     }
 
-    public X509Certificate getX509Certificate() {
-        return x509Certificate;
-    }
-
     public String getUsername() {
         return username;
     }

Added: webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/ws/security/stax/impl/securityToken/OutboundUsernameSecurityToken.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/ws/security/stax/impl/securityToken/OutboundUsernameSecurityToken.java?rev=1383498&view=auto
==============================================================================
--- webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/ws/security/stax/impl/securityToken/OutboundUsernameSecurityToken.java (added)
+++ webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/ws/security/stax/impl/securityToken/OutboundUsernameSecurityToken.java Tue Sep 11 17:59:51 2012
@@ -0,0 +1,79 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.ws.security.stax.impl.securityToken;
+
+import org.apache.ws.security.stax.ext.WSSConstants;
+import org.apache.xml.security.stax.config.JCEAlgorithmMapper;
+import org.apache.xml.security.stax.ext.XMLSecurityException;
+import org.apache.xml.security.stax.impl.securityToken.GenericOutboundSecurityToken;
+
+import javax.crypto.spec.SecretKeySpec;
+import java.security.Key;
+
+/**
+ * @author $Author$
+ * @version $Revision$ $Date$
+ */
+public class OutboundUsernameSecurityToken extends GenericOutboundSecurityToken {
+
+    private final UsernameToken usernameToken;
+
+    public OutboundUsernameSecurityToken(String username, String password, String created, byte[] nonce, String id) {
+        super(id, WSSConstants.UsernameToken);
+        this.usernameToken = new UsernameToken(username, password, created, nonce, null, null);
+    }
+
+    public String getUsername() {
+        return usernameToken.getUsername();
+    }
+
+    public String getPassword() {
+        return usernameToken.getPassword();
+    }
+
+    public String getCreated() {
+        return usernameToken.getCreated();
+    }
+
+    public byte[] getNonce() {
+        return usernameToken.getNonce();
+    }
+
+    public byte[] getSalt() {
+        return usernameToken.getSalt();
+    }
+
+    public Long getIteration() {
+        return usernameToken.getIteration();
+    }
+
+    @Override
+    public Key getSecretKey(String algorithmURI) throws XMLSecurityException {
+        Key key = super.getSecretKey(algorithmURI);
+        if (key != null) {
+            return key;
+        }
+
+        byte[] secretToken = usernameToken.getSecretKey(getPassword(), WSSConstants.WSE_DERIVED_KEY_LEN, WSSConstants.LABEL_FOR_DERIVED_KEY);
+        String algoFamily = JCEAlgorithmMapper.getJCERequiredKeyFromURI(algorithmURI);
+        key = new SecretKeySpec(secretToken, algoFamily);
+        setSecretKey(algorithmURI, key);
+        return key;
+    }
+}

Propchange: webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/ws/security/stax/impl/securityToken/OutboundUsernameSecurityToken.java
------------------------------------------------------------------------------
    svn:keywords = Author Date Id Revision

Modified: webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/ws/security/stax/impl/securityToken/SAMLSecurityToken.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/ws/security/stax/impl/securityToken/SAMLSecurityToken.java?rev=1383498&r1=1383497&r2=1383498&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/ws/security/stax/impl/securityToken/SAMLSecurityToken.java (original)
+++ webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/ws/security/stax/impl/securityToken/SAMLSecurityToken.java Tue Sep 11 17:59:51 2012
@@ -18,19 +18,16 @@
  */
 package org.apache.ws.security.stax.impl.securityToken;
 
-import org.opensaml.common.SAMLVersion;
 import org.apache.ws.security.common.crypto.Crypto;
 import org.apache.ws.security.common.saml.SAMLKeyInfo;
 import org.apache.ws.security.stax.ext.WSSConstants;
 import org.apache.ws.security.stax.ext.WSSecurityContext;
-import org.apache.xml.security.stax.ext.SecurityToken;
 import org.apache.xml.security.stax.ext.XMLSecurityConstants;
 import org.apache.xml.security.stax.ext.XMLSecurityException;
-import org.apache.xml.security.stax.impl.securityToken.AbstractSecurityToken;
+import org.apache.xml.security.stax.impl.securityToken.AbstractInboundSecurityToken;
+import org.opensaml.common.SAMLVersion;
 
 import javax.security.auth.callback.CallbackHandler;
-import java.security.Key;
-import java.security.PublicKey;
 import java.security.cert.CertificateExpiredException;
 import java.security.cert.CertificateNotYetValidException;
 import java.security.cert.X509Certificate;
@@ -39,12 +36,11 @@ import java.security.cert.X509Certificat
  * @author $Author$
  * @version $Revision$ $Date$
  */
-public class SAMLSecurityToken extends AbstractSecurityToken {
+public class SAMLSecurityToken extends AbstractInboundSecurityToken {
 
     private final SAMLVersion samlVersion;
     private final SAMLKeyInfo samlKeyInfo;
     private String issuer;
-    private X509Certificate[] x509Certificate;
     private Crypto crypto;
 
     public SAMLSecurityToken(SAMLVersion samlVersion, SAMLKeyInfo samlKeyInfo, String issuer,
@@ -55,50 +51,29 @@ public class SAMLSecurityToken extends A
         this.samlKeyInfo = samlKeyInfo;
         this.issuer = issuer;
         this.crypto = crypto;
+        if (samlKeyInfo != null) {
+            setSecretKey("", samlKeyInfo.getPrivateKey());
+            setPublicKey(samlKeyInfo.getPublicKey());
+            setX509Certificates(samlKeyInfo.getCerts());
+        }
     }
 
     public SAMLSecurityToken(SAMLVersion samlVersion, SAMLKeyInfo samlKeyInfo, WSSecurityContext wsSecurityContext,
                              Crypto crypto, CallbackHandler callbackHandler, String id) {
-        super(wsSecurityContext, callbackHandler, id, null);
-        this.samlVersion = samlVersion;
-        this.samlKeyInfo = samlKeyInfo;
-        this.crypto = crypto;
+        this(samlVersion, samlKeyInfo, null, wsSecurityContext, crypto, callbackHandler, id, null);
     }
-    
+
     public Crypto getCrypto() {
         return crypto;
     }
 
-    public boolean isAsymmetric() {
-        return true;
-    }
-
-    protected Key getKey(String algorithmURI, XMLSecurityConstants.KeyUsage keyUsage,
-                         String correlationID) throws XMLSecurityException {
-        return samlKeyInfo.getPrivateKey();
-    }
-
-    protected PublicKey getPubKey(String algorithmURI, XMLSecurityConstants.KeyUsage keyUsage,
-                                  String correlationID) throws XMLSecurityException {
-        PublicKey publicKey = samlKeyInfo.getPublicKey();
-        if (publicKey == null) {
-            publicKey = getX509Certificates()[0].getPublicKey();
-        }
-        return publicKey;
-    }
-
-    public X509Certificate[] getX509Certificates() throws XMLSecurityException {
-        if (this.x509Certificate == null) {
-            this.x509Certificate = samlKeyInfo.getCerts();
-        }
-        return this.x509Certificate;
-    }
-
+    @Override
     public void verify() throws XMLSecurityException {
         try {
             X509Certificate[] x509Certificates = getX509Certificates();
             if (x509Certificates != null && x509Certificates.length > 0) {
                 x509Certificates[0].checkValidity();
+                //todo deprecated method:
                 getCrypto().verifyTrust(x509Certificates);
             }
         } catch (CertificateExpiredException e) {
@@ -108,11 +83,7 @@ public class SAMLSecurityToken extends A
         }
     }
 
-    //todo move to super class?
-    public SecurityToken getKeyWrappingToken() {
-        return null;
-    }
-
+    @Override
     public XMLSecurityConstants.TokenType getTokenType() {
         if (samlVersion == SAMLVersion.VERSION_10) {
             return WSSConstants.Saml10Token;

Modified: webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/ws/security/stax/impl/securityToken/SecureConversationSecurityToken.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/ws/security/stax/impl/securityToken/SecureConversationSecurityToken.java?rev=1383498&r1=1383497&r2=1383498&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/ws/security/stax/impl/securityToken/SecureConversationSecurityToken.java (original)
+++ webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/ws/security/stax/impl/securityToken/SecureConversationSecurityToken.java Tue Sep 11 17:59:51 2012
@@ -18,24 +18,18 @@
  */
 package org.apache.ws.security.stax.impl.securityToken;
 
-import java.security.Key;
-import java.security.PublicKey;
-import java.security.cert.X509Certificate;
-
-import javax.security.auth.callback.CallbackHandler;
-
 import org.apache.ws.security.stax.ext.WSSConstants;
 import org.apache.ws.security.stax.ext.WSSecurityContext;
-import org.apache.xml.security.stax.ext.SecurityToken;
 import org.apache.xml.security.stax.ext.XMLSecurityConstants;
-import org.apache.xml.security.stax.ext.XMLSecurityException;
-import org.apache.xml.security.stax.impl.securityToken.AbstractSecurityToken;
+import org.apache.xml.security.stax.impl.securityToken.AbstractInboundSecurityToken;
+
+import javax.security.auth.callback.CallbackHandler;
 
 /**
  * @author $Author$
  * @version $Revision$ $Date$
  */
-public class SecureConversationSecurityToken extends AbstractSecurityToken {
+public class SecureConversationSecurityToken extends AbstractInboundSecurityToken {
 
     //todo implement
 
@@ -45,31 +39,7 @@ public class SecureConversationSecurityT
         super(wsSecurityContext, callbackHandler, id, keyIdentifierType);
     }
 
-    public boolean isAsymmetric() {
-        return false;
-    }
-
-    protected Key getKey(String algorithmURI, XMLSecurityConstants.KeyUsage keyUsage,
-                         String correlationID) throws XMLSecurityException {
-        return null;
-    }
-
-    protected PublicKey getPubKey(String algorithmURI, XMLSecurityConstants.KeyUsage keyUsage,
-                                  String correlationID) throws XMLSecurityException {
-        return null;
-    }
-
-    public X509Certificate[] getX509Certificates() throws XMLSecurityException {
-        return null;
-    }
-
-    public void verify() throws XMLSecurityException {
-    }
-
-    public SecurityToken getKeyWrappingToken() {
-        return null;
-    }
-
+    @Override
     public XMLSecurityConstants.TokenType getTokenType() {
         return WSSConstants.SecureConversationToken;
     }

Modified: webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/ws/security/stax/impl/securityToken/SecurityTokenFactoryImpl.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/ws/security/stax/impl/securityToken/SecurityTokenFactoryImpl.java?rev=1383498&r1=1383497&r2=1383498&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/ws/security/stax/impl/securityToken/SecurityTokenFactoryImpl.java (original)
+++ webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/ws/security/stax/impl/securityToken/SecurityTokenFactoryImpl.java Tue Sep 11 17:59:51 2012
@@ -19,17 +19,18 @@
 package org.apache.ws.security.stax.impl.securityToken;
 
 import org.apache.commons.codec.binary.Base64;
-import org.apache.ws.security.binding.wss10.BinarySecurityTokenType;
 import org.apache.ws.security.binding.wss10.KeyIdentifierType;
 import org.apache.ws.security.binding.wss10.SecurityTokenReferenceType;
 import org.apache.ws.security.common.bsp.BSPRule;
 import org.apache.ws.security.common.crypto.Crypto;
 import org.apache.ws.security.common.ext.WSSecurityException;
+import org.apache.ws.security.stax.ext.WSSConstants;
+import org.apache.ws.security.stax.ext.WSSSecurityProperties;
+import org.apache.ws.security.stax.ext.WSSUtils;
+import org.apache.ws.security.stax.ext.WSSecurityContext;
 import org.apache.xml.security.binding.xmldsig.*;
 import org.apache.xml.security.binding.xmldsig11.ECKeyValueType;
-import org.apache.ws.security.stax.ext.*;
 import org.apache.xml.security.stax.ext.*;
-import org.apache.xml.security.stax.ext.stax.XMLSecEvent;
 import org.apache.xml.security.stax.impl.securityToken.DsaKeyValueSecurityToken;
 import org.apache.xml.security.stax.impl.securityToken.ECKeyValueSecurityToken;
 import org.apache.xml.security.stax.impl.securityToken.RsaKeyValueSecurityToken;
@@ -37,7 +38,6 @@ import org.apache.xml.security.stax.impl
 import org.opensaml.common.SAMLVersion;
 
 import javax.security.auth.callback.CallbackHandler;
-import java.util.Deque;
 
 /**
  * Factory to create SecurityToken Objects from keys in XML
@@ -51,14 +51,16 @@ public class SecurityTokenFactoryImpl ex
     }
 
     public SecurityToken getSecurityToken(KeyInfoType keyInfoType, SecurityToken.KeyInfoUsage keyInfoUsage,
-                        XMLSecurityProperties securityProperties, SecurityContext securityContext) throws XMLSecurityException {
+                                          XMLSecurityProperties securityProperties, SecurityContext securityContext)
+            throws XMLSecurityException {
+
         Crypto crypto = null;
         if (keyInfoUsage == SecurityToken.KeyInfoUsage.SIGNATURE_VERIFICATION) {
-            crypto = ((WSSSecurityProperties)securityProperties).getSignatureVerificationCrypto();
+            crypto = ((WSSSecurityProperties) securityProperties).getSignatureVerificationCrypto();
         } else if (keyInfoUsage == SecurityToken.KeyInfoUsage.DECRYPTION) {
-            crypto = ((WSSSecurityProperties)securityProperties).getDecryptionCrypto();
+            crypto = ((WSSSecurityProperties) securityProperties).getDecryptionCrypto();
         }
-        
+
         if (keyInfoType != null) {
             final SecurityTokenReferenceType securityTokenReferenceType
                     = XMLSecurityUtils.getQNameType(keyInfoType.getContent(), WSSConstants.TAG_wsse_SecurityTokenReference);
@@ -251,7 +253,7 @@ public class SecurityTokenFactoryImpl ex
                 = XMLSecurityUtils.getQNameType(keyValueType.getContent(), WSSConstants.TAG_dsig_RSAKeyValue);
         if (rsaKeyValueType != null) {
             return new RsaKeyValueSecurityToken(rsaKeyValueType, (WSSecurityContext) securityContext,
-                            callbackHandler, WSSConstants.WSSKeyIdentifierType.KEY_VALUE) {
+                    callbackHandler, WSSConstants.WSSKeyIdentifierType.KEY_VALUE) {
                 @Override
                 public void verify() throws XMLSecurityException {
                     crypto.verifyTrust(getPubKey("", null, null));
@@ -277,50 +279,9 @@ public class SecurityTokenFactoryImpl ex
                 @Override
                 public void verify() throws XMLSecurityException {
                     crypto.verifyTrust(getPubKey("", null, null));
-                }  
+                }
             };
         }
         throw new WSSecurityException(WSSecurityException.ErrorCode.INVALID_SECURITY, "unsupportedKeyInfo");
     }
-
-    public static SecurityToken getSecurityToken(
-            BinarySecurityTokenType binarySecurityTokenType, SecurityContext securityContext,
-            Crypto crypto, CallbackHandler callbackHandler) throws XMLSecurityException {
-
-        //only Base64Encoding is supported
-        if (!WSSConstants.SOAPMESSAGE_NS10_BASE64_ENCODING.equals(binarySecurityTokenType.getEncodingType())) {
-            throw new WSSecurityException(
-                    WSSecurityException.ErrorCode.INVALID_SECURITY_TOKEN, "badEncoding", binarySecurityTokenType.getEncodingType());
-        }
-
-        byte[] securityTokenData = Base64.decodeBase64(binarySecurityTokenType.getValue());
-
-        if (WSSConstants.NS_X509_V3_TYPE.equals(binarySecurityTokenType.getValueType())) {
-            return new X509_V3SecurityToken((WSSecurityContext) securityContext, crypto, callbackHandler,
-                    securityTokenData, binarySecurityTokenType.getId(), WSSConstants.WSSKeyIdentifierType.SECURITY_TOKEN_DIRECT_REFERENCE);
-        } else if (WSSConstants.NS_X509PKIPathv1.equals(binarySecurityTokenType.getValueType())) {
-            return new X509PKIPathv1SecurityToken((WSSecurityContext) securityContext, crypto, callbackHandler,
-                    securityTokenData, binarySecurityTokenType.getId(), WSSConstants.WSSKeyIdentifierType.SECURITY_TOKEN_DIRECT_REFERENCE);
-        } else {
-            throw new WSSecurityException(
-                    WSSecurityException.ErrorCode.INVALID_SECURITY_TOKEN, "invalidValueType", binarySecurityTokenType.getValueType());
-        }
-    }
-
-    public static SecurityToken getSecurityToken(String username, String password, String created, byte[] nonce,
-                                                   byte[] salt, Long iteration, WSSecurityContext wsSecurityContext,
-                                                   String id) throws WSSecurityException {
-        return new UsernameSecurityToken(username, password, created, nonce, salt, iteration, wsSecurityContext, id, WSSConstants.WSSKeyIdentifierType.SECURITY_TOKEN_DIRECT_REFERENCE);
-    }
-
-    public static SecurityToken getSecurityToken(String referencedTokenId, Deque<XMLSecEvent> xmlSecEvents,
-                                                   CallbackHandler callbackHandler,
-                                                   SecurityContext securityContext, String id)
-            throws XMLSecurityException {
-
-        return new SecurityTokenReference(
-                securityContext.getSecurityTokenProvider(referencedTokenId).
-                        getSecurityToken(), xmlSecEvents,
-                (WSSecurityContext) securityContext, callbackHandler, id, WSSConstants.WSSKeyIdentifierType.SECURITY_TOKEN_REFERENCE);
-    }
 }

Modified: webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/ws/security/stax/impl/securityToken/SecurityTokenReference.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/ws/security/stax/impl/securityToken/SecurityTokenReference.java?rev=1383498&r1=1383497&r2=1383498&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/ws/security/stax/impl/securityToken/SecurityTokenReference.java (original)
+++ webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/ws/security/stax/impl/securityToken/SecurityTokenReference.java Tue Sep 11 17:59:51 2012
@@ -24,19 +24,20 @@ import org.apache.xml.security.stax.ext.
 import org.apache.xml.security.stax.ext.XMLSecurityConstants;
 import org.apache.xml.security.stax.ext.XMLSecurityException;
 import org.apache.xml.security.stax.ext.stax.XMLSecEvent;
-import org.apache.xml.security.stax.impl.securityToken.AbstractSecurityToken;
+import org.apache.xml.security.stax.impl.securityToken.AbstractInboundSecurityToken;
 
 import javax.security.auth.callback.CallbackHandler;
 import java.security.Key;
 import java.security.PublicKey;
 import java.security.cert.X509Certificate;
 import java.util.Deque;
+import java.util.Map;
 
 /**
  * @author $Author$
  * @version $Revision$ $Date$
  */
-public class SecurityTokenReference extends AbstractSecurityToken {
+public class SecurityTokenReference extends AbstractInboundSecurityToken {
 
     private final SecurityToken securityToken;
     private final Deque<XMLSecEvent> xmlSecEvents;
@@ -52,32 +53,49 @@ public class SecurityTokenReference exte
         return xmlSecEvents;
     }
 
-    public boolean isAsymmetric() {
+    @Override
+    public boolean isAsymmetric() throws XMLSecurityException {
         return securityToken.isAsymmetric();
     }
 
+    @Override
+    public Map<String, Key> getSecretKey() throws XMLSecurityException {
+        return securityToken.getSecretKey();
+    }
+
+    @Override
     protected Key getKey(String algorithmURI, XMLSecurityConstants.KeyUsage keyUsage,
                          String correlationID) throws XMLSecurityException {
         return securityToken.getSecretKey(algorithmURI, keyUsage, correlationID);
     }
 
+    @Override
+    public PublicKey getPublicKey() throws XMLSecurityException {
+        return securityToken.getPublicKey();
+    }
+
+    @Override
     protected PublicKey getPubKey(String algorithmURI, XMLSecurityConstants.KeyUsage keyUsage,
                                   String correlationID) throws XMLSecurityException {
         return securityToken.getPublicKey(algorithmURI, keyUsage, correlationID);
     }
 
+    @Override
     public X509Certificate[] getX509Certificates() throws XMLSecurityException {
         return securityToken.getX509Certificates();
     }
 
+    @Override
     public void verify() throws XMLSecurityException {
         securityToken.verify();
     }
 
+    @Override
     public SecurityToken getKeyWrappingToken() throws XMLSecurityException {
         return securityToken.getKeyWrappingToken();
     }
 
+    @Override
     public XMLSecurityConstants.TokenType getTokenType() {
         return securityToken.getTokenType();
     }

Modified: webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/ws/security/stax/impl/securityToken/ThumbprintSHA1SecurityToken.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/ws/security/stax/impl/securityToken/ThumbprintSHA1SecurityToken.java?rev=1383498&r1=1383497&r2=1383498&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/ws/security/stax/impl/securityToken/ThumbprintSHA1SecurityToken.java (original)
+++ webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/ws/security/stax/impl/securityToken/ThumbprintSHA1SecurityToken.java Tue Sep 11 17:59:51 2012
@@ -41,6 +41,7 @@ public class ThumbprintSHA1SecurityToken
         this.binaryContent = binaryContent;
     }
 
+    @Override
     protected String getAlias() throws XMLSecurityException {
         if (this.alias == null) {
             CryptoType cryptoType = new CryptoType(CryptoType.TYPE.THUMBPRINT_SHA1);

Modified: webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/ws/security/stax/impl/securityToken/UsernameSecurityToken.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/ws/security/stax/impl/securityToken/UsernameSecurityToken.java?rev=1383498&r1=1383497&r2=1383498&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/ws/security/stax/impl/securityToken/UsernameSecurityToken.java (original)
+++ webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/ws/security/stax/impl/securityToken/UsernameSecurityToken.java Tue Sep 11 17:59:51 2012
@@ -18,251 +18,90 @@
  */
 package org.apache.ws.security.stax.impl.securityToken;
 
-import org.apache.ws.security.common.bsp.BSPRule;
 import org.apache.ws.security.common.ext.WSSecurityException;
 import org.apache.ws.security.stax.ext.WSSConstants;
 import org.apache.ws.security.stax.ext.WSSecurityContext;
 import org.apache.xml.security.stax.config.JCEAlgorithmMapper;
-import org.apache.xml.security.stax.ext.SecurityToken;
 import org.apache.xml.security.stax.ext.XMLSecurityConstants;
 import org.apache.xml.security.stax.ext.XMLSecurityException;
-import org.apache.xml.security.stax.impl.securityToken.AbstractSecurityToken;
+import org.apache.xml.security.stax.impl.securityToken.AbstractInboundSecurityToken;
 
-import javax.crypto.Mac;
 import javax.crypto.spec.SecretKeySpec;
-import java.io.UnsupportedEncodingException;
-import java.security.*;
-import java.util.Hashtable;
-import java.util.Map;
+import java.security.Key;
 
 /**
  * @author $Author$
  * @version $Revision$ $Date$
  */
-public class UsernameSecurityToken extends AbstractSecurityToken {
+public class UsernameSecurityToken extends AbstractInboundSecurityToken {
 
-    private static final long DEFAULT_ITERATION = 1000;
-
-    private final String username;
-    private final String password;
-    private final String created;
-    private final byte[] nonce;
-    private final byte[] salt;
-    private final Long iteration;
+    private final UsernameToken usernameToken;
     private final WSSecurityContext wsSecurityContext;
 
     public UsernameSecurityToken(String username, String password, String created, byte[] nonce, byte[] salt, Long iteration,
                                  WSSecurityContext wsSecurityContext, String id, WSSConstants.KeyIdentifierType keyIdentifierType) {
         super(wsSecurityContext, null, id, keyIdentifierType);
-        this.username = username;
-        this.password = password;
-        this.created = created;
-        this.nonce = nonce;
-        this.salt = salt;
-        this.iteration = iteration;
+        this.usernameToken = new UsernameToken(username, password, created, nonce, salt, iteration);
         this.wsSecurityContext = wsSecurityContext;
     }
 
-    public UsernameSecurityToken(String username, String password, String created, byte[] nonce, byte[] salt, Long iteration,
-                                 String id) {
-        super(null, null, id, null);
-        this.username = username;
-        this.password = password;
-        this.created = created;
-        this.nonce = nonce;
-        this.salt = salt;
-        this.iteration = iteration;
-        this.wsSecurityContext = null;
-    }
-
     public String getUsername() {
-        return username;
+        return usernameToken.getUsername();
     }
 
     public String getPassword() {
-        return password;
+        return usernameToken.getPassword();
     }
 
     public String getCreated() {
-        return created;
+        return usernameToken.getCreated();
     }
 
     public byte[] getNonce() {
-        return nonce;
+        return usernameToken.getNonce();
     }
 
     public byte[] getSalt() {
-        return salt;
+        return usernameToken.getSalt();
     }
 
     public Long getIteration() {
-        return iteration;
+        return usernameToken.getIteration();
     }
 
     /**
      * This method generates a derived key as defined in WSS Username
      * Token Profile.
      *
-     * @param rawPassword The password to include in the key generation
-     * @param salt        The Salt value
-     * @param iteration   The Iteration value. If zero (0) is given the method uses the
-     *                    default value
      * @return Returns the derived key a byte array
-     * @throws org.apache.ws.security.stax.ext.WSSecurityException
-     *
+     * @throws WSSecurityException
      */
-    public byte[] generateDerivedKey(String rawPassword, byte[] salt, long iteration) throws WSSecurityException {
-
-        if (wsSecurityContext != null) {
-            if (salt == null || salt.length == 0) {
-                wsSecurityContext.handleBSPRule(BSPRule.R4217);
-            }
-            if (iteration < DEFAULT_ITERATION) {
-                wsSecurityContext.handleBSPRule(BSPRule.R4218);
-            }
-        }
-        if (iteration == 0) {
-            iteration = DEFAULT_ITERATION;
-        }
-        byte[] pwBytes;
-        try {
-            pwBytes = rawPassword.getBytes("UTF-8");
-        } catch (final java.io.UnsupportedEncodingException e) {
-            throw new WSSecurityException(WSSecurityException.ErrorCode.FAILURE, e);
-        }
-
-        byte[] pwSalt = new byte[salt.length + pwBytes.length];
-        System.arraycopy(pwBytes, 0, pwSalt, 0, pwBytes.length);
-        System.arraycopy(salt, 0, pwSalt, pwBytes.length, salt.length);
-
-        MessageDigest sha;
-        try {
-            sha = MessageDigest.getInstance("SHA-1");
-        } catch (NoSuchAlgorithmException e) {
-            throw new WSSecurityException(WSSecurityException.ErrorCode.FAILURE, "noSHA1availabe", e);
-        }
-        sha.reset();
-
-        // Make the first hash round with start value
-        byte[] k = sha.digest(pwSalt);
-
-        // Perform the 1st up to iteration-1 hash rounds
-        for (int i = 1; i < iteration; i++) {
-            k = sha.digest(k);
-        }
-        return k;
+    public byte[] generateDerivedKey() throws WSSecurityException {
+        return usernameToken.generateDerivedKey(wsSecurityContext);
     }
 
-    /**
-     * Gets the secret key as per WS-Trust spec.
-     *
-     * @param keylen      How many bytes to generate for the key
-     * @param labelString the label used to generate the seed
-     * @return a secret key constructed from information contained in this
-     *         username token
-     */
-    private byte[] getSecretKey(String rawPassword, int keylen, String labelString) throws WSSecurityException {
-        byte[] key;
-        try {
-            Mac mac = Mac.getInstance("HmacSHA1");
-            byte[] password = rawPassword.getBytes("UTF-8");
-            byte[] label = labelString.getBytes("UTF-8");
-            byte[] nonce = getNonce();
-            byte[] created = getCreated().getBytes("UTF-8");
-            byte[] seed = new byte[label.length + nonce.length + created.length];
-
-            int offset = 0;
-            System.arraycopy(label, 0, seed, offset, label.length);
-            offset += label.length;
-
-            System.arraycopy(nonce, 0, seed, offset, nonce.length);
-            offset += nonce.length;
-
-            System.arraycopy(created, 0, seed, offset, created.length);
-
-            key = P_hash(password, seed, mac, keylen);
-
-        } catch (NoSuchAlgorithmException e) {
-            throw new WSSecurityException(WSSecurityException.ErrorCode.FAILURE, "noHMACSHA1available", e);
-        } catch (UnsupportedEncodingException e) {
-            throw new WSSecurityException(WSSecurityException.ErrorCode.FAILURE, e);
-        }
-        return key;
-    }
-
-    /**
-     * P_hash as defined in RFC 2246 for TLS.
-     *
-     * @param secret   is the key for the HMAC
-     * @param seed     the seed value to start the generation - A(0)
-     * @param mac      the HMAC algorithm
-     * @param required number of bytes to generate
-     * @return a byte array that contains a secret key
-     * @throws Exception
-     */
-    private byte[] P_hash(byte[] secret, byte[] seed, Mac mac, int required) throws WSSecurityException {
-        byte[] out = new byte[required];
-        int offset = 0;
-        int toCopy;
-        byte[] a, tmp;
-
-        try {
-            // a(0) is the seed
-            a = seed;
-            SecretKeySpec key = new SecretKeySpec(secret, "HmacSHA1");
-            mac.init(key);
-            while (required > 0) {
-                mac.update(a);
-                a = mac.doFinal();
-                mac.update(a);
-                mac.update(seed);
-                tmp = mac.doFinal();
-                toCopy = Math.min(required, tmp.length);
-                System.arraycopy(tmp, 0, out, offset, toCopy);
-                offset += toCopy;
-                required -= toCopy;
-            }
-        } catch (InvalidKeyException e) {
-            throw new WSSecurityException(WSSecurityException.ErrorCode.FAILURE, e);
-        }
-        return out;
-    }
-
-    public boolean isAsymmetric() {
+    @Override
+    public boolean isAsymmetric() throws XMLSecurityException {
         return false;
     }
 
-    private Map<String, Key> keyTable = new Hashtable<String, Key>();
-
+    @Override
     protected Key getKey(String algorithmURI, XMLSecurityConstants.KeyUsage keyUsage,
                          String correlationID) throws XMLSecurityException {
-        byte[] secretToken;
-        if (getSalt() != null && getIteration() != null) {
-            byte[] salt = getSalt();
-            secretToken = generateDerivedKey(getPassword(), salt, getIteration());
-        } else {
-            secretToken = getSecretKey(getPassword(), WSSConstants.WSE_DERIVED_KEY_LEN, WSSConstants.LABEL_FOR_DERIVED_KEY);
-        }
 
-        if (keyTable.containsKey(algorithmURI)) {
-            return keyTable.get(algorithmURI);
-        } else {
-            String algoFamily = JCEAlgorithmMapper.getJCERequiredKeyFromURI(algorithmURI);
-            Key key = new SecretKeySpec(secretToken, algoFamily);
-            keyTable.put(algorithmURI, key);
+        Key key = getSecretKey().get(algorithmURI);
+        if (key != null) {
             return key;
         }
-    }
-
-    protected PublicKey getPubKey(String algorithmURI, XMLSecurityConstants.KeyUsage keyUsage,
-                                  String correlationID) throws XMLSecurityException {
-        return null;
-    }
 
-    public SecurityToken getKeyWrappingToken() {
-        return null;
+        byte[] secretToken = usernameToken.generateDerivedKey(wsSecurityContext);
+        String algoFamily = JCEAlgorithmMapper.getJCERequiredKeyFromURI(algorithmURI);
+        key = new SecretKeySpec(secretToken, algoFamily);
+        setSecretKey(algorithmURI, key);
+        return key;
     }
 
+    @Override
     public WSSConstants.TokenType getTokenType() {
         return WSSConstants.UsernameToken;
     }

Added: webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/ws/security/stax/impl/securityToken/UsernameToken.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/ws/security/stax/impl/securityToken/UsernameToken.java?rev=1383498&view=auto
==============================================================================
--- webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/ws/security/stax/impl/securityToken/UsernameToken.java (added)
+++ webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/ws/security/stax/impl/securityToken/UsernameToken.java Tue Sep 11 17:59:51 2012
@@ -0,0 +1,206 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.ws.security.stax.impl.securityToken;
+
+import org.apache.ws.security.common.bsp.BSPRule;
+import org.apache.ws.security.common.ext.WSSecurityException;
+import org.apache.ws.security.stax.ext.WSSecurityContext;
+
+import javax.crypto.Mac;
+import javax.crypto.spec.SecretKeySpec;
+import java.io.UnsupportedEncodingException;
+import java.security.InvalidKeyException;
+import java.security.MessageDigest;
+import java.security.NoSuchAlgorithmException;
+
+/**
+ * @author $Author$
+ * @version $Revision$ $Date$
+ */
+public class UsernameToken {
+
+    private static final long DEFAULT_ITERATION = 1000;
+
+    private final String username;
+    private final String password;
+    private final String created;
+    private final byte[] nonce;
+    private final byte[] salt;
+    private final Long iteration;
+
+    public UsernameToken(String username, String password, String created, byte[] nonce, byte[] salt, Long iteration) {
+        this.username = username;
+        this.password = password;
+        this.created = created;
+        this.nonce = nonce;
+        this.salt = salt;
+        this.iteration = iteration;
+    }
+
+    public String getUsername() {
+        return username;
+    }
+
+    public String getPassword() {
+        return password;
+    }
+
+    public String getCreated() {
+        return created;
+    }
+
+    public byte[] getNonce() {
+        return nonce;
+    }
+
+    public byte[] getSalt() {
+        return salt;
+    }
+
+    public Long getIteration() {
+        return iteration;
+    }
+
+    /**
+     * This method generates a derived key as defined in WSS Username
+     * Token Profile.
+     *
+     * @return Returns the derived key a byte array
+     * @throws org.apache.ws.security.common.ext.WSSecurityException
+     *
+     */
+    public byte[] generateDerivedKey(WSSecurityContext wsSecurityContext) throws WSSecurityException {
+
+        if (wsSecurityContext != null) {
+            if (salt == null || salt.length == 0) {
+                wsSecurityContext.handleBSPRule(BSPRule.R4217);
+            }
+            if (iteration == null || iteration < DEFAULT_ITERATION) {
+                wsSecurityContext.handleBSPRule(BSPRule.R4218);
+            }
+        }
+
+        Long iters = iteration;
+        if (iters == null || iters == 0) {
+            iters = DEFAULT_ITERATION;
+        }
+        byte[] pwBytes;
+        try {
+            pwBytes = password.getBytes("UTF-8");
+        } catch (final UnsupportedEncodingException e) {
+            throw new WSSecurityException(WSSecurityException.ErrorCode.FAILURE, e);
+        }
+
+        byte[] pwSalt = new byte[salt.length + pwBytes.length];
+        System.arraycopy(pwBytes, 0, pwSalt, 0, pwBytes.length);
+        System.arraycopy(salt, 0, pwSalt, pwBytes.length, salt.length);
+
+        MessageDigest sha;
+        try {
+            sha = MessageDigest.getInstance("SHA-1");
+        } catch (NoSuchAlgorithmException e) {
+            throw new WSSecurityException(WSSecurityException.ErrorCode.FAILURE, "noSHA1availabe", e);
+        }
+        sha.reset();
+
+        // Make the first hash round with start value
+        byte[] k = sha.digest(pwSalt);
+
+        // Perform the 1st up to iteration-1 hash rounds
+        for (int i = 1; i < iters; i++) {
+            k = sha.digest(k);
+        }
+        return k;
+    }
+
+    /**
+     * Gets the secret key as per WS-Trust spec.
+     *
+     * @param keylen      How many bytes to generate for the key
+     * @param labelString the label used to generate the seed
+     * @return a secret key constructed from information contained in this
+     *         username token
+     */
+    protected byte[] getSecretKey(String rawPassword, int keylen, String labelString) throws WSSecurityException {
+        byte[] key;
+        try {
+            Mac mac = Mac.getInstance("HmacSHA1");
+            byte[] password = rawPassword.getBytes("UTF-8");
+            byte[] label = labelString.getBytes("UTF-8");
+            byte[] nonce = getNonce();
+            byte[] created = getCreated().getBytes("UTF-8");
+            byte[] seed = new byte[label.length + nonce.length + created.length];
+
+            int offset = 0;
+            System.arraycopy(label, 0, seed, offset, label.length);
+            offset += label.length;
+
+            System.arraycopy(nonce, 0, seed, offset, nonce.length);
+            offset += nonce.length;
+
+            System.arraycopy(created, 0, seed, offset, created.length);
+
+            key = P_hash(password, seed, mac, keylen);
+
+        } catch (NoSuchAlgorithmException e) {
+            throw new WSSecurityException(WSSecurityException.ErrorCode.FAILURE, "noHMACSHA1available", e);
+        } catch (UnsupportedEncodingException e) {
+            throw new WSSecurityException(WSSecurityException.ErrorCode.FAILURE, e);
+        }
+        return key;
+    }
+
+    /**
+     * P_hash as defined in RFC 2246 for TLS.
+     *
+     * @param secret   is the key for the HMAC
+     * @param seed     the seed value to start the generation - A(0)
+     * @param mac      the HMAC algorithm
+     * @param required number of bytes to generate
+     * @return a byte array that contains a secret key
+     * @throws Exception
+     */
+    private byte[] P_hash(byte[] secret, byte[] seed, Mac mac, int required) throws WSSecurityException {
+        byte[] out = new byte[required];
+        int offset = 0;
+        int toCopy;
+        byte[] a, tmp;
+
+        try {
+            // a(0) is the seed
+            a = seed;
+            SecretKeySpec key = new SecretKeySpec(secret, "HmacSHA1");
+            mac.init(key);
+            while (required > 0) {
+                mac.update(a);
+                a = mac.doFinal();
+                mac.update(a);
+                mac.update(seed);
+                tmp = mac.doFinal();
+                toCopy = Math.min(required, tmp.length);
+                System.arraycopy(tmp, 0, out, offset, toCopy);
+                offset += toCopy;
+                required -= toCopy;
+            }
+        } catch (InvalidKeyException e) {
+            throw new WSSecurityException(WSSecurityException.ErrorCode.FAILURE, e);
+        }
+        return out;
+    }
+}

Propchange: webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/ws/security/stax/impl/securityToken/UsernameToken.java
------------------------------------------------------------------------------
    svn:keywords = Author Date Id Revision

Modified: webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/ws/security/stax/impl/securityToken/X509DataSecurityToken.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/ws/security/stax/impl/securityToken/X509DataSecurityToken.java?rev=1383498&r1=1383497&r2=1383498&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/ws/security/stax/impl/securityToken/X509DataSecurityToken.java (original)
+++ webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/ws/security/stax/impl/securityToken/X509DataSecurityToken.java Tue Sep 11 17:59:51 2012
@@ -18,13 +18,13 @@
  */
 package org.apache.ws.security.stax.impl.securityToken;
 
-import org.apache.xml.security.binding.xmldsig.X509DataType;
-import org.apache.xml.security.binding.xmldsig.X509IssuerSerialType;
 import org.apache.ws.security.common.crypto.Crypto;
 import org.apache.ws.security.common.crypto.CryptoType;
 import org.apache.ws.security.common.ext.WSSecurityException;
 import org.apache.ws.security.stax.ext.WSSConstants;
 import org.apache.ws.security.stax.ext.WSSecurityContext;
+import org.apache.xml.security.binding.xmldsig.X509DataType;
+import org.apache.xml.security.binding.xmldsig.X509IssuerSerialType;
 import org.apache.xml.security.stax.ext.XMLSecurityException;
 import org.apache.xml.security.stax.ext.XMLSecurityUtils;
 

Modified: webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/ws/security/stax/impl/securityToken/X509PKIPathv1SecurityToken.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/ws/security/stax/impl/securityToken/X509PKIPathv1SecurityToken.java?rev=1383498&r1=1383497&r2=1383498&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/ws/security/stax/impl/securityToken/X509PKIPathv1SecurityToken.java (original)
+++ webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/ws/security/stax/impl/securityToken/X509PKIPathv1SecurityToken.java Tue Sep 11 17:59:51 2012
@@ -40,10 +40,9 @@ import java.util.List;
 public class X509PKIPathv1SecurityToken extends X509SecurityToken {
 
     private String alias = null;
-    private X509Certificate[] x509Certificates;
 
-    X509PKIPathv1SecurityToken(WSSecurityContext wsSecurityContext, Crypto crypto, CallbackHandler callbackHandler,
-                               byte[] binaryContent, String id, WSSConstants.KeyIdentifierType keyIdentifierType) throws XMLSecurityException {
+    public X509PKIPathv1SecurityToken(WSSecurityContext wsSecurityContext, Crypto crypto, CallbackHandler callbackHandler,
+                                      byte[] binaryContent, String id, WSSConstants.KeyIdentifierType keyIdentifierType) throws XMLSecurityException {
         super(WSSConstants.X509PkiPathV1Token, wsSecurityContext, crypto, callbackHandler, id, keyIdentifierType);
 
         InputStream in = new ByteArrayInputStream(binaryContent);
@@ -56,7 +55,7 @@ public class X509PKIPathv1SecurityToken 
                 certs[i] = (X509Certificate) iterator.next();
             }
             if (certs.length > 0) {
-                this.x509Certificates = certs;
+                setX509Certificates(certs);
             }
         } catch (CertificateException e) {
             throw new XMLSecurityException(XMLSecurityException.ErrorCode.SECURITY_TOKEN_UNAVAILABLE, "parseError", e);
@@ -65,13 +64,8 @@ public class X509PKIPathv1SecurityToken 
 
     protected String getAlias() throws XMLSecurityException {
         if (this.alias == null) {
-            this.alias = getCrypto().getX509Identifier(this.x509Certificates[0]);
+            this.alias = getCrypto().getX509Identifier(getX509Certificates()[0]);
         }
         return this.alias;
     }
-
-    @Override
-    public X509Certificate[] getX509Certificates() throws XMLSecurityException {
-        return this.x509Certificates;
-    }
 }

Modified: webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/ws/security/stax/impl/securityToken/X509SecurityToken.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/ws/security/stax/impl/securityToken/X509SecurityToken.java?rev=1383498&r1=1383497&r2=1383498&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/ws/security/stax/impl/securityToken/X509SecurityToken.java (original)
+++ webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/ws/security/stax/impl/securityToken/X509SecurityToken.java Tue Sep 11 17:59:51 2012
@@ -18,30 +18,26 @@
  */
 package org.apache.ws.security.stax.impl.securityToken;
 
-import java.security.Key;
-import java.security.PublicKey;
-import java.security.cert.CertificateExpiredException;
-import java.security.cert.CertificateNotYetValidException;
-import java.security.cert.X509Certificate;
-
-import javax.security.auth.callback.CallbackHandler;
-
-import org.apache.xml.security.stax.ext.XMLSecurityConstants;
-import org.apache.xml.security.stax.ext.XMLSecurityException;
-import org.apache.xml.security.stax.ext.XMLSecurityUtils;
 import org.apache.ws.security.common.crypto.Crypto;
 import org.apache.ws.security.common.crypto.CryptoType;
 import org.apache.ws.security.common.ext.WSPasswordCallback;
 import org.apache.ws.security.stax.ext.WSSConstants;
 import org.apache.ws.security.stax.ext.WSSecurityContext;
+import org.apache.xml.security.stax.ext.XMLSecurityConstants;
+import org.apache.xml.security.stax.ext.XMLSecurityException;
+import org.apache.xml.security.stax.ext.XMLSecurityUtils;
+
+import javax.security.auth.callback.CallbackHandler;
+import java.security.Key;
+import java.security.cert.CertificateExpiredException;
+import java.security.cert.CertificateNotYetValidException;
+import java.security.cert.X509Certificate;
 
 /**
  * @author $Author$
  * @version $Revision$ $Date$
  */
-public abstract class X509SecurityToken 
-    extends org.apache.xml.security.stax.impl.securityToken.X509SecurityToken {
-    private X509Certificate[] x509Certificates = null;
+public abstract class X509SecurityToken extends org.apache.xml.security.stax.impl.securityToken.X509SecurityToken {
     private Crypto crypto;
 
     protected X509SecurityToken(XMLSecurityConstants.TokenType tokenType, WSSecurityContext wsSecurityContext,
@@ -50,7 +46,7 @@ public abstract class X509SecurityToken 
         super(tokenType, wsSecurityContext, callbackHandler, id, keyIdentifierType);
         this.crypto = crypto;
     }
-    
+
     protected Crypto getCrypto() {
         return crypto;
     }
@@ -62,25 +58,15 @@ public abstract class X509SecurityToken 
         XMLSecurityUtils.doPasswordCallback(getCallbackHandler(), pwCb);
         return getCrypto().getPrivateKey(getAlias(), pwCb.getPassword());
     }
-    
-    @Override
-    public PublicKey getPubKey(String algorithmURI, XMLSecurityConstants.KeyUsage keyUsage,
-                               String correlationID) throws XMLSecurityException {
-        X509Certificate[] x509Certificates = getX509Certificates();
-        if (x509Certificates == null || x509Certificates.length == 0) {
-            return null;
-        }
-        return x509Certificates[0].getPublicKey();
-    }
 
     @Override
     public X509Certificate[] getX509Certificates() throws XMLSecurityException {
-        if (this.x509Certificates == null) {
+        if (super.getX509Certificates() == null) {
             CryptoType cryptoType = new CryptoType(CryptoType.TYPE.ALIAS);
             cryptoType.setAlias(getAlias());
-            this.x509Certificates = getCrypto().getX509Certificates(cryptoType);
+            setX509Certificates(getCrypto().getX509Certificates(cryptoType));
         }
-        return this.x509Certificates;
+        return super.getX509Certificates();
     }
 
     @Override
@@ -89,6 +75,7 @@ public abstract class X509SecurityToken 
             X509Certificate[] x509Certificates = getX509Certificates();
             if (x509Certificates != null && x509Certificates.length > 0) {
                 x509Certificates[0].checkValidity();
+                //todo deprecated method:
                 getCrypto().verifyTrust(x509Certificates);
             }
         } catch (CertificateExpiredException e) {

Modified: webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/ws/security/stax/impl/securityToken/X509_V3SecurityToken.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/ws/security/stax/impl/securityToken/X509_V3SecurityToken.java?rev=1383498&r1=1383497&r2=1383498&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/ws/security/stax/impl/securityToken/X509_V3SecurityToken.java (original)
+++ webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/ws/security/stax/impl/securityToken/X509_V3SecurityToken.java Tue Sep 11 17:59:51 2012
@@ -33,23 +33,17 @@ import java.security.cert.X509Certificat
  */
 public class X509_V3SecurityToken extends X509SecurityToken {
     private String alias = null;
-    private final X509Certificate[] x509Certificates;
 
-    X509_V3SecurityToken(WSSecurityContext wsSecurityContext, Crypto crypto, CallbackHandler callbackHandler, byte[] binaryContent,
-                         String id, WSSConstants.KeyIdentifierType keyIdentifierType) throws XMLSecurityException {
+    public X509_V3SecurityToken(WSSecurityContext wsSecurityContext, Crypto crypto, CallbackHandler callbackHandler, byte[] binaryContent,
+                                String id, WSSConstants.KeyIdentifierType keyIdentifierType) throws XMLSecurityException {
         super(WSSConstants.X509V3Token, wsSecurityContext, crypto, callbackHandler, id, keyIdentifierType);
-        this.x509Certificates = new X509Certificate[]{getCrypto().loadCertificate(new ByteArrayInputStream(binaryContent))};
+        setX509Certificates(new X509Certificate[]{getCrypto().loadCertificate(new ByteArrayInputStream(binaryContent))});
     }
 
     protected String getAlias() throws XMLSecurityException {
         if (this.alias == null) {
-            this.alias = getCrypto().getX509Identifier(this.x509Certificates[0]);
+            this.alias = getCrypto().getX509Identifier(getX509Certificates()[0]);
         }
         return this.alias;
     }
-
-    @Override
-    public X509Certificate[] getX509Certificates() throws XMLSecurityException {
-        return this.x509Certificates;
-    }
 }

Modified: webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/ws/security/stax/securityEvent/HttpsTokenSecurityEvent.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/ws/security/stax/securityEvent/HttpsTokenSecurityEvent.java?rev=1383498&r1=1383497&r2=1383498&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/ws/security/stax/securityEvent/HttpsTokenSecurityEvent.java (original)
+++ webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/ws/security/stax/securityEvent/HttpsTokenSecurityEvent.java Tue Sep 11 17:59:51 2012
@@ -21,13 +21,9 @@ package org.apache.ws.security.stax.secu
 import org.apache.ws.security.stax.ext.WSSConstants;
 import org.apache.xml.security.stax.ext.SecurityToken;
 import org.apache.xml.security.stax.ext.XMLSecurityConstants;
-import org.apache.xml.security.stax.ext.XMLSecurityException;
-import org.apache.xml.security.stax.impl.securityToken.AbstractSecurityToken;
+import org.apache.xml.security.stax.impl.securityToken.AbstractInboundSecurityToken;
 import org.apache.xml.security.stax.securityEvent.TokenSecurityEvent;
 
-import java.security.Key;
-import java.security.PublicKey;
-
 /**
  * @author $Author$
  * @version $Revision$ $Date$
@@ -69,29 +65,7 @@ public class HttpsTokenSecurityEvent ext
     public SecurityToken getSecurityToken() {
         SecurityToken securityToken = super.getSecurityToken();
         if (securityToken == null) {
-            securityToken = new AbstractSecurityToken(null, null, null, null) {
-                @Override
-                protected Key getKey(String algorithmURI, XMLSecurityConstants.KeyUsage keyUsage,
-                                     String correlationID) throws XMLSecurityException {
-                    return null;
-                }
-
-                @Override
-                protected PublicKey getPubKey(String algorithmURI, XMLSecurityConstants.KeyUsage keyUsage,
-                                              String correlationID) throws XMLSecurityException {
-                    return null;
-                }
-
-                @Override
-                public boolean isAsymmetric() {
-                    return false;
-                }
-
-                @Override
-                public SecurityToken getKeyWrappingToken() throws XMLSecurityException {
-                    return null;
-                }
-
+            securityToken = new AbstractInboundSecurityToken(null, null, null, null) {
                 @Override
                 public XMLSecurityConstants.TokenType getTokenType() {
                     return WSSConstants.HttpsToken;

Modified: webservices/wss4j/trunk/ws-security-stax/src/test/java/org/apache/ws/security/stax/test/AbstractTestBase.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-stax/src/test/java/org/apache/ws/security/stax/test/AbstractTestBase.java?rev=1383498&r1=1383497&r2=1383498&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-stax/src/test/java/org/apache/ws/security/stax/test/AbstractTestBase.java (original)
+++ webservices/wss4j/trunk/ws-security-stax/src/test/java/org/apache/ws/security/stax/test/AbstractTestBase.java Tue Sep 11 17:59:51 2012
@@ -18,35 +18,6 @@
  */
 package org.apache.ws.security.stax.test;
 
-import java.io.ByteArrayOutputStream;
-import java.io.InputStream;
-import java.util.ArrayList;
-import java.util.Enumeration;
-import java.util.HashMap;
-import java.util.Iterator;
-import java.util.List;
-import java.util.Map;
-import java.util.Properties;
-import java.util.UUID;
-import java.util.logging.Level;
-import java.util.logging.LogManager;
-import java.util.logging.Logger;
-
-import javax.security.auth.callback.CallbackHandler;
-import javax.xml.namespace.NamespaceContext;
-import javax.xml.parsers.DocumentBuilderFactory;
-import javax.xml.parsers.ParserConfigurationException;
-import javax.xml.stream.XMLInputFactory;
-import javax.xml.stream.XMLStreamException;
-import javax.xml.stream.XMLStreamReader;
-import javax.xml.stream.XMLStreamWriter;
-import javax.xml.transform.TransformerException;
-import javax.xml.transform.TransformerFactory;
-import javax.xml.xpath.XPath;
-import javax.xml.xpath.XPathExpression;
-import javax.xml.xpath.XPathExpressionException;
-import javax.xml.xpath.XPathFactory;
-
 import org.apache.commons.logging.Log;
 import org.apache.commons.logging.LogFactory;
 import org.apache.ws.security.common.bsp.BSPRule;
@@ -77,6 +48,27 @@ import org.testng.Assert;
 import org.w3c.dom.Document;
 import org.w3c.dom.Element;
 
+import javax.security.auth.callback.CallbackHandler;
+import javax.xml.namespace.NamespaceContext;
+import javax.xml.parsers.DocumentBuilderFactory;
+import javax.xml.parsers.ParserConfigurationException;
+import javax.xml.stream.XMLInputFactory;
+import javax.xml.stream.XMLStreamException;
+import javax.xml.stream.XMLStreamReader;
+import javax.xml.stream.XMLStreamWriter;
+import javax.xml.transform.TransformerException;
+import javax.xml.transform.TransformerFactory;
+import javax.xml.xpath.XPath;
+import javax.xml.xpath.XPathExpression;
+import javax.xml.xpath.XPathExpressionException;
+import javax.xml.xpath.XPathFactory;
+import java.io.ByteArrayOutputStream;
+import java.io.InputStream;
+import java.util.*;
+import java.util.logging.Level;
+import java.util.logging.LogManager;
+import java.util.logging.Logger;
+
 /**
  * @author $Author$
  * @version $Revision$ $Date$
@@ -364,7 +356,8 @@ public abstract class AbstractTestBase {
 
         /**
          * Handles incoming web service requests and outgoing responses
-         * @throws TransformerException 
+         *
+         * @throws TransformerException
          */
         public boolean doSender(Map<String, Object> mc, RequestData reqData, boolean isRequest)
                 throws WSSecurityException, TransformerException {
@@ -609,7 +602,7 @@ public abstract class AbstractTestBase {
         public <T> T getSecurityEvent(SecurityEventConstants.Event securityEvent) {
             for (SecurityEvent event : receivedSecurityEvents) {
                 if (event.getSecurityEventType() == securityEvent) {
-                    return (T)event;
+                    return (T) event;
                 }
             }
             return null;
@@ -619,7 +612,7 @@ public abstract class AbstractTestBase {
             List<T> foundEvents = new ArrayList<T>();
             for (SecurityEvent event : receivedSecurityEvents) {
                 if (event.getSecurityEventType() == securityEvent) {
-                    foundEvents.add((T)event);
+                    foundEvents.add((T) event);
                 }
             }
             return foundEvents;

Modified: webservices/wss4j/trunk/ws-security-stax/src/test/java/org/apache/ws/security/stax/test/DerivedKeyTokenTest.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-stax/src/test/java/org/apache/ws/security/stax/test/DerivedKeyTokenTest.java?rev=1383498&r1=1383497&r2=1383498&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-stax/src/test/java/org/apache/ws/security/stax/test/DerivedKeyTokenTest.java (original)
+++ webservices/wss4j/trunk/ws-security-stax/src/test/java/org/apache/ws/security/stax/test/DerivedKeyTokenTest.java Tue Sep 11 17:59:51 2012
@@ -18,28 +18,28 @@
  */
 package org.apache.ws.security.stax.test;
 
-import org.apache.ws.security.dom.WSConstants;
-import org.apache.ws.security.dom.WSSConfig;
 import org.apache.ws.security.common.crypto.Crypto;
 import org.apache.ws.security.common.crypto.CryptoFactory;
 import org.apache.ws.security.common.crypto.CryptoType;
 import org.apache.ws.security.common.derivedKey.ConversationConstants;
+import org.apache.ws.security.dom.WSConstants;
+import org.apache.ws.security.dom.WSSConfig;
 import org.apache.ws.security.dom.handler.WSHandlerConstants;
 import org.apache.ws.security.dom.message.*;
 import org.apache.ws.security.dom.message.token.SecurityTokenReference;
-import org.apache.ws.security.stax.securityEvent.EncryptedPartSecurityEvent;
-import org.apache.ws.security.stax.securityEvent.OperationSecurityEvent;
-import org.apache.xml.security.stax.securityEvent.SecurityEvent;
-import org.apache.xml.security.stax.securityEvent.SecurityEventConstants;
 import org.apache.ws.security.stax.WSSec;
 import org.apache.ws.security.stax.ext.InboundWSSec;
 import org.apache.ws.security.stax.ext.OutboundWSSec;
 import org.apache.ws.security.stax.ext.WSSConstants;
 import org.apache.ws.security.stax.ext.WSSSecurityProperties;
+import org.apache.ws.security.stax.securityEvent.EncryptedPartSecurityEvent;
+import org.apache.ws.security.stax.securityEvent.OperationSecurityEvent;
 import org.apache.ws.security.stax.securityEvent.WSSecurityEventConstants;
 import org.apache.ws.security.stax.test.utils.SOAPUtil;
 import org.apache.ws.security.stax.test.utils.StAX2DOM;
 import org.apache.ws.security.stax.test.utils.XmlReaderToWriter;
+import org.apache.xml.security.stax.securityEvent.SecurityEvent;
+import org.apache.xml.security.stax.securityEvent.SecurityEventConstants;
 import org.apache.xml.security.stax.securityEvent.SignatureValueSecurityEvent;
 import org.apache.xml.security.stax.securityEvent.SignedElementSecurityEvent;
 import org.testng.Assert;
@@ -675,7 +675,6 @@ public class DerivedKeyTokenTest extends
                     WSSecurityEventConstants.AlgorithmSuite,
                     WSSecurityEventConstants.AlgorithmSuite,
                     WSSecurityEventConstants.AlgorithmSuite,
-                    WSSecurityEventConstants.AlgorithmSuite,
                     WSSecurityEventConstants.Operation,
             };
             final TestSecurityEventListener securityEventListener = new TestSecurityEventListener(expectedSecurityEvents);
@@ -720,7 +719,7 @@ public class DerivedKeyTokenTest extends
                 }
             }
 
-            org.junit.Assert.assertEquals(6, encryptedPartSecurityEvents.size());
+            org.junit.Assert.assertEquals(5, encryptedPartSecurityEvents.size());
             org.junit.Assert.assertEquals(3, signedElementSecurityEvents.size());
             org.junit.Assert.assertEquals(6, signatureValueSecurityEvents.size());
             org.junit.Assert.assertEquals(securityEventListener.getReceivedSecurityEvents().size(),

Modified: webservices/wss4j/trunk/ws-security-stax/src/test/java/org/apache/ws/security/stax/test/InboundWSSecurityContextImplTest.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-stax/src/test/java/org/apache/ws/security/stax/test/InboundWSSecurityContextImplTest.java?rev=1383498&r1=1383497&r2=1383498&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-stax/src/test/java/org/apache/ws/security/stax/test/InboundWSSecurityContextImplTest.java (original)
+++ webservices/wss4j/trunk/ws-security-stax/src/test/java/org/apache/ws/security/stax/test/InboundWSSecurityContextImplTest.java Tue Sep 11 17:59:51 2012
@@ -18,8 +18,8 @@
  */
 package org.apache.ws.security.stax.test;
 
-import org.opensaml.common.SAMLVersion;
 import org.apache.ws.security.common.ext.WSSecurityException;
+import org.apache.ws.security.common.saml.SAMLKeyInfo;
 import org.apache.ws.security.stax.ext.WSSConstants;
 import org.apache.ws.security.stax.ext.WSSecurityContext;
 import org.apache.ws.security.stax.impl.InboundWSSecurityContextImpl;
@@ -32,19 +32,13 @@ import org.apache.xml.security.stax.ext.
 import org.apache.xml.security.stax.ext.XMLSecurityException;
 import org.apache.xml.security.stax.ext.stax.XMLSecEvent;
 import org.apache.xml.security.stax.ext.stax.XMLSecEventFactory;
-import org.apache.xml.security.stax.securityEvent.EncryptedElementSecurityEvent;
-import org.apache.xml.security.stax.securityEvent.SecurityEvent;
-import org.apache.xml.security.stax.securityEvent.SecurityEventListener;
-import org.apache.xml.security.stax.securityEvent.SignatureValueSecurityEvent;
-import org.apache.xml.security.stax.securityEvent.SignedElementSecurityEvent;
-import org.apache.xml.security.stax.securityEvent.X509TokenSecurityEvent;
+import org.apache.xml.security.stax.securityEvent.*;
+import org.opensaml.common.SAMLVersion;
 import org.testng.Assert;
 import org.testng.annotations.Test;
 
 import javax.xml.namespace.QName;
-import java.security.Key;
 import java.security.KeyStore;
-import java.security.PublicKey;
 import java.security.cert.Certificate;
 import java.security.cert.X509Certificate;
 import java.util.Date;
@@ -514,7 +508,8 @@ public class InboundWSSecurityContextImp
 
         XMLSecEvent samlTokenXmlEvent = XMLSecEventFactory.createXmlSecStartElement(WSSConstants.TAG_wsse_UsernameToken, null, null);
 
-        SAMLSecurityToken samlSecurityToken = new SAMLSecurityToken(SAMLVersion.VERSION_20, null, null, null, null, "1");
+        SAMLSecurityToken samlSecurityToken = new SAMLSecurityToken(
+                SAMLVersion.VERSION_20, new SAMLKeyInfo(getX509Token(WSSConstants.X509V3Token).getX509Certificates()), null, null, null, "1");
         samlSecurityToken.setElementPath(samlTokenPath);
         samlSecurityToken.setXMLSecEvent(samlTokenXmlEvent);
         samlSecurityToken.addTokenUsage(SecurityToken.TokenUsage.Encryption);
@@ -653,48 +648,29 @@ public class InboundWSSecurityContextImp
         final KeyStore keyStore = KeyStore.getInstance("jks");
         keyStore.load(this.getClass().getClassLoader().getResourceAsStream("transmitter.jks"), "default".toCharArray());
 
-        return new X509SecurityToken(tokenType, null, null, null, "", WSSConstants.WSSKeyIdentifierType.THUMBPRINT_IDENTIFIER) {
+        X509SecurityToken x509SecurityToken = new X509SecurityToken(tokenType, null, null, null, "", WSSConstants.WSSKeyIdentifierType.THUMBPRINT_IDENTIFIER) {
+
             @Override
             protected String getAlias() throws XMLSecurityException {
                 return "transmitter";
             }
+        };
+        x509SecurityToken.setSecretKey("", keyStore.getKey("transmitter", "default".toCharArray()));
+        x509SecurityToken.setPublicKey(keyStore.getCertificate("transmitter").getPublicKey());
 
-            @Override
-            public Key getSecretKey(String algorithmURI, XMLSecurityConstants.KeyUsage keyUsage,
-                                    String correlationID) throws XMLSecurityException {
-                try {
-                    return keyStore.getKey("transmitter", "default".toCharArray());
-                } catch (Exception e) {
-                    throw new XMLSecurityException(e.getMessage(), e);
-                }
-            }
-
-            @Override
-            public PublicKey getPublicKey(String algorithmURI, XMLSecurityConstants.KeyUsage keyUsage,
-                                          String correlationID) throws XMLSecurityException {
-                try {
-                    return keyStore.getCertificate("transmitter").getPublicKey();
-                } catch (Exception e) {
-                    throw new XMLSecurityException(e.getMessage(), e);
-                }
-            }
+        Certificate[] certificates;
+        try {
+            certificates = keyStore.getCertificateChain("transmitter");
+        } catch (Exception e) {
+            throw new XMLSecurityException(e.getMessage(), e);
+        }
 
-            @Override
-            public X509Certificate[] getX509Certificates() throws XMLSecurityException {
-                Certificate[] certificates;
-                try {
-                    certificates = keyStore.getCertificateChain("transmitter");
-                } catch (Exception e) {
-                    throw new XMLSecurityException(e.getMessage(), e);
-                }
-
-                X509Certificate[] x509Certificates = new X509Certificate[certificates.length];
-                for (int i = 0; i < certificates.length; i++) {
-                    Certificate certificate = certificates[i];
-                    x509Certificates[i] = (X509Certificate) certificate;
-                }
-                return x509Certificates;
-            }
-        };
+        X509Certificate[] x509Certificates = new X509Certificate[certificates.length];
+        for (int i = 0; i < certificates.length; i++) {
+            Certificate certificate = certificates[i];
+            x509Certificates[i] = (X509Certificate) certificate;
+        }
+        x509SecurityToken.setX509Certificates(x509Certificates);
+        return x509SecurityToken;
     }
 }



Mime
View raw message