svn commit: r1087253 - in /cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust: STSClient.java STSTokenValidator.java

Thu, 31 Mar 2011 04:18:02 -0700 

Author: coheigea
Date: Thu Mar 31 11:17:37 2011
New Revision: 1087253

URL: http://svn.apache.org/viewvc?rev=1087253&view=rev
Log:
Added support to the STSClient to extract a SecurityToken via the validate 
binding.

Modified:
    
cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/STSClient.java
    
cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/STSTokenValidator.java

Modified: 
cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/STSClient.java
URL: 
http://svn.apache.org/viewvc/cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/STSClient.java?rev=1087253&r1=1087252&r2=1087253&view=diff
==============================================================================
--- 
cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/STSClient.java
 (original)
+++ 
cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/STSClient.java
 Thu Mar 31 11:17:37 2011
@@ -642,8 +642,11 @@ public class STSClient implements Config
     }
     
     public List<SecurityToken> validateSecurityToken(SecurityToken tok) throws 
Exception {
-        return validateSecurityToken(tok,
-                                     namespace + "/RSTR/Status");
+        String validateTokenType = tokenType;
+        if (validateTokenType == null) {
+            validateTokenType = namespace + "/RSTR/Status";
+        }
+        return validateSecurityToken(tok, validateTokenType);
     }
     
     private List<SecurityToken> validateSecurityToken(SecurityToken tok, 
String tokentype) 
@@ -716,15 +719,21 @@ public class STSClient implements Config
             if ("Status".equals(el.getLocalName())) {
                 Element e2 = DOMUtils.getFirstChildWithName(el, 
el.getNamespaceURI(), "Code");
                 String s = DOMUtils.getContent(e2);
-                valid =  s.endsWith("/status/valid");
+                valid = s.endsWith("/status/valid");
                 
                 e2 = DOMUtils.getFirstChildWithName(el, el.getNamespaceURI(), 
"Reason");
                 if (e2 != null) {
                     reason = DOMUtils.getContent(e2);
                 }
             } else if ("RequestedSecurityToken".equals(el.getLocalName())) {
-                //TODO: get the token out of it.  Need to find an STS that 
actually
-                //suports this first to test it
+                Element requestedSecurityTokenElement = 
DOMUtils.getFirstElement(el);
+                String id = findID(null, null, requestedSecurityTokenElement);
+                if (StringUtils.isEmpty(id)) {
+                    throw new TrustException("NO_ID", LOG);
+                }
+                SecurityToken requestedSecurityToken = new SecurityToken(id);
+                requestedSecurityToken.setToken(requestedSecurityTokenElement);
+                tokens.add(requestedSecurityToken);
             }
             el = DOMUtils.getNextElement(el);
         }

Modified: 
cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/STSTokenValidator.java
URL: 
http://svn.apache.org/viewvc/cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/STSTokenValidator.java?rev=1087253&r1=1087252&r2=1087253&view=diff
==============================================================================
--- 
cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/STSTokenValidator.java
 (original)
+++ 
cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/STSTokenValidator.java
 Thu Mar 31 11:17:37 2011
@@ -20,10 +20,13 @@
 package org.apache.cxf.ws.security.trust;
 
 
+import java.util.List;
+
 import org.apache.cxf.binding.soap.SoapMessage;
 import org.apache.cxf.ws.security.tokenstore.SecurityToken;
 import org.apache.ws.security.WSSecurityException;
 import org.apache.ws.security.handler.RequestData;
+import org.apache.ws.security.saml.ext.AssertionWrapper;
 import org.apache.ws.security.validate.Credential;
 import org.apache.ws.security.validate.Validator;
 
@@ -71,7 +74,12 @@ public class STSTokenValidator implement
             STSClient c = STSUtils.getClient(m, "sts");
             synchronized (c) {
                 System.setProperty("noprint", "true");
-                c.validateSecurityToken(token);
+                List<SecurityToken> tokens = c.validateSecurityToken(token);
+                SecurityToken returnedToken = tokens.get(0);
+                if (returnedToken != token) {
+                    AssertionWrapper assertion = new 
AssertionWrapper(returnedToken.getToken());
+                    credential.setTransformedToken(assertion);
+                }
                 return credential;
             }
         } catch (RuntimeException e) {

Reply via email to