(ws-wss4j) branch coheigea/saml-refactor-new updated: Moving DOMSAMLUtil into saml module

coheigea Fri, 20 Jun 2025 03:37:47 -0700

This is an automated email from the ASF dual-hosted git repository.

coheigea pushed a commit to branch coheigea/saml-refactor-new
in repository https://gitbox.apache.org/repos/asf/ws-wss4j.git



The following commit(s) were added to refs/heads/coheigea/saml-refactor-new by 
this push:
     new 48624d9a7 Moving DOMSAMLUtil into saml module
48624d9a7 is described below

commit 48624d9a7532d1ef977ccf4337f08af334190df4
Author: Colm O hEigeartaigh <[email protected]>
AuthorDate: Fri Jun 20 11:36:59 2025 +0100

    Moving DOMSAMLUtil into saml module
---
 .../apache/wss4j/dom/engine/WSSecurityEngine.java  |  4 ++--
 .../org/apache/wss4j/common}/saml/DOMSAMLUtil.java | 25 ++++++++++------------
 2 files changed, 13 insertions(+), 16 deletions(-)

diff --git 
a/ws-security-dom/src/main/java/org/apache/wss4j/dom/engine/WSSecurityEngine.java
 
b/ws-security-dom/src/main/java/org/apache/wss4j/dom/engine/WSSecurityEngine.java
index 2fbf1e2e6..2dbc425bc 100644
--- 
a/ws-security-dom/src/main/java/org/apache/wss4j/dom/engine/WSSecurityEngine.java
+++ 
b/ws-security-dom/src/main/java/org/apache/wss4j/dom/engine/WSSecurityEngine.java
@@ -39,7 +39,7 @@ import org.apache.wss4j.common.dom.WSDocInfo;
 import org.apache.wss4j.common.dom.RequestData;
 import org.apache.wss4j.dom.handler.WSHandlerResult;
 import org.apache.wss4j.common.dom.processor.Processor;
-import org.apache.wss4j.dom.saml.DOMSAMLUtil;
+import org.apache.wss4j.common.saml.DOMSAMLUtil;
 import org.apache.wss4j.dom.util.WSSecurityUtil;
 import org.w3c.dom.Document;
 import org.w3c.dom.Element;
@@ -371,7 +371,7 @@ public class WSSecurityEngine {
         // Validate SAML Subject Confirmation requirements
         if (requestData.isValidateSamlSubjectConfirmation()) {
             Element bodyElement = callbackLookupToUse.getSOAPBody();
-            DOMSAMLUtil.validateSAMLResults(handlerResult, 
requestData.getTlsCerts(), bodyElement);
+            DOMSAMLUtil.validateSAMLResults(handlerResult.getActionResults(), 
requestData.getTlsCerts(), bodyElement);
         }
 
         wsDocInfo.clear();
diff --git 
a/ws-security-dom/src/main/java/org/apache/wss4j/dom/saml/DOMSAMLUtil.java 
b/ws-security-saml/src/main/java/org/apache/wss4j/common/saml/DOMSAMLUtil.java
similarity index 91%
rename from 
ws-security-dom/src/main/java/org/apache/wss4j/dom/saml/DOMSAMLUtil.java
rename to 
ws-security-saml/src/main/java/org/apache/wss4j/common/saml/DOMSAMLUtil.java
index 7f8c26fad..7f29740ed 100644
--- a/ws-security-dom/src/main/java/org/apache/wss4j/dom/saml/DOMSAMLUtil.java
+++ 
b/ws-security-saml/src/main/java/org/apache/wss4j/common/saml/DOMSAMLUtil.java
@@ -17,7 +17,7 @@
  * under the License.
  */
 
-package org.apache.wss4j.dom.saml;
+package org.apache.wss4j.common.saml;
 
 import java.security.MessageDigest;
 import java.security.Principal;
@@ -26,16 +26,13 @@ import java.security.cert.Certificate;
 import java.security.cert.X509Certificate;
 import java.util.ArrayList;
 import java.util.List;
+import java.util.Map;
 
 import org.apache.wss4j.common.ext.WSSecurityException;
 import org.apache.wss4j.common.principal.WSDerivedKeyTokenPrincipal;
-import org.apache.wss4j.common.saml.OpenSAMLUtil;
-import org.apache.wss4j.common.saml.SAMLKeyInfo;
-import org.apache.wss4j.common.saml.SamlAssertionWrapper;
 import org.apache.wss4j.common.dom.WSConstants;
 import org.apache.wss4j.common.WSDataRef;
 import org.apache.wss4j.common.dom.engine.WSSecurityEngineResult;
-import org.apache.wss4j.dom.handler.WSHandlerResult;
 import org.w3c.dom.Element;
 
 /**
@@ -51,16 +48,16 @@ public final class DOMSAMLUtil {
     }
 
     public static void validateSAMLResults(
-        WSHandlerResult handlerResults,
+        Map<Integer, List<WSSecurityEngineResult>> actionResults,
         Certificate[] tlsCerts,
         Element body
     ) throws WSSecurityException {
         List<WSSecurityEngineResult> samlResults = new ArrayList<>();
-        if 
(handlerResults.getActionResults().containsKey(WSConstants.ST_SIGNED)) {
-            
samlResults.addAll(handlerResults.getActionResults().get(WSConstants.ST_SIGNED));
+        if (actionResults.containsKey(WSConstants.ST_SIGNED)) {
+            samlResults.addAll(actionResults.get(WSConstants.ST_SIGNED));
         }
-        if 
(handlerResults.getActionResults().containsKey(WSConstants.ST_UNSIGNED)) {
-            
samlResults.addAll(handlerResults.getActionResults().get(WSConstants.ST_UNSIGNED));
+        if (actionResults.containsKey(WSConstants.ST_UNSIGNED)) {
+            samlResults.addAll(actionResults.get(WSConstants.ST_UNSIGNED));
         }
 
         if (samlResults.isEmpty()) {
@@ -68,11 +65,11 @@ public final class DOMSAMLUtil {
         }
 
         List<WSSecurityEngineResult> signedResults = new ArrayList<>();
-        if (handlerResults.getActionResults().containsKey(WSConstants.SIGN)) {
-            
signedResults.addAll(handlerResults.getActionResults().get(WSConstants.SIGN));
+        if (actionResults.containsKey(WSConstants.SIGN)) {
+            signedResults.addAll(actionResults.get(WSConstants.SIGN));
         }
-        if 
(handlerResults.getActionResults().containsKey(WSConstants.UT_SIGN)) {
-            
signedResults.addAll(handlerResults.getActionResults().get(WSConstants.UT_SIGN));
+        if (actionResults.containsKey(WSConstants.UT_SIGN)) {
+            signedResults.addAll(actionResults.get(WSConstants.UT_SIGN));
         }
 
         for (WSSecurityEngineResult samlResult : samlResults) {

(ws-wss4j) branch coheigea/saml-refactor-new updated: Moving DOMSAMLUtil into saml module

Reply via email to