(ws-wss4j) branch coheigea/saml-refactor-new updated: Removed hard-coding of EncryptedKeyProcessor

Fri, 20 Jun 2025 05:01:24 -0700 

This is an automated email from the ASF dual-hosted git repository.

coheigea pushed a commit to branch coheigea/saml-refactor-new
in repository https://gitbox.apache.org/repos/asf/ws-wss4j.git


The following commit(s) were added to refs/heads/coheigea/saml-refactor-new by 
this push:
     new fbe7ef1e7 Removed hard-coding of EncryptedKeyProcessor
fbe7ef1e7 is described below

commit fbe7ef1e767495c1bd6e1840d25f979c4572d4f5
Author: Colm O hEigeartaigh <[email protected]>
AuthorDate: Fri Jun 20 12:51:10 2025 +0100

    Removed hard-coding of EncryptedKeyProcessor
---
 .../org/apache/wss4j/dom/saml/WSSSAMLKeyInfoProcessor.java   | 12 ++++++++----
 1 file changed, 8 insertions(+), 4 deletions(-)

diff --git 
a/ws-security-dom/src/main/java/org/apache/wss4j/dom/saml/WSSSAMLKeyInfoProcessor.java
 
b/ws-security-dom/src/main/java/org/apache/wss4j/dom/saml/WSSSAMLKeyInfoProcessor.java
index 106b20a6e..3d6e8e8c2 100644
--- 
a/ws-security-dom/src/main/java/org/apache/wss4j/dom/saml/WSSSAMLKeyInfoProcessor.java
+++ 
b/ws-security-dom/src/main/java/org/apache/wss4j/dom/saml/WSSSAMLKeyInfoProcessor.java
@@ -36,8 +36,8 @@ import org.apache.wss4j.common.saml.SAMLKeyInfoProcessor;
 import org.apache.wss4j.common.token.SecurityTokenReference;
 import org.apache.wss4j.common.dom.WSConstants;
 import org.apache.wss4j.common.dom.engine.WSSecurityEngineResult;
+import org.apache.wss4j.common.dom.processor.Processor;
 import org.apache.wss4j.common.dom.RequestData;
-import org.apache.wss4j.dom.processor.EncryptedKeyProcessor;
 import org.apache.wss4j.dom.str.STRParser;
 import org.apache.wss4j.dom.str.STRParserParameters;
 import org.apache.wss4j.dom.str.STRParserResult;
@@ -77,9 +77,13 @@ public class WSSSAMLKeyInfoProcessor implements 
SAMLKeyInfoProcessor {
             if (Node.ELEMENT_NODE == node.getNodeType()) {
                 QName el = new QName(node.getNamespaceURI(), 
node.getLocalName());
                 if (el.equals(WSConstants.ENCRYPTED_KEY)) {
-                    EncryptedKeyProcessor proc = new EncryptedKeyProcessor();
-                    List<WSSecurityEngineResult> result =
-                        proc.handleToken((Element)node, data, 
data.getSamlAlgorithmSuite());
+                    Processor proc = 
data.getWssConfig().getProcessor(WSConstants.ENCRYPTED_KEY);
+                    AlgorithmSuite oldAlgorithmSuite = 
data.getAlgorithmSuite();
+                    // Hack to work around hard-coding the 
EncryptedKeyProcessor
+                    data.setAlgorithmSuite(data.getSamlAlgorithmSuite());
+                    List<WSSecurityEngineResult> result = 
proc.handleToken((Element)node, data);
+                    data.setAlgorithmSuite(oldAlgorithmSuite);
+                    
                     byte[] secret =
                         (byte[])result.get(0).get(
                             WSSecurityEngineResult.TAG_SECRET

Reply via email to