diff options
| author |  gmcdonald | 2010-02-13 01:32:03 +0000 |
|---|---|---|
| committer | gmcdonald | 2010-02-13 01:32:03 +0000 |
| commit | 0425aadc78680e53000fd0108b540d6eca048516 (patch) | |
| tree | 8ec7ab8e015d454c5ec586dfc91e05a2dce1cfc0 /neethi/src/secpolicy/builder | |
| download | axis2c-0425aadc78680e53000fd0108b540d6eca048516.tar.gz axis2c-0425aadc78680e53000fd0108b540d6eca048516.tar.bz2 | |
Moving axis svn, part of TLP move INFRA-2441
git-svn-id: http://svn.apache.org/repos/asf/axis/axis2/c/core/trunk@909681 13f79535-47bb-0310-9956-ffa450edef68
Diffstat (limited to 'neethi/src/secpolicy/builder')
27 files changed, 4146 insertions, 0 deletions
diff --git a/neethi/src/secpolicy/builder/Makefile.am b/neethi/src/secpolicy/builder/Makefile.am new file mode 100644 index 0000000..d189e16 --- /dev/null +++ b/neethi/src/secpolicy/builder/Makefile.am @@ -0,0 +1,25 @@ +TESTS = + +noinst_LTLIBRARIES = librp_builder.la + +librp_builder_la_SOURCES = algorithmsuite_builder.c \ + layout_builder.c \ + supporting_tokens_builder.c \ + transport_binding_builder.c username_token_builder.c \ + wss10_builder.c transport_token_builder.c \ + token_identifier.c https_token_builder.c rampart_config_builder.c \ + asymmetric_binding_builder.c x509_token_builder.c initiator_token_builder.c \ + recipient_token_builder.c signed_encrypted_parts_builder.c secpolicy_builder.c \ + symmetric_binding_builder.c protection_token_builder.c signature_token_builder.c \ + encryption_token_builder.c wss11_builder.c trust10_builder.c \ + bootstrap_policy_builder.c security_context_token_builder.c \ + issued_token_builder.c saml_token_builder.c + +librp_builder_la_LIBADD = ../../../../axiom/src/om/libaxis2_axiom.la \ + ../../../../util/src/libaxutil.la + +INCLUDES = -I$(top_builddir)/include \ + -I ../../../include \ + -I ../../../../util/include \ + -I ../../../../axiom/include \ + -I ../../../../include diff --git a/neethi/src/secpolicy/builder/algorithmsuite_builder.c b/neethi/src/secpolicy/builder/algorithmsuite_builder.c new file mode 100644 index 0000000..3f42baf --- /dev/null +++ b/neethi/src/secpolicy/builder/algorithmsuite_builder.c @@ -0,0 +1,82 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include <rp_algorithmsuite_builder.h> +#include <neethi_operator.h> +#include <neethi_policy.h> +#include <neethi_exactlyone.h> +#include <neethi_all.h> +#include <neethi_engine.h> + +AXIS2_EXTERN neethi_assertion_t *AXIS2_CALL +rp_algorithmsuite_builder_build( + const axutil_env_t *env, + axiom_node_t *node, + axiom_element_t *element) +{ + rp_algorithmsuite_t *algorithmsuite = NULL; + axiom_node_t *child_node = NULL; + axiom_node_t *algo_node = NULL; + axiom_element_t *algo_element = NULL; + neethi_assertion_t *assertion = NULL; + + algorithmsuite = rp_algorithmsuite_create(env); + + child_node = axiom_node_get_first_element(node, env); + + if(child_node) + { + algo_node = axiom_node_get_first_element(child_node, env); + if(!algo_node) + { + return NULL; + } + } + else + { + return NULL; + } + + if(axiom_node_get_node_type(algo_node, env) == AXIOM_ELEMENT) + { + algo_element = (axiom_element_t *)axiom_node_get_data_element(algo_node, env); + if(algo_element) + { + axis2_status_t status = AXIS2_FAILURE; + axis2_char_t *algosuite_string = NULL; + + algosuite_string = axiom_element_get_localname(algo_element, env); + if(!algosuite_string) + { + return NULL; + } + status = rp_algorithmsuite_set_algosuite(algorithmsuite, env, algosuite_string); + if(AXIS2_FAILURE == status) + { + return NULL; + } + assertion = neethi_assertion_create_with_args(env, + (AXIS2_FREE_VOID_ARG)rp_algorithmsuite_free, algorithmsuite, + ASSERTION_TYPE_ALGORITHM_SUITE); + return assertion; + } + else + return NULL; + } + else + return NULL; +} diff --git a/neethi/src/secpolicy/builder/asymmetric_binding_builder.c b/neethi/src/secpolicy/builder/asymmetric_binding_builder.c new file mode 100644 index 0000000..3a2f889 --- /dev/null +++ b/neethi/src/secpolicy/builder/asymmetric_binding_builder.c @@ -0,0 +1,234 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include <rp_asymmetric_binding_builder.h> +#include <neethi_operator.h> +#include <neethi_policy.h> +#include <neethi_exactlyone.h> +#include <neethi_all.h> +#include <neethi_engine.h> + +/*private functions*/ + +axis2_status_t AXIS2_CALL +asymmetric_binding_process_alternatives( + const axutil_env_t *env, + neethi_all_t *all, + rp_asymmetric_binding_t *asymmetric_binding); + +/***********************************/ + +AXIS2_EXTERN neethi_assertion_t *AXIS2_CALL +rp_asymmetric_binding_builder_build( + const axutil_env_t *env, + axiom_node_t *node, + axiom_element_t *element) +{ + rp_asymmetric_binding_t *asymmetric_binding = NULL; + neethi_policy_t *policy = NULL; + axiom_node_t *child_node = NULL; + axiom_element_t *child_element = NULL; + axutil_array_list_t *alternatives = NULL; + neethi_operator_t *component = NULL; + neethi_all_t *all = NULL; + neethi_assertion_t *assertion = NULL; + neethi_policy_t *normalized_policy = NULL; + + asymmetric_binding = rp_asymmetric_binding_create(env); + + child_node = axiom_node_get_first_element(node, env); + if(!child_node) + { + return NULL; + } + + if(axiom_node_get_node_type(child_node, env) == AXIOM_ELEMENT) + { + child_element = (axiom_element_t *)axiom_node_get_data_element(child_node, env); + if(child_element) + { + policy = neethi_engine_get_policy(env, child_node, child_element); + if(!policy) + { + return NULL; + } + normalized_policy = neethi_engine_get_normalize(env, AXIS2_FALSE, policy); + alternatives = neethi_policy_get_alternatives(normalized_policy, env); + neethi_policy_free(policy, env); + policy = NULL; + component = (neethi_operator_t *)axutil_array_list_get(alternatives, env, 0); + all = (neethi_all_t *)neethi_operator_get_value(component, env); + asymmetric_binding_process_alternatives(env, all, asymmetric_binding); + + assertion = neethi_assertion_create_with_args(env, + (AXIS2_FREE_VOID_ARG)rp_asymmetric_binding_free, asymmetric_binding, + ASSERTION_TYPE_ASSYMMETRIC_BINDING); + neethi_policy_free(normalized_policy, env); + normalized_policy = NULL; + + return assertion; + } + else + return NULL; + } + else + return NULL; +} + +axis2_status_t AXIS2_CALL +asymmetric_binding_process_alternatives( + const axutil_env_t *env, + neethi_all_t *all, + rp_asymmetric_binding_t * asymmetric_binding) +{ + + neethi_operator_t *operator = NULL; + axutil_array_list_t *arraylist = NULL; + neethi_assertion_t *assertion = NULL; + neethi_assertion_type_t type; + void *value = NULL; + rp_binding_commons_t *commons = NULL; + rp_symmetric_asymmetric_binding_commons_t *as_commons = NULL; + + int i = 0; + + arraylist = neethi_all_get_policy_components(all, env); + commons = rp_binding_commons_create(env); + as_commons = rp_symmetric_asymmetric_binding_commons_create(env); + + for(i = 0; i < axutil_array_list_size(arraylist, env); i++) + { + operator = (neethi_operator_t *)axutil_array_list_get(arraylist, env, i); + assertion = (neethi_assertion_t *)neethi_operator_get_value(operator, env); + value = neethi_assertion_get_value(assertion, env); + type = neethi_assertion_get_type(assertion, env); + + if(type == ASSERTION_TYPE_INITIATOR_TOKEN) + { + rp_property_t *initiator_token = NULL; + initiator_token = (rp_property_t *)neethi_assertion_get_value(assertion, env); + if(initiator_token) + { + rp_asymmetric_binding_set_initiator_token(asymmetric_binding, env, initiator_token); + } + else + return AXIS2_FAILURE; + } + else if(type == ASSERTION_TYPE_RECIPIENT_TOKEN) + { + rp_property_t *recipient_token = NULL; + recipient_token = (rp_property_t *)neethi_assertion_get_value(assertion, env); + if(recipient_token) + { + rp_asymmetric_binding_set_recipient_token(asymmetric_binding, env, recipient_token); + } + else + return AXIS2_FAILURE; + } + else if(type == ASSERTION_TYPE_ALGORITHM_SUITE) + { + rp_algorithmsuite_t *algorithmsuite = NULL; + algorithmsuite = (rp_algorithmsuite_t *)neethi_assertion_get_value(assertion, env); + if(algorithmsuite) + { + rp_binding_commons_set_algorithmsuite(commons, env, algorithmsuite); + } + else + return AXIS2_FAILURE; + } + else if(type == ASSERTION_TYPE_INCLUDE_TIMESTAMP) + { + rp_binding_commons_set_include_timestamp(commons, env, AXIS2_TRUE); + } + else if(type == ASSERTION_TYPE_LAYOUT) + { + rp_layout_t *layout = NULL; + layout = (rp_layout_t *)neethi_assertion_get_value(assertion, env); + if(layout) + { + rp_binding_commons_set_layout(commons, env, layout); + } + else + return AXIS2_FAILURE; + } + else if(type == ASSERTION_TYPE_ENCRYPT_BEFORE_SIGNING) + { + rp_symmetric_asymmetric_binding_commons_set_protection_order(as_commons, env, + RP_ENCRYPT_BEFORE_SIGNING); + } + else if(type == ASSERTION_TYPE_SIGN_BEFORE_ENCRYPTING) + { + rp_symmetric_asymmetric_binding_commons_set_protection_order(as_commons, env, + RP_SIGN_BEFORE_ENCRYPTING); + } + else if(type == ASSERTION_TYPE_ENCRYPT_SIGNATURE) + { + rp_symmetric_asymmetric_binding_commons_set_signature_protection(as_commons, env, + AXIS2_TRUE); + } + else if(type == ASSERTION_TYPE_PROTECT_TOKENS) + { + rp_symmetric_asymmetric_binding_commons_set_token_protection(as_commons, env, + AXIS2_TRUE); + } + else if(type == ASSERTION_TYPE_ONLY_SIGN_ENTIRE_HEADERS_AND_BODY) + { + rp_symmetric_asymmetric_binding_commons_set_entire_headers_and_body_signatures( + as_commons, env, AXIS2_TRUE); + } + else if(type == ASSERTION_TYPE_SUPPORTING_TOKENS) + { + rp_supporting_tokens_t *supporting_tokens = NULL; + supporting_tokens + = (rp_supporting_tokens_t *)neethi_assertion_get_value(assertion, env); + if(supporting_tokens) + { + rp_property_type_t type; + type = rp_supporting_tokens_get_type(supporting_tokens, env); + if(type == RP_PROPERTY_SIGNED_SUPPORTING_TOKEN) + { + rp_binding_commons_set_signed_supporting_tokens(commons, env, supporting_tokens); + } + else if(type == RP_PROPERTY_SIGNED_ENDORSING_SUPPORTING_TOKEN) + { + rp_binding_commons_set_signed_endorsing_supporting_tokens(commons, env, + supporting_tokens); + } + else if(type == RP_PROPERTY_SUPPORTING_SUPPORTING_TOKEN) + { + rp_binding_commons_set_supporting_tokens(commons, env, supporting_tokens); + } + else if(type == RP_PROPERTY_ENDORSING_SUPPORTING_TOKEN) + { + rp_binding_commons_set_endorsing_supporting_tokens(commons, env, + supporting_tokens); + } + else + return AXIS2_FAILURE; + } + else + return AXIS2_FAILURE; + } + else + return AXIS2_FAILURE; + } + rp_symmetric_asymmetric_binding_commons_set_binding_commons(as_commons, env, commons); + rp_asymmetric_binding_set_symmetric_asymmetric_binding_commons(asymmetric_binding, env, + as_commons); + + return AXIS2_SUCCESS; +} diff --git a/neethi/src/secpolicy/builder/bootstrap_policy_builder.c b/neethi/src/secpolicy/builder/bootstrap_policy_builder.c new file mode 100644 index 0000000..df8c23e --- /dev/null +++ b/neethi/src/secpolicy/builder/bootstrap_policy_builder.c @@ -0,0 +1,61 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include <rp_bootstrap_policy_builder.h> +#include <neethi_operator.h> +#include <neethi_policy.h> +#include <neethi_exactlyone.h> +#include <neethi_all.h> +#include <neethi_engine.h> + +AXIS2_EXTERN neethi_assertion_t *AXIS2_CALL +rp_bootstrap_policy_builder_build( + const axutil_env_t *env, + axiom_node_t *node, + axiom_element_t *element) +{ + neethi_policy_t *policy = NULL; + axiom_node_t *child_node = NULL; + axiom_element_t *child_element = NULL; + neethi_assertion_t *assertion = NULL; + + child_node = axiom_node_get_first_element(node, env); + if(!child_node) + { + return NULL; + } + + if(axiom_node_get_node_type(child_node, env) == AXIOM_ELEMENT) + { + child_element = (axiom_element_t *)axiom_node_get_data_element(child_node, env); + if(child_element) + { + policy = neethi_engine_get_policy(env, child_node, child_element); + if(!policy) + { + return NULL; + } + assertion = neethi_assertion_create_with_args(env, NULL, /*this policy should not be deleted*/ + policy, ASSERTION_TYPE_BOOTSTRAP_POLICY); + return assertion; + } + else + return NULL; + } + else + return NULL; +} diff --git a/neethi/src/secpolicy/builder/encryption_token_builder.c b/neethi/src/secpolicy/builder/encryption_token_builder.c new file mode 100644 index 0000000..5896ac3 --- /dev/null +++ b/neethi/src/secpolicy/builder/encryption_token_builder.c @@ -0,0 +1,175 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include <rp_encryption_token_builder.h> +#include <neethi_operator.h> +#include <neethi_policy.h> +#include <neethi_assertion.h> +#include <neethi_exactlyone.h> +#include <neethi_all.h> +#include <neethi_engine.h> + +/*private functions*/ + +axis2_status_t AXIS2_CALL +encryption_token_process_alternatives( + const axutil_env_t *env, + neethi_all_t *all, + rp_property_t *encryption_token); + +/***********************************/ + +AXIS2_EXTERN neethi_assertion_t *AXIS2_CALL +rp_encryption_token_builder_build( + const axutil_env_t *env, + axiom_node_t *node, + axiom_element_t *element) +{ + rp_property_t *encryption_token = NULL; + neethi_policy_t *policy = NULL; + axiom_node_t *child_node = NULL; + axiom_element_t *child_element = NULL; + axutil_array_list_t *alternatives = NULL; + neethi_operator_t *component = NULL; + neethi_all_t *all = NULL; + neethi_assertion_t *assertion = NULL; + neethi_policy_t *normalized_policy = NULL; + + encryption_token = rp_property_create(env); + + child_node = axiom_node_get_first_element(node, env); + if(!child_node) + { + return NULL; + } + + if(axiom_node_get_node_type(child_node, env) == AXIOM_ELEMENT) + { + child_element = (axiom_element_t *)axiom_node_get_data_element(child_node, env); + if(child_element) + { + policy = neethi_engine_get_policy(env, child_node, child_element); + if(!policy) + { + return NULL; + } + normalized_policy = neethi_engine_get_normalize(env, AXIS2_FALSE, policy); + neethi_policy_free(policy, env); + policy = NULL; + alternatives = neethi_policy_get_alternatives(normalized_policy, env); + component = (neethi_operator_t *)axutil_array_list_get(alternatives, env, 0); + all = (neethi_all_t *)neethi_operator_get_value(component, env); + encryption_token_process_alternatives(env, all, encryption_token); + + assertion = neethi_assertion_create_with_args(env, + (AXIS2_FREE_VOID_ARG)rp_property_free, encryption_token, + ASSERTION_TYPE_ENCRYPTION_TOKEN); + + neethi_policy_free(normalized_policy, env); + normalized_policy = NULL; + + return assertion; + } + else + return NULL; + } + else + return NULL; +} + +axis2_status_t AXIS2_CALL +encryption_token_process_alternatives( + const axutil_env_t *env, + neethi_all_t *all, + rp_property_t *encryption_token) +{ + + neethi_operator_t *operator = NULL; + axutil_array_list_t *arraylist = NULL; + neethi_assertion_t *assertion = NULL; + neethi_assertion_type_t type; + void *value = NULL; + + int i = 0; + + arraylist = neethi_all_get_policy_components(all, env); + + for(i = 0; i < axutil_array_list_size(arraylist, env); i++) + { + operator = (neethi_operator_t *)axutil_array_list_get(arraylist, env, i); + assertion = (neethi_assertion_t *)neethi_operator_get_value(operator, env); + value = neethi_assertion_get_value(assertion, env); + type = neethi_assertion_get_type(assertion, env); + + if(value) + { + if(type == ASSERTION_TYPE_X509_TOKEN) + { + rp_x509_token_t *x509_token = NULL; + x509_token = (rp_x509_token_t *)neethi_assertion_get_value(assertion, env); + if(x509_token) + { + rp_property_set_value(encryption_token, env, x509_token, RP_PROPERTY_X509_TOKEN); + } + else + return AXIS2_FAILURE; + } + else if(type == ASSERTION_TYPE_ISSUED_TOKEN) + { + rp_issued_token_t *issued_token = NULL; + issued_token = (rp_issued_token_t *)neethi_assertion_get_value(assertion, env); + if(issued_token) + { + rp_property_set_value(encryption_token, env, issued_token, + RP_PROPERTY_ISSUED_TOKEN); + } + else + return AXIS2_FAILURE; + } + else if(type == ASSERTION_TYPE_SAML_TOKEN) + { + rp_saml_token_t *saml_token = NULL; + saml_token = (rp_saml_token_t *)neethi_assertion_get_value(assertion, env); + if(saml_token) + { + rp_property_set_value(encryption_token, env, saml_token, RP_PROPERTY_SAML_TOKEN); + } + else + return AXIS2_FAILURE; + } + else if(type == ASSERTION_TYPE_SECURITY_CONTEXT_TOKEN) + { + rp_security_context_token_t *security_context_token = NULL; + security_context_token = (rp_security_context_token_t *)neethi_assertion_get_value( + assertion, env); + + if(security_context_token) + { + rp_property_set_value(encryption_token, env, security_context_token, + RP_PROPERTY_SECURITY_CONTEXT_TOKEN); + } + else + return AXIS2_FAILURE; + } + else + return AXIS2_FAILURE; + } + else + return AXIS2_FAILURE; + } + return AXIS2_SUCCESS; +} diff --git a/neethi/src/secpolicy/builder/https_token_builder.c b/neethi/src/secpolicy/builder/https_token_builder.c new file mode 100644 index 0000000..9406d19 --- /dev/null +++ b/neethi/src/secpolicy/builder/https_token_builder.c @@ -0,0 +1,56 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include <rp_https_token_builder.h> +#include <neethi_operator.h> +#include <neethi_policy.h> +#include <neethi_exactlyone.h> +#include <neethi_all.h> +#include <neethi_engine.h> + +AXIS2_EXTERN neethi_assertion_t *AXIS2_CALL +rp_https_token_builder_build( + const axutil_env_t *env, + axiom_node_t *node, + axiom_element_t *element) +{ + rp_https_token_t *https_token = NULL; + neethi_assertion_t *assertion = NULL; + axis2_char_t *value = NULL; + + https_token = rp_https_token_create(env); + + value = axiom_element_get_attribute_value_by_name(element, env, RP_REQUIRE_CLIENT_CERTIFICATE); + + if(value) + { + if(axutil_strcmp(value, "true") == 0) + { + rp_https_token_set_require_client_certificate(https_token, env, AXIS2_TRUE); + } + else if(axutil_strcmp(value, "false") == 0) + { + rp_https_token_set_require_client_certificate(https_token, env, AXIS2_FALSE); + } + else + return NULL; + } + + assertion = neethi_assertion_create_with_args(env, (AXIS2_FREE_VOID_ARG)rp_https_token_free, + https_token, ASSERTION_TYPE_HTTPS_TOKEN); + return assertion; +} diff --git a/neethi/src/secpolicy/builder/initiator_token_builder.c b/neethi/src/secpolicy/builder/initiator_token_builder.c new file mode 100644 index 0000000..28b6497 --- /dev/null +++ b/neethi/src/secpolicy/builder/initiator_token_builder.c @@ -0,0 +1,138 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include <rp_initiator_token_builder.h> +#include <neethi_operator.h> +#include <neethi_policy.h> +#include <neethi_assertion.h> +#include <neethi_exactlyone.h> +#include <neethi_all.h> +#include <neethi_engine.h> + +/*private functions*/ + +axis2_status_t AXIS2_CALL +initiator_token_process_alternatives( + const axutil_env_t * env, + neethi_all_t * all, + rp_property_t * initiator_token); + +/***********************************/ + +AXIS2_EXTERN neethi_assertion_t *AXIS2_CALL +rp_initiator_token_builder_build( + const axutil_env_t * env, + axiom_node_t * node, + axiom_element_t * element) +{ + rp_property_t *initiator_token = NULL; + neethi_policy_t *policy = NULL; + axiom_node_t *child_node = NULL; + axiom_element_t *child_element = NULL; + axutil_array_list_t *alternatives = NULL; + neethi_operator_t *component = NULL; + neethi_all_t *all = NULL; + neethi_assertion_t *assertion = NULL; + neethi_policy_t *normalized_policy = NULL; + + initiator_token = rp_property_create(env); + + child_node = axiom_node_get_first_element(node, env); + if(!child_node) + { + return NULL; + } + + if(axiom_node_get_node_type(child_node, env) == AXIOM_ELEMENT) + { + child_element = (axiom_element_t *)axiom_node_get_data_element(child_node, env); + if(child_element) + { + policy = neethi_engine_get_policy(env, child_node, child_element); + if(!policy) + { + return NULL; + } + normalized_policy = neethi_engine_get_normalize(env, AXIS2_FALSE, policy); + neethi_policy_free(policy, env); + policy = NULL; + alternatives = neethi_policy_get_alternatives(normalized_policy, env); + component = (neethi_operator_t *)axutil_array_list_get(alternatives, env, 0); + all = (neethi_all_t *)neethi_operator_get_value(component, env); + initiator_token_process_alternatives(env, all, initiator_token); + + assertion = neethi_assertion_create_with_args(env, + (AXIS2_FREE_VOID_ARG)rp_property_free, initiator_token, + ASSERTION_TYPE_INITIATOR_TOKEN); + + neethi_policy_free(normalized_policy, env); + normalized_policy = NULL; + + return assertion; + } + else + return NULL; + } + else + return NULL; +} + +axis2_status_t AXIS2_CALL +initiator_token_process_alternatives( + const axutil_env_t * env, + neethi_all_t * all, + rp_property_t * initiator_token) +{ + + neethi_operator_t *operator = NULL; + axutil_array_list_t *arraylist = NULL; + neethi_assertion_t *assertion = NULL; + neethi_assertion_type_t type; + void *value = NULL; + + int i = 0; + + arraylist = neethi_all_get_policy_components(all, env); + + for(i = 0; i < axutil_array_list_size(arraylist, env); i++) + { + operator = (neethi_operator_t *)axutil_array_list_get(arraylist, env, i); + assertion = (neethi_assertion_t *)neethi_operator_get_value(operator, env); + value = neethi_assertion_get_value(assertion, env); + type = neethi_assertion_get_type(assertion, env); + + if(value) + { + if(type == ASSERTION_TYPE_X509_TOKEN) + { + rp_x509_token_t *x509_token = NULL; + x509_token = (rp_x509_token_t *)neethi_assertion_get_value(assertion, env); + if(x509_token) + { + rp_property_set_value(initiator_token, env, x509_token, RP_PROPERTY_X509_TOKEN); + } + else + return AXIS2_FAILURE; + } + else + return AXIS2_FAILURE; + } + else + return AXIS2_FAILURE; + } + return AXIS2_SUCCESS; +} diff --git a/neethi/src/secpolicy/builder/issued_token_builder.c b/neethi/src/secpolicy/builder/issued_token_builder.c new file mode 100644 index 0000000..2cfc09f --- /dev/null +++ b/neethi/src/secpolicy/builder/issued_token_builder.c @@ -0,0 +1,164 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include <rp_issued_token_builder.h> + +AXIS2_EXTERN neethi_assertion_t * AXIS2_CALL +rp_issued_token_builder_build( + const axutil_env_t *env, + axiom_node_t *node, + axiom_element_t *element) +{ + rp_issued_token_t *issued_token = NULL; + neethi_policy_t *policy = NULL; + neethi_policy_t *normalized_policy = NULL; + neethi_all_t *all = NULL; + axutil_array_list_t *alternatives = NULL; + neethi_operator_t *component = NULL; + axis2_char_t *inclusion_value = NULL; + axutil_qname_t *qname = NULL; + axiom_node_t *issuer_node = NULL; + axiom_element_t *issuer_ele = NULL; + axiom_element_t *issuer_first_child_ele = NULL; + axiom_node_t *issuer_first_child_node = NULL; + axiom_node_t *req_sec_tok_template_node = NULL; + axiom_element_t *req_sec_tok_template_ele = NULL; + axiom_node_t *policy_node = NULL; + axiom_element_t *policy_ele = NULL; + neethi_assertion_t *assertion = NULL; + + issued_token = rp_issued_token_create(env); + qname = axutil_qname_create(env, RP_INCLUDE_TOKEN, RP_SP_NS_11, RP_SP_PREFIX); + inclusion_value = axiom_element_get_attribute_value(element, env, qname); + axutil_qname_free(qname, env); + qname = NULL; + + if(!inclusion_value) + { + /* we can try whether WS-SP1.2 specific inclusion value */ + qname = axutil_qname_create(env, RP_INCLUDE_TOKEN, RP_SP_NS_12, RP_SP_PREFIX); + inclusion_value = axiom_element_get_attribute_value(element, env, qname); + axutil_qname_free(qname, env); + qname = NULL; + } + + if(inclusion_value) + { + rp_issued_token_set_inclusion(issued_token, env, inclusion_value); + } + + qname = axutil_qname_create(env, RP_ISSUER, RP_SP_NS_11, RP_SP_PREFIX); + issuer_ele = axiom_element_get_first_child_with_qname(element, env, qname, node, &issuer_node); + if(issuer_ele) + { + issuer_first_child_ele = axiom_element_get_first_element(issuer_ele, env, issuer_node, + &issuer_first_child_node); + if(issuer_first_child_ele) + { + rp_issued_token_set_issuer_epr(issued_token, env, issuer_first_child_node); + } + } + axutil_qname_free(qname, env); + qname = NULL; + + qname = axutil_qname_create(env, RP_REQUEST_SEC_TOKEN_TEMPLATE, RP_SP_NS_11, RP_SP_PREFIX); + req_sec_tok_template_ele = axiom_element_get_first_child_with_qname(element, env, qname, node, + &req_sec_tok_template_node); + if(req_sec_tok_template_ele) + { + rp_issued_token_set_requested_sec_token_template(issued_token, env, + req_sec_tok_template_node); + } + else + { + return NULL; + } + + axutil_qname_free(qname, env); + qname = NULL; + + qname = axutil_qname_create(env, RP_POLICY, RP_POLICY_NS, RP_POLICY_PREFIX); + policy_ele = axiom_element_get_first_child_with_qname(element, env, qname, node, &policy_node); + if(policy_ele) + { + policy = neethi_engine_get_policy(env, policy_node, policy_ele); + if(!policy) + { + return NULL; + } + normalized_policy = neethi_engine_get_normalize(env, AXIS2_FALSE, policy); + neethi_policy_free(policy, env); + policy = NULL; + alternatives = neethi_policy_get_alternatives(normalized_policy, env); + component = (neethi_operator_t *)axutil_array_list_get(alternatives, env, 0); + all = (neethi_all_t *)neethi_operator_get_value(component, env); + if(AXIS2_FAILURE == rp_issued_token_builder_process_alternatives(env, all, issued_token)) + return NULL; + assertion = neethi_assertion_create_with_args(env, + (AXIS2_FREE_VOID_ARG)rp_issued_token_free, issued_token, ASSERTION_TYPE_ISSUED_TOKEN); + + neethi_policy_free(normalized_policy, env); + normalized_policy = NULL; + + return assertion; + } + + assertion = neethi_assertion_create(env); + neethi_assertion_set_value(assertion, env, issued_token, ASSERTION_TYPE_ISSUED_TOKEN); + + return assertion; +} + +AXIS2_EXTERN axis2_status_t AXIS2_CALL +rp_issued_token_builder_process_alternatives( + const axutil_env_t *env, + neethi_all_t *all, + rp_issued_token_t *issued_token) +{ + neethi_operator_t *operator = NULL; + axutil_array_list_t *arraylist = NULL; + neethi_assertion_t *assertion = NULL; + neethi_assertion_type_t type; + + int i = 0; + + arraylist = neethi_all_get_policy_components(all, env); + + for(i = 0; i < axutil_array_list_size(arraylist, env); i++) + { + operator = (neethi_operator_t *)axutil_array_list_get(arraylist, env, i); + assertion = (neethi_assertion_t *)neethi_operator_get_value(operator, env); + type = neethi_assertion_get_type(assertion, env); + + if(type == ASSERTION_TYPE_REQUIRE_DERIVED_KEYS_SC10) + { + rp_issued_token_set_derivedkeys(issued_token, env, AXIS2_TRUE); + } + else if(type == ASSERTION_TYPE_REQUIRE_EXTERNAL_REFERENCE) + { + rp_issued_token_set_require_exernal_reference(issued_token, env, AXIS2_TRUE); + } + else if(type == ASSERTION_TYPE_REQUIRE_INTERNAL_REFERENCE) + { + rp_issued_token_set_require_internal_reference(issued_token, env, AXIS2_TRUE); + } + else + return AXIS2_FAILURE; + } + return AXIS2_SUCCESS; +} + diff --git a/neethi/src/secpolicy/builder/layout_builder.c b/neethi/src/secpolicy/builder/layout_builder.c new file mode 100644 index 0000000..9be9ad9 --- /dev/null +++ b/neethi/src/secpolicy/builder/layout_builder.c @@ -0,0 +1,74 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include <rp_layout_builder.h> +#include <neethi_operator.h> +#include <neethi_policy.h> +#include <neethi_exactlyone.h> +#include <neethi_all.h> +#include <neethi_engine.h> + +AXIS2_EXTERN neethi_assertion_t *AXIS2_CALL +rp_layout_builder_build( + const axutil_env_t *env, + axiom_node_t *node, + axiom_element_t *element) +{ + rp_layout_t *layout = NULL; + axiom_node_t *child_node = NULL; + axiom_node_t *layout_node = NULL; + axiom_element_t *layout_element = NULL; + neethi_assertion_t *assertion = NULL; + + layout = rp_layout_create(env); + + child_node = axiom_node_get_first_element(node, env); + + if(child_node) + { + layout_node = axiom_node_get_first_element(child_node, env); + if(!layout_node) + { + return NULL; + } + } + else + { + return NULL; + } + + if(axiom_node_get_node_type(layout_node, env) == AXIOM_ELEMENT) + { + layout_element = (axiom_element_t *)axiom_node_get_data_element(layout_node, env); + if(layout_element) + { + axis2_char_t *local_name = NULL; + + local_name = axiom_element_get_localname(layout_element, env); + if(!local_name) + return NULL; + rp_layout_set_value(layout, env, local_name); + assertion = neethi_assertion_create_with_args(env, (AXIS2_FREE_VOID_ARG)rp_layout_free, + layout, ASSERTION_TYPE_LAYOUT); + return assertion; + } + else + return NULL; + } + else + return NULL; +} diff --git a/neethi/src/secpolicy/builder/protection_token_builder.c b/neethi/src/secpolicy/builder/protection_token_builder.c new file mode 100644 index 0000000..8ea02f2 --- /dev/null +++ b/neethi/src/secpolicy/builder/protection_token_builder.c @@ -0,0 +1,175 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include <rp_protection_token_builder.h> +#include <neethi_operator.h> +#include <neethi_policy.h> +#include <neethi_assertion.h> +#include <neethi_exactlyone.h> +#include <neethi_all.h> +#include <neethi_engine.h> + +/*private functions*/ + +axis2_status_t AXIS2_CALL +protection_token_process_alternatives( + const axutil_env_t *env, + neethi_all_t *all, + rp_property_t *protection_token); + +/***********************************/ + +AXIS2_EXTERN neethi_assertion_t *AXIS2_CALL +rp_protection_token_builder_build( + const axutil_env_t *env, + axiom_node_t *node, + axiom_element_t *element) +{ + rp_property_t *protection_token = NULL; + neethi_policy_t *policy = NULL; + axiom_node_t *child_node = NULL; + axiom_element_t *child_element = NULL; + axutil_array_list_t *alternatives = NULL; + neethi_operator_t *component = NULL; + neethi_all_t *all = NULL; + neethi_assertion_t *assertion = NULL; + neethi_policy_t *normalized_policy = NULL; + + protection_token = rp_property_create(env); + + child_node = axiom_node_get_first_element(node, env); + if(!child_node) + { + return NULL; + } + + if(axiom_node_get_node_type(child_node, env) == AXIOM_ELEMENT) + { + child_element = (axiom_element_t *)axiom_node_get_data_element(child_node, env); + if(child_element) + { + policy = neethi_engine_get_policy(env, child_node, child_element); + if(!policy) + { + return NULL; + } + normalized_policy = neethi_engine_get_normalize(env, AXIS2_FALSE, policy); + neethi_policy_free(policy, env); + policy = NULL; + alternatives = neethi_policy_get_alternatives(normalized_policy, env); + component = (neethi_operator_t *)axutil_array_list_get(alternatives, env, 0); + all = (neethi_all_t *)neethi_operator_get_value(component, env); + protection_token_process_alternatives(env, all, protection_token); + + assertion = neethi_assertion_create_with_args(env, + (AXIS2_FREE_VOID_ARG)rp_property_free, protection_token, + ASSERTION_TYPE_PROTECTION_TOKEN); + + neethi_policy_free(normalized_policy, env); + normalized_policy = NULL; + + return assertion; + } + else + return NULL; + } + else + return NULL; +} + +axis2_status_t AXIS2_CALL +protection_token_process_alternatives( + const axutil_env_t *env, + neethi_all_t *all, + rp_property_t *protection_token) +{ + + neethi_operator_t *operator = NULL; + axutil_array_list_t *arraylist = NULL; + neethi_assertion_t *assertion = NULL; + neethi_assertion_type_t type; + void *value = NULL; + + int i = 0; + + arraylist = neethi_all_get_policy_components(all, env); + + for(i = 0; i < axutil_array_list_size(arraylist, env); i++) + { + operator = (neethi_operator_t *)axutil_array_list_get(arraylist, env, i); + assertion = (neethi_assertion_t *)neethi_operator_get_value(operator, env); + value = neethi_assertion_get_value(assertion, env); + type = neethi_assertion_get_type(assertion, env); + + if(value) + { + if(type == ASSERTION_TYPE_X509_TOKEN) + { + rp_x509_token_t *x509_token = NULL; + x509_token = (rp_x509_token_t *)neethi_assertion_get_value(assertion, env); + if(x509_token) + { + rp_property_set_value(protection_token, env, x509_token, RP_PROPERTY_X509_TOKEN); + } + else + return AXIS2_FAILURE; + } + else if(type == ASSERTION_TYPE_ISSUED_TOKEN) + { + rp_issued_token_t *issued_token = NULL; + issued_token = (rp_issued_token_t *)neethi_assertion_get_value(assertion, env); + if(issued_token) + { + rp_property_set_value(protection_token, env, issued_token, + RP_PROPERTY_ISSUED_TOKEN); + } + else + return AXIS2_FAILURE; + } + else if(type == ASSERTION_TYPE_SAML_TOKEN) + { + rp_saml_token_t *saml_token = NULL; + saml_token = (rp_saml_token_t *)neethi_assertion_get_value(assertion, env); + if(saml_token) + { + rp_property_set_value(protection_token, env, saml_token, RP_PROPERTY_SAML_TOKEN); + } + else + return AXIS2_FAILURE; + } + else if(type == ASSERTION_TYPE_SECURITY_CONTEXT_TOKEN) + { + rp_security_context_token_t *security_context_token = NULL; + security_context_token = (rp_security_context_token_t *)neethi_assertion_get_value( + assertion, env); + + if(security_context_token) + { + rp_property_set_value(protection_token, env, security_context_token, + RP_PROPERTY_SECURITY_CONTEXT_TOKEN); + } + else + return AXIS2_FAILURE; + } + else + return AXIS2_FAILURE; + } + else + return AXIS2_FAILURE; + } + return AXIS2_SUCCESS; +} diff --git a/neethi/src/secpolicy/builder/rampart_config_builder.c b/neethi/src/secpolicy/builder/rampart_config_builder.c new file mode 100644 index 0000000..1c569b3 --- /dev/null +++ b/neethi/src/secpolicy/builder/rampart_config_builder.c @@ -0,0 +1,213 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include <rp_rampart_config_builder.h> + +/*private functions*/ + +axis2_status_t AXIS2_CALL +rp_rampart_config_builder_populate( + const axutil_env_t *env, + rp_rampart_config_t *rampart_config, + axiom_node_t *node, + axiom_element_t *element, + axis2_char_t *local_name); + +AXIS2_EXTERN neethi_assertion_t *AXIS2_CALL +rp_rampart_config_builder_build( + const axutil_env_t *env, + axiom_node_t *config, + axiom_element_t *config_ele) +{ + rp_rampart_config_t *rampart_config = NULL; + axis2_status_t status = AXIS2_SUCCESS; + axiom_children_iterator_t *children_iter = NULL; + neethi_assertion_t *assertion = NULL; + + rampart_config = rp_rampart_config_create(env); + if(!rampart_config) + { + return NULL; + } + + children_iter = axiom_element_get_children(config_ele, env, config); + if(children_iter) + { + while(axiom_children_iterator_has_next(children_iter, env)) + { + axiom_node_t *node = NULL; + axiom_element_t *ele = NULL; + axis2_char_t *local_name = NULL; + node = axiom_children_iterator_next(children_iter, env); + if(node) + { + if(axiom_node_get_node_type(node, env) == AXIOM_ELEMENT) + { + ele = (axiom_element_t *)axiom_node_get_data_element(node, env); + if(ele) + { + local_name = axiom_element_get_localname(ele, env); + if(local_name) + { + status = rp_rampart_config_builder_populate(env, rampart_config, node, + ele, local_name); + if(status != AXIS2_SUCCESS) + { + return NULL; + } + } + } + } + } + } + } + assertion = neethi_assertion_create_with_args(env, (AXIS2_FREE_VOID_ARG)rp_rampart_config_free, + rampart_config, ASSERTION_TYPE_RAMPART_CONFIG); + return assertion; +} + +axis2_status_t AXIS2_CALL +rp_rampart_config_builder_populate( + const axutil_env_t *env, + rp_rampart_config_t *rampart_config, + axiom_node_t *node, + axiom_element_t *element, + axis2_char_t *local_name) +{ + axis2_char_t *ns = NULL; + axutil_qname_t *node_qname = NULL; + + node_qname = axiom_element_get_qname(element, env, node); + if(!node_qname) + { + AXIS2_LOG_ERROR(env->log, AXIS2_LOG_SI, "[neethi] Cannot get qname from element %s.", + local_name); + return AXIS2_FAILURE; + } + + ns = axutil_qname_get_uri(node_qname, env); + if(!ns) + { + AXIS2_LOG_ERROR(env->log, AXIS2_LOG_SI, "[neethi] Cannot get namespace from element %s.", + local_name); + return AXIS2_FAILURE; + } + + if(!axutil_strcmp(ns, RP_RAMPART_NS)) + { + if(!axutil_strcmp(local_name, RP_USER)) + { + axis2_char_t *user = NULL; + user = axiom_element_get_text(element, env, node); + return rp_rampart_config_set_user(rampart_config, env, user); + } + else if(!axutil_strcmp(local_name, RP_ENCRYPTION_USER)) + { + axis2_char_t *encryption_user = NULL; + encryption_user = axiom_element_get_text(element, env, node); + return rp_rampart_config_set_encryption_user(rampart_config, env, encryption_user); + } + else if(!axutil_strcmp(local_name, RP_PASSWORD_CALLBACK_CLASS)) + { + axis2_char_t *password_callback_class = NULL; + password_callback_class = axiom_element_get_text(element, env, node); + return rp_rampart_config_set_password_callback_class(rampart_config, env, + password_callback_class); + } + else if(!axutil_strcmp(local_name, RP_AUTHN_MODULE_NAME)) + { + axis2_char_t *authenticate_module = NULL; + authenticate_module = axiom_element_get_text(element, env, node); + return rp_rampart_config_set_authenticate_module(rampart_config, env, + authenticate_module); + } + else if(!axutil_strcmp(local_name, RP_RD_MODULE)) + { + axis2_char_t *replay_detector = NULL; + replay_detector = axiom_element_get_text(element, env, node); + return rp_rampart_config_set_replay_detector(rampart_config, env, replay_detector); + } + else if(!axutil_strcmp(local_name, RP_SCT_MODULE)) + { + axis2_char_t *sct_module = NULL; + sct_module = axiom_element_get_text(element, env, node); + return rp_rampart_config_set_sct_provider(rampart_config, env, sct_module); + } + else if(!axutil_strcmp(local_name, RP_PASSWORD_TYPE)) + { + axis2_char_t *password_type = NULL; + password_type = axiom_element_get_text(element, env, node); + return rp_rampart_config_set_password_type(rampart_config, env, password_type); + } + else if(!axutil_strcmp(local_name, RP_CERTIFICATE)) + { + axis2_char_t *certificate_file = NULL; + certificate_file = axiom_element_get_text(element, env, node); + return rp_rampart_config_set_certificate_file(rampart_config, env, certificate_file); + } + else if(!axutil_strcmp(local_name, RP_RECEIVER_CERTIFICATE)) + { + axis2_char_t *receiver_certificate_file = NULL; + receiver_certificate_file = axiom_element_get_text(element, env, node); + return rp_rampart_config_set_receiver_certificate_file(rampart_config, env, + receiver_certificate_file); + } + else if(!axutil_strcmp(local_name, RP_PRIVATE_KEY)) + { + axis2_char_t *private_key_file = NULL; + private_key_file = axiom_element_get_text(element, env, node); + return rp_rampart_config_set_private_key_file(rampart_config, env, private_key_file); + } + else if(!axutil_strcmp(local_name, RP_PKCS12_KEY_STORE)) + { + axis2_char_t *pkcs12_key_store = NULL; + pkcs12_key_store = axiom_element_get_text(element, env, node); + return rp_rampart_config_set_pkcs12_file(rampart_config, env, pkcs12_key_store); + } + else if(!axutil_strcmp(local_name, RP_TIME_TO_LIVE)) + { + axis2_char_t *time_to_live = NULL; + time_to_live = axiom_element_get_text(element, env, node); + return rp_rampart_config_set_time_to_live(rampart_config, env, time_to_live); + } + else if(!axutil_strcmp(local_name, RP_CLOCK_SKEW_BUFFER)) + { + axis2_char_t *clock_skew_buffer = NULL; + clock_skew_buffer = axiom_element_get_text(element, env, node); + return rp_rampart_config_set_clock_skew_buffer(rampart_config, env, clock_skew_buffer); + } + else if(!axutil_strcmp(local_name, RP_NEED_MILLISECOND_PRECISION)) + { + axis2_char_t *need_ms_precision = NULL; + need_ms_precision = axiom_element_get_text(element, env, node); + return rp_rampart_config_set_need_millisecond_precision(rampart_config, env, + need_ms_precision); + } + else if(!axutil_strcmp(local_name, RP_RD)) + { + axis2_char_t *rd_val = NULL; + rd_val = axiom_element_get_text(element, env, node); + return rp_rampart_config_set_rd_val(rampart_config, env, rd_val); + } + } + + /* either the assertion or the namespace is not identified */ + AXIS2_LOG_ERROR(env->log, AXIS2_LOG_SI, "[neethi] Unknown Assertion %s with namespace %s", + local_name, ns); + return AXIS2_FAILURE; + +} diff --git a/neethi/src/secpolicy/builder/recipient_token_builder.c b/neethi/src/secpolicy/builder/recipient_token_builder.c new file mode 100644 index 0000000..d29537d --- /dev/null +++ b/neethi/src/secpolicy/builder/recipient_token_builder.c @@ -0,0 +1,139 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include <rp_recipient_token_builder.h> +#include <neethi_operator.h> +#include <neethi_policy.h> +#include <neethi_assertion.h> +#include <neethi_exactlyone.h> +#include <neethi_all.h> +#include <neethi_engine.h> + +/*private functions*/ + +axis2_status_t AXIS2_CALL +recipient_token_process_alternatives( + const axutil_env_t *env, + neethi_all_t *all, + rp_property_t *recipient_token); + +/***********************************/ + +AXIS2_EXTERN neethi_assertion_t *AXIS2_CALL +rp_recipient_token_builder_build( + const axutil_env_t *env, + axiom_node_t *node, + axiom_element_t *element) +{ + rp_property_t *recipient_token = NULL; + neethi_policy_t *policy = NULL; + axiom_node_t *child_node = NULL; + axiom_element_t *child_element = NULL; + axutil_array_list_t *alternatives = NULL; + neethi_operator_t *component = NULL; + neethi_all_t *all = NULL; + neethi_assertion_t *assertion = NULL; + neethi_policy_t *normalized_policy = NULL; + + recipient_token = rp_property_create(env); + + child_node = axiom_node_get_first_element(node, env); + + if(!child_node) + { + return NULL; + } + + if(axiom_node_get_node_type(child_node, env) == AXIOM_ELEMENT) + { + child_element = (axiom_element_t *)axiom_node_get_data_element(child_node, env); + if(child_element) + { + policy = neethi_engine_get_policy(env, child_node, child_element); + if(!policy) + { + return NULL; + } + normalized_policy = neethi_engine_get_normalize(env, AXIS2_FALSE, policy); + neethi_policy_free(policy, env); + policy = NULL; + alternatives = neethi_policy_get_alternatives(normalized_policy, env); + component = (neethi_operator_t *)axutil_array_list_get(alternatives, env, 0); + all = (neethi_all_t *)neethi_operator_get_value(component, env); + recipient_token_process_alternatives(env, all, recipient_token); + + assertion = neethi_assertion_create_with_args(env, + (AXIS2_FREE_VOID_ARG)rp_property_free, recipient_token, + ASSERTION_TYPE_RECIPIENT_TOKEN); + + neethi_policy_free(normalized_policy, env); + normalized_policy = NULL; + + return assertion; + } + else + return NULL; + } + else + return NULL; +} + +axis2_status_t AXIS2_CALL +recipient_token_process_alternatives( + const axutil_env_t *env, + neethi_all_t *all, + rp_property_t *recipient_token) +{ + + neethi_operator_t *operator = NULL; + axutil_array_list_t *arraylist = NULL; + neethi_assertion_t *assertion = NULL; + neethi_assertion_type_t type; + void *value = NULL; + + int i = 0; + + arraylist = neethi_all_get_policy_components(all, env); + + for(i = 0; i < axutil_array_list_size(arraylist, env); i++) + { + operator = (neethi_operator_t *)axutil_array_list_get(arraylist, env, i); + assertion = (neethi_assertion_t *)neethi_operator_get_value(operator, env); + value = neethi_assertion_get_value(assertion, env); + type = neethi_assertion_get_type(assertion, env); + + if(value) + { + if(type == ASSERTION_TYPE_X509_TOKEN) + { + rp_x509_token_t *x509_token = NULL; + x509_token = (rp_x509_token_t *)neethi_assertion_get_value(assertion, env); + if(x509_token) + { + rp_property_set_value(recipient_token, env, x509_token, RP_PROPERTY_X509_TOKEN); + } + else + return AXIS2_FAILURE; + } + else + return AXIS2_FAILURE; + } + else + return AXIS2_FAILURE; + } + return AXIS2_SUCCESS; +} diff --git a/neethi/src/secpolicy/builder/saml_token_builder.c b/neethi/src/secpolicy/builder/saml_token_builder.c new file mode 100644 index 0000000..6550d80 --- /dev/null +++ b/neethi/src/secpolicy/builder/saml_token_builder.c @@ -0,0 +1,155 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include <rp_saml_token_builder.h> + +axis2_status_t AXIS2_CALL +saml_token_process_alternatives( + const axutil_env_t *env, + neethi_all_t *all, + rp_saml_token_t *saml_token); + +AXIS2_EXTERN neethi_assertion_t *AXIS2_CALL +rp_saml_token_builder_build( + const axutil_env_t *env, + axiom_node_t *node, + axiom_element_t *element) +{ + rp_saml_token_t *saml_token = NULL; + axis2_char_t *inclusion_value = NULL; + neethi_policy_t *policy = NULL; + axiom_node_t *child_node = NULL; + axiom_element_t *child_element = NULL; + axutil_array_list_t *alternatives = NULL; + neethi_operator_t *component = NULL; + neethi_all_t *all = NULL; + axutil_qname_t *qname = NULL; + neethi_assertion_t *assertion = NULL; + neethi_policy_t *normalized_policy = NULL; + + saml_token = rp_saml_token_create(env); + qname = axutil_qname_create(env, RP_INCLUDE_TOKEN, RP_SP_NS_11, RP_SP_PREFIX); + inclusion_value = axiom_element_get_attribute_value(element, env, qname); + axutil_qname_free(qname, env); + qname = NULL; + + if(!inclusion_value) + { + /* we can try whether WS-SP1.2 specific inclusion value */ + qname = axutil_qname_create(env, RP_INCLUDE_TOKEN, RP_SP_NS_12, RP_SP_PREFIX); + inclusion_value = axiom_element_get_attribute_value(element, env, qname); + axutil_qname_free(qname, env); + qname = NULL; + } + + rp_saml_token_set_inclusion(saml_token, env, inclusion_value); + + child_node = axiom_node_get_first_element(node, env); + if(!child_node) + { + assertion = neethi_assertion_create(env); + neethi_assertion_set_value(assertion, env, saml_token, ASSERTION_TYPE_SAML_TOKEN); + return assertion; + } + if(axiom_node_get_node_type(child_node, env) == AXIOM_ELEMENT) + { + child_element = (axiom_element_t *)axiom_node_get_data_element(child_node, env); + if(child_element) + { + policy = neethi_engine_get_policy(env, child_node, child_element); + if(!policy) + { + return NULL; + } + normalized_policy = neethi_engine_get_normalize(env, AXIS2_FALSE, policy); + neethi_policy_free(policy, env); + policy = NULL; + alternatives = neethi_policy_get_alternatives(normalized_policy, env); + component = (neethi_operator_t *)axutil_array_list_get(alternatives, env, 0); + all = (neethi_all_t *)neethi_operator_get_value(component, env); + saml_token_process_alternatives(env, all, saml_token); + + assertion = neethi_assertion_create_with_args(env, + (AXIS2_FREE_VOID_ARG)rp_saml_token_free, saml_token, ASSERTION_TYPE_SAML_TOKEN); + + neethi_policy_free(normalized_policy, env); + normalized_policy = NULL; + + return assertion; + } + else + return NULL; + } + else + return NULL; +} + +axis2_status_t AXIS2_CALL +saml_token_process_alternatives( + const axutil_env_t *env, + neethi_all_t *all, + rp_saml_token_t *saml_token) +{ + neethi_operator_t *operator = NULL; + axutil_array_list_t *arraylist = NULL; + neethi_assertion_t *assertion = NULL; + neethi_assertion_type_t type; + + int i = 0; + + arraylist = neethi_all_get_policy_components(all, env); + + for(i = 0; i < axutil_array_list_size(arraylist, env); i++) + { + operator = (neethi_operator_t *)axutil_array_list_get(arraylist, env, i); + assertion = (neethi_assertion_t *)neethi_operator_get_value(operator, env); + type = neethi_assertion_get_type(assertion, env); + + if(type == ASSERTION_TYPE_REQUIRE_DERIVED_KEYS_SC10) + { + rp_saml_token_set_derivedkeys(saml_token, env, AXIS2_TRUE); + } + else if(type == ASSERTION_TYPE_REQUIRE_KEY_IDENTIFIRE_REFERENCE) + { + rp_saml_token_set_require_key_identifier_reference(saml_token, env, AXIS2_TRUE); + } + else if(type == ASSERTION_TYPE_WSS_SAML_V10_TOKEN_V10) + { + rp_saml_token_set_token_version_and_type(saml_token, env, RP_WSS_SAML_V10_TOKEN_V10); + } + else if(type == ASSERTION_TYPE_WSS_SAML_V10_TOKEN_V11) + { + rp_saml_token_set_token_version_and_type(saml_token, env, RP_WSS_SAML_V10_TOKEN_V11); + } + else if(type == ASSERTION_TYPE_WSS_SAML_V11_TOKEN_V10) + { + rp_saml_token_set_token_version_and_type(saml_token, env, RP_WSS_SAML_V11_TOKEN_V10); + } + else if(type == ASSERTION_TYPE_WSS_SAML_V11_TOKEN_V11) + { + rp_saml_token_set_token_version_and_type(saml_token, env, RP_WSS_SAML_V11_TOKEN_V11); + } + else if(type == ASSERTION_TYPE_WSS_SAML_V20_TOKEN_V11) + { + rp_saml_token_set_token_version_and_type(saml_token, env, RP_WSS_SAML_V20_TOKEN_V11); + } + else + return AXIS2_FAILURE; + } + return AXIS2_SUCCESS; +} + diff --git a/neethi/src/secpolicy/builder/secpolicy_builder.c b/neethi/src/secpolicy/builder/secpolicy_builder.c new file mode 100644 index 0000000..8548403 --- /dev/null +++ b/neethi/src/secpolicy/builder/secpolicy_builder.c @@ -0,0 +1,241 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include <rp_secpolicy_builder.h> +#include <neethi_operator.h> +#include <neethi_exactlyone.h> +#include <neethi_all.h> +#include <neethi_engine.h> +#include <neethi_assertion.h> + +/*private functions*/ + +axis2_status_t AXIS2_CALL +secpolicy_process_alternatives( + const axutil_env_t *env, + neethi_all_t *all, + rp_secpolicy_t *secpolicy); + +/***********************************/ + +AXIS2_EXTERN rp_secpolicy_t *AXIS2_CALL +rp_secpolicy_builder_build( + const axutil_env_t *env, + neethi_policy_t *policy) +{ + axutil_array_list_t *alternatives = NULL; + neethi_operator_t *component = NULL; + neethi_all_t *all = NULL; + rp_secpolicy_t *secpolicy = NULL; + + secpolicy = rp_secpolicy_create(env); + + alternatives = neethi_policy_get_alternatives(policy, env); + + component = (neethi_operator_t *)axutil_array_list_get(alternatives, env, 0); + all = (neethi_all_t *)neethi_operator_get_value(component, env); + + if(secpolicy_process_alternatives(env, all, secpolicy) == AXIS2_FAILURE) + { + return NULL; + } + return secpolicy; +} + +axis2_status_t AXIS2_CALL +secpolicy_process_alternatives( + const axutil_env_t *env, + neethi_all_t *all, + rp_secpolicy_t *secpolicy) +{ + + neethi_operator_t *operator = NULL; + axutil_array_list_t *arraylist = NULL; + neethi_assertion_t *assertion = NULL; + neethi_assertion_type_t type; + void *value = NULL; + + int i = 0; + + arraylist = neethi_all_get_policy_components(all, env); + + for(i = 0; i < axutil_array_list_size(arraylist, env); i++) + { + operator = (neethi_operator_t *)axutil_array_list_get(arraylist, env, i); + assertion = (neethi_assertion_t *)neethi_operator_get_value(operator, env); + value = neethi_assertion_get_value(assertion, env); + type = neethi_assertion_get_type(assertion, env); + + if(value) + { + if(type == ASSERTION_TYPE_TRANSPORT_BINDING) + { + rp_property_t *binding = NULL; + rp_transport_binding_t *transport_binding = NULL; + + transport_binding = (rp_transport_binding_t *)neethi_assertion_get_value(assertion, + env); + if(!transport_binding) + { + return AXIS2_FAILURE; + } + binding = rp_property_create(env); + rp_property_set_value(binding, env, transport_binding, + RP_PROPERTY_TRANSPORT_BINDING); + rp_secpolicy_set_binding(secpolicy, env, binding); + } + else if(type == ASSERTION_TYPE_ASSYMMETRIC_BINDING) + { + rp_property_t *binding = NULL; + rp_asymmetric_binding_t *asymmetric_binding = NULL; + + asymmetric_binding = (rp_asymmetric_binding_t *)neethi_assertion_get_value( + assertion, env); + if(!asymmetric_binding) + { + return AXIS2_FAILURE; + } + binding = rp_property_create(env); + rp_property_set_value(binding, env, asymmetric_binding, + RP_PROPERTY_ASYMMETRIC_BINDING); + rp_secpolicy_set_binding(secpolicy, env, binding); + } + else if(type == ASSERTION_TYPE_SYMMETRIC_BINDING) + { + rp_property_t *binding = NULL; + rp_symmetric_binding_t *symmetric_binding = NULL; + + symmetric_binding = (rp_symmetric_binding_t *)neethi_assertion_get_value(assertion, + env); + if(!symmetric_binding) + { + return AXIS2_FAILURE; + } + binding = rp_property_create(env); + rp_property_set_value(binding, env, symmetric_binding, + RP_PROPERTY_SYMMETRIC_BINDING); + rp_secpolicy_set_binding(secpolicy, env, binding); + } + else if(type == ASSERTION_TYPE_SUPPORTING_TOKENS) + { + rp_supporting_tokens_t *supporting_tokens = NULL; + supporting_tokens = (rp_supporting_tokens_t *)neethi_assertion_get_value(assertion, + env); + if(supporting_tokens) + { + rp_property_type_t type; + type = rp_supporting_tokens_get_type(supporting_tokens, env); + if(type == RP_PROPERTY_SIGNED_SUPPORTING_TOKEN) + { + rp_secpolicy_set_signed_supporting_tokens(secpolicy, env, supporting_tokens); + } + else if(type == RP_PROPERTY_SIGNED_ENDORSING_SUPPORTING_TOKEN) + { + rp_secpolicy_set_signed_endorsing_supporting_tokens(secpolicy, env, + supporting_tokens); + } + else if(type == RP_PROPERTY_SUPPORTING_SUPPORTING_TOKEN) + { + rp_secpolicy_set_supporting_tokens(secpolicy, env, supporting_tokens); + } + else if(type == RP_PROPERTY_ENDORSING_SUPPORTING_TOKEN) + { + rp_secpolicy_set_endorsing_supporting_tokens(secpolicy, env, + supporting_tokens); + } + else + return AXIS2_FAILURE; + } + else + return AXIS2_FAILURE; + } + else if(type == ASSERTION_TYPE_WSS10) + { + rp_wss10_t *wss10 = NULL; + rp_property_t *wss = NULL; + wss10 = (rp_wss10_t *)neethi_assertion_get_value(assertion, env); + if(!wss10) + { + return AXIS2_FAILURE; + } + wss = rp_property_create(env); + rp_property_set_value(wss, env, wss10, RP_PROPERTY_WSS10); + rp_secpolicy_set_wss(secpolicy, env, wss); + } + else if(type == ASSERTION_TYPE_WSS11) + { + rp_wss11_t *wss11 = NULL; + rp_property_t *wss = NULL; + wss11 = (rp_wss11_t *)neethi_assertion_get_value(assertion, env); + if(!wss11) + { + return AXIS2_FAILURE; + } + wss = rp_property_create(env); + rp_property_set_value(wss, env, wss11, RP_PROPERTY_WSS11); + rp_secpolicy_set_wss(secpolicy, env, wss); + } + else if(type == ASSERTION_TYPE_TRUST10) + { + rp_trust10_t *trust10 = NULL; + trust10 = (rp_trust10_t *)neethi_assertion_get_value(assertion, env); + if(!trust10) + { + return AXIS2_FAILURE; + } + rp_secpolicy_set_trust10(secpolicy, env, trust10); + } + else if(type == ASSERTION_TYPE_SIGNED_ENCRYPTED_PARTS) + { + rp_signed_encrypted_parts_t *signed_encrypted_parts = NULL; + signed_encrypted_parts = (rp_signed_encrypted_parts_t *)neethi_assertion_get_value( + assertion, env); + if(signed_encrypted_parts) + { + if(rp_signed_encrypted_parts_get_signedparts(signed_encrypted_parts, env)) + { + rp_secpolicy_set_signed_parts(secpolicy, env, signed_encrypted_parts); + } + else + { + rp_secpolicy_set_encrypted_parts(secpolicy, env, signed_encrypted_parts); + } + } + else + return AXIS2_FAILURE; + + } + else if(type == ASSERTION_TYPE_RAMPART_CONFIG) + { + rp_rampart_config_t *rampart_config = NULL; + rampart_config = (rp_rampart_config_t *)neethi_assertion_get_value(assertion, env); + if(!rampart_config) + { + return AXIS2_FAILURE; + } + rp_secpolicy_set_rampart_config(secpolicy, env, rampart_config); + } + else + { + continue; + } + } + else + return AXIS2_FAILURE; + } + return AXIS2_SUCCESS; +} diff --git a/neethi/src/secpolicy/builder/security_context_token_builder.c b/neethi/src/secpolicy/builder/security_context_token_builder.c new file mode 100644 index 0000000..b4ad8e8 --- /dev/null +++ b/neethi/src/secpolicy/builder/security_context_token_builder.c @@ -0,0 +1,231 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include <rp_security_context_token_builder.h> +#include <neethi_operator.h> +#include <neethi_policy.h> +#include <neethi_exactlyone.h> +#include <neethi_all.h> +#include <neethi_engine.h> + +/*private functions*/ + +axis2_status_t AXIS2_CALL +security_context_token_process_alternatives( + const axutil_env_t *env, + neethi_all_t *all, + rp_security_context_token_t * security_context_token); + +/***********************************/ + +AXIS2_EXTERN neethi_assertion_t *AXIS2_CALL +rp_security_context_token_builder_build( + const axutil_env_t *env, + axiom_node_t *node, + axiom_element_t *element, + axis2_char_t *sp_ns_uri, + axis2_bool_t is_secure_conversation_token) +{ + rp_security_context_token_t *security_context_token = NULL; + neethi_policy_t *policy = NULL; + axiom_node_t *child_node = NULL; + axiom_element_t *child_element = NULL; + axiom_children_iterator_t *children_iter = NULL; + axutil_array_list_t *alternatives = NULL; + neethi_operator_t *component = NULL; + neethi_all_t *all = NULL; + axis2_char_t *inclusion_value = NULL; + axutil_qname_t *qname = NULL; + neethi_assertion_t *assertion = NULL; + neethi_policy_t *normalized_policy = NULL; + + security_context_token = rp_security_context_token_create(env); + qname = axutil_qname_create(env, RP_INCLUDE_TOKEN, sp_ns_uri, RP_SP_PREFIX); + inclusion_value = axiom_element_get_attribute_value(element, env, qname); + axutil_qname_free(qname, env); + qname = NULL; + + rp_security_context_token_set_inclusion(security_context_token, env, inclusion_value); + rp_security_context_token_set_is_secure_conversation_token(security_context_token, env, + is_secure_conversation_token); + + if(!axutil_strcmp(sp_ns_uri, RP_SP_NS_11)) + { + rp_security_context_token_set_sc10_security_context_token(security_context_token, env, + AXIS2_TRUE); + } + else + { + rp_security_context_token_set_sc10_security_context_token(security_context_token, env, + AXIS2_FALSE); + } + + child_node = axiom_node_get_first_element(node, env); + if(!child_node) + { + return NULL; + } + + children_iter = axiom_element_get_children(element, env, node); + if(children_iter) + { + while(axiom_children_iterator_has_next(children_iter, env)) + { + child_node = axiom_children_iterator_next(children_iter, env); + if(child_node) + { + if(axiom_node_get_node_type(child_node, env) == AXIOM_ELEMENT) + { + child_element = (axiom_element_t *)axiom_node_get_data_element(child_node, env); + if(child_element) + { + axis2_char_t *localname = NULL; + localname = axiom_element_get_localname(child_element, env); + if(axutil_strcmp(localname, RP_ISSUER) == 0) + { + axis2_char_t *ns = NULL; + axutil_qname_t *node_qname = NULL; + + node_qname = axiom_element_get_qname(child_element, env, child_node); + if(!node_qname) + { + AXIS2_LOG_ERROR(env->log, AXIS2_LOG_SI, + "[neethi] Cannot get qname from element %s.", localname); + return NULL; + } + + ns = axutil_qname_get_uri(node_qname, env); + if(!ns) + { + AXIS2_LOG_ERROR(env->log, AXIS2_LOG_SI, + "[neethi] Cannot get namespace from element %s.", localname); + return NULL; + } + if(!(axutil_strcmp(ns, RP_SP_NS_11) && axutil_strcmp(ns, RP_SP_NS_12))) + { + axis2_char_t *issuer = NULL; + issuer = axiom_element_get_text(child_element, env, child_node); + rp_security_context_token_set_issuer(security_context_token, env, + issuer); + } + else + { + AXIS2_LOG_ERROR(env->log, AXIS2_LOG_SI, + "[neethi] Unknown Assertion %s with namespace %s", localname, + ns); + return NULL; + } + } + else + { + policy = neethi_engine_get_policy(env, child_node, child_element); + if(!policy) + { + return NULL; + } + normalized_policy = neethi_engine_get_normalize(env, AXIS2_FALSE, + policy); + neethi_policy_free(policy, env); + policy = NULL; + alternatives = neethi_policy_get_alternatives(normalized_policy, env); + component = (neethi_operator_t *)axutil_array_list_get(alternatives, + env, 0); + all = (neethi_all_t *)neethi_operator_get_value(component, env); + security_context_token_process_alternatives(env, all, + security_context_token); + + assertion = neethi_assertion_create_with_args(env, + (AXIS2_FREE_VOID_ARG)rp_security_context_token_free, + security_context_token, ASSERTION_TYPE_SECURITY_CONTEXT_TOKEN); + + neethi_policy_free(normalized_policy, env); + normalized_policy = NULL; + } + } + } + } + } + } + return assertion; +} + +axis2_status_t AXIS2_CALL +security_context_token_process_alternatives( + const axutil_env_t *env, + neethi_all_t *all, + rp_security_context_token_t * security_context_token) +{ + neethi_operator_t *operator = NULL; + axutil_array_list_t *arraylist = NULL; + neethi_assertion_t *assertion = NULL; + neethi_assertion_type_t type; + + int i = 0; + + arraylist = neethi_all_get_policy_components(all, env); + + for(i = 0; i < axutil_array_list_size(arraylist, env); i++) + { + operator = (neethi_operator_t *)axutil_array_list_get(arraylist, env, i); + assertion = (neethi_assertion_t *)neethi_operator_get_value(operator, env); + type = neethi_assertion_get_type(assertion, env); + + if(type == ASSERTION_TYPE_REQUIRE_DERIVED_KEYS_SC10) + { + rp_security_context_token_set_derivedkey(security_context_token, env, DERIVEKEY_NEEDED); + rp_security_context_token_set_derivedkey_version(security_context_token, env, + DERIVEKEY_VERSION_SC10); + } + else if(type == ASSERTION_TYPE_REQUIRE_DERIVED_KEYS_SC13) + { + rp_security_context_token_set_derivedkey(security_context_token, env, DERIVEKEY_NEEDED); + rp_security_context_token_set_derivedkey_version(security_context_token, env, + DERIVEKEY_VERSION_SC13); + } + else if(type == ASSERTION_TYPE_REQUIRE_EXTERNAL_URI) + { + rp_security_context_token_set_require_external_uri_ref(security_context_token, env, + AXIS2_TRUE); + } + else if(type == ASSERTION_TYPE_SC10_SECURITY_CONTEXT_TOKEN) + { + rp_security_context_token_set_sc10_security_context_token(security_context_token, env, + AXIS2_TRUE); + } + else if(type == ASSERTION_TYPE_SC13_SECURITY_CONTEXT_TOKEN) + { + rp_security_context_token_set_sc10_security_context_token(security_context_token, env, + AXIS2_FALSE); + } + else if(type == ASSERTION_TYPE_ISSUER) + { + axis2_char_t *issuer = NULL; + issuer = (axis2_char_t *)neethi_assertion_get_value(assertion, env); + rp_security_context_token_set_issuer(security_context_token, env, issuer); + } + else if(type == ASSERTION_TYPE_BOOTSTRAP_POLICY) + { + neethi_policy_t *bootstrap_policy = NULL; + bootstrap_policy = (neethi_policy_t *)neethi_assertion_get_value(assertion, env); + rp_security_context_token_set_bootstrap_policy(security_context_token, env, + bootstrap_policy); + } + else + return AXIS2_FAILURE; + } + return AXIS2_SUCCESS; +} diff --git a/neethi/src/secpolicy/builder/signature_token_builder.c b/neethi/src/secpolicy/builder/signature_token_builder.c new file mode 100644 index 0000000..0c1c0c7 --- /dev/null +++ b/neethi/src/secpolicy/builder/signature_token_builder.c @@ -0,0 +1,175 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include <rp_signature_token_builder.h> +#include <neethi_operator.h> +#include <neethi_policy.h> +#include <neethi_assertion.h> +#include <neethi_exactlyone.h> +#include <neethi_all.h> +#include <neethi_engine.h> + +/*private functions*/ + +axis2_status_t AXIS2_CALL +signature_token_process_alternatives( + const axutil_env_t *env, + neethi_all_t *all, + rp_property_t *signature_token); + +/***********************************/ + +AXIS2_EXTERN neethi_assertion_t *AXIS2_CALL +rp_signature_token_builder_build( + const axutil_env_t *env, + axiom_node_t *node, + axiom_element_t *element) +{ + rp_property_t *signature_token = NULL; + neethi_policy_t *policy = NULL; + axiom_node_t *child_node = NULL; + axiom_element_t *child_element = NULL; + axutil_array_list_t *alternatives = NULL; + neethi_operator_t *component = NULL; + neethi_all_t *all = NULL; + neethi_assertion_t *assertion = NULL; + neethi_policy_t *normalized_policy = NULL; + + signature_token = rp_property_create(env); + + child_node = axiom_node_get_first_element(node, env); + if(!child_node) + { + return NULL; + } + + if(axiom_node_get_node_type(child_node, env) == AXIOM_ELEMENT) + { + child_element = (axiom_element_t *)axiom_node_get_data_element(child_node, env); + if(child_element) + { + policy = neethi_engine_get_policy(env, child_node, child_element); + if(!policy) + { + return NULL; + } + normalized_policy = neethi_engine_get_normalize(env, AXIS2_FALSE, policy); + neethi_policy_free(policy, env); + policy = NULL; + alternatives = neethi_policy_get_alternatives(normalized_policy, env); + component = (neethi_operator_t *)axutil_array_list_get(alternatives, env, 0); + all = (neethi_all_t *)neethi_operator_get_value(component, env); + signature_token_process_alternatives(env, all, signature_token); + + assertion = neethi_assertion_create_with_args(env, + (AXIS2_FREE_VOID_ARG)rp_property_free, signature_token, + ASSERTION_TYPE_SIGNATURE_TOKEN); + + neethi_policy_free(normalized_policy, env); + normalized_policy = NULL; + + return assertion; + } + else + return NULL; + } + else + return NULL; +} + +axis2_status_t AXIS2_CALL +signature_token_process_alternatives( + const axutil_env_t *env, + neethi_all_t *all, + rp_property_t *signature_token) +{ + + neethi_operator_t *operator = NULL; + axutil_array_list_t *arraylist = NULL; + neethi_assertion_t *assertion = NULL; + neethi_assertion_type_t type; + void *value = NULL; + + int i = 0; + + arraylist = neethi_all_get_policy_components(all, env); + + for(i = 0; i < axutil_array_list_size(arraylist, env); i++) + { + operator = (neethi_operator_t *)axutil_array_list_get(arraylist, env, i); + assertion = (neethi_assertion_t *)neethi_operator_get_value(operator, env); + value = neethi_assertion_get_value(assertion, env); + type = neethi_assertion_get_type(assertion, env); + + if(value) + { + if(type == ASSERTION_TYPE_X509_TOKEN) + { + rp_x509_token_t *x509_token = NULL; + x509_token = (rp_x509_token_t *)neethi_assertion_get_value(assertion, env); + if(x509_token) + { + rp_property_set_value(signature_token, env, x509_token, RP_PROPERTY_X509_TOKEN); + } + else + return AXIS2_FAILURE; + } + else if(type == ASSERTION_TYPE_ISSUED_TOKEN) + { + rp_issued_token_t *issued_token = NULL; + issued_token = (rp_issued_token_t *)neethi_assertion_get_value(assertion, env); + if(issued_token) + { + rp_property_set_value(signature_token, env, issued_token, + RP_PROPERTY_ISSUED_TOKEN); + } + else + return AXIS2_FAILURE; + } + else if(type == ASSERTION_TYPE_SAML_TOKEN) + { + rp_saml_token_t *saml_token = NULL; + saml_token = (rp_saml_token_t *)neethi_assertion_get_value(assertion, env); + if(saml_token) + { + rp_property_set_value(signature_token, env, saml_token, RP_PROPERTY_SAML_TOKEN); + } + else + return AXIS2_FAILURE; + } + else if(type == ASSERTION_TYPE_SECURITY_CONTEXT_TOKEN) + { + rp_security_context_token_t *security_context_token = NULL; + security_context_token = (rp_security_context_token_t *)neethi_assertion_get_value( + assertion, env); + + if(security_context_token) + { + rp_property_set_value(signature_token, env, security_context_token, + RP_PROPERTY_SECURITY_CONTEXT_TOKEN); + } + else + return AXIS2_FAILURE; + } + else + return AXIS2_FAILURE; + } + else + return AXIS2_FAILURE; + } + return AXIS2_SUCCESS; +} diff --git a/neethi/src/secpolicy/builder/signed_encrypted_parts_builder.c b/neethi/src/secpolicy/builder/signed_encrypted_parts_builder.c new file mode 100644 index 0000000..be5008e --- /dev/null +++ b/neethi/src/secpolicy/builder/signed_encrypted_parts_builder.c @@ -0,0 +1,209 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include <rp_signed_encrypted_parts_builder.h> +#include <neethi_operator.h> +#include <neethi_policy.h> +#include <neethi_exactlyone.h> +#include <neethi_all.h> +#include <neethi_engine.h> + +static rp_header_t *AXIS2_CALL +rp_signed_encrypted_parts_builder_build_header( + axiom_element_t *element, + const axutil_env_t *env); + +static axis2_status_t AXIS2_CALL +rp_signed_encrypted_parts_builder_set_properties( + axiom_node_t *node, + axiom_element_t *element, + axis2_char_t *local_name, + rp_signed_encrypted_parts_t *signed_encrypted_parts, + const axutil_env_t *env); + +/** + * Builts EncryptedParts or SignedParts assertion + * @param env Pointer to environment struct + * @param node Assertion node + * @param element Assertion element + * @param is_signed boolean showing whether signing or encryption + * @returns neethi assertion created. NULL if failure. + */ +AXIS2_EXTERN neethi_assertion_t *AXIS2_CALL +rp_signed_encrypted_parts_builder_build( + const axutil_env_t *env, + axiom_node_t *parts, + axiom_element_t *parts_ele, + axis2_bool_t is_signed) +{ + rp_signed_encrypted_parts_t *signed_encrypted_parts = NULL; + axiom_children_iterator_t *children_iter = NULL; + neethi_assertion_t *assertion = NULL; + axis2_status_t status = AXIS2_SUCCESS; + + signed_encrypted_parts = rp_signed_encrypted_parts_create(env); + if(!signed_encrypted_parts) + { + AXIS2_LOG_ERROR(env->log, AXIS2_LOG_SI, "[neethi] Cannot create signed_encrypted_parts."); + return NULL; + } + + rp_signed_encrypted_parts_set_signedparts(signed_encrypted_parts, env, is_signed); + + children_iter = axiom_element_get_children(parts_ele, env, parts); + if(children_iter) + { + while(axiom_children_iterator_has_next(children_iter, env)) + { + axiom_node_t *node = NULL; + axiom_element_t *ele = NULL; + axis2_char_t *local_name = NULL; + node = axiom_children_iterator_next(children_iter, env); + if(node) + { + if(axiom_node_get_node_type(node, env) == AXIOM_ELEMENT) + { + ele = (axiom_element_t *)axiom_node_get_data_element(node, env); + if(ele) + { + local_name = axiom_element_get_localname(ele, env); + if(local_name) + { + status = rp_signed_encrypted_parts_builder_set_properties(node, ele, + local_name, signed_encrypted_parts, env); + if(status != AXIS2_SUCCESS) + { + rp_signed_encrypted_parts_free(signed_encrypted_parts, env); + signed_encrypted_parts = NULL; + AXIS2_LOG_ERROR(env->log, AXIS2_LOG_SI, + "[neethi] Cannot create signed_encrypted_parts. " + "Error in processing child element %s", local_name); + return NULL; + } + } + } + } + } + } + } + assertion = neethi_assertion_create_with_args(env, + (AXIS2_FREE_VOID_ARG)rp_signed_encrypted_parts_free, signed_encrypted_parts, + ASSERTION_TYPE_SIGNED_ENCRYPTED_PARTS); + return assertion; +} + +static axis2_status_t AXIS2_CALL +rp_signed_encrypted_parts_builder_set_properties( + axiom_node_t *node, + axiom_element_t *element, + axis2_char_t *local_name, + rp_signed_encrypted_parts_t * signed_encrypted_parts, + const axutil_env_t *env) +{ + axis2_char_t *ns = NULL; + axutil_qname_t *node_qname = NULL; + + node_qname = axiom_element_get_qname(element, env, node); + if(!node_qname) + { + AXIS2_LOG_ERROR(env->log, AXIS2_LOG_SI, "[neethi] Cannot get qname from element %s.", + local_name); + return AXIS2_FAILURE; + } + + ns = axutil_qname_get_uri(node_qname, env); + if(!ns) + { + AXIS2_LOG_ERROR(env->log, AXIS2_LOG_SI, "[neethi] Cannot get namespace from element %s.", + local_name); + return AXIS2_FAILURE; + } + + /* process assertions common for WS-SecPolicy 1.1 and 1.2 */ + if(!(axutil_strcmp(ns, RP_SP_NS_11) && axutil_strcmp(ns, RP_SP_NS_12))) + { + /* this assertion is in WS-SecurityPolicy namespace */ + if(!strcmp(local_name, RP_BODY)) + { + rp_signed_encrypted_parts_set_body(signed_encrypted_parts, env, AXIS2_TRUE); + return AXIS2_SUCCESS; + } + else if(!strcmp(local_name, RP_HEADER)) + { + rp_header_t *header = NULL; + header = rp_signed_encrypted_parts_builder_build_header(element, env); + if(!header) + { + AXIS2_LOG_ERROR(env->log, AXIS2_LOG_SI, + "[neethi] Failed to process Header Assertion."); + return AXIS2_FAILURE; + } + + return rp_signed_encrypted_parts_add_header(signed_encrypted_parts, env, header); + } + } + + /* process assertions specific to WS-SecPolicy 1.2 */ + if(!axutil_strcmp(ns, RP_SP_NS_12)) + { + if(!strcmp(local_name, RP_ATTACHMENTS)) + { + rp_signed_encrypted_parts_set_attachments(signed_encrypted_parts, env, AXIS2_TRUE); + return AXIS2_SUCCESS; + } + } + + /* either namespace or assertion is not understood */ + AXIS2_LOG_ERROR(env->log, AXIS2_LOG_SI, "[neethi] Unknown Assertion %s with namespace %s", + local_name, ns); + return AXIS2_FAILURE; +} + +static rp_header_t *AXIS2_CALL +rp_signed_encrypted_parts_builder_build_header( + axiom_element_t *element, + const axutil_env_t *env) +{ + rp_header_t *header = NULL; + axis2_char_t *name = NULL; + axis2_char_t *nspace = NULL; + + name = axiom_element_get_attribute_value_by_name(element, env, RP_NAME); + nspace = axiom_element_get_attribute_value_by_name(element, env, RP_NAMESPACE); + if(!nspace) + { + AXIS2_LOG_ERROR(env->log, AXIS2_LOG_SI, + "[neethi] Header assertion should have namespace associated with it."); + return NULL; + } + + header = rp_header_create(env); + if(!header) + { + AXIS2_LOG_ERROR(env->log, AXIS2_LOG_SI, + "[neethi] Cannot create rp_header structure. Insufficient memory."); + return NULL; + } + + if(name) + { + rp_header_set_name(header, env, name); + } + + rp_header_set_namespace(header, env, nspace); + return header; +} diff --git a/neethi/src/secpolicy/builder/supporting_tokens_builder.c b/neethi/src/secpolicy/builder/supporting_tokens_builder.c new file mode 100644 index 0000000..7482144 --- /dev/null +++ b/neethi/src/secpolicy/builder/supporting_tokens_builder.c @@ -0,0 +1,203 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include <rp_supporting_tokens_builder.h> +#include <neethi_operator.h> +#include <neethi_policy.h> +#include <neethi_exactlyone.h> +#include <neethi_all.h> +#include <neethi_engine.h> + +/*private functions*/ + +axis2_status_t AXIS2_CALL +supporting_tokens_process_alternatives( + const axutil_env_t *env, + neethi_all_t *all, + rp_supporting_tokens_t *supporting_tokens); + +axis2_bool_t AXIS2_CALL +is_token_assertion( + const axutil_env_t *env, + neethi_assertion_type_t type); + +/***********************************/ + +AXIS2_EXTERN neethi_assertion_t *AXIS2_CALL +rp_supporting_tokens_builder_build( + const axutil_env_t *env, + axiom_node_t *node, + axiom_element_t *element) +{ + rp_supporting_tokens_t *supporting_tokens = NULL; + neethi_policy_t *policy = NULL; + axiom_node_t *child_node = NULL; + axiom_element_t *child_element = NULL; + axutil_array_list_t *alternatives = NULL; + neethi_operator_t *component = NULL; + neethi_all_t *all = NULL; + neethi_assertion_t *assertion = NULL; + axis2_char_t *local_name = NULL; + neethi_policy_t *normalized_policy = NULL; + + supporting_tokens = rp_supporting_tokens_create(env); + local_name = axiom_element_get_localname(element, env); + + if(local_name) + { + if(axutil_strcmp(local_name, RP_SIGNED_SUPPORTING_TOKENS) == 0) + { + rp_supporting_tokens_set_type(supporting_tokens, env, + RP_PROPERTY_SIGNED_SUPPORTING_TOKEN); + } + else if(axutil_strcmp(local_name, RP_SIGNED_ENDORSING_SUPPORTING_TOKENS) == 0) + { + rp_supporting_tokens_set_type(supporting_tokens, env, + RP_PROPERTY_SIGNED_ENDORSING_SUPPORTING_TOKEN); + } + else if(axutil_strcmp(local_name, RP_SUPPORTING_TOKENS) == 0) + { + rp_supporting_tokens_set_type(supporting_tokens, env, + RP_PROPERTY_SUPPORTING_SUPPORTING_TOKEN); + } + else if(axutil_strcmp(local_name, RP_ENDORSING_SUPPORTING_TOKENS) == 0) + { + rp_supporting_tokens_set_type(supporting_tokens, env, + RP_PROPERTY_ENDORSING_SUPPORTING_TOKEN); + } + else + return NULL; + } + else + return NULL; + + child_node = axiom_node_get_first_element(node, env); + if(!child_node) + { + return NULL; + } + + if(axiom_node_get_node_type(child_node, env) == AXIOM_ELEMENT) + { + child_element = (axiom_element_t *)axiom_node_get_data_element(child_node, env); + if(child_element) + { + policy = neethi_engine_get_policy(env, child_node, child_element); + if(!policy) + { + return NULL; + } + normalized_policy = neethi_engine_get_normalize(env, AXIS2_FALSE, policy); + alternatives = neethi_policy_get_alternatives(normalized_policy, env); + neethi_policy_free(policy, env); + policy = NULL; + component = (neethi_operator_t *)axutil_array_list_get(alternatives, env, 0); + all = (neethi_all_t *)neethi_operator_get_value(component, env); + supporting_tokens_process_alternatives(env, all, supporting_tokens); + + assertion = neethi_assertion_create_with_args(env, + (AXIS2_FREE_VOID_ARG)rp_supporting_tokens_free, supporting_tokens, + ASSERTION_TYPE_SUPPORTING_TOKENS); + + neethi_policy_free(normalized_policy, env); + normalized_policy = NULL; + + return assertion; + } + else + return NULL; + } + else + return NULL; +} + +axis2_status_t AXIS2_CALL +supporting_tokens_process_alternatives( + const axutil_env_t *env, + neethi_all_t *all, + rp_supporting_tokens_t *supporting_tokens) +{ + neethi_operator_t *operator = NULL; + axutil_array_list_t *arraylist = NULL; + neethi_assertion_t *assertion = NULL; + neethi_assertion_type_t type; + void *value = NULL; + + int i = 0; + + arraylist = neethi_all_get_policy_components(all, env); + + for(i = 0; i < axutil_array_list_size(arraylist, env); i++) + { + operator = (neethi_operator_t *)axutil_array_list_get(arraylist, env, i); + assertion = (neethi_assertion_t *)neethi_operator_get_value(operator, env); + value = neethi_assertion_get_value(assertion, env); + type = neethi_assertion_get_type(assertion, env); + + if(value) + { + if(type == ASSERTION_TYPE_ALGORITHM_SUITE) + { + rp_algorithmsuite_t *algorithmsuite = NULL; + algorithmsuite = (rp_algorithmsuite_t *)neethi_assertion_get_value(assertion, env); + if(algorithmsuite) + { + rp_supporting_tokens_set_algorithmsuite(supporting_tokens, env, algorithmsuite); + } + else + return AXIS2_FAILURE; + } + else if(is_token_assertion(env, type)) + { + rp_property_t *token = NULL; + token = rp_property_create(env); + rp_token_identifier_set_token(token, assertion, env); + rp_supporting_tokens_add_token(supporting_tokens, env, token); + } + else + return AXIS2_FAILURE; + } + else + return AXIS2_FAILURE; + } + return AXIS2_SUCCESS; +} + +axis2_bool_t AXIS2_CALL +is_token_assertion( + const axutil_env_t *env, + neethi_assertion_type_t type) +{ + if(type == ASSERTION_TYPE_USERNAME_TOKEN) + { + return AXIS2_TRUE; + } + else if(type == ASSERTION_TYPE_X509_TOKEN) + { + return AXIS2_TRUE; + } + else if(type == ASSERTION_TYPE_ISSUED_TOKEN) + { + return AXIS2_TRUE; + } + else if(type == ASSERTION_TYPE_SAML_TOKEN) + { + return AXIS2_TRUE; + } + else + return AXIS2_FALSE; +} diff --git a/neethi/src/secpolicy/builder/symmetric_binding_builder.c b/neethi/src/secpolicy/builder/symmetric_binding_builder.c new file mode 100644 index 0000000..1338963 --- /dev/null +++ b/neethi/src/secpolicy/builder/symmetric_binding_builder.c @@ -0,0 +1,245 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include <rp_symmetric_binding_builder.h> +#include <neethi_operator.h> +#include <neethi_policy.h> +#include <neethi_exactlyone.h> +#include <neethi_all.h> +#include <neethi_engine.h> + +/*private functions*/ + +axis2_status_t AXIS2_CALL +symmetric_binding_process_alternatives( + const axutil_env_t *env, + neethi_all_t *all, + rp_symmetric_binding_t *symmetric_binding); + +/***********************************/ + +AXIS2_EXTERN neethi_assertion_t *AXIS2_CALL +rp_symmetric_binding_builder_build( + const axutil_env_t *env, + axiom_node_t *node, + axiom_element_t *element) +{ + rp_symmetric_binding_t *symmetric_binding = NULL; + neethi_policy_t *policy = NULL; + axiom_node_t *child_node = NULL; + axiom_element_t *child_element = NULL; + axutil_array_list_t *alternatives = NULL; + neethi_operator_t *component = NULL; + neethi_all_t *all = NULL; + neethi_assertion_t *assertion = NULL; + neethi_policy_t *normalized_policy = NULL; + + symmetric_binding = rp_symmetric_binding_create(env); + + child_node = axiom_node_get_first_element(node, env); + if(!child_node) + { + return NULL; + } + + if(axiom_node_get_node_type(child_node, env) == AXIOM_ELEMENT) + { + child_element = (axiom_element_t *)axiom_node_get_data_element(child_node, env); + if(child_element) + { + policy = neethi_engine_get_policy(env, child_node, child_element); + if(!policy) + { + return NULL; + } + normalized_policy = neethi_engine_get_normalize(env, AXIS2_FALSE, policy); + alternatives = neethi_policy_get_alternatives(normalized_policy, env); + neethi_policy_free(policy, env); + policy = NULL; + component = (neethi_operator_t *)axutil_array_list_get(alternatives, env, 0); + all = (neethi_all_t *)neethi_operator_get_value(component, env); + symmetric_binding_process_alternatives(env, all, symmetric_binding); + + assertion = neethi_assertion_create_with_args(env, + (AXIS2_FREE_VOID_ARG)rp_symmetric_binding_free, symmetric_binding, + ASSERTION_TYPE_SYMMETRIC_BINDING); + neethi_policy_free(normalized_policy, env); + normalized_policy = NULL; + + return assertion; + } + else + return NULL; + } + else + return NULL; +} + +axis2_status_t AXIS2_CALL +symmetric_binding_process_alternatives( + const axutil_env_t *env, + neethi_all_t *all, + rp_symmetric_binding_t * symmetric_binding) +{ + + neethi_operator_t *operator = NULL; + axutil_array_list_t *arraylist = NULL; + neethi_assertion_t *assertion = NULL; + neethi_assertion_type_t type; + void *value = NULL; + rp_binding_commons_t *commons = NULL; + rp_symmetric_asymmetric_binding_commons_t *as_commons = NULL; + + int i = 0; + + arraylist = neethi_all_get_policy_components(all, env); + commons = rp_binding_commons_create(env); + as_commons = rp_symmetric_asymmetric_binding_commons_create(env); + + for(i = 0; i < axutil_array_list_size(arraylist, env); i++) + { + operator = (neethi_operator_t *)axutil_array_list_get(arraylist, env, i); + assertion = (neethi_assertion_t *)neethi_operator_get_value(operator, env); + value = neethi_assertion_get_value(assertion, env); + type = neethi_assertion_get_type(assertion, env); + + if(type == ASSERTION_TYPE_PROTECTION_TOKEN) + { + rp_property_t *protection_token = NULL; + protection_token = (rp_property_t *)neethi_assertion_get_value(assertion, env); + if(protection_token) + { + rp_symmetric_binding_set_protection_token(symmetric_binding, env, protection_token); + } + else + return AXIS2_FAILURE; + } + else if(type == ASSERTION_TYPE_ENCRYPTION_TOKEN) + { + rp_property_t *encryption_token = NULL; + encryption_token = (rp_property_t *)neethi_assertion_get_value(assertion, env); + if(encryption_token) + { + rp_symmetric_binding_set_encryption_token(symmetric_binding, env, encryption_token); + } + else + return AXIS2_FAILURE; + } + else if(type == ASSERTION_TYPE_SIGNATURE_TOKEN) + { + rp_property_t *signature_token = NULL; + signature_token = (rp_property_t *)neethi_assertion_get_value(assertion, env); + if(signature_token) + { + rp_symmetric_binding_set_signature_token(symmetric_binding, env, signature_token); + } + else + return AXIS2_FAILURE; + } + else if(type == ASSERTION_TYPE_ALGORITHM_SUITE) + { + rp_algorithmsuite_t *algorithmsuite = NULL; + algorithmsuite = (rp_algorithmsuite_t *)neethi_assertion_get_value(assertion, env); + if(algorithmsuite) + { + rp_binding_commons_set_algorithmsuite(commons, env, algorithmsuite); + } + else + return AXIS2_FAILURE; + } + else if(type == ASSERTION_TYPE_INCLUDE_TIMESTAMP) + { + rp_binding_commons_set_include_timestamp(commons, env, AXIS2_TRUE); + } + else if(type == ASSERTION_TYPE_LAYOUT) + { + rp_layout_t *layout = NULL; + layout = (rp_layout_t *)neethi_assertion_get_value(assertion, env); + if(layout) + { + rp_binding_commons_set_layout(commons, env, layout); + } + else + return AXIS2_FAILURE; + } + else if(type == ASSERTION_TYPE_ENCRYPT_BEFORE_SIGNING) + { + rp_symmetric_asymmetric_binding_commons_set_protection_order(as_commons, env, + RP_ENCRYPT_BEFORE_SIGNING); + } + else if(type == ASSERTION_TYPE_SIGN_BEFORE_ENCRYPTING) + { + rp_symmetric_asymmetric_binding_commons_set_protection_order(as_commons, env, + RP_SIGN_BEFORE_ENCRYPTING); + } + else if(type == ASSERTION_TYPE_ENCRYPT_SIGNATURE) + { + rp_symmetric_asymmetric_binding_commons_set_signature_protection(as_commons, env, + AXIS2_TRUE); + } + else if(type == ASSERTION_TYPE_PROTECT_TOKENS) + { + rp_symmetric_asymmetric_binding_commons_set_token_protection(as_commons, env, + AXIS2_TRUE); + } + else if(type == ASSERTION_TYPE_ONLY_SIGN_ENTIRE_HEADERS_AND_BODY) + { + rp_symmetric_asymmetric_binding_commons_set_entire_headers_and_body_signatures( + as_commons, env, AXIS2_TRUE); + } + else if(type == ASSERTION_TYPE_SUPPORTING_TOKENS) + { + rp_supporting_tokens_t *supporting_tokens = NULL; + supporting_tokens + = (rp_supporting_tokens_t *)neethi_assertion_get_value(assertion, env); + if(supporting_tokens) + { + rp_property_type_t type; + type = rp_supporting_tokens_get_type(supporting_tokens, env); + if(type == RP_PROPERTY_SIGNED_SUPPORTING_TOKEN) + { + rp_binding_commons_set_signed_supporting_tokens(commons, env, supporting_tokens); + } + else if(type == RP_PROPERTY_SIGNED_ENDORSING_SUPPORTING_TOKEN) + { + rp_binding_commons_set_signed_endorsing_supporting_tokens(commons, env, + supporting_tokens); + } + else if(type == RP_PROPERTY_SUPPORTING_SUPPORTING_TOKEN) + { + rp_binding_commons_set_supporting_tokens(commons, env, supporting_tokens); + } + else if(type == RP_PROPERTY_ENDORSING_SUPPORTING_TOKEN) + { + rp_binding_commons_set_endorsing_supporting_tokens(commons, env, + supporting_tokens); + } + else + return AXIS2_FAILURE; + } + else + return AXIS2_FAILURE; + } + else + return AXIS2_FAILURE; + } + rp_symmetric_asymmetric_binding_commons_set_binding_commons(as_commons, env, commons); + rp_symmetric_binding_set_symmetric_asymmetric_binding_commons(symmetric_binding, env, + as_commons); + + return AXIS2_SUCCESS; +} diff --git a/neethi/src/secpolicy/builder/token_identifier.c b/neethi/src/secpolicy/builder/token_identifier.c new file mode 100644 index 0000000..938627e --- /dev/null +++ b/neethi/src/secpolicy/builder/token_identifier.c @@ -0,0 +1,78 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include <rp_token_identifier.h> +#include <neethi_operator.h> +#include <neethi_policy.h> +#include <neethi_assertion.h> +#include <neethi_exactlyone.h> +#include <neethi_all.h> +#include <neethi_engine.h> + +/*private functions*/ + +/***********************************/ + +AXIS2_EXTERN axis2_status_t AXIS2_CALL +rp_token_identifier_set_token( + rp_property_t *token, + neethi_assertion_t *assertion, + const axutil_env_t *env) +{ + void *value = NULL; + neethi_assertion_type_t type; + + value = neethi_assertion_get_value(assertion, env); + type = neethi_assertion_get_type(assertion, env); + + if(value) + { + if(type == ASSERTION_TYPE_USERNAME_TOKEN) + { + rp_username_token_t *username_token = NULL; + username_token = (rp_username_token_t *)value; + rp_property_set_value(token, env, username_token, RP_PROPERTY_USERNAME_TOKEN); + return AXIS2_SUCCESS; + } + else if(type == ASSERTION_TYPE_X509_TOKEN) + { + rp_x509_token_t *x509_token = NULL; + x509_token = (rp_x509_token_t *)value; + rp_property_set_value(token, env, x509_token, RP_PROPERTY_X509_TOKEN); + return AXIS2_SUCCESS; + } + else if(type == ASSERTION_TYPE_SAML_TOKEN) + { + rp_saml_token_t *saml_token = NULL; + saml_token = (rp_saml_token_t *)value; + rp_property_set_value(token, env, saml_token, RP_PROPERTY_SAML_TOKEN); + return AXIS2_SUCCESS; + } + else if(type == ASSERTION_TYPE_ISSUED_TOKEN) + { + rp_issued_token_t *issued_token = NULL; + issued_token = (rp_issued_token_t *)value; + rp_property_set_value(token, env, issued_token, RP_PROPERTY_ISSUED_TOKEN); + return AXIS2_SUCCESS; + } + else + return AXIS2_FAILURE; + } + + return AXIS2_FAILURE; +} + diff --git a/neethi/src/secpolicy/builder/transport_binding_builder.c b/neethi/src/secpolicy/builder/transport_binding_builder.c new file mode 100644 index 0000000..be84119 --- /dev/null +++ b/neethi/src/secpolicy/builder/transport_binding_builder.c @@ -0,0 +1,196 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include <rp_transport_binding_builder.h> +#include <neethi_operator.h> +#include <neethi_policy.h> +#include <neethi_exactlyone.h> +#include <neethi_all.h> +#include <neethi_engine.h> + +/*private functions*/ + +axis2_status_t AXIS2_CALL +transport_binding_process_alternatives( + const axutil_env_t *env, + neethi_all_t *all, + rp_transport_binding_t *transport_binding); + +/***********************************/ + +AXIS2_EXTERN neethi_assertion_t *AXIS2_CALL +rp_transport_binding_builder_build( + const axutil_env_t *env, + axiom_node_t *node, + axiom_element_t *element) +{ + rp_transport_binding_t *transport_binding = NULL; + neethi_policy_t *policy = NULL; + axiom_node_t *child_node = NULL; + axiom_element_t *child_element = NULL; + axutil_array_list_t *alternatives = NULL; + neethi_operator_t *component = NULL; + neethi_all_t *all = NULL; + neethi_assertion_t *assertion = NULL; + neethi_policy_t *normalized_policy = NULL; + + transport_binding = rp_transport_binding_create(env); + + child_node = axiom_node_get_first_element(node, env); + + if(!child_node) + { + return NULL; + } + + if(axiom_node_get_node_type(child_node, env) == AXIOM_ELEMENT) + { + child_element = (axiom_element_t *)axiom_node_get_data_element(child_node, env); + if(child_element) + { + policy = neethi_engine_get_policy(env, child_node, child_element); + if(!policy) + { + return NULL; + } + normalized_policy = neethi_engine_get_normalize(env, AXIS2_FALSE, policy); + neethi_policy_free(policy, env); + policy = NULL; + alternatives = neethi_policy_get_alternatives(normalized_policy, env); + component = (neethi_operator_t *)axutil_array_list_get(alternatives, env, 0); + all = (neethi_all_t *)neethi_operator_get_value(component, env); + transport_binding_process_alternatives(env, all, transport_binding); + + assertion = neethi_assertion_create_with_args(env, + (AXIS2_FREE_VOID_ARG)rp_transport_binding_free, transport_binding, + ASSERTION_TYPE_TRANSPORT_BINDING); + + neethi_policy_free(normalized_policy, env); + normalized_policy = NULL; + + return assertion; + } + else + return NULL; + } + else + return NULL; +} + +axis2_status_t AXIS2_CALL +transport_binding_process_alternatives( + const axutil_env_t *env, + neethi_all_t *all, + rp_transport_binding_t *transport_binding) +{ + + neethi_operator_t *operator = NULL; + axutil_array_list_t *arraylist = NULL; + neethi_assertion_t *assertion = NULL; + neethi_assertion_type_t type; + void *value = NULL; + rp_binding_commons_t *commons = NULL; + + int i = 0; + + arraylist = neethi_all_get_policy_components(all, env); + commons = rp_binding_commons_create(env); + + for(i = 0; i < axutil_array_list_size(arraylist, env); i++) + { + operator = (neethi_operator_t *)axutil_array_list_get(arraylist, env, i); + assertion = (neethi_assertion_t *)neethi_operator_get_value(operator, env); + value = neethi_assertion_get_value(assertion, env); + type = neethi_assertion_get_type(assertion, env); + + if(type == ASSERTION_TYPE_TRANSPORT_TOKEN) + { + rp_property_t *transport_token = NULL; + transport_token = (rp_property_t *)neethi_assertion_get_value(assertion, env); + if(transport_token) + { + rp_transport_binding_set_transport_token(transport_binding, env, transport_token); + } + else + return AXIS2_FAILURE; + } + else if(type == ASSERTION_TYPE_ALGORITHM_SUITE) + { + rp_algorithmsuite_t *algorithmsuite = NULL; + algorithmsuite = (rp_algorithmsuite_t *)neethi_assertion_get_value(assertion, env); + if(algorithmsuite) + { + rp_binding_commons_set_algorithmsuite(commons, env, algorithmsuite); + } + else + return AXIS2_FAILURE; + } + else if(type == ASSERTION_TYPE_INCLUDE_TIMESTAMP) + { + rp_binding_commons_set_include_timestamp(commons, env, AXIS2_TRUE); + } + else if(type == ASSERTION_TYPE_LAYOUT) + { + rp_layout_t *layout = NULL; + layout = (rp_layout_t *)neethi_assertion_get_value(assertion, env); + if(layout) + { + rp_binding_commons_set_layout(commons, env, layout); + } + else + return AXIS2_FAILURE; + } + else if(type == ASSERTION_TYPE_SUPPORTING_TOKENS) + { + rp_supporting_tokens_t *supporting_tokens = NULL; + supporting_tokens + = (rp_supporting_tokens_t *)neethi_assertion_get_value(assertion, env); + if(supporting_tokens) + { + rp_property_type_t type; + type = rp_supporting_tokens_get_type(supporting_tokens, env); + if(type == RP_PROPERTY_SIGNED_SUPPORTING_TOKEN) + { + rp_binding_commons_set_signed_supporting_tokens(commons, env, supporting_tokens); + } + else if(type == RP_PROPERTY_SIGNED_ENDORSING_SUPPORTING_TOKEN) + { + rp_binding_commons_set_signed_endorsing_supporting_tokens(commons, env, + supporting_tokens); + } + else if(type == RP_PROPERTY_SUPPORTING_SUPPORTING_TOKEN) + { + rp_binding_commons_set_supporting_tokens(commons, env, supporting_tokens); + } + else if(type == RP_PROPERTY_ENDORSING_SUPPORTING_TOKEN) + { + rp_binding_commons_set_endorsing_supporting_tokens(commons, env, + supporting_tokens); + } + else + return AXIS2_FAILURE; + } + else + return AXIS2_FAILURE; + } + else + return AXIS2_FAILURE; + } + + rp_transport_binding_set_binding_commons(transport_binding, env, commons); + return AXIS2_SUCCESS; +} diff --git a/neethi/src/secpolicy/builder/transport_token_builder.c b/neethi/src/secpolicy/builder/transport_token_builder.c new file mode 100644 index 0000000..f50183d --- /dev/null +++ b/neethi/src/secpolicy/builder/transport_token_builder.c @@ -0,0 +1,138 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include <rp_transport_token_builder.h> +#include <neethi_operator.h> +#include <neethi_policy.h> +#include <neethi_assertion.h> +#include <neethi_exactlyone.h> +#include <neethi_all.h> +#include <neethi_engine.h> + +/*private functions*/ + +axis2_status_t AXIS2_CALL +transport_token_process_alternatives( + const axutil_env_t * env, + neethi_all_t * all, + rp_property_t * transport_token); + +/***********************************/ + +AXIS2_EXTERN neethi_assertion_t *AXIS2_CALL +rp_transport_token_builder_build( + const axutil_env_t * env, + axiom_node_t * node, + axiom_element_t * element) +{ + rp_property_t *transport_token = NULL; + neethi_policy_t *policy = NULL; + axiom_node_t *child_node = NULL; + axiom_element_t *child_element = NULL; + axutil_array_list_t *alternatives = NULL; + neethi_operator_t *component = NULL; + neethi_all_t *all = NULL; + neethi_assertion_t *assertion = NULL; + neethi_policy_t *normalized_policy = NULL; + + transport_token = rp_property_create(env); + + child_node = axiom_node_get_first_element(node, env); + if(!child_node) + { + return NULL; + } + + if(axiom_node_get_node_type(child_node, env) == AXIOM_ELEMENT) + { + child_element = (axiom_element_t *)axiom_node_get_data_element(child_node, env); + if(child_element) + { + policy = neethi_engine_get_policy(env, child_node, child_element); + if(!policy) + { + return NULL; + } + normalized_policy = neethi_engine_get_normalize(env, AXIS2_FALSE, policy); + policy = NULL; + alternatives = neethi_policy_get_alternatives(normalized_policy, env); + component = (neethi_operator_t *)axutil_array_list_get(alternatives, env, 0); + all = (neethi_all_t *)neethi_operator_get_value(component, env); + transport_token_process_alternatives(env, all, transport_token); + + assertion = neethi_assertion_create_with_args(env, + (AXIS2_FREE_VOID_ARG)rp_property_free, transport_token, + ASSERTION_TYPE_TRANSPORT_TOKEN); + + neethi_policy_free(normalized_policy, env); + normalized_policy = NULL; + + return assertion; + } + else + return NULL; + } + else + return NULL; +} + +axis2_status_t AXIS2_CALL +transport_token_process_alternatives( + const axutil_env_t * env, + neethi_all_t * all, + rp_property_t * transport_token) +{ + + neethi_operator_t *operator = NULL; + axutil_array_list_t *arraylist = NULL; + neethi_assertion_t *assertion = NULL; + neethi_assertion_type_t type; + void *value = NULL; + + int i = 0; + + arraylist = neethi_all_get_policy_components(all, env); + + for(i = 0; i < axutil_array_list_size(arraylist, env); i++) + { + operator = (neethi_operator_t *)axutil_array_list_get(arraylist, env, i); + assertion = (neethi_assertion_t *)neethi_operator_get_value(operator, env); + value = neethi_assertion_get_value(assertion, env); + type = neethi_assertion_get_type(assertion, env); + + if(value) + { + if(type == ASSERTION_TYPE_HTTPS_TOKEN) + { + rp_https_token_t *https_token = NULL; + https_token = (rp_https_token_t *)neethi_assertion_get_value(assertion, env); + if(https_token) + { + rp_property_set_value(transport_token, env, https_token, + RP_PROPERTY_HTTPS_TOKEN); + } + else + return AXIS2_FAILURE; + } + else + return AXIS2_FAILURE; + } + else + return AXIS2_FAILURE; + } + return AXIS2_SUCCESS; +} diff --git a/neethi/src/secpolicy/builder/trust10_builder.c b/neethi/src/secpolicy/builder/trust10_builder.c new file mode 100644 index 0000000..e97f0f7 --- /dev/null +++ b/neethi/src/secpolicy/builder/trust10_builder.c @@ -0,0 +1,139 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include <rp_trust10_builder.h> +#include <neethi_operator.h> +#include <neethi_policy.h> +#include <neethi_exactlyone.h> +#include <neethi_all.h> +#include <neethi_engine.h> + +/*private functions*/ + +axis2_status_t AXIS2_CALL +trust10_process_alternatives( + const axutil_env_t *env, + neethi_all_t *all, + rp_trust10_t *trust10); + +/***********************************/ + +AXIS2_EXTERN neethi_assertion_t *AXIS2_CALL +rp_trust10_builder_build( + const axutil_env_t *env, + axiom_node_t *node, + axiom_element_t *element) +{ + rp_trust10_t *trust10 = NULL; + neethi_policy_t *policy = NULL; + axiom_node_t *child_node = NULL; + axiom_element_t *child_element = NULL; + axutil_array_list_t *alternatives = NULL; + neethi_operator_t *component = NULL; + neethi_all_t *all = NULL; + neethi_assertion_t *assertion = NULL; + neethi_policy_t *normalized_policy = NULL; + + trust10 = rp_trust10_create(env); + + child_node = axiom_node_get_first_element(node, env); + if(!child_node) + { + return NULL; + } + + if(axiom_node_get_node_type(child_node, env) == AXIOM_ELEMENT) + { + child_element = (axiom_element_t *)axiom_node_get_data_element(child_node, env); + if(child_element) + { + policy = neethi_engine_get_policy(env, child_node, child_element); + if(!policy) + { + return NULL; + } + normalized_policy = neethi_engine_get_normalize(env, AXIS2_FALSE, policy); + neethi_policy_free(policy, env); + policy = NULL; + alternatives = neethi_policy_get_alternatives(normalized_policy, env); + component = (neethi_operator_t *)axutil_array_list_get(alternatives, env, 0); + all = (neethi_all_t *)neethi_operator_get_value(component, env); + trust10_process_alternatives(env, all, trust10); + + assertion = neethi_assertion_create_with_args(env, + (AXIS2_FREE_VOID_ARG)rp_trust10_free, trust10, ASSERTION_TYPE_TRUST10); + + neethi_policy_free(normalized_policy, env); + normalized_policy = NULL; + + return assertion; + } + else + return NULL; + } + else + return NULL; +} + +axis2_status_t AXIS2_CALL +trust10_process_alternatives( + const axutil_env_t *env, + neethi_all_t *all, + rp_trust10_t *trust10) +{ + neethi_operator_t *operator = NULL; + axutil_array_list_t *arraylist = NULL; + neethi_assertion_t *assertion = NULL; + neethi_assertion_type_t type; + void *value = NULL; + + int i = 0; + + arraylist = neethi_all_get_policy_components(all, env); + + for(i = 0; i < axutil_array_list_size(arraylist, env); i++) + { + operator = (neethi_operator_t *)axutil_array_list_get(arraylist, env, i); + assertion = (neethi_assertion_t *)neethi_operator_get_value(operator, env); + value = neethi_assertion_get_value(assertion, env); + type = neethi_assertion_get_type(assertion, env); + + if(type == ASSERTION_TYPE_MUST_SUPPORT_CLIENT_CHALLENGE) + { + rp_trust10_set_must_support_client_challenge(trust10, env, AXIS2_TRUE); + } + else if(type == ASSERTION_TYPE_MUST_SUPPORT_SERVER_CHALLENGE) + { + rp_trust10_set_must_support_server_challenge(trust10, env, AXIS2_TRUE); + } + else if(type == ASSERTION_TYPE_REQUIRE_CLIENT_ENTROPY) + { + rp_trust10_set_require_client_entropy(trust10, env, AXIS2_TRUE); + } + else if(type == ASSERTION_TYPE_REQUIRE_SERVER_ENTROPHY) + { + rp_trust10_set_require_server_entropy(trust10, env, AXIS2_TRUE); + } + else if(type == ASSERTION_TYPE_MUST_SUPPORT_ISSUED_TOKENS) + { + rp_trust10_set_must_support_issued_token(trust10, env, AXIS2_TRUE); + } + else + return AXIS2_FAILURE; + } + return AXIS2_SUCCESS; +} diff --git a/neethi/src/secpolicy/builder/username_token_builder.c b/neethi/src/secpolicy/builder/username_token_builder.c new file mode 100644 index 0000000..b8ac02b --- /dev/null +++ b/neethi/src/secpolicy/builder/username_token_builder.c @@ -0,0 +1,150 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include <rp_username_token_builder.h> +#include <neethi_operator.h> +#include <neethi_policy.h> +#include <neethi_exactlyone.h> +#include <neethi_all.h> +#include <neethi_engine.h> + +/*private functions*/ + +static axis2_status_t AXIS2_CALL username_token_process_alternatives( + const axutil_env_t *env, + neethi_all_t *all, + rp_username_token_t *username_token); + +/***********************************/ + +AXIS2_EXTERN neethi_assertion_t *AXIS2_CALL +rp_username_token_builder_build( + const axutil_env_t *env, + axiom_node_t *node, + axiom_element_t *element) +{ + rp_username_token_t *username_token = NULL; + neethi_policy_t *policy = NULL; + axiom_node_t *child_node = NULL; + axiom_element_t *child_element = NULL; + axutil_array_list_t *alternatives = NULL; + neethi_operator_t *component = NULL; + neethi_all_t *all = NULL; + axis2_char_t *inclusion_value = NULL; + axutil_qname_t *qname = NULL; + neethi_assertion_t *assertion = NULL; + neethi_policy_t *normalized_policy = NULL; + + username_token = rp_username_token_create(env); + qname = axutil_qname_create(env, RP_INCLUDE_TOKEN, RP_SP_NS_11, RP_SP_PREFIX); + inclusion_value = axiom_element_get_attribute_value(element, env, qname); + axutil_qname_free(qname, env); + qname = NULL; + if(!inclusion_value) + { + /* we can try whether WS-SP1.2 specific inclusion value */ + qname = axutil_qname_create(env, RP_INCLUDE_TOKEN, RP_SP_NS_12, RP_SP_PREFIX); + inclusion_value = axiom_element_get_attribute_value(element, env, qname); + axutil_qname_free(qname, env); + qname = NULL; + } + + rp_username_token_set_inclusion(username_token, env, inclusion_value); + + child_node = axiom_node_get_first_element(node, env); + if(!child_node) + { + assertion = neethi_assertion_create(env); + neethi_assertion_set_value(assertion, env, username_token, ASSERTION_TYPE_USERNAME_TOKEN); + return assertion; + } + + if(axiom_node_get_node_type(child_node, env) == AXIOM_ELEMENT) + { + child_element = (axiom_element_t *)axiom_node_get_data_element(child_node, env); + if(child_element) + { + policy = neethi_engine_get_policy(env, child_node, child_element); + if(!policy) + { + return NULL; + } + normalized_policy = neethi_engine_get_normalize(env, AXIS2_FALSE, policy); + neethi_policy_free(policy, env); + policy = NULL; + alternatives = neethi_policy_get_alternatives(normalized_policy, env); + component = (neethi_operator_t *)axutil_array_list_get(alternatives, env, 0); + all = (neethi_all_t *)neethi_operator_get_value(component, env); + username_token_process_alternatives(env, all, username_token); + + assertion = neethi_assertion_create_with_args(env, + (AXIS2_FREE_VOID_ARG)rp_username_token_free, username_token, + ASSERTION_TYPE_USERNAME_TOKEN); + + neethi_policy_free(normalized_policy, env); + normalized_policy = NULL; + + return assertion; + } + else + return NULL; + } + else + return NULL; +} + +static axis2_status_t AXIS2_CALL +username_token_process_alternatives( + const axutil_env_t *env, + neethi_all_t *all, + rp_username_token_t *username_token) +{ + neethi_operator_t *operator = NULL; + axutil_array_list_t *arraylist = NULL; + neethi_assertion_t *assertion = NULL; + neethi_assertion_type_t type; + void *value = NULL; + + int i = 0; + + arraylist = neethi_all_get_policy_components(all, env); + + for(i = 0; i < axutil_array_list_size(arraylist, env); i++) + { + operator = (neethi_operator_t *)axutil_array_list_get(arraylist, env, i); + assertion = (neethi_assertion_t *)neethi_operator_get_value(operator, env); + value = neethi_assertion_get_value(assertion, env); + type = neethi_assertion_get_type(assertion, env); + + if(value) + { + if(type == ASSERTION_TYPE_WSS_USERNAME_TOKEN_10) + { + rp_username_token_set_useUTprofile10(username_token, env, AXIS2_TRUE); + } + else if(type == ASSERTION_TYPE_WSS_USERNAME_TOKEN_11) + { + rp_username_token_set_useUTprofile11(username_token, env, AXIS2_TRUE); + } + else + return AXIS2_FAILURE; + } + else + return AXIS2_FAILURE; + } + return AXIS2_SUCCESS; +} diff --git a/neethi/src/secpolicy/builder/wss10_builder.c b/neethi/src/secpolicy/builder/wss10_builder.c new file mode 100644 index 0000000..6dd10ae --- /dev/null +++ b/neethi/src/secpolicy/builder/wss10_builder.c @@ -0,0 +1,135 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include <rp_wss10_builder.h> +#include <neethi_operator.h> +#include <neethi_policy.h> +#include <neethi_exactlyone.h> +#include <neethi_all.h> +#include <neethi_engine.h> + +/*private functions*/ + +axis2_status_t AXIS2_CALL +wss10_process_alternatives( + const axutil_env_t *env, + neethi_all_t *all, + rp_wss10_t *wss10); + +/***********************************/ + +AXIS2_EXTERN neethi_assertion_t *AXIS2_CALL +rp_wss10_builder_build( + const axutil_env_t *env, + axiom_node_t *node, + axiom_element_t *element) +{ + rp_wss10_t *wss10 = NULL; + neethi_policy_t *policy = NULL; + axiom_node_t *child_node = NULL; + axiom_element_t *child_element = NULL; + axutil_array_list_t *alternatives = NULL; + neethi_operator_t *component = NULL; + neethi_all_t *all = NULL; + neethi_assertion_t *assertion = NULL; + neethi_policy_t *normalized_policy = NULL; + + wss10 = rp_wss10_create(env); + + child_node = axiom_node_get_first_element(node, env); + if(!child_node) + { + return NULL; + } + + if(axiom_node_get_node_type(child_node, env) == AXIOM_ELEMENT) + { + child_element = (axiom_element_t *)axiom_node_get_data_element(child_node, env); + if(child_element) + { + policy = neethi_engine_get_policy(env, child_node, child_element); + if(!policy) + { + return NULL; + } + normalized_policy = neethi_engine_get_normalize(env, AXIS2_FALSE, policy); + neethi_policy_free(policy, env); + policy = NULL; + alternatives = neethi_policy_get_alternatives(normalized_policy, env); + component = (neethi_operator_t *)axutil_array_list_get(alternatives, env, 0); + all = (neethi_all_t *)neethi_operator_get_value(component, env); + wss10_process_alternatives(env, all, wss10); + + assertion = neethi_assertion_create_with_args(env, (AXIS2_FREE_VOID_ARG)rp_wss10_free, + wss10, ASSERTION_TYPE_WSS10); + + neethi_policy_free(normalized_policy, env); + normalized_policy = NULL; + + return assertion; + } + else + return NULL; + } + else + return NULL; +} + +axis2_status_t AXIS2_CALL +wss10_process_alternatives( + const axutil_env_t *env, + neethi_all_t *all, + rp_wss10_t *wss10) +{ + neethi_operator_t *operator = NULL; + axutil_array_list_t *arraylist = NULL; + neethi_assertion_t *assertion = NULL; + neethi_assertion_type_t type; + void *value = NULL; + + int i = 0; + + arraylist = neethi_all_get_policy_components(all, env); + + for(i = 0; i < axutil_array_list_size(arraylist, env); i++) + { + operator = (neethi_operator_t *)axutil_array_list_get(arraylist, env, i); + assertion = (neethi_assertion_t *)neethi_operator_get_value(operator, env); + value = neethi_assertion_get_value(assertion, env); + type = neethi_assertion_get_type(assertion, env); + + if(type == ASSERTION_TYPE_MUST_SUPPORT_REF_KEY_IDENTIFIER) + { + rp_wss10_set_must_support_ref_key_identifier(wss10, env, AXIS2_TRUE); + } + else if(type == ASSERTION_TYPE_MUST_SUPPORT_REF_ISSUER_SERIAL) + { + rp_wss10_set_must_support_ref_issuer_serial(wss10, env, AXIS2_TRUE); + } + else if(type == ASSERTION_TYPE_MUST_SUPPORT_REF_EXTERNAL_URI) + { + rp_wss10_set_must_support_ref_external_uri(wss10, env, AXIS2_TRUE); + } + else if(type == ASSERTION_TYPE_MUST_SUPPORT_REF_EMBEDDED_TOKEN) + { + rp_wss10_set_must_support_ref_embedded_token(wss10, env, AXIS2_TRUE); + } + else + return AXIS2_FAILURE; + } + return AXIS2_SUCCESS; +} diff --git a/neethi/src/secpolicy/builder/wss11_builder.c b/neethi/src/secpolicy/builder/wss11_builder.c new file mode 100644 index 0000000..6249181 --- /dev/null +++ b/neethi/src/secpolicy/builder/wss11_builder.c @@ -0,0 +1,147 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include <rp_wss11_builder.h> +#include <neethi_operator.h> +#include <neethi_policy.h> +#include <neethi_exactlyone.h> +#include <neethi_all.h> +#include <neethi_engine.h> + +/*private functions*/ + +axis2_status_t AXIS2_CALL +wss11_process_alternatives( + const axutil_env_t *env, + neethi_all_t *all, + rp_wss11_t *wss11); + +/***********************************/ + +AXIS2_EXTERN neethi_assertion_t *AXIS2_CALL +rp_wss11_builder_build( + const axutil_env_t *env, + axiom_node_t *node, + axiom_element_t *element) +{ + rp_wss11_t *wss11 = NULL; + neethi_policy_t *policy = NULL; + axiom_node_t *child_node = NULL; + axiom_element_t *child_element = NULL; + axutil_array_list_t *alternatives = NULL; + neethi_operator_t *component = NULL; + neethi_all_t *all = NULL; + neethi_assertion_t *assertion = NULL; + neethi_policy_t *normalized_policy = NULL; + + wss11 = rp_wss11_create(env); + + child_node = axiom_node_get_first_element(node, env); + if(!child_node) + { + return NULL; + } + + if(axiom_node_get_node_type(child_node, env) == AXIOM_ELEMENT) + { + child_element = (axiom_element_t *)axiom_node_get_data_element(child_node, env); + if(child_element) + { + policy = neethi_engine_get_policy(env, child_node, child_element); + if(!policy) + { + return NULL; + } + normalized_policy = neethi_engine_get_normalize(env, AXIS2_FALSE, policy); + neethi_policy_free(policy, env); + policy = NULL; + alternatives = neethi_policy_get_alternatives(normalized_policy, env); + component = (neethi_operator_t *)axutil_array_list_get(alternatives, env, 0); + all = (neethi_all_t *)neethi_operator_get_value(component, env); + wss11_process_alternatives(env, all, wss11); + + assertion = neethi_assertion_create_with_args(env, (AXIS2_FREE_VOID_ARG)rp_wss11_free, + wss11, ASSERTION_TYPE_WSS11); + + neethi_policy_free(normalized_policy, env); + normalized_policy = NULL; + + return assertion; + } + else + return NULL; + } + else + return NULL; +} + +axis2_status_t AXIS2_CALL +wss11_process_alternatives( + const axutil_env_t *env, + neethi_all_t *all, + rp_wss11_t *wss11) +{ + neethi_operator_t *operator = NULL; + axutil_array_list_t *arraylist = NULL; + neethi_assertion_t *assertion = NULL; + neethi_assertion_type_t type; + void *value = NULL; + + int i = 0; + + arraylist = neethi_all_get_policy_components(all, env); + + for(i = 0; i < axutil_array_list_size(arraylist, env); i++) + { + operator = (neethi_operator_t *)axutil_array_list_get(arraylist, env, i); + assertion = (neethi_assertion_t *)neethi_operator_get_value(operator, env); + value = neethi_assertion_get_value(assertion, env); + type = neethi_assertion_get_type(assertion, env); + + if(type == ASSERTION_TYPE_MUST_SUPPORT_REF_KEY_IDENTIFIER) + { + rp_wss11_set_must_support_ref_key_identifier(wss11, env, AXIS2_TRUE); + } + else if(type == ASSERTION_TYPE_MUST_SUPPORT_REF_ISSUER_SERIAL) + { + rp_wss11_set_must_support_ref_issuer_serial(wss11, env, AXIS2_TRUE); + } + else if(type == ASSERTION_TYPE_MUST_SUPPORT_REF_EXTERNAL_URI) + { + rp_wss11_set_must_support_ref_external_uri(wss11, env, AXIS2_TRUE); + } + else if(type == ASSERTION_TYPE_MUST_SUPPORT_REF_EMBEDDED_TOKEN) + { + rp_wss11_set_must_support_ref_embedded_token(wss11, env, AXIS2_TRUE); + } + else if(type == ASSERTION_TYPE_MUST_SUPPORT_REF_THUMBPRINT) + { + rp_wss11_set_must_support_ref_thumbprint(wss11, env, AXIS2_TRUE); + } + else if(type == ASSERTION_TYPE_MUST_SUPPORT_REF_ENCRYPTED_KEY) + { + rp_wss11_set_must_support_ref_encryptedkey(wss11, env, AXIS2_TRUE); + } + else if(type == ASSERTION_TYPE_REQUIRE_SIGNATURE_CONFIRMATION) + { + rp_wss11_set_require_signature_confirmation(wss11, env, AXIS2_TRUE); + } + else + return AXIS2_FAILURE; + } + return AXIS2_SUCCESS; +} diff --git a/neethi/src/secpolicy/builder/x509_token_builder.c b/neethi/src/secpolicy/builder/x509_token_builder.c new file mode 100644 index 0000000..fa8d8f9 --- /dev/null +++ b/neethi/src/secpolicy/builder/x509_token_builder.c @@ -0,0 +1,168 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include <rp_x509_token_builder.h> +#include <neethi_operator.h> +#include <neethi_policy.h> +#include <neethi_exactlyone.h> +#include <neethi_all.h> +#include <neethi_engine.h> + +/*private functions*/ + +axis2_status_t AXIS2_CALL +x509_token_process_alternatives( + const axutil_env_t *env, + neethi_all_t *all, + rp_x509_token_t *x509_token); + +/***********************************/ + +AXIS2_EXTERN neethi_assertion_t *AXIS2_CALL +rp_x509_token_builder_build( + const axutil_env_t *env, + axiom_node_t *node, + axiom_element_t *element) +{ + rp_x509_token_t *x509_token = NULL; + neethi_policy_t *policy = NULL; + axiom_node_t *child_node = NULL; + axiom_element_t *child_element = NULL; + axutil_array_list_t *alternatives = NULL; + neethi_operator_t *component = NULL; + neethi_all_t *all = NULL; + axis2_char_t *inclusion_value = NULL; + axutil_qname_t *qname = NULL; + neethi_assertion_t *assertion = NULL; + neethi_policy_t *normalized_policy = NULL; + + x509_token = rp_x509_token_create(env); + qname = axutil_qname_create(env, RP_INCLUDE_TOKEN, RP_SP_NS_11, RP_SP_PREFIX); + inclusion_value = axiom_element_get_attribute_value(element, env, qname); + axutil_qname_free(qname, env); + qname = NULL; + + if(!inclusion_value) + { + /* we can try whether WS-SP1.2 specific inclusion value */ + qname = axutil_qname_create(env, RP_INCLUDE_TOKEN, RP_SP_NS_12, RP_SP_PREFIX); + inclusion_value = axiom_element_get_attribute_value(element, env, qname); + axutil_qname_free(qname, env); + qname = NULL; + } + + rp_x509_token_set_inclusion(x509_token, env, inclusion_value); + + child_node = axiom_node_get_first_element(node, env); + if(!child_node) + { + return NULL; + } + + if(axiom_node_get_node_type(child_node, env) == AXIOM_ELEMENT) + { + child_element = (axiom_element_t *)axiom_node_get_data_element(child_node, env); + if(child_element) + { + policy = neethi_engine_get_policy(env, child_node, child_element); + if(!policy) + { + return NULL; + } + normalized_policy = neethi_engine_get_normalize(env, AXIS2_FALSE, policy); + neethi_policy_free(policy, env); + policy = NULL; + alternatives = neethi_policy_get_alternatives(normalized_policy, env); + component = (neethi_operator_t *)axutil_array_list_get(alternatives, env, 0); + all = (neethi_all_t *)neethi_operator_get_value(component, env); + x509_token_process_alternatives(env, all, x509_token); + + assertion = neethi_assertion_create_with_args(env, + (AXIS2_FREE_VOID_ARG)rp_x509_token_free, x509_token, ASSERTION_TYPE_X509_TOKEN); + + neethi_policy_free(normalized_policy, env); + normalized_policy = NULL; + + return assertion; + } + else + return NULL; + } + else + return NULL; +} + +axis2_status_t AXIS2_CALL +x509_token_process_alternatives( + const axutil_env_t *env, + neethi_all_t *all, + rp_x509_token_t *x509_token) +{ + neethi_operator_t *operator = NULL; + axutil_array_list_t *arraylist = NULL; + neethi_assertion_t *assertion = NULL; + neethi_assertion_type_t type; + + int i = 0; + + arraylist = neethi_all_get_policy_components(all, env); + + for(i = 0; i < axutil_array_list_size(arraylist, env); i++) + { + operator = (neethi_operator_t *)axutil_array_list_get(arraylist, env, i); + assertion = (neethi_assertion_t *)neethi_operator_get_value(operator, env); + type = neethi_assertion_get_type(assertion, env); + + if(type == ASSERTION_TYPE_REQUIRE_DERIVED_KEYS_SC10) + { + rp_x509_token_set_derivedkey(x509_token, env, DERIVEKEY_NEEDED); + rp_x509_token_set_derivedkey_version(x509_token, env, DERIVEKEY_VERSION_SC10); + } + else if(type == ASSERTION_TYPE_REQUIRE_DERIVED_KEYS_SC13) + { + rp_x509_token_set_derivedkey(x509_token, env, DERIVEKEY_NEEDED); + rp_x509_token_set_derivedkey_version(x509_token, env, DERIVEKEY_VERSION_SC13); + } + else if(type == ASSERTION_TYPE_REQUIRE_KEY_IDENTIFIRE_REFERENCE) + { + rp_x509_token_set_require_key_identifier_reference(x509_token, env, AXIS2_TRUE); + } + else if(type == ASSERTION_TYPE_REQUIRE_ISSUER_SERIAL_REFERENCE) + { + rp_x509_token_set_require_issuer_serial_reference(x509_token, env, AXIS2_TRUE); + } + else if(type == ASSERTION_TYPE_REQUIRE_EMBEDDED_TOKEN_REFERENCE) + { + rp_x509_token_set_require_embedded_token_reference(x509_token, env, AXIS2_TRUE); + } + else if(type == ASSERTION_TYPE_REQUIRE_THUMBPRINT_REFERENCE) + { + rp_x509_token_set_require_thumb_print_reference(x509_token, env, AXIS2_TRUE); + } + else if(type == ASSERTION_TYPE_WSS_X509_V1_TOKEN_10) + { + rp_x509_token_set_token_version_and_type(x509_token, env, RP_WSS_X509_V1_TOKEN_10); + } + else if(type == ASSERTION_TYPE_WSS_X509_V3_TOKEN_10) + { + rp_x509_token_set_token_version_and_type(x509_token, env, RP_WSS_X509_V3_TOKEN_10); + } + else + return AXIS2_FAILURE; + } + return AXIS2_SUCCESS; +} |