summaryrefslogtreecommitdiffstats
path: root/neethi/src/secpolicy/builder/security_context_token_builder.c
diff options
context:
space:
mode:
Diffstat (limited to 'neethi/src/secpolicy/builder/security_context_token_builder.c')
-rw-r--r--neethi/src/secpolicy/builder/security_context_token_builder.c231
1 files changed, 231 insertions, 0 deletions
diff --git a/neethi/src/secpolicy/builder/security_context_token_builder.c b/neethi/src/secpolicy/builder/security_context_token_builder.c
new file mode 100644
index 0000000..b4ad8e8
--- /dev/null
+++ b/neethi/src/secpolicy/builder/security_context_token_builder.c
@@ -0,0 +1,231 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include <rp_security_context_token_builder.h>
+#include <neethi_operator.h>
+#include <neethi_policy.h>
+#include <neethi_exactlyone.h>
+#include <neethi_all.h>
+#include <neethi_engine.h>
+
+/*private functions*/
+
+axis2_status_t AXIS2_CALL
+security_context_token_process_alternatives(
+ const axutil_env_t *env,
+ neethi_all_t *all,
+ rp_security_context_token_t * security_context_token);
+
+/***********************************/
+
+AXIS2_EXTERN neethi_assertion_t *AXIS2_CALL
+rp_security_context_token_builder_build(
+ const axutil_env_t *env,
+ axiom_node_t *node,
+ axiom_element_t *element,
+ axis2_char_t *sp_ns_uri,
+ axis2_bool_t is_secure_conversation_token)
+{
+ rp_security_context_token_t *security_context_token = NULL;
+ neethi_policy_t *policy = NULL;
+ axiom_node_t *child_node = NULL;
+ axiom_element_t *child_element = NULL;
+ axiom_children_iterator_t *children_iter = NULL;
+ axutil_array_list_t *alternatives = NULL;
+ neethi_operator_t *component = NULL;
+ neethi_all_t *all = NULL;
+ axis2_char_t *inclusion_value = NULL;
+ axutil_qname_t *qname = NULL;
+ neethi_assertion_t *assertion = NULL;
+ neethi_policy_t *normalized_policy = NULL;
+
+ security_context_token = rp_security_context_token_create(env);
+ qname = axutil_qname_create(env, RP_INCLUDE_TOKEN, sp_ns_uri, RP_SP_PREFIX);
+ inclusion_value = axiom_element_get_attribute_value(element, env, qname);
+ axutil_qname_free(qname, env);
+ qname = NULL;
+
+ rp_security_context_token_set_inclusion(security_context_token, env, inclusion_value);
+ rp_security_context_token_set_is_secure_conversation_token(security_context_token, env,
+ is_secure_conversation_token);
+
+ if(!axutil_strcmp(sp_ns_uri, RP_SP_NS_11))
+ {
+ rp_security_context_token_set_sc10_security_context_token(security_context_token, env,
+ AXIS2_TRUE);
+ }
+ else
+ {
+ rp_security_context_token_set_sc10_security_context_token(security_context_token, env,
+ AXIS2_FALSE);
+ }
+
+ child_node = axiom_node_get_first_element(node, env);
+ if(!child_node)
+ {
+ return NULL;
+ }
+
+ children_iter = axiom_element_get_children(element, env, node);
+ if(children_iter)
+ {
+ while(axiom_children_iterator_has_next(children_iter, env))
+ {
+ child_node = axiom_children_iterator_next(children_iter, env);
+ if(child_node)
+ {
+ if(axiom_node_get_node_type(child_node, env) == AXIOM_ELEMENT)
+ {
+ child_element = (axiom_element_t *)axiom_node_get_data_element(child_node, env);
+ if(child_element)
+ {
+ axis2_char_t *localname = NULL;
+ localname = axiom_element_get_localname(child_element, env);
+ if(axutil_strcmp(localname, RP_ISSUER) == 0)
+ {
+ axis2_char_t *ns = NULL;
+ axutil_qname_t *node_qname = NULL;
+
+ node_qname = axiom_element_get_qname(child_element, env, child_node);
+ if(!node_qname)
+ {
+ AXIS2_LOG_ERROR(env->log, AXIS2_LOG_SI,
+ "[neethi] Cannot get qname from element %s.", localname);
+ return NULL;
+ }
+
+ ns = axutil_qname_get_uri(node_qname, env);
+ if(!ns)
+ {
+ AXIS2_LOG_ERROR(env->log, AXIS2_LOG_SI,
+ "[neethi] Cannot get namespace from element %s.", localname);
+ return NULL;
+ }
+ if(!(axutil_strcmp(ns, RP_SP_NS_11) && axutil_strcmp(ns, RP_SP_NS_12)))
+ {
+ axis2_char_t *issuer = NULL;
+ issuer = axiom_element_get_text(child_element, env, child_node);
+ rp_security_context_token_set_issuer(security_context_token, env,
+ issuer);
+ }
+ else
+ {
+ AXIS2_LOG_ERROR(env->log, AXIS2_LOG_SI,
+ "[neethi] Unknown Assertion %s with namespace %s", localname,
+ ns);
+ return NULL;
+ }
+ }
+ else
+ {
+ policy = neethi_engine_get_policy(env, child_node, child_element);
+ if(!policy)
+ {
+ return NULL;
+ }
+ normalized_policy = neethi_engine_get_normalize(env, AXIS2_FALSE,
+ policy);
+ neethi_policy_free(policy, env);
+ policy = NULL;
+ alternatives = neethi_policy_get_alternatives(normalized_policy, env);
+ component = (neethi_operator_t *)axutil_array_list_get(alternatives,
+ env, 0);
+ all = (neethi_all_t *)neethi_operator_get_value(component, env);
+ security_context_token_process_alternatives(env, all,
+ security_context_token);
+
+ assertion = neethi_assertion_create_with_args(env,
+ (AXIS2_FREE_VOID_ARG)rp_security_context_token_free,
+ security_context_token, ASSERTION_TYPE_SECURITY_CONTEXT_TOKEN);
+
+ neethi_policy_free(normalized_policy, env);
+ normalized_policy = NULL;
+ }
+ }
+ }
+ }
+ }
+ }
+ return assertion;
+}
+
+axis2_status_t AXIS2_CALL
+security_context_token_process_alternatives(
+ const axutil_env_t *env,
+ neethi_all_t *all,
+ rp_security_context_token_t * security_context_token)
+{
+ neethi_operator_t *operator = NULL;
+ axutil_array_list_t *arraylist = NULL;
+ neethi_assertion_t *assertion = NULL;
+ neethi_assertion_type_t type;
+
+ int i = 0;
+
+ arraylist = neethi_all_get_policy_components(all, env);
+
+ for(i = 0; i < axutil_array_list_size(arraylist, env); i++)
+ {
+ operator = (neethi_operator_t *)axutil_array_list_get(arraylist, env, i);
+ assertion = (neethi_assertion_t *)neethi_operator_get_value(operator, env);
+ type = neethi_assertion_get_type(assertion, env);
+
+ if(type == ASSERTION_TYPE_REQUIRE_DERIVED_KEYS_SC10)
+ {
+ rp_security_context_token_set_derivedkey(security_context_token, env, DERIVEKEY_NEEDED);
+ rp_security_context_token_set_derivedkey_version(security_context_token, env,
+ DERIVEKEY_VERSION_SC10);
+ }
+ else if(type == ASSERTION_TYPE_REQUIRE_DERIVED_KEYS_SC13)
+ {
+ rp_security_context_token_set_derivedkey(security_context_token, env, DERIVEKEY_NEEDED);
+ rp_security_context_token_set_derivedkey_version(security_context_token, env,
+ DERIVEKEY_VERSION_SC13);
+ }
+ else if(type == ASSERTION_TYPE_REQUIRE_EXTERNAL_URI)
+ {
+ rp_security_context_token_set_require_external_uri_ref(security_context_token, env,
+ AXIS2_TRUE);
+ }
+ else if(type == ASSERTION_TYPE_SC10_SECURITY_CONTEXT_TOKEN)
+ {
+ rp_security_context_token_set_sc10_security_context_token(security_context_token, env,
+ AXIS2_TRUE);
+ }
+ else if(type == ASSERTION_TYPE_SC13_SECURITY_CONTEXT_TOKEN)
+ {
+ rp_security_context_token_set_sc10_security_context_token(security_context_token, env,
+ AXIS2_FALSE);
+ }
+ else if(type == ASSERTION_TYPE_ISSUER)
+ {
+ axis2_char_t *issuer = NULL;
+ issuer = (axis2_char_t *)neethi_assertion_get_value(assertion, env);
+ rp_security_context_token_set_issuer(security_context_token, env, issuer);
+ }
+ else if(type == ASSERTION_TYPE_BOOTSTRAP_POLICY)
+ {
+ neethi_policy_t *bootstrap_policy = NULL;
+ bootstrap_policy = (neethi_policy_t *)neethi_assertion_get_value(assertion, env);
+ rp_security_context_token_set_bootstrap_policy(security_context_token, env,
+ bootstrap_policy);
+ }
+ else
+ return AXIS2_FAILURE;
+ }
+ return AXIS2_SUCCESS;
+}
© 2009-2020 sukimashita.com - Generated by cgit - Icons from Tango - Uses Google Analytics