Examples of com.sun.xml.ws.security.secext10.SecurityTokenReferenceType

• org.apache.wss4j.binding.wss10.SecurityTokenReferenceType
  3.org/2001/XMLSchema}anyType"> <choice maxOccurs="unbounded" minOccurs="0"> <any/> </choice> <attribute ref="{http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd}Usage"/> <attribute ref="{http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd}Id"/> </restriction> </complexContent> </complexType>

            StAXEXC14nCanonicalizerImpl _canonicalizer  = null;
            if(algSpec != null || content.size() >0){
                Object ob = content.get(0);
                if(ob instanceof JAXBElement){
                    JAXBElement el = (JAXBElement)ob;
                    TransformationParametersType tp = (TransformationParametersType) el.getValue();
                    CanonicalizationMethod cm = (CanonicalizationMethod) tp.getAny().get(0);
                    String algo = cm.getAlgorithm();
                    if(javax.xml.crypto.dsig.CanonicalizationMethod.EXCLUSIVE.equals(algo)){
                        _canonicalizer = new StAXEXC14nCanonicalizerImpl();
                        if (!logger.isLoggable(Level.FINEST)){
                            _canonicalizer.setStream(outputStream);

     * @return XMLStructure
     * @throws com.sun.xml.wss.XWSSecurityException
     */
    private XMLStructure readSTRTransform(XMLStreamReader reader)throws XWSSecurityException{
        try{
            TransformationParametersType tp =
                    new com.sun.xml.ws.security.secext10.ObjectFactory().createTransformationParametersType();
            com.sun.xml.ws.security.opt.crypto.dsig.CanonicalizationMethod cm =
                    new com.sun.xml.ws.security.opt.crypto.dsig.CanonicalizationMethod();
            tp.getAny().add(cm);
            JAXBElement<TransformationParametersType> tpElement =
                    new com.sun.xml.ws.security.secext10.ObjectFactory().createTransformationParameters(tp);
            XMLStructure transformSpec = new JAXBStructure(tpElement);
            reader.next();
            if(StreamUtil.isStartElement(reader) && (reader.getLocalName() == MessageConstants.CANONICALIZATION_METHOD)){

                        logger.log(Level.FINEST, "CanonicalizationMethod is " + algo);
                    }
                    //CanonicalizationMethod cm = null;
                    C14NMethodParameterSpec spec = null;
                    try{
                        TransformationParametersType tp =
                                new com.sun.xml.ws.security.secext10.ObjectFactory().createTransformationParametersType();
                        com.sun.xml.ws.security.opt.crypto.dsig.CanonicalizationMethod cm =
                                new com.sun.xml.ws.security.opt.crypto.dsig.CanonicalizationMethod();
                        cm.setAlgorithm(algo);
                        tp.getAny().add(cm);
                        JAXBElement<TransformationParametersType> tpElement =
                                new com.sun.xml.ws.security.secext10.ObjectFactory().createTransformationParameters(tp);
                        XMLStructure transformSpec = new JAXBStructure(tpElement);
                        transform = signatureFactory.newTransform(transformAlgo,transformSpec);
                        if(SignatureTarget.TARGET_TYPE_VALUE_URI.equals(signatureTarget.getType())){

        } else if (WSSecurityTokenConstants.KeyUsage_Decryption.equals(keyInfoUsage)) {
            crypto = ((WSSSecurityProperties) securityProperties).getDecryptionCrypto();
        }

        if (keyInfoType != null) {
            final SecurityTokenReferenceType securityTokenReferenceType
                    = XMLSecurityUtils.getQNameType(keyInfoType.getContent(), WSSConstants.TAG_wsse_SecurityTokenReference);
            if (securityTokenReferenceType != null) {
                return getSecurityToken(securityTokenReferenceType, crypto, ((WSSSecurityProperties)securityProperties).getCallbackHandler(), inboundSecurityContext,
                                        ((WSSSecurityProperties)securityProperties));
            }

    @Override
    public void handle(final InputProcessorChain inputProcessorChain, final XMLSecurityProperties securityProperties,
                       Deque<XMLSecEvent> eventQueue, Integer index) throws XMLSecurityException {

        @SuppressWarnings("unchecked")
        final SecurityTokenReferenceType securityTokenReferenceType =
                ((JAXBElement<SecurityTokenReferenceType>) parseStructure(eventQueue, index, securityProperties)).getValue();

        QName attributeName = null;
        String attributeValue = null;

        final KeyIdentifierType keyIdentifierType = XMLSecurityUtils.getQNameType(
                securityTokenReferenceType.getAny(), WSSConstants.TAG_wsse_KeyIdentifier);
        if (keyIdentifierType != null) {
            attributeValue = keyIdentifierType.getValue().trim();
            if (WSSConstants.NS_SAML10_TYPE.equals(keyIdentifierType.getValueType())) {
                attributeName = WSSConstants.ATT_NULL_AssertionID;
            } else if (WSSConstants.NS_SAML20_TYPE.equals(keyIdentifierType.getValueType())) {
                attributeName = WSSConstants.ATT_NULL_ID;
            }
        }
        final ReferenceType referenceType = XMLSecurityUtils.getQNameType(
                securityTokenReferenceType.getAny(), WSSConstants.TAG_wsse_Reference);
        if (referenceType != null) {
            attributeValue = WSSUtils.dropReferenceMarker(referenceType.getURI());
            if (WSSConstants.NS_SAML10_TYPE.equals(referenceType.getValueType())) {
                attributeName = WSSConstants.ATT_NULL_AssertionID;
            } else if (WSSConstants.NS_SAML20_TYPE.equals(referenceType.getValueType())) {
                attributeName = WSSConstants.ATT_NULL_ID;
            }
        }

        if (attributeName != null) {
            InternalSecurityTokenReferenceInputProcessor internalSecurityTokenReferenceInputHandler
                    = new InternalSecurityTokenReferenceInputProcessor(
                    securityTokenReferenceType.getId(), attributeName,
                    attributeValue, (WSSSecurityProperties) securityProperties);
            inputProcessorChain.addProcessor(internalSecurityTokenReferenceInputHandler);
        } else {
            throw new WSSecurityException(WSSecurityException.ErrorCode.UNSUPPORTED_SECURITY_TOKEN);
        }

                                    BSPRule bspRule) throws WSSecurityException {
        if (keyInfoType != null) {
            if (keyInfoType.getContent().size() != 1) {
                securityContext.handleBSPRule(BSPRule.R5424);
            }
            SecurityTokenReferenceType securityTokenReferenceType = XMLSecurityUtils.getQNameType(keyInfoType.getContent(),
                    WSSConstants.TAG_wsse_SecurityTokenReference);
            if (securityTokenReferenceType == null) {
                securityContext.handleBSPRule(BSPRule.R5426);
            }
        }

            KeyInfoType keyInfoType = null;
            if (object instanceof X509DataType) {
                JAXBElement<X509DataType> x509DataTypeJAXBElement =
                        new org.apache.xml.security.binding.xmldsig.ObjectFactory().createX509Data((X509DataType) object);
                keyInfoType = new KeyInfoType();
                SecurityTokenReferenceType securityTokenReferenceType = new SecurityTokenReferenceType();
                securityTokenReferenceType.getAny().add(x509DataTypeJAXBElement);
                JAXBElement<SecurityTokenReferenceType> securityTokenReferenceTypeJAXBElement =
                        new ObjectFactory().createSecurityTokenReference(securityTokenReferenceType);
                keyInfoType.getContent().add(securityTokenReferenceTypeJAXBElement);
            } else if (object instanceof EncryptedKeyType) {
                EncryptedKeyType encryptedKeyType = (EncryptedKeyType) object;

        List<Object> keyInfoContent = signatureType.getKeyInfo().getContent();
        if (keyInfoContent.size() != 1) {
            securityContext.handleBSPRule(BSPRule.R5402);
        }

        SecurityTokenReferenceType securityTokenReferenceType = XMLSecurityUtils.getQNameType(keyInfoContent,
                WSSConstants.TAG_wsse_SecurityTokenReference);
        if (securityTokenReferenceType == null) {
            securityContext.handleBSPRule(BSPRule.R5417);
        }

    @Override
    protected void handleReferenceList(final InputProcessorChain inputProcessorChain,
            final EncryptedKeyType encryptedKeyType,
            final XMLSecurityProperties securityProperties) throws XMLSecurityException {
        KeyInfoType keyInfoType = new KeyInfoType();
        SecurityTokenReferenceType securityTokenReferenceType = new SecurityTokenReferenceType();
        ReferenceType referenceType = new ReferenceType();
        referenceType.setURI("#" + encryptedKeyType.getId());
        ObjectFactory objectFactory = new ObjectFactory();
        securityTokenReferenceType.getAny().add(objectFactory.createReference(referenceType));
        keyInfoType.getContent().add(objectFactory.createSecurityTokenReference(securityTokenReferenceType));
        inputProcessorChain.addProcessor(
                new DecryptInputProcessor(keyInfoType, encryptedKeyType.getReferenceList(),
                        (WSSSecurityProperties) securityProperties,
                        (WSInboundSecurityContext) inputProcessorChain.getSecurityContext())

                                    BSPRule bspRule) throws WSSecurityException {
        if (keyInfoType != null) {
            if (keyInfoType.getContent().size() != 1) {
                securityContext.handleBSPRule(BSPRule.R5424);
            }
            SecurityTokenReferenceType securityTokenReferenceType = XMLSecurityUtils.getQNameType(keyInfoType.getContent(),
                    WSSConstants.TAG_wsse_SecurityTokenReference);
            if (securityTokenReferenceType == null) {
                securityContext.handleBSPRule(BSPRule.R5426);
            }
        }