1
2
3
4
5
6
7
8
9
10
11
12
13 package com.eviware.soapui.impl.wsdl.support.wss;
14
15 import java.io.IOException;
16 import java.util.Vector;
17
18 import javax.security.auth.callback.Callback;
19 import javax.security.auth.callback.CallbackHandler;
20 import javax.security.auth.callback.UnsupportedCallbackException;
21
22 import org.apache.commons.codec.binary.Base64;
23 import org.apache.ws.security.WSPasswordCallback;
24 import org.apache.ws.security.WSSecurityEngine;
25 import org.apache.ws.security.WSSecurityException;
26 import org.apache.ws.security.components.crypto.Crypto;
27 import org.apache.ws.security.util.WSSecurityUtil;
28 import org.w3c.dom.Document;
29 import org.w3c.dom.Element;
30
31 import com.eviware.soapui.SoapUI;
32 import com.eviware.soapui.config.IncomingWssConfig;
33 import com.eviware.soapui.model.propertyexpansion.PropertyExpansionContext;
34 import com.eviware.soapui.support.StringUtils;
35 import com.eviware.soapui.support.UISupport;
36 import com.eviware.soapui.support.resolver.ResolveContext;
37
38 public class IncomingWss
39 {
40 private IncomingWssConfig wssConfig;
41 private final WssContainer container;
42
43 public IncomingWss( IncomingWssConfig wssConfig, WssContainer container )
44 {
45 this.wssConfig = wssConfig;
46 this.container = container;
47 }
48
49 public WssContainer getWssContainer()
50 {
51 return container;
52 }
53
54 public String getDecryptCrypto()
55 {
56 return wssConfig.getDecryptCrypto();
57 }
58
59 public String getDecryptPassword()
60 {
61 return wssConfig.getDecryptPassword();
62 }
63
64 public String getName()
65 {
66 return wssConfig.getName();
67 }
68
69 public String getSignatureCrypto()
70 {
71 return wssConfig.getSignatureCrypto();
72 }
73
74 public void setDecryptCrypto( String arg0 )
75 {
76 wssConfig.setDecryptCrypto( arg0 );
77 }
78
79 public void setDecryptPassword( String arg0 )
80 {
81 wssConfig.setDecryptPassword( arg0 );
82 }
83
84 public void setName( String arg0 )
85 {
86 wssConfig.setName( arg0 );
87 }
88
89 public void setSignatureCrypto( String arg0 )
90 {
91 wssConfig.setSignatureCrypto( arg0 );
92 }
93
94 @SuppressWarnings( "unchecked" )
95 public Vector<Object> processIncoming( Document soapDocument, PropertyExpansionContext context )
96 throws WSSecurityException
97 {
98 Element header = WSSecurityUtil.findWsseSecurityHeaderBlock( soapDocument, soapDocument.getDocumentElement(),
99 false );
100 if( header == null )
101 return null;
102
103 try
104 {
105 WSSecurityEngine wssecurityEngine = WSSecurityEngine.getInstance();
106 WssCrypto signatureCrypto = getWssContainer().getCryptoByName( getSignatureCrypto() );
107 WssCrypto decryptCrypto = getWssContainer().getCryptoByName( getDecryptCrypto() );
108 Crypto sig = signatureCrypto == null ? null : signatureCrypto.getCrypto();
109 Crypto dec = decryptCrypto == null ? null : decryptCrypto.getCrypto();
110
111 if( sig == null && dec == null )
112 throw new WSSecurityException( "Missing cryptos" );
113
114 if( sig == null )
115 sig = dec;
116 else if( dec == null )
117 dec = sig;
118
119 return wssecurityEngine.processSecurityHeader( soapDocument, ( String )null, new WSSCallbackHandler( dec ),
120 sig, dec );
121 }
122 catch( WSSecurityException e )
123 {
124 SoapUI.logError( e );
125 throw e;
126 }
127 }
128
129 public class WSSCallbackHandler implements CallbackHandler
130 {
131 private final Crypto dec;
132
133 public WSSCallbackHandler( Crypto dec )
134 {
135 this.dec = dec;
136 }
137
138 public void handle( Callback[] callbacks ) throws IOException, UnsupportedCallbackException
139 {
140 for( Callback callback : callbacks )
141 {
142 if( callback instanceof WSPasswordCallback )
143 {
144 WSPasswordCallback cb = ( WSPasswordCallback )callback;
145 if( StringUtils.hasContent( getDecryptPassword() ) )
146 cb.setPassword( getDecryptPassword() );
147 else
148 cb.setPassword( UISupport.prompt( "Password required for WSS processing", "Specify Password", "" ) );
149
150 if( cb.getUsage() == WSPasswordCallback.ENCRYPTED_KEY_TOKEN )
151 {
152 byte[] str = Base64.decodeBase64( cb.getIdentifier().getBytes() );
153 }
154 }
155 }
156 }
157 }
158
159 public void updateConfig( IncomingWssConfig config )
160 {
161 this.wssConfig = config;
162 }
163
164 public void resolve( ResolveContext<?> context )
165 {
166 }
167 }