View Javadoc

1   /*
2    *  soapUI, copyright (C) 2004-2010 eviware.com 
3    *
4    *  soapUI is free software; you can redistribute it and/or modify it under the 
5    *  terms of version 2.1 of the GNU Lesser General Public License as published by 
6    *  the Free Software Foundation.
7    *
8    *  soapUI is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without 
9    *  even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. 
10   *  See the GNU Lesser General Public License for more details at gnu.org.
11   */
12  
13  package com.eviware.soapui.impl.wsdl.support.wss;
14  
15  import java.io.IOException;
16  import java.util.Vector;
17  
18  import javax.security.auth.callback.Callback;
19  import javax.security.auth.callback.CallbackHandler;
20  import javax.security.auth.callback.UnsupportedCallbackException;
21  
22  import org.apache.commons.codec.binary.Base64;
23  import org.apache.ws.security.WSPasswordCallback;
24  import org.apache.ws.security.WSSecurityEngine;
25  import org.apache.ws.security.WSSecurityException;
26  import org.apache.ws.security.components.crypto.Crypto;
27  import org.apache.ws.security.util.WSSecurityUtil;
28  import org.w3c.dom.Document;
29  import org.w3c.dom.Element;
30  
31  import com.eviware.soapui.SoapUI;
32  import com.eviware.soapui.config.IncomingWssConfig;
33  import com.eviware.soapui.model.propertyexpansion.PropertyExpansionContext;
34  import com.eviware.soapui.support.StringUtils;
35  import com.eviware.soapui.support.UISupport;
36  import com.eviware.soapui.support.resolver.ResolveContext;
37  
38  public class IncomingWss
39  {
40  	private IncomingWssConfig wssConfig;
41  	private final WssContainer container;
42  
43  	public IncomingWss( IncomingWssConfig wssConfig, WssContainer container )
44  	{
45  		this.wssConfig = wssConfig;
46  		this.container = container;
47  	}
48  
49  	public WssContainer getWssContainer()
50  	{
51  		return container;
52  	}
53  
54  	public String getDecryptCrypto()
55  	{
56  		return wssConfig.getDecryptCrypto();
57  	}
58  
59  	public String getDecryptPassword()
60  	{
61  		return wssConfig.getDecryptPassword();
62  	}
63  
64  	public String getName()
65  	{
66  		return wssConfig.getName();
67  	}
68  
69  	public String getSignatureCrypto()
70  	{
71  		return wssConfig.getSignatureCrypto();
72  	}
73  
74  	public void setDecryptCrypto( String arg0 )
75  	{
76  		wssConfig.setDecryptCrypto( arg0 );
77  	}
78  
79  	public void setDecryptPassword( String arg0 )
80  	{
81  		wssConfig.setDecryptPassword( arg0 );
82  	}
83  
84  	public void setName( String arg0 )
85  	{
86  		wssConfig.setName( arg0 );
87  	}
88  
89  	public void setSignatureCrypto( String arg0 )
90  	{
91  		wssConfig.setSignatureCrypto( arg0 );
92  	}
93  
94  	@SuppressWarnings( "unchecked" )
95  	public Vector<Object> processIncoming( Document soapDocument, PropertyExpansionContext context )
96  			throws WSSecurityException
97  	{
98  		Element header = WSSecurityUtil.findWsseSecurityHeaderBlock( soapDocument, soapDocument.getDocumentElement(),
99  				false );
100 		if( header == null )
101 			return null;
102 
103 		try
104 		{
105 			WSSecurityEngine wssecurityEngine = WSSecurityEngine.getInstance();
106 			WssCrypto signatureCrypto = getWssContainer().getCryptoByName( getSignatureCrypto() );
107 			WssCrypto decryptCrypto = getWssContainer().getCryptoByName( getDecryptCrypto() );
108 			Crypto sig = signatureCrypto == null ? null : signatureCrypto.getCrypto();
109 			Crypto dec = decryptCrypto == null ? null : decryptCrypto.getCrypto();
110 
111 			if( sig == null && dec == null )
112 				throw new WSSecurityException( "Missing cryptos" );
113 
114 			if( sig == null )
115 				sig = dec;
116 			else if( dec == null )
117 				dec = sig;
118 
119 			return wssecurityEngine.processSecurityHeader( soapDocument, ( String )null, new WSSCallbackHandler( dec ),
120 					sig, dec );
121 		}
122 		catch( WSSecurityException e )
123 		{
124 			SoapUI.logError( e );
125 			throw e;
126 		}
127 	}
128 
129 	public class WSSCallbackHandler implements CallbackHandler
130 	{
131 		private final Crypto dec;
132 
133 		public WSSCallbackHandler( Crypto dec )
134 		{
135 			this.dec = dec;
136 		}
137 
138 		public void handle( Callback[] callbacks ) throws IOException, UnsupportedCallbackException
139 		{
140 			for( Callback callback : callbacks )
141 			{
142 				if( callback instanceof WSPasswordCallback )
143 				{
144 					WSPasswordCallback cb = ( WSPasswordCallback )callback;
145 					if( StringUtils.hasContent( getDecryptPassword() ) )
146 						cb.setPassword( getDecryptPassword() );
147 					else
148 						cb.setPassword( UISupport.prompt( "Password required for WSS processing", "Specify Password", "" ) );
149 
150 					if( cb.getUsage() == WSPasswordCallback.ENCRYPTED_KEY_TOKEN )
151 					{
152 						byte[] str = Base64.decodeBase64( cb.getIdentifier().getBytes() );
153 					}
154 				}
155 			}
156 		}
157 	}
158 
159 	public void updateConfig( IncomingWssConfig config )
160 	{
161 		this.wssConfig = config;
162 	}
163 
164 	public void resolve( ResolveContext<?> context )
165 	{
166 	}
167 }