View Javadoc

1   /*
2    * The MIT License
3    *
4    * Original work sponsored and donated by National Board of e-Health (NSI), Denmark (http://www.nsi.dk)
5    *
6    * Copyright (C) 2011 National Board of e-Health (NSI), Denmark (http://www.nsi.dk)
7    *
8    * Permission is hereby granted, free of charge, to any person obtaining a copy of
9    * this software and associated documentation files (the "Software"), to deal in
10   * the Software without restriction, including without limitation the rights to
11   * use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies
12   * of the Software, and to permit persons to whom the Software is furnished to do
13   * so, subject to the following conditions:
14   *
15   * The above copyright notice and this permission notice shall be included in all
16   * copies or substantial portions of the Software.
17   *
18   * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
19   * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
20   * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
21   * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
22   * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
23   * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
24   * SOFTWARE.
25   *
26   * $HeadURL: https://svn.softwareborsen.dk/sosi/trunk/modules/seal/src/main/java/dk/sosi/seal/modelbuilders/SecurityTokenResponseModelBuilder.java $
27   * $Id: SecurityTokenResponseModelBuilder.java 8697 2011-09-02 10:33:55Z chg@lakeside.dk $
28   */
29  package dk.sosi.seal.modelbuilders;
30  
31  import dk.sosi.seal.SOSIFactory;
32  import dk.sosi.seal.model.SecurityTokenResponse;
33  import dk.sosi.seal.model.SignatureUtil;
34  import dk.sosi.seal.model.constants.DGWSConstants;
35  import dk.sosi.seal.model.constants.DSTags;
36  import dk.sosi.seal.model.constants.NameSpaces;
37  import dk.sosi.seal.model.constants.SOAPTags;
38  import dk.sosi.seal.xml.XmlUtil;
39  import org.w3c.dom.Document;
40  import org.w3c.dom.Element;
41  
42  import java.text.ParseException;
43  import java.util.Date;
44  
45  /**
46   * Build the Model assuming compliance with SOSI SecurityTokenResponse format
47   *
48   * @author Peter Buus
49   * @author $LastChangedBy: chg@lakeside.dk $
50   * @since 1.0
51   */
52  public class SecurityTokenResponseModelBuilder extends MessageModelBuilder {
53  
54  	public SecurityTokenResponseModelBuilder(SOSIFactory fac) {
55  
56  		super(fac);
57  	}
58  
59  	/**
60  	 * Builds a SecurityTokenResponse objects from a DOM document.
61  	 *
62  	 * @param doc
63  	 *            The DOM document used for the Reply.
64  	 */
65  	public SecurityTokenResponse buildModel(Document doc) throws ModelBuildException {
66  
67  		ModelPrefixResolver modelPrefixResolver = new ModelPrefixResolver();
68  
69  		// Get soap:Header
70  
71  		Element elmSoapHeader = XmlUtil.selectSingleElement(doc, "//" + NameSpaces.NS_SOAP + ":Envelope/" + NameSpaces.NS_SOAP + ":Header", modelPrefixResolver);
72  
73  		// Get creation date
74  		Element elmCreated = XmlUtil.selectSingleElement(elmSoapHeader, "wsse:Security/wsu:Timestamp/wsu:Created", modelPrefixResolver);
75  
76  		String xmlTimestamp = XmlUtil.getTextNodeValue(elmCreated);
77  		Date created;
78  		try {
79  			created = XmlUtil.fromXMLTimeStamp(xmlTimestamp);
80  		} catch (ParseException e) {
81  			throw new ModelBuildException("Unable to parse timestamp from <wsu:Created>", e);
82  		}
83  
84  		String dgwsVersion = XmlUtil.isZuluTimeFormat(xmlTimestamp) ? DGWSConstants.VERSION_1_0_1 : DGWSConstants.VERSION_1_0;
85  
86  		String inResponseToMessageID = ((Element) doc.getElementsByTagNameNS(NameSpaces.WSSE_SCHEMA, "Security").item(0)).getAttribute("id");
87  
88  		Element elmFaultCode, elmFaultString, elmFaultActor;
89  		SecurityTokenResponse securityTokenResponse;
90  
91  		// This could be a fault. Check for soap:Fault in the body.
92  		Element fault = XmlUtil.selectSingleElement(doc, "//" + SOAPTags.BODY_PREFIXED + '/' + SOAPTags.FAULT_PREFIXED, modelPrefixResolver);
93  		if (fault != null) {
94  
95  			elmFaultCode = XmlUtil.selectSingleElement(fault, SOAPTags.FAULTCODE, modelPrefixResolver);
96  			elmFaultString = XmlUtil.selectSingleElement(fault, SOAPTags.FAULTSTRING, modelPrefixResolver);
97  			elmFaultActor = XmlUtil.selectSingleElement(fault, SOAPTags.FAULTACTOR, modelPrefixResolver);
98  
99  			if (elmFaultCode == null)
100 				throw new ModelBuildException("No " + SOAPTags.FAULTCODE + " in " + SOAPTags.FAULT_PREFIXED);
101 
102 			if (elmFaultString == null)
103 				throw new ModelBuildException("No " + SOAPTags.FAULTSTRING + " in " + SOAPTags.FAULT_PREFIXED);
104 
105 			if (elmFaultActor == null)
106 				throw new ModelBuildException("No " + SOAPTags.FAULTACTOR + " in " + SOAPTags.FAULT_PREFIXED);
107 
108 			securityTokenResponse = factory.createNewSecurityTokenErrorResponse(dgwsVersion, inResponseToMessageID, XmlUtil.getTextNodeValue(elmFaultCode),
109 					XmlUtil.getTextNodeValue(elmFaultString), XmlUtil.getTextNodeValue(elmFaultActor));
110 		} else {
111 			securityTokenResponse = factory.createNewSecurityTokenResponse(dgwsVersion, inResponseToMessageID);
112 		}
113 
114 		securityTokenResponse.setCreationDate(created);
115 
116 		// Message parameters
117 		super.buildModel(securityTokenResponse, doc);
118 
119 		// Validate Signature
120 		SignatureUtil.validateAllSignatures(securityTokenResponse, doc.getElementsByTagNameNS(NameSpaces.DSIG_SCHEMA, DSTags.SIGNATURE), factory
121 				.getFederation(), factory.getCredentialVault(), true);
122 
123 		return securityTokenResponse;
124 	}
125 }