private static String getMessageProperty(Message m, String keyStoreLocPropPreferred, String keyStoreLocPropDefault) { String propLoc = (String)MessageUtils.getContextualProperty(m, keyStoreLocPropPreferred, keyStoreLocPropDefault); if (propLoc == null) { LOG.warning("Properties resource is not identified"); throw new JoseException(); } return propLoc; } private static PrivateKey loadPrivateKey(KeyStore keyStore,
private static String getMessageProperty(Message m, String keyStoreLocPropPreferred, String keyStoreLocPropDefault) { String propLoc = (String)MessageUtils.getContextualProperty(m, keyStoreLocPropPreferred, keyStoreLocPropDefault); if (propLoc == null) { LOG.warning("Properties resource is not identified"); throw new JoseException(); } return propLoc; } private static PrivateKey loadPrivateKey(KeyStore keyStore,
protected List<String> getPropertyLocations() { Message m = JAXRSUtils.getCurrentMessage(); Object propLocsProp = MessageUtils.getContextualProperty(m, JoseConstants.RSSEC_ENCRYPTION_OUT_PROPS, JoseConstants.RSSEC_ENCRYPTION_PROPS); if (propLocsProp == null) { if (encProviders == null) { LOG.warning("JWE JSON init properties resource is not identified"); throw new JweException(JweException.Error.NO_INIT_PROPERTIES); } return Collections.emptyList(); } List<String> propLocs = null; if (propLocsProp instanceof String) { String[] props = ((String)propLocsProp).split(","); propLocs = Arrays.asList(props); } else { propLocs = CastUtils.cast((List<?>)propLocsProp); } return propLocs; }
public static SamlAssertionWrapper createAssertion(Message message) throws Fault { try { // Check if the token is already available in the current context; // For example, STS Client can set it up. Element samlToken = (Element)MessageUtils.getContextualProperty(message, SAMLConstants.WS_SAML_TOKEN_ELEMENT, SAMLConstants.SAML_TOKEN_ELEMENT); if (samlToken != null) { return new SamlAssertionWrapper(samlToken); } // Finally try to get a self-signed assertion CallbackHandler handler = RSSecurityUtils.getCallbackHandler( message, SAMLUtils.class, SecurityConstants.SAML_CALLBACK_HANDLER); return createAssertion(message, handler); } catch (Exception ex) { StringWriter sw = new StringWriter(); ex.printStackTrace(new PrintWriter(sw)); LOG.warning(sw.toString()); throw new Fault(new RuntimeException(ex.getMessage() + ", stacktrace: " + sw.toString())); } }
protected List<String> getPropertyLocations() { Message m = JAXRSUtils.getCurrentMessage(); Object propLocsProp = MessageUtils.getContextualProperty(m, JoseConstants.RSSEC_SIGNATURE_OUT_PROPS, JoseConstants.RSSEC_SIGNATURE_PROPS); if (propLocsProp == null) { if (sigProviders == null) { LOG.warning("JWS JSON init properties resource is not identified"); throw new JwsException(JwsException.Error.NO_INIT_PROPERTIES); } return Collections.emptyList(); } List<String> propLocs = null; if (propLocsProp instanceof String) { String[] props = ((String)propLocsProp).split(","); propLocs = Arrays.asList(props); } else { propLocs = CastUtils.cast((List<?>)propLocsProp); } return propLocs; }
public static SamlAssertionWrapper createAssertion(Message message) throws Fault { try { // Check if the token is already available in the current context; // For example, STS Client can set it up. Element samlToken = (Element)MessageUtils.getContextualProperty(message, SAMLConstants.WS_SAML_TOKEN_ELEMENT, SAMLConstants.SAML_TOKEN_ELEMENT); if (samlToken != null) { return new SamlAssertionWrapper(samlToken); } // Finally try to get a self-signed assertion CallbackHandler handler = RSSecurityUtils.getCallbackHandler( message, SAMLUtils.class, SecurityConstants.SAML_CALLBACK_HANDLER); return createAssertion(message, handler); } catch (Exception ex) { StringWriter sw = new StringWriter(); ex.printStackTrace(new PrintWriter(sw)); LOG.warning(sw.toString()); throw new Fault(new RuntimeException(ex.getMessage() + ", stacktrace: " + sw.toString())); } }
public static String getKeyId(Message m, Properties props, String preferredPropertyName, KeyOperation keyOper) { String kid = null; String altPropertyName = null; if (keyOper != null && m != null) { if (keyOper == KeyOperation.ENCRYPT || keyOper == KeyOperation.DECRYPT) { altPropertyName = preferredPropertyName + ".jwe"; } else if (keyOper == KeyOperation.SIGN || keyOper == KeyOperation.VERIFY) { altPropertyName = preferredPropertyName + ".jws"; } String direction = m.getExchange().getOutMessage() == m ? ".out" : ".in"; kid = (String)MessageUtils.getContextualProperty(m, preferredPropertyName, altPropertyName + direction); // Check whether the direction is not set for the altPropertyName if (kid == null && altPropertyName != null) { kid = (String)m.getContextualProperty(altPropertyName); } } if (kid == null) { kid = props.getProperty(preferredPropertyName); } if (kid == null && altPropertyName != null) { kid = props.getProperty(altPropertyName); } return kid; } public static PrivateKeyPasswordProvider loadPasswordProvider(Message m, Properties props, KeyOperation keyOper) {
public static String getKeyId(Message m, Properties props, String preferredPropertyName, KeyOperation keyOper) { String kid = null; String altPropertyName = null; if (keyOper != null && m != null) { if (keyOper == KeyOperation.ENCRYPT || keyOper == KeyOperation.DECRYPT) { altPropertyName = preferredPropertyName + ".jwe"; } else if (keyOper == KeyOperation.SIGN || keyOper == KeyOperation.VERIFY) { altPropertyName = preferredPropertyName + ".jws"; } String direction = m.getExchange().getOutMessage() == m ? ".out" : ".in"; kid = (String)MessageUtils.getContextualProperty(m, preferredPropertyName, altPropertyName + direction); // Check whether the direction is not set for the altPropertyName if (kid == null && altPropertyName != null) { kid = (String)m.getContextualProperty(altPropertyName); } } if (kid == null) { kid = props.getProperty(preferredPropertyName); } if (kid == null && altPropertyName != null) { kid = props.getProperty(altPropertyName); } return kid; } public static PrivateKeyPasswordProvider loadPasswordProvider(Message m, Properties props, KeyOperation keyOper) {
protected JwsSignatureProvider getInitializedSigProvider() { if (sigProvider != null) { return sigProvider; } Message m = JAXRSUtils.getCurrentMessage(); String propLoc = (String)MessageUtils.getContextualProperty(m, RSSEC_SIGNATURE_OUT_PROPS, RSSEC_SIGNATURE_PROPS); if (propLoc == null) { throw new SecurityException(); } try { Properties props = ResourceUtils.loadProperties(propLoc, m.getExchange().getBus()); PrivateKey pk = CryptoUtils.loadPrivateKey(m, props, CryptoUtils.RSSEC_SIG_KEY_PSWD_PROVIDER); PrivateKeyJwsSignatureProvider provider = new PrivateKeyJwsSignatureProvider(pk); provider.setDefaultJwtAlgorithm(props.getProperty(JSON_WEB_SIGNATURE_ALGO_PROP)); return provider; } catch (SecurityException ex) { throw ex; } catch (Exception ex) { throw new SecurityException(ex); } }
(String)MessageUtils.getContextualProperty(m, storeProp1, storeProp2); if (propLoc != null) { try {
(String)MessageUtils.getContextualProperty(m, storeProp1, storeProp2); if (propLoc != null) { try {
protected JweEncryptionProvider getInitializedEncryptionProvider() { if (encryptionProvider != null) { return encryptionProvider; } Message m = JAXRSUtils.getCurrentMessage(); String propLoc = (String)MessageUtils.getContextualProperty(m, JSON_ENCRYPTION_OUT_PROPS, JSON_ENCRYPTION_PROPS); if (propLoc == null) { throw new SecurityException(); } Bus bus = m.getExchange().getBus(); try { Properties props = ResourceUtils.loadProperties(propLoc, bus); PublicKey pk = CryptoUtils.loadPublicKey(m, props); JweHeaders headers = new JweHeaders(Algorithm.RSA_OAEP.getJwtName(), props.getProperty(JSON_WEB_ENCRYPTION_CEK_ALGO_PROP)); String compression = props.getProperty(JSON_WEB_ENCRYPTION_ZIP_ALGO_PROP); if (compression != null) { headers.setZipAlgorithm(compression); } return new WrappedKeyJweEncryption(headers, pk); } catch (SecurityException ex) { throw ex; } catch (Exception ex) { throw new SecurityException(ex); } }