Author: milinda
Date: Wed Nov 14 20:35:52 2007
New Revision: 595202
URL: http://svn.apache.org/viewvc?rev=595202&view=rev
Log:
Adding WS-Trust library implementation.
Added:
webservices/rampart/trunk/c/src/trust/
webservices/rampart/trunk/c/src/trust/Makefile.am
webservices/rampart/trunk/c/src/trust/context.c
webservices/rampart/trunk/c/src/trust/policy_util.c
webservices/rampart/trunk/c/src/trust/sts_client.c
webservices/rampart/trunk/c/src/trust/token.c
webservices/rampart/trunk/c/src/trust/util.c
Modified:
webservices/rampart/trunk/c/src/Makefile.am
Modified: webservices/rampart/trunk/c/src/Makefile.am
URL:
http://svn.apache.org/viewvc/webservices/rampart/trunk/c/src/Makefile.am?rev=595202&r1=595201&r2=595202&view=diff
==============================================================================
--- webservices/rampart/trunk/c/src/Makefile.am (original)
+++ webservices/rampart/trunk/c/src/Makefile.am Wed Nov 14 20:35:52 2007
@@ -1 +1 @@
-SUBDIRS = omxmlsec handlers util core data
+SUBDIRS = omxmlsec handlers util core data trust
Added: webservices/rampart/trunk/c/src/trust/Makefile.am
URL:
http://svn.apache.org/viewvc/webservices/rampart/trunk/c/src/trust/Makefile.am?rev=595202&view=auto
==============================================================================
--- webservices/rampart/trunk/c/src/trust/Makefile.am (added)
+++ webservices/rampart/trunk/c/src/trust/Makefile.am Wed Nov 14 20:35:52 2007
@@ -0,0 +1,16 @@
+lib_LTLIBRARIES = libtrust.la
+
+libtrust_la_SOURCES = context.c \
+ util.c \
+ sts_client.c \
+ policy_util.c \
+ token.c
+
+INCLUDES = -I$(top_builddir)/include \
+ -I ../../../../util/include \
+ -I ../../../../include \
+ -I ../../../../axiom/include \
+ @OPENSSLINC@ \
+ @UTILINC@ \
+ @AXIOMINC@ \
+ @AXIS2INC@
Added: webservices/rampart/trunk/c/src/trust/context.c
URL:
http://svn.apache.org/viewvc/webservices/rampart/trunk/c/src/trust/context.c?rev=595202&view=auto
==============================================================================
--- webservices/rampart/trunk/c/src/trust/context.c (added)
+++ webservices/rampart/trunk/c/src/trust/context.c Wed Nov 14 20:35:52 2007
@@ -0,0 +1,603 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+#include <trust_context.h>
+
+struct trust_context
+{
+ /* in message context of STS */
+ axis2_msg_ctx_t *in_msg_ctx;
+
+ /* Axiom node which holds payload of RST message */
+ axiom_node_t *rst_node;
+
+ /** Request Type
+ * e.g. wsse:ReqIssue/Validate/Renew etc
+ */
+ axis2_char_t *request_type;
+
+ /** Required Token Type
+ * e.g. wsse:X509v3
+ */
+ axis2_char_t *token_type;
+
+ /*optional element specifies the scope for which this security token is
desired */
+ axiom_node_t *applies_to_epr_node;
+
+ axis2_char_t *applies_to_address;
+
+ /** RST Context attribute
+ * This optional URI specifies an identifier/context for this request
+ */
+ axis2_char_t *rst_context_attr;
+
+ /* KeyType element of the RST */
+ axis2_char_t *key_type;
+
+ int key_size;
+
+ axis2_char_t *request_entropy;
+
+ axis2_char_t *response_entropy;
+
+ /*optional element for specific set of requested claims */
+ axiom_node_t *claims_node;
+
+ /**wst:RequestSecurityToken/wst:[EMAIL PROTECTED]
+ *Attribute specifies a URI to indicate the syntax of the claims
+ */
+ axis2_char_t *claims_dialect;
+
+ /* SOAP Namespace */
+ axis2_char_t *soap_namespace;
+
+ /* WS-Trust Namespace */
+ axis2_char_t *wst_namespace;
+
+ /*Addressing NS */
+ axis2_char_t *addressing_namespace;
+};
+
+AXIS2_EXTERN trust_context_t *AXIS2_CALL
+trust_context_create(
+ const axutil_env_t * env,
+ axis2_msg_ctx_t * in_msg_ctx)
+{
+ axiom_soap_envelope_t *soap_env = NULL;
+ axiom_soap_body_t *soap_body = NULL;
+ axiom_namespace_t *soap_ns = NULL;
+ axiom_namespace_t *wst_ns = NULL;
+ axiom_node_t *body_base_node = NULL;
+ axiom_element_t *rst_ele = NULL;
+
+ trust_context_t *trust_context = NULL;
+ trust_context = (trust_context_t *) AXIS2_MALLOC(env->allocator,
sizeof(trust_context_t));
+
+ /* Processing Message Context*/
+ soap_env = axis2_msg_ctx_get_soap_envelope(in_msg_ctx, env);
+ soap_body = axiom_soap_envelope_get_body(soap_env, env);
+ body_base_node = axiom_soap_body_get_base_node(soap_body, env);
+ trust_context->rst_node = axiom_node_get_first_child(body_base_node, env);
+
+ /* rocessing SOAP Namespace */
+ soap_ns = axiom_soap_envelope_get_namespace(soap_env, env);
+ trust_context->soap_namespace = axiom_namespace_get_uri(soap_ns, env);
+
+ /* Processing WS-Trust namespace*/
+ rst_ele = (axiom_element_t *)
axiom_node_get_data_element(trust_context->rst_node, env);
+ wst_ns = axiom_element_get_namespace(rst_ele, env,
trust_context->rst_node);
+
+ trust_context->wst_namespace = axiom_namespace_get_uri(wst_ns, env);
+
+ trust_context_process_request_context(trust_context, env);
+ trust_context_process_request_type(trust_context, env);
+ trust_context_process_token_type(trust_context, env);
+ trust_context_process_applies_to(trust_context, env);
+ trust_context_process_claims(trust_context, env);
+ trust_context_process_entropy(trust_context, env);
+ trust_context_process_key_type(trust_context, env);
+ trust_context_process_key_size(trust_context, env);
+
+ return trust_context;
+}
+
+AXIS2_EXTERN void AXIS2_CALL
+trust_context_free(
+ trust_context_t * trust_context,
+ const axutil_env_t * env)
+{
+ if (trust_context)
+ {
+ AXIS2_FREE(env->allocator, trust_context);
+ }
+}
+
+AXIS2_EXTERN axis2_status_t AXIS2_CALL
+trust_context_process_applies_to(
+ trust_context_t * trust_context,
+ const axutil_env_t * env)
+{
+ axutil_qname_t *applies_to_qname = NULL;
+ axutil_qname_t *addr_qname = NULL;
+ axiom_node_t *appliesto_node = NULL;
+ axiom_node_t *rst_node = NULL;
+ axiom_node_t *epr_node = NULL;
+ axiom_node_t *addr_node = NULL;
+ axiom_element_t *appliesto_ele = NULL;
+ axiom_element_t *rst_ele = NULL;
+ axiom_element_t *epr_ele = NULL;
+ axiom_element_t *addr_ele = NULL;
+ axiom_namespace_t *addr_namespace = NULL;
+
+
+ rst_node = trust_context->rst_node;
+ rst_ele = (axiom_element_t *) (axiom_node_get_data_element(rst_node, env));
+
+ applies_to_qname = axutil_qname_create(env, TRUST_APPLIES_TO,
TRUST_WSP_XMLNS, TRUST_WSP);
+
+ appliesto_ele =
+ axiom_element_get_first_child_with_qname(rst_ele, env,
applies_to_qname, rst_node,
+ &appliesto_node);
+ if (appliesto_ele)
+ {
+ epr_ele = axiom_element_get_first_element(appliesto_ele, env,
appliesto_node, &epr_node);
+
+ trust_context->applies_to_epr_node = epr_node;
+
+ if (!trust_context->addressing_namespace)
+ {
+ addr_namespace = axiom_element_find_namespace(epr_ele, env,
epr_node, "http://schemas.xmlsoap.org/ws/2004/08/addressing";, NULL);
+ if(!addr_namespace)
+ {
+ addr_namespace = axiom_element_find_namespace(epr_ele, env,
epr_node, "http://www.w3.org/2005/08/addressing";, NULL);
+ }
+ if(addr_namespace)
+ {
+ trust_context->addressing_namespace =
axiom_namespace_get_uri(addr_namespace, env);
+ }
+ }
+
+ if (epr_ele && addr_namespace)
+ {
+ addr_qname =
+ axutil_qname_create(env, EPR_ADDRESS,
trust_context->addressing_namespace, NULL);
+ addr_ele =
+ axiom_element_get_first_child_with_qname(epr_ele, env,
addr_qname, epr_node,
+ &addr_node);
+ if (addr_ele && axiom_element_get_text(addr_ele, env, addr_node))
+ {
+ trust_context->applies_to_address =
axiom_element_get_text(addr_ele, env, addr_node);
+ }
+ }
+ else
+ {
+ AXIS2_FREE(env->allocator, applies_to_qname);
+ return AXIS2_FAILURE;
+ }
+
+ }
+ else
+ {
+ AXIS2_FREE(env->allocator, applies_to_qname);
+ return AXIS2_FAILURE;
+ }
+ AXIS2_FREE(env->allocator, applies_to_qname);
+ return AXIS2_SUCCESS;
+}
+
+AXIS2_EXTERN axis2_status_t AXIS2_CALL
+trust_context_process_request_context(
+ trust_context_t * trust_context,
+ const axutil_env_t * env)
+{
+ axiom_element_t *rst_ele = NULL;
+ axutil_qname_t *attr_ctx_qname = NULL;
+ axis2_char_t *context = NULL;
+
+ AXIS2_ENV_CHECK(env, AXIS2_FAILURE);
+
+ attr_ctx_qname = axutil_qname_create(env, TRUST_RST_CONTEXT,
TRUST_WST_XMLNS, TRUST_WST);
+ if (!attr_ctx_qname)
+ return AXIS2_FAILURE;
+
+ rst_ele = (axiom_element_t *)
(axiom_node_get_data_element(trust_context->rst_node, env));
+ context = axiom_element_get_attribute_value(rst_ele, env, attr_ctx_qname);
+
+ if (context)
+ {
+ trust_context->rst_context_attr = context;
+ AXIS2_FREE(env->allocator, attr_ctx_qname);
+ return AXIS2_SUCCESS;
+ }
+ AXIS2_FREE(env->allocator, attr_ctx_qname);
+ return AXIS2_FAILURE;
+}
+
+AXIS2_EXTERN axis2_status_t AXIS2_CALL
+trust_context_process_request_type(
+ trust_context_t * trust_context,
+ const axutil_env_t * env)
+{
+ axiom_element_t *req_type_ele = NULL;
+ axiom_element_t *rst_ele = NULL;
+ axiom_node_t *rst_node = NULL;
+ axiom_node_t *req_type_node = NULL;
+ axutil_qname_t *req_type_qname = NULL;
+
+ AXIS2_ENV_CHECK(env, AXIS2_FAILURE);
+
+ rst_node = trust_context->rst_node;
+ rst_ele = (axiom_element_t *) (axiom_node_get_data_element(rst_node, env));
+
+ req_type_qname =
+ axutil_qname_create(env, TRUST_REQUEST_TYPE,
trust_context->wst_namespace, TRUST_WST);
+
+ req_type_ele =
+ axiom_element_get_first_child_with_qname(rst_ele, env, req_type_qname,
rst_node,
+ &req_type_node);
+ if (!req_type_ele)
+ {
+ AXIS2_FREE(env->allocator, req_type_qname);
+ return AXIS2_FAILURE;
+ }
+
+ trust_context->request_type = axiom_element_get_text(req_type_ele, env,
req_type_node);
+
+ AXIS2_FREE(env->allocator, req_type_qname);
+ return AXIS2_SUCCESS;
+}
+
+AXIS2_EXTERN axis2_status_t AXIS2_CALL
+trust_context_process_token_type(
+ trust_context_t * trust_context,
+ const axutil_env_t * env)
+{
+ axiom_node_t *token_type_node = NULL;
+ axiom_element_t *token_type_ele = NULL;
+ axiom_element_t *rst_ele = NULL;
+ axutil_qname_t *token_type_qname = NULL;
+
+ rst_ele = (axiom_element_t *)
(axiom_node_get_data_element(trust_context->rst_node, env));
+
+ token_type_qname =
+ axutil_qname_create(env, TRUST_TOKEN_TYPE,
trust_context->wst_namespace, TRUST_WST);
+
+ token_type_ele =
+ axiom_element_get_first_child_with_qname(rst_ele, env,
token_type_qname,
+ trust_context->rst_node,
&token_type_node);
+ if (!token_type_ele)
+ {
+ AXIS2_FREE(env->allocator, token_type_qname);
+ return AXIS2_FAILURE;
+ }
+
+ trust_context->token_type = axiom_element_get_text(token_type_ele, env,
token_type_node);
+
+ AXIS2_FREE(env->allocator, token_type_qname);
+ return AXIS2_SUCCESS;
+}
+
+AXIS2_EXTERN axis2_status_t AXIS2_CALL
+trust_context_process_claims(
+ trust_context_t * trust_context,
+ const axutil_env_t * env)
+{
+ axiom_node_t *claims_node = NULL;
+ axiom_element_t *claims_ele = NULL;
+ axiom_element_t *rst_ele = NULL;
+ axutil_qname_t *claims_qname = NULL;
+ axutil_qname_t *attr_dialect_qname = NULL;
+ axis2_char_t *dialect = NULL;
+
+ AXIS2_ENV_CHECK(env, AXIS2_FAILURE);
+
+ rst_ele = (axiom_element_t *)
(axiom_node_get_data_element(trust_context->rst_node, env));
+
+ claims_qname = axutil_qname_create(env, TRUST_CLAIMS,
trust_context->wst_namespace, TRUST_WST);
+
+ claims_ele =
+ axiom_element_get_first_child_with_qname(rst_ele, env, claims_qname,
trust_context->rst_node,
+ &claims_node);
+ if (!claims_ele)
+ {
+ AXIS2_FREE(env->allocator, claims_qname);
+ return AXIS2_FAILURE;
+ }
+
+ trust_context->claims_node = claims_node;
+
+ attr_dialect_qname =
+ axutil_qname_create(env, TRUST_CLAIMS_DIALECT,
trust_context->wst_namespace, TRUST_WST);
+ if (!attr_dialect_qname)
+ {
+ AXIS2_FREE(env->allocator, claims_qname);
+ return AXIS2_FAILURE;
+ }
+
+ dialect = axiom_element_get_attribute_value(claims_ele, env,
attr_dialect_qname);
+
+ if (!dialect)
+ {
+ AXIS2_FREE(env->allocator, claims_qname);
+ AXIS2_FREE(env->allocator, attr_dialect_qname);
+ return AXIS2_FAILURE;
+ }
+ trust_context->claims_dialect = dialect;
+
+ AXIS2_FREE(env->allocator, claims_qname);
+ AXIS2_FREE(env->allocator, attr_dialect_qname);
+ return AXIS2_SUCCESS;
+}
+
+AXIS2_EXTERN axis2_status_t AXIS2_CALL
+trust_context_process_entropy(
+ trust_context_t * trust_context,
+ const axutil_env_t * env)
+{
+ /* TO DO: Complete the entropy processing */
+ axiom_node_t *entropy_node = NULL;
+ axiom_node_t *binary_secret_node = NULL;
+ axiom_element_t *entropy_ele = NULL;
+ axiom_element_t *rst_ele = NULL;
+ axiom_element_t *binary_secret_ele = NULL;
+ axutil_qname_t *entropy_qname = NULL;
+ axis2_char_t *bin_sec_str = NULL;
+
+ AXIS2_ENV_CHECK(env, AXIS2_FAILURE);
+
+ rst_ele = (axiom_element_t *)
(axiom_node_get_data_element(trust_context->rst_node, env));
+
+ entropy_qname = axutil_qname_create(env, TRUST_ENTROPY,
trust_context->wst_namespace, TRUST_WST);
+
+ entropy_ele =
+ axiom_element_get_first_child_with_qname(rst_ele, env, entropy_qname,
trust_context->rst_node,
+ &entropy_node);
+ if (!entropy_ele)
+ {
+ AXIS2_FREE(env->allocator, entropy_qname);
+ return AXIS2_FAILURE;
+ }
+
+ binary_secret_ele =
+ axiom_element_get_first_element(entropy_ele, env, entropy_node,
&binary_secret_node);
+ bin_sec_str = axiom_element_get_text(binary_secret_ele, env,
binary_secret_node);
+
+ if (binary_secret_ele && bin_sec_str && (axutil_strcmp("", bin_sec_str) !=
0))
+ {
+ /*axutil_base64_decode(trust_context->request_entropy, bin_sec_str);*/
+ trust_context->request_entropy = bin_sec_str;
+ }
+ else
+ {
+ AXIS2_FREE(env->allocator, entropy_qname);
+ return AXIS2_FAILURE;
+ }
+
+ return AXIS2_SUCCESS;
+}
+
+AXIS2_EXTERN axis2_status_t AXIS2_CALL
+trust_context_process_key_type(
+ trust_context_t * data,
+ const axutil_env_t * env)
+{
+ axiom_node_t *key_type_node = NULL;
+ axiom_element_t *key_type_ele = NULL;
+ axiom_element_t *rst_ele = NULL;
+ axutil_qname_t *key_type_qname = NULL;
+
+ AXIS2_ENV_CHECK(env, AXIS2_FAILURE);
+
+ rst_ele = (axiom_element_t *) (axiom_node_get_data_element(data->rst_node,
env));
+
+ key_type_qname = axutil_qname_create(env, TRUST_KEY_TYPE,
data->wst_namespace, TRUST_WST);
+
+ key_type_ele =
+ axiom_element_get_first_child_with_qname(rst_ele, env, key_type_qname,
data->rst_node,
+ &key_type_node);
+ if (!key_type_ele)
+ {
+ AXIS2_FREE(env->allocator, key_type_qname);
+ return AXIS2_FAILURE;
+ }
+
+ data->key_type = axiom_element_get_text(key_type_ele, env, key_type_node);
+
+ AXIS2_FREE(env->allocator, key_type_qname);
+ return AXIS2_SUCCESS;
+}
+
+AXIS2_EXTERN axis2_status_t AXIS2_CALL
+trust_context_process_key_size(
+ trust_context_t * data,
+ const axutil_env_t * env)
+{
+ axiom_node_t *key_size_node = NULL;
+ axiom_element_t *key_size_ele = NULL;
+ axiom_element_t *rst_ele = NULL;
+ axutil_qname_t *key_size_qname = NULL;
+ axis2_char_t *size_str = NULL;
+
+ AXIS2_ENV_CHECK(env, AXIS2_FAILURE);
+
+ rst_ele = (axiom_element_t *) (axiom_node_get_data_element(data->rst_node,
env));
+
+ key_size_qname = axutil_qname_create(env, TRUST_KEY_SIZE,
data->wst_namespace, TRUST_WST);
+
+ key_size_ele =
+ axiom_element_get_first_child_with_qname(rst_ele, env, key_size_qname,
data->rst_node,
+ &key_size_node);
+ if (!key_size_ele)
+ {
+ AXIS2_FREE(env->allocator, key_size_qname);
+ return AXIS2_FAILURE;
+ }
+
+ size_str = axiom_element_get_text(key_size_ele, env, key_size_node);
+
+ if (!size_str)
+ {
+ AXIS2_FREE(env->allocator, key_size_qname);
+ return AXIS2_FAILURE;
+ }
+
+ data->key_size = atoi(size_str);
+ AXIS2_FREE(env->allocator, key_size_qname);
+ return AXIS2_SUCCESS;
+}
+
+AXIS2_EXTERN axis2_char_t *AXIS2_CALL
+trust_context_get_request_type(
+ trust_context_t * trust_context,
+ const axutil_env_t * env)
+{
+ return trust_context->request_type;
+}
+
+AXIS2_EXTERN axis2_status_t AXIS2_CALL
+trust_context_set_request_type(
+ trust_context_t * trust_context,
+ const axutil_env_t * env,
+ axis2_char_t *request_type)
+{
+ if(request_type)
+ {
+ trust_context->request_type = request_type;
+ return AXIS2_SUCCESS;
+ }
+
+ return AXIS2_FAILURE;
+}
+
+AXIS2_EXTERN axis2_char_t *AXIS2_CALL
+trust_context_get_token_type(
+ trust_context_t * trust_context,
+ const axutil_env_t * env)
+{
+ return trust_context->token_type;
+}
+
+AXIS2_EXTERN axis2_status_t AXIS2_CALL
+trust_context_set_token_type(
+ trust_context_t * trust_context,
+ const axutil_env_t * env,
+ axis2_char_t *token_type)
+{
+ if(token_type)
+ {
+ trust_context->token_type = token_type;
+ return AXIS2_SUCCESS;
+ }
+ return AXIS2_FAILURE;
+}
+
+AXIS2_EXTERN axiom_node_t * AXIS2_CALL
+trust_context_get_rst_node(
+ trust_context_t * trust_context,
+ const axutil_env_t * env)
+{
+ return trust_context->rst_node;
+}
+
+AXIS2_EXTERN axis2_status_t AXIS2_CALL
+trust_context_set_rst_node(
+ trust_context_t * trust_context,
+ const axutil_env_t * env,
+ axiom_node_t *rst_node)
+{
+ if(rst_node)
+ {
+ trust_context->rst_node = rst_node;
+ return AXIS2_SUCCESS;
+ }
+
+ return AXIS2_FAILURE;
+}
+
+AXIS2_EXTERN axis2_char_t *AXIS2_CALL
+trust_context_get_wst_ns(
+ trust_context_t * trust_context,
+ const axutil_env_t * env)
+{
+ AXIS2_ENV_CHECK(env, AXIS2_FAILURE);
+
+ return trust_context->wst_namespace;
+}
+
+AXIS2_EXTERN axis2_char_t * AXIS2_CALL
+trust_context_get_appliesto_address(
+ trust_context_t *trust_context,
+ const axutil_env_t *env)
+{
+ return trust_context->applies_to_address;
+}
+
+AXIS2_EXTERN axiom_node_t * AXIS2_CALL
+trust_context_get_appliesto_epr_node(
+ trust_context_t *trust_context,
+ const axutil_env_t *env)
+{
+ return trust_context->applies_to_epr_node;
+}
+
+AXIS2_EXTERN axis2_char_t * AXIS2_CALL
+trust_context_get_rst_context_attr(
+ trust_context_t *trust_context,
+ const axutil_env_t *env)
+{
+ return trust_context->rst_context_attr;
+}
+
+AXIS2_EXTERN axis2_char_t *AXIS2_CALL
+trust_context_get_key_type(
+ trust_context_t *trust_context,
+ const axutil_env_t *env)
+{
+ return trust_context->key_type;
+}
+
+AXIS2_EXTERN int AXIS2_CALL
+trust_context_get_key_size(
+ trust_context_t *trust_context,
+ const axutil_env_t *env)
+{
+ return trust_context->key_size;
+}
+
+AXIS2_EXTERN axis2_char_t * AXIS2_CALL
+trust_context_get_request_entropy(
+ trust_context_t *trust_context,
+ const axutil_env_t *env)
+{
+ return trust_context->request_entropy;
+}
+
+AXIS2_EXTERN axiom_node_t * AXIS2_CALL
+trust_context_get_claims_node(
+ trust_context_t *trust_context,
+ const axutil_env_t *env)
+{
+ return trust_context->claims_node;
+}
+
+AXIS2_EXTERN axis2_char_t * AXIS2_CALL
+trust_context_get_claims_dialect(
+ trust_context_t * trust_context,
+ const axutil_env_t *env)
+{
+ return trust_context->claims_dialect;
+}
+
Added: webservices/rampart/trunk/c/src/trust/policy_util.c
URL:
http://svn.apache.org/viewvc/webservices/rampart/trunk/c/src/trust/policy_util.c?rev=595202&view=auto
==============================================================================
--- webservices/rampart/trunk/c/src/trust/policy_util.c (added)
+++ webservices/rampart/trunk/c/src/trust/policy_util.c Wed Nov 14 20:35:52 2007
@@ -0,0 +1,110 @@
+/*
+* Licensed to the Apache Software Foundation (ASF) under one or more
+* contributor license agreements. See the NOTICE file distributed with
+* this work for additional information regarding copyright ownership.
+* The ASF licenses this file to You under the Apache License, Version 2.0
+* (the "License"); you may not use this file except in compliance with
+* the License. You may obtain a copy of the License at
+*
+* http://www.apache.org/licenses/LICENSE-2.0
+*
+* Unless required by applicable law or agreed to in writing, software
+* distributed under the License is distributed on an "AS IS" BASIS,
+* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+* See the License for the specific language governing permissions and
+* limitations under the License.
+*/
+#include <trust_policy_util.h>
+
+AXIS2_EXTERN rp_algorithmsuite_t *AXIS2_CALL
+trust_policy_util_get_algorithmsuite(
+ const axutil_env_t * env,
+ neethi_policy_t * policy)
+{
+ rp_secpolicy_t *secpolicy = NULL;
+ rp_binding_commons_t *binding_commons = NULL;
+
+ AXIS2_ENV_CHECK(env, NULL);
+
+ secpolicy = rp_secpolicy_builder_build(env, policy);
+ if (!secpolicy)
+ {
+ return NULL;
+ }
+
+ binding_commons = trust_policy_util_get_binding_commons(env, secpolicy);
+
+ return rp_binding_commons_get_algorithmsuite(binding_commons, env);
+}
+
+AXIS2_EXTERN rp_trust10_t *AXIS2_CALL
+trust_policy_util_get_trust10(
+ const axutil_env_t * env,
+ neethi_policy_t * policy)
+{
+ rp_secpolicy_t *secpolicy = NULL;
+
+ AXIS2_ENV_CHECK(env, NULL);
+
+ secpolicy = rp_secpolicy_builder_build(env, policy);
+ if (!secpolicy)
+ {
+ return NULL;
+ }
+
+ return rp_secpolicy_get_trust10(secpolicy, env);
+}
+
+AXIS2_EXTERN rp_binding_commons_t *AXIS2_CALL
+trust_policy_util_get_binding_commons(
+ const axutil_env_t * env,
+ rp_secpolicy_t * secpolicy)
+{
+ rp_property_t *property = NULL;
+ property = rp_secpolicy_get_binding(secpolicy, env);
+ if (!property)
+ return NULL;
+
+ if (rp_property_get_type(property, env) == RP_PROPERTY_ASYMMETRIC_BINDING)
+ {
+ rp_asymmetric_binding_t *asymmetric_binding = NULL;
+ rp_symmetric_asymmetric_binding_commons_t *sym_asym_commons = NULL;
+ asymmetric_binding = (rp_asymmetric_binding_t *)
rp_property_get_value(property, env);
+ if (!asymmetric_binding)
+ return NULL;
+
+ sym_asym_commons =
+
rp_asymmetric_binding_get_symmetric_asymmetric_binding_commons(asymmetric_binding,
env);
+ if (!sym_asym_commons)
+ return NULL;
+
+ return
rp_symmetric_asymmetric_binding_commons_get_binding_commons(sym_asym_commons,
env);
+ }
+ else if (rp_property_get_type(property, env) ==
RP_PROPERTY_SYMMETRIC_BINDING)
+ {
+ rp_symmetric_binding_t *symmetric_binding = NULL;
+ rp_symmetric_asymmetric_binding_commons_t *sym_asym_commons = NULL;
+ symmetric_binding = (rp_symmetric_binding_t *)
rp_property_get_value(property, env);
+ if (!symmetric_binding)
+ return NULL;
+
+ sym_asym_commons =
+
rp_symmetric_binding_get_symmetric_asymmetric_binding_commons(symmetric_binding,
env);
+ if (!sym_asym_commons)
+ return NULL;
+
+ return
rp_symmetric_asymmetric_binding_commons_get_binding_commons(sym_asym_commons,
env);
+
+ }
+ else if (rp_property_get_type(property, env) ==
RP_PROPERTY_TRANSPORT_BINDING)
+ {
+ rp_transport_binding_t *transport_binding = NULL;
+ transport_binding = (rp_transport_binding_t *)
rp_property_get_value(property, env);
+ if (!transport_binding)
+ return NULL;
+
+ return rp_transport_binding_get_binding_commons(transport_binding,
env);
+ }
+ else
+ return NULL;
+}
Added: webservices/rampart/trunk/c/src/trust/sts_client.c
URL:
http://svn.apache.org/viewvc/webservices/rampart/trunk/c/src/trust/sts_client.c?rev=595202&view=auto
==============================================================================
--- webservices/rampart/trunk/c/src/trust/sts_client.c (added)
+++ webservices/rampart/trunk/c/src/trust/sts_client.c Wed Nov 14 20:35:52 2007
@@ -0,0 +1,623 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include <trust_sts_client.h>
+
+#ifndef TRUST_COMPUTED_KEY_PSHA1
+#define TRUST_COMPUTED_KEY_PSHA1 "P-SHA1"
+#endif
+
+struct trust_sts_client
+{
+
+ /*WS Trust version */
+ int version;
+
+ /* Key size */
+ int key_size;
+
+ /* Algorithm Suite for Entropy */
+ rp_algorithmsuite_t *algo_suite;
+
+ /* Trust 1.0 Assertions */
+ rp_trust10_t *trust10;
+
+ /* Requestor Entropy */
+ axis2_char_t *requestor_entropy;
+
+ axis2_char_t *appliesto;
+
+ axis2_char_t *token_type;
+
+ /* Time To Live */
+ int ttl;
+
+ /* Issuer Address */
+ axis2_char_t *issuer_address;
+
+ /* STS Client Home Directory */
+ axis2_char_t *home_dir;
+
+ /* Location of the issuer's policy file */
+ axis2_char_t *issuer_policy_location;
+
+ /* Location of the service's (relying party's) policy file */
+ axis2_char_t *service_policy_location;
+};
+
+AXIS2_EXTERN trust_sts_client_t *AXIS2_CALL
+trust_sts_client_create(
+ const axutil_env_t * env)
+{
+ trust_sts_client_t *sts_client = NULL;
+
+ sts_client = (trust_sts_client_t *) AXIS2_MALLOC(env->allocator,
sizeof(trust_sts_client_t));
+
+ sts_client->version = TRUST_VERSION_05_02;
+ sts_client->key_size = 0;
+ sts_client->ttl = 0;
+ sts_client->requestor_entropy = NULL;
+ sts_client->trust10 = NULL;
+ sts_client->appliesto = NULL;
+ sts_client->token_type = NULL;
+ sts_client->home_dir = NULL;
+ sts_client->issuer_address = NULL;
+ sts_client->issuer_policy_location = NULL;
+ sts_client->service_policy_location = NULL;
+
+ return sts_client;
+}
+
+AXIS2_EXTERN void AXIS2_CALL
+trust_sts_client_free(
+ trust_sts_client_t * sts_client,
+ const axutil_env_t * env)
+{
+ AXIS2_ENV_CHECK(env, AXIS2_FAILURE);
+
+ if (sts_client)
+ {
+ AXIS2_FREE(env->allocator, sts_client);
+ }
+
+}
+
+AXIS2_EXTERN void AXIS2_CALL
+trust_sts_client_request_security_token(
+ trust_sts_client_t * sts_client,
+ const axutil_env_t * env,
+ axis2_char_t * applies_to,
+ axis2_char_t * token_type)
+{
+ axis2_svc_client_t *svc_client = NULL;
+ neethi_policy_t *issuer_policy = NULL;
+ neethi_policy_t *service_policy = NULL;
+ axis2_status_t status = AXIS2_SUCCESS;
+ axiom_node_t *return_node = NULL;
+
+ sts_client->appliesto = applies_to;
+ sts_client->token_type = token_type;
+
+ issuer_policy = neethi_util_create_policy_from_file(env,
sts_client->issuer_policy_location);
+
+ service_policy = neethi_util_create_policy_from_file(env,
sts_client->service_policy_location);
+
+ if (!issuer_policy || !service_policy)
+ {
+ status = AXIS2_FAILURE;
+ }
+ else
+ {
+ trust_sts_client_process_policies(sts_client, env, issuer_policy,
service_policy);
+ }
+
+ /* TODO : Fix action logic */
+ svc_client =
+ trust_sts_client_get_svc_client(sts_client, env,
+
"http://schemas.xmlsoap.org/ws/2005/02/RST/issue";);
+
+ if (status == AXIS2_SUCCESS)
+ {
+ status = axis2_svc_client_set_policy(svc_client, env, issuer_policy);
+ if (status == AXIS2_FAILURE)
+ {
+ AXIS2_LOG_ERROR(env->log, AXIS2_LOG_SI, "Policy setting failed.");
+ }
+
+ return_node =
+ axis2_svc_client_send_receive(svc_client, env,
+
trust_sts_client_create_issue_request(sts_client, env,
+
"/Issue",
+
applies_to,
+
token_type));
+ }
+ if (svc_client)
+ {
+ axis2_svc_client_free(svc_client, env);
+ svc_client = NULL;
+ }
+
+ return;
+}
+
+AXIS2_EXTERN axis2_svc_client_t *AXIS2_CALL
+trust_sts_client_get_svc_client(
+ trust_sts_client_t * sts_client,
+ const axutil_env_t * env,
+ axis2_char_t * action)
+{
+ axis2_endpoint_ref_t *endpoint_ref = NULL;
+ axis2_options_t *options = NULL;
+ axis2_svc_client_t *svc_client = NULL;
+
+ endpoint_ref = axis2_endpoint_ref_create(env, sts_client->issuer_address);
+
+ options = axis2_options_create(env);
+ axis2_options_set_to(options, env, endpoint_ref);
+ axis2_options_set_action(options, env, action);
+
+ svc_client = axis2_svc_client_create(env, sts_client->home_dir);
+ if (!svc_client)
+ {
+ AXIS2_LOG_ERROR(env->log, AXIS2_LOG_SI, "Stub invoke FAILED: Error
code:" " %d :: %s",
+ env->error->error_number,
AXIS2_ERROR_GET_MESSAGE(env->error));
+ return NULL;
+ }
+
+ /* Set service client options */
+ axis2_svc_client_set_options(svc_client, env, options);
+
+ /* Engage addressing module */
+ axis2_svc_client_engage_module(svc_client, env, AXIS2_MODULE_ADDRESSING);
+
+ return svc_client;
+}
+
+AXIS2_EXTERN axis2_status_t AXIS2_CALL
+trust_sts_client_process_policies(
+ trust_sts_client_t * sts_client,
+ const axutil_env_t * env,
+ neethi_policy_t * issuer_policy,
+ neethi_policy_t * service_policy)
+{
+ AXIS2_ENV_CHECK(env, AXIS2_FAILURE);
+
+ if (issuer_policy)
+ {
+ sts_client->algo_suite = trust_policy_util_get_algorithmsuite(env,
issuer_policy);
+ }
+
+ if (service_policy)
+ {
+ sts_client->trust10 = trust_policy_util_get_trust10(env,
service_policy);
+ }
+
+ return AXIS2_SUCCESS;
+}
+AXIS2_EXTERN axiom_node_t *AXIS2_CALL
+trust_sts_client_create_issue_request(
+ trust_sts_client_t * sts_client,
+ const axutil_env_t * env,
+ axis2_char_t * request_type,
+ axis2_char_t * applies_to,
+ axis2_char_t * token_type)
+{
+ axiom_node_t *rst_node = NULL;
+ axiom_node_t *entropy_node = NULL;
+ axiom_node_t *binsec_node = NULL;
+ int maxkey_len = 0;
+
+ rst_node = trust_util_create_rst_element(env, sts_client->version, NULL);
+
+ /* Setting up the request type */
+ trust_util_create_request_type_element(env, sts_client->version, rst_node,
request_type);
+
+ /* Setting up the token type */
+ if (token_type)
+ {
+ trust_util_create_token_type_element(env, sts_client->version,
rst_node, token_type);
+ }
+
+ if (applies_to)
+ trust_util_create_applies_to_element(env, rst_node, applies_to,
TRUST_WSA_XMLNS);
+
+ if (sts_client->trust10 && sts_client->algo_suite)
+ {
+ if (rp_trust10_get_require_client_entropy(sts_client->trust10, env) ==
AXIS2_TRUE)
+ {
+ entropy_node = trust_util_create_entropy_element(env,
sts_client->version, rst_node);
+ maxkey_len =
rp_algorithmsuite_get_max_symmetric_keylength(sts_client->algo_suite, env);
+ sts_client->requestor_entropy =
+ (axis2_char_t *) rampart_generate_nonce(env, maxkey_len);
+
+ binsec_node =
+ trust_util_create_binary_secret_element(env,
sts_client->version, entropy_node,
+
sts_client->requestor_entropy,
+
TRUST_BIN_SEC_TYPE_NONCE);
+
+ trust_util_create_computed_key_algo_element(env,
sts_client->version, rst_node,
+
TRUST_COMPUTED_KEY_PSHA1);
+ }
+ }
+ else
+ {
+ printf("Algo Suite or Trust10 Error!\n");
+ }
+
+ trust_sts_client_free(sts_client, env);
+
+ return rst_node;
+}
+
+AXIS2_EXTERN axiom_node_t * AXIS2_CALL
+trust_sts_client_create_renew_request(
+ trust_sts_client_t *sts_client,
+ const axutil_env_t *env,
+ axis2_char_t *token_type,
+ axis2_char_t *request_type,
+ axiom_node_t *renew_target,
+ axis2_bool_t allow_postdating,
+ trust_allow_t renew_allow,
+ trust_ok_t ok_flag)
+{
+ axiom_node_t *rst_node = NULL;
+
+ rst_node = trust_util_create_rst_element(env, sts_client->version, NULL);
+
+ if(token_type)
+ {
+ trust_util_create_token_type_element(env, sts_client->version,
rst_node, token_type);
+ }
+ trust_util_create_request_type_element(env, sts_client->version, rst_node,
request_type);
+
+ if(renew_target)
+ {
+ trust_util_create_renew_traget_element(env, sts_client->version,
rst_node, renew_target);
+ }
+ else
+ {
+ return NULL;
+ }
+
+ if(allow_postdating)
+ {
+ trust_util_create_allow_postdating_element(env, sts_client->version,
rst_node);
+ }
+
+ trust_util_create_renewing_element(env, sts_client->version, rst_node,
renew_allow, ok_flag);
+
+ return rst_node;
+}
+
+AXIS2_EXTERN axiom_node_t * AXIS2_CALL
+tust_sts_client_create_cancel_request(
+ trust_sts_client_t *sts_client,
+ const axutil_env_t *env,
+ axis2_char_t *request_type,
+ axiom_node_t *cancel_target)
+{
+ axiom_node_t *rst_node = NULL;
+
+ rst_node = trust_util_create_rst_element(env, sts_client->version, NULL);
+
+ trust_util_create_request_type_element(env, sts_client->version, rst_node,
request_type);
+
+ if(cancel_target)
+ {
+ if(!trust_util_create_cancel_target_element(env, sts_client->version,
rst_node, cancel_target))
+ {
+ return NULL;
+ }
+ }
+ else
+ {
+ return NULL;
+ }
+
+ return rst_node;
+}
+
+AXIS2_EXTERN axiom_node_t * AXIS2_CALL
+trust_sts_client_create_validate_request(
+ trust_sts_client_t *sts_client,
+ const axutil_env_t *env,
+ axis2_char_t *token_type,
+ axis2_char_t *request_type)
+{
+ axiom_node_t *rst_node = NULL;
+
+ rst_node = trust_util_create_rst_element(env, sts_client->version, NULL);
+
+ if(token_type)
+ {
+ trust_util_create_token_type_element(env, sts_client->version,
rst_node, token_type);
+ }
+
+ if(request_type)
+ {
+ trust_util_create_request_type_element(env, sts_client->version,
rst_node, request_type);
+ }
+
+ return rst_node;
+}
+/* Process ISSUE RESPONSE */
+AXIS2_EXTERN trust_token_t *AXIS2_CALL
+trust_sts_client_process_issue_response(
+ trust_sts_client_t * sts_client,
+ const axutil_env_t * env,
+ int wst_version,
+ axiom_node_t * response_node,
+ axiom_node_t * payload_sent)
+{
+ /* Token */
+ trust_token_t *token = NULL;
+
+ /* RSTR */
+ axiom_node_t *rstr_node = NULL;
+ axiom_element_t *rstr_ele = NULL;
+
+ axis2_char_t *wst_ns_uri = NULL;
+
+ /* Attached Reference */
+ axiom_node_t *attached_ref_node = NULL;
+ axiom_element_t *attached_ref_ele = NULL;
+ axutil_qname_t *attached_ref_qname = NULL;
+ axiom_node_t *req_attached_ref_node = NULL;
+
+ /* Unattached Reference */
+ axiom_node_t *unattached_ref_node = NULL;
+ axiom_element_t *unattached_ref_ele = NULL;
+ axutil_qname_t *unattached_ref_qname = NULL;
+ axiom_node_t *req_unattached_ref_node = NULL;
+
+ /*Requsted Security Token */
+ axiom_node_t *req_sec_token_node = NULL;
+ axiom_element_t *req_sec_token_ele = NULL;
+ axutil_qname_t *req_sec_token_qname = NULL;
+ axiom_node_t *sec_token = NULL;
+
+ /* Life Time */
+ axiom_node_t *life_time_node = NULL;
+ axiom_element_t *life_time_ele = NULL;
+ axutil_qname_t *life_time_qname = NULL;
+
+ rstr_node = response_node;
+
+ if (TRUST_VERSION_05_12 == wst_version)
+ {
+ rstr_node = axiom_node_get_first_element(rstr_node, env);
+ }
+
+ wst_ns_uri = trust_util_get_wst_ns(env, wst_version);
+ rstr_ele = axiom_node_get_data_element(rstr_node, env);
+
+ /* Extract Attached Reference */
+
+ attached_ref_qname =
+ axutil_qname_create(env, TRUST_REQUESTED_ATTACHED_REFERENCE,
wst_ns_uri, TRUST_WST);
+
+ attached_ref_ele =
+ axiom_element_get_first_child_with_qname(rstr_ele, env,
attached_ref_qname, rstr_node,
+ &attached_ref_node);
+
+ if (attached_ref_ele)
+ {
+ req_attached_ref_node =
axiom_node_get_first_element(attached_ref_node, env);
+ }
+
+ /* Extract unattached Reference */
+ unattached_ref_qname =
+ axutil_qname_create(env, TRUST_REQUESTED_UNATTACHED_REFERENCE,
wst_ns_uri, TRUST_WST);
+
+ unattached_ref_ele =
+ axiom_element_get_first_child_with_qname(rstr_ele, env,
unattached_ref_qname, rstr_node,
+ &unattached_ref_node);
+ if (unattached_ref_ele)
+ {
+ req_unattached_ref_node =
axiom_node_get_first_element(unattached_ref_node, env);
+ }
+
+ /* Extract Requested Security Token */
+ req_sec_token_qname =
+ axutil_qname_create(env, TRUST_REQUESTED_SECURITY_TOKEN, wst_ns_uri,
TRUST_WST);
+ req_sec_token_ele =
+ axiom_element_get_first_child_with_qname(rstr_ele, env,
req_sec_token_qname, rstr_node,
+ &req_sec_token_node);
+
+ if (req_sec_token_node)
+ {
+ sec_token = axiom_node_get_first_element(req_sec_token_node, env);
+ }
+ else
+ {
+ /*Requsted Token Missing - Handle */
+ }
+
+ /* Extract Life Time */
+ life_time_qname = axutil_qname_create(env, TRUST_LIFE_TIME, wst_ns_uri,
TRUST_WST);
+ life_time_ele =
+ axiom_element_get_first_child_with_qname(rstr_ele, env,
life_time_qname, rstr_node,
+ &life_time_node);
+
+ if (NULL == life_time_ele)
+ {
+ /* Handle NULL - life time ele */
+ }
+
+ /* TOKEN Creation */
+ /* FIX id- NULL :-> ID should be computed here */
+ token = trust_token_create(env, NULL, sec_token, life_time_node);
+
+ return token;
+
+}
+
+AXIS2_EXTERN axis2_char_t *AXIS2_CALL
+trust_sts_client_find_identifier(
+ trust_sts_client_t * sts_client,
+ axiom_node_t * req_att_ref_node,
+ axiom_node_t * req_unatt_ref_node,
+ axiom_node_t * sec_token_node,
+ const axutil_env_t * env)
+{
+ axis2_char_t *id_str = NULL;
+
+ if (req_att_ref_node)
+ {
+ id_str = trust_sts_client_get_id_from_str(sts_client,
req_att_ref_node, env);
+ }
+ else if (req_unatt_ref_node)
+ {
+ id_str = trust_sts_client_get_id_from_str(sts_client,
req_unatt_ref_node, env);
+ }
+ else
+ {
+ /* FIX : WSConstants based wsu:Id */
+
+ }
+ return id_str;
+}
+
+AXIS2_EXTERN axis2_char_t *AXIS2_CALL
+trust_sts_client_get_id_from_str(
+ trust_sts_client_t * sts_client,
+ axiom_node_t * ref_node,
+ const axutil_env_t * env)
+{
+ /*FIX : implementation requires WS.Consatants paramaters */
+ return NULL;
+}
+
+AXIS2_EXTERN axis2_status_t AXIS2_CALL
+trust_sts_client_set_ttl(
+ trust_sts_client_t * sts_client,
+ const axutil_env_t * env,
+ int ttl)
+{
+ AXIS2_ENV_CHECK(env, AXIS2_FAILURE);
+ AXIS2_PARAM_CHECK(env->error, ttl, AXIS2_FAILURE);
+
+ sts_client->ttl = ttl;
+
+ return AXIS2_SUCCESS;
+}
+
+AXIS2_EXTERN int AXIS2_CALL
+trust_sts_client_get_ttl(
+ trust_sts_client_t * sts_client,
+ const axutil_env_t * env)
+{
+ AXIS2_ENV_CHECK(env, AXIS2_FAILURE);
+
+ return sts_client->ttl;
+}
+
+AXIS2_EXTERN axis2_status_t AXIS2_CALL
+trust_sts_client_set_issuer_address(
+ trust_sts_client_t * sts_client,
+ const axutil_env_t * env,
+ axis2_char_t * address)
+{
+ AXIS2_ENV_CHECK(env, AXIS2_FAILURE);
+ AXIS2_PARAM_CHECK(env->error, address, AXIS2_FAILURE);
+
+ sts_client->issuer_address = address;
+
+ return AXIS2_SUCCESS;
+}
+
+AXIS2_EXTERN axis2_char_t *AXIS2_CALL
+trust_sts_client_get_issuer_address(
+ trust_sts_client_t * sts_client,
+ const axutil_env_t * env)
+{
+ AXIS2_ENV_CHECK(env, AXIS2_FAILURE);
+
+ return sts_client->issuer_address;
+}
+
+AXIS2_EXTERN axis2_status_t AXIS2_CALL
+trust_sts_client_set_home_dir(
+ trust_sts_client_t * sts_client,
+ const axutil_env_t * env,
+ axis2_char_t * directory)
+{
+ AXIS2_ENV_CHECK(env, AXIS2_FAILURE);
+ AXIS2_PARAM_CHECK(env->error, directory, AXIS2_FAILURE);
+
+ sts_client->home_dir = directory;
+
+ return AXIS2_SUCCESS;
+}
+
+AXIS2_EXTERN axis2_char_t *AXIS2_CALL
+trust_sts_client_get_home_dir(
+ trust_sts_client_t * sts_client,
+ const axutil_env_t * env)
+{
+ AXIS2_ENV_CHECK(env, AXIS2_FAILURE);
+
+ return sts_client->home_dir;
+}
+
+AXIS2_EXTERN axis2_status_t AXIS2_CALL
+trust_sts_client_set_issuer_policy_location(
+ trust_sts_client_t * sts_client,
+ const axutil_env_t * env,
+ axis2_char_t * file_path)
+{
+ AXIS2_ENV_CHECK(env, AXIS2_FAILURE);
+ AXIS2_PARAM_CHECK(env->error, file_path, AXIS2_FAILURE);
+
+ sts_client->issuer_policy_location = file_path;
+
+ return AXIS2_SUCCESS;
+}
+
+AXIS2_EXTERN axis2_char_t *AXIS2_CALL
+trust_sts_client_get_issuer_policy_location(
+ trust_sts_client_t * sts_client,
+ const axutil_env_t * env)
+{
+ AXIS2_ENV_CHECK(env, AXIS2_FAILURE);
+
+ return sts_client->issuer_policy_location;
+}
+
+AXIS2_EXTERN axis2_status_t AXIS2_CALL
+trust_sts_client_set_service_policy_location(
+ trust_sts_client_t * sts_client,
+ const axutil_env_t * env,
+ axis2_char_t * file_path)
+{
+ AXIS2_ENV_CHECK(env, AXIS2_FAILURE);
+ AXIS2_PARAM_CHECK(env->error, file_path, AXIS2_FAILURE);
+
+ sts_client->service_policy_location = file_path;
+
+ return AXIS2_SUCCESS;
+}
+
+AXIS2_EXTERN axis2_char_t *AXIS2_CALL
+trust_sts_client_get_service_policy_location(
+ trust_sts_client_t * sts_client,
+ const axutil_env_t * env)
+{
+ AXIS2_ENV_CHECK(env, AXIS2_FAILURE);
+
+ return sts_client->service_policy_location;
+}
Added: webservices/rampart/trunk/c/src/trust/token.c
URL:
http://svn.apache.org/viewvc/webservices/rampart/trunk/c/src/trust/token.c?rev=595202&view=auto
==============================================================================
--- webservices/rampart/trunk/c/src/trust/token.c (added)
+++ webservices/rampart/trunk/c/src/trust/token.c Wed Nov 14 20:35:52 2007
@@ -0,0 +1,470 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include <trust_token.h>
+
+struct trust_token {
+
+ /*Token identifier*/
+ axis2_char_t *id;
+
+ /*Current state of the token*/
+ trust_token_state_t state;
+
+ /*The actual token in its current state <RequstedSecurityToken*/
+ axiom_node_t *token;
+
+ /*The token in its previous state*/
+ axiom_node_t *previous_token;
+
+ axiom_node_t *proof_token;
+
+ /**
+ *Store the RSTR's modifications of the requested parameters.
+ *These RSTR parameters sholud be compare with the RST parameter and should
take
+ *the proprietary actions
+ **/
+ axis2_char_t *applies_to_uri;
+ axis2_char_t *token_type_uri;
+
+ /* Entropy */
+ axiom_node_t* entropy;
+
+ /* Entropy - BinarySecret */
+ axis2_char_t *binary_secret;
+
+ /**
+ * The RequestedAttachedReference element
+ * NOTE : The oasis-200401-wss-soap-message-security-1.0 spec allows
+ * an extensibility mechanism for wsse:SecurityTokenReference and
+ * wsse:Reference. Hence we cannot limit to the
+ * wsse:SecurityTokenReference\wsse:Reference case and only hold the URI
and
+ * the ValueType values.
+ */
+ axiom_node_t *attached_reference;
+
+ /**
+ * The RequestedUnattachedReference element
+ * NOTE : The oasis-200401-wss-soap-message-security-1.0 spec allows
+ * an extensibility mechanism for wsse:SecurityTokenRefence and
+ * wsse:Reference. Hence we cannot limit to the
+ * wsse:SecurityTokenReference\wsse:Reference case and only hold the URI
and
+ * the ValueType values.
+ */
+ axiom_node_t *unattached_reference;
+
+ /*A bag to hold any other properties*/
+ /*trust_properties_t *properties;*/
+
+ /*A flag to assist the TokenStorage*/
+ axis2_bool_t changed;
+
+ /*The secret associated with the Token*/
+ unsigned char *secret;
+
+ /*Created time*/
+ axutil_date_time_t *created;
+
+ /*Expiration Time*/
+ axutil_date_time_t *expire;
+
+ /*issuer end point address*/
+ axis2_char_t* issuer_address;
+};
+
+AXIS2_EXTERN trust_token_t* AXIS2_CALL
+trust_token_create(
+ const axutil_env_t *env,
+ axis2_char_t *id,
+ axiom_node_t *token_node,
+ axiom_node_t *life_node)
+{
+ trust_token_t *token = NULL;
+ axis2_status_t status;
+
+ token = AXIS2_MALLOC(env->allocator, sizeof(trust_token_t));
+
+ if(id)
+ {
+ token->id = id;
+ } else
+ {
+ AXIS2_LOG_ERROR(env->log, AXIS2_LOG_SI, "[trust] Cannot create
trust token with null id!");
+ return NULL;
+ }
+
+ if(token_node)
+ {
+ token->token = token_node;
+ } else
+ {
+ AXIS2_LOG_ERROR(env->log, AXIS2_LOG_SI, "[trust] Cannot create
trust token with null token element!");
+ return NULL;
+ }
+
+ if(life_node)
+ {
+ status = trust_token_process_life_elem(env, life_node, token);
+ if(status == AXIS2_FAILURE)
+ {
+ AXIS2_LOG_ERROR(env->log, AXIS2_LOG_SI, "[trust] Lifetime
element processing failed.");
+ }
+
+ } else
+ {
+ AXIS2_LOG_ERROR(env->log, AXIS2_LOG_SI, "[trust] Cannot create
trust token with null life element!");
+ return NULL;
+ }
+
+ return token;
+
+}
+
+AXIS2_EXTERN trust_token_t* AXIS2_CALL
+trust_token_create_with_dates(const axutil_env_t *env,
+ axis2_char_t *id,
+ axiom_node_t *token_node,
+ axutil_date_time_t *created,
+ axutil_date_time_t *expire)
+{
+ trust_token_t *token = NULL;
+
+
+ AXIS2_ENV_CHECK(env, AXIS2_FAILURE);
+
+ token = AXIS2_MALLOC(env->allocator, sizeof(trust_token_t));
+
+ if(id)
+ {
+ token->id = id;
+ } else
+ {
+ AXIS2_LOG_ERROR(env->log, AXIS2_LOG_SI, "[trust] Cannot create
trust token with null id!");
+ return NULL;
+ }
+
+ if(token_node)
+ {
+ token->token = token_node;
+ } else
+ {
+ AXIS2_LOG_ERROR(env->log, AXIS2_LOG_SI, "[trust] Cannot create
trust token with null token element!");
+ return NULL;
+ }
+
+ if(created)
+ {
+ token->created = created;
+ } else
+ {
+ AXIS2_LOG_ERROR(env->log, AXIS2_LOG_SI, "[trust] Cannot create
trust token with null create date!");
+ return NULL;
+ }
+
+ if(expire)
+ {
+ token->expire = expire;
+ } else
+ {
+ AXIS2_LOG_ERROR(env->log, AXIS2_LOG_SI, "[trust] Cannot create
trust token with null expired date!");
+ return NULL;
+ }
+ return token;
+
+}
+
+AXIS2_EXTERN axis2_status_t AXIS2_CALL
+trust_token_process_life_elem(const axutil_env_t *env,
+ axiom_node_t *life_node,
+ trust_token_t *token)
+{
+ axiom_element_t *created_ele = NULL;
+ axiom_element_t *expire_ele = NULL;
+ axiom_node_t *created_node = NULL;
+ axiom_node_t *expire_node = NULL;
+ axiom_element_t *life_ele = NULL;
+ axutil_date_time_t *created_dt = NULL;
+ axutil_date_time_t *expire_dt = NULL;
+ axutil_qname_t *created_qn = NULL;
+ axutil_qname_t *expire_qn = NULL;
+ axis2_status_t status = AXIS2_SUCCESS;
+ axis2_char_t *created_str = NULL;
+ axis2_char_t *expire_str = NULL;
+
+ if(!life_node){
+ return AXIS2_FAILURE;
+ }
+
+ life_ele = axiom_node_get_data_element(life_node, env);
+
+ created_dt = axutil_date_time_create(env);
+ created_qn = axutil_qname_create(env, TRUST_LIFE_TIME_CREATED,
TRUST_WSU_XMLNS, TRUST_WSU);
+ created_ele = axiom_element_get_first_child_with_qname(life_ele, env,
created_qn, life_node, &created_node);
+ created_str = axiom_element_get_text(created_ele, env, created_node);
+ status = axutil_date_time_deserialize_date_time(created_dt, env,
created_str);
+
+ if(status == AXIS2_FAILURE){
+ return status;
+ }
+
+ token->created = created_dt;
+
+
+ expire_dt = axutil_date_time_create(env);
+ expire_qn = axutil_qname_create(env, TRUST_LIFE_TIME_EXPIRES,
TRUST_WSU_XMLNS, TRUST_WSU);
+ expire_ele = axiom_element_get_first_child_with_qname(life_ele, env,
expire_qn, life_node, &expire_node);
+ expire_str = axiom_element_get_text(expire_ele, env, expire_node);
+ status = axutil_date_time_deserialize_date_time(expire_dt, env,
expire_str);
+
+ if(status == AXIS2_FAILURE){
+ return status;
+ }
+
+ token->expire = expire_dt;
+
+ return status;
+}
+
+AXIS2_EXTERN axis2_bool_t AXIS2_CALL
+trust_token_is_changed(
+ const axutil_env_t *env,
+ trust_token_t *token)
+{
+ AXIS2_ENV_CHECK(env, AXIS2_FAILURE);
+ return (token->changed);
+}
+
+
+AXIS2_EXTERN axis2_status_t AXIS2_CALL
+trust_token_set_changed(
+ const axutil_env_t *env,
+ trust_token_t *token,
+ axis2_bool_t changed)
+{
+ AXIS2_ENV_CHECK(env, AXIS2_FAILURE);
+ if(!token)
+ return AXIS2_FAILURE;
+
+ token->changed = changed;
+
+ return AXIS2_SUCCESS;
+}
+
+
+AXIS2_EXTERN trust_token_state_t AXIS2_CALL
+trust_token_get_state(const axutil_env_t *env,
+ trust_token_t *token)
+{
+ AXIS2_ENV_CHECK(env, AXIS2_FAILURE);
+ if(!token)
+ return AXIS2_FAILURE;
+
+ return token->state;
+}
+
+AXIS2_EXTERN axis2_status_t AXIS2_CALL
+trust_token_set_state(const axutil_env_t *env,
+ trust_token_t *token,
+ trust_token_state_t state)
+{
+ AXIS2_ENV_CHECK(env, AXIS2_FAILURE);
+ if(!token)
+ return AXIS2_FAILURE;
+ token->state = state;
+
+ return AXIS2_SUCCESS;
+}
+
+AXIS2_EXTERN axiom_node_t* AXIS2_CALL
+trust_token_get_token(
+ const axutil_env_t *env,
+ trust_token_t *token)
+{
+ AXIS2_ENV_CHECK(env, AXIS2_FAILURE);
+ if(!token)
+ return NULL;
+
+ return token->token;
+}
+
+AXIS2_EXTERN axis2_status_t AXIS2_CALL
+trust_token_set_token(
+ const axutil_env_t *env,
+ trust_token_t *token,
+ axiom_node_t *token_node)
+{
+ AXIS2_ENV_CHECK(env, AXIS2_FAILURE);
+ if(!token)
+ return AXIS2_FAILURE;
+ token->token = token_node;
+
+ return AXIS2_SUCCESS;
+}
+
+AXIS2_EXTERN axiom_node_t* AXIS2_CALL
+trust_token_get_previous_token(
+ const axutil_env_t *env,
+ trust_token_t *token)
+{
+ AXIS2_ENV_CHECK(env, AXIS2_FAILURE);
+ if(!token)
+ return NULL;
+
+ return token->previous_token;
+}
+
+AXIS2_EXTERN axis2_status_t AXIS2_CALL
+trust_token_set_previous_token(
+ const axutil_env_t *env,
+ trust_token_t *token,
+ axiom_node_t *prev_token)
+{
+ AXIS2_ENV_CHECK(env, AXIS2_FAILURE);
+
+ if(!token)
+ return AXIS2_FAILURE;
+ token->previous_token = prev_token;
+
+ return AXIS2_SUCCESS;
+}
+
+AXIS2_EXTERN axis2_char_t* AXIS2_CALL
+trust_token_get_id(
+ const axutil_env_t *env,
+ trust_token_t *token)
+{
+ AXIS2_ENV_CHECK(env, AXIS2_FAILURE);
+
+ if(!token)
+ return NULL;
+
+ return token->id;
+}
+
+AXIS2_EXTERN axiom_node_t* AXIS2_CALL
+trust_token_get_attached_reference(
+ const axutil_env_t *env,
+ trust_token_t *token)
+{
+ AXIS2_ENV_CHECK(env, AXIS2_FAILURE);
+
+ if(!token)
+ return NULL;
+
+ return token->attached_reference;
+}
+
+AXIS2_EXTERN axis2_status_t AXIS2_CALL
+trust_token_set_attached_reference(
+ const axutil_env_t *env,
+ trust_token_t *token,
+ axiom_node_t *attached_reference)
+{
+ AXIS2_ENV_CHECK(env, AXIS2_FAILURE);
+
+ if(!token)
+ return AXIS2_FAILURE;
+
+ token->attached_reference = attached_reference;
+
+ return AXIS2_SUCCESS;
+}
+
+AXIS2_EXTERN axiom_node_t* AXIS2_CALL
+trust_token_get_unattached_reference(
+ const axutil_env_t *env,
+ trust_token_t *token)
+{
+ AXIS2_ENV_CHECK(env, AXIS2_FAILURE);
+
+ if(!token)
+ return NULL;
+
+ return token->unattached_reference;
+}
+
+AXIS2_EXTERN axis2_status_t AXIS2_CALL
+trust_token_set_unattached_reference(
+ const axutil_env_t *env,
+ trust_token_t *token,
+ axiom_node_t *unattached_reference)
+{
+ AXIS2_ENV_CHECK(env, AXIS2_FAILURE);
+
+ if(!token)
+ return AXIS2_FAILURE;
+
+ token->unattached_reference = unattached_reference;
+
+ return AXIS2_SUCCESS;
+}
+
+AXIS2_EXTERN axutil_date_time_t* AXIS2_CALL
+trust_token_get_created(
+ const axutil_env_t *env,
+ trust_token_t *token)
+{
+ AXIS2_ENV_CHECK(env, AXIS2_FAILURE);
+
+ if(!token)
+ return NULL;
+
+ return token->created;
+}
+
+AXIS2_EXTERN axutil_date_time_t* AXIS2_CALL
+trust_token_get_expires(
+ const axutil_env_t *env,
+ trust_token_t *token)
+{
+ AXIS2_ENV_CHECK(env, AXIS2_FAILURE);
+
+ if(!token)
+ return NULL;
+
+ return token->expire;
+}
+
+AXIS2_EXTERN axis2_status_t AXIS2_CALL
+trust_token_set_expires(
+ const axutil_env_t *env,
+ trust_token_t *token,
+ axutil_date_time_t *expire)
+{
+ AXIS2_ENV_CHECK(env, AXIS2_FAILURE);
+
+ if(!token)
+ return AXIS2_FAILURE;
+
+ token->expire = expire;
+
+ return AXIS2_SUCCESS;
+}
+
+AXIS2_EXTERN axis2_char_t* AXIS2_CALL
+trust_token_get_issuer_address(
+ const axutil_env_t *env,
+ trust_token_t *token)
+{
+ AXIS2_ENV_CHECK(env, AXIS2_FAILURE);
+
+ if(!token)
+ return NULL;
+
+ return token->issuer_address;
+}
+
