1 /*******************************************************************************
\r
2 * ============LICENSE_START====================================================
\r
4 * * ===========================================================================
\r
5 * * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
\r
6 * * Copyright © 2017 Amdocs
\r
7 * * ===========================================================================
\r
8 * * Licensed under the Apache License, Version 2.0 (the "License");
\r
9 * * you may not use this file except in compliance with the License.
\r
10 * * You may obtain a copy of the License at
\r
12 * * http://www.apache.org/licenses/LICENSE-2.0
\r
14 * * Unless required by applicable law or agreed to in writing, software
\r
15 * * distributed under the License is distributed on an "AS IS" BASIS,
\r
16 * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
\r
17 * * See the License for the specific language governing permissions and
\r
18 * * limitations under the License.
\r
19 * * ============LICENSE_END====================================================
\r
21 * * ECOMP is a trademark and service mark of AT&T Intellectual Property.
\r
23 ******************************************************************************/
\r
24 package com.att.cadi.wsse;
\r
26 import java.io.IOException;
\r
27 import java.io.InputStream;
\r
29 import javax.xml.stream.XMLStreamException;
\r
31 import com.att.cadi.BasicCred;
\r
37 * Read the User and Password from WSSE Formatted SOAP Messages
\r
39 * This class uses StAX so that processing is stopped as soon as the Security User/Password are read into BasicCred, or the Header Ends
\r
41 * This class is intended to be created once (or very few times) and reused as much as possible.
\r
43 * It is as thread safe as StAX parsing is.
\r
46 public class WSSEParser {
\r
47 private static final String SOAP_NS = "http://schemas.xmlsoap.org/soap/envelope/";
\r
48 private static final String WSSE_NS = "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd";
\r
49 private Match<BasicCred> parseTree;
\r
50 //private XMLInputFactory inputFactory;
\r
52 public WSSEParser() {
\r
53 // soap:Envelope/soap:Header/wsse:Security/wsse:UsernameToken/[wsse:Password&wsse:Username]
\r
54 parseTree = new Match<BasicCred>(SOAP_NS,"root", // need a root level to start from... Doesn't matter what the tag is
\r
55 new Match<BasicCred>(SOAP_NS,"Envelope",
\r
56 new Match<BasicCred>(SOAP_NS,"Header",
\r
57 new Match<BasicCred>(WSSE_NS,"Security",
\r
58 new Match<BasicCred>(WSSE_NS,"UsernameToken",
\r
59 new Match<BasicCred>(WSSE_NS,"Password").set(new Action<BasicCred>() {
\r
60 public boolean content(BasicCred bc,String text) {
\r
61 bc.setCred(text.getBytes());
\r
65 new Match<BasicCred>(WSSE_NS,"Username").set(new Action<BasicCred>() {
\r
66 public boolean content(BasicCred bc,String text) {
\r
71 ).stopAfter() // if found, end when UsernameToken ends (no further processing needed)
\r
73 ).stopAfter() // Stop Processing when Header Ends
\r
74 ).exclusive()// Envelope must match Header, and no other. FYI, Body comes after Header short circuits (see above), so it's ok
\r
75 ).exclusive(); // root must be Envelope
\r
76 //inputFactory = XMLInputFactory.newInstance();
\r
79 public XMLStreamException parse(BasicCred bc, InputStream is) throws IOException {
\r
81 parseTree.onMatch(bc, new XReader(is));
\r
83 } catch (XMLStreamException e) {
\r