SAMLAuthenticationToken.java

/**
 * Copyright (c) Codice Foundation
 * <p>
 * This is free software: you can redistribute it and/or modify it under the terms of the GNU Lesser
 * General Public License as published by the Free Software Foundation, either version 3 of the
 * License, or any later version.
 * <p>
 * This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without
 * even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
 * Lesser General Public License for more details. A copy of the GNU Lesser General Public License
 * is distributed along with this program and can be found at
 * <http://www.gnu.org/licenses/lgpl.html>.
 */
package org.codice.ddf.security.handler.api;

import java.security.Principal;

import org.apache.cxf.ws.security.tokenstore.SecurityToken;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.w3c.dom.Element;
import org.w3c.dom.ls.DOMImplementationLS;
import org.w3c.dom.ls.LSSerializer;

public class SAMLAuthenticationToken extends BaseAuthenticationToken {
    private static final Logger LOGGER = LoggerFactory.getLogger(SAMLAuthenticationToken.class);

    boolean reference = true;

    /**
     * Constructor that only allows SecurityToken objects to be used as the credentials.
     *
     * @param principal represents the
     * @param token
     * @param realm
     */
    public SAMLAuthenticationToken(Principal principal, SecurityToken token, String realm) {
        super(principal, realm, token);
        reference = false;
    }

    public SAMLAuthenticationToken(Principal principal, String samlRef, String realm) {
        super(principal, realm, samlRef);
        reference = true;
    }

    public boolean isReference() {
        return reference;
    }

    public void replaceReferenece(SecurityToken token) {
        if (reference) {
            credentials = token;
            reference = false;
        } else {
            LOGGER.debug("Current token is not a reference - call to replace is ignored.");
        }
    }

    /**
     * Returns the SAML token as a DOM Element.
     *
     * @return the SAML token as a DOM element or null if it doesn't exist
     */
    public Element getSAMLTokenAsElement() {
        if (reference) {
            LOGGER.debug("Attempting to return a SAML token without converting from a reference.");
            return null;
        }

        SecurityToken token = (SecurityToken) getCredentials();
        if (token != null) {
            return token.getToken();
        }
        return null;
    }

    @Override
    public String getCredentialsAsXMLString() {
        String creds = "";
        Element element = getSAMLTokenAsElement();
        if (element != null) {
            DOMImplementationLS lsImpl = (DOMImplementationLS) element.getOwnerDocument()
                    .getImplementation()
                    .getFeature("LS", "3.0");
            if (null != lsImpl) {
                LSSerializer serializer = lsImpl.createLSSerializer();
                serializer.getDomConfig()
                        .setParameter("xml-declaration",
                                false); //by default its true, so set it to false to get String without xml-declaration
                creds = serializer.writeToString(element);
            }
            LOGGER.trace("XML representation of SAML token: {}", creds);
        }
        return creds;
    }
}