/**
* Licensed to the Apache Software Foundation (ASF) under one
* or more contributor license agreements. See the NOTICE file
* distributed with this work for additional information
* regarding copyright ownership. The ASF licenses this file
* to you under the Apache License, Version 2.0 (the
* "License"); you may not use this file except in compliance
* with the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
package org.apache.wss4j.stax.ext;
import java.util.ArrayList;
import java.util.EnumSet;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import javax.xml.namespace.QName;
import org.apache.wss4j.common.ConfigurationConstants;
import org.apache.xml.security.stax.ext.XMLSecurityConstants;
/**
* WSSConstants for global use
*/
public class WSSConstants extends XMLSecurityConstants {
protected WSSConstants() {
}
public static final String TRANSPORT_SECURITY_ACTIVE = "transportSecurityActive";
public static final String TIMESTAMP_PROCESSED = "TimestampProcessed";
public static final String PROP_ALLOW_RSA15_KEYTRANSPORT_ALGORITHM = "secureProcessing.AllowRSA15KeyTransportAlgorithm";
public static final String PROP_ALLOW_USERNAMETOKEN_NOPASSWORD = "secureProcessing.AllowUsernameTokenNoPassword";
public static final String NS_WSSE10 = "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd";
public static final String NS_WSSE11 = "http://docs.oasis-open.org/wss/oasis-wss-wssecurity-secext-1.1.xsd";
public static final String NS_WSU10 = "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd";
public static final String NS_SOAP11 = "http://schemas.xmlsoap.org/soap/envelope/";
public static final String NS_SOAP12 = "http://www.w3.org/2003/05/soap-envelope";
public static final String NS_WST = "http://schemas.xmlsoap.org/ws/2005/02/trust";
public static final String NS_WST_05_12 = "http://docs.oasis-open.org/ws-sx/ws-trust/200512";
public static final String NS_WSC_SCT = "http://schemas.xmlsoap.org/ws/2005/02/sc/sct";
public static final String NS_SAML = "urn:oasis:names:tc:SAML:1.0:assertion";
public static final String NS_SAML2 = "urn:oasis:names:tc:SAML:2.0:assertion";
public static final String PREFIX_SOAPENV = "soap";
public static final String TAG_SOAP_ENVELOPE_LN = "Envelope";
public static final String TAG_SOAP_HEADER_LN = "Header";
public static final String TAG_SOAP_BODY_LN = "Body";
public static final QName TAG_SOAP11_ENVELOPE = new QName(NS_SOAP11, TAG_SOAP_ENVELOPE_LN, PREFIX_SOAPENV);
public static final QName TAG_SOAP11_HEADER = new QName(NS_SOAP11, TAG_SOAP_HEADER_LN, PREFIX_SOAPENV);
public static final QName TAG_SOAP11_BODY = new QName(NS_SOAP11, TAG_SOAP_BODY_LN, PREFIX_SOAPENV);
public static final QName ATT_SOAP11_ACTOR = new QName(NS_SOAP11, "actor", PREFIX_SOAPENV);
public static final QName ATT_SOAP11_MUST_UNDERSTAND = new QName(NS_SOAP11, "mustUnderstand", PREFIX_SOAPENV);
public static final QName TAG_SOAP12_ENVELOPE = new QName(NS_SOAP12, TAG_SOAP_ENVELOPE_LN, PREFIX_SOAPENV);
public static final QName TAG_SOAP12_HEADER = new QName(NS_SOAP12, TAG_SOAP_HEADER_LN, PREFIX_SOAPENV);
public static final QName TAG_SOAP12_BODY = new QName(NS_SOAP12, TAG_SOAP_BODY_LN, PREFIX_SOAPENV);
public static final QName ATT_SOAP12_ROLE = new QName(NS_SOAP12, "role", PREFIX_SOAPENV);
public static final QName ATT_SOAP12_MUST_UNDERSTAND = new QName(NS_SOAP12, "mustUnderstand", PREFIX_SOAPENV);
public static final String PREFIX_WSSE = "wsse";
public static final String PREFIX_WSSE11 = "wsse11";
public static final QName TAG_WSSE_SECURITY = new QName(NS_WSSE10, "Security", PREFIX_WSSE);
public static final QName TAG_WSSE_SECURITY_TOKEN_REFERENCE = new QName(NS_WSSE10, "SecurityTokenReference", PREFIX_WSSE);
public static final QName TAG_WSSE_REFERENCE = new QName(NS_WSSE10, "Reference", PREFIX_WSSE);
public static final QName ATT_WSSE_USAGE = new QName(NS_WSSE10, "Usage", PREFIX_WSSE);
public static final QName ATT_WSSE11_TOKEN_TYPE = new QName(NS_WSSE11, "TokenType", PREFIX_WSSE11);
public static final QName TAG_WSSE_KEY_IDENTIFIER = new QName(NS_WSSE10, "KeyIdentifier", PREFIX_WSSE);
public static final QName ATT_NULL_ENCODING_TYPE = new QName(null, "EncodingType");
public static final QName ATT_NULL_VALUE_TYPE = new QName(null, "ValueType");
public static final QName TAG_WSSE_BINARY_SECURITY_TOKEN = new QName(NS_WSSE10, "BinarySecurityToken", PREFIX_WSSE);
public static final String PREFIX_WSU = "wsu";
public static final QName ATT_WSU_ID = new QName(NS_WSU10, "Id", PREFIX_WSU);
public static final QName TAG_WSSE11_ENCRYPTED_HEADER = new QName(NS_WSSE11, "EncryptedHeader", PREFIX_WSSE11);
public static final QName TAG_WSSE_TRANSFORMATION_PARAMETERS = new QName(NS_WSSE10, "TransformationParameters", PREFIX_WSSE);
public static final QName TAG_WSU_TIMESTAMP = new QName(NS_WSU10, "Timestamp", PREFIX_WSU);
public static final QName TAG_WSU_CREATED = new QName(NS_WSU10, "Created", PREFIX_WSU);
public static final QName TAG_WSU_EXPIRES = new QName(NS_WSU10, "Expires", PREFIX_WSU);
public static final String NS10_SOAPMESSAGE_SECURITY =
"http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0";
public static final String NS11_SOAPMESSAGE_SECURITY =
"http://docs.oasis-open.org/wss/oasis-wss-soap-message-security-1.1";
public static final String NS_X509TOKEN_PROFILE =
"http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0";
public static final String NS_X509_V3_TYPE = NS_X509TOKEN_PROFILE + "#X509v3";
public static final String NS_X509_PKIPATH_V1 = NS_X509TOKEN_PROFILE + "#X509PKIPathv1";
public static final String NS_X509_SKI = NS_X509TOKEN_PROFILE + "#X509SubjectKeyIdentifier";
public static final String NS_THUMBPRINT = NS11_SOAPMESSAGE_SECURITY + "#ThumbprintSHA1";
public static final String NS_ENCRYPTED_KEY_SHA1 = NS11_SOAPMESSAGE_SECURITY + "#EncryptedKeySHA1";
public static final String SOAPMESSAGE_NS10_BASE64_ENCODING = NS10_SOAPMESSAGE_SECURITY + "#Base64Binary";
public static final QName TAG_WSSE_USERNAME_TOKEN = new QName(NS_WSSE10, "UsernameToken", PREFIX_WSSE);
public static final QName TAG_WSSE_USERNAME = new QName(NS_WSSE10, "Username", PREFIX_WSSE);
public static final QName TAG_WSSE_PASSWORD = new QName(NS_WSSE10, "Password", PREFIX_WSSE);
public static final QName TAG_WSSE_NONCE = new QName(NS_WSSE10, "Nonce", PREFIX_WSSE);
public static final QName TAG_WSSE11_SALT = new QName(NS_WSSE11, "Salt", PREFIX_WSSE11);
public static final QName TAG_WSSE11_ITERATION = new QName(NS_WSSE11, "Iteration", PREFIX_WSSE11);
public static final String NS_USERNAMETOKEN_PROFILE11 =
"http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0";
public static final String NS_PASSWORD_DIGEST = NS_USERNAMETOKEN_PROFILE11 + "#PasswordDigest";
public static final String NS_PASSWORD_TEXT = NS_USERNAMETOKEN_PROFILE11 + "#PasswordText";
public static final String NS_USERNAMETOKEN_PROFILE_USERNAME_TOKEN = NS_USERNAMETOKEN_PROFILE11 + "#UsernameToken";
public static final QName TAG_WSSE11_SIG_CONF = new QName(NS_WSSE11, "SignatureConfirmation", PREFIX_WSSE11);
public static final QName ATT_NULL_VALUE = new QName(null, "Value");
public static final String NS_C14N_EXCL = "http://www.w3.org/2001/10/xml-exc-c14n#";
public static final String PREFIX_C14N_EXCL = "c14nEx";
public static final QName TAG_WST_BINARY_SECRET = new QName(NS_WST, "BinarySecret");
public static final QName TAG_WST0512_BINARY_SECRET = new QName(NS_WST_05_12, "BinarySecret");
public static final String SOAPMESSAGE_NS10_STR_TRANSFORM = NS10_SOAPMESSAGE_SECURITY + "#STR-Transform";
public static final String SWA_ATTACHMENT_CONTENT_SIG_TRANS =
"http://docs.oasis-open.org/wss/oasis-wss-SwAProfile-1.1#Attachment-Content-Signature-Transform";
public static final String SWA_ATTACHMENT_COMPLETE_SIG_TRANS =
"http://docs.oasis-open.org/wss/oasis-wss-SwAProfile-1.1#Attachment-Complete-Signature-Transform";
public static final String SWA_ATTACHMENT_CIPHERTEXT_TRANS =
"http://docs.oasis-open.org/wss/oasis-wss-SwAProfile-1.1#Attachment-Ciphertext-Transform";
public static final String SWA_ATTACHMENT_ENCRYPTED_DATA_TYPE_CONTENT_ONLY =
"http://docs.oasis-open.org/wss/oasis-wss-SwAProfile-1.1#Attachment-Content-Only";
public static final String SWA_ATTACHMENT_ENCRYPTED_DATA_TYPE_COMPLETE =
"http://docs.oasis-open.org/wss/oasis-wss-SwAProfile-1.1#Attachment-Complete";
public static final QName TAG_SAML_ASSERTION = new QName(NS_SAML, "Assertion");
public static final QName TAG_SAML2_ASSERTION = new QName(NS_SAML2, "Assertion");
public static final QName TAG_SAML2_ENCRYPTED_ASSERTION = new QName(NS_SAML2, "EncryptedAssertion");
public static final String NS_SAML10_TOKEN_PROFILE = "http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.0";
public static final String NS_SAML11_TOKEN_PROFILE = "http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1";
public static final String NS_SAML10_TYPE = NS_SAML10_TOKEN_PROFILE + "#SAMLAssertionID";
public static final String NS_SAML20_TYPE = NS_SAML11_TOKEN_PROFILE + "#SAMLID";
public static final String NS_SAML11_TOKEN_PROFILE_TYPE = NS_SAML11_TOKEN_PROFILE + "#SAMLV1.1";
public static final String NS_SAML20_TOKEN_PROFILE_TYPE = NS_SAML11_TOKEN_PROFILE + "#SAMLV2.0";
public static final String NS_KERBEROS11_TOKEN_PROFILE = "http://docs.oasis-open.org/wss/oasis-wss-kerberos-token-profile-1.1#";
public static final String NS_GSS_KERBEROS5_AP_REQ = NS_KERBEROS11_TOKEN_PROFILE + "GSS_Kerberosv5_AP_REQ";
public static final String NS_GSS_KERBEROS5_AP_REQ1510 = NS_KERBEROS11_TOKEN_PROFILE + "GSS_Kerberosv5_AP_REQ1510";
public static final String NS_GSS_KERBEROS5_AP_REQ4120 = NS_KERBEROS11_TOKEN_PROFILE + "GSS_Kerberosv5_AP_REQ4120";
public static final String NS_KERBEROS5_AP_REQ = NS_KERBEROS11_TOKEN_PROFILE + "Kerberosv5_AP_REQ";
public static final String NS_KERBEROS5_AP_REQ_SHA1 = NS_KERBEROS11_TOKEN_PROFILE + "Kerberosv5APREQSHA1";
public static final String NS_KERBEROS5_AP_REQ1510 = NS_KERBEROS11_TOKEN_PROFILE + "Kerberosv5_AP_REQ1510";
public static final String NS_KERBEROS5_AP_REQ4120 = NS_KERBEROS11_TOKEN_PROFILE + "Kerberosv5_AP_REQ4120";
public static final QName ATT_NULL_ASSERTION_ID = new QName(null, "AssertionID");
public static final QName ATT_NULL_ID = new QName(null, "ID");
public static final String NS_WSC_05_02 = "http://schemas.xmlsoap.org/ws/2005/02/sc";
public static final String NS_WSC_05_12 = "http://docs.oasis-open.org/ws-sx/ws-secureconversation/200512";
public static final String PREFIX_WSC = "wsc";
public static final QName TAG_WSC0502_SCT = new QName(NS_WSC_05_02, "SecurityContextToken", PREFIX_WSC);
public static final QName TAG_WSC0512_SCT = new QName(NS_WSC_05_12, "SecurityContextToken", PREFIX_WSC);
public static final QName TAG_WSC0502_IDENTIFIER = new QName(NS_WSC_05_02, "Identifier", PREFIX_WSC);
public static final QName TAG_WSC0512_IDENTIFIER = new QName(NS_WSC_05_12, "Identifier", PREFIX_WSC);
public static final QName TAG_WSC0502_DKT = new QName(NS_WSC_05_02, "DerivedKeyToken", PREFIX_WSC);
public static final QName TAG_WSC0512_DKT = new QName(NS_WSC_05_12, "DerivedKeyToken", PREFIX_WSC);
public static final QName TAG_WSC0502_PROPERTIES = new QName(NS_WSC_05_02, "Properties", PREFIX_WSC);
public static final QName TAG_WSC0512_PROPERTIES = new QName(NS_WSC_05_12, "Properties", PREFIX_WSC);
public static final QName TAG_WSC0502_LENGTH = new QName(NS_WSC_05_02, "Length", PREFIX_WSC);
public static final QName TAG_WSC0512_LENGTH = new QName(NS_WSC_05_12, "Length", PREFIX_WSC);
public static final QName TAG_WSC0502_GENERATION = new QName(NS_WSC_05_02, "Generation", PREFIX_WSC);
public static final QName TAG_WSC0512_GENERATION = new QName(NS_WSC_05_12, "Generation", PREFIX_WSC);
public static final QName TAG_WSC0502_OFFSET = new QName(NS_WSC_05_02, "Offset", PREFIX_WSC);
public static final QName TAG_WSC0512_OFFSET = new QName(NS_WSC_05_12, "Offset", PREFIX_WSC);
public static final QName TAG_WSC0502_LABEL = new QName(NS_WSC_05_02, "Label", PREFIX_WSC);
public static final QName TAG_WSC0512_LABEL = new QName(NS_WSC_05_12, "Label", PREFIX_WSC);
public static final QName TAG_WSC0502_NONCE = new QName(NS_WSC_05_02, "Nonce", PREFIX_WSC);
public static final QName TAG_WSC0512_NONCE = new QName(NS_WSC_05_12, "Nonce", PREFIX_WSC);
public static final String P_SHA_1 = "http://schemas.xmlsoap.org/ws/2005/02/sc/dk/p_sha1";
public static final String P_SHA_1_2005_12 = "http://docs.oasis-open.org/ws-sx/ws-secureconversation/200512/dk/p_sha1";
public static final String WS_SEC_CONV_DEFAULT_LABEL = "WS-SecureConversation";
public static final String NS_WSS_ENC_KEY_VALUE_TYPE = NS11_SOAPMESSAGE_SECURITY + "#EncryptedKey";
public static final String PROP_USE_THIS_TOKEN_ID_FOR_KERBEROS = "PROP_USE_THIS_TOKEN_ID_FOR_KERBEROS";
public static final String PROP_USE_THIS_TOKEN_ID_FOR_DERIVED_KEY = "PROP_USE_THIS_TOKEN_ID_FOR_DERIVED_KEY";
public static final String PROP_USE_THIS_TOKEN_ID_FOR_SECURITYCONTEXTTOKEN = "PROP_USE_THIS_TOKEN_ID_FOR_SECURITYCONTEXTTOKEN";
public static final String PROP_USE_THIS_TOKEN_ID_FOR_CUSTOM_TOKEN = "PROP_USE_THIS_TOKEN_ID_FOR_CUSTOM_TOKEN";
public static final String PROP_TIMESTAMP_SECURITYEVENT = "PROP_TIMESTAMP";
public static final String PROP_ENCRYPTED_DATA_REFS = "PROP_ENCRYPTED_DATA_REFS";
public static final Action TIMESTAMP = new Action(ConfigurationConstants.TIMESTAMP);
public static final Action USERNAMETOKEN = new Action(ConfigurationConstants.USERNAME_TOKEN);
public static final Action USERNAMETOKEN_SIGNED = new Action(ConfigurationConstants.USERNAME_TOKEN_SIGNATURE);
public static final Action SIGNATURE_CONFIRMATION = new Action("SignatureConfirmation");
public static final Action SIGNATURE_WITH_DERIVED_KEY = new Action("SignatureWithDerivedKey");
public static final Action ENCRYPT_WITH_DERIVED_KEY = new Action("EncryptWithDerivedKey");
public static final Action SAML_TOKEN_SIGNED = new Action(ConfigurationConstants.SAML_TOKEN_SIGNED);
public static final Action SAML_TOKEN_UNSIGNED = new Action(ConfigurationConstants.SAML_TOKEN_UNSIGNED);
public static final Action SIGNATURE_WITH_KERBEROS_TOKEN = new Action("SignatureWithKerberosToken");
public static final Action ENCRYPT_WITH_KERBEROS_TOKEN = new Action("EncryptWithKerberosToken");
public static final Action KERBEROS_TOKEN = new Action("KerberosToken");
public static final Action CUSTOM_TOKEN = new Action("CustomToken");
public static final AlgorithmUsage COMP_KEY = new AlgorithmUsage("Comp_Key");
public static final AlgorithmUsage ENC_KD = new AlgorithmUsage("ENC_KD");
public static final AlgorithmUsage SIG_KD = new AlgorithmUsage("SIG_KD");
public static final AlgorithmUsage SOAP_NORM = new AlgorithmUsage("Soap_Norm");
public static final AlgorithmUsage STR_TRANS = new AlgorithmUsage("STR_Trans");
public static final AlgorithmUsage XPATH = new AlgorithmUsage("XPath");
public enum DerivedKeyTokenReference {
DirectReference,
EncryptedKey,
SecurityContextToken,
}
public enum UsernameTokenPasswordType {
PASSWORD_NONE(null),
PASSWORD_TEXT(NS_PASSWORD_TEXT),
PASSWORD_DIGEST(NS_PASSWORD_DIGEST);
private final String namespace;
private static final Map<String, UsernameTokenPasswordType> LOOKUP = new HashMap<>();
static {
for (UsernameTokenPasswordType u : EnumSet.allOf(UsernameTokenPasswordType.class)) {
LOOKUP.put(u.getNamespace(), u);
}
}
UsernameTokenPasswordType(String namespace) {
this.namespace = namespace;
}
public String getNamespace() {
return namespace;
}
public static UsernameTokenPasswordType getUsernameTokenPasswordType(String namespace) {
return LOOKUP.get(namespace);
}
}
public static final List<QName> SOAP_11_BODY_PATH = new ArrayList<>(2);
public static final List<QName> SOAP_11_HEADER_PATH = new ArrayList<>(2);
public static final List<QName> WSSE_SECURITY_HEADER_PATH = new ArrayList<>(3);
static {
SOAP_11_BODY_PATH.add(WSSConstants.TAG_SOAP11_ENVELOPE);
SOAP_11_BODY_PATH.add(WSSConstants.TAG_SOAP11_BODY);
SOAP_11_HEADER_PATH.add(WSSConstants.TAG_SOAP11_ENVELOPE);
SOAP_11_HEADER_PATH.add(WSSConstants.TAG_SOAP11_HEADER);
WSSE_SECURITY_HEADER_PATH.addAll(SOAP_11_HEADER_PATH);
WSSE_SECURITY_HEADER_PATH.add(WSSConstants.TAG_WSSE_SECURITY);
}
}