AttachmentsConfigReaderUtils.java

  1. /*
  2.  * GovWay - A customizable API Gateway 
  3.  * https://govway.org
  4.  * 
  5.  * Copyright (c) 2005-2025 Link.it srl (https://link.it). 
  6.  * 
  7.  * This program is free software: you can redistribute it and/or modify
  8.  * it under the terms of the GNU General Public License version 3, as published by
  9.  * the Free Software Foundation.
  10.  *
  11.  * This program is distributed in the hope that it will be useful,
  12.  * but WITHOUT ANY WARRANTY; without even the implied warranty of
  13.  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  14.  * GNU General Public License for more details.
  15.  *
  16.  * You should have received a copy of the GNU General Public License
  17.  * along with this program.  If not, see <http://www.gnu.org/licenses/>.
  18.  *
  19.  */

  21. package org.openspcoop2.security.message.utils;

  23. import java.util.ArrayList;
  24. import java.util.List;
  25. import java.util.Map;

  27. import org.openspcoop2.message.soap.reference.AttachmentReference;
  28. import org.openspcoop2.message.soap.reference.Reference;
  29. import org.openspcoop2.security.message.MessageSecurityContext;
  30. import org.openspcoop2.security.message.constants.SecurityConstants;

  32. /**
  33.  * AttachmentsConfigReaderUtils
  34.  *
  35.  * @author Andrea Poli (apoli@link.it)
  36.  * @author $Author$
  37.  * @version $Rev$, $Date$
  38.  */
  39. public class AttachmentsConfigReaderUtils {

  41.     public static List<String> getListCIDAttachmentsForSecurity(MessageSecurityContext wssContext) throws Exception{
  42.         List<String> cidSecurity = new ArrayList<>();
  43.         if(wssContext.getReferences()!=null && wssContext.getReferences().size()>0){
  44.             for (Reference reference : wssContext.getReferences()) {
  45.                 if(reference instanceof AttachmentReference){
  46.                     AttachmentReference ar = (AttachmentReference)reference;
  47.                     //System.out.println("ADD TYPE-REF["+ar.getType()+"] ["+ar.getReference()+"]");
  48.                     cidSecurity.add(ar.getReference());
  49.                 }
  50.             }
  51.         }
  52.         return cidSecurity;
  53.     }
  54.     
  55.     public static AttachmentProcessingPart getSecurityOnAttachments(MessageSecurityContext wssContext) throws Exception{

  57.         AttachmentProcessingPart ap = null;

  59.         Map<String,Object> wssProperties = null;
  60.         if(wssContext.isFunctionAsClient())
  61.             wssProperties = wssContext.getOutgoingProperties();
  62.         else
  63.             wssProperties = wssContext.getIncomingProperties();
  64.         if (wssProperties != null && wssProperties.size() > 0) {
  65.             if(wssProperties.containsKey(SecurityConstants.ENCRYPTION_PARTS)){
  66.                 String value = (String) wssProperties.get(SecurityConstants.ENCRYPTION_PARTS);
  67.                 List<ProcessingPart<?,?>> listProcessingParts = ProcessingPartUtils.getEncryptionInstance().getProcessingParts(value);
  68.                 AttachmentProcessingPart apFound = findAttachmentProcessingPart(listProcessingParts, ap, SecurityConstants.ENCRYPTION_PARTS); 
  69.                 if(ap==null){
  70.                     ap = apFound;
  71.                 }
  72.             }
  73.             else if(wssProperties.containsKey(SecurityConstants.SIGNATURE_PARTS)){
  74.                 String value = (String) wssProperties.get(SecurityConstants.SIGNATURE_PARTS);
  75.                 List<ProcessingPart<?,?>> listProcessingParts = ProcessingPartUtils.getEncryptionInstance().getProcessingParts(value);
  76.                 AttachmentProcessingPart apFound = findAttachmentProcessingPart(listProcessingParts, ap, SecurityConstants.SIGNATURE_PARTS); 
  77.                 if(ap==null){
  78.                     ap = apFound;
  79.                 }
  80.             }
  81.         }
  82.         
  83.         if(ap==null) {
  84.             if(wssContext.getManualAttachmentsEncryptPart()!=null) {
  85.                 List<ProcessingPart<?,?>> listProcessingParts = ProcessingPartUtils.getEncryptionInstance().getProcessingParts(wssContext.getManualAttachmentsEncryptPart());
  86.                 AttachmentProcessingPart apFound = findAttachmentProcessingPart(listProcessingParts, ap, SecurityConstants.ENCRYPTION_PARTS); 
  87.                 if(ap==null){
  88.                     ap = apFound;
  89.                 }
  90.             }
  91.             else if(wssContext.getManualAttachmentsSignaturePart()!=null) {
  92.                 List<ProcessingPart<?,?>> listProcessingParts = ProcessingPartUtils.getEncryptionInstance().getProcessingParts(wssContext.getManualAttachmentsSignaturePart());
  93.                 AttachmentProcessingPart apFound = findAttachmentProcessingPart(listProcessingParts, ap, SecurityConstants.SIGNATURE_PARTS); 
  94.                 if(ap==null){
  95.                     ap = apFound;
  96.                 }
  97.             }
  98.         }

  100.         return ap;
  101.     }

  103.     public static  AttachmentProcessingPart findAttachmentProcessingPart(List<ProcessingPart<?,?>> listProcessingParts, AttachmentProcessingPart ap, String parts) throws Exception{
  104.         AttachmentProcessingPart apFound = null;
  105.         boolean found = false;
  106.         for (ProcessingPart<?, ?> processingPart : listProcessingParts) {
  107.             if(processingPart instanceof AttachmentProcessingPart){
  108.                 if(found){
  109.                     throw new Exception("Only one configuration for attachments is allowed in "+parts);
  110.                 }
  111.                 apFound = (AttachmentProcessingPart) processingPart;
  112.                 if(ap!=null){
  113.                     // trovato anche in signature
  114.                     if(ap.isAllAttachments()){
  115.                         if(!apFound.isAllAttachments()){
  116.                             throw new Exception("The configuration of signature and encryption for the attachments must be the same (found difference in "+SecurityConstants.ENCRYPTION_PARTS
  117.                                     +" and "+SecurityConstants.SIGNATURE_PARTS+")");
  118.                         }
  119.                     }
  120.                     else {
  121.                         int apIntValue = ap.getPart().intValue();
  122.                         if(apFound.isAllAttachments() || apIntValue!=apFound.getPart().intValue() ){
  123.                             throw new Exception("The configuration of signature and encryption for the attachments must be the same (found difference in "+SecurityConstants.ENCRYPTION_PARTS
  124.                                     +" and "+SecurityConstants.SIGNATURE_PARTS+")");
  125.                         }
  126.                     }
  127.                 }

  129.                 found = true;
  130.             }
  131.         }
  132.         return apFound;
  133.     }

  135. }
Created with JaCoCo 0.8.8.202204050719