MessageSecurityUtilities.java

  1. /*
  2.  * GovWay - A customizable API Gateway 
  3.  * https://govway.org
  4.  * 
  5.  * Copyright (c) 2005-2025 Link.it srl (https://link.it). 
  6.  * 
  7.  * This program is free software: you can redistribute it and/or modify
  8.  * it under the terms of the GNU General Public License version 3, as published by
  9.  * the Free Software Foundation.
  10.  *
  11.  * This program is distributed in the hope that it will be useful,
  12.  * but WITHOUT ANY WARRANTY; without even the implied warranty of
  13.  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  14.  * GNU General Public License for more details.
  15.  *
  16.  * You should have received a copy of the GNU General Public License
  17.  * along with this program.  If not, see <http://www.gnu.org/licenses/>.
  18.  *
  19.  */

  21. package org.openspcoop2.security.message;

  23. import java.util.Map;

  25. import org.openspcoop2.security.message.constants.SecurityConstants;

  27. /**
  28.  * MessageSecurityUtilities
  29.  * 
  30.  * @author Poli Andrea (apoli@link.it)
  31.  * @author $Author$
  32.  * @version $Rev$, $Date$
  33.  */
  34. public class MessageSecurityUtilities {
  35.     
  36.     private MessageSecurityUtilities() {}

  38.     public static boolean processSOAPFault(Map<String,Object> messageSecurityProperties){
  39.         // Default disabilitati
  40.         boolean processEncryptSOAPFault = false;
  41.         boolean processSignatureSOAPFault = false;
  42.         boolean processUsernameTokenFault = false;
  43.         boolean processSAMLTokenFault = false;
  44.         
  45.         String propertyEncrypt = (String) messageSecurityProperties.get(SecurityConstants.ENCRYPTION_SOAP_FAULT);
  46.         if(propertyEncrypt!=null &&
  47.             SecurityConstants.TRUE.equalsIgnoreCase(propertyEncrypt)){
  48.             processEncryptSOAPFault = true;
  49.         }
  50.         
  51.         String propertySignature = (String) messageSecurityProperties.get(SecurityConstants.SIGNATURE_SOAP_FAULT);
  52.         if(propertySignature!=null &&
  53.             SecurityConstants.TRUE.equalsIgnoreCase(propertySignature)){
  54.             processSignatureSOAPFault = true;
  55.         }
  56.         
  57.         String propertyUsernameToken = (String) messageSecurityProperties.get(SecurityConstants.USERNAME_TOKEN_SOAP_FAULT);
  58.         if(propertyUsernameToken!=null &&
  59.             SecurityConstants.TRUE.equalsIgnoreCase(propertyUsernameToken)){
  60.             processUsernameTokenFault = true;
  61.         }
  62.         
  63.         String propertySAMLToken = (String) messageSecurityProperties.get(SecurityConstants.SAML_TOKEN_SOAP_FAULT);
  64.         if(propertySAMLToken!=null &&
  65.             SecurityConstants.TRUE.equalsIgnoreCase(propertySAMLToken)){
  66.             processSAMLTokenFault = true;
  67.         }
  68.         
  69.         return processFaultEngine(messageSecurityProperties, 
  70.                 processEncryptSOAPFault, processSignatureSOAPFault,
  71.                 processUsernameTokenFault, processSAMLTokenFault);
  72.     }
  73.     public static boolean processProblemDetails(Map<String,Object> messageSecurityProperties){
  74.         // Default disabilitati
  75.         boolean processEncryptProblemDetails = false;
  76.         boolean processSignatureProblemDetails = false;
  77.         boolean processUsernameTokenProblemDetails = false;
  78.         boolean processSAMLTokenProblemDetails = false;
  79.         
  80.         String propertyEncrypt = (String) messageSecurityProperties.get(SecurityConstants.ENCRYPTION_PROBLEM_DETAILS);
  81.         if(propertyEncrypt!=null &&
  82.             SecurityConstants.TRUE.equalsIgnoreCase(propertyEncrypt)){
  83.             processEncryptProblemDetails = true;
  84.         }
  85.         
  86.         String propertySignature = (String) messageSecurityProperties.get(SecurityConstants.SIGNATURE_PROBLEM_DETAILS);
  87.         if(propertySignature!=null &&
  88.             SecurityConstants.TRUE.equalsIgnoreCase(propertySignature)){
  89.             processSignatureProblemDetails = true;
  90.         }
  91.         
  92.         String propertyUsernameToken = (String) messageSecurityProperties.get(SecurityConstants.USERNAME_TOKEN_PROBLEM_DETAILS);
  93.         if(propertyUsernameToken!=null &&
  94.             SecurityConstants.TRUE.equalsIgnoreCase(propertyUsernameToken)){
  95.             processUsernameTokenProblemDetails = true;
  96.         }
  97.         
  98.         String propertySAMLToken = (String) messageSecurityProperties.get(SecurityConstants.SAML_TOKEN_PROBLEM_DETAILS);
  99.         if(propertySAMLToken!=null &&
  100.             SecurityConstants.TRUE.equalsIgnoreCase(propertySAMLToken)){
  101.             processSAMLTokenProblemDetails = true;
  102.         }
  103.         
  104.         return processFaultEngine(messageSecurityProperties, 
  105.                 processEncryptProblemDetails, processSignatureProblemDetails,
  106.                 processUsernameTokenProblemDetails, processSAMLTokenProblemDetails);
  107.     }
  108.     private static boolean processFaultEngine(Map<String,Object> messageSecurityProperties,
  109.             boolean processEncryptFault, boolean processSignatureFault,
  110.             boolean processUsernameTokenFault, boolean processSAMLTokenFault){
  111.                 
  112.         String action = (String) messageSecurityProperties.remove(SecurityConstants.ACTION);
  113.         
  114.         String [] splitActions = action.split(" ");
  115.         StringBuilder bfNewActions = new StringBuilder();
  116.         for (int i = 0; i < splitActions.length; i++) {
  117.             
  118.             String a = splitActions[i].trim();
  119.             
  120.             if(SecurityConstants.isActionEncryption(a) ||
  121.                     SecurityConstants.isActionDecryption(a)){
  122.                 if(processEncryptFault){
  123.                     if(bfNewActions.length()>0){
  124.                         bfNewActions.append(" ");
  125.                     }
  126.                     bfNewActions.append(a);
  127.                 }
  128.             }
  129.             else if(SecurityConstants.SIGNATURE_ACTION.equals(a)){
  130.                 if(processSignatureFault){
  131.                     if(bfNewActions.length()>0){
  132.                         bfNewActions.append(" ");
  133.                     }
  134.                     bfNewActions.append(a);
  135.                 }
  136.             }
  137.             else if(SecurityConstants.isActionUsernameToken(a) ){
  138.                 if(processUsernameTokenFault){
  139.                     if(bfNewActions.length()>0){
  140.                         bfNewActions.append(" ");
  141.                     }
  142.                     bfNewActions.append(a);
  143.                 }
  144.             }
  145.             else if(SecurityConstants.isActionSAMLToken(a) ){
  146.                 if(processSAMLTokenFault){
  147.                     if(bfNewActions.length()>0){
  148.                         bfNewActions.append(" ");
  149.                     }
  150.                     bfNewActions.append(a);
  151.                 }
  152.             }
  153.             else{
  154.                 // altra azione la aggiungo
  155.                 if(bfNewActions.length()>0){
  156.                     bfNewActions.append(" ");
  157.                 }
  158.                 bfNewActions.append(a);
  159.             }
  160.         }
  161.         
  162.         
  163.         if(bfNewActions.length()>0){
  164.             String newActions = bfNewActions.toString();
  165.             if(SecurityConstants.TIMESTAMP_ACTION.equals(newActions)){
  166.                 // se rimane solo TIMESTAMP disabilitiamo
  167.                 return false;
  168.             }else{
  169.                 messageSecurityProperties.put(SecurityConstants.ACTION,newActions);
  170.                 return true;
  171.             }
  172.         }
  173.         else{
  174.             return false;
  175.         }
  176.     }
  177.     
  178.     
  179. }
Created with JaCoCo 0.8.8.202204050719