in modules/rampart-trust/src/main/java/org/apache/rahas/impl/SAMLTokenRenewer.java [38:135]
public SOAPEnvelope renew(RahasData data) throws TrustException {
// retrieve the message context
MessageContext inMsgCtx = data.getInMessageContext();
SAMLTokenIssuerConfig config = null;
if (this.configElement != null) {
config = new SAMLTokenIssuerConfig(configElement
.getFirstChildWithName(SAMLTokenIssuerConfig.SAML_ISSUER_CONFIG));
}
// Look for the file
if (config == null && this.configFile != null) {
config = new SAMLTokenIssuerConfig(this.configFile);
}
// Look for the param
if (config == null && this.configParamName != null) {
Parameter param = inMsgCtx.getParameter(this.configParamName);
if (param != null && param.getParameterElement() != null) {
config = new SAMLTokenIssuerConfig(param
.getParameterElement().getFirstChildWithName(
SAMLTokenIssuerConfig.SAML_ISSUER_CONFIG));
} else {
throw new TrustException("expectedParameterMissing",
new String[]{this.configParamName});
}
}
if (config == null) {
throw new TrustException("configurationIsNull");
}
// retrieve the list of tokens from the message context
TokenStorage tkStorage = TrustUtil.getTokenStore(inMsgCtx);
// Create envelope
SOAPEnvelope env = TrustUtil.createSOAPEnvelope(inMsgCtx
.getEnvelope().getNamespace().getNamespaceURI());
// Create RSTR element, with respective version
OMElement rstrElem;
int wstVersion = data.getVersion();
if (RahasConstants.VERSION_05_02 == wstVersion) {
rstrElem = TrustUtil.createRequestSecurityTokenResponseElement(
wstVersion, env.getBody());
} else {
OMElement rstrcElem = TrustUtil
.createRequestSecurityTokenResponseCollectionElement(
wstVersion, env.getBody());
rstrElem = TrustUtil.createRequestSecurityTokenResponseElement(
wstVersion, rstrcElem);
}
ClassLoader classLoader = inMsgCtx.getAxisService().getClassLoader();
Crypto crypto = config.getIssuerCrypto(classLoader);
// Create TokenType element
TrustUtil.createTokenTypeElement(wstVersion, rstrElem).setText(
RahasConstants.TOK_TYPE_SAML_10);
// Creation and expiration times
ZonedDateTime creationTime = ZonedDateTime.now(ZoneOffset.UTC);
ZonedDateTime expirationTime = ZonedDateTime.ofInstant(Instant.ofEpochMilli(creationTime.toInstant().toEpochMilli() + config.getTtl()), ZoneOffset.UTC);
// Add the Lifetime element
TrustUtil.createLifetimeElement(wstVersion, rstrElem, DateUtil.getDateTimeFormatter(true).format(creationTime), DateUtil.getDateTimeFormatter(true).format(expirationTime));
// Obtain the token
Token tk = tkStorage.getToken(data.getTokenId());
OMElement assertionOMElement = tk.getToken();
Assertion samlAssertion;
samlAssertion = SAMLUtils.buildAssertion((Element) assertionOMElement);
if (samlAssertion.getConditions() == null) {
samlAssertion.setConditions((Conditions) CommonUtil.buildXMLObject(Conditions.DEFAULT_ELEMENT_NAME));
}
samlAssertion.getConditions().setNotBefore(creationTime.toInstant());
samlAssertion.getConditions().setNotOnOrAfter(creationTime.toInstant());
// sign the assertion
SAMLUtils.signAssertion(samlAssertion, crypto, config.getIssuerKeyAlias(), config.getIssuerKeyPassword());
// Create the RequestedSecurityToken element and add the SAML token
// to it
OMElement reqSecTokenElem = TrustUtil
.createRequestedSecurityTokenElement(wstVersion, rstrElem);
Node tempNode = samlAssertion.getDOM();
reqSecTokenElem.addChild((OMNode) ((Element) rstrElem)
.getOwnerDocument().importNode(tempNode, true));
return env;
}