public static void setKeyIdentifierType()

in modules/rampart-core/src/main/java/org/apache/rampart/util/RampartUtil.java [1450:1504]

• 45 lines of code
• 22 McCabe index (conditional complexity)

    public static void setKeyIdentifierType(RampartMessageData rmd, WSSecBase secBase,org.apache.ws.secpolicy.model.Token token) {

        // Use a reference rather than the binary security token if: the policy never allows the token to be
        // included; or this is the recipient and the token should only be included in requests; or this is
        // the initiator and the token should only be included in responses.
        final boolean useReference = token.getInclusion() == SPConstants.INCLUDE_TOKEN_NEVER
                                     || !rmd.isInitiator() && token.getInclusion() == SPConstants.INCLUDE_TOEKN_ALWAYS_TO_RECIPIENT
                                     || rmd.isInitiator() && token.getInclusion() == SPConstants.INCLUDE_TOEKN_ALWAYS_TO_INITIATOR;
        if (useReference) {

    		boolean tokenTypeSet = false;
    		
    		if(token instanceof X509Token) {
    			X509Token x509Token = (X509Token)token;
    			
    			if(x509Token.isRequireIssuerSerialReference()) {
    				secBase.setKeyIdentifierType(WSConstants.ISSUER_SERIAL);
    				tokenTypeSet = true;
    			} else if (x509Token.isRequireKeyIdentifierReference()) {
    				secBase.setKeyIdentifierType(WSConstants.SKI_KEY_IDENTIFIER);
    				tokenTypeSet = true;
    			} else if (x509Token.isRequireThumbprintReference()) {
    				secBase.setKeyIdentifierType(WSConstants.THUMBPRINT_IDENTIFIER);
    				tokenTypeSet = true;
     			} else if (x509Token.isRequireX509V3KeyIdentifierReference()) {
                                secBase.setKeyIdentifierType(WSConstants.X509_KEY_IDENTIFIER);
                                tokenTypeSet = true;
    			} else if (log.isDebugEnabled()) {
    				log.debug("RampartUtil.setKeyIdentifierType() found a Token that is an instanceof X509Token but was not able to identify the correcc constant to set on WSSecBase.setKeyIdentifierType()" );
                        }
    		} 
    		
    		if (!tokenTypeSet) {
                final RampartPolicyData rpd = rmd.getPolicyData();
	    		Wss10 wss = rpd.getWss11();
				if (wss == null) {
					wss = rpd.getWss10();
				}
				
				if (wss !=null && wss.isMustSupportRefKeyIdentifier()) {
					secBase.setKeyIdentifierType(WSConstants.SKI_KEY_IDENTIFIER);
				} else if (wss !=null && wss.isMustSupportRefIssuerSerial()) {
					secBase.setKeyIdentifierType(WSConstants.ISSUER_SERIAL);
				} else if (wss !=null && wss instanceof Wss11
						&& ((Wss11) wss).isMustSupportRefThumbprint()) {
					secBase.setKeyIdentifierType(WSConstants.THUMBPRINT_IDENTIFIER);
				} else if (log.isDebugEnabled()) {
					log.debug("RampartUtil.setKeyIdentifierType() attempted secpolicy Wss10 and Wss11 but was not able to identify the correcc constant to set on WSSecBase.setKeyIdentifierType()" );
				}
    		}
    		
		} else {
			secBase.setKeyIdentifierType(WSConstants.BST_DIRECT_REFERENCE);
		}
    }