View Javadoc

1   /*
2    * Licensed to the University Corporation for Advanced Internet Development, 
3    * Inc. (UCAID) under one or more contributor license agreements.  See the 
4    * NOTICE file distributed with this work for additional information regarding
5    * copyright ownership. The UCAID licenses this file to You under the Apache 
6    * License, Version 2.0 (the "License"); you may not use this file except in 
7    * compliance with the License.  You may obtain a copy of the License at
8    *
9    *    http://www.apache.org/licenses/LICENSE-2.0
10   *
11   * Unless required by applicable law or agreed to in writing, software
12   * distributed under the License is distributed on an "AS IS" BASIS,
13   * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14   * See the License for the specific language governing permissions and
15   * limitations under the License.
16   */
17  
18  package edu.internet2.middleware.shibboleth.common.config.security;
19  
20  import java.util.HashSet;
21  import java.util.List;
22  
23  import javax.xml.namespace.QName;
24  
25  import org.opensaml.xml.util.DatatypeHelper;
26  import org.opensaml.xml.util.XMLHelper;
27  import org.slf4j.Logger;
28  import org.slf4j.LoggerFactory;
29  import org.springframework.beans.factory.support.AbstractBeanDefinition;
30  import org.springframework.beans.factory.support.BeanDefinitionBuilder;
31  import org.springframework.beans.factory.xml.AbstractSingleBeanDefinitionParser;
32  import org.springframework.beans.factory.xml.ParserContext;
33  import org.w3c.dom.Element;
34  
35  import edu.internet2.middleware.shibboleth.common.config.SpringConfigurationUtils;
36  
37  /** Spring bean definition parser for {urn:mace:shibboleth:2.0:security}StaticPKIXX509Credential elements. */
38  public class StaticPKIXX509CredentialTrustEngineBeanDefinitionParser extends AbstractSingleBeanDefinitionParser {
39  
40      /** Schema type. */
41      public static final QName SCHEMA_TYPE = new QName(SecurityNamespaceHandler.NAMESPACE, "StaticPKIXX509Credential");
42  
43      /** Class logger. */
44      private final Logger log = LoggerFactory.getLogger(StaticPKIXX509CredentialTrustEngineBeanDefinitionParser.class);
45  
46      /** {@inheritDoc} */
47      protected Class getBeanClass(Element element) {
48          return StaticPKIXX509CredentialTrustEngineFactoryBean.class;
49      }
50  
51      /** {@inheritDoc} */
52      protected void doParse(Element element, ParserContext parserContext, BeanDefinitionBuilder builder) {
53          log.info("Parsing configuration for {} trust engine with id: {}", XMLHelper.getXSIType(element).getLocalPart(),
54                  element.getAttributeNS(null, "id"));
55  
56          List<Element> childElems = XMLHelper.getChildElementsByTagNameNS(element, SecurityNamespaceHandler.NAMESPACE,
57                  "ValidationInfo");
58          builder.addPropertyValue("PKIXInfo", SpringConfigurationUtils.parseInnerCustomElements(childElems, parserContext));
59  
60          childElems = XMLHelper.getChildElementsByTagNameNS(element, SecurityNamespaceHandler.NAMESPACE, "TrustedName");
61          HashSet<String> trustedNames = new HashSet<String>(childElems.size());
62          for (Element nameElem : childElems) {
63              trustedNames.add(DatatypeHelper.safeTrimOrNullString(nameElem.getTextContent()));
64          }
65          builder.addPropertyValue("trustedNames", trustedNames);
66          
67          childElems = XMLHelper.getChildElementsByTagNameNS(element, SecurityNamespaceHandler.NAMESPACE, "ValidationOptions");
68          if (childElems.size() > 0) {
69              builder.addPropertyValue("PKIXValidationOptions", SpringConfigurationUtils.parseInnerCustomElement(
70                      (Element) childElems.get(0), parserContext));
71          }
72      }
73  
74      /** {@inheritDoc} */
75      protected String resolveId(Element element, AbstractBeanDefinition definition, ParserContext parserContext) {
76          return DatatypeHelper.safeTrim(element.getAttributeNS(null, "id"));
77      }
78  }