Author: sguilhen(a)redhat.com
Date: 2009-02-12 12:50:18 -0500 (Thu, 12 Feb 2009)
New Revision: 315
Modified:
identity-federation/trunk/identity-bindings/src/main/java/org/jboss/identity/federation/bindings/jboss/trust/JBossRequestHandler.java
identity-federation/trunk/identity-fed-api/src/main/java/org/jboss/identity/federation/api/wstrust/STSConfiguration.java
identity-federation/trunk/identity-fed-api/src/main/java/org/jboss/identity/federation/api/wstrust/WSTrustUtil.java
Log:
Added lifetime handling to the generated tokens.
Modified:
identity-federation/trunk/identity-bindings/src/main/java/org/jboss/identity/federation/bindings/jboss/trust/JBossRequestHandler.java
===================================================================
---
identity-federation/trunk/identity-bindings/src/main/java/org/jboss/identity/federation/bindings/jboss/trust/JBossRequestHandler.java 2009-02-12
15:58:49 UTC (rev 314)
+++
identity-federation/trunk/identity-bindings/src/main/java/org/jboss/identity/federation/bindings/jboss/trust/JBossRequestHandler.java 2009-02-12
17:50:18 UTC (rev 315)
@@ -32,6 +32,7 @@
import org.jboss.identity.federation.api.wstrust.protocol.RequestSecurityToken;
import org.jboss.identity.federation.api.wstrust.protocol.RequestSecurityTokenResponse;
import org.jboss.identity.federation.ws.policy.AppliesTo;
+import org.jboss.identity.federation.ws.trust.LifetimeType;
import org.jboss.identity.federation.ws.trust.RequestedSecurityTokenType;
/**
@@ -78,19 +79,23 @@
provider = this.configuration.getProviderForService(serviceName);
}
// if applies-to is not available or if no provider was found for the service, use
the token type.
- else if(request.getTokenType() != null && provider == null)
+ if(provider == null && request.getTokenType() != null)
{
provider =
this.configuration.getProviderForTokenType(request.getTokenType().toString());
}
- else if(request.getTokenType() == null)
+ else if(appliesTo == null && request.getTokenType() == null)
throw new WSTrustException("Either AppliesTo or TokenType must be present
in a security token request");
if(provider != null)
{
// create the request context and delegate token generation to the provider.
WSTrustRequestContext requestContext = new WSTrustRequestContext(request);
-
- // TODO: add a lifetime to the request when one hasn't been specified.
+ if(request.getLifetime() == null &&
this.configuration.getIssuedTokenTimeout() != 0)
+ {
+ // if no lifetime has been specified, use the configured timeout value.
+ LifetimeType lifetime =
WSTrustUtil.createDefaultLifetime(this.configuration.getIssuedTokenTimeout());
+ request.setLifetime(lifetime);
+ }
provider.issueToken(requestContext);
// construct the ws-trust security token response.
@@ -103,8 +108,8 @@
if(request.getContext() != null)
response.setContext(request.getContext());
- // TODO: obtain the token type even when the request doesn't have one.
response.setTokenType(request.getTokenType());
+ response.setLifetime(request.getLifetime());
response.setAppliesTo(appliesTo);
response.setRequestedSecurityToken(requestedSecurityToken);
return response;
Modified:
identity-federation/trunk/identity-fed-api/src/main/java/org/jboss/identity/federation/api/wstrust/STSConfiguration.java
===================================================================
---
identity-federation/trunk/identity-fed-api/src/main/java/org/jboss/identity/federation/api/wstrust/STSConfiguration.java 2009-02-12
15:58:49 UTC (rev 314)
+++
identity-federation/trunk/identity-fed-api/src/main/java/org/jboss/identity/federation/api/wstrust/STSConfiguration.java 2009-02-12
17:50:18 UTC (rev 315)
@@ -59,6 +59,17 @@
* @return the token timeout value.
*/
public long getIssuedTokenTimeout();
+
+ /**
+ * <p>
+ * Given the name of a service provider, obtains the type of the token that should be
used when issuing tokens to
+ * clients of that service.
+ * </p>
+ *
+ * @param serviceName the name of the service provider that requires a token from its
clients.
+ * @return a {@code String} representing the type of the token that suits the
specified service.
+ */
+ public String getTokenTypeForService(String serviceName);
/**
* <p>
Modified:
identity-federation/trunk/identity-fed-api/src/main/java/org/jboss/identity/federation/api/wstrust/WSTrustUtil.java
===================================================================
---
identity-federation/trunk/identity-fed-api/src/main/java/org/jboss/identity/federation/api/wstrust/WSTrustUtil.java 2009-02-12
15:58:49 UTC (rev 314)
+++
identity-federation/trunk/identity-fed-api/src/main/java/org/jboss/identity/federation/api/wstrust/WSTrustUtil.java 2009-02-12
17:50:18 UTC (rev 315)
@@ -21,10 +21,17 @@
*/
package org.jboss.identity.federation.api.wstrust;
+import java.text.SimpleDateFormat;
+import java.util.Calendar;
+import java.util.GregorianCalendar;
+import java.util.Locale;
+
import javax.xml.bind.JAXBElement;
import org.jboss.identity.federation.ws.addressing.EndpointReferenceType;
import org.jboss.identity.federation.ws.policy.AppliesTo;
+import org.jboss.identity.federation.ws.trust.LifetimeType;
+import org.jboss.identity.federation.ws.wss.utility.AttributedDateTime;
/**
* <p>
@@ -64,4 +71,55 @@
}
return null;
}
+
+ /**
+ * <p>
+ * Creates a {@code LifetimeType} instance that specifies a range of time that starts
at the current GMT time and has
+ * the specified duration in milliseconds.
+ * </p>
+ *
+ * @param tokenTimeout the token timeout value (in milliseconds).
+ * @return the constructed {@code LifetimeType} instance.
+ */
+ public static LifetimeType createDefaultLifetime(long tokenTimeout)
+ {
+ long createdTime = getCurrentGMTTime();
+ final SimpleDateFormat calendarFormatter = new
SimpleDateFormat("yyyy-MM-dd'T'HH:mm:ss'.'SSS'Z'",
Locale
+ .getDefault());
+ Calendar calendar = new GregorianCalendar();
+ calendarFormatter.setTimeZone(calendar.getTimeZone());
+
+ // instantiate the "created" time.
+ calendar.setTimeInMillis(createdTime);
+ AttributedDateTime created = new AttributedDateTime();
+ created.setValue(calendarFormatter.format(calendar.getTime()));
+
+ // instantiate the "expires" time.
+ calendar.setTimeInMillis(createdTime + tokenTimeout);
+ AttributedDateTime expires = new AttributedDateTime();
+ expires.setValue(calendarFormatter.format(calendar.getTime()));
+
+ LifetimeType type = new LifetimeType();
+ type.setCreated(created);
+ type.setExpires(expires);
+ return type;
+ }
+
+ /**
+ * <p>
+ * Obtains the current GMT time in milliseconds.
+ * </p>
+ *
+ * @return a long representing the current GMT time in milliseconds.
+ */
+ public static long getCurrentGMTTime()
+ {
+ Calendar cal = new GregorianCalendar();
+ int offset = cal.get(Calendar.ZONE_OFFSET);
+ if (cal.getTimeZone().inDaylightTime(cal.getTime()))
+ offset += cal.getTimeZone().getDSTSavings();
+
+ // return the UTC/GMT time.
+ return cal.getTimeInMillis() - offset;
+ }
}
Show replies by date