This is an automated email from the ASF dual-hosted git repository.
coheigea pushed a commit to branch coheigea/saml-refactor-new
in repository https://gitbox.apache.org/repos/asf/ws-wss4j.git
commit c084249b03913eacd7e1242c100795858fa939b5
Author: Colm O hEigeartaigh <cohei...@apache.org>
AuthorDate: Thu Jun 19 14:18:40 2025 +0100
Moving Processors to use a ServiceLoader implementation
---
.../org/apache/wss4j/dom/engine/WSSConfig.java | 73 ++++------------------
.../processor/BinarySecurityTokenProcessor.java | 5 ++
.../dom/processor/DerivedKeyTokenProcessor.java | 7 +++
.../dom/processor/EncryptedAssertionProcessor.java | 5 ++
.../dom/processor/EncryptedDataProcessor.java | 5 ++
.../wss4j/dom/processor/EncryptedKeyProcessor.java | 6 ++
.../org/apache/wss4j/dom/processor/Processor.java | 4 ++
.../dom/processor/ReferenceListProcessor.java | 6 ++
.../wss4j/dom/processor/SAMLTokenProcessor.java | 6 ++
.../processor/SecurityContextTokenProcessor.java | 5 ++
.../processor/SignatureConfirmationProcessor.java | 7 +++
.../wss4j/dom/processor/SignatureProcessor.java | 6 ++
.../wss4j/dom/processor/TimestampProcessor.java | 6 ++
.../dom/processor/UsernameTokenProcessor.java | 7 +++
.../org.apache.wss4j.dom.processor.Processor | 12 ++++
.../apache/wss4j/dom/common/CustomProcessor.java | 11 ++++
16 files changed, 111 insertions(+), 60 deletions(-)
diff --git
a/ws-security-dom/src/main/java/org/apache/wss4j/dom/engine/WSSConfig.java
b/ws-security-dom/src/main/java/org/apache/wss4j/dom/engine/WSSConfig.java
index 7063ad5ed..028367fef 100644
--- a/ws-security-dom/src/main/java/org/apache/wss4j/dom/engine/WSSConfig.java
+++ b/ws-security-dom/src/main/java/org/apache/wss4j/dom/engine/WSSConfig.java
@@ -133,71 +133,24 @@ public final class WSSConfig {
/**
* The default collection of processors supported by the toolkit
+ *
+ * Instead of hard-coding, you can use Java's ServiceLoader mechanism to
discover Processor implementations
+ * at runtime. Each Processor implementation should be registered in
+ * META-INF/services/org.apache.wss4j.dom.processor.Processor with its
fully qualified class name.
+ *
+ * You will still need to map QNames to Processor classes. This can be
done by having each Processor
+ * implementation provide a method (e.g., getQNames()) that returns the
QNames it supports.
*/
private static final Map<QName, Class<?>> DEFAULT_PROCESSORS;
static {
final Map<QName, Class<?>> tmp = new HashMap<>();
try {
- tmp.put(
- WSConstants.SAML_TOKEN,
- org.apache.wss4j.dom.processor.SAMLTokenProcessor.class
- );
- tmp.put(
- WSConstants.SAML2_TOKEN,
- org.apache.wss4j.dom.processor.SAMLTokenProcessor.class
- );
- tmp.put(
- WSConstants.ENCRYPTED_ASSERTION,
-
org.apache.wss4j.dom.processor.EncryptedAssertionProcessor.class
- );
- tmp.put(
- WSConstants.ENCRYPTED_KEY,
- org.apache.wss4j.dom.processor.EncryptedKeyProcessor.class
- );
- tmp.put(
- WSConstants.SIGNATURE,
- org.apache.wss4j.dom.processor.SignatureProcessor.class
- );
- tmp.put(
- WSConstants.TIMESTAMP,
- org.apache.wss4j.dom.processor.TimestampProcessor.class
- );
- tmp.put(
- WSConstants.USERNAME_TOKEN,
- org.apache.wss4j.dom.processor.UsernameTokenProcessor.class
- );
- tmp.put(
- WSConstants.REFERENCE_LIST,
- org.apache.wss4j.dom.processor.ReferenceListProcessor.class
- );
- tmp.put(
- WSConstants.SIGNATURE_CONFIRMATION,
-
org.apache.wss4j.dom.processor.SignatureConfirmationProcessor.class
- );
- tmp.put(
- WSConstants.DERIVED_KEY_TOKEN_05_02,
- org.apache.wss4j.dom.processor.DerivedKeyTokenProcessor.class
- );
- tmp.put(
- WSConstants.DERIVED_KEY_TOKEN_05_12,
- tmp.get(WSConstants.DERIVED_KEY_TOKEN_05_02)
- );
- tmp.put(
- WSConstants.SECURITY_CONTEXT_TOKEN_05_02,
-
org.apache.wss4j.dom.processor.SecurityContextTokenProcessor.class
- );
- tmp.put(
- WSConstants.SECURITY_CONTEXT_TOKEN_05_12,
- tmp.get(WSConstants.SECURITY_CONTEXT_TOKEN_05_02)
- );
- tmp.put(
- WSConstants.BINARY_TOKEN,
-
org.apache.wss4j.dom.processor.BinarySecurityTokenProcessor.class
- );
- tmp.put(
- WSConstants.ENCRYPTED_DATA,
- org.apache.wss4j.dom.processor.EncryptedDataProcessor.class
- );
+ java.util.ServiceLoader<Processor> loader =
java.util.ServiceLoader.load(Processor.class);
+ for (Processor processor : loader) {
+ for (QName qname : processor.getQNames()) {
+ tmp.put(qname, processor.getClass());
+ }
+ }
} catch (final Exception ex) {
LOG.debug(ex.getMessage(), ex);
}
diff --git
a/ws-security-dom/src/main/java/org/apache/wss4j/dom/processor/BinarySecurityTokenProcessor.java
b/ws-security-dom/src/main/java/org/apache/wss4j/dom/processor/BinarySecurityTokenProcessor.java
index 54b25ad6c..a75482c8f 100644
---
a/ws-security-dom/src/main/java/org/apache/wss4j/dom/processor/BinarySecurityTokenProcessor.java
+++
b/ws-security-dom/src/main/java/org/apache/wss4j/dom/processor/BinarySecurityTokenProcessor.java
@@ -181,4 +181,9 @@ public class BinarySecurityTokenProcessor implements
Processor {
return token;
}
+ @Override
+ public QName[] getQNames() {
+ return new QName[]{WSConstants.BINARY_TOKEN};
+ }
+
}
diff --git
a/ws-security-dom/src/main/java/org/apache/wss4j/dom/processor/DerivedKeyTokenProcessor.java
b/ws-security-dom/src/main/java/org/apache/wss4j/dom/processor/DerivedKeyTokenProcessor.java
index b02091507..3959babef 100644
---
a/ws-security-dom/src/main/java/org/apache/wss4j/dom/processor/DerivedKeyTokenProcessor.java
+++
b/ws-security-dom/src/main/java/org/apache/wss4j/dom/processor/DerivedKeyTokenProcessor.java
@@ -22,6 +22,8 @@ package org.apache.wss4j.dom.processor;
import java.util.Collections;
import java.util.List;
+import javax.xml.namespace.QName;
+
import org.w3c.dom.Element;
import org.apache.wss4j.dom.WSConstants;
import org.apache.wss4j.common.dom.engine.WSSecurityEngineResult;
@@ -92,5 +94,10 @@ public class DerivedKeyTokenProcessor implements Processor {
return Collections.singletonList(result);
}
+ @Override
+ public QName[] getQNames() {
+ return new QName[]{WSConstants.DERIVED_KEY_TOKEN_05_02,
WSConstants.DERIVED_KEY_TOKEN_05_12};
+ }
+
}
diff --git
a/ws-security-dom/src/main/java/org/apache/wss4j/dom/processor/EncryptedAssertionProcessor.java
b/ws-security-dom/src/main/java/org/apache/wss4j/dom/processor/EncryptedAssertionProcessor.java
index 72c597b01..5fb5f9e71 100644
---
a/ws-security-dom/src/main/java/org/apache/wss4j/dom/processor/EncryptedAssertionProcessor.java
+++
b/ws-security-dom/src/main/java/org/apache/wss4j/dom/processor/EncryptedAssertionProcessor.java
@@ -125,4 +125,9 @@ public class EncryptedAssertionProcessor implements
Processor {
return Collections.emptyList();
}
+ @Override
+ public QName[] getQNames() {
+ return new QName[]{WSConstants.ENCRYPTED_ASSERTION};
+ }
+
}
diff --git
a/ws-security-dom/src/main/java/org/apache/wss4j/dom/processor/EncryptedDataProcessor.java
b/ws-security-dom/src/main/java/org/apache/wss4j/dom/processor/EncryptedDataProcessor.java
index 815bd47d5..3b1aa3f7d 100644
---
a/ws-security-dom/src/main/java/org/apache/wss4j/dom/processor/EncryptedDataProcessor.java
+++
b/ws-security-dom/src/main/java/org/apache/wss4j/dom/processor/EncryptedDataProcessor.java
@@ -221,4 +221,9 @@ public class EncryptedDataProcessor implements Processor {
bspEnforcer.handleBSPRule(BSPRule.R5620);
}
}
+
+ @Override
+ public QName[] getQNames() {
+ return new QName[]{WSConstants.ENCRYPTED_DATA};
+ }
}
diff --git
a/ws-security-dom/src/main/java/org/apache/wss4j/dom/processor/EncryptedKeyProcessor.java
b/ws-security-dom/src/main/java/org/apache/wss4j/dom/processor/EncryptedKeyProcessor.java
index c80ffad95..2bec768c1 100644
---
a/ws-security-dom/src/main/java/org/apache/wss4j/dom/processor/EncryptedKeyProcessor.java
+++
b/ws-security-dom/src/main/java/org/apache/wss4j/dom/processor/EncryptedKeyProcessor.java
@@ -32,6 +32,7 @@ import javax.crypto.Cipher;
import javax.crypto.KeyGenerator;
import javax.crypto.SecretKey;
import javax.crypto.spec.OAEPParameterSpec;
+import javax.xml.namespace.QName;
import org.apache.wss4j.common.WSS4JConstants;
import org.apache.wss4j.common.token.DOMX509SKI;
@@ -807,4 +808,9 @@ public class EncryptedKeyProcessor implements Processor {
}
}
}
+
+ @Override
+ public QName[] getQNames() {
+ return new QName[]{WSConstants.ENCRYPTED_KEY};
+ }
}
diff --git
a/ws-security-dom/src/main/java/org/apache/wss4j/dom/processor/Processor.java
b/ws-security-dom/src/main/java/org/apache/wss4j/dom/processor/Processor.java
index f675a41ea..e71e8552a 100644
---
a/ws-security-dom/src/main/java/org/apache/wss4j/dom/processor/Processor.java
+++
b/ws-security-dom/src/main/java/org/apache/wss4j/dom/processor/Processor.java
@@ -26,6 +26,8 @@ import org.w3c.dom.Element;
import java.util.List;
+import javax.xml.namespace.QName;
+
public interface Processor {
List<WSSecurityEngineResult> handleToken(
@@ -33,4 +35,6 @@ public interface Processor {
RequestData request
) throws WSSecurityException;
+ QName[] getQNames();
+
}
diff --git
a/ws-security-dom/src/main/java/org/apache/wss4j/dom/processor/ReferenceListProcessor.java
b/ws-security-dom/src/main/java/org/apache/wss4j/dom/processor/ReferenceListProcessor.java
index 7054399c7..9b2ae2949 100644
---
a/ws-security-dom/src/main/java/org/apache/wss4j/dom/processor/ReferenceListProcessor.java
+++
b/ws-security-dom/src/main/java/org/apache/wss4j/dom/processor/ReferenceListProcessor.java
@@ -25,6 +25,7 @@ import java.util.Collections;
import java.util.List;
import javax.crypto.SecretKey;
+import javax.xml.namespace.QName;
import org.w3c.dom.Document;
import org.w3c.dom.Element;
@@ -241,5 +242,10 @@ public class ReferenceListProcessor implements Processor {
}
}
+ @Override
+ public QName[] getQNames() {
+ return new QName[]{WSConstants.REFERENCE_LIST};
+ }
+
}
diff --git
a/ws-security-dom/src/main/java/org/apache/wss4j/dom/processor/SAMLTokenProcessor.java
b/ws-security-dom/src/main/java/org/apache/wss4j/dom/processor/SAMLTokenProcessor.java
index fce6ecb13..2b5808241 100644
---
a/ws-security-dom/src/main/java/org/apache/wss4j/dom/processor/SAMLTokenProcessor.java
+++
b/ws-security-dom/src/main/java/org/apache/wss4j/dom/processor/SAMLTokenProcessor.java
@@ -284,4 +284,10 @@ public class SAMLTokenProcessor implements Processor {
return protectedRefs;
}
+
+ @Override
+ public QName[] getQNames() {
+ return new QName[]{WSConstants.SAML_TOKEN, WSConstants.SAML2_TOKEN};
+ }
+
}
diff --git
a/ws-security-dom/src/main/java/org/apache/wss4j/dom/processor/SecurityContextTokenProcessor.java
b/ws-security-dom/src/main/java/org/apache/wss4j/dom/processor/SecurityContextTokenProcessor.java
index d86462842..1b806e094 100644
---
a/ws-security-dom/src/main/java/org/apache/wss4j/dom/processor/SecurityContextTokenProcessor.java
+++
b/ws-security-dom/src/main/java/org/apache/wss4j/dom/processor/SecurityContextTokenProcessor.java
@@ -117,4 +117,9 @@ public class SecurityContextTokenProcessor implements
Processor {
return callback.getKey();
}
+ @Override
+ public QName[] getQNames() {
+ return new QName[]{WSConstants.SECURITY_CONTEXT_TOKEN_05_02,
WSConstants.SECURITY_CONTEXT_TOKEN_05_12};
+ }
+
}
diff --git
a/ws-security-dom/src/main/java/org/apache/wss4j/dom/processor/SignatureConfirmationProcessor.java
b/ws-security-dom/src/main/java/org/apache/wss4j/dom/processor/SignatureConfirmationProcessor.java
index 78d89635f..d6ddc520d 100644
---
a/ws-security-dom/src/main/java/org/apache/wss4j/dom/processor/SignatureConfirmationProcessor.java
+++
b/ws-security-dom/src/main/java/org/apache/wss4j/dom/processor/SignatureConfirmationProcessor.java
@@ -28,6 +28,8 @@ import org.w3c.dom.Element;
import java.util.List;
+import javax.xml.namespace.QName;
+
public class SignatureConfirmationProcessor implements Processor {
private static final org.slf4j.Logger LOG =
org.slf4j.LoggerFactory.getLogger(SignatureConfirmationProcessor.class);
@@ -53,4 +55,9 @@ public class SignatureConfirmationProcessor implements
Processor {
return java.util.Collections.singletonList(result);
}
+ @Override
+ public QName[] getQNames() {
+ return new QName[]{WSConstants.SIGNATURE_CONFIRMATION};
+ }
+
}
diff --git
a/ws-security-dom/src/main/java/org/apache/wss4j/dom/processor/SignatureProcessor.java
b/ws-security-dom/src/main/java/org/apache/wss4j/dom/processor/SignatureProcessor.java
index c63a93da9..1a257cc62 100644
---
a/ws-security-dom/src/main/java/org/apache/wss4j/dom/processor/SignatureProcessor.java
+++
b/ws-security-dom/src/main/java/org/apache/wss4j/dom/processor/SignatureProcessor.java
@@ -45,6 +45,7 @@ import javax.xml.crypto.dsig.XMLValidateContext;
import javax.xml.crypto.dsig.dom.DOMValidateContext;
import javax.xml.crypto.dsig.spec.ExcC14NParameterSpec;
import javax.xml.crypto.dsig.spec.HMACParameterSpec;
+import javax.xml.namespace.QName;
import org.apache.wss4j.common.bsp.BSPEnforcer;
import org.apache.wss4j.common.bsp.BSPRule;
@@ -763,4 +764,9 @@ public class SignatureProcessor implements Processor {
}
}
+ @Override
+ public QName[] getQNames() {
+ return new QName[]{WSConstants.SIGNATURE};
+ }
+
}
diff --git
a/ws-security-dom/src/main/java/org/apache/wss4j/dom/processor/TimestampProcessor.java
b/ws-security-dom/src/main/java/org/apache/wss4j/dom/processor/TimestampProcessor.java
index 7e39f2d60..2bf1deccb 100644
---
a/ws-security-dom/src/main/java/org/apache/wss4j/dom/processor/TimestampProcessor.java
+++
b/ws-security-dom/src/main/java/org/apache/wss4j/dom/processor/TimestampProcessor.java
@@ -21,6 +21,8 @@ package org.apache.wss4j.dom.processor;
import java.util.List;
+import javax.xml.namespace.QName;
+
import org.apache.wss4j.common.ext.WSSecurityException;
import org.apache.wss4j.dom.WSConstants;
import org.apache.wss4j.common.dom.engine.WSSecurityEngineResult;
@@ -65,4 +67,8 @@ public class TimestampProcessor implements Processor {
return java.util.Collections.singletonList(result);
}
+ @Override
+ public QName[] getQNames() {
+ return new QName[]{WSConstants.TIMESTAMP};
+ }
}
diff --git
a/ws-security-dom/src/main/java/org/apache/wss4j/dom/processor/UsernameTokenProcessor.java
b/ws-security-dom/src/main/java/org/apache/wss4j/dom/processor/UsernameTokenProcessor.java
index 9a921e2ae..44b787f80 100644
---
a/ws-security-dom/src/main/java/org/apache/wss4j/dom/processor/UsernameTokenProcessor.java
+++
b/ws-security-dom/src/main/java/org/apache/wss4j/dom/processor/UsernameTokenProcessor.java
@@ -22,6 +22,8 @@ package org.apache.wss4j.dom.processor;
import java.time.Instant;
import java.util.List;
+import javax.xml.namespace.QName;
+
import org.apache.wss4j.common.principal.SAMLTokenPrincipalImpl;
import org.apache.wss4j.common.principal.WSUsernameTokenPrincipalImpl;
import org.apache.wss4j.common.util.UsernameTokenUtil;
@@ -175,4 +177,9 @@ public class UsernameTokenProcessor implements Processor {
return credential;
}
+ @Override
+ public QName[] getQNames() {
+ return new QName[]{WSConstants.USERNAME_TOKEN};
+ }
+
}
diff --git
a/ws-security-dom/src/main/resources/META-INF/services/org.apache.wss4j.dom.processor.Processor
b/ws-security-dom/src/main/resources/META-INF/services/org.apache.wss4j.dom.processor.Processor
new file mode 100644
index 000000000..d3dec920d
--- /dev/null
+++
b/ws-security-dom/src/main/resources/META-INF/services/org.apache.wss4j.dom.processor.Processor
@@ -0,0 +1,12 @@
+org.apache.wss4j.dom.processor.BinarySecurityTokenProcessor
+org.apache.wss4j.dom.processor.DerivedKeyTokenProcessor
+org.apache.wss4j.dom.processor.EncryptedAssertionProcessor
+org.apache.wss4j.dom.processor.EncryptedDataProcessor
+org.apache.wss4j.dom.processor.EncryptedKeyProcessor
+org.apache.wss4j.dom.processor.ReferenceListProcessor
+org.apache.wss4j.dom.processor.SAMLTokenProcessor
+org.apache.wss4j.dom.processor.SecurityContextTokenProcessor
+org.apache.wss4j.dom.processor.SignatureProcessor
+org.apache.wss4j.dom.processor.SignatureConfirmationProcessor
+org.apache.wss4j.dom.processor.TimestampProcessor
+org.apache.wss4j.dom.processor.UsernameTokenProcessor
diff --git
a/ws-security-dom/src/test/java/org/apache/wss4j/dom/common/CustomProcessor.java
b/ws-security-dom/src/test/java/org/apache/wss4j/dom/common/CustomProcessor.java
index ebbab0545..baad8ecf1 100644
---
a/ws-security-dom/src/test/java/org/apache/wss4j/dom/common/CustomProcessor.java
+++
b/ws-security-dom/src/test/java/org/apache/wss4j/dom/common/CustomProcessor.java
@@ -23,6 +23,9 @@ import org.apache.wss4j.common.ext.WSSecurityException;
import org.apache.wss4j.dom.handler.RequestData;
import org.apache.wss4j.dom.processor.Processor;
import org.apache.wss4j.dom.WSConstants;
+
+import javax.xml.namespace.QName;
+
import org.apache.wss4j.common.dom.engine.WSSecurityEngineResult;
/**
@@ -41,4 +44,12 @@ public class CustomProcessor implements Processor {
return java.util.Collections.singletonList(result);
}
+ @Override
+ public QName[] getQNames() {
+ // TODO Auto-generated method stub
+ throw new UnsupportedOperationException("Unimplemented method
'getQNames'");
+ }
+
+
+
}
