Mercurial > repos > ktnyt > gembassy
comparison GEMBASSY-1.0.3/gsoap/wsdl/wsp.cpp @ 0:8300eb051bea draft
Initial upload
author | ktnyt |
---|---|
date | Fri, 26 Jun 2015 05:19:29 -0400 |
parents | |
children |
comparison
equal
deleted
inserted
replaced
-1:000000000000 | 0:8300eb051bea |
---|---|
1 /* | |
2 wsp.cpp | |
3 | |
4 WS-Policy 1.2 and 1.5 binding schema | |
5 | |
6 -------------------------------------------------------------------------------- | |
7 gSOAP XML Web services tools | |
8 Copyright (C) 2001-2010, Robert van Engelen, Genivia Inc. All Rights Reserved. | |
9 This software is released under one of the following licenses: | |
10 GPL or Genivia's license for commercial use. | |
11 -------------------------------------------------------------------------------- | |
12 GPL license. | |
13 | |
14 This program is free software; you can redistribute it and/or modify it under | |
15 the terms of the GNU General Public License as published by the Free Software | |
16 Foundation; either version 2 of the License, or (at your option) any later | |
17 version. | |
18 | |
19 This program is distributed in the hope that it will be useful, but WITHOUT ANY | |
20 WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A | |
21 PARTICULAR PURPOSE. See the GNU General Public License for more details. | |
22 | |
23 You should have received a copy of the GNU General Public License along with | |
24 this program; if not, write to the Free Software Foundation, Inc., 59 Temple | |
25 Place, Suite 330, Boston, MA 02111-1307 USA | |
26 | |
27 Author contact information: | |
28 engelen@genivia.com / engelen@acm.org | |
29 -------------------------------------------------------------------------------- | |
30 A commercial use license is available from Genivia, Inc., contact@genivia.com | |
31 -------------------------------------------------------------------------------- | |
32 */ | |
33 | |
34 #include "wsdlH.h" | |
35 #include "includes.h" | |
36 #include "types.h" | |
37 #include "service.h" | |
38 | |
39 static wsp__Policy *search(const char *URI, wsdl__definitions& definitions); | |
40 static wsp__Policy *search(const char *URI, wsp__Policy *policy); | |
41 static wsp__Policy *search(const char *URI, wsp__Content *content); | |
42 static void gen_parts(const sp__Parts& parts, Types& types, const char *what, const char *name, int indent); | |
43 | |
44 //////////////////////////////////////////////////////////////////////////////// | |
45 // | |
46 // wsp:OperatorContentType | |
47 // | |
48 //////////////////////////////////////////////////////////////////////////////// | |
49 | |
50 int wsp__Content::traverse(wsdl__definitions& definitions) | |
51 { if (vflag) | |
52 cerr << " Analyzing wsp Policy" << endl; | |
53 if (Policy) | |
54 Policy->traverse(definitions); | |
55 if (PolicyReference) | |
56 PolicyReference->traverse(definitions); | |
57 for (vector<wsp__Content*>::iterator i = All.begin(); i != All.end(); ++i) | |
58 { if (*i) | |
59 (*i)->traverse(definitions); | |
60 } | |
61 for (vector<wsp__Content*>::iterator j = ExactlyOne.begin(); j != ExactlyOne.end(); ++j) | |
62 { if (*j) | |
63 (*j)->traverse(definitions); | |
64 } | |
65 return SOAP_OK; | |
66 } | |
67 | |
68 void wsp__Content::generate(Service& service, Types& types, int indent) const | |
69 { static const char stabs[] = "\t\t\t\t\t\t\t\t\t\t"; | |
70 const char *tabs; | |
71 if (indent > 8) | |
72 indent = 8; | |
73 tabs = stabs + 9 - indent; | |
74 // Recursive policies and references | |
75 if (Policy) | |
76 Policy->generate(service, types, indent); | |
77 if (PolicyReference && PolicyReference->policyPtr()) | |
78 PolicyReference->policyPtr()->generate(service, types, indent); | |
79 // WS-Policy All | |
80 if (!All.empty()) | |
81 { fprintf(stream, "%s- All of the following:\n", tabs); | |
82 for (vector<wsp__Content*>::const_iterator p = All.begin(); p != All.end(); ++p) | |
83 if (*p) | |
84 (*p)->generate(service, types, indent + 1); | |
85 } | |
86 // WS-Policy ExactlyOne | |
87 if (!ExactlyOne.empty()) | |
88 { fprintf(stream, "%s- Exactly one of the following:\n", tabs); | |
89 for (vector<wsp__Content*>::const_iterator p = ExactlyOne.begin(); p != ExactlyOne.end(); ++p) | |
90 if (*p) | |
91 (*p)->generate(service, types, indent + 1); | |
92 } | |
93 // WS-SecurityPolicy Parts (TODO: do we need vectors of these?) | |
94 for (vector<sp__Parts>::const_iterator sp = sp__SignedParts.begin(); sp != sp__SignedParts.end(); ++sp) | |
95 gen_parts(*sp, types, "sign", "[4.1.1] WS-Security Signed Parts", indent); | |
96 for (vector<sp__Parts>::const_iterator ep = sp__EncryptedParts.begin(); ep != sp__EncryptedParts.end(); ++ep) | |
97 gen_parts(*ep, types, "encrypt", "[4.2.1] Security Encrypted Parts", indent); | |
98 for (vector<sp__Parts>::const_iterator rp = sp__RequiredParts.begin(); rp != sp__RequiredParts.end(); ++rp) | |
99 { fprintf(stream, "%s- Required Header elements:", tabs); | |
100 for (vector<sp__Header>::const_iterator h = (*rp).Header.begin(); h != (*rp).Header.end(); ++h) | |
101 if ((*h).Name) | |
102 fprintf(stream, " %s", types.aname(NULL, (*h).Namespace, (*h).Name)); | |
103 else if ((*h).Namespace) | |
104 fprintf(stream, " %s", (*h).Namespace); | |
105 } | |
106 // WS-SecurityPolicy Elements | |
107 sp__Elements *elts = NULL; | |
108 const char *elts_name = NULL; | |
109 if (sp__SignedElements) | |
110 { elts = sp__SignedElements; | |
111 elts_name = "[4.1.2] Signed"; | |
112 } | |
113 if (sp__EncryptedElements) | |
114 { elts = sp__EncryptedElements; | |
115 elts_name = "[4.2.2] Encrypted"; | |
116 } | |
117 if (sp__ContentEncryptedElements) | |
118 { elts = sp__ContentEncryptedElements; | |
119 elts_name = "[4.2.3] Content Encrypted"; | |
120 } | |
121 if (sp__RequiredElements) | |
122 { elts = sp__RequiredElements; | |
123 elts_name = "[4.3.1] Required"; | |
124 } | |
125 if (elts) | |
126 { fprintf(stream, "%s- %s Elements requirements (XPath%s):\n%s @verbatim\n", tabs, elts_name, elts->XPathVersion?elts->XPathVersion:"", tabs); | |
127 for (vector<xsd__string>::const_iterator s = elts->XPath.begin(); s != elts->XPath.end(); ++s) | |
128 { fprintf(stream, "%s ", tabs); | |
129 text(*s); | |
130 } | |
131 fprintf(stream, "%s @endverbatim\n", tabs); | |
132 service.add_import("wsse.h"); | |
133 } | |
134 // WS-SecurityPolicy Tokens | |
135 sp__Token *token = NULL; | |
136 const char *token_name = NULL; | |
137 if (sp__UsernameToken) | |
138 { token = sp__UsernameToken; | |
139 token_name = "[5.4.1] WS-Security Username"; | |
140 } | |
141 else if (sp__IssuedToken) | |
142 { token = sp__IssuedToken; | |
143 token_name = "[5.4.2] WS-Trust Issued"; | |
144 } | |
145 else if (sp__X509Token) | |
146 { token = sp__X509Token; | |
147 token_name = "[5.4.3] WS-Security X509"; | |
148 } | |
149 else if (sp__KerberosToken) | |
150 { token = sp__KerberosToken; | |
151 token_name = "[5.4.4] WS-Security Kerberos"; | |
152 } | |
153 else if (sp__SpnegoContextToken) | |
154 { token = sp__SpnegoContextToken; | |
155 token_name = "[5.4.5] WS-Trust n-leg RST/RSTR SPNEGO binary negotiation protocol (SpnegoContext)"; | |
156 } | |
157 else if (sp__SecurityContextToken) | |
158 { token = sp__SecurityContextToken; | |
159 token_name = "[5.4.6] WS-SecureConversation SecurityContext"; | |
160 } | |
161 else if (sp__SecureConversationToken) | |
162 { token = sp__SecureConversationToken; | |
163 token_name = "[5.4.7] WS-SecureConversation"; | |
164 } | |
165 else if (sp__SamlToken) | |
166 { token = sp__SamlToken; | |
167 token_name = "[5.4.8] SAML"; | |
168 } | |
169 else if (sp__RelToken) | |
170 { token = sp__RelToken; | |
171 token_name = "[5.4.9] WSS-REL"; | |
172 } | |
173 else if (sp__HttpsToken) | |
174 { token = sp__HttpsToken; | |
175 token_name = "[5.4.10] HTTPS"; | |
176 } | |
177 else if (sp__KeyValueToken) | |
178 { token = sp__KeyValueToken; | |
179 token_name = "[5.4.11] XML Signature"; | |
180 } | |
181 if (token) | |
182 { fprintf(stream, "%s- %s required:\n", tabs, token_name); | |
183 if (token->IncludeToken) | |
184 fprintf(stream, "%s -# IncludeToken = %s\n", tabs, token->IncludeToken); | |
185 if (token->Issuer && token->Issuer->Address) | |
186 fprintf(stream, "%s -# Issuer = %s\n", tabs, token->Issuer->Address); | |
187 if (token->IssuerName) | |
188 fprintf(stream, "%s -# Issuer Name = %s\n", tabs, token->IssuerName); | |
189 if (token->Policy) | |
190 token->Policy->generate(service, types, indent + 1); | |
191 // TODO: add wst:Claims? | |
192 service.add_import("wsse.h"); | |
193 } | |
194 // WS-SecurityPolicy | |
195 if (sp__AlgorithmSuite) | |
196 { fprintf(stream, "%s- [7.1] Security Binding Algorithm Suite requirements:\n", tabs); | |
197 if (sp__AlgorithmSuite->Policy) | |
198 sp__AlgorithmSuite->Policy->generate(service, types, indent + 1); | |
199 } | |
200 if (sp__Layout) | |
201 { fprintf(stream, "%s- [7.2] WS-Security Header Layout requirements:\n", tabs); | |
202 if (sp__Layout->Policy) | |
203 sp__Layout->Policy->generate(service, types, indent + 1); | |
204 } | |
205 if (sp__TransportBinding) | |
206 { fprintf(stream, "%s- [7.3] Transport Binding%s requirements:\n", tabs, sp__TransportBinding->Optional ? " (optional)" : sp__TransportBinding->Ignorable ? " (ignorable)" : ""); | |
207 if (sp__TransportBinding->Policy) | |
208 sp__TransportBinding->Policy->generate(service, types, indent + 1); | |
209 } | |
210 if (sp__TransportToken) | |
211 { fprintf(stream, "%s- Transport%s requirements:\n", tabs, sp__TransportToken->Optional ? " (optional)" : sp__TransportToken->Ignorable ? " (ignorable)" : ""); | |
212 if (sp__TransportToken->Policy) | |
213 sp__TransportToken->Policy->generate(service, types, indent + 1); | |
214 } | |
215 if (sp__SymmetricBinding) | |
216 { fprintf(stream, "%s- [7.4] WS-Security Symmetric Binding%s requirements:\n", tabs, sp__SymmetricBinding->Optional ? " (optional)" : sp__SymmetricBinding->Ignorable ? " (ignorable)" : ""); | |
217 if (sp__SymmetricBinding->Policy) | |
218 sp__SymmetricBinding->Policy->generate(service, types, indent + 1); | |
219 service.add_import("wsse.h"); | |
220 } | |
221 if (sp__ProtectionToken) | |
222 { fprintf(stream, "%s- Symmetric Protection%s requirements:\n", tabs, sp__ProtectionToken->Optional ? " (optional)" : sp__ProtectionToken->Ignorable ? " (ignorable)" : ""); | |
223 if (sp__ProtectionToken->Policy) | |
224 sp__ProtectionToken->Policy->generate(service, types, indent + 1); | |
225 } | |
226 if (sp__AsymmetricBinding) | |
227 { fprintf(stream, "%s- [7.5] WS-Security Asymmetric Binding%s (public key) requirements:\n", tabs, sp__AsymmetricBinding->Optional ? " (optional)" : sp__AsymmetricBinding->Ignorable ? " (ignorable)" : ""); | |
228 if (sp__AsymmetricBinding->Policy) | |
229 sp__AsymmetricBinding->Policy->generate(service, types, indent + 1); | |
230 service.add_import("wsse.h"); | |
231 } | |
232 if (sp__InitiatorToken) | |
233 { fprintf(stream, "%s- Initiator%s requirements:\n", tabs, sp__InitiatorToken->Optional ? " (optional)" : sp__InitiatorToken->Ignorable ? " (ignorable)" : ""); | |
234 if (sp__InitiatorToken->Policy) | |
235 sp__InitiatorToken->Policy->generate(service, types, indent + 1); | |
236 } | |
237 if (sp__InitiatorSignatureToken) | |
238 { fprintf(stream, "%s- Initiator Signature%s requirements:\n", tabs, sp__InitiatorSignatureToken->Optional ? " (optional)" : sp__InitiatorSignatureToken->Ignorable ? " (ignorable)" : ""); | |
239 if (sp__InitiatorSignatureToken->Policy) | |
240 sp__InitiatorSignatureToken->Policy->generate(service, types, indent + 1); | |
241 } | |
242 if (sp__InitiatorEncryptionToken) | |
243 { fprintf(stream, "%s- Initiator Encryption%s requirements:\n", tabs, sp__InitiatorEncryptionToken->Optional ? " (optional)" : sp__InitiatorEncryptionToken->Ignorable ? " (ignorable)" : ""); | |
244 if (sp__InitiatorEncryptionToken->Policy) | |
245 sp__InitiatorEncryptionToken->Policy->generate(service, types, indent + 1); | |
246 } | |
247 if (sp__RecipientToken) | |
248 { fprintf(stream, "%s- Recipient%s requirements:\n", tabs, sp__RecipientToken->Optional ? " (optional)" : sp__RecipientToken->Ignorable ? " (ignorable)" : ""); | |
249 if (sp__RecipientToken->Policy) | |
250 sp__RecipientToken->Policy->generate(service, types, indent + 1); | |
251 } | |
252 if (sp__SupportingTokens) | |
253 { fprintf(stream, "%s- [8.1] Supporting Tokens%s requirements:\n", tabs, sp__SupportingTokens->Optional ? " (optional)" : sp__SupportingTokens->Ignorable ? " (ignorable)" : ""); | |
254 if (sp__SupportingTokens->Policy) | |
255 sp__SupportingTokens->Policy->generate(service, types, indent + 1); | |
256 } | |
257 if (sp__SignedSupportingTokens) | |
258 { fprintf(stream, "%s- [8.2] Signed Supporting Tokens%s requirements:\n", tabs, sp__SignedSupportingTokens->Optional ? " (optional)" : sp__SignedSupportingTokens->Ignorable ? " (ignorable)" : ""); | |
259 if (sp__SignedSupportingTokens->Policy) | |
260 sp__SignedSupportingTokens->Policy->generate(service, types, indent + 1); | |
261 } | |
262 if (sp__EndorsingSupportingTokens) | |
263 { fprintf(stream, "%s- [8.3] Endorsing Supporting Tokens%s requirements:\n", tabs, sp__EndorsingSupportingTokens->Optional ? " (optional)" : sp__EndorsingSupportingTokens->Ignorable ? " (ignorable)" : ""); | |
264 if (sp__EndorsingSupportingTokens->Policy) | |
265 sp__EndorsingSupportingTokens->Policy->generate(service, types, indent + 1); | |
266 } | |
267 if (sp__SignedEndorsingSupportingTokens) | |
268 { fprintf(stream, "%s- [8.4] Signed Endorsing Supporting Tokens%s requirements:\n", tabs, sp__SignedEndorsingSupportingTokens->Optional ? " (optional)" : sp__SignedEndorsingSupportingTokens->Ignorable ? " (ignorable)" : ""); | |
269 if (sp__SignedEndorsingSupportingTokens->Policy) | |
270 sp__SignedEndorsingSupportingTokens->Policy->generate(service, types, indent + 1); | |
271 } | |
272 if (sp__SignedEncryptedSupportingTokens) | |
273 { fprintf(stream, "%s- [8.5] Signed Encrypted Supporting Tokens%s requirements:\n", tabs, sp__SignedEncryptedSupportingTokens->Optional ? " (optional)" : sp__SignedEncryptedSupportingTokens->Ignorable ? " (ignorable)" : ""); | |
274 if (sp__SignedEncryptedSupportingTokens->Policy) | |
275 sp__SignedEncryptedSupportingTokens->Policy->generate(service, types, indent + 1); | |
276 } | |
277 if (sp__EncryptedSupportingTokens) | |
278 { fprintf(stream, "%s- [8.6] Encrypted Supporting Tokens%s requirements:\n", tabs, sp__EncryptedSupportingTokens->Optional ? " (optional)" : sp__EncryptedSupportingTokens->Ignorable ? " (ignorable)" : ""); | |
279 if (sp__EncryptedSupportingTokens->Policy) | |
280 sp__EncryptedSupportingTokens->Policy->generate(service, types, indent + 1); | |
281 } | |
282 if (sp__EndorsingEncryptedSupportingTokens) | |
283 { fprintf(stream, "%s- [8.7] Endorsing Encrypted Supporting Tokens%s requirements:\n", tabs, sp__EndorsingEncryptedSupportingTokens->Optional ? " (optional)" : sp__EndorsingEncryptedSupportingTokens->Ignorable ? " (ignorable)" : ""); | |
284 if (sp__EndorsingEncryptedSupportingTokens->Policy) | |
285 sp__EndorsingEncryptedSupportingTokens->Policy->generate(service, types, indent + 1); | |
286 } | |
287 if (sp__SignedEndorsingEncryptedSupportingTokens) | |
288 { fprintf(stream, "%s- [8.8] Signed Endorsing Encrypted Supporting Tokens%s requirements:\n", tabs, sp__SignedEndorsingEncryptedSupportingTokens->Optional ? " (optional)" : sp__SignedEndorsingEncryptedSupportingTokens->Ignorable ? " (ignorable)" : ""); | |
289 if (sp__SignedEndorsingEncryptedSupportingTokens->Policy) | |
290 sp__SignedEndorsingEncryptedSupportingTokens->Policy->generate(service, types, indent + 1); | |
291 } | |
292 // Wss10 or Wss11 | |
293 if (sp__Wss10) | |
294 { fprintf(stream, "%s- [9.1] WSS: SOAP Message Security 1.0%s options:\n", tabs, sp__Wss10->Optional ? " (optional)" : sp__Wss10->Ignorable ? " (ignorable)" : ""); | |
295 if (sp__Wss10->Policy) | |
296 sp__Wss10->Policy->generate(service, types, indent + 1); | |
297 service.add_import("wsse.h"); | |
298 } | |
299 else if (sp__Wss11) | |
300 { fprintf(stream, "%s- [9.2] WSS: SOAP Message Security 1.1%s options:\n", tabs, sp__Wss11->Optional ? " (optional)" : sp__Wss11->Ignorable ? " (ignorable)" : ""); | |
301 if (sp__Wss11->Policy) | |
302 sp__Wss11->Policy->generate(service, types, indent + 1); | |
303 service.add_import("wsse.h"); | |
304 } | |
305 if (sp__MustSupportRefKeyIdentifier) | |
306 fprintf(stream, "%s- Key Identifier References\n", tabs); | |
307 if (sp__MustSupportRefIssuerSerial) | |
308 fprintf(stream, "%s- Issuer Serial References\n", tabs); | |
309 if (sp__MustSupportRefExternalURI) | |
310 fprintf(stream, "%s- External URI References\n", tabs); | |
311 if (sp__MustSupportRefEmbeddedToken) | |
312 fprintf(stream, "%s- Embedded Token References\n", tabs); | |
313 if (sp__MustSupportRefThumbprint) | |
314 fprintf(stream, "%s- Thumbprint References\n", tabs); | |
315 if (sp__MustSupportRefEncryptedKey) | |
316 fprintf(stream, "%s- EncryptedKey References\n", tabs); | |
317 if (sp__RequireSignatureConfirmation) | |
318 fprintf(stream, "%s- Signature Confirmation\n", tabs); | |
319 // WS-SecureConversation | |
320 if (sp__RequireDerivedKeys) | |
321 fprintf(stream, "%s- Properties = WS-SecureConversation RequireDerivedKeys\n", tabs); | |
322 else if (sp__RequireImpliedDerivedKeys) | |
323 fprintf(stream, "%s- Properties = WS-SecureConversation RequireImpliedDerivedKeys\n", tabs); | |
324 else if (sp__RequireExplicitDerivedKeys) | |
325 fprintf(stream, "%s- Properties = WS-SecureConversation RequireExplicitDerivedKeys\n", tabs); | |
326 if (sp__MustNotSendCancel) | |
327 fprintf(stream, "%s- WS-SecureConversation STS issuing the secure conversation token does not support SCT/Cancel RST messages", tabs); | |
328 else if (sp__MustNotSendAmend) | |
329 fprintf(stream, "%s- WS-SecureConversation STS issuing the secure conversation token does not support SCT/Amend RST messages", tabs); | |
330 else if (sp__MustNotSendRenew) | |
331 fprintf(stream, "%s- WS-SecureConversation STS issuing the secure conversation token does not support SCT/Renew RST messages", tabs); | |
332 if (sp__RequireExternalUriReference) | |
333 fprintf(stream, "%s- WS-SecureConversation external URI reference is required", tabs); | |
334 if (sp__SC13SecurityContextToken) | |
335 fprintf(stream, "%s- WS-SecureConversation Security Context Token should be used", tabs); | |
336 // WS-Security passwords | |
337 if (sp__NoPassword) | |
338 fprintf(stream, "%s- No WS-Security password%s required\n", tabs, sp__NoPassword->Optional ? " (optional)" : sp__NoPassword->Ignorable ? " (ignorable)" : ""); | |
339 else if (sp__HashPassword) | |
340 { fprintf(stream, "%s- Client-side WS-Security password%s should be set:\n\t@code\n\t#include \"plugin/wsseapi.h\"\n\tsoap_wsse_add_UsernameTokenDigest(soap, \"User\", \"<username>\", \"<password>\");\n\t@endcode\n", tabs, sp__HashPassword->Optional ? " (optional)" : sp__HashPassword->Ignorable ? " (ignorable)" : ""); | |
341 fprintf(stream, "%s- Server-side WS-Security password%s verified with:\n\t@code\n\t#include \"plugin/wsseapi.h\"\n\tconst char *username = soap_wsse_get_Username(soap);\n\t...\n\tif (soap_wsse_verify_Password(soap, \"<password>\")) ...<error>...\n\t@endcode\n", tabs, sp__HashPassword->Optional ? " (optional)" : sp__HashPassword->Ignorable ? " (ignorable)" : ""); | |
342 service.add_import("wsse.h"); | |
343 } | |
344 if (sp__WssUsernameToken10) | |
345 { fprintf(stream, "%s- Username token should be used as defined in UsernameTokenProfile1.0:\n", tabs); | |
346 fprintf(stream, "%s - Client-side WS-Security password should be set:\n\t@code\n\t#include \"plugin/wsseapi.h\"\n\tsoap_wsse_add_UsernameTokenDigest(soap, \"User\", \"<username>\", \"<password>\");\n\t@endcode\n", tabs); | |
347 fprintf(stream, "%s - Server-side WS-Security password verified with:\n\t@code\n\t#include \"plugin/wsseapi.h\"\n\tconst char *username = soap_wsse_get_Username(soap);\n\t...\n\tif (soap_wsse_verify_Password(soap, \"<password>\")) <error>\n\t@endcode\n", tabs); | |
348 service.add_import("wsse.h"); | |
349 } | |
350 else if (sp__WssUsernameToken11) | |
351 { fprintf(stream, "%s- Username token should be used as defined in UsernameTokenProfile1.1:\n", tabs); | |
352 fprintf(stream, "%s - Client-side WS-Security plain-text password should be set:\n\t@code\n\t#include \"plugin/wsseapi.h\"\n\tsoap_wsse_add_UsernameToken(soap, \"User\", \"<username>\", \"<password>\");\n\t@endcode\n", tabs); | |
353 fprintf(stream, "%s - Client-side WS-Security digest password should be set:\n\t@code\n\t#include \"plugin/wsseapi.h\"\n\tsoap_wsse_add_UsernameTokenDigest(soap, \"User\", \"<username>\", \"<password>\");\n\t@endcode\n", tabs); | |
354 fprintf(stream, "%s - Server-side WS-Security password verified with:\n\t@code\n\t#include \"plugin/wsseapi.h\"\n\tconst char *username = soap_wsse_get_Username(soap);\n\t...\n\tif (soap_wsse_verify_Password(soap, \"<password>\")) ...\n\t@endcode\n", tabs); | |
355 service.add_import("wsse.h"); | |
356 } | |
357 // WS-Trust | |
358 if (sp__RequireExternalReference) | |
359 fprintf(stream, "%s- WS-Trust external reference is required when referencing this token\n", tabs); | |
360 else if (sp__RequireInternalReference) | |
361 fprintf(stream, "%s- WS-Trust internal reference is required when referencing this token\n", tabs); | |
362 // WS-Trust 1.0 and 1.3 | |
363 if (sp__Trust10) | |
364 { fprintf(stream, "%s- [10.1] WS-Trust 1.0%s options:\n", tabs, sp__Trust10->Optional ? " (optional)" : sp__Trust10->Ignorable ? " (ignorable)" : ""); | |
365 if (sp__Trust10->Policy) | |
366 sp__Trust10->Policy->generate(service, types, indent + 1); | |
367 service.add_import("wst.h"); | |
368 } | |
369 else if (sp__Trust13) | |
370 { fprintf(stream, "%s- [10.1] WS-Trust 1.3%s options:\n", tabs, sp__Trust13->Optional ? " (optional)" : sp__Trust13->Ignorable ? " (ignorable)" : ""); | |
371 if (sp__Trust13->Policy) | |
372 sp__Trust13->Policy->generate(service, types, indent + 1); | |
373 service.add_import("wst.h"); | |
374 } | |
375 if (sp__MustSupportClientChallenge) | |
376 { fprintf(stream, "%s- Client Challenge\n", tabs); | |
377 service.add_import("wst.h"); | |
378 } | |
379 if (sp__MustSupportServerChallenge) | |
380 { fprintf(stream, "%s- Server Challenge\n", tabs); | |
381 service.add_import("wst.h"); | |
382 } | |
383 if (sp__RequireClientEntropy) | |
384 { fprintf(stream, "%s- Client Entropy\n", tabs); | |
385 service.add_import("wst.h"); | |
386 } | |
387 if (sp__RequireServerEntropy) | |
388 { fprintf(stream, "%s- Server Entropy\n", tabs); | |
389 service.add_import("wst.h"); | |
390 } | |
391 if (sp__MustSupportIssuedTokens) | |
392 { fprintf(stream, "%s- Issued Tokens\n", tabs); | |
393 service.add_import("wst.h"); | |
394 } | |
395 if (sp__RequireRequestSecurityTokenCollection) | |
396 { fprintf(stream, "%s- Collection\n", tabs); | |
397 service.add_import("wst.h"); | |
398 } | |
399 if (sp__RequireAppliesTo) | |
400 { fprintf(stream, "%s- STS requires the requestor to specify the scope for the issued token using wsp:AppliesTo in the RST\n", tabs); | |
401 service.add_import("wst.h"); | |
402 } | |
403 // WS-Security header layout | |
404 if (sp__IncludeTimestamp) | |
405 { fprintf(stream, "%s- WS-Security Timestamp%s should be set prior to send:\n\t@code\n\t#include \"plugin/wsseapi.h\"\n\tsoap_wsse_add_Timestamp(soap, \"Timestamp\", <seconds>);\n\t@endcode\n", tabs, sp__IncludeTimestamp->Optional ? " (optional)" : sp__IncludeTimestamp->Ignorable ? " (ignorable)" : ""); | |
406 fprintf(stream, "%s- WS-Security Timestamp%s presence and expiration verified post-receive with:\n\t@code\n\t#include \"plugin/wsseapi.h\"\n\tif (soap_wsse_verify_Timestamp(soap)) ...<error>...\n\t@endcode\n", tabs, sp__IncludeTimestamp->Optional ? " (optional)" : sp__IncludeTimestamp->Ignorable ? " (ignorable)" : ""); | |
407 } | |
408 if (sp__EncryptBeforeSigning) | |
409 fprintf(stream, "%s- WS-Security Encrypt Before Signing%s (gSOAP unsupported)\n", tabs, sp__EncryptBeforeSigning->Optional ? " (optional)" : sp__EncryptBeforeSigning->Ignorable ? " (ignorable)" : ""); | |
410 if (sp__EncryptSignature) | |
411 fprintf(stream, "%s- WS-Security Encrypt Signature%s\n\t@code\n\t#include \"plugin/wsseapi.h\"\n\tsoap_wsse_add_EncryptedKey_encrypt_only(soap, <SOAP_MEC_ENV_ENC_xxx_CBC>, NULL, <cert>, NULL, <issuer>, <serial>, \"ds:Signature SOAP-ENV:Body\");\n\t@endcode\n", tabs, sp__EncryptSignature->Optional ? " (optional)" : sp__EncryptSignature->Ignorable ? " (ignorable)" : ""); | |
412 if (sp__ProtectTokens) | |
413 fprintf(stream, "%s- WS-Security Token Protection%s required\n", tabs, sp__ProtectTokens->Optional ? " (optional)" : sp__ProtectTokens->Ignorable ? " (ignorable)" : ""); | |
414 if (sp__OnlySignEntireHeadersAndBody) | |
415 { fprintf(stream, "%s- WS-Security Sign Entire Headers and Body%s:\n\t@code\n\t#include \"plugin/wsseapi.h\"\n\tsoap_wsse_set_wsu_id(soap, \"<ns:tagname1> <ns:tagname2> ...\"); // list each ns:tagname used in SOAP Header\n\tsoap_wsse_sign_body(soap, <algorithm>, <key>, <keylen>);\n\t@endcode\n", tabs, sp__OnlySignEntireHeadersAndBody->Optional ? " (optional)" : sp__OnlySignEntireHeadersAndBody->Ignorable ? " (ignorable)" : ""); | |
416 } | |
417 if (sp__Strict) | |
418 fprintf(stream, "%s- WS-Security headers 'declare before use' required (gSOAP default)\n", tabs); | |
419 else if (sp__Lax) | |
420 fprintf(stream, "%s- WS-Security headers may occur in any order (gSOAP allows this)\n", tabs); | |
421 else if (sp__LaxTsFirst) | |
422 fprintf(stream, "%s- WS-Security Timestamp must appear first (gSOAP default)\n", tabs); | |
423 else if (sp__LaxTsLast) | |
424 fprintf(stream, "%s- WS-Security Timestamp must appear last (requires changing the placement of the Timestamp header in SOAP_ENV__Header defined in import/wsse.h)\n", tabs); | |
425 // HTTP authentication | |
426 if (sp__HttpBasicAuthentication) | |
427 fprintf(stream, "%s- HTTP/S Basic Authentication required:\n\t@code\n\tsoap->userid = \"<userid>\"; soap->passwd = \"<passwd>\";\nsoap_call_ns__method(...)\n\t@endcode\n", tabs); | |
428 else if (sp__HttpDigestAuthentication) | |
429 fprintf(stream, "%s- HTTP/S Digest Authentication required:\n%sSee plugin/httpda.c plugin for usage details\n", tabs, tabs); | |
430 if (sp__RequireClientCertificate) | |
431 fprintf(stream, "%s- HTTPS client must authenticate to server with a certificate:\n\t@code\n\tsoap_ssl_client_context(soap, <sslflags>, \"<certkeyfile>\", \"<certkeypw>\", ...)\n\t@endcode\n", tabs); | |
432 // Security token requirements | |
433 if (sp__RequireKeyIdentifierReference) | |
434 fprintf(stream, "%s- Key identifier reference is required\n", tabs); | |
435 if (sp__RequireIssuerSerialReference) | |
436 fprintf(stream, "%s- Issuer serial reference is required\n", tabs); | |
437 if (sp__RequireEmbeddedTokenReference) | |
438 fprintf(stream, "%s- An embedded token reference is required\n", tabs); | |
439 if (sp__RequireThumbprintReference) | |
440 fprintf(stream, "%s- A thumbprint reference is required\n", tabs); | |
441 // Algorithm suite | |
442 if (sp__Basic256) | |
443 fprintf(stream, "%s- Basic256\n", tabs); | |
444 else if (sp__Basic192) | |
445 fprintf(stream, "%s- Basic192\n", tabs); | |
446 else if (sp__Basic128) | |
447 fprintf(stream, "%s- Basic128\n", tabs); | |
448 else if (sp__TripleDes) | |
449 fprintf(stream, "%s- TripleDes\n", tabs); | |
450 else if (sp__Basic256Rsa15) | |
451 fprintf(stream, "%s- Basic256Rsa15\n", tabs); | |
452 else if (sp__Basic192Rsa15) | |
453 fprintf(stream, "%s- Basic192Rsa15\n", tabs); | |
454 else if (sp__Basic128Rsa15) | |
455 fprintf(stream, "%s- Basic128Rsa15\n", tabs); | |
456 else if (sp__TripleDesRsa15) | |
457 fprintf(stream, "%s- TripleDesRsa15\n", tabs); | |
458 else if (sp__Basic256Sha256) | |
459 fprintf(stream, "%s- Basic256Sha256\n", tabs); | |
460 else if (sp__Basic192Sha256) | |
461 fprintf(stream, "%s- Basic192Sha256\n", tabs); | |
462 else if (sp__Basic128Sha256) | |
463 fprintf(stream, "%s- Basic128Sha256\n", tabs); | |
464 else if (sp__TripleDesSha256) | |
465 fprintf(stream, "%s- TripleDesSha256\n", tabs); | |
466 else if (sp__Basic256Sha256Rsa15) | |
467 fprintf(stream, "%s- Basic256Sha256Rsa15\n", tabs); | |
468 else if (sp__Basic192Sha256Rsa15) | |
469 fprintf(stream, "%s- Basic192Sha256Rsa15\n", tabs); | |
470 else if (sp__Basic128Sha256Rsa15) | |
471 fprintf(stream, "%s- Basic128Sha256Rsa15\n", tabs); | |
472 else if (sp__TripleDesSha256Rsa15) | |
473 fprintf(stream, "%s- TripleDesSha256Rsa15\n", tabs); | |
474 if (sp__InclusiveC14N) | |
475 fprintf(stream, "%s- InclusiveC14N\n", tabs); | |
476 if (sp__SOAPNormalization10) | |
477 fprintf(stream, "%s- SOAPNormalization10\n", tabs); | |
478 if (sp__STRTransform10) | |
479 fprintf(stream, "%s- STRTransform10\n", tabs); | |
480 if (sp__Path10) | |
481 fprintf(stream, "%s- Path10\n", tabs); | |
482 else if (sp__XPathFilter20) | |
483 fprintf(stream, "%s- XPathFilter20\n", tabs); | |
484 else if (sp__AbsXPath) | |
485 fprintf(stream, "%s- AbsXPath\n", tabs); | |
486 // WSS | |
487 if (sp__WssX509V3Token10) | |
488 fprintf(stream, "%s- An X509 Version 3 token should be used as defined in X509TokenProfile1.0\n", tabs); | |
489 else if (sp__WssX509Pkcs7Token10) | |
490 fprintf(stream, "%s- An X509 PKCS7 token should be used as defined in X509TokenProfile1.0\n", tabs); | |
491 else if (sp__WssX509PkiPathV1Token10) | |
492 fprintf(stream, "%s- An X509 PKI Path Version 1 token should be used as defined in X509TokenProfile1.0\n", tabs); | |
493 else if (sp__WssX509V1Token11) | |
494 fprintf(stream, "%s- An X509 Version 1 token should be used as defined in X509TokenProfile1.1\n", tabs); | |
495 else if (sp__WssX509V3Token11) | |
496 fprintf(stream, "%s- An X509 Version 3 token should be used as defined in X509TokenProfile1.1\n", tabs); | |
497 else if (sp__WssX509Pkcs7Token11) | |
498 fprintf(stream, "%s- An X509 PKCS7 token should be used as defined in X509TokenProfile1.1\n", tabs); | |
499 else if (sp__WssX509PkiPathV1Token11) | |
500 fprintf(stream, "%s- An X509 PKI Path Version 1 token should be used as defined in X509TokenProfile1.1\n", tabs); | |
501 if (sp__WssKerberosV5ApReqToken11) | |
502 fprintf(stream, "%s- A Kerberos Version 5 AP-REQ X509 token should be used as defined in KerberosTokenProfile1.1\n", tabs); | |
503 else if (sp__WssGssKerberosV5ApReqToken11) | |
504 fprintf(stream, "%s- A GSS Kerberos Version 5 AP-REQ token should be used as defined in KerberosTokenProfile1.1\n", tabs); | |
505 if (sp__WssRelV10Token10) | |
506 fprintf(stream, "%s- A REL Version 1.0 token should be used as defined in RELTokenProfile1.0\n", tabs); | |
507 else if (sp__WssRelV20Token10) | |
508 fprintf(stream, "%s- A REL Version 2.0 token should be used as defined in RELTokenProfile1.0\n", tabs); | |
509 else if (sp__WssRelV10Token11) | |
510 fprintf(stream, "%s- A REL Version 1.0 token should be used as defined in RELTokenProfile1.1\n", tabs); | |
511 else if (sp__WssRelV20Token11) | |
512 fprintf(stream, "%s- A REL Version 2.0 token should be used as defined in RELTokenProfile1.1\n", tabs); | |
513 if (sp__BootstrapPolicy) | |
514 { fprintf(stream, "%s- SecureConversation BootstrapPolicy\n", tabs); | |
515 sp__BootstrapPolicy->generate(service, types, indent + 1); | |
516 } | |
517 // WS-Addressing WSDL Policy | |
518 if (wsaw__UsingAddressing) | |
519 { fprintf(stream, "%s- WS-Addressing is used\n", tabs); | |
520 service.add_import("wsa5.h"); | |
521 } | |
522 // WS-Addressing Metadata Policy | |
523 if (wsam__Addressing) | |
524 { fprintf(stream, "%s- WS-Addressing%s is used\n", tabs, wsam__Addressing->Optional ? " (optional)" : wsam__Addressing->Ignorable ? " (ignorable)" : ""); | |
525 if (wsam__Addressing->Policy) | |
526 wsam__Addressing->Policy->generate(service, types, indent + 1); | |
527 service.add_import("wsa5.h"); | |
528 } | |
529 if (wsam__AnonymousResponses) | |
530 fprintf(stream, "%s- WS-Addressing Anonymous Responses\n", tabs); | |
531 else if (wsam__NonAnonymousResponses) | |
532 fprintf(stream, "%s- WS-Addressing NonAnonymous Responses\n", tabs); | |
533 // WS-ReliableMessaging Policy | |
534 if (wsrmp__RMAssertion_) | |
535 { fprintf(stream, "%s- WS-ReliableMessaging%s is used\n", tabs, wsrmp__RMAssertion_->Optional ? " (optional)" : wsrmp__RMAssertion_->Ignorable ? " (ignorable)" : ""); | |
536 if (wsrmp__RMAssertion_->InactivityTimeout && wsrmp__RMAssertion_->InactivityTimeout->Milliseconds) | |
537 fprintf(stream, "%s - Inactivity Timeout = %s (ms)\n", tabs, wsrmp__RMAssertion_->InactivityTimeout->Milliseconds); | |
538 if (wsrmp__RMAssertion_->BaseRetransmissionInterval && wsrmp__RMAssertion_->BaseRetransmissionInterval->Milliseconds) | |
539 fprintf(stream, "%s - Base Retransmission Interval = %s (ms)\n", tabs, wsrmp__RMAssertion_->BaseRetransmissionInterval->Milliseconds); | |
540 if (wsrmp__RMAssertion_->AcknowledgementInterval && wsrmp__RMAssertion_->AcknowledgementInterval->Milliseconds) | |
541 fprintf(stream, "%s - Acknowledgement Interval = %s (ms)\n", tabs, wsrmp__RMAssertion_->AcknowledgementInterval->Milliseconds); | |
542 if (wsrmp__RMAssertion_->ExponentialBackoff) | |
543 fprintf(stream, "%s - ExponentialBackoff\n", tabs); | |
544 if (wsrmp__RMAssertion_->Policy) | |
545 wsrmp__RMAssertion_->Policy->generate(service, types, indent + 1); | |
546 service.add_import("wsrm.h"); | |
547 } | |
548 if (wsrmp__DeliveryAssurance) | |
549 { fprintf(stream, "%s- WS-ReliableMessaging Delivery Assurance%s:\n", tabs, wsrmp__DeliveryAssurance->Optional ? " (optional)" : wsrmp__DeliveryAssurance->Ignorable ? " (ignorable)" : ""); | |
550 if (wsrmp__DeliveryAssurance->Policy) | |
551 wsrmp__DeliveryAssurance->Policy->generate(service, types, indent + 1); | |
552 service.add_import("wsrm.h"); | |
553 } | |
554 if (wsrmp__AtLeastOnce) | |
555 fprintf(stream, "%s- At Least Once\n", tabs); | |
556 if (wsrmp__AtMostOnce) | |
557 fprintf(stream, "%s- At Most Once\n", tabs); | |
558 if (wsrmp__ExactlyOnce) | |
559 fprintf(stream, "%s- Exactly Once\n", tabs); | |
560 if (wsrmp__InOrder) | |
561 fprintf(stream, "%s- In Order\n", tabs); | |
562 // All else | |
563 for (vector<_XML>::const_iterator x = __any.begin(); x != __any.end(); ++x) | |
564 { if (*x && *(*x)) | |
565 { fprintf(stream, "%s- Other policy requirements:\n\t@verbatim\n", tabs); | |
566 text(*x); | |
567 fprintf(stream, "\t@endverbatim\n"); | |
568 } | |
569 } | |
570 } | |
571 | |
572 static void gen_parts(const sp__Parts& parts, Types& types, const char *what, const char *name, int indent) | |
573 { static const char stabs[] = "\t\t\t\t\t\t\t\t\t\t"; | |
574 const char *tabs; | |
575 if (indent > 8) | |
576 indent = 8; | |
577 tabs = stabs + 9 - indent; | |
578 fprintf(stream, "%s- %s requirements:\n", tabs, name); | |
579 if (parts.Body) | |
580 fprintf(stream, "%s -# Body:\n\t@code\n\t#include \"plugin/wsseapi.h\"\n\tsoap_wsse_%s_body(soap, <algorithm>, <key>, <keylen>);\n\t@endcode\n", tabs, what); | |
581 if (!parts.Header.empty()) | |
582 { fprintf(stream, "%s -# Header elements:\n\t@code\n\t#include \"plugin/wsseapi.h\"\n\tsoap_wsse_set_wsu_id(soap, \"", tabs); | |
583 for (vector<sp__Header>::const_iterator h = parts.Header.begin(); h != parts.Header.end(); ++h) | |
584 { if ((*h).Name) | |
585 fprintf(stream, "%s ", types.aname(NULL, (*h).Namespace, (*h).Name)); | |
586 else if ((*h).Namespace) | |
587 fprintf(stream, "%s: ", types.nsprefix(NULL, (*h).Namespace)); | |
588 } | |
589 fprintf(stream, "\");\n\t@endcode\n"); | |
590 } | |
591 if (parts.Attachments) | |
592 fprintf(stream, "%s -# Attachments as defined in SwAProfile1.1\n", tabs); | |
593 } | |
594 | |
595 //////////////////////////////////////////////////////////////////////////////// | |
596 // | |
597 // wsp:PolicyReference | |
598 // | |
599 //////////////////////////////////////////////////////////////////////////////// | |
600 | |
601 int wsp__PolicyReference::traverse(wsdl__definitions& definitions) | |
602 { policyRef = NULL; | |
603 if (!URI || !*URI) | |
604 { cerr << "PolicyReference has no URI" << endl; | |
605 return SOAP_OK; | |
606 } | |
607 if (*URI == '#') | |
608 { policyRef = search(URI + 1, definitions); | |
609 if (!policyRef) | |
610 { cerr << "PolicyReference URI=\"" << URI << "\" not found" << endl; | |
611 return SOAP_OK; | |
612 } | |
613 } | |
614 return SOAP_OK; | |
615 } | |
616 | |
617 void wsp__PolicyReference::policyPtr(wsp__Policy *Policy) | |
618 { policyRef = Policy; | |
619 } | |
620 | |
621 wsp__Policy *wsp__PolicyReference::policyPtr() const | |
622 { return policyRef; | |
623 } | |
624 | |
625 static wsp__Policy *search(const char *URI, wsdl__definitions& definitions) | |
626 { for (vector<wsp__Policy>::iterator p = definitions.wsp__Policy_.begin(); p != definitions.wsp__Policy_.end(); ++p) | |
627 { wsp__Policy *policy = search(URI, &(*p)); | |
628 if (policy) | |
629 return policy; | |
630 } | |
631 return NULL; | |
632 } | |
633 | |
634 static wsp__Policy *search(const char *URI, wsp__Policy *policy) | |
635 { if (!policy) | |
636 return NULL; | |
637 if (policy->wsu__Id && !strcmp(URI, policy->wsu__Id)) | |
638 return policy; | |
639 return search(URI, (wsp__Content*)policy); | |
640 } | |
641 | |
642 static wsp__Policy *search(const char *URI, wsp__Content *content) | |
643 { wsp__Policy *policy; | |
644 policy = search(URI, content->Policy); | |
645 if (policy) | |
646 return policy; | |
647 for (vector<wsp__Content*>::iterator i = content->All.begin(); i != content->All.end(); ++i) | |
648 { policy = search(URI, *i); | |
649 if (policy) | |
650 return policy; | |
651 } | |
652 for (vector<wsp__Content*>::iterator j = content->ExactlyOne.begin(); j != content->ExactlyOne.end(); ++j) | |
653 { policy = search(URI, *j); | |
654 if (policy) | |
655 return policy; | |
656 } | |
657 return NULL; | |
658 } |