|
1 /* |
|
2 * Copyright (c) 2004 Nokia Corporation and/or its subsidiary(-ies). |
|
3 * All rights reserved. |
|
4 * This component and the accompanying materials are made available |
|
5 * under the terms of "Eclipse Public License v1.0" |
|
6 * which accompanies this distribution, and is available |
|
7 * at the URL "http://www.eclipse.org/legal/epl-v10.html". |
|
8 * |
|
9 * Initial Contributors: |
|
10 * Nokia Corporation - initial contribution. |
|
11 * |
|
12 * Contributors: |
|
13 * |
|
14 * Description: CSenWsSecurityHeader represents security header functionality |
|
15 * according to oasis wss spesifications (2004/01) |
|
16 * |
|
17 */ |
|
18 |
|
19 |
|
20 |
|
21 |
|
22 |
|
23 |
|
24 |
|
25 |
|
26 |
|
27 #ifndef SEN_WS_SECURITY_HEADER_H |
|
28 #define SEN_WS_SECURITY_HEADER_H |
|
29 |
|
30 // INCLUDES |
|
31 #include <SenBaseFragment.h> |
|
32 #include <SenSoapConstants.h> |
|
33 |
|
34 |
|
35 // FORWARD DECLARATIONS |
|
36 class CSenIdentityProvider; |
|
37 |
|
38 // CLASS DECLARATION |
|
39 |
|
40 /** |
|
41 * CSenWsSecurityHeader represents security header functionality according to |
|
42 * oasis web services security (WSS) specifications (2004/01) or older (2003/06) |
|
43 * @lib SenUtils.lib |
|
44 * @since Series60 3.0 |
|
45 */ |
|
46 class CSenWsSecurityHeader : public CSenBaseFragment |
|
47 { |
|
48 public: // Constructors and destructor |
|
49 |
|
50 /** |
|
51 * PasswordType Enumeration |
|
52 */ |
|
53 enum TPasswordType |
|
54 { |
|
55 EText = 1, // default, wsse:PasswordText |
|
56 EDigest // wsse:Digest |
|
57 }; |
|
58 |
|
59 |
|
60 /** |
|
61 * Basic constructor. |
|
62 * @return a pointer to new CSenWsSecurityHeader class instance. |
|
63 */ |
|
64 IMPORT_C static CSenWsSecurityHeader* NewL(); |
|
65 |
|
66 /** |
|
67 * Basic constructor. |
|
68 * @return a new CSenWsSecurityHeader class instance, which pointer |
|
69 * is left on cleanup stack. |
|
70 */ |
|
71 IMPORT_C static CSenWsSecurityHeader* NewLC(); |
|
72 |
|
73 |
|
74 /** |
|
75 * Basic constructor. |
|
76 * @param aData Data to be set as header's content. |
|
77 * @return a pointer to new CSenWsSecurityHeader class instance. |
|
78 */ |
|
79 IMPORT_C static CSenWsSecurityHeader* NewL(const TDesC8& aData); |
|
80 |
|
81 /** |
|
82 * Basic constructor. |
|
83 * @param aData Data to be set as header's content. |
|
84 * @return a new CSenWsSecurityHeader class instance, which pointer |
|
85 * is left on cleanup stack. |
|
86 */ |
|
87 IMPORT_C static CSenWsSecurityHeader* NewLC(const TDesC8& aData); |
|
88 |
|
89 /** |
|
90 * Basic constructor. |
|
91 * @param aData Data to be set as header's content. |
|
92 * @param aSecurityNs A namespace to be set to the header. |
|
93 * @return a pointer to new CSenWsSecurityHeader class instance. |
|
94 */ |
|
95 IMPORT_C static CSenWsSecurityHeader* NewL(const TDesC8& aData, const TDesC8& aSecurityNs); |
|
96 |
|
97 /** |
|
98 * Basic constructor. |
|
99 * @param aData Data to be set as header's content. |
|
100 * @param aSecurityNs A namespace to be set to the header. |
|
101 * @return a new CSenWsSecurityHeader class instance, which pointer |
|
102 * is left on cleanup stack. |
|
103 */ |
|
104 IMPORT_C static CSenWsSecurityHeader* NewLC(const TDesC8& aData, const TDesC8& aSecurityNs); |
|
105 |
|
106 /** |
|
107 * Destructor. |
|
108 */ |
|
109 IMPORT_C virtual ~CSenWsSecurityHeader(); |
|
110 |
|
111 // New functions |
|
112 |
|
113 /** |
|
114 * Constructs a username token. |
|
115 * @since Series60 3.0 |
|
116 * @param aIdentityProvider Identity provider which is used to get |
|
117 * the authorization ID used in username token. Method takes the |
|
118 * AuthzID out from aIdentityProvider, and uses it as username for |
|
119 * this token. |
|
120 * Format of the token is as follows: |
|
121 * |
|
122 * <wsse:UsernameToken> |
|
123 * <wsse:Username> |
|
124 * username |
|
125 * </wsse:Username> |
|
126 * </wsse:UsernameToken>" |
|
127 * |
|
128 * The above token assumes, that wsse namespace is declared in |
|
129 * top level of the security header. |
|
130 * @return a pointer to buffer containing the username token. Does not |
|
131 * return NULL. Ownership is transferred to the caller. Method leaves |
|
132 * with value KErrNotSupported, if a password type is not supported. |
|
133 */ |
|
134 IMPORT_C HBufC8* UsernameTokenL(CSenIdentityProvider &aIdentityProvider); |
|
135 |
|
136 /** |
|
137 * Constructs a username token. |
|
138 * @since Series60 3.0 |
|
139 * @param aIdentityProvider Identity provider which is used to get |
|
140 * the authorization ID used in username token. Method takes the |
|
141 * AuthzID out from aIdentityProvider, and uses it as username for |
|
142 * this token. Password is also fetched from aIdentityProvider via |
|
143 * calling Password() getter, which must return a Base64 [XML-Schema] |
|
144 * encoded, SHA-1 hash value, of the UTF8 encoded password. |
|
145 * @param aType Specifies the type of the password, either |
|
146 * wsse:PasswordText or wsse:PasswordDigest |
|
147 * |
|
148 * Format of the token is as follows (if password type is wsse:PasswordText): |
|
149 * |
|
150 * <wsse:UsernameToken> |
|
151 * <wsse:Username> |
|
152 * username |
|
153 * </wsse:Username> |
|
154 * <wsse:Password> |
|
155 * password |
|
156 * </wsse:Password> |
|
157 * </wsse:UsernameToken>" |
|
158 * |
|
159 * If the password type is wsse:Password:Digest, then the password element |
|
160 * will be declared as follows: |
|
161 * |
|
162 * <wsse:Password Type="wsse:PasswordDigest"> |
|
163 * |
|
164 * The above token assumes, that wsse namespace is declared in |
|
165 * top level of the security header. |
|
166 * @return a pointer to buffer containing the username token. Does not |
|
167 * return NULL. Ownership is transferred to the caller. Method leaves |
|
168 * with value KErrNotSupported, if a password type is not supported. |
|
169 */ |
|
170 IMPORT_C HBufC8* UsernameTokenL(CSenIdentityProvider &aIdentityProvider, |
|
171 CSenWsSecurityHeader::TPasswordType aType); |
|
172 |
|
173 // Static methods: |
|
174 |
|
175 /** |
|
176 * Constructs a username token. This method does not add the <Password> |
|
177 * element, since it is optional for basic username tokens. |
|
178 * @since Series60 3.0 |
|
179 * @param aUsername User name which is used in the username |
|
180 * token. |
|
181 * @param aToken Ref-to-pointer where the token will be |
|
182 * allocated. Shouldn't contain any data when |
|
183 * called, or that data will be lost. |
|
184 * @return KErrNone or some system-wide Symbian error code. |
|
185 */ |
|
186 IMPORT_C static TInt UsernameTokenL(const TDesC8& aUsername, |
|
187 HBufC8*& aToken); |
|
188 |
|
189 /** |
|
190 * Constructs a username token using a password, too. |
|
191 * @since Series60 5.0 |
|
192 * @param aUsername User name which is to be used in new token. |
|
193 * @param aPassword Password which is to be use in new token. |
|
194 * The type will be set to default: wsse:PasswordDigest, |
|
195 * defined in KSecurityAttrTypeText. This is |
|
196 * a Base64 [XML-Schema] encoded, SHA-1 hash value, |
|
197 * of the UTF8 encoded password. |
|
198 * @param aToken Ref-to-pointer in which the token will be |
|
199 * allocated. Shouldn't contain any data when |
|
200 * called, or that data will be lost. |
|
201 * @return KErrNone or some system-wide Symbian error code. |
|
202 */ |
|
203 IMPORT_C static TInt UsernameTokenL(const TDesC8& aUsername, |
|
204 const TDesC8& aPassword, |
|
205 HBufC8*& aToken); |
|
206 |
|
207 /** |
|
208 * Constructs a username token using a password, too. |
|
209 * @since Series60 5.0 |
|
210 * @param aUsername User name which is to be used in new token. |
|
211 * @param aPassword Password which is to be use in new token |
|
212 * This is a Base64 [XML-Schema] encoded, SHA-1 |
|
213 * hash value, of the UTF8 encoded password. |
|
214 * @param aType Specifies the type of the password: |
|
215 * - EText, being default refers to wsse:PasswordText, |
|
216 * but this method does not add this, since it can |
|
217 * be omitted. |
|
218 * - EDigest: will add wsse:PasswordDigest attribute |
|
219 * to the <Password> -element, as in here: |
|
220 * |
|
221 * <wsse:UsernameToken> |
|
222 * <wsse:Username> |
|
223 * username |
|
224 * </wsse:Username> |
|
225 * <wsse:Password Type="wsse:PasswordDigest"> |
|
226 * password |
|
227 * </wsse:Password> |
|
228 * </wsse:UsernameToken>" |
|
229 * |
|
230 * @param aToken Ref-to-pointer where the token will be |
|
231 * allocated. Shouldn't contain any data when |
|
232 * called, or that data will be lost. |
|
233 * @return KErrNone or some system-wide Symbian error code. |
|
234 */ |
|
235 IMPORT_C static TInt UsernameTokenL(const TDesC8& aUsername, |
|
236 const TDesC8& aPassword, |
|
237 CSenWsSecurityHeader::TPasswordType aType, |
|
238 HBufC8*& aToken); |
|
239 |
|
240 |
|
241 /** |
|
242 * Constructs a BinarySecurityToken. |
|
243 * @since Series60 5.0 |
|
244 * |
|
245 * @param aContent Encoded EncryptedData which is to be used in token. |
|
246 * @param aToken Ref-to-pointer where the token will be |
|
247 * allocated. Shouldn't contain any data when |
|
248 * called, or that data will be lost. |
|
249 * @return KErrNone or some system-wide Symbian error code. |
|
250 */ |
|
251 IMPORT_C static TInt BinarySecurityTokenL(const TDesC8& aContent, |
|
252 HBufC8*& aToken); |
|
253 /** |
|
254 * Constructs a BinarySecurityToken. |
|
255 * @since Series60 5.0 |
|
256 * |
|
257 * @param aContent Encoded EncryptedData which is to be used in token. |
|
258 * @param aValueType Indicates what the security token is |
|
259 * @param aToken Ref-to-pointer where the token will be |
|
260 * allocated. Shouldn't contain any data when |
|
261 * called, or that data will be lost. |
|
262 * @return KErrNone or some system-wide Symbian error code. |
|
263 */ |
|
264 IMPORT_C static TInt BinarySecurityTokenL(const TDesC8& aContent, |
|
265 const TDesC8& aValueType, |
|
266 HBufC8*& aToken); |
|
267 |
|
268 /** |
|
269 * Constructs a timestamp. |
|
270 * @since Series60 5.0 |
|
271 * Format of the timestamp is as follows: |
|
272 * <wsu:Timestamp xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"> |
|
273 * <wsu:Created>2001-09-13T08:42:00Z</wsu:Created> |
|
274 * <wsu:Expires>2002-09-13T08:42:00Z</wsu:Expires> |
|
275 * </wsu:Timestamp> |
|
276 * The wsu namespace is declared inside this element. |
|
277 * Based on chapter 10 from WS-Security 2004 |
|
278 * @param aCreated - creation time of token |
|
279 * @param aExpires - end of validation time for token |
|
280 * @param aTimestamp - a pointer to buffer containing the timestamp. Does not |
|
281 * return NULL. Ownership is transferred to the caller. |
|
282 * @return KErrNone or some system-wide Symbian error code. |
|
283 */ |
|
284 IMPORT_C static TInt TimestampL(const TDesC8& aCreated, const TDesC8& aExpires, HBufC8*& aTimestamp); |
|
285 |
|
286 /** |
|
287 * Constructs a timestamp. |
|
288 * @since Series60 5.0 |
|
289 * Format of the timestamp is as follows: |
|
290 * <wsu:Timestamp xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"> |
|
291 * <wsu:Created>2001-09-13T08:42:00Z</wsu:Created> |
|
292 * </wsu:Timestamp> |
|
293 * The wsu namespace is declared inside this element. |
|
294 * Based on chapter 10 from WS-Security 2004 |
|
295 * @param aCreated - creation time of token |
|
296 * @param aTimestamp - a pointer to buffer containing the timestamp. Does not |
|
297 * return NULL. Ownership is transferred to the caller. |
|
298 * @return KErrNone or some system-wide Symbian error code. |
|
299 */ |
|
300 IMPORT_C static TInt TimestampL(const TDesC8& aCreated, HBufC8*& aTimestamp); |
|
301 |
|
302 /** |
|
303 * Constructs a security token reference. |
|
304 * @since Series60 5.0 |
|
305 * Format of the token reference is as follows: |
|
306 * <wsse:SecurityTokenReference wsu:Id="..."> |
|
307 * <wsse:Reference URI="..."/> |
|
308 * </wsse:SecurityTokenReference> |
|
309 * |
|
310 * The above token assumes, that wsse namespace is declared in |
|
311 * top level of the security header. |
|
312 * @param |
|
313 * @param aSTR - a pointer to buffer containing the token reference. Does not |
|
314 * return NULL. Ownership is transferred to the caller. |
|
315 * @return KErrNone or some system-wide Symbian error code. |
|
316 */ |
|
317 // IMPORT_C static TInt SecurityTokenReferenceL(const TDesC8& aURI, HBufC8*& aSTR); |
|
318 |
|
319 |
|
320 // Virtual methods: |
|
321 |
|
322 /** Basic getter for XML namespace of the WS security header. |
|
323 * Subclasses should override this to use different namespace |
|
324 * @since Series60 3.0 |
|
325 * @return the WS security header namespace as string |
|
326 */ |
|
327 IMPORT_C virtual TPtrC8 XmlNs(); |
|
328 |
|
329 /** |
|
330 * Basic getter for XML namespace prefix of the WS security header. |
|
331 * Subclasses should override this to use different namespace prefix |
|
332 * @since Series60 3.0 |
|
333 * @return the WS security header namespace prefix as string |
|
334 */ |
|
335 IMPORT_C virtual TPtrC8 XmlNsPrefix(); |
|
336 |
|
337 protected: |
|
338 |
|
339 /** |
|
340 * C++ default constructor |
|
341 */ |
|
342 IMPORT_C CSenWsSecurityHeader(); |
|
343 |
|
344 /** |
|
345 * Basic BaseConstructL function |
|
346 */ |
|
347 IMPORT_C void BaseConstructL(); |
|
348 |
|
349 // Functions from base classes |
|
350 |
|
351 /** |
|
352 * From CSenBaseFragment Basic BaseConstructL function |
|
353 * @since Series60 3.0 |
|
354 * @param aData will be used as current token (content) of this security |
|
355 * header |
|
356 */ |
|
357 IMPORT_C void BaseConstructL(const TDesC8& aData); |
|
358 IMPORT_C void BaseConstructL(const TDesC8& aData, const TDesC8& aSecurityNs); |
|
359 }; |
|
360 |
|
361 #endif // SEN_WS_SECURITY_HEADER_H |
|
362 |
|
363 // End of File |