nordugrid-arc-dev 4.2.0-2 / usr / include / arc / ws-security / UsernameToken.h

This file is indexed.

/usr/include/arc/ws-security/UsernameToken.h is in nordugrid-arc-dev 4.2.0-2.

This file is owned by root:root, with mode 0o644.

The actual contents of the file can be viewed below. 

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
#ifndef __ARC_USERNAMETOKEN_H__
#define __ARC_USERNAMETOKEN_H__

#include <arc/XMLNode.h>
#include <arc/message/SOAPEnvelope.h>

// WS-Security Username Token Profile v1.1
// wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"

namespace Arc {

/// Interface for manipulation of WS-Security according to Username Token Profile. 
class UsernameToken {
protected:
  XMLNode header_; /** SOAP header element */
public:
  typedef enum {
    PasswordText,
    PasswordDigest
  } PasswordType;

  /** Link to existing SOAP header and parse Username Token information.
    Username Token related information is extracted from SOAP header and
    stored in class variables. */
  UsernameToken(SOAPEnvelope& soap);
  /** Add Username Token information into the SOAP header.
     Generated token contains elements Username and Password and is
    meant to be used for authentication.
    @param soap  the SOAP message
    @param username  <wsse:Username>...</wsse:Username> - if empty it is entered interactively from stdin
    @param password <wsse:Password Type="...">...</wsse:Password> - if empty it is entered interactively from stdin
    @param uid   <wsse:UsernameToken wsu:ID="...">
    @param pwdtype <wsse:Password Type="...">...</wsse:Password>
  */
  UsernameToken(SOAPEnvelope& soap, const std::string& username, const std::string& password,const std::string& uid, PasswordType pwdtype);

  /** Add Username Token information into the SOAP header.
     Generated token contains elements Username and Salt and is
    meant to be used for deriving Key Derivation.
  @param soap  the SOAP message
  @param username  <wsse:Username>...</wsse:Username>
  @param mac if derived key is meant to be used for Message Authentication Code
  @param iteration <wsse11:Iteration>...</wsse11:Iteration>
  */
  UsernameToken(SOAPEnvelope& soap, const std::string& username, const std::string& id, bool mac, int iteration);
  
  /** Returns true of constructor succeeded */
  operator bool(void);

  /** Returns username associated with this instance */
  std::string Username(void);

  /** Checks parsed/generated token against specified password.
    If token is meant to be used for deriving a key then key is returned in derived_key.
   In that case authentication is performed outside of UsernameToken class using 
   obtained derived_key. */
  bool Authenticate(const std::string& password,std::string& derived_key);

  /** Checks parsed token against password stored in specified stream.
    If token is meant to be used for deriving a key then key is returned in derived_key */
  bool Authenticate(std::istream& password,std::string& derived_key);

private:
  /** Tells if specified SOAP header has WSSE element and UsernameToken inside the WSSE element */
  static bool Check(SOAPEnvelope& soap);
private:
  std::string username_;
  std::string uid_;
  std::string password_;
  std::string passwdtype_;
  std::string nonce_;
  std::string created_;
  std::string salt_;
  int iteration_;
};

} // namespace Arc

#endif /* __ARC_USERNAMETOKEN_H__ */

APT Browse - Built by Thomas Orozco.