2 * Copyright (c) 2004 Nokia Corporation and/or its subsidiary(-ies).
4 * This component and the accompanying materials are made available
5 * under the terms of "Eclipse Public License v1.0"
6 * which accompanies this distribution, and is available
7 * at the URL "http://www.eclipse.org/legal/epl-v10.html".
9 * Initial Contributors:
10 * Nokia Corporation - initial contribution.
14 * Description: CSenWsSecurityHeader represents security header functionality
15 * according to oasis wss spesifications (2004/01)
27 #ifndef SEN_WS_SECURITY_HEADER2_H
28 #define SEN_WS_SECURITY_HEADER2_H
31 #include <SenFragmentBase.h>
32 #include <SenSoapConstants.h>
34 // FORWARD DECLARATIONS
35 class CSenIdentityProvider;
40 * CSenWsSecurityHeader represents security header functionality according to
41 * oasis web services security (WSS) specifications (2004/01)
45 class CSenWsSecurityHeader2 : public CSenFragmentBase
47 public: // Constructors and destructor
50 * PasswordType Enumeration
54 EText = 1, // default, wsse:PasswordText
55 EDigest // wsse:Digest
61 * @param aDocument The document which will be the owner of
62 * the elements of this header
63 * @param aElement An element which will be parent for this header.
64 * @return a pointer to new CSenWsSecurityHeader class instance.
66 IMPORT_C static CSenWsSecurityHeader2* NewL(RSenDocument aDocument,
67 TXmlEngElement aElement);
71 * @param aDocument The document which will be the owner of
72 * the elements of this header
73 * @param aElement An element which will be parent for this header.
74 * @return a new CSenWsSecurityHeader class instance, which pointer
75 * is left on cleanup stack.
77 IMPORT_C static CSenWsSecurityHeader2* NewLC(RSenDocument aDocument,
78 TXmlEngElement aElement);
82 * @param aData Data to be set as header's content.
83 * @param aDocument The document which will be the owner of
84 * the elements of this header
85 * @param aElement An element which will be parent for this header.
86 * @return a pointer to new CSenWsSecurityHeader class instance.
88 IMPORT_C static CSenWsSecurityHeader2* NewL(const TDesC8& aData,
89 RSenDocument aDocument,
90 TXmlEngElement aElement);
94 * @param aData Data to be set as header's content.
95 * @param aDocument The document which will be the owner of
96 * the elements of this header
97 * @param aElement An element which will be parent for this header.
98 * @return a new CSenWsSecurityHeader class instance, which pointer
99 * is left on cleanup stack.
101 IMPORT_C static CSenWsSecurityHeader2* NewLC(const TDesC8& aData,
102 RSenDocument aDocument,
103 TXmlEngElement aElement);
107 * @param aData Data to be set as header's content.
108 * @param aSecurityNs A namespace to be set to the header.
109 * @param aDocument The document which will be the owner of
110 * the elements of this header
111 * @param aElement An element which will be parent for this header.
112 * @return a pointer to new CSenWsSecurityHeader class instance.
114 IMPORT_C static CSenWsSecurityHeader2* NewL(const TDesC8& aData,
115 const TDesC8& aSecurityNs,
116 RSenDocument aDocument,
117 TXmlEngElement aElement);
121 * @param aData Data to be set as header's content.
122 * @param aSecurityNs A namespace to be set to the header.
123 * @param aDocument The document which will be the owner of
124 * the elements of this header
125 * @param aElement An element which will be parent for this header.
126 * @return a new CSenWsSecurityHeader class instance, which pointer
127 * is left on cleanup stack.
129 IMPORT_C static CSenWsSecurityHeader2* NewLC(const TDesC8& aData,
130 const TDesC8& aSecurityNs,
131 RSenDocument aDocument,
132 TXmlEngElement aElement);
137 IMPORT_C virtual ~CSenWsSecurityHeader2();
142 * Constructs a username token.
143 * @since Series60 3.0
144 * @param aIdentityProvider Identity provider which is used to get
145 * the authorization ID used in username token. Method takes the
146 * AuthzID out from aIdentityProvider, and uses it as username for
148 * Format of the token is as follows:
150 * <wsse:UsernameToken>
154 * </wsse:UsernameToken>"
156 * The above token assumes, that wsse namespace is declared in
157 * top level of the security header.
158 * @return a pointer to buffer containing the username token. Does not
159 * return NULL. Ownership is transferred to the caller. Method leaves
160 * with value KErrNotSupported, if a password type is not supported.
162 IMPORT_C HBufC8* UsernameTokenL(CSenIdentityProvider &aIdentityProvider);
165 * Constructs a username token.
166 * @since Series60 3.0
167 * @param aIdentityProvider Identity provider which is used to get
168 * the authorization ID used in username token. Method takes the
169 * AuthzID out from aIdentityProvider, and uses it as username for
170 * this token. Password is also fetched from aIdentityProvider via
171 * calling Password() getter, which must return a Base64 [XML-Schema]
172 * encoded, SHA-1 hash value, of the UTF8 encoded password.
173 * @param aType Specifies the type of the password, either
174 * wsse:PasswordText or wsse:PasswordDigest
176 * Format of the token is as follows (if password type is wsse:PasswordText):
178 * <wsse:UsernameToken>
185 * </wsse:UsernameToken>"
187 * If the password type is wsse:Password:Digest, then the password element
188 * will be declared as follows:
190 * <wsse:Password Type="wsse:PasswordDigest">
192 * The above token assumes, that wsse namespace is declared in
193 * top level of the security header.
194 * @return a pointer to buffer containing the username token. Does not
195 * return NULL. Ownership is transferred to the caller. Method leaves
196 * with value KErrNotSupported, if a password type is not supported.
198 IMPORT_C HBufC8* UsernameTokenL(CSenIdentityProvider &aIdentityProvider,
199 CSenWsSecurityHeader2::TPasswordType aType);
204 * Constructs a username token. This method does not add the <Password>
205 * element, since it is optional for basic username tokens.
206 * @since Series60 3.0
207 * @param aUsername User name which is used in the username
209 * @param aToken Ref-to-pointer where the token will be
210 * allocated. Shouldn't contain any data when
211 * called, or that data will be lost.
212 * @return KErrNone or some system-wide Symbian error code.
214 IMPORT_C static TInt UsernameTokenL(const TDesC8& aUsername,
218 * Constructs a username token using a password, too.
219 * @since Series60 5.0
220 * @param aUsername User name which is to be used in new token.
221 * @param aPassword Password which is to be use in new token.
222 * The type will be set to default: wsse:PasswordDigest,
223 * defined in KSecurityAttrTypeText. This is
224 * a Base64 [XML-Schema] encoded, SHA-1 hash value,
225 * of the UTF8 encoded password.
226 * @param aToken Ref-to-pointer in which the token will be
227 * allocated. Shouldn't contain any data when
228 * called, or that data will be lost.
229 * @return KErrNone or some system-wide Symbian error code.
231 IMPORT_C static TInt UsernameTokenL(const TDesC8& aUsername,
232 const TDesC8& aPassword,
236 * Constructs a username token using a password, too.
237 * @since Series60 5.0
238 * @param aUsername User name which is to be used in new token.
239 * @param aPassword Password which is to be use in new token
240 * This is a Base64 [XML-Schema] encoded, SHA-1
241 * hash value, of the UTF8 encoded password.
242 * @param aType Specifies the type of the password:
243 * - EText, being default refers to wsse:PasswordText,
244 * but this method does not add this, since it can
246 * - EDigest: will add wsse:PasswordDigest attribute
247 * to the <Password> -element, as in here:
249 * <wsse:UsernameToken>
253 * <wsse:Password Type="wsse:PasswordDigest">
256 * </wsse:UsernameToken>"
258 * @param aToken Ref-to-pointer where the token will be
259 * allocated. Shouldn't contain any data when
260 * called, or that data will be lost.
261 * @return KErrNone or some system-wide Symbian error code.
263 IMPORT_C static TInt UsernameTokenL(const TDesC8& aUsername,
264 const TDesC8& aPassword,
265 CSenWsSecurityHeader2::TPasswordType aType,
270 * Constructs a timestamp.
271 * @since Series60 5.0
272 * Format of the timestamp is as follows:
273 * <wsu:Timestamp xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
274 * <wsu:Created>2001-09-13T08:42:00Z</wsu:Created>
275 * <wsu:Expires>2002-09-13T08:42:00Z</wsu:Expires>
277 * The wsu namespace is declared inside this element.
278 * Based on chapter 10 from WS-Security 2004
279 * @param aCreated - creation time of token
280 * @param aExpires - end of validation time for token
281 * @param aTimestamp - a pointer to buffer containing the timestamp. Does not
282 * return NULL. Ownership is transferred to the caller.
283 * @return KErrNone or some system-wide Symbian error code.
285 IMPORT_C static TInt TimestampL(const TDesC8& aCreated, const TDesC8& aExpires, HBufC8*& aTimestamp);
288 * Constructs a timestamp.
289 * @since Series60 5.0
290 * Format of the timestamp is as follows:
291 * <wsu:Timestamp xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
292 * <wsu:Created>2001-09-13T08:42:00Z</wsu:Created>
294 * The wsu namespace is declared inside this element.
295 * Based on chapter 10 from WS-Security 2004
296 * @param aCreated - creation time of token
297 * @param aTimestamp - a pointer to buffer containing the timestamp. Does not
298 * return NULL. Ownership is transferred to the caller.
299 * @return KErrNone or some system-wide Symbian error code.
301 IMPORT_C static TInt TimestampL(const TDesC8& aCreated, HBufC8*& aTimestamp);
304 * Constructs a security token reference.
305 * @since Series60 5.0
306 * Format of the token reference is as follows:
307 * <wsse:SecurityTokenReference wsu:Id="...">
308 * <wsse:Reference URI="..."/>
309 * </wsse:SecurityTokenReference>
311 * The above token assumes, that wsse namespace is declared in
312 * top level of the security header.
314 * @param aSTR - a pointer to buffer containing the token reference. Does not
315 * return NULL. Ownership is transferred to the caller.
316 * @return KErrNone or some system-wide Symbian error code.
318 // IMPORT_C static TInt SecurityTokenReferenceL(const TDesC8& aURI, HBufC8*& aSTR);
323 /** Basic getter for XML namespace of the WS security header.
324 * Subclasses should override this to use different namespace
325 * @since Series60 3.0
326 * @return the WS security header namespace as string
328 IMPORT_C virtual TPtrC8 XmlNs();
331 * Basic getter for XML namespace prefix of the WS security header.
332 * Subclasses should override this to use different namespace prefix
333 * @since Series60 3.0
334 * @return the WS security header namespace prefix as string
336 IMPORT_C virtual TPtrC8 XmlNsPrefix();
341 * C++ default constructor
343 IMPORT_C CSenWsSecurityHeader2();
346 * Basic BaseConstructL function
348 IMPORT_C void BaseConstructL(RSenDocument aDocument,
349 TXmlEngElement aElement);
351 // Functions from base classes
354 * From CSenBaseFragment Basic BaseConstructL function
355 * @since Series60 3.0
356 * @param aData Data which will be used as current token
357 * (content) of this security header
358 * @param aDocument The document which will be the owner of
359 * the elements of this header
360 * @param aElement An element which will be parent for this header.
362 IMPORT_C void BaseConstructL(const TDesC8& aData,
363 RSenDocument aDocument,
364 TXmlEngElement aElement);
367 * From CSenBaseFragment Basic BaseConstructL function
368 * @since Series60 3.0
369 * @param aData Data which will be used as current token
370 * (content) of this security header
371 * @param aSecurityNs A namespace to be set to the header.
372 * @param aDocument The document which will be the owner of
373 * the elements of this header
374 * @param aElement An element which will be parent for this header.
376 IMPORT_C void BaseConstructL(const TDesC8& aData,
377 const TDesC8& aSecurityNs,
378 RSenDocument aDocument,
379 TXmlEngElement aElement);
382 #endif // SEN_WS_SECURITY_HEADER2_H