Move Santuario XML Security to Quarkus CXF

The copied code comes from this commit:
https://github.com/quarkiverse/quarkus-xmlsec/tree/407549406a27efc5acba1c677440a1a98799662b

.github/workflows/build.yml

@@ -79,7 +79,7 @@ jobs:
     strategy:
       fail-fast: false
       matrix:
-        testModule: ['client', 'client-server', 'hc5', 'metrics', 'mtom', 'mtom-awt', 'opentelemetry', 'server', 'ws-rm-client', 'ws-security-client', 'ws-security-policy', 'ws-security-policy -Djks', 'ws-security-server', 'ws-security-server -Djks', 'ws-trust', 'wsdl2java', 'wsdl2java-no-config']
+        testModule: ['client', 'client-server', 'hc5', 'metrics', 'mtom', 'mtom-awt', 'opentelemetry', 'santuario-xmlsec', 'server', 'ws-rm-client', 'ws-security-client', 'ws-security-policy', 'ws-security-policy -Djks', 'ws-security-server', 'ws-security-server -Djks', 'ws-trust', 'wsdl2java', 'wsdl2java-no-config']
     name: ${{matrix.testModule}} native tests
     needs: build-and-run-jvm-tests
     runs-on: ubuntu-latest

bom/pom.xml

@@ -18,13 +18,6 @@
 
     <dependencyManagement>
         <dependencies>
-            <dependency>
-                <groupId>io.quarkiverse.xmlsec</groupId>
-                <artifactId>quarkus-xmlsec-bom</artifactId>
-                <version>${quarkus-xmlsec.version}</version>
-                <type>pom</type>
-                <scope>import</scope>
-            </dependency>
             <dependency>
                 <groupId>org.apache.cxf</groupId>
                 <artifactId>cxf-bom</artifactId>
@@ -145,6 +138,12 @@
                 <version>${cxf.xjcplugins.version}</version>
             </dependency>
 
+            <dependency>
+                <groupId>org.apache.santuario</groupId>
+                <artifactId>xmlsec</artifactId>
+                <version>${santuario-xmlsec.version}</version>
+            </dependency>
+
             <dependency>
                 <groupId>io.quarkiverse.cxf</groupId>
                 <artifactId>quarkus-cxf</artifactId>
@@ -236,6 +235,16 @@
                 <artifactId>quarkus-cxf-saaj-deployment</artifactId>
                 <version>${quarkus-cxf.version}</version>
             </dependency>
+            <dependency>
+                <groupId>io.quarkiverse.cxf</groupId>
+                <artifactId>quarkus-cxf-santuario-xmlsec</artifactId>
+                <version>${quarkus-cxf.version}</version>
+            </dependency>
+            <dependency>
+                <groupId>io.quarkiverse.cxf</groupId>
+                <artifactId>quarkus-cxf-santuario-xmlsec-deployment</artifactId>
+                <version>${quarkus-cxf.version}</version>
+            </dependency>
             <dependency>
                 <groupId>io.quarkiverse.cxf</groupId>
                 <artifactId>quarkus-cxf-services-sts</artifactId>

extensions/pom.xml

@@ -14,6 +14,7 @@
 
     <modules>
         <module>saaj</module>
+        <module>santuario-xmlsec</module>
         <module>woodstox</module>
         <module>core</module>
         <module>features-logging</module>

extensions/santuario-xmlsec/deployment/pom.xml

@@ -0,0 +1,60 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 https://maven.apache.org/xsd/maven-4.0.0.xsd">
+    <modelVersion>4.0.0</modelVersion>
+    <parent>
+        <groupId>io.quarkiverse.cxf</groupId>
+        <artifactId>quarkus-cxf-santuario-xmlsec-parent</artifactId>
+        <version>2.7.2-SNAPSHOT</version>
+        <relativePath>../pom.xml</relativePath>
+    </parent>
+
+    <artifactId>quarkus-cxf-santuario-xmlsec-deployment</artifactId>
+    <name>Quarkus - Santuario XML Security - Deployment</name>
+
+    <dependencies>
+        <dependency>
+            <groupId>io.quarkus</groupId>
+            <artifactId>quarkus-core-deployment</artifactId>
+        </dependency>
+        <dependency>
+            <groupId>io.quarkus</groupId>
+            <artifactId>quarkus-jaxb-deployment</artifactId>
+        </dependency>
+        <dependency>
+            <groupId>io.quarkus</groupId>
+            <artifactId>quarkus-jaxp-deployment</artifactId>
+        </dependency>
+        <dependency>
+            <groupId>io.quarkiverse.cxf</groupId>
+            <artifactId>quarkus-cxf-santuario-xmlsec</artifactId>
+        </dependency>
+        <dependency>
+            <groupId>io.quarkus</groupId>
+            <artifactId>quarkus-arc-deployment</artifactId>
+            <scope>test</scope>
+        </dependency>
+
+        <dependency>
+            <groupId>io.quarkus</groupId>
+            <artifactId>quarkus-junit5-internal</artifactId>
+            <scope>test</scope>
+        </dependency>
+    </dependencies>
+    <build>
+        <plugins>
+            <plugin>
+                <groupId>org.apache.maven.plugins</groupId>
+                <artifactId>maven-compiler-plugin</artifactId>
+                <configuration>
+                    <annotationProcessorPaths>
+                        <path>
+                            <groupId>io.quarkus</groupId>
+                            <artifactId>quarkus-extension-processor</artifactId>
+                            <version>${quarkus.version}</version>
+                        </path>
+                    </annotationProcessorPaths>
+                </configuration>
+            </plugin>
+        </plugins>
+    </build>
+</project>

extensions/santuario-xmlsec/deployment/src/main/java/io/quarkiverse/xmlsec/deployment/XmlsecProcessor.java

@@ -0,0 +1,139 @@
+package io.quarkiverse.xmlsec.deployment;
+
+import java.io.IOException;
+import java.util.ArrayList;
+import java.util.Set;
+import java.util.stream.Stream;
+
+import javax.crypto.spec.GCMParameterSpec;
+import javax.xml.crypto.dsig.spec.XPathType;
+
+import org.apache.jcp.xml.dsig.internal.dom.XMLDSigRI;
+import org.apache.xml.security.algorithms.SignatureAlgorithmSpi;
+import org.apache.xml.security.c14n.CanonicalizerSpi;
+import org.apache.xml.security.transforms.TransformSpi;
+import org.jboss.jandex.DotName;
+import org.jboss.jandex.IndexView;
+
+import io.quarkus.deployment.annotations.BuildProducer;
+import io.quarkus.deployment.annotations.BuildStep;
+import io.quarkus.deployment.builditem.CombinedIndexBuildItem;
+import io.quarkus.deployment.builditem.ExtensionSslNativeSupportBuildItem;
+import io.quarkus.deployment.builditem.FeatureBuildItem;
+import io.quarkus.deployment.builditem.IndexDependencyBuildItem;
+import io.quarkus.deployment.builditem.nativeimage.NativeImageResourceBuildItem;
+import io.quarkus.deployment.builditem.nativeimage.NativeImageResourceBundleBuildItem;
+import io.quarkus.deployment.builditem.nativeimage.NativeImageSecurityProviderBuildItem;
+import io.quarkus.deployment.builditem.nativeimage.ReflectiveClassBuildItem;
+import io.quarkus.deployment.builditem.nativeimage.RuntimeInitializedClassBuildItem;
+import io.quarkus.deployment.builditem.nativeimage.ServiceProviderBuildItem;
+import io.quarkus.deployment.util.ServiceUtil;
+
+class XmlsecProcessor {
+
+    private static final String FEATURE = "xmlsec";
+
+    @BuildStep
+    FeatureBuildItem feature() {
+        return new FeatureBuildItem(FEATURE);
+    }
+
+    @BuildStep
+    ExtensionSslNativeSupportBuildItem activateSslNativeSupport() {
+        return new ExtensionSslNativeSupportBuildItem(FEATURE);
+    }
+
+    @BuildStep
+    IndexDependencyBuildItem indexDependencies() {
+        return new IndexDependencyBuildItem("org.apache.santuario", "xmlsec");
+    }
+
+    @BuildStep
+    void registerForReflection(BuildProducer<ReflectiveClassBuildItem> reflectiveClass,
+            CombinedIndexBuildItem combinedIndex) {
+        IndexView index = combinedIndex.getIndex();
+
+        Stream.of(
+                SignatureAlgorithmSpi.class.getName(),
+                CanonicalizerSpi.class.getName(),
+                TransformSpi.class.getName(),
+                org.apache.xml.security.stax.securityToken.SecurityTokenFactory.class.getName())
+                .flatMap(className -> index.getAllKnownSubclasses(DotName.createSimple(className)).stream())
+                .map(classInfo -> classInfo.name().toString())
+                .map(className -> ReflectiveClassBuildItem.builder(className).build())
+                .forEach(reflectiveClass::produce);
+
+        Stream.of(
+                org.apache.xml.security.stax.ext.ResourceResolverLookup.class.getName(),
+                org.apache.xml.security.stax.ext.Transformer.class.getName())
+                .flatMap(className -> index.getAllKnownImplementors(DotName.createSimple(className)).stream())
+                .map(classInfo -> classInfo.name().toString())
+                .map(className -> ReflectiveClassBuildItem.builder(className).build())
+                .forEach(reflectiveClass::produce);
+
+        reflectiveClass.produce(ReflectiveClassBuildItem.builder(
+                GCMParameterSpec.class.getName(), XPathType[].class.getName()).build());
+    }
+
+    @BuildStep
+    void runtimeInitializedClass(BuildProducer<RuntimeInitializedClassBuildItem> runtimeInitializedClass) {
+        runtimeInitializedClass
+                .produce(new RuntimeInitializedClassBuildItem("org.apache.xml.security.stax.impl.InboundSecurityContextImpl"));
+    }
+
+    @BuildStep
+    void nativeImageResources(BuildProducer<NativeImageResourceBuildItem> nativeImageResources) {
+        Stream.of(
+                "bindings/bindings.cat",
+                "bindings/c14n.xjb",
+                "bindings/dsig.xjb",
+                "bindings/dsig11.xjb",
+                "bindings/rsa-pss.xjb",
+                "bindings/security-config.xjb",
+                "bindings/xenc.xjb",
+                "bindings/xenc11.xjb",
+                "bindings/xop.xjb",
+                "bindings/schemas/datatypes.dtd",
+                "bindings/schemas/exc-c14n.xsd",
+                "bindings/schemas/rsa-pss.xsd",
+                "bindings/schemas/xenc-schema.xsd",
+                "bindings/schemas/xenc-schema-11.xsd",
+                "bindings/schemas/xml.xsd",
+                "bindings/schemas/xmldsig11-schema.xsd",
+                "bindings/schemas/xmldsig-core-schema.xsd",
+                "bindings/schemas/XMLSchema.dtd",
+                "bindings/schemas/xop-include.xsd",
+                "schemas/security-config.xsd",
+                "security-config.xml")
+                .map(NativeImageResourceBuildItem::new)
+                .forEach(nativeImageResources::produce);
+    }
+
+    @BuildStep
+    NativeImageSecurityProviderBuildItem saslSecurityProvider() {
+        return new NativeImageSecurityProviderBuildItem(XMLDSigRI.class.getName());
+    }
+
+    @BuildStep
+    void resourceBundle(BuildProducer<NativeImageResourceBundleBuildItem> resourceBundle) {
+        resourceBundle.produce(
+                new NativeImageResourceBundleBuildItem("org.apache.xml.security.resource.xmlsecurity"));
+    }
+
+    @BuildStep
+    void serviceProviders(BuildProducer<ServiceProviderBuildItem> serviceProviders) {
+        Stream.of(
+                javax.xml.validation.SchemaFactory.class)
+                .map(Class::getName)
+                .forEach(serviceName -> {
+                    try {
+                        final Set<String> names = ServiceUtil.classNamesNamedIn(Thread.currentThread().getContextClassLoader(),
+                                ServiceProviderBuildItem.SPI_ROOT + serviceName);
+                        serviceProviders.produce(new ServiceProviderBuildItem(serviceName, new ArrayList<>(names)));
+                    } catch (IOException e) {
+                        throw new RuntimeException(e);
+                    }
+                });
+    }
+
+}

extensions/santuario-xmlsec/deployment/src/test/java/io/quarkiverse/quarkus/xmlsec/test/XmlsecDevModeTest.java

@@ -0,0 +1,23 @@
+package io.quarkiverse.quarkus.xmlsec.test;
+
+import org.jboss.shrinkwrap.api.ShrinkWrap;
+import org.jboss.shrinkwrap.api.spec.JavaArchive;
+import org.junit.jupiter.api.Assertions;
+import org.junit.jupiter.api.Test;
+import org.junit.jupiter.api.extension.RegisterExtension;
+
+import io.quarkus.test.QuarkusDevModeTest;
+
+public class XmlsecDevModeTest {
+
+    // Start hot reload (DevMode) test with your extension loaded
+    @RegisterExtension
+    static final QuarkusDevModeTest devModeTest = new QuarkusDevModeTest()
+            .setArchiveProducer(() -> ShrinkWrap.create(JavaArchive.class));
+
+    @Test
+    public void writeYourOwnDevModeTest() {
+        // Write your dev mode tests here - see the testing extension guide https://quarkus.io/guides/writing-extensions#testing-hot-reload for more information
+        Assertions.assertTrue(true, "Add dev mode assertions to " + getClass().getName());
+    }
+}

extensions/santuario-xmlsec/deployment/src/test/java/io/quarkiverse/quarkus/xmlsec/test/XmlsecTest.java

@@ -0,0 +1,23 @@
+package io.quarkiverse.quarkus.xmlsec.test;
+
+import org.jboss.shrinkwrap.api.ShrinkWrap;
+import org.jboss.shrinkwrap.api.spec.JavaArchive;
+import org.junit.jupiter.api.Assertions;
+import org.junit.jupiter.api.Test;
+import org.junit.jupiter.api.extension.RegisterExtension;
+
+import io.quarkus.test.QuarkusUnitTest;
+
+public class XmlsecTest {
+
+    // Start unit test with your extension loaded
+    @RegisterExtension
+    static final QuarkusUnitTest unitTest = new QuarkusUnitTest()
+            .setArchiveProducer(() -> ShrinkWrap.create(JavaArchive.class));
+
+    @Test
+    public void writeYourOwnUnitTest() {
+        // Write your unit tests here - see the testing extension guide https://quarkus.io/guides/writing-extensions#testing-extensions for more information
+        Assertions.assertTrue(true, "Add some assertions to " + getClass().getName());
+    }
+}

extensions/santuario-xmlsec/pom.xml

@@ -0,0 +1,20 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 https://maven.apache.org/xsd/maven-4.0.0.xsd">
+    <modelVersion>4.0.0</modelVersion>
+    <parent>
+        <groupId>io.quarkiverse.cxf</groupId>
+        <artifactId>quarkus-cxf-extensions</artifactId>
+        <version>2.7.2-SNAPSHOT</version>
+        <relativePath>../pom.xml</relativePath>
+    </parent>
+
+    <artifactId>quarkus-cxf-santuario-xmlsec-parent</artifactId>
+    <name>Quarkus CXF - Santuario XML Security - Parent</name>
+    <packaging>pom</packaging>
+
+    <modules>
+        <module>deployment</module>
+        <module>runtime</module>
+    </modules>
+
+</project>

extensions/santuario-xmlsec/runtime/pom.xml

@@ -0,0 +1,64 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 https://maven.apache.org/xsd/maven-4.0.0.xsd">
+    <modelVersion>4.0.0</modelVersion>
+    <parent>
+        <groupId>io.quarkiverse.cxf</groupId>
+        <artifactId>quarkus-cxf-santuario-xmlsec-parent</artifactId>
+        <version>2.7.2-SNAPSHOT</version>
+        <relativePath>../pom.xml</relativePath>
+    </parent>
+    <artifactId>quarkus-cxf-santuario-xmlsec</artifactId>
+    <name>Quarkus - Santuario XML Security</name>
+    <description>Provides implementation of the primary security standards for XML</description>
+
+    <dependencies>
+        <dependency>
+            <groupId>io.quarkus</groupId>
+            <artifactId>quarkus-core</artifactId>
+        </dependency>
+        <dependency>
+            <groupId>io.quarkus</groupId>
+            <artifactId>quarkus-jaxb</artifactId>
+        </dependency>
+        <dependency>
+            <groupId>io.quarkus</groupId>
+            <artifactId>quarkus-jaxp</artifactId>
+        </dependency>
+        <dependency>
+            <groupId>org.apache.santuario</groupId>
+            <artifactId>xmlsec</artifactId>
+        </dependency>
+    </dependencies>
+    <build>
+        <plugins>
+            <plugin>
+                <groupId>io.quarkus</groupId>
+                <artifactId>quarkus-extension-maven-plugin</artifactId>
+                <executions>
+                    <execution>
+                        <goals>
+                            <goal>extension-descriptor</goal>
+                        </goals>
+                        <phase>compile</phase>
+                        <configuration>
+                            <deployment>${project.groupId}:${project.artifactId}-deployment:${project.version}</deployment>
+                        </configuration>
+                    </execution>
+                </executions>
+            </plugin>
+            <plugin>
+                <groupId>org.apache.maven.plugins</groupId>
+                <artifactId>maven-compiler-plugin</artifactId>
+                <configuration>
+                    <annotationProcessorPaths>
+                        <path>
+                            <groupId>io.quarkus</groupId>
+                            <artifactId>quarkus-extension-processor</artifactId>
+                            <version>${quarkus.version}</version>
+                        </path>
+                    </annotationProcessorPaths>
+                </configuration>
+            </plugin>
+        </plugins>
+    </build>
+</project>