Example 1 with EncryptionService
use of ddf.security.encryption.EncryptionService in project ddf by codice.
the class IdpEndpointTest method setup.
@Before
public void setup() throws IOException, SecurityServiceException, ParserConfigurationException, SAXException {
System.setProperty("org.codice.ddf.system.hostname", "localhost");
System.setProperty("javax.net.ssl.keyStorePassword", "changeit");
File jksFile = temporaryFolder.newFile("serverKeystore.jks");
FileOutputStream jksOutStream = new FileOutputStream(jksFile);
InputStream jksStream = IdpEndpointTest.class.getResourceAsStream("/serverKeystore.jks");
IOUtils.copy(jksStream, jksOutStream);
IOUtils.closeQuietly(jksStream);
IOUtils.closeQuietly(jksOutStream);
File signatureFile = temporaryFolder.newFile("signature.properties");
FileOutputStream signatureOutStream = new FileOutputStream(signatureFile);
InputStream signatureStream = IdpEndpointTest.class.getResourceAsStream("/signature.properties");
IOUtils.copy(signatureStream, signatureOutStream);
IOUtils.closeQuietly(signatureStream);
IOUtils.closeQuietly(signatureOutStream);
File encryptionFile = temporaryFolder.newFile("encryption.properties");
FileOutputStream encryptionOutStream = new FileOutputStream(encryptionFile);
InputStream encryptionStream = IdpEndpointTest.class.getResourceAsStream("/encryption.properties");
IOUtils.copy(encryptionStream, encryptionOutStream);
IOUtils.closeQuietly(encryptionStream);
IOUtils.closeQuietly(encryptionOutStream);
EncryptionService encryptionService = mock(EncryptionService.class);
when(encryptionService.decrypt(anyString())).thenReturn("changeit");
when(encryptionService.encrypt(anyString())).thenReturn("changeit");
SecurityManager securityManager = mock(SecurityManager.class);
Subject subject = mock(Subject.class);
PrincipalCollection principalCollection = mock(PrincipalCollection.class);
SecurityAssertion securityAssertion = mock(SecurityAssertion.class);
SecurityToken securityToken = mock(SecurityToken.class);
when(subject.getPrincipals()).thenReturn(principalCollection);
when(principalCollection.asList()).thenReturn(Collections.singletonList(securityAssertion));
when(securityAssertion.getSecurityToken()).thenReturn(securityToken);
when(securityToken.getToken()).thenReturn(readDocument("/saml.xml").getDocumentElement());
when(securityManager.getSubject(anyObject())).thenReturn(subject);
System.setProperty("javax.net.ssl.keyStore", jksFile.getAbsolutePath());
idpEndpoint = new IdpEndpoint(signatureFile.getAbsolutePath(), encryptionFile.getAbsolutePath(), encryptionService);
idpEndpoint.setStrictSignature(true);
idpEndpoint.init();
idpEndpoint.setSpMetadata(Collections.singletonList(spMetadata));
idpEndpoint.setSecurityManager(securityManager);
PKIAuthenticationTokenFactory pkiAuthenticationTokenFactory = new PKIAuthenticationTokenFactory();
pkiAuthenticationTokenFactory.setSignaturePropertiesPath(signatureFile.getAbsolutePath());
pkiAuthenticationTokenFactory.init();
idpEndpoint.setTokenFactory(pkiAuthenticationTokenFactory);
idpEndpoint.cookieCache.cacheSamlAssertion("1", readDocument("/saml.xml").getDocumentElement());
idpEndpoint.setExpirationTime(30);
relayState = "ef95c04b-6c05-4d12-b65f-dd32fed8811e";
requestCertificateAttributeName = "javax.servlet.request.X509Certificate";
requestURL = new StringBuffer("https://www.example.com");
samlConditionDateFormat = "yyyy-MM-dd'T'HH:mm:ss.SSS'Z'";
signature = authNRequestGetSignature;
signatureAlgorithm = "http://www.w3.org/2000/09/xmldsig#rsa-sha1";
ssoSAMLResponse = "https://localhost:8993/services/saml/sso?SAMLResponse=";
}
Also used :
SecurityToken(org.apache.cxf.ws.security.tokenstore.SecurityToken)
SecurityManager(ddf.security.service.SecurityManager)
PKIAuthenticationTokenFactory(org.codice.ddf.security.handler.api.PKIAuthenticationTokenFactory)
ByteArrayInputStream(java.io.ByteArrayInputStream)
InputStream(java.io.InputStream)
EncryptionService(ddf.security.encryption.EncryptionService)
FileOutputStream(java.io.FileOutputStream)
PrincipalCollection(org.apache.shiro.subject.PrincipalCollection)
SecurityAssertion(ddf.security.assertion.SecurityAssertion)
File(java.io.File)
Subject(ddf.security.Subject)
Before(org.junit.Before)
Example 2 with EncryptionService
use of ddf.security.encryption.EncryptionService in project ddf by codice.
the class TestAttributeQueryClaimsHandler method setUp.
@Before
public void setUp() throws IOException {
signatureProperties = mock(Object.class);
encryptionProperties = mock(Object.class);
service = mock(Service.class);
dispatch = (Dispatch<StreamSource>) mock(Dispatch.class);
encryptionService = mock(EncryptionService.class);
systemCrypto = new SystemCrypto("encryption.properties", "signature.properties", encryptionService);
simpleSign = new SimpleSign(systemCrypto);
supportedClaims = new ArrayList<>();
supportedClaims.add("Role");
supportedClaims.add("NameIdentifier");
supportedClaims.add("Email");
AttributeQueryClaimsHandlerTest attributeQueryClaimsHandler = new AttributeQueryClaimsHandlerTest();
spyAttributeQueryClaimsHandler = spy(attributeQueryClaimsHandler);
spyAttributeQueryClaimsHandler.setWsdlLocation("wsdlLocation");
spyAttributeQueryClaimsHandler.setServiceName("serviceName");
spyAttributeQueryClaimsHandler.setPortName("portName");
spyAttributeQueryClaimsHandler.setSimpleSign(simpleSign);
spyAttributeQueryClaimsHandler.setSupportedClaims(supportedClaims);
spyAttributeQueryClaimsHandler.setExternalAttributeStoreUrl(EXTERNAL_ATTRIBUTE_STORE);
spyAttributeQueryClaimsHandler.setIssuer(ISSUER);
spyAttributeQueryClaimsHandler.setDestination(DESTINATION);
spyAttributeQueryClaimsHandler.setAttributeMapLocation(getClass().getClassLoader().getResource("attributeMap.properties").getPath());
spyAttributeQueryClaimsHandler.setSignatureProperties(signatureProperties);
spyAttributeQueryClaimsHandler.setEncryptionProperties(encryptionProperties);
doReturn(service).when(spyAttributeQueryClaimsHandler).createService();
doReturn(dispatch).when(spyAttributeQueryClaimsHandler).createDispatcher(service);
cannedResponse = Resources.toString(Resources.getResource(getClass(), "/SAMLResponse.xml"), Charsets.UTF_8);
}
Also used :
SimpleSign(ddf.security.samlp.SimpleSign)
SystemCrypto(ddf.security.samlp.SystemCrypto)
EncryptionService(ddf.security.encryption.EncryptionService)
StreamSource(javax.xml.transform.stream.StreamSource)
Service(javax.xml.ws.Service)
EncryptionService(ddf.security.encryption.EncryptionService)
XMLObject(org.opensaml.core.xml.XMLObject)
Before(org.junit.Before)
Example 3 with EncryptionService
use of ddf.security.encryption.EncryptionService in project ddf by codice.
the class TestAttributeQueryClient method setUp.
@Before
public void setUp() throws IOException {
dispatch = mock(Dispatch.class);
encryptionService = mock(EncryptionService.class);
systemCrypto = new SystemCrypto("encryption.properties", "signature.properties", encryptionService);
SimpleSign simpleSign = new SimpleSign(systemCrypto);
spySimpleSign = spy(simpleSign);
attributeQueryClient = new AttributeQueryClient(dispatch, spySimpleSign, EXTERNAL_ATTRIBUTE_STORE, ISSUER, DESTINATION);
attributeQueryClient.setDispatch(dispatch);
attributeQueryClient.setSimpleSign(spySimpleSign);
attributeQueryClient.setExternalAttributeStoreUrl(EXTERNAL_ATTRIBUTE_STORE);
attributeQueryClient.setIssuer(ISSUER);
attributeQueryClient.setDestination(DESTINATION);
cannedResponse = Resources.toString(Resources.getResource(getClass(), "/SAMLResponse.xml"), Charsets.UTF_8);
}
Also used :
SimpleSign(ddf.security.samlp.SimpleSign)
SystemCrypto(ddf.security.samlp.SystemCrypto)
EncryptionService(ddf.security.encryption.EncryptionService)
Dispatch(javax.xml.ws.Dispatch)
Before(org.junit.Before)
Example 4 with EncryptionService
use of ddf.security.encryption.EncryptionService in project ddf by codice.
the class ConfluenceSourceTest method setup.
@Before
public void setup() {
MetacardType type = new MetacardTypeImpl("confluence", (List) null);
transformer = new ConfluenceInputTransformer(type);
encryptionService = mock(EncryptionService.class);
reader = mock(ResourceReader.class);
factory = mock(SecureCxfClientFactory.class);
client = mock(SearchResource.class);
clientResponse = mock(Response.class);
when(factory.getClient()).thenReturn(client);
doReturn(clientResponse).when(client).search(anyString(), anyString(), anyString(), anyString(), anyInt(), anyInt(), anyBoolean());
when(encryptionService.decryptValue(anyString())).thenReturn("decryptedPass");
confluence = new TestConfluenceSource(adapter, encryptionService, transformer, reader, factory);
confluence.setAvailabilityPollInterval(1);
confluence.setConfigurationPid("configPid");
confluence.setEndpointUrl("https://confluence/rest/api/content");
confluence.setExpandedSections(Collections.singletonList("expandedField"));
confluence.setUsername("username");
confluence.setPassword("password");
confluence.setIncludeArchivedSpaces(false);
List<String> additionalAttributes = new ArrayList<>();
additionalAttributes.add("attrib1=val1");
additionalAttributes.add("attrib2=val1,val2,val3");
confluence.setAdditionalAttributes(additionalAttributes);
}
Also used :
ResourceReader(ddf.catalog.resource.ResourceReader)
SourceResponse(ddf.catalog.operation.SourceResponse)
Response(javax.ws.rs.core.Response)
SecureCxfClientFactory(org.codice.ddf.cxf.SecureCxfClientFactory)
EncryptionService(ddf.security.encryption.EncryptionService)
ArrayList(java.util.ArrayList)
MetacardTypeImpl(ddf.catalog.data.impl.MetacardTypeImpl)
Matchers.anyString(org.mockito.Matchers.anyString)
SearchResource(org.codice.ddf.confluence.api.SearchResource)
MetacardType(ddf.catalog.data.MetacardType)
Before(org.junit.Before)
Example 5 with EncryptionService
use of ddf.security.encryption.EncryptionService in project ddf by codice.
the class EncryptionCodec method getEncryptionService.
private EncryptionService getEncryptionService() {
if (encryptionService != null) {
return encryptionService;
}
BundleContext context = getBundleContext();
ServiceReference<EncryptionService> securityManagerRef = context.getServiceReference(EncryptionService.class);
encryptionService = context.getService(securityManagerRef);
if (encryptionService == null) {
throw new NullPointerException("Encryption service reference cannot be null.");
}
return encryptionService;
}
Also used :
EncryptionService(ddf.security.encryption.EncryptionService)
BundleContext(org.osgi.framework.BundleContext)
Aggregations
EncryptionService (ddf.security.encryption.EncryptionService)9
Before (org.junit.Before)8
SimpleSign (ddf.security.samlp.SimpleSign)5
SystemCrypto (ddf.security.samlp.SystemCrypto)4
HttpServletRequest (javax.servlet.http.HttpServletRequest)3
Matchers.anyString (org.mockito.Matchers.anyString)3
Subject (ddf.security.Subject)2
SessionFactory (ddf.security.http.SessionFactory)2
InputStream (java.io.InputStream)2
ArrayList (java.util.ArrayList)2
SecurityToken (org.apache.cxf.ws.security.tokenstore.SecurityToken)2
SecureCxfClientFactory (org.codice.ddf.cxf.SecureCxfClientFactory)2
BundleContext (org.osgi.framework.BundleContext)2
Converter (com.thoughtworks.xstream.converters.Converter)1
MetacardType (ddf.catalog.data.MetacardType)1
MetacardTypeImpl (ddf.catalog.data.impl.MetacardTypeImpl)1
QueryRequest (ddf.catalog.operation.QueryRequest)1
SourceResponse (ddf.catalog.operation.SourceResponse)1
SourceResponseImpl (ddf.catalog.operation.impl.SourceResponseImpl)1
ResourceReader (ddf.catalog.resource.ResourceReader)1
