Search in sources :

Example 11 with JacksonJsonProvider

use of com.fasterxml.jackson.jaxrs.json.JacksonJsonProvider in project testcases by coheigea.

the class SyncopeUTValidator method validate.

public Credential validate(Credential credential, RequestData data) throws WSSecurityException {
    if (credential == null || credential.getUsernametoken() == null) {
        throw new WSSecurityException(WSSecurityException.ErrorCode.FAILURE, "noCredential");
    }
    // Validate the UsernameToken
    UsernameToken usernameToken = credential.getUsernametoken();
    String pwType = usernameToken.getPasswordType();
    if (log.isDebugEnabled()) {
        log.debug("UsernameToken user " + usernameToken.getName());
        log.debug("UsernameToken password type " + pwType);
    }
    if (!WSConstants.PASSWORD_TEXT.equals(pwType)) {
        if (log.isDebugEnabled()) {
            log.debug("Authentication failed - digest passwords are not accepted");
        }
        throw new WSSecurityException(WSSecurityException.ErrorCode.FAILED_AUTHENTICATION);
    }
    if (usernameToken.getPassword() == null) {
        if (log.isDebugEnabled()) {
            log.debug("Authentication failed - no password was provided");
        }
        throw new WSSecurityException(WSSecurityException.ErrorCode.FAILED_AUTHENTICATION);
    }
    // Send it off to Syncope for validation
    WebClient client = WebClient.create(address, Collections.singletonList(new JacksonJsonProvider()));
    String authorizationHeader = "Basic " + Base64Utility.encode((usernameToken.getName() + ":" + usernameToken.getPassword()).getBytes());
    client.header("Authorization", authorizationHeader);
    if (log.isDebugEnabled()) {
        log.debug("Authenticating user " + usernameToken.getName() + " to Syncope server");
    }
    client = client.path("users/self");
    try {
        UserTO user = client.get(UserTO.class);
        if (user == null) {
            throw new WSSecurityException(WSSecurityException.ErrorCode.FAILED_AUTHENTICATION);
        }
    } catch (RuntimeException ex) {
        if (log.isDebugEnabled()) {
            log.debug(ex.getMessage(), ex);
        }
        throw new WSSecurityException(WSSecurityException.ErrorCode.FAILED_AUTHENTICATION);
    }
    return credential;
}
Also used : UserTO(org.apache.syncope.common.lib.to.UserTO) JacksonJsonProvider(com.fasterxml.jackson.jaxrs.json.JacksonJsonProvider) UsernameToken(org.apache.wss4j.dom.message.token.UsernameToken) WSSecurityException(org.apache.wss4j.common.ext.WSSecurityException) WebClient(org.apache.cxf.jaxrs.client.WebClient)

Example 12 with JacksonJsonProvider

use of com.fasterxml.jackson.jaxrs.json.JacksonJsonProvider in project testcases by coheigea.

the class JWEJWSTest method testEncryptionSignatureListProperties.

@org.junit.Test
public void testEncryptionSignatureListProperties() throws Exception {
    URL busFile = JWEJWSTest.class.getResource("cxf-client.xml");
    List<Object> providers = new ArrayList<Object>();
    providers.add(new JacksonJsonProvider());
    providers.add(new JweWriterInterceptor());
    JwsJsonWriterInterceptor writer = new JwsJsonWriterInterceptor();
    writer.setUseJwsJsonOutputStream(true);
    providers.add(writer);
    String address = "http://localhost:" + PORT + "/doubleit/services";
    WebClient client = WebClient.create(address, providers, busFile.toString());
    client.type("application/json").accept("application/json");
    Map<String, Object> properties = new HashMap<String, Object>();
    properties.put("rs.security.encryption.properties", "clientEncKeystore.properties");
    properties.put("rs.security.signature.out.properties", "clientKeystore.properties");
    WebClient.getConfig(client).getRequestContext().putAll(properties);
    Number numberToDouble = new Number();
    numberToDouble.setDescription("This is the number to double");
    numberToDouble.setNumber(25);
    Response response = client.post(numberToDouble);
    assertEquals(response.getStatus(), 200);
    assertEquals(response.readEntity(Number.class).getNumber(), 50);
}
Also used : JwsJsonWriterInterceptor(org.apache.cxf.rs.security.jose.jaxrs.JwsJsonWriterInterceptor) HashMap(java.util.HashMap) JweWriterInterceptor(org.apache.cxf.rs.security.jose.jaxrs.JweWriterInterceptor) JacksonJsonProvider(com.fasterxml.jackson.jaxrs.json.JacksonJsonProvider) ArrayList(java.util.ArrayList) WebClient(org.apache.cxf.jaxrs.client.WebClient) URL(java.net.URL) Response(javax.ws.rs.core.Response) Number(org.apache.coheigea.cxf.jaxrs.json.common.Number)

Example 13 with JacksonJsonProvider

use of com.fasterxml.jackson.jaxrs.json.JacksonJsonProvider in project testcases by coheigea.

the class JWSSignatureTest method testPSSignatureCompact.

@org.junit.Test
public void testPSSignatureCompact() throws Exception {
    try {
        Security.addProvider(new BouncyCastleProvider());
        URL busFile = JWSSignatureTest.class.getResource("cxf-client.xml");
        List<Object> providers = new ArrayList<Object>();
        providers.add(new JacksonJsonProvider());
        JwsWriterInterceptor writer = new JwsWriterInterceptor();
        providers.add(writer);
        String address = "http://localhost:" + PORT4 + "/doubleit/services";
        WebClient client = WebClient.create(address, providers, busFile.toString());
        client.type("application/json").accept("application/json");
        Map<String, Object> properties = new HashMap<String, Object>();
        properties.put("rs.security.keystore.type", "jks");
        properties.put("rs.security.keystore.password", "cspass");
        properties.put("rs.security.keystore.alias", "myclientkey");
        properties.put("rs.security.keystore.file", "clientstore.jks");
        properties.put("rs.security.key.password", "ckpass");
        properties.put("rs.security.signature.algorithm", "PS256");
        WebClient.getConfig(client).getRequestContext().putAll(properties);
        Number numberToDouble = new Number();
        numberToDouble.setDescription("This is the number to double");
        numberToDouble.setNumber(25);
        Response response = client.post(numberToDouble);
        assertEquals(response.getStatus(), 200);
        assertEquals(response.readEntity(Number.class).getNumber(), 50);
    } finally {
        Security.removeProvider(BouncyCastleProvider.class.getName());
    }
}
Also used : HashMap(java.util.HashMap) JacksonJsonProvider(com.fasterxml.jackson.jaxrs.json.JacksonJsonProvider) ArrayList(java.util.ArrayList) WebClient(org.apache.cxf.jaxrs.client.WebClient) URL(java.net.URL) Response(javax.ws.rs.core.Response) Number(org.apache.coheigea.cxf.jaxrs.json.common.Number) JwsWriterInterceptor(org.apache.cxf.rs.security.jose.jaxrs.JwsWriterInterceptor) BouncyCastleProvider(org.bouncycastle.jce.provider.BouncyCastleProvider)

Example 14 with JacksonJsonProvider

use of com.fasterxml.jackson.jaxrs.json.JacksonJsonProvider in project testcases by coheigea.

the class JWSSignatureTest method testSignatureCompactDynamicProperties.

@org.junit.Test
public void testSignatureCompactDynamicProperties() throws Exception {
    URL busFile = JWSSignatureTest.class.getResource("cxf-client.xml");
    List<Object> providers = new ArrayList<Object>();
    providers.add(new JacksonJsonProvider());
    JwsWriterInterceptor writer = new JwsWriterInterceptor();
    providers.add(writer);
    String address = "http://localhost:" + PORT2 + "/doubleit/services";
    WebClient client = WebClient.create(address, providers, busFile.toString());
    client.type("application/json").accept("application/json");
    Map<String, Object> properties = new HashMap<String, Object>();
    properties.put("rs.security.keystore.type", "jks");
    properties.put("rs.security.keystore.password", "cspass");
    properties.put("rs.security.keystore.alias", "myclientkey");
    properties.put("rs.security.keystore.file", "clientstore.jks");
    properties.put("rs.security.key.password", "ckpass");
    properties.put("rs.security.signature.algorithm", "RS256");
    WebClient.getConfig(client).getRequestContext().putAll(properties);
    Number numberToDouble = new Number();
    numberToDouble.setDescription("This is the number to double");
    numberToDouble.setNumber(25);
    Response response = client.post(numberToDouble);
    assertEquals(response.getStatus(), 200);
    assertEquals(response.readEntity(Number.class).getNumber(), 50);
}
Also used : Response(javax.ws.rs.core.Response) Number(org.apache.coheigea.cxf.jaxrs.json.common.Number) HashMap(java.util.HashMap) JacksonJsonProvider(com.fasterxml.jackson.jaxrs.json.JacksonJsonProvider) ArrayList(java.util.ArrayList) JwsWriterInterceptor(org.apache.cxf.rs.security.jose.jaxrs.JwsWriterInterceptor) WebClient(org.apache.cxf.jaxrs.client.WebClient) URL(java.net.URL)

Example 15 with JacksonJsonProvider

use of com.fasterxml.jackson.jaxrs.json.JacksonJsonProvider in project testcases by coheigea.

the class JWSSignatureTest method testImposterSignature.

@org.junit.Test
public void testImposterSignature() throws Exception {
    URL busFile = JWSSignatureTest.class.getResource("cxf-client.xml");
    List<Object> providers = new ArrayList<Object>();
    providers.add(new JacksonJsonProvider());
    JwsWriterInterceptor writer = new JwsWriterInterceptor();
    providers.add(writer);
    String address = "http://localhost:" + PORT2 + "/doubleit/services";
    WebClient client = WebClient.create(address, providers, busFile.toString());
    client.type("application/json").accept("application/json");
    Map<String, Object> properties = new HashMap<String, Object>();
    properties.put("rs.security.keystore.type", "jks");
    properties.put("rs.security.keystore.password", "ispass");
    properties.put("rs.security.keystore.alias", "imposter");
    properties.put("rs.security.keystore.file", "imposter.jks");
    properties.put("rs.security.key.password", "ikpass");
    properties.put("rs.security.signature.algorithm", "RS256");
    WebClient.getConfig(client).getRequestContext().putAll(properties);
    Number numberToDouble = new Number();
    numberToDouble.setDescription("This is the number to double");
    numberToDouble.setNumber(25);
    Response response = client.post(numberToDouble);
    assertNotEquals(response.getStatus(), 200);
}
Also used : Response(javax.ws.rs.core.Response) Number(org.apache.coheigea.cxf.jaxrs.json.common.Number) HashMap(java.util.HashMap) JacksonJsonProvider(com.fasterxml.jackson.jaxrs.json.JacksonJsonProvider) ArrayList(java.util.ArrayList) JwsWriterInterceptor(org.apache.cxf.rs.security.jose.jaxrs.JwsWriterInterceptor) WebClient(org.apache.cxf.jaxrs.client.WebClient) URL(java.net.URL)

Aggregations

JacksonJsonProvider (com.fasterxml.jackson.jaxrs.json.JacksonJsonProvider)217 WebClient (org.apache.cxf.jaxrs.client.WebClient)149 Response (javax.ws.rs.core.Response)127 ArrayList (java.util.ArrayList)109 HashMap (java.util.HashMap)104 URL (java.net.URL)103 Book (org.apache.cxf.systest.jaxrs.security.Book)76 Test (org.junit.Test)66 JwtAuthenticationClientFilter (org.apache.cxf.rs.security.jose.jaxrs.JwtAuthenticationClientFilter)50 JwtClaims (org.apache.cxf.rs.security.jose.jwt.JwtClaims)50 JwtToken (org.apache.cxf.rs.security.jose.jwt.JwtToken)45 ClientBuilder (javax.ws.rs.client.ClientBuilder)28 Number (org.apache.coheigea.cxf.jaxrs.json.common.Number)28 List (java.util.List)27 JwsWriterInterceptor (org.apache.cxf.rs.security.jose.jaxrs.JwsWriterInterceptor)27 LinkedList (java.util.LinkedList)26 GenericType (javax.ws.rs.core.GenericType)26 MediaType (javax.ws.rs.core.MediaType)26 AbstractResourceInfo (org.apache.cxf.jaxrs.model.AbstractResourceInfo)26 AbstractBusClientServerTestBase (org.apache.cxf.testutil.common.AbstractBusClientServerTestBase)26