Example 1 with GuestPrincipal
use of ddf.security.principal.GuestPrincipal in project ddf by codice.
the class GuestValidator method validateToken.
@Override
public TokenValidatorResponse validateToken(TokenValidatorParameters tokenParameters) {
TokenValidatorResponse response = new TokenValidatorResponse();
ReceivedToken validateTarget = tokenParameters.getToken();
validateTarget.setState(ReceivedToken.STATE.INVALID);
GuestAuthenticationToken guestToken = getGuestTokenFromTarget(validateTarget);
response.setToken(validateTarget);
if (guestToken != null) {
response.setPrincipal(new GuestPrincipal(guestToken.getIpAddress()));
if (guestToken.getRealm() != null) {
if ((supportedRealm.contains(guestToken.getRealm()) || "*".equals(guestToken.getRealm())) && guestToken.getCredentials().equals(GuestAuthenticationToken.GUEST_CREDENTIALS) && validIpAddress(guestToken.getIpAddress())) {
validateTarget.setState(ReceivedToken.STATE.VALID);
validateTarget.setPrincipal(new GuestPrincipal(guestToken.getIpAddress()));
}
} else if (guestToken.getCredentials().equals(GuestAuthenticationToken.GUEST_CREDENTIALS) && validIpAddress(guestToken.getIpAddress())) {
validateTarget.setState(ReceivedToken.STATE.VALID);
validateTarget.setPrincipal(new GuestPrincipal(guestToken.getIpAddress()));
}
}
return response;
}
Also used :
GuestAuthenticationToken(org.codice.ddf.security.handler.api.GuestAuthenticationToken)
GuestPrincipal(ddf.security.principal.GuestPrincipal)
TokenValidatorResponse(org.apache.cxf.sts.token.validator.TokenValidatorResponse)
ReceivedToken(org.apache.cxf.sts.request.ReceivedToken)
Example 2 with GuestPrincipal
use of ddf.security.principal.GuestPrincipal in project ddf by codice.
the class GuestClaimsHandler method retrieveClaimValues.
@Override
public ProcessedClaimCollection retrieveClaimValues(ClaimCollection claims, ClaimsParameters parameters) {
ProcessedClaimCollection claimsColl = new ProcessedClaimCollection();
Principal principal = parameters.getPrincipal();
for (Claim claim : claims) {
URI claimType = claim.getClaimType();
List<String> value = claimsMap.get(claimType);
if (value != null) {
ProcessedClaim c = new ProcessedClaim();
c.setClaimType(claimType);
c.setPrincipal(principal);
for (String val : value) {
c.addValue(val);
}
claimsColl.add(c);
}
}
if (principal != null && principal instanceof GuestPrincipal) {
String ipAddress = ((GuestPrincipal) principal).getAddress();
if (ipAddress != null) {
try {
ProcessedClaim ipClaim = new ProcessedClaim();
ipClaim.setClaimType(new URI(IP_ADDRESS_CLAIMS_KEY));
ipClaim.setPrincipal(principal);
ipClaim.addValue(ipAddress);
claimsColl.add(ipClaim);
} catch (URISyntaxException e) {
LOGGER.info("Claims mapping cannot be converted to a URI. Ip claim will be excluded", e);
}
}
}
return claimsColl;
}
Also used :
ProcessedClaimCollection(org.apache.cxf.sts.claims.ProcessedClaimCollection)
ProcessedClaim(org.apache.cxf.sts.claims.ProcessedClaim)
GuestPrincipal(ddf.security.principal.GuestPrincipal)
URISyntaxException(java.net.URISyntaxException)
URI(java.net.URI)
GuestPrincipal(ddf.security.principal.GuestPrincipal)
Principal(java.security.Principal)
ProcessedClaim(org.apache.cxf.sts.claims.ProcessedClaim)
Claim(org.apache.cxf.rt.security.claims.Claim)
Example 3 with GuestPrincipal
use of ddf.security.principal.GuestPrincipal in project ddf by codice.
the class GuestClaimsHandlerTest method testRetrieveClaims.
@Test
public void testRetrieveClaims() throws URISyntaxException {
GuestClaimsHandler claimsHandler = new GuestClaimsHandler();
claimsHandler.setAttributes(Arrays.asList("http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier=Guest", "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress=Guest@guest.com|someguy@somesite.com|somedude@cool.com", "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname=Guest"));
ClaimCollection requestClaims = new ClaimCollection();
Claim requestClaim = new Claim();
URI nameURI = new URI("http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier");
requestClaim.setClaimType(nameURI);
requestClaims.add(requestClaim);
requestClaim = new Claim();
URI emailURI = new URI("http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress");
requestClaim.setClaimType(emailURI);
requestClaims.add(requestClaim);
requestClaim = new Claim();
URI fooURI = new URI("http://schemas.xmlsoap.org/ws/2005/05/identity/claims/foobar");
requestClaim.setClaimType(fooURI);
requestClaim.setOptional(true);
requestClaims.add(requestClaim);
ClaimsParameters claimsParameters = new ClaimsParameters();
claimsParameters.setPrincipal(new GuestPrincipal("127.0.0.1"));
List<URI> supportedClaims = claimsHandler.getSupportedClaimTypes();
assertEquals(3, supportedClaims.size());
ProcessedClaimCollection claimsCollection = claimsHandler.retrieveClaimValues(requestClaims, claimsParameters);
assertEquals(3, claimsCollection.size());
for (ProcessedClaim claim : claimsCollection) {
if (claim.getClaimType().equals(nameURI)) {
assertEquals(1, claim.getValues().size());
assertEquals("Guest", claim.getValues().get(0));
} else if (claim.getClaimType().equals(emailURI)) {
assertEquals(3, claim.getValues().size());
List<Object> values = claim.getValues();
assertEquals("Guest@guest.com", values.get(0));
assertEquals("someguy@somesite.com", values.get(1));
assertEquals("somedude@cool.com", values.get(2));
} else if (claim.getClaimType().equals("IpAddress")) {
assertEquals("127.0.0.1", claim.getValues().get(0));
}
assertFalse(claim.getClaimType().equals(fooURI));
}
claimsParameters = new ClaimsParameters();
claimsCollection = claimsHandler.retrieveClaimValues(requestClaims, claimsParameters);
assertEquals(2, claimsCollection.size());
claimsParameters = new ClaimsParameters();
claimsParameters.setPrincipal(new CustomTokenPrincipal("SomeValue"));
claimsCollection = claimsHandler.retrieveClaimValues(requestClaims, claimsParameters);
assertEquals(2, claimsCollection.size());
}
Also used :
CustomTokenPrincipal(org.apache.wss4j.common.principal.CustomTokenPrincipal)
ProcessedClaimCollection(org.apache.cxf.sts.claims.ProcessedClaimCollection)
ProcessedClaim(org.apache.cxf.sts.claims.ProcessedClaim)
GuestPrincipal(ddf.security.principal.GuestPrincipal)
List(java.util.List)
ClaimCollection(org.apache.cxf.rt.security.claims.ClaimCollection)
ProcessedClaimCollection(org.apache.cxf.sts.claims.ProcessedClaimCollection)
URI(java.net.URI)
ProcessedClaim(org.apache.cxf.sts.claims.ProcessedClaim)
Claim(org.apache.cxf.rt.security.claims.Claim)
ClaimsParameters(org.apache.cxf.sts.claims.ClaimsParameters)
Test(org.junit.Test)
Aggregations
GuestPrincipal (ddf.security.principal.GuestPrincipal)3
URI (java.net.URI)2
Claim (org.apache.cxf.rt.security.claims.Claim)2
ProcessedClaim (org.apache.cxf.sts.claims.ProcessedClaim)2
ProcessedClaimCollection (org.apache.cxf.sts.claims.ProcessedClaimCollection)2
URISyntaxException (java.net.URISyntaxException)1
Principal (java.security.Principal)1
List (java.util.List)1
ClaimCollection (org.apache.cxf.rt.security.claims.ClaimCollection)1
ClaimsParameters (org.apache.cxf.sts.claims.ClaimsParameters)1
ReceivedToken (org.apache.cxf.sts.request.ReceivedToken)1
TokenValidatorResponse (org.apache.cxf.sts.token.validator.TokenValidatorResponse)1
CustomTokenPrincipal (org.apache.wss4j.common.principal.CustomTokenPrincipal)1
GuestAuthenticationToken (org.codice.ddf.security.handler.api.GuestAuthenticationToken)1
Test (org.junit.Test)1
