Examples with WebClient org.apache.cxf.jaxrs.client.WebClient used on opensource projects

Search in sources :

Example 66 with WebClient

use of org.apache.cxf.jaxrs.client.WebClient in project cxf by apache.

the class STSRESTTest method testIssueSymmetricKeySaml1.

@org.junit.Test
public void testIssueSymmetricKeySaml1() throws Exception {
    SpringBusFactory bf = new SpringBusFactory();
    URL busFile = STSRESTTest.class.getResource("cxf-client.xml");
    Bus bus = bf.createBus(busFile.toString());
    BusFactory.setDefaultBus(bus);
    BusFactory.setThreadDefaultBus(bus);
    String address = "https://localhost:" + STSPORT + "/SecurityTokenService/token";
    WebClient client = WebClient.create(address, busFile.toString());
    client.accept("application/xml");
    client.path("saml1.1");
    client.query("keyType", SYMMETRIC_KEY_KEYTYPE);
    Response response = client.get();
    Document assertionDoc = response.readEntity(Document.class);
    assertNotNull(assertionDoc);
    // Process the token
    List<WSSecurityEngineResult> results = processToken(assertionDoc.getDocumentElement());
    assertTrue(results != null && results.size() == 1);
    SamlAssertionWrapper assertion = (SamlAssertionWrapper) results.get(0).get(WSSecurityEngineResult.TAG_SAML_ASSERTION);
    assertTrue(assertion != null);
    assertTrue(assertion.getSaml2() == null && assertion.getSaml1() != null);
    assertTrue(assertion.isSigned());
    List<String> methods = assertion.getConfirmationMethods();
    String confirmMethod = null;
    if (methods != null && !methods.isEmpty()) {
        confirmMethod = methods.get(0);
    }
    assertTrue(OpenSAMLUtil.isMethodHolderOfKey(confirmMethod));
    SAMLKeyInfo subjectKeyInfo = assertion.getSubjectKeyInfo();
    assertTrue(subjectKeyInfo.getSecret() != null);
    bus.shutdown(true);
}
Also used : Response(javax.ws.rs.core.Response) Bus(org.apache.cxf.Bus) SpringBusFactory(org.apache.cxf.bus.spring.SpringBusFactory) SAMLKeyInfo(org.apache.wss4j.common.saml.SAMLKeyInfo) SamlAssertionWrapper(org.apache.wss4j.common.saml.SamlAssertionWrapper) Document(org.w3c.dom.Document) WebClient(org.apache.cxf.jaxrs.client.WebClient) WSSecurityEngineResult(org.apache.wss4j.dom.engine.WSSecurityEngineResult) URL(java.net.URL)

Example 67 with WebClient

use of org.apache.cxf.jaxrs.client.WebClient in project cxf by apache.

the class STSRESTTest method testValidateSAML2Token.

@org.junit.Test
public void testValidateSAML2Token() throws Exception {
    SpringBusFactory bf = new SpringBusFactory();
    URL busFile = STSRESTTest.class.getResource("cxf-client.xml");
    Bus bus = bf.createBus(busFile.toString());
    BusFactory.setDefaultBus(bus);
    BusFactory.setThreadDefaultBus(bus);
    String address = "https://localhost:" + STSPORT + "/SecurityTokenService/token";
    WebClient client = WebClient.create(address, busFile.toString());
    client.type("application/xml").accept("application/xml");
    client.path("saml2.0");
    // 1. Get a token via GET
    Response response = client.get();
    Document assertionDoc = response.readEntity(Document.class);
    assertNotNull(assertionDoc);
    // 2. Now validate it in the STS using POST
    client = WebClient.create(address, busFile.toString());
    client.type("application/xml").accept("application/xml");
    client.query("action", "validate");
    // Create RequestSecurityToken
    W3CDOMStreamWriter writer = new W3CDOMStreamWriter();
    String namespace = STSUtils.WST_NS_05_12;
    writer.writeStartElement("wst", "RequestSecurityToken", namespace);
    writer.writeNamespace("wst", namespace);
    writer.writeStartElement("wst", "RequestType", namespace);
    writer.writeCharacters(namespace + "/Validate");
    writer.writeEndElement();
    writer.writeStartElement("wst", "TokenType", namespace);
    String tokenType = namespace + "/RSTR/Status";
    writer.writeCharacters(tokenType);
    writer.writeEndElement();
    writer.writeStartElement("wst", "ValidateTarget", namespace);
    StaxUtils.copy(assertionDoc.getDocumentElement(), writer);
    writer.writeEndElement();
    writer.writeEndElement();
    response = client.post(new DOMSource(writer.getDocument().getDocumentElement()));
    RequestSecurityTokenResponseType securityResponse = response.readEntity(RequestSecurityTokenResponseType.class);
    StatusType status = null;
    for (Object obj : securityResponse.getAny()) {
        if (obj instanceof JAXBElement<?>) {
            JAXBElement<?> jaxbElement = (JAXBElement<?>) obj;
            if ("Status".equals(jaxbElement.getName().getLocalPart())) {
                status = (StatusType) jaxbElement.getValue();
                break;
            }
        }
    }
    assertNotNull(status);
    // Check the token was valid
    String validCode = "http://docs.oasis-open.org/ws-sx/ws-trust/200512/status/valid";
    assertEquals(validCode, status.getCode());
    bus.shutdown(true);
}
Also used : Bus(org.apache.cxf.Bus) W3CDOMStreamWriter(org.apache.cxf.staxutils.W3CDOMStreamWriter) DOMSource(javax.xml.transform.dom.DOMSource) RequestSecurityTokenResponseType(org.apache.cxf.ws.security.sts.provider.model.RequestSecurityTokenResponseType) JAXBElement(javax.xml.bind.JAXBElement) Document(org.w3c.dom.Document) WebClient(org.apache.cxf.jaxrs.client.WebClient) URL(java.net.URL) Response(javax.ws.rs.core.Response) SpringBusFactory(org.apache.cxf.bus.spring.SpringBusFactory) StatusType(org.apache.cxf.ws.security.sts.provider.model.StatusType)

Example 68 with WebClient

use of org.apache.cxf.jaxrs.client.WebClient in project cxf by apache.

the class STSRESTTest method testExplicitlyIssueSAML1TokenViaPOST.

@org.junit.Test
public void testExplicitlyIssueSAML1TokenViaPOST() throws Exception {
    SpringBusFactory bf = new SpringBusFactory();
    URL busFile = STSRESTTest.class.getResource("cxf-client.xml");
    Bus bus = bf.createBus(busFile.toString());
    BusFactory.setDefaultBus(bus);
    BusFactory.setThreadDefaultBus(bus);
    String address = "https://localhost:" + STSPORT + "/SecurityTokenService/token";
    WebClient client = WebClient.create(address, busFile.toString());
    client.type("application/xml").accept("application/xml");
    client.query("action", "issue");
    // Create RequestSecurityToken
    W3CDOMStreamWriter writer = new W3CDOMStreamWriter();
    String namespace = STSUtils.WST_NS_05_12;
    writer.writeStartElement("wst", "RequestSecurityToken", namespace);
    writer.writeNamespace("wst", namespace);
    writer.writeStartElement("wst", "RequestType", namespace);
    writer.writeCharacters(namespace + "/Issue");
    writer.writeEndElement();
    writer.writeStartElement("wst", "TokenType", namespace);
    writer.writeCharacters(SAML1_TOKEN_TYPE);
    writer.writeEndElement();
    writer.writeEndElement();
    Response response = client.post(new DOMSource(writer.getDocument().getDocumentElement()));
    RequestSecurityTokenResponseType securityResponse = response.readEntity(RequestSecurityTokenResponseType.class);
    validateSAMLSecurityTokenResponse(securityResponse, false);
    bus.shutdown(true);
}
Also used : Response(javax.ws.rs.core.Response) Bus(org.apache.cxf.Bus) W3CDOMStreamWriter(org.apache.cxf.staxutils.W3CDOMStreamWriter) DOMSource(javax.xml.transform.dom.DOMSource) SpringBusFactory(org.apache.cxf.bus.spring.SpringBusFactory) RequestSecurityTokenResponseType(org.apache.cxf.ws.security.sts.provider.model.RequestSecurityTokenResponseType) WebClient(org.apache.cxf.jaxrs.client.WebClient) URL(java.net.URL)

Example 69 with WebClient

use of org.apache.cxf.jaxrs.client.WebClient in project cxf by apache.

the class STSRESTTest method testIssueSAML2TokenViaWSTrust.

@org.junit.Test
public void testIssueSAML2TokenViaWSTrust() throws Exception {
    SpringBusFactory bf = new SpringBusFactory();
    URL busFile = STSRESTTest.class.getResource("cxf-client.xml");
    Bus bus = bf.createBus(busFile.toString());
    BusFactory.setDefaultBus(bus);
    BusFactory.setThreadDefaultBus(bus);
    String address = "https://localhost:" + STSPORT + "/SecurityTokenService/token";
    WebClient client = WebClient.create(address, busFile.toString());
    client.accept("application/xml");
    client.path("saml2.0");
    client.query("wstrustResponse", "true");
    Response response = client.get();
    RequestSecurityTokenResponseType securityResponse = response.readEntity(RequestSecurityTokenResponseType.class);
    validateSAMLSecurityTokenResponse(securityResponse, true);
    bus.shutdown(true);
}
Also used : Response(javax.ws.rs.core.Response) Bus(org.apache.cxf.Bus) SpringBusFactory(org.apache.cxf.bus.spring.SpringBusFactory) RequestSecurityTokenResponseType(org.apache.cxf.ws.security.sts.provider.model.RequestSecurityTokenResponseType) WebClient(org.apache.cxf.jaxrs.client.WebClient) URL(java.net.URL)

Example 70 with WebClient

use of org.apache.cxf.jaxrs.client.WebClient in project cxf by apache.

the class STSRESTTest method testIssueBearerSAML1Token.

@org.junit.Test
public void testIssueBearerSAML1Token() throws Exception {
    SpringBusFactory bf = new SpringBusFactory();
    URL busFile = STSRESTTest.class.getResource("cxf-client.xml");
    Bus bus = bf.createBus(busFile.toString());
    BusFactory.setDefaultBus(bus);
    BusFactory.setThreadDefaultBus(bus);
    String address = "https://localhost:" + STSPORT + "/SecurityTokenService/token";
    WebClient client = WebClient.create(address, busFile.toString());
    client.accept("application/xml");
    client.path("saml1.1");
    client.query("keyType", BEARER_KEYTYPE);
    Response response = client.get();
    Document assertionDoc = response.readEntity(Document.class);
    assertNotNull(assertionDoc);
    // Process the token
    List<WSSecurityEngineResult> results = processToken(assertionDoc.getDocumentElement());
    assertTrue(results != null && results.size() == 1);
    SamlAssertionWrapper assertion = (SamlAssertionWrapper) results.get(0).get(WSSecurityEngineResult.TAG_SAML_ASSERTION);
    assertTrue(assertion != null);
    assertTrue(assertion.getSaml2() == null && assertion.getSaml1() != null);
    assertTrue(assertion.isSigned());
    List<String> methods = assertion.getConfirmationMethods();
    String confirmMethod = null;
    if (methods != null && !methods.isEmpty()) {
        confirmMethod = methods.get(0);
    }
    assertTrue(confirmMethod.contains("bearer"));
    bus.shutdown(true);
}
Also used : Response(javax.ws.rs.core.Response) Bus(org.apache.cxf.Bus) SpringBusFactory(org.apache.cxf.bus.spring.SpringBusFactory) SamlAssertionWrapper(org.apache.wss4j.common.saml.SamlAssertionWrapper) Document(org.w3c.dom.Document) WebClient(org.apache.cxf.jaxrs.client.WebClient) WSSecurityEngineResult(org.apache.wss4j.dom.engine.WSSecurityEngineResult) URL(java.net.URL)

Aggregations

WebClient (org.apache.cxf.jaxrs.client.WebClient)723 Test (org.junit.Test)400 Response (javax.ws.rs.core.Response)351 URL (java.net.URL)198 HashMap (java.util.HashMap)100 Book (org.apache.cxf.systest.jaxrs.security.Book)94 ArrayList (java.util.ArrayList)88 JacksonJsonProvider (com.fasterxml.jackson.jaxrs.json.JacksonJsonProvider)87 CloseableHttpResponse (org.apache.http.client.methods.CloseableHttpResponse)77 ClientAccessToken (org.apache.cxf.rs.security.oauth2.common.ClientAccessToken)60 Bus (org.apache.cxf.Bus)48 SpringBusFactory (org.apache.cxf.bus.spring.SpringBusFactory)46 Test (org.testng.annotations.Test)46 Form (javax.ws.rs.core.Form)44 JwtToken (org.apache.cxf.rs.security.jose.jwt.JwtToken)42 JwtClaims (org.apache.cxf.rs.security.jose.jwt.JwtClaims)40 JwtAuthenticationClientFilter (org.apache.cxf.rs.security.jose.jaxrs.JwtAuthenticationClientFilter)32 InputStream (java.io.InputStream)28 ResponseProcessingException (javax.ws.rs.client.ResponseProcessingException)28 Document (org.w3c.dom.Document)27
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial