Example 71 with WebClient
use of org.apache.cxf.jaxrs.client.WebClient in project cxf by apache.
the class STSRESTTest method testIssueJWTTokenAppliesTo.
@org.junit.Test
public void testIssueJWTTokenAppliesTo() throws Exception {
SpringBusFactory bf = new SpringBusFactory();
URL busFile = STSRESTTest.class.getResource("cxf-client.xml");
Bus bus = bf.createBus(busFile.toString());
BusFactory.setDefaultBus(bus);
BusFactory.setThreadDefaultBus(bus);
String address = "https://localhost:" + STSPORT + "/SecurityTokenService/token";
WebClient client = WebClient.create(address, busFile.toString());
client.accept("text/plain");
client.path("jwt");
client.query("appliesTo", DEFAULT_ADDRESS);
Response response = client.get();
String token = response.readEntity(String.class);
assertNotNull(token);
validateJWTToken(token, DEFAULT_ADDRESS);
}
Also used :
Response(javax.ws.rs.core.Response)
Bus(org.apache.cxf.Bus)
SpringBusFactory(org.apache.cxf.bus.spring.SpringBusFactory)
WebClient(org.apache.cxf.jaxrs.client.WebClient)
URL(java.net.URL)
Example 72 with WebClient
use of org.apache.cxf.jaxrs.client.WebClient in project cxf by apache.
the class STSRESTTest method testDefaultJWTFormat.
@org.junit.Test
public void testDefaultJWTFormat() throws Exception {
SpringBusFactory bf = new SpringBusFactory();
URL busFile = STSRESTTest.class.getResource("cxf-client.xml");
Bus bus = bf.createBus(busFile.toString());
BusFactory.setDefaultBus(bus);
BusFactory.setThreadDefaultBus(bus);
String address = "https://localhost:" + STSPORT + "/SecurityTokenService/token";
WebClient client = WebClient.create(address, busFile.toString());
client.accept("*");
client.path("jwt");
Response response = client.get();
// It should be XML
Document doc = response.readEntity(Document.class);
assertNotNull(doc);
}Example 73 with WebClient
use of org.apache.cxf.jaxrs.client.WebClient in project cxf by apache.
the class STSRESTTest method testIssueSAML2Token.
@org.junit.Test
public void testIssueSAML2Token() throws Exception {
SpringBusFactory bf = new SpringBusFactory();
URL busFile = STSRESTTest.class.getResource("cxf-client.xml");
Bus bus = bf.createBus(busFile.toString());
BusFactory.setDefaultBus(bus);
BusFactory.setThreadDefaultBus(bus);
String address = "https://localhost:" + STSPORT + "/SecurityTokenService/token";
WebClient client = WebClient.create(address, busFile.toString());
client.accept("application/xml");
client.path("saml2.0");
Response response = client.get();
Document assertionDoc = response.readEntity(Document.class);
assertNotNull(assertionDoc);
// Process the token
List<WSSecurityEngineResult> results = processToken(assertionDoc.getDocumentElement());
assertTrue(results != null && results.size() == 1);
SamlAssertionWrapper assertion = (SamlAssertionWrapper) results.get(0).get(WSSecurityEngineResult.TAG_SAML_ASSERTION);
assertTrue(assertion != null);
assertTrue(assertion.getSaml2() != null && assertion.getSaml1() == null);
assertTrue(assertion.isSigned());
bus.shutdown(true);
}
Also used :
Response(javax.ws.rs.core.Response)
Bus(org.apache.cxf.Bus)
SpringBusFactory(org.apache.cxf.bus.spring.SpringBusFactory)
SamlAssertionWrapper(org.apache.wss4j.common.saml.SamlAssertionWrapper)
Document(org.w3c.dom.Document)
WebClient(org.apache.cxf.jaxrs.client.WebClient)
WSSecurityEngineResult(org.apache.wss4j.dom.engine.WSSecurityEngineResult)
URL(java.net.URL)
Example 74 with WebClient
use of org.apache.cxf.jaxrs.client.WebClient in project cxf by apache.
the class STSRESTTest method testRenewSAML2Token.
@org.junit.Test
public void testRenewSAML2Token() throws Exception {
SpringBusFactory bf = new SpringBusFactory();
URL busFile = STSRESTTest.class.getResource("cxf-client.xml");
Bus bus = bf.createBus(busFile.toString());
BusFactory.setDefaultBus(bus);
BusFactory.setThreadDefaultBus(bus);
String address = "https://localhost:" + STSPORT + "/SecurityTokenService/token";
WebClient client = WebClient.create(address, busFile.toString());
client.type("application/xml").accept("application/xml");
client.query("action", "issue");
// 1. Get a token via POST
// Create RequestSecurityToken
W3CDOMStreamWriter writer = new W3CDOMStreamWriter();
String namespace = STSUtils.WST_NS_05_12;
writer.writeStartElement("wst", "RequestSecurityToken", namespace);
writer.writeNamespace("wst", namespace);
writer.writeStartElement("wst", "RequestType", namespace);
writer.writeCharacters(namespace + "/Issue");
writer.writeEndElement();
writer.writeStartElement("wst", "TokenType", namespace);
writer.writeCharacters(SAML2_TOKEN_TYPE);
writer.writeEndElement();
writer.writeEndElement();
Response response = client.post(new DOMSource(writer.getDocument().getDocumentElement()));
RequestSecurityTokenResponseType securityResponse = response.readEntity(RequestSecurityTokenResponseType.class);
Element token = validateSAMLSecurityTokenResponse(securityResponse, true);
// 2. Now validate it in the STS using POST
client = WebClient.create(address, busFile.toString());
client.type("application/xml").accept("application/xml");
client.query("action", "renew");
// Create RequestSecurityToken
writer = new W3CDOMStreamWriter();
writer.writeStartElement("wst", "RequestSecurityToken", namespace);
writer.writeNamespace("wst", namespace);
writer.writeStartElement("wst", "RequestType", namespace);
writer.writeCharacters(namespace + "/Renew");
writer.writeEndElement();
writer.writeStartElement("wst", "RenewTarget", namespace);
StaxUtils.copy(token, writer);
writer.writeEndElement();
writer.writeEndElement();
response = client.post(new DOMSource(writer.getDocument().getDocumentElement()));
securityResponse = response.readEntity(RequestSecurityTokenResponseType.class);
validateSAMLSecurityTokenResponse(securityResponse, true);
bus.shutdown(true);
}
Also used :
Response(javax.ws.rs.core.Response)
Bus(org.apache.cxf.Bus)
W3CDOMStreamWriter(org.apache.cxf.staxutils.W3CDOMStreamWriter)
DOMSource(javax.xml.transform.dom.DOMSource)
SpringBusFactory(org.apache.cxf.bus.spring.SpringBusFactory)
JAXBElement(javax.xml.bind.JAXBElement)
Element(org.w3c.dom.Element)
RequestSecurityTokenResponseType(org.apache.cxf.ws.security.sts.provider.model.RequestSecurityTokenResponseType)
WebClient(org.apache.cxf.jaxrs.client.WebClient)
URL(java.net.URL)
Example 75 with WebClient
use of org.apache.cxf.jaxrs.client.WebClient in project cxf by apache.
the class STSRESTTest method testIssueJWTTokenViaPOST.
@org.junit.Test
public void testIssueJWTTokenViaPOST() throws Exception {
SpringBusFactory bf = new SpringBusFactory();
URL busFile = STSRESTTest.class.getResource("cxf-client.xml");
Bus bus = bf.createBus(busFile.toString());
BusFactory.setDefaultBus(bus);
BusFactory.setThreadDefaultBus(bus);
String address = "https://localhost:" + STSPORT + "/SecurityTokenService/token";
WebClient client = WebClient.create(address, busFile.toString());
client.type("application/xml").accept("application/xml");
// Create RequestSecurityToken
W3CDOMStreamWriter writer = new W3CDOMStreamWriter();
String namespace = STSUtils.WST_NS_05_12;
writer.writeStartElement("wst", "RequestSecurityToken", namespace);
writer.writeNamespace("wst", namespace);
writer.writeStartElement("wst", "RequestType", namespace);
writer.writeCharacters(namespace + "/Issue");
writer.writeEndElement();
writer.writeStartElement("wst", "TokenType", namespace);
writer.writeCharacters(JWT_TOKEN_TYPE);
writer.writeEndElement();
writer.writeEndElement();
Response response = client.post(new DOMSource(writer.getDocument().getDocumentElement()));
RequestSecurityTokenResponseType securityResponse = response.readEntity(RequestSecurityTokenResponseType.class);
RequestedSecurityTokenType requestedSecurityToken = getRequestedSecurityToken(securityResponse);
assertNotNull(requestedSecurityToken);
String token = ((Element) requestedSecurityToken.getAny()).getTextContent();
assertNotNull(token);
validateJWTToken(token, null);
bus.shutdown(true);
}
Also used :
Response(javax.ws.rs.core.Response)
Bus(org.apache.cxf.Bus)
W3CDOMStreamWriter(org.apache.cxf.staxutils.W3CDOMStreamWriter)
DOMSource(javax.xml.transform.dom.DOMSource)
SpringBusFactory(org.apache.cxf.bus.spring.SpringBusFactory)
JAXBElement(javax.xml.bind.JAXBElement)
Element(org.w3c.dom.Element)
RequestSecurityTokenResponseType(org.apache.cxf.ws.security.sts.provider.model.RequestSecurityTokenResponseType)
RequestedSecurityTokenType(org.apache.cxf.ws.security.sts.provider.model.RequestedSecurityTokenType)
WebClient(org.apache.cxf.jaxrs.client.WebClient)
URL(java.net.URL)
Aggregations
WebClient (org.apache.cxf.jaxrs.client.WebClient)723
Test (org.junit.Test)400
Response (javax.ws.rs.core.Response)351
URL (java.net.URL)198
HashMap (java.util.HashMap)100
Book (org.apache.cxf.systest.jaxrs.security.Book)94
ArrayList (java.util.ArrayList)88
JacksonJsonProvider (com.fasterxml.jackson.jaxrs.json.JacksonJsonProvider)87
CloseableHttpResponse (org.apache.http.client.methods.CloseableHttpResponse)77
ClientAccessToken (org.apache.cxf.rs.security.oauth2.common.ClientAccessToken)60
Bus (org.apache.cxf.Bus)48
SpringBusFactory (org.apache.cxf.bus.spring.SpringBusFactory)46
Test (org.testng.annotations.Test)46
Form (javax.ws.rs.core.Form)44
JwtToken (org.apache.cxf.rs.security.jose.jwt.JwtToken)42
JwtClaims (org.apache.cxf.rs.security.jose.jwt.JwtClaims)40
JwtAuthenticationClientFilter (org.apache.cxf.rs.security.jose.jaxrs.JwtAuthenticationClientFilter)32
InputStream (java.io.InputStream)28
ResponseProcessingException (javax.ws.rs.client.ResponseProcessingException)28
Document (org.w3c.dom.Document)27
