Search in sources :

Example 41 with Exchange

use of org.apache.cxf.message.Exchange in project ddf by codice.

the class PepInterceptorActionsTest method testMessageWithDefaultUrlAction.

@Test
public void testMessageWithDefaultUrlAction() throws SecurityServiceException {
    SecurityManager mockSecurityManager = mock(SecurityManager.class);
    interceptor.setSecurityManager(mockSecurityManager);
    Message messageWithAction = mock(Message.class);
    SecurityToken mockSecurityToken = mock(SecurityToken.class);
    Subject mockSubject = mock(Subject.class);
    assertNotNull(mockSecurityAssertion);
    // SecurityLogger is already stubbed out
    when(mockSecurityAssertion.getToken()).thenReturn(mockSecurityToken);
    when(mockSecurityToken.getToken()).thenReturn(null);
    when(mockSecurityManager.getSubject(mockSecurityToken)).thenReturn(mockSubject);
    QName op = new QName("http://catalog/query/", "Search", "ns1");
    QName port = new QName("http://catalog/query/", "QueryPort", "ns1");
    when(messageWithAction.get(MessageContext.WSDL_OPERATION)).thenReturn(op);
    when(messageWithAction.get(MessageContext.WSDL_PORT)).thenReturn(port);
    Exchange mockExchange = mock(Exchange.class);
    BindingOperationInfo mockBOI = mock(BindingOperationInfo.class);
    when(messageWithAction.getExchange()).thenReturn(mockExchange);
    when(mockExchange.get(BindingOperationInfo.class)).thenReturn(mockBOI);
    when(mockBOI.getExtensor(SoapOperationInfo.class)).thenReturn(null);
    doAnswer(new Answer<Boolean>() {

        @Override
        public Boolean answer(InvocationOnMock invocation) throws Throwable {
            CollectionPermission perm = (CollectionPermission) invocation.getArguments()[0];
            assertEquals("http://catalog/query/QueryPort/SearchRequest", perm.getAction());
            return true;
        }
    }).when(mockSubject).isPermitted(isA(CollectionPermission.class));
    // This should work.
    interceptor.handleMessage(messageWithAction);
}
Also used : BindingOperationInfo(org.apache.cxf.service.model.BindingOperationInfo) SecurityManager(ddf.security.service.SecurityManager) Message(org.apache.cxf.message.Message) QName(javax.xml.namespace.QName) Subject(ddf.security.Subject) SecurityToken(org.apache.cxf.ws.security.tokenstore.SecurityToken) Exchange(org.apache.cxf.message.Exchange) InvocationOnMock(org.mockito.invocation.InvocationOnMock) CollectionPermission(ddf.security.permission.CollectionPermission) Test(org.junit.Test)

Example 42 with Exchange

use of org.apache.cxf.message.Exchange in project ddf by codice.

the class PepInterceptorInvalidSubjectTest method testMessageInvalidSecurityAssertionToken.

// CHECKSTYLE.ON: VisibilityModifier
@Test
public void testMessageInvalidSecurityAssertionToken() throws SecurityServiceException {
    SecurityAssertion mockSecurityAssertion = mock(SecurityAssertion.class);
    PEPAuthorizingInterceptor interceptor = spy(new PEPAuthorizingInterceptor(m -> mockSecurityAssertion));
    interceptor.setSecurityLogger(mock(SecurityLogger.class));
    SecurityManager mockSecurityManager = mock(SecurityManager.class);
    interceptor.setSecurityManager(mockSecurityManager);
    Message messageWithInvalidSecurityAssertion = mock(Message.class);
    SecurityToken mockSecurityToken = mock(SecurityToken.class);
    Subject mockSubject = mock(Subject.class);
    assertNotNull(mockSecurityAssertion);
    // SecurityLogger is already stubbed out
    when(mockSecurityAssertion.getToken()).thenReturn(mockSecurityToken);
    when(mockSecurityToken.getToken()).thenReturn(null);
    when(mockSecurityManager.getSubject(mockSecurityToken)).thenReturn(mockSubject);
    QName op = new QName("urn:catalog:query", "search", "ns1");
    QName port = new QName("urn:catalog:query", "query-port", "ns1");
    when(messageWithInvalidSecurityAssertion.get("javax.xml.ws.wsdl.operation")).thenReturn(op);
    when(messageWithInvalidSecurityAssertion.get("javax.xml.ws.wsdl.port")).thenReturn(port);
    Exchange mockExchange = mock(Exchange.class);
    BindingOperationInfo mockBOI = mock(BindingOperationInfo.class);
    when(messageWithInvalidSecurityAssertion.getExchange()).thenReturn(mockExchange);
    when(mockExchange.get(BindingOperationInfo.class)).thenReturn(mockBOI);
    when(mockBOI.getExtensor(SoapOperationInfo.class)).thenReturn(null);
    when(mockSubject.isPermitted(isA(CollectionPermission.class))).thenReturn(false);
    expectedExForInvalidSubject.expect(AccessDeniedException.class);
    expectedExForInvalidSubject.expectMessage("Unauthorized");
    // This should throw
    interceptor.handleMessage(messageWithInvalidSecurityAssertion);
}
Also used : SecurityAssertion(ddf.security.assertion.SecurityAssertion) SecurityLogger(ddf.security.audit.SecurityLogger) Assert.assertNotNull(org.junit.Assert.assertNotNull) CollectionPermission(ddf.security.permission.CollectionPermission) Message(org.apache.cxf.message.Message) BindingOperationInfo(org.apache.cxf.service.model.BindingOperationInfo) Subject(ddf.security.Subject) Test(org.junit.Test) Mockito.when(org.mockito.Mockito.when) AccessDeniedException(org.apache.cxf.interceptor.security.AccessDeniedException) Mockito.spy(org.mockito.Mockito.spy) Exchange(org.apache.cxf.message.Exchange) SecurityServiceException(ddf.security.service.SecurityServiceException) SecurityToken(org.apache.cxf.ws.security.tokenstore.SecurityToken) SoapOperationInfo(org.apache.cxf.binding.soap.model.SoapOperationInfo) Rule(org.junit.Rule) QName(javax.xml.namespace.QName) SecurityManager(ddf.security.service.SecurityManager) ExpectedException(org.junit.rules.ExpectedException) ArgumentMatchers.isA(org.mockito.ArgumentMatchers.isA) Mockito.mock(org.mockito.Mockito.mock) SecurityToken(org.apache.cxf.ws.security.tokenstore.SecurityToken) Exchange(org.apache.cxf.message.Exchange) BindingOperationInfo(org.apache.cxf.service.model.BindingOperationInfo) SecurityManager(ddf.security.service.SecurityManager) Message(org.apache.cxf.message.Message) QName(javax.xml.namespace.QName) CollectionPermission(ddf.security.permission.CollectionPermission) SecurityAssertion(ddf.security.assertion.SecurityAssertion) Subject(ddf.security.Subject) SecurityLogger(ddf.security.audit.SecurityLogger) Test(org.junit.Test)

Example 43 with Exchange

use of org.apache.cxf.message.Exchange in project jaffa-framework by jaffa-projects.

the class CxfFunctionGuardInterceptor method getServiceMethod.

/**
 * Extracts the Method that will be invoked by the service from the Message object
 *
 * @param message Message to extract the method from
 * @return Method that will be invoked by the service from the Message object
 */
private Method getServiceMethod(Message message) {
    Exchange exchange = message.getExchange();
    BindingOperationInfo bindingOperationInfo = exchange.get(BindingOperationInfo.class);
    Service service = exchange.get(Service.class);
    String dispatcherName = MethodDispatcher.class.getName();
    MethodDispatcher methodDispatcher = (MethodDispatcher) service.get(dispatcherName);
    Method method = null;
    if (methodDispatcher != null) {
        method = methodDispatcher.getMethod(bindingOperationInfo);
    }
    if (method == null) {
        OperationResourceInfo resourceInfo = exchange.get(OperationResourceInfo.class);
        if (resourceInfo != null) {
            method = resourceInfo.getMethodToInvoke();
        }
    }
    return method;
}
Also used : Exchange(org.apache.cxf.message.Exchange) BindingOperationInfo(org.apache.cxf.service.model.BindingOperationInfo) Service(org.apache.cxf.service.Service) OperationResourceInfo(org.apache.cxf.jaxrs.model.OperationResourceInfo) MethodDispatcher(org.apache.cxf.service.invoker.MethodDispatcher) Method(java.lang.reflect.Method)

Example 44 with Exchange

use of org.apache.cxf.message.Exchange in project cxf by apache.

the class AttachmentDeserializerTest method setUp.

@Before
public void setUp() throws Exception {
    msg = new MessageImpl();
    Exchange exchange = new ExchangeImpl();
    msg.setExchange(exchange);
}
Also used : Exchange(org.apache.cxf.message.Exchange) MessageImpl(org.apache.cxf.message.MessageImpl) ExchangeImpl(org.apache.cxf.message.ExchangeImpl) Before(org.junit.Before)

Example 45 with Exchange

use of org.apache.cxf.message.Exchange in project cxf by apache.

the class SelectMethodCandidatesTest method doTestProducesResource.

private void doTestProducesResource(Class<?> resourceClass, String path, String acceptContentTypes, String expectedResponseType, String expectedMethodName) throws Exception {
    JAXRSServiceFactoryBean sf = new JAXRSServiceFactoryBean();
    sf.setResourceClasses(resourceClass);
    sf.create();
    List<ClassResourceInfo> resources = ((JAXRSServiceImpl) sf.getService()).getClassResourceInfos();
    String contentType = "*/*";
    Message m = new MessageImpl();
    m.put(Message.CONTENT_TYPE, contentType);
    Exchange ex = new ExchangeImpl();
    ex.setInMessage(m);
    m.setExchange(ex);
    Endpoint e = mockEndpoint();
    ex.put(Endpoint.class, e);
    MetadataMap<String, String> values = new MetadataMap<>();
    Map<ClassResourceInfo, MultivaluedMap<String, String>> mResources = JAXRSUtils.selectResourceClass(resources, path, m);
    OperationResourceInfo ori = JAXRSUtils.findTargetMethod(mResources, m, "GET", values, contentType, sortMediaTypes(acceptContentTypes));
    assertNotNull(ori);
    assertEquals(expectedMethodName, ori.getMethodToInvoke().getName());
    assertEquals(expectedResponseType, m.getExchange().get(Message.CONTENT_TYPE));
}
Also used : Message(org.apache.cxf.message.Message) ClassResourceInfo(org.apache.cxf.jaxrs.model.ClassResourceInfo) Exchange(org.apache.cxf.message.Exchange) MetadataMap(org.apache.cxf.jaxrs.impl.MetadataMap) Endpoint(org.apache.cxf.endpoint.Endpoint) OperationResourceInfo(org.apache.cxf.jaxrs.model.OperationResourceInfo) MultivaluedMap(javax.ws.rs.core.MultivaluedMap) MessageImpl(org.apache.cxf.message.MessageImpl) ExchangeImpl(org.apache.cxf.message.ExchangeImpl)

Aggregations

Exchange (org.apache.cxf.message.Exchange)338 Message (org.apache.cxf.message.Message)196 ExchangeImpl (org.apache.cxf.message.ExchangeImpl)159 MessageImpl (org.apache.cxf.message.MessageImpl)144 Test (org.junit.Test)119 Endpoint (org.apache.cxf.endpoint.Endpoint)75 BindingOperationInfo (org.apache.cxf.service.model.BindingOperationInfo)62 QName (javax.xml.namespace.QName)51 EndpointInfo (org.apache.cxf.service.model.EndpointInfo)43 Bus (org.apache.cxf.Bus)33 SoapMessage (org.apache.cxf.binding.soap.SoapMessage)32 Conduit (org.apache.cxf.transport.Conduit)31 Fault (org.apache.cxf.interceptor.Fault)30 IOException (java.io.IOException)28 ArrayList (java.util.ArrayList)28 AddressingProperties (org.apache.cxf.ws.addressing.AddressingProperties)28 MessageContentsList (org.apache.cxf.message.MessageContentsList)23 Service (org.apache.cxf.service.Service)22 SOAPMessage (javax.xml.soap.SOAPMessage)21 List (java.util.List)19