use of org.apache.cxf.rs.security.httpsignature.filters.VerifySignatureFilter in project cxf by apache.
the class SpecExamplesTest method interceptorDefaultTest.
@Test
public void interceptorDefaultTest() {
URI uri = URI.create("https://www.example.com/foo?param=value&pet=dog");
String method = "POST";
MessageSigner messageSigner = new MessageSigner(keyProvider, "Test", Collections.singletonList("Date"));
CreateSignatureInterceptor interceptor = new CreateSignatureInterceptor();
interceptor.setMessageSigner(messageSigner);
Map<String, List<String>> headers = createMockHeaders();
MultivaluedMap<String, Object> requestHeaders = new MultivaluedHashMap<>();
MultivaluedMap<String, String> requestStringHeaders = new MultivaluedHashMap<>();
headers.forEach((header, value) -> {
requestHeaders.add(header, value.get(0));
requestStringHeaders.add(header, value.get(0));
});
final Message message = new MessageImpl();
doInPhaseInterceptor(message, () -> {
ClientRequestContext requestContext = getClientRequestContextMock(uri, method, requestHeaders);
interceptor.filter(requestContext);
String signatureHeader = (String) requestHeaders.get("Signature").get(0);
requestStringHeaders.add("Signature", signatureHeader);
String expectedHeader = "keyId=\"Test\",algorithm=\"rsa-sha256\"," + "signature=\"SjWJWbWN7i0wzBvtPl8rbASWz5xQW6mcJmn+ibttBqtifLN7Sazz" + "6m79cNfwwb8DMJ5cou1s7uEGKKCs+FLEEaDV5lp7q25WqS+lavg7T8hc0GppauB" + "6hbgEKTwblDHYGEtbGmtdHgVCk9SuS13F0hZ8FD0k/5OxEPXe5WozsbM=\"";
assertEquals(signatureHeader.replaceAll("headers=\"date\",", ""), expectedHeader);
// Verify that the request signature can be verified by the filter
MessageVerifier messageVerifier = new MessageVerifier(keyId -> publicKey);
messageVerifier.setAddDefaultRequiredHeaders(false);
messageVerifier.setSecurityProvider(new MockSecurityProvider());
messageVerifier.setAlgorithmProvider(new MockAlgorithmProvider());
VerifySignatureFilter verifySignatureFilter = new VerifySignatureFilter();
verifySignatureFilter.setMessageVerifier(messageVerifier);
ContainerRequestContext containerRequestContext = getContainerRequestContextMock(uri, method, requestStringHeaders);
verifySignatureFilter.filter(containerRequestContext);
});
}
use of org.apache.cxf.rs.security.httpsignature.filters.VerifySignatureFilter in project cxf by apache.
the class SpecExamplesTest method interceptorAllHeadersTest.
@Test
public void interceptorAllHeadersTest() {
URI uri = URI.create("https://www.example.com/foo?param=value&pet=dog");
String method = "POST";
MessageSigner messageSigner = new MessageSigner(keyProvider, "Test", Arrays.asList("(request-target)", "host", "date", "content-type", "digest", "content-length"));
CreateSignatureInterceptor interceptor = new CreateSignatureInterceptor();
interceptor.setMessageSigner(messageSigner);
Map<String, List<String>> headers = createMockHeaders();
MultivaluedMap<String, Object> requestHeaders = new MultivaluedHashMap<>();
MultivaluedMap<String, String> requestStringHeaders = new MultivaluedHashMap<>();
headers.forEach((header, value) -> {
requestHeaders.add(header, value.get(0));
requestStringHeaders.add(header, value.get(0));
});
final Message message = new MessageImpl();
doInPhaseInterceptor(message, () -> {
ClientRequestContext requestContext = getClientRequestContextMock(uri, method, requestHeaders);
interceptor.filter(requestContext);
String signatureHeader = (String) requestHeaders.get("Signature").get(0);
requestStringHeaders.add("Signature", signatureHeader);
String expectedHeader = "keyId=\"Test\",algorithm=\"rsa-sha256\"," + "headers=\"(request-target) host date content-type digest content-length\"," + "signature=\"vSdrb+dS3EceC9bcwHSo4MlyKS59iFIrhgYkz8+oVLEEzmYZZvRs" + "8rgOp+63LEM3v+MFHB32NfpB2bEKBIvB1q52LaEUHFv120V01IL+TAD48XaERZF" + "ukWgHoBTLMhYS2Gb51gWxpeIq8knRmPnYePbF5MOkR0Zkly4zKH7s1dE=\"";
assertEquals(signatureHeader, expectedHeader);
// Verify that the request signature can be verified by the filter
MessageVerifier messageVerifier = new MessageVerifier(keyId -> publicKey);
messageVerifier.setAddDefaultRequiredHeaders(false);
messageVerifier.setSecurityProvider(new MockSecurityProvider());
messageVerifier.setAlgorithmProvider(new MockAlgorithmProvider());
VerifySignatureFilter verifySignatureFilter = new VerifySignatureFilter();
verifySignatureFilter.setMessageVerifier(messageVerifier);
ContainerRequestContext containerRequestContext = getContainerRequestContextMock(uri, method, requestStringHeaders);
InputStream stream = new ByteArrayInputStream("{\"hello\": \"world\"}".getBytes(StandardCharsets.UTF_8));
Mockito.when(containerRequestContext.getEntityStream()).thenReturn(stream);
verifySignatureFilter.filter(containerRequestContext);
});
}
use of org.apache.cxf.rs.security.httpsignature.filters.VerifySignatureFilter in project cxf by apache.
the class SpecExamplesTest method interceptorBasicTest.
@Test
public void interceptorBasicTest() {
URI uri = URI.create("https://www.example.com/foo?param=value&pet=dog");
String method = "POST";
MessageSigner messageSigner = new MessageSigner(keyProvider, "Test", Arrays.asList("(request-target)", "host", "Date"));
CreateSignatureInterceptor interceptor = new CreateSignatureInterceptor();
interceptor.setMessageSigner(messageSigner);
Map<String, List<String>> headers = createMockHeaders();
MultivaluedMap<String, Object> requestHeaders = new MultivaluedHashMap<>();
MultivaluedMap<String, String> requestStringHeaders = new MultivaluedHashMap<>();
headers.forEach((header, value) -> {
requestHeaders.add(header, value.get(0));
requestStringHeaders.add(header, value.get(0));
});
final Message message = new MessageImpl();
doInPhaseInterceptor(message, () -> {
ClientRequestContext requestContext = getClientRequestContextMock(uri, method, requestHeaders);
interceptor.filter(requestContext);
String signatureHeader = (String) requestHeaders.get("Signature").get(0);
requestStringHeaders.add("Signature", signatureHeader);
String expectedHeader = "keyId=\"Test\",algorithm=\"rsa-sha256\"," + "headers=\"(request-target) host date\",signature=\"qdx+H7PHHDZgy4" + "y/Ahn9Tny9V3GP6YgBPyUXMmoxWtLbHpUnXS2mg2+SbrQDMCJypxBLSPQR2aAjn" + "7ndmw2iicw3HMbe8VfEdKFYRqzic+efkb3nndiv/x1xSHDJWeSWkx3ButlYSuBs" + "kLu6kd9Fswtemr3lgdDEmn04swr2Os0=\"";
assertEquals(signatureHeader, expectedHeader);
// Verify that the request signature can be verified by the filter
MessageVerifier messageVerifier = new MessageVerifier(keyId -> publicKey);
messageVerifier.setAddDefaultRequiredHeaders(false);
messageVerifier.setSecurityProvider(new MockSecurityProvider());
messageVerifier.setAlgorithmProvider(new MockAlgorithmProvider());
VerifySignatureFilter verifySignatureFilter = new VerifySignatureFilter();
verifySignatureFilter.setMessageVerifier(messageVerifier);
ContainerRequestContext containerRequestContext = getContainerRequestContextMock(uri, method, requestStringHeaders);
verifySignatureFilter.filter(containerRequestContext);
});
}
Aggregations