Examples with JwtAuthenticationClientFilter org.apache.cxf.rs.security.jose.jaxrs.JwtAuthenticationClientFilter used on opensource projects

Search in sources :

Example 1 with JwtAuthenticationClientFilter

use of org.apache.cxf.rs.security.jose.jaxrs.JwtAuthenticationClientFilter in project testcases by coheigea.

the class JWTAuthenticationTest method testUnauthenticatedRequest.

@org.junit.Test
public void testUnauthenticatedRequest() throws Exception {
    URL busFile = JWTAuthenticationTest.class.getResource("cxf-client.xml");
    List<Object> providers = new ArrayList<Object>();
    providers.add(new JacksonJsonProvider());
    providers.add(new JwtAuthenticationClientFilter());
    String address = "http://localhost:" + PORT + "/doubleit/services";
    WebClient client = WebClient.create(address, providers, busFile.toString());
    client.type("application/json").accept("application/json");
    // Create the JWT Token
    JwtClaims claims = new JwtClaims();
    claims.setSubject("alice");
    claims.setIssuer("DoubleItSTSIssuer");
    claims.setIssuedAt(new Date().getTime() / 1000L);
    claims.setAudiences(Collections.singletonList(address));
    JwtToken token = new JwtToken(claims);
    Map<String, Object> properties = new HashMap<String, Object>();
    properties.put("rs.security.keystore.type", "jks");
    properties.put("rs.security.keystore.password", "ispass");
    properties.put("rs.security.keystore.alias", "imposter");
    properties.put("rs.security.keystore.file", "imposter.jks");
    properties.put("rs.security.key.password", "ikpass");
    properties.put("rs.security.signature.algorithm", "RS256");
    properties.put(JwtConstants.JWT_TOKEN, token);
    WebClient.getConfig(client).getRequestContext().putAll(properties);
    Number numberToDouble = new Number();
    numberToDouble.setDescription("This is the number to double");
    numberToDouble.setNumber(25);
    Response response = client.post(numberToDouble);
    assertNotEquals(response.getStatus(), 200);
}
Also used : JwtClaims(org.apache.cxf.rs.security.jose.jwt.JwtClaims) HashMap(java.util.HashMap) JacksonJsonProvider(com.fasterxml.jackson.jaxrs.json.JacksonJsonProvider) ArrayList(java.util.ArrayList) WebClient(org.apache.cxf.jaxrs.client.WebClient) URL(java.net.URL) Date(java.util.Date) JwtToken(org.apache.cxf.rs.security.jose.jwt.JwtToken) Response(javax.ws.rs.core.Response) Number(org.apache.coheigea.cxf.jaxrs.json.common.Number) JwtAuthenticationClientFilter(org.apache.cxf.rs.security.jose.jaxrs.JwtAuthenticationClientFilter)

Example 2 with JwtAuthenticationClientFilter

use of org.apache.cxf.rs.security.jose.jaxrs.JwtAuthenticationClientFilter in project testcases by coheigea.

the class JWTAuthorizationTest method testNoRole.

@org.junit.Test
public void testNoRole() throws Exception {
    URL busFile = JWTAuthorizationTest.class.getResource("cxf-client.xml");
    List<Object> providers = new ArrayList<Object>();
    providers.add(new JacksonJsonProvider());
    providers.add(new JwtAuthenticationClientFilter());
    String address = "http://localhost:" + PORT + "/doubleit/services";
    WebClient client = WebClient.create(address, providers, busFile.toString());
    client.type("application/json").accept("application/json");
    // Create the JWT Token
    JwtClaims claims = new JwtClaims();
    claims.setSubject("alice");
    claims.setIssuer("DoubleItSTSIssuer");
    claims.setIssuedAt(new Date().getTime() / 1000L);
    claims.setAudiences(Collections.singletonList(address));
    JwtToken token = new JwtToken(claims);
    Map<String, Object> properties = new HashMap<String, Object>();
    properties.put("rs.security.keystore.type", "jks");
    properties.put("rs.security.keystore.password", "ispass");
    properties.put("rs.security.keystore.alias", "imposter");
    properties.put("rs.security.keystore.file", "imposter.jks");
    properties.put("rs.security.key.password", "ikpass");
    properties.put("rs.security.signature.algorithm", "RS256");
    properties.put(JwtConstants.JWT_TOKEN, token);
    WebClient.getConfig(client).getRequestContext().putAll(properties);
    Number numberToDouble = new Number();
    numberToDouble.setDescription("This is the number to double");
    numberToDouble.setNumber(25);
    Response response = client.post(numberToDouble);
    assertNotEquals(response.getStatus(), 200);
}
Also used : JwtClaims(org.apache.cxf.rs.security.jose.jwt.JwtClaims) HashMap(java.util.HashMap) JacksonJsonProvider(com.fasterxml.jackson.jaxrs.json.JacksonJsonProvider) ArrayList(java.util.ArrayList) WebClient(org.apache.cxf.jaxrs.client.WebClient) URL(java.net.URL) Date(java.util.Date) JwtToken(org.apache.cxf.rs.security.jose.jwt.JwtToken) Response(javax.ws.rs.core.Response) Number(org.apache.coheigea.cxf.jaxrs.json.common.Number) JwtAuthenticationClientFilter(org.apache.cxf.rs.security.jose.jaxrs.JwtAuthenticationClientFilter)

Example 3 with JwtAuthenticationClientFilter

use of org.apache.cxf.rs.security.jose.jaxrs.JwtAuthenticationClientFilter in project testcases by coheigea.

the class JWTAuthorizationTest method testWrongRole.

@org.junit.Test
public void testWrongRole() throws Exception {
    URL busFile = JWTAuthorizationTest.class.getResource("cxf-client.xml");
    List<Object> providers = new ArrayList<Object>();
    providers.add(new JacksonJsonProvider());
    providers.add(new JwtAuthenticationClientFilter());
    String address = "http://localhost:" + PORT + "/doubleit/services";
    WebClient client = WebClient.create(address, providers, busFile.toString());
    client.type("application/json").accept("application/json");
    // Create the JWT Token
    JwtClaims claims = new JwtClaims();
    claims.setSubject("alice");
    claims.setIssuer("DoubleItSTSIssuer");
    claims.setIssuedAt(new Date().getTime() / 1000L);
    claims.setProperty("role", "employee");
    claims.setAudiences(Collections.singletonList(address));
    JwtToken token = new JwtToken(claims);
    Map<String, Object> properties = new HashMap<String, Object>();
    properties.put("rs.security.keystore.type", "jks");
    properties.put("rs.security.keystore.password", "ispass");
    properties.put("rs.security.keystore.alias", "imposter");
    properties.put("rs.security.keystore.file", "imposter.jks");
    properties.put("rs.security.key.password", "ikpass");
    properties.put("rs.security.signature.algorithm", "RS256");
    properties.put(JwtConstants.JWT_TOKEN, token);
    WebClient.getConfig(client).getRequestContext().putAll(properties);
    Number numberToDouble = new Number();
    numberToDouble.setDescription("This is the number to double");
    numberToDouble.setNumber(25);
    Response response = client.post(numberToDouble);
    assertNotEquals(response.getStatus(), 200);
}
Also used : JwtClaims(org.apache.cxf.rs.security.jose.jwt.JwtClaims) HashMap(java.util.HashMap) JacksonJsonProvider(com.fasterxml.jackson.jaxrs.json.JacksonJsonProvider) ArrayList(java.util.ArrayList) WebClient(org.apache.cxf.jaxrs.client.WebClient) URL(java.net.URL) Date(java.util.Date) JwtToken(org.apache.cxf.rs.security.jose.jwt.JwtToken) Response(javax.ws.rs.core.Response) Number(org.apache.coheigea.cxf.jaxrs.json.common.Number) JwtAuthenticationClientFilter(org.apache.cxf.rs.security.jose.jaxrs.JwtAuthenticationClientFilter)

Example 4 with JwtAuthenticationClientFilter

use of org.apache.cxf.rs.security.jose.jaxrs.JwtAuthenticationClientFilter in project testcases by coheigea.

the class JWTEncryptedTest method testEncryptedToken.

@org.junit.Test
public void testEncryptedToken() throws Exception {
    URL busFile = JWETest.class.getResource("cxf-client.xml");
    List<Object> providers = new ArrayList<Object>();
    providers.add(new JacksonJsonProvider());
    JwtAuthenticationClientFilter jwtFilter = new JwtAuthenticationClientFilter();
    jwtFilter.setJwsRequired(false);
    jwtFilter.setJweRequired(true);
    providers.add(jwtFilter);
    String address = "http://localhost:" + PORT + "/doubleit/services";
    WebClient client = WebClient.create(address, providers, busFile.toString());
    client.type("application/json").accept("application/json");
    // Create the JWT Token
    JwtClaims claims = new JwtClaims();
    claims.setSubject("alice");
    claims.setIssuer("DoubleItSTSIssuer");
    claims.setIssuedAt(new Date().getTime() / 1000L);
    claims.setAudiences(Collections.singletonList(address));
    JwtToken token = new JwtToken(claims);
    Map<String, Object> properties = new HashMap<String, Object>();
    properties.put("rs.security.encryption.properties", "clientEncKeystore.properties");
    properties.put(JwtConstants.JWT_TOKEN, token);
    WebClient.getConfig(client).getRequestContext().putAll(properties);
    Number numberToDouble = new Number();
    numberToDouble.setDescription("This is the number to double");
    numberToDouble.setNumber(25);
    Response response = client.post(numberToDouble);
    assertEquals(response.getStatus(), 200);
    assertEquals(response.readEntity(Number.class).getNumber(), 50);
}
Also used : JwtClaims(org.apache.cxf.rs.security.jose.jwt.JwtClaims) HashMap(java.util.HashMap) JacksonJsonProvider(com.fasterxml.jackson.jaxrs.json.JacksonJsonProvider) ArrayList(java.util.ArrayList) WebClient(org.apache.cxf.jaxrs.client.WebClient) URL(java.net.URL) Date(java.util.Date) JwtToken(org.apache.cxf.rs.security.jose.jwt.JwtToken) Response(javax.ws.rs.core.Response) Number(org.apache.coheigea.cxf.jaxrs.json.common.Number) JwtAuthenticationClientFilter(org.apache.cxf.rs.security.jose.jaxrs.JwtAuthenticationClientFilter)

Example 5 with JwtAuthenticationClientFilter

use of org.apache.cxf.rs.security.jose.jaxrs.JwtAuthenticationClientFilter in project cxf by apache.

the class JWTAlgorithmTest method testBadSignatureCertificateTest.

// Include the cert in the "x5c" header
@org.junit.Test
public void testBadSignatureCertificateTest() throws Exception {
    URL busFile = JWTAlgorithmTest.class.getResource("client.xml");
    List<Object> providers = new ArrayList<>();
    providers.add(new JacksonJsonProvider());
    providers.add(new JwtAuthenticationClientFilter());
    String address = "https://localhost:" + PORT + "/signedjwtincludecert/bookstore/books";
    WebClient client = WebClient.create(address, providers, busFile.toString());
    client.type("application/json").accept("application/json");
    // Create the JWT Token
    JwtClaims claims = new JwtClaims();
    claims.setSubject("alice");
    claims.setIssuer("DoubleItSTSIssuer");
    claims.setIssuedAt(Instant.now().getEpochSecond());
    claims.setAudiences(toList(address));
    JwtToken token = new JwtToken(claims);
    Map<String, Object> properties = new HashMap<>();
    properties.put("rs.security.keystore.type", "jks");
    properties.put("rs.security.keystore.password", "password");
    properties.put("rs.security.key.password", "password");
    properties.put("rs.security.keystore.alias", "bethal");
    properties.put("rs.security.keystore.file", "keys/Bethal.jks");
    properties.put("rs.security.signature.algorithm", "RS256");
    properties.put("rs.security.signature.include.cert", "true");
    properties.put(JwtConstants.JWT_TOKEN, token);
    WebClient.getConfig(client).getRequestContext().putAll(properties);
    Response response = client.post(new Book("book", 123L));
    assertNotEquals(response.getStatus(), 200);
}
Also used : JwtClaims(org.apache.cxf.rs.security.jose.jwt.JwtClaims) HashMap(java.util.HashMap) JacksonJsonProvider(com.fasterxml.jackson.jaxrs.json.JacksonJsonProvider) ArrayList(java.util.ArrayList) WebClient(org.apache.cxf.jaxrs.client.WebClient) URL(java.net.URL) JwtToken(org.apache.cxf.rs.security.jose.jwt.JwtToken) Response(javax.ws.rs.core.Response) Book(org.apache.cxf.systest.jaxrs.security.Book) JwtAuthenticationClientFilter(org.apache.cxf.rs.security.jose.jaxrs.JwtAuthenticationClientFilter)

Aggregations

JacksonJsonProvider (com.fasterxml.jackson.jaxrs.json.JacksonJsonProvider)50 URL (java.net.URL)50 ArrayList (java.util.ArrayList)50 HashMap (java.util.HashMap)50 Response (javax.ws.rs.core.Response)50 WebClient (org.apache.cxf.jaxrs.client.WebClient)50 JwtAuthenticationClientFilter (org.apache.cxf.rs.security.jose.jaxrs.JwtAuthenticationClientFilter)50 JwtClaims (org.apache.cxf.rs.security.jose.jwt.JwtClaims)50 JwtToken (org.apache.cxf.rs.security.jose.jwt.JwtToken)45 Book (org.apache.cxf.systest.jaxrs.security.Book)39 ZonedDateTime (java.time.ZonedDateTime)10 Date (java.util.Date)8 Number (org.apache.coheigea.cxf.jaxrs.json.common.Number)8
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial