use of org.apache.cxf.rs.security.jose.jws.JwsJwtCompactConsumer in project cxf by apache.
the class IssueJWTOnbehalfofUnitTest method testIssueJWTTokenOnBehalfOfSaml2.
/**
* Test to successfully issue a JWT token on-behalf-of a SAML 2 token
*/
@org.junit.Test
public void testIssueJWTTokenOnBehalfOfSaml2() throws Exception {
TokenIssueOperation issueOperation = new TokenIssueOperation();
// Add Token Provider
List<TokenProvider> providerList = new ArrayList<>();
providerList.add(new JWTTokenProvider());
issueOperation.setTokenProviders(providerList);
// Add Token Validator
List<TokenValidator> validatorList = new ArrayList<>();
validatorList.add(new SAMLTokenValidator());
issueOperation.setTokenValidators(validatorList);
// Add Service
ServiceMBean service = new StaticService();
service.setEndpoints(Collections.singletonList("http://dummy-service.com/dummy"));
issueOperation.setServices(Collections.singletonList(service));
// Add STSProperties object
STSPropertiesMBean stsProperties = new StaticSTSProperties();
Crypto crypto = CryptoFactory.getInstance(getEncryptionProperties());
stsProperties.setEncryptionCrypto(crypto);
stsProperties.setSignatureCrypto(crypto);
stsProperties.setEncryptionUsername("myservicekey");
stsProperties.setSignatureUsername("mystskey");
stsProperties.setCallbackHandler(new PasswordCallbackHandler());
stsProperties.setIssuer("STS");
issueOperation.setStsProperties(stsProperties);
TokenDelegationHandler delegationHandler = new SAMLDelegationHandler();
issueOperation.setDelegationHandlers(Collections.singletonList(delegationHandler));
// Mock up a request
RequestSecurityTokenType request = new RequestSecurityTokenType();
JAXBElement<String> tokenType = new JAXBElement<String>(QNameConstants.TOKEN_TYPE, String.class, JWTTokenProvider.JWT_TOKEN_TYPE);
request.getAny().add(tokenType);
// Get a SAML Token via the SAMLTokenProvider
CallbackHandler callbackHandler = new PasswordCallbackHandler();
Element samlToken = createSAMLAssertion(WSS4JConstants.WSS_SAML2_TOKEN_TYPE, crypto, "mystskey", callbackHandler);
Document doc = samlToken.getOwnerDocument();
samlToken = (Element) doc.appendChild(samlToken);
OnBehalfOfType onbehalfof = new OnBehalfOfType();
onbehalfof.setAny(samlToken);
JAXBElement<OnBehalfOfType> onbehalfofType = new JAXBElement<OnBehalfOfType>(QNameConstants.ON_BEHALF_OF, OnBehalfOfType.class, onbehalfof);
request.getAny().add(onbehalfofType);
// Mock up message context
MessageImpl msg = new MessageImpl();
WrappedMessageContext msgCtx = new WrappedMessageContext(msg);
// Issue a token
RequestSecurityTokenResponseCollectionType response = issueOperation.issue(request, null, msgCtx);
List<RequestSecurityTokenResponseType> securityTokenResponse = response.getRequestSecurityTokenResponse();
assertTrue(!securityTokenResponse.isEmpty());
// Test the generated token.
Element token = null;
for (Object tokenObject : securityTokenResponse.get(0).getAny()) {
if (tokenObject instanceof JAXBElement<?> && REQUESTED_SECURITY_TOKEN.equals(((JAXBElement<?>) tokenObject).getName())) {
RequestedSecurityTokenType rstType = (RequestedSecurityTokenType) ((JAXBElement<?>) tokenObject).getValue();
token = (Element) rstType.getAny();
break;
}
}
assertNotNull(token);
// Validate the token
JwsJwtCompactConsumer jwtConsumer = new JwsJwtCompactConsumer(token.getTextContent());
JwtToken jwt = jwtConsumer.getJwtToken();
Assert.assertEquals("alice", jwt.getClaim(JwtConstants.CLAIM_SUBJECT));
}
use of org.apache.cxf.rs.security.jose.jws.JwsJwtCompactConsumer in project cxf by apache.
the class JWTClaimsTest method testJWTMultipleClaimsSameDialect.
/**
* Test the creation of a JWTToken with various claims set by a ClaimsHandler.
* We have both a primary claim (sent in wst:RequestSecurityToken) and a secondary claim
* (send in wst:RequestSecurityToken/wst:SecondaryParameters), and both have the
* same dialect in this test.
*/
@org.junit.Test
public void testJWTMultipleClaimsSameDialect() throws Exception {
TokenProvider tokenProvider = new JWTTokenProvider();
TokenProviderParameters providerParameters = createProviderParameters(JWTTokenProvider.JWT_TOKEN_TYPE, null);
ClaimsManager claimsManager = new ClaimsManager();
ClaimsHandler claimsHandler = new CustomClaimsHandler();
claimsManager.setClaimHandlers(Collections.singletonList(claimsHandler));
providerParameters.setClaimsManager(claimsManager);
ClaimCollection primaryClaims = createClaims();
primaryClaims.setDialect(ClaimTypes.URI_BASE);
providerParameters.setRequestedPrimaryClaims(primaryClaims);
ClaimCollection secondaryClaims = new ClaimCollection();
Claim claim = new Claim();
claim.setClaimType(ClaimTypes.STREETADDRESS);
secondaryClaims.add(claim);
secondaryClaims.setDialect(ClaimTypes.URI_BASE);
providerParameters.setRequestedSecondaryClaims(secondaryClaims);
TokenProviderResponse providerResponse = tokenProvider.createToken(providerParameters);
assertTrue(providerResponse != null);
assertTrue(providerResponse.getToken() != null && providerResponse.getTokenId() != null);
String token = (String) providerResponse.getToken();
assertNotNull(token);
JwsJwtCompactConsumer jwtConsumer = new JwsJwtCompactConsumer(token);
JwtToken jwt = jwtConsumer.getJwtToken();
assertEquals(jwt.getClaim(ClaimTypes.EMAILADDRESS.toString()), "alice@cxf.apache.org");
assertEquals(jwt.getClaim(ClaimTypes.FIRSTNAME.toString()), "alice");
assertEquals(jwt.getClaim(ClaimTypes.LASTNAME.toString()), "doe");
assertEquals(jwt.getClaim(ClaimTypes.STREETADDRESS.toString()), "1234 1st Street");
}
use of org.apache.cxf.rs.security.jose.jws.JwsJwtCompactConsumer in project cxf by apache.
the class JWTClaimsTest method testJWTMultipleClaims.
/**
* Test the creation of a JWTToken with various claims set by a ClaimsHandler.
* We have both a primary claim (sent in wst:RequestSecurityToken) and a secondary claim
* (send in wst:RequestSecurityToken/wst:SecondaryParameters).
*/
@org.junit.Test
public void testJWTMultipleClaims() throws Exception {
TokenProvider tokenProvider = new JWTTokenProvider();
TokenProviderParameters providerParameters = createProviderParameters(JWTTokenProvider.JWT_TOKEN_TYPE, null);
ClaimsManager claimsManager = new ClaimsManager();
ClaimsHandler claimsHandler = new CustomClaimsHandler();
claimsManager.setClaimHandlers(Collections.singletonList(claimsHandler));
providerParameters.setClaimsManager(claimsManager);
ClaimCollection primaryClaims = createClaims();
providerParameters.setRequestedPrimaryClaims(primaryClaims);
ClaimCollection secondaryClaims = new ClaimCollection();
Claim claim = new Claim();
claim.setClaimType(ClaimTypes.STREETADDRESS);
secondaryClaims.add(claim);
providerParameters.setRequestedSecondaryClaims(secondaryClaims);
TokenProviderResponse providerResponse = tokenProvider.createToken(providerParameters);
assertTrue(providerResponse != null);
assertTrue(providerResponse.getToken() != null && providerResponse.getTokenId() != null);
String token = (String) providerResponse.getToken();
assertNotNull(token);
JwsJwtCompactConsumer jwtConsumer = new JwsJwtCompactConsumer(token);
JwtToken jwt = jwtConsumer.getJwtToken();
assertEquals(jwt.getClaim(ClaimTypes.EMAILADDRESS.toString()), "alice@cxf.apache.org");
assertEquals(jwt.getClaim(ClaimTypes.FIRSTNAME.toString()), "alice");
assertEquals(jwt.getClaim(ClaimTypes.LASTNAME.toString()), "doe");
assertEquals(jwt.getClaim(ClaimTypes.STREETADDRESS.toString()), "1234 1st Street");
}
use of org.apache.cxf.rs.security.jose.jws.JwsJwtCompactConsumer in project cxf by apache.
the class JWTClaimsTest method testJWTRoleUsingCustomReturnType.
@org.junit.Test
public void testJWTRoleUsingCustomReturnType() throws Exception {
TokenProvider tokenProvider = new JWTTokenProvider();
TokenProviderParameters providerParameters = createProviderParameters(JWTTokenProvider.JWT_TOKEN_TYPE, null);
ClaimsManager claimsManager = new ClaimsManager();
ClaimsHandler claimsHandler = new CustomClaimsHandler();
claimsManager.setClaimHandlers(Collections.singletonList(claimsHandler));
providerParameters.setClaimsManager(claimsManager);
ClaimCollection claims = new ClaimCollection();
URI role = URI.create("http://schemas.xmlsoap.org/ws/2005/05/identity/claims/role");
Claim claim = new Claim();
claim.setClaimType(role);
claims.add(claim);
providerParameters.setRequestedPrimaryClaims(claims);
Map<String, String> claimTypeMap = new HashMap<>();
claimTypeMap.put(role.toString(), "roles");
DefaultJWTClaimsProvider claimsProvider = new DefaultJWTClaimsProvider();
claimsProvider.setClaimTypeMap(claimTypeMap);
((JWTTokenProvider) tokenProvider).setJwtClaimsProvider(claimsProvider);
assertTrue(tokenProvider.canHandleToken(JWTTokenProvider.JWT_TOKEN_TYPE));
TokenProviderResponse providerResponse = tokenProvider.createToken(providerParameters);
assertTrue(providerResponse != null);
assertTrue(providerResponse.getToken() != null && providerResponse.getTokenId() != null);
String token = (String) providerResponse.getToken();
assertNotNull(token);
JwsJwtCompactConsumer jwtConsumer = new JwsJwtCompactConsumer(token);
JwtToken jwt = jwtConsumer.getJwtToken();
assertEquals(jwt.getClaim("roles"), "DUMMY");
}
use of org.apache.cxf.rs.security.jose.jws.JwsJwtCompactConsumer in project cxf by apache.
the class JWTClaimsTest method testJWTClaims.
/**
* Test the creation of a JWTToken with various claims set by a ClaimsHandler.
*/
@org.junit.Test
public void testJWTClaims() throws Exception {
TokenProvider tokenProvider = new JWTTokenProvider();
TokenProviderParameters providerParameters = createProviderParameters(JWTTokenProvider.JWT_TOKEN_TYPE, null);
ClaimsManager claimsManager = new ClaimsManager();
ClaimsHandler claimsHandler = new CustomClaimsHandler();
claimsManager.setClaimHandlers(Collections.singletonList(claimsHandler));
providerParameters.setClaimsManager(claimsManager);
ClaimCollection claims = createClaims();
providerParameters.setRequestedPrimaryClaims(claims);
assertTrue(tokenProvider.canHandleToken(JWTTokenProvider.JWT_TOKEN_TYPE));
TokenProviderResponse providerResponse = tokenProvider.createToken(providerParameters);
assertTrue(providerResponse != null);
assertTrue(providerResponse.getToken() != null && providerResponse.getTokenId() != null);
String token = (String) providerResponse.getToken();
assertNotNull(token);
JwsJwtCompactConsumer jwtConsumer = new JwsJwtCompactConsumer(token);
JwtToken jwt = jwtConsumer.getJwtToken();
assertEquals(jwt.getClaim(ClaimTypes.EMAILADDRESS.toString()), "alice@cxf.apache.org");
assertEquals(jwt.getClaim(ClaimTypes.FIRSTNAME.toString()), "alice");
assertEquals(jwt.getClaim(ClaimTypes.LASTNAME.toString()), "doe");
}
Aggregations