Examples with ClaimCollection org.apache.cxf.rt.security.claims.ClaimCollection used on opensource projects

Search in sources :

Example 31 with ClaimCollection

use of org.apache.cxf.rt.security.claims.ClaimCollection in project cxf by apache.

the class JexlIssueSamlClaimsTest method createSAMLAssertion.

/*
     * Mock up an SAML assertion element
     */
private Element createSAMLAssertion(String tokenType, Crypto crypto, String signatureUsername, CallbackHandler callbackHandler, Map<String, RealmProperties> realms) throws WSSecurityException {
    SAMLTokenProvider samlTokenProvider = new SAMLTokenProvider();
    samlTokenProvider.setRealmMap(realms);
    List<AttributeStatementProvider> customProviderList = Collections.singletonList(new ClaimsAttributeStatementProvider());
    samlTokenProvider.setAttributeStatementProviders(customProviderList);
    TokenProviderParameters providerParameters = createProviderParameters(tokenType, STSConstants.BEARER_KEY_KEYTYPE, crypto, signatureUsername, callbackHandler);
    if (realms != null) {
        providerParameters.setRealm("A");
    }
    // Set the ClaimsManager
    ClaimsManager claimsManager = new ClaimsManager();
    ClaimsHandler claimsHandler = new CustomClaimsHandler();
    claimsManager.setClaimHandlers(Collections.singletonList(claimsHandler));
    providerParameters.setClaimsManager(claimsManager);
    ClaimCollection requestedClaims = new ClaimCollection();
    Claim requestClaim = new Claim();
    requestClaim.setClaimType(ClaimTypes.LASTNAME);
    requestClaim.setOptional(true);
    requestedClaims.add(requestClaim);
    requestClaim = new Claim();
    requestClaim.setClaimType(ROLE_CLAIM);
    requestClaim.addValue("admin");
    requestClaim.addValue("manager");
    requestClaim.addValue("user");
    requestClaim.setOptional(false);
    requestedClaims.add(requestClaim);
    requestClaim = new Claim();
    requestClaim.setClaimType(ClaimTypes.EMAILADDRESS);
    requestClaim.setOptional(false);
    requestedClaims.add(requestClaim);
    providerParameters.setRequestedSecondaryClaims(requestedClaims);
    TokenProviderResponse providerResponse = samlTokenProvider.createToken(providerParameters);
    assertNotNull(providerResponse);
    assertTrue(providerResponse.getToken() != null && providerResponse.getTokenId() != null);
    return (Element) providerResponse.getToken();
}
Also used : ClaimsAttributeStatementProvider(org.apache.cxf.sts.claims.ClaimsAttributeStatementProvider) ClaimsHandler(org.apache.cxf.sts.claims.ClaimsHandler) CustomClaimsHandler(org.apache.cxf.sts.common.CustomClaimsHandler) SAMLTokenProvider(org.apache.cxf.sts.token.provider.SAMLTokenProvider) JAXBElement(javax.xml.bind.JAXBElement) Element(org.w3c.dom.Element) ClaimsManager(org.apache.cxf.sts.claims.ClaimsManager) TokenProviderResponse(org.apache.cxf.sts.token.provider.TokenProviderResponse) ClaimsAttributeStatementProvider(org.apache.cxf.sts.claims.ClaimsAttributeStatementProvider) AttributeStatementProvider(org.apache.cxf.sts.token.provider.AttributeStatementProvider) CustomClaimsHandler(org.apache.cxf.sts.common.CustomClaimsHandler) ClaimCollection(org.apache.cxf.rt.security.claims.ClaimCollection) Claim(org.apache.cxf.rt.security.claims.Claim) TokenProviderParameters(org.apache.cxf.sts.token.provider.TokenProviderParameters)

Example 32 with ClaimCollection

use of org.apache.cxf.rt.security.claims.ClaimCollection in project cxf by apache.

the class IssueSamlClaimsUnitTest method createSAMLAssertion.

/*
     * Mock up an SAML assertion element
     */
private Element createSAMLAssertion(String tokenType, Crypto crypto, String signatureUsername, CallbackHandler callbackHandler, Map<String, RealmProperties> realms) throws WSSecurityException {
    SAMLTokenProvider samlTokenProvider = new SAMLTokenProvider();
    samlTokenProvider.setRealmMap(realms);
    samlTokenProvider.setAttributeStatementProviders(Collections.singletonList(new ClaimsAttributeStatementProvider()));
    TokenProviderParameters providerParameters = createProviderParameters(tokenType, STSConstants.BEARER_KEY_KEYTYPE, crypto, signatureUsername, callbackHandler);
    if (realms != null) {
        providerParameters.setRealm("A");
    }
    // Set the ClaimsManager
    ClaimsManager claimsManager = new ClaimsManager();
    ClaimsHandler claimsHandler = new CustomClaimsHandler();
    claimsManager.setClaimHandlers(Collections.singletonList(claimsHandler));
    providerParameters.setClaimsManager(claimsManager);
    ClaimCollection requestedClaims = new ClaimCollection();
    Claim requestClaim = new Claim();
    requestClaim.setClaimType(ClaimTypes.LASTNAME);
    requestClaim.setOptional(false);
    requestedClaims.add(requestClaim);
    providerParameters.setRequestedSecondaryClaims(requestedClaims);
    TokenProviderResponse providerResponse = samlTokenProvider.createToken(providerParameters);
    assertNotNull(providerResponse);
    assertTrue(providerResponse.getToken() != null && providerResponse.getTokenId() != null);
    return (Element) providerResponse.getToken();
}
Also used : ClaimsAttributeStatementProvider(org.apache.cxf.sts.claims.ClaimsAttributeStatementProvider) ClaimsHandler(org.apache.cxf.sts.claims.ClaimsHandler) CustomClaimsHandler(org.apache.cxf.sts.common.CustomClaimsHandler) SAMLTokenProvider(org.apache.cxf.sts.token.provider.SAMLTokenProvider) JAXBElement(javax.xml.bind.JAXBElement) Element(org.w3c.dom.Element) ClaimsManager(org.apache.cxf.sts.claims.ClaimsManager) TokenProviderResponse(org.apache.cxf.sts.token.provider.TokenProviderResponse) CustomClaimsHandler(org.apache.cxf.sts.common.CustomClaimsHandler) ClaimCollection(org.apache.cxf.rt.security.claims.ClaimCollection) Claim(org.apache.cxf.rt.security.claims.Claim) TokenProviderParameters(org.apache.cxf.sts.token.provider.TokenProviderParameters)

Example 33 with ClaimCollection

use of org.apache.cxf.rt.security.claims.ClaimCollection in project cxf by apache.

the class LDAPClaimsTest method testMultiUserBaseDNs.

@org.junit.Test
public void testMultiUserBaseDNs() throws Exception {
    LdapClaimsHandler claimsHandler = (LdapClaimsHandler) appContext.getBean("testClaimsHandlerMultipleUserBaseDNs");
    ClaimsManager claimsManager = new ClaimsManager();
    claimsManager.setClaimHandlers(Collections.singletonList(claimsHandler));
    String user = props.getProperty("claimUser");
    Assert.assertNotNull(user, "Property 'claimUser' not configured");
    String otherUser = props.getProperty("otherClaimUser");
    Assert.assertNotNull(otherUser, "Property 'otherClaimUser' not configured");
    ClaimCollection requestedClaims = createRequestClaimCollection();
    List<String> expectedClaims = new ArrayList<>();
    expectedClaims.add(ClaimTypes.FIRSTNAME.toString());
    expectedClaims.add(ClaimTypes.LASTNAME.toString());
    expectedClaims.add(ClaimTypes.EMAILADDRESS.toString());
    // First user
    ClaimsParameters params = new ClaimsParameters();
    params.setPrincipal(new CustomTokenPrincipal(user));
    ProcessedClaimCollection retrievedClaims = claimsManager.retrieveClaimValues(requestedClaims, params);
    Assert.assertTrue("Retrieved number of claims [" + retrievedClaims.size() + "] doesn't match with expected [" + expectedClaims.size() + "]", retrievedClaims.size() == expectedClaims.size());
    for (ProcessedClaim c : retrievedClaims) {
        if (expectedClaims.contains(c.getClaimType())) {
            expectedClaims.remove(c.getClaimType());
        } else {
            Assert.assertTrue("Claim '" + c.getClaimType() + "' not requested", false);
        }
    }
    // Second user
    params.setPrincipal(new CustomTokenPrincipal(otherUser));
    retrievedClaims = claimsManager.retrieveClaimValues(requestedClaims, params);
    expectedClaims.add(ClaimTypes.FIRSTNAME.toString());
    expectedClaims.add(ClaimTypes.LASTNAME.toString());
    expectedClaims.add(ClaimTypes.EMAILADDRESS.toString());
    Assert.assertTrue("Retrieved number of claims [" + retrievedClaims.size() + "] doesn't match with expected [" + expectedClaims.size() + "]", retrievedClaims.size() == expectedClaims.size());
    for (ProcessedClaim c : retrievedClaims) {
        if (expectedClaims.contains(c.getClaimType())) {
            expectedClaims.remove(c.getClaimType());
        } else {
            Assert.assertTrue("Claim '" + c.getClaimType() + "' not requested", false);
        }
    }
}
Also used : CustomTokenPrincipal(org.apache.wss4j.common.principal.CustomTokenPrincipal) ProcessedClaimCollection(org.apache.cxf.sts.claims.ProcessedClaimCollection) ProcessedClaim(org.apache.cxf.sts.claims.ProcessedClaim) ArrayList(java.util.ArrayList) LdapClaimsHandler(org.apache.cxf.sts.claims.LdapClaimsHandler) ClaimsManager(org.apache.cxf.sts.claims.ClaimsManager) ClaimCollection(org.apache.cxf.rt.security.claims.ClaimCollection) ProcessedClaimCollection(org.apache.cxf.sts.claims.ProcessedClaimCollection) ClaimsParameters(org.apache.cxf.sts.claims.ClaimsParameters)

Example 34 with ClaimCollection

use of org.apache.cxf.rt.security.claims.ClaimCollection in project cxf by apache.

the class LDAPClaimsTest method testRetrieveClaimsUsingLDAPLookup.

@org.junit.Test
public void testRetrieveClaimsUsingLDAPLookup() throws Exception {
    LdapClaimsHandler claimsHandler = (LdapClaimsHandler) appContext.getBean("testClaimsHandler");
    ClaimsManager claimsManager = new ClaimsManager();
    claimsManager.setClaimHandlers(Collections.singletonList(claimsHandler));
    ClaimCollection requestedClaims = createRequestClaimCollection();
    List<String> expectedClaims = new ArrayList<>();
    expectedClaims.add(ClaimTypes.FIRSTNAME.toString());
    expectedClaims.add(ClaimTypes.LASTNAME.toString());
    expectedClaims.add(ClaimTypes.EMAILADDRESS.toString());
    ClaimsParameters params = new ClaimsParameters();
    params.setPrincipal(new CustomTokenPrincipal("cn=alice,ou=users,dc=example,dc=com"));
    ProcessedClaimCollection retrievedClaims = claimsManager.retrieveClaimValues(requestedClaims, params);
    Assert.assertTrue("Retrieved number of claims [" + retrievedClaims.size() + "] doesn't match with expected [" + expectedClaims.size() + "]", retrievedClaims.size() == expectedClaims.size());
    for (ProcessedClaim c : retrievedClaims) {
        if (expectedClaims.contains(c.getClaimType())) {
            expectedClaims.remove(c.getClaimType());
        } else {
            Assert.assertTrue("Claim '" + c.getClaimType() + "' not requested", false);
        }
    }
}
Also used : CustomTokenPrincipal(org.apache.wss4j.common.principal.CustomTokenPrincipal) ProcessedClaimCollection(org.apache.cxf.sts.claims.ProcessedClaimCollection) ProcessedClaim(org.apache.cxf.sts.claims.ProcessedClaim) ArrayList(java.util.ArrayList) LdapClaimsHandler(org.apache.cxf.sts.claims.LdapClaimsHandler) ClaimsManager(org.apache.cxf.sts.claims.ClaimsManager) ClaimCollection(org.apache.cxf.rt.security.claims.ClaimCollection) ProcessedClaimCollection(org.apache.cxf.sts.claims.ProcessedClaimCollection) ClaimsParameters(org.apache.cxf.sts.claims.ClaimsParameters)

Example 35 with ClaimCollection

use of org.apache.cxf.rt.security.claims.ClaimCollection in project cxf by apache.

the class LDAPClaimsTest method testRetrieveRolesForAliceUsingLDAPLookup.

@org.junit.Test
public void testRetrieveRolesForAliceUsingLDAPLookup() throws Exception {
    LdapGroupClaimsHandler claimsHandler = (LdapGroupClaimsHandler) appContext.getBean("testGroupClaimsHandler");
    ClaimsManager claimsManager = new ClaimsManager();
    claimsManager.setClaimHandlers(Collections.singletonList(claimsHandler));
    ClaimCollection requestedClaims = new ClaimCollection();
    Claim claim = new Claim();
    String roleURI = "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/role";
    claim.setClaimType(roleURI);
    requestedClaims.add(claim);
    ClaimsParameters params = new ClaimsParameters();
    params.setPrincipal(new CustomTokenPrincipal("cn=alice,ou=users,dc=example,dc=com"));
    ProcessedClaimCollection retrievedClaims = claimsManager.retrieveClaimValues(requestedClaims, params);
    Assert.assertTrue(retrievedClaims.size() == 1);
    Assert.assertEquals(retrievedClaims.get(0).getClaimType(), roleURI);
    Assert.assertTrue(retrievedClaims.get(0).getValues().size() == 2);
}
Also used : LdapGroupClaimsHandler(org.apache.cxf.sts.claims.LdapGroupClaimsHandler) CustomTokenPrincipal(org.apache.wss4j.common.principal.CustomTokenPrincipal) ProcessedClaimCollection(org.apache.cxf.sts.claims.ProcessedClaimCollection) ClaimsManager(org.apache.cxf.sts.claims.ClaimsManager) ClaimCollection(org.apache.cxf.rt.security.claims.ClaimCollection) ProcessedClaimCollection(org.apache.cxf.sts.claims.ProcessedClaimCollection) ProcessedClaim(org.apache.cxf.sts.claims.ProcessedClaim) Claim(org.apache.cxf.rt.security.claims.Claim) ClaimsParameters(org.apache.cxf.sts.claims.ClaimsParameters)

Aggregations

ClaimCollection (org.apache.cxf.rt.security.claims.ClaimCollection)100 Claim (org.apache.cxf.rt.security.claims.Claim)63 ClaimsManager (org.apache.cxf.sts.claims.ClaimsManager)46 ClaimsParameters (org.apache.cxf.sts.claims.ClaimsParameters)43 ProcessedClaimCollection (org.apache.cxf.sts.claims.ProcessedClaimCollection)42 ProcessedClaim (org.apache.cxf.sts.claims.ProcessedClaim)31 CustomTokenPrincipal (org.apache.wss4j.common.principal.CustomTokenPrincipal)26 ClaimsHandler (org.apache.cxf.sts.claims.ClaimsHandler)23 Principal (java.security.Principal)22 CustomClaimsHandler (org.apache.cxf.sts.common.CustomClaimsHandler)22 URI (java.net.URI)21 Element (org.w3c.dom.Element)21 StaticClaimsHandler (org.apache.cxf.sts.claims.StaticClaimsHandler)15 SamlAssertionWrapper (org.apache.wss4j.common.saml.SamlAssertionWrapper)13 ArrayList (java.util.ArrayList)12 LdapClaimsHandler (org.apache.cxf.sts.claims.LdapClaimsHandler)12 JAXBElement (javax.xml.bind.JAXBElement)10 Test (org.junit.Test)10 SAMLSecurityContext (org.apache.cxf.rt.security.saml.claims.SAMLSecurityContext)9 StaticEndpointClaimsHandler (org.apache.cxf.sts.claims.StaticEndpointClaimsHandler)9
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial