Search in sources :

Example 6 with W3CDOMStreamWriter

use of org.apache.cxf.staxutils.W3CDOMStreamWriter in project cas by apereo.

the class WSFederationMetadataWriter method produceMetadataDocument.

/**
     * Produce metadata document.
     *
     * @param config the config
     * @return the document
     */
public Document produceMetadataDocument(final CasConfigurationProperties config) {
    try {
        final WsFederationProperties.SecurityTokenService sts = config.getAuthn().getWsfedIdP().getSts();
        final Properties prop = CryptoUtils.getSecurityProperties(sts.getRealm().getKeystoreFile(), sts.getRealm().getKeystorePassword(), sts.getRealm().getKeystoreAlias());
        final Crypto crypto = CryptoFactory.getInstance(prop);
        final W3CDOMStreamWriter writer = new W3CDOMStreamWriter();
        writer.writeStartDocument(StandardCharsets.UTF_8.name(), "1.0");
        final String referenceID = IDGenerator.generateID("_");
        writer.writeStartElement("md", "EntityDescriptor", SAML2_METADATA_NS);
        writer.writeAttribute("ID", referenceID);
        final String idpEntityId = config.getServer().getPrefix().concat(WSFederationConstants.ENDPOINT_FEDERATION_REQUEST);
        writer.writeAttribute("entityID", idpEntityId);
        writer.writeNamespace("md", SAML2_METADATA_NS);
        writer.writeNamespace("fed", WS_FEDERATION_NS);
        writer.writeNamespace("wsa", WS_ADDRESSING_NS);
        writer.writeNamespace("auth", WS_FEDERATION_NS);
        writer.writeNamespace("xsi", SCHEMA_INSTANCE_NS);
        final String stsUrl = config.getServer().getPrefix().concat(WSFederationConstants.ENDPOINT_STS).concat(config.getAuthn().getWsfedIdP().getIdp().getRealmName());
        writeFederationMetadata(writer, idpEntityId, stsUrl, crypto);
        writer.writeEndElement();
        writer.writeEndDocument();
        writer.close();
        final String out = DOM2Writer.nodeToString(writer.getDocument());
        LOGGER.debug("Produced unsigned metadata");
        LOGGER.debug(out);
        final Document result = SignatureUtils.signMetaInfo(crypto, null, config.getAuthn().getWsfedIdP().getSts().getRealm().getKeyPassword(), writer.getDocument(), referenceID);
        if (result != null) {
            return result;
        }
        throw new RuntimeException("Failed to sign the metadata document");
    } catch (final Exception e) {
        throw new RuntimeException("Error creating service metadata information: " + e.getMessage(), e);
    }
}
Also used : WsFederationProperties(org.apereo.cas.configuration.model.support.wsfed.WsFederationProperties) W3CDOMStreamWriter(org.apache.cxf.staxutils.W3CDOMStreamWriter) Crypto(org.apache.wss4j.common.crypto.Crypto) CasConfigurationProperties(org.apereo.cas.configuration.CasConfigurationProperties) Properties(java.util.Properties) WsFederationProperties(org.apereo.cas.configuration.model.support.wsfed.WsFederationProperties) Document(org.w3c.dom.Document)

Example 7 with W3CDOMStreamWriter

use of org.apache.cxf.staxutils.W3CDOMStreamWriter in project ddf by codice.

the class StsIssueTest method testBearerWebSsoTokenSaml2.

/**
     * Test the Web SSO Token
     */
public void testBearerWebSsoTokenSaml2(StsPortTypes portType) throws Exception {
    SpringBusFactory bf = new SpringBusFactory();
    URL busFile = StsIssueTest.class.getResource("/cxf-client.xml");
    Bus bus = bf.createBus(busFile.toString());
    SpringBusFactory.setDefaultBus(bus);
    SpringBusFactory.setThreadDefaultBus(bus);
    DocumentBuilderFactory factory = DocumentBuilderFactory.newInstance();
    DocumentBuilder builder = factory.newDocumentBuilder();
    Document doc = builder.newDocument();
    // Create a Username Token
    UsernameToken oboToken = new UsernameToken(false, doc, WSConstants.PASSWORD_TEXT);
    // Workout the details of how to fill out the username token
    // ID - the Key that tells the validator its an SSO token
    // Name - the SSO ticket
    oboToken.setID(CAS_ID);
    oboToken.setName("ST-098ASDF13245WERT");
    // Build the Claims object
    W3CDOMStreamWriter writer = new W3CDOMStreamWriter();
    writer.writeStartElement(WST, CLAIMS, STSUtils.WST_NS_05_12);
    writer.writeNamespace(WST, STSUtils.WST_NS_05_12);
    writer.writeNamespace(IC, IDENTITY_URI);
    writer.writeAttribute(DIALECT, IDENTITY_URI);
    // Add the Role claim
    writer.writeStartElement(IC, CLAIM_TYPE, IDENTITY_URI);
    // writer.writeAttribute("Uri",
    // "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/role");
    writer.writeAttribute(URI, "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/uid");
    writer.writeEndElement();
    Element claims = writer.getDocument().getDocumentElement();
    // Get a token
    SecurityToken token = requestSecurityToken(SAML2_TOKEN_TYPE, BEARER_KEYTYPE, oboToken.getElement(), bus, StsAddresses.valueOf(portType.toString()).toString(), WsdlLocations.valueOf(portType.toString()).toString(), EndPoints.valueOf(portType.toString()).toString(), claims);
    if (token != null) {
        validateSecurityToken(token);
    }
    bus.shutdown(true);
}
Also used : SecurityToken(org.apache.cxf.ws.security.tokenstore.SecurityToken) Bus(org.apache.cxf.Bus) W3CDOMStreamWriter(org.apache.cxf.staxutils.W3CDOMStreamWriter) SpringBusFactory(org.apache.cxf.bus.spring.SpringBusFactory) DocumentBuilderFactory(javax.xml.parsers.DocumentBuilderFactory) DocumentBuilder(javax.xml.parsers.DocumentBuilder) Element(org.w3c.dom.Element) UsernameToken(org.apache.wss4j.dom.message.token.UsernameToken) Document(org.w3c.dom.Document) URL(java.net.URL)

Example 8 with W3CDOMStreamWriter

use of org.apache.cxf.staxutils.W3CDOMStreamWriter in project ddf by codice.

the class StsIssueTest method testBearerUsernameTokenSaml2.

/**
     * Test the Username Token
     */
public void testBearerUsernameTokenSaml2(StsPortTypes portType) throws Exception {
    SpringBusFactory bf = new SpringBusFactory();
    URL busFile = StsIssueTest.class.getResource("/cxf-client.xml");
    Bus bus = bf.createBus(busFile.toString());
    SpringBusFactory.setDefaultBus(bus);
    SpringBusFactory.setThreadDefaultBus(bus);
    DocumentBuilderFactory factory = DocumentBuilderFactory.newInstance();
    DocumentBuilder builder = factory.newDocumentBuilder();
    Document doc = builder.newDocument();
    // Create a Username Token
    UsernameToken oboToken = new UsernameToken(false, doc, WSConstants.PASSWORD_TEXT);
    oboToken.setName("pangerer");
    oboToken.setPassword("password");
    // Build the Claims object
    W3CDOMStreamWriter writer = new W3CDOMStreamWriter();
    writer.writeStartElement(WST, CLAIMS, STSUtils.WST_NS_05_12);
    writer.writeNamespace(WST, STSUtils.WST_NS_05_12);
    writer.writeNamespace(IC, IDENTITY_URI);
    writer.writeAttribute(DIALECT, IDENTITY_URI);
    // Add the Role claim
    writer.writeStartElement(IC, CLAIM_TYPE, IDENTITY_URI);
    // writer.writeAttribute("Uri",
    // "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/role");
    writer.writeAttribute(URI, "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/uid");
    writer.writeEndElement();
    Element claims = writer.getDocument().getDocumentElement();
    // Get a token
    SecurityToken token = requestSecurityToken(SAML2_TOKEN_TYPE, BEARER_KEYTYPE, oboToken.getElement(), bus, StsAddresses.valueOf(portType.toString()).toString(), WsdlLocations.valueOf(portType.toString()).toString(), EndPoints.valueOf(portType.toString()).toString(), claims);
    if (token != null) {
        validateSecurityToken(token);
    }
    bus.shutdown(true);
}
Also used : SecurityToken(org.apache.cxf.ws.security.tokenstore.SecurityToken) Bus(org.apache.cxf.Bus) W3CDOMStreamWriter(org.apache.cxf.staxutils.W3CDOMStreamWriter) SpringBusFactory(org.apache.cxf.bus.spring.SpringBusFactory) DocumentBuilderFactory(javax.xml.parsers.DocumentBuilderFactory) DocumentBuilder(javax.xml.parsers.DocumentBuilder) Element(org.w3c.dom.Element) UsernameToken(org.apache.wss4j.dom.message.token.UsernameToken) Document(org.w3c.dom.Document) URL(java.net.URL)

Aggregations

W3CDOMStreamWriter (org.apache.cxf.staxutils.W3CDOMStreamWriter)8 Element (org.w3c.dom.Element)5 Document (org.w3c.dom.Document)4 URL (java.net.URL)3 DocumentBuilder (javax.xml.parsers.DocumentBuilder)3 DocumentBuilderFactory (javax.xml.parsers.DocumentBuilderFactory)3 Bus (org.apache.cxf.Bus)3 SpringBusFactory (org.apache.cxf.bus.spring.SpringBusFactory)3 SecurityToken (org.apache.cxf.ws.security.tokenstore.SecurityToken)3 Crypto (org.apache.wss4j.common.crypto.Crypto)2 UsernameToken (org.apache.wss4j.dom.message.token.UsernameToken)2 X509Certificate (java.security.cert.X509Certificate)1 ArrayList (java.util.ArrayList)1 Collection (java.util.Collection)1 HashMap (java.util.HashMap)1 LinkedHashSet (java.util.LinkedHashSet)1 Properties (java.util.Properties)1 XMLStreamException (javax.xml.stream.XMLStreamException)1 TransformerException (javax.xml.transform.TransformerException)1 XmlConverter (org.apache.camel.converter.jaxp.XmlConverter)1