use of org.apache.cxf.staxutils.W3CDOMStreamWriter in project cas by apereo.
the class WSFederationMetadataWriter method produceMetadataDocument.
/**
* Produce metadata document.
*
* @param config the config
* @return the document
*/
public Document produceMetadataDocument(final CasConfigurationProperties config) {
try {
final WsFederationProperties.SecurityTokenService sts = config.getAuthn().getWsfedIdP().getSts();
final Properties prop = CryptoUtils.getSecurityProperties(sts.getRealm().getKeystoreFile(), sts.getRealm().getKeystorePassword(), sts.getRealm().getKeystoreAlias());
final Crypto crypto = CryptoFactory.getInstance(prop);
final W3CDOMStreamWriter writer = new W3CDOMStreamWriter();
writer.writeStartDocument(StandardCharsets.UTF_8.name(), "1.0");
final String referenceID = IDGenerator.generateID("_");
writer.writeStartElement("md", "EntityDescriptor", SAML2_METADATA_NS);
writer.writeAttribute("ID", referenceID);
final String idpEntityId = config.getServer().getPrefix().concat(WSFederationConstants.ENDPOINT_FEDERATION_REQUEST);
writer.writeAttribute("entityID", idpEntityId);
writer.writeNamespace("md", SAML2_METADATA_NS);
writer.writeNamespace("fed", WS_FEDERATION_NS);
writer.writeNamespace("wsa", WS_ADDRESSING_NS);
writer.writeNamespace("auth", WS_FEDERATION_NS);
writer.writeNamespace("xsi", SCHEMA_INSTANCE_NS);
final String stsUrl = config.getServer().getPrefix().concat(WSFederationConstants.ENDPOINT_STS).concat(config.getAuthn().getWsfedIdP().getIdp().getRealmName());
writeFederationMetadata(writer, idpEntityId, stsUrl, crypto);
writer.writeEndElement();
writer.writeEndDocument();
writer.close();
final String out = DOM2Writer.nodeToString(writer.getDocument());
LOGGER.debug("Produced unsigned metadata");
LOGGER.debug(out);
final Document result = SignatureUtils.signMetaInfo(crypto, null, config.getAuthn().getWsfedIdP().getSts().getRealm().getKeyPassword(), writer.getDocument(), referenceID);
if (result != null) {
return result;
}
throw new RuntimeException("Failed to sign the metadata document");
} catch (final Exception e) {
throw new RuntimeException("Error creating service metadata information: " + e.getMessage(), e);
}
}
use of org.apache.cxf.staxutils.W3CDOMStreamWriter in project ddf by codice.
the class StsIssueTest method testBearerWebSsoTokenSaml2.
/**
* Test the Web SSO Token
*/
public void testBearerWebSsoTokenSaml2(StsPortTypes portType) throws Exception {
SpringBusFactory bf = new SpringBusFactory();
URL busFile = StsIssueTest.class.getResource("/cxf-client.xml");
Bus bus = bf.createBus(busFile.toString());
SpringBusFactory.setDefaultBus(bus);
SpringBusFactory.setThreadDefaultBus(bus);
DocumentBuilderFactory factory = DocumentBuilderFactory.newInstance();
DocumentBuilder builder = factory.newDocumentBuilder();
Document doc = builder.newDocument();
// Create a Username Token
UsernameToken oboToken = new UsernameToken(false, doc, WSConstants.PASSWORD_TEXT);
// Workout the details of how to fill out the username token
// ID - the Key that tells the validator its an SSO token
// Name - the SSO ticket
oboToken.setID(CAS_ID);
oboToken.setName("ST-098ASDF13245WERT");
// Build the Claims object
W3CDOMStreamWriter writer = new W3CDOMStreamWriter();
writer.writeStartElement(WST, CLAIMS, STSUtils.WST_NS_05_12);
writer.writeNamespace(WST, STSUtils.WST_NS_05_12);
writer.writeNamespace(IC, IDENTITY_URI);
writer.writeAttribute(DIALECT, IDENTITY_URI);
// Add the Role claim
writer.writeStartElement(IC, CLAIM_TYPE, IDENTITY_URI);
// writer.writeAttribute("Uri",
// "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/role");
writer.writeAttribute(URI, "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/uid");
writer.writeEndElement();
Element claims = writer.getDocument().getDocumentElement();
// Get a token
SecurityToken token = requestSecurityToken(SAML2_TOKEN_TYPE, BEARER_KEYTYPE, oboToken.getElement(), bus, StsAddresses.valueOf(portType.toString()).toString(), WsdlLocations.valueOf(portType.toString()).toString(), EndPoints.valueOf(portType.toString()).toString(), claims);
if (token != null) {
validateSecurityToken(token);
}
bus.shutdown(true);
}
use of org.apache.cxf.staxutils.W3CDOMStreamWriter in project ddf by codice.
the class StsIssueTest method testBearerUsernameTokenSaml2.
/**
* Test the Username Token
*/
public void testBearerUsernameTokenSaml2(StsPortTypes portType) throws Exception {
SpringBusFactory bf = new SpringBusFactory();
URL busFile = StsIssueTest.class.getResource("/cxf-client.xml");
Bus bus = bf.createBus(busFile.toString());
SpringBusFactory.setDefaultBus(bus);
SpringBusFactory.setThreadDefaultBus(bus);
DocumentBuilderFactory factory = DocumentBuilderFactory.newInstance();
DocumentBuilder builder = factory.newDocumentBuilder();
Document doc = builder.newDocument();
// Create a Username Token
UsernameToken oboToken = new UsernameToken(false, doc, WSConstants.PASSWORD_TEXT);
oboToken.setName("pangerer");
oboToken.setPassword("password");
// Build the Claims object
W3CDOMStreamWriter writer = new W3CDOMStreamWriter();
writer.writeStartElement(WST, CLAIMS, STSUtils.WST_NS_05_12);
writer.writeNamespace(WST, STSUtils.WST_NS_05_12);
writer.writeNamespace(IC, IDENTITY_URI);
writer.writeAttribute(DIALECT, IDENTITY_URI);
// Add the Role claim
writer.writeStartElement(IC, CLAIM_TYPE, IDENTITY_URI);
// writer.writeAttribute("Uri",
// "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/role");
writer.writeAttribute(URI, "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/uid");
writer.writeEndElement();
Element claims = writer.getDocument().getDocumentElement();
// Get a token
SecurityToken token = requestSecurityToken(SAML2_TOKEN_TYPE, BEARER_KEYTYPE, oboToken.getElement(), bus, StsAddresses.valueOf(portType.toString()).toString(), WsdlLocations.valueOf(portType.toString()).toString(), EndPoints.valueOf(portType.toString()).toString(), claims);
if (token != null) {
validateSecurityToken(token);
}
bus.shutdown(true);
}
Aggregations