Search in sources :

Example 21 with W3CDOMStreamWriter

use of org.apache.cxf.staxutils.W3CDOMStreamWriter in project cxf by apache.

the class CustomParameterTest method testCustomParameterToRESTInterface.

@org.junit.Test
public void testCustomParameterToRESTInterface() throws Exception {
    String address = "https://localhost:" + STSPORT + "/SecurityTokenServiceREST/token";
    WebClient client = WebClient.create(address, getClass().getResource("cxf-client.xml").toString());
    client.type("application/xml").accept("application/xml");
    // Create RequestSecurityToken
    W3CDOMStreamWriter writer = new W3CDOMStreamWriter();
    String namespace = STSUtils.WST_NS_05_12;
    writer.writeStartElement("wst", "RequestSecurityToken", namespace);
    writer.writeNamespace("wst", namespace);
    writer.writeStartElement("wst", "RequestType", namespace);
    writer.writeCharacters(namespace + "/Issue");
    writer.writeEndElement();
    writer.writeStartElement("wst", "TokenType", namespace);
    writer.writeCharacters(SAML2_TOKEN_TYPE);
    writer.writeEndElement();
    writer.writeStartElement("wst", "Claims", namespace);
    writer.writeAttribute("Dialect", "http://schemas.xmlsoap.org/ws/2005/05/identity");
    writer.writeStartElement("ic", "ClaimType", "http://schemas.xmlsoap.org/ws/2005/05/identity");
    writer.writeAttribute("Uri", "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/role");
    writer.writeEndElement();
    writer.writeEndElement();
    // Add custom content to the RST
    writer.writeStartElement("", "realm", "http://cxf.apache.org/custom");
    writer.writeCharacters("custom-realm");
    writer.writeEndElement();
    writer.writeEndElement();
    Response response = client.post(new DOMSource(writer.getDocument().getDocumentElement()));
    RequestSecurityTokenResponseType securityResponse = response.readEntity(RequestSecurityTokenResponseType.class);
    Element assertion = validateSAMLSecurityTokenResponse(securityResponse, true);
    assertTrue(DOM2Writer.nodeToString(assertion).contains("admin-user"));
}
Also used : Response(javax.ws.rs.core.Response) W3CDOMStreamWriter(org.apache.cxf.staxutils.W3CDOMStreamWriter) DOMSource(javax.xml.transform.dom.DOMSource) JAXBElement(javax.xml.bind.JAXBElement) Element(org.w3c.dom.Element) RequestSecurityTokenResponseType(org.apache.cxf.ws.security.sts.provider.model.RequestSecurityTokenResponseType) WebClient(org.apache.cxf.jaxrs.client.WebClient)

Example 22 with W3CDOMStreamWriter

use of org.apache.cxf.staxutils.W3CDOMStreamWriter in project cxf by apache.

the class AbstractXmlSecOutInterceptor method getDomDocument.

@SuppressWarnings("unchecked")
private Document getDomDocument(Message m) throws Exception {
    Object body = getRequestBody(m);
    if (body == null) {
        return null;
    }
    if (body instanceof Document) {
        return (Document) body;
    }
    if (body instanceof DOMSource) {
        return (Document) ((DOMSource) body).getNode();
    }
    ProviderFactory pf = ProviderFactory.getInstance(m);
    Object providerObject = pf.createMessageBodyWriter(body.getClass(), body.getClass(), new Annotation[] {}, MediaType.APPLICATION_XML_TYPE, m);
    if (!(providerObject instanceof JAXBElementProvider)) {
        return null;
    }
    JAXBElementProvider<Object> provider = (JAXBElementProvider<Object>) providerObject;
    W3CDOMStreamWriter writer = new W3CDOMStreamWriter();
    m.setContent(XMLStreamWriter.class, writer);
    provider.writeTo(body, body.getClass(), new Annotation[] {}, MediaType.APPLICATION_XML_TYPE, (MultivaluedMap<String, Object>) m.get(Message.PROTOCOL_HEADERS), null);
    return writer.getDocument();
}
Also used : JAXBElementProvider(org.apache.cxf.jaxrs.provider.JAXBElementProvider) W3CDOMStreamWriter(org.apache.cxf.staxutils.W3CDOMStreamWriter) DOMSource(javax.xml.transform.dom.DOMSource) ProviderFactory(org.apache.cxf.jaxrs.provider.ProviderFactory) Document(org.w3c.dom.Document)

Example 23 with W3CDOMStreamWriter

use of org.apache.cxf.staxutils.W3CDOMStreamWriter in project cxf by apache.

the class SecurityTokenTest method testParseLifetimeElement.

@org.junit.Test
public void testParseLifetimeElement() throws Exception {
    String key = "key";
    Element tokenElement = DOMUtils.createDocument().createElement("token");
    // Create Lifetime
    W3CDOMStreamWriter writer = new W3CDOMStreamWriter();
    Instant created = Instant.now().truncatedTo(ChronoUnit.MILLIS);
    Instant expires = created.plusSeconds(20L);
    writer.writeStartElement("wst", "Lifetime", WST_NS_05_12);
    writer.writeStartElement("wsu", "Created", WSU_NS);
    writer.writeCharacters(created.atZone(ZoneOffset.UTC).format(DateUtil.getDateTimeFormatter(true)));
    writer.writeEndElement();
    writer.writeStartElement("wsu", "Expires", WSU_NS);
    writer.writeCharacters(expires.atZone(ZoneOffset.UTC).format(DateUtil.getDateTimeFormatter(true)));
    writer.writeEndElement();
    writer.writeEndElement();
    SecurityToken token = new SecurityToken(key, tokenElement, writer.getDocument().getDocumentElement());
    assertEquals(key, token.getId());
    assertEquals(created, token.getCreated());
    assertEquals(expires, token.getExpires());
}
Also used : W3CDOMStreamWriter(org.apache.cxf.staxutils.W3CDOMStreamWriter) Element(org.w3c.dom.Element) Instant(java.time.Instant)

Example 24 with W3CDOMStreamWriter

use of org.apache.cxf.staxutils.W3CDOMStreamWriter in project cxf by apache.

the class SecurityTokenTest method testLifetimeNoCreated.

@org.junit.Test
public void testLifetimeNoCreated() throws Exception {
    String key = "key";
    Element tokenElement = DOMUtils.createDocument().createElement("token");
    // Create Lifetime
    W3CDOMStreamWriter writer = new W3CDOMStreamWriter();
    Instant created = Instant.now().truncatedTo(ChronoUnit.MILLIS);
    Instant expires = created.plusSeconds(20L);
    writer.writeStartElement("wst", "Lifetime", WST_NS_05_12);
    writer.writeStartElement("wsu", "Expires", WSU_NS);
    writer.writeCharacters(expires.atZone(ZoneOffset.UTC).format(DateUtil.getDateTimeFormatter(true)));
    writer.writeEndElement();
    writer.writeEndElement();
    SecurityToken token = new SecurityToken(key, tokenElement, writer.getDocument().getDocumentElement());
    assertEquals(key, token.getId());
    // It should default to the current time
    assertNotNull(token.getCreated());
    assertEquals(expires, token.getExpires());
}
Also used : W3CDOMStreamWriter(org.apache.cxf.staxutils.W3CDOMStreamWriter) Element(org.w3c.dom.Element) Instant(java.time.Instant)

Example 25 with W3CDOMStreamWriter

use of org.apache.cxf.staxutils.W3CDOMStreamWriter in project cxf by apache.

the class SecurityTokenTest method testLifetimeNoExpires.

@org.junit.Test
public void testLifetimeNoExpires() throws Exception {
    String key = "key";
    Element tokenElement = DOMUtils.createDocument().createElement("token");
    // Create Lifetime
    W3CDOMStreamWriter writer = new W3CDOMStreamWriter();
    Instant created = Instant.now().truncatedTo(ChronoUnit.MILLIS);
    writer.writeStartElement("wst", "Lifetime", WST_NS_05_12);
    writer.writeStartElement("wsu", "Created", WSU_NS);
    writer.writeCharacters(created.atZone(ZoneOffset.UTC).format(DateUtil.getDateTimeFormatter(true)));
    writer.writeEndElement();
    writer.writeEndElement();
    SecurityToken token = new SecurityToken(key, tokenElement, writer.getDocument().getDocumentElement());
    assertEquals(key, token.getId());
    assertEquals(created, token.getCreated());
    assertNull(token.getExpires());
}
Also used : W3CDOMStreamWriter(org.apache.cxf.staxutils.W3CDOMStreamWriter) Element(org.w3c.dom.Element) Instant(java.time.Instant)

Aggregations

W3CDOMStreamWriter (org.apache.cxf.staxutils.W3CDOMStreamWriter)60 Element (org.w3c.dom.Element)29 DOMSource (javax.xml.transform.dom.DOMSource)24 XMLStreamException (javax.xml.stream.XMLStreamException)15 Document (org.w3c.dom.Document)14 WebClient (org.apache.cxf.jaxrs.client.WebClient)9 Node (org.w3c.dom.Node)9 XMLStreamWriter (javax.xml.stream.XMLStreamWriter)8 Fault (org.apache.cxf.interceptor.Fault)8 XMLStreamReader (javax.xml.stream.XMLStreamReader)7 BindingOperationInfo (org.apache.cxf.service.model.BindingOperationInfo)7 RequestSecurityTokenResponseType (org.apache.cxf.ws.security.sts.provider.model.RequestSecurityTokenResponseType)7 SecurityToken (org.apache.cxf.ws.security.tokenstore.SecurityToken)7 JAXBElement (javax.xml.bind.JAXBElement)6 JAXBException (javax.xml.bind.JAXBException)5 SOAPMessage (javax.xml.soap.SOAPMessage)5 SoapFault (org.apache.cxf.binding.soap.SoapFault)5 SoapMessage (org.apache.cxf.binding.soap.SoapMessage)5 InputStream (java.io.InputStream)4 HashMap (java.util.HashMap)4