Examples with W3CDOMStreamWriter org.apache.cxf.staxutils.W3CDOMStreamWriter used on opensource projects

Search in sources :

Example 31 with W3CDOMStreamWriter

use of org.apache.cxf.staxutils.W3CDOMStreamWriter in project cxf by apache.

the class STSRESTTest method testExplicitlyIssueSAML2TokenViaPOST.

@org.junit.Test
public void testExplicitlyIssueSAML2TokenViaPOST() throws Exception {
    WebClient client = webClient().query("action", "issue").type(MediaType.APPLICATION_XML).accept(MediaType.APPLICATION_XML);
    // Create RequestSecurityToken
    W3CDOMStreamWriter writer = new W3CDOMStreamWriter();
    writer.writeStartElement("wst", "RequestSecurityToken", WST_NS_05_12);
    writer.writeStartElement("wst", "RequestType", WST_NS_05_12);
    writer.writeCharacters(WST_NS_05_12 + "/Issue");
    writer.writeEndElement();
    writer.writeStartElement("wst", "TokenType", WST_NS_05_12);
    writer.writeCharacters(SAML2_TOKEN_TYPE);
    writer.writeEndElement();
    writer.writeEndElement();
    RequestSecurityTokenResponseType securityResponse = client.post(new DOMSource(writer.getDocument().getDocumentElement()), RequestSecurityTokenResponseType.class);
    validateSAMLSecurityTokenResponse(securityResponse, true);
}
Also used : W3CDOMStreamWriter(org.apache.cxf.staxutils.W3CDOMStreamWriter) DOMSource(javax.xml.transform.dom.DOMSource) RequestSecurityTokenResponseType(org.apache.cxf.ws.security.sts.provider.model.RequestSecurityTokenResponseType) WebClient(org.apache.cxf.jaxrs.client.WebClient)

Example 32 with W3CDOMStreamWriter

use of org.apache.cxf.staxutils.W3CDOMStreamWriter in project cxf by apache.

the class SimpleBatchSTSClient method requestBatchSecurityTokens.

public List<SecurityToken> requestBatchSecurityTokens(List<BatchRequest> batchRequestList, String action, String requestType) throws Exception {
    createClient();
    BindingOperationInfo boi = findOperation("/BatchIssue");
    client.getRequestContext().putAll(ctx);
    client.getRequestContext().put(SoapBindingConstants.SOAP_ACTION, action);
    W3CDOMStreamWriter writer = new W3CDOMStreamWriter();
    writer.writeStartElement("wst", "RequestSecurityTokenCollection", namespace);
    writer.writeNamespace("wst", namespace);
    for (BatchRequest batchRequest : batchRequestList) {
        writer.writeStartElement("wst", "RequestSecurityToken", namespace);
        writer.writeNamespace("wst", namespace);
        addRequestType(requestType, writer);
        if (enableAppliesTo) {
            addAppliesTo(writer, batchRequest.getAppliesTo());
        }
        writeKeyType(writer, batchRequest.getKeyType());
        addLifetime(writer);
        addTokenType(writer, batchRequest.getTokenType());
        writer.writeEndElement();
    }
    writer.writeEndElement();
    Object[] obj = client.invoke(boi, new DOMSource(writer.getDocument().getDocumentElement()));
    Element responseCollection = getDocumentElement((DOMSource) obj[0]);
    Node child = responseCollection.getFirstChild();
    List<SecurityToken> tokens = new ArrayList<>();
    while (child != null) {
        if (child instanceof Element && "RequestSecurityTokenResponse".equals(((Element) child).getLocalName())) {
            SecurityToken token = createSecurityToken((Element) child, null);
            tokens.add(token);
        }
        child = child.getNextSibling();
    }
    return tokens;
}
Also used : SecurityToken(org.apache.cxf.ws.security.tokenstore.SecurityToken) W3CDOMStreamWriter(org.apache.cxf.staxutils.W3CDOMStreamWriter) BindingOperationInfo(org.apache.cxf.service.model.BindingOperationInfo) DOMSource(javax.xml.transform.dom.DOMSource) Element(org.w3c.dom.Element) Node(org.w3c.dom.Node) ModCountCopyOnWriteArrayList(org.apache.cxf.common.util.ModCountCopyOnWriteArrayList) ArrayList(java.util.ArrayList)

Example 33 with W3CDOMStreamWriter

use of org.apache.cxf.staxutils.W3CDOMStreamWriter in project cxf by apache.

the class SimpleBatchSTSClient method validateBatchSecurityTokens.

protected List<SecurityToken> validateBatchSecurityTokens(List<BatchRequest> batchRequestList, String action, String requestType) throws Exception {
    createClient();
    BindingOperationInfo boi = findOperation("/BatchValidate");
    client.getRequestContext().putAll(ctx);
    client.getRequestContext().put(SoapBindingConstants.SOAP_ACTION, action);
    W3CDOMStreamWriter writer = new W3CDOMStreamWriter();
    writer.writeStartElement("wst", "RequestSecurityTokenCollection", namespace);
    writer.writeNamespace("wst", namespace);
    for (BatchRequest batchRequest : batchRequestList) {
        writer.writeStartElement("wst", "RequestSecurityToken", namespace);
        writer.writeNamespace("wst", namespace);
        addRequestType(requestType, writer);
        addTokenType(writer, batchRequest.getTokenType());
        writer.writeStartElement("wst", "ValidateTarget", namespace);
        Element el = batchRequest.getValidateTarget();
        StaxUtils.copy(el, writer);
        writer.writeEndElement();
        writer.writeEndElement();
    }
    writer.writeEndElement();
    Object[] obj = client.invoke(boi, new DOMSource(writer.getDocument().getDocumentElement()));
    Element responseCollection = getDocumentElement((DOMSource) obj[0]);
    Node child = responseCollection.getFirstChild();
    List<SecurityToken> tokens = new ArrayList<>();
    while (child != null) {
        if (child instanceof Element && "RequestSecurityTokenResponse".equals(((Element) child).getLocalName())) {
            Element rstrChild = DOMUtils.getFirstElement(child);
            while (rstrChild != null) {
                if ("Status".equals(rstrChild.getLocalName())) {
                    Element e2 = DOMUtils.getFirstChildWithName(rstrChild, rstrChild.getNamespaceURI(), "Code");
                    String s = DOMUtils.getContent(e2);
                    if (!s.endsWith("/status/valid")) {
                        throw new TrustException(LOG, "VALIDATION_FAILED");
                    }
                } else if ("RequestedSecurityToken".equals(rstrChild.getLocalName())) {
                    Element requestedSecurityTokenElement = DOMUtils.getFirstElement(rstrChild);
                    String id = findID(null, null, requestedSecurityTokenElement);
                    if (StringUtils.isEmpty(id)) {
                        throw new TrustException("NO_ID", LOG);
                    }
                    SecurityToken requestedSecurityToken = new SecurityToken(id);
                    requestedSecurityToken.setToken(requestedSecurityTokenElement);
                    tokens.add(requestedSecurityToken);
                }
                rstrChild = DOMUtils.getNextElement(rstrChild);
            }
        }
        child = child.getNextSibling();
    }
    return tokens;
}
Also used : W3CDOMStreamWriter(org.apache.cxf.staxutils.W3CDOMStreamWriter) BindingOperationInfo(org.apache.cxf.service.model.BindingOperationInfo) DOMSource(javax.xml.transform.dom.DOMSource) TrustException(org.apache.cxf.ws.security.trust.TrustException) Element(org.w3c.dom.Element) Node(org.w3c.dom.Node) ModCountCopyOnWriteArrayList(org.apache.cxf.common.util.ModCountCopyOnWriteArrayList) ArrayList(java.util.ArrayList) SecurityToken(org.apache.cxf.ws.security.tokenstore.SecurityToken)

Example 34 with W3CDOMStreamWriter

use of org.apache.cxf.staxutils.W3CDOMStreamWriter in project ddf by codice.

the class StsIssueTest method testBearerWebSsoTokenSaml2.

/**
     * Test the Web SSO Token
     */
public void testBearerWebSsoTokenSaml2(StsPortTypes portType) throws Exception {
    SpringBusFactory bf = new SpringBusFactory();
    URL busFile = StsIssueTest.class.getResource("/cxf-client.xml");
    Bus bus = bf.createBus(busFile.toString());
    SpringBusFactory.setDefaultBus(bus);
    SpringBusFactory.setThreadDefaultBus(bus);
    DocumentBuilderFactory factory = DocumentBuilderFactory.newInstance();
    DocumentBuilder builder = factory.newDocumentBuilder();
    Document doc = builder.newDocument();
    // Create a Username Token
    UsernameToken oboToken = new UsernameToken(false, doc, WSConstants.PASSWORD_TEXT);
    // Workout the details of how to fill out the username token
    // ID - the Key that tells the validator its an SSO token
    // Name - the SSO ticket
    oboToken.setID(CAS_ID);
    oboToken.setName("ST-098ASDF13245WERT");
    // Build the Claims object
    W3CDOMStreamWriter writer = new W3CDOMStreamWriter();
    writer.writeStartElement(WST, CLAIMS, STSUtils.WST_NS_05_12);
    writer.writeNamespace(WST, STSUtils.WST_NS_05_12);
    writer.writeNamespace(IC, IDENTITY_URI);
    writer.writeAttribute(DIALECT, IDENTITY_URI);
    // Add the Role claim
    writer.writeStartElement(IC, CLAIM_TYPE, IDENTITY_URI);
    // writer.writeAttribute("Uri",
    // "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/role");
    writer.writeAttribute(URI, "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/uid");
    writer.writeEndElement();
    Element claims = writer.getDocument().getDocumentElement();
    // Get a token
    SecurityToken token = requestSecurityToken(SAML2_TOKEN_TYPE, BEARER_KEYTYPE, oboToken.getElement(), bus, StsAddresses.valueOf(portType.toString()).toString(), WsdlLocations.valueOf(portType.toString()).toString(), EndPoints.valueOf(portType.toString()).toString(), claims);
    if (token != null) {
        validateSecurityToken(token);
    }
    bus.shutdown(true);
}
Also used : SecurityToken(org.apache.cxf.ws.security.tokenstore.SecurityToken) Bus(org.apache.cxf.Bus) W3CDOMStreamWriter(org.apache.cxf.staxutils.W3CDOMStreamWriter) SpringBusFactory(org.apache.cxf.bus.spring.SpringBusFactory) DocumentBuilderFactory(javax.xml.parsers.DocumentBuilderFactory) DocumentBuilder(javax.xml.parsers.DocumentBuilder) Element(org.w3c.dom.Element) UsernameToken(org.apache.wss4j.dom.message.token.UsernameToken) Document(org.w3c.dom.Document) URL(java.net.URL)

Example 35 with W3CDOMStreamWriter

use of org.apache.cxf.staxutils.W3CDOMStreamWriter in project ddf by codice.

the class StsIssueTest method testBearerUsernameTokenSaml2.

/**
     * Test the Username Token
     */
public void testBearerUsernameTokenSaml2(StsPortTypes portType) throws Exception {
    SpringBusFactory bf = new SpringBusFactory();
    URL busFile = StsIssueTest.class.getResource("/cxf-client.xml");
    Bus bus = bf.createBus(busFile.toString());
    SpringBusFactory.setDefaultBus(bus);
    SpringBusFactory.setThreadDefaultBus(bus);
    DocumentBuilderFactory factory = DocumentBuilderFactory.newInstance();
    DocumentBuilder builder = factory.newDocumentBuilder();
    Document doc = builder.newDocument();
    // Create a Username Token
    UsernameToken oboToken = new UsernameToken(false, doc, WSConstants.PASSWORD_TEXT);
    oboToken.setName("pangerer");
    oboToken.setPassword("password");
    // Build the Claims object
    W3CDOMStreamWriter writer = new W3CDOMStreamWriter();
    writer.writeStartElement(WST, CLAIMS, STSUtils.WST_NS_05_12);
    writer.writeNamespace(WST, STSUtils.WST_NS_05_12);
    writer.writeNamespace(IC, IDENTITY_URI);
    writer.writeAttribute(DIALECT, IDENTITY_URI);
    // Add the Role claim
    writer.writeStartElement(IC, CLAIM_TYPE, IDENTITY_URI);
    // writer.writeAttribute("Uri",
    // "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/role");
    writer.writeAttribute(URI, "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/uid");
    writer.writeEndElement();
    Element claims = writer.getDocument().getDocumentElement();
    // Get a token
    SecurityToken token = requestSecurityToken(SAML2_TOKEN_TYPE, BEARER_KEYTYPE, oboToken.getElement(), bus, StsAddresses.valueOf(portType.toString()).toString(), WsdlLocations.valueOf(portType.toString()).toString(), EndPoints.valueOf(portType.toString()).toString(), claims);
    if (token != null) {
        validateSecurityToken(token);
    }
    bus.shutdown(true);
}
Also used : SecurityToken(org.apache.cxf.ws.security.tokenstore.SecurityToken) Bus(org.apache.cxf.Bus) W3CDOMStreamWriter(org.apache.cxf.staxutils.W3CDOMStreamWriter) SpringBusFactory(org.apache.cxf.bus.spring.SpringBusFactory) DocumentBuilderFactory(javax.xml.parsers.DocumentBuilderFactory) DocumentBuilder(javax.xml.parsers.DocumentBuilder) Element(org.w3c.dom.Element) UsernameToken(org.apache.wss4j.dom.message.token.UsernameToken) Document(org.w3c.dom.Document) URL(java.net.URL)

Aggregations

W3CDOMStreamWriter (org.apache.cxf.staxutils.W3CDOMStreamWriter)60 Element (org.w3c.dom.Element)29 DOMSource (javax.xml.transform.dom.DOMSource)24 XMLStreamException (javax.xml.stream.XMLStreamException)15 Document (org.w3c.dom.Document)14 WebClient (org.apache.cxf.jaxrs.client.WebClient)9 Node (org.w3c.dom.Node)9 XMLStreamWriter (javax.xml.stream.XMLStreamWriter)8 Fault (org.apache.cxf.interceptor.Fault)8 XMLStreamReader (javax.xml.stream.XMLStreamReader)7 BindingOperationInfo (org.apache.cxf.service.model.BindingOperationInfo)7 RequestSecurityTokenResponseType (org.apache.cxf.ws.security.sts.provider.model.RequestSecurityTokenResponseType)7 SecurityToken (org.apache.cxf.ws.security.tokenstore.SecurityToken)7 JAXBElement (javax.xml.bind.JAXBElement)6 JAXBException (javax.xml.bind.JAXBException)5 SOAPMessage (javax.xml.soap.SOAPMessage)5 SoapFault (org.apache.cxf.binding.soap.SoapFault)5 SoapMessage (org.apache.cxf.binding.soap.SoapMessage)5 InputStream (java.io.InputStream)4 HashMap (java.util.HashMap)4
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial