use of org.apache.cxf.sts.claims.ClaimsManager in project cxf by apache.
the class LDAPClaimsTest method testRetrieveRolesForBobInBusinessCategoryWidgets.
@org.junit.Test
public void testRetrieveRolesForBobInBusinessCategoryWidgets() throws Exception {
LdapGroupClaimsHandler claimsHandler = (LdapGroupClaimsHandler) appContext.getBean("testGroupClaimsHandlerFilter");
ClaimsManager claimsManager = new ClaimsManager();
claimsManager.setClaimHandlers(Collections.singletonList(claimsHandler));
String user = props.getProperty("otherClaimUser");
Assert.assertNotNull(user, "Property 'claimUser' not configured");
ClaimCollection requestedClaims = new ClaimCollection();
Claim claim = new Claim();
String roleURI = "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/role";
claim.setClaimType(roleURI);
requestedClaims.add(claim);
ClaimsParameters params = new ClaimsParameters();
params.setPrincipal(new CustomTokenPrincipal(user));
ProcessedClaimCollection retrievedClaims = claimsManager.retrieveClaimValues(requestedClaims, params);
Assert.assertTrue(retrievedClaims.size() == 1);
Assert.assertEquals(retrievedClaims.get(0).getClaimType(), roleURI);
Assert.assertTrue(retrievedClaims.get(0).getValues().size() == 1);
}
use of org.apache.cxf.sts.claims.ClaimsManager in project cxf by apache.
the class LDAPClaimsTest method testRetrieveClaimsWithUnsupportedMandatoryClaimType.
@org.junit.Test(expected = STSException.class)
public void testRetrieveClaimsWithUnsupportedMandatoryClaimType() throws Exception {
LdapClaimsHandler claimsHandler = (LdapClaimsHandler) appContext.getBean("testClaimsHandler");
ClaimsManager claimsManager = new ClaimsManager();
claimsManager.setClaimHandlers(Collections.singletonList(claimsHandler));
String user = props.getProperty("claimUser");
Assert.assertNotNull(user, "Property 'claimUser' not configured");
ClaimCollection requestedClaims = createRequestClaimCollection();
// add unsupported but mandatory claim
Claim claim = new Claim();
claim.setClaimType(ClaimTypes.GENDER);
claim.setOptional(false);
requestedClaims.add(claim);
ClaimsParameters params = new ClaimsParameters();
params.setPrincipal(new CustomTokenPrincipal(user));
claimsManager.retrieveClaimValues(requestedClaims, params);
}
use of org.apache.cxf.sts.claims.ClaimsManager in project cxf by apache.
the class LDAPClaimsTest method testRetrieveClaimsWithUnsupportedOptionalClaimType.
@org.junit.Test
public void testRetrieveClaimsWithUnsupportedOptionalClaimType() throws Exception {
LdapClaimsHandler claimsHandler = (LdapClaimsHandler) appContext.getBean("testClaimsHandler");
ClaimsManager claimsManager = new ClaimsManager();
claimsManager.setClaimHandlers(Collections.singletonList(claimsHandler));
String user = props.getProperty("claimUser");
Assert.assertNotNull(user, "Property 'claimUser' not configured");
ClaimCollection requestedClaims = createRequestClaimCollection();
// add unsupported but optional unsupported claim
Claim claim = new Claim();
claim.setClaimType(ClaimTypes.GENDER);
claim.setOptional(true);
requestedClaims.add(claim);
// Gender is not expected to be returned because not supported
List<String> expectedClaims = new ArrayList<>();
expectedClaims.add(ClaimTypes.FIRSTNAME.toString());
expectedClaims.add(ClaimTypes.LASTNAME.toString());
expectedClaims.add(ClaimTypes.EMAILADDRESS.toString());
ClaimsParameters params = new ClaimsParameters();
params.setPrincipal(new CustomTokenPrincipal(user));
ProcessedClaimCollection retrievedClaims = claimsManager.retrieveClaimValues(requestedClaims, params);
Assert.assertTrue("Retrieved number of claims [" + retrievedClaims.size() + "] doesn't match with expected [" + expectedClaims.size() + "]", retrievedClaims.size() == expectedClaims.size());
for (ProcessedClaim c : retrievedClaims) {
if (expectedClaims.contains(c.getClaimType())) {
expectedClaims.remove(c.getClaimType());
} else {
Assert.assertTrue("Claim '" + c.getClaimType() + "' not requested", false);
}
}
}
use of org.apache.cxf.sts.claims.ClaimsManager in project cxf by apache.
the class LDAPClaimsTest method testRetrieveRolesForBob.
@org.junit.Test
public void testRetrieveRolesForBob() throws Exception {
LdapGroupClaimsHandler claimsHandler = (LdapGroupClaimsHandler) appContext.getBean("testGroupClaimsHandlerOtherUsers");
ClaimsManager claimsManager = new ClaimsManager();
claimsManager.setClaimHandlers(Collections.singletonList(claimsHandler));
String user = props.getProperty("otherClaimUser");
Assert.assertNotNull(user, "Property 'claimUser' not configured");
ClaimCollection requestedClaims = new ClaimCollection();
Claim claim = new Claim();
String roleURI = "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/role";
claim.setClaimType(roleURI);
requestedClaims.add(claim);
ClaimsParameters params = new ClaimsParameters();
params.setPrincipal(new CustomTokenPrincipal(user));
ProcessedClaimCollection retrievedClaims = claimsManager.retrieveClaimValues(requestedClaims, params);
Assert.assertTrue(retrievedClaims.size() == 1);
Assert.assertEquals(retrievedClaims.get(0).getClaimType(), roleURI);
Assert.assertTrue(retrievedClaims.get(0).getValues().size() == 2);
}
use of org.apache.cxf.sts.claims.ClaimsManager in project cxf by apache.
the class IssueSamlClaimsUnitTest method testCustomClaimDialect.
/**
* Test custom claim parser and handler.
*/
@org.junit.Test
public void testCustomClaimDialect() throws Exception {
TokenIssueOperation issueOperation = new TokenIssueOperation();
// Add Token Provider
addTokenProvider(issueOperation);
// Add Service
addService(issueOperation);
// Add STSProperties object
addSTSProperties(issueOperation);
// Set the ClaimsManager
ClaimsManager claimsManager = new ClaimsManager();
ClaimsHandler claimsHandler = new CustomClaimsHandler();
ClaimsParser claimsParser = new CustomClaimParser();
claimsManager.setClaimParsers(Collections.singletonList(claimsParser));
claimsManager.setClaimHandlers(Collections.singletonList(claimsHandler));
issueOperation.setClaimsManager(claimsManager);
// Mock up a request
RequestSecurityTokenType request = new RequestSecurityTokenType();
JAXBElement<String> tokenType = new JAXBElement<String>(QNameConstants.TOKEN_TYPE, String.class, WSS4JConstants.WSS_SAML2_TOKEN_TYPE);
request.getAny().add(tokenType);
Element secondaryParameters = createCustomSecondaryParameters();
request.getAny().add(secondaryParameters);
request.getAny().add(createAppliesToElement("http://dummy-service.com/dummy"));
// Mock up message context
Map<String, Object> msgCtx = setupMessageContext();
// Issue a token
List<RequestSecurityTokenResponseType> securityTokenResponse = issueToken(issueOperation, request, new CustomTokenPrincipal("alice"), msgCtx);
// Test the generated token.
Element assertion = null;
for (Object tokenObject : securityTokenResponse.get(0).getAny()) {
if (tokenObject instanceof JAXBElement<?> && REQUESTED_SECURITY_TOKEN.equals(((JAXBElement<?>) tokenObject).getName())) {
RequestedSecurityTokenType rstType = (RequestedSecurityTokenType) ((JAXBElement<?>) tokenObject).getValue();
assertion = (Element) rstType.getAny();
break;
}
}
assertNotNull(assertion);
String tokenString = DOM2Writer.nodeToString(assertion);
assertTrue(tokenString.contains("AttributeStatement"));
assertTrue(tokenString.contains("bob@custom"));
}
Aggregations