Examples with CustomAttributeProvider org.apache.cxf.sts.common.CustomAttributeProvider used on opensource projects

Example 1 with CustomAttributeProvider

use of org.apache.cxf.sts.common.CustomAttributeProvider in project cxf by apache.

the class SAMLProviderActAsTest method testCustomHandlingUsernameToken.

/**
 * Create a Saml1 Bearer Assertion with ActAs from a UsernameToken. The SAMLTokenProvider is
 * configured with a custom Attribute Provider that instead creates a "CustomActAs" attribute.
 */
@org.junit.Test
public void testCustomHandlingUsernameToken() throws Exception {
    TokenProvider samlTokenProvider = new SAMLTokenProvider();
    UsernameTokenType usernameToken = new UsernameTokenType();
    AttributedString username = new AttributedString();
    username.setValue("bob");
    usernameToken.setUsername(username);
    JAXBElement<UsernameTokenType> usernameTokenType = new JAXBElement<UsernameTokenType>(QNameConstants.USERNAME_TOKEN, UsernameTokenType.class, usernameToken);
    TokenProviderParameters providerParameters = createProviderParameters(WSS4JConstants.WSS_SAML_TOKEN_TYPE, STSConstants.BEARER_KEY_KEYTYPE, usernameTokenType);
    // Principal must be set in ReceivedToken/ActAs
    providerParameters.getTokenRequirements().getActAs().setPrincipal(new CustomTokenPrincipal(username.getValue()));
    assertTrue(samlTokenProvider.canHandleToken(WSS4JConstants.WSS_SAML_TOKEN_TYPE));
    TokenProviderResponse providerResponse = samlTokenProvider.createToken(providerParameters);
    assertNotNull(providerResponse);
    assertTrue(providerResponse.getToken() != null && providerResponse.getTokenId() != null);
    Element token = (Element) providerResponse.getToken();
    String tokenString = DOM2Writer.nodeToString(token);
    assertTrue(tokenString.contains(providerResponse.getTokenId()));
    assertTrue(tokenString.contains("AttributeStatement"));
    assertTrue(tokenString.contains("bob"));
    assertFalse(tokenString.contains("CustomActAs"));
    List<AttributeStatementProvider> customProviderList = Collections.singletonList(new CustomAttributeProvider());
    ((SAMLTokenProvider) samlTokenProvider).setAttributeStatementProviders(customProviderList);
    providerResponse = samlTokenProvider.createToken(providerParameters);
    assertNotNull(providerResponse);
    assertTrue(providerResponse.getToken() != null && providerResponse.getTokenId() != null);
    token = (Element) providerResponse.getToken();
    tokenString = DOM2Writer.nodeToString(token);
    assertTrue(tokenString.contains("CustomActAs"));
}

Example 2 with CustomAttributeProvider

use of org.apache.cxf.sts.common.CustomAttributeProvider in project cxf by apache.

the class SAMLProviderCustomTest method testCustomSaml1MultipleAssertion.

/**
 * Create a custom Saml1 (Multiple) Attribute Assertion.
 */
@org.junit.Test
public void testCustomSaml1MultipleAssertion() throws Exception {
    TokenProvider samlTokenProvider = new SAMLTokenProvider();
    TokenProviderParameters providerParameters = createProviderParameters(WSS4JConstants.WSS_SAML_TOKEN_TYPE, STSConstants.BEARER_KEY_KEYTYPE);
    List<AttributeStatementProvider> customProviderList = Arrays.asList(new CustomAttributeProvider(), new CustomAttributeProvider());
    ((SAMLTokenProvider) samlTokenProvider).setAttributeStatementProviders(customProviderList);
    assertTrue(samlTokenProvider.canHandleToken(WSS4JConstants.WSS_SAML_TOKEN_TYPE));
    TokenProviderResponse providerResponse = samlTokenProvider.createToken(providerParameters);
    assertNotNull(providerResponse);
    assertTrue(providerResponse.getToken() != null && providerResponse.getTokenId() != null);
    Element token = (Element) providerResponse.getToken();
    String tokenString = DOM2Writer.nodeToString(token);
    assertTrue(tokenString.contains(providerResponse.getTokenId()));
    assertTrue(tokenString.contains("AttributeStatement"));
    assertFalse(tokenString.contains("AuthenticationStatement"));
    assertTrue(tokenString.contains("alice"));
    assertTrue(tokenString.contains("http://cxf.apache.org/sts/custom"));
}

Example 3 with CustomAttributeProvider

use of org.apache.cxf.sts.common.CustomAttributeProvider in project cxf by apache.

the class SAMLProviderOnBehalfOfTest method testCustomHandlingUsernameToken.

/**
 * Create a Saml1 Bearer Assertion with OnBehalfOf from a UsernameToken. The SAMLTokenProvider is
 * configured with a custom Attribute Provider that instead creates a "CustomOnBehalfOf" attribute.
 */
@org.junit.Test
public void testCustomHandlingUsernameToken() throws Exception {
    TokenProvider samlTokenProvider = new SAMLTokenProvider();
    UsernameTokenType usernameToken = new UsernameTokenType();
    AttributedString username = new AttributedString();
    username.setValue("bob");
    usernameToken.setUsername(username);
    JAXBElement<UsernameTokenType> usernameTokenType = new JAXBElement<UsernameTokenType>(QNameConstants.USERNAME_TOKEN, UsernameTokenType.class, usernameToken);
    TokenProviderParameters providerParameters = createProviderParameters(WSS4JConstants.WSS_SAML_TOKEN_TYPE, STSConstants.BEARER_KEY_KEYTYPE, usernameTokenType);
    // Principal must be set in ReceivedToken/OnBehalfOf
    providerParameters.getTokenRequirements().getOnBehalfOf().setPrincipal(new CustomTokenPrincipal(username.getValue()));
    assertTrue(samlTokenProvider.canHandleToken(WSS4JConstants.WSS_SAML_TOKEN_TYPE));
    TokenProviderResponse providerResponse = samlTokenProvider.createToken(providerParameters);
    assertNotNull(providerResponse);
    assertTrue(providerResponse.getToken() != null && providerResponse.getTokenId() != null);
    Element token = (Element) providerResponse.getToken();
    String tokenString = DOM2Writer.nodeToString(token);
    assertTrue(tokenString.contains(providerResponse.getTokenId()));
    assertTrue(tokenString.contains("AttributeStatement"));
    assertTrue(tokenString.contains("bob"));
    assertFalse(tokenString.contains("CustomOnBehalfOf"));
    List<AttributeStatementProvider> customProviderList = Collections.singletonList(new CustomAttributeProvider());
    ((SAMLTokenProvider) samlTokenProvider).setAttributeStatementProviders(customProviderList);
    providerResponse = samlTokenProvider.createToken(providerParameters);
    assertNotNull(providerResponse);
    assertTrue(providerResponse.getToken() != null && providerResponse.getTokenId() != null);
    token = (Element) providerResponse.getToken();
    tokenString = DOM2Writer.nodeToString(token);
    assertTrue(tokenString.contains("CustomOnBehalfOf"));
}

Example 4 with CustomAttributeProvider

use of org.apache.cxf.sts.common.CustomAttributeProvider in project cxf by apache.

the class IssueSamlClaimsUnitTest method addTokenProvider.

/**
 * @param issueOperation
 */
private static void addTokenProvider(TokenIssueOperation issueOperation) {
    SAMLTokenProvider samlTokenProvider = new SAMLTokenProvider();
    samlTokenProvider.setAttributeStatementProviders(Collections.singletonList(new CustomAttributeProvider()));
    issueOperation.setTokenProviders(Collections.singletonList(samlTokenProvider));
}

Example 5 with CustomAttributeProvider

use of org.apache.cxf.sts.common.CustomAttributeProvider in project cxf by apache.

the class ValidateTokenTransformationUnitTest method runUsernameTokenTransformationClaims.

/**
 * Test to successfully validate a UsernameToken and transform it into a SAML Assertion with claims.
 */
private void runUsernameTokenTransformationClaims(boolean useSecondaryParameters) throws Exception {
    TokenValidateOperation validateOperation = new TokenValidateOperation();
    // Add Token Validator
    validateOperation.setTokenValidators(Collections.singletonList(new UsernameTokenValidator()));
    // Add Token Provider
    SAMLTokenProvider samlTokenProvider = new SAMLTokenProvider();
    samlTokenProvider.setAttributeStatementProviders(Collections.singletonList(new CustomAttributeProvider()));
    validateOperation.setTokenProviders(Collections.singletonList(samlTokenProvider));
    // Add STSProperties object
    STSPropertiesMBean stsProperties = new StaticSTSProperties();
    Crypto crypto = CryptoFactory.getInstance(getEncryptionProperties());
    stsProperties.setEncryptionCrypto(crypto);
    stsProperties.setSignatureCrypto(crypto);
    stsProperties.setEncryptionUsername("myservicekey");
    stsProperties.setSignatureUsername("mystskey");
    stsProperties.setCallbackHandler(new PasswordCallbackHandler());
    stsProperties.setIssuer("STS");
    validateOperation.setStsProperties(stsProperties);
    // Set the ClaimsManager
    ClaimsManager claimsManager = new ClaimsManager();
    ClaimsHandler claimsHandler = new CustomClaimsHandler();
    claimsManager.setClaimHandlers(Collections.singletonList(claimsHandler));
    validateOperation.setClaimsManager(claimsManager);
    // Mock up a request
    RequestSecurityTokenType request = new RequestSecurityTokenType();
    JAXBElement<String> tokenType = new JAXBElement<String>(QNameConstants.TOKEN_TYPE, String.class, WSS4JConstants.WSS_SAML2_TOKEN_TYPE);
    request.getAny().add(tokenType);
    Object claims = useSecondaryParameters ? createClaimsElementInSecondaryParameters() : createClaimsElement();
    request.getAny().add(claims);
    // Create a UsernameToken
    JAXBElement<UsernameTokenType> usernameTokenType = createUsernameToken("alice", "clarinet");
    ValidateTargetType validateTarget = new ValidateTargetType();
    validateTarget.setAny(usernameTokenType);
    JAXBElement<ValidateTargetType> validateTargetType = new JAXBElement<ValidateTargetType>(QNameConstants.VALIDATE_TARGET, ValidateTargetType.class, validateTarget);
    request.getAny().add(validateTargetType);
    // Mock up message context
    MessageImpl msg = new MessageImpl();
    WrappedMessageContext msgCtx = new WrappedMessageContext(msg);
    Principal principal = new CustomTokenPrincipal("ted");
    msgCtx.put(SecurityContext.class.getName(), createSecurityContext(principal));
    // Validate a token
    RequestSecurityTokenResponseType response = validateOperation.validate(request, principal, msgCtx);
    assertTrue(validateResponse(response));
    // Test the generated token.
    Element assertion = null;
    for (Object tokenObject : response.getAny()) {
        if (tokenObject instanceof JAXBElement<?> && REQUESTED_SECURITY_TOKEN.equals(((JAXBElement<?>) tokenObject).getName())) {
            RequestedSecurityTokenType rstType = (RequestedSecurityTokenType) ((JAXBElement<?>) tokenObject).getValue();
            assertion = (Element) rstType.getAny();
            break;
        }
    }
    assertNotNull(assertion);
    String tokenString = DOM2Writer.nodeToString(assertion);
    assertTrue(tokenString.contains("AttributeStatement"));
    assertTrue(tokenString.contains("alice"));
    assertTrue(tokenString.contains(SAML2Constants.CONF_BEARER));
    assertTrue(tokenString.contains(ClaimTypes.LASTNAME.toString()));
}