Examples with KeyRequirements org.apache.cxf.sts.request.KeyRequirements used on opensource projects

Search in sources :

Example 6 with KeyRequirements

use of org.apache.cxf.sts.request.KeyRequirements in project cxf by apache.

the class SAMLTokenProvider method createToken.

/**
 * Create a token given a TokenProviderParameters
 */
public TokenProviderResponse createToken(TokenProviderParameters tokenParameters) {
    testKeyType(tokenParameters);
    KeyRequirements keyRequirements = tokenParameters.getKeyRequirements();
    TokenRequirements tokenRequirements = tokenParameters.getTokenRequirements();
    if (LOG.isLoggable(Level.FINE)) {
        LOG.fine("Handling token of type: " + tokenRequirements.getTokenType());
    }
    byte[] secret = null;
    byte[] entropyBytes = null;
    long keySize = 0;
    boolean computedKey = false;
    if (STSConstants.SYMMETRIC_KEY_KEYTYPE.equals(keyRequirements.getKeyType())) {
        SymmetricKeyHandler keyHandler = new SymmetricKeyHandler(tokenParameters);
        keyHandler.createSymmetricKey();
        secret = keyHandler.getSecret();
        entropyBytes = keyHandler.getEntropyBytes();
        keySize = keyHandler.getKeySize();
        computedKey = keyHandler.isComputedKey();
    }
    try {
        Document doc = DOMUtils.createDocument();
        SamlAssertionWrapper assertion = createSamlToken(tokenParameters, secret, doc);
        Element token = assertion.toDOM(doc);
        // set the token in cache (only if the token is signed)
        byte[] signatureValue = assertion.getSignatureValue();
        if (tokenParameters.getTokenStore() != null && signatureValue != null && signatureValue.length > 0) {
            SecurityToken securityToken = CacheUtils.createSecurityTokenForStorage(token, assertion.getId(), assertion.getNotOnOrAfter(), tokenParameters.getPrincipal(), tokenParameters.getRealm(), tokenParameters.getTokenRequirements().getRenewing());
            CacheUtils.storeTokenInCache(securityToken, tokenParameters.getTokenStore(), signatureValue);
        }
        TokenProviderResponse response = new TokenProviderResponse();
        String tokenType = tokenRequirements.getTokenType();
        if (WSS4JConstants.WSS_SAML2_TOKEN_TYPE.equals(tokenType) || WSS4JConstants.SAML2_NS.equals(tokenType)) {
            response.setTokenId(token.getAttributeNS(null, "ID"));
        } else {
            response.setTokenId(token.getAttributeNS(null, "AssertionID"));
        }
        if (tokenParameters.isEncryptToken()) {
            token = TokenProviderUtils.encryptToken(token, response.getTokenId(), tokenParameters.getStsProperties(), tokenParameters.getEncryptionProperties(), keyRequirements, tokenParameters.getMessageContext());
        }
        response.setToken(token);
        DateTime validFrom = null;
        DateTime validTill = null;
        if (assertion.getSamlVersion().equals(SAMLVersion.VERSION_20)) {
            validFrom = assertion.getSaml2().getConditions().getNotBefore();
            validTill = assertion.getSaml2().getConditions().getNotOnOrAfter();
        } else {
            validFrom = assertion.getSaml1().getConditions().getNotBefore();
            validTill = assertion.getSaml1().getConditions().getNotOnOrAfter();
        }
        response.setCreated(validFrom.toDate().toInstant());
        response.setExpires(validTill.toDate().toInstant());
        response.setEntropy(entropyBytes);
        if (keySize > 0) {
            response.setKeySize(keySize);
        }
        response.setComputedKey(computedKey);
        LOG.fine("SAML Token successfully created");
        return response;
    } catch (Exception e) {
        LOG.log(Level.WARNING, "", e);
        throw new STSException("Can't serialize SAML assertion", e, STSException.REQUEST_FAILED);
    }
}
Also used : Element(org.w3c.dom.Element) SamlAssertionWrapper(org.apache.wss4j.common.saml.SamlAssertionWrapper) STSException(org.apache.cxf.ws.security.sts.provider.STSException) Document(org.w3c.dom.Document) DateTime(org.joda.time.DateTime) STSException(org.apache.cxf.ws.security.sts.provider.STSException) SecurityToken(org.apache.cxf.ws.security.tokenstore.SecurityToken) TokenRequirements(org.apache.cxf.sts.request.TokenRequirements) KeyRequirements(org.apache.cxf.sts.request.KeyRequirements)

Example 7 with KeyRequirements

use of org.apache.cxf.sts.request.KeyRequirements in project cxf by apache.

the class CancelSCTUnitTest method createProviderParameters.

private TokenProviderParameters createProviderParameters(String tokenType) throws WSSecurityException {
    TokenProviderParameters parameters = new TokenProviderParameters();
    TokenRequirements tokenRequirements = new TokenRequirements();
    tokenRequirements.setTokenType(tokenType);
    parameters.setTokenRequirements(tokenRequirements);
    KeyRequirements keyRequirements = new KeyRequirements();
    parameters.setKeyRequirements(keyRequirements);
    parameters.setTokenStore(tokenStore);
    parameters.setPrincipal(new CustomTokenPrincipal("alice"));
    // Mock up message context
    MessageImpl msg = new MessageImpl();
    WrappedMessageContext msgCtx = new WrappedMessageContext(msg);
    parameters.setMessageContext(msgCtx);
    parameters.setAppliesToAddress("http://dummy-service.com/dummy");
    // Add STSProperties object
    StaticSTSProperties stsProperties = new StaticSTSProperties();
    Crypto crypto = CryptoFactory.getInstance(getEncryptionProperties());
    stsProperties.setSignatureCrypto(crypto);
    stsProperties.setSignatureUsername("mystskey");
    stsProperties.setCallbackHandler(new PasswordCallbackHandler());
    stsProperties.setIssuer("STS");
    parameters.setStsProperties(stsProperties);
    parameters.setEncryptionProperties(new EncryptionProperties());
    return parameters;
}
Also used : CustomTokenPrincipal(org.apache.wss4j.common.principal.CustomTokenPrincipal) Crypto(org.apache.wss4j.common.crypto.Crypto) TokenRequirements(org.apache.cxf.sts.request.TokenRequirements) WrappedMessageContext(org.apache.cxf.jaxws.context.WrappedMessageContext) PasswordCallbackHandler(org.apache.cxf.sts.common.PasswordCallbackHandler) EncryptionProperties(org.apache.cxf.sts.service.EncryptionProperties) KeyRequirements(org.apache.cxf.sts.request.KeyRequirements) StaticSTSProperties(org.apache.cxf.sts.StaticSTSProperties) MessageImpl(org.apache.cxf.message.MessageImpl) TokenProviderParameters(org.apache.cxf.sts.token.provider.TokenProviderParameters)

Example 8 with KeyRequirements

use of org.apache.cxf.sts.request.KeyRequirements in project cxf by apache.

the class IssueJWTOnbehalfofUnitTest method createProviderParameters.

private TokenProviderParameters createProviderParameters(String tokenType, String keyType, Crypto crypto, String signatureUsername, CallbackHandler callbackHandler) throws WSSecurityException {
    TokenProviderParameters parameters = new TokenProviderParameters();
    TokenRequirements tokenRequirements = new TokenRequirements();
    tokenRequirements.setTokenType(tokenType);
    parameters.setTokenRequirements(tokenRequirements);
    KeyRequirements keyRequirements = new KeyRequirements();
    keyRequirements.setKeyType(keyType);
    CryptoType cryptoType = new CryptoType(CryptoType.TYPE.ALIAS);
    cryptoType.setAlias("myclientkey");
    X509Certificate[] certs = crypto.getX509Certificates(cryptoType);
    ReceivedKey receivedKey = new ReceivedKey();
    receivedKey.setX509Cert(certs[0]);
    keyRequirements.setReceivedKey(receivedKey);
    parameters.setKeyRequirements(keyRequirements);
    parameters.setPrincipal(new CustomTokenPrincipal("alice"));
    // Mock up message context
    MessageImpl msg = new MessageImpl();
    WrappedMessageContext msgCtx = new WrappedMessageContext(msg);
    parameters.setMessageContext(msgCtx);
    parameters.setAppliesToAddress("http://dummy-service.com/dummy");
    // Add STSProperties object
    StaticSTSProperties stsProperties = new StaticSTSProperties();
    stsProperties.setSignatureCrypto(crypto);
    stsProperties.setSignatureUsername(signatureUsername);
    stsProperties.setCallbackHandler(callbackHandler);
    stsProperties.setIssuer("STS");
    stsProperties.setEncryptionUsername("myservicekey");
    stsProperties.setEncryptionCrypto(crypto);
    parameters.setStsProperties(stsProperties);
    parameters.setEncryptionProperties(new EncryptionProperties());
    return parameters;
}
Also used : CustomTokenPrincipal(org.apache.wss4j.common.principal.CustomTokenPrincipal) TokenRequirements(org.apache.cxf.sts.request.TokenRequirements) WrappedMessageContext(org.apache.cxf.jaxws.context.WrappedMessageContext) EncryptionProperties(org.apache.cxf.sts.service.EncryptionProperties) KeyRequirements(org.apache.cxf.sts.request.KeyRequirements) CryptoType(org.apache.wss4j.common.crypto.CryptoType) StaticSTSProperties(org.apache.cxf.sts.StaticSTSProperties) MessageImpl(org.apache.cxf.message.MessageImpl) X509Certificate(java.security.cert.X509Certificate) ReceivedKey(org.apache.cxf.sts.request.ReceivedKey) TokenProviderParameters(org.apache.cxf.sts.token.provider.TokenProviderParameters)

Example 9 with KeyRequirements

use of org.apache.cxf.sts.request.KeyRequirements in project cxf by apache.

the class ValidateSCTUnitTest method createProviderParameters.

private TokenProviderParameters createProviderParameters(String tokenType) throws WSSecurityException {
    TokenProviderParameters parameters = new TokenProviderParameters();
    TokenRequirements tokenRequirements = new TokenRequirements();
    tokenRequirements.setTokenType(tokenType);
    parameters.setTokenRequirements(tokenRequirements);
    KeyRequirements keyRequirements = new KeyRequirements();
    parameters.setKeyRequirements(keyRequirements);
    parameters.setTokenStore(tokenStore);
    parameters.setPrincipal(new CustomTokenPrincipal("alice"));
    // Mock up message context
    MessageImpl msg = new MessageImpl();
    WrappedMessageContext msgCtx = new WrappedMessageContext(msg);
    parameters.setMessageContext(msgCtx);
    parameters.setAppliesToAddress("http://dummy-service.com/dummy");
    // Add STSProperties object
    StaticSTSProperties stsProperties = new StaticSTSProperties();
    Crypto crypto = CryptoFactory.getInstance(getEncryptionProperties());
    stsProperties.setSignatureCrypto(crypto);
    stsProperties.setSignatureUsername("mystskey");
    stsProperties.setCallbackHandler(new PasswordCallbackHandler());
    stsProperties.setIssuer("STS");
    parameters.setStsProperties(stsProperties);
    parameters.setEncryptionProperties(new EncryptionProperties());
    return parameters;
}
Also used : CustomTokenPrincipal(org.apache.wss4j.common.principal.CustomTokenPrincipal) Crypto(org.apache.wss4j.common.crypto.Crypto) TokenRequirements(org.apache.cxf.sts.request.TokenRequirements) WrappedMessageContext(org.apache.cxf.jaxws.context.WrappedMessageContext) PasswordCallbackHandler(org.apache.cxf.sts.common.PasswordCallbackHandler) EncryptionProperties(org.apache.cxf.sts.service.EncryptionProperties) KeyRequirements(org.apache.cxf.sts.request.KeyRequirements) StaticSTSProperties(org.apache.cxf.sts.StaticSTSProperties) MessageImpl(org.apache.cxf.message.MessageImpl) TokenProviderParameters(org.apache.cxf.sts.token.provider.TokenProviderParameters)

Example 10 with KeyRequirements

use of org.apache.cxf.sts.request.KeyRequirements in project cxf by apache.

the class ValidateSamlUnitTest method createProviderParameters.

private TokenProviderParameters createProviderParameters(String tokenType, String keyType, Crypto crypto, String signatureUsername, CallbackHandler callbackHandler) throws WSSecurityException {
    TokenProviderParameters parameters = new TokenProviderParameters();
    TokenRequirements tokenRequirements = new TokenRequirements();
    tokenRequirements.setTokenType(tokenType);
    parameters.setTokenRequirements(tokenRequirements);
    KeyRequirements keyRequirements = new KeyRequirements();
    keyRequirements.setKeyType(keyType);
    parameters.setKeyRequirements(keyRequirements);
    parameters.setPrincipal(new CustomTokenPrincipal("alice"));
    // Mock up message context
    MessageImpl msg = new MessageImpl();
    WrappedMessageContext msgCtx = new WrappedMessageContext(msg);
    parameters.setMessageContext(msgCtx);
    parameters.setAppliesToAddress("http://dummy-service.com/dummy");
    // Add STSProperties object
    StaticSTSProperties stsProperties = new StaticSTSProperties();
    stsProperties.setSignatureCrypto(crypto);
    stsProperties.setSignatureUsername(signatureUsername);
    stsProperties.setCallbackHandler(callbackHandler);
    stsProperties.setIssuer("STS");
    parameters.setStsProperties(stsProperties);
    parameters.setEncryptionProperties(new EncryptionProperties());
    return parameters;
}
Also used : CustomTokenPrincipal(org.apache.wss4j.common.principal.CustomTokenPrincipal) TokenRequirements(org.apache.cxf.sts.request.TokenRequirements) WrappedMessageContext(org.apache.cxf.jaxws.context.WrappedMessageContext) EncryptionProperties(org.apache.cxf.sts.service.EncryptionProperties) KeyRequirements(org.apache.cxf.sts.request.KeyRequirements) StaticSTSProperties(org.apache.cxf.sts.StaticSTSProperties) MessageImpl(org.apache.cxf.message.MessageImpl) TokenProviderParameters(org.apache.cxf.sts.token.provider.TokenProviderParameters)

Aggregations

KeyRequirements (org.apache.cxf.sts.request.KeyRequirements)70 TokenRequirements (org.apache.cxf.sts.request.TokenRequirements)63 WrappedMessageContext (org.apache.cxf.jaxws.context.WrappedMessageContext)54 MessageImpl (org.apache.cxf.message.MessageImpl)54 StaticSTSProperties (org.apache.cxf.sts.StaticSTSProperties)54 CustomTokenPrincipal (org.apache.wss4j.common.principal.CustomTokenPrincipal)54 EncryptionProperties (org.apache.cxf.sts.service.EncryptionProperties)46 Crypto (org.apache.wss4j.common.crypto.Crypto)37 PasswordCallbackHandler (org.apache.cxf.sts.common.PasswordCallbackHandler)36 TokenProviderParameters (org.apache.cxf.sts.token.provider.TokenProviderParameters)28 STSException (org.apache.cxf.ws.security.sts.provider.STSException)10 ReceivedToken (org.apache.cxf.sts.request.ReceivedToken)7 ReceivedKey (org.apache.cxf.sts.request.ReceivedKey)4 CryptoType (org.apache.wss4j.common.crypto.CryptoType)4 Element (org.w3c.dom.Element)4 X509Certificate (java.security.cert.X509Certificate)3 RequestRequirements (org.apache.cxf.sts.request.RequestRequirements)3 TokenValidatorParameters (org.apache.cxf.sts.token.validator.TokenValidatorParameters)3 RequestSecurityTokenResponseType (org.apache.cxf.ws.security.sts.provider.model.RequestSecurityTokenResponseType)3 SamlAssertionWrapper (org.apache.wss4j.common.saml.SamlAssertionWrapper)3
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial