Example 26 with Lifetime
use of org.apache.cxf.sts.request.Lifetime in project cxf by apache.
the class SAMLTokenRenewerLifetimeTest method testSaml2ValidLifetime.
/**
* Renew SAML 2 token with a valid requested lifetime
*/
@org.junit.Test
public void testSaml2ValidLifetime() throws Exception {
int requestedLifetime = 60;
SAMLTokenRenewer samlTokenRenewer = new SAMLTokenRenewer();
samlTokenRenewer.setVerifyProofOfPossession(false);
samlTokenRenewer.setAllowRenewalAfterExpiry(true);
DefaultConditionsProvider conditionsProvider = new DefaultConditionsProvider();
conditionsProvider.setAcceptClientLifetime(true);
samlTokenRenewer.setConditionsProvider(conditionsProvider);
TokenRenewerParameters renewerParameters = createRenewerParameters();
// Set expected lifetime to 1 minute
Instant creationTime = Instant.now();
Instant expirationTime = creationTime.plusSeconds(requestedLifetime);
Lifetime lifetime = new Lifetime();
lifetime.setCreated(creationTime.atZone(ZoneOffset.UTC).format(DateUtil.getDateTimeFormatter(true)));
lifetime.setExpires(expirationTime.atZone(ZoneOffset.UTC).format(DateUtil.getDateTimeFormatter(true)));
renewerParameters.getTokenRequirements().setLifetime(lifetime);
CallbackHandler callbackHandler = new PasswordCallbackHandler();
Crypto crypto = CryptoFactory.getInstance(getEncryptionProperties());
// Create token.
Element samlToken = createSAMLAssertion(WSS4JConstants.WSS_SAML_TOKEN_TYPE, crypto, "mystskey", callbackHandler, 50, true, true);
// Sleep to expire the token
Thread.sleep(100);
ReceivedToken renewTarget = new ReceivedToken(samlToken);
renewTarget.setState(STATE.VALID);
renewerParameters.getTokenRequirements().setRenewTarget(renewTarget);
renewerParameters.setToken(renewTarget);
assertTrue(samlTokenRenewer.canHandleToken(renewTarget));
TokenRenewerResponse renewerResponse = samlTokenRenewer.renewToken(renewerParameters);
assertTrue(renewerResponse != null);
assertTrue(renewerResponse.getToken() != null);
long duration = Duration.between(renewerResponse.getCreated(), renewerResponse.getExpires()).getSeconds();
assertEquals(requestedLifetime, duration);
}
Also used :
CallbackHandler(javax.security.auth.callback.CallbackHandler)
PasswordCallbackHandler(org.apache.cxf.sts.common.PasswordCallbackHandler)
Instant(java.time.Instant)
Element(org.w3c.dom.Element)
DefaultConditionsProvider(org.apache.cxf.sts.token.provider.DefaultConditionsProvider)
Lifetime(org.apache.cxf.sts.request.Lifetime)
Crypto(org.apache.wss4j.common.crypto.Crypto)
PasswordCallbackHandler(org.apache.cxf.sts.common.PasswordCallbackHandler)
ReceivedToken(org.apache.cxf.sts.request.ReceivedToken)
Aggregations
Instant (java.time.Instant)26
Lifetime (org.apache.cxf.sts.request.Lifetime)26
Element (org.w3c.dom.Element)15
DefaultConditionsProvider (org.apache.cxf.sts.token.provider.DefaultConditionsProvider)10
STSException (org.apache.cxf.ws.security.sts.provider.STSException)10
DefaultJWTClaimsProvider (org.apache.cxf.sts.token.provider.jwt.DefaultJWTClaimsProvider)7
JWTTokenProvider (org.apache.cxf.sts.token.provider.jwt.JWTTokenProvider)7
SAMLTokenProvider (org.apache.cxf.sts.token.provider.SAMLTokenProvider)6
TokenProviderParameters (org.apache.cxf.sts.token.provider.TokenProviderParameters)6
TokenProviderResponse (org.apache.cxf.sts.token.provider.TokenProviderResponse)6
JwsJwtCompactConsumer (org.apache.cxf.rs.security.jose.jws.JwsJwtCompactConsumer)5
JwtToken (org.apache.cxf.rs.security.jose.jwt.JwtToken)5
Renewing (org.apache.cxf.sts.request.Renewing)5
CallbackHandler (javax.security.auth.callback.CallbackHandler)4
PasswordCallbackHandler (org.apache.cxf.sts.common.PasswordCallbackHandler)4
ReceivedToken (org.apache.cxf.sts.request.ReceivedToken)4
Crypto (org.apache.wss4j.common.crypto.Crypto)4
DateTimeParseException (java.time.format.DateTimeParseException)2
JAXBElement (javax.xml.bind.JAXBElement)1
TokenProvider (org.apache.cxf.sts.token.provider.TokenProvider)1
