use of org.apache.cxf.sts.request.Lifetime in project cxf by apache.
the class SAMLTokenRenewerLifetimeTest method testSaml2ValidLifetime.
/**
* Renew SAML 2 token with a valid requested lifetime
*/
@org.junit.Test
public void testSaml2ValidLifetime() throws Exception {
int requestedLifetime = 60;
SAMLTokenRenewer samlTokenRenewer = new SAMLTokenRenewer();
samlTokenRenewer.setVerifyProofOfPossession(false);
samlTokenRenewer.setAllowRenewalAfterExpiry(true);
DefaultConditionsProvider conditionsProvider = new DefaultConditionsProvider();
conditionsProvider.setAcceptClientLifetime(true);
samlTokenRenewer.setConditionsProvider(conditionsProvider);
TokenRenewerParameters renewerParameters = createRenewerParameters();
// Set expected lifetime to 1 minute
Instant creationTime = Instant.now();
Instant expirationTime = creationTime.plusSeconds(requestedLifetime);
Lifetime lifetime = new Lifetime();
lifetime.setCreated(creationTime.atZone(ZoneOffset.UTC).format(DateUtil.getDateTimeFormatter(true)));
lifetime.setExpires(expirationTime.atZone(ZoneOffset.UTC).format(DateUtil.getDateTimeFormatter(true)));
renewerParameters.getTokenRequirements().setLifetime(lifetime);
CallbackHandler callbackHandler = new PasswordCallbackHandler();
Crypto crypto = CryptoFactory.getInstance(getEncryptionProperties());
// Create token.
Element samlToken = createSAMLAssertion(WSS4JConstants.WSS_SAML_TOKEN_TYPE, crypto, "mystskey", callbackHandler, 50, true, true);
// Sleep to expire the token
Thread.sleep(100);
ReceivedToken renewTarget = new ReceivedToken(samlToken);
renewTarget.setState(STATE.VALID);
renewerParameters.getTokenRequirements().setRenewTarget(renewTarget);
renewerParameters.setToken(renewTarget);
assertTrue(samlTokenRenewer.canHandleToken(renewTarget));
TokenRenewerResponse renewerResponse = samlTokenRenewer.renewToken(renewerParameters);
assertTrue(renewerResponse != null);
assertTrue(renewerResponse.getToken() != null);
long duration = Duration.between(renewerResponse.getCreated(), renewerResponse.getExpires()).getSeconds();
assertEquals(requestedLifetime, duration);
}
Aggregations