Examples with ReceivedToken org.apache.cxf.sts.request.ReceivedToken used on opensource projects

Search in sources :

Example 51 with ReceivedToken

use of org.apache.cxf.sts.request.ReceivedToken in project cxf by apache.

the class X509TokenValidatorTest method testInvalidCertificate.

/**
 * Test an invalid certificate
 */
@org.junit.Test
public void testInvalidCertificate() throws Exception {
    TokenValidator x509TokenValidator = new X509TokenValidator();
    TokenValidatorParameters validatorParameters = createValidatorParameters();
    TokenRequirements tokenRequirements = validatorParameters.getTokenRequirements();
    // Create a ValidateTarget consisting of an X509Certificate
    BinarySecurityTokenType binarySecurityToken = new BinarySecurityTokenType();
    JAXBElement<BinarySecurityTokenType> tokenType = new JAXBElement<BinarySecurityTokenType>(QNameConstants.BINARY_SECURITY_TOKEN, BinarySecurityTokenType.class, binarySecurityToken);
    CryptoType cryptoType = new CryptoType(CryptoType.TYPE.ALIAS);
    cryptoType.setAlias("eve");
    Crypto crypto = CryptoFactory.getInstance(getEveCryptoProperties());
    X509Certificate[] certs = crypto.getX509Certificates(cryptoType);
    assertTrue(certs != null && certs.length > 0);
    binarySecurityToken.setValue(Base64.getMimeEncoder().encodeToString(certs[0].getEncoded()));
    binarySecurityToken.setValueType(X509TokenValidator.X509_V3_TYPE);
    binarySecurityToken.setEncodingType(WSS4JConstants.SOAPMESSAGE_NS + "#Base64Binary");
    ReceivedToken validateTarget = new ReceivedToken(tokenType);
    tokenRequirements.setValidateTarget(validateTarget);
    validatorParameters.setToken(validateTarget);
    assertTrue(x509TokenValidator.canHandleToken(validateTarget));
    TokenValidatorResponse validatorResponse = x509TokenValidator.validateToken(validatorParameters);
    assertTrue(validatorResponse != null);
    assertTrue(validatorResponse.getToken() != null);
    assertTrue(validatorResponse.getToken().getState() == STATE.INVALID);
}
Also used : JAXBElement(javax.xml.bind.JAXBElement) CryptoType(org.apache.wss4j.common.crypto.CryptoType) X509Certificate(java.security.cert.X509Certificate) Crypto(org.apache.wss4j.common.crypto.Crypto) TokenRequirements(org.apache.cxf.sts.request.TokenRequirements) BinarySecurityTokenType(org.apache.cxf.ws.security.sts.provider.model.secext.BinarySecurityTokenType) ReceivedToken(org.apache.cxf.sts.request.ReceivedToken)

Example 52 with ReceivedToken

use of org.apache.cxf.sts.request.ReceivedToken in project cxf by apache.

the class X509TokenValidatorTest method testValidCertificate.

/**
 * Test a valid certificate
 */
@org.junit.Test
public void testValidCertificate() throws Exception {
    TokenValidator x509TokenValidator = new X509TokenValidator();
    TokenValidatorParameters validatorParameters = createValidatorParameters();
    TokenRequirements tokenRequirements = validatorParameters.getTokenRequirements();
    // Create a ValidateTarget consisting of an X509Certificate
    BinarySecurityTokenType binarySecurityToken = new BinarySecurityTokenType();
    JAXBElement<BinarySecurityTokenType> tokenType = new JAXBElement<BinarySecurityTokenType>(QNameConstants.BINARY_SECURITY_TOKEN, BinarySecurityTokenType.class, binarySecurityToken);
    CryptoType cryptoType = new CryptoType(CryptoType.TYPE.ALIAS);
    cryptoType.setAlias("myclientkey");
    Crypto crypto = validatorParameters.getStsProperties().getSignatureCrypto();
    X509Certificate[] certs = crypto.getX509Certificates(cryptoType);
    assertTrue(certs != null && certs.length > 0);
    binarySecurityToken.setValue(Base64.getMimeEncoder().encodeToString(certs[0].getEncoded()));
    ReceivedToken validateTarget = new ReceivedToken(tokenType);
    tokenRequirements.setValidateTarget(validateTarget);
    validatorParameters.setToken(validateTarget);
    // It can't handle the token as the value type is not set
    assertFalse(x509TokenValidator.canHandleToken(validateTarget));
    binarySecurityToken.setValueType(X509TokenValidator.X509_V3_TYPE);
    assertTrue(x509TokenValidator.canHandleToken(validateTarget));
    // This will fail as the encoding type is not set
    TokenValidatorResponse validatorResponse = null;
    validatorResponse = x509TokenValidator.validateToken(validatorParameters);
    assertTrue(validatorResponse != null);
    assertTrue(validatorResponse.getToken() != null);
    assertTrue(validatorResponse.getToken().getState() == STATE.INVALID);
    binarySecurityToken.setEncodingType(WSS4JConstants.SOAPMESSAGE_NS + "#Base64Binary");
    validatorResponse = x509TokenValidator.validateToken(validatorParameters);
    assertTrue(validatorResponse.getToken() != null);
    assertTrue(validatorResponse.getToken().getState() == STATE.VALID);
    Principal principal = validatorResponse.getPrincipal();
    assertTrue(principal != null && principal.getName() != null);
}
Also used : JAXBElement(javax.xml.bind.JAXBElement) CryptoType(org.apache.wss4j.common.crypto.CryptoType) X509Certificate(java.security.cert.X509Certificate) Crypto(org.apache.wss4j.common.crypto.Crypto) TokenRequirements(org.apache.cxf.sts.request.TokenRequirements) BinarySecurityTokenType(org.apache.cxf.ws.security.sts.provider.model.secext.BinarySecurityTokenType) ReceivedToken(org.apache.cxf.sts.request.ReceivedToken) CustomTokenPrincipal(org.apache.wss4j.common.principal.CustomTokenPrincipal) Principal(java.security.Principal)

Example 53 with ReceivedToken

use of org.apache.cxf.sts.request.ReceivedToken in project cxf by apache.

the class UsernameTokenValidator method validateToken.

/**
 * Validate a Token using the given TokenValidatorParameters.
 */
public TokenValidatorResponse validateToken(TokenValidatorParameters tokenParameters) {
    TokenValidatorResponse response = new TokenValidatorResponse();
    ReceivedToken validateTarget = tokenParameters.getToken();
    validateTarget.setState(STATE.INVALID);
    response.setToken(validateTarget);
    UsernameTokenType usernameTokenType = (UsernameTokenType) validateTarget.getToken();
    // Ignore the fact that no password is provided
    // Some other requirements must be met to issue a token onbehalfof a subject
    // whose authentication is not proved
    validateTarget.setState(STATE.VALID);
    response.setPrincipal(new CustomTokenPrincipal(usernameTokenType.getUsername().getValue()));
    return response;
}
Also used : CustomTokenPrincipal(org.apache.wss4j.common.principal.CustomTokenPrincipal) UsernameTokenType(org.apache.cxf.ws.security.sts.provider.model.secext.UsernameTokenType) TokenValidatorResponse(org.apache.cxf.sts.token.validator.TokenValidatorResponse) ReceivedToken(org.apache.cxf.sts.request.ReceivedToken)

Example 54 with ReceivedToken

use of org.apache.cxf.sts.request.ReceivedToken in project cas by apereo.

the class X509TokenDelegationHandler method isDelegationAllowed.

@Override
public TokenDelegationResponse isDelegationAllowed(final TokenDelegationParameters tokenParameters) {
    final TokenDelegationResponse response = new TokenDelegationResponse();
    final ReceivedToken delegateTarget = tokenParameters.getToken();
    response.setToken(delegateTarget);
    if (!delegateTarget.isDOMElement()) {
        return response;
    }
    if (delegateTarget.getState() == ReceivedToken.STATE.VALID && delegateTarget.getPrincipal() != null) {
        response.setDelegationAllowed(true);
        LOGGER.debug("Delegation is allowed for: [{}]", delegateTarget.getPrincipal());
    } else {
        LOGGER.debug("Delegation is not allowed, as the token is invalid or the principal is null");
    }
    return response;
}
Also used : ReceivedToken(org.apache.cxf.sts.request.ReceivedToken) TokenDelegationResponse(org.apache.cxf.sts.token.delegation.TokenDelegationResponse)

Example 55 with ReceivedToken

use of org.apache.cxf.sts.request.ReceivedToken in project OpenAM by OpenRock.

the class TokenCancellerBase method cancelToken.

@Override
public TokenCancellerResponse cancelToken(TokenCancellerParameters tokenParameters) {
    TokenCancellerResponse response = new TokenCancellerResponse();
    ReceivedToken cancelTarget = tokenParameters.getToken();
    cancelTarget.setState(ReceivedToken.STATE.VALID);
    response.setToken(cancelTarget);
    String tokenServiceConsumptionToken = null;
    try {
        final String tokenId = generateIdFromValidateTarget(cancelTarget);
        tokenServiceConsumptionToken = getTokenServiceConsumptionToken();
        tokenServiceConsumer.cancelToken(tokenId, tokenServiceConsumptionToken);
        cancelTarget.setState(ReceivedToken.STATE.CANCELLED);
        return response;
    } catch (TokenCancellationException e) {
        throw new STSException("Exception caught validating issued token: " + e.getMessage(), e);
    } finally {
        if (tokenServiceConsumptionToken != null) {
            invalidateTokenGenerationServiceConsumptionToken(tokenServiceConsumptionToken);
        }
    }
}
Also used : STSException(org.apache.cxf.ws.security.sts.provider.STSException) ReceivedToken(org.apache.cxf.sts.request.ReceivedToken) TokenCancellationException(org.forgerock.openam.sts.TokenCancellationException) TokenCancellerResponse(org.apache.cxf.sts.token.canceller.TokenCancellerResponse)

Aggregations

ReceivedToken (org.apache.cxf.sts.request.ReceivedToken)115 Crypto (org.apache.wss4j.common.crypto.Crypto)59 TokenRequirements (org.apache.cxf.sts.request.TokenRequirements)55 Element (org.w3c.dom.Element)44 CallbackHandler (javax.security.auth.callback.CallbackHandler)42 TokenValidatorResponse (org.apache.cxf.sts.token.validator.TokenValidatorResponse)42 PasswordCallbackHandler (org.apache.cxf.sts.common.PasswordCallbackHandler)38 Document (org.w3c.dom.Document)37 CustomTokenPrincipal (org.apache.wss4j.common.principal.CustomTokenPrincipal)35 TokenValidatorParameters (org.apache.cxf.sts.token.validator.TokenValidatorParameters)32 BinarySecurityTokenType (org.apache.cxf.ws.security.sts.provider.model.secext.BinarySecurityTokenType)26 WSSecurityException (org.apache.wss4j.common.ext.WSSecurityException)25 Test (org.junit.Test)25 Principal (java.security.Principal)24 STSPropertiesMBean (org.apache.cxf.sts.STSPropertiesMBean)22 STSException (org.apache.cxf.ws.security.sts.provider.STSException)19 TokenProviderParameters (org.apache.cxf.sts.token.provider.TokenProviderParameters)13 TokenProviderResponse (org.apache.cxf.sts.token.provider.TokenProviderResponse)13 TokenValidator (org.apache.cxf.sts.token.validator.TokenValidator)13 RequestData (org.apache.wss4j.dom.handler.RequestData)13
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial