use of org.apache.cxf.sts.request.ReceivedToken in project cxf by apache.
the class JWTTokenValidatorTest method testInvalidSignature.
@org.junit.Test
public void testInvalidSignature() throws Exception {
// Create
TokenProvider jwtTokenProvider = new JWTTokenProvider();
((JWTTokenProvider) jwtTokenProvider).setSignToken(true);
TokenProviderParameters providerParameters = createProviderParameters();
Crypto crypto = CryptoFactory.getInstance(getEveCryptoProperties());
CallbackHandler callbackHandler = new EveCallbackHandler();
providerParameters.getStsProperties().setSignatureCrypto(crypto);
providerParameters.getStsProperties().setCallbackHandler(callbackHandler);
providerParameters.getStsProperties().setSignatureUsername("eve");
assertTrue(jwtTokenProvider.canHandleToken(JWTTokenProvider.JWT_TOKEN_TYPE));
TokenProviderResponse providerResponse = jwtTokenProvider.createToken(providerParameters);
assertTrue(providerResponse != null);
assertTrue(providerResponse.getToken() != null && providerResponse.getTokenId() != null);
String token = (String) providerResponse.getToken();
assertNotNull(token);
assertTrue(token.split("\\.").length == 3);
// Validate the token
TokenValidator jwtTokenValidator = new JWTTokenValidator();
TokenValidatorParameters validatorParameters = createValidatorParameters();
TokenRequirements tokenRequirements = validatorParameters.getTokenRequirements();
// Create a ValidateTarget consisting of a JWT Token
ReceivedToken validateTarget = new ReceivedToken(createTokenWrapper(token));
tokenRequirements.setValidateTarget(validateTarget);
validatorParameters.setToken(validateTarget);
assertTrue(jwtTokenValidator.canHandleToken(validateTarget));
TokenValidatorResponse validatorResponse = jwtTokenValidator.validateToken(validatorParameters);
assertTrue(validatorResponse != null);
assertTrue(validatorResponse.getToken() != null);
assertTrue(validatorResponse.getToken().getState() == STATE.INVALID);
}
use of org.apache.cxf.sts.request.ReceivedToken in project cxf by apache.
the class JWTTokenValidatorTest method testChangedSignature.
@org.junit.Test
public void testChangedSignature() throws Exception {
// Create
TokenProvider jwtTokenProvider = new JWTTokenProvider();
((JWTTokenProvider) jwtTokenProvider).setSignToken(true);
DefaultJWTClaimsProvider jwtClaimsProvider = new DefaultJWTClaimsProvider();
jwtClaimsProvider.setLifetime(1L);
((JWTTokenProvider) jwtTokenProvider).setJwtClaimsProvider(jwtClaimsProvider);
TokenProviderParameters providerParameters = createProviderParameters();
assertTrue(jwtTokenProvider.canHandleToken(JWTTokenProvider.JWT_TOKEN_TYPE));
TokenProviderResponse providerResponse = jwtTokenProvider.createToken(providerParameters);
assertTrue(providerResponse != null);
assertTrue(providerResponse.getToken() != null && providerResponse.getTokenId() != null);
String token = (String) providerResponse.getToken();
// Change the signature
token += "blah";
assertNotNull(token);
assertTrue(token.split("\\.").length == 3);
Thread.sleep(1500L);
// Validate the token
TokenValidator jwtTokenValidator = new JWTTokenValidator();
TokenValidatorParameters validatorParameters = createValidatorParameters();
TokenRequirements tokenRequirements = validatorParameters.getTokenRequirements();
// Create a ValidateTarget consisting of a JWT Token
ReceivedToken validateTarget = new ReceivedToken(createTokenWrapper(token));
tokenRequirements.setValidateTarget(validateTarget);
validatorParameters.setToken(validateTarget);
assertTrue(jwtTokenValidator.canHandleToken(validateTarget));
TokenValidatorResponse validatorResponse = jwtTokenValidator.validateToken(validatorParameters);
assertTrue(validatorResponse != null);
assertTrue(validatorResponse.getToken() != null);
assertTrue(validatorResponse.getToken().getState() == STATE.INVALID);
}
use of org.apache.cxf.sts.request.ReceivedToken in project cxf by apache.
the class JWTTokenValidatorTest method testUnsignedToken.
@org.junit.Test
public void testUnsignedToken() throws Exception {
// Create
TokenProvider jwtTokenProvider = new JWTTokenProvider();
((JWTTokenProvider) jwtTokenProvider).setSignToken(false);
TokenProviderParameters providerParameters = createProviderParameters();
Crypto crypto = CryptoFactory.getInstance(getEveCryptoProperties());
CallbackHandler callbackHandler = new EveCallbackHandler();
providerParameters.getStsProperties().setSignatureCrypto(crypto);
providerParameters.getStsProperties().setCallbackHandler(callbackHandler);
providerParameters.getStsProperties().setSignatureUsername("eve");
assertTrue(jwtTokenProvider.canHandleToken(JWTTokenProvider.JWT_TOKEN_TYPE));
TokenProviderResponse providerResponse = jwtTokenProvider.createToken(providerParameters);
assertTrue(providerResponse != null);
assertTrue(providerResponse.getToken() != null && providerResponse.getTokenId() != null);
String token = (String) providerResponse.getToken();
assertNotNull(token);
assertTrue(token.split("\\.").length == 2);
// Validate the token
TokenValidator jwtTokenValidator = new JWTTokenValidator();
TokenValidatorParameters validatorParameters = createValidatorParameters();
TokenRequirements tokenRequirements = validatorParameters.getTokenRequirements();
// Create a ValidateTarget consisting of a JWT Token
ReceivedToken validateTarget = new ReceivedToken(createTokenWrapper(token));
tokenRequirements.setValidateTarget(validateTarget);
validatorParameters.setToken(validateTarget);
assertTrue(jwtTokenValidator.canHandleToken(validateTarget));
TokenValidatorResponse validatorResponse = jwtTokenValidator.validateToken(validatorParameters);
assertTrue(validatorResponse != null);
assertTrue(validatorResponse.getToken() != null);
assertTrue(validatorResponse.getToken().getState() == STATE.INVALID);
}
use of org.apache.cxf.sts.request.ReceivedToken in project cxf by apache.
the class JWTTokenValidatorTest method testJWTWithRoles.
@org.junit.Test
public void testJWTWithRoles() throws Exception {
// Create
TokenProvider jwtTokenProvider = new JWTTokenProvider();
((JWTTokenProvider) jwtTokenProvider).setSignToken(true);
JWTClaimsProvider claimsProvider = new RoleJWTClaimsProvider("manager");
((JWTTokenProvider) jwtTokenProvider).setJwtClaimsProvider(claimsProvider);
TokenProviderParameters providerParameters = createProviderParameters();
assertTrue(jwtTokenProvider.canHandleToken(JWTTokenProvider.JWT_TOKEN_TYPE));
TokenProviderResponse providerResponse = jwtTokenProvider.createToken(providerParameters);
assertTrue(providerResponse != null);
assertTrue(providerResponse.getToken() != null && providerResponse.getTokenId() != null);
String token = (String) providerResponse.getToken();
assertNotNull(token);
assertTrue(token.split("\\.").length == 3);
// Validate the token
TokenValidator jwtTokenValidator = new JWTTokenValidator();
// Set the role
DefaultJWTRoleParser roleParser = new DefaultJWTRoleParser();
roleParser.setRoleClaim("role");
((JWTTokenValidator) jwtTokenValidator).setRoleParser(roleParser);
TokenValidatorParameters validatorParameters = createValidatorParameters();
TokenRequirements tokenRequirements = validatorParameters.getTokenRequirements();
// Create a ValidateTarget consisting of a JWT Token
ReceivedToken validateTarget = new ReceivedToken(createTokenWrapper(token));
tokenRequirements.setValidateTarget(validateTarget);
validatorParameters.setToken(validateTarget);
assertTrue(jwtTokenValidator.canHandleToken(validateTarget));
TokenValidatorResponse validatorResponse = jwtTokenValidator.validateToken(validatorParameters);
assertTrue(validatorResponse != null);
assertTrue(validatorResponse.getToken() != null);
assertTrue(validatorResponse.getToken().getState() == STATE.VALID);
Principal principal = validatorResponse.getPrincipal();
assertTrue(principal != null && principal.getName() != null);
Set<Principal> roles = validatorResponse.getRoles();
assertTrue(roles != null && !roles.isEmpty());
assertTrue(roles.iterator().next().getName().equals("manager"));
}
use of org.apache.cxf.sts.request.ReceivedToken in project cxf by apache.
the class SAMLTokenValidatorCachedRealmTest method testValidCachedRealm.
/**
* Test a SAML Assertion with valid cached realm.
*/
@org.junit.Test
public void testValidCachedRealm() throws Exception {
TokenValidator samlTokenValidator = new SAMLTokenValidator();
TokenValidatorParameters validatorParameters = createValidatorParameters();
TokenRequirements tokenRequirements = validatorParameters.getTokenRequirements();
// Create a ValidateTarget consisting of a SAML Assertion
Crypto crypto = CryptoFactory.getInstance(getEncryptionProperties());
CallbackHandler callbackHandler = new PasswordCallbackHandler();
Element samlToken = createSAMLAssertion(WSS4JConstants.WSS_SAML_TOKEN_TYPE, crypto, "mystskey", callbackHandler, "A");
Document doc = samlToken.getOwnerDocument();
samlToken = (Element) doc.appendChild(samlToken);
ReceivedToken validateTarget = new ReceivedToken(samlToken);
tokenRequirements.setValidateTarget(validateTarget);
validatorParameters.setToken(validateTarget);
// Now set the SAMLRealmCodec implementation on the Validator
SAMLRealmCodec samlRealmCodec = new IssuerSAMLRealmCodec();
((SAMLTokenValidator) samlTokenValidator).setSamlRealmCodec(samlRealmCodec);
TokenValidatorResponse validatorResponse = samlTokenValidator.validateToken(validatorParameters);
assertTrue(validatorResponse != null);
assertTrue(validatorResponse.getToken() != null);
assertTrue(validatorResponse.getToken().getState() == STATE.VALID);
assertTrue(validatorResponse.getTokenRealm().equals("A"));
}
Aggregations