Example 16 with ReceivedToken
use of org.apache.cxf.sts.request.ReceivedToken in project ddf by codice.
the class TestUsernameTokenValidator method testValidateBadTokenNoTokenStore.
@Test
public void testValidateBadTokenNoTokenStore() {
UsernameTokenValidator usernameTokenValidator = getUsernameTokenValidator(new XmlParser(), meanValidator);
usernameTokenValidator.addRealm(null);
TokenValidatorParameters tokenValidatorParameters = mock(TokenValidatorParameters.class);
STSPropertiesMBean stsPropertiesMBean = mock(STSPropertiesMBean.class);
when(stsPropertiesMBean.getSignatureCrypto()).thenReturn(mock(Crypto.class));
when(tokenValidatorParameters.getStsProperties()).thenReturn(stsPropertiesMBean);
ReceivedToken receivedToken = mock(ReceivedToken.class);
doCallRealMethod().when(receivedToken).setState(any(ReceivedToken.STATE.class));
doCallRealMethod().when(receivedToken).getState();
when(receivedToken.isUsernameToken()).thenReturn(true);
when(tokenValidatorParameters.getToken()).thenReturn(receivedToken);
Set<Class<?>> classes = new HashSet<>();
classes.add(ObjectFactory.class);
classes.add(org.apache.cxf.ws.security.sts.provider.model.wstrust14.ObjectFactory.class);
JAXBContextCache.CachedContextAndSchemas cache = null;
try {
cache = JAXBContextCache.getCachedContextAndSchemas(classes, null, null, null, false);
} catch (JAXBException e) {
fail(e.getMessage());
}
JAXBContext jaxbContext = cache.getContext();
Unmarshaller unmarshaller = null;
try {
if (jaxbContext != null) {
unmarshaller = jaxbContext.createUnmarshaller();
}
} catch (JAXBException e) {
fail(e.getMessage());
}
JAXBElement<?> token = null;
if (unmarshaller != null) {
try {
token = (JAXBElement<?>) unmarshaller.unmarshal(this.getClass().getResourceAsStream("/user-no-password.xml"));
} catch (JAXBException e) {
fail(e.getMessage());
}
}
when(receivedToken.getToken()).thenReturn(token.getValue());
TokenValidatorResponse tokenValidatorResponse = usernameTokenValidator.validateToken(tokenValidatorParameters);
assertEquals(ReceivedToken.STATE.INVALID, tokenValidatorResponse.getToken().getState());
verify(failedLoginDelayer, times(1)).delay(anyString());
}
Also used :
XmlParser(org.codice.ddf.parser.xml.XmlParser)
JAXBContextCache(org.apache.cxf.common.jaxb.JAXBContextCache)
JAXBException(javax.xml.bind.JAXBException)
JAXBContext(javax.xml.bind.JAXBContext)
TokenValidatorParameters(org.apache.cxf.sts.token.validator.TokenValidatorParameters)
Crypto(org.apache.wss4j.common.crypto.Crypto)
JAASUsernameTokenValidator(org.apache.wss4j.dom.validate.JAASUsernameTokenValidator)
STSPropertiesMBean(org.apache.cxf.sts.STSPropertiesMBean)
TokenValidatorResponse(org.apache.cxf.sts.token.validator.TokenValidatorResponse)
ReceivedToken(org.apache.cxf.sts.request.ReceivedToken)
Unmarshaller(javax.xml.bind.Unmarshaller)
HashSet(java.util.HashSet)
Test(org.junit.Test)
Example 17 with ReceivedToken
use of org.apache.cxf.sts.request.ReceivedToken in project ddf by codice.
the class TestUsernameTokenValidator method testValidateBadToken.
@Test
public void testValidateBadToken() {
UsernameTokenValidator usernameTokenValidator = getUsernameTokenValidator(new XmlParser(), meanValidator);
usernameTokenValidator.addRealm(null);
TokenValidatorParameters tokenValidatorParameters = mock(TokenValidatorParameters.class);
STSPropertiesMBean stsPropertiesMBean = mock(STSPropertiesMBean.class);
when(stsPropertiesMBean.getSignatureCrypto()).thenReturn(mock(Crypto.class));
when(tokenValidatorParameters.getStsProperties()).thenReturn(stsPropertiesMBean);
ReceivedToken receivedToken = mock(ReceivedToken.class);
doCallRealMethod().when(receivedToken).setState(any(ReceivedToken.STATE.class));
doCallRealMethod().when(receivedToken).getState();
when(receivedToken.isUsernameToken()).thenReturn(true);
when(tokenValidatorParameters.getToken()).thenReturn(receivedToken);
Set<Class<?>> classes = new HashSet<>();
classes.add(ObjectFactory.class);
classes.add(org.apache.cxf.ws.security.sts.provider.model.wstrust14.ObjectFactory.class);
JAXBContextCache.CachedContextAndSchemas cache = null;
try {
cache = JAXBContextCache.getCachedContextAndSchemas(classes, null, null, null, false);
} catch (JAXBException e) {
fail(e.getMessage());
}
JAXBContext jaxbContext = cache.getContext();
Unmarshaller unmarshaller = null;
try {
if (jaxbContext != null) {
unmarshaller = jaxbContext.createUnmarshaller();
}
} catch (JAXBException e) {
fail(e.getMessage());
}
JAXBElement<?> token = null;
if (unmarshaller != null) {
try {
token = (JAXBElement<?>) unmarshaller.unmarshal(this.getClass().getResourceAsStream("/user.xml"));
} catch (JAXBException e) {
fail(e.getMessage());
}
}
when(receivedToken.getToken()).thenReturn(token.getValue());
TokenValidatorResponse tokenValidatorResponse = usernameTokenValidator.validateToken(tokenValidatorParameters);
assertEquals(ReceivedToken.STATE.INVALID, tokenValidatorResponse.getToken().getState());
verify(failedLoginDelayer, times(1)).delay(anyString());
}
Also used :
XmlParser(org.codice.ddf.parser.xml.XmlParser)
JAXBContextCache(org.apache.cxf.common.jaxb.JAXBContextCache)
JAXBException(javax.xml.bind.JAXBException)
JAXBContext(javax.xml.bind.JAXBContext)
TokenValidatorParameters(org.apache.cxf.sts.token.validator.TokenValidatorParameters)
Crypto(org.apache.wss4j.common.crypto.Crypto)
JAASUsernameTokenValidator(org.apache.wss4j.dom.validate.JAASUsernameTokenValidator)
STSPropertiesMBean(org.apache.cxf.sts.STSPropertiesMBean)
TokenValidatorResponse(org.apache.cxf.sts.token.validator.TokenValidatorResponse)
ReceivedToken(org.apache.cxf.sts.request.ReceivedToken)
Unmarshaller(javax.xml.bind.Unmarshaller)
HashSet(java.util.HashSet)
Test(org.junit.Test)
Example 18 with ReceivedToken
use of org.apache.cxf.sts.request.ReceivedToken in project ddf by codice.
the class TestUsernameTokenValidator method testNoFailedDelayer.
@Test(expected = IllegalStateException.class)
public void testNoFailedDelayer() {
UsernameTokenValidator usernameTokenValidator = new UsernameTokenValidator(new XmlParser(), null) {
public void addRealm(ServiceReference<JaasRealm> serviceReference) {
validators.put("myrealm", meanValidator);
}
};
usernameTokenValidator.addRealm(null);
TokenValidatorParameters tokenValidatorParameters = mock(TokenValidatorParameters.class);
STSPropertiesMBean stsPropertiesMBean = mock(STSPropertiesMBean.class);
when(stsPropertiesMBean.getSignatureCrypto()).thenReturn(mock(Crypto.class));
when(tokenValidatorParameters.getStsProperties()).thenReturn(stsPropertiesMBean);
ReceivedToken receivedToken = mock(ReceivedToken.class);
doCallRealMethod().when(receivedToken).setState(any(ReceivedToken.STATE.class));
doCallRealMethod().when(receivedToken).getState();
when(receivedToken.isUsernameToken()).thenReturn(true);
when(tokenValidatorParameters.getToken()).thenReturn(receivedToken);
Set<Class<?>> classes = new HashSet<>();
classes.add(ObjectFactory.class);
classes.add(org.apache.cxf.ws.security.sts.provider.model.wstrust14.ObjectFactory.class);
JAXBContextCache.CachedContextAndSchemas cache = null;
try {
cache = JAXBContextCache.getCachedContextAndSchemas(classes, null, null, null, false);
} catch (JAXBException e) {
fail(e.getMessage());
}
JAXBContext jaxbContext = cache.getContext();
Unmarshaller unmarshaller = null;
try {
if (jaxbContext != null) {
unmarshaller = jaxbContext.createUnmarshaller();
}
} catch (JAXBException e) {
fail(e.getMessage());
}
JAXBElement<?> token = null;
if (unmarshaller != null) {
try {
token = (JAXBElement<?>) unmarshaller.unmarshal(this.getClass().getResourceAsStream("/user-no-password.xml"));
} catch (JAXBException e) {
fail(e.getMessage());
}
}
when(receivedToken.getToken()).thenReturn(token.getValue());
usernameTokenValidator.validateToken(tokenValidatorParameters);
}
Also used :
XmlParser(org.codice.ddf.parser.xml.XmlParser)
JAXBContextCache(org.apache.cxf.common.jaxb.JAXBContextCache)
JAXBException(javax.xml.bind.JAXBException)
JAXBContext(javax.xml.bind.JAXBContext)
ServiceReference(org.osgi.framework.ServiceReference)
TokenValidatorParameters(org.apache.cxf.sts.token.validator.TokenValidatorParameters)
Crypto(org.apache.wss4j.common.crypto.Crypto)
JAASUsernameTokenValidator(org.apache.wss4j.dom.validate.JAASUsernameTokenValidator)
STSPropertiesMBean(org.apache.cxf.sts.STSPropertiesMBean)
ReceivedToken(org.apache.cxf.sts.request.ReceivedToken)
Unmarshaller(javax.xml.bind.Unmarshaller)
HashSet(java.util.HashSet)
Test(org.junit.Test)
Example 19 with ReceivedToken
use of org.apache.cxf.sts.request.ReceivedToken in project ddf by codice.
the class X509DelegationHandler method isDelegationAllowed.
public TokenDelegationResponse isDelegationAllowed(TokenDelegationParameters tokenParameters) {
TokenDelegationResponse response = new TokenDelegationResponse();
ReceivedToken delegateTarget = tokenParameters.getToken();
response.setToken(delegateTarget);
Object token = delegateTarget.getToken();
if (token instanceof BinarySecurityTokenType) {
response.setDelegationAllowed(true);
}
return response;
}
Also used :
BinarySecurityTokenType(org.apache.cxf.ws.security.sts.provider.model.secext.BinarySecurityTokenType)
ReceivedToken(org.apache.cxf.sts.request.ReceivedToken)
TokenDelegationResponse(org.apache.cxf.sts.token.delegation.TokenDelegationResponse)
Example 20 with ReceivedToken
use of org.apache.cxf.sts.request.ReceivedToken in project cas by apereo.
the class X509TokenDelegationHandler method isDelegationAllowed.
@Override
public TokenDelegationResponse isDelegationAllowed(final TokenDelegationParameters tokenParameters) {
final TokenDelegationResponse response = new TokenDelegationResponse();
final ReceivedToken delegateTarget = tokenParameters.getToken();
response.setToken(delegateTarget);
if (!delegateTarget.isDOMElement()) {
return response;
}
if (delegateTarget.getState() == ReceivedToken.STATE.VALID && delegateTarget.getPrincipal() != null) {
response.setDelegationAllowed(true);
LOGGER.debug("Delegation is allowed for: [{}]", delegateTarget.getPrincipal());
} else {
LOGGER.debug("Delegation is not allowed, as the token is invalid or the principal is null");
}
return response;
}
Also used :
ReceivedToken(org.apache.cxf.sts.request.ReceivedToken)
TokenDelegationResponse(org.apache.cxf.sts.token.delegation.TokenDelegationResponse)
Aggregations
ReceivedToken (org.apache.cxf.sts.request.ReceivedToken)41
Test (org.junit.Test)25
TokenValidatorResponse (org.apache.cxf.sts.token.validator.TokenValidatorResponse)23
BinarySecurityTokenType (org.apache.cxf.ws.security.sts.provider.model.secext.BinarySecurityTokenType)21
TokenValidatorParameters (org.apache.cxf.sts.token.validator.TokenValidatorParameters)20
STSPropertiesMBean (org.apache.cxf.sts.STSPropertiesMBean)18
Crypto (org.apache.wss4j.common.crypto.Crypto)15
WSSecurityException (org.apache.wss4j.common.ext.WSSecurityException)10
RequestData (org.apache.wss4j.dom.handler.RequestData)10
Credential (org.apache.wss4j.dom.validate.Credential)9
XmlParser (org.codice.ddf.parser.xml.XmlParser)9
X500Principal (javax.security.auth.x500.X500Principal)8
JAASUsernameTokenValidator (org.apache.wss4j.dom.validate.JAASUsernameTokenValidator)7
PKIAuthenticationToken (org.codice.ddf.security.handler.api.PKIAuthenticationToken)7
X509Certificate (java.security.cert.X509Certificate)6
PKIAuthenticationTokenFactory (org.codice.ddf.security.handler.api.PKIAuthenticationTokenFactory)6
HashSet (java.util.HashSet)5
CallbackHandler (javax.security.auth.callback.CallbackHandler)5
JAXBContext (javax.xml.bind.JAXBContext)5
JAXBException (javax.xml.bind.JAXBException)5
