use of org.apache.cxf.sts.token.provider.TokenProviderResponse in project cxf by apache.
the class SCTValidatorTest method testValidSecurityContextToken.
/**
* Test a valid SecurityContextToken
*/
@org.junit.Test
public void testValidSecurityContextToken() throws Exception {
TokenValidator sctValidator = new SCTValidator();
TokenValidatorParameters validatorParameters = createValidatorParameters();
TokenRequirements tokenRequirements = validatorParameters.getTokenRequirements();
// Create a ValidateTarget consisting of a SecurityContextToken
TokenProviderResponse providerResponse = getSecurityContextToken();
ReceivedToken validateTarget = new ReceivedToken(providerResponse.getToken());
tokenRequirements.setValidateTarget(validateTarget);
validatorParameters.setToken(validateTarget);
assertTrue(sctValidator.canHandleToken(validateTarget));
TokenValidatorResponse validatorResponse = sctValidator.validateToken(validatorParameters);
assertTrue(validatorResponse != null);
assertTrue(validatorResponse.getToken() != null);
assertTrue(validatorResponse.getToken().getState() == STATE.VALID);
assertTrue(validatorResponse.getAdditionalProperties().get(SCTValidator.SCT_VALIDATOR_SECRET) != null);
assertTrue(validatorResponse.getPrincipal().getName().equals("alice"));
// Now remove the SCT from the cache
tokenStore.remove(tokenStore.getToken(providerResponse.getTokenId()).getId());
assertNull(tokenStore.getToken(providerResponse.getTokenId()));
validatorResponse = sctValidator.validateToken(validatorParameters);
assertTrue(validatorResponse != null);
assertTrue(validatorResponse.getToken() != null);
assertTrue(validatorResponse.getToken().getState() == STATE.INVALID);
}
use of org.apache.cxf.sts.token.provider.TokenProviderResponse in project cxf by apache.
the class CustomUsernameTokenProvider method createToken.
public TokenProviderResponse createToken(TokenProviderParameters tokenParameters) {
try {
Document doc = DOMUtils.getEmptyDocument();
// Mock up a UsernameToken
UsernameToken usernameToken = new UsernameToken(true, doc, WSS4JConstants.PASSWORD_TEXT);
usernameToken.setName("alice");
usernameToken.setPassword("password");
String id = "UT-1234";
usernameToken.addWSSENamespace();
usernameToken.addWSUNamespace();
usernameToken.setID(id);
TokenProviderResponse response = new TokenProviderResponse();
response.setToken(usernameToken.getElement());
response.setTokenId(id);
// Store the token in the cache
if (tokenParameters.getTokenStore() != null) {
SecurityToken securityToken = new SecurityToken(usernameToken.getID());
securityToken.setToken(usernameToken.getElement());
int hashCode = usernameToken.hashCode();
String identifier = Integer.toString(hashCode);
securityToken.setTokenHash(hashCode);
tokenParameters.getTokenStore().add(identifier, securityToken);
}
return response;
} catch (Exception e) {
e.printStackTrace();
throw new STSException("Can't serialize SAML assertion", e, STSException.REQUEST_FAILED);
}
}
use of org.apache.cxf.sts.token.provider.TokenProviderResponse in project cxf by apache.
the class SCTSAMLTokenProvider method createToken.
/**
* Create a token given a TokenProviderParameters
*/
public TokenProviderResponse createToken(TokenProviderParameters tokenParameters) {
testKeyType(tokenParameters);
byte[] secret = null;
byte[] entropyBytes = null;
long keySize = 0;
boolean computedKey = false;
KeyRequirements keyRequirements = tokenParameters.getKeyRequirements();
TokenRequirements tokenRequirements = tokenParameters.getTokenRequirements();
LOG.fine("Handling token of type: " + tokenRequirements.getTokenType());
keyRequirements.setKeyType(STSConstants.SYMMETRIC_KEY_KEYTYPE);
secret = (byte[]) tokenParameters.getAdditionalProperties().get(SCTValidator.SCT_VALIDATOR_SECRET);
try {
Document doc = DOMUtils.createDocument();
SamlAssertionWrapper assertion = createSamlToken(tokenParameters, secret, doc);
Element token = assertion.toDOM(doc);
TokenProviderResponse response = new TokenProviderResponse();
response.setToken(token);
String tokenType = tokenRequirements.getTokenType();
if (WSS4JConstants.WSS_SAML2_TOKEN_TYPE.equals(tokenType) || WSS4JConstants.SAML2_NS.equals(tokenType)) {
response.setTokenId(token.getAttributeNS(null, "ID"));
} else {
response.setTokenId(token.getAttributeNS(null, "AssertionID"));
}
response.setCreated(assertion.getNotBefore());
response.setExpires(assertion.getNotOnOrAfter());
response.setEntropy(entropyBytes);
if (keySize > 0) {
response.setKeySize(keySize);
}
response.setComputedKey(computedKey);
return response;
} catch (Exception e) {
LOG.log(Level.WARNING, "", e);
throw new STSException("Can't serialize SAML assertion", e, STSException.REQUEST_FAILED);
}
}
use of org.apache.cxf.sts.token.provider.TokenProviderResponse in project cxf by apache.
the class SAMLDelegationTest method createSAMLAssertion.
/*
* Mock up an SAML assertion element
*/
private Element createSAMLAssertion(String tokenType, String keyType, Crypto crypto, String signatureUsername, CallbackHandler callbackHandler, String user, String issuer) throws WSSecurityException {
SAMLTokenProvider samlTokenProvider = new SAMLTokenProvider();
TokenProviderParameters providerParameters = createProviderParameters(tokenType, keyType, crypto, signatureUsername, callbackHandler, user, issuer);
TokenProviderResponse providerResponse = samlTokenProvider.createToken(providerParameters);
assertTrue(providerResponse != null);
assertTrue(providerResponse.getToken() != null && providerResponse.getTokenId() != null);
return (Element) providerResponse.getToken();
}
use of org.apache.cxf.sts.token.provider.TokenProviderResponse in project cxf by apache.
the class SAMLDelegationTest method createUnsignedSAMLAssertion.
private Element createUnsignedSAMLAssertion(String tokenType, String keyType, String user, String issuer) throws WSSecurityException {
SAMLTokenProvider samlTokenProvider = new SAMLTokenProvider();
samlTokenProvider.setSignToken(false);
TokenProviderParameters providerParameters = createProviderParameters(tokenType, keyType, null, null, null, user, issuer);
TokenProviderResponse providerResponse = samlTokenProvider.createToken(providerParameters);
assertTrue(providerResponse != null);
assertTrue(providerResponse.getToken() != null && providerResponse.getTokenId() != null);
return (Element) providerResponse.getToken();
}
Aggregations