Examples with JWTTokenProvider org.apache.cxf.sts.token.provider.jwt.JWTTokenProvider used on opensource projects

Search in sources :

Example 41 with JWTTokenProvider

use of org.apache.cxf.sts.token.provider.jwt.JWTTokenProvider in project cxf by apache.

the class JWTTokenProviderTest method testCreateSignedEncryptedJWT.

@org.junit.Test
public void testCreateSignedEncryptedJWT() throws Exception {
    TokenProvider jwtTokenProvider = new JWTTokenProvider();
    TokenProviderParameters providerParameters = createProviderParameters();
    providerParameters.setEncryptToken(true);
    assertTrue(jwtTokenProvider.canHandleToken(JWTTokenProvider.JWT_TOKEN_TYPE));
    TokenProviderResponse providerResponse = jwtTokenProvider.createToken(providerParameters);
    assertTrue(providerResponse != null);
    assertTrue(providerResponse.getToken() != null && providerResponse.getTokenId() != null);
    String token = (String) providerResponse.getToken();
    assertNotNull(token);
    assertTrue(token.split("\\.").length == 5);
    if (unrestrictedPoliciesInstalled) {
        // Validate the token
        JweJwtCompactConsumer jwtConsumer = new JweJwtCompactConsumer(token);
        Properties decProperties = new Properties();
        Crypto decryptionCrypto = CryptoFactory.getInstance(getDecryptionProperties());
        KeyStore keystore = ((Merlin) decryptionCrypto).getKeyStore();
        decProperties.put(JoseConstants.RSSEC_KEY_STORE, keystore);
        decProperties.put(JoseConstants.RSSEC_KEY_STORE_ALIAS, "myservicekey");
        decProperties.put(JoseConstants.RSSEC_KEY_PSWD, "skpass");
        JweDecryptionProvider decProvider = JweUtils.loadDecryptionProvider(decProperties, jwtConsumer.getHeaders());
        JweDecryptionOutput decOutput = decProvider.decrypt(token);
        String decToken = decOutput.getContentText();
        JwsJwtCompactConsumer jwtJwsConsumer = new JwsJwtCompactConsumer(decToken);
        JwtToken jwt = jwtJwsConsumer.getJwtToken();
        Assert.assertEquals("alice", jwt.getClaim(JwtConstants.CLAIM_SUBJECT));
        Assert.assertEquals(providerResponse.getTokenId(), jwt.getClaim(JwtConstants.CLAIM_JWT_ID));
        Assert.assertEquals(providerResponse.getCreated().getEpochSecond(), jwt.getClaim(JwtConstants.CLAIM_ISSUED_AT));
        Assert.assertEquals(providerResponse.getExpires().getEpochSecond(), jwt.getClaim(JwtConstants.CLAIM_EXPIRY));
    }
}
Also used : StaticSTSProperties(org.apache.cxf.sts.StaticSTSProperties) EncryptionProperties(org.apache.cxf.sts.service.EncryptionProperties) SignatureProperties(org.apache.cxf.sts.SignatureProperties) Properties(java.util.Properties) KeyStore(java.security.KeyStore) JwtToken(org.apache.cxf.rs.security.jose.jwt.JwtToken) JWTTokenProvider(org.apache.cxf.sts.token.provider.jwt.JWTTokenProvider) Crypto(org.apache.wss4j.common.crypto.Crypto) JweDecryptionOutput(org.apache.cxf.rs.security.jose.jwe.JweDecryptionOutput) JweDecryptionProvider(org.apache.cxf.rs.security.jose.jwe.JweDecryptionProvider) JwsJwtCompactConsumer(org.apache.cxf.rs.security.jose.jws.JwsJwtCompactConsumer) JweJwtCompactConsumer(org.apache.cxf.rs.security.jose.jwe.JweJwtCompactConsumer) Merlin(org.apache.wss4j.common.crypto.Merlin) JWTTokenProvider(org.apache.cxf.sts.token.provider.jwt.JWTTokenProvider)

Example 42 with JWTTokenProvider

use of org.apache.cxf.sts.token.provider.jwt.JWTTokenProvider in project cxf by apache.

the class JWTTokenProviderTest method testCreateUnsignedJWT.

@org.junit.Test
public void testCreateUnsignedJWT() throws Exception {
    TokenProvider jwtTokenProvider = new JWTTokenProvider();
    ((JWTTokenProvider) jwtTokenProvider).setSignToken(false);
    TokenProviderParameters providerParameters = createProviderParameters();
    assertTrue(jwtTokenProvider.canHandleToken(JWTTokenProvider.JWT_TOKEN_TYPE));
    TokenProviderResponse providerResponse = jwtTokenProvider.createToken(providerParameters);
    assertTrue(providerResponse != null);
    assertTrue(providerResponse.getToken() != null && providerResponse.getTokenId() != null);
    String token = (String) providerResponse.getToken();
    assertNotNull(token);
    assertTrue(token.split("\\.").length == 2);
    // Validate the token
    JwsJwtCompactConsumer jwtConsumer = new JwsJwtCompactConsumer(token);
    JwtToken jwt = jwtConsumer.getJwtToken();
    Assert.assertEquals("alice", jwt.getClaim(JwtConstants.CLAIM_SUBJECT));
    Assert.assertEquals(providerResponse.getTokenId(), jwt.getClaim(JwtConstants.CLAIM_JWT_ID));
    Assert.assertEquals(providerResponse.getCreated().getEpochSecond(), jwt.getClaim(JwtConstants.CLAIM_ISSUED_AT));
    Assert.assertEquals(providerResponse.getExpires().getEpochSecond(), jwt.getClaim(JwtConstants.CLAIM_EXPIRY));
}
Also used : JwtToken(org.apache.cxf.rs.security.jose.jwt.JwtToken) JWTTokenProvider(org.apache.cxf.sts.token.provider.jwt.JWTTokenProvider) JwsJwtCompactConsumer(org.apache.cxf.rs.security.jose.jws.JwsJwtCompactConsumer) JWTTokenProvider(org.apache.cxf.sts.token.provider.jwt.JWTTokenProvider)

Example 43 with JWTTokenProvider

use of org.apache.cxf.sts.token.provider.jwt.JWTTokenProvider in project cxf by apache.

the class JWTTokenProviderTest method testCreateUnsignedEncryptedJWT.

@org.junit.Test
public void testCreateUnsignedEncryptedJWT() throws Exception {
    TokenProvider jwtTokenProvider = new JWTTokenProvider();
    ((JWTTokenProvider) jwtTokenProvider).setSignToken(false);
    TokenProviderParameters providerParameters = createProviderParameters();
    providerParameters.setEncryptToken(true);
    assertTrue(jwtTokenProvider.canHandleToken(JWTTokenProvider.JWT_TOKEN_TYPE));
    TokenProviderResponse providerResponse = jwtTokenProvider.createToken(providerParameters);
    assertTrue(providerResponse != null);
    assertTrue(providerResponse.getToken() != null && providerResponse.getTokenId() != null);
    String token = (String) providerResponse.getToken();
    assertNotNull(token);
    assertTrue(token.split("\\.").length == 5);
    if (unrestrictedPoliciesInstalled) {
        // Validate the token
        JweJwtCompactConsumer jwtConsumer = new JweJwtCompactConsumer(token);
        Properties decProperties = new Properties();
        Crypto decryptionCrypto = CryptoFactory.getInstance(getDecryptionProperties());
        KeyStore keystore = ((Merlin) decryptionCrypto).getKeyStore();
        decProperties.put(JoseConstants.RSSEC_KEY_STORE, keystore);
        decProperties.put(JoseConstants.RSSEC_KEY_STORE_ALIAS, "myservicekey");
        decProperties.put(JoseConstants.RSSEC_KEY_PSWD, "skpass");
        JweDecryptionProvider decProvider = JweUtils.loadDecryptionProvider(decProperties, jwtConsumer.getHeaders());
        JweDecryptionOutput decOutput = decProvider.decrypt(token);
        String decToken = decOutput.getContentText();
        JwsJwtCompactConsumer jwtJwsConsumer = new JwsJwtCompactConsumer(decToken);
        JwtToken jwt = jwtJwsConsumer.getJwtToken();
        Assert.assertEquals("alice", jwt.getClaim(JwtConstants.CLAIM_SUBJECT));
        Assert.assertEquals(providerResponse.getTokenId(), jwt.getClaim(JwtConstants.CLAIM_JWT_ID));
        Assert.assertEquals(providerResponse.getCreated().getEpochSecond(), jwt.getClaim(JwtConstants.CLAIM_ISSUED_AT));
        Assert.assertEquals(providerResponse.getExpires().getEpochSecond(), jwt.getClaim(JwtConstants.CLAIM_EXPIRY));
    }
}
Also used : StaticSTSProperties(org.apache.cxf.sts.StaticSTSProperties) EncryptionProperties(org.apache.cxf.sts.service.EncryptionProperties) SignatureProperties(org.apache.cxf.sts.SignatureProperties) Properties(java.util.Properties) KeyStore(java.security.KeyStore) JwtToken(org.apache.cxf.rs.security.jose.jwt.JwtToken) JWTTokenProvider(org.apache.cxf.sts.token.provider.jwt.JWTTokenProvider) Crypto(org.apache.wss4j.common.crypto.Crypto) JweDecryptionOutput(org.apache.cxf.rs.security.jose.jwe.JweDecryptionOutput) JweDecryptionProvider(org.apache.cxf.rs.security.jose.jwe.JweDecryptionProvider) JwsJwtCompactConsumer(org.apache.cxf.rs.security.jose.jws.JwsJwtCompactConsumer) JweJwtCompactConsumer(org.apache.cxf.rs.security.jose.jwe.JweJwtCompactConsumer) Merlin(org.apache.wss4j.common.crypto.Merlin) JWTTokenProvider(org.apache.cxf.sts.token.provider.jwt.JWTTokenProvider)

Example 44 with JWTTokenProvider

use of org.apache.cxf.sts.token.provider.jwt.JWTTokenProvider in project cxf by apache.

the class JWTTokenValidatorRealmTest method testRealmB.

@org.junit.Test
public void testRealmB() throws Exception {
    // Create
    TokenProvider jwtTokenProvider = new JWTTokenProvider();
    ((JWTTokenProvider) jwtTokenProvider).setSignToken(true);
    ((JWTTokenProvider) jwtTokenProvider).setRealmMap(getRealms());
    TokenProviderParameters providerParameters = createProviderParameters();
    providerParameters.setRealm("B");
    assertTrue(jwtTokenProvider.canHandleToken(JWTTokenProvider.JWT_TOKEN_TYPE));
    TokenProviderResponse providerResponse = jwtTokenProvider.createToken(providerParameters);
    assertTrue(providerResponse != null);
    assertTrue(providerResponse.getToken() != null && providerResponse.getTokenId() != null);
    String token = (String) providerResponse.getToken();
    assertNotNull(token);
    assertTrue(token.split("\\.").length == 3);
    // Validate the token - no realm is returned
    TokenValidator jwtTokenValidator = new JWTTokenValidator();
    TokenValidatorParameters validatorParameters = createValidatorParameters();
    TokenRequirements tokenRequirements = validatorParameters.getTokenRequirements();
    // Create a ValidateTarget consisting of a JWT Token
    ReceivedToken validateTarget = new ReceivedToken(createTokenWrapper(token));
    tokenRequirements.setValidateTarget(validateTarget);
    validatorParameters.setToken(validateTarget);
    assertTrue(jwtTokenValidator.canHandleToken(validateTarget));
    TokenValidatorResponse validatorResponse = jwtTokenValidator.validateToken(validatorParameters);
    assertTrue(validatorResponse != null);
    assertTrue(validatorResponse.getToken() != null);
    assertTrue(validatorResponse.getToken().getState() == STATE.VALID);
    assertNull(validatorResponse.getTokenRealm());
    // Now set the JWTRealmCodec implementation on the Validator
    ((JWTTokenValidator) jwtTokenValidator).setRealmCodec(new IssuerJWTRealmCodec());
    validatorResponse = jwtTokenValidator.validateToken(validatorParameters);
    assertTrue(validatorResponse != null);
    assertTrue(validatorResponse.getToken() != null);
    assertTrue(validatorResponse.getToken().getState() == STATE.VALID);
    assertTrue(validatorResponse.getTokenRealm().equals("B"));
    Principal principal = validatorResponse.getPrincipal();
    assertTrue(principal != null && principal.getName() != null);
}
Also used : TokenProviderParameters(org.apache.cxf.sts.token.provider.TokenProviderParameters) TokenProvider(org.apache.cxf.sts.token.provider.TokenProvider) JWTTokenProvider(org.apache.cxf.sts.token.provider.jwt.JWTTokenProvider) JWTTokenValidator(org.apache.cxf.sts.token.validator.jwt.JWTTokenValidator) TokenRequirements(org.apache.cxf.sts.request.TokenRequirements) JWTTokenValidator(org.apache.cxf.sts.token.validator.jwt.JWTTokenValidator) TokenProviderResponse(org.apache.cxf.sts.token.provider.TokenProviderResponse) ReceivedToken(org.apache.cxf.sts.request.ReceivedToken) CustomTokenPrincipal(org.apache.wss4j.common.principal.CustomTokenPrincipal) Principal(java.security.Principal) JWTTokenProvider(org.apache.cxf.sts.token.provider.jwt.JWTTokenProvider)

Example 45 with JWTTokenProvider

use of org.apache.cxf.sts.token.provider.jwt.JWTTokenProvider in project cxf by apache.

the class JWTTokenValidatorRealmTest method testRealmA.

@org.junit.Test
public void testRealmA() throws Exception {
    // Create
    TokenProvider jwtTokenProvider = new JWTTokenProvider();
    ((JWTTokenProvider) jwtTokenProvider).setSignToken(true);
    ((JWTTokenProvider) jwtTokenProvider).setRealmMap(getRealms());
    TokenProviderParameters providerParameters = createProviderParameters();
    providerParameters.setRealm("A");
    assertTrue(jwtTokenProvider.canHandleToken(JWTTokenProvider.JWT_TOKEN_TYPE));
    TokenProviderResponse providerResponse = jwtTokenProvider.createToken(providerParameters);
    assertTrue(providerResponse != null);
    assertTrue(providerResponse.getToken() != null && providerResponse.getTokenId() != null);
    String token = (String) providerResponse.getToken();
    assertNotNull(token);
    assertTrue(token.split("\\.").length == 3);
    // Validate the token - no realm is returned
    TokenValidator jwtTokenValidator = new JWTTokenValidator();
    TokenValidatorParameters validatorParameters = createValidatorParameters();
    TokenRequirements tokenRequirements = validatorParameters.getTokenRequirements();
    // Create a ValidateTarget consisting of a JWT Token
    ReceivedToken validateTarget = new ReceivedToken(createTokenWrapper(token));
    tokenRequirements.setValidateTarget(validateTarget);
    validatorParameters.setToken(validateTarget);
    assertTrue(jwtTokenValidator.canHandleToken(validateTarget));
    TokenValidatorResponse validatorResponse = jwtTokenValidator.validateToken(validatorParameters);
    assertTrue(validatorResponse != null);
    assertTrue(validatorResponse.getToken() != null);
    assertTrue(validatorResponse.getToken().getState() == STATE.VALID);
    assertNull(validatorResponse.getTokenRealm());
    // Now set the JWTRealmCodec implementation on the Validator
    ((JWTTokenValidator) jwtTokenValidator).setRealmCodec(new IssuerJWTRealmCodec());
    validatorResponse = jwtTokenValidator.validateToken(validatorParameters);
    assertTrue(validatorResponse != null);
    assertTrue(validatorResponse.getToken() != null);
    assertTrue(validatorResponse.getToken().getState() == STATE.VALID);
    assertTrue(validatorResponse.getTokenRealm().equals("A"));
    Principal principal = validatorResponse.getPrincipal();
    assertTrue(principal != null && principal.getName() != null);
}
Also used : TokenProviderParameters(org.apache.cxf.sts.token.provider.TokenProviderParameters) TokenProvider(org.apache.cxf.sts.token.provider.TokenProvider) JWTTokenProvider(org.apache.cxf.sts.token.provider.jwt.JWTTokenProvider) JWTTokenValidator(org.apache.cxf.sts.token.validator.jwt.JWTTokenValidator) TokenRequirements(org.apache.cxf.sts.request.TokenRequirements) JWTTokenValidator(org.apache.cxf.sts.token.validator.jwt.JWTTokenValidator) TokenProviderResponse(org.apache.cxf.sts.token.provider.TokenProviderResponse) ReceivedToken(org.apache.cxf.sts.request.ReceivedToken) CustomTokenPrincipal(org.apache.wss4j.common.principal.CustomTokenPrincipal) Principal(java.security.Principal) JWTTokenProvider(org.apache.cxf.sts.token.provider.jwt.JWTTokenProvider)

Aggregations

JWTTokenProvider (org.apache.cxf.sts.token.provider.jwt.JWTTokenProvider)49 JwsJwtCompactConsumer (org.apache.cxf.rs.security.jose.jws.JwsJwtCompactConsumer)33 JwtToken (org.apache.cxf.rs.security.jose.jwt.JwtToken)33 TokenProvider (org.apache.cxf.sts.token.provider.TokenProvider)23 Crypto (org.apache.wss4j.common.crypto.Crypto)18 CustomTokenPrincipal (org.apache.wss4j.common.principal.CustomTokenPrincipal)18 JAXBElement (javax.xml.bind.JAXBElement)17 Element (org.w3c.dom.Element)15 ArrayList (java.util.ArrayList)13 PasswordCallbackHandler (org.apache.cxf.sts.common.PasswordCallbackHandler)13 RequestSecurityTokenResponseType (org.apache.cxf.ws.security.sts.provider.model.RequestSecurityTokenResponseType)13 RequestSecurityTokenType (org.apache.cxf.ws.security.sts.provider.model.RequestSecurityTokenType)13 RequestedSecurityTokenType (org.apache.cxf.ws.security.sts.provider.model.RequestedSecurityTokenType)13 StaticSTSProperties (org.apache.cxf.sts.StaticSTSProperties)12 DefaultJWTClaimsProvider (org.apache.cxf.sts.token.provider.jwt.DefaultJWTClaimsProvider)12 WrappedMessageContext (org.apache.cxf.jaxws.context.WrappedMessageContext)11 MessageImpl (org.apache.cxf.message.MessageImpl)11 STSPropertiesMBean (org.apache.cxf.sts.STSPropertiesMBean)11 Principal (java.security.Principal)10 ClaimsHandler (org.apache.cxf.sts.claims.ClaimsHandler)10
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial