Example 21 with TokenValidatorParameters
use of org.apache.cxf.sts.token.validator.TokenValidatorParameters in project ddf by codice.
the class TestX509PathTokenValidator method testAdditionalPropertyBoth.
@Test
public void testAdditionalPropertyBoth() {
try {
Credential credential = mock(Credential.class);
X509Certificate x509Certificate = mock(X509Certificate.class);
X500Principal x500Principal = new X500Principal("cn=myxman,ou=someunit,o=someorg,C=US,EMAILADDRESS=name@example.com");
when(x509Certificate.getSubjectX500Principal()).thenReturn(x500Principal);
X509Certificate[] x509Certificates = new X509Certificate[] { x509Certificate };
when(credential.getCertificates()).thenReturn(x509Certificates);
when(validator.validate(any(Credential.class), any(RequestData.class))).thenReturn(credential);
} catch (WSSecurityException e) {
//ignore
}
x509PathTokenValidator.setValidator(validator);
TokenValidatorParameters tokenParameters = mock(TokenValidatorParameters.class);
STSPropertiesMBean stsPropertiesMBean = mock(STSPropertiesMBean.class);
when(tokenParameters.getStsProperties()).thenReturn(stsPropertiesMBean);
Crypto crypto = mock(Crypto.class);
when(stsPropertiesMBean.getSignatureCrypto()).thenReturn(crypto);
ReceivedToken receivedToken = mock(ReceivedToken.class);
doCallRealMethod().when(receivedToken).setState(any(ReceivedToken.STATE.class));
doCallRealMethod().when(receivedToken).getState();
when(tokenParameters.getToken()).thenReturn(receivedToken);
when(receivedToken.isBinarySecurityToken()).thenReturn(true);
BinarySecurityTokenType binarySecurityTokenType = mock(BinarySecurityTokenType.class);
when(binarySecurityTokenType.getValueType()).thenReturn(X509TokenValidator.X509_V3_TYPE);
when(receivedToken.getToken()).thenReturn(binarySecurityTokenType);
when(binarySecurityTokenType.getEncodingType()).thenReturn(X509PathTokenValidator.BASE64_ENCODING);
when(binarySecurityTokenType.getValue()).thenReturn("data");
TokenValidatorResponse tokenValidatorResponse = x509PathTokenValidator.validateToken(tokenParameters);
assertEquals(ReceivedToken.STATE.VALID, tokenValidatorResponse.getToken().getState());
assertEquals("US", tokenValidatorResponse.getAdditionalProperties().get(SubjectUtils.COUNTRY_CLAIM_URI));
assertEquals("name@example.com", tokenValidatorResponse.getAdditionalProperties().get(SubjectUtils.EMAIL_ADDRESS_CLAIM_URI));
}
Also used :
Credential(org.apache.wss4j.dom.validate.Credential)
WSSecurityException(org.apache.wss4j.common.ext.WSSecurityException)
X509Certificate(java.security.cert.X509Certificate)
TokenValidatorParameters(org.apache.cxf.sts.token.validator.TokenValidatorParameters)
Crypto(org.apache.wss4j.common.crypto.Crypto)
STSPropertiesMBean(org.apache.cxf.sts.STSPropertiesMBean)
BinarySecurityTokenType(org.apache.cxf.ws.security.sts.provider.model.secext.BinarySecurityTokenType)
RequestData(org.apache.wss4j.dom.handler.RequestData)
X500Principal(javax.security.auth.x500.X500Principal)
TokenValidatorResponse(org.apache.cxf.sts.token.validator.TokenValidatorResponse)
ReceivedToken(org.apache.cxf.sts.request.ReceivedToken)
Test(org.junit.Test)
Example 22 with TokenValidatorParameters
use of org.apache.cxf.sts.token.validator.TokenValidatorParameters in project ddf by codice.
the class TestPKITokenValidator method testValidateToken.
@Test
public void testValidateToken() {
BinarySecurityTokenType binarySecurityTokenType = new BinarySecurityTokenType();
binarySecurityTokenType.setEncodingType(WSConstants.SOAPMESSAGE_NS + "#Base64Binary");
binarySecurityTokenType.setValueType(PKIAuthenticationToken.PKI_TOKEN_VALUE_TYPE);
PKIAuthenticationTokenFactory pkiAuthenticationTokenFactory = new PKIAuthenticationTokenFactory();
pkiAuthenticationTokenFactory.setSignaturePropertiesPath(TestPKITokenValidator.class.getResource("/signature.properties").getPath());
pkiAuthenticationTokenFactory.init();
PKIAuthenticationToken pkiAuthenticationToken = pkiAuthenticationTokenFactory.getTokenFromCerts(certificates, "karaf");
binarySecurityTokenType.setValue(pkiAuthenticationToken.getEncodedCredentials());
ReceivedToken receivedToken = mock(ReceivedToken.class);
when(receivedToken.getToken()).thenReturn(binarySecurityTokenType);
TokenValidatorParameters tokenValidatorParameters = mock(TokenValidatorParameters.class);
STSPropertiesMBean stsPropertiesMBean = mock(STSPropertiesMBean.class);
when(stsPropertiesMBean.getSignatureCrypto()).thenReturn(merlin);
when(tokenValidatorParameters.getStsProperties()).thenReturn(stsPropertiesMBean);
when(tokenValidatorParameters.getToken()).thenReturn(receivedToken);
doCallRealMethod().when(receivedToken).setState(any(ReceivedToken.STATE.class));
doCallRealMethod().when(receivedToken).getState();
TokenValidatorResponse tokenValidatorResponse = pkiTokenValidator.validateToken(tokenValidatorParameters);
assertEquals(ReceivedToken.STATE.VALID, tokenValidatorResponse.getToken().getState());
assertEquals("US", tokenValidatorResponse.getAdditionalProperties().get(SubjectUtils.COUNTRY_CLAIM_URI));
assertEquals("localhost@example.org", tokenValidatorResponse.getAdditionalProperties().get(SubjectUtils.EMAIL_ADDRESS_CLAIM_URI));
}
Also used :
TokenValidatorParameters(org.apache.cxf.sts.token.validator.TokenValidatorParameters)
PKIAuthenticationToken(org.codice.ddf.security.handler.api.PKIAuthenticationToken)
BinarySecurityTokenType(org.apache.cxf.ws.security.sts.provider.model.secext.BinarySecurityTokenType)
PKIAuthenticationTokenFactory(org.codice.ddf.security.handler.api.PKIAuthenticationTokenFactory)
STSPropertiesMBean(org.apache.cxf.sts.STSPropertiesMBean)
TokenValidatorResponse(org.apache.cxf.sts.token.validator.TokenValidatorResponse)
ReceivedToken(org.apache.cxf.sts.request.ReceivedToken)
Test(org.junit.Test)
Example 23 with TokenValidatorParameters
use of org.apache.cxf.sts.token.validator.TokenValidatorParameters in project ddf by codice.
the class GuestValidatorTest method testCanValidateIpv6ReachabilityToken.
@Test
public void testCanValidateIpv6ReachabilityToken() {
TokenValidatorParameters params = new TokenValidatorParameters();
params.setToken(receivedTokenIpv6Reachability);
TokenValidatorResponse response = validator.validateToken(params);
assertEquals(ReceivedToken.STATE.VALID, response.getToken().getState());
}
Also used :
TokenValidatorParameters(org.apache.cxf.sts.token.validator.TokenValidatorParameters)
TokenValidatorResponse(org.apache.cxf.sts.token.validator.TokenValidatorResponse)
Test(org.junit.Test)
Aggregations
TokenValidatorParameters (org.apache.cxf.sts.token.validator.TokenValidatorParameters)23
Test (org.junit.Test)21
ReceivedToken (org.apache.cxf.sts.request.ReceivedToken)20
TokenValidatorResponse (org.apache.cxf.sts.token.validator.TokenValidatorResponse)18
STSPropertiesMBean (org.apache.cxf.sts.STSPropertiesMBean)13
Crypto (org.apache.wss4j.common.crypto.Crypto)10
BinarySecurityTokenType (org.apache.cxf.ws.security.sts.provider.model.secext.BinarySecurityTokenType)9
XmlParser (org.codice.ddf.parser.xml.XmlParser)9
X509Certificate (java.security.cert.X509Certificate)5
HashSet (java.util.HashSet)5
X500Principal (javax.security.auth.x500.X500Principal)5
JAXBContext (javax.xml.bind.JAXBContext)5
JAXBException (javax.xml.bind.JAXBException)5
Unmarshaller (javax.xml.bind.Unmarshaller)5
JAXBContextCache (org.apache.cxf.common.jaxb.JAXBContextCache)5
WSSecurityException (org.apache.wss4j.common.ext.WSSecurityException)5
RequestData (org.apache.wss4j.dom.handler.RequestData)5
Credential (org.apache.wss4j.dom.validate.Credential)5
JAASUsernameTokenValidator (org.apache.wss4j.dom.validate.JAASUsernameTokenValidator)5
Collection (java.util.Collection)4
