Search in sources :

Example 1 with Book

use of org.apache.cxf.systest.jaxrs.security.Book in project cxf by apache.

the class JAXRSXmlSecTest method testUnsignedServerResponse.

@Test
public void testUnsignedServerResponse() throws Exception {
    if (STAX_PORT.equals(test.port)) {
        // We are only testing the client here
        return;
    }
    String address = "https://localhost:" + test.port + "/xmlnosigresponse/bookstore/books";
    JAXRSClientFactoryBean bean = new JAXRSClientFactoryBean();
    bean.setAddress(address);
    SpringBusFactory bf = new SpringBusFactory();
    URL busFile = JAXRSXmlSecTest.class.getResource("client.xml");
    Bus springBus = bf.createBus(busFile.toString());
    bean.setBus(springBus);
    Map<String, Object> properties = new HashMap<>();
    properties.put(SecurityConstants.CALLBACK_HANDLER, "org.apache.cxf.systest.jaxrs.security.saml.KeystorePasswordCallback");
    properties.put(SecurityConstants.SIGNATURE_USERNAME, "alice");
    properties.put(SecurityConstants.SIGNATURE_PROPERTIES, "org/apache/cxf/systest/jaxrs/security/alice.properties");
    bean.setProperties(properties);
    if (test.streaming) {
        XmlSecOutInterceptor sigOutInterceptor = new XmlSecOutInterceptor();
        sigOutInterceptor.setSignRequest(true);
        bean.getOutInterceptors().add(sigOutInterceptor);
        XmlSecInInterceptor sigInInterceptor = new XmlSecInInterceptor();
        sigInInterceptor.setRequireSignature(true);
        bean.setProvider(sigInInterceptor);
    } else {
        XmlSigOutInterceptor sigOutInterceptor = new XmlSigOutInterceptor();
        bean.getOutInterceptors().add(sigOutInterceptor);
        XmlSigInInterceptor sigInInterceptor = new XmlSigInInterceptor();
        bean.getInInterceptors().add(sigInInterceptor);
    }
    WebClient wc = bean.createWebClient();
    WebClient.getConfig(wc).getHttpConduit().getClient().setReceiveTimeout(10000000L);
    try {
        wc.type("application/xml").post(new Book("CXF", 126L), Book.class);
        fail("Failure expected on an unsigned response message");
    } catch (ProcessingException ex) {
        assertTrue(ex.getCause() instanceof BadRequestException);
    }
}
Also used : Bus(org.apache.cxf.Bus) XmlSigOutInterceptor(org.apache.cxf.rs.security.xml.XmlSigOutInterceptor) JAXRSClientFactoryBean(org.apache.cxf.jaxrs.client.JAXRSClientFactoryBean) HashMap(java.util.HashMap) XmlSecInInterceptor(org.apache.cxf.rs.security.xml.XmlSecInInterceptor) XmlSecOutInterceptor(org.apache.cxf.rs.security.xml.XmlSecOutInterceptor) WebClient(org.apache.cxf.jaxrs.client.WebClient) URL(java.net.URL) XmlSigInInterceptor(org.apache.cxf.rs.security.xml.XmlSigInInterceptor) SpringBusFactory(org.apache.cxf.bus.spring.SpringBusFactory) Book(org.apache.cxf.systest.jaxrs.security.Book) BadRequestException(javax.ws.rs.BadRequestException) ProcessingException(javax.ws.rs.ProcessingException) Test(org.junit.Test)

Example 2 with Book

use of org.apache.cxf.systest.jaxrs.security.Book in project cxf by apache.

the class JAXRSXmlSecTest method testPostBookWithEnvelopedSigKeyName.

@Test
public void testPostBookWithEnvelopedSigKeyName() throws Exception {
    // This test only applies to StAX - see CXF-7084
    if (!test.streaming || !STAX_PORT.equals(test.port)) {
        return;
    }
    String address = "https://localhost:" + test.port + "/xmlsigkeyname/bookstore/books";
    JAXRSClientFactoryBean bean = new JAXRSClientFactoryBean();
    bean.setAddress(address);
    SpringBusFactory bf = new SpringBusFactory();
    URL busFile = JAXRSXmlSecTest.class.getResource("client.xml");
    Bus springBus = bf.createBus(busFile.toString());
    bean.setBus(springBus);
    Map<String, Object> properties = new HashMap<>();
    properties.put(SecurityConstants.CALLBACK_HANDLER, "org.apache.cxf.systest.jaxrs.security.saml.KeystorePasswordCallback");
    properties.put(SecurityConstants.SIGNATURE_USERNAME, "alice");
    properties.put(SecurityConstants.SIGNATURE_PROPERTIES, "org/apache/cxf/systest/jaxrs/security/alice.properties");
    bean.setProperties(properties);
    XmlSecOutInterceptor sigOutInterceptor = new XmlSecOutInterceptor();
    sigOutInterceptor.setSignRequest(true);
    sigOutInterceptor.setKeyInfoMustBeAvailable(true);
    SignatureProperties sigProps = new SignatureProperties();
    sigProps.setSignatureKeyName("alice-kn");
    sigProps.setSignatureKeyIdType("KeyName");
    sigOutInterceptor.setSignatureProperties(sigProps);
    bean.getOutInterceptors().add(sigOutInterceptor);
    XmlSecInInterceptor sigInInterceptor = new XmlSecInInterceptor();
    sigInInterceptor.setRequireSignature(true);
    bean.setProvider(sigInInterceptor);
    WebClient wc = bean.createWebClient();
    WebClient.getConfig(wc).getHttpConduit().getClient().setReceiveTimeout(10000000L);
    Book book = wc.type("application/xml").post(new Book("CXF", 126L), Book.class);
    assertEquals(126L, book.getId());
}
Also used : Bus(org.apache.cxf.Bus) JAXRSClientFactoryBean(org.apache.cxf.jaxrs.client.JAXRSClientFactoryBean) HashMap(java.util.HashMap) XmlSecInInterceptor(org.apache.cxf.rs.security.xml.XmlSecInInterceptor) XmlSecOutInterceptor(org.apache.cxf.rs.security.xml.XmlSecOutInterceptor) WebClient(org.apache.cxf.jaxrs.client.WebClient) URL(java.net.URL) SpringBusFactory(org.apache.cxf.bus.spring.SpringBusFactory) Book(org.apache.cxf.systest.jaxrs.security.Book) SignatureProperties(org.apache.cxf.rs.security.xml.SignatureProperties) Test(org.junit.Test)

Example 3 with Book

use of org.apache.cxf.systest.jaxrs.security.Book in project cxf by apache.

the class JAXRSXmlSecTest method testEncryptionNoSignature.

@Test
public void testEncryptionNoSignature() throws Exception {
    if (test.streaming) {
        // Only testing the endpoints, not the clients here
        return;
    }
    String address = "https://localhost:" + test.port + "/xmlsec-validate";
    JAXRSClientFactoryBean bean = new JAXRSClientFactoryBean();
    bean.setAddress(address);
    SpringBusFactory bf = new SpringBusFactory();
    URL busFile = JAXRSXmlSecTest.class.getResource("client.xml");
    Bus springBus = bf.createBus(busFile.toString());
    bean.setBus(springBus);
    Map<String, Object> properties = new HashMap<>();
    properties.put(SecurityConstants.CALLBACK_HANDLER, "org.apache.cxf.systest.jaxrs.security.saml.KeystorePasswordCallback");
    properties.put(SecurityConstants.ENCRYPT_USERNAME, "bob");
    properties.put(SecurityConstants.ENCRYPT_PROPERTIES, "org/apache/cxf/systest/jaxrs/security/bob.properties");
    properties.put(SecurityConstants.SIGNATURE_PROPERTIES, "org/apache/cxf/systest/jaxrs/security/alice.properties");
    bean.setProperties(properties);
    XmlEncOutInterceptor encInterceptor = new XmlEncOutInterceptor();
    encInterceptor.setKeyIdentifierType(RSSecurityUtils.X509_CERT);
    encInterceptor.setSymmetricEncAlgorithm(XMLCipher.AES_128);
    bean.getOutInterceptors().add(encInterceptor);
    bean.getInInterceptors().add(new XmlEncInInterceptor());
    bean.getInInterceptors().add(new XmlSigInInterceptor());
    bean.setServiceClass(BookStore.class);
    BookStore store = bean.create(BookStore.class);
    try {
        store.addBook(new Book("CXF", 126L));
        fail("Failure expected on no Signature");
    } catch (WebApplicationException ex) {
    // expected
    }
}
Also used : Bus(org.apache.cxf.Bus) BookStore(org.apache.cxf.systest.jaxrs.security.BookStore) JAXRSClientFactoryBean(org.apache.cxf.jaxrs.client.JAXRSClientFactoryBean) WebApplicationException(javax.ws.rs.WebApplicationException) HashMap(java.util.HashMap) XmlEncOutInterceptor(org.apache.cxf.rs.security.xml.XmlEncOutInterceptor) URL(java.net.URL) XmlSigInInterceptor(org.apache.cxf.rs.security.xml.XmlSigInInterceptor) SpringBusFactory(org.apache.cxf.bus.spring.SpringBusFactory) Book(org.apache.cxf.systest.jaxrs.security.Book) XmlEncInInterceptor(org.apache.cxf.rs.security.xml.XmlEncInInterceptor) Test(org.junit.Test)

Example 4 with Book

use of org.apache.cxf.systest.jaxrs.security.Book in project cxf by apache.

the class JAXRSXmlSecTest method testSignatureNoEncryption.

@Test
public void testSignatureNoEncryption() throws Exception {
    if (test.streaming) {
        // Only testing the endpoints, not the clients here
        return;
    }
    String address = "https://localhost:" + test.port + "/xmlsec-validate";
    JAXRSClientFactoryBean bean = new JAXRSClientFactoryBean();
    bean.setAddress(address);
    SpringBusFactory bf = new SpringBusFactory();
    URL busFile = JAXRSXmlSecTest.class.getResource("client.xml");
    Bus springBus = bf.createBus(busFile.toString());
    bean.setBus(springBus);
    Map<String, Object> properties = new HashMap<>();
    properties.put(SecurityConstants.CALLBACK_HANDLER, "org.apache.cxf.systest.jaxrs.security.saml.KeystorePasswordCallback");
    properties.put(SecurityConstants.ENCRYPT_USERNAME, "bob");
    properties.put(SecurityConstants.ENCRYPT_PROPERTIES, "org/apache/cxf/systest/jaxrs/security/bob.properties");
    properties.put(SecurityConstants.SIGNATURE_PROPERTIES, "org/apache/cxf/systest/jaxrs/security/alice.properties");
    bean.setProperties(properties);
    XmlSigOutInterceptor sigInterceptor = new XmlSigOutInterceptor();
    bean.getOutInterceptors().add(sigInterceptor);
    bean.getInInterceptors().add(new XmlEncInInterceptor());
    bean.getInInterceptors().add(new XmlSigInInterceptor());
    bean.setServiceClass(BookStore.class);
    BookStore store = bean.create(BookStore.class);
    try {
        store.addBook(new Book("CXF", 126L));
        fail("Failure expected on no Encryption");
    } catch (WebApplicationException ex) {
    // expected
    }
}
Also used : Bus(org.apache.cxf.Bus) BookStore(org.apache.cxf.systest.jaxrs.security.BookStore) XmlSigOutInterceptor(org.apache.cxf.rs.security.xml.XmlSigOutInterceptor) JAXRSClientFactoryBean(org.apache.cxf.jaxrs.client.JAXRSClientFactoryBean) WebApplicationException(javax.ws.rs.WebApplicationException) HashMap(java.util.HashMap) URL(java.net.URL) XmlSigInInterceptor(org.apache.cxf.rs.security.xml.XmlSigInInterceptor) SpringBusFactory(org.apache.cxf.bus.spring.SpringBusFactory) Book(org.apache.cxf.systest.jaxrs.security.Book) XmlEncInInterceptor(org.apache.cxf.rs.security.xml.XmlEncInInterceptor) Test(org.junit.Test)

Example 5 with Book

use of org.apache.cxf.systest.jaxrs.security.Book in project cxf by apache.

the class JAXRSSamlAuthorizationTest method testPostBookAdminRole.

@Test
public void testPostBookAdminRole() throws Exception {
    String address = "https://localhost:" + PORT + "/saml-roles/bookstore/books";
    WebClient wc = createWebClient(address, Collections.<String, Object>singletonMap("saml.roles", Collections.singletonList("admin")));
    wc.type(MediaType.APPLICATION_XML).accept(MediaType.APPLICATION_XML);
    Book book = wc.post(new Book("CXF", 125L), Book.class);
    assertEquals(125L, book.getId());
}
Also used : Book(org.apache.cxf.systest.jaxrs.security.Book) WebClient(org.apache.cxf.jaxrs.client.WebClient) Test(org.junit.Test)

Aggregations

Book (org.apache.cxf.systest.jaxrs.security.Book)164 WebClient (org.apache.cxf.jaxrs.client.WebClient)144 URL (java.net.URL)121 Response (javax.ws.rs.core.Response)120 HashMap (java.util.HashMap)96 ArrayList (java.util.ArrayList)77 JacksonJsonProvider (com.fasterxml.jackson.jaxrs.json.JacksonJsonProvider)76 Test (org.junit.Test)74 JwtClaims (org.apache.cxf.rs.security.jose.jwt.JwtClaims)41 JwtAuthenticationClientFilter (org.apache.cxf.rs.security.jose.jaxrs.JwtAuthenticationClientFilter)39 JwtToken (org.apache.cxf.rs.security.jose.jwt.JwtToken)35 KeyStore (java.security.KeyStore)30 PrivateKey (java.security.PrivateKey)30 MessageSigner (org.apache.cxf.rs.security.httpsignature.MessageSigner)30 CreateSignatureInterceptor (org.apache.cxf.rs.security.httpsignature.filters.CreateSignatureInterceptor)27 JwsWriterInterceptor (org.apache.cxf.rs.security.jose.jaxrs.JwsWriterInterceptor)17 WebApplicationException (javax.ws.rs.WebApplicationException)15 JweWriterInterceptor (org.apache.cxf.rs.security.jose.jaxrs.JweWriterInterceptor)15 BookStore (org.apache.cxf.systest.jaxrs.security.jose.BookStore)15 Bus (org.apache.cxf.Bus)13