Search in sources :

Example 6 with SamlCallbackHandler

use of org.apache.cxf.systest.jaxrs.security.oauth2.common.SamlCallbackHandler in project cxf by apache.

the class JAXRSOAuth2Test method testSAMLHolderOfKey.

@Test
public void testSAMLHolderOfKey() throws Exception {
    String address = "https://localhost:" + PORT + "/oauth2-auth/token";
    WebClient wc = createWebClient(address);
    String audienceURI = "https://localhost:" + PORT + "/oauth2-auth/token";
    // Create the SAML Assertion
    SamlCallbackHandler samlCallbackHandler = new SamlCallbackHandler(true);
    samlCallbackHandler.setConfirmationMethod(SAML2Constants.CONF_HOLDER_KEY);
    samlCallbackHandler.setSubjectName("alice");
    samlCallbackHandler.setAudience(audienceURI);
    SAMLCallback samlCallback = new SAMLCallback();
    SAMLUtil.doSAMLCallback(samlCallbackHandler, samlCallback);
    SamlAssertionWrapper samlAssertion = new SamlAssertionWrapper(samlCallback);
    if (samlCallback.isSignAssertion()) {
        samlAssertion.signAssertion(samlCallback.getIssuerKeyName(), samlCallback.getIssuerKeyPassword(), samlCallback.getIssuerCrypto(), samlCallback.isSendKeyValue(), samlCallback.getCanonicalizationAlgorithm(), samlCallback.getSignatureAlgorithm());
    }
    String assertion = samlAssertion.assertionToString();
    String encodedAssertion = Base64UrlUtility.encode(assertion);
    Map<String, String> extraParams = new HashMap<>();
    extraParams.put(Constants.CLIENT_AUTH_ASSERTION_TYPE, Constants.CLIENT_AUTH_SAML2_BEARER);
    extraParams.put(Constants.CLIENT_AUTH_ASSERTION_PARAM, encodedAssertion);
    try {
        OAuthClientUtils.getAccessToken(wc, new CustomGrant(), extraParams);
        fail("Failure expected on a bad subject confirmation method");
    } catch (OAuthServiceException ex) {
    // expected
    }
}
Also used : SamlCallbackHandler(org.apache.cxf.systest.jaxrs.security.oauth2.common.SamlCallbackHandler) HashMap(java.util.HashMap) OAuthServiceException(org.apache.cxf.rs.security.oauth2.provider.OAuthServiceException) SamlAssertionWrapper(org.apache.wss4j.common.saml.SamlAssertionWrapper) SAMLCallback(org.apache.wss4j.common.saml.SAMLCallback) WebClient(org.apache.cxf.jaxrs.client.WebClient) Test(org.junit.Test)

Example 7 with SamlCallbackHandler

use of org.apache.cxf.systest.jaxrs.security.oauth2.common.SamlCallbackHandler in project cxf by apache.

the class JAXRSOAuth2Test method createWebClientWithProps.

private WebClient createWebClientWithProps(String address) {
    JAXRSClientFactoryBean bean = new JAXRSClientFactoryBean();
    bean.setAddress(address);
    SpringBusFactory bf = new SpringBusFactory();
    URL busFile = JAXRSOAuth2Test.class.getResource("client.xml");
    Bus springBus = bf.createBus(busFile.toString());
    bean.setBus(springBus);
    Map<String, Object> properties = new HashMap<>();
    properties.put(SecurityConstants.CALLBACK_HANDLER, "org.apache.cxf.systest.jaxrs.security.saml.KeystorePasswordCallback");
    SamlCallbackHandler samlCallbackHandler = new SamlCallbackHandler(true);
    samlCallbackHandler.setIssuer("alice");
    String audienceURI = "https://localhost:" + PORT + "/oauth2-auth/token";
    samlCallbackHandler.setAudience(audienceURI);
    properties.put(SecurityConstants.SAML_CALLBACK_HANDLER, samlCallbackHandler);
    properties.put(SecurityConstants.SIGNATURE_USERNAME, "alice");
    properties.put(SecurityConstants.SIGNATURE_PROPERTIES, CRYPTO_RESOURCE_PROPERTIES);
    bean.setProperties(properties);
    bean.getOutInterceptors().add(new Saml2BearerAuthOutInterceptor());
    WebClient wc = bean.createWebClient();
    wc.type(MediaType.APPLICATION_FORM_URLENCODED).accept(MediaType.APPLICATION_JSON);
    return wc;
}
Also used : Bus(org.apache.cxf.Bus) SamlCallbackHandler(org.apache.cxf.systest.jaxrs.security.oauth2.common.SamlCallbackHandler) SpringBusFactory(org.apache.cxf.bus.spring.SpringBusFactory) JAXRSClientFactoryBean(org.apache.cxf.jaxrs.client.JAXRSClientFactoryBean) HashMap(java.util.HashMap) WebClient(org.apache.cxf.jaxrs.client.WebClient) URL(java.net.URL) Saml2BearerAuthOutInterceptor(org.apache.cxf.rs.security.oauth2.auth.saml.Saml2BearerAuthOutInterceptor)

Aggregations

WebClient (org.apache.cxf.jaxrs.client.WebClient)7 SamlCallbackHandler (org.apache.cxf.systest.jaxrs.security.oauth2.common.SamlCallbackHandler)7 SamlAssertionWrapper (org.apache.wss4j.common.saml.SamlAssertionWrapper)6 HashMap (java.util.HashMap)4 SAMLCallback (org.apache.wss4j.common.saml.SAMLCallback)4 Test (org.junit.Test)4 URL (java.net.URL)3 ResponseProcessingException (javax.ws.rs.client.ResponseProcessingException)2 Form (javax.ws.rs.core.Form)2 Response (javax.ws.rs.core.Response)2 CryptoLoader (org.apache.cxf.rs.security.common.CryptoLoader)2 ClientAccessToken (org.apache.cxf.rs.security.oauth2.common.ClientAccessToken)2 OAuthServiceException (org.apache.cxf.rs.security.oauth2.provider.OAuthServiceException)2 SelfSignInfo (org.apache.cxf.rs.security.saml.SAMLUtils.SelfSignInfo)2 Crypto (org.apache.wss4j.common.crypto.Crypto)2 Document (org.w3c.dom.Document)2 Element (org.w3c.dom.Element)2 Bus (org.apache.cxf.Bus)1 SpringBusFactory (org.apache.cxf.bus.spring.SpringBusFactory)1 JAXRSClientFactoryBean (org.apache.cxf.jaxrs.client.JAXRSClientFactoryBean)1