use of org.apache.cxf.systest.jaxrs.security.oauth2.common.SamlCallbackHandler in project cxf by apache.
the class JAXRSOAuth2Test method testSAMLHolderOfKey.
@Test
public void testSAMLHolderOfKey() throws Exception {
String address = "https://localhost:" + PORT + "/oauth2-auth/token";
WebClient wc = createWebClient(address);
String audienceURI = "https://localhost:" + PORT + "/oauth2-auth/token";
// Create the SAML Assertion
SamlCallbackHandler samlCallbackHandler = new SamlCallbackHandler(true);
samlCallbackHandler.setConfirmationMethod(SAML2Constants.CONF_HOLDER_KEY);
samlCallbackHandler.setSubjectName("alice");
samlCallbackHandler.setAudience(audienceURI);
SAMLCallback samlCallback = new SAMLCallback();
SAMLUtil.doSAMLCallback(samlCallbackHandler, samlCallback);
SamlAssertionWrapper samlAssertion = new SamlAssertionWrapper(samlCallback);
if (samlCallback.isSignAssertion()) {
samlAssertion.signAssertion(samlCallback.getIssuerKeyName(), samlCallback.getIssuerKeyPassword(), samlCallback.getIssuerCrypto(), samlCallback.isSendKeyValue(), samlCallback.getCanonicalizationAlgorithm(), samlCallback.getSignatureAlgorithm());
}
String assertion = samlAssertion.assertionToString();
String encodedAssertion = Base64UrlUtility.encode(assertion);
Map<String, String> extraParams = new HashMap<>();
extraParams.put(Constants.CLIENT_AUTH_ASSERTION_TYPE, Constants.CLIENT_AUTH_SAML2_BEARER);
extraParams.put(Constants.CLIENT_AUTH_ASSERTION_PARAM, encodedAssertion);
try {
OAuthClientUtils.getAccessToken(wc, new CustomGrant(), extraParams);
fail("Failure expected on a bad subject confirmation method");
} catch (OAuthServiceException ex) {
// expected
}
}
use of org.apache.cxf.systest.jaxrs.security.oauth2.common.SamlCallbackHandler in project cxf by apache.
the class JAXRSOAuth2Test method createWebClientWithProps.
private WebClient createWebClientWithProps(String address) {
JAXRSClientFactoryBean bean = new JAXRSClientFactoryBean();
bean.setAddress(address);
SpringBusFactory bf = new SpringBusFactory();
URL busFile = JAXRSOAuth2Test.class.getResource("client.xml");
Bus springBus = bf.createBus(busFile.toString());
bean.setBus(springBus);
Map<String, Object> properties = new HashMap<>();
properties.put(SecurityConstants.CALLBACK_HANDLER, "org.apache.cxf.systest.jaxrs.security.saml.KeystorePasswordCallback");
SamlCallbackHandler samlCallbackHandler = new SamlCallbackHandler(true);
samlCallbackHandler.setIssuer("alice");
String audienceURI = "https://localhost:" + PORT + "/oauth2-auth/token";
samlCallbackHandler.setAudience(audienceURI);
properties.put(SecurityConstants.SAML_CALLBACK_HANDLER, samlCallbackHandler);
properties.put(SecurityConstants.SIGNATURE_USERNAME, "alice");
properties.put(SecurityConstants.SIGNATURE_PROPERTIES, CRYPTO_RESOURCE_PROPERTIES);
bean.setProperties(properties);
bean.getOutInterceptors().add(new Saml2BearerAuthOutInterceptor());
WebClient wc = bean.createWebClient();
wc.type(MediaType.APPLICATION_FORM_URLENCODED).accept(MediaType.APPLICATION_JSON);
return wc;
}
Aggregations