Example 1 with CancelTargetType
use of org.apache.cxf.ws.security.sts.provider.model.CancelTargetType in project cxf by apache.
the class CancelSCTUnitTest method testCancelSCT.
/**
* Test to successfully cancel a SecurityContextToken
*/
@org.junit.Test
public void testCancelSCT() throws Exception {
TokenCancelOperation cancelOperation = new TokenCancelOperation();
cancelOperation.setTokenStore(tokenStore);
// Add Token Canceller
List<TokenCanceller> cancellerList = new ArrayList<>();
TokenCanceller sctCanceller = new SCTCanceller();
sctCanceller.setVerifyProofOfPossession(false);
cancellerList.add(sctCanceller);
cancelOperation.setTokenCancellers(cancellerList);
// Add STSProperties object
STSPropertiesMBean stsProperties = new StaticSTSProperties();
Crypto crypto = CryptoFactory.getInstance(getEncryptionProperties());
stsProperties.setEncryptionCrypto(crypto);
stsProperties.setSignatureCrypto(crypto);
stsProperties.setEncryptionUsername("myservicekey");
stsProperties.setSignatureUsername("mystskey");
stsProperties.setCallbackHandler(new PasswordCallbackHandler());
stsProperties.setIssuer("STS");
cancelOperation.setStsProperties(stsProperties);
// Get a SecurityContextToken via the SCTProvider
TokenProviderResponse providerResponse = createSCT();
Element sct = (Element) providerResponse.getToken();
CancelTargetType cancelTarget = new CancelTargetType();
cancelTarget.setAny(sct);
// Mock up a request
JAXBElement<CancelTargetType> cancelTargetType = new JAXBElement<CancelTargetType>(QNameConstants.CANCEL_TARGET, CancelTargetType.class, cancelTarget);
RequestSecurityTokenType request = new RequestSecurityTokenType();
request.getAny().add(cancelTargetType);
// Mock up message context
MessageImpl msg = new MessageImpl();
WrappedMessageContext msgCtx = new WrappedMessageContext(msg);
Principal principal = new CustomTokenPrincipal("alice");
msgCtx.put(SecurityContext.class.getName(), createSecurityContext(principal));
// Cancel a token
RequestSecurityTokenResponseType response = cancelOperation.cancel(request, principal, msgCtx);
assertTrue(validateResponse(response));
// Now try to cancel again
try {
cancelOperation.cancel(request, principal, msgCtx);
} catch (STSException ex) {
// expected
}
}
Also used :
JAXBElement(javax.xml.bind.JAXBElement)
Element(org.w3c.dom.Element)
RequestSecurityTokenType(org.apache.cxf.ws.security.sts.provider.model.RequestSecurityTokenType)
ArrayList(java.util.ArrayList)
CancelTargetType(org.apache.cxf.ws.security.sts.provider.model.CancelTargetType)
STSException(org.apache.cxf.ws.security.sts.provider.STSException)
RequestSecurityTokenResponseType(org.apache.cxf.ws.security.sts.provider.model.RequestSecurityTokenResponseType)
StaticSTSProperties(org.apache.cxf.sts.StaticSTSProperties)
JAXBElement(javax.xml.bind.JAXBElement)
CustomTokenPrincipal(org.apache.wss4j.common.principal.CustomTokenPrincipal)
Crypto(org.apache.wss4j.common.crypto.Crypto)
STSPropertiesMBean(org.apache.cxf.sts.STSPropertiesMBean)
WrappedMessageContext(org.apache.cxf.jaxws.context.WrappedMessageContext)
SecurityContext(org.apache.cxf.security.SecurityContext)
PasswordCallbackHandler(org.apache.cxf.sts.common.PasswordCallbackHandler)
TokenProviderResponse(org.apache.cxf.sts.token.provider.TokenProviderResponse)
SCTCanceller(org.apache.cxf.sts.token.canceller.SCTCanceller)
MessageImpl(org.apache.cxf.message.MessageImpl)
CustomTokenPrincipal(org.apache.wss4j.common.principal.CustomTokenPrincipal)
Principal(java.security.Principal)
TokenCanceller(org.apache.cxf.sts.token.canceller.TokenCanceller)
Example 2 with CancelTargetType
use of org.apache.cxf.ws.security.sts.provider.model.CancelTargetType in project cxf by apache.
the class RequestParser method parseTokenRequirements.
/**
* Parse the Token requirements into the TokenRequirements argument.
*/
private static boolean parseTokenRequirements(JAXBElement<?> jaxbElement, TokenRequirements tokenRequirements, Map<String, Object> messageContext, List<ClaimsParser> claimsParsers) {
if (QNameConstants.TOKEN_TYPE.equals(jaxbElement.getName())) {
String tokenType = (String) jaxbElement.getValue();
tokenRequirements.setTokenType(tokenType);
} else if (QNameConstants.ON_BEHALF_OF.equals(jaxbElement.getName())) {
OnBehalfOfType onBehalfOfType = (OnBehalfOfType) jaxbElement.getValue();
ReceivedToken onBehalfOf = new ReceivedToken(onBehalfOfType.getAny());
tokenRequirements.setOnBehalfOf(onBehalfOf);
} else if (QNameConstants.ACT_AS.equals(jaxbElement.getName())) {
ActAsType actAsType = (ActAsType) jaxbElement.getValue();
ReceivedToken actAs = new ReceivedToken(actAsType.getAny());
tokenRequirements.setActAs(actAs);
} else if (QNameConstants.LIFETIME.equals(jaxbElement.getName())) {
LifetimeType lifetimeType = (LifetimeType) jaxbElement.getValue();
Lifetime lifetime = new Lifetime();
if (lifetimeType.getCreated() != null) {
lifetime.setCreated(lifetimeType.getCreated().getValue());
}
if (lifetimeType.getExpires() != null) {
lifetime.setExpires(lifetimeType.getExpires().getValue());
}
tokenRequirements.setLifetime(lifetime);
} else if (QNameConstants.VALIDATE_TARGET.equals(jaxbElement.getName())) {
ValidateTargetType validateTargetType = (ValidateTargetType) jaxbElement.getValue();
ReceivedToken validateTarget = new ReceivedToken(validateTargetType.getAny());
if (isTokenReferenced(validateTarget.getToken())) {
Element target = fetchTokenElementFromReference(validateTarget.getToken(), messageContext);
validateTarget = new ReceivedToken(target);
}
tokenRequirements.setValidateTarget(validateTarget);
} else if (QNameConstants.CANCEL_TARGET.equals(jaxbElement.getName())) {
CancelTargetType cancelTargetType = (CancelTargetType) jaxbElement.getValue();
ReceivedToken cancelTarget = new ReceivedToken(cancelTargetType.getAny());
if (isTokenReferenced(cancelTarget.getToken())) {
Element target = fetchTokenElementFromReference(cancelTarget.getToken(), messageContext);
cancelTarget = new ReceivedToken(target);
}
tokenRequirements.setCancelTarget(cancelTarget);
} else if (QNameConstants.RENEW_TARGET.equals(jaxbElement.getName())) {
RenewTargetType renewTargetType = (RenewTargetType) jaxbElement.getValue();
ReceivedToken renewTarget = new ReceivedToken(renewTargetType.getAny());
if (isTokenReferenced(renewTarget.getToken())) {
Element target = fetchTokenElementFromReference(renewTarget.getToken(), messageContext);
renewTarget = new ReceivedToken(target);
}
tokenRequirements.setRenewTarget(renewTarget);
} else if (QNameConstants.CLAIMS.equals(jaxbElement.getName())) {
ClaimsType claimsType = (ClaimsType) jaxbElement.getValue();
ClaimCollection requestedClaims = parseClaims(claimsType, claimsParsers);
tokenRequirements.setPrimaryClaims(requestedClaims);
} else if (QNameConstants.RENEWING.equals(jaxbElement.getName())) {
RenewingType renewingType = (RenewingType) jaxbElement.getValue();
Renewing renewing = new Renewing();
if (renewingType.isAllow() != null) {
renewing.setAllowRenewing(renewingType.isAllow());
}
if (renewingType.isOK() != null) {
renewing.setAllowRenewingAfterExpiry(renewingType.isOK());
}
tokenRequirements.setRenewing(renewing);
} else if (QNameConstants.PARTICIPANTS.equals(jaxbElement.getName())) {
ParticipantsType participantsType = (ParticipantsType) jaxbElement.getValue();
Participants participants = parseParticipants(participantsType);
tokenRequirements.setParticipants(participants);
} else {
return false;
}
return true;
}
Also used :
ClaimsType(org.apache.cxf.ws.security.sts.provider.model.ClaimsType)
JAXBElement(javax.xml.bind.JAXBElement)
Element(org.w3c.dom.Element)
CancelTargetType(org.apache.cxf.ws.security.sts.provider.model.CancelTargetType)
ActAsType(org.apache.cxf.ws.security.sts.provider.model.wstrust14.ActAsType)
OnBehalfOfType(org.apache.cxf.ws.security.sts.provider.model.OnBehalfOfType)
RenewTargetType(org.apache.cxf.ws.security.sts.provider.model.RenewTargetType)
LifetimeType(org.apache.cxf.ws.security.sts.provider.model.LifetimeType)
ValidateTargetType(org.apache.cxf.ws.security.sts.provider.model.ValidateTargetType)
ClaimCollection(org.apache.cxf.rt.security.claims.ClaimCollection)
RenewingType(org.apache.cxf.ws.security.sts.provider.model.RenewingType)
ParticipantsType(org.apache.cxf.ws.security.sts.provider.model.ParticipantsType)
Aggregations
JAXBElement (javax.xml.bind.JAXBElement)2
CancelTargetType (org.apache.cxf.ws.security.sts.provider.model.CancelTargetType)2
Element (org.w3c.dom.Element)2
Principal (java.security.Principal)1
ArrayList (java.util.ArrayList)1
WrappedMessageContext (org.apache.cxf.jaxws.context.WrappedMessageContext)1
MessageImpl (org.apache.cxf.message.MessageImpl)1
ClaimCollection (org.apache.cxf.rt.security.claims.ClaimCollection)1
SecurityContext (org.apache.cxf.security.SecurityContext)1
STSPropertiesMBean (org.apache.cxf.sts.STSPropertiesMBean)1
StaticSTSProperties (org.apache.cxf.sts.StaticSTSProperties)1
PasswordCallbackHandler (org.apache.cxf.sts.common.PasswordCallbackHandler)1
SCTCanceller (org.apache.cxf.sts.token.canceller.SCTCanceller)1
TokenCanceller (org.apache.cxf.sts.token.canceller.TokenCanceller)1
TokenProviderResponse (org.apache.cxf.sts.token.provider.TokenProviderResponse)1
STSException (org.apache.cxf.ws.security.sts.provider.STSException)1
ClaimsType (org.apache.cxf.ws.security.sts.provider.model.ClaimsType)1
LifetimeType (org.apache.cxf.ws.security.sts.provider.model.LifetimeType)1
OnBehalfOfType (org.apache.cxf.ws.security.sts.provider.model.OnBehalfOfType)1
ParticipantsType (org.apache.cxf.ws.security.sts.provider.model.ParticipantsType)1
