Search in sources :

Example 31 with RequestSecurityTokenResponseCollectionType

use of org.apache.cxf.ws.security.sts.provider.model.RequestSecurityTokenResponseCollectionType in project cxf by apache.

the class IssueUnitTest method testLifetime.

/**
 * Test to successfully issue a (dummy) token with a supplied lifetime. It only tests that
 * the lifetime can be successfully processed by the RequestParser for now.
 */
@org.junit.Test
public void testLifetime() throws Exception {
    TokenIssueOperation issueOperation = new TokenIssueOperation();
    // Add Token Provider
    List<TokenProvider> providerList = new ArrayList<>();
    providerList.add(new DummyTokenProvider());
    issueOperation.setTokenProviders(providerList);
    // Add Service
    ServiceMBean service = new StaticService();
    service.setEndpoints(Collections.singletonList("http://dummy-service.com/dummy"));
    issueOperation.setServices(Collections.singletonList(service));
    // Add STSProperties object
    STSPropertiesMBean stsProperties = new StaticSTSProperties();
    issueOperation.setStsProperties(stsProperties);
    // Mock up a request
    RequestSecurityTokenType request = new RequestSecurityTokenType();
    JAXBElement<String> tokenType = new JAXBElement<String>(QNameConstants.TOKEN_TYPE, String.class, DummyTokenProvider.TOKEN_TYPE);
    request.getAny().add(tokenType);
    request.getAny().add(createAppliesToElement("http://dummy-service.com/dummy"));
    LifetimeType lifetime = createLifetime(300L * 5L);
    JAXBElement<LifetimeType> lifetimeJaxb = new JAXBElement<LifetimeType>(QNameConstants.LIFETIME, LifetimeType.class, lifetime);
    request.getAny().add(lifetimeJaxb);
    // Mock up message context
    MessageImpl msg = new MessageImpl();
    WrappedMessageContext msgCtx = new WrappedMessageContext(msg);
    // Issue a token
    RequestSecurityTokenResponseCollectionType response = issueOperation.issue(request, null, msgCtx);
    List<RequestSecurityTokenResponseType> securityTokenResponse = response.getRequestSecurityTokenResponse();
    assertTrue(!securityTokenResponse.isEmpty());
}
Also used : ServiceMBean(org.apache.cxf.sts.service.ServiceMBean) RequestSecurityTokenType(org.apache.cxf.ws.security.sts.provider.model.RequestSecurityTokenType) ArrayList(java.util.ArrayList) RequestSecurityTokenResponseType(org.apache.cxf.ws.security.sts.provider.model.RequestSecurityTokenResponseType) StaticSTSProperties(org.apache.cxf.sts.StaticSTSProperties) JAXBElement(javax.xml.bind.JAXBElement) StaticService(org.apache.cxf.sts.service.StaticService) RequestSecurityTokenResponseCollectionType(org.apache.cxf.ws.security.sts.provider.model.RequestSecurityTokenResponseCollectionType) TokenProvider(org.apache.cxf.sts.token.provider.TokenProvider) STSPropertiesMBean(org.apache.cxf.sts.STSPropertiesMBean) LifetimeType(org.apache.cxf.ws.security.sts.provider.model.LifetimeType) WrappedMessageContext(org.apache.cxf.jaxws.context.WrappedMessageContext) MessageImpl(org.apache.cxf.message.MessageImpl)

Example 32 with RequestSecurityTokenResponseCollectionType

use of org.apache.cxf.ws.security.sts.provider.model.RequestSecurityTokenResponseCollectionType in project cxf by apache.

the class TokenRequestCollectionOperation method requestCollection.

public RequestSecurityTokenResponseCollectionType requestCollection(RequestSecurityTokenCollectionType requestCollection, Principal principal, Map<String, Object> messageContext) {
    RequestSecurityTokenResponseCollectionType responseCollection = QNameConstants.WS_TRUST_FACTORY.createRequestSecurityTokenResponseCollectionType();
    String requestType = null;
    for (RequestSecurityTokenType request : requestCollection.getRequestSecurityToken()) {
        List<?> objectList = request.getAny();
        for (Object o : objectList) {
            if (o instanceof JAXBElement) {
                QName qname = ((JAXBElement<?>) o).getName();
                if (qname.equals(new QName(STSConstants.WST_NS_05_12, "RequestType"))) {
                    String val = ((JAXBElement<?>) o).getValue().toString();
                    // All batch requests must have the same RequestType
                    if (val == null || (requestType != null && !requestType.equals(val))) {
                        LOG.log(Level.WARNING, "All RequestSecurityTokenCollection elements do not share the same" + "RequestType");
                        throw new STSException("Error in requesting a token", STSException.REQUEST_FAILED);
                    }
                    requestType = val;
                }
            }
        }
        RequestSecurityTokenResponseType response = handleRequest(request, principal, messageContext, requestType);
        responseCollection.getRequestSecurityTokenResponse().add(response);
    }
    return responseCollection;
}
Also used : QName(javax.xml.namespace.QName) RequestSecurityTokenType(org.apache.cxf.ws.security.sts.provider.model.RequestSecurityTokenType) STSException(org.apache.cxf.ws.security.sts.provider.STSException) RequestSecurityTokenResponseType(org.apache.cxf.ws.security.sts.provider.model.RequestSecurityTokenResponseType) JAXBElement(javax.xml.bind.JAXBElement) RequestSecurityTokenResponseCollectionType(org.apache.cxf.ws.security.sts.provider.model.RequestSecurityTokenResponseCollectionType)

Example 33 with RequestSecurityTokenResponseCollectionType

use of org.apache.cxf.ws.security.sts.provider.model.RequestSecurityTokenResponseCollectionType in project cxf by apache.

the class SecurityTokenServiceProvider method invoke.

public Source invoke(Source request) {
    Source response = null;
    try {
        Object obj = convertToJAXBObject(request);
        Object operationImpl = null;
        Method method = null;
        if (obj instanceof RequestSecurityTokenCollectionType) {
            operationImpl = operationMap.get(WSTRUST_REQUESTTYPE_REQUESTCOLLECTION);
            method = OPERATION_METHODS.get(WSTRUST_REQUESTTYPE_REQUESTCOLLECTION);
        } else {
            RequestSecurityTokenType rst = (RequestSecurityTokenType) obj;
            List<?> objectList = rst.getAny();
            for (Object o : objectList) {
                if (o instanceof JAXBElement) {
                    QName qname = ((JAXBElement<?>) o).getName();
                    if (qname.equals(new QName(WSTRUST_13_NAMESPACE, WSTRUST_REQUESTTYPE_ELEMENTNAME))) {
                        String val = ((JAXBElement<?>) o).getValue().toString();
                        operationImpl = operationMap.get(val);
                        method = OPERATION_METHODS.get(val);
                        break;
                    }
                }
            }
        }
        if (operationImpl == null || method == null) {
            throw new Exception("Implementation for this operation not found.");
        }
        obj = method.invoke(operationImpl, obj, context.getUserPrincipal(), context.getMessageContext());
        if (obj == null) {
            throw new Exception("Error in implementation class.");
        }
        if (obj instanceof RequestSecurityTokenResponseCollectionType) {
            RequestSecurityTokenResponseCollectionType tokenResponse = (RequestSecurityTokenResponseCollectionType) obj;
            response = new JAXBSource(jaxbContext, new ObjectFactory().createRequestSecurityTokenResponseCollection(tokenResponse));
        } else {
            RequestSecurityTokenResponseType tokenResponse = (RequestSecurityTokenResponseType) obj;
            response = new JAXBSource(jaxbContext, new ObjectFactory().createRequestSecurityTokenResponse(tokenResponse));
        }
    } catch (InvocationTargetException ex) {
        Throwable cause = ex.getCause();
        throw createSOAPFault(cause);
    } catch (Exception ex) {
        throw createSOAPFault(ex);
    }
    return response;
}
Also used : QName(javax.xml.namespace.QName) RequestSecurityTokenType(org.apache.cxf.ws.security.sts.provider.model.RequestSecurityTokenType) RequestSecurityTokenResponseType(org.apache.cxf.ws.security.sts.provider.model.RequestSecurityTokenResponseType) Method(java.lang.reflect.Method) RequestSecurityTokenCollectionType(org.apache.cxf.ws.security.sts.provider.model.RequestSecurityTokenCollectionType) JAXBElement(javax.xml.bind.JAXBElement) RequestSecurityTokenResponseCollectionType(org.apache.cxf.ws.security.sts.provider.model.RequestSecurityTokenResponseCollectionType) Source(javax.xml.transform.Source) JAXBSource(javax.xml.bind.util.JAXBSource) InvocationTargetException(java.lang.reflect.InvocationTargetException) JAXBSource(javax.xml.bind.util.JAXBSource) InvocationTargetException(java.lang.reflect.InvocationTargetException) ObjectFactory(org.apache.cxf.ws.security.sts.provider.model.ObjectFactory)

Example 34 with RequestSecurityTokenResponseCollectionType

use of org.apache.cxf.ws.security.sts.provider.model.RequestSecurityTokenResponseCollectionType in project cxf by apache.

the class IssueEncryptedUnitTest method testEncryptionName.

/**
 * Test for various options relating to specifying a name for encryption
 */
@org.junit.Test
public void testEncryptionName() throws Exception {
    TokenIssueOperation issueOperation = new TokenIssueOperation();
    issueOperation.setEncryptIssuedToken(true);
    // Add Token Provider
    List<TokenProvider> providerList = new ArrayList<>();
    providerList.add(new DummyTokenProvider());
    issueOperation.setTokenProviders(providerList);
    // Add Service
    ServiceMBean service = new StaticService();
    service.setEndpoints(Collections.singletonList("http://dummy-service.com/dummy"));
    EncryptionProperties encryptionProperties = new EncryptionProperties();
    if (!unrestrictedPoliciesInstalled) {
        encryptionProperties.setEncryptionAlgorithm(WSS4JConstants.AES_128);
    }
    service.setEncryptionProperties(encryptionProperties);
    issueOperation.setServices(Collections.singletonList(service));
    // Add STSProperties object
    StaticSTSProperties stsProperties = new StaticSTSProperties();
    Crypto encryptionCrypto = CryptoFactory.getInstance(getEncryptionProperties());
    stsProperties.setEncryptionCrypto(encryptionCrypto);
    stsProperties.setCallbackHandler(new PasswordCallbackHandler());
    issueOperation.setStsProperties(stsProperties);
    // Mock up a request
    RequestSecurityTokenType request = new RequestSecurityTokenType();
    JAXBElement<String> tokenType = new JAXBElement<String>(QNameConstants.TOKEN_TYPE, String.class, DummyTokenProvider.TOKEN_TYPE);
    request.getAny().add(tokenType);
    request.getAny().add(createAppliesToElement("http://dummy-service.com/dummy"));
    // Mock up message context
    MessageImpl msg = new MessageImpl();
    WrappedMessageContext msgCtx = new WrappedMessageContext(msg);
    // Issue a token - as no encryption name has been specified the token will not be encrypted
    RequestSecurityTokenResponseCollectionType response = issueOperation.issue(request, null, msgCtx);
    List<RequestSecurityTokenResponseType> securityTokenResponse = response.getRequestSecurityTokenResponse();
    assertTrue(!securityTokenResponse.isEmpty());
    encryptionProperties.setEncryptionName("myservicekey");
    service.setEncryptionProperties(encryptionProperties);
    // Issue a (encrypted) token
    response = issueOperation.issue(request, null, msgCtx);
    securityTokenResponse = response.getRequestSecurityTokenResponse();
    assertTrue(!securityTokenResponse.isEmpty());
}
Also used : ServiceMBean(org.apache.cxf.sts.service.ServiceMBean) RequestSecurityTokenType(org.apache.cxf.ws.security.sts.provider.model.RequestSecurityTokenType) ArrayList(java.util.ArrayList) EncryptionProperties(org.apache.cxf.sts.service.EncryptionProperties) RequestSecurityTokenResponseType(org.apache.cxf.ws.security.sts.provider.model.RequestSecurityTokenResponseType) StaticSTSProperties(org.apache.cxf.sts.StaticSTSProperties) JAXBElement(javax.xml.bind.JAXBElement) StaticService(org.apache.cxf.sts.service.StaticService) RequestSecurityTokenResponseCollectionType(org.apache.cxf.ws.security.sts.provider.model.RequestSecurityTokenResponseCollectionType) TokenProvider(org.apache.cxf.sts.token.provider.TokenProvider) Crypto(org.apache.wss4j.common.crypto.Crypto) WrappedMessageContext(org.apache.cxf.jaxws.context.WrappedMessageContext) PasswordCallbackHandler(org.apache.cxf.sts.common.PasswordCallbackHandler) MessageImpl(org.apache.cxf.message.MessageImpl)

Example 35 with RequestSecurityTokenResponseCollectionType

use of org.apache.cxf.ws.security.sts.provider.model.RequestSecurityTokenResponseCollectionType in project cxf by apache.

the class IssueEncryptedUnitTest method testConfiguredKeyIdentifiers.

/**
 * Test for various options relating to configuring a KeyIdentifier
 */
@org.junit.Test
public void testConfiguredKeyIdentifiers() throws Exception {
    TokenIssueOperation issueOperation = new TokenIssueOperation();
    issueOperation.setEncryptIssuedToken(true);
    // Add Token Provider
    List<TokenProvider> providerList = new ArrayList<>();
    providerList.add(new DummyTokenProvider());
    issueOperation.setTokenProviders(providerList);
    // Add Service
    ServiceMBean service = new StaticService();
    service.setEndpoints(Collections.singletonList("http://dummy-service.com/dummy"));
    EncryptionProperties encryptionProperties = new EncryptionProperties();
    encryptionProperties.setEncryptionName("myservicekey");
    if (!unrestrictedPoliciesInstalled) {
        encryptionProperties.setEncryptionAlgorithm(WSS4JConstants.AES_128);
    }
    encryptionProperties.setKeyIdentifierType(WSConstants.SKI_KEY_IDENTIFIER);
    service.setEncryptionProperties(encryptionProperties);
    issueOperation.setServices(Collections.singletonList(service));
    // Add STSProperties object
    StaticSTSProperties stsProperties = new StaticSTSProperties();
    Crypto encryptionCrypto = CryptoFactory.getInstance(getEncryptionProperties());
    stsProperties.setEncryptionCrypto(encryptionCrypto);
    stsProperties.setCallbackHandler(new PasswordCallbackHandler());
    issueOperation.setStsProperties(stsProperties);
    // Mock up a request
    RequestSecurityTokenType request = new RequestSecurityTokenType();
    JAXBElement<String> tokenType = new JAXBElement<String>(QNameConstants.TOKEN_TYPE, String.class, DummyTokenProvider.TOKEN_TYPE);
    request.getAny().add(tokenType);
    request.getAny().add(createAppliesToElement("http://dummy-service.com/dummy"));
    // Mock up message context
    MessageImpl msg = new MessageImpl();
    WrappedMessageContext msgCtx = new WrappedMessageContext(msg);
    // Issue a token - use various KeyIdentifiers
    RequestSecurityTokenResponseCollectionType response = issueOperation.issue(request, null, msgCtx);
    List<RequestSecurityTokenResponseType> securityTokenResponse = response.getRequestSecurityTokenResponse();
    assertTrue(!securityTokenResponse.isEmpty());
    encryptionProperties.setKeyIdentifierType(WSConstants.SKI_KEY_IDENTIFIER);
    issueOperation.issue(request, null, msgCtx);
    encryptionProperties.setKeyIdentifierType(WSConstants.THUMBPRINT_IDENTIFIER);
    issueOperation.issue(request, null, msgCtx);
    encryptionProperties.setKeyIdentifierType(WSConstants.ENCRYPTED_KEY_SHA1_IDENTIFIER);
    issueOperation.issue(request, null, msgCtx);
    try {
        encryptionProperties.setKeyIdentifierType(WSConstants.BST);
        issueOperation.issue(request, null, msgCtx);
        fail("Failure expected on a bad key identifier");
    } catch (STSException ex) {
    // expected
    }
}
Also used : ServiceMBean(org.apache.cxf.sts.service.ServiceMBean) RequestSecurityTokenType(org.apache.cxf.ws.security.sts.provider.model.RequestSecurityTokenType) ArrayList(java.util.ArrayList) STSException(org.apache.cxf.ws.security.sts.provider.STSException) EncryptionProperties(org.apache.cxf.sts.service.EncryptionProperties) RequestSecurityTokenResponseType(org.apache.cxf.ws.security.sts.provider.model.RequestSecurityTokenResponseType) StaticSTSProperties(org.apache.cxf.sts.StaticSTSProperties) JAXBElement(javax.xml.bind.JAXBElement) StaticService(org.apache.cxf.sts.service.StaticService) RequestSecurityTokenResponseCollectionType(org.apache.cxf.ws.security.sts.provider.model.RequestSecurityTokenResponseCollectionType) TokenProvider(org.apache.cxf.sts.token.provider.TokenProvider) Crypto(org.apache.wss4j.common.crypto.Crypto) WrappedMessageContext(org.apache.cxf.jaxws.context.WrappedMessageContext) PasswordCallbackHandler(org.apache.cxf.sts.common.PasswordCallbackHandler) MessageImpl(org.apache.cxf.message.MessageImpl)

Aggregations

RequestSecurityTokenResponseCollectionType (org.apache.cxf.ws.security.sts.provider.model.RequestSecurityTokenResponseCollectionType)63 RequestSecurityTokenResponseType (org.apache.cxf.ws.security.sts.provider.model.RequestSecurityTokenResponseType)63 RequestSecurityTokenType (org.apache.cxf.ws.security.sts.provider.model.RequestSecurityTokenType)59 JAXBElement (javax.xml.bind.JAXBElement)58 ArrayList (java.util.ArrayList)56 WrappedMessageContext (org.apache.cxf.jaxws.context.WrappedMessageContext)56 MessageImpl (org.apache.cxf.message.MessageImpl)56 StaticSTSProperties (org.apache.cxf.sts.StaticSTSProperties)56 ServiceMBean (org.apache.cxf.sts.service.ServiceMBean)55 StaticService (org.apache.cxf.sts.service.StaticService)55 TokenProvider (org.apache.cxf.sts.token.provider.TokenProvider)55 STSPropertiesMBean (org.apache.cxf.sts.STSPropertiesMBean)49 PasswordCallbackHandler (org.apache.cxf.sts.common.PasswordCallbackHandler)48 Crypto (org.apache.wss4j.common.crypto.Crypto)48 Element (org.w3c.dom.Element)38 SAMLTokenProvider (org.apache.cxf.sts.token.provider.SAMLTokenProvider)33 RequestedSecurityTokenType (org.apache.cxf.ws.security.sts.provider.model.RequestedSecurityTokenType)32 Principal (java.security.Principal)30 SecurityContext (org.apache.cxf.security.SecurityContext)30 CustomTokenPrincipal (org.apache.wss4j.common.principal.CustomTokenPrincipal)30