use of org.apache.cxf.ws.security.sts.provider.model.RequestSecurityTokenResponseCollectionType in project cxf by apache.
the class IssueUnitTest method testLifetime.
/**
* Test to successfully issue a (dummy) token with a supplied lifetime. It only tests that
* the lifetime can be successfully processed by the RequestParser for now.
*/
@org.junit.Test
public void testLifetime() throws Exception {
TokenIssueOperation issueOperation = new TokenIssueOperation();
// Add Token Provider
List<TokenProvider> providerList = new ArrayList<>();
providerList.add(new DummyTokenProvider());
issueOperation.setTokenProviders(providerList);
// Add Service
ServiceMBean service = new StaticService();
service.setEndpoints(Collections.singletonList("http://dummy-service.com/dummy"));
issueOperation.setServices(Collections.singletonList(service));
// Add STSProperties object
STSPropertiesMBean stsProperties = new StaticSTSProperties();
issueOperation.setStsProperties(stsProperties);
// Mock up a request
RequestSecurityTokenType request = new RequestSecurityTokenType();
JAXBElement<String> tokenType = new JAXBElement<String>(QNameConstants.TOKEN_TYPE, String.class, DummyTokenProvider.TOKEN_TYPE);
request.getAny().add(tokenType);
request.getAny().add(createAppliesToElement("http://dummy-service.com/dummy"));
LifetimeType lifetime = createLifetime(300L * 5L);
JAXBElement<LifetimeType> lifetimeJaxb = new JAXBElement<LifetimeType>(QNameConstants.LIFETIME, LifetimeType.class, lifetime);
request.getAny().add(lifetimeJaxb);
// Mock up message context
MessageImpl msg = new MessageImpl();
WrappedMessageContext msgCtx = new WrappedMessageContext(msg);
// Issue a token
RequestSecurityTokenResponseCollectionType response = issueOperation.issue(request, null, msgCtx);
List<RequestSecurityTokenResponseType> securityTokenResponse = response.getRequestSecurityTokenResponse();
assertTrue(!securityTokenResponse.isEmpty());
}
use of org.apache.cxf.ws.security.sts.provider.model.RequestSecurityTokenResponseCollectionType in project cxf by apache.
the class TokenRequestCollectionOperation method requestCollection.
public RequestSecurityTokenResponseCollectionType requestCollection(RequestSecurityTokenCollectionType requestCollection, Principal principal, Map<String, Object> messageContext) {
RequestSecurityTokenResponseCollectionType responseCollection = QNameConstants.WS_TRUST_FACTORY.createRequestSecurityTokenResponseCollectionType();
String requestType = null;
for (RequestSecurityTokenType request : requestCollection.getRequestSecurityToken()) {
List<?> objectList = request.getAny();
for (Object o : objectList) {
if (o instanceof JAXBElement) {
QName qname = ((JAXBElement<?>) o).getName();
if (qname.equals(new QName(STSConstants.WST_NS_05_12, "RequestType"))) {
String val = ((JAXBElement<?>) o).getValue().toString();
// All batch requests must have the same RequestType
if (val == null || (requestType != null && !requestType.equals(val))) {
LOG.log(Level.WARNING, "All RequestSecurityTokenCollection elements do not share the same" + "RequestType");
throw new STSException("Error in requesting a token", STSException.REQUEST_FAILED);
}
requestType = val;
}
}
}
RequestSecurityTokenResponseType response = handleRequest(request, principal, messageContext, requestType);
responseCollection.getRequestSecurityTokenResponse().add(response);
}
return responseCollection;
}
use of org.apache.cxf.ws.security.sts.provider.model.RequestSecurityTokenResponseCollectionType in project cxf by apache.
the class SecurityTokenServiceProvider method invoke.
public Source invoke(Source request) {
Source response = null;
try {
Object obj = convertToJAXBObject(request);
Object operationImpl = null;
Method method = null;
if (obj instanceof RequestSecurityTokenCollectionType) {
operationImpl = operationMap.get(WSTRUST_REQUESTTYPE_REQUESTCOLLECTION);
method = OPERATION_METHODS.get(WSTRUST_REQUESTTYPE_REQUESTCOLLECTION);
} else {
RequestSecurityTokenType rst = (RequestSecurityTokenType) obj;
List<?> objectList = rst.getAny();
for (Object o : objectList) {
if (o instanceof JAXBElement) {
QName qname = ((JAXBElement<?>) o).getName();
if (qname.equals(new QName(WSTRUST_13_NAMESPACE, WSTRUST_REQUESTTYPE_ELEMENTNAME))) {
String val = ((JAXBElement<?>) o).getValue().toString();
operationImpl = operationMap.get(val);
method = OPERATION_METHODS.get(val);
break;
}
}
}
}
if (operationImpl == null || method == null) {
throw new Exception("Implementation for this operation not found.");
}
obj = method.invoke(operationImpl, obj, context.getUserPrincipal(), context.getMessageContext());
if (obj == null) {
throw new Exception("Error in implementation class.");
}
if (obj instanceof RequestSecurityTokenResponseCollectionType) {
RequestSecurityTokenResponseCollectionType tokenResponse = (RequestSecurityTokenResponseCollectionType) obj;
response = new JAXBSource(jaxbContext, new ObjectFactory().createRequestSecurityTokenResponseCollection(tokenResponse));
} else {
RequestSecurityTokenResponseType tokenResponse = (RequestSecurityTokenResponseType) obj;
response = new JAXBSource(jaxbContext, new ObjectFactory().createRequestSecurityTokenResponse(tokenResponse));
}
} catch (InvocationTargetException ex) {
Throwable cause = ex.getCause();
throw createSOAPFault(cause);
} catch (Exception ex) {
throw createSOAPFault(ex);
}
return response;
}
use of org.apache.cxf.ws.security.sts.provider.model.RequestSecurityTokenResponseCollectionType in project cxf by apache.
the class IssueEncryptedUnitTest method testEncryptionName.
/**
* Test for various options relating to specifying a name for encryption
*/
@org.junit.Test
public void testEncryptionName() throws Exception {
TokenIssueOperation issueOperation = new TokenIssueOperation();
issueOperation.setEncryptIssuedToken(true);
// Add Token Provider
List<TokenProvider> providerList = new ArrayList<>();
providerList.add(new DummyTokenProvider());
issueOperation.setTokenProviders(providerList);
// Add Service
ServiceMBean service = new StaticService();
service.setEndpoints(Collections.singletonList("http://dummy-service.com/dummy"));
EncryptionProperties encryptionProperties = new EncryptionProperties();
if (!unrestrictedPoliciesInstalled) {
encryptionProperties.setEncryptionAlgorithm(WSS4JConstants.AES_128);
}
service.setEncryptionProperties(encryptionProperties);
issueOperation.setServices(Collections.singletonList(service));
// Add STSProperties object
StaticSTSProperties stsProperties = new StaticSTSProperties();
Crypto encryptionCrypto = CryptoFactory.getInstance(getEncryptionProperties());
stsProperties.setEncryptionCrypto(encryptionCrypto);
stsProperties.setCallbackHandler(new PasswordCallbackHandler());
issueOperation.setStsProperties(stsProperties);
// Mock up a request
RequestSecurityTokenType request = new RequestSecurityTokenType();
JAXBElement<String> tokenType = new JAXBElement<String>(QNameConstants.TOKEN_TYPE, String.class, DummyTokenProvider.TOKEN_TYPE);
request.getAny().add(tokenType);
request.getAny().add(createAppliesToElement("http://dummy-service.com/dummy"));
// Mock up message context
MessageImpl msg = new MessageImpl();
WrappedMessageContext msgCtx = new WrappedMessageContext(msg);
// Issue a token - as no encryption name has been specified the token will not be encrypted
RequestSecurityTokenResponseCollectionType response = issueOperation.issue(request, null, msgCtx);
List<RequestSecurityTokenResponseType> securityTokenResponse = response.getRequestSecurityTokenResponse();
assertTrue(!securityTokenResponse.isEmpty());
encryptionProperties.setEncryptionName("myservicekey");
service.setEncryptionProperties(encryptionProperties);
// Issue a (encrypted) token
response = issueOperation.issue(request, null, msgCtx);
securityTokenResponse = response.getRequestSecurityTokenResponse();
assertTrue(!securityTokenResponse.isEmpty());
}
use of org.apache.cxf.ws.security.sts.provider.model.RequestSecurityTokenResponseCollectionType in project cxf by apache.
the class IssueEncryptedUnitTest method testConfiguredKeyIdentifiers.
/**
* Test for various options relating to configuring a KeyIdentifier
*/
@org.junit.Test
public void testConfiguredKeyIdentifiers() throws Exception {
TokenIssueOperation issueOperation = new TokenIssueOperation();
issueOperation.setEncryptIssuedToken(true);
// Add Token Provider
List<TokenProvider> providerList = new ArrayList<>();
providerList.add(new DummyTokenProvider());
issueOperation.setTokenProviders(providerList);
// Add Service
ServiceMBean service = new StaticService();
service.setEndpoints(Collections.singletonList("http://dummy-service.com/dummy"));
EncryptionProperties encryptionProperties = new EncryptionProperties();
encryptionProperties.setEncryptionName("myservicekey");
if (!unrestrictedPoliciesInstalled) {
encryptionProperties.setEncryptionAlgorithm(WSS4JConstants.AES_128);
}
encryptionProperties.setKeyIdentifierType(WSConstants.SKI_KEY_IDENTIFIER);
service.setEncryptionProperties(encryptionProperties);
issueOperation.setServices(Collections.singletonList(service));
// Add STSProperties object
StaticSTSProperties stsProperties = new StaticSTSProperties();
Crypto encryptionCrypto = CryptoFactory.getInstance(getEncryptionProperties());
stsProperties.setEncryptionCrypto(encryptionCrypto);
stsProperties.setCallbackHandler(new PasswordCallbackHandler());
issueOperation.setStsProperties(stsProperties);
// Mock up a request
RequestSecurityTokenType request = new RequestSecurityTokenType();
JAXBElement<String> tokenType = new JAXBElement<String>(QNameConstants.TOKEN_TYPE, String.class, DummyTokenProvider.TOKEN_TYPE);
request.getAny().add(tokenType);
request.getAny().add(createAppliesToElement("http://dummy-service.com/dummy"));
// Mock up message context
MessageImpl msg = new MessageImpl();
WrappedMessageContext msgCtx = new WrappedMessageContext(msg);
// Issue a token - use various KeyIdentifiers
RequestSecurityTokenResponseCollectionType response = issueOperation.issue(request, null, msgCtx);
List<RequestSecurityTokenResponseType> securityTokenResponse = response.getRequestSecurityTokenResponse();
assertTrue(!securityTokenResponse.isEmpty());
encryptionProperties.setKeyIdentifierType(WSConstants.SKI_KEY_IDENTIFIER);
issueOperation.issue(request, null, msgCtx);
encryptionProperties.setKeyIdentifierType(WSConstants.THUMBPRINT_IDENTIFIER);
issueOperation.issue(request, null, msgCtx);
encryptionProperties.setKeyIdentifierType(WSConstants.ENCRYPTED_KEY_SHA1_IDENTIFIER);
issueOperation.issue(request, null, msgCtx);
try {
encryptionProperties.setKeyIdentifierType(WSConstants.BST);
issueOperation.issue(request, null, msgCtx);
fail("Failure expected on a bad key identifier");
} catch (STSException ex) {
// expected
}
}
Aggregations