Examples with RequestedSecurityTokenType org.apache.cxf.ws.security.sts.provider.model.RequestedSecurityTokenType used on opensource projects

Search in sources :

Example 31 with RequestedSecurityTokenType

use of org.apache.cxf.ws.security.sts.provider.model.RequestedSecurityTokenType in project cxf by apache.

the class ValidateJWTTransformationTest method testSAMLToJWTTransformation.

@org.junit.Test
public void testSAMLToJWTTransformation() throws Exception {
    TokenValidateOperation validateOperation = new TokenValidateOperation();
    // Add Token Validator
    List<TokenValidator> validatorList = new ArrayList<>();
    validatorList.add(new SAMLTokenValidator());
    validateOperation.setTokenValidators(validatorList);
    // Add Token Provider
    List<TokenProvider> providerList = new ArrayList<>();
    providerList.add(new JWTTokenProvider());
    validateOperation.setTokenProviders(providerList);
    // Add STSProperties object
    STSPropertiesMBean stsProperties = new StaticSTSProperties();
    Crypto crypto = CryptoFactory.getInstance(getEncryptionProperties());
    stsProperties.setEncryptionCrypto(crypto);
    stsProperties.setSignatureCrypto(crypto);
    stsProperties.setEncryptionUsername("myservicekey");
    stsProperties.setSignatureUsername("mystskey");
    stsProperties.setCallbackHandler(new PasswordCallbackHandler());
    stsProperties.setIssuer("STS");
    validateOperation.setStsProperties(stsProperties);
    // Mock up a request
    RequestSecurityTokenType request = new RequestSecurityTokenType();
    JAXBElement<String> tokenType = new JAXBElement<String>(QNameConstants.TOKEN_TYPE, String.class, JWTTokenProvider.JWT_TOKEN_TYPE);
    request.getAny().add(tokenType);
    // Create a SAML Token
    Element samlToken = createSAMLAssertion(WSS4JConstants.WSS_SAML2_TOKEN_TYPE, crypto, "mystskey", new PasswordCallbackHandler());
    Document doc = samlToken.getOwnerDocument();
    samlToken = (Element) doc.appendChild(samlToken);
    ValidateTargetType validateTarget = new ValidateTargetType();
    validateTarget.setAny(samlToken);
    JAXBElement<ValidateTargetType> validateTargetType = new JAXBElement<ValidateTargetType>(QNameConstants.VALIDATE_TARGET, ValidateTargetType.class, validateTarget);
    request.getAny().add(validateTargetType);
    // Mock up message context
    MessageImpl msg = new MessageImpl();
    WrappedMessageContext msgCtx = new WrappedMessageContext(msg);
    Principal principal = new CustomTokenPrincipal("alice");
    msgCtx.put(SecurityContext.class.getName(), createSecurityContext(principal));
    // Validate a token
    RequestSecurityTokenResponseType response = validateOperation.validate(request, principal, msgCtx);
    assertTrue(validateResponse(response));
    // Test the generated token.
    Element token = null;
    for (Object tokenObject : response.getAny()) {
        if (tokenObject instanceof JAXBElement<?> && REQUESTED_SECURITY_TOKEN.equals(((JAXBElement<?>) tokenObject).getName())) {
            RequestedSecurityTokenType rstType = (RequestedSecurityTokenType) ((JAXBElement<?>) tokenObject).getValue();
            token = (Element) rstType.getAny();
            break;
        }
    }
    assertNotNull(token);
    JwsJwtCompactConsumer jwtConsumer = new JwsJwtCompactConsumer(token.getTextContent());
    JwtToken jwt = jwtConsumer.getJwtToken();
    Assert.assertEquals("alice", jwt.getClaim(JwtConstants.CLAIM_SUBJECT));
}
Also used : RequestSecurityTokenType(org.apache.cxf.ws.security.sts.provider.model.RequestSecurityTokenType) JAXBElement(javax.xml.bind.JAXBElement) Element(org.w3c.dom.Element) ArrayList(java.util.ArrayList) RequestSecurityTokenResponseType(org.apache.cxf.ws.security.sts.provider.model.RequestSecurityTokenResponseType) StaticSTSProperties(org.apache.cxf.sts.StaticSTSProperties) RequestedSecurityTokenType(org.apache.cxf.ws.security.sts.provider.model.RequestedSecurityTokenType) Document(org.w3c.dom.Document) CustomTokenPrincipal(org.apache.wss4j.common.principal.CustomTokenPrincipal) TokenProvider(org.apache.cxf.sts.token.provider.TokenProvider) JWTTokenProvider(org.apache.cxf.sts.token.provider.jwt.JWTTokenProvider) SAMLTokenProvider(org.apache.cxf.sts.token.provider.SAMLTokenProvider) JWTTokenValidator(org.apache.cxf.sts.token.validator.jwt.JWTTokenValidator) TokenValidator(org.apache.cxf.sts.token.validator.TokenValidator) SAMLTokenValidator(org.apache.cxf.sts.token.validator.SAMLTokenValidator) PasswordCallbackHandler(org.apache.cxf.sts.common.PasswordCallbackHandler) JwsJwtCompactConsumer(org.apache.cxf.rs.security.jose.jws.JwsJwtCompactConsumer) JWTTokenProvider(org.apache.cxf.sts.token.provider.jwt.JWTTokenProvider) JAXBElement(javax.xml.bind.JAXBElement) JwtToken(org.apache.cxf.rs.security.jose.jwt.JwtToken) Crypto(org.apache.wss4j.common.crypto.Crypto) STSPropertiesMBean(org.apache.cxf.sts.STSPropertiesMBean) WrappedMessageContext(org.apache.cxf.jaxws.context.WrappedMessageContext) SecurityContext(org.apache.cxf.security.SecurityContext) SAMLTokenValidator(org.apache.cxf.sts.token.validator.SAMLTokenValidator) ValidateTargetType(org.apache.cxf.ws.security.sts.provider.model.ValidateTargetType) MessageImpl(org.apache.cxf.message.MessageImpl) CustomTokenPrincipal(org.apache.wss4j.common.principal.CustomTokenPrincipal) Principal(java.security.Principal)

Example 32 with RequestedSecurityTokenType

use of org.apache.cxf.ws.security.sts.provider.model.RequestedSecurityTokenType in project cxf by apache.

the class CustomParameterTest method validateSAMLSecurityTokenResponse.

private Element validateSAMLSecurityTokenResponse(RequestSecurityTokenResponseType securityResponse, boolean saml2) throws Exception {
    RequestedSecurityTokenType requestedSecurityToken = getRequestedSecurityToken(securityResponse);
    assertNotNull(requestedSecurityToken);
    // Process the token
    List<WSSecurityEngineResult> results = processToken((Element) requestedSecurityToken.getAny());
    assertTrue(results != null && results.size() == 1);
    SamlAssertionWrapper assertion = (SamlAssertionWrapper) results.get(0).get(WSSecurityEngineResult.TAG_SAML_ASSERTION);
    assertTrue(assertion != null);
    if (saml2) {
        assertTrue(assertion.getSaml2() != null && assertion.getSaml1() == null);
    } else {
        assertTrue(assertion.getSaml2() == null && assertion.getSaml1() != null);
    }
    assertTrue(assertion.isSigned());
    return (Element) results.get(0).get(WSSecurityEngineResult.TAG_TOKEN_ELEMENT);
}
Also used : JAXBElement(javax.xml.bind.JAXBElement) Element(org.w3c.dom.Element) SamlAssertionWrapper(org.apache.wss4j.common.saml.SamlAssertionWrapper) RequestedSecurityTokenType(org.apache.cxf.ws.security.sts.provider.model.RequestedSecurityTokenType) WSSecurityEngineResult(org.apache.wss4j.dom.engine.WSSecurityEngineResult)

Example 33 with RequestedSecurityTokenType

use of org.apache.cxf.ws.security.sts.provider.model.RequestedSecurityTokenType in project cxf by apache.

the class STSRESTTest method validateSAMLSecurityTokenResponse.

private Element validateSAMLSecurityTokenResponse(RequestSecurityTokenResponseType securityResponse, boolean saml2) throws Exception {
    RequestedSecurityTokenType requestedSecurityToken = getRequestedSecurityToken(securityResponse);
    assertNotNull(requestedSecurityToken);
    // Process the token
    List<WSSecurityEngineResult> results = processToken((Element) requestedSecurityToken.getAny());
    assertTrue(results != null && results.size() == 1);
    SamlAssertionWrapper assertion = (SamlAssertionWrapper) results.get(0).get(WSSecurityEngineResult.TAG_SAML_ASSERTION);
    assertTrue(assertion != null);
    if (saml2) {
        assertTrue(assertion.getSaml2() != null && assertion.getSaml1() == null);
    } else {
        assertTrue(assertion.getSaml2() == null && assertion.getSaml1() != null);
    }
    assertTrue(assertion.isSigned());
    return (Element) results.get(0).get(WSSecurityEngineResult.TAG_TOKEN_ELEMENT);
}
Also used : JAXBElement(javax.xml.bind.JAXBElement) Element(org.w3c.dom.Element) SamlAssertionWrapper(org.apache.wss4j.common.saml.SamlAssertionWrapper) RequestedSecurityTokenType(org.apache.cxf.ws.security.sts.provider.model.RequestedSecurityTokenType) WSSecurityEngineResult(org.apache.wss4j.dom.engine.WSSecurityEngineResult)

Example 34 with RequestedSecurityTokenType

use of org.apache.cxf.ws.security.sts.provider.model.RequestedSecurityTokenType in project cxf by apache.

the class STSRESTTest method testIssueJWTTokenViaPOST.

@org.junit.Test
public void testIssueJWTTokenViaPOST() throws Exception {
    SpringBusFactory bf = new SpringBusFactory();
    URL busFile = STSRESTTest.class.getResource("cxf-client.xml");
    Bus bus = bf.createBus(busFile.toString());
    BusFactory.setDefaultBus(bus);
    BusFactory.setThreadDefaultBus(bus);
    String address = "https://localhost:" + STSPORT + "/SecurityTokenService/token";
    WebClient client = WebClient.create(address, busFile.toString());
    client.type("application/xml").accept("application/xml");
    // Create RequestSecurityToken
    W3CDOMStreamWriter writer = new W3CDOMStreamWriter();
    String namespace = STSUtils.WST_NS_05_12;
    writer.writeStartElement("wst", "RequestSecurityToken", namespace);
    writer.writeNamespace("wst", namespace);
    writer.writeStartElement("wst", "RequestType", namespace);
    writer.writeCharacters(namespace + "/Issue");
    writer.writeEndElement();
    writer.writeStartElement("wst", "TokenType", namespace);
    writer.writeCharacters(JWT_TOKEN_TYPE);
    writer.writeEndElement();
    writer.writeEndElement();
    Response response = client.post(new DOMSource(writer.getDocument().getDocumentElement()));
    RequestSecurityTokenResponseType securityResponse = response.readEntity(RequestSecurityTokenResponseType.class);
    RequestedSecurityTokenType requestedSecurityToken = getRequestedSecurityToken(securityResponse);
    assertNotNull(requestedSecurityToken);
    String token = ((Element) requestedSecurityToken.getAny()).getTextContent();
    assertNotNull(token);
    validateJWTToken(token, null);
    bus.shutdown(true);
}
Also used : Response(javax.ws.rs.core.Response) Bus(org.apache.cxf.Bus) W3CDOMStreamWriter(org.apache.cxf.staxutils.W3CDOMStreamWriter) DOMSource(javax.xml.transform.dom.DOMSource) SpringBusFactory(org.apache.cxf.bus.spring.SpringBusFactory) JAXBElement(javax.xml.bind.JAXBElement) Element(org.w3c.dom.Element) RequestSecurityTokenResponseType(org.apache.cxf.ws.security.sts.provider.model.RequestSecurityTokenResponseType) RequestedSecurityTokenType(org.apache.cxf.ws.security.sts.provider.model.RequestedSecurityTokenType) WebClient(org.apache.cxf.jaxrs.client.WebClient) URL(java.net.URL)

Example 35 with RequestedSecurityTokenType

use of org.apache.cxf.ws.security.sts.provider.model.RequestedSecurityTokenType in project cxf by apache.

the class STSRESTTest method testValidateSAMLAndIssueJWT.

@org.junit.Test
public void testValidateSAMLAndIssueJWT() throws Exception {
    SpringBusFactory bf = new SpringBusFactory();
    URL busFile = STSRESTTest.class.getResource("cxf-client.xml");
    Bus bus = bf.createBus(busFile.toString());
    BusFactory.setDefaultBus(bus);
    BusFactory.setThreadDefaultBus(bus);
    String address = "https://localhost:" + STSPORT + "/SecurityTokenService/token";
    WebClient client = WebClient.create(address, busFile.toString());
    client.accept("application/xml");
    client.path("saml2.0");
    // 1. Get a token via GET
    Response response = client.get();
    Document assertionDoc = response.readEntity(Document.class);
    assertNotNull(assertionDoc);
    // 2. Now validate it in the STS using POST
    client = WebClient.create(address, busFile.toString());
    client.type("application/xml").accept("application/xml");
    client.query("action", "validate");
    // Create RequestSecurityToken
    W3CDOMStreamWriter writer = new W3CDOMStreamWriter();
    String namespace = STSUtils.WST_NS_05_12;
    writer.writeStartElement("wst", "RequestSecurityToken", namespace);
    writer.writeNamespace("wst", namespace);
    writer.writeStartElement("wst", "RequestType", namespace);
    writer.writeCharacters(namespace + "/Validate");
    writer.writeEndElement();
    writer.writeStartElement("wst", "TokenType", namespace);
    writer.writeCharacters(JWT_TOKEN_TYPE);
    writer.writeEndElement();
    writer.writeStartElement("wst", "ValidateTarget", namespace);
    StaxUtils.copy(assertionDoc.getDocumentElement(), writer);
    writer.writeEndElement();
    writer.writeEndElement();
    response = client.post(new DOMSource(writer.getDocument().getDocumentElement()));
    RequestSecurityTokenResponseType securityResponse = response.readEntity(RequestSecurityTokenResponseType.class);
    StatusType status = null;
    for (Object obj : securityResponse.getAny()) {
        if (obj instanceof JAXBElement<?>) {
            JAXBElement<?> jaxbElement = (JAXBElement<?>) obj;
            if ("Status".equals(jaxbElement.getName().getLocalPart())) {
                status = (StatusType) jaxbElement.getValue();
                break;
            }
        }
    }
    assertNotNull(status);
    // Check the token was valid
    String validCode = "http://docs.oasis-open.org/ws-sx/ws-trust/200512/status/valid";
    assertEquals(validCode, status.getCode());
    // Check the token
    RequestedSecurityTokenType requestedSecurityToken = getRequestedSecurityToken(securityResponse);
    assertNotNull(requestedSecurityToken);
    String token = ((Element) requestedSecurityToken.getAny()).getTextContent();
    assertNotNull(token);
    validateJWTToken(token, null);
    bus.shutdown(true);
}
Also used : Bus(org.apache.cxf.Bus) W3CDOMStreamWriter(org.apache.cxf.staxutils.W3CDOMStreamWriter) DOMSource(javax.xml.transform.dom.DOMSource) JAXBElement(javax.xml.bind.JAXBElement) Element(org.w3c.dom.Element) RequestSecurityTokenResponseType(org.apache.cxf.ws.security.sts.provider.model.RequestSecurityTokenResponseType) JAXBElement(javax.xml.bind.JAXBElement) RequestedSecurityTokenType(org.apache.cxf.ws.security.sts.provider.model.RequestedSecurityTokenType) Document(org.w3c.dom.Document) WebClient(org.apache.cxf.jaxrs.client.WebClient) URL(java.net.URL) Response(javax.ws.rs.core.Response) SpringBusFactory(org.apache.cxf.bus.spring.SpringBusFactory) StatusType(org.apache.cxf.ws.security.sts.provider.model.StatusType)

Aggregations

RequestedSecurityTokenType (org.apache.cxf.ws.security.sts.provider.model.RequestedSecurityTokenType)65 RequestSecurityTokenResponseType (org.apache.cxf.ws.security.sts.provider.model.RequestSecurityTokenResponseType)63 JAXBElement (javax.xml.bind.JAXBElement)62 Element (org.w3c.dom.Element)61 RequestSecurityTokenType (org.apache.cxf.ws.security.sts.provider.model.RequestSecurityTokenType)55 ArrayList (java.util.ArrayList)51 WrappedMessageContext (org.apache.cxf.jaxws.context.WrappedMessageContext)49 MessageImpl (org.apache.cxf.message.MessageImpl)49 STSPropertiesMBean (org.apache.cxf.sts.STSPropertiesMBean)49 Crypto (org.apache.wss4j.common.crypto.Crypto)49 PasswordCallbackHandler (org.apache.cxf.sts.common.PasswordCallbackHandler)48 TokenProvider (org.apache.cxf.sts.token.provider.TokenProvider)47 CustomTokenPrincipal (org.apache.wss4j.common.principal.CustomTokenPrincipal)46 StaticSTSProperties (org.apache.cxf.sts.StaticSTSProperties)42 SAMLTokenProvider (org.apache.cxf.sts.token.provider.SAMLTokenProvider)40 Principal (java.security.Principal)38 SecurityContext (org.apache.cxf.security.SecurityContext)38 ServiceMBean (org.apache.cxf.sts.service.ServiceMBean)34 StaticService (org.apache.cxf.sts.service.StaticService)34 RequestSecurityTokenResponseCollectionType (org.apache.cxf.ws.security.sts.provider.model.RequestSecurityTokenResponseCollectionType)32
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial