use of org.apache.cxf.ws.security.sts.provider.model.secext.BinarySecurityTokenType in project ddf by codice.
the class TestPKITokenValidator method testCanHandleAnyRealmToken.
@Test
public void testCanHandleAnyRealmToken() {
BinarySecurityTokenType binarySecurityTokenType = new BinarySecurityTokenType();
binarySecurityTokenType.setEncodingType(WSConstants.SOAPMESSAGE_NS + "#Base64Binary");
binarySecurityTokenType.setValueType(PKIAuthenticationToken.PKI_TOKEN_VALUE_TYPE);
PKIAuthenticationTokenFactory pkiAuthenticationTokenFactory = new PKIAuthenticationTokenFactory();
pkiAuthenticationTokenFactory.setSignaturePropertiesPath(TestPKITokenValidator.class.getResource("/signature.properties").getPath());
pkiAuthenticationTokenFactory.init();
PKIAuthenticationToken pkiAuthenticationToken = pkiAuthenticationTokenFactory.getTokenFromCerts(certificates, "*");
binarySecurityTokenType.setValue(pkiAuthenticationToken.getEncodedCredentials());
ReceivedToken receivedToken = mock(ReceivedToken.class);
when(receivedToken.getToken()).thenReturn(binarySecurityTokenType);
boolean result = pkiTokenValidator.canHandleToken(receivedToken);
assertEquals(true, result);
}
use of org.apache.cxf.ws.security.sts.provider.model.secext.BinarySecurityTokenType in project ddf by codice.
the class GuestValidatorTest method setup.
@Before
public void setup() {
validator = new GuestValidator();
validator.setSupportedRealm(Arrays.asList("DDF"));
GuestAuthenticationToken guestAuthenticationToken = new GuestAuthenticationToken("DDF", "127.0.0.1");
GuestAuthenticationToken guestAuthenticationTokenAnyRealm = new GuestAuthenticationToken("*", "127.0.0.1");
GuestAuthenticationToken guestAuthenticationTokenIpv6 = new GuestAuthenticationToken("*", "0:0:0:0:0:0:0:1");
GuestAuthenticationToken guestAuthenticationTokenIpv6Reachability = new GuestAuthenticationToken("*", "0:0:0:0:0:0:0:1%4");
BinarySecurityTokenType binarySecurityTokenType = new BinarySecurityTokenType();
binarySecurityTokenType.setValueType(GuestAuthenticationToken.GUEST_TOKEN_VALUE_TYPE);
binarySecurityTokenType.setEncodingType(BSTAuthenticationToken.BASE64_ENCODING);
binarySecurityTokenType.setId(GuestAuthenticationToken.BST_GUEST_LN);
binarySecurityTokenType.setValue(guestAuthenticationToken.getEncodedCredentials());
JAXBElement<BinarySecurityTokenType> binarySecurityTokenElement = new JAXBElement<BinarySecurityTokenType>(new QName("http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd", "BinarySecurityToken"), BinarySecurityTokenType.class, binarySecurityTokenType);
BinarySecurityTokenType binarySecurityTokenTypeBadToken = new BinarySecurityTokenType();
binarySecurityTokenTypeBadToken.setValueType(GuestAuthenticationToken.GUEST_TOKEN_VALUE_TYPE);
binarySecurityTokenTypeBadToken.setEncodingType(BSTAuthenticationToken.BASE64_ENCODING);
binarySecurityTokenTypeBadToken.setId(GuestAuthenticationToken.BST_GUEST_LN);
binarySecurityTokenTypeBadToken.setValue(Base64.getEncoder().encodeToString("NotGuest".getBytes()));
JAXBElement<BinarySecurityTokenType> binarySecurityTokenElementBadToken = new JAXBElement<BinarySecurityTokenType>(new QName("http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd", "BinarySecurityToken"), BinarySecurityTokenType.class, binarySecurityTokenTypeBadToken);
BinarySecurityTokenType binarySecurityTokenTypeAnyRealm = new BinarySecurityTokenType();
binarySecurityTokenTypeAnyRealm.setValueType(GuestAuthenticationToken.GUEST_TOKEN_VALUE_TYPE);
binarySecurityTokenTypeAnyRealm.setEncodingType(BSTAuthenticationToken.BASE64_ENCODING);
binarySecurityTokenTypeAnyRealm.setId(GuestAuthenticationToken.BST_GUEST_LN);
binarySecurityTokenTypeAnyRealm.setValue(guestAuthenticationTokenAnyRealm.getEncodedCredentials());
JAXBElement<BinarySecurityTokenType> binarySecurityTokenElementAnyRealm = new JAXBElement<BinarySecurityTokenType>(new QName("http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd", "BinarySecurityToken"), BinarySecurityTokenType.class, binarySecurityTokenTypeAnyRealm);
BinarySecurityTokenType binarySecurityTokenTypeIpv6 = new BinarySecurityTokenType();
binarySecurityTokenTypeIpv6.setValueType(GuestAuthenticationToken.GUEST_TOKEN_VALUE_TYPE);
binarySecurityTokenTypeIpv6.setEncodingType(BSTAuthenticationToken.BASE64_ENCODING);
binarySecurityTokenTypeIpv6.setId(GuestAuthenticationToken.BST_GUEST_LN);
binarySecurityTokenTypeIpv6.setValue(guestAuthenticationTokenIpv6.getEncodedCredentials());
JAXBElement<BinarySecurityTokenType> binarySecurityTokenElementIpv6 = new JAXBElement<BinarySecurityTokenType>(new QName("http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd", "BinarySecurityToken"), BinarySecurityTokenType.class, binarySecurityTokenTypeIpv6);
BinarySecurityTokenType binarySecurityTokenTypeIpv6Reachability = new BinarySecurityTokenType();
binarySecurityTokenTypeIpv6Reachability.setValueType(GuestAuthenticationToken.GUEST_TOKEN_VALUE_TYPE);
binarySecurityTokenTypeIpv6Reachability.setEncodingType(BSTAuthenticationToken.BASE64_ENCODING);
binarySecurityTokenTypeIpv6Reachability.setId(GuestAuthenticationToken.BST_GUEST_LN);
binarySecurityTokenTypeIpv6Reachability.setValue(guestAuthenticationTokenIpv6Reachability.getEncodedCredentials());
JAXBElement<BinarySecurityTokenType> binarySecurityTokenElementIpv6Reachability = new JAXBElement<BinarySecurityTokenType>(new QName("http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd", "BinarySecurityToken"), BinarySecurityTokenType.class, binarySecurityTokenTypeIpv6Reachability);
receivedToken = new ReceivedToken(binarySecurityTokenElement);
receivedAnyRealmToken = new ReceivedToken(binarySecurityTokenElementAnyRealm);
receivedBadToken = new ReceivedToken(binarySecurityTokenElementBadToken);
receivedTokenIpv6 = new ReceivedToken(binarySecurityTokenElementIpv6);
receivedTokenIpv6Reachability = new ReceivedToken(binarySecurityTokenElementIpv6Reachability);
parameters = new TokenValidatorParameters();
parameters.setToken(receivedToken);
}
use of org.apache.cxf.ws.security.sts.provider.model.secext.BinarySecurityTokenType in project ddf by codice.
the class BSTDelegationHandler method isDelegationAllowed.
public TokenDelegationResponse isDelegationAllowed(TokenDelegationParameters tokenParameters) {
TokenDelegationResponse response = new TokenDelegationResponse();
ReceivedToken delegateTarget = tokenParameters.getToken();
response.setToken(delegateTarget);
Object token = delegateTarget.getToken();
if (token instanceof BinarySecurityTokenType) {
response.setDelegationAllowed(true);
}
return response;
}
use of org.apache.cxf.ws.security.sts.provider.model.secext.BinarySecurityTokenType in project ddf by codice.
the class BSTAuthenticationToken method getBinarySecurityToken.
/**
* Creates a binary security token based on the provided credential.
*/
private synchronized String getBinarySecurityToken(String credential) {
Writer writer = new StringWriter();
Marshaller marshaller = null;
BinarySecurityTokenType binarySecurityTokenType = createBinarySecurityTokenType(credential);
JAXBElement<BinarySecurityTokenType> binarySecurityTokenElement = new JAXBElement<BinarySecurityTokenType>(new QName("http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd", "BinarySecurityToken"), BinarySecurityTokenType.class, binarySecurityTokenType);
if (BINARY_TOKEN_CONTEXT != null) {
try {
marshaller = BINARY_TOKEN_CONTEXT.createMarshaller();
marshaller.setProperty(Marshaller.JAXB_FRAGMENT, Boolean.TRUE);
} catch (JAXBException e) {
LOGGER.debug("Exception while creating UsernameToken marshaller.", e);
}
if (marshaller != null) {
try {
marshaller.marshal(binarySecurityTokenElement, writer);
} catch (JAXBException e) {
LOGGER.debug("Exception while writing username token.", e);
}
}
}
String binarySecurityToken = writer.toString();
if (LOGGER.isDebugEnabled()) {
LOGGER.debug("Binary Security Token: {}", binarySecurityToken);
}
return binarySecurityToken;
}
use of org.apache.cxf.ws.security.sts.provider.model.secext.BinarySecurityTokenType in project ddf by codice.
the class WssPKIHandler method extractAuthenticationInfo.
@Override
protected BaseAuthenticationToken extractAuthenticationInfo(String realm, X509Certificate[] certs) {
PKIAuthenticationToken pkiToken = tokenFactory.getTokenFromCerts(certs, realm);
BinarySecurityTokenType binarySecurityType = pkiToken.createBinarySecurityTokenType(pkiToken.getCredentials());
//
// Turn the received JAXB object into a DOM element
//
Document doc = DOMUtils.createDocument();
BinarySecurity binarySecurity = new X509Security(doc);
binarySecurity.setEncodingType(binarySecurityType.getEncodingType());
binarySecurity.setValueType(X509Security.X509_V3_TYPE);
String data = binarySecurityType.getValue();
Node textNode = doc.createTextNode(data);
binarySecurity.getElement().appendChild(textNode);
BaseAuthenticationToken baseAuthenticationToken = new BaseAuthenticationToken(null, "", binarySecurity.toString());
baseAuthenticationToken.setUseWssSts(true);
return baseAuthenticationToken;
}
Aggregations