Examples with BinarySecurityTokenType org.apache.cxf.ws.security.sts.provider.model.secext.BinarySecurityTokenType used on opensource projects

Example 6 with BinarySecurityTokenType

use of org.apache.cxf.ws.security.sts.provider.model.secext.BinarySecurityTokenType in project ddf by codice.

the class TestPKITokenValidator method testCanHandleAnyRealmToken.

@Test
public void testCanHandleAnyRealmToken() {
    BinarySecurityTokenType binarySecurityTokenType = new BinarySecurityTokenType();
    binarySecurityTokenType.setEncodingType(WSConstants.SOAPMESSAGE_NS + "#Base64Binary");
    binarySecurityTokenType.setValueType(PKIAuthenticationToken.PKI_TOKEN_VALUE_TYPE);
    PKIAuthenticationTokenFactory pkiAuthenticationTokenFactory = new PKIAuthenticationTokenFactory();
    pkiAuthenticationTokenFactory.setSignaturePropertiesPath(TestPKITokenValidator.class.getResource("/signature.properties").getPath());
    pkiAuthenticationTokenFactory.init();
    PKIAuthenticationToken pkiAuthenticationToken = pkiAuthenticationTokenFactory.getTokenFromCerts(certificates, "*");
    binarySecurityTokenType.setValue(pkiAuthenticationToken.getEncodedCredentials());
    ReceivedToken receivedToken = mock(ReceivedToken.class);
    when(receivedToken.getToken()).thenReturn(binarySecurityTokenType);
    boolean result = pkiTokenValidator.canHandleToken(receivedToken);
    assertEquals(true, result);
}

Example 7 with BinarySecurityTokenType

use of org.apache.cxf.ws.security.sts.provider.model.secext.BinarySecurityTokenType in project ddf by codice.

the class GuestValidatorTest method setup.

@Before
public void setup() {
    validator = new GuestValidator();
    validator.setSupportedRealm(Arrays.asList("DDF"));
    GuestAuthenticationToken guestAuthenticationToken = new GuestAuthenticationToken("DDF", "127.0.0.1");
    GuestAuthenticationToken guestAuthenticationTokenAnyRealm = new GuestAuthenticationToken("*", "127.0.0.1");
    GuestAuthenticationToken guestAuthenticationTokenIpv6 = new GuestAuthenticationToken("*", "0:0:0:0:0:0:0:1");
    GuestAuthenticationToken guestAuthenticationTokenIpv6Reachability = new GuestAuthenticationToken("*", "0:0:0:0:0:0:0:1%4");
    BinarySecurityTokenType binarySecurityTokenType = new BinarySecurityTokenType();
    binarySecurityTokenType.setValueType(GuestAuthenticationToken.GUEST_TOKEN_VALUE_TYPE);
    binarySecurityTokenType.setEncodingType(BSTAuthenticationToken.BASE64_ENCODING);
    binarySecurityTokenType.setId(GuestAuthenticationToken.BST_GUEST_LN);
    binarySecurityTokenType.setValue(guestAuthenticationToken.getEncodedCredentials());
    JAXBElement<BinarySecurityTokenType> binarySecurityTokenElement = new JAXBElement<BinarySecurityTokenType>(new QName("http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd", "BinarySecurityToken"), BinarySecurityTokenType.class, binarySecurityTokenType);
    BinarySecurityTokenType binarySecurityTokenTypeBadToken = new BinarySecurityTokenType();
    binarySecurityTokenTypeBadToken.setValueType(GuestAuthenticationToken.GUEST_TOKEN_VALUE_TYPE);
    binarySecurityTokenTypeBadToken.setEncodingType(BSTAuthenticationToken.BASE64_ENCODING);
    binarySecurityTokenTypeBadToken.setId(GuestAuthenticationToken.BST_GUEST_LN);
    binarySecurityTokenTypeBadToken.setValue(Base64.getEncoder().encodeToString("NotGuest".getBytes()));
    JAXBElement<BinarySecurityTokenType> binarySecurityTokenElementBadToken = new JAXBElement<BinarySecurityTokenType>(new QName("http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd", "BinarySecurityToken"), BinarySecurityTokenType.class, binarySecurityTokenTypeBadToken);
    BinarySecurityTokenType binarySecurityTokenTypeAnyRealm = new BinarySecurityTokenType();
    binarySecurityTokenTypeAnyRealm.setValueType(GuestAuthenticationToken.GUEST_TOKEN_VALUE_TYPE);
    binarySecurityTokenTypeAnyRealm.setEncodingType(BSTAuthenticationToken.BASE64_ENCODING);
    binarySecurityTokenTypeAnyRealm.setId(GuestAuthenticationToken.BST_GUEST_LN);
    binarySecurityTokenTypeAnyRealm.setValue(guestAuthenticationTokenAnyRealm.getEncodedCredentials());
    JAXBElement<BinarySecurityTokenType> binarySecurityTokenElementAnyRealm = new JAXBElement<BinarySecurityTokenType>(new QName("http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd", "BinarySecurityToken"), BinarySecurityTokenType.class, binarySecurityTokenTypeAnyRealm);
    BinarySecurityTokenType binarySecurityTokenTypeIpv6 = new BinarySecurityTokenType();
    binarySecurityTokenTypeIpv6.setValueType(GuestAuthenticationToken.GUEST_TOKEN_VALUE_TYPE);
    binarySecurityTokenTypeIpv6.setEncodingType(BSTAuthenticationToken.BASE64_ENCODING);
    binarySecurityTokenTypeIpv6.setId(GuestAuthenticationToken.BST_GUEST_LN);
    binarySecurityTokenTypeIpv6.setValue(guestAuthenticationTokenIpv6.getEncodedCredentials());
    JAXBElement<BinarySecurityTokenType> binarySecurityTokenElementIpv6 = new JAXBElement<BinarySecurityTokenType>(new QName("http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd", "BinarySecurityToken"), BinarySecurityTokenType.class, binarySecurityTokenTypeIpv6);
    BinarySecurityTokenType binarySecurityTokenTypeIpv6Reachability = new BinarySecurityTokenType();
    binarySecurityTokenTypeIpv6Reachability.setValueType(GuestAuthenticationToken.GUEST_TOKEN_VALUE_TYPE);
    binarySecurityTokenTypeIpv6Reachability.setEncodingType(BSTAuthenticationToken.BASE64_ENCODING);
    binarySecurityTokenTypeIpv6Reachability.setId(GuestAuthenticationToken.BST_GUEST_LN);
    binarySecurityTokenTypeIpv6Reachability.setValue(guestAuthenticationTokenIpv6Reachability.getEncodedCredentials());
    JAXBElement<BinarySecurityTokenType> binarySecurityTokenElementIpv6Reachability = new JAXBElement<BinarySecurityTokenType>(new QName("http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd", "BinarySecurityToken"), BinarySecurityTokenType.class, binarySecurityTokenTypeIpv6Reachability);
    receivedToken = new ReceivedToken(binarySecurityTokenElement);
    receivedAnyRealmToken = new ReceivedToken(binarySecurityTokenElementAnyRealm);
    receivedBadToken = new ReceivedToken(binarySecurityTokenElementBadToken);
    receivedTokenIpv6 = new ReceivedToken(binarySecurityTokenElementIpv6);
    receivedTokenIpv6Reachability = new ReceivedToken(binarySecurityTokenElementIpv6Reachability);
    parameters = new TokenValidatorParameters();
    parameters.setToken(receivedToken);
}

Example 8 with BinarySecurityTokenType

use of org.apache.cxf.ws.security.sts.provider.model.secext.BinarySecurityTokenType in project ddf by codice.

the class BSTDelegationHandler method isDelegationAllowed.

public TokenDelegationResponse isDelegationAllowed(TokenDelegationParameters tokenParameters) {
    TokenDelegationResponse response = new TokenDelegationResponse();
    ReceivedToken delegateTarget = tokenParameters.getToken();
    response.setToken(delegateTarget);
    Object token = delegateTarget.getToken();
    if (token instanceof BinarySecurityTokenType) {
        response.setDelegationAllowed(true);
    }
    return response;
}

Example 9 with BinarySecurityTokenType

use of org.apache.cxf.ws.security.sts.provider.model.secext.BinarySecurityTokenType in project ddf by codice.

the class BSTAuthenticationToken method getBinarySecurityToken.

/**
     * Creates a binary security token based on the provided credential.
     */
private synchronized String getBinarySecurityToken(String credential) {
    Writer writer = new StringWriter();
    Marshaller marshaller = null;
    BinarySecurityTokenType binarySecurityTokenType = createBinarySecurityTokenType(credential);
    JAXBElement<BinarySecurityTokenType> binarySecurityTokenElement = new JAXBElement<BinarySecurityTokenType>(new QName("http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd", "BinarySecurityToken"), BinarySecurityTokenType.class, binarySecurityTokenType);
    if (BINARY_TOKEN_CONTEXT != null) {
        try {
            marshaller = BINARY_TOKEN_CONTEXT.createMarshaller();
            marshaller.setProperty(Marshaller.JAXB_FRAGMENT, Boolean.TRUE);
        } catch (JAXBException e) {
            LOGGER.debug("Exception while creating UsernameToken marshaller.", e);
        }
        if (marshaller != null) {
            try {
                marshaller.marshal(binarySecurityTokenElement, writer);
            } catch (JAXBException e) {
                LOGGER.debug("Exception while writing username token.", e);
            }
        }
    }
    String binarySecurityToken = writer.toString();
    if (LOGGER.isDebugEnabled()) {
        LOGGER.debug("Binary Security Token: {}", binarySecurityToken);
    }
    return binarySecurityToken;
}

Example 10 with BinarySecurityTokenType

use of org.apache.cxf.ws.security.sts.provider.model.secext.BinarySecurityTokenType in project ddf by codice.

the class WssPKIHandler method extractAuthenticationInfo.

@Override
protected BaseAuthenticationToken extractAuthenticationInfo(String realm, X509Certificate[] certs) {
    PKIAuthenticationToken pkiToken = tokenFactory.getTokenFromCerts(certs, realm);
    BinarySecurityTokenType binarySecurityType = pkiToken.createBinarySecurityTokenType(pkiToken.getCredentials());
    //
    // Turn the received JAXB object into a DOM element
    //
    Document doc = DOMUtils.createDocument();
    BinarySecurity binarySecurity = new X509Security(doc);
    binarySecurity.setEncodingType(binarySecurityType.getEncodingType());
    binarySecurity.setValueType(X509Security.X509_V3_TYPE);
    String data = binarySecurityType.getValue();
    Node textNode = doc.createTextNode(data);
    binarySecurity.getElement().appendChild(textNode);
    BaseAuthenticationToken baseAuthenticationToken = new BaseAuthenticationToken(null, "", binarySecurity.toString());
    baseAuthenticationToken.setUseWssSts(true);
    return baseAuthenticationToken;
}