Examples with BinarySecurityTokenType org.apache.cxf.ws.security.sts.provider.model.secext.BinarySecurityTokenType used on opensource projects

Search in sources :

Example 16 with BinarySecurityTokenType

use of org.apache.cxf.ws.security.sts.provider.model.secext.BinarySecurityTokenType in project cxf by apache.

the class ValidateUnitTest method createToken.

/**
 * Mock up a (JAXB) BinarySecurityTokenType.
 */
private JAXBElement<BinarySecurityTokenType> createToken() {
    BinarySecurityTokenType binarySecurityToken = new BinarySecurityTokenType();
    binarySecurityToken.setId("BST-1234");
    binarySecurityToken.setValue("12345678");
    binarySecurityToken.setValueType(DummyTokenProvider.TOKEN_TYPE);
    binarySecurityToken.setEncodingType(DummyTokenProvider.BASE64_NS);
    return new JAXBElement<BinarySecurityTokenType>(QNameConstants.BINARY_SECURITY_TOKEN, BinarySecurityTokenType.class, binarySecurityToken);
}
Also used : BinarySecurityTokenType(org.apache.cxf.ws.security.sts.provider.model.secext.BinarySecurityTokenType) JAXBElement(javax.xml.bind.JAXBElement)

Example 17 with BinarySecurityTokenType

use of org.apache.cxf.ws.security.sts.provider.model.secext.BinarySecurityTokenType in project cxf by apache.

the class ValidateX509TokenUnitTest method testValidateX509Token.

/**
 * Test to successfully validate an X.509 token
 */
@org.junit.Test
public void testValidateX509Token() throws Exception {
    TokenValidateOperation validateOperation = new TokenValidateOperation();
    // Add Token Validator
    List<TokenValidator> validatorList = new ArrayList<>();
    validatorList.add(new X509TokenValidator());
    validateOperation.setTokenValidators(validatorList);
    // Add STSProperties object
    STSPropertiesMBean stsProperties = new StaticSTSProperties();
    Crypto crypto = CryptoFactory.getInstance(getEncryptionProperties());
    stsProperties.setEncryptionCrypto(crypto);
    stsProperties.setSignatureCrypto(crypto);
    stsProperties.setEncryptionUsername("myservicekey");
    stsProperties.setSignatureUsername("mystskey");
    stsProperties.setCallbackHandler(new PasswordCallbackHandler());
    stsProperties.setIssuer("STS");
    validateOperation.setStsProperties(stsProperties);
    // Mock up a request
    RequestSecurityTokenType request = new RequestSecurityTokenType();
    JAXBElement<String> tokenType = new JAXBElement<String>(QNameConstants.TOKEN_TYPE, String.class, STSConstants.STATUS);
    request.getAny().add(tokenType);
    // Create a BinarySecurityToken
    CryptoType cryptoType = new CryptoType(CryptoType.TYPE.ALIAS);
    cryptoType.setAlias("myclientkey");
    X509Certificate[] certs = crypto.getX509Certificates(cryptoType);
    assertTrue(certs != null && certs.length > 0);
    JAXBElement<BinarySecurityTokenType> binarySecurityTokenType = createBinarySecurityToken(certs[0]);
    ValidateTargetType validateTarget = new ValidateTargetType();
    validateTarget.setAny(binarySecurityTokenType);
    JAXBElement<ValidateTargetType> validateTargetType = new JAXBElement<ValidateTargetType>(QNameConstants.VALIDATE_TARGET, ValidateTargetType.class, validateTarget);
    request.getAny().add(validateTargetType);
    // Mock up message context
    MessageImpl msg = new MessageImpl();
    WrappedMessageContext msgCtx = new WrappedMessageContext(msg);
    Principal principal = new CustomTokenPrincipal("alice");
    msgCtx.put(SecurityContext.class.getName(), createSecurityContext(principal));
    // Validate a token
    RequestSecurityTokenResponseType response = validateOperation.validate(request, principal, msgCtx);
    assertTrue(validateResponse(response));
}
Also used : RequestSecurityTokenType(org.apache.cxf.ws.security.sts.provider.model.RequestSecurityTokenType) ArrayList(java.util.ArrayList) RequestSecurityTokenResponseType(org.apache.cxf.ws.security.sts.provider.model.RequestSecurityTokenResponseType) StaticSTSProperties(org.apache.cxf.sts.StaticSTSProperties) CustomTokenPrincipal(org.apache.wss4j.common.principal.CustomTokenPrincipal) X509TokenValidator(org.apache.cxf.sts.token.validator.X509TokenValidator) TokenValidator(org.apache.cxf.sts.token.validator.TokenValidator) BinarySecurityTokenType(org.apache.cxf.ws.security.sts.provider.model.secext.BinarySecurityTokenType) PasswordCallbackHandler(org.apache.cxf.sts.common.PasswordCallbackHandler) JAXBElement(javax.xml.bind.JAXBElement) CryptoType(org.apache.wss4j.common.crypto.CryptoType) X509Certificate(java.security.cert.X509Certificate) X509TokenValidator(org.apache.cxf.sts.token.validator.X509TokenValidator) Crypto(org.apache.wss4j.common.crypto.Crypto) STSPropertiesMBean(org.apache.cxf.sts.STSPropertiesMBean) WrappedMessageContext(org.apache.cxf.jaxws.context.WrappedMessageContext) SecurityContext(org.apache.cxf.security.SecurityContext) ValidateTargetType(org.apache.cxf.ws.security.sts.provider.model.ValidateTargetType) MessageImpl(org.apache.cxf.message.MessageImpl) CustomTokenPrincipal(org.apache.wss4j.common.principal.CustomTokenPrincipal) Principal(java.security.Principal)

Example 18 with BinarySecurityTokenType

use of org.apache.cxf.ws.security.sts.provider.model.secext.BinarySecurityTokenType in project cxf by apache.

the class ValidateX509TokenUnitTest method createBinarySecurityToken.

private JAXBElement<BinarySecurityTokenType> createBinarySecurityToken(X509Certificate cert) throws Exception {
    BinarySecurityTokenType binarySecurityToken = new BinarySecurityTokenType();
    binarySecurityToken.setValue(Base64.getMimeEncoder().encodeToString(cert.getEncoded()));
    binarySecurityToken.setValueType(X509TokenValidator.X509_V3_TYPE);
    binarySecurityToken.setEncodingType(WSS4JConstants.SOAPMESSAGE_NS + "#Base64Binary");
    return new JAXBElement<BinarySecurityTokenType>(QNameConstants.BINARY_SECURITY_TOKEN, BinarySecurityTokenType.class, binarySecurityToken);
}
Also used : BinarySecurityTokenType(org.apache.cxf.ws.security.sts.provider.model.secext.BinarySecurityTokenType) JAXBElement(javax.xml.bind.JAXBElement)

Example 19 with BinarySecurityTokenType

use of org.apache.cxf.ws.security.sts.provider.model.secext.BinarySecurityTokenType in project cxf by apache.

the class CustomBSTTokenValidator method validateToken.

public TokenValidatorResponse validateToken(TokenValidatorParameters tokenParameters) {
    TokenValidatorResponse response = new TokenValidatorResponse();
    ReceivedToken validateTarget = tokenParameters.getToken();
    validateTarget.setState(STATE.INVALID);
    response.setToken(validateTarget);
    if (!validateTarget.isBinarySecurityToken()) {
        return response;
    }
    BinarySecurityTokenType binarySecurityToken = (BinarySecurityTokenType) validateTarget.getToken();
    // 
    if (Base64.getMimeEncoder().encodeToString("12345678".getBytes()).equals(binarySecurityToken.getValue())) {
        validateTarget.setState(STATE.VALID);
    }
    response.setPrincipal(new CustomTokenPrincipal("alice"));
    return response;
}
Also used : CustomTokenPrincipal(org.apache.wss4j.common.principal.CustomTokenPrincipal) BinarySecurityTokenType(org.apache.cxf.ws.security.sts.provider.model.secext.BinarySecurityTokenType) TokenValidatorResponse(org.apache.cxf.sts.token.validator.TokenValidatorResponse) ReceivedToken(org.apache.cxf.sts.request.ReceivedToken)

Example 20 with BinarySecurityTokenType

use of org.apache.cxf.ws.security.sts.provider.model.secext.BinarySecurityTokenType in project cxf by apache.

the class X509TokenValidatorTest method testInvalidCertificate.

/**
 * Test an invalid certificate
 */
@org.junit.Test
public void testInvalidCertificate() throws Exception {
    TokenValidator x509TokenValidator = new X509TokenValidator();
    TokenValidatorParameters validatorParameters = createValidatorParameters();
    TokenRequirements tokenRequirements = validatorParameters.getTokenRequirements();
    // Create a ValidateTarget consisting of an X509Certificate
    BinarySecurityTokenType binarySecurityToken = new BinarySecurityTokenType();
    JAXBElement<BinarySecurityTokenType> tokenType = new JAXBElement<BinarySecurityTokenType>(QNameConstants.BINARY_SECURITY_TOKEN, BinarySecurityTokenType.class, binarySecurityToken);
    CryptoType cryptoType = new CryptoType(CryptoType.TYPE.ALIAS);
    cryptoType.setAlias("eve");
    Crypto crypto = CryptoFactory.getInstance(getEveCryptoProperties());
    X509Certificate[] certs = crypto.getX509Certificates(cryptoType);
    assertTrue(certs != null && certs.length > 0);
    binarySecurityToken.setValue(Base64.getMimeEncoder().encodeToString(certs[0].getEncoded()));
    binarySecurityToken.setValueType(X509TokenValidator.X509_V3_TYPE);
    binarySecurityToken.setEncodingType(WSS4JConstants.SOAPMESSAGE_NS + "#Base64Binary");
    ReceivedToken validateTarget = new ReceivedToken(tokenType);
    tokenRequirements.setValidateTarget(validateTarget);
    validatorParameters.setToken(validateTarget);
    assertTrue(x509TokenValidator.canHandleToken(validateTarget));
    TokenValidatorResponse validatorResponse = x509TokenValidator.validateToken(validatorParameters);
    assertTrue(validatorResponse != null);
    assertTrue(validatorResponse.getToken() != null);
    assertTrue(validatorResponse.getToken().getState() == STATE.INVALID);
}
Also used : JAXBElement(javax.xml.bind.JAXBElement) CryptoType(org.apache.wss4j.common.crypto.CryptoType) X509Certificate(java.security.cert.X509Certificate) Crypto(org.apache.wss4j.common.crypto.Crypto) TokenRequirements(org.apache.cxf.sts.request.TokenRequirements) BinarySecurityTokenType(org.apache.cxf.ws.security.sts.provider.model.secext.BinarySecurityTokenType) ReceivedToken(org.apache.cxf.sts.request.ReceivedToken)

Aggregations

BinarySecurityTokenType (org.apache.cxf.ws.security.sts.provider.model.secext.BinarySecurityTokenType)40 ReceivedToken (org.apache.cxf.sts.request.ReceivedToken)26 STSPropertiesMBean (org.apache.cxf.sts.STSPropertiesMBean)20 TokenValidatorResponse (org.apache.cxf.sts.token.validator.TokenValidatorResponse)14 Crypto (org.apache.wss4j.common.crypto.Crypto)14 JAXBElement (javax.xml.bind.JAXBElement)13 Test (org.junit.Test)13 X509Certificate (java.security.cert.X509Certificate)12 WSSecurityException (org.apache.wss4j.common.ext.WSSecurityException)12 RequestData (org.apache.wss4j.dom.handler.RequestData)10 TokenValidatorParameters (org.apache.cxf.sts.token.validator.TokenValidatorParameters)9 Credential (org.apache.wss4j.dom.validate.Credential)9 PKIAuthenticationToken (org.codice.ddf.security.handler.api.PKIAuthenticationToken)9 ArrayList (java.util.ArrayList)7 X500Principal (javax.security.auth.x500.X500Principal)7 TokenValidator (org.apache.cxf.sts.token.validator.TokenValidator)7 WrappedMessageContext (org.apache.cxf.jaxws.context.WrappedMessageContext)6 MessageImpl (org.apache.cxf.message.MessageImpl)6 StaticSTSProperties (org.apache.cxf.sts.StaticSTSProperties)6 RequestSecurityTokenResponseType (org.apache.cxf.ws.security.sts.provider.model.RequestSecurityTokenResponseType)6
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial