Search in sources :

Example 26 with BinarySecurityTokenType

use of org.apache.cxf.ws.security.sts.provider.model.secext.BinarySecurityTokenType in project ddf by codice.

the class TestPKITokenValidator method testValidateToken.

@Test
public void testValidateToken() {
    BinarySecurityTokenType binarySecurityTokenType = new BinarySecurityTokenType();
    binarySecurityTokenType.setEncodingType(WSConstants.SOAPMESSAGE_NS + "#Base64Binary");
    binarySecurityTokenType.setValueType(PKIAuthenticationToken.PKI_TOKEN_VALUE_TYPE);
    PKIAuthenticationTokenFactory pkiAuthenticationTokenFactory = new PKIAuthenticationTokenFactory();
    pkiAuthenticationTokenFactory.setSignaturePropertiesPath(TestPKITokenValidator.class.getResource("/signature.properties").getPath());
    pkiAuthenticationTokenFactory.init();
    PKIAuthenticationToken pkiAuthenticationToken = pkiAuthenticationTokenFactory.getTokenFromCerts(certificates, "karaf");
    binarySecurityTokenType.setValue(pkiAuthenticationToken.getEncodedCredentials());
    ReceivedToken receivedToken = mock(ReceivedToken.class);
    when(receivedToken.getToken()).thenReturn(binarySecurityTokenType);
    TokenValidatorParameters tokenValidatorParameters = mock(TokenValidatorParameters.class);
    STSPropertiesMBean stsPropertiesMBean = mock(STSPropertiesMBean.class);
    when(stsPropertiesMBean.getSignatureCrypto()).thenReturn(merlin);
    when(tokenValidatorParameters.getStsProperties()).thenReturn(stsPropertiesMBean);
    when(tokenValidatorParameters.getToken()).thenReturn(receivedToken);
    doCallRealMethod().when(receivedToken).setState(any(ReceivedToken.STATE.class));
    doCallRealMethod().when(receivedToken).getState();
    TokenValidatorResponse tokenValidatorResponse = pkiTokenValidator.validateToken(tokenValidatorParameters);
    assertEquals(ReceivedToken.STATE.VALID, tokenValidatorResponse.getToken().getState());
    assertEquals("US", tokenValidatorResponse.getAdditionalProperties().get(SubjectUtils.COUNTRY_CLAIM_URI));
    assertEquals("localhost@example.org", tokenValidatorResponse.getAdditionalProperties().get(SubjectUtils.EMAIL_ADDRESS_CLAIM_URI));
}
Also used : TokenValidatorParameters(org.apache.cxf.sts.token.validator.TokenValidatorParameters) PKIAuthenticationToken(org.codice.ddf.security.handler.api.PKIAuthenticationToken) BinarySecurityTokenType(org.apache.cxf.ws.security.sts.provider.model.secext.BinarySecurityTokenType) PKIAuthenticationTokenFactory(org.codice.ddf.security.handler.api.PKIAuthenticationTokenFactory) STSPropertiesMBean(org.apache.cxf.sts.STSPropertiesMBean) TokenValidatorResponse(org.apache.cxf.sts.token.validator.TokenValidatorResponse) ReceivedToken(org.apache.cxf.sts.request.ReceivedToken) Test(org.junit.Test)

Example 27 with BinarySecurityTokenType

use of org.apache.cxf.ws.security.sts.provider.model.secext.BinarySecurityTokenType in project ddf by codice.

the class TestPKITokenValidator method testCanHandleToken.

@Test
public void testCanHandleToken() {
    BinarySecurityTokenType binarySecurityTokenType = new BinarySecurityTokenType();
    binarySecurityTokenType.setEncodingType(WSConstants.SOAPMESSAGE_NS + "#Base64Binary");
    binarySecurityTokenType.setValueType(PKIAuthenticationToken.PKI_TOKEN_VALUE_TYPE);
    PKIAuthenticationTokenFactory pkiAuthenticationTokenFactory = new PKIAuthenticationTokenFactory();
    pkiAuthenticationTokenFactory.setSignaturePropertiesPath(TestPKITokenValidator.class.getResource("/signature.properties").getPath());
    pkiAuthenticationTokenFactory.init();
    PKIAuthenticationToken pkiAuthenticationToken = pkiAuthenticationTokenFactory.getTokenFromCerts(certificates, "karaf");
    binarySecurityTokenType.setValue(pkiAuthenticationToken.getEncodedCredentials());
    ReceivedToken receivedToken = mock(ReceivedToken.class);
    when(receivedToken.getToken()).thenReturn(binarySecurityTokenType);
    boolean result = pkiTokenValidator.canHandleToken(receivedToken);
    assertEquals(true, result);
}
Also used : PKIAuthenticationToken(org.codice.ddf.security.handler.api.PKIAuthenticationToken) BinarySecurityTokenType(org.apache.cxf.ws.security.sts.provider.model.secext.BinarySecurityTokenType) PKIAuthenticationTokenFactory(org.codice.ddf.security.handler.api.PKIAuthenticationTokenFactory) ReceivedToken(org.apache.cxf.sts.request.ReceivedToken) Test(org.junit.Test)

Aggregations

BinarySecurityTokenType (org.apache.cxf.ws.security.sts.provider.model.secext.BinarySecurityTokenType)27 ReceivedToken (org.apache.cxf.sts.request.ReceivedToken)21 STSPropertiesMBean (org.apache.cxf.sts.STSPropertiesMBean)13 Test (org.junit.Test)13 TokenValidatorResponse (org.apache.cxf.sts.token.validator.TokenValidatorResponse)12 WSSecurityException (org.apache.wss4j.common.ext.WSSecurityException)11 TokenValidatorParameters (org.apache.cxf.sts.token.validator.TokenValidatorParameters)9 Crypto (org.apache.wss4j.common.crypto.Crypto)9 RequestData (org.apache.wss4j.dom.handler.RequestData)9 PKIAuthenticationToken (org.codice.ddf.security.handler.api.PKIAuthenticationToken)9 Credential (org.apache.wss4j.dom.validate.Credential)8 X509Certificate (java.security.cert.X509Certificate)7 X500Principal (javax.security.auth.x500.X500Principal)7 PKIAuthenticationTokenFactory (org.codice.ddf.security.handler.api.PKIAuthenticationTokenFactory)6 CallbackHandler (javax.security.auth.callback.CallbackHandler)4 Document (org.w3c.dom.Document)4 JAXBElement (javax.xml.bind.JAXBElement)3 QName (javax.xml.namespace.QName)3 TokenDelegationResponse (org.apache.cxf.sts.token.delegation.TokenDelegationResponse)3 BinarySecurity (org.apache.wss4j.common.token.BinarySecurity)3