Examples with AccessTokenService org.apache.syncope.common.rest.api.service.AccessTokenService used on opensource projects

Search in sources :

Example 6 with AccessTokenService

use of org.apache.syncope.common.rest.api.service.AccessTokenService in project syncope by apache.

the class JWTITCase method getJWTToken.

@Test
public void getJWTToken() throws ParseException {
    // Get the token
    SyncopeClient localClient = clientFactory.create(ADMIN_UNAME, ADMIN_PWD);
    AccessTokenService accessTokenService = localClient.getService(AccessTokenService.class);
    Response response = accessTokenService.login();
    String token = response.getHeaderString(RESTHeaders.TOKEN);
    assertNotNull(token);
    String expiry = response.getHeaderString(RESTHeaders.TOKEN_EXPIRE);
    assertNotNull(expiry);
    // Validate the signature
    JwsJwtCompactConsumer consumer = new JwsJwtCompactConsumer(token);
    JwsSignatureVerifier jwsSignatureVerifier = new HmacJwsSignatureVerifier(JWS_KEY.getBytes(), SignatureAlgorithm.HS512);
    assertTrue(consumer.verifySignatureWith(jwsSignatureVerifier));
    Date now = new Date();
    // Verify the expiry header matches that of the token
    Long expiryTime = consumer.getJwtClaims().getExpiryTime();
    assertNotNull(expiryTime);
    SimpleDateFormat dateFormat = new SimpleDateFormat("yyyy-MM-dd'T'HH:mm:ssXXX");
    Date tokenDate = dateFormat.parse(dateFormat.format(new Date(expiryTime * 1000L)));
    Date parsedDate = dateFormat.parse(expiry);
    assertEquals(tokenDate, parsedDate);
    assertTrue(parsedDate.after(now));
    // Verify issuedAt
    Long issuedAt = consumer.getJwtClaims().getIssuedAt();
    assertNotNull(issuedAt);
    assertTrue(new Date(issuedAt).before(now));
    // Validate subject + issuer
    assertEquals(ADMIN_UNAME, consumer.getJwtClaims().getSubject());
    assertEquals(JWT_ISSUER, consumer.getJwtClaims().getIssuer());
    // Verify NotBefore
    Long notBefore = consumer.getJwtClaims().getNotBefore();
    assertNotNull(notBefore);
    assertTrue(new Date(notBefore).before(now));
}
Also used : Response(javax.ws.rs.core.Response) HmacJwsSignatureVerifier(org.apache.cxf.rs.security.jose.jws.HmacJwsSignatureVerifier) JwsSignatureVerifier(org.apache.cxf.rs.security.jose.jws.JwsSignatureVerifier) AccessTokenService(org.apache.syncope.common.rest.api.service.AccessTokenService) HmacJwsSignatureVerifier(org.apache.cxf.rs.security.jose.jws.HmacJwsSignatureVerifier) JwsJwtCompactConsumer(org.apache.cxf.rs.security.jose.jws.JwsJwtCompactConsumer) SimpleDateFormat(java.text.SimpleDateFormat) SyncopeClient(org.apache.syncope.client.lib.SyncopeClient) Date(java.util.Date) Test(org.junit.jupiter.api.Test)

Example 7 with AccessTokenService

use of org.apache.syncope.common.rest.api.service.AccessTokenService in project syncope by apache.

the class JWTITCase method noneSignature.

@Test
public void noneSignature() throws ParseException {
    // Get an initial token
    SyncopeClient localClient = clientFactory.create(ADMIN_UNAME, ADMIN_PWD);
    AccessTokenService accessTokenService = localClient.getService(AccessTokenService.class);
    Response response = accessTokenService.login();
    String token = response.getHeaderString(RESTHeaders.TOKEN);
    assertNotNull(token);
    JwsJwtCompactConsumer consumer = new JwsJwtCompactConsumer(token);
    String tokenId = consumer.getJwtClaims().getTokenId();
    // Create a new token using the Id of the first token
    JwtClaims jwtClaims = new JwtClaims();
    jwtClaims.setTokenId(tokenId);
    jwtClaims.setSubject(consumer.getJwtClaims().getSubject());
    jwtClaims.setIssuedAt(consumer.getJwtClaims().getIssuedAt());
    jwtClaims.setIssuer(consumer.getJwtClaims().getIssuer());
    jwtClaims.setExpiryTime(consumer.getJwtClaims().getExpiryTime());
    jwtClaims.setNotBefore(consumer.getJwtClaims().getNotBefore());
    JwsHeaders jwsHeaders = new JwsHeaders(JoseType.JWT, SignatureAlgorithm.NONE);
    JwtToken jwtToken = new JwtToken(jwsHeaders, jwtClaims);
    JwsJwtCompactProducer producer = new JwsJwtCompactProducer(jwtToken);
    JwsSignatureProvider jwsSignatureProvider = new NoneJwsSignatureProvider();
    String signed = producer.signWith(jwsSignatureProvider);
    SyncopeClient jwtClient = clientFactory.create(signed);
    UserSelfService jwtUserSelfService = jwtClient.getService(UserSelfService.class);
    try {
        jwtUserSelfService.read();
        fail("Failure expected on no signature");
    } catch (AccessControlException ex) {
    // expected
    }
}
Also used : JwtClaims(org.apache.cxf.rs.security.jose.jwt.JwtClaims) UserSelfService(org.apache.syncope.common.rest.api.service.UserSelfService) AccessControlException(java.security.AccessControlException) SyncopeClient(org.apache.syncope.client.lib.SyncopeClient) Response(javax.ws.rs.core.Response) JwtToken(org.apache.cxf.rs.security.jose.jwt.JwtToken) JwsHeaders(org.apache.cxf.rs.security.jose.jws.JwsHeaders) JwsJwtCompactProducer(org.apache.cxf.rs.security.jose.jws.JwsJwtCompactProducer) AccessTokenService(org.apache.syncope.common.rest.api.service.AccessTokenService) JwsJwtCompactConsumer(org.apache.cxf.rs.security.jose.jws.JwsJwtCompactConsumer) NoneJwsSignatureProvider(org.apache.cxf.rs.security.jose.jws.NoneJwsSignatureProvider) JwsSignatureProvider(org.apache.cxf.rs.security.jose.jws.JwsSignatureProvider) NoneJwsSignatureProvider(org.apache.cxf.rs.security.jose.jws.NoneJwsSignatureProvider) HmacJwsSignatureProvider(org.apache.cxf.rs.security.jose.jws.HmacJwsSignatureProvider) Test(org.junit.jupiter.api.Test)

Example 8 with AccessTokenService

use of org.apache.syncope.common.rest.api.service.AccessTokenService in project syncope by apache.

the class JWTITCase method tokenValidation.

@Test
public void tokenValidation() throws ParseException {
    // Get an initial token
    SyncopeClient localClient = clientFactory.create(ADMIN_UNAME, ADMIN_PWD);
    AccessTokenService accessTokenService = localClient.getService(AccessTokenService.class);
    Response response = accessTokenService.login();
    String token = response.getHeaderString(RESTHeaders.TOKEN);
    assertNotNull(token);
    JwsJwtCompactConsumer consumer = new JwsJwtCompactConsumer(token);
    String tokenId = consumer.getJwtClaims().getTokenId();
    // Create a new token using the Id of the first token
    Date now = new Date();
    long currentTime = now.getTime() / 1000L;
    Calendar expiry = Calendar.getInstance();
    expiry.setTime(now);
    expiry.add(Calendar.MINUTE, 5);
    JwtClaims jwtClaims = new JwtClaims();
    jwtClaims.setTokenId(tokenId);
    jwtClaims.setSubject(ADMIN_UNAME);
    jwtClaims.setIssuedAt(currentTime);
    jwtClaims.setIssuer(JWT_ISSUER);
    jwtClaims.setExpiryTime(expiry.getTime().getTime() / 1000L);
    jwtClaims.setNotBefore(currentTime);
    JwsHeaders jwsHeaders = new JwsHeaders(JoseType.JWT, SignatureAlgorithm.HS512);
    JwtToken jwtToken = new JwtToken(jwsHeaders, jwtClaims);
    JwsJwtCompactProducer producer = new JwsJwtCompactProducer(jwtToken);
    JwsSignatureProvider jwsSignatureProvider = new HmacJwsSignatureProvider(JWS_KEY.getBytes(), SignatureAlgorithm.HS512);
    String signed = producer.signWith(jwsSignatureProvider);
    SyncopeClient jwtClient = clientFactory.create(signed);
    UserSelfService jwtUserSelfService = jwtClient.getService(UserSelfService.class);
    jwtUserSelfService.read();
}
Also used : JwtClaims(org.apache.cxf.rs.security.jose.jwt.JwtClaims) UserSelfService(org.apache.syncope.common.rest.api.service.UserSelfService) Calendar(java.util.Calendar) SyncopeClient(org.apache.syncope.client.lib.SyncopeClient) Date(java.util.Date) Response(javax.ws.rs.core.Response) JwtToken(org.apache.cxf.rs.security.jose.jwt.JwtToken) JwsHeaders(org.apache.cxf.rs.security.jose.jws.JwsHeaders) JwsJwtCompactProducer(org.apache.cxf.rs.security.jose.jws.JwsJwtCompactProducer) AccessTokenService(org.apache.syncope.common.rest.api.service.AccessTokenService) HmacJwsSignatureProvider(org.apache.cxf.rs.security.jose.jws.HmacJwsSignatureProvider) JwsJwtCompactConsumer(org.apache.cxf.rs.security.jose.jws.JwsJwtCompactConsumer) JwsSignatureProvider(org.apache.cxf.rs.security.jose.jws.JwsSignatureProvider) NoneJwsSignatureProvider(org.apache.cxf.rs.security.jose.jws.NoneJwsSignatureProvider) HmacJwsSignatureProvider(org.apache.cxf.rs.security.jose.jws.HmacJwsSignatureProvider) Test(org.junit.jupiter.api.Test)

Aggregations

Response (javax.ws.rs.core.Response)8 SyncopeClient (org.apache.syncope.client.lib.SyncopeClient)8 AccessTokenService (org.apache.syncope.common.rest.api.service.AccessTokenService)8 Test (org.junit.jupiter.api.Test)8 UserSelfService (org.apache.syncope.common.rest.api.service.UserSelfService)7 Date (java.util.Date)6 HmacJwsSignatureProvider (org.apache.cxf.rs.security.jose.jws.HmacJwsSignatureProvider)6 JwsHeaders (org.apache.cxf.rs.security.jose.jws.JwsHeaders)6 JwsJwtCompactConsumer (org.apache.cxf.rs.security.jose.jws.JwsJwtCompactConsumer)6 JwsJwtCompactProducer (org.apache.cxf.rs.security.jose.jws.JwsJwtCompactProducer)6 JwsSignatureProvider (org.apache.cxf.rs.security.jose.jws.JwsSignatureProvider)6 NoneJwsSignatureProvider (org.apache.cxf.rs.security.jose.jws.NoneJwsSignatureProvider)6 JwtClaims (org.apache.cxf.rs.security.jose.jwt.JwtClaims)6 JwtToken (org.apache.cxf.rs.security.jose.jwt.JwtToken)6 AccessControlException (java.security.AccessControlException)5 Calendar (java.util.Calendar)5 SimpleDateFormat (java.text.SimpleDateFormat)1 WebServiceException (javax.xml.ws.WebServiceException)1 HmacJwsSignatureVerifier (org.apache.cxf.rs.security.jose.jws.HmacJwsSignatureVerifier)1 JwsSignatureVerifier (org.apache.cxf.rs.security.jose.jws.JwsSignatureVerifier)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial