Example 21 with SAMLKeyInfo
use of org.apache.wss4j.common.saml.SAMLKeyInfo in project cxf by apache.
the class STSRESTTest method testIssueSymmetricKeySaml1ShortKeyType.
@org.junit.Test
public void testIssueSymmetricKeySaml1ShortKeyType() throws Exception {
WebClient client = webClient().path("saml1.1").query("keyType", "SymmetricKey").accept(MediaType.APPLICATION_XML);
Document assertionDoc = client.get(Document.class);
SamlAssertionWrapper assertion = validateSAMLToken(assertionDoc);
assertTrue(assertion.getSaml2() == null && assertion.getSaml1() != null);
List<String> methods = assertion.getConfirmationMethods();
String confirmMethod = null;
if (methods != null && !methods.isEmpty()) {
confirmMethod = methods.get(0);
}
assertTrue(OpenSAMLUtil.isMethodHolderOfKey(confirmMethod));
SAMLKeyInfo subjectKeyInfo = assertion.getSubjectKeyInfo();
assertNotNull(subjectKeyInfo.getSecret());
}
Also used :
SAMLKeyInfo(org.apache.wss4j.common.saml.SAMLKeyInfo)
SamlAssertionWrapper(org.apache.wss4j.common.saml.SamlAssertionWrapper)
Document(org.w3c.dom.Document)
WebClient(org.apache.cxf.jaxrs.client.WebClient)
Example 22 with SAMLKeyInfo
use of org.apache.wss4j.common.saml.SAMLKeyInfo in project cxf by apache.
the class IssueUnitTest method testPublicKeySaml2.
/**
* Test the Public Key SAML2 case
*/
@org.junit.Test
public void testPublicKeySaml2() throws Exception {
createBus(getClass().getResource("cxf-client.xml").toString());
// Get a token
SecurityToken token = requestSecurityToken(SAML2_TOKEN_TYPE, PUBLIC_KEY_KEYTYPE, bus, DEFAULT_ADDRESS);
assertTrue(token.getSecret() == null && token.getX509Certificate() != null);
assertEquals(SAML2_TOKEN_TYPE, token.getTokenType());
assertNotNull(token.getToken());
// Process the token
List<WSSecurityEngineResult> results = processToken(token);
assertTrue(results != null && results.size() == 1);
SamlAssertionWrapper assertion = (SamlAssertionWrapper) results.get(0).get(WSSecurityEngineResult.TAG_SAML_ASSERTION);
assertNotNull(assertion);
assertTrue(assertion.getSaml1() == null && assertion.getSaml2() != null);
assertTrue(assertion.isSigned());
List<String> methods = assertion.getConfirmationMethods();
String confirmMethod = null;
if (methods != null && !methods.isEmpty()) {
confirmMethod = methods.get(0);
}
assertTrue(OpenSAMLUtil.isMethodHolderOfKey(confirmMethod));
SAMLKeyInfo subjectKeyInfo = assertion.getSubjectKeyInfo();
assertNotNull(subjectKeyInfo.getCerts());
}
Also used :
SecurityToken(org.apache.cxf.ws.security.tokenstore.SecurityToken)
SAMLKeyInfo(org.apache.wss4j.common.saml.SAMLKeyInfo)
SamlAssertionWrapper(org.apache.wss4j.common.saml.SamlAssertionWrapper)
WSSecurityEngineResult(org.apache.wss4j.dom.engine.WSSecurityEngineResult)
Example 23 with SAMLKeyInfo
use of org.apache.wss4j.common.saml.SAMLKeyInfo in project cxf by apache.
the class SCTTokenValidator method validate.
public Credential validate(Credential credential, RequestData data) throws WSSecurityException {
Credential validatedCredential = super.validate(credential, data);
SamlAssertionWrapper transformedToken = validatedCredential.getTransformedToken();
if (transformedToken == null || transformedToken.getSaml2() == null || !"DoubleItSTSIssuer".equals(transformedToken.getIssuerString())) {
throw new WSSecurityException(WSSecurityException.ErrorCode.FAILURE);
}
transformedToken.parseSubject(new WSSSAMLKeyInfoProcessor(data), data.getSigVerCrypto(), data.getCallbackHandler());
SAMLKeyInfo keyInfo = transformedToken.getSubjectKeyInfo();
byte[] secret = keyInfo.getSecret();
validatedCredential.setSecretKey(secret);
return validatedCredential;
}
Also used :
Credential(org.apache.wss4j.dom.validate.Credential)
SAMLKeyInfo(org.apache.wss4j.common.saml.SAMLKeyInfo)
SamlAssertionWrapper(org.apache.wss4j.common.saml.SamlAssertionWrapper)
WSSecurityException(org.apache.wss4j.common.ext.WSSecurityException)
WSSSAMLKeyInfoProcessor(org.apache.wss4j.dom.saml.WSSSAMLKeyInfoProcessor)
Aggregations
SAMLKeyInfo (org.apache.wss4j.common.saml.SAMLKeyInfo)23
SamlAssertionWrapper (org.apache.wss4j.common.saml.SamlAssertionWrapper)12
WSSSAMLKeyInfoProcessor (org.apache.wss4j.dom.saml.WSSSAMLKeyInfoProcessor)10
WSSecurityException (org.apache.wss4j.common.ext.WSSecurityException)9
WSDocInfo (org.apache.wss4j.dom.WSDocInfo)9
RequestData (org.apache.wss4j.dom.handler.RequestData)9
WSSConfig (org.apache.wss4j.dom.engine.WSSConfig)8
Credential (org.apache.wss4j.dom.validate.Credential)8
X509Certificate (java.security.cert.X509Certificate)7
KeyInfo (org.opensaml.xmlsec.signature.KeyInfo)7
WSSecurityEngineResult (org.apache.wss4j.dom.engine.WSSecurityEngineResult)5
Document (org.w3c.dom.Document)5
WebClient (org.apache.cxf.jaxrs.client.WebClient)4
SecurityToken (org.apache.cxf.ws.security.tokenstore.SecurityToken)4
BasicX509Credential (org.opensaml.security.x509.BasicX509Credential)4
Signature (org.opensaml.xmlsec.signature.Signature)4
IOException (java.io.IOException)3
PublicKey (java.security.PublicKey)3
STSPropertiesMBean (org.apache.cxf.sts.STSPropertiesMBean)3
Crypto (org.apache.wss4j.common.crypto.Crypto)3
