Search in sources :

Example 1 with VideographerPrincipal

use of org.codice.alliance.video.security.principal.videographer.VideographerPrincipal in project alliance by codice.

the class VideographerClaimsHandlerTest method testOtherClaim.

@Test
public void testOtherClaim() throws URISyntaxException {
    claimsHandler = new VideographerClaimsHandler();
    requestClaims = new ClaimCollection();
    Claim requestClaim = new Claim();
    URI fooURI = new URI("http://schemas.xmlsoap.org/ws/2005/05/identity/claims/foobar");
    requestClaim.setClaimType(fooURI);
    requestClaim.setOptional(true);
    requestClaims.add(requestClaim);
    claimsParameters = new ClaimsParameters();
    claimsParameters.setPrincipal(new VideographerPrincipal(IP_ADDR));
    claimsCollection = claimsHandler.retrieveClaimValues(requestClaims, claimsParameters);
    assertThat(claimsCollection, contains(getIpClaim()));
}
Also used : ClaimCollection(org.apache.cxf.rt.security.claims.ClaimCollection) ProcessedClaimCollection(org.apache.cxf.sts.claims.ProcessedClaimCollection) URI(java.net.URI) VideographerPrincipal(org.codice.alliance.video.security.principal.videographer.VideographerPrincipal) ProcessedClaim(org.apache.cxf.sts.claims.ProcessedClaim) Claim(org.apache.cxf.rt.security.claims.Claim) ClaimsParameters(org.apache.cxf.sts.claims.ClaimsParameters) Test(org.junit.Test)

Example 2 with VideographerPrincipal

use of org.codice.alliance.video.security.principal.videographer.VideographerPrincipal in project alliance by codice.

the class VideographerClaimsHandlerTest method testNameClaim.

@SuppressWarnings("unchecked")
@Test
public void testNameClaim() throws URISyntaxException {
    claimsHandler = new VideographerClaimsHandler();
    claimsHandler.setAttributes(Collections.singletonList(CLAIM1));
    requestClaims = new ClaimCollection();
    Claim requestClaim = new Claim();
    URI nameURI = new URI(CLAIM_URI_1);
    requestClaim.setClaimType(nameURI);
    requestClaims.add(requestClaim);
    claimsParameters = new ClaimsParameters();
    claimsParameters.setPrincipal(new VideographerPrincipal(IP_ADDR));
    claimsCollection = claimsHandler.retrieveClaimValues(requestClaims, claimsParameters);
    assertThat(claimsCollection, containsInAnyOrder(getNameClaim(nameURI), getIpClaim()));
}
Also used : ClaimCollection(org.apache.cxf.rt.security.claims.ClaimCollection) ProcessedClaimCollection(org.apache.cxf.sts.claims.ProcessedClaimCollection) URI(java.net.URI) VideographerPrincipal(org.codice.alliance.video.security.principal.videographer.VideographerPrincipal) ProcessedClaim(org.apache.cxf.sts.claims.ProcessedClaim) Claim(org.apache.cxf.rt.security.claims.Claim) ClaimsParameters(org.apache.cxf.sts.claims.ClaimsParameters) Test(org.junit.Test)

Example 3 with VideographerPrincipal

use of org.codice.alliance.video.security.principal.videographer.VideographerPrincipal in project alliance by codice.

the class VideographerClaimsHandler method retrieveClaimValues.

@Override
public ProcessedClaimCollection retrieveClaimValues(ClaimCollection claims, ClaimsParameters parameters) {
    ProcessedClaimCollection claimsColl = new ProcessedClaimCollection();
    Principal principal = parameters.getPrincipal();
    if (principal instanceof VideographerPrincipal) {
        for (Claim claim : claims) {
            URI claimType = claim.getClaimType();
            List<String> value = claimsMap.get(claimType);
            if (value != null) {
                ProcessedClaim c = new ProcessedClaim();
                c.setClaimType(claimType);
                c.setPrincipal(principal);
                value.forEach(c::addValue);
                claimsColl.add(c);
            }
        }
        String ipAddress = ((VideographerPrincipal) principal).getAddress();
        if (ipAddress != null) {
            try {
                ProcessedClaim ipClaim = new ProcessedClaim();
                ipClaim.setClaimType(new URI(IP_ADDRESS_CLAIMS_KEY));
                ipClaim.setPrincipal(principal);
                ipClaim.addValue(ipAddress);
                claimsColl.add(ipClaim);
            } catch (URISyntaxException e) {
                LOGGER.debug("Claims mapping cannot be converted to a URI. Ip claim will be excluded", e);
            }
        }
    }
    return claimsColl;
}
Also used : ProcessedClaimCollection(org.apache.cxf.sts.claims.ProcessedClaimCollection) ProcessedClaim(org.apache.cxf.sts.claims.ProcessedClaim) URISyntaxException(java.net.URISyntaxException) VideographerPrincipal(org.codice.alliance.video.security.principal.videographer.VideographerPrincipal) URI(java.net.URI) VideographerPrincipal(org.codice.alliance.video.security.principal.videographer.VideographerPrincipal) Principal(java.security.Principal) ProcessedClaim(org.apache.cxf.sts.claims.ProcessedClaim) Claim(org.apache.cxf.rt.security.claims.Claim)

Example 4 with VideographerPrincipal

use of org.codice.alliance.video.security.principal.videographer.VideographerPrincipal in project alliance by codice.

the class VideographerValidator method validateToken.

@Override
public TokenValidatorResponse validateToken(TokenValidatorParameters tokenParameters) {
    TokenValidatorResponse response = new TokenValidatorResponse();
    ReceivedToken validateTarget = tokenParameters.getToken();
    validateTarget.setState(ReceivedToken.STATE.INVALID);
    VideographerAuthenticationToken videographerToken = getVideographerTokenFromTarget(validateTarget);
    response.setToken(validateTarget);
    if (videographerToken != null) {
        response.setPrincipal(new VideographerPrincipal(videographerToken.getIpAddress()));
        if (videographerToken.getRealm() != null) {
            if ((supportedRealms.contains(videographerToken.getRealm()) || WILDCARD.equals(videographerToken.getRealm())) && videographerToken.getCredentials().equals(VideographerAuthenticationToken.VIDEOGRAPHER_CREDENTIALS) && validIpAddress(videographerToken.getIpAddress())) {
                validateTarget.setState(ReceivedToken.STATE.VALID);
                validateTarget.setPrincipal(new VideographerPrincipal(videographerToken.getIpAddress()));
            }
        } else if (videographerToken.getCredentials().equals(VideographerAuthenticationToken.VIDEOGRAPHER_CREDENTIALS) && validIpAddress(videographerToken.getIpAddress())) {
            validateTarget.setState(ReceivedToken.STATE.VALID);
            validateTarget.setPrincipal(new VideographerPrincipal(videographerToken.getIpAddress()));
        }
    }
    return response;
}
Also used : VideographerAuthenticationToken(org.codice.alliance.video.security.token.videographer.VideographerAuthenticationToken) TokenValidatorResponse(org.apache.cxf.sts.token.validator.TokenValidatorResponse) ReceivedToken(org.apache.cxf.sts.request.ReceivedToken) VideographerPrincipal(org.codice.alliance.video.security.principal.videographer.VideographerPrincipal)

Example 5 with VideographerPrincipal

use of org.codice.alliance.video.security.principal.videographer.VideographerPrincipal in project alliance by codice.

the class VideographerClaimsHandlerTest method testEmailClaim.

@SuppressWarnings("unchecked")
@Test
public void testEmailClaim() throws URISyntaxException {
    claimsHandler = new VideographerClaimsHandler();
    claimsHandler.setAttributes(Collections.singletonList(CLAIM_URI_2 + "=" + CLAIM_VALUE_2A + "|" + CLAIM_VALUE_2B + "|" + CLAIM_VALUE_2C));
    requestClaims = new ClaimCollection();
    Claim requestClaim = new Claim();
    URI emailURI = new URI(CLAIM_URI_2);
    requestClaim.setClaimType(emailURI);
    requestClaims.add(requestClaim);
    claimsParameters = new ClaimsParameters();
    claimsParameters.setPrincipal(new VideographerPrincipal(IP_ADDR));
    claimsCollection = claimsHandler.retrieveClaimValues(requestClaims, claimsParameters);
    assertThat(claimsCollection, containsInAnyOrder(getEmailClaim(emailURI), getIpClaim()));
}
Also used : ClaimCollection(org.apache.cxf.rt.security.claims.ClaimCollection) ProcessedClaimCollection(org.apache.cxf.sts.claims.ProcessedClaimCollection) URI(java.net.URI) VideographerPrincipal(org.codice.alliance.video.security.principal.videographer.VideographerPrincipal) ProcessedClaim(org.apache.cxf.sts.claims.ProcessedClaim) Claim(org.apache.cxf.rt.security.claims.Claim) ClaimsParameters(org.apache.cxf.sts.claims.ClaimsParameters) Test(org.junit.Test)

Aggregations

VideographerPrincipal (org.codice.alliance.video.security.principal.videographer.VideographerPrincipal)5 URI (java.net.URI)4 Claim (org.apache.cxf.rt.security.claims.Claim)4 ProcessedClaim (org.apache.cxf.sts.claims.ProcessedClaim)4 ProcessedClaimCollection (org.apache.cxf.sts.claims.ProcessedClaimCollection)4 ClaimCollection (org.apache.cxf.rt.security.claims.ClaimCollection)3 ClaimsParameters (org.apache.cxf.sts.claims.ClaimsParameters)3 Test (org.junit.Test)3 URISyntaxException (java.net.URISyntaxException)1 Principal (java.security.Principal)1 ReceivedToken (org.apache.cxf.sts.request.ReceivedToken)1 TokenValidatorResponse (org.apache.cxf.sts.token.validator.TokenValidatorResponse)1 VideographerAuthenticationToken (org.codice.alliance.video.security.token.videographer.VideographerAuthenticationToken)1