Examples with RequestType org.opensaml.xacml.ctx.RequestType used on opensource projects

Search in sources :

Example 1 with RequestType

use of org.opensaml.xacml.ctx.RequestType in project cxf by apache.

the class SamlRequestComponentBuilderTest method testCreateXACMLSamlAuthzQueryRequest.

@org.junit.Test
public void testCreateXACMLSamlAuthzQueryRequest() throws Exception {
    Document doc = docBuilder.newDocument();
    // 
    // Create XACML request
    // 
    // Subject
    AttributeValueType subjectIdAttributeValue = RequestComponentBuilder.createAttributeValueType("alice-user@apache.org");
    AttributeType subjectIdAttribute = RequestComponentBuilder.createAttributeType(XACMLConstants.SUBJECT_ID, XACMLConstants.RFC_822_NAME, null, Collections.singletonList(subjectIdAttributeValue));
    AttributeValueType subjectGroupAttributeValue = RequestComponentBuilder.createAttributeValueType("manager");
    AttributeType subjectGroupAttribute = RequestComponentBuilder.createAttributeType(XACMLConstants.SUBJECT_ROLE, XACMLConstants.XS_ANY_URI, "admin-user@apache.org", Collections.singletonList(subjectGroupAttributeValue));
    List<AttributeType> attributes = new ArrayList<>();
    attributes.add(subjectIdAttribute);
    attributes.add(subjectGroupAttribute);
    SubjectType subject = RequestComponentBuilder.createSubjectType(attributes, null);
    // Resource
    AttributeValueType resourceAttributeValue = RequestComponentBuilder.createAttributeValueType("{http://www.example.org/contract/DoubleIt}DoubleIt");
    AttributeType resourceAttribute = RequestComponentBuilder.createAttributeType(XACMLConstants.RESOURCE_ID, XACMLConstants.XS_STRING, null, Collections.singletonList(resourceAttributeValue));
    attributes.clear();
    attributes.add(resourceAttribute);
    ResourceType resource = RequestComponentBuilder.createResourceType(attributes, null);
    // Action
    AttributeValueType actionAttributeValue = RequestComponentBuilder.createAttributeValueType("execute");
    AttributeType actionAttribute = RequestComponentBuilder.createAttributeType(XACMLConstants.ACTION_ID, XACMLConstants.XS_STRING, null, Collections.singletonList(actionAttributeValue));
    attributes.clear();
    attributes.add(actionAttribute);
    ActionType action = RequestComponentBuilder.createActionType(attributes);
    // Request
    RequestType request = RequestComponentBuilder.createRequestType(Collections.singletonList(subject), Collections.singletonList(resource), action, null);
    // 
    // Create SAML wrapper
    // 
    XACMLAuthzDecisionQueryType authzQuery = SamlRequestComponentBuilder.createAuthzDecisionQuery("Issuer", request, SAMLProfileConstants.SAML20XACML20P_NS);
    Element policyElement = OpenSAMLUtil.toDom(authzQuery, doc);
    // String outputString = DOM2Writer.nodeToString(policyElement);
    assertNotNull(policyElement);
}
Also used : SubjectType(org.opensaml.xacml.ctx.SubjectType) ActionType(org.opensaml.xacml.ctx.ActionType) XACMLAuthzDecisionQueryType(org.opensaml.xacml.profile.saml.XACMLAuthzDecisionQueryType) AttributeValueType(org.opensaml.xacml.ctx.AttributeValueType) AttributeType(org.opensaml.xacml.ctx.AttributeType) Element(org.w3c.dom.Element) ArrayList(java.util.ArrayList) ResourceType(org.opensaml.xacml.ctx.ResourceType) Document(org.w3c.dom.Document) RequestType(org.opensaml.xacml.ctx.RequestType)

Example 2 with RequestType

use of org.opensaml.xacml.ctx.RequestType in project cxf by apache.

the class XACMLRequestBuilderTest method testSOAPResourceDifferentNamespace.

@org.junit.Test
public void testSOAPResourceDifferentNamespace() throws Exception {
    // Mock up a request
    Principal principal = new Principal() {

        public String getName() {
            return "alice";
        }
    };
    String operation = "{http://www.example.org/contract/DoubleIt}DoubleIt";
    MessageImpl msg = new MessageImpl();
    msg.put(Message.WSDL_OPERATION, QName.valueOf(operation));
    String service = "{http://www.example.org/contract/DoubleItService}DoubleItService";
    msg.put(Message.WSDL_SERVICE, QName.valueOf(service));
    String resourceURL = "https://localhost:8080/doubleit";
    msg.put(Message.REQUEST_URL, resourceURL);
    XACMLRequestBuilder builder = new DefaultXACMLRequestBuilder();
    RequestType request = builder.createRequest(principal, Collections.singletonList("manager"), msg);
    assertNotNull(request);
    List<ResourceType> resources = request.getResources();
    assertNotNull(resources);
    assertEquals(1, resources.size());
    ResourceType resource = resources.get(0);
    assertEquals(4, resource.getAttributes().size());
    boolean resourceIdSatisfied = false;
    boolean soapServiceSatisfied = false;
    boolean soapOperationSatisfied = false;
    boolean resourceURISatisfied = false;
    String expectedResourceId = service + "#" + operation;
    for (AttributeType attribute : resource.getAttributes()) {
        String attributeValue = attribute.getAttributeValues().get(0).getValue();
        if (XACMLConstants.RESOURCE_ID.equals(attribute.getAttributeId()) && expectedResourceId.equals(attributeValue)) {
            resourceIdSatisfied = true;
        } else if (XACMLConstants.RESOURCE_WSDL_SERVICE_ID.equals(attribute.getAttributeId()) && service.equals(attributeValue)) {
            soapServiceSatisfied = true;
        } else if (XACMLConstants.RESOURCE_WSDL_OPERATION_ID.equals(attribute.getAttributeId()) && operation.equals(attributeValue)) {
            soapOperationSatisfied = true;
        } else if (XACMLConstants.RESOURCE_WSDL_ENDPOINT.equals(attribute.getAttributeId()) && resourceURL.equals(attributeValue)) {
            resourceURISatisfied = true;
        }
    }
    assertTrue(resourceIdSatisfied && soapServiceSatisfied && soapOperationSatisfied && resourceURISatisfied);
}
Also used : AttributeType(org.opensaml.xacml.ctx.AttributeType) ResourceType(org.opensaml.xacml.ctx.ResourceType) MessageImpl(org.apache.cxf.message.MessageImpl) Principal(java.security.Principal) RequestType(org.opensaml.xacml.ctx.RequestType)

Example 3 with RequestType

use of org.opensaml.xacml.ctx.RequestType in project cxf by apache.

the class XACMLRequestBuilderTest method testEnvironment.

@org.junit.Test
public void testEnvironment() throws Exception {
    // Mock up a request
    Principal principal = new Principal() {

        public String getName() {
            return "alice";
        }
    };
    String operation = "{http://www.example.org/contract/DoubleIt}DoubleIt";
    MessageImpl msg = new MessageImpl();
    msg.put(Message.WSDL_OPERATION, QName.valueOf(operation));
    String service = "{http://www.example.org/contract/DoubleIt}DoubleItService";
    msg.put(Message.WSDL_SERVICE, QName.valueOf(service));
    String resourceURL = "https://localhost:8080/doubleit";
    msg.put(Message.REQUEST_URL, resourceURL);
    XACMLRequestBuilder builder = new DefaultXACMLRequestBuilder();
    RequestType request = builder.createRequest(principal, Collections.singletonList("manager"), msg);
    assertNotNull(request);
    assertFalse(request.getEnvironment().getAttributes().isEmpty());
    ((DefaultXACMLRequestBuilder) builder).setSendDateTime(false);
    request = builder.createRequest(principal, Collections.singletonList("manager"), msg);
    assertNotNull(request);
    assertTrue(request.getEnvironment().getAttributes().isEmpty());
}
Also used : MessageImpl(org.apache.cxf.message.MessageImpl) Principal(java.security.Principal) RequestType(org.opensaml.xacml.ctx.RequestType)

Example 4 with RequestType

use of org.opensaml.xacml.ctx.RequestType in project cxf by apache.

the class XACMLRequestBuilderTest method testRESTResourceTruncatedURI.

@org.junit.Test
public void testRESTResourceTruncatedURI() throws Exception {
    // Mock up a request
    Principal principal = new Principal() {

        public String getName() {
            return "alice";
        }
    };
    MessageImpl msg = new MessageImpl();
    String resourceURL = "https://localhost:8080/doubleit";
    msg.put(Message.REQUEST_URL, resourceURL);
    String resourceURI = "/doubleit";
    msg.put(Message.REQUEST_URI, resourceURI);
    XACMLRequestBuilder builder = new DefaultXACMLRequestBuilder();
    ((DefaultXACMLRequestBuilder) builder).setSendFullRequestURL(false);
    RequestType request = builder.createRequest(principal, Collections.singletonList("manager"), msg);
    assertNotNull(request);
    List<ResourceType> resources = request.getResources();
    assertNotNull(resources);
    assertEquals(1, resources.size());
    ResourceType resource = resources.get(0);
    assertEquals(1, resource.getAttributes().size());
    for (AttributeType attribute : resource.getAttributes()) {
        String attributeValue = attribute.getAttributeValues().get(0).getValue();
        assertEquals(attributeValue, resourceURI);
    }
}
Also used : AttributeType(org.opensaml.xacml.ctx.AttributeType) ResourceType(org.opensaml.xacml.ctx.ResourceType) MessageImpl(org.apache.cxf.message.MessageImpl) Principal(java.security.Principal) RequestType(org.opensaml.xacml.ctx.RequestType)

Example 5 with RequestType

use of org.opensaml.xacml.ctx.RequestType in project testcases by coheigea.

the class MockPDPImpl method evaluate.

@POST
public Source evaluate(Source request) {
    RequestType requestType = requestSourceToRequestType(request);
    XMLObjectBuilderFactory builderFactory = XMLObjectProviderRegistrySupport.getBuilderFactory();
    @SuppressWarnings("unchecked") XACMLObjectBuilder<ResponseType> responseTypeBuilder = (XACMLObjectBuilder<ResponseType>) builderFactory.getBuilder(ResponseType.DEFAULT_ELEMENT_NAME);
    @SuppressWarnings("unchecked") XACMLObjectBuilder<ResultType> resultTypeBuilder = (XACMLObjectBuilder<ResultType>) builderFactory.getBuilder(ResultType.DEFAULT_ELEMENT_NAME);
    @SuppressWarnings("unchecked") XACMLObjectBuilder<DecisionType> decisionTypeBuilder = (XACMLObjectBuilder<DecisionType>) builderFactory.getBuilder(DecisionType.DEFAULT_ELEMENT_NAME);
    @SuppressWarnings("unchecked") XACMLObjectBuilder<StatusType> statusTypeBuilder = (XACMLObjectBuilder<StatusType>) builderFactory.getBuilder(StatusType.DEFAULT_ELEMENT_NAME);
    @SuppressWarnings("unchecked") XACMLObjectBuilder<StatusCodeType> statusCodeTypeBuilder = (XACMLObjectBuilder<StatusCodeType>) builderFactory.getBuilder(StatusCodeType.DEFAULT_ELEMENT_NAME);
    DecisionType decisionType = decisionTypeBuilder.buildObject();
    String role = getSubjectRole(requestType);
    if ("boss".equals(role)) {
        decisionType.setDecision(DecisionType.DECISION.Permit);
    } else {
        decisionType.setDecision(DecisionType.DECISION.Deny);
    }
    ResultType result = resultTypeBuilder.buildObject();
    result.setDecision(decisionType);
    StatusType status = statusTypeBuilder.buildObject();
    StatusCodeType statusCode = statusCodeTypeBuilder.buildObject();
    statusCode.setValue("urn:oasis:names:tc:xacml:1.0:status:ok");
    status.setStatusCode(statusCode);
    result.setStatus(status);
    ResponseType response = responseTypeBuilder.buildObject();
    response.getResults().add(result);
    return responseType2Source(response);
}
Also used : XACMLObjectBuilder(org.opensaml.xacml.XACMLObjectBuilder) ResultType(org.opensaml.xacml.ctx.ResultType) DecisionType(org.opensaml.xacml.ctx.DecisionType) ResponseType(org.opensaml.xacml.ctx.ResponseType) StatusType(org.opensaml.xacml.ctx.StatusType) XMLObjectBuilderFactory(org.opensaml.core.xml.XMLObjectBuilderFactory) StatusCodeType(org.opensaml.xacml.ctx.StatusCodeType) RequestType(org.opensaml.xacml.ctx.RequestType) POST(javax.ws.rs.POST)

Aggregations

RequestType (org.opensaml.xacml.ctx.RequestType)14 Principal (java.security.Principal)7 MessageImpl (org.apache.cxf.message.MessageImpl)7 AttributeType (org.opensaml.xacml.ctx.AttributeType)7 ResourceType (org.opensaml.xacml.ctx.ResourceType)7 Document (org.w3c.dom.Document)5 Element (org.w3c.dom.Element)5 ArrayList (java.util.ArrayList)3 ActionType (org.opensaml.xacml.ctx.ActionType)3 AttributeValueType (org.opensaml.xacml.ctx.AttributeValueType)3 SubjectType (org.opensaml.xacml.ctx.SubjectType)3 ResponseType (org.opensaml.xacml.ctx.ResponseType)2 ResultType (org.opensaml.xacml.ctx.ResultType)2 StatusType (org.opensaml.xacml.ctx.StatusType)2 POST (javax.ws.rs.POST)1 Transformer (javax.xml.transform.Transformer)1 DOMResult (javax.xml.transform.dom.DOMResult)1 WSSecurityException (org.apache.wss4j.common.ext.WSSecurityException)1 DateTime (org.joda.time.DateTime)1 XMLObjectBuilderFactory (org.opensaml.core.xml.XMLObjectBuilderFactory)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial