cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From cohei...@apache.org
Subject svn commit: r1325788 - in /cxf/trunk/services/sts/systests/advanced/src/test: java/org/apache/cxf/systest/sts/batch/ resources/org/apache/cxf/systest/sts/batch/
Date Fri, 13 Apr 2012 14:41:48 GMT
Author: coheigea
Date: Fri Apr 13 14:41:48 2012
New Revision: 1325788

URL: http://svn.apache.org/viewvc?rev=1325788&view=rev
Log:
[CXF-4157] - Added a batch validate test to the STS advanced systests

Modified:
    cxf/trunk/services/sts/systests/advanced/src/test/java/org/apache/cxf/systest/sts/batch/BatchRequest.java
    cxf/trunk/services/sts/systests/advanced/src/test/java/org/apache/cxf/systest/sts/batch/SAMLBatchUnitTest.java
    cxf/trunk/services/sts/systests/advanced/src/test/java/org/apache/cxf/systest/sts/batch/SimpleBatchSTSClient.java
    cxf/trunk/services/sts/systests/advanced/src/test/resources/org/apache/cxf/systest/sts/batch/cxf-sts.xml
    cxf/trunk/services/sts/systests/advanced/src/test/resources/org/apache/cxf/systest/sts/batch/ws-trust-1.4-service.wsdl

Modified: cxf/trunk/services/sts/systests/advanced/src/test/java/org/apache/cxf/systest/sts/batch/BatchRequest.java
URL: http://svn.apache.org/viewvc/cxf/trunk/services/sts/systests/advanced/src/test/java/org/apache/cxf/systest/sts/batch/BatchRequest.java?rev=1325788&r1=1325787&r2=1325788&view=diff
==============================================================================
--- cxf/trunk/services/sts/systests/advanced/src/test/java/org/apache/cxf/systest/sts/batch/BatchRequest.java
(original)
+++ cxf/trunk/services/sts/systests/advanced/src/test/java/org/apache/cxf/systest/sts/batch/BatchRequest.java
Fri Apr 13 14:41:48 2012
@@ -18,46 +18,39 @@
  */
 package org.apache.cxf.systest.sts.batch;
 
-import java.util.List;
+import org.w3c.dom.Element;
 
 public class BatchRequest {
 
-    List<String> tokenTypes;
-    List<String> keyTypes;
-    String requestType;
-    String action;
-    List<String> appliesTo;
+    private String tokenType;
+    private String keyType;
+    private String appliesTo;
+    private Element validateTarget;
     
-    public List<String> getTokenTypes() {
-        return tokenTypes;
+    public String getTokenType() {
+        return tokenType;
     }
-    public void setTokenTypes(List<String> tokenTypes) {
-        this.tokenTypes = tokenTypes;
+    public void setTokenType(String tokenType) {
+        this.tokenType = tokenType;
     }
-    public List<String> getKeyTypes() {
-        return keyTypes;
+    public String getKeyType() {
+        return keyType;
     }
-    public void setKeyTypes(List<String> keyTypes) {
-        this.keyTypes = keyTypes;
+    public void setKeyType(String keyType) {
+        this.keyType = keyType;
     }
-    public String getRequestType() {
-        return requestType;
-    }
-    public void setRequestType(String requestType) {
-        this.requestType = requestType;
-    }
-    public String getAction() {
-        return action;
-    }
-    public void setAction(String action) {
-        this.action = action;
-    }
-    public List<String> getAppliesTo() {
+    public String getAppliesTo() {
         return appliesTo;
     }
-    public void setAppliesTo(List<String> appliesTo) {
+    public void setAppliesTo(String appliesTo) {
         this.appliesTo = appliesTo;
     }
+    public Element getValidateTarget() {
+        return validateTarget;
+    }
+    public void setValidateTarget(Element validateTarget) {
+        this.validateTarget = validateTarget;
+    }
     
     
 }

Modified: cxf/trunk/services/sts/systests/advanced/src/test/java/org/apache/cxf/systest/sts/batch/SAMLBatchUnitTest.java
URL: http://svn.apache.org/viewvc/cxf/trunk/services/sts/systests/advanced/src/test/java/org/apache/cxf/systest/sts/batch/SAMLBatchUnitTest.java?rev=1325788&r1=1325787&r2=1325788&view=diff
==============================================================================
--- cxf/trunk/services/sts/systests/advanced/src/test/java/org/apache/cxf/systest/sts/batch/SAMLBatchUnitTest.java
(original)
+++ cxf/trunk/services/sts/systests/advanced/src/test/java/org/apache/cxf/systest/sts/batch/SAMLBatchUnitTest.java
Fri Apr 13 14:41:48 2012
@@ -30,12 +30,14 @@ import org.apache.cxf.systest.sts.common
 import org.apache.cxf.testutil.common.AbstractBusClientServerTestBase;
 import org.apache.cxf.ws.security.SecurityConstants;
 import org.apache.cxf.ws.security.tokenstore.SecurityToken;
+import org.apache.cxf.ws.security.trust.STSUtils;
 import org.junit.BeforeClass;
 import org.opensaml.common.xml.SAMLConstants;
 
 /**
  * In this test case, a CXF client requests a number of SAML Tokens from an STS using batch
processing.
  * It uses a simple STSClient implementation to request both a SAML 1.1 and 2.0 token at
the same time.
+ * Batch validation is also tested.
  */
 public class SAMLBatchUnitTest extends AbstractBusClientServerTestBase {
     
@@ -57,7 +59,7 @@ public class SAMLBatchUnitTest extends A
     }
 
     @org.junit.Test
-    public void testBatchIssueSAMLTokens() throws Exception {
+    public void testBatchSAMLTokens() throws Exception {
         SpringBusFactory bf = new SpringBusFactory();
         URL busFile = SAMLBatchUnitTest.class.getResource("cxf-client-unit.xml");
 
@@ -68,42 +70,54 @@ public class SAMLBatchUnitTest extends A
         String wsdlLocation = 
             "https://localhost:" + STSPORT + "/SecurityTokenService/Transport?wsdl";
         
+        List<BatchRequest> requestList = new ArrayList<BatchRequest>();
         BatchRequest request = new BatchRequest();
-        List<String> appliesTo = new ArrayList<String>();
-        appliesTo.add("https://localhost:8081/doubleit/services/doubleittransportsaml1");
-        appliesTo.add("https://localhost:8081/doubleit/services/doubleittransportsaml2");
-        request.setAppliesTo(appliesTo);
-        
-        request.setAction("http://docs.oasis-open.org/ws-sx/ws-trust/200512/BatchIssue");
-        request.setRequestType("http://docs.oasis-open.org/ws-sx/ws-trust/200512/BatchIssue");
-        
-        List<String> tokenTypes = new ArrayList<String>();
-        tokenTypes.add("http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV1.1");
-        tokenTypes.add("http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV2.0");
-        request.setTokenTypes(tokenTypes);
-        List<String> keyTypes = new ArrayList<String>();
-        keyTypes.add("http://docs.oasis-open.org/ws-sx/ws-trust/200512/Bearer");
-        keyTypes.add("http://docs.oasis-open.org/ws-sx/ws-trust/200512/Bearer");
-        request.setKeyTypes(keyTypes);
+        request.setAppliesTo("https://localhost:8081/doubleit/services/doubleittransportsaml1");
+        request.setTokenType("http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV1.1");
+        request.setKeyType("http://docs.oasis-open.org/ws-sx/ws-trust/200512/Bearer");
+        requestList.add(request);
+        
+        request = new BatchRequest();
+        request.setAppliesTo("https://localhost:8081/doubleit/services/doubleittransportsaml2");
+        request.setTokenType("http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV2.0");
+        request.setKeyType("http://docs.oasis-open.org/ws-sx/ws-trust/200512/Bearer");
+        requestList.add(request);
+        
+        String action = "http://docs.oasis-open.org/ws-sx/ws-trust/200512/BatchIssue";
+        String requestType = "http://docs.oasis-open.org/ws-sx/ws-trust/200512/BatchIssue";
+        String port = "{http://docs.oasis-open.org/ws-sx/ws-trust/200512/}Transport_Port";
         
         // Request the token
-        List<SecurityToken> tokens = requestSecurityToken(bus, wsdlLocation, request);
+        List<SecurityToken> tokens = 
+            requestSecurityTokens(bus, wsdlLocation, requestList, action, requestType, port);
         assertTrue(tokens != null && tokens.size() == 2);
         
         assertTrue(tokens.get(0).getToken().getLocalName().equals("Assertion"));
         assertTrue(tokens.get(0).getToken().getNamespaceURI().equals(SAMLConstants.SAML1_NS));
         assertTrue(tokens.get(1).getToken().getLocalName().equals("Assertion"));
         assertTrue(tokens.get(1).getToken().getNamespaceURI().equals(SAMLConstants.SAML20_NS));
+        
+        // Now validate the tokens
+        requestList.get(0).setValidateTarget(tokens.get(0).getToken());
+        requestList.get(0).setTokenType(STSUtils.WST_NS_05_12 + "/RSTR/Status");
+        requestList.get(1).setValidateTarget(tokens.get(1).getToken());
+        requestList.get(1).setTokenType(STSUtils.WST_NS_05_12 + "/RSTR/Status");
+        action = "http://docs.oasis-open.org/ws-sx/ws-trust/200512/BatchValidate";
+        requestType = "http://docs.oasis-open.org/ws-sx/ws-trust/200512/BatchValidate";
+        port = "{http://docs.oasis-open.org/ws-sx/ws-trust/200512/}Transport_Port2";
+        
+        validateSecurityTokens(bus, wsdlLocation, requestList, action, requestType, port);
     }
     
     
-    private List<SecurityToken> requestSecurityToken(
-        Bus bus, String wsdlLocation, BatchRequest request
+    private List<SecurityToken> requestSecurityTokens(
+        Bus bus, String wsdlLocation, List<BatchRequest> requestList, String action,
String requestType,
+        String port
     ) throws Exception {
         SimpleBatchSTSClient stsClient = new SimpleBatchSTSClient(bus);
         stsClient.setWsdlLocation(wsdlLocation);
         stsClient.setServiceName("{http://docs.oasis-open.org/ws-sx/ws-trust/200512/}SecurityTokenService");
-        stsClient.setEndpointName("{http://docs.oasis-open.org/ws-sx/ws-trust/200512/}Transport_Port");
+        stsClient.setEndpointName(port);
 
         Map<String, Object> properties = new HashMap<String, Object>();
         properties.put(SecurityConstants.USERNAME, "alice");
@@ -116,12 +130,33 @@ public class SAMLBatchUnitTest extends A
         stsClient.setEnableLifetime(true);
 
         stsClient.setProperties(properties);
-        stsClient.setRequiresEntropy(true);
-        stsClient.setKeySize(128);
         stsClient.setAddressingNamespace("http://www.w3.org/2005/08/addressing");
 
-        return stsClient.requestBatchSecurityTokens(request);
+        return stsClient.requestBatchSecurityTokens(requestList, action, requestType);
     }
     
-    
+    private List<SecurityToken> validateSecurityTokens(
+        Bus bus, String wsdlLocation, List<BatchRequest> requestList, String action,
String requestType,
+        String port
+    ) throws Exception {
+        SimpleBatchSTSClient stsClient = new SimpleBatchSTSClient(bus);
+        stsClient.setWsdlLocation(wsdlLocation);
+        stsClient.setServiceName("{http://docs.oasis-open.org/ws-sx/ws-trust/200512/}SecurityTokenService");
+        stsClient.setEndpointName(port);
+
+        Map<String, Object> properties = new HashMap<String, Object>();
+        properties.put(SecurityConstants.USERNAME, "alice");
+        properties.put(
+            SecurityConstants.CALLBACK_HANDLER, 
+            "org.apache.cxf.systest.sts.common.CommonCallbackHandler"
+        );
+        properties.put(SecurityConstants.STS_TOKEN_PROPERTIES, "serviceKeystore.properties");
+
+        stsClient.setProperties(properties);
+        stsClient.setAddressingNamespace("http://www.w3.org/2005/08/addressing");
+
+        return stsClient.validateBatchSecurityTokens(requestList, action, requestType);
+    }
+
+
 }

Modified: cxf/trunk/services/sts/systests/advanced/src/test/java/org/apache/cxf/systest/sts/batch/SimpleBatchSTSClient.java
URL: http://svn.apache.org/viewvc/cxf/trunk/services/sts/systests/advanced/src/test/java/org/apache/cxf/systest/sts/batch/SimpleBatchSTSClient.java?rev=1325788&r1=1325787&r2=1325788&view=diff
==============================================================================
--- cxf/trunk/services/sts/systests/advanced/src/test/java/org/apache/cxf/systest/sts/batch/SimpleBatchSTSClient.java
(original)
+++ cxf/trunk/services/sts/systests/advanced/src/test/java/org/apache/cxf/systest/sts/batch/SimpleBatchSTSClient.java
Fri Apr 13 14:41:48 2012
@@ -526,32 +526,33 @@ public class SimpleBatchSTSClient implem
         return null;
     }
 
-    public List<SecurityToken> requestBatchSecurityTokens(BatchRequest batchRequest)
throws Exception {
+    public List<SecurityToken> requestBatchSecurityTokens(
+        List<BatchRequest> batchRequestList, String action, String requestType
+    ) throws Exception {
         createClient();
         BindingOperationInfo boi = findOperation("/RST/RequestCollection");
 
         client.getRequestContext().putAll(ctx);
-        client.getRequestContext().put(SoapBindingConstants.SOAP_ACTION, batchRequest.getAction());
+        client.getRequestContext().put(SoapBindingConstants.SOAP_ACTION, action);
 
         W3CDOMStreamWriter writer = new W3CDOMStreamWriter();
         writer.writeStartElement("wst", "RequestSecurityTokenCollection", namespace);
         writer.writeNamespace("wst", namespace);
 
-        List<String> tokenTypes = batchRequest.getTokenTypes();
-        for (int i = 0; i < tokenTypes.size(); i++) {
+        for (BatchRequest batchRequest : batchRequestList) {
             writer.writeStartElement("wst", "RequestSecurityToken", namespace);
             writer.writeNamespace("wst", namespace);
             
-            addRequestType(batchRequest.getRequestType(), writer);
+            addRequestType(requestType, writer);
             if (enableAppliesTo) {
-                addAppliesTo(writer, batchRequest.getAppliesTo().get(i));
+                addAppliesTo(writer, batchRequest.getAppliesTo());
             }
             
-            writeKeyType(writer, batchRequest.getKeyTypes().get(i));
+            writeKeyType(writer, batchRequest.getKeyType());
             
             addLifetime(writer);
             
-            addTokenType(writer, tokenTypes.get(i));
+            addTokenType(writer, batchRequest.getTokenType());
             
             writer.writeEndElement();
         }
@@ -574,6 +575,75 @@ public class SimpleBatchSTSClient implem
 
         return tokens;
     }
+    
+    protected List<SecurityToken> validateBatchSecurityTokens(
+        List<BatchRequest> batchRequestList, String action, String requestType
+    ) throws Exception {
+        createClient();
+        BindingOperationInfo boi = findOperation("/RST/RequestCollection");
+
+        client.getRequestContext().putAll(ctx);
+        client.getRequestContext().put(SoapBindingConstants.SOAP_ACTION, action);
+
+        W3CDOMStreamWriter writer = new W3CDOMStreamWriter();
+        writer.writeStartElement("wst", "RequestSecurityTokenCollection", namespace);
+        writer.writeNamespace("wst", namespace);
+
+        for (BatchRequest batchRequest : batchRequestList) {
+            writer.writeStartElement("wst", "RequestSecurityToken", namespace);
+            writer.writeNamespace("wst", namespace);
+            
+            addRequestType(requestType, writer);
+            
+            addTokenType(writer, batchRequest.getTokenType());
+            
+            writer.writeStartElement("wst", "ValidateTarget", namespace);
+
+            Element el = batchRequest.getValidateTarget();
+            StaxUtils.copy(el, writer);
+
+            writer.writeEndElement();
+            
+            writer.writeEndElement();
+        }
+        writer.writeEndElement();
+
+        Object obj[] = client.invoke(boi, new DOMSource(writer.getDocument().getDocumentElement()));
+        
+        Element responseCollection = getDocumentElement((DOMSource)obj[0]);
+        Node child = responseCollection.getFirstChild();
+        List<SecurityToken> tokens = new ArrayList<SecurityToken>();
+        while (child != null) {
+            if (child instanceof Element 
+                && "RequestSecurityTokenResponse".equals(((Element)child).getLocalName()))
{
+                Element rstrChild = DOMUtils.getFirstElement((Element)child);
+                while (rstrChild != null) {
+                    if ("Status".equals(rstrChild.getLocalName())) {
+                        Element e2 = 
+                            DOMUtils.getFirstChildWithName(rstrChild, rstrChild.getNamespaceURI(),
"Code");
+                        String s = DOMUtils.getContent(e2);
+                        if (!s.endsWith("/status/valid")) {
+                            throw new TrustException(LOG, "VALIDATION_FAILED");
+                        }
+                        
+                    } else if ("RequestedSecurityToken".equals(rstrChild.getLocalName()))
{
+                        Element requestedSecurityTokenElement = DOMUtils.getFirstElement(rstrChild);
+                        String id = findID(null, null, requestedSecurityTokenElement);
+                        if (StringUtils.isEmpty(id)) {
+                            throw new TrustException("NO_ID", LOG);
+                        }
+                        SecurityToken requestedSecurityToken = new SecurityToken(id);
+                        requestedSecurityToken.setToken(requestedSecurityTokenElement);
+                        tokens.add(requestedSecurityToken);
+                    }
+                    rstrChild = DOMUtils.getNextElement(rstrChild);
+                }
+            }
+            child = child.getNextSibling();
+        }
+        
+        return tokens;
+    }
 
     protected byte[] writeElementsForRSTSymmetricKey(W3CDOMStreamWriter writer,
             boolean wroteKeySize) throws Exception {

Modified: cxf/trunk/services/sts/systests/advanced/src/test/resources/org/apache/cxf/systest/sts/batch/cxf-sts.xml
URL: http://svn.apache.org/viewvc/cxf/trunk/services/sts/systests/advanced/src/test/resources/org/apache/cxf/systest/sts/batch/cxf-sts.xml?rev=1325788&r1=1325787&r2=1325788&view=diff
==============================================================================
--- cxf/trunk/services/sts/systests/advanced/src/test/resources/org/apache/cxf/systest/sts/batch/cxf-sts.xml
(original)
+++ cxf/trunk/services/sts/systests/advanced/src/test/resources/org/apache/cxf/systest/sts/batch/cxf-sts.xml
Fri Apr 13 14:41:48 2012
@@ -153,6 +153,14 @@
 		depends-on="ClientAuthHttpsSettings" serviceName="ns1:SecurityTokenService"
 		endpointName="ns1:Transport_Port">
 	</jaxws:endpoint>
+	
+	<jaxws:endpoint id="localSTS2" implementor="#transportSTSProviderBean"
+		address="https://localhost:${testutil.ports.STSServer}/SecurityTokenService/Transport2"
+		wsdlLocation="src/test/resources/org/apache/cxf/systest/sts/batch/ws-trust-1.4-service.wsdl"
+		xmlns:ns1="http://docs.oasis-open.org/ws-sx/ws-trust/200512/"
+		depends-on="ClientAuthHttpsSettings" serviceName="ns1:SecurityTokenService"
+		endpointName="ns1:Transport_Port2">
+	</jaxws:endpoint>
 
 	<httpj:engine-factory id="ClientAuthHttpsSettings"
 		bus="cxf">

Modified: cxf/trunk/services/sts/systests/advanced/src/test/resources/org/apache/cxf/systest/sts/batch/ws-trust-1.4-service.wsdl
URL: http://svn.apache.org/viewvc/cxf/trunk/services/sts/systests/advanced/src/test/resources/org/apache/cxf/systest/sts/batch/ws-trust-1.4-service.wsdl?rev=1325788&r1=1325787&r2=1325788&view=diff
==============================================================================
--- cxf/trunk/services/sts/systests/advanced/src/test/resources/org/apache/cxf/systest/sts/batch/ws-trust-1.4-service.wsdl
(original)
+++ cxf/trunk/services/sts/systests/advanced/src/test/resources/org/apache/cxf/systest/sts/batch/ws-trust-1.4-service.wsdl
Fri Apr 13 14:41:48 2012
@@ -179,12 +179,99 @@
   			<soap:body use="literal" />
   		</wsdl:output>
   	</wsdl:operation>
+  	<wsdl:operation name="RequestCollection">
+  		<soap:operation
+  			soapAction="http://docs.oasis-open.org/ws-sx/ws-trust/200512/BatchValidate" />
+  		<wsdl:input>
+  			<soap:body use="literal" />
+  		</wsdl:input>
+  		<wsdl:output>
+  			<soap:body use="literal" />
+  		</wsdl:output>
+  	</wsdl:operation>
+  </wsdl:binding>
+  
+    <wsdl:binding name="Transport_Binding_2" type="wstrust:STS">
+    <wsp:PolicyReference URI="#Transport_policy" />
+  	<soap:binding style="document"
+  		transport="http://schemas.xmlsoap.org/soap/http" />
+  	<wsdl:operation name="Issue">
+  		<soap:operation
+  			soapAction="http://docs.oasis-open.org/ws-sx/ws-trust/200512/RST/Issue" />
+  		<wsdl:input>
+  		    <wsp:PolicyReference
+               URI="#Input_policy" />
+  			<soap:body use="literal" />
+  		</wsdl:input>
+  		<wsdl:output>
+  		    <wsp:PolicyReference
+               URI="#Output_policy" />
+  			<soap:body use="literal" />
+  		</wsdl:output>
+  	</wsdl:operation>
+  	<wsdl:operation name="Validate">
+  		<soap:operation
+  			soapAction="http://docs.oasis-open.org/ws-sx/ws-trust/200512/RST/Validate" />
+  		<wsdl:input>
+  		    <wsp:PolicyReference
+               URI="#Input_policy" />
+  			<soap:body use="literal" />
+  		</wsdl:input>
+  		<wsdl:output>
+  		    <wsp:PolicyReference
+               URI="#Output_policy" />
+  			<soap:body use="literal" />
+  		</wsdl:output>
+  	</wsdl:operation>
+  	<wsdl:operation name="Cancel">
+  		<soap:operation
+  			soapAction="http://docs.oasis-open.org/ws-sx/ws-trust/200512/RST/Cancel" />
+  		<wsdl:input>
+  			<soap:body use="literal" />
+  		</wsdl:input>
+  		<wsdl:output>
+  			<soap:body use="literal" />
+  		</wsdl:output>
+  	</wsdl:operation>
+  	<wsdl:operation name="Renew">
+  		<soap:operation
+  			soapAction="http://docs.oasis-open.org/ws-sx/ws-trust/200512/RST/Renew" />
+  		<wsdl:input>
+  			<soap:body use="literal" />
+  		</wsdl:input>
+  		<wsdl:output>
+  			<soap:body use="literal" />
+  		</wsdl:output>
+  	</wsdl:operation>
+  	<wsdl:operation name="KeyExchangeToken">
+  		<soap:operation
+  			soapAction="http://docs.oasis-open.org/ws-sx/ws-trust/200512/RST/KeyExchangeToken" />
+  		<wsdl:input>
+  			<soap:body use="literal" />
+  		</wsdl:input>
+  		<wsdl:output>
+  			<soap:body use="literal" />
+  		</wsdl:output>
+  	</wsdl:operation>
+  	<wsdl:operation name="RequestCollection">
+  		<soap:operation
+  			soapAction="http://docs.oasis-open.org/ws-sx/ws-trust/200512/BatchValidate" />
+  		<wsdl:input>
+  			<soap:body use="literal" />
+  		</wsdl:input>
+  		<wsdl:output>
+  			<soap:body use="literal" />
+  		</wsdl:output>
+  	</wsdl:operation>
   </wsdl:binding>
   
   <wsdl:service name="SecurityTokenService">
       <wsdl:port name="Transport_Port" binding="tns:Transport_Binding">
          <soap:address location="https://localhost:8084/SecurityTokenService/Transport"
/>
       </wsdl:port>
+      <wsdl:port name="Transport_Port2" binding="tns:Transport_Binding_2">
+         <soap:address location="https://localhost:8084/SecurityTokenService/Transport2"
/>
+      </wsdl:port>
   </wsdl:service>
   
   <wsp:Policy wsu:Id="Transport_policy">



Mime
View raw message