cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From owu...@apache.org
Subject svn commit: r1343102 - in /cxf/fediz/trunk/plugins/core/src: main/java/org/apache/cxf/fediz/core/ main/java/org/apache/cxf/fediz/core/config/ main/java/org/apache/cxf/fediz/core/saml/ main/java/org/apache/cxf/fediz/core/spi/ main/resources/schemas/ tes...
Date Sun, 27 May 2012 21:07:06 GMT
Author: owulff
Date: Sun May 27 21:07:06 2012
New Revision: 1343102

URL: http://svn.apache.org/viewvc?rev=1343102&view=rev
Log:
CallbackHandler support added for wauth,whr and issuer

Added:
    cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/spi/HomeRealmCallback.java
    cxf/fediz/trunk/plugins/core/src/test/java/org/apache/cxf/fediz/core/config/CallbackHandlerTest.java
    cxf/fediz/trunk/plugins/core/src/test/java/org/apache/cxf/fediz/core/config/TestCallbackHandler.java
Removed:
    cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/config/Authentication.java
    cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/config/HomeRealm.java
Modified:
    cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/FederationProcessorImpl.java
    cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/config/FederationContext.java
    cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/config/FederationProtocol.java
    cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/saml/SAMLTokenValidator.java
    cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/spi/IDPCallback.java
    cxf/fediz/trunk/plugins/core/src/main/resources/schemas/FedizConfig.xsd
    cxf/fediz/trunk/plugins/core/src/test/java/org/apache/cxf/fediz/core/config/FedizConfigurationTest.java
    cxf/fediz/trunk/plugins/core/src/test/java/org/apache/cxf/fediz/core/config/FedizConfigurationWriterTest.java
    cxf/fediz/trunk/plugins/core/src/test/resources/fediz_test_config.xml

Modified: cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/FederationProcessorImpl.java
URL: http://svn.apache.org/viewvc/cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/FederationProcessorImpl.java?rev=1343102&r1=1343101&r2=1343102&view=diff
==============================================================================
--- cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/FederationProcessorImpl.java
(original)
+++ cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/FederationProcessorImpl.java
Sun May 27 21:07:06 2012
@@ -27,6 +27,8 @@ import java.text.DateFormat;
 import java.text.ParseException;
 import java.util.Date;
 
+import javax.security.auth.callback.Callback;
+import javax.security.auth.callback.CallbackHandler;
 import javax.servlet.http.HttpServletRequest;
 import javax.xml.parsers.ParserConfigurationException;
 
@@ -37,6 +39,9 @@ import org.xml.sax.SAXException;
 import org.apache.cxf.fediz.core.config.FederationContext;
 import org.apache.cxf.fediz.core.config.FederationProtocol;
 import org.apache.cxf.fediz.core.saml.SAMLTokenValidator;
+import org.apache.cxf.fediz.core.spi.HomeRealmCallback;
+import org.apache.cxf.fediz.core.spi.IDPCallback;
+import org.apache.cxf.fediz.core.spi.WAuthCallback;
 import org.apache.cxf.fediz.core.util.DOMUtils;
 import org.apache.ws.security.WSConstants;
 import org.apache.ws.security.util.XmlSchemaDateFormat;
@@ -249,28 +254,45 @@ public class FederationProcessorImpl imp
     public String createSignInRequest(HttpServletRequest request, FederationContext config)
{
 
         String redirectURL = null;
-        // if (this.getIssuerCallbackHandler() != null) {
-        // org.apache.cxf.fediz.core.spi.IDPCallback callback = new org.apache.cxf.fediz.core.spi.IDPCallback(
-        // request);
-        // try {
-        // this.getIssuerCallbackHandler().handle(
-        // new Callback[] { callback });
-        // redirectURL = callback.getIssuerUrl().toString();
-        // String trustedIssuer = callback.getTrustedIssuer();
-        // if (trustedIssuer != null && trustedIssuer.length() > 0) {
-        // request.getSessionInternal().setNote(TRUSTED_ISSUER,
-        // trustedIssuer);
-        // }
-        // } catch (Exception ex) {
-        // log.error("Failed to handle callback: " + ex.getMessage());
-        // }
-        // }
         try {
-            String issuerURL = ((FederationProtocol)config.getProtocol()).getIssuer();
+            Object issuerObj = ((FederationProtocol)config.getProtocol()).getIssuer();
+            String issuerURL = null;
+            if (issuerObj instanceof String) {
+                issuerURL = (String)issuerObj;
+            } else if (issuerObj instanceof CallbackHandler) {
+                CallbackHandler issuerCB = (CallbackHandler)issuerObj;
+                IDPCallback callback = new IDPCallback(request);
+                issuerCB.handle(new Callback[] {callback});
+                issuerURL = callback.getIssuerUrl().toString();
+            }
+            LOG.info("Issuer url: " + issuerURL);
             if (issuerURL != null && issuerURL.length() > 0) {
                 redirectURL = issuerURL;
             }
-            LOG.info("Issuer url: " + redirectURL);
+            
+            Object wAuthObj = ((FederationProtocol)config.getProtocol()).getAuthenticationType();
+            String wAuth = null;
+            if (wAuthObj instanceof String) {
+                wAuth = (String)wAuthObj;
+            } else if (wAuthObj instanceof CallbackHandler) {
+                CallbackHandler wauthCB = (CallbackHandler)wAuthObj;
+                WAuthCallback callback = new WAuthCallback(request);
+                wauthCB.handle(new Callback[] {callback});
+                wAuth = callback.getWauth();
+            }
+            LOG.info("WAuth: " + wAuth);
+            
+            Object homeRealmObj = ((FederationProtocol)config.getProtocol()).getHomeRealm();
+            String homeRealm = null;
+            if (homeRealmObj instanceof String) {
+                homeRealm = (String)homeRealmObj;
+            } else if (homeRealmObj instanceof CallbackHandler) {
+                CallbackHandler hrCB = (CallbackHandler)homeRealmObj;
+                HomeRealmCallback callback = new HomeRealmCallback(request);
+                hrCB.handle(new Callback[] {callback});
+                homeRealm = callback.getHomeRealm();
+            }
+            LOG.info("HomeRealm: " + homeRealm);
 
             StringBuilder sb = new StringBuilder();
 
@@ -309,11 +331,21 @@ public class FederationProcessorImpl imp
             }
             LOG.debug("wtrealm=" + realm);
 
-            StringBuffer realmSb = new StringBuffer(request.getScheme());
-            realmSb.append("://").append(request.getServerName()).append(":").append(request.getServerPort())
-                .append(request.getContextPath());
             sb.append('&').append(FederationConstants.PARAM_TREALM).append('=')
                 .append(URLEncoder.encode(realm, "UTF-8"));
+            
+            // add authentication type parameter wauth if set
+            if (wAuth != null && wAuth.length() > 0) {
+                sb.append('&').append(FederationConstants.PARAM_AUTH_TYPE).append('=')
+                    .append(URLEncoder.encode(wAuth, "UTF-8"));
+            }
+            
+            // add home realm parameter whr if set
+            if (homeRealm != null && homeRealm.length() > 0) {
+                sb.append('&').append(FederationConstants.PARAM_HOME_REALM).append('=')
+                    .append(URLEncoder.encode(homeRealm, "UTF-8"));
+            }
+            
             redirectURL = redirectURL + "?" + sb.toString();
         } catch (Exception ex) {
             LOG.error("Failed to create SignInRequest", ex);

Modified: cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/config/FederationContext.java
URL: http://svn.apache.org/viewvc/cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/config/FederationContext.java?rev=1343102&r1=1343101&r2=1343102&view=diff
==============================================================================
--- cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/config/FederationContext.java
(original)
+++ cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/config/FederationContext.java
Sun May 27 21:07:06 2012
@@ -20,8 +20,6 @@
 package org.apache.cxf.fediz.core.config;
 
 import java.math.BigInteger;
-import java.net.URI;
-import java.net.URISyntaxException;
 import java.util.ArrayList;
 import java.util.List;
 
@@ -32,7 +30,6 @@ import org.apache.cxf.fediz.core.config.
 import org.apache.cxf.fediz.core.config.jaxb.TrustManagersType;
 import org.apache.cxf.fediz.core.config.jaxb.TrustedIssuerType;
 import org.apache.cxf.fediz.core.config.jaxb.TrustedIssuers;
-import org.apache.cxf.fediz.core.exception.IllegalConfigurationException;
 
 public class FederationContext {
 
@@ -112,20 +109,6 @@ public class FederationContext {
     }
 
     /*
-    public List<String> getTrustedIssuersNames() {
-        TrustedIssuers issuers = config.getTrustedIssuers();
-        List<String> issuerNames = new ArrayList<String>();
-        if (issuers != null) {
-            for (TrustManagersType t : issuers.getTrustedIssuerItem()) {
-                issuerNames.add(t.getName());
-            }
-            return issuerNames;
-        } else {
-            return Collections.<String> emptyList();
-        }
-    }
-     */
-
     public URI getRoleURI() {
         ProtocolType pt = config.getProtocol();
         if (pt == null) {
@@ -151,6 +134,7 @@ public class FederationContext {
         }
         throw new IllegalConfigurationException("No FederationProtocolType found");
     }
+    */
 
     /*
     public String getTrustStoreFile() {

Modified: cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/config/FederationProtocol.java
URL: http://svn.apache.org/viewvc/cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/config/FederationProtocol.java?rev=1343102&r1=1343101&r2=1343102&view=diff
==============================================================================
--- cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/config/FederationProtocol.java
(original)
+++ cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/config/FederationProtocol.java
Sun May 27 21:07:06 2012
@@ -22,13 +22,24 @@ package org.apache.cxf.fediz.core.config
 import java.util.ArrayList;
 import java.util.List;
 
+import javax.security.auth.callback.CallbackHandler;
+import org.apache.cxf.fediz.core.config.jaxb.ArgumentType;
+import org.apache.cxf.fediz.core.config.jaxb.CallbackType;
 import org.apache.cxf.fediz.core.config.jaxb.ClaimType;
 import org.apache.cxf.fediz.core.config.jaxb.ClaimTypesRequested;
 import org.apache.cxf.fediz.core.config.jaxb.FederationProtocolType;
 import org.apache.cxf.fediz.core.config.jaxb.ProtocolType;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
 
 public class FederationProtocol extends Protocol {
 
+    private static final Logger LOG = LoggerFactory.getLogger(FederationProtocol.class);
+    
+    private Object authenticationType;
+    private Object issuer;
+    private Object homeRealm;
+    
     public FederationProtocol(ProtocolType protocolType) {
         super(protocolType);
     }
@@ -53,18 +64,10 @@ public class FederationProtocol extends 
         getFederationProtocol().setRealm(value);
     }
 
-    public String getIssuer() {
-        return getFederationProtocol().getIssuer();
-    }
-
     public boolean equals(Object obj) {
         return getFederationProtocol().equals(obj);
     }
 
-    public void setIssuer(String value) {
-        getFederationProtocol().setIssuer(value);
-    }
-
     public String getRoleDelimiter() {
         return getFederationProtocol().getRoleDelimiter();
     }
@@ -81,22 +84,108 @@ public class FederationProtocol extends 
         getFederationProtocol().setRoleURI(value);
     }
 
-    public Authentication getAuthenticationType() {
-        return new Authentication(getFederationProtocol().getAuthenticationType());
+    public Object getAuthenticationType() {
+        if (this.authenticationType != null) {
+            return this.authenticationType;
+        }
+        CallbackType cbt = getFederationProtocol().getAuthenticationType();
+        if (cbt.getType().equals(ArgumentType.STRING)) {
+            this.authenticationType = new String(cbt.getValue());
+        } else if (cbt.getType().equals(ArgumentType.CLASS)) {
+            try {
+                this.authenticationType = 
+                    Thread.currentThread().getContextClassLoader().loadClass(cbt.getValue()).newInstance();
+            } catch (Exception e) {
+                LOG.error("Failed to create instance of " + cbt.getValue(), e);
+                throw new IllegalStateException("Failed to create instance of " + cbt.getValue());
+            }            
+        } else {
+            LOG.error("Only String and Class are supported for 'AuthenticationType'");
+            throw new IllegalStateException("Only String and Class are supported for AuthenticationType");
+        }
+        return this.authenticationType;
     }
 
-    public void setAuthenticationType(Authentication value) {
-        getFederationProtocol().setAuthenticationType(value.getAuthType());
+    public void setAuthenticationType(Object value) {
+        final boolean isString = value instanceof String;
+        final boolean isCallbackHandler = value instanceof CallbackHandler;
+        if (isString || isCallbackHandler) {
+            this.authenticationType = value;
+        } else {
+            LOG.error("Unsupported 'AuthenticationType' object");
+            throw new IllegalArgumentException("Unsupported 'AuthenticationType' object.
Type must be "
+                                               + "java.lang.String or javax.security.auth.callback.CallbackHandler.");
+        }
     }
-
-    public HomeRealm getHomeRealm() {
-        return new HomeRealm(getFederationProtocol().getHomeRealm());
+    
+    public Object getHomeRealm() {
+        if (this.homeRealm != null) {
+            return this.homeRealm;
+        }
+        CallbackType cbt = getFederationProtocol().getHomeRealm();
+        if (cbt.getType().equals(ArgumentType.STRING)) {
+            this.homeRealm = new String(cbt.getValue());
+        } else if (cbt.getType().equals(ArgumentType.CLASS)) {
+            try {
+                this.homeRealm =
+                    Thread.currentThread().getContextClassLoader().loadClass(cbt.getValue()).newInstance();
+            } catch (Exception e) {
+                LOG.error("Failed to create instance of " + cbt.getValue(), e);
+                throw new IllegalStateException("Failed to create instance of " + cbt.getValue());
+            }            
+        } else {
+            LOG.error("Only String and Class are supported for 'HomeRealm'");
+            throw new IllegalStateException("Only String and Class are supported for 'HomeRealm'");
+        }
+        return this.homeRealm;
     }
 
-    public void setHomeRealm(HomeRealm value) {
-        getFederationProtocol().setHomeRealm(value.getHomeRealm());
+    public void setHomeRealm(Object value) {
+        final boolean isString = value instanceof String;
+        final boolean isCallbackHandler = value instanceof CallbackHandler;
+        if (isString || isCallbackHandler) {
+            this.homeRealm = value;
+        } else {
+            LOG.error("Unsupported 'HomeRealm' object");
+            throw new IllegalArgumentException("Unsupported 'HomeRealm' object. Type must
be "
+                                               + "java.lang.String or javax.security.auth.callback.CallbackHandler.");
+        }
+    }
+    
+    public Object getIssuer() {
+        if (this.issuer != null) {
+            return this.issuer;
+        }
+        CallbackType cbt = getFederationProtocol().getIssuer();
+        if (cbt.getType().equals(ArgumentType.STRING)) {
+            this.issuer = new String(cbt.getValue());
+        } else if (cbt.getType().equals(ArgumentType.CLASS)) {
+            try {
+                this.issuer = 
+                    Thread.currentThread().getContextClassLoader().loadClass(cbt.getValue()).newInstance();
+            } catch (Exception e) {
+                LOG.error("Failed to create instance of " + cbt.getValue(), e);
+                throw new IllegalStateException("Failed to create instance of " + cbt.getValue());
+            }
+        } else {
+            LOG.error("Only String and Class are supported for 'Issuer'");
+            throw new IllegalStateException("Only String and Class are supported for 'Issuer'");
+        }
+        return this.issuer;
     }
 
+    public void setIssuer(Object value) {
+        final boolean isString = value instanceof String;
+        final boolean isCallbackHandler = value instanceof CallbackHandler;
+        if (isString || isCallbackHandler) {
+            this.issuer = value;
+        } else {
+            LOG.error("Unsupported 'Issuer' object");
+            throw new IllegalArgumentException("Unsupported 'Issuer' object. Type must be
"
+                                               + "java.lang.String or javax.security.auth.callback.CallbackHandler.");
+        }
+    }
+    
     public String getFreshness() {
         return getFederationProtocol().getFreshness();
     }

Modified: cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/saml/SAMLTokenValidator.java
URL: http://svn.apache.org/viewvc/cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/saml/SAMLTokenValidator.java?rev=1343102&r1=1343101&r2=1343102&view=diff
==============================================================================
--- cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/saml/SAMLTokenValidator.java
(original)
+++ cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/saml/SAMLTokenValidator.java
Sun May 27 21:07:06 2012
@@ -43,6 +43,7 @@ import org.apache.cxf.fediz.core.ClaimCo
 import org.apache.cxf.fediz.core.TokenValidator;
 import org.apache.cxf.fediz.core.TokenValidatorResponse;
 import org.apache.cxf.fediz.core.config.FederationContext;
+import org.apache.cxf.fediz.core.config.FederationProtocol;
 import org.apache.cxf.fediz.core.config.KeyStore;
 import org.apache.cxf.fediz.core.config.TrustManager;
 import org.apache.cxf.fediz.core.config.TrustedIssuer;
@@ -191,8 +192,9 @@ public class SAMLTokenValidator implemen
             }
 
             List<String> roles = null;
-            URI roleURI = config.getRoleURI();
-            String delim = config.getRoleDelimiter();
+            FederationProtocol fp = (FederationProtocol)config.getProtocol();
+            URI roleURI = URI.create(fp.getRoleURI());
+            String delim = fp.getRoleDelimiter();
             if (roleURI != null) {
                 for (Claim c : claims) {
                     URI claimURI = URI.create(c.getNamespace() + "/"

Added: cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/spi/HomeRealmCallback.java
URL: http://svn.apache.org/viewvc/cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/spi/HomeRealmCallback.java?rev=1343102&view=auto
==============================================================================
--- cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/spi/HomeRealmCallback.java
(added)
+++ cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/spi/HomeRealmCallback.java
Sun May 27 21:07:06 2012
@@ -0,0 +1,40 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.cxf.fediz.core.spi;
+
+import javax.servlet.http.HttpServletRequest;
+
+public class HomeRealmCallback extends AbstractServletCallback {
+
+    private String homeRealm;
+
+    public HomeRealmCallback(HttpServletRequest request) {
+        super(request);
+    }
+
+    public String getHomeRealm() {
+        return homeRealm;
+    }
+
+    public void setHomeRealm(String homeRealm) {
+        this.homeRealm = homeRealm;
+    }
+
+}

Modified: cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/spi/IDPCallback.java
URL: http://svn.apache.org/viewvc/cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/spi/IDPCallback.java?rev=1343102&r1=1343101&r2=1343102&view=diff
==============================================================================
--- cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/spi/IDPCallback.java
(original)
+++ cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/spi/IDPCallback.java
Sun May 27 21:07:06 2012
@@ -26,19 +26,11 @@ import javax.servlet.http.HttpServletReq
 public class IDPCallback extends AbstractServletCallback {
 
     private URL issuerUrl;
-    private String trustedIssuer;
 
     public IDPCallback(HttpServletRequest request) {
         super(request);
     }
 
-    /*public IDPCallback(HttpServletRequest request, URL issuerUrl,
-            String trustedIssuer) {
-        this(request);
-        this.issuerUrl = issuerUrl;
-        this.trustedIssuer = trustedIssuer;
-    }*/
-
     public URL getIssuerUrl() {
         return issuerUrl;
     }
@@ -47,12 +39,4 @@ public class IDPCallback extends Abstrac
         this.issuerUrl = issuerUrl;
     }
 
-    public String getTrustedIssuer() {
-        return trustedIssuer;
-    }
-
-    public void setTrustedIssuer(String trustedIssuer) {
-        this.trustedIssuer = trustedIssuer;
-    }
-
 }

Modified: cxf/fediz/trunk/plugins/core/src/main/resources/schemas/FedizConfig.xsd
URL: http://svn.apache.org/viewvc/cxf/fediz/trunk/plugins/core/src/main/resources/schemas/FedizConfig.xsd?rev=1343102&r1=1343101&r2=1343102&view=diff
==============================================================================
--- cxf/fediz/trunk/plugins/core/src/main/resources/schemas/FedizConfig.xsd (original)
+++ cxf/fediz/trunk/plugins/core/src/main/resources/schemas/FedizConfig.xsd Sun May 27 21:07:06
2012
@@ -112,25 +112,22 @@
 	<xs:element name="roleDelimiter" type="xs:string" />
 	<xs:element name="roleURI" type="xs:string" />
 	<xs:element name="realm" type="xs:string" />
-	<xs:element name="issuer" type="xs:anyURI" />
+	
 	<xs:element name="freshness" type="xs:string" />
 
 	<xs:complexType name="protocolType" abstract="true" />
+ 
+	<xs:complexType name="CallbackType">
+		<xs:simpleContent>
+			<xs:extension base="xs:string">
+				<xs:attribute name="type" type="argumentType" />
+			</xs:extension>
+		</xs:simpleContent>
+	</xs:complexType>
 
-	<xs:element name="homeRealm">
-		<xs:complexType>
-			<xs:attribute name="type" use="required" type="argumentType" />
-			<xs:attribute name="value" use="required" type="xs:string" />
-		</xs:complexType>
-	</xs:element>
-
-
-	<xs:element name="authenticationType">
-		<xs:complexType>
-			<xs:attribute name="type" use="required" type="argumentType" />
-			<xs:attribute name="value" use="required" type="xs:string" />
-		</xs:complexType>
-	</xs:element>
+	<xs:element name="issuer" type="CallbackType" />
+	<xs:element name="homeRealm" type="CallbackType" />
+	<xs:element name="authenticationType" type="CallbackType" />
 
 	<xs:simpleType name="argumentType">
 		<xs:restriction base="xs:string">

Added: cxf/fediz/trunk/plugins/core/src/test/java/org/apache/cxf/fediz/core/config/CallbackHandlerTest.java
URL: http://svn.apache.org/viewvc/cxf/fediz/trunk/plugins/core/src/test/java/org/apache/cxf/fediz/core/config/CallbackHandlerTest.java?rev=1343102&view=auto
==============================================================================
--- cxf/fediz/trunk/plugins/core/src/test/java/org/apache/cxf/fediz/core/config/CallbackHandlerTest.java
(added)
+++ cxf/fediz/trunk/plugins/core/src/test/java/org/apache/cxf/fediz/core/config/CallbackHandlerTest.java
Sun May 27 21:07:06 2012
@@ -0,0 +1,250 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.cxf.fediz.core.config;
+
+import java.io.StringReader;
+import java.io.StringWriter;
+import java.math.BigInteger;
+
+import javax.security.auth.callback.Callback;
+import javax.security.auth.callback.CallbackHandler;
+import javax.xml.bind.JAXBContext;
+import javax.xml.bind.JAXBException;
+
+import junit.framework.Assert;
+
+import org.apache.cxf.fediz.common.SecurityTestUtil;
+import org.apache.cxf.fediz.core.config.jaxb.ArgumentType;
+import org.apache.cxf.fediz.core.config.jaxb.AudienceUris;
+import org.apache.cxf.fediz.core.config.jaxb.CallbackType;
+import org.apache.cxf.fediz.core.config.jaxb.CertificateStores;
+import org.apache.cxf.fediz.core.config.jaxb.ClaimType;
+import org.apache.cxf.fediz.core.config.jaxb.ClaimTypesRequested;
+import org.apache.cxf.fediz.core.config.jaxb.ContextConfig;
+import org.apache.cxf.fediz.core.config.jaxb.FederationProtocolType;
+import org.apache.cxf.fediz.core.config.jaxb.FedizConfig;
+import org.apache.cxf.fediz.core.config.jaxb.KeyStoreType;
+import org.apache.cxf.fediz.core.config.jaxb.TrustManagersType;
+import org.apache.cxf.fediz.core.config.jaxb.TrustedIssuerType;
+import org.apache.cxf.fediz.core.config.jaxb.TrustedIssuers;
+import org.apache.cxf.fediz.core.config.jaxb.ValidationType;
+import org.apache.cxf.fediz.core.spi.HomeRealmCallback;
+import org.apache.cxf.fediz.core.spi.IDPCallback;
+import org.apache.cxf.fediz.core.spi.WAuthCallback;
+import org.junit.AfterClass;
+
+public class CallbackHandlerTest {
+
+    private static final String PROTOCOL_VERSION = "1.0.0";
+    private static final String REPLY = "reply value";
+    private static final String TARGET_REALM = "target realm";
+    private static final String CALLBACKHANDLER_CLASS = "org.apache.cxf.fediz.core.config.TestCallbackHandler";
+    private static final String FRESHNESS_VALUE = "10000";
+    private static final String CONFIG_NAME = "ROOT";
+    private static final String CLOCK_SKEW = "1000";
+    private static final String KEYSTORE_PASSWORD = "passw0rd1";
+    private static final String KEYSTORE_RESOURCE_PATH = "org.apache.fediz.kestore1";
+    private static final String AUDIENCE_URI = "http://host_one:port/url";
+    
+    private static final String ROLE_DELIMITER = ";";
+    private static final String ROLE_URI = "http://someserver:8080/path/roles.uri";
+    private static final String CLAIM_TYPE = "a particular claim type";
+    private static final String SUBJECT_VALUE = ".*CN=www.sts1.com.*";
+    
+    
+    @AfterClass
+    public static void cleanup() {
+        SecurityTestUtil.cleanup();
+    }
+    
+    private FedizConfig createConfiguration() throws JAXBException {
+
+        FedizConfig rootConfig = new FedizConfig();
+        ContextConfig config = new ContextConfig();
+        rootConfig.getContextConfig().add(config);
+
+        config.setName(CONFIG_NAME);
+        config.setMaximumClockSkew(new BigInteger(CLOCK_SKEW));
+
+        CertificateStores certStores = new CertificateStores();
+        
+        TrustManagersType tm0 = new TrustManagersType();       
+        KeyStoreType ks0 = new KeyStoreType();
+        ks0.setType("JKS");
+        ks0.setPassword(KEYSTORE_PASSWORD);
+        ks0.setResource(KEYSTORE_RESOURCE_PATH);
+        tm0.setKeyStore(ks0);
+        certStores.getTrustManager().add(tm0);    
+        config.setCertificateStores(certStores);
+        
+        TrustedIssuers trustedIssuers = new TrustedIssuers();
+        TrustedIssuerType ti0 = new TrustedIssuerType();
+        ti0.setCertificateValidation(ValidationType.CHAIN_TRUST);
+        ti0.setName("issuer1");
+        ti0.setSubject(SUBJECT_VALUE);
+        trustedIssuers.getIssuer().add(ti0);
+        config.setTrustedIssuers(trustedIssuers);
+
+        FederationProtocolType protocol = new FederationProtocolType();
+        config.setProtocol(protocol);
+
+        AudienceUris audienceUris = new AudienceUris();
+        audienceUris.getAudienceItem().add(AUDIENCE_URI);
+        config.setAudienceUris(audienceUris);
+
+        protocol.setRoleDelimiter(ROLE_DELIMITER);
+        protocol.setRoleURI(ROLE_URI);
+
+        ClaimTypesRequested claimTypeReq = new ClaimTypesRequested();
+        ClaimType claimType = new ClaimType();
+        claimType.setOptional(true);
+        claimType.setType(CLAIM_TYPE);
+        claimTypeReq.getClaimType().add(claimType);
+        protocol.setClaimTypesRequested(claimTypeReq);
+
+        protocol.setFreshness(FRESHNESS_VALUE);
+        protocol.setRealm(TARGET_REALM);
+        protocol.setReply(REPLY);
+        protocol.setRequest("REQUEST");
+        protocol.setVersion(PROTOCOL_VERSION);
+
+        return rootConfig;
+    }
+    
+    private FedizConfig createConfigWithoutCB() throws JAXBException {
+        
+        FedizConfig config = createConfiguration();
+        FederationProtocolType protocol = (FederationProtocolType)config.getContextConfig().get(0).getProtocol();
+        
+        CallbackType homeRealm = new CallbackType();
+        homeRealm.setType(ArgumentType.STRING);
+        homeRealm.setValue(TestCallbackHandler.TEST_HOME_REALM);
+        protocol.setHomeRealm(homeRealm);
+        
+        CallbackType issuer = new CallbackType();
+        issuer.setType(ArgumentType.STRING);
+        issuer.setValue(TestCallbackHandler.TEST_IDP);
+        protocol.setIssuer(issuer);
+        
+        CallbackType authType = new CallbackType();
+        authType.setType(ArgumentType.STRING);
+        authType.setValue(TestCallbackHandler.TEST_WAUTH);
+        protocol.setAuthenticationType(authType);
+        
+        return config;
+    }
+    
+    private FedizConfig createConfigCB() throws JAXBException {
+        
+        FedizConfig config = createConfiguration();
+        FederationProtocolType protocol = (FederationProtocolType)config.getContextConfig().get(0).getProtocol();
+        
+        CallbackType homeRealm = new CallbackType();
+        homeRealm.setType(ArgumentType.CLASS);
+        homeRealm.setValue(CALLBACKHANDLER_CLASS);
+        protocol.setHomeRealm(homeRealm);
+        
+        CallbackType issuer = new CallbackType();
+        issuer.setType(ArgumentType.CLASS);
+        issuer.setValue(CALLBACKHANDLER_CLASS);
+        protocol.setIssuer(issuer);
+        
+        CallbackType authType = new CallbackType();
+        authType.setType(ArgumentType.CLASS);
+        authType.setValue(CALLBACKHANDLER_CLASS);
+        protocol.setAuthenticationType(authType);
+        
+        return config;
+    }
+    
+    @org.junit.Test
+    public void testParamsWithCallbackHandler() throws Exception {
+        
+        final JAXBContext jaxbContext = JAXBContext.newInstance(FedizConfig.class);
+        FedizConfig configOut = createConfigCB();
+        StringWriter writer = new StringWriter();
+        jaxbContext.createMarshaller().marshal(configOut, writer);
+        StringReader reader = new StringReader(writer.toString());
+        
+        FederationConfigurator configurator = new FederationConfigurator();
+        configurator.loadConfig(reader);
+        
+        FederationContext ctx = configurator.getFederationContext(CONFIG_NAME);
+        
+        FederationProtocol fp = (FederationProtocol)ctx.getProtocol();
+        
+        Object issuerObj = fp.getIssuer();
+        Assert.assertTrue(issuerObj instanceof CallbackHandler);
+        CallbackHandler issuerCB = (CallbackHandler)issuerObj;
+        IDPCallback callbackIDP = new IDPCallback(null);
+        issuerCB.handle(new Callback[] {callbackIDP});
+        String issuerURL = callbackIDP.getIssuerUrl().toString();
+        Assert.assertEquals(TestCallbackHandler.TEST_IDP, issuerURL);
+        
+        Object wAuthObj = fp.getAuthenticationType();
+        Assert.assertTrue(wAuthObj instanceof CallbackHandler);
+        CallbackHandler wauthCB = (CallbackHandler)wAuthObj;
+        WAuthCallback callbackWA = new WAuthCallback(null);
+        wauthCB.handle(new Callback[] {callbackWA});
+        String wAuth = callbackWA.getWauth();
+        Assert.assertEquals(TestCallbackHandler.TEST_WAUTH, wAuth);
+        
+        Object homeRealmObj = fp.getHomeRealm();
+        Assert.assertTrue(homeRealmObj instanceof CallbackHandler);
+        CallbackHandler hrCB = (CallbackHandler)homeRealmObj;
+        HomeRealmCallback callbackHR = new HomeRealmCallback(null);
+        hrCB.handle(new Callback[] {callbackHR});
+        String hr = callbackHR.getHomeRealm();
+        Assert.assertEquals(TestCallbackHandler.TEST_HOME_REALM, hr);
+    }
+    
+    @org.junit.Test
+    public void testParamsWithoutCallbackHandler() throws Exception {
+        
+        final JAXBContext jaxbContext = JAXBContext.newInstance(FedizConfig.class);
+        FedizConfig configOut = createConfigWithoutCB();
+        StringWriter writer = new StringWriter();
+        jaxbContext.createMarshaller().marshal(configOut, writer);
+        StringReader reader = new StringReader(writer.toString());
+        
+        FederationConfigurator configurator = new FederationConfigurator();
+        configurator.loadConfig(reader);
+        
+        FederationContext ctx = configurator.getFederationContext(CONFIG_NAME);
+        
+        FederationProtocol fp = (FederationProtocol)ctx.getProtocol();
+        
+        Object issuerObj = fp.getIssuer();
+        Assert.assertTrue(issuerObj instanceof String);
+        String issuerURL = (String)issuerObj;
+        Assert.assertEquals(TestCallbackHandler.TEST_IDP, issuerURL);
+        
+        Object wAuthObj = fp.getAuthenticationType();
+        Assert.assertTrue(wAuthObj instanceof String);
+        String wAuth = (String)wAuthObj;
+        Assert.assertEquals(TestCallbackHandler.TEST_WAUTH, wAuth);
+        
+        Object homeRealmObj = fp.getHomeRealm();
+        Assert.assertTrue(homeRealmObj instanceof String);
+        String hr = (String)homeRealmObj;
+        Assert.assertEquals(TestCallbackHandler.TEST_HOME_REALM, hr);
+    }
+    
+}

Modified: cxf/fediz/trunk/plugins/core/src/test/java/org/apache/cxf/fediz/core/config/FedizConfigurationTest.java
URL: http://svn.apache.org/viewvc/cxf/fediz/trunk/plugins/core/src/test/java/org/apache/cxf/fediz/core/config/FedizConfigurationTest.java?rev=1343102&r1=1343101&r2=1343102&view=diff
==============================================================================
--- cxf/fediz/trunk/plugins/core/src/test/java/org/apache/cxf/fediz/core/config/FedizConfigurationTest.java
(original)
+++ cxf/fediz/trunk/plugins/core/src/test/java/org/apache/cxf/fediz/core/config/FedizConfigurationTest.java
Sun May 27 21:07:06 2012
@@ -31,14 +31,13 @@ import javax.xml.bind.JAXBException;
 import org.apache.cxf.fediz.common.SecurityTestUtil;
 import org.apache.cxf.fediz.core.config.jaxb.ArgumentType;
 import org.apache.cxf.fediz.core.config.jaxb.AudienceUris;
-import org.apache.cxf.fediz.core.config.jaxb.AuthenticationType;
+import org.apache.cxf.fediz.core.config.jaxb.CallbackType;
 import org.apache.cxf.fediz.core.config.jaxb.CertificateStores;
 import org.apache.cxf.fediz.core.config.jaxb.ClaimType;
 import org.apache.cxf.fediz.core.config.jaxb.ClaimTypesRequested;
 import org.apache.cxf.fediz.core.config.jaxb.ContextConfig;
 import org.apache.cxf.fediz.core.config.jaxb.FederationProtocolType;
 import org.apache.cxf.fediz.core.config.jaxb.FedizConfig;
-import org.apache.cxf.fediz.core.config.jaxb.HomeRealm;
 import org.apache.cxf.fediz.core.config.jaxb.KeyStoreType;
 import org.apache.cxf.fediz.core.config.jaxb.TrustManagersType;
 import org.apache.cxf.fediz.core.config.jaxb.TrustedIssuerType;
@@ -154,7 +153,7 @@ public class FedizConfigurationTest {
         FederationProtocolType protocol = new FederationProtocolType();
         config.setProtocol(protocol);
 
-        AuthenticationType authType = new AuthenticationType();
+        CallbackType authType = new CallbackType();
         authType.setType(ArgumentType.STRING);
         authType.setValue(AUTH_TYPE_VALUE);
 
@@ -183,7 +182,7 @@ public class FedizConfigurationTest {
 
         protocol.setFreshness(FRESHNESS_VALUE);
 
-        HomeRealm homeRealm = new HomeRealm();
+        CallbackType homeRealm = new CallbackType();
         homeRealm.setType(ArgumentType.CLASS);
         homeRealm.setValue(HOME_REALM_CLASS);
 
@@ -192,7 +191,10 @@ public class FedizConfigurationTest {
         protocol.setReply(REPLY);
         protocol.setRequest("REQUEST");
         protocol.setVersion(PROTOCOL_VERSION);
-        protocol.setIssuer(ISSUER);
+        
+        CallbackType issuer = new CallbackType();
+        issuer.setValue(ISSUER);
+        protocol.setIssuer(issuer);
 
         return rootConfig;
 
@@ -217,11 +219,12 @@ public class FedizConfigurationTest {
         final JAXBContext jaxbContext = JAXBContext
                 .newInstance(FedizConfig.class);
 
-        FederationConfigurator configurator = new FederationConfigurator();
         FedizConfig configOut = createConfiguration();
         StringWriter writer = new StringWriter();
         jaxbContext.createMarshaller().marshal(configOut, writer);
         StringReader reader = new StringReader(writer.toString());
+        
+        FederationConfigurator configurator = new FederationConfigurator();
         configurator.loadConfig(reader);
 
         File f = new File(CONFIG_FILE);

Modified: cxf/fediz/trunk/plugins/core/src/test/java/org/apache/cxf/fediz/core/config/FedizConfigurationWriterTest.java
URL: http://svn.apache.org/viewvc/cxf/fediz/trunk/plugins/core/src/test/java/org/apache/cxf/fediz/core/config/FedizConfigurationWriterTest.java?rev=1343102&r1=1343101&r2=1343102&view=diff
==============================================================================
--- cxf/fediz/trunk/plugins/core/src/test/java/org/apache/cxf/fediz/core/config/FedizConfigurationWriterTest.java
(original)
+++ cxf/fediz/trunk/plugins/core/src/test/java/org/apache/cxf/fediz/core/config/FedizConfigurationWriterTest.java
Sun May 27 21:07:06 2012
@@ -32,14 +32,13 @@ import javax.xml.bind.JAXBException;
 import org.apache.cxf.fediz.common.SecurityTestUtil;
 import org.apache.cxf.fediz.core.config.jaxb.ArgumentType;
 import org.apache.cxf.fediz.core.config.jaxb.AudienceUris;
-import org.apache.cxf.fediz.core.config.jaxb.AuthenticationType;
+import org.apache.cxf.fediz.core.config.jaxb.CallbackType;
 import org.apache.cxf.fediz.core.config.jaxb.CertificateStores;
 import org.apache.cxf.fediz.core.config.jaxb.ClaimType;
 import org.apache.cxf.fediz.core.config.jaxb.ClaimTypesRequested;
 import org.apache.cxf.fediz.core.config.jaxb.ContextConfig;
 import org.apache.cxf.fediz.core.config.jaxb.FederationProtocolType;
 import org.apache.cxf.fediz.core.config.jaxb.FedizConfig;
-import org.apache.cxf.fediz.core.config.jaxb.HomeRealm;
 import org.apache.cxf.fediz.core.config.jaxb.KeyStoreType;
 import org.apache.cxf.fediz.core.config.jaxb.TrustManagersType;
 import org.apache.cxf.fediz.core.config.jaxb.TrustedIssuerType;
@@ -115,7 +114,7 @@ public class FedizConfigurationWriterTes
         certStores.getTrustManager().add(truststore);
         config.setCertificateStores(certStores);
 
-        AuthenticationType authType = new AuthenticationType();
+        CallbackType authType = new CallbackType();
         authType.setType(ArgumentType.STRING);
         authType.setValue(AUTH_TYPE_VALUE);
 
@@ -137,7 +136,7 @@ public class FedizConfigurationWriterTes
 
         protocol.setFreshness(FRESHNESS_VALUE);
 
-        HomeRealm homeRealm = new HomeRealm();
+        CallbackType homeRealm = new CallbackType();
         homeRealm.setType(ArgumentType.CLASS);
         homeRealm.setValue(HOME_REALM_CLASS);
 
@@ -146,7 +145,10 @@ public class FedizConfigurationWriterTes
         protocol.setReply(REPLY);
         protocol.setRequest("REQUEST");
         protocol.setVersion(PROTOCOL_VERSION);
-        protocol.setIssuer(ISSUER);
+        
+        CallbackType issuer = new CallbackType();
+        issuer.setValue(ISSUER);
+        protocol.setIssuer(issuer);
 
         return rootConfig;
 
@@ -227,9 +229,9 @@ public class FedizConfigurationWriterTes
         FederationProtocol fedProtocol = (FederationProtocol) protocol;
         Assert.assertEquals(TARGET_REALM, fedProtocol.getRealm());
         
-        Authentication auth = fedProtocol.getAuthenticationType();
-        Assert.assertEquals(auth.getType(), PropertyType.STRING);
-        Assert.assertEquals(auth.getValue(), AUTH_TYPE_VALUE);
+        Object auth = fedProtocol.getAuthenticationType();
+        Assert.assertTrue(auth instanceof String);
+        Assert.assertEquals((String)auth, AUTH_TYPE_VALUE);
         
         //Assert.assertEquals(ValidationMethod.CHAIN_TRUST, fedContext.getCertificateValidation());
         List<String> audienceUris = fedContext.getAudienceUris();

Added: cxf/fediz/trunk/plugins/core/src/test/java/org/apache/cxf/fediz/core/config/TestCallbackHandler.java
URL: http://svn.apache.org/viewvc/cxf/fediz/trunk/plugins/core/src/test/java/org/apache/cxf/fediz/core/config/TestCallbackHandler.java?rev=1343102&view=auto
==============================================================================
--- cxf/fediz/trunk/plugins/core/src/test/java/org/apache/cxf/fediz/core/config/TestCallbackHandler.java
(added)
+++ cxf/fediz/trunk/plugins/core/src/test/java/org/apache/cxf/fediz/core/config/TestCallbackHandler.java
Sun May 27 21:07:06 2012
@@ -0,0 +1,56 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.cxf.fediz.core.config;
+
+import java.io.IOException;
+import java.net.URL;
+
+import javax.security.auth.callback.Callback;
+import javax.security.auth.callback.CallbackHandler;
+import javax.security.auth.callback.UnsupportedCallbackException;
+
+import org.apache.cxf.fediz.core.spi.HomeRealmCallback;
+import org.apache.cxf.fediz.core.spi.IDPCallback;
+import org.apache.cxf.fediz.core.spi.WAuthCallback;
+
+public class TestCallbackHandler implements CallbackHandler {
+
+    static final String TEST_HOME_REALM = "http://test.com/homerealm";
+    static final String TEST_IDP = "http://rp.example.com/";
+    static final String TEST_WAUTH = "up";
+    
+    public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException
{
+        for (int i = 0; i < callbacks.length; i++) {
+            if (callbacks[i] instanceof HomeRealmCallback) {
+                HomeRealmCallback callback = (HomeRealmCallback) callbacks[i];
+                callback.setHomeRealm(TEST_HOME_REALM);
+            } else if (callbacks[i] instanceof WAuthCallback) {
+                WAuthCallback callback = (WAuthCallback) callbacks[i];
+                callback.setWauth(TEST_WAUTH);
+            } else if (callbacks[i] instanceof IDPCallback) {
+                IDPCallback callback = (IDPCallback) callbacks[i];
+                callback.setIssuerUrl(new URL(TEST_IDP));
+            } else {
+                throw new UnsupportedCallbackException(callbacks[i], "Unrecognized Callback");
+            }
+        }
+    }
+
+}
\ No newline at end of file

Modified: cxf/fediz/trunk/plugins/core/src/test/resources/fediz_test_config.xml
URL: http://svn.apache.org/viewvc/cxf/fediz/trunk/plugins/core/src/test/resources/fediz_test_config.xml?rev=1343102&r1=1343101&r2=1343102&view=diff
==============================================================================
--- cxf/fediz/trunk/plugins/core/src/test/resources/fediz_test_config.xml (original)
+++ cxf/fediz/trunk/plugins/core/src/test/resources/fediz_test_config.xml Sun May 27 21:07:06
2012
@@ -23,8 +23,7 @@
 			<roleDelimiter>;</roleDelimiter>
 			<roleURI>http://schemas.xmlsoap.org/ws/2005/05/identity/claims/role</roleURI>
 			<authenticationType value="some auth type" type="String" />
-			<homeRealm value="org.apache.fediz.realm.MyHomeRealm.class"
-				type="Class" />
+			<homeRealm type="Class">org.apache.fediz.realm.MyHomeRealm.class</homeRealm>
 			<freshness>10000</freshness>
 			<reply>reply value</reply>
 			<request>REQUEST</request>



Mime
View raw message