cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From cohei...@apache.org
Subject svn commit: r1346806 - in /cxf/trunk/services/sts/sts-core/src: main/java/org/apache/cxf/sts/ main/java/org/apache/cxf/sts/request/ main/java/org/apache/cxf/sts/token/provider/ test/java/org/apache/cxf/sts/token/provider/
Date Wed, 06 Jun 2012 09:55:51 GMT
Author: coheigea
Date: Wed Jun  6 09:55:50 2012
New Revision: 1346806

URL: http://svn.apache.org/viewvc?rev=1346806&view=rev
Log:
[CXF-4361] - Add support for processing EncryptWith and SignWith parameters in a RST to the
STS

Modified:
    cxf/trunk/services/sts/sts-core/src/main/java/org/apache/cxf/sts/QNameConstants.java
    cxf/trunk/services/sts/sts-core/src/main/java/org/apache/cxf/sts/request/KeyRequirements.java
    cxf/trunk/services/sts/sts-core/src/main/java/org/apache/cxf/sts/request/RequestParser.java
    cxf/trunk/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/provider/SymmetricKeyHandler.java
    cxf/trunk/services/sts/sts-core/src/test/java/org/apache/cxf/sts/token/provider/SAMLProviderKeyTypeTest.java

Modified: cxf/trunk/services/sts/sts-core/src/main/java/org/apache/cxf/sts/QNameConstants.java
URL: http://svn.apache.org/viewvc/cxf/trunk/services/sts/sts-core/src/main/java/org/apache/cxf/sts/QNameConstants.java?rev=1346806&r1=1346805&r2=1346806&view=diff
==============================================================================
--- cxf/trunk/services/sts/sts-core/src/main/java/org/apache/cxf/sts/QNameConstants.java (original)
+++ cxf/trunk/services/sts/sts-core/src/main/java/org/apache/cxf/sts/QNameConstants.java Wed
Jun  6 09:55:50 2012
@@ -82,6 +82,10 @@ public final class QNameConstants {
         WS_TRUST_FACTORY.createKeyWrapAlgorithm("").getName();
     public static final QName USE_KEY = 
         WS_TRUST_FACTORY.createUseKey(null).getName();
+    public static final QName SIGN_WITH = 
+        WS_TRUST_FACTORY.createSignWith(null).getName();
+    public static final QName ENCRYPT_WITH = 
+        WS_TRUST_FACTORY.createEncryptWith(null).getName();
     
     //
     // WSSE QNames

Modified: cxf/trunk/services/sts/sts-core/src/main/java/org/apache/cxf/sts/request/KeyRequirements.java
URL: http://svn.apache.org/viewvc/cxf/trunk/services/sts/sts-core/src/main/java/org/apache/cxf/sts/request/KeyRequirements.java?rev=1346806&r1=1346805&r2=1346806&view=diff
==============================================================================
--- cxf/trunk/services/sts/sts-core/src/main/java/org/apache/cxf/sts/request/KeyRequirements.java
(original)
+++ cxf/trunk/services/sts/sts-core/src/main/java/org/apache/cxf/sts/request/KeyRequirements.java
Wed Jun  6 09:55:50 2012
@@ -34,6 +34,8 @@ public class KeyRequirements {
     private String keywrapAlgorithm;
     private ReceivedKey receivedKey;
     private Entropy entropy;
+    private String encryptWith;
+    private String signWith;
     
     public String getAuthenticationType() {
         return authenticationType;
@@ -126,6 +128,22 @@ public class KeyRequirements {
     public void setEntropy(Entropy entropy) {
         this.entropy = entropy;
     }
+
+    public String getEncryptWith() {
+        return encryptWith;
+    }
+
+    public void setEncryptWith(String encryptWith) {
+        this.encryptWith = encryptWith;
+    }
+
+    public String getSignWith() {
+        return signWith;
+    }
+
+    public void setSignWith(String signWith) {
+        this.signWith = signWith;
+    }
     
     
 }
\ No newline at end of file

Modified: cxf/trunk/services/sts/sts-core/src/main/java/org/apache/cxf/sts/request/RequestParser.java
URL: http://svn.apache.org/viewvc/cxf/trunk/services/sts/sts-core/src/main/java/org/apache/cxf/sts/request/RequestParser.java?rev=1346806&r1=1346805&r2=1346806&view=diff
==============================================================================
--- cxf/trunk/services/sts/sts-core/src/main/java/org/apache/cxf/sts/request/RequestParser.java
(original)
+++ cxf/trunk/services/sts/sts-core/src/main/java/org/apache/cxf/sts/request/RequestParser.java
Wed Jun  6 09:55:50 2012
@@ -218,6 +218,14 @@ public class RequestParser {
             EntropyType entropyType = (EntropyType)jaxbElement.getValue();
             Entropy entropy = parseEntropy(entropyType, stsProperties);
             keyRequirements.setEntropy(entropy);
+        } else if (QNameConstants.SIGN_WITH.equals(jaxbElement.getName())) {
+            String signWith = (String)jaxbElement.getValue();
+            keyRequirements.setSignWith(signWith);
+            LOG.fine("Found SignWith: " + signWith);
+        } else if (QNameConstants.ENCRYPT_WITH.equals(jaxbElement.getName())) {
+            String encryptWith = (String)jaxbElement.getValue();
+            keyRequirements.setEncryptWith(encryptWith);
+            LOG.fine("Found EncryptWith: " + encryptWith);
         } else if (QNameConstants.REQUEST_TYPE.equals(jaxbElement.getName())) { //NOPMD
             // Skip the request type.
         } else {

Modified: cxf/trunk/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/provider/SymmetricKeyHandler.java
URL: http://svn.apache.org/viewvc/cxf/trunk/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/provider/SymmetricKeyHandler.java?rev=1346806&r1=1346805&r2=1346806&view=diff
==============================================================================
--- cxf/trunk/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/provider/SymmetricKeyHandler.java
(original)
+++ cxf/trunk/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/provider/SymmetricKeyHandler.java
Wed Jun  6 09:55:50 2012
@@ -31,6 +31,7 @@ import org.apache.cxf.sts.request.Entrop
 import org.apache.cxf.sts.request.KeyRequirements;
 import org.apache.cxf.ws.security.sts.provider.STSException;
 
+import org.apache.ws.security.WSConstants;
 import org.apache.ws.security.WSSecurityException;
 import org.apache.ws.security.conversation.ConversationException;
 import org.apache.ws.security.conversation.dkalgo.P_SHA1;
@@ -52,10 +53,30 @@ public class SymmetricKeyHandler {
     public SymmetricKeyHandler(TokenProviderParameters tokenParameters) {
         KeyRequirements keyRequirements = tokenParameters.getKeyRequirements();
         
-        // Test KeySize
         keySize = Long.valueOf(keyRequirements.getKeySize()).intValue();
         STSPropertiesMBean stsProperties = tokenParameters.getStsProperties();
         SignatureProperties signatureProperties = stsProperties.getSignatureProperties();
+        
+        // Test EncryptWith
+        String encryptWith = keyRequirements.getEncryptWith();
+        if (encryptWith != null) {
+            if ((WSConstants.AES_128.equals(encryptWith) || WSConstants.AES_128_GCM.equals(encryptWith))
+                && keySize < 128) {
+                keySize = 128;
+            } else if ((WSConstants.AES_192.equals(encryptWith) 
+                || WSConstants.AES_192_GCM.equals(encryptWith))
+                && keySize < 192) {
+                keySize = 192;
+            } else if ((WSConstants.AES_256.equals(encryptWith) 
+                || WSConstants.AES_256_GCM.equals(encryptWith))
+                && keySize < 256) {
+                keySize = 256;
+            } else if (WSConstants.TRIPLE_DES.equals(encryptWith) && keySize <
192) {
+                keySize = 192;
+            }
+        }
+        
+        // Test KeySize
         if (keySize < signatureProperties.getMinimumKeySize()
             || keySize > signatureProperties.getMaximumKeySize()) {
             keySize = Long.valueOf(signatureProperties.getKeySize()).intValue();
@@ -64,7 +85,7 @@ public class SymmetricKeyHandler {
                 + " not accepted so defaulting to " + signatureProperties.getKeySize()
             );
         }
-        
+
         // Test Entropy
         clientEntropy = keyRequirements.getEntropy();
         if (clientEntropy == null) {

Modified: cxf/trunk/services/sts/sts-core/src/test/java/org/apache/cxf/sts/token/provider/SAMLProviderKeyTypeTest.java
URL: http://svn.apache.org/viewvc/cxf/trunk/services/sts/sts-core/src/test/java/org/apache/cxf/sts/token/provider/SAMLProviderKeyTypeTest.java?rev=1346806&r1=1346805&r2=1346806&view=diff
==============================================================================
--- cxf/trunk/services/sts/sts-core/src/test/java/org/apache/cxf/sts/token/provider/SAMLProviderKeyTypeTest.java
(original)
+++ cxf/trunk/services/sts/sts-core/src/test/java/org/apache/cxf/sts/token/provider/SAMLProviderKeyTypeTest.java
Wed Jun  6 09:55:50 2012
@@ -493,6 +493,29 @@ public class SAMLProviderKeyTypeTest ext
         assertTrue(tokenString.contains(WSConstants.C14N_EXCL_WITH_COMMENTS));
     }
     
+    /**
+     * Create a default Saml2 Symmetric Key Assertion using EncryptWith Algorithms.
+     */
+    @org.junit.Test
+    public void testDefaultSaml2EncryptWith() throws Exception {
+        TokenProvider samlTokenProvider = new SAMLTokenProvider();
+        TokenProviderParameters providerParameters = 
+            createProviderParameters(WSConstants.WSS_SAML2_TOKEN_TYPE, STSConstants.SYMMETRIC_KEY_KEYTYPE);
+        KeyRequirements keyRequirements = providerParameters.getKeyRequirements();
+
+        keyRequirements.setEncryptWith(WSConstants.AES_128);
+        keyRequirements.setKeySize(92);
+        TokenProviderResponse providerResponse = samlTokenProvider.createToken(providerParameters);
+        assertTrue(providerResponse != null);
+        assertTrue(providerResponse.getToken() != null && providerResponse.getTokenId()
!= null);
+        
+        keyRequirements.setKeySize(128);
+        keyRequirements.setEncryptWith(WSConstants.AES_256);
+        providerResponse = samlTokenProvider.createToken(providerParameters);
+        assertTrue(providerResponse != null);
+        assertTrue(providerResponse.getToken() != null && providerResponse.getTokenId()
!= null);
+    }
+    
     private TokenProviderParameters createProviderParameters(
         String tokenType, String keyType
     ) throws WSSecurityException {



Mime
View raw message