cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From cohei...@apache.org
Subject [2/2] git commit: [CXF-5622] - SAMLSSOResponseValidator broken by CommonsBean update
Date Wed, 02 Apr 2014 14:39:53 GMT
[CXF-5622] - SAMLSSOResponseValidator broken by CommonsBean update


Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/7757436e
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/7757436e
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/7757436e

Branch: refs/heads/master
Commit: 7757436e5e5460d4429e29f21e141833eed724f0
Parents: 61cad67
Author: Colm O hEigeartaigh <coheigea@apache.org>
Authored: Wed Apr 2 15:04:42 2014 +0100
Committer: Colm O hEigeartaigh <coheigea@apache.org>
Committed: Wed Apr 2 15:39:43 2014 +0100

----------------------------------------------------------------------
 .../rs/security/saml/sso/SAMLSSOResponseValidatorTest.java  | 9 +++++++--
 .../systest/jaxrs/security/oauth2/SamlCallbackHandler.java  | 8 +++++++-
 .../systest/jaxrs/security/oauth2/SamlCallbackHandler2.java | 7 ++++++-
 .../systest/jaxrs/security/saml/SamlCallbackHandler.java    | 7 ++++++-
 4 files changed, 26 insertions(+), 5 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/cxf/blob/7757436e/rt/rs/security/sso/saml/src/test/java/org/apache/cxf/rs/security/saml/sso/SAMLSSOResponseValidatorTest.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/sso/saml/src/test/java/org/apache/cxf/rs/security/saml/sso/SAMLSSOResponseValidatorTest.java
b/rt/rs/security/sso/saml/src/test/java/org/apache/cxf/rs/security/saml/sso/SAMLSSOResponseValidatorTest.java
index 0a95584..ebe08d5 100644
--- a/rt/rs/security/sso/saml/src/test/java/org/apache/cxf/rs/security/saml/sso/SAMLSSOResponseValidatorTest.java
+++ b/rt/rs/security/sso/saml/src/test/java/org/apache/cxf/rs/security/saml/sso/SAMLSSOResponseValidatorTest.java
@@ -19,17 +19,19 @@
 
 package org.apache.cxf.rs.security.saml.sso;
 
+import java.util.Collections;
+
 import javax.xml.parsers.DocumentBuilder;
 import javax.xml.parsers.DocumentBuilderFactory;
 
 import org.w3c.dom.Document;
 import org.w3c.dom.Element;
-
 import org.apache.wss4j.common.ext.WSSecurityException;
 import org.apache.wss4j.common.saml.OpenSAMLUtil;
 import org.apache.wss4j.common.saml.SAMLCallback;
 import org.apache.wss4j.common.saml.SAMLUtil;
 import org.apache.wss4j.common.saml.SamlAssertionWrapper;
+import org.apache.wss4j.common.saml.bean.AudienceRestrictionBean;
 import org.apache.wss4j.common.saml.bean.ConditionsBean;
 import org.apache.wss4j.common.saml.bean.SubjectConfirmationDataBean;
 import org.apache.wss4j.common.saml.builder.SAML2Constants;
@@ -220,7 +222,10 @@ public class SAMLSSOResponseValidatorTest extends org.junit.Assert {
         ConditionsBean conditions = new ConditionsBean();
         conditions.setNotBefore(new DateTime());
         conditions.setNotAfter(new DateTime().plusMinutes(5));
-        conditions.setAudienceURI("http://service.apache.org");
+        
+        AudienceRestrictionBean audienceRestriction = new AudienceRestrictionBean();
+        audienceRestriction.setAudienceURIs(Collections.singletonList("http://service.apache.org"));
+        conditions.setAudienceRestrictions(Collections.singletonList(audienceRestriction));
         callbackHandler.setConditions(conditions);
         
         SAMLCallback samlCallback = new SAMLCallback();

http://git-wip-us.apache.org/repos/asf/cxf/blob/7757436e/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/SamlCallbackHandler.java
----------------------------------------------------------------------
diff --git a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/SamlCallbackHandler.java
b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/SamlCallbackHandler.java
index 8d70a94..17ebbc1 100644
--- a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/SamlCallbackHandler.java
+++ b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/SamlCallbackHandler.java
@@ -36,6 +36,7 @@ import org.apache.wss4j.common.saml.SAMLCallback;
 import org.apache.wss4j.common.saml.bean.ActionBean;
 import org.apache.wss4j.common.saml.bean.AttributeBean;
 import org.apache.wss4j.common.saml.bean.AttributeStatementBean;
+import org.apache.wss4j.common.saml.bean.AudienceRestrictionBean;
 import org.apache.wss4j.common.saml.bean.AuthDecisionStatementBean;
 import org.apache.wss4j.common.saml.bean.AuthDecisionStatementBean.Decision;
 import org.apache.wss4j.common.saml.bean.AuthenticationStatementBean;
@@ -80,7 +81,12 @@ public class SamlCallbackHandler implements CallbackHandler {
                 callback.setSubject(subjectBean);
                 
                 ConditionsBean conditions = new ConditionsBean();
-                conditions.setAudienceURI("https://localhost:" + PORT + "/oauth2/token");
+
+                AudienceRestrictionBean audienceRestriction = new AudienceRestrictionBean();
+                String audienceURI = "https://localhost:" + PORT + "/oauth2/token";
+                audienceRestriction.setAudienceURIs(Collections.singletonList(audienceURI));
+                conditions.setAudienceRestrictions(Collections.singletonList(audienceRestriction));
+              
                 callback.setConditions(conditions);
                 
                 AuthDecisionStatementBean authDecBean = new AuthDecisionStatementBean();

http://git-wip-us.apache.org/repos/asf/cxf/blob/7757436e/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/SamlCallbackHandler2.java
----------------------------------------------------------------------
diff --git a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/SamlCallbackHandler2.java
b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/SamlCallbackHandler2.java
index ec4f0fd..0816a3f 100644
--- a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/SamlCallbackHandler2.java
+++ b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/SamlCallbackHandler2.java
@@ -36,6 +36,7 @@ import org.apache.wss4j.common.saml.SAMLCallback;
 import org.apache.wss4j.common.saml.bean.ActionBean;
 import org.apache.wss4j.common.saml.bean.AttributeBean;
 import org.apache.wss4j.common.saml.bean.AttributeStatementBean;
+import org.apache.wss4j.common.saml.bean.AudienceRestrictionBean;
 import org.apache.wss4j.common.saml.bean.AuthDecisionStatementBean;
 import org.apache.wss4j.common.saml.bean.AuthDecisionStatementBean.Decision;
 import org.apache.wss4j.common.saml.bean.AuthenticationStatementBean;
@@ -80,7 +81,11 @@ public class SamlCallbackHandler2 implements CallbackHandler {
                 callback.setSubject(subjectBean);
                 
                 ConditionsBean conditions = new ConditionsBean();
-                conditions.setAudienceURI("https://localhost:" + PORT + "/oauth2-auth/token");
+                AudienceRestrictionBean audienceRestriction = new AudienceRestrictionBean();
+                String audienceURI = "https://localhost:" + PORT + "/oauth2-auth/token";
+                audienceRestriction.setAudienceURIs(Collections.singletonList(audienceURI));
+                conditions.setAudienceRestrictions(Collections.singletonList(audienceRestriction));
+                
                 callback.setConditions(conditions);
                 
                 AuthDecisionStatementBean authDecBean = new AuthDecisionStatementBean();

http://git-wip-us.apache.org/repos/asf/cxf/blob/7757436e/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/saml/SamlCallbackHandler.java
----------------------------------------------------------------------
diff --git a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/saml/SamlCallbackHandler.java
b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/saml/SamlCallbackHandler.java
index f6bf2b4..657e416 100644
--- a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/saml/SamlCallbackHandler.java
+++ b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/saml/SamlCallbackHandler.java
@@ -41,6 +41,7 @@ import org.apache.wss4j.common.saml.SAMLCallback;
 import org.apache.wss4j.common.saml.bean.ActionBean;
 import org.apache.wss4j.common.saml.bean.AttributeBean;
 import org.apache.wss4j.common.saml.bean.AttributeStatementBean;
+import org.apache.wss4j.common.saml.bean.AudienceRestrictionBean;
 import org.apache.wss4j.common.saml.bean.AuthDecisionStatementBean;
 import org.apache.wss4j.common.saml.bean.AuthDecisionStatementBean.Decision;
 import org.apache.wss4j.common.saml.bean.AuthenticationStatementBean;
@@ -117,7 +118,11 @@ public class SamlCallbackHandler implements CallbackHandler {
                 callback.setSubject(subjectBean);
                 
                 ConditionsBean conditions = new ConditionsBean();
-                conditions.setAudienceURI("https://sp.example.com/SAML2");
+                
+                AudienceRestrictionBean audienceRestriction = new AudienceRestrictionBean();
+                audienceRestriction.setAudienceURIs(Collections.singletonList("https://sp.example.com/SAML2"));
+                conditions.setAudienceRestrictions(Collections.singletonList(audienceRestriction));
+                
                 callback.setConditions(conditions);
                 
                 AuthDecisionStatementBean authDecBean = new AuthDecisionStatementBean();


Mime
View raw message