cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From cohei...@apache.org
Subject [2/3] git commit: [CXF-5693] - Support wsp:URI as part of wsp:AppliesTo in the STS
Date Wed, 16 Apr 2014 15:11:25 GMT
[CXF-5693] - Support wsp:URI as part of wsp:AppliesTo in the STS


Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/115dc3aa
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/115dc3aa
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/115dc3aa

Branch: refs/heads/2.7.x-fixes
Commit: 115dc3aa448766b575b28924695a7b3ad4d51f18
Parents: 8e441b9
Author: Colm O hEigeartaigh <coheigea@apache.org>
Authored: Wed Apr 16 15:59:51 2014 +0100
Committer: Colm O hEigeartaigh <coheigea@apache.org>
Committed: Wed Apr 16 16:03:27 2014 +0100

----------------------------------------------------------------------
 .../cxf/sts/operation/AbstractOperation.java    | 11 ++-
 .../cxf/sts/operation/IssueSamlUnitTest.java    | 85 ++++++++++++++++++++
 2 files changed, 95 insertions(+), 1 deletion(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/cxf/blob/115dc3aa/services/sts/sts-core/src/main/java/org/apache/cxf/sts/operation/AbstractOperation.java
----------------------------------------------------------------------
diff --git a/services/sts/sts-core/src/main/java/org/apache/cxf/sts/operation/AbstractOperation.java
b/services/sts/sts-core/src/main/java/org/apache/cxf/sts/operation/AbstractOperation.java
index 29b9b1d..727431c 100644
--- a/services/sts/sts-core/src/main/java/org/apache/cxf/sts/operation/AbstractOperation.java
+++ b/services/sts/sts-core/src/main/java/org/apache/cxf/sts/operation/AbstractOperation.java
@@ -429,7 +429,7 @@ public abstract class AbstractOperation {
     /**
      * Extract an address from an AppliesTo DOM element
      */
-    protected static String extractAddressFromAppliesTo(Element appliesTo) {
+    protected String extractAddressFromAppliesTo(Element appliesTo) {
         LOG.fine("Parsing AppliesTo element");
         if (appliesTo != null) {
             Element endpointRef = 
@@ -445,6 +445,15 @@ public abstract class AbstractOperation {
                     LOG.fine("Found address element");
                     return address.getTextContent();
                 }
+            } else if (appliesTo.getNamespaceURI() != null) {
+                Element uri = 
+                    DOMUtils.getFirstChildWithName(
+                        appliesTo, appliesTo.getNamespaceURI(), "URI"
+                    );
+                if (uri != null) {
+                    LOG.fine("Found URI element");
+                    return uri.getTextContent();
+                }
             }
         }
         LOG.fine("AppliesTo element does not exist or could not be parsed");

http://git-wip-us.apache.org/repos/asf/cxf/blob/115dc3aa/services/sts/sts-core/src/test/java/org/apache/cxf/sts/operation/IssueSamlUnitTest.java
----------------------------------------------------------------------
diff --git a/services/sts/sts-core/src/test/java/org/apache/cxf/sts/operation/IssueSamlUnitTest.java
b/services/sts/sts-core/src/test/java/org/apache/cxf/sts/operation/IssueSamlUnitTest.java
index 3a3e1dd..5d1d829 100644
--- a/services/sts/sts-core/src/test/java/org/apache/cxf/sts/operation/IssueSamlUnitTest.java
+++ b/services/sts/sts-core/src/test/java/org/apache/cxf/sts/operation/IssueSamlUnitTest.java
@@ -240,6 +240,79 @@ public class IssueSamlUnitTest extends org.junit.Assert {
     }
     
     /**
+     * Test to successfully issue a Saml 2 token, submitting an AppliesTo URI Element, instead
+     * of the usual EPR one.
+     */
+    @org.junit.Test
+    public void testIssueSaml2AppliesToURIToken() throws Exception {
+        TokenIssueOperation issueOperation = new TokenIssueOperation();
+        
+        // Add Token Provider
+        List<TokenProvider> providerList = new ArrayList<TokenProvider>();
+        providerList.add(new SAMLTokenProvider());
+        issueOperation.setTokenProviders(providerList);
+        
+        // Add Service
+        ServiceMBean service = new StaticService();
+        service.setEndpoints(Collections.singletonList("http://dummy-service.com/dummy"));
+        issueOperation.setServices(Collections.singletonList(service));
+        
+        // Add STSProperties object
+        STSPropertiesMBean stsProperties = new StaticSTSProperties();
+        Crypto crypto = CryptoFactory.getInstance(getEncryptionProperties());
+        stsProperties.setEncryptionCrypto(crypto);
+        stsProperties.setSignatureCrypto(crypto);
+        stsProperties.setEncryptionUsername("myservicekey");
+        stsProperties.setSignatureUsername("mystskey");
+        stsProperties.setCallbackHandler(new PasswordCallbackHandler());
+        stsProperties.setIssuer("STS");
+        issueOperation.setStsProperties(stsProperties);
+        
+        // Mock up a request
+        RequestSecurityTokenType request = new RequestSecurityTokenType();
+        JAXBElement<String> tokenType = 
+            new JAXBElement<String>(
+                QNameConstants.TOKEN_TYPE, String.class, WSConstants.WSS_SAML2_TOKEN_TYPE
+            );
+        request.getAny().add(tokenType);
+        request.getAny().add(createAppliesToURIElement("http://dummy-service.com/dummy"));
+        
+        // Mock up message context
+        MessageImpl msg = new MessageImpl();
+        WrappedMessageContext msgCtx = new WrappedMessageContext(msg);
+        msgCtx.put(
+            SecurityContext.class.getName(), 
+            createSecurityContext(new CustomTokenPrincipal("alice"))
+        );
+        WebServiceContextImpl webServiceContext = new WebServiceContextImpl(msgCtx);
+        
+        // Issue a token
+        RequestSecurityTokenResponseCollectionType response = 
+            issueOperation.issue(request, webServiceContext);
+        List<RequestSecurityTokenResponseType> securityTokenResponse = 
+            response.getRequestSecurityTokenResponse();
+        assertTrue(!securityTokenResponse.isEmpty());
+        
+        // Test the generated token.
+        Element assertion = null;
+        for (Object tokenObject : securityTokenResponse.get(0).getAny()) {
+            if (tokenObject instanceof JAXBElement<?>
+                && REQUESTED_SECURITY_TOKEN.equals(((JAXBElement<?>)tokenObject).getName()))
{
+                RequestedSecurityTokenType rstType = 
+                    (RequestedSecurityTokenType)((JAXBElement<?>)tokenObject).getValue();
+                assertion = (Element)rstType.getAny();
+                break;
+            }
+        }
+        
+        assertNotNull(assertion);
+        String tokenString = DOM2Writer.nodeToString(assertion);
+        assertTrue(tokenString.contains("AttributeStatement"));
+        assertTrue(tokenString.contains("alice"));
+        assertTrue(tokenString.contains(SAML2Constants.CONF_BEARER));
+    }
+    
+    /**
      * Test to successfully issue multiple Saml tokens. It request a SAML 1.1 and SAML 2
token.
      */
     @org.junit.Test
@@ -1377,6 +1450,18 @@ public class IssueSamlUnitTest extends org.junit.Assert {
         return appliesTo;
     }
     
+    private Element createAppliesToURIElement(String addressUrl) {
+        Document doc = DOMUtils.createDocument();
+        Element appliesTo = doc.createElementNS(STSConstants.WSP_NS, "wsp:AppliesTo");
+        appliesTo.setAttributeNS(WSConstants.XMLNS_NS, "xmlns:wsp", STSConstants.WSP_NS);
+        
+        Element uri = doc.createElementNS(STSConstants.WSP_NS, "wsp:URI");
+        uri.setTextContent(addressUrl);
+        appliesTo.appendChild(uri);
+        
+        return appliesTo;
+    }
+    
     private Element createEndpointReference(Document doc, String addressUrl) {
         Element endpointRef = doc.createElementNS(STSConstants.WSA_NS_05, "wsa:EndpointReference");
         endpointRef.setAttributeNS(WSConstants.XMLNS_NS, "xmlns:wsa", STSConstants.WSA_NS_05);


Mime
View raw message