cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From cohei...@apache.org
Subject cxf git commit: Adding more rs-security tests
Date Thu, 15 Oct 2015 16:34:40 GMT
Repository: cxf
Updated Branches:
  refs/heads/master 0430e7756 -> f456dd41b


Adding more rs-security tests


Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/f456dd41
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/f456dd41
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/f456dd41

Branch: refs/heads/master
Commit: f456dd41b6352dd55404272d351b1580b53558f7
Parents: 0430e77
Author: Colm O hEigeartaigh <coheigea@apache.org>
Authored: Thu Oct 15 17:33:50 2015 +0100
Committer: Colm O hEigeartaigh <coheigea@apache.org>
Committed: Thu Oct 15 17:34:07 2015 +0100

----------------------------------------------------------------------
 .../systest/jaxrs/security/jwt/BookStore.java   |  8 ++++++
 .../jaxrs/security/jwt/JAXRSJweJwsTest.java     | 11 +++++++
 .../jaxrs/security/jwt/JAXRSJwsJsonTest.java    | 30 +++++++++++++++++++-
 .../security/certs/jwkModifiedPrivateSet.txt    | 13 +++++++++
 .../jaxrs/security/secret.jwk.bad.properties    | 21 ++++++++++++++
 5 files changed, 82 insertions(+), 1 deletion(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/cxf/blob/f456dd41/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/jwt/BookStore.java
----------------------------------------------------------------------
diff --git a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/jwt/BookStore.java
b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/jwt/BookStore.java
index b56ce36..dcbeb28 100644
--- a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/jwt/BookStore.java
+++ b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/jwt/BookStore.java
@@ -49,6 +49,14 @@ public class BookStore {
         return book;
     }
     
+    @POST
+    @Path("/books")
+    @Produces("application/xml")
+    @Consumes("application/xml")
+    public Book echoBook2(Book book) {
+        return book;
+    }
+    
 }
 
 

http://git-wip-us.apache.org/repos/asf/cxf/blob/f456dd41/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/jwt/JAXRSJweJwsTest.java
----------------------------------------------------------------------
diff --git a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/jwt/JAXRSJweJwsTest.java
b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/jwt/JAXRSJweJwsTest.java
index 3d558d5..79f418e 100644
--- a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/jwt/JAXRSJweJwsTest.java
+++ b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/jwt/JAXRSJweJwsTest.java
@@ -419,6 +419,17 @@ public class JAXRSJweJwsTest extends AbstractBusClientServerTestBase
{
         assertEquals("book", text);
     }
     
+    // Test signing and encrypting an XML payload
+    @Test
+    public void testJweRsaJwsRsaXML() throws Exception {
+        String address = "https://localhost:" + PORT + "/jwejwsrsa";
+        BookStore bs = createJweJwsBookStore(address, null, null);
+        Book book = new Book();
+        book.setName("book");
+        book = bs.echoBook2(book);
+        assertEquals("book", book.getName());
+    }
+    
     private static class PrivateKeyPasswordProviderImpl implements PrivateKeyPasswordProvider
{
         private String password = "password";
         PrivateKeyPasswordProviderImpl() {

http://git-wip-us.apache.org/repos/asf/cxf/blob/f456dd41/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/jwt/JAXRSJwsJsonTest.java
----------------------------------------------------------------------
diff --git a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/jwt/JAXRSJwsJsonTest.java
b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/jwt/JAXRSJwsJsonTest.java
index 33f55737..1eded3c 100644
--- a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/jwt/JAXRSJwsJsonTest.java
+++ b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/jwt/JAXRSJwsJsonTest.java
@@ -30,6 +30,7 @@ import java.util.List;
 import java.util.Map;
 
 import javax.crypto.Cipher;
+import javax.ws.rs.BadRequestException;
 
 import com.fasterxml.jackson.jaxrs.json.JacksonJsonProvider;
 
@@ -128,10 +129,37 @@ public class JAXRSJwsJsonTest extends AbstractBusClientServerTestBase
{
         List<String> properties = new ArrayList<String>();
         properties.add("org/apache/cxf/systest/jaxrs/security/secret.jwk.hmac2.properties");
         BookStore bs = createBookStore(address, properties, null);
-        Book book = bs.echoBook(new Book("book", 123L));
+        Book book = bs.echoBook2(new Book("book", 123L));
         assertEquals("book", book.getName());
         assertEquals(123L, book.getId());
     }
+    
+    // Test signing an XML payload
+    @Test
+    public void testJwsJsonPlainTextHmacXML() throws Exception {
+        String address = "https://localhost:" + PORT + "/jwsjsonhmac";
+        BookStore bs = createBookStore(address, 
+                                       "org/apache/cxf/systest/jaxrs/security/secret.jwk.properties",
+                                       null);
+        String text = bs.echoText("book");
+        assertEquals("book", text);
+    }
+    
+    // Test signing with a bad signature key
+    @Test
+    public void testJwsJsonPlaintextHMACBadKey() throws Exception {
+        String address = "https://localhost:" + PORT + "/jwsjsonhmac";
+        BookStore bs = createBookStore(address, 
+                                       "org/apache/cxf/systest/jaxrs/security/secret.jwk.bad.properties",
+                                       null);
+        try {
+            bs.echoText("book");
+            fail("Failure expected on a bad signature key");
+        } catch (BadRequestException ex) {
+            // expected
+        }
+    }
+    
     private BookStore createBookStore(String address, Object properties,
                                       List<?> extraProviders) throws Exception {
         return createBookStore(address, 

http://git-wip-us.apache.org/repos/asf/cxf/blob/f456dd41/systests/rs-security/src/test/resources/org/apache/cxf/systest/jaxrs/security/certs/jwkModifiedPrivateSet.txt
----------------------------------------------------------------------
diff --git a/systests/rs-security/src/test/resources/org/apache/cxf/systest/jaxrs/security/certs/jwkModifiedPrivateSet.txt
b/systests/rs-security/src/test/resources/org/apache/cxf/systest/jaxrs/security/certs/jwkModifiedPrivateSet.txt
new file mode 100644
index 0000000..a67b7a6
--- /dev/null
+++ b/systests/rs-security/src/test/resources/org/apache/cxf/systest/jaxrs/security/certs/jwkModifiedPrivateSet.txt
@@ -0,0 +1,13 @@
+{"keys":
+       [
+         {"kty":"oct",
+          "alg":"A128KW",
+          "k":"GawgguFyGrWKav7AX4VKUg",
+          "kid":"AesWrapKey"},
+          
+          {"kty":"oct",
+          "alg":"HS256",
+          "k":"AyM1SysPpbxDfgZld3umj1qzKObwVMkoqQ-EstJQLr_T-1qS0gZH75aKtMN3Yj0iPS4hcgUuTwjAzZr1Z9CAow",
+          "kid":"HMACKey"},
+       ]
+     }

http://git-wip-us.apache.org/repos/asf/cxf/blob/f456dd41/systests/rs-security/src/test/resources/org/apache/cxf/systest/jaxrs/security/secret.jwk.bad.properties
----------------------------------------------------------------------
diff --git a/systests/rs-security/src/test/resources/org/apache/cxf/systest/jaxrs/security/secret.jwk.bad.properties
b/systests/rs-security/src/test/resources/org/apache/cxf/systest/jaxrs/security/secret.jwk.bad.properties
new file mode 100644
index 0000000..0569c45
--- /dev/null
+++ b/systests/rs-security/src/test/resources/org/apache/cxf/systest/jaxrs/security/secret.jwk.bad.properties
@@ -0,0 +1,21 @@
+#    Licensed to the Apache Software Foundation (ASF) under one
+#    or more contributor license agreements. See the NOTICE file
+#    distributed with this work for additional information
+#    regarding copyright ownership. The ASF licenses this file
+#    to you under the Apache License, Version 2.0 (the
+#    "License"); you may not use this file except in compliance
+#    with the License. You may obtain a copy of the License at
+#
+#    http://www.apache.org/licenses/LICENSE-2.0
+#
+#    Unless required by applicable law or agreed to in writing,
+#    software distributed under the License is distributed on an
+#    "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+#    KIND, either express or implied. See the License for the
+#    specific language governing permissions and limitations
+#    under the License.
+rs.security.keystore.type=jwk
+rs.security.keystore.alias.jwe=AesWrapKey
+rs.security.keystore.alias.jws=HMACKey
+rs.security.keystore.file=org/apache/cxf/systest/jaxrs/security/certs/jwkModifiedPrivateSet.txt
+rs.security.encryption.content.algorithm=A128GCM


Mime
View raw message