cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From cohei...@apache.org
Subject [2/2] cxf git commit: Fix some failing tests with WSS4J SNAPSHOT
Date Mon, 16 Nov 2015 12:01:46 GMT
Fix some failing tests with WSS4J SNAPSHOT


Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/7b762968
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/7b762968
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/7b762968

Branch: refs/heads/master
Commit: 7b7629682d15345518e66d46e575bf1ac334cf00
Parents: 591a3ac
Author: Colm O hEigeartaigh <coheigea@apache.org>
Authored: Mon Nov 16 10:55:33 2015 +0000
Committer: Colm O hEigeartaigh <coheigea@apache.org>
Committed: Mon Nov 16 11:35:08 2015 +0000

----------------------------------------------------------------------
 .../token/provider/JWTTokenProviderTest.java    | 167 ++++++++++---------
 1 file changed, 90 insertions(+), 77 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/cxf/blob/7b762968/services/sts/sts-core/src/test/java/org/apache/cxf/sts/token/provider/JWTTokenProviderTest.java
----------------------------------------------------------------------
diff --git a/services/sts/sts-core/src/test/java/org/apache/cxf/sts/token/provider/JWTTokenProviderTest.java
b/services/sts/sts-core/src/test/java/org/apache/cxf/sts/token/provider/JWTTokenProviderTest.java
index c81f746..f49e6eb 100644
--- a/services/sts/sts-core/src/test/java/org/apache/cxf/sts/token/provider/JWTTokenProviderTest.java
+++ b/services/sts/sts-core/src/test/java/org/apache/cxf/sts/token/provider/JWTTokenProviderTest.java
@@ -19,6 +19,7 @@
 package org.apache.cxf.sts.token.provider;
 
 import java.security.KeyStore;
+import java.security.Security;
 import java.security.cert.X509Certificate;
 import java.util.Arrays;
 import java.util.Properties;
@@ -53,6 +54,7 @@ import org.apache.wss4j.common.crypto.CryptoType;
 import org.apache.wss4j.common.crypto.Merlin;
 import org.apache.wss4j.common.ext.WSSecurityException;
 import org.apache.wss4j.common.principal.CustomTokenPrincipal;
+import org.bouncycastle.jce.provider.BouncyCastleProvider;
 import org.junit.Assert;
 
 /**
@@ -131,42 +133,48 @@ public class JWTTokenProviderTest extends org.junit.Assert {
     
     @org.junit.Test
     public void testCreateSignedPSJWT() throws Exception {
-        TokenProvider jwtTokenProvider = new JWTTokenProvider();
-        ((JWTTokenProvider)jwtTokenProvider).setSignToken(true);
-        
-        TokenProviderParameters providerParameters = createProviderParameters();
-        SignatureProperties sigProps = new SignatureProperties();
-        sigProps.setSignatureAlgorithm(SignatureAlgorithm.PS256.name());
-        providerParameters.getStsProperties().setSignatureProperties(sigProps);
-        
-        assertTrue(jwtTokenProvider.canHandleToken(JWTTokenProvider.JWT_TOKEN_TYPE));
-        TokenProviderResponse providerResponse = jwtTokenProvider.createToken(providerParameters);
-        assertTrue(providerResponse != null);
-        assertTrue(providerResponse.getToken() != null && providerResponse.getTokenId()
!= null);
-
-        String token = (String)providerResponse.getToken();
-        assertNotNull(token);
-        assertTrue(token.split("\\.").length == 3);
-        
-        // Validate the token
-        JwsJwtCompactConsumer jwtConsumer = new JwsJwtCompactConsumer(token);
-        JwtToken jwt = jwtConsumer.getJwtToken();
-        Assert.assertEquals("alice", jwt.getClaim(JwtConstants.CLAIM_SUBJECT));
-        Assert.assertEquals(providerResponse.getTokenId(), jwt.getClaim(JwtConstants.CLAIM_JWT_ID));
-        Assert.assertEquals(providerResponse.getCreated().getTime() / 1000L, 
-                            jwt.getClaim(JwtConstants.CLAIM_ISSUED_AT));
-        Assert.assertEquals(providerResponse.getExpires().getTime() / 1000L, 
-                            jwt.getClaim(JwtConstants.CLAIM_EXPIRY));
+        try {
+            Security.addProvider(new BouncyCastleProvider());
         
-        // Verify Signature
-        Crypto crypto = providerParameters.getStsProperties().getSignatureCrypto();
-        CryptoType cryptoType = new CryptoType(CryptoType.TYPE.ALIAS);
-        cryptoType.setAlias(providerParameters.getStsProperties().getSignatureUsername());
-        X509Certificate[] certs = crypto.getX509Certificates(cryptoType);
-        assertNotNull(certs);
-        
-        assertFalse(jwtConsumer.verifySignatureWith(certs[0], SignatureAlgorithm.RS256));
-        assertTrue(jwtConsumer.verifySignatureWith(certs[0], SignatureAlgorithm.PS256));
+            TokenProvider jwtTokenProvider = new JWTTokenProvider();
+            ((JWTTokenProvider)jwtTokenProvider).setSignToken(true);
+            
+            TokenProviderParameters providerParameters = createProviderParameters();
+            SignatureProperties sigProps = new SignatureProperties();
+            sigProps.setSignatureAlgorithm(SignatureAlgorithm.PS256.name());
+            providerParameters.getStsProperties().setSignatureProperties(sigProps);
+            
+            assertTrue(jwtTokenProvider.canHandleToken(JWTTokenProvider.JWT_TOKEN_TYPE));
+            TokenProviderResponse providerResponse = jwtTokenProvider.createToken(providerParameters);
+            assertTrue(providerResponse != null);
+            assertTrue(providerResponse.getToken() != null && providerResponse.getTokenId()
!= null);
+    
+            String token = (String)providerResponse.getToken();
+            assertNotNull(token);
+            assertTrue(token.split("\\.").length == 3);
+            
+            // Validate the token
+            JwsJwtCompactConsumer jwtConsumer = new JwsJwtCompactConsumer(token);
+            JwtToken jwt = jwtConsumer.getJwtToken();
+            Assert.assertEquals("alice", jwt.getClaim(JwtConstants.CLAIM_SUBJECT));
+            Assert.assertEquals(providerResponse.getTokenId(), jwt.getClaim(JwtConstants.CLAIM_JWT_ID));
+            Assert.assertEquals(providerResponse.getCreated().getTime() / 1000L, 
+                                jwt.getClaim(JwtConstants.CLAIM_ISSUED_AT));
+            Assert.assertEquals(providerResponse.getExpires().getTime() / 1000L, 
+                                jwt.getClaim(JwtConstants.CLAIM_EXPIRY));
+            
+            // Verify Signature
+            Crypto crypto = providerParameters.getStsProperties().getSignatureCrypto();
+            CryptoType cryptoType = new CryptoType(CryptoType.TYPE.ALIAS);
+            cryptoType.setAlias(providerParameters.getStsProperties().getSignatureUsername());
+            X509Certificate[] certs = crypto.getX509Certificates(cryptoType);
+            assertNotNull(certs);
+            
+            assertFalse(jwtConsumer.verifySignatureWith(certs[0], SignatureAlgorithm.RS256));
+            assertTrue(jwtConsumer.verifySignatureWith(certs[0], SignatureAlgorithm.PS256));
+        } finally {
+            Security.removeProvider(BouncyCastleProvider.PROVIDER_NAME);
+        }
     }
     
     @org.junit.Test
@@ -249,53 +257,58 @@ public class JWTTokenProviderTest extends org.junit.Assert {
     
     @org.junit.Test
     public void testCreateUnsignedEncryptedCBCJWT() throws Exception {
-        TokenProvider jwtTokenProvider = new JWTTokenProvider();
-        ((JWTTokenProvider)jwtTokenProvider).setSignToken(false);
-        
-        TokenProviderParameters providerParameters = createProviderParameters();
-        providerParameters.setEncryptToken(true);
-        providerParameters.getEncryptionProperties().setEncryptionAlgorithm(
-            ContentAlgorithm.A128CBC_HS256.name()
-        );
-        
-        assertTrue(jwtTokenProvider.canHandleToken(JWTTokenProvider.JWT_TOKEN_TYPE));
-        TokenProviderResponse providerResponse = jwtTokenProvider.createToken(providerParameters);
-        assertTrue(providerResponse != null);
-        assertTrue(providerResponse.getToken() != null && providerResponse.getTokenId()
!= null);
-
-        String token = (String)providerResponse.getToken();
-        assertNotNull(token);
-        assertTrue(token.split("\\.").length == 5);
-        
-        if (unrestrictedPoliciesInstalled) {
-            // Validate the token
-            JweJwtCompactConsumer jwtConsumer = new JweJwtCompactConsumer(token);
-            Properties decProperties = new Properties();
-            Crypto decryptionCrypto = CryptoFactory.getInstance(getDecryptionProperties());
-            KeyStore keystore = ((Merlin)decryptionCrypto).getKeyStore();
-            decProperties.put(JoseConstants.RSSEC_KEY_STORE, keystore);
-            decProperties.put(JoseConstants.RSSEC_KEY_STORE_ALIAS, "myservicekey");
-            decProperties.put(JoseConstants.RSSEC_KEY_PSWD, "skpass");
-            decProperties.put(JoseConstants.RSSEC_ENCRYPTION_CONTENT_ALGORITHM, 
-                              ContentAlgorithm.A128CBC_HS256.name());
+        try {
+            Security.addProvider(new BouncyCastleProvider());
             
-            JweDecryptionProvider decProvider =
-                JweUtils.loadDecryptionProvider(decProperties, jwtConsumer.getHeaders(),
false);
+            TokenProvider jwtTokenProvider = new JWTTokenProvider();
+            ((JWTTokenProvider)jwtTokenProvider).setSignToken(false);
             
-            JweDecryptionOutput decOutput = decProvider.decrypt(token);
-            String decToken = decOutput.getContentText();
+            TokenProviderParameters providerParameters = createProviderParameters();
+            providerParameters.setEncryptToken(true);
+            providerParameters.getEncryptionProperties().setEncryptionAlgorithm(
+                ContentAlgorithm.A128CBC_HS256.name()
+            );
             
-            JwsJwtCompactConsumer jwtJwsConsumer = new JwsJwtCompactConsumer(decToken);
-            JwtToken jwt = jwtJwsConsumer.getJwtToken();
+            assertTrue(jwtTokenProvider.canHandleToken(JWTTokenProvider.JWT_TOKEN_TYPE));
+            TokenProviderResponse providerResponse = jwtTokenProvider.createToken(providerParameters);
+            assertTrue(providerResponse != null);
+            assertTrue(providerResponse.getToken() != null && providerResponse.getTokenId()
!= null);
+    
+            String token = (String)providerResponse.getToken();
+            assertNotNull(token);
+            assertTrue(token.split("\\.").length == 5);
             
-            Assert.assertEquals("alice", jwt.getClaim(JwtConstants.CLAIM_SUBJECT));
-            Assert.assertEquals(providerResponse.getTokenId(), jwt.getClaim(JwtConstants.CLAIM_JWT_ID));
-            Assert.assertEquals(providerResponse.getCreated().getTime() / 1000L, 
-                                jwt.getClaim(JwtConstants.CLAIM_ISSUED_AT));
-            Assert.assertEquals(providerResponse.getExpires().getTime() / 1000L, 
-                                jwt.getClaim(JwtConstants.CLAIM_EXPIRY));
+            if (unrestrictedPoliciesInstalled) {
+                // Validate the token
+                JweJwtCompactConsumer jwtConsumer = new JweJwtCompactConsumer(token);
+                Properties decProperties = new Properties();
+                Crypto decryptionCrypto = CryptoFactory.getInstance(getDecryptionProperties());
+                KeyStore keystore = ((Merlin)decryptionCrypto).getKeyStore();
+                decProperties.put(JoseConstants.RSSEC_KEY_STORE, keystore);
+                decProperties.put(JoseConstants.RSSEC_KEY_STORE_ALIAS, "myservicekey");
+                decProperties.put(JoseConstants.RSSEC_KEY_PSWD, "skpass");
+                decProperties.put(JoseConstants.RSSEC_ENCRYPTION_CONTENT_ALGORITHM, 
+                                  ContentAlgorithm.A128CBC_HS256.name());
+                
+                JweDecryptionProvider decProvider =
+                    JweUtils.loadDecryptionProvider(decProperties, jwtConsumer.getHeaders(),
false);
+                
+                JweDecryptionOutput decOutput = decProvider.decrypt(token);
+                String decToken = decOutput.getContentText();
+                
+                JwsJwtCompactConsumer jwtJwsConsumer = new JwsJwtCompactConsumer(decToken);
+                JwtToken jwt = jwtJwsConsumer.getJwtToken();
+                
+                Assert.assertEquals("alice", jwt.getClaim(JwtConstants.CLAIM_SUBJECT));
+                Assert.assertEquals(providerResponse.getTokenId(), jwt.getClaim(JwtConstants.CLAIM_JWT_ID));
+                Assert.assertEquals(providerResponse.getCreated().getTime() / 1000L, 
+                                    jwt.getClaim(JwtConstants.CLAIM_ISSUED_AT));
+                Assert.assertEquals(providerResponse.getExpires().getTime() / 1000L, 
+                                    jwt.getClaim(JwtConstants.CLAIM_EXPIRY));
+            }
+        } finally {
+            Security.removeProvider(BouncyCastleProvider.PROVIDER_NAME);
         }
-                            
     }
     
     @org.junit.Test


Mime
View raw message