cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From cohei...@apache.org
Subject [4/5] cxf git commit: Minor test modification
Date Tue, 08 Dec 2015 15:24:30 GMT
Minor test modification


Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/d41958a5
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/d41958a5
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/d41958a5

Branch: refs/heads/master
Commit: d41958a5191de9cdd0f403b57f23912d9133824b
Parents: 948ea05
Author: Colm O hEigeartaigh <coheigea@apache.org>
Authored: Tue Dec 8 11:28:40 2015 +0000
Committer: Colm O hEigeartaigh <coheigea@apache.org>
Committed: Tue Dec 8 15:22:08 2015 +0000

----------------------------------------------------------------------
 .../jaxrs/security/oauth2/JAXRSOAuth2Test.java  |  17 +-
 .../security/oauth2/SamlCallbackHandler.java    |  53 +++++--
 .../security/oauth2/SamlCallbackHandler2.java   | 158 -------------------
 3 files changed, 57 insertions(+), 171 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/cxf/blob/d41958a5/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/JAXRSOAuth2Test.java
----------------------------------------------------------------------
diff --git a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/JAXRSOAuth2Test.java
b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/JAXRSOAuth2Test.java
index 79f4cc1..7901fc6 100644
--- a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/JAXRSOAuth2Test.java
+++ b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/JAXRSOAuth2Test.java
@@ -73,7 +73,7 @@ public class JAXRSOAuth2Test extends AbstractBusClientServerTestBase {
         Crypto crypto = new CryptoLoader().loadCrypto(CRYPTO_RESOURCE_PROPERTIES);
         SelfSignInfo signInfo = new SelfSignInfo(crypto, "alice", "password"); 
         
-        SamlAssertionWrapper assertionWrapper = SAMLUtils.createAssertion(new SamlCallbackHandler(),
+        SamlAssertionWrapper assertionWrapper = SAMLUtils.createAssertion(new SamlCallbackHandler(false),
                                                                           signInfo);
         Document doc = DOMUtils.newDocument();
         Element assertionElement = assertionWrapper.toDOM(doc);
@@ -95,7 +95,11 @@ public class JAXRSOAuth2Test extends AbstractBusClientServerTestBase {
         Crypto crypto = new CryptoLoader().loadCrypto(CRYPTO_RESOURCE_PROPERTIES);
         SelfSignInfo signInfo = new SelfSignInfo(crypto, "alice", "password"); 
         
-        SamlAssertionWrapper assertionWrapper = SAMLUtils.createAssertion(new SamlCallbackHandler2(),
+        SamlCallbackHandler samlCallbackHandler = new SamlCallbackHandler(true);
+        samlCallbackHandler.setIssuer("alice");
+        String audienceURI = "https://localhost:" + PORT + "/oauth2-auth/token";
+        samlCallbackHandler.setAudience(audienceURI);
+        SamlAssertionWrapper assertionWrapper = SAMLUtils.createAssertion(samlCallbackHandler,
                                                                           signInfo);
         Document doc = DOMUtils.newDocument();
         Element assertionElement = assertionWrapper.toDOM(doc);
@@ -158,8 +162,13 @@ public class JAXRSOAuth2Test extends AbstractBusClientServerTestBase
{
         Map<String, Object> properties = new HashMap<String, Object>();
         properties.put("security.callback-handler", 
                        "org.apache.cxf.systest.jaxrs.security.saml.KeystorePasswordCallback");
-        properties.put("security.saml-callback-handler", 
-                       "org.apache.cxf.systest.jaxrs.security.oauth2.SamlCallbackHandler2");
+        
+        SamlCallbackHandler samlCallbackHandler = new SamlCallbackHandler(true);
+        samlCallbackHandler.setIssuer("alice");
+        String audienceURI = "https://localhost:" + PORT + "/oauth2-auth/token";
+        samlCallbackHandler.setAudience(audienceURI);
+        properties.put("security.saml-callback-handler", samlCallbackHandler);
+        
         properties.put("security.signature.username", "alice");
         properties.put("security.signature.properties", CRYPTO_RESOURCE_PROPERTIES);
         bean.setProperties(properties);

http://git-wip-us.apache.org/repos/asf/cxf/blob/d41958a5/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/SamlCallbackHandler.java
----------------------------------------------------------------------
diff --git a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/SamlCallbackHandler.java
b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/SamlCallbackHandler.java
index cd5d734..0da9f19 100644
--- a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/SamlCallbackHandler.java
+++ b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/SamlCallbackHandler.java
@@ -32,6 +32,9 @@ import org.apache.cxf.helpers.CastUtils;
 import org.apache.cxf.message.Message;
 import org.apache.cxf.phase.PhaseInterceptorChain;
 import org.apache.cxf.rt.security.saml.claims.SAMLClaim;
+import org.apache.wss4j.common.crypto.Crypto;
+import org.apache.wss4j.common.crypto.CryptoFactory;
+import org.apache.wss4j.common.ext.WSSecurityException;
 import org.apache.wss4j.common.saml.SAMLCallback;
 import org.apache.wss4j.common.saml.bean.ActionBean;
 import org.apache.wss4j.common.saml.bean.AttributeBean;
@@ -52,12 +55,12 @@ import org.joda.time.DateTime;
 public class SamlCallbackHandler implements CallbackHandler {
     public static final String PORT = BookServerOAuth2.PORT;
     private String confirmationMethod = SAML2Constants.CONF_BEARER;
-    
-    public SamlCallbackHandler() {
-    }
-    
-    public void setConfirmationMethod(String confirmationMethod) {
-        this.confirmationMethod = confirmationMethod;
+    private boolean signAssertion = true;
+    private String issuer = "resourceOwner";
+    private String audience = "https://localhost:" + PORT + "/oauth2/token";
+
+    public SamlCallbackHandler(boolean signAssertion) {
+        this.signAssertion = signAssertion;
     }
     
     public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException
{
@@ -67,7 +70,7 @@ public class SamlCallbackHandler implements CallbackHandler {
             if (callbacks[i] instanceof SAMLCallback) {
                 SAMLCallback callback = (SAMLCallback) callbacks[i];
                 callback.setSamlVersion(Version.SAML_20);
-                callback.setIssuer("resourceOwner");
+                callback.setIssuer(issuer);
                 
                 String subjectName = m != null ? (String)m.getContextualProperty("saml.subject.name")
: null;
                 if (subjectName == null) {
@@ -83,8 +86,7 @@ public class SamlCallbackHandler implements CallbackHandler {
                 ConditionsBean conditions = new ConditionsBean();
 
                 AudienceRestrictionBean audienceRestriction = new AudienceRestrictionBean();
-                String audienceURI = "https://localhost:" + PORT + "/oauth2/token";
-                audienceRestriction.setAudienceURIs(Collections.singletonList(audienceURI));
+                audienceRestriction.setAudienceURIs(Collections.singletonList(audience));
                 conditions.setAudienceRestrictions(Collections.singletonList(audienceRestriction));
               
                 callback.setConditions(conditions);
@@ -138,8 +140,41 @@ public class SamlCallbackHandler implements CallbackHandler {
                 
                 attrBean.setSamlAttributes(claims);
                 callback.setAttributeStatementData(Collections.singletonList(attrBean));
+                
+                if (signAssertion) {
+                    try {
+                        Crypto crypto = 
+                            CryptoFactory.getInstance("org/apache/cxf/systest/jaxrs/security/alice.properties");
+                        callback.setIssuerCrypto(crypto);
+                        callback.setIssuerKeyName("alice");
+                        callback.setIssuerKeyPassword("password");
+                        callback.setSignAssertion(true);
+                    } catch (WSSecurityException e) {
+                        throw new IOException(e);
+                    }
+                }
             }
         }
     }
     
+    public String getIssuer() {
+        return issuer;
+    }
+
+    public void setIssuer(String issuer) {
+        this.issuer = issuer;
+    }
+
+    public String getAudience() {
+        return audience;
+    }
+
+    public void setAudience(String audience) {
+        this.audience = audience;
+    }
+    
+    public void setConfirmationMethod(String confMethod) {
+        this.confirmationMethod = confMethod;
+    }
+    
 }

http://git-wip-us.apache.org/repos/asf/cxf/blob/d41958a5/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/SamlCallbackHandler2.java
----------------------------------------------------------------------
diff --git a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/SamlCallbackHandler2.java
b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/SamlCallbackHandler2.java
deleted file mode 100644
index 2d03211..0000000
--- a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/SamlCallbackHandler2.java
+++ /dev/null
@@ -1,158 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-
-package org.apache.cxf.systest.jaxrs.security.oauth2;
-
-import java.io.IOException;
-import java.util.ArrayList;
-import java.util.Collections;
-import java.util.List;
-
-import javax.security.auth.callback.Callback;
-import javax.security.auth.callback.CallbackHandler;
-import javax.security.auth.callback.UnsupportedCallbackException;
-
-import org.apache.cxf.helpers.CastUtils;
-import org.apache.cxf.message.Message;
-import org.apache.cxf.phase.PhaseInterceptorChain;
-import org.apache.cxf.rt.security.saml.claims.SAMLClaim;
-import org.apache.wss4j.common.crypto.Crypto;
-import org.apache.wss4j.common.crypto.CryptoFactory;
-import org.apache.wss4j.common.ext.WSSecurityException;
-import org.apache.wss4j.common.saml.SAMLCallback;
-import org.apache.wss4j.common.saml.bean.ActionBean;
-import org.apache.wss4j.common.saml.bean.AttributeBean;
-import org.apache.wss4j.common.saml.bean.AttributeStatementBean;
-import org.apache.wss4j.common.saml.bean.AudienceRestrictionBean;
-import org.apache.wss4j.common.saml.bean.AuthDecisionStatementBean;
-import org.apache.wss4j.common.saml.bean.AuthDecisionStatementBean.Decision;
-import org.apache.wss4j.common.saml.bean.AuthenticationStatementBean;
-import org.apache.wss4j.common.saml.bean.ConditionsBean;
-import org.apache.wss4j.common.saml.bean.SubjectBean;
-import org.apache.wss4j.common.saml.bean.Version;
-import org.apache.wss4j.common.saml.builder.SAML2Constants;
-import org.joda.time.DateTime;
-
-/**
- * A CallbackHandler instance that is used by the STS to mock up a SAML Attribute Assertion.
- */
-public class SamlCallbackHandler2 implements CallbackHandler {
-    public static final String PORT = BookServerOAuth2.PORT;
-    private String confirmationMethod = SAML2Constants.CONF_BEARER;
-    
-    public SamlCallbackHandler2() {
-    }
-    
-    public void setConfirmationMethod(String confirmationMethod) {
-        this.confirmationMethod = confirmationMethod;
-    }
-    
-    public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException
{
-        Message m = PhaseInterceptorChain.getCurrentMessage();
-        
-        for (int i = 0; i < callbacks.length; i++) {
-            if (callbacks[i] instanceof SAMLCallback) {
-                SAMLCallback callback = (SAMLCallback) callbacks[i];
-                callback.setSamlVersion(Version.SAML_20);
-                callback.setIssuer("alice");
-                
-                String subjectName = m != null ? (String)m.getContextualProperty("saml.subject.name")
: null;
-                if (subjectName == null) {
-                    subjectName = "alice";
-                }
-                String subjectQualifier = "www.mock-sts.com";
-                SubjectBean subjectBean = 
-                    new SubjectBean(
-                        subjectName, subjectQualifier, confirmationMethod
-                    );
-                callback.setSubject(subjectBean);
-                
-                ConditionsBean conditions = new ConditionsBean();
-                AudienceRestrictionBean audienceRestriction = new AudienceRestrictionBean();
-                String audienceURI = "https://localhost:" + PORT + "/oauth2-auth/token";
-                audienceRestriction.setAudienceURIs(Collections.singletonList(audienceURI));
-                conditions.setAudienceRestrictions(Collections.singletonList(audienceRestriction));
-                
-                callback.setConditions(conditions);
-                
-                AuthDecisionStatementBean authDecBean = new AuthDecisionStatementBean();
-                authDecBean.setDecision(Decision.INDETERMINATE);
-                authDecBean.setResource("https://sp.example.com/SAML2");
-                ActionBean actionBean = new ActionBean();
-                actionBean.setContents("Read");
-                authDecBean.setActions(Collections.singletonList(actionBean));
-                callback.setAuthDecisionStatementData(Collections.singletonList(authDecBean));
-                
-                AuthenticationStatementBean authBean = new AuthenticationStatementBean();
-                authBean.setSubject(subjectBean);
-                authBean.setAuthenticationInstant(new DateTime());
-                authBean.setSessionIndex("123456");
-                // AuthnContextClassRef is not set
-                authBean.setAuthenticationMethod(
-                        "urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport");
-                callback.setAuthenticationStatementData(
-                    Collections.singletonList(authBean));
-                
-                AttributeStatementBean attrBean = new AttributeStatementBean();
-                attrBean.setSubject(subjectBean);
-                
-                List<String> roles = m != null 
-                    ? CastUtils.<String>cast((List<?>)m.getContextualProperty("saml.roles"))
: null;
-                if (roles == null) {
-                    roles = Collections.singletonList("user");
-                }
-                List<AttributeBean> claims = new ArrayList<AttributeBean>();
-                AttributeBean roleClaim = new AttributeBean();
-                roleClaim.setSimpleName("subject-role");
-                roleClaim.setQualifiedName(SAMLClaim.SAML_ROLE_ATTRIBUTENAME_DEFAULT);
-                roleClaim.setNameFormat(SAML2Constants.ATTRNAME_FORMAT_UNSPECIFIED);
-                roleClaim.setAttributeValues(new ArrayList<Object>(roles));
-                claims.add(roleClaim);
-                
-                List<String> authMethods = 
-                    m != null ? CastUtils.<String>cast((List<?>)m.getContextualProperty("saml.auth"))
: null;
-                if (authMethods == null) {
-                    authMethods = Collections.singletonList("password");
-                }
-                
-                AttributeBean authClaim = new AttributeBean();
-                authClaim.setSimpleName("http://claims/authentication");
-                authClaim.setQualifiedName("http://claims/authentication");
-                authClaim.setNameFormat("http://claims/authentication-format");
-                authClaim.setAttributeValues(new ArrayList<Object>(authMethods));
-                claims.add(authClaim);
-                
-                attrBean.setSamlAttributes(claims);
-                callback.setAttributeStatementData(Collections.singletonList(attrBean));
-                
-                try {
-                    Crypto crypto = 
-                        CryptoFactory.getInstance("org/apache/cxf/systest/jaxrs/security/alice.properties");
-                    callback.setIssuerCrypto(crypto);
-                    callback.setIssuerKeyName("alice");
-                    callback.setIssuerKeyPassword("password");
-                    callback.setSignAssertion(true);
-                } catch (WSSecurityException e) {
-                    throw new IOException(e);
-                }
-            }
-        }
-    }
-    
-}


Mime
View raw message