Return-Path: X-Original-To: apmail-cxf-commits-archive@www.apache.org Delivered-To: apmail-cxf-commits-archive@www.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id D3E7E188E8 for ; Tue, 8 Dec 2015 18:06:57 +0000 (UTC) Received: (qmail 69422 invoked by uid 500); 8 Dec 2015 18:06:42 -0000 Delivered-To: apmail-cxf-commits-archive@cxf.apache.org Received: (qmail 69336 invoked by uid 500); 8 Dec 2015 18:06:41 -0000 Mailing-List: contact commits-help@cxf.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: dev@cxf.apache.org Delivered-To: mailing list commits@cxf.apache.org Received: (qmail 69309 invoked by uid 99); 8 Dec 2015 18:06:41 -0000 Received: from git1-us-west.apache.org (HELO git1-us-west.apache.org) (140.211.11.23) by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 08 Dec 2015 18:06:41 +0000 Received: by git1-us-west.apache.org (ASF Mail Server at git1-us-west.apache.org, from userid 33) id AA58BE0AFE; Tue, 8 Dec 2015 18:06:41 +0000 (UTC) Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit From: coheigea@apache.org To: commits@cxf.apache.org Date: Tue, 08 Dec 2015 18:06:42 -0000 Message-Id: In-Reply-To: <18d1d5339c4c43c7b9801c4e4a598ef6@git.apache.org> References: <18d1d5339c4c43c7b9801c4e4a598ef6@git.apache.org> X-Mailer: ASF-Git Admin Mailer Subject: [2/7] cxf git commit: Minor test modification Minor test modification # Conflicts: # systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/JAXRSOAuth2Test.java # systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/SamlCallbackHandler.java # systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/SamlCallbackHandler2.java Project: http://git-wip-us.apache.org/repos/asf/cxf/repo Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/6453dec1 Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/6453dec1 Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/6453dec1 Branch: refs/heads/3.0.x-fixes Commit: 6453dec1f047663c8a6a5f0de0dce7b3ea2d23a6 Parents: d29fa67 Author: Colm O hEigeartaigh Authored: Tue Dec 8 11:28:40 2015 +0000 Committer: Colm O hEigeartaigh Committed: Tue Dec 8 15:37:59 2015 +0000 ---------------------------------------------------------------------- .../jaxrs/security/oauth2/JAXRSOAuth2Test.java | 33 +++++++++++ .../security/oauth2/SamlCallbackHandler.java | 60 +++++++++++++++++--- 2 files changed, 85 insertions(+), 8 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/cxf/blob/6453dec1/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/JAXRSOAuth2Test.java ---------------------------------------------------------------------- diff --git a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/JAXRSOAuth2Test.java b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/JAXRSOAuth2Test.java index 0a4f079..04faa05 100644 --- a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/JAXRSOAuth2Test.java +++ b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/JAXRSOAuth2Test.java @@ -67,8 +67,17 @@ public class JAXRSOAuth2Test extends AbstractBusClientServerTestBase { Crypto crypto = new CryptoLoader().loadCrypto(CRYPTO_RESOURCE_PROPERTIES); SelfSignInfo signInfo = new SelfSignInfo(crypto, "alice", "password"); +<<<<<<< HEAD String assertion = SAMLUtils.createAssertion(new SamlCallbackHandler(), signInfo).assertionToString(); +======= + SamlAssertionWrapper assertionWrapper = SAMLUtils.createAssertion(new SamlCallbackHandler(false), + signInfo); + Document doc = DOMUtils.newDocument(); + Element assertionElement = assertionWrapper.toDOM(doc); + String assertion = DOM2Writer.nodeToString(assertionElement); + +>>>>>>> 6d818c6... Minor test modification Saml2BearerGrant grant = new Saml2BearerGrant(assertion); ClientAccessToken at = OAuthClientUtils.getAccessToken(wc, new OAuthClientUtils.Consumer("alice", "alice"), @@ -85,8 +94,20 @@ public class JAXRSOAuth2Test extends AbstractBusClientServerTestBase { Crypto crypto = new CryptoLoader().loadCrypto(CRYPTO_RESOURCE_PROPERTIES); SelfSignInfo signInfo = new SelfSignInfo(crypto, "alice", "password"); +<<<<<<< HEAD String assertion = SAMLUtils.createAssertion(new SamlCallbackHandler2(), signInfo).assertionToString(); +======= + SamlCallbackHandler samlCallbackHandler = new SamlCallbackHandler(true); + samlCallbackHandler.setIssuer("alice"); + String audienceURI = "https://localhost:" + PORT + "/oauth2-auth/token"; + samlCallbackHandler.setAudience(audienceURI); + SamlAssertionWrapper assertionWrapper = SAMLUtils.createAssertion(samlCallbackHandler, + signInfo); + Document doc = DOMUtils.newDocument(); + Element assertionElement = assertionWrapper.toDOM(doc); + String assertion = DOM2Writer.nodeToString(assertionElement); +>>>>>>> 6d818c6... Minor test modification String encodedAssertion = Base64UrlUtility.encode(assertion); @@ -145,10 +166,22 @@ public class JAXRSOAuth2Test extends AbstractBusClientServerTestBase { Map properties = new HashMap(); properties.put("ws-security.callback-handler", "org.apache.cxf.systest.jaxrs.security.saml.KeystorePasswordCallback"); +<<<<<<< HEAD properties.put("ws-security.saml-callback-handler", "org.apache.cxf.systest.jaxrs.security.oauth2.SamlCallbackHandler2"); properties.put("ws-security.signature.username", "alice"); properties.put("ws-security.signature.properties", CRYPTO_RESOURCE_PROPERTIES); +======= + + SamlCallbackHandler samlCallbackHandler = new SamlCallbackHandler(true); + samlCallbackHandler.setIssuer("alice"); + String audienceURI = "https://localhost:" + PORT + "/oauth2-auth/token"; + samlCallbackHandler.setAudience(audienceURI); + properties.put("security.saml-callback-handler", samlCallbackHandler); + + properties.put("security.signature.username", "alice"); + properties.put("security.signature.properties", CRYPTO_RESOURCE_PROPERTIES); +>>>>>>> 6d818c6... Minor test modification bean.setProperties(properties); bean.getOutInterceptors().add(new Saml2BearerAuthOutInterceptor()); http://git-wip-us.apache.org/repos/asf/cxf/blob/6453dec1/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/SamlCallbackHandler.java ---------------------------------------------------------------------- diff --git a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/SamlCallbackHandler.java b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/SamlCallbackHandler.java index c105523..821d7a1 100644 --- a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/SamlCallbackHandler.java +++ b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/SamlCallbackHandler.java @@ -31,7 +31,14 @@ import javax.security.auth.callback.UnsupportedCallbackException; import org.apache.cxf.helpers.CastUtils; import org.apache.cxf.message.Message; import org.apache.cxf.phase.PhaseInterceptorChain; +<<<<<<< HEAD import org.apache.cxf.rt.security.claims.SAMLClaim; +======= +import org.apache.cxf.rt.security.saml.claims.SAMLClaim; +import org.apache.wss4j.common.crypto.Crypto; +import org.apache.wss4j.common.crypto.CryptoFactory; +import org.apache.wss4j.common.ext.WSSecurityException; +>>>>>>> 6d818c6... Minor test modification import org.apache.wss4j.common.saml.SAMLCallback; import org.apache.wss4j.common.saml.bean.ActionBean; import org.apache.wss4j.common.saml.bean.AttributeBean; @@ -51,12 +58,12 @@ import org.joda.time.DateTime; public class SamlCallbackHandler implements CallbackHandler { public static final String PORT = BookServerOAuth2.PORT; private String confirmationMethod = SAML2Constants.CONF_BEARER; - - public SamlCallbackHandler() { - } - - public void setConfirmationMethod(String confirmationMethod) { - this.confirmationMethod = confirmationMethod; + private boolean signAssertion = true; + private String issuer = "resourceOwner"; + private String audience = "https://localhost:" + PORT + "/oauth2/token"; + + public SamlCallbackHandler(boolean signAssertion) { + this.signAssertion = signAssertion; } public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException { @@ -65,7 +72,12 @@ public class SamlCallbackHandler implements CallbackHandler { for (int i = 0; i < callbacks.length; i++) { if (callbacks[i] instanceof SAMLCallback) { SAMLCallback callback = (SAMLCallback) callbacks[i]; +<<<<<<< HEAD callback.setIssuer("resourceOwner"); +======= + callback.setSamlVersion(Version.SAML_20); + callback.setIssuer(issuer); +>>>>>>> 6d818c6... Minor test modification String subjectName = m != null ? (String)m.getContextualProperty("saml.subject.name") : null; if (subjectName == null) { @@ -81,8 +93,7 @@ public class SamlCallbackHandler implements CallbackHandler { ConditionsBean conditions = new ConditionsBean(); AudienceRestrictionBean audienceRestriction = new AudienceRestrictionBean(); - String audienceURI = "https://localhost:" + PORT + "/oauth2/token"; - audienceRestriction.setAudienceURIs(Collections.singletonList(audienceURI)); + audienceRestriction.setAudienceURIs(Collections.singletonList(audience)); conditions.setAudienceRestrictions(Collections.singletonList(audienceRestriction)); callback.setConditions(conditions); @@ -136,8 +147,41 @@ public class SamlCallbackHandler implements CallbackHandler { attrBean.setSamlAttributes(claims); callback.setAttributeStatementData(Collections.singletonList(attrBean)); + + if (signAssertion) { + try { + Crypto crypto = + CryptoFactory.getInstance("org/apache/cxf/systest/jaxrs/security/alice.properties"); + callback.setIssuerCrypto(crypto); + callback.setIssuerKeyName("alice"); + callback.setIssuerKeyPassword("password"); + callback.setSignAssertion(true); + } catch (WSSecurityException e) { + throw new IOException(e); + } + } } } } + public String getIssuer() { + return issuer; + } + + public void setIssuer(String issuer) { + this.issuer = issuer; + } + + public String getAudience() { + return audience; + } + + public void setAudience(String audience) { + this.audience = audience; + } + + public void setConfirmationMethod(String confMethod) { + this.confirmationMethod = confMethod; + } + }