syncope-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From cohei...@apache.org
Subject syncope git commit: SYNCOPE-1149 - Adding @Ignore'd test for this feature
Date Wed, 05 Jul 2017 08:18:06 GMT
Repository: syncope
Updated Branches:
  refs/heads/2_0_X c16ad9462 -> 647d03ad1


SYNCOPE-1149 - Adding @Ignore'd test for this feature


Project: http://git-wip-us.apache.org/repos/asf/syncope/repo
Commit: http://git-wip-us.apache.org/repos/asf/syncope/commit/647d03ad
Tree: http://git-wip-us.apache.org/repos/asf/syncope/tree/647d03ad
Diff: http://git-wip-us.apache.org/repos/asf/syncope/diff/647d03ad

Branch: refs/heads/2_0_X
Commit: 647d03ad14a7278d70e0da836f730235a7402613
Parents: c16ad94
Author: Colm O hEigeartaigh <coheigea@apache.org>
Authored: Wed Jul 5 09:17:16 2017 +0100
Committer: Colm O hEigeartaigh <coheigea@apache.org>
Committed: Wed Jul 5 09:18:01 2017 +0100

----------------------------------------------------------------------
 .../core/reference/CustomJWTSSOProvider.java    | 75 ++++++++++++++++++++
 .../core/reference/ITImplementationLookup.java  |  7 +-
 .../org/apache/syncope/fit/core/JWTITCase.java  | 32 +++++++++
 3 files changed, 112 insertions(+), 2 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/syncope/blob/647d03ad/fit/core-reference/src/main/java/org/apache/syncope/fit/core/reference/CustomJWTSSOProvider.java
----------------------------------------------------------------------
diff --git a/fit/core-reference/src/main/java/org/apache/syncope/fit/core/reference/CustomJWTSSOProvider.java
b/fit/core-reference/src/main/java/org/apache/syncope/fit/core/reference/CustomJWTSSOProvider.java
new file mode 100644
index 0000000..a980382
--- /dev/null
+++ b/fit/core-reference/src/main/java/org/apache/syncope/fit/core/reference/CustomJWTSSOProvider.java
@@ -0,0 +1,75 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.syncope.fit.core.reference;
+
+import org.apache.cxf.rs.security.jose.jwa.SignatureAlgorithm;
+import org.apache.cxf.rs.security.jose.jws.HmacJwsSignatureVerifier;
+import org.apache.cxf.rs.security.jose.jws.JwsHeaders;
+import org.apache.cxf.rs.security.jose.jws.JwsSignatureVerifier;
+import org.apache.cxf.rs.security.jose.jws.JwsVerificationSignature;
+import org.apache.syncope.core.persistence.api.dao.UserDAO;
+import org.apache.syncope.core.persistence.api.entity.user.User;
+import org.apache.syncope.core.spring.security.JWTSSOProvider;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.transaction.annotation.Transactional;
+
+/**
+ * Custom implementation for internal JWT validation.
+ */
+public class CustomJWTSSOProvider implements JWTSSOProvider {
+
+    private String jwtIssuer = "custom-issuer";
+
+    private final JwsSignatureVerifier delegate;
+
+    @Autowired
+    private UserDAO userDAO;
+
+    public CustomJWTSSOProvider() {
+        String customKey = "12345678910987654321";
+        delegate = new HmacJwsSignatureVerifier(customKey.getBytes(), SignatureAlgorithm.HS512);
+    }
+
+    @Override
+    public String getIssuer() {
+        return jwtIssuer;
+    }
+
+    @Override
+    public SignatureAlgorithm getAlgorithm() {
+        return delegate.getAlgorithm();
+    }
+
+    @Override
+    public boolean verify(final JwsHeaders headers, final String unsignedText, final byte[]
signature) {
+        return delegate.verify(headers, unsignedText, signature);
+    }
+
+    @Override
+    public JwsVerificationSignature createJwsVerificationSignature(final JwsHeaders headers)
{
+        return delegate.createJwsVerificationSignature(headers);
+    }
+
+    @Transactional(readOnly = true)
+    @Override
+    public User resolve(final String jwtSubject) {
+        return userDAO.findByUsername(jwtSubject);
+    }
+
+}

http://git-wip-us.apache.org/repos/asf/syncope/blob/647d03ad/fit/core-reference/src/main/java/org/apache/syncope/fit/core/reference/ITImplementationLookup.java
----------------------------------------------------------------------
diff --git a/fit/core-reference/src/main/java/org/apache/syncope/fit/core/reference/ITImplementationLookup.java
b/fit/core-reference/src/main/java/org/apache/syncope/fit/core/reference/ITImplementationLookup.java
index 0a3571c..3ea2715 100644
--- a/fit/core-reference/src/main/java/org/apache/syncope/fit/core/reference/ITImplementationLookup.java
+++ b/fit/core-reference/src/main/java/org/apache/syncope/fit/core/reference/ITImplementationLookup.java
@@ -18,7 +18,6 @@
  */
 package org.apache.syncope.fit.core.reference;
 
-import java.util.Collections;
 import java.util.HashMap;
 import java.util.HashSet;
 import java.util.Map;
@@ -78,6 +77,7 @@ public class ITImplementationLookup implements ImplementationLookup {
         {
             Set<String> classNames = new HashSet<>();
             classNames.add(SyncopeJWTSSOProvider.class.getName());
+            classNames.add(CustomJWTSSOProvider.class.getName());
             put(Type.JWT_SSO_PROVIDER, classNames);
 
             classNames = new HashSet<>();
@@ -230,7 +230,10 @@ public class ITImplementationLookup implements ImplementationLookup {
 
     @Override
     public Set<Class<?>> getJWTSSOProviderClasses() {
-        return Collections.<Class<?>>singleton(SyncopeJWTSSOProvider.class);
+        Set<Class<?>> classNames = new HashSet<>();
+        classNames.add(SyncopeJWTSSOProvider.class);
+        classNames.add(CustomJWTSSOProvider.class);
+        return classNames;
     }
 
     @Override

http://git-wip-us.apache.org/repos/asf/syncope/blob/647d03ad/fit/core-reference/src/test/java/org/apache/syncope/fit/core/JWTITCase.java
----------------------------------------------------------------------
diff --git a/fit/core-reference/src/test/java/org/apache/syncope/fit/core/JWTITCase.java b/fit/core-reference/src/test/java/org/apache/syncope/fit/core/JWTITCase.java
index e01bdf4..f5203912 100644
--- a/fit/core-reference/src/test/java/org/apache/syncope/fit/core/JWTITCase.java
+++ b/fit/core-reference/src/test/java/org/apache/syncope/fit/core/JWTITCase.java
@@ -383,4 +383,36 @@ public class JWTITCase extends AbstractITCase {
         }
     }
 
+    @Test
+    @org.junit.Ignore
+    public void thirdPartyToken() throws ParseException {
+        // Create a new token
+        Date now = new Date();
+
+        Calendar expiry = Calendar.getInstance();
+        expiry.setTime(now);
+        expiry.add(Calendar.MINUTE, 5);
+
+        JwtClaims jwtClaims = new JwtClaims();
+        jwtClaims.setTokenId(UUID.randomUUID().toString());
+        jwtClaims.setSubject(ADMIN_UNAME);
+        jwtClaims.setIssuedAt(now.getTime());
+        jwtClaims.setIssuer("custom-issuer");
+        jwtClaims.setExpiryTime(expiry.getTime().getTime());
+        jwtClaims.setNotBefore(now.getTime());
+
+        JwsHeaders jwsHeaders = new JwsHeaders(JoseType.JWT, SignatureAlgorithm.HS512);
+        JwtToken jwtToken = new JwtToken(jwsHeaders, jwtClaims);
+        JwsJwtCompactProducer producer = new JwsJwtCompactProducer(jwtToken);
+
+        String customKey = "12345678910987654321";
+
+        JwsSignatureProvider jwsSignatureProvider =
+                new HmacJwsSignatureProvider(customKey.getBytes(), SignatureAlgorithm.HS512);
+        String signed = producer.signWith(jwsSignatureProvider);
+
+        SyncopeClient jwtClient = clientFactory.create(signed);
+        UserSelfService jwtUserSelfService = jwtClient.getService(UserSelfService.class);
+        jwtUserSelfService.read();
+    }
 }


Mime
View raw message