Adding more rs-security tests
Project: http://git-wip-us.apache.org/repos/asf/cxf/repo Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/5e7d0210 Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/5e7d0210 Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/5e7d0210 Branch: refs/heads/3.0.x-fixes Commit: 5e7d0210744661ca3d9225fa972f6754f94d90aa Parents: 9800ee0 Author: Colm O hEigeartaigh <cohei...@apache.org> Authored: Thu Oct 15 17:33:50 2015 +0100 Committer: Colm O hEigeartaigh <cohei...@apache.org> Committed: Thu Oct 15 17:35:52 2015 +0100 ---------------------------------------------------------------------- .../systest/jaxrs/security/jwt/BookStore.java | 8 ++++++ .../jaxrs/security/jwt/JAXRSJweJwsTest.java | 11 +++++++ .../jaxrs/security/jwt/JAXRSJwsJsonTest.java | 30 +++++++++++++++++++- .../security/certs/jwkModifiedPrivateSet.txt | 13 +++++++++ .../jaxrs/security/secret.jwk.bad.properties | 21 ++++++++++++++ 5 files changed, 82 insertions(+), 1 deletion(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/cxf/blob/5e7d0210/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/jwt/BookStore.java ---------------------------------------------------------------------- diff --git a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/jwt/BookStore.java b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/jwt/BookStore.java index b56ce36..dcbeb28 100644 --- a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/jwt/BookStore.java +++ b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/jwt/BookStore.java @@ -49,6 +49,14 @@ public class BookStore { return book; } + @POST + @Path("/books") + @Produces("application/xml") + @Consumes("application/xml") + public Book echoBook2(Book book) { + return book; + } + } http://git-wip-us.apache.org/repos/asf/cxf/blob/5e7d0210/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/jwt/JAXRSJweJwsTest.java ---------------------------------------------------------------------- diff --git a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/jwt/JAXRSJweJwsTest.java b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/jwt/JAXRSJweJwsTest.java index e69191b..e770b3f 100644 --- a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/jwt/JAXRSJweJwsTest.java +++ b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/jwt/JAXRSJweJwsTest.java @@ -449,6 +449,17 @@ public class JAXRSJweJwsTest extends AbstractBusClientServerTestBase { assertEquals("book", text); } + // Test signing and encrypting an XML payload + @Test + public void testJweRsaJwsRsaXML() throws Exception { + String address = "https://localhost:" + PORT + "/jwejwsrsa"; + BookStore bs = createJweJwsBookStore(address, null, null); + Book book = new Book(); + book.setName("book"); + book = bs.echoBook2(book); + assertEquals("book", book.getName()); + } + private static class PrivateKeyPasswordProviderImpl implements PrivateKeyPasswordProvider { private String password = "password"; public PrivateKeyPasswordProviderImpl() { http://git-wip-us.apache.org/repos/asf/cxf/blob/5e7d0210/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/jwt/JAXRSJwsJsonTest.java ---------------------------------------------------------------------- diff --git a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/jwt/JAXRSJwsJsonTest.java b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/jwt/JAXRSJwsJsonTest.java index 91cc064..a72c6f9 100644 --- a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/jwt/JAXRSJwsJsonTest.java +++ b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/jwt/JAXRSJwsJsonTest.java @@ -30,6 +30,7 @@ import java.util.List; import java.util.Map; import javax.crypto.Cipher; +import javax.ws.rs.BadRequestException; import com.fasterxml.jackson.jaxrs.json.JacksonJsonProvider; @@ -136,10 +137,37 @@ public class JAXRSJwsJsonTest extends AbstractBusClientServerTestBase { List<String> properties = new ArrayList<String>(); properties.add("org/apache/cxf/systest/jaxrs/security/secret.jwk.hmac2.properties"); BookStore bs = createBookStore(address, properties, null); - Book book = bs.echoBook(new Book("book", 123L)); + Book book = bs.echoBook2(new Book("book", 123L)); assertEquals("book", book.getName()); assertEquals(123L, book.getId()); } + + // Test signing an XML payload + @Test + public void testJwsJsonPlainTextHmacXML() throws Exception { + String address = "https://localhost:" + PORT + "/jwsjsonhmac"; + BookStore bs = createBookStore(address, + "org/apache/cxf/systest/jaxrs/security/secret.jwk.properties", + null); + String text = bs.echoText("book"); + assertEquals("book", text); + } + + // Test signing with a bad signature key + @Test + public void testJwsJsonPlaintextHMACBadKey() throws Exception { + String address = "https://localhost:" + PORT + "/jwsjsonhmac"; + BookStore bs = createBookStore(address, + "org/apache/cxf/systest/jaxrs/security/secret.jwk.bad.properties", + null); + try { + bs.echoText("book"); + fail("Failure expected on a bad signature key"); + } catch (BadRequestException ex) { + // expected + } + } + private BookStore createBookStore(String address, Object properties, List<?> extraProviders) throws Exception { return createBookStore(address, http://git-wip-us.apache.org/repos/asf/cxf/blob/5e7d0210/systests/rs-security/src/test/resources/org/apache/cxf/systest/jaxrs/security/certs/jwkModifiedPrivateSet.txt ---------------------------------------------------------------------- diff --git a/systests/rs-security/src/test/resources/org/apache/cxf/systest/jaxrs/security/certs/jwkModifiedPrivateSet.txt b/systests/rs-security/src/test/resources/org/apache/cxf/systest/jaxrs/security/certs/jwkModifiedPrivateSet.txt new file mode 100644 index 0000000..a67b7a6 --- /dev/null +++ b/systests/rs-security/src/test/resources/org/apache/cxf/systest/jaxrs/security/certs/jwkModifiedPrivateSet.txt @@ -0,0 +1,13 @@ +{"keys": + [ + {"kty":"oct", + "alg":"A128KW", + "k":"GawgguFyGrWKav7AX4VKUg", + "kid":"AesWrapKey"}, + + {"kty":"oct", + "alg":"HS256", + "k":"AyM1SysPpbxDfgZld3umj1qzKObwVMkoqQ-EstJQLr_T-1qS0gZH75aKtMN3Yj0iPS4hcgUuTwjAzZr1Z9CAow", + "kid":"HMACKey"}, + ] + } http://git-wip-us.apache.org/repos/asf/cxf/blob/5e7d0210/systests/rs-security/src/test/resources/org/apache/cxf/systest/jaxrs/security/secret.jwk.bad.properties ---------------------------------------------------------------------- diff --git a/systests/rs-security/src/test/resources/org/apache/cxf/systest/jaxrs/security/secret.jwk.bad.properties b/systests/rs-security/src/test/resources/org/apache/cxf/systest/jaxrs/security/secret.jwk.bad.properties new file mode 100644 index 0000000..0569c45 --- /dev/null +++ b/systests/rs-security/src/test/resources/org/apache/cxf/systest/jaxrs/security/secret.jwk.bad.properties @@ -0,0 +1,21 @@ +# Licensed to the Apache Software Foundation (ASF) under one +# or more contributor license agreements. See the NOTICE file +# distributed with this work for additional information +# regarding copyright ownership. The ASF licenses this file +# to you under the Apache License, Version 2.0 (the +# "License"); you may not use this file except in compliance +# with the License. You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, +# software distributed under the License is distributed on an +# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY +# KIND, either express or implied. See the License for the +# specific language governing permissions and limitations +# under the License. +rs.security.keystore.type=jwk +rs.security.keystore.alias.jwe=AesWrapKey +rs.security.keystore.alias.jws=HMACKey +rs.security.keystore.file=org/apache/cxf/systest/jaxrs/security/certs/jwkModifiedPrivateSet.txt +rs.security.encryption.content.algorithm=A128GCM