Adding claims test
Project: http://git-wip-us.apache.org/repos/asf/cxf/repo Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/bc025f0f Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/bc025f0f Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/bc025f0f Branch: refs/heads/3.1.x-fixes Commit: bc025f0fe4acf7191430230080318346272543e1 Parents: 01956cc Author: Colm O hEigeartaigh <[email protected]> Authored: Mon Feb 8 12:17:57 2016 +0000 Committer: Colm O hEigeartaigh <[email protected]> Committed: Mon Feb 8 16:35:17 2016 +0000 ---------------------------------------------------------------------- .../cxf/systest/sts/rest/RESTUnitTest.java | 65 ++++++++++++++++++++ 1 file changed, 65 insertions(+) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/cxf/blob/bc025f0f/services/sts/systests/basic/src/test/java/org/apache/cxf/systest/sts/rest/RESTUnitTest.java ---------------------------------------------------------------------- diff --git a/services/sts/systests/basic/src/test/java/org/apache/cxf/systest/sts/rest/RESTUnitTest.java b/services/sts/systests/basic/src/test/java/org/apache/cxf/systest/sts/rest/RESTUnitTest.java index e0ed538..65c0cf3 100644 --- a/services/sts/systests/basic/src/test/java/org/apache/cxf/systest/sts/rest/RESTUnitTest.java +++ b/services/sts/systests/basic/src/test/java/org/apache/cxf/systest/sts/rest/RESTUnitTest.java @@ -31,6 +31,9 @@ import org.w3c.dom.Element; import org.apache.cxf.Bus; import org.apache.cxf.bus.spring.SpringBusFactory; import org.apache.cxf.jaxrs.client.WebClient; +import org.apache.cxf.rt.security.claims.Claim; +import org.apache.cxf.rt.security.claims.ClaimCollection; +import org.apache.cxf.rt.security.saml.utils.SAMLUtils; import org.apache.cxf.systest.sts.common.SecurityTestUtil; import org.apache.cxf.testutil.common.AbstractBusClientServerTestBase; import org.apache.cxf.ws.security.sts.provider.model.RequestSecurityTokenResponseType; @@ -329,6 +332,68 @@ public class RESTUnitTest extends AbstractBusClientServerTestBase { } @org.junit.Test + public void testIssueSAML2TokenClaims() throws Exception { + SpringBusFactory bf = new SpringBusFactory(); + URL busFile = RESTUnitTest.class.getResource("cxf-client.xml"); + + Bus bus = bf.createBus(busFile.toString()); + SpringBusFactory.setDefaultBus(bus); + SpringBusFactory.setThreadDefaultBus(bus); + + String address = "https://localhost:"; + STSPORT + "/SecurityTokenService/token"; + WebClient client = WebClient.create(address, busFile.toString()); + + client.type("application/xml").accept("application/xml"); + client.path("saml2.0"); + + // First check that the role isn't usually in the generated token + + Response response = client.get(); + Document assertionDoc = response.readEntity(Document.class); + assertNotNull(assertionDoc); + + // Process the token + List<WSSecurityEngineResult> results = processToken(assertionDoc.getDocumentElement()); + + assertTrue(results != null && results.size() == 1); + SamlAssertionWrapper assertion = + (SamlAssertionWrapper)results.get(0).get(WSSecurityEngineResult.TAG_SAML_ASSERTION); + assertTrue(assertion != null); + assertTrue(assertion.getSaml2() != null && assertion.getSaml1() == null); + assertTrue(assertion.isSigned()); + + ClaimCollection claims = SAMLUtils.getClaims(assertion); + assertEquals(1, claims.size()); + Claim claim = claims.get(0); + String role = "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/role";; + assertNotEquals(claim.getClaimType().toString(), role); + + // Now get another token specifying the role + client.query("claim", role); + response = client.get(); + assertionDoc = response.readEntity(Document.class); + assertNotNull(assertionDoc); + + // Process the token + results = processToken(assertionDoc.getDocumentElement()); + + assertTrue(results != null && results.size() == 1); + assertion = + (SamlAssertionWrapper)results.get(0).get(WSSecurityEngineResult.TAG_SAML_ASSERTION); + assertTrue(assertion != null); + assertTrue(assertion.getSaml2() != null && assertion.getSaml1() == null); + assertTrue(assertion.isSigned()); + + claims = SAMLUtils.getClaims(assertion); + assertEquals(1, claims.size()); + claim = claims.get(0); + assertEquals(claim.getClaimType().toString(), role); + assertEquals("ordinary-user", claim.getValues().get(0)); + + bus.shutdown(true); + } + + @org.junit.Test @org.junit.Ignore public void testIssueJWTToken() throws Exception { SpringBusFactory bf = new SpringBusFactory();
