Adding tests for POST interface
Project: http://git-wip-us.apache.org/repos/asf/cxf/repo Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/547f8af0 Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/547f8af0 Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/547f8af0 Branch: refs/heads/3.1.x-fixes Commit: 547f8af0519e6fd973e9cf379034fa6940eb7ceb Parents: 1808d49f Author: Colm O hEigeartaigh <[email protected]> Authored: Mon Feb 8 16:33:51 2016 +0000 Committer: Colm O hEigeartaigh <[email protected]> Committed: Mon Feb 8 16:35:19 2016 +0000 ---------------------------------------------------------------------- .../cxf/sts/rest/RESTSecurityTokenService.java | 8 +- .../sts/rest/RESTSecurityTokenServiceImpl.java | 10 +- .../cxf/systest/sts/rest/RESTUnitTest.java | 194 ++++++++++++++++++- 3 files changed, 202 insertions(+), 10 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/cxf/blob/547f8af0/services/sts/sts-core/src/main/java/org/apache/cxf/sts/rest/RESTSecurityTokenService.java ---------------------------------------------------------------------- diff --git a/services/sts/sts-core/src/main/java/org/apache/cxf/sts/rest/RESTSecurityTokenService.java b/services/sts/sts-core/src/main/java/org/apache/cxf/sts/rest/RESTSecurityTokenService.java index 3458c4a..0967b10 100644 --- a/services/sts/sts-core/src/main/java/org/apache/cxf/sts/rest/RESTSecurityTokenService.java +++ b/services/sts/sts-core/src/main/java/org/apache/cxf/sts/rest/RESTSecurityTokenService.java @@ -38,10 +38,10 @@ import org.apache.cxf.ws.security.sts.provider.model.RequestSecurityTokenType; public interface RESTSecurityTokenService { enum Action { - ISSUE("issue"), - VALIDATE("validate"), - RENEW("renew"), - CANCEL("cancel"); + issue("issue"), + validate("validate"), + renew("renew"), + cancel("cancel"); private String value; private Action(String value) { http://git-wip-us.apache.org/repos/asf/cxf/blob/547f8af0/services/sts/sts-core/src/main/java/org/apache/cxf/sts/rest/RESTSecurityTokenServiceImpl.java ---------------------------------------------------------------------- diff --git a/services/sts/sts-core/src/main/java/org/apache/cxf/sts/rest/RESTSecurityTokenServiceImpl.java b/services/sts/sts-core/src/main/java/org/apache/cxf/sts/rest/RESTSecurityTokenServiceImpl.java index 1b39bf7..deb05da 100644 --- a/services/sts/sts-core/src/main/java/org/apache/cxf/sts/rest/RESTSecurityTokenServiceImpl.java +++ b/services/sts/sts-core/src/main/java/org/apache/cxf/sts/rest/RESTSecurityTokenServiceImpl.java @@ -220,7 +220,7 @@ public class RESTSecurityTokenServiceImpl extends SecurityTokenServiceImpl imple // } // request.setContext(null); - return processRequest(Action.ISSUE, request); + return processRequest(Action.issue, request); } @Override @@ -236,13 +236,13 @@ public class RESTSecurityTokenServiceImpl extends SecurityTokenServiceImpl imple private RequestSecurityTokenResponseType processRequest(Action action, RequestSecurityTokenType request) { switch (action) { - case VALIDATE: + case validate: return validate(request); - case RENEW: + case renew: return renew(request); - case CANCEL: + case cancel: return cancel(request); - case ISSUE: + case issue: default: return issueSingle(request); } http://git-wip-us.apache.org/repos/asf/cxf/blob/547f8af0/services/sts/systests/basic/src/test/java/org/apache/cxf/systest/sts/rest/RESTUnitTest.java ---------------------------------------------------------------------- diff --git a/services/sts/systests/basic/src/test/java/org/apache/cxf/systest/sts/rest/RESTUnitTest.java b/services/sts/systests/basic/src/test/java/org/apache/cxf/systest/sts/rest/RESTUnitTest.java index e682911..9c98bd6 100644 --- a/services/sts/systests/basic/src/test/java/org/apache/cxf/systest/sts/rest/RESTUnitTest.java +++ b/services/sts/systests/basic/src/test/java/org/apache/cxf/systest/sts/rest/RESTUnitTest.java @@ -24,6 +24,7 @@ import java.util.List; import javax.security.auth.callback.CallbackHandler; import javax.ws.rs.core.Response; import javax.xml.bind.JAXBElement; +import javax.xml.transform.dom.DOMSource; import org.w3c.dom.Document; import org.w3c.dom.Element; @@ -34,10 +35,12 @@ import org.apache.cxf.jaxrs.client.WebClient; import org.apache.cxf.rt.security.claims.Claim; import org.apache.cxf.rt.security.claims.ClaimCollection; import org.apache.cxf.rt.security.saml.utils.SAMLUtils; +import org.apache.cxf.staxutils.W3CDOMStreamWriter; import org.apache.cxf.systest.sts.common.SecurityTestUtil; import org.apache.cxf.testutil.common.AbstractBusClientServerTestBase; import org.apache.cxf.ws.security.sts.provider.model.RequestSecurityTokenResponseType; import org.apache.cxf.ws.security.sts.provider.model.RequestedSecurityTokenType; +import org.apache.cxf.ws.security.trust.STSUtils; import org.apache.wss4j.common.crypto.Crypto; import org.apache.wss4j.common.crypto.CryptoFactory; import org.apache.wss4j.common.saml.OpenSAMLUtil; @@ -57,6 +60,10 @@ public class RESTUnitTest extends AbstractBusClientServerTestBase { static final String STSPORT = allocatePort(STSRESTServer.class); + private static final String SAML1_TOKEN_TYPE = + "http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV1.1";; + private static final String SAML2_TOKEN_TYPE = + "http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV2.0";; private static final String SYMMETRIC_KEY_KEYTYPE = "http://docs.oasis-open.org/ws-sx/ws-trust/200512/SymmetricKey";; private static final String PUBLIC_KEY_KEYTYPE = @@ -65,7 +72,7 @@ public class RESTUnitTest extends AbstractBusClientServerTestBase { "http://docs.oasis-open.org/ws-sx/ws-trust/200512/Bearer";; private static final String DEFAULT_ADDRESS = "https://localhost:8081/doubleit/services/doubleittransportsaml1";; - + @BeforeClass public static void startServers() throws Exception { assertTrue( @@ -438,6 +445,191 @@ public class RESTUnitTest extends AbstractBusClientServerTestBase { } @org.junit.Test + public void testIssueSAML2TokenViaPOST() throws Exception { + SpringBusFactory bf = new SpringBusFactory(); + URL busFile = RESTUnitTest.class.getResource("cxf-client.xml"); + + Bus bus = bf.createBus(busFile.toString()); + SpringBusFactory.setDefaultBus(bus); + SpringBusFactory.setThreadDefaultBus(bus); + + String address = "https://localhost:"; + STSPORT + "/SecurityTokenService/token"; + WebClient client = WebClient.create(address, busFile.toString()); + + client.type("application/xml").accept("application/xml"); + + // Create RequestSecurityToken + W3CDOMStreamWriter writer = new W3CDOMStreamWriter(); + String namespace = STSUtils.WST_NS_05_12; + writer.writeStartElement("wst", "RequestSecurityToken", namespace); + writer.writeNamespace("wst", namespace); + + writer.writeStartElement("wst", "RequestType", namespace); + writer.writeCharacters(namespace + "/Issue"); + writer.writeEndElement(); + + writer.writeStartElement("wst", "TokenType", namespace); + writer.writeCharacters(SAML2_TOKEN_TYPE); + writer.writeEndElement(); + + writer.writeEndElement(); + + Response response = client.post(new DOMSource(writer.getDocument().getDocumentElement())); + + RequestSecurityTokenResponseType securityResponse = + response.readEntity(RequestSecurityTokenResponseType.class); + + RequestedSecurityTokenType requestedSecurityToken = null; + for (Object obj : securityResponse.getAny()) { + if (obj instanceof JAXBElement<?>) { + JAXBElement<?> jaxbElement = (JAXBElement<?>)obj; + if ("RequestedSecurityToken".equals(jaxbElement.getName().getLocalPart())) { + requestedSecurityToken = (RequestedSecurityTokenType)jaxbElement.getValue(); + break; + } + } + } + assertNotNull(requestedSecurityToken); + + // Process the token + List<WSSecurityEngineResult> results = + processToken((Element)requestedSecurityToken.getAny()); + + assertTrue(results != null && results.size() == 1); + SamlAssertionWrapper assertion = + (SamlAssertionWrapper)results.get(0).get(WSSecurityEngineResult.TAG_SAML_ASSERTION); + assertTrue(assertion != null); + assertTrue(assertion.getSaml2() != null && assertion.getSaml1() == null); + assertTrue(assertion.isSigned()); + + bus.shutdown(true); + } + + @org.junit.Test + public void testExplicitlyIssueSAML2TokenViaPOST() throws Exception { + SpringBusFactory bf = new SpringBusFactory(); + URL busFile = RESTUnitTest.class.getResource("cxf-client.xml"); + + Bus bus = bf.createBus(busFile.toString()); + SpringBusFactory.setDefaultBus(bus); + SpringBusFactory.setThreadDefaultBus(bus); + + String address = "https://localhost:"; + STSPORT + "/SecurityTokenService/token"; + WebClient client = WebClient.create(address, busFile.toString()); + + client.type("application/xml").accept("application/xml"); + client.query("action", "issue"); + + // Create RequestSecurityToken + W3CDOMStreamWriter writer = new W3CDOMStreamWriter(); + String namespace = STSUtils.WST_NS_05_12; + writer.writeStartElement("wst", "RequestSecurityToken", namespace); + writer.writeNamespace("wst", namespace); + + writer.writeStartElement("wst", "RequestType", namespace); + writer.writeCharacters(namespace + "/Issue"); + writer.writeEndElement(); + + writer.writeStartElement("wst", "TokenType", namespace); + writer.writeCharacters(SAML2_TOKEN_TYPE); + writer.writeEndElement(); + + writer.writeEndElement(); + + Response response = client.post(new DOMSource(writer.getDocument().getDocumentElement())); + + RequestSecurityTokenResponseType securityResponse = + response.readEntity(RequestSecurityTokenResponseType.class); + + RequestedSecurityTokenType requestedSecurityToken = null; + for (Object obj : securityResponse.getAny()) { + if (obj instanceof JAXBElement<?>) { + JAXBElement<?> jaxbElement = (JAXBElement<?>)obj; + if ("RequestedSecurityToken".equals(jaxbElement.getName().getLocalPart())) { + requestedSecurityToken = (RequestedSecurityTokenType)jaxbElement.getValue(); + break; + } + } + } + assertNotNull(requestedSecurityToken); + + // Process the token + List<WSSecurityEngineResult> results = + processToken((Element)requestedSecurityToken.getAny()); + + assertTrue(results != null && results.size() == 1); + SamlAssertionWrapper assertion = + (SamlAssertionWrapper)results.get(0).get(WSSecurityEngineResult.TAG_SAML_ASSERTION); + assertTrue(assertion != null); + assertTrue(assertion.getSaml2() != null && assertion.getSaml1() == null); + assertTrue(assertion.isSigned()); + + bus.shutdown(true); + } + + @org.junit.Test + public void testExplicitlyIssueSAML1TokenViaPOST() throws Exception { + SpringBusFactory bf = new SpringBusFactory(); + URL busFile = RESTUnitTest.class.getResource("cxf-client.xml"); + + Bus bus = bf.createBus(busFile.toString()); + SpringBusFactory.setDefaultBus(bus); + SpringBusFactory.setThreadDefaultBus(bus); + + String address = "https://localhost:"; + STSPORT + "/SecurityTokenService/token"; + WebClient client = WebClient.create(address, busFile.toString()); + + client.type("application/xml").accept("application/xml"); + client.query("action", "issue"); + + // Create RequestSecurityToken + W3CDOMStreamWriter writer = new W3CDOMStreamWriter(); + String namespace = STSUtils.WST_NS_05_12; + writer.writeStartElement("wst", "RequestSecurityToken", namespace); + writer.writeNamespace("wst", namespace); + + writer.writeStartElement("wst", "RequestType", namespace); + writer.writeCharacters(namespace + "/Issue"); + writer.writeEndElement(); + + writer.writeStartElement("wst", "TokenType", namespace); + writer.writeCharacters(SAML1_TOKEN_TYPE); + writer.writeEndElement(); + + writer.writeEndElement(); + + Response response = client.post(new DOMSource(writer.getDocument().getDocumentElement())); + + RequestSecurityTokenResponseType securityResponse = + response.readEntity(RequestSecurityTokenResponseType.class); + + RequestedSecurityTokenType requestedSecurityToken = null; + for (Object obj : securityResponse.getAny()) { + if (obj instanceof JAXBElement<?>) { + JAXBElement<?> jaxbElement = (JAXBElement<?>)obj; + if ("RequestedSecurityToken".equals(jaxbElement.getName().getLocalPart())) { + requestedSecurityToken = (RequestedSecurityTokenType)jaxbElement.getValue(); + break; + } + } + } + assertNotNull(requestedSecurityToken); + + // Process the token + List<WSSecurityEngineResult> results = + processToken((Element)requestedSecurityToken.getAny()); + + assertTrue(results != null && results.size() == 1); + SamlAssertionWrapper assertion = + (SamlAssertionWrapper)results.get(0).get(WSSecurityEngineResult.TAG_SAML_ASSERTION); + assertTrue(assertion != null); + assertTrue(assertion.getSaml2() == null && assertion.getSaml1() != null); + assertTrue(assertion.isSigned()); + + bus.shutdown(true); + } + + @org.junit.Test @org.junit.Ignore public void testIssueJWTToken() throws Exception { SpringBusFactory bf = new SpringBusFactory();
