Adding a system test
Project: http://git-wip-us.apache.org/repos/asf/cxf/repo Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/a88d53bf Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/a88d53bf Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/a88d53bf Branch: refs/heads/master Commit: a88d53bf63174d2533eed8293859e5f2cb78b427 Parents: a98ff3b Author: Colm O hEigeartaigh <cohei...@apache.org> Authored: Fri Nov 6 14:36:06 2015 +0000 Committer: Colm O hEigeartaigh <cohei...@apache.org> Committed: Fri Nov 6 14:58:59 2015 +0000 ---------------------------------------------------------------------- .../apache/cxf/systest/sts/jwt/JWTUnitTest.java | 110 +++++++++++++++++++ .../cxf/systest/sts/deployment/cxf-sts.xml | 3 + .../cxf/systest/sts/jwt/cxf-unit-client.xml | 39 +++++++ 3 files changed, 152 insertions(+) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/cxf/blob/a88d53bf/services/sts/systests/advanced/src/test/java/org/apache/cxf/systest/sts/jwt/JWTUnitTest.java ---------------------------------------------------------------------- diff --git a/services/sts/systests/advanced/src/test/java/org/apache/cxf/systest/sts/jwt/JWTUnitTest.java b/services/sts/systests/advanced/src/test/java/org/apache/cxf/systest/sts/jwt/JWTUnitTest.java new file mode 100644 index 0000000..9a17e6c --- /dev/null +++ b/services/sts/systests/advanced/src/test/java/org/apache/cxf/systest/sts/jwt/JWTUnitTest.java @@ -0,0 +1,110 @@ +/** + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ +package org.apache.cxf.systest.sts.jwt; + +import java.net.URL; +import java.util.HashMap; +import java.util.Map; + +import org.apache.cxf.Bus; +import org.apache.cxf.bus.spring.SpringBusFactory; +import org.apache.cxf.systest.sts.common.SecurityTestUtil; +import org.apache.cxf.systest.sts.deployment.STSServer; +import org.apache.cxf.testutil.common.AbstractBusClientServerTestBase; +import org.apache.cxf.ws.security.SecurityConstants; +import org.apache.cxf.ws.security.tokenstore.SecurityToken; +import org.apache.cxf.ws.security.trust.STSClient; +import org.junit.BeforeClass; + +/** + * Some unit tests to get a JWT token from the STS + */ +public class JWTUnitTest extends AbstractBusClientServerTestBase { + + public static final String JWT_TOKEN_TYPE = "urn:ietf:params:oauth:token-type:jwt"; + static final String STSPORT = allocatePort(STSServer.class); + private static final String DEFAULT_ADDRESS = + "https://localhost:8081/doubleit/services/doubleittransportsaml1"; + + @BeforeClass + public static void startServers() throws Exception { + assertTrue( + "Server failed to launch", + // run the server in the same process + // set this to false to fork + launchServer(STSServer.class, true) + ); + } + + @org.junit.AfterClass + public static void cleanup() throws Exception { + SecurityTestUtil.cleanup(); + stopAllServers(); + } + + @org.junit.Test + public void testIssueJWTToken() throws Exception { + SpringBusFactory bf = new SpringBusFactory(); + URL busFile = JWTUnitTest.class.getResource("cxf-unit-client.xml"); + + Bus bus = bf.createBus(busFile.toString()); + SpringBusFactory.setDefaultBus(bus); + SpringBusFactory.setThreadDefaultBus(bus); + + SecurityToken token = + requestSecurityToken(JWT_TOKEN_TYPE, bus, DEFAULT_ADDRESS, null, null); + assertNotNull(token); + assertNotNull(token.getData()); + } + + private SecurityToken requestSecurityToken( + String tokenType, + Bus bus, + String endpointAddress, + Map<String, Object> msgProperties, + String wsdlPort + ) throws Exception { + STSClient stsClient = new STSClient(bus); + String port = STSPORT; + + stsClient.setWsdlLocation("https://localhost:" + port + "/SecurityTokenService/Transport?wsdl"); + stsClient.setServiceName("{http://docs.oasis-open.org/ws-sx/ws-trust/200512/}SecurityTokenService"); + if (wsdlPort != null) { + stsClient.setEndpointName("{http://docs.oasis-open.org/ws-sx/ws-trust/200512/}" + wsdlPort); + } else { + stsClient.setEndpointName("{http://docs.oasis-open.org/ws-sx/ws-trust/200512/}Transport_Port"); + } + + Map<String, Object> properties = msgProperties; + if (properties == null) { + properties = new HashMap<String, Object>(); + properties.put(SecurityConstants.USERNAME, "alice"); + properties.put( + SecurityConstants.CALLBACK_HANDLER, + "org.apache.cxf.systest.sts.common.CommonCallbackHandler" + ); + } + + stsClient.setProperties(properties); + stsClient.setTokenType(tokenType); + stsClient.setSendKeyType(false); + + return stsClient.requestSecurityToken(endpointAddress); + } +} http://git-wip-us.apache.org/repos/asf/cxf/blob/a88d53bf/services/sts/systests/advanced/src/test/resources/org/apache/cxf/systest/sts/deployment/cxf-sts.xml ---------------------------------------------------------------------- diff --git a/services/sts/systests/advanced/src/test/resources/org/apache/cxf/systest/sts/deployment/cxf-sts.xml b/services/sts/systests/advanced/src/test/resources/org/apache/cxf/systest/sts/deployment/cxf-sts.xml index 4a9c118..989873f 100644 --- a/services/sts/systests/advanced/src/test/resources/org/apache/cxf/systest/sts/deployment/cxf-sts.xml +++ b/services/sts/systests/advanced/src/test/resources/org/apache/cxf/systest/sts/deployment/cxf-sts.xml @@ -50,6 +50,7 @@ <util:list id="transportTokenProviders"> <ref bean="transportSamlTokenProvider"/> <ref bean="transportCustomBSTTokenProvider"/> + <ref bean="transportJWTTokenProvider"/> </util:list> <util:list id="transportTokenValidators"> <ref bean="transportSamlTokenValidator"/> @@ -62,6 +63,8 @@ <bean id="transportSamlTokenProvider" class="org.apache.cxf.sts.token.provider.SAMLTokenProvider"> <!-- <property name="attributeStatementProviders" ref="attributeStatementProvidersList" />--> </bean> + <bean id="transportJWTTokenProvider" class="org.apache.cxf.sts.token.provider.jwt.JWTTokenProvider"> + </bean> <!-- <util:list id="attributeStatementProvidersList"> <ref bean="defaultAttributeProvider" /> http://git-wip-us.apache.org/repos/asf/cxf/blob/a88d53bf/services/sts/systests/advanced/src/test/resources/org/apache/cxf/systest/sts/jwt/cxf-unit-client.xml ---------------------------------------------------------------------- diff --git a/services/sts/systests/advanced/src/test/resources/org/apache/cxf/systest/sts/jwt/cxf-unit-client.xml b/services/sts/systests/advanced/src/test/resources/org/apache/cxf/systest/sts/jwt/cxf-unit-client.xml new file mode 100644 index 0000000..924f7d2 --- /dev/null +++ b/services/sts/systests/advanced/src/test/resources/org/apache/cxf/systest/sts/jwt/cxf-unit-client.xml @@ -0,0 +1,39 @@ +<?xml version="1.0"?> +<!-- + Licensed to the Apache Software Foundation (ASF) under one + or more contributor license agreements. See the NOTICE file + distributed with this work for additional information + regarding copyright ownership. The ASF licenses this file + to you under the Apache License, Version 2.0 (the + "License"); you may not use this file except in compliance + with the License. You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, + software distributed under the License is distributed on an + "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + KIND, either express or implied. See the License for the + specific language governing permissions and limitations + under the License. +--> +<beans xmlns="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:jaxws="http://cxf.apache.org/jaxws" xmlns:cxf="http://cxf.apache.org/core" xmlns:http="http://cxf.apache.org/transports/http/configuration" xmlns:sec="http://cxf.apache.org/configuration/security" xsi:schemaLocation=" http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-2.0.xsd http://cxf.apache.org/core http://cxf.apache.org/schemas/core.xsd http://cxf.apache.org/jaxws http://cxf.apache.org/schemas/jaxws.xsd http://cxf.apache.org/transports/http/configuration http://cxf.apache.org/schemas/configuration/http-conf.xsd http://cxf.apache.org/configuration/security http://cxf.apache.org/schemas/configuration/security.xsd"> + <cxf:bus> + <cxf:features> + <cxf:logging/> + </cxf:features> + </cxf:bus> + + + <http:conduit name="https://localhost:.*"> + <http:tlsClientParameters disableCNCheck="true"> + <sec:trustManagers> + <sec:keyStore type="jks" password="cspass" resource="clientstore.jks"/> + </sec:trustManagers> + <sec:keyManagers keyPassword="ckpass"> + <sec:keyStore type="jks" password="cspass" resource="clientstore.jks"/> + </sec:keyManagers> + </http:tlsClientParameters> + </http:conduit> + +</beans>