Package org.picketlink.identity.federation.core.wstrust

Examples of org.picketlink.identity.federation.core.wstrust.WSTrustRequestContext

95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
        RequestSecurityToken request = new RequestSecurityToken();
        request.setLifetime(WSTrustUtil.createDefaultLifetime(3600000));
        request.setAppliesTo(WSTrustUtil.createAppliesTo("http://services.testcorp.org/provider2"));
        request.setTokenType(URI.create(SAMLUtil.SAML2_TOKEN_TYPE));

        WSTrustRequestContext context = new WSTrustRequestContext(request, new TestPrincipal("sguilhen"));
        context.setTokenIssuer("PicketLinkSTS");

        // call the SAML token provider and check the generated token.
        this.provider.issueToken(context);
        assertNotNull("Unexpected null security token", context.getSecurityToken());

        SecurityToken securityToken = context.getSecurityToken();

        AssertionType assertion = assertionParser.fromElement((Element) securityToken.getTokenValue());
        /*
         * JAXBContext jaxbContext = JAXBContext.newInstance("org.picketlink.identity.federation.saml.v2.assertion");
         * Unmarshaller unmarshaller = jaxbContext.createUnmarshaller(); JAXBElement<?> parsedElement = (JAXBElement<?>)
         * unmarshaller.unmarshal((Element) context.getSecurityToken() .getTokenValue());
         * assertNotNull("Unexpected null element", parsedElement); assertEquals("Unexpected element type", AssertionType.class,
         * parsedElement.getDeclaredType());
         *
         * AssertionType assertion = (AssertionType) parsedElement.getValue(); StandardSecurityToken securityToken =
         * (StandardSecurityToken) context.getSecurityToken();
         */
        assertEquals("Unexpected token id", securityToken.getTokenID(), assertion.getID());
        assertEquals("Unexpected token issuer", "PicketLinkSTS", assertion.getIssuer().getValue());

        // check the contents of the assertion conditions.
        ConditionsType conditions = assertion.getConditions();
        assertNotNull("Unexpected null conditions", conditions);
        assertNotNull("Unexpected null value for NotBefore attribute", conditions.getNotBefore());
        assertNotNull("Unexpected null value for NotOnOrAfter attribute", conditions.getNotOnOrAfter());
        assertEquals("Unexpected number of conditions", 1, conditions.getConditions().size());

        AudienceRestrictionType restrictionType = (AudienceRestrictionType) conditions.getConditions().get(0);
        assertNotNull("Unexpected null audience list", restrictionType.getAudience());
        assertEquals("Unexpected number of audience elements", 1, restrictionType.getAudience().size());
        assertEquals("Unexpected audience value", "http://services.testcorp.org/provider2", restrictionType.getAudience()
                .get(0).toString());

        // check the contents of the assertion subject.
        SubjectType subject = assertion.getSubject();
        assertNotNull("Unexpected null subject", subject);

        NameIDType nameID = (NameIDType) subject.getSubType().getBaseID();
        assertEquals("Unexpected name id qualifier", "urn:picketlink:identity-federation", nameID.getNameQualifier());
        assertEquals("Unexpected name id", "sguilhen", nameID.getValue());

        SubjectConfirmationType confirmation = subject.getConfirmation().get(0);
        assertEquals("Unexpected confirmation method", SAMLUtil.SAML2_BEARER_URI, confirmation.getMethod());

        // validate the attached token reference created by the SAML provider.
        RequestedReferenceType reference = context.getAttachedReference();
        assertNotNull("Unexpected null attached reference", reference);
        SecurityTokenReferenceType securityRef = reference.getSecurityTokenReference();
        assertNotNull("Unexpected null security reference", securityRef);
        String tokenTypeAttr = securityRef.getOtherAttributes().get(new QName(WSTrustConstants.WSSE11_NS, "TokenType"));
        assertNotNull("Required attribute TokenType is missing", tokenTypeAttr);
View Full Code Here
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
        RequestSecurityToken request = new RequestSecurityToken();
        request.setLifetime(WSTrustUtil.createDefaultLifetime(3600000));
        request.setAppliesTo(WSTrustUtil.createAppliesTo("http://services.testcorp.org/provider2"));
        request.setTokenType(URI.create(SAMLUtil.SAML2_TOKEN_TYPE));

        WSTrustRequestContext context = new WSTrustRequestContext(request, new TestPrincipal("sguilhen"));
        context.setTokenIssuer("PicketLinkSTS");

        // let's set a symmetric key proof-of-possession token in the context.
        byte[] secret = WSTrustUtil.createRandomSecret(32);
        PublicKey serviceKey = this.getCertificate("keystore/sts_keystore.jks", "testpass", "service2").getPublicKey();
        context.setProofTokenInfo(WSTrustUtil.createKeyInfo(secret, serviceKey, null));

        // call the SAML token provider and check the generated token.
        this.provider.issueToken(context);
        assertNotNull("Unexpected null security token", context.getSecurityToken());

        // check if the assertion has a subject confirmation that contains the encrypted symmetric key.
        AssertionType assertion = SAMLUtil.fromElement((Element) context.getSecurityToken().getTokenValue());
        SubjectType subject = assertion.getSubject();
        assertNotNull("Unexpected null subject", subject);

        NameIDType nameID = (NameIDType) subject.getSubType().getBaseID();
        assertEquals("Unexpected name id qualifier", "urn:picketlink:identity-federation", nameID.getNameQualifier());
        assertEquals("Unexpected name id", "sguilhen", nameID.getValue());

        SubjectConfirmationType confirmation = subject.getConfirmation().get(0);
        assertEquals("Unexpected confirmation method", SAMLUtil.SAML2_HOLDER_OF_KEY_URI, confirmation.getMethod());

        SubjectConfirmationDataType confirmData = confirmation.getSubjectConfirmationData();
        KeyInfoType keyInfo = (KeyInfoType) confirmData.getAnyType();
        assertEquals("Unexpected key info content size", 1, keyInfo.getContent().size());
        Element encKeyElement = (Element) keyInfo.getContent().get(0);
        assertEquals("Unexpected key info content type", WSTrustConstants.XMLEnc.ENCRYPTED_KEY, encKeyElement.getLocalName());

        // Now let's set an asymmetric proof of possession token in the context.
        Certificate certificate = this.getCertificate("keystore/sts_keystore.jks", "testpass", "service1");
        context.setProofTokenInfo(WSTrustUtil.createKeyInfo(certificate));

        // call the SAML token provider and check the generated token.
        this.provider.issueToken(context);
        assertNotNull("Unexpected null security token", context.getSecurityToken());

        // check if the assertion has a subject confirmation that contains the encoded certificate.
        assertion = SAMLUtil.fromElement((Element) context.getSecurityToken().getTokenValue());
        subject = assertion.getSubject();
        nameID = (NameIDType) subject.getSubType().getBaseID();
        assertEquals("Unexpected name id qualifier", "urn:picketlink:identity-federation", nameID.getNameQualifier());
        assertEquals("Unexpected name id", "sguilhen", nameID.getValue());
        confirmation = subject.getConfirmation().get(0);
View Full Code Here
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
    public void testValidateSAMLV20Token() throws Exception {
        this.provider = new SAML20TokenProvider();
        provider.initialize(new HashMap<String, String>());

        // issue a SAMLV2.0 assertion.
        WSTrustRequestContext context = this.createIssuingContext(WSTrustUtil.createDefaultLifetime(3600000));
        this.provider.issueToken(context);

        // get the issued SAMLV2.0 assertion.
        Element assertion = (Element) context.getSecurityToken().getTokenValue();

        // now create a WS-Trust validate context.
        context = this.createValidatingContext(assertion);

        // validate the SAMLV2.0 assertion.
        this.provider.validateToken(context);
        StatusType status = context.getStatus();
        assertNotNull("Unexpected null status type", status);
        assertEquals("Unexpected status code", WSTrustConstants.STATUS_CODE_VALID, status.getCode());
        assertEquals("Unexpected status reason", "SAMLV2.0 Assertion successfuly validated", status.getReason());

        // now let's create a new SAMLV2.0 assertion with an expired lifetime.
        long currentTimeMillis = System.currentTimeMillis();
        GregorianCalendar created = new GregorianCalendar();
        created.setTimeInMillis(currentTimeMillis - 3600000);
        GregorianCalendar expires = new GregorianCalendar();
        expires.setTimeInMillis(currentTimeMillis - 1800000);
        context = this.createIssuingContext(new Lifetime(created, expires));

        provider.issueToken(context);
        assertion = (Element) context.getSecurityToken().getTokenValue();

        // try to validate the expired token.
        context = this.createValidatingContext(assertion);
        provider.validateToken(context);
        status = context.getStatus();
        assertNotNull("Unexpected null status type", status);
        assertEquals("Unexpected status code", WSTrustConstants.STATUS_CODE_INVALID, status.getCode());
        assertEquals("Unexpected status reason", "Validation failure: assertion expired or used before its lifetime period",
                status.getReason());
    }
View Full Code Here
309
310
311
312
313
314
315
316
317
318
        request.setLifetime(lifetime);
        request.setAppliesTo(WSTrustUtil.createAppliesTo("http://services.testcorp.org/provider2"));
        request.setRequestType(URI.create(WSTrustConstants.ISSUE_REQUEST));
        request.setTokenType(URI.create(SAMLUtil.SAML2_TOKEN_TYPE));

        WSTrustRequestContext context = new WSTrustRequestContext(request, new TestPrincipal("sguilhen"));
        context.setTokenIssuer("PicketLinkSTS");

        return context;
    }
View Full Code Here
335
336
337
338
339
340
341
342
        request.setValidateTarget(validateTarget);
        // we need to set the request document in the request object for the test.
        DOMSource requestSource = (DOMSource) this.createSourceFromRequest(request);
        request.setRSTDocument((Document) requestSource.getNode());

        WSTrustRequestContext context = new WSTrustRequestContext(request, new TestPrincipal("sguilhen"));
        return context;
    }
View Full Code Here
TOP

Related Classes of org.picketlink.identity.federation.core.wstrust.WSTrustRequestContext

  • org.picketlink.identity.federation.core.wstrust.plugins.saml.SAML11TokenProvider
  • org.picketlink.identity.federation.core.wstrust.plugins.saml.SAML20TokenProvider
  • org.picketlink.test.identity.federation.bindings.jboss.auth.SAML20TokenProviderUnitTestCase
  • org.picketlink.test.identity.federation.core.wstrust.SAML20TokenProviderUnitTestCase
  • org.picketlink.test.identity.federation.core.wstrust.SpecialTokenProvider
    • Copyright © 2018 www.massapicom. All rights reserved.
    All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.