Skip to content

Commit

Permalink
CXF-8121: Add advanced tests. Small refactoring according the PR comm…
Browse files Browse the repository at this point in the history 
…ent.
  • Loading branch information
@dtsybulka @dmitrytsybulko
dtsybulka authored and dmitrytsybulko committed Oct 8, 2019
1 parent 1262c12 commit f19b3b8
Show file tree
Hide file tree
Showing 10 changed files with 143 additions and 122 deletions.
4 changes: 2 additions & 2 deletions services/sts/sts-rest/src/main/java/org/apache/cxf/sts/rest/api/BaseResponse.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -52,8 +52,8 @@ public BaseResponse() {
this.status = StatusType.SUCCESS.name();
}

public BaseResponse(final String message) {
this.status = StatusType.ERROR.name();
public BaseResponse(final StatusType status, final String message) {
this.status = status.name();
this.message = message;
}

Expand Down
2 changes: 1 addition & 1 deletion services/sts/sts-rest/src/main/java/org/apache/cxf/sts/rest/impl/RestExceptionMapper.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -38,7 +38,7 @@ public class RestExceptionMapper implements ExceptionMapper<Exception> {
public Response toResponse(Exception exception) {
return Response
.status(Status.INTERNAL_SERVER_ERROR)
.entity(new BaseResponse(exception.getMessage()))
.entity(new BaseResponse(BaseResponse.StatusType.ERROR, exception.getMessage()))
.type(getResponseType())
.build();
}
Expand Down
6 changes: 6 additions & 0 deletions services/sts/systests/advanced/pom.xml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -47,6 +47,12 @@
<version>${project.version}</version>
<scope>test</scope>
</dependency>
<dependency>
<groupId>org.apache.cxf.services.sts</groupId>
<artifactId>cxf-services-sts-rest</artifactId>
<version>${project.version}</version>
<scope>test</scope>
</dependency>
<dependency>
<groupId>org.apache.cxf</groupId>
<artifactId>cxf-rt-transports-http-jetty</artifactId>
Expand Down
21 changes: 11 additions & 10 deletions ...ystests/advanced/src/test/java/org/apache/cxf/systest/sts/custom/CustomClaimsHandler.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -18,7 +18,7 @@
*/
package org.apache.cxf.systest.sts.custom;

import java.util.ArrayList;
import java.util.Arrays;
import java.util.List;

import org.w3c.dom.Element;
Expand All @@ -31,23 +31,24 @@
import org.apache.cxf.sts.claims.ProcessedClaimCollection;
import org.apache.wss4j.common.util.XMLUtils;

import static org.apache.cxf.sts.STSConstants.IDT_NS_05_05;

/**
* A custom ClaimsHandler implementation for use in the tests.
*/
public class CustomClaimsHandler implements ClaimsHandler {

public static final String ROLE =
"http://schemas.xmlsoap.org/ws/2005/05/identity/claims/role";
IDT_NS_05_05 + "/claims/role";
public static final String GIVEN_NAME =
"http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname";
IDT_NS_05_05 + "/claims/givenname";
public static final String LANGUAGE =
"http://schemas.mycompany.com/claims/language";

public ProcessedClaimCollection retrieveClaimValues(
ClaimCollection claims, ClaimsParameters parameters) {

if (claims != null && !claims.isEmpty()) {
ProcessedClaimCollection claimCollection = new ProcessedClaimCollection();
List<Object> customContent = parameters.getTokenRequirements().getCustomContent();
boolean foundContent = false;
if (customContent != null) {
Expand All @@ -66,12 +67,13 @@ public ProcessedClaimCollection retrieveClaimValues(
}
}

ProcessedClaimCollection claimCollection = new ProcessedClaimCollection();
for (Claim requestClaim : claims) {
ProcessedClaim claim = new ProcessedClaim();
claim.setClaimType(requestClaim.getClaimType());
claim.setIssuer("Test Issuer");
claim.setOriginalIssuer("Original Issuer");
if (foundContent) {
if (foundContent || "custom-realm".equals(parameters.getRealm())) {
if (ROLE.equals(requestClaim.getClaimType())) {
claim.addValue("admin-user");
} else if (GIVEN_NAME.equals(requestClaim.getClaimType())) {
Expand All @@ -88,11 +90,10 @@ public ProcessedClaimCollection retrieveClaimValues(
}

public List<String> getSupportedClaimTypes() {
List<String> list = new ArrayList<>();
list.add(ROLE);
list.add(GIVEN_NAME);
list.add(LANGUAGE);
return list;
return Arrays.asList(
ROLE,
GIVEN_NAME,
LANGUAGE);
}

}
110 changes: 61 additions & 49 deletions ...ystests/advanced/src/test/java/org/apache/cxf/systest/sts/custom/CustomParameterTest.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -19,33 +19,39 @@
package org.apache.cxf.systest.sts.custom;

import java.net.URL;
import java.util.Collections;
import java.util.HashMap;
import java.util.List;
import java.util.Map;

import javax.security.auth.callback.CallbackHandler;
import javax.ws.rs.core.Response;
import javax.ws.rs.core.MediaType;
import javax.xml.bind.JAXBElement;
import javax.xml.namespace.QName;
import javax.xml.transform.dom.DOMSource;
import javax.xml.ws.BindingProvider;
import javax.xml.ws.Service;

import org.w3c.dom.Document;
import org.w3c.dom.Element;

import org.apache.cxf.Bus;
import org.apache.cxf.BusFactory;
import org.apache.cxf.bus.spring.SpringBusFactory;
import org.apache.cxf.helpers.DOMUtils;
import org.apache.cxf.jaxrs.client.JAXRSClientFactory;
import org.apache.cxf.jaxrs.client.WebClient;
import org.apache.cxf.rt.security.SecurityConstants;
import org.apache.cxf.staxutils.W3CDOMStreamWriter;
import org.apache.cxf.sts.rest.api.GetTokenRequest;
import org.apache.cxf.sts.rest.api.RealmSecurityTokenService;
import org.apache.cxf.systest.sts.common.SecurityTestUtil;
import org.apache.cxf.systest.sts.common.TokenTestUtils;
import org.apache.cxf.testutil.common.AbstractBusClientServerTestBase;
import org.apache.cxf.ws.security.sts.provider.model.ClaimsType;
import org.apache.cxf.ws.security.sts.provider.model.ObjectFactory;
import org.apache.cxf.ws.security.sts.provider.model.RequestSecurityTokenResponseType;
import org.apache.cxf.ws.security.sts.provider.model.RequestSecurityTokenType;
import org.apache.cxf.ws.security.sts.provider.model.RequestedSecurityTokenType;
import org.apache.cxf.ws.security.trust.STSClient;
import org.apache.cxf.ws.security.trust.STSUtils;
import org.apache.wss4j.common.crypto.Crypto;
import org.apache.wss4j.common.crypto.CryptoFactory;
import org.apache.wss4j.common.saml.SamlAssertionWrapper;
Expand All @@ -59,6 +65,8 @@

import org.junit.BeforeClass;

import static org.apache.cxf.sts.STSConstants.IDT_NS_05_05;
import static org.apache.cxf.sts.STSConstants.WST_NS_05_12;
import static org.junit.Assert.assertEquals;
import static org.junit.Assert.assertNotNull;
import static org.junit.Assert.assertTrue;
Expand Down Expand Up @@ -296,66 +304,69 @@ public void testCustomParameterInRSTClaimsHandler2() throws Exception {
@org.junit.Test
public void testCustomParameterToRESTInterface() throws Exception {

SpringBusFactory bf = new SpringBusFactory();
URL busFile = CustomParameterTest.class.getResource("cxf-client.xml");

Bus bus = bf.createBus(busFile.toString());
BusFactory.setDefaultBus(bus);
BusFactory.setThreadDefaultBus(bus);

String address = "https://localhost:" + STSPORT + "/SecurityTokenServiceREST/token";
WebClient client = WebClient.create(address, busFile.toString());

client.type("application/xml").accept("application/xml");

// Create RequestSecurityToken
W3CDOMStreamWriter writer = new W3CDOMStreamWriter();
String namespace = STSUtils.WST_NS_05_12;
writer.writeStartElement("wst", "RequestSecurityToken", namespace);
writer.writeNamespace("wst", namespace);
WebClient client = WebClient.create(address, getClass().getResource("cxf-client.xml").toString())
.type(MediaType.APPLICATION_XML)
.accept(MediaType.APPLICATION_XML);

ObjectFactory of = new ObjectFactory();
RequestSecurityTokenType request = of.createRequestSecurityTokenType();
request.getAny().add(of.createRequestType(WST_NS_05_12 + "/Issue"));
request.getAny().add(of.createTokenType(SAML2_TOKEN_TYPE));

ClaimsType claims = of.createClaimsType();
claims.setDialect(IDT_NS_05_05);
Element claimsType = DOMUtils.getEmptyDocument().createElementNS(IDT_NS_05_05, "ClaimType");
claimsType.setAttribute("Uri", IDT_NS_05_05 + "/claims/role");
claims.getAny().add(claimsType);
request.getAny().add(of.createClaims(claims));

writer.writeStartElement("wst", "RequestType", namespace);
writer.writeCharacters(namespace + "/Issue");
writer.writeEndElement();
// Add custom content to the RST
Element realm = DOMUtils.getEmptyDocument().createElementNS("http://cxf.apache.org/custom", "realm");
realm.setTextContent("custom-realm");
request.getAny().add(realm);

writer.writeStartElement("wst", "TokenType", namespace);
writer.writeCharacters(SAML2_TOKEN_TYPE);
writer.writeEndElement();
RequestSecurityTokenResponseType securityResponse =
client.post(
of.createRequestSecurityToken(request),
RequestSecurityTokenResponseType.class);

writer.writeStartElement("wst", "Claims", namespace);
writer.writeAttribute("Dialect", "http://schemas.xmlsoap.org/ws/2005/05/identity");
writer.writeStartElement("ic", "ClaimType", "http://schemas.xmlsoap.org/ws/2005/05/identity");
writer.writeAttribute("Uri", "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/role");
writer.writeEndElement();
writer.writeEndElement();
Element assertion = validateSAMLSecurityTokenResponse(securityResponse, true);
assertTrue(DOM2Writer.nodeToString(assertion).contains("admin-user"));

// Add custom content to the RST
writer.writeStartElement("", "realm", "http://cxf.apache.org/custom");
writer.writeCharacters("custom-realm");
writer.writeEndElement();
client.close();
}

writer.writeEndElement();
@org.junit.Test
public void testCustomParameterToRealmRestInterface() throws Exception {

Response response = client.post(new DOMSource(writer.getDocument().getDocumentElement()));
GetTokenRequest getTokenRequest = new GetTokenRequest();
getTokenRequest.setTokenType(SAML2_TOKEN_TYPE);
getTokenRequest.setClaims(Collections.singletonList("role"));

RequestSecurityTokenResponseType securityResponse =
response.readEntity(RequestSecurityTokenResponseType.class);
final RealmSecurityTokenService client = JAXRSClientFactory.create(
"https://localhost:" + STSPORT + "/RealmSecurityTokenService",
RealmSecurityTokenService.class,
getClass().getResource("cxf-client.xml").toString());
Document assertionDoc =
client.getToken("custom-realm", getTokenRequest)
.readEntity(Document.class);

Element assertion = validateSAMLSecurityTokenResponse(securityResponse, true);
Element assertion = validateSAMLToken(assertionDoc.getDocumentElement(), true);
assertTrue(DOM2Writer.nodeToString(assertion).contains("admin-user"));

bus.shutdown(true);
}

private Element validateSAMLSecurityTokenResponse(
private static Element validateSAMLSecurityTokenResponse(
RequestSecurityTokenResponseType securityResponse, boolean saml2
) throws Exception {
RequestedSecurityTokenType requestedSecurityToken = getRequestedSecurityToken(securityResponse);
assertNotNull(requestedSecurityToken);

// Process the token
List<WSSecurityEngineResult> results =
processToken((Element)requestedSecurityToken.getAny());
return validateSAMLToken((Element)requestedSecurityToken.getAny(), saml2);
}

private static Element validateSAMLToken(Element assertionElement, boolean saml2) throws Exception {
List<WSSecurityEngineResult> results = processToken(assertionElement);

assertTrue(results != null && results.size() == 1);
SamlAssertionWrapper assertion =
Expand All @@ -371,7 +382,8 @@ private Element validateSAMLSecurityTokenResponse(
return (Element)results.get(0).get(WSSecurityEngineResult.TAG_TOKEN_ELEMENT);
}

private RequestedSecurityTokenType getRequestedSecurityToken(RequestSecurityTokenResponseType securityResponse) {
private static RequestedSecurityTokenType getRequestedSecurityToken(
RequestSecurityTokenResponseType securityResponse) {
for (Object obj : securityResponse.getAny()) {
if (obj instanceof JAXBElement<?>) {
JAXBElement<?> jaxbElement = (JAXBElement<?>)obj;
Expand All @@ -383,7 +395,7 @@ private RequestedSecurityTokenType getRequestedSecurityToken(RequestSecurityToke
return null;
}

private List<WSSecurityEngineResult> processToken(Element assertionElement)
private static List<WSSecurityEngineResult> processToken(Element assertionElement)
throws Exception {
RequestData requestData = new RequestData();
requestData.setDisableBSPEnforcement(true);
Expand Down
19 changes: 1 addition & 18 deletions ...ices/sts/systests/advanced/src/test/java/org/apache/cxf/systest/sts/custom/STSServer.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -18,30 +18,13 @@
*/
package org.apache.cxf.systest.sts.custom;

import java.net.URL;

import org.apache.cxf.Bus;
import org.apache.cxf.BusFactory;
import org.apache.cxf.bus.spring.SpringBusFactory;
import org.apache.cxf.testutil.common.AbstractBusTestServerBase;

public class STSServer extends AbstractBusTestServerBase {

public STSServer() {

}

protected void run() {
URL busFile = STSServer.class.getResource("cxf-sts.xml");
Bus busLocal = new SpringBusFactory().createBus(busFile);
BusFactory.setDefaultBus(busLocal);
setBus(busLocal);

try {
new STSServer();
} catch (Exception e) {
e.printStackTrace();
}
setBus(new SpringBusFactory().createBus(STSServer.class.getResource("cxf-sts.xml")));
}

public static void main(String[] args) {
Expand Down
19 changes: 1 addition & 18 deletions services/sts/systests/advanced/src/test/java/org/apache/cxf/systest/sts/custom/Server.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -18,29 +18,12 @@
*/
package org.apache.cxf.systest.sts.custom;

import java.net.URL;

import org.apache.cxf.Bus;
import org.apache.cxf.BusFactory;
import org.apache.cxf.bus.spring.SpringBusFactory;
import org.apache.cxf.testutil.common.AbstractBusTestServerBase;

public class Server extends AbstractBusTestServerBase {

public Server() {

}

protected void run() {
URL busFile = Server.class.getResource("cxf-service.xml");
Bus busLocal = new SpringBusFactory().createBus(busFile);
BusFactory.setDefaultBus(busLocal);
setBus(busLocal);

try {
new Server();
} catch (Exception e) {
e.printStackTrace();
}
setBus(new SpringBusFactory().createBus(Server.class.getResource("cxf-service.xml")));
}
}
21 changes: 19 additions & 2 deletions ...systests/advanced/src/test/resources/org/apache/cxf/systest/sts/custom/cxf-sts-common.xml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -73,12 +73,26 @@
<ref bean="transportJWTTokenValidator"/>
</util:list>
<bean id="transportCustomBSTTokenProvider" class="org.apache.cxf.systest.sts.deployment.CustomBSTTokenProvider">
</bean>
</bean>

<bean id="customRealm" class="org.apache.cxf.sts.rest.token.realm.ExtRealmProperties">
<property name="issuer" value="STS Custom Realm" />
<property name="name" value="custom-realm" />
<property name="rsSecurityProperties">
<map/>
</property>
</bean>

<util:map id="realms">
<entry key="custom-realm" value-ref="customRealm" />
</util:map>

<bean id="transportSamlTokenProvider" class="org.apache.cxf.sts.token.provider.SAMLTokenProvider">
<!-- <property name="attributeStatementProviders" ref="attributeStatementProvidersList" />-->
<property name="realmMap" ref="realms" />
</bean>
<bean id="transportJWTTokenProvider" class="org.apache.cxf.sts.token.provider.jwt.JWTTokenProvider">
</bean>
</bean>
<!--
<util:list id="attributeStatementProvidersList">
<ref bean="defaultAttributeProvider" />
Expand Down Expand Up @@ -133,6 +147,9 @@
<property name="encryptionCryptoProperties" value="${encryption.properties}"/>
<property name="issuer" value="${issuer}"/>
<property name="encryptionUsername" value="${encryption.username}"/>
<property name="realmParser">
<bean class="org.apache.cxf.sts.rest.impl.UriRealmParser" />
</property>
</bean>

<bean id="restSTS" class="org.apache.cxf.sts.rest.RESTSecurityTokenServiceImpl">
Expand Down
Loading

0 comments on commit f19b3b8

Please sign in to comment.