Package org.apache.cxf.sts.request

Examples of org.apache.cxf.sts.request.ReceivedToken


        requestData.setWssConfig(WSSConfig.getNewInstance());
        requestData.setCallbackHandler(callbackHandler);
        requestData.setMsgContext(tokenParameters.getWebServiceContext().getMessageContext());

        TokenValidatorResponse response = new TokenValidatorResponse();
        ReceivedToken validateTarget = tokenParameters.getToken();
        validateTarget.setState(STATE.INVALID);
        response.setToken(validateTarget);
       
        if (!validateTarget.isBinarySecurityToken()) {
            return response;
        }

        BinarySecurityTokenType binarySecurityType = (BinarySecurityTokenType)validateTarget.getToken();

        // Test the encoding type
        String encodingType = binarySecurityType.getEncodingType();
        if (!BASE64_ENCODING.equals(encodingType)) {
            LOG.fine("Bad encoding type attribute specified: " + encodingType);
            return response;
        }

        //
        // Turn the received JAXB object into a DOM element
        //
        Document doc = DOMUtils.createDocument();
        BinarySecurity binarySecurity = new X509Security(doc);
        binarySecurity.setEncodingType(encodingType);
        binarySecurity.setValueType(binarySecurityType.getValueType());
        String data = binarySecurityType.getValue();
        ((Text)binarySecurity.getElement().getFirstChild()).setData(data);

        //
        // Validate the token
        //
        try {
            Credential credential = new Credential();
            credential.setBinarySecurityToken(binarySecurity);
            if (sigCrypto != null) {
                X509Certificate cert = ((X509Security)binarySecurity).getX509Certificate(sigCrypto);
                credential.setCertificates(new X509Certificate[]{cert});
            }

            Credential returnedCredential = validator.validate(credential, requestData);
            response.setPrincipal(returnedCredential.getCertificates()[0].getSubjectX500Principal());
            validateTarget.setState(STATE.VALID);
        } catch (WSSecurityException ex) {
            LOG.log(Level.WARNING, "", ex);
        }
        return response;
    }
View Full Code Here


        TokenRequirements tokenRequirements = providerParameters.getTokenRequirements();
        String tokenType = tokenRequirements.getTokenType();
        AttributeBean attributeBean = createDefaultAttribute(tokenType);
        attributeList.add(attributeBean);
       
        ReceivedToken actAs = tokenRequirements.getActAs();
        try {
            if (actAs != null) {
                AttributeBean parameterBean =
                    handleAdditionalParameters(actAs.getToken(), tokenType);
                if (!parameterBean.getAttributeValues().isEmpty()) {
                    attributeList.add(parameterBean);
                }
            }
        } catch (WSSecurityException ex) {
View Full Code Here

            renewerParameters.setTokenStore(getTokenStore());
           
            renewerParameters.setKeyRequirements(keyRequirements);
            renewerParameters.setTokenRequirements(tokenRequirements)
           
            ReceivedToken renewTarget = tokenRequirements.getRenewTarget();
            if (renewTarget == null || renewTarget.getToken() == null) {
                throw new STSException("No element presented for renewal", STSException.INVALID_REQUEST);
            }
            renewerParameters.setToken(renewTarget);
           
            if (tokenRequirements.getTokenType() == null) {
                LOG.fine("Received TokenType is null");
            }
           
            // Get the realm of the request
            String realm = null;
            if (stsProperties.getRealmParser() != null) {
                RealmParser realmParser = stsProperties.getRealmParser();
                realm = realmParser.parseRealm(context);
            }
            renewerParameters.setRealm(realm);
           
            // Validate the request
            TokenValidatorResponse tokenResponse = validateReceivedToken(
                    context, realm, tokenRequirements, renewTarget);
           
            if (tokenResponse == null) {
                LOG.fine("No Token Validator has been found that can handle this token");
                renewTarget.setState(STATE.INVALID);
                throw new STSException(
                    "No Token Validator has been found that can handle this token"
                    + tokenRequirements.getTokenType(),
                    STSException.REQUEST_FAILED
                );
View Full Code Here

            validatorParameters.setTokenStore(getTokenStore());
           
            //validatorParameters.setKeyRequirements(keyRequirements);
            validatorParameters.setTokenRequirements(tokenRequirements);
           
            ReceivedToken validateTarget = tokenRequirements.getValidateTarget();
            if (validateTarget == null || validateTarget.getToken() == null) {
                throw new STSException("No element presented for validation", STSException.INVALID_REQUEST);
            }
            validatorParameters.setToken(validateTarget);
           
            if (tokenRequirements.getTokenType() == null) {
                tokenRequirements.setTokenType(STSConstants.STATUS);
                LOG.fine(
                    "Received TokenType is null, falling back to default token type: "
                    + STSConstants.STATUS
                );
            }
           
            // Get the realm of the request
            String realm = null;
            if (stsProperties.getRealmParser() != null) {
                RealmParser realmParser = stsProperties.getRealmParser();
                realm = realmParser.parseRealm(context);
            }
            validatorParameters.setRealm(realm);
           
            TokenValidatorResponse tokenResponse = validateReceivedToken(
                    context, realm, tokenRequirements, validateTarget);
           
            if (tokenResponse == null) {
                LOG.fine("No Token Validator has been found that can handle this token");
                tokenResponse = new TokenValidatorResponse();
                validateTarget.setState(STATE.INVALID);
                tokenResponse.setToken(validateTarget);
            }
           
            //
            // Create a new token (if requested)
View Full Code Here

            cancellerParameters.setTokenStore(getTokenStore());
           
            cancellerParameters.setKeyRequirements(keyRequirements);
            cancellerParameters.setTokenRequirements(tokenRequirements)
           
            ReceivedToken cancelTarget = tokenRequirements.getCancelTarget();
            if (cancelTarget == null || cancelTarget.getToken() == null) {
                throw new STSException("No element presented for cancellation", STSException.INVALID_REQUEST);
            }
            cancellerParameters.setToken(cancelTarget);
           
            if (tokenRequirements.getTokenType() == null) {
View Full Code Here

                    SAMLTokenPrincipal samlPrincipal = new SAMLTokenPrincipal(assertion);
                    if (LOG.isLoggable(Level.FINE)) {
                        LOG.fine("SAML token realm of user '" + samlPrincipal.getName() + "' is " + wssecRealm);
                    }
                   
                    ReceivedToken wssecToken = new ReceivedToken(assertion.getElement());
                    wssecToken.setState(STATE.VALID);
                    TokenValidatorResponse tokenResponse = new TokenValidatorResponse();
                    tokenResponse.setPrincipal(samlPrincipal);
                    tokenResponse.setToken(wssecToken);
                    tokenResponse.setTokenRealm(wssecRealm);
                    tokenResponse.setAdditionalProperties(new HashMap<String, Object>());
                    processValidToken(providerParameters, wssecToken, tokenResponse);
                    providerParameters.setPrincipal(wssecToken.getPrincipal());
                }
            }
           
            // Validate OnBehalfOf token if present
            if (providerParameters.getTokenRequirements().getOnBehalfOf() != null) {
                ReceivedToken validateTarget = providerParameters.getTokenRequirements().getOnBehalfOf();
                TokenValidatorResponse tokenResponse = validateReceivedToken(
                        context, realm, tokenRequirements, validateTarget);
   
                if (tokenResponse == null) {
                    LOG.fine("No Token Validator has been found that can handle this token");
                } else if (validateTarget.getState().equals(STATE.INVALID)) {
                    throw new STSException("Incoming token is invalid", STSException.REQUEST_FAILED);
                } else if (validateTarget.getState().equals(STATE.VALID)) {
                    processValidToken(providerParameters, validateTarget, tokenResponse);
                } else {
                    //[TODO] Add plugin for validation out-of-band
                    // Example:
                    // If the requestor is in the possession of a certificate (mutual ssl handshake)
View Full Code Here

        Element samlToken =
            createSAMLAssertion(WSConstants.WSS_SAML_TOKEN_TYPE, crypto, "mystskey", callbackHandler);
        Document doc = samlToken.getOwnerDocument();
        samlToken = (Element)doc.appendChild(samlToken);
       
        ReceivedToken validateTarget = new ReceivedToken(samlToken);
        tokenRequirements.setValidateTarget(validateTarget);
        validatorParameters.setToken(validateTarget);
       
        assertTrue(samlTokenValidator.canHandleToken(validateTarget));
       
View Full Code Here

        Element samlToken =
            createSAMLAssertion(WSConstants.WSS_SAML2_TOKEN_TYPE, crypto, "mystskey", callbackHandler);
        Document doc = samlToken.getOwnerDocument();
        samlToken = (Element)doc.appendChild(samlToken);
       
        ReceivedToken validateTarget = new ReceivedToken(samlToken);
        tokenRequirements.setValidateTarget(validateTarget);
        validatorParameters.setToken(validateTarget);
       
        assertTrue(samlTokenValidator.canHandleToken(validateTarget));
       
View Full Code Here

                WSConstants.WSS_SAML_TOKEN_TYPE, crypto, "mystskey", callbackHandler
            );
        Document doc = samlToken.getOwnerDocument();
        samlToken = (Element)doc.appendChild(samlToken);
       
        ReceivedToken validateTarget = new ReceivedToken(samlToken);
        tokenRequirements.setValidateTarget(validateTarget);
        validatorParameters.setToken(validateTarget);
       
        assertTrue(samlTokenValidator.canHandleToken(validateTarget));
       
View Full Code Here

        Element samlToken =
            createSAMLAssertion(WSConstants.WSS_SAML_TOKEN_TYPE, crypto, "eve", callbackHandler);
        Document doc = samlToken.getOwnerDocument();
        samlToken = (Element)doc.appendChild(samlToken);
       
        ReceivedToken validateTarget = new ReceivedToken(samlToken);
        tokenRequirements.setValidateTarget(validateTarget);
        validatorParameters.setToken(validateTarget);
       
        assertTrue(samlTokenValidator.canHandleToken(validateTarget));
       
View Full Code Here

TOP

Related Classes of org.apache.cxf.sts.request.ReceivedToken

Copyright © 2018 www.massapicom. All rights reserved.
All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.