stsProperties.setEncryptionCrypto(encryptionCrypto);
stsProperties.setCallbackHandler(new PasswordCallbackHandler());
issueOperation.setStsProperties(stsProperties);
// Mock up a request
RequestSecurityTokenType request = new RequestSecurityTokenType();
JAXBElement<String> tokenType =
new JAXBElement<String>(
QNameConstants.TOKEN_TYPE, String.class, DummyTokenProvider.TOKEN_TYPE
);
request.getAny().add(tokenType);
request.getAny().add(createAppliesToElement("http://dummy-service.com/dummy"));
JAXBElement<String> encryptionAlgorithmType =
new JAXBElement<String>(
QNameConstants.KEYWRAP_ALGORITHM, String.class, WSConstants.KEYTRANSPORT_RSAOEP
);
request.getAny().add(encryptionAlgorithmType);
// Mock up message context
MessageImpl msg = new MessageImpl();
WrappedMessageContext msgCtx = new WrappedMessageContext(msg);
WebServiceContextImpl webServiceContext = new WebServiceContextImpl(msgCtx);
// Issue a token
RequestSecurityTokenResponseCollectionType response =
issueOperation.issue(request, webServiceContext);
List<RequestSecurityTokenResponseType> securityTokenResponse =
response.getRequestSecurityTokenResponse();
assertTrue(!securityTokenResponse.isEmpty());
// Now specify a non-supported algorithm
String aesKw = "http://www.w3.org/2001/04/xmlenc#kw-aes128";
List<String> acceptedAlgorithms = Collections.singletonList(aesKw);
encryptionProperties.setAcceptedKeyWrapAlgorithms(acceptedAlgorithms);
request.getAny().remove(request.getAny().size() - 1);
encryptionAlgorithmType =
new JAXBElement<String>(
QNameConstants.KEYWRAP_ALGORITHM, String.class, aesKw
);
request.getAny().add(encryptionAlgorithmType);
try {
issueOperation.issue(request, webServiceContext);
fail("Failure expected on a bad key-wrap algorithm");
} catch (STSException ex) {
// expected