Package org.picketlink.identity.federation.core.wstrust

Examples of org.picketlink.identity.federation.core.wstrust.WSTrustRequestContext


        RequestSecurityToken request = new RequestSecurityToken();
        request.setLifetime(WSTrustUtil.createDefaultLifetime(3600000));
        request.setAppliesTo(WSTrustUtil.createAppliesTo("http://services.testcorp.org/provider2"));
        request.setTokenType(URI.create(SAMLUtil.SAML2_TOKEN_TYPE));

        WSTrustRequestContext context = new WSTrustRequestContext(request, new TestPrincipal("sguilhen"));
        context.setTokenIssuer("PicketLinkSTS");

        // call the SAML token provider and check the generated token.
        this.provider.issueToken(context);
        assertNotNull("Unexpected null security token", context.getSecurityToken());

        SecurityToken securityToken = context.getSecurityToken();

        AssertionType assertion = assertionParser.fromElement((Element) securityToken.getTokenValue());
        /*
         * JAXBContext jaxbContext = JAXBContext.newInstance("org.picketlink.identity.federation.saml.v2.assertion");
         * Unmarshaller unmarshaller = jaxbContext.createUnmarshaller(); JAXBElement<?> parsedElement = (JAXBElement<?>)
         * unmarshaller.unmarshal((Element) context.getSecurityToken() .getTokenValue());
         * assertNotNull("Unexpected null element", parsedElement); assertEquals("Unexpected element type", AssertionType.class,
         * parsedElement.getDeclaredType());
         *
         * AssertionType assertion = (AssertionType) parsedElement.getValue(); StandardSecurityToken securityToken =
         * (StandardSecurityToken) context.getSecurityToken();
         */
        assertEquals("Unexpected token id", securityToken.getTokenID(), assertion.getID());
        assertEquals("Unexpected token issuer", "PicketLinkSTS", assertion.getIssuer().getValue());

        // check the contents of the assertion conditions.
        ConditionsType conditions = assertion.getConditions();
        assertNotNull("Unexpected null conditions", conditions);
        assertNotNull("Unexpected null value for NotBefore attribute", conditions.getNotBefore());
        assertNotNull("Unexpected null value for NotOnOrAfter attribute", conditions.getNotOnOrAfter());
        assertEquals("Unexpected number of conditions", 1, conditions.getConditions().size());

        AudienceRestrictionType restrictionType = (AudienceRestrictionType) conditions.getConditions().get(0);
        assertNotNull("Unexpected null audience list", restrictionType.getAudience());
        assertEquals("Unexpected number of audience elements", 1, restrictionType.getAudience().size());
        assertEquals("Unexpected audience value", "http://services.testcorp.org/provider2", restrictionType.getAudience()
                .get(0).toString());

        // check the contents of the assertion subject.
        SubjectType subject = assertion.getSubject();
        assertNotNull("Unexpected null subject", subject);

        NameIDType nameID = (NameIDType) subject.getSubType().getBaseID();
        assertEquals("Unexpected name id qualifier", "urn:picketlink:identity-federation", nameID.getNameQualifier());
        assertEquals("Unexpected name id", "sguilhen", nameID.getValue());

        SubjectConfirmationType confirmation = subject.getConfirmation().get(0);
        assertEquals("Unexpected confirmation method", SAMLUtil.SAML2_BEARER_URI, confirmation.getMethod());

        // validate the attached token reference created by the SAML provider.
        RequestedReferenceType reference = context.getAttachedReference();
        assertNotNull("Unexpected null attached reference", reference);
        SecurityTokenReferenceType securityRef = reference.getSecurityTokenReference();
        assertNotNull("Unexpected null security reference", securityRef);
        String tokenTypeAttr = securityRef.getOtherAttributes().get(new QName(WSTrustConstants.WSSE11_NS, "TokenType"));
        assertNotNull("Required attribute TokenType is missing", tokenTypeAttr);
View Full Code Here


        RequestSecurityToken request = new RequestSecurityToken();
        request.setLifetime(WSTrustUtil.createDefaultLifetime(3600000));
        request.setAppliesTo(WSTrustUtil.createAppliesTo("http://services.testcorp.org/provider2"));
        request.setTokenType(URI.create(SAMLUtil.SAML2_TOKEN_TYPE));

        WSTrustRequestContext context = new WSTrustRequestContext(request, new TestPrincipal("sguilhen"));
        context.setTokenIssuer("PicketLinkSTS");

        // let's set a symmetric key proof-of-possession token in the context.
        byte[] secret = WSTrustUtil.createRandomSecret(32);
        PublicKey serviceKey = this.getCertificate("keystore/sts_keystore.jks", "testpass", "service2").getPublicKey();
        context.setProofTokenInfo(WSTrustUtil.createKeyInfo(secret, serviceKey, null));

        // call the SAML token provider and check the generated token.
        this.provider.issueToken(context);
        assertNotNull("Unexpected null security token", context.getSecurityToken());

        // check if the assertion has a subject confirmation that contains the encrypted symmetric key.
        AssertionType assertion = SAMLUtil.fromElement((Element) context.getSecurityToken().getTokenValue());
        SubjectType subject = assertion.getSubject();
        assertNotNull("Unexpected null subject", subject);

        NameIDType nameID = (NameIDType) subject.getSubType().getBaseID();
        assertEquals("Unexpected name id qualifier", "urn:picketlink:identity-federation", nameID.getNameQualifier());
        assertEquals("Unexpected name id", "sguilhen", nameID.getValue());

        SubjectConfirmationType confirmation = subject.getConfirmation().get(0);
        assertEquals("Unexpected confirmation method", SAMLUtil.SAML2_HOLDER_OF_KEY_URI, confirmation.getMethod());

        SubjectConfirmationDataType confirmData = confirmation.getSubjectConfirmationData();
        KeyInfoType keyInfo = (KeyInfoType) confirmData.getAnyType();
        assertEquals("Unexpected key info content size", 1, keyInfo.getContent().size());
        Element encKeyElement = (Element) keyInfo.getContent().get(0);
        assertEquals("Unexpected key info content type", WSTrustConstants.XMLEnc.ENCRYPTED_KEY, encKeyElement.getLocalName());

        // Now let's set an asymmetric proof of possession token in the context.
        Certificate certificate = this.getCertificate("keystore/sts_keystore.jks", "testpass", "service1");
        context.setProofTokenInfo(WSTrustUtil.createKeyInfo(certificate));

        // call the SAML token provider and check the generated token.
        this.provider.issueToken(context);
        assertNotNull("Unexpected null security token", context.getSecurityToken());

        // check if the assertion has a subject confirmation that contains the encoded certificate.
        assertion = SAMLUtil.fromElement((Element) context.getSecurityToken().getTokenValue());
        subject = assertion.getSubject();
        nameID = (NameIDType) subject.getSubType().getBaseID();
        assertEquals("Unexpected name id qualifier", "urn:picketlink:identity-federation", nameID.getNameQualifier());
        assertEquals("Unexpected name id", "sguilhen", nameID.getValue());
        confirmation = subject.getConfirmation().get(0);
View Full Code Here

    public void testValidateSAMLV20Token() throws Exception {
        this.provider = new SAML20TokenProvider();
        provider.initialize(new HashMap<String, String>());

        // issue a SAMLV2.0 assertion.
        WSTrustRequestContext context = this.createIssuingContext(WSTrustUtil.createDefaultLifetime(3600000));
        this.provider.issueToken(context);

        // get the issued SAMLV2.0 assertion.
        Element assertion = (Element) context.getSecurityToken().getTokenValue();

        // now create a WS-Trust validate context.
        context = this.createValidatingContext(assertion);

        // validate the SAMLV2.0 assertion.
        this.provider.validateToken(context);
        StatusType status = context.getStatus();
        assertNotNull("Unexpected null status type", status);
        assertEquals("Unexpected status code", WSTrustConstants.STATUS_CODE_VALID, status.getCode());
        assertEquals("Unexpected status reason", "SAMLV2.0 Assertion successfuly validated", status.getReason());

        // now let's create a new SAMLV2.0 assertion with an expired lifetime.
        long currentTimeMillis = System.currentTimeMillis();
        GregorianCalendar created = new GregorianCalendar();
        created.setTimeInMillis(currentTimeMillis - 3600000);
        GregorianCalendar expires = new GregorianCalendar();
        expires.setTimeInMillis(currentTimeMillis - 1800000);
        context = this.createIssuingContext(new Lifetime(created, expires));

        provider.issueToken(context);
        assertion = (Element) context.getSecurityToken().getTokenValue();

        // try to validate the expired token.
        context = this.createValidatingContext(assertion);
        provider.validateToken(context);
        status = context.getStatus();
        assertNotNull("Unexpected null status type", status);
        assertEquals("Unexpected status code", WSTrustConstants.STATUS_CODE_INVALID, status.getCode());
        assertEquals("Unexpected status reason", "Validation failure: assertion expired or used before its lifetime period",
                status.getReason());
    }
View Full Code Here

        request.setLifetime(lifetime);
        request.setAppliesTo(WSTrustUtil.createAppliesTo("http://services.testcorp.org/provider2"));
        request.setRequestType(URI.create(WSTrustConstants.ISSUE_REQUEST));
        request.setTokenType(URI.create(SAMLUtil.SAML2_TOKEN_TYPE));

        WSTrustRequestContext context = new WSTrustRequestContext(request, new TestPrincipal("sguilhen"));
        context.setTokenIssuer("PicketLinkSTS");

        return context;
    }
View Full Code Here

        request.setValidateTarget(validateTarget);
        // we need to set the request document in the request object for the test.
        DOMSource requestSource = (DOMSource) this.createSourceFromRequest(request);
        request.setRSTDocument((Document) requestSource.getNode());

        WSTrustRequestContext context = new WSTrustRequestContext(request, new TestPrincipal("sguilhen"));
        return context;
    }
View Full Code Here

TOP

Related Classes of org.picketlink.identity.federation.core.wstrust.WSTrustRequestContext

Copyright © 2018 www.massapicom. All rights reserved.
All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.