RequestSecurityToken request = new RequestSecurityToken();
request.setLifetime(WSTrustUtil.createDefaultLifetime(3600000));
request.setAppliesTo(WSTrustUtil.createAppliesTo("http://services.testcorp.org/provider2"));
request.setTokenType(URI.create(SAMLUtil.SAML2_TOKEN_TYPE));
WSTrustRequestContext context = new WSTrustRequestContext(request, new TestPrincipal("sguilhen"));
context.setTokenIssuer("PicketLinkSTS");
// call the SAML token provider and check the generated token.
this.provider.issueToken(context);
assertNotNull("Unexpected null security token", context.getSecurityToken());
SecurityToken securityToken = context.getSecurityToken();
AssertionType assertion = assertionParser.fromElement((Element) securityToken.getTokenValue());
/*
* JAXBContext jaxbContext = JAXBContext.newInstance("org.picketlink.identity.federation.saml.v2.assertion");
* Unmarshaller unmarshaller = jaxbContext.createUnmarshaller(); JAXBElement<?> parsedElement = (JAXBElement<?>)
* unmarshaller.unmarshal((Element) context.getSecurityToken() .getTokenValue());
* assertNotNull("Unexpected null element", parsedElement); assertEquals("Unexpected element type", AssertionType.class,
* parsedElement.getDeclaredType());
*
* AssertionType assertion = (AssertionType) parsedElement.getValue(); StandardSecurityToken securityToken =
* (StandardSecurityToken) context.getSecurityToken();
*/
assertEquals("Unexpected token id", securityToken.getTokenID(), assertion.getID());
assertEquals("Unexpected token issuer", "PicketLinkSTS", assertion.getIssuer().getValue());
// check the contents of the assertion conditions.
ConditionsType conditions = assertion.getConditions();
assertNotNull("Unexpected null conditions", conditions);
assertNotNull("Unexpected null value for NotBefore attribute", conditions.getNotBefore());
assertNotNull("Unexpected null value for NotOnOrAfter attribute", conditions.getNotOnOrAfter());
assertEquals("Unexpected number of conditions", 1, conditions.getConditions().size());
AudienceRestrictionType restrictionType = (AudienceRestrictionType) conditions.getConditions().get(0);
assertNotNull("Unexpected null audience list", restrictionType.getAudience());
assertEquals("Unexpected number of audience elements", 1, restrictionType.getAudience().size());
assertEquals("Unexpected audience value", "http://services.testcorp.org/provider2", restrictionType.getAudience()
.get(0).toString());
// check the contents of the assertion subject.
SubjectType subject = assertion.getSubject();
assertNotNull("Unexpected null subject", subject);
NameIDType nameID = (NameIDType) subject.getSubType().getBaseID();
assertEquals("Unexpected name id qualifier", "urn:picketlink:identity-federation", nameID.getNameQualifier());
assertEquals("Unexpected name id", "sguilhen", nameID.getValue());
SubjectConfirmationType confirmation = subject.getConfirmation().get(0);
assertEquals("Unexpected confirmation method", SAMLUtil.SAML2_BEARER_URI, confirmation.getMethod());
// validate the attached token reference created by the SAML provider.
RequestedReferenceType reference = context.getAttachedReference();
assertNotNull("Unexpected null attached reference", reference);
SecurityTokenReferenceType securityRef = reference.getSecurityTokenReference();
assertNotNull("Unexpected null security reference", securityRef);
String tokenTypeAttr = securityRef.getOtherAttributes().get(new QName(WSTrustConstants.WSSE11_NS, "TokenType"));
assertNotNull("Required attribute TokenType is missing", tokenTypeAttr);