* @throws Exception if an error occurs while running the test.
*/
@Test
public void testInvokeSAML20Cancel() throws Exception {
// create a simple token request.
RequestSecurityToken request = this.createRequest("testcontext", WSTrustConstants.ISSUE_REQUEST,
SAMLUtil.SAML2_TOKEN_TYPE, null);
Source requestMessage = this.createSourceFromRequest(request);
// invoke the token service.
Source responseMessage = this.tokenService.invoke(requestMessage);
WSTrustParser parser = new WSTrustParser();
BaseRequestSecurityTokenResponse baseResponse = (BaseRequestSecurityTokenResponse) parser.parse(DocumentUtil
.getSourceAsStream(responseMessage));
// validate the response and get the SAML assertion from the request.
this.validateSAMLAssertionResponse(baseResponse, "testcontext", "jduke", SAMLUtil.SAML2_BEARER_URI);
RequestSecurityTokenResponseCollection collection = (RequestSecurityTokenResponseCollection) baseResponse;
Element assertion = (Element) collection.getRequestSecurityTokenResponses().get(0).getRequestedSecurityToken().getAny()
.get(0);
// now construct a WS-Trust cancel request with the generated assertion.
request = this.createRequest("cancelcontext", WSTrustConstants.CANCEL_REQUEST, null, null);
CancelTargetType cancelTarget = new CancelTargetType();
cancelTarget.add(assertion);
request.setCancelTarget(cancelTarget);
// invoke the token service.
responseMessage = this.tokenService.invoke(this.createSourceFromRequest(request));
baseResponse = (BaseRequestSecurityTokenResponse) parser.parse(DocumentUtil.getSourceAsStream(responseMessage));
// validate the response contents.
assertNotNull("Unexpected null response", baseResponse);
assertTrue("Unexpected response type", baseResponse instanceof RequestSecurityTokenResponseCollection);
collection = (RequestSecurityTokenResponseCollection) baseResponse;
assertEquals("Unexpected number of responses", 1, collection.getRequestSecurityTokenResponses().size());
RequestSecurityTokenResponse response = collection.getRequestSecurityTokenResponses().get(0);
assertEquals("Unexpected response context", "cancelcontext", response.getContext());
assertNotNull("Cancel response should contain a RequestedTokenCancelled element", response.getRequestedTokenCancelled());
// try to validate the canceled assertion.
request = this.createRequest("validatecontext", WSTrustConstants.VALIDATE_REQUEST, null, null);
ValidateTargetType validateTarget = new ValidateTargetType();
validateTarget.add(assertion);
request.setValidateTarget(validateTarget);
// the response should contain a status indicating that the token is not valid.
responseMessage = this.tokenService.invoke(this.createSourceFromRequest(request));
collection = (RequestSecurityTokenResponseCollection) parser.parse(DocumentUtil.getSourceAsStream(responseMessage));
assertEquals("Unexpected number of responses", 1, collection.getRequestSecurityTokenResponses().size());
response = collection.getRequestSecurityTokenResponses().get(0);
assertEquals("Unexpected response context", "validatecontext", response.getContext());
assertEquals("Unexpected token type", WSTrustConstants.STATUS_TYPE, response.getTokenType().toString());
StatusType status = response.getStatus();
assertNotNull("Unexpected null status", status);
assertEquals("Unexpected status code", WSTrustConstants.STATUS_CODE_INVALID, status.getCode());
assertEquals("Unexpected status reason", "Validation failure: assertion with id " + assertion.getAttribute("ID")
+ " has been canceled", status.getReason());
// now try to renew the canceled assertion.
request = this.createRequest("renewcontext", WSTrustConstants.RENEW_REQUEST, null, null);
RenewTargetType renewTarget = new RenewTargetType();
renewTarget.add(assertion);
request.setRenewTarget(renewTarget);
// we should receive an exception when renewing the token.
try {
this.tokenService.invoke(this.createSourceFromRequest(request));
fail("Renewing a canceled token should result in an exception being thrown");