Package org.picketlink.identity.federation.core.wstrust.wrappers

Examples of org.picketlink.identity.federation.core.wstrust.wrappers.RequestSecurityTokenResponse


        // validate the response contents.
        assertNotNull("Unexpected null response", baseResponse);
        assertTrue("Unexpected response type", baseResponse instanceof RequestSecurityTokenResponseCollection);
        collection = (RequestSecurityTokenResponseCollection) baseResponse;
        assertEquals("Unexpected number of responses", 1, collection.getRequestSecurityTokenResponses().size());
        RequestSecurityTokenResponse response = collection.getRequestSecurityTokenResponses().get(0);
        assertEquals("Unexpected response context", "cancelcontext", response.getContext());
        assertNotNull("Cancel response should contain a RequestedTokenCancelled element", response.getRequestedTokenCancelled());

        // try to validate the canceled assertion.
        request = this.createRequest("validatecontext", WSTrustConstants.VALIDATE_REQUEST, null, null);
        ValidateTargetType validateTarget = new ValidateTargetType();
        validateTarget.add(assertion);
        request.setValidateTarget(validateTarget);

        // the response should contain a status indicating that the token is not valid.
        responseMessage = this.tokenService.invoke(this.createSourceFromRequest(request));
        collection = (RequestSecurityTokenResponseCollection) parser.parse(DocumentUtil.getSourceAsStream(responseMessage));
        assertEquals("Unexpected number of responses", 1, collection.getRequestSecurityTokenResponses().size());
        response = collection.getRequestSecurityTokenResponses().get(0);
        assertEquals("Unexpected response context", "validatecontext", response.getContext());
        assertEquals("Unexpected token type", WSTrustConstants.STATUS_TYPE, response.getTokenType().toString());
        StatusType status = response.getStatus();
        assertNotNull("Unexpected null status", status);
        assertEquals("Unexpected status code", WSTrustConstants.STATUS_CODE_INVALID, status.getCode());
        assertEquals("Unexpected status reason", "Validation failure: assertion with id " + assertion.getAttribute("ID")
                + " has been canceled", status.getReason());
View Full Code Here


        WSTrustParser parser = new WSTrustParser();
        RequestSecurityTokenResponseCollection coll = (RequestSecurityTokenResponseCollection) parser.parse(configStream);
        assertEquals(1, coll.getRequestSecurityTokenResponses().size());

        RequestSecurityTokenResponse rstr = coll.getRequestSecurityTokenResponses().get(0);

        assertEquals("testcontext", rstr.getContext());
        assertEquals(SAMLUtil.SAML2_TOKEN_TYPE, rstr.getTokenType().toASCIIString());

        assertEquals(XMLTimeUtil.parse("2010-11-11T16:34:19.602Z"), rstr.getLifetime().getCreated());
        assertEquals(XMLTimeUtil.parse("2010-11-11T18:34:19.602Z"), rstr.getLifetime().getExpires());

        EndpointReferenceType endpoint = (EndpointReferenceType) rstr.getAppliesTo().getAny().get(0);
        assertEquals("http://services.testcorp.org/provider2", endpoint.getAddress().getValue());

        assertEquals(128, rstr.getKeySize());
        assertEquals(WSTrustConstants.KEY_TYPE_PUBLIC, rstr.getKeyType().toASCIIString());

        Element assertionElement = (Element) rstr.getRequestedSecurityToken().getAny().get(0);
        String id = assertionElement.getAttribute("ID");

        assertEquals("ID_5a15fc70-daa1-4808-b70e-9cbf6b8e4d4f", id);

        RequestedReferenceType ref = rstr.getRequestedAttachedReference();
        SecurityTokenReferenceType secRef = ref.getSecurityTokenReference();
        assertNotNull(secRef);
        Map<QName, String> map = secRef.getOtherAttributes();
        QName wsseTokenType = new QName(WSTrustConstants.WSSE11_NS, WSTrustConstants.TOKEN_TYPE,
                WSTrustConstants.WSSE.PREFIX_11);
View Full Code Here

            this.tokenService.invoke(requestMessage);
            Source responseMessage = this.tokenService.invoke(requestMessage);
            RequestSecurityTokenResponseCollection baseResponseColl = (RequestSecurityTokenResponseCollection) new WSTrustParser()
                    .parse(DocumentUtil.getSourceAsStream(responseMessage));

            RequestSecurityTokenResponse response = baseResponseColl.getRequestSecurityTokenResponses().get(0);
            StatusType status = response.getStatus();
            assertTrue(status.getCode().equals(WSTrustConstants.STATUS_CODE_INVALID));
            // fail("An exception should have been raised by the security token service");
        } catch (WebServiceException we) {
            assertNotNull("Unexpected null cause", we.getCause());
            assertTrue("Unexpected cause type", we.getCause() instanceof WSTrustException);
View Full Code Here

        assertNotNull("Unexpected null response", baseResponse);
        assertTrue("Unexpected response type", baseResponse instanceof RequestSecurityTokenResponseCollection);
        RequestSecurityTokenResponseCollection collection = (RequestSecurityTokenResponseCollection) baseResponse;
        assertEquals("Unexpected number of responses", 1, collection.getRequestSecurityTokenResponses().size());
        RequestSecurityTokenResponse response = collection.getRequestSecurityTokenResponses().get(0);
        assertEquals("Unexpected response context", "testcontext", response.getContext());
        assertEquals("Unexpected token type", "http://www.tokens.org/SpecialToken", response.getTokenType().toString());
        Lifetime lifetime = response.getLifetime();
        assertNotNull("Unexpected null token lifetime", lifetime);

        // ========================================= Custom Token Validation =========================================//

        RequestedSecurityTokenType requestedToken = response.getRequestedSecurityToken();
        assertNotNull("Unexpected null requested security token", requestedToken);
        Object token = requestedToken.getAny().get(0);
        assertNotNull("Unexpected null token", token);
        assertTrue("Unexpected token class", token instanceof Element);
        Element element = (Element) requestedToken.getAny().get(0);
View Full Code Here

        assertNotNull("Unexpected null response", baseResponse);
        assertTrue("Unexpected response type", baseResponse instanceof RequestSecurityTokenResponseCollection);
        RequestSecurityTokenResponseCollection collection = (RequestSecurityTokenResponseCollection) baseResponse;
        assertEquals("Unexpected number of responses", 1, collection.getRequestSecurityTokenResponses().size());
        RequestSecurityTokenResponse response = collection.getRequestSecurityTokenResponses().get(0);
        assertEquals("Unexpected response context", context, response.getContext());
        assertEquals("Unexpected token type", SAMLUtil.SAML11_TOKEN_TYPE, response.getTokenType().toString());
        Lifetime lifetime = response.getLifetime();
        assertNotNull("Unexpected null token lifetime", lifetime);

        // validate the attached token reference.
        RequestedReferenceType reference = response.getRequestedAttachedReference();
        assertNotNull("Unexpected null attached reference", reference);
        SecurityTokenReferenceType securityRef = reference.getSecurityTokenReference();
        assertNotNull("Unexpected null security reference", securityRef);
        String tokenTypeAttr = securityRef.getOtherAttributes().get(new QName(WSTrustConstants.WSSE11_NS, "TokenType"));
        assertNotNull("Required attribute TokenType is missing", tokenTypeAttr);
        assertEquals("TokenType attribute has an unexpected value", SAMLUtil.SAML11_TOKEN_TYPE, tokenTypeAttr);
        KeyIdentifierType keyId = (KeyIdentifierType) securityRef.getAny().get(0);
        assertEquals("Unexpected key value type", SAMLUtil.SAML11_VALUE_TYPE, keyId.getValueType());
        assertNotNull("Unexpected null key identifier value", keyId.getValue());

        // ====================================== SAMLV1.1 Assertion Validation ======================================//

        RequestedSecurityTokenType requestedToken = response.getRequestedSecurityToken();
        assertNotNull("Unexpected null requested security token", requestedToken);

        // unmarshall the SAMLV1.1 assertion.
        Element assertionElement = (Element) requestedToken.getAny().get(0);
        SAML11AssertionType assertion = SAMLUtil.saml11FromElement(assertionElement);
View Full Code Here

        assertNotNull("Unexpected null response", baseResponse);
        assertTrue("Unexpected response type", baseResponse instanceof RequestSecurityTokenResponseCollection);
        RequestSecurityTokenResponseCollection collection = (RequestSecurityTokenResponseCollection) baseResponse;
        assertEquals("Unexpected number of responses", 1, collection.getRequestSecurityTokenResponses().size());
        RequestSecurityTokenResponse response = collection.getRequestSecurityTokenResponses().get(0);
        assertEquals("Unexpected response context", context, response.getContext());
        assertEquals("Unexpected token type", SAMLUtil.SAML2_TOKEN_TYPE, response.getTokenType().toString());
        Lifetime lifetime = response.getLifetime();
        assertNotNull("Unexpected null token lifetime", lifetime);

        // validate the attached token reference.
        RequestedReferenceType reference = response.getRequestedAttachedReference();
        assertNotNull("Unexpected null attached reference", reference);
        SecurityTokenReferenceType securityRef = reference.getSecurityTokenReference();
        assertNotNull("Unexpected null security reference", securityRef);
        String tokenTypeAttr = securityRef.getOtherAttributes().get(new QName(WSTrustConstants.WSSE11_NS, "TokenType"));
        assertNotNull("Required attribute TokenType is missing", tokenTypeAttr);
        assertEquals("TokenType attribute has an unexpected value", SAMLUtil.SAML2_TOKEN_TYPE, tokenTypeAttr);
        KeyIdentifierType keyId = (KeyIdentifierType) securityRef.getAny().get(0);
        assertEquals("Unexpected key value type", SAMLUtil.SAML2_VALUE_TYPE, keyId.getValueType());
        assertNotNull("Unexpected null key identifier value", keyId.getValue());

        // ====================================== SAMLV2.0 Assertion Validation ======================================//

        RequestedSecurityTokenType requestedToken = response.getRequestedSecurityToken();
        assertNotNull("Unexpected null requested security token", requestedToken);

        // unmarshall the SAMLV2.0 assertion.
        Element assertionElement = (Element) requestedToken.getAny().get(0);
        AssertionType assertion = SAMLUtil.fromElement(assertionElement);
View Full Code Here

        InputStream configStream = tcl.getResourceAsStream("parser/wst/wst-response-unnatachedreference.xml");

        WSTrustParser parser = new WSTrustParser();
        RequestSecurityTokenResponseCollection requestTokenResponseCollection = (RequestSecurityTokenResponseCollection) parser.parse(configStream);
       
        RequestSecurityTokenResponse requestSecurityTokenResponse = requestTokenResponseCollection.getRequestSecurityTokenResponses().get(0);
       
        RequestedReferenceType requestedUnattachedReference = requestSecurityTokenResponse.getRequestedUnattachedReference();
       
        assertNotNull(requestedUnattachedReference);
       
        SecurityTokenReferenceType securityTokenReference = requestedUnattachedReference.getSecurityTokenReference();
       
View Full Code Here

        SubjectConfirmationType subjConfirmation = assertion.getSubject().getConfirmation().get(0);
        this.validateHolderOfKeyContents(subjConfirmation, WSTrustConstants.KEY_TYPE_SYMMETRIC, null, false);

        // check if the response contains the STS-generated key.
        RequestSecurityTokenResponseCollection collection = (RequestSecurityTokenResponseCollection) baseResponse;
        RequestSecurityTokenResponse response = collection.getRequestSecurityTokenResponses().get(0);
        RequestedProofTokenType proofToken = response.getRequestedProofToken();
        assertNotNull("Unexpected null proof token", proofToken);
        assertTrue(proofToken.getAny().get(0) instanceof BinarySecretType);
        BinarySecretType serverBinarySecret = (BinarySecretType) proofToken.getAny().get(0);
        assertNotNull("Unexpected null secret", serverBinarySecret.getValue());
        // default key size is 128 bits (16 bytes).
View Full Code Here

        // validate the holder of key contents.
        SubjectConfirmationType subjConfirmation = assertion.getSubject().getConfirmation().get(0);
        this.validateHolderOfKeyContents(subjConfirmation, WSTrustConstants.KEY_TYPE_SYMMETRIC, null, false);

        RequestSecurityTokenResponseCollection collection = (RequestSecurityTokenResponseCollection) baseResponse;
        RequestSecurityTokenResponse response = collection.getRequestSecurityTokenResponses().get(0);
        RequestedProofTokenType proofToken = response.getRequestedProofToken();
        assertNotNull("Unexpected null proof token", proofToken);
        assertTrue(proofToken.getAny().get(0) instanceof ComputedKeyType);
        ComputedKeyType computedKey = (ComputedKeyType) proofToken.getAny().get(0);
        assertEquals("Unexpected computed key algorithm", WSTrustConstants.CK_PSHA1, computedKey.getAlgorithm());

        // server entropy must have been included in the response to allow reconstruction of the computed key.
        EntropyType serverEntropy = response.getEntropy();
        assertNotNull("Unexpected null server entropy");
        assertEquals("Invalid number of elements in server entropy", 1, serverEntropy.getAny().size());
        BinarySecretType serverBinarySecret = (BinarySecretType) serverEntropy.getAny().get(0);
        assertEquals("Unexpected binary secret type", WSTrustConstants.BS_TYPE_NONCE, serverBinarySecret.getType());
        assertNotNull("Unexpected null secret value", serverBinarySecret.getValue());
View Full Code Here

        // validate the response contents.
        assertNotNull("Unexpected null response", baseResponse);
        assertTrue("Unexpected response type", baseResponse instanceof RequestSecurityTokenResponseCollection);
        collection = (RequestSecurityTokenResponseCollection) baseResponse;
        assertEquals("Unexpected number of responses", 1, collection.getRequestSecurityTokenResponses().size());
        RequestSecurityTokenResponse response = collection.getRequestSecurityTokenResponses().get(0);
        assertEquals("Unexpected response context", "validatecontext", response.getContext());
        assertEquals("Unexpected token type", WSTrustConstants.STATUS_TYPE, response.getTokenType().toString());
        StatusType status = response.getStatus();
        assertNotNull("Unexpected null status", status);
        assertEquals("Unexpected status code", WSTrustConstants.STATUS_CODE_VALID, status.getCode());
        assertEquals("Unexpected status reason", "SAMLV1.1 Assertion successfuly validated", status.getReason());

        // now let's temper the SAML assertion and try to validate it again.
View Full Code Here

TOP

Related Classes of org.picketlink.identity.federation.core.wstrust.wrappers.RequestSecurityTokenResponse

Copyright © 2018 www.massapicom. All rights reserved.
All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.