You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cxf.apache.org by co...@apache.org on 2018/07/18 16:02:12 UTC
[cxf] branch master updated (521c020 -> d5b88a7)
This is an automated email from the ASF dual-hosted git repository.
coheigea pushed a change to branch master
in repository https://gitbox.apache.org/repos/asf/cxf.git.
from 521c020 Adding parameterized OAuth 2.0 tests for the EhCache provider, where access tokens are in JWT format
new ed7b809 Simplifying the security parameterized tests
new d5b88a7 Parameterizing a few more OAuth tests
The 2 revisions listed above as "new" are entirely new to this
repository and will be described in separate emails. The revisions
listed as "add" were already present in the repository and have only
been added to this reference.
Summary of changes:
.../asymmetric_encr/AsymmetricEncryptionTest.java | 6 +-
.../systest/sts/basic_auth/JaxwsBasicAuthTest.java | 10 +-
.../cxf/systest/sts/batch/SAMLBatchUnitTest.java | 6 +-
.../BinarySecurityTokenTest.java | 10 +-
.../apache/cxf/systest/sts/claims/ClaimsTest.java | 18 +-
.../cxf/systest/sts/renew/SAMLRenewUnitTest.java | 6 +-
.../secure_conv/SecurityContextTokenUnitTest.java | 6 +-
.../apache/cxf/systest/sts/soap12/Soap12Test.java | 18 +-
.../sts_sender_vouches/STSSenderVouchesTest.java | 6 +-
.../sts/usernametoken/UsernameTokenTest.java | 10 +-
.../sts/asymmetric/AsymmetricBindingTest.java | 21 ++-
.../apache/cxf/systest/sts/bearer/BearerTest.java | 18 +-
.../sts/sendervouches/SenderVouchesTest.java | 10 +-
.../sts/symmetric/SymmetricBindingTest.java | 18 +-
.../cxf/systest/sts/template/TemplateTest.java | 6 +-
.../sts/transport/TransportBindingTest.java | 18 +-
.../sts/username_actas/UsernameActAsTest.java | 11 +-
.../UsernameOnBehalfOfTest.java | 10 +-
.../systest/sts/x509/X509SymmetricBindingTest.java | 18 +-
.../grants/AuthorizationGrantNegativeTest.java | 87 ++++++---
.../security/oauth2/grants/BookServerOAuth2.java | 3 -
.../grants/BookServerOAuth2GrantsNegative.java | 2 -
...java => BookServerOAuth2GrantsNegativeJWT.java} | 6 +-
.../grants/BookServerOAuth2Introspection.java | 2 -
....java => BookServerOAuth2IntrospectionJWT.java} | 6 +-
.../grants/BookServerOAuth2JWT.java} | 13 +-
.../oauth2/grants/IntrospectionServiceTest.java | 51 ++++-
.../security/oauth2/grants/JAXRSOAuth2Test.java | 110 +++++++----
.../security/oauth2/tls/OAuthDataProviderImpl.java | 8 +-
.../systest/jaxrs/security/oidc/OIDCFlowTest.java | 150 ++++++++++++---
.../jaxrs/security/oidc/OIDCNegativeServer.java | 2 -
.../OIDCNegativeServerJWT.java} | 8 +-
.../jaxrs/security/oidc/OIDCNegativeTest.java | 56 ++++--
.../systest/jaxrs/security/oidc/OIDCServer.java | 2 -
.../OIDCServerJWT.java} | 8 +-
.../jaxrs/security/oidc/UserInfoServer.java | 2 -
.../UserInfoServerJWT.java} | 8 +-
.../systest/jaxrs/security/oidc/UserInfoTest.java | 47 ++++-
...rver-jwt.xml => grants-negative-server-jwt.xml} | 6 +-
...ion-server.xml => introspection-server-jwt.xml} | 17 +-
.../oauth2/grants/{server.xml => server-jwt.xml} | 30 ++-
...ive-server.xml => oidc-negative-server-jwt.xml} | 11 +-
.../oidc-server.xml => oidc-server-jwt.xml} | 9 +-
...userinfo-server.xml => userinfo-server-jwt.xml} | 13 +-
.../systest/wssec/examples/saml/SamlTokenTest.java | 10 +-
.../examples/secconv/SecureConversationTest.java | 10 +-
.../wssec/examples/ut/UsernameTokenTest.java | 10 +-
.../systest/wssec/examples/x509/X509TokenTest.java | 10 +-
.../systest/ws/action/SignatureWhitespaceTest.java | 6 +-
.../systest/ws/bindings/BindingPropertiesTest.java | 10 +-
.../apache/cxf/systest/ws/cache/CachingTest.java | 6 +-
.../CryptoCoverageCheckerTest.java | 10 +-
.../org/apache/cxf/systest/ws/gcm/GCMTest.java | 10 +-
.../cxf/systest/ws/https/HttpsTokenTest.java | 10 +-
.../org/apache/cxf/systest/ws/parts/PartsTest.java | 10 +-
.../systest/ws/policy/PolicyAlternativeTest.java | 7 +-
.../apache/cxf/systest/ws/saml/SamlTokenTest.java | 10 +-
.../ws/saml/subjectconf/SamlSubjectConfTest.java | 6 +-
.../systest/ws/security/WSSecurityClientTest.java | 6 +-
.../apache/cxf/systest/ws/swa/SWAPolicyTest.java | 10 +-
.../ws/tokens/EndorsingSupportingTokenTest.java | 6 +-
.../cxf/systest/ws/tokens/SupportingTokenTest.java | 10 +-
.../cxf/systest/ws/ut/UsernameTokenPolicyTest.java | 10 +-
.../cxf/systest/ws/ut/UsernameTokenTest.java | 10 +-
.../org/apache/cxf/systest/ws/wssc/WSSCTest.java | 208 ++++++++++-----------
.../apache/cxf/systest/ws/wssc/WSSCUnitTest.java | 6 +-
.../cxf/systest/ws/wssec10/WSSecurity10Test.java | 38 ++--
.../cxf/systest/ws/wssec11/WSSecurity111Test.java | 90 ++++-----
.../cxf/systest/ws/wssec11/WSSecurity112Test.java | 62 +++---
.../apache/cxf/systest/ws/x509/X509TokenTest.java | 10 +-
.../org/apache/cxf/systest/ws/xkms/XKMSTest.java | 10 +-
71 files changed, 890 insertions(+), 594 deletions(-)
copy systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/grants/{BookServerOAuth2Grants.java => BookServerOAuth2GrantsNegativeJWT.java} (86%)
copy systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/grants/{BookServerOAuth2Grants.java => BookServerOAuth2IntrospectionJWT.java} (86%)
copy systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/{saml/BookServerSaml.java => oauth2/grants/BookServerOAuth2JWT.java} (80%)
copy systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/{oauth2/grants/BookServerOAuth2Grants.java => oidc/OIDCNegativeServerJWT.java} (84%)
copy systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/{oauth2/grants/BookServerOAuth2Grants.java => oidc/OIDCServerJWT.java} (84%)
copy systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/{oauth2/grants/BookServerOAuth2Grants.java => oidc/UserInfoServerJWT.java} (84%)
copy systests/rs-security/src/test/resources/org/apache/cxf/systest/jaxrs/security/oauth2/grants/{grants-server-jwt.xml => grants-negative-server-jwt.xml} (98%)
copy systests/rs-security/src/test/resources/org/apache/cxf/systest/jaxrs/security/oauth2/grants/{introspection-server.xml => introspection-server-jwt.xml} (88%)
copy systests/rs-security/src/test/resources/org/apache/cxf/systest/jaxrs/security/oauth2/grants/{server.xml => server-jwt.xml} (82%)
copy systests/rs-security/src/test/resources/org/apache/cxf/systest/jaxrs/security/oidc/{oidc-negative-server.xml => oidc-negative-server-jwt.xml} (97%)
copy systests/rs-security/src/test/resources/org/apache/cxf/systest/jaxrs/security/oidc/{filters/oidc-server.xml => oidc-server-jwt.xml} (94%)
copy systests/rs-security/src/test/resources/org/apache/cxf/systest/jaxrs/security/oidc/{userinfo-server.xml => userinfo-server-jwt.xml} (96%)
[cxf] 01/02: Simplifying the security parameterized tests
Posted by co...@apache.org.
This is an automated email from the ASF dual-hosted git repository.
coheigea pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/cxf.git
commit ed7b8097bd1f76814d9a0d6b26f7dbbb35c9512a
Author: Colm O hEigeartaigh <co...@apache.org>
AuthorDate: Wed Jul 18 14:53:02 2018 +0100
Simplifying the security parameterized tests
---
.../asymmetric_encr/AsymmetricEncryptionTest.java | 6 +-
.../systest/sts/basic_auth/JaxwsBasicAuthTest.java | 10 +-
.../cxf/systest/sts/batch/SAMLBatchUnitTest.java | 6 +-
.../BinarySecurityTokenTest.java | 10 +-
.../apache/cxf/systest/sts/claims/ClaimsTest.java | 18 +-
.../cxf/systest/sts/renew/SAMLRenewUnitTest.java | 6 +-
.../secure_conv/SecurityContextTokenUnitTest.java | 6 +-
.../apache/cxf/systest/sts/soap12/Soap12Test.java | 18 +-
.../sts_sender_vouches/STSSenderVouchesTest.java | 6 +-
.../sts/usernametoken/UsernameTokenTest.java | 10 +-
.../sts/asymmetric/AsymmetricBindingTest.java | 21 ++-
.../apache/cxf/systest/sts/bearer/BearerTest.java | 18 +-
.../sts/sendervouches/SenderVouchesTest.java | 10 +-
.../sts/symmetric/SymmetricBindingTest.java | 18 +-
.../cxf/systest/sts/template/TemplateTest.java | 6 +-
.../sts/transport/TransportBindingTest.java | 18 +-
.../sts/username_actas/UsernameActAsTest.java | 11 +-
.../UsernameOnBehalfOfTest.java | 10 +-
.../systest/sts/x509/X509SymmetricBindingTest.java | 18 +-
.../systest/wssec/examples/saml/SamlTokenTest.java | 10 +-
.../examples/secconv/SecureConversationTest.java | 10 +-
.../wssec/examples/ut/UsernameTokenTest.java | 10 +-
.../systest/wssec/examples/x509/X509TokenTest.java | 10 +-
.../systest/ws/action/SignatureWhitespaceTest.java | 6 +-
.../systest/ws/bindings/BindingPropertiesTest.java | 10 +-
.../apache/cxf/systest/ws/cache/CachingTest.java | 6 +-
.../CryptoCoverageCheckerTest.java | 10 +-
.../org/apache/cxf/systest/ws/gcm/GCMTest.java | 10 +-
.../cxf/systest/ws/https/HttpsTokenTest.java | 10 +-
.../org/apache/cxf/systest/ws/parts/PartsTest.java | 10 +-
.../systest/ws/policy/PolicyAlternativeTest.java | 7 +-
.../apache/cxf/systest/ws/saml/SamlTokenTest.java | 10 +-
.../ws/saml/subjectconf/SamlSubjectConfTest.java | 6 +-
.../systest/ws/security/WSSecurityClientTest.java | 6 +-
.../apache/cxf/systest/ws/swa/SWAPolicyTest.java | 10 +-
.../ws/tokens/EndorsingSupportingTokenTest.java | 6 +-
.../cxf/systest/ws/tokens/SupportingTokenTest.java | 10 +-
.../cxf/systest/ws/ut/UsernameTokenPolicyTest.java | 10 +-
.../cxf/systest/ws/ut/UsernameTokenTest.java | 10 +-
.../org/apache/cxf/systest/ws/wssc/WSSCTest.java | 208 ++++++++++-----------
.../apache/cxf/systest/ws/wssc/WSSCUnitTest.java | 6 +-
.../cxf/systest/ws/wssec10/WSSecurity10Test.java | 38 ++--
.../cxf/systest/ws/wssec11/WSSecurity111Test.java | 90 ++++-----
.../cxf/systest/ws/wssec11/WSSecurity112Test.java | 62 +++---
.../apache/cxf/systest/ws/x509/X509TokenTest.java | 10 +-
.../org/apache/cxf/systest/ws/xkms/XKMSTest.java | 10 +-
46 files changed, 413 insertions(+), 414 deletions(-)
diff --git a/services/sts/systests/advanced/src/test/java/org/apache/cxf/systest/sts/asymmetric_encr/AsymmetricEncryptionTest.java b/services/sts/systests/advanced/src/test/java/org/apache/cxf/systest/sts/asymmetric_encr/AsymmetricEncryptionTest.java
index 57c9d9e..14a6519 100644
--- a/services/sts/systests/advanced/src/test/java/org/apache/cxf/systest/sts/asymmetric_encr/AsymmetricEncryptionTest.java
+++ b/services/sts/systests/advanced/src/test/java/org/apache/cxf/systest/sts/asymmetric_encr/AsymmetricEncryptionTest.java
@@ -73,10 +73,10 @@ public class AsymmetricEncryptionTest extends AbstractBusClientServerTestBase {
}
@Parameters(name = "{0}")
- public static Collection<TestParam[]> data() {
+ public static Collection<TestParam> data() {
- return Arrays.asList(new TestParam[][] {{new TestParam("", false, STSPORT)},
- {new TestParam("", false, STAX_STSPORT)},
+ return Arrays.asList(new TestParam[] {new TestParam("", false, STSPORT),
+ new TestParam("", false, STAX_STSPORT),
});
}
diff --git a/services/sts/systests/advanced/src/test/java/org/apache/cxf/systest/sts/basic_auth/JaxwsBasicAuthTest.java b/services/sts/systests/advanced/src/test/java/org/apache/cxf/systest/sts/basic_auth/JaxwsBasicAuthTest.java
index 4e8d642..96810ce 100644
--- a/services/sts/systests/advanced/src/test/java/org/apache/cxf/systest/sts/basic_auth/JaxwsBasicAuthTest.java
+++ b/services/sts/systests/advanced/src/test/java/org/apache/cxf/systest/sts/basic_auth/JaxwsBasicAuthTest.java
@@ -91,12 +91,12 @@ public class JaxwsBasicAuthTest extends AbstractBusClientServerTestBase {
}
@Parameters(name = "{0}")
- public static Collection<TestParam[]> data() {
+ public static Collection<TestParam> data() {
- return Arrays.asList(new TestParam[][] {{new TestParam(PORT, false, "")},
- {new TestParam(PORT, true, "")},
- {new TestParam(STAX_PORT, false, "")},
- {new TestParam(STAX_PORT, true, "")},
+ return Arrays.asList(new TestParam[] {new TestParam(PORT, false, ""),
+ new TestParam(PORT, true, ""),
+ new TestParam(STAX_PORT, false, ""),
+ new TestParam(STAX_PORT, true, ""),
});
}
diff --git a/services/sts/systests/advanced/src/test/java/org/apache/cxf/systest/sts/batch/SAMLBatchUnitTest.java b/services/sts/systests/advanced/src/test/java/org/apache/cxf/systest/sts/batch/SAMLBatchUnitTest.java
index f6d9852..d8cc294 100644
--- a/services/sts/systests/advanced/src/test/java/org/apache/cxf/systest/sts/batch/SAMLBatchUnitTest.java
+++ b/services/sts/systests/advanced/src/test/java/org/apache/cxf/systest/sts/batch/SAMLBatchUnitTest.java
@@ -75,10 +75,10 @@ public class SAMLBatchUnitTest extends AbstractBusClientServerTestBase {
}
@Parameters(name = "{0}")
- public static Collection<TestParam[]> data() {
+ public static Collection<TestParam> data() {
- return Arrays.asList(new TestParam[][] {{new TestParam("", false, STSPORT)},
- {new TestParam("", false, STAX_STSPORT)},
+ return Arrays.asList(new TestParam[] {new TestParam("", false, STSPORT),
+ new TestParam("", false, STAX_STSPORT),
});
}
diff --git a/services/sts/systests/advanced/src/test/java/org/apache/cxf/systest/sts/binarysecuritytoken/BinarySecurityTokenTest.java b/services/sts/systests/advanced/src/test/java/org/apache/cxf/systest/sts/binarysecuritytoken/BinarySecurityTokenTest.java
index 14fa6ea..0057b14 100644
--- a/services/sts/systests/advanced/src/test/java/org/apache/cxf/systest/sts/binarysecuritytoken/BinarySecurityTokenTest.java
+++ b/services/sts/systests/advanced/src/test/java/org/apache/cxf/systest/sts/binarysecuritytoken/BinarySecurityTokenTest.java
@@ -91,12 +91,12 @@ public class BinarySecurityTokenTest extends AbstractBusClientServerTestBase {
}
@Parameters(name = "{0}")
- public static Collection<TestParam[]> data() {
+ public static Collection<TestParam> data() {
- return Arrays.asList(new TestParam[][] {{new TestParam(PORT, false, "")},
- {new TestParam(PORT, true, "")},
- {new TestParam(STAX_PORT, false, "")},
- {new TestParam(STAX_PORT, true, "")},
+ return Arrays.asList(new TestParam[] {new TestParam(PORT, false, ""),
+ new TestParam(PORT, true, ""),
+ new TestParam(STAX_PORT, false, ""),
+ new TestParam(STAX_PORT, true, ""),
});
}
diff --git a/services/sts/systests/advanced/src/test/java/org/apache/cxf/systest/sts/claims/ClaimsTest.java b/services/sts/systests/advanced/src/test/java/org/apache/cxf/systest/sts/claims/ClaimsTest.java
index 3f3c2d4..a7d3291 100644
--- a/services/sts/systests/advanced/src/test/java/org/apache/cxf/systest/sts/claims/ClaimsTest.java
+++ b/services/sts/systests/advanced/src/test/java/org/apache/cxf/systest/sts/claims/ClaimsTest.java
@@ -94,17 +94,17 @@ public class ClaimsTest extends AbstractBusClientServerTestBase {
}
@Parameters(name = "{0}")
- public static Collection<TestParam[]> data() {
+ public static Collection<TestParam> data() {
- return Arrays.asList(new TestParam[][] {{new TestParam(PORT, false, STSPORT)},
- {new TestParam(PORT, true, STSPORT)},
- {new TestParam(STAX_PORT, false, STSPORT)},
- {new TestParam(STAX_PORT, true, STSPORT)},
+ return Arrays.asList(new TestParam[] {new TestParam(PORT, false, STSPORT),
+ new TestParam(PORT, true, STSPORT),
+ new TestParam(STAX_PORT, false, STSPORT),
+ new TestParam(STAX_PORT, true, STSPORT),
- {new TestParam(PORT, false, STAX_STSPORT)},
- {new TestParam(PORT, true, STAX_STSPORT)},
- {new TestParam(STAX_PORT, false, STAX_STSPORT)},
- {new TestParam(STAX_PORT, true, STAX_STSPORT)},
+ new TestParam(PORT, false, STAX_STSPORT),
+ new TestParam(PORT, true, STAX_STSPORT),
+ new TestParam(STAX_PORT, false, STAX_STSPORT),
+ new TestParam(STAX_PORT, true, STAX_STSPORT),
});
}
diff --git a/services/sts/systests/advanced/src/test/java/org/apache/cxf/systest/sts/renew/SAMLRenewUnitTest.java b/services/sts/systests/advanced/src/test/java/org/apache/cxf/systest/sts/renew/SAMLRenewUnitTest.java
index 91c6f69..1ac3b62 100644
--- a/services/sts/systests/advanced/src/test/java/org/apache/cxf/systest/sts/renew/SAMLRenewUnitTest.java
+++ b/services/sts/systests/advanced/src/test/java/org/apache/cxf/systest/sts/renew/SAMLRenewUnitTest.java
@@ -72,10 +72,10 @@ public class SAMLRenewUnitTest extends AbstractBusClientServerTestBase {
}
@Parameters(name = "{0}")
- public static Collection<TestParam[]> data() {
+ public static Collection<TestParam> data() {
- return Arrays.asList(new TestParam[][] {{new TestParam("", false, STSPORT)},
- {new TestParam("", false, STAX_STSPORT)},
+ return Arrays.asList(new TestParam[] {new TestParam("", false, STSPORT),
+ new TestParam("", false, STAX_STSPORT),
});
}
diff --git a/services/sts/systests/advanced/src/test/java/org/apache/cxf/systest/sts/secure_conv/SecurityContextTokenUnitTest.java b/services/sts/systests/advanced/src/test/java/org/apache/cxf/systest/sts/secure_conv/SecurityContextTokenUnitTest.java
index 3b3d91e..fe414de 100644
--- a/services/sts/systests/advanced/src/test/java/org/apache/cxf/systest/sts/secure_conv/SecurityContextTokenUnitTest.java
+++ b/services/sts/systests/advanced/src/test/java/org/apache/cxf/systest/sts/secure_conv/SecurityContextTokenUnitTest.java
@@ -70,10 +70,10 @@ public class SecurityContextTokenUnitTest extends AbstractBusClientServerTestBas
}
@Parameters(name = "{0}")
- public static Collection<TestParam[]> data() {
+ public static Collection<TestParam> data() {
- return Arrays.asList(new TestParam[][] {{new TestParam("", false, STSPORT)},
- {new TestParam("", true, STAX_STSPORT)},
+ return Arrays.asList(new TestParam[] {new TestParam("", false, STSPORT),
+ new TestParam("", false, STAX_STSPORT),
});
}
diff --git a/services/sts/systests/advanced/src/test/java/org/apache/cxf/systest/sts/soap12/Soap12Test.java b/services/sts/systests/advanced/src/test/java/org/apache/cxf/systest/sts/soap12/Soap12Test.java
index 78518a9..31a829a 100644
--- a/services/sts/systests/advanced/src/test/java/org/apache/cxf/systest/sts/soap12/Soap12Test.java
+++ b/services/sts/systests/advanced/src/test/java/org/apache/cxf/systest/sts/soap12/Soap12Test.java
@@ -107,17 +107,17 @@ public class Soap12Test extends AbstractBusClientServerTestBase {
}
@Parameters(name = "{0}")
- public static Collection<TestParam[]> data() {
+ public static Collection<TestParam> data() {
- return Arrays.asList(new TestParam[][] {{new TestParam(PORT, false, STSPORT)},
- {new TestParam(PORT, true, STSPORT)},
- {new TestParam(STAX_PORT, false, STSPORT)},
- {new TestParam(STAX_PORT, true, STSPORT)},
+ return Arrays.asList(new TestParam[] {new TestParam(PORT, false, STSPORT),
+ new TestParam(PORT, true, STSPORT),
+ new TestParam(STAX_PORT, false, STSPORT),
+ new TestParam(STAX_PORT, true, STSPORT),
- {new TestParam(PORT, false, STAX_STSPORT)},
- {new TestParam(PORT, true, STAX_STSPORT)},
- {new TestParam(STAX_PORT, false, STAX_STSPORT)},
- {new TestParam(STAX_PORT, true, STAX_STSPORT)},
+ new TestParam(PORT, false, STAX_STSPORT),
+ new TestParam(PORT, true, STAX_STSPORT),
+ new TestParam(STAX_PORT, false, STAX_STSPORT),
+ new TestParam(STAX_PORT, true, STAX_STSPORT),
});
}
diff --git a/services/sts/systests/advanced/src/test/java/org/apache/cxf/systest/sts/sts_sender_vouches/STSSenderVouchesTest.java b/services/sts/systests/advanced/src/test/java/org/apache/cxf/systest/sts/sts_sender_vouches/STSSenderVouchesTest.java
index bdf6103..e8dcdc5 100644
--- a/services/sts/systests/advanced/src/test/java/org/apache/cxf/systest/sts/sts_sender_vouches/STSSenderVouchesTest.java
+++ b/services/sts/systests/advanced/src/test/java/org/apache/cxf/systest/sts/sts_sender_vouches/STSSenderVouchesTest.java
@@ -82,10 +82,10 @@ public class STSSenderVouchesTest extends AbstractBusClientServerTestBase {
}
@Parameters(name = "{0}")
- public static Collection<TestParam[]> data() {
+ public static Collection<TestParam> data() {
- return Arrays.asList(new TestParam[][] {{new TestParam(PORT, false, STSPORT)},
- {new TestParam(PORT, false, STAX_STSPORT)},
+ return Arrays.asList(new TestParam[] {new TestParam(PORT, false, STSPORT),
+ new TestParam(PORT, false, STAX_STSPORT),
});
}
diff --git a/services/sts/systests/advanced/src/test/java/org/apache/cxf/systest/sts/usernametoken/UsernameTokenTest.java b/services/sts/systests/advanced/src/test/java/org/apache/cxf/systest/sts/usernametoken/UsernameTokenTest.java
index d701cbe..4fff99f 100644
--- a/services/sts/systests/advanced/src/test/java/org/apache/cxf/systest/sts/usernametoken/UsernameTokenTest.java
+++ b/services/sts/systests/advanced/src/test/java/org/apache/cxf/systest/sts/usernametoken/UsernameTokenTest.java
@@ -93,12 +93,12 @@ public class UsernameTokenTest extends AbstractBusClientServerTestBase {
}
@Parameters(name = "{0}")
- public static Collection<TestParam[]> data() {
+ public static Collection<TestParam> data() {
- return Arrays.asList(new TestParam[][] {{new TestParam(PORT, false, "")},
- {new TestParam(PORT, true, "")},
- {new TestParam(STAX_PORT, false, "")},
- {new TestParam(STAX_PORT, true, "")},
+ return Arrays.asList(new TestParam[] {new TestParam(PORT, false, ""),
+ new TestParam(PORT, true, ""),
+ new TestParam(STAX_PORT, false, ""),
+ new TestParam(STAX_PORT, true, ""),
});
}
diff --git a/services/sts/systests/basic/src/test/java/org/apache/cxf/systest/sts/asymmetric/AsymmetricBindingTest.java b/services/sts/systests/basic/src/test/java/org/apache/cxf/systest/sts/asymmetric/AsymmetricBindingTest.java
index ab7c5b9..0f2f293 100644
--- a/services/sts/systests/basic/src/test/java/org/apache/cxf/systest/sts/asymmetric/AsymmetricBindingTest.java
+++ b/services/sts/systests/basic/src/test/java/org/apache/cxf/systest/sts/asymmetric/AsymmetricBindingTest.java
@@ -104,16 +104,17 @@ public class AsymmetricBindingTest extends AbstractBusClientServerTestBase {
}
@Parameters(name = "{0}")
- public static Collection<TestParam[]> data() {
-
- return Arrays.asList(new TestParam[][] {{new TestParam(PORT, false, STSPORT2)},
- {new TestParam(PORT, true, STSPORT2)},
- {new TestParam(STAX_PORT, false, STSPORT2)},
- {new TestParam(STAX_PORT, true, STSPORT2)},
- {new TestParam(PORT, false, STAX_STSPORT2)},
- {new TestParam(PORT, true, STAX_STSPORT2)},
- {new TestParam(STAX_PORT, false, STAX_STSPORT2)},
- {new TestParam(STAX_PORT, true, STAX_STSPORT2)},
+ public static Collection<TestParam> data() {
+
+ return Arrays.asList(new TestParam[] {new TestParam(PORT, false, STSPORT2),
+ new TestParam(PORT, true, STSPORT2),
+ new TestParam(STAX_PORT, false, STSPORT2),
+ new TestParam(STAX_PORT, true, STSPORT2),
+
+ new TestParam(PORT, false, STAX_STSPORT2),
+ new TestParam(PORT, true, STAX_STSPORT2),
+ new TestParam(STAX_PORT, false, STAX_STSPORT2),
+ new TestParam(STAX_PORT, true, STAX_STSPORT2),
});
}
diff --git a/services/sts/systests/basic/src/test/java/org/apache/cxf/systest/sts/bearer/BearerTest.java b/services/sts/systests/basic/src/test/java/org/apache/cxf/systest/sts/bearer/BearerTest.java
index 6782cb3..00bb52e 100644
--- a/services/sts/systests/basic/src/test/java/org/apache/cxf/systest/sts/bearer/BearerTest.java
+++ b/services/sts/systests/basic/src/test/java/org/apache/cxf/systest/sts/bearer/BearerTest.java
@@ -88,17 +88,17 @@ public class BearerTest extends AbstractBusClientServerTestBase {
}
@Parameters(name = "{0}")
- public static Collection<TestParam[]> data() {
+ public static Collection<TestParam> data() {
- return Arrays.asList(new TestParam[][] {{new TestParam(PORT, false, STSPORT)},
- {new TestParam(PORT, true, STSPORT)},
- {new TestParam(STAX_PORT, false, STSPORT)},
- {new TestParam(STAX_PORT, true, STSPORT)},
+ return Arrays.asList(new TestParam[] {new TestParam(PORT, false, STSPORT),
+ new TestParam(PORT, true, STSPORT),
+ new TestParam(STAX_PORT, false, STSPORT),
+ new TestParam(STAX_PORT, true, STSPORT),
- {new TestParam(PORT, false, STAX_STSPORT)},
- {new TestParam(PORT, true, STAX_STSPORT)},
- {new TestParam(STAX_PORT, false, STAX_STSPORT)},
- {new TestParam(STAX_PORT, true, STAX_STSPORT)},
+ new TestParam(PORT, false, STAX_STSPORT),
+ new TestParam(PORT, true, STAX_STSPORT),
+ new TestParam(STAX_PORT, false, STAX_STSPORT),
+ new TestParam(STAX_PORT, true, STAX_STSPORT),
});
}
diff --git a/services/sts/systests/basic/src/test/java/org/apache/cxf/systest/sts/sendervouches/SenderVouchesTest.java b/services/sts/systests/basic/src/test/java/org/apache/cxf/systest/sts/sendervouches/SenderVouchesTest.java
index ccc3857..c60d1aa 100644
--- a/services/sts/systests/basic/src/test/java/org/apache/cxf/systest/sts/sendervouches/SenderVouchesTest.java
+++ b/services/sts/systests/basic/src/test/java/org/apache/cxf/systest/sts/sendervouches/SenderVouchesTest.java
@@ -89,12 +89,12 @@ public class SenderVouchesTest extends AbstractBusClientServerTestBase {
}
@Parameters(name = "{0}")
- public static Collection<TestParam[]> data() {
+ public static Collection<TestParam> data() {
- return Arrays.asList(new TestParam[][] {{new TestParam(PORT, false)},
- {new TestParam(PORT, true)},
- {new TestParam(STAX_PORT, false)},
- {new TestParam(STAX_PORT, true)},
+ return Arrays.asList(new TestParam[] {new TestParam(PORT, false),
+ new TestParam(PORT, true),
+ new TestParam(STAX_PORT, false),
+ new TestParam(STAX_PORT, true),
});
}
diff --git a/services/sts/systests/basic/src/test/java/org/apache/cxf/systest/sts/symmetric/SymmetricBindingTest.java b/services/sts/systests/basic/src/test/java/org/apache/cxf/systest/sts/symmetric/SymmetricBindingTest.java
index 4b6af41..04437a9 100644
--- a/services/sts/systests/basic/src/test/java/org/apache/cxf/systest/sts/symmetric/SymmetricBindingTest.java
+++ b/services/sts/systests/basic/src/test/java/org/apache/cxf/systest/sts/symmetric/SymmetricBindingTest.java
@@ -114,17 +114,17 @@ public class SymmetricBindingTest extends AbstractBusClientServerTestBase {
}
@Parameters(name = "{0}")
- public static Collection<TestParam[]> data() {
+ public static Collection<TestParam> data() {
- return Arrays.asList(new TestParam[][] {{new TestParam(PORT, false, STSPORT2)},
- {new TestParam(PORT, true, STSPORT2)},
- {new TestParam(STAX_PORT, false, STSPORT2)},
- {new TestParam(STAX_PORT, true, STSPORT2)},
+ return Arrays.asList(new TestParam[] {new TestParam(PORT, false, STSPORT2),
+ new TestParam(PORT, true, STSPORT2),
+ new TestParam(STAX_PORT, false, STSPORT2),
+ new TestParam(STAX_PORT, true, STSPORT2),
- {new TestParam(PORT, false, STAX_STSPORT2)},
- {new TestParam(PORT, true, STAX_STSPORT2)},
- {new TestParam(STAX_PORT, false, STAX_STSPORT2)},
- {new TestParam(STAX_PORT, true, STAX_STSPORT2)},
+ new TestParam(PORT, false, STAX_STSPORT2),
+ new TestParam(PORT, true, STAX_STSPORT2),
+ new TestParam(STAX_PORT, false, STAX_STSPORT2),
+ new TestParam(STAX_PORT, true, STAX_STSPORT2),
});
}
diff --git a/services/sts/systests/basic/src/test/java/org/apache/cxf/systest/sts/template/TemplateTest.java b/services/sts/systests/basic/src/test/java/org/apache/cxf/systest/sts/template/TemplateTest.java
index 11ed484..027bcca 100644
--- a/services/sts/systests/basic/src/test/java/org/apache/cxf/systest/sts/template/TemplateTest.java
+++ b/services/sts/systests/basic/src/test/java/org/apache/cxf/systest/sts/template/TemplateTest.java
@@ -86,10 +86,10 @@ public class TemplateTest extends AbstractBusClientServerTestBase {
}
@Parameters(name = "{0}")
- public static Collection<TestParam[]> data() {
+ public static Collection<TestParam> data() {
- return Arrays.asList(new TestParam[][] {{new TestParam(PORT, false, STSPORT)},
- {new TestParam(STAX_PORT, false, STSPORT)},
+ return Arrays.asList(new TestParam[] {new TestParam(PORT, false, STSPORT),
+ new TestParam(STAX_PORT, false, STSPORT),
});
}
diff --git a/services/sts/systests/basic/src/test/java/org/apache/cxf/systest/sts/transport/TransportBindingTest.java b/services/sts/systests/basic/src/test/java/org/apache/cxf/systest/sts/transport/TransportBindingTest.java
index b8cac13..76bb7ac 100644
--- a/services/sts/systests/basic/src/test/java/org/apache/cxf/systest/sts/transport/TransportBindingTest.java
+++ b/services/sts/systests/basic/src/test/java/org/apache/cxf/systest/sts/transport/TransportBindingTest.java
@@ -112,17 +112,17 @@ public class TransportBindingTest extends AbstractBusClientServerTestBase {
}
@Parameters(name = "{0}")
- public static Collection<TestParam[]> data() {
+ public static Collection<TestParam> data() {
- return Arrays.asList(new TestParam[][] {{new TestParam(PORT, false, STSPORT)},
- {new TestParam(PORT, true, STSPORT)},
- {new TestParam(STAX_PORT, false, STSPORT)},
- {new TestParam(STAX_PORT, true, STSPORT)},
+ return Arrays.asList(new TestParam[] {new TestParam(PORT, false, STSPORT),
+ new TestParam(PORT, true, STSPORT),
+ new TestParam(STAX_PORT, false, STSPORT),
+ new TestParam(STAX_PORT, true, STSPORT),
- {new TestParam(PORT, false, STAX_STSPORT)},
- {new TestParam(PORT, true, STAX_STSPORT)},
- {new TestParam(STAX_PORT, false, STAX_STSPORT)},
- {new TestParam(STAX_PORT, true, STAX_STSPORT)},
+ new TestParam(PORT, false, STAX_STSPORT),
+ new TestParam(PORT, true, STAX_STSPORT),
+ new TestParam(STAX_PORT, false, STAX_STSPORT),
+ new TestParam(STAX_PORT, true, STAX_STSPORT),
});
}
diff --git a/services/sts/systests/basic/src/test/java/org/apache/cxf/systest/sts/username_actas/UsernameActAsTest.java b/services/sts/systests/basic/src/test/java/org/apache/cxf/systest/sts/username_actas/UsernameActAsTest.java
index 6fc923c..b4aa6c3 100644
--- a/services/sts/systests/basic/src/test/java/org/apache/cxf/systest/sts/username_actas/UsernameActAsTest.java
+++ b/services/sts/systests/basic/src/test/java/org/apache/cxf/systest/sts/username_actas/UsernameActAsTest.java
@@ -86,13 +86,12 @@ public class UsernameActAsTest extends AbstractBusClientServerTestBase {
}
@Parameters(name = "{0}")
- public static Collection<TestParam[]> data() {
+ public static Collection<TestParam> data() {
- return Arrays.asList(new TestParam[][] {{new TestParam(PORT, false, STSPORT2)},
- {new TestParam(PORT, true, STSPORT2)},
-
- {new TestParam(PORT, false, STAX_STSPORT2)},
- {new TestParam(PORT, true, STAX_STSPORT2)},
+ return Arrays.asList(new TestParam[] {new TestParam(PORT, false, STSPORT2),
+ new TestParam(PORT, true, STSPORT2),
+ new TestParam(PORT, false, STAX_STSPORT2),
+ new TestParam(PORT, true, STAX_STSPORT2),
});
}
diff --git a/services/sts/systests/basic/src/test/java/org/apache/cxf/systest/sts/username_onbehalfof/UsernameOnBehalfOfTest.java b/services/sts/systests/basic/src/test/java/org/apache/cxf/systest/sts/username_onbehalfof/UsernameOnBehalfOfTest.java
index 5c0fe61..a5d651b 100644
--- a/services/sts/systests/basic/src/test/java/org/apache/cxf/systest/sts/username_onbehalfof/UsernameOnBehalfOfTest.java
+++ b/services/sts/systests/basic/src/test/java/org/apache/cxf/systest/sts/username_onbehalfof/UsernameOnBehalfOfTest.java
@@ -85,13 +85,13 @@ public class UsernameOnBehalfOfTest extends AbstractBusClientServerTestBase {
}
@Parameters(name = "{0}")
- public static Collection<TestParam[]> data() {
+ public static Collection<TestParam> data() {
- return Arrays.asList(new TestParam[][] {{new TestParam(PORT, false, STSPORT2)},
- {new TestParam(PORT, true, STSPORT2)},
+ return Arrays.asList(new TestParam[] {new TestParam(PORT, false, STSPORT2),
+ new TestParam(PORT, true, STSPORT2),
- {new TestParam(PORT, false, STAX_STSPORT2)},
- {new TestParam(PORT, true, STAX_STSPORT2)},
+ new TestParam(PORT, false, STAX_STSPORT2),
+ new TestParam(PORT, true, STAX_STSPORT2),
});
}
diff --git a/services/sts/systests/basic/src/test/java/org/apache/cxf/systest/sts/x509/X509SymmetricBindingTest.java b/services/sts/systests/basic/src/test/java/org/apache/cxf/systest/sts/x509/X509SymmetricBindingTest.java
index aded347..e90539f 100644
--- a/services/sts/systests/basic/src/test/java/org/apache/cxf/systest/sts/x509/X509SymmetricBindingTest.java
+++ b/services/sts/systests/basic/src/test/java/org/apache/cxf/systest/sts/x509/X509SymmetricBindingTest.java
@@ -90,17 +90,17 @@ public class X509SymmetricBindingTest extends AbstractBusClientServerTestBase {
}
@Parameters(name = "{0}")
- public static Collection<TestParam[]> data() {
+ public static Collection<TestParam> data() {
- return Arrays.asList(new TestParam[][] {{new TestParam(PORT, false, STSPORT2)},
- {new TestParam(PORT, true, STSPORT2)},
- {new TestParam(STAX_PORT, false, STSPORT2)},
- {new TestParam(STAX_PORT, true, STSPORT2)},
+ return Arrays.asList(new TestParam[] {new TestParam(PORT, false, STSPORT2),
+ new TestParam(PORT, true, STSPORT2),
+ new TestParam(STAX_PORT, false, STSPORT2),
+ new TestParam(STAX_PORT, true, STSPORT2),
- {new TestParam(PORT, false, STAX_STSPORT2)},
- {new TestParam(PORT, true, STAX_STSPORT2)},
- {new TestParam(STAX_PORT, false, STAX_STSPORT2)},
- {new TestParam(STAX_PORT, true, STAX_STSPORT2)},
+ new TestParam(PORT, false, STAX_STSPORT2),
+ new TestParam(PORT, true, STAX_STSPORT2),
+ new TestParam(STAX_PORT, false, STAX_STSPORT2),
+ new TestParam(STAX_PORT, true, STAX_STSPORT2),
});
}
diff --git a/systests/ws-security-examples/src/test/java/org/apache/cxf/systest/wssec/examples/saml/SamlTokenTest.java b/systests/ws-security-examples/src/test/java/org/apache/cxf/systest/wssec/examples/saml/SamlTokenTest.java
index d277480..66da409 100644
--- a/systests/ws-security-examples/src/test/java/org/apache/cxf/systest/wssec/examples/saml/SamlTokenTest.java
+++ b/systests/ws-security-examples/src/test/java/org/apache/cxf/systest/wssec/examples/saml/SamlTokenTest.java
@@ -85,12 +85,12 @@ public class SamlTokenTest extends AbstractBusClientServerTestBase {
}
@Parameters(name = "{0}")
- public static Collection<TestParam[]> data() {
+ public static Collection<TestParam> data() {
- return Arrays.asList(new TestParam[][] {{new TestParam(PORT, false)},
- {new TestParam(PORT, true)},
- {new TestParam(STAX_PORT, false)},
- {new TestParam(STAX_PORT, true)},
+ return Arrays.asList(new TestParam[] {new TestParam(PORT, false),
+ new TestParam(PORT, true),
+ new TestParam(STAX_PORT, false),
+ new TestParam(STAX_PORT, true),
});
}
diff --git a/systests/ws-security-examples/src/test/java/org/apache/cxf/systest/wssec/examples/secconv/SecureConversationTest.java b/systests/ws-security-examples/src/test/java/org/apache/cxf/systest/wssec/examples/secconv/SecureConversationTest.java
index a7e91f0..177d3f5 100644
--- a/systests/ws-security-examples/src/test/java/org/apache/cxf/systest/wssec/examples/secconv/SecureConversationTest.java
+++ b/systests/ws-security-examples/src/test/java/org/apache/cxf/systest/wssec/examples/secconv/SecureConversationTest.java
@@ -73,12 +73,12 @@ public class SecureConversationTest extends AbstractBusClientServerTestBase {
}
@Parameters(name = "{0}")
- public static Collection<TestParam[]> data() {
+ public static Collection<TestParam> data() {
- return Arrays.asList(new TestParam[][] {{new TestParam(PORT, false)},
- {new TestParam(PORT, true)},
- {new TestParam(STAX_PORT, false)},
- {new TestParam(STAX_PORT, true)},
+ return Arrays.asList(new TestParam[] {new TestParam(PORT, false),
+ new TestParam(PORT, true),
+ new TestParam(STAX_PORT, false),
+ new TestParam(STAX_PORT, true),
});
}
diff --git a/systests/ws-security-examples/src/test/java/org/apache/cxf/systest/wssec/examples/ut/UsernameTokenTest.java b/systests/ws-security-examples/src/test/java/org/apache/cxf/systest/wssec/examples/ut/UsernameTokenTest.java
index 4a4f669..e8298ca 100644
--- a/systests/ws-security-examples/src/test/java/org/apache/cxf/systest/wssec/examples/ut/UsernameTokenTest.java
+++ b/systests/ws-security-examples/src/test/java/org/apache/cxf/systest/wssec/examples/ut/UsernameTokenTest.java
@@ -75,12 +75,12 @@ public class UsernameTokenTest extends AbstractBusClientServerTestBase {
}
@Parameters(name = "{0}")
- public static Collection<TestParam[]> data() {
+ public static Collection<TestParam> data() {
- return Arrays.asList(new TestParam[][] {{new TestParam(PORT, false)},
- {new TestParam(PORT, true)},
- {new TestParam(STAX_PORT, false)},
- {new TestParam(STAX_PORT, true)},
+ return Arrays.asList(new TestParam[] {new TestParam(PORT, false),
+ new TestParam(PORT, true),
+ new TestParam(STAX_PORT, false),
+ new TestParam(STAX_PORT, true),
});
}
diff --git a/systests/ws-security-examples/src/test/java/org/apache/cxf/systest/wssec/examples/x509/X509TokenTest.java b/systests/ws-security-examples/src/test/java/org/apache/cxf/systest/wssec/examples/x509/X509TokenTest.java
index 917b8d8..d3d7662 100644
--- a/systests/ws-security-examples/src/test/java/org/apache/cxf/systest/wssec/examples/x509/X509TokenTest.java
+++ b/systests/ws-security-examples/src/test/java/org/apache/cxf/systest/wssec/examples/x509/X509TokenTest.java
@@ -73,12 +73,12 @@ public class X509TokenTest extends AbstractBusClientServerTestBase {
}
@Parameters(name = "{0}")
- public static Collection<TestParam[]> data() {
+ public static Collection<TestParam> data() {
- return Arrays.asList(new TestParam[][] {{new TestParam(PORT, false)},
- {new TestParam(PORT, true)},
- {new TestParam(STAX_PORT, false)},
- {new TestParam(STAX_PORT, true)},
+ return Arrays.asList(new TestParam[] {new TestParam(PORT, false),
+ new TestParam(PORT, true),
+ new TestParam(STAX_PORT, false),
+ new TestParam(STAX_PORT, true),
});
}
diff --git a/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/action/SignatureWhitespaceTest.java b/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/action/SignatureWhitespaceTest.java
index 0bdd30f..370c5cb 100644
--- a/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/action/SignatureWhitespaceTest.java
+++ b/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/action/SignatureWhitespaceTest.java
@@ -88,10 +88,10 @@ public class SignatureWhitespaceTest extends AbstractBusClientServerTestBase {
}
@Parameters(name = "{0}")
- public static Collection<TestParam[]> data() {
+ public static Collection<TestParam> data() {
- return Arrays.asList(new TestParam[][] {{new TestParam(PORT, false)},
- {new TestParam(STAX_PORT, false)},
+ return Arrays.asList(new TestParam[] {new TestParam(PORT, false),
+ new TestParam(STAX_PORT, false),
});
}
diff --git a/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/bindings/BindingPropertiesTest.java b/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/bindings/BindingPropertiesTest.java
index 6ffd5c1..083a649 100644
--- a/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/bindings/BindingPropertiesTest.java
+++ b/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/bindings/BindingPropertiesTest.java
@@ -72,12 +72,12 @@ public class BindingPropertiesTest extends AbstractBusClientServerTestBase {
}
@Parameters(name = "{0}")
- public static Collection<TestParam[]> data() {
+ public static Collection<TestParam> data() {
- return Arrays.asList(new TestParam[][] {{new TestParam(PORT, false)},
- {new TestParam(PORT, true)},
- {new TestParam(STAX_PORT, false)},
- {new TestParam(STAX_PORT, true)},
+ return Arrays.asList(new TestParam[] {new TestParam(PORT, false),
+ new TestParam(PORT, true),
+ new TestParam(STAX_PORT, false),
+ new TestParam(STAX_PORT, true),
});
}
diff --git a/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/cache/CachingTest.java b/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/cache/CachingTest.java
index 1dd3554..efda80b 100644
--- a/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/cache/CachingTest.java
+++ b/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/cache/CachingTest.java
@@ -70,10 +70,10 @@ public class CachingTest extends AbstractBusClientServerTestBase {
}
@Parameters(name = "{0}")
- public static Collection<TestParam[]> data() {
+ public static Collection<TestParam> data() {
- return Arrays.asList(new TestParam[][] {{new TestParam(PORT, false)},
- {new TestParam(PORT, true)},
+ return Arrays.asList(new TestParam[] {new TestParam(PORT, false),
+ new TestParam(PORT, true),
});
}
diff --git a/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/coverage_checker/CryptoCoverageCheckerTest.java b/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/coverage_checker/CryptoCoverageCheckerTest.java
index fddb1ca..17d4908 100644
--- a/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/coverage_checker/CryptoCoverageCheckerTest.java
+++ b/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/coverage_checker/CryptoCoverageCheckerTest.java
@@ -83,12 +83,12 @@ public class CryptoCoverageCheckerTest extends AbstractBusClientServerTestBase {
}
@Parameters(name = "{0}")
- public static Collection<TestParam[]> data() {
+ public static Collection<TestParam> data() {
- return Arrays.asList(new TestParam[][] {{new TestParam(PORT, false)},
- {new TestParam(PORT, true)},
- {new TestParam(STAX_PORT, false)},
- {new TestParam(STAX_PORT, true)},
+ return Arrays.asList(new TestParam[] {new TestParam(PORT, false),
+ new TestParam(PORT, true),
+ new TestParam(STAX_PORT, false),
+ new TestParam(STAX_PORT, true),
});
}
diff --git a/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/gcm/GCMTest.java b/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/gcm/GCMTest.java
index 75a5e45..d7eaccd 100644
--- a/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/gcm/GCMTest.java
+++ b/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/gcm/GCMTest.java
@@ -89,12 +89,12 @@ public class GCMTest extends AbstractBusClientServerTestBase {
}
@Parameters(name = "{0}")
- public static Collection<TestParam[]> data() {
+ public static Collection<TestParam> data() {
- return Arrays.asList(new TestParam[][] {{new TestParam(PORT, false)},
- {new TestParam(PORT, true)},
- {new TestParam(STAX_PORT, false)},
- {new TestParam(STAX_PORT, true)},
+ return Arrays.asList(new TestParam[] {new TestParam(PORT, false),
+ new TestParam(PORT, true),
+ new TestParam(STAX_PORT, false),
+ new TestParam(STAX_PORT, true),
});
}
diff --git a/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/https/HttpsTokenTest.java b/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/https/HttpsTokenTest.java
index b8384e0..421823c 100644
--- a/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/https/HttpsTokenTest.java
+++ b/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/https/HttpsTokenTest.java
@@ -72,12 +72,12 @@ public class HttpsTokenTest extends AbstractBusClientServerTestBase {
}
@Parameters(name = "{0}")
- public static Collection<TestParam[]> data() {
+ public static Collection<TestParam> data() {
- return Arrays.asList(new TestParam[][] {{new TestParam(PORT, false)},
- {new TestParam(PORT, true)},
- {new TestParam(STAX_PORT, false)},
- {new TestParam(STAX_PORT, true)},
+ return Arrays.asList(new TestParam[] {new TestParam(PORT, false),
+ new TestParam(PORT, true),
+ new TestParam(STAX_PORT, false),
+ new TestParam(STAX_PORT, true),
});
}
diff --git a/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/parts/PartsTest.java b/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/parts/PartsTest.java
index c2eab58..baab7e6 100644
--- a/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/parts/PartsTest.java
+++ b/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/parts/PartsTest.java
@@ -76,12 +76,12 @@ public class PartsTest extends AbstractBusClientServerTestBase {
}
@Parameters(name = "{0}")
- public static Collection<TestParam[]> data() {
+ public static Collection<TestParam> data() {
- return Arrays.asList(new TestParam[][] {{new TestParam(PORT, false)},
- {new TestParam(PORT, true)},
- {new TestParam(STAX_PORT, false)},
- {new TestParam(STAX_PORT, true)},
+ return Arrays.asList(new TestParam[] {new TestParam(PORT, false),
+ new TestParam(PORT, true),
+ new TestParam(STAX_PORT, false),
+ new TestParam(STAX_PORT, true),
});
}
diff --git a/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/policy/PolicyAlternativeTest.java b/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/policy/PolicyAlternativeTest.java
index c2aae1a..6f869f3 100644
--- a/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/policy/PolicyAlternativeTest.java
+++ b/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/policy/PolicyAlternativeTest.java
@@ -67,14 +67,13 @@ public class PolicyAlternativeTest extends AbstractBusClientServerTestBase {
}
@Parameters(name = "{0}")
- public static Collection<TestParam[]> data() {
+ public static Collection<TestParam> data() {
- return Arrays.asList(new TestParam[][] {{new TestParam(PORT, false)},
- {new TestParam(PORT, true)},
+ return Arrays.asList(new TestParam[] {new TestParam(PORT, false),
+ new TestParam(PORT, true),
});
}
-
@org.junit.AfterClass
public static void cleanup() throws Exception {
SecurityTestUtil.cleanup();
diff --git a/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/saml/SamlTokenTest.java b/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/saml/SamlTokenTest.java
index bf26404..7ff4718 100644
--- a/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/saml/SamlTokenTest.java
+++ b/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/saml/SamlTokenTest.java
@@ -92,12 +92,12 @@ public class SamlTokenTest extends AbstractBusClientServerTestBase {
}
@Parameters(name = "{0}")
- public static Collection<TestParam[]> data() {
+ public static Collection<TestParam> data() {
- return Arrays.asList(new TestParam[][] {{new TestParam(PORT, false)},
- {new TestParam(PORT, true)},
- {new TestParam(STAX_PORT, false)},
- {new TestParam(STAX_PORT, true)},
+ return Arrays.asList(new TestParam[] {new TestParam(PORT, false),
+ new TestParam(PORT, true),
+ new TestParam(STAX_PORT, false),
+ new TestParam(STAX_PORT, true),
});
}
diff --git a/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/saml/subjectconf/SamlSubjectConfTest.java b/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/saml/subjectconf/SamlSubjectConfTest.java
index aef8a8f..c8596bc 100644
--- a/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/saml/subjectconf/SamlSubjectConfTest.java
+++ b/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/saml/subjectconf/SamlSubjectConfTest.java
@@ -77,10 +77,10 @@ public class SamlSubjectConfTest extends AbstractBusClientServerTestBase {
}
@Parameters(name = "{0}")
- public static Collection<TestParam[]> data() {
+ public static Collection<TestParam> data() {
- return Arrays.asList(new TestParam[][] {{new TestParam(PORT, false)},
- {new TestParam(STAX_PORT, false)},
+ return Arrays.asList(new TestParam[] {new TestParam(PORT, false),
+ new TestParam(STAX_PORT, false),
});
}
diff --git a/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/security/WSSecurityClientTest.java b/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/security/WSSecurityClientTest.java
index 2e93039..a8fc06b 100644
--- a/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/security/WSSecurityClientTest.java
+++ b/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/security/WSSecurityClientTest.java
@@ -128,10 +128,10 @@ public class WSSecurityClientTest extends AbstractBusClientServerTestBase {
}
@Parameters(name = "{0}")
- public static Collection<TestParam[]> data() {
+ public static Collection<TestParam> data() {
- return Arrays.asList(new TestParam[][] {{new TestParam(PORT, false)},
- {new TestParam(STAX_PORT, true)},
+ return Arrays.asList(new TestParam[] {new TestParam(PORT, false),
+ new TestParam(STAX_PORT, true),
});
}
diff --git a/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/swa/SWAPolicyTest.java b/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/swa/SWAPolicyTest.java
index 74143ab..a977387 100644
--- a/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/swa/SWAPolicyTest.java
+++ b/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/swa/SWAPolicyTest.java
@@ -75,12 +75,12 @@ public class SWAPolicyTest extends AbstractBusClientServerTestBase {
}
@Parameters(name = "{0}")
- public static Collection<TestParam[]> data() {
+ public static Collection<TestParam> data() {
- return Arrays.asList(new TestParam[][] {{new TestParam(PORT, false)},
- {new TestParam(PORT, true)},
- {new TestParam(STAX_PORT, false)},
- {new TestParam(STAX_PORT, true)},
+ return Arrays.asList(new TestParam[] {new TestParam(PORT, false),
+ new TestParam(PORT, true),
+ new TestParam(STAX_PORT, false),
+ new TestParam(STAX_PORT, true),
});
}
diff --git a/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/tokens/EndorsingSupportingTokenTest.java b/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/tokens/EndorsingSupportingTokenTest.java
index 18c9451..bcb48bc 100644
--- a/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/tokens/EndorsingSupportingTokenTest.java
+++ b/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/tokens/EndorsingSupportingTokenTest.java
@@ -73,10 +73,10 @@ public class EndorsingSupportingTokenTest extends AbstractBusClientServerTestBas
}
@Parameters(name = "{0}")
- public static Collection<TestParam[]> data() {
+ public static Collection<TestParam> data() {
- return Arrays.asList(new TestParam[][] {{new TestParam(PORT, false)},
- {new TestParam(STAX_PORT, false)},
+ return Arrays.asList(new TestParam[] {new TestParam(PORT, false),
+ new TestParam(STAX_PORT, false),
});
}
diff --git a/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/tokens/SupportingTokenTest.java b/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/tokens/SupportingTokenTest.java
index a5c3291..1da2a46 100644
--- a/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/tokens/SupportingTokenTest.java
+++ b/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/tokens/SupportingTokenTest.java
@@ -87,12 +87,12 @@ public class SupportingTokenTest extends AbstractBusClientServerTestBase {
}
@Parameters(name = "{0}")
- public static Collection<TestParam[]> data() {
+ public static Collection<TestParam> data() {
- return Arrays.asList(new TestParam[][] {{new TestParam(PORT, false)},
- {new TestParam(PORT, true)},
- {new TestParam(STAX_PORT, false)},
- {new TestParam(STAX_PORT, true)},
+ return Arrays.asList(new TestParam[] {new TestParam(PORT, false),
+ new TestParam(PORT, true),
+ new TestParam(STAX_PORT, false),
+ new TestParam(STAX_PORT, true),
});
}
diff --git a/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/ut/UsernameTokenPolicyTest.java b/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/ut/UsernameTokenPolicyTest.java
index 9564387..4107e71 100644
--- a/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/ut/UsernameTokenPolicyTest.java
+++ b/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/ut/UsernameTokenPolicyTest.java
@@ -72,12 +72,12 @@ public class UsernameTokenPolicyTest extends AbstractBusClientServerTestBase {
}
@Parameters(name = "{0}")
- public static Collection<TestParam[]> data() {
+ public static Collection<TestParam> data() {
- return Arrays.asList(new TestParam[][] {{new TestParam(PORT, false)},
- {new TestParam(PORT, true)},
- {new TestParam(STAX_PORT, false)},
- {new TestParam(STAX_PORT, true)},
+ return Arrays.asList(new TestParam[] {new TestParam(PORT, false),
+ new TestParam(PORT, true),
+ new TestParam(STAX_PORT, false),
+ new TestParam(STAX_PORT, true),
});
}
diff --git a/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/ut/UsernameTokenTest.java b/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/ut/UsernameTokenTest.java
index 6a99d39..62b0b12 100644
--- a/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/ut/UsernameTokenTest.java
+++ b/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/ut/UsernameTokenTest.java
@@ -89,12 +89,12 @@ public class UsernameTokenTest extends AbstractBusClientServerTestBase {
}
@Parameters(name = "{0}")
- public static Collection<TestParam[]> data() {
+ public static Collection<TestParam> data() {
- return Arrays.asList(new TestParam[][] {{new TestParam(PORT, false)},
- {new TestParam(PORT, true)},
- {new TestParam(STAX_PORT, false)},
- {new TestParam(STAX_PORT, true)},
+ return Arrays.asList(new TestParam[] {new TestParam(PORT, false),
+ new TestParam(PORT, true),
+ new TestParam(STAX_PORT, false),
+ new TestParam(STAX_PORT, true),
});
}
diff --git a/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/wssc/WSSCTest.java b/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/wssc/WSSCTest.java
index cf86db3..354c0ec 100644
--- a/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/wssc/WSSCTest.java
+++ b/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/wssc/WSSCTest.java
@@ -114,121 +114,121 @@ public class WSSCTest extends AbstractBusClientServerTestBase {
}
@Parameters(name = "{0}")
- public static Collection<TestParam[]> data() {
- return Arrays.asList(new TestParam[][] {
- {new TestParam("SecureConversation_UserNameOverTransport_IPingService", PORT2, false)},
- {new TestParam("SecureConversation_MutualCertificate10SignEncrypt_IPingService", PORT, false)},
- {new TestParam("AC_IPingService", PORT, false)},
- {new TestParam("ADC_IPingService", PORT, false)},
- {new TestParam("ADC-ES_IPingService", PORT, false)},
- {new TestParam("_A_IPingService", PORT, false)},
- {new TestParam("_AD_IPingService", PORT, false)},
- {new TestParam("_AD-ES_IPingService", PORT, false)},
- {new TestParam("UXC_IPingService", PORT, false)},
- {new TestParam("UXDC_IPingService", PORT, false)},
- {new TestParam("UXDC-SEES_IPingService", PORT, false)},
- {new TestParam("_UX_IPingService", PORT, false)},
- {new TestParam("_UXD_IPingService", PORT, false)},
- {new TestParam("_UXD-SEES_IPingService", PORT, false)},
- {new TestParam("XC_IPingService", PORT, false)},
- {new TestParam("XDC_IPingService", PORT, false)},
- {new TestParam("XDC_IPingService1", PORT, false)},
- {new TestParam("XDC-ES_IPingService", PORT, false)},
- {new TestParam("XDC-SEES_IPingService", PORT, false)},
- {new TestParam("_X_IPingService", PORT, false)},
- {new TestParam("_X10_IPingService", PORT, false)},
- {new TestParam("_XD_IPingService", PORT, false)},
- {new TestParam("_XD-SEES_IPingService", PORT, false)},
- {new TestParam("_XD-ES_IPingService", PORT, false)},
+ public static Collection<TestParam> data() {
+ return Arrays.asList(new TestParam[] {
+ new TestParam("SecureConversation_UserNameOverTransport_IPingService", PORT2, false),
+ new TestParam("SecureConversation_MutualCertificate10SignEncrypt_IPingService", PORT, false),
+ new TestParam("AC_IPingService", PORT, false),
+ new TestParam("ADC_IPingService", PORT, false),
+ new TestParam("ADC-ES_IPingService", PORT, false),
+ new TestParam("_A_IPingService", PORT, false),
+ new TestParam("_AD_IPingService", PORT, false),
+ new TestParam("_AD-ES_IPingService", PORT, false),
+ new TestParam("UXC_IPingService", PORT, false),
+ new TestParam("UXDC_IPingService", PORT, false),
+ new TestParam("UXDC-SEES_IPingService", PORT, false),
+ new TestParam("_UX_IPingService", PORT, false),
+ new TestParam("_UXD_IPingService", PORT, false),
+ new TestParam("_UXD-SEES_IPingService", PORT, false),
+ new TestParam("XC_IPingService", PORT, false),
+ new TestParam("XDC_IPingService", PORT, false),
+ new TestParam("XDC_IPingService1", PORT, false),
+ new TestParam("XDC-ES_IPingService", PORT, false),
+ new TestParam("XDC-SEES_IPingService", PORT, false),
+ new TestParam("_X_IPingService", PORT, false),
+ new TestParam("_X10_IPingService", PORT, false),
+ new TestParam("_XD_IPingService", PORT, false),
+ new TestParam("_XD-SEES_IPingService", PORT, false),
+ new TestParam("_XD-ES_IPingService", PORT, false),
- {new TestParam("SecureConversation_UserNameOverTransport_IPingService", PORT2, true)},
+ new TestParam("SecureConversation_UserNameOverTransport_IPingService", PORT2, true),
// TODO Endorsing streaming not supported
- // {new TestParam("SecureConversation_MutualCertificate10SignEncrypt_IPingService", PORT, true)},
- {new TestParam("AC_IPingService", PORT, true)},
- {new TestParam("ADC_IPingService", PORT, true)},
- {new TestParam("ADC-ES_IPingService", PORT, true)},
- {new TestParam("_A_IPingService", PORT, true)},
- {new TestParam("_AD_IPingService", PORT, true)},
- {new TestParam("_AD-ES_IPingService", PORT, true)},
- {new TestParam("UXC_IPingService", PORT, true)},
- {new TestParam("UXDC_IPingService", PORT, true)},
- {new TestParam("UXDC-SEES_IPingService", PORT, true)},
- {new TestParam("_UX_IPingService", PORT, true)},
- {new TestParam("_UXD_IPingService", PORT, true)},
- {new TestParam("_UXD-SEES_IPingService", PORT, true)},
+ // new TestParam("SecureConversation_MutualCertificate10SignEncrypt_IPingService", PORT, true),
+ new TestParam("AC_IPingService", PORT, true),
+ new TestParam("ADC_IPingService", PORT, true),
+ new TestParam("ADC-ES_IPingService", PORT, true),
+ new TestParam("_A_IPingService", PORT, true),
+ new TestParam("_AD_IPingService", PORT, true),
+ new TestParam("_AD-ES_IPingService", PORT, true),
+ new TestParam("UXC_IPingService", PORT, true),
+ new TestParam("UXDC_IPingService", PORT, true),
+ new TestParam("UXDC-SEES_IPingService", PORT, true),
+ new TestParam("_UX_IPingService", PORT, true),
+ new TestParam("_UXD_IPingService", PORT, true),
+ new TestParam("_UXD-SEES_IPingService", PORT, true),
// TODO Streaming endorsing not working
- // {new TestParam("XC_IPingService", PORT, true)},
- // {new TestParam("XDC_IPingService", PORT, true)},
- // {new TestParam("XDC_IPingService1", PORT, true)},
- // {new TestParam("XDC-ES_IPingService", PORT, true)},
- // {new TestParam("XDC-SEES_IPingService", PORT, true)},
- // {new TestParam("_X_IPingService", PORT, true)},
- {new TestParam("_X10_IPingService", PORT, true)},
+ // new TestParam("XC_IPingService", PORT, true),
+ // new TestParam("XDC_IPingService", PORT, true),
+ // new TestParam("XDC_IPingService1", PORT, true),
+ // new TestParam("XDC-ES_IPingService", PORT, true),
+ // new TestParam("XDC-SEES_IPingService", PORT, true),
+ // new TestParam("_X_IPingService", PORT, true),
+ new TestParam("_X10_IPingService", PORT, true),
// TODO Streaming endorsing not working
- // {new TestParam("_XD_IPingService", PORT, true)},
- // {new TestParam("_XD-SEES_IPingService", PORT, true)},
- // {new TestParam("_XD-ES_IPingService", PORT, true)},
+ // new TestParam("_XD_IPingService", PORT, true),
+ // new TestParam("_XD-SEES_IPingService", PORT, true),
+ // new TestParam("_XD-ES_IPingService", PORT, true),
- {new TestParam("SecureConversation_UserNameOverTransport_IPingService", STAX_PORT2, false)},
+ new TestParam("SecureConversation_UserNameOverTransport_IPingService", STAX_PORT2, false),
// TODO StAX Policy Validation error caused by incorrect DOM message
- // {new TestParam("SecureConversation_MutualCertificate10SignEncrypt_IPingService",
- // STAX_PORT, false)},
- {new TestParam("AC_IPingService", STAX_PORT, false)},
- {new TestParam("ADC_IPingService", STAX_PORT, false)},
- {new TestParam("ADC-ES_IPingService", STAX_PORT, false)},
- {new TestParam("_A_IPingService", STAX_PORT, false)},
- {new TestParam("_AD_IPingService", STAX_PORT, false)},
- {new TestParam("_AD-ES_IPingService", STAX_PORT, false)},
- {new TestParam("UXC_IPingService", STAX_PORT, false)},
- {new TestParam("UXDC_IPingService", STAX_PORT, false)},
- {new TestParam("UXDC-SEES_IPingService", STAX_PORT, false)},
- {new TestParam("_UX_IPingService", STAX_PORT, false)},
- {new TestParam("_UXD_IPingService", STAX_PORT, false)},
- {new TestParam("_UXD-SEES_IPingService", STAX_PORT, false)},
- {new TestParam("XC_IPingService", STAX_PORT, false)},
- {new TestParam("XDC_IPingService", STAX_PORT, false)},
- {new TestParam("XDC_IPingService1", STAX_PORT, false)},
- {new TestParam("XDC-ES_IPingService", STAX_PORT, false)},
- {new TestParam("XDC-SEES_IPingService", STAX_PORT, false)},
- {new TestParam("_X_IPingService", STAX_PORT, false)},
- {new TestParam("_X10_IPingService", STAX_PORT, false)},
- {new TestParam("_XD_IPingService", STAX_PORT, false)},
- {new TestParam("_XD-SEES_IPingService", STAX_PORT, false)},
- {new TestParam("_XD-ES_IPingService", STAX_PORT, false)},
+ // new TestParam("SecureConversation_MutualCertificate10SignEncrypt_IPingService",
+ // STAX_PORT, false),
+ new TestParam("AC_IPingService", STAX_PORT, false),
+ new TestParam("ADC_IPingService", STAX_PORT, false),
+ new TestParam("ADC-ES_IPingService", STAX_PORT, false),
+ new TestParam("_A_IPingService", STAX_PORT, false),
+ new TestParam("_AD_IPingService", STAX_PORT, false),
+ new TestParam("_AD-ES_IPingService", STAX_PORT, false),
+ new TestParam("UXC_IPingService", STAX_PORT, false),
+ new TestParam("UXDC_IPingService", STAX_PORT, false),
+ new TestParam("UXDC-SEES_IPingService", STAX_PORT, false),
+ new TestParam("_UX_IPingService", STAX_PORT, false),
+ new TestParam("_UXD_IPingService", STAX_PORT, false),
+ new TestParam("_UXD-SEES_IPingService", STAX_PORT, false),
+ new TestParam("XC_IPingService", STAX_PORT, false),
+ new TestParam("XDC_IPingService", STAX_PORT, false),
+ new TestParam("XDC_IPingService1", STAX_PORT, false),
+ new TestParam("XDC-ES_IPingService", STAX_PORT, false),
+ new TestParam("XDC-SEES_IPingService", STAX_PORT, false),
+ new TestParam("_X_IPingService", STAX_PORT, false),
+ new TestParam("_X10_IPingService", STAX_PORT, false),
+ new TestParam("_XD_IPingService", STAX_PORT, false),
+ new TestParam("_XD-SEES_IPingService", STAX_PORT, false),
+ new TestParam("_XD-ES_IPingService", STAX_PORT, false),
- {new TestParam("SecureConversation_UserNameOverTransport_IPingService", STAX_PORT2, true)},
+ new TestParam("SecureConversation_UserNameOverTransport_IPingService", STAX_PORT2, true),
// TODO Endorsing derived keys not supported.
- // {new TestParam("SecureConversation_MutualCertificate10SignEncrypt_IPingService",
- // STAX_PORT, true)},
- {new TestParam("AC_IPingService", STAX_PORT, true)},
- {new TestParam("ADC_IPingService", STAX_PORT, true)},
- {new TestParam("ADC-ES_IPingService", STAX_PORT, true)},
- {new TestParam("_A_IPingService", STAX_PORT, true)},
- {new TestParam("_AD_IPingService", STAX_PORT, true)},
- {new TestParam("_AD-ES_IPingService", STAX_PORT, true)},
- {new TestParam("UXC_IPingService", STAX_PORT, true)},
- {new TestParam("UXDC_IPingService", STAX_PORT, true)},
- {new TestParam("UXDC-SEES_IPingService", STAX_PORT, true)},
- {new TestParam("_UX_IPingService", STAX_PORT, true)},
- {new TestParam("_UXD_IPingService", STAX_PORT, true)},
- {new TestParam("_UXD-SEES_IPingService", STAX_PORT, true)},
+ // new TestParam("SecureConversation_MutualCertificate10SignEncrypt_IPingService",
+ // STAX_PORT, true),
+ new TestParam("AC_IPingService", STAX_PORT, true),
+ new TestParam("ADC_IPingService", STAX_PORT, true),
+ new TestParam("ADC-ES_IPingService", STAX_PORT, true),
+ new TestParam("_A_IPingService", STAX_PORT, true),
+ new TestParam("_AD_IPingService", STAX_PORT, true),
+ new TestParam("_AD-ES_IPingService", STAX_PORT, true),
+ new TestParam("UXC_IPingService", STAX_PORT, true),
+ new TestParam("UXDC_IPingService", STAX_PORT, true),
+ new TestParam("UXDC-SEES_IPingService", STAX_PORT, true),
+ new TestParam("_UX_IPingService", STAX_PORT, true),
+ new TestParam("_UXD_IPingService", STAX_PORT, true),
+ new TestParam("_UXD-SEES_IPingService", STAX_PORT, true),
// TODO Streaming endorsing not working
- // {new TestParam("XC_IPingService", STAX_PORT, true)},
- // {new TestParam("XDC_IPingService", STAX_PORT, true)},
- // {new TestParam("XDC_IPingService1", STAX_PORT, true)},
- // {new TestParam("XDC-ES_IPingService", STAX_PORT, true)},
- // {new TestParam("XDC-SEES_IPingService", STAX_PORT, true)},
- // {new TestParam("_X_IPingService", STAX_PORT, true)},
- {new TestParam("_X10_IPingService", STAX_PORT, true)},
+ // new TestParam("XC_IPingService", STAX_PORT, true),
+ // new TestParam("XDC_IPingService", STAX_PORT, true),
+ // new TestParam("XDC_IPingService1", STAX_PORT, true),
+ // new TestParam("XDC-ES_IPingService", STAX_PORT, true),
+ // new TestParam("XDC-SEES_IPingService", STAX_PORT, true),
+ // new TestParam("_X_IPingService", STAX_PORT, true),
+ new TestParam("_X10_IPingService", STAX_PORT, true),
// TODO Streaming endorsing not working
- // {new TestParam("_XD_IPingService", STAX_PORT, true)},
- // {new TestParam("_XD-SEES_IPingService", STAX_PORT, true)},
- // {new TestParam("_XD-ES_IPingService", STAX_PORT, true)},
+ // new TestParam("_XD_IPingService", STAX_PORT, true),
+ // new TestParam("_XD-SEES_IPingService", STAX_PORT, true),
+ // new TestParam("_XD-ES_IPingService", STAX_PORT, true),
- {new TestParam("AC_IPingService", PORT, false, true)},
- {new TestParam("AC_IPingService", PORT, true, true)},
- {new TestParam("AC_IPingService", STAX_PORT, false, true)},
- {new TestParam("AC_IPingService", STAX_PORT, true, true)},
+ new TestParam("AC_IPingService", PORT, false, true),
+ new TestParam("AC_IPingService", PORT, true, true),
+ new TestParam("AC_IPingService", STAX_PORT, false, true),
+ new TestParam("AC_IPingService", STAX_PORT, true, true),
});
}
diff --git a/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/wssc/WSSCUnitTest.java b/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/wssc/WSSCUnitTest.java
index 081d114..e092d83 100644
--- a/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/wssc/WSSCUnitTest.java
+++ b/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/wssc/WSSCUnitTest.java
@@ -101,10 +101,10 @@ public class WSSCUnitTest extends AbstractBusClientServerTestBase {
}
@Parameters(name = "{0}")
- public static Collection<TestParam[]> data() {
+ public static Collection<TestParam> data() {
- return Arrays.asList(new TestParam[][] {{new TestParam(PORT, false)},
- {new TestParam(PORT, true)},
+ return Arrays.asList(new TestParam[] {new TestParam(PORT, false),
+ new TestParam(PORT, true),
});
}
diff --git a/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/wssec10/WSSecurity10Test.java b/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/wssec10/WSSecurity10Test.java
index 276f8b6..18397ef 100644
--- a/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/wssec10/WSSecurity10Test.java
+++ b/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/wssec10/WSSecurity10Test.java
@@ -86,25 +86,25 @@ public class WSSecurity10Test extends AbstractBusClientServerTestBase {
}
@Parameters(name = "{0}")
- public static Collection<TestParam[]> data() {
-
- return Arrays.asList(new TestParam[][] {
- {new TestParam("UserName", PORT, false)},
- {new TestParam("UserNameOverTransport", SSL_PORT, false)},
- {new TestParam("MutualCertificate10SignEncrypt", PORT, false)},
- {new TestParam("MutualCertificate10SignEncryptRsa15TripleDes", PORT, false)},
- {new TestParam("UserName", PORT, true)},
- {new TestParam("UserNameOverTransport", SSL_PORT, true)},
- {new TestParam("MutualCertificate10SignEncrypt", PORT, true)},
- {new TestParam("MutualCertificate10SignEncryptRsa15TripleDes", PORT, true)},
- {new TestParam("UserName", STAX_PORT, false)},
- {new TestParam("UserNameOverTransport", STAX_SSL_PORT, false)},
- {new TestParam("MutualCertificate10SignEncrypt", STAX_PORT, false)},
- {new TestParam("MutualCertificate10SignEncryptRsa15TripleDes", STAX_PORT, false)},
- {new TestParam("UserName", STAX_PORT, true)},
- {new TestParam("UserNameOverTransport", STAX_SSL_PORT, true)},
- {new TestParam("MutualCertificate10SignEncrypt", STAX_PORT, true)},
- {new TestParam("MutualCertificate10SignEncryptRsa15TripleDes", STAX_PORT, true)}
+ public static Collection<TestParam> data() {
+
+ return Arrays.asList(new TestParam[] {
+ new TestParam("UserName", PORT, false),
+ new TestParam("UserNameOverTransport", SSL_PORT, false),
+ new TestParam("MutualCertificate10SignEncrypt", PORT, false),
+ new TestParam("MutualCertificate10SignEncryptRsa15TripleDes", PORT, false),
+ new TestParam("UserName", PORT, true),
+ new TestParam("UserNameOverTransport", SSL_PORT, true),
+ new TestParam("MutualCertificate10SignEncrypt", PORT, true),
+ new TestParam("MutualCertificate10SignEncryptRsa15TripleDes", PORT, true),
+ new TestParam("UserName", STAX_PORT, false),
+ new TestParam("UserNameOverTransport", STAX_SSL_PORT, false),
+ new TestParam("MutualCertificate10SignEncrypt", STAX_PORT, false),
+ new TestParam("MutualCertificate10SignEncryptRsa15TripleDes", STAX_PORT, false),
+ new TestParam("UserName", STAX_PORT, true),
+ new TestParam("UserNameOverTransport", STAX_SSL_PORT, true),
+ new TestParam("MutualCertificate10SignEncrypt", STAX_PORT, true),
+ new TestParam("MutualCertificate10SignEncryptRsa15TripleDes", STAX_PORT, true)
});
}
diff --git a/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/wssec11/WSSecurity111Test.java b/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/wssec11/WSSecurity111Test.java
index 4ae1b19..a421239 100644
--- a/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/wssec11/WSSecurity111Test.java
+++ b/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/wssec11/WSSecurity111Test.java
@@ -105,7 +105,7 @@ public class WSSecurity111Test extends WSSecurity11Common {
}
@Parameters(name = "{0}")
- public static Collection<TestParam[]> data() {
+ public static Collection<TestParam> data() {
String domPort = null;
if (unrestrictedPoliciesInstalled) {
domPort = Server11.PORT;
@@ -120,50 +120,50 @@ public class WSSecurity111Test extends WSSecurity11Common {
staxPort = StaxServer11Restricted.PORT;
}
- return Arrays.asList(new TestParam[][] {
- {new TestParam("A", domPort, false)},
- {new TestParam("A-NoTimestamp", domPort, false)},
- {new TestParam("AD", domPort, false)},
- {new TestParam("A-ES", domPort, false)},
- {new TestParam("AD-ES", domPort, false)},
- {new TestParam("UX", domPort, false)},
- {new TestParam("UX-NoTimestamp", domPort, false)},
- {new TestParam("UXD", domPort, false)},
- {new TestParam("UX-SEES", domPort, false)},
- {new TestParam("UXD-SEES", domPort, false)},
-
- {new TestParam("A", domPort, true)},
- {new TestParam("A-NoTimestamp", domPort, true)},
- {new TestParam("AD", domPort, true)},
- {new TestParam("A-ES", domPort, true)},
- {new TestParam("AD-ES", domPort, true)},
- {new TestParam("UX", domPort, true)},
- {new TestParam("UX-NoTimestamp", domPort, true)},
- {new TestParam("UXD", domPort, true)},
- {new TestParam("UX-SEES", domPort, true)},
- {new TestParam("UXD-SEES", domPort, true)},
-
- {new TestParam("A", staxPort, false)},
- {new TestParam("A-NoTimestamp", staxPort, false)},
- {new TestParam("AD", staxPort, false)},
- {new TestParam("A-ES", staxPort, false)},
- {new TestParam("AD-ES", staxPort, false)},
- {new TestParam("UX", staxPort, false)},
- {new TestParam("UX-NoTimestamp", staxPort, false)},
- {new TestParam("UXD", staxPort, false)},
- {new TestParam("UX-SEES", staxPort, false)},
- {new TestParam("UXD-SEES", staxPort, false)},
-
- {new TestParam("A", staxPort, true)},
- {new TestParam("A-NoTimestamp", staxPort, true)},
- {new TestParam("AD", staxPort, true)},
- {new TestParam("A-ES", staxPort, true)},
- {new TestParam("AD-ES", staxPort, true)},
- {new TestParam("UX", staxPort, true)},
- {new TestParam("UX-NoTimestamp", staxPort, true)},
- {new TestParam("UXD", staxPort, true)},
- {new TestParam("UX-SEES", staxPort, true)},
- {new TestParam("UXD-SEES", staxPort, true)},
+ return Arrays.asList(new TestParam[] {
+ new TestParam("A", domPort, false),
+ new TestParam("A-NoTimestamp", domPort, false),
+ new TestParam("AD", domPort, false),
+ new TestParam("A-ES", domPort, false),
+ new TestParam("AD-ES", domPort, false),
+ new TestParam("UX", domPort, false),
+ new TestParam("UX-NoTimestamp", domPort, false),
+ new TestParam("UXD", domPort, false),
+ new TestParam("UX-SEES", domPort, false),
+ new TestParam("UXD-SEES", domPort, false),
+
+ new TestParam("A", domPort, true),
+ new TestParam("A-NoTimestamp", domPort, true),
+ new TestParam("AD", domPort, true),
+ new TestParam("A-ES", domPort, true),
+ new TestParam("AD-ES", domPort, true),
+ new TestParam("UX", domPort, true),
+ new TestParam("UX-NoTimestamp", domPort, true),
+ new TestParam("UXD", domPort, true),
+ new TestParam("UX-SEES", domPort, true),
+ new TestParam("UXD-SEES", domPort, true),
+
+ new TestParam("A", staxPort, false),
+ new TestParam("A-NoTimestamp", staxPort, false),
+ new TestParam("AD", staxPort, false),
+ new TestParam("A-ES", staxPort, false),
+ new TestParam("AD-ES", staxPort, false),
+ new TestParam("UX", staxPort, false),
+ new TestParam("UX-NoTimestamp", staxPort, false),
+ new TestParam("UXD", staxPort, false),
+ new TestParam("UX-SEES", staxPort, false),
+ new TestParam("UXD-SEES", staxPort, false),
+
+ new TestParam("A", staxPort, true),
+ new TestParam("A-NoTimestamp", staxPort, true),
+ new TestParam("AD", staxPort, true),
+ new TestParam("A-ES", staxPort, true),
+ new TestParam("AD-ES", staxPort, true),
+ new TestParam("UX", staxPort, true),
+ new TestParam("UX-NoTimestamp", staxPort, true),
+ new TestParam("UXD", staxPort, true),
+ new TestParam("UX-SEES", staxPort, true),
+ new TestParam("UXD-SEES", staxPort, true),
});
}
diff --git a/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/wssec11/WSSecurity112Test.java b/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/wssec11/WSSecurity112Test.java
index 1512472..27c9c3d 100644
--- a/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/wssec11/WSSecurity112Test.java
+++ b/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/wssec11/WSSecurity112Test.java
@@ -106,40 +106,40 @@ public class WSSecurity112Test extends WSSecurity11Common {
}
@Parameters(name = "{0}")
- public static Collection<TestParam[]> data() {
+ public static Collection<TestParam> data() {
if (unrestrictedPoliciesInstalled) {
- return Arrays.asList(new TestParam[][] {
- {new TestParam("X", Server12.PORT, false)},
- {new TestParam("X-NoTimestamp", Server12.PORT, false)},
- {new TestParam("X-AES128", Server12.PORT, false)},
- {new TestParam("X-AES256", Server12.PORT, false)},
- {new TestParam("X-TripleDES", Server12.PORT, false)},
- {new TestParam("XD", Server12.PORT, false)},
- {new TestParam("XD-ES", Server12.PORT, false)},
- {new TestParam("XD-SEES", Server12.PORT, false)},
-
- {new TestParam("X", StaxServer12.PORT, false)},
- {new TestParam("X-NoTimestamp", StaxServer12.PORT, false)},
- {new TestParam("X-AES128", StaxServer12.PORT, false)},
- {new TestParam("X-AES256", StaxServer12.PORT, false)},
- {new TestParam("X-TripleDES", StaxServer12.PORT, false)},
- {new TestParam("XD", StaxServer12.PORT, false)},
- {new TestParam("XD-ES", StaxServer12.PORT, false)},
- {new TestParam("XD-SEES", StaxServer12.PORT, false)},
+ return Arrays.asList(new TestParam[] {
+ new TestParam("X", Server12.PORT, false),
+ new TestParam("X-NoTimestamp", Server12.PORT, false),
+ new TestParam("X-AES128", Server12.PORT, false),
+ new TestParam("X-AES256", Server12.PORT, false),
+ new TestParam("X-TripleDES", Server12.PORT, false),
+ new TestParam("XD", Server12.PORT, false),
+ new TestParam("XD-ES", Server12.PORT, false),
+ new TestParam("XD-SEES", Server12.PORT, false),
+
+ new TestParam("X", StaxServer12.PORT, false),
+ new TestParam("X-NoTimestamp", StaxServer12.PORT, false),
+ new TestParam("X-AES128", StaxServer12.PORT, false),
+ new TestParam("X-AES256", StaxServer12.PORT, false),
+ new TestParam("X-TripleDES", StaxServer12.PORT, false),
+ new TestParam("XD", StaxServer12.PORT, false),
+ new TestParam("XD-ES", StaxServer12.PORT, false),
+ new TestParam("XD-SEES", StaxServer12.PORT, false),
});
}
- return Arrays.asList(new TestParam[][] {
- {new TestParam("X", Server12Restricted.PORT, false)},
- {new TestParam("X-NoTimestamp", Server12Restricted.PORT, false)},
- {new TestParam("XD", Server12Restricted.PORT, false)},
- {new TestParam("XD-ES", Server12Restricted.PORT, false)},
- {new TestParam("XD-SEES", Server12Restricted.PORT, false)},
-
- {new TestParam("X", StaxServer12Restricted.PORT, false)},
- {new TestParam("X-NoTimestamp", StaxServer12Restricted.PORT, false)},
- {new TestParam("XD", StaxServer12Restricted.PORT, false)},
- {new TestParam("XD-ES", StaxServer12Restricted.PORT, false)},
- {new TestParam("XD-SEES", StaxServer12Restricted.PORT, false)},
+ return Arrays.asList(new TestParam[] {
+ new TestParam("X", Server12Restricted.PORT, false),
+ new TestParam("X-NoTimestamp", Server12Restricted.PORT, false),
+ new TestParam("XD", Server12Restricted.PORT, false),
+ new TestParam("XD-ES", Server12Restricted.PORT, false),
+ new TestParam("XD-SEES", Server12Restricted.PORT, false),
+
+ new TestParam("X", StaxServer12Restricted.PORT, false),
+ new TestParam("X-NoTimestamp", StaxServer12Restricted.PORT, false),
+ new TestParam("XD", StaxServer12Restricted.PORT, false),
+ new TestParam("XD-ES", StaxServer12Restricted.PORT, false),
+ new TestParam("XD-SEES", StaxServer12Restricted.PORT, false),
});
}
diff --git a/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/x509/X509TokenTest.java b/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/x509/X509TokenTest.java
index 25fdfe5..28d14af 100644
--- a/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/x509/X509TokenTest.java
+++ b/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/x509/X509TokenTest.java
@@ -96,12 +96,12 @@ public class X509TokenTest extends AbstractBusClientServerTestBase {
}
@Parameters(name = "{0}")
- public static Collection<TestParam[]> data() {
+ public static Collection<TestParam> data() {
- return Arrays.asList(new TestParam[][] {{new TestParam(PORT, false)},
- {new TestParam(PORT, true)},
- {new TestParam(STAX_PORT, false)},
- {new TestParam(STAX_PORT, true)},
+ return Arrays.asList(new TestParam[] {new TestParam(PORT, false),
+ new TestParam(PORT, true),
+ new TestParam(STAX_PORT, false),
+ new TestParam(STAX_PORT, true),
});
}
diff --git a/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/xkms/XKMSTest.java b/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/xkms/XKMSTest.java
index a9e444f..ceccb75 100644
--- a/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/xkms/XKMSTest.java
+++ b/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/xkms/XKMSTest.java
@@ -79,12 +79,12 @@ public class XKMSTest extends AbstractBusClientServerTestBase {
}
@Parameters(name = "{0}")
- public static Collection<TestParam[]> data() {
+ public static Collection<TestParam> data() {
- return Arrays.asList(new TestParam[][] {{new TestParam(PORT, false)},
- {new TestParam(PORT, true)},
- {new TestParam(STAX_PORT, false)},
- {new TestParam(STAX_PORT, true)},
+ return Arrays.asList(new TestParam[] {new TestParam(PORT, false),
+ new TestParam(PORT, true),
+ new TestParam(STAX_PORT, false),
+ new TestParam(STAX_PORT, true),
});
}
[cxf] 02/02: Parameterizing a few more OAuth tests
Posted by co...@apache.org.
This is an automated email from the ASF dual-hosted git repository.
coheigea pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/cxf.git
commit d5b88a7da4088b1b95641b51e3d56dbcad56e561
Author: Colm O hEigeartaigh <co...@apache.org>
AuthorDate: Wed Jul 18 17:01:51 2018 +0100
Parameterizing a few more OAuth tests
---
.../grants/AuthorizationGrantNegativeTest.java | 87 +++++++---
.../security/oauth2/grants/BookServerOAuth2.java | 3 -
.../grants/BookServerOAuth2GrantsNegative.java | 2 -
.../grants/BookServerOAuth2GrantsNegativeJWT.java} | 10 +-
.../grants/BookServerOAuth2Introspection.java | 2 -
.../grants/BookServerOAuth2IntrospectionJWT.java} | 10 +-
...kServerOAuth2.java => BookServerOAuth2JWT.java} | 12 +-
.../oauth2/grants/IntrospectionServiceTest.java | 51 +++++-
.../security/oauth2/grants/JAXRSOAuth2Test.java | 110 ++++++++----
.../security/oauth2/tls/OAuthDataProviderImpl.java | 8 +-
.../systest/jaxrs/security/oidc/OIDCFlowTest.java | 150 +++++++++++++---
.../jaxrs/security/oidc/OIDCNegativeServer.java | 2 -
...{OIDCServer.java => OIDCNegativeServerJWT.java} | 8 +-
.../jaxrs/security/oidc/OIDCNegativeTest.java | 56 ++++--
.../systest/jaxrs/security/oidc/OIDCServer.java | 2 -
.../oidc/{OIDCServer.java => OIDCServerJWT.java} | 8 +-
.../jaxrs/security/oidc/UserInfoServer.java | 2 -
.../{OIDCServer.java => UserInfoServerJWT.java} | 8 +-
.../systest/jaxrs/security/oidc/UserInfoTest.java | 47 ++++-
.../oauth2/grants/grants-negative-server-jwt.xml | 145 ++++++++++++++++
.../oauth2/grants/introspection-server-jwt.xml | 135 ++++++++++++++
.../jaxrs/security/oauth2/grants/server-jwt.xml | 164 +++++++++++++++++
.../security/oidc/oidc-negative-server-jwt.xml | 184 ++++++++++++++++++++
.../jaxrs/security/oidc/oidc-server-jwt.xml | 159 +++++++++++++++++
.../jaxrs/security/oidc/userinfo-server-jwt.xml | 193 +++++++++++++++++++++
25 files changed, 1396 insertions(+), 162 deletions(-)
diff --git a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/grants/AuthorizationGrantNegativeTest.java b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/grants/AuthorizationGrantNegativeTest.java
index 8379a83..ded1736 100644
--- a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/grants/AuthorizationGrantNegativeTest.java
+++ b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/grants/AuthorizationGrantNegativeTest.java
@@ -21,6 +21,8 @@ package org.apache.cxf.systest.jaxrs.security.oauth2.grants;
import java.net.URL;
import java.time.Instant;
+import java.util.Arrays;
+import java.util.Collection;
import java.util.Collections;
import java.util.Properties;
@@ -36,6 +38,7 @@ import org.apache.cxf.rs.security.jose.jws.JwsSignatureProvider;
import org.apache.cxf.rs.security.jose.jws.JwsUtils;
import org.apache.cxf.rs.security.jose.jwt.JwtClaims;
import org.apache.cxf.rs.security.oauth2.common.ClientAccessToken;
+import org.apache.cxf.systest.jaxrs.security.SecurityTestUtil;
import org.apache.cxf.systest.jaxrs.security.oauth2.common.OAuth2TestUtils;
import org.apache.cxf.systest.jaxrs.security.oauth2.common.SamlCallbackHandler;
import org.apache.cxf.testutil.common.AbstractBusClientServerTestBase;
@@ -45,19 +48,47 @@ import org.apache.wss4j.common.saml.SAMLUtil;
import org.apache.wss4j.common.saml.SamlAssertionWrapper;
import org.apache.wss4j.common.saml.builder.SAML2Constants;
+import org.junit.AfterClass;
import org.junit.BeforeClass;
+import org.junit.runner.RunWith;
+import org.junit.runners.Parameterized.Parameters;
/**
- * Some (negative) tests for various authorization grants.
+ * Some (negative) tests for various authorization grants. The tests are run multiple times with different
+ * OAuthDataProvider implementations:
+ * a) PORT - EhCache
+ * b) JWT_PORT - EhCache with useJwtFormatForAccessTokens enabled
*/
+@RunWith(value = org.junit.runners.Parameterized.class)
public class AuthorizationGrantNegativeTest extends AbstractBusClientServerTestBase {
- public static final String PORT = BookServerOAuth2GrantsNegative.PORT;
+ public static final String PORT = TestUtil.getPortNumber("jaxrs-oauth2-grants-negative");
public static final String PORT2 = TestUtil.getPortNumber("jaxrs-oauth2-grants2-negative");
+ public static final String JWT_PORT = TestUtil.getPortNumber("jaxrs-oauth2-grants-negative-jwt");
+ public static final String JWT_PORT2 = TestUtil.getPortNumber("jaxrs-oauth2-grants2-negative-jwt");
+
+ final String port;
+
+ public AuthorizationGrantNegativeTest(String port) {
+ this.port = port;
+ }
@BeforeClass
public static void startServers() throws Exception {
assertTrue("server did not launch correctly",
launchServer(BookServerOAuth2GrantsNegative.class, true));
+ assertTrue("server did not launch correctly",
+ launchServer(BookServerOAuth2GrantsNegativeJWT.class, true));
+ }
+
+ @AfterClass
+ public static void cleanup() throws Exception {
+ SecurityTestUtil.cleanup();
+ }
+
+ @Parameters(name = "{0}")
+ public static Collection<String> data() {
+
+ return Arrays.asList(PORT, JWT_PORT);
}
//
@@ -68,7 +99,7 @@ public class AuthorizationGrantNegativeTest extends AbstractBusClientServerTestB
public void testAuthorizationCodeBadClient() throws Exception {
URL busFile = AuthorizationGrantTest.class.getResource("client.xml");
- String address = "https://localhost:" + PORT + "/services/";
+ String address = "https://localhost:" + port + "/services/";
WebClient client = WebClient.create(address, OAuth2TestUtils.setupProviders(),
"alice", "security", busFile.toString());
// Save the Cookie for the second request...
@@ -96,7 +127,7 @@ public class AuthorizationGrantNegativeTest extends AbstractBusClientServerTestB
public void testAuthorizationCodeBadRedirectionURI() throws Exception {
URL busFile = AuthorizationGrantTest.class.getResource("client.xml");
- String address = "https://localhost:" + PORT + "/services/";
+ String address = "https://localhost:" + port + "/services/";
WebClient client = WebClient.create(address, OAuth2TestUtils.setupProviders(),
"alice", "security", busFile.toString());
// Save the Cookie for the second request...
@@ -120,7 +151,7 @@ public class AuthorizationGrantNegativeTest extends AbstractBusClientServerTestB
public void testResponseType() throws Exception {
URL busFile = AuthorizationGrantTest.class.getResource("client.xml");
- String address = "https://localhost:" + PORT + "/services/";
+ String address = "https://localhost:" + port + "/services/";
WebClient client = WebClient.create(address, OAuth2TestUtils.setupProviders(),
"alice", "security", busFile.toString());
// Save the Cookie for the second request...
@@ -148,7 +179,7 @@ public class AuthorizationGrantNegativeTest extends AbstractBusClientServerTestB
public void testAuthorizationCodeBadScope() throws Exception {
URL busFile = AuthorizationGrantTest.class.getResource("client.xml");
- String address = "https://localhost:" + PORT + "/services/";
+ String address = "https://localhost:" + port + "/services/";
WebClient client = WebClient.create(address, OAuth2TestUtils.setupProviders(),
"alice", "security", busFile.toString());
// Save the Cookie for the second request...
@@ -174,7 +205,7 @@ public class AuthorizationGrantNegativeTest extends AbstractBusClientServerTestB
public void testRepeatAuthorizationCode() throws Exception {
URL busFile = AuthorizationGrantTest.class.getResource("client.xml");
- String address = "https://localhost:" + PORT + "/services/";
+ String address = "https://localhost:" + port + "/services/";
WebClient client = WebClient.create(address, OAuth2TestUtils.setupProviders(),
"alice", "security", busFile.toString());
// Save the Cookie for the second request...
@@ -219,7 +250,7 @@ public class AuthorizationGrantNegativeTest extends AbstractBusClientServerTestB
public void testRepeatRefreshCall() throws Exception {
URL busFile = AuthorizationGrantTest.class.getResource("client.xml");
- String address = "https://localhost:" + PORT + "/services/";
+ String address = "https://localhost:" + port + "/services/";
WebClient client = WebClient.create(address, OAuth2TestUtils.setupProviders(),
"alice", "security", busFile.toString());
// Save the Cookie for the second request...
@@ -270,7 +301,7 @@ public class AuthorizationGrantNegativeTest extends AbstractBusClientServerTestB
public void testRefreshWithBadToken() throws Exception {
URL busFile = AuthorizationGrantTest.class.getResource("client.xml");
- String address = "https://localhost:" + PORT + "/services/";
+ String address = "https://localhost:" + port + "/services/";
WebClient client = WebClient.create(address, OAuth2TestUtils.setupProviders(),
"alice", "security", busFile.toString());
// Save the Cookie for the second request...
@@ -326,7 +357,7 @@ public class AuthorizationGrantNegativeTest extends AbstractBusClientServerTestB
public void testAccessTokenBadCode() throws Exception {
URL busFile = AuthorizationGrantTest.class.getResource("client.xml");
- String address = "https://localhost:" + PORT + "/services/";
+ String address = "https://localhost:" + port + "/services/";
WebClient client = WebClient.create(address, OAuth2TestUtils.setupProviders(),
"alice", "security", busFile.toString());
// Save the Cookie for the second request...
@@ -376,7 +407,7 @@ public class AuthorizationGrantNegativeTest extends AbstractBusClientServerTestB
public void testUnknownGrantType() throws Exception {
URL busFile = AuthorizationGrantTest.class.getResource("client.xml");
- String address = "https://localhost:" + PORT + "/services/";
+ String address = "https://localhost:" + port + "/services/";
WebClient client = WebClient.create(address, OAuth2TestUtils.setupProviders(),
"consumer-id", "this-is-a-secret",
busFile.toString());
@@ -414,7 +445,7 @@ public class AuthorizationGrantNegativeTest extends AbstractBusClientServerTestB
public void testPasswordCredentialsGrantUnknownUsers() throws Exception {
URL busFile = AuthorizationGrantTest.class.getResource("client.xml");
- String address = "https://localhost:" + PORT + "/services/";
+ String address = "https://localhost:" + port + "/services/";
WebClient client = WebClient.create(address, OAuth2TestUtils.setupProviders(),
"consumer-id", "this-is-a-secret",
busFile.toString());
@@ -469,7 +500,7 @@ public class AuthorizationGrantNegativeTest extends AbstractBusClientServerTestB
public void testAuthorizationCodeGrantWithUnknownAudience() throws Exception {
URL busFile = AuthorizationGrantTest.class.getResource("client.xml");
- String address = "https://localhost:" + PORT + "/services/";
+ String address = "https://localhost:" + port + "/services/";
WebClient client = WebClient.create(address, OAuth2TestUtils.setupProviders(),
"alice", "security", busFile.toString());
// Save the Cookie for the second request...
@@ -506,7 +537,7 @@ public class AuthorizationGrantNegativeTest extends AbstractBusClientServerTestB
public void testSAML11() throws Exception {
URL busFile = AuthorizationGrantNegativeTest.class.getResource("client.xml");
- String address = "https://localhost:" + PORT + "/services/";
+ String address = "https://localhost:" + port + "/services/";
WebClient client = WebClient.create(address, OAuth2TestUtils.setupProviders(),
"alice", "security", busFile.toString());
@@ -535,7 +566,7 @@ public class AuthorizationGrantNegativeTest extends AbstractBusClientServerTestB
public void testSAMLAudRestr() throws Exception {
URL busFile = AuthorizationGrantNegativeTest.class.getResource("client.xml");
- String address = "https://localhost:" + PORT + "/services/";
+ String address = "https://localhost:" + port + "/services/";
WebClient client = WebClient.create(address, OAuth2TestUtils.setupProviders(),
"alice", "security", busFile.toString());
@@ -564,7 +595,7 @@ public class AuthorizationGrantNegativeTest extends AbstractBusClientServerTestB
public void testSAMLUnsigned() throws Exception {
URL busFile = AuthorizationGrantNegativeTest.class.getResource("client.xml");
- String address = "https://localhost:" + PORT + "/services/";
+ String address = "https://localhost:" + port + "/services/";
WebClient client = WebClient.create(address, OAuth2TestUtils.setupProviders(),
"alice", "security", busFile.toString());
@@ -593,7 +624,7 @@ public class AuthorizationGrantNegativeTest extends AbstractBusClientServerTestB
public void testSAMLHolderOfKey() throws Exception {
URL busFile = AuthorizationGrantNegativeTest.class.getResource("client.xml");
- String address = "https://localhost:" + PORT + "/services/";
+ String address = "https://localhost:" + port + "/services/";
WebClient client = WebClient.create(address, OAuth2TestUtils.setupProviders(),
"alice", "security", busFile.toString());
@@ -638,7 +669,7 @@ public class AuthorizationGrantNegativeTest extends AbstractBusClientServerTestB
public void testSAMLUnauthenticatedSignature() throws Exception {
URL busFile = AuthorizationGrantNegativeTest.class.getResource("client.xml");
- String address = "https://localhost:" + PORT + "/services/";
+ String address = "https://localhost:" + port + "/services/";
WebClient client = WebClient.create(address, OAuth2TestUtils.setupProviders(),
"alice", "security", busFile.toString());
@@ -689,13 +720,13 @@ public class AuthorizationGrantNegativeTest extends AbstractBusClientServerTestB
public void testJWTUnsigned() throws Exception {
URL busFile = AuthorizationGrantNegativeTest.class.getResource("client.xml");
- String address = "https://localhost:" + PORT + "/services/";
+ String address = "https://localhost:" + port + "/services/";
WebClient client = WebClient.create(address, OAuth2TestUtils.setupProviders(),
"alice", "security", busFile.toString());
// Create the JWT Token
String token = OAuth2TestUtils.createToken("DoubleItSTSIssuer", "consumer-id",
- "https://localhost:" + PORT + "/services/token", true, false);
+ "https://localhost:" + port + "/services/token", true, false);
// Get Access Token
client.type("application/x-www-form-urlencoded").accept("application/json");
@@ -719,13 +750,13 @@ public class AuthorizationGrantNegativeTest extends AbstractBusClientServerTestB
public void testJWTNoIssuer() throws Exception {
URL busFile = AuthorizationGrantNegativeTest.class.getResource("client.xml");
- String address = "https://localhost:" + PORT + "/services/";
+ String address = "https://localhost:" + port + "/services/";
WebClient client = WebClient.create(address, OAuth2TestUtils.setupProviders(),
"alice", "security", busFile.toString());
// Create the JWT Token
String token = OAuth2TestUtils.createToken(null, "consumer-id",
- "https://localhost:" + PORT + "/services/token", true, true);
+ "https://localhost:" + port + "/services/token", true, true);
// Get Access Token
client.type("application/x-www-form-urlencoded").accept("application/json");
@@ -749,13 +780,13 @@ public class AuthorizationGrantNegativeTest extends AbstractBusClientServerTestB
public void testJWTNoExpiry() throws Exception {
URL busFile = AuthorizationGrantNegativeTest.class.getResource("client.xml");
- String address = "https://localhost:" + PORT + "/services/";
+ String address = "https://localhost:" + port + "/services/";
WebClient client = WebClient.create(address, OAuth2TestUtils.setupProviders(),
"alice", "security", busFile.toString());
// Create the JWT Token
String token = OAuth2TestUtils.createToken("DoubleItSTSIssuer", "consumer-id",
- "https://localhost:" + PORT + "/services/token", false, true);
+ "https://localhost:" + port + "/services/token", false, true);
// Get Access Token
client.type("application/x-www-form-urlencoded").accept("application/json");
@@ -779,13 +810,13 @@ public class AuthorizationGrantNegativeTest extends AbstractBusClientServerTestB
public void testJWTBadAudienceRestriction() throws Exception {
URL busFile = AuthorizationGrantNegativeTest.class.getResource("client.xml");
- String address = "https://localhost:" + PORT + "/services/";
+ String address = "https://localhost:" + port + "/services/";
WebClient client = WebClient.create(address, OAuth2TestUtils.setupProviders(),
"alice", "security", busFile.toString());
// Create the JWT Token
String token = OAuth2TestUtils.createToken("DoubleItSTSIssuer", "consumer-id",
- "https://localhost:" + PORT + "/services/badtoken", true, true);
+ "https://localhost:" + port + "/services/badtoken", true, true);
// Get Access Token
client.type("application/x-www-form-urlencoded").accept("application/json");
@@ -809,7 +840,7 @@ public class AuthorizationGrantNegativeTest extends AbstractBusClientServerTestB
public void testJWTUnauthenticatedSignature() throws Exception {
URL busFile = AuthorizationGrantNegativeTest.class.getResource("client.xml");
- String address = "https://localhost:" + PORT + "/services/";
+ String address = "https://localhost:" + port + "/services/";
WebClient client = WebClient.create(address, OAuth2TestUtils.setupProviders(),
"alice", "security", busFile.toString());
@@ -821,7 +852,7 @@ public class AuthorizationGrantNegativeTest extends AbstractBusClientServerTestB
Instant now = Instant.now();
claims.setIssuedAt(now.getEpochSecond());
claims.setExpiryTime(now.plusSeconds(60L).getEpochSecond());
- String audience = "https://localhost:" + PORT + "/services/token";
+ String audience = "https://localhost:" + port + "/services/token";
claims.setAudiences(Collections.singletonList(audience));
// Sign the JWT Token
diff --git a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/grants/BookServerOAuth2.java b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/grants/BookServerOAuth2.java
index e79ba07..e1aec4d 100644
--- a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/grants/BookServerOAuth2.java
+++ b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/grants/BookServerOAuth2.java
@@ -25,11 +25,8 @@ import org.apache.cxf.Bus;
import org.apache.cxf.BusFactory;
import org.apache.cxf.bus.spring.SpringBusFactory;
import org.apache.cxf.testutil.common.AbstractBusTestServerBase;
-import org.apache.cxf.testutil.common.TestUtil;
public class BookServerOAuth2 extends AbstractBusTestServerBase {
- public static final String PORT = TestUtil.getPortNumber("jaxrs-oauth2");
- public static final String PORT_PUBLIC = TestUtil.getPortNumber("jaxrs-oauth2-public");
private static final URL SERVER_CONFIG_FILE =
BookServerOAuth2.class.getResource("server.xml");
diff --git a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/grants/BookServerOAuth2GrantsNegative.java b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/grants/BookServerOAuth2GrantsNegative.java
index 28886fa..7079537 100644
--- a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/grants/BookServerOAuth2GrantsNegative.java
+++ b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/grants/BookServerOAuth2GrantsNegative.java
@@ -25,10 +25,8 @@ import org.apache.cxf.Bus;
import org.apache.cxf.BusFactory;
import org.apache.cxf.bus.spring.SpringBusFactory;
import org.apache.cxf.testutil.common.AbstractBusTestServerBase;
-import org.apache.cxf.testutil.common.TestUtil;
public class BookServerOAuth2GrantsNegative extends AbstractBusTestServerBase {
- public static final String PORT = TestUtil.getPortNumber("jaxrs-oauth2-grants-negative");
private static final URL SERVER_CONFIG_FILE =
BookServerOAuth2GrantsNegative.class.getResource("grants-negative-server.xml");
diff --git a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oidc/OIDCServer.java b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/grants/BookServerOAuth2GrantsNegativeJWT.java
similarity index 80%
copy from systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oidc/OIDCServer.java
copy to systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/grants/BookServerOAuth2GrantsNegativeJWT.java
index 310f0d4..0b99413 100644
--- a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oidc/OIDCServer.java
+++ b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/grants/BookServerOAuth2GrantsNegativeJWT.java
@@ -17,7 +17,7 @@
* under the License.
*/
-package org.apache.cxf.systest.jaxrs.security.oidc;
+package org.apache.cxf.systest.jaxrs.security.oauth2.grants;
import java.net.URL;
@@ -25,12 +25,10 @@ import org.apache.cxf.Bus;
import org.apache.cxf.BusFactory;
import org.apache.cxf.bus.spring.SpringBusFactory;
import org.apache.cxf.testutil.common.AbstractBusTestServerBase;
-import org.apache.cxf.testutil.common.TestUtil;
-public class OIDCServer extends AbstractBusTestServerBase {
- public static final String PORT = TestUtil.getPortNumber("jaxrs-oidc");
+public class BookServerOAuth2GrantsNegativeJWT extends AbstractBusTestServerBase {
private static final URL SERVER_CONFIG_FILE =
- OIDCServer.class.getResource("oidc-server.xml");
+ BookServerOAuth2GrantsNegativeJWT.class.getResource("grants-negative-server-jwt.xml");
protected void run() {
SpringBusFactory bf = new SpringBusFactory();
@@ -39,7 +37,7 @@ public class OIDCServer extends AbstractBusTestServerBase {
setBus(springBus);
try {
- new OIDCServer();
+ new BookServerOAuth2GrantsNegativeJWT();
} catch (Exception e) {
throw new RuntimeException(e);
}
diff --git a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/grants/BookServerOAuth2Introspection.java b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/grants/BookServerOAuth2Introspection.java
index 0bffa4a..f64e3c5 100644
--- a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/grants/BookServerOAuth2Introspection.java
+++ b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/grants/BookServerOAuth2Introspection.java
@@ -25,10 +25,8 @@ import org.apache.cxf.Bus;
import org.apache.cxf.BusFactory;
import org.apache.cxf.bus.spring.SpringBusFactory;
import org.apache.cxf.testutil.common.AbstractBusTestServerBase;
-import org.apache.cxf.testutil.common.TestUtil;
public class BookServerOAuth2Introspection extends AbstractBusTestServerBase {
- public static final String PORT = TestUtil.getPortNumber("jaxrs-oauth2-introspection");
private static final URL SERVER_CONFIG_FILE =
BookServerOAuth2Introspection.class.getResource("introspection-server.xml");
diff --git a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oidc/OIDCServer.java b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/grants/BookServerOAuth2IntrospectionJWT.java
similarity index 80%
copy from systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oidc/OIDCServer.java
copy to systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/grants/BookServerOAuth2IntrospectionJWT.java
index 310f0d4..43ad28f 100644
--- a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oidc/OIDCServer.java
+++ b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/grants/BookServerOAuth2IntrospectionJWT.java
@@ -17,7 +17,7 @@
* under the License.
*/
-package org.apache.cxf.systest.jaxrs.security.oidc;
+package org.apache.cxf.systest.jaxrs.security.oauth2.grants;
import java.net.URL;
@@ -25,12 +25,10 @@ import org.apache.cxf.Bus;
import org.apache.cxf.BusFactory;
import org.apache.cxf.bus.spring.SpringBusFactory;
import org.apache.cxf.testutil.common.AbstractBusTestServerBase;
-import org.apache.cxf.testutil.common.TestUtil;
-public class OIDCServer extends AbstractBusTestServerBase {
- public static final String PORT = TestUtil.getPortNumber("jaxrs-oidc");
+public class BookServerOAuth2IntrospectionJWT extends AbstractBusTestServerBase {
private static final URL SERVER_CONFIG_FILE =
- OIDCServer.class.getResource("oidc-server.xml");
+ BookServerOAuth2IntrospectionJWT.class.getResource("introspection-server-jwt.xml");
protected void run() {
SpringBusFactory bf = new SpringBusFactory();
@@ -39,7 +37,7 @@ public class OIDCServer extends AbstractBusTestServerBase {
setBus(springBus);
try {
- new OIDCServer();
+ new BookServerOAuth2IntrospectionJWT();
} catch (Exception e) {
throw new RuntimeException(e);
}
diff --git a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/grants/BookServerOAuth2.java b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/grants/BookServerOAuth2JWT.java
similarity index 79%
copy from systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/grants/BookServerOAuth2.java
copy to systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/grants/BookServerOAuth2JWT.java
index e79ba07..01293b7 100644
--- a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/grants/BookServerOAuth2.java
+++ b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/grants/BookServerOAuth2JWT.java
@@ -25,13 +25,11 @@ import org.apache.cxf.Bus;
import org.apache.cxf.BusFactory;
import org.apache.cxf.bus.spring.SpringBusFactory;
import org.apache.cxf.testutil.common.AbstractBusTestServerBase;
-import org.apache.cxf.testutil.common.TestUtil;
-public class BookServerOAuth2 extends AbstractBusTestServerBase {
- public static final String PORT = TestUtil.getPortNumber("jaxrs-oauth2");
- public static final String PORT_PUBLIC = TestUtil.getPortNumber("jaxrs-oauth2-public");
+public class BookServerOAuth2JWT extends AbstractBusTestServerBase {
+
private static final URL SERVER_CONFIG_FILE =
- BookServerOAuth2.class.getResource("server.xml");
+ BookServerOAuth2JWT.class.getResource("server-jwt.xml");
protected void run() {
SpringBusFactory bf = new SpringBusFactory();
@@ -40,7 +38,7 @@ public class BookServerOAuth2 extends AbstractBusTestServerBase {
setBus(springBus);
try {
- new BookServerOAuth2();
+ new BookServerOAuth2JWT();
} catch (Exception e) {
throw new RuntimeException(e);
}
@@ -48,7 +46,7 @@ public class BookServerOAuth2 extends AbstractBusTestServerBase {
public static void main(String[] args) {
try {
- BookServerOAuth2 s = new BookServerOAuth2();
+ BookServerOAuth2JWT s = new BookServerOAuth2JWT();
s.start();
} catch (Exception ex) {
ex.printStackTrace();
diff --git a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/grants/IntrospectionServiceTest.java b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/grants/IntrospectionServiceTest.java
index 2873e1a..af3275f 100644
--- a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/grants/IntrospectionServiceTest.java
+++ b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/grants/IntrospectionServiceTest.java
@@ -19,6 +19,8 @@
package org.apache.cxf.systest.jaxrs.security.oauth2.grants;
import java.net.URL;
+import java.util.Arrays;
+import java.util.Collection;
import javax.ws.rs.core.Form;
import javax.ws.rs.core.Response;
@@ -26,31 +28,60 @@ import javax.ws.rs.core.Response;
import org.apache.cxf.jaxrs.client.WebClient;
import org.apache.cxf.rs.security.oauth2.common.ClientAccessToken;
import org.apache.cxf.rs.security.oauth2.common.TokenIntrospection;
+import org.apache.cxf.systest.jaxrs.security.SecurityTestUtil;
import org.apache.cxf.systest.jaxrs.security.oauth2.common.OAuth2TestUtils;
import org.apache.cxf.testutil.common.AbstractBusClientServerTestBase;
import org.apache.cxf.testutil.common.TestUtil;
+import org.junit.AfterClass;
import org.junit.BeforeClass;
+import org.junit.runner.RunWith;
+import org.junit.runners.Parameterized.Parameters;
/**
- * Some unit tests for the token introspection service in CXF.
+ * Some unit tests for the token introspection service in CXF. The tests are run multiple times with different
+ * OAuthDataProvider implementations:
+ * a) PORT - EhCache
+ * b) JWT_PORT - EhCache with useJwtFormatForAccessTokens enabled
*/
+@RunWith(value = org.junit.runners.Parameterized.class)
public class IntrospectionServiceTest extends AbstractBusClientServerTestBase {
- public static final String PORT = BookServerOAuth2Introspection.PORT;
+ public static final String PORT = TestUtil.getPortNumber("jaxrs-oauth2-introspection");
public static final String PORT2 = TestUtil.getPortNumber("jaxrs-oauth2-introspection2");
+ public static final String JWT_PORT = TestUtil.getPortNumber("jaxrs-oauth2-introspection-jwt");
+ public static final String JWT_PORT2 = TestUtil.getPortNumber("jaxrs-oauth2-introspection2-jwt");
+
+ final String port;
+
+ public IntrospectionServiceTest(String port) {
+ this.port = port;
+ }
@BeforeClass
public static void startServers() throws Exception {
assertTrue("server did not launch correctly",
launchServer(BookServerOAuth2Introspection.class, true));
+ assertTrue("server did not launch correctly",
+ launchServer(BookServerOAuth2IntrospectionJWT.class, true));
+ }
+
+ @AfterClass
+ public static void cleanup() throws Exception {
+ SecurityTestUtil.cleanup();
+ }
+
+ @Parameters(name = "{0}")
+ public static Collection<String> data() {
+
+ return Arrays.asList(PORT, JWT_PORT);
}
@org.junit.Test
public void testTokenIntrospection() throws Exception {
URL busFile = IntrospectionServiceTest.class.getResource("client.xml");
- String address = "https://localhost:" + PORT + "/services/";
+ String address = "https://localhost:" + port + "/services/";
WebClient client = WebClient.create(address, OAuth2TestUtils.setupProviders(),
"alice", "security", busFile.toString());
// Save the Cookie for the second request...
@@ -93,7 +124,7 @@ public class IntrospectionServiceTest extends AbstractBusClientServerTestBase {
public void testTokenIntrospectionWithAudience() throws Exception {
URL busFile = AuthorizationGrantTest.class.getResource("client.xml");
- String address = "https://localhost:" + PORT + "/services/";
+ String address = "https://localhost:" + port + "/services/";
WebClient client = WebClient.create(address, OAuth2TestUtils.setupProviders(),
"alice", "security", busFile.toString());
// Save the Cookie for the second request...
@@ -111,7 +142,11 @@ public class IntrospectionServiceTest extends AbstractBusClientServerTestBase {
WebClient.getConfig(client).getRequestContext().put(
org.apache.cxf.message.Message.MAINTAIN_SESSION, Boolean.TRUE);
- String audience = "https://localhost:" + PORT2 + "/secured/bookstore/books";
+ String audPort = PORT2;
+ if (JWT_PORT.equals(port)) {
+ audPort = JWT_PORT2;
+ }
+ String audience = "https://localhost:" + audPort + "/secured/bookstore/books";
ClientAccessToken accessToken =
OAuth2TestUtils.getAccessTokenWithAuthorizationCode(client, code, "consumer-id-aud", audience);
assertNotNull(accessToken.getTokenKey());
@@ -139,7 +174,7 @@ public class IntrospectionServiceTest extends AbstractBusClientServerTestBase {
public void testInvalidToken() throws Exception {
URL busFile = IntrospectionServiceTest.class.getResource("client.xml");
- String address = "https://localhost:" + PORT + "/services/";
+ String address = "https://localhost:" + port + "/services/";
WebClient client = WebClient.create(address, OAuth2TestUtils.setupProviders(),
"alice", "security", busFile.toString());
// Save the Cookie for the second request...
@@ -177,7 +212,7 @@ public class IntrospectionServiceTest extends AbstractBusClientServerTestBase {
public void testRefreshedToken() throws Exception {
URL busFile = AuthorizationGrantTest.class.getResource("client.xml");
- String address = "https://localhost:" + PORT + "/services/";
+ String address = "https://localhost:" + port + "/services/";
WebClient client = WebClient.create(address, OAuth2TestUtils.setupProviders(),
"alice", "security", busFile.toString());
// Save the Cookie for the second request...
@@ -240,7 +275,7 @@ public class IntrospectionServiceTest extends AbstractBusClientServerTestBase {
public void testTokenIntrospectionWithScope() throws Exception {
URL busFile = IntrospectionServiceTest.class.getResource("client.xml");
- String address = "https://localhost:" + PORT + "/services/";
+ String address = "https://localhost:" + port + "/services/";
WebClient client = WebClient.create(address, OAuth2TestUtils.setupProviders(),
"alice", "security", busFile.toString());
// Save the Cookie for the second request...
diff --git a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/grants/JAXRSOAuth2Test.java b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/grants/JAXRSOAuth2Test.java
index 037c617..fc89cf5 100644
--- a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/grants/JAXRSOAuth2Test.java
+++ b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/grants/JAXRSOAuth2Test.java
@@ -20,6 +20,8 @@
package org.apache.cxf.systest.jaxrs.security.oauth2.grants;
import java.net.URL;
+import java.util.Arrays;
+import java.util.Collection;
import java.util.HashMap;
import java.util.Map;
@@ -51,9 +53,11 @@ import org.apache.cxf.rs.security.oauth2.utils.OAuthConstants;
import org.apache.cxf.rs.security.saml.SAMLUtils;
import org.apache.cxf.rs.security.saml.SAMLUtils.SelfSignInfo;
import org.apache.cxf.rt.security.SecurityConstants;
+import org.apache.cxf.systest.jaxrs.security.SecurityTestUtil;
import org.apache.cxf.systest.jaxrs.security.oauth2.common.OAuth2TestUtils;
import org.apache.cxf.systest.jaxrs.security.oauth2.common.SamlCallbackHandler;
import org.apache.cxf.testutil.common.AbstractBusClientServerTestBase;
+import org.apache.cxf.testutil.common.TestUtil;
import org.apache.wss4j.common.crypto.Crypto;
import org.apache.wss4j.common.saml.SAMLCallback;
import org.apache.wss4j.common.saml.SAMLUtil;
@@ -61,30 +65,62 @@ import org.apache.wss4j.common.saml.SamlAssertionWrapper;
import org.apache.wss4j.common.saml.builder.SAML2Constants;
import org.apache.wss4j.common.util.DOM2Writer;
+import org.junit.AfterClass;
import org.junit.BeforeClass;
import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.junit.runners.Parameterized.Parameters;
+/**
+ * Some tests for OAuth 2.0. The tests are run multiple times with different OAuthDataProvider implementations:
+ * a) PORT - EhCache
+ * b) JWT_PORT - EhCache with useJwtFormatForAccessTokens enabled
+ */
+@RunWith(value = org.junit.runners.Parameterized.class)
public class JAXRSOAuth2Test extends AbstractBusClientServerTestBase {
- public static final String PORT = BookServerOAuth2.PORT;
+ public static final String PORT = TestUtil.getPortNumber("jaxrs-oauth2");
+ public static final String PORT_PUBLIC = TestUtil.getPortNumber("jaxrs-oauth2-public");
+ public static final String JWT_PORT = TestUtil.getPortNumber("jaxrs-oauth2-jwt");
+ public static final String JWT_PORT_PUBLIC = TestUtil.getPortNumber("jaxrs-oauth2-public-jwt");
+
private static final String CRYPTO_RESOURCE_PROPERTIES =
"org/apache/cxf/systest/jaxrs/security/alice.properties";
+ final String port;
+
+ public JAXRSOAuth2Test(String port) {
+ this.port = port;
+ }
+
@BeforeClass
public static void startServers() throws Exception {
assertTrue("server did not launch correctly",
launchServer(BookServerOAuth2.class, true));
+ assertTrue("server did not launch correctly",
+ launchServer(BookServerOAuth2JWT.class, true));
+ }
+
+ @AfterClass
+ public static void cleanup() throws Exception {
+ SecurityTestUtil.cleanup();
+ }
+
+ @Parameters(name = "{0}")
+ public static Collection<String> data() {
+
+ return Arrays.asList(PORT, JWT_PORT);
}
@Test
public void testSAML2BearerGrant() throws Exception {
- String address = "https://localhost:" + PORT + "/oauth2/token";
+ String address = "https://localhost:" + port + "/oauth2/token";
WebClient wc = createWebClient(address);
Crypto crypto = new CryptoLoader().loadCrypto(CRYPTO_RESOURCE_PROPERTIES);
SelfSignInfo signInfo = new SelfSignInfo(crypto, "alice", "password");
SamlCallbackHandler samlCallbackHandler = new SamlCallbackHandler(false);
- String audienceURI = "https://localhost:" + PORT + "/oauth2/token";
+ String audienceURI = "https://localhost:" + port + "/oauth2/token";
samlCallbackHandler.setAudience(audienceURI);
SamlAssertionWrapper assertionWrapper = SAMLUtils.createAssertion(samlCallbackHandler,
signInfo);
@@ -102,7 +138,7 @@ public class JAXRSOAuth2Test extends AbstractBusClientServerTestBase {
@Test
public void testSAML2BearerAuthenticationDirect() throws Exception {
- String address = "https://localhost:" + PORT + "/oauth2-auth/token";
+ String address = "https://localhost:" + port + "/oauth2-auth/token";
WebClient wc = createWebClient(address);
Crypto crypto = new CryptoLoader().loadCrypto(CRYPTO_RESOURCE_PROPERTIES);
@@ -110,7 +146,7 @@ public class JAXRSOAuth2Test extends AbstractBusClientServerTestBase {
SamlCallbackHandler samlCallbackHandler = new SamlCallbackHandler(true);
samlCallbackHandler.setIssuer("alice");
- String audienceURI = "https://localhost:" + PORT + "/oauth2-auth/token";
+ String audienceURI = "https://localhost:" + port + "/oauth2-auth/token";
samlCallbackHandler.setAudience(audienceURI);
SamlAssertionWrapper assertionWrapper = SAMLUtils.createAssertion(samlCallbackHandler,
signInfo);
@@ -132,7 +168,7 @@ public class JAXRSOAuth2Test extends AbstractBusClientServerTestBase {
@Test()
public void testConfidentialClientIdOnly() throws Exception {
- String address = "https://localhost:" + PORT + "/oauth2/token";
+ String address = "https://localhost:" + port + "/oauth2/token";
WebClient wc = createWebClient(address);
try {
@@ -148,33 +184,37 @@ public class JAXRSOAuth2Test extends AbstractBusClientServerTestBase {
@Test
public void testConfidentialClientIdAndSecret() throws Exception {
- String address = "https://localhost:" + PORT + "/oauth2/token";
+ String address = "https://localhost:" + port + "/oauth2/token";
WebClient wc = createWebClient(address);
-
+
ClientAccessToken at = OAuthClientUtils.getAccessToken(wc,
new Consumer("fred", "password"),
new CustomGrant(),
false);
assertNotNull(at.getTokenKey());
}
-
+
@Test
public void testPublicClientIdOnly() throws Exception {
- String address = "http://localhost:" + BookServerOAuth2.PORT_PUBLIC + "/oauth2Public/token";
+ String pubPort = PORT_PUBLIC;
+ if (JWT_PORT.equals(port)) {
+ pubPort = JWT_PORT_PUBLIC;
+ }
+ String address = "http://localhost:" + pubPort + "/oauth2Public/token";
WebClient wc = WebClient.create(address);
-
+
ClientAccessToken at = OAuthClientUtils.getAccessToken(wc,
new Consumer("fredPublic"),
new CustomGrant(),
false);
assertNotNull(at.getTokenKey());
}
-
+
@Test
public void testTwoWayTLSAuthenticationCustomGrant() throws Exception {
- String address = "https://localhost:" + PORT + "/oauth2/token";
+ String address = "https://localhost:" + port + "/oauth2/token";
WebClient wc = createWebClient(address);
ClientAccessToken at = OAuthClientUtils.getAccessToken(wc, new CustomGrant());
@@ -183,7 +223,7 @@ public class JAXRSOAuth2Test extends AbstractBusClientServerTestBase {
@Test
public void testBasicAuthClientCred() throws Exception {
- String address = "https://localhost:" + PORT + "/oauth2/token";
+ String address = "https://localhost:" + port + "/oauth2/token";
WebClient wc = createWebClient(address);
ClientCredentialsGrant grant = new ClientCredentialsGrant();
// Pass client_id & client_secret as form properties
@@ -196,8 +236,8 @@ public class JAXRSOAuth2Test extends AbstractBusClientServerTestBase {
} catch (OAuthServiceException ex) {
assertEquals(OAuthConstants.UNAUTHORIZED_CLIENT, ex.getError().getError());
}
-
- ClientAccessToken at = OAuthClientUtils.getAccessToken(wc,
+
+ ClientAccessToken at = OAuthClientUtils.getAccessToken(wc,
new Consumer("bob", "bobPassword"),
new ClientCredentialsGrant(),
true);
@@ -206,7 +246,7 @@ public class JAXRSOAuth2Test extends AbstractBusClientServerTestBase {
@Test
public void testSAML2BearerAuthenticationInterceptor() throws Exception {
- String address = "https://localhost:" + PORT + "/oauth2-auth/token";
+ String address = "https://localhost:" + port + "/oauth2-auth/token";
WebClient wc = createWebClientWithProps(address);
ClientAccessToken at = OAuthClientUtils.getAccessToken(wc,
@@ -216,7 +256,7 @@ public class JAXRSOAuth2Test extends AbstractBusClientServerTestBase {
@Test
public void testJWTBearerGrant() throws Exception {
- String address = "https://localhost:" + PORT + "/oauth2/token";
+ String address = "https://localhost:" + port + "/oauth2/token";
WebClient wc = createWebClient(address);
// Create the JWT Token
@@ -232,7 +272,7 @@ public class JAXRSOAuth2Test extends AbstractBusClientServerTestBase {
@Test
public void testJWTBearerAuthenticationDirect() throws Exception {
- String address = "https://localhost:" + PORT + "/oauth2-auth-jwt/token";
+ String address = "https://localhost:" + port + "/oauth2-auth-jwt/token";
WebClient wc = createWebClient(address);
// Create the JWT Token
@@ -255,10 +295,10 @@ public class JAXRSOAuth2Test extends AbstractBusClientServerTestBase {
@Test
public void testSAML11() throws Exception {
- String address = "https://localhost:" + PORT + "/oauth2-auth/token";
+ String address = "https://localhost:" + port + "/oauth2-auth/token";
WebClient wc = createWebClient(address);
- String audienceURI = "https://localhost:" + PORT + "/oauth2-auth/token";
+ String audienceURI = "https://localhost:" + port + "/oauth2-auth/token";
String assertion = OAuth2TestUtils.createToken(audienceURI, false, true);
String encodedAssertion = Base64UrlUtility.encode(assertion);
@@ -276,10 +316,10 @@ public class JAXRSOAuth2Test extends AbstractBusClientServerTestBase {
@Test
public void testSAMLAudRestr() throws Exception {
- String address = "https://localhost:" + PORT + "/oauth2-auth/token";
+ String address = "https://localhost:" + port + "/oauth2-auth/token";
WebClient wc = createWebClient(address);
- String audienceURI = "https://localhost:" + PORT + "/oauth2-auth/token2";
+ String audienceURI = "https://localhost:" + port + "/oauth2-auth/token2";
String assertion = OAuth2TestUtils.createToken(audienceURI, true, true);
String encodedAssertion = Base64UrlUtility.encode(assertion);
@@ -297,10 +337,10 @@ public class JAXRSOAuth2Test extends AbstractBusClientServerTestBase {
@Test
public void testSAMLBadSubjectName() throws Exception {
- String address = "https://localhost:" + PORT + "/oauth2-auth/token";
+ String address = "https://localhost:" + port + "/oauth2-auth/token";
WebClient wc = createWebClient(address);
- String audienceURI = "https://localhost:" + PORT + "/oauth2-auth/token";
+ String audienceURI = "https://localhost:" + port + "/oauth2-auth/token";
// Create the SAML Assertion
SamlCallbackHandler samlCallbackHandler = new SamlCallbackHandler(true);
@@ -340,10 +380,10 @@ public class JAXRSOAuth2Test extends AbstractBusClientServerTestBase {
@Test
public void testSAMLUnsigned() throws Exception {
- String address = "https://localhost:" + PORT + "/oauth2-auth/token";
+ String address = "https://localhost:" + port + "/oauth2-auth/token";
WebClient wc = createWebClient(address);
- String audienceURI = "https://localhost:" + PORT + "/oauth2-auth/token";
+ String audienceURI = "https://localhost:" + port + "/oauth2-auth/token";
String assertion = OAuth2TestUtils.createToken(audienceURI, true, false);
String encodedAssertion = Base64UrlUtility.encode(assertion);
@@ -361,10 +401,10 @@ public class JAXRSOAuth2Test extends AbstractBusClientServerTestBase {
@Test
public void testSAMLHolderOfKey() throws Exception {
- String address = "https://localhost:" + PORT + "/oauth2-auth/token";
+ String address = "https://localhost:" + port + "/oauth2-auth/token";
WebClient wc = createWebClient(address);
- String audienceURI = "https://localhost:" + PORT + "/oauth2-auth/token";
+ String audienceURI = "https://localhost:" + port + "/oauth2-auth/token";
// Create the SAML Assertion
SamlCallbackHandler samlCallbackHandler = new SamlCallbackHandler(true);
@@ -405,7 +445,7 @@ public class JAXRSOAuth2Test extends AbstractBusClientServerTestBase {
@Test
public void testJWTBadSubjectName() throws Exception {
- String address = "https://localhost:" + PORT + "/oauth2-auth-jwt/token";
+ String address = "https://localhost:" + port + "/oauth2-auth-jwt/token";
WebClient wc = createWebClient(address);
// Create the JWT Token
@@ -426,7 +466,7 @@ public class JAXRSOAuth2Test extends AbstractBusClientServerTestBase {
@Test
public void testJWTUnsigned() throws Exception {
- String address = "https://localhost:" + PORT + "/oauth2-auth-jwt/token";
+ String address = "https://localhost:" + port + "/oauth2-auth-jwt/token";
WebClient wc = createWebClient(address);
// Create the JWT Token
@@ -448,7 +488,7 @@ public class JAXRSOAuth2Test extends AbstractBusClientServerTestBase {
@Test
public void testJWTNoIssuer() throws Exception {
- String address = "https://localhost:" + PORT + "/oauth2-auth-jwt/token";
+ String address = "https://localhost:" + port + "/oauth2-auth-jwt/token";
WebClient wc = createWebClient(address);
// Create the JWT Token
@@ -469,7 +509,7 @@ public class JAXRSOAuth2Test extends AbstractBusClientServerTestBase {
@Test
public void testJWTNoExpiry() throws Exception {
- String address = "https://localhost:" + PORT + "/oauth2-auth-jwt/token";
+ String address = "https://localhost:" + port + "/oauth2-auth-jwt/token";
WebClient wc = createWebClient(address);
// Create the JWT Token
@@ -491,7 +531,7 @@ public class JAXRSOAuth2Test extends AbstractBusClientServerTestBase {
@Test
public void testJWTBadAudienceRestriction() throws Exception {
- String address = "https://localhost:" + PORT + "/oauth2-auth-jwt/token";
+ String address = "https://localhost:" + port + "/oauth2-auth-jwt/token";
WebClient wc = createWebClient(address);
// Create the JWT Token
@@ -540,7 +580,7 @@ public class JAXRSOAuth2Test extends AbstractBusClientServerTestBase {
SamlCallbackHandler samlCallbackHandler = new SamlCallbackHandler(true);
samlCallbackHandler.setIssuer("alice");
- String audienceURI = "https://localhost:" + PORT + "/oauth2-auth/token";
+ String audienceURI = "https://localhost:" + port + "/oauth2-auth/token";
samlCallbackHandler.setAudience(audienceURI);
properties.put(SecurityConstants.SAML_CALLBACK_HANDLER, samlCallbackHandler);
diff --git a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/tls/OAuthDataProviderImpl.java b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/tls/OAuthDataProviderImpl.java
index 55ff852..c8a4391 100644
--- a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/tls/OAuthDataProviderImpl.java
+++ b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/tls/OAuthDataProviderImpl.java
@@ -43,13 +43,13 @@ public class OAuthDataProviderImpl extends DefaultEHCacheCodeDataProvider {
client1.getAllowedGrantTypes().add("custom_grant");
registerCert(client1);
this.setClient(client1);
-
+
Client client2 = new Client("bound",
null,
true,
null,
null);
- client2.getProperties().put(OAuthConstants.TLS_CLIENT_AUTH_SUBJECT_DN,
+ client2.getProperties().put(OAuthConstants.TLS_CLIENT_AUTH_SUBJECT_DN,
"CN=whateverhost.com,OU=Morpit,O=ApacheTest,L=Syracuse,C=US");
client2.getAllowedGrantTypes().add("custom_grant");
this.setClient(client2);
@@ -67,12 +67,12 @@ public class OAuthDataProviderImpl extends DefaultEHCacheCodeDataProvider {
Certificate cert = loadCert();
String encodedCert = Base64Utility.encode(cert.getEncoded());
client.setApplicationCertificates(Collections.singletonList(encodedCert));
-
+
}
private Certificate loadCert() throws Exception {
try (InputStream is = ClassLoaderUtils.getResourceAsStream("keys/Truststore.jks", this.getClass())) {
- return CryptoUtils.loadCertificate(is, new char[]{'p', 'a', 's', 's', 'w', 'o', 'r', 'd'}, "morpit", null);
+ return CryptoUtils.loadCertificate(is, "password".toCharArray(), "morpit", null);
}
}
}
\ No newline at end of file
diff --git a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oidc/OIDCFlowTest.java b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oidc/OIDCFlowTest.java
index 010d483..dca7f12 100644
--- a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oidc/OIDCFlowTest.java
+++ b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oidc/OIDCFlowTest.java
@@ -27,6 +27,8 @@ import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.time.Instant;
+import java.util.Arrays;
+import java.util.Collection;
import java.util.Collections;
import javax.ws.rs.core.Form;
@@ -45,21 +47,36 @@ import org.apache.cxf.rs.security.oauth2.common.ClientAccessToken;
import org.apache.cxf.rs.security.oauth2.common.OAuthAuthorizationData;
import org.apache.cxf.rs.security.oidc.common.IdToken;
import org.apache.cxf.rs.security.oidc.utils.OidcUtils;
+import org.apache.cxf.systest.jaxrs.security.SecurityTestUtil;
import org.apache.cxf.systest.jaxrs.security.oauth2.common.OAuth2TestUtils;
import org.apache.cxf.systest.jaxrs.security.oauth2.common.OAuth2TestUtils.AuthorizationCodeParameters;
import org.apache.cxf.testutil.common.AbstractBusClientServerTestBase;
import org.apache.cxf.testutil.common.TestUtil;
import org.apache.xml.security.utils.ClassLoaderUtils;
+import org.junit.AfterClass;
import org.junit.Assert;
import org.junit.BeforeClass;
+import org.junit.runner.RunWith;
+import org.junit.runners.Parameterized.Parameters;
/**
- * Some unit tests to test the various flows in OpenID Connect.
+ * Some unit tests to test the various flows in OpenID Connect. The tests are run multiple times
+ * with different OAuthDataProvider implementations:
+ * a) PORT - EhCache
+ * b) JWT_PORT - EhCache with useJwtFormatForAccessTokens enabled
*/
+@RunWith(value = org.junit.runners.Parameterized.class)
public class OIDCFlowTest extends AbstractBusClientServerTestBase {
static final String PORT = TestUtil.getPortNumber("jaxrs-oidc");
+ static final String JWT_PORT = TestUtil.getPortNumber("jaxrs-oidc-jwt");
+
+ final String port;
+
+ public OIDCFlowTest(String port) {
+ this.port = port;
+ }
@BeforeClass
public static void startServers() throws Exception {
@@ -69,13 +86,30 @@ public class OIDCFlowTest extends AbstractBusClientServerTestBase {
// set this to false to fork
launchServer(OIDCServer.class, true)
);
+ assertTrue(
+ "Server failed to launch",
+ // run the server in the same process
+ // set this to false to fork
+ launchServer(OIDCServerJWT.class, true)
+ );
+ }
+
+ @AfterClass
+ public static void cleanup() throws Exception {
+ SecurityTestUtil.cleanup();
+ }
+
+ @Parameters(name = "{0}")
+ public static Collection<String> data() {
+
+ return Arrays.asList(PORT, JWT_PORT);
}
@org.junit.Test
public void testAuthorizationCodeFlow() throws Exception {
URL busFile = OIDCFlowTest.class.getResource("client.xml");
- String address = "https://localhost:" + PORT + "/services/";
+ String address = "https://localhost:" + port + "/services/";
WebClient client = WebClient.create(address, OAuth2TestUtils.setupProviders(),
"alice", "security", busFile.toString());
@@ -102,6 +136,10 @@ public class OIDCFlowTest extends AbstractBusClientServerTestBase {
String idToken = accessToken.getParameters().get("id_token");
assertNotNull(idToken);
validateIdToken(idToken, null);
+
+ if (JWT_PORT.equals(port)) {
+ validateAccessToken(accessToken.getTokenKey());
+ }
}
// Authorization Servers MUST support the use of the HTTP GET and POST methods defined in RFC 2616
@@ -110,7 +148,7 @@ public class OIDCFlowTest extends AbstractBusClientServerTestBase {
public void testAuthorizationCodeFlowPOST() throws Exception {
URL busFile = OIDCFlowTest.class.getResource("client.xml");
- String address = "https://localhost:" + PORT + "/services/";
+ String address = "https://localhost:" + port + "/services/";
WebClient client = WebClient.create(address, OAuth2TestUtils.setupProviders(),
"alice", "security", busFile.toString());
@@ -150,6 +188,10 @@ public class OIDCFlowTest extends AbstractBusClientServerTestBase {
String idToken = accessToken.getParameters().get("id_token");
assertNotNull(idToken);
validateIdToken(idToken, null);
+
+ if (JWT_PORT.equals(port)) {
+ validateAccessToken(accessToken.getTokenKey());
+ }
}
// Just a normal OAuth invocation, check it all works ok
@@ -157,7 +199,7 @@ public class OIDCFlowTest extends AbstractBusClientServerTestBase {
public void testAuthorizationCodeOAuth() throws Exception {
URL busFile = OIDCFlowTest.class.getResource("client.xml");
- String address = "https://localhost:" + PORT + "/services/";
+ String address = "https://localhost:" + port + "/services/";
WebClient client = WebClient.create(address, OAuth2TestUtils.setupProviders(),
"alice", "security", busFile.toString());
// Save the Cookie for the second request...
@@ -182,13 +224,17 @@ public class OIDCFlowTest extends AbstractBusClientServerTestBase {
String idToken = accessToken.getParameters().get("id_token");
assertNull(idToken);
assertFalse(accessToken.getApprovedScope().contains("openid"));
+
+ if (JWT_PORT.equals(port)) {
+ validateAccessToken(accessToken.getTokenKey());
+ }
}
@org.junit.Test
public void testAuthorizationCodeFlowWithNonce() throws Exception {
URL busFile = OIDCFlowTest.class.getResource("client.xml");
- String address = "https://localhost:" + PORT + "/services/";
+ String address = "https://localhost:" + port + "/services/";
WebClient client = WebClient.create(address, OAuth2TestUtils.setupProviders(),
"alice", "security", busFile.toString());
// Save the Cookie for the second request...
@@ -215,13 +261,17 @@ public class OIDCFlowTest extends AbstractBusClientServerTestBase {
String idToken = accessToken.getParameters().get("id_token");
assertNotNull(idToken);
validateIdToken(idToken, "123456789");
+
+ if (JWT_PORT.equals(port)) {
+ validateAccessToken(accessToken.getTokenKey());
+ }
}
@org.junit.Test
public void testAuthorizationCodeFlowWithScope() throws Exception {
URL busFile = OIDCFlowTest.class.getResource("client.xml");
- String address = "https://localhost:" + PORT + "/services/";
+ String address = "https://localhost:" + port + "/services/";
WebClient client = WebClient.create(address, OAuth2TestUtils.setupProviders(),
"alice", "security", busFile.toString());
// Save the Cookie for the second request...
@@ -248,13 +298,17 @@ public class OIDCFlowTest extends AbstractBusClientServerTestBase {
String idToken = accessToken.getParameters().get("id_token");
assertNotNull(idToken);
validateIdToken(idToken, null);
+
+ if (JWT_PORT.equals(port)) {
+ validateAccessToken(accessToken.getTokenKey());
+ }
}
@org.junit.Test
public void testAuthorizationCodeFlowWithRefresh() throws Exception {
URL busFile = OIDCFlowTest.class.getResource("client.xml");
- String address = "https://localhost:" + PORT + "/services/";
+ String address = "https://localhost:" + port + "/services/";
WebClient client = WebClient.create(address, OAuth2TestUtils.setupProviders(),
"alice", "security", busFile.toString());
// Save the Cookie for the second request...
@@ -297,13 +351,17 @@ public class OIDCFlowTest extends AbstractBusClientServerTestBase {
assertNotNull(accessToken.getRefreshToken());
accessToken.getParameters().get("id_token");
assertNotNull(idToken);
+
+ if (JWT_PORT.equals(port)) {
+ validateAccessToken(accessToken.getTokenKey());
+ }
}
@org.junit.Test
public void testAuthorizationCodeFlowWithState() throws Exception {
URL busFile = OIDCFlowTest.class.getResource("client.xml");
- String address = "https://localhost:" + PORT + "/services/";
+ String address = "https://localhost:" + port + "/services/";
WebClient client = WebClient.create(address, OAuth2TestUtils.setupProviders(),
"alice", "security", busFile.toString());
// Save the Cookie for the second request...
@@ -330,13 +388,17 @@ public class OIDCFlowTest extends AbstractBusClientServerTestBase {
String idToken = accessToken.getParameters().get("id_token");
assertNotNull(idToken);
validateIdToken(idToken, null);
+
+ if (JWT_PORT.equals(port)) {
+ validateAccessToken(accessToken.getTokenKey());
+ }
}
@org.junit.Test
public void testAuthorizationCodeFlowWithAudience() throws Exception {
URL busFile = OIDCFlowTest.class.getResource("client.xml");
- String address = "https://localhost:" + PORT + "/services/";
+ String address = "https://localhost:" + port + "/services/";
WebClient client = WebClient.create(address, OAuth2TestUtils.setupProviders(),
"alice", "security", busFile.toString());
// Save the Cookie for the second request...
@@ -355,17 +417,21 @@ public class OIDCFlowTest extends AbstractBusClientServerTestBase {
WebClient.getConfig(client).getRequestContext().put(
org.apache.cxf.message.Message.MAINTAIN_SESSION, Boolean.TRUE);
- String audience = "https://localhost:" + PORT + "/secured/bookstore/books";
+ String audience = "https://localhost:" + port + "/secured/bookstore/books";
ClientAccessToken accessToken =
OAuth2TestUtils.getAccessTokenWithAuthorizationCode(client, code, "consumer-id-aud", audience);
assertNotNull(accessToken.getTokenKey());
+
+ if (JWT_PORT.equals(port)) {
+ validateAccessToken(accessToken.getTokenKey());
+ }
}
@org.junit.Test
public void testImplicitFlow() throws Exception {
URL busFile = OIDCFlowTest.class.getResource("client.xml");
- String address = "https://localhost:" + PORT + "/services/";
+ String address = "https://localhost:" + port + "/services/";
WebClient client = WebClient.create(address, OAuth2TestUtils.setupProviders(),
"alice", "security", busFile.toString());
// Save the Cookie for the second request...
@@ -419,6 +485,10 @@ public class OIDCFlowTest extends AbstractBusClientServerTestBase {
Assert.assertNotNull(jwt.getClaims().getClaim(IdToken.ACCESS_TOKEN_HASH_CLAIM));
Assert.assertNotNull(jwt.getClaims().getClaim(IdToken.NONCE_CLAIM));
OidcUtils.validateAccessTokenHash(accessToken, jwt, true);
+
+ if (JWT_PORT.equals(port)) {
+ validateAccessToken(accessToken);
+ }
}
// Authorization Servers MUST support the use of the HTTP GET and POST methods defined in RFC 2616
@@ -427,7 +497,7 @@ public class OIDCFlowTest extends AbstractBusClientServerTestBase {
public void testImplicitFlowPOST() throws Exception {
URL busFile = OIDCFlowTest.class.getResource("client.xml");
- String address = "https://localhost:" + PORT + "/services/";
+ String address = "https://localhost:" + port + "/services/";
WebClient client = WebClient.create(address, OAuth2TestUtils.setupProviders(),
"alice", "security", busFile.toString());
// Save the Cookie for the second request...
@@ -484,13 +554,17 @@ public class OIDCFlowTest extends AbstractBusClientServerTestBase {
Assert.assertNotNull(jwt.getClaims().getClaim(IdToken.ACCESS_TOKEN_HASH_CLAIM));
Assert.assertNotNull(jwt.getClaims().getClaim(IdToken.NONCE_CLAIM));
OidcUtils.validateAccessTokenHash(accessToken, jwt, true);
+
+ if (JWT_PORT.equals(port)) {
+ validateAccessToken(accessToken);
+ }
}
@org.junit.Test
public void testImplicitFlowNoAccessToken() throws Exception {
URL busFile = OIDCFlowTest.class.getResource("client.xml");
- String address = "https://localhost:" + PORT + "/services/";
+ String address = "https://localhost:" + port + "/services/";
WebClient client = WebClient.create(address, OAuth2TestUtils.setupProviders(),
"alice", "security", busFile.toString());
// Save the Cookie for the second request...
@@ -549,7 +623,7 @@ public class OIDCFlowTest extends AbstractBusClientServerTestBase {
public void testHybridCodeIdToken() throws Exception {
URL busFile = OIDCFlowTest.class.getResource("client.xml");
- String address = "https://localhost:" + PORT + "/services/";
+ String address = "https://localhost:" + port + "/services/";
WebClient client = WebClient.create(address, OAuth2TestUtils.setupProviders(),
"alice", "security", busFile.toString());
WebClient.getConfig(client).getHttpConduit().getClient().setReceiveTimeout(100000000);
@@ -601,13 +675,17 @@ public class OIDCFlowTest extends AbstractBusClientServerTestBase {
jwtConsumer = new JwsJwtCompactConsumer(idToken);
jwt = jwtConsumer.getJwtToken();
Assert.assertNotNull(jwt.getClaims().getClaim(IdToken.AUTH_CODE_HASH_CLAIM));
+
+ if (JWT_PORT.equals(port)) {
+ validateAccessToken(accessToken.getTokenKey());
+ }
}
@org.junit.Test
public void testHybridCodeToken() throws Exception {
URL busFile = OIDCFlowTest.class.getResource("client.xml");
- String address = "https://localhost:" + PORT + "/services/";
+ String address = "https://localhost:" + port + "/services/";
WebClient client = WebClient.create(address, OAuth2TestUtils.setupProviders(),
"alice", "security", busFile.toString());
// Save the Cookie for the second request...
@@ -660,13 +738,17 @@ public class OIDCFlowTest extends AbstractBusClientServerTestBase {
JwsJwtCompactConsumer jwtConsumer = new JwsJwtCompactConsumer(idToken);
// returning c_hash in the id_token returned after exchanging the code is optional
Assert.assertNull(jwtConsumer.getJwtClaims().getClaim(IdToken.AUTH_CODE_HASH_CLAIM));
+
+ if (JWT_PORT.equals(port)) {
+ validateAccessToken(accessToken.getTokenKey());
+ }
}
@org.junit.Test
public void testHybridCodeIdTokenToken() throws Exception {
URL busFile = OIDCFlowTest.class.getResource("client.xml");
- String address = "https://localhost:" + PORT + "/services/";
+ String address = "https://localhost:" + port + "/services/";
WebClient client = WebClient.create(address, OAuth2TestUtils.setupProviders(),
"alice", "security", busFile.toString());
// Save the Cookie for the second request...
@@ -707,13 +789,17 @@ public class OIDCFlowTest extends AbstractBusClientServerTestBase {
Assert.assertNotNull(jwt.getClaims().getClaim(IdToken.ACCESS_TOKEN_HASH_CLAIM));
OidcUtils.validateAccessTokenHash(accessToken, jwt, true);
Assert.assertNotNull(jwt.getClaims().getClaim(IdToken.AUTH_CODE_HASH_CLAIM));
+
+ if (JWT_PORT.equals(port)) {
+ validateAccessToken(accessToken);
+ }
}
@org.junit.Test
public void testAuthorizationCodeFlowUnsignedJWT() throws Exception {
URL busFile = OIDCFlowTest.class.getResource("client.xml");
- String address = "https://localhost:" + PORT + "/unsignedjwtservices/";
+ String address = "https://localhost:" + port + "/unsignedjwtservices/";
WebClient client = WebClient.create(address, OAuth2TestUtils.setupProviders(),
"alice", "security", busFile.toString());
// Save the Cookie for the second request...
@@ -724,7 +810,7 @@ public class OIDCFlowTest extends AbstractBusClientServerTestBase {
claims.setIssuer("consumer-id");
claims.setIssuedAt(Instant.now().getEpochSecond());
claims.setAudiences(
- Collections.singletonList("https://localhost:" + PORT + "/unsignedjwtservices/"));
+ Collections.singletonList("https://localhost:" + port + "/unsignedjwtservices/"));
JwsHeaders headers = new JwsHeaders();
headers.setAlgorithm("none");
@@ -751,7 +837,7 @@ public class OIDCFlowTest extends AbstractBusClientServerTestBase {
public void testAuthorizationCodeFlowUnsignedJWTWithState() throws Exception {
URL busFile = OIDCFlowTest.class.getResource("client.xml");
- String address = "https://localhost:" + PORT + "/unsignedjwtservices/";
+ String address = "https://localhost:" + port + "/unsignedjwtservices/";
WebClient client = WebClient.create(address, OAuth2TestUtils.setupProviders(),
"alice", "security", busFile.toString());
// Save the Cookie for the second request...
@@ -762,7 +848,7 @@ public class OIDCFlowTest extends AbstractBusClientServerTestBase {
claims.setIssuer("consumer-id");
claims.setIssuedAt(Instant.now().getEpochSecond());
claims.setAudiences(
- Collections.singletonList("https://localhost:" + PORT + "/unsignedjwtservices/"));
+ Collections.singletonList("https://localhost:" + port + "/unsignedjwtservices/"));
JwsHeaders headers = new JwsHeaders();
headers.setAlgorithm("none");
@@ -790,7 +876,7 @@ public class OIDCFlowTest extends AbstractBusClientServerTestBase {
public void testGetKeys() throws Exception {
URL busFile = OIDCFlowTest.class.getResource("client.xml");
- String address = "https://localhost:" + PORT + "/services/";
+ String address = "https://localhost:" + port + "/services/";
WebClient client = WebClient.create(address, OAuth2TestUtils.setupProviders(),
"alice", "security", busFile.toString());
client.accept("application/json");
@@ -806,7 +892,7 @@ public class OIDCFlowTest extends AbstractBusClientServerTestBase {
public void testAuthorizationCodeFlowWithKey() throws Exception {
URL busFile = OIDCFlowTest.class.getResource("client.xml");
- String address = "https://localhost:" + PORT + "/services/";
+ String address = "https://localhost:" + port + "/services/";
WebClient client = WebClient.create(address, OAuth2TestUtils.setupProviders(),
"alice", "security", busFile.toString());
// Save the Cookie for the second request...
@@ -871,4 +957,24 @@ public class OIDCFlowTest extends AbstractBusClientServerTestBase {
Assert.assertTrue(jwtConsumer.verifySignatureWith((X509Certificate)cert,
SignatureAlgorithm.RS256));
}
+
+ private void validateAccessToken(String accessToken)
+ throws KeyStoreException, NoSuchAlgorithmException, CertificateException, IOException {
+ JwsJwtCompactConsumer jwtConsumer = new JwsJwtCompactConsumer(accessToken);
+ JwtToken jwt = jwtConsumer.getJwtToken();
+
+ // Validate claims
+ Assert.assertNotNull(jwt.getClaim(JwtConstants.CLAIM_SUBJECT));
+ Assert.assertNotNull(jwt.getClaim(JwtConstants.CLAIM_EXPIRY));
+ Assert.assertNotNull(jwt.getClaim(JwtConstants.CLAIM_ISSUED_AT));
+
+ KeyStore keystore = KeyStore.getInstance("JKS");
+ keystore.load(ClassLoaderUtils.getResourceAsStream("keys/alice.jks", this.getClass()),
+ "password".toCharArray());
+ Certificate cert = keystore.getCertificate("alice");
+ Assert.assertNotNull(cert);
+
+ Assert.assertTrue(jwtConsumer.verifySignatureWith((X509Certificate)cert,
+ SignatureAlgorithm.RS256));
+ }
}
diff --git a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oidc/OIDCNegativeServer.java b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oidc/OIDCNegativeServer.java
index 9260a0e..79a2367 100644
--- a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oidc/OIDCNegativeServer.java
+++ b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oidc/OIDCNegativeServer.java
@@ -25,10 +25,8 @@ import org.apache.cxf.Bus;
import org.apache.cxf.BusFactory;
import org.apache.cxf.bus.spring.SpringBusFactory;
import org.apache.cxf.testutil.common.AbstractBusTestServerBase;
-import org.apache.cxf.testutil.common.TestUtil;
public class OIDCNegativeServer extends AbstractBusTestServerBase {
- public static final String PORT = TestUtil.getPortNumber("jaxrs-oidc");
private static final URL SERVER_CONFIG_FILE =
OIDCNegativeServer.class.getResource("oidc-negative-server.xml");
diff --git a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oidc/OIDCServer.java b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oidc/OIDCNegativeServerJWT.java
similarity index 84%
copy from systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oidc/OIDCServer.java
copy to systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oidc/OIDCNegativeServerJWT.java
index 310f0d4..f71756a 100644
--- a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oidc/OIDCServer.java
+++ b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oidc/OIDCNegativeServerJWT.java
@@ -25,12 +25,10 @@ import org.apache.cxf.Bus;
import org.apache.cxf.BusFactory;
import org.apache.cxf.bus.spring.SpringBusFactory;
import org.apache.cxf.testutil.common.AbstractBusTestServerBase;
-import org.apache.cxf.testutil.common.TestUtil;
-public class OIDCServer extends AbstractBusTestServerBase {
- public static final String PORT = TestUtil.getPortNumber("jaxrs-oidc");
+public class OIDCNegativeServerJWT extends AbstractBusTestServerBase {
private static final URL SERVER_CONFIG_FILE =
- OIDCServer.class.getResource("oidc-server.xml");
+ OIDCNegativeServerJWT.class.getResource("oidc-negative-server-jwt.xml");
protected void run() {
SpringBusFactory bf = new SpringBusFactory();
@@ -39,7 +37,7 @@ public class OIDCServer extends AbstractBusTestServerBase {
setBus(springBus);
try {
- new OIDCServer();
+ new OIDCNegativeServerJWT();
} catch (Exception e) {
throw new RuntimeException(e);
}
diff --git a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oidc/OIDCNegativeTest.java b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oidc/OIDCNegativeTest.java
index 4668c58..001ac9b 100644
--- a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oidc/OIDCNegativeTest.java
+++ b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oidc/OIDCNegativeTest.java
@@ -20,6 +20,8 @@ package org.apache.cxf.systest.jaxrs.security.oidc;
import java.net.URL;
import java.time.Instant;
+import java.util.Arrays;
+import java.util.Collection;
import java.util.Collections;
import javax.ws.rs.client.ResponseProcessingException;
@@ -36,20 +38,35 @@ import org.apache.cxf.rs.security.oauth2.common.ClientAccessToken;
import org.apache.cxf.rs.security.oauth2.common.OAuthAuthorizationData;
import org.apache.cxf.rs.security.oidc.common.IdToken;
import org.apache.cxf.rs.security.oidc.common.UserInfo;
+import org.apache.cxf.systest.jaxrs.security.SecurityTestUtil;
import org.apache.cxf.systest.jaxrs.security.oauth2.common.OAuth2TestUtils;
import org.apache.cxf.systest.jaxrs.security.oauth2.common.OAuth2TestUtils.AuthorizationCodeParameters;
import org.apache.cxf.testutil.common.AbstractBusClientServerTestBase;
import org.apache.cxf.testutil.common.TestUtil;
+import org.junit.AfterClass;
import org.junit.Assert;
import org.junit.BeforeClass;
+import org.junit.runner.RunWith;
+import org.junit.runners.Parameterized.Parameters;
/**
- * Some negative tests for OpenID Connect
+ * Some negative tests for OpenID Connect. The tests are run multiple times with different OAuthDataProvider
+ * implementations:
+ * a) PORT - EhCache
+ * b) JWT_PORT - EhCache with useJwtFormatForAccessTokens enabled
*/
+@RunWith(value = org.junit.runners.Parameterized.class)
public class OIDCNegativeTest extends AbstractBusClientServerTestBase {
static final String PORT = TestUtil.getPortNumber("jaxrs-negative-oidc");
+ static final String JWT_PORT = TestUtil.getPortNumber("jaxrs-negative-oidc-jwt");
+
+ final String port;
+
+ public OIDCNegativeTest(String port) {
+ this.port = port;
+ }
@BeforeClass
public static void startServers() throws Exception {
@@ -59,13 +76,30 @@ public class OIDCNegativeTest extends AbstractBusClientServerTestBase {
// set this to false to fork
launchServer(OIDCNegativeServer.class, true)
);
+ assertTrue(
+ "Server failed to launch",
+ // run the server in the same process
+ // set this to false to fork
+ launchServer(OIDCNegativeServerJWT.class, true)
+ );
+ }
+
+ @AfterClass
+ public static void cleanup() throws Exception {
+ SecurityTestUtil.cleanup();
+ }
+
+ @Parameters(name = "{0}")
+ public static Collection<String> data() {
+
+ return Arrays.asList(PORT, JWT_PORT);
}
@org.junit.Test
public void testImplicitFlowPromptNone() throws Exception {
URL busFile = OIDCFlowTest.class.getResource("client.xml");
- String address = "https://localhost:" + PORT + "/services/";
+ String address = "https://localhost:" + port + "/services/";
WebClient client = WebClient.create(address, OAuth2TestUtils.setupProviders(),
"alice", "security", busFile.toString());
// Save the Cookie for the second request...
@@ -96,7 +130,7 @@ public class OIDCNegativeTest extends AbstractBusClientServerTestBase {
public void testImplicitFlowMaxAge() throws Exception {
URL busFile = OIDCFlowTest.class.getResource("client.xml");
- String address = "https://localhost:" + PORT + "/services/";
+ String address = "https://localhost:" + port + "/services/";
WebClient client = WebClient.create(address, OAuth2TestUtils.setupProviders(),
"alice", "security", busFile.toString());
// Save the Cookie for the second request...
@@ -150,7 +184,7 @@ public class OIDCNegativeTest extends AbstractBusClientServerTestBase {
public void testImplicitFlowNoNonce() throws Exception {
URL busFile = OIDCFlowTest.class.getResource("client.xml");
- String address = "https://localhost:" + PORT + "/services/";
+ String address = "https://localhost:" + port + "/services/";
WebClient client = WebClient.create(address, OAuth2TestUtils.setupProviders(),
"alice", "security", busFile.toString());
// Save the Cookie for the second request...
@@ -183,7 +217,7 @@ public class OIDCNegativeTest extends AbstractBusClientServerTestBase {
public void testImplicitFlowNoATHash() throws Exception {
URL busFile = OIDCFlowTest.class.getResource("client.xml");
- String address = "https://localhost:" + PORT + "/services/";
+ String address = "https://localhost:" + port + "/services/";
WebClient client = WebClient.create(address, OAuth2TestUtils.setupProviders(),
"alice", "security", busFile.toString());
// Save the Cookie for the second request...
@@ -237,7 +271,7 @@ public class OIDCNegativeTest extends AbstractBusClientServerTestBase {
public void testJWTRequestNonmatchingResponseType() throws Exception {
URL busFile = OIDCNegativeTest.class.getResource("client.xml");
- String address = "https://localhost:" + PORT + "/unsignedjwtservices/";
+ String address = "https://localhost:" + port + "/unsignedjwtservices/";
WebClient client = WebClient.create(address, OAuth2TestUtils.setupProviders(),
"alice", "security", busFile.toString());
// Save the Cookie for the second request...
@@ -248,7 +282,7 @@ public class OIDCNegativeTest extends AbstractBusClientServerTestBase {
claims.setIssuer("consumer-id");
claims.setIssuedAt(Instant.now().getEpochSecond());
claims.setAudiences(
- Collections.singletonList("https://localhost:" + PORT + "/unsignedjwtservices/"));
+ Collections.singletonList("https://localhost:" + port + "/unsignedjwtservices/"));
claims.setProperty("response_type", "token");
JwsHeaders headers = new JwsHeaders();
@@ -279,7 +313,7 @@ public class OIDCNegativeTest extends AbstractBusClientServerTestBase {
public void testJWTRequestNonmatchingClientId() throws Exception {
URL busFile = OIDCNegativeTest.class.getResource("client.xml");
- String address = "https://localhost:" + PORT + "/unsignedjwtservices/";
+ String address = "https://localhost:" + port + "/unsignedjwtservices/";
WebClient client = WebClient.create(address, OAuth2TestUtils.setupProviders(),
"alice", "security", busFile.toString());
// Save the Cookie for the second request...
@@ -290,7 +324,7 @@ public class OIDCNegativeTest extends AbstractBusClientServerTestBase {
claims.setIssuer("consumer-id");
claims.setIssuedAt(Instant.now().getEpochSecond());
claims.setAudiences(
- Collections.singletonList("https://localhost:" + PORT + "/unsignedjwtservices/"));
+ Collections.singletonList("https://localhost:" + port + "/unsignedjwtservices/"));
claims.setProperty("client_id", "consumer-id2");
JwsHeaders headers = new JwsHeaders();
@@ -321,7 +355,7 @@ public class OIDCNegativeTest extends AbstractBusClientServerTestBase {
public void testUserInfoRefreshToken() throws Exception {
URL busFile = UserInfoTest.class.getResource("client.xml");
- String address = "https://localhost:" + PORT + "/services/";
+ String address = "https://localhost:" + port + "/services/";
WebClient client = WebClient.create(address, OAuth2TestUtils.setupProviders(),
"alice", "security", busFile.toString());
// Save the Cookie for the second request...
@@ -368,7 +402,7 @@ public class OIDCNegativeTest extends AbstractBusClientServerTestBase {
// Now test the UserInfoService.
// The old Access Token should fail
- String userInfoAddress = "https://localhost:" + PORT + "/ui/plain/userinfo";
+ String userInfoAddress = "https://localhost:" + port + "/ui/plain/userinfo";
WebClient userInfoClient = WebClient.create(userInfoAddress, OAuth2TestUtils.setupProviders(),
busFile.toString());
userInfoClient.accept("application/json");
diff --git a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oidc/OIDCServer.java b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oidc/OIDCServer.java
index 310f0d4..58fa860 100644
--- a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oidc/OIDCServer.java
+++ b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oidc/OIDCServer.java
@@ -25,10 +25,8 @@ import org.apache.cxf.Bus;
import org.apache.cxf.BusFactory;
import org.apache.cxf.bus.spring.SpringBusFactory;
import org.apache.cxf.testutil.common.AbstractBusTestServerBase;
-import org.apache.cxf.testutil.common.TestUtil;
public class OIDCServer extends AbstractBusTestServerBase {
- public static final String PORT = TestUtil.getPortNumber("jaxrs-oidc");
private static final URL SERVER_CONFIG_FILE =
OIDCServer.class.getResource("oidc-server.xml");
diff --git a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oidc/OIDCServer.java b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oidc/OIDCServerJWT.java
similarity index 84%
copy from systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oidc/OIDCServer.java
copy to systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oidc/OIDCServerJWT.java
index 310f0d4..58f3989 100644
--- a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oidc/OIDCServer.java
+++ b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oidc/OIDCServerJWT.java
@@ -25,12 +25,10 @@ import org.apache.cxf.Bus;
import org.apache.cxf.BusFactory;
import org.apache.cxf.bus.spring.SpringBusFactory;
import org.apache.cxf.testutil.common.AbstractBusTestServerBase;
-import org.apache.cxf.testutil.common.TestUtil;
-public class OIDCServer extends AbstractBusTestServerBase {
- public static final String PORT = TestUtil.getPortNumber("jaxrs-oidc");
+public class OIDCServerJWT extends AbstractBusTestServerBase {
private static final URL SERVER_CONFIG_FILE =
- OIDCServer.class.getResource("oidc-server.xml");
+ OIDCServerJWT.class.getResource("oidc-server-jwt.xml");
protected void run() {
SpringBusFactory bf = new SpringBusFactory();
@@ -39,7 +37,7 @@ public class OIDCServer extends AbstractBusTestServerBase {
setBus(springBus);
try {
- new OIDCServer();
+ new OIDCServerJWT();
} catch (Exception e) {
throw new RuntimeException(e);
}
diff --git a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oidc/UserInfoServer.java b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oidc/UserInfoServer.java
index f9afbf9..034c745 100644
--- a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oidc/UserInfoServer.java
+++ b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oidc/UserInfoServer.java
@@ -25,10 +25,8 @@ import org.apache.cxf.Bus;
import org.apache.cxf.BusFactory;
import org.apache.cxf.bus.spring.SpringBusFactory;
import org.apache.cxf.testutil.common.AbstractBusTestServerBase;
-import org.apache.cxf.testutil.common.TestUtil;
public class UserInfoServer extends AbstractBusTestServerBase {
- public static final String PORT = TestUtil.getPortNumber("jaxrs-userinfo");
private static final URL SERVER_CONFIG_FILE =
UserInfoServer.class.getResource("userinfo-server.xml");
diff --git a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oidc/OIDCServer.java b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oidc/UserInfoServerJWT.java
similarity index 84%
copy from systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oidc/OIDCServer.java
copy to systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oidc/UserInfoServerJWT.java
index 310f0d4..80ca82a 100644
--- a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oidc/OIDCServer.java
+++ b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oidc/UserInfoServerJWT.java
@@ -25,12 +25,10 @@ import org.apache.cxf.Bus;
import org.apache.cxf.BusFactory;
import org.apache.cxf.bus.spring.SpringBusFactory;
import org.apache.cxf.testutil.common.AbstractBusTestServerBase;
-import org.apache.cxf.testutil.common.TestUtil;
-public class OIDCServer extends AbstractBusTestServerBase {
- public static final String PORT = TestUtil.getPortNumber("jaxrs-oidc");
+public class UserInfoServerJWT extends AbstractBusTestServerBase {
private static final URL SERVER_CONFIG_FILE =
- OIDCServer.class.getResource("oidc-server.xml");
+ UserInfoServerJWT.class.getResource("userinfo-server-jwt.xml");
protected void run() {
SpringBusFactory bf = new SpringBusFactory();
@@ -39,7 +37,7 @@ public class OIDCServer extends AbstractBusTestServerBase {
setBus(springBus);
try {
- new OIDCServer();
+ new UserInfoServerJWT();
} catch (Exception e) {
throw new RuntimeException(e);
}
diff --git a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oidc/UserInfoTest.java b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oidc/UserInfoTest.java
index 9c03cd9..38c26ef 100644
--- a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oidc/UserInfoTest.java
+++ b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oidc/UserInfoTest.java
@@ -27,6 +27,8 @@ import java.security.PrivateKey;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
+import java.util.Arrays;
+import java.util.Collection;
import javax.ws.rs.core.Response;
@@ -40,20 +42,34 @@ import org.apache.cxf.rs.security.jose.jwt.JwtToken;
import org.apache.cxf.rs.security.oauth2.common.ClientAccessToken;
import org.apache.cxf.rs.security.oidc.common.IdToken;
import org.apache.cxf.rs.security.oidc.common.UserInfo;
+import org.apache.cxf.systest.jaxrs.security.SecurityTestUtil;
import org.apache.cxf.systest.jaxrs.security.oauth2.common.OAuth2TestUtils;
import org.apache.cxf.testutil.common.AbstractBusClientServerTestBase;
import org.apache.cxf.testutil.common.TestUtil;
+import org.junit.AfterClass;
import org.junit.Assert;
import org.junit.BeforeClass;
+import org.junit.runner.RunWith;
+import org.junit.runners.Parameterized.Parameters;
/**
* Some unit tests for the UserInfo Service in OpenId Connect. This can be used to return the User's claims given
- * an access token.
+ * an access token. The tests are run multiple times with different OAuthDataProvider implementations:
+ * a) PORT - EhCache
+ * b) JWT_PORT - EhCache with useJwtFormatForAccessTokens enabled
*/
+@RunWith(value = org.junit.runners.Parameterized.class)
public class UserInfoTest extends AbstractBusClientServerTestBase {
static final String PORT = TestUtil.getPortNumber("jaxrs-userinfo");
+ static final String JWT_PORT = TestUtil.getPortNumber("jaxrs-userinfo-jwt");
+
+ final String port;
+
+ public UserInfoTest(String port) {
+ this.port = port;
+ }
@BeforeClass
public static void startServers() throws Exception {
@@ -63,13 +79,30 @@ public class UserInfoTest extends AbstractBusClientServerTestBase {
// set this to false to fork
launchServer(UserInfoServer.class, true)
);
+ assertTrue(
+ "Server failed to launch",
+ // run the server in the same process
+ // set this to false to fork
+ launchServer(UserInfoServerJWT.class, true)
+ );
+ }
+
+ @AfterClass
+ public static void cleanup() throws Exception {
+ SecurityTestUtil.cleanup();
+ }
+
+ @Parameters(name = "{0}")
+ public static Collection<String> data() {
+
+ return Arrays.asList(PORT, JWT_PORT);
}
@org.junit.Test
public void testPlainUserInfo() throws Exception {
URL busFile = UserInfoTest.class.getResource("client.xml");
- String address = "https://localhost:" + PORT + "/services/oidc";
+ String address = "https://localhost:" + port + "/services/oidc";
WebClient client = WebClient.create(address, OAuth2TestUtils.setupProviders(),
"alice", "security", busFile.toString());
@@ -98,7 +131,7 @@ public class UserInfoTest extends AbstractBusClientServerTestBase {
validateIdToken(idToken, null);
// Now invoke on the UserInfo service with the access token
- String userInfoAddress = "https://localhost:" + PORT + "/services/plain/userinfo";
+ String userInfoAddress = "https://localhost:" + port + "/services/plain/userinfo";
WebClient userInfoClient = WebClient.create(userInfoAddress, OAuth2TestUtils.setupProviders(),
busFile.toString());
userInfoClient.accept("application/json");
@@ -118,7 +151,7 @@ public class UserInfoTest extends AbstractBusClientServerTestBase {
public void testSignedUserInfo() throws Exception {
URL busFile = UserInfoTest.class.getResource("client.xml");
- String address = "https://localhost:" + PORT + "/services/oidc";
+ String address = "https://localhost:" + port + "/services/oidc";
WebClient client = WebClient.create(address, OAuth2TestUtils.setupProviders(),
"alice", "security", busFile.toString());
@@ -147,7 +180,7 @@ public class UserInfoTest extends AbstractBusClientServerTestBase {
validateIdToken(idToken, null);
// Now invoke on the UserInfo service with the access token
- String userInfoAddress = "https://localhost:" + PORT + "/services/signed/userinfo";
+ String userInfoAddress = "https://localhost:" + port + "/services/signed/userinfo";
WebClient userInfoClient = WebClient.create(userInfoAddress, OAuth2TestUtils.setupProviders(),
busFile.toString());
userInfoClient.accept("application/jwt");
@@ -179,7 +212,7 @@ public class UserInfoTest extends AbstractBusClientServerTestBase {
public void testEncryptedUserInfo() throws Exception {
URL busFile = UserInfoTest.class.getResource("client.xml");
- String address = "https://localhost:" + PORT + "/services/oidc";
+ String address = "https://localhost:" + port + "/services/oidc";
WebClient client = WebClient.create(address, OAuth2TestUtils.setupProviders(),
"alice", "security", busFile.toString());
@@ -208,7 +241,7 @@ public class UserInfoTest extends AbstractBusClientServerTestBase {
validateIdToken(idToken, null);
// Now invoke on the UserInfo service with the access token
- String userInfoAddress = "https://localhost:" + PORT + "/services/encrypted/userinfo";
+ String userInfoAddress = "https://localhost:" + port + "/services/encrypted/userinfo";
WebClient userInfoClient = WebClient.create(userInfoAddress, OAuth2TestUtils.setupProviders(),
busFile.toString());
userInfoClient.accept("application/jwt");
diff --git a/systests/rs-security/src/test/resources/org/apache/cxf/systest/jaxrs/security/oauth2/grants/grants-negative-server-jwt.xml b/systests/rs-security/src/test/resources/org/apache/cxf/systest/jaxrs/security/oauth2/grants/grants-negative-server-jwt.xml
new file mode 100644
index 0000000..66d1f84
--- /dev/null
+++ b/systests/rs-security/src/test/resources/org/apache/cxf/systest/jaxrs/security/oauth2/grants/grants-negative-server-jwt.xml
@@ -0,0 +1,145 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+Licensed to the Apache Software Foundation (ASF) under one
+or more contributor license agreements. See the NOTICE file
+distributed with this work for additional information
+regarding copyright ownership. The ASF licenses this file
+to you under the Apache License, Version 2.0 (the
+"License"); you may not use this file except in compliance
+with the License. You may obtain a copy of the License at
+
+http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing,
+software distributed under the License is distributed on an
+"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+KIND, either express or implied. See the License for the
+specific language governing permissions and limitations
+under the License.
+-->
+<beans xmlns="http://www.springframework.org/schema/beans"
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xmlns:http="http://cxf.apache.org/transports/http/configuration"
+ xmlns:httpj="http://cxf.apache.org/transports/http-jetty/configuration"
+ xmlns:sec="http://cxf.apache.org/configuration/security"
+ xmlns:cxf="http://cxf.apache.org/core"
+ xmlns:jaxrs="http://cxf.apache.org/jaxrs"
+ xmlns:util="http://www.springframework.org/schema/util"
+ xsi:schemaLocation="http://cxf.apache.org/jaxrs http://cxf.apache.org/schemas/jaxrs.xsd
+ http://cxf.apache.org/core http://cxf.apache.org/schemas/core.xsd
+ http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd
+ http://www.springframework.org/schema/util http://www.springframework.org/schema/util/spring-util-4.2.xsd
+ http://cxf.apache.org/transports/http/configuration http://cxf.apache.org/schemas/configuration/http-conf.xsd
+ http://cxf.apache.org/transports/http-jetty/configuration http://cxf.apache.org/schemas/configuration/http-jetty.xsd
+ http://cxf.apache.org/configuration/security http://cxf.apache.org/schemas/configuration/security.xsd">
+ <bean class="org.springframework.beans.factory.config.PropertyPlaceholderConfigurer"/>
+ <cxf:bus>
+ <cxf:features>
+ <cxf:logging/>
+ </cxf:features>
+ <cxf:properties>
+ <entry key="org.apache.cxf.jaxrs.bus.providers" value-ref="busProviders"/>
+ </cxf:properties>
+ </cxf:bus>
+ <!-- providers -->
+ <util:list id="busProviders">
+ <ref bean="oauthJson"/>
+ </util:list>
+ <bean id="oauthJson" class="org.apache.cxf.rs.security.oauth2.provider.OAuthJSONProvider"/>
+
+ <httpj:engine-factory id="tls-config">
+ <httpj:engine port="${testutil.ports.jaxrs-oauth2-grants-negative-jwt}">
+ <httpj:tlsServerParameters>
+ <sec:keyManagers keyPassword="password">
+ <sec:keyStore type="JKS" password="password" resource="keys/Bethal.jks"/>
+ </sec:keyManagers>
+ <sec:trustManagers>
+ <sec:keyStore type="JKS" password="password" resource="keys/Truststore.jks"/>
+ </sec:trustManagers>
+ <sec:clientAuthentication want="true" required="true"/>
+ </httpj:tlsServerParameters>
+ <httpj:sessionSupport>true</httpj:sessionSupport>
+ </httpj:engine>
+ </httpj:engine-factory>
+
+ <bean id="oauthProvider" class="org.apache.cxf.systest.jaxrs.security.oauth2.common.OAuthDataProviderImpl">
+ <constructor-arg><value>${testutil.ports.jaxrs-oauth2-grants2-negative-jwt}</value></constructor-arg>
+ <property name="useJwtFormatForAccessTokens" value="true"/>
+ </bean>
+
+ <bean id="authorizationService" class="org.apache.cxf.rs.security.oauth2.services.AuthorizationCodeGrantService">
+ <property name="dataProvider" ref="oauthProvider"/>
+ </bean>
+
+ <bean id="implicitService" class="org.apache.cxf.rs.security.oauth2.services.ImplicitGrantService">
+ <property name="dataProvider" ref="oauthProvider"/>
+ </bean>
+
+ <bean id="refreshGrantHandler" class="org.apache.cxf.rs.security.oauth2.grants.refresh.RefreshTokenGrantHandler">
+ <property name="dataProvider" ref="oauthProvider"/>
+ </bean>
+
+ <bean id="callbackHandlerLoginHandler" class="org.apache.cxf.systest.jaxrs.security.oauth2.grants.CallbackHandlerLoginHandler">
+ <property name="callbackHandler" ref="callbackHandler"/>
+ </bean>
+
+ <bean id="passwordGrantHandler" class="org.apache.cxf.rs.security.oauth2.grants.owner.ResourceOwnerGrantHandler">
+ <property name="dataProvider" ref="oauthProvider"/>
+ <property name="loginHandler" ref="callbackHandlerLoginHandler"/>
+ </bean>
+
+ <bean id="clientCredsGrantHandler" class="org.apache.cxf.rs.security.oauth2.grants.clientcred.ClientCredentialsGrantHandler">
+ <property name="dataProvider" ref="oauthProvider"/>
+ </bean>
+
+ <bean id="samlGrantHandler" class="org.apache.cxf.rs.security.oauth2.grants.saml.Saml2BearerGrantHandler">
+ <property name="dataProvider" ref="oauthProvider"/>
+ </bean>
+
+ <bean id="jwtGrantHandler" class="org.apache.cxf.rs.security.oauth2.grants.jwt.JwtBearerGrantHandler">
+ <property name="dataProvider" ref="oauthProvider"/>
+ </bean>
+
+ <bean id="tokenService" class="org.apache.cxf.rs.security.oauth2.services.AccessTokenService">
+ <property name="dataProvider" ref="oauthProvider"/>
+ <property name="grantHandlers">
+ <list>
+ <ref bean="refreshGrantHandler"/>
+ <ref bean="passwordGrantHandler"/>
+ <ref bean="clientCredsGrantHandler"/>
+ <ref bean="samlGrantHandler"/>
+ <ref bean="jwtGrantHandler"/>
+ </list>
+ </property>
+ </bean>
+
+ <bean id="callbackHandler" class="org.apache.cxf.systest.jaxrs.security.oauth2.common.CallbackHandlerImpl"/>
+ <bean id="basicAuthFilter" class="org.apache.cxf.systest.jaxrs.security.oauth2.common.WSS4JBasicAuthFilter">
+ <property name="callbackHandler" ref="callbackHandler"/>
+ </bean>
+
+ <jaxrs:server
+ depends-on="tls-config"
+ address="https://localhost:${testutil.ports.jaxrs-oauth2-grants-negative-jwt}/services">
+ <jaxrs:serviceBeans>
+ <ref bean="authorizationService"/>
+ <ref bean="implicitService"/>
+ <ref bean="tokenService"/>
+ </jaxrs:serviceBeans>
+ <jaxrs:providers>
+ <ref bean="basicAuthFilter"/>
+ </jaxrs:providers>
+ <jaxrs:properties>
+ <entry key="security.signature.properties"
+ value="org/apache/cxf/systest/jaxrs/security/bob.properties"/>
+ <entry key="rs.security.keystore.type" value="jks" />
+ <entry key="rs.security.keystore.alias" value="alice"/>
+ <entry key="rs.security.keystore.password" value="password"/>
+ <entry key="rs.security.key.password" value="password"/>
+ <entry key="rs.security.keystore.file" value="keys/alice.jks" />
+ <entry key="rs.security.signature.algorithm" value="RS256" />
+ </jaxrs:properties>
+ </jaxrs:server>
+
+
+</beans>
diff --git a/systests/rs-security/src/test/resources/org/apache/cxf/systest/jaxrs/security/oauth2/grants/introspection-server-jwt.xml b/systests/rs-security/src/test/resources/org/apache/cxf/systest/jaxrs/security/oauth2/grants/introspection-server-jwt.xml
new file mode 100644
index 0000000..ac918b9
--- /dev/null
+++ b/systests/rs-security/src/test/resources/org/apache/cxf/systest/jaxrs/security/oauth2/grants/introspection-server-jwt.xml
@@ -0,0 +1,135 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+Licensed to the Apache Software Foundation (ASF) under one
+or more contributor license agreements. See the NOTICE file
+distributed with this work for additional information
+regarding copyright ownership. The ASF licenses this file
+to you under the Apache License, Version 2.0 (the
+"License"); you may not use this file except in compliance
+with the License. You may obtain a copy of the License at
+
+http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing,
+software distributed under the License is distributed on an
+"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+KIND, either express or implied. See the License for the
+specific language governing permissions and limitations
+under the License.
+-->
+<beans xmlns="http://www.springframework.org/schema/beans"
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xmlns:http="http://cxf.apache.org/transports/http/configuration"
+ xmlns:httpj="http://cxf.apache.org/transports/http-jetty/configuration"
+ xmlns:sec="http://cxf.apache.org/configuration/security"
+ xmlns:cxf="http://cxf.apache.org/core"
+ xmlns:jaxrs="http://cxf.apache.org/jaxrs"
+ xmlns:util="http://www.springframework.org/schema/util"
+ xsi:schemaLocation="http://cxf.apache.org/jaxrs http://cxf.apache.org/schemas/jaxrs.xsd
+ http://cxf.apache.org/core http://cxf.apache.org/schemas/core.xsd
+ http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd
+ http://www.springframework.org/schema/util http://www.springframework.org/schema/util/spring-util-4.2.xsd
+ http://cxf.apache.org/transports/http/configuration http://cxf.apache.org/schemas/configuration/http-conf.xsd
+ http://cxf.apache.org/transports/http-jetty/configuration http://cxf.apache.org/schemas/configuration/http-jetty.xsd
+ http://cxf.apache.org/configuration/security http://cxf.apache.org/schemas/configuration/security.xsd">
+ <bean class="org.springframework.beans.factory.config.PropertyPlaceholderConfigurer"/>
+ <cxf:bus>
+ <cxf:features>
+ <cxf:logging/>
+ </cxf:features>
+ <cxf:properties>
+ <entry key="org.apache.cxf.jaxrs.bus.providers" value-ref="busProviders"/>
+ </cxf:properties>
+ </cxf:bus>
+ <!-- providers -->
+ <util:list id="busProviders">
+ <ref bean="oauthJson"/>
+ </util:list>
+ <bean id="oauthJson" class="org.apache.cxf.rs.security.oauth2.provider.OAuthJSONProvider"/>
+
+ <httpj:engine-factory id="tls-config">
+ <httpj:engine port="${testutil.ports.jaxrs-oauth2-introspection-jwt}">
+ <httpj:tlsServerParameters>
+ <sec:keyManagers keyPassword="password">
+ <sec:keyStore type="JKS" password="password" resource="keys/Bethal.jks"/>
+ </sec:keyManagers>
+ <sec:trustManagers>
+ <sec:keyStore type="JKS" password="password" resource="keys/Truststore.jks"/>
+ </sec:trustManagers>
+ <sec:clientAuthentication want="true" required="true"/>
+ </httpj:tlsServerParameters>
+ <httpj:sessionSupport>true</httpj:sessionSupport>
+ </httpj:engine>
+ </httpj:engine-factory>
+
+ <bean id="oauthProvider" class="org.apache.cxf.systest.jaxrs.security.oauth2.common.OAuthDataProviderImpl">
+ <constructor-arg><value>${testutil.ports.jaxrs-oauth2-introspection2-jwt}</value></constructor-arg>
+ <property name="useJwtFormatForAccessTokens" value="true"/>
+ </bean>
+
+ <bean id="authorizationService" class="org.apache.cxf.rs.security.oauth2.services.AuthorizationCodeGrantService">
+ <property name="dataProvider" ref="oauthProvider"/>
+ </bean>
+
+ <bean id="refreshGrantHandler" class="org.apache.cxf.rs.security.oauth2.grants.refresh.RefreshTokenGrantHandler">
+ <property name="dataProvider" ref="oauthProvider"/>
+ </bean>
+
+ <bean id="callbackHandlerLoginHandler" class="org.apache.cxf.systest.jaxrs.security.oauth2.grants.CallbackHandlerLoginHandler">
+ <property name="callbackHandler" ref="callbackHandler"/>
+ </bean>
+
+ <bean id="passwordGrantHandler" class="org.apache.cxf.rs.security.oauth2.grants.owner.ResourceOwnerGrantHandler">
+ <property name="dataProvider" ref="oauthProvider"/>
+ <property name="loginHandler" ref="callbackHandlerLoginHandler"/>
+ </bean>
+
+ <bean id="clientCredsGrantHandler" class="org.apache.cxf.rs.security.oauth2.grants.clientcred.ClientCredentialsGrantHandler">
+ <property name="dataProvider" ref="oauthProvider"/>
+ </bean>
+
+ <bean id="tokenService" class="org.apache.cxf.rs.security.oauth2.services.AccessTokenService">
+ <property name="dataProvider" ref="oauthProvider"/>
+ <property name="grantHandlers">
+ <list>
+ <ref bean="refreshGrantHandler"/>
+ <ref bean="passwordGrantHandler"/>
+ <ref bean="clientCredsGrantHandler"/>
+ </list>
+ </property>
+ </bean>
+
+ <bean id="tokenIntrospectionService" class="org.apache.cxf.rs.security.oauth2.services.TokenIntrospectionService">
+ <property name="dataProvider" ref="oauthProvider"/>
+ </bean>
+
+ <bean id="callbackHandler" class="org.apache.cxf.systest.jaxrs.security.oauth2.common.CallbackHandlerImpl"/>
+ <bean id="basicAuthFilter" class="org.apache.cxf.systest.jaxrs.security.oauth2.common.WSS4JBasicAuthFilter">
+ <property name="callbackHandler" ref="callbackHandler"/>
+ </bean>
+
+ <jaxrs:server
+ depends-on="tls-config"
+ address="https://localhost:${testutil.ports.jaxrs-oauth2-introspection-jwt}/services">
+ <jaxrs:serviceBeans>
+ <ref bean="authorizationService"/>
+ <ref bean="tokenService"/>
+ <ref bean="tokenIntrospectionService"/>
+ </jaxrs:serviceBeans>
+ <jaxrs:providers>
+ <ref bean="basicAuthFilter"/>
+ </jaxrs:providers>
+ <jaxrs:properties>
+ <entry key="security.signature.properties"
+ value="org/apache/cxf/systest/jaxrs/security/bob.properties"/>
+ <entry key="rs.security.keystore.type" value="jks" />
+ <entry key="rs.security.keystore.alias" value="alice"/>
+ <entry key="rs.security.keystore.password" value="password"/>
+ <entry key="rs.security.key.password" value="password"/>
+ <entry key="rs.security.keystore.file" value="keys/alice.jks" />
+ <entry key="rs.security.signature.algorithm" value="RS256" />
+ </jaxrs:properties>
+ </jaxrs:server>
+
+
+</beans>
diff --git a/systests/rs-security/src/test/resources/org/apache/cxf/systest/jaxrs/security/oauth2/grants/server-jwt.xml b/systests/rs-security/src/test/resources/org/apache/cxf/systest/jaxrs/security/oauth2/grants/server-jwt.xml
new file mode 100644
index 0000000..8431628
--- /dev/null
+++ b/systests/rs-security/src/test/resources/org/apache/cxf/systest/jaxrs/security/oauth2/grants/server-jwt.xml
@@ -0,0 +1,164 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+Licensed to the Apache Software Foundation (ASF) under one
+or more contributor license agreements. See the NOTICE file
+distributed with this work for additional information
+regarding copyright ownership. The ASF licenses this file
+to you under the Apache License, Version 2.0 (the
+"License"); you may not use this file except in compliance
+with the License. You may obtain a copy of the License at
+
+http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing,
+software distributed under the License is distributed on an
+"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+KIND, either express or implied. See the License for the
+specific language governing permissions and limitations
+under the License.
+-->
+<beans xmlns="http://www.springframework.org/schema/beans"
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xmlns:http="http://cxf.apache.org/transports/http/configuration"
+ xmlns:httpj="http://cxf.apache.org/transports/http-jetty/configuration"
+ xmlns:sec="http://cxf.apache.org/configuration/security"
+ xmlns:cxf="http://cxf.apache.org/core"
+ xmlns:jaxrs="http://cxf.apache.org/jaxrs"
+ xmlns:util="http://www.springframework.org/schema/util"
+ xsi:schemaLocation="http://cxf.apache.org/jaxrs http://cxf.apache.org/schemas/jaxrs.xsd
+ http://cxf.apache.org/core http://cxf.apache.org/schemas/core.xsd
+ http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd
+ http://www.springframework.org/schema/util http://www.springframework.org/schema/util/spring-util-4.2.xsd
+ http://cxf.apache.org/transports/http/configuration http://cxf.apache.org/schemas/configuration/http-conf.xsd
+ http://cxf.apache.org/transports/http-jetty/configuration http://cxf.apache.org/schemas/configuration/http-jetty.xsd
+ http://cxf.apache.org/configuration/security http://cxf.apache.org/schemas/configuration/security.xsd">
+ <bean class="org.springframework.beans.factory.config.PropertyPlaceholderConfigurer"/>
+ <cxf:bus>
+ <cxf:features>
+ <cxf:logging/>
+ </cxf:features>
+ <cxf:properties>
+ <entry key="org.apache.cxf.jaxrs.bus.providers" value-ref="busProviders"/>
+ </cxf:properties>
+ </cxf:bus>
+ <!-- providers -->
+ <util:list id="busProviders">
+ <ref bean="oauthJson"/>
+ </util:list>
+ <httpj:engine-factory id="port-9095-tls-config">
+ <httpj:engine port="${testutil.ports.jaxrs-oauth2-jwt}">
+ <httpj:tlsServerParameters>
+ <sec:keyManagers keyPassword="password">
+ <sec:keyStore type="JKS" password="password" resource="keys/Bethal.jks"/>
+ </sec:keyManagers>
+ <sec:trustManagers>
+ <sec:keyStore type="JKS" password="password" resource="keys/Truststore.jks"/>
+ </sec:trustManagers>
+ <sec:clientAuthentication want="true" required="true"/>
+ </httpj:tlsServerParameters>
+ </httpj:engine>
+ </httpj:engine-factory>
+ <bean id="dataProvider" class="org.apache.cxf.systest.jaxrs.security.oauth2.common.OAuthDataProviderImpl">
+ <constructor-arg><value>12345</value></constructor-arg>
+ <property name="useJwtFormatForAccessTokens" value="true"/>
+ </bean>
+ <bean id="samlGrantHandler" class="org.apache.cxf.rs.security.oauth2.grants.saml.Saml2BearerGrantHandler">
+ <property name="dataProvider" ref="dataProvider"/>
+ </bean>
+ <bean id="jwtGrantHandler" class="org.apache.cxf.rs.security.oauth2.grants.jwt.JwtBearerGrantHandler">
+ <property name="dataProvider" ref="dataProvider"/>
+ </bean>
+
+ <bean id="samlAuthHandler" class="org.apache.cxf.rs.security.oauth2.auth.saml.Saml2BearerAuthHandler"/>
+ <bean id="jwtAuthHandler" class="org.apache.cxf.rs.security.oauth2.grants.jwt.JwtBearerAuthHandler"/>
+
+ <bean id="customGrantHandler" class="org.apache.cxf.systest.jaxrs.security.oauth2.grants.CustomGrantHandler">
+ <property name="dataProvider" ref="dataProvider"/>
+ </bean>
+ <bean id="clientCredGrantHandler" class="org.apache.cxf.rs.security.oauth2.grants.clientcred.ClientCredentialsGrantHandler">
+ <property name="dataProvider" ref="dataProvider"/>
+ </bean>
+ <bean id="oauthJson" class="org.apache.cxf.rs.security.oauth2.provider.OAuthJSONProvider"/>
+ <bean id="serviceBean" class="org.apache.cxf.rs.security.oauth2.services.AccessTokenService">
+ <property name="dataProvider" ref="dataProvider"/>
+ <property name="grantHandlers">
+ <list>
+ <ref bean="samlGrantHandler"/>
+ <ref bean="jwtGrantHandler"/>
+ <ref bean="customGrantHandler"/>
+ <ref bean="clientCredGrantHandler"/>
+ </list>
+ </property>
+ <property name="canSupportPublicClients" value="true"/>
+ </bean>
+ <bean id="serviceBeanPublic" class="org.apache.cxf.rs.security.oauth2.services.AccessTokenService">
+ <property name="dataProvider" ref="dataProvider"/>
+ <property name="grantHandlers">
+ <list>
+ <ref bean="customGrantHandler"/>
+ </list>
+ </property>
+ <property name="canSupportPublicClients" value="true"/>
+ </bean>
+ <jaxrs:server address="https://localhost:${testutil.ports.jaxrs-oauth2-jwt}/oauth2">
+ <jaxrs:serviceBeans>
+ <ref bean="serviceBean"/>
+ </jaxrs:serviceBeans>
+ <jaxrs:properties>
+ <entry key="security.signature.properties" value="org/apache/cxf/systest/jaxrs/security/alice.properties"/>
+ <entry key="rs.security.keystore.type" value="jks" />
+ <entry key="rs.security.keystore.alias" value="alice"/>
+ <entry key="rs.security.keystore.password" value="password"/>
+ <entry key="rs.security.key.password" value="password"/>
+ <entry key="rs.security.keystore.file" value="keys/alice.jks" />
+ <entry key="rs.security.signature.algorithm" value="RS256" />
+ </jaxrs:properties>
+ </jaxrs:server>
+ <jaxrs:server address="http://localhost:${testutil.ports.jaxrs-oauth2-public-jwt}/oauth2Public">
+ <jaxrs:serviceBeans>
+ <ref bean="serviceBeanPublic"/>
+ </jaxrs:serviceBeans>
+ <jaxrs:properties>
+ <entry key="security.signature.properties" value="org/apache/cxf/systest/jaxrs/security/alice.properties"/>
+ <entry key="rs.security.keystore.type" value="jks" />
+ <entry key="rs.security.keystore.alias" value="alice"/>
+ <entry key="rs.security.keystore.password" value="password"/>
+ <entry key="rs.security.key.password" value="password"/>
+ <entry key="rs.security.keystore.file" value="keys/alice.jks" />
+ <entry key="rs.security.signature.algorithm" value="RS256" />
+ </jaxrs:properties>
+ </jaxrs:server>
+ <jaxrs:server address="https://localhost:${testutil.ports.jaxrs-oauth2-jwt}/oauth2-auth">
+ <jaxrs:serviceBeans>
+ <ref bean="serviceBean"/>
+ </jaxrs:serviceBeans>
+ <jaxrs:providers>
+ <ref bean="samlAuthHandler"/>
+ </jaxrs:providers>
+ <jaxrs:properties>
+ <entry key="security.signature.properties" value="org/apache/cxf/systest/jaxrs/security/alice.properties"/>
+ <entry key="rs.security.keystore.type" value="jks" />
+ <entry key="rs.security.keystore.alias" value="alice"/>
+ <entry key="rs.security.keystore.password" value="password"/>
+ <entry key="rs.security.key.password" value="password"/>
+ <entry key="rs.security.keystore.file" value="keys/alice.jks" />
+ <entry key="rs.security.signature.algorithm" value="RS256" />
+ </jaxrs:properties>
+ </jaxrs:server>
+ <jaxrs:server address="https://localhost:${testutil.ports.jaxrs-oauth2-jwt}/oauth2-auth-jwt">
+ <jaxrs:serviceBeans>
+ <ref bean="serviceBean"/>
+ </jaxrs:serviceBeans>
+ <jaxrs:providers>
+ <ref bean="jwtAuthHandler"/>
+ </jaxrs:providers>
+ <jaxrs:properties>
+ <entry key="rs.security.keystore.type" value="jks" />
+ <entry key="rs.security.keystore.alias" value="alice"/>
+ <entry key="rs.security.keystore.password" value="password"/>
+ <entry key="rs.security.key.password" value="password"/>
+ <entry key="rs.security.keystore.file" value="keys/alice.jks" />
+ <entry key="rs.security.signature.algorithm" value="RS256" />
+ </jaxrs:properties>
+ </jaxrs:server>
+</beans>
diff --git a/systests/rs-security/src/test/resources/org/apache/cxf/systest/jaxrs/security/oidc/oidc-negative-server-jwt.xml b/systests/rs-security/src/test/resources/org/apache/cxf/systest/jaxrs/security/oidc/oidc-negative-server-jwt.xml
new file mode 100644
index 0000000..b1430d8
--- /dev/null
+++ b/systests/rs-security/src/test/resources/org/apache/cxf/systest/jaxrs/security/oidc/oidc-negative-server-jwt.xml
@@ -0,0 +1,184 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+Licensed to the Apache Software Foundation (ASF) under one
+or more contributor license agreements. See the NOTICE file
+distributed with this work for additional information
+regarding copyright ownership. The ASF licenses this file
+to you under the Apache License, Version 2.0 (the
+"License"); you may not use this file except in compliance
+with the License. You may obtain a copy of the License at
+
+http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing,
+software distributed under the License is distributed on an
+"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+KIND, either express or implied. See the License for the
+specific language governing permissions and limitations
+under the License.
+-->
+<beans xmlns="http://www.springframework.org/schema/beans"
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xmlns:http="http://cxf.apache.org/transports/http/configuration"
+ xmlns:httpj="http://cxf.apache.org/transports/http-jetty/configuration"
+ xmlns:sec="http://cxf.apache.org/configuration/security"
+ xmlns:cxf="http://cxf.apache.org/core"
+ xmlns:jaxrs="http://cxf.apache.org/jaxrs"
+ xmlns:util="http://www.springframework.org/schema/util"
+ xsi:schemaLocation="http://cxf.apache.org/jaxrs http://cxf.apache.org/schemas/jaxrs.xsd
+ http://cxf.apache.org/core http://cxf.apache.org/schemas/core.xsd
+ http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd
+ http://www.springframework.org/schema/util http://www.springframework.org/schema/util/spring-util-4.2.xsd
+ http://cxf.apache.org/transports/http/configuration http://cxf.apache.org/schemas/configuration/http-conf.xsd
+ http://cxf.apache.org/transports/http-jetty/configuration http://cxf.apache.org/schemas/configuration/http-jetty.xsd
+ http://cxf.apache.org/configuration/security http://cxf.apache.org/schemas/configuration/security.xsd">
+ <bean class="org.springframework.beans.factory.config.PropertyPlaceholderConfigurer"/>
+ <cxf:bus>
+ <cxf:features>
+ <cxf:logging/>
+ </cxf:features>
+ <cxf:properties>
+ <entry key="org.apache.cxf.jaxrs.bus.providers" value-ref="busProviders"/>
+ </cxf:properties>
+ </cxf:bus>
+ <!-- providers -->
+ <util:list id="busProviders">
+ <ref bean="oauthJson"/>
+ </util:list>
+ <bean id="oauthJson" class="org.apache.cxf.rs.security.oauth2.provider.OAuthJSONProvider"/>
+
+ <httpj:engine-factory id="tls-config">
+ <httpj:engine port="${testutil.ports.jaxrs-negative-oidc-jwt}">
+ <httpj:tlsServerParameters>
+ <sec:keyManagers keyPassword="password">
+ <sec:keyStore type="JKS" password="password" resource="keys/Bethal.jks"/>
+ </sec:keyManagers>
+ <sec:trustManagers>
+ <sec:keyStore type="JKS" password="password" resource="keys/Truststore.jks"/>
+ </sec:trustManagers>
+ <sec:clientAuthentication want="false" required="false"/>
+ </httpj:tlsServerParameters>
+ <httpj:sessionSupport>true</httpj:sessionSupport>
+ </httpj:engine>
+ </httpj:engine-factory>
+
+ <bean id="oauthProvider" class="org.apache.cxf.systest.jaxrs.security.oauth2.common.OAuthDataProviderImpl">
+ <constructor-arg><value>${testutil.ports.jaxrs-negative-oidc-jwt}</value></constructor-arg>
+ <property name="useJwtFormatForAccessTokens" value="true"/>
+ </bean>
+
+ <bean id="authorizationService" class="org.apache.cxf.rs.security.oidc.idp.OidcAuthorizationCodeService">
+ <property name="dataProvider" ref="oauthProvider"/>
+ </bean>
+
+ <bean id="implicitService" class="org.apache.cxf.rs.security.oidc.idp.OidcImplicitService">
+ <property name="dataProvider" ref="oauthProvider"/>
+ <property name="responseFilter" ref="idTokenFilter"/>
+ <property name="idTokenProvider" ref="idTokenProviderImpl"/>
+ </bean>
+
+ <bean id="refreshGrantHandler" class="org.apache.cxf.rs.security.oauth2.grants.refresh.RefreshTokenGrantHandler">
+ <property name="dataProvider" ref="oauthProvider"/>
+ </bean>
+
+ <bean id="idTokenProviderImpl" class="org.apache.cxf.systest.jaxrs.security.oidc.IdTokenProviderImpl"/>
+
+ <bean id="idTokenFilter" class="org.apache.cxf.rs.security.oidc.idp.IdTokenResponseFilter">
+ <property name="idTokenProvider" ref="idTokenProviderImpl"/>
+ </bean>
+
+ <bean id="tokenService" class="org.apache.cxf.rs.security.oauth2.services.AccessTokenService">
+ <property name="dataProvider" ref="oauthProvider"/>
+ <property name="grantHandlers">
+ <list>
+ <ref bean="refreshGrantHandler"/>
+ </list>
+ </property>
+ <property name="responseFilter" ref="idTokenFilter"/>
+ </bean>
+
+ <bean id="hybridService" class="org.apache.cxf.rs.security.oidc.idp.OidcHybridService">
+ <property name="dataProvider" ref="oauthProvider"/>
+ <property name="responseFilter" ref="idTokenFilter"/>
+ <property name="idTokenProvider" ref="idTokenProviderImpl"/>
+ <property name="codeService" ref="authorizationService"/>
+ </bean>
+
+ <bean id="callbackHandler" class="org.apache.cxf.systest.jaxrs.security.oauth2.common.CallbackHandlerImpl"/>
+ <bean id="basicAuthFilter" class="org.apache.cxf.systest.jaxrs.security.oauth2.common.WSS4JBasicAuthFilter">
+ <property name="callbackHandler" ref="callbackHandler"/>
+ </bean>
+
+ <bean id="oidcKeysService" class="org.apache.cxf.rs.security.oidc.idp.OidcKeysService"/>
+
+ <jaxrs:server
+ depends-on="tls-config"
+ address="https://localhost:${testutil.ports.jaxrs-negative-oidc-jwt}/services">
+ <jaxrs:serviceBeans>
+ <ref bean="authorizationService"/>
+ <ref bean="hybridService"/>
+ <ref bean="implicitService"/>
+ <ref bean="tokenService"/>
+ <ref bean="oidcKeysService"/>
+ </jaxrs:serviceBeans>
+ <jaxrs:providers>
+ <ref bean="basicAuthFilter"/>
+ <bean class="org.apache.cxf.rs.security.jose.jaxrs.JsonWebKeysProvider"/>
+ </jaxrs:providers>
+ <jaxrs:properties>
+ <entry key="rs.security.keystore.type" value="jks" />
+ <entry key="rs.security.keystore.alias" value="alice"/>
+ <entry key="rs.security.keystore.password" value="password"/>
+ <entry key="rs.security.key.password" value="password"/>
+ <entry key="rs.security.keystore.file" value="keys/alice.jks" />
+ <entry key="rs.security.signature.algorithm" value="RS256" />
+ </jaxrs:properties>
+ </jaxrs:server>
+
+ <bean id="jwtRequestFilter" class="org.apache.cxf.rs.security.oauth2.grants.code.JwtRequestCodeFilter"/>
+
+ <bean id="jwtAuthorizationService" class="org.apache.cxf.rs.security.oauth2.services.AuthorizationCodeGrantService">
+ <property name="dataProvider" ref="oauthProvider"/>
+ <property name="authorizationFilter" ref="jwtRequestFilter"/>
+ </bean>
+
+ <jaxrs:server
+ depends-on="tls-config"
+ address="https://localhost:${testutil.ports.jaxrs-negative-oidc-jwt}/unsignedjwtservices">
+ <jaxrs:serviceBeans>
+ <ref bean="jwtAuthorizationService"/>
+ </jaxrs:serviceBeans>
+ <jaxrs:providers>
+ <ref bean="basicAuthFilter"/>
+ </jaxrs:providers>
+ <jaxrs:properties>
+ <entry key="rs.security.signature.algorithm" value="none" />
+ </jaxrs:properties>
+ </jaxrs:server>
+
+ <bean id="oAuthFilter" class="org.apache.cxf.rs.security.oauth2.filters.OAuthRequestFilter">
+ <property name="dataProvider" ref="oauthProvider"/>
+ </bean>
+
+ <bean id="userInfoProvider" class="org.apache.cxf.systest.jaxrs.security.oidc.UserInfoProviderImpl" />
+
+ <bean id="userInfoService" class="org.apache.cxf.rs.security.oidc.idp.UserInfoService">
+ <property name="userInfoProvider" ref="userInfoProvider"/>
+ <property name="jwsRequired" value="false"/>
+ </bean>
+
+ <bean id="jsonProvider" class="org.apache.cxf.jaxrs.provider.json.JsonMapObjectProvider"/>
+
+ <jaxrs:server
+ depends-on="tls-config"
+ address="https://localhost:${testutil.ports.jaxrs-negative-oidc-jwt}/ui/plain">
+ <jaxrs:serviceBeans>
+ <ref bean="userInfoService"/>
+ </jaxrs:serviceBeans>
+ <jaxrs:providers>
+ <ref bean="oAuthFilter"/>
+ <ref bean="jsonProvider"/>
+ </jaxrs:providers>
+ </jaxrs:server>
+
+</beans>
diff --git a/systests/rs-security/src/test/resources/org/apache/cxf/systest/jaxrs/security/oidc/oidc-server-jwt.xml b/systests/rs-security/src/test/resources/org/apache/cxf/systest/jaxrs/security/oidc/oidc-server-jwt.xml
new file mode 100644
index 0000000..e12812a
--- /dev/null
+++ b/systests/rs-security/src/test/resources/org/apache/cxf/systest/jaxrs/security/oidc/oidc-server-jwt.xml
@@ -0,0 +1,159 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+Licensed to the Apache Software Foundation (ASF) under one
+or more contributor license agreements. See the NOTICE file
+distributed with this work for additional information
+regarding copyright ownership. The ASF licenses this file
+to you under the Apache License, Version 2.0 (the
+"License"); you may not use this file except in compliance
+with the License. You may obtain a copy of the License at
+
+http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing,
+software distributed under the License is distributed on an
+"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+KIND, either express or implied. See the License for the
+specific language governing permissions and limitations
+under the License.
+-->
+<beans xmlns="http://www.springframework.org/schema/beans"
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xmlns:http="http://cxf.apache.org/transports/http/configuration"
+ xmlns:httpj="http://cxf.apache.org/transports/http-jetty/configuration"
+ xmlns:sec="http://cxf.apache.org/configuration/security"
+ xmlns:cxf="http://cxf.apache.org/core"
+ xmlns:jaxrs="http://cxf.apache.org/jaxrs"
+ xmlns:util="http://www.springframework.org/schema/util"
+ xsi:schemaLocation="http://cxf.apache.org/jaxrs http://cxf.apache.org/schemas/jaxrs.xsd
+ http://cxf.apache.org/core http://cxf.apache.org/schemas/core.xsd
+ http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd
+ http://www.springframework.org/schema/util http://www.springframework.org/schema/util/spring-util-4.2.xsd
+ http://cxf.apache.org/transports/http/configuration http://cxf.apache.org/schemas/configuration/http-conf.xsd
+ http://cxf.apache.org/transports/http-jetty/configuration http://cxf.apache.org/schemas/configuration/http-jetty.xsd
+ http://cxf.apache.org/configuration/security http://cxf.apache.org/schemas/configuration/security.xsd">
+ <bean class="org.springframework.beans.factory.config.PropertyPlaceholderConfigurer"/>
+ <cxf:bus>
+ <cxf:features>
+ <cxf:logging/>
+ </cxf:features>
+ <cxf:properties>
+ <entry key="org.apache.cxf.jaxrs.bus.providers" value-ref="busProviders"/>
+ </cxf:properties>
+ </cxf:bus>
+ <!-- providers -->
+ <util:list id="busProviders">
+ <ref bean="oauthJson"/>
+ </util:list>
+ <bean id="oauthJson" class="org.apache.cxf.rs.security.oauth2.provider.OAuthJSONProvider"/>
+
+ <httpj:engine-factory id="tls-config">
+ <httpj:engine port="${testutil.ports.jaxrs-oidc-jwt}">
+ <httpj:tlsServerParameters>
+ <sec:keyManagers keyPassword="password">
+ <sec:keyStore type="JKS" password="password" resource="keys/Bethal.jks"/>
+ </sec:keyManagers>
+ <sec:trustManagers>
+ <sec:keyStore type="JKS" password="password" resource="keys/Truststore.jks"/>
+ </sec:trustManagers>
+ <sec:clientAuthentication want="false" required="false"/>
+ </httpj:tlsServerParameters>
+ <httpj:sessionSupport>true</httpj:sessionSupport>
+ </httpj:engine>
+ </httpj:engine-factory>
+
+ <bean id="oauthProvider" class="org.apache.cxf.systest.jaxrs.security.oauth2.common.OAuthDataProviderImpl">
+ <constructor-arg><value>${testutil.ports.jaxrs-oidc-jwt}</value></constructor-arg>
+ <property name="useJwtFormatForAccessTokens" value="true"/>
+ </bean>
+
+ <bean id="authorizationService" class="org.apache.cxf.rs.security.oidc.idp.OidcAuthorizationCodeService">
+ <property name="dataProvider" ref="oauthProvider"/>
+ </bean>
+
+ <bean id="implicitService" class="org.apache.cxf.rs.security.oidc.idp.OidcImplicitService">
+ <property name="dataProvider" ref="oauthProvider"/>
+ <property name="responseFilter" ref="idTokenFilter"/>
+ <property name="idTokenProvider" ref="idTokenProviderImpl"/>
+ </bean>
+
+ <bean id="refreshGrantHandler" class="org.apache.cxf.rs.security.oauth2.grants.refresh.RefreshTokenGrantHandler">
+ <property name="dataProvider" ref="oauthProvider"/>
+ </bean>
+
+ <bean id="idTokenProviderImpl" class="org.apache.cxf.systest.jaxrs.security.oidc.IdTokenProviderImpl"/>
+
+ <bean id="idTokenFilter" class="org.apache.cxf.rs.security.oidc.idp.IdTokenResponseFilter">
+ <property name="idTokenProvider" ref="idTokenProviderImpl"/>
+ </bean>
+
+ <bean id="tokenService" class="org.apache.cxf.rs.security.oauth2.services.AccessTokenService">
+ <property name="dataProvider" ref="oauthProvider"/>
+ <property name="grantHandlers">
+ <list>
+ <ref bean="refreshGrantHandler"/>
+ </list>
+ </property>
+ <property name="responseFilter" ref="idTokenFilter"/>
+ </bean>
+
+ <bean id="hybridService" class="org.apache.cxf.rs.security.oidc.idp.OidcHybridService">
+ <property name="dataProvider" ref="oauthProvider"/>
+ <property name="responseFilter" ref="idTokenFilter"/>
+ <property name="idTokenProvider" ref="idTokenProviderImpl"/>
+ <property name="codeService" ref="authorizationService"/>
+ </bean>
+
+ <bean id="callbackHandler" class="org.apache.cxf.systest.jaxrs.security.oauth2.common.CallbackHandlerImpl"/>
+ <bean id="basicAuthFilter" class="org.apache.cxf.systest.jaxrs.security.oauth2.common.WSS4JBasicAuthFilter">
+ <property name="callbackHandler" ref="callbackHandler"/>
+ </bean>
+
+ <bean id="oidcKeysService" class="org.apache.cxf.rs.security.oidc.idp.OidcKeysService"/>
+
+ <jaxrs:server
+ depends-on="tls-config"
+ address="https://localhost:${testutil.ports.jaxrs-oidc-jwt}/services">
+ <jaxrs:serviceBeans>
+ <ref bean="authorizationService"/>
+ <ref bean="hybridService"/>
+ <ref bean="implicitService"/>
+ <ref bean="tokenService"/>
+ <ref bean="oidcKeysService"/>
+ </jaxrs:serviceBeans>
+ <jaxrs:providers>
+ <ref bean="basicAuthFilter"/>
+ <bean class="org.apache.cxf.rs.security.jose.jaxrs.JsonWebKeysProvider"/>
+ </jaxrs:providers>
+ <jaxrs:properties>
+ <entry key="rs.security.keystore.type" value="jks" />
+ <entry key="rs.security.keystore.alias" value="alice"/>
+ <entry key="rs.security.keystore.password" value="password"/>
+ <entry key="rs.security.key.password" value="password"/>
+ <entry key="rs.security.keystore.file" value="keys/alice.jks" />
+ <entry key="rs.security.signature.algorithm" value="RS256" />
+ </jaxrs:properties>
+ </jaxrs:server>
+
+ <bean id="jwtRequestFilter" class="org.apache.cxf.rs.security.oauth2.grants.code.JwtRequestCodeFilter"/>
+
+ <bean id="jwtAuthorizationService" class="org.apache.cxf.rs.security.oauth2.services.AuthorizationCodeGrantService">
+ <property name="dataProvider" ref="oauthProvider"/>
+ <property name="authorizationFilter" ref="jwtRequestFilter"/>
+ </bean>
+
+ <jaxrs:server
+ depends-on="tls-config"
+ address="https://localhost:${testutil.ports.jaxrs-oidc-jwt}/unsignedjwtservices">
+ <jaxrs:serviceBeans>
+ <ref bean="jwtAuthorizationService"/>
+ </jaxrs:serviceBeans>
+ <jaxrs:providers>
+ <ref bean="basicAuthFilter"/>
+ </jaxrs:providers>
+ <jaxrs:properties>
+ <entry key="rs.security.signature.algorithm" value="none" />
+ </jaxrs:properties>
+ </jaxrs:server>
+
+</beans>
diff --git a/systests/rs-security/src/test/resources/org/apache/cxf/systest/jaxrs/security/oidc/userinfo-server-jwt.xml b/systests/rs-security/src/test/resources/org/apache/cxf/systest/jaxrs/security/oidc/userinfo-server-jwt.xml
new file mode 100644
index 0000000..e243f03
--- /dev/null
+++ b/systests/rs-security/src/test/resources/org/apache/cxf/systest/jaxrs/security/oidc/userinfo-server-jwt.xml
@@ -0,0 +1,193 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+Licensed to the Apache Software Foundation (ASF) under one
+or more contributor license agreements. See the NOTICE file
+distributed with this work for additional information
+regarding copyright ownership. The ASF licenses this file
+to you under the Apache License, Version 2.0 (the
+"License"); you may not use this file except in compliance
+with the License. You may obtain a copy of the License at
+
+http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing,
+software distributed under the License is distributed on an
+"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+KIND, either express or implied. See the License for the
+specific language governing permissions and limitations
+under the License.
+-->
+<beans xmlns="http://www.springframework.org/schema/beans"
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xmlns:http="http://cxf.apache.org/transports/http/configuration"
+ xmlns:httpj="http://cxf.apache.org/transports/http-jetty/configuration"
+ xmlns:sec="http://cxf.apache.org/configuration/security"
+ xmlns:cxf="http://cxf.apache.org/core"
+ xmlns:jaxrs="http://cxf.apache.org/jaxrs"
+ xmlns:util="http://www.springframework.org/schema/util"
+ xsi:schemaLocation="http://cxf.apache.org/jaxrs http://cxf.apache.org/schemas/jaxrs.xsd
+ http://cxf.apache.org/core http://cxf.apache.org/schemas/core.xsd
+ http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd
+ http://www.springframework.org/schema/util http://www.springframework.org/schema/util/spring-util-4.2.xsd
+ http://cxf.apache.org/transports/http/configuration http://cxf.apache.org/schemas/configuration/http-conf.xsd
+ http://cxf.apache.org/transports/http-jetty/configuration http://cxf.apache.org/schemas/configuration/http-jetty.xsd
+ http://cxf.apache.org/configuration/security http://cxf.apache.org/schemas/configuration/security.xsd">
+ <bean class="org.springframework.beans.factory.config.PropertyPlaceholderConfigurer"/>
+ <cxf:bus>
+ <cxf:features>
+ <cxf:logging/>
+ </cxf:features>
+ <cxf:properties>
+ <entry key="org.apache.cxf.jaxrs.bus.providers" value-ref="busProviders"/>
+ </cxf:properties>
+ </cxf:bus>
+ <!-- providers -->
+ <util:list id="busProviders">
+ <ref bean="oauthJson"/>
+ </util:list>
+ <bean id="oauthJson" class="org.apache.cxf.rs.security.oauth2.provider.OAuthJSONProvider"/>
+
+ <httpj:engine-factory id="tls-config">
+ <httpj:engine port="${testutil.ports.jaxrs-userinfo-jwt}">
+ <httpj:tlsServerParameters>
+ <sec:keyManagers keyPassword="password">
+ <sec:keyStore type="JKS" password="password" resource="keys/Bethal.jks"/>
+ </sec:keyManagers>
+ <sec:trustManagers>
+ <sec:keyStore type="JKS" password="password" resource="keys/Truststore.jks"/>
+ </sec:trustManagers>
+ <sec:clientAuthentication want="false" required="false"/>
+ </httpj:tlsServerParameters>
+ <httpj:sessionSupport>true</httpj:sessionSupport>
+ </httpj:engine>
+ </httpj:engine-factory>
+
+ <bean id="oauthProvider" class="org.apache.cxf.systest.jaxrs.security.oauth2.common.OAuthDataProviderImpl">
+ <constructor-arg><value>${testutil.ports.jaxrs-userinfo-jwt}</value></constructor-arg>
+ <property name="useJwtFormatForAccessTokens" value="true"/>
+ </bean>
+
+ <bean id="authorizationService" class="org.apache.cxf.rs.security.oidc.idp.OidcAuthorizationCodeService">
+ <property name="dataProvider" ref="oauthProvider"/>
+ </bean>
+
+ <bean id="idTokenProviderImpl" class="org.apache.cxf.systest.jaxrs.security.oidc.IdTokenProviderImpl"/>
+
+ <bean id="idTokenFilter" class="org.apache.cxf.rs.security.oidc.idp.IdTokenResponseFilter">
+ <property name="idTokenProvider" ref="idTokenProviderImpl"/>
+ </bean>
+
+ <bean id="tokenService" class="org.apache.cxf.rs.security.oauth2.services.AccessTokenService">
+ <property name="dataProvider" ref="oauthProvider"/>
+ <property name="responseFilter" ref="idTokenFilter"/>
+ </bean>
+
+ <bean id="callbackHandler" class="org.apache.cxf.systest.jaxrs.security.oauth2.common.CallbackHandlerImpl"/>
+ <bean id="basicAuthFilter" class="org.apache.cxf.systest.jaxrs.security.oauth2.common.WSS4JBasicAuthFilter">
+ <property name="callbackHandler" ref="callbackHandler"/>
+ </bean>
+
+ <jaxrs:server
+ depends-on="tls-config"
+ address="https://localhost:${testutil.ports.jaxrs-userinfo-jwt}/services/oidc">
+ <jaxrs:serviceBeans>
+ <ref bean="authorizationService"/>
+ <ref bean="tokenService"/>
+ </jaxrs:serviceBeans>
+ <jaxrs:providers>
+ <ref bean="basicAuthFilter"/>
+ </jaxrs:providers>
+ <jaxrs:properties>
+ <entry key="rs.security.keystore.type" value="jks" />
+ <entry key="rs.security.keystore.alias" value="alice"/>
+ <entry key="rs.security.keystore.password" value="password"/>
+ <entry key="rs.security.key.password" value="password"/>
+ <entry key="rs.security.keystore.file" value="keys/alice.jks" />
+ <entry key="rs.security.signature.algorithm" value="RS256" />
+ </jaxrs:properties>
+ </jaxrs:server>
+
+ <bean id="oAuthFilter" class="org.apache.cxf.rs.security.oauth2.filters.OAuthRequestFilter">
+ <property name="dataProvider" ref="oauthProvider"/>
+ </bean>
+
+ <bean id="userInfoProvider" class="org.apache.cxf.systest.jaxrs.security.oidc.UserInfoProviderImpl" />
+ <bean id="userInfoService" class="org.apache.cxf.rs.security.oidc.idp.UserInfoService">
+ <property name="userInfoProvider" ref="userInfoProvider"/>
+ <property name="jwsRequired" value="false"/>
+ </bean>
+
+ <bean id="jsonProvider" class="org.apache.cxf.jaxrs.provider.json.JsonMapObjectProvider"/>
+
+ <jaxrs:server
+ depends-on="tls-config"
+ address="https://localhost:${testutil.ports.jaxrs-userinfo-jwt}/services/plain">
+ <jaxrs:serviceBeans>
+ <ref bean="userInfoService"/>
+ </jaxrs:serviceBeans>
+ <jaxrs:providers>
+ <ref bean="oAuthFilter"/>
+ <ref bean="jsonProvider"/>
+ </jaxrs:providers>
+ </jaxrs:server>
+
+ <bean id="signedUserInfoService" class="org.apache.cxf.rs.security.oidc.idp.UserInfoService">
+ <property name="userInfoProvider" ref="userInfoProvider"/>
+ </bean>
+
+ <jaxrs:server
+ depends-on="tls-config"
+ address="https://localhost:${testutil.ports.jaxrs-userinfo-jwt}/services/signed">
+ <jaxrs:serviceBeans>
+ <ref bean="signedUserInfoService"/>
+ </jaxrs:serviceBeans>
+ <jaxrs:providers>
+ <ref bean="oAuthFilter"/>
+ <ref bean="jsonProvider"/>
+ </jaxrs:providers>
+ <jaxrs:properties>
+ <entry key="rs.security.keystore.type" value="jks" />
+ <entry key="rs.security.keystore.alias" value="alice"/>
+ <entry key="rs.security.keystore.password" value="password"/>
+ <entry key="rs.security.key.password" value="password"/>
+ <entry key="rs.security.keystore.file" value="keys/alice.jks" />
+ <entry key="rs.security.signature.algorithm" value="RS256" />
+ </jaxrs:properties>
+ </jaxrs:server>
+
+ <bean id="encryptedUserInfoService" class="org.apache.cxf.rs.security.oidc.idp.UserInfoService">
+ <property name="userInfoProvider" ref="userInfoProvider"/>
+ <property name="jwsRequired" value="false"/>
+ <property name="jweRequired" value="true"/>
+ </bean>
+
+ <jaxrs:server
+ depends-on="tls-config"
+ address="https://localhost:${testutil.ports.jaxrs-userinfo-jwt}/services/encrypted">
+ <jaxrs:serviceBeans>
+ <ref bean="encryptedUserInfoService"/>
+ </jaxrs:serviceBeans>
+ <jaxrs:providers>
+ <ref bean="oAuthFilter"/>
+ </jaxrs:providers>
+ <jaxrs:properties>
+ <entry key="rs.security.keystore.type" value="jks" />
+ <entry key="rs.security.keystore.alias" value="bob"/>
+ <entry key="rs.security.keystore.password" value="password"/>
+ <entry key="rs.security.keystore.file" value="keys/bob.jks" />
+ <entry key="rs.security.signature.algorithm" value="RS256" />
+ </jaxrs:properties>
+
+ </jaxrs:server>
+
+ <http:conduit name="https://localhost.*">
+ <http:client ConnectionTimeout="3000000" ReceiveTimeout="3000000"/>
+ <http:tlsClientParameters disableCNCheck="true">
+ <sec:trustManagers>
+ <sec:keyStore type="JKS" password="password" resource="keys/Truststore.jks"/>
+ </sec:trustManagers>
+ </http:tlsClientParameters>
+ </http:conduit>
+
+
+</beans>