You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@directory.apache.org by co...@apache.org on 2017/09/08 10:36:21 UTC
directory-kerby git commit: DIRKRB-654 - Adding tests for the JWT
Access Token case using GSS
Repository: directory-kerby
Updated Branches:
refs/heads/trunk d37de32e4 -> f56fc9681
DIRKRB-654 - Adding tests for the JWT Access Token case using GSS
Project: http://git-wip-us.apache.org/repos/asf/directory-kerby/repo
Commit: http://git-wip-us.apache.org/repos/asf/directory-kerby/commit/f56fc968
Tree: http://git-wip-us.apache.org/repos/asf/directory-kerby/tree/f56fc968
Diff: http://git-wip-us.apache.org/repos/asf/directory-kerby/diff/f56fc968
Branch: refs/heads/trunk
Commit: f56fc9681c5068db2de0b25d199ca47d63457369
Parents: d37de32
Author: Colm O hEigeartaigh <co...@apache.org>
Authored: Fri Sep 8 11:36:06 2017 +0100
Committer: Colm O hEigeartaigh <co...@apache.org>
Committed: Fri Sep 8 11:36:06 2017 +0100
----------------------------------------------------------------------
.../kerb/integration/test/gss/GssAppServer.java | 22 ++++++++++++++++++++
.../integration/test/KerbyTokenAppTest.java | 7 +++++++
2 files changed, 29 insertions(+)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/f56fc968/kerby-kerb/integration-test/src/main/java/org/apache/kerby/kerberos/kerb/integration/test/gss/GssAppServer.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/integration-test/src/main/java/org/apache/kerby/kerberos/kerb/integration/test/gss/GssAppServer.java b/kerby-kerb/integration-test/src/main/java/org/apache/kerby/kerberos/kerb/integration/test/gss/GssAppServer.java
index c7b5ae4..0eb2aae 100644
--- a/kerby-kerb/integration-test/src/main/java/org/apache/kerby/kerberos/kerb/integration/test/gss/GssAppServer.java
+++ b/kerby-kerb/integration-test/src/main/java/org/apache/kerby/kerberos/kerb/integration/test/gss/GssAppServer.java
@@ -22,6 +22,8 @@ package org.apache.kerby.kerberos.kerb.integration.test.gss;
import org.apache.kerby.kerberos.kerb.integration.test.AppServer;
import org.apache.kerby.kerberos.kerb.integration.test.AppUtil;
import org.apache.kerby.kerberos.kerb.integration.test.Transport;
+import org.apache.kerby.kerberos.kerb.type.ad.AdToken;
+import org.apache.kerby.kerberos.kerb.type.base.KrbToken;
import org.ietf.jgss.GSSContext;
import org.ietf.jgss.GSSCredential;
import org.ietf.jgss.GSSManager;
@@ -29,11 +31,16 @@ import org.ietf.jgss.GSSName;
import org.ietf.jgss.MessageProp;
import org.ietf.jgss.Oid;
+import com.sun.security.jgss.AuthorizationDataEntry;
+import com.sun.security.jgss.ExtendedGSSContext;
+import com.sun.security.jgss.InquireType;
+
public class GssAppServer extends AppServer {
private String serverPrincipal;
private GSSManager manager;
private GSSContext context;
private boolean createContextWithCred = true;
+ private KrbToken receivedAccessToken;
public GssAppServer(String[] args) throws Exception {
super(args);
@@ -87,6 +94,17 @@ public class GssAppServer extends AppServer {
doWith(context, conn);
+ // Store any received access token for later retrieval
+ ExtendedGSSContext extendedContext = (ExtendedGSSContext) context;
+ AuthorizationDataEntry[] authzDataEntries =
+ (AuthorizationDataEntry[]) extendedContext.inquireSecContext(InquireType.KRB5_GET_AUTHZ_DATA);
+ if (authzDataEntries != null && authzDataEntries.length > 0) {
+ byte[] data = authzDataEntries[0].getData();
+ AdToken adToken = new AdToken();
+ adToken.decode(data);
+ receivedAccessToken = adToken.getToken();
+ }
+
context.dispose();
}
@@ -116,4 +134,8 @@ public class GssAppServer extends AppServer {
public void setCreateContextWithCred(boolean createContextWithCred) {
this.createContextWithCred = createContextWithCred;
}
+
+ public KrbToken getReceivedAccessToken() {
+ return receivedAccessToken;
+ }
}
http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/f56fc968/kerby-kerb/integration-test/src/test/java/org/apache/kerby/kerberos/kerb/integration/test/KerbyTokenAppTest.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/integration-test/src/test/java/org/apache/kerby/kerberos/kerb/integration/test/KerbyTokenAppTest.java b/kerby-kerb/integration-test/src/test/java/org/apache/kerby/kerberos/kerb/integration/test/KerbyTokenAppTest.java
index 897e084..5696b89 100644
--- a/kerby-kerb/integration-test/src/test/java/org/apache/kerby/kerberos/kerb/integration/test/KerbyTokenAppTest.java
+++ b/kerby-kerb/integration-test/src/test/java/org/apache/kerby/kerberos/kerb/integration/test/KerbyTokenAppTest.java
@@ -43,6 +43,8 @@ import org.junit.Test;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertNotNull;
import static org.junit.Assert.assertTrue;
public class KerbyTokenAppTest extends TokenAppTest {
@@ -62,6 +64,11 @@ public class KerbyTokenAppTest extends TokenAppTest {
@Test
public void testJwtAccessToken() throws Exception {
runAppClientWithToken(createAppClient());
+
+ KrbToken receivedToken = ((GssAppServer) appServer).getReceivedAccessToken();
+ assertNotNull(receivedToken);
+ assertEquals(getClientPrincipal(), receivedToken.getSubject());
+ assertEquals(getServerPrincipal(), receivedToken.getAudiences().get(0));
}
private void runAppClientWithToken(final AppClient appClient) throws Exception {