You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cxf.apache.org by co...@apache.org on 2016/02/08 17:34:48 UTC
[6/6] cxf git commit: Adding claims test
Adding claims test
Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/276a6072
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/276a6072
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/276a6072
Branch: refs/heads/master
Commit: 276a6072cb2f98803333eb56ed06422f682d7722
Parents: ddc0034
Author: Colm O hEigeartaigh <co...@apache.org>
Authored: Mon Feb 8 12:17:57 2016 +0000
Committer: Colm O hEigeartaigh <co...@apache.org>
Committed: Mon Feb 8 16:34:01 2016 +0000
----------------------------------------------------------------------
.../cxf/systest/sts/rest/RESTUnitTest.java | 65 ++++++++++++++++++++
1 file changed, 65 insertions(+)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/cxf/blob/276a6072/services/sts/systests/basic/src/test/java/org/apache/cxf/systest/sts/rest/RESTUnitTest.java
----------------------------------------------------------------------
diff --git a/services/sts/systests/basic/src/test/java/org/apache/cxf/systest/sts/rest/RESTUnitTest.java b/services/sts/systests/basic/src/test/java/org/apache/cxf/systest/sts/rest/RESTUnitTest.java
index e0ed538..65c0cf3 100644
--- a/services/sts/systests/basic/src/test/java/org/apache/cxf/systest/sts/rest/RESTUnitTest.java
+++ b/services/sts/systests/basic/src/test/java/org/apache/cxf/systest/sts/rest/RESTUnitTest.java
@@ -31,6 +31,9 @@ import org.w3c.dom.Element;
import org.apache.cxf.Bus;
import org.apache.cxf.bus.spring.SpringBusFactory;
import org.apache.cxf.jaxrs.client.WebClient;
+import org.apache.cxf.rt.security.claims.Claim;
+import org.apache.cxf.rt.security.claims.ClaimCollection;
+import org.apache.cxf.rt.security.saml.utils.SAMLUtils;
import org.apache.cxf.systest.sts.common.SecurityTestUtil;
import org.apache.cxf.testutil.common.AbstractBusClientServerTestBase;
import org.apache.cxf.ws.security.sts.provider.model.RequestSecurityTokenResponseType;
@@ -329,6 +332,68 @@ public class RESTUnitTest extends AbstractBusClientServerTestBase {
}
@org.junit.Test
+ public void testIssueSAML2TokenClaims() throws Exception {
+ SpringBusFactory bf = new SpringBusFactory();
+ URL busFile = RESTUnitTest.class.getResource("cxf-client.xml");
+
+ Bus bus = bf.createBus(busFile.toString());
+ SpringBusFactory.setDefaultBus(bus);
+ SpringBusFactory.setThreadDefaultBus(bus);
+
+ String address = "https://localhost:" + STSPORT + "/SecurityTokenService/token";
+ WebClient client = WebClient.create(address, busFile.toString());
+
+ client.type("application/xml").accept("application/xml");
+ client.path("saml2.0");
+
+ // First check that the role isn't usually in the generated token
+
+ Response response = client.get();
+ Document assertionDoc = response.readEntity(Document.class);
+ assertNotNull(assertionDoc);
+
+ // Process the token
+ List<WSSecurityEngineResult> results = processToken(assertionDoc.getDocumentElement());
+
+ assertTrue(results != null && results.size() == 1);
+ SamlAssertionWrapper assertion =
+ (SamlAssertionWrapper)results.get(0).get(WSSecurityEngineResult.TAG_SAML_ASSERTION);
+ assertTrue(assertion != null);
+ assertTrue(assertion.getSaml2() != null && assertion.getSaml1() == null);
+ assertTrue(assertion.isSigned());
+
+ ClaimCollection claims = SAMLUtils.getClaims(assertion);
+ assertEquals(1, claims.size());
+ Claim claim = claims.get(0);
+ String role = "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/role";
+ assertNotEquals(claim.getClaimType().toString(), role);
+
+ // Now get another token specifying the role
+ client.query("claim", role);
+ response = client.get();
+ assertionDoc = response.readEntity(Document.class);
+ assertNotNull(assertionDoc);
+
+ // Process the token
+ results = processToken(assertionDoc.getDocumentElement());
+
+ assertTrue(results != null && results.size() == 1);
+ assertion =
+ (SamlAssertionWrapper)results.get(0).get(WSSecurityEngineResult.TAG_SAML_ASSERTION);
+ assertTrue(assertion != null);
+ assertTrue(assertion.getSaml2() != null && assertion.getSaml1() == null);
+ assertTrue(assertion.isSigned());
+
+ claims = SAMLUtils.getClaims(assertion);
+ assertEquals(1, claims.size());
+ claim = claims.get(0);
+ assertEquals(claim.getClaimType().toString(), role);
+ assertEquals("ordinary-user", claim.getValues().get(0));
+
+ bus.shutdown(true);
+ }
+
+ @org.junit.Test
@org.junit.Ignore
public void testIssueJWTToken() throws Exception {
SpringBusFactory bf = new SpringBusFactory();