You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cxf.apache.org by co...@apache.org on 2013/09/23 17:06:46 UTC
svn commit: r1525618 - in /cxf/trunk/services/sts/sts-core/src:
main/java/org/apache/cxf/sts/claims/ test/java/org/apache/cxf/sts/common/
test/java/org/apache/cxf/sts/token/provider/
Author: coheigea
Date: Mon Sep 23 15:06:45 2013
New Revision: 1525618
URL: http://svn.apache.org/r1525618
Log:
[CXF-4543] - Encode multi value claims as multi-value saml attribute
Modified:
cxf/trunk/services/sts/sts-core/src/main/java/org/apache/cxf/sts/claims/Claim.java
cxf/trunk/services/sts/sts-core/src/main/java/org/apache/cxf/sts/claims/ClaimsAttributeStatementProvider.java
cxf/trunk/services/sts/sts-core/src/test/java/org/apache/cxf/sts/common/CustomAttributeProvider.java
cxf/trunk/services/sts/sts-core/src/test/java/org/apache/cxf/sts/common/CustomClaimsHandler.java
cxf/trunk/services/sts/sts-core/src/test/java/org/apache/cxf/sts/token/provider/SAMLClaimsTest.java
Modified: cxf/trunk/services/sts/sts-core/src/main/java/org/apache/cxf/sts/claims/Claim.java
URL: http://svn.apache.org/viewvc/cxf/trunk/services/sts/sts-core/src/main/java/org/apache/cxf/sts/claims/Claim.java?rev=1525618&r1=1525617&r2=1525618&view=diff
==============================================================================
--- cxf/trunk/services/sts/sts-core/src/main/java/org/apache/cxf/sts/claims/Claim.java (original)
+++ cxf/trunk/services/sts/sts-core/src/main/java/org/apache/cxf/sts/claims/Claim.java Mon Sep 23 15:06:45 2013
@@ -39,6 +39,7 @@ public class Claim implements Serializab
private String originalIssuer;
private transient Principal principal;
private List<String> values = new ArrayList<String>(1);
+ private List<?> customValues;
public String getIssuer() {
return issuer;
@@ -85,21 +86,12 @@ public class Claim implements Serializab
return values;
}
- @Deprecated
- public void setValue(String value) {
- this.values.clear();
- if (value != null) {
- this.values.add(value);
- }
- }
- @Deprecated
- public String getValue() {
- if (this.values.size() == 0) {
- return null;
- } else if (this.values.size() == 1) {
- return this.values.get(0);
- }
- throw new IllegalStateException("Claim has multiple values");
+ public List<?> getCustomValues() {
+ return customValues;
+ }
+
+ public void setCustomValues(List<?> customValues) {
+ this.customValues = customValues;
}
}
Modified: cxf/trunk/services/sts/sts-core/src/main/java/org/apache/cxf/sts/claims/ClaimsAttributeStatementProvider.java
URL: http://svn.apache.org/viewvc/cxf/trunk/services/sts/sts-core/src/main/java/org/apache/cxf/sts/claims/ClaimsAttributeStatementProvider.java?rev=1525618&r1=1525617&r2=1525618&view=diff
==============================================================================
--- cxf/trunk/services/sts/sts-core/src/main/java/org/apache/cxf/sts/claims/ClaimsAttributeStatementProvider.java (original)
+++ cxf/trunk/services/sts/sts-core/src/main/java/org/apache/cxf/sts/claims/ClaimsAttributeStatementProvider.java Mon Sep 23 15:06:45 2013
@@ -100,6 +100,10 @@ public class ClaimsAttributeStatementPro
attributeBean.setQualifiedName(namespace);
}
attributeBean.setAttributeValues(claim.getValues());
+
+ if (claim.getCustomValues() != null) {
+ attributeBean.setCustomAttributeValues(claim.getCustomValues());
+ }
attributeList.add(attributeBean);
}
attrBean.setSamlAttributes(attributeList);
Modified: cxf/trunk/services/sts/sts-core/src/test/java/org/apache/cxf/sts/common/CustomAttributeProvider.java
URL: http://svn.apache.org/viewvc/cxf/trunk/services/sts/sts-core/src/test/java/org/apache/cxf/sts/common/CustomAttributeProvider.java?rev=1525618&r1=1525617&r2=1525618&view=diff
==============================================================================
--- cxf/trunk/services/sts/sts-core/src/test/java/org/apache/cxf/sts/common/CustomAttributeProvider.java (original)
+++ cxf/trunk/services/sts/sts-core/src/test/java/org/apache/cxf/sts/common/CustomAttributeProvider.java Mon Sep 23 15:06:45 2013
@@ -183,6 +183,10 @@ public class CustomAttributeProvider imp
attributeBean.setSimpleName(claim.getClaimType().toString());
}
attributeBean.setAttributeValues(claim.getValues());
+
+ if (claim.getCustomValues() != null) {
+ attributeBean.setCustomAttributeValues(claim.getCustomValues());
+ }
return attributeBean;
}
Modified: cxf/trunk/services/sts/sts-core/src/test/java/org/apache/cxf/sts/common/CustomClaimsHandler.java
URL: http://svn.apache.org/viewvc/cxf/trunk/services/sts/sts-core/src/test/java/org/apache/cxf/sts/common/CustomClaimsHandler.java?rev=1525618&r1=1525617&r2=1525618&view=diff
==============================================================================
--- cxf/trunk/services/sts/sts-core/src/test/java/org/apache/cxf/sts/common/CustomClaimsHandler.java (original)
+++ cxf/trunk/services/sts/sts-core/src/test/java/org/apache/cxf/sts/common/CustomClaimsHandler.java Mon Sep 23 15:06:45 2013
@@ -21,6 +21,7 @@ package org.apache.cxf.sts.common;
import java.net.URI;
import java.security.Principal;
import java.util.ArrayList;
+import java.util.Collections;
import java.util.List;
import org.apache.cxf.sts.claims.Claim;
@@ -31,6 +32,11 @@ import org.apache.cxf.sts.claims.ClaimsP
import org.apache.cxf.sts.claims.RequestClaim;
import org.apache.cxf.sts.claims.RequestClaimCollection;
import org.apache.cxf.sts.common.CustomClaimParser.CustomRequestClaim;
+import org.opensaml.Configuration;
+import org.opensaml.saml2.core.AttributeValue;
+import org.opensaml.xml.XMLObjectBuilder;
+import org.opensaml.xml.XMLObjectBuilderFactory;
+import org.opensaml.xml.schema.XSInteger;
/**
* A custom ClaimsHandler implementation for use in the tests.
@@ -46,6 +52,7 @@ public class CustomClaimsHandler impleme
knownURIs.add(ClaimTypes.LASTNAME);
knownURIs.add(ClaimTypes.EMAILADDRESS);
knownURIs.add(ClaimTypes.STREETADDRESS);
+ knownURIs.add(ClaimTypes.MOBILEPHONE);
knownURIs.add(ROLE_CLAIM);
}
@@ -75,6 +82,19 @@ public class CustomClaimsHandler impleme
claim.addValue("alice@cxf.apache.org");
} else if (ClaimTypes.STREETADDRESS.equals(requestClaim.getClaimType())) {
claim.addValue("1234 1st Street");
+ } else if (ClaimTypes.MOBILEPHONE.equals(requestClaim.getClaimType())) {
+ // Test custom (Integer) attribute value
+ XMLObjectBuilderFactory builderFactory = Configuration.getBuilderFactory();
+
+ @SuppressWarnings("unchecked")
+ XMLObjectBuilder<XSInteger> xsIntegerBuilder =
+ (XMLObjectBuilder<XSInteger>)builderFactory.getBuilder(XSInteger.TYPE_NAME);
+ XSInteger attributeValue =
+ xsIntegerBuilder.buildObject(AttributeValue.DEFAULT_ELEMENT_NAME, XSInteger.TYPE_NAME);
+ attributeValue.setValue(185912592);
+
+ claim.setCustomValues(Collections.singletonList(attributeValue));
+
} else if (ROLE_CLAIM.equals(requestClaim.getClaimType())) {
String requestedRole = requestClaim.getClaimValue();
if (isUserInRole(parameters.getPrincipal(), requestedRole)) {
Modified: cxf/trunk/services/sts/sts-core/src/test/java/org/apache/cxf/sts/token/provider/SAMLClaimsTest.java
URL: http://svn.apache.org/viewvc/cxf/trunk/services/sts/sts-core/src/test/java/org/apache/cxf/sts/token/provider/SAMLClaimsTest.java?rev=1525618&r1=1525617&r2=1525618&view=diff
==============================================================================
--- cxf/trunk/services/sts/sts-core/src/test/java/org/apache/cxf/sts/token/provider/SAMLClaimsTest.java (original)
+++ cxf/trunk/services/sts/sts-core/src/test/java/org/apache/cxf/sts/token/provider/SAMLClaimsTest.java Mon Sep 23 15:06:45 2013
@@ -359,6 +359,45 @@ public class SAMLClaimsTest extends org.
}
}
+ /**
+ * Test the creation of a SAML2 Assertion with various Attributes set by a ClaimsHandler.
+ */
+ @org.junit.Test
+ public void testSaml2ClaimsInteger() throws Exception {
+ TokenProvider samlTokenProvider = new SAMLTokenProvider();
+ TokenProviderParameters providerParameters =
+ createProviderParameters(WSConstants.WSS_SAML2_TOKEN_TYPE, STSConstants.BEARER_KEY_KEYTYPE, null);
+
+ ClaimsManager claimsManager = new ClaimsManager();
+ ClaimsHandler claimsHandler = new CustomClaimsHandler();
+ claimsManager.setClaimHandlers(Collections.singletonList(claimsHandler));
+ providerParameters.setClaimsManager(claimsManager);
+
+ RequestClaimCollection claims = new RequestClaimCollection();
+ RequestClaim claim = new RequestClaim();
+ claim.setClaimType(ClaimTypes.MOBILEPHONE);
+ claims.add(claim);
+ providerParameters.setRequestedPrimaryClaims(claims);
+
+ List<AttributeStatementProvider> customProviderList = new ArrayList<AttributeStatementProvider>();
+ customProviderList.add(new CustomAttributeProvider());
+ ((SAMLTokenProvider)samlTokenProvider).setAttributeStatementProviders(customProviderList);
+
+ assertTrue(samlTokenProvider.canHandleToken(WSConstants.WSS_SAML2_TOKEN_TYPE));
+ TokenProviderResponse providerResponse = samlTokenProvider.createToken(providerParameters);
+ assertTrue(providerResponse != null);
+ assertTrue(providerResponse.getToken() != null && providerResponse.getTokenId() != null);
+
+ Element token = providerResponse.getToken();
+ String tokenString = DOM2Writer.nodeToString(token);
+ assertTrue(tokenString.contains(providerResponse.getTokenId()));
+ assertTrue(tokenString.contains("AttributeStatement"));
+ assertTrue(tokenString.contains("alice"));
+ assertTrue(tokenString.contains(SAML2Constants.CONF_BEARER));
+ assertTrue(tokenString.contains(ClaimTypes.MOBILEPHONE.toString()));
+ }
+
+
private TokenProviderParameters createProviderParameters(
String tokenType, String keyType, String appliesTo
) throws WSSecurityException {