You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cxf.apache.org by co...@apache.org on 2015/11/04 18:54:40 UTC
[09/14] cxf git commit: Separate test classes + resources
http://git-wip-us.apache.org/repos/asf/cxf/blob/39d8444b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/jose/jwejws/JweJwsReferenceTest.java
----------------------------------------------------------------------
diff --git a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/jose/jwejws/JweJwsReferenceTest.java b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/jose/jwejws/JweJwsReferenceTest.java
new file mode 100644
index 0000000..b4a7447
--- /dev/null
+++ b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/jose/jwejws/JweJwsReferenceTest.java
@@ -0,0 +1,385 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.cxf.systest.jaxrs.security.jose.jwejws;
+
+import java.net.URL;
+import java.security.Security;
+import java.util.ArrayList;
+import java.util.HashMap;
+import java.util.List;
+import java.util.Map;
+
+import javax.ws.rs.core.Response;
+
+import com.fasterxml.jackson.jaxrs.json.JacksonJsonProvider;
+
+import org.apache.cxf.jaxrs.client.WebClient;
+import org.apache.cxf.rs.security.jose.jaxrs.JweWriterInterceptor;
+import org.apache.cxf.rs.security.jose.jaxrs.JwsWriterInterceptor;
+import org.apache.cxf.systest.jaxrs.security.Book;
+import org.apache.cxf.testutil.common.AbstractBusClientServerTestBase;
+import org.bouncycastle.jce.provider.BouncyCastleProvider;
+
+import org.junit.AfterClass;
+import org.junit.BeforeClass;
+
+/**
+ * Some encryption or signature tests, focus on how keys and certs are referenced and included.
+ */
+public class JweJwsReferenceTest extends AbstractBusClientServerTestBase {
+ public static final String PORT = BookServerReference.PORT;
+ private static final Boolean SKIP_AES_GCM_TESTS = isJava6();
+ @BeforeClass
+ public static void startServers() throws Exception {
+ assertTrue("server did not launch correctly",
+ launchServer(BookServerReference.class, true));
+ registerBouncyCastleIfNeeded();
+ }
+
+ private static void registerBouncyCastleIfNeeded() throws Exception {
+ // Still need it for Oracle Java 7 and Java 8
+ Security.addProvider(new BouncyCastleProvider());
+ }
+ private static boolean isJava6() {
+ String version = System.getProperty("java.version");
+ return 1.6D == Double.parseDouble(version.substring(0, 3));
+ }
+ @AfterClass
+ public static void unregisterBouncyCastleIfNeeded() throws Exception {
+ Security.removeProvider(BouncyCastleProvider.PROVIDER_NAME);
+ }
+
+ //
+ // Encryption tests
+ //
+ // TODO
+ @org.junit.Test
+ @org.junit.Ignore
+ public void testEncryptionIncludePublicKey() throws Exception {
+ if (SKIP_AES_GCM_TESTS) {
+ return;
+ }
+ URL busFile = JweJwsReferenceTest.class.getResource("client.xml");
+
+ List<Object> providers = new ArrayList<Object>();
+ providers.add(new JacksonJsonProvider());
+ providers.add(new JweWriterInterceptor());
+
+ String address = "http://localhost:" + PORT + "/jweincludekey/bookstore/books";
+ WebClient client =
+ WebClient.create(address, providers, busFile.toString());
+ client.type("application/json").accept("application/json");
+
+ Map<String, Object> properties = new HashMap<String, Object>();
+ properties.put("rs.security.keystore.type", "jwk");
+ properties.put("rs.security.keystore.alias", "2011-04-29");
+ properties.put("rs.security.keystore.file", "org/apache/cxf/systest/jaxrs/security/certs/jwkPublicSet.txt");
+ properties.put("rs.security.encryption.content.algorithm", "A128GCM");
+ properties.put("rs.security.encryption.key.algorithm", "RSA-OAEP");
+ properties.put("rs.security.encryption.include.public.key", "true");
+ WebClient.getConfig(client).getRequestContext().putAll(properties);
+
+ Response response = client.post(new Book("book", 123L));
+ assertEquals(response.getStatus(), 200);
+ }
+
+ @org.junit.Test
+ public void testEncryptionIncludeCert() throws Exception {
+ if (SKIP_AES_GCM_TESTS) {
+ return;
+ }
+ URL busFile = JweJwsReferenceTest.class.getResource("client.xml");
+
+ List<Object> providers = new ArrayList<Object>();
+ providers.add(new JacksonJsonProvider());
+ providers.add(new JweWriterInterceptor());
+
+ String address = "http://localhost:" + PORT + "/jweincludecert/bookstore/books";
+ WebClient client =
+ WebClient.create(address, providers, busFile.toString());
+ client.type("application/json").accept("application/json");
+
+ Map<String, Object> properties = new HashMap<String, Object>();
+ properties.put("rs.security.keystore.type", "jks");
+ properties.put("rs.security.keystore.alias", "bob");
+ properties.put("rs.security.keystore.password", "password");
+ properties.put("rs.security.key.password", "password");
+ properties.put("rs.security.keystore.file",
+ "org/apache/cxf/systest/jaxrs/security/certs/bob.jks");
+ properties.put("rs.security.encryption.content.algorithm", "A128GCM");
+ properties.put("rs.security.encryption.key.algorithm", "RSA-OAEP");
+ WebClient.getConfig(client).getRequestContext().putAll(properties);
+
+ // First test that it fails without adding a cert (reference). This is because
+ // the service side does not have an alias configured
+
+ Response response = client.post(new Book("book", 123L));
+ assertNotEquals(response.getStatus(), 200);
+
+ // Now it should work
+ properties.put("rs.security.encryption.include.cert", "true");
+ WebClient.getConfig(client).getRequestContext().putAll(properties);
+ response = client.post(new Book("book", 123L));
+ assertEquals(response.getStatus(), 200);
+ }
+
+ @org.junit.Test
+ public void testEncryptionIncludeCertNegativeTest() throws Exception {
+ if (SKIP_AES_GCM_TESTS) {
+ return;
+ }
+ URL busFile = JweJwsReferenceTest.class.getResource("client.xml");
+
+ List<Object> providers = new ArrayList<Object>();
+ providers.add(new JacksonJsonProvider());
+ providers.add(new JweWriterInterceptor());
+
+ String address = "http://localhost:" + PORT + "/jweincludecert/bookstore/books";
+ WebClient client =
+ WebClient.create(address, providers, busFile.toString());
+ client.type("application/json").accept("application/json");
+
+ Map<String, Object> properties = new HashMap<String, Object>();
+ properties.put("rs.security.keystore.type", "jks");
+ properties.put("rs.security.keystore.alias", "alice");
+ properties.put("rs.security.keystore.password", "password");
+ properties.put("rs.security.key.password", "password");
+ properties.put("rs.security.keystore.file",
+ "org/apache/cxf/systest/jaxrs/security/certs/alice.jks");
+ properties.put("rs.security.encryption.content.algorithm", "A128GCM");
+ properties.put("rs.security.encryption.key.algorithm", "RSA-OAEP");
+ properties.put("rs.security.encryption.include.cert", "true");
+ WebClient.getConfig(client).getRequestContext().putAll(properties);
+
+ // Failure expected as we are encrypting to "alice" instead of "bob"
+ Response response = client.post(new Book("book", 123L));
+ assertNotEquals(response.getStatus(), 200);
+ }
+
+ @org.junit.Test
+ public void testEncryptionIncludeCertSha1() throws Exception {
+ if (SKIP_AES_GCM_TESTS) {
+ return;
+ }
+ URL busFile = JweJwsReferenceTest.class.getResource("client.xml");
+
+ List<Object> providers = new ArrayList<Object>();
+ providers.add(new JacksonJsonProvider());
+ providers.add(new JweWriterInterceptor());
+
+ String address = "http://localhost:" + PORT + "/jweincludecert/bookstore/books";
+ WebClient client =
+ WebClient.create(address, providers, busFile.toString());
+ client.type("application/json").accept("application/json");
+
+ Map<String, Object> properties = new HashMap<String, Object>();
+ properties.put("rs.security.keystore.type", "jks");
+ properties.put("rs.security.keystore.alias", "bob");
+ properties.put("rs.security.keystore.password", "password");
+ properties.put("rs.security.key.password", "password");
+ properties.put("rs.security.keystore.file",
+ "org/apache/cxf/systest/jaxrs/security/certs/bob.jks");
+ properties.put("rs.security.encryption.content.algorithm", "A128GCM");
+ properties.put("rs.security.encryption.key.algorithm", "RSA-OAEP");
+ WebClient.getConfig(client).getRequestContext().putAll(properties);
+
+ // First test that it fails without adding a cert (reference). This is because
+ // the service side does not have an alias configured
+
+ Response response = client.post(new Book("book", 123L));
+ assertNotEquals(response.getStatus(), 200);
+
+ // Now it should work
+ properties.put("rs.security.encryption.include.cert.sha1", "true");
+ WebClient.getConfig(client).getRequestContext().putAll(properties);
+ response = client.post(new Book("book", 123L));
+ assertEquals(response.getStatus(), 200);
+ }
+
+ @org.junit.Test
+ public void testEncryptionIncludeCertSha1NegativeTest() throws Exception {
+ if (SKIP_AES_GCM_TESTS) {
+ return;
+ }
+ URL busFile = JweJwsReferenceTest.class.getResource("client.xml");
+
+ List<Object> providers = new ArrayList<Object>();
+ providers.add(new JacksonJsonProvider());
+ providers.add(new JweWriterInterceptor());
+
+ String address = "http://localhost:" + PORT + "/jweincludecert/bookstore/books";
+ WebClient client =
+ WebClient.create(address, providers, busFile.toString());
+ client.type("application/json").accept("application/json");
+
+ Map<String, Object> properties = new HashMap<String, Object>();
+ properties.put("rs.security.keystore.type", "jks");
+ properties.put("rs.security.keystore.alias", "alice");
+ properties.put("rs.security.keystore.password", "password");
+ properties.put("rs.security.key.password", "password");
+ properties.put("rs.security.keystore.file",
+ "org/apache/cxf/systest/jaxrs/security/certs/alice.jks");
+ properties.put("rs.security.encryption.content.algorithm", "A128GCM");
+ properties.put("rs.security.encryption.key.algorithm", "RSA-OAEP");
+ properties.put("rs.security.encryption.include.cert.sha1", "true");
+ WebClient.getConfig(client).getRequestContext().putAll(properties);
+
+ // Failure expected as we are encrypting to "alice" instead of "bob"
+ Response response = client.post(new Book("book", 123L));
+ assertNotEquals(response.getStatus(), 200);
+ }
+
+ //
+ // Signature tests
+ //
+
+ @org.junit.Test
+ public void testSignatureIncludeCert() throws Exception {
+
+ URL busFile = JweJwsReferenceTest.class.getResource("client.xml");
+
+ List<Object> providers = new ArrayList<Object>();
+ providers.add(new JacksonJsonProvider());
+ providers.add(new JwsWriterInterceptor());
+
+ String address = "http://localhost:" + PORT + "/jwsincludecert/bookstore/books";
+ WebClient client =
+ WebClient.create(address, providers, busFile.toString());
+ client.type("application/json").accept("application/json");
+
+ Map<String, Object> properties = new HashMap<String, Object>();
+ properties.put("rs.security.keystore.type", "jks");
+ properties.put("rs.security.keystore.alias", "alice");
+ properties.put("rs.security.keystore.password", "password");
+ properties.put("rs.security.key.password", "password");
+ properties.put("rs.security.keystore.file",
+ "org/apache/cxf/systest/jaxrs/security/certs/alice.jks");
+ WebClient.getConfig(client).getRequestContext().putAll(properties);
+
+ // First test that it fails without adding a cert (reference). This is because
+ // the service side does not have an alias configured
+
+ Response response = client.post(new Book("book", 123L));
+ assertNotEquals(response.getStatus(), 200);
+
+ // Now it should work
+ properties.put("rs.security.signature.include.cert", "true");
+ WebClient.getConfig(client).getRequestContext().putAll(properties);
+ response = client.post(new Book("book", 123L));
+ assertEquals(response.getStatus(), 200);
+ }
+
+ @org.junit.Test
+ public void testSignatureIncludeCertNegativeTest() throws Exception {
+
+
+ URL busFile = JweJwsReferenceTest.class.getResource("client.xml");
+
+ List<Object> providers = new ArrayList<Object>();
+ providers.add(new JacksonJsonProvider());
+ providers.add(new JwsWriterInterceptor());
+
+ String address = "http://localhost:" + PORT + "/jwsincludecert/bookstore/books";
+ WebClient client =
+ WebClient.create(address, providers, busFile.toString());
+ client.type("application/json").accept("application/json");
+
+ Map<String, Object> properties = new HashMap<String, Object>();
+ properties.put("rs.security.keystore.type", "jks");
+ properties.put("rs.security.keystore.alias", "morpit");
+ properties.put("rs.security.keystore.password", "password");
+ properties.put("rs.security.key.password", "password");
+ properties.put("rs.security.keystore.file",
+ "org/apache/cxf/systest/jaxrs/security/certs/Morpit.jks");
+ properties.put("rs.security.signature.include.cert", "true");
+ WebClient.getConfig(client).getRequestContext().putAll(properties);
+
+ // Failure expected as we are signing using a cert not trusted by cxfca.jks
+ Response response = client.post(new Book("book", 123L));
+ assertNotEquals(response.getStatus(), 200);
+ }
+
+ @org.junit.Test
+ public void testSignatureIncludeCertSha1() throws Exception {
+
+ URL busFile = JweJwsReferenceTest.class.getResource("client.xml");
+
+ List<Object> providers = new ArrayList<Object>();
+ providers.add(new JacksonJsonProvider());
+ providers.add(new JwsWriterInterceptor());
+
+ String address = "http://localhost:" + PORT + "/jwsincludecertsha1/bookstore/books";
+ WebClient client =
+ WebClient.create(address, providers, busFile.toString());
+ client.type("application/json").accept("application/json");
+
+ Map<String, Object> properties = new HashMap<String, Object>();
+ properties.put("rs.security.keystore.type", "jks");
+ properties.put("rs.security.keystore.alias", "alice");
+ properties.put("rs.security.keystore.password", "password");
+ properties.put("rs.security.key.password", "password");
+ properties.put("rs.security.keystore.file",
+ "org/apache/cxf/systest/jaxrs/security/certs/alice.jks");
+ WebClient.getConfig(client).getRequestContext().putAll(properties);
+
+ // First test that it fails without adding a cert (reference). This is because
+ // the service side does not have an alias configured
+
+ Response response = client.post(new Book("book", 123L));
+ assertNotEquals(response.getStatus(), 200);
+
+ // Now it should work
+ properties.put("rs.security.signature.include.cert.sha1", "true");
+ WebClient.getConfig(client).getRequestContext().putAll(properties);
+ response = client.post(new Book("book", 123L));
+ assertEquals(response.getStatus(), 200);
+ }
+
+
+ @org.junit.Test
+ public void testSignatureIncludeCertSha1NegativeTest() throws Exception {
+
+ URL busFile = JweJwsReferenceTest.class.getResource("client.xml");
+
+ List<Object> providers = new ArrayList<Object>();
+ providers.add(new JacksonJsonProvider());
+ providers.add(new JwsWriterInterceptor());
+
+ String address = "http://localhost:" + PORT + "/jwsincludecertsha1/bookstore/books";
+ WebClient client =
+ WebClient.create(address, providers, busFile.toString());
+ client.type("application/json").accept("application/json");
+
+ Map<String, Object> properties = new HashMap<String, Object>();
+ properties.put("rs.security.keystore.type", "jks");
+ properties.put("rs.security.keystore.alias", "morpit");
+ properties.put("rs.security.keystore.password", "password");
+ properties.put("rs.security.key.password", "password");
+ properties.put("rs.security.keystore.file",
+ "org/apache/cxf/systest/jaxrs/security/certs/Morpit.jks");
+ properties.put("rs.security.signature.include.cert.sha1", "true");
+ WebClient.getConfig(client).getRequestContext().putAll(properties);
+
+ // Failure expected as we are signing using a cert not trusted by cxfca.jks
+ Response response = client.post(new Book("book", 123L));
+ assertNotEquals(response.getStatus(), 200);
+ }
+
+}
http://git-wip-us.apache.org/repos/asf/cxf/blob/39d8444b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/jose/jwejws/PrivateKeyPasswordProviderImpl.java
----------------------------------------------------------------------
diff --git a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/jose/jwejws/PrivateKeyPasswordProviderImpl.java b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/jose/jwejws/PrivateKeyPasswordProviderImpl.java
new file mode 100644
index 0000000..cf219a8
--- /dev/null
+++ b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/jose/jwejws/PrivateKeyPasswordProviderImpl.java
@@ -0,0 +1,40 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.cxf.systest.jaxrs.security.jose.jwejws;
+
+import java.util.Properties;
+
+import org.apache.cxf.rs.security.jose.common.PrivateKeyPasswordProvider;
+
+public class PrivateKeyPasswordProviderImpl implements PrivateKeyPasswordProvider {
+
+ private String password = "password";
+ public PrivateKeyPasswordProviderImpl() {
+
+ }
+ public PrivateKeyPasswordProviderImpl(String password) {
+ this.password = password;
+ }
+ @Override
+ public char[] getPassword(Properties storeProperties) {
+ return password.toCharArray();
+ }
+
+}
+
http://git-wip-us.apache.org/repos/asf/cxf/blob/39d8444b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/jwt/BookServerAlgorithms.java
----------------------------------------------------------------------
diff --git a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/jwt/BookServerAlgorithms.java b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/jwt/BookServerAlgorithms.java
deleted file mode 100644
index ced0fc1..0000000
--- a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/jwt/BookServerAlgorithms.java
+++ /dev/null
@@ -1,57 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-
-package org.apache.cxf.systest.jaxrs.security.jwt;
-
-import org.apache.cxf.Bus;
-import org.apache.cxf.BusFactory;
-import org.apache.cxf.bus.spring.SpringBusFactory;
-import org.apache.cxf.testutil.common.AbstractBusTestServerBase;
-import org.apache.cxf.testutil.common.TestUtil;
-
-public class BookServerAlgorithms extends AbstractBusTestServerBase {
- public static final String PORT = TestUtil.getPortNumber("jaxrs-jwejws-algorithms");
- private static final String SERVER_CONFIG_FILE =
- "org/apache/cxf/systest/jaxrs/security/jwt/algorithms-server.xml";
-
- protected void run() {
- SpringBusFactory bf = new SpringBusFactory();
- Bus springBus = bf.createBus(SERVER_CONFIG_FILE);
- BusFactory.setDefaultBus(springBus);
- setBus(springBus);
-
- try {
- new BookServerAlgorithms();
- } catch (Exception e) {
- throw new RuntimeException(e);
- }
- }
-
- public static void main(String[] args) {
- try {
- BookServerAlgorithms s = new BookServerAlgorithms();
- s.start();
- } catch (Exception ex) {
- ex.printStackTrace();
- System.exit(-1);
- } finally {
- System.out.println("done!");
- }
- }
-}
http://git-wip-us.apache.org/repos/asf/cxf/blob/39d8444b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/jwt/BookServerJwsJson.java
----------------------------------------------------------------------
diff --git a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/jwt/BookServerJwsJson.java b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/jwt/BookServerJwsJson.java
deleted file mode 100644
index 3b451e1..0000000
--- a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/jwt/BookServerJwsJson.java
+++ /dev/null
@@ -1,57 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-
-package org.apache.cxf.systest.jaxrs.security.jwt;
-
-import org.apache.cxf.Bus;
-import org.apache.cxf.BusFactory;
-import org.apache.cxf.bus.spring.SpringBusFactory;
-import org.apache.cxf.testutil.common.AbstractBusTestServerBase;
-import org.apache.cxf.testutil.common.TestUtil;
-
-public class BookServerJwsJson extends AbstractBusTestServerBase {
- public static final String PORT = TestUtil.getPortNumber("jaxrs-jws-json");
- private static final String SERVER_CONFIG_FILE =
- "org/apache/cxf/systest/jaxrs/security/jwt/serverJwsJson.xml";
-
- protected void run() {
- SpringBusFactory bf = new SpringBusFactory();
- Bus springBus = bf.createBus(SERVER_CONFIG_FILE);
- BusFactory.setDefaultBus(springBus);
- setBus(springBus);
-
- try {
- new BookServerJwsJson();
- } catch (Exception e) {
- throw new RuntimeException(e);
- }
- }
-
- public static void main(String[] args) {
- try {
- BookServerJwsJson s = new BookServerJwsJson();
- s.start();
- } catch (Exception ex) {
- ex.printStackTrace();
- System.exit(-1);
- } finally {
- System.out.println("done!");
- }
- }
-}
http://git-wip-us.apache.org/repos/asf/cxf/blob/39d8444b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/jwt/BookServerJwt.java
----------------------------------------------------------------------
diff --git a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/jwt/BookServerJwt.java b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/jwt/BookServerJwt.java
deleted file mode 100644
index 20a0346..0000000
--- a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/jwt/BookServerJwt.java
+++ /dev/null
@@ -1,57 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-
-package org.apache.cxf.systest.jaxrs.security.jwt;
-
-import org.apache.cxf.Bus;
-import org.apache.cxf.BusFactory;
-import org.apache.cxf.bus.spring.SpringBusFactory;
-import org.apache.cxf.testutil.common.AbstractBusTestServerBase;
-import org.apache.cxf.testutil.common.TestUtil;
-
-public class BookServerJwt extends AbstractBusTestServerBase {
- public static final String PORT = TestUtil.getPortNumber("jaxrs-jwt");
- private static final String SERVER_CONFIG_FILE =
- "org/apache/cxf/systest/jaxrs/security/jwt/server.xml";
-
- protected void run() {
- SpringBusFactory bf = new SpringBusFactory();
- Bus springBus = bf.createBus(SERVER_CONFIG_FILE);
- BusFactory.setDefaultBus(springBus);
- setBus(springBus);
-
- try {
- new BookServerJwt();
- } catch (Exception e) {
- throw new RuntimeException(e);
- }
- }
-
- public static void main(String[] args) {
- try {
- BookServerJwt s = new BookServerJwt();
- s.start();
- } catch (Exception ex) {
- ex.printStackTrace();
- System.exit(-1);
- } finally {
- System.out.println("done!");
- }
- }
-}
http://git-wip-us.apache.org/repos/asf/cxf/blob/39d8444b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/jwt/BookServerReference.java
----------------------------------------------------------------------
diff --git a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/jwt/BookServerReference.java b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/jwt/BookServerReference.java
deleted file mode 100644
index aae5a23..0000000
--- a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/jwt/BookServerReference.java
+++ /dev/null
@@ -1,57 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-
-package org.apache.cxf.systest.jaxrs.security.jwt;
-
-import org.apache.cxf.Bus;
-import org.apache.cxf.BusFactory;
-import org.apache.cxf.bus.spring.SpringBusFactory;
-import org.apache.cxf.testutil.common.AbstractBusTestServerBase;
-import org.apache.cxf.testutil.common.TestUtil;
-
-public class BookServerReference extends AbstractBusTestServerBase {
- public static final String PORT = TestUtil.getPortNumber("jaxrs-jwejws-reference");
- private static final String SERVER_CONFIG_FILE =
- "org/apache/cxf/systest/jaxrs/security/jwt/reference-server.xml";
-
- protected void run() {
- SpringBusFactory bf = new SpringBusFactory();
- Bus springBus = bf.createBus(SERVER_CONFIG_FILE);
- BusFactory.setDefaultBus(springBus);
- setBus(springBus);
-
- try {
- new BookServerReference();
- } catch (Exception e) {
- throw new RuntimeException(e);
- }
- }
-
- public static void main(String[] args) {
- try {
- BookServerReference s = new BookServerReference();
- s.start();
- } catch (Exception ex) {
- ex.printStackTrace();
- System.exit(-1);
- } finally {
- System.out.println("done!");
- }
- }
-}
http://git-wip-us.apache.org/repos/asf/cxf/blob/39d8444b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/jwt/BookStore.java
----------------------------------------------------------------------
diff --git a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/jwt/BookStore.java b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/jwt/BookStore.java
deleted file mode 100644
index dcbeb28..0000000
--- a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/jwt/BookStore.java
+++ /dev/null
@@ -1,62 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-
-package org.apache.cxf.systest.jaxrs.security.jwt;
-
-
-import javax.ws.rs.Consumes;
-import javax.ws.rs.POST;
-import javax.ws.rs.Path;
-import javax.ws.rs.Produces;
-
-import org.apache.cxf.systest.jaxrs.security.Book;
-
-@Path("/bookstore")
-public class BookStore {
-
- public BookStore() {
- }
-
- @POST
- @Path("/books")
- @Produces("text/plain")
- @Consumes("text/plain")
- public String echoText(String text) {
- return text;
- }
-
- @POST
- @Path("/books")
- @Produces("application/json")
- @Consumes("application/json")
- public Book echoBook(Book book) {
- return book;
- }
-
- @POST
- @Path("/books")
- @Produces("application/xml")
- @Consumes("application/xml")
- public Book echoBook2(Book book) {
- return book;
- }
-
-}
-
-
http://git-wip-us.apache.org/repos/asf/cxf/blob/39d8444b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/jwt/JAXRSJweJwsTest.java
----------------------------------------------------------------------
diff --git a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/jwt/JAXRSJweJwsTest.java b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/jwt/JAXRSJweJwsTest.java
deleted file mode 100644
index ded9d2a..0000000
--- a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/jwt/JAXRSJweJwsTest.java
+++ /dev/null
@@ -1,482 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-
-package org.apache.cxf.systest.jaxrs.security.jwt;
-
-import java.net.URL;
-import java.security.Security;
-import java.util.Collections;
-import java.util.LinkedList;
-import java.util.List;
-import java.util.Properties;
-
-import com.fasterxml.jackson.jaxrs.json.JacksonJsonProvider;
-
-import org.apache.cxf.Bus;
-import org.apache.cxf.bus.spring.SpringBusFactory;
-import org.apache.cxf.jaxrs.client.JAXRSClientFactoryBean;
-import org.apache.cxf.jaxrs.client.WebClient;
-import org.apache.cxf.rs.security.jose.common.PrivateKeyPasswordProvider;
-import org.apache.cxf.rs.security.jose.jaxrs.JweClientResponseFilter;
-import org.apache.cxf.rs.security.jose.jaxrs.JweWriterInterceptor;
-import org.apache.cxf.rs.security.jose.jaxrs.JwsClientResponseFilter;
-import org.apache.cxf.rs.security.jose.jaxrs.JwsWriterInterceptor;
-import org.apache.cxf.rs.security.jose.jwa.ContentAlgorithm;
-import org.apache.cxf.rs.security.jose.jwa.KeyAlgorithm;
-import org.apache.cxf.rs.security.jose.jwa.SignatureAlgorithm;
-import org.apache.cxf.rs.security.jose.jwe.AesCbcHmacJweDecryption;
-import org.apache.cxf.rs.security.jose.jwe.AesCbcHmacJweEncryption;
-import org.apache.cxf.rs.security.jose.jwe.AesWrapKeyDecryptionAlgorithm;
-import org.apache.cxf.rs.security.jose.jwe.AesWrapKeyEncryptionAlgorithm;
-import org.apache.cxf.rs.security.jose.jws.HmacJwsSignatureProvider;
-import org.apache.cxf.rs.security.jose.jws.JwsSignatureProvider;
-import org.apache.cxf.systest.jaxrs.security.Book;
-import org.apache.cxf.systest.jaxrs.security.SecurityTestUtil;
-import org.apache.cxf.testutil.common.AbstractBusClientServerTestBase;
-import org.bouncycastle.jce.provider.BouncyCastleProvider;
-
-import org.junit.AfterClass;
-import org.junit.BeforeClass;
-import org.junit.Test;
-
-public class JAXRSJweJwsTest extends AbstractBusClientServerTestBase {
- public static final String PORT = BookServerJwt.PORT;
- private static final String CLIENT_JWEJWS_PROPERTIES =
- "org/apache/cxf/systest/jaxrs/security/bob.rs.properties";
- private static final String SERVER_JWEJWS_PROPERTIES =
- "org/apache/cxf/systest/jaxrs/security/alice.rs.properties";
- private static final String ENCODED_MAC_KEY = "AyM1SysPpbyDfgZld3umj1qzKObwVMkoqQ-EstJQLr_T-1qS0gZH75"
- + "aKtMN3Yj0iPS4hcgUuTwjAzZr1Z9CAow";
- private static final Boolean SKIP_AES_GCM_TESTS = isJava6();
-
- private static boolean isJava6() {
- String version = System.getProperty("java.version");
- return 1.6D == Double.parseDouble(version.substring(0, 3));
- }
- @BeforeClass
- public static void startServers() throws Exception {
- assertTrue("server did not launch correctly",
- launchServer(BookServerJwt.class, true));
- registerBouncyCastleIfNeeded();
- }
-
- private static void registerBouncyCastleIfNeeded() throws Exception {
- // Still need it for Oracle Java 7 and Java 8
- Security.addProvider(new BouncyCastleProvider());
- }
- @AfterClass
- public static void unregisterBouncyCastleIfNeeded() throws Exception {
- Security.removeProvider(BouncyCastleProvider.PROVIDER_NAME);
- }
- @Test
- public void testJweJwkPlainTextRSA() throws Exception {
- if (SKIP_AES_GCM_TESTS) {
- return;
- }
- String address = "https://localhost:" + PORT + "/jwejwkrsa";
- BookStore bs = createJweBookStore(address, null);
- String text = bs.echoText("book");
- assertEquals("book", text);
- }
- @Test
- public void testJweJwkBookBeanRSA() throws Exception {
- if (SKIP_AES_GCM_TESTS) {
- return;
- }
- String address = "https://localhost:" + PORT + "/jwejwkrsa";
- BookStore bs = createJweBookStore(address,
- Collections.singletonList(new JacksonJsonProvider()));
- Book book = bs.echoBook(new Book("book", 123L));
- assertEquals("book", book.getName());
- assertEquals(123L, book.getId());
- }
- private BookStore createJweBookStore(String address,
- List<?> mbProviders) throws Exception {
- JAXRSClientFactoryBean bean = new JAXRSClientFactoryBean();
- SpringBusFactory bf = new SpringBusFactory();
- URL busFile = JAXRSJweJwsTest.class.getResource("client.xml");
- Bus springBus = bf.createBus(busFile.toString());
- bean.setBus(springBus);
- bean.setServiceClass(BookStore.class);
- bean.setAddress(address);
- List<Object> providers = new LinkedList<Object>();
- JweWriterInterceptor jweWriter = new JweWriterInterceptor();
- jweWriter.setUseJweOutputStream(true);
- providers.add(jweWriter);
- providers.add(new JweClientResponseFilter());
- if (mbProviders != null) {
- providers.addAll(mbProviders);
- }
- bean.setProviders(providers);
- bean.getProperties(true).put("rs.security.encryption.out.properties",
- "org/apache/cxf/systest/jaxrs/security/bob.jwk.properties");
- bean.getProperties(true).put("rs.security.encryption.in.properties",
- "org/apache/cxf/systest/jaxrs/security/alice.jwk.properties");
- return bean.create(BookStore.class);
- }
-
- @Test
- public void testJweJwkAesWrap() throws Exception {
- if (SKIP_AES_GCM_TESTS) {
- return;
- }
- String address = "https://localhost:" + PORT + "/jwejwkaeswrap";
- JAXRSClientFactoryBean bean = new JAXRSClientFactoryBean();
- SpringBusFactory bf = new SpringBusFactory();
- URL busFile = JAXRSJweJwsTest.class.getResource("client.xml");
- Bus springBus = bf.createBus(busFile.toString());
- bean.setBus(springBus);
- bean.setServiceClass(BookStore.class);
- bean.setAddress(address);
- List<Object> providers = new LinkedList<Object>();
- JweWriterInterceptor jweWriter = new JweWriterInterceptor();
- jweWriter.setUseJweOutputStream(true);
- providers.add(jweWriter);
- providers.add(new JweClientResponseFilter());
- bean.setProviders(providers);
- bean.getProperties(true).put("rs.security.encryption.properties",
- "org/apache/cxf/systest/jaxrs/security/secret.jwk.properties");
- bean.getProperties(true).put("jose.debug", true);
- BookStore bs = bean.create(BookStore.class);
- String text = bs.echoText("book");
- assertEquals("book", text);
- }
- @Test
- public void testJweJwkAesCbcHMacInlineSet() throws Exception {
- doTestJweJwkAesCbcHMac("org/apache/cxf/systest/jaxrs/security/secret.aescbchmac.inlineset.properties");
- }
- @Test
- public void testJweJwkAesCbcHMacInlineSingleKey() throws Exception {
- doTestJweJwkAesCbcHMac("org/apache/cxf/systest/jaxrs/security/secret.aescbchmac.inlinejwk.properties");
- }
- private void doTestJweJwkAesCbcHMac(String propFile) throws Exception {
- String address = "https://localhost:" + PORT + "/jwejwkaescbchmac";
- JAXRSClientFactoryBean bean = new JAXRSClientFactoryBean();
- SpringBusFactory bf = new SpringBusFactory();
- URL busFile = JAXRSJweJwsTest.class.getResource("client.xml");
- Bus springBus = bf.createBus(busFile.toString());
- bean.setBus(springBus);
- bean.setServiceClass(BookStore.class);
- bean.setAddress(address);
- List<Object> providers = new LinkedList<Object>();
- JweWriterInterceptor jweWriter = new JweWriterInterceptor();
- jweWriter.setUseJweOutputStream(true);
- providers.add(jweWriter);
- providers.add(new JweClientResponseFilter());
- bean.setProviders(providers);
- bean.getProperties(true).put("rs.security.encryption.properties", propFile);
- PrivateKeyPasswordProvider provider =
- new PrivateKeyPasswordProviderImpl("Thus from my lips, by yours, my sin is purged.");
- bean.getProperties(true).put("rs.security.key.password.provider", provider);
- BookStore bs = bean.create(BookStore.class);
- String text = bs.echoText("book");
- assertEquals("book", text);
- }
- @Test
- public void testJweRsaJwsRsa() throws Exception {
- if (SKIP_AES_GCM_TESTS) {
- return;
- }
- String address = "https://localhost:" + PORT + "/jwejwsrsa";
- BookStore bs = createJweJwsBookStore(address, null, null);
- String text = bs.echoText("book");
- assertEquals("book", text);
- }
- @Test
- public void testJweRsaJwsRsaCert() throws Exception {
- if (SKIP_AES_GCM_TESTS) {
- return;
- }
- String address = "https://localhost:" + PORT + "/jwejwsrsacert";
-
- JAXRSClientFactoryBean bean = new JAXRSClientFactoryBean();
- SpringBusFactory bf = new SpringBusFactory();
- URL busFile = JAXRSJweJwsTest.class.getResource("client.xml");
- Bus springBus = bf.createBus(busFile.toString());
- bean.setBus(springBus);
- bean.setServiceClass(BookStore.class);
- bean.setAddress(address);
- List<Object> providers = new LinkedList<Object>();
- JweWriterInterceptor jweWriter = new JweWriterInterceptor();
- jweWriter.setUseJweOutputStream(true);
- providers.add(jweWriter);
- providers.add(new JweClientResponseFilter());
- JwsWriterInterceptor jwsWriter = new JwsWriterInterceptor();
- jwsWriter.setUseJwsOutputStream(true);
- providers.add(jwsWriter);
- providers.add(new JwsClientResponseFilter());
-
- bean.setProviders(providers);
- bean.getProperties(true).put("rs.security.keystore.file",
- "org/apache/cxf/systest/jaxrs/security/certs/jwkPublicSet.txt");
- bean.getProperties(true).put("rs.security.signature.out.properties", CLIENT_JWEJWS_PROPERTIES);
- bean.getProperties(true).put("rs.security.encryption.in.properties", CLIENT_JWEJWS_PROPERTIES);
- PrivateKeyPasswordProvider provider = new PrivateKeyPasswordProviderImpl();
- bean.getProperties(true).put("rs.security.signature.key.password.provider", provider);
- bean.getProperties(true).put("rs.security.decryption.key.password.provider", provider);
- BookStore bs = bean.create(BookStore.class);
-
- WebClient.getConfig(bs).getRequestContext().put("rs.security.keystore.alias.jwe.out", "AliceCert");
- WebClient.getConfig(bs).getRequestContext().put("rs.security.keystore.alias.jws.in", "AliceCert");
- String text = bs.echoText("book");
- assertEquals("book", text);
- }
- @Test
- public void testJweRsaJwsRsaCertInHeaders() throws Exception {
- if (SKIP_AES_GCM_TESTS) {
- return;
- }
- String address = "https://localhost:" + PORT + "/jwejwsrsaCertInHeaders";
- BookStore bs = createJweJwsBookStore(address, null, null);
- WebClient.getConfig(bs).getRequestContext().put("rs.security.signature.include.cert", "true");
- WebClient.getConfig(bs).getRequestContext().put("rs.security.encryption.include.cert", "true");
- String text = bs.echoText("book");
- assertEquals("book", text);
- }
- @Test
- public void testJweRsaJwsPlainTextHMac() throws Exception {
- if (SKIP_AES_GCM_TESTS) {
- return;
- }
- String address = "https://localhost:" + PORT + "/jwejwshmac";
- HmacJwsSignatureProvider hmacProvider =
- new HmacJwsSignatureProvider(ENCODED_MAC_KEY, SignatureAlgorithm.HS256);
- BookStore bs = createJweJwsBookStore(address, hmacProvider, null);
- String text = bs.echoText("book");
- assertEquals("book", text);
- }
- @Test
- public void testJweRsaJwsBookHMac() throws Exception {
- if (SKIP_AES_GCM_TESTS) {
- return;
- }
- String address = "https://localhost:" + PORT + "/jwejwshmac";
- HmacJwsSignatureProvider hmacProvider =
- new HmacJwsSignatureProvider(ENCODED_MAC_KEY, SignatureAlgorithm.HS256);
- BookStore bs = createJweJwsBookStore(address, hmacProvider,
- Collections.singletonList(new JacksonJsonProvider()));
- Book book = bs.echoBook(new Book("book", 123L));
- assertEquals("book", book.getName());
- assertEquals(123L, book.getId());
- }
-
- @Test
- public void testJwsJwkPlainTextHMac() throws Exception {
- String address = "https://localhost:" + PORT + "/jwsjwkhmac";
- BookStore bs = createJwsBookStore(address, null);
- String text = bs.echoText("book");
- assertEquals("book", text);
- }
- @Test
- public void testJwsJwkBookHMac() throws Exception {
- String address = "https://localhost:" + PORT + "/jwsjwkhmac";
- BookStore bs = createJwsBookStore(address,
- Collections.singletonList(new JacksonJsonProvider()));
- Book book = bs.echoBook(new Book("book", 123L));
- assertEquals("book", book.getName());
- assertEquals(123L, book.getId());
- }
- private BookStore createJwsBookStore(String address,
- List<?> mbProviders) throws Exception {
- JAXRSClientFactoryBean bean = new JAXRSClientFactoryBean();
- SpringBusFactory bf = new SpringBusFactory();
- URL busFile = JAXRSJweJwsTest.class.getResource("client.xml");
- Bus springBus = bf.createBus(busFile.toString());
- bean.setBus(springBus);
- bean.setServiceClass(BookStore.class);
- bean.setAddress(address);
- List<Object> providers = new LinkedList<Object>();
- JwsWriterInterceptor jwsWriter = new JwsWriterInterceptor();
- jwsWriter.setUseJwsOutputStream(true);
- providers.add(jwsWriter);
- providers.add(new JwsClientResponseFilter());
- if (mbProviders != null) {
- providers.addAll(mbProviders);
- }
- bean.setProviders(providers);
- bean.getProperties(true).put("rs.security.signature.properties",
- "org/apache/cxf/systest/jaxrs/security/secret.jwk.properties");
- return bean.create(BookStore.class);
- }
- @Test
- public void testJwsJwkEC() throws Exception {
- String address = "https://localhost:" + PORT + "/jwsjwkec";
- JAXRSClientFactoryBean bean = new JAXRSClientFactoryBean();
- SpringBusFactory bf = new SpringBusFactory();
- URL busFile = JAXRSJweJwsTest.class.getResource("client.xml");
- Bus springBus = bf.createBus(busFile.toString());
- bean.setBus(springBus);
- bean.setServiceClass(BookStore.class);
- bean.setAddress(address);
- List<Object> providers = new LinkedList<Object>();
- JwsWriterInterceptor jwsWriter = new JwsWriterInterceptor();
- jwsWriter.setUseJwsOutputStream(true);
- providers.add(jwsWriter);
- providers.add(new JwsClientResponseFilter());
- bean.setProviders(providers);
- bean.getProperties(true).put("rs.security.signature.out.properties",
- "org/apache/cxf/systest/jaxrs/security/jws.ec.private.properties");
- bean.getProperties(true).put("rs.security.signature.in.properties",
- "org/apache/cxf/systest/jaxrs/security/jws.ec.public.properties");
- BookStore bs = bean.create(BookStore.class);
- String text = bs.echoText("book");
- assertEquals("book", text);
- }
- @Test
- public void testJwsJwkRSA() throws Exception {
- doTestJwsJwkRSA("https://localhost:" + PORT + "/jwsjwkrsa", false, false);
- }
- @Test
- public void testJwsJwkInHeadersRSA() throws Exception {
- doTestJwsJwkRSA("https://localhost:" + PORT + "/jwsjwkrsa", true, true);
- }
- @Test
- public void testJwsJwkKidOnlyInHeadersRSA() throws Exception {
- doTestJwsJwkRSA("https://localhost:" + PORT + "/jwsjwkrsa", false, true);
- }
- private void doTestJwsJwkRSA(String address,
- boolean includePublicKey,
- boolean includeKeyId) throws Exception {
- JAXRSClientFactoryBean bean = new JAXRSClientFactoryBean();
- SpringBusFactory bf = new SpringBusFactory();
- URL busFile = JAXRSJweJwsTest.class.getResource("client.xml");
- Bus springBus = bf.createBus(busFile.toString());
- bean.setBus(springBus);
- bean.setServiceClass(BookStore.class);
- bean.setAddress(address);
- List<Object> providers = new LinkedList<Object>();
- JwsWriterInterceptor jwsWriter = new JwsWriterInterceptor();
- jwsWriter.setUseJwsOutputStream(true);
- providers.add(jwsWriter);
- providers.add(new JwsClientResponseFilter());
- bean.setProviders(providers);
- bean.getProperties(true).put("rs.security.signature.out.properties",
- "org/apache/cxf/systest/jaxrs/security/alice.jwk.properties");
- bean.getProperties(true).put("rs.security.signature.in.properties",
- "org/apache/cxf/systest/jaxrs/security/bob.jwk.properties");
- if (includePublicKey) {
- bean.getProperties(true).put("rs.security.signature.include.public.key", true);
- }
- if (includeKeyId) {
- bean.getProperties(true).put("rs.security.signature.include.key.id", true);
- }
- BookStore bs = bean.create(BookStore.class);
- String text = bs.echoText("book");
- assertEquals("book", text);
- }
- private BookStore createJweJwsBookStore(String address,
- JwsSignatureProvider jwsSigProvider,
- List<?> mbProviders) throws Exception {
- JAXRSClientFactoryBean bean = new JAXRSClientFactoryBean();
- SpringBusFactory bf = new SpringBusFactory();
- URL busFile = JAXRSJweJwsTest.class.getResource("client.xml");
- Bus springBus = bf.createBus(busFile.toString());
- bean.setBus(springBus);
- bean.setServiceClass(BookStore.class);
- bean.setAddress(address);
- List<Object> providers = new LinkedList<Object>();
- JweWriterInterceptor jweWriter = new JweWriterInterceptor();
- jweWriter.setUseJweOutputStream(true);
- providers.add(jweWriter);
- providers.add(new JweClientResponseFilter());
- JwsWriterInterceptor jwsWriter = new JwsWriterInterceptor();
- if (jwsSigProvider != null) {
- jwsWriter.setSignatureProvider(jwsSigProvider);
- }
- jwsWriter.setUseJwsOutputStream(true);
- providers.add(jwsWriter);
- providers.add(new JwsClientResponseFilter());
- if (mbProviders != null) {
- providers.addAll(mbProviders);
- }
- bean.setProviders(providers);
- bean.getProperties(true).put("rs.security.encryption.out.properties", SERVER_JWEJWS_PROPERTIES);
- bean.getProperties(true).put("rs.security.signature.out.properties", CLIENT_JWEJWS_PROPERTIES);
- bean.getProperties(true).put("rs.security.encryption.in.properties", CLIENT_JWEJWS_PROPERTIES);
- bean.getProperties(true).put("rs.security.signature.in.properties", SERVER_JWEJWS_PROPERTIES);
- PrivateKeyPasswordProvider provider = new PrivateKeyPasswordProviderImpl();
- bean.getProperties(true).put("rs.security.signature.key.password.provider", provider);
- bean.getProperties(true).put("rs.security.decryption.key.password.provider", provider);
- return bean.create(BookStore.class);
- }
-
- @Test
- public void testJweAesCbcHmac() throws Exception {
- String address = "https://localhost:" + PORT + "/jweaescbchmac";
- JAXRSClientFactoryBean bean = new JAXRSClientFactoryBean();
- SpringBusFactory bf = new SpringBusFactory();
- URL busFile = JAXRSJweJwsTest.class.getResource("client.xml");
- Bus springBus = bf.createBus(busFile.toString());
- bean.setBus(springBus);
- bean.setServiceClass(BookStore.class);
- bean.setAddress(address);
- List<Object> providers = new LinkedList<Object>();
- // writer
- JweWriterInterceptor jweWriter = new JweWriterInterceptor();
- jweWriter.setUseJweOutputStream(true);
-
- final String cekEncryptionKey = "GawgguFyGrWKav7AX4VKUg";
- AesWrapKeyEncryptionAlgorithm keyEncryption =
- new AesWrapKeyEncryptionAlgorithm(cekEncryptionKey, KeyAlgorithm.A128KW);
- jweWriter.setEncryptionProvider(new AesCbcHmacJweEncryption(ContentAlgorithm.A128CBC_HS256,
- keyEncryption));
-
- // reader
- JweClientResponseFilter jweReader = new JweClientResponseFilter();
- jweReader.setDecryptionProvider(new AesCbcHmacJweDecryption(
- new AesWrapKeyDecryptionAlgorithm(cekEncryptionKey)));
-
- providers.add(jweWriter);
- providers.add(jweReader);
- bean.setProviders(providers);
-
- BookStore bs = bean.create(BookStore.class);
- String text = bs.echoText("book");
- assertEquals("book", text);
- }
-
- // Test signing and encrypting an XML payload
- @Test
- public void testJweRsaJwsRsaXML() throws Exception {
- if (SKIP_AES_GCM_TESTS || !SecurityTestUtil.checkUnrestrictedPoliciesInstalled()) {
- return;
- }
- String address = "https://localhost:" + PORT + "/jwejwsrsa";
- BookStore bs = createJweJwsBookStore(address, null, null);
- Book book = new Book();
- book.setName("book");
- book = bs.echoBook2(book);
- assertEquals("book", book.getName());
- }
-
- private static class PrivateKeyPasswordProviderImpl implements PrivateKeyPasswordProvider {
- private String password = "password";
- public PrivateKeyPasswordProviderImpl() {
-
- }
- public PrivateKeyPasswordProviderImpl(String password) {
- this.password = password;
- }
- @Override
- public char[] getPassword(Properties storeProperties) {
- return password.toCharArray();
- }
-
- }
-}
http://git-wip-us.apache.org/repos/asf/cxf/blob/39d8444b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/jwt/JAXRSJwsJsonTest.java
----------------------------------------------------------------------
diff --git a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/jwt/JAXRSJwsJsonTest.java b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/jwt/JAXRSJwsJsonTest.java
deleted file mode 100644
index 90ad37d..0000000
--- a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/jwt/JAXRSJwsJsonTest.java
+++ /dev/null
@@ -1,193 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-
-package org.apache.cxf.systest.jaxrs.security.jwt;
-
-import java.net.URL;
-import java.security.Security;
-import java.util.ArrayList;
-import java.util.Arrays;
-import java.util.Collections;
-import java.util.HashMap;
-import java.util.LinkedList;
-import java.util.List;
-import java.util.Map;
-
-import javax.ws.rs.BadRequestException;
-
-import com.fasterxml.jackson.jaxrs.json.JacksonJsonProvider;
-
-import org.apache.cxf.Bus;
-import org.apache.cxf.bus.spring.SpringBusFactory;
-import org.apache.cxf.jaxrs.client.JAXRSClientFactoryBean;
-import org.apache.cxf.rs.security.jose.jaxrs.JweClientResponseFilter;
-import org.apache.cxf.rs.security.jose.jaxrs.JweWriterInterceptor;
-import org.apache.cxf.rs.security.jose.jaxrs.JwsJsonClientResponseFilter;
-import org.apache.cxf.rs.security.jose.jaxrs.JwsJsonWriterInterceptor;
-import org.apache.cxf.systest.jaxrs.security.Book;
-import org.apache.cxf.systest.jaxrs.security.SecurityTestUtil;
-import org.apache.cxf.testutil.common.AbstractBusClientServerTestBase;
-import org.bouncycastle.jce.provider.BouncyCastleProvider;
-
-import org.junit.AfterClass;
-import org.junit.BeforeClass;
-import org.junit.Test;
-
-public class JAXRSJwsJsonTest extends AbstractBusClientServerTestBase {
- public static final String PORT = BookServerJwsJson.PORT;
- private static final Boolean SKIP_AES_GCM_TESTS = isJava6();
-
- private static boolean isJava6() {
- String version = System.getProperty("java.version");
- return 1.6D == Double.parseDouble(version.substring(0, 3));
- }
- @BeforeClass
- public static void startServers() throws Exception {
- assertTrue("server did not launch correctly",
- launchServer(BookServerJwsJson.class, true));
- registerBouncyCastle();
- }
-
- private static void registerBouncyCastle() throws Exception {
- Security.addProvider(new BouncyCastleProvider());
- }
- @AfterClass
- public static void unregisterBouncyCastleIfNeeded() throws Exception {
- Security.removeProvider(BouncyCastleProvider.PROVIDER_NAME);
- }
-
- @Test
- public void testJwsJsonPlainTextHmac() throws Exception {
- String address = "https://localhost:" + PORT + "/jwsjsonhmac";
- BookStore bs = createBookStore(address,
- "org/apache/cxf/systest/jaxrs/security/secret.jwk.properties",
- null);
- String text = bs.echoText("book");
- assertEquals("book", text);
- }
- @Test
- public void testJwsJsonBookBeanHmac() throws Exception {
- String address = "https://localhost:" + PORT + "/jwsjsonhmac";
- BookStore bs = createBookStore(address,
- "org/apache/cxf/systest/jaxrs/security/secret.jwk.properties",
- Collections.singletonList(new JacksonJsonProvider()));
- Book book = bs.echoBook(new Book("book", 123L));
- assertEquals("book", book.getName());
- assertEquals(123L, book.getId());
- }
- @Test
- public void testJweCompactJwsJsonBookBeanHmac() throws Exception {
- if (SKIP_AES_GCM_TESTS || !SecurityTestUtil.checkUnrestrictedPoliciesInstalled()) {
- return;
- }
- String address = "https://localhost:" + PORT + "/jwejwsjsonhmac";
- List<?> extraProviders = Arrays.asList(new JacksonJsonProvider(),
- new JweWriterInterceptor(),
- new JweClientResponseFilter());
- String jwkStoreProperty = "org/apache/cxf/systest/jaxrs/security/secret.jwk.properties";
- Map<String, Object> props = new HashMap<String, Object>();
- props.put("rs.security.signature.list.properties", jwkStoreProperty);
- props.put("rs.security.encryption.properties", jwkStoreProperty);
- BookStore bs = createBookStore(address,
- props,
- extraProviders);
- Book book = bs.echoBook(new Book("book", 123L));
- assertEquals("book", book.getName());
- assertEquals(123L, book.getId());
- }
-
- @Test
- public void testJwsJsonBookDoubleHmac() throws Exception {
- String address = "https://localhost:" + PORT + "/jwsjsonhmac2";
- List<String> properties = new ArrayList<String>();
- properties.add("org/apache/cxf/systest/jaxrs/security/secret.jwk.properties");
- properties.add("org/apache/cxf/systest/jaxrs/security/secret.jwk.hmac.properties");
- BookStore bs = createBookStore(address, properties, null);
- Book book = bs.echoBook(new Book("book", 123L));
- assertEquals("book", book.getName());
- assertEquals(123L, book.getId());
- }
-
- @Test
- public void testJwsJsonBookDoubleHmacSinglePropsFile() throws Exception {
- String address = "https://localhost:" + PORT + "/jwsjsonhmac2";
- List<String> properties = new ArrayList<String>();
- properties.add("org/apache/cxf/systest/jaxrs/security/secret.jwk.hmac2.properties");
- BookStore bs = createBookStore(address, properties, null);
- Book book = bs.echoBook2(new Book("book", 123L));
- assertEquals("book", book.getName());
- assertEquals(123L, book.getId());
- }
-
- // Test signing an XML payload
- @Test
- public void testJwsJsonPlainTextHmacXML() throws Exception {
- String address = "https://localhost:" + PORT + "/jwsjsonhmac";
- BookStore bs = createBookStore(address,
- "org/apache/cxf/systest/jaxrs/security/secret.jwk.properties",
- null);
- String text = bs.echoText("book");
- assertEquals("book", text);
- }
-
- // Test signing with a bad signature key
- @Test
- public void testJwsJsonPlaintextHMACBadKey() throws Exception {
- String address = "https://localhost:" + PORT + "/jwsjsonhmac";
- BookStore bs = createBookStore(address,
- "org/apache/cxf/systest/jaxrs/security/secret.jwk.bad.properties",
- null);
- try {
- bs.echoText("book");
- fail("Failure expected on a bad signature key");
- } catch (BadRequestException ex) {
- // expected
- }
- }
-
- private BookStore createBookStore(String address, Object properties,
- List<?> extraProviders) throws Exception {
- return createBookStore(address,
- Collections.singletonMap("rs.security.signature.list.properties", properties),
- extraProviders);
- }
- private BookStore createBookStore(String address,
- Map<String, Object> mapProperties,
- List<?> extraProviders) throws Exception {
- JAXRSClientFactoryBean bean = new JAXRSClientFactoryBean();
- SpringBusFactory bf = new SpringBusFactory();
- URL busFile = JAXRSJwsJsonTest.class.getResource("client.xml");
- Bus springBus = bf.createBus(busFile.toString());
- bean.setBus(springBus);
- bean.setServiceClass(BookStore.class);
- bean.setAddress(address);
- List<Object> providers = new LinkedList<Object>();
- JwsJsonWriterInterceptor writer = new JwsJsonWriterInterceptor();
- writer.setUseJwsJsonOutputStream(true);
- providers.add(writer);
- providers.add(new JwsJsonClientResponseFilter());
- if (extraProviders != null) {
- providers.addAll(extraProviders);
- }
- bean.setProviders(providers);
- bean.getProperties(true).putAll(mapProperties);
- return bean.create(BookStore.class);
- }
-
-}