You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cxf.apache.org by co...@apache.org on 2015/11/06 16:13:46 UTC
[5/6] cxf git commit: Adding initial TokenProvider to issue JWT
tokens in the STS
Adding initial TokenProvider to issue JWT tokens in the STS
Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/a98ff3b1
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/a98ff3b1
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/a98ff3b1
Branch: refs/heads/master
Commit: a98ff3b1cdb2cfd3ea2ffd8a10ebb83366384fe5
Parents: 7da65ce
Author: Colm O hEigeartaigh <co...@apache.org>
Authored: Fri Nov 6 12:19:14 2015 +0000
Committer: Colm O hEigeartaigh <co...@apache.org>
Committed: Fri Nov 6 14:58:59 2015 +0000
----------------------------------------------------------------------
services/sts/sts-core/pom.xml | 6 +
.../cxf/sts/operation/TokenIssueOperation.java | 7 +-
.../token/provider/TokenProviderResponse.java | 8 +-
.../provider/jwt/DefaultJWTClaimsProvider.java | 130 +++++++++++++
.../token/provider/jwt/JWTClaimsProvider.java | 33 ++++
.../jwt/JWTClaimsProviderParameters.java | 39 ++++
.../token/provider/jwt/JWTTokenProvider.java | 195 +++++++++++++++++++
.../claims/mapper/JexlIssueSamlClaimsTest.java | 2 +-
.../cxf/sts/operation/CancelSCTUnitTest.java | 2 +-
.../cxf/sts/operation/IssueJWTUnitTest.java | 193 ++++++++++++++++++
.../sts/operation/IssueOnbehalfofUnitTest.java | 2 +-
.../sts/operation/IssueSamlClaimsUnitTest.java | 2 +-
.../cxf/sts/operation/RenewSamlUnitTest.java | 2 +-
.../cxf/sts/operation/ValidateSCTUnitTest.java | 2 +-
.../cxf/sts/operation/ValidateSamlUnitTest.java | 2 +-
.../ValidateTokenTransformationUnitTest.java | 2 +-
.../token/provider/JWTTokenProviderTest.java | 124 ++++++++++++
.../cxf/sts/token/provider/SAMLClaimsTest.java | 12 +-
.../token/provider/SAMLProviderActAsTest.java | 10 +-
.../token/provider/SAMLProviderCustomTest.java | 16 +-
.../token/provider/SAMLProviderKeyTypeTest.java | 34 ++--
.../provider/SAMLProviderLifetimeTest.java | 12 +-
.../provider/SAMLProviderOnBehalfOfTest.java | 10 +-
.../token/provider/SAMLProviderRealmTest.java | 6 +-
.../cxf/sts/token/provider/SCTProviderTest.java | 6 +-
.../renewer/SAMLTokenRenewerLifetimeTest.java | 2 +-
.../token/renewer/SAMLTokenRenewerPOPTest.java | 2 +-
.../renewer/SAMLTokenRenewerRealmTest.java | 2 +-
.../sts/token/renewer/SAMLTokenRenewerTest.java | 2 +-
.../SAMLTokenValidatorCachedRealmTest.java | 2 +-
.../validator/SAMLTokenValidatorRealmTest.java | 2 +-
.../token/validator/SAMLTokenValidatorTest.java | 8 +-
32 files changed, 800 insertions(+), 77 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/cxf/blob/a98ff3b1/services/sts/sts-core/pom.xml
----------------------------------------------------------------------
diff --git a/services/sts/sts-core/pom.xml b/services/sts/sts-core/pom.xml
index 9bc4713..1f31c25 100644
--- a/services/sts/sts-core/pom.xml
+++ b/services/sts/sts-core/pom.xml
@@ -50,6 +50,12 @@
<scope>compile</scope>
</dependency>
<dependency>
+ <groupId>org.apache.cxf</groupId>
+ <artifactId>cxf-rt-rs-security-jose</artifactId>
+ <version>${project.version}</version>
+ <scope>compile</scope>
+ </dependency>
+ <dependency>
<groupId>net.sf.ehcache</groupId>
<artifactId>ehcache</artifactId>
<version>${cxf.ehcache.version}</version>
http://git-wip-us.apache.org/repos/asf/cxf/blob/a98ff3b1/services/sts/sts-core/src/main/java/org/apache/cxf/sts/operation/TokenIssueOperation.java
----------------------------------------------------------------------
diff --git a/services/sts/sts-core/src/main/java/org/apache/cxf/sts/operation/TokenIssueOperation.java b/services/sts/sts-core/src/main/java/org/apache/cxf/sts/operation/TokenIssueOperation.java
index 903737e..1d0c378 100644
--- a/services/sts/sts-core/src/main/java/org/apache/cxf/sts/operation/TokenIssueOperation.java
+++ b/services/sts/sts-core/src/main/java/org/apache/cxf/sts/operation/TokenIssueOperation.java
@@ -31,6 +31,8 @@ import javax.xml.bind.JAXBElement;
import javax.xml.ws.WebServiceContext;
import javax.xml.ws.handler.MessageContext;
+import org.w3c.dom.Element;
+
import org.apache.cxf.common.logging.LogUtils;
import org.apache.cxf.helpers.CastUtils;
import org.apache.cxf.rt.security.claims.ClaimCollection;
@@ -286,9 +288,12 @@ public class TokenIssueOperation extends AbstractOperation implements IssueOpera
if (!encryptIssuedToken) {
requestedTokenType.setAny(tokenResponse.getToken());
} else {
+ if (!(tokenResponse.getToken() instanceof Element)) {
+ throw new STSException("Error in creating the response", STSException.REQUEST_FAILED);
+ }
requestedTokenType.setAny(
encryptToken(
- tokenResponse.getToken(), tokenResponse.getTokenId(),
+ (Element)tokenResponse.getToken(), tokenResponse.getTokenId(),
encryptionProperties, keyRequirements, webServiceContext
)
);
http://git-wip-us.apache.org/repos/asf/cxf/blob/a98ff3b1/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/provider/TokenProviderResponse.java
----------------------------------------------------------------------
diff --git a/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/provider/TokenProviderResponse.java b/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/provider/TokenProviderResponse.java
index 3dda2e5..bf28778 100644
--- a/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/provider/TokenProviderResponse.java
+++ b/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/provider/TokenProviderResponse.java
@@ -21,14 +21,12 @@ package org.apache.cxf.sts.token.provider;
import java.util.Date;
-import org.w3c.dom.Element;
-
/**
* This class encapsulates the response from a TokenProvider instance after creating a token.
*/
public class TokenProviderResponse {
- private Element token;
+ private Object token;
private String tokenId;
private byte[] entropy;
private long keySize;
@@ -70,7 +68,7 @@ public class TokenProviderResponse {
* Set the token
* @param token the token to set
*/
- public void setToken(Element token) {
+ public void setToken(Object token) {
this.token = token;
}
@@ -78,7 +76,7 @@ public class TokenProviderResponse {
* Get the token
* @return the token to set
*/
- public Element getToken() {
+ public Object getToken() {
return token;
}
http://git-wip-us.apache.org/repos/asf/cxf/blob/a98ff3b1/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/provider/jwt/DefaultJWTClaimsProvider.java
----------------------------------------------------------------------
diff --git a/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/provider/jwt/DefaultJWTClaimsProvider.java b/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/provider/jwt/DefaultJWTClaimsProvider.java
new file mode 100644
index 0000000..5addb95
--- /dev/null
+++ b/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/provider/jwt/DefaultJWTClaimsProvider.java
@@ -0,0 +1,130 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.cxf.sts.token.provider.jwt;
+
+import java.security.Principal;
+import java.util.Date;
+import java.util.UUID;
+import java.util.logging.Logger;
+
+import javax.security.auth.x500.X500Principal;
+
+import org.apache.cxf.common.logging.LogUtils;
+import org.apache.cxf.rs.security.jose.jwt.JwtClaims;
+import org.apache.cxf.sts.request.ReceivedToken;
+import org.apache.cxf.sts.request.ReceivedToken.STATE;
+import org.apache.cxf.sts.token.provider.TokenProviderParameters;
+import org.apache.cxf.ws.security.sts.provider.STSException;
+
+/**
+ * A default implementation to create a JWTClaims object. The Subject name is the name
+ * of the current principal.
+ */
+public class DefaultJWTClaimsProvider implements JWTClaimsProvider {
+
+ private static final Logger LOG = LogUtils.getL7dLogger(DefaultJWTClaimsProvider.class);
+ private boolean useX500CN;
+
+ /**
+ * Get a JwtClaims object.
+ */
+ public JwtClaims getJwtClaims(JWTClaimsProviderParameters jwtClaimsProviderParameters) {
+
+ JwtClaims claims = new JwtClaims();
+ claims.setSubject(getSubjectName(jwtClaimsProviderParameters));
+ claims.setTokenId(UUID.randomUUID().toString());
+ claims.setIssuer("DoubleItSTSIssuer");
+
+ Date currentDate = new Date();
+ claims.setIssuedAt(currentDate.getTime() / 1000L);
+ long currentTime = currentDate.getTime() + 300L * 1000L;
+ currentDate.setTime(currentTime);
+ claims.setExpiryTime(currentDate.getTime() / 1000L);
+
+ return claims;
+ }
+
+ protected String getSubjectName(JWTClaimsProviderParameters jwtClaimsProviderParameters) {
+ Principal principal = getPrincipal(jwtClaimsProviderParameters);
+ if (principal == null) {
+ LOG.fine("Error in getting principal");
+ throw new STSException("Error in getting principal", STSException.REQUEST_FAILED);
+ }
+
+ String subjectName = principal.getName();
+ if (principal instanceof X500Principal) {
+ // Just use the "cn" instead of the entire DN
+ try {
+ String principalName = principal.getName();
+ int index = principalName.indexOf('=');
+ principalName = principalName.substring(index + 1, principalName.indexOf(',', index));
+ subjectName = principalName;
+ } catch (Throwable ex) {
+ subjectName = principal.getName();
+ //Ignore, not X500 compliant thus use the whole string as the value
+ }
+ }
+
+ return subjectName;
+ }
+
+ /**
+ * Get the Principal (which is used as the Subject). By default, we check the following (in order):
+ * - A valid OnBehalfOf principal
+ * - A valid ActAs principal
+ * - A valid principal associated with a token received as ValidateTarget
+ * - The principal associated with the request. We don't need to check to see if it is "valid" here, as it
+ * is not parsed by the STS (but rather the WS-Security layer).
+ */
+ protected Principal getPrincipal(JWTClaimsProviderParameters jwtClaimsProviderParameters) {
+ TokenProviderParameters providerParameters = jwtClaimsProviderParameters.getProviderParameters();
+
+ Principal principal = null;
+ //TokenValidator in IssueOperation has validated the ReceivedToken
+ //if validation was successful, the principal was set in ReceivedToken
+ if (providerParameters.getTokenRequirements().getOnBehalfOf() != null) {
+ ReceivedToken receivedToken = providerParameters.getTokenRequirements().getOnBehalfOf();
+ if (receivedToken.getState().equals(STATE.VALID)) {
+ principal = receivedToken.getPrincipal();
+ }
+ } else if (providerParameters.getTokenRequirements().getActAs() != null) {
+ ReceivedToken receivedToken = providerParameters.getTokenRequirements().getActAs();
+ if (receivedToken.getState().equals(STATE.VALID)) {
+ principal = receivedToken.getPrincipal();
+ }
+ } else if (providerParameters.getTokenRequirements().getValidateTarget() != null) {
+ ReceivedToken receivedToken = providerParameters.getTokenRequirements().getValidateTarget();
+ if (receivedToken.getState().equals(STATE.VALID)) {
+ principal = receivedToken.getPrincipal();
+ }
+ } else {
+ principal = providerParameters.getPrincipal();
+ }
+
+ return principal;
+ }
+
+ public boolean isUseX500CN() {
+ return useX500CN;
+ }
+
+ public void setUseX500CN(boolean useX500CN) {
+ this.useX500CN = useX500CN;
+ }
+}
http://git-wip-us.apache.org/repos/asf/cxf/blob/a98ff3b1/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/provider/jwt/JWTClaimsProvider.java
----------------------------------------------------------------------
diff --git a/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/provider/jwt/JWTClaimsProvider.java b/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/provider/jwt/JWTClaimsProvider.java
new file mode 100644
index 0000000..1505e60
--- /dev/null
+++ b/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/provider/jwt/JWTClaimsProvider.java
@@ -0,0 +1,33 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.cxf.sts.token.provider.jwt;
+
+import org.apache.cxf.rs.security.jose.jwt.JwtClaims;
+
+/**
+ * An interface that allows a pluggable way of creating a JWTClaims object
+ */
+public interface JWTClaimsProvider {
+
+ /**
+ * Get a JwtClaims object.
+ */
+ JwtClaims getJwtClaims(JWTClaimsProviderParameters jwtClaimsProviderParameters);
+
+}
http://git-wip-us.apache.org/repos/asf/cxf/blob/a98ff3b1/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/provider/jwt/JWTClaimsProviderParameters.java
----------------------------------------------------------------------
diff --git a/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/provider/jwt/JWTClaimsProviderParameters.java b/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/provider/jwt/JWTClaimsProviderParameters.java
new file mode 100644
index 0000000..24f1ed9
--- /dev/null
+++ b/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/provider/jwt/JWTClaimsProviderParameters.java
@@ -0,0 +1,39 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.cxf.sts.token.provider.jwt;
+
+import org.apache.cxf.sts.token.provider.TokenProviderParameters;
+
+/**
+ * The parameters that are passed through to a JWTClaimsProvider implementation to create a
+ * JWTClaims Object.
+ */
+public class JWTClaimsProviderParameters {
+
+ private TokenProviderParameters providerParameters;
+
+ public TokenProviderParameters getProviderParameters() {
+ return providerParameters;
+ }
+
+ public void setProviderParameters(TokenProviderParameters providerParameters) {
+ this.providerParameters = providerParameters;
+ }
+
+}
http://git-wip-us.apache.org/repos/asf/cxf/blob/a98ff3b1/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/provider/jwt/JWTTokenProvider.java
----------------------------------------------------------------------
diff --git a/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/provider/jwt/JWTTokenProvider.java b/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/provider/jwt/JWTTokenProvider.java
new file mode 100644
index 0000000..b458281
--- /dev/null
+++ b/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/provider/jwt/JWTTokenProvider.java
@@ -0,0 +1,195 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.cxf.sts.token.provider.jwt;
+
+import java.util.Date;
+import java.util.HashMap;
+import java.util.Map;
+import java.util.Properties;
+import java.util.logging.Level;
+import java.util.logging.Logger;
+
+import org.apache.cxf.common.logging.LogUtils;
+import org.apache.cxf.rs.security.jose.common.JoseConstants;
+import org.apache.cxf.rs.security.jose.jws.JwsJwtCompactProducer;
+import org.apache.cxf.rs.security.jose.jwt.JwtClaims;
+import org.apache.cxf.rs.security.jose.jwt.JwtToken;
+import org.apache.cxf.sts.request.TokenRequirements;
+import org.apache.cxf.sts.token.provider.TokenProvider;
+import org.apache.cxf.sts.token.provider.TokenProviderParameters;
+import org.apache.cxf.sts.token.provider.TokenProviderResponse;
+import org.apache.cxf.sts.token.realm.SAMLRealm;
+import org.apache.cxf.ws.security.sts.provider.STSException;
+
+/**
+ * A TokenProvider implementation that provides a JWT Token.
+ */
+public class JWTTokenProvider implements TokenProvider {
+
+ public static final String JWT_TOKEN_TYPE = "urn:ietf:params:oauth:token-type:jwt";
+ private static final Logger LOG = LogUtils.getL7dLogger(JWTTokenProvider.class);
+
+ private boolean signToken = true;
+ private Map<String, SAMLRealm> realmMap = new HashMap<>();
+ private JWTClaimsProvider jwtClaimsProvider = new DefaultJWTClaimsProvider();
+
+ /**
+ * Return true if this TokenProvider implementation is capable of providing a token
+ * that corresponds to the given TokenType.
+ */
+ public boolean canHandleToken(String tokenType) {
+ return canHandleToken(tokenType, null);
+ }
+
+ /**
+ * Return true if this TokenProvider implementation is capable of providing a token
+ * that corresponds to the given TokenType in a given realm.
+ */
+ public boolean canHandleToken(String tokenType, String realm) {
+ if (realm != null && !realmMap.containsKey(realm)) {
+ return false;
+ }
+ return JWT_TOKEN_TYPE.equals(tokenType);
+ }
+
+ /**
+ * Create a token given a TokenProviderParameters
+ */
+ public TokenProviderResponse createToken(TokenProviderParameters tokenParameters) {
+ //KeyRequirements keyRequirements = tokenParameters.getKeyRequirements();
+ TokenRequirements tokenRequirements = tokenParameters.getTokenRequirements();
+ if (LOG.isLoggable(Level.FINE)) {
+ LOG.fine("Handling token of type: " + tokenRequirements.getTokenType());
+ }
+
+ // Get the claims
+ JWTClaimsProviderParameters jwtClaimsProviderParameters = new JWTClaimsProviderParameters();
+ jwtClaimsProviderParameters.setProviderParameters(tokenParameters);
+
+ JwtClaims claims = jwtClaimsProvider.getJwtClaims(jwtClaimsProviderParameters);
+
+ /*
+ if (signToken) {
+ STSPropertiesMBean stsProperties = tokenParameters.getStsProperties();
+ signToken(assertion, samlRealm, stsProperties, tokenParameters.getKeyRequirements());
+ }
+ */
+
+ try {
+ /*
+ Document doc = DOMUtils.createDocument();
+ SamlAssertionWrapper assertion = createSamlToken(tokenParameters, secret, doc);
+ Element token = assertion.toDOM(doc);
+
+ // set the token in cache (only if the token is signed)
+ byte[] signatureValue = assertion.getSignatureValue();
+ if (tokenParameters.getTokenStore() != null && signatureValue != null
+ && signatureValue.length > 0) {
+ DateTime validTill = null;
+ if (assertion.getSamlVersion().equals(SAMLVersion.VERSION_20)) {
+ validTill = assertion.getSaml2().getConditions().getNotOnOrAfter();
+ } else {
+ validTill = assertion.getSaml1().getConditions().getNotOnOrAfter();
+ }
+
+ SecurityToken securityToken =
+ CacheUtils.createSecurityTokenForStorage(token, assertion.getId(),
+ validTill.toDate(), tokenParameters.getPrincipal(), tokenParameters.getRealm(),
+ tokenParameters.getTokenRequirements().getRenewing());
+ CacheUtils.storeTokenInCache(
+ securityToken, tokenParameters.getTokenStore(), signatureValue);
+ }
+ */
+
+ JwtToken token = new JwtToken(claims);
+
+ Properties signingProperties = new Properties();
+ signingProperties.put(JoseConstants.RSSEC_SIGNATURE_ALGORITHM, "none");
+
+ JwsJwtCompactProducer jws = new JwsJwtCompactProducer(token);
+ jws.setSignatureProperties(signingProperties);
+ String tokenData = jws.getSignedEncodedJws();
+
+ TokenProviderResponse response = new TokenProviderResponse();
+ response.setToken(tokenData);
+
+ response.setTokenId(claims.getTokenId());
+
+ if (claims.getIssuedAt() > 0) {
+ response.setCreated(new Date(claims.getIssuedAt() * 1000L));
+ }
+ if (claims.getExpiryTime() > 0) {
+ response.setExpires(new Date(claims.getExpiryTime() * 1000L));
+ }
+
+ /*response.setEntropy(entropyBytes);
+ if (keySize > 0) {
+ response.setKeySize(keySize);
+ }
+ response.setComputedKey(computedKey);
+ */
+ LOG.fine("JWT Token successfully created");
+ return response;
+ } catch (Exception e) {
+ e.printStackTrace();
+ LOG.log(Level.WARNING, "", e);
+ throw new STSException("Can't serialize JWT token", e, STSException.REQUEST_FAILED);
+ }
+ }
+
+ /**
+ * Return whether the provided token will be signed or not. Default is true.
+ */
+ public boolean isSignToken() {
+ return signToken;
+ }
+
+ /**
+ * Set whether the provided token will be signed or not. Default is true.
+ */
+ public void setSignToken(boolean signToken) {
+ this.signToken = signToken;
+ }
+
+ /**
+ * Set the map of realm->SAMLRealm for this token provider
+ * @param realms the map of realm->SAMLRealm for this token provider
+ */
+ public void setRealmMap(Map<String, SAMLRealm> realms) {
+ this.realmMap = realms;
+ }
+
+ /**
+ * Get the map of realm->SAMLRealm for this token provider
+ * @return the map of realm->SAMLRealm for this token provider
+ */
+ public Map<String, SAMLRealm> getRealmMap() {
+ return realmMap;
+ }
+
+ public JWTClaimsProvider getJwtClaimsProvider() {
+ return jwtClaimsProvider;
+ }
+
+ public void setJwtClaimsProvider(JWTClaimsProvider jwtClaimsProvider) {
+ this.jwtClaimsProvider = jwtClaimsProvider;
+ }
+
+}
http://git-wip-us.apache.org/repos/asf/cxf/blob/a98ff3b1/services/sts/sts-core/src/test/java/org/apache/cxf/sts/claims/mapper/JexlIssueSamlClaimsTest.java
----------------------------------------------------------------------
diff --git a/services/sts/sts-core/src/test/java/org/apache/cxf/sts/claims/mapper/JexlIssueSamlClaimsTest.java b/services/sts/sts-core/src/test/java/org/apache/cxf/sts/claims/mapper/JexlIssueSamlClaimsTest.java
index 50cb9fd..f43ba17 100644
--- a/services/sts/sts-core/src/test/java/org/apache/cxf/sts/claims/mapper/JexlIssueSamlClaimsTest.java
+++ b/services/sts/sts-core/src/test/java/org/apache/cxf/sts/claims/mapper/JexlIssueSamlClaimsTest.java
@@ -358,7 +358,7 @@ public class JexlIssueSamlClaimsTest extends org.junit.Assert {
assertTrue(providerResponse != null);
assertTrue(providerResponse.getToken() != null && providerResponse.getTokenId() != null);
- return providerResponse.getToken();
+ return (Element)providerResponse.getToken();
}
private TokenProviderParameters createProviderParameters(String tokenType, String keyType, Crypto crypto,
http://git-wip-us.apache.org/repos/asf/cxf/blob/a98ff3b1/services/sts/sts-core/src/test/java/org/apache/cxf/sts/operation/CancelSCTUnitTest.java
----------------------------------------------------------------------
diff --git a/services/sts/sts-core/src/test/java/org/apache/cxf/sts/operation/CancelSCTUnitTest.java b/services/sts/sts-core/src/test/java/org/apache/cxf/sts/operation/CancelSCTUnitTest.java
index bc0990f..f8dc0cf 100644
--- a/services/sts/sts-core/src/test/java/org/apache/cxf/sts/operation/CancelSCTUnitTest.java
+++ b/services/sts/sts-core/src/test/java/org/apache/cxf/sts/operation/CancelSCTUnitTest.java
@@ -98,7 +98,7 @@ public class CancelSCTUnitTest extends org.junit.Assert {
// Get a SecurityContextToken via the SCTProvider
TokenProviderResponse providerResponse = createSCT();
- Element sct = providerResponse.getToken();
+ Element sct = (Element)providerResponse.getToken();
Document doc = sct.getOwnerDocument();
sct = (Element)doc.appendChild(sct);
CancelTargetType cancelTarget = new CancelTargetType();
http://git-wip-us.apache.org/repos/asf/cxf/blob/a98ff3b1/services/sts/sts-core/src/test/java/org/apache/cxf/sts/operation/IssueJWTUnitTest.java
----------------------------------------------------------------------
diff --git a/services/sts/sts-core/src/test/java/org/apache/cxf/sts/operation/IssueJWTUnitTest.java b/services/sts/sts-core/src/test/java/org/apache/cxf/sts/operation/IssueJWTUnitTest.java
new file mode 100644
index 0000000..6112d2f
--- /dev/null
+++ b/services/sts/sts-core/src/test/java/org/apache/cxf/sts/operation/IssueJWTUnitTest.java
@@ -0,0 +1,193 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.cxf.sts.operation;
+
+import java.security.Principal;
+import java.util.ArrayList;
+import java.util.Collections;
+import java.util.List;
+import java.util.Properties;
+
+import javax.xml.bind.JAXBElement;
+import javax.xml.namespace.QName;
+
+import org.w3c.dom.Document;
+import org.w3c.dom.Element;
+
+import org.apache.cxf.helpers.DOMUtils;
+import org.apache.cxf.jaxws.context.WebServiceContextImpl;
+import org.apache.cxf.jaxws.context.WrappedMessageContext;
+import org.apache.cxf.message.MessageImpl;
+import org.apache.cxf.rs.security.jose.jws.JwsJwtCompactConsumer;
+import org.apache.cxf.rs.security.jose.jwt.JwtConstants;
+import org.apache.cxf.rs.security.jose.jwt.JwtToken;
+import org.apache.cxf.security.SecurityContext;
+import org.apache.cxf.sts.QNameConstants;
+import org.apache.cxf.sts.STSConstants;
+import org.apache.cxf.sts.STSPropertiesMBean;
+import org.apache.cxf.sts.StaticSTSProperties;
+import org.apache.cxf.sts.cache.DefaultInMemoryTokenStore;
+import org.apache.cxf.sts.common.PasswordCallbackHandler;
+import org.apache.cxf.sts.service.ServiceMBean;
+import org.apache.cxf.sts.service.StaticService;
+import org.apache.cxf.sts.token.provider.TokenProvider;
+import org.apache.cxf.sts.token.provider.jwt.JWTTokenProvider;
+import org.apache.cxf.ws.security.sts.provider.model.RequestSecurityTokenResponseCollectionType;
+import org.apache.cxf.ws.security.sts.provider.model.RequestSecurityTokenResponseType;
+import org.apache.cxf.ws.security.sts.provider.model.RequestSecurityTokenType;
+import org.apache.cxf.ws.security.sts.provider.model.RequestedSecurityTokenType;
+import org.apache.cxf.ws.security.tokenstore.TokenStore;
+import org.apache.wss4j.common.crypto.Crypto;
+import org.apache.wss4j.common.crypto.CryptoFactory;
+import org.apache.wss4j.common.principal.CustomTokenPrincipal;
+import org.apache.wss4j.dom.WSConstants;
+import org.junit.Assert;
+
+/**
+ * Some unit tests for the issue operation to issue JWT Tokens.
+ */
+public class IssueJWTUnitTest extends org.junit.Assert {
+
+ public static final QName REQUESTED_SECURITY_TOKEN =
+ QNameConstants.WS_TRUST_FACTORY.createRequestedSecurityToken(null).getName();
+ public static final QName ATTACHED_REFERENCE =
+ QNameConstants.WS_TRUST_FACTORY.createRequestedAttachedReference(null).getName();
+ public static final QName UNATTACHED_REFERENCE =
+ QNameConstants.WS_TRUST_FACTORY.createRequestedUnattachedReference(null).getName();
+
+ private static TokenStore tokenStore = new DefaultInMemoryTokenStore();
+
+ /**
+ * Test to successfully issue a JWT Token
+ */
+ @org.junit.Test
+ public void testIssueJWTToken() throws Exception {
+ TokenIssueOperation issueOperation = new TokenIssueOperation();
+ issueOperation.setTokenStore(tokenStore);
+
+ // Add Token Provider
+ List<TokenProvider> providerList = new ArrayList<TokenProvider>();
+ providerList.add(new JWTTokenProvider());
+ issueOperation.setTokenProviders(providerList);
+
+ // Add Service
+ ServiceMBean service = new StaticService();
+ service.setEndpoints(Collections.singletonList("http://dummy-service.com/dummy"));
+ issueOperation.setServices(Collections.singletonList(service));
+
+ // Add STSProperties object
+ STSPropertiesMBean stsProperties = new StaticSTSProperties();
+ Crypto crypto = CryptoFactory.getInstance(getEncryptionProperties());
+ stsProperties.setEncryptionCrypto(crypto);
+ stsProperties.setSignatureCrypto(crypto);
+ stsProperties.setEncryptionUsername("myservicekey");
+ stsProperties.setSignatureUsername("mystskey");
+ stsProperties.setCallbackHandler(new PasswordCallbackHandler());
+ stsProperties.setIssuer("STS");
+ issueOperation.setStsProperties(stsProperties);
+
+ // Mock up a request
+ RequestSecurityTokenType request = new RequestSecurityTokenType();
+ JAXBElement<String> tokenType =
+ new JAXBElement<String>(
+ QNameConstants.TOKEN_TYPE, String.class, JWTTokenProvider.JWT_TOKEN_TYPE
+ );
+ request.getAny().add(tokenType);
+ request.getAny().add(createAppliesToElement("http://dummy-service.com/dummy"));
+
+ // Mock up message context
+ MessageImpl msg = new MessageImpl();
+ WrappedMessageContext msgCtx = new WrappedMessageContext(msg);
+ msgCtx.put(
+ SecurityContext.class.getName(),
+ createSecurityContext(new CustomTokenPrincipal("alice"))
+ );
+ WebServiceContextImpl webServiceContext = new WebServiceContextImpl(msgCtx);
+
+ // Issue a token
+ RequestSecurityTokenResponseCollectionType response =
+ issueOperation.issue(request, webServiceContext);
+ List<RequestSecurityTokenResponseType> securityTokenResponse =
+ response.getRequestSecurityTokenResponse();
+ assertTrue(!securityTokenResponse.isEmpty());
+
+ // Test the generated token.
+ String jwtToken = null;
+ for (Object tokenObject : securityTokenResponse.get(0).getAny()) {
+ if (tokenObject instanceof JAXBElement<?>
+ && REQUESTED_SECURITY_TOKEN.equals(((JAXBElement<?>)tokenObject).getName())) {
+ RequestedSecurityTokenType rstType =
+ (RequestedSecurityTokenType)((JAXBElement<?>)tokenObject).getValue();
+ jwtToken = (String)rstType.getAny();
+ break;
+ }
+ }
+
+ assertNotNull(jwtToken);
+
+ // Validate the token
+ JwsJwtCompactConsumer jwtConsumer = new JwsJwtCompactConsumer(jwtToken);
+ JwtToken jwt = jwtConsumer.getJwtToken();
+ Assert.assertEquals("alice", jwt.getClaim(JwtConstants.CLAIM_SUBJECT));
+ }
+
+ /*
+ * Create a security context object
+ */
+ private SecurityContext createSecurityContext(final Principal p) {
+ return new SecurityContext() {
+ public Principal getUserPrincipal() {
+ return p;
+ }
+ public boolean isUserInRole(String role) {
+ return false;
+ }
+ };
+ }
+
+ /*
+ * Mock up an AppliesTo element using the supplied address
+ */
+ private Element createAppliesToElement(String addressUrl) {
+ Document doc = DOMUtils.createDocument();
+ Element appliesTo = doc.createElementNS(STSConstants.WSP_NS, "wsp:AppliesTo");
+ appliesTo.setAttributeNS(WSConstants.XMLNS_NS, "xmlns:wsp", STSConstants.WSP_NS);
+ Element endpointRef = doc.createElementNS(STSConstants.WSA_NS_05, "wsa:EndpointReference");
+ endpointRef.setAttributeNS(WSConstants.XMLNS_NS, "xmlns:wsa", STSConstants.WSA_NS_05);
+ Element address = doc.createElementNS(STSConstants.WSA_NS_05, "wsa:Address");
+ address.setAttributeNS(WSConstants.XMLNS_NS, "xmlns:wsa", STSConstants.WSA_NS_05);
+ address.setTextContent(addressUrl);
+ endpointRef.appendChild(address);
+ appliesTo.appendChild(endpointRef);
+ return appliesTo;
+ }
+
+ private Properties getEncryptionProperties() {
+ Properties properties = new Properties();
+ properties.put(
+ "org.apache.wss4j.crypto.provider", "org.apache.wss4j.common.crypto.Merlin"
+ );
+ properties.put("org.apache.wss4j.crypto.merlin.keystore.password", "stsspass");
+ properties.put("org.apache.wss4j.crypto.merlin.keystore.file", "stsstore.jks");
+
+ return properties;
+ }
+
+
+}
http://git-wip-us.apache.org/repos/asf/cxf/blob/a98ff3b1/services/sts/sts-core/src/test/java/org/apache/cxf/sts/operation/IssueOnbehalfofUnitTest.java
----------------------------------------------------------------------
diff --git a/services/sts/sts-core/src/test/java/org/apache/cxf/sts/operation/IssueOnbehalfofUnitTest.java b/services/sts/sts-core/src/test/java/org/apache/cxf/sts/operation/IssueOnbehalfofUnitTest.java
index f77e4c8..6a2354d 100644
--- a/services/sts/sts-core/src/test/java/org/apache/cxf/sts/operation/IssueOnbehalfofUnitTest.java
+++ b/services/sts/sts-core/src/test/java/org/apache/cxf/sts/operation/IssueOnbehalfofUnitTest.java
@@ -1240,7 +1240,7 @@ public class IssueOnbehalfofUnitTest extends org.junit.Assert {
assertTrue(providerResponse != null);
assertTrue(providerResponse.getToken() != null && providerResponse.getTokenId() != null);
- return providerResponse.getToken();
+ return (Element)providerResponse.getToken();
}
private TokenProviderParameters createProviderParameters(
http://git-wip-us.apache.org/repos/asf/cxf/blob/a98ff3b1/services/sts/sts-core/src/test/java/org/apache/cxf/sts/operation/IssueSamlClaimsUnitTest.java
----------------------------------------------------------------------
diff --git a/services/sts/sts-core/src/test/java/org/apache/cxf/sts/operation/IssueSamlClaimsUnitTest.java b/services/sts/sts-core/src/test/java/org/apache/cxf/sts/operation/IssueSamlClaimsUnitTest.java
index 7c4ae20..acd061a 100644
--- a/services/sts/sts-core/src/test/java/org/apache/cxf/sts/operation/IssueSamlClaimsUnitTest.java
+++ b/services/sts/sts-core/src/test/java/org/apache/cxf/sts/operation/IssueSamlClaimsUnitTest.java
@@ -878,7 +878,7 @@ public class IssueSamlClaimsUnitTest extends org.junit.Assert {
assertTrue(providerResponse != null);
assertTrue(providerResponse.getToken() != null && providerResponse.getTokenId() != null);
- return providerResponse.getToken();
+ return (Element)providerResponse.getToken();
}
private TokenProviderParameters createProviderParameters(
http://git-wip-us.apache.org/repos/asf/cxf/blob/a98ff3b1/services/sts/sts-core/src/test/java/org/apache/cxf/sts/operation/RenewSamlUnitTest.java
----------------------------------------------------------------------
diff --git a/services/sts/sts-core/src/test/java/org/apache/cxf/sts/operation/RenewSamlUnitTest.java b/services/sts/sts-core/src/test/java/org/apache/cxf/sts/operation/RenewSamlUnitTest.java
index b60099e..1d50ff8 100644
--- a/services/sts/sts-core/src/test/java/org/apache/cxf/sts/operation/RenewSamlUnitTest.java
+++ b/services/sts/sts-core/src/test/java/org/apache/cxf/sts/operation/RenewSamlUnitTest.java
@@ -516,7 +516,7 @@ public class RenewSamlUnitTest extends org.junit.Assert {
assertTrue(providerResponse != null);
assertTrue(providerResponse.getToken() != null && providerResponse.getTokenId() != null);
- return providerResponse.getToken();
+ return (Element)providerResponse.getToken();
}
private TokenProviderParameters createProviderParameters(
http://git-wip-us.apache.org/repos/asf/cxf/blob/a98ff3b1/services/sts/sts-core/src/test/java/org/apache/cxf/sts/operation/ValidateSCTUnitTest.java
----------------------------------------------------------------------
diff --git a/services/sts/sts-core/src/test/java/org/apache/cxf/sts/operation/ValidateSCTUnitTest.java b/services/sts/sts-core/src/test/java/org/apache/cxf/sts/operation/ValidateSCTUnitTest.java
index 55d142d..d17404b 100644
--- a/services/sts/sts-core/src/test/java/org/apache/cxf/sts/operation/ValidateSCTUnitTest.java
+++ b/services/sts/sts-core/src/test/java/org/apache/cxf/sts/operation/ValidateSCTUnitTest.java
@@ -105,7 +105,7 @@ public class ValidateSCTUnitTest extends org.junit.Assert {
// Get a SecurityContextToken via the SCTProvider
TokenProviderResponse providerResponse = createSCT();
- Element sct = providerResponse.getToken();
+ Element sct = (Element)providerResponse.getToken();
Document doc = sct.getOwnerDocument();
sct = (Element)doc.appendChild(sct);
ValidateTargetType validateTarget = new ValidateTargetType();
http://git-wip-us.apache.org/repos/asf/cxf/blob/a98ff3b1/services/sts/sts-core/src/test/java/org/apache/cxf/sts/operation/ValidateSamlUnitTest.java
----------------------------------------------------------------------
diff --git a/services/sts/sts-core/src/test/java/org/apache/cxf/sts/operation/ValidateSamlUnitTest.java b/services/sts/sts-core/src/test/java/org/apache/cxf/sts/operation/ValidateSamlUnitTest.java
index eb9be37..53ade10 100644
--- a/services/sts/sts-core/src/test/java/org/apache/cxf/sts/operation/ValidateSamlUnitTest.java
+++ b/services/sts/sts-core/src/test/java/org/apache/cxf/sts/operation/ValidateSamlUnitTest.java
@@ -247,7 +247,7 @@ public class ValidateSamlUnitTest extends org.junit.Assert {
assertTrue(providerResponse != null);
assertTrue(providerResponse.getToken() != null && providerResponse.getTokenId() != null);
- return providerResponse.getToken();
+ return (Element)providerResponse.getToken();
}
private TokenProviderParameters createProviderParameters(
http://git-wip-us.apache.org/repos/asf/cxf/blob/a98ff3b1/services/sts/sts-core/src/test/java/org/apache/cxf/sts/operation/ValidateTokenTransformationUnitTest.java
----------------------------------------------------------------------
diff --git a/services/sts/sts-core/src/test/java/org/apache/cxf/sts/operation/ValidateTokenTransformationUnitTest.java b/services/sts/sts-core/src/test/java/org/apache/cxf/sts/operation/ValidateTokenTransformationUnitTest.java
index c0d4f3d..857ea55 100644
--- a/services/sts/sts-core/src/test/java/org/apache/cxf/sts/operation/ValidateTokenTransformationUnitTest.java
+++ b/services/sts/sts-core/src/test/java/org/apache/cxf/sts/operation/ValidateTokenTransformationUnitTest.java
@@ -871,7 +871,7 @@ public class ValidateTokenTransformationUnitTest extends org.junit.Assert {
assertTrue(providerResponse != null);
assertTrue(providerResponse.getToken() != null && providerResponse.getTokenId() != null);
- return providerResponse.getToken();
+ return (Element)providerResponse.getToken();
}
private TokenProviderParameters createProviderParameters(
http://git-wip-us.apache.org/repos/asf/cxf/blob/a98ff3b1/services/sts/sts-core/src/test/java/org/apache/cxf/sts/token/provider/JWTTokenProviderTest.java
----------------------------------------------------------------------
diff --git a/services/sts/sts-core/src/test/java/org/apache/cxf/sts/token/provider/JWTTokenProviderTest.java b/services/sts/sts-core/src/test/java/org/apache/cxf/sts/token/provider/JWTTokenProviderTest.java
new file mode 100644
index 0000000..19d41f2
--- /dev/null
+++ b/services/sts/sts-core/src/test/java/org/apache/cxf/sts/token/provider/JWTTokenProviderTest.java
@@ -0,0 +1,124 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.cxf.sts.token.provider;
+
+import java.util.Properties;
+
+import org.apache.cxf.jaxws.context.WebServiceContextImpl;
+import org.apache.cxf.jaxws.context.WrappedMessageContext;
+import org.apache.cxf.message.MessageImpl;
+import org.apache.cxf.rs.security.jose.jws.JwsJwtCompactConsumer;
+import org.apache.cxf.rs.security.jose.jwt.JwtConstants;
+import org.apache.cxf.rs.security.jose.jwt.JwtToken;
+import org.apache.cxf.sts.StaticSTSProperties;
+import org.apache.cxf.sts.cache.DefaultInMemoryTokenStore;
+import org.apache.cxf.sts.common.PasswordCallbackHandler;
+import org.apache.cxf.sts.request.KeyRequirements;
+import org.apache.cxf.sts.request.TokenRequirements;
+import org.apache.cxf.sts.service.EncryptionProperties;
+import org.apache.cxf.sts.token.provider.jwt.JWTTokenProvider;
+import org.apache.cxf.ws.security.tokenstore.TokenStore;
+import org.apache.wss4j.common.crypto.Crypto;
+import org.apache.wss4j.common.crypto.CryptoFactory;
+import org.apache.wss4j.common.ext.WSSecurityException;
+import org.apache.wss4j.common.principal.CustomTokenPrincipal;
+import org.junit.Assert;
+
+/**
+ * Some unit tests for creating JWTTokens.
+ */
+public class JWTTokenProviderTest extends org.junit.Assert {
+
+ private static TokenStore tokenStore = new DefaultInMemoryTokenStore();
+
+ @org.junit.Test
+ public void testCreateUnsignedJWT() throws Exception {
+ TokenProvider jwtTokenProvider = new JWTTokenProvider();
+
+ TokenProviderParameters providerParameters = createProviderParameters();
+
+ assertTrue(jwtTokenProvider.canHandleToken(JWTTokenProvider.JWT_TOKEN_TYPE));
+ TokenProviderResponse providerResponse = jwtTokenProvider.createToken(providerParameters);
+ assertTrue(providerResponse != null);
+ assertTrue(providerResponse.getToken() != null && providerResponse.getTokenId() != null);
+
+ String token = (String)providerResponse.getToken();
+ assertNotNull(token);
+ assertTrue(token.split("\\.").length == 2);
+
+ // Validate the token
+ JwsJwtCompactConsumer jwtConsumer = new JwsJwtCompactConsumer(token);
+ JwtToken jwt = jwtConsumer.getJwtToken();
+ Assert.assertEquals("alice", jwt.getClaim(JwtConstants.CLAIM_SUBJECT));
+ Assert.assertEquals(providerResponse.getTokenId(), jwt.getClaim(JwtConstants.CLAIM_JWT_ID));
+ Assert.assertEquals(providerResponse.getCreated().getTime() / 1000L,
+ jwt.getClaim(JwtConstants.CLAIM_ISSUED_AT));
+ Assert.assertEquals(providerResponse.getExpires().getTime() / 1000L,
+ jwt.getClaim(JwtConstants.CLAIM_EXPIRY));
+ }
+
+ private TokenProviderParameters createProviderParameters() throws WSSecurityException {
+ TokenProviderParameters parameters = new TokenProviderParameters();
+
+ TokenRequirements tokenRequirements = new TokenRequirements();
+ tokenRequirements.setTokenType(JWTTokenProvider.JWT_TOKEN_TYPE);
+ parameters.setTokenRequirements(tokenRequirements);
+
+ KeyRequirements keyRequirements = new KeyRequirements();
+ parameters.setKeyRequirements(keyRequirements);
+
+ parameters.setTokenStore(tokenStore);
+
+ parameters.setPrincipal(new CustomTokenPrincipal("alice"));
+ // Mock up message context
+ MessageImpl msg = new MessageImpl();
+ WrappedMessageContext msgCtx = new WrappedMessageContext(msg);
+ WebServiceContextImpl webServiceContext = new WebServiceContextImpl(msgCtx);
+ parameters.setWebServiceContext(webServiceContext);
+
+ parameters.setAppliesToAddress("http://dummy-service.com/dummy");
+
+ // Add STSProperties object
+ StaticSTSProperties stsProperties = new StaticSTSProperties();
+ Crypto crypto = CryptoFactory.getInstance(getEncryptionProperties());
+ stsProperties.setSignatureCrypto(crypto);
+ stsProperties.setSignatureUsername("mystskey");
+ stsProperties.setCallbackHandler(new PasswordCallbackHandler());
+ stsProperties.setIssuer("STS");
+ parameters.setStsProperties(stsProperties);
+
+ parameters.setEncryptionProperties(new EncryptionProperties());
+
+ return parameters;
+ }
+
+ private Properties getEncryptionProperties() {
+ Properties properties = new Properties();
+ properties.put(
+ "org.apache.wss4j.crypto.provider", "org.apache.wss4j.common.crypto.Merlin"
+ );
+ properties.put("org.apache.wss4j.crypto.merlin.keystore.password", "stsspass");
+ properties.put("org.apache.wss4j.crypto.merlin.keystore.file", "stsstore.jks");
+
+ return properties;
+ }
+
+
+
+}
http://git-wip-us.apache.org/repos/asf/cxf/blob/a98ff3b1/services/sts/sts-core/src/test/java/org/apache/cxf/sts/token/provider/SAMLClaimsTest.java
----------------------------------------------------------------------
diff --git a/services/sts/sts-core/src/test/java/org/apache/cxf/sts/token/provider/SAMLClaimsTest.java b/services/sts/sts-core/src/test/java/org/apache/cxf/sts/token/provider/SAMLClaimsTest.java
index 9aa376b..f4d292b 100644
--- a/services/sts/sts-core/src/test/java/org/apache/cxf/sts/token/provider/SAMLClaimsTest.java
+++ b/services/sts/sts-core/src/test/java/org/apache/cxf/sts/token/provider/SAMLClaimsTest.java
@@ -100,7 +100,7 @@ public class SAMLClaimsTest extends org.junit.Assert {
assertTrue(providerResponse != null);
assertTrue(providerResponse.getToken() != null && providerResponse.getTokenId() != null);
- Element token = providerResponse.getToken();
+ Element token = (Element)providerResponse.getToken();
String tokenString = DOM2Writer.nodeToString(token);
assertTrue(tokenString.contains(providerResponse.getTokenId()));
assertTrue(tokenString.contains("AttributeStatement"));
@@ -145,7 +145,7 @@ public class SAMLClaimsTest extends org.junit.Assert {
assertTrue(providerResponse != null);
assertTrue(providerResponse.getToken() != null && providerResponse.getTokenId() != null);
- Element token = providerResponse.getToken();
+ Element token = (Element)providerResponse.getToken();
String tokenString = DOM2Writer.nodeToString(token);
assertTrue(tokenString.contains(providerResponse.getTokenId()));
assertTrue(tokenString.contains("AttributeStatement"));
@@ -194,7 +194,7 @@ public class SAMLClaimsTest extends org.junit.Assert {
assertTrue(providerResponse != null);
assertTrue(providerResponse.getToken() != null && providerResponse.getTokenId() != null);
- Element token = providerResponse.getToken();
+ Element token = (Element)providerResponse.getToken();
String tokenString = DOM2Writer.nodeToString(token);
assertTrue(tokenString.contains(providerResponse.getTokenId()));
assertTrue(tokenString.contains("AttributeStatement"));
@@ -238,7 +238,7 @@ public class SAMLClaimsTest extends org.junit.Assert {
assertTrue(providerResponse != null);
assertTrue(providerResponse.getToken() != null && providerResponse.getTokenId() != null);
- Element token = providerResponse.getToken();
+ Element token = (Element)providerResponse.getToken();
String tokenString = DOM2Writer.nodeToString(token);
assertTrue(tokenString.contains(providerResponse.getTokenId()));
assertTrue(tokenString.contains("AttributeStatement"));
@@ -295,7 +295,7 @@ public class SAMLClaimsTest extends org.junit.Assert {
assertTrue(providerResponse != null);
assertTrue(providerResponse.getToken() != null && providerResponse.getTokenId() != null);
- Element token = providerResponse.getToken();
+ Element token = (Element)providerResponse.getToken();
String tokenString = DOM2Writer.nodeToString(token);
assertTrue(tokenString.contains(providerResponse.getTokenId()));
assertTrue(tokenString.contains("AttributeStatement"));
@@ -387,7 +387,7 @@ public class SAMLClaimsTest extends org.junit.Assert {
assertTrue(providerResponse != null);
assertTrue(providerResponse.getToken() != null && providerResponse.getTokenId() != null);
- Element token = providerResponse.getToken();
+ Element token = (Element)providerResponse.getToken();
String tokenString = DOM2Writer.nodeToString(token);
assertTrue(tokenString.contains(providerResponse.getTokenId()));
assertTrue(tokenString.contains("AttributeStatement"));
http://git-wip-us.apache.org/repos/asf/cxf/blob/a98ff3b1/services/sts/sts-core/src/test/java/org/apache/cxf/sts/token/provider/SAMLProviderActAsTest.java
----------------------------------------------------------------------
diff --git a/services/sts/sts-core/src/test/java/org/apache/cxf/sts/token/provider/SAMLProviderActAsTest.java b/services/sts/sts-core/src/test/java/org/apache/cxf/sts/token/provider/SAMLProviderActAsTest.java
index 48a4263..b032602 100644
--- a/services/sts/sts-core/src/test/java/org/apache/cxf/sts/token/provider/SAMLProviderActAsTest.java
+++ b/services/sts/sts-core/src/test/java/org/apache/cxf/sts/token/provider/SAMLProviderActAsTest.java
@@ -81,7 +81,7 @@ public class SAMLProviderActAsTest extends org.junit.Assert {
assertTrue(providerResponse != null);
assertTrue(providerResponse.getToken() != null && providerResponse.getTokenId() != null);
- Element token = providerResponse.getToken();
+ Element token = (Element)providerResponse.getToken();
String tokenString = DOM2Writer.nodeToString(token);
assertTrue(tokenString.contains(providerResponse.getTokenId()));
assertTrue(tokenString.contains("AttributeStatement"));
@@ -112,7 +112,7 @@ public class SAMLProviderActAsTest extends org.junit.Assert {
assertTrue(providerResponse != null);
assertTrue(providerResponse.getToken() != null && providerResponse.getTokenId() != null);
- Element token = providerResponse.getToken();
+ Element token = (Element)providerResponse.getToken();
String tokenString = DOM2Writer.nodeToString(token);
assertTrue(tokenString.contains(providerResponse.getTokenId()));
assertTrue(tokenString.contains("AttributeStatement"));
@@ -149,7 +149,7 @@ public class SAMLProviderActAsTest extends org.junit.Assert {
assertTrue(providerResponse != null);
assertTrue(providerResponse.getToken() != null && providerResponse.getTokenId() != null);
- Element token = providerResponse.getToken();
+ Element token = (Element)providerResponse.getToken();
String tokenString = DOM2Writer.nodeToString(token);
assertTrue(tokenString.contains(providerResponse.getTokenId()));
assertTrue(tokenString.contains("AttributeStatement"));
@@ -170,7 +170,7 @@ public class SAMLProviderActAsTest extends org.junit.Assert {
assertTrue(providerResponse != null);
assertTrue(providerResponse.getToken() != null && providerResponse.getTokenId() != null);
- token = providerResponse.getToken();
+ token = (Element)providerResponse.getToken();
tokenString = DOM2Writer.nodeToString(token);
assertTrue(tokenString.contains("CustomActAs"));
}
@@ -184,7 +184,7 @@ public class SAMLProviderActAsTest extends org.junit.Assert {
assertTrue(providerResponse != null);
assertTrue(providerResponse.getToken() != null && providerResponse.getTokenId() != null);
- return providerResponse.getToken();
+ return (Element)providerResponse.getToken();
}
http://git-wip-us.apache.org/repos/asf/cxf/blob/a98ff3b1/services/sts/sts-core/src/test/java/org/apache/cxf/sts/token/provider/SAMLProviderCustomTest.java
----------------------------------------------------------------------
diff --git a/services/sts/sts-core/src/test/java/org/apache/cxf/sts/token/provider/SAMLProviderCustomTest.java b/services/sts/sts-core/src/test/java/org/apache/cxf/sts/token/provider/SAMLProviderCustomTest.java
index 07fa676..9ead280 100644
--- a/services/sts/sts-core/src/test/java/org/apache/cxf/sts/token/provider/SAMLProviderCustomTest.java
+++ b/services/sts/sts-core/src/test/java/org/apache/cxf/sts/token/provider/SAMLProviderCustomTest.java
@@ -66,7 +66,7 @@ public class SAMLProviderCustomTest extends org.junit.Assert {
assertTrue(providerResponse != null);
assertTrue(providerResponse.getToken() != null && providerResponse.getTokenId() != null);
- Element token = providerResponse.getToken();
+ Element token = (Element)providerResponse.getToken();
String tokenString = DOM2Writer.nodeToString(token);
assertTrue(tokenString.contains(providerResponse.getTokenId()));
assertTrue(tokenString.contains("AttributeStatement"));
@@ -94,7 +94,7 @@ public class SAMLProviderCustomTest extends org.junit.Assert {
assertTrue(providerResponse != null);
assertTrue(providerResponse.getToken() != null && providerResponse.getTokenId() != null);
- Element token = providerResponse.getToken();
+ Element token = (Element)providerResponse.getToken();
String tokenString = DOM2Writer.nodeToString(token);
assertTrue(tokenString.contains(providerResponse.getTokenId()));
assertFalse(tokenString.contains("AttributeStatement"));
@@ -122,7 +122,7 @@ public class SAMLProviderCustomTest extends org.junit.Assert {
assertTrue(providerResponse != null);
assertTrue(providerResponse.getToken() != null && providerResponse.getTokenId() != null);
- Element token = providerResponse.getToken();
+ Element token = (Element)providerResponse.getToken();
String tokenString = DOM2Writer.nodeToString(token);
assertTrue(tokenString.contains(providerResponse.getTokenId()));
assertFalse(tokenString.contains("AttributeStatement"));
@@ -155,7 +155,7 @@ public class SAMLProviderCustomTest extends org.junit.Assert {
assertTrue(providerResponse != null);
assertTrue(providerResponse.getToken() != null && providerResponse.getTokenId() != null);
- Element token = providerResponse.getToken();
+ Element token = (Element)providerResponse.getToken();
String tokenString = DOM2Writer.nodeToString(token);
assertTrue(tokenString.contains(providerResponse.getTokenId()));
assertTrue(tokenString.contains("AttributeStatement"));
@@ -182,7 +182,7 @@ public class SAMLProviderCustomTest extends org.junit.Assert {
assertTrue(providerResponse != null);
assertTrue(providerResponse.getToken() != null && providerResponse.getTokenId() != null);
- Element token = providerResponse.getToken();
+ Element token = (Element)providerResponse.getToken();
String tokenString = DOM2Writer.nodeToString(token);
assertTrue(tokenString.contains(providerResponse.getTokenId()));
assertTrue(tokenString.contains("AttributeStatement"));
@@ -210,7 +210,7 @@ public class SAMLProviderCustomTest extends org.junit.Assert {
assertTrue(providerResponse != null);
assertTrue(providerResponse.getToken() != null && providerResponse.getTokenId() != null);
- Element token = providerResponse.getToken();
+ Element token = (Element)providerResponse.getToken();
String tokenString = DOM2Writer.nodeToString(token);
assertTrue(tokenString.contains(providerResponse.getTokenId()));
assertFalse(tokenString.contains("AttributeStatement"));
@@ -235,7 +235,7 @@ public class SAMLProviderCustomTest extends org.junit.Assert {
assertTrue(providerResponse != null);
assertTrue(providerResponse.getToken() != null && providerResponse.getTokenId() != null);
- Element token = providerResponse.getToken();
+ Element token = (Element)providerResponse.getToken();
String tokenString = DOM2Writer.nodeToString(token);
assertTrue(tokenString.contains(providerResponse.getTokenId()));
assertTrue(tokenString.contains("AttributeStatement"));
@@ -262,7 +262,7 @@ public class SAMLProviderCustomTest extends org.junit.Assert {
assertTrue(providerResponse != null);
assertTrue(providerResponse.getToken() != null && providerResponse.getTokenId() != null);
- Element token = providerResponse.getToken();
+ Element token = (Element)providerResponse.getToken();
String tokenString = DOM2Writer.nodeToString(token);
assertTrue(tokenString.contains(providerResponse.getTokenId()));
assertTrue(tokenString.contains("AttributeStatement"));
http://git-wip-us.apache.org/repos/asf/cxf/blob/a98ff3b1/services/sts/sts-core/src/test/java/org/apache/cxf/sts/token/provider/SAMLProviderKeyTypeTest.java
----------------------------------------------------------------------
diff --git a/services/sts/sts-core/src/test/java/org/apache/cxf/sts/token/provider/SAMLProviderKeyTypeTest.java b/services/sts/sts-core/src/test/java/org/apache/cxf/sts/token/provider/SAMLProviderKeyTypeTest.java
index 25c2305..ec90777 100644
--- a/services/sts/sts-core/src/test/java/org/apache/cxf/sts/token/provider/SAMLProviderKeyTypeTest.java
+++ b/services/sts/sts-core/src/test/java/org/apache/cxf/sts/token/provider/SAMLProviderKeyTypeTest.java
@@ -69,7 +69,7 @@ public class SAMLProviderKeyTypeTest extends org.junit.Assert {
assertTrue(providerResponse != null);
assertTrue(providerResponse.getToken() != null && providerResponse.getTokenId() != null);
- Element token = providerResponse.getToken();
+ Element token = (Element)providerResponse.getToken();
String tokenString = DOM2Writer.nodeToString(token);
assertTrue(tokenString.contains(providerResponse.getTokenId()));
assertTrue(tokenString.contains("AttributeStatement"));
@@ -92,7 +92,7 @@ public class SAMLProviderKeyTypeTest extends org.junit.Assert {
assertTrue(providerResponse != null);
assertTrue(providerResponse.getToken() != null && providerResponse.getTokenId() != null);
- Element token = providerResponse.getToken();
+ Element token = (Element)providerResponse.getToken();
String tokenString = DOM2Writer.nodeToString(token);
assertTrue(tokenString.contains(providerResponse.getTokenId()));
assertTrue(tokenString.contains("AttributeStatement"));
@@ -133,7 +133,7 @@ public class SAMLProviderKeyTypeTest extends org.junit.Assert {
assertTrue(providerResponse != null);
assertTrue(providerResponse.getToken() != null && providerResponse.getTokenId() != null);
- Element token = providerResponse.getToken();
+ Element token = (Element)providerResponse.getToken();
String tokenString = DOM2Writer.nodeToString(token);
assertTrue(tokenString.contains(providerResponse.getTokenId()));
assertTrue(tokenString.contains("AttributeStatement"));
@@ -173,7 +173,7 @@ public class SAMLProviderKeyTypeTest extends org.junit.Assert {
assertTrue(providerResponse != null);
assertTrue(providerResponse.getToken() != null && providerResponse.getTokenId() != null);
- Element token = providerResponse.getToken();
+ Element token = (Element)providerResponse.getToken();
String tokenString = DOM2Writer.nodeToString(token);
assertTrue(tokenString.contains(providerResponse.getTokenId()));
assertTrue(tokenString.contains("AttributeStatement"));
@@ -221,7 +221,7 @@ public class SAMLProviderKeyTypeTest extends org.junit.Assert {
assertTrue(providerResponse != null);
assertTrue(providerResponse.getToken() != null && providerResponse.getTokenId() != null);
- Element token = providerResponse.getToken();
+ Element token = (Element)providerResponse.getToken();
String tokenString = DOM2Writer.nodeToString(token);
assertTrue(tokenString.contains(providerResponse.getTokenId()));
assertTrue(tokenString.contains("AttributeStatement"));
@@ -268,7 +268,7 @@ public class SAMLProviderKeyTypeTest extends org.junit.Assert {
assertTrue(providerResponse != null);
assertTrue(providerResponse.getToken() != null && providerResponse.getTokenId() != null);
- Element token = providerResponse.getToken();
+ Element token = (Element)providerResponse.getToken();
String tokenString = DOM2Writer.nodeToString(token);
assertTrue(tokenString.contains(providerResponse.getTokenId()));
assertTrue(tokenString.contains("AttributeStatement"));
@@ -320,7 +320,7 @@ public class SAMLProviderKeyTypeTest extends org.junit.Assert {
assertTrue(providerResponse != null);
assertTrue(providerResponse.getToken() != null && providerResponse.getTokenId() != null);
- Element token = providerResponse.getToken();
+ Element token = (Element)providerResponse.getToken();
String tokenString = DOM2Writer.nodeToString(token);
assertTrue(tokenString.contains(providerResponse.getTokenId()));
assertTrue(tokenString.contains("AttributeStatement"));
@@ -389,7 +389,7 @@ public class SAMLProviderKeyTypeTest extends org.junit.Assert {
assertTrue(providerResponse != null);
assertTrue(providerResponse.getToken() != null && providerResponse.getTokenId() != null);
- Element token = providerResponse.getToken();
+ Element token = (Element)providerResponse.getToken();
String tokenString = DOM2Writer.nodeToString(token);
assertTrue(tokenString.contains(providerResponse.getTokenId()));
assertTrue(tokenString.contains("AttributeStatement"));
@@ -417,7 +417,7 @@ public class SAMLProviderKeyTypeTest extends org.junit.Assert {
assertTrue(providerResponse != null);
assertTrue(providerResponse.getToken() != null && providerResponse.getTokenId() != null);
- Element token = providerResponse.getToken();
+ Element token = (Element)providerResponse.getToken();
String tokenString = DOM2Writer.nodeToString(token);
assertTrue(tokenString.contains(providerResponse.getTokenId()));
assertTrue(tokenString.contains("AttributeStatement"));
@@ -446,7 +446,7 @@ public class SAMLProviderKeyTypeTest extends org.junit.Assert {
assertTrue(providerResponse != null);
assertTrue(providerResponse.getToken() != null && providerResponse.getTokenId() != null);
- Element token = providerResponse.getToken();
+ Element token = (Element)providerResponse.getToken();
String tokenString = DOM2Writer.nodeToString(token);
assertTrue(tokenString.contains(providerResponse.getTokenId()));
assertTrue(tokenString.contains("AttributeStatement"));
@@ -473,7 +473,7 @@ public class SAMLProviderKeyTypeTest extends org.junit.Assert {
assertTrue(providerResponse != null);
assertTrue(providerResponse.getToken() != null && providerResponse.getTokenId() != null);
- Element token = providerResponse.getToken();
+ Element token = (Element)providerResponse.getToken();
String tokenString = DOM2Writer.nodeToString(token);
assertFalse(tokenString.contains(WSConstants.C14N_EXCL_WITH_COMMENTS));
assertTrue(tokenString.contains(WSConstants.C14N_EXCL_OMIT_COMMENTS));
@@ -491,7 +491,7 @@ public class SAMLProviderKeyTypeTest extends org.junit.Assert {
assertTrue(providerResponse != null);
assertTrue(providerResponse.getToken() != null && providerResponse.getTokenId() != null);
- token = providerResponse.getToken();
+ token = (Element)providerResponse.getToken();
tokenString = DOM2Writer.nodeToString(token);
assertTrue(tokenString.contains(WSConstants.C14N_EXCL_WITH_COMMENTS));
}
@@ -515,7 +515,7 @@ public class SAMLProviderKeyTypeTest extends org.junit.Assert {
assertTrue(providerResponse != null);
assertTrue(providerResponse.getToken() != null && providerResponse.getTokenId() != null);
- Element token = providerResponse.getToken();
+ Element token = (Element)providerResponse.getToken();
String tokenString = DOM2Writer.nodeToString(token);
assertTrue(tokenString.contains("http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"));
@@ -528,7 +528,7 @@ public class SAMLProviderKeyTypeTest extends org.junit.Assert {
assertTrue(providerResponse != null);
assertTrue(providerResponse.getToken() != null && providerResponse.getTokenId() != null);
- token = providerResponse.getToken();
+ token = (Element)providerResponse.getToken();
tokenString = DOM2Writer.nodeToString(token);
assertFalse(tokenString.contains(signatureAlgorithm));
assertTrue(tokenString.contains("http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"));
@@ -542,7 +542,7 @@ public class SAMLProviderKeyTypeTest extends org.junit.Assert {
assertTrue(providerResponse != null);
assertTrue(providerResponse.getToken() != null && providerResponse.getTokenId() != null);
- token = providerResponse.getToken();
+ token = (Element)providerResponse.getToken();
tokenString = DOM2Writer.nodeToString(token);
assertTrue(tokenString.contains(signatureAlgorithm));
}
@@ -561,7 +561,7 @@ public class SAMLProviderKeyTypeTest extends org.junit.Assert {
assertTrue(providerResponse != null);
assertTrue(providerResponse.getToken() != null && providerResponse.getTokenId() != null);
- Element token = providerResponse.getToken();
+ Element token = (Element)providerResponse.getToken();
String tokenString = DOM2Writer.nodeToString(token);
assertTrue(tokenString.contains(WSConstants.SHA256));
@@ -574,7 +574,7 @@ public class SAMLProviderKeyTypeTest extends org.junit.Assert {
assertTrue(providerResponse != null);
assertTrue(providerResponse.getToken() != null && providerResponse.getTokenId() != null);
- token = providerResponse.getToken();
+ token = (Element)providerResponse.getToken();
tokenString = DOM2Writer.nodeToString(token);
assertTrue(tokenString.contains(WSConstants.SHA1));
}
http://git-wip-us.apache.org/repos/asf/cxf/blob/a98ff3b1/services/sts/sts-core/src/test/java/org/apache/cxf/sts/token/provider/SAMLProviderLifetimeTest.java
----------------------------------------------------------------------
diff --git a/services/sts/sts-core/src/test/java/org/apache/cxf/sts/token/provider/SAMLProviderLifetimeTest.java b/services/sts/sts-core/src/test/java/org/apache/cxf/sts/token/provider/SAMLProviderLifetimeTest.java
index 1a9d38e..e186afa 100644
--- a/services/sts/sts-core/src/test/java/org/apache/cxf/sts/token/provider/SAMLProviderLifetimeTest.java
+++ b/services/sts/sts-core/src/test/java/org/apache/cxf/sts/token/provider/SAMLProviderLifetimeTest.java
@@ -81,7 +81,7 @@ public class SAMLProviderLifetimeTest extends org.junit.Assert {
assertTrue(providerResponse.getToken() != null && providerResponse.getTokenId() != null);
assertEquals(requestedLifetime * 1000L, providerResponse.getExpires().getTime()
- providerResponse.getCreated().getTime());
- Element token = providerResponse.getToken();
+ Element token = (Element)providerResponse.getToken();
String tokenString = DOM2Writer.nodeToString(token);
assertTrue(tokenString.contains(providerResponse.getTokenId()));
}
@@ -112,7 +112,7 @@ public class SAMLProviderLifetimeTest extends org.junit.Assert {
assertTrue(providerResponse.getToken() != null && providerResponse.getTokenId() != null);
assertEquals(providerLifetime * 1000L, providerResponse.getExpires().getTime()
- providerResponse.getCreated().getTime());
- Element token = providerResponse.getToken();
+ Element token = (Element)providerResponse.getToken();
String tokenString = DOM2Writer.nodeToString(token);
assertTrue(tokenString.contains(providerResponse.getTokenId()));
}
@@ -234,7 +234,7 @@ public class SAMLProviderLifetimeTest extends org.junit.Assert {
assertTrue(providerResponse.getToken() != null && providerResponse.getTokenId() != null);
assertEquals(maxLifetime * 1000L, providerResponse.getExpires().getTime()
- providerResponse.getCreated().getTime());
- Element token = providerResponse.getToken();
+ Element token = (Element)providerResponse.getToken();
String tokenString = DOM2Writer.nodeToString(token);
assertTrue(tokenString.contains(providerResponse.getTokenId()));
}
@@ -274,7 +274,7 @@ public class SAMLProviderLifetimeTest extends org.junit.Assert {
assertTrue(providerResponse.getToken() != null && providerResponse.getTokenId() != null);
assertEquals(50L * 1000L, providerResponse.getExpires().getTime()
- providerResponse.getCreated().getTime());
- Element token = providerResponse.getToken();
+ Element token = (Element)providerResponse.getToken();
String tokenString = DOM2Writer.nodeToString(token);
assertTrue(tokenString.contains(providerResponse.getTokenId()));
}
@@ -322,7 +322,7 @@ public class SAMLProviderLifetimeTest extends org.junit.Assert {
TokenProviderResponse providerResponse = samlTokenProvider.createToken(providerParameters);
assertTrue(providerResponse != null);
assertTrue(providerResponse.getToken() != null && providerResponse.getTokenId() != null);
- Element token = providerResponse.getToken();
+ Element token = (Element)providerResponse.getToken();
String tokenString = DOM2Writer.nodeToString(token);
assertTrue(tokenString.contains(providerResponse.getTokenId()));
}
@@ -359,7 +359,7 @@ public class SAMLProviderLifetimeTest extends org.junit.Assert {
assertTrue(providerResponse.getToken() != null && providerResponse.getTokenId() != null);
assertEquals(conditionsProvider.getLifetime() * 1000L, providerResponse.getExpires().getTime()
- providerResponse.getCreated().getTime());
- Element token = providerResponse.getToken();
+ Element token = (Element)providerResponse.getToken();
String tokenString = DOM2Writer.nodeToString(token);
assertTrue(tokenString.contains(providerResponse.getTokenId()));
}
http://git-wip-us.apache.org/repos/asf/cxf/blob/a98ff3b1/services/sts/sts-core/src/test/java/org/apache/cxf/sts/token/provider/SAMLProviderOnBehalfOfTest.java
----------------------------------------------------------------------
diff --git a/services/sts/sts-core/src/test/java/org/apache/cxf/sts/token/provider/SAMLProviderOnBehalfOfTest.java b/services/sts/sts-core/src/test/java/org/apache/cxf/sts/token/provider/SAMLProviderOnBehalfOfTest.java
index 9158fc1..20a690c 100644
--- a/services/sts/sts-core/src/test/java/org/apache/cxf/sts/token/provider/SAMLProviderOnBehalfOfTest.java
+++ b/services/sts/sts-core/src/test/java/org/apache/cxf/sts/token/provider/SAMLProviderOnBehalfOfTest.java
@@ -82,7 +82,7 @@ public class SAMLProviderOnBehalfOfTest extends org.junit.Assert {
assertTrue(providerResponse != null);
assertTrue(providerResponse.getToken() != null && providerResponse.getTokenId() != null);
- Element token = providerResponse.getToken();
+ Element token = (Element)providerResponse.getToken();
String tokenString = DOM2Writer.nodeToString(token);
assertTrue(tokenString.contains(providerResponse.getTokenId()));
assertTrue(tokenString.contains("AttributeStatement"));
@@ -112,7 +112,7 @@ public class SAMLProviderOnBehalfOfTest extends org.junit.Assert {
assertTrue(providerResponse != null);
assertTrue(providerResponse.getToken() != null && providerResponse.getTokenId() != null);
- Element token = providerResponse.getToken();
+ Element token = (Element)providerResponse.getToken();
String tokenString = DOM2Writer.nodeToString(token);
assertTrue(tokenString.contains(providerResponse.getTokenId()));
assertTrue(tokenString.contains("AttributeStatement"));
@@ -149,7 +149,7 @@ public class SAMLProviderOnBehalfOfTest extends org.junit.Assert {
assertTrue(providerResponse != null);
assertTrue(providerResponse.getToken() != null && providerResponse.getTokenId() != null);
- Element token = providerResponse.getToken();
+ Element token = (Element)providerResponse.getToken();
String tokenString = DOM2Writer.nodeToString(token);
assertTrue(tokenString.contains(providerResponse.getTokenId()));
assertTrue(tokenString.contains("AttributeStatement"));
@@ -170,7 +170,7 @@ public class SAMLProviderOnBehalfOfTest extends org.junit.Assert {
assertTrue(providerResponse != null);
assertTrue(providerResponse.getToken() != null && providerResponse.getTokenId() != null);
- token = providerResponse.getToken();
+ token = (Element)providerResponse.getToken();
tokenString = DOM2Writer.nodeToString(token);
assertTrue(tokenString.contains("CustomOnBehalfOf"));
}
@@ -186,7 +186,7 @@ public class SAMLProviderOnBehalfOfTest extends org.junit.Assert {
assertTrue(providerResponse != null);
assertTrue(providerResponse.getToken() != null && providerResponse.getTokenId() != null);
- return providerResponse.getToken();
+ return (Element)providerResponse.getToken();
}
http://git-wip-us.apache.org/repos/asf/cxf/blob/a98ff3b1/services/sts/sts-core/src/test/java/org/apache/cxf/sts/token/provider/SAMLProviderRealmTest.java
----------------------------------------------------------------------
diff --git a/services/sts/sts-core/src/test/java/org/apache/cxf/sts/token/provider/SAMLProviderRealmTest.java b/services/sts/sts-core/src/test/java/org/apache/cxf/sts/token/provider/SAMLProviderRealmTest.java
index 1072e14..2ef1669 100644
--- a/services/sts/sts-core/src/test/java/org/apache/cxf/sts/token/provider/SAMLProviderRealmTest.java
+++ b/services/sts/sts-core/src/test/java/org/apache/cxf/sts/token/provider/SAMLProviderRealmTest.java
@@ -72,7 +72,7 @@ public class SAMLProviderRealmTest extends org.junit.Assert {
assertTrue(providerResponse != null);
assertTrue(providerResponse.getToken() != null && providerResponse.getTokenId() != null);
- Element token = providerResponse.getToken();
+ Element token = (Element)providerResponse.getToken();
String tokenString = DOM2Writer.nodeToString(token);
assertTrue(tokenString.contains(providerResponse.getTokenId()));
assertTrue(tokenString.contains("A-Issuer"));
@@ -86,7 +86,7 @@ public class SAMLProviderRealmTest extends org.junit.Assert {
assertTrue(providerResponse != null);
assertTrue(providerResponse.getToken() != null && providerResponse.getTokenId() != null);
- token = providerResponse.getToken();
+ token = (Element)providerResponse.getToken();
tokenString = DOM2Writer.nodeToString(token);
assertTrue(tokenString.contains(providerResponse.getTokenId()));
assertFalse(tokenString.contains("A-Issuer"));
@@ -100,7 +100,7 @@ public class SAMLProviderRealmTest extends org.junit.Assert {
assertTrue(providerResponse != null);
assertTrue(providerResponse.getToken() != null && providerResponse.getTokenId() != null);
- token = providerResponse.getToken();
+ token = (Element)providerResponse.getToken();
tokenString = DOM2Writer.nodeToString(token);
assertTrue(tokenString.contains(providerResponse.getTokenId()));
assertFalse(tokenString.contains("A-Issuer"));
http://git-wip-us.apache.org/repos/asf/cxf/blob/a98ff3b1/services/sts/sts-core/src/test/java/org/apache/cxf/sts/token/provider/SCTProviderTest.java
----------------------------------------------------------------------
diff --git a/services/sts/sts-core/src/test/java/org/apache/cxf/sts/token/provider/SCTProviderTest.java b/services/sts/sts-core/src/test/java/org/apache/cxf/sts/token/provider/SCTProviderTest.java
index b0ed248..658d24b 100644
--- a/services/sts/sts-core/src/test/java/org/apache/cxf/sts/token/provider/SCTProviderTest.java
+++ b/services/sts/sts-core/src/test/java/org/apache/cxf/sts/token/provider/SCTProviderTest.java
@@ -63,7 +63,7 @@ public class SCTProviderTest extends org.junit.Assert {
assertTrue(providerResponse != null);
assertTrue(providerResponse.getToken() != null && providerResponse.getTokenId() != null);
- Element token = providerResponse.getToken();
+ Element token = (Element)providerResponse.getToken();
String tokenString = DOM2Writer.nodeToString(token);
assertTrue(tokenString.contains(ConversationConstants.WSC_NS_05_12));
assertFalse(tokenString.contains(ConversationConstants.WSC_NS_05_02));
@@ -84,7 +84,7 @@ public class SCTProviderTest extends org.junit.Assert {
assertTrue(providerResponse != null);
assertTrue(providerResponse.getToken() != null && providerResponse.getTokenId() != null);
- Element token = providerResponse.getToken();
+ Element token = (Element)providerResponse.getToken();
String tokenString = DOM2Writer.nodeToString(token);
assertTrue(tokenString.contains(ConversationConstants.WSC_NS_05_02));
assertFalse(tokenString.contains(ConversationConstants.WSC_NS_05_12));
@@ -129,7 +129,7 @@ public class SCTProviderTest extends org.junit.Assert {
assertTrue(providerResponse != null);
assertTrue(providerResponse.getToken() != null && providerResponse.getTokenId() != null);
- Element token = providerResponse.getToken();
+ Element token = (Element)providerResponse.getToken();
SecurityContextToken sctToken = new SecurityContextToken(token);
String identifier = sctToken.getIdentifier();
assertNotNull(tokenStore.getToken(identifier));
http://git-wip-us.apache.org/repos/asf/cxf/blob/a98ff3b1/services/sts/sts-core/src/test/java/org/apache/cxf/sts/token/renewer/SAMLTokenRenewerLifetimeTest.java
----------------------------------------------------------------------
diff --git a/services/sts/sts-core/src/test/java/org/apache/cxf/sts/token/renewer/SAMLTokenRenewerLifetimeTest.java b/services/sts/sts-core/src/test/java/org/apache/cxf/sts/token/renewer/SAMLTokenRenewerLifetimeTest.java
index 2a13451..34a419b 100644
--- a/services/sts/sts-core/src/test/java/org/apache/cxf/sts/token/renewer/SAMLTokenRenewerLifetimeTest.java
+++ b/services/sts/sts-core/src/test/java/org/apache/cxf/sts/token/renewer/SAMLTokenRenewerLifetimeTest.java
@@ -387,7 +387,7 @@ public class SAMLTokenRenewerLifetimeTest extends org.junit.Assert {
assertTrue(providerResponse != null);
assertTrue(providerResponse.getToken() != null && providerResponse.getTokenId() != null);
- return providerResponse.getToken();
+ return (Element)providerResponse.getToken();
}
private TokenProviderParameters createProviderParameters(
http://git-wip-us.apache.org/repos/asf/cxf/blob/a98ff3b1/services/sts/sts-core/src/test/java/org/apache/cxf/sts/token/renewer/SAMLTokenRenewerPOPTest.java
----------------------------------------------------------------------
diff --git a/services/sts/sts-core/src/test/java/org/apache/cxf/sts/token/renewer/SAMLTokenRenewerPOPTest.java b/services/sts/sts-core/src/test/java/org/apache/cxf/sts/token/renewer/SAMLTokenRenewerPOPTest.java
index 130e9fc..00d7211 100644
--- a/services/sts/sts-core/src/test/java/org/apache/cxf/sts/token/renewer/SAMLTokenRenewerPOPTest.java
+++ b/services/sts/sts-core/src/test/java/org/apache/cxf/sts/token/renewer/SAMLTokenRenewerPOPTest.java
@@ -301,7 +301,7 @@ public class SAMLTokenRenewerPOPTest extends org.junit.Assert {
assertTrue(providerResponse != null);
assertTrue(providerResponse.getToken() != null && providerResponse.getTokenId() != null);
- return providerResponse.getToken();
+ return (Element)providerResponse.getToken();
}
private TokenProviderParameters createProviderParameters(
http://git-wip-us.apache.org/repos/asf/cxf/blob/a98ff3b1/services/sts/sts-core/src/test/java/org/apache/cxf/sts/token/renewer/SAMLTokenRenewerRealmTest.java
----------------------------------------------------------------------
diff --git a/services/sts/sts-core/src/test/java/org/apache/cxf/sts/token/renewer/SAMLTokenRenewerRealmTest.java b/services/sts/sts-core/src/test/java/org/apache/cxf/sts/token/renewer/SAMLTokenRenewerRealmTest.java
index 27f487c..afee371 100644
--- a/services/sts/sts-core/src/test/java/org/apache/cxf/sts/token/renewer/SAMLTokenRenewerRealmTest.java
+++ b/services/sts/sts-core/src/test/java/org/apache/cxf/sts/token/renewer/SAMLTokenRenewerRealmTest.java
@@ -294,7 +294,7 @@ public class SAMLTokenRenewerRealmTest extends org.junit.Assert {
assertTrue(providerResponse != null);
assertTrue(providerResponse.getToken() != null && providerResponse.getTokenId() != null);
- return providerResponse.getToken();
+ return (Element)providerResponse.getToken();
}
private Map<String, SAMLRealm> getSamlRealms() {
http://git-wip-us.apache.org/repos/asf/cxf/blob/a98ff3b1/services/sts/sts-core/src/test/java/org/apache/cxf/sts/token/renewer/SAMLTokenRenewerTest.java
----------------------------------------------------------------------
diff --git a/services/sts/sts-core/src/test/java/org/apache/cxf/sts/token/renewer/SAMLTokenRenewerTest.java b/services/sts/sts-core/src/test/java/org/apache/cxf/sts/token/renewer/SAMLTokenRenewerTest.java
index 646d2ed..3b56bf5 100644
--- a/services/sts/sts-core/src/test/java/org/apache/cxf/sts/token/renewer/SAMLTokenRenewerTest.java
+++ b/services/sts/sts-core/src/test/java/org/apache/cxf/sts/token/renewer/SAMLTokenRenewerTest.java
@@ -594,7 +594,7 @@ public class SAMLTokenRenewerTest extends org.junit.Assert {
assertTrue(providerResponse != null);
assertTrue(providerResponse.getToken() != null && providerResponse.getTokenId() != null);
- return providerResponse.getToken();
+ return (Element)providerResponse.getToken();
}
private TokenProviderParameters createProviderParameters(
http://git-wip-us.apache.org/repos/asf/cxf/blob/a98ff3b1/services/sts/sts-core/src/test/java/org/apache/cxf/sts/token/validator/SAMLTokenValidatorCachedRealmTest.java
----------------------------------------------------------------------
diff --git a/services/sts/sts-core/src/test/java/org/apache/cxf/sts/token/validator/SAMLTokenValidatorCachedRealmTest.java b/services/sts/sts-core/src/test/java/org/apache/cxf/sts/token/validator/SAMLTokenValidatorCachedRealmTest.java
index 9e47b64..c12f1c7 100644
--- a/services/sts/sts-core/src/test/java/org/apache/cxf/sts/token/validator/SAMLTokenValidatorCachedRealmTest.java
+++ b/services/sts/sts-core/src/test/java/org/apache/cxf/sts/token/validator/SAMLTokenValidatorCachedRealmTest.java
@@ -186,7 +186,7 @@ public class SAMLTokenValidatorCachedRealmTest extends org.junit.Assert {
assertTrue(providerResponse != null);
assertTrue(providerResponse.getToken() != null && providerResponse.getTokenId() != null);
- return providerResponse.getToken();
+ return (Element)providerResponse.getToken();
}
private Map<String, SAMLRealm> getSamlRealms() {