You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@camel.apache.org by ja...@apache.org on 2021/02/02 13:48:17 UTC
[camel-quarkus] 01/02: XML Security native support
This is an automated email from the ASF dual-hosted git repository.
jamesnetherton pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/camel-quarkus.git
commit 797785cea4da35864f99c65ac2958c23c429a483
Author: James Netherton <ja...@gmail.com>
AuthorDate: Tue Feb 2 07:47:07 2021 +0000
XML Security native support
Fixes #1617
---
.../pages/reference/extensions/xmlsecurity.adoc | 19 +-
.../reference/components/xmlsecurity-sign.adoc | 6 +-
.../reference/components/xmlsecurity-verify.adoc | 6 +-
.../partials/reference/dataformats/secureXML.adoc | 6 +-
extensions-jvm/pom.xml | 1 -
.../deployment/XmlsecurityProcessor.java | 46 ----
.../xmlsecurity/it/XmlsecurityResource.java | 77 ------
.../deployment/XalanNativeImageProcessor.java | 2 +
extensions/pom.xml | 1 +
.../xmlsecurity/deployment/pom.xml | 16 ++
.../deployment/XmlsecurityProcessor.java | 71 ++++++
{extensions-jvm => extensions}/xmlsecurity/pom.xml | 1 -
.../xmlsecurity/runtime/pom.xml | 17 ++
.../runtime/src/main/doc/limitations.adoc | 1 +
.../main/resources/META-INF/quarkus-extension.yaml | 3 +-
integration-tests/pom.xml | 1 +
.../xmlsecurity}/pom.xml | 54 +++-
.../xmlsecurity/it/XmlsecurityProducers.java | 144 +++++++++++
.../xmlsecurity/it/XmlsecurityResource.java | 179 +++++++++++++
.../xmlsecurity/it/XmlsecurityRoutes.java | 97 +++++++
.../src/main/resources/application.properties | 17 ++
.../xmlsecurity/src/main/resources/xslt-test.xsl | 28 +-
.../component/xmlsecurity/it/XmlsecurityIT.java | 32 +--
.../component/xmlsecurity/it/XmlsecurityTest.java | 282 +++++++++++++++++++++
.../xmlsecurity/src/test/resources/xml-test.xml | 24 +-
.../src/test/resources/xml-xpath-test.xml | 37 ++-
tooling/scripts/test-categories.yaml | 1 +
27 files changed, 939 insertions(+), 230 deletions(-)
diff --git a/docs/modules/ROOT/pages/reference/extensions/xmlsecurity.adoc b/docs/modules/ROOT/pages/reference/extensions/xmlsecurity.adoc
index f9972f8..64ba6dc 100644
--- a/docs/modules/ROOT/pages/reference/extensions/xmlsecurity.adoc
+++ b/docs/modules/ROOT/pages/reference/extensions/xmlsecurity.adoc
@@ -2,15 +2,15 @@
// This file was generated by camel-quarkus-maven-plugin:update-extension-doc-page
= XML Security Sign
:cq-artifact-id: camel-quarkus-xmlsecurity
-:cq-native-supported: false
-:cq-status: Preview
+:cq-native-supported: true
+:cq-status: Stable
:cq-description: Sign XML payloads using the XML signature specification.
:cq-deprecated: false
:cq-jvm-since: 1.1.0
-:cq-native-since: n/a
+:cq-native-since: 1.7.0
[.badges]
-[.badge-key]##JVM since##[.badge-supported]##1.1.0## [.badge-key]##Native##[.badge-unsupported]##unsupported##
+[.badge-key]##JVM since##[.badge-supported]##1.1.0## [.badge-key]##Native since##[.badge-supported]##1.7.0##
Sign XML payloads using the XML signature specification.
@@ -33,3 +33,14 @@ Please refer to the above links for usage and configuration details.
----
Check the xref:user-guide/index.adoc[User guide] for more information about writing Camel Quarkus applications.
+
+== Camel Quarkus limitations
+
+There is currently no native mode support for XSLT based transform methods on the `xmlsecurity` producer via the `transformMethods` URI option.
+
+
+== SSL in native mode
+
+This extension auto-enables SSL support in native mode. Hence you do not need to add
+`quarkus.ssl.native=true` to your `application.properties` yourself. See also
+https://quarkus.io/guides/native-and-ssl[Quarkus SSL guide].
diff --git a/docs/modules/ROOT/partials/reference/components/xmlsecurity-sign.adoc b/docs/modules/ROOT/partials/reference/components/xmlsecurity-sign.adoc
index 9768396..39fefcc 100644
--- a/docs/modules/ROOT/partials/reference/components/xmlsecurity-sign.adoc
+++ b/docs/modules/ROOT/partials/reference/components/xmlsecurity-sign.adoc
@@ -2,11 +2,11 @@
// This file was generated by camel-quarkus-maven-plugin:update-extension-doc-page
:cq-artifact-id: camel-quarkus-xmlsecurity
:cq-artifact-id-base: xmlsecurity
-:cq-native-supported: false
-:cq-status: Preview
+:cq-native-supported: true
+:cq-status: Stable
:cq-deprecated: false
:cq-jvm-since: 1.1.0
-:cq-native-since: n/a
+:cq-native-since: 1.7.0
:cq-camel-part-name: xmlsecurity-sign
:cq-camel-part-title: XML Security Sign
:cq-camel-part-description: Sign XML payloads using the XML signature specification.
diff --git a/docs/modules/ROOT/partials/reference/components/xmlsecurity-verify.adoc b/docs/modules/ROOT/partials/reference/components/xmlsecurity-verify.adoc
index 93db029..1631235 100644
--- a/docs/modules/ROOT/partials/reference/components/xmlsecurity-verify.adoc
+++ b/docs/modules/ROOT/partials/reference/components/xmlsecurity-verify.adoc
@@ -2,11 +2,11 @@
// This file was generated by camel-quarkus-maven-plugin:update-extension-doc-page
:cq-artifact-id: camel-quarkus-xmlsecurity
:cq-artifact-id-base: xmlsecurity
-:cq-native-supported: false
-:cq-status: Preview
+:cq-native-supported: true
+:cq-status: Stable
:cq-deprecated: false
:cq-jvm-since: 1.1.0
-:cq-native-since: n/a
+:cq-native-since: 1.7.0
:cq-camel-part-name: xmlsecurity-verify
:cq-camel-part-title: XML Security Verify
:cq-camel-part-description: Verify XML payloads using the XML signature specification.
diff --git a/docs/modules/ROOT/partials/reference/dataformats/secureXML.adoc b/docs/modules/ROOT/partials/reference/dataformats/secureXML.adoc
index 0a78481..ac4cca6 100644
--- a/docs/modules/ROOT/partials/reference/dataformats/secureXML.adoc
+++ b/docs/modules/ROOT/partials/reference/dataformats/secureXML.adoc
@@ -2,11 +2,11 @@
// This file was generated by camel-quarkus-maven-plugin:update-extension-doc-page
:cq-artifact-id: camel-quarkus-xmlsecurity
:cq-artifact-id-base: xmlsecurity
-:cq-native-supported: false
-:cq-status: Preview
+:cq-native-supported: true
+:cq-status: Stable
:cq-deprecated: false
:cq-jvm-since: 1.1.0
-:cq-native-since: n/a
+:cq-native-since: 1.7.0
:cq-camel-part-name: secureXML
:cq-camel-part-title: XML Security
:cq-camel-part-description: Encrypt and decrypt XML payloads using Apache Santuario.
diff --git a/extensions-jvm/pom.xml b/extensions-jvm/pom.xml
index 6bdb869..33ae940 100644
--- a/extensions-jvm/pom.xml
+++ b/extensions-jvm/pom.xml
@@ -127,7 +127,6 @@
<module>workday</module>
<module>xchange</module>
<module>xj</module>
- <module>xmlsecurity</module>
<module>xmpp</module>
<module>xslt-saxon</module>
<module>yammer</module>
diff --git a/extensions-jvm/xmlsecurity/deployment/src/main/java/org/apache/camel/quarkus/component/xmlsecurity/deployment/XmlsecurityProcessor.java b/extensions-jvm/xmlsecurity/deployment/src/main/java/org/apache/camel/quarkus/component/xmlsecurity/deployment/XmlsecurityProcessor.java
deleted file mode 100644
index a72ab1b..0000000
--- a/extensions-jvm/xmlsecurity/deployment/src/main/java/org/apache/camel/quarkus/component/xmlsecurity/deployment/XmlsecurityProcessor.java
+++ /dev/null
@@ -1,46 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one or more
- * contributor license agreements. See the NOTICE file distributed with
- * this work for additional information regarding copyright ownership.
- * The ASF licenses this file to You under the Apache License, Version 2.0
- * (the "License"); you may not use this file except in compliance with
- * the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.apache.camel.quarkus.component.xmlsecurity.deployment;
-
-import io.quarkus.deployment.annotations.BuildStep;
-import io.quarkus.deployment.annotations.ExecutionTime;
-import io.quarkus.deployment.annotations.Record;
-import io.quarkus.deployment.builditem.FeatureBuildItem;
-import io.quarkus.deployment.pkg.steps.NativeBuild;
-import org.apache.camel.quarkus.core.JvmOnlyRecorder;
-import org.jboss.logging.Logger;
-
-class XmlsecurityProcessor {
-
- private static final Logger LOG = Logger.getLogger(XmlsecurityProcessor.class);
- private static final String FEATURE = "camel-xmlsecurity";
-
- @BuildStep
- FeatureBuildItem feature() {
- return new FeatureBuildItem(FEATURE);
- }
-
- /**
- * Remove this once this extension starts supporting the native mode.
- */
- @BuildStep(onlyIf = NativeBuild.class)
- @Record(value = ExecutionTime.RUNTIME_INIT)
- void warnJvmInNative(JvmOnlyRecorder recorder) {
- JvmOnlyRecorder.warnJvmInNative(LOG, FEATURE); // warn at build time
- recorder.warnJvmInNative(FEATURE); // warn at runtime
- }
-}
diff --git a/extensions-jvm/xmlsecurity/integration-test/src/main/java/org/apache/camel/quarkus/component/xmlsecurity/it/XmlsecurityResource.java b/extensions-jvm/xmlsecurity/integration-test/src/main/java/org/apache/camel/quarkus/component/xmlsecurity/it/XmlsecurityResource.java
deleted file mode 100644
index fc20975..0000000
--- a/extensions-jvm/xmlsecurity/integration-test/src/main/java/org/apache/camel/quarkus/component/xmlsecurity/it/XmlsecurityResource.java
+++ /dev/null
@@ -1,77 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one or more
- * contributor license agreements. See the NOTICE file distributed with
- * this work for additional information regarding copyright ownership.
- * The ASF licenses this file to You under the Apache License, Version 2.0
- * (the "License"); you may not use this file except in compliance with
- * the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.apache.camel.quarkus.component.xmlsecurity.it;
-
-import javax.enterprise.context.ApplicationScoped;
-import javax.inject.Inject;
-import javax.ws.rs.GET;
-import javax.ws.rs.Path;
-import javax.ws.rs.Produces;
-import javax.ws.rs.core.MediaType;
-import javax.ws.rs.core.Response;
-
-import org.apache.camel.CamelContext;
-import org.jboss.logging.Logger;
-
-@Path("/xmlsecurity")
-@ApplicationScoped
-public class XmlsecurityResource {
-
- private static final Logger LOG = Logger.getLogger(XmlsecurityResource.class);
-
- private static final String COMPONENT_XMLSECURITY_SIGN = "xmlsecurity-sign";
- private static final String COMPONENT_XMLSECURITY_VERIFY = "xmlsecurity-verify";
- private static final String DATAFORMAT_SECUREXML = "secureXML";
- @Inject
- CamelContext context;
-
- @Path("/load/component/xmlsecurity-sign")
- @GET
- @Produces(MediaType.TEXT_PLAIN)
- public Response loadComponentXmlsecuritySign() throws Exception {
- /* This is an autogenerated test */
- if (context.getComponent(COMPONENT_XMLSECURITY_SIGN) != null) {
- return Response.ok().build();
- }
- LOG.warnf("Could not load [%s] from the Camel context", COMPONENT_XMLSECURITY_SIGN);
- return Response.status(500, COMPONENT_XMLSECURITY_SIGN + " could not be loaded from the Camel context").build();
- }
-
- @Path("/load/component/xmlsecurity-verify")
- @GET
- @Produces(MediaType.TEXT_PLAIN)
- public Response loadComponentXmlsecurityVerify() throws Exception {
- /* This is an autogenerated test */
- if (context.getComponent(COMPONENT_XMLSECURITY_VERIFY) != null) {
- return Response.ok().build();
- }
- LOG.warnf("Could not load [%s] from the Camel context", COMPONENT_XMLSECURITY_VERIFY);
- return Response.status(500, COMPONENT_XMLSECURITY_VERIFY + " could not be loaded from the Camel context").build();
- }
-
- @Path("/load/dataformat/securexml")
- @GET
- @Produces(MediaType.TEXT_PLAIN)
- public Response loadDataformatSecureXML() throws Exception {
- /* This is an autogenerated test */
- if (context.resolveDataFormat(DATAFORMAT_SECUREXML) != null) {
- return Response.ok().build();
- }
- LOG.warnf("Could not load [%s] from the Camel context", DATAFORMAT_SECUREXML);
- return Response.status(500, DATAFORMAT_SECUREXML + " could not be loaded from the Camel context").build();
- }
-}
diff --git a/extensions-support/xalan/deployment/src/main/java/org/apache/camel/quarkus/support/xalan/deployment/XalanNativeImageProcessor.java b/extensions-support/xalan/deployment/src/main/java/org/apache/camel/quarkus/support/xalan/deployment/XalanNativeImageProcessor.java
index 5c08acc..46d2664 100644
--- a/extensions-support/xalan/deployment/src/main/java/org/apache/camel/quarkus/support/xalan/deployment/XalanNativeImageProcessor.java
+++ b/extensions-support/xalan/deployment/src/main/java/org/apache/camel/quarkus/support/xalan/deployment/XalanNativeImageProcessor.java
@@ -52,6 +52,8 @@ class XalanNativeImageProcessor {
"org.apache.xalan.xsltc.dom.XSLTCDTMManager",
"org.apache.xalan.xsltc.trax.ObjectFactory",
"org.apache.xalan.xsltc.trax.TransformerFactoryImpl",
+ "org.apache.xml.dtm.ObjectFactory",
+ "org.apache.xml.dtm.ref.DTMManagerDefault",
"org.apache.xml.serializer.OutputPropertiesFactory",
"org.apache.xml.serializer.CharInfo",
"org.apache.xml.serializer.XMLEntities");
diff --git a/extensions/pom.xml b/extensions/pom.xml
index 4aae82a..957d969 100644
--- a/extensions/pom.xml
+++ b/extensions/pom.xml
@@ -229,6 +229,7 @@
<module>vm</module>
<module>weather</module>
<module>websocket-jsr356</module>
+ <module>xmlsecurity</module>
<module>xpath</module>
<module>xslt</module>
<module>xstream</module>
diff --git a/extensions-jvm/xmlsecurity/deployment/pom.xml b/extensions/xmlsecurity/deployment/pom.xml
similarity index 79%
rename from extensions-jvm/xmlsecurity/deployment/pom.xml
rename to extensions/xmlsecurity/deployment/pom.xml
index da144a3..8072c2b 100644
--- a/extensions-jvm/xmlsecurity/deployment/pom.xml
+++ b/extensions/xmlsecurity/deployment/pom.xml
@@ -31,11 +31,27 @@
<dependencies>
<dependency>
+ <groupId>io.quarkus</groupId>
+ <artifactId>quarkus-jaxp-deployment</artifactId>
+ </dependency>
+ <dependency>
<groupId>org.apache.camel.quarkus</groupId>
<artifactId>camel-quarkus-core-deployment</artifactId>
</dependency>
<dependency>
<groupId>org.apache.camel.quarkus</groupId>
+ <artifactId>camel-quarkus-xpath-deployment</artifactId>
+ </dependency>
+ <dependency>
+ <groupId>org.apache.camel.quarkus</groupId>
+ <artifactId>camel-quarkus-validator-deployment</artifactId>
+ </dependency>
+ <dependency>
+ <groupId>org.apache.camel.quarkus</groupId>
+ <artifactId>camel-quarkus-support-xalan-deployment</artifactId>
+ </dependency>
+ <dependency>
+ <groupId>org.apache.camel.quarkus</groupId>
<artifactId>camel-quarkus-xmlsecurity</artifactId>
</dependency>
</dependencies>
diff --git a/extensions/xmlsecurity/deployment/src/main/java/org/apache/camel/quarkus/component/xmlsecurity/deployment/XmlsecurityProcessor.java b/extensions/xmlsecurity/deployment/src/main/java/org/apache/camel/quarkus/component/xmlsecurity/deployment/XmlsecurityProcessor.java
new file mode 100644
index 0000000..1304051
--- /dev/null
+++ b/extensions/xmlsecurity/deployment/src/main/java/org/apache/camel/quarkus/component/xmlsecurity/deployment/XmlsecurityProcessor.java
@@ -0,0 +1,71 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.camel.quarkus.component.xmlsecurity.deployment;
+
+import java.util.stream.Stream;
+
+import javax.crypto.spec.GCMParameterSpec;
+import javax.xml.crypto.dsig.spec.XPathType;
+
+import io.quarkus.deployment.annotations.BuildProducer;
+import io.quarkus.deployment.annotations.BuildStep;
+import io.quarkus.deployment.builditem.CombinedIndexBuildItem;
+import io.quarkus.deployment.builditem.ExtensionSslNativeSupportBuildItem;
+import io.quarkus.deployment.builditem.FeatureBuildItem;
+import io.quarkus.deployment.builditem.IndexDependencyBuildItem;
+import io.quarkus.deployment.builditem.nativeimage.ReflectiveClassBuildItem;
+import org.apache.xml.security.c14n.CanonicalizerSpi;
+import org.apache.xml.security.transforms.TransformSpi;
+import org.jboss.jandex.DotName;
+import org.jboss.jandex.IndexView;
+
+class XmlsecurityProcessor {
+
+ private static final String FEATURE = "camel-xmlsecurity";
+
+ @BuildStep
+ FeatureBuildItem feature() {
+ return new FeatureBuildItem(FEATURE);
+ }
+
+ @BuildStep
+ ExtensionSslNativeSupportBuildItem activateSslNativeSupport() {
+ return new ExtensionSslNativeSupportBuildItem(FEATURE);
+ }
+
+ @BuildStep
+ IndexDependencyBuildItem indexDependencies() {
+ return new IndexDependencyBuildItem("org.apache.santuario", "xmlsec");
+ }
+
+ @BuildStep
+ void registerForReflection(BuildProducer<ReflectiveClassBuildItem> reflectiveClass, CombinedIndexBuildItem combinedIndex) {
+ IndexView index = combinedIndex.getIndex();
+
+ Stream.of(CanonicalizerSpi.class, TransformSpi.class)
+ .map(aClass -> aClass.getName())
+ .map(DotName::createSimple)
+ .flatMap(dotName -> index.getAllKnownSubclasses(dotName).stream())
+ .map(classInfo -> classInfo.name().toString())
+ .map(className -> new ReflectiveClassBuildItem(false, false, className))
+ .forEach(reflectiveClass::produce);
+
+ Stream.of(GCMParameterSpec.class.getName(), XPathType[].class.getName())
+ .map(className -> new ReflectiveClassBuildItem(false, false, className))
+ .forEach(reflectiveClass::produce);
+ }
+}
diff --git a/extensions-jvm/xmlsecurity/pom.xml b/extensions/xmlsecurity/pom.xml
similarity index 97%
copy from extensions-jvm/xmlsecurity/pom.xml
copy to extensions/xmlsecurity/pom.xml
index 762e838..bfa8bcc 100644
--- a/extensions-jvm/xmlsecurity/pom.xml
+++ b/extensions/xmlsecurity/pom.xml
@@ -33,6 +33,5 @@
<modules>
<module>deployment</module>
<module>runtime</module>
- <module>integration-test</module>
</modules>
</project>
diff --git a/extensions-jvm/xmlsecurity/runtime/pom.xml b/extensions/xmlsecurity/runtime/pom.xml
similarity index 85%
rename from extensions-jvm/xmlsecurity/runtime/pom.xml
rename to extensions/xmlsecurity/runtime/pom.xml
index 1b6c329..15e0261 100644
--- a/extensions-jvm/xmlsecurity/runtime/pom.xml
+++ b/extensions/xmlsecurity/runtime/pom.xml
@@ -32,6 +32,7 @@
<properties>
<camel.quarkus.jvmSince>1.1.0</camel.quarkus.jvmSince>
+ <camel.quarkus.nativeSince>1.7.0</camel.quarkus.nativeSince>
</properties>
<dependencyManagement>
@@ -48,10 +49,26 @@
<dependencies>
<dependency>
+ <groupId>io.quarkus</groupId>
+ <artifactId>quarkus-jaxp</artifactId>
+ </dependency>
+ <dependency>
<groupId>org.apache.camel.quarkus</groupId>
<artifactId>camel-quarkus-core</artifactId>
</dependency>
<dependency>
+ <groupId>org.apache.camel.quarkus</groupId>
+ <artifactId>camel-quarkus-xpath</artifactId>
+ </dependency>
+ <dependency>
+ <groupId>org.apache.camel.quarkus</groupId>
+ <artifactId>camel-quarkus-validator</artifactId>
+ </dependency>
+ <dependency>
+ <groupId>org.apache.camel.quarkus</groupId>
+ <artifactId>camel-quarkus-support-xalan</artifactId>
+ </dependency>
+ <dependency>
<groupId>org.apache.camel</groupId>
<artifactId>camel-xmlsecurity</artifactId>
</dependency>
diff --git a/extensions/xmlsecurity/runtime/src/main/doc/limitations.adoc b/extensions/xmlsecurity/runtime/src/main/doc/limitations.adoc
new file mode 100644
index 0000000..4d4b8a0
--- /dev/null
+++ b/extensions/xmlsecurity/runtime/src/main/doc/limitations.adoc
@@ -0,0 +1 @@
+There is currently no native mode support for XSLT based transform methods on the `xmlsecurity` producer via the `transformMethods` URI option.
diff --git a/extensions-jvm/xmlsecurity/runtime/src/main/resources/META-INF/quarkus-extension.yaml b/extensions/xmlsecurity/runtime/src/main/resources/META-INF/quarkus-extension.yaml
similarity index 97%
rename from extensions-jvm/xmlsecurity/runtime/src/main/resources/META-INF/quarkus-extension.yaml
rename to extensions/xmlsecurity/runtime/src/main/resources/META-INF/quarkus-extension.yaml
index 9fd2015..833c2fd 100644
--- a/extensions-jvm/xmlsecurity/runtime/src/main/resources/META-INF/quarkus-extension.yaml
+++ b/extensions/xmlsecurity/runtime/src/main/resources/META-INF/quarkus-extension.yaml
@@ -24,9 +24,8 @@
name: "Camel XML Security Sign"
description: "Sign XML payloads using the XML signature specification"
metadata:
- unlisted: true
guide: "https://camel.apache.org/camel-quarkus/latest/reference/extensions/xmlsecurity.html"
categories:
- "integration"
status:
- - "preview"
+ - "stable"
diff --git a/integration-tests/pom.xml b/integration-tests/pom.xml
index be1b53c..899cdf8 100644
--- a/integration-tests/pom.xml
+++ b/integration-tests/pom.xml
@@ -193,6 +193,7 @@
<module>weather</module>
<module>websocket-jsr356</module>
<module>xml</module>
+ <module>xmlsecurity</module>
<module>xstream</module>
<module>zendesk</module>
</modules>
diff --git a/extensions-jvm/xmlsecurity/integration-test/pom.xml b/integration-tests/xmlsecurity/pom.xml
similarity index 62%
rename from extensions-jvm/xmlsecurity/integration-test/pom.xml
rename to integration-tests/xmlsecurity/pom.xml
index ba3eeb7..084d44b 100644
--- a/extensions-jvm/xmlsecurity/integration-test/pom.xml
+++ b/integration-tests/xmlsecurity/pom.xml
@@ -21,13 +21,12 @@
<modelVersion>4.0.0</modelVersion>
<parent>
<groupId>org.apache.camel.quarkus</groupId>
- <artifactId>camel-quarkus-build-parent-it</artifactId>
+ <artifactId>camel-quarkus-integration-tests</artifactId>
<version>1.7.0-SNAPSHOT</version>
- <relativePath>../../../poms/build-parent-it/pom.xml</relativePath>
</parent>
- <artifactId>camel-quarkus-xmlsecurity-integration-test</artifactId>
- <name>Camel Quarkus :: XML Security Sign :: Integration Test</name>
+ <artifactId>camel-quarkus-integration-test-xmlsecurity</artifactId>
+ <name>Camel Quarkus :: Integration Tests :: XML Security Sign</name>
<description>Integration tests for Camel Quarkus XML Security Sign extension</description>
<dependencyManagement>
@@ -45,6 +44,10 @@
<dependencies>
<dependency>
<groupId>org.apache.camel.quarkus</groupId>
+ <artifactId>camel-quarkus-direct</artifactId>
+ </dependency>
+ <dependency>
+ <groupId>org.apache.camel.quarkus</groupId>
<artifactId>camel-quarkus-xmlsecurity</artifactId>
</dependency>
<dependency>
@@ -67,6 +70,19 @@
<!-- The following dependencies guarantee that this module is built after them. You can update them by running `mvn process-resources -Pformat -N` from the source tree root directory -->
<dependency>
<groupId>org.apache.camel.quarkus</groupId>
+ <artifactId>camel-quarkus-direct-deployment</artifactId>
+ <version>${project.version}</version>
+ <type>pom</type>
+ <scope>test</scope>
+ <exclusions>
+ <exclusion>
+ <groupId>*</groupId>
+ <artifactId>*</artifactId>
+ </exclusion>
+ </exclusions>
+ </dependency>
+ <dependency>
+ <groupId>org.apache.camel.quarkus</groupId>
<artifactId>camel-quarkus-xmlsecurity-deployment</artifactId>
<version>${project.version}</version>
<type>pom</type>
@@ -80,4 +96,34 @@
</dependency>
</dependencies>
+ <profiles>
+ <profile>
+ <id>native</id>
+ <activation>
+ <property>
+ <name>native</name>
+ </property>
+ </activation>
+ <properties>
+ <quarkus.package.type>native</quarkus.package.type>
+ </properties>
+ <build>
+ <plugins>
+ <plugin>
+ <groupId>org.apache.maven.plugins</groupId>
+ <artifactId>maven-failsafe-plugin</artifactId>
+ <executions>
+ <execution>
+ <goals>
+ <goal>integration-test</goal>
+ <goal>verify</goal>
+ </goals>
+ </execution>
+ </executions>
+ </plugin>
+ </plugins>
+ </build>
+ </profile>
+ </profiles>
+
</project>
diff --git a/integration-tests/xmlsecurity/src/main/java/org/apache/camel/quarkus/component/xmlsecurity/it/XmlsecurityProducers.java b/integration-tests/xmlsecurity/src/main/java/org/apache/camel/quarkus/component/xmlsecurity/it/XmlsecurityProducers.java
new file mode 100644
index 0000000..e3976a0
--- /dev/null
+++ b/integration-tests/xmlsecurity/src/main/java/org/apache/camel/quarkus/component/xmlsecurity/it/XmlsecurityProducers.java
@@ -0,0 +1,144 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.camel.quarkus.component.xmlsecurity.it;
+
+import java.security.KeyPair;
+import java.security.KeyPairGenerator;
+import java.security.NoSuchAlgorithmException;
+import java.security.SecureRandom;
+import java.util.ArrayList;
+import java.util.HashMap;
+import java.util.List;
+import java.util.Map;
+
+import javax.crypto.KeyGenerator;
+import javax.crypto.SecretKey;
+import javax.enterprise.context.ApplicationScoped;
+import javax.enterprise.inject.Produces;
+import javax.inject.Named;
+import javax.inject.Singleton;
+import javax.xml.crypto.AlgorithmMethod;
+import javax.xml.crypto.KeySelector;
+import javax.xml.crypto.KeySelectorResult;
+import javax.xml.crypto.XMLCryptoContext;
+import javax.xml.crypto.dsig.CanonicalizationMethod;
+import javax.xml.crypto.dsig.keyinfo.KeyInfo;
+import javax.xml.crypto.dsig.keyinfo.KeyInfoFactory;
+import javax.xml.crypto.dsig.spec.XPathType;
+
+import org.w3c.dom.Node;
+
+import org.apache.camel.Message;
+import org.apache.camel.component.xmlsecurity.api.KeyAccessor;
+import org.apache.camel.component.xmlsecurity.api.XmlSignatureHelper;
+
+@ApplicationScoped
+public class XmlsecurityProducers {
+
+ @Produces
+ @Named("accessor")
+ public KeyAccessor getAccessor(KeyPair keyPair) {
+ return new KeyAccessor() {
+ @Override
+ public KeySelector getKeySelector(Message message) throws Exception {
+ return KeySelector.singletonKeySelector(keyPair.getPrivate());
+ }
+
+ @Override
+ public KeyInfo getKeyInfo(Message mess, Node messageBody, KeyInfoFactory keyInfoFactory) throws Exception {
+ return null;
+ }
+ };
+ }
+
+ @Produces
+ @Named("selector")
+ public KeySelector getSelector(KeyPair keyPair) {
+ return new KeySelector() {
+ @Override
+ public KeySelectorResult select(KeyInfo keyInfo, Purpose purpose, AlgorithmMethod algorithmMethod,
+ XMLCryptoContext xmlCryptoContext) {
+ return () -> keyPair.getPublic();
+ }
+ };
+ }
+
+ @Produces
+ @Named("canonicalizationMethod")
+ public AlgorithmMethod getCanonicalizationMethod() {
+ List<String> inclusivePrefixes = new ArrayList<>();
+ inclusivePrefixes.add("ds");
+ return XmlSignatureHelper.getCanonicalizationMethod(CanonicalizationMethod.EXCLUSIVE, inclusivePrefixes);
+ }
+
+ @Produces
+ @Named("transformsXPath")
+ public List<AlgorithmMethod> getTransformsXPathMethod() {
+ List<XmlSignatureHelper.XPathAndFilter> list = new ArrayList<>(3);
+ XmlSignatureHelper.XPathAndFilter xpath1 = new XmlSignatureHelper.XPathAndFilter("//n0:ToBeSigned",
+ XPathType.Filter.INTERSECT.toString());
+ list.add(xpath1);
+ XmlSignatureHelper.XPathAndFilter xpath2 = new XmlSignatureHelper.XPathAndFilter("//n0:NotToBeSigned",
+ XPathType.Filter.SUBTRACT.toString());
+ list.add(xpath2);
+ XmlSignatureHelper.XPathAndFilter xpath3 = new XmlSignatureHelper.XPathAndFilter("//n0:ReallyToBeSigned",
+ XPathType.Filter.UNION.toString());
+ list.add(xpath3);
+
+ List<AlgorithmMethod> result = new ArrayList<>();
+ result.add(XmlSignatureHelper.getCanonicalizationMethod(CanonicalizationMethod.INCLUSIVE));
+
+ Map<String, String> map = new HashMap<>();
+ map.put("n0", "http://test/test");
+ result.add(XmlSignatureHelper.getXPath2Transform(list, map));
+
+ return result;
+ }
+
+ @Produces
+ @Named("transformsXsltXPath")
+ public List<AlgorithmMethod> getTransformsXsltXPathMethod() throws Exception {
+ AlgorithmMethod transformXslt = XmlSignatureHelper.getXslTransform("/xslt-test.xsl");
+ Map<String, String> namespaceMap = new HashMap<>();
+ namespaceMap.put("n0", "https://org.apache/camel/xmlsecurity/test");
+ AlgorithmMethod transformXpath = XmlSignatureHelper.getXPathTransform("//n0:XMLSecurity/n0:Content", namespaceMap);
+ List<AlgorithmMethod> result = new ArrayList<>();
+ result.add(XmlSignatureHelper.getCanonicalizationMethod(CanonicalizationMethod.INCLUSIVE));
+ result.add(transformXslt);
+ result.add(transformXpath);
+ return result;
+ }
+
+ @Singleton
+ @Produces
+ public KeyPair getKeyPair() throws NoSuchAlgorithmException {
+ KeyPairGenerator keyGen;
+ keyGen = KeyPairGenerator.getInstance("RSA");
+ keyGen.initialize(2048, new SecureRandom());
+ return keyGen.generateKeyPair();
+ }
+
+ @Singleton
+ @Produces
+ @Named("key")
+ public SecretKey key() throws NoSuchAlgorithmException {
+ KeyGenerator keyGenerator = KeyGenerator.getInstance("AES");
+ keyGenerator.init(256);
+ keyGenerator.generateKey();
+ return keyGenerator.generateKey();
+ }
+}
diff --git a/integration-tests/xmlsecurity/src/main/java/org/apache/camel/quarkus/component/xmlsecurity/it/XmlsecurityResource.java b/integration-tests/xmlsecurity/src/main/java/org/apache/camel/quarkus/component/xmlsecurity/it/XmlsecurityResource.java
new file mode 100644
index 0000000..99d3cab
--- /dev/null
+++ b/integration-tests/xmlsecurity/src/main/java/org/apache/camel/quarkus/component/xmlsecurity/it/XmlsecurityResource.java
@@ -0,0 +1,179 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.camel.quarkus.component.xmlsecurity.it;
+
+import javax.inject.Inject;
+import javax.ws.rs.Consumes;
+import javax.ws.rs.POST;
+import javax.ws.rs.Path;
+import javax.ws.rs.Produces;
+import javax.ws.rs.core.MediaType;
+
+import org.apache.camel.ProducerTemplate;
+
+@Path("/xmlsecurity")
+public class XmlsecurityResource {
+
+ @Inject
+ ProducerTemplate template;
+
+ @Path("/component/sign/enveloping")
+ @POST
+ @Consumes(MediaType.APPLICATION_XML)
+ @Produces(MediaType.APPLICATION_XML)
+ public String signEnveloping(String xml) throws Exception {
+ return template.requestBody("direct:enveloping-sign", xml, String.class);
+ }
+
+ @Path("/component/verify/enveloping")
+ @POST
+ @Consumes(MediaType.APPLICATION_XML)
+ @Produces(MediaType.APPLICATION_XML)
+ public String verifyEnveloping(String xml) throws Exception {
+ return template.requestBody("direct:enveloping-verify", xml, String.class);
+ }
+
+ @Path("/component/sign/enveloped")
+ @POST
+ @Consumes(MediaType.APPLICATION_XML)
+ @Produces(MediaType.APPLICATION_XML)
+ public String signEnveloped(String xml) throws Exception {
+ return template.requestBody("direct:enveloped-sign", xml, String.class);
+ }
+
+ @Path("/component/verify/enveloped")
+ @POST
+ @Consumes(MediaType.APPLICATION_XML)
+ @Produces(MediaType.APPLICATION_XML)
+ public String verifyEnveloped(String xml) throws Exception {
+ return template.requestBody("direct:enveloped-verify", xml, String.class);
+ }
+
+ @Path("/component/sign/plaintext")
+ @POST
+ @Consumes(MediaType.APPLICATION_XML)
+ @Produces(MediaType.APPLICATION_XML)
+ public String signPlainText(String xml) throws Exception {
+ return template.requestBody("direct:plaintext-sign", xml, String.class);
+ }
+
+ @Path("/component/verify/plaintext")
+ @POST
+ @Consumes(MediaType.APPLICATION_XML)
+ @Produces(MediaType.APPLICATION_XML)
+ public String verifyPlainText(String xml) throws Exception {
+ return template.requestBody("direct:plaintext-verify", xml, String.class);
+ }
+
+ @Path("/component/sign/canonicalization")
+ @POST
+ @Consumes(MediaType.APPLICATION_XML)
+ @Produces(MediaType.APPLICATION_XML)
+ public String signCanonicalization(String xml) throws Exception {
+ return template.requestBody("direct:canonicalization-sign", xml, String.class);
+ }
+
+ @Path("/component/verify/canonicalization")
+ @POST
+ @Consumes(MediaType.APPLICATION_XML)
+ @Produces(MediaType.APPLICATION_XML)
+ public String verifyCanonicalization(String xml) throws Exception {
+ return template.requestBody("direct:canonicalization-verify", xml, String.class);
+
+ }
+
+ @Path("/component/sign/signaturedigest")
+ @POST
+ @Consumes(MediaType.APPLICATION_XML)
+ @Produces(MediaType.APPLICATION_XML)
+ public String signSignatureAndDigestAlgorithm(String xml) throws Exception {
+ return template.requestBody("direct:signaturedigestalgorithm-sign", xml, String.class);
+
+ }
+
+ @Path("/component/verify/signaturedigest")
+ @POST
+ @Consumes(MediaType.APPLICATION_XML)
+ @Produces(MediaType.APPLICATION_XML)
+ public String verifySignatureAndDigestAlgorithm(String xml) throws Exception {
+ return template.requestBody("direct:signaturedigestalgorithm-verify", xml, String.class);
+ }
+
+ @Path("/component/sign/transformsxpath")
+ @POST
+ @Consumes(MediaType.APPLICATION_XML)
+ @Produces(MediaType.APPLICATION_XML)
+ public String signSignatureTransformsXPath(String xml) throws Exception {
+ return template.requestBody("direct:transformsXPath-sign", xml, String.class);
+ }
+
+ @Path("/component/verify/transformsxpath")
+ @POST
+ @Consumes(MediaType.APPLICATION_XML)
+ @Produces(MediaType.APPLICATION_XML)
+ public String verifySignatureTransformsXPath(String xml) throws Exception {
+ return template.requestBody("direct:transformsXPath-verify", xml, String.class);
+ }
+
+ @Path("/component/sign/transformsxsltxpath")
+ @POST
+ @Consumes(MediaType.APPLICATION_XML)
+ @Produces(MediaType.APPLICATION_XML)
+ public String signSignatureTransformsXsltXPath(String xml) throws Exception {
+ return template.requestBody("direct:transformsXsltXPath-sign", xml, String.class);
+ }
+
+ @Path("/component/verify/transformsxsltxpath")
+ @POST
+ @Consumes(MediaType.APPLICATION_XML)
+ @Produces(MediaType.APPLICATION_XML)
+ public String verifySignatureTransformsXsltXPath(String xml) throws Exception {
+ return template.requestBody("direct:transformsXsltXPath-verify", xml, String.class);
+ }
+
+ @Path("/dataformat/marshal")
+ @POST
+ @Consumes(MediaType.APPLICATION_XML)
+ @Produces(MediaType.APPLICATION_XML)
+ public String dataformatMarshal(String xml) throws Exception {
+ return template.requestBody("direct:marshal", xml, String.class);
+ }
+
+ @Path("/dataformat/unmarshal")
+ @POST
+ @Consumes(MediaType.APPLICATION_XML)
+ @Produces(MediaType.APPLICATION_XML)
+ public String dataformatUnmarshal(String xml) throws Exception {
+ return template.requestBody("direct:unmarshal", xml, String.class);
+ }
+
+ @Path("/dataformat/marshal/partial")
+ @POST
+ @Consumes(MediaType.APPLICATION_XML)
+ @Produces(MediaType.APPLICATION_XML)
+ public String dataformatMarshalPartialContent(String xml) throws Exception {
+ return template.requestBody("direct:marshal-partial", xml, String.class);
+ }
+
+ @Path("/dataformat/unmarshal/partial")
+ @POST
+ @Consumes(MediaType.APPLICATION_XML)
+ @Produces(MediaType.APPLICATION_XML)
+ public String dataformatUnmarshalPartialContent(String xml) throws Exception {
+ return template.requestBody("direct:unmarshal-partial", xml, String.class);
+ }
+}
diff --git a/integration-tests/xmlsecurity/src/main/java/org/apache/camel/quarkus/component/xmlsecurity/it/XmlsecurityRoutes.java b/integration-tests/xmlsecurity/src/main/java/org/apache/camel/quarkus/component/xmlsecurity/it/XmlsecurityRoutes.java
new file mode 100644
index 0000000..95378bf
--- /dev/null
+++ b/integration-tests/xmlsecurity/src/main/java/org/apache/camel/quarkus/component/xmlsecurity/it/XmlsecurityRoutes.java
@@ -0,0 +1,97 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.camel.quarkus.component.xmlsecurity.it;
+
+import java.util.HashMap;
+import java.util.Map;
+
+import javax.crypto.SecretKey;
+import javax.enterprise.context.ApplicationScoped;
+import javax.inject.Inject;
+import javax.inject.Named;
+
+import org.apache.camel.builder.RouteBuilder;
+
+@ApplicationScoped
+public class XmlsecurityRoutes extends RouteBuilder {
+
+ @Inject
+ @Named("key")
+ SecretKey key;
+
+ @Override
+ public void configure() throws Exception {
+ final Map<String, String> namespaces = new HashMap<>();
+ namespaces.put("test", "http://test/test");
+
+ from("direct:enveloping-sign")
+ .to("xmlsecurity-sign:enveloping?keyAccessor=#accessor");
+
+ from("direct:enveloping-verify")
+ .to("xmlsecurity-verify:enveloping?keySelector=#selector");
+
+ from("direct:enveloped-sign")
+ .to("xmlsecurity-sign:enveloped?keyAccessor=#accessor&parentLocalName=root");
+
+ from("direct:enveloped-verify")
+ .to("xmlsecurity-verify:enveloped?keySelector=#selector");
+
+ from("direct:plaintext-sign")
+ .to("xmlsecurity-sign:plaintext?keyAccessor=#accessor&plainText=true&plainTextEncoding=UTF-8");
+
+ from("direct:plaintext-verify")
+ .to("xmlsecurity-verify:plaintext?keySelector=#selector");
+
+ from("direct:canonicalization-sign")
+ .to("xmlsecurity-sign:canonicalization?keyAccessor=#accessor&canonicalizationMethod=#canonicalizationMethod"
+ + "&signatureAlgorithm=http://www.w3.org/2001/04/xmldsig-more#rsa-sha256");
+
+ from("direct:canonicalization-verify")
+ .to("xmlsecurity-verify:canonicalization?keySelector=#selector");
+
+ from("direct:signaturedigestalgorithm-sign")
+ .to("xmlsecurity-sign:signaturedigestalgorithm?keyAccessor=#accessor"
+ + "&signatureAlgorithm=http://www.w3.org/2001/04/xmldsig-more#rsa-sha512&digestAlgorithm=http://www.w3.org/2001/04/xmlenc#sha512");
+
+ from("direct:signaturedigestalgorithm-verify")
+ .to("xmlsecurity-verify:signaturedigestalgorithm?keySelector=#selector");
+
+ from("direct:transformsXPath-sign")
+ .to("xmlsecurity-sign:transformsXPath?keyAccessor=#accessor&transformMethods=#transformsXPath");
+
+ from("direct:transformsXPath-verify")
+ .to("xmlsecurity-verify:transformsXPath?keySelector=#selector");
+
+ from("direct:transformsXsltXPath-sign")
+ .to("xmlsecurity-sign:transformsXsltXPath?keyAccessor=#accessor&transformMethods=#transformsXsltXPath");
+
+ from("direct:transformsXsltXPath-verify")
+ .to("xmlsecurity-verify:transformsXsltXPath?keySelector=#selector&secureValidation=false");
+
+ from("direct:marshal")
+ .marshal().secureXML(key.getEncoded());
+
+ from("direct:unmarshal")
+ .unmarshal().secureXML(key.getEncoded());
+
+ from("direct:marshal-partial")
+ .marshal().secureXML("//root/test:child-2", namespaces, true, key.getEncoded());
+
+ from("direct:unmarshal-partial")
+ .unmarshal().secureXML("//root/test:child-2", namespaces, true, key.getEncoded());
+ }
+}
diff --git a/integration-tests/xmlsecurity/src/main/resources/application.properties b/integration-tests/xmlsecurity/src/main/resources/application.properties
new file mode 100644
index 0000000..29514b0
--- /dev/null
+++ b/integration-tests/xmlsecurity/src/main/resources/application.properties
@@ -0,0 +1,17 @@
+## ---------------------------------------------------------------------------
+## Licensed to the Apache Software Foundation (ASF) under one or more
+## contributor license agreements. See the NOTICE file distributed with
+## this work for additional information regarding copyright ownership.
+## The ASF licenses this file to You under the Apache License, Version 2.0
+## (the "License"); you may not use this file except in compliance with
+## the License. You may obtain a copy of the License at
+##
+## http://www.apache.org/licenses/LICENSE-2.0
+##
+## Unless required by applicable law or agreed to in writing, software
+## distributed under the License is distributed on an "AS IS" BASIS,
+## WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+## See the License for the specific language governing permissions and
+## limitations under the License.
+## ---------------------------------------------------------------------------
+quarkus.native.resources.includes=*.xsl
diff --git a/extensions-jvm/xmlsecurity/pom.xml b/integration-tests/xmlsecurity/src/main/resources/xslt-test.xsl
similarity index 51%
copy from extensions-jvm/xmlsecurity/pom.xml
copy to integration-tests/xmlsecurity/src/main/resources/xslt-test.xsl
index 762e838..8ca3fe0 100644
--- a/extensions-jvm/xmlsecurity/pom.xml
+++ b/integration-tests/xmlsecurity/src/main/resources/xslt-test.xsl
@@ -17,22 +17,12 @@
limitations under the License.
-->
-<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
- <modelVersion>4.0.0</modelVersion>
- <parent>
- <groupId>org.apache.camel.quarkus</groupId>
- <artifactId>camel-quarkus-build-parent</artifactId>
- <version>1.7.0-SNAPSHOT</version>
- <relativePath>../../poms/build-parent/pom.xml</relativePath>
- </parent>
-
- <artifactId>camel-quarkus-xmlsecurity-parent</artifactId>
- <name>Camel Quarkus :: XML Security Sign</name>
- <packaging>pom</packaging>
-
- <modules>
- <module>deployment</module>
- <module>runtime</module>
- <module>integration-test</module>
- </modules>
-</project>
+<xsl:stylesheet version="1.0" xmlns:xsl="http://www.w3.org/1999/XSL/Transform">
+ <xsl:template match="/">
+ <n0:XMLSecurity xmlns:n0="https://org.apache/camel/xmlsecurity/test" xmlns:nn0="http://www.w3.org/2000/09/xmldsig#" xmlns:n1="http://test/test">
+ <n0:Content>
+ <xsl:value-of select="//n1:root/n1:test" />
+ </n0:Content>
+ </n0:XMLSecurity>
+ </xsl:template>
+</xsl:stylesheet>
diff --git a/extensions-jvm/xmlsecurity/integration-test/src/test/java/org/apache/camel/quarkus/component/xmlsecurity/it/XmlsecurityTest.java b/integration-tests/xmlsecurity/src/test/java/org/apache/camel/quarkus/component/xmlsecurity/it/XmlsecurityIT.java
similarity index 50%
rename from extensions-jvm/xmlsecurity/integration-test/src/test/java/org/apache/camel/quarkus/component/xmlsecurity/it/XmlsecurityTest.java
rename to integration-tests/xmlsecurity/src/test/java/org/apache/camel/quarkus/component/xmlsecurity/it/XmlsecurityIT.java
index 13e7f5c..4367220 100644
--- a/extensions-jvm/xmlsecurity/integration-test/src/test/java/org/apache/camel/quarkus/component/xmlsecurity/it/XmlsecurityTest.java
+++ b/integration-tests/xmlsecurity/src/test/java/org/apache/camel/quarkus/component/xmlsecurity/it/XmlsecurityIT.java
@@ -16,35 +16,9 @@
*/
package org.apache.camel.quarkus.component.xmlsecurity.it;
-import io.quarkus.test.junit.QuarkusTest;
-import io.restassured.RestAssured;
-import org.junit.jupiter.api.Test;
+import io.quarkus.test.junit.NativeImageTest;
-@QuarkusTest
-class XmlsecurityTest {
-
- @Test
- public void loadComponentXmlsecuritySign() {
- /* A simple autogenerated test */
- RestAssured.get("/xmlsecurity/load/component/xmlsecurity-sign")
- .then()
- .statusCode(200);
- }
-
- @Test
- public void loadComponentXmlsecurityVerify() {
- /* A simple autogenerated test */
- RestAssured.get("/xmlsecurity/load/component/xmlsecurity-verify")
- .then()
- .statusCode(200);
- }
-
- @Test
- public void loadDataformatSecureXML() {
- /* A simple autogenerated test */
- RestAssured.get("/xmlsecurity/load/dataformat/securexml")
- .then()
- .statusCode(200);
- }
+@NativeImageTest
+class XmlsecurityIT extends XmlsecurityTest {
}
diff --git a/integration-tests/xmlsecurity/src/test/java/org/apache/camel/quarkus/component/xmlsecurity/it/XmlsecurityTest.java b/integration-tests/xmlsecurity/src/test/java/org/apache/camel/quarkus/component/xmlsecurity/it/XmlsecurityTest.java
new file mode 100644
index 0000000..72d6da3
--- /dev/null
+++ b/integration-tests/xmlsecurity/src/test/java/org/apache/camel/quarkus/component/xmlsecurity/it/XmlsecurityTest.java
@@ -0,0 +1,282 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.camel.quarkus.component.xmlsecurity.it;
+
+import java.io.IOException;
+import java.nio.charset.StandardCharsets;
+
+import io.quarkus.test.junit.DisabledOnNativeImage;
+import io.quarkus.test.junit.QuarkusTest;
+import io.restassured.RestAssured;
+import io.restassured.http.ContentType;
+import org.apache.commons.io.IOUtils;
+import org.junit.jupiter.api.Test;
+
+import static org.junit.jupiter.api.Assertions.assertFalse;
+import static org.junit.jupiter.api.Assertions.assertTrue;
+
+@QuarkusTest
+class XmlsecurityTest {
+
+ @Test
+ public void signVerifyEnveloping() throws Exception {
+ String signedXml = RestAssured.given()
+ .contentType(ContentType.XML)
+ .body(readXMLFile("/xml-test.xml"))
+ .post("/xmlsecurity/component/sign/enveloping")
+ .then()
+ .statusCode(200)
+ .extract()
+ .body()
+ .asString();
+
+ assertTrue(signedXml.contains("ds:SignatureValue"));
+
+ String verifiedXml = RestAssured.given()
+ .contentType(ContentType.XML)
+ .body(signedXml)
+ .post("/xmlsecurity/component/verify/enveloping")
+ .then()
+ .statusCode(200)
+ .extract()
+ .body()
+ .asString();
+
+ assertFalse(verifiedXml.contains("ds:SignatureValue"));
+ }
+
+ @Test
+ public void signVerifyEnveloped() throws Exception {
+ String signedXml = RestAssured.given()
+ .contentType(ContentType.XML)
+ .body(readXMLFile("/xml-test.xml"))
+ .post("/xmlsecurity/component/sign/enveloped")
+ .then()
+ .statusCode(200)
+ .extract()
+ .body()
+ .asString();
+
+ assertTrue(signedXml.contains("ds:SignatureValue"));
+
+ String verifiedXml = RestAssured.given()
+ .contentType(ContentType.XML)
+ .body(signedXml)
+ .post("/xmlsecurity/component/verify/enveloped")
+ .then()
+ .statusCode(200)
+ .extract()
+ .body()
+ .asString();
+
+ assertFalse(verifiedXml.contains("ds:SignatureValue"));
+ }
+
+ @Test
+ public void signVerifyPlainText() throws Exception {
+ String signedXml = RestAssured.given()
+ .contentType(ContentType.XML)
+ .body(readXMLFile("/xml-test.xml"))
+ .post("/xmlsecurity/component/sign/plaintext")
+ .then()
+ .statusCode(200)
+ .extract()
+ .body()
+ .asString();
+
+ assertTrue(signedXml.contains("ds:SignatureValue"));
+
+ String verifiedXml = RestAssured.given()
+ .contentType(ContentType.XML)
+ .body(signedXml)
+ .post("/xmlsecurity/component/verify/plaintext")
+ .then()
+ .statusCode(200)
+ .extract()
+ .body()
+ .asString();
+
+ assertFalse(verifiedXml.contains("ds:SignatureValue"));
+ }
+
+ @Test
+ public void signVerifyCanonicalization() throws Exception {
+ String signedXml = RestAssured.given()
+ .contentType(ContentType.XML)
+ .body(readXMLFile("/xml-test.xml"))
+ .post("/xmlsecurity/component/sign/canonicalization")
+ .then()
+ .statusCode(200)
+ .extract()
+ .body()
+ .asString();
+
+ assertTrue(signedXml.contains("ds:SignatureValue"));
+
+ String verifiedXml = RestAssured.given()
+ .contentType(ContentType.XML)
+ .body(signedXml)
+ .post("/xmlsecurity/component/verify/canonicalization")
+ .then()
+ .statusCode(200)
+ .extract()
+ .body()
+ .asString();
+
+ assertFalse(verifiedXml.contains("ds:SignatureValue"));
+ }
+
+ @Test
+ public void signVerifySignatureDigestAlgorithm() throws Exception {
+ String signedXml = RestAssured.given()
+ .contentType(ContentType.XML)
+ .body(readXMLFile("/xml-test.xml"))
+ .post("/xmlsecurity/component/sign/signaturedigest")
+ .then()
+ .statusCode(200)
+ .extract()
+ .body()
+ .asString();
+
+ assertTrue(signedXml.contains("ds:SignatureValue"));
+
+ String verifiedXml = RestAssured.given()
+ .contentType(ContentType.XML)
+ .body(signedXml)
+ .post("/xmlsecurity/component/verify/signaturedigest")
+ .then()
+ .statusCode(200)
+ .extract()
+ .body()
+ .asString();
+
+ assertFalse(verifiedXml.contains("ds:SignatureValue"));
+ }
+
+ @Test
+ public void signVerifyTransformsXPath() throws Exception {
+ String signedXml = RestAssured.given()
+ .contentType(ContentType.XML)
+ .body(readXMLFile("/xml-xpath-test.xml"))
+ .post("/xmlsecurity/component/sign/transformsxpath")
+ .then()
+ .statusCode(200)
+ .extract()
+ .body()
+ .asString();
+
+ assertTrue(signedXml.contains("ds:SignatureValue"));
+
+ String verifiedXml = RestAssured.given()
+ .contentType(ContentType.XML)
+ .body(signedXml)
+ .post("/xmlsecurity/component/verify/transformsxpath")
+ .then()
+ .statusCode(200)
+ .extract()
+ .body()
+ .asString();
+
+ assertFalse(verifiedXml.contains("ds:SignatureValue"));
+ }
+
+ @DisabledOnNativeImage("https://github.com/apache/camel-quarkus/issues/2185")
+ @Test
+ public void signVerifyTransformsXsltXPath() throws Exception {
+ String signedXml = RestAssured.given()
+ .contentType(ContentType.XML)
+ .body(readXMLFile("/xml-test.xml"))
+ .post("/xmlsecurity/component/sign/transformsxsltxpath")
+ .then()
+ .statusCode(200)
+ .extract()
+ .body()
+ .asString();
+
+ assertTrue(signedXml.contains("ds:SignatureValue"));
+
+ String verifiedXml = RestAssured.given()
+ .contentType(ContentType.XML)
+ .body(signedXml)
+ .post("/xmlsecurity/component/verify/transformsxsltxpath")
+ .then()
+ .statusCode(200)
+ .extract()
+ .body()
+ .asString();
+
+ assertFalse(verifiedXml.contains("ds:SignatureValue"));
+ }
+
+ @Test
+ public void dataformatMarshalUnmarshal() throws Exception {
+ String signedXml = RestAssured.given()
+ .contentType(ContentType.XML)
+ .body(readXMLFile("/xml-test.xml"))
+ .post("/xmlsecurity/dataformat/marshal")
+ .then()
+ .statusCode(200)
+ .extract()
+ .body()
+ .asString();
+
+ assertTrue(signedXml.contains("xenc:CipherValue"));
+
+ String unsignedXml = RestAssured.given()
+ .contentType(ContentType.XML)
+ .body(signedXml)
+ .post("/xmlsecurity/dataformat/unmarshal")
+ .then()
+ .statusCode(200)
+ .extract()
+ .body()
+ .asString();
+
+ assertFalse(unsignedXml.contains("xenc:CipherValue"));
+ }
+
+ @Test
+ public void dataformatMarshalUnmarshalPartialContent() throws Exception {
+ String signedXml = RestAssured.given()
+ .contentType(ContentType.XML)
+ .body(readXMLFile("/xml-test.xml"))
+ .post("/xmlsecurity/dataformat/marshal/partial")
+ .then()
+ .statusCode(200)
+ .extract()
+ .body()
+ .asString();
+
+ assertTrue(signedXml.contains("<test:child-2><xenc:EncryptedData"));
+
+ String unsignedXml = RestAssured.given()
+ .contentType(ContentType.XML)
+ .body(signedXml)
+ .post("/xmlsecurity/dataformat/unmarshal/partial")
+ .then()
+ .statusCode(200)
+ .extract()
+ .body()
+ .asString();
+
+ assertTrue(unsignedXml.contains("<test:child-2>Test 2</test:child-2>"));
+ }
+
+ private String readXMLFile(String fileName) throws IOException {
+ return IOUtils.toString(XmlsecurityTest.class.getResourceAsStream(fileName), StandardCharsets.UTF_8);
+ }
+}
diff --git a/extensions-jvm/xmlsecurity/pom.xml b/integration-tests/xmlsecurity/src/test/resources/xml-test.xml
similarity index 51%
copy from extensions-jvm/xmlsecurity/pom.xml
copy to integration-tests/xmlsecurity/src/test/resources/xml-test.xml
index 762e838..1cad5e4 100644
--- a/extensions-jvm/xmlsecurity/pom.xml
+++ b/integration-tests/xmlsecurity/src/test/resources/xml-test.xml
@@ -17,22 +17,8 @@
limitations under the License.
-->
-<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
- <modelVersion>4.0.0</modelVersion>
- <parent>
- <groupId>org.apache.camel.quarkus</groupId>
- <artifactId>camel-quarkus-build-parent</artifactId>
- <version>1.7.0-SNAPSHOT</version>
- <relativePath>../../poms/build-parent/pom.xml</relativePath>
- </parent>
-
- <artifactId>camel-quarkus-xmlsecurity-parent</artifactId>
- <name>Camel Quarkus :: XML Security Sign</name>
- <packaging>pom</packaging>
-
- <modules>
- <module>deployment</module>
- <module>runtime</module>
- <module>integration-test</module>
- </modules>
-</project>
+<root xmlns:test="http://test/test">
+ <test:child-1>Test 1</test:child-1>
+ <test:child-2>Test 2</test:child-2>
+ <test:child-3>Test 3</test:child-3>
+</root>
diff --git a/extensions-jvm/xmlsecurity/pom.xml b/integration-tests/xmlsecurity/src/test/resources/xml-xpath-test.xml
similarity index 51%
rename from extensions-jvm/xmlsecurity/pom.xml
rename to integration-tests/xmlsecurity/src/test/resources/xml-xpath-test.xml
index 762e838..85687d9 100644
--- a/extensions-jvm/xmlsecurity/pom.xml
+++ b/integration-tests/xmlsecurity/src/test/resources/xml-xpath-test.xml
@@ -17,22 +17,21 @@
limitations under the License.
-->
-<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
- <modelVersion>4.0.0</modelVersion>
- <parent>
- <groupId>org.apache.camel.quarkus</groupId>
- <artifactId>camel-quarkus-build-parent</artifactId>
- <version>1.7.0-SNAPSHOT</version>
- <relativePath>../../poms/build-parent/pom.xml</relativePath>
- </parent>
-
- <artifactId>camel-quarkus-xmlsecurity-parent</artifactId>
- <name>Camel Quarkus :: XML Security Sign</name>
- <packaging>pom</packaging>
-
- <modules>
- <module>deployment</module>
- <module>runtime</module>
- <module>integration-test</module>
- </modules>
-</project>
+<Document xmlns="http://test/test">
+ <ToBeSigned>
+ <!-- Test comment 1 -->
+ <Data>1</Data>
+ <NotToBeSigned>
+ <ReallyToBeSigned>
+ <!-- Test comment 2 -->
+ <Data>2</Data>
+ </ReallyToBeSigned>
+ </NotToBeSigned>
+ </ToBeSigned>
+ <ToBeSigned>
+ <Data>3</Data>
+ <NotToBeSigned>
+ <Data>4</Data>
+ </NotToBeSigned>
+ </ToBeSigned>
+</Document>
\ No newline at end of file
diff --git a/tooling/scripts/test-categories.yaml b/tooling/scripts/test-categories.yaml
index e750fb3..eb3e39b 100644
--- a/tooling/scripts/test-categories.yaml
+++ b/tooling/scripts/test-categories.yaml
@@ -74,6 +74,7 @@ dataformats:
- dataformat
- jaxb
- soap
+ - xmlsecurity
- xstream
foundation:
- bean