You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cxf.apache.org by bu...@apache.org on 2020/02/24 14:06:46 UTC
[cxf] branch master updated: cxf-systests-rs-security: configure
client HTTPS from code
This is an automated email from the ASF dual-hosted git repository.
buhhunyx pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/cxf.git
The following commit(s) were added to refs/heads/master by this push:
new 6c36865 cxf-systests-rs-security: configure client HTTPS from code
6c36865 is described below
commit 6c368654075cfc80a6b59903fd0ae343f2cd5fff
Author: Alexey Markevich <bu...@gmail.com>
AuthorDate: Mon Feb 24 17:05:00 2020 +0300
cxf-systests-rs-security: configure client HTTPS from code
---
.../oidc/idp/OidcDynamicRegistrationService.java | 8 +-
.../security/oauth2/common/OAuth2TestUtils.java | 35 ++++
.../oauth2/filters/BookServerOAuth2Filters.java | 48 -----
.../oauth2/filters/BookServerOAuth2FiltersJwt.java | 48 -----
.../oauth2/filters/BookServerOAuth2Service.java | 48 -----
.../oauth2/filters/BookServerOAuth2ServiceJwt.java | 48 -----
.../security/oauth2/filters/OAuth2FiltersTest.java | 203 ++++++++-------------
.../oauth2/filters/OAuth2JwtFiltersTest.java | 56 +++---
.../security/oauth2/filters/PartnerServer.java | 49 -----
.../security/oauth2/filters/PartnerService.java | 34 ++--
.../jaxrs/security/oauth2/filters/client.xml | 45 -----
.../security/oauth2/filters/partner-service.xml | 9 +-
12 files changed, 168 insertions(+), 463 deletions(-)
diff --git a/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/idp/OidcDynamicRegistrationService.java b/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/idp/OidcDynamicRegistrationService.java
index 21df3f8..3fa7314 100644
--- a/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/idp/OidcDynamicRegistrationService.java
+++ b/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/idp/OidcDynamicRegistrationService.java
@@ -18,7 +18,7 @@
*/
package org.apache.cxf.rs.security.oidc.idp;
-import java.util.LinkedList;
+import java.util.Arrays;
import java.util.List;
import org.apache.cxf.rs.security.oauth2.common.Client;
@@ -50,11 +50,7 @@ public class OidcDynamicRegistrationService extends DynamicRegistrationService {
ClientRegistration resp = super.fromClientToClientRegistration(client);
String logoutUris = client.getProperties().get(POST_LOGOUT_LOGOUT_URIS);
if (logoutUris != null) {
- List<String> list = new LinkedList<>();
- for (String s : logoutUris.split(" ")) {
- list.add(s);
- }
- resp.setProperty(POST_LOGOUT_LOGOUT_URIS, list);
+ resp.setProperty(POST_LOGOUT_LOGOUT_URIS, Arrays.asList(logoutUris.split(" ")));
}
return resp;
}
diff --git a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/common/OAuth2TestUtils.java b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/common/OAuth2TestUtils.java
index c31cace..a1d0e72 100644
--- a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/common/OAuth2TestUtils.java
+++ b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/common/OAuth2TestUtils.java
@@ -18,6 +18,10 @@
*/
package org.apache.cxf.systest.jaxrs.security.oauth2.common;
+import java.io.IOException;
+import java.io.InputStream;
+import java.security.GeneralSecurityException;
+import java.security.KeyStore;
import java.time.Instant;
import java.util.Arrays;
import java.util.Collections;
@@ -26,9 +30,12 @@ import java.util.List;
import java.util.Map;
import java.util.Properties;
+import javax.net.ssl.KeyManagerFactory;
+import javax.net.ssl.TrustManagerFactory;
import javax.ws.rs.core.Form;
import javax.ws.rs.core.Response;
+import org.apache.cxf.configuration.jsse.TLSClientParameters;
import org.apache.cxf.jaxrs.client.WebClient;
import org.apache.cxf.jaxrs.provider.json.JSONProvider;
import org.apache.cxf.jaxrs.provider.json.JsonMapObjectProvider;
@@ -46,6 +53,9 @@ import org.apache.cxf.rs.security.oauth2.common.OAuthAuthorizationData;
import org.apache.cxf.rs.security.oauth2.grants.code.AuthorizationCodeGrant;
import org.apache.cxf.rs.security.oauth2.provider.OAuthJSONProvider;
import org.apache.cxf.rs.security.oauth2.utils.OAuthConstants;
+import org.apache.cxf.rt.security.crypto.CryptoUtils;
+import org.apache.cxf.transport.http.HTTPConduit;
+import org.apache.cxf.transport.http.HTTPConduitConfigurer;
import org.apache.wss4j.common.ext.WSSecurityException;
import org.apache.wss4j.common.saml.SAMLCallback;
import org.apache.wss4j.common.saml.SAMLUtil;
@@ -279,6 +289,31 @@ public final class OAuth2TestUtils {
return foundString.substring(0, ampersandIndex);
}
+ public static HTTPConduitConfigurer clientHTTPConduitConfigurer() throws IOException, GeneralSecurityException {
+ final TLSClientParameters tlsCP = new TLSClientParameters();
+ tlsCP.setDisableCNCheck(true);
+
+ try (InputStream is = OAuth2TestUtils.class.getResourceAsStream("/keys/Morpit.jks")) {
+ final KeyStore keyStore = CryptoUtils.loadKeyStore(is, "password".toCharArray(), null);
+ final KeyManagerFactory kmf = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
+ kmf.init(keyStore, "password".toCharArray());
+ tlsCP.setKeyManagers(kmf.getKeyManagers());
+ }
+
+ try (InputStream is = OAuth2TestUtils.class.getResourceAsStream("/keys/Truststore.jks")) {
+ final KeyStore keyStore = CryptoUtils.loadKeyStore(is, "password".toCharArray(), null);
+ final TrustManagerFactory tmf = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
+ tmf.init(keyStore);
+ tlsCP.setTrustManagers(tmf.getTrustManagers());
+ }
+
+ return new HTTPConduitConfigurer() {
+ public void configure(String name, String address, HTTPConduit c) {
+ c.setTlsClientParameters(tlsCP);
+ }
+ };
+ }
+
public static class AuthorizationCodeParameters {
private String scope;
private String consumerId;
diff --git a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/filters/BookServerOAuth2Filters.java b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/filters/BookServerOAuth2Filters.java
deleted file mode 100644
index 44c220a..0000000
--- a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/filters/BookServerOAuth2Filters.java
+++ /dev/null
@@ -1,48 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-
-package org.apache.cxf.systest.jaxrs.security.oauth2.filters;
-
-import java.net.URL;
-
-import org.apache.cxf.Bus;
-import org.apache.cxf.BusFactory;
-import org.apache.cxf.bus.spring.SpringBusFactory;
-import org.apache.cxf.testutil.common.AbstractBusTestServerBase;
-import org.apache.cxf.testutil.common.TestUtil;
-
-public class BookServerOAuth2Filters extends AbstractBusTestServerBase {
- public static final String PORT = TestUtil.getPortNumber("jaxrs-oauth2-filters");
- private static final URL SERVER_CONFIG_FILE =
- BookServerOAuth2Filters.class.getResource("filters-server.xml");
-
- protected void run() {
- SpringBusFactory bf = new SpringBusFactory();
- Bus springBus = bf.createBus(SERVER_CONFIG_FILE);
- BusFactory.setDefaultBus(springBus);
- setBus(springBus);
-
- try {
- new BookServerOAuth2Filters();
- } catch (Exception e) {
- throw new RuntimeException(e);
- }
- }
-
-}
diff --git a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/filters/BookServerOAuth2FiltersJwt.java b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/filters/BookServerOAuth2FiltersJwt.java
deleted file mode 100644
index 6cf1c43..0000000
--- a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/filters/BookServerOAuth2FiltersJwt.java
+++ /dev/null
@@ -1,48 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-
-package org.apache.cxf.systest.jaxrs.security.oauth2.filters;
-
-import java.net.URL;
-
-import org.apache.cxf.Bus;
-import org.apache.cxf.BusFactory;
-import org.apache.cxf.bus.spring.SpringBusFactory;
-import org.apache.cxf.testutil.common.AbstractBusTestServerBase;
-import org.apache.cxf.testutil.common.TestUtil;
-
-public class BookServerOAuth2FiltersJwt extends AbstractBusTestServerBase {
- public static final String PORT = TestUtil.getPortNumber("jaxrs-oauth2-filtersJwt");
- private static final URL SERVER_CONFIG_FILE =
- BookServerOAuth2FiltersJwt.class.getResource("filters-serverJwt.xml");
-
- protected void run() {
- SpringBusFactory bf = new SpringBusFactory();
- Bus springBus = bf.createBus(SERVER_CONFIG_FILE);
- BusFactory.setDefaultBus(springBus);
- setBus(springBus);
-
- try {
- new BookServerOAuth2FiltersJwt();
- } catch (Exception e) {
- throw new RuntimeException(e);
- }
- }
-
-}
diff --git a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/filters/BookServerOAuth2Service.java b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/filters/BookServerOAuth2Service.java
deleted file mode 100644
index 0bfa340..0000000
--- a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/filters/BookServerOAuth2Service.java
+++ /dev/null
@@ -1,48 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-
-package org.apache.cxf.systest.jaxrs.security.oauth2.filters;
-
-import java.net.URL;
-
-import org.apache.cxf.Bus;
-import org.apache.cxf.BusFactory;
-import org.apache.cxf.bus.spring.SpringBusFactory;
-import org.apache.cxf.testutil.common.AbstractBusTestServerBase;
-import org.apache.cxf.testutil.common.TestUtil;
-
-public class BookServerOAuth2Service extends AbstractBusTestServerBase {
- public static final String PORT = TestUtil.getPortNumber("jaxrs-oauth2-service");
- private static final URL SERVER_CONFIG_FILE =
- BookServerOAuth2Service.class.getResource("oauth20-server.xml");
-
- protected void run() {
- SpringBusFactory bf = new SpringBusFactory();
- Bus springBus = bf.createBus(SERVER_CONFIG_FILE);
- BusFactory.setDefaultBus(springBus);
- setBus(springBus);
-
- try {
- new BookServerOAuth2Service();
- } catch (Exception e) {
- throw new RuntimeException(e);
- }
- }
-
-}
diff --git a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/filters/BookServerOAuth2ServiceJwt.java b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/filters/BookServerOAuth2ServiceJwt.java
deleted file mode 100644
index f456207..0000000
--- a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/filters/BookServerOAuth2ServiceJwt.java
+++ /dev/null
@@ -1,48 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-
-package org.apache.cxf.systest.jaxrs.security.oauth2.filters;
-
-import java.net.URL;
-
-import org.apache.cxf.Bus;
-import org.apache.cxf.BusFactory;
-import org.apache.cxf.bus.spring.SpringBusFactory;
-import org.apache.cxf.testutil.common.AbstractBusTestServerBase;
-import org.apache.cxf.testutil.common.TestUtil;
-
-public class BookServerOAuth2ServiceJwt extends AbstractBusTestServerBase {
- public static final String PORT = TestUtil.getPortNumber("jaxrs-oauth2-serviceJwt");
- private static final URL SERVER_CONFIG_FILE =
- BookServerOAuth2ServiceJwt.class.getResource("oauth20-serverJwt.xml");
-
- protected void run() {
- SpringBusFactory bf = new SpringBusFactory();
- Bus springBus = bf.createBus(SERVER_CONFIG_FILE);
- BusFactory.setDefaultBus(springBus);
- setBus(springBus);
-
- try {
- new BookServerOAuth2ServiceJwt();
- } catch (Exception e) {
- throw new RuntimeException(e);
- }
- }
-
-}
diff --git a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/filters/OAuth2FiltersTest.java b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/filters/OAuth2FiltersTest.java
index 3ade05c..e912658 100644
--- a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/filters/OAuth2FiltersTest.java
+++ b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/filters/OAuth2FiltersTest.java
@@ -19,23 +19,28 @@
package org.apache.cxf.systest.jaxrs.security.oauth2.filters;
-import java.net.URL;
+import java.net.URI;
import java.util.UUID;
import javax.ws.rs.core.Form;
import javax.ws.rs.core.Response;
+import javax.ws.rs.core.Response.Status.Family;
+import org.apache.cxf.bus.spring.SpringBusFactory;
import org.apache.cxf.jaxrs.client.WebClient;
import org.apache.cxf.rs.security.oauth2.common.ClientAccessToken;
import org.apache.cxf.rs.security.oauth2.common.OAuthAuthorizationData;
import org.apache.cxf.systest.jaxrs.security.Book;
import org.apache.cxf.systest.jaxrs.security.oauth2.common.OAuth2TestUtils;
import org.apache.cxf.testutil.common.AbstractBusClientServerTestBase;
+import org.apache.cxf.testutil.common.AbstractBusTestServerBase;
+import org.apache.cxf.testutil.common.TestUtil;
+import org.apache.cxf.transport.http.HTTPConduitConfigurer;
import org.junit.BeforeClass;
+import static org.apache.cxf.rs.security.oauth2.utils.OAuthConstants.BEARER_AUTHORIZATION_SCHEME;
import static org.junit.Assert.assertEquals;
-import static org.junit.Assert.assertNotEquals;
import static org.junit.Assert.assertNotNull;
import static org.junit.Assert.assertTrue;
@@ -43,12 +48,14 @@ import static org.junit.Assert.assertTrue;
* Some tests for the OAuth 2.0 filters
*/
public class OAuth2FiltersTest extends AbstractBusClientServerTestBase {
- public static final String PORT = BookServerOAuth2Filters.PORT;
- public static final String OAUTH_PORT = BookServerOAuth2Service.PORT;
- public static final String PARTNER_PORT = PartnerServer.PORT;
+ private static final String PORT = BookServerOAuth2Filters.PORT;
+ private static final String OAUTH_PORT = TestUtil.getPortNumber("jaxrs-oauth2-service");
+ private static final String PARTNER_PORT = TestUtil.getPortNumber("jaxrs-oauth2-filters-partner");
@BeforeClass
public static void startServers() throws Exception {
+ createStaticBus().setExtension(OAuth2TestUtils.clientHTTPConduitConfigurer(), HTTPConduitConfigurer.class);
+
assertTrue("server did not launch correctly",
launchServer(BookServerOAuth2Filters.class, true));
assertTrue("server did not launch correctly",
@@ -59,13 +66,11 @@ public class OAuth2FiltersTest extends AbstractBusClientServerTestBase {
@org.junit.Test
public void testServiceWithToken() throws Exception {
- URL busFile = OAuth2FiltersTest.class.getResource("client.xml");
-
// Get Authorization Code
String oauthService = "https://localhost:" + OAUTH_PORT + "/services/";
WebClient oauthClient = WebClient.create(oauthService, OAuth2TestUtils.setupProviders(),
- "alice", "security", busFile.toString());
+ "alice", "security", null);
// Save the Cookie for the second request...
WebClient.getConfig(oauthClient).getRequestContext().put(
org.apache.cxf.message.Message.MAINTAIN_SESSION, Boolean.TRUE);
@@ -74,11 +79,7 @@ public class OAuth2FiltersTest extends AbstractBusClientServerTestBase {
assertNotNull(code);
// Now get the access token
- oauthClient = WebClient.create(oauthService, OAuth2TestUtils.setupProviders(),
- "consumer-id", "this-is-a-secret", busFile.toString());
- // Save the Cookie for the second request...
- WebClient.getConfig(oauthClient).getRequestContext().put(
- org.apache.cxf.message.Message.MAINTAIN_SESSION, Boolean.TRUE);
+ oauthClient = WebClient.create(oauthService, "consumer-id", "this-is-a-secret", null);
ClientAccessToken accessToken =
OAuth2TestUtils.getAccessTokenWithAuthorizationCode(oauthClient, code);
@@ -86,9 +87,8 @@ public class OAuth2FiltersTest extends AbstractBusClientServerTestBase {
// Now invoke on the service with the access token
String address = "https://localhost:" + PORT + "/secured/bookstore/books";
- WebClient client = WebClient.create(address, OAuth2TestUtils.setupProviders(),
- busFile.toString());
- client.header("Authorization", "Bearer " + accessToken.getTokenKey());
+ WebClient client = WebClient.create(address, OAuth2TestUtils.setupProviders())
+ .authorization(new ClientAccessToken(BEARER_AUTHORIZATION_SCHEME, accessToken.getTokenKey()));
Response response = client.type("application/xml").post(new Book("book", 123L));
assertEquals(response.getStatus(), 200);
@@ -100,54 +100,43 @@ public class OAuth2FiltersTest extends AbstractBusClientServerTestBase {
@org.junit.Test
public void testServiceWithFakeToken() throws Exception {
- URL busFile = OAuth2FiltersTest.class.getResource("client.xml");
-
// Now invoke on the service with the faked access token
String address = "https://localhost:" + PORT + "/secured/bookstore/books";
- WebClient client = WebClient.create(address, OAuth2TestUtils.setupProviders(),
- busFile.toString());
- client.header("Authorization", "Bearer " + UUID.randomUUID().toString());
+ WebClient client = WebClient.create(address, OAuth2TestUtils.setupProviders())
+ .authorization(new ClientAccessToken(BEARER_AUTHORIZATION_SCHEME, UUID.randomUUID().toString()));
Response response = client.post(new Book("book", 123L));
- assertNotEquals(response.getStatus(), 200);
+ assertEquals(Family.CLIENT_ERROR, response.getStatusInfo().getFamily());
}
@org.junit.Test
public void testServiceWithNoToken() throws Exception {
- URL busFile = OAuth2FiltersTest.class.getResource("client.xml");
-
// Now invoke on the service with the faked access token
String address = "https://localhost:" + PORT + "/secured/bookstore/books";
- WebClient client = WebClient.create(address, OAuth2TestUtils.setupProviders(),
- busFile.toString());
+ WebClient client = WebClient.create(address, OAuth2TestUtils.setupProviders());
Response response = client.post(new Book("book", 123L));
- assertNotEquals(response.getStatus(), 200);
+ assertEquals(Family.CLIENT_ERROR, response.getStatusInfo().getFamily());
}
@org.junit.Test
public void testServiceWithEmptyToken() throws Exception {
- URL busFile = OAuth2FiltersTest.class.getResource("client.xml");
-
// Now invoke on the service with the faked access token
String address = "https://localhost:" + PORT + "/secured/bookstore/books";
- WebClient client = WebClient.create(address, OAuth2TestUtils.setupProviders(),
- busFile.toString());
- client.header("Authorization", "Bearer ");
+ WebClient client = WebClient.create(address, OAuth2TestUtils.setupProviders())
+ .authorization(new ClientAccessToken(BEARER_AUTHORIZATION_SCHEME, ""));
Response response = client.post(new Book("book", 123L));
- assertNotEquals(response.getStatus(), 200);
+ assertEquals(Family.CLIENT_ERROR, response.getStatusInfo().getFamily());
}
@org.junit.Test
public void testServiceWithTokenAndScope() throws Exception {
- URL busFile = OAuth2FiltersTest.class.getResource("client.xml");
-
// Get Authorization Code
String oauthService = "https://localhost:" + OAUTH_PORT + "/services/";
WebClient oauthClient = WebClient.create(oauthService, OAuth2TestUtils.setupProviders(),
- "alice", "security", busFile.toString());
+ "alice", "security", null);
// Save the Cookie for the second request...
WebClient.getConfig(oauthClient).getRequestContext().put(
org.apache.cxf.message.Message.MAINTAIN_SESSION, Boolean.TRUE);
@@ -156,11 +145,7 @@ public class OAuth2FiltersTest extends AbstractBusClientServerTestBase {
assertNotNull(code);
// Now get the access token
- oauthClient = WebClient.create(oauthService, OAuth2TestUtils.setupProviders(),
- "consumer-id", "this-is-a-secret", busFile.toString());
- // Save the Cookie for the second request...
- WebClient.getConfig(oauthClient).getRequestContext().put(
- org.apache.cxf.message.Message.MAINTAIN_SESSION, Boolean.TRUE);
+ oauthClient = WebClient.create(oauthService, "consumer-id", "this-is-a-secret", null);
ClientAccessToken accessToken =
OAuth2TestUtils.getAccessTokenWithAuthorizationCode(oauthClient, code);
@@ -168,9 +153,8 @@ public class OAuth2FiltersTest extends AbstractBusClientServerTestBase {
// Now invoke on the service with the access token
String address = "https://localhost:" + PORT + "/secured/bookstore/books";
- WebClient client = WebClient.create(address, OAuth2TestUtils.setupProviders(),
- busFile.toString());
- client.header("Authorization", "Bearer " + accessToken.getTokenKey());
+ WebClient client = WebClient.create(address, OAuth2TestUtils.setupProviders())
+ .authorization(new ClientAccessToken(BEARER_AUTHORIZATION_SCHEME, accessToken.getTokenKey()));
Response response = client.type("application/xml").post(new Book("book", 123L));
assertEquals(response.getStatus(), 200);
@@ -182,13 +166,11 @@ public class OAuth2FiltersTest extends AbstractBusClientServerTestBase {
@org.junit.Test
public void testServiceWithTokenAndIncorrectScopeVerb() throws Exception {
- URL busFile = OAuth2FiltersTest.class.getResource("client.xml");
-
// Get Authorization Code
String oauthService = "https://localhost:" + OAUTH_PORT + "/services/";
WebClient oauthClient = WebClient.create(oauthService, OAuth2TestUtils.setupProviders(),
- "alice", "security", busFile.toString());
+ "alice", "security", null);
// Save the Cookie for the second request...
WebClient.getConfig(oauthClient).getRequestContext().put(
org.apache.cxf.message.Message.MAINTAIN_SESSION, Boolean.TRUE);
@@ -197,11 +179,7 @@ public class OAuth2FiltersTest extends AbstractBusClientServerTestBase {
assertNotNull(code);
// Now get the access token
- oauthClient = WebClient.create(oauthService, OAuth2TestUtils.setupProviders(),
- "consumer-id", "this-is-a-secret", busFile.toString());
- // Save the Cookie for the second request...
- WebClient.getConfig(oauthClient).getRequestContext().put(
- org.apache.cxf.message.Message.MAINTAIN_SESSION, Boolean.TRUE);
+ oauthClient = WebClient.create(oauthService, "consumer-id", "this-is-a-secret", null);
ClientAccessToken accessToken =
OAuth2TestUtils.getAccessTokenWithAuthorizationCode(oauthClient, code);
@@ -209,24 +187,21 @@ public class OAuth2FiltersTest extends AbstractBusClientServerTestBase {
// Now invoke on the service with the access token
String address = "https://localhost:" + PORT + "/secured/bookstore/books";
- WebClient client = WebClient.create(address, OAuth2TestUtils.setupProviders(),
- busFile.toString());
- client.header("Authorization", "Bearer " + accessToken.getTokenKey());
+ WebClient client = WebClient.create(address, OAuth2TestUtils.setupProviders())
+ .authorization(new ClientAccessToken(BEARER_AUTHORIZATION_SCHEME, accessToken.getTokenKey()));
// We don't have the scope to post a book here
Response response = client.post(new Book("book", 123L));
- assertNotEquals(response.getStatus(), 200);
+ assertEquals(Family.CLIENT_ERROR, response.getStatusInfo().getFamily());
}
@org.junit.Test
public void testServiceWithTokenAndIncorrectScopeURI() throws Exception {
- URL busFile = OAuth2FiltersTest.class.getResource("client.xml");
-
// Get Authorization Code
String oauthService = "https://localhost:" + OAUTH_PORT + "/services/";
WebClient oauthClient = WebClient.create(oauthService, OAuth2TestUtils.setupProviders(),
- "alice", "security", busFile.toString());
+ "alice", "security", null);
// Save the Cookie for the second request...
WebClient.getConfig(oauthClient).getRequestContext().put(
org.apache.cxf.message.Message.MAINTAIN_SESSION, Boolean.TRUE);
@@ -235,11 +210,7 @@ public class OAuth2FiltersTest extends AbstractBusClientServerTestBase {
assertNotNull(code);
// Now get the access token
- oauthClient = WebClient.create(oauthService, OAuth2TestUtils.setupProviders(),
- "consumer-id", "this-is-a-secret", busFile.toString());
- // Save the Cookie for the second request...
- WebClient.getConfig(oauthClient).getRequestContext().put(
- org.apache.cxf.message.Message.MAINTAIN_SESSION, Boolean.TRUE);
+ oauthClient = WebClient.create(oauthService, "consumer-id", "this-is-a-secret", null);
ClientAccessToken accessToken =
OAuth2TestUtils.getAccessTokenWithAuthorizationCode(oauthClient, code);
@@ -247,24 +218,21 @@ public class OAuth2FiltersTest extends AbstractBusClientServerTestBase {
// Now invoke on the service with the access token
String address = "https://localhost:" + PORT + "/secured/bookstore/books";
- WebClient client = WebClient.create(address, OAuth2TestUtils.setupProviders(),
- busFile.toString());
- client.header("Authorization", "Bearer " + accessToken.getTokenKey());
+ WebClient client = WebClient.create(address, OAuth2TestUtils.setupProviders())
+ .authorization(new ClientAccessToken(BEARER_AUTHORIZATION_SCHEME, accessToken.getTokenKey()));
// We don't have the scope to post a book here
Response response = client.post(new Book("book", 123L));
- assertNotEquals(response.getStatus(), 200);
+ assertEquals(Family.CLIENT_ERROR, response.getStatusInfo().getFamily());
}
@org.junit.Test
public void testServiceWithTokenAndMultipleScopes() throws Exception {
- URL busFile = OAuth2FiltersTest.class.getResource("client.xml");
-
// Get Authorization Code
String oauthService = "https://localhost:" + OAUTH_PORT + "/services/";
WebClient oauthClient = WebClient.create(oauthService, OAuth2TestUtils.setupProviders(),
- "alice", "security", busFile.toString());
+ "alice", "security", null);
// Save the Cookie for the second request...
WebClient.getConfig(oauthClient).getRequestContext().put(
org.apache.cxf.message.Message.MAINTAIN_SESSION, Boolean.TRUE);
@@ -274,11 +242,7 @@ public class OAuth2FiltersTest extends AbstractBusClientServerTestBase {
assertNotNull(code);
// Now get the access token
- oauthClient = WebClient.create(oauthService, OAuth2TestUtils.setupProviders(),
- "consumer-id", "this-is-a-secret", busFile.toString());
- // Save the Cookie for the second request...
- WebClient.getConfig(oauthClient).getRequestContext().put(
- org.apache.cxf.message.Message.MAINTAIN_SESSION, Boolean.TRUE);
+ oauthClient = WebClient.create(oauthService, "consumer-id", "this-is-a-secret", null);
ClientAccessToken accessToken =
OAuth2TestUtils.getAccessTokenWithAuthorizationCode(oauthClient, code);
@@ -286,9 +250,8 @@ public class OAuth2FiltersTest extends AbstractBusClientServerTestBase {
// Now invoke on the service with the access token
String address = "https://localhost:" + PORT + "/secured/bookstore/books";
- WebClient client = WebClient.create(address, OAuth2TestUtils.setupProviders(),
- busFile.toString());
- client.header("Authorization", "Bearer " + accessToken.getTokenKey());
+ WebClient client = WebClient.create(address, OAuth2TestUtils.setupProviders())
+ .authorization(new ClientAccessToken(BEARER_AUTHORIZATION_SCHEME, accessToken.getTokenKey()));
Response response = client.type("application/xml").post(new Book("book", 123L));
assertEquals(response.getStatus(), 200);
@@ -300,13 +263,11 @@ public class OAuth2FiltersTest extends AbstractBusClientServerTestBase {
@org.junit.Test
public void testServiceWithTokenUsingAudience() throws Exception {
- URL busFile = OAuth2FiltersTest.class.getResource("client.xml");
-
// Get Authorization Code
String oauthService = "https://localhost:" + OAUTH_PORT + "/services/";
WebClient oauthClient = WebClient.create(oauthService, OAuth2TestUtils.setupProviders(),
- "alice", "security", busFile.toString());
+ "alice", "security", null);
// Save the Cookie for the second request...
WebClient.getConfig(oauthClient).getRequestContext().put(
org.apache.cxf.message.Message.MAINTAIN_SESSION, Boolean.TRUE);
@@ -315,11 +276,7 @@ public class OAuth2FiltersTest extends AbstractBusClientServerTestBase {
assertNotNull(code);
// Now get the access token
- oauthClient = WebClient.create(oauthService, OAuth2TestUtils.setupProviders(),
- "consumer-id-aud", "this-is-a-secret", busFile.toString());
- // Save the Cookie for the second request...
- WebClient.getConfig(oauthClient).getRequestContext().put(
- org.apache.cxf.message.Message.MAINTAIN_SESSION, Boolean.TRUE);
+ oauthClient = WebClient.create(oauthService, "consumer-id-aud", "this-is-a-secret", null);
String address = "https://localhost:" + PORT + "/secured/bookstore/books";
ClientAccessToken accessToken =
@@ -328,9 +285,8 @@ public class OAuth2FiltersTest extends AbstractBusClientServerTestBase {
assertNotNull(accessToken.getTokenKey());
// Now invoke on the service with the access token
- WebClient client = WebClient.create(address, OAuth2TestUtils.setupProviders(),
- busFile.toString());
- client.header("Authorization", "Bearer " + accessToken.getTokenKey());
+ WebClient client = WebClient.create(address, OAuth2TestUtils.setupProviders())
+ .authorization(new ClientAccessToken(BEARER_AUTHORIZATION_SCHEME, accessToken.getTokenKey()));
Response response = client.type("application/xml").post(new Book("book", 123L));
assertEquals(response.getStatus(), 200);
@@ -342,13 +298,11 @@ public class OAuth2FiltersTest extends AbstractBusClientServerTestBase {
@org.junit.Test
public void testServiceWithTokenUsingIncorrectAudience() throws Exception {
- URL busFile = OAuth2FiltersTest.class.getResource("client.xml");
-
// Get Authorization Code
String oauthService = "https://localhost:" + OAUTH_PORT + "/services/";
WebClient oauthClient = WebClient.create(oauthService, OAuth2TestUtils.setupProviders(),
- "alice", "security", busFile.toString());
+ "alice", "security", null);
// Save the Cookie for the second request...
WebClient.getConfig(oauthClient).getRequestContext().put(
org.apache.cxf.message.Message.MAINTAIN_SESSION, Boolean.TRUE);
@@ -357,11 +311,7 @@ public class OAuth2FiltersTest extends AbstractBusClientServerTestBase {
assertNotNull(code);
// Now get the access token
- oauthClient = WebClient.create(oauthService, OAuth2TestUtils.setupProviders(),
- "consumer-id-aud2", "this-is-a-secret", busFile.toString());
- // Save the Cookie for the second request...
- WebClient.getConfig(oauthClient).getRequestContext().put(
- org.apache.cxf.message.Message.MAINTAIN_SESSION, Boolean.TRUE);
+ oauthClient = WebClient.create(oauthService, "consumer-id-aud2", "this-is-a-secret", null);
String address = "https://localhost:" + PORT + "/securedxyz/bookstore/books";
ClientAccessToken accessToken =
@@ -370,23 +320,20 @@ public class OAuth2FiltersTest extends AbstractBusClientServerTestBase {
assertNotNull(accessToken.getTokenKey());
// Now invoke on the service with the access token
- WebClient client = WebClient.create(address, OAuth2TestUtils.setupProviders(),
- busFile.toString());
- client.header("Authorization", "Bearer " + accessToken.getTokenKey());
+ WebClient client = WebClient.create(address, OAuth2TestUtils.setupProviders())
+ .authorization(new ClientAccessToken(BEARER_AUTHORIZATION_SCHEME, accessToken.getTokenKey()));
Response response = client.post(new Book("book", 123L));
- assertNotEquals(response.getStatus(), 200);
+ assertEquals(Family.CLIENT_ERROR, response.getStatusInfo().getFamily());
}
@org.junit.Test
public void testPartnerServiceUsingClientCodeRequestFilter() throws Exception {
- URL busFile = OAuth2FiltersTest.class.getResource("client.xml");
-
// Invoke on the partner service, which is secured with the ClientCodeRequestFilter
String partnerService = "https://localhost:" + PARTNER_PORT + "/partnerservice/bookstore/books";
WebClient partnerClient =
- WebClient.create(partnerService, OAuth2TestUtils.setupProviders(), "bob", "security", busFile.toString());
+ WebClient.create(partnerService, OAuth2TestUtils.setupProviders(), "bob", "security", null);
// Save the Cookie for the second request...
WebClient.getConfig(partnerClient).getRequestContext().put(
org.apache.cxf.message.Message.MAINTAIN_SESSION, Boolean.TRUE);
@@ -400,16 +347,16 @@ public class OAuth2FiltersTest extends AbstractBusClientServerTestBase {
WebClient idpClient =
- WebClient.create(location, OAuth2TestUtils.setupProviders(), "bob", "security", busFile.toString());
+ WebClient.create(location, OAuth2TestUtils.setupProviders(), "bob", "security", null);
// Save the Cookie for the second request...
WebClient.getConfig(idpClient).getRequestContext().put(
org.apache.cxf.message.Message.MAINTAIN_SESSION, Boolean.TRUE);
// Get Authorization Code + State
- String receivedLocation = getLocationUsingAuthorizationCodeGrant(idpClient);
+ URI receivedLocation = getLocationUsingAuthorizationCodeGrant(idpClient);
assertNotNull(receivedLocation);
- String code = getSubstring(receivedLocation, "code");
- String state = getSubstring(receivedLocation, "state");
+ String code = OAuth2TestUtils.getSubstring(receivedLocation.getQuery(), "code");
+ String state = OAuth2TestUtils.getSubstring(receivedLocation.getQuery(), "state");
// Add Referer
String referer = "https://localhost:" + OAUTH_PORT + "/services/authorize";
@@ -426,12 +373,9 @@ public class OAuth2FiltersTest extends AbstractBusClientServerTestBase {
assertEquals(returnedBook.getId(), 123L);
}
- private String getLocationUsingAuthorizationCodeGrant(WebClient client) {
+ private static URI getLocationUsingAuthorizationCodeGrant(WebClient client) {
client.type("application/json").accept("application/json");
-
- Response response = client.get();
-
- OAuthAuthorizationData authzData = response.readEntity(OAuthAuthorizationData.class);
+ OAuthAuthorizationData authzData = client.get(OAuthAuthorizationData.class);
// Now call "decision" to get the authorization code grant
client.path("decision");
@@ -447,20 +391,33 @@ public class OAuth2FiltersTest extends AbstractBusClientServerTestBase {
form.param("state", authzData.getState());
form.param("oauthDecision", "allow");
- response = client.post(form);
- return response.getHeaderString("Location");
+ return client.post(form).getLocation();
}
- private String getSubstring(String parentString, String substringName) {
- String foundString =
- parentString.substring(parentString.indexOf(substringName + "=") + (substringName + "=").length());
- int ampersandIndex = foundString.indexOf('&');
- if (ampersandIndex < 1) {
- ampersandIndex = foundString.length();
+ //
+ // Server implementations
+ //
+ public static class BookServerOAuth2Filters extends AbstractBusTestServerBase {
+ public static final String PORT = TestUtil.getPortNumber("jaxrs-oauth2-filters");
+ @Override
+ protected void run() {
+ setBus(new SpringBusFactory().createBus(getClass().getResource("filters-server.xml")));
}
- return foundString.substring(0, ampersandIndex);
}
+ public static class BookServerOAuth2Service extends AbstractBusTestServerBase {
+ @Override
+ protected void run() {
+ setBus(new SpringBusFactory().createBus(getClass().getResource("oauth20-server.xml")));
+ }
+ }
+
+ public static class PartnerServer extends AbstractBusTestServerBase {
+ @Override
+ protected void run() {
+ setBus(new SpringBusFactory().createBus(getClass().getResource("partner-service.xml")));
+ }
+ }
}
diff --git a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/filters/OAuth2JwtFiltersTest.java b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/filters/OAuth2JwtFiltersTest.java
index b451aa1..0d188fa 100644
--- a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/filters/OAuth2JwtFiltersTest.java
+++ b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/filters/OAuth2JwtFiltersTest.java
@@ -19,10 +19,9 @@
package org.apache.cxf.systest.jaxrs.security.oauth2.filters;
-import java.net.URL;
-
import javax.ws.rs.core.Response;
+import org.apache.cxf.bus.spring.SpringBusFactory;
import org.apache.cxf.jaxrs.client.WebClient;
import org.apache.cxf.rs.security.jose.jws.JwsJwtCompactConsumer;
import org.apache.cxf.rs.security.jose.jws.JwsSignatureVerifier;
@@ -33,9 +32,13 @@ import org.apache.cxf.rs.security.oauth2.utils.OAuthConstants;
import org.apache.cxf.systest.jaxrs.security.Book;
import org.apache.cxf.systest.jaxrs.security.oauth2.common.OAuth2TestUtils;
import org.apache.cxf.testutil.common.AbstractBusClientServerTestBase;
+import org.apache.cxf.testutil.common.AbstractBusTestServerBase;
+import org.apache.cxf.testutil.common.TestUtil;
+import org.apache.cxf.transport.http.HTTPConduitConfigurer;
import org.junit.BeforeClass;
+import static org.apache.cxf.rs.security.oauth2.utils.OAuthConstants.BEARER_AUTHORIZATION_SCHEME;
import static org.junit.Assert.assertEquals;
import static org.junit.Assert.assertNotEquals;
import static org.junit.Assert.assertNotNull;
@@ -45,15 +48,17 @@ import static org.junit.Assert.assertTrue;
* Some tests for the OAuth 2.0 filters
*/
public class OAuth2JwtFiltersTest extends AbstractBusClientServerTestBase {
- public static final String PORT = BookServerOAuth2FiltersJwt.PORT;
- public static final String OAUTH_PORT = BookServerOAuth2ServiceJwt.PORT;
+ private static final String PORT = TestUtil.getPortNumber("jaxrs-oauth2-filtersJwt");
+ private static final String OAUTH_PORT = TestUtil.getPortNumber("jaxrs-oauth2-serviceJwt");
@BeforeClass
public static void startServers() throws Exception {
+ createStaticBus().setExtension(OAuth2TestUtils.clientHTTPConduitConfigurer(), HTTPConduitConfigurer.class);
+
assertTrue("server did not launch correctly",
- launchServer(BookServerOAuth2FiltersJwt.class, true));
+ launchServer(BookServerOAuth2FiltersJwt.class));
assertTrue("server did not launch correctly",
- launchServer(BookServerOAuth2ServiceJwt.class, true));
+ launchServer(BookServerOAuth2ServiceJwt.class));
}
@org.junit.Test
public void testServiceWithJwtToken() throws Exception {
@@ -74,13 +79,9 @@ public class OAuth2JwtFiltersTest extends AbstractBusClientServerTestBase {
doTestServiceWithJwtTokenAndScope(oauthServiceAddress, rsAddress);
}
private void doTestServiceWithJwtTokenAndScope(String oauthService, String rsAddress) throws Exception {
- URL busFile = OAuth2JwtFiltersTest.class.getResource("client.xml");
-
// Get Authorization Code
-
-
WebClient oauthClient = WebClient.create(oauthService, OAuth2TestUtils.setupProviders(),
- "alice", "security", busFile.toString());
+ "alice", "security", null);
// Save the Cookie for the second request...
WebClient.getConfig(oauthClient).getRequestContext().put(
org.apache.cxf.message.Message.MAINTAIN_SESSION, Boolean.TRUE);
@@ -89,11 +90,7 @@ public class OAuth2JwtFiltersTest extends AbstractBusClientServerTestBase {
assertNotNull(code);
// Now get the access token
- oauthClient = WebClient.create(oauthService, OAuth2TestUtils.setupProviders(),
- "consumer-id", "this-is-a-secret", busFile.toString());
- // Save the Cookie for the second request...
- WebClient.getConfig(oauthClient).getRequestContext().put(
- org.apache.cxf.message.Message.MAINTAIN_SESSION, Boolean.TRUE);
+ oauthClient = WebClient.create(oauthService, "consumer-id", "this-is-a-secret", null);
ClientAccessToken accessToken =
OAuth2TestUtils.getAccessTokenWithAuthorizationCode(oauthClient, code);
@@ -107,9 +104,8 @@ public class OAuth2JwtFiltersTest extends AbstractBusClientServerTestBase {
assertEquals("consumer-id", claims.getStringProperty(OAuthConstants.CLIENT_ID));
assertEquals("alice", claims.getStringProperty("username"));
// Now invoke on the service with the access token
- WebClient client = WebClient.create(rsAddress, OAuth2TestUtils.setupProviders(),
- busFile.toString());
- client.header("Authorization", "Bearer " + accessToken.getTokenKey());
+ WebClient client = WebClient.create(rsAddress, OAuth2TestUtils.setupProviders())
+ .authorization(new ClientAccessToken(BEARER_AUTHORIZATION_SCHEME, accessToken.getTokenKey()));
Response response = client.type("application/xml").post(new Book("book", 123L));
assertEquals(200, response.getStatus());
@@ -121,14 +117,28 @@ public class OAuth2JwtFiltersTest extends AbstractBusClientServerTestBase {
@org.junit.Test
public void testServiceLocalValidationWithNoToken() throws Exception {
- URL busFile = OAuth2FiltersTest.class.getResource("client.xml");
-
// Now invoke on the service with the faked access token
String address = "https://localhost:" + PORT + "/securedLocalValidation/bookstore/books";
- WebClient client = WebClient.create(address, OAuth2TestUtils.setupProviders(),
- busFile.toString());
+ WebClient client = WebClient.create(address, OAuth2TestUtils.setupProviders());
Response response = client.post(new Book("book", 123L));
assertNotEquals(response.getStatus(), 200);
}
+
+ //
+ // Server implementations
+ //
+ public static class BookServerOAuth2FiltersJwt extends AbstractBusTestServerBase {
+ @Override
+ protected void run() {
+ setBus(new SpringBusFactory().createBus(getClass().getResource("filters-serverJwt.xml")));
+ }
+ }
+
+ public static class BookServerOAuth2ServiceJwt extends AbstractBusTestServerBase {
+ protected void run() {
+ setBus(new SpringBusFactory().createBus(getClass().getResource("oauth20-serverJwt.xml")));
+ }
+ }
+
}
diff --git a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/filters/PartnerServer.java b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/filters/PartnerServer.java
deleted file mode 100644
index c838954..0000000
--- a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/filters/PartnerServer.java
+++ /dev/null
@@ -1,49 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-package org.apache.cxf.systest.jaxrs.security.oauth2.filters;
-
-import java.net.URL;
-
-import org.apache.cxf.Bus;
-import org.apache.cxf.BusFactory;
-import org.apache.cxf.bus.spring.SpringBusFactory;
-import org.apache.cxf.testutil.common.AbstractBusTestServerBase;
-import org.apache.cxf.testutil.common.TestUtil;
-
-public class PartnerServer extends AbstractBusTestServerBase {
-
- public static final String PORT = TestUtil.getPortNumber("jaxrs-oauth2-filters-partner");
-
- public PartnerServer() {
-
- }
-
- protected void run() {
- URL busFile = PartnerServer.class.getResource("partner-service.xml");
- Bus busLocal = new SpringBusFactory().createBus(busFile);
- BusFactory.setDefaultBus(busLocal);
- setBus(busLocal);
-
- try {
- new PartnerServer();
- } catch (Exception e) {
- e.printStackTrace();
- }
- }
-}
diff --git a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/filters/PartnerService.java b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/filters/PartnerService.java
index 7e1954b..820636c 100644
--- a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/filters/PartnerService.java
+++ b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/filters/PartnerService.java
@@ -20,19 +20,20 @@
package org.apache.cxf.systest.jaxrs.security.oauth2.filters;
-import java.net.URL;
-
import javax.ws.rs.Consumes;
import javax.ws.rs.POST;
import javax.ws.rs.Path;
import javax.ws.rs.Produces;
-import javax.ws.rs.WebApplicationException;
import javax.ws.rs.core.Context;
-import javax.ws.rs.core.Response;
+import javax.ws.rs.core.MediaType;
import org.apache.cxf.jaxrs.client.WebClient;
import org.apache.cxf.rs.security.oauth2.client.ClientTokenContext;
+import org.apache.cxf.rs.security.oauth2.common.ClientAccessToken;
import org.apache.cxf.systest.jaxrs.security.Book;
+import org.apache.cxf.systest.jaxrs.security.oauth2.filters.OAuth2FiltersTest.BookServerOAuth2Filters;
+
+import static org.apache.cxf.rs.security.oauth2.utils.OAuthConstants.BEARER_AUTHORIZATION_SCHEME;
/**
* A "Partner" service that delegates an "echoBook" call to the BookStore, first getting an OAuth token using the
@@ -44,30 +45,19 @@ public class PartnerService {
@Context
private ClientTokenContext context;
-
@POST
@Path("/books")
- @Produces("application/xml")
- @Consumes("application/xml")
+ @Produces(MediaType.APPLICATION_XML)
+ @Consumes(MediaType.APPLICATION_XML)
public Book echoBookXml(Book book) {
- URL busFile = PartnerService.class.getResource("client.xml");
-
- String address = "https://localhost:" + OAuth2FiltersTest.PORT + "/secured/bookstore/books";
- WebClient client = WebClient.create(address, busFile.toString());
-
- client.type("application/xml").accept("application/xml");
-
- client.header("Authorization", "Bearer " + context.getToken().getTokenKey());
+ String address = "https://localhost:" + BookServerOAuth2Filters.PORT + "/secured/bookstore/books";
+ WebClient client = WebClient.create(address)
+ .type(MediaType.APPLICATION_XML).accept(MediaType.APPLICATION_XML)
+ .authorization(new ClientAccessToken(BEARER_AUTHORIZATION_SCHEME, context.getToken().getTokenKey()));
// Now make a service invocation with the access token
- Response serviceResponse = client.post(book);
- if (serviceResponse.getStatus() == 200) {
- return serviceResponse.readEntity(Book.class);
- }
-
- throw new WebApplicationException(Response.Status.FORBIDDEN);
+ return client.post(book, Book.class);
}
}
-
diff --git a/systests/rs-security/src/test/resources/org/apache/cxf/systest/jaxrs/security/oauth2/filters/client.xml b/systests/rs-security/src/test/resources/org/apache/cxf/systest/jaxrs/security/oauth2/filters/client.xml
deleted file mode 100644
index fe6c5a5..0000000
--- a/systests/rs-security/src/test/resources/org/apache/cxf/systest/jaxrs/security/oauth2/filters/client.xml
+++ /dev/null
@@ -1,45 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<!--
- Licensed to the Apache Software Foundation (ASF) under one
- or more contributor license agreements. See the NOTICE file
- distributed with this work for additional information
- regarding copyright ownership. The ASF licenses this file
- to you under the Apache License, Version 2.0 (the
- "License"); you may not use this file except in compliance
- with the License. You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
- Unless required by applicable law or agreed to in writing,
- software distributed under the License is distributed on an
- "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- KIND, either express or implied. See the License for the
- specific language governing permissions and limitations
- under the License.
--->
-<beans xmlns="http://www.springframework.org/schema/beans"
- xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
- xmlns:http="http://cxf.apache.org/transports/http/configuration"
- xmlns:jaxws="http://cxf.apache.org/jaxws"
- xmlns:cxf="http://cxf.apache.org/core"
- xmlns:p="http://cxf.apache.org/policy"
- xmlns:sec="http://cxf.apache.org/configuration/security"
- xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd http://cxf.apache.org/jaxws http://cxf.apache.org/schemas/jaxws.xsd http://cxf.apache.org/transports/http/configuration http://cxf.apache.org/schemas/configuration/http-conf.xsd http://cxf.apache.org/configuration/security http://cxf.apache.org/schemas/configuration/security.xsd http://cxf.apache.org/core http://cxf.apache.org/schemas/core.xsd http://cxf.apache [...]
- <bean class="org.springframework.beans.factory.config.PropertyPlaceholderConfigurer"/>
- <cxf:bus>
- <cxf:features>
- <cxf:logging/>
- </cxf:features>
- </cxf:bus>
- <http:conduit name="https://localhost.*">
- <http:client ConnectionTimeout="3000000" ReceiveTimeout="3000000"/>
- <http:tlsClientParameters disableCNCheck="true">
- <sec:keyManagers keyPassword="password">
- <sec:keyStore type="JKS" password="password" resource="keys/Morpit.jks"/>
- </sec:keyManagers>
- <sec:trustManagers>
- <sec:keyStore type="JKS" password="password" resource="keys/Truststore.jks"/>
- </sec:trustManagers>
- </http:tlsClientParameters>
- </http:conduit>
-</beans>
\ No newline at end of file
diff --git a/systests/rs-security/src/test/resources/org/apache/cxf/systest/jaxrs/security/oauth2/filters/partner-service.xml b/systests/rs-security/src/test/resources/org/apache/cxf/systest/jaxrs/security/oauth2/filters/partner-service.xml
index 9e01c58..66d4bc9 100644
--- a/systests/rs-security/src/test/resources/org/apache/cxf/systest/jaxrs/security/oauth2/filters/partner-service.xml
+++ b/systests/rs-security/src/test/resources/org/apache/cxf/systest/jaxrs/security/oauth2/filters/partner-service.xml
@@ -83,15 +83,18 @@ under the License.
</jaxrs:providers>
</jaxrs:server>
-
- <http:conduit name="https://localhost.*">
+
+ <http:conduit name="https://localhost.*">
<http:tlsClientParameters disableCNCheck="true">
+ <sec:keyManagers keyPassword="password">
+ <sec:keyStore type="JKS" password="password" resource="keys/Morpit.jks"/>
+ </sec:keyManagers>
<sec:trustManagers>
<sec:keyStore type="JKS" password="password" resource="keys/Truststore.jks"/>
</sec:trustManagers>
</http:tlsClientParameters>
</http:conduit>
-
+
<httpj:engine-factory id="tls-config">
<httpj:engine port="${testutil.ports.jaxrs-oauth2-filters-partner}">
<httpj:tlsServerParameters>