You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cxf.apache.org by co...@apache.org on 2017/01/27 11:22:52 UTC
[09/19] cxf-fediz git commit: FEDIZ-155 - Move .java components out
of idp webapp and into a separate JAR
http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/bf309400/services/idp-core/src/test/java/org/apache/cxf/fediz/service/idp/service/jpa/EntitlementDAOJPATest.java
----------------------------------------------------------------------
diff --git a/services/idp-core/src/test/java/org/apache/cxf/fediz/service/idp/service/jpa/EntitlementDAOJPATest.java b/services/idp-core/src/test/java/org/apache/cxf/fediz/service/idp/service/jpa/EntitlementDAOJPATest.java
new file mode 100644
index 0000000..1d63fde
--- /dev/null
+++ b/services/idp-core/src/test/java/org/apache/cxf/fediz/service/idp/service/jpa/EntitlementDAOJPATest.java
@@ -0,0 +1,115 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.cxf.fediz.service.idp.service.jpa;
+
+import java.util.List;
+
+import org.apache.cxf.fediz.service.idp.domain.Entitlement;
+import org.apache.cxf.fediz.service.idp.service.EntitlementDAO;
+
+import org.junit.BeforeClass;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.dao.DataIntegrityViolationException;
+import org.springframework.dao.EmptyResultDataAccessException;
+import org.springframework.test.context.ContextConfiguration;
+import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
+import org.springframework.util.Assert;
+
+
+@RunWith(SpringJUnit4ClassRunner.class)
+@ContextConfiguration(locations = { "classpath:testContext.xml" })
+public class EntitlementDAOJPATest {
+
+ @Autowired
+ private EntitlementDAO entitlementDAO;
+
+
+ @BeforeClass
+ public static void init() {
+ System.setProperty("spring.profiles.active", "jpa");
+ }
+
+
+ @Test
+ public void testReadAllEntitlements() {
+ List<Entitlement> entitlements = entitlementDAO.getEntitlements(0, 999);
+ Assert.isTrue(30 == entitlements.size(), "Size doesn't match");
+ }
+
+ @Test
+ public void testReadExistingEntitlement() {
+ Entitlement entitlement = entitlementDAO.getEntitlement("CLAIM_LIST");
+ Assert.isTrue("CLAIM_LIST".equals(entitlement.getName()),
+ "Entitlement name doesn't match");
+ Assert.isTrue("Description for CLAIM_LIST".equals(entitlement.getDescription()),
+ "Entitlement Description doesn't match");
+ }
+
+
+ @Test(expected = EmptyResultDataAccessException.class)
+ public void testTryReadNonexistingEntitlement() {
+ entitlementDAO.getEntitlement("CLAIM_NOT_EXIST");
+ }
+
+
+ @Test
+ public void testAddNewEntitlement() {
+ Entitlement entitlement5 = new Entitlement();
+ entitlement5.setName("GUGUS_CREATE");
+ entitlement5.setDescription("Any entitlement");
+ entitlementDAO.addEntitlement(entitlement5);
+
+ List<Entitlement> entitlements = entitlementDAO.getEntitlements(0, 999);
+ Assert.isTrue(31 == entitlements.size(), "Size doesn't match. Entitlement not added");
+ }
+
+
+ @Test(expected = DataIntegrityViolationException.class)
+ public void testTryAddExistingEntitlement() {
+ Entitlement entitlement5 = new Entitlement();
+ entitlement5.setName("CLAIM_DELETE");
+ entitlement5.setDescription("Description for CLAIM_DELETE");
+ entitlementDAO.addEntitlement(entitlement5);
+ }
+
+
+ @Test(expected = EmptyResultDataAccessException.class)
+ public void testTryRemoveUnknownEntitlement() {
+ entitlementDAO.deleteEntitlement("GUGUS_NOT_EXIST");
+ }
+
+
+ @Test(expected = EmptyResultDataAccessException.class)
+ public void testRemoveExistingEntitlement() {
+
+ Entitlement entitlement5 = new Entitlement();
+ entitlement5.setName("CLAIM_TO_DELETE");
+ entitlement5.setDescription("Description for CLAIM_TO_DELETE");
+ entitlementDAO.addEntitlement(entitlement5);
+
+ entitlementDAO.deleteEntitlement("CLAIM_TO_DELETE");
+
+ entitlementDAO.getEntitlement("CLAIM_TO_DELETE");
+ }
+
+
+}
http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/bf309400/services/idp-core/src/test/java/org/apache/cxf/fediz/service/idp/service/jpa/IdpDAOJPATest.java
----------------------------------------------------------------------
diff --git a/services/idp-core/src/test/java/org/apache/cxf/fediz/service/idp/service/jpa/IdpDAOJPATest.java b/services/idp-core/src/test/java/org/apache/cxf/fediz/service/idp/service/jpa/IdpDAOJPATest.java
new file mode 100644
index 0000000..6256371
--- /dev/null
+++ b/services/idp-core/src/test/java/org/apache/cxf/fediz/service/idp/service/jpa/IdpDAOJPATest.java
@@ -0,0 +1,653 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.cxf.fediz.service.idp.service.jpa;
+
+import java.net.MalformedURLException;
+import java.net.URI;
+import java.net.URL;
+import java.util.ArrayList;
+import java.util.Arrays;
+import java.util.HashMap;
+import java.util.List;
+import java.util.Map;
+
+import org.apache.cxf.fediz.service.idp.domain.Application;
+import org.apache.cxf.fediz.service.idp.domain.Claim;
+import org.apache.cxf.fediz.service.idp.domain.Idp;
+import org.apache.cxf.fediz.service.idp.domain.TrustedIdp;
+import org.apache.cxf.fediz.service.idp.service.IdpDAO;
+import org.apache.wss4j.dom.WSConstants;
+import org.junit.BeforeClass;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.dao.DataIntegrityViolationException;
+import org.springframework.dao.EmptyResultDataAccessException;
+import org.springframework.orm.jpa.JpaObjectRetrievalFailureException;
+import org.springframework.test.context.ContextConfiguration;
+import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
+import org.springframework.util.Assert;
+
+
+@RunWith(SpringJUnit4ClassRunner.class)
+@ContextConfiguration(locations = { "classpath:testContext.xml" })
+public class IdpDAOJPATest {
+
+ @Autowired
+ private IdpDAO idpDAO;
+
+
+ @BeforeClass
+ public static void init() {
+ System.setProperty("spring.profiles.active", "jpa");
+ }
+
+
+ @Test
+ public void testReadAllIdps() {
+ List<Idp> idps = idpDAO.getIdps(0, 999, null);
+ // Idp could have been removed, Order not given as per JUnit design
+ Assert.isTrue(0 < idps.size(), "Size doesn't match [" + idps.size() + "]");
+ }
+
+
+ @Test
+ public void testReadExistingIdpEmbeddedAll() throws MalformedURLException {
+ Idp idp = idpDAO.getIdp("urn:org:apache:cxf:fediz:idp:realm-A", Arrays.asList("all"));
+
+ Assert.isTrue("stsKeystoreA.properties".equals(idp.getCertificate()),
+ "Certificate doesn't match");
+ Assert.isTrue("realma".equals(idp.getCertificatePassword()),
+ "Certificate password doesn't match");
+ Assert.isTrue("urn:org:apache:cxf:fediz:idp:realm-A".equals(idp.getRealm()),
+ "Realm doesn't match");
+ Assert.isTrue("IDP of Realm A".equals(idp.getServiceDescription()),
+ "ServiceDescription doesn't match");
+ Assert.isTrue("REALM A".equals(idp.getServiceDisplayName()),
+ "ServiceDisplayName doesn't match");
+ Assert.isTrue(new URL("https://localhost:9443/fediz-idp/federation").equals(idp.getIdpUrl()),
+ "IdpUrl doesn't match");
+ Assert.isTrue(new URL("https://localhost:9443/fediz-idp-sts/REALMA").equals(idp.getStsUrl()),
+ "StsUrl doesn't match");
+ Assert.isTrue("realma".equals(idp.getUri()),
+ "Uri doesn't match");
+ Assert.isTrue(idp.isProvideIdpList(),
+ "ProvideIDPList doesn't match");
+ Assert.isTrue(idp.isUseCurrentIdp(),
+ "UseCurrentIDP doesn't match");
+ Assert.isTrue(4 == idp.getAuthenticationURIs().size(),
+ "Number of AuthenticationURIs doesn't match");
+ Assert.isTrue(2 == idp.getSupportedProtocols().size(),
+ "Number of SupportedProtocols doesn't match");
+ Assert.isTrue(2 == idp.getTokenTypesOffered().size(),
+ "Number of TokenTypesOffered doesn't match");
+ Assert.isTrue(2 == idp.getApplications().size(),
+ "Number of applications doesn't match");
+ Assert.isTrue(1 == idp.getTrustedIdps().size(),
+ "Number of trusted IDPs doesn't match");
+ Assert.isTrue(4 == idp.getClaimTypesOffered().size(),
+ "Number of claims doesn't match");
+ }
+
+ @Test
+ public void testReadExistingIdpEmbeddedTrustedIdps() {
+ Idp idp = idpDAO.getIdp("urn:org:apache:cxf:fediz:idp:realm-A",
+ Arrays.asList("trusted-idps"));
+
+ Assert.isTrue(1 == idp.getTrustedIdps().size(),
+ "Number of trusted IDPs doesn't match");
+ }
+
+ @Test
+ public void testReadExistingIdpEmbeddedClaims() {
+ Idp idp = idpDAO.getIdp("urn:org:apache:cxf:fediz:idp:realm-A",
+ Arrays.asList("claims"));
+
+ Assert.isTrue(4 == idp.getClaimTypesOffered().size(),
+ "Number of claims doesn't match");
+ }
+
+ @Test
+ public void testReadExistingIdpEmbeddedApplications() {
+ Idp idp = idpDAO.getIdp("urn:org:apache:cxf:fediz:idp:realm-A", Arrays.asList("applications"));
+
+ Assert.isTrue(2 == idp.getApplications().size(), "Number of applications doesn't match");
+ }
+
+ @Test
+ public void testReadExistingIdpEmbeddedNull() {
+ Idp idp = idpDAO.getIdp("urn:org:apache:cxf:fediz:idp:realm-A",
+ null);
+
+ Assert.isTrue(0 == idp.getClaimTypesOffered().size(),
+ "Number of claims doesn't match");
+ Assert.isTrue(0 == idp.getApplications().size(),
+ "Number of applications doesn't match");
+ Assert.isTrue(0 == idp.getTrustedIdps().size(),
+ "Number of trusted IDPs doesn't match");
+
+ }
+
+
+ @Test(expected = EmptyResultDataAccessException.class)
+ public void testTryReadNonexistingIdp() {
+ idpDAO.getIdp("urn:org:apache:cxf:fediz:idp:NOTEXIST", null);
+ }
+
+
+ @Test
+ public void testAddNewIdp() throws MalformedURLException {
+ Idp idp = new Idp();
+ idp.setRealm("urn:org:apache:cxf:fediz:idp:testadd");
+ idp.setCertificate("stsKeystoreA.properties");
+ idp.setCertificatePassword("realma");
+ idp.setIdpUrl(new URL("https://localhost:9443/fediz-idp/federation"));
+ idp.setStsUrl(new URL("https://localhost:9443/fediz-idp-sts/REALMN"));
+ idp.setServiceDisplayName("NEW REALM");
+ idp.setServiceDescription("IDP of New Realm");
+ idp.setUri("realmn");
+ idp.setProvideIdpList(true);
+ Map<String, String> authUris = new HashMap<>();
+ authUris.put("default", "/login/default");
+ idp.setAuthenticationURIs(authUris);
+ List<String> protocols = new ArrayList<>();
+ protocols.add("http://docs.oasis-open.org/wsfed/federation/200706");
+ protocols.add("http://docs.oasis-open.org/ws-sx/ws-trust/200512");
+ idp.setSupportedProtocols(protocols);
+ List<String> tokenTypes = new ArrayList<>();
+ tokenTypes.add(WSConstants.SAML2_NS);
+ tokenTypes.add(WSConstants.SAML_NS);
+ idp.setTokenTypesOffered(tokenTypes);
+ idp.setUseCurrentIdp(true);
+
+ idpDAO.addIdp(idp);
+
+ idp = idpDAO.getIdp("urn:org:apache:cxf:fediz:idp:testadd", null);
+
+ Assert.isTrue("stsKeystoreA.properties".equals(idp.getCertificate()),
+ "Certificate doesn't match");
+ Assert.isTrue("realma".equals(idp.getCertificatePassword()),
+ "Certificate password doesn't match");
+ Assert.isTrue("urn:org:apache:cxf:fediz:idp:testadd".equals(idp.getRealm()),
+ "Realm doesn't match");
+ Assert.isTrue("IDP of New Realm".equals(idp.getServiceDescription()),
+ "ServiceDescription doesn't match");
+ Assert.isTrue("NEW REALM".equals(idp.getServiceDisplayName()),
+ "ServiceDisplayName doesn't match");
+ Assert.isTrue(new URL("https://localhost:9443/fediz-idp/federation").equals(idp.getIdpUrl()),
+ "IdpUrl doesn't match");
+ Assert.isTrue(new URL("https://localhost:9443/fediz-idp-sts/REALMN").equals(idp.getStsUrl()),
+ "StsUrl doesn't match");
+ Assert.isTrue("realmn".equals(idp.getUri()),
+ "Uri doesn't match");
+ Assert.isTrue(idp.isProvideIdpList(),
+ "ProvideIDPList doesn't match");
+ Assert.isTrue(idp.isUseCurrentIdp(),
+ "UseCurrentIDP doesn't match");
+ Assert.isTrue(1 == idp.getAuthenticationURIs().size(),
+ "Number of AuthenticationURIs doesn't match");
+ Assert.isTrue(2 == idp.getSupportedProtocols().size(),
+ "Number of SupportedProtocols doesn't match");
+ Assert.isTrue(2 == idp.getTokenTypesOffered().size(),
+ "Number of TokenTypesOffered doesn't match");
+ Assert.isTrue(0 == idp.getApplications().size(),
+ "Number of applications doesn't match");
+ Assert.isTrue(0 == idp.getTrustedIdps().size(),
+ "Number of trusted IDPs doesn't match");
+ Assert.isTrue(0 == idp.getClaimTypesOffered().size(),
+ "Number of claims doesn't match");
+
+ }
+
+
+ @Test(expected = DataIntegrityViolationException.class)
+ public void testTryAddExistingIdp() throws MalformedURLException {
+ Idp idp = createIdp("urn:org:apache:cxf:fediz:idp:realm-A");
+ idpDAO.addIdp(idp);
+ }
+
+
+ @Test(expected = EmptyResultDataAccessException.class)
+ public void testTryRemoveUnknownIdp() {
+ idpDAO.deleteIdp("urn:org:apache:cxf:fediz:idp:NOTEXIST");
+ }
+
+
+ @Test(expected = EmptyResultDataAccessException.class)
+ public void testRemoveExistingIdp() throws MalformedURLException {
+ Idp idp = createIdp("urn:org:apache:cxf:fediz:idp:testdelete");
+
+ idpDAO.addIdp(idp);
+
+ idpDAO.deleteIdp("urn:org:apache:cxf:fediz:idp:testdelete");
+
+ idpDAO.getIdp("urn:org:apache:cxf:fediz:idp:testdelete", null);
+ }
+
+ @Test
+ public void testUpdateIdp() throws MalformedURLException {
+ String realm = "urn:org:apache:cxf:fediz:idp:testupdate";
+ //Prepare
+ Idp idp = createIdp(realm);
+ idpDAO.addIdp(idp);
+
+ //Testcase
+ idp = new Idp();
+ idp.setRealm(realm);
+ idp.setCertificate("UstsKeystoreA.properties");
+ idp.setCertificatePassword("Urealma");
+ idp.setIdpUrl(new URL("https://localhost:9443/fediz-idp/federationUU"));
+ idp.setStsUrl(new URL("https://localhost:9443/fediz-idp-sts/REALMAUU"));
+ idp.setServiceDisplayName("UNEW REALM");
+ idp.setServiceDescription("UIDP of New Realm");
+ idp.setUri("Urealmn");
+ idp.setProvideIdpList(true);
+ Map<String, String> authUris = new HashMap<>();
+ authUris.put("default", "/login/default");
+ idp.setAuthenticationURIs(authUris);
+ List<String> protocols = new ArrayList<>();
+ protocols.add("http://docs.oasis-open.org/wsfed/federation/200706");
+ idp.setSupportedProtocols(protocols);
+ List<String> tokenTypes = new ArrayList<>();
+ tokenTypes.add(WSConstants.SAML2_NS);
+ idp.setTokenTypesOffered(tokenTypes);
+ idp.setUseCurrentIdp(false);
+ idpDAO.updateIdp(realm, idp);
+
+ idp = idpDAO.getIdp(realm, null);
+
+ Assert.isTrue("UstsKeystoreA.properties".equals(idp.getCertificate()),
+ "Certificate doesn't match");
+ Assert.isTrue("Urealma".equals(idp.getCertificatePassword()),
+ "Certificate password doesn't match");
+ Assert.isTrue(realm.equals(idp.getRealm()),
+ "Realm doesn't match");
+ Assert.isTrue("UIDP of New Realm".equals(idp.getServiceDescription()),
+ "ServiceDescription doesn't match");
+ Assert.isTrue("UNEW REALM".equals(idp.getServiceDisplayName()),
+ "ServiceDisplayName doesn't match");
+ Assert.isTrue(new URL("https://localhost:9443/fediz-idp/federationUU").equals(idp.getIdpUrl()),
+ "IdpUrl doesn't match");
+ Assert.isTrue(new URL("https://localhost:9443/fediz-idp-sts/REALMAUU").equals(idp.getStsUrl()),
+ "StsUrl doesn't match");
+ Assert.isTrue("Urealmn".equals(idp.getUri()),
+ "Uri doesn't match");
+ Assert.isTrue(idp.isProvideIdpList(),
+ "ProvideIDPList doesn't match");
+ Assert.isTrue(!idp.isUseCurrentIdp(),
+ "UseCurrentIDP doesn't match");
+ Assert.isTrue(1 == idp.getAuthenticationURIs().size(),
+ "Number of AuthenticationURIs doesn't match");
+ Assert.isTrue(1 == idp.getSupportedProtocols().size(),
+ "Number of SupportedProtocols doesn't match");
+ Assert.isTrue(1 == idp.getTokenTypesOffered().size(),
+ "Number of TokenTypesOffered doesn't match");
+ Assert.isTrue(0 == idp.getApplications().size(),
+ "Number of applications doesn't match");
+ Assert.isTrue(0 == idp.getTrustedIdps().size(),
+ "Number of trusted IDPs doesn't match");
+ Assert.isTrue(0 == idp.getClaimTypesOffered().size(),
+ "Number of claims doesn't match");
+
+ }
+
+ @Test(expected = EmptyResultDataAccessException.class)
+ public void testUpdateUnknownIdp() throws MalformedURLException {
+ String realm = "urn:org:apache:cxf:fediz:idp:testupdate2";
+
+ //Prepare
+ Idp idp = createIdp(realm);
+ idpDAO.addIdp(idp);
+
+ //Testcase
+ idp = new Idp();
+ idp.setRealm(realm);
+ idp.setCertificate("UstsKeystoreA.properties");
+ idp.setCertificatePassword("Urealma");
+ idp.setIdpUrl(new URL("https://localhost:9443/fediz-idp/federationUU"));
+ idp.setStsUrl(new URL("https://localhost:9443/fediz-idp-sts/REALMNUU"));
+ idp.setServiceDisplayName("UNEW REALM");
+ idp.setServiceDescription("UIDP of New Realm");
+ idp.setUri("Urealmn");
+ idp.setProvideIdpList(true);
+ Map<String, String> authUris = new HashMap<>();
+ authUris.put("default", "/login/default");
+ idp.setAuthenticationURIs(authUris);
+ List<String> protocols = new ArrayList<>();
+ protocols.add("http://docs.oasis-open.org/wsfed/federation/200706");
+ idp.setSupportedProtocols(protocols);
+ List<String> tokenTypes = new ArrayList<>();
+ tokenTypes.add(WSConstants.SAML2_NS);
+ idp.setTokenTypesOffered(tokenTypes);
+ idp.setUseCurrentIdp(false);
+ idpDAO.updateIdp("urn:UNKNOWN", idp);
+ }
+
+ @Test
+ public void testAddClaimToIdp() throws MalformedURLException {
+ String realm = "urn:org:apache:cxf:fediz:idp:testaddclaim";
+
+ //Prepare
+ Idp idp = createIdp(realm);
+ idpDAO.addIdp(idp);
+
+ //Testcase
+ Claim claim = new Claim();
+ claim.setClaimType(URI.create("http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname"));
+
+ idpDAO.addClaimToIdp(idp, claim);
+
+ idp = idpDAO.getIdp(realm, Arrays.asList("all"));
+
+ Assert.isTrue(1 == idp.getClaimTypesOffered().size(), "claimTypesOffered size doesn't match");
+ }
+
+ @Test(expected = DataIntegrityViolationException.class)
+ public void testTryAddExistingClaimToIdp() {
+ Idp idp = new Idp();
+ idp.setRealm("urn:org:apache:cxf:fediz:idp:realm-A");
+
+ Claim claim = new Claim();
+ claim.setClaimType(URI.create("http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname"));
+
+ idpDAO.addClaimToIdp(idp, claim);
+ }
+
+ @Test(expected = EmptyResultDataAccessException.class)
+ public void testTryAddUnknownClaimToIdp() {
+ Idp idp = new Idp();
+ idp.setRealm("urn:org:apache:cxf:fediz:idp:realm-A");
+
+ Claim claim = new Claim();
+ claim.setClaimType(URI.create("http://schemas.xmlsoap.org/ws/2005/05/identity/claims/UNKOWN"));
+
+ idpDAO.addClaimToIdp(idp, claim);
+
+ }
+
+ @Test
+ public void testRemoveClaimFromIdp() throws MalformedURLException {
+ String realm = "urn:org:apache:cxf:fediz:fedizhelloworld:testremoveclaim";
+ //Prepare step
+ Idp idp = createIdp(realm);
+ idpDAO.addIdp(idp);
+
+ Claim claim = new Claim();
+ claim.setClaimType(URI.create("http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname"));
+ idpDAO.addClaimToIdp(idp, claim);
+
+ idp = idpDAO.getIdp(realm, Arrays.asList("all"));
+ Assert.isTrue(1 == idp.getClaimTypesOffered().size(),
+ "claimTypesOffered size doesn't match [" + idp.getClaimTypesOffered().size() + "]");
+
+ //Testcase
+ idpDAO.removeClaimFromIdp(idp, claim);
+ idp = idpDAO.getIdp(realm, Arrays.asList("all"));
+ Assert.isTrue(0 == idp.getClaimTypesOffered().size(),
+ "claimTypesOffered size doesn't match [" + idp.getClaimTypesOffered().size() + "]");
+ }
+
+ @Test(expected = JpaObjectRetrievalFailureException.class)
+ public void testTryRemoveNotAssignedClaimFromIdp() {
+ Idp idp = new Idp();
+ idp.setRealm("urn:org:apache:cxf:fediz:idp:realm-A");
+
+ Claim claim = new Claim();
+ claim.setClaimType(URI.create("http://schemas.xmlsoap.org/ws/2005/05/identity/claims/city"));
+
+ idpDAO.removeClaimFromIdp(idp, claim);
+ }
+
+ @Test(expected = EmptyResultDataAccessException.class)
+ public void testTryRemoveUnknownClaimFromIdp() {
+ Idp idp = new Idp();
+ idp.setRealm("urn:org:apache:cxf:fediz:idp:realm-A");
+
+ Claim claim = new Claim();
+ claim.setClaimType(URI.create("http://schemas.xmlsoap.org/ws/2005/05/identity/claims/UNKNOWN"));
+
+ idpDAO.removeClaimFromIdp(idp, claim);
+ }
+
+ @Test
+ public void testAddApplicationToIdp() throws MalformedURLException {
+ String realm = "urn:org:apache:cxf:fediz:app:testaddApplication";
+
+ //Prepare
+ Idp idp = createIdp(realm);
+ idpDAO.addIdp(idp);
+
+ //Testcase
+ //Application app = createApplication(realm);
+ Application app = new Application();
+ app.setRealm("urn:org:apache:cxf:fediz:fedizhelloworld");
+ idpDAO.addApplicationToIdp(idp, app);
+
+ idp = idpDAO.getIdp(realm, Arrays.asList("all"));
+
+ Assert.isTrue(1 == idp.getApplications().size(), "applications size doesn't match");
+ }
+
+
+ @Test(expected = DataIntegrityViolationException.class)
+ public void testTryAddExistingApplicationToIdp() {
+ Idp idp = new Idp();
+ idp.setRealm("urn:org:apache:cxf:fediz:idp:realm-A");
+
+ Application app = new Application();
+ app.setRealm("urn:org:apache:cxf:fediz:fedizhelloworld");
+
+ idpDAO.addApplicationToIdp(idp, app);
+ }
+
+ @Test(expected = EmptyResultDataAccessException.class)
+ public void testTryAddUnknownApplicationToIdp() {
+ Idp idp = new Idp();
+ idp.setRealm("urn:org:apache:cxf:fediz:idp:realm-A");
+
+ Application app = new Application();
+ app.setRealm("urn:org:apache:cxf:fediz:UNKNOWN");
+
+ idpDAO.addApplicationToIdp(idp, app);
+
+ }
+
+ @Test
+ public void testRemoveApplicationFromIdp() throws MalformedURLException {
+ String realm = "urn:org:apache:cxf:fediz:fedizhelloworld:testremoveapp";
+ //Prepare step
+ Idp idp = createIdp(realm);
+ idpDAO.addIdp(idp);
+
+ Application app = new Application();
+ app.setRealm("urn:org:apache:cxf:fediz:fedizhelloworld");
+ idpDAO.addApplicationToIdp(idp, app);
+
+ idp = idpDAO.getIdp(realm, Arrays.asList("all"));
+ Assert.isTrue(1 == idp.getApplications().size(),
+ "applications size doesn't match [" + idp.getApplications().size() + "]");
+
+ //Testcase
+ idpDAO.removeApplicationFromIdp(idp, app);
+ idp = idpDAO.getIdp(realm, Arrays.asList("all"));
+ Assert.isTrue(0 == idp.getApplications().size(),
+ "applications size doesn't match [" + idp.getApplications().size() + "]");
+ }
+
+
+ @Test(expected = JpaObjectRetrievalFailureException.class)
+ public void testTryRemoveNotAssignedApplicationFromIdp() {
+ Idp idp = new Idp();
+ idp.setRealm("urn:org:apache:cxf:fediz:idp:realm-A");
+
+ Application app = new Application();
+ app.setRealm("myrealm2");
+
+ idpDAO.removeApplicationFromIdp(idp, app);
+ }
+
+
+ @Test(expected = EmptyResultDataAccessException.class)
+ public void testTryRemoveUnknownApplicationFromIdp() {
+ Idp idp = new Idp();
+ idp.setRealm("urn:org:apache:cxf:fediz:idp:realm-A");
+
+ Application app = new Application();
+ app.setRealm("urn:org:apache:cxf:fediz:UNKNOWN");
+
+ idpDAO.removeApplicationFromIdp(idp, app);
+ }
+
+
+
+
+
+
+ @Test
+ public void testAddTrustedIdpToIdp() throws MalformedURLException {
+ String realm = "urn:org:apache:cxf:fediz:trusted-idp:testaddTrustedIdp";
+
+ //Prepare
+ Idp idp = createIdp(realm);
+ idpDAO.addIdp(idp);
+
+ //Testcase
+ //Application app = createApplication(realm);
+ TrustedIdp trustedIdp = new TrustedIdp();
+ trustedIdp.setRealm("urn:org:apache:cxf:fediz:idp:realm-B");
+ idpDAO.addTrustedIdpToIdp(idp, trustedIdp);
+
+ idp = idpDAO.getIdp(realm, Arrays.asList("all"));
+
+ Assert.isTrue(1 == idp.getTrustedIdps().size(), "applications size doesn't match");
+ }
+
+ /*
+ @Test(expected = DataIntegrityViolationException.class)
+ public void testTryAddExistingTrustedIdpToIdp() {
+ Idp idp = new Idp();
+ idp.setRealm("urn:org:apache:cxf:fediz:idp:realm-A");
+
+ TrustedIdp trustedIdp = new TrustedIdp();
+ trustedIdp.setRealm("urn:org:apache:cxf:fediz:idp:realm-B");
+
+ idpDAO.addTrustedIdpToIdp(idp, trustedIdp);
+ }
+
+ @Test(expected = NoResultException.class)
+ public void testTryAddUnknownTrustedIdpToIdp() {
+ Idp idp = new Idp();
+ idp.setRealm("urn:org:apache:cxf:fediz:idp:realm-A");
+
+ TrustedIdp trustedIdp = new TrustedIdp();
+ trustedIdp.setRealm("urn:org:apache:cxf:fediz:UNKNOWN");
+
+ idpDAO.addTrustedIdpToIdp(idp, trustedIdp);
+ }
+
+ @Test
+ public void testRemoveTrustedIdpFromIdp() {
+ String realm = "urn:org:apache:cxf:fediz:trustedidp:testremove";
+ //Prepare step
+ Idp idp = createIdp(realm);
+ idpDAO.addIdp(idp);
+
+ TrustedIdp trustedIdp = new TrustedIdp();
+ trustedIdp.setRealm("urn:org:apache:cxf:fediz:idp:realm-B");
+ idpDAO.addTrustedIdpToIdp(idp, trustedIdp);
+
+ idp = idpDAO.getIdp(realm, Arrays.asList("all"));
+ Assert.isTrue(1 == idp.getTrustedIdps().size(),
+ "trustedIdps size doesn't match [" + idp.getTrustedIdps().size() + "]");
+
+ //Testcase
+ idpDAO.removeTrustedIdpFromIdp(idp, trustedIdp);
+ idp = idpDAO.getIdp(realm, Arrays.asList("all"));
+ Assert.isTrue(0 == idp.getTrustedIdps().size(),
+ "trustedIdps size doesn't match [" + idp.getTrustedIdps().size() + "]");
+ }
+
+
+ @Test(expected = EntityNotFoundException.class)
+ public void testTryRemoveNotAssignedTrustedIdpFromIdp() {
+ Idp idp = new Idp();
+ idp.setRealm("urn:org:apache:cxf:fediz:idp:realm-A");
+
+ TrustedIdp trustedIdp = new TrustedIdp();
+ trustedIdp.setRealm("trustedidp2realm");
+
+ idpDAO.removeTrustedIdpFromIdp(idp, trustedIdp);
+ }
+
+
+ @Test(expected = NoResultException.class)
+ public void testTryRemoveUnknownTrustedIdpFromIdp() {
+ Idp idp = new Idp();
+ idp.setRealm("urn:org:apache:cxf:fediz:idp:realm-A");
+
+ TrustedIdp trustedIdp = new TrustedIdp();
+ trustedIdp.setRealm("urn:org:apache:cxf:fediz:UNKNOWN");
+
+ idpDAO.removeTrustedIdpFromIdp(idp, trustedIdp);
+ }
+ */
+
+
+ private static Idp createIdp(String realm) throws MalformedURLException {
+ Idp idp = new Idp();
+ idp.setRealm(realm);
+ idp.setCertificate("stsKeystoreA.properties");
+ idp.setCertificatePassword("realma");
+ idp.setIdpUrl(new URL("https://localhost:9443/fediz-idp/federation"));
+ idp.setStsUrl(new URL("https://localhost:9443/fediz-idp-sts/REALMA"));
+ idp.setServiceDisplayName("NEW REALM");
+ idp.setServiceDescription("IDP of New Realm");
+ idp.setUri("realma");
+ idp.setProvideIdpList(true);
+ Map<String, String> authUris = new HashMap<>();
+ authUris.put("default", "/login/default");
+ idp.setAuthenticationURIs(authUris);
+ List<String> protocols = new ArrayList<>();
+ protocols.add("http://docs.oasis-open.org/wsfed/federation/200706");
+ protocols.add("http://docs.oasis-open.org/ws-sx/ws-trust/200512");
+ idp.setSupportedProtocols(protocols);
+ List<String> tokenTypes = new ArrayList<>();
+ tokenTypes.add(WSConstants.SAML2_NS);
+ tokenTypes.add(WSConstants.SAML_NS);
+ idp.setTokenTypesOffered(tokenTypes);
+ idp.setUseCurrentIdp(true);
+ return idp;
+ }
+ /*
+ private static Application createApplication(String realm) {
+ Application application = new Application();
+ application.setRealm(realm);
+ application.setEncryptionCertificate("");
+ application.setLifeTime("3600");
+ application.setProtocol("http://docs.oasis-open.org/wsfed/federation/200706");
+ application.setRole("ApplicationServiceType");
+ application.setServiceDescription("Fedizhelloworld description");
+ application.setServiceDisplayName("Fedizhelloworld");
+ application.setTokenType("http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV2.0");
+ return application;
+ }
+ */
+
+
+}
http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/bf309400/services/idp-core/src/test/java/org/apache/cxf/fediz/service/idp/service/jpa/TestDBLoader.java
----------------------------------------------------------------------
diff --git a/services/idp-core/src/test/java/org/apache/cxf/fediz/service/idp/service/jpa/TestDBLoader.java b/services/idp-core/src/test/java/org/apache/cxf/fediz/service/idp/service/jpa/TestDBLoader.java
new file mode 100644
index 0000000..222277a
--- /dev/null
+++ b/services/idp-core/src/test/java/org/apache/cxf/fediz/service/idp/service/jpa/TestDBLoader.java
@@ -0,0 +1,93 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.cxf.fediz.service.idp.service.jpa;
+
+import javax.persistence.EntityManager;
+import javax.persistence.PersistenceContext;
+
+import org.apache.cxf.fediz.service.idp.domain.FederationType;
+import org.apache.cxf.fediz.service.idp.domain.TrustType;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.transaction.annotation.Transactional;
+
+@Transactional
+public class TestDBLoader implements DBLoader {
+
+ public static final String NAME = "UNITTESTDBLOADER";
+
+ private static final Logger LOG = LoggerFactory.getLogger(TestDBLoader.class);
+
+ private EntityManager em;
+
+ @PersistenceContext
+ public void setEntityManager(EntityManager entityManager) {
+ this.em = entityManager;
+ }
+
+ @Override
+ public String getName() {
+ return NAME;
+ }
+
+ public void load() {
+
+ try {
+ ClaimEntity claimEntity5 = new ClaimEntity();
+ claimEntity5.setClaimType("http://schemas.xmlsoap.org/ws/2005/05/identity/claims/city");
+ claimEntity5.setDisplayName("city");
+ claimEntity5.setDescription("Description for city");
+ em.persist(claimEntity5);
+
+ ApplicationEntity entity2 = new ApplicationEntity();
+ entity2.setEncryptionCertificate("my encryption cert2");
+ entity2.setLifeTime(1800);
+ entity2.setProtocol("http://docs.oasis-open.org/wsfed/federation/200706");
+ entity2.setRealm("myrealm2");
+ entity2.setRole("myrole");
+ entity2.setServiceDescription("service description2");
+ entity2.setServiceDisplayName("service displayname2");
+ entity2.setTokenType("my tokentype");
+ // must be persistet here already as the ApplicationClaimEntity requires the Application Id
+ em.persist(entity2);
+ ApplicationClaimEntity ace5 = new ApplicationClaimEntity(entity2, claimEntity5);
+ ace5.setOptional(false);
+ em.persist(ace5);
+ entity2.getRequestedClaims().add(ace5);
+ em.persist(entity2);
+
+ TrustedIdpEntity entity4 = new TrustedIdpEntity();
+ entity4.setCacheTokens(true);
+ entity4.setCertificate("trusted cert");
+ entity4.setDescription("Realm B description");
+ entity4.setFederationType(FederationType.FEDERATE_IDENTITY);
+ entity4.setName("Realm B");
+ entity4.setProtocol("http://docs.oasis-open.org/wsfed/federation/200706");
+ entity4.setRealm("trustedidp2realm");
+ entity4.setTrustType(TrustType.PEER_TRUST);
+ entity4.setUrl("https://localhost:${realmB.port}/fediz-idp-remote/federation");
+ em.persist(entity4);
+
+ em.flush();
+
+ } catch (Exception ex) {
+ LOG.warn("Failed to initialize DB with data", ex);
+ }
+ }
+}
http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/bf309400/services/idp-core/src/test/java/org/apache/cxf/fediz/service/idp/service/jpa/TrustedIdpDAOJPATest.java
----------------------------------------------------------------------
diff --git a/services/idp-core/src/test/java/org/apache/cxf/fediz/service/idp/service/jpa/TrustedIdpDAOJPATest.java b/services/idp-core/src/test/java/org/apache/cxf/fediz/service/idp/service/jpa/TrustedIdpDAOJPATest.java
new file mode 100644
index 0000000..2ebe5ba
--- /dev/null
+++ b/services/idp-core/src/test/java/org/apache/cxf/fediz/service/idp/service/jpa/TrustedIdpDAOJPATest.java
@@ -0,0 +1,202 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.cxf.fediz.service.idp.service.jpa;
+
+import java.util.List;
+
+import org.apache.cxf.fediz.service.idp.domain.FederationType;
+import org.apache.cxf.fediz.service.idp.domain.TrustType;
+import org.apache.cxf.fediz.service.idp.domain.TrustedIdp;
+import org.apache.cxf.fediz.service.idp.service.TrustedIdpDAO;
+
+import org.junit.BeforeClass;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.dao.DataIntegrityViolationException;
+import org.springframework.dao.EmptyResultDataAccessException;
+import org.springframework.test.context.ContextConfiguration;
+import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
+import org.springframework.util.Assert;
+
+
+@RunWith(SpringJUnit4ClassRunner.class)
+@ContextConfiguration(locations = { "classpath:testContext.xml" })
+public class TrustedIdpDAOJPATest {
+
+ @Autowired
+ private TrustedIdpDAO trustedIdpDAO;
+
+
+ @BeforeClass
+ public static void init() {
+ System.setProperty("spring.profiles.active", "jpa");
+ }
+
+
+ @Test
+ public void testReadAllTrustedIdps() {
+ List<TrustedIdp> trustedIdps = trustedIdpDAO.getTrustedIDPs(0, 999);
+ Assert.isTrue(2 <= trustedIdps.size(), "Size doesn't match");
+ }
+
+ @Test
+ public void testReadExistingTrustedIdp() {
+ TrustedIdp trustedIdp = trustedIdpDAO.getTrustedIDP("urn:org:apache:cxf:fediz:idp:realm-B");
+ Assert.isTrue("realmb.cert".equals(trustedIdp.getCertificate()),
+ "Certificate name doesn't match");
+ Assert.isTrue("Realm B description".equals(trustedIdp.getDescription()),
+ "Description name doesn't match");
+ Assert.isTrue(FederationType.FEDERATE_IDENTITY.equals(trustedIdp.getFederationType()),
+ "FederationType doesn't match");
+ Assert.isTrue("Realm B".equals(trustedIdp.getName()),
+ "Name doesn't match");
+ Assert.isTrue("http://docs.oasis-open.org/wsfed/federation/200706".equals(trustedIdp.getProtocol()),
+ "Protocol doesn't match");
+ Assert.isTrue("urn:org:apache:cxf:fediz:idp:realm-B".equals(trustedIdp.getRealm()),
+ "Realm doesn't match");
+ Assert.isTrue(TrustType.PEER_TRUST.equals(trustedIdp.getTrustType()),
+ "TrustType doesn't match");
+ Assert.isTrue("https://localhost:12443/fediz-idp-remote/federation".equals(trustedIdp.getUrl()),
+ "Url doesn't match");
+ Assert.isTrue(trustedIdp.isCacheTokens(), "CacheTokens doesn't match");
+ }
+
+
+ @Test(expected = EmptyResultDataAccessException.class)
+ public void testTryReadNonexistingTrustedIdp() {
+ trustedIdpDAO.getTrustedIDP("urn:org:apache:cxf:fediz:idp:NOTEXIST");
+ }
+
+
+ @Test
+ public void testAddNewTrustedIdp() {
+ String realm = "urn:org:apache:cxf:fediz:trusted-idp:testadd";
+ TrustedIdp trustedIdp = createTrustedIdp(realm);
+ trustedIdpDAO.addTrustedIDP(trustedIdp);
+
+ trustedIdp = trustedIdpDAO.getTrustedIDP(realm);
+
+ Assert.isTrue("realmb.cert".equals(trustedIdp.getCertificate()),
+ "Certificate name doesn't match");
+ Assert.isTrue("Realm B description".equals(trustedIdp.getDescription()),
+ "Description name doesn't match");
+ Assert.isTrue(FederationType.FEDERATE_IDENTITY.equals(trustedIdp.getFederationType()),
+ "FederationType doesn't match");
+ Assert.isTrue("Realm B".equals(trustedIdp.getName()),
+ "Name doesn't match");
+ Assert.isTrue("http://docs.oasis-open.org/wsfed/federation/200706".equals(trustedIdp.getProtocol()),
+ "Protocol doesn't match");
+ Assert.isTrue(realm.equals(trustedIdp.getRealm()),
+ "Realm doesn't match");
+ Assert.isTrue(TrustType.PEER_TRUST.equals(trustedIdp.getTrustType()),
+ "TrustType doesn't match");
+ Assert.isTrue("https://localhost:12443/fediz-idp-remote/federation".equals(trustedIdp.getUrl()),
+ "Url doesn't match");
+ Assert.isTrue(!trustedIdp.isCacheTokens(), "CacheTokens doesn't match");
+ }
+
+
+ @Test
+ public void testUpdateTrustedIdp() {
+ String realm = "urn:org:apache:cxf:fediz:trusted-idp:testupdate";
+ //Prepare
+ TrustedIdp trustedIdp = createTrustedIdp(realm);
+ trustedIdpDAO.addTrustedIDP(trustedIdp);
+
+ //Testcase
+ trustedIdp = new TrustedIdp();
+ trustedIdp.setRealm(realm);
+ trustedIdp.setCacheTokens(true);
+ trustedIdp.setCertificate("Utrusted cert");
+ trustedIdp.setDescription("URealm B description");
+ trustedIdp.setFederationType(FederationType.FEDERATE_CLAIMS);
+ trustedIdp.setName("URealm B");
+ trustedIdp.setProtocol("http://docs.oasis-open.org/wsfed/federation/200706");
+ trustedIdp.setTrustType(TrustType.INDIRECT_TRUST);
+ trustedIdp.setUrl("Uhttps://localhost:12443/fediz-idp-remote/federation");
+
+ trustedIdpDAO.updateTrustedIDP(realm, trustedIdp);
+
+ trustedIdp = trustedIdpDAO.getTrustedIDP(realm);
+
+ Assert.isTrue("Utrusted cert".equals(trustedIdp.getCertificate()),
+ "Certificate name doesn't match");
+ Assert.isTrue("URealm B description".equals(trustedIdp.getDescription()),
+ "Description name doesn't match");
+ Assert.isTrue(FederationType.FEDERATE_CLAIMS.equals(trustedIdp.getFederationType()),
+ "FederationType doesn't match");
+ Assert.isTrue("URealm B".equals(trustedIdp.getName()),
+ "Name doesn't match");
+ Assert.isTrue("http://docs.oasis-open.org/wsfed/federation/200706".equals(trustedIdp.getProtocol()),
+ "Protocol doesn't match");
+ Assert.isTrue(realm.equals(trustedIdp.getRealm()),
+ "Realm doesn't match");
+ Assert.isTrue(TrustType.INDIRECT_TRUST.equals(trustedIdp.getTrustType()),
+ "TrustType doesn't match");
+ Assert.isTrue("Uhttps://localhost:12443/fediz-idp-remote/federation".equals(trustedIdp.getUrl()),
+ "Url doesn't match");
+ Assert.isTrue(trustedIdp.isCacheTokens(), "CacheTokens doesn't match");
+
+ }
+
+
+ @Test(expected = DataIntegrityViolationException.class)
+ public void testTryAddExistingTrustedIdp() {
+ TrustedIdp trustedIdp = createTrustedIdp("urn:org:apache:cxf:fediz:idp:realm-B");
+ trustedIdpDAO.addTrustedIDP(trustedIdp);
+ }
+
+
+ @Test(expected = EmptyResultDataAccessException.class)
+ public void testTryRemoveUnknownTrustedIdp() {
+ trustedIdpDAO.deleteTrustedIDP("urn:org:apache:cxf:fediz:trusted-idp:NOTEXIST");
+ }
+
+
+ @Test(expected = EmptyResultDataAccessException.class)
+ public void testRemoveExistingTrustedIdp() {
+ String realm = "urn:org:apache:cxf:fediz:trusted-idp:testdelete";
+ TrustedIdp trustedIdp = createTrustedIdp(realm);
+
+ trustedIdpDAO.addTrustedIDP(trustedIdp);
+
+ trustedIdpDAO.deleteTrustedIDP(realm);
+
+ trustedIdpDAO.getTrustedIDP(realm);
+ }
+
+
+ private static TrustedIdp createTrustedIdp(String realm) {
+ TrustedIdp trustedIdp = new TrustedIdp();
+ trustedIdp.setRealm(realm);
+ trustedIdp.setCacheTokens(false);
+ trustedIdp.setCertificate("realmb.cert");
+ trustedIdp.setDescription("Realm B description");
+ trustedIdp.setFederationType(FederationType.FEDERATE_IDENTITY);
+ trustedIdp.setName("Realm B");
+ trustedIdp.setProtocol("http://docs.oasis-open.org/wsfed/federation/200706");
+ trustedIdp.setTrustType(TrustType.PEER_TRUST);
+ trustedIdp.setUrl("https://localhost:12443/fediz-idp-remote/federation");
+ return trustedIdp;
+ }
+
+
+}
http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/bf309400/services/idp-core/src/test/java/org/apache/cxf/fediz/service/idp/util/MetadataWriterTest.java
----------------------------------------------------------------------
diff --git a/services/idp-core/src/test/java/org/apache/cxf/fediz/service/idp/util/MetadataWriterTest.java b/services/idp-core/src/test/java/org/apache/cxf/fediz/service/idp/util/MetadataWriterTest.java
new file mode 100644
index 0000000..85c369b
--- /dev/null
+++ b/services/idp-core/src/test/java/org/apache/cxf/fediz/service/idp/util/MetadataWriterTest.java
@@ -0,0 +1,57 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.cxf.fediz.service.idp.util;
+
+import org.w3c.dom.Document;
+import org.apache.cxf.fediz.service.idp.domain.Idp;
+import org.apache.cxf.fediz.service.idp.metadata.IdpMetadataWriter;
+import org.apache.cxf.fediz.service.idp.service.ConfigService;
+import org.apache.wss4j.common.util.DOM2Writer;
+import org.junit.BeforeClass;
+import org.junit.Test;
+import org.springframework.context.ApplicationContext;
+import org.springframework.context.support.ClassPathXmlApplicationContext;
+import org.springframework.util.Assert;
+
+public class MetadataWriterTest {
+
+ private static ApplicationContext applicationContext;
+
+ @BeforeClass
+ public static void init() {
+ applicationContext = new ClassPathXmlApplicationContext("/idp-config.xml");
+ }
+
+ @Test
+ public void testWriteIDPMetadata() {
+ ConfigService config = (ConfigService)applicationContext.getBean("config");
+ Assert.notNull(config, "ConfigService must not be null");
+ Idp idpConfig = config.getIDP("urn:org:apache:cxf:fediz:idp:realm-A");
+ Assert.notNull(idpConfig, "IDPConfig must not be null");
+
+ IdpMetadataWriter writer = new IdpMetadataWriter();
+ Document doc = writer.getMetaData(idpConfig);
+ Assert.notNull(doc, "doc must not be null");
+
+ System.out.println(DOM2Writer.nodeToString(doc));
+
+ }
+
+}
http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/bf309400/services/idp-core/src/test/resources/entities-realma.xml
----------------------------------------------------------------------
diff --git a/services/idp-core/src/test/resources/entities-realma.xml b/services/idp-core/src/test/resources/entities-realma.xml
new file mode 100644
index 0000000..61cfa0d
--- /dev/null
+++ b/services/idp-core/src/test/resources/entities-realma.xml
@@ -0,0 +1,504 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+ Licensed to the Apache Software Foundation (ASF) under one
+ or more contributor license agreements. See the NOTICE file
+ distributed with this work for additional information
+ regarding copyright ownership. The ASF licenses this file
+ to you under the Apache License, Version 2.0 (the
+ "License"); you may not use this file except in compliance
+ with the License. You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing,
+ software distributed under the License is distributed on an
+ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ KIND, either express or implied. See the License for the
+ specific language governing permissions and limitations
+ under the License.
+-->
+<beans xmlns="http://www.springframework.org/schema/beans"
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xmlns:util="http://www.springframework.org/schema/util"
+ xsi:schemaLocation="
+ http://www.springframework.org/schema/beans
+ http://www.springframework.org/schema/beans/spring-beans-4.3.xsd
+ http://www.springframework.org/schema/util
+ http://www.springframework.org/schema/util/spring-util-4.3.xsd">
+
+ <bean id="idp-realmA" class="org.apache.cxf.fediz.service.idp.service.jpa.IdpEntity">
+ <property name="realm" value="urn:org:apache:cxf:fediz:idp:realm-A" />
+ <property name="uri" value="realma" />
+ <property name="provideIdpList" value="true" />
+ <property name="useCurrentIdp" value="true" />
+ <property name="certificate" value="stsKeystoreA.properties" />
+ <property name="certificatePassword" value="realma" />
+ <property name="stsUrl" value="https://localhost:9443/fediz-idp-sts/REALMA" />
+ <property name="idpUrl" value="https://localhost:9443/fediz-idp/federation" />
+ <property name="rpSingleSignOutConfirmation" value="true"/>
+ <property name="supportedProtocols">
+ <util:list>
+ <value>http://docs.oasis-open.org/wsfed/federation/200706</value>
+ <value>http://docs.oasis-open.org/ws-sx/ws-trust/200512</value>
+ </util:list>
+ </property>
+ <property name="tokenTypesOffered">
+ <util:list>
+ <value>urn:oasis:names:tc:SAML:1.0:assertion</value>
+ <value>urn:oasis:names:tc:SAML:2.0:assertion</value>
+ </util:list>
+ </property>
+ <property name="authenticationURIs">
+ <util:map>
+ <entry key="default"
+ value="federation/up" />
+ <entry key="http://docs.oasis-open.org/wsfed/authorization/200706/authntypes/SslAndKey"
+ value="federation/krb" />
+ <entry key="http://docs.oasis-open.org/wsfed/authorization/200706/authntypes/default"
+ value="federation/up" />
+ <entry key="http://docs.oasis-open.org/wsfed/authorization/200706/authntypes/Ssl"
+ value="federation/clientcert" />
+ </util:map>
+ </property>
+ <property name="serviceDisplayName" value="REALM A" />
+ <property name="serviceDescription" value="IDP of Realm A" />
+ <property name="applications">
+ <util:list>
+ <ref bean="srv-fedizhelloworld" />
+ <ref bean="srv-oidc" />
+ </util:list>
+ </property>
+ <property name="trustedIdps">
+ <util:list>
+ <ref bean="trusted-idp-realmB" />
+ </util:list>
+ </property>
+ <property name="claimTypesOffered">
+ <util:list>
+ <ref bean="claim_role" />
+ <ref bean="claim_surname" />
+ <ref bean="claim_givenname" />
+ <ref bean="claim_email" />
+ </util:list>
+ </property>
+ </bean>
+
+ <bean id="trusted-idp-realmB"
+ class="org.apache.cxf.fediz.service.idp.service.jpa.TrustedIdpEntity">
+ <property name="realm" value="urn:org:apache:cxf:fediz:idp:realm-B" />
+ <property name="cacheTokens" value="true" />
+ <property name="url" value="https://localhost:12443/fediz-idp-remote/federation" />
+ <property name="certificate" value="realmb.cert" />
+ <property name="trustType" value="PEER_TRUST" />
+ <property name="protocol" value="http://docs.oasis-open.org/wsfed/federation/200706" />
+ <property name="federationType" value="FEDERATE_IDENTITY" />
+ <property name="name" value="Realm B" />
+ <property name="description" value="Realm B description" />
+ </bean>
+
+ <bean id="srv-fedizhelloworld" class="org.apache.cxf.fediz.service.idp.service.jpa.ApplicationEntity">
+ <property name="realm" value="urn:org:apache:cxf:fediz:fedizhelloworld" />
+ <property name="protocol" value="http://docs.oasis-open.org/wsfed/federation/200706" />
+ <property name="serviceDisplayName" value="Fedizhelloworld" />
+ <property name="serviceDescription" value="Web Application to illustrate WS-Federation" />
+ <property name="role" value="ApplicationServiceType" />
+ <property name="tokenType" value="http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV2.0" />
+ <property name="lifeTime" value="3600" />
+ <property name="passiveRequestorEndpointConstraint" value="https://localhost:?(\d)*/.*" />
+ </bean>
+
+ <bean id="srv-oidc" class="org.apache.cxf.fediz.service.idp.service.jpa.ApplicationEntity">
+ <property name="realm" value="urn:org:apache:cxf:fediz:oidc" />
+ <property name="protocol" value="http://docs.oasis-open.org/wsfed/federation/200706" />
+ <property name="serviceDisplayName" value="OIDC Provider" />
+ <property name="serviceDescription" value="OpenID Connect Provider" />
+ <property name="role" value="ApplicationServiceType" />
+ <property name="tokenType" value="http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV2.0" />
+ <property name="lifeTime" value="3600" />
+ <property name="passiveRequestorEndpointConstraint" value="https://localhost:?(\d)*/fediz-oidc/.*" />
+ </bean>
+
+ <bean class="org.apache.cxf.fediz.service.idp.service.jpa.ApplicationClaimEntity">
+ <property name="application" ref="srv-fedizhelloworld" />
+ <property name="claim" ref="claim_role" />
+ <property name="optional" value="false" />
+ </bean>
+ <bean class="org.apache.cxf.fediz.service.idp.service.jpa.ApplicationClaimEntity">
+ <property name="application" ref="srv-fedizhelloworld" />
+ <property name="claim" ref="claim_givenname" />
+ <property name="optional" value="false" />
+ </bean>
+ <bean class="org.apache.cxf.fediz.service.idp.service.jpa.ApplicationClaimEntity">
+ <property name="application" ref="srv-fedizhelloworld" />
+ <property name="claim" ref="claim_surname" />
+ <property name="optional" value="false" />
+ </bean>
+ <bean class="org.apache.cxf.fediz.service.idp.service.jpa.ApplicationClaimEntity">
+ <property name="application" ref="srv-fedizhelloworld" />
+ <property name="claim" ref="claim_email" />
+ <property name="optional" value="false" />
+ </bean>
+
+ <bean class="org.apache.cxf.fediz.service.idp.service.jpa.ApplicationClaimEntity">
+ <property name="application" ref="srv-oidc" />
+ <property name="claim" ref="claim_role" />
+ <property name="optional" value="false" />
+ </bean>
+ <bean class="org.apache.cxf.fediz.service.idp.service.jpa.ApplicationClaimEntity">
+ <property name="application" ref="srv-oidc" />
+ <property name="claim" ref="claim_givenname" />
+ <property name="optional" value="false" />
+ </bean>
+ <bean class="org.apache.cxf.fediz.service.idp.service.jpa.ApplicationClaimEntity">
+ <property name="application" ref="srv-oidc" />
+ <property name="claim" ref="claim_surname" />
+ <property name="optional" value="false" />
+ </bean>
+ <bean class="org.apache.cxf.fediz.service.idp.service.jpa.ApplicationClaimEntity">
+ <property name="application" ref="srv-oidc" />
+ <property name="claim" ref="claim_email" />
+ <property name="optional" value="false" />
+ </bean>
+
+ <bean id="claim_role"
+ class="org.apache.cxf.fediz.service.idp.service.jpa.ClaimEntity">
+ <property name="claimType"
+ value="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/role" />
+ <property name="displayName"
+ value="role" />
+ <property name="description"
+ value="Description for role" />
+ </bean>
+ <bean id="claim_givenname"
+ class="org.apache.cxf.fediz.service.idp.service.jpa.ClaimEntity">
+ <property name="claimType"
+ value="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname" />
+ <property name="displayName"
+ value="firstname" />
+ <property name="description"
+ value="Description for firstname" />
+ </bean>
+ <bean id="claim_surname"
+ class="org.apache.cxf.fediz.service.idp.service.jpa.ClaimEntity">
+ <property name="claimType"
+ value="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname" />
+ <property name="displayName"
+ value="lastname" />
+ <property name="description"
+ value="Description for lastname" />
+ </bean>
+ <bean id="claim_email"
+ class="org.apache.cxf.fediz.service.idp.service.jpa.ClaimEntity">
+ <property name="claimType"
+ value="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress" />
+ <property name="displayName"
+ value="email" />
+ <property name="description"
+ value="Description for email" />
+ </bean>
+
+
+ <bean id="entitlement_claim_list"
+ class="org.apache.cxf.fediz.service.idp.service.jpa.EntitlementEntity">
+ <property name="name"
+ value="CLAIM_LIST" />
+ <property name="description"
+ value="Description for CLAIM_LIST" />
+ </bean>
+ <bean id="entitlement_claim_create"
+ class="org.apache.cxf.fediz.service.idp.service.jpa.EntitlementEntity">
+ <property name="name"
+ value="CLAIM_CREATE" />
+ <property name="description"
+ value="Description for CLAIM_CREATE" />
+ </bean>
+ <bean id="entitlement_claim_read"
+ class="org.apache.cxf.fediz.service.idp.service.jpa.EntitlementEntity">
+ <property name="name"
+ value="CLAIM_READ" />
+ <property name="description"
+ value="Description for CLAIM_READ" />
+ </bean>
+ <bean id="entitlement_claim_update"
+ class="org.apache.cxf.fediz.service.idp.service.jpa.EntitlementEntity">
+ <property name="name"
+ value="CLAIM_UPDATE" />
+ <property name="description"
+ value="Description for CLAIM_UPDATE" />
+ </bean>
+ <bean id="entitlement_claim_delete"
+ class="org.apache.cxf.fediz.service.idp.service.jpa.EntitlementEntity">
+ <property name="name"
+ value="CLAIM_DELETE" />
+ <property name="description"
+ value="Description for CLAIM_DELETE" />
+ </bean>
+
+ <bean id="entitlement_application_list"
+ class="org.apache.cxf.fediz.service.idp.service.jpa.EntitlementEntity">
+ <property name="name"
+ value="APPLICATION_LIST" />
+ <property name="description"
+ value="Description for APPLICATION_LIST" />
+ </bean>
+ <bean id="entitlement_application_create"
+ class="org.apache.cxf.fediz.service.idp.service.jpa.EntitlementEntity">
+ <property name="name"
+ value="APPLICATION_CREATE" />
+ <property name="description"
+ value="Description for APPLICATION_CREATE" />
+ </bean>
+ <bean id="entitlement_application_read"
+ class="org.apache.cxf.fediz.service.idp.service.jpa.EntitlementEntity">
+ <property name="name"
+ value="APPLICATION_READ" />
+ <property name="description"
+ value="Description for APPLICATION_READ" />
+ </bean>
+ <bean id="entitlement_application_update"
+ class="org.apache.cxf.fediz.service.idp.service.jpa.EntitlementEntity">
+ <property name="name"
+ value="APPLICATION_UPDATE" />
+ <property name="description"
+ value="Description for APPLICATION_UPDATE" />
+ </bean>
+ <bean id="entitlement_application_delete"
+ class="org.apache.cxf.fediz.service.idp.service.jpa.EntitlementEntity">
+ <property name="name"
+ value="APPLICATION_DELETE" />
+ <property name="description"
+ value="Description for APPLICATION_DELETE" />
+ </bean>
+
+ <bean id="entitlement_trustedidp_list"
+ class="org.apache.cxf.fediz.service.idp.service.jpa.EntitlementEntity">
+ <property name="name"
+ value="TRUSTEDIDP_LIST" />
+ <property name="description"
+ value="Description for TRUSTEDIDP_LIST" />
+ </bean>
+ <bean id="entitlement_trustedidp_create"
+ class="org.apache.cxf.fediz.service.idp.service.jpa.EntitlementEntity">
+ <property name="name"
+ value="TRUSTEDIDP_CREATE" />
+ <property name="description"
+ value="Description for TRUSTEDIDP_CREATE" />
+ </bean>
+ <bean id="entitlement_trustedidp_read"
+ class="org.apache.cxf.fediz.service.idp.service.jpa.EntitlementEntity">
+ <property name="name"
+ value="TRUSTEDIDP_READ" />
+ <property name="description"
+ value="Description for TRUSTEDIDP_READ" />
+ </bean>
+ <bean id="entitlement_trustedidp_update"
+ class="org.apache.cxf.fediz.service.idp.service.jpa.EntitlementEntity">
+ <property name="name"
+ value="TRUSTEDIDP_UPDATE" />
+ <property name="description"
+ value="Description for TRUSTEDIDP_UPDATE" />
+ </bean>
+ <bean id="entitlement_trustedidp_delete"
+ class="org.apache.cxf.fediz.service.idp.service.jpa.EntitlementEntity">
+ <property name="name"
+ value="TRUSTEDIDP_DELETE" />
+ <property name="description"
+ value="Description for TRUSTEDIDP_DELETE" />
+ </bean>
+
+ <bean id="entitlement_idp_list"
+ class="org.apache.cxf.fediz.service.idp.service.jpa.EntitlementEntity">
+ <property name="name"
+ value="IDP_LIST" />
+ <property name="description"
+ value="Description for IDP_LIST" />
+ </bean>
+ <bean id="entitlement_idp_create"
+ class="org.apache.cxf.fediz.service.idp.service.jpa.EntitlementEntity">
+ <property name="name"
+ value="IDP_CREATE" />
+ <property name="description"
+ value="Description for IDP_CREATE" />
+ </bean>
+ <bean id="entitlement_idp_read"
+ class="org.apache.cxf.fediz.service.idp.service.jpa.EntitlementEntity">
+ <property name="name"
+ value="IDP_READ" />
+ <property name="description"
+ value="Description for IDP_READ" />
+ </bean>
+ <bean id="entitlement_idp_update"
+ class="org.apache.cxf.fediz.service.idp.service.jpa.EntitlementEntity">
+ <property name="name"
+ value="IDP_UPDATE" />
+ <property name="description"
+ value="Description for IDP_UPDATE" />
+ </bean>
+ <bean id="entitlement_idp_delete"
+ class="org.apache.cxf.fediz.service.idp.service.jpa.EntitlementEntity">
+ <property name="name"
+ value="IDP_DELETE" />
+ <property name="description"
+ value="Description for IDP_DELETE" />
+ </bean>
+
+ <bean id="entitlement_role_list"
+ class="org.apache.cxf.fediz.service.idp.service.jpa.EntitlementEntity">
+ <property name="name"
+ value="ROLE_LIST" />
+ <property name="description"
+ value="Description for ROLE_LIST" />
+ </bean>
+ <bean id="entitlement_role_create"
+ class="org.apache.cxf.fediz.service.idp.service.jpa.EntitlementEntity">
+ <property name="name"
+ value="ROLE_CREATE" />
+ <property name="description"
+ value="Description for ROLE_CREATE" />
+ </bean>
+ <bean id="entitlement_role_read"
+ class="org.apache.cxf.fediz.service.idp.service.jpa.EntitlementEntity">
+ <property name="name"
+ value="ROLE_READ" />
+ <property name="description"
+ value="Description for ROLE_READ" />
+ </bean>
+ <bean id="entitlement_role_update"
+ class="org.apache.cxf.fediz.service.idp.service.jpa.EntitlementEntity">
+ <property name="name"
+ value="ROLE_UPDATE" />
+ <property name="description"
+ value="Description for ROLE_UPDATE" />
+ </bean>
+ <bean id="entitlement_role_delete"
+ class="org.apache.cxf.fediz.service.idp.service.jpa.EntitlementEntity">
+ <property name="name"
+ value="ROLE_DELETE" />
+ <property name="description"
+ value="Description for ROLE_DELETE" />
+ </bean>
+
+ <bean id="entitlement_entitlement_list"
+ class="org.apache.cxf.fediz.service.idp.service.jpa.EntitlementEntity">
+ <property name="name"
+ value="ENTITLEMENT_LIST" />
+ <property name="description"
+ value="Description for ENTITLEMENT_LIST" />
+ </bean>
+ <bean id="entitlement_entitlement_create"
+ class="org.apache.cxf.fediz.service.idp.service.jpa.EntitlementEntity">
+ <property name="name"
+ value="ENTITLEMENT_CREATE" />
+ <property name="description"
+ value="Description for ENTITLEMENT_CREATE" />
+ </bean>
+ <bean id="entitlement_entitlement_read"
+ class="org.apache.cxf.fediz.service.idp.service.jpa.EntitlementEntity">
+ <property name="name"
+ value="ENTITLEMENT_READ" />
+ <property name="description"
+ value="Description for ENTITLEMENT_READ" />
+ </bean>
+ <bean id="entitlement_entitlement_update"
+ class="org.apache.cxf.fediz.service.idp.service.jpa.EntitlementEntity">
+ <property name="name"
+ value="ENTITLEMENT_UPDATE" />
+ <property name="description"
+ value="Description for ENTITLEMENT_UPDATE" />
+ </bean>
+ <bean id="entitlement_entitlement_delete"
+ class="org.apache.cxf.fediz.service.idp.service.jpa.EntitlementEntity">
+ <property name="name"
+ value="ENTITLEMENT_DELETE" />
+ <property name="description"
+ value="Description for ENTITLEMENT_DELETE" />
+ </bean>
+
+ <bean id="role_admin"
+ class="org.apache.cxf.fediz.service.idp.service.jpa.RoleEntity">
+ <property name="name"
+ value="ADMIN" />
+ <property name="description"
+ value="This is the administrator role with full access" />
+ <property name="entitlements">
+ <util:list>
+ <ref bean="entitlement_claim_list" />
+ <ref bean="entitlement_claim_create" />
+ <ref bean="entitlement_claim_read" />
+ <ref bean="entitlement_claim_update" />
+ <ref bean="entitlement_claim_delete" />
+ <ref bean="entitlement_idp_list" />
+ <ref bean="entitlement_idp_create" />
+ <ref bean="entitlement_idp_read" />
+ <ref bean="entitlement_idp_update" />
+ <ref bean="entitlement_idp_delete" />
+ <ref bean="entitlement_trustedidp_list" />
+ <ref bean="entitlement_trustedidp_create" />
+ <ref bean="entitlement_trustedidp_read" />
+ <ref bean="entitlement_trustedidp_update" />
+ <ref bean="entitlement_trustedidp_delete" />
+ <ref bean="entitlement_application_list" />
+ <ref bean="entitlement_application_create" />
+ <ref bean="entitlement_application_read" />
+ <ref bean="entitlement_application_update" />
+ <ref bean="entitlement_application_delete" />
+ <ref bean="entitlement_role_list" />
+ <ref bean="entitlement_role_create" />
+ <ref bean="entitlement_role_read" />
+ <ref bean="entitlement_role_update" />
+ <ref bean="entitlement_role_delete" />
+ <ref bean="entitlement_entitlement_list" />
+ <ref bean="entitlement_entitlement_create" />
+ <ref bean="entitlement_entitlement_read" />
+ <ref bean="entitlement_entitlement_update" />
+ <ref bean="entitlement_entitlement_delete" />
+ </util:list>
+ </property>
+ </bean>
+ <bean id="role_user"
+ class="org.apache.cxf.fediz.service.idp.service.jpa.RoleEntity">
+ <property name="name"
+ value="USER" />
+ <property name="description"
+ value="This is the user role with read access" />
+ <property name="entitlements">
+ <util:list>
+ <ref bean="entitlement_claim_list" />
+ <ref bean="entitlement_claim_read" />
+ <ref bean="entitlement_idp_list" />
+ <ref bean="entitlement_idp_read" />
+ <ref bean="entitlement_trustedidp_list" />
+ <ref bean="entitlement_trustedidp_read" />
+ <ref bean="entitlement_application_list" />
+ <ref bean="entitlement_application_read" />
+ <ref bean="entitlement_role_list" />
+ <ref bean="entitlement_role_read" />
+ <ref bean="entitlement_entitlement_list" />
+ <ref bean="entitlement_entitlement_read" />
+ </util:list>
+ </property>
+ </bean>
+ <bean id="role_idp_login"
+ class="org.apache.cxf.fediz.service.idp.service.jpa.RoleEntity">
+ <property name="name"
+ value="IDP_LOGIN" />
+ <property name="description"
+ value="This is the IDP login role which is applied to Users during the IDP SSO" />
+ <property name="entitlements">
+ <util:list>
+ <ref bean="entitlement_claim_list" />
+ <ref bean="entitlement_claim_read" />
+ <ref bean="entitlement_idp_list" />
+ <ref bean="entitlement_idp_read" />
+ <ref bean="entitlement_trustedidp_list" />
+ <ref bean="entitlement_trustedidp_read" />
+ <ref bean="entitlement_application_list" />
+ <ref bean="entitlement_application_read" />
+ </util:list>
+ </property>
+ </bean>
+
+
+
+</beans>
+
http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/bf309400/services/idp-core/src/test/resources/idp-config.xml
----------------------------------------------------------------------
diff --git a/services/idp-core/src/test/resources/idp-config.xml b/services/idp-core/src/test/resources/idp-config.xml
new file mode 100644
index 0000000..61d0bbd
--- /dev/null
+++ b/services/idp-core/src/test/resources/idp-config.xml
@@ -0,0 +1,152 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+ Licensed to the Apache Software Foundation (ASF) under one
+ or more contributor license agreements. See the NOTICE file
+ distributed with this work for additional information
+ regarding copyright ownership. The ASF licenses this file
+ to you under the Apache License, Version 2.0 (the
+ "License"); you may not use this file except in compliance
+ with the License. You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing,
+ software distributed under the License is distributed on an
+ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ KIND, either express or implied. See the License for the
+ specific language governing permissions and limitations
+ under the License.
+-->
+<beans xmlns="http://www.springframework.org/schema/beans"
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xmlns:util="http://www.springframework.org/schema/util"
+ xmlns:http="http://cxf.apache.org/transports/http/configuration"
+ xmlns:context="http://www.springframework.org/schema/context"
+ xsi:schemaLocation="http://www.springframework.org/schema/beans
+ http://www.springframework.org/schema/beans/spring-beans-4.3.xsd
+ http://www.springframework.org/schema/context
+ http://www.springframework.org/schema/context/spring-context-4.3.xsd
+ http://www.springframework.org/schema/util
+ http://www.springframework.org/schema/util/spring-util-4.3.xsd
+ http://cxf.apache.org/transports/http/configuration
+ http://cxf.apache.org/schemas/configuration/http-conf.xsd">
+
+ <context:property-placeholder location="classpath:realm.properties" />
+
+ <bean id="config"
+ class="org.apache.cxf.fediz.service.idp.service.ConfigServiceSpring">
+ <property name="idpConfigs">
+ <util:list>
+ <ref bean="idp-realmA" />
+ </util:list>
+ </property>
+ <property name="serviceConfigs">
+ <util:list>
+ <ref bean="srv-fedizhelloworld" />
+ </util:list>
+ </property>
+ </bean>
+
+ <bean id="idp-realmA" class="org.apache.cxf.fediz.service.idp.model.IDPConfig">
+ <property name="realm" value="urn:org:apache:cxf:fediz:idp:realm-A" />
+ <property name="uri" value="realma" />
+ <!--<property name="hrds" value="" /> --> <!-- TBD, not defined, provide list if enabled -->
+ <property name="provideIdpList" value="true" />
+ <property name="useCurrentIdp" value="true" />
+ <!-- <property name="certificate" value="realma.cert" /> --> <!-- STS will sign token, IDP signs Metadata -->
+ <property name="certificate" value="stsKeystoreA.properties" />
+ <property name="certificatePassword" value="realma" />
+ <property name="stsUrl"
+ value="https://localhost:0/fediz-idp-sts/REALMA" />
+ <property name="idpUrl"
+ value="https://localhost:${realmA.port}/fediz-idp/federation" />
+ <property name="supportedProtocols">
+ <util:list>
+ <value>http://docs.oasis-open.org/wsfed/federation/200706
+ </value>
+ <value>http://docs.oasis-open.org/ws-sx/ws-trust/200512
+ </value>
+ </util:list>
+ </property>
+ <property name="services">
+ <util:map>
+ <entry key="urn:org:apache:cxf:fediz:fedizhelloworld"
+ value-ref="srv-fedizhelloworld" />
+ </util:map>
+ </property>
+ <property name="authenticationURIs">
+ <util:map>
+ <entry key="default" value="/login/default" />
+ </util:map>
+ </property>
+ <property name="trustedIdps">
+ <util:map>
+ <entry key="urn:org:apache:cxf:fediz:idp:realm-B"
+ value-ref="trusted-idp-realmB" />
+ </util:map>
+ </property>
+ <property name="serviceDisplayName" value="REALM A" />
+ <property name="serviceDescription" value="IDP of Realm A" />
+ </bean>
+
+ <bean id="trusted-idp-realmB"
+ class="org.apache.cxf.fediz.service.idp.model.TrustedIDPConfig">
+ <property name="realm" value="urn:org:apache:cxf:fediz:idp:realm-B" />
+ <property name="cacheTokens" value="true" />
+ <property name="url"
+ value="https://localhost:${realmB.port}/fediz-idp-remote/federation" />
+ <property name="certificate" value="realmb.cert" />
+ <property name="trustType" value="PEER_TRUST" /> <!-- Required for Fediz Core, Process SignInResponse -->
+ <property name="protocol"
+ value="http://docs.oasis-open.org/wsfed/federation/200706" />
+ <property name="federationType" value="FEDERATE_IDENTITY" /> <!-- Required for STS Relationship -->
+ <property name="name" value="REALM B" />
+ <property name="description" value="IDP of Realm B" />
+ <!--<property name="logo" value="true" /> -->
+ </bean>
+
+ <bean id="srv-fedizhelloworld" class="org.apache.cxf.fediz.service.idp.model.ServiceConfig">
+ <property name="realm"
+ value="urn:org:apache:cxf:fediz:fedizhelloworld" />
+ <property name="protocol"
+ value="http://docs.oasis-open.org/wsfed/federation/200706" />
+ <property name="serviceDisplayName" value="Fedizhelloworld" />
+ <property name="serviceDescription"
+ value="Web Application to illustrate WS-Federation" />
+ <property name="role" value="ApplicationServiceType" />
+ <property name="tokenType"
+ value="http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV2.0" />
+ <property name="lifeTime" value="3600" />
+ <!-- <property name="encryptionCertificate" value="" /> -->
+ <property name="requestedClaims">
+ <util:list>
+ <bean
+ class="org.apache.cxf.fediz.service.idp.model.RequestClaim">
+ <property name="claimType"
+ value="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname" />
+ <property name="optional" value="false" />
+ </bean>
+ <bean
+ class="org.apache.cxf.fediz.service.idp.model.RequestClaim">
+ <property name="claimType"
+ value="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname" />
+ <property name="optional" value="false" />
+ </bean>
+ <bean
+ class="org.apache.cxf.fediz.service.idp.model.RequestClaim">
+ <property name="claimType"
+ value="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress" />
+ <property name="optional" value="false" />
+ </bean>
+ <bean
+ class="org.apache.cxf.fediz.service.idp.model.RequestClaim">
+ <property name="claimType"
+ value="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/role" />
+ <property name="optional" value="true" />
+ </bean>
+ </util:list>
+ </property>
+ </bean>
+
+</beans>
+
http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/bf309400/services/idp-core/src/test/resources/persistence.properties
----------------------------------------------------------------------
diff --git a/services/idp-core/src/test/resources/persistence.properties b/services/idp-core/src/test/resources/persistence.properties
new file mode 100644
index 0000000..b4e0320
--- /dev/null
+++ b/services/idp-core/src/test/resources/persistence.properties
@@ -0,0 +1,14 @@
+#jpa.driverClassName=org.apache.derby.jdbc.ClientDriver
+#jpa.url=jdbc:derby://localhost:1527/Fediz
+#jpa.username=admin
+#jpa.password=admin
+#jpa.defaultData=true
+#jpa.platform=DerbyDictionary
+
+
+jpa.driverClassName=org.hsqldb.jdbcDriver
+jpa.url=jdbc:hsqldb:target/db/unit/myDB;shutdown=true
+jpa.username=sa
+jpa.password=
+jpa.defaultData=true
+jpa.platform=HSQLDictionary
http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/bf309400/services/idp-core/src/test/resources/persistenceContext.xml
----------------------------------------------------------------------
diff --git a/services/idp-core/src/test/resources/persistenceContext.xml b/services/idp-core/src/test/resources/persistenceContext.xml
new file mode 100644
index 0000000..f0b3586
--- /dev/null
+++ b/services/idp-core/src/test/resources/persistenceContext.xml
@@ -0,0 +1,107 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+ Licensed to the Apache Software Foundation (ASF) under one
+ or more contributor license agreements. See the NOTICE file
+ distributed with this work for additional information
+ regarding copyright ownership. The ASF licenses this file
+ to you under the Apache License, Version 2.0 (the
+ "License"); you may not use this file except in compliance
+ with the License. You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing,
+ software distributed under the License is distributed on an
+ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ KIND, either express or implied. See the License for the
+ specific language governing permissions and limitations
+ under the License.
+-->
+<beans profile="jpa" xmlns="http://www.springframework.org/schema/beans"
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xmlns:tx="http://www.springframework.org/schema/tx"
+ xmlns:jdbc="http://www.springframework.org/schema/jdbc"
+ xmlns:context="http://www.springframework.org/schema/context"
+ xsi:schemaLocation="http://www.springframework.org/schema/beans
+ http://www.springframework.org/schema/beans/spring-beans-4.3.xsd
+ http://www.springframework.org/schema/context
+ http://www.springframework.org/schema/context/spring-context-4.3.xsd
+ http://www.springframework.org/schema/tx
+ http://www.springframework.org/schema/tx/spring-tx.xsd
+ http://www.springframework.org/schema/jdbc
+ http://www.springframework.org/schema/jdbc/spring-jdbc-3.0.xsd"
+ default-autowire="byName">
+
+ <context:component-scan base-package="org.apache.cxf.fediz.service.idp.service" />
+ <context:component-scan base-package="org.apache.cxf.fediz.service.idp.rest" />
+
+ <bean id="entityManagerFactory"
+ class="org.springframework.orm.jpa.LocalContainerEntityManagerFactoryBean">
+ <property name="persistenceXmlLocation"
+ value="classpath*:META-INF/spring-persistence.xml" />
+ <property name="persistenceUnitName" value="fedizPersistenceUnit" />
+ <property name="dataSource" ref="dataSource" />
+ <property name="jpaVendorAdapter">
+ <bean
+ class="org.springframework.orm.jpa.vendor.OpenJpaVendorAdapter">
+ <property name="showSql" value="false" />
+ <property name="generateDdl" value="true" />
+ <property name="databasePlatform" value="org.apache.openjpa.jdbc.sql.${jpa.platform}" />
+ </bean>
+ </property>
+ <property name="jpaPropertyMap">
+ <map>
+ <entry key="javax.persistence.validation.factory" value-ref="validator" />
+ </map>
+ </property>
+ </bean>
+
+ <bean id="dataSource" class="org.springframework.jndi.JndiObjectFactoryBean">
+ <property name="jndiName" value="java:comp/env/jdbc/fedizDataSource" />
+ <property name="defaultObject" ref="localDataSource" />
+ </bean>
+
+ <bean id="localDataSource" class="org.apache.commons.dbcp2.BasicDataSource"
+ destroy-method="close">
+ <property name="driverClassName" value="${jpa.driverClassName}" />
+ <property name="url" value="${jpa.url}" />
+ <property name="username" value="${jpa.username}" />
+ <property name="password" value="${jpa.password}" />
+ </bean>
+
+ <bean id="entityManager"
+ class="org.springframework.orm.jpa.support.SharedEntityManagerBean">
+ <property name="entityManagerFactory" ref="entityManagerFactory" />
+ </bean>
+
+ <bean id="transactionManager" class="org.springframework.orm.jpa.JpaTransactionManager">
+ <property name="entityManagerFactory" ref="entityManagerFactory" />
+ </bean>
+
+ <!-- Support annotation Transactional http://docs.spring.io/spring/docs/3.1.4.RELEASE/spring-framework-reference/htmlsingle/#tx-decl-explained -->
+ <tx:annotation-driven />
+
+ <!-- Support annotation PersistenceContext http://docs.spring.io/spring/docs/3.1.4.RELEASE/spring-framework-reference/htmlsingle/#orm-jpa-straight -->
+ <bean
+ class="org.springframework.orm.jpa.support.PersistenceAnnotationBeanPostProcessor" />
+
+ <!-- Requires updates to unit testing as no JPA exceptions are returned -->
+ <bean
+ class="org.springframework.dao.annotation.PersistenceExceptionTranslationPostProcessor" />
+
+ <bean id="config"
+ class="org.apache.cxf.fediz.service.idp.service.jpa.ConfigServiceJPA">
+ <property name="idpService" ref="idpServiceImpl" />
+ </bean>
+
+ <bean id="dbLoader"
+ class="org.apache.cxf.fediz.service.idp.service.jpa.DBLoaderSpring">
+ <property name="resource" value="${db-load-config}" />
+ </bean>
+
+ <bean id="dbListener"
+ class="org.apache.cxf.fediz.service.idp.service.jpa.DBInitApplicationListener" />
+
+ <bean id="validator" class="org.springframework.validation.beanvalidation.LocalValidatorFactoryBean" />
+
+</beans>
http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/bf309400/services/idp-core/src/test/resources/realm.properties
----------------------------------------------------------------------
diff --git a/services/idp-core/src/test/resources/realm.properties b/services/idp-core/src/test/resources/realm.properties
new file mode 100644
index 0000000..9414fc0
--- /dev/null
+++ b/services/idp-core/src/test/resources/realm.properties
@@ -0,0 +1,4 @@
+realm.STS_URI=REALMA
+realmA.port=8443
+realmB.port=12443
+db-load-config=entities-realma.xml