Java Code Examples for org.opensaml.xacml.ctx.RequestType

The following examples show how to use org.opensaml.xacml.ctx.RequestType. These examples are extracted from open source projects. You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
/** {@inheritDoc} */
protected void processChildElement(XMLObject parentObject, XMLObject childObject) throws UnmarshallingException {
    XACMLAuthzDecisionQueryType xacmlauthzdecisionquery = (XACMLAuthzDecisionQueryType) parentObject;

    if (childObject instanceof RequestType) {
        xacmlauthzdecisionquery.setRequest((RequestType) childObject);
    } else if (childObject instanceof PolicyType) {
        xacmlauthzdecisionquery.getPolicies().add((PolicyType) childObject);
    } else if (childObject instanceof PolicySetType) {
        xacmlauthzdecisionquery.getPolicySets().add((PolicySetType) childObject);
    } else if (childObject instanceof ReferencedPoliciesType) {
        xacmlauthzdecisionquery.setReferencedPolicies((ReferencedPoliciesType) childObject);
    } else {
        super.processChildElement(parentObject, childObject);
    }
}
 
Example 2
Source Project: lams   Source File: RequestTypeUnmarshaller.java    License: GNU General Public License v2.0 6 votes vote down vote up
/** {@inheritDoc} */
protected void processChildElement(XMLObject parentXMLObject, XMLObject childXMLObject)
        throws UnmarshallingException {
    RequestType request = (RequestType) parentXMLObject;

    if (childXMLObject instanceof ActionType) {
        request.setAction((ActionType) childXMLObject);
    } else if (childXMLObject instanceof EnvironmentType) {
        request.setEnvironment((EnvironmentType) childXMLObject);
    } else if (childXMLObject instanceof SubjectType) {
        request.getSubjects().add((SubjectType) childXMLObject);
    } else if (childXMLObject instanceof ResourceType) {
        request.getResources().add((ResourceType) childXMLObject);
    } else {
        super.processChildElement(parentXMLObject, childXMLObject);
    }
}
 
Example 3
Source Project: cxf   Source File: PolicyDecisionPointMockImpl.java    License: Apache License 2.0 6 votes vote down vote up
private String getSubjectRole(RequestType request) {
    List<SubjectType> subjects = request.getSubjects();
    if (subjects != null) {
        for (SubjectType subject : subjects) {
            List<AttributeType> attributes = subject.getAttributes();
            if (attributes != null) {
                for (AttributeType attribute : attributes) {
                    if (XACMLConstants.SUBJECT_ROLE.equals(attribute.getAttributeId())) {
                        return attribute.getAttributeValues().get(0).getValue();
                    }
                }
            }
        }
    }
    return null;
}
 
Example 4
Source Project: cxf   Source File: RequestComponentBuilder.java    License: Apache License 2.0 6 votes vote down vote up
@SuppressWarnings("unchecked")
public static RequestType createRequestType(
    List<SubjectType> subjects,
    List<ResourceType> resources,
    ActionType action,
    EnvironmentType environment
) {
    if (requestTypeBuilder == null) {
        requestTypeBuilder = (XACMLObjectBuilder<RequestType>)
            builderFactory.getBuilder(RequestType.DEFAULT_ELEMENT_NAME);
    }
    RequestType request = requestTypeBuilder.buildObject();
    request.getSubjects().addAll(subjects);
    request.getResources().addAll(resources);
    request.setAction(action);
    request.setEnvironment(environment);

    return request;
}
 
Example 5
Source Project: cxf   Source File: DefaultXACMLRequestBuilder.java    License: Apache License 2.0 6 votes vote down vote up
/**
 * Create an XACML Request given a Principal, list of roles and Message.
 */
public RequestType createRequest(Principal principal, List<String> roles, Message message)
    throws Exception {
    CXFMessageParser messageParser = new CXFMessageParser(message);
    String issuer = messageParser.getIssuer();

    String actionToUse = messageParser.getAction(action);

    SubjectType subjectType = createSubjectType(principal, roles, issuer);
    ResourceType resourceType = createResourceType(messageParser);
    AttributeType actionAttribute = createAttribute(XACMLConstants.ACTION_ID, XACMLConstants.XS_STRING,
                                                    null, actionToUse);
    ActionType actionType = RequestComponentBuilder.createActionType(Collections.singletonList(actionAttribute));

    return RequestComponentBuilder.createRequestType(Collections.singletonList(subjectType),
                                                     Collections.singletonList(resourceType),
                                                     actionType,
                                                     createEnvironmentType());
}
 
Example 6
Source Project: cxf   Source File: DummyPDP.java    License: Apache License 2.0 6 votes vote down vote up
private String getSubjectRole(RequestType request) {
    List<SubjectType> subjects = request.getSubjects();
    if (subjects != null) {
        for (SubjectType subject : subjects) {
            List<AttributeType> attributes = subject.getAttributes();
            if (attributes != null) {
                for (AttributeType attribute : attributes) {
                    if (XACMLConstants.SUBJECT_ROLE.equals(attribute.getAttributeId())) {
                        return attribute.getAttributeValues().get(0).getValue();
                    }
                }
            }
        }
    }
    return null;
}
 
Example 7
Source Project: cxf   Source File: XACMLRequestBuilderTest.java    License: Apache License 2.0 6 votes vote down vote up
@org.junit.Test
public void testXACMLRequestBuilder() throws Exception {
    // Mock up a request
    Principal principal = new Principal() {
        public String getName() {
            return "alice";
        }
    };

    String operation = "{http://www.example.org/contract/DoubleIt}DoubleIt";
    MessageImpl msg = new MessageImpl();
    msg.put(Message.WSDL_OPERATION, QName.valueOf(operation));
    String service = "{http://www.example.org/contract/DoubleIt}DoubleItService";
    msg.put(Message.WSDL_SERVICE, QName.valueOf(service));
    String resourceURL = "https://localhost:8080/doubleit";
    msg.put(Message.REQUEST_URI, resourceURL);

    XACMLRequestBuilder builder = new DefaultXACMLRequestBuilder();
    RequestType request =
        builder.createRequest(principal, Collections.singletonList("manager"), msg);
    assertNotNull(request);
}
 
Example 8
/** {@inheritDoc} */
protected void processChildElement(XMLObject parentObject, XMLObject childObject) throws UnmarshallingException {
    XACMLPolicyQueryType xacmlpolicyquery = (XACMLPolicyQueryType) parentObject;

    if (childObject instanceof RequestType) {
        xacmlpolicyquery.getRequests().add((RequestType) childObject);
    } else if (childObject.getElementQName().equals(IdReferenceType.POLICY_ID_REFERENCE_ELEMENT_NAME)) {
        xacmlpolicyquery.getPolicyIdReferences().add((IdReferenceType) childObject);
    } else if (childObject.getElementQName().equals(IdReferenceType.POLICY_SET_ID_REFERENCE_ELEMENT_NAME)) {
        xacmlpolicyquery.getPolicySetIdReferences().add((IdReferenceType) childObject);
    } else {
        super.processChildElement(parentObject, childObject);
    }
}
 
Example 9
/** {@inheritDoc} */
protected void processChildElement(XMLObject parentObject, XMLObject childObject) throws UnmarshallingException {
    XACMLAuthzDecisionStatementType xacmlauthzdecisionstatement = (XACMLAuthzDecisionStatementType) parentObject;

    if (childObject instanceof RequestType) {
        xacmlauthzdecisionstatement.setRequest((RequestType) childObject);
    } else if (childObject instanceof ResponseType) {
        xacmlauthzdecisionstatement.setResponse((ResponseType) childObject);
    } else {
        super.processChildElement(parentObject, childObject);
    }
}
 
Example 10
Source Project: cxf   Source File: SamlRequestComponentBuilder.java    License: Apache License 2.0 5 votes vote down vote up
/**
 * Create an AuthzDecisionQuery using the defaults
 */
public static XACMLAuthzDecisionQueryType createAuthzDecisionQuery(
    String issuerValue,
    RequestType request,
    String namespace
) {
    return createAuthzDecisionQuery(false, false, issuerValue, request, namespace);
}
 
Example 11
Source Project: cxf   Source File: SamlRequestComponentBuilder.java    License: Apache License 2.0 5 votes vote down vote up
@SuppressWarnings("unchecked")
public static XACMLAuthzDecisionQueryType createAuthzDecisionQuery(
    boolean inputContextOnly,
    boolean returnContext,
    String issuerValue,
    RequestType request,
    String namespace
) {
    if (xacmlAuthzDecisionQueryTypeBuilder == null) {
        xacmlAuthzDecisionQueryTypeBuilder = (XACMLObjectBuilder<XACMLAuthzDecisionQueryType>)
            builderFactory.getBuilder(XACMLAuthzDecisionQueryType.DEFAULT_ELEMENT_NAME_XACML20);
    }
    XACMLAuthzDecisionQueryType authzQuery =
        xacmlAuthzDecisionQueryTypeBuilder.buildObject(
            namespace,
            XACMLAuthzDecisionQueryType.DEFAULT_ELEMENT_LOCAL_NAME,
            SAMLProfileConstants.SAML20XACMLPROTOCOL_PREFIX
        );
    authzQuery.setID("_" + UUID.randomUUID().toString());
    authzQuery.setVersion(SAMLVersion.VERSION_20);
    authzQuery.setIssueInstant(new DateTime());
    authzQuery.setInputContextOnly(Boolean.valueOf(inputContextOnly));
    authzQuery.setReturnContext(Boolean.valueOf(returnContext));

    if (issuerValue != null) {
        Issuer issuer = createIssuer(issuerValue);
        authzQuery.setIssuer(issuer);
    }

    authzQuery.setRequest(request);

    return authzQuery;
}
 
Example 12
Source Project: cxf   Source File: AbstractXACMLAuthorizingInterceptor.java    License: Apache License 2.0 5 votes vote down vote up
/**
 * Perform a (remote) authorization decision and return a boolean depending on the result
 */
protected boolean authorize(
    Principal principal, List<String> roles, Message message
) throws Exception {
    RequestType request = requestBuilder.createRequest(principal, roles, message);
    if (LOG.isLoggable(Level.FINE)) {
        Document doc = DOMUtils.createDocument();
        Element requestElement = OpenSAMLUtil.toDom(request, doc);
        LOG.log(Level.FINE, DOM2Writer.nodeToString(requestElement));
    }

    ResponseType response = performRequest(request, message);

    List<ResultType> results = response.getResults();

    if (results == null) {
        return false;
    }

    for (ResultType result : results) {
        // Handle any Obligations returned by the PDP
        handleObligations(request, principal, message, result);

        DECISION decision = result.getDecision() != null ? result.getDecision().getDecision() : DECISION.Deny;
        String code = "";
        String statusMessage = "";
        if (result.getStatus() != null) {
            StatusType status = result.getStatus();
            code = status.getStatusCode() != null ? status.getStatusCode().getValue() : "";
            statusMessage = status.getStatusMessage() != null ? status.getStatusMessage().getValue() : "";
        }
        if (LOG.isLoggable(Level.FINE)) {
            LOG.fine("XACML authorization result: " + decision + ", code: " + code + ", message: " + statusMessage);
        }
        return decision == DECISION.Permit;
    }

    return false;
}
 
Example 13
Source Project: cxf   Source File: AbstractXACMLAuthorizingInterceptor.java    License: Apache License 2.0 5 votes vote down vote up
/**
 * Handle any Obligations returned by the PDP
 */
protected void handleObligations(
    RequestType request,
    Principal principal,
    Message message,
    ResultType result
) throws Exception {
    // Do nothing by default
}
 
Example 14
Source Project: cxf   Source File: XACMLRequestBuilderTest.java    License: Apache License 2.0 5 votes vote down vote up
@org.junit.Test
public void testAction() throws Exception {
    // Mock up a request
    Principal principal = new Principal() {
        public String getName() {
            return "alice";
        }
    };

    String operation = "{http://www.example.org/contract/DoubleIt}DoubleIt";
    MessageImpl msg = new MessageImpl();
    msg.put(Message.WSDL_OPERATION, QName.valueOf(operation));
    String service = "{http://www.example.org/contract/DoubleIt}DoubleItService";
    msg.put(Message.WSDL_SERVICE, QName.valueOf(service));
    String resourceURL = "https://localhost:8080/doubleit";
    msg.put(Message.REQUEST_URI, resourceURL);

    DefaultXACMLRequestBuilder builder = new DefaultXACMLRequestBuilder();
    RequestType request =
        builder.createRequest(principal, Collections.singletonList("manager"), msg);
    assertNotNull(request);

    String action =
        request.getAction().getAttributes().get(0).getAttributeValues().get(0).getValue();
    assertEquals("execute", action);

    builder.setAction("write");
    request = builder.createRequest(principal, Collections.singletonList("manager"), msg);
    assertNotNull(request);

    action =
        request.getAction().getAttributes().get(0).getAttributeValues().get(0).getValue();
    assertEquals("write", action);
}
 
Example 15
Source Project: cxf   Source File: XACMLRequestBuilderTest.java    License: Apache License 2.0 5 votes vote down vote up
@org.junit.Test
public void testEnvironment() throws Exception {
    // Mock up a request
    Principal principal = new Principal() {
        public String getName() {
            return "alice";
        }
    };

    String operation = "{http://www.example.org/contract/DoubleIt}DoubleIt";
    MessageImpl msg = new MessageImpl();
    msg.put(Message.WSDL_OPERATION, QName.valueOf(operation));
    String service = "{http://www.example.org/contract/DoubleIt}DoubleItService";
    msg.put(Message.WSDL_SERVICE, QName.valueOf(service));
    String resourceURL = "https://localhost:8080/doubleit";
    msg.put(Message.REQUEST_URL, resourceURL);

    XACMLRequestBuilder builder = new DefaultXACMLRequestBuilder();
    RequestType request =
        builder.createRequest(principal, Collections.singletonList("manager"), msg);
    assertNotNull(request);
    assertFalse(request.getEnvironment().getAttributes().isEmpty());

    ((DefaultXACMLRequestBuilder)builder).setSendDateTime(false);
    request = builder.createRequest(principal, Collections.singletonList("manager"), msg);
    assertNotNull(request);
    assertTrue(request.getEnvironment().getAttributes().isEmpty());
}
 
Example 16
Source Project: cxf   Source File: XACMLRequestBuilderTest.java    License: Apache License 2.0 5 votes vote down vote up
@org.junit.Test
public void testRESTResource() throws Exception {
    // Mock up a request
    Principal principal = new Principal() {
        public String getName() {
            return "alice";
        }
    };

    MessageImpl msg = new MessageImpl();
    String resourceURL = "https://localhost:8080/doubleit";
    msg.put(Message.REQUEST_URL, resourceURL);

    XACMLRequestBuilder builder = new DefaultXACMLRequestBuilder();
    RequestType request =
        builder.createRequest(principal, Collections.singletonList("manager"), msg);
    assertNotNull(request);

    List<ResourceType> resources = request.getResources();
    assertNotNull(resources);
    assertEquals(1, resources.size());

    ResourceType resource = resources.get(0);
    assertEquals(1, resource.getAttributes().size());

    for (AttributeType attribute : resource.getAttributes()) {
        String attributeValue = attribute.getAttributeValues().get(0).getValue();
        assertEquals(attributeValue, resourceURL);
    }
}
 
Example 17
Source Project: cxf   Source File: XACMLRequestBuilderTest.java    License: Apache License 2.0 5 votes vote down vote up
@org.junit.Test
public void testRESTResourceTruncatedURI() throws Exception {
    // Mock up a request
    Principal principal = new Principal() {
        public String getName() {
            return "alice";
        }
    };

    MessageImpl msg = new MessageImpl();
    String resourceURL = "https://localhost:8080/doubleit";
    msg.put(Message.REQUEST_URL, resourceURL);
    String resourceURI = "/doubleit";
    msg.put(Message.REQUEST_URI, resourceURI);

    XACMLRequestBuilder builder = new DefaultXACMLRequestBuilder();
    ((DefaultXACMLRequestBuilder)builder).setSendFullRequestURL(false);
    RequestType request =
        builder.createRequest(principal, Collections.singletonList("manager"), msg);
    assertNotNull(request);

    List<ResourceType> resources = request.getResources();
    assertNotNull(resources);
    assertEquals(1, resources.size());

    ResourceType resource = resources.get(0);
    assertEquals(1, resource.getAttributes().size());

    for (AttributeType attribute : resource.getAttributes()) {
        String attributeValue = attribute.getAttributeValues().get(0).getValue();
        assertEquals(attributeValue, resourceURI);
    }
}
 
Example 18
/** {@inheritDoc} */
public RequestType getRequest() {
    return request;
}
 
Example 19
/** {@inheritDoc} */
public void setRequest(RequestType request) {
    this.request = prepareForAssignment(this.request, request);
}
 
Example 20
/** {@inheritDoc} */
public List<RequestType> getRequests() {
    return (List<RequestType>) choiceGroup.subList(RequestType.DEFAULT_ELEMENT_NAME);
}
 
Example 21
/** {@inheritDoc} */
public RequestType getRequest() {
    return request;
}
 
Example 22
/** {@inheritDoc} */
public void setRequest(RequestType request) {
    this.request = prepareForAssignment(this.request, request);
}
 
Example 23
Source Project: lams   Source File: RequestTypeImplBuilder.java    License: GNU General Public License v2.0 4 votes vote down vote up
/** {@inheritDoc} */
public RequestType buildObject() {
    return buildObject(RequestType.DEFAULT_ELEMENT_NAME);
}
 
Example 24
Source Project: lams   Source File: RequestTypeImplBuilder.java    License: GNU General Public License v2.0 4 votes vote down vote up
/** {@inheritDoc} */
public RequestType buildObject(String namespaceURI, String localName, String namespacePrefix) {
    return new RequestTypeImpl(namespaceURI, localName, namespacePrefix);
}
 
Example 25
Source Project: cxf   Source File: PolicyDecisionPointMockImpl.java    License: Apache License 2.0 4 votes vote down vote up
@Override
public ResponseType evaluate(RequestType requestType) {

    XMLObjectBuilderFactory builderFactory =
        XMLObjectProviderRegistrySupport.getBuilderFactory();

    @SuppressWarnings("unchecked")
    XACMLObjectBuilder<ResponseType> responseTypeBuilder =
        (XACMLObjectBuilder<ResponseType>)
        builderFactory.getBuilder(ResponseType.DEFAULT_ELEMENT_NAME);

    @SuppressWarnings("unchecked")
    XACMLObjectBuilder<ResultType> resultTypeBuilder =
        (XACMLObjectBuilder<ResultType>)
        builderFactory.getBuilder(ResultType.DEFAULT_ELEMENT_NAME);

    @SuppressWarnings("unchecked")
    XACMLObjectBuilder<DecisionType> decisionTypeBuilder =
        (XACMLObjectBuilder<DecisionType>)
        builderFactory.getBuilder(DecisionType.DEFAULT_ELEMENT_NAME);

    @SuppressWarnings("unchecked")
    XACMLObjectBuilder<StatusType> statusTypeBuilder =
        (XACMLObjectBuilder<StatusType>)
        builderFactory.getBuilder(StatusType.DEFAULT_ELEMENT_NAME);

    @SuppressWarnings("unchecked")
    XACMLObjectBuilder<StatusCodeType> statusCodeTypeBuilder =
        (XACMLObjectBuilder<StatusCodeType>)
        builderFactory.getBuilder(StatusCodeType.DEFAULT_ELEMENT_NAME);

    DecisionType decisionType = decisionTypeBuilder.buildObject();

    String role = getSubjectRole(requestType);
    if ("manager".equals(role)) {
        decisionType.setDecision(DecisionType.DECISION.Permit);
    } else {
        decisionType.setDecision(DecisionType.DECISION.Deny);
    }

    ResultType result = resultTypeBuilder.buildObject();
    result.setDecision(decisionType);

    StatusType status = statusTypeBuilder.buildObject();
    StatusCodeType statusCode = statusCodeTypeBuilder.buildObject();
    statusCode.setValue("urn:oasis:names:tc:xacml:1.0:status:ok");
    status.setStatusCode(statusCode);
    result.setStatus(status);

    ResponseType response = responseTypeBuilder.buildObject();
    response.getResults().add(result);

    return response;
}
 
Example 26
Source Project: cxf   Source File: XACMLAuthorizingInterceptor.java    License: Apache License 2.0 4 votes vote down vote up
@Override
protected ResponseType performRequest(RequestType request, Message message) throws Exception {
    return this.pdp.evaluate(request);
}
 
Example 27
Source Project: cxf   Source File: DummyPDP.java    License: Apache License 2.0 4 votes vote down vote up
public ResponseType evaluate(RequestType request) {
    String role = getSubjectRole(request);
    DECISION decision = "manager".equals(role) ? DecisionType.DECISION.Permit : DecisionType.DECISION.Deny;
    return createResponse(decision);
}
 
Example 28
Source Project: cxf   Source File: RequestComponentBuilderTest.java    License: Apache License 2.0 4 votes vote down vote up
@org.junit.Test
public void testCreateXACMLRequest() throws Exception {
    Document doc = docBuilder.newDocument();

    // Subject
    AttributeValueType subjectIdAttributeValue =
        RequestComponentBuilder.createAttributeValueType(
                "[email protected]"
        );
    AttributeType subjectIdAttribute =
        RequestComponentBuilder.createAttributeType(
                XACMLConstants.SUBJECT_ID,
                XACMLConstants.RFC_822_NAME,
                null,
                Collections.singletonList(subjectIdAttributeValue)
        );

    AttributeValueType subjectGroupAttributeValue =
        RequestComponentBuilder.createAttributeValueType(
                "manager"
        );
    AttributeType subjectGroupAttribute =
        RequestComponentBuilder.createAttributeType(
                XACMLConstants.SUBJECT_ROLE,
                XACMLConstants.XS_ANY_URI,
                "[email protected]",
                Collections.singletonList(subjectGroupAttributeValue)
        );
    List<AttributeType> attributes = new ArrayList<>();
    attributes.add(subjectIdAttribute);
    attributes.add(subjectGroupAttribute);
    SubjectType subject = RequestComponentBuilder.createSubjectType(attributes, null);

    // Resource
    AttributeValueType resourceAttributeValue =
        RequestComponentBuilder.createAttributeValueType(
                "{http://www.example.org/contract/DoubleIt}DoubleIt"
        );
    AttributeType resourceAttribute =
        RequestComponentBuilder.createAttributeType(
                XACMLConstants.RESOURCE_ID,
                XACMLConstants.XS_STRING,
                null,
                Collections.singletonList(resourceAttributeValue)
        );
    attributes.clear();
    attributes.add(resourceAttribute);
    ResourceType resource = RequestComponentBuilder.createResourceType(attributes, null);

    // Action
    AttributeValueType actionAttributeValue =
        RequestComponentBuilder.createAttributeValueType(
                "execute"
        );
    AttributeType actionAttribute =
        RequestComponentBuilder.createAttributeType(
                XACMLConstants.ACTION_ID,
                XACMLConstants.XS_STRING,
                null,
                Collections.singletonList(actionAttributeValue)
        );
    attributes.clear();
    attributes.add(actionAttribute);
    ActionType action = RequestComponentBuilder.createActionType(attributes);

    // Request
    RequestType request =
        RequestComponentBuilder.createRequestType(
                Collections.singletonList(subject),
                Collections.singletonList(resource),
                action,
                null
        );

    Element policyElement = OpenSAMLUtil.toDom(request, doc);
    // String outputString = DOM2Writer.nodeToString(policyElement);
    assertNotNull(policyElement);
}
 
Example 29
Source Project: cxf   Source File: RequestComponentBuilderTest.java    License: Apache License 2.0 4 votes vote down vote up
@org.junit.Test
public void testEnvironment() throws Exception {
    Document doc = docBuilder.newDocument();

    // Subject
    AttributeValueType subjectIdAttributeValue =
        RequestComponentBuilder.createAttributeValueType(
                "[email protected]"
        );
    AttributeType subjectIdAttribute =
        RequestComponentBuilder.createAttributeType(
                XACMLConstants.SUBJECT_ID,
                XACMLConstants.RFC_822_NAME,
                null,
                Collections.singletonList(subjectIdAttributeValue)
        );

    List<AttributeType> attributes = new ArrayList<>();
    attributes.add(subjectIdAttribute);
    SubjectType subject = RequestComponentBuilder.createSubjectType(attributes, null);

    // Resource
    AttributeValueType resourceAttributeValue =
        RequestComponentBuilder.createAttributeValueType(
                "{http://www.example.org/contract/DoubleIt}DoubleIt"
        );
    AttributeType resourceAttribute =
        RequestComponentBuilder.createAttributeType(
                XACMLConstants.RESOURCE_ID,
                XACMLConstants.XS_STRING,
                null,
                Collections.singletonList(resourceAttributeValue)
        );
    attributes.clear();
    attributes.add(resourceAttribute);
    ResourceType resource = RequestComponentBuilder.createResourceType(attributes, null);

    // Action
    AttributeValueType actionAttributeValue =
        RequestComponentBuilder.createAttributeValueType(
                "execute"
        );
    AttributeType actionAttribute =
        RequestComponentBuilder.createAttributeType(
                XACMLConstants.ACTION_ID,
                XACMLConstants.XS_STRING,
                null,
                Collections.singletonList(actionAttributeValue)
        );
    attributes.clear();
    attributes.add(actionAttribute);
    ActionType action = RequestComponentBuilder.createActionType(attributes);

    // Environment
    DateTime dateTime = new DateTime();
    AttributeValueType environmentAttributeValue =
        RequestComponentBuilder.createAttributeValueType(dateTime.toString());
    AttributeType environmentAttribute =
        RequestComponentBuilder.createAttributeType(
                XACMLConstants.CURRENT_DATETIME,
                XACMLConstants.XS_DATETIME,
                null,
                Collections.singletonList(environmentAttributeValue)
        );
    attributes.clear();
    attributes.add(environmentAttribute);
    EnvironmentType environmentType =
         RequestComponentBuilder.createEnvironmentType(attributes);

    // Request
    RequestType request =
        RequestComponentBuilder.createRequestType(
                Collections.singletonList(subject),
                Collections.singletonList(resource),
                action,
                environmentType
        );

    Element policyElement = OpenSAMLUtil.toDom(request, doc);
    // String outputString = DOM2Writer.nodeToString(policyElement);
    assertNotNull(policyElement);
}
 
Example 30
Source Project: cxf   Source File: XACMLRequestBuilderTest.java    License: Apache License 2.0 4 votes vote down vote up
@org.junit.Test
public void testSOAPResource() throws Exception {
    // Mock up a request
    Principal principal = new Principal() {
        public String getName() {
            return "alice";
        }
    };

    String operation = "{http://www.example.org/contract/DoubleIt}DoubleIt";
    MessageImpl msg = new MessageImpl();
    msg.put(Message.WSDL_OPERATION, QName.valueOf(operation));
    String service = "{http://www.example.org/contract/DoubleIt}DoubleItService";
    msg.put(Message.WSDL_SERVICE, QName.valueOf(service));
    String resourceURL = "https://localhost:8080/doubleit";
    msg.put(Message.REQUEST_URL, resourceURL);

    XACMLRequestBuilder builder = new DefaultXACMLRequestBuilder();
    RequestType request =
        builder.createRequest(principal, Collections.singletonList("manager"), msg);
    assertNotNull(request);

    List<ResourceType> resources = request.getResources();
    assertNotNull(resources);
    assertEquals(1, resources.size());

    ResourceType resource = resources.get(0);
    assertEquals(4, resource.getAttributes().size());

    boolean resourceIdSatisfied = false;
    boolean soapServiceSatisfied = false;
    boolean soapOperationSatisfied = false;
    boolean resourceURISatisfied = false;
    for (AttributeType attribute : resource.getAttributes()) {
        String attributeValue = attribute.getAttributeValues().get(0).getValue();
        if (XACMLConstants.RESOURCE_ID.equals(attribute.getAttributeId())
            && "{http://www.example.org/contract/DoubleIt}DoubleItService#DoubleIt".equals(
                attributeValue)) {
            resourceIdSatisfied = true;
        } else if (XACMLConstants.RESOURCE_WSDL_SERVICE_ID.equals(attribute.getAttributeId())
            && service.equals(attributeValue)) {
            soapServiceSatisfied = true;
        } else if (XACMLConstants.RESOURCE_WSDL_OPERATION_ID.equals(attribute.getAttributeId())
            && operation.equals(attributeValue)) {
            soapOperationSatisfied = true;
        } else if (XACMLConstants.RESOURCE_WSDL_ENDPOINT.equals(attribute.getAttributeId())
            && resourceURL.equals(attributeValue)) {
            resourceURISatisfied = true;
        }
    }

    assertTrue(resourceIdSatisfied && soapServiceSatisfied && soapOperationSatisfied
               && resourceURISatisfied);
}