Java Code Examples for org.apache.wss4j.common.saml.SAMLCallback#isSignAssertion()

The following examples show how to use org.apache.wss4j.common.saml.SAMLCallback#isSignAssertion() . These examples are extracted from open source projects. You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
Source Project: cxf   File: OAuth2TestUtils.java    License: Apache License 2.0 6 votes vote down vote up
public static String createToken(String audRestr, boolean saml2, boolean sign)
    throws WSSecurityException {
    SamlCallbackHandler samlCallbackHandler = new SamlCallbackHandler(sign);
    samlCallbackHandler.setAudience(audRestr);
    if (!saml2) {
        samlCallbackHandler.setSaml2(false);
        samlCallbackHandler.setConfirmationMethod(SAML1Constants.CONF_BEARER);
    }

    SAMLCallback samlCallback = new SAMLCallback();
    SAMLUtil.doSAMLCallback(samlCallbackHandler, samlCallback);

    SamlAssertionWrapper samlAssertion = new SamlAssertionWrapper(samlCallback);
    if (samlCallback.isSignAssertion()) {
        samlAssertion.signAssertion(
            samlCallback.getIssuerKeyName(),
            samlCallback.getIssuerKeyPassword(),
            samlCallback.getIssuerCrypto(),
            samlCallback.isSendKeyValue(),
            samlCallback.getCanonicalizationAlgorithm(),
            samlCallback.getSignatureAlgorithm()
        );
    }

    return samlAssertion.assertionToString();
}
 
Example 2
Source Project: cxf   File: SAMLUtils.java    License: Apache License 2.0 5 votes vote down vote up
public static SamlAssertionWrapper createAssertion(Message message,
                                               CallbackHandler handler) throws Fault {

    SAMLCallback samlCallback = new SAMLCallback();
    SAMLUtil.doSAMLCallback(handler, samlCallback);

    try {
        SamlAssertionWrapper assertion = new SamlAssertionWrapper(samlCallback);
        if (samlCallback.isSignAssertion()) {
            //--- This code will be moved to a common utility class
            Crypto crypto = new CryptoLoader().getCrypto(message,
                                      SecurityConstants.SIGNATURE_CRYPTO,
                                      SecurityConstants.SIGNATURE_PROPERTIES);

            String user =
                RSSecurityUtils.getUserName(message, crypto, SecurityConstants.SIGNATURE_USERNAME);
            if (StringUtils.isEmpty(user)) {
                return assertion;
            }

            String password =
                RSSecurityUtils.getSignaturePassword(message, user, SAMLUtils.class);

            assertion.signAssertion(user, password, crypto, false,
                                    samlCallback.getCanonicalizationAlgorithm(),
                                    samlCallback.getSignatureAlgorithm(),
                                    samlCallback.getSignatureDigestAlgorithm());
        }
        return assertion;
    } catch (Exception ex) {
        StringWriter sw = new StringWriter();
        ex.printStackTrace(new PrintWriter(sw));
        LOG.warning(sw.toString());
        throw new Fault(new RuntimeException(ex.getMessage() + ", stacktrace: " + sw.toString()));
    }

}
 
Example 3
Source Project: cxf   File: JAXRSOAuth2Test.java    License: Apache License 2.0 4 votes vote down vote up
@Test
public void testSAMLBadSubjectName() throws Exception {
    String address = "https://localhost:" + port + "/oauth2-auth/token";
    WebClient wc = createWebClient(address);

    String audienceURI = "https://localhost:" + port + "/oauth2-auth/token";

    // Create the SAML Assertion
    SamlCallbackHandler samlCallbackHandler = new SamlCallbackHandler(true);
    samlCallbackHandler.setSubjectName("bob");
    samlCallbackHandler.setAudience(audienceURI);

    SAMLCallback samlCallback = new SAMLCallback();
    SAMLUtil.doSAMLCallback(samlCallbackHandler, samlCallback);

    SamlAssertionWrapper samlAssertion = new SamlAssertionWrapper(samlCallback);
    if (samlCallback.isSignAssertion()) {
        samlAssertion.signAssertion(
            samlCallback.getIssuerKeyName(),
            samlCallback.getIssuerKeyPassword(),
            samlCallback.getIssuerCrypto(),
            samlCallback.isSendKeyValue(),
            samlCallback.getCanonicalizationAlgorithm(),
            samlCallback.getSignatureAlgorithm()
        );
    }

    String assertion = samlAssertion.assertionToString();

    String encodedAssertion = Base64UrlUtility.encode(assertion);

    Map<String, String> extraParams = new HashMap<>();
    extraParams.put(Constants.CLIENT_AUTH_ASSERTION_TYPE, Constants.CLIENT_AUTH_SAML2_BEARER);
    extraParams.put(Constants.CLIENT_AUTH_ASSERTION_PARAM, encodedAssertion);

    try {
        OAuthClientUtils.getAccessToken(wc, new CustomGrant(), extraParams);
        fail("Failure expected on a bad subject name");
    } catch (OAuthServiceException ex) {
        // expected
    }
}
 
Example 4
Source Project: cxf   File: JAXRSOAuth2Test.java    License: Apache License 2.0 4 votes vote down vote up
@Test
public void testSAMLHolderOfKey() throws Exception {
    String address = "https://localhost:" + port + "/oauth2-auth/token";
    WebClient wc = createWebClient(address);

    String audienceURI = "https://localhost:" + port + "/oauth2-auth/token";

    // Create the SAML Assertion
    SamlCallbackHandler samlCallbackHandler = new SamlCallbackHandler(true);
    samlCallbackHandler.setConfirmationMethod(SAML2Constants.CONF_HOLDER_KEY);
    samlCallbackHandler.setSubjectName("alice");
    samlCallbackHandler.setAudience(audienceURI);

    SAMLCallback samlCallback = new SAMLCallback();
    SAMLUtil.doSAMLCallback(samlCallbackHandler, samlCallback);

    SamlAssertionWrapper samlAssertion = new SamlAssertionWrapper(samlCallback);
    if (samlCallback.isSignAssertion()) {
        samlAssertion.signAssertion(
            samlCallback.getIssuerKeyName(),
            samlCallback.getIssuerKeyPassword(),
            samlCallback.getIssuerCrypto(),
            samlCallback.isSendKeyValue(),
            samlCallback.getCanonicalizationAlgorithm(),
            samlCallback.getSignatureAlgorithm()
        );
    }

    String assertion = samlAssertion.assertionToString();

    String encodedAssertion = Base64UrlUtility.encode(assertion);

    Map<String, String> extraParams = new HashMap<>();
    extraParams.put(Constants.CLIENT_AUTH_ASSERTION_TYPE, Constants.CLIENT_AUTH_SAML2_BEARER);
    extraParams.put(Constants.CLIENT_AUTH_ASSERTION_PARAM, encodedAssertion);

    try {
        OAuthClientUtils.getAccessToken(wc, new CustomGrant(), extraParams);
        fail("Failure expected on a bad subject confirmation method");
    } catch (OAuthServiceException ex) {
        // expected
    }
}