[jboss-cvs] Picketlink SVN: r618 - in integration-tests/trunk/picketlink-sts-tests: src/test/java/org/picketlink/test/integration/sts and 1 other directory.
jboss-cvs-commits at lists.jboss.org
jboss-cvs-commits at lists.jboss.org
Wed Dec 22 16:45:19 EST 2010
Author: sguilhen at redhat.com
Date: 2010-12-22 16:45:18 -0500 (Wed, 22 Dec 2010)
New Revision: 618
Modified:
integration-tests/trunk/picketlink-sts-tests/.classpath
integration-tests/trunk/picketlink-sts-tests/src/test/java/org/picketlink/test/integration/sts/PicketLinkSTSIntegrationUnitTestCase.java
Log:
Fixed STS integration tests
Modified: integration-tests/trunk/picketlink-sts-tests/.classpath
===================================================================
--- integration-tests/trunk/picketlink-sts-tests/.classpath 2010-12-22 19:06:56 UTC (rev 617)
+++ integration-tests/trunk/picketlink-sts-tests/.classpath 2010-12-22 21:45:18 UTC (rev 618)
@@ -1,17 +1,8 @@
+<?xml version="1.0" encoding="UTF-8"?>
<classpath>
- <classpathentry kind="src" path="src/test/java" output="target/test-classes" including="**/*.java"/>
- <classpathentry kind="src" path="src/test/resources" output="target/test-classes" excluding="**/*.java"/>
- <classpathentry kind="output" path="target/classes"/>
- <classpathentry kind="var" path="M2_REPO/javax/servlet/servlet-api/2.3/servlet-api-2.3.jar" sourcepath="M2_REPO/javax/servlet/servlet-api/2.3/servlet-api-2.3-sources.jar"/>
- <classpathentry kind="var" path="M2_REPO/ant/ant/1.5/ant-1.5.jar"/>
- <classpathentry kind="var" path="M2_REPO/ant-contrib/ant-contrib/1.0b2/ant-contrib-1.0b2.jar" sourcepath="M2_REPO/ant-contrib/ant-contrib/1.0b2/ant-contrib-1.0b2-sources.jar"/>
- <classpathentry kind="var" path="M2_REPO/httpunit/httpunit/1.7/httpunit-1.7.jar" sourcepath="M2_REPO/httpunit/httpunit/1.7/httpunit-1.7-sources.jar"/>
- <classpathentry kind="var" path="M2_REPO/rhino/js/1.6R7/js-1.6R7.jar"/>
- <classpathentry kind="var" path="M2_REPO/jtidy/jtidy/4aug2000r7-dev/jtidy-4aug2000r7-dev.jar" sourcepath="M2_REPO/jtidy/jtidy/4aug2000r7-dev/jtidy-4aug2000r7-dev-sources.jar"/>
- <classpathentry kind="var" path="M2_REPO/junit/junit/4.4/junit-4.4.jar" sourcepath="M2_REPO/junit/junit/4.4/junit-4.4-sources.jar"/>
- <classpathentry kind="var" path="M2_REPO/apache-log4j/log4j/1.2.14/log4j-1.2.14.jar" sourcepath="M2_REPO/apache-log4j/log4j/1.2.14/log4j-1.2.14-sources.jar"/>
- <classpathentry kind="var" path="M2_REPO/nekohtml/nekohtml/1.9.12/nekohtml-1.9.12.jar"/>
- <classpathentry kind="var" path="M2_REPO/org/picketlink/picketlink-fed/2.0.0-SNAPSHOT/picketlink-fed-2.0.0-SNAPSHOT.jar" sourcepath="M2_REPO/org/picketlink/picketlink-fed/2.0.0-SNAPSHOT/picketlink-fed-2.0.0-SNAPSHOT-sources.jar"/>
- <classpathentry kind="var" path="M2_REPO/apache-xerces/xercesImpl/2.9.1/xercesImpl-2.9.1.jar"/>
- <classpathentry kind="con" path="org.eclipse.jdt.launching.JRE_CONTAINER"/>
-</classpath>
\ No newline at end of file
+ <classpathentry kind="src" output="target/test-classes" path="src/test/java"/>
+ <classpathentry excluding="**" kind="src" output="target/test-classes" path="src/test/resources"/>
+ <classpathentry kind="con" path="org.eclipse.jdt.launching.JRE_CONTAINER/org.eclipse.jdt.internal.debug.ui.launcher.StandardVMType/JavaSE-1.6"/>
+ <classpathentry kind="con" path="org.maven.ide.eclipse.MAVEN2_CLASSPATH_CONTAINER"/>
+ <classpathentry kind="output" path="target/classes"/>
+</classpath>
Modified: integration-tests/trunk/picketlink-sts-tests/src/test/java/org/picketlink/test/integration/sts/PicketLinkSTSIntegrationUnitTestCase.java
===================================================================
--- integration-tests/trunk/picketlink-sts-tests/src/test/java/org/picketlink/test/integration/sts/PicketLinkSTSIntegrationUnitTestCase.java 2010-12-22 19:06:56 UTC (rev 617)
+++ integration-tests/trunk/picketlink-sts-tests/src/test/java/org/picketlink/test/integration/sts/PicketLinkSTSIntegrationUnitTestCase.java 2010-12-22 21:45:18 UTC (rev 618)
@@ -30,7 +30,6 @@
import java.security.spec.RSAPublicKeySpec;
import java.util.List;
-import javax.xml.bind.JAXBElement;
import javax.xml.datatype.DatatypeConstants;
import javax.xml.ws.WebServiceException;
@@ -44,7 +43,7 @@
import org.picketlink.identity.federation.core.wstrust.WSTrustConstants;
import org.picketlink.identity.federation.core.wstrust.WSTrustUtil;
import org.picketlink.identity.federation.core.wstrust.plugins.saml.SAMLUtil;
-import org.picketlink.identity.federation.core.wstrust.wrappers.RequestSecurityToken;
+import org.picketlink.identity.federation.core.wstrust.wrappers.RequestSecurityToken;
import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AssertionType;
import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AudienceRestrictionType;
import org.picketlink.identity.federation.newmodel.saml.v2.assertion.ConditionAbstractType;
@@ -59,8 +58,8 @@
import org.picketlink.identity.xmlsec.w3.xmldsig.KeyInfoType;
import org.picketlink.identity.xmlsec.w3.xmldsig.KeyValueType;
import org.picketlink.identity.xmlsec.w3.xmldsig.RSAKeyValueType;
+import org.picketlink.identity.xmlsec.w3.xmldsig.X509CertificateType;
import org.picketlink.identity.xmlsec.w3.xmldsig.X509DataType;
-import org.picketlink.identity.xmlsec.w3.xmlenc.EncryptedKeyType;
import org.w3c.dom.Element;
/**
@@ -122,7 +121,8 @@
*
* </p>
*
- * @throws Exception if an error occurs while running the test.
+ * @throws Exception
+ * if an error occurs while running the test.
*/
@Test
public void testIssueSAML20() throws Exception
@@ -135,7 +135,7 @@
// in this scenario, the conditions section should NOT have an audience restriction.
ConditionsType conditionsType = assertion.getConditions();
-
+
List<ConditionAbstractType> conditions = conditionsType.getConditions();
Assert.assertEquals("Unexpected restriction list size", 0, conditions.size());
}
@@ -147,7 +147,8 @@
* case, the request should be handled by the standard {@code SAML20TokenProvider}.
* </p>
*
- * @throws Exception if an error occurs while running the test.
+ * @throws Exception
+ * if an error occurs while running the test.
*/
@Test
public void testIssueSAML20AppliesTo() throws Exception
@@ -161,14 +162,14 @@
// in this scenario, the conditions section should have an audience restriction.
ConditionsType conditionsType = assertion.getConditions();
List<ConditionAbstractType> conditions = conditionsType.getConditions();
-
+
Assert.assertEquals("Unexpected restriction list size", 1, conditions.size());
ConditionAbstractType abstractType = conditions.get(0);
Assert.assertTrue("Unexpected restriction type", abstractType instanceof AudienceRestrictionType);
AudienceRestrictionType audienceRestriction = (AudienceRestrictionType) abstractType;
Assert.assertEquals("Unexpected audience restriction list size", 1, audienceRestriction.getAudience().size());
Assert.assertEquals("Unexpected audience restriction item", "http://services.testcorp.org/provider1",
- audienceRestriction.getAudience().get(0));
+ audienceRestriction.getAudience().get(0).toString());
}
@@ -179,7 +180,8 @@
* the request).
* </p>
*
- * @throws Exception if an error occurs while running the test.
+ * @throws Exception
+ * if an error occurs while running the test.
*/
@Test
public void testIssueSAML20OnBehalfOf() throws Exception
@@ -211,7 +213,8 @@
* this key as the proof token. The WS-Trust response should contain the STS-generated key.
* </p>
*
- * @throws Exception if an error occurs while running the test.
+ * @throws Exception
+ * if an error occurs while running the test.
*/
@Test
public void testIssueSAML20WithSTSGeneratedSymmetricKey() throws Exception
@@ -231,7 +234,8 @@
AssertionType assertion = this.validateSAML20Assertion(assertionElement, "admin",
SAMLUtil.SAML2_HOLDER_OF_KEY_URI);
// validate the holder of key contents.
- SubjectConfirmationType subjConfirmation = (SubjectConfirmationType) assertion.getSubject().getConfirmation().get(0);
+ SubjectConfirmationType subjConfirmation = (SubjectConfirmationType) assertion.getSubject().getConfirmation()
+ .get(0);
this.validateHolderOfKeyContents(subjConfirmation, WSTrustConstants.KEY_TYPE_SYMMETRIC, null, false);
// TODO: client API must allow access to the WS-Trust response for retrieval of the proof token.
@@ -245,7 +249,8 @@
* should include the STS key to allow reconstruction of the combined key and the algorithm used to combine the keys.
* </p>
*
- * @throws Exception if an error occurs while running the test.
+ * @throws Exception
+ * if an error occurs while running the test.
*/
@Test
public void testIssueSAML20WithCombinedSymmetricKey() throws Exception
@@ -277,7 +282,8 @@
AssertionType assertion = this.validateSAML20Assertion(assertionElement, "admin",
SAMLUtil.SAML2_HOLDER_OF_KEY_URI);
// validate the holder of key contents.
- SubjectConfirmationType subjConfirmation = (SubjectConfirmationType) assertion.getSubject().getConfirmation().get(0) ;
+ SubjectConfirmationType subjConfirmation = (SubjectConfirmationType) assertion.getSubject().getConfirmation()
+ .get(0);
this.validateHolderOfKeyContents(subjConfirmation, WSTrustConstants.KEY_TYPE_SYMMETRIC, null, false);
// TODO: client API must allow access to the WS-Trust response for retrieval of the server entropy and algorithm.
@@ -289,7 +295,8 @@
* The STS must include the specified certificate in the SAML subject confirmation.
* </p>
*
- * @throws Exception if an error occurs while running the test.
+ * @throws Exception
+ * if an error occurs while running the test.
*/
@Test
public void testIssueSAML20WithCertificate() throws Exception
@@ -312,7 +319,8 @@
AssertionType assertion = this.validateSAML20Assertion(assertionElement, "admin",
SAMLUtil.SAML2_HOLDER_OF_KEY_URI);
// validate the holder of key contents.
- SubjectConfirmationType subjConfirmation = (SubjectConfirmationType) assertion.getSubject().getConfirmation().get(0);
+ SubjectConfirmationType subjConfirmation = (SubjectConfirmationType) assertion.getSubject().getConfirmation()
+ .get(0);
this.validateHolderOfKeyContents(subjConfirmation, WSTrustConstants.KEY_TYPE_PUBLIC, certificate, false);
}
@@ -322,7 +330,8 @@
* STS must include the specified public key in the SAML subject confirmation.
* </p>
*
- * @throws Exception if an error occurs while running the test.
+ * @throws Exception
+ * if an error occurs while running the test.
*/
@Test
public void testIssueSAML20WithPublicKey() throws Exception
@@ -346,7 +355,8 @@
AssertionType assertion = this.validateSAML20Assertion(assertionElement, "admin",
SAMLUtil.SAML2_HOLDER_OF_KEY_URI);
// validate the holder of key contents.
- SubjectConfirmationType subjConfirmation = (SubjectConfirmationType) assertion.getSubject().getConfirmation().get(0);
+ SubjectConfirmationType subjConfirmation = (SubjectConfirmationType) assertion.getSubject().getConfirmation()
+ .get(0);
this.validateHolderOfKeyContents(subjConfirmation, WSTrustConstants.KEY_TYPE_PUBLIC, certificate, true);
}
@@ -356,7 +366,8 @@
* assertion renewed (i.e. get a new assertion with an updated lifetime).
* </p>
*
- * @throws Exception if an error occurs while running the test.
+ * @throws Exception
+ * if an error occurs while running the test.
*/
@Test
public void testRenewSAML20() throws Exception
@@ -390,7 +401,8 @@
* the assertion validated, checking the validation results.
* </p>
*
- * @throws Exception if an error occurs while running the test.
+ * @throws Exception
+ * if an error occurs while running the test.
*/
@Test
public void testValidateSAML20() throws Exception
@@ -415,7 +427,8 @@
* the assertion. A canceled assertion cannot be renewed or considered valid anymore.
* </p>
*
- * @throws Exception if an error occurs while running the test.
+ * @throws Exception
+ * if an error occurs while running the test.
*/
@Test
public void testCancelSAML20() throws Exception
@@ -453,7 +466,8 @@
* security token service.
* </p>
*
- * @throws Exception if an error occurs while running the test.
+ * @throws Exception
+ * if an error occurs while running the test.
*/
@Test
public void testIssueUnknownTokenType() throws Exception
@@ -477,12 +491,16 @@
* Validates the contents of the specified SAML 2.0 assertion.
* </p>
*
- * @param assertionElement the SAML 2.0 assertion to be validated.
- * @param assertionPrincipal the principal that is expected to be seen in the assertion subject.
- * @param confirmationMethod the expected confirmation method.
+ * @param assertionElement
+ * the SAML 2.0 assertion to be validated.
+ * @param assertionPrincipal
+ * the principal that is expected to be seen in the assertion subject.
+ * @param confirmationMethod
+ * the expected confirmation method.
* @return The SAML assertion JAXB representation. This object can be used by the test methods to perform extra
* validations depending on the scenario being tested.
- * @throws Exception if an error occurs while validating the assertion.
+ * @throws Exception
+ * if an error occurs while validating the assertion.
*/
private AssertionType validateSAML20Assertion(Element assertionElement, String assertionPrincipal,
String confirmationMethod) throws Exception
@@ -497,14 +515,14 @@
// validate the assertion subject.
Assert.assertNotNull("Unexpected null subject", assertion.getSubject());
-
+
SubjectType subject = assertion.getSubject();
NameIDType nameID = (NameIDType) subject.getSubType().getBaseID();
-
+
Assert.assertEquals("Unexpected name id qualifier", "urn:picketlink:identity-federation", nameID
.getNameQualifier());
- Assert.assertEquals("Unexpected name id value", assertionPrincipal, nameID.getValue());
- SubjectConfirmationType subjType = (SubjectConfirmationType) subject.getSubType().getConfirmation().get(0);
+ Assert.assertEquals("Unexpected name id value", assertionPrincipal, nameID.getValue());
+ SubjectConfirmationType subjType = (SubjectConfirmationType) subject.getConfirmation().get(0);
Assert.assertEquals("Unexpected confirmation method", confirmationMethod, subjType.getMethod());
// validate the assertion conditions.
@@ -524,33 +542,33 @@
* confirmation method has been used.
* </p>
*
- * @param subjectConfirmation the {@code SubjectConfirmationType} to be validated.
- * @param keyType the type of the proof-of-possession key (Symmetric or Public).
- * @param certificate the certificate used in the Public Key scenarios.
- * @param usePublicKey {@code true} if the certificate's Public Key was used as the proof-of-possession token;
- * {@code false} otherwise.
- * @throws Exception if an error occurs while performing the validation.
+ * @param subjectConfirmation
+ * the {@code SubjectConfirmationType} to be validated.
+ * @param keyType
+ * the type of the proof-of-possession key (Symmetric or Public).
+ * @param certificate
+ * the certificate used in the Public Key scenarios.
+ * @param usePublicKey
+ * {@code true} if the certificate's Public Key was used as the proof-of-possession token; {@code false}
+ * otherwise.
+ * @throws Exception
+ * if an error occurs while performing the validation.
*/
private void validateHolderOfKeyContents(SubjectConfirmationType subjectConfirmation, String keyType,
Certificate certificate, boolean usePublicKey) throws Exception
{
SubjectConfirmationDataType subjConfirmationDataType = subjectConfirmation.getSubjectConfirmationData();
Assert.assertNotNull("Unexpected null subject confirmation data", subjConfirmationDataType);
- throw new RuntimeException( "FIX" );
- /*List<Object> confirmationContent = subjConfirmationDataType.getContent();
- Assert.assertEquals("Unexpected subject confirmation content size", 1, confirmationContent.size());
- JAXBElement<?> keyInfoElement = (JAXBElement<?>) confirmationContent.get(0);
- Assert.assertEquals("Unexpected subject confirmation context type", KeyInfoType.class, keyInfoElement
- .getDeclaredType());
- KeyInfoType keyInfo = (KeyInfoType) keyInfoElement.getValue();
+
+ KeyInfoType keyInfo = (KeyInfoType) subjConfirmationDataType.getAnyType();
Assert.assertEquals("Unexpected key info content size", 1, keyInfo.getContent().size());
// if the key is a symmetric key, the KeyInfo should contain an encrypted element.
if (WSTrustConstants.KEY_TYPE_SYMMETRIC.equals(keyType))
{
- JAXBElement<?> encKeyElement = (JAXBElement<?>) keyInfo.getContent().get(0);
- Assert.assertEquals("Unexpected key info content type", EncryptedKeyType.class, encKeyElement
- .getDeclaredType());
+ Element encKeyElement = (Element) keyInfo.getContent().get(0);
+ Assert.assertEquals("Unexpected key info content type", WSTrustConstants.XMLEnc.ENCRYPTED_KEY, encKeyElement
+ .getLocalName());
}
// if the key is public, KeyInfo should either contain an encoded certificate or an encoded public key.
else if (WSTrustConstants.KEY_TYPE_PUBLIC.equals(keyType))
@@ -558,20 +576,15 @@
// if the public key has been used as proof, we should be able to retrieve it from KeyValueType.
if (usePublicKey == true)
{
- JAXBElement<?> keyValueElement = (JAXBElement<?>) keyInfo.getContent().get(0);
- Assert.assertEquals("Unexpected key info content type", KeyValueType.class, keyValueElement
- .getDeclaredType());
- KeyValueType keyValue = (KeyValueType) keyValueElement.getValue();
+ KeyValueType keyValue = (KeyValueType) keyInfo.getContent().get(0);
List<Object> keyValueContent = keyValue.getContent();
Assert.assertEquals("Unexpected key value content size", 1, keyValueContent.size());
- JAXBElement<?> rsaKeyValueElement = (JAXBElement<?>) keyValue.getContent().get(0);
- Assert.assertEquals("Unexpected key value content type", RSAKeyValueType.class, rsaKeyValueElement
- .getDeclaredType());
- RSAKeyValueType rsaKeyValue = (RSAKeyValueType) rsaKeyValueElement.getValue();
+ Assert.assertEquals("Unexpected key value content type", RSAKeyValueType.class, keyValueContent.get(0).getClass());
+ RSAKeyValueType rsaKeyValue = (RSAKeyValueType) keyValueContent.get(0);
// reconstruct the public key and check if it matches the public key of the provided certificate.
- BigInteger modulus = new BigInteger(1, rsaKeyValue.getModulus());
- BigInteger exponent = new BigInteger(1, rsaKeyValue.getExponent());
+ BigInteger modulus = new BigInteger(1, Base64.decode(new String(rsaKeyValue.getModulus())));
+ BigInteger exponent = new BigInteger(1, Base64.decode(new String(rsaKeyValue.getExponent())));
KeyFactory factory = KeyFactory.getInstance("RSA");
RSAPublicKeySpec spec = new RSAPublicKeySpec(modulus, exponent);
RSAPublicKey genKey = (RSAPublicKey) factory.generatePublic(spec);
@@ -580,22 +593,19 @@
// if the whole certificate was used as proof, we should be able to retrieve it from X509DataType.
else
{
- JAXBElement<?> x509DataElement = (JAXBElement<?>) keyInfo.getContent().get(0);
- Assert.assertEquals("Unexpected key info content type", X509DataType.class, x509DataElement
- .getDeclaredType());
- X509DataType x509Data = (X509DataType) x509DataElement.getValue();
+ X509DataType x509Data = (X509DataType) keyInfo.getContent().get(0);
Assert.assertEquals("Unexpected X509 data content size", 1, x509Data
.getX509IssuerSerialOrX509SKIOrX509SubjectName().size());
- JAXBElement<?> x509CertElement = (JAXBElement<?>) x509Data.getX509IssuerSerialOrX509SKIOrX509SubjectName()
- .get(0);
- Assert.assertEquals("Unexpected X509 data content type", byte[].class, x509CertElement.getDeclaredType());
- byte[] encodedCertificate = (byte[]) x509CertElement.getValue();
+ Object content = x509Data.getX509IssuerSerialOrX509SKIOrX509SubjectName().get(0);
+ Assert.assertTrue("Unexpected X509 data content type", content instanceof X509CertificateType);
+ byte[] encodedCertificate = ((X509CertificateType) content).getEncodedCertificate();
// reconstruct the certificate and check if it matches the provided certificate.
- ByteArrayInputStream byteInputStream = new ByteArrayInputStream(encodedCertificate);
+ ByteArrayInputStream byteInputStream = new ByteArrayInputStream(Base64.decode(encodedCertificate, 0,
+ encodedCertificate.length));
Assert.assertEquals("Invalid certificate in key info", certificate, CertificateFactory.getInstance("X.509")
.generateCertificate(byteInputStream));
}
- }*/
+ }
}
}
\ No newline at end of file
More information about the jboss-cvs-commits
mailing list