BinarySecurityTokenTest xref


1   /**
2    * Licensed to the Apache Software Foundation (ASF) under one
3    * or more contributor license agreements. See the NOTICE file
4    * distributed with this work for additional information
5    * regarding copyright ownership. The ASF licenses this file
6    * to you under the Apache License, Version 2.0 (the
7    * "License"); you may not use this file except in compliance
8    * with the License. You may obtain a copy of the License at
9    *
10   * http://www.apache.org/licenses/LICENSE-2.0
11   *
12   * Unless required by applicable law or agreed to in writing,
13   * software distributed under the License is distributed on an
14   * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
15   * KIND, either express or implied. See the License for the
16   * specific language governing permissions and limitations
17   * under the License.
18   */
19  
20  package org.apache.ws.security.message.token;
21  
22  import org.apache.ws.security.WSSConfig;
23  import org.apache.ws.security.WSSecurityEngine;
24  import org.apache.ws.security.WSConstants;
25  import org.apache.ws.security.WSSecurityEngineResult;
26  import org.apache.ws.security.WSSecurityException;
27  import org.apache.ws.security.common.SOAPUtil;
28  import org.apache.ws.security.components.crypto.Crypto;
29  import org.apache.ws.security.components.crypto.CryptoFactory;
30  import org.apache.ws.security.components.crypto.CryptoType;
31  import org.apache.ws.security.message.WSSecHeader;
32  import org.apache.ws.security.util.WSSecurityUtil;
33  import org.w3c.dom.Document;
34  
35  import java.security.cert.X509Certificate;
36  import java.util.List;
37  
38  /**
39   * This is a test for constructing and processing BinarySecurityTokens.
40   */
41  public class BinarySecurityTokenTest extends org.junit.Assert {
42      private static final org.apache.commons.logging.Log LOG = 
43          org.apache.commons.logging.LogFactory.getLog(BinarySecurityTokenTest.class);
44      private Crypto crypto = null;
45      
46      public BinarySecurityTokenTest() throws Exception {
47          crypto = CryptoFactory.getInstance("wss40.properties");
48      }
49  
50      /**
51       * A unit test for an X.509 BinarySecurityToken
52       */
53      @org.junit.Test
54      public void testX509() throws Exception {
55          Document doc = SOAPUtil.toSOAPPart(SOAPUtil.SAMPLE_SOAP_MSG);
56  
57          WSSecHeader secHeader = new WSSecHeader();
58          secHeader.insertSecurityHeader(doc);
59          
60          X509Security bst = new X509Security(doc);
61          CryptoType cryptoType = new CryptoType(CryptoType.TYPE.ALIAS);
62          cryptoType.setAlias("wss40");
63          X509Certificate[] certs = crypto.getX509Certificates(cryptoType);
64          bst.setX509Certificate(certs[0]);
65          
66          WSSecurityUtil.prependChildElement(secHeader.getSecurityHeader(), bst.getElement());
67          
68          if (LOG.isDebugEnabled()) {
69              LOG.debug("BST output");
70              String outputString = 
71                  org.apache.ws.security.util.XMLUtils.PrettyDocumentToString(doc);
72              LOG.debug(outputString);
73          }
74          
75          WSSConfig config = WSSConfig.getNewInstance();
76          config.setWsiBSPCompliant(true);
77          WSSecurityEngine secEngine = new WSSecurityEngine();
78          secEngine.setWssConfig(config);
79          List<WSSecurityEngineResult> results = 
80              secEngine.processSecurityHeader(doc, null, null, crypto);
81          
82          WSSecurityEngineResult actionResult =
83              WSSecurityUtil.fetchActionResult(results, WSConstants.BST);
84          BinarySecurity token =
85              (BinarySecurity)actionResult.get(WSSecurityEngineResult.TAG_BINARY_SECURITY_TOKEN);
86          assertNotNull(token);
87          
88          BinarySecurity clone = new BinarySecurity(token.getElement());
89          assertTrue(clone.equals(token));
90          assertTrue(clone.hashCode() == token.hashCode());
91      }
92      
93      /**
94       * A unit test for an PKIPath BinarySecurityToken
95       */
96      @org.junit.Test
97      public void testPKIPath() throws Exception {
98          Document doc = SOAPUtil.toSOAPPart(SOAPUtil.SAMPLE_SOAP_MSG);
99  
100         WSSecHeader secHeader = new WSSecHeader();
101         secHeader.insertSecurityHeader(doc);
102         
103         PKIPathSecurity bst = new PKIPathSecurity(doc);
104         CryptoType cryptoType = new CryptoType(CryptoType.TYPE.ALIAS);
105         cryptoType.setAlias("wss40");
106         X509Certificate[] certs = crypto.getX509Certificates(cryptoType);
107         bst.setX509Certificates(certs, crypto);
108         
109         WSSecurityUtil.prependChildElement(secHeader.getSecurityHeader(), bst.getElement());
110         
111         if (LOG.isDebugEnabled()) {
112             LOG.debug("PKIPath output");
113             String outputString = 
114                 org.apache.ws.security.util.XMLUtils.PrettyDocumentToString(doc);
115             LOG.debug(outputString);
116         }
117         
118         WSSConfig config = WSSConfig.getNewInstance();
119         config.setWsiBSPCompliant(true);
120         WSSecurityEngine secEngine = new WSSecurityEngine();
121         secEngine.setWssConfig(config);
122         List<WSSecurityEngineResult> results = 
123             secEngine.processSecurityHeader(doc, null, null, crypto);
124         
125         WSSecurityEngineResult actionResult =
126             WSSecurityUtil.fetchActionResult(results, WSConstants.BST);
127         PKIPathSecurity token =
128             (PKIPathSecurity)actionResult.get(WSSecurityEngineResult.TAG_BINARY_SECURITY_TOKEN);
129         assertNotNull(token);
130     }
131     
132     /**
133      * A unit test for a custom BinarySecurityToken
134      */
135     @org.junit.Test
136     public void testCustomToken() throws Exception {
137         Document doc = SOAPUtil.toSOAPPart(SOAPUtil.SAMPLE_SOAP_MSG);
138 
139         WSSecHeader secHeader = new WSSecHeader();
140         secHeader.insertSecurityHeader(doc);
141         
142         BinarySecurity bst = new BinarySecurity(doc);
143         bst.setToken("12435677".getBytes());
144         
145         WSSecurityUtil.prependChildElement(secHeader.getSecurityHeader(), bst.getElement());
146         
147         if (LOG.isDebugEnabled()) {
148             LOG.debug("Custom Token output");
149             String outputString = 
150                 org.apache.ws.security.util.XMLUtils.PrettyDocumentToString(doc);
151             LOG.debug(outputString);
152         }
153         
154         WSSConfig config = WSSConfig.getNewInstance();
155         config.setWsiBSPCompliant(true);
156         WSSecurityEngine secEngine = new WSSecurityEngine();
157         secEngine.setWssConfig(config);
158         // Processing should fail as we have no ValueType attribute
159         try {
160             secEngine.processSecurityHeader(doc, null, null, crypto);
161             fail("Expected failure on no ValueType");
162         } catch (WSSecurityException ex) {
163             // expected
164         }
165         
166         doc = SOAPUtil.toSOAPPart(SOAPUtil.SAMPLE_SOAP_MSG);
167         bst = new BinarySecurity(doc);
168         bst.setToken("12435677".getBytes());
169         bst.setValueType("http://custom_value_Type");
170         secHeader = new WSSecHeader();
171         secHeader.insertSecurityHeader(doc);
172         WSSecurityUtil.prependChildElement(secHeader.getSecurityHeader(), bst.getElement());
173         
174         List<WSSecurityEngineResult> results = 
175             secEngine.processSecurityHeader(doc, null, null, crypto);
176         WSSecurityEngineResult actionResult =
177             WSSecurityUtil.fetchActionResult(results, WSConstants.BST);
178         BinarySecurity token =
179             (BinarySecurity)actionResult.get(WSSecurityEngineResult.TAG_BINARY_SECURITY_TOKEN);
180         assertNotNull(token);
181     }
182     
183 }