View Javadoc
1   /**
2    * Licensed to the Apache Software Foundation (ASF) under one
3    * or more contributor license agreements. See the NOTICE file
4    * distributed with this work for additional information
5    * regarding copyright ownership. The ASF licenses this file
6    * to you under the Apache License, Version 2.0 (the
7    * "License"); you may not use this file except in compliance
8    * with the License. You may obtain a copy of the License at
9    *
10   * http://www.apache.org/licenses/LICENSE-2.0
11   *
12   * Unless required by applicable law or agreed to in writing,
13   * software distributed under the License is distributed on an
14   * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
15   * KIND, either express or implied. See the License for the
16   * specific language governing permissions and limitations
17   * under the License.
18   */
19  
20  package org.apache.wss4j.dom.handler;
21  
22  import java.util.Collections;
23  
24  import org.apache.wss4j.common.util.SOAPUtil;
25  import org.apache.wss4j.dom.WSConstants;
26  import org.apache.wss4j.dom.common.CustomHandler;
27  
28  import org.apache.wss4j.dom.common.UsernamePasswordCallbackHandler;
29  import org.apache.wss4j.dom.engine.WSSConfig;
30  
31  import org.junit.jupiter.api.Test;
32  import org.apache.wss4j.common.util.XMLUtils;
33  import org.w3c.dom.Document;
34  
35  import javax.security.auth.callback.CallbackHandler;
36  
37  import static org.junit.jupiter.api.Assertions.assertTrue;
38  
39  /**
40   * Test case for WSS-245 - "WSHandlerConstants.PW_CALLBACK_REF isn't correctly searched for"
41   *
42   * https://issues.apache.org/jira/browse/WSS-245
43   */
44  public class CallbackRefTest {
45      private static final org.slf4j.Logger LOG =
46          org.slf4j.LoggerFactory.getLogger(CallbackRefTest.class);
47      private CallbackHandler callbackHandler = new UsernamePasswordCallbackHandler();
48  
49      /**
50       * A test for WSHandler.getPassword(...), where the password is obtained from a
51       * Callback Handler, which is placed on the Message Context using a reference.
52       */
53      @Test
54      public void
55      testMessageContextRef() throws Exception {
56  
57          final WSSConfig cfg = WSSConfig.getNewInstance();
58          final RequestData reqData = new RequestData();
59          reqData.setWssConfig(cfg);
60          reqData.setUsername("alice");
61          reqData.setPwType(WSConstants.PASSWORD_TEXT);
62          java.util.Map<String, Object> messageContext = new java.util.TreeMap<>();
63          messageContext.put(
64              WSHandlerConstants.PW_CALLBACK_REF,
65              callbackHandler
66          );
67          reqData.setMsgContext(messageContext);
68  
69          final java.util.List<Integer> actions = new java.util.ArrayList<>();
70          actions.add(WSConstants.UT);
71          Document doc = SOAPUtil.toSOAPPart(SOAPUtil.SAMPLE_SOAP_MSG);
72          CustomHandler handler = new CustomHandler();
73          HandlerAction action = new HandlerAction(WSConstants.UT);
74          handler.send(
75              doc,
76              reqData,
77              Collections.singletonList(action),
78              true
79          );
80  
81          String outputString =
82              XMLUtils.prettyDocumentToString(doc);
83          if (LOG.isDebugEnabled()) {
84              LOG.debug(outputString);
85          }
86          assertTrue(outputString.contains("alice"));
87          assertTrue(outputString.contains("securityPassword"));
88      }
89  
90      /**
91       * A test for WSHandler.getPassword(...) where the password is obtained from a
92       * Callback Handler, which is obtained from the handler options using a ref.
93       */
94      @Test
95      public void
96      testHandlerOptionRef() throws Exception {
97  
98          final WSSConfig cfg = WSSConfig.getNewInstance();
99          final RequestData reqData = new RequestData();
100         reqData.setWssConfig(cfg);
101         reqData.setUsername("alice");
102         reqData.setPwType(WSConstants.PASSWORD_TEXT);
103         reqData.setMsgContext(new java.util.TreeMap<String, String>());
104 
105         final java.util.List<Integer> actions = new java.util.ArrayList<>();
106         actions.add(WSConstants.UT);
107         Document doc = SOAPUtil.toSOAPPart(SOAPUtil.SAMPLE_SOAP_MSG);
108         CustomHandler handler = new CustomHandler();
109         handler.setOption(WSHandlerConstants.PW_CALLBACK_REF, callbackHandler);
110         HandlerAction action = new HandlerAction(WSConstants.UT);
111         handler.send(
112             doc,
113             reqData,
114             Collections.singletonList(action),
115             true
116         );
117 
118         String outputString =
119             XMLUtils.prettyDocumentToString(doc);
120         if (LOG.isDebugEnabled()) {
121             LOG.debug(outputString);
122         }
123         assertTrue(outputString.contains("alice"));
124         assertTrue(outputString.contains("securityPassword"));
125     }
126 
127 }