1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19 package org.apache.wss4j.stax.test;
20
21 import java.util.HashMap;
22 import java.util.Map;
23
24 import org.apache.wss4j.common.ConfigurationConstants;
25 import org.apache.wss4j.stax.ext.WSSConstants;
26 import org.apache.wss4j.stax.ext.WSSConstants.UsernameTokenPasswordType;
27 import org.apache.wss4j.stax.ext.WSSSecurityProperties;
28 import org.apache.wss4j.stax.securityToken.WSSecurityTokenConstants;
29 import org.apache.wss4j.stax.setup.ConfigurationConverter;
30 import org.apache.wss4j.stax.setup.WSSec;
31 import org.apache.wss4j.stax.test.saml.SAMLCallbackHandlerImpl;
32 import org.junit.jupiter.api.Test;
33
34 import static org.junit.jupiter.api.Assertions.assertEquals;
35 import static org.junit.jupiter.api.Assertions.assertFalse;
36 import static org.junit.jupiter.api.Assertions.assertNotNull;
37 import static org.junit.jupiter.api.Assertions.assertTrue;
38
39
40
41
42 public class ConfigurationConverterTest extends AbstractTestBase {
43
44 @Test
45 public void testUsernameTokenConfiguration() throws Exception {
46 Map<String, Object> config = new HashMap<>();
47 config.put(ConfigurationConstants.ACTION, ConfigurationConstants.USERNAME_TOKEN);
48 config.put(ConfigurationConstants.USER, "testuser");
49 config.put(ConfigurationConstants.PW_CALLBACK_CLASS, "org.apache.wss4j.stax.test.CallbackHandlerImpl");
50 config.put(ConfigurationConstants.PASSWORD_TYPE, "PasswordText");
51 config.put(ConfigurationConstants.ADD_USERNAMETOKEN_NONCE, "true");
52 config.put(ConfigurationConstants.ADD_USERNAMETOKEN_CREATED, "false");
53
54 WSSSecurityProperties properties = ConfigurationConverter.convert(config);
55 assertEquals(properties.getTokenUser(), "testuser");
56 assertEquals(properties.getActions().size(), 1);
57 assertEquals(properties.getActions().get(0), WSSConstants.USERNAMETOKEN);
58 assertTrue(properties.getCallbackHandler() instanceof CallbackHandlerImpl);
59 assertEquals(properties.getUsernameTokenPasswordType(),
60 UsernameTokenPasswordType.PASSWORD_TEXT);
61 assertTrue(properties.isAddUsernameTokenNonce());
62 assertFalse(properties.isAddUsernameTokenCreated());
63
64 WSSec.validateAndApplyDefaultsToOutboundSecurityProperties(properties);
65 }
66
67 @Test
68 public void testOutboundSignatureConfiguration() throws Exception {
69 Map<String, Object> config = new HashMap<>();
70 config.put(ConfigurationConstants.ACTION, ConfigurationConstants.SIGNATURE);
71 config.put(ConfigurationConstants.USER, "transmitter");
72 config.put(ConfigurationConstants.PW_CALLBACK_REF, new CallbackHandlerImpl());
73 String sigAlgo = "http://www.w3.org/2001/04/xmldsig-more#rsa-sha256";
74 config.put(ConfigurationConstants.SIG_ALGO, sigAlgo);
75 config.put(ConfigurationConstants.SIG_KEY_ID, "Thumbprint");
76 config.put(ConfigurationConstants.ADD_INCLUSIVE_PREFIXES, "false");
77 config.put(ConfigurationConstants.SIG_PROP_FILE, "transmitter-crypto.properties");
78 config.put(ConfigurationConstants.SIGNATURE_PARTS,
79 "{}{http://schemas.xmlsoap.org/soap/envelope/}Body;");
80
81 WSSSecurityProperties properties = ConfigurationConverter.convert(config);
82
83 assertEquals(properties.getSignatureUser(), "transmitter");
84 assertEquals(properties.getActions().size(), 1);
85 assertEquals(properties.getActions().get(0), WSSConstants.SIGNATURE);
86 assertTrue(properties.getCallbackHandler() instanceof CallbackHandlerImpl);
87 assertEquals(properties.getSignatureAlgorithm(), sigAlgo);
88 assertEquals(properties.getSignatureKeyIdentifiers().size(), 1);
89 assertEquals(properties.getSignatureKeyIdentifiers().get(0),
90 WSSecurityTokenConstants.KEYIDENTIFIER_THUMBPRINT_IDENTIFIER);
91 assertFalse(properties.isAddExcC14NInclusivePrefixes());
92 assertNotNull(properties.getSignatureCrypto());
93 assertNotNull(properties.getSignatureSecureParts());
94 assertEquals(properties.getSignatureSecureParts().size(), 1);
95 assertEquals(properties.getSignatureSecureParts().get(0).getName().getLocalPart(),
96 "Body");
97 assertEquals(properties.getSignatureSecureParts().get(0).getName().getNamespaceURI(),
98 "http://schemas.xmlsoap.org/soap/envelope/");
99
100 WSSec.validateAndApplyDefaultsToOutboundSecurityProperties(properties);
101 }
102
103 @Test
104 public void testInboundSignatureConfiguration() throws Exception {
105 Map<String, Object> config = new HashMap<>();
106 config.put(ConfigurationConstants.ACTION, ConfigurationConstants.SIGNATURE);
107 config.put(ConfigurationConstants.PW_CALLBACK_REF, new CallbackHandlerImpl());
108 config.put(ConfigurationConstants.ADD_INCLUSIVE_PREFIXES, "false");
109 config.put(ConfigurationConstants.SIG_VER_PROP_FILE, "transmitter-crypto.properties");
110 config.put(ConfigurationConstants.IS_BSP_COMPLIANT, "false");
111 config.put(ConfigurationConstants.ENABLE_REVOCATION, "true");
112
113 WSSSecurityProperties properties = ConfigurationConverter.convert(config);
114
115 assertEquals(properties.getActions().size(), 1);
116 assertEquals(properties.getActions().get(0), WSSConstants.SIGNATURE);
117 assertTrue(properties.getCallbackHandler() instanceof CallbackHandlerImpl);
118 assertTrue(properties.isDisableBSPEnforcement());
119 assertTrue(properties.isEnableRevocation());
120 assertNotNull(properties.getSignatureVerificationCrypto());
121
122 WSSec.validateAndApplyDefaultsToInboundSecurityProperties(properties);
123 }
124
125 @Test
126 public void testOutboundEncryptionConfiguration() throws Exception {
127 Map<String, Object> config = new HashMap<>();
128 config.put(ConfigurationConstants.ACTION, ConfigurationConstants.ENCRYPTION);
129 config.put(ConfigurationConstants.USER, "transmitter");
130 config.put(ConfigurationConstants.PW_CALLBACK_REF, new CallbackHandlerImpl());
131 config.put(ConfigurationConstants.ENC_KEY_TRANSPORT, WSSConstants.NS_XENC_RSA15);
132 config.put(ConfigurationConstants.ENC_KEY_ID, "EncryptedKeySHA1");
133 config.put(ConfigurationConstants.ENC_PROP_FILE, "receiver-crypto.properties");
134 config.put(ConfigurationConstants.ENCRYPTION_PARTS,
135 "{}{http://schemas.xmlsoap.org/soap/envelope/}Body;");
136
137 WSSSecurityProperties properties = ConfigurationConverter.convert(config);
138
139 assertEquals(properties.getEncryptionUser(), "transmitter");
140 assertEquals(properties.getActions().size(), 1);
141 assertEquals(properties.getActions().get(0), WSSConstants.ENCRYPTION);
142 assertTrue(properties.getCallbackHandler() instanceof CallbackHandlerImpl);
143 assertEquals(properties.getEncryptionKeyTransportAlgorithm(),
144 WSSConstants.NS_XENC_RSA15);
145 assertEquals(properties.getEncryptionKeyIdentifier(),
146 WSSecurityTokenConstants.KEYIDENTIFIER_ENCRYPTED_KEY_SHA1_IDENTIFIER);
147 assertNotNull(properties.getEncryptionCrypto());
148 assertNotNull(properties.getEncryptionSecureParts());
149 assertEquals(properties.getEncryptionSecureParts().size(), 1);
150 assertEquals(properties.getEncryptionSecureParts().get(0).getName().getLocalPart(),
151 "Body");
152 assertEquals(properties.getEncryptionSecureParts().get(0).getName().getNamespaceURI(),
153 "http://schemas.xmlsoap.org/soap/envelope/");
154
155 WSSec.validateAndApplyDefaultsToOutboundSecurityProperties(properties);
156 }
157
158 @Test
159 public void testOutboundEncryptionConfigurationOldConfigTag() throws Exception {
160 Map<String, Object> config = new HashMap<>();
161 config.put(ConfigurationConstants.ACTION, ConfigurationConstants.ENCRYPT);
162 config.put(ConfigurationConstants.USER, "transmitter");
163 config.put(ConfigurationConstants.PW_CALLBACK_REF, new CallbackHandlerImpl());
164 config.put(ConfigurationConstants.ENC_KEY_TRANSPORT, WSSConstants.NS_XENC_RSA15);
165 config.put(ConfigurationConstants.ENC_KEY_ID, "EncryptedKeySHA1");
166 config.put(ConfigurationConstants.ENC_PROP_FILE, "receiver-crypto.properties");
167 config.put(ConfigurationConstants.ENCRYPTION_PARTS,
168 "{}{http://schemas.xmlsoap.org/soap/envelope/}Body;");
169
170 WSSSecurityProperties properties = ConfigurationConverter.convert(config);
171
172 assertEquals(properties.getEncryptionUser(), "transmitter");
173 assertEquals(properties.getActions().size(), 1);
174 assertEquals(properties.getActions().get(0), WSSConstants.ENCRYPTION);
175 assertTrue(properties.getCallbackHandler() instanceof CallbackHandlerImpl);
176 assertEquals(properties.getEncryptionKeyTransportAlgorithm(),
177 WSSConstants.NS_XENC_RSA15);
178 assertEquals(properties.getEncryptionKeyIdentifier(),
179 WSSecurityTokenConstants.KEYIDENTIFIER_ENCRYPTED_KEY_SHA1_IDENTIFIER);
180 assertNotNull(properties.getEncryptionCrypto());
181 assertNotNull(properties.getEncryptionSecureParts());
182 assertEquals(properties.getEncryptionSecureParts().size(), 1);
183 assertEquals(properties.getEncryptionSecureParts().get(0).getName().getLocalPart(),
184 "Body");
185 assertEquals(properties.getEncryptionSecureParts().get(0).getName().getNamespaceURI(),
186 "http://schemas.xmlsoap.org/soap/envelope/");
187
188 WSSec.validateAndApplyDefaultsToOutboundSecurityProperties(properties);
189 }
190
191 @Test
192 public void testInboundEncryptionConfiguration() throws Exception {
193 Map<String, Object> config = new HashMap<>();
194 config.put(ConfigurationConstants.ACTION, ConfigurationConstants.ENCRYPTION);
195 config.put(ConfigurationConstants.PW_CALLBACK_REF, new CallbackHandlerImpl());
196 config.put(ConfigurationConstants.DEC_PROP_FILE, "receiver-crypto.properties");
197 config.put(ConfigurationConstants.ALLOW_RSA15_KEY_TRANSPORT_ALGORITHM, "true");
198
199 WSSSecurityProperties properties = ConfigurationConverter.convert(config);
200
201 assertEquals(properties.getActions().size(), 1);
202 assertEquals(properties.getActions().get(0), WSSConstants.ENCRYPTION);
203 assertTrue(properties.getCallbackHandler() instanceof CallbackHandlerImpl);
204 assertNotNull(properties.getDecryptionCrypto());
205
206 WSSec.validateAndApplyDefaultsToInboundSecurityProperties(properties);
207 }
208
209 @Test
210 public void testInboundEncryptionConfigurationOldConfigTag() throws Exception {
211 Map<String, Object> config = new HashMap<>();
212 config.put(ConfigurationConstants.ACTION, ConfigurationConstants.ENCRYPT);
213 config.put(ConfigurationConstants.PW_CALLBACK_REF, new CallbackHandlerImpl());
214 config.put(ConfigurationConstants.DEC_PROP_FILE, "receiver-crypto.properties");
215 config.put(ConfigurationConstants.ALLOW_RSA15_KEY_TRANSPORT_ALGORITHM, "true");
216
217 WSSSecurityProperties properties = ConfigurationConverter.convert(config);
218
219 assertEquals(properties.getActions().size(), 1);
220 assertEquals(properties.getActions().get(0), WSSConstants.ENCRYPTION);
221 assertTrue(properties.getCallbackHandler() instanceof CallbackHandlerImpl);
222 assertNotNull(properties.getDecryptionCrypto());
223
224 WSSec.validateAndApplyDefaultsToInboundSecurityProperties(properties);
225 }
226
227 @Test
228 public void testSAMLConfiguration() throws Exception {
229 Map<String, Object> config = new HashMap<>();
230 config.put(ConfigurationConstants.ACTION, ConfigurationConstants.SAML_TOKEN_UNSIGNED);
231 config.put(ConfigurationConstants.SAML_CALLBACK_REF, new SAMLCallbackHandlerImpl());
232
233 WSSSecurityProperties properties = ConfigurationConverter.convert(config);
234 assertEquals(properties.getActions().size(), 1);
235 assertEquals(properties.getActions().get(0), WSSConstants.SAML_TOKEN_UNSIGNED);
236 assertTrue(properties.getSamlCallbackHandler() instanceof SAMLCallbackHandlerImpl);
237
238 WSSec.validateAndApplyDefaultsToOutboundSecurityProperties(properties);
239 }
240
241 @Test
242 public void testTimestampConfiguration() throws Exception {
243
244 Map<String, Object> config = new HashMap<>();
245 config.put(ConfigurationConstants.ACTION, ConfigurationConstants.TIMESTAMP);
246 config.put(ConfigurationConstants.TTL_TIMESTAMP, "180");
247
248 WSSSecurityProperties properties = ConfigurationConverter.convert(config);
249 assertEquals(properties.getActions().size(), 1);
250 assertEquals(properties.getActions().get(0), WSSConstants.TIMESTAMP);
251 assertEquals(properties.getTimestampTTL(), Integer.valueOf(180));
252
253 WSSec.validateAndApplyDefaultsToOutboundSecurityProperties(properties);
254
255
256 config.put(ConfigurationConstants.TTL_FUTURE_TIMESTAMP, "120");
257 config.put(ConfigurationConstants.TIMESTAMP_STRICT, "false");
258
259 properties = ConfigurationConverter.convert(config);
260 assertEquals(properties.getTimeStampFutureTTL(), Integer.valueOf(120));
261 assertFalse(properties.isStrictTimestampCheck());
262
263 WSSec.validateAndApplyDefaultsToInboundSecurityProperties(properties);
264 }
265
266 }