Author: coheigea
Date: Mon Sep 23 15:06:45 2013
New Revision: 1525618
URL: http://svn.apache.org/r1525618
Log:
[CXF-4543] - Encode multi value claims as multi-value saml attribute
Modified:
cxf/trunk/services/sts/sts-core/src/main/java/org/apache/cxf/sts/claims/Claim.java
cxf/trunk/services/sts/sts-core/src/main/java/org/apache/cxf/sts/claims/ClaimsAttributeStatementProvider.java
cxf/trunk/services/sts/sts-core/src/test/java/org/apache/cxf/sts/common/CustomAttributeProvider.java
cxf/trunk/services/sts/sts-core/src/test/java/org/apache/cxf/sts/common/CustomClaimsHandler.java
cxf/trunk/services/sts/sts-core/src/test/java/org/apache/cxf/sts/token/provider/SAMLClaimsTest.java
Modified:
cxf/trunk/services/sts/sts-core/src/main/java/org/apache/cxf/sts/claims/Claim.java
URL:
http://svn.apache.org/viewvc/cxf/trunk/services/sts/sts-core/src/main/java/org/apache/cxf/sts/claims/Claim.java?rev=1525618&r1=1525617&r2=1525618&view=diff
==============================================================================
---
cxf/trunk/services/sts/sts-core/src/main/java/org/apache/cxf/sts/claims/Claim.java
(original)
+++
cxf/trunk/services/sts/sts-core/src/main/java/org/apache/cxf/sts/claims/Claim.java
Mon Sep 23 15:06:45 2013
@@ -39,6 +39,7 @@ public class Claim implements Serializab
private String originalIssuer;
private transient Principal principal;
private List<String> values = new ArrayList<String>(1);
+ private List<?> customValues;
public String getIssuer() {
return issuer;
@@ -85,21 +86,12 @@ public class Claim implements Serializab
return values;
}
- @Deprecated
- public void setValue(String value) {
- this.values.clear();
- if (value != null) {
- this.values.add(value);
- }
- }
- @Deprecated
- public String getValue() {
- if (this.values.size() == 0) {
- return null;
- } else if (this.values.size() == 1) {
- return this.values.get(0);
- }
- throw new IllegalStateException("Claim has multiple values");
+ public List<?> getCustomValues() {
+ return customValues;
+ }
+
+ public void setCustomValues(List<?> customValues) {
+ this.customValues = customValues;
}
}
Modified:
cxf/trunk/services/sts/sts-core/src/main/java/org/apache/cxf/sts/claims/ClaimsAttributeStatementProvider.java
URL:
http://svn.apache.org/viewvc/cxf/trunk/services/sts/sts-core/src/main/java/org/apache/cxf/sts/claims/ClaimsAttributeStatementProvider.java?rev=1525618&r1=1525617&r2=1525618&view=diff
==============================================================================
---
cxf/trunk/services/sts/sts-core/src/main/java/org/apache/cxf/sts/claims/ClaimsAttributeStatementProvider.java
(original)
+++
cxf/trunk/services/sts/sts-core/src/main/java/org/apache/cxf/sts/claims/ClaimsAttributeStatementProvider.java
Mon Sep 23 15:06:45 2013
@@ -100,6 +100,10 @@ public class ClaimsAttributeStatementPro
attributeBean.setQualifiedName(namespace);
}
attributeBean.setAttributeValues(claim.getValues());
+
+ if (claim.getCustomValues() != null) {
+
attributeBean.setCustomAttributeValues(claim.getCustomValues());
+ }
attributeList.add(attributeBean);
}
attrBean.setSamlAttributes(attributeList);
Modified:
cxf/trunk/services/sts/sts-core/src/test/java/org/apache/cxf/sts/common/CustomAttributeProvider.java
URL:
http://svn.apache.org/viewvc/cxf/trunk/services/sts/sts-core/src/test/java/org/apache/cxf/sts/common/CustomAttributeProvider.java?rev=1525618&r1=1525617&r2=1525618&view=diff
==============================================================================
---
cxf/trunk/services/sts/sts-core/src/test/java/org/apache/cxf/sts/common/CustomAttributeProvider.java
(original)
+++
cxf/trunk/services/sts/sts-core/src/test/java/org/apache/cxf/sts/common/CustomAttributeProvider.java
Mon Sep 23 15:06:45 2013
@@ -183,6 +183,10 @@ public class CustomAttributeProvider imp
attributeBean.setSimpleName(claim.getClaimType().toString());
}
attributeBean.setAttributeValues(claim.getValues());
+
+ if (claim.getCustomValues() != null) {
+ attributeBean.setCustomAttributeValues(claim.getCustomValues());
+ }
return attributeBean;
}
Modified:
cxf/trunk/services/sts/sts-core/src/test/java/org/apache/cxf/sts/common/CustomClaimsHandler.java
URL:
http://svn.apache.org/viewvc/cxf/trunk/services/sts/sts-core/src/test/java/org/apache/cxf/sts/common/CustomClaimsHandler.java?rev=1525618&r1=1525617&r2=1525618&view=diff
==============================================================================
---
cxf/trunk/services/sts/sts-core/src/test/java/org/apache/cxf/sts/common/CustomClaimsHandler.java
(original)
+++
cxf/trunk/services/sts/sts-core/src/test/java/org/apache/cxf/sts/common/CustomClaimsHandler.java
Mon Sep 23 15:06:45 2013
@@ -21,6 +21,7 @@ package org.apache.cxf.sts.common;
import java.net.URI;
import java.security.Principal;
import java.util.ArrayList;
+import java.util.Collections;
import java.util.List;
import org.apache.cxf.sts.claims.Claim;
@@ -31,6 +32,11 @@ import org.apache.cxf.sts.claims.ClaimsP
import org.apache.cxf.sts.claims.RequestClaim;
import org.apache.cxf.sts.claims.RequestClaimCollection;
import org.apache.cxf.sts.common.CustomClaimParser.CustomRequestClaim;
+import org.opensaml.Configuration;
+import org.opensaml.saml2.core.AttributeValue;
+import org.opensaml.xml.XMLObjectBuilder;
+import org.opensaml.xml.XMLObjectBuilderFactory;
+import org.opensaml.xml.schema.XSInteger;
/**
* A custom ClaimsHandler implementation for use in the tests.
@@ -46,6 +52,7 @@ public class CustomClaimsHandler impleme
knownURIs.add(ClaimTypes.LASTNAME);
knownURIs.add(ClaimTypes.EMAILADDRESS);
knownURIs.add(ClaimTypes.STREETADDRESS);
+ knownURIs.add(ClaimTypes.MOBILEPHONE);
knownURIs.add(ROLE_CLAIM);
}
@@ -75,6 +82,19 @@ public class CustomClaimsHandler impleme
claim.addValue("[email protected]");
} else if
(ClaimTypes.STREETADDRESS.equals(requestClaim.getClaimType())) {
claim.addValue("1234 1st Street");
+ } else if
(ClaimTypes.MOBILEPHONE.equals(requestClaim.getClaimType())) {
+ // Test custom (Integer) attribute value
+ XMLObjectBuilderFactory builderFactory =
Configuration.getBuilderFactory();
+
+ @SuppressWarnings("unchecked")
+ XMLObjectBuilder<XSInteger> xsIntegerBuilder =
+
(XMLObjectBuilder<XSInteger>)builderFactory.getBuilder(XSInteger.TYPE_NAME);
+ XSInteger attributeValue =
+
xsIntegerBuilder.buildObject(AttributeValue.DEFAULT_ELEMENT_NAME,
XSInteger.TYPE_NAME);
+ attributeValue.setValue(185912592);
+
+
claim.setCustomValues(Collections.singletonList(attributeValue));
+
} else if (ROLE_CLAIM.equals(requestClaim.getClaimType())) {
String requestedRole = requestClaim.getClaimValue();
if (isUserInRole(parameters.getPrincipal(),
requestedRole)) {
Modified:
cxf/trunk/services/sts/sts-core/src/test/java/org/apache/cxf/sts/token/provider/SAMLClaimsTest.java
URL:
http://svn.apache.org/viewvc/cxf/trunk/services/sts/sts-core/src/test/java/org/apache/cxf/sts/token/provider/SAMLClaimsTest.java?rev=1525618&r1=1525617&r2=1525618&view=diff
==============================================================================
---
cxf/trunk/services/sts/sts-core/src/test/java/org/apache/cxf/sts/token/provider/SAMLClaimsTest.java
(original)
+++
cxf/trunk/services/sts/sts-core/src/test/java/org/apache/cxf/sts/token/provider/SAMLClaimsTest.java
Mon Sep 23 15:06:45 2013
@@ -359,6 +359,45 @@ public class SAMLClaimsTest extends org.
}
}
+ /**
+ * Test the creation of a SAML2 Assertion with various Attributes set by a
ClaimsHandler.
+ */
+ @org.junit.Test
+ public void testSaml2ClaimsInteger() throws Exception {
+ TokenProvider samlTokenProvider = new SAMLTokenProvider();
+ TokenProviderParameters providerParameters =
+ createProviderParameters(WSConstants.WSS_SAML2_TOKEN_TYPE,
STSConstants.BEARER_KEY_KEYTYPE, null);
+
+ ClaimsManager claimsManager = new ClaimsManager();
+ ClaimsHandler claimsHandler = new CustomClaimsHandler();
+
claimsManager.setClaimHandlers(Collections.singletonList(claimsHandler));
+ providerParameters.setClaimsManager(claimsManager);
+
+ RequestClaimCollection claims = new RequestClaimCollection();
+ RequestClaim claim = new RequestClaim();
+ claim.setClaimType(ClaimTypes.MOBILEPHONE);
+ claims.add(claim);
+ providerParameters.setRequestedPrimaryClaims(claims);
+
+ List<AttributeStatementProvider> customProviderList = new
ArrayList<AttributeStatementProvider>();
+ customProviderList.add(new CustomAttributeProvider());
+
((SAMLTokenProvider)samlTokenProvider).setAttributeStatementProviders(customProviderList);
+
+
assertTrue(samlTokenProvider.canHandleToken(WSConstants.WSS_SAML2_TOKEN_TYPE));
+ TokenProviderResponse providerResponse =
samlTokenProvider.createToken(providerParameters);
+ assertTrue(providerResponse != null);
+ assertTrue(providerResponse.getToken() != null &&
providerResponse.getTokenId() != null);
+
+ Element token = providerResponse.getToken();
+ String tokenString = DOM2Writer.nodeToString(token);
+ assertTrue(tokenString.contains(providerResponse.getTokenId()));
+ assertTrue(tokenString.contains("AttributeStatement"));
+ assertTrue(tokenString.contains("alice"));
+ assertTrue(tokenString.contains(SAML2Constants.CONF_BEARER));
+ assertTrue(tokenString.contains(ClaimTypes.MOBILEPHONE.toString()));
+ }
+
+
private TokenProviderParameters createProviderParameters(
String tokenType, String keyType, String appliesTo
) throws WSSecurityException {
