[CXF-5622] - SAMLSSOResponseValidator broken by CommonsBean update
Project: http://git-wip-us.apache.org/repos/asf/cxf/repo Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/7757436e Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/7757436e Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/7757436e Branch: refs/heads/master Commit: 7757436e5e5460d4429e29f21e141833eed724f0 Parents: 61cad67 Author: Colm O hEigeartaigh <[email protected]> Authored: Wed Apr 2 15:04:42 2014 +0100 Committer: Colm O hEigeartaigh <[email protected]> Committed: Wed Apr 2 15:39:43 2014 +0100 ---------------------------------------------------------------------- .../rs/security/saml/sso/SAMLSSOResponseValidatorTest.java | 9 +++++++-- .../systest/jaxrs/security/oauth2/SamlCallbackHandler.java | 8 +++++++- .../systest/jaxrs/security/oauth2/SamlCallbackHandler2.java | 7 ++++++- .../systest/jaxrs/security/saml/SamlCallbackHandler.java | 7 ++++++- 4 files changed, 26 insertions(+), 5 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/cxf/blob/7757436e/rt/rs/security/sso/saml/src/test/java/org/apache/cxf/rs/security/saml/sso/SAMLSSOResponseValidatorTest.java ---------------------------------------------------------------------- diff --git a/rt/rs/security/sso/saml/src/test/java/org/apache/cxf/rs/security/saml/sso/SAMLSSOResponseValidatorTest.java b/rt/rs/security/sso/saml/src/test/java/org/apache/cxf/rs/security/saml/sso/SAMLSSOResponseValidatorTest.java index 0a95584..ebe08d5 100644 --- a/rt/rs/security/sso/saml/src/test/java/org/apache/cxf/rs/security/saml/sso/SAMLSSOResponseValidatorTest.java +++ b/rt/rs/security/sso/saml/src/test/java/org/apache/cxf/rs/security/saml/sso/SAMLSSOResponseValidatorTest.java @@ -19,17 +19,19 @@ package org.apache.cxf.rs.security.saml.sso; +import java.util.Collections; + import javax.xml.parsers.DocumentBuilder; import javax.xml.parsers.DocumentBuilderFactory; import org.w3c.dom.Document; import org.w3c.dom.Element; - import org.apache.wss4j.common.ext.WSSecurityException; import org.apache.wss4j.common.saml.OpenSAMLUtil; import org.apache.wss4j.common.saml.SAMLCallback; import org.apache.wss4j.common.saml.SAMLUtil; import org.apache.wss4j.common.saml.SamlAssertionWrapper; +import org.apache.wss4j.common.saml.bean.AudienceRestrictionBean; import org.apache.wss4j.common.saml.bean.ConditionsBean; import org.apache.wss4j.common.saml.bean.SubjectConfirmationDataBean; import org.apache.wss4j.common.saml.builder.SAML2Constants; @@ -220,7 +222,10 @@ public class SAMLSSOResponseValidatorTest extends org.junit.Assert { ConditionsBean conditions = new ConditionsBean(); conditions.setNotBefore(new DateTime()); conditions.setNotAfter(new DateTime().plusMinutes(5)); - conditions.setAudienceURI("http://service.apache.org";); + + AudienceRestrictionBean audienceRestriction = new AudienceRestrictionBean(); + audienceRestriction.setAudienceURIs(Collections.singletonList("http://service.apache.org";)); + conditions.setAudienceRestrictions(Collections.singletonList(audienceRestriction)); callbackHandler.setConditions(conditions); SAMLCallback samlCallback = new SAMLCallback(); http://git-wip-us.apache.org/repos/asf/cxf/blob/7757436e/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/SamlCallbackHandler.java ---------------------------------------------------------------------- diff --git a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/SamlCallbackHandler.java b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/SamlCallbackHandler.java index 8d70a94..17ebbc1 100644 --- a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/SamlCallbackHandler.java +++ b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/SamlCallbackHandler.java @@ -36,6 +36,7 @@ import org.apache.wss4j.common.saml.SAMLCallback; import org.apache.wss4j.common.saml.bean.ActionBean; import org.apache.wss4j.common.saml.bean.AttributeBean; import org.apache.wss4j.common.saml.bean.AttributeStatementBean; +import org.apache.wss4j.common.saml.bean.AudienceRestrictionBean; import org.apache.wss4j.common.saml.bean.AuthDecisionStatementBean; import org.apache.wss4j.common.saml.bean.AuthDecisionStatementBean.Decision; import org.apache.wss4j.common.saml.bean.AuthenticationStatementBean; @@ -80,7 +81,12 @@ public class SamlCallbackHandler implements CallbackHandler { callback.setSubject(subjectBean); ConditionsBean conditions = new ConditionsBean(); - conditions.setAudienceURI("https://localhost:"; + PORT + "/oauth2/token"); + + AudienceRestrictionBean audienceRestriction = new AudienceRestrictionBean(); + String audienceURI = "https://localhost:"; + PORT + "/oauth2/token"; + audienceRestriction.setAudienceURIs(Collections.singletonList(audienceURI)); + conditions.setAudienceRestrictions(Collections.singletonList(audienceRestriction)); + callback.setConditions(conditions); AuthDecisionStatementBean authDecBean = new AuthDecisionStatementBean(); http://git-wip-us.apache.org/repos/asf/cxf/blob/7757436e/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/SamlCallbackHandler2.java ---------------------------------------------------------------------- diff --git a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/SamlCallbackHandler2.java b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/SamlCallbackHandler2.java index ec4f0fd..0816a3f 100644 --- a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/SamlCallbackHandler2.java +++ b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/SamlCallbackHandler2.java @@ -36,6 +36,7 @@ import org.apache.wss4j.common.saml.SAMLCallback; import org.apache.wss4j.common.saml.bean.ActionBean; import org.apache.wss4j.common.saml.bean.AttributeBean; import org.apache.wss4j.common.saml.bean.AttributeStatementBean; +import org.apache.wss4j.common.saml.bean.AudienceRestrictionBean; import org.apache.wss4j.common.saml.bean.AuthDecisionStatementBean; import org.apache.wss4j.common.saml.bean.AuthDecisionStatementBean.Decision; import org.apache.wss4j.common.saml.bean.AuthenticationStatementBean; @@ -80,7 +81,11 @@ public class SamlCallbackHandler2 implements CallbackHandler { callback.setSubject(subjectBean); ConditionsBean conditions = new ConditionsBean(); - conditions.setAudienceURI("https://localhost:"; + PORT + "/oauth2-auth/token"); + AudienceRestrictionBean audienceRestriction = new AudienceRestrictionBean(); + String audienceURI = "https://localhost:"; + PORT + "/oauth2-auth/token"; + audienceRestriction.setAudienceURIs(Collections.singletonList(audienceURI)); + conditions.setAudienceRestrictions(Collections.singletonList(audienceRestriction)); + callback.setConditions(conditions); AuthDecisionStatementBean authDecBean = new AuthDecisionStatementBean(); http://git-wip-us.apache.org/repos/asf/cxf/blob/7757436e/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/saml/SamlCallbackHandler.java ---------------------------------------------------------------------- diff --git a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/saml/SamlCallbackHandler.java b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/saml/SamlCallbackHandler.java index f6bf2b4..657e416 100644 --- a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/saml/SamlCallbackHandler.java +++ b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/saml/SamlCallbackHandler.java @@ -41,6 +41,7 @@ import org.apache.wss4j.common.saml.SAMLCallback; import org.apache.wss4j.common.saml.bean.ActionBean; import org.apache.wss4j.common.saml.bean.AttributeBean; import org.apache.wss4j.common.saml.bean.AttributeStatementBean; +import org.apache.wss4j.common.saml.bean.AudienceRestrictionBean; import org.apache.wss4j.common.saml.bean.AuthDecisionStatementBean; import org.apache.wss4j.common.saml.bean.AuthDecisionStatementBean.Decision; import org.apache.wss4j.common.saml.bean.AuthenticationStatementBean; @@ -117,7 +118,11 @@ public class SamlCallbackHandler implements CallbackHandler { callback.setSubject(subjectBean); ConditionsBean conditions = new ConditionsBean(); - conditions.setAudienceURI("https://sp.example.com/SAML2";); + + AudienceRestrictionBean audienceRestriction = new AudienceRestrictionBean(); + audienceRestriction.setAudienceURIs(Collections.singletonList("https://sp.example.com/SAML2";)); + conditions.setAudienceRestrictions(Collections.singletonList(audienceRestriction)); + callback.setConditions(conditions); AuthDecisionStatementBean authDecBean = new AuthDecisionStatementBean();
