Claim requestClaim = new Claim(); try { requestClaim.setClaimType(new URI(claimTypeUri)); } catch (URISyntaxException e) { LOG.log(
Claim requestClaim = new Claim(); try { requestClaim.setClaimType(new URI(claimTypeUri)); } catch (URISyntaxException e) { LOG.log(
private List<ClaimBean> getClaims( Claims claimsAnn, Claim claimAnn) { List<ClaimBean> claimsList = new ArrayList<>(); List<Claim> annClaims = new ArrayList<>(); if (claimsAnn != null) { annClaims.addAll(Arrays.asList(claimsAnn.value())); } else if (claimAnn != null) { annClaims.add(claimAnn); } for (Claim ann : annClaims) { org.apache.cxf.rt.security.claims.Claim claim = new org.apache.cxf.rt.security.claims.Claim(); String claimName = ann.name(); if (nameAliases.containsKey(claimName)) { claimName = nameAliases.get(claimName); } String claimFormat = ann.format(); if (formatAliases.containsKey(claimFormat)) { claimFormat = formatAliases.get(claimFormat); } claim.setClaimType(claimName); for (String value : ann.value()) { claim.addValue(value); } claimsList.add(new ClaimBean(claim, claimFormat, ann.mode(), ann.matchAll())); } return claimsList; }
private List<ClaimBean> getClaims( Claims claimsAnn, Claim claimAnn) { List<ClaimBean> claimsList = new ArrayList<>(); List<Claim> annClaims = new ArrayList<>(); if (claimsAnn != null) { annClaims.addAll(Arrays.asList(claimsAnn.value())); } else if (claimAnn != null) { annClaims.add(claimAnn); } for (Claim ann : annClaims) { org.apache.cxf.rt.security.claims.Claim claim = new org.apache.cxf.rt.security.claims.Claim(); String claimName = ann.name(); if (nameAliases.containsKey(claimName)) { claimName = nameAliases.get(claimName); } String claimFormat = ann.format(); if (formatAliases.containsKey(claimFormat)) { claimFormat = formatAliases.get(claimFormat); } claim.setClaimType(claimName); for (String value : ann.value()) { claim.addValue(value); } claimsList.add(new ClaimBean(claim, claimFormat, ann.mode(), ann.matchAll())); } return claimsList; }
public JwtTokenSecurityContext(JwtToken jwt, String roleClaim) { principal = new SimplePrincipal(jwt.getClaims().getSubject()); this.token = jwt; if (roleClaim != null && jwt.getClaims().containsProperty(roleClaim)) { roles = new HashSet<>(); String role = jwt.getClaims().getStringProperty(roleClaim).trim(); for (String r : role.split(",")) { roles.add(new SimpleGroup(r)); } } else { roles = Collections.emptySet(); } // Parse JwtToken into ClaimCollection jwt.getClaims().asMap().forEach((String name, Object values) -> { Claim claim = new Claim(); claim.setClaimType(name); if (values instanceof List<?>) { claim.setValues(CastUtils.cast((List<?>)values)); } else { claim.setValues(Collections.singletonList(values)); } claims.add(claim); }); }
private ClaimCollection createRequestClaimCollection() { ClaimCollection claims = new ClaimCollection(); Claim claim = new Claim(); claim.setClaimType(ClaimTypes.FIRSTNAME); claim.setOptional(true); claims.add(claim); claim = new Claim(); claim.setClaimType(ClaimTypes.LASTNAME); claim.setOptional(true); claims.add(claim); claim = new Claim(); claim.setClaimType(ClaimTypes.EMAILADDRESS); claim.setOptional(true); claims.add(claim); return claims; }
claim.setClaimType("http://custom/x509"); claim.setOptional(true); requestedClaims.add(claim);
claim.setClaimType(ClaimTypes.GENDER); claim.setOptional(true); requestedClaims.add(claim);
} else { Claim mergedClaim = new Claim(); mergedClaim.setClaimType(claim.getClaimType()); if (claim.getValues() != null && !claim.getValues().isEmpty()) { mergedClaim.setValues(claim.getValues());
} else { Claim mergedClaim = new Claim(); mergedClaim.setClaimType(claim.getClaimType()); if (claim.getValues() != null && !claim.getValues().isEmpty()) { mergedClaim.setValues(claim.getValues());
@org.junit.Test(expected = STSException.class) public void testRetrieveClaimsWithUnsupportedMandatoryClaimType() throws Exception { LdapClaimsHandler claimsHandler = (LdapClaimsHandler)appContext.getBean("testClaimsHandler"); ClaimsManager claimsManager = new ClaimsManager(); claimsManager.setClaimHandlers(Collections.singletonList(claimsHandler)); String user = props.getProperty("claimUser"); Assert.assertNotNull(user, "Property 'claimUser' not configured"); ClaimCollection requestedClaims = createRequestClaimCollection(); // add unsupported but mandatory claim Claim claim = new Claim(); claim.setClaimType(ClaimTypes.GENDER); claim.setOptional(false); requestedClaims.add(claim); ClaimsParameters params = new ClaimsParameters(); params.setPrincipal(new CustomTokenPrincipal(user)); claimsManager.retrieveClaimValues(requestedClaims, params); }
@org.junit.Test public void testRetrieveRolesForAlice() throws Exception { LdapGroupClaimsHandler claimsHandler = (LdapGroupClaimsHandler)appContext.getBean("testGroupClaimsHandler"); ClaimsManager claimsManager = new ClaimsManager(); claimsManager.setClaimHandlers(Collections.singletonList(claimsHandler)); String user = props.getProperty("claimUser"); Assert.assertNotNull(user, "Property 'claimUser' not configured"); ClaimCollection requestedClaims = new ClaimCollection(); Claim claim = new Claim(); String roleURI = "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/role"; claim.setClaimType(roleURI); requestedClaims.add(claim); ClaimsParameters params = new ClaimsParameters(); params.setPrincipal(new CustomTokenPrincipal(user)); ProcessedClaimCollection retrievedClaims = claimsManager.retrieveClaimValues(requestedClaims, params); Assert.assertTrue(retrievedClaims.size() == 1); Assert.assertTrue(retrievedClaims.get(0).getClaimType().equals(roleURI)); Assert.assertTrue(retrievedClaims.get(0).getValues().size() == 2); }
@org.junit.Test public void testRetrieveRolesForBob() throws Exception { LdapGroupClaimsHandler claimsHandler = (LdapGroupClaimsHandler)appContext.getBean("testGroupClaimsHandlerOtherUsers"); ClaimsManager claimsManager = new ClaimsManager(); claimsManager.setClaimHandlers(Collections.singletonList(claimsHandler)); String user = props.getProperty("otherClaimUser"); Assert.assertNotNull(user, "Property 'claimUser' not configured"); ClaimCollection requestedClaims = new ClaimCollection(); Claim claim = new Claim(); String roleURI = "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/role"; claim.setClaimType(roleURI); requestedClaims.add(claim); ClaimsParameters params = new ClaimsParameters(); params.setPrincipal(new CustomTokenPrincipal(user)); ProcessedClaimCollection retrievedClaims = claimsManager.retrieveClaimValues(requestedClaims, params); Assert.assertTrue(retrievedClaims.size() == 1); Assert.assertTrue(retrievedClaims.get(0).getClaimType().equals(roleURI)); Assert.assertTrue(retrievedClaims.get(0).getValues().size() == 2); }
@org.junit.Test public void testRetrieveRolesForAliceUsingLDAPLookup() throws Exception { LdapGroupClaimsHandler claimsHandler = (LdapGroupClaimsHandler)appContext.getBean("testGroupClaimsHandler"); ClaimsManager claimsManager = new ClaimsManager(); claimsManager.setClaimHandlers(Collections.singletonList(claimsHandler)); ClaimCollection requestedClaims = new ClaimCollection(); Claim claim = new Claim(); String roleURI = "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/role"; claim.setClaimType(roleURI); requestedClaims.add(claim); ClaimsParameters params = new ClaimsParameters(); params.setPrincipal(new CustomTokenPrincipal("cn=alice,ou=users,dc=example,dc=com")); ProcessedClaimCollection retrievedClaims = claimsManager.retrieveClaimValues(requestedClaims, params); Assert.assertTrue(retrievedClaims.size() == 1); Assert.assertTrue(retrievedClaims.get(0).getClaimType().equals(roleURI)); Assert.assertTrue(retrievedClaims.get(0).getValues().size() == 2); }
@org.junit.Test public void testRetrieveRolesForBobInBusinessCategoryWidgets() throws Exception { LdapGroupClaimsHandler claimsHandler = (LdapGroupClaimsHandler)appContext.getBean("testGroupClaimsHandlerFilter"); ClaimsManager claimsManager = new ClaimsManager(); claimsManager.setClaimHandlers(Collections.singletonList(claimsHandler)); String user = props.getProperty("otherClaimUser"); Assert.assertNotNull(user, "Property 'claimUser' not configured"); ClaimCollection requestedClaims = new ClaimCollection(); Claim claim = new Claim(); String roleURI = "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/role"; claim.setClaimType(roleURI); requestedClaims.add(claim); ClaimsParameters params = new ClaimsParameters(); params.setPrincipal(new CustomTokenPrincipal(user)); ProcessedClaimCollection retrievedClaims = claimsManager.retrieveClaimValues(requestedClaims, params); Assert.assertTrue(retrievedClaims.size() == 1); Assert.assertTrue(retrievedClaims.get(0).getClaimType().equals(roleURI)); Assert.assertTrue(retrievedClaims.get(0).getValues().size() == 1); }