Commit ae0ca2a6 authored by cdanger's avatar cdanger

- Upgraded parent project: 7.6.1

- Improved tests
parent 990b18c2
This diff is collapsed.
/**
* Copyright 2012-2017 Thales Services SAS.
* Copyright 2012-2019 Thales Services SAS.
*
* This file is part of AuthzForce CE.
*
......@@ -26,21 +26,16 @@ import java.util.List;
import javax.xml.XMLConstants;
import javax.xml.bind.JAXBContext;
import javax.xml.bind.JAXBElement;
import javax.xml.bind.JAXBException;
import javax.xml.bind.util.JAXBSource;
import javax.xml.namespace.QName;
import javax.xml.transform.Source;
import javax.xml.transform.stream.StreamSource;
import javax.xml.validation.Schema;
import javax.xml.validation.SchemaFactory;
import javax.xml.validation.Validator;
import oasis.names.tc.xacml._3_0.core.schema.wd_17.Attribute;
import oasis.names.tc.xacml._3_0.core.schema.wd_17.AttributeValueType;
import oasis.names.tc.xacml._3_0.core.schema.wd_17.Attributes;
import oasis.names.tc.xacml._3_0.core.schema.wd_17.Request;
import oasis.names.tc.xacml._3_0.core.schema.wd_17.Response;
import oasis.names.tc.xacml._3_0.core.schema.wd_17.Result;
import org.apache.cxf.Bus;
import org.apache.cxf.BusFactory;
import org.apache.cxf.bus.spring.SpringBusFactory;
......@@ -49,10 +44,19 @@ import org.apache.cxf.interceptor.LoggingOutInterceptor;
import org.apache.cxf.jaxrs.client.ClientConfiguration;
import org.apache.cxf.jaxrs.client.JAXRSClientFactory;
import org.apache.cxf.jaxrs.client.WebClient;
import org.apache.cxf.jaxrs.provider.JAXBElementProvider;
import org.ow2.authzforce.rest.api.jaxrs.DomainResource;
import org.ow2.authzforce.rest.api.jaxrs.DomainsResource;
import org.xml.sax.SAXException;
import oasis.names.tc.xacml._3_0.core.schema.wd_17.Attribute;
import oasis.names.tc.xacml._3_0.core.schema.wd_17.AttributeValueType;
import oasis.names.tc.xacml._3_0.core.schema.wd_17.Attributes;
import oasis.names.tc.xacml._3_0.core.schema.wd_17.Content;
import oasis.names.tc.xacml._3_0.core.schema.wd_17.Request;
import oasis.names.tc.xacml._3_0.core.schema.wd_17.Response;
import oasis.names.tc.xacml._3_0.core.schema.wd_17.Result;
/**
* Sample client code to request the Authorization PDP
*
......@@ -65,7 +69,8 @@ public class AzClient
try
{
XACML_JAXB_CONTEXT = JAXBContext.newInstance(Request.class, Response.class);
} catch (JAXBException e)
}
catch (final JAXBException e)
{
throw new RuntimeException("Failed to initialize XACML schema's JAXB context for (un)marshalling Request/Response elements", e);
}
......@@ -75,12 +80,13 @@ public class AzClient
static
{
try (final InputStream xacmlPolicyXsdIn = AzClient.class.getResourceAsStream("/xml.xsd");
final InputStream xacmlCtxXsdIn = AzClient.class.getResourceAsStream("/xacml-core-v3-schema-wd-17.xsd");)
final InputStream xacmlCtxXsdIn = AzClient.class.getResourceAsStream("/xacml-core-v3-schema-wd-17.xsd");)
{
final Source xacmlPolicyXsd = new StreamSource(xacmlPolicyXsdIn);
final Source xacmlCtxXsd = new StreamSource(xacmlCtxXsdIn);
XACML_SCHEMA = SchemaFactory.newInstance(XMLConstants.W3C_XML_SCHEMA_NS_URI).newSchema(new Source[] { xacmlPolicyXsd, xacmlCtxXsd });
} catch (IOException | SAXException e)
}
catch (IOException | SAXException e)
{
throw new RuntimeException("Failed to load XACML schema for validating Request/Response elements", e);
}
......@@ -94,7 +100,7 @@ public class AzClient
* @throws IOException
* @throws SAXException
*/
public static void main(String[] args) throws JAXBException, SAXException, IOException
public static void main(final String[] args) throws JAXBException, SAXException, IOException
{
// For SSL debugging
System.setProperty("javax.net.debug", "all");
......@@ -114,7 +120,13 @@ public class AzClient
/**
* Create the REST (JAX-RS) client
*/
final DomainsResource domainsResourceProxy = JAXRSClientFactory.create(serviceBaseURL, DomainsResource.class);
final JAXBElementProvider jaxbProvider = new JAXBElementProvider();
jaxbProvider.setSingleJaxbContext(true);
/*
* Extra XML CSontent to be sent in XACML Request (ContentTest element)
*/
jaxbProvider.setExtraClass(new Class[] { ContentTest.class });
final DomainsResource domainsResourceProxy = JAXRSClientFactory.create(serviceBaseURL, DomainsResource.class, Collections.singletonList(jaxbProvider));
/**
* Request/response logging (for debugging).
......@@ -132,45 +144,39 @@ public class AzClient
final List<Attributes> attributesList = new ArrayList<>();
// Subject/Subject ID
final AttributeValueType subjIdAttrVal = new AttributeValueType(Collections.<Serializable> singletonList("bs@simpsons.com"),
"http://www.w3.org/2001/XMLSchema#string", null);
final Attribute subjIdAttr = new Attribute(Collections.singletonList(subjIdAttrVal), "urn:oasis:names:tc:xacml:1.0:subject:subject-id",
"http://issuer.example.com", false);
final Attributes subjectAttributes = new Attributes(null, Collections.singletonList(subjIdAttr),
"urn:oasis:names:tc:xacml:1.0:subject-category:access-subject", null);
final AttributeValueType subjIdAttrVal = new AttributeValueType(Collections.<Serializable>singletonList("bs@simpsons.com"), "http://www.w3.org/2001/XMLSchema#string", null);
final Attribute subjIdAttr = new Attribute(Collections.singletonList(subjIdAttrVal), "urn:oasis:names:tc:xacml:1.0:subject:subject-id", "http://issuer.example.com", false);
final Attributes subjectAttributes = new Attributes(null, Collections.singletonList(subjIdAttr), "urn:oasis:names:tc:xacml:1.0:subject-category:access-subject", null);
attributesList.add(subjectAttributes);
// Resource/Resource ID
final AttributeValueType resIdAttrVal = new AttributeValueType(
Collections.<Serializable> singletonList("file://example/med/record/patient/BartSimpson"), "http://www.w3.org/2001/XMLSchema#string", null);
final Attribute resIdAttr = new Attribute(Collections.singletonList(resIdAttrVal), "urn:oasis:names:tc:xacml:1.0:resource:resource-id",
"http://issuer.example.com", false);
final Attributes resourceAttributes = new Attributes(null, Collections.singletonList(resIdAttr),
"urn:oasis:names:tc:xacml:3.0:attribute-category:resource", null);
final AttributeValueType resIdAttrVal = new AttributeValueType(Collections.<Serializable>singletonList("file://example/med/record/patient/BartSimpson"),
"http://www.w3.org/2001/XMLSchema#string", null);
final Attribute resIdAttr = new Attribute(Collections.singletonList(resIdAttrVal), "urn:oasis:names:tc:xacml:1.0:resource:resource-id", "http://issuer.example.com", false);
final Attributes resourceAttributes = new Attributes(null, Collections.singletonList(resIdAttr), "urn:oasis:names:tc:xacml:3.0:attribute-category:resource", null);
attributesList.add(resourceAttributes);
// Action/Action ID
final AttributeValueType actIdAttrVal = new AttributeValueType(Collections.<Serializable> singletonList("read"),
"http://www.w3.org/2001/XMLSchema#string", null);
final Attribute actIdAttr = new Attribute(Collections.singletonList(actIdAttrVal), "urn:oasis:names:tc:xacml:1.0:action:action-id",
"http://issuer.example.com", false);
final Attributes actionAttributes = new Attributes(null, Collections.singletonList(actIdAttr),
"urn:oasis:names:tc:xacml:3.0:attribute-category:action", null);
final AttributeValueType actIdAttrVal = new AttributeValueType(Collections.<Serializable>singletonList("read"), "http://www.w3.org/2001/XMLSchema#string", null);
final Attribute actIdAttr = new Attribute(Collections.singletonList(actIdAttrVal), "urn:oasis:names:tc:xacml:1.0:action:action-id", "http://issuer.example.com", false);
final Attributes actionAttributes = new Attributes(null, Collections.singletonList(actIdAttr), "urn:oasis:names:tc:xacml:3.0:attribute-category:action", null);
attributesList.add(actionAttributes);
// Environment/current-date
final AttributeValueType envAttrVal = new AttributeValueType(Collections.<Serializable> singletonList("2010-01-11"),
"http://www.w3.org/2001/XMLSchema#date", null);
final Attribute envAttr = new Attribute(Collections.singletonList(envAttrVal), "urn:oasis:names:tc:xacml:1.0:environment:current-date",
"http://issuer.example.com", false);
final Attributes envAttributes = new Attributes(null, Collections.singletonList(envAttr),
"urn:oasis:names:tc:xacml:3.0:attribute-category:environment", null);
final AttributeValueType envAttrVal = new AttributeValueType(Collections.<Serializable>singletonList("2010-01-11"), "http://www.w3.org/2001/XMLSchema#date", null);
final Attribute envAttr = new Attribute(Collections.singletonList(envAttrVal), "urn:oasis:names:tc:xacml:1.0:environment:current-date", "http://issuer.example.com", false);
/*
* CHANGE: custom Content (ContentTest)
*/
final JAXBElement<ContentTest> customJaxbElt = new JAXBElement<>(QName.valueOf("{com.cryptas.cryons.security.xacml}contentTest"), ContentTest.class, new ContentTest());
final Attributes envAttributes = new Attributes(new Content(Collections.singletonList(customJaxbElt)), Collections.singletonList(envAttr),
"urn:oasis:names:tc:xacml:3.0:attribute-category:environment", null);
attributesList.add(envAttributes);
Request req = new Request(null, attributesList, null, false, false);
final Request req = new Request(null, attributesList, null, false, false);
// Request validation against schema (a malformed XACML request will be rejected by the
// service)
XACML_SCHEMA_VALIDATOR.validate(new JAXBSource(XACML_JAXB_CONTEXT, req));
// XACML_SCHEMA_VALIDATOR.validate(new JAXBSource(XACML_JAXB_CONTEXT, req));
// Send the XACML request to PDP
final Response response = myDomain.getPdpResource().requestPolicyDecision(req);
......@@ -178,9 +184,8 @@ public class AzClient
for (final Result result : response.getResults())
{
System.out.println("Authorization decision: " + result.getDecision() + "; status code: " + result.getStatus().getStatusCode().getValue()
+ "; status message: " + result.getStatus().getStatusMessage() + "; "
+ (result.getObligations() == null ? 0 : result.getObligations().getObligations().size()) + " obligation(s)");
System.out.println("Authorization decision: " + result.getDecision() + "; status code: " + result.getStatus().getStatusCode().getValue() + "; status message: "
+ result.getStatus().getStatusMessage() + "; " + (result.getObligations() == null ? 0 : result.getObligations().getObligations().size()) + " obligation(s)");
}
}
......
/**
* Copyright 2012-2019 Thales Services SAS.
*
* This file is part of AuthzForce CE.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.ow2.authzforce.rest.api.test;
import java.io.Serializable;
import javax.xml.bind.annotation.XmlAccessType;
import javax.xml.bind.annotation.XmlAccessorType;
import javax.xml.bind.annotation.XmlAttribute;
import javax.xml.bind.annotation.XmlRootElement;
/**
* Example of extra JAXB-annotated class for extra XML content sent in XACML Request/Content by the JAX-RS test client
*
*/
@XmlAccessorType(XmlAccessType.FIELD)
@XmlRootElement(name = "ContentTest")
public class ContentTest implements Serializable
{
private static final long serialVersionUID = 1L;
@XmlAttribute(name = "realContent")
public String realContent = "Hello World";
}
<?xml version="1.0" encoding="UTF-8"?>
<catalog xmlns="urn:oasis:names:tc:entity:xmlns:xml:catalog">
<systemSuffix systemIdSuffix="xml.xsd" uri="classpath:xml.xsd"/>
<uri name="http://www.w3.org/2005/Atom" uri="classpath:atom.xsd"/>
<uri name="urn:oasis:names:tc:xacml:3.0:core:schema:wd-17" uri="classpath:xacml-core-v3-schema-wd-17.xsd"/>
<uri name="http://authzforce.github.io/xmlns/pdp/ext/3" uri="classpath:pdp-ext-base.xsd"/>
<system systemId="authzforce-ext.xsd" uri="classpath:authzforce-ext.xsd"/>
</catalog>
......@@ -31,17 +31,23 @@
http://www.springframework.org/schema/util/spring-util.xsd">
<util:list id="apiSchemaLocations">
<value>classpath:/xsd/authz-api.xsd</value>
<value>classpath:/xsd/authz-rest-api.xsd</value>
</util:list>
<bean id="apiSchemaHandler" class="org.apache.cxf.jaxrs.utils.schemas.SchemaHandler">
<property name="catalogLocation" value="classpath:META-INF/jax-rs-catalog.xml" />
<property name="catalogLocation" value="classpath:catalog.xml" />
<property name="schemaLocations" ref="apiSchemaLocations" />
</bean>
<bean id="jaxbProvider" class="org.apache.cxf.jaxrs.provider.JAXBElementProvider">
<property name="singleJaxbContext" value="true" />
<!-- <property name="extraClass" ref="extensionJaxbClassArray" /> -->
<!-- See CXF doc: https://cxf.apache.org/docs/jax-rs-data-bindings.html#JAX-RSDataBindings-SingleJAXBContextandextrauserclasses -->
<property name="extraClass">
<list>
<!-- Example of extra class -->
<value>org.ow2.authzforce.rest.api.test.ContentTest</value>
</list>
</property>
<property name="schemaHandler" ref="apiSchemaHandler" />
</bean>
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment