/** Test for various options relating to receiving an algorithm for encryption */ @org.junit.Test public void testReceivedEncryptionAlgorithm() throws Exception { TokenIssueOperation issueOperation = new TokenIssueOperation(); issueOperation.setEncryptIssuedToken(true); // Add Token Provider List<TokenProvider> providerList = new ArrayList<TokenProvider>(); providerList.add(new DummyTokenProvider()); issueOperation.setTokenProviders(providerList); // Add Service ServiceMBean service = new StaticService(); service.setEndpoints(Collections.singletonList("http://dummy-service.com/dummy")); EncryptionProperties encryptionProperties = new EncryptionProperties(); encryptionProperties.setEncryptionName("myservicekey"); service.setEncryptionProperties(encryptionProperties); issueOperation.setServices(Collections.singletonList(service)); // Add STSProperties object StaticSTSProperties stsProperties = new StaticSTSProperties(); Crypto encryptionCrypto = CryptoFactory.getInstance(getEncryptionProperties()); stsProperties.setEncryptionCrypto(encryptionCrypto); stsProperties.setCallbackHandler(new PasswordCallbackHandler()); issueOperation.setStsProperties(stsProperties); // Mock up a request RequestSecurityTokenType request = new RequestSecurityTokenType(); JAXBElement<String> tokenType = new JAXBElement<String>( QNameConstants.TOKEN_TYPE, String.class, DummyTokenProvider.TOKEN_TYPE); request.getAny().add(tokenType); request.getAny().add(createAppliesToElement("http://dummy-service.com/dummy")); JAXBElement<String> encryptionAlgorithmType = new JAXBElement<String>( QNameConstants.ENCRYPTION_ALGORITHM, String.class, WSConstants.AES_128); request.getAny().add(encryptionAlgorithmType); // Mock up message context MessageImpl msg = new MessageImpl(); WrappedMessageContext msgCtx = new WrappedMessageContext(msg); // Issue a token RequestSecurityTokenResponseCollectionType response = issueOperation.issue(request, null, msgCtx); List<RequestSecurityTokenResponseType> securityTokenResponse = response.getRequestSecurityTokenResponse(); assertTrue(!securityTokenResponse.isEmpty()); // Now specify a non-supported algorithm List<String> acceptedAlgorithms = Collections.singletonList(WSConstants.KEYTRANSPORT_RSA15); encryptionProperties.setAcceptedEncryptionAlgorithms(acceptedAlgorithms); request.getAny().remove(request.getAny().size() - 1); encryptionAlgorithmType = new JAXBElement<String>( QNameConstants.ENCRYPTION_ALGORITHM, String.class, WSConstants.KEYTRANSPORT_RSA15); request.getAny().add(encryptionAlgorithmType); try { issueOperation.issue(request, null, msgCtx); fail("Failure expected on a bad encryption algorithm"); } catch (STSException ex) { // expected } }