public void testAutoCredentialCreation() {
   AssertionCredentialsManager cm = null;
   try {
     cm = Utils.getAssertionCredentialsManager();
     X509Certificate cert = cm.getIdPCertificate();
     assertNotNull(cert);
     assertNotNull(cm.getIdPKey());
     String expectedSub = Utils.CA_SUBJECT_PREFIX + ",CN=" + AssertionCredentialsManager.CERT_DN;
     assertEquals(expectedSub, cert.getSubjectDN().toString());
     SAMLAssertion saml =
         cm.getAuthenticationAssertion(TEST_UID, TEST_FIRST_NAME, TEST_LAST_NAME, TEST_EMAIL);
     verifySAMLAssertion(saml, cm);
     String xml = SAMLUtils.samlAssertionToString(saml);
     SAMLAssertion saml2 = SAMLUtils.stringToSAMLAssertion(xml);
     verifySAMLAssertion(saml2, cm);
   } catch (Exception e) {
     FaultUtil.printFault(e);
     assertTrue(false);
   } finally {
     try {
       cm.clearDatabase();
     } catch (Exception e) {
       e.printStackTrace();
     }
   }
 }
示例#2
0
  public org.cagrid.gaards.authentication.service.SAMLAssertion authenticate(
      org.cagrid.gaards.authentication.service.Credential credential)
      throws InvalidCredentialException, InsufficientAttributeException,
          AuthenticationProviderException {
    if (credential.getBasicAuthenticationCredential() != null) {
      if (credential.getCredentialExtension() != null) {
        InvalidCredentialException fault =
            FaultHelper.createFaultException(
                InvalidCredentialException.class,
                "The credential extension cannot be used to authenticate with the deprecated authenticate method, only a basic authentication credential is supported.");
        throw fault;
      } else {
        BasicAuthenticationCredential cred = credential.getBasicAuthenticationCredential();
        BasicAuthentication auth = new BasicAuthentication();
        auth.setUserId(cred.getUserId());
        auth.setPassword(cred.getPassword());
        try {
          SAMLAssertion saml = this.authenticate(auth);
          org.cagrid.gaards.authentication.service.SAMLAssertion assertion =
              new org.cagrid.gaards.authentication.service.SAMLAssertion();
          assertion.setXml(SAMLUtils.samlAssertionToString(saml));
          return assertion;
        } catch (InsufficientAttributeException e) {
          InsufficientAttributeException fault =
              FaultHelper.createFaultException(
                  InsufficientAttributeException.class, e.getMessage());
          FaultHelper.addCause(fault, e.getFault());
          throw fault;
        } catch (InvalidCredentialException e) {
          InvalidCredentialException fault =
              FaultHelper.createFaultException(InvalidCredentialException.class, e.getMessage());
          FaultHelper.addCause(fault, e.getFault());
          throw fault;
        } catch (Exception e) {
          AuthenticationProviderException fault =
              FaultHelper.createFaultException(
                  AuthenticationProviderException.class, e.getMessage());
          throw fault;
        }
      }

    } else {
      InvalidCredentialException fault =
          FaultHelper.createFaultException(
              InvalidCredentialException.class,
              "No basic authentication credential was provided, a basic authentication credential is required to authenticate to this service using the deprecated authenticate method.");
      throw fault;
    }
  }
  public void testAutoCredentialCreationRenew() {
    AssertionCredentialsManager cm = null;
    try {
      cm = Utils.getAssertionCredentialsManager();
      X509Certificate cert = cm.getIdPCertificate();
      assertNotNull(cert);
      assertNotNull(cm.getIdPKey());
      String expectedSub = Utils.CA_SUBJECT_PREFIX + ",CN=" + AssertionCredentialsManager.CERT_DN;
      assertEquals(expectedSub, cert.getSubjectDN().toString());

      String subject = cert.getSubjectDN().toString();
      KeyPair pair = KeyUtil.generateRSAKeyPair1024();
      GregorianCalendar cal = new GregorianCalendar();
      Date start = cal.getTime();
      cal.add(Calendar.SECOND, 6);
      Date end = cal.getTime();
      cm.deleteAssertingCredentials();
      X509Certificate shortCert = ca.signCertificate(subject, pair.getPublic(), start, end);

      cm.storeCredentials(shortCert, pair.getPrivate());

      X509Certificate idpShortCert = cm.getIdPCertificate();

      assertEquals(shortCert, idpShortCert);
      if (cert.equals(idpShortCert)) {
        assertTrue(false);
      }

      Thread.sleep(6500);
      assertTrue(CertUtil.isExpired(idpShortCert));
      X509Certificate renewedCert = cm.getIdPCertificate();
      assertNotNull(renewedCert);

      PrivateKey renewedKey = cm.getIdPKey();
      assertNotNull(renewedKey);

      assertTrue(!CertUtil.isExpired(renewedCert));

      if (renewedCert.equals(idpShortCert)) {
        assertTrue(false);
      }

      if (renewedKey.equals(pair.getPrivate())) {
        assertTrue(false);
      }

      SAMLAssertion saml =
          cm.getAuthenticationAssertion(TEST_UID, TEST_FIRST_NAME, TEST_LAST_NAME, TEST_EMAIL);
      verifySAMLAssertion(saml, cm);
      String xml = SAMLUtils.samlAssertionToString(saml);
      SAMLAssertion saml2 = SAMLUtils.stringToSAMLAssertion(xml);
      verifySAMLAssertion(saml2, cm);

    } catch (Exception e) {
      FaultUtil.printFault(e);
      assertTrue(false);
    } finally {
      try {
        cm.clearDatabase();
      } catch (Exception e) {
        e.printStackTrace();
      }
    }
  }