generatortest.java

开源的OpenId的一个java实现

/*
 * Copyright 2005-2007 WSO2, Inc. (http://wso2.com)
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
 * http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 */

package org.wso2.solutions.identity.cards;

import org.apache.axis2.addressing.EndpointReference;
import org.apache.rahas.RahasConstants;
import org.apache.xml.security.c14n.Canonicalizer;
import org.apache.xml.security.signature.XMLSignature;
import org.w3c.dom.Element;
import org.wso2.solutions.identity.IdentityConstants;
import org.wso2.solutions.identity.cards.model.CardModelException;
import org.wso2.solutions.identity.cards.model.Identity;
import org.wso2.solutions.identity.cards.model.InformationCard;
import org.wso2.solutions.identity.cards.model.InformationCardReference;
import org.wso2.solutions.identity.cards.model.Metadata;
import org.wso2.solutions.identity.cards.model.RequireAppliesTo;
import org.wso2.solutions.identity.cards.model.SupportedClaimType;
import org.wso2.solutions.identity.cards.model.SupportedClaimTypeList;
import org.wso2.solutions.identity.cards.model.SupportedTokenTypeList;
import org.wso2.solutions.identity.cards.model.TokenService;
import org.wso2.solutions.identity.cards.model.TokenServiceList;
import org.wso2.solutions.identity.cards.model.UserCredential;
import org.wso2.solutions.identity.cards.model.UsernamePasswordCredential;

import javax.xml.parsers.DocumentBuilderFactory;

import java.io.ByteArrayInputStream;
import java.io.FileOutputStream;
import java.io.InputStream;
import java.security.KeyStore;
import java.security.PrivateKey;
import java.security.cert.X509Certificate;
import java.util.Date;

import junit.framework.TestCase;

public class GeneratorTest extends TestCase {

    private String STORE_FILE = "store.jks";

    private String PASSWORD = "password";

    private String ALIAS = "bob";

    public void testSignature() throws Exception {
        // InputStream is = new FileInputStream(STORE_FILE);
        InputStream is = GeneratorTest.class.getClassLoader()
                .getResourceAsStream(STORE_FILE);
        KeyStore store = KeyStore.getInstance("JKS");
        store.load(is, PASSWORD.toCharArray());

        Generator gen = new Generator();
        gen.setSignatureAlgorithm(XMLSignature.ALGO_ID_SIGNATURE_RSA_SHA1);
        X509Certificate certificate = (X509Certificate) store
                .getCertificate(ALIAS);
        gen.setCert(certificate);

        gen.setCertChain(store.getCertificateChain(ALIAS));

        PrivateKey pk = (PrivateKey) store
                .getKey(ALIAS, PASSWORD.toCharArray());
        gen.setPrivateKey(pk);
        InformationCard infoCard = getInfoCard(certificate);
        Element elem = gen.signCard(infoCard);

        Canonicalizer c14n = Canonicalizer
                .getInstance(Canonicalizer.ALGO_ID_C14N_EXCL_OMIT_COMMENTS);
        byte[] c14nedBytes = c14n.canonicalizeSubtree(elem);

        FileOutputStream fo = new FileOutputStream("wso2infoCard.crd");
        fo.write(c14nedBytes, 0, c14nedBytes.length);
        fo.flush();
        fo.close();

        DocumentBuilderFactory dbf = DocumentBuilderFactory.newInstance();
        dbf.setNamespaceAware(true);

        ByteArrayInputStream bais = new ByteArrayInputStream(c14nedBytes);

        XMLSignature signature = new XMLSignature(dbf.newDocumentBuilder()
                .parse(bais).getDocumentElement(), null);
        boolean sig = signature.checkSignatureValue(certificate);
        System.out.println(sig);

    }

    private InformationCard getInfoCard(X509Certificate cert)
            throws CardModelException {

        InformationCard card = new InformationCard();

        InformationCardReference ref = new InformationCardReference(
                "http://foorbar/something/card123414", 1);
        card.setInformationCardReference(ref);

        card.setIssuer("https://10.100.1.182:8080/foo");

        Date now = new Date();
        Date exp = new Date(System.currentTimeMillis()
                + (1000 * 60 * 60 * 24 * 365));
        card.setTimeIssued(now);
        card.setTimeExpires(exp);

        card.setCardName("WSO2 STS : Card 2");

        EndpointReference epr = new EndpointReference("https://tools.wso2.net/");

        Identity id = new Identity();
        id.setCertificate(cert);

        Metadata mex = new Metadata("https://10.100.1.182:8080/foo/mex");

        epr.addExtensibleElement(id.serialize());
        epr.addMetaData(mex.serialize());

        // SelfIssuedCredential selfIsCred = new
        // SelfIssuedCredential("test-ppid");
        UsernamePasswordCredential upCred = new UsernamePasswordCredential();
        upCred.setUsername("ruchith");
        UserCredential userCred = new UserCredential(upCred);
        userCred.setDisplayCredentialHint("Personal Card Credential Hint");
        TokenService service = new TokenService(epr, userCred);
        TokenServiceList serviceList = new TokenServiceList();
        serviceList.addTokenService(service);

        card.setTokenServiceList(serviceList);

        SupportedTokenTypeList tokenTypeList = new SupportedTokenTypeList();
        tokenTypeList.addSupportedTokenType(RahasConstants.TOK_TYPE_SAML_10);
        card.setSupportedTokenTypeList(tokenTypeList);

        SupportedClaimType claimPpid = new SupportedClaimType(
                IdentityConstants.CLAIM_PPID);
        claimPpid.setDisplayTag("Private Personal Identifier");
        claimPpid.setDescription("Private Personal Identifier");

        SupportedClaimType claimNickname = new SupportedClaimType(
                IdentityConstants.CLAIM_NICKNAME);
        claimNickname.setDisplayTag("Nickname");
        claimNickname.setDescription("Nickname");

        SupportedClaimTypeList claimTypeList = new SupportedClaimTypeList();
        claimTypeList.addSupportedClaimType(claimPpid);
        claimTypeList.addSupportedClaimType(claimNickname);

        card.setSupportedClaimTypeList(claimTypeList);

        card.setRequireAppliesTo(new RequireAppliesTo());

        return card;
    }

}