/*
* Copyright (C) 2012 Intel Corporation
* All rights reserved.
*/
package api.quickstart;
import com.intel.mtwilson.ApiClient;
import com.intel.mtwilson.ApiClientFactory;
import com.intel.mtwilson.KeystoreUtil;
import com.intel.mtwilson.TrustAssertion;
import com.intel.mtwilson.api.MtWilson;
import com.intel.dcsg.cpg.io.ByteArrayResource;
import com.intel.mtwilson.model.*;
import com.intel.dcsg.cpg.tls.policy.impl.InsecureTlsPolicy;
import com.intel.dcsg.cpg.tls.policy.TlsPolicy;
import com.intel.mtwilson.My;
import com.intel.mtwilson.saml.TrustAssertion.HostTrustAssertion;
import java.io.File;
import java.net.URL;
import java.security.cert.X509Certificate;
import java.util.Set;
import org.apache.commons.codec.binary.Base64;
import org.junit.Test;
import static org.junit.Assert.*;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
/**
*
* @author jbuhacoff
*/
public class JavaQuickstartExamples {
private Logger log = LoggerFactory.getLogger(getClass());
@Test
public void register() throws Exception {
File directory = new File(System.getProperty("user.home", "."));
String username = "myusername"; // you choose a username
String password = "changeit"; // you choose a password
URL server = new URL("http://127.0.0.1:8080/mtwilson/v1");
String[] roles = new String[] { "Attestation", "Whitelist" };
KeystoreUtil.createUserInDirectory(directory, username, password, server, roles);
}
/*
@Test
public void registerV2() throws Exception {
ByteArrayResource keystoreResource = new ByteArrayResource();
String keystoreUsername = "jonathan";
String keystorePassword = "password";
URL wsUrl = new URL("https://10.1.71.88:8181");
TlsPolicy tlsPolicy = new InsecureTlsPolicy();
String[] roles = new String[] { "Attestation", "Whitelist" };
ApiClientFactory factory = new ApiClientFactory();
factory.createUserInResource(keystoreResource, keystoreUsername, keystorePassword, wsUrl, tlsPolicy, roles);
MtWilson client = factory.clientForUserInResource(keystoreResource, keystoreUsername, keystorePassword, wsUrl, tlsPolicy);
X509Certificate samlCertificate = client.getSamlCertificate();
System.out.println("Mt Wilson SAML Certificate: "+samlCertificate.getSubjectX500Principal().getName());
}*/
@Test
public void testSaml() throws Exception {
File directory = new File(System.getProperty("user.home", "."));
String username = "myusername"; // you choose a username
String password = "changeit"; // you choose a password
URL server = new URL("https://10.1.71.230:8443"); // your Mt Wilson server
ApiClient api = KeystoreUtil.clientForUserInDirectory(directory, username, password, server);
String saml = api.getSamlForHost(new Hostname("10.1.70.142"));
TrustAssertion trust = api.verifyTrustAssertion(saml);
assertNotNull(trust);
Set<String> hostnames = trust.getHosts();
for(String hostname : hostnames) {
HostTrustAssertion hostTrustAssertion = trust.getTrustAssertion(hostname);
log.debug("SAML Issuer: {}", hostTrustAssertion.getIssuer());
log.debug("SAML Issued On: {}", hostTrustAssertion.getDate().toString());
log.debug("SAML Subject: {}", hostTrustAssertion.getSubject());
for(String attr : hostTrustAssertion.getAttributeNames()) {
log.debug("Host {}: {}", attr, hostTrustAssertion.getStringAttribute(attr));
}
assertNull(hostTrustAssertion.getAikCertificate());
log.debug("AIK Certificate: {}", hostTrustAssertion.getAikCertificate() == null ? "null" : Base64.encodeBase64String(hostTrustAssertion.getAikCertificate().getEncoded()));
}
}
}