Package com.tivoli.am.fim.fedmgr2.trust.util

Class LocalSTSClient

java.lang.Object
com.tivoli.am.fim.fedmgr2.trust.util.LocalSTSClient
public class LocalSTSClient extends Object
A client used to invoke locally configured STS chains. The requests go via a bean interface, not over the SOAP interface. Here is an example invocation. Use the IDMappingExtUtils to simplify working with document/node objects 
 importClass(Packages.com.tivoli.am.fim.fedmgr2.trust.util.LocalSTSClient);
 importClass(Packages.com.tivoli.am.fim.trustserver.sts.utilities.IDMappingExtUtils);

 // Parse a base token. In this case a BinarySecurityToken containing a JWT.
 var base_token = IDMappingExtUtils.stringToXMLElement("invalid input: '<'wss:BinarySecurityToken xmlns:wss=\"http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd\" wss:EncodingType=\"http://ibm.com/2004/01/itfim/base64encode\" wss:ValueType=\"urn:com:ibm:JWT\">eyJhbGciOiJIUzI1NiJ9.eyJzdWIiOiIxMjM0NTY3ODkwIn0.Dt2W1GtOLnnqf4-PUr5Ns_9BuLLmwpWO5zBwN4fokX4invalid input: '<'/wss:BinarySecurityToken>");

 // Validate the token using the chain with isser and appliesTo value of 'jwt:validate', do not pass any claims.
  var res = LocalSTSClient.doRequest("http://schemas.xmlsoap.org/ws/2005/02/trust/Validate", "jwt:validate","jwt:validate", base_token, null)
  if (res.errorMessage == null) {
    var result_element_string = IDMappingExtUtils.xmlElementToString(res.token);
    IDMappingExtUtils.traceString("got result: " + result_element_string);
    // Do something with the result.
  } else {
    IDMappingExtUtils.throwSTSException("An error occurred invoking the STS: " + res.errorMessage);
  }

  • Constructor Details

    • LocalSTSClient

      public LocalSTSClient()

  • Method Details

    • doRequest

      public static LocalSTSClient.LocalSTSClientResult doRequest(String requestType, String appliesTo, String issuer, Element base, Element claims)
      Invoke the STS locally using a appliesTo and issuer for chain determination. 'base' will be added as a child node of the WS-Trust base token element. 'claims' will be added as a child node of the WS-Trust claims element.
      Parameters:
      requestType - WS-trust request type to use.
      appliesTo - used for chain determination.
      issuer - used fo chain determination.
      base - token to present.
      claims - to include in the request.

    • doRequest

      public static LocalSTSClient.LocalSTSClientResult doRequest(String requestType, String tokenType, Element base, Element claims)
      Invoke the STS locally using a token-type for chain determination. 'base' will be added as a child node of the WS-Trust base token element. 'claims' will be added as a child node of the WS-Trust claims element.
      Parameters:
      requestType - WS-trust request type to use.
      tokenType - used for chain determination.
      base - token to present.
      claims - to include in the request.