Example 21 with SSOToken
use of com.iplanet.sso.SSOToken in project OpenAM by OpenRock.
the class SpecialOrAdminOrAgentAuthzModuleTest method shouldAuthorizeSpecialUser.
@Test
public void shouldAuthorizeSpecialUser() throws Exception {
//given
SSOTokenContext mockSSOTokenContext = mock(SSOTokenContext.class);
SSOToken mockSSOToken = mock(SSOToken.class);
Principal principal = mock(Principal.class);
given(mockSSOToken.getPrincipal()).willReturn(principal);
given(mockSSOTokenContext.getCallerSSOToken()).willReturn(mockSSOToken);
given(mockSSOToken.getProperty(Constants.UNIVERSAL_IDENTIFIER)).willReturn("test");
given(mockAgentIdentity.isAgent(mockSSOToken)).willReturn(false);
given(mockSpecialUserIdentity.isSpecialUser(mockSSOToken)).willReturn(true);
given(mockService.isSuperUser("test")).willReturn(false);
//when
Promise<AuthorizationResult, ResourceException> result = testModule.authorize(mockSSOTokenContext);
//then
assertTrue(result.get().isAuthorized());
}
Also used :
SSOToken(com.iplanet.sso.SSOToken)
SSOTokenContext(org.forgerock.openam.rest.resource.SSOTokenContext)
ResourceException(org.forgerock.json.resource.ResourceException)
AuthorizationResult(org.forgerock.authz.filter.api.AuthorizationResult)
Principal(java.security.Principal)
Test(org.testng.annotations.Test)
BeforeTest(org.testng.annotations.BeforeTest)
Example 22 with SSOToken
use of com.iplanet.sso.SSOToken in project OpenAM by OpenRock.
the class SpecialOrAdminOrAgentAuthzModuleTest method shouldAuthorizeAgent.
@Test
public void shouldAuthorizeAgent() throws Exception {
//given
SSOTokenContext mockSSOTokenContext = mock(SSOTokenContext.class);
SSOToken mockSSOToken = mock(SSOToken.class);
Principal principal = mock(Principal.class);
given(mockSSOToken.getPrincipal()).willReturn(principal);
given(mockSSOTokenContext.getCallerSSOToken()).willReturn(mockSSOToken);
given(mockSSOToken.getProperty(Constants.UNIVERSAL_IDENTIFIER)).willReturn("test");
given(mockAgentIdentity.isAgent(mockSSOToken)).willReturn(true);
given(mockSpecialUserIdentity.isSpecialUser(mockSSOToken)).willReturn(false);
given(mockService.isSuperUser("test")).willReturn(false);
//when
Promise<AuthorizationResult, ResourceException> result = testModule.authorize(mockSSOTokenContext);
//then
assertTrue(result.get().isAuthorized());
}
Also used :
SSOToken(com.iplanet.sso.SSOToken)
SSOTokenContext(org.forgerock.openam.rest.resource.SSOTokenContext)
ResourceException(org.forgerock.json.resource.ResourceException)
AuthorizationResult(org.forgerock.authz.filter.api.AuthorizationResult)
Principal(java.security.Principal)
Test(org.testng.annotations.Test)
BeforeTest(org.testng.annotations.BeforeTest)
Example 23 with SSOToken
use of com.iplanet.sso.SSOToken in project OpenAM by OpenRock.
the class SpecialOrAdminOrAgentAuthzModuleTest method shouldErrorInvalidContext.
@Test
public void shouldErrorInvalidContext() throws Exception {
//given
SSOTokenContext mockSSOTokenContext = mock(SSOTokenContext.class);
SSOToken mockSSOToken = mock(SSOToken.class);
Principal principal = mock(Principal.class);
given(mockSSOToken.getPrincipal()).willReturn(principal);
given(mockSSOTokenContext.getCallerSSOToken()).willReturn(mockSSOToken);
given(mockSSOToken.getProperty(Constants.UNIVERSAL_IDENTIFIER)).willThrow(new SSOException(""));
//when
Promise<AuthorizationResult, ResourceException> result = testModule.authorize(mockSSOTokenContext);
//then
assertFalse(result.get().isAuthorized());
}
Also used :
SSOToken(com.iplanet.sso.SSOToken)
SSOTokenContext(org.forgerock.openam.rest.resource.SSOTokenContext)
SSOException(com.iplanet.sso.SSOException)
ResourceException(org.forgerock.json.resource.ResourceException)
AuthorizationResult(org.forgerock.authz.filter.api.AuthorizationResult)
Principal(java.security.Principal)
Test(org.testng.annotations.Test)
BeforeTest(org.testng.annotations.BeforeTest)
Example 24 with SSOToken
use of com.iplanet.sso.SSOToken in project OpenAM by OpenRock.
the class RestRouterIT method setupMocks.
@BeforeMethod
public void setupMocks() {
MockitoAnnotations.initMocks(this);
configResource = mock(SingletonResourceProvider.class);
usersResource = mock(CollectionResourceProvider.class);
internalResource = mock(CollectionResourceProvider.class);
dashboardResource = spy(new DashboardResource());
authenticateResource = spy(new AuthenticateResource());
httpAccessAuditFilter = spy(new AbstractHttpAccessAuditFilter(AUTHENTICATION, mock(AuditEventPublisher.class), mock(AuditEventFactory.class)) {
@Override
protected String getRealm(Context context) {
return null;
}
});
auditEventPublisher = mock(AuditEventPublisher.class);
auditServiceProvider = mock(AuditServiceProvider.class);
versionBehaviourManager = mock(ResourceApiVersionBehaviourManager.class);
ssoTokenManager = mock(SSOTokenManager.class);
authUtilsWrapper = mock(AuthUtilsWrapper.class);
coreWrapper = mock(CoreWrapper.class);
SSOToken adminToken = mock(SSOToken.class);
given(coreWrapper.getAdminToken()).willReturn(adminToken);
given(coreWrapper.isValidFQDN(anyString())).willReturn(true);
realmValidator = mock(RestRealmValidator.class);
}
Also used :
RootContext(org.forgerock.services.context.RootContext)
RequestAuditContext(org.forgerock.services.context.RequestAuditContext)
HttpContext(org.forgerock.json.resource.http.HttpContext)
SessionContext(org.forgerock.http.session.SessionContext)
SSOTokenContext(org.forgerock.openam.rest.resource.SSOTokenContext)
AttributesContext(org.forgerock.services.context.AttributesContext)
SecurityContext(org.forgerock.services.context.SecurityContext)
Context(org.forgerock.services.context.Context)
SSOTokenManager(com.iplanet.sso.SSOTokenManager)
CoreWrapper(org.forgerock.openam.core.CoreWrapper)
AuditServiceProvider(org.forgerock.openam.audit.AuditServiceProvider)
SSOToken(com.iplanet.sso.SSOToken)
SingletonResourceProvider(org.forgerock.json.resource.SingletonResourceProvider)
AuditEventPublisher(org.forgerock.openam.audit.AuditEventPublisher)
CollectionResourceProvider(org.forgerock.json.resource.CollectionResourceProvider)
AuthUtilsWrapper(org.forgerock.openam.authentication.service.AuthUtilsWrapper)
AuditEventFactory(org.forgerock.openam.audit.AuditEventFactory)
ResourceApiVersionBehaviourManager(org.forgerock.http.routing.ResourceApiVersionBehaviourManager)
RestRealmValidator(org.forgerock.openam.rest.router.RestRealmValidator)
AbstractHttpAccessAuditFilter(org.forgerock.openam.audit.AbstractHttpAccessAuditFilter)
BeforeMethod(org.testng.annotations.BeforeMethod)
Example 25 with SSOToken
use of com.iplanet.sso.SSOToken in project OpenAM by OpenRock.
the class ElevatedConnectionFactoryWrapperTest method requestGetsElevatedToAdminSession.
@Test
public void requestGetsElevatedToAdminSession() throws Exception {
// Given
SSOToken ssoToken = mock(SSOToken.class);
given(ssoTokenPrivilegedAction.run()).willReturn(ssoToken);
SSOPrincipal principal = new SSOPrincipal("test");
given(ssoToken.getPrincipal()).willReturn(principal);
SSOTokenID tokenID = mock(SSOTokenID.class);
given(ssoToken.getTokenID()).willReturn(tokenID);
given(internalConnectionFactory.getConnection()).willReturn(connection);
// When
RootContext context = new RootContext();
ReadRequest readRequest = Requests.newReadRequest("/test", "abc");
try (Connection connection = connectionFactory.getConnection()) {
connection.read(context, readRequest);
}
// Then
verify(connection).read(contextCaptor.capture(), eq(readRequest));
Context capturedContext = contextCaptor.getValue();
assertThat(capturedContext.containsContext(SecurityContext.class)).isTrue();
SecurityContext securityContext = capturedContext.asContext(SecurityContext.class);
assertThat(securityContext.getAuthenticationId()).isEqualTo("test");
assertThat(securityContext.getAuthorization()).containsOnlyKeys("authLevel", "tokenId");
}
Also used :
SSOTokenID(com.iplanet.sso.SSOTokenID)
RootContext(org.forgerock.services.context.RootContext)
SecurityContext(org.forgerock.services.context.SecurityContext)
Context(org.forgerock.services.context.Context)
RootContext(org.forgerock.services.context.RootContext)
SSOToken(com.iplanet.sso.SSOToken)
SSOPrincipal(com.iplanet.sso.providers.dpro.SSOPrincipal)
Connection(org.forgerock.json.resource.Connection)
SecurityContext(org.forgerock.services.context.SecurityContext)
ReadRequest(org.forgerock.json.resource.ReadRequest)
Test(org.testng.annotations.Test)
Aggregations
SSOToken (com.iplanet.sso.SSOToken)776
SSOException (com.iplanet.sso.SSOException)390
Set (java.util.Set)226
SMSException (com.sun.identity.sm.SMSException)218
HashSet (java.util.HashSet)179
IdRepoException (com.sun.identity.idm.IdRepoException)144
HashMap (java.util.HashMap)130
Test (org.testng.annotations.Test)130
CLIException (com.sun.identity.cli.CLIException)117
Iterator (java.util.Iterator)115
AMIdentity (com.sun.identity.idm.AMIdentity)113
Map (java.util.Map)113
IOutput (com.sun.identity.cli.IOutput)99
IOException (java.io.IOException)68
List (java.util.List)57
AMIdentityRepository (com.sun.identity.idm.AMIdentityRepository)56
IdType (com.sun.identity.idm.IdType)54
ServiceConfigManager (com.sun.identity.sm.ServiceConfigManager)53
EntitlementException (com.sun.identity.entitlement.EntitlementException)52
ServiceConfig (com.sun.identity.sm.ServiceConfig)52
