Examples with IdmJwtAuthentication eu.bcvsolutions.idm.core.security.api.domain.IdmJwtAuthentication used on opensource projects

Search in sources :

Example 6 with IdmJwtAuthentication

use of eu.bcvsolutions.idm.core.security.api.domain.IdmJwtAuthentication in project CzechIdMng by bcvsolutions.

the class OAuthAuthenticationManagerTest method testAuthExpired.

/**
 * Expired tokens are not accepted.
 */
@Test(expected = ResultCodeException.class)
public void testAuthExpired() {
    IdmIdentityDto i = getTestIdentity();
    when(identityService.getByUsername(USER_NAME)).thenReturn(i);
    IdmJwtAuthentication authentication = getAuthentication(USER_NAME, DateTime.now().minusHours(1), DateTime.now().plusHours(2));
    authManager.authenticate(authentication);
    Assert.fail("Cannot authenticate with expired token.");
}
Also used : IdmJwtAuthentication(eu.bcvsolutions.idm.core.security.api.domain.IdmJwtAuthentication) IdmIdentityDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityDto) Test(org.junit.Test) AbstractUnitTest(eu.bcvsolutions.idm.test.api.AbstractUnitTest)

Example 7 with IdmJwtAuthentication

use of eu.bcvsolutions.idm.core.security.api.domain.IdmJwtAuthentication in project CzechIdMng by bcvsolutions.

the class AbstractWorkflowIntegrationTest method loginAsNoAdmin.

public void loginAsNoAdmin(String user) {
    Collection<GrantedAuthority> authorities = IdmAuthorityUtils.toAuthorities(moduleService.getAvailablePermissions()).stream().filter(authority -> {
        return !IdmGroupPermission.APP_ADMIN.equals(authority.getAuthority());
    }).collect(Collectors.toList());
    IdmIdentityDto identity = (IdmIdentityDto) lookupService.getDtoLookup(IdmIdentityDto.class).lookup(user);
    SecurityContextHolder.getContext().setAuthentication(new IdmJwtAuthentication(identity, null, authorities, "test"));
}
Also used : SpringProcessEngineConfiguration(org.activiti.spring.SpringProcessEngineConfiguration) AuthenticationTestUtils(eu.bcvsolutions.idm.test.api.utils.AuthenticationTestUtils) ActivitiRule(org.activiti.engine.test.ActivitiRule) Collection(java.util.Collection) ProcessEngineConfigurationImpl(org.activiti.engine.impl.cfg.ProcessEngineConfigurationImpl) IdmIdentityDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityDto) Autowired(org.springframework.beans.factory.annotation.Autowired) AutowireCapableBeanFactory(org.springframework.beans.factory.config.AutowireCapableBeanFactory) IdmJwtAuthentication(eu.bcvsolutions.idm.core.security.api.domain.IdmJwtAuthentication) Collectors(java.util.stream.Collectors) DefaultActivityBehaviorFactory(org.activiti.engine.impl.bpmn.parser.factory.DefaultActivityBehaviorFactory) GrantedAuthority(org.springframework.security.core.GrantedAuthority) IdentityService(org.activiti.engine.IdentityService) WorkflowDeploymentDto(eu.bcvsolutions.idm.core.workflow.api.dto.WorkflowDeploymentDto) Rule(org.junit.Rule) LookupService(eu.bcvsolutions.idm.core.api.service.LookupService) IdmAuthorityUtils(eu.bcvsolutions.idm.core.security.api.utils.IdmAuthorityUtils) WorkflowDeploymentService(eu.bcvsolutions.idm.core.workflow.api.service.WorkflowDeploymentService) Ignore(org.junit.Ignore) ModuleService(eu.bcvsolutions.idm.core.api.service.ModuleService) IdmGroupPermission(eu.bcvsolutions.idm.core.security.api.domain.IdmGroupPermission) SecurityContextHolder(org.springframework.security.core.context.SecurityContextHolder) InputStream(java.io.InputStream) Before(org.junit.Before) GrantedAuthority(org.springframework.security.core.GrantedAuthority) IdmJwtAuthentication(eu.bcvsolutions.idm.core.security.api.domain.IdmJwtAuthentication) IdmIdentityDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityDto)

Example 8 with IdmJwtAuthentication

use of eu.bcvsolutions.idm.core.security.api.domain.IdmJwtAuthentication in project CzechIdMng by bcvsolutions.

the class DefaultIdmAutomaticRoleRequestServiceIntegrationTest method notRightForExecuteImmediatelyExceptionTest.

@Test(expected = RoleRequestException.class)
public void notRightForExecuteImmediatelyExceptionTest() {
    this.logout();
    IdmIdentityDto identity = helper.createIdentity();
    // Log as user without right for immediately execute role request (without
    // approval)
    Collection<GrantedAuthority> authorities = IdmAuthorityUtils.toAuthorities(moduleService.getAvailablePermissions()).stream().filter(authority -> {
        return !CoreGroupPermission.AUTOMATIC_ROLE_REQUEST_ADMIN.equals(authority.getAuthority()) && !IdmGroupPermission.APP_ADMIN.equals(authority.getAuthority());
    }).collect(Collectors.toList());
    SecurityContextHolder.getContext().setAuthentication(new IdmJwtAuthentication(new IdmIdentityDto(identity.getUsername()), null, authorities, "test"));
    IdmRoleDto role = prepareRole();
    IdmAutomaticRoleRequestDto request = new IdmAutomaticRoleRequestDto();
    request.setState(RequestState.EXECUTED);
    request.setOperation(RequestOperationType.ADD);
    request.setRequestType(AutomaticRoleRequestType.ATTRIBUTE);
    request.setExecuteImmediately(true);
    request.setName(role.getName());
    request.setRole(role.getId());
    request = roleRequestService.save(request);
    Assert.assertEquals(RequestState.CONCEPT, request.getState());
    IdmAutomaticRoleAttributeRuleRequestDto rule = new IdmAutomaticRoleAttributeRuleRequestDto();
    rule.setRequest(request.getId());
    rule.setOperation(RequestOperationType.ADD);
    rule.setAttributeName(IdmIdentity_.username.getName());
    rule.setComparison(AutomaticRoleAttributeRuleComparison.EQUALS);
    rule.setType(AutomaticRoleAttributeRuleType.IDENTITY);
    rule.setValue("test");
    rule = ruleRequestService.save(rule);
    // We expect exception state (we don`t have right for execute without approval)
    roleRequestService.startRequestInternal(request.getId(), true);
}
Also used : RequestState(eu.bcvsolutions.idm.core.api.domain.RequestState) IdmIdentityRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityRoleDto) IdmTreeNodeDto(eu.bcvsolutions.idm.core.api.dto.IdmTreeNodeDto) RoleRequestException(eu.bcvsolutions.idm.core.api.exception.RoleRequestException) Autowired(org.springframework.beans.factory.annotation.Autowired) IdmAutomaticRoleAttributeRuleFilter(eu.bcvsolutions.idm.core.api.dto.filter.IdmAutomaticRoleAttributeRuleFilter) WorkflowTaskInstanceDto(eu.bcvsolutions.idm.core.workflow.model.dto.WorkflowTaskInstanceDto) IdmAutomaticRoleRequestDto(eu.bcvsolutions.idm.core.api.dto.IdmAutomaticRoleRequestDto) AutomaticRoleManager(eu.bcvsolutions.idm.core.api.service.AutomaticRoleManager) AutowireHelper(eu.bcvsolutions.idm.core.api.utils.AutowireHelper) IdmAutomaticRoleAttributeDto(eu.bcvsolutions.idm.core.api.dto.IdmAutomaticRoleAttributeDto) CoreGroupPermission(eu.bcvsolutions.idm.core.model.domain.CoreGroupPermission) IdmAutomaticRoleAttributeRuleRequestDto(eu.bcvsolutions.idm.core.api.dto.IdmAutomaticRoleAttributeRuleRequestDto) IdmAutomaticRoleAttributeRuleDto(eu.bcvsolutions.idm.core.api.dto.IdmAutomaticRoleAttributeRuleDto) ResultCodeException(eu.bcvsolutions.idm.core.api.exception.ResultCodeException) After(org.junit.After) WorkflowTaskInstanceService(eu.bcvsolutions.idm.core.workflow.service.WorkflowTaskInstanceService) Assert.fail(org.junit.Assert.fail) ModuleService(eu.bcvsolutions.idm.core.api.service.ModuleService) SecurityContextHolder(org.springframework.security.core.context.SecurityContextHolder) AutomaticRoleAttributeRuleType(eu.bcvsolutions.idm.core.api.domain.AutomaticRoleAttributeRuleType) IdmAutomaticRoleAttributeRuleRequestService(eu.bcvsolutions.idm.core.api.service.IdmAutomaticRoleAttributeRuleRequestService) Collection(java.util.Collection) AcceptedException(eu.bcvsolutions.idm.core.api.exception.AcceptedException) UUID(java.util.UUID) Collectors(java.util.stream.Collectors) GrantedAuthority(org.springframework.security.core.GrantedAuthority) List(java.util.List) ProcessAutomaticRoleByAttributeTaskExecutor(eu.bcvsolutions.idm.core.scheduler.task.impl.ProcessAutomaticRoleByAttributeTaskExecutor) IdmAutomaticRoleAttributeRuleService(eu.bcvsolutions.idm.core.api.service.IdmAutomaticRoleAttributeRuleService) IdmAutomaticRoleAttributeService(eu.bcvsolutions.idm.core.api.service.IdmAutomaticRoleAttributeService) RequestOperationType(eu.bcvsolutions.idm.core.api.domain.RequestOperationType) IdmRoleTreeNodeService(eu.bcvsolutions.idm.core.api.service.IdmRoleTreeNodeService) IdmConfigurationService(eu.bcvsolutions.idm.core.api.service.IdmConfigurationService) IdmJwtAuthentication(eu.bcvsolutions.idm.core.security.api.domain.IdmJwtAuthentication) IdmAutomaticRoleRequestService(eu.bcvsolutions.idm.core.api.service.IdmAutomaticRoleRequestService) IdmAuthorityUtils(eu.bcvsolutions.idm.core.security.api.utils.IdmAuthorityUtils) AbstractCoreWorkflowIntegrationTest(eu.bcvsolutions.idm.core.AbstractCoreWorkflowIntegrationTest) IdmRoleGuaranteeDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleGuaranteeDto) TestHelper(eu.bcvsolutions.idm.test.api.TestHelper) WorkflowFilterDto(eu.bcvsolutions.idm.core.workflow.model.dto.WorkflowFilterDto) AutomaticRoleRequestType(eu.bcvsolutions.idm.core.api.domain.AutomaticRoleRequestType) Before(org.junit.Before) InitTestData(eu.bcvsolutions.idm.InitTestData) IdmIdentityRoleService(eu.bcvsolutions.idm.core.api.service.IdmIdentityRoleService) LongRunningTaskManager(eu.bcvsolutions.idm.core.scheduler.api.service.LongRunningTaskManager) IdmIdentityDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityDto) IdmRoleService(eu.bcvsolutions.idm.core.api.service.IdmRoleService) Test(org.junit.Test) IdmRoleTreeNodeDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleTreeNodeDto) IdmRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleDto) AutomaticRoleAttributeRuleComparison(eu.bcvsolutions.idm.core.api.domain.AutomaticRoleAttributeRuleComparison) IdmIdentity_(eu.bcvsolutions.idm.core.model.entity.IdmIdentity_) IdmGroupPermission(eu.bcvsolutions.idm.core.security.api.domain.IdmGroupPermission) Assert(org.junit.Assert) IdmRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleDto) IdmAutomaticRoleAttributeRuleRequestDto(eu.bcvsolutions.idm.core.api.dto.IdmAutomaticRoleAttributeRuleRequestDto) IdmAutomaticRoleRequestDto(eu.bcvsolutions.idm.core.api.dto.IdmAutomaticRoleRequestDto) GrantedAuthority(org.springframework.security.core.GrantedAuthority) IdmJwtAuthentication(eu.bcvsolutions.idm.core.security.api.domain.IdmJwtAuthentication) IdmIdentityDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityDto) AbstractCoreWorkflowIntegrationTest(eu.bcvsolutions.idm.core.AbstractCoreWorkflowIntegrationTest) Test(org.junit.Test)

Example 9 with IdmJwtAuthentication

use of eu.bcvsolutions.idm.core.security.api.domain.IdmJwtAuthentication in project CzechIdMng by bcvsolutions.

the class ExtendExpirationFilter method doExtendExpiration.

/**
 * Extends token expiration time. There two types of extensions,
 * either by just setting new expiration time or by issuing
 * a fresh token. A fresh token is issued only if the original
 * one in HTTP request is expired or authorities change and
 * user signed in by other means than IdM JWT token (remote OAuth / Basic...).
 *
 * The token with extended expiration is set into a response header.
 *
 * @param req
 * @param res
 */
private void doExtendExpiration(HttpServletRequest req, HttpServletResponse res) {
    if (ctx.isDisabledOrNotExists()) {
        // he cannot be disabled or nonexistent
        return;
    }
    IdmJwtAuthenticationDto token = ctx.getToken();
    token.setExpiration(getNewExpiration());
    // this is a valid state and we only issue a fresh IdM token
    if (ctx.isExpired() || ctx.isAuthoritiesChanged()) {
        token = jwtTokenMapper.toDto((IdmJwtAuthentication) SecurityContextHolder.getContext().getAuthentication());
    }
    try {
        res.setHeader(JwtAuthenticationMapper.AUTHENTICATION_TOKEN_NAME, jwtTokenMapper.writeToken(token));
    } catch (IOException e) {
        LOG.warn("Cannot write token with extended expiration header!");
    }
}
Also used : IdmJwtAuthentication(eu.bcvsolutions.idm.core.security.api.domain.IdmJwtAuthentication) IdmJwtAuthenticationDto(eu.bcvsolutions.idm.core.security.api.dto.IdmJwtAuthenticationDto) IOException(java.io.IOException)

Example 10 with IdmJwtAuthentication

use of eu.bcvsolutions.idm.core.security.api.domain.IdmJwtAuthentication in project CzechIdMng by bcvsolutions.

the class DefaultJwtAuthenticationService method createJwtAuthenticationAndAuthenticate.

@Override
public LoginDto createJwtAuthenticationAndAuthenticate(LoginDto loginDto, IdmIdentityDto identity, String module) {
    IdmJwtAuthentication authentication = new IdmJwtAuthentication(identity, getAuthExpiration(), grantedAuthoritiesFactory.getGrantedAuthorities(loginDto.getUsername()), module);
    oauthAuthenticationManager.authenticate(authentication);
    IdmJwtAuthenticationDto authenticationDto = jwtTokenMapper.toDto(authentication);
    try {
        loginDto.setAuthenticationModule(module);
        loginDto.setAuthentication(authenticationDto);
        loginDto.setToken(jwtTokenMapper.writeToken(authenticationDto));
        return loginDto;
    } catch (IOException ex) {
        throw new IdmAuthenticationException(ex.getMessage(), ex);
    }
}
Also used : IdmAuthenticationException(eu.bcvsolutions.idm.core.security.exception.IdmAuthenticationException) IdmJwtAuthentication(eu.bcvsolutions.idm.core.security.api.domain.IdmJwtAuthentication) IdmJwtAuthenticationDto(eu.bcvsolutions.idm.core.security.api.dto.IdmJwtAuthenticationDto) IOException(java.io.IOException)

Aggregations

IdmJwtAuthentication (eu.bcvsolutions.idm.core.security.api.domain.IdmJwtAuthentication)14 IdmIdentityDto (eu.bcvsolutions.idm.core.api.dto.IdmIdentityDto)10 Test (org.junit.Test)6 GrantedAuthority (org.springframework.security.core.GrantedAuthority)6 ModuleService (eu.bcvsolutions.idm.core.api.service.ModuleService)4 IdmGroupPermission (eu.bcvsolutions.idm.core.security.api.domain.IdmGroupPermission)4 IdmAuthorityUtils (eu.bcvsolutions.idm.core.security.api.utils.IdmAuthorityUtils)4 AbstractUnitTest (eu.bcvsolutions.idm.test.api.AbstractUnitTest)4 Collection (java.util.Collection)4 Collectors (java.util.stream.Collectors)4 Before (org.junit.Before)4 Autowired (org.springframework.beans.factory.annotation.Autowired)4 SecurityContextHolder (org.springframework.security.core.context.SecurityContextHolder)4 InitTestData (eu.bcvsolutions.idm.InitTestData)2 AbstractCoreWorkflowIntegrationTest (eu.bcvsolutions.idm.core.AbstractCoreWorkflowIntegrationTest)2 IdmIdentityRoleDto (eu.bcvsolutions.idm.core.api.dto.IdmIdentityRoleDto)2 IdmRoleDto (eu.bcvsolutions.idm.core.api.dto.IdmRoleDto)2 RoleRequestException (eu.bcvsolutions.idm.core.api.exception.RoleRequestException)2 IdmConfigurationService (eu.bcvsolutions.idm.core.api.service.IdmConfigurationService)2 IdmIdentityRoleService (eu.bcvsolutions.idm.core.api.service.IdmIdentityRoleService)2
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial