Examples with ApplicationUser org.finra.herd.model.dto.ApplicationUser used on opensource projects

Example 6 with ApplicationUser

use of org.finra.herd.model.dto.ApplicationUser in project herd by FINRAOS.

the class HttpHeaderAuthenticationFilter method doHttpFilter.

/**
 * Perform pre-authentication processing for Http Servlets.
 *
 * @param servletRequest the servlet request.
 * @param servletResponse the servlet response.
 * @param filterChain the filter chain.
 *
 * @throws IOException when an exception is thrown executing the next filter in chain.
 * @throws ServletException if a servlet exception was encountered.
 */
public void doHttpFilter(HttpServletRequest servletRequest, HttpServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
    if (securityHelper.isSecurityEnabled(servletRequest)) {
        // Build an application user from the current HTTP headers.
        ApplicationUser applicationUserNoRoles;
        try {
            applicationUserNoRoles = applicationUserBuilder.buildNoRoles(servletRequest);
        } catch (Exception ex) {
            applicationUserNoRoles = null;
        }
        if (applicationUserNoRoles == null) {
            // We were unable to find/build an application user (i.e. the user isn't logged on) so invalidate the current user if one exists.
            processUserNotLoggedIn(servletRequest);
        } else {
            LOGGER.debug("Current user Id: " + applicationUserNoRoles.getUserId() + ", Session Init Time: " + applicationUserNoRoles.getSessionInitTime());
            LOGGER.debug("User is logged in.");
            invalidateUser(servletRequest, false);
            // If the user is logged in, but no user information is in the security context holder, then perform the authentication
            // (which will automatically load the user information for us). This flow can be caused when a new user logs for the first time or
            // when a different user just logged in.
            authenticateUser(servletRequest);
        }
    }
    // Continue on to the next filter in the chain.
    filterChain.doFilter(servletRequest, servletResponse);
}

Example 7 with ApplicationUser

use of org.finra.herd.model.dto.ApplicationUser in project herd by FINRAOS.

the class HttpHeaderAuthenticationFilter method getExistingUserId.

/**
 * Gets the existing user Id.
 *
 * @return the existing user Id, session Id, or null if no existing user is present.
 */
protected String getExistingUserId() {
    String existingUserId = null;
    ApplicationUser applicationUser = getExistingUser();
    if (applicationUser != null) {
        existingUserId = applicationUser.getUserId();
    }
    return existingUserId;
}

Example 8 with ApplicationUser

use of org.finra.herd.model.dto.ApplicationUser in project herd by FINRAOS.

the class AbstractAppTest method validateHttpHeaderApplicationUser.

/**
 * Retrieves the user from the current spring security context and asserts that each of the properties of the user matches the given expected values.
 * Asserts that the principal stored in the current security context user is an instance of {@link SecurityUserWrapper}.
 *
 * @param expectedUserId the expected user Id.
 * @param expectedFirstName the expected first name.
 * @param expectedLastName the expected last name.
 * @param expectedEmail the expected e-mail.
 * @param expectedRoles the expected roles.
 * @param expectedSessionInitTime the expected session init time.
 * @param expectedFunctions the expected functions.
 *
 * @throws Exception if any errors were encountered.
 */
protected void validateHttpHeaderApplicationUser(String expectedUserId, String expectedFirstName, String expectedLastName, String expectedEmail, Set<String> expectedRoles, String expectedSessionInitTime, String[] expectedFunctions, Set<NamespaceAuthorization> expectedNamespaceAuthorizations) throws Exception {
    Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
    assertNotNull(authentication);
    Object principal = authentication.getPrincipal();
    assertNotNull("expected principal to be not null, but was null", principal);
    assertTrue("expected principal to be an instance of " + SecurityUserWrapper.class + ", but was an instance of  " + principal.getClass(), principal instanceof SecurityUserWrapper);
    SecurityUserWrapper user = (SecurityUserWrapper) principal;
    ApplicationUser applicationUser = user.getApplicationUser();
    assertEquals(expectedUserId, applicationUser.getUserId());
    assertEquals(expectedFirstName, applicationUser.getFirstName());
    assertEquals(expectedLastName, applicationUser.getLastName());
    assertEquals(expectedEmail, applicationUser.getEmail());
    assertEquals(expectedRoles, applicationUser.getRoles());
    if (StringUtils.isNotBlank(expectedSessionInitTime)) {
        assertEquals(DateUtils.parseDate(expectedSessionInitTime, HttpHeaderApplicationUserBuilder.CALENDAR_PATTERNS), applicationUser.getSessionInitTime());
    }
    assertNotNull(applicationUser.getSessionId());
    assertEquals(HttpHeaderApplicationUserBuilder.class, applicationUser.getGeneratedByClass());
    // Validate functions.
    if (expectedFunctions != null) {
        Set<String> functions = new HashSet<>();
        for (GrantedAuthority grantedAuthority : user.getAuthorities()) {
            functions.add(grantedAuthority.getAuthority());
        }
        for (String expectedFunction : expectedFunctions) {
            assertTrue(functions.contains(expectedFunction));
        }
    }
    // Validate namespace authorizations.
    if (expectedNamespaceAuthorizations != null) {
        assertEquals(expectedNamespaceAuthorizations, applicationUser.getNamespaceAuthorizations());
    }
}

Example 9 with ApplicationUser

use of org.finra.herd.model.dto.ApplicationUser in project herd by FINRAOS.

the class SecurityFilterChainTest method assertAuthenticatedUserId.

/**
 * Makes the following assertions about the given {@link Authentication}: <ol> <li>is not null</li> <li>principal is not null</li> <li>principal type is
 * {@link org.finra.herd.model.dto.SecurityUserWrapper}</li> <li>principal applicationUser is not null</li> <li>principal applicationUser userId equals
 * given userId</li> <li>principal applicationUser firstName equals given firstName</li> <li>principal applicationUser uesrId equals given userId</li>
 * <li>principal applicationUser sessionInitTime equals given sessionInitTime</li> </ol>
 *
 * @param expectedUserId
 * @param expectedFirstName
 * @param expectedSessionInitTime
 * @param authentication {@link Authentication} to assert
 */
private void assertAuthenticatedUserId(String expectedUserId, String expectedFirstName, Date expectedSessionInitTime, Authentication authentication) {
    Assert.assertNotNull("authentication is null", authentication);
    Assert.assertNotNull("authentication principal is null", authentication.getPrincipal());
    Assert.assertEquals("authentication principal type", SecurityUserWrapper.class, authentication.getPrincipal().getClass());
    SecurityUserWrapper securityUserWrapper = (SecurityUserWrapper) authentication.getPrincipal();
    ApplicationUser applicationUser = securityUserWrapper.getApplicationUser();
    Assert.assertNotNull("securityUserWrapper applicationUser is null", applicationUser);
    Assert.assertEquals("securityUserWrapper applicationUser userId", expectedUserId, applicationUser.getUserId());
    Assert.assertEquals("securityUserWrapper applicationUser firstName", expectedFirstName, applicationUser.getFirstName());
    Assert.assertEquals("securityUserWrapper applicationUser sessionInitTime", expectedSessionInitTime, applicationUser.getSessionInitTime());
}

Example 10 with ApplicationUser

use of org.finra.herd.model.dto.ApplicationUser in project herd by FINRAOS.

the class JobServiceTestHelper method setCurrentUserNamespaceAuthorizations.

/**
 * Sets specified namespace authorizations for the current user by updating the security context.
 *
 * @param namespace the namespace
 * @param namespacePermissions the list of namespace permissions
 */
public void setCurrentUserNamespaceAuthorizations(String namespace, List<NamespacePermissionEnum> namespacePermissions) {
    String username = AbstractServiceTest.USER_ID;
    ApplicationUser applicationUser = new ApplicationUser(getClass());
    applicationUser.setUserId(username);
    Set<NamespaceAuthorization> namespaceAuthorizations = new LinkedHashSet<>();
    namespaceAuthorizations.add(new NamespaceAuthorization(namespace, namespacePermissions));
    applicationUser.setNamespaceAuthorizations(namespaceAuthorizations);
    SecurityContextHolder.getContext().setAuthentication(new TestingAuthenticationToken(new SecurityUserWrapper(username, "password", false, false, false, false, Collections.emptyList(), applicationUser), null));
}