Example 1 with SimpleGrantedAuthority
use of org.springframework.security.core.authority.SimpleGrantedAuthority in project Activiti by Activiti.
the class BasicAuthenticationProvider method authenticate.
@Override
public Authentication authenticate(Authentication authentication) throws AuthenticationException {
String name = authentication.getName();
String password = authentication.getCredentials().toString();
boolean authenticated = identityService.checkPassword(name, password);
if (authenticated) {
List<Group> groups = identityService.createGroupQuery().groupMember(name).list();
Collection<GrantedAuthority> grantedAuthorities = new ArrayList<GrantedAuthority>();
for (Group group : groups) {
grantedAuthorities.add(new SimpleGrantedAuthority(group.getId()));
}
identityService.setAuthenticatedUserId(name);
return new UsernamePasswordAuthenticationToken(name, password, grantedAuthorities);
} else {
throw new BadCredentialsException("Authentication failed for this username and password");
}
}
Also used :
Group(org.activiti.engine.identity.Group)
SimpleGrantedAuthority(org.springframework.security.core.authority.SimpleGrantedAuthority)
SimpleGrantedAuthority(org.springframework.security.core.authority.SimpleGrantedAuthority)
GrantedAuthority(org.springframework.security.core.GrantedAuthority)
ArrayList(java.util.ArrayList)
UsernamePasswordAuthenticationToken(org.springframework.security.authentication.UsernamePasswordAuthenticationToken)
BadCredentialsException(org.springframework.security.authentication.BadCredentialsException)
Example 2 with SimpleGrantedAuthority
use of org.springframework.security.core.authority.SimpleGrantedAuthority in project ORCID-Source by ORCID.
the class StatsApiServiceBaseImplTest method init.
@Before
public void init() {
// create our mock data
List<StatisticValuesEntity> statsTimelineValues = new ArrayList<StatisticValuesEntity>();
List<StatisticValuesEntity> statsSummaryValues = new ArrayList<StatisticValuesEntity>();
StatisticValuesEntity a = new StatisticValuesEntity();
a.setId(1l);
a.setStatisticName(StatisticsEnum.KEY_LIVE_IDS.value());
a.setStatisticValue(100l);
StatisticKeyEntity akey = new StatisticKeyEntity();
akey.setGenerationDate(new Date(2000, 1, 1));
akey.setId(200L);
a.setKey(akey);
StatisticValuesEntity b = new StatisticValuesEntity();
b.setId(1l);
b.setStatisticName(StatisticsEnum.KEY_LIVE_IDS.value());
b.setStatisticValue(101l);
StatisticKeyEntity bkey = new StatisticKeyEntity();
bkey.setGenerationDate(new Date(1999, 1, 1));
bkey.setId(201L);
b.setKey(bkey);
StatisticValuesEntity c = new StatisticValuesEntity();
c.setId(1l);
c.setStatisticName(StatisticsEnum.KEY_NUMBER_OF_WORKS.value());
c.setStatisticValue(102l);
c.setKey(akey);
statsTimelineValues.add(a);
statsTimelineValues.add(b);
statsSummaryValues.add(a);
statsSummaryValues.add(c);
// mock the methods used
when(statisticsDao.getLatestKey()).thenReturn(akey);
when(statisticsDao.getStatistic(StatisticsEnum.KEY_LIVE_IDS.value())).thenReturn(statsTimelineValues);
when(statisticsDao.getStatistic(200l)).thenReturn(statsSummaryValues);
// mock the methods used
StatisticKeyEntity key200 = new StatisticKeyEntity();
key200.setId(200L);
key200.setGenerationDate(new Date(2000, 1, 1));
StatisticKeyEntity key201 = new StatisticKeyEntity();
key201.setId(201L);
key201.setGenerationDate(new Date(1999, 1, 1));
when(statisticsDao.getKey(200L)).thenReturn(key200);
when(statisticsDao.getKey(201L)).thenReturn(key201);
TargetProxyHelper.injectIntoProxy(statsManagerReadOnly, "statisticsDaoReadOnly", statisticsDao);
// setup security context
ArrayList<GrantedAuthority> roles = new ArrayList<GrantedAuthority>();
roles.add(new SimpleGrantedAuthority("ROLE_ANONYMOUS"));
Authentication auth = new AnonymousAuthenticationToken("anonymous", "anonymous", roles);
SecurityContextHolder.getContext().setAuthentication(auth);
}
Also used :
SimpleGrantedAuthority(org.springframework.security.core.authority.SimpleGrantedAuthority)
StatisticValuesEntity(org.orcid.statistics.jpa.entities.StatisticValuesEntity)
StatisticKeyEntity(org.orcid.statistics.jpa.entities.StatisticKeyEntity)
Authentication(org.springframework.security.core.Authentication)
SimpleGrantedAuthority(org.springframework.security.core.authority.SimpleGrantedAuthority)
GrantedAuthority(org.springframework.security.core.GrantedAuthority)
ArrayList(java.util.ArrayList)
AnonymousAuthenticationToken(org.springframework.security.authentication.AnonymousAuthenticationToken)
Date(java.util.Date)
Before(org.junit.Before)
Example 3 with SimpleGrantedAuthority
use of org.springframework.security.core.authority.SimpleGrantedAuthority in project ORCID-Source by ORCID.
the class OrcidAuthorizationCodeServiceTest method getAuthorizationRequest.
public AuthorizationRequest getAuthorizationRequest(String clientId) {
Set<GrantedAuthority> grantedAuthorities = new HashSet<GrantedAuthority>(Arrays.asList(new SimpleGrantedAuthority("ROLE_USER")));
Set<String> resourceIds = new HashSet<>();
resourceIds.add("orcid");
Map<String, String> params = new HashMap<String, String>();
params.put(OAuth2Utils.CLIENT_ID, clientId);
params.put(OAuth2Utils.SCOPE, "a-scope");
AuthorizationRequest authorizationRequest = oAuth2RequestFactory.createAuthorizationRequest(params);
authorizationRequest.setAuthorities(grantedAuthorities);
authorizationRequest.setResourceIds(resourceIds);
return authorizationRequest;
}
Also used :
SimpleGrantedAuthority(org.springframework.security.core.authority.SimpleGrantedAuthority)
AuthorizationRequest(org.springframework.security.oauth2.provider.AuthorizationRequest)
HashMap(java.util.HashMap)
SimpleGrantedAuthority(org.springframework.security.core.authority.SimpleGrantedAuthority)
GrantedAuthority(org.springframework.security.core.GrantedAuthority)
HashSet(java.util.HashSet)
Example 4 with SimpleGrantedAuthority
use of org.springframework.security.core.authority.SimpleGrantedAuthority in project ORCID-Source by ORCID.
the class DefaultOAuthClientVisibilityTest method testCheckClientPermissionsAllowOnlyPublicAndLimitedVisibility.
@Test
@Transactional
@Rollback
public void testCheckClientPermissionsAllowOnlyPublicAndLimitedVisibility() throws Exception {
Set<String> resourceIds = new HashSet<String>(Arrays.asList("orcid"));
HashSet<GrantedAuthority> grantedAuthorities = new HashSet<GrantedAuthority>(Arrays.asList(new SimpleGrantedAuthority("ROLE_CLIENT")));
AuthorizationRequest request = new AuthorizationRequest("4444-4444-4444-4446", Arrays.asList("/orcid-bio/external-identifiers/create"));
request.setAuthorities(grantedAuthorities);
request.setResourceIds(resourceIds);
ProfileEntity entity = new ProfileEntity("4444-4444-4444-4446");
OrcidOauth2UserAuthentication oauth2UserAuthentication = new OrcidOauth2UserAuthentication(entity, true);
// we care only that an OAuth client request results in the correct
// visibilities
OrcidOAuth2Authentication oAuth2Authentication = new OrcidOAuth2Authentication(request, oauth2UserAuthentication, "made-up-token");
OrcidOauth2TokenDetail tokenDetail = new OrcidOauth2TokenDetail();
tokenDetail.setScope("/orcid-bio/external-identifiers/create");
tokenDetail.setDateCreated(new Date());
when(orcidOauth2TokenDetailService.findNonDisabledByTokenValue(any(String.class))).thenReturn(tokenDetail);
ScopePathType scopePathType = ScopePathType.ORCID_BIO_EXTERNAL_IDENTIFIERS_CREATE;
Set<Visibility> visibilitiesForClient = permissionChecker.obtainVisibilitiesForAuthentication(oAuth2Authentication, scopePathType, getOrcidMessage());
assertTrue(visibilitiesForClient.size() == 3);
assertTrue(visibilitiesForClient.contains(Visibility.LIMITED));
assertTrue(visibilitiesForClient.contains(Visibility.REGISTERED_ONLY));
assertTrue(visibilitiesForClient.contains(Visibility.PUBLIC));
}
Also used :
AuthorizationRequest(org.springframework.security.oauth2.provider.AuthorizationRequest)
SimpleGrantedAuthority(org.springframework.security.core.authority.SimpleGrantedAuthority)
GrantedAuthority(org.springframework.security.core.GrantedAuthority)
OrcidOAuth2Authentication(org.orcid.core.oauth.OrcidOAuth2Authentication)
ProfileEntity(org.orcid.persistence.jpa.entities.ProfileEntity)
Date(java.util.Date)
SimpleGrantedAuthority(org.springframework.security.core.authority.SimpleGrantedAuthority)
ScopePathType(org.orcid.jaxb.model.message.ScopePathType)
OrcidOauth2UserAuthentication(org.orcid.core.oauth.OrcidOauth2UserAuthentication)
Visibility(org.orcid.jaxb.model.message.Visibility)
OrcidOauth2TokenDetail(org.orcid.persistence.jpa.entities.OrcidOauth2TokenDetail)
HashSet(java.util.HashSet)
Test(org.junit.Test)
BaseTest(org.orcid.core.BaseTest)
Rollback(org.springframework.test.annotation.Rollback)
Transactional(org.springframework.transaction.annotation.Transactional)
Example 5 with SimpleGrantedAuthority
use of org.springframework.security.core.authority.SimpleGrantedAuthority in project ORCID-Source by ORCID.
the class DefaultPermissionCheckerTest method testCheckPermissionsAuthenticationScopePathTypesAndOrcid.
@Test
public void testCheckPermissionsAuthenticationScopePathTypesAndOrcid() throws Exception {
Set<String> resourceIds = new HashSet<String>(Arrays.asList("orcid"));
HashSet<GrantedAuthority> grantedAuthorities = new HashSet<GrantedAuthority>(Arrays.asList(new SimpleGrantedAuthority("ROLE_CLIENT")));
AuthorizationRequest request = new AuthorizationRequest("4444-4444-4444-4441", Arrays.asList(ScopePathType.ORCID_BIO_READ_LIMITED.value()));
request.setAuthorities(grantedAuthorities);
request.setResourceIds(resourceIds);
OAuth2Authentication oAuth2Authentication = new OrcidOAuth2Authentication(request, null, "made-up-token");
ScopePathType requiredScope = ScopePathType.ORCID_BIO_READ_LIMITED;
defaultPermissionChecker.checkPermissions(oAuth2Authentication, requiredScope, "4444-4444-4444-4447");
}
Also used :
SimpleGrantedAuthority(org.springframework.security.core.authority.SimpleGrantedAuthority)
AuthorizationRequest(org.springframework.security.oauth2.provider.AuthorizationRequest)
ScopePathType(org.orcid.jaxb.model.message.ScopePathType)
SimpleGrantedAuthority(org.springframework.security.core.authority.SimpleGrantedAuthority)
GrantedAuthority(org.springframework.security.core.GrantedAuthority)
OAuth2Authentication(org.springframework.security.oauth2.provider.OAuth2Authentication)
OrcidOAuth2Authentication(org.orcid.core.oauth.OrcidOAuth2Authentication)
OrcidOAuth2Authentication(org.orcid.core.oauth.OrcidOAuth2Authentication)
HashSet(java.util.HashSet)
DBUnitTest(org.orcid.test.DBUnitTest)
Test(org.junit.Test)
Aggregations
SimpleGrantedAuthority (org.springframework.security.core.authority.SimpleGrantedAuthority)482
GrantedAuthority (org.springframework.security.core.GrantedAuthority)292
ArrayList (java.util.ArrayList)180
UsernamePasswordAuthenticationToken (org.springframework.security.authentication.UsernamePasswordAuthenticationToken)145
Test (org.junit.Test)112
Authentication (org.springframework.security.core.Authentication)105
Test (org.junit.jupiter.api.Test)94
User (org.springframework.security.core.userdetails.User)89
UserDetails (org.springframework.security.core.userdetails.UserDetails)70
HashSet (java.util.HashSet)49
SecurityContext (org.springframework.security.core.context.SecurityContext)46
StandaloneSession (org.pentaho.platform.engine.core.system.StandaloneSession)28
Collection (java.util.Collection)24
UsernameNotFoundException (org.springframework.security.core.userdetails.UsernameNotFoundException)24
IPentahoUser (org.pentaho.platform.api.engine.security.userroledao.IPentahoUser)21
Jwt (org.springframework.security.oauth2.jwt.Jwt)20
List (java.util.List)19
BadCredentialsException (org.springframework.security.authentication.BadCredentialsException)18
MockHttpServletRequestBuilder (org.springframework.test.web.servlet.request.MockHttpServletRequestBuilder)18
HashMap (java.util.HashMap)17
