Example 86 with SimpleGrantedAuthority
use of org.springframework.security.core.authority.SimpleGrantedAuthority in project ORCID-Source by ORCID.
the class DefaultPermissionCheckerTest method testCheckClientPermissionsAuthenticationScopesOrcidAndOrcidMessage.
@Test
@Transactional
@Rollback
public void testCheckClientPermissionsAuthenticationScopesOrcidAndOrcidMessage() throws Exception {
Set<String> resourceIds = new HashSet<String>(Arrays.asList("orcid"));
HashSet<GrantedAuthority> grantedAuthorities = new HashSet<GrantedAuthority>(Arrays.asList(new SimpleGrantedAuthority("ROLE_CLIENT")));
AuthorizationRequest request = new AuthorizationRequest("APP-5555555555555555", Arrays.asList("/orcid-bio/external-identifiers/create"));
request.setAuthorities(grantedAuthorities);
request.setResourceIds(resourceIds);
OAuth2Authentication oAuth2Authentication = new OrcidOAuth2Authentication(request, null, "made-up-token");
ScopePathType requiredScope = ScopePathType.ORCID_BIO_EXTERNAL_IDENTIFIERS_CREATE;
OrcidMessage orcidMessage = getOrcidMessage();
orcidMessage.getOrcidProfile().getOrcidIdentifier().setPath("4444-4444-4444-4447");
String messageOrcid = orcidMessage.getOrcidProfile().getOrcidIdentifier().getPath();
defaultPermissionChecker.checkPermissions(oAuth2Authentication, requiredScope, messageOrcid, orcidMessage);
}
Also used :
SimpleGrantedAuthority(org.springframework.security.core.authority.SimpleGrantedAuthority)
AuthorizationRequest(org.springframework.security.oauth2.provider.AuthorizationRequest)
ScopePathType(org.orcid.jaxb.model.message.ScopePathType)
SimpleGrantedAuthority(org.springframework.security.core.authority.SimpleGrantedAuthority)
GrantedAuthority(org.springframework.security.core.GrantedAuthority)
OAuth2Authentication(org.springframework.security.oauth2.provider.OAuth2Authentication)
OrcidOAuth2Authentication(org.orcid.core.oauth.OrcidOAuth2Authentication)
OrcidMessage(org.orcid.jaxb.model.message.OrcidMessage)
OrcidOAuth2Authentication(org.orcid.core.oauth.OrcidOAuth2Authentication)
HashSet(java.util.HashSet)
DBUnitTest(org.orcid.test.DBUnitTest)
Test(org.junit.Test)
Rollback(org.springframework.test.annotation.Rollback)
Transactional(org.springframework.transaction.annotation.Transactional)
Example 87 with SimpleGrantedAuthority
use of org.springframework.security.core.authority.SimpleGrantedAuthority in project ORCID-Source by ORCID.
the class DefaultPermissionCheckerTest method testCheckUserPermissionsAuthenticationScopesOrcidAndOrcidMessage.
@Test
@Rollback
@Transactional
public void testCheckUserPermissionsAuthenticationScopesOrcidAndOrcidMessage() throws Exception {
Set<String> resourceIds = new HashSet<String>(Arrays.asList("orcid"));
HashSet<GrantedAuthority> grantedAuthorities = new HashSet<GrantedAuthority>(Arrays.asList(new SimpleGrantedAuthority("ROLE_CLIENT")));
AuthorizationRequest request = new AuthorizationRequest("4444-4444-4444-4441", Arrays.asList("/orcid-bio/external-identifiers/create"));
request.setAuthorities(grantedAuthorities);
request.setResourceIds(resourceIds);
ProfileEntity entity = profileEntityManager.findByOrcid("4444-4444-4444-4446");
OrcidOauth2UserAuthentication oauth2UserAuthentication = new OrcidOauth2UserAuthentication(entity, true);
OAuth2Authentication oAuth2Authentication = new OrcidOAuth2Authentication(request, oauth2UserAuthentication, "made-up-token");
ScopePathType requiredScope = ScopePathType.ORCID_BIO_EXTERNAL_IDENTIFIERS_CREATE;
OrcidMessage orcidMessage = getOrcidMessage();
String messageOrcid = orcidMessage.getOrcidProfile().getOrcidIdentifier().getPath();
defaultPermissionChecker.checkPermissions(oAuth2Authentication, requiredScope, messageOrcid, orcidMessage);
}
Also used :
AuthorizationRequest(org.springframework.security.oauth2.provider.AuthorizationRequest)
SimpleGrantedAuthority(org.springframework.security.core.authority.SimpleGrantedAuthority)
GrantedAuthority(org.springframework.security.core.GrantedAuthority)
OrcidOAuth2Authentication(org.orcid.core.oauth.OrcidOAuth2Authentication)
ProfileEntity(org.orcid.persistence.jpa.entities.ProfileEntity)
SimpleGrantedAuthority(org.springframework.security.core.authority.SimpleGrantedAuthority)
ScopePathType(org.orcid.jaxb.model.message.ScopePathType)
OAuth2Authentication(org.springframework.security.oauth2.provider.OAuth2Authentication)
OrcidOAuth2Authentication(org.orcid.core.oauth.OrcidOAuth2Authentication)
OrcidMessage(org.orcid.jaxb.model.message.OrcidMessage)
OrcidOauth2UserAuthentication(org.orcid.core.oauth.OrcidOauth2UserAuthentication)
HashSet(java.util.HashSet)
DBUnitTest(org.orcid.test.DBUnitTest)
Test(org.junit.Test)
Rollback(org.springframework.test.annotation.Rollback)
Transactional(org.springframework.transaction.annotation.Transactional)
Example 88 with SimpleGrantedAuthority
use of org.springframework.security.core.authority.SimpleGrantedAuthority in project incubator-atlas by apache.
the class UserDao method loadUserByUsername.
public User loadUserByUsername(final String username) throws AuthenticationException {
String userdetailsStr = userLogins.getProperty(username);
if (userdetailsStr == null || userdetailsStr.isEmpty()) {
throw new UsernameNotFoundException("Username not found." + username);
}
String password = "";
String role = "";
String[] dataArr = userdetailsStr.split("::");
if (dataArr != null && dataArr.length == 2) {
role = dataArr[0];
password = dataArr[1];
} else {
LOG.error("User role credentials is not set properly for {}", username);
throw new AtlasAuthenticationException("User role credentials is not set properly for " + username);
}
List<GrantedAuthority> grantedAuths = new ArrayList<>();
if (StringUtils.hasText(role)) {
grantedAuths.add(new SimpleGrantedAuthority(role));
} else {
LOG.error("User role credentials is not set properly for {}", username);
throw new AtlasAuthenticationException("User role credentials is not set properly for " + username);
}
User userDetails = new User(username, password, grantedAuths);
return userDetails;
}
Also used :
UsernameNotFoundException(org.springframework.security.core.userdetails.UsernameNotFoundException)
SimpleGrantedAuthority(org.springframework.security.core.authority.SimpleGrantedAuthority)
User(org.apache.atlas.web.model.User)
SimpleGrantedAuthority(org.springframework.security.core.authority.SimpleGrantedAuthority)
GrantedAuthority(org.springframework.security.core.GrantedAuthority)
ArrayList(java.util.ArrayList)
AtlasAuthenticationException(org.apache.atlas.web.security.AtlasAuthenticationException)
Example 89 with SimpleGrantedAuthority
use of org.springframework.security.core.authority.SimpleGrantedAuthority in project incubator-atlas by apache.
the class AtlasAbstractAuthenticationProvider method getAuthorities.
/**
* This method will be modified when actual roles are introduced.
*
*/
protected List<GrantedAuthority> getAuthorities(String username) {
final List<GrantedAuthority> grantedAuths = new ArrayList<>();
grantedAuths.add(new SimpleGrantedAuthority("DATA_SCIENTIST"));
return grantedAuths;
}
Also used :
SimpleGrantedAuthority(org.springframework.security.core.authority.SimpleGrantedAuthority)
SimpleGrantedAuthority(org.springframework.security.core.authority.SimpleGrantedAuthority)
GrantedAuthority(org.springframework.security.core.GrantedAuthority)
ArrayList(java.util.ArrayList)
Example 90 with SimpleGrantedAuthority
use of org.springframework.security.core.authority.SimpleGrantedAuthority in project incubator-atlas by apache.
the class AtlasAbstractAuthenticationProvider method getAuthoritiesFromUGI.
public static List<GrantedAuthority> getAuthoritiesFromUGI(String userName) {
List<GrantedAuthority> grantedAuths = new ArrayList<GrantedAuthority>();
UserGroupInformation ugi = UserGroupInformation.createRemoteUser(userName);
if (ugi != null) {
String[] userGroups = ugi.getGroupNames();
if (userGroups != null) {
for (String group : userGroups) {
grantedAuths.add(new SimpleGrantedAuthority(group));
}
}
}
// if group empty take groups from UGI LDAP-based group mapping
if (grantedAuths != null && grantedAuths.isEmpty()) {
try {
Configuration config = new Configuration();
Groups gp = new Groups(config);
List<String> userGroups = gp.getGroups(userName);
if (userGroups != null) {
for (String group : userGroups) {
grantedAuths.add(new SimpleGrantedAuthority(group));
}
}
} catch (java.io.IOException e) {
LOG.error("Exception while fetching groups ", e);
}
}
return grantedAuths;
}
Also used :
SimpleGrantedAuthority(org.springframework.security.core.authority.SimpleGrantedAuthority)
Configuration(org.apache.hadoop.conf.Configuration)
Groups(org.apache.hadoop.security.Groups)
SimpleGrantedAuthority(org.springframework.security.core.authority.SimpleGrantedAuthority)
GrantedAuthority(org.springframework.security.core.GrantedAuthority)
ArrayList(java.util.ArrayList)
UserGroupInformation(org.apache.hadoop.security.UserGroupInformation)
Aggregations
SimpleGrantedAuthority (org.springframework.security.core.authority.SimpleGrantedAuthority)109
GrantedAuthority (org.springframework.security.core.GrantedAuthority)64
Test (org.junit.Test)49
ArrayList (java.util.ArrayList)30
Authentication (org.springframework.security.core.Authentication)27
UsernamePasswordAuthenticationToken (org.springframework.security.authentication.UsernamePasswordAuthenticationToken)22
HashSet (java.util.HashSet)14
User (org.springframework.security.core.userdetails.User)11
ObjectIdentity (org.springframework.security.acls.model.ObjectIdentity)8
OAuth2Authentication (org.springframework.security.oauth2.provider.OAuth2Authentication)8
MutableAcl (org.springframework.security.acls.model.MutableAcl)7
AnonymousAuthenticationToken (org.springframework.security.authentication.AnonymousAuthenticationToken)7
TestingAuthenticationToken (org.springframework.security.authentication.TestingAuthenticationToken)7
AuthorizationRequest (org.springframework.security.oauth2.provider.AuthorizationRequest)7
Before (org.junit.Before)6
OrcidOAuth2Authentication (org.orcid.core.oauth.OrcidOAuth2Authentication)6
ScopePathType (org.orcid.jaxb.model.message.ScopePathType)6
List (java.util.List)5
Map (java.util.Map)5
DBUnitTest (org.orcid.test.DBUnitTest)5
