Example 1 with ACLAccessControllerImpl
use of com.disney.http.auth.server.ACLAccessControllerImpl in project groovity by disney.
the class TestDigestAuth method testDigest.
@Test
public void testDigest() throws Exception {
DigestVerifierImpl verifier = new DigestVerifierImpl();
Map<String, String> pmap = new HashMap<String, String>();
List<String> accessList = new ArrayList<String>();
ACLAccessControllerImpl acl = new ACLAccessControllerImpl();
acl.setAcl(accessList);
pmap.put("mykey", "mypass");
PasswordDigester pc = new MapPasswordDigester(pmap);
verifier.setPasswordDigesters(Arrays.asList(pc));
verifier.setAccessControllers(Arrays.asList((AccessController) acl));
MockHttpServletRequest request = new MockHttpServletRequest();
request.setRequestURI("/");
ServerAuthorizationRequest areq = new ServletAuthorizationRequest(request);
VerifierResult result = verifier.verify(areq);
Assert.assertEquals(ERROR_MISSING_CREDENTIALS, result.getMessage());
String challenge = result.getChallenge();
Pattern noncePattern = Pattern.compile("nonce=\"([^\"]+)\"");
Matcher matcher = noncePattern.matcher(challenge);
if (!matcher.find()) {
throw new Exception("No nonce found in challenge");
}
String nonce = matcher.group(1);
Pattern opaquePattern = Pattern.compile("opaque=\"([^\"]+)\"");
matcher = opaquePattern.matcher(challenge);
if (!matcher.find()) {
throw new Exception("No opaque found in challenge");
}
String opaque = matcher.group(1);
DigestAuthorization ad = new DigestAuthorization();
ad.setNonce(nonce);
ad.setCnonce("ClientNonce");
ad.setNonceCount("000001");
ad.setOpaque(opaque);
ad.setQop("auth");
ad.setUri("/");
ad.setUsername("mykey");
ad.setDigest(new byte[0]);
ad.setRealm(verifier.getRealm());
request.addHeader("Authorization", ad.toString());
result = verifier.verify(areq);
Assert.assertEquals(ERROR_UNKNOWN_CREDENTIALS, result.getMessage());
// now fix the digest
/*
StringBuilder signingString = new StringBuilder();
signingString.append(digest("mykey",verifier.getRealm(),"mypass"));
signingString.append(":").append(nonce).append(":").append(ad.getNonceCount()).append(":").append(ad.getCnonce()).append(":auth:");
signingString.append(digest("GET",ad.getUri()));
*/
request = new MockHttpServletRequest();
areq = new ServletAuthorizationRequest(request);
request.setMethod("GET");
request.setRequestURI("/");
String signingString = ad.generateSigningString("mykey", "mypass", new ServletAuthorizationRequest(request));
MessageDigest md5 = MessageDigest.getInstance("MD5");
ad.setDigest(md5.digest(signingString.toString().getBytes()));
request.addHeader("Authorization", ad.toString());
result = verifier.verify(areq);
Assert.assertTrue("Expected successful authentication", result.isAuthenticated());
Assert.assertFalse("Expected failed authorization", result.isAuthorized());
accessList.add("mykey");
result = verifier.verify(areq);
Assert.assertTrue("Expected successful authentication", result.isAuthenticated());
Assert.assertTrue("Expected successful authorization", result.isAuthorized());
}
Also used :
DigestAuthorization(com.disney.http.auth.DigestAuthorization)
Pattern(java.util.regex.Pattern)
HashMap(java.util.HashMap)
MapPasswordDigester(com.disney.http.auth.server.digest.MapPasswordDigester)
PasswordDigester(com.disney.http.auth.server.digest.PasswordDigester)
Matcher(java.util.regex.Matcher)
MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest)
ArrayList(java.util.ArrayList)
ServletAuthorizationRequest(com.disney.http.auth.server.ServletAuthorizationRequest)
MapPasswordDigester(com.disney.http.auth.server.digest.MapPasswordDigester)
AccessController(com.disney.http.auth.server.AccessController)
VerifierResult(com.disney.http.auth.server.VerifierResult)
MessageDigest(java.security.MessageDigest)
ACLAccessControllerImpl(com.disney.http.auth.server.ACLAccessControllerImpl)
DigestVerifierImpl(com.disney.http.auth.server.digest.DigestVerifierImpl)
ServerAuthorizationRequest(com.disney.http.auth.server.ServerAuthorizationRequest)
Test(org.junit.Test)
Example 2 with ACLAccessControllerImpl
use of com.disney.http.auth.server.ACLAccessControllerImpl in project groovity by disney.
the class VerifierFactory method processCommon.
@SuppressWarnings({ "rawtypes", "unchecked" })
private void processCommon(AbstractVerifier verifier, Map map, Class scriptClass) throws InstantiationException, IllegalAccessException, ClassNotFoundException {
List<AccessController> accessControllers = new ArrayList<AccessController>();
String realm = resolve(map, "realm", String.class);
if (realm != null) {
verifier.setRealm(realm);
}
List acl = resolve(map, "acl", List.class);
if (acl != null) {
accessControllers.add(new ACLAccessControllerImpl(acl));
}
Object ac = resolve(map, "accessController", Object.class);
if (ac != null) {
addAccessController(ac, accessControllers, scriptClass);
}
List<Object> acs = resolve(map, "accessControllers", List.class);
if (acs != null) {
for (Object c : acs) {
addAccessController(c, accessControllers, scriptClass);
}
}
verifier.setAccessControllers(accessControllers);
}
Also used :
AccessController(com.disney.http.auth.server.AccessController)
ArrayList(java.util.ArrayList)
List(java.util.List)
ArrayList(java.util.ArrayList)
ACLAccessControllerImpl(com.disney.http.auth.server.ACLAccessControllerImpl)
Example 3 with ACLAccessControllerImpl
use of com.disney.http.auth.server.ACLAccessControllerImpl in project groovity by disney.
the class XmlPolicyParser method processAcl.
private static AccessController processAcl(Element acl) {
ArrayList<String> keyIds = new ArrayList<String>();
NodeList kids = acl.getChildNodes();
for (int i = 0; i < kids.getLength(); i++) {
Node n = kids.item(i);
if (n instanceof Element) {
Element k = (Element) n;
if (k.getNodeName().equals("keyId")) {
keyIds.add(k.getTextContent().trim());
}
}
}
return new ACLAccessControllerImpl(keyIds);
}
Also used :
NodeList(org.w3c.dom.NodeList)
Node(org.w3c.dom.Node)
Element(org.w3c.dom.Element)
ArrayList(java.util.ArrayList)
ACLAccessControllerImpl(com.disney.http.auth.server.ACLAccessControllerImpl)
Example 4 with ACLAccessControllerImpl
use of com.disney.http.auth.server.ACLAccessControllerImpl in project groovity by disney.
the class TestBasicAuth method testBasic.
@Test
public void testBasic() throws Exception {
BasicVerifierImpl verifier = new BasicVerifierImpl();
Map<String, String> pmap = new HashMap<String, String>();
List<String> accessList = new ArrayList<String>();
ACLAccessControllerImpl acl = new ACLAccessControllerImpl();
acl.setAcl(accessList);
pmap.put("mykey", "mypass");
PasswordChecker pc = new MapPasswordChecker(pmap);
verifier.setPasswordCheckers(Arrays.asList(pc));
verifier.setAccessControllers(Arrays.asList((AccessController) acl));
MockHttpServletRequest request = new MockHttpServletRequest();
ServerAuthorizationRequest areq = new ServletAuthorizationRequest(request);
VerifierResult result = verifier.verify(areq);
Assert.assertEquals(ERROR_MISSING_CREDENTIALS, result.getMessage());
request.addHeader("Authorization", "Basic " + DatatypeConverter.printBase64Binary("mykey:wrongpass".getBytes()));
result = verifier.verify(areq);
Assert.assertEquals(ERROR_UNKNOWN_CREDENTIALS, result.getMessage());
request = new MockHttpServletRequest();
request.addHeader("Authorization", "Basic " + DatatypeConverter.printBase64Binary("mykey:mypass".getBytes()));
areq = new ServletAuthorizationRequest(request);
result = verifier.verify(areq);
Assert.assertTrue("Expected successful authentication", result.isAuthenticated());
Assert.assertFalse("Expected failed authorization", result.isAuthorized());
accessList.add("mykey");
result = verifier.verify(areq);
Assert.assertTrue("Expected successful authentication", result.isAuthenticated());
Assert.assertTrue("Expected successful authorization", result.isAuthorized());
}
Also used :
HashMap(java.util.HashMap)
MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest)
ArrayList(java.util.ArrayList)
ServletAuthorizationRequest(com.disney.http.auth.server.ServletAuthorizationRequest)
PasswordChecker(com.disney.http.auth.server.basic.PasswordChecker)
MapPasswordChecker(com.disney.http.auth.server.basic.MapPasswordChecker)
AccessController(com.disney.http.auth.server.AccessController)
VerifierResult(com.disney.http.auth.server.VerifierResult)
ACLAccessControllerImpl(com.disney.http.auth.server.ACLAccessControllerImpl)
MapPasswordChecker(com.disney.http.auth.server.basic.MapPasswordChecker)
ServerAuthorizationRequest(com.disney.http.auth.server.ServerAuthorizationRequest)
BasicVerifierImpl(com.disney.http.auth.server.basic.BasicVerifierImpl)
Test(org.junit.Test)
Aggregations
ACLAccessControllerImpl (com.disney.http.auth.server.ACLAccessControllerImpl)4
ArrayList (java.util.ArrayList)4
AccessController (com.disney.http.auth.server.AccessController)3
ServerAuthorizationRequest (com.disney.http.auth.server.ServerAuthorizationRequest)2
ServletAuthorizationRequest (com.disney.http.auth.server.ServletAuthorizationRequest)2
VerifierResult (com.disney.http.auth.server.VerifierResult)2
HashMap (java.util.HashMap)2
Test (org.junit.Test)2
MockHttpServletRequest (org.springframework.mock.web.MockHttpServletRequest)2
DigestAuthorization (com.disney.http.auth.DigestAuthorization)1
BasicVerifierImpl (com.disney.http.auth.server.basic.BasicVerifierImpl)1
MapPasswordChecker (com.disney.http.auth.server.basic.MapPasswordChecker)1
PasswordChecker (com.disney.http.auth.server.basic.PasswordChecker)1
DigestVerifierImpl (com.disney.http.auth.server.digest.DigestVerifierImpl)1
MapPasswordDigester (com.disney.http.auth.server.digest.MapPasswordDigester)1
PasswordDigester (com.disney.http.auth.server.digest.PasswordDigester)1
MessageDigest (java.security.MessageDigest)1
List (java.util.List)1
Matcher (java.util.regex.Matcher)1
Pattern (java.util.regex.Pattern)1
