use of com.disney.http.auth.server.ACLAccessControllerImpl in project groovity by disney.
the class TestDigestAuth method testDigest.
@Test
public void testDigest() throws Exception {
DigestVerifierImpl verifier = new DigestVerifierImpl();
Map<String, String> pmap = new HashMap<String, String>();
List<String> accessList = new ArrayList<String>();
ACLAccessControllerImpl acl = new ACLAccessControllerImpl();
acl.setAcl(accessList);
pmap.put("mykey", "mypass");
PasswordDigester pc = new MapPasswordDigester(pmap);
verifier.setPasswordDigesters(Arrays.asList(pc));
verifier.setAccessControllers(Arrays.asList((AccessController) acl));
MockHttpServletRequest request = new MockHttpServletRequest();
request.setRequestURI("/");
ServerAuthorizationRequest areq = new ServletAuthorizationRequest(request);
VerifierResult result = verifier.verify(areq);
Assert.assertEquals(ERROR_MISSING_CREDENTIALS, result.getMessage());
String challenge = result.getChallenge();
Pattern noncePattern = Pattern.compile("nonce=\"([^\"]+)\"");
Matcher matcher = noncePattern.matcher(challenge);
if (!matcher.find()) {
throw new Exception("No nonce found in challenge");
}
String nonce = matcher.group(1);
Pattern opaquePattern = Pattern.compile("opaque=\"([^\"]+)\"");
matcher = opaquePattern.matcher(challenge);
if (!matcher.find()) {
throw new Exception("No opaque found in challenge");
}
String opaque = matcher.group(1);
DigestAuthorization ad = new DigestAuthorization();
ad.setNonce(nonce);
ad.setCnonce("ClientNonce");
ad.setNonceCount("000001");
ad.setOpaque(opaque);
ad.setQop("auth");
ad.setUri("/");
ad.setUsername("mykey");
ad.setDigest(new byte[0]);
ad.setRealm(verifier.getRealm());
request.addHeader("Authorization", ad.toString());
result = verifier.verify(areq);
Assert.assertEquals(ERROR_UNKNOWN_CREDENTIALS, result.getMessage());
// now fix the digest
/*
StringBuilder signingString = new StringBuilder();
signingString.append(digest("mykey",verifier.getRealm(),"mypass"));
signingString.append(":").append(nonce).append(":").append(ad.getNonceCount()).append(":").append(ad.getCnonce()).append(":auth:");
signingString.append(digest("GET",ad.getUri()));
*/
request = new MockHttpServletRequest();
areq = new ServletAuthorizationRequest(request);
request.setMethod("GET");
request.setRequestURI("/");
String signingString = ad.generateSigningString("mykey", "mypass", new ServletAuthorizationRequest(request));
MessageDigest md5 = MessageDigest.getInstance("MD5");
ad.setDigest(md5.digest(signingString.toString().getBytes()));
request.addHeader("Authorization", ad.toString());
result = verifier.verify(areq);
Assert.assertTrue("Expected successful authentication", result.isAuthenticated());
Assert.assertFalse("Expected failed authorization", result.isAuthorized());
accessList.add("mykey");
result = verifier.verify(areq);
Assert.assertTrue("Expected successful authentication", result.isAuthenticated());
Assert.assertTrue("Expected successful authorization", result.isAuthorized());
}
use of com.disney.http.auth.server.ACLAccessControllerImpl in project groovity by disney.
the class VerifierFactory method processCommon.
@SuppressWarnings({ "rawtypes", "unchecked" })
private void processCommon(AbstractVerifier verifier, Map map, Class scriptClass) throws InstantiationException, IllegalAccessException, ClassNotFoundException {
List<AccessController> accessControllers = new ArrayList<AccessController>();
String realm = resolve(map, "realm", String.class);
if (realm != null) {
verifier.setRealm(realm);
}
List acl = resolve(map, "acl", List.class);
if (acl != null) {
accessControllers.add(new ACLAccessControllerImpl(acl));
}
Object ac = resolve(map, "accessController", Object.class);
if (ac != null) {
addAccessController(ac, accessControllers, scriptClass);
}
List<Object> acs = resolve(map, "accessControllers", List.class);
if (acs != null) {
for (Object c : acs) {
addAccessController(c, accessControllers, scriptClass);
}
}
verifier.setAccessControllers(accessControllers);
}
use of com.disney.http.auth.server.ACLAccessControllerImpl in project groovity by disney.
the class XmlPolicyParser method processAcl.
private static AccessController processAcl(Element acl) {
ArrayList<String> keyIds = new ArrayList<String>();
NodeList kids = acl.getChildNodes();
for (int i = 0; i < kids.getLength(); i++) {
Node n = kids.item(i);
if (n instanceof Element) {
Element k = (Element) n;
if (k.getNodeName().equals("keyId")) {
keyIds.add(k.getTextContent().trim());
}
}
}
return new ACLAccessControllerImpl(keyIds);
}
use of com.disney.http.auth.server.ACLAccessControllerImpl in project groovity by disney.
the class TestBasicAuth method testBasic.
@Test
public void testBasic() throws Exception {
BasicVerifierImpl verifier = new BasicVerifierImpl();
Map<String, String> pmap = new HashMap<String, String>();
List<String> accessList = new ArrayList<String>();
ACLAccessControllerImpl acl = new ACLAccessControllerImpl();
acl.setAcl(accessList);
pmap.put("mykey", "mypass");
PasswordChecker pc = new MapPasswordChecker(pmap);
verifier.setPasswordCheckers(Arrays.asList(pc));
verifier.setAccessControllers(Arrays.asList((AccessController) acl));
MockHttpServletRequest request = new MockHttpServletRequest();
ServerAuthorizationRequest areq = new ServletAuthorizationRequest(request);
VerifierResult result = verifier.verify(areq);
Assert.assertEquals(ERROR_MISSING_CREDENTIALS, result.getMessage());
request.addHeader("Authorization", "Basic " + DatatypeConverter.printBase64Binary("mykey:wrongpass".getBytes()));
result = verifier.verify(areq);
Assert.assertEquals(ERROR_UNKNOWN_CREDENTIALS, result.getMessage());
request = new MockHttpServletRequest();
request.addHeader("Authorization", "Basic " + DatatypeConverter.printBase64Binary("mykey:mypass".getBytes()));
areq = new ServletAuthorizationRequest(request);
result = verifier.verify(areq);
Assert.assertTrue("Expected successful authentication", result.isAuthenticated());
Assert.assertFalse("Expected failed authorization", result.isAuthorized());
accessList.add("mykey");
result = verifier.verify(areq);
Assert.assertTrue("Expected successful authentication", result.isAuthenticated());
Assert.assertTrue("Expected successful authorization", result.isAuthorized());
}
Aggregations