Search in sources :

Example 1 with AccessController

use of com.disney.http.auth.server.AccessController in project groovity by disney.

the class TestDigestAuth method testDigest.

@Test
public void testDigest() throws Exception {
    DigestVerifierImpl verifier = new DigestVerifierImpl();
    Map<String, String> pmap = new HashMap<String, String>();
    List<String> accessList = new ArrayList<String>();
    ACLAccessControllerImpl acl = new ACLAccessControllerImpl();
    acl.setAcl(accessList);
    pmap.put("mykey", "mypass");
    PasswordDigester pc = new MapPasswordDigester(pmap);
    verifier.setPasswordDigesters(Arrays.asList(pc));
    verifier.setAccessControllers(Arrays.asList((AccessController) acl));
    MockHttpServletRequest request = new MockHttpServletRequest();
    request.setRequestURI("/");
    ServerAuthorizationRequest areq = new ServletAuthorizationRequest(request);
    VerifierResult result = verifier.verify(areq);
    Assert.assertEquals(ERROR_MISSING_CREDENTIALS, result.getMessage());
    String challenge = result.getChallenge();
    Pattern noncePattern = Pattern.compile("nonce=\"([^\"]+)\"");
    Matcher matcher = noncePattern.matcher(challenge);
    if (!matcher.find()) {
        throw new Exception("No nonce found in challenge");
    }
    String nonce = matcher.group(1);
    Pattern opaquePattern = Pattern.compile("opaque=\"([^\"]+)\"");
    matcher = opaquePattern.matcher(challenge);
    if (!matcher.find()) {
        throw new Exception("No opaque found in challenge");
    }
    String opaque = matcher.group(1);
    DigestAuthorization ad = new DigestAuthorization();
    ad.setNonce(nonce);
    ad.setCnonce("ClientNonce");
    ad.setNonceCount("000001");
    ad.setOpaque(opaque);
    ad.setQop("auth");
    ad.setUri("/");
    ad.setUsername("mykey");
    ad.setDigest(new byte[0]);
    ad.setRealm(verifier.getRealm());
    request.addHeader("Authorization", ad.toString());
    result = verifier.verify(areq);
    Assert.assertEquals(ERROR_UNKNOWN_CREDENTIALS, result.getMessage());
    // now fix the digest
    /*
		StringBuilder signingString = new StringBuilder();
		signingString.append(digest("mykey",verifier.getRealm(),"mypass"));
		signingString.append(":").append(nonce).append(":").append(ad.getNonceCount()).append(":").append(ad.getCnonce()).append(":auth:");
		signingString.append(digest("GET",ad.getUri()));
		*/
    request = new MockHttpServletRequest();
    areq = new ServletAuthorizationRequest(request);
    request.setMethod("GET");
    request.setRequestURI("/");
    String signingString = ad.generateSigningString("mykey", "mypass", new ServletAuthorizationRequest(request));
    MessageDigest md5 = MessageDigest.getInstance("MD5");
    ad.setDigest(md5.digest(signingString.toString().getBytes()));
    request.addHeader("Authorization", ad.toString());
    result = verifier.verify(areq);
    Assert.assertTrue("Expected successful authentication", result.isAuthenticated());
    Assert.assertFalse("Expected failed authorization", result.isAuthorized());
    accessList.add("mykey");
    result = verifier.verify(areq);
    Assert.assertTrue("Expected successful authentication", result.isAuthenticated());
    Assert.assertTrue("Expected successful authorization", result.isAuthorized());
}
Also used : DigestAuthorization(com.disney.http.auth.DigestAuthorization) Pattern(java.util.regex.Pattern) HashMap(java.util.HashMap) MapPasswordDigester(com.disney.http.auth.server.digest.MapPasswordDigester) PasswordDigester(com.disney.http.auth.server.digest.PasswordDigester) Matcher(java.util.regex.Matcher) MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest) ArrayList(java.util.ArrayList) ServletAuthorizationRequest(com.disney.http.auth.server.ServletAuthorizationRequest) MapPasswordDigester(com.disney.http.auth.server.digest.MapPasswordDigester) AccessController(com.disney.http.auth.server.AccessController) VerifierResult(com.disney.http.auth.server.VerifierResult) MessageDigest(java.security.MessageDigest) ACLAccessControllerImpl(com.disney.http.auth.server.ACLAccessControllerImpl) DigestVerifierImpl(com.disney.http.auth.server.digest.DigestVerifierImpl) ServerAuthorizationRequest(com.disney.http.auth.server.ServerAuthorizationRequest) Test(org.junit.Test)

Example 2 with AccessController

use of com.disney.http.auth.server.AccessController in project groovity by disney.

the class VerifierFactory method processCommon.

@SuppressWarnings({ "rawtypes", "unchecked" })
private void processCommon(AbstractVerifier verifier, Map map, Class scriptClass) throws InstantiationException, IllegalAccessException, ClassNotFoundException {
    List<AccessController> accessControllers = new ArrayList<AccessController>();
    String realm = resolve(map, "realm", String.class);
    if (realm != null) {
        verifier.setRealm(realm);
    }
    List acl = resolve(map, "acl", List.class);
    if (acl != null) {
        accessControllers.add(new ACLAccessControllerImpl(acl));
    }
    Object ac = resolve(map, "accessController", Object.class);
    if (ac != null) {
        addAccessController(ac, accessControllers, scriptClass);
    }
    List<Object> acs = resolve(map, "accessControllers", List.class);
    if (acs != null) {
        for (Object c : acs) {
            addAccessController(c, accessControllers, scriptClass);
        }
    }
    verifier.setAccessControllers(accessControllers);
}
Also used : AccessController(com.disney.http.auth.server.AccessController) ArrayList(java.util.ArrayList) List(java.util.List) ArrayList(java.util.ArrayList) ACLAccessControllerImpl(com.disney.http.auth.server.ACLAccessControllerImpl)

Example 3 with AccessController

use of com.disney.http.auth.server.AccessController in project groovity by disney.

the class XmlPolicyParser method processCommon.

private static void processCommon(AbstractVerifier config, Element verifier) throws InstantiationException, IllegalAccessException, ClassNotFoundException {
    List<AccessController> accessControllers = new ArrayList<AccessController>();
    NodeList bcnodes = verifier.getChildNodes();
    for (int j = 0; j < bcnodes.getLength(); j++) {
        Node bcnode = bcnodes.item(j);
        if (bcnode instanceof Element) {
            Element bcel = (Element) bcnode;
            if (bcel.getNodeName().equals("realm")) {
                config.setRealm(bcel.getTextContent().trim());
            } else if (bcel.getNodeName().equals("acl")) {
                accessControllers.add(processAcl(bcel));
            } else if (bcel.getNodeName().equals("accessController")) {
                accessControllers.add((AccessController) Class.forName(bcel.getAttribute("class")).newInstance());
            }
        }
    }
    config.setAccessControllers(accessControllers);
}
Also used : AccessController(com.disney.http.auth.server.AccessController) NodeList(org.w3c.dom.NodeList) Node(org.w3c.dom.Node) Element(org.w3c.dom.Element) ArrayList(java.util.ArrayList)

Example 4 with AccessController

use of com.disney.http.auth.server.AccessController in project groovity by disney.

the class TestBasicAuth method testBasic.

@Test
public void testBasic() throws Exception {
    BasicVerifierImpl verifier = new BasicVerifierImpl();
    Map<String, String> pmap = new HashMap<String, String>();
    List<String> accessList = new ArrayList<String>();
    ACLAccessControllerImpl acl = new ACLAccessControllerImpl();
    acl.setAcl(accessList);
    pmap.put("mykey", "mypass");
    PasswordChecker pc = new MapPasswordChecker(pmap);
    verifier.setPasswordCheckers(Arrays.asList(pc));
    verifier.setAccessControllers(Arrays.asList((AccessController) acl));
    MockHttpServletRequest request = new MockHttpServletRequest();
    ServerAuthorizationRequest areq = new ServletAuthorizationRequest(request);
    VerifierResult result = verifier.verify(areq);
    Assert.assertEquals(ERROR_MISSING_CREDENTIALS, result.getMessage());
    request.addHeader("Authorization", "Basic " + DatatypeConverter.printBase64Binary("mykey:wrongpass".getBytes()));
    result = verifier.verify(areq);
    Assert.assertEquals(ERROR_UNKNOWN_CREDENTIALS, result.getMessage());
    request = new MockHttpServletRequest();
    request.addHeader("Authorization", "Basic " + DatatypeConverter.printBase64Binary("mykey:mypass".getBytes()));
    areq = new ServletAuthorizationRequest(request);
    result = verifier.verify(areq);
    Assert.assertTrue("Expected successful authentication", result.isAuthenticated());
    Assert.assertFalse("Expected failed authorization", result.isAuthorized());
    accessList.add("mykey");
    result = verifier.verify(areq);
    Assert.assertTrue("Expected successful authentication", result.isAuthenticated());
    Assert.assertTrue("Expected successful authorization", result.isAuthorized());
}
Also used : HashMap(java.util.HashMap) MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest) ArrayList(java.util.ArrayList) ServletAuthorizationRequest(com.disney.http.auth.server.ServletAuthorizationRequest) PasswordChecker(com.disney.http.auth.server.basic.PasswordChecker) MapPasswordChecker(com.disney.http.auth.server.basic.MapPasswordChecker) AccessController(com.disney.http.auth.server.AccessController) VerifierResult(com.disney.http.auth.server.VerifierResult) ACLAccessControllerImpl(com.disney.http.auth.server.ACLAccessControllerImpl) MapPasswordChecker(com.disney.http.auth.server.basic.MapPasswordChecker) ServerAuthorizationRequest(com.disney.http.auth.server.ServerAuthorizationRequest) BasicVerifierImpl(com.disney.http.auth.server.basic.BasicVerifierImpl) Test(org.junit.Test)

Aggregations

AccessController (com.disney.http.auth.server.AccessController)4 ArrayList (java.util.ArrayList)4 ACLAccessControllerImpl (com.disney.http.auth.server.ACLAccessControllerImpl)3 ServerAuthorizationRequest (com.disney.http.auth.server.ServerAuthorizationRequest)2 ServletAuthorizationRequest (com.disney.http.auth.server.ServletAuthorizationRequest)2 VerifierResult (com.disney.http.auth.server.VerifierResult)2 HashMap (java.util.HashMap)2 Test (org.junit.Test)2 MockHttpServletRequest (org.springframework.mock.web.MockHttpServletRequest)2 DigestAuthorization (com.disney.http.auth.DigestAuthorization)1 BasicVerifierImpl (com.disney.http.auth.server.basic.BasicVerifierImpl)1 MapPasswordChecker (com.disney.http.auth.server.basic.MapPasswordChecker)1 PasswordChecker (com.disney.http.auth.server.basic.PasswordChecker)1 DigestVerifierImpl (com.disney.http.auth.server.digest.DigestVerifierImpl)1 MapPasswordDigester (com.disney.http.auth.server.digest.MapPasswordDigester)1 PasswordDigester (com.disney.http.auth.server.digest.PasswordDigester)1 MessageDigest (java.security.MessageDigest)1 List (java.util.List)1 Matcher (java.util.regex.Matcher)1 Pattern (java.util.regex.Pattern)1