Examples with IdProvider com.enonic.xp.security.IdProvider used on opensource projects

Search in sources :

Example 6 with IdProvider

use of com.enonic.xp.security.IdProvider in project xp by enonic.

the class SecurityServiceImplTest method testUpdateIdProvider.

@Test
public void testUpdateIdProvider() throws Exception {
    runAsAdmin(() -> {
        // setup
        final PrincipalKey userKey = PrincipalKey.ofUser(SYSTEM, "User1");
        final PrincipalKey groupKey1 = PrincipalKey.ofGroup(SYSTEM, "Group-a");
        final PrincipalKey groupKey2 = PrincipalKey.ofGroup(SYSTEM, "group-b");
        final IdProviderAccessControlList permissions = IdProviderAccessControlList.of(IdProviderAccessControlEntry.create().principal(userKey).access(CREATE_USERS).build(), IdProviderAccessControlEntry.create().principal(groupKey1).access(ADMINISTRATOR).build(), IdProviderAccessControlEntry.create().principal(groupKey2).access(WRITE_USERS).build());
        final CreateIdProviderParams createIdProvider = CreateIdProviderParams.create().key(IdProviderKey.from("enonic")).displayName("Enonic Id Provider").permissions(permissions).description("old id provider description").build();
        final IdProvider idProviderCreated = securityService.createIdProvider(createIdProvider);
        // exercise
        final IdProviderAccessControlList updatePermissions = IdProviderAccessControlList.of(IdProviderAccessControlEntry.create().principal(userKey).access(CREATE_USERS).build(), IdProviderAccessControlEntry.create().principal(groupKey1).access(ADMINISTRATOR).build());
        final UpdateIdProviderParams updateIdProvider = UpdateIdProviderParams.create().key(IdProviderKey.from("enonic")).displayName("Enonic Id Provider updated").permissions(updatePermissions).description("new id provider description").build();
        final IdProvider idProviderUpdated = securityService.updateIdProvider(updateIdProvider);
        // verify
        assertNotNull(idProviderUpdated);
        assertEquals("enonic", idProviderUpdated.getKey().toString());
        assertEquals("Enonic Id Provider updated", idProviderUpdated.getDisplayName());
        assertEquals("new id provider description", idProviderUpdated.getDescription());
        final IdProviderAccessControlList updatedPermissions = securityService.getIdProviderPermissions(IdProviderKey.from("enonic"));
        assertNotNull(idProviderCreated);
        assertEquals(CREATE_USERS, updatedPermissions.getEntry(userKey).getAccess());
        assertEquals(ADMINISTRATOR, updatedPermissions.getEntry(groupKey1).getAccess());
        assertNull(updatedPermissions.getEntry(groupKey2));
    });
}
Also used : IdProviderAccessControlList(com.enonic.xp.security.acl.IdProviderAccessControlList) IdProvider(com.enonic.xp.security.IdProvider) PrincipalKey(com.enonic.xp.security.PrincipalKey) CreateIdProviderParams(com.enonic.xp.security.CreateIdProviderParams) UpdateIdProviderParams(com.enonic.xp.security.UpdateIdProviderParams) AbstractElasticsearchIntegrationTest(com.enonic.xp.repo.impl.elasticsearch.AbstractElasticsearchIntegrationTest) Test(org.junit.jupiter.api.Test)

Example 7 with IdProvider

use of com.enonic.xp.security.IdProvider in project xp by enonic.

the class SecurityServiceImplTest method testUpdateIdProviderWithEditor.

@Test
public void testUpdateIdProviderWithEditor() throws Exception {
    runAsAdmin(() -> {
        // setup
        final CreateIdProviderParams createIdProvider = CreateIdProviderParams.create().key(IdProviderKey.from("enonic")).displayName("Enonic Id Provider").description("old id provider description").build();
        final IdProvider idProviderCreated = securityService.createIdProvider(createIdProvider);
        // exercise
        final UpdateIdProviderParams updateIdProvider = UpdateIdProviderParams.create(idProviderCreated).editor(edit -> {
            edit.key = IdProviderKey.from("newEnonic");
            edit.displayName = "Enonic Id Provider updated";
            edit.description = "new id provider description";
        }).displayName("Display name from parameters").description("Description from parameters").build();
        final IdProvider idProviderUpdated = securityService.updateIdProvider(updateIdProvider);
        // verify
        assertNotNull(idProviderUpdated);
        assertEquals("enonic", idProviderUpdated.getKey().toString());
        assertEquals("Enonic Id Provider updated", idProviderUpdated.getDisplayName());
        assertEquals("new id provider description", idProviderUpdated.getDescription());
    });
}
Also used : BeforeEach(org.junit.jupiter.api.BeforeEach) IdProviderKey(com.enonic.xp.security.IdProviderKey) PrincipalRelationships(com.enonic.xp.security.PrincipalRelationships) IndexServiceInternalImpl(com.enonic.xp.repo.impl.elasticsearch.IndexServiceInternalImpl) CreateGroupParams(com.enonic.xp.security.CreateGroupParams) AbstractElasticsearchIntegrationTest(com.enonic.xp.repo.impl.elasticsearch.AbstractElasticsearchIntegrationTest) NodeRepositoryServiceImpl(com.enonic.xp.repo.impl.repository.NodeRepositoryServiceImpl) Role(com.enonic.xp.security.Role) IndexDataServiceImpl(com.enonic.xp.repo.impl.storage.IndexDataServiceImpl) Assertions.assertFalse(org.junit.jupiter.api.Assertions.assertFalse) IndexServiceImpl(com.enonic.xp.repo.impl.index.IndexServiceImpl) AuthenticationException(com.enonic.xp.security.auth.AuthenticationException) ContextBuilder(com.enonic.xp.context.ContextBuilder) VerifiedEmailAuthToken(com.enonic.xp.security.auth.VerifiedEmailAuthToken) UpdateIdProviderParams(com.enonic.xp.security.UpdateIdProviderParams) StorageDaoImpl(com.enonic.xp.repo.impl.elasticsearch.storage.StorageDaoImpl) SystemConstants(com.enonic.xp.security.SystemConstants) UpdateRoleParams(com.enonic.xp.security.UpdateRoleParams) CreateUserParams(com.enonic.xp.security.CreateUserParams) User(com.enonic.xp.security.User) PrincipalRelationship(com.enonic.xp.security.PrincipalRelationship) CREATE_USERS(com.enonic.xp.security.acl.IdProviderAccess.CREATE_USERS) Test(org.junit.jupiter.api.Test) SearchDaoImpl(com.enonic.xp.repo.impl.elasticsearch.search.SearchDaoImpl) SecurityConstants(com.enonic.xp.security.SecurityConstants) VersionServiceImpl(com.enonic.xp.repo.impl.version.VersionServiceImpl) NodeStorageServiceImpl(com.enonic.xp.repo.impl.storage.NodeStorageServiceImpl) Assertions.assertTrue(org.junit.jupiter.api.Assertions.assertTrue) BinaryServiceImpl(com.enonic.xp.repo.impl.binary.BinaryServiceImpl) NodeSearchServiceImpl(com.enonic.xp.repo.impl.search.NodeSearchServiceImpl) RoleKeys(com.enonic.xp.security.RoleKeys) Context(com.enonic.xp.context.Context) IdProvider(com.enonic.xp.security.IdProvider) IdProviderAccessControlEntry(com.enonic.xp.security.acl.IdProviderAccessControlEntry) ADMINISTRATOR(com.enonic.xp.security.acl.IdProviderAccess.ADMINISTRATOR) CreateRoleParams(com.enonic.xp.security.CreateRoleParams) Assertions.assertThrows(org.junit.jupiter.api.Assertions.assertThrows) Assertions.fail(org.junit.jupiter.api.Assertions.fail) Assertions.assertNotNull(org.junit.jupiter.api.Assertions.assertNotNull) EventPublisher(com.enonic.xp.event.EventPublisher) UpdateUserParams(com.enonic.xp.security.UpdateUserParams) Assertions.assertNull(org.junit.jupiter.api.Assertions.assertNull) Callable(java.util.concurrent.Callable) UsernamePasswordAuthToken(com.enonic.xp.security.auth.UsernamePasswordAuthToken) NodeServiceImpl(com.enonic.xp.repo.impl.node.NodeServiceImpl) RepositoryServiceImpl(com.enonic.xp.repo.impl.repository.RepositoryServiceImpl) VerifiedUsernameAuthToken(com.enonic.xp.security.auth.VerifiedUsernameAuthToken) PrincipalQuery(com.enonic.xp.security.PrincipalQuery) Assertions.assertEquals(org.junit.jupiter.api.Assertions.assertEquals) PrincipalNotFoundException(com.enonic.xp.security.PrincipalNotFoundException) EmailPasswordAuthToken(com.enonic.xp.security.auth.EmailPasswordAuthToken) RepositoryEntryServiceImpl(com.enonic.xp.repo.impl.repository.RepositoryEntryServiceImpl) Group(com.enonic.xp.security.Group) AuthenticationToken(com.enonic.xp.security.auth.AuthenticationToken) UpdateGroupParams(com.enonic.xp.security.UpdateGroupParams) IdProviderAccessControlList(com.enonic.xp.security.acl.IdProviderAccessControlList) AuthenticationInfo(com.enonic.xp.security.auth.AuthenticationInfo) WRITE_USERS(com.enonic.xp.security.acl.IdProviderAccess.WRITE_USERS) Mockito(org.mockito.Mockito) PrincipalQueryResult(com.enonic.xp.security.PrincipalQueryResult) NodeVersionServiceImpl(com.enonic.xp.repo.impl.node.dao.NodeVersionServiceImpl) CreateIdProviderParams(com.enonic.xp.security.CreateIdProviderParams) IdProviderAlreadyExistsException(com.enonic.xp.security.IdProviderAlreadyExistsException) PrincipalKey(com.enonic.xp.security.PrincipalKey) PrincipalAlreadyExistsException(com.enonic.xp.security.PrincipalAlreadyExistsException) MemoryBlobStore(com.enonic.xp.internal.blobstore.MemoryBlobStore) BranchServiceImpl(com.enonic.xp.repo.impl.branch.storage.BranchServiceImpl) PrincipalKeys(com.enonic.xp.security.PrincipalKeys) IdProvider(com.enonic.xp.security.IdProvider) CreateIdProviderParams(com.enonic.xp.security.CreateIdProviderParams) UpdateIdProviderParams(com.enonic.xp.security.UpdateIdProviderParams) AbstractElasticsearchIntegrationTest(com.enonic.xp.repo.impl.elasticsearch.AbstractElasticsearchIntegrationTest) Test(org.junit.jupiter.api.Test)

Example 8 with IdProvider

use of com.enonic.xp.security.IdProvider in project xp by enonic.

the class SecurityServiceImpl method updateIdProvider.

@Override
public IdProvider updateIdProvider(final UpdateIdProviderParams updateIdProviderParams) {
    return callWithContext(() -> {
        final NodePath idProviderNodePath = IdProviderNodeTranslator.toIdProviderNodePath(updateIdProviderParams.getKey());
        final Node node = this.nodeService.getByPath(idProviderNodePath);
        if (node == null) {
            return null;
        }
        final IdProvider existingIdProvider = IdProviderNodeTranslator.fromNode(node);
        final IdProvider idProviderToUpdate = updateIdProviderParams.update(existingIdProvider);
        final UpdateNodeParams updateNodeParams = IdProviderNodeTranslator.toUpdateNodeParams(idProviderToUpdate, node.id());
        final Node idProviderNode = nodeService.update(updateNodeParams);
        if (updateIdProviderParams.getIdProviderPermissions() != null) {
            final Node usersNode = nodeService.getByPath(IdProviderNodeTranslator.toIdProviderUsersNodePath(updateIdProviderParams.getKey()));
            final Node groupsNode = nodeService.getByPath(IdProviderNodeTranslator.toIdProviderGroupsNodePath(updateIdProviderParams.getKey()));
            final IdProviderAccessControlList permissions = updateIdProviderParams.getIdProviderPermissions();
            AccessControlList idProviderNodePermissions = IdProviderNodeTranslator.idProviderPermissionsToIdProviderNodePermissions(permissions);
            AccessControlList usersNodePermissions = IdProviderNodeTranslator.idProviderPermissionsToUsersNodePermissions(permissions);
            AccessControlList groupsNodePermissions = IdProviderNodeTranslator.idProviderPermissionsToGroupsNodePermissions(permissions);
            final Node rootNode = nodeService.getRoot();
            idProviderNodePermissions = mergeWithRootPermissions(idProviderNodePermissions, rootNode.getPermissions());
            usersNodePermissions = mergeWithRootPermissions(usersNodePermissions, rootNode.getPermissions());
            groupsNodePermissions = mergeWithRootPermissions(groupsNodePermissions, rootNode.getPermissions());
            setNodePermissions(idProviderNode.id(), idProviderNodePermissions);
            setNodePermissions(usersNode.id(), usersNodePermissions);
            setNodePermissions(groupsNode.id(), groupsNodePermissions);
            final ApplyNodePermissionsParams applyPermissions = ApplyNodePermissionsParams.create().nodeId(idProviderNode.id()).overwriteChildPermissions(false).build();
            nodeService.applyPermissions(applyPermissions);
        }
        this.nodeService.refresh(RefreshMode.SEARCH);
        return IdProviderNodeTranslator.fromNode(idProviderNode);
    });
}
Also used : AccessControlList(com.enonic.xp.security.acl.AccessControlList) IdProviderAccessControlList(com.enonic.xp.security.acl.IdProviderAccessControlList) ApplyNodePermissionsParams(com.enonic.xp.node.ApplyNodePermissionsParams) Node(com.enonic.xp.node.Node) IdProvider(com.enonic.xp.security.IdProvider) UpdateNodeParams(com.enonic.xp.node.UpdateNodeParams) IdProviderAccessControlList(com.enonic.xp.security.acl.IdProviderAccessControlList) NodePath(com.enonic.xp.node.NodePath)

Example 9 with IdProvider

use of com.enonic.xp.security.IdProvider in project xp by enonic.

the class SecurityServiceImpl method authenticate.

@Override
public AuthenticationInfo authenticate(final AuthenticationToken token) {
    if (!(token instanceof VerifiedUsernameAuthToken) && !(token instanceof VerifiedEmailAuthToken)) {
        addRandomDelay();
    }
    if (isSuAuthenticationEnabled(token)) {
        return authenticateSu((UsernamePasswordAuthToken) token);
    }
    if (token.getIdProvider() != null) {
        return doAuthenticate(token);
    } else {
        final IdProviders idProviders = callAsAuthenticated(this::getIdProviders);
        for (IdProvider idProvider : idProviders) {
            token.setIdProvider(idProvider.getKey());
            final AuthenticationInfo authInfo = doAuthenticate(token);
            if (authInfo.isAuthenticated()) {
                return authInfo;
            }
        }
        return AuthenticationInfo.unAuthenticated();
    }
}
Also used : IdProviders(com.enonic.xp.security.IdProviders) VerifiedEmailAuthToken(com.enonic.xp.security.auth.VerifiedEmailAuthToken) IdProvider(com.enonic.xp.security.IdProvider) VerifiedUsernameAuthToken(com.enonic.xp.security.auth.VerifiedUsernameAuthToken) AuthenticationInfo(com.enonic.xp.security.auth.AuthenticationInfo)

Example 10 with IdProvider

use of com.enonic.xp.security.IdProvider in project xp by enonic.

the class IdProviderNodeTranslator method createIdProviderFromNode.

private static IdProvider createIdProviderFromNode(final Node node) {
    if (node.name().toString().equalsIgnoreCase(PrincipalKey.ROLES_NODE_NAME)) {
        return null;
    }
    final PropertySet nodeAsSet = node.data().getRoot();
    final IdProviderKey idProviderKey = IdProviderNodeTranslator.toKey(node);
    final IdProvider.Builder idProvider = IdProvider.create().displayName(nodeAsSet.getString(IdProviderPropertyNames.DISPLAY_NAME_KEY)).key(idProviderKey).description(nodeAsSet.getString(IdProviderPropertyNames.DESCRIPTION_KEY));
    if (nodeAsSet.hasProperty(IdProviderPropertyNames.APPLICATION)) {
        final String applicationKey = nodeAsSet.getString(IdProviderPropertyNames.ID_PROVIDER_APPLICATION_KEY);
        final PropertySet config = nodeAsSet.getSet(IdProviderPropertyNames.ID_PROVIDER_CONFIG_FORM_KEY);
        final IdProviderConfig idProviderConfig = IdProviderConfig.create().applicationKey(ApplicationKey.from(applicationKey)).config(config.toTree()).build();
        idProvider.idProviderConfig(idProviderConfig);
    } else if (IdProviderKey.system().equals(idProviderKey)) {
        // TODO Remove after next dump upgrade
        final IdProviderConfig idProviderConfig = IdProviderConfig.create().applicationKey(SYSTEM_ID_PROVIDER_KEY).build();
        idProvider.idProviderConfig(idProviderConfig);
    }
    return idProvider.build();
}
Also used : IdProvider(com.enonic.xp.security.IdProvider) IdProviderKey(com.enonic.xp.security.IdProviderKey) PropertySet(com.enonic.xp.data.PropertySet) IdProviderConfig(com.enonic.xp.security.IdProviderConfig)

Aggregations

IdProvider (com.enonic.xp.security.IdProvider)14 Test (org.junit.jupiter.api.Test)6 IdProviderKey (com.enonic.xp.security.IdProviderKey)4 IdProviderAccessControlList (com.enonic.xp.security.acl.IdProviderAccessControlList)4 AbstractElasticsearchIntegrationTest (com.enonic.xp.repo.impl.elasticsearch.AbstractElasticsearchIntegrationTest)3 CreateIdProviderParams (com.enonic.xp.security.CreateIdProviderParams)3 IdProviders (com.enonic.xp.security.IdProviders)3 PrincipalKey (com.enonic.xp.security.PrincipalKey)3 AuthenticationInfo (com.enonic.xp.security.auth.AuthenticationInfo)3 IdProviderDescriptor (com.enonic.xp.idprovider.IdProviderDescriptor)2 IdProviderConfig (com.enonic.xp.security.IdProviderConfig)2 SecurityService (com.enonic.xp.security.SecurityService)2 UpdateIdProviderParams (com.enonic.xp.security.UpdateIdProviderParams)2 EmailPasswordAuthToken (com.enonic.xp.security.auth.EmailPasswordAuthToken)2 VerifiedEmailAuthToken (com.enonic.xp.security.auth.VerifiedEmailAuthToken)2 VerifiedUsernameAuthToken (com.enonic.xp.security.auth.VerifiedUsernameAuthToken)2 BeforeEach (org.junit.jupiter.api.BeforeEach)2 Context (com.enonic.xp.context.Context)1 ContextBuilder (com.enonic.xp.context.ContextBuilder)1 PropertySet (com.enonic.xp.data.PropertySet)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial