Example 1 with IdProviders
use of com.enonic.xp.security.IdProviders in project xp by enonic.
the class LoginHandlerTest method testLoginMultipleIdProvidersInOrder.
@Test
public void testLoginMultipleIdProvidersInOrder() {
final IdProvider idProvider1 = IdProvider.create().displayName("Id Provider 1").key(IdProviderKey.from("idprovider1")).build();
final IdProvider idProvider3 = IdProvider.create().displayName("Id Provider 3").key(IdProviderKey.from("idprovider3")).build();
final IdProvider idProvider2 = IdProvider.create().displayName("Id Provider 2").key(IdProviderKey.from("idprovider2")).build();
final IdProviders idProviders = IdProviders.from(idProvider1, idProvider3, idProvider2);
final AuthenticationInfo authInfo = TestDataFixtures.createAuthenticationInfo();
final EmailPasswordAuthToken expectedAuthToken = new EmailPasswordAuthToken();
expectedAuthToken.setEmail("user1@enonic.com");
expectedAuthToken.setPassword("pwd123");
expectedAuthToken.setIdProvider(idProvider3.getKey());
final AuthTokenMatcher matcher = new AuthTokenMatcher(expectedAuthToken);
Mockito.when(this.securityService.authenticate(Mockito.argThat(matcher))).thenReturn(authInfo);
Mockito.when(this.securityService.getIdProviders()).thenReturn(idProviders);
runFunction("/test/login-test.js", "loginMultipleIdProvidersInOrder");
final Session session = ContextAccessor.current().getLocalScope().getSession();
final AuthenticationInfo sessionAuthInfo = session.getAttribute(AuthenticationInfo.class);
assertEquals(authInfo, sessionAuthInfo);
assertEquals(3, matcher.loginIdProviderAttempts.size());
assertEquals("idprovider1", matcher.loginIdProviderAttempts.get(0).toString());
assertEquals("idprovider2", matcher.loginIdProviderAttempts.get(1).toString());
assertEquals("idprovider3", matcher.loginIdProviderAttempts.get(2).toString());
}
Also used :
IdProviders(com.enonic.xp.security.IdProviders)
IdProvider(com.enonic.xp.security.IdProvider)
EmailPasswordAuthToken(com.enonic.xp.security.auth.EmailPasswordAuthToken)
AuthenticationInfo(com.enonic.xp.security.auth.AuthenticationInfo)
Session(com.enonic.xp.session.Session)
Test(org.junit.jupiter.api.Test)
Example 2 with IdProviders
use of com.enonic.xp.security.IdProviders in project xp by enonic.
the class LoginHandlerTest method testSessionInvalidatedOnLogin.
@Test
public void testSessionInvalidatedOnLogin() {
final AuthenticationInfo authInfo = TestDataFixtures.createAuthenticationInfo();
final IdProviders idProviders = IdProviders.from(IdProvider.create().displayName("system").key(IdProviderKey.from("system")).build());
Mockito.when(this.securityService.authenticate(Mockito.any())).thenReturn(authInfo);
Mockito.when(this.securityService.getIdProviders()).thenReturn(idProviders);
final SessionMock session = Mockito.spy(new SessionMock());
ContextAccessor.current().getLocalScope().setSession(session);
runScript("/lib/xp/examples/auth/login.js");
verify(session, times(5)).invalidate();
}
Also used :
IdProviders(com.enonic.xp.security.IdProviders)
AuthenticationInfo(com.enonic.xp.security.auth.AuthenticationInfo)
SessionMock(com.enonic.xp.session.SessionMock)
Test(org.junit.jupiter.api.Test)
Example 3 with IdProviders
use of com.enonic.xp.security.IdProviders in project xp by enonic.
the class LoginHandlerTest method testLoginWithScopeNONE.
@Test
public void testLoginWithScopeNONE() {
ContextAccessor.current().getLocalScope().setSession(null);
final AuthenticationInfo authInfo = AuthenticationInfo.create().user(TestDataFixtures.getTestUser()).principals(RoleKeys.ADMIN_LOGIN).build();
final IdProviders idProviders = IdProviders.from(IdProvider.create().displayName("system").key(IdProviderKey.from("system")).build());
Mockito.when(this.securityService.authenticate(Mockito.any())).thenReturn(authInfo);
Mockito.when(this.securityService.getIdProviders()).thenReturn(idProviders);
runFunction("/test/login-test.js", "loginWithScopeNONE");
assertNull(ContextAccessor.current().getLocalScope().getSession());
assertNull(ContextAccessor.current().getLocalScope().getAttribute(AuthenticationInfo.class));
}
Also used :
IdProviders(com.enonic.xp.security.IdProviders)
AuthenticationInfo(com.enonic.xp.security.auth.AuthenticationInfo)
Test(org.junit.jupiter.api.Test)
Example 4 with IdProviders
use of com.enonic.xp.security.IdProviders in project xp by enonic.
the class SecurityServiceImpl method authenticate.
@Override
public AuthenticationInfo authenticate(final AuthenticationToken token) {
if (!(token instanceof VerifiedUsernameAuthToken) && !(token instanceof VerifiedEmailAuthToken)) {
addRandomDelay();
}
if (isSuAuthenticationEnabled(token)) {
return authenticateSu((UsernamePasswordAuthToken) token);
}
if (token.getIdProvider() != null) {
return doAuthenticate(token);
} else {
final IdProviders idProviders = callAsAuthenticated(this::getIdProviders);
for (IdProvider idProvider : idProviders) {
token.setIdProvider(idProvider.getKey());
final AuthenticationInfo authInfo = doAuthenticate(token);
if (authInfo.isAuthenticated()) {
return authInfo;
}
}
return AuthenticationInfo.unAuthenticated();
}
}
Also used :
IdProviders(com.enonic.xp.security.IdProviders)
VerifiedEmailAuthToken(com.enonic.xp.security.auth.VerifiedEmailAuthToken)
IdProvider(com.enonic.xp.security.IdProvider)
VerifiedUsernameAuthToken(com.enonic.xp.security.auth.VerifiedUsernameAuthToken)
AuthenticationInfo(com.enonic.xp.security.auth.AuthenticationInfo)
Example 5 with IdProviders
use of com.enonic.xp.security.IdProviders in project xp by enonic.
the class ApplicationInfoServiceImplTest method testIdProviderApplication.
@Test
public void testIdProviderApplication() {
mockIdProviderApplication(this.applicationKey);
final IdProviderDescriptor idProviderDescriptor = this.service.getIdProviderDescriptor(this.applicationKey);
assertNotNull(idProviderDescriptor);
final IdProviders idProviders = this.service.getIdProviderReferences(this.applicationKey);
assertEquals(idProviders.getSize(), 2);
}
Also used :
IdProviders(com.enonic.xp.security.IdProviders)
IdProviderDescriptor(com.enonic.xp.idprovider.IdProviderDescriptor)
Test(org.junit.jupiter.api.Test)
Aggregations
IdProviders (com.enonic.xp.security.IdProviders)8
AuthenticationInfo (com.enonic.xp.security.auth.AuthenticationInfo)6
Test (org.junit.jupiter.api.Test)6
IdProvider (com.enonic.xp.security.IdProvider)3
Session (com.enonic.xp.session.Session)2
IdProviderDescriptor (com.enonic.xp.idprovider.IdProviderDescriptor)1
IdProviderKey (com.enonic.xp.security.IdProviderKey)1
SecurityService (com.enonic.xp.security.SecurityService)1
EmailPasswordAuthToken (com.enonic.xp.security.auth.EmailPasswordAuthToken)1
VerifiedEmailAuthToken (com.enonic.xp.security.auth.VerifiedEmailAuthToken)1
VerifiedUsernameAuthToken (com.enonic.xp.security.auth.VerifiedUsernameAuthToken)1
SessionMock (com.enonic.xp.session.SessionMock)1
FilterChain (javax.servlet.FilterChain)1
HttpServletRequest (javax.servlet.http.HttpServletRequest)1
HttpServletResponse (javax.servlet.http.HttpServletResponse)1
BeforeEach (org.junit.jupiter.api.BeforeEach)1
