Search in sources :

Example 1 with AuthenticationInfo

use of com.enonic.xp.security.auth.AuthenticationInfo in project xp by enonic.

the class JsonExceptionMapper method createContextJson.

private static ObjectNode createContextJson() {
    final Context context = ContextAccessor.current();
    final AuthenticationInfo authInfo = context.getAuthInfo();
    final ObjectNode node = JsonNodeFactory.instance.objectNode();
    node.put("authenticated", (authInfo != null) && authInfo.isAuthenticated());
    final ArrayNode principals = node.putArray("principals");
    if (authInfo != null) {
        for (final PrincipalKey principal : authInfo.getPrincipals()) {
            principals.add(principal.toString());
        }
    }
    return node;
}
Also used : Context(com.enonic.xp.context.Context) ObjectNode(com.fasterxml.jackson.databind.node.ObjectNode) ArrayNode(com.fasterxml.jackson.databind.node.ArrayNode) PrincipalKey(com.enonic.xp.security.PrincipalKey) AuthenticationInfo(com.enonic.xp.security.auth.AuthenticationInfo)

Example 2 with AuthenticationInfo

use of com.enonic.xp.security.auth.AuthenticationInfo in project xp by enonic.

the class ChangePasswordHandlerTest method testExamples.

@Test
public void testExamples() {
    final AuthenticationInfo authInfo = AuthenticationInfo.create().user(TestDataFixtures.getTestUser()).principals(RoleKeys.ADMIN_LOGIN).build();
    this.session.setAttribute(authInfo);
    runScript("/lib/xp/examples/auth/changePassword.js");
    Mockito.verify(this.securityService).setPassword(eq(authInfo.getUser().getKey()), eq("new-secret-password"));
}
Also used : AuthenticationInfo(com.enonic.xp.security.auth.AuthenticationInfo) Test(org.junit.jupiter.api.Test)

Example 3 with AuthenticationInfo

use of com.enonic.xp.security.auth.AuthenticationInfo in project xp by enonic.

the class LoginHandlerTest method testLoginMultipleIdProvidersInOrder.

@Test
public void testLoginMultipleIdProvidersInOrder() {
    final IdProvider idProvider1 = IdProvider.create().displayName("Id Provider 1").key(IdProviderKey.from("idprovider1")).build();
    final IdProvider idProvider3 = IdProvider.create().displayName("Id Provider 3").key(IdProviderKey.from("idprovider3")).build();
    final IdProvider idProvider2 = IdProvider.create().displayName("Id Provider 2").key(IdProviderKey.from("idprovider2")).build();
    final IdProviders idProviders = IdProviders.from(idProvider1, idProvider3, idProvider2);
    final AuthenticationInfo authInfo = TestDataFixtures.createAuthenticationInfo();
    final EmailPasswordAuthToken expectedAuthToken = new EmailPasswordAuthToken();
    expectedAuthToken.setEmail("user1@enonic.com");
    expectedAuthToken.setPassword("pwd123");
    expectedAuthToken.setIdProvider(idProvider3.getKey());
    final AuthTokenMatcher matcher = new AuthTokenMatcher(expectedAuthToken);
    Mockito.when(this.securityService.authenticate(Mockito.argThat(matcher))).thenReturn(authInfo);
    Mockito.when(this.securityService.getIdProviders()).thenReturn(idProviders);
    runFunction("/test/login-test.js", "loginMultipleIdProvidersInOrder");
    final Session session = ContextAccessor.current().getLocalScope().getSession();
    final AuthenticationInfo sessionAuthInfo = session.getAttribute(AuthenticationInfo.class);
    assertEquals(authInfo, sessionAuthInfo);
    assertEquals(3, matcher.loginIdProviderAttempts.size());
    assertEquals("idprovider1", matcher.loginIdProviderAttempts.get(0).toString());
    assertEquals("idprovider2", matcher.loginIdProviderAttempts.get(1).toString());
    assertEquals("idprovider3", matcher.loginIdProviderAttempts.get(2).toString());
}
Also used : IdProviders(com.enonic.xp.security.IdProviders) IdProvider(com.enonic.xp.security.IdProvider) EmailPasswordAuthToken(com.enonic.xp.security.auth.EmailPasswordAuthToken) AuthenticationInfo(com.enonic.xp.security.auth.AuthenticationInfo) Session(com.enonic.xp.session.Session) Test(org.junit.jupiter.api.Test)

Example 4 with AuthenticationInfo

use of com.enonic.xp.security.auth.AuthenticationInfo in project xp by enonic.

the class LoginHandlerTest method testInvalidLogin.

@Test
public void testInvalidLogin() {
    final AuthenticationInfo authInfo = AuthenticationInfo.unAuthenticated();
    Mockito.when(this.securityService.authenticate(Mockito.any())).thenReturn(authInfo);
    runFunction("/test/login-test.js", "invalidLogin");
    final Session session = ContextAccessor.current().getLocalScope().getSession();
    final AuthenticationInfo sessionAuthInfo = session.getAttribute(AuthenticationInfo.class);
    assertNull(sessionAuthInfo);
}
Also used : AuthenticationInfo(com.enonic.xp.security.auth.AuthenticationInfo) Session(com.enonic.xp.session.Session) Test(org.junit.jupiter.api.Test)

Example 5 with AuthenticationInfo

use of com.enonic.xp.security.auth.AuthenticationInfo in project xp by enonic.

the class LoginHandlerTest method testSessionInvalidatedOnLogin.

@Test
public void testSessionInvalidatedOnLogin() {
    final AuthenticationInfo authInfo = TestDataFixtures.createAuthenticationInfo();
    final IdProviders idProviders = IdProviders.from(IdProvider.create().displayName("system").key(IdProviderKey.from("system")).build());
    Mockito.when(this.securityService.authenticate(Mockito.any())).thenReturn(authInfo);
    Mockito.when(this.securityService.getIdProviders()).thenReturn(idProviders);
    final SessionMock session = Mockito.spy(new SessionMock());
    ContextAccessor.current().getLocalScope().setSession(session);
    runScript("/lib/xp/examples/auth/login.js");
    verify(session, times(5)).invalidate();
}
Also used : IdProviders(com.enonic.xp.security.IdProviders) AuthenticationInfo(com.enonic.xp.security.auth.AuthenticationInfo) SessionMock(com.enonic.xp.session.SessionMock) Test(org.junit.jupiter.api.Test)

Aggregations

AuthenticationInfo (com.enonic.xp.security.auth.AuthenticationInfo)65 Test (org.junit.jupiter.api.Test)44 User (com.enonic.xp.security.User)17 Context (com.enonic.xp.context.Context)16 Session (com.enonic.xp.session.Session)9 CreateUserParams (com.enonic.xp.security.CreateUserParams)7 AbstractElasticsearchIntegrationTest (com.enonic.xp.repo.impl.elasticsearch.AbstractElasticsearchIntegrationTest)6 IdProviders (com.enonic.xp.security.IdProviders)6 EmailPasswordAuthToken (com.enonic.xp.security.auth.EmailPasswordAuthToken)6 PropertyTree (com.enonic.xp.data.PropertyTree)5 AccessControlList (com.enonic.xp.security.acl.AccessControlList)5 UsernamePasswordAuthToken (com.enonic.xp.security.auth.UsernamePasswordAuthToken)5 VerifiedUsernameAuthToken (com.enonic.xp.security.auth.VerifiedUsernameAuthToken)5 PrincipalKey (com.enonic.xp.security.PrincipalKey)4 SessionMock (com.enonic.xp.session.SessionMock)4 LogAuditLogParams (com.enonic.xp.audit.LogAuditLogParams)2 Content (com.enonic.xp.content.Content)2 ProjectName (com.enonic.xp.project.ProjectName)2 AbstractNodeTest (com.enonic.xp.repo.impl.node.AbstractNodeTest)2 IdProvider (com.enonic.xp.security.IdProvider)2