Examples with AuthenticationInfo com.enonic.xp.security.auth.AuthenticationInfo used on opensource projects

Search in sources :

Example 6 with AuthenticationInfo

use of com.enonic.xp.security.auth.AuthenticationInfo in project xp by enonic.

the class PageHandlerTest method getContentExistsButInsufficientRights.

@Test
public void getContentExistsButInsufficientRights() {
    final AuthenticationInfo authenticationInfo = AuthenticationInfo.create().user(User.ANONYMOUS).build();
    final Context authenticatedContext = ContextBuilder.from(ContextAccessor.current()).authInfo(authenticationInfo).build();
    final ContentPath path = ContentPath.from("/site/somepath/content");
    when(this.contentService.getByPath(path)).thenThrow(new ContentNotFoundException(path, Branch.from("draft")));
    when(this.contentService.contentExists(path)).thenReturn(true);
    this.request.setContentPath(path);
    final WebException e = assertThrows(WebException.class, () -> authenticatedContext.callWith(() -> this.handler.handle(this.request, PortalResponse.create().build(), null)));
    assertEquals(HttpStatus.FORBIDDEN, e.getStatus());
    assertEquals("You don't have permission to access [/site/somepath/content]", e.getMessage());
}
Also used : Context(com.enonic.xp.context.Context) WebException(com.enonic.xp.web.WebException) ContentNotFoundException(com.enonic.xp.content.ContentNotFoundException) ContentPath(com.enonic.xp.content.ContentPath) AuthenticationInfo(com.enonic.xp.security.auth.AuthenticationInfo) Test(org.junit.jupiter.api.Test)

Example 7 with AuthenticationInfo

use of com.enonic.xp.security.auth.AuthenticationInfo in project xp by enonic.

the class IdProviderFilterTest method testExecuteAuthenticated.

@Test
public void testExecuteAuthenticated() throws Exception {
    final User user = User.create().key(PrincipalKey.ofUser(IdProviderKey.system(), "user1")).displayName("User 1").email("user1@enonic.com").login("user1").build();
    final AuthenticationInfo authenticationInfo = AuthenticationInfo.create().user(user).principals(RoleKeys.ADMIN_LOGIN).build();
    ContextBuilder.create().authInfo(authenticationInfo).build().callWith(() -> {
        final HttpServletRequest httpServletRequest = Mockito.mock(HttpServletRequest.class);
        final HttpServletResponse httpServletResponse = Mockito.mock(HttpServletResponse.class);
        final FilterChain filterChain = Mockito.mock(FilterChain.class);
        idProviderFilter.doHandle(httpServletRequest, httpServletResponse, filterChain);
        Mockito.verify(idProviderControllerService, Mockito.times(0)).execute(Mockito.any());
        return null;
    });
}
Also used : HttpServletRequest(javax.servlet.http.HttpServletRequest) User(com.enonic.xp.security.User) FilterChain(javax.servlet.FilterChain) HttpServletResponse(javax.servlet.http.HttpServletResponse) AuthenticationInfo(com.enonic.xp.security.auth.AuthenticationInfo) Test(org.junit.jupiter.api.Test)

Example 8 with AuthenticationInfo

use of com.enonic.xp.security.auth.AuthenticationInfo in project xp by enonic.

the class SystemRepoInitializer method createAdminContext.

private Context createAdminContext() {
    final User admin = User.create().key(SUPER_USER).login(SUPER_USER.getId()).build();
    final AuthenticationInfo authInfo = AuthenticationInfo.create().principals(RoleKeys.ADMIN).user(admin).build();
    return ContextBuilder.create().branch(SecurityConstants.BRANCH_SECURITY).repositoryId(SystemConstants.SYSTEM_REPO_ID).authInfo(authInfo).build();
}
Also used : User(com.enonic.xp.security.User) AuthenticationInfo(com.enonic.xp.security.auth.AuthenticationInfo)

Example 9 with AuthenticationInfo

use of com.enonic.xp.security.auth.AuthenticationInfo in project xp by enonic.

the class WebExceptionTest method forbidden_403_for_authenticated.

@Test
void forbidden_403_for_authenticated() {
    // for already authenticated users forbidden must not allow ID Provider to re-authenticate
    final AuthenticationInfo authenticationInfo = AuthenticationInfo.create().user(User.ANONYMOUS).build();
    final Context authenticatedContext = ContextBuilder.from(ContextAccessor.current()).authInfo(authenticationInfo).build();
    final WebException webException = authenticatedContext.callWith(() -> WebException.forbidden("some message"));
    assertEquals(HttpStatus.FORBIDDEN, webException.getStatus());
}
Also used : Context(com.enonic.xp.context.Context) AuthenticationInfo(com.enonic.xp.security.auth.AuthenticationInfo) Test(org.junit.jupiter.api.Test)

Example 10 with AuthenticationInfo

use of com.enonic.xp.security.auth.AuthenticationInfo in project xp by enonic.

the class SecurityServiceImplTest method testAuthenticateByUsernamePwd.

@Test
public void testAuthenticateByUsernamePwd() throws Exception {
    runAsAdmin(() -> {
        final CreateUserParams createUser = CreateUserParams.create().userKey(PrincipalKey.ofUser(SYSTEM, "User1")).displayName("User 1").email("user1@enonic.com").login("User1").password("runar").build();
        final User user = securityService.createUser(createUser);
        refresh();
        final UsernamePasswordAuthToken authToken = new UsernamePasswordAuthToken();
        authToken.setUsername("User1");
        authToken.setPassword("runar");
        authToken.setIdProvider(SYSTEM);
        final AuthenticationInfo authInfo = securityService.authenticate(authToken);
        assertTrue(authInfo.isAuthenticated());
        assertEquals(user.getKey(), authInfo.getUser().getKey());
    });
}
Also used : CreateUserParams(com.enonic.xp.security.CreateUserParams) User(com.enonic.xp.security.User) UsernamePasswordAuthToken(com.enonic.xp.security.auth.UsernamePasswordAuthToken) AuthenticationInfo(com.enonic.xp.security.auth.AuthenticationInfo) AbstractElasticsearchIntegrationTest(com.enonic.xp.repo.impl.elasticsearch.AbstractElasticsearchIntegrationTest) Test(org.junit.jupiter.api.Test)

Aggregations

AuthenticationInfo (com.enonic.xp.security.auth.AuthenticationInfo)65 Test (org.junit.jupiter.api.Test)44 User (com.enonic.xp.security.User)17 Context (com.enonic.xp.context.Context)16 Session (com.enonic.xp.session.Session)9 CreateUserParams (com.enonic.xp.security.CreateUserParams)7 AbstractElasticsearchIntegrationTest (com.enonic.xp.repo.impl.elasticsearch.AbstractElasticsearchIntegrationTest)6 IdProviders (com.enonic.xp.security.IdProviders)6 EmailPasswordAuthToken (com.enonic.xp.security.auth.EmailPasswordAuthToken)6 PropertyTree (com.enonic.xp.data.PropertyTree)5 AccessControlList (com.enonic.xp.security.acl.AccessControlList)5 UsernamePasswordAuthToken (com.enonic.xp.security.auth.UsernamePasswordAuthToken)5 VerifiedUsernameAuthToken (com.enonic.xp.security.auth.VerifiedUsernameAuthToken)5 PrincipalKey (com.enonic.xp.security.PrincipalKey)4 SessionMock (com.enonic.xp.session.SessionMock)4 LogAuditLogParams (com.enonic.xp.audit.LogAuditLogParams)2 Content (com.enonic.xp.content.Content)2 ProjectName (com.enonic.xp.project.ProjectName)2 AbstractNodeTest (com.enonic.xp.repo.impl.node.AbstractNodeTest)2 IdProvider (com.enonic.xp.security.IdProvider)2
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial