Search in sources :

Example 11 with AuthenticationInfo

use of com.enonic.xp.security.auth.AuthenticationInfo in project xp by enonic.

the class SecurityServiceImplTest method testAuthenticateByEmail.

@Test
public void testAuthenticateByEmail() throws Exception {
    runAsAdmin(() -> {
        final CreateUserParams createUser = CreateUserParams.create().userKey(PrincipalKey.ofUser(SYSTEM, "User1")).displayName("User 1").email("user1@enonic.com").login("User1").password("password").build();
        final User user = securityService.createUser(createUser);
        refresh();
        final VerifiedEmailAuthToken authToken = new VerifiedEmailAuthToken();
        authToken.setEmail("user1@enonic.com");
        authToken.setIdProvider(SYSTEM);
        final AuthenticationInfo authInfo = securityService.authenticate(authToken);
        assertTrue(authInfo.isAuthenticated());
        assertEquals(user.getKey(), authInfo.getUser().getKey());
    });
}
Also used : CreateUserParams(com.enonic.xp.security.CreateUserParams) User(com.enonic.xp.security.User) VerifiedEmailAuthToken(com.enonic.xp.security.auth.VerifiedEmailAuthToken) AuthenticationInfo(com.enonic.xp.security.auth.AuthenticationInfo) AbstractElasticsearchIntegrationTest(com.enonic.xp.repo.impl.elasticsearch.AbstractElasticsearchIntegrationTest) Test(org.junit.jupiter.api.Test)

Example 12 with AuthenticationInfo

use of com.enonic.xp.security.auth.AuthenticationInfo in project xp by enonic.

the class SecurityServiceImplTest method testAuthenticateByEmailPwd.

@Test
public void testAuthenticateByEmailPwd() throws Exception {
    runAsAdmin(() -> {
        final CreateUserParams createUser = CreateUserParams.create().userKey(PrincipalKey.ofUser(SYSTEM, "User1")).displayName("User 1").email("user1@enonic.com").login("User1").password("password").build();
        final User user = securityService.createUser(createUser);
        refresh();
        final EmailPasswordAuthToken authToken = new EmailPasswordAuthToken();
        authToken.setEmail("user1@enonic.com");
        authToken.setPassword("password");
        authToken.setIdProvider(SYSTEM);
        final AuthenticationInfo authInfo = securityService.authenticate(authToken);
        assertTrue(authInfo.isAuthenticated());
        assertEquals(user.getKey(), authInfo.getUser().getKey());
    });
}
Also used : CreateUserParams(com.enonic.xp.security.CreateUserParams) User(com.enonic.xp.security.User) EmailPasswordAuthToken(com.enonic.xp.security.auth.EmailPasswordAuthToken) AuthenticationInfo(com.enonic.xp.security.auth.AuthenticationInfo) AbstractElasticsearchIntegrationTest(com.enonic.xp.repo.impl.elasticsearch.AbstractElasticsearchIntegrationTest) Test(org.junit.jupiter.api.Test)

Example 13 with AuthenticationInfo

use of com.enonic.xp.security.auth.AuthenticationInfo in project xp by enonic.

the class JsonExceptionMapper method createContextJson.

private static ObjectNode createContextJson() {
    final Context context = ContextAccessor.current();
    final AuthenticationInfo authInfo = context.getAuthInfo();
    final ObjectNode node = JsonNodeFactory.instance.objectNode();
    node.put("authenticated", (authInfo != null) && authInfo.isAuthenticated());
    final ArrayNode principals = node.putArray("principals");
    if (authInfo != null) {
        for (final PrincipalKey principal : authInfo.getPrincipals()) {
            principals.add(principal.toString());
        }
    }
    return node;
}
Also used : Context(com.enonic.xp.context.Context) ObjectNode(com.fasterxml.jackson.databind.node.ObjectNode) ArrayNode(com.fasterxml.jackson.databind.node.ArrayNode) PrincipalKey(com.enonic.xp.security.PrincipalKey) AuthenticationInfo(com.enonic.xp.security.auth.AuthenticationInfo)

Example 14 with AuthenticationInfo

use of com.enonic.xp.security.auth.AuthenticationInfo in project xp by enonic.

the class ContextScriptTest method initialize.

@Override
protected void initialize() throws Exception {
    super.initialize();
    final SecurityService securityService = Mockito.mock(SecurityService.class);
    addService(SecurityService.class, securityService);
    final User user = User.create().login(PrincipalKey.ofSuperUser().getId()).displayName("Super User").key(PrincipalKey.ofSuperUser()).build();
    final AuthenticationInfo authInfo = AuthenticationInfo.create().user(user).principals(RoleKeys.ADMIN, RoleKeys.EVERYONE).build();
    Mockito.when(securityService.authenticate(Mockito.any())).thenReturn(authInfo);
}
Also used : User(com.enonic.xp.security.User) SecurityService(com.enonic.xp.security.SecurityService) AuthenticationInfo(com.enonic.xp.security.auth.AuthenticationInfo)

Example 15 with AuthenticationInfo

use of com.enonic.xp.security.auth.AuthenticationInfo in project xp by enonic.

the class IdProviderFilter method doHandle.

@Override
protected void doHandle(final HttpServletRequest req, final HttpServletResponse res, final FilterChain chain) throws Exception {
    // If the current user is not authenticated
    final AuthenticationInfo authInfo = ContextAccessor.current().getAuthInfo();
    if (!authInfo.isAuthenticated()) {
        // Executes the function autoLogin of the IdProvider
        IdProviderControllerExecutionParams executionParams = IdProviderControllerExecutionParams.create().functionName("autoLogin").servletRequest(req).build();
        idProviderControllerService.execute(executionParams);
    }
    // Wraps the response to handle 403 errors
    final IdProviderResponseWrapper responseWrapper = new IdProviderResponseWrapper(idProviderControllerService, req, res);
    final IdProviderRequestWrapper requestWrapper = new IdProviderRequestWrapper(req);
    chain.doFilter(requestWrapper, responseWrapper);
}
Also used : AuthenticationInfo(com.enonic.xp.security.auth.AuthenticationInfo) IdProviderControllerExecutionParams(com.enonic.xp.portal.idprovider.IdProviderControllerExecutionParams)

Aggregations

AuthenticationInfo (com.enonic.xp.security.auth.AuthenticationInfo)67 Test (org.junit.jupiter.api.Test)44 Context (com.enonic.xp.context.Context)17 User (com.enonic.xp.security.User)17 Session (com.enonic.xp.session.Session)9 CreateUserParams (com.enonic.xp.security.CreateUserParams)7 AbstractElasticsearchIntegrationTest (com.enonic.xp.repo.impl.elasticsearch.AbstractElasticsearchIntegrationTest)6 IdProviders (com.enonic.xp.security.IdProviders)6 EmailPasswordAuthToken (com.enonic.xp.security.auth.EmailPasswordAuthToken)6 VerifiedUsernameAuthToken (com.enonic.xp.security.auth.VerifiedUsernameAuthToken)6 PropertyTree (com.enonic.xp.data.PropertyTree)5 AccessControlList (com.enonic.xp.security.acl.AccessControlList)5 UsernamePasswordAuthToken (com.enonic.xp.security.auth.UsernamePasswordAuthToken)5 PrincipalKey (com.enonic.xp.security.PrincipalKey)4 SessionMock (com.enonic.xp.session.SessionMock)4 LogAuditLogParams (com.enonic.xp.audit.LogAuditLogParams)2 Content (com.enonic.xp.content.Content)2 ProjectName (com.enonic.xp.project.ProjectName)2 AbstractNodeTest (com.enonic.xp.repo.impl.node.AbstractNodeTest)2 IdProvider (com.enonic.xp.security.IdProvider)2