Search in sources :

Example 1 with Session

use of com.enonic.xp.session.Session in project xp by enonic.

the class LoginHandlerTest method testLoginMultipleIdProvidersInOrder.

@Test
public void testLoginMultipleIdProvidersInOrder() {
    final IdProvider idProvider1 = IdProvider.create().displayName("Id Provider 1").key(IdProviderKey.from("idprovider1")).build();
    final IdProvider idProvider3 = IdProvider.create().displayName("Id Provider 3").key(IdProviderKey.from("idprovider3")).build();
    final IdProvider idProvider2 = IdProvider.create().displayName("Id Provider 2").key(IdProviderKey.from("idprovider2")).build();
    final IdProviders idProviders = IdProviders.from(idProvider1, idProvider3, idProvider2);
    final AuthenticationInfo authInfo = TestDataFixtures.createAuthenticationInfo();
    final EmailPasswordAuthToken expectedAuthToken = new EmailPasswordAuthToken();
    expectedAuthToken.setEmail("user1@enonic.com");
    expectedAuthToken.setPassword("pwd123");
    expectedAuthToken.setIdProvider(idProvider3.getKey());
    final AuthTokenMatcher matcher = new AuthTokenMatcher(expectedAuthToken);
    Mockito.when(this.securityService.authenticate(Mockito.argThat(matcher))).thenReturn(authInfo);
    Mockito.when(this.securityService.getIdProviders()).thenReturn(idProviders);
    runFunction("/test/login-test.js", "loginMultipleIdProvidersInOrder");
    final Session session = ContextAccessor.current().getLocalScope().getSession();
    final AuthenticationInfo sessionAuthInfo = session.getAttribute(AuthenticationInfo.class);
    assertEquals(authInfo, sessionAuthInfo);
    assertEquals(3, matcher.loginIdProviderAttempts.size());
    assertEquals("idprovider1", matcher.loginIdProviderAttempts.get(0).toString());
    assertEquals("idprovider2", matcher.loginIdProviderAttempts.get(1).toString());
    assertEquals("idprovider3", matcher.loginIdProviderAttempts.get(2).toString());
}
Also used : IdProviders(com.enonic.xp.security.IdProviders) IdProvider(com.enonic.xp.security.IdProvider) EmailPasswordAuthToken(com.enonic.xp.security.auth.EmailPasswordAuthToken) AuthenticationInfo(com.enonic.xp.security.auth.AuthenticationInfo) Session(com.enonic.xp.session.Session) Test(org.junit.jupiter.api.Test)

Example 2 with Session

use of com.enonic.xp.session.Session in project xp by enonic.

the class LoginHandlerTest method testInvalidLogin.

@Test
public void testInvalidLogin() {
    final AuthenticationInfo authInfo = AuthenticationInfo.unAuthenticated();
    Mockito.when(this.securityService.authenticate(Mockito.any())).thenReturn(authInfo);
    runFunction("/test/login-test.js", "invalidLogin");
    final Session session = ContextAccessor.current().getLocalScope().getSession();
    final AuthenticationInfo sessionAuthInfo = session.getAttribute(AuthenticationInfo.class);
    assertNull(sessionAuthInfo);
}
Also used : AuthenticationInfo(com.enonic.xp.security.auth.AuthenticationInfo) Session(com.enonic.xp.session.Session) Test(org.junit.jupiter.api.Test)

Example 3 with Session

use of com.enonic.xp.session.Session in project xp by enonic.

the class IdProviderRequestWrapperTest method isUserInRole.

@Test
void isUserInRole() {
    final User user = User.create().key(PrincipalKey.ofUser(IdProviderKey.createDefault(), "userId")).login("usr").build();
    final AuthenticationInfo authenticationInfo = AuthenticationInfo.create().user(user).principals(RoleKeys.ADMIN).build();
    final Context context = ContextBuilder.create().build();
    final Session session = new SessionMock();
    context.getLocalScope().setSession(session);
    session.setAttribute(authenticationInfo);
    final Boolean isAdmin = context.callWith(() -> new IdProviderRequestWrapper(request).isUserInRole(RoleKeys.ADMIN.getId()));
    assertTrue(isAdmin);
    verifyNoInteractions(request);
}
Also used : Context(com.enonic.xp.context.Context) User(com.enonic.xp.security.User) AuthenticationInfo(com.enonic.xp.security.auth.AuthenticationInfo) Session(com.enonic.xp.session.Session) SessionMock(com.enonic.xp.session.SessionMock) Test(org.junit.jupiter.api.Test)

Example 4 with Session

use of com.enonic.xp.session.Session in project xp by enonic.

the class IdProviderRequestWrapperTest method getUserPrincipal.

@Test
void getUserPrincipal() {
    final User user = User.create().key(PrincipalKey.ofUser(IdProviderKey.createDefault(), "userId")).login("usr").build();
    final AuthenticationInfo authenticationInfo = AuthenticationInfo.create().user(user).build();
    final Context context = ContextBuilder.create().build();
    final Session session = new SessionMock();
    context.getLocalScope().setSession(session);
    session.setAttribute(authenticationInfo);
    final Principal principal = context.callWith(() -> new IdProviderRequestWrapper(request).getUserPrincipal());
    assertEquals(principal, user);
    verifyNoInteractions(request);
}
Also used : Context(com.enonic.xp.context.Context) User(com.enonic.xp.security.User) AuthenticationInfo(com.enonic.xp.security.auth.AuthenticationInfo) Principal(java.security.Principal) Session(com.enonic.xp.session.Session) SessionMock(com.enonic.xp.session.SessionMock) Test(org.junit.jupiter.api.Test)

Example 5 with Session

use of com.enonic.xp.session.Session in project xp by enonic.

the class ContextBuilder method mergeLocalScopeAttributes.

private static HashMap<String, Object> mergeLocalScopeAttributes(final LocalScope localScope) {
    final Map<String, Object> localAttributes = localScope.getAttributes();
    final Session session = localScope.getSession();
    final Map<String, Object> sessionAttributes = session == null ? Map.of() : session.getAttributes();
    return Stream.of(localAttributes, sessionAttributes).flatMap(map -> map.entrySet().stream()).collect(Collectors.toMap(Map.Entry::getKey, Map.Entry::getValue, (v1, v2) -> v1, HashMap::new));
}
Also used : PublicApi(com.enonic.xp.annotation.PublicApi) Stream(java.util.stream.Stream) RepositoryId(com.enonic.xp.repository.RepositoryId) ImmutableMap(com.google.common.collect.ImmutableMap) Map(java.util.Map) HashMap(java.util.HashMap) AuthenticationInfo(com.enonic.xp.security.auth.AuthenticationInfo) Collectors(java.util.stream.Collectors) Branch(com.enonic.xp.branch.Branch) Session(com.enonic.xp.session.Session) ImmutableMap(com.google.common.collect.ImmutableMap) Map(java.util.Map) HashMap(java.util.HashMap) Session(com.enonic.xp.session.Session)

Aggregations

Session (com.enonic.xp.session.Session)14 AuthenticationInfo (com.enonic.xp.security.auth.AuthenticationInfo)11 Test (org.junit.jupiter.api.Test)10 SessionMock (com.enonic.xp.session.SessionMock)4 Context (com.enonic.xp.context.Context)3 User (com.enonic.xp.security.User)3 LocalScope (com.enonic.xp.context.LocalScope)2 IdProviders (com.enonic.xp.security.IdProviders)2 HashMap (java.util.HashMap)2 Map (java.util.Map)2 Collectors (java.util.stream.Collectors)2 Stream (java.util.stream.Stream)2 LoginResultJson (com.enonic.xp.admin.impl.rest.resource.auth.json.LoginResultJson)1 PublicApi (com.enonic.xp.annotation.PublicApi)1 Branch (com.enonic.xp.branch.Branch)1 PrincipalMapper (com.enonic.xp.lib.common.PrincipalMapper)1 RepositoryId (com.enonic.xp.repository.RepositoryId)1 MapGenerator (com.enonic.xp.script.serializer.MapGenerator)1 MapSerializable (com.enonic.xp.script.serializer.MapSerializable)1 IdProvider (com.enonic.xp.security.IdProvider)1