Examples with AuthenticationException com.hortonworks.registries.auth.client.AuthenticationException used on opensource projects

Search in sources :

Example 1 with AuthenticationException

use of com.hortonworks.registries.auth.client.AuthenticationException in project registry by hortonworks.

the class TestAuthenticationFilter method testGetTokenExpired.

@Test
public void testGetTokenExpired() throws Exception {
    AuthenticationFilter filter = new AuthenticationFilter();
    try {
        FilterConfig config = Mockito.mock(FilterConfig.class);
        Mockito.when(config.getInitParameter("management.operation.return")).thenReturn("true");
        Mockito.when(config.getInitParameter(AuthenticationFilter.AUTH_TYPE)).thenReturn(DummyAuthenticationHandler.class.getName());
        Mockito.when(config.getInitParameter(AuthenticationFilter.SIGNATURE_SECRET)).thenReturn("secret");
        Mockito.when(config.getInitParameterNames()).thenReturn(new Vector<String>(Arrays.asList(AuthenticationFilter.AUTH_TYPE, AuthenticationFilter.SIGNATURE_SECRET, "management.operation.return")).elements());
        getMockedServletContextWithStringSigner(config);
        filter.init(config);
        AuthenticationToken token = new AuthenticationToken("u", "p", DummyAuthenticationHandler.TYPE);
        token.setExpires(System.currentTimeMillis() - TOKEN_VALIDITY_SEC);
        SignerSecretProvider secretProvider = StringSignerSecretProviderCreator.newStringSignerSecretProvider();
        Properties secretProviderProps = new Properties();
        secretProviderProps.setProperty(AuthenticationFilter.SIGNATURE_SECRET, "secret");
        secretProvider.init(secretProviderProps, null, TOKEN_VALIDITY_SEC);
        Signer signer = new Signer(secretProvider);
        String tokenSigned = signer.sign(token.toString());
        Cookie cookie = new Cookie(AuthenticatedURL.AUTH_COOKIE, tokenSigned);
        HttpServletRequest request = Mockito.mock(HttpServletRequest.class);
        Mockito.when(request.getCookies()).thenReturn(new Cookie[] { cookie });
        boolean failed = false;
        try {
            filter.getToken(request);
        } catch (AuthenticationException ex) {
            Assert.assertEquals("AuthenticationToken expired", ex.getMessage());
            failed = true;
        } finally {
            Assert.assertTrue("token not expired", failed);
        }
    } finally {
        filter.destroy();
    }
}
Also used : HttpCookie(java.net.HttpCookie) Cookie(javax.servlet.http.Cookie) SignerSecretProvider(com.hortonworks.registries.auth.util.SignerSecretProvider) AuthenticationException(com.hortonworks.registries.auth.client.AuthenticationException) Properties(java.util.Properties) Signer(com.hortonworks.registries.auth.util.Signer) HttpServletRequest(javax.servlet.http.HttpServletRequest) FilterConfig(javax.servlet.FilterConfig) Vector(java.util.Vector) Test(org.junit.Test)

Example 2 with AuthenticationException

use of com.hortonworks.registries.auth.client.AuthenticationException in project registry by hortonworks.

the class TestJWTAuthenticationHandler method testExpiredJWT.

@Test
public void testExpiredJWT() throws Exception {
    try {
        handler.setPublicKey(publicKey);
        Properties props = getProperties();
        handler.init(props);
        SignedJWT jwt = getJWT("bob", new Date(new Date().getTime() - 1000), privateKey);
        Cookie cookie = new Cookie("hadoop-jwt", jwt.serialize());
        HttpServletRequest request = Mockito.mock(HttpServletRequest.class);
        Mockito.when(request.getCookies()).thenReturn(new Cookie[] { cookie });
        Mockito.when(request.getRequestURL()).thenReturn(new StringBuffer(SERVICE_URL));
        HttpServletResponse response = Mockito.mock(HttpServletResponse.class);
        Mockito.when(response.encodeRedirectURL(SERVICE_URL)).thenReturn(SERVICE_URL);
        AuthenticationToken token = handler.alternateAuthenticate(request, response);
        Mockito.verify(response).sendRedirect(REDIRECT_LOCATION);
    } catch (ServletException se) {
        fail("alternateAuthentication should NOT have thrown a ServletException");
    } catch (AuthenticationException ae) {
        fail("alternateAuthentication should NOT have thrown a AuthenticationException");
    }
}
Also used : Cookie(javax.servlet.http.Cookie) HttpServletRequest(javax.servlet.http.HttpServletRequest) ServletException(javax.servlet.ServletException) AuthenticationException(com.hortonworks.registries.auth.client.AuthenticationException) HttpServletResponse(javax.servlet.http.HttpServletResponse) SignedJWT(com.nimbusds.jwt.SignedJWT) Properties(java.util.Properties) Date(java.util.Date) Test(org.junit.Test)

Example 3 with AuthenticationException

use of com.hortonworks.registries.auth.client.AuthenticationException in project registry by hortonworks.

the class TestJWTAuthenticationHandler method testValidAudienceJWT.

@Test
public void testValidAudienceJWT() throws Exception {
    try {
        handler.setPublicKey(publicKey);
        Properties props = getProperties();
        props.put(JWTAuthenticationHandler.EXPECTED_JWT_AUDIENCES, "bar");
        handler.init(props);
        SignedJWT jwt = getJWT("bob", new Date(new Date().getTime() + 5000), privateKey);
        Cookie cookie = new Cookie("hadoop-jwt", jwt.serialize());
        HttpServletRequest request = Mockito.mock(HttpServletRequest.class);
        Mockito.when(request.getCookies()).thenReturn(new Cookie[] { cookie });
        Mockito.when(request.getRequestURL()).thenReturn(new StringBuffer(SERVICE_URL));
        HttpServletResponse response = Mockito.mock(HttpServletResponse.class);
        Mockito.when(response.encodeRedirectURL(SERVICE_URL)).thenReturn(SERVICE_URL);
        AuthenticationToken token = handler.alternateAuthenticate(request, response);
        Assert.assertEquals("bob", token.getUserName());
    } catch (ServletException se) {
        fail("alternateAuthentication should NOT have thrown a ServletException");
    } catch (AuthenticationException ae) {
        fail("alternateAuthentication should NOT have thrown an AuthenticationException");
    }
}
Also used : Cookie(javax.servlet.http.Cookie) HttpServletRequest(javax.servlet.http.HttpServletRequest) ServletException(javax.servlet.ServletException) AuthenticationException(com.hortonworks.registries.auth.client.AuthenticationException) HttpServletResponse(javax.servlet.http.HttpServletResponse) SignedJWT(com.nimbusds.jwt.SignedJWT) Properties(java.util.Properties) Date(java.util.Date) Test(org.junit.Test)

Example 4 with AuthenticationException

use of com.hortonworks.registries.auth.client.AuthenticationException in project registry by hortonworks.

the class TestJWTAuthenticationHandler method testNoPublicKeyJWT.

@Test
public void testNoPublicKeyJWT() throws Exception {
    try {
        Properties props = getProperties();
        handler.init(props);
        SignedJWT jwt = getJWT("bob", new Date(new Date().getTime() + 5000), privateKey);
        Cookie cookie = new Cookie("hadoop-jwt", jwt.serialize());
        HttpServletRequest request = Mockito.mock(HttpServletRequest.class);
        Mockito.when(request.getCookies()).thenReturn(new Cookie[] { cookie });
        Mockito.when(request.getRequestURL()).thenReturn(new StringBuffer(SERVICE_URL));
        HttpServletResponse response = Mockito.mock(HttpServletResponse.class);
        Mockito.when(response.encodeRedirectURL(SERVICE_URL)).thenReturn(SERVICE_URL);
        AuthenticationToken token = handler.alternateAuthenticate(request, response);
        fail("alternateAuthentication should have thrown a ServletException");
    } catch (ServletException se) {
        assertTrue(se.getMessage().contains("Public key for signature validation must be provisioned"));
    } catch (AuthenticationException ae) {
        fail("alternateAuthentication should NOT have thrown a AuthenticationException");
    }
}
Also used : Cookie(javax.servlet.http.Cookie) HttpServletRequest(javax.servlet.http.HttpServletRequest) ServletException(javax.servlet.ServletException) AuthenticationException(com.hortonworks.registries.auth.client.AuthenticationException) HttpServletResponse(javax.servlet.http.HttpServletResponse) SignedJWT(com.nimbusds.jwt.SignedJWT) Properties(java.util.Properties) Date(java.util.Date) Test(org.junit.Test)

Example 5 with AuthenticationException

use of com.hortonworks.registries.auth.client.AuthenticationException in project registry by hortonworks.

the class TestJWTAuthenticationHandler method testNoExpirationJWT.

@Test
public void testNoExpirationJWT() throws Exception {
    try {
        handler.setPublicKey(publicKey);
        Properties props = getProperties();
        handler.init(props);
        SignedJWT jwt = getJWT("bob", null, privateKey);
        Cookie cookie = new Cookie("hadoop-jwt", jwt.serialize());
        HttpServletRequest request = Mockito.mock(HttpServletRequest.class);
        Mockito.when(request.getCookies()).thenReturn(new Cookie[] { cookie });
        Mockito.when(request.getRequestURL()).thenReturn(new StringBuffer(SERVICE_URL));
        HttpServletResponse response = Mockito.mock(HttpServletResponse.class);
        Mockito.when(response.encodeRedirectURL(SERVICE_URL)).thenReturn(SERVICE_URL);
        AuthenticationToken token = handler.alternateAuthenticate(request, response);
        Assert.assertNotNull("Token should not be null.", token);
        Assert.assertEquals("bob", token.getUserName());
    } catch (ServletException se) {
        fail("alternateAuthentication should NOT have thrown a ServletException");
    } catch (AuthenticationException ae) {
        fail("alternateAuthentication should NOT have thrown a AuthenticationException");
    }
}
Also used : Cookie(javax.servlet.http.Cookie) HttpServletRequest(javax.servlet.http.HttpServletRequest) ServletException(javax.servlet.ServletException) AuthenticationException(com.hortonworks.registries.auth.client.AuthenticationException) HttpServletResponse(javax.servlet.http.HttpServletResponse) SignedJWT(com.nimbusds.jwt.SignedJWT) Properties(java.util.Properties) Test(org.junit.Test)

Aggregations

AuthenticationException (com.hortonworks.registries.auth.client.AuthenticationException)19 HttpServletRequest (javax.servlet.http.HttpServletRequest)15 ServletException (javax.servlet.ServletException)13 Cookie (javax.servlet.http.Cookie)13 HttpServletResponse (javax.servlet.http.HttpServletResponse)13 Test (org.junit.Test)13 Properties (java.util.Properties)12 SignedJWT (com.nimbusds.jwt.SignedJWT)10 Date (java.util.Date)9 Signer (com.hortonworks.registries.auth.util.Signer)2 SignerSecretProvider (com.hortonworks.registries.auth.util.SignerSecretProvider)2 IOException (java.io.IOException)2 HttpCookie (java.net.HttpCookie)2 KeyPair (java.security.KeyPair)2 KeyPairGenerator (java.security.KeyPairGenerator)2 PrivilegedActionException (java.security.PrivilegedActionException)2 PrivilegedExceptionAction (java.security.PrivilegedExceptionAction)2 RSAPublicKey (java.security.interfaces.RSAPublicKey)2 Vector (java.util.Vector)2 FilterConfig (javax.servlet.FilterConfig)2
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial