Examples with SSOToken com.iplanet.sso.SSOToken used on opensource projects

Example 81 with SSOToken

use of com.iplanet.sso.SSOToken in project OpenAM by OpenRock.

the class ScriptConditionTest method successfulEvaluation.

@Test
public void successfulEvaluation() throws EntitlementException, ScriptException, javax.script.ScriptException, IdRepoException, SSOException {
    // Given
    Subject subject = new Subject();
    SSOToken token = mock(SSOToken.class);
    subject.getPrivateCredentials().add(token);
    subject.getPrincipals().add(new AuthSPrincipal("user"));
    Map<String, Set<String>> env = new HashMap<>();
    Map<String, Set<String>> advice = new HashMap<>();
    final ScriptConfiguration configuration = ScriptConfiguration.builder().setId("123-456-789").setName("test-script").setContext(ScriptContext.POLICY_CONDITION).setLanguage(SupportedScriptingLanguage.JAVASCRIPT).setScript("some-script-here").build();
    scriptCondition = new ScriptCondition() {

        @Override
        protected ScriptConfiguration getScriptConfiguration(String realm) throws ScriptException {
            return configuration;
        }
    };
    given(coreWrapper.getIdentity(token)).willReturn(mock(AMIdentity.class));
    // When
    scriptCondition.setScriptId("123-456-789");
    ConditionDecision decision = scriptCondition.evaluate("/abc", subject, "http://a:b/c", env);
    // Then
    // Hard to test true scenario
    assertThat(decision.isSatisfied()).isFalse();
    verify(scriptEvaluator).evaluateScript(scriptObjectCaptor.capture(), bindingsCaptor.capture());
    ScriptObject scriptObject = scriptObjectCaptor.getValue();
    assertThat(scriptObject.getName()).isEqualTo("test-script");
    assertThat(scriptObject.getLanguage()).isEqualTo(SupportedScriptingLanguage.JAVASCRIPT);
    assertThat(scriptObject.getScript()).isEqualTo("some-script-here");
    Bindings bindings = bindingsCaptor.getValue();
    assertThat(bindings.get("logger")).isEqualTo(PolicyConstants.DEBUG);
    assertThat(bindings.get("username")).isEqualTo("user");
    assertThat(bindings.get("resourceURI")).isEqualTo("http://a:b/c");
    assertThat(bindings.get("environment")).isEqualTo(env);
    assertThat(bindings.get("advice")).isEqualTo(advice);
    assertThat(bindings.get("httpClient")).isEqualTo(restletHttpClient);
    assertThat(bindings.get("authorized")).isEqualTo(Boolean.FALSE);
    assertThat(bindings.get("ttl")).isEqualTo(Long.MAX_VALUE);
}

Example 82 with SSOToken

use of com.iplanet.sso.SSOToken in project OpenAM by OpenRock.

the class AuthenticateToServiceConditionTest method conditionShouldEvaluateToTrueWhenEnvironmentDoesNotContainServicesAndRealmIsPresentAndMatches.

@Test
public void conditionShouldEvaluateToTrueWhenEnvironmentDoesNotContainServicesAndRealmIsPresentAndMatches() throws EntitlementException {
    //Given
    String realm = "REALM";
    Subject subject = new Subject();
    String resourceName = "RESOURCE_NAME";
    Map<String, Set<String>> env = new HashMap<String, Set<String>>();
    Set<String> services = new HashSet<String>();
    SSOToken ssoToken = mock(SSOToken.class);
    given(coreWrapper.getDataFromRealmQualifiedData("OTHER_SERVICE_NAME")).willReturn("SERVICE_NAME");
    given(coreWrapper.convertOrgNameToRealmName("REALM")).willReturn("REALM");
    services.add("OTHER_SERVICE_NAME");
    subject.getPrivateCredentials().add(ssoToken);
    given(entitlementCoreWrapper.getRealmQualifiedAuthenticatedServices(ssoToken)).willReturn(services);
    condition.setState("{\"authenticateToService\": \"SERVICE_NAME\"}");
    //When
    ConditionDecision decision = condition.evaluate(realm, subject, resourceName, env);
    //Then
    assertThat(decision.isSatisfied()).isTrue();
    assertThat(decision.getAdvice()).isEmpty();
}

Example 83 with SSOToken

use of com.iplanet.sso.SSOToken in project OpenAM by OpenRock.

the class SessionConditionTest method conditionShouldEvaluateToFalseWhenEnvironmentHasTokenCreationTimeEqualToMaxSessionTime.

@Test
public void conditionShouldEvaluateToFalseWhenEnvironmentHasTokenCreationTimeEqualToMaxSessionTime() throws EntitlementException, SSOException {
    //Given
    String realm = "REALM";
    Subject subject = new Subject();
    String resourceName = "RESOURCE_NAME";
    Map<String, Set<String>> env = new HashMap<String, Set<String>>();
    SSOToken ssoToken = mock(SSOToken.class);
    long now = System.currentTimeMillis();
    long tokenCreationTime = now - (5 * 60000);
    given(timeService.now()).willReturn(now);
    env.put(REQUEST_SESSION_CREATION_TIME, Collections.singleton(tokenCreationTime + ""));
    subject.getPrivateCredentials().add(ssoToken);
    condition.setState("{\"maxSessionTime\": 5, \"terminateSession\": false}");
    //When
    ConditionDecision decision = condition.evaluate(realm, subject, resourceName, env);
    //Then
    assertThat(decision.isSatisfied()).isFalse();
    assertThat(decision.getAdvice()).containsOnly(entry(SESSION_CONDITION_ADVICE, Collections.singleton(ADVICE_DENY)));
    assertThat(decision.getTimeToLive()).isEqualTo(Long.MAX_VALUE);
    verify(coreWrapper, never()).destroyToken(ssoToken);
}

Example 84 with SSOToken

use of com.iplanet.sso.SSOToken in project OpenAM by OpenRock.

the class SessionConditionTest method conditionShouldEvaluateToFalseWhenSSOTokenCreationTimeEqualToMaxSessionTime.

@Test
public void conditionShouldEvaluateToFalseWhenSSOTokenCreationTimeEqualToMaxSessionTime() throws EntitlementException, SSOException {
    //Given
    String realm = "REALM";
    Subject subject = new Subject();
    String resourceName = "RESOURCE_NAME";
    Map<String, Set<String>> env = new HashMap<String, Set<String>>();
    SSOToken ssoToken = mock(SSOToken.class);
    long now = System.currentTimeMillis();
    String tokenCreationTime = DateUtils.dateToString(new Date(now - (5 * 60000)));
    given(timeService.now()).willReturn(now);
    subject.getPrivateCredentials().add(ssoToken);
    given(ssoToken.getProperty("authInstant")).willReturn(tokenCreationTime);
    condition.setState("{\"maxSessionTime\": 5, \"terminateSession\": false}");
    //When
    ConditionDecision decision = condition.evaluate(realm, subject, resourceName, env);
    //Then
    assertThat(decision.isSatisfied()).isFalse();
    assertThat(decision.getAdvice()).containsOnly(entry(SESSION_CONDITION_ADVICE, Collections.singleton(ADVICE_DENY)));
    assertThat(decision.getTimeToLive()).isEqualTo(Long.MAX_VALUE);
    verify(coreWrapper, never()).destroyToken(ssoToken);
}

Example 85 with SSOToken

use of com.iplanet.sso.SSOToken in project OpenAM by OpenRock.

the class AuthenticateToServiceConditionTest method conditionShouldEvaluateToTrueWhenEnvironmentDoesNotContainServicesAndRealmIsPresentAndDoesNotMatch.

@Test
public void conditionShouldEvaluateToTrueWhenEnvironmentDoesNotContainServicesAndRealmIsPresentAndDoesNotMatch() throws EntitlementException {
    //Given
    String realm = "REALM";
    Subject subject = new Subject();
    String resourceName = "RESOURCE_NAME";
    Map<String, Set<String>> env = new HashMap<String, Set<String>>();
    Set<String> services = new HashSet<String>();
    SSOToken ssoToken = mock(SSOToken.class);
    given(coreWrapper.getDataFromRealmQualifiedData("OTHER_SERVICE_NAME")).willReturn("OTHER_SERVICE_NAME");
    given(coreWrapper.convertOrgNameToRealmName("REALM")).willReturn("REALM");
    services.add("OTHER_SERVICE_NAME");
    subject.getPrivateCredentials().add(ssoToken);
    given(entitlementCoreWrapper.getRealmQualifiedAuthenticatedServices(ssoToken)).willReturn(services);
    condition.setState("{\"authenticateToService\": \"SERVICE_NAME\"}");
    //When
    ConditionDecision decision = condition.evaluate(realm, subject, resourceName, env);
    //Then
    assertThat(decision.isSatisfied()).isFalse();
    assertThat(decision.getAdvice()).containsOnly(entry(AUTHENTICATE_TO_SERVICE_CONDITION_ADVICE, Collections.singleton("REALM:SERVICE_NAME")));
}