Examples with UserStoreAuthorizationService com.linkedin.kafka.cruisecontrol.servlet.security.UserStoreAuthorizationService used on opensource projects

Search in sources :

Example 1 with UserStoreAuthorizationService

use of com.linkedin.kafka.cruisecontrol.servlet.security.UserStoreAuthorizationService in project cruise-control by linkedin.

the class JwtLoginServiceTest method testRevalidateTokenFails.

@Test
public void testRevalidateTokenFails() throws Exception {
    UserStore testUserStore = new UserStore();
    testUserStore.addUser(TEST_USER, SecurityUtils.NO_CREDENTIAL, new String[] { "USER" });
    Instant now = Instant.now();
    TokenGenerator.TokenAndKeys tokenAndKeys = TokenGenerator.generateToken(TEST_USER, now.plusSeconds(10).toEpochMilli());
    Clock fixedClock = Clock.fixed(now, ZoneOffset.UTC);
    JwtLoginService loginService = new JwtLoginService(new UserStoreAuthorizationService(testUserStore), tokenAndKeys.publicKey(), null, fixedClock);
    SignedJWT jwtToken = SignedJWT.parse(tokenAndKeys.token());
    HttpServletRequest request = mock(HttpServletRequest.class);
    expect(request.getAttribute(JwtAuthenticator.JWT_TOKEN_REQUEST_ATTRIBUTE)).andReturn(tokenAndKeys.token());
    replay(request);
    UserIdentity identity = loginService.login(TEST_USER, jwtToken, request);
    verify(request);
    assertNotNull(identity);
    assertEquals(TEST_USER, identity.getUserPrincipal().getName());
    loginService.setClock(Clock.offset(fixedClock, Duration.ofSeconds(20)));
    assertFalse(loginService.validate(identity));
}
Also used : HttpServletRequest(javax.servlet.http.HttpServletRequest) UserStore(org.eclipse.jetty.security.UserStore) Instant(java.time.Instant) UserIdentity(org.eclipse.jetty.server.UserIdentity) SignedJWT(com.nimbusds.jwt.SignedJWT) Clock(java.time.Clock) UserStoreAuthorizationService(com.linkedin.kafka.cruisecontrol.servlet.security.UserStoreAuthorizationService) Test(org.junit.Test)

Example 2 with UserStoreAuthorizationService

use of com.linkedin.kafka.cruisecontrol.servlet.security.UserStoreAuthorizationService in project cruise-control by linkedin.

the class JwtLoginServiceTest method testFailExpirationValidation.

@Test
public void testFailExpirationValidation() throws Exception {
    UserStore testUserStore = new UserStore();
    testUserStore.addUser(TEST_USER, SecurityUtils.NO_CREDENTIAL, new String[] { "USER" });
    TokenGenerator.TokenAndKeys tokenAndKeys = TokenGenerator.generateToken(TEST_USER, 1L);
    JwtLoginService loginService = new JwtLoginService(new UserStoreAuthorizationService(testUserStore), tokenAndKeys.publicKey(), null);
    SignedJWT jwtToken = SignedJWT.parse(tokenAndKeys.token());
    HttpServletRequest request = mock(HttpServletRequest.class);
    UserIdentity identity = loginService.login(TEST_USER, jwtToken, request);
    assertNull(identity);
}
Also used : HttpServletRequest(javax.servlet.http.HttpServletRequest) UserStore(org.eclipse.jetty.security.UserStore) UserIdentity(org.eclipse.jetty.server.UserIdentity) SignedJWT(com.nimbusds.jwt.SignedJWT) UserStoreAuthorizationService(com.linkedin.kafka.cruisecontrol.servlet.security.UserStoreAuthorizationService) Test(org.junit.Test)

Example 3 with UserStoreAuthorizationService

use of com.linkedin.kafka.cruisecontrol.servlet.security.UserStoreAuthorizationService in project cruise-control by linkedin.

the class JwtLoginServiceTest method testFailAudienceValidation.

@Test
public void testFailAudienceValidation() throws Exception {
    UserStore testUserStore = new UserStore();
    testUserStore.addUser(TEST_USER, SecurityUtils.NO_CREDENTIAL, new String[] { "USER" });
    TokenGenerator.TokenAndKeys tokenAndKeys = TokenGenerator.generateToken(TEST_USER, Arrays.asList("A", "B"));
    JwtLoginService loginService = new JwtLoginService(new UserStoreAuthorizationService(testUserStore), tokenAndKeys.publicKey(), Arrays.asList("C", "D"));
    SignedJWT jwtToken = SignedJWT.parse(tokenAndKeys.token());
    HttpServletRequest request = mock(HttpServletRequest.class);
    UserIdentity identity = loginService.login(TEST_USER, jwtToken, request);
    assertNull(identity);
}
Also used : HttpServletRequest(javax.servlet.http.HttpServletRequest) UserStore(org.eclipse.jetty.security.UserStore) UserIdentity(org.eclipse.jetty.server.UserIdentity) SignedJWT(com.nimbusds.jwt.SignedJWT) UserStoreAuthorizationService(com.linkedin.kafka.cruisecontrol.servlet.security.UserStoreAuthorizationService) Test(org.junit.Test)

Example 4 with UserStoreAuthorizationService

use of com.linkedin.kafka.cruisecontrol.servlet.security.UserStoreAuthorizationService in project cruise-control by linkedin.

the class JwtLoginServiceTest method testRevalidateTokenPasses.

@Test
public void testRevalidateTokenPasses() throws Exception {
    UserStore testUserStore = new UserStore();
    testUserStore.addUser(TEST_USER, SecurityUtils.NO_CREDENTIAL, new String[] { "USER" });
    TokenGenerator.TokenAndKeys tokenAndKeys = TokenGenerator.generateToken(TEST_USER);
    JwtLoginService loginService = new JwtLoginService(new UserStoreAuthorizationService(testUserStore), tokenAndKeys.publicKey(), null);
    SignedJWT jwtToken = SignedJWT.parse(tokenAndKeys.token());
    HttpServletRequest request = mock(HttpServletRequest.class);
    expect(request.getAttribute(JwtAuthenticator.JWT_TOKEN_REQUEST_ATTRIBUTE)).andReturn(tokenAndKeys.token());
    replay(request);
    UserIdentity identity = loginService.login(TEST_USER, jwtToken, request);
    verify(request);
    assertNotNull(identity);
    assertEquals(TEST_USER, identity.getUserPrincipal().getName());
    assertTrue(loginService.validate(identity));
}
Also used : HttpServletRequest(javax.servlet.http.HttpServletRequest) UserStore(org.eclipse.jetty.security.UserStore) UserIdentity(org.eclipse.jetty.server.UserIdentity) SignedJWT(com.nimbusds.jwt.SignedJWT) UserStoreAuthorizationService(com.linkedin.kafka.cruisecontrol.servlet.security.UserStoreAuthorizationService) Test(org.junit.Test)

Example 5 with UserStoreAuthorizationService

use of com.linkedin.kafka.cruisecontrol.servlet.security.UserStoreAuthorizationService in project cruise-control by linkedin.

the class JwtAuthenticatorTest method testFailedLoginWithUserNotFound.

@Test
public void testFailedLoginWithUserNotFound() throws Exception {
    UserStore testUserStore = new UserStore();
    testUserStore.addUser(TEST_USER_2, SecurityUtils.NO_CREDENTIAL, new String[] { USER_ROLE });
    TokenGenerator.TokenAndKeys tokenAndKeys = TokenGenerator.generateToken(TEST_USER);
    JwtLoginService loginService = new JwtLoginService(new UserStoreAuthorizationService(testUserStore), tokenAndKeys.publicKey(), null);
    Authenticator.AuthConfiguration configuration = mock(Authenticator.AuthConfiguration.class);
    expect(configuration.getLoginService()).andReturn(loginService);
    expect(configuration.getIdentityService()).andReturn(new DefaultIdentityService());
    expect(configuration.isSessionRenewedOnAuthentication()).andReturn(true);
    Request request = niceMock(Request.class);
    expect(request.getMethod()).andReturn(HttpMethod.GET.asString());
    expect(request.getHeader(HttpHeader.AUTHORIZATION.asString())).andReturn(null);
    request.setAttribute(JwtAuthenticator.JWT_TOKEN_REQUEST_ATTRIBUTE, tokenAndKeys.token());
    expectLastCall().andVoid();
    expect(request.getCookies()).andReturn(new Cookie[] { new Cookie(JWT_TOKEN, tokenAndKeys.token()) });
    expect(request.getAttribute(JwtAuthenticator.JWT_TOKEN_REQUEST_ATTRIBUTE)).andReturn(tokenAndKeys.token());
    HttpServletResponse response = mock(HttpServletResponse.class);
    response.setStatus(HttpStatus.UNAUTHORIZED_401);
    expectLastCall().andVoid();
    replay(configuration, request, response);
    JwtAuthenticator authenticator = new JwtAuthenticator(TOKEN_PROVIDER, JWT_TOKEN);
    authenticator.setConfiguration(configuration);
    Authentication authentication = authenticator.validateRequest(request, response, true);
    verify(configuration, request, response);
    assertNotNull(authentication);
    assertEquals(Authentication.SEND_FAILURE, authentication);
}
Also used : Cookie(javax.servlet.http.Cookie) Request(org.eclipse.jetty.server.Request) HttpServletRequest(javax.servlet.http.HttpServletRequest) DefaultIdentityService(org.eclipse.jetty.security.DefaultIdentityService) HttpServletResponse(javax.servlet.http.HttpServletResponse) UserStoreAuthorizationService(com.linkedin.kafka.cruisecontrol.servlet.security.UserStoreAuthorizationService) UserStore(org.eclipse.jetty.security.UserStore) UserAuthentication(org.eclipse.jetty.security.UserAuthentication) Authentication(org.eclipse.jetty.server.Authentication) Authenticator(org.eclipse.jetty.security.Authenticator) Test(org.junit.Test)

Aggregations

UserStoreAuthorizationService (com.linkedin.kafka.cruisecontrol.servlet.security.UserStoreAuthorizationService)10 UserStore (org.eclipse.jetty.security.UserStore)10 Test (org.junit.Test)10 HttpServletRequest (javax.servlet.http.HttpServletRequest)9 UserIdentity (org.eclipse.jetty.server.UserIdentity)7 SignedJWT (com.nimbusds.jwt.SignedJWT)6 Cookie (javax.servlet.http.Cookie)3 HttpServletResponse (javax.servlet.http.HttpServletResponse)3 Authenticator (org.eclipse.jetty.security.Authenticator)3 DefaultIdentityService (org.eclipse.jetty.security.DefaultIdentityService)3 UserAuthentication (org.eclipse.jetty.security.UserAuthentication)3 Request (org.eclipse.jetty.server.Request)3 Authentication (org.eclipse.jetty.server.Authentication)2 Clock (java.time.Clock)1 Instant (java.time.Instant)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial