Examples with UserStoreAuthorizationService com.linkedin.kafka.cruisecontrol.servlet.security.UserStoreAuthorizationService used on opensource projects

Search in sources :

Example 6 with UserStoreAuthorizationService

use of com.linkedin.kafka.cruisecontrol.servlet.security.UserStoreAuthorizationService in project cruise-control by linkedin.

the class JwtAuthenticatorTest method testFailedLoginWithInvalidToken.

@Test
public void testFailedLoginWithInvalidToken() throws Exception {
    UserStore testUserStore = new UserStore();
    testUserStore.addUser(TEST_USER_2, SecurityUtils.NO_CREDENTIAL, new String[] { USER_ROLE });
    TokenGenerator.TokenAndKeys tokenAndKeys = TokenGenerator.generateToken(TEST_USER);
    TokenGenerator.TokenAndKeys tokenAndKeys2 = TokenGenerator.generateToken(TEST_USER);
    JwtLoginService loginService = new JwtLoginService(new UserStoreAuthorizationService(testUserStore), tokenAndKeys.publicKey(), null);
    Authenticator.AuthConfiguration configuration = mock(Authenticator.AuthConfiguration.class);
    expect(configuration.getLoginService()).andReturn(loginService);
    expect(configuration.getIdentityService()).andReturn(new DefaultIdentityService());
    expect(configuration.isSessionRenewedOnAuthentication()).andReturn(true);
    Request request = niceMock(Request.class);
    expect(request.getMethod()).andReturn(HttpMethod.GET.asString());
    expect(request.getHeader(HttpHeader.AUTHORIZATION.asString())).andReturn(null);
    request.setAttribute(JwtAuthenticator.JWT_TOKEN_REQUEST_ATTRIBUTE, tokenAndKeys2.token());
    expectLastCall().andVoid();
    expect(request.getCookies()).andReturn(new Cookie[] { new Cookie(JWT_TOKEN, tokenAndKeys2.token()) });
    HttpServletResponse response = mock(HttpServletResponse.class);
    response.setStatus(HttpStatus.UNAUTHORIZED_401);
    expectLastCall().andVoid();
    replay(configuration, request, response);
    JwtAuthenticator authenticator = new JwtAuthenticator(TOKEN_PROVIDER, JWT_TOKEN);
    authenticator.setConfiguration(configuration);
    Authentication authentication = authenticator.validateRequest(request, response, true);
    verify(configuration, request, response);
    assertNotNull(authentication);
    assertEquals(Authentication.SEND_FAILURE, authentication);
}
Also used : Cookie(javax.servlet.http.Cookie) Request(org.eclipse.jetty.server.Request) HttpServletRequest(javax.servlet.http.HttpServletRequest) DefaultIdentityService(org.eclipse.jetty.security.DefaultIdentityService) HttpServletResponse(javax.servlet.http.HttpServletResponse) UserStoreAuthorizationService(com.linkedin.kafka.cruisecontrol.servlet.security.UserStoreAuthorizationService) UserStore(org.eclipse.jetty.security.UserStore) UserAuthentication(org.eclipse.jetty.security.UserAuthentication) Authentication(org.eclipse.jetty.server.Authentication) Authenticator(org.eclipse.jetty.security.Authenticator) Test(org.junit.Test)

Example 7 with UserStoreAuthorizationService

use of com.linkedin.kafka.cruisecontrol.servlet.security.UserStoreAuthorizationService in project cruise-control by linkedin.

the class JwtAuthenticatorTest method testSuccessfulLogin.

@Test
public void testSuccessfulLogin() throws Exception {
    UserStore testUserStore = new UserStore();
    testUserStore.addUser(TEST_USER, SecurityUtils.NO_CREDENTIAL, new String[] { USER_ROLE });
    TokenGenerator.TokenAndKeys tokenAndKeys = TokenGenerator.generateToken(TEST_USER);
    JwtLoginService loginService = new JwtLoginService(new UserStoreAuthorizationService(testUserStore), tokenAndKeys.publicKey(), null);
    Authenticator.AuthConfiguration configuration = mock(Authenticator.AuthConfiguration.class);
    expect(configuration.getLoginService()).andReturn(loginService);
    expect(configuration.getIdentityService()).andReturn(new DefaultIdentityService());
    expect(configuration.isSessionRenewedOnAuthentication()).andReturn(true);
    Request request = niceMock(Request.class);
    expect(request.getMethod()).andReturn(HttpMethod.GET.asString());
    expect(request.getHeader(HttpHeader.AUTHORIZATION.asString())).andReturn(null);
    request.setAttribute(JwtAuthenticator.JWT_TOKEN_REQUEST_ATTRIBUTE, tokenAndKeys.token());
    expectLastCall().andVoid();
    expect(request.getCookies()).andReturn(new Cookie[] { new Cookie(JWT_TOKEN, tokenAndKeys.token()) });
    expect(request.getAttribute(JwtAuthenticator.JWT_TOKEN_REQUEST_ATTRIBUTE)).andReturn(tokenAndKeys.token());
    HttpServletResponse response = mock(HttpServletResponse.class);
    replay(configuration, request, response);
    JwtAuthenticator authenticator = new JwtAuthenticator(TOKEN_PROVIDER, JWT_TOKEN);
    authenticator.setConfiguration(configuration);
    UserAuthentication authentication = (UserAuthentication) authenticator.validateRequest(request, response, true);
    verify(configuration, request, response);
    assertNotNull(authentication);
    assertThat(authentication.getUserIdentity().getUserPrincipal(), instanceOf(JwtUserPrincipal.class));
    JwtUserPrincipal userPrincipal = (JwtUserPrincipal) authentication.getUserIdentity().getUserPrincipal();
    assertEquals(TEST_USER, userPrincipal.getName());
    assertEquals(tokenAndKeys.token(), userPrincipal.getSerializedToken());
}
Also used : Cookie(javax.servlet.http.Cookie) Request(org.eclipse.jetty.server.Request) HttpServletRequest(javax.servlet.http.HttpServletRequest) DefaultIdentityService(org.eclipse.jetty.security.DefaultIdentityService) HttpServletResponse(javax.servlet.http.HttpServletResponse) UserStoreAuthorizationService(com.linkedin.kafka.cruisecontrol.servlet.security.UserStoreAuthorizationService) UserAuthentication(org.eclipse.jetty.security.UserAuthentication) UserStore(org.eclipse.jetty.security.UserStore) Authenticator(org.eclipse.jetty.security.Authenticator) Test(org.junit.Test)

Example 8 with UserStoreAuthorizationService

use of com.linkedin.kafka.cruisecontrol.servlet.security.UserStoreAuthorizationService in project cruise-control by linkedin.

the class JwtLoginServiceTest method testValidateTokenSuccessfully.

@Test
public void testValidateTokenSuccessfully() throws Exception {
    UserStore testUserStore = new UserStore();
    testUserStore.addUser(TEST_USER, SecurityUtils.NO_CREDENTIAL, new String[] { "USER" });
    TokenGenerator.TokenAndKeys tokenAndKeys = TokenGenerator.generateToken(TEST_USER);
    JwtLoginService loginService = new JwtLoginService(new UserStoreAuthorizationService(testUserStore), tokenAndKeys.publicKey(), null);
    SignedJWT jwtToken = SignedJWT.parse(tokenAndKeys.token());
    HttpServletRequest request = mock(HttpServletRequest.class);
    expect(request.getAttribute(JwtAuthenticator.JWT_TOKEN_REQUEST_ATTRIBUTE)).andReturn(tokenAndKeys.token());
    replay(request);
    UserIdentity identity = loginService.login(TEST_USER, jwtToken, request);
    verify(request);
    assertNotNull(identity);
    assertEquals(TEST_USER, identity.getUserPrincipal().getName());
}
Also used : HttpServletRequest(javax.servlet.http.HttpServletRequest) UserStore(org.eclipse.jetty.security.UserStore) UserIdentity(org.eclipse.jetty.server.UserIdentity) SignedJWT(com.nimbusds.jwt.SignedJWT) UserStoreAuthorizationService(com.linkedin.kafka.cruisecontrol.servlet.security.UserStoreAuthorizationService) Test(org.junit.Test)

Example 9 with UserStoreAuthorizationService

use of com.linkedin.kafka.cruisecontrol.servlet.security.UserStoreAuthorizationService in project cruise-control by linkedin.

the class JwtLoginServiceTest method testFailSignatureValidation.

@Test
public void testFailSignatureValidation() throws Exception {
    UserStore testUserStore = new UserStore();
    testUserStore.addUser(TEST_USER, SecurityUtils.NO_CREDENTIAL, new String[] { "USER" });
    TokenGenerator.TokenAndKeys tokenAndKeys = TokenGenerator.generateToken(TEST_USER);
    // This will be signed with a different key
    TokenGenerator.TokenAndKeys tokenAndKeys2 = TokenGenerator.generateToken(TEST_USER);
    JwtLoginService loginService = new JwtLoginService(new UserStoreAuthorizationService(testUserStore), tokenAndKeys2.publicKey(), null);
    SignedJWT jwtToken = SignedJWT.parse(tokenAndKeys.token());
    HttpServletRequest request = mock(HttpServletRequest.class);
    UserIdentity identity = loginService.login(TEST_USER, jwtToken, request);
    assertNull(identity);
}
Also used : HttpServletRequest(javax.servlet.http.HttpServletRequest) UserStore(org.eclipse.jetty.security.UserStore) UserIdentity(org.eclipse.jetty.server.UserIdentity) SignedJWT(com.nimbusds.jwt.SignedJWT) UserStoreAuthorizationService(com.linkedin.kafka.cruisecontrol.servlet.security.UserStoreAuthorizationService) Test(org.junit.Test)

Example 10 with UserStoreAuthorizationService

use of com.linkedin.kafka.cruisecontrol.servlet.security.UserStoreAuthorizationService in project cruise-control by linkedin.

the class SpnegoUserStoreAuthorizationServiceTest method testPrincipalNames.

@Test
public void testPrincipalNames() {
    UserStore users = new UserStore();
    users.addUser(TEST_USER, SecurityUtils.NO_CREDENTIAL, new String[] { DefaultRoleSecurityProvider.ADMIN });
    UserStoreAuthorizationService usas = new SpnegoUserStoreAuthorizationService(users);
    UserIdentity result = usas.getUserIdentity(null, TEST_USER + "/host@REALM");
    assertNotNull(result);
    assertEquals(TEST_USER, result.getUserPrincipal().getName());
    result = usas.getUserIdentity(null, TEST_USER + "@REALM");
    assertNotNull(result);
    assertEquals(TEST_USER, result.getUserPrincipal().getName());
    result = usas.getUserIdentity(null, TEST_USER + "/host");
    assertNotNull(result);
    assertEquals(TEST_USER, result.getUserPrincipal().getName());
    result = usas.getUserIdentity(null, TEST_USER);
    assertNotNull(result);
    assertEquals(TEST_USER, result.getUserPrincipal().getName());
}
Also used : UserStore(org.eclipse.jetty.security.UserStore) UserIdentity(org.eclipse.jetty.server.UserIdentity) UserStoreAuthorizationService(com.linkedin.kafka.cruisecontrol.servlet.security.UserStoreAuthorizationService) Test(org.junit.Test)

Aggregations

UserStoreAuthorizationService (com.linkedin.kafka.cruisecontrol.servlet.security.UserStoreAuthorizationService)10 UserStore (org.eclipse.jetty.security.UserStore)10 Test (org.junit.Test)10 HttpServletRequest (javax.servlet.http.HttpServletRequest)9 UserIdentity (org.eclipse.jetty.server.UserIdentity)7 SignedJWT (com.nimbusds.jwt.SignedJWT)6 Cookie (javax.servlet.http.Cookie)3 HttpServletResponse (javax.servlet.http.HttpServletResponse)3 Authenticator (org.eclipse.jetty.security.Authenticator)3 DefaultIdentityService (org.eclipse.jetty.security.DefaultIdentityService)3 UserAuthentication (org.eclipse.jetty.security.UserAuthentication)3 Request (org.eclipse.jetty.server.Request)3 Authentication (org.eclipse.jetty.server.Authentication)2 Clock (java.time.Clock)1 Instant (java.time.Instant)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial