Examples with CerberusAuthToken com.nike.cerberus.domain.CerberusAuthToken used on opensource projects

Example 11 with CerberusAuthToken

use of com.nike.cerberus.domain.CerberusAuthToken in project cerberus by Nike-Inc.

the class AuthTokenServiceTest method test_that_generateToken_attempts_to_write_a_jwt_and_returns_proper_object.

@Test
public void test_that_generateToken_attempts_to_write_a_jwt_and_returns_proper_object() throws AuthTokenTooLongException {
    String id = UUID.randomUUID().toString();
    String expectedTokenId = "abc-123-def-456";
    OffsetDateTime now = OffsetDateTime.now();
    String principal = "test-user@domain.com";
    String groups = "group1,group2,group3";
    when(tokenFlag.getIssueType()).thenReturn(AuthTokenIssueType.JWT);
    when(uuidSupplier.get()).thenReturn(id);
    when(jwtService.generateJwtToken(any())).thenReturn(expectedTokenId);
    when(dateTimeSupplier.get()).thenReturn(now);
    CerberusAuthToken token = authTokenService.generateToken(principal, PrincipalType.USER, false, groups, 5, 0);
    assertEquals("The token should have the un-hashed value returned", expectedTokenId, token.getToken());
    assertEquals("The token should have a created date of now", now, token.getCreated());
    assertEquals("The token should expire ttl minutes after now", now.plusMinutes(5), token.getExpires());
    assertEquals("The token should have the proper principal", principal, token.getPrincipal());
    assertEquals("The token should be the principal type that was passed in", PrincipalType.USER, token.getPrincipalType());
    assertEquals("The token should not have access to admin endpoints", false, token.isAdmin());
    assertEquals("The token should have the groups that where passed in", groups, token.getGroups());
    assertEquals("The newly created token should have a refresh count of 0", 0, token.getRefreshCount());
}

Example 12 with CerberusAuthToken

use of com.nike.cerberus.domain.CerberusAuthToken in project cerberus by Nike-Inc.

the class AuthenticationService method createToken.

private AuthTokenResponse createToken(String principal, PrincipalType principalType, Map<String, String> metadata, String vaultStyleTTL) {
    PeriodFormatter formatter = new PeriodFormatterBuilder().appendHours().appendSuffix("h").appendMinutes().appendSuffix("m").toFormatter();
    Period ttl = formatter.parsePeriod(vaultStyleTTL);
    long ttlInMinutes = ttl.toStandardMinutes().getMinutes();
    // todo eliminate this data coming from a map which may or may not contain the data and force
    // the data to be
    // required as method parameters
    boolean isAdmin = Boolean.valueOf(metadata.get(METADATA_KEY_IS_ADMIN));
    String groups = metadata.get(METADATA_KEY_GROUPS);
    int refreshCount = Integer.parseInt(metadata.getOrDefault(METADATA_KEY_TOKEN_REFRESH_COUNT, "0"));
    CerberusAuthToken tokenResult = authTokenService.generateToken(principal, principalType, isAdmin, groups, ttlInMinutes, refreshCount);
    return new AuthTokenResponse().setClientToken(tokenResult.getToken()).setPolicies(Collections.emptySet()).setMetadata(metadata).setLeaseDuration(Duration.between(tokenResult.getCreated(), tokenResult.getExpires()).getSeconds()).setRenewable(PrincipalType.USER.equals(principalType));
}