Examples with LocalAuthoritiesExtractor com.sap.cloud.security.xsuaa.extractor.LocalAuthoritiesExtractor used on opensource projects

Search in sources :

Example 1 with LocalAuthoritiesExtractor

use of com.sap.cloud.security.xsuaa.extractor.LocalAuthoritiesExtractor in project cloud-security-xsuaa-integration by SAP.

the class TokenAuthenticationConverter method setLocalScopeAsAuthorities.

/**
 * This method allows to overwrite the default behavior of the
 * {@link Token#getAuthorities()} implementation.
 *
 * @param extractLocalScopesOnly
 *            true when {@link Token#getAuthorities()} should only extract local
 *            scopes. Local scopes means that non-application specific scopes
 *            are filtered out and scopes are returned without appId prefix,
 *            e.g. "Display". Creates a new converter with a new
 *            {@link LocalAuthoritiesExtractor}
 * @return the token authenticator itself
 */
public TokenAuthenticationConverter setLocalScopeAsAuthorities(boolean extractLocalScopesOnly) {
    if (extractLocalScopesOnly) {
        Assert.state(appId != null, "For local Scope extraction 'appId' must be provided to `TokenAuthenticationConverter`");
        authoritiesExtractor = new LocalAuthoritiesExtractor(appId);
    } else {
        authoritiesExtractor = new DefaultAuthoritiesExtractor();
    }
    return this;
}
Also used : DefaultAuthoritiesExtractor(com.sap.cloud.security.xsuaa.extractor.DefaultAuthoritiesExtractor) LocalAuthoritiesExtractor(com.sap.cloud.security.xsuaa.extractor.LocalAuthoritiesExtractor)

Example 2 with LocalAuthoritiesExtractor

use of com.sap.cloud.security.xsuaa.extractor.LocalAuthoritiesExtractor in project cloud-security-xsuaa-integration by SAP.

the class InitializeSpringSecurityContextTest method initializeSecurityContext_succeeds.

@Test
public void initializeSecurityContext_succeeds() {
    String jwt = new JwtGenerator(clientId, "subdomain").addScopes("openid", appId + ".Display", "otherXSAPP.Display").deriveAudiences(true).getToken().getTokenValue();
    assertThat(SecurityContextHolder.getContext().getAuthentication(), is(nullValue()));
    SpringSecurityContext.init(jwt, jwtDecoder, new LocalAuthoritiesExtractor(appId));
    // test authentication - isAuthenticated()
    Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
    assertThat(authentication, is(notNullValue()));
    assertThat(authentication.isAuthenticated(), is(true));
    // test authorities
    Collection<GrantedAuthority> authorities = (Collection<GrantedAuthority>) authentication.getAuthorities();
    Assert.assertThat(authorities.size(), is(1));
    Assert.assertThat(authorities, hasItem(new SimpleGrantedAuthority("Display")));
    Assert.assertThat(authorities, not(hasItem(new SimpleGrantedAuthority("Other"))));
    // test principal (Token)
    Token token = (Token) SecurityContextHolder.getContext().getAuthentication().getPrincipal();
    assertThat(token.getAuthorities(), is(authorities));
    assertThat(token.getClientId(), is(clientId));
}
Also used : JwtGenerator(com.sap.cloud.security.xsuaa.test.JwtGenerator) SimpleGrantedAuthority(org.springframework.security.core.authority.SimpleGrantedAuthority) LocalAuthoritiesExtractor(com.sap.cloud.security.xsuaa.extractor.LocalAuthoritiesExtractor) Authentication(org.springframework.security.core.Authentication) SimpleGrantedAuthority(org.springframework.security.core.authority.SimpleGrantedAuthority) GrantedAuthority(org.springframework.security.core.GrantedAuthority) Collection(java.util.Collection) Token(com.sap.cloud.security.xsuaa.token.Token) Test(org.junit.Test) SpringBootTest(org.springframework.boot.test.context.SpringBootTest)

Example 3 with LocalAuthoritiesExtractor

use of com.sap.cloud.security.xsuaa.extractor.LocalAuthoritiesExtractor in project cloud-security-xsuaa-integration by SAP.

the class InitializeSpringSecurityContextTest method clearSecurityContext_succeeds.

@Test
public void clearSecurityContext_succeeds() {
    String jwt = new JwtGenerator(clientId, "subdomain").deriveAudiences(true).getToken().getTokenValue();
    SpringSecurityContext.init(jwt, jwtDecoder, new LocalAuthoritiesExtractor(appId));
    SpringSecurityContext.clear();
    assertThat(SecurityContextHolder.getContext().getAuthentication(), is(nullValue()));
}
Also used : JwtGenerator(com.sap.cloud.security.xsuaa.test.JwtGenerator) LocalAuthoritiesExtractor(com.sap.cloud.security.xsuaa.extractor.LocalAuthoritiesExtractor) Test(org.junit.Test) SpringBootTest(org.springframework.boot.test.context.SpringBootTest)

Aggregations

LocalAuthoritiesExtractor (com.sap.cloud.security.xsuaa.extractor.LocalAuthoritiesExtractor)3 JwtGenerator (com.sap.cloud.security.xsuaa.test.JwtGenerator)2 Test (org.junit.Test)2 SpringBootTest (org.springframework.boot.test.context.SpringBootTest)2 DefaultAuthoritiesExtractor (com.sap.cloud.security.xsuaa.extractor.DefaultAuthoritiesExtractor)1 Token (com.sap.cloud.security.xsuaa.token.Token)1 Collection (java.util.Collection)1 Authentication (org.springframework.security.core.Authentication)1 GrantedAuthority (org.springframework.security.core.GrantedAuthority)1 SimpleGrantedAuthority (org.springframework.security.core.authority.SimpleGrantedAuthority)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial