use of com.sun.jersey.spi.container.ContainerRequest in project simba-os by cegeka.
the class SimbaCredentialsFactoryTest method create_BasicAuthentication_DecodesAndCreatesCredentials.
@Test
public void create_BasicAuthentication_DecodesAndCreatesCredentials() throws Exception {
String username = "emanresu";
String password = "drowssap";
String digest = username + ":" + password;
byte[] encodedDigest = Base64.encode(digest);
String basicAuthString = "basic " + new String(encodedDigest);
ContainerRequest containerRequest = new ContainerRequestBuilderForTests().addHeader(AUTHORIZATION, basicAuthString).withRequestUri(URI.create("http://rest.wayneindustries.com/v1/bats?format=timeseries")).withHttpMethod(HttpMethods.GET).build();
SimbaCredentials expected = new SimbaCredentialsBuilderForTests().withHttpMethod(HttpMethods.GET).addHeader(AUTHORIZATION, basicAuthString).addParameter(AuthenticationConstants.USERNAME, username).addParameter(AuthenticationConstants.PASSWORD, password).addParameter("format", "timeseries").withRequestUrl("http://rest.wayneindustries.com/v1/bats/").withSimbaWebURL(SIMBA_WEB_URL).withHostServerName(RequestUtil.HOST_SERVER_NAME).withIsLoginRequest(true).build();
SimbaCredentials simbaCredentials = factory.create(containerRequest);
assertThat(simbaCredentials).isEqualTo(expected);
}
use of com.sun.jersey.spi.container.ContainerRequest in project simba-os by cegeka.
the class SimbaCredentialsFactoryTest method create_NeitherSSOTokenNorBasicAuthentication_Throws401.
@Test
public void create_NeitherSSOTokenNorBasicAuthentication_Throws401() throws Exception {
ContainerRequest containerRequest = new ContainerRequestBuilderForTests().withRequestUri(URI.create("http://rest.wayneindustries.com/v1/bats?format=timeseries")).withHttpMethod(HttpMethods.GET).build();
expectedException.expect(WebApplicationExceptionMatcher.webApplicationException(UNAUTHORIZED));
factory.create(containerRequest);
}
use of com.sun.jersey.spi.container.ContainerRequest in project druid by apache.
the class SupervisorResourceFilterTest method testGetWhenUserHasReadAccess.
@Test
public void testGetWhenUserHasReadAccess() {
setExpectations("/druid/indexer/v1/supervisor/datasource1", "GET", "datasource1", Action.READ, true);
ContainerRequest filteredRequest = resourceFilter.filter(containerRequest);
Assert.assertNotNull(filteredRequest);
verifyMocks();
}
use of com.sun.jersey.spi.container.ContainerRequest in project druid by apache.
the class SupervisorResourceFilterTest method testPostWhenUserHasWriteAccess.
@Test
public void testPostWhenUserHasWriteAccess() {
setExpectations("/druid/indexer/v1/supervisor/datasource1", "POST", "datasource1", Action.WRITE, true);
ContainerRequest filteredRequest = resourceFilter.filter(containerRequest);
Assert.assertNotNull(filteredRequest);
verifyMocks();
}
use of com.sun.jersey.spi.container.ContainerRequest in project Kustvakt by KorAP.
the class AdminFilter method filter.
@Override
public ContainerRequest filter(ContainerRequest request) {
ContainerRequest superRequest = super.filter(request);
String username = "guest";
// legacy support for kustvakt core
String adminToken = superRequest.getFormParameters().getFirst("token");
if (adminToken != null && !adminToken.isEmpty()) {
// adminToken = adminToken.substring(6);
if (adminToken.equals(servletContext.getInitParameter("adminToken"))) {
return superRequest;
}
}
SecurityContext securityContext = superRequest.getSecurityContext();
TokenContext tokenContext = (TokenContext) securityContext.getUserPrincipal();
if (tokenContext != null) {
username = tokenContext.getUsername();
if (adminDao.isAdmin(username)) {
return superRequest;
}
}
throw kustvaktResponseHandler.throwit(new KustvaktException(StatusCodes.AUTHORIZATION_FAILED, "Unauthorized operation for user: " + username, username));
}
Aggregations