Search in sources :

Example 81 with ContainerRequest

use of com.sun.jersey.spi.container.ContainerRequest in project simba-os by cegeka.

the class SimbaCredentialsFactoryTest method create_BasicAuthentication_DecodesAndCreatesCredentials.

@Test
public void create_BasicAuthentication_DecodesAndCreatesCredentials() throws Exception {
    String username = "emanresu";
    String password = "drowssap";
    String digest = username + ":" + password;
    byte[] encodedDigest = Base64.encode(digest);
    String basicAuthString = "basic " + new String(encodedDigest);
    ContainerRequest containerRequest = new ContainerRequestBuilderForTests().addHeader(AUTHORIZATION, basicAuthString).withRequestUri(URI.create("http://rest.wayneindustries.com/v1/bats?format=timeseries")).withHttpMethod(HttpMethods.GET).build();
    SimbaCredentials expected = new SimbaCredentialsBuilderForTests().withHttpMethod(HttpMethods.GET).addHeader(AUTHORIZATION, basicAuthString).addParameter(AuthenticationConstants.USERNAME, username).addParameter(AuthenticationConstants.PASSWORD, password).addParameter("format", "timeseries").withRequestUrl("http://rest.wayneindustries.com/v1/bats/").withSimbaWebURL(SIMBA_WEB_URL).withHostServerName(RequestUtil.HOST_SERVER_NAME).withIsLoginRequest(true).build();
    SimbaCredentials simbaCredentials = factory.create(containerRequest);
    assertThat(simbaCredentials).isEqualTo(expected);
}
Also used : SimbaCredentialsBuilderForTests(org.simbasecurity.dwclient.dropwizard.credentials.SimbaCredentialsBuilderForTests) ContainerRequestBuilderForTests(org.simbasecurity.dwclient.test.dropwizard.matchers.ContainerRequestBuilderForTests) ContainerRequest(com.sun.jersey.spi.container.ContainerRequest) Test(org.junit.Test)

Example 82 with ContainerRequest

use of com.sun.jersey.spi.container.ContainerRequest in project simba-os by cegeka.

the class SimbaCredentialsFactoryTest method create_NeitherSSOTokenNorBasicAuthentication_Throws401.

@Test
public void create_NeitherSSOTokenNorBasicAuthentication_Throws401() throws Exception {
    ContainerRequest containerRequest = new ContainerRequestBuilderForTests().withRequestUri(URI.create("http://rest.wayneindustries.com/v1/bats?format=timeseries")).withHttpMethod(HttpMethods.GET).build();
    expectedException.expect(WebApplicationExceptionMatcher.webApplicationException(UNAUTHORIZED));
    factory.create(containerRequest);
}
Also used : ContainerRequestBuilderForTests(org.simbasecurity.dwclient.test.dropwizard.matchers.ContainerRequestBuilderForTests) ContainerRequest(com.sun.jersey.spi.container.ContainerRequest) Test(org.junit.Test)

Example 83 with ContainerRequest

use of com.sun.jersey.spi.container.ContainerRequest in project druid by apache.

the class SupervisorResourceFilterTest method testGetWhenUserHasReadAccess.

@Test
public void testGetWhenUserHasReadAccess() {
    setExpectations("/druid/indexer/v1/supervisor/datasource1", "GET", "datasource1", Action.READ, true);
    ContainerRequest filteredRequest = resourceFilter.filter(containerRequest);
    Assert.assertNotNull(filteredRequest);
    verifyMocks();
}
Also used : ContainerRequest(com.sun.jersey.spi.container.ContainerRequest) Test(org.junit.Test)

Example 84 with ContainerRequest

use of com.sun.jersey.spi.container.ContainerRequest in project druid by apache.

the class SupervisorResourceFilterTest method testPostWhenUserHasWriteAccess.

@Test
public void testPostWhenUserHasWriteAccess() {
    setExpectations("/druid/indexer/v1/supervisor/datasource1", "POST", "datasource1", Action.WRITE, true);
    ContainerRequest filteredRequest = resourceFilter.filter(containerRequest);
    Assert.assertNotNull(filteredRequest);
    verifyMocks();
}
Also used : ContainerRequest(com.sun.jersey.spi.container.ContainerRequest) Test(org.junit.Test)

Example 85 with ContainerRequest

use of com.sun.jersey.spi.container.ContainerRequest in project Kustvakt by KorAP.

the class AdminFilter method filter.

@Override
public ContainerRequest filter(ContainerRequest request) {
    ContainerRequest superRequest = super.filter(request);
    String username = "guest";
    // legacy support for kustvakt core
    String adminToken = superRequest.getFormParameters().getFirst("token");
    if (adminToken != null && !adminToken.isEmpty()) {
        // adminToken = adminToken.substring(6);
        if (adminToken.equals(servletContext.getInitParameter("adminToken"))) {
            return superRequest;
        }
    }
    SecurityContext securityContext = superRequest.getSecurityContext();
    TokenContext tokenContext = (TokenContext) securityContext.getUserPrincipal();
    if (tokenContext != null) {
        username = tokenContext.getUsername();
        if (adminDao.isAdmin(username)) {
            return superRequest;
        }
    }
    throw kustvaktResponseHandler.throwit(new KustvaktException(StatusCodes.AUTHORIZATION_FAILED, "Unauthorized operation for user: " + username, username));
}
Also used : TokenContext(de.ids_mannheim.korap.security.context.TokenContext) KustvaktException(de.ids_mannheim.korap.exceptions.KustvaktException) SecurityContext(javax.ws.rs.core.SecurityContext) ContainerRequest(com.sun.jersey.spi.container.ContainerRequest)

Aggregations

ContainerRequest (com.sun.jersey.spi.container.ContainerRequest)85 Test (org.junit.Test)64 InBoundHeaders (com.sun.jersey.core.header.InBoundHeaders)29 ContainerResponse (com.sun.jersey.spi.container.ContainerResponse)19 WebApplicationImpl (com.sun.jersey.server.impl.application.WebApplicationImpl)15 WebApplication (com.sun.jersey.spi.container.WebApplication)10 ByteArrayInputStream (java.io.ByteArrayInputStream)10 URI (java.net.URI)9 OrcidBadRequestException (org.orcid.core.exception.OrcidBadRequestException)9 FF4jSecurityContextFilter (org.ff4j.web.api.security.FF4jSecurityContextFilter)6 SimbaCredentials (org.simbasecurity.dwclient.dropwizard.credentials.SimbaCredentials)6 THttpClient (org.apache.thrift.transport.THttpClient)5 Client (org.simbasecurity.api.service.thrift.AuthenticationFilterService.Client)5 RequestData (org.simbasecurity.api.service.thrift.RequestData)5 MockHttpServletRequest (org.springframework.mock.web.MockHttpServletRequest)5 CoreMatchers.containsString (org.hamcrest.CoreMatchers.containsString)4 XForwardFilter (org.neo4j.server.web.XForwardFilter)4 ActionDescriptor (org.simbasecurity.api.service.thrift.ActionDescriptor)4 ActionDescriptorBuilderForTests (org.simbasecurity.dwclient.test.stub.simba.ActionDescriptorBuilderForTests)4 Before (org.junit.Before)3