use of ddf.security.Subject in project ddf by codice.
the class IdpEndpointTest method testPassiveLoginPkiUnsupported.
@Test
public void testPassiveLoginPkiUnsupported() throws SecurityServiceException, WSSecurityException, CertificateEncodingException, IOException {
String samlRequest = authNRequestPassivePkiGet;
HttpServletRequest request = mock(HttpServletRequest.class);
X509Certificate x509Certificate = mock(X509Certificate.class);
Subject subject = mock(Subject.class);
PrincipalCollection principalCollection = mock(PrincipalCollection.class);
SecurityAssertion securityAssertion = mock(SecurityAssertion.class);
SecurityToken securityToken = mock(SecurityToken.class);
SecurityManager securityManager = mock(SecurityManager.class);
when(subject.getPrincipals()).thenReturn(principalCollection);
when(principalCollection.asList()).thenReturn(Collections.singletonList(securityAssertion));
when(securityAssertion.getSecurityToken()).thenReturn(securityToken);
//this mock element is what will cause the signature error
when(securityToken.getToken()).thenReturn(mock(Element.class));
when(securityManager.getSubject(anyObject())).thenReturn(subject);
idpEndpoint.setSecurityManager(securityManager);
idpEndpoint.setStrictSignature(false);
when(request.isSecure()).thenReturn(true);
when(request.getRequestURL()).thenReturn(requestURL);
when(request.getAttribute(ContextPolicy.ACTIVE_REALM)).thenReturn("*");
//dummy cert
when((X509Certificate[]) request.getAttribute(requestCertificateAttributeName)).thenReturn(new X509Certificate[] { x509Certificate });
when(x509Certificate.getEncoded()).thenReturn(new byte[48]);
Response response = idpEndpoint.showGetLogin(samlRequest, relayState, signatureAlgorithm, signature, request);
String responseStr = StringUtils.substringBetween(response.getEntity().toString(), "SAMLResponse=", "&RelayState");
responseStr = URLDecoder.decode(responseStr, "UTF-8");
responseStr = RestSecurity.inflateBase64(responseStr);
//the only cookie that should exist is the "1" cookie so "2" should send us to the login webapp
assertThat(responseStr, containsString("status:RequestUnsupported"));
}
use of ddf.security.Subject in project ddf by codice.
the class SecurityTest method testTokenAboutToExpire.
@Test
public void testTokenAboutToExpire() throws Exception {
Subject subject = mock(Subject.class);
SecurityAssertion assertion = mock(SecurityAssertion.class);
PrincipalCollection pc = mock(PrincipalCollection.class);
SecurityToken st = mock(SecurityToken.class);
when(st.isAboutToExpire(anyLong())).thenReturn(true);
assertThat(security.tokenAboutToExpire(null), equalTo(true));
assertThat(security.tokenAboutToExpire(subject), equalTo(true));
when(subject.getPrincipals()).thenReturn(pc);
assertThat(security.tokenAboutToExpire(subject), equalTo(true));
when(pc.oneByType(any(Class.class))).thenReturn(assertion);
when(assertion.getSecurityToken()).thenReturn(st);
assertThat(security.tokenAboutToExpire(subject), equalTo(true));
when(st.isAboutToExpire(anyLong())).thenReturn(false);
assertThat(security.tokenAboutToExpire(subject), equalTo(false));
}
use of ddf.security.Subject in project ddf by codice.
the class SecurityTest method testGetSubjectNoSecurityManager.
@Test
public void testGetSubjectNoSecurityManager() throws Exception {
configureMockForSecurityManager(null);
Subject subject = security.getSubject("username", "password");
assertThat(subject, is(equalTo(null)));
}
use of ddf.security.Subject in project ddf by codice.
the class SecurityTest method testGetSubject.
@Test
public void testGetSubject() throws Exception {
SecurityManager sm = mock(SecurityManager.class);
Subject smSubject = mock(Subject.class);
when(sm.getSubject(any())).thenReturn(smSubject);
configureMockForSecurityManager(sm);
Subject subject = security.getSubject("username", "password");
assertThat(subject, not(equalTo(null)));
}
use of ddf.security.Subject in project ddf by codice.
the class RestSecurityTest method testSetSubjectOnClient.
@Test
public void testSetSubjectOnClient() throws Exception {
Element samlToken = readDocument("/saml.xml").getDocumentElement();
Subject subject = mock(Subject.class);
SecurityAssertion assertion = mock(SecurityAssertion.class);
SecurityToken token = new SecurityToken(UUID.randomUUID().toString(), samlToken, new Date(), new Date());
when(assertion.getSecurityToken()).thenReturn(token);
when(subject.getPrincipals()).thenReturn(new SimplePrincipalCollection(assertion, "sts"));
WebClient client = WebClient.create("https://example.org");
RestSecurity.setSubjectOnClient(subject, client);
assertNotNull(client.getHeaders().get(RestSecurity.AUTH_HEADER));
ArrayList headers = (ArrayList) client.getHeaders().get(RestSecurity.AUTH_HEADER);
boolean containsSaml = false;
for (Object header : headers) {
if (StringUtils.contains(header.toString(), RestSecurity.SAML_HEADER_PREFIX)) {
containsSaml = true;
}
}
assertTrue(containsSaml);
}
Aggregations