Example 11 with ClaimsCollection
use of ddf.security.claims.ClaimsCollection in project ddf by codice.
the class LdapClaimsHandlerTest method testRetrieveClaimsValues.
@Test
public void testRetrieveClaimsValues() throws URISyntaxException, LdapException {
when(mockBindResult.isSuccess()).thenReturn(true);
ClaimsCollection processedClaims = claimsHandler.retrieveClaims(claimsParameters);
assertThat(processedClaims, hasSize(1));
Claim claim = processedClaims.get(0);
assertThat(claim.getValues(), contains(DUMMY_VALUE));
verify(mockConnection).search(eq(USER_BASE_DN), any(), eq("(&(objectclass=person)(uid=cn=Tony Stark,ou=avengers,dc=marvel,dc=com))"), eq(ATTRIBUTE_NAME));
}
Also used :
ClaimsCollection(ddf.security.claims.ClaimsCollection)
Claim(ddf.security.claims.Claim)
Test(org.junit.Test)
Example 12 with ClaimsCollection
use of ddf.security.claims.ClaimsCollection in project ddf by codice.
the class UsersAttributesFileClaimsHandlerTest method testRetrieveClaimValuesRegex.
@Test
public void testRetrieveClaimValuesRegex() throws IOException {
// given
System.setProperty(SystemBaseUrl.INTERNAL_HOST, "testHostname");
final UsersAttributesFileClaimsHandler usersAttributesFileClaimsHandler = new UsersAttributesFileClaimsHandler();
usersAttributesFileClaimsHandler.setUsersAttributesFileLocation(getPathForValidTestAttributesFile());
final ClaimsCollection ClaimsCollection = getClaimsCollectionForValidTestAttributesFile();
final Principal principal = mock(Principal.class);
when(principal.getName()).thenReturn("myhostname");
final ClaimsParameters regexClaimsParameters = new ClaimsParametersImpl(principal, new HashSet<>(), new HashMap<>());
// when
ClaimsCollection processedClaims = usersAttributesFileClaimsHandler.retrieveClaims(regexClaimsParameters);
// then
assertThat(processedClaims, contains(allOf(hasProperty("name", is("reg")), hasProperty("values", containsInAnyOrder("ex")))));
}
Also used :
ClaimsParametersImpl(ddf.security.claims.impl.ClaimsParametersImpl)
ClaimsCollection(ddf.security.claims.ClaimsCollection)
Principal(java.security.Principal)
ClaimsParameters(ddf.security.claims.ClaimsParameters)
Test(org.junit.Test)
Example 13 with ClaimsCollection
use of ddf.security.claims.ClaimsCollection in project ddf by codice.
the class UsersAttributesFileClaimsHandlerTest method testRetrieveClaimValuesAdmin.
@Test
public void testRetrieveClaimValuesAdmin() throws IOException {
// given
System.setProperty(SystemBaseUrl.INTERNAL_HOST, "testHostname");
final UsersAttributesFileClaimsHandler usersAttributesFileClaimsHandler = new UsersAttributesFileClaimsHandler();
usersAttributesFileClaimsHandler.setUsersAttributesFileLocation(getPathForValidTestAttributesFile());
final ClaimsCollection ClaimsCollection = getClaimsCollectionForValidTestAttributesFile();
final ClaimsParameters localhostClaimsParameters;
final Principal principal = mock(Principal.class);
when(principal.getName()).thenReturn("admin");
localhostClaimsParameters = new ClaimsParametersImpl(principal, new HashSet<>(), new HashMap<>());
// when
final ClaimsCollection processedClaims = usersAttributesFileClaimsHandler.retrieveClaims(localhostClaimsParameters);
// then
assertThat(processedClaims, contains(allOf(hasProperty("name", is("http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress")), hasProperty("values", containsInAnyOrder("admin@testHostname")))));
}
Also used :
ClaimsParametersImpl(ddf.security.claims.impl.ClaimsParametersImpl)
HashMap(java.util.HashMap)
ClaimsCollection(ddf.security.claims.ClaimsCollection)
Principal(java.security.Principal)
ClaimsParameters(ddf.security.claims.ClaimsParameters)
HashSet(java.util.HashSet)
Test(org.junit.Test)
Example 14 with ClaimsCollection
use of ddf.security.claims.ClaimsCollection in project ddf by codice.
the class PKIRealmTest method setup.
@Before
public void setup() {
List<ClaimsHandler> claimsHandlers = new ArrayList<>();
claimsHandlers.add(mock(ClaimsHandler.class));
claimsHandlers.add(mock(ClaimsHandler.class));
ClaimsCollection claims1 = new ClaimsCollectionImpl();
ClaimImpl email1 = new ClaimImpl("email");
email1.addValue("test@example.com");
claims1.add(email1);
ClaimsCollection claims2 = new ClaimsCollectionImpl();
ClaimImpl email2 = new ClaimImpl("email");
email2.addValue("tester@example.com");
claims2.add(email2);
when(claimsHandlers.get(0).retrieveClaims(any())).thenReturn(claims1);
when(claimsHandlers.get(1).retrieveClaims(any())).thenReturn(claims2);
pkiRealm.setClaimsHandlers(claimsHandlers);
}
Also used :
ClaimsHandler(ddf.security.claims.ClaimsHandler)
ClaimsCollectionImpl(ddf.security.claims.impl.ClaimsCollectionImpl)
ArrayList(java.util.ArrayList)
ClaimImpl(ddf.security.claims.impl.ClaimImpl)
ClaimsCollection(ddf.security.claims.ClaimsCollection)
Before(org.junit.Before)
Example 15 with ClaimsCollection
use of ddf.security.claims.ClaimsCollection in project ddf by codice.
the class PKIRealm method createPrincipalCollectionFromCertificate.
private SimplePrincipalCollection createPrincipalCollectionFromCertificate(X500Principal principal) {
SimplePrincipalCollection principals = new SimplePrincipalCollection();
DefaultSecurityAssertionBuilder assertionBuilder = new DefaultSecurityAssertionBuilder();
AttributeStatement attributeStatement = new AttributeStatementDefault();
HashMap<String, Object> properties = createProperties(principal);
for (ClaimsHandler claimsHandler : claimsHandlers) {
ClaimsCollection claims = claimsHandler.retrieveClaims(new ClaimsParametersImpl(principal, Collections.singleton(principal), properties));
mergeClaimsToAttributes(attributeStatement, claims);
}
final Instant now = Instant.now();
SecurityAssertion assertion = assertionBuilder.addAttributeStatement(attributeStatement).userPrincipal(principal).weight(SecurityAssertion.LOCAL_AUTH_WEIGHT).issuer("DDF").notBefore(Date.from(now)).notOnOrAfter(Date.from(now.plus(fourHours))).tokenType(PKI_TOKEN_TYPE).build();
principals.add(assertion, "PKI");
return principals;
}
Also used :
ClaimsHandler(ddf.security.claims.ClaimsHandler)
DefaultSecurityAssertionBuilder(ddf.security.assertion.impl.DefaultSecurityAssertionBuilder)
ClaimsParametersImpl(ddf.security.claims.impl.ClaimsParametersImpl)
AttributeStatement(ddf.security.assertion.AttributeStatement)
AttributeStatementDefault(ddf.security.assertion.impl.AttributeStatementDefault)
Instant(java.time.Instant)
SimplePrincipalCollection(org.apache.shiro.subject.SimplePrincipalCollection)
ClaimsCollection(ddf.security.claims.ClaimsCollection)
SecurityAssertion(ddf.security.assertion.SecurityAssertion)
Aggregations
ClaimsCollection (ddf.security.claims.ClaimsCollection)29
Test (org.junit.Test)18
Principal (java.security.Principal)16
ClaimsParameters (ddf.security.claims.ClaimsParameters)14
ClaimsParametersImpl (ddf.security.claims.impl.ClaimsParametersImpl)14
HashMap (java.util.HashMap)10
Claim (ddf.security.claims.Claim)9
ClaimsCollectionImpl (ddf.security.claims.impl.ClaimsCollectionImpl)9
ClaimImpl (ddf.security.claims.impl.ClaimImpl)6
ClaimsHandler (ddf.security.claims.ClaimsHandler)4
ArrayList (java.util.ArrayList)4
HashSet (java.util.HashSet)4
X500Principal (javax.security.auth.x500.X500Principal)4
UserPrincipal (org.apache.karaf.jaas.boot.principal.UserPrincipal)4
Connection (org.forgerock.opendj.ldap.Connection)4
BindResult (org.forgerock.opendj.ldap.responses.BindResult)4
SearchResultEntry (org.forgerock.opendj.ldap.responses.SearchResultEntry)4
ConnectionEntryReader (org.forgerock.opendj.ldif.ConnectionEntryReader)4
SubjectUtils (ddf.security.service.impl.SubjectUtils)3
AttributeStatement (ddf.security.assertion.AttributeStatement)2
