Search in sources :

Example 11 with ClaimsCollection

use of ddf.security.claims.ClaimsCollection in project ddf by codice.

the class LdapClaimsHandlerTest method testRetrieveClaimsValues.

@Test
public void testRetrieveClaimsValues() throws URISyntaxException, LdapException {
    when(mockBindResult.isSuccess()).thenReturn(true);
    ClaimsCollection processedClaims = claimsHandler.retrieveClaims(claimsParameters);
    assertThat(processedClaims, hasSize(1));
    Claim claim = processedClaims.get(0);
    assertThat(claim.getValues(), contains(DUMMY_VALUE));
    verify(mockConnection).search(eq(USER_BASE_DN), any(), eq("(&(objectclass=person)(uid=cn=Tony Stark,ou=avengers,dc=marvel,dc=com))"), eq(ATTRIBUTE_NAME));
}
Also used : ClaimsCollection(ddf.security.claims.ClaimsCollection) Claim(ddf.security.claims.Claim) Test(org.junit.Test)

Example 12 with ClaimsCollection

use of ddf.security.claims.ClaimsCollection in project ddf by codice.

the class UsersAttributesFileClaimsHandlerTest method testRetrieveClaimValuesRegex.

@Test
public void testRetrieveClaimValuesRegex() throws IOException {
    // given
    System.setProperty(SystemBaseUrl.INTERNAL_HOST, "testHostname");
    final UsersAttributesFileClaimsHandler usersAttributesFileClaimsHandler = new UsersAttributesFileClaimsHandler();
    usersAttributesFileClaimsHandler.setUsersAttributesFileLocation(getPathForValidTestAttributesFile());
    final ClaimsCollection ClaimsCollection = getClaimsCollectionForValidTestAttributesFile();
    final Principal principal = mock(Principal.class);
    when(principal.getName()).thenReturn("myhostname");
    final ClaimsParameters regexClaimsParameters = new ClaimsParametersImpl(principal, new HashSet<>(), new HashMap<>());
    // when
    ClaimsCollection processedClaims = usersAttributesFileClaimsHandler.retrieveClaims(regexClaimsParameters);
    // then
    assertThat(processedClaims, contains(allOf(hasProperty("name", is("reg")), hasProperty("values", containsInAnyOrder("ex")))));
}
Also used : ClaimsParametersImpl(ddf.security.claims.impl.ClaimsParametersImpl) ClaimsCollection(ddf.security.claims.ClaimsCollection) Principal(java.security.Principal) ClaimsParameters(ddf.security.claims.ClaimsParameters) Test(org.junit.Test)

Example 13 with ClaimsCollection

use of ddf.security.claims.ClaimsCollection in project ddf by codice.

the class UsersAttributesFileClaimsHandlerTest method testRetrieveClaimValuesAdmin.

@Test
public void testRetrieveClaimValuesAdmin() throws IOException {
    // given
    System.setProperty(SystemBaseUrl.INTERNAL_HOST, "testHostname");
    final UsersAttributesFileClaimsHandler usersAttributesFileClaimsHandler = new UsersAttributesFileClaimsHandler();
    usersAttributesFileClaimsHandler.setUsersAttributesFileLocation(getPathForValidTestAttributesFile());
    final ClaimsCollection ClaimsCollection = getClaimsCollectionForValidTestAttributesFile();
    final ClaimsParameters localhostClaimsParameters;
    final Principal principal = mock(Principal.class);
    when(principal.getName()).thenReturn("admin");
    localhostClaimsParameters = new ClaimsParametersImpl(principal, new HashSet<>(), new HashMap<>());
    // when
    final ClaimsCollection processedClaims = usersAttributesFileClaimsHandler.retrieveClaims(localhostClaimsParameters);
    // then
    assertThat(processedClaims, contains(allOf(hasProperty("name", is("http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress")), hasProperty("values", containsInAnyOrder("admin@testHostname")))));
}
Also used : ClaimsParametersImpl(ddf.security.claims.impl.ClaimsParametersImpl) HashMap(java.util.HashMap) ClaimsCollection(ddf.security.claims.ClaimsCollection) Principal(java.security.Principal) ClaimsParameters(ddf.security.claims.ClaimsParameters) HashSet(java.util.HashSet) Test(org.junit.Test)

Example 14 with ClaimsCollection

use of ddf.security.claims.ClaimsCollection in project ddf by codice.

the class PKIRealmTest method setup.

@Before
public void setup() {
    List<ClaimsHandler> claimsHandlers = new ArrayList<>();
    claimsHandlers.add(mock(ClaimsHandler.class));
    claimsHandlers.add(mock(ClaimsHandler.class));
    ClaimsCollection claims1 = new ClaimsCollectionImpl();
    ClaimImpl email1 = new ClaimImpl("email");
    email1.addValue("test@example.com");
    claims1.add(email1);
    ClaimsCollection claims2 = new ClaimsCollectionImpl();
    ClaimImpl email2 = new ClaimImpl("email");
    email2.addValue("tester@example.com");
    claims2.add(email2);
    when(claimsHandlers.get(0).retrieveClaims(any())).thenReturn(claims1);
    when(claimsHandlers.get(1).retrieveClaims(any())).thenReturn(claims2);
    pkiRealm.setClaimsHandlers(claimsHandlers);
}
Also used : ClaimsHandler(ddf.security.claims.ClaimsHandler) ClaimsCollectionImpl(ddf.security.claims.impl.ClaimsCollectionImpl) ArrayList(java.util.ArrayList) ClaimImpl(ddf.security.claims.impl.ClaimImpl) ClaimsCollection(ddf.security.claims.ClaimsCollection) Before(org.junit.Before)

Example 15 with ClaimsCollection

use of ddf.security.claims.ClaimsCollection in project ddf by codice.

the class PKIRealm method createPrincipalCollectionFromCertificate.

private SimplePrincipalCollection createPrincipalCollectionFromCertificate(X500Principal principal) {
    SimplePrincipalCollection principals = new SimplePrincipalCollection();
    DefaultSecurityAssertionBuilder assertionBuilder = new DefaultSecurityAssertionBuilder();
    AttributeStatement attributeStatement = new AttributeStatementDefault();
    HashMap<String, Object> properties = createProperties(principal);
    for (ClaimsHandler claimsHandler : claimsHandlers) {
        ClaimsCollection claims = claimsHandler.retrieveClaims(new ClaimsParametersImpl(principal, Collections.singleton(principal), properties));
        mergeClaimsToAttributes(attributeStatement, claims);
    }
    final Instant now = Instant.now();
    SecurityAssertion assertion = assertionBuilder.addAttributeStatement(attributeStatement).userPrincipal(principal).weight(SecurityAssertion.LOCAL_AUTH_WEIGHT).issuer("DDF").notBefore(Date.from(now)).notOnOrAfter(Date.from(now.plus(fourHours))).tokenType(PKI_TOKEN_TYPE).build();
    principals.add(assertion, "PKI");
    return principals;
}
Also used : ClaimsHandler(ddf.security.claims.ClaimsHandler) DefaultSecurityAssertionBuilder(ddf.security.assertion.impl.DefaultSecurityAssertionBuilder) ClaimsParametersImpl(ddf.security.claims.impl.ClaimsParametersImpl) AttributeStatement(ddf.security.assertion.AttributeStatement) AttributeStatementDefault(ddf.security.assertion.impl.AttributeStatementDefault) Instant(java.time.Instant) SimplePrincipalCollection(org.apache.shiro.subject.SimplePrincipalCollection) ClaimsCollection(ddf.security.claims.ClaimsCollection) SecurityAssertion(ddf.security.assertion.SecurityAssertion)

Aggregations

ClaimsCollection (ddf.security.claims.ClaimsCollection)29 Test (org.junit.Test)18 Principal (java.security.Principal)16 ClaimsParameters (ddf.security.claims.ClaimsParameters)14 ClaimsParametersImpl (ddf.security.claims.impl.ClaimsParametersImpl)14 HashMap (java.util.HashMap)10 Claim (ddf.security.claims.Claim)9 ClaimsCollectionImpl (ddf.security.claims.impl.ClaimsCollectionImpl)9 ClaimImpl (ddf.security.claims.impl.ClaimImpl)6 ClaimsHandler (ddf.security.claims.ClaimsHandler)4 ArrayList (java.util.ArrayList)4 HashSet (java.util.HashSet)4 X500Principal (javax.security.auth.x500.X500Principal)4 UserPrincipal (org.apache.karaf.jaas.boot.principal.UserPrincipal)4 Connection (org.forgerock.opendj.ldap.Connection)4 BindResult (org.forgerock.opendj.ldap.responses.BindResult)4 SearchResultEntry (org.forgerock.opendj.ldap.responses.SearchResultEntry)4 ConnectionEntryReader (org.forgerock.opendj.ldif.ConnectionEntryReader)4 SubjectUtils (ddf.security.service.impl.SubjectUtils)3 AttributeStatement (ddf.security.assertion.AttributeStatement)2