use of ddf.security.claims.ClaimsHandler in project ddf by codice.
the class PKIRealmTest method setup.
@Before
public void setup() {
List<ClaimsHandler> claimsHandlers = new ArrayList<>();
claimsHandlers.add(mock(ClaimsHandler.class));
claimsHandlers.add(mock(ClaimsHandler.class));
ClaimsCollection claims1 = new ClaimsCollectionImpl();
ClaimImpl email1 = new ClaimImpl("email");
email1.addValue("test@example.com");
claims1.add(email1);
ClaimsCollection claims2 = new ClaimsCollectionImpl();
ClaimImpl email2 = new ClaimImpl("email");
email2.addValue("tester@example.com");
claims2.add(email2);
when(claimsHandlers.get(0).retrieveClaims(any())).thenReturn(claims1);
when(claimsHandlers.get(1).retrieveClaims(any())).thenReturn(claims2);
pkiRealm.setClaimsHandlers(claimsHandlers);
}
use of ddf.security.claims.ClaimsHandler in project ddf by codice.
the class PKIRealm method createPrincipalCollectionFromCertificate.
private SimplePrincipalCollection createPrincipalCollectionFromCertificate(X500Principal principal) {
SimplePrincipalCollection principals = new SimplePrincipalCollection();
DefaultSecurityAssertionBuilder assertionBuilder = new DefaultSecurityAssertionBuilder();
AttributeStatement attributeStatement = new AttributeStatementDefault();
HashMap<String, Object> properties = createProperties(principal);
for (ClaimsHandler claimsHandler : claimsHandlers) {
ClaimsCollection claims = claimsHandler.retrieveClaims(new ClaimsParametersImpl(principal, Collections.singleton(principal), properties));
mergeClaimsToAttributes(attributeStatement, claims);
}
final Instant now = Instant.now();
SecurityAssertion assertion = assertionBuilder.addAttributeStatement(attributeStatement).userPrincipal(principal).weight(SecurityAssertion.LOCAL_AUTH_WEIGHT).issuer("DDF").notBefore(Date.from(now)).notOnOrAfter(Date.from(now.plus(fourHours))).tokenType(PKI_TOKEN_TYPE).build();
principals.add(assertion, "PKI");
return principals;
}
use of ddf.security.claims.ClaimsHandler in project ddf by codice.
the class UsernamePasswordRealm method createPrincipalCollectionFromSubject.
private SimplePrincipalCollection createPrincipalCollectionFromSubject(Subject subject) {
SimplePrincipalCollection principals = new SimplePrincipalCollection();
DefaultSecurityAssertionBuilder assertionBuilder = new DefaultSecurityAssertionBuilder();
AttributeStatement attributeStatement = new AttributeStatementDefault();
Principal userPrincipal = subject.getPrincipals().stream().filter(p -> p instanceof UserPrincipal).findFirst().orElseThrow(AuthenticationException::new);
Set<Principal> rolePrincipals = subject.getPrincipals().stream().filter(p -> p instanceof RolePrincipal).collect(Collectors.toSet());
for (ClaimsHandler claimsHandler : claimsHandlers) {
ClaimsCollection claims = claimsHandler.retrieveClaims(new ClaimsParametersImpl(userPrincipal, rolePrincipals, new HashMap<>()));
mergeClaimsToAttributes(attributeStatement, claims);
}
final Instant now = Instant.now();
assertionBuilder.addAttributeStatement(attributeStatement).userPrincipal(userPrincipal).weight(SecurityAssertion.LOCAL_AUTH_WEIGHT).issuer("DDF").notBefore(Date.from(now)).notOnOrAfter(Date.from(now.plus(fourHours)));
for (Principal principal : rolePrincipals) {
assertionBuilder.addPrincipal(principal);
}
assertionBuilder.tokenType(USER_PASS_TOKEN_TYPE);
SecurityAssertion assertion = assertionBuilder.build();
principals.add(assertion, "UP");
return principals;
}
use of ddf.security.claims.ClaimsHandler in project ddf by codice.
the class UsernamePasswordRealmTest method setup.
@Before
public void setup() {
List<ClaimsHandler> claimsHandlers = new ArrayList<>();
claimsHandlers.add(mock(ClaimsHandler.class));
claimsHandlers.add(mock(ClaimsHandler.class));
ClaimsCollection claims1 = new ClaimsCollectionImpl();
ClaimImpl email1 = new ClaimImpl("email");
email1.addValue("test@example.com");
claims1.add(email1);
ClaimsCollection claims2 = new ClaimsCollectionImpl();
ClaimImpl email2 = new ClaimImpl("email");
email2.addValue("tester@example.com");
claims2.add(email2);
when(claimsHandlers.get(0).retrieveClaims(any())).thenReturn(claims1);
when(claimsHandlers.get(1).retrieveClaims(any())).thenReturn(claims2);
upRealm.setClaimsHandlers(claimsHandlers);
JaasRealm jaasRealm = mock(JaasRealm.class);
when(jaasRealm.getName()).thenReturn("realm");
upRealm.realmList.add(jaasRealm);
}
use of ddf.security.claims.ClaimsHandler in project ddf by codice.
the class ClaimsHandlerManager method registerClaimsHandler.
/**
* Utility method that registers a ClaimsHandler and returns the service registration.
*
* @param handler Handler that should be registered.
* @param registration Previous registration, will be used to unregister if not null.
* @return new registration for the service.
*/
private ServiceRegistration<ClaimsHandler> registerClaimsHandler(ClaimsHandler handler, ServiceRegistration<ClaimsHandler> registration) {
BundleContext context = getContext();
if (null != context) {
if (registration != null) {
ClaimsHandler oldClaimsHandler = context.getService(registration.getReference());
if (oldClaimsHandler instanceof RoleClaimsHandler) {
((RoleClaimsHandler) oldClaimsHandler).disconnect();
} else if (oldClaimsHandler instanceof LdapClaimsHandler) {
((LdapClaimsHandler) oldClaimsHandler).disconnect();
}
registration.unregister();
}
return context.registerService(ClaimsHandler.class, handler, null);
}
return null;
}
Aggregations