Examples with IdmJwtAuthentication eu.bcvsolutions.idm.core.security.api.domain.IdmJwtAuthentication used on opensource projects

Search in sources :

Example 16 with IdmJwtAuthentication

use of eu.bcvsolutions.idm.core.security.api.domain.IdmJwtAuthentication in project CzechIdMng by bcvsolutions.

the class TestAppAuthenticationFilter method authorize.

@Override
public boolean authorize(String token, HttpServletRequest request, HttpServletResponse response) {
    try {
        Optional<Jwt> jwt = HttpFilterUtils.parseToken(token);
        if (!jwt.isPresent()) {
            return false;
        }
        Map<String, Object> claims = verifyTokenAndGetClaims(jwt.get());
        String userName = (String) claims.get(HttpFilterUtils.JWT_USER_NAME);
        IdmIdentityDto identity = identityService.getByUsername(userName);
        // not important - either new refreshed token or data are returned to user
        ZonedDateTime expiration = null;
        Collection<GrantedAuthority> authorities = null;
        if (shouldGrantAuthoritiesForPath(request.getServletPath())) {
            authorities = grantedAuthoritiesFactory.getGrantedAuthoritiesForIdentity(identity.getId());
        } else {
            authorities = new ArrayList<>();
        }
        IdmJwtAuthentication ija = new IdmJwtAuthentication(identity, expiration, authorities, EntityUtils.getModule(this.getClass()));
        SecurityContextHolder.getContext().setAuthentication(ija);
        return true;
    } catch (Exception e) {
        e.printStackTrace();
    }
    return false;
}
Also used : ZonedDateTime(java.time.ZonedDateTime) Jwt(org.springframework.security.jwt.Jwt) GrantedAuthority(org.springframework.security.core.GrantedAuthority) IdmJwtAuthentication(eu.bcvsolutions.idm.core.security.api.domain.IdmJwtAuthentication) IdmIdentityDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityDto) CoreException(eu.bcvsolutions.idm.core.api.exception.CoreException) IOException(java.io.IOException) ValidationException(javax.validation.ValidationException)

Example 17 with IdmJwtAuthentication

use of eu.bcvsolutions.idm.core.security.api.domain.IdmJwtAuthentication in project CzechIdMng by bcvsolutions.

the class IdmTokenControllerRestTest method testGenerate.

@Test
public void testGenerate() throws Exception {
    IdmIdentityDto identity = getHelper().createIdentity((GuardedString) null);
    IdmTokenDto token = new IdmTokenDto();
    token.setOwnerId(identity.getId());
    token.setOwnerType(tokenManager.getOwnerType(identity));
    token.setTokenType("custom");
    token.setExpiration(ZonedDateTime.now().plusDays(1));
    ObjectMapper mapper = getMapper();
    // 
    String response = getMockMvc().perform(post(getBaseUrl()).with(authentication(getAdminAuthentication())).content(mapper.writeValueAsString(token)).contentType(TestHelper.HAL_CONTENT_TYPE)).andExpect(status().isCreated()).andExpect(content().contentType(TestHelper.HAL_CONTENT_TYPE)).andReturn().getResponse().getContentAsString();
    IdmTokenDto createdToken = (IdmTokenDto) mapper.readValue(response, token.getClass());
    Assert.assertNotNull(createdToken);
    Assert.assertNotNull(createdToken.getId());
    Assert.assertTrue(token.getExpiration().isEqual(createdToken.getExpiration()));
    Assert.assertEquals(token.getTokenType(), createdToken.getTokenType());
    // 
    // token is filled
    String jwtToken = createdToken.getProperties().getString(IdmAuthenticationFilter.AUTHENTICATION_TOKEN_NAME);
    Assert.assertNotNull(jwtToken);
    IdmJwtAuthentication readToken = jwtTokenMapper.readToken(jwtToken);
    Assert.assertEquals(createdToken.getId(), readToken.getId());
    Assert.assertTrue(token.getExpiration().isEqual(readToken.getExpiration()));
    // 
    IdmTokenDto getToken = getDto(createdToken.getId());
    // token is not filled after get
    Assert.assertNull(getToken.getProperties().get(IdmAuthenticationFilter.AUTHENTICATION_TOKEN_NAME));
}
Also used : IdmTokenDto(eu.bcvsolutions.idm.core.api.dto.IdmTokenDto) IdmJwtAuthentication(eu.bcvsolutions.idm.core.security.api.domain.IdmJwtAuthentication) GuardedString(eu.bcvsolutions.idm.core.security.api.domain.GuardedString) IdmIdentityDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityDto) ObjectMapper(com.fasterxml.jackson.databind.ObjectMapper) Test(org.junit.Test) AbstractReadWriteDtoControllerRestTest(eu.bcvsolutions.idm.core.api.rest.AbstractReadWriteDtoControllerRestTest)

Example 18 with IdmJwtAuthentication

use of eu.bcvsolutions.idm.core.security.api.domain.IdmJwtAuthentication in project CzechIdMng by bcvsolutions.

the class OAuthAuthenticationManagerTest method testIdentityNotExists.

/**
 * Non-existent identities cannot possess auth. tokens.
 */
@Test
public void testIdentityNotExists() {
    IdmJwtAuthentication authentication = getAuthentication(USER_NAME, DateTime.now().plusHours(1), DateTime.now());
    when(identityService.getByUsername(USER_NAME)).thenReturn(null);
    try {
        authManager.authenticate(authentication);
        Assert.fail("Cannot authenticate unknown identity.");
    } catch (AuthenticationException e) {
        verify(identityService).getByUsername(USER_NAME);
    }
}
Also used : AuthenticationException(org.springframework.security.core.AuthenticationException) IdmJwtAuthentication(eu.bcvsolutions.idm.core.security.api.domain.IdmJwtAuthentication) Test(org.junit.Test) AbstractUnitTest(eu.bcvsolutions.idm.test.api.AbstractUnitTest)

Example 19 with IdmJwtAuthentication

use of eu.bcvsolutions.idm.core.security.api.domain.IdmJwtAuthentication in project CzechIdMng by bcvsolutions.

the class OAuthAuthenticationManagerTest method testAuthorityModification.

/**
 * Removing a role which grants authorities results in authentication
 * expiration.
 */
@Test
public void testAuthorityModification() {
    IdmIdentityDto i = getTestIdentity();
    IdmAuthorityChange ac = getAuthChange(i, DateTime.now());
    IdmJwtAuthentication authentication = getAuthentication(USER_NAME, DateTime.now().plusHours(1), DateTime.now().minusHours(1));
    when(identityService.getByUsername(USER_NAME)).thenReturn(i);
    when(acRepository.findOneByIdentity_Id(i.getId())).thenReturn(ac);
    try {
        authManager.authenticate(authentication);
        Assert.fail("Cannot authenticate identity with modified authorities.");
    } catch (ResultCodeException e) {
        Assert.assertEquals(CoreResultCode.AUTHORITIES_CHANGED.getStatus(), e.getStatus());
        Assert.assertEquals(CoreResultCode.AUTHORITIES_CHANGED.getMessage(), e.getMessage());
        verify(identityService).getByUsername(USER_NAME);
        verify(acRepository).findOneByIdentity_Id(i.getId());
    }
}
Also used : IdmAuthorityChange(eu.bcvsolutions.idm.core.model.entity.IdmAuthorityChange) ResultCodeException(eu.bcvsolutions.idm.core.api.exception.ResultCodeException) IdmJwtAuthentication(eu.bcvsolutions.idm.core.security.api.domain.IdmJwtAuthentication) IdmIdentityDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityDto) Test(org.junit.Test) AbstractUnitTest(eu.bcvsolutions.idm.test.api.AbstractUnitTest)

Example 20 with IdmJwtAuthentication

use of eu.bcvsolutions.idm.core.security.api.domain.IdmJwtAuthentication in project CzechIdMng by bcvsolutions.

the class AbstractWorkflowIntegrationTest method loginWithout.

/**
 * Login as user without authorities given in parameter authorities
 *
 * @param user
 * @param authorities
 */
public void loginWithout(String user, String... authorities) {
    Collection<GrantedAuthority> authoritiesWithout = IdmAuthorityUtils.toAuthorities(moduleService.getAvailablePermissions()).stream().filter(authority -> {
        for (String auth : authorities) {
            if (auth.equals(authority.getAuthority())) {
                return false;
            }
        }
        return true;
    }).collect(Collectors.toList());
    IdmIdentityDto identity = (IdmIdentityDto) lookupService.getDtoLookup(IdmIdentityDto.class).lookup(user);
    SecurityContextHolder.getContext().setAuthentication(new IdmJwtAuthentication(identity, null, authoritiesWithout, "test"));
}
Also used : SpringProcessEngineConfiguration(org.activiti.spring.SpringProcessEngineConfiguration) AuthenticationTestUtils(eu.bcvsolutions.idm.test.api.utils.AuthenticationTestUtils) ActivitiRule(org.activiti.engine.test.ActivitiRule) Collection(java.util.Collection) ProcessEngineConfigurationImpl(org.activiti.engine.impl.cfg.ProcessEngineConfigurationImpl) IdmIdentityDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityDto) Autowired(org.springframework.beans.factory.annotation.Autowired) AutowireCapableBeanFactory(org.springframework.beans.factory.config.AutowireCapableBeanFactory) IdmJwtAuthentication(eu.bcvsolutions.idm.core.security.api.domain.IdmJwtAuthentication) Collectors(java.util.stream.Collectors) DefaultActivityBehaviorFactory(org.activiti.engine.impl.bpmn.parser.factory.DefaultActivityBehaviorFactory) GrantedAuthority(org.springframework.security.core.GrantedAuthority) IdentityService(org.activiti.engine.IdentityService) WorkflowDeploymentDto(eu.bcvsolutions.idm.core.workflow.api.dto.WorkflowDeploymentDto) Rule(org.junit.Rule) LookupService(eu.bcvsolutions.idm.core.api.service.LookupService) IdmAuthorityUtils(eu.bcvsolutions.idm.core.security.api.utils.IdmAuthorityUtils) WorkflowDeploymentService(eu.bcvsolutions.idm.core.workflow.api.service.WorkflowDeploymentService) Ignore(org.junit.Ignore) ModuleService(eu.bcvsolutions.idm.core.api.service.ModuleService) IdmGroupPermission(eu.bcvsolutions.idm.core.security.api.domain.IdmGroupPermission) SecurityContextHolder(org.springframework.security.core.context.SecurityContextHolder) InputStream(java.io.InputStream) Before(org.junit.Before) GrantedAuthority(org.springframework.security.core.GrantedAuthority) IdmJwtAuthentication(eu.bcvsolutions.idm.core.security.api.domain.IdmJwtAuthentication) IdmIdentityDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityDto)

Aggregations

IdmJwtAuthentication (eu.bcvsolutions.idm.core.security.api.domain.IdmJwtAuthentication)31 IdmIdentityDto (eu.bcvsolutions.idm.core.api.dto.IdmIdentityDto)22 Test (org.junit.Test)14 ResultCodeException (eu.bcvsolutions.idm.core.api.exception.ResultCodeException)10 GrantedAuthority (org.springframework.security.core.GrantedAuthority)10 AbstractUnitTest (eu.bcvsolutions.idm.test.api.AbstractUnitTest)8 Collection (java.util.Collection)8 IdmTokenDto (eu.bcvsolutions.idm.core.api.dto.IdmTokenDto)7 GuardedString (eu.bcvsolutions.idm.core.security.api.domain.GuardedString)7 UUID (java.util.UUID)7 Collectors (java.util.stream.Collectors)7 Autowired (org.springframework.beans.factory.annotation.Autowired)7 ModuleService (eu.bcvsolutions.idm.core.api.service.ModuleService)6 IdmGroupPermission (eu.bcvsolutions.idm.core.security.api.domain.IdmGroupPermission)6 IdmAuthorityUtils (eu.bcvsolutions.idm.core.security.api.utils.IdmAuthorityUtils)6 Before (org.junit.Before)6 SecurityContextHolder (org.springframework.security.core.context.SecurityContextHolder)6 IdmJwtAuthenticationDto (eu.bcvsolutions.idm.core.security.api.dto.IdmJwtAuthenticationDto)4 LoginDto (eu.bcvsolutions.idm.core.security.api.dto.LoginDto)4 After (org.junit.After)4
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial