Search in sources :

Example 1 with BasicAuthenticationConfig

use of io.apiman.gateway.engine.policies.config.BasicAuthenticationConfig in project apiman by apiman.

the class BasicAuthJDBCTest method testApplyJdbcWithRoles.

public void testApplyJdbcWithRoles(String json) throws Exception {
    // A live LDAP server is required to run this test!
    BasicAuthenticationPolicy policy = new BasicAuthenticationPolicy();
    BasicAuthenticationConfig config = policy.parseConfiguration(json);
    ApiRequest request = new ApiRequest();
    request.setType("GET");
    request.setApiKey("12345");
    request.setRemoteAddr("1.2.3.4");
    request.setDestination("/");
    IPolicyContext context = Mockito.mock(IPolicyContext.class);
    Mockito.when(context.getComponent(IJdbcComponent.class)).thenReturn(new DefaultJdbcComponent());
    IPolicyChain<ApiRequest> chain = Mockito.mock(IPolicyChain.class);
    // Success
    request.getHeaders().put("Authorization", createBasicAuthorization(JDBC_USER, JDBC_PASSWORD));
    chain = Mockito.mock(IPolicyChain.class);
    policy.apply(request, context, config, chain);
    Mockito.verify(chain).doApply(request);
    Set<String> expectedRoles = new HashSet<>();
    expectedRoles.add("admin");
    expectedRoles.add("user");
    Mockito.verify(context).setAttribute(AuthorizationPolicy.AUTHENTICATED_USER_ROLES, expectedRoles);
}
Also used : IPolicyChain(io.apiman.gateway.engine.policy.IPolicyChain) IPolicyContext(io.apiman.gateway.engine.policy.IPolicyContext) BasicAuthenticationConfig(io.apiman.gateway.engine.policies.config.BasicAuthenticationConfig) DefaultJdbcComponent(io.apiman.gateway.engine.impl.DefaultJdbcComponent) ApiRequest(io.apiman.gateway.engine.beans.ApiRequest) HashSet(java.util.HashSet)

Example 2 with BasicAuthenticationConfig

use of io.apiman.gateway.engine.policies.config.BasicAuthenticationConfig in project apiman by apiman.

the class BasicAuthenticationConfigTest method testParseConfiguration.

/**
 * Test method for {@link io.apiman.gateway.engine.policies.BasicAuthenticationPolicy#parseConfiguration(java.lang.String)}.
 */
@Test
public void testParseConfiguration() {
    BasicAuthenticationPolicy policy = new BasicAuthenticationPolicy();
    // Basic properties
    String config = "{\r\n" + "    \"realm\" : \"TestRealm\",\r\n" + "    \"forwardIdentityHttpHeader\" : \"X-Authenticated-Identity\",\r\n" + "    \"requireTransportSecurity\" : true,\r\n" + "    \"requireBasicAuth\" : true\r\n" + "}";
    Object parsed = policy.parseConfiguration(config);
    Assert.assertNotNull(parsed);
    Assert.assertEquals(BasicAuthenticationConfig.class, parsed.getClass());
    BasicAuthenticationConfig parsedConfig = (BasicAuthenticationConfig) parsed;
    Assert.assertEquals("TestRealm", parsedConfig.getRealm());
    Assert.assertEquals("X-Authenticated-Identity", parsedConfig.getForwardIdentityHttpHeader());
    Assert.assertEquals(Boolean.TRUE, parsedConfig.isRequireTransportSecurity());
    Assert.assertEquals(Boolean.TRUE, parsedConfig.getRequireBasicAuth());
    // Static identities
    config = "{\r\n" + "    \"realm\" : \"TestRealm\",\r\n" + "    \"forwardIdentityHttpHeader\" : \"X-Authenticated-Identity\",\r\n" + "    \"staticIdentity\" : {\r\n" + "      \"identities\" : [\r\n" + "        { \"username\" : \"ckent\", \"password\" : \"ckent123!\" },\r\n" + "        { \"username\" : \"bwayne\", \"password\" : \"bwayne123!\" },\r\n" + "        { \"username\" : \"dprince\", \"password\" : \"dprince123!\" }\r\n" + "      ]\r\n" + "    }\r\n" + "}";
    parsed = policy.parseConfiguration(config);
    parsedConfig = (BasicAuthenticationConfig) parsed;
    Assert.assertNotNull(parsedConfig.getStaticIdentity());
    Assert.assertEquals(3, parsedConfig.getStaticIdentity().getIdentities().size());
    Assert.assertEquals("bwayne", parsedConfig.getStaticIdentity().getIdentities().get(1).getUsername());
    Assert.assertEquals("bwayne123!", parsedConfig.getStaticIdentity().getIdentities().get(1).getPassword());
    // Multiple IP addresses
    config = "{\r\n" + "    \"realm\" : \"TestRealm\",\r\n" + "    \"forwardIdentityHttpHeader\" : \"X-Authenticated-Identity\",\r\n" + "    \"ldapIdentity\" : {\r\n" + "        \"url\" : \"ldap://example.org:389\",\r\n" + "        \"dnPattern\" : \"cn=${username},dc=overlord,dc=org\"\r\n" + "    }\r\n" + "}";
    parsed = policy.parseConfiguration(config);
    parsedConfig = (BasicAuthenticationConfig) parsed;
    Assert.assertNotNull(parsedConfig.getLdapIdentity());
    Assert.assertEquals("ldap://example.org:389", parsedConfig.getLdapIdentity().getUrl());
    Assert.assertEquals("cn=${username},dc=overlord,dc=org", parsedConfig.getLdapIdentity().getDnPattern());
    // Multiple IP addresses
    config = "{\r\n" + "    \"realm\" : \"TestRealm\",\r\n" + "    \"jdbcIdentity\" : {\r\n" + "        \"datasourcePath\" : \"jdbc/TestAuthDS\",\r\n" + "        \"query\" : \"SELECT * FROM users WHERE username = ? AND password = ?\",\r\n" + "        \"hashAlgorithm\" : \"SHA1\"\r\n" + "    }\r\n" + "}";
    parsed = policy.parseConfiguration(config);
    parsedConfig = (BasicAuthenticationConfig) parsed;
    Assert.assertNotNull(parsedConfig.getJdbcIdentity());
    Assert.assertEquals("jdbc/TestAuthDS", parsedConfig.getJdbcIdentity().getDatasourcePath());
    Assert.assertEquals("SELECT * FROM users WHERE username = ? AND password = ?", parsedConfig.getJdbcIdentity().getQuery());
    Assert.assertEquals(PasswordHashAlgorithmType.SHA1, parsedConfig.getJdbcIdentity().getHashAlgorithm());
}
Also used : BasicAuthenticationConfig(io.apiman.gateway.engine.policies.config.BasicAuthenticationConfig) Test(org.junit.Test)

Example 3 with BasicAuthenticationConfig

use of io.apiman.gateway.engine.policies.config.BasicAuthenticationConfig in project apiman by apiman.

the class LdapTestMixin method doTest.

// pass null if you expect success
default void doTest(String json, String username, String password, Integer expectedFailureCode, Set<String> expectedRoles, ILdapComponent ldapComponentUnderTest) {
    BasicAuthenticationPolicy policy = new BasicAuthenticationPolicy();
    BasicAuthenticationConfig config = policy.parseConfiguration(json);
    ApiRequest request = new ApiRequest();
    request.setType("GET");
    request.setApiKey("12345");
    request.setRemoteAddr("1.2.3.4");
    request.setDestination("/");
    IPolicyContext context = Mockito.mock(IPolicyContext.class);
    final PolicyFailure failure = new PolicyFailure();
    Mockito.when(context.getComponent(IPolicyFailureFactoryComponent.class)).thenReturn((PolicyFailureType type, int failureCode, String message) -> {
        failure.setType(type);
        failure.setFailureCode(failureCode);
        failure.setMessage(message);
        return failure;
    });
    // The LDAP stuff we're testing!
    Mockito.when(context.getComponent(ILdapComponent.class)).thenReturn(ldapComponentUnderTest);
    IPolicyChain<ApiRequest> chain = Mockito.mock(IPolicyChain.class);
    if (username != null) {
        request.getHeaders().put("Authorization", createBasicAuthorization(username, password));
    }
    if (expectedFailureCode == null) {
        policy.apply(request, context, config, chain);
        Mockito.verify(chain).doApply(request);
    } else {
        policy.apply(request, context, config, chain);
        Mockito.verify(chain).doFailure(failure);
        Assert.assertEquals(expectedFailureCode.intValue(), failure.getFailureCode());
    }
    if (expectedRoles != null && expectedFailureCode == null) {
        Mockito.verify(context).setAttribute(AuthorizationPolicy.AUTHENTICATED_USER_ROLES, expectedRoles);
    }
}
Also used : IPolicyContext(io.apiman.gateway.engine.policy.IPolicyContext) BasicAuthenticationPolicy(io.apiman.gateway.engine.policies.BasicAuthenticationPolicy) PolicyFailure(io.apiman.gateway.engine.beans.PolicyFailure) BasicAuthenticationConfig(io.apiman.gateway.engine.policies.config.BasicAuthenticationConfig) PolicyFailureType(io.apiman.gateway.engine.beans.PolicyFailureType) ApiRequest(io.apiman.gateway.engine.beans.ApiRequest)

Example 4 with BasicAuthenticationConfig

use of io.apiman.gateway.engine.policies.config.BasicAuthenticationConfig in project apiman by apiman.

the class BasicAuthJDBCTest method testApplyJdbcNoRoles.

/**
 * @param json
 * @throws Exception
 */
public void testApplyJdbcNoRoles(String json) throws Exception {
    // A live LDAP server is required to run this test!
    BasicAuthenticationPolicy policy = new BasicAuthenticationPolicy();
    BasicAuthenticationConfig config = policy.parseConfiguration(json);
    ApiRequest request = new ApiRequest();
    request.setType("GET");
    request.setApiKey("12345");
    request.setRemoteAddr("1.2.3.4");
    request.setDestination("/");
    IPolicyContext context = Mockito.mock(IPolicyContext.class);
    final PolicyFailure failure = new PolicyFailure();
    Mockito.when(context.getComponent(IPolicyFailureFactoryComponent.class)).thenReturn(new IPolicyFailureFactoryComponent() {

        @Override
        public PolicyFailure createFailure(PolicyFailureType type, int failureCode, String message) {
            return failure;
        }
    });
    Mockito.when(context.getComponent(IJdbcComponent.class)).thenReturn(new DefaultJdbcComponent());
    IPolicyChain<ApiRequest> chain = Mockito.mock(IPolicyChain.class);
    // Failure
    policy.apply(request, context, config, chain);
    Mockito.verify(chain).doFailure(failure);
    // Failure
    request.getHeaders().put("Authorization", createBasicAuthorization(JDBC_USER, "invalid_password"));
    chain = Mockito.mock(IPolicyChain.class);
    policy.apply(request, context, config, chain);
    Mockito.verify(chain).doFailure(failure);
    // Success
    request.getHeaders().put("Authorization", createBasicAuthorization(JDBC_USER, JDBC_PASSWORD));
    chain = Mockito.mock(IPolicyChain.class);
    policy.apply(request, context, config, chain);
    Mockito.verify(chain).doApply(request);
}
Also used : DefaultJdbcComponent(io.apiman.gateway.engine.impl.DefaultJdbcComponent) ApiRequest(io.apiman.gateway.engine.beans.ApiRequest) IPolicyFailureFactoryComponent(io.apiman.gateway.engine.components.IPolicyFailureFactoryComponent) IPolicyChain(io.apiman.gateway.engine.policy.IPolicyChain) IPolicyContext(io.apiman.gateway.engine.policy.IPolicyContext) PolicyFailure(io.apiman.gateway.engine.beans.PolicyFailure) BasicAuthenticationConfig(io.apiman.gateway.engine.policies.config.BasicAuthenticationConfig) PolicyFailureType(io.apiman.gateway.engine.beans.PolicyFailureType)

Aggregations

BasicAuthenticationConfig (io.apiman.gateway.engine.policies.config.BasicAuthenticationConfig)4 ApiRequest (io.apiman.gateway.engine.beans.ApiRequest)3 IPolicyContext (io.apiman.gateway.engine.policy.IPolicyContext)3 PolicyFailure (io.apiman.gateway.engine.beans.PolicyFailure)2 PolicyFailureType (io.apiman.gateway.engine.beans.PolicyFailureType)2 DefaultJdbcComponent (io.apiman.gateway.engine.impl.DefaultJdbcComponent)2 IPolicyChain (io.apiman.gateway.engine.policy.IPolicyChain)2 IPolicyFailureFactoryComponent (io.apiman.gateway.engine.components.IPolicyFailureFactoryComponent)1 BasicAuthenticationPolicy (io.apiman.gateway.engine.policies.BasicAuthenticationPolicy)1 HashSet (java.util.HashSet)1 Test (org.junit.Test)1