use of io.gravitee.am.gateway.policy.Policy in project gravitee-access-management by gravitee-io.
the class FlowManagerTest method shouldFindByExtensionPoint_twoFlows_inherit_false.
@Test
public void shouldFindByExtensionPoint_twoFlows_inherit_false() {
Step domainStep = mock(Step.class);
when(domainStep.isEnabled()).thenReturn(true);
when(domainStep.getPolicy()).thenReturn("step-policy");
when(domainStep.getConfiguration()).thenReturn("domain-step-configuration");
Step appStep = mock(Step.class);
when(appStep.isEnabled()).thenReturn(true);
when(appStep.getPolicy()).thenReturn("step-policy");
when(appStep.getConfiguration()).thenReturn("app-step-configuration");
Flow domainFlow = mock(Flow.class);
when(domainFlow.getId()).thenReturn("domain-flow-id");
when(domainFlow.getType()).thenReturn(Type.CONSENT);
when(domainFlow.isEnabled()).thenReturn(true);
when(domainFlow.getPre()).thenReturn(Collections.singletonList(domainStep));
Flow appFlow = mock(Flow.class);
when(appFlow.getId()).thenReturn("app-flow-id");
when(appFlow.getType()).thenReturn(Type.CONSENT);
when(appFlow.isEnabled()).thenReturn(true);
when(appFlow.getPre()).thenReturn(Collections.singletonList(appStep));
when(appFlow.getApplication()).thenReturn("app-id");
Policy domainPolicy = mock(Policy.class);
Policy appPolicy = mock(Policy.class);
when(appPolicy.id()).thenReturn("app-policy");
Client client = mock(Client.class);
when(client.getId()).thenReturn("app-id");
when(domain.getId()).thenReturn("domain-id");
when(policyPluginManager.create(domainStep.getPolicy(), domainStep.getCondition(), domainStep.getConfiguration())).thenReturn(domainPolicy);
when(policyPluginManager.create(appStep.getPolicy(), appStep.getCondition(), appStep.getConfiguration())).thenReturn(appPolicy);
when(flowService.findAll(ReferenceType.DOMAIN, domain.getId())).thenReturn(Flowable.just(domainFlow, appFlow));
flowManager.afterPropertiesSet();
TestObserver<List<Policy>> obs = flowManager.findByExtensionPoint(ExtensionPoint.PRE_CONSENT, client, null).test();
obs.awaitTerminalEvent();
obs.assertValue(policies -> {
Assert.assertTrue(policies.size() == 1);
Assert.assertTrue(policies.get(0).id().equals(appPolicy.id()));
return true;
});
verify(policyPluginManager, times(2)).create(anyString(), eq(null), anyString());
}
use of io.gravitee.am.gateway.policy.Policy in project gravitee-access-management by gravitee-io.
the class FlowManagerTest method shouldFindByExtensionPoint_twoFlows_inherit_true.
@Test
public void shouldFindByExtensionPoint_twoFlows_inherit_true() {
Step domainStep = mock(Step.class);
when(domainStep.isEnabled()).thenReturn(true);
when(domainStep.getPolicy()).thenReturn("step-policy");
when(domainStep.getConfiguration()).thenReturn("domain-step-configuration");
Step appStep = mock(Step.class);
when(appStep.isEnabled()).thenReturn(true);
when(appStep.getPolicy()).thenReturn("step-policy");
when(appStep.getConfiguration()).thenReturn("app-step-configuration");
Flow domainFlow = mock(Flow.class);
when(domainFlow.getId()).thenReturn("domain-flow-id");
when(domainFlow.getType()).thenReturn(Type.CONSENT);
when(domainFlow.isEnabled()).thenReturn(true);
when(domainFlow.getPre()).thenReturn(Collections.singletonList(domainStep));
Flow appFlow = mock(Flow.class);
when(appFlow.getId()).thenReturn("app-flow-id");
when(appFlow.getType()).thenReturn(Type.CONSENT);
when(appFlow.isEnabled()).thenReturn(true);
when(appFlow.getPre()).thenReturn(Collections.singletonList(appStep));
when(appFlow.getApplication()).thenReturn("app-id");
Policy domainPolicy = mock(Policy.class);
when(domainPolicy.id()).thenReturn("domain-policy");
Policy appPolicy = mock(Policy.class);
when(appPolicy.id()).thenReturn("app-policy");
Client client = mock(Client.class);
when(client.getId()).thenReturn("app-id");
when(client.isFlowsInherited()).thenReturn(true);
when(domain.getId()).thenReturn("domain-id");
when(policyPluginManager.create(domainStep.getPolicy(), domainStep.getCondition(), domainStep.getConfiguration())).thenReturn(domainPolicy);
when(policyPluginManager.create(appStep.getPolicy(), appStep.getCondition(), appStep.getConfiguration())).thenReturn(appPolicy);
when(flowService.findAll(ReferenceType.DOMAIN, domain.getId())).thenReturn(Flowable.just(domainFlow, appFlow));
flowManager.afterPropertiesSet();
TestObserver<List<Policy>> obs = flowManager.findByExtensionPoint(ExtensionPoint.PRE_CONSENT, client, ExecutionPredicate.alwaysTrue()).test();
obs.awaitTerminalEvent();
obs.assertValue(policies -> {
Assert.assertTrue(policies.size() == 2);
Assert.assertTrue(policies.get(0).id().equals(domainPolicy.id()));
Assert.assertTrue(policies.get(1).id().equals(appPolicy.id()));
return true;
});
verify(policyPluginManager, times(2)).create(anyString(), eq(null), anyString());
}
use of io.gravitee.am.gateway.policy.Policy in project gravitee-access-management by gravitee-io.
the class FlowManagerTest method shouldNotFindByExtensionPoint_applicationPolicy_clientNull.
@Test
public void shouldNotFindByExtensionPoint_applicationPolicy_clientNull() {
Step step = mock(Step.class);
when(step.isEnabled()).thenReturn(true);
when(step.getPolicy()).thenReturn("step-policy");
when(step.getConfiguration()).thenReturn("step-configuration");
Flow flow = mock(Flow.class);
when(flow.getId()).thenReturn("flow-id");
when(flow.getType()).thenReturn(Type.CONSENT);
when(flow.isEnabled()).thenReturn(true);
when(flow.getPre()).thenReturn(Collections.singletonList(step));
when(flow.getApplication()).thenReturn("app-id");
Policy policy = mock(Policy.class);
when(domain.getId()).thenReturn("domain-id");
when(policyPluginManager.create(step.getPolicy(), step.getCondition(), step.getConfiguration())).thenReturn(policy);
when(flowService.findAll(ReferenceType.DOMAIN, domain.getId())).thenReturn(Flowable.just(flow));
flowManager.afterPropertiesSet();
TestObserver<List<Policy>> obs = flowManager.findByExtensionPoint(ExtensionPoint.PRE_CONSENT, null, null).test();
obs.awaitTerminalEvent();
obs.assertValue(policies -> {
Assert.assertTrue(policies.isEmpty());
return true;
});
verify(policyPluginManager, times(1)).create(anyString(), eq(null), anyString());
}
use of io.gravitee.am.gateway.policy.Policy in project gravitee-access-management by gravitee-io.
the class PolicyChainHandlerImpl method handle.
@Override
public void handle(RoutingContext context) {
// do not call the policy chain if there is error, success or warning parameters
// it means that the policy chain has been already executed
final HttpServerRequest request = context.request();
if (request.params() != null && (request.params().contains(ConstantKeys.ERROR_PARAM_KEY) || request.params().contains(ConstantKeys.WARNING_PARAM_KEY) || request.params().contains(ConstantKeys.SUCCESS_PARAM_KEY))) {
context.next();
return;
}
// prepare execution context
prepareContext(context, contextHandler -> {
if (contextHandler.failed()) {
logger.error("An error occurs while preparing execution context", contextHandler.cause());
context.fail(contextHandler.cause());
return;
}
// resolve policies
ExecutionContext executionContext = contextHandler.result();
resolve(executionContext, handler -> {
if (handler.failed()) {
logger.error("An error occurs while resolving policies", handler.cause());
context.fail(handler.cause());
return;
}
List<Policy> policies = handler.result();
// if no policies continue
if (policies.isEmpty()) {
context.next();
return;
}
// call the policy chain
executePolicyChain(policies, executionContext, policyChainHandler -> {
if (policyChainHandler.failed()) {
logger.debug("An error occurs while executing the policy chain", policyChainHandler.cause());
context.fail(policyChainHandler.cause());
return;
}
// update context attributes
ExecutionContext processedExecutionContext = policyChainHandler.result();
processedExecutionContext.getAttributes().forEach((k, v) -> {
if (ConstantKeys.AUTH_FLOW_CONTEXT_KEY.equals(k)) {
final AuthenticationFlowContext authFlowContext = (AuthenticationFlowContext) v;
if (authFlowContext != null) {
// update authentication flow context version into the session
context.session().put(ConstantKeys.AUTH_FLOW_CONTEXT_VERSION_KEY, authFlowContext.getVersion());
}
}
context.put(k, v);
});
// continue
context.next();
});
});
});
}
use of io.gravitee.am.gateway.policy.Policy in project gravitee-access-management by gravitee-io.
the class FlowManagerTest method shouldFindByExtensionPoint_domainPolicy.
@Test
public void shouldFindByExtensionPoint_domainPolicy() {
Step step = mock(Step.class);
when(step.isEnabled()).thenReturn(true);
when(step.getPolicy()).thenReturn("step-policy");
when(step.getConfiguration()).thenReturn("step-configuration");
when(step.getCondition()).thenReturn("step-condition");
Flow flow = mock(Flow.class);
when(flow.getId()).thenReturn("flow-id");
when(flow.getType()).thenReturn(Type.CONSENT);
when(flow.isEnabled()).thenReturn(true);
when(flow.getPre()).thenReturn(Collections.singletonList(step));
Policy policy = mock(Policy.class);
when(domain.getId()).thenReturn("domain-id");
when(policyPluginManager.create(step.getPolicy(), step.getCondition(), step.getConfiguration())).thenReturn(policy);
when(flowService.findAll(ReferenceType.DOMAIN, domain.getId())).thenReturn(Flowable.just(flow));
flowManager.afterPropertiesSet();
TestObserver<List<Policy>> obs = flowManager.findByExtensionPoint(ExtensionPoint.PRE_CONSENT, null, null).test();
obs.awaitTerminalEvent();
obs.assertValue(policies -> {
Assert.assertTrue(policies.size() == 1);
return true;
});
verify(policyPluginManager, times(1)).create(anyString(), anyString(), anyString());
}
Aggregations