Search in sources :

Example 46 with AuthenticationResponse

use of io.helidon.security.AuthenticationResponse in project helidon by oracle.

the class HttpAuthProviderBuilderTest method digestOldTestJack.

@Test
public void digestOldTestJack() {
    setHeader(context, HttpBasicAuthProvider.HEADER_AUTHENTICATION, buildDigest(HttpDigest.Qop.NONE, "jack", "jackIsGreat"));
    AuthenticationResponse response = context.atnClientBuilder().explicitProvider("digest_old").buildAndGet();
    assertThat(response.description().orElse("No description"), response.status(), is(SecurityResponse.SecurityStatus.SUCCESS));
    assertThat(response.statusCode().orElse(200), is(200));
    assertThat(getUsername(context), is("jack"));
    assertThat(context.isUserInRole("admin"), is(true));
    assertThat(context.isUserInRole("user"), is(true));
}
Also used : AuthenticationResponse(io.helidon.security.AuthenticationResponse) Test(org.junit.jupiter.api.Test)

Example 47 with AuthenticationResponse

use of io.helidon.security.AuthenticationResponse in project helidon by oracle.

the class HttpAuthProviderBuilderTest method digestOldTest401.

@Test
public void digestOldTest401() {
    AuthenticationResponse response = context.atnClientBuilder().explicitProvider("digest_old").buildAndGet();
    assertThat(response.status().isSuccess(), is(false));
    assertThat(response.statusCode().orElse(200), is(401));
    String authHeader = response.responseHeaders().get(HttpBasicAuthProvider.HEADER_AUTHENTICATION_REQUIRED).get(0);
    assertThat(authHeader, notNullValue());
    assertThat(authHeader.toLowerCase(), startsWith("digest realm=\"mic\""));
    assertThat(authHeader.toLowerCase(), not(containsString("qop=")));
}
Also used : CoreMatchers.containsString(org.hamcrest.CoreMatchers.containsString) AuthenticationResponse(io.helidon.security.AuthenticationResponse) Test(org.junit.jupiter.api.Test)

Example 48 with AuthenticationResponse

use of io.helidon.security.AuthenticationResponse in project helidon by oracle.

the class HttpAuthProviderBuilderTest method digestTestNonceNotB64.

@Test
public void digestTestNonceNotB64() {
    setHeader(context, HttpBasicAuthProvider.HEADER_AUTHENTICATION, buildDigest(HttpDigest.Qop.AUTH, "jack", "jackIsGreat", "Not a base64 encoded $tring", "mic"));
    AuthenticationResponse response = context.atnClientBuilder().explicitProvider("digest").buildAndGet();
    assertThat(response.description().orElse(""), is("Nonce must be base64 encoded"));
    assertThat(response.status(), is(SecurityResponse.SecurityStatus.FAILURE));
    assertThat(response.statusCode().orElse(200), is(401));
}
Also used : AuthenticationResponse(io.helidon.security.AuthenticationResponse) Test(org.junit.jupiter.api.Test)

Example 49 with AuthenticationResponse

use of io.helidon.security.AuthenticationResponse in project helidon by oracle.

the class HttpAuthProviderBuilderTest method digestTestNonceTooShort.

@Test
public void digestTestNonceTooShort() {
    setHeader(context, HttpBasicAuthProvider.HEADER_AUTHENTICATION, buildDigest(HttpDigest.Qop.AUTH, "jack", "jackIsGreat", // must be base64 encoded string of less than 17 bytes
    "wrongNonce", "mic"));
    AuthenticationResponse response = context.atnClientBuilder().explicitProvider("digest").buildAndGet();
    assertThat(response.description().orElse(""), is("Invalid nonce length"));
    assertThat(response.status(), is(SecurityResponse.SecurityStatus.FAILURE));
    assertThat(response.statusCode().orElse(200), is(401));
}
Also used : AuthenticationResponse(io.helidon.security.AuthenticationResponse) Test(org.junit.jupiter.api.Test)

Example 50 with AuthenticationResponse

use of io.helidon.security.AuthenticationResponse in project helidon by oracle.

the class HttpAuthProviderBuilderTest method digestOldTestJill.

@Test
public void digestOldTestJill() {
    setHeader(context, HttpBasicAuthProvider.HEADER_AUTHENTICATION, buildDigest(HttpDigest.Qop.NONE, "jill", "password"));
    AuthenticationResponse response = context.atnClientBuilder().explicitProvider("digest_old").buildAndGet();
    assertThat(response.description().orElse("No description"), response.status(), is(SecurityResponse.SecurityStatus.SUCCESS));
    assertThat(response.statusCode().orElse(200), is(200));
    assertThat(getUsername(context), is("jill"));
    assertThat(context.isUserInRole("admin"), is(false));
    assertThat(context.isUserInRole("user"), is(true));
}
Also used : AuthenticationResponse(io.helidon.security.AuthenticationResponse) Test(org.junit.jupiter.api.Test)

Aggregations

AuthenticationResponse (io.helidon.security.AuthenticationResponse)60 Test (org.junit.jupiter.api.Test)52 ProviderRequest (io.helidon.security.ProviderRequest)28 SecurityEnvironment (io.helidon.security.SecurityEnvironment)22 SecurityContext (io.helidon.security.SecurityContext)19 EndpointConfig (io.helidon.security.EndpointConfig)15 Subject (io.helidon.security.Subject)15 Principal (io.helidon.security.Principal)12 OutboundSecurityResponse (io.helidon.security.OutboundSecurityResponse)10 SignedJwt (io.helidon.security.jwt.SignedJwt)8 Instant (java.time.Instant)8 Jwt (io.helidon.security.jwt.Jwt)6 Locale (java.util.Locale)6 SecurityResponse (io.helidon.security.SecurityResponse)5 List (java.util.List)5 CoreMatchers.containsString (org.hamcrest.CoreMatchers.containsString)5 Config (io.helidon.config.Config)4 GoogleIdTokenVerifier (com.google.api.client.googleapis.auth.oauth2.GoogleIdTokenVerifier)3 Role (io.helidon.security.Role)3 Security (io.helidon.security.Security)3