Search in sources :

Example 56 with AuthenticationResponse

use of io.helidon.security.AuthenticationResponse in project helidon by oracle.

the class HttpSignProvider method authorizeHeader.

private AuthenticationResponse authorizeHeader(SecurityEnvironment env) {
    List<String> authorization = env.headers().get("Authorization");
    AuthenticationResponse response = null;
    // attempt to validate each authorization, first one that succeeds will finish processing and return
    for (String authorizationValue : authorization) {
        if (authorizationValue.toLowerCase().startsWith("signature ")) {
            response = signatureHeader(List.of(authorizationValue.substring("singature ".length())), env);
            if (response.status().isSuccess()) {
                // that was a good header, let's return the response
                return response;
            }
        }
    }
    // we have reached the end - all headers validated, none fit, fail or abstain
    if (optional) {
        return AuthenticationResponse.abstain();
    }
    // challenge
    return challenge(env, (null == response) ? "No Signature authorization header" : response.description().orElse("Unknown problem"));
}
Also used : AuthenticationResponse(io.helidon.security.AuthenticationResponse)

Example 57 with AuthenticationResponse

use of io.helidon.security.AuthenticationResponse in project helidon by oracle.

the class AtnProviderSyncTest method integrationTest.

@Test
public void integrationTest() {
    Security security = Security.builder().addProvider(new AtnProviderSync()).build();
    // this part is usually done by container integration component
    // in Jersey you have access to security context through annotations
    // in Web server you have access to security context through context
    SecurityContext context = security.createContext("unit-test");
    context.endpointConfig(EndpointConfig.builder().customObject(AtnProviderSync.AtnObject.class, AtnProviderSync.AtnObject.from(VALUE, SIZE)));
    AuthenticationResponse response = context.authenticate();
    validateResponse(response);
}
Also used : SecurityContext(io.helidon.security.SecurityContext) Security(io.helidon.security.Security) AuthenticationResponse(io.helidon.security.AuthenticationResponse) Test(org.junit.jupiter.api.Test)

Example 58 with AuthenticationResponse

use of io.helidon.security.AuthenticationResponse in project helidon by oracle.

the class AtnProviderSyncTest method testAbstain.

@Test
public void testAbstain() {
    SecurityContext context = mock(SecurityContext.class);
    when(context.user()).thenReturn(Optional.empty());
    when(context.service()).thenReturn(Optional.empty());
    SecurityEnvironment se = SecurityEnvironment.create();
    EndpointConfig ep = EndpointConfig.create();
    ProviderRequest request = mock(ProviderRequest.class);
    when(request.securityContext()).thenReturn(context);
    when(request.env()).thenReturn(se);
    when(request.endpointConfig()).thenReturn(ep);
    AtnProviderSync provider = new AtnProviderSync();
    AuthenticationResponse response = provider.syncAuthenticate(request);
    assertThat(response.status(), is(SecurityResponse.SecurityStatus.ABSTAIN));
}
Also used : SecurityEnvironment(io.helidon.security.SecurityEnvironment) SecurityContext(io.helidon.security.SecurityContext) AuthenticationResponse(io.helidon.security.AuthenticationResponse) EndpointConfig(io.helidon.security.EndpointConfig) ProviderRequest(io.helidon.security.ProviderRequest) Test(org.junit.jupiter.api.Test)

Example 59 with AuthenticationResponse

use of io.helidon.security.AuthenticationResponse in project helidon by oracle.

the class AtnProviderSyncTest method testSuccess.

private void testSuccess(ProviderRequest request) {
    AtnProviderSync provider = new AtnProviderSync();
    AuthenticationResponse response = provider.syncAuthenticate(request);
    validateResponse(response);
}
Also used : AuthenticationResponse(io.helidon.security.AuthenticationResponse)

Example 60 with AuthenticationResponse

use of io.helidon.security.AuthenticationResponse in project helidon by oracle.

the class SecurityFilterTest method testAtnAbortWith.

@Test
void testAtnAbortWith() {
    SecurityFeature feature = SecurityFeature.builder(security).build();
    SecurityContext securityContext = security.createContext("testAbortWith");
    SecurityFilter sf = new SecurityFilter(feature.featureConfig(), security, serverConfig, securityContext);
    ContainerRequest request = mock(ContainerRequest.class);
    SecurityFilter.FilterContext filterContext = new SecurityFilter.FilterContext();
    filterContext.setJerseyRequest(request);
    SecurityDefinition methodSecurity = mock(SecurityDefinition.class);
    SecurityClientBuilder<AuthenticationResponse> clientBuilder = mock(SecurityClientBuilder.class);
    when(clientBuilder.buildAndGet()).thenReturn(AuthenticationResponse.failed("Unit-test"));
    sf.processAuthentication(filterContext, clientBuilder, methodSecurity, tracing.atnTracing());
    assertThat(filterContext.isShouldFinish(), is(true));
    verify(request).abortWith(argThat(response -> response.getStatus() == 401));
}
Also used : CoreMatchers.is(org.hamcrest.CoreMatchers.is) Security(io.helidon.security.Security) ServerConfig(org.glassfish.jersey.server.ServerConfig) ArgumentMatchers.argThat(org.mockito.ArgumentMatchers.argThat) Set(java.util.Set) SecurityContext(io.helidon.security.SecurityContext) ContainerRequest(org.glassfish.jersey.server.ContainerRequest) Mockito.when(org.mockito.Mockito.when) AuthenticationResponse(io.helidon.security.AuthenticationResponse) WebApplicationException(jakarta.ws.rs.WebApplicationException) Mockito.verify(org.mockito.Mockito.verify) SecurityResponse(io.helidon.security.SecurityResponse) Test(org.junit.jupiter.api.Test) Response(jakarta.ws.rs.core.Response) SecurityClientBuilder(io.helidon.security.SecurityClientBuilder) BeforeAll(org.junit.jupiter.api.BeforeAll) ResourceConfig(org.glassfish.jersey.server.ResourceConfig) Assertions(org.junit.jupiter.api.Assertions) Application(jakarta.ws.rs.core.Application) MatcherAssert.assertThat(org.hamcrest.MatcherAssert.assertThat) SecurityTracing(io.helidon.security.integration.common.SecurityTracing) AuthorizationResponse(io.helidon.security.AuthorizationResponse) Mockito.mock(org.mockito.Mockito.mock) SecurityContext(io.helidon.security.SecurityContext) ContainerRequest(org.glassfish.jersey.server.ContainerRequest) AuthenticationResponse(io.helidon.security.AuthenticationResponse) Test(org.junit.jupiter.api.Test)

Aggregations

AuthenticationResponse (io.helidon.security.AuthenticationResponse)60 Test (org.junit.jupiter.api.Test)52 ProviderRequest (io.helidon.security.ProviderRequest)28 SecurityEnvironment (io.helidon.security.SecurityEnvironment)22 SecurityContext (io.helidon.security.SecurityContext)19 EndpointConfig (io.helidon.security.EndpointConfig)15 Subject (io.helidon.security.Subject)15 Principal (io.helidon.security.Principal)12 OutboundSecurityResponse (io.helidon.security.OutboundSecurityResponse)10 SignedJwt (io.helidon.security.jwt.SignedJwt)8 Instant (java.time.Instant)8 Jwt (io.helidon.security.jwt.Jwt)6 Locale (java.util.Locale)6 SecurityResponse (io.helidon.security.SecurityResponse)5 List (java.util.List)5 CoreMatchers.containsString (org.hamcrest.CoreMatchers.containsString)5 Config (io.helidon.config.Config)4 GoogleIdTokenVerifier (com.google.api.client.googleapis.auth.oauth2.GoogleIdTokenVerifier)3 Role (io.helidon.security.Role)3 Security (io.helidon.security.Security)3