use of io.helidon.security.AuthenticationResponse in project helidon by oracle.
the class HttpAuthProviderBuilderTest method digestTestNonceNotEncrypted.
@Test
public void digestTestNonceNotEncrypted() {
setHeader(context, HttpBasicAuthProvider.HEADER_AUTHENTICATION, buildDigest(HttpDigest.Qop.AUTH, "jack", "jackIsGreat", Base64.getEncoder().encodeToString("4444444444444444444444444444444444444444444444".getBytes()), "mic"));
AuthenticationResponse response = context.atnClientBuilder().explicitProvider("digest").buildAndGet();
assertThat(response.description().orElse(""), is("Invalid nonce value"));
assertThat(response.status(), is(SecurityResponse.SecurityStatus.FAILURE));
assertThat(response.statusCode().orElse(200), is(401));
}
use of io.helidon.security.AuthenticationResponse in project helidon by oracle.
the class HttpAuthProviderBuilderTest method basicTestInvalidUser.
@Test
public void basicTestInvalidUser() {
setHeader(context, HttpBasicAuthProvider.HEADER_AUTHENTICATION, buildBasic("wrong", "user"));
AuthenticationResponse response = context.authenticate();
assertThat(response.description().orElse(""), is("Invalid username or password"));
assertThat(response.status().isSuccess(), is(false));
assertThat(response.statusCode().orElse(200), is(401));
String authHeader = response.responseHeaders().get(HttpBasicAuthProvider.HEADER_AUTHENTICATION_REQUIRED).get(0);
assertThat(authHeader, notNullValue());
assertThat(authHeader.toLowerCase(), is("basic realm=\"mic\""));
setHeader(context, HttpBasicAuthProvider.HEADER_AUTHENTICATION, buildBasic("jack", "invalid_passworrd"));
response = context.authenticate();
assertThat(response.description().orElse(""), is("Invalid username or password"));
assertThat(response.status().isSuccess(), is(false));
assertThat(response.statusCode().orElse(200), is(401));
}
use of io.helidon.security.AuthenticationResponse in project helidon by oracle.
the class HttpAuthProviderBuilderTest method sendInvalidTypeTest.
@Test
public void sendInvalidTypeTest() {
setHeader(context, HttpBasicAuthProvider.HEADER_AUTHENTICATION, "bearer token=\"adfasfaf\"");
AuthenticationResponse response = context.authenticate();
assertThat(response.status(), is(SecurityResponse.SecurityStatus.FAILURE));
assertThat(response.statusCode().orElse(200), is(401));
}
use of io.helidon.security.AuthenticationResponse in project helidon by oracle.
the class HttpAuthProviderBuilderTest method basicTestJill.
@Test
public void basicTestJill() {
setHeader(context, HttpBasicAuthProvider.HEADER_AUTHENTICATION, buildBasic("jill", "password"));
AuthenticationResponse response = context.authenticate();
assertThat(response.status(), is(SecurityResponse.SecurityStatus.SUCCESS));
assertThat(response.statusCode().orElse(200), is(200));
assertThat(getUsername(context), is("jill"));
assertThat(context.isUserInRole("admin"), is(false));
assertThat(context.isUserInRole("user"), is(true));
}
use of io.helidon.security.AuthenticationResponse in project helidon by oracle.
the class HttpAuthProviderBuilderTest method sendInvalidBasicTest.
@Test
public void sendInvalidBasicTest() {
setHeader(context, HttpBasicAuthProvider.HEADER_AUTHENTICATION, "basic wrong_header_value");
AuthenticationResponse response = context.authenticate();
assertThat(response.status(), is(SecurityResponse.SecurityStatus.FAILURE));
assertThat(response.statusCode().orElse(200), is(401));
// not base64 encoded and invalid
setHeader(context, HttpBasicAuthProvider.HEADER_AUTHENTICATION, "basic " + Base64.getEncoder().encodeToString("Hello".getBytes()));
response = context.authenticate();
assertThat(response.status(), is(SecurityResponse.SecurityStatus.FAILURE));
assertThat(response.statusCode().orElse(200), is(401));
}
Aggregations