Examples with AuthorizationResponse io.helidon.security.AuthorizationResponse used on opensource projects

Search in sources :

Example 11 with AuthorizationResponse

use of io.helidon.security.AuthorizationResponse in project helidon by oracle.

the class AtzProviderSyncTest method testPublic.

@Test
public void testPublic() {
    SecurityEnvironment se = SecurityEnvironment.builder().path("/public/some/path").build();
    EndpointConfig ep = EndpointConfig.create();
    ProviderRequest request = mock(ProviderRequest.class);
    when(request.env()).thenReturn(se);
    when(request.endpointConfig()).thenReturn(ep);
    AtzProviderSync provider = new AtzProviderSync();
    AuthorizationResponse response = provider.syncAuthorize(request);
    assertThat(response.status(), is(SecurityResponse.SecurityStatus.SUCCESS));
}
Also used : SecurityEnvironment(io.helidon.security.SecurityEnvironment) EndpointConfig(io.helidon.security.EndpointConfig) ProviderRequest(io.helidon.security.ProviderRequest) AuthorizationResponse(io.helidon.security.AuthorizationResponse) Test(org.junit.jupiter.api.Test)

Example 12 with AuthorizationResponse

use of io.helidon.security.AuthorizationResponse in project helidon by oracle.

the class AtzProviderSyncTest method testDenied.

@Test
public void testDenied() {
    SecurityContext context = mock(SecurityContext.class);
    when(context.isAuthenticated()).thenReturn(false);
    SecurityEnvironment se = SecurityEnvironment.builder().path("/private/some/path").build();
    EndpointConfig ep = EndpointConfig.create();
    ProviderRequest request = mock(ProviderRequest.class);
    when(request.securityContext()).thenReturn(context);
    when(request.env()).thenReturn(se);
    when(request.endpointConfig()).thenReturn(ep);
    AtzProviderSync provider = new AtzProviderSync();
    AuthorizationResponse response = provider.syncAuthorize(request);
    assertThat(response.status(), is(SecurityResponse.SecurityStatus.FAILURE));
}
Also used : SecurityEnvironment(io.helidon.security.SecurityEnvironment) SecurityContext(io.helidon.security.SecurityContext) EndpointConfig(io.helidon.security.EndpointConfig) ProviderRequest(io.helidon.security.ProviderRequest) AuthorizationResponse(io.helidon.security.AuthorizationResponse) Test(org.junit.jupiter.api.Test)

Example 13 with AuthorizationResponse

use of io.helidon.security.AuthorizationResponse in project helidon by oracle.

the class AuditerTest method integrateIt.

@Test
public void integrateIt() throws InterruptedException {
    Auditer auditer = new Auditer();
    Security sec = Security.builder().addAuthorizationProvider(new AtzProviderSync()).addAuditProvider(auditer).build();
    SecurityContext context = sec.createContext("unit-test");
    context.env(SecurityEnvironment.builder().path("/public/path"));
    AuthorizationResponse response = context.authorize();
    // as auditing is asynchronous, we must give it some time to process
    Thread.sleep(100);
    List<AuditProvider.TracedAuditEvent> messages = auditer.getMessages();
    // there should be two messages - configuration of security and authorization
    List<AuditProvider.TracedAuditEvent> atzEvents = messages.stream().filter(event -> event.eventType().startsWith(AuditEvent.AUTHZ_TYPE_PREFIX)).collect(Collectors.toList());
    assertThat("We only expect a single authorization event", atzEvents.size(), is(1));
}
Also used : Test(org.junit.jupiter.api.Test) CoreMatchers.is(org.hamcrest.CoreMatchers.is) List(java.util.List) Security(io.helidon.security.Security) SecurityEnvironment(io.helidon.security.SecurityEnvironment) AuditProvider(io.helidon.security.spi.AuditProvider) AuditEvent(io.helidon.security.AuditEvent) SecurityContext(io.helidon.security.SecurityContext) MatcherAssert.assertThat(org.hamcrest.MatcherAssert.assertThat) Collectors(java.util.stream.Collectors) AuthorizationResponse(io.helidon.security.AuthorizationResponse) SecurityContext(io.helidon.security.SecurityContext) Security(io.helidon.security.Security) AuthorizationResponse(io.helidon.security.AuthorizationResponse) Test(org.junit.jupiter.api.Test)

Example 14 with AuthorizationResponse

use of io.helidon.security.AuthorizationResponse in project helidon by oracle.

the class ProviderSelectorTest method integrateIt.

@Test
public void integrateIt() {
    Security security = Security.builder().providerSelectionPolicy(ProviderSelector::create).addProvider(new AtnProviderSync()).addProvider(new AtzProviderSync()).build();
    SecurityContext context = security.createContext("unit-test");
    context.env(SecurityEnvironment.builder().path("/public/path"));
    AuthorizationResponse response = context.authorize();
// if we reached here, the policy worked
}
Also used : SecurityContext(io.helidon.security.SecurityContext) Security(io.helidon.security.Security) AuthorizationResponse(io.helidon.security.AuthorizationResponse) Test(org.junit.jupiter.api.Test)

Example 15 with AuthorizationResponse

use of io.helidon.security.AuthorizationResponse in project helidon by oracle.

the class SecurityFilterTest method testAtzThrowException.

@Test
void testAtzThrowException() {
    SecurityFeature feature = SecurityFeature.builder(security).useAbortWith(false).build();
    SecurityContext securityContext = security.createContext("testNotAbortWith");
    SecurityFilter sf = new SecurityFilter(feature.featureConfig(), security, serverConfig, securityContext);
    ContainerRequest request = mock(ContainerRequest.class);
    SecurityFilter.FilterContext filterContext = new SecurityFilter.FilterContext();
    filterContext.setJerseyRequest(request);
    SecurityDefinition methodSecurity = mock(SecurityDefinition.class);
    SecurityClientBuilder<AuthorizationResponse> clientBuilder = mock(SecurityClientBuilder.class);
    when(clientBuilder.buildAndGet()).thenReturn(AuthorizationResponse.builder().description("Unit-test").status(SecurityResponse.SecurityStatus.FAILURE).build());
    WebApplicationException e = Assertions.assertThrows(WebApplicationException.class, () -> sf.processAuthorization(filterContext, clientBuilder));
    Response response = e.getResponse();
    String message = e.getMessage();
    assertThat(response.getStatus(), is(403));
    assertThat(message, is("Unit-test"));
}
Also used : AuthenticationResponse(io.helidon.security.AuthenticationResponse) SecurityResponse(io.helidon.security.SecurityResponse) Response(jakarta.ws.rs.core.Response) AuthorizationResponse(io.helidon.security.AuthorizationResponse) WebApplicationException(jakarta.ws.rs.WebApplicationException) SecurityContext(io.helidon.security.SecurityContext) ContainerRequest(org.glassfish.jersey.server.ContainerRequest) AuthorizationResponse(io.helidon.security.AuthorizationResponse) Test(org.junit.jupiter.api.Test)

Aggregations

AuthorizationResponse (io.helidon.security.AuthorizationResponse)16 Test (org.junit.jupiter.api.Test)12 EndpointConfig (io.helidon.security.EndpointConfig)9 ProviderRequest (io.helidon.security.ProviderRequest)9 SecurityContext (io.helidon.security.SecurityContext)7 SecurityEnvironment (io.helidon.security.SecurityEnvironment)5 SecurityLevel (io.helidon.security.SecurityLevel)5 SecurityResponse (io.helidon.security.SecurityResponse)4 Security (io.helidon.security.Security)3 AuthenticationResponse (io.helidon.security.AuthenticationResponse)2 RolesAllowed (jakarta.annotation.security.RolesAllowed)2 WebApplicationException (jakarta.ws.rs.WebApplicationException)2 Response (jakarta.ws.rs.core.Response)2 List (java.util.List)2 Set (java.util.Set)2 Collectors (java.util.stream.Collectors)2 ContainerRequest (org.glassfish.jersey.server.ContainerRequest)2 CoreMatchers.is (org.hamcrest.CoreMatchers.is)2 MatcherAssert.assertThat (org.hamcrest.MatcherAssert.assertThat)2 Errors (io.helidon.common.Errors)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial