use of io.helidon.security.EndpointConfig in project helidon by oracle.
the class AtnProvider method syncAuthenticate.
@Override
protected AuthenticationResponse syncAuthenticate(ProviderRequest providerRequest) {
EndpointConfig endpointConfig = providerRequest.endpointConfig();
Config atnConfig = endpointConfig.config(CONFIG_KEY).orElse(null);
Subject user = null;
Subject service = null;
List<Auth> list;
Optional<AtnConfig> optional = providerRequest.endpointConfig().instance(AtnConfig.class);
if (optional.isPresent()) {
list = optional.get().auths();
} else if (atnConfig != null && !atnConfig.isLeaf()) {
list = atnConfig.asNodeList().map(this::fromConfig).orElse(Collections.emptyList());
} else {
list = fromAnnotations(endpointConfig);
}
for (Auth authentication : list) {
if (authentication.type() == SubjectType.USER) {
user = buildSubject(authentication);
} else {
service = buildSubject(authentication);
}
}
return AuthenticationResponse.success(user, service);
}
use of io.helidon.security.EndpointConfig in project helidon by oracle.
the class AtnProviderSync method getCustomObject.
private AtnObject getCustomObject(EndpointConfig epConfig) {
// order I choose - this depends on type of security you implement and your choice:
// 1) custom object in request (as this must be explicitly done by a developer)
Optional<? extends AtnObject> opt = epConfig.instance(AtnObject.class);
if (opt.isPresent()) {
return opt.get();
}
// 2) configuration in request
opt = epConfig.config("atn-object").flatMap(conf -> conf.as(AtnObject::from).asOptional());
if (opt.isPresent()) {
return opt.get();
}
// 3) annotations on target
List<AtnAnnot> annots = new ArrayList<>();
for (SecurityLevel securityLevel : epConfig.securityLevels()) {
annots.addAll(securityLevel.combineAnnotations(AtnAnnot.class, EndpointConfig.AnnotationScope.values()));
}
if (annots.isEmpty()) {
return null;
} else {
return AtnObject.from(annots.get(0));
}
}
use of io.helidon.security.EndpointConfig in project helidon by oracle.
the class AtnProviderSyncTest method testFailure.
@Test
public void testFailure() {
Config config = Config.create(ConfigSources.create(Map.of("atn-object.size", String.valueOf(SIZE))));
SecurityContext context = mock(SecurityContext.class);
when(context.user()).thenReturn(Optional.empty());
when(context.service()).thenReturn(Optional.empty());
SecurityEnvironment se = SecurityEnvironment.create();
EndpointConfig ep = EndpointConfig.builder().config("atn-object", config).build();
ProviderRequest request = mock(ProviderRequest.class);
when(request.securityContext()).thenReturn(context);
when(request.env()).thenReturn(se);
when(request.endpointConfig()).thenReturn(ep);
AtnProviderSync provider = new AtnProviderSync();
AuthenticationResponse response = provider.syncAuthenticate(request);
assertThat(response.status(), is(SecurityResponse.SecurityStatus.FAILURE));
}
use of io.helidon.security.EndpointConfig in project helidon by oracle.
the class AtnProviderSyncTest method testConfigSuccess.
@Test
public void testConfigSuccess() {
Config config = Config.create(ConfigSources.create(Map.of("value", VALUE, "size", String.valueOf(SIZE))));
SecurityContext context = mock(SecurityContext.class);
when(context.user()).thenReturn(Optional.empty());
when(context.service()).thenReturn(Optional.empty());
SecurityEnvironment se = SecurityEnvironment.create();
EndpointConfig ep = EndpointConfig.builder().config("atn-object", config).build();
ProviderRequest request = mock(ProviderRequest.class);
when(request.securityContext()).thenReturn(context);
when(request.env()).thenReturn(se);
when(request.endpointConfig()).thenReturn(ep);
testSuccess(request);
}
use of io.helidon.security.EndpointConfig in project helidon by oracle.
the class AtzProviderSyncTest method testPermitted.
@Test
public void testPermitted() {
SecurityContext context = mock(SecurityContext.class);
when(context.isAuthenticated()).thenReturn(true);
SecurityEnvironment se = SecurityEnvironment.builder().path("/private/some/path").build();
EndpointConfig ep = EndpointConfig.create();
ProviderRequest request = mock(ProviderRequest.class);
when(request.securityContext()).thenReturn(context);
when(request.env()).thenReturn(se);
when(request.endpointConfig()).thenReturn(ep);
AtzProviderSync provider = new AtzProviderSync();
AuthorizationResponse response = provider.syncAuthorize(request);
assertThat(response.status(), is(SecurityResponse.SecurityStatus.SUCCESS));
}
Aggregations