Search in sources :

Example 1 with Security

use of io.helidon.security.Security in project helidon by oracle.

the class SecureGreetClient method main.

/**
 * Program entry point.
 *
 * @param args  program arguments
 */
public static void main(String[] args) {
    Channel channel = ManagedChannelBuilder.forAddress("localhost", 1408).usePlaintext().build();
    Config config = Config.create();
    // configure Helidon security and add the basic auth provider
    Security security = Security.builder().addProvider(HttpBasicAuthProvider.create(config.get("http-basic-auth"))).build();
    // create the gRPC client security call credentials
    // setting the properties used by the basic auth provider for user name and password
    GrpcClientSecurity clientSecurity = GrpcClientSecurity.builder(security.createContext("test.client")).property(HttpBasicAuthProvider.EP_PROPERTY_OUTBOUND_USER, "Bob").property(HttpBasicAuthProvider.EP_PROPERTY_OUTBOUND_PASSWORD, "password").build();
    // create the GreetService client stub and use the GrpcClientSecurity call credentials
    GreetServiceGrpc.GreetServiceBlockingStub stub = GreetServiceGrpc.newBlockingStub(channel).withCallCredentials(clientSecurity);
    Greet.GreetResponse greetResponse = stub.greet(Greet.GreetRequest.newBuilder().setName("Bob").build());
    System.out.println(greetResponse.getMessage());
    Greet.SetGreetingResponse setGreetingResponse = stub.setGreeting(Greet.SetGreetingRequest.newBuilder().setGreeting("Merhaba").build());
    System.out.println("Greeting set to: " + setGreetingResponse.getGreeting());
    greetResponse = stub.greet(Greet.GreetRequest.newBuilder().setName("Bob").build());
    System.out.println(greetResponse.getMessage());
}
Also used : GrpcClientSecurity(io.helidon.security.integration.grpc.GrpcClientSecurity) Greet(io.helidon.grpc.examples.common.Greet) Config(io.helidon.config.Config) Channel(io.grpc.Channel) GreetServiceGrpc(io.helidon.grpc.examples.common.GreetServiceGrpc) Security(io.helidon.security.Security) GrpcClientSecurity(io.helidon.security.integration.grpc.GrpcClientSecurity)

Example 2 with Security

use of io.helidon.security.Security in project helidon by oracle.

the class SecureServer method main.

/**
 * Program entry point.
 *
 * @param args the program command line arguments
 */
public static void main(String[] args) {
    LogConfig.configureRuntime();
    Config config = Config.create();
    Security security = Security.builder().addProvider(HttpBasicAuthProvider.create(config.get("http-basic-auth"))).build();
    grpcServer = createGrpcServer(config.get("grpc"), security);
    webServer = createWebServer(config.get("webserver"), security);
}
Also used : LogConfig(io.helidon.common.LogConfig) Config(io.helidon.config.Config) Security(io.helidon.security.Security) WebSecurity(io.helidon.security.integration.webserver.WebSecurity) GrpcClientSecurity(io.helidon.security.integration.grpc.GrpcClientSecurity) WebClientSecurity(io.helidon.webclient.security.WebClientSecurity) GrpcSecurity(io.helidon.security.integration.grpc.GrpcSecurity)

Example 3 with Security

use of io.helidon.security.Security in project helidon by oracle.

the class AbacServer method main.

/**
 * Main entry point.
 *
 * @param args  the program arguments
 */
public static void main(String[] args) {
    LogConfig.configureRuntime();
    Security security = Security.builder().addProvider(// add out custom provider
    AtnProvider.builder().build()).addProvider(// add the ABAC provider
    AbacProvider.builder().build()).build();
    // Create the time validator that will be used by the ABAC security provider
    TimeValidator.TimeConfig validTimes = TimeValidator.TimeConfig.builder().addBetween(LocalTime.of(8, 15), LocalTime.of(12, 0)).addBetween(LocalTime.of(12, 30), LocalTime.of(17, 30)).addDaysOfWeek(DayOfWeek.MONDAY, DayOfWeek.TUESDAY, DayOfWeek.WEDNESDAY, DayOfWeek.THURSDAY, DayOfWeek.FRIDAY).build();
    // Create the policy validator that will be used by the ABAC security provider
    PolicyValidator.PolicyConfig validPolicy = PolicyValidator.PolicyConfig.builder().statement("${env.time.year >= 2017}").build();
    // Create the scope validator that will be used by the ABAC security provider
    ScopeValidator.ScopesConfig validScopes = ScopeValidator.ScopesConfig.create("calendar_read", "calendar_edit");
    // Create the Atn config that will be used by out custom security provider
    AtnProvider.AtnConfig atnConfig = AtnProvider.AtnConfig.builder().addAuth(AtnProvider.Auth.builder("user").type(SubjectType.USER).roles("user_role").scopes("calendar_read", "calendar_edit").build()).addAuth(AtnProvider.Auth.builder("service").type(SubjectType.SERVICE).roles("service_role").scopes("calendar_read", "calendar_edit").build()).build();
    ServiceDescriptor stringService = ServiceDescriptor.builder(new StringService()).intercept("Upper", GrpcSecurity.secure().customObject(atnConfig).customObject(validScopes).customObject(validTimes).customObject(validPolicy)).build();
    GrpcRouting grpcRouting = GrpcRouting.builder().intercept(GrpcSecurity.create(security).securityDefaults(GrpcSecurity.secure())).register(stringService).build();
    GrpcServerConfiguration serverConfig = GrpcServerConfiguration.builder().build();
    GrpcServer grpcServer = GrpcServer.create(serverConfig, grpcRouting);
    grpcServer.start().thenAccept(s -> {
        System.out.println("gRPC server is UP! http://localhost:" + s.port());
        s.whenShutdown().thenRun(() -> System.out.println("gRPC server is DOWN. Good bye!"));
    }).exceptionally(t -> {
        System.err.println("Startup failed: " + t.getMessage());
        t.printStackTrace(System.err);
        return null;
    });
}
Also used : GrpcServerConfiguration(io.helidon.grpc.server.GrpcServerConfiguration) Security(io.helidon.security.Security) ServiceDescriptor(io.helidon.grpc.server.ServiceDescriptor) SubjectType(io.helidon.security.SubjectType) GrpcRouting(io.helidon.grpc.server.GrpcRouting) GrpcSecurity(io.helidon.security.integration.grpc.GrpcSecurity) ScopeValidator(io.helidon.security.abac.scope.ScopeValidator) TimeValidator(io.helidon.security.abac.time.TimeValidator) StringService(io.helidon.grpc.examples.common.StringService) PolicyValidator(io.helidon.security.abac.policy.PolicyValidator) DayOfWeek(java.time.DayOfWeek) LocalTime(java.time.LocalTime) GrpcServer(io.helidon.grpc.server.GrpcServer) AbacProvider(io.helidon.security.providers.abac.AbacProvider) LogConfig(io.helidon.common.LogConfig) TimeValidator(io.helidon.security.abac.time.TimeValidator) StringService(io.helidon.grpc.examples.common.StringService) GrpcServer(io.helidon.grpc.server.GrpcServer) Security(io.helidon.security.Security) GrpcSecurity(io.helidon.security.integration.grpc.GrpcSecurity) ScopeValidator(io.helidon.security.abac.scope.ScopeValidator) GrpcServerConfiguration(io.helidon.grpc.server.GrpcServerConfiguration) PolicyValidator(io.helidon.security.abac.policy.PolicyValidator) ServiceDescriptor(io.helidon.grpc.server.ServiceDescriptor) GrpcRouting(io.helidon.grpc.server.GrpcRouting)

Example 4 with Security

use of io.helidon.security.Security in project helidon by oracle.

the class AbacServerFromConfig method main.

/**
 * Main entry point.
 *
 * @param args  the program arguments
 */
public static void main(String[] args) {
    LogConfig.configureRuntime();
    Config config = Config.create();
    Security security = Security.create(config.get("security"));
    GrpcRouting grpcRouting = GrpcRouting.builder().intercept(GrpcSecurity.create(security, config.get("security"))).register(new StringService()).build();
    GrpcServerConfiguration serverConfig = GrpcServerConfiguration.create(config.get("grpc"));
    GrpcServer grpcServer = GrpcServer.create(serverConfig, grpcRouting);
    grpcServer.start().thenAccept(s -> {
        System.out.println("gRPC server is UP! http://localhost:" + s.port());
        s.whenShutdown().thenRun(() -> System.out.println("gRPC server is DOWN. Good bye!"));
    }).exceptionally(t -> {
        System.err.println("Startup failed: " + t.getMessage());
        t.printStackTrace(System.err);
        return null;
    });
}
Also used : StringService(io.helidon.grpc.examples.common.StringService) GrpcServerConfiguration(io.helidon.grpc.server.GrpcServerConfiguration) Security(io.helidon.security.Security) Config(io.helidon.config.Config) GrpcServer(io.helidon.grpc.server.GrpcServer) LogConfig(io.helidon.common.LogConfig) GrpcRouting(io.helidon.grpc.server.GrpcRouting) GrpcSecurity(io.helidon.security.integration.grpc.GrpcSecurity) GrpcServerConfiguration(io.helidon.grpc.server.GrpcServerConfiguration) Config(io.helidon.config.Config) LogConfig(io.helidon.common.LogConfig) StringService(io.helidon.grpc.examples.common.StringService) GrpcServer(io.helidon.grpc.server.GrpcServer) Security(io.helidon.security.Security) GrpcSecurity(io.helidon.security.integration.grpc.GrpcSecurity) GrpcRouting(io.helidon.grpc.server.GrpcRouting)

Example 5 with Security

use of io.helidon.security.Security in project helidon by oracle.

the class SecureStringClient method main.

/**
 * Program entry point.
 *
 * @param args  the program arguments - {@code arg[0]} is the user name
 *              and {@code arg[1] is the password}
 */
public static void main(String[] args) {
    Channel channel = ManagedChannelBuilder.forAddress("localhost", 1408).usePlaintext().build();
    // Obtain the user name and password from the program arguments
    String user = args.length >= 2 ? args[0] : "Ted";
    String password = args.length >= 2 ? args[1] : "secret";
    Config config = Config.create();
    // configure Helidon security and add the basic auth provider
    Security security = Security.builder().addProvider(HttpBasicAuthProvider.create(config.get("http-basic-auth"))).build();
    // create the gRPC client security call credentials
    // setting the properties used by the basic auth provider for user name and password
    GrpcClientSecurity clientSecurity = GrpcClientSecurity.builder(security.createContext("test.client")).property(HttpBasicAuthProvider.EP_PROPERTY_OUTBOUND_USER, user).property(HttpBasicAuthProvider.EP_PROPERTY_OUTBOUND_PASSWORD, password).build();
    // Create the client service descriptor and add the call credentials
    ClientServiceDescriptor descriptor = ClientServiceDescriptor.builder(StringServiceGrpc.getServiceDescriptor()).callCredentials(clientSecurity).build();
    // create the client for the service
    GrpcServiceClient client = GrpcServiceClient.create(channel, descriptor);
    Strings.StringMessage request = Strings.StringMessage.newBuilder().setText("ABCDE").build();
    Strings.StringMessage response = client.blockingUnary("Lower", request);
    System.out.println("Response from Lower method call is '" + response.getText() + "'");
}
Also used : GrpcClientSecurity(io.helidon.security.integration.grpc.GrpcClientSecurity) Config(io.helidon.config.Config) Channel(io.grpc.Channel) ClientServiceDescriptor(io.helidon.grpc.client.ClientServiceDescriptor) GrpcServiceClient(io.helidon.grpc.client.GrpcServiceClient) Security(io.helidon.security.Security) GrpcClientSecurity(io.helidon.security.integration.grpc.GrpcClientSecurity) Strings(io.helidon.grpc.examples.common.Strings)

Aggregations

Security (io.helidon.security.Security)48 SecurityContext (io.helidon.security.SecurityContext)25 Config (io.helidon.config.Config)22 BeforeAll (org.junit.jupiter.api.BeforeAll)14 Test (org.junit.jupiter.api.Test)14 LogConfig (io.helidon.common.LogConfig)13 Routing (io.helidon.webserver.Routing)12 Optional (java.util.Optional)12 WebSecurity (io.helidon.security.integration.webserver.WebSecurity)10 WebClientSecurity (io.helidon.webclient.security.WebClientSecurity)10 WebServer (io.helidon.webserver.WebServer)10 Channel (io.grpc.Channel)7 GrpcRouting (io.helidon.grpc.server.GrpcRouting)7 GrpcServerConfiguration (io.helidon.grpc.server.GrpcServerConfiguration)7 ServiceDescriptor (io.helidon.grpc.server.ServiceDescriptor)7 Set (java.util.Set)7 CoreMatchers.is (org.hamcrest.CoreMatchers.is)7 MatcherAssert.assertThat (org.hamcrest.MatcherAssert.assertThat)7 Context (io.helidon.common.context.Context)6 AuthorizationResponse (io.helidon.security.AuthorizationResponse)6