Search in sources :

Example 1 with SecurityClientBuilder

use of io.helidon.security.SecurityClientBuilder in project helidon by oracle.

the class SecurityFilterTest method testAtnAbortWith.

@Test
void testAtnAbortWith() {
    SecurityFeature feature = SecurityFeature.builder(security).build();
    SecurityContext securityContext = security.createContext("testAbortWith");
    SecurityFilter sf = new SecurityFilter(feature.featureConfig(), security, serverConfig, securityContext);
    ContainerRequest request = mock(ContainerRequest.class);
    SecurityFilter.FilterContext filterContext = new SecurityFilter.FilterContext();
    filterContext.setJerseyRequest(request);
    SecurityDefinition methodSecurity = mock(SecurityDefinition.class);
    SecurityClientBuilder<AuthenticationResponse> clientBuilder = mock(SecurityClientBuilder.class);
    when(clientBuilder.buildAndGet()).thenReturn(AuthenticationResponse.failed("Unit-test"));
    sf.processAuthentication(filterContext, clientBuilder, methodSecurity, tracing.atnTracing());
    assertThat(filterContext.isShouldFinish(), is(true));
    verify(request).abortWith(argThat(response -> response.getStatus() == 401));
}
Also used : CoreMatchers.is(org.hamcrest.CoreMatchers.is) Security(io.helidon.security.Security) ServerConfig(org.glassfish.jersey.server.ServerConfig) ArgumentMatchers.argThat(org.mockito.ArgumentMatchers.argThat) Set(java.util.Set) SecurityContext(io.helidon.security.SecurityContext) ContainerRequest(org.glassfish.jersey.server.ContainerRequest) Mockito.when(org.mockito.Mockito.when) AuthenticationResponse(io.helidon.security.AuthenticationResponse) WebApplicationException(jakarta.ws.rs.WebApplicationException) Mockito.verify(org.mockito.Mockito.verify) SecurityResponse(io.helidon.security.SecurityResponse) Test(org.junit.jupiter.api.Test) Response(jakarta.ws.rs.core.Response) SecurityClientBuilder(io.helidon.security.SecurityClientBuilder) BeforeAll(org.junit.jupiter.api.BeforeAll) ResourceConfig(org.glassfish.jersey.server.ResourceConfig) Assertions(org.junit.jupiter.api.Assertions) Application(jakarta.ws.rs.core.Application) MatcherAssert.assertThat(org.hamcrest.MatcherAssert.assertThat) SecurityTracing(io.helidon.security.integration.common.SecurityTracing) AuthorizationResponse(io.helidon.security.AuthorizationResponse) Mockito.mock(org.mockito.Mockito.mock) SecurityContext(io.helidon.security.SecurityContext) ContainerRequest(org.glassfish.jersey.server.ContainerRequest) AuthenticationResponse(io.helidon.security.AuthenticationResponse) Test(org.junit.jupiter.api.Test)

Example 2 with SecurityClientBuilder

use of io.helidon.security.SecurityClientBuilder in project helidon by oracle.

the class SecurityFilterTest method testAtzAbortWith.

@Test
void testAtzAbortWith() {
    SecurityFeature feature = SecurityFeature.builder(security).build();
    SecurityContext securityContext = security.createContext("testAbortWith");
    SecurityFilter sf = new SecurityFilter(feature.featureConfig(), security, serverConfig, securityContext);
    ContainerRequest request = mock(ContainerRequest.class);
    SecurityFilter.FilterContext filterContext = new SecurityFilter.FilterContext();
    filterContext.setJerseyRequest(request);
    SecurityClientBuilder<AuthorizationResponse> clientBuilder = mock(SecurityClientBuilder.class);
    when(clientBuilder.buildAndGet()).thenReturn(AuthorizationResponse.builder().description("Unit-test").status(SecurityResponse.SecurityStatus.FAILURE).build());
    sf.processAuthorization(filterContext, clientBuilder);
    assertThat(filterContext.isShouldFinish(), is(true));
    verify(request).abortWith(argThat(response -> response.getStatus() == 403));
}
Also used : CoreMatchers.is(org.hamcrest.CoreMatchers.is) Security(io.helidon.security.Security) ServerConfig(org.glassfish.jersey.server.ServerConfig) ArgumentMatchers.argThat(org.mockito.ArgumentMatchers.argThat) Set(java.util.Set) SecurityContext(io.helidon.security.SecurityContext) ContainerRequest(org.glassfish.jersey.server.ContainerRequest) Mockito.when(org.mockito.Mockito.when) AuthenticationResponse(io.helidon.security.AuthenticationResponse) WebApplicationException(jakarta.ws.rs.WebApplicationException) Mockito.verify(org.mockito.Mockito.verify) SecurityResponse(io.helidon.security.SecurityResponse) Test(org.junit.jupiter.api.Test) Response(jakarta.ws.rs.core.Response) SecurityClientBuilder(io.helidon.security.SecurityClientBuilder) BeforeAll(org.junit.jupiter.api.BeforeAll) ResourceConfig(org.glassfish.jersey.server.ResourceConfig) Assertions(org.junit.jupiter.api.Assertions) Application(jakarta.ws.rs.core.Application) MatcherAssert.assertThat(org.hamcrest.MatcherAssert.assertThat) SecurityTracing(io.helidon.security.integration.common.SecurityTracing) AuthorizationResponse(io.helidon.security.AuthorizationResponse) Mockito.mock(org.mockito.Mockito.mock) SecurityContext(io.helidon.security.SecurityContext) ContainerRequest(org.glassfish.jersey.server.ContainerRequest) AuthorizationResponse(io.helidon.security.AuthorizationResponse) Test(org.junit.jupiter.api.Test)

Aggregations

AuthenticationResponse (io.helidon.security.AuthenticationResponse)2 AuthorizationResponse (io.helidon.security.AuthorizationResponse)2 Security (io.helidon.security.Security)2 SecurityClientBuilder (io.helidon.security.SecurityClientBuilder)2 SecurityContext (io.helidon.security.SecurityContext)2 SecurityResponse (io.helidon.security.SecurityResponse)2 SecurityTracing (io.helidon.security.integration.common.SecurityTracing)2 WebApplicationException (jakarta.ws.rs.WebApplicationException)2 Application (jakarta.ws.rs.core.Application)2 Response (jakarta.ws.rs.core.Response)2 Set (java.util.Set)2 ContainerRequest (org.glassfish.jersey.server.ContainerRequest)2 ResourceConfig (org.glassfish.jersey.server.ResourceConfig)2 ServerConfig (org.glassfish.jersey.server.ServerConfig)2 CoreMatchers.is (org.hamcrest.CoreMatchers.is)2 MatcherAssert.assertThat (org.hamcrest.MatcherAssert.assertThat)2 Assertions (org.junit.jupiter.api.Assertions)2 BeforeAll (org.junit.jupiter.api.BeforeAll)2 Test (org.junit.jupiter.api.Test)2 ArgumentMatchers.argThat (org.mockito.ArgumentMatchers.argThat)2