use of io.helidon.security.SecurityEnvironment in project helidon by oracle.
the class AtnProviderSyncTest method testAnnotationSuccess.
@Test
public void testAnnotationSuccess() {
AtnProviderSync.AtnAnnot annot = new AtnProviderSync.AtnAnnot() {
@Override
public String value() {
return VALUE;
}
@Override
public int size() {
return SIZE;
}
@Override
public Class<? extends Annotation> annotationType() {
return AtnProviderSync.AtnAnnot.class;
}
};
SecurityContext context = mock(SecurityContext.class);
when(context.user()).thenReturn(Optional.empty());
when(context.service()).thenReturn(Optional.empty());
SecurityEnvironment se = SecurityEnvironment.create();
SecurityLevel level = SecurityLevel.create("mock").withClassAnnotations(Map.of(AtnProviderSync.AtnAnnot.class, List.of(annot))).build();
EndpointConfig ep = EndpointConfig.builder().securityLevels(List.of(level)).build();
ProviderRequest request = mock(ProviderRequest.class);
when(request.securityContext()).thenReturn(context);
when(request.env()).thenReturn(se);
when(request.endpointConfig()).thenReturn(ep);
testSuccess(request);
}
use of io.helidon.security.SecurityEnvironment in project helidon by oracle.
the class AtzProviderSyncTest method testPublic.
@Test
public void testPublic() {
SecurityEnvironment se = SecurityEnvironment.builder().path("/public/some/path").build();
EndpointConfig ep = EndpointConfig.create();
ProviderRequest request = mock(ProviderRequest.class);
when(request.env()).thenReturn(se);
when(request.endpointConfig()).thenReturn(ep);
AtzProviderSync provider = new AtzProviderSync();
AuthorizationResponse response = provider.syncAuthorize(request);
assertThat(response.status(), is(SecurityResponse.SecurityStatus.SUCCESS));
}
use of io.helidon.security.SecurityEnvironment in project helidon by oracle.
the class AtzProviderSyncTest method testDenied.
@Test
public void testDenied() {
SecurityContext context = mock(SecurityContext.class);
when(context.isAuthenticated()).thenReturn(false);
SecurityEnvironment se = SecurityEnvironment.builder().path("/private/some/path").build();
EndpointConfig ep = EndpointConfig.create();
ProviderRequest request = mock(ProviderRequest.class);
when(request.securityContext()).thenReturn(context);
when(request.env()).thenReturn(se);
when(request.endpointConfig()).thenReturn(ep);
AtzProviderSync provider = new AtzProviderSync();
AuthorizationResponse response = provider.syncAuthorize(request);
assertThat(response.status(), is(SecurityResponse.SecurityStatus.FAILURE));
}
use of io.helidon.security.SecurityEnvironment in project helidon by oracle.
the class AtnProviderSyncTest method testAbstain.
@Test
public void testAbstain() {
SecurityContext context = mock(SecurityContext.class);
when(context.user()).thenReturn(Optional.empty());
when(context.service()).thenReturn(Optional.empty());
SecurityEnvironment se = SecurityEnvironment.create();
EndpointConfig ep = EndpointConfig.create();
ProviderRequest request = mock(ProviderRequest.class);
when(request.securityContext()).thenReturn(context);
when(request.env()).thenReturn(se);
when(request.endpointConfig()).thenReturn(ep);
AtnProviderSync provider = new AtnProviderSync();
AuthenticationResponse response = provider.syncAuthenticate(request);
assertThat(response.status(), is(SecurityResponse.SecurityStatus.ABSTAIN));
}
use of io.helidon.security.SecurityEnvironment in project helidon by oracle.
the class GrpcSecurityTest method shouldRegisterSecurityContext.
@Test
public void shouldRegisterSecurityContext() {
MethodDescriptor<String, String> descriptor = getEchoMethod();
ServerCall<String, String> call = mock(ServerCall.class);
Metadata headers = new Metadata();
SocketAddress address = new InetSocketAddress("helidon.io", 8080);
Attributes attributes = Attributes.newBuilder().set(Grpc.TRANSPORT_ATTR_REMOTE_ADDR, address).build();
when(call.getAttributes()).thenReturn(attributes);
when(call.getMethodDescriptor()).thenReturn(descriptor);
GrpcSecurity security = GrpcSecurity.create(Security.builder().build());
Context context = security.registerContext(call, headers);
assertThat(context, is(notNullValue()));
SecurityContext securityContext = GrpcSecurity.SECURITY_CONTEXT.get(context);
assertThat(securityContext, is(notNullValue()));
SecurityEnvironment environment = securityContext.env();
assertThat(environment, is(notNullValue()));
}
Aggregations