Search in sources :

Example 56 with SecurityEnvironment

use of io.helidon.security.SecurityEnvironment in project helidon by oracle.

the class AtnProviderSyncTest method testAnnotationSuccess.

@Test
public void testAnnotationSuccess() {
    AtnProviderSync.AtnAnnot annot = new AtnProviderSync.AtnAnnot() {

        @Override
        public String value() {
            return VALUE;
        }

        @Override
        public int size() {
            return SIZE;
        }

        @Override
        public Class<? extends Annotation> annotationType() {
            return AtnProviderSync.AtnAnnot.class;
        }
    };
    SecurityContext context = mock(SecurityContext.class);
    when(context.user()).thenReturn(Optional.empty());
    when(context.service()).thenReturn(Optional.empty());
    SecurityEnvironment se = SecurityEnvironment.create();
    SecurityLevel level = SecurityLevel.create("mock").withClassAnnotations(Map.of(AtnProviderSync.AtnAnnot.class, List.of(annot))).build();
    EndpointConfig ep = EndpointConfig.builder().securityLevels(List.of(level)).build();
    ProviderRequest request = mock(ProviderRequest.class);
    when(request.securityContext()).thenReturn(context);
    when(request.env()).thenReturn(se);
    when(request.endpointConfig()).thenReturn(ep);
    testSuccess(request);
}
Also used : SecurityEnvironment(io.helidon.security.SecurityEnvironment) SecurityLevel(io.helidon.security.SecurityLevel) SecurityContext(io.helidon.security.SecurityContext) EndpointConfig(io.helidon.security.EndpointConfig) ProviderRequest(io.helidon.security.ProviderRequest) Test(org.junit.jupiter.api.Test)

Example 57 with SecurityEnvironment

use of io.helidon.security.SecurityEnvironment in project helidon by oracle.

the class AtzProviderSyncTest method testPublic.

@Test
public void testPublic() {
    SecurityEnvironment se = SecurityEnvironment.builder().path("/public/some/path").build();
    EndpointConfig ep = EndpointConfig.create();
    ProviderRequest request = mock(ProviderRequest.class);
    when(request.env()).thenReturn(se);
    when(request.endpointConfig()).thenReturn(ep);
    AtzProviderSync provider = new AtzProviderSync();
    AuthorizationResponse response = provider.syncAuthorize(request);
    assertThat(response.status(), is(SecurityResponse.SecurityStatus.SUCCESS));
}
Also used : SecurityEnvironment(io.helidon.security.SecurityEnvironment) EndpointConfig(io.helidon.security.EndpointConfig) ProviderRequest(io.helidon.security.ProviderRequest) AuthorizationResponse(io.helidon.security.AuthorizationResponse) Test(org.junit.jupiter.api.Test)

Example 58 with SecurityEnvironment

use of io.helidon.security.SecurityEnvironment in project helidon by oracle.

the class AtzProviderSyncTest method testDenied.

@Test
public void testDenied() {
    SecurityContext context = mock(SecurityContext.class);
    when(context.isAuthenticated()).thenReturn(false);
    SecurityEnvironment se = SecurityEnvironment.builder().path("/private/some/path").build();
    EndpointConfig ep = EndpointConfig.create();
    ProviderRequest request = mock(ProviderRequest.class);
    when(request.securityContext()).thenReturn(context);
    when(request.env()).thenReturn(se);
    when(request.endpointConfig()).thenReturn(ep);
    AtzProviderSync provider = new AtzProviderSync();
    AuthorizationResponse response = provider.syncAuthorize(request);
    assertThat(response.status(), is(SecurityResponse.SecurityStatus.FAILURE));
}
Also used : SecurityEnvironment(io.helidon.security.SecurityEnvironment) SecurityContext(io.helidon.security.SecurityContext) EndpointConfig(io.helidon.security.EndpointConfig) ProviderRequest(io.helidon.security.ProviderRequest) AuthorizationResponse(io.helidon.security.AuthorizationResponse) Test(org.junit.jupiter.api.Test)

Example 59 with SecurityEnvironment

use of io.helidon.security.SecurityEnvironment in project helidon by oracle.

the class AtnProviderSyncTest method testAbstain.

@Test
public void testAbstain() {
    SecurityContext context = mock(SecurityContext.class);
    when(context.user()).thenReturn(Optional.empty());
    when(context.service()).thenReturn(Optional.empty());
    SecurityEnvironment se = SecurityEnvironment.create();
    EndpointConfig ep = EndpointConfig.create();
    ProviderRequest request = mock(ProviderRequest.class);
    when(request.securityContext()).thenReturn(context);
    when(request.env()).thenReturn(se);
    when(request.endpointConfig()).thenReturn(ep);
    AtnProviderSync provider = new AtnProviderSync();
    AuthenticationResponse response = provider.syncAuthenticate(request);
    assertThat(response.status(), is(SecurityResponse.SecurityStatus.ABSTAIN));
}
Also used : SecurityEnvironment(io.helidon.security.SecurityEnvironment) SecurityContext(io.helidon.security.SecurityContext) AuthenticationResponse(io.helidon.security.AuthenticationResponse) EndpointConfig(io.helidon.security.EndpointConfig) ProviderRequest(io.helidon.security.ProviderRequest) Test(org.junit.jupiter.api.Test)

Example 60 with SecurityEnvironment

use of io.helidon.security.SecurityEnvironment in project helidon by oracle.

the class GrpcSecurityTest method shouldRegisterSecurityContext.

@Test
public void shouldRegisterSecurityContext() {
    MethodDescriptor<String, String> descriptor = getEchoMethod();
    ServerCall<String, String> call = mock(ServerCall.class);
    Metadata headers = new Metadata();
    SocketAddress address = new InetSocketAddress("helidon.io", 8080);
    Attributes attributes = Attributes.newBuilder().set(Grpc.TRANSPORT_ATTR_REMOTE_ADDR, address).build();
    when(call.getAttributes()).thenReturn(attributes);
    when(call.getMethodDescriptor()).thenReturn(descriptor);
    GrpcSecurity security = GrpcSecurity.create(Security.builder().build());
    Context context = security.registerContext(call, headers);
    assertThat(context, is(notNullValue()));
    SecurityContext securityContext = GrpcSecurity.SECURITY_CONTEXT.get(context);
    assertThat(securityContext, is(notNullValue()));
    SecurityEnvironment environment = securityContext.env();
    assertThat(environment, is(notNullValue()));
}
Also used : Context(io.grpc.Context) SecurityContext(io.helidon.security.SecurityContext) InetSocketAddress(java.net.InetSocketAddress) SecurityEnvironment(io.helidon.security.SecurityEnvironment) Metadata(io.grpc.Metadata) Attributes(io.grpc.Attributes) SecurityContext(io.helidon.security.SecurityContext) SocketAddress(java.net.SocketAddress) InetSocketAddress(java.net.InetSocketAddress) Test(org.junit.jupiter.api.Test)

Aggregations

SecurityEnvironment (io.helidon.security.SecurityEnvironment)63 Test (org.junit.jupiter.api.Test)54 ProviderRequest (io.helidon.security.ProviderRequest)46 EndpointConfig (io.helidon.security.EndpointConfig)35 SecurityContext (io.helidon.security.SecurityContext)35 AuthenticationResponse (io.helidon.security.AuthenticationResponse)22 OutboundSecurityResponse (io.helidon.security.OutboundSecurityResponse)20 Subject (io.helidon.security.Subject)18 List (java.util.List)18 Principal (io.helidon.security.Principal)12 TreeMap (java.util.TreeMap)10 SignedJwt (io.helidon.security.jwt.SignedJwt)8 HashMap (java.util.HashMap)7 Locale (java.util.Locale)7 Jwt (io.helidon.security.jwt.Jwt)6 Instant (java.time.Instant)6 Map (java.util.Map)6 CoreMatchers.containsString (org.hamcrest.CoreMatchers.containsString)6 Context (io.grpc.Context)5 Metadata (io.grpc.Metadata)5