use of io.helidon.security.SecurityEnvironment in project helidon by oracle.
the class GrpcSecurityTest method shouldAddAttributesToSecurityContext.
@Test
public void shouldAddAttributesToSecurityContext() {
MethodDescriptor<String, String> descriptor = getEchoMethod();
ServerCall<String, String> call = mock(ServerCall.class);
Metadata headers = new Metadata();
SocketAddress address = new InetSocketAddress("helidon.io", 8080);
Attributes attributes = Attributes.newBuilder().set(Grpc.TRANSPORT_ATTR_REMOTE_ADDR, address).build();
when(call.getAttributes()).thenReturn(attributes);
when(call.getMethodDescriptor()).thenReturn(descriptor);
GrpcSecurity security = GrpcSecurity.create(Security.builder().build());
Context context = security.registerContext(call, headers);
assertThat(context, is(notNullValue()));
SecurityContext securityContext = GrpcSecurity.SECURITY_CONTEXT.get(context);
assertThat(securityContext, is(notNullValue()));
SecurityEnvironment environment = securityContext.env();
assertThat(environment, is(notNullValue()));
assertThat(environment.method(), is(descriptor.getFullMethodName()));
assertThat(environment.path().get(), is(descriptor.getFullMethodName()));
assertThat(environment.transport(), is("grpc"));
assertThat(environment.abacAttribute(GrpcSecurity.ABAC_ATTRIBUTE_REMOTE_ADDRESS).get(), is("helidon.io"));
assertThat(environment.abacAttribute(GrpcSecurity.ABAC_ATTRIBUTE_REMOTE_PORT).get(), is(8080));
assertThat(environment.abacAttribute(GrpcSecurity.ABAC_ATTRIBUTE_HEADERS).get(), is(sameInstance(headers)));
assertThat(environment.abacAttribute(GrpcSecurity.ABAC_ATTRIBUTE_METHOD).get(), is(sameInstance(descriptor)));
}
use of io.helidon.security.SecurityEnvironment in project helidon by oracle.
the class GrpcSecurityTest method shouldAddHeadersToSecurityContext.
@Test
public void shouldAddHeadersToSecurityContext() {
MethodDescriptor<String, String> descriptor = getEchoMethod();
ServerCall<String, String> call = mock(ServerCall.class);
Metadata headers = new Metadata();
SocketAddress address = new InetSocketAddress("helidon.io", 8080);
Attributes attributes = Attributes.newBuilder().set(Grpc.TRANSPORT_ATTR_REMOTE_ADDR, address).build();
headers.put(Metadata.Key.of("key-1", Metadata.ASCII_STRING_MARSHALLER), "value-1.1");
headers.put(Metadata.Key.of("key-1", Metadata.ASCII_STRING_MARSHALLER), "value-1.2");
headers.put(Metadata.Key.of("key-2", Metadata.ASCII_STRING_MARSHALLER), "value-2");
when(call.getAttributes()).thenReturn(attributes);
when(call.getMethodDescriptor()).thenReturn(descriptor);
GrpcSecurity security = GrpcSecurity.create(Security.builder().build());
Context context = security.registerContext(call, headers);
assertThat(context, is(notNullValue()));
SecurityContext securityContext = GrpcSecurity.SECURITY_CONTEXT.get(context);
assertThat(securityContext, is(notNullValue()));
SecurityEnvironment environment = securityContext.env();
assertThat(environment, is(notNullValue()));
Map<String, List<String>> expectedHeaders = new HashMap<>();
Map<String, List<String>> securityHeaders = environment.headers();
expectedHeaders.put("key-1", Arrays.asList("value-1.1", "value-1.2"));
expectedHeaders.put("key-2", Collections.singletonList("value-2"));
assertThat(securityHeaders, is(notNullValue()));
assertThat(securityHeaders, is(expectedHeaders));
}
use of io.helidon.security.SecurityEnvironment in project helidon by oracle.
the class GrpcSecurityTest method shouldAddExtraHeadersToSecurityContext.
@Test
public void shouldAddExtraHeadersToSecurityContext() throws Exception {
MethodDescriptor<String, String> descriptor = getEchoMethod();
ServerCall<String, String> call = mock(ServerCall.class);
Metadata headers = new Metadata();
SocketAddress address = new InetSocketAddress("helidon.io", 8080);
Attributes attributes = Attributes.newBuilder().set(Grpc.TRANSPORT_ATTR_REMOTE_ADDR, address).build();
Map extraHeaders = new HashMap();
extraHeaders.put("key-1", Collections.singletonList("value-1"));
extraHeaders.put("key-2", Collections.singletonList("value-2"));
when(call.getAttributes()).thenReturn(attributes);
when(call.getMethodDescriptor()).thenReturn(descriptor);
GrpcSecurity security = GrpcSecurity.create(Security.builder().build());
Context contextCurrent = Context.current().withValue(GrpcSecurity.CONTEXT_ADD_HEADERS, extraHeaders);
Context context = contextCurrent.call(() -> security.registerContext(call, headers));
assertThat(context, is(notNullValue()));
SecurityContext securityContext = GrpcSecurity.SECURITY_CONTEXT.get(context);
assertThat(securityContext, is(notNullValue()));
SecurityEnvironment environment = securityContext.env();
assertThat(environment, is(notNullValue()));
Map<String, List<String>> expectedHeaders = new HashMap<>();
Map<String, List<String>> securityHeaders = environment.headers();
expectedHeaders.put("key-1", Collections.singletonList("value-1"));
expectedHeaders.put("key-2", Collections.singletonList("value-2"));
assertThat(securityHeaders, is(notNullValue()));
assertThat(securityHeaders, is(expectedHeaders));
}
Aggregations