Search in sources :

Example 61 with SecurityEnvironment

use of io.helidon.security.SecurityEnvironment in project helidon by oracle.

the class GrpcSecurityTest method shouldAddAttributesToSecurityContext.

@Test
public void shouldAddAttributesToSecurityContext() {
    MethodDescriptor<String, String> descriptor = getEchoMethod();
    ServerCall<String, String> call = mock(ServerCall.class);
    Metadata headers = new Metadata();
    SocketAddress address = new InetSocketAddress("helidon.io", 8080);
    Attributes attributes = Attributes.newBuilder().set(Grpc.TRANSPORT_ATTR_REMOTE_ADDR, address).build();
    when(call.getAttributes()).thenReturn(attributes);
    when(call.getMethodDescriptor()).thenReturn(descriptor);
    GrpcSecurity security = GrpcSecurity.create(Security.builder().build());
    Context context = security.registerContext(call, headers);
    assertThat(context, is(notNullValue()));
    SecurityContext securityContext = GrpcSecurity.SECURITY_CONTEXT.get(context);
    assertThat(securityContext, is(notNullValue()));
    SecurityEnvironment environment = securityContext.env();
    assertThat(environment, is(notNullValue()));
    assertThat(environment.method(), is(descriptor.getFullMethodName()));
    assertThat(environment.path().get(), is(descriptor.getFullMethodName()));
    assertThat(environment.transport(), is("grpc"));
    assertThat(environment.abacAttribute(GrpcSecurity.ABAC_ATTRIBUTE_REMOTE_ADDRESS).get(), is("helidon.io"));
    assertThat(environment.abacAttribute(GrpcSecurity.ABAC_ATTRIBUTE_REMOTE_PORT).get(), is(8080));
    assertThat(environment.abacAttribute(GrpcSecurity.ABAC_ATTRIBUTE_HEADERS).get(), is(sameInstance(headers)));
    assertThat(environment.abacAttribute(GrpcSecurity.ABAC_ATTRIBUTE_METHOD).get(), is(sameInstance(descriptor)));
}
Also used : Context(io.grpc.Context) SecurityContext(io.helidon.security.SecurityContext) InetSocketAddress(java.net.InetSocketAddress) SecurityEnvironment(io.helidon.security.SecurityEnvironment) Metadata(io.grpc.Metadata) Attributes(io.grpc.Attributes) SecurityContext(io.helidon.security.SecurityContext) SocketAddress(java.net.SocketAddress) InetSocketAddress(java.net.InetSocketAddress) Test(org.junit.jupiter.api.Test)

Example 62 with SecurityEnvironment

use of io.helidon.security.SecurityEnvironment in project helidon by oracle.

the class GrpcSecurityTest method shouldAddHeadersToSecurityContext.

@Test
public void shouldAddHeadersToSecurityContext() {
    MethodDescriptor<String, String> descriptor = getEchoMethod();
    ServerCall<String, String> call = mock(ServerCall.class);
    Metadata headers = new Metadata();
    SocketAddress address = new InetSocketAddress("helidon.io", 8080);
    Attributes attributes = Attributes.newBuilder().set(Grpc.TRANSPORT_ATTR_REMOTE_ADDR, address).build();
    headers.put(Metadata.Key.of("key-1", Metadata.ASCII_STRING_MARSHALLER), "value-1.1");
    headers.put(Metadata.Key.of("key-1", Metadata.ASCII_STRING_MARSHALLER), "value-1.2");
    headers.put(Metadata.Key.of("key-2", Metadata.ASCII_STRING_MARSHALLER), "value-2");
    when(call.getAttributes()).thenReturn(attributes);
    when(call.getMethodDescriptor()).thenReturn(descriptor);
    GrpcSecurity security = GrpcSecurity.create(Security.builder().build());
    Context context = security.registerContext(call, headers);
    assertThat(context, is(notNullValue()));
    SecurityContext securityContext = GrpcSecurity.SECURITY_CONTEXT.get(context);
    assertThat(securityContext, is(notNullValue()));
    SecurityEnvironment environment = securityContext.env();
    assertThat(environment, is(notNullValue()));
    Map<String, List<String>> expectedHeaders = new HashMap<>();
    Map<String, List<String>> securityHeaders = environment.headers();
    expectedHeaders.put("key-1", Arrays.asList("value-1.1", "value-1.2"));
    expectedHeaders.put("key-2", Collections.singletonList("value-2"));
    assertThat(securityHeaders, is(notNullValue()));
    assertThat(securityHeaders, is(expectedHeaders));
}
Also used : Context(io.grpc.Context) SecurityContext(io.helidon.security.SecurityContext) HashMap(java.util.HashMap) InetSocketAddress(java.net.InetSocketAddress) SecurityEnvironment(io.helidon.security.SecurityEnvironment) Metadata(io.grpc.Metadata) Attributes(io.grpc.Attributes) SecurityContext(io.helidon.security.SecurityContext) List(java.util.List) SocketAddress(java.net.SocketAddress) InetSocketAddress(java.net.InetSocketAddress) Test(org.junit.jupiter.api.Test)

Example 63 with SecurityEnvironment

use of io.helidon.security.SecurityEnvironment in project helidon by oracle.

the class GrpcSecurityTest method shouldAddExtraHeadersToSecurityContext.

@Test
public void shouldAddExtraHeadersToSecurityContext() throws Exception {
    MethodDescriptor<String, String> descriptor = getEchoMethod();
    ServerCall<String, String> call = mock(ServerCall.class);
    Metadata headers = new Metadata();
    SocketAddress address = new InetSocketAddress("helidon.io", 8080);
    Attributes attributes = Attributes.newBuilder().set(Grpc.TRANSPORT_ATTR_REMOTE_ADDR, address).build();
    Map extraHeaders = new HashMap();
    extraHeaders.put("key-1", Collections.singletonList("value-1"));
    extraHeaders.put("key-2", Collections.singletonList("value-2"));
    when(call.getAttributes()).thenReturn(attributes);
    when(call.getMethodDescriptor()).thenReturn(descriptor);
    GrpcSecurity security = GrpcSecurity.create(Security.builder().build());
    Context contextCurrent = Context.current().withValue(GrpcSecurity.CONTEXT_ADD_HEADERS, extraHeaders);
    Context context = contextCurrent.call(() -> security.registerContext(call, headers));
    assertThat(context, is(notNullValue()));
    SecurityContext securityContext = GrpcSecurity.SECURITY_CONTEXT.get(context);
    assertThat(securityContext, is(notNullValue()));
    SecurityEnvironment environment = securityContext.env();
    assertThat(environment, is(notNullValue()));
    Map<String, List<String>> expectedHeaders = new HashMap<>();
    Map<String, List<String>> securityHeaders = environment.headers();
    expectedHeaders.put("key-1", Collections.singletonList("value-1"));
    expectedHeaders.put("key-2", Collections.singletonList("value-2"));
    assertThat(securityHeaders, is(notNullValue()));
    assertThat(securityHeaders, is(expectedHeaders));
}
Also used : Context(io.grpc.Context) SecurityContext(io.helidon.security.SecurityContext) HashMap(java.util.HashMap) InetSocketAddress(java.net.InetSocketAddress) SecurityEnvironment(io.helidon.security.SecurityEnvironment) Metadata(io.grpc.Metadata) Attributes(io.grpc.Attributes) SecurityContext(io.helidon.security.SecurityContext) List(java.util.List) SocketAddress(java.net.SocketAddress) InetSocketAddress(java.net.InetSocketAddress) HashMap(java.util.HashMap) Map(java.util.Map) Test(org.junit.jupiter.api.Test)

Aggregations

SecurityEnvironment (io.helidon.security.SecurityEnvironment)63 Test (org.junit.jupiter.api.Test)54 ProviderRequest (io.helidon.security.ProviderRequest)46 EndpointConfig (io.helidon.security.EndpointConfig)35 SecurityContext (io.helidon.security.SecurityContext)35 AuthenticationResponse (io.helidon.security.AuthenticationResponse)22 OutboundSecurityResponse (io.helidon.security.OutboundSecurityResponse)20 Subject (io.helidon.security.Subject)18 List (java.util.List)18 Principal (io.helidon.security.Principal)12 TreeMap (java.util.TreeMap)10 SignedJwt (io.helidon.security.jwt.SignedJwt)8 HashMap (java.util.HashMap)7 Locale (java.util.Locale)7 Jwt (io.helidon.security.jwt.Jwt)6 Instant (java.time.Instant)6 Map (java.util.Map)6 CoreMatchers.containsString (org.hamcrest.CoreMatchers.containsString)6 Context (io.grpc.Context)5 Metadata (io.grpc.Metadata)5