Examples with SecurityEnvironment io.helidon.security.SecurityEnvironment used on opensource projects

Search in sources :

Example 16 with SecurityEnvironment

use of io.helidon.security.SecurityEnvironment in project helidon by oracle.

the class WebSecurity method registerContext.

private void registerContext(ServerRequest req, ServerResponse res) {
    Map<String, List<String>> allHeaders = new HashMap<>(req.headers().toMap());
    Optional<Map> newHeaders = req.context().get(CONTEXT_ADD_HEADERS, Map.class);
    newHeaders.ifPresent(allHeaders::putAll);
    // make sure there is no context
    if (!req.context().get(SecurityContext.class).isPresent()) {
        SecurityEnvironment env = security.environmentBuilder().targetUri(req.uri()).path(req.path().toString()).method(req.method().name()).addAttribute("userIp", req.remoteAddress()).addAttribute("userPort", req.remotePort()).transport(req.isSecure() ? "https" : "http").headers(allHeaders).build();
        EndpointConfig ec = EndpointConfig.builder().build();
        SecurityContext.Builder contextBuilder = security.contextBuilder(String.valueOf(SECURITY_COUNTER.incrementAndGet())).env(env).endpointConfig(ec);
        // only register if exists
        req.spanContext().ifPresent(contextBuilder::tracingSpan);
        SecurityContext context = contextBuilder.build();
        req.context().register(context);
        req.context().register(defaultHandler);
    }
    req.next();
}
Also used : HashMap(java.util.HashMap) SecurityEnvironment(io.helidon.security.SecurityEnvironment) SecurityContext(io.helidon.security.SecurityContext) List(java.util.List) HashMap(java.util.HashMap) Map(java.util.Map) EndpointConfig(io.helidon.security.EndpointConfig)

Example 17 with SecurityEnvironment

use of io.helidon.security.SecurityEnvironment in project helidon by oracle.

the class TimeValidatorTest method testDayOfWeekDeny.

@Test
public void testDayOfWeekDeny() {
    // explicitly set time to 10:00
    SecurityTime time = SecurityTime.builder().value(ChronoField.HOUR_OF_DAY, 12).value(ChronoField.MINUTE_OF_HOUR, 15).value(ChronoField.DAY_OF_WEEK, DayOfWeek.SUNDAY.getValue()).build();
    Errors.Collector collector = Errors.collector();
    SecurityEnvironment env = SecurityEnvironment.builder().time(time).build();
    ProviderRequest request = mock(ProviderRequest.class);
    when(request.env()).thenReturn(env);
    validator.validate(timeConfig, collector, request);
    if (collector.collect().isValid()) {
        fail("Should have failed, as 12:15 is not in supported times");
    }
}
Also used : Errors(io.helidon.common.Errors) SecurityEnvironment(io.helidon.security.SecurityEnvironment) SecurityTime(io.helidon.security.SecurityTime) ProviderRequest(io.helidon.security.ProviderRequest) Test(org.junit.jupiter.api.Test)

Example 18 with SecurityEnvironment

use of io.helidon.security.SecurityEnvironment in project helidon by oracle.

the class TimeValidatorTest method testBetweenTimesAndDayOfWekPermit.

@Test
public void testBetweenTimesAndDayOfWekPermit() {
    // explicitly set time to 10:00
    SecurityTime time = SecurityTime.builder().value(ChronoField.HOUR_OF_DAY, 10).value(ChronoField.MINUTE_OF_HOUR, 0).value(ChronoField.DAY_OF_WEEK, DayOfWeek.TUESDAY.getValue()).build();
    Errors.Collector collector = Errors.collector();
    SecurityEnvironment env = SecurityEnvironment.builder().time(time).build();
    ProviderRequest request = mock(ProviderRequest.class);
    when(request.env()).thenReturn(env);
    validator.validate(timeConfig, collector, request);
    collector.collect().checkValid();
}
Also used : Errors(io.helidon.common.Errors) SecurityEnvironment(io.helidon.security.SecurityEnvironment) SecurityTime(io.helidon.security.SecurityTime) ProviderRequest(io.helidon.security.ProviderRequest) Test(org.junit.jupiter.api.Test)

Example 19 with SecurityEnvironment

use of io.helidon.security.SecurityEnvironment in project helidon by oracle.

the class TimeValidatorTest method testBetweenTimesDeny.

@Test
public void testBetweenTimesDeny() {
    // explicitly set time to 10:00
    SecurityTime time = SecurityTime.builder().value(ChronoField.HOUR_OF_DAY, 12).value(ChronoField.MINUTE_OF_HOUR, 15).value(ChronoField.DAY_OF_WEEK, DayOfWeek.TUESDAY.getValue()).build();
    Errors.Collector collector = Errors.collector();
    SecurityEnvironment env = SecurityEnvironment.builder().time(time).build();
    ProviderRequest request = mock(ProviderRequest.class);
    when(request.env()).thenReturn(env);
    validator.validate(timeConfig, collector, request);
    if (collector.collect().isValid()) {
        fail("Should have failed, as 12:15 is not in supported times");
    }
}
Also used : Errors(io.helidon.common.Errors) SecurityEnvironment(io.helidon.security.SecurityEnvironment) SecurityTime(io.helidon.security.SecurityTime) ProviderRequest(io.helidon.security.ProviderRequest) Test(org.junit.jupiter.api.Test)

Example 20 with SecurityEnvironment

use of io.helidon.security.SecurityEnvironment in project helidon by oracle.

the class WebSecurityQueryParamTest method testQueryParams.

@Test
public void testQueryParams() {
    SecurityHandler securityHandler = SecurityHandler.create().queryParam("jwt", TokenHandler.builder().tokenHeader("BEARER_TOKEN").tokenPattern(Pattern.compile("bearer (.*)")).build()).queryParam("name", TokenHandler.builder().tokenHeader("NAME_FROM_REQUEST").build());
    ServerRequest req = Mockito.mock(ServerRequest.class);
    Parameters params = Mockito.mock(Parameters.class);
    when(params.all("jwt")).thenReturn(List.of("bearer jwt_content"));
    when(params.all("name")).thenReturn(List.of("name_content"));
    when(req.queryParams()).thenReturn(params);
    SecurityContext context = Mockito.mock(SecurityContext.class);
    SecurityEnvironment env = SecurityEnvironment.create();
    when(context.env()).thenReturn(env);
    // context is a stub
    securityHandler.extractQueryParams(context, req);
    // captor captures the argument
    ArgumentCaptor<SecurityEnvironment> newHeaders = ArgumentCaptor.forClass(SecurityEnvironment.class);
    verify(context).env(newHeaders.capture());
    // now validate the value we were called with
    env = newHeaders.getValue();
    assertThat(env.headers().get("BEARER_TOKEN"), is(List.of("jwt_content")));
    assertThat(env.headers().get("NAME_FROM_REQUEST"), is(List.of("name_content")));
}
Also used : Parameters(io.helidon.common.http.Parameters) SecurityEnvironment(io.helidon.security.SecurityEnvironment) SecurityContext(io.helidon.security.SecurityContext) ServerRequest(io.helidon.webserver.ServerRequest) Test(org.junit.jupiter.api.Test)

Aggregations

SecurityEnvironment (io.helidon.security.SecurityEnvironment)63 Test (org.junit.jupiter.api.Test)54 ProviderRequest (io.helidon.security.ProviderRequest)46 EndpointConfig (io.helidon.security.EndpointConfig)35 SecurityContext (io.helidon.security.SecurityContext)35 AuthenticationResponse (io.helidon.security.AuthenticationResponse)22 OutboundSecurityResponse (io.helidon.security.OutboundSecurityResponse)20 Subject (io.helidon.security.Subject)18 List (java.util.List)18 Principal (io.helidon.security.Principal)12 TreeMap (java.util.TreeMap)10 SignedJwt (io.helidon.security.jwt.SignedJwt)8 HashMap (java.util.HashMap)7 Locale (java.util.Locale)7 Jwt (io.helidon.security.jwt.Jwt)6 Instant (java.time.Instant)6 Map (java.util.Map)6 CoreMatchers.containsString (org.hamcrest.CoreMatchers.containsString)6 Context (io.grpc.Context)5 Metadata (io.grpc.Metadata)5
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial