Examples with SecurityEnvironment io.helidon.security.SecurityEnvironment used on opensource projects

Example 41 with SecurityEnvironment

use of io.helidon.security.SecurityEnvironment in project helidon by oracle.

the class OutboundConfigTest method buildEnv.

private SecurityEnvironment buildEnv(String transport, String host) {
    SecurityEnvironment mock = Mockito.mock(SecurityEnvironment.class);
    Mockito.when(mock.transport()).thenReturn(transport);
    Mockito.when(mock.method()).thenReturn("GET");
    Mockito.when(mock.path()).thenReturn(Optional.of(""));
    Mockito.when(mock.targetUri()).thenReturn(URI.create(transport + "://" + host));
    return mock;
}

Example 42 with SecurityEnvironment

use of io.helidon.security.SecurityEnvironment in project helidon by oracle.

the class HeaderAtnProviderTest method testServiceExtraction.

@Test
public void testServiceExtraction() {
    HeaderAtnProvider provider = getServiceProvider();
    String username = "service";
    SecurityEnvironment env = SecurityEnvironment.builder().header("Authorization", "bearer " + username).build();
    ProviderRequest request = mock(ProviderRequest.class);
    when(request.env()).thenReturn(env);
    AuthenticationResponse response = provider.syncAuthenticate(request);
    assertThat(response.status(), is(SecurityResponse.SecurityStatus.SUCCESS));
    assertThat(response.user(), is(Optional.empty()));
    assertThat(response.service(), is(not(Optional.empty())));
    response.service().map(Subject::principal).map(Principal::getName).ifPresent(name -> assertThat(name, is(username)));
}

Example 43 with SecurityEnvironment

use of io.helidon.security.SecurityEnvironment in project helidon by oracle.

the class HeaderAtnProviderTest method testServiceOutbound.

@Test
public void testServiceOutbound() {
    HeaderAtnProvider provider = getServiceProvider();
    String username = "service";
    SecurityEnvironment env = outboundEnv();
    ProviderRequest request = mock(ProviderRequest.class);
    when(request.env()).thenReturn(env);
    SecurityContext sc = mock(SecurityContext.class);
    when(sc.service()).thenReturn(Optional.of(Subject.builder().addPrincipal(Principal.create(username)).build()));
    when(sc.user()).thenReturn(Optional.empty());
    when(request.securityContext()).thenReturn(sc);
    SecurityEnvironment outboundEnv = outboundEnv();
    EndpointConfig outboundEp = EndpointConfig.create();
    assertThat("Outbound should be supported", provider.isOutboundSupported(request, outboundEnv, outboundEp), is(true));
    OutboundSecurityResponse response = provider.syncOutbound(request, outboundEnv, outboundEp);
    List<String> custom = response.requestHeaders().get("Authorization");
    assertThat(custom, notNullValue());
    assertThat(custom.size(), is(1));
    String token = custom.get(0);
    assertThat(token, is("bearer " + username));
}

Example 44 with SecurityEnvironment

use of io.helidon.security.SecurityEnvironment in project helidon by oracle.

the class HeaderAtnProviderTest method testServiceNoHeaderExtraction.

@Test
public void testServiceNoHeaderExtraction() {
    HeaderAtnProvider provider = getServiceProvider();
    SecurityEnvironment env = SecurityEnvironment.create();
    ProviderRequest request = mock(ProviderRequest.class);
    when(request.env()).thenReturn(env);
    AuthenticationResponse response = provider.syncAuthenticate(request);
    assertThat(response.status(), is(SecurityResponse.SecurityStatus.FAILURE));
    assertThat(response.service(), is(Optional.empty()));
    assertThat(response.user(), is(Optional.empty()));
}

Example 45 with SecurityEnvironment

use of io.helidon.security.SecurityEnvironment in project helidon by oracle.

the class HttpSignProviderTest method testInboundSignatureRsa.

@Test
public void testInboundSignatureRsa() throws ExecutionException, InterruptedException {
    Map<String, List<String>> headers = new TreeMap<>(String.CASE_INSENSITIVE_ORDER);
    headers.put("Signature", List.of("keyId=\"rsa-key-12345\",algorithm=\"rsa-sha256\",headers=\"date " + "host (request-target) authorization\"," + "signature=\"Rm5PjuUdJ927esGQ2gm/6QBEM9IM7J5qSZuP8NV8+GXUf" + "boUV6ST2EYLYniFGt5/3BO/2+vqQdqezdTVPr/JCwqBx+9T9ZynG7YqRj" + "KvXzcmvQOu5vQmCK5x/HR0fXU41Pjq+jywsD0k6KdxF6TWr6tvWRbwFet" + "+YSb0088o/65Xeqghw7s0vShf7jPZsaaIHnvM9SjWgix9VvpdEn4NDvqh" + "ebieVD3Swb1VG5+/7ECQ9VAlX30U5/jQ5hPO3yuvRlg5kkMjJiN7tf/68" + "If/5O2Z4H+7VmW0b1U69/JoOQJA0av1gCX7HVfa/YTCxIK4UFiI6h963q" + "2x7LSkqhdWGA==\""));
    headers.put("host", List.of("example.org"));
    headers.put("date", List.of("Thu, 08 Jun 2014 18:32:30 GMT"));
    headers.put("authorization", List.of("basic dXNlcm5hbWU6cGFzc3dvcmQ="));
    HttpSignProvider provider = getProvider();
    SecurityContext context = mock(SecurityContext.class);
    when(context.executorService()).thenReturn(ForkJoinPool.commonPool());
    SecurityEnvironment se = SecurityEnvironment.builder().path("/my/resource").headers(headers).build();
    EndpointConfig ep = EndpointConfig.create();
    ProviderRequest request = mock(ProviderRequest.class);
    when(request.securityContext()).thenReturn(context);
    when(request.env()).thenReturn(se);
    when(request.endpointConfig()).thenReturn(ep);
    AuthenticationResponse atnResponse = provider.authenticate(request).toCompletableFuture().get();
    assertThat(atnResponse.description().orElse("Unknown problem"), atnResponse.status(), is(SecurityResponse.SecurityStatus.SUCCESS));
    atnResponse.user().map(Subject::principal).ifPresentOrElse(principal -> {
        assertThat(principal.getName(), is("aUser"));
        assertThat(principal.abacAttribute(HttpSignProvider.ATTRIB_NAME_KEY_ID), is(Optional.of("rsa-key-12345")));
    }, () -> fail("User must be filled"));
}