use of io.helidon.security.SecurityEnvironment in project helidon by oracle.
the class OutboundConfigTest method buildEnv.
private SecurityEnvironment buildEnv(String transport, String host) {
SecurityEnvironment mock = Mockito.mock(SecurityEnvironment.class);
Mockito.when(mock.transport()).thenReturn(transport);
Mockito.when(mock.method()).thenReturn("GET");
Mockito.when(mock.path()).thenReturn(Optional.of(""));
Mockito.when(mock.targetUri()).thenReturn(URI.create(transport + "://" + host));
return mock;
}
use of io.helidon.security.SecurityEnvironment in project helidon by oracle.
the class HeaderAtnProviderTest method testServiceExtraction.
@Test
public void testServiceExtraction() {
HeaderAtnProvider provider = getServiceProvider();
String username = "service";
SecurityEnvironment env = SecurityEnvironment.builder().header("Authorization", "bearer " + username).build();
ProviderRequest request = mock(ProviderRequest.class);
when(request.env()).thenReturn(env);
AuthenticationResponse response = provider.syncAuthenticate(request);
assertThat(response.status(), is(SecurityResponse.SecurityStatus.SUCCESS));
assertThat(response.user(), is(Optional.empty()));
assertThat(response.service(), is(not(Optional.empty())));
response.service().map(Subject::principal).map(Principal::getName).ifPresent(name -> assertThat(name, is(username)));
}
use of io.helidon.security.SecurityEnvironment in project helidon by oracle.
the class HeaderAtnProviderTest method testServiceOutbound.
@Test
public void testServiceOutbound() {
HeaderAtnProvider provider = getServiceProvider();
String username = "service";
SecurityEnvironment env = outboundEnv();
ProviderRequest request = mock(ProviderRequest.class);
when(request.env()).thenReturn(env);
SecurityContext sc = mock(SecurityContext.class);
when(sc.service()).thenReturn(Optional.of(Subject.builder().addPrincipal(Principal.create(username)).build()));
when(sc.user()).thenReturn(Optional.empty());
when(request.securityContext()).thenReturn(sc);
SecurityEnvironment outboundEnv = outboundEnv();
EndpointConfig outboundEp = EndpointConfig.create();
assertThat("Outbound should be supported", provider.isOutboundSupported(request, outboundEnv, outboundEp), is(true));
OutboundSecurityResponse response = provider.syncOutbound(request, outboundEnv, outboundEp);
List<String> custom = response.requestHeaders().get("Authorization");
assertThat(custom, notNullValue());
assertThat(custom.size(), is(1));
String token = custom.get(0);
assertThat(token, is("bearer " + username));
}
use of io.helidon.security.SecurityEnvironment in project helidon by oracle.
the class HeaderAtnProviderTest method testServiceNoHeaderExtraction.
@Test
public void testServiceNoHeaderExtraction() {
HeaderAtnProvider provider = getServiceProvider();
SecurityEnvironment env = SecurityEnvironment.create();
ProviderRequest request = mock(ProviderRequest.class);
when(request.env()).thenReturn(env);
AuthenticationResponse response = provider.syncAuthenticate(request);
assertThat(response.status(), is(SecurityResponse.SecurityStatus.FAILURE));
assertThat(response.service(), is(Optional.empty()));
assertThat(response.user(), is(Optional.empty()));
}
use of io.helidon.security.SecurityEnvironment in project helidon by oracle.
the class HttpSignProviderTest method testInboundSignatureRsa.
@Test
public void testInboundSignatureRsa() throws ExecutionException, InterruptedException {
Map<String, List<String>> headers = new TreeMap<>(String.CASE_INSENSITIVE_ORDER);
headers.put("Signature", List.of("keyId=\"rsa-key-12345\",algorithm=\"rsa-sha256\",headers=\"date " + "host (request-target) authorization\"," + "signature=\"Rm5PjuUdJ927esGQ2gm/6QBEM9IM7J5qSZuP8NV8+GXUf" + "boUV6ST2EYLYniFGt5/3BO/2+vqQdqezdTVPr/JCwqBx+9T9ZynG7YqRj" + "KvXzcmvQOu5vQmCK5x/HR0fXU41Pjq+jywsD0k6KdxF6TWr6tvWRbwFet" + "+YSb0088o/65Xeqghw7s0vShf7jPZsaaIHnvM9SjWgix9VvpdEn4NDvqh" + "ebieVD3Swb1VG5+/7ECQ9VAlX30U5/jQ5hPO3yuvRlg5kkMjJiN7tf/68" + "If/5O2Z4H+7VmW0b1U69/JoOQJA0av1gCX7HVfa/YTCxIK4UFiI6h963q" + "2x7LSkqhdWGA==\""));
headers.put("host", List.of("example.org"));
headers.put("date", List.of("Thu, 08 Jun 2014 18:32:30 GMT"));
headers.put("authorization", List.of("basic dXNlcm5hbWU6cGFzc3dvcmQ="));
HttpSignProvider provider = getProvider();
SecurityContext context = mock(SecurityContext.class);
when(context.executorService()).thenReturn(ForkJoinPool.commonPool());
SecurityEnvironment se = SecurityEnvironment.builder().path("/my/resource").headers(headers).build();
EndpointConfig ep = EndpointConfig.create();
ProviderRequest request = mock(ProviderRequest.class);
when(request.securityContext()).thenReturn(context);
when(request.env()).thenReturn(se);
when(request.endpointConfig()).thenReturn(ep);
AuthenticationResponse atnResponse = provider.authenticate(request).toCompletableFuture().get();
assertThat(atnResponse.description().orElse("Unknown problem"), atnResponse.status(), is(SecurityResponse.SecurityStatus.SUCCESS));
atnResponse.user().map(Subject::principal).ifPresentOrElse(principal -> {
assertThat(principal.getName(), is("aUser"));
assertThat(principal.abacAttribute(HttpSignProvider.ATTRIB_NAME_KEY_ID), is(Optional.of("rsa-key-12345")));
}, () -> fail("User must be filled"));
}
Aggregations