Search in sources :

Example 1 with Subject

use of io.helidon.security.Subject in project helidon by oracle.

the class AtnProvider method syncAuthenticate.

@Override
protected AuthenticationResponse syncAuthenticate(ProviderRequest providerRequest) {
    EndpointConfig endpointConfig = providerRequest.endpointConfig();
    Config atnConfig = endpointConfig.config(CONFIG_KEY).orElse(null);
    Subject user = null;
    Subject service = null;
    List<Auth> list;
    Optional<AtnConfig> optional = providerRequest.endpointConfig().instance(AtnConfig.class);
    if (optional.isPresent()) {
        list = optional.get().auths();
    } else if (atnConfig != null && !atnConfig.isLeaf()) {
        list = atnConfig.asNodeList().map(this::fromConfig).orElse(Collections.emptyList());
    } else {
        list = fromAnnotations(endpointConfig);
    }
    for (Auth authentication : list) {
        if (authentication.type() == SubjectType.USER) {
            user = buildSubject(authentication);
        } else {
            service = buildSubject(authentication);
        }
    }
    return AuthenticationResponse.success(user, service);
}
Also used : Config(io.helidon.config.Config) EndpointConfig(io.helidon.security.EndpointConfig) EndpointConfig(io.helidon.security.EndpointConfig) Subject(io.helidon.security.Subject)

Example 2 with Subject

use of io.helidon.security.Subject in project helidon by oracle.

the class OutboundOverrideExample method startServingService.

static CompletionStage<Void> startServingService(int port) {
    Config config = createConfig("serving-service");
    Routing routing = Routing.builder().register(WebSecurity.create(config.get("security"))).get("/hello", (req, res) -> {
        res.send(req.context().get(SecurityContext.class).flatMap(SecurityContext::user).map(Subject::principal).map(Principal::getName).orElse("Anonymous"));
    }).build();
    return startServer(routing, port, server -> servingPort = server.port());
}
Also used : OutboundOverrideUtil.startServer(io.helidon.security.examples.outbound.OutboundOverrideUtil.startServer) Config(io.helidon.config.Config) OutboundOverrideUtil.sendError(io.helidon.security.examples.outbound.OutboundOverrideUtil.sendError) SecurityContext(io.helidon.security.SecurityContext) Principal(io.helidon.security.Principal) ServerRequest(io.helidon.webserver.ServerRequest) OutboundOverrideUtil.getSecurityContext(io.helidon.security.examples.outbound.OutboundOverrideUtil.getSecurityContext) CompletionStage(java.util.concurrent.CompletionStage) ServerResponse(io.helidon.webserver.ServerResponse) WebSecurity(io.helidon.security.integration.webserver.WebSecurity) Subject(io.helidon.security.Subject) Routing(io.helidon.webserver.Routing) OutboundOverrideUtil.createConfig(io.helidon.security.examples.outbound.OutboundOverrideUtil.createConfig) OutboundOverrideUtil.webTarget(io.helidon.security.examples.outbound.OutboundOverrideUtil.webTarget) HttpBasicAuthProvider(io.helidon.security.providers.httpauth.HttpBasicAuthProvider) Config(io.helidon.config.Config) OutboundOverrideUtil.createConfig(io.helidon.security.examples.outbound.OutboundOverrideUtil.createConfig) Routing(io.helidon.webserver.Routing) Subject(io.helidon.security.Subject)

Example 3 with Subject

use of io.helidon.security.Subject in project helidon by oracle.

the class OutboundOverrideJwtExample method startServingService.

static CompletionStage<Void> startServingService(int port) {
    Config config = createConfig("serving-service-jwt");
    Routing routing = Routing.builder().register(WebSecurity.create(config.get("security"))).get("/hello", (req, res) -> {
        // This is the token. It should be bearer <signed JWT base64 encoded>
        req.headers().first("Authorization").ifPresent(System.out::println);
        res.send(req.context().get(SecurityContext.class).flatMap(SecurityContext::user).map(Subject::principal).map(Principal::getName).orElse("Anonymous"));
    }).build();
    return startServer(routing, port, server -> servingPort = server.port());
}
Also used : OutboundOverrideUtil.startServer(io.helidon.security.examples.outbound.OutboundOverrideUtil.startServer) Config(io.helidon.config.Config) OutboundOverrideUtil.sendError(io.helidon.security.examples.outbound.OutboundOverrideUtil.sendError) SecurityContext(io.helidon.security.SecurityContext) Principal(io.helidon.security.Principal) ServerRequest(io.helidon.webserver.ServerRequest) OutboundOverrideUtil.getSecurityContext(io.helidon.security.examples.outbound.OutboundOverrideUtil.getSecurityContext) CompletionStage(java.util.concurrent.CompletionStage) ServerResponse(io.helidon.webserver.ServerResponse) WebSecurity(io.helidon.security.integration.webserver.WebSecurity) Subject(io.helidon.security.Subject) Routing(io.helidon.webserver.Routing) OutboundOverrideUtil.createConfig(io.helidon.security.examples.outbound.OutboundOverrideUtil.createConfig) OutboundOverrideUtil.webTarget(io.helidon.security.examples.outbound.OutboundOverrideUtil.webTarget) JwtProvider(io.helidon.security.providers.jwt.JwtProvider) Config(io.helidon.config.Config) OutboundOverrideUtil.createConfig(io.helidon.security.examples.outbound.OutboundOverrideUtil.createConfig) Routing(io.helidon.webserver.Routing) Subject(io.helidon.security.Subject)

Example 4 with Subject

use of io.helidon.security.Subject in project helidon by oracle.

the class OutboundProviderSyncTest method testSuccess.

@Test
public void testSuccess() {
    String username = "aUser";
    Subject subject = Subject.create(Principal.create(username));
    SecurityContext context = mock(SecurityContext.class);
    when(context.user()).thenReturn(Optional.of(subject));
    when(context.service()).thenReturn(Optional.empty());
    SecurityEnvironment se = SecurityEnvironment.create();
    ProviderRequest request = mock(ProviderRequest.class);
    when(request.securityContext()).thenReturn(context);
    when(request.env()).thenReturn(se);
    OutboundProviderSync ops = new OutboundProviderSync();
    OutboundSecurityResponse response = ops.syncOutbound(request, SecurityEnvironment.create(), EndpointConfig.create());
    assertThat(response.status(), is(SecurityResponse.SecurityStatus.SUCCESS));
    assertThat(response.requestHeaders().get("X-AUTH-USER"), is(List.of(username)));
}
Also used : SecurityEnvironment(io.helidon.security.SecurityEnvironment) SecurityContext(io.helidon.security.SecurityContext) Subject(io.helidon.security.Subject) ProviderRequest(io.helidon.security.ProviderRequest) OutboundSecurityResponse(io.helidon.security.OutboundSecurityResponse) Test(org.junit.jupiter.api.Test)

Example 5 with Subject

use of io.helidon.security.Subject in project helidon by oracle.

the class GoogleBuilderMain method start.

static int start(int port) {
    Security security = Security.builder().addProvider(GoogleTokenProvider.builder().clientId("your-client-id.apps.googleusercontent.com")).build();
    WebSecurity ws = WebSecurity.create(security);
    Routing.Builder routing = Routing.builder().register(ws).get("/rest/profile", WebSecurity.authenticate(), (req, res) -> {
        Optional<SecurityContext> securityContext = req.context().get(SecurityContext.class);
        res.headers().contentType(MediaType.TEXT_PLAIN.withCharset("UTF-8"));
        res.send("Response from builder based service, you are: \n" + securityContext.flatMap(SecurityContext::user).map(Subject::toString).orElse("Security context is null"));
        req.next();
    }).register(StaticContentSupport.create("/WEB"));
    theServer = GoogleUtil.startIt(port, routing);
    return theServer.port();
}
Also used : Security(io.helidon.security.Security) StaticContentSupport(io.helidon.webserver.staticcontent.StaticContentSupport) WebServer(io.helidon.webserver.WebServer) Optional(java.util.Optional) WebSecurity(io.helidon.security.integration.webserver.WebSecurity) SecurityContext(io.helidon.security.SecurityContext) Subject(io.helidon.security.Subject) GoogleTokenProvider(io.helidon.security.providers.google.login.GoogleTokenProvider) Routing(io.helidon.webserver.Routing) MediaType(io.helidon.common.http.MediaType) Optional(java.util.Optional) WebSecurity(io.helidon.security.integration.webserver.WebSecurity) SecurityContext(io.helidon.security.SecurityContext) Routing(io.helidon.webserver.Routing) Security(io.helidon.security.Security) WebSecurity(io.helidon.security.integration.webserver.WebSecurity) Subject(io.helidon.security.Subject)

Aggregations

Subject (io.helidon.security.Subject)36 ProviderRequest (io.helidon.security.ProviderRequest)22 SecurityContext (io.helidon.security.SecurityContext)18 SecurityEnvironment (io.helidon.security.SecurityEnvironment)18 AuthenticationResponse (io.helidon.security.AuthenticationResponse)17 Test (org.junit.jupiter.api.Test)17 Principal (io.helidon.security.Principal)16 EndpointConfig (io.helidon.security.EndpointConfig)15 OutboundSecurityResponse (io.helidon.security.OutboundSecurityResponse)15 SignedJwt (io.helidon.security.jwt.SignedJwt)11 Config (io.helidon.config.Config)10 Jwt (io.helidon.security.jwt.Jwt)9 Optional (java.util.Optional)8 Instant (java.time.Instant)7 Locale (java.util.Locale)7 TokenCredential (io.helidon.security.providers.common.TokenCredential)6 LinkedList (java.util.LinkedList)6 List (java.util.List)6 Errors (io.helidon.common.Errors)4 MediaType (io.helidon.common.http.MediaType)4