use of io.helidon.security.providers.common.TokenCredential in project helidon by oracle.
the class OidcSupportTest method testOutboundFull.
@Test
void testOutboundFull() {
String tokenContent = "huhahihohyhe";
TokenCredential tokenCredential = TokenCredential.builder().token(tokenContent).build();
Subject subject = Subject.builder().addPublicCredential(TokenCredential.class, tokenCredential).build();
ProviderRequest providerRequest = Mockito.mock(ProviderRequest.class);
SecurityContext ctx = Mockito.mock(SecurityContext.class);
when(ctx.user()).thenReturn(Optional.of(subject));
when(providerRequest.securityContext()).thenReturn(ctx);
SecurityEnvironment outboundEnv = SecurityEnvironment.builder().targetUri(URI.create("http://www.example.com:7777")).path("/test").build();
EndpointConfig endpointConfig = EndpointConfig.builder().build();
boolean outboundSupported = provider.isOutboundSupported(providerRequest, outboundEnv, endpointConfig);
assertThat("Outbound should not be supported by default", outboundSupported, is(false));
OutboundSecurityResponse response = provider.outboundSecurity(providerRequest, outboundEnv, endpointConfig).toCompletableFuture().join();
assertThat("Disabled target should have empty headers", response.requestHeaders().size(), is(0));
}
use of io.helidon.security.providers.common.TokenCredential in project helidon by oracle.
the class GoogleTokenProviderTest method buildOutboundRequest.
private ProviderRequest buildOutboundRequest() {
TokenCredential tc = TokenCredential.create(TOKEN_VALUE, "accounts.google.com", Instant.now(), Instant.now());
Subject subject = Subject.builder().principal(Principal.create("test")).addPublicCredential(tc).build();
SecurityContext context = mock(SecurityContext.class);
when(context.user()).thenReturn(Optional.of(subject));
ProviderRequest request = mock(ProviderRequest.class);
when(request.securityContext()).thenReturn(context);
when(context.executorService()).thenReturn(ForkJoinPool.commonPool());
return request;
}
use of io.helidon.security.providers.common.TokenCredential in project helidon by oracle.
the class OidcProvider method outboundSecurity.
@Override
public CompletionStage<OutboundSecurityResponse> outboundSecurity(ProviderRequest providerRequest, SecurityEnvironment outboundEnv, EndpointConfig outboundEndpointConfig) {
Optional<Subject> user = providerRequest.securityContext().user();
if (user.isPresent()) {
// we do have a user, let's see if we can propagate
Subject subject = user.get();
Optional<TokenCredential> tokenCredential = subject.publicCredential(TokenCredential.class);
if (tokenCredential.isPresent()) {
String tokenContent = tokenCredential.get().token();
OidcOutboundTarget target = outboundConfig.findTarget(outboundEnv);
boolean enabled = target.propagate;
if (enabled) {
Map<String, List<String>> headers = new HashMap<>(outboundEnv.headers());
target.tokenHandler.header(headers, tokenContent);
return CompletableFuture.completedFuture(OutboundSecurityResponse.withHeaders(headers));
}
}
}
return CompletableFuture.completedFuture(OutboundSecurityResponse.empty());
}
use of io.helidon.security.providers.common.TokenCredential in project helidon by oracle.
the class OidcSupportTest method testOutbound.
@Test
void testOutbound() {
String tokenContent = "huhahihohyhe";
TokenCredential tokenCredential = TokenCredential.builder().token(tokenContent).build();
Subject subject = Subject.builder().addPublicCredential(TokenCredential.class, tokenCredential).build();
ProviderRequest providerRequest = Mockito.mock(ProviderRequest.class);
SecurityContext ctx = Mockito.mock(SecurityContext.class);
when(ctx.user()).thenReturn(Optional.of(subject));
when(providerRequest.securityContext()).thenReturn(ctx);
SecurityEnvironment outboundEnv = SecurityEnvironment.builder().targetUri(URI.create("http://localhost:7777")).path("/test").build();
EndpointConfig endpointConfig = EndpointConfig.builder().build();
OutboundSecurityResponse response = provider.outboundSecurity(providerRequest, outboundEnv, endpointConfig).toCompletableFuture().join();
List<String> authorization = response.requestHeaders().get("Authorization");
assertThat("Authorization header", authorization, hasItem("Bearer " + tokenContent));
}
Aggregations