Search in sources :

Example 1 with TokenCredential

use of io.helidon.security.providers.common.TokenCredential in project helidon by oracle.

the class OidcSupportTest method testOutboundFull.

@Test
void testOutboundFull() {
    String tokenContent = "huhahihohyhe";
    TokenCredential tokenCredential = TokenCredential.builder().token(tokenContent).build();
    Subject subject = Subject.builder().addPublicCredential(TokenCredential.class, tokenCredential).build();
    ProviderRequest providerRequest = Mockito.mock(ProviderRequest.class);
    SecurityContext ctx = Mockito.mock(SecurityContext.class);
    when(ctx.user()).thenReturn(Optional.of(subject));
    when(providerRequest.securityContext()).thenReturn(ctx);
    SecurityEnvironment outboundEnv = SecurityEnvironment.builder().targetUri(URI.create("http://www.example.com:7777")).path("/test").build();
    EndpointConfig endpointConfig = EndpointConfig.builder().build();
    boolean outboundSupported = provider.isOutboundSupported(providerRequest, outboundEnv, endpointConfig);
    assertThat("Outbound should not be supported by default", outboundSupported, is(false));
    OutboundSecurityResponse response = provider.outboundSecurity(providerRequest, outboundEnv, endpointConfig).toCompletableFuture().join();
    assertThat("Disabled target should have empty headers", response.requestHeaders().size(), is(0));
}
Also used : SecurityEnvironment(io.helidon.security.SecurityEnvironment) SecurityContext(io.helidon.security.SecurityContext) TokenCredential(io.helidon.security.providers.common.TokenCredential) Subject(io.helidon.security.Subject) EndpointConfig(io.helidon.security.EndpointConfig) ProviderRequest(io.helidon.security.ProviderRequest) OutboundSecurityResponse(io.helidon.security.OutboundSecurityResponse) Test(org.junit.jupiter.api.Test)

Example 2 with TokenCredential

use of io.helidon.security.providers.common.TokenCredential in project helidon by oracle.

the class GoogleTokenProviderTest method buildOutboundRequest.

private ProviderRequest buildOutboundRequest() {
    TokenCredential tc = TokenCredential.create(TOKEN_VALUE, "accounts.google.com", Instant.now(), Instant.now());
    Subject subject = Subject.builder().principal(Principal.create("test")).addPublicCredential(tc).build();
    SecurityContext context = mock(SecurityContext.class);
    when(context.user()).thenReturn(Optional.of(subject));
    ProviderRequest request = mock(ProviderRequest.class);
    when(request.securityContext()).thenReturn(context);
    when(context.executorService()).thenReturn(ForkJoinPool.commonPool());
    return request;
}
Also used : SecurityContext(io.helidon.security.SecurityContext) TokenCredential(io.helidon.security.providers.common.TokenCredential) Subject(io.helidon.security.Subject) ProviderRequest(io.helidon.security.ProviderRequest)

Example 3 with TokenCredential

use of io.helidon.security.providers.common.TokenCredential in project helidon by oracle.

the class OidcProvider method outboundSecurity.

@Override
public CompletionStage<OutboundSecurityResponse> outboundSecurity(ProviderRequest providerRequest, SecurityEnvironment outboundEnv, EndpointConfig outboundEndpointConfig) {
    Optional<Subject> user = providerRequest.securityContext().user();
    if (user.isPresent()) {
        // we do have a user, let's see if we can propagate
        Subject subject = user.get();
        Optional<TokenCredential> tokenCredential = subject.publicCredential(TokenCredential.class);
        if (tokenCredential.isPresent()) {
            String tokenContent = tokenCredential.get().token();
            OidcOutboundTarget target = outboundConfig.findTarget(outboundEnv);
            boolean enabled = target.propagate;
            if (enabled) {
                Map<String, List<String>> headers = new HashMap<>(outboundEnv.headers());
                target.tokenHandler.header(headers, tokenContent);
                return CompletableFuture.completedFuture(OutboundSecurityResponse.withHeaders(headers));
            }
        }
    }
    return CompletableFuture.completedFuture(OutboundSecurityResponse.empty());
}
Also used : HashMap(java.util.HashMap) List(java.util.List) LinkedList(java.util.LinkedList) TokenCredential(io.helidon.security.providers.common.TokenCredential) Subject(io.helidon.security.Subject)

Example 4 with TokenCredential

use of io.helidon.security.providers.common.TokenCredential in project helidon by oracle.

the class OidcSupportTest method testOutbound.

@Test
void testOutbound() {
    String tokenContent = "huhahihohyhe";
    TokenCredential tokenCredential = TokenCredential.builder().token(tokenContent).build();
    Subject subject = Subject.builder().addPublicCredential(TokenCredential.class, tokenCredential).build();
    ProviderRequest providerRequest = Mockito.mock(ProviderRequest.class);
    SecurityContext ctx = Mockito.mock(SecurityContext.class);
    when(ctx.user()).thenReturn(Optional.of(subject));
    when(providerRequest.securityContext()).thenReturn(ctx);
    SecurityEnvironment outboundEnv = SecurityEnvironment.builder().targetUri(URI.create("http://localhost:7777")).path("/test").build();
    EndpointConfig endpointConfig = EndpointConfig.builder().build();
    OutboundSecurityResponse response = provider.outboundSecurity(providerRequest, outboundEnv, endpointConfig).toCompletableFuture().join();
    List<String> authorization = response.requestHeaders().get("Authorization");
    assertThat("Authorization header", authorization, hasItem("Bearer " + tokenContent));
}
Also used : SecurityEnvironment(io.helidon.security.SecurityEnvironment) SecurityContext(io.helidon.security.SecurityContext) TokenCredential(io.helidon.security.providers.common.TokenCredential) Subject(io.helidon.security.Subject) EndpointConfig(io.helidon.security.EndpointConfig) ProviderRequest(io.helidon.security.ProviderRequest) OutboundSecurityResponse(io.helidon.security.OutboundSecurityResponse) Test(org.junit.jupiter.api.Test)

Aggregations

Subject (io.helidon.security.Subject)4 TokenCredential (io.helidon.security.providers.common.TokenCredential)4 ProviderRequest (io.helidon.security.ProviderRequest)3 SecurityContext (io.helidon.security.SecurityContext)3 EndpointConfig (io.helidon.security.EndpointConfig)2 OutboundSecurityResponse (io.helidon.security.OutboundSecurityResponse)2 SecurityEnvironment (io.helidon.security.SecurityEnvironment)2 Test (org.junit.jupiter.api.Test)2 HashMap (java.util.HashMap)1 LinkedList (java.util.LinkedList)1 List (java.util.List)1