use of io.helidon.security.spi.AuthorizationProvider in project helidon by oracle.
the class CompositePolicyFlagsTest method testIt.
private void testIt(TestConfig conf) {
ProviderSelectionPolicy psp = getPsp(conf.firstFlag, conf.secondFlag);
AuthenticationProvider atn = psp.selectProvider(AuthenticationProvider.class).get();
AuthorizationProvider atz = psp.selectProvider(AuthorizationProvider.class).get();
SecurityResponse res = SecurityResponse.get(atn.authenticate(request("/jack", "jack")));
assertThat(res.status(), is(conf.okOk));
res = SecurityResponse.get(atz.authorize(request("/atz/permit", "atz/permit")));
assertThat(res.status(), is(conf.okOk));
res = SecurityResponse.get(atn.authenticate(request("/jack", "abstain")));
assertThat(res.status(), is(conf.okAbstain));
res = SecurityResponse.get(atz.authorize(request("/atz/permit", "atz/abstain")));
assertThat(res.status(), is(conf.okAbstain));
res = SecurityResponse.get(atn.authenticate(request("/jack", "fail")));
assertThat(res.status(), is(conf.okFail));
res = SecurityResponse.get(atz.authorize(request("/atz/permit", "atz/fail")));
assertThat(res.status(), is(conf.okFail));
res = SecurityResponse.get(atn.authenticate(request("/abstain", "jack")));
assertThat(res.status(), is(conf.abstainOk));
res = SecurityResponse.get(atz.authorize(request("/atz/abstain", "atz/permit")));
assertThat(res.status(), is(conf.abstainOk));
res = SecurityResponse.get(atn.authenticate(request("/abstain", "abstain")));
assertThat(res.status(), is(conf.abstainAbstain));
res = SecurityResponse.get(atz.authorize(request("/atz/abstain", "atz/abstain")));
assertThat(res.status(), is(conf.abstainAbstain));
res = SecurityResponse.get(atn.authenticate(request("/abstain", "fail")));
assertThat(res.status(), is(conf.abstainFail));
res = SecurityResponse.get(atz.authorize(request("/atz/abstain", "atz/fail")));
assertThat(res.status(), is(conf.abstainFail));
res = SecurityResponse.get(atn.authenticate(request("/fail", "jack")));
assertThat(res.status(), is(conf.failOk));
res = SecurityResponse.get(atz.authorize(request("/atz/fail", "atz/permit")));
assertThat(res.status(), is(conf.failOk));
res = SecurityResponse.get(atn.authenticate(request("/fail", "abstain")));
assertThat(res.status(), is(conf.failAbstain));
res = SecurityResponse.get(atz.authorize(request("/atz/fail", "atz/abstain")));
assertThat(res.status(), is(conf.failAbstain));
res = SecurityResponse.get(atn.authenticate(request("/fail", "fail")));
assertThat(res.status(), is(conf.failFail));
res = SecurityResponse.get(atz.authorize(request("/atz/fail", "atz/fail")));
assertThat(res.status(), is(conf.failFail));
}
Aggregations