Examples with Callback javax.security.auth.callback.Callback used on opensource projects

Example 21 with Callback

use of javax.security.auth.callback.Callback in project OpenAM by OpenRock.

the class OpenAMAuthHandlerTest method handle.

/**
     * Test the following method;.
     *
     * @see org.forgerock.openam.radius.server.spi.handlers.OpenAMAuthHandler#handle
     * @throws RadiusProcessingException - should not happen.
     * @throws AuthLoginException - should not happen.
     * @throws IOException - should not happen.
     */
@Test(enabled = true)
public void handle() throws RadiusProcessingException, AuthLoginException, IOException {
    // given
    final Callback pagePropCallback = new PagePropertiesCallback("test_module", null, null, 0, null, false, null);
    final Callback nameCallback = new NameCallback("Username:");
    final Callback pwCallback = new PasswordCallback("pw_prompt", false);
    final Callback[] callbacks = new Callback[] { pagePropCallback, nameCallback, pwCallback };
    final String testRealm = "test_realm";
    final String testChain = "test_chain";
    final String cacheKey = "cache_key";
    final Properties props = new Properties();
    props.setProperty("realm", testRealm);
    props.setProperty("chain", testChain);
    final Status status = mock(Status.class);
    final AuthContext authContext = mock(AuthContext.class);
    when(authContext.getStatus()).thenReturn(AuthContext.Status.SUCCESS);
    when(status.toString()).thenReturn("success");
    when(authContext.hasMoreRequirements()).thenReturn(true, false);
    when(authContext.getRequirements(true)).thenReturn(callbacks);
    // Context and context holder
    final ContextHolder holder = mock(ContextHolder.class);
    final OpenAMAuthFactory ctxHolderFactory = mock(OpenAMAuthFactory.class);
    when(holder.getCacheKey()).thenReturn(cacheKey);
    when(holder.getAuthContext()).thenReturn(authContext);
    when(holder.getAuthPhase()).thenReturn(AuthPhase.STARTING, AuthPhase.GATHERING_INPUT, AuthPhase.FINALIZING);
    when(holder.getCallbacks()).thenReturn(callbacks, callbacks, (Callback[]) null);
    when(holder.getIdxOfCurrentCallback()).thenReturn(1, 2);
    final ContextHolderCache ctxHolderCache = mock(ContextHolderCache.class);
    when(ctxHolderCache.createCachedContextHolder()).thenReturn(holder);
    when(ctxHolderCache.get(isA(String.class))).thenReturn(holder);
    EventBus eventBus = new EventBus();
    final OpenAMAuthHandler handler = new OpenAMAuthHandler(ctxHolderFactory, ctxHolderCache, eventBus);
    handler.init(props);
    final Authenticator authenticator = mock(Authenticator.class);
    when(authenticator.getOctets()).thenReturn("authenticator".getBytes());
    // final StateAttribute mockStateAttribute = new StateAttribute("1");
    final UserPasswordAttribute mockUserPasswordAttribute = new UserPasswordAttribute(authenticator, "secret", "testPassword");
    final UserNameAttribute mockUsernameAttribute = new UserNameAttribute("testUser");
    final AttributeSet mockAttrSet = mock(AttributeSet.class);
    when(mockAttrSet.size()).thenReturn(2);
    // when(mockAttrSet.getAttributeAt(0)).thenReturn(mockStateAttribute);
    when(mockAttrSet.getAttributeAt(0)).thenReturn(mockUserPasswordAttribute);
    when(mockAttrSet.getAttributeAt(1)).thenReturn(mockUsernameAttribute);
    final AccessRequest mockRequestPacket = mock(AccessRequest.class);
    when(mockRequestPacket.getAttributeSet()).thenReturn(mockAttrSet);
    RadiusRequestContext reqCtx = mock(RadiusRequestContext.class);
    when(reqCtx.getRequestAuthenticator()).thenReturn((mock(Authenticator.class)));
    when(reqCtx.getClientSecret()).thenReturn("victoria");
    RadiusResponse response = new RadiusResponse();
    Packet mockPacket = mock(Packet.class);
    when(mockPacket.getIdentifier()).thenReturn((short) 1);
    RadiusRequest request = mock(RadiusRequest.class);
    when(request.getRequestPacket()).thenReturn(mockPacket);
    UserNameAttribute userName = mock(UserNameAttribute.class);
    when(userName.getName()).thenReturn("Fred");
    UserPasswordAttribute userPassword = mock(UserPasswordAttribute.class);
    when(userPassword.extractPassword(isA(Authenticator.class), isA(String.class))).thenReturn("password");
    when(request.getAttribute(UserPasswordAttribute.class)).thenReturn(userPassword);
    when(request.getAttribute(UserNameAttribute.class)).thenReturn(userName);
    String password = userPassword.extractPassword(reqCtx.getRequestAuthenticator(), reqCtx.getClientSecret());
    assertThat(password).isNotNull();
    // when
    handler.handle(request, response, reqCtx);
    // then
    verify(authContext, times(1)).login(AuthContext.IndexType.SERVICE, testChain);
    verify(ctxHolderFactory, times(1)).getAuthContext(testRealm);
    verify(holder, times(3)).getCallbacks();
    verify(holder, times(1)).setAuthPhase(ContextHolder.AuthPhase.TERMINATED);
    verify(authContext, times(1)).logout();
}

Example 22 with Callback

use of javax.security.auth.callback.Callback in project OpenAM by OpenRock.

the class ProxyPETest method login.

private SSOToken login() throws Exception {
    lc = new AuthContext("/");
    AuthContext.IndexType indexType = AuthContext.IndexType.MODULE_INSTANCE;
    lc.login(indexType, "DataStore");
    Callback[] callbacks = null;
    // get information requested from module
    while (lc.hasMoreRequirements()) {
        callbacks = lc.getRequirements();
        if (callbacks != null) {
            addLoginCallbackMessage(callbacks);
            lc.submitRequirements(callbacks);
        }
    }
    return (lc.getStatus() == AuthContext.Status.SUCCESS) ? lc.getSSOToken() : null;
}

Example 23 with Callback

use of javax.security.auth.callback.Callback in project OpenAM by OpenRock.

the class AuthContext method login.

/**
     * Starts the login process for the given <code>AuthContext</code> object
     * identified by the index type and index name and also completes
     * the login process by submitting the given User credentials
     * in the form of Callbacks.
     * The <code>IndexType</code> defines the possible kinds of "objects"
     * or "resources" for which an authentication can
     * be performed. Currently supported index types are
     * users, roles, services (or application), levels, resources and mechanism.
     * <p>
     * NOTE : This is a simplified wrapper method to eliminate multi-step calls
     * to 'login' and submit credentials. This method is useful and will work
     * only for those authentication modules which require only one set of
     * callbacks or one page. This method can not be used to authenticate to
     * authentication modules which require user interaction or multiple pages.
     *
     * @param type Authentication index type.
     * @param indexName Authentication index name.
     * @param userInfo User information/credentials in the form of array of
     *        <code>Callback</code> objects. The <code>Callback</code> objects
     *        array must be in the same order as defined in the authentication
     *        module properties file, otherwise authentication module code will
     *        not work.
     * @return single-sign-on token for the valid user after successful
     *         authentication.
     * @exception AuthLoginException if an error occurred during login.
     */
public SSOToken login(IndexType type, String indexName, Callback[] userInfo) throws AuthLoginException {
    login(type, indexName, null, null, null, null);
    SSOToken ssoToken = null;
    Callback[] callbacks = null;
    while (hasMoreRequirements()) {
        callbacks = getRequirements();
        if (callbacks != null) {
            try {
                submitRequirements(userInfo);
            } catch (Exception e) {
                if (authDebug.messageEnabled()) {
                    authDebug.message("Error: submitRequirements with userInfo : " + e.getMessage());
                }
                throw new AuthLoginException(e);
            }
        }
    }
    try {
        if (getStatus() == AuthContext.Status.SUCCESS) {
            ssoToken = getSSOToken();
        }
    } catch (Exception e) {
        if (authDebug.messageEnabled()) {
            authDebug.message("Error: getSSOToken : " + e.getMessage());
        }
        throw new AuthLoginException(e);
    }
    return ssoToken;
}

Example 24 with Callback

use of javax.security.auth.callback.Callback in project OpenAM by OpenRock.

the class PersistentCookieAuthModuleTest method shouldProcessCallbacksAndThrowInvalidStateException.

@Test
public void shouldProcessCallbacksAndThrowInvalidStateException() throws LoginException {
    //Given
    Callback[] callbacks = new Callback[0];
    int state = 0;
    //When
    boolean exceptionCaught = false;
    AuthLoginException exception = null;
    try {
        persistentCookieAuthModule.process(callbacks, state);
    } catch (AuthLoginException e) {
        exceptionCaught = true;
        exception = e;
    }
    //Then
    assertTrue(exceptionCaught);
    assertEquals(exception.getErrorCode(), "incorrectState");
}

Example 25 with Callback

use of javax.security.auth.callback.Callback in project OpenAM by OpenRock.

the class PersistentCookieAuthModuleTest method shouldEnforceClientIPOnLoginWhenClientIPIsDifferent.

@Test(expectedExceptions = AuthLoginException.class)
public void shouldEnforceClientIPOnLoginWhenClientIPIsDifferent() throws LoginException {
    //Given
    MessageInfo messageInfo = mock(MessageInfo.class);
    Subject clientSubject = new Subject();
    Callback[] callbacks = new Callback[0];
    Jwt jwt = mock(Jwt.class);
    JwtClaimsSet claimsSet = mock(JwtClaimsSet.class);
    Map<String, Object> claimsSetContext = new HashMap<String, Object>();
    HttpServletRequest request = mock(HttpServletRequest.class);
    Map options = new HashMap();
    options.put("openam-auth-persistent-cookie-enforce-ip", Collections.singleton("true"));
    persistentCookieAuthModule.initialize(null, null, options);
    given(jwtSessionModule.validateJwtSessionCookie(messageInfo)).willReturn(jwt);
    given(jwt.getClaimsSet()).willReturn(claimsSet);
    given(claimsSet.getClaim(AuthenticationFramework.ATTRIBUTE_AUTH_CONTEXT, Map.class)).willReturn(claimsSetContext);
    claimsSetContext.put("openam.rlm", "REALM");
    given(amLoginModuleBinder.getRequestOrg()).willReturn("REALM");
    claimsSetContext.put("openam-auth-persistent-cookie-enforce-ip", "CLIENT_IP");
    given(amLoginModuleBinder.getHttpServletRequest()).willReturn(request);
    given(request.getRemoteAddr()).willReturn("CLIENT_IP_2");
    //When
    persistentCookieAuthModule.process(messageInfo, clientSubject, callbacks);
    //Then
    fail();
}