Example 1 with User
use of keywhiz.auth.User in project keywhiz by square.
the class CookieRenewingFilter method filter.
/**
* If the user has a valid session token, set a new session token. The new one should have a later
* expiration time.
*/
@Override
public void filter(ContainerRequestContext request, ContainerResponseContext response) throws IOException {
String sessionCookieName = sessionCookieConfig.getName();
// If the response will be setting a session cookie, don't overwrite it; just let it go.
if (response.getCookies().containsKey(sessionCookieName)) {
return;
}
// If the request doesn't have a session cookie, we're not going to renew one.
if (!request.getCookies().containsKey(sessionCookieName)) {
return;
}
Cookie requestCookie = request.getCookies().get(sessionCookieName);
Optional<User> optionalUser = authenticator.authenticate(requestCookie);
if (optionalUser.isPresent()) {
sessionLoginResource.cookiesForUser(optionalUser.get()).forEach(c -> response.getHeaders().add(HttpHeaders.SET_COOKIE, c));
}
}
Also used :
Cookie(javax.ws.rs.core.Cookie)
SessionCookie(keywhiz.auth.cookie.SessionCookie)
User(keywhiz.auth.User)
Example 2 with User
use of keywhiz.auth.User in project keywhiz by square.
the class BcryptAuthenticatorTest method bcryptAuthenticatorCreatesUserOnSuccess.
@Test
public void bcryptAuthenticatorCreatesUserOnSuccess() throws Exception {
when(userDAO.getHashedPassword("sysadmin")).thenReturn(Optional.of(hashedPass));
User user = bcryptAuthenticator.authenticate(new BasicCredentials("sysadmin", "validpass")).orElseThrow(RuntimeException::new);
assertThat(user).isEqualTo(User.named("sysadmin"));
}
Also used :
User(keywhiz.auth.User)
BasicCredentials(io.dropwizard.auth.basic.BasicCredentials)
Test(org.junit.Test)
Example 3 with User
use of keywhiz.auth.User in project keywhiz by square.
the class LdapAuthenticatorTest method ldapAuthenticatorRejectsInvalidUsername.
@Ignore
@Test
public void ldapAuthenticatorRejectsInvalidUsername() throws Exception {
String crazyUsername = "sysadmin)`~!@#$%^&*()+=[]{}\\|;:'\",<>?/\r\n\t";
Optional<User> missingUser = ldapAuthenticator.authenticate(new BasicCredentials(crazyUsername, "badpass"));
assertThat(missingUser).isEmpty();
}
Also used :
User(keywhiz.auth.User)
BasicCredentials(io.dropwizard.auth.basic.BasicCredentials)
Ignore(org.junit.Ignore)
Test(org.junit.Test)
Example 4 with User
use of keywhiz.auth.User in project keywhiz by square.
the class LdapAuthenticatorTest method ldapAuthenticatorCreatesUserOnSuccess.
@Ignore
@Test
public void ldapAuthenticatorCreatesUserOnSuccess() throws Exception {
when(ldapConnectionFactory.getLDAPConnection(PEOPLE_DN, "validpass")).thenReturn(ldapUserAuthConnection);
User user = ldapAuthenticator.authenticate(new BasicCredentials("sysadmin", "validpass")).orElseThrow(RuntimeException::new);
assertThat(user).isEqualTo(User.named("sysadmin"));
}
Also used :
User(keywhiz.auth.User)
BasicCredentials(io.dropwizard.auth.basic.BasicCredentials)
Ignore(org.junit.Ignore)
Test(org.junit.Test)
Example 5 with User
use of keywhiz.auth.User in project keywhiz by square.
the class SessionMeResourceTest method returnsTheCorrectUser.
@Test
public void returnsTheCorrectUser() throws Exception {
User user = User.named("Me");
User returnedUser = sessionMeResource.getInformation(user);
assertThat(returnedUser).isEqualTo(user);
}Aggregations
User (keywhiz.auth.User)17
Test (org.junit.Test)13
BasicCredentials (io.dropwizard.auth.basic.BasicCredentials)8
Ignore (org.junit.Ignore)4
LDAPConnection (com.unboundid.ldap.sdk.LDAPConnection)2
LDAPException (com.unboundid.ldap.sdk.LDAPException)2
GeneralSecurityException (java.security.GeneralSecurityException)2
ForbiddenException (javax.ws.rs.ForbiddenException)2
Cookie (javax.ws.rs.core.Cookie)2
NewCookie (javax.ws.rs.core.NewCookie)2
Response (javax.ws.rs.core.Response)1
SessionCookie (keywhiz.auth.cookie.SessionCookie)1
Request (okhttp3.Request)1
Response (okhttp3.Response)1
