use of org.apache.cxf.rt.security.claims.ClaimsSecurityContext in project cxf by apache.
the class ClaimsAuthorizingInterceptorTest method prepareMessage.
private Message prepareMessage(Class<?> cls, String methodName, String roleName, org.apache.cxf.rt.security.claims.Claim... claim) throws Exception {
ClaimCollection claims = new ClaimCollection();
Collections.addAll(claims, claim);
Set<Principal> roles = parseRolesFromClaims(claims, roleName, "urn:oasis:names:tc:SAML:2.0:attrname-format:unspecified");
ClaimsSecurityContext sc = new ClaimsSecurityContext() {
private Principal p = new SimplePrincipal("user");
@Override
public Principal getUserPrincipal() {
return p;
}
@Override
public boolean isUserInRole(String role) {
if (roles == null) {
return false;
}
for (Principal principalRole : roles) {
if (principalRole != p && principalRole.getName().equals(role)) {
return true;
}
}
return false;
}
@Override
public Subject getSubject() {
return null;
}
@Override
public Set<Principal> getUserRoles() {
return roles;
}
@Override
public ClaimCollection getClaims() {
return claims;
}
};
Message m = new MessageImpl();
m.setExchange(new ExchangeImpl());
m.put(SecurityContext.class, sc);
m.put("org.apache.cxf.resource.method", cls.getMethod(methodName, new Class[] {}));
return m;
}
use of org.apache.cxf.rt.security.claims.ClaimsSecurityContext in project cxf by apache.
the class ClaimsAuthorizingInterceptor method handleMessage.
public void handleMessage(Message message) throws Fault {
SecurityContext sc = message.get(SecurityContext.class);
if (!(sc instanceof ClaimsSecurityContext)) {
throw new AccessDeniedException("Security Context is unavailable or unrecognized");
}
Method method = MessageUtils.getTargetMethod(message).orElseThrow(() -> new AccessDeniedException("Method is not available : Unauthorized"));
if (authorize((ClaimsSecurityContext) sc, method)) {
return;
}
throw new AccessDeniedException("Unauthorized");
}
Aggregations