use of org.apache.jackrabbit.api.security.authentication.token.TokenCredentials in project jackrabbit by apache.
the class TokenBasedAuthenticationTest method testUpdateAttributes.
public void testUpdateAttributes() throws RepositoryException {
// token credentials must be updated to contain the additional attribute
// present on the token node.
TokenBasedAuthentication auth = createAuthentication();
TokenCredentials tc = new TokenCredentials(token);
tc.setAttribute(TokenBasedAuthentication.TOKEN_ATTRIBUTE + ".any", "correct");
assertTrue(auth.authenticate(tc));
assertEquals("value", tc.getAttribute("informative"));
// additional informative property present on credentials upon subsequent
// authentication -> the node must not be updated
auth = createAuthentication();
tc.setAttribute("informative2", "value2");
assertTrue(auth.authenticate(tc));
assertFalse(tokenNode.hasProperty("informative2"));
// modified informative property present on credentials upon subsequent
// authentication -> the node must not be updated
auth = createAuthentication();
tc.setAttribute("informative", "otherValue");
assertTrue(auth.authenticate(tc));
assertTrue(tokenNode.hasProperty("informative"));
assertEquals("value", tokenNode.getProperty("informative").getString());
// additional mandatory property on the credentials upon subsequent
// authentication -> must be ignored
auth = createAuthentication();
tc.setAttribute(TokenBasedAuthentication.TOKEN_ATTRIBUTE + ".toIgnore", "ignore");
assertTrue(auth.authenticate(tokenCreds));
assertFalse(tokenNode.hasProperty(TokenBasedAuthentication.TOKEN_ATTRIBUTE + ".toIgnore"));
}
use of org.apache.jackrabbit.api.security.authentication.token.TokenCredentials in project jackrabbit-oak by apache.
the class TokenLoginModule method commit.
@Override
public boolean commit() throws LoginException {
if (tokenCredentials != null && userId != null) {
Set<? extends Principal> principals = (principal != null) ? getPrincipals(principal) : getPrincipals(userId);
updateSubject(tokenCredentials, getAuthInfo(tokenInfo, principals), principals);
return true;
}
try {
if (tokenProvider != null && sharedState.containsKey(SHARED_KEY_CREDENTIALS)) {
Credentials shared = getSharedCredentials();
if (shared != null && tokenProvider.doCreateToken(shared)) {
Root r = getRoot();
if (r != null) {
// refresh root, in case the external login module created users
r.refresh();
}
TokenInfo ti = tokenProvider.createToken(shared);
if (ti != null) {
TokenCredentials tc = new TokenCredentials(ti.getToken());
Map<String, String> attributes = ti.getPrivateAttributes();
for (String name : attributes.keySet()) {
tc.setAttribute(name, attributes.get(name));
}
attributes = ti.getPublicAttributes();
for (String name : attributes.keySet()) {
tc.setAttribute(name, attributes.get(name));
}
sharedState.put(SHARED_KEY_ATTRIBUTES, attributes);
updateSubject(tc, null, null);
} else {
// failed to create token -> fail commit()
Object logId = (userId != null) ? userId : sharedState.get(SHARED_KEY_LOGIN_NAME);
log.debug("TokenProvider failed to create a login token for user " + logId);
throw new LoginException("Failed to create login token for user " + logId);
}
}
}
} finally {
// the login attempt on this module did not succeed: clear state
clearState();
}
return false;
}
use of org.apache.jackrabbit.api.security.authentication.token.TokenCredentials in project jackrabbit-oak by apache.
the class TokenExternalLoginModuleTest method testTokenLogin.
@Test
public void testTokenLogin() throws Exception {
Credentials creds = createTestCredentials();
assertTrue(credentialsSupport.setAttributes(creds, ImmutableMap.<String, Object>of(".token", "")));
String expectedUserId = credentialsSupport.getUserId(creds);
ContentSession cs = login(creds);
try {
String token = credentialsSupport.getAttributes(creds).get(".token").toString();
cs.close();
cs = login(new TokenCredentials(token));
assertEquals(expectedUserId, cs.getAuthInfo().getUserID());
} finally {
cs.close();
}
}
use of org.apache.jackrabbit.api.security.authentication.token.TokenCredentials in project jackrabbit-oak by apache.
the class Jackrabbit2ConfigurationTest method testTokenCreationAndImpersonation.
@Test
public void testTokenCreationAndImpersonation() throws Exception {
ContentSession cs = null;
try {
SimpleCredentials sc = (SimpleCredentials) getAdminCredentials();
sc.setAttribute(".token", "");
ImpersonationCredentials ic = new ImpersonationCredentials(sc, new AuthInfoImpl(((SimpleCredentials) getAdminCredentials()).getUserID(), Collections.<String, Object>emptyMap(), Collections.<Principal>emptySet()));
cs = login(ic);
Object token = sc.getAttribute(".token").toString();
assertNotNull(token);
TokenCredentials tc = new TokenCredentials(token.toString());
cs.close();
cs = login(tc);
} finally {
if (cs != null) {
cs.close();
}
}
}
use of org.apache.jackrabbit.api.security.authentication.token.TokenCredentials in project jackrabbit-oak by apache.
the class Jackrabbit2ConfigurationTest method testTokenCreationAndLogin.
@Test
public void testTokenCreationAndLogin() throws Exception {
ContentSession cs = null;
try {
SimpleCredentials sc = (SimpleCredentials) getAdminCredentials();
sc.setAttribute(".token", "");
cs = login(sc);
Object token = sc.getAttribute(".token").toString();
assertNotNull(token);
TokenCredentials tc = new TokenCredentials(token.toString());
cs.close();
cs = login(tc);
} finally {
if (cs != null) {
cs.close();
}
}
}
Aggregations