Example 41 with TokenInfo
use of org.apache.jackrabbit.oak.spi.security.authentication.token.TokenInfo in project jackrabbit-oak by apache.
the class TokenProviderImplTest method testTokenNode.
@Test
public void testTokenNode() throws Exception {
Map<String, String> reserved = new HashMap<String, String>();
reserved.put(TOKEN_ATTRIBUTE, "value");
reserved.put(TOKEN_ATTRIBUTE_KEY, "value");
reserved.put(TOKEN_ATTRIBUTE_EXPIRY, "value");
Map<String, String> privateAttributes = new HashMap<String, String>();
privateAttributes.put(".token_exp", "value");
privateAttributes.put(".tokenTest", "value");
privateAttributes.put(".token_something", "value");
Map<String, String> publicAttributes = new HashMap<String, String>();
publicAttributes.put("any", "value");
publicAttributes.put("another", "value");
Map<String, String> attributes = new HashMap<String, String>();
attributes.putAll(reserved);
attributes.putAll(publicAttributes);
attributes.putAll(privateAttributes);
TokenInfo info = tokenProvider.createToken(userId, attributes);
Tree tokenTree = getTokenTree(info);
PropertyState prop = tokenTree.getProperty(TOKEN_ATTRIBUTE_KEY);
assertNotNull(prop);
assertEquals(Type.STRING, prop.getType());
prop = tokenTree.getProperty(TOKEN_ATTRIBUTE_EXPIRY);
assertNotNull(prop);
assertEquals(Type.DATE, prop.getType());
for (String key : reserved.keySet()) {
PropertyState p = tokenTree.getProperty(key);
if (p != null) {
assertFalse(reserved.get(key).equals(p.getValue(Type.STRING)));
}
}
for (String key : privateAttributes.keySet()) {
assertEquals(privateAttributes.get(key), tokenTree.getProperty(key).getValue(Type.STRING));
}
for (String key : publicAttributes.keySet()) {
assertEquals(publicAttributes.get(key), tokenTree.getProperty(key).getValue(Type.STRING));
}
}
Also used :
HashMap(java.util.HashMap)
Tree(org.apache.jackrabbit.oak.api.Tree)
TokenInfo(org.apache.jackrabbit.oak.spi.security.authentication.token.TokenInfo)
PropertyState(org.apache.jackrabbit.oak.api.PropertyState)
Test(org.junit.Test)
Example 42 with TokenInfo
use of org.apache.jackrabbit.oak.spi.security.authentication.token.TokenInfo in project jackrabbit-oak by apache.
the class TokenLoginModuleTest method testValidTokenCredentials.
@Test
public void testValidTokenCredentials() throws Exception {
Root root = adminSession.getLatestRoot();
TokenConfiguration tokenConfig = getSecurityProvider().getConfiguration(TokenConfiguration.class);
TokenProvider tp = tokenConfig.getTokenProvider(root);
SimpleCredentials sc = (SimpleCredentials) getAdminCredentials();
TokenInfo info = tp.createToken(sc.getUserID(), Collections.<String, Object>emptyMap());
ContentSession cs = login(new TokenCredentials(info.getToken()));
try {
assertEquals(sc.getUserID(), cs.getAuthInfo().getUserID());
} finally {
cs.close();
}
}
Also used :
TokenConfiguration(org.apache.jackrabbit.oak.spi.security.authentication.token.TokenConfiguration)
TokenProvider(org.apache.jackrabbit.oak.spi.security.authentication.token.TokenProvider)
SimpleCredentials(javax.jcr.SimpleCredentials)
Root(org.apache.jackrabbit.oak.api.Root)
ContentSession(org.apache.jackrabbit.oak.api.ContentSession)
TokenInfo(org.apache.jackrabbit.oak.spi.security.authentication.token.TokenInfo)
TokenCredentials(org.apache.jackrabbit.api.security.authentication.token.TokenCredentials)
AbstractSecurityTest(org.apache.jackrabbit.oak.AbstractSecurityTest)
Test(org.junit.Test)
Example 43 with TokenInfo
use of org.apache.jackrabbit.oak.spi.security.authentication.token.TokenInfo in project jackrabbit-oak by apache.
the class TokenProviderImplTest method testCreateTokenFromUserId.
@Test
public void testCreateTokenFromUserId() throws Exception {
TokenInfo info = tokenProvider.createToken(userId, Collections.<String, Object>emptyMap());
assertTokenInfo(info, userId);
}Example 44 with TokenInfo
use of org.apache.jackrabbit.oak.spi.security.authentication.token.TokenInfo in project jackrabbit-oak by apache.
the class TokenProviderImplTest method testTokenValidationIsCaseInsensitive.
/**
* @see <a href="https://issues.apache.org/jira/browse/OAK-1985">OAK-1985</a>
*/
@Test
public void testTokenValidationIsCaseInsensitive() throws Exception {
Root root = adminSession.getLatestRoot();
TokenConfiguration tokenConfig = getSecurityProvider().getConfiguration(TokenConfiguration.class);
TokenProvider tp = tokenConfig.getTokenProvider(root);
String userId = ((SimpleCredentials) getAdminCredentials()).getUserID();
TokenInfo info = tp.createToken(userId.toUpperCase(), Collections.<String, Object>emptyMap());
assertTrue(info.matches(new TokenCredentials(info.getToken())));
assertEquals(userId, info.getUserId());
info = tp.getTokenInfo(info.getToken());
assertTrue(info.matches(new TokenCredentials(info.getToken())));
assertEquals(userId, info.getUserId());
}
Also used :
TokenConfiguration(org.apache.jackrabbit.oak.spi.security.authentication.token.TokenConfiguration)
TokenProvider(org.apache.jackrabbit.oak.spi.security.authentication.token.TokenProvider)
SimpleCredentials(javax.jcr.SimpleCredentials)
Root(org.apache.jackrabbit.oak.api.Root)
TokenInfo(org.apache.jackrabbit.oak.spi.security.authentication.token.TokenInfo)
TokenCredentials(org.apache.jackrabbit.api.security.authentication.token.TokenCredentials)
Test(org.junit.Test)
Example 45 with TokenInfo
use of org.apache.jackrabbit.oak.spi.security.authentication.token.TokenInfo in project jackrabbit-oak by apache.
the class TokenProviderImplTest method testGetTokenInfoFromInvalidLocation3.
@Test
public void testGetTokenInfoFromInvalidLocation3() throws Exception {
TokenInfo info = tokenProvider.createToken(userId, Collections.<String, Object>emptyMap());
Tree tokenTree = getTokenTree(info);
assertNotNull(tokenProvider.getTokenInfo(info.getToken()));
Tree userTree = root.getTree(getUserManager(root).getAuthorizable(userId).getPath());
NodeUtil node = new NodeUtil(userTree.getChild(TOKENS_NODE_NAME));
try {
createTokenTree(info, node, JcrConstants.NT_UNSTRUCTURED);
tokenTree.remove();
assertNull(tokenProvider.getTokenInfo(info.getToken()));
} finally {
root.refresh();
}
}Aggregations
TokenInfo (org.apache.jackrabbit.oak.spi.security.authentication.token.TokenInfo)51
Test (org.junit.Test)47
Tree (org.apache.jackrabbit.oak.api.Tree)15
TokenCredentials (org.apache.jackrabbit.api.security.authentication.token.TokenCredentials)14
NodeUtil (org.apache.jackrabbit.oak.util.NodeUtil)13
CommitFailedException (org.apache.jackrabbit.oak.api.CommitFailedException)10
AbstractSecurityTest (org.apache.jackrabbit.oak.AbstractSecurityTest)8
Date (java.util.Date)7
SimpleCredentials (javax.jcr.SimpleCredentials)5
Root (org.apache.jackrabbit.oak.api.Root)4
TokenProvider (org.apache.jackrabbit.oak.spi.security.authentication.token.TokenProvider)4
HashMap (java.util.HashMap)3
Credentials (javax.jcr.Credentials)3
LoginException (javax.security.auth.login.LoginException)3
TokenConfiguration (org.apache.jackrabbit.oak.spi.security.authentication.token.TokenConfiguration)3
ArrayList (java.util.ArrayList)2
ContentSession (org.apache.jackrabbit.oak.api.ContentSession)2
ImpersonationCredentials (org.apache.jackrabbit.oak.spi.security.authentication.ImpersonationCredentials)2
UnsupportedEncodingException (java.io.UnsupportedEncodingException)1
NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)1
