use of org.apache.nifi.authorization.user.NiFiUserDetails in project nifi by apache.
the class KnoxAuthenticationProvider method authenticate.
@Override
public Authentication authenticate(Authentication authentication) throws AuthenticationException {
final KnoxAuthenticationRequestToken request = (KnoxAuthenticationRequestToken) authentication;
try {
final String jwtPrincipal = knoxService.getAuthenticationFromToken(request.getToken());
final String mappedIdentity = mapIdentity(jwtPrincipal);
final NiFiUser user = new Builder().identity(mappedIdentity).groups(getUserGroups(mappedIdentity)).clientAddress(request.getClientAddress()).build();
return new NiFiAuthenticationToken(new NiFiUserDetails(user));
} catch (ParseException | JOSEException e) {
logger.info("Unable to validate the access token: " + e.getMessage(), e);
throw new InvalidAuthenticationException("Unable to validate the access token.", e);
}
}
use of org.apache.nifi.authorization.user.NiFiUserDetails in project nifi by apache.
the class OtpAuthenticationProviderTest method testDownload.
@Test
public void testDownload() throws Exception {
final OtpAuthenticationRequestToken request = new OtpAuthenticationRequestToken(DOWNLOAD_TOKEN, true, null);
final NiFiAuthenticationToken result = (NiFiAuthenticationToken) otpAuthenticationProvider.authenticate(request);
final NiFiUserDetails details = (NiFiUserDetails) result.getPrincipal();
assertEquals(DOWNLOAD_AUTHENTICATED_USER, details.getUsername());
verify(otpService, never()).getAuthenticationFromUiExtensionToken(anyString());
verify(otpService, times(1)).getAuthenticationFromDownloadToken(DOWNLOAD_TOKEN);
}
use of org.apache.nifi.authorization.user.NiFiUserDetails in project nifi by apache.
the class X509AuthenticationProviderTest method testAnonymousProxyInChain.
@Test
public void testAnonymousProxyInChain() {
final NiFiAuthenticationToken auth = (NiFiAuthenticationToken) x509AuthenticationProvider.authenticate(getX509Request(buildProxyChain(IDENTITY_1, ANONYMOUS), PROXY_1));
final NiFiUser user = ((NiFiUserDetails) auth.getDetails()).getNiFiUser();
assertNotNull(user);
assertEquals(IDENTITY_1, user.getIdentity());
assertFalse(user.isAnonymous());
assertNotNull(user.getChain());
assertEquals(StandardNiFiUser.ANONYMOUS_IDENTITY, user.getChain().getIdentity());
assertTrue(user.getChain().isAnonymous());
assertNotNull(user.getChain().getChain());
assertEquals(PROXY_1, user.getChain().getChain().getIdentity());
assertFalse(user.getChain().getChain().isAnonymous());
}
use of org.apache.nifi.authorization.user.NiFiUserDetails in project nifi by apache.
the class X509AuthenticationProviderTest method testAnonymousWithOneProxy.
@Test
public void testAnonymousWithOneProxy() {
final NiFiAuthenticationToken auth = (NiFiAuthenticationToken) x509AuthenticationProvider.authenticate(getX509Request(buildProxyChain(ANONYMOUS), PROXY_1));
final NiFiUser user = ((NiFiUserDetails) auth.getDetails()).getNiFiUser();
assertNotNull(user);
assertEquals(StandardNiFiUser.ANONYMOUS_IDENTITY, user.getIdentity());
assertTrue(user.isAnonymous());
assertNotNull(user.getChain());
assertEquals(PROXY_1, user.getChain().getIdentity());
assertFalse(user.getChain().isAnonymous());
}
use of org.apache.nifi.authorization.user.NiFiUserDetails in project nifi by apache.
the class TestRemoteProcessGroupAuditor method setup.
@Before
public void setup() {
final SecurityContext securityContext = SecurityContextHolder.getContext();
final Authentication authentication = mock(Authentication.class);
securityContext.setAuthentication(authentication);
final NiFiUser user = new Builder().identity("user-id").build();
final NiFiUserDetails userDetail = new NiFiUserDetails(user);
when(authentication.getPrincipal()).thenReturn(userDetail);
}
Aggregations