use of org.apache.nifi.authorization.user.StandardNiFiUser.Builder in project nifi by apache.
the class KnoxAuthenticationProvider method authenticate.
@Override
public Authentication authenticate(Authentication authentication) throws AuthenticationException {
final KnoxAuthenticationRequestToken request = (KnoxAuthenticationRequestToken) authentication;
try {
final String jwtPrincipal = knoxService.getAuthenticationFromToken(request.getToken());
final String mappedIdentity = mapIdentity(jwtPrincipal);
final NiFiUser user = new Builder().identity(mappedIdentity).groups(getUserGroups(mappedIdentity)).clientAddress(request.getClientAddress()).build();
return new NiFiAuthenticationToken(new NiFiUserDetails(user));
} catch (ParseException | JOSEException e) {
logger.info("Unable to validate the access token: " + e.getMessage(), e);
throw new InvalidAuthenticationException("Unable to validate the access token.", e);
}
}
use of org.apache.nifi.authorization.user.StandardNiFiUser.Builder in project nifi by apache.
the class TestRemoteProcessGroupAuditor method setup.
@Before
public void setup() {
final SecurityContext securityContext = SecurityContextHolder.getContext();
final Authentication authentication = mock(Authentication.class);
securityContext.setAuthentication(authentication);
final NiFiUser user = new Builder().identity("user-id").build();
final NiFiUserDetails userDetail = new NiFiUserDetails(user);
when(authentication.getPrincipal()).thenReturn(userDetail);
}
use of org.apache.nifi.authorization.user.StandardNiFiUser.Builder in project nifi by apache.
the class DataAuthorizableTest method testCheckAuthorizationUserChain.
@Test
public void testCheckAuthorizationUserChain() {
final NiFiUser proxy2 = new Builder().identity(PROXY_2).build();
final NiFiUser proxy1 = new Builder().identity(PROXY_1).chain(proxy2).build();
final NiFiUser user = new Builder().identity(IDENTITY_1).chain(proxy1).build();
final AuthorizationResult result = testDataAuthorizable.checkAuthorization(testAuthorizer, RequestAction.READ, user, null);
assertEquals(Result.Approved, result.getResult());
verify(testAuthorizer, times(3)).authorize(any(AuthorizationRequest.class));
verifyAuthorizeForUser(IDENTITY_1);
verifyAuthorizeForUser(PROXY_1);
verifyAuthorizeForUser(PROXY_2);
}
use of org.apache.nifi.authorization.user.StandardNiFiUser.Builder in project nifi by apache.
the class DataAuthorizableTest method testAuthorizeUnauthorizedUser.
@Test(expected = AccessDeniedException.class)
public void testAuthorizeUnauthorizedUser() {
final NiFiUser user = new Builder().identity("unknown").build();
testDataAuthorizable.authorize(testAuthorizer, RequestAction.READ, user, null);
}
use of org.apache.nifi.authorization.user.StandardNiFiUser.Builder in project nifi by apache.
the class DataAuthorizableTest method testCheckAuthorizationUnauthorizedUser.
@Test
public void testCheckAuthorizationUnauthorizedUser() {
final NiFiUser user = new Builder().identity("unknown").build();
final AuthorizationResult result = testDataAuthorizable.checkAuthorization(testAuthorizer, RequestAction.READ, user, null);
assertEquals(Result.Denied, result.getResult());
}
Aggregations