Search in sources :

Example 21 with AuthenticationResult

use of org.apache.qpid.server.security.auth.AuthenticationResult in project qpid-broker-j by apache.

the class OAuth2AuthenticationProviderImplTest method testAuthenticateViaSasl.

public void testAuthenticateViaSasl() throws Exception {
    _server.setEndpoints(Collections.singletonMap(TEST_IDENTITY_RESOLVER_ENDPOINT_PATH, createMockIdentityResolverEndpoint()));
    final SaslNegotiator negotiator = _authProvider.createSaslNegotiator(OAuth2Negotiator.MECHANISM, null, null);
    AuthenticationResult authenticationResult = negotiator.handleResponse(("auth=Bearer " + TEST_VALID_ACCESS_TOKEN + "\1\1").getBytes(UTF8));
    assertSuccess(authenticationResult);
}
Also used : SaslNegotiator(org.apache.qpid.server.security.auth.sasl.SaslNegotiator) AuthenticationResult(org.apache.qpid.server.security.auth.AuthenticationResult)

Example 22 with AuthenticationResult

use of org.apache.qpid.server.security.auth.AuthenticationResult in project qpid-broker-j by apache.

the class AnonymousNegotiatorTest method testHandleResponse.

public void testHandleResponse() throws Exception {
    final AuthenticationResult result = mock(AuthenticationResult.class);
    AnonymousNegotiator negotiator = new AnonymousNegotiator(result);
    assertEquals("Unexpected result", result, negotiator.handleResponse(new byte[0]));
    AuthenticationResult secondResult = negotiator.handleResponse(new byte[0]);
    assertEquals("Only first call to handleResponse should be successful", AuthenticationResult.AuthenticationStatus.ERROR, secondResult.getStatus());
}
Also used : AuthenticationResult(org.apache.qpid.server.security.auth.AuthenticationResult)

Example 23 with AuthenticationResult

use of org.apache.qpid.server.security.auth.AuthenticationResult in project qpid-broker-j by apache.

the class CramMd5NegotiatorTest method doHandleResponseWithInvalidPassword.

private void doHandleResponseWithInvalidPassword(final String mechanism) throws Exception {
    AuthenticationResult firstResult = _negotiator.handleResponse(new byte[0]);
    assertEquals("Unexpected first result status", AuthenticationResult.AuthenticationStatus.CONTINUE, firstResult.getStatus());
    assertNotNull("Unexpected first result challenge", firstResult.getChallenge());
    byte[] responseBytes = SaslUtil.generateCramMD5ClientResponse(mechanism, VALID_USERNAME, INVALID_USERPASSWORD, firstResult.getChallenge());
    AuthenticationResult secondResult = _negotiator.handleResponse(responseBytes);
    assertEquals("Unexpected second result status", AuthenticationResult.AuthenticationStatus.ERROR, secondResult.getStatus());
    assertNull("Unexpected second result challenge", secondResult.getChallenge());
    assertNull("Unexpected second result main principal", secondResult.getMainPrincipal());
    verify(_passwordSource).getPassword(eq(VALID_USERNAME));
    AuthenticationResult thirdResult = _negotiator.handleResponse(new byte[0]);
    assertEquals("Unexpected third result status", AuthenticationResult.AuthenticationStatus.ERROR, thirdResult.getStatus());
}
Also used : AuthenticationResult(org.apache.qpid.server.security.auth.AuthenticationResult)

Example 24 with AuthenticationResult

use of org.apache.qpid.server.security.auth.AuthenticationResult in project qpid-broker-j by apache.

the class ExternalNegotiatorTest method testHandleResponseUseFullDNValidExternalPrincipal.

public void testHandleResponseUseFullDNValidExternalPrincipal() throws Exception {
    ExternalAuthenticationManager<?> externalAuthenticationManager = mock(ExternalAuthenticationManager.class);
    when(externalAuthenticationManager.getUseFullDN()).thenReturn(true);
    X500Principal externalPrincipal = new X500Principal(VALID_USER_DN);
    ExternalNegotiator negotiator = new ExternalNegotiator(externalAuthenticationManager, externalPrincipal);
    AuthenticationResult firstResult = negotiator.handleResponse(new byte[0]);
    assertEquals("Unexpected first result status", AuthenticationResult.AuthenticationStatus.SUCCESS, firstResult.getStatus());
    String principalName = firstResult.getMainPrincipal().getName();
    assertTrue(String.format("Unexpected first result principal '%s'", principalName), VALID_USER_DN.equalsIgnoreCase(principalName));
    AuthenticationResult secondResult = negotiator.handleResponse(new byte[0]);
    assertEquals("Unexpected second result status", AuthenticationResult.AuthenticationStatus.ERROR, secondResult.getStatus());
}
Also used : X500Principal(javax.security.auth.x500.X500Principal) AuthenticationResult(org.apache.qpid.server.security.auth.AuthenticationResult)

Example 25 with AuthenticationResult

use of org.apache.qpid.server.security.auth.AuthenticationResult in project qpid-broker-j by apache.

the class OAuth2NegotiatorTest method testHandleResponse_ResponseAuthMalformed.

public void testHandleResponse_ResponseAuthMalformed() throws Exception {
    AuthenticationResult actualResult = _negotiator.handleResponse(RESPONSE_WITH_MALFORMED_AUTH);
    assertEquals("Unexpected result status", AuthenticationResult.AuthenticationStatus.ERROR, actualResult.getStatus());
    assertNull("Unexpected result principal", actualResult.getMainPrincipal());
}
Also used : AuthenticationResult(org.apache.qpid.server.security.auth.AuthenticationResult)

Aggregations

AuthenticationResult (org.apache.qpid.server.security.auth.AuthenticationResult)78 UsernamePrincipal (org.apache.qpid.server.security.auth.UsernamePrincipal)13 SaslNegotiator (org.apache.qpid.server.security.auth.sasl.SaslNegotiator)13 X500Principal (javax.security.auth.x500.X500Principal)12 SubjectAuthenticationResult (org.apache.qpid.server.security.auth.SubjectAuthenticationResult)9 HashMap (java.util.HashMap)6 SubjectCreator (org.apache.qpid.server.security.SubjectCreator)6 Subject (javax.security.auth.Subject)5 IOException (java.io.IOException)4 OAuth2AuthenticationProvider (org.apache.qpid.server.security.auth.manager.oauth2.OAuth2AuthenticationProvider)4 InetSocketAddress (java.net.InetSocketAddress)3 URISyntaxException (java.net.URISyntaxException)3 Principal (java.security.Principal)3 Broker (org.apache.qpid.server.model.Broker)3 NamedAddressSpace (org.apache.qpid.server.model.NamedAddressSpace)3 AuthenticatedPrincipal (org.apache.qpid.server.security.auth.AuthenticatedPrincipal)3 URI (java.net.URI)2 AccessControlException (java.security.AccessControlException)2 EventLogger (org.apache.qpid.server.logging.EventLogger)2 User (org.apache.qpid.server.model.User)2