Examples with HandlerResult org.codice.ddf.security.handler.api.HandlerResult used on opensource projects

Example 11 with HandlerResult

use of org.codice.ddf.security.handler.api.HandlerResult in project ddf by codice.

the class IdpHandler method handleError.

@Override
public HandlerResult handleError(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain chain) throws ServletException {
    String realm = (String) servletRequest.getAttribute(ContextPolicy.ACTIVE_REALM);
    HandlerResult result = new HandlerResult(HandlerResult.Status.NO_ACTION, null);
    result.setSource(realm + "-" + SOURCE);
    LOGGER.debug("In error handler for idp - no action taken.");
    return result;
}

Example 12 with HandlerResult

use of org.codice.ddf.security.handler.api.HandlerResult in project ddf by codice.

the class BasicAuthenticationHandlerTest method testGetNormalizedTokenNoResolveCompleted.

/**
     * This test case handles the scenario in which the credentials are not to
     * be obtained (i.e. resolve flag is not set) and the UsernameTokenType was
     * successfully created from the HTTP request.
     */
@Test
public void testGetNormalizedTokenNoResolveCompleted() {
    BasicAuthenticationHandler handler = new BasicAuthenticationHandler();
    HttpServletRequest request = mock(HttpServletRequest.class);
    HttpServletResponse response = mock(HttpServletResponse.class);
    FilterChain chain = mock(FilterChain.class);
    when(request.getHeader(HttpHeaders.AUTHORIZATION)).thenReturn("Basic " + Base64.getEncoder().encodeToString(CREDENTIALS.getBytes()));
    HandlerResult result = handler.getNormalizedToken(request, response, chain, false);
    assertNotNull(result);
    assertEquals(HandlerResult.Status.COMPLETED, result.getStatus());
    assertEquals("admin", result.getToken().getPrincipal());
}

Example 13 with HandlerResult

use of org.codice.ddf.security.handler.api.HandlerResult in project ddf by codice.

the class BasicAuthenticationHandlerTest method testGetNormalizedTokenResolveCompleted.

/**
     * This test case handles the scenario in which the credentials should be
     * obtained (i.e. resolve flag is set) and UsernameTokenType was created
     * from the HTTP request.
     */
@Test
public void testGetNormalizedTokenResolveCompleted() {
    BasicAuthenticationHandler handler = new BasicAuthenticationHandler();
    HttpServletRequest request = mock(HttpServletRequest.class);
    HttpServletResponse response = mock(HttpServletResponse.class);
    FilterChain chain = mock(FilterChain.class);
    when(request.getHeader(HttpHeaders.AUTHORIZATION)).thenReturn("Basic " + Base64.getEncoder().encodeToString(CREDENTIALS.getBytes()));
    HandlerResult result = handler.getNormalizedToken(request, response, chain, true);
    assertNotNull(result);
    assertEquals(HandlerResult.Status.COMPLETED, result.getStatus());
    assertEquals("admin", result.getToken().getPrincipal());
}

Example 14 with HandlerResult

use of org.codice.ddf.security.handler.api.HandlerResult in project ddf by codice.

the class BasicAuthenticationHandlerTest method testGetNormalizedTokenNoResolveNoAction.

/**
     * This test case handles the scenario in which the credentials are not to
     * be obtained (i.e. resolve flag is not set) and the UsernameTokenType
     * could not be created with the HTTP request.
     */
@Test
public void testGetNormalizedTokenNoResolveNoAction() {
    BasicAuthenticationHandler handler = new BasicAuthenticationHandler();
    HttpServletRequest request = mock(HttpServletRequest.class);
    HttpServletResponse response = mock(HttpServletResponse.class);
    FilterChain chain = mock(FilterChain.class);
    HandlerResult result = handler.getNormalizedToken(request, response, chain, false);
    assertNotNull(result);
    assertEquals(HandlerResult.Status.NO_ACTION, result.getStatus());
}

Example 15 with HandlerResult

use of org.codice.ddf.security.handler.api.HandlerResult in project ddf by codice.

the class BasicAuthenticationHandlerTest method testGetNormalizedTokenResolveWithCredentials.

/**
     * This test case handles the scenario in which the credentials should be
     * obtained (i.e. resolve flag is set) - both requests without and with the
     * credentials are tested.
     */
@Test
public void testGetNormalizedTokenResolveWithCredentials() throws IOException {
    BasicAuthenticationHandler handler = new BasicAuthenticationHandler();
    HttpServletRequest request = mock(HttpServletRequest.class);
    HttpServletResponse response = mock(HttpServletResponse.class);
    FilterChain chain = mock(FilterChain.class);
    when(request.getAttribute(anyString())).thenReturn("TestRealm");
    when(request.getHeader(HttpHeaders.AUTHORIZATION)).thenReturn("Basic " + Base64.getEncoder().encodeToString(CREDENTIALS.getBytes()));
    HandlerResult result = handler.getNormalizedToken(request, response, chain, true);
    assertNotNull(result);
    assertEquals(HandlerResult.Status.COMPLETED, result.getStatus());
    assertEquals("admin", result.getToken().getPrincipal());
    assertEquals("password", result.getToken().getCredentials());
    assertEquals("TestRealm", result.getToken().getRealm());
    // confirm that no responses were sent through the HttpResponse
    Mockito.verify(response, never()).setHeader(anyString(), anyString());
    Mockito.verify(response, never()).setStatus(anyInt());
    Mockito.verify(response, never()).setContentLength(anyInt());
    Mockito.verify(response, never()).flushBuffer();
}