Example 1 with OidcHandlerConfiguration
use of org.codice.ddf.security.handler.api.OidcHandlerConfiguration in project ddf by codice.
the class OidcLogoutActionProviderTest method setup.
@Before
public void setup() {
oidcLogoutActionBuilder = mock(OidcLogoutActionBuilder.class);
OidcHandlerConfiguration handlerConfiguration = mock(OidcHandlerConfiguration.class);
when(handlerConfiguration.getOidcLogoutActionBuilder()).thenReturn(oidcLogoutActionBuilder);
oidcLogoutActionProvider = new OidcLogoutActionProvider(handlerConfiguration);
oidcLogoutActionProvider.setSubjectOperations(new SubjectUtils());
request = mock(HttpServletRequest.class);
response = mock(HttpServletResponse.class);
subject = mock(Subject.class);
HttpSession session = mock(HttpSession.class);
PrincipalHolder principalHolderMock = mock(PrincipalHolder.class);
SimplePrincipalCollection principalCollection = new SimplePrincipalCollection();
SecurityAssertion securityAssertion = mock(SecurityAssertion.class);
OidcProfile profile = mock(OidcProfile.class);
when(securityAssertion.getToken()).thenReturn(profile);
when(securityAssertion.getTokenType()).thenReturn(SecurityAssertionJwt.JWT_TOKEN_TYPE);
when(subject.getPrincipals()).thenReturn(principalCollection);
when(principalHolderMock.getPrincipals()).thenReturn(principalCollection);
principalCollection.add(securityAssertion, "oidc");
when(session.getAttribute(SecurityConstants.SECURITY_TOKEN_KEY)).thenReturn(principalHolderMock);
when(request.getSession(false)).thenReturn(session);
}
Also used :
HttpServletRequest(javax.servlet.http.HttpServletRequest)
OidcHandlerConfiguration(org.codice.ddf.security.handler.api.OidcHandlerConfiguration)
SubjectUtils(ddf.security.service.impl.SubjectUtils)
OidcLogoutActionBuilder(org.pac4j.oidc.logout.OidcLogoutActionBuilder)
HttpSession(javax.servlet.http.HttpSession)
HttpServletResponse(javax.servlet.http.HttpServletResponse)
SimplePrincipalCollection(org.apache.shiro.subject.SimplePrincipalCollection)
OidcProfile(org.pac4j.oidc.profile.OidcProfile)
SecurityAssertion(ddf.security.assertion.SecurityAssertion)
PrincipalHolder(ddf.security.common.PrincipalHolder)
Subject(ddf.security.Subject)
Before(org.junit.Before)
Example 2 with OidcHandlerConfiguration
use of org.codice.ddf.security.handler.api.OidcHandlerConfiguration in project ddf by codice.
the class OidcRealmTest method setup.
@Before
public void setup() throws Exception {
realm = new OidcRealm();
// Generate the RSA key pair
KeyPairGenerator gen = KeyPairGenerator.getInstance("RSA");
gen.initialize(2048);
KeyPair keyPair = gen.generateKeyPair();
RSAPrivateKey privateKey = (RSAPrivateKey) keyPair.getPrivate();
RSAPublicKey publicKey = (RSAPublicKey) keyPair.getPublic();
validAlgorithm = Algorithm.RSA256(publicKey, privateKey);
invalidAlgorithm = Algorithm.HMAC256("WRONG");
JWK sigJwk = new RSAKey.Builder(publicKey).privateKey(privateKey).keyUse(KeyUse.SIGNATURE).keyID(UUID.randomUUID().toString()).build();
String jwk = "{\"keys\": [" + sigJwk.toPublicJWK().toJSONString() + "] }";
OIDCProviderMetadata oidcProviderMetadata = mock(OIDCProviderMetadata.class);
when(oidcProviderMetadata.getIDTokenJWSAlgs()).thenReturn(ImmutableList.of(JWSAlgorithm.RS256));
when(oidcProviderMetadata.getIssuer()).thenReturn(new Issuer("http://localhost:8080/auth/realms/master"));
when(oidcProviderMetadata.getJWKSetURI()).thenReturn(new URI("http://localhost:8080/auth/realms/master/protocol/openid-connect/certs"));
ResourceRetriever resourceRetriever = mock(ResourceRetriever.class);
Resource resource = new Resource(jwk, APPLICATION_JSON);
when(resourceRetriever.retrieveResource(any())).thenReturn(resource);
OidcConfiguration configuration = mock(OidcConfiguration.class);
when(configuration.getClientId()).thenReturn("ddf-client");
when(configuration.getSecret()).thenReturn("secret");
when(configuration.isUseNonce()).thenReturn(true);
when(configuration.getResponseType()).thenReturn("code");
when(configuration.findProviderMetadata()).thenReturn(oidcProviderMetadata);
when(configuration.findResourceRetriever()).thenReturn(resourceRetriever);
OidcHandlerConfiguration handlerConfiguration = mock(OidcHandlerConfiguration.class);
when(handlerConfiguration.getOidcConfiguration()).thenReturn(configuration);
when(handlerConfiguration.getOidcClient(any())).thenReturn(mock(OidcClient.class));
realm.setOidcHandlerConfiguration(handlerConfiguration);
realm.setUsernameAttributeList(Collections.singletonList("preferred_username"));
JWT jwt = mock(JWT.class);
AccessToken accessToken = new BearerAccessToken(getAccessTokenBuilder().sign(validAlgorithm));
AuthorizationCode authorizationCode = new AuthorizationCode();
WebContext webContext = getWebContext();
oidcCredentials = mock(OidcCredentials.class);
when(oidcCredentials.getIdToken()).thenReturn(jwt);
when(oidcCredentials.getIdToken()).thenReturn(jwt);
when(oidcCredentials.getAccessToken()).thenReturn(accessToken);
when(oidcCredentials.getCode()).thenReturn(authorizationCode);
authenticationToken = mock(OidcAuthenticationToken.class);
when(authenticationToken.getCredentials()).thenReturn(oidcCredentials);
when(authenticationToken.getContext()).thenReturn(webContext);
}
Also used :
OidcHandlerConfiguration(org.codice.ddf.security.handler.api.OidcHandlerConfiguration)
AuthorizationCode(com.nimbusds.oauth2.sdk.AuthorizationCode)
KeyPair(java.security.KeyPair)
WebContext(org.pac4j.core.context.WebContext)
Issuer(com.nimbusds.oauth2.sdk.id.Issuer)
ResourceRetriever(com.nimbusds.jose.util.ResourceRetriever)
JWT(com.nimbusds.jwt.JWT)
SignedJWT(com.nimbusds.jwt.SignedJWT)
Resource(com.nimbusds.jose.util.Resource)
OidcAuthenticationToken(org.codice.ddf.security.handler.OidcAuthenticationToken)
KeyPairGenerator(java.security.KeyPairGenerator)
URI(java.net.URI)
OidcConfiguration(org.pac4j.oidc.config.OidcConfiguration)
OidcCredentials(org.pac4j.oidc.credentials.OidcCredentials)
RSAPublicKey(java.security.interfaces.RSAPublicKey)
OidcClient(org.pac4j.oidc.client.OidcClient)
AccessToken(com.nimbusds.oauth2.sdk.token.AccessToken)
BearerAccessToken(com.nimbusds.oauth2.sdk.token.BearerAccessToken)
OIDCProviderMetadata(com.nimbusds.openid.connect.sdk.op.OIDCProviderMetadata)
BearerAccessToken(com.nimbusds.oauth2.sdk.token.BearerAccessToken)
RSAPrivateKey(java.security.interfaces.RSAPrivateKey)
JWK(com.nimbusds.jose.jwk.JWK)
Before(org.junit.Before)
Aggregations
OidcHandlerConfiguration (org.codice.ddf.security.handler.api.OidcHandlerConfiguration)2
Before (org.junit.Before)2
JWK (com.nimbusds.jose.jwk.JWK)1
Resource (com.nimbusds.jose.util.Resource)1
ResourceRetriever (com.nimbusds.jose.util.ResourceRetriever)1
JWT (com.nimbusds.jwt.JWT)1
SignedJWT (com.nimbusds.jwt.SignedJWT)1
AuthorizationCode (com.nimbusds.oauth2.sdk.AuthorizationCode)1
Issuer (com.nimbusds.oauth2.sdk.id.Issuer)1
AccessToken (com.nimbusds.oauth2.sdk.token.AccessToken)1
BearerAccessToken (com.nimbusds.oauth2.sdk.token.BearerAccessToken)1
OIDCProviderMetadata (com.nimbusds.openid.connect.sdk.op.OIDCProviderMetadata)1
Subject (ddf.security.Subject)1
SecurityAssertion (ddf.security.assertion.SecurityAssertion)1
PrincipalHolder (ddf.security.common.PrincipalHolder)1
SubjectUtils (ddf.security.service.impl.SubjectUtils)1
URI (java.net.URI)1
KeyPair (java.security.KeyPair)1
KeyPairGenerator (java.security.KeyPairGenerator)1
RSAPrivateKey (java.security.interfaces.RSAPrivateKey)1
