Examples with AuthorizationResult org.forgerock.authz.filter.api.AuthorizationResult used on opensource projects

Search in sources :

Example 16 with AuthorizationResult

use of org.forgerock.authz.filter.api.AuthorizationResult in project OpenAM by OpenRock.

the class SpecialOrAdminOrAgentAuthzModuleTest method shouldFailNonAgentNonSuperUser.

@Test
public void shouldFailNonAgentNonSuperUser() throws Exception {
    //given
    SSOTokenContext mockSSOTokenContext = mock(SSOTokenContext.class);
    SSOToken mockSSOToken = mock(SSOToken.class);
    Principal principal = mock(Principal.class);
    given(mockSSOToken.getPrincipal()).willReturn(principal);
    given(mockSSOTokenContext.getCallerSSOToken()).willReturn(mockSSOToken);
    given(mockSSOToken.getProperty(Constants.UNIVERSAL_IDENTIFIER)).willReturn("test");
    given(mockAgentIdentity.isAgent(mockSSOToken)).willReturn(false);
    given(mockSpecialUserIdentity.isSpecialUser(mockSSOToken)).willReturn(false);
    given(mockService.isSuperUser("test")).willReturn(false);
    //when
    Promise<AuthorizationResult, ResourceException> result = testModule.authorize(mockSSOTokenContext);
    //then
    assertFalse(result.get().isAuthorized());
}
Also used : SSOToken(com.iplanet.sso.SSOToken) SSOTokenContext(org.forgerock.openam.rest.resource.SSOTokenContext) ResourceException(org.forgerock.json.resource.ResourceException) AuthorizationResult(org.forgerock.authz.filter.api.AuthorizationResult) Principal(java.security.Principal) Test(org.testng.annotations.Test) BeforeTest(org.testng.annotations.BeforeTest)

Example 17 with AuthorizationResult

use of org.forgerock.authz.filter.api.AuthorizationResult in project OpenAM by OpenRock.

the class CoreTokenResourceAuthzModuleTest method shouldAuthorizeAccessToSuperUserIfResourceEnabled.

@Test
public void shouldAuthorizeAccessToSuperUserIfResourceEnabled() throws Exception {
    //given
    CoreTokenResourceAuthzModule testModule = new CoreTokenResourceAuthzModule(mockConfig, mockDebug, true);
    SSOTokenContext mockSSOTokenContext = mock(SSOTokenContext.class);
    SSOToken mockSSOToken = mock(SSOToken.class);
    given(mockSSOTokenContext.getCallerSSOToken()).willReturn(mockSSOToken);
    given(mockSSOToken.getProperty(Constants.UNIVERSAL_IDENTIFIER)).willReturn("test");
    given(mockService.isSuperUser("test")).willReturn(true);
    //when
    Promise<AuthorizationResult, ResourceException> result = testModule.authorize(mockSSOTokenContext);
    //then
    assertTrue(result.get().isAuthorized());
}
Also used : SSOToken(com.iplanet.sso.SSOToken) SSOTokenContext(org.forgerock.openam.rest.resource.SSOTokenContext) ResourceException(org.forgerock.json.resource.ResourceException) AuthorizationResult(org.forgerock.authz.filter.api.AuthorizationResult) Test(org.testng.annotations.Test) BeforeTest(org.testng.annotations.BeforeTest)

Example 18 with AuthorizationResult

use of org.forgerock.authz.filter.api.AuthorizationResult in project OpenAM by OpenRock.

the class CoreTokenResourceAuthzModuleTest method shouldBlockAllAccessIfResourceEnabledButNonSuperUser.

@Test
public void shouldBlockAllAccessIfResourceEnabledButNonSuperUser() throws Exception {
    //given
    CoreTokenResourceAuthzModule testModule = new CoreTokenResourceAuthzModule(mockConfig, mockDebug, true);
    SSOTokenContext mockSSOTokenContext = mock(SSOTokenContext.class);
    SSOToken mockSSOToken = mock(SSOToken.class);
    given(mockSSOTokenContext.getCallerSSOToken()).willReturn(mockSSOToken);
    given(mockSSOToken.getProperty(Constants.UNIVERSAL_IDENTIFIER)).willReturn("test");
    given(mockService.isSuperUser("test")).willReturn(false);
    //when
    Promise<AuthorizationResult, ResourceException> result = testModule.authorize(mockSSOTokenContext);
    //then
    assertFalse(result.get().isAuthorized());
}
Also used : SSOToken(com.iplanet.sso.SSOToken) SSOTokenContext(org.forgerock.openam.rest.resource.SSOTokenContext) ResourceException(org.forgerock.json.resource.ResourceException) AuthorizationResult(org.forgerock.authz.filter.api.AuthorizationResult) Test(org.testng.annotations.Test) BeforeTest(org.testng.annotations.BeforeTest)

Example 19 with AuthorizationResult

use of org.forgerock.authz.filter.api.AuthorizationResult in project OpenAM by OpenRock.

the class SessionResourceAuthzModuleTest method shouldDeferAllOthers.

@Test
public void shouldDeferAllOthers() {
    //given
    RootContext rootContext = new RootContext();
    ActionRequest mockRequest = mock(ActionRequest.class);
    given(mockRequest.getAction()).willReturn("something else");
    //when
    Promise<AuthorizationResult, ResourceException> promise = testModule.authorizeAction(rootContext, mockRequest);
    //then
    assertThat(promise).failedWithException().isExactlyInstanceOf(ForbiddenException.class);
}
Also used : RootContext(org.forgerock.services.context.RootContext) ActionRequest(org.forgerock.json.resource.ActionRequest) ResourceException(org.forgerock.json.resource.ResourceException) AuthorizationResult(org.forgerock.authz.filter.api.AuthorizationResult) Test(org.testng.annotations.Test) BeforeTest(org.testng.annotations.BeforeTest)

Example 20 with AuthorizationResult

use of org.forgerock.authz.filter.api.AuthorizationResult in project OpenAM by OpenRock.

the class SessionResourceAuthzModuleTest method shouldAllowValidateAction.

@Test
public void shouldAllowValidateAction() throws ExecutionException, InterruptedException {
    //given
    Context mockContext = mock(Context.class);
    ActionRequest mockRequest = mock(ActionRequest.class);
    given(mockRequest.getAction()).willReturn("validate");
    //when
    Promise<AuthorizationResult, ResourceException> result = testModule.authorizeAction(mockContext, mockRequest);
    //then
    assertTrue(result.get().isAuthorized());
}
Also used : Context(org.forgerock.services.context.Context) RootContext(org.forgerock.services.context.RootContext) ActionRequest(org.forgerock.json.resource.ActionRequest) ResourceException(org.forgerock.json.resource.ResourceException) AuthorizationResult(org.forgerock.authz.filter.api.AuthorizationResult) Test(org.testng.annotations.Test) BeforeTest(org.testng.annotations.BeforeTest)

Aggregations

AuthorizationResult (org.forgerock.authz.filter.api.AuthorizationResult)20 ResourceException (org.forgerock.json.resource.ResourceException)20 Test (org.testng.annotations.Test)20 BeforeTest (org.testng.annotations.BeforeTest)17 SSOTokenContext (org.forgerock.openam.rest.resource.SSOTokenContext)12 SSOToken (com.iplanet.sso.SSOToken)10 ActionRequest (org.forgerock.json.resource.ActionRequest)6 Context (org.forgerock.services.context.Context)6 Principal (java.security.Principal)5 SSOException (com.iplanet.sso.SSOException)3 ReadRequest (org.forgerock.json.resource.ReadRequest)3 RequestHandler (org.forgerock.json.resource.RequestHandler)3 RootContext (org.forgerock.services.context.RootContext)3 ResourceResponse (org.forgerock.json.resource.ResourceResponse)2 SmsRouteTree (org.forgerock.openam.core.rest.sms.SmsRouteTree)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial