Search in sources :

Example 1 with CrestAuthorizationModule

use of org.forgerock.authz.filter.crest.api.CrestAuthorizationModule in project OpenAM by OpenRock.

the class CoreRestGuiceModule method configure.

@Override
protected void configure() {
    install(new FactoryModuleBuilder().implement(SmsRequestHandler.class, SmsRequestHandler.class).build(SmsRequestHandlerFactory.class));
    install(new FactoryModuleBuilder().implement(SmsCollectionProvider.class, SmsCollectionProvider.class).build(SmsCollectionProviderFactory.class));
    install(new FactoryModuleBuilder().implement(SmsSingletonProvider.class, SmsSingletonProvider.class).build(SmsSingletonProviderFactory.class));
    install(new FactoryModuleBuilder().implement(SmsGlobalSingletonProvider.class, SmsGlobalSingletonProvider.class).build(SmsGlobalSingletonProviderFactory.class));
    bind(DebugRecorder.class).to(DefaultDebugRecorder.class);
    MapBinder<RouteMatcher<Request>, Handler> chfEndpointHandlers = newMapBinder(binder(), new TypeLiteral<RouteMatcher<Request>>() {
    }, new TypeLiteral<Handler>() {
    });
    chfEndpointHandlers.addBinding(requestUriMatcher(EQUALS, "authenticate")).to(Key.get(Handler.class, Names.named("AuthenticateHandler")));
    MapBinder<Component, AbstractHttpAccessAuditFilter> httpAccessAuditFilterMapBinder = newMapBinder(binder(), Component.class, AbstractHttpAccessAuditFilter.class);
    httpAccessAuditFilterMapBinder.addBinding(AUTHENTICATION).to(AuthenticationAccessAuditFilter.class);
    Multibinder<UiRolePredicate> userUiRolePredicates = Multibinder.newSetBinder(binder(), UiRolePredicate.class);
    userUiRolePredicates.addBinding().to(SelfServiceUserUiRolePredicate.class);
    userUiRolePredicates.addBinding().to(GlobalAdminUiRolePredicate.class);
    userUiRolePredicates.addBinding().to(RealmAdminUiRolePredicate.class);
    MapBinder<MatchingResourcePath, CrestAuthorizationModule> smsGlobalAuthzModuleBinder = MapBinder.newMapBinder(binder(), MatchingResourcePath.class, CrestAuthorizationModule.class);
    smsGlobalAuthzModuleBinder.addBinding(resourcePath("realms")).to(AnyPrivilegeAuthzModule.class);
    smsGlobalAuthzModuleBinder.addBinding(resourcePath("authentication/modules/*")).to(PrivilegeWriteAndAnyPrivilegeReadOnlyAuthzModule.class);
    smsGlobalAuthzModuleBinder.addBinding(resourcePath("services/scripting")).to(PrivilegeWriteAndAnyPrivilegeReadOnlyAuthzModule.class);
    smsGlobalAuthzModuleBinder.addBinding(resourcePath("services/scripting/contexts")).to(PrivilegeWriteAndAnyPrivilegeReadOnlyAuthzModule.class);
}
Also used : FactoryModuleBuilder(com.google.inject.assistedinject.FactoryModuleBuilder) ConsoleConfigHandler(org.forgerock.openam.sm.config.ConsoleConfigHandler) SmsRequestHandler(org.forgerock.openam.core.rest.sms.SmsRequestHandler) Handler(org.forgerock.http.Handler) CrestAuthorizationModule(org.forgerock.authz.filter.crest.api.CrestAuthorizationModule) SmsGlobalSingletonProviderFactory(org.forgerock.openam.core.rest.sms.SmsGlobalSingletonProviderFactory) SmsRequestHandlerFactory(org.forgerock.openam.core.rest.sms.SmsRequestHandlerFactory) SmsCollectionProviderFactory(org.forgerock.openam.core.rest.sms.SmsCollectionProviderFactory) DebugRecorder(org.forgerock.openam.core.rest.record.DebugRecorder) DefaultDebugRecorder(org.forgerock.openam.core.rest.record.DefaultDebugRecorder) RouteMatcher(org.forgerock.services.routing.RouteMatcher) Component(org.forgerock.openam.audit.AuditConstants.Component) MatchingResourcePath(org.forgerock.openam.forgerockrest.utils.MatchingResourcePath) SmsSingletonProviderFactory(org.forgerock.openam.core.rest.sms.SmsSingletonProviderFactory) AbstractHttpAccessAuditFilter(org.forgerock.openam.audit.AbstractHttpAccessAuditFilter)

Example 2 with CrestAuthorizationModule

use of org.forgerock.authz.filter.crest.api.CrestAuthorizationModule in project OpenAM by OpenRock.

the class SmsRouteTreeLeafTest method setup.

@BeforeClass
public void setup() {
    Router router = new Router();
    Function<String, Boolean> handlesFunction = new Function<String, Boolean>() {

        @Nullable
        @Override
        public Boolean apply(String serviceName) {
            return "SERVICE_NAME".equals(serviceName);
        }
    };
    routeTree = new SmsRouteTreeLeaf(Collections.<MatchingResourcePath, CrestAuthorizationModule>emptyMap(), null, router, handlesFunction, null, resourcePath(""));
}
Also used : Function(org.forgerock.guava.common.base.Function) Router(org.forgerock.json.resource.Router) CrestAuthorizationModule(org.forgerock.authz.filter.crest.api.CrestAuthorizationModule) MatchingResourcePath(org.forgerock.openam.forgerockrest.utils.MatchingResourcePath) BeforeClass(org.testng.annotations.BeforeClass)

Example 3 with CrestAuthorizationModule

use of org.forgerock.authz.filter.crest.api.CrestAuthorizationModule in project OpenAM by OpenRock.

the class CoreRestGuiceModule method getSessionResourceAuthzModule.

@Provides
@Inject
public AnyOfAuthzModule getSessionResourceAuthzModule(SSOTokenManager ssoTokenManager, PrivilegeAuthzModule privilegeAuthzModule, AdminOnlyAuthzModule adminOnlyAuthzModule) {
    SessionResourceAuthzModule sessionResourceAuthzModule = new SessionResourceAuthzModule(ssoTokenManager);
    List<CrestAuthorizationModule> authzList = new ArrayList<>(3);
    authzList.add(adminOnlyAuthzModule);
    authzList.add(privilegeAuthzModule);
    authzList.add(sessionResourceAuthzModule);
    return new AnyOfAuthzModule(authzList);
}
Also used : SessionResourceAuthzModule(org.forgerock.openam.core.rest.session.SessionResourceAuthzModule) ArrayList(java.util.ArrayList) AnyOfAuthzModule(org.forgerock.openam.core.rest.session.AnyOfAuthzModule) CrestAuthorizationModule(org.forgerock.authz.filter.crest.api.CrestAuthorizationModule) Inject(javax.inject.Inject) Provides(com.google.inject.Provides)

Aggregations

CrestAuthorizationModule (org.forgerock.authz.filter.crest.api.CrestAuthorizationModule)3 MatchingResourcePath (org.forgerock.openam.forgerockrest.utils.MatchingResourcePath)2 Provides (com.google.inject.Provides)1 FactoryModuleBuilder (com.google.inject.assistedinject.FactoryModuleBuilder)1 ArrayList (java.util.ArrayList)1 Inject (javax.inject.Inject)1 Function (org.forgerock.guava.common.base.Function)1 Handler (org.forgerock.http.Handler)1 Router (org.forgerock.json.resource.Router)1 AbstractHttpAccessAuditFilter (org.forgerock.openam.audit.AbstractHttpAccessAuditFilter)1 Component (org.forgerock.openam.audit.AuditConstants.Component)1 DebugRecorder (org.forgerock.openam.core.rest.record.DebugRecorder)1 DefaultDebugRecorder (org.forgerock.openam.core.rest.record.DefaultDebugRecorder)1 AnyOfAuthzModule (org.forgerock.openam.core.rest.session.AnyOfAuthzModule)1 SessionResourceAuthzModule (org.forgerock.openam.core.rest.session.SessionResourceAuthzModule)1 SmsCollectionProviderFactory (org.forgerock.openam.core.rest.sms.SmsCollectionProviderFactory)1 SmsGlobalSingletonProviderFactory (org.forgerock.openam.core.rest.sms.SmsGlobalSingletonProviderFactory)1 SmsRequestHandler (org.forgerock.openam.core.rest.sms.SmsRequestHandler)1 SmsRequestHandlerFactory (org.forgerock.openam.core.rest.sms.SmsRequestHandlerFactory)1 SmsSingletonProviderFactory (org.forgerock.openam.core.rest.sms.SmsSingletonProviderFactory)1