Example 1 with CrestAuthorizationModule
use of org.forgerock.authz.filter.crest.api.CrestAuthorizationModule in project OpenAM by OpenRock.
the class CoreRestGuiceModule method configure.
@Override
protected void configure() {
install(new FactoryModuleBuilder().implement(SmsRequestHandler.class, SmsRequestHandler.class).build(SmsRequestHandlerFactory.class));
install(new FactoryModuleBuilder().implement(SmsCollectionProvider.class, SmsCollectionProvider.class).build(SmsCollectionProviderFactory.class));
install(new FactoryModuleBuilder().implement(SmsSingletonProvider.class, SmsSingletonProvider.class).build(SmsSingletonProviderFactory.class));
install(new FactoryModuleBuilder().implement(SmsGlobalSingletonProvider.class, SmsGlobalSingletonProvider.class).build(SmsGlobalSingletonProviderFactory.class));
bind(DebugRecorder.class).to(DefaultDebugRecorder.class);
MapBinder<RouteMatcher<Request>, Handler> chfEndpointHandlers = newMapBinder(binder(), new TypeLiteral<RouteMatcher<Request>>() {
}, new TypeLiteral<Handler>() {
});
chfEndpointHandlers.addBinding(requestUriMatcher(EQUALS, "authenticate")).to(Key.get(Handler.class, Names.named("AuthenticateHandler")));
MapBinder<Component, AbstractHttpAccessAuditFilter> httpAccessAuditFilterMapBinder = newMapBinder(binder(), Component.class, AbstractHttpAccessAuditFilter.class);
httpAccessAuditFilterMapBinder.addBinding(AUTHENTICATION).to(AuthenticationAccessAuditFilter.class);
Multibinder<UiRolePredicate> userUiRolePredicates = Multibinder.newSetBinder(binder(), UiRolePredicate.class);
userUiRolePredicates.addBinding().to(SelfServiceUserUiRolePredicate.class);
userUiRolePredicates.addBinding().to(GlobalAdminUiRolePredicate.class);
userUiRolePredicates.addBinding().to(RealmAdminUiRolePredicate.class);
MapBinder<MatchingResourcePath, CrestAuthorizationModule> smsGlobalAuthzModuleBinder = MapBinder.newMapBinder(binder(), MatchingResourcePath.class, CrestAuthorizationModule.class);
smsGlobalAuthzModuleBinder.addBinding(resourcePath("realms")).to(AnyPrivilegeAuthzModule.class);
smsGlobalAuthzModuleBinder.addBinding(resourcePath("authentication/modules/*")).to(PrivilegeWriteAndAnyPrivilegeReadOnlyAuthzModule.class);
smsGlobalAuthzModuleBinder.addBinding(resourcePath("services/scripting")).to(PrivilegeWriteAndAnyPrivilegeReadOnlyAuthzModule.class);
smsGlobalAuthzModuleBinder.addBinding(resourcePath("services/scripting/contexts")).to(PrivilegeWriteAndAnyPrivilegeReadOnlyAuthzModule.class);
}
Also used :
FactoryModuleBuilder(com.google.inject.assistedinject.FactoryModuleBuilder)
ConsoleConfigHandler(org.forgerock.openam.sm.config.ConsoleConfigHandler)
SmsRequestHandler(org.forgerock.openam.core.rest.sms.SmsRequestHandler)
Handler(org.forgerock.http.Handler)
CrestAuthorizationModule(org.forgerock.authz.filter.crest.api.CrestAuthorizationModule)
SmsGlobalSingletonProviderFactory(org.forgerock.openam.core.rest.sms.SmsGlobalSingletonProviderFactory)
SmsRequestHandlerFactory(org.forgerock.openam.core.rest.sms.SmsRequestHandlerFactory)
SmsCollectionProviderFactory(org.forgerock.openam.core.rest.sms.SmsCollectionProviderFactory)
DebugRecorder(org.forgerock.openam.core.rest.record.DebugRecorder)
DefaultDebugRecorder(org.forgerock.openam.core.rest.record.DefaultDebugRecorder)
RouteMatcher(org.forgerock.services.routing.RouteMatcher)
Component(org.forgerock.openam.audit.AuditConstants.Component)
MatchingResourcePath(org.forgerock.openam.forgerockrest.utils.MatchingResourcePath)
SmsSingletonProviderFactory(org.forgerock.openam.core.rest.sms.SmsSingletonProviderFactory)
AbstractHttpAccessAuditFilter(org.forgerock.openam.audit.AbstractHttpAccessAuditFilter)
Example 2 with CrestAuthorizationModule
use of org.forgerock.authz.filter.crest.api.CrestAuthorizationModule in project OpenAM by OpenRock.
the class SmsRouteTreeLeafTest method setup.
@BeforeClass
public void setup() {
Router router = new Router();
Function<String, Boolean> handlesFunction = new Function<String, Boolean>() {
@Nullable
@Override
public Boolean apply(String serviceName) {
return "SERVICE_NAME".equals(serviceName);
}
};
routeTree = new SmsRouteTreeLeaf(Collections.<MatchingResourcePath, CrestAuthorizationModule>emptyMap(), null, router, handlesFunction, null, resourcePath(""));
}
Also used :
Function(org.forgerock.guava.common.base.Function)
Router(org.forgerock.json.resource.Router)
CrestAuthorizationModule(org.forgerock.authz.filter.crest.api.CrestAuthorizationModule)
MatchingResourcePath(org.forgerock.openam.forgerockrest.utils.MatchingResourcePath)
BeforeClass(org.testng.annotations.BeforeClass)
Example 3 with CrestAuthorizationModule
use of org.forgerock.authz.filter.crest.api.CrestAuthorizationModule in project OpenAM by OpenRock.
the class CoreRestGuiceModule method getSessionResourceAuthzModule.
@Provides
@Inject
public AnyOfAuthzModule getSessionResourceAuthzModule(SSOTokenManager ssoTokenManager, PrivilegeAuthzModule privilegeAuthzModule, AdminOnlyAuthzModule adminOnlyAuthzModule) {
SessionResourceAuthzModule sessionResourceAuthzModule = new SessionResourceAuthzModule(ssoTokenManager);
List<CrestAuthorizationModule> authzList = new ArrayList<>(3);
authzList.add(adminOnlyAuthzModule);
authzList.add(privilegeAuthzModule);
authzList.add(sessionResourceAuthzModule);
return new AnyOfAuthzModule(authzList);
}
Also used :
SessionResourceAuthzModule(org.forgerock.openam.core.rest.session.SessionResourceAuthzModule)
ArrayList(java.util.ArrayList)
AnyOfAuthzModule(org.forgerock.openam.core.rest.session.AnyOfAuthzModule)
CrestAuthorizationModule(org.forgerock.authz.filter.crest.api.CrestAuthorizationModule)
Inject(javax.inject.Inject)
Provides(com.google.inject.Provides)
Aggregations
CrestAuthorizationModule (org.forgerock.authz.filter.crest.api.CrestAuthorizationModule)3
MatchingResourcePath (org.forgerock.openam.forgerockrest.utils.MatchingResourcePath)2
Provides (com.google.inject.Provides)1
FactoryModuleBuilder (com.google.inject.assistedinject.FactoryModuleBuilder)1
ArrayList (java.util.ArrayList)1
Inject (javax.inject.Inject)1
Function (org.forgerock.guava.common.base.Function)1
Handler (org.forgerock.http.Handler)1
Router (org.forgerock.json.resource.Router)1
AbstractHttpAccessAuditFilter (org.forgerock.openam.audit.AbstractHttpAccessAuditFilter)1
Component (org.forgerock.openam.audit.AuditConstants.Component)1
DebugRecorder (org.forgerock.openam.core.rest.record.DebugRecorder)1
DefaultDebugRecorder (org.forgerock.openam.core.rest.record.DefaultDebugRecorder)1
AnyOfAuthzModule (org.forgerock.openam.core.rest.session.AnyOfAuthzModule)1
SessionResourceAuthzModule (org.forgerock.openam.core.rest.session.SessionResourceAuthzModule)1
SmsCollectionProviderFactory (org.forgerock.openam.core.rest.sms.SmsCollectionProviderFactory)1
SmsGlobalSingletonProviderFactory (org.forgerock.openam.core.rest.sms.SmsGlobalSingletonProviderFactory)1
SmsRequestHandler (org.forgerock.openam.core.rest.sms.SmsRequestHandler)1
SmsRequestHandlerFactory (org.forgerock.openam.core.rest.sms.SmsRequestHandlerFactory)1
SmsSingletonProviderFactory (org.forgerock.openam.core.rest.sms.SmsSingletonProviderFactory)1
