Examples with AuthenticatedUsers org.forgerock.openam.entitlement.conditions.subject.AuthenticatedUsers used on opensource projects

Search in sources :

Example 1 with AuthenticatedUsers

use of org.forgerock.openam.entitlement.conditions.subject.AuthenticatedUsers in project OpenAM by OpenRock.

the class MultipleResourceRestTest method setup.

@BeforeClass
public void setup() throws Exception {
    PrivilegeManager pm = PrivilegeManager.getInstance(REALM, adminSubject);
    {
        Privilege privilege = Privilege.getNewInstance();
        privilege.setName(PRIVILEGE_NAME + "1");
        Map<String, Boolean> actions = new HashMap<String, Boolean>();
        actions.put("GET", true);
        Entitlement entitlement = new Entitlement(RESOURCE_NAME + "/*", actions);
        privilege.setEntitlement(entitlement);
        EntitlementSubject sbj = new AuthenticatedUsers();
        privilege.setSubject(sbj);
        pm.add(privilege);
    }
    {
        Privilege privilege = Privilege.getNewInstance();
        privilege.setName(PRIVILEGE_NAME + "2");
        Map<String, Boolean> actions = new HashMap<String, Boolean>();
        actions.put("GET", false);
        Entitlement entitlement = new Entitlement(RESOURCE_NAME + "/index.html", actions);
        privilege.setEntitlement(entitlement);
        EntitlementSubject sbj = new AuthenticatedUsers();
        privilege.setSubject(sbj);
        pm.add(privilege);
    }
    String tokenId = adminToken.getTokenID().toString();
    hashedTokenId = Hash.hash(tokenId);
    tokenIdHeader = RestServiceManager.SSOTOKEN_SUBJECT_PREFIX + RestServiceManager.SUBJECT_DELIMITER + tokenId;
    String cookieValue = tokenId;
    if (Boolean.parseBoolean(SystemProperties.get(Constants.AM_COOKIE_ENCODE, "false"))) {
        cookieValue = URLEncoder.encode(tokenId, "UTF-8");
    }
    cookie = new Cookie(SystemProperties.get(Constants.AM_COOKIE_NAME), cookieValue);
    user = IdRepoUtils.createUser(REALM, "MultipleResourceRestTestUser");
    decisionsClient = Client.create().resource(SystemProperties.getServerInstanceName() + "/ws/1/entitlement/decisions");
    entitlementsClient = Client.create().resource(SystemProperties.getServerInstanceName() + "/ws/1/entitlement/entitlements");
}
Also used : EntitlementSubject(com.sun.identity.entitlement.EntitlementSubject) Cookie(javax.ws.rs.core.Cookie) AuthenticatedUsers(org.forgerock.openam.entitlement.conditions.subject.AuthenticatedUsers) PrivilegeManager(com.sun.identity.entitlement.PrivilegeManager) Privilege(com.sun.identity.entitlement.Privilege) JSONEntitlement(com.sun.identity.entitlement.JSONEntitlement) Entitlement(com.sun.identity.entitlement.Entitlement) HashMap(java.util.HashMap) Map(java.util.Map) MultivaluedMap(javax.ws.rs.core.MultivaluedMap) BeforeClass(org.testng.annotations.BeforeClass)

Example 2 with AuthenticatedUsers

use of org.forgerock.openam.entitlement.conditions.subject.AuthenticatedUsers in project OpenAM by OpenRock.

the class HttpStarEvaluationTest method setup.

@BeforeClass
public void setup() throws Exception {
    SSOToken adminToken = (SSOToken) AccessController.doPrivileged(AdminTokenAction.getInstance());
    adminSubject = SubjectUtils.createSubject(adminToken);
    PrivilegeManager pm = PrivilegeManager.getInstance("/", adminSubject);
    Privilege privilege = Privilege.getNewInstance();
    privilege.setName(POLICY_NAME);
    Map<String, Boolean> actions = new HashMap<String, Boolean>();
    actions.put("findAll", true);
    Entitlement entitlement = new Entitlement(ApplicationTypeManager.URL_APPLICATION_TYPE_NAME, "http://*", actions);
    privilege.setEntitlement(entitlement);
    privilege.setSubject(new AuthenticatedUsers());
    pm.add(privilege);
}
Also used : SSOToken(com.iplanet.sso.SSOToken) HashMap(java.util.HashMap) AuthenticatedUsers(org.forgerock.openam.entitlement.conditions.subject.AuthenticatedUsers) BeforeClass(org.testng.annotations.BeforeClass)

Example 3 with AuthenticatedUsers

use of org.forgerock.openam.entitlement.conditions.subject.AuthenticatedUsers in project OpenAM by OpenRock.

the class CanBeDeletedAppTest method createPrivilege.

private void createPrivilege() throws EntitlementException {
    PrivilegeManager pm = PrivilegeManager.getInstance("/", adminSubject);
    Privilege p = Privilege.getNewInstance();
    p.setName(PRIVILEGE_NAME);
    Map<String, Boolean> actionValues = new HashMap<String, Boolean>();
    actionValues.put("GET", true);
    Entitlement entitlement = new Entitlement(APPL_NAME, "http://www.CanBeDeletedAppTest.com/*", actionValues);
    p.setEntitlement(entitlement);
    p.setSubject(new AuthenticatedUsers());
    pm.add(p);
}
Also used : HashMap(java.util.HashMap) AuthenticatedUsers(org.forgerock.openam.entitlement.conditions.subject.AuthenticatedUsers)

Example 4 with AuthenticatedUsers

use of org.forgerock.openam.entitlement.conditions.subject.AuthenticatedUsers in project OpenAM by OpenRock.

the class ConfigureOAuth2 method execute.

public String execute(Locale locale, Map params) throws WorkflowException {
    final String type = getString(params, TYPE);
    final String realm = getString(params, REALM);
    final SSOToken token = AccessController.doPrivileged(AdminTokenAction.getInstance());
    if (StringUtils.isEmpty(type)) {
        throw new WorkflowException("type parameter is required");
    }
    //replace service attributes
    final Map<String, Set<String>> attrValues = getDefaultOAuth2ProviderAttributes(token);
    attrValues.putAll(PROFILE_SETTINGS.get(type));
    attrValues.put(SUPPORTED_SCOPES, translate(realm, SUPPORTED_SCOPE_KEYS.get(type)));
    attrValues.put(SUPPORTED_CLAIMS, translate(realm, SUPPORTED_CLAIM_KEYS.get(type)));
    attrValues.put(REFRESH_TOKEN_LIFETIME_NAME, singleton(getString(params, RTL)));
    attrValues.put(AUTHZ_CODE_LIFETIME_NAME, singleton(getString(params, ACL)));
    attrValues.put(ACCESS_TOKEN_LIFETIME_NAME, singleton(getString(params, ATL)));
    attrValues.put(ISSUE_REFRESH_TOKEN, singleton(getString(params, IRT)));
    attrValues.put(ISSUE_REFRESH_TOKEN_ON_REFRESHING_TOKEN, singleton(getString(params, IRTR)));
    attrValues.put(SCOPE_PLUGIN_CLASS, singleton(getString(params, SIC)));
    createProvider(OAUTH2_SERVICE_NAME, token, realm, attrValues);
    final boolean createUmaService = "uma".equals(type);
    if (createUmaService) {
        createProvider(UMA_SERVICE_NAME, token, realm, Collections.<String, Set<String>>emptyMap());
    }
    String policyURL = getRequestURL(params) + format(OAUTH2_AUTHORIZE_ENDPOINT, "/".equals(realm) ? "" : realm);
    //check if policy exists
    boolean createPolicy = false;
    try {
        Subject adminSubject = SubjectUtils.createSuperAdminSubject();
        PolicyStore policyStore = storeProvider.getPolicyStore(adminSubject, realm);
        try {
            if (policyStore.read(POLICY_NAME) == null) {
                createPolicy = true;
            }
        } catch (Exception e) {
            createPolicy = true;
        }
        if (createPolicy) {
            Privilege toStore = Privilege.getNewInstance();
            Map<String, Boolean> actions = new HashMap<>();
            actions.put("POST", true);
            actions.put("GET", true);
            Entitlement entitlement = new Entitlement();
            entitlement.setActionValues(actions);
            entitlement.setResourceName(policyURL);
            entitlement.setApplicationName(POLICY_APPLICATION_NAME);
            toStore.setResourceTypeUuid(getUrlResourceTypeId(adminSubject, realm));
            toStore.setSubject(new AuthenticatedUsers());
            toStore.setName(POLICY_NAME);
            toStore.setEntitlement(entitlement);
            policyStore.create(toStore);
        }
    } catch (EntitlementException e) {
        DEBUG.error("ConfigureOAuth2.execute() : Unable to create policy", e);
        throw new WorkflowException("oauth2.provider.policy.failed");
    }
    String messageTemplate = getMessage(MESSAGE, locale);
    return format(messageTemplate, createUmaService ? getMessage(UMA_SERVICE_CREATED, locale) : "", realm, format(getMessage(createPolicy ? POLICY_CREATED : POLICY_EXISTS, locale), POLICY_NAME));
}
Also used : SSOToken(com.iplanet.sso.SSOToken) Set(java.util.Set) HashSet(java.util.HashSet) ImmutableSet(org.forgerock.guava.common.collect.ImmutableSet) CollectionUtils.asSet(org.forgerock.openam.utils.CollectionUtils.asSet) HashMap(java.util.HashMap) AuthenticatedUsers(org.forgerock.openam.entitlement.conditions.subject.AuthenticatedUsers) Subject(javax.security.auth.Subject) SSOException(com.iplanet.sso.SSOException) EntitlementException(com.sun.identity.entitlement.EntitlementException) SMSException(com.sun.identity.sm.SMSException) EntitlementException(com.sun.identity.entitlement.EntitlementException) PolicyStore(org.forgerock.openam.entitlement.rest.PolicyStore) Privilege(com.sun.identity.entitlement.Privilege) Entitlement(com.sun.identity.entitlement.Entitlement)

Example 5 with AuthenticatedUsers

use of org.forgerock.openam.entitlement.conditions.subject.AuthenticatedUsers in project OpenAM by OpenRock.

the class JsonPolicyParserTest method shouldPrintSimpleSubjects.

@Test
public void shouldPrintSimpleSubjects() throws Exception {
    // Given
    Privilege policy = new StubPrivilege();
    policy.setSubject(new AuthenticatedUsers());
    // When
    JsonValue result = parser.printPolicy(policy);
    // Then
    assertThat(result.get(new JsonPointer("subject/type")).asString()).isEqualTo("AuthenticatedUsers");
}
Also used : AuthenticatedUsers(org.forgerock.openam.entitlement.conditions.subject.AuthenticatedUsers) JsonValue(org.forgerock.json.JsonValue) JsonPointer(org.forgerock.json.JsonPointer) OpenSSOPrivilege(com.sun.identity.entitlement.opensso.OpenSSOPrivilege) Privilege(com.sun.identity.entitlement.Privilege) Test(org.testng.annotations.Test)

Aggregations

AuthenticatedUsers (org.forgerock.openam.entitlement.conditions.subject.AuthenticatedUsers)10 HashMap (java.util.HashMap)9 Privilege (com.sun.identity.entitlement.Privilege)7 Entitlement (com.sun.identity.entitlement.Entitlement)6 BeforeClass (org.testng.annotations.BeforeClass)6 EntitlementSubject (com.sun.identity.entitlement.EntitlementSubject)5 PrivilegeManager (com.sun.identity.entitlement.PrivilegeManager)5 SSOToken (com.iplanet.sso.SSOToken)4 Cookie (javax.ws.rs.core.Cookie)4 JSONEntitlement (com.sun.identity.entitlement.JSONEntitlement)2 UniformInterfaceException (com.sun.jersey.api.client.UniformInterfaceException)2 SSOException (com.iplanet.sso.SSOException)1 DelegationPrivilege (com.sun.identity.delegation.DelegationPrivilege)1 EntitlementException (com.sun.identity.entitlement.EntitlementException)1 NumericAttributeCondition (com.sun.identity.entitlement.NumericAttributeCondition)1 OpenSSOPrivilege (com.sun.identity.entitlement.opensso.OpenSSOPrivilege)1 SMSException (com.sun.identity.sm.SMSException)1 UnsupportedEncodingException (java.io.UnsupportedEncodingException)1 MalformedURLException (java.net.MalformedURLException)1 HashSet (java.util.HashSet)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial