Example 1 with RadiusResponse
use of org.forgerock.openam.radius.server.RadiusResponse in project OpenAM by OpenRock.
the class OpenAMAuthHandlerTest method handle.
/**
* Test the following method;.
*
* @see org.forgerock.openam.radius.server.spi.handlers.OpenAMAuthHandler#handle
* @throws RadiusProcessingException - should not happen.
* @throws AuthLoginException - should not happen.
* @throws IOException - should not happen.
*/
@Test(enabled = true)
public void handle() throws RadiusProcessingException, AuthLoginException, IOException {
// given
final Callback pagePropCallback = new PagePropertiesCallback("test_module", null, null, 0, null, false, null);
final Callback nameCallback = new NameCallback("Username:");
final Callback pwCallback = new PasswordCallback("pw_prompt", false);
final Callback[] callbacks = new Callback[] { pagePropCallback, nameCallback, pwCallback };
final String testRealm = "test_realm";
final String testChain = "test_chain";
final String cacheKey = "cache_key";
final Properties props = new Properties();
props.setProperty("realm", testRealm);
props.setProperty("chain", testChain);
final Status status = mock(Status.class);
final AuthContext authContext = mock(AuthContext.class);
when(authContext.getStatus()).thenReturn(AuthContext.Status.SUCCESS);
when(status.toString()).thenReturn("success");
when(authContext.hasMoreRequirements()).thenReturn(true, false);
when(authContext.getRequirements(true)).thenReturn(callbacks);
// Context and context holder
final ContextHolder holder = mock(ContextHolder.class);
final OpenAMAuthFactory ctxHolderFactory = mock(OpenAMAuthFactory.class);
when(holder.getCacheKey()).thenReturn(cacheKey);
when(holder.getAuthContext()).thenReturn(authContext);
when(holder.getAuthPhase()).thenReturn(AuthPhase.STARTING, AuthPhase.GATHERING_INPUT, AuthPhase.FINALIZING);
when(holder.getCallbacks()).thenReturn(callbacks, callbacks, (Callback[]) null);
when(holder.getIdxOfCurrentCallback()).thenReturn(1, 2);
final ContextHolderCache ctxHolderCache = mock(ContextHolderCache.class);
when(ctxHolderCache.createCachedContextHolder()).thenReturn(holder);
when(ctxHolderCache.get(isA(String.class))).thenReturn(holder);
EventBus eventBus = new EventBus();
final OpenAMAuthHandler handler = new OpenAMAuthHandler(ctxHolderFactory, ctxHolderCache, eventBus);
handler.init(props);
final Authenticator authenticator = mock(Authenticator.class);
when(authenticator.getOctets()).thenReturn("authenticator".getBytes());
// final StateAttribute mockStateAttribute = new StateAttribute("1");
final UserPasswordAttribute mockUserPasswordAttribute = new UserPasswordAttribute(authenticator, "secret", "testPassword");
final UserNameAttribute mockUsernameAttribute = new UserNameAttribute("testUser");
final AttributeSet mockAttrSet = mock(AttributeSet.class);
when(mockAttrSet.size()).thenReturn(2);
// when(mockAttrSet.getAttributeAt(0)).thenReturn(mockStateAttribute);
when(mockAttrSet.getAttributeAt(0)).thenReturn(mockUserPasswordAttribute);
when(mockAttrSet.getAttributeAt(1)).thenReturn(mockUsernameAttribute);
final AccessRequest mockRequestPacket = mock(AccessRequest.class);
when(mockRequestPacket.getAttributeSet()).thenReturn(mockAttrSet);
RadiusRequestContext reqCtx = mock(RadiusRequestContext.class);
when(reqCtx.getRequestAuthenticator()).thenReturn((mock(Authenticator.class)));
when(reqCtx.getClientSecret()).thenReturn("victoria");
RadiusResponse response = new RadiusResponse();
Packet mockPacket = mock(Packet.class);
when(mockPacket.getIdentifier()).thenReturn((short) 1);
RadiusRequest request = mock(RadiusRequest.class);
when(request.getRequestPacket()).thenReturn(mockPacket);
UserNameAttribute userName = mock(UserNameAttribute.class);
when(userName.getName()).thenReturn("Fred");
UserPasswordAttribute userPassword = mock(UserPasswordAttribute.class);
when(userPassword.extractPassword(isA(Authenticator.class), isA(String.class))).thenReturn("password");
when(request.getAttribute(UserPasswordAttribute.class)).thenReturn(userPassword);
when(request.getAttribute(UserNameAttribute.class)).thenReturn(userName);
String password = userPassword.extractPassword(reqCtx.getRequestAuthenticator(), reqCtx.getClientSecret());
assertThat(password).isNotNull();
// when
handler.handle(request, response, reqCtx);
// then
verify(authContext, times(1)).login(AuthContext.IndexType.SERVICE, testChain);
verify(ctxHolderFactory, times(1)).getAuthContext(testRealm);
verify(holder, times(3)).getCallbacks();
verify(holder, times(1)).setAuthPhase(ContextHolder.AuthPhase.TERMINATED);
verify(authContext, times(1)).logout();
}
Also used :
Status(com.sun.identity.authentication.AuthContext.Status)
Packet(org.forgerock.openam.radius.common.Packet)
OpenAMAuthFactory(org.forgerock.openam.radius.server.spi.handlers.amhandler.OpenAMAuthFactory)
PagePropertiesCallback(com.sun.identity.authentication.spi.PagePropertiesCallback)
AccessRequest(org.forgerock.openam.radius.common.AccessRequest)
AuthContext(com.sun.identity.authentication.AuthContext)
EventBus(org.forgerock.guava.common.eventbus.EventBus)
Properties(java.util.Properties)
RadiusRequest(org.forgerock.openam.radius.server.RadiusRequest)
RadiusResponse(org.forgerock.openam.radius.server.RadiusResponse)
PagePropertiesCallback(com.sun.identity.authentication.spi.PagePropertiesCallback)
PasswordCallback(javax.security.auth.callback.PasswordCallback)
NameCallback(javax.security.auth.callback.NameCallback)
Callback(javax.security.auth.callback.Callback)
NameCallback(javax.security.auth.callback.NameCallback)
ContextHolder(org.forgerock.openam.radius.server.spi.handlers.amhandler.ContextHolder)
ContextHolderCache(org.forgerock.openam.radius.server.spi.handlers.amhandler.ContextHolderCache)
AttributeSet(org.forgerock.openam.radius.common.AttributeSet)
RadiusRequestContext(org.forgerock.openam.radius.server.RadiusRequestContext)
UserNameAttribute(org.forgerock.openam.radius.common.UserNameAttribute)
PasswordCallback(javax.security.auth.callback.PasswordCallback)
Authenticator(org.forgerock.openam.radius.common.Authenticator)
UserPasswordAttribute(org.forgerock.openam.radius.common.UserPasswordAttribute)
Test(org.testng.annotations.Test)
Example 2 with RadiusResponse
use of org.forgerock.openam.radius.server.RadiusResponse in project OpenAM by OpenRock.
the class RadiusAuditLoggerEventBus method makeLogEntry.
/**
* Makes an 'access' audit log entry.
*
* @param eventName - the name of the event.
* @param accessRequestEvent - the access request event.
*/
public void makeLogEntry(EventName eventName, AcceptedRadiusEvent accessRequestEvent) {
LOG.message("Entering RadiusAuditLoggerEventBus.makeLogEntry()");
Set<String> trackingIds = new HashSet<String>();
trackingIds.add(accessRequestEvent.getRequest().getContextHolderKey());
// This sets the request context so that when the OpenAM auth chains etc call AuditRequestContext.get they
// will use the same transaction id. This means log entries across the audit logs can be tied up.
AuditRequestContext.set(new AuditRequestContext(new TransactionId(accessRequestEvent.getRequestId())));
AMAccessAuditEventBuilder builder = auditEventFactory.accessEvent(accessRequestEvent.getRealm()).timestamp(accessRequestEvent.getTimeOfEvent()).transactionId(accessRequestEvent.getRequestId()).eventName(eventName).component(Component.RADIUS).trackingIds(trackingIds);
String uid = accessRequestEvent.getUniversalId();
if (!Strings.isNullOrEmpty(uid)) {
builder.userId(uid);
} else {
LOG.message("Not setting authentication to universal Id. None available.");
}
setRequestDetails(builder, accessRequestEvent);
try {
setClientDetails(builder, accessRequestEvent.getRequestContext());
RadiusResponse response = accessRequestEvent.getResponse();
if (response.getResponsePacket() != null) {
setResponseDetails(builder, response);
}
} catch (RadiusAuditLoggingException e) {
LOG.warning("Failed to set client details on access audit event. Reason; {}", e.getMessage());
}
this.auditEventPublisher.tryPublish(AuditConstants.ACCESS_TOPIC, builder.toEvent());
LOG.message("Leaving RadiusAuditLoggerEventBus.makeLogEntry()");
}
Also used :
RadiusResponse(org.forgerock.openam.radius.server.RadiusResponse)
AMAccessAuditEventBuilder(org.forgerock.openam.audit.AMAccessAuditEventBuilder)
AuditRequestContext(org.forgerock.openam.audit.context.AuditRequestContext)
HashSet(java.util.HashSet)
TransactionId(org.forgerock.services.TransactionId)
Aggregations
RadiusResponse (org.forgerock.openam.radius.server.RadiusResponse)2
AuthContext (com.sun.identity.authentication.AuthContext)1
Status (com.sun.identity.authentication.AuthContext.Status)1
PagePropertiesCallback (com.sun.identity.authentication.spi.PagePropertiesCallback)1
HashSet (java.util.HashSet)1
Properties (java.util.Properties)1
Callback (javax.security.auth.callback.Callback)1
NameCallback (javax.security.auth.callback.NameCallback)1
PasswordCallback (javax.security.auth.callback.PasswordCallback)1
EventBus (org.forgerock.guava.common.eventbus.EventBus)1
AMAccessAuditEventBuilder (org.forgerock.openam.audit.AMAccessAuditEventBuilder)1
AuditRequestContext (org.forgerock.openam.audit.context.AuditRequestContext)1
AccessRequest (org.forgerock.openam.radius.common.AccessRequest)1
AttributeSet (org.forgerock.openam.radius.common.AttributeSet)1
Authenticator (org.forgerock.openam.radius.common.Authenticator)1
Packet (org.forgerock.openam.radius.common.Packet)1
UserNameAttribute (org.forgerock.openam.radius.common.UserNameAttribute)1
UserPasswordAttribute (org.forgerock.openam.radius.common.UserPasswordAttribute)1
RadiusRequest (org.forgerock.openam.radius.server.RadiusRequest)1
RadiusRequestContext (org.forgerock.openam.radius.server.RadiusRequestContext)1
