Example 61 with SSOTokenContext
use of org.forgerock.openam.rest.resource.SSOTokenContext in project OpenAM by OpenRock.
the class CoreTokenResourceAuthzModuleTest method shouldAuthorizeAccessToSuperUserIfResourceEnabled.
@Test
public void shouldAuthorizeAccessToSuperUserIfResourceEnabled() throws Exception {
//given
CoreTokenResourceAuthzModule testModule = new CoreTokenResourceAuthzModule(mockConfig, mockDebug, true);
SSOTokenContext mockSSOTokenContext = mock(SSOTokenContext.class);
SSOToken mockSSOToken = mock(SSOToken.class);
given(mockSSOTokenContext.getCallerSSOToken()).willReturn(mockSSOToken);
given(mockSSOToken.getProperty(Constants.UNIVERSAL_IDENTIFIER)).willReturn("test");
given(mockService.isSuperUser("test")).willReturn(true);
//when
Promise<AuthorizationResult, ResourceException> result = testModule.authorize(mockSSOTokenContext);
//then
assertTrue(result.get().isAuthorized());
}
Also used :
SSOToken(com.iplanet.sso.SSOToken)
SSOTokenContext(org.forgerock.openam.rest.resource.SSOTokenContext)
ResourceException(org.forgerock.json.resource.ResourceException)
AuthorizationResult(org.forgerock.authz.filter.api.AuthorizationResult)
Test(org.testng.annotations.Test)
BeforeTest(org.testng.annotations.BeforeTest)
Example 62 with SSOTokenContext
use of org.forgerock.openam.rest.resource.SSOTokenContext in project OpenAM by OpenRock.
the class CoreTokenResourceAuthzModuleTest method shouldBlockAllAccessIfResourceEnabledButNonSuperUser.
@Test
public void shouldBlockAllAccessIfResourceEnabledButNonSuperUser() throws Exception {
//given
CoreTokenResourceAuthzModule testModule = new CoreTokenResourceAuthzModule(mockConfig, mockDebug, true);
SSOTokenContext mockSSOTokenContext = mock(SSOTokenContext.class);
SSOToken mockSSOToken = mock(SSOToken.class);
given(mockSSOTokenContext.getCallerSSOToken()).willReturn(mockSSOToken);
given(mockSSOToken.getProperty(Constants.UNIVERSAL_IDENTIFIER)).willReturn("test");
given(mockService.isSuperUser("test")).willReturn(false);
//when
Promise<AuthorizationResult, ResourceException> result = testModule.authorize(mockSSOTokenContext);
//then
assertFalse(result.get().isAuthorized());
}
Also used :
SSOToken(com.iplanet.sso.SSOToken)
SSOTokenContext(org.forgerock.openam.rest.resource.SSOTokenContext)
ResourceException(org.forgerock.json.resource.ResourceException)
AuthorizationResult(org.forgerock.authz.filter.api.AuthorizationResult)
Test(org.testng.annotations.Test)
BeforeTest(org.testng.annotations.BeforeTest)
Aggregations
SSOTokenContext (org.forgerock.openam.rest.resource.SSOTokenContext)62
Test (org.testng.annotations.Test)52
ResourceException (org.forgerock.json.resource.ResourceException)43
RealmContext (org.forgerock.openam.rest.RealmContext)43
Context (org.forgerock.services.context.Context)39
Subject (javax.security.auth.Subject)38
ClientContext (org.forgerock.services.context.ClientContext)37
ResourceResponse (org.forgerock.json.resource.ResourceResponse)33
Matchers.anyString (org.mockito.Matchers.anyString)21
SSOToken (com.iplanet.sso.SSOToken)17
Application (com.sun.identity.entitlement.Application)16
EntitlementException (com.sun.identity.entitlement.EntitlementException)14
JsonValue (org.forgerock.json.JsonValue)13
BeforeTest (org.testng.annotations.BeforeTest)12
AuthorizationResult (org.forgerock.authz.filter.api.AuthorizationResult)11
QueryResourceHandler (org.forgerock.json.resource.QueryResourceHandler)9
QueryRequest (org.forgerock.json.resource.QueryRequest)8
Principal (java.security.Principal)7
CreateRequest (org.forgerock.json.resource.CreateRequest)7
QueryResponse (org.forgerock.json.resource.QueryResponse)7
