Search in sources :

Example 1 with Attributes

use of org.glassfish.security.services.api.common.Attributes in project Payara by payara.

the class SimpleAtzProviderTest method testService.

@Test
public void testService() throws Exception {
    final AuthorizationService authorizationService = new AuthorizationServiceImpl();
    Assert.assertNotNull(simpleAtzPrv);
    final AzEnvironment env = new AzEnvironmentImpl();
    final Attributes attrs = contextService.getEnvironmentAttributes();
    for (String attrName : attrs.getAttributeNames()) {
        env.addAttribute(attrName, attrs.getAttributeValue(attrName), true);
    }
    AzSubject azS = authorizationService.makeAzSubject(adminSubject());
    AzResult rt = simpleAtzPrv.getAuthorizationDecision(azS, authorizationService.makeAzResource(URI.create("admin://some/path")), authorizationService.makeAzAction("read"), env, null);
    AzResult.Decision ds = rt.getDecision();
    Assert.assertEquals(AzResult.Decision.PERMIT, ds);
}
Also used : Attributes(org.glassfish.security.services.api.common.Attributes) AuthorizationServiceImpl(org.glassfish.security.services.impl.authorization.AuthorizationServiceImpl) Test(org.junit.Test)

Example 2 with Attributes

use of org.glassfish.security.services.api.common.Attributes in project Payara by payara.

the class AttributesTest method testAttributesEmpty.

@Test
public void testAttributesEmpty() {
    String attName = "test";
    Attributes att = new AttributesImpl();
    att.addAttribute(attName, "", false);
    Set<String> vs = att.getAttributeValues(attName);
    Assert.assertEquals(0, vs.size());
}
Also used : Attributes(org.glassfish.security.services.api.common.Attributes) Test(org.junit.Test)

Example 3 with Attributes

use of org.glassfish.security.services.api.common.Attributes in project Payara by payara.

the class AuthorizationServiceImpl method getAuthorizationDecision.

/**
 * The primary authorization method.  The isAuthorized() methods call this method
 * after converting their arguments into the appropriate attribute collection type.
 * It returns a full AzResult, including authorization status, decision, and
 * obligations.
 *
 * This method performs two steps prior to invoking the configured AuthorizationProvider
 * to evaluate the request:  First, it acquires the current AzEnvironment attributes by
 * calling the Security Context service.  Second, it calls the Role Mapping service to
 * determine which roles the subject has, and adds the resulting role attributes into
 * the AzSubject.
 *
 * @param subject The attributes collection representing the Subject for which an authorization
 * decision is requested.
 * @param resource The attributes collection representing the resource for which access is
 * being requested.
 * @param action  The attributes collection representing the action, with respect to the resource,
 * for which access is being requested.  A null action is interpreted as all
 * actions, however all actions may also be represented by the AzAction instance.
 * See <code>{@link org.glassfish.security.services.api.authorization.AzAction}</code>.
 * @return The AzResult indicating the result of the access decision.
 * @throws IllegalArgumentException Given null or illegal subject or resource
 * @throws IllegalStateException Service was not initialized.
 * @see AuthorizationService#getAuthorizationDecision
 */
@Override
public AzResult getAuthorizationDecision(final AzSubject subject, final AzResource resource, final AzAction action) {
    checkServiceAvailability();
    // Validate inputs
    if (null == subject) {
        throw new IllegalArgumentException(localStrings.getLocalString("service.subject_null", "The supplied Subject is null."));
    }
    if (null == resource) {
        throw new IllegalArgumentException(localStrings.getLocalString("service.resource_null", "The supplied Resource is null."));
    }
    // TODO: setup current AzEnvironment instance. Should a null or empty instance to represent current environment?
    final AzEnvironment env = new AzEnvironmentImpl();
    final Attributes attrs = securityContextService.getEnvironmentAttributes();
    for (String attrName : attrs.getAttributeNames()) {
        env.addAttribute(attrName, attrs.getAttributeValue(attrName), true);
    }
    AzResult result = provider.getAuthorizationDecision(subject, resource, action, env, attributeResolvers);
    if (isDebug()) {
        logger.log(DEBUG_LEVEL, "Authorization Service result for {0} was {1}.", new String[] { subject.toString(), result.toString() });
    }
    return result;
}
Also used : AzResult(org.glassfish.security.services.api.authorization.AzResult) Attributes(org.glassfish.security.services.api.common.Attributes)

Example 4 with Attributes

use of org.glassfish.security.services.api.common.Attributes in project Payara by payara.

the class AzResourceImplTest method testAddAttributesFromUriQuery.

@Test
public void testAddAttributesFromUriQuery() throws Exception {
    URI uri = new URI("admin:///tenants/tenant/zirka?locked=true");
    Attributes attributes = new AttributesImpl();
    Attribute attribute;
    Set<String> values;
    Iterator<String> iter;
    BitSet bitset;
    final boolean REPLACE = true;
    // Null
    try {
        addAttributesFromUriQuery(null, attributes, REPLACE);
        fail("Expected IllegalArgumentException from null URI.");
    } catch (IllegalArgumentException e) {
    }
    try {
        addAttributesFromUriQuery(uri, null, REPLACE);
        fail("Expected IllegalArgumentException from null Attributes.");
    } catch (IllegalArgumentException e) {
    }
    assertEquals("Empty attributes", 0, attributes.getAttributeCount());
    // No params
    uri = new URI("admin:///tenants/tenant/zirka");
    addAttributesFromUriQuery(uri, attributes, !REPLACE);
    assertEquals("Empty attributes", 0, attributes.getAttributeCount());
    // 1 param
    uri = new URI("admin:///tenants/tenant/zirka?name1=value1");
    addAttributesFromUriQuery(uri, attributes, !REPLACE);
    assertEquals("Attributes count", 1, attributes.getAttributeCount());
    assertNotNull("attribute", attribute = attributes.getAttribute("name1"));
    values = attribute.getValues();
    assertEquals("Values count", 1, values.size());
    iter = values.iterator();
    assertTrue(iter.hasNext());
    assertEquals("Values value", "value1", iter.next());
    assertFalse(iter.hasNext());
    // Repeat, no dup value
    addAttributesFromUriQuery(uri, attributes, !REPLACE);
    assertEquals("Attributes count", 1, attributes.getAttributeCount());
    assertNotNull("attribute", attribute = attributes.getAttribute("name1"));
    values = attribute.getValues();
    assertEquals("Values count", 1, values.size());
    iter = values.iterator();
    assertTrue("iterator", iter.hasNext());
    assertEquals("Values value", "value1", iter.next());
    assertFalse("iterator", iter.hasNext());
    // New value
    uri = new URI("admin:///tenants/tenant/boris?name1=value2");
    addAttributesFromUriQuery(uri, attributes, !REPLACE);
    assertEquals("Attributes count", 1, attributes.getAttributeCount());
    assertNotNull("attribute", attribute = attributes.getAttribute("name1"));
    values = attribute.getValues();
    assertEquals("Values count", 2, values.size());
    bitset = new BitSet(2);
    for (String v : values) {
        if ("value1".equals(v) && !bitset.get(0)) {
            bitset.set(0);
        } else if ("value2".equals(v) && !bitset.get(1)) {
            bitset.set(1);
        } else {
            fail("Unexpected attribute value " + v);
        }
    }
    // Replace attribute
    uri = new URI("admin:///tenants/tenant/lucky?name1=value3");
    addAttributesFromUriQuery(uri, attributes, REPLACE);
    assertEquals("Attributes count", 1, attributes.getAttributeCount());
    assertNotNull("attribute", attribute = attributes.getAttribute("name1"));
    values = attribute.getValues();
    assertEquals("Values count", 1, values.size());
    iter = values.iterator();
    assertTrue("iterator", iter.hasNext());
    assertEquals("Values value", "value3", iter.next());
    assertFalse("iterator", iter.hasNext());
    // New attribute
    uri = new URI("admin:///tenants/tenant/lucky?name2=value21&name2=value22");
    addAttributesFromUriQuery(uri, attributes, !REPLACE);
    assertEquals("Attributes count", 2, attributes.getAttributeCount());
    assertNotNull("attribute", attributes.getAttribute("name1"));
    assertNotNull("attribute", attribute = attributes.getAttribute("name2"));
    values = attribute.getValues();
    assertEquals("Values count", 2, values.size());
    bitset = new BitSet(2);
    for (String v : values) {
        if ("value21".equals(v) && !bitset.get(0)) {
            bitset.set(0);
        } else if ("value22".equals(v) && !bitset.get(1)) {
            bitset.set(1);
        } else {
            fail("Unexpected attribute value " + v);
        }
    }
    // Encoded attribute
    attributes = new AttributesImpl();
    uri = new URI("admin:///tenants/tenant/lucky?na%3Dme2=val%26ue1&na%3Dme2=val%3Due2");
    addAttributesFromUriQuery(uri, attributes, !REPLACE);
    assertEquals("Attributes count", 1, attributes.getAttributeCount());
    assertNotNull("attribute", attribute = attributes.getAttribute("na=me2"));
    values = attribute.getValues();
    assertEquals("Values count", 2, values.size());
    bitset = new BitSet(2);
    for (String v : values) {
        if ("val&ue1".equals(v) && !bitset.get(0)) {
            bitset.set(0);
        } else if ("val=ue2".equals(v) && !bitset.get(1)) {
            bitset.set(1);
        } else {
            fail("Unexpected attribute value " + v);
        }
    }
}
Also used : AttributesImpl(org.glassfish.security.services.impl.common.AttributesImpl) Attribute(org.glassfish.security.services.api.common.Attribute) Attributes(org.glassfish.security.services.api.common.Attributes) BitSet(java.util.BitSet) URI(java.net.URI) AzResourceImpl.decodeURI(org.glassfish.security.services.impl.authorization.AzResourceImpl.decodeURI) Test(org.junit.Test)

Example 5 with Attributes

use of org.glassfish.security.services.api.common.Attributes in project Payara by payara.

the class AttributesTest method testAttributes.

@Test
public void testAttributes() {
    String attName = "test";
    Attributes att = new AttributesImpl();
    att.addAttribute(attName, "value1", false);
    att.addAttribute(attName, "value2", false);
    Set<String> vs = att.getAttributeValues(attName);
    Assert.assertEquals(2, vs.size());
    Assert.assertTrue(vs.contains("value1"));
    Assert.assertTrue(vs.contains("value2"));
}
Also used : Attributes(org.glassfish.security.services.api.common.Attributes) Test(org.junit.Test)

Aggregations

Attributes (org.glassfish.security.services.api.common.Attributes)7 Test (org.junit.Test)6 URI (java.net.URI)1 BitSet (java.util.BitSet)1 AzResult (org.glassfish.security.services.api.authorization.AzResult)1 Attribute (org.glassfish.security.services.api.common.Attribute)1 AuthorizationServiceImpl (org.glassfish.security.services.impl.authorization.AuthorizationServiceImpl)1 AzResourceImpl.decodeURI (org.glassfish.security.services.impl.authorization.AzResourceImpl.decodeURI)1 AttributesImpl (org.glassfish.security.services.impl.common.AttributesImpl)1