Examples with HTTPMethod org.motechproject.security.constants.HTTPMethod used on opensource projects

Search in sources :

Example 1 with HTTPMethod

use of org.motechproject.security.constants.HTTPMethod in project motech by motech.

the class SecurityTestConfigBuilder method buildConfig.

public static MotechSecurityConfiguration buildConfig(String testOption, Object configOption, String configOption2) {
    List<MotechURLSecurityRule> newRules = new ArrayList<MotechURLSecurityRule>();
    List<Scheme> supportedSchemes = new ArrayList<>();
    List<HTTPMethod> methodsRequired = new ArrayList<>();
    List<String> permissionAccess = new ArrayList<>();
    List<String> userAccess = new ArrayList<>();
    MotechURLSecurityRule rule1 = new MotechURLSecurityRule();
    MotechURLSecurityRule rule2 = new MotechURLSecurityRule();
    rule1.setPattern("/**/web-api/**");
    rule1.setOrigin("test");
    rule1.setProtocol(HTTP);
    rule1.setRest(true);
    rule1.setVersion("1");
    rule2.setPattern("/**");
    rule2.setOrigin("test");
    rule2.setProtocol(HTTP);
    rule2.setRest(true);
    rule2.setVersion("1");
    newRules.add(rule1);
    newRules.add(rule2);
    switch(testOption) {
        case USER_ACCESS_TEST:
            userAccess.add((String) configOption);
            rule1.setUserAccess(userAccess);
            supportedSchemes.add(Scheme.BASIC);
            methodsRequired.add(HTTPMethod.ANY);
            break;
        case PERMISSION_ACCESS_TEST:
            permissionAccess.add((String) configOption);
            rule1.setPermissionAccess(permissionAccess);
            supportedSchemes.add(Scheme.BASIC);
            methodsRequired.add(HTTPMethod.ANY);
            break;
        case METHOD_SPECIFIC_TEST:
            supportedSchemes.add(Scheme.BASIC);
            methodsRequired.add((HTTPMethod) configOption);
            permissionAccess.add(configOption2);
            rule1.setPermissionAccess(permissionAccess);
            break;
        case LOGIN_ACCESS_TEST:
            supportedSchemes.add(Scheme.USERNAME_PASSWORD);
            supportedSchemes.add(Scheme.OPEN_ID);
            methodsRequired.add(HTTPMethod.ANY);
            rule1.setRest(false);
            break;
        case NO_SECURITY_TEST:
            newRules.remove(rule1);
            supportedSchemes.add(Scheme.NO_SECURITY);
            methodsRequired.add(HTTPMethod.ANY);
            break;
        default:
            break;
    }
    rule1.setMethodsRequired(methodsRequired);
    rule1.setSupportedSchemes(supportedSchemes);
    rule1.setActive(true);
    rule2.setMethodsRequired(methodsRequired);
    rule2.setSupportedSchemes(supportedSchemes);
    rule2.setActive(true);
    return new MotechSecurityConfiguration(newRules);
}
Also used : MotechSecurityConfiguration(org.motechproject.security.domain.MotechSecurityConfiguration) Scheme(org.motechproject.security.constants.Scheme) HTTPMethod(org.motechproject.security.constants.HTTPMethod) MotechURLSecurityRule(org.motechproject.security.domain.MotechURLSecurityRule) ArrayList(java.util.ArrayList)

Example 2 with HTTPMethod

use of org.motechproject.security.constants.HTTPMethod in project motech by motech.

the class SecurityRuleBuilder method buildRequestMap.

private void buildRequestMap(Map<RequestMatcher, Collection<ConfigAttribute>> requestMap, Collection<ConfigAttribute> configAtts, MotechURLSecurityRule securityRule) {
    String pattern = securityRule.getPattern();
    for (HTTPMethod method : securityRule.getMethodsRequired()) {
        RequestMatcher matcher;
        if (securityRule.getMethodsRequired().contains(ANY) && (pattern.equals(SecurityConfigConstants.ANY_PATTERN) || "/**".equals(pattern))) {
            matcher = AnyRequestMatcher.INSTANCE;
        } else if (securityRule.getMethodsRequired().contains(ANY)) {
            matcher = new AntPathRequestMatcher(pattern, null);
        } else {
            matcher = new AntPathRequestMatcher(pattern, method.name());
        }
        requestMap.put(matcher, configAtts);
    }
}
Also used : RequestMatcher(org.springframework.security.web.util.matcher.RequestMatcher) AnyRequestMatcher(org.springframework.security.web.util.matcher.AnyRequestMatcher) AntPathRequestMatcher(org.springframework.security.web.util.matcher.AntPathRequestMatcher) HTTPMethod(org.motechproject.security.constants.HTTPMethod) AntPathRequestMatcher(org.springframework.security.web.util.matcher.AntPathRequestMatcher)

Example 3 with HTTPMethod

use of org.motechproject.security.constants.HTTPMethod in project motech by motech.

the class MotechURLSecurityServiceImpl method toMotechURLSecurityRuleList.

private List<MotechURLSecurityRule> toMotechURLSecurityRuleList(List<SecurityRuleDto> dtos) {
    List<MotechURLSecurityRule> list = new ArrayList<>();
    if (null != dtos) {
        for (SecurityRuleDto dto : dtos) {
            Long id = dto.getId();
            MotechURLSecurityRule rule = null == id ? new MotechURLSecurityRule() : allSecurityRules.getRuleById(id);
            rule.setActive(dto.isActive());
            rule.setDeleted(dto.isDeleted());
            rule.setOrigin(dto.getOrigin());
            rule.setPattern(dto.getPattern());
            rule.setPriority(dto.getPriority());
            if (null != dto.getProtocol()) {
                rule.setProtocol(Protocol.valueOf(dto.getProtocol()));
            }
            rule.setRest(dto.isRest());
            rule.setVersion(dto.getVersion());
            rule.setPermissionAccess(dto.getPermissionAccess());
            rule.setUserAccess(dto.getUserAccess());
            if (null != dto.getMethodsRequired()) {
                rule.setMethodsRequired(new ArrayList<HTTPMethod>());
                for (String method : dto.getMethodsRequired()) {
                    rule.getMethodsRequired().add(HTTPMethod.valueOf(method));
                }
            }
            if (null != dto.getSupportedSchemes()) {
                rule.setSupportedSchemes(new ArrayList<Scheme>());
                for (String scheme : dto.getSupportedSchemes()) {
                    rule.getSupportedSchemes().add(Scheme.valueOf(scheme));
                }
            }
            list.add(rule);
        }
    }
    return list;
}
Also used : Scheme(org.motechproject.security.constants.Scheme) HTTPMethod(org.motechproject.security.constants.HTTPMethod) MotechURLSecurityRule(org.motechproject.security.domain.MotechURLSecurityRule) ArrayList(java.util.ArrayList) SecurityRuleDto(org.motechproject.security.model.SecurityRuleDto)

Example 4 with HTTPMethod

use of org.motechproject.security.constants.HTTPMethod in project motech by motech.

the class MotechURLSecurityServiceImpl method toSecurityRuleDtoList.

private List<SecurityRuleDto> toSecurityRuleDtoList(List<MotechURLSecurityRule> rules) {
    List<SecurityRuleDto> list = new ArrayList<>();
    if (null != rules) {
        for (MotechURLSecurityRule rule : rules) {
            SecurityRuleDto dto = new SecurityRuleDto();
            dto.setId(rule.getId());
            dto.setActive(rule.isActive());
            dto.setDeleted(rule.isDeleted());
            dto.setOrigin(rule.getOrigin());
            dto.setPattern(rule.getPattern());
            dto.setPriority(rule.getPriority());
            if (null != rule.getProtocol()) {
                dto.setProtocol(rule.getProtocol().toString());
            }
            dto.setRest(rule.isRest());
            dto.setVersion(rule.getVersion());
            dto.setPermissionAccess(rule.getPermissionAccess());
            dto.setUserAccess(rule.getUserAccess());
            if (null != rule.getMethodsRequired()) {
                dto.setMethodsRequired(new ArrayList<String>());
                for (HTTPMethod method : rule.getMethodsRequired()) {
                    dto.getMethodsRequired().add(method.toString());
                }
            }
            if (null != rule.getSupportedSchemes()) {
                dto.setSupportedSchemes(new ArrayList<String>());
                for (Scheme scheme : rule.getSupportedSchemes()) {
                    dto.getSupportedSchemes().add(scheme.toString());
                }
            }
            list.add(dto);
        }
    }
    return list;
}
Also used : Scheme(org.motechproject.security.constants.Scheme) HTTPMethod(org.motechproject.security.constants.HTTPMethod) MotechURLSecurityRule(org.motechproject.security.domain.MotechURLSecurityRule) ArrayList(java.util.ArrayList) SecurityRuleDto(org.motechproject.security.model.SecurityRuleDto)

Example 5 with HTTPMethod

use of org.motechproject.security.constants.HTTPMethod in project motech by motech.

the class MotechProxyManager method updateSecurityChain.

/**
 * Updates security chain with given {@link org.motechproject.security.domain.MotechURLSecurityRule}
 *
 * @param securityRules list that contains new security rules
 */
private void updateSecurityChain(List<MotechURLSecurityRule> securityRules) {
    LOGGER.debug("Updating security chain");
    // sort rules by priority descending
    TreeSet<MotechURLSecurityRule> sortedRules = new TreeSet<>(new SecurityRuleComparator());
    sortedRules.addAll(securityRules);
    List<SecurityFilterChain> newFilterChains = new ArrayList<>();
    for (MotechURLSecurityRule securityRule : sortedRules) {
        if (securityRule.isActive() && !securityRule.isDeleted()) {
            LOGGER.debug("Creating SecurityFilterChain for: {}", securityRule.getPattern());
            for (HTTPMethod method : securityRule.getMethodsRequired()) {
                newFilterChains.add(securityRuleBuilder.buildSecurityChain(securityRule, method));
            }
            LOGGER.debug("Created SecurityFilterChain for: {}", securityRule.getPattern());
        }
    }
    proxy = new FilterChainProxy(newFilterChains);
    LOGGER.debug("Updated security chain.");
}
Also used : SecurityFilterChain(org.springframework.security.web.SecurityFilterChain) FilterChainProxy(org.springframework.security.web.FilterChainProxy) HTTPMethod(org.motechproject.security.constants.HTTPMethod) MotechURLSecurityRule(org.motechproject.security.domain.MotechURLSecurityRule) TreeSet(java.util.TreeSet) ArrayList(java.util.ArrayList) SecurityRuleComparator(org.motechproject.security.domain.SecurityRuleComparator)

Aggregations

HTTPMethod (org.motechproject.security.constants.HTTPMethod)5 ArrayList (java.util.ArrayList)4 MotechURLSecurityRule (org.motechproject.security.domain.MotechURLSecurityRule)4 Scheme (org.motechproject.security.constants.Scheme)3 SecurityRuleDto (org.motechproject.security.model.SecurityRuleDto)2 TreeSet (java.util.TreeSet)1 MotechSecurityConfiguration (org.motechproject.security.domain.MotechSecurityConfiguration)1 SecurityRuleComparator (org.motechproject.security.domain.SecurityRuleComparator)1 FilterChainProxy (org.springframework.security.web.FilterChainProxy)1 SecurityFilterChain (org.springframework.security.web.SecurityFilterChain)1 AntPathRequestMatcher (org.springframework.security.web.util.matcher.AntPathRequestMatcher)1 AnyRequestMatcher (org.springframework.security.web.util.matcher.AnyRequestMatcher)1 RequestMatcher (org.springframework.security.web.util.matcher.RequestMatcher)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial