Example 6 with AuthSubject
use of org.neo4j.internal.kernel.api.security.AuthSubject in project neo4j by neo4j.
the class AuthorizationFilterTest method shouldAuthorizeWhenPasswordChangeRequired.
@Test
void shouldAuthorizeWhenPasswordChangeRequired() throws Exception {
// Given
final AuthorizationEnabledFilter filter = newFilter();
String credentials = Base64.encodeBase64String("foo:bar".getBytes(UTF_8));
BasicLoginContext loginContext = mock(BasicLoginContext.class);
AuthSubject authSubject = mock(AuthSubject.class);
when(servletRequest.getRemoteAddr()).thenReturn("client");
when(servletRequest.getRemotePort()).thenReturn(1337);
when(servletRequest.getServerName()).thenReturn("server");
when(servletRequest.getServerPort()).thenReturn(42);
when(servletRequest.getMethod()).thenReturn("GET");
when(servletRequest.getContextPath()).thenReturn("/db/data");
when(servletRequest.getRequestURL()).thenReturn(new StringBuffer("http://bar.baz:7474/db/data/"));
when(servletRequest.getRequestURI()).thenReturn("/db/data/");
when(servletRequest.getHeader(HttpHeaders.AUTHORIZATION)).thenReturn("BASIC " + credentials);
when(authManager.login(argThat(new AuthTokenMatcher(authToken("foo", "bar"))), any())).thenReturn(loginContext);
when(loginContext.subject()).thenReturn(authSubject);
when(authSubject.getAuthenticationResult()).thenReturn(AuthenticationResult.PASSWORD_CHANGE_REQUIRED);
// When
filter.doFilter(servletRequest, servletResponse, filterChain);
// Then
verify(filterChain).doFilter(eq(new AuthorizedRequestWrapper(BASIC_AUTH, "foo", servletRequest, AUTH_DISABLED)), same(servletResponse));
}
Also used :
AuthSubject(org.neo4j.internal.kernel.api.security.AuthSubject)
BasicLoginContext(org.neo4j.server.security.auth.BasicLoginContext)
Test(org.junit.jupiter.api.Test)
Example 7 with AuthSubject
use of org.neo4j.internal.kernel.api.security.AuthSubject in project neo4j by neo4j.
the class StubKernelTransaction method subjectOrAnonymous.
@Override
public AuthSubject subjectOrAnonymous() {
AuthSubject subject = mock(AuthSubject.class);
when(subject.username()).thenReturn("testUser");
return subject;
}
Also used :
AuthSubject(org.neo4j.internal.kernel.api.security.AuthSubject)
Aggregations
AuthSubject (org.neo4j.internal.kernel.api.security.AuthSubject)7
Test (org.junit.jupiter.api.Test)6
BasicLoginContext (org.neo4j.server.security.auth.BasicLoginContext)4
ArrayList (java.util.ArrayList)1
Collections (java.util.Collections)1
List (java.util.List)1
Map (java.util.Map)1
ExecutorService (java.util.concurrent.ExecutorService)1
Executors (java.util.concurrent.Executors)1
Future (java.util.concurrent.Future)1
ThreadLocalRandom (java.util.concurrent.ThreadLocalRandom)1
AtomicInteger (java.util.concurrent.atomic.AtomicInteger)1
AtomicReference (java.util.concurrent.atomic.AtomicReference)1
Consumer (java.util.function.Consumer)1
ExceptionUtils.getRootCause (org.apache.commons.lang3.exception.ExceptionUtils.getRootCause)1
Assertions.assertThat (org.assertj.core.api.Assertions.assertThat)1
Assertions.assertEquals (org.junit.jupiter.api.Assertions.assertEquals)1
Assertions.assertThrows (org.junit.jupiter.api.Assertions.assertThrows)1
Assertions.assertTrue (org.junit.jupiter.api.Assertions.assertTrue)1
ExtendWith (org.junit.jupiter.api.extension.ExtendWith)1
