Examples with OrcidOAuth2Authentication org.orcid.core.oauth.OrcidOAuth2Authentication used on opensource projects

Search in sources :

Example 1 with OrcidOAuth2Authentication

use of org.orcid.core.oauth.OrcidOAuth2Authentication in project ORCID-Source by ORCID.

the class DefaultOAuthClientVisibilityTest method testCheckClientPermissionsAllowOnlyPublicAndLimitedVisibility.

@Test
@Transactional
@Rollback
public void testCheckClientPermissionsAllowOnlyPublicAndLimitedVisibility() throws Exception {
    Set<String> resourceIds = new HashSet<String>(Arrays.asList("orcid"));
    HashSet<GrantedAuthority> grantedAuthorities = new HashSet<GrantedAuthority>(Arrays.asList(new SimpleGrantedAuthority("ROLE_CLIENT")));
    AuthorizationRequest request = new AuthorizationRequest("4444-4444-4444-4446", Arrays.asList("/orcid-bio/external-identifiers/create"));
    request.setAuthorities(grantedAuthorities);
    request.setResourceIds(resourceIds);
    ProfileEntity entity = new ProfileEntity("4444-4444-4444-4446");
    OrcidOauth2UserAuthentication oauth2UserAuthentication = new OrcidOauth2UserAuthentication(entity, true);
    // we care only that an OAuth client request results in the correct
    // visibilities
    OrcidOAuth2Authentication oAuth2Authentication = new OrcidOAuth2Authentication(request, oauth2UserAuthentication, "made-up-token");
    OrcidOauth2TokenDetail tokenDetail = new OrcidOauth2TokenDetail();
    tokenDetail.setScope("/orcid-bio/external-identifiers/create");
    tokenDetail.setDateCreated(new Date());
    when(orcidOauth2TokenDetailService.findNonDisabledByTokenValue(any(String.class))).thenReturn(tokenDetail);
    ScopePathType scopePathType = ScopePathType.ORCID_BIO_EXTERNAL_IDENTIFIERS_CREATE;
    Set<Visibility> visibilitiesForClient = permissionChecker.obtainVisibilitiesForAuthentication(oAuth2Authentication, scopePathType, getOrcidMessage());
    assertTrue(visibilitiesForClient.size() == 3);
    assertTrue(visibilitiesForClient.contains(Visibility.LIMITED));
    assertTrue(visibilitiesForClient.contains(Visibility.REGISTERED_ONLY));
    assertTrue(visibilitiesForClient.contains(Visibility.PUBLIC));
}
Also used : AuthorizationRequest(org.springframework.security.oauth2.provider.AuthorizationRequest) SimpleGrantedAuthority(org.springframework.security.core.authority.SimpleGrantedAuthority) GrantedAuthority(org.springframework.security.core.GrantedAuthority) OrcidOAuth2Authentication(org.orcid.core.oauth.OrcidOAuth2Authentication) ProfileEntity(org.orcid.persistence.jpa.entities.ProfileEntity) Date(java.util.Date) SimpleGrantedAuthority(org.springframework.security.core.authority.SimpleGrantedAuthority) ScopePathType(org.orcid.jaxb.model.message.ScopePathType) OrcidOauth2UserAuthentication(org.orcid.core.oauth.OrcidOauth2UserAuthentication) Visibility(org.orcid.jaxb.model.message.Visibility) OrcidOauth2TokenDetail(org.orcid.persistence.jpa.entities.OrcidOauth2TokenDetail) HashSet(java.util.HashSet) Test(org.junit.Test) BaseTest(org.orcid.core.BaseTest) Rollback(org.springframework.test.annotation.Rollback) Transactional(org.springframework.transaction.annotation.Transactional)

Example 2 with OrcidOAuth2Authentication

use of org.orcid.core.oauth.OrcidOAuth2Authentication in project ORCID-Source by ORCID.

the class DefaultPermissionCheckerTest method testCheckPermissionsAuthenticationScopePathTypesAndOrcid.

@Test
public void testCheckPermissionsAuthenticationScopePathTypesAndOrcid() throws Exception {
    Set<String> resourceIds = new HashSet<String>(Arrays.asList("orcid"));
    HashSet<GrantedAuthority> grantedAuthorities = new HashSet<GrantedAuthority>(Arrays.asList(new SimpleGrantedAuthority("ROLE_CLIENT")));
    AuthorizationRequest request = new AuthorizationRequest("4444-4444-4444-4441", Arrays.asList(ScopePathType.ORCID_BIO_READ_LIMITED.value()));
    request.setAuthorities(grantedAuthorities);
    request.setResourceIds(resourceIds);
    OAuth2Authentication oAuth2Authentication = new OrcidOAuth2Authentication(request, null, "made-up-token");
    ScopePathType requiredScope = ScopePathType.ORCID_BIO_READ_LIMITED;
    defaultPermissionChecker.checkPermissions(oAuth2Authentication, requiredScope, "4444-4444-4444-4447");
}
Also used : SimpleGrantedAuthority(org.springframework.security.core.authority.SimpleGrantedAuthority) AuthorizationRequest(org.springframework.security.oauth2.provider.AuthorizationRequest) ScopePathType(org.orcid.jaxb.model.message.ScopePathType) SimpleGrantedAuthority(org.springframework.security.core.authority.SimpleGrantedAuthority) GrantedAuthority(org.springframework.security.core.GrantedAuthority) OAuth2Authentication(org.springframework.security.oauth2.provider.OAuth2Authentication) OrcidOAuth2Authentication(org.orcid.core.oauth.OrcidOAuth2Authentication) OrcidOAuth2Authentication(org.orcid.core.oauth.OrcidOAuth2Authentication) HashSet(java.util.HashSet) DBUnitTest(org.orcid.test.DBUnitTest) Test(org.junit.Test)

Example 3 with OrcidOAuth2Authentication

use of org.orcid.core.oauth.OrcidOAuth2Authentication in project ORCID-Source by ORCID.

the class DefaultPermissionCheckerTest method testCheckUserPermissionsAuthenticationScopesOrcidAndOrcidMessageWhenWrongUser.

@Test(expected = AccessControlException.class)
@Transactional
@Rollback
public void testCheckUserPermissionsAuthenticationScopesOrcidAndOrcidMessageWhenWrongUser() throws Exception {
    Set<String> resourceIds = new HashSet<String>(Arrays.asList("orcid"));
    HashSet<GrantedAuthority> grantedAuthorities = new HashSet<GrantedAuthority>(Arrays.asList(new SimpleGrantedAuthority("ROLE_CLIENT")));
    AuthorizationRequest request = new AuthorizationRequest("4444-4444-4444-4441", Arrays.asList("/orcid-bio/external-identifiers/create"));
    request.setAuthorities(grantedAuthorities);
    request.setResourceIds(resourceIds);
    ProfileEntity entity = profileEntityManager.findByOrcid("4444-4444-4444-4445");
    OrcidOauth2UserAuthentication oauth2UserAuthentication = new OrcidOauth2UserAuthentication(entity, true);
    OAuth2Authentication oAuth2Authentication = new OrcidOAuth2Authentication(request, oauth2UserAuthentication, "made-up-token");
    ScopePathType requiredScope = ScopePathType.ORCID_BIO_EXTERNAL_IDENTIFIERS_CREATE;
    OrcidMessage orcidMessage = getOrcidMessage();
    String messageOrcid = orcidMessage.getOrcidProfile().getOrcidIdentifier().getPath();
    defaultPermissionChecker.checkPermissions(oAuth2Authentication, requiredScope, messageOrcid, orcidMessage);
}
Also used : AuthorizationRequest(org.springframework.security.oauth2.provider.AuthorizationRequest) SimpleGrantedAuthority(org.springframework.security.core.authority.SimpleGrantedAuthority) GrantedAuthority(org.springframework.security.core.GrantedAuthority) OrcidOAuth2Authentication(org.orcid.core.oauth.OrcidOAuth2Authentication) ProfileEntity(org.orcid.persistence.jpa.entities.ProfileEntity) SimpleGrantedAuthority(org.springframework.security.core.authority.SimpleGrantedAuthority) ScopePathType(org.orcid.jaxb.model.message.ScopePathType) OAuth2Authentication(org.springframework.security.oauth2.provider.OAuth2Authentication) OrcidOAuth2Authentication(org.orcid.core.oauth.OrcidOAuth2Authentication) OrcidMessage(org.orcid.jaxb.model.message.OrcidMessage) OrcidOauth2UserAuthentication(org.orcid.core.oauth.OrcidOauth2UserAuthentication) HashSet(java.util.HashSet) DBUnitTest(org.orcid.test.DBUnitTest) Test(org.junit.Test) Rollback(org.springframework.test.annotation.Rollback) Transactional(org.springframework.transaction.annotation.Transactional)

Example 4 with OrcidOAuth2Authentication

use of org.orcid.core.oauth.OrcidOAuth2Authentication in project ORCID-Source by ORCID.

the class DefaultPermissionCheckerTest method testCheckPermissionsAuthenticationScopesAndOrcidMessage.

@Test
public void testCheckPermissionsAuthenticationScopesAndOrcidMessage() throws Exception {
    Set<String> resourceIds = new HashSet<String>(Arrays.asList("orcid"));
    HashSet<GrantedAuthority> grantedAuthorities = new HashSet<GrantedAuthority>(Arrays.asList(new SimpleGrantedAuthority("ROLE_CLIENT")));
    AuthorizationRequest request = new AuthorizationRequest("4444-4444-4444-4441", Arrays.asList(ScopePathType.ORCID_WORKS_CREATE.value()));
    request.setAuthorities(grantedAuthorities);
    request.setResourceIds(resourceIds);
    OAuth2Authentication oAuth2Authentication = new OrcidOAuth2Authentication(request, null, "made-up-token");
    ScopePathType requiredScope = ScopePathType.ORCID_WORKS_CREATE;
    OrcidMessage orcidMessage = getOrcidMessage();
    defaultPermissionChecker.checkPermissions(oAuth2Authentication, requiredScope, orcidMessage);
}
Also used : SimpleGrantedAuthority(org.springframework.security.core.authority.SimpleGrantedAuthority) AuthorizationRequest(org.springframework.security.oauth2.provider.AuthorizationRequest) ScopePathType(org.orcid.jaxb.model.message.ScopePathType) SimpleGrantedAuthority(org.springframework.security.core.authority.SimpleGrantedAuthority) GrantedAuthority(org.springframework.security.core.GrantedAuthority) OAuth2Authentication(org.springframework.security.oauth2.provider.OAuth2Authentication) OrcidOAuth2Authentication(org.orcid.core.oauth.OrcidOAuth2Authentication) OrcidMessage(org.orcid.jaxb.model.message.OrcidMessage) OrcidOAuth2Authentication(org.orcid.core.oauth.OrcidOAuth2Authentication) HashSet(java.util.HashSet) DBUnitTest(org.orcid.test.DBUnitTest) Test(org.junit.Test)

Example 5 with OrcidOAuth2Authentication

use of org.orcid.core.oauth.OrcidOAuth2Authentication in project ORCID-Source by ORCID.

the class SecurityContextTestUtils method setUpSecurityContext.

public static void setUpSecurityContext(String userOrcid, String clientId, ScopePathType... scopePathTypes) {
    SecurityContextImpl securityContext = new SecurityContextImpl();
    OrcidOAuth2Authentication mockedAuthentication = mock(OrcidOAuth2Authentication.class);
    securityContext.setAuthentication(mockedAuthentication);
    SecurityContextHolder.setContext(securityContext);
    ProfileEntity userProfileEntity = new ProfileEntity(userOrcid);
    when(mockedAuthentication.getPrincipal()).thenReturn(userProfileEntity);
    Authentication userAuthentication = mock(Authentication.class);
    when(userAuthentication.getPrincipal()).thenReturn(userProfileEntity);
    when(mockedAuthentication.getUserAuthentication()).thenReturn(userAuthentication);
    Set<String> scopes = new HashSet<String>();
    if (scopePathTypes != null) {
        for (ScopePathType scopePathType : scopePathTypes) {
            scopes.add(scopePathType.value());
        }
    }
    OAuth2Request authorizationRequest = new OAuth2Request(Collections.<String, String>emptyMap(), clientId, Collections.<GrantedAuthority>emptyList(), true, scopes, Collections.<String>emptySet(), null, Collections.<String>emptySet(), Collections.<String, Serializable>emptyMap());
    when(mockedAuthentication.getOAuth2Request()).thenReturn(authorizationRequest);
    when(mockedAuthentication.isAuthenticated()).thenReturn(true);
}
Also used : SecurityContextImpl(org.springframework.security.core.context.SecurityContextImpl) OAuth2Request(org.springframework.security.oauth2.provider.OAuth2Request) ScopePathType(org.orcid.jaxb.model.message.ScopePathType) OrcidOAuth2Authentication(org.orcid.core.oauth.OrcidOAuth2Authentication) Authentication(org.springframework.security.core.Authentication) OrcidOAuth2Authentication(org.orcid.core.oauth.OrcidOAuth2Authentication) ProfileEntity(org.orcid.persistence.jpa.entities.ProfileEntity) HashSet(java.util.HashSet)

Aggregations

OrcidOAuth2Authentication (org.orcid.core.oauth.OrcidOAuth2Authentication)16 HashSet (java.util.HashSet)11 ProfileEntity (org.orcid.persistence.jpa.entities.ProfileEntity)10 ScopePathType (org.orcid.jaxb.model.message.ScopePathType)9 AuthorizationRequest (org.springframework.security.oauth2.provider.AuthorizationRequest)8 Test (org.junit.Test)7 OAuth2Authentication (org.springframework.security.oauth2.provider.OAuth2Authentication)7 OAuth2Request (org.springframework.security.oauth2.provider.OAuth2Request)7 DBUnitTest (org.orcid.test.DBUnitTest)6 GrantedAuthority (org.springframework.security.core.GrantedAuthority)6 SimpleGrantedAuthority (org.springframework.security.core.authority.SimpleGrantedAuthority)6 OrcidOauth2UserAuthentication (org.orcid.core.oauth.OrcidOauth2UserAuthentication)5 OrcidMessage (org.orcid.jaxb.model.message.OrcidMessage)5 Authentication (org.springframework.security.core.Authentication)5 SecurityContextImpl (org.springframework.security.core.context.SecurityContextImpl)5 Transactional (org.springframework.transaction.annotation.Transactional)5 Rollback (org.springframework.test.annotation.Rollback)4 OrcidOauth2TokenDetail (org.orcid.persistence.jpa.entities.OrcidOauth2TokenDetail)3 Date (java.util.Date)2 Visibility (org.orcid.jaxb.model.message.Visibility)2
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial