Search in sources :

Example 31 with MockSessionStore

use of org.pac4j.core.context.session.MockSessionStore in project pac4j by pac4j.

the class KerberosClientTests method testMissingKerberosHeader.

@Test
public void testMissingKerberosHeader() {
    final var client = new DirectKerberosClient(new KerberosAuthenticator(krbValidator));
    final var credentials = client.getCredentials(MockWebContext.create(), new MockSessionStore());
    assertFalse(credentials.isPresent());
}
Also used : MockSessionStore(org.pac4j.core.context.session.MockSessionStore) KerberosAuthenticator(org.pac4j.kerberos.credentials.authenticator.KerberosAuthenticator) Test(org.junit.Test)

Example 32 with MockSessionStore

use of org.pac4j.core.context.session.MockSessionStore in project pac4j by pac4j.

the class KerberosClientTests method testWWWAuthenticateNegotiateHeaderIsSetToTriggerSPNEGOWhenNoCredentialsAreFound.

@Test
public void testWWWAuthenticateNegotiateHeaderIsSetToTriggerSPNEGOWhenNoCredentialsAreFound() {
    final WebContext context = MockWebContext.create();
    final var client = new DirectKerberosClient(new KerberosAuthenticator(krbValidator));
    final var credentials = client.getCredentials(context, new MockSessionStore());
    assertFalse(credentials.isPresent());
    assertEquals("Negotiate", context.getResponseHeader(HttpConstants.AUTHENTICATE_HEADER).get());
}
Also used : WebContext(org.pac4j.core.context.WebContext) MockWebContext(org.pac4j.core.context.MockWebContext) MockSessionStore(org.pac4j.core.context.session.MockSessionStore) KerberosAuthenticator(org.pac4j.kerberos.credentials.authenticator.KerberosAuthenticator) Test(org.junit.Test)

Example 33 with MockSessionStore

use of org.pac4j.core.context.session.MockSessionStore in project pac4j by pac4j.

the class KerberosClientTests method testAuthentication.

@Test
public void testAuthentication() {
    when(krbValidator.validateTicket(any())).thenReturn(new KerberosTicketValidation("garry", null, null, null));
    final var client = new DirectKerberosClient(new KerberosAuthenticator(krbValidator));
    final var context = MockWebContext.create();
    context.addRequestHeader(HttpConstants.AUTHORIZATION_HEADER, "Negotiate " + new String(KERBEROS_TICKET, StandardCharsets.UTF_8));
    final var credentials = (KerberosCredentials) client.getCredentials(context, new MockSessionStore()).get();
    assertEquals(new String(Base64.getDecoder().decode(KERBEROS_TICKET), StandardCharsets.UTF_8), new String(credentials.getKerberosTicket(), StandardCharsets.UTF_8));
    final var profile = (CommonProfile) client.getUserProfile(credentials, context, new MockSessionStore()).get();
    assertEquals("garry", profile.getId());
}
Also used : MockSessionStore(org.pac4j.core.context.session.MockSessionStore) KerberosAuthenticator(org.pac4j.kerberos.credentials.authenticator.KerberosAuthenticator) CommonProfile(org.pac4j.core.profile.CommonProfile) KerberosCredentials(org.pac4j.kerberos.credentials.KerberosCredentials) KerberosTicketValidation(org.pac4j.kerberos.credentials.authenticator.KerberosTicketValidation) Test(org.junit.Test)

Example 34 with MockSessionStore

use of org.pac4j.core.context.session.MockSessionStore in project pac4j by pac4j.

the class KerberosClientsKerbyTests method assertGetCredentialsFailsWithAuthRequired.

// ===============================
// Test helpers
// ===============================
private void assertGetCredentialsFailsWithAuthRequired(IndirectKerberosClient kerbClient, MockWebContext context, String expectedMsg) {
    try {
        kerbClient.getCredentials(context, new MockSessionStore());
        fail("should throw HttpAction");
    } catch (final HttpAction e) {
        assertEquals(401, e.getCode());
        assertEquals("Negotiate", context.getResponseHeaders().get(HttpConstants.AUTHENTICATE_HEADER));
        assertEquals(expectedMsg, e.getMessage());
    }
}
Also used : MockSessionStore(org.pac4j.core.context.session.MockSessionStore) HttpAction(org.pac4j.core.exception.http.HttpAction)

Example 35 with MockSessionStore

use of org.pac4j.core.context.session.MockSessionStore in project pac4j by pac4j.

the class KerberosClientsKerbyTests method testDirectIncorrectAuth.

// =====================
// Indirect client below
// =====================
@Test
public void testDirectIncorrectAuth() {
    // a request with an incorrect Kerberos token, yields NULL credentials also
    final var context = MockWebContext.create().addRequestHeader(HttpConstants.AUTHORIZATION_HEADER, "Negotiate " + "AAAbbAA123");
    assertFalse(setupDirectKerberosClient().getCredentials(context, new MockSessionStore()).isPresent());
}
Also used : MockSessionStore(org.pac4j.core.context.session.MockSessionStore) Test(org.junit.Test)

Aggregations

MockSessionStore (org.pac4j.core.context.session.MockSessionStore)164 Test (org.junit.Test)151 FoundAction (org.pac4j.core.exception.http.FoundAction)29 SessionStore (org.pac4j.core.context.session.SessionStore)22 CommonProfile (org.pac4j.core.profile.CommonProfile)20 TokenCredentials (org.pac4j.core.credentials.TokenCredentials)19 UsernamePasswordCredentials (org.pac4j.core.credentials.UsernamePasswordCredentials)17 MockWebContext (org.pac4j.core.context.MockWebContext)15 WebContext (org.pac4j.core.context.WebContext)15 CasConfiguration (org.pac4j.cas.config.CasConfiguration)14 HttpAction (org.pac4j.core.exception.http.HttpAction)12 SimpleTestTokenAuthenticator (org.pac4j.http.credentials.authenticator.test.SimpleTestTokenAuthenticator)11 AnonymousProfile (org.pac4j.core.profile.AnonymousProfile)9 SimpleTestUsernamePasswordAuthenticator (org.pac4j.http.credentials.authenticator.test.SimpleTestUsernamePasswordAuthenticator)7 CasProfile (org.pac4j.cas.profile.CasProfile)6 HashMap (java.util.HashMap)5 Authorizer (org.pac4j.core.authorization.authorizer.Authorizer)5 RequireAnyRoleAuthorizer (org.pac4j.core.authorization.authorizer.RequireAnyRoleAuthorizer)5 OkAction (org.pac4j.core.exception.http.OkAction)5 URL (java.net.URL)4