use of org.simbasecurity.api.service.thrift.ActionDescriptor in project simba-os by cegeka.
the class RequestActionFactoryTest method testCreate.
@Test
public void testCreate() {
ActionDescriptor actionDescriptor = new ActionDescriptor(new HashSet<>(), new HashMap<>(), null, null, null, null);
actionDescriptor.getActionTypes().add(ActionType.MAKE_COOKIE);
actionDescriptor.getActionTypes().add(ActionType.REDIRECT);
List<Action> result = requestActionFactory.create(actionDescriptor);
Assert.assertEquals(2, result.size());
for (Action aResult : result) {
AbstractAction action = (AbstractAction) aResult;
HttpServletRequest request = action.getHttpServletRequest();
Assert.assertNotNull(request);
Assert.assertEquals(REQUEST_VALUE, request.getHeader(REQUEST_HEADER));
HttpServletResponse response = action.getHttpServletResponse();
Assert.assertNotNull(response);
Assert.assertTrue(response.containsHeader(RESPONSE_HEADER));
}
}
use of org.simbasecurity.api.service.thrift.ActionDescriptor in project simba-os by cegeka.
the class SimbaFilter method doFilter.
private void doFilter(final HttpServletRequest request, final HttpServletResponse response, final FilterChain chain) throws ServletException, IOException {
if (isUrlExcluded(request)) {
chain.doFilter(request, response);
return;
}
RequestData requestData = RequestUtil.createRequestData(request, simbaWebURL, simbeEidSuccessUrl);
FilterActionFactory actionFactory = new FilterActionFactory(request, response, chain);
THttpClient tHttpClient = null;
try {
tHttpClient = new THttpClient(SimbaConfiguration.getSimbaAuthenticationURL());
TProtocol tProtocol = new TJSONProtocol(tHttpClient);
AuthenticationFilterService.Client authenticationClient = new AuthenticationFilterService.Client(tProtocol);
ActionDescriptor actionDescriptor = authenticationClient.processRequest(requestData, authenticationChainName);
actionFactory.execute(actionDescriptor);
} catch (Exception e) {
throw new ServletException(e);
} finally {
if (tHttpClient != null) {
tHttpClient.close();
}
}
}
use of org.simbasecurity.api.service.thrift.ActionDescriptor in project simba-os by cegeka.
the class SimbaJAXWSHandler method handleMessage.
@Override
public boolean handleMessage(final SOAPMessageContext context) {
if (isInboundMessage(context)) {
try {
final SOAPHeader header = context.getMessage().getSOAPHeader();
final HttpServletRequest httpServletRequest = (HttpServletRequest) context.get(MessageContext.SERVLET_REQUEST);
final ServletContext servletContext = (ServletContext) context.get(MessageContext.SERVLET_CONTEXT);
final RequestData requestData = RequestUtil.createWSSERequestData(httpServletRequest, header, getSimbaWebURL(servletContext));
THttpClient tHttpClient = null;
try {
tHttpClient = new THttpClient(getSimbaURL(servletContext));
TProtocol tProtocol = new TJSONProtocol(tHttpClient);
AuthenticationFilterService.Client authenticationClient = new AuthenticationFilterService.Client(tProtocol);
ActionDescriptor actionDescriptor = authenticationClient.processRequest(requestData, "wsLoginChain");
if (!actionDescriptor.getActionTypes().contains(ActionType.DO_FILTER_AND_SET_PRINCIPAL)) {
throw new SimbaWSAuthenticationException("Authentication Failed");
}
String username = actionDescriptor.getPrincipal();
Principal principal = null;
if (username != null) {
principal = new UserPrincipal(username);
}
if (principal != null) {
context.put(SimbaPrincipal.SIMBA_USER_CTX_KEY, principal);
context.setScope(SimbaPrincipal.SIMBA_USER_CTX_KEY, MessageContext.Scope.APPLICATION);
}
} finally {
if (tHttpClient != null) {
tHttpClient.close();
}
}
} catch (Exception e) {
throw new SimbaWSAuthenticationException("Authentication Failed", e);
}
}
return true;
}
use of org.simbasecurity.api.service.thrift.ActionDescriptor in project simba-os by cegeka.
the class AddParameterToTargetActionTest method testExecute.
@Test
public void testExecute() throws Exception {
ActionDescriptor actionDescriptor = new ActionDescriptor(new HashSet<ActionType>(), new HashMap<String, String>(), null, null, null, null);
actionDescriptor.getActionTypes().add(ActionType.ADD_PARAMETER_TO_TARGET);
String redirectURL = "http://localhost/redirect";
actionDescriptor.setRedirectURL(redirectURL);
actionDescriptor.getParameterMap().put("param1", "firstParam");
actionDescriptor.getParameterMap().put("param2", "secondParam");
AddParameterToTargetAction action = new AddParameterToTargetAction(actionDescriptor);
action.execute();
String resultUrl = action.getActionDescriptor().getRedirectURL();
String expectedRedirectURL = redirectURL + "?param1=firstParam¶m2=secondParam";
assertEquals(expectedRedirectURL, resultUrl);
}
use of org.simbasecurity.api.service.thrift.ActionDescriptor in project simba-os by cegeka.
the class MakeCookieActionTest method testExecute_WithSecureCookies.
@Test
public void testExecute_WithSecureCookies() throws Exception {
MakeCookieAction.setSecureCookiesEnabled(true);
ActionDescriptor actionDescriptor = new ActionDescriptor(new HashSet<>(), new HashMap<>(), null, null, null, null);
actionDescriptor.getActionTypes().add(ActionType.MAKE_COOKIE);
actionDescriptor.setSsoToken(SSO_TOKEN);
MakeCookieAction action = new MakeCookieAction(actionDescriptor);
action.setRequest(request);
action.setResponse(response);
action.execute();
ArgumentCaptor<Cookie> captor = ArgumentCaptor.forClass(Cookie.class);
verify(response).addCookie(captor.capture());
Cookie cookie = captor.getValue();
assertThat(cookie.getName()).isEqualTo(RequestConstants.SIMBA_SSO_TOKEN);
assertThat(cookie.getValue()).isEqualTo(SSO_TOKEN.getToken());
assertThat(cookie.getSecure()).isTrue();
assertThat(cookie.isHttpOnly()).isTrue();
assertThat(cookie.getPath()).isEqualTo("/");
}
Aggregations