Example 11 with ActionDescriptor
use of org.simbasecurity.api.service.thrift.ActionDescriptor in project simba-os by cegeka.
the class ChainContextImplTest method redirectToPasswordChanged.
@Test
public void redirectToPasswordChanged() {
when(configurationServiceMock.getValue(PASSWORD_CHANGED_URL)).thenReturn(SIMBA_PASSWORD_CHANGED_URL);
chainContextImpl.redirectToPasswordChanged();
ActionDescriptor actionDescriptor = chainContextImpl.getActionDescriptor();
Set<ActionType> actionTypes = actionDescriptor.getActionTypes();
assertEquals(2, actionTypes.size());
assertTrue(actionTypes.contains(ADD_PARAMETER_TO_TARGET));
assertTrue(actionTypes.contains(REDIRECT));
assertEquals(SIMBA_WEB_URL + SIMBA_PASSWORD_CHANGED_URL, actionDescriptor.getRedirectURL());
}
Also used :
ActionType(org.simbasecurity.api.service.thrift.ActionType)
ActionDescriptor(org.simbasecurity.api.service.thrift.ActionDescriptor)
Test(org.junit.Test)
Example 12 with ActionDescriptor
use of org.simbasecurity.api.service.thrift.ActionDescriptor in project simba-os by cegeka.
the class LoginController method handleRequest.
@Override
public ModelAndView handleRequest(HttpServletRequest request, HttpServletResponse response) throws Exception {
RequestData requestData = RequestUtil.createRequestData(request, resolveSimbaWebURL(request));
AuthenticationFilterService.Iface authenticationFilterService = GlobalContext.locate(AuthenticationFilterService.Iface.class, "authenticationFilterService");
ActionDescriptor actionDescriptor = authenticationFilterService.processRequest(requestData, "credentialChain");
if (actionDescriptor.getSsoToken() != null) {
makeSimbaSSOCookieForCORS(response, actionDescriptor);
}
RequestActionFactory actionFactory = new RequestActionFactory(request, response);
actionFactory.execute(actionDescriptor);
return null;
}
Also used :
AuthenticationFilterService(org.simbasecurity.api.service.thrift.AuthenticationFilterService)
RequestData(org.simbasecurity.api.service.thrift.RequestData)
ActionDescriptor(org.simbasecurity.api.service.thrift.ActionDescriptor)
RequestActionFactory(org.simbasecurity.common.filter.action.RequestActionFactory)
Example 13 with ActionDescriptor
use of org.simbasecurity.api.service.thrift.ActionDescriptor in project simba-os by cegeka.
the class SimbaGateway method processRequestInSimba.
private ActionDescriptor processRequestInSimba(RequestData requestData, String chain) throws SimbaUnavailableException {
try {
logger.debug("processRequest in simba with requestdata: {}", requestData);
ActionDescriptor actionDescriptor = createAuthenticationService().processRequest(requestData, chain);
return actionDescriptor;
} catch (TException | RuntimeException e) {
logger.error("Simba is down?", e);
throw new SimbaUnavailableException(e);
} finally {
if (tHttpClient != null) {
tHttpClient.close();
}
}
}
Also used :
TException(org.apache.thrift.TException)
ActionDescriptor(org.simbasecurity.api.service.thrift.ActionDescriptor)
SimbaUnavailableException(org.simbasecurity.dwclient.exception.SimbaUnavailableException)
Example 14 with ActionDescriptor
use of org.simbasecurity.api.service.thrift.ActionDescriptor in project simba-os by cegeka.
the class SimbaGateway method authenticate.
/**
* On successful authentication returns a present SimbaPrincipal
* On failed authentication returns either an absent SimbaPrincipal, or throws a SimbaUnavailableException
*
* @param credentials
* @return an absent SimbaPrincipal when the ActionDescriptor does not contain DO_FILTER_AND_SET_PRINCIPAL (means authentication failed)
* a present SimbaPrincipal when the ActionDescriptor does contain DO_FILTER_AND_SET_PRINCIPAL (means authentication was successful)
* @throws SimbaUnavailableException
*/
public Optional<SimbaPrincipal> authenticate(SimbaCredentials credentials) throws SimbaUnavailableException {
SimbaPrincipal principal = null;
ActionDescriptor actionDescriptor = processRequestInSimba(credentials.asRequestData(), SESSION_AUTHENTICATE_CHAIN);
if (isValidActionDescriptor(actionDescriptor) && actionDescriptor.getActionTypes().contains(ActionType.DO_FILTER_AND_SET_PRINCIPAL)) {
String token = actionDescriptor.getSsoToken() != null ? actionDescriptor.getSsoToken().getToken() : null;
principal = new SimbaPrincipal(actionDescriptor.getPrincipal(), token);
}
return Optional.fromNullable(principal);
}
Also used :
SimbaPrincipal(org.simbasecurity.dwclient.dropwizard.credentials.SimbaPrincipal)
ActionDescriptor(org.simbasecurity.api.service.thrift.ActionDescriptor)
Example 15 with ActionDescriptor
use of org.simbasecurity.api.service.thrift.ActionDescriptor in project simba-os by cegeka.
the class SimbaGatewayTest method login_WithUsernameAndPassword.
@Test
public void login_WithUsernameAndPassword() throws Exception {
String username = "appUser";
String password = "appPassword";
Client authenticationServicemock = setupSimbaServiceToReturnASimbaAuthenticationService();
SimbaCredentials simbaCredentials = mock(SimbaCredentials.class);
RequestData requestData = mock(RequestData.class);
SSOToken ssoToken = new SSOToken("token");
ActionDescriptor actionDescriptor = new ActionDescriptorBuilderForTests().withActionTypes(ActionType.MAKE_COOKIE).withSsoToken(ssoToken).build();
when(simbaCredentialsFactoryMock.createForLogin(username, password)).thenReturn(simbaCredentials);
when(simbaCredentials.asRequestData()).thenReturn(requestData);
when(authenticationServicemock.processRequest(requestData, LOGIN_AUTHENTICATE_CHAIN)).thenReturn(actionDescriptor);
Optional<String> actual = simbaGateway.login(username, password);
assertThat(actual.get()).isEqualTo(ssoToken.getToken());
}
Also used :
SSOToken(org.simbasecurity.api.service.thrift.SSOToken)
ActionDescriptorBuilderForTests(org.simbasecurity.dwclient.test.stub.simba.ActionDescriptorBuilderForTests)
SimbaCredentials(org.simbasecurity.dwclient.dropwizard.credentials.SimbaCredentials)
RequestData(org.simbasecurity.api.service.thrift.RequestData)
ActionDescriptor(org.simbasecurity.api.service.thrift.ActionDescriptor)
Client(org.simbasecurity.api.service.thrift.AuthenticationFilterService.Client)
THttpClient(org.apache.thrift.transport.THttpClient)
Test(org.junit.Test)
Aggregations
ActionDescriptor (org.simbasecurity.api.service.thrift.ActionDescriptor)32
Test (org.junit.Test)23
RequestData (org.simbasecurity.api.service.thrift.RequestData)14
THttpClient (org.apache.thrift.transport.THttpClient)10
ActionType (org.simbasecurity.api.service.thrift.ActionType)10
Client (org.simbasecurity.api.service.thrift.AuthenticationFilterService.Client)7
SimbaCredentials (org.simbasecurity.dwclient.dropwizard.credentials.SimbaCredentials)7
ActionDescriptorBuilderForTests (org.simbasecurity.dwclient.test.stub.simba.ActionDescriptorBuilderForTests)7
SSOToken (org.simbasecurity.api.service.thrift.SSOToken)5
ContainerRequest (com.sun.jersey.spi.container.ContainerRequest)4
AuthenticationFilterService (org.simbasecurity.api.service.thrift.AuthenticationFilterService)4
LoginMapping (org.simbasecurity.core.domain.LoginMapping)4
LoginMappingEntity (org.simbasecurity.core.domain.LoginMappingEntity)4
TJSONProtocol (org.apache.thrift.protocol.TJSONProtocol)3
TProtocol (org.apache.thrift.protocol.TProtocol)3
SimbaPrincipal (org.simbasecurity.dwclient.dropwizard.credentials.SimbaPrincipal)3
IOException (java.io.IOException)2
FilterChain (javax.servlet.FilterChain)2
Cookie (javax.servlet.http.Cookie)2
HttpServletRequest (javax.servlet.http.HttpServletRequest)2
