Search in sources :

Example 21 with ActionDescriptor

use of org.simbasecurity.api.service.thrift.ActionDescriptor in project simba-os by cegeka.

the class SimbaJAXWSHandlerTest method soapAuthenticationSuccessful.

@Test
@Ignore
public // TODO: Create integration test
void soapAuthenticationSuccessful() throws Exception {
    ActionDescriptor actionDescriptor = new ActionDescriptor(new HashSet<ActionType>(), new HashMap<String, String>(), null, null, null, null);
    actionDescriptor.getActionTypes().add(ActionType.DO_FILTER_AND_SET_PRINCIPAL);
    actionDescriptor.setPrincipal("principal");
    // when(simbaServiceMock.processRequest(getChainConfiguration())).thenReturn(actionDescriptor);
    handler.handleMessage(messageContextMock);
    verify(messageContextMock).put(SimbaPrincipal.SIMBA_USER_CTX_KEY, "principal");
}
Also used : ActionType(org.simbasecurity.api.service.thrift.ActionType) ActionDescriptor(org.simbasecurity.api.service.thrift.ActionDescriptor) Ignore(org.junit.Ignore) Test(org.junit.Test)

Example 22 with ActionDescriptor

use of org.simbasecurity.api.service.thrift.ActionDescriptor in project simba-os by cegeka.

the class JerseyBasicAuthenticationFilter method filter.

@Override
public void filter(ContainerRequestContext containerRequestContext) throws IOException {
    ContainerRequest containerRequest = (ContainerRequest) containerRequestContext.getRequest();
    Map<String, String> requestParameters = toMap(containerRequestContext.getUriInfo().getQueryParameters());
    List<String> auth = containerRequest.getRequestHeader("authorization");
    if (auth == null || auth.isEmpty()) {
        throw new WebApplicationException(Response.Status.UNAUTHORIZED);
    }
    String[] credentials = decode(auth.get(0));
    requestParameters.put(AuthenticationConstants.USERNAME, credentials[0]);
    requestParameters.put(AuthenticationConstants.PASSWORD, credentials[1]);
    RequestData requestData = new RequestData(requestParameters, toMap(containerRequest.getRequestHeaders()), containerRequest.getAbsolutePath().toString(), simbaWebURL, null, /* SSO Token */
    null, /* Client IP */
    false, false, false, false, false, containerRequest.getMethod(), RequestUtil.HOST_SERVER_NAME, null, null);
    THttpClient tHttpClient = null;
    try {
        tHttpClient = new THttpClient(simbaWebURL + "/authenticationService");
        TProtocol tProtocol = new TJSONProtocol(tHttpClient);
        AuthenticationFilterService.Client authenticationClient = new AuthenticationFilterService.Client(tProtocol);
        ActionDescriptor actionDescriptor = authenticationClient.processRequest(requestData, "wsLoginChain");
        if (!actionDescriptor.getActionTypes().contains(ActionType.DO_FILTER_AND_SET_PRINCIPAL)) {
            throw new WebApplicationException(Response.Status.UNAUTHORIZED);
        }
    } catch (Exception e) {
        e.printStackTrace();
        throw new WebApplicationException(e, Response.Status.UNAUTHORIZED);
    } finally {
        if (tHttpClient != null) {
            tHttpClient.close();
        }
    }
}
Also used : WebApplicationException(javax.ws.rs.WebApplicationException) AuthenticationFilterService(org.simbasecurity.api.service.thrift.AuthenticationFilterService) ActionDescriptor(org.simbasecurity.api.service.thrift.ActionDescriptor) THttpClient(org.apache.thrift.transport.THttpClient) IOException(java.io.IOException) WebApplicationException(javax.ws.rs.WebApplicationException) TJSONProtocol(org.apache.thrift.protocol.TJSONProtocol) TProtocol(org.apache.thrift.protocol.TProtocol) RequestData(org.simbasecurity.api.service.thrift.RequestData) ContainerRequest(org.glassfish.jersey.server.ContainerRequest) THttpClient(org.apache.thrift.transport.THttpClient)

Example 23 with ActionDescriptor

use of org.simbasecurity.api.service.thrift.ActionDescriptor in project simba-os by cegeka.

the class RedirectActionTest method testExecute.

@Test
public void testExecute() throws Exception {
    ActionDescriptor actionDescriptor = new ActionDescriptor(new HashSet<>(), new HashMap<>(), null, null, null, null);
    actionDescriptor.getActionTypes().add(ActionType.REDIRECT);
    String redirectURL = "redirectURL";
    actionDescriptor.setRedirectURL(redirectURL);
    RedirectAction action = new RedirectAction(actionDescriptor);
    action.setRequest(request);
    action.setResponse(response);
    action.execute();
    Mockito.verify(response).sendRedirect(redirectURL);
}
Also used : ActionDescriptor(org.simbasecurity.api.service.thrift.ActionDescriptor) Test(org.junit.Test)

Example 24 with ActionDescriptor

use of org.simbasecurity.api.service.thrift.ActionDescriptor in project simba-os by cegeka.

the class MakeCookieActionTest method testExecute.

@Test
public void testExecute() throws Exception {
    ActionDescriptor actionDescriptor = new ActionDescriptor(new HashSet<>(), new HashMap<>(), null, null, null, null);
    actionDescriptor.getActionTypes().add(ActionType.MAKE_COOKIE);
    actionDescriptor.setSsoToken(SSO_TOKEN);
    MakeCookieAction action = new MakeCookieAction(actionDescriptor);
    action.setRequest(request);
    action.setResponse(response);
    action.execute();
    ArgumentCaptor<Cookie> captor = ArgumentCaptor.forClass(Cookie.class);
    verify(response).addCookie(captor.capture());
    Cookie cookie = captor.getValue();
    assertThat(cookie.getName()).isEqualTo(RequestConstants.SIMBA_SSO_TOKEN);
    assertThat(cookie.getValue()).isEqualTo(SSO_TOKEN.getToken());
    assertThat(cookie.getSecure()).isFalse();
    assertThat(cookie.isHttpOnly()).isTrue();
    assertThat(cookie.getPath()).isEqualTo("/");
}
Also used : Cookie(javax.servlet.http.Cookie) ActionDescriptor(org.simbasecurity.api.service.thrift.ActionDescriptor) Test(org.junit.Test)

Example 25 with ActionDescriptor

use of org.simbasecurity.api.service.thrift.ActionDescriptor in project simba-os by cegeka.

the class DoFilterAndSetPrincipalActionTest method testExecute_withoutPrincipal.

@Test
public void testExecute_withoutPrincipal() throws Exception {
    FilterChain filterChain = mock(FilterChain.class);
    ActionDescriptor actionDescriptor = new ActionDescriptor(new HashSet<ActionType>(), new HashMap<String, String>(), null, null, null, null);
    actionDescriptor.getActionTypes().add(ActionType.DO_FILTER_AND_SET_PRINCIPAL);
    DoFilterAndSetPrincipalAction action = new DoFilterAndSetPrincipalAction(actionDescriptor);
    action.setRequest(request);
    action.setResponse(response);
    action.setFilterChain(filterChain);
    action.execute();
    verify(filterChain).doFilter(request, response);
}
Also used : ActionType(org.simbasecurity.api.service.thrift.ActionType) FilterChain(javax.servlet.FilterChain) ActionDescriptor(org.simbasecurity.api.service.thrift.ActionDescriptor) Test(org.junit.Test)

Aggregations

ActionDescriptor (org.simbasecurity.api.service.thrift.ActionDescriptor)32 Test (org.junit.Test)23 RequestData (org.simbasecurity.api.service.thrift.RequestData)14 THttpClient (org.apache.thrift.transport.THttpClient)10 ActionType (org.simbasecurity.api.service.thrift.ActionType)10 Client (org.simbasecurity.api.service.thrift.AuthenticationFilterService.Client)7 SimbaCredentials (org.simbasecurity.dwclient.dropwizard.credentials.SimbaCredentials)7 ActionDescriptorBuilderForTests (org.simbasecurity.dwclient.test.stub.simba.ActionDescriptorBuilderForTests)7 SSOToken (org.simbasecurity.api.service.thrift.SSOToken)5 ContainerRequest (com.sun.jersey.spi.container.ContainerRequest)4 AuthenticationFilterService (org.simbasecurity.api.service.thrift.AuthenticationFilterService)4 LoginMapping (org.simbasecurity.core.domain.LoginMapping)4 LoginMappingEntity (org.simbasecurity.core.domain.LoginMappingEntity)4 TJSONProtocol (org.apache.thrift.protocol.TJSONProtocol)3 TProtocol (org.apache.thrift.protocol.TProtocol)3 SimbaPrincipal (org.simbasecurity.dwclient.dropwizard.credentials.SimbaPrincipal)3 IOException (java.io.IOException)2 FilterChain (javax.servlet.FilterChain)2 Cookie (javax.servlet.http.Cookie)2 HttpServletRequest (javax.servlet.http.HttpServletRequest)2