Examples with AccessLevel org.springframework.boot.actuate.autoconfigure.cloudfoundry.AccessLevel used on opensource projects

Search in sources :

Example 1 with AccessLevel

use of org.springframework.boot.actuate.autoconfigure.cloudfoundry.AccessLevel in project spring-boot by spring-projects.

the class CloudFoundrySecurityServiceTests method getAccessLevelWhenSpaceDeveloperShouldReturnFull.

@Test
void getAccessLevelWhenSpaceDeveloperShouldReturnFull() {
    String responseBody = "{\"read_sensitive_data\": true,\"read_basic_data\": true}";
    this.server.expect(requestTo(CLOUD_CONTROLLER_PERMISSIONS)).andExpect(header("Authorization", "bearer my-access-token")).andRespond(withSuccess(responseBody, MediaType.APPLICATION_JSON));
    AccessLevel accessLevel = this.securityService.getAccessLevel("my-access-token", "my-app-id");
    this.server.verify();
    assertThat(accessLevel).isEqualTo(AccessLevel.FULL);
}
Also used : AccessLevel(org.springframework.boot.actuate.autoconfigure.cloudfoundry.AccessLevel) Test(org.junit.jupiter.api.Test)

Example 2 with AccessLevel

use of org.springframework.boot.actuate.autoconfigure.cloudfoundry.AccessLevel in project spring-boot by spring-projects.

the class CloudFoundrySecurityServiceTests method getAccessLevelWhenNotSpaceDeveloperShouldReturnRestricted.

@Test
void getAccessLevelWhenNotSpaceDeveloperShouldReturnRestricted() {
    String responseBody = "{\"read_sensitive_data\": false,\"read_basic_data\": true}";
    this.server.expect(requestTo(CLOUD_CONTROLLER_PERMISSIONS)).andExpect(header("Authorization", "bearer my-access-token")).andRespond(withSuccess(responseBody, MediaType.APPLICATION_JSON));
    AccessLevel accessLevel = this.securityService.getAccessLevel("my-access-token", "my-app-id");
    this.server.verify();
    assertThat(accessLevel).isEqualTo(AccessLevel.RESTRICTED);
}
Also used : AccessLevel(org.springframework.boot.actuate.autoconfigure.cloudfoundry.AccessLevel) Test(org.junit.jupiter.api.Test)

Example 3 with AccessLevel

use of org.springframework.boot.actuate.autoconfigure.cloudfoundry.AccessLevel in project spring-boot by spring-projects.

the class ReactiveCloudFoundrySecurityInterceptorTests method preHandleSuccessfulWithFullAccess.

@Test
void preHandleSuccessfulWithFullAccess() {
    String accessToken = mockAccessToken();
    given(this.securityService.getAccessLevel(accessToken, "my-app-id")).willReturn(Mono.just(AccessLevel.FULL));
    given(this.tokenValidator.validate(any())).willReturn(Mono.empty());
    MockServerWebExchange exchange = MockServerWebExchange.from(MockServerHttpRequest.get("/a").header(HttpHeaders.AUTHORIZATION, "bearer " + mockAccessToken()).build());
    StepVerifier.create(this.interceptor.preHandle(exchange, "/a")).consumeNextWith((response) -> {
        assertThat(response.getStatus()).isEqualTo(HttpStatus.OK);
        assertThat((AccessLevel) exchange.getAttribute("cloudFoundryAccessLevel")).isEqualTo(AccessLevel.FULL);
    }).verifyComplete();
}
Also used : Base64Utils(org.springframework.util.Base64Utils) ArgumentMatchers.any(org.mockito.ArgumentMatchers.any) BeforeEach(org.junit.jupiter.api.BeforeEach) MockitoExtension(org.mockito.junit.jupiter.MockitoExtension) StepVerifier(reactor.test.StepVerifier) MockServerHttpRequest(org.springframework.mock.http.server.reactive.MockServerHttpRequest) Mock(org.mockito.Mock) HttpHeaders(org.springframework.http.HttpHeaders) Assertions.assertThat(org.assertj.core.api.Assertions.assertThat) Mono(reactor.core.publisher.Mono) Test(org.junit.jupiter.api.Test) HttpStatus(org.springframework.http.HttpStatus) AccessLevel(org.springframework.boot.actuate.autoconfigure.cloudfoundry.AccessLevel) ExtendWith(org.junit.jupiter.api.extension.ExtendWith) BDDMockito.given(org.mockito.BDDMockito.given) Reason(org.springframework.boot.actuate.autoconfigure.cloudfoundry.CloudFoundryAuthorizationException.Reason) CloudFoundryAuthorizationException(org.springframework.boot.actuate.autoconfigure.cloudfoundry.CloudFoundryAuthorizationException) MockServerWebExchange(org.springframework.mock.web.server.MockServerWebExchange) MockServerWebExchange(org.springframework.mock.web.server.MockServerWebExchange) Test(org.junit.jupiter.api.Test)

Example 4 with AccessLevel

use of org.springframework.boot.actuate.autoconfigure.cloudfoundry.AccessLevel in project spring-boot by spring-projects.

the class CloudFoundrySecurityInterceptor method check.

private void check(HttpServletRequest request, EndpointId endpointId) throws Exception {
    Token token = getToken(request);
    this.tokenValidator.validate(token);
    AccessLevel accessLevel = this.cloudFoundrySecurityService.getAccessLevel(token.toString(), this.applicationId);
    if (!accessLevel.isAccessAllowed((endpointId != null) ? endpointId.toLowerCaseString() : "")) {
        throw new CloudFoundryAuthorizationException(Reason.ACCESS_DENIED, "Access denied");
    }
    request.setAttribute(AccessLevel.REQUEST_ATTRIBUTE, accessLevel);
}
Also used : CloudFoundryAuthorizationException(org.springframework.boot.actuate.autoconfigure.cloudfoundry.CloudFoundryAuthorizationException) Token(org.springframework.boot.actuate.autoconfigure.cloudfoundry.Token) AccessLevel(org.springframework.boot.actuate.autoconfigure.cloudfoundry.AccessLevel)

Example 5 with AccessLevel

use of org.springframework.boot.actuate.autoconfigure.cloudfoundry.AccessLevel in project spring-boot by spring-projects.

the class ReactiveCloudFoundrySecurityInterceptorTests method preHandleSuccessfulWithRestrictedAccess.

@Test
void preHandleSuccessfulWithRestrictedAccess() {
    String accessToken = mockAccessToken();
    given(this.securityService.getAccessLevel(accessToken, "my-app-id")).willReturn(Mono.just(AccessLevel.RESTRICTED));
    given(this.tokenValidator.validate(any())).willReturn(Mono.empty());
    MockServerWebExchange exchange = MockServerWebExchange.from(MockServerHttpRequest.get("/info").header(HttpHeaders.AUTHORIZATION, "bearer " + mockAccessToken()).build());
    StepVerifier.create(this.interceptor.preHandle(exchange, "info")).consumeNextWith((response) -> {
        assertThat(response.getStatus()).isEqualTo(HttpStatus.OK);
        assertThat((AccessLevel) exchange.getAttribute("cloudFoundryAccessLevel")).isEqualTo(AccessLevel.RESTRICTED);
    }).verifyComplete();
}
Also used : Base64Utils(org.springframework.util.Base64Utils) ArgumentMatchers.any(org.mockito.ArgumentMatchers.any) BeforeEach(org.junit.jupiter.api.BeforeEach) MockitoExtension(org.mockito.junit.jupiter.MockitoExtension) StepVerifier(reactor.test.StepVerifier) MockServerHttpRequest(org.springframework.mock.http.server.reactive.MockServerHttpRequest) Mock(org.mockito.Mock) HttpHeaders(org.springframework.http.HttpHeaders) Assertions.assertThat(org.assertj.core.api.Assertions.assertThat) Mono(reactor.core.publisher.Mono) Test(org.junit.jupiter.api.Test) HttpStatus(org.springframework.http.HttpStatus) AccessLevel(org.springframework.boot.actuate.autoconfigure.cloudfoundry.AccessLevel) ExtendWith(org.junit.jupiter.api.extension.ExtendWith) BDDMockito.given(org.mockito.BDDMockito.given) Reason(org.springframework.boot.actuate.autoconfigure.cloudfoundry.CloudFoundryAuthorizationException.Reason) CloudFoundryAuthorizationException(org.springframework.boot.actuate.autoconfigure.cloudfoundry.CloudFoundryAuthorizationException) MockServerWebExchange(org.springframework.mock.web.server.MockServerWebExchange) MockServerWebExchange(org.springframework.mock.web.server.MockServerWebExchange) Test(org.junit.jupiter.api.Test)

Aggregations

AccessLevel (org.springframework.boot.actuate.autoconfigure.cloudfoundry.AccessLevel)5 Test (org.junit.jupiter.api.Test)4 CloudFoundryAuthorizationException (org.springframework.boot.actuate.autoconfigure.cloudfoundry.CloudFoundryAuthorizationException)3 Assertions.assertThat (org.assertj.core.api.Assertions.assertThat)2 BeforeEach (org.junit.jupiter.api.BeforeEach)2 ExtendWith (org.junit.jupiter.api.extension.ExtendWith)2 ArgumentMatchers.any (org.mockito.ArgumentMatchers.any)2 BDDMockito.given (org.mockito.BDDMockito.given)2 Mock (org.mockito.Mock)2 MockitoExtension (org.mockito.junit.jupiter.MockitoExtension)2 Reason (org.springframework.boot.actuate.autoconfigure.cloudfoundry.CloudFoundryAuthorizationException.Reason)2 HttpHeaders (org.springframework.http.HttpHeaders)2 HttpStatus (org.springframework.http.HttpStatus)2 MockServerHttpRequest (org.springframework.mock.http.server.reactive.MockServerHttpRequest)2 MockServerWebExchange (org.springframework.mock.web.server.MockServerWebExchange)2 Base64Utils (org.springframework.util.Base64Utils)2 Mono (reactor.core.publisher.Mono)2 StepVerifier (reactor.test.StepVerifier)2 Token (org.springframework.boot.actuate.autoconfigure.cloudfoundry.Token)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial