Examples with Authentication org.springframework.security.Authentication used on opensource projects
Example 21 with Authentication
use of org.springframework.security.Authentication in project gocd by gocd.
the class AnonymousProcessingFilterTest method shouldGiveAnonymousUserRoleSupervisorAuthorityWhenSecurityIsOFFInCruiseConfig.
@Test
public void shouldGiveAnonymousUserRoleSupervisorAuthorityWhenSecurityIsOFFInCruiseConfig() throws Exception {
context.checking(new Expectations() {
{
allowing(goConfigService).isSecurityEnabled();
will(returnValue(false));
}
});
MockHttpServletRequest mockHttpServletRequest = new MockHttpServletRequest();
Authentication authentication = filter.createAuthentication(mockHttpServletRequest);
assertThat(authentication.getAuthorities().length, is(1));
final String role = authentication.getAuthorities()[0].getAuthority();
assertThat(role, is(GoAuthority.ROLE_SUPERVISOR.toString()));
assertTrue(authentication.getDetails() instanceof WebAuthenticationDetails);
}
Also used :
Expectations(org.jmock.Expectations)
MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest)
Authentication(org.springframework.security.Authentication)
WebAuthenticationDetails(org.springframework.security.ui.WebAuthenticationDetails)
Test(org.junit.Test)
Example 22 with Authentication
use of org.springframework.security.Authentication in project gocd by gocd.
the class AnonymousProcessingFilterTest method shouldGiveAnonymousUserRoleAnonymousAuthorityWhenSecurityIsONInCruiseConfig.
@Test
public void shouldGiveAnonymousUserRoleAnonymousAuthorityWhenSecurityIsONInCruiseConfig() throws Exception {
context.checking(new Expectations() {
{
allowing(goConfigService).isSecurityEnabled();
will(returnValue(true));
}
});
MockHttpServletRequest mockHttpServletRequest = new MockHttpServletRequest();
Authentication authentication = filter.createAuthentication(mockHttpServletRequest);
assertThat(authentication.getAuthorities().length, is(1));
final String role = authentication.getAuthorities()[0].getAuthority();
assertThat(role, is(GoAuthority.ROLE_ANONYMOUS.toString()));
}
Also used :
Expectations(org.jmock.Expectations)
MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest)
Authentication(org.springframework.security.Authentication)
Test(org.junit.Test)
Example 23 with Authentication
use of org.springframework.security.Authentication in project gocd by gocd.
the class PreAuthenticatedRequestsProcessingFilterTest method shouldAuthenticateUsersWithCredentials.
@Test
public void shouldAuthenticateUsersWithCredentials() throws IOException, ServletException {
PreAuthenticatedAuthenticationToken token = mock(PreAuthenticatedAuthenticationToken.class);
HashMap<String, String[]> params = new HashMap<>();
params.put("code", new String[] { "some_auth_code" });
SecurityAuthConfig githubAuthConfig = new SecurityAuthConfig("github", "github.oauth");
securityConfig.securityAuthConfigs().add(githubAuthConfig);
when(request.getRequestURI()).thenReturn("/go/plugin/github.oauth/authenticate");
when(request.getHeaderNames()).thenReturn(Collections.enumeration(Arrays.asList("Authorization")));
when(request.getHeader("Authorization")).thenReturn("qwe123");
when(request.getParameterMap()).thenReturn(params);
when(authorizationExtension.fetchAccessToken("github.oauth", Collections.singletonMap("Authorization", "qwe123"), Collections.singletonMap("code", "some_auth_code"), Collections.singletonList(githubAuthConfig))).thenReturn(Collections.singletonMap("access_token", "token"));
when(authenticationManager.authenticate(any(PreAuthenticatedAuthenticationToken.class))).thenReturn(token);
filter.setDefaultTargetUrl("/");
filter.doFilter(request, response, filterChain);
Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
assertThat(authentication, is(token));
}
Also used :
SecurityAuthConfig(com.thoughtworks.go.config.SecurityAuthConfig)
HashMap(java.util.HashMap)
Authentication(org.springframework.security.Authentication)
PreAuthenticatedAuthenticationToken(com.thoughtworks.go.server.security.tokens.PreAuthenticatedAuthenticationToken)
Test(org.junit.Test)
Example 24 with Authentication
use of org.springframework.security.Authentication in project gocd by gocd.
the class UserEnabledCheckFilterTest method shouldAllowNormalChainingOfRequestIfUserEnabled.
@Test
public void shouldAllowNormalChainingOfRequestIfUserEnabled() throws IOException, ServletException {
SecurityContextHelper.setCurrentUser("winner");
Long userId = 1L;
User user = getUser("winner", userId);
Authentication actual = SecurityContextHolder.getContext().getAuthentication();
when(session.getAttribute(USERID_ATTR)).thenReturn(userId);
when(userService.load(userId)).thenReturn(user);
filter.doFilterHttp(req, res, chain);
assertThat(SecurityContextHolder.getContext().getAuthentication(), is(actual));
verify(chain).doFilter(req, res);
}
Also used :
User(com.thoughtworks.go.domain.User)
NullUser(com.thoughtworks.go.domain.NullUser)
Authentication(org.springframework.security.Authentication)
Example 25 with Authentication
use of org.springframework.security.Authentication in project gocd by gocd.
the class UserEnabledCheckFilterTest method shouldSetUserIdInSession.
@Test
public void shouldSetUserIdInSession() throws IOException, ServletException {
SecurityContextHelper.setCurrentUser("winner");
Long userId = 1L;
User user = getUser("winner", userId);
Authentication actual = SecurityContextHolder.getContext().getAuthentication();
when(session.getAttribute(USERID_ATTR)).thenReturn(null);
when(userService.findUserByName(user.getName())).thenReturn(user);
filter.doFilterHttp(req, res, chain);
assertThat(SecurityContextHolder.getContext().getAuthentication(), is(actual));
verify(session).setAttribute(USERID_ATTR, userId);
verify(chain).doFilter(req, res);
}
Also used :
User(com.thoughtworks.go.domain.User)
NullUser(com.thoughtworks.go.domain.NullUser)
Authentication(org.springframework.security.Authentication)
Aggregations
Authentication (org.springframework.security.Authentication)31
Test (org.junit.Test)16
UsernamePasswordAuthenticationToken (org.springframework.security.providers.UsernamePasswordAuthenticationToken)5
NullUser (com.thoughtworks.go.domain.NullUser)4
GrantedAuthority (org.springframework.security.GrantedAuthority)4
TestingAuthenticationToken (org.springframework.security.providers.TestingAuthenticationToken)4
User (com.thoughtworks.go.domain.User)3
MockHttpServletRequest (org.springframework.mock.web.MockHttpServletRequest)3
PreAuthenticatedAuthenticationToken (com.thoughtworks.go.server.security.tokens.PreAuthenticatedAuthenticationToken)2
GoUserPrinciple (com.thoughtworks.go.server.security.userdetail.GoUserPrinciple)2
Expectations (org.jmock.Expectations)2
AuthenticationException (org.springframework.security.AuthenticationException)2
User (org.springframework.security.userdetails.User)2
SecurityAuthConfig (com.thoughtworks.go.config.SecurityAuthConfig)1
User (com.thoughtworks.go.plugin.access.authentication.models.User)1
DefaultGoApiResponse (com.thoughtworks.go.plugin.api.response.DefaultGoApiResponse)1
Username (com.thoughtworks.go.server.domain.Username)1
HttpLocalizedOperationResult (com.thoughtworks.go.server.service.result.HttpLocalizedOperationResult)1
IOException (java.io.IOException)1
HashMap (java.util.HashMap)1
