Search in sources :

Example 11 with AnonymousAuthenticationToken

use of org.springframework.security.authentication.AnonymousAuthenticationToken in project spring-security by spring-projects.

the class SpringSecurityAuthenticationSource method getPrincipal.

/**
	 * Get the principals of the logged in user, in this case the distinguished name.
	 *
	 * @return the distinguished name of the logged in user.
	 */
public String getPrincipal() {
    Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
    if (authentication == null) {
        log.warn("No Authentication object set in SecurityContext - returning empty String as Principal");
        return "";
    }
    Object principal = authentication.getPrincipal();
    if (principal instanceof LdapUserDetails) {
        LdapUserDetails details = (LdapUserDetails) principal;
        return details.getDn();
    } else if (authentication instanceof AnonymousAuthenticationToken) {
        if (log.isDebugEnabled()) {
            log.debug("Anonymous Authentication, returning empty String as Principal");
        }
        return "";
    } else {
        throw new IllegalArgumentException("The principal property of the authentication object" + "needs to be an LdapUserDetails.");
    }
}
Also used : Authentication(org.springframework.security.core.Authentication) LdapUserDetails(org.springframework.security.ldap.userdetails.LdapUserDetails) AnonymousAuthenticationToken(org.springframework.security.authentication.AnonymousAuthenticationToken)

Example 12 with AnonymousAuthenticationToken

use of org.springframework.security.authentication.AnonymousAuthenticationToken in project ORCID-Source by ORCID.

the class StatsApiServiceBaseImplTest method init.

@Before
public void init() {
    // create our mock data
    List<StatisticValuesEntity> statsTimelineValues = new ArrayList<StatisticValuesEntity>();
    List<StatisticValuesEntity> statsSummaryValues = new ArrayList<StatisticValuesEntity>();
    StatisticValuesEntity a = new StatisticValuesEntity();
    a.setId(1l);
    a.setStatisticName(StatisticsEnum.KEY_LIVE_IDS.value());
    a.setStatisticValue(100l);
    StatisticKeyEntity akey = new StatisticKeyEntity();
    akey.setGenerationDate(new Date(2000, 1, 1));
    akey.setId(200L);
    a.setKey(akey);
    StatisticValuesEntity b = new StatisticValuesEntity();
    b.setId(1l);
    b.setStatisticName(StatisticsEnum.KEY_LIVE_IDS.value());
    b.setStatisticValue(101l);
    StatisticKeyEntity bkey = new StatisticKeyEntity();
    bkey.setGenerationDate(new Date(1999, 1, 1));
    bkey.setId(201L);
    b.setKey(bkey);
    StatisticValuesEntity c = new StatisticValuesEntity();
    c.setId(1l);
    c.setStatisticName(StatisticsEnum.KEY_NUMBER_OF_WORKS.value());
    c.setStatisticValue(102l);
    c.setKey(akey);
    statsTimelineValues.add(a);
    statsTimelineValues.add(b);
    statsSummaryValues.add(a);
    statsSummaryValues.add(c);
    // mock the methods used
    when(statisticsDao.getLatestKey()).thenReturn(akey);
    when(statisticsDao.getStatistic(StatisticsEnum.KEY_LIVE_IDS.value())).thenReturn(statsTimelineValues);
    when(statisticsDao.getStatistic(200l)).thenReturn(statsSummaryValues);
    // mock the methods used
    StatisticKeyEntity key200 = new StatisticKeyEntity();
    key200.setId(200L);
    key200.setGenerationDate(new Date(2000, 1, 1));
    StatisticKeyEntity key201 = new StatisticKeyEntity();
    key201.setId(201L);
    key201.setGenerationDate(new Date(1999, 1, 1));
    when(statisticsDao.getKey(200L)).thenReturn(key200);
    when(statisticsDao.getKey(201L)).thenReturn(key201);
    TargetProxyHelper.injectIntoProxy(statsManagerReadOnly, "statisticsDaoReadOnly", statisticsDao);
    // setup security context
    ArrayList<GrantedAuthority> roles = new ArrayList<GrantedAuthority>();
    roles.add(new SimpleGrantedAuthority("ROLE_ANONYMOUS"));
    Authentication auth = new AnonymousAuthenticationToken("anonymous", "anonymous", roles);
    SecurityContextHolder.getContext().setAuthentication(auth);
}
Also used : SimpleGrantedAuthority(org.springframework.security.core.authority.SimpleGrantedAuthority) StatisticValuesEntity(org.orcid.statistics.jpa.entities.StatisticValuesEntity) StatisticKeyEntity(org.orcid.statistics.jpa.entities.StatisticKeyEntity) Authentication(org.springframework.security.core.Authentication) SimpleGrantedAuthority(org.springframework.security.core.authority.SimpleGrantedAuthority) GrantedAuthority(org.springframework.security.core.GrantedAuthority) ArrayList(java.util.ArrayList) AnonymousAuthenticationToken(org.springframework.security.authentication.AnonymousAuthenticationToken) Date(java.util.Date) Before(org.junit.Before)

Example 13 with AnonymousAuthenticationToken

use of org.springframework.security.authentication.AnonymousAuthenticationToken in project midpoint by Evolveum.

the class MidpointRestSecurityQuestionsAuthenticator method createAuthenticationContext.

@Override
protected SecurityQuestionsAuthenticationContext createAuthenticationContext(AuthorizationPolicy policy, ContainerRequestContext requestCtx) {
    JsonFactory f = new JsonFactory();
    ObjectMapper mapper = new ObjectMapper(f);
    JsonNode node = null;
    try {
        node = mapper.readTree(policy.getAuthorization());
    } catch (IOException e) {
        RestServiceUtil.createSecurityQuestionAbortMessage(requestCtx, "{" + USER_CHALLENGE + "}");
        return null;
    }
    JsonNode userNameNode = node.findPath("user");
    if (userNameNode instanceof MissingNode) {
        RestServiceUtil.createSecurityQuestionAbortMessage(requestCtx, "{" + USER_CHALLENGE + "}");
        return null;
    }
    String userName = userNameNode.asText();
    policy.setUserName(userName);
    JsonNode answerNode = node.findPath("answer");
    if (answerNode instanceof MissingNode) {
        SecurityContextHolder.getContext().setAuthentication(new AnonymousAuthenticationToken("restapi", "REST", AuthorityUtils.createAuthorityList("ROLE_ANONYMOUS")));
        SearchResultList<PrismObject<UserType>> users = null;
        try {
            users = searchUser(userName);
        } finally {
            SecurityContextHolder.getContext().setAuthentication(null);
        }
        if (users.size() != 1) {
            requestCtx.abortWith(Response.status(Status.UNAUTHORIZED).header("WWW-Authenticate", "Security question authentication failed. Incorrect username and/or password").build());
            return null;
        }
        PrismObject<UserType> user = users.get(0);
        PrismContainer<SecurityQuestionAnswerType> questionAnswerContainer = user.findContainer(SchemaConstants.PATH_SECURITY_QUESTIONS_QUESTION_ANSWER);
        if (questionAnswerContainer == null || questionAnswerContainer.isEmpty()) {
            requestCtx.abortWith(Response.status(Status.UNAUTHORIZED).header("WWW-Authenticate", "Security question authentication failed. Incorrect username and/or password").build());
            return null;
        }
        String questionChallenge = "";
        List<SecurityQuestionDefinitionType> questions = null;
        try {
            SecurityContextHolder.getContext().setAuthentication(new AnonymousAuthenticationToken("restapi", "REST", AuthorityUtils.createAuthorityList("ROLE_ANONYMOUS")));
            questions = getQuestions(user);
        } finally {
            SecurityContextHolder.getContext().setAuthentication(null);
        }
        Collection<SecurityQuestionAnswerType> questionAnswers = questionAnswerContainer.getRealValues();
        Iterator<SecurityQuestionAnswerType> questionAnswerIterator = questionAnswers.iterator();
        while (questionAnswerIterator.hasNext()) {
            SecurityQuestionAnswerType questionAnswer = questionAnswerIterator.next();
            SecurityQuestionDefinitionType question = questions.stream().filter(q -> q.getIdentifier().equals(questionAnswer.getQuestionIdentifier())).findFirst().get();
            String challenge = QUESTION.replace(Q_ID, question.getIdentifier());
            questionChallenge += challenge.replace(Q_TXT, question.getQuestionText());
            if (questionAnswerIterator.hasNext()) {
                questionChallenge += ",";
            }
        }
        String userChallenge = USER_CHALLENGE.replace("username", userName);
        String challenge = "{" + userChallenge + ", \"answer\" : [" + questionChallenge + "]}";
        RestServiceUtil.createSecurityQuestionAbortMessage(requestCtx, challenge);
        return null;
    }
    ArrayNode answers = (ArrayNode) answerNode;
    Iterator<JsonNode> answersList = answers.elements();
    Map<String, String> questionAnswers = new HashMap<>();
    while (answersList.hasNext()) {
        JsonNode answer = answersList.next();
        String questionId = answer.findPath("qid").asText();
        String questionAnswer = answer.findPath("qans").asText();
        questionAnswers.put(questionId, questionAnswer);
    }
    return new SecurityQuestionsAuthenticationContext(userName, questionAnswers);
}
Also used : SecurityQuestionDefinitionType(com.evolveum.midpoint.xml.ns._public.common.common_3.SecurityQuestionDefinitionType) HashMap(java.util.HashMap) JsonFactory(com.fasterxml.jackson.core.JsonFactory) JsonNode(com.fasterxml.jackson.databind.JsonNode) MissingNode(com.fasterxml.jackson.databind.node.MissingNode) IOException(java.io.IOException) AnonymousAuthenticationToken(org.springframework.security.authentication.AnonymousAuthenticationToken) PrismObject(com.evolveum.midpoint.prism.PrismObject) SecurityQuestionsAuthenticationContext(com.evolveum.midpoint.model.api.context.SecurityQuestionsAuthenticationContext) ArrayNode(com.fasterxml.jackson.databind.node.ArrayNode) UserType(com.evolveum.midpoint.xml.ns._public.common.common_3.UserType) SecurityQuestionAnswerType(com.evolveum.midpoint.xml.ns._public.common.common_3.SecurityQuestionAnswerType) ObjectMapper(com.fasterxml.jackson.databind.ObjectMapper)

Example 14 with AnonymousAuthenticationToken

use of org.springframework.security.authentication.AnonymousAuthenticationToken in project ORCID-Source by ORCID.

the class SecurityContextTestUtils method setUpSecurityContextForAnonymous.

public static void setUpSecurityContextForAnonymous() {
    SecurityContextImpl securityContext = new SecurityContextImpl();
    ArrayList<GrantedAuthority> authorities = new ArrayList<>();
    authorities.add(new SimpleGrantedAuthority("ROLE_ANONYMOUS"));
    AnonymousAuthenticationToken anonToken = new AnonymousAuthenticationToken("testKey", "testToken", authorities);
    securityContext.setAuthentication(anonToken);
    SecurityContextHolder.setContext(securityContext);
}
Also used : SimpleGrantedAuthority(org.springframework.security.core.authority.SimpleGrantedAuthority) SecurityContextImpl(org.springframework.security.core.context.SecurityContextImpl) SimpleGrantedAuthority(org.springframework.security.core.authority.SimpleGrantedAuthority) GrantedAuthority(org.springframework.security.core.GrantedAuthority) ArrayList(java.util.ArrayList) AnonymousAuthenticationToken(org.springframework.security.authentication.AnonymousAuthenticationToken)

Example 15 with AnonymousAuthenticationToken

use of org.springframework.security.authentication.AnonymousAuthenticationToken in project ORCID-Source by ORCID.

the class PublicV2ApiServiceVersionedDelegatorTest method before.

@Before
public void before() {
    ArrayList<GrantedAuthority> roles = new ArrayList<GrantedAuthority>();
    roles.add(new SimpleGrantedAuthority("ROLE_ANONYMOUS"));
    Authentication auth = new AnonymousAuthenticationToken("anonymous", "anonymous", roles);
    SecurityContextHolder.getContext().setAuthentication(auth);
}
Also used : SimpleGrantedAuthority(org.springframework.security.core.authority.SimpleGrantedAuthority) Authentication(org.springframework.security.core.Authentication) SimpleGrantedAuthority(org.springframework.security.core.authority.SimpleGrantedAuthority) GrantedAuthority(org.springframework.security.core.GrantedAuthority) ArrayList(java.util.ArrayList) AnonymousAuthenticationToken(org.springframework.security.authentication.AnonymousAuthenticationToken) Before(org.junit.Before)

Aggregations

AnonymousAuthenticationToken (org.springframework.security.authentication.AnonymousAuthenticationToken)42 Test (org.junit.Test)20 Authentication (org.springframework.security.core.Authentication)15 GrantedAuthority (org.springframework.security.core.GrantedAuthority)8 ArrayList (java.util.ArrayList)7 SimpleGrantedAuthority (org.springframework.security.core.authority.SimpleGrantedAuthority)7 Before (org.junit.Before)6 MockHttpServletRequest (org.springframework.mock.web.MockHttpServletRequest)5 MockHttpServletResponse (org.springframework.mock.web.MockHttpServletResponse)5 SecurityContext (org.springframework.security.core.context.SecurityContext)4 PrepareForTest (org.powermock.core.classloader.annotations.PrepareForTest)3 TestingAuthenticationToken (org.springframework.security.authentication.TestingAuthenticationToken)3 HttpServletRequest (javax.servlet.http.HttpServletRequest)2 HttpServletResponse (javax.servlet.http.HttpServletResponse)2 AccessDeniedException (org.springframework.security.access.AccessDeniedException)2 AnonymousAuthenticationProvider (org.springframework.security.authentication.AnonymousAuthenticationProvider)2 User (org.springframework.security.core.userdetails.User)2 UserDetails (org.springframework.security.core.userdetails.UserDetails)2 DefaultOAuth2AccessToken (org.springframework.security.oauth2.common.DefaultOAuth2AccessToken)2 OAuth2AccessToken (org.springframework.security.oauth2.common.OAuth2AccessToken)2