Example 16 with UsernamePasswordAuthenticationToken
use of org.springframework.security.authentication.UsernamePasswordAuthenticationToken in project spring-security by spring-projects.
the class ContactManagerTests method makeActiveUser.
private void makeActiveUser(String username) {
String password = "";
if ("rod".equals(username)) {
password = "koala";
} else if ("dianne".equals(username)) {
password = "emu";
} else if ("scott".equals(username)) {
password = "wombat";
} else if ("peter".equals(username)) {
password = "opal";
}
Authentication authRequest = new UsernamePasswordAuthenticationToken(username, password);
SecurityContextHolder.getContext().setAuthentication(authRequest);
}
Also used :
Authentication(org.springframework.security.core.Authentication)
UsernamePasswordAuthenticationToken(org.springframework.security.authentication.UsernamePasswordAuthenticationToken)
Example 17 with UsernamePasswordAuthenticationToken
use of org.springframework.security.authentication.UsernamePasswordAuthenticationToken in project spring-security by spring-projects.
the class DmsIntegrationTests method process.
protected void process(String username, String password, boolean shouldBeFiltered) {
SecurityContextHolder.getContext().setAuthentication(new UsernamePasswordAuthenticationToken(username, password));
System.out.println("------ Test for username: " + username + " ------");
AbstractElement[] rootElements = this.documentDao.findElements(Directory.ROOT_DIRECTORY);
assertThat(rootElements.length).isEqualTo(3);
Directory homeDir = null;
Directory nonHomeDir = null;
for (int i = 0; i < rootElements.length; i++) {
if (rootElements[i].getName().equals(username)) {
homeDir = (Directory) rootElements[i];
} else {
nonHomeDir = (Directory) rootElements[i];
}
}
System.out.println("Home directory......: " + homeDir.getFullName());
System.out.println("Non-home directory..: " + nonHomeDir.getFullName());
AbstractElement[] homeElements = this.documentDao.findElements(homeDir);
// confidential and shared
assertThat(homeElements.length).isEqualTo(12);
// directories,
// plus 10 files
AbstractElement[] nonHomeElements = this.documentDao.findElements(nonHomeDir);
// cannot
assertThat(nonHomeElements.length).isEqualTo(shouldBeFiltered ? 11 : 12);
// see
// the user's
// "confidential"
// sub-directory
// when
// filtering
// Attempt to read the other user's confidential directory from the returned
// results
// Of course, we shouldn't find a "confidential" directory in the results if we're
// filtering
Directory nonHomeConfidentialDir = null;
for (int i = 0; i < nonHomeElements.length; i++) {
if (nonHomeElements[i].getName().equals("confidential")) {
nonHomeConfidentialDir = (Directory) nonHomeElements[i];
}
}
if (shouldBeFiltered) {
assertThat(nonHomeConfidentialDir).withFailMessage("Found confidential directory when we should not have").isNull();
} else {
System.out.println("Inaccessible dir....: " + nonHomeConfidentialDir.getFullName());
assertThat(this.documentDao.findElements(nonHomeConfidentialDir).length).isEqualTo(// 10
10);
// files
// (no
// sub-directories)
}
SecurityContextHolder.clearContext();
}
Also used :
AbstractElement(sample.dms.AbstractElement)
UsernamePasswordAuthenticationToken(org.springframework.security.authentication.UsernamePasswordAuthenticationToken)
Directory(sample.dms.Directory)
Example 18 with UsernamePasswordAuthenticationToken
use of org.springframework.security.authentication.UsernamePasswordAuthenticationToken in project spring-security-oauth by spring-projects.
the class JdbcClientTokenServicesTests method testSaveAndRemoveToken.
@Test
public void testSaveAndRemoveToken() throws Exception {
OAuth2AccessToken accessToken = new DefaultOAuth2AccessToken("FOO");
Authentication authentication = new UsernamePasswordAuthenticationToken("marissa", "koala");
AuthorizationCodeResourceDetails resource = new AuthorizationCodeResourceDetails();
resource.setClientId("client");
resource.setScope(Arrays.asList("foo", "bar"));
tokenStore.saveAccessToken(resource, authentication, accessToken);
tokenStore.removeAccessToken(resource, authentication);
// System.err.println(new JdbcTemplate(db).queryForList("select * from oauth_client_token"));
OAuth2AccessToken result = tokenStore.getAccessToken(resource, authentication);
assertNull(result);
}
Also used :
DefaultOAuth2AccessToken(org.springframework.security.oauth2.common.DefaultOAuth2AccessToken)
OAuth2AccessToken(org.springframework.security.oauth2.common.OAuth2AccessToken)
Authentication(org.springframework.security.core.Authentication)
UsernamePasswordAuthenticationToken(org.springframework.security.authentication.UsernamePasswordAuthenticationToken)
AuthorizationCodeResourceDetails(org.springframework.security.oauth2.client.token.grant.code.AuthorizationCodeResourceDetails)
DefaultOAuth2AccessToken(org.springframework.security.oauth2.common.DefaultOAuth2AccessToken)
Test(org.junit.Test)
Example 19 with UsernamePasswordAuthenticationToken
use of org.springframework.security.authentication.UsernamePasswordAuthenticationToken in project spring-security-oauth by spring-projects.
the class TokenApprovalStoreTests method addApprovals.
@Override
protected boolean addApprovals(Collection<Approval> approvals) {
Map<String, Map<String, Set<String>>> clientIds = new HashMap<String, Map<String, Set<String>>>();
for (Approval approval : approvals) {
String clientId = approval.getClientId();
if (!clientIds.containsKey(clientId)) {
clientIds.put(clientId, new HashMap<String, Set<String>>());
}
String userId = approval.getUserId();
Map<String, Set<String>> users = clientIds.get(clientId);
if (!users.containsKey(userId)) {
users.put(userId, new HashSet<String>());
}
Set<String> scopes = users.get(userId);
scopes.add(approval.getScope());
}
for (String clientId : clientIds.keySet()) {
Map<String, Set<String>> users = clientIds.get(clientId);
for (String userId : users.keySet()) {
Authentication user = new UsernamePasswordAuthenticationToken(userId, "N/A", AuthorityUtils.commaSeparatedStringToAuthorityList("USER"));
AuthorizationRequest authorizationRequest = new AuthorizationRequest();
authorizationRequest.setClientId(clientId);
Set<String> scopes = users.get(userId);
authorizationRequest.setScope(scopes);
OAuth2Request request = authorizationRequest.createOAuth2Request();
OAuth2Authentication authentication = new OAuth2Authentication(request, user);
DefaultOAuth2AccessToken token = new DefaultOAuth2AccessToken(UUID.randomUUID().toString());
token.setScope(scopes);
tokenStore.storeAccessToken(token, authentication);
}
}
return super.addApprovals(approvals);
}
Also used :
Set(java.util.Set)
HashSet(java.util.HashSet)
AuthorizationRequest(org.springframework.security.oauth2.provider.AuthorizationRequest)
HashMap(java.util.HashMap)
UsernamePasswordAuthenticationToken(org.springframework.security.authentication.UsernamePasswordAuthenticationToken)
DefaultOAuth2AccessToken(org.springframework.security.oauth2.common.DefaultOAuth2AccessToken)
OAuth2Request(org.springframework.security.oauth2.provider.OAuth2Request)
OAuth2Authentication(org.springframework.security.oauth2.provider.OAuth2Authentication)
Authentication(org.springframework.security.core.Authentication)
OAuth2Authentication(org.springframework.security.oauth2.provider.OAuth2Authentication)
HashMap(java.util.HashMap)
Map(java.util.Map)
Example 20 with UsernamePasswordAuthenticationToken
use of org.springframework.security.authentication.UsernamePasswordAuthenticationToken in project spring-security-oauth by spring-projects.
the class OAuth2AuthenticationTests method testSerialization.
@Test
public void testSerialization() {
OAuth2Authentication holder = new OAuth2Authentication(new AuthorizationRequest("client", Arrays.asList("read")).createOAuth2Request(), new UsernamePasswordAuthenticationToken("user", "pwd"));
OAuth2Authentication other = (OAuth2Authentication) SerializationUtils.deserialize(SerializationUtils.serialize(holder));
assertEquals(holder, other);
}
Also used :
UsernamePasswordAuthenticationToken(org.springframework.security.authentication.UsernamePasswordAuthenticationToken)
Test(org.junit.Test)
Aggregations
UsernamePasswordAuthenticationToken (org.springframework.security.authentication.UsernamePasswordAuthenticationToken)293
Test (org.junit.Test)149
Authentication (org.springframework.security.core.Authentication)110
BadCredentialsException (org.springframework.security.authentication.BadCredentialsException)33
GrantedAuthority (org.springframework.security.core.GrantedAuthority)33
UserDetails (org.springframework.security.core.userdetails.UserDetails)32
OAuth2Authentication (org.springframework.security.oauth2.provider.OAuth2Authentication)27
SimpleGrantedAuthority (org.springframework.security.core.authority.SimpleGrantedAuthority)22
AuthenticationException (org.springframework.security.core.AuthenticationException)18
User (org.springframework.security.core.userdetails.User)16
SecurityContext (org.springframework.security.core.context.SecurityContext)15
OAuth2Request (org.springframework.security.oauth2.provider.OAuth2Request)15
OrcidProfileUserDetails (org.orcid.core.oauth.OrcidProfileUserDetails)13
AuthenticationManager (org.springframework.security.authentication.AuthenticationManager)13
UsernameNotFoundException (org.springframework.security.core.userdetails.UsernameNotFoundException)12
MockHttpServletRequest (org.springframework.mock.web.MockHttpServletRequest)11
SecurityContextImpl (org.springframework.security.core.context.SecurityContextImpl)11
ArrayList (java.util.ArrayList)10
Before (org.junit.Before)8
AccessDeniedException (org.springframework.security.access.AccessDeniedException)8
