Examples with AuthorizationDecision org.springframework.security.authorization.AuthorizationDecision used on opensource projects

Search in sources :

Example 11 with AuthorizationDecision

use of org.springframework.security.authorization.AuthorizationDecision in project spring-security by spring-projects.

the class PreAuthorizeAuthorizationManagerTests method checkRequiresUserWhenClassAnnotationsThenApplies.

@Test
public void checkRequiresUserWhenClassAnnotationsThenApplies() throws Exception {
    Supplier<Authentication> authentication = () -> new TestingAuthenticationToken("user", "password", "ROLE_USER");
    MockMethodInvocation methodInvocation = new MockMethodInvocation(new ClassLevelAnnotations(), ClassLevelAnnotations.class, "securedUser");
    PreAuthorizeAuthorizationManager manager = new PreAuthorizeAuthorizationManager();
    AuthorizationDecision decision = manager.check(authentication, methodInvocation);
    assertThat(decision.isGranted()).isTrue();
    authentication = () -> new TestingAuthenticationToken("user", "password", "ROLE_ADMIN");
    decision = manager.check(authentication, methodInvocation);
    assertThat(decision.isGranted()).isFalse();
}
Also used : AuthorizationDecision(org.springframework.security.authorization.AuthorizationDecision) TestAuthentication(org.springframework.security.authentication.TestAuthentication) Authentication(org.springframework.security.core.Authentication) MockMethodInvocation(org.springframework.security.access.intercept.method.MockMethodInvocation) TestingAuthenticationToken(org.springframework.security.authentication.TestingAuthenticationToken) Test(org.junit.jupiter.api.Test)

Example 12 with AuthorizationDecision

use of org.springframework.security.authorization.AuthorizationDecision in project spring-security by spring-projects.

the class SecuredAuthorizationManagerTests method checkRequiresUserWhenClassAnnotationsThenApplies.

@Test
public void checkRequiresUserWhenClassAnnotationsThenApplies() throws Exception {
    Supplier<Authentication> authentication = () -> new TestingAuthenticationToken("user", "password", "ROLE_USER");
    MockMethodInvocation methodInvocation = new MockMethodInvocation(new ClassLevelAnnotations(), ClassLevelAnnotations.class, "securedUser");
    SecuredAuthorizationManager manager = new SecuredAuthorizationManager();
    AuthorizationDecision decision = manager.check(authentication, methodInvocation);
    assertThat(decision.isGranted()).isTrue();
    authentication = () -> new TestingAuthenticationToken("user", "password", "ROLE_ADMIN");
    decision = manager.check(authentication, methodInvocation);
    assertThat(decision.isGranted()).isFalse();
}
Also used : AuthorizationDecision(org.springframework.security.authorization.AuthorizationDecision) TestAuthentication(org.springframework.security.authentication.TestAuthentication) Authentication(org.springframework.security.core.Authentication) MockMethodInvocation(org.springframework.security.access.intercept.method.MockMethodInvocation) TestingAuthenticationToken(org.springframework.security.authentication.TestingAuthenticationToken) Test(org.junit.jupiter.api.Test)

Example 13 with AuthorizationDecision

use of org.springframework.security.authorization.AuthorizationDecision in project spring-security by spring-projects.

the class SecuredAuthorizationManagerTests method checkSecuredUserOrAdminWhenRoleAdminThenGrantedDecision.

@Test
public void checkSecuredUserOrAdminWhenRoleAdminThenGrantedDecision() throws Exception {
    MockMethodInvocation methodInvocation = new MockMethodInvocation(new TestClass(), TestClass.class, "securedUserOrAdmin");
    SecuredAuthorizationManager manager = new SecuredAuthorizationManager();
    AuthorizationDecision decision = manager.check(TestAuthentication::authenticatedAdmin, methodInvocation);
    assertThat(decision).isNotNull();
    assertThat(decision.isGranted()).isTrue();
}
Also used : AuthorizationDecision(org.springframework.security.authorization.AuthorizationDecision) MockMethodInvocation(org.springframework.security.access.intercept.method.MockMethodInvocation) TestAuthentication(org.springframework.security.authentication.TestAuthentication) Test(org.junit.jupiter.api.Test)

Example 14 with AuthorizationDecision

use of org.springframework.security.authorization.AuthorizationDecision in project spring-security by spring-projects.

the class PayloadExchangeMatcherReactiveAuthorizationManagerTests method checkWhenGrantedThenGranted.

@Test
public void checkWhenGrantedThenGranted() {
    AuthorizationDecision expected = new AuthorizationDecision(true);
    given(this.authz.check(any(), any())).willReturn(Mono.just(expected));
    PayloadExchangeMatcherReactiveAuthorizationManager manager = PayloadExchangeMatcherReactiveAuthorizationManager.builder().add(new PayloadExchangeMatcherEntry<>(PayloadExchangeMatchers.anyExchange(), this.authz)).build();
    assertThat(manager.check(Mono.empty(), this.exchange).block()).isEqualTo(expected);
}
Also used : AuthorizationDecision(org.springframework.security.authorization.AuthorizationDecision) PayloadExchangeMatcherEntry(org.springframework.security.rsocket.util.matcher.PayloadExchangeMatcherEntry) Test(org.junit.jupiter.api.Test)

Example 15 with AuthorizationDecision

use of org.springframework.security.authorization.AuthorizationDecision in project spring-security by spring-projects.

the class PayloadExchangeMatcherReactiveAuthorizationManagerTests method checkWhenDeniedThenDenied.

@Test
public void checkWhenDeniedThenDenied() {
    AuthorizationDecision expected = new AuthorizationDecision(false);
    given(this.authz.check(any(), any())).willReturn(Mono.just(expected));
    PayloadExchangeMatcherReactiveAuthorizationManager manager = PayloadExchangeMatcherReactiveAuthorizationManager.builder().add(new PayloadExchangeMatcherEntry<>(PayloadExchangeMatchers.anyExchange(), this.authz)).build();
    assertThat(manager.check(Mono.empty(), this.exchange).block()).isEqualTo(expected);
}
Also used : AuthorizationDecision(org.springframework.security.authorization.AuthorizationDecision) PayloadExchangeMatcherEntry(org.springframework.security.rsocket.util.matcher.PayloadExchangeMatcherEntry) Test(org.junit.jupiter.api.Test)

Aggregations

AuthorizationDecision (org.springframework.security.authorization.AuthorizationDecision)39 Test (org.junit.jupiter.api.Test)36 MockMethodInvocation (org.springframework.security.access.intercept.method.MockMethodInvocation)27 TestAuthentication (org.springframework.security.authentication.TestAuthentication)27 TestingAuthenticationToken (org.springframework.security.authentication.TestingAuthenticationToken)13 Authentication (org.springframework.security.core.Authentication)13 PayloadExchangeMatcherEntry (org.springframework.security.rsocket.util.matcher.PayloadExchangeMatcherEntry)4 Assertions.assertThat (org.assertj.core.api.Assertions.assertThat)3 Supplier (java.util.function.Supplier)2 Assertions.assertThatIllegalArgumentException (org.assertj.core.api.Assertions.assertThatIllegalArgumentException)2 MockHttpServletRequest (org.springframework.mock.web.MockHttpServletRequest)2 AccessDeniedException (org.springframework.security.access.AccessDeniedException)2 AuthorityAuthorizationManager (org.springframework.security.authorization.AuthorityAuthorizationManager)2 MvcRequestMatcher (org.springframework.security.web.servlet.util.matcher.MvcRequestMatcher)2 AnyRequestMatcher (org.springframework.security.web.util.matcher.AnyRequestMatcher)2 ExtendWith (org.junit.jupiter.api.extension.ExtendWith)1 ArgumentMatchers.any (org.mockito.ArgumentMatchers.any)1 BDDMockito.given (org.mockito.BDDMockito.given)1 Mock (org.mockito.Mock)1 MockitoExtension (org.mockito.junit.jupiter.MockitoExtension)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial