Search in sources :

Example 81 with Authentication

use of org.springframework.security.core.Authentication in project spring-security by spring-projects.

the class ProviderManagerTests method detailsAreSetOnAuthenticationTokenIfNotAlreadySetByProvider.

@Test
public void detailsAreSetOnAuthenticationTokenIfNotAlreadySetByProvider() throws Exception {
    Object details = new Object();
    ProviderManager authMgr = makeProviderManager();
    TestingAuthenticationToken request = createAuthenticationToken();
    request.setDetails(details);
    Authentication result = authMgr.authenticate(request);
    assertThat(result.getCredentials()).isNotNull();
    assertThat(result.getDetails()).isSameAs(details);
}
Also used : Authentication(org.springframework.security.core.Authentication) Test(org.junit.Test)

Example 82 with Authentication

use of org.springframework.security.core.Authentication in project spring-security by spring-projects.

the class ProviderManagerTests method credentialsAreClearedByDefault.

@Test
public void credentialsAreClearedByDefault() throws Exception {
    UsernamePasswordAuthenticationToken token = new UsernamePasswordAuthenticationToken("Test", "Password");
    ProviderManager mgr = makeProviderManager();
    Authentication result = mgr.authenticate(token);
    assertThat(result.getCredentials()).isNull();
    mgr.setEraseCredentialsAfterAuthentication(false);
    token = new UsernamePasswordAuthenticationToken("Test", "Password");
    result = mgr.authenticate(token);
    assertThat(result.getCredentials()).isNotNull();
}
Also used : Authentication(org.springframework.security.core.Authentication) Test(org.junit.Test)

Example 83 with Authentication

use of org.springframework.security.core.Authentication in project spring-security by spring-projects.

the class ProviderManagerTests method detailsAreNotSetOnAuthenticationTokenIfAlreadySetByProvider.

@Test
public void detailsAreNotSetOnAuthenticationTokenIfAlreadySetByProvider() throws Exception {
    Object requestDetails = "(Request Details)";
    final Object resultDetails = "(Result Details)";
    // A provider which sets the details object
    AuthenticationProvider provider = new AuthenticationProvider() {

        public Authentication authenticate(Authentication authentication) throws AuthenticationException {
            ((TestingAuthenticationToken) authentication).setDetails(resultDetails);
            return authentication;
        }

        public boolean supports(Class<?> authentication) {
            return true;
        }
    };
    ProviderManager authMgr = new ProviderManager(Arrays.asList(provider));
    TestingAuthenticationToken request = createAuthenticationToken();
    request.setDetails(requestDetails);
    Authentication result = authMgr.authenticate(request);
    assertThat(result.getDetails()).isEqualTo(resultDetails);
}
Also used : Authentication(org.springframework.security.core.Authentication) Test(org.junit.Test)

Example 84 with Authentication

use of org.springframework.security.core.Authentication in project spring-security by spring-projects.

the class ProviderManagerTests method authenticationExceptionFromParentOverridesPreviousOnes.

@Test
public void authenticationExceptionFromParentOverridesPreviousOnes() throws Exception {
    AuthenticationManager parent = mock(AuthenticationManager.class);
    ProviderManager mgr = new ProviderManager(Arrays.asList(createProviderWhichThrows(new BadCredentialsException(""))), parent);
    final Authentication authReq = mock(Authentication.class);
    AuthenticationEventPublisher publisher = mock(AuthenticationEventPublisher.class);
    mgr.setAuthenticationEventPublisher(publisher);
    // Set a provider that throws an exception - this is the exception we expect to be
    // propagated
    final BadCredentialsException expected = new BadCredentialsException("I'm the one from the parent");
    when(parent.authenticate(authReq)).thenThrow(expected);
    try {
        mgr.authenticate(authReq);
        fail("Expected exception");
    } catch (BadCredentialsException e) {
        assertThat(e).isSameAs(expected);
    }
    verify(publisher).publishAuthenticationFailure(expected, authReq);
}
Also used : Authentication(org.springframework.security.core.Authentication) Test(org.junit.Test)

Example 85 with Authentication

use of org.springframework.security.core.Authentication in project spring-security by spring-projects.

the class ProviderManagerTests method authenticationExceptionIsIgnoredIfLaterProviderAuthenticates.

@Test
public void authenticationExceptionIsIgnoredIfLaterProviderAuthenticates() throws Exception {
    final Authentication authReq = mock(Authentication.class);
    ProviderManager mgr = new ProviderManager(Arrays.asList(createProviderWhichThrows(new BadCredentialsException("", new Throwable())), createProviderWhichReturns(authReq)));
    assertThat(mgr.authenticate(mock(Authentication.class))).isSameAs(authReq);
}
Also used : Authentication(org.springframework.security.core.Authentication) Test(org.junit.Test)

Aggregations

Authentication (org.springframework.security.core.Authentication)498 Test (org.junit.Test)192 UsernamePasswordAuthenticationToken (org.springframework.security.authentication.UsernamePasswordAuthenticationToken)114 OAuth2Authentication (org.springframework.security.oauth2.provider.OAuth2Authentication)98 TestingAuthenticationToken (org.springframework.security.authentication.TestingAuthenticationToken)75 SecurityContext (org.springframework.security.core.context.SecurityContext)63 OAuth2Request (org.springframework.security.oauth2.provider.OAuth2Request)57 GrantedAuthority (org.springframework.security.core.GrantedAuthority)50 MockHttpServletRequest (org.springframework.mock.web.MockHttpServletRequest)47 SecurityContextImpl (org.springframework.security.core.context.SecurityContextImpl)42 MifosUser (org.mifos.security.MifosUser)38 MockHttpServletResponse (org.springframework.mock.web.MockHttpServletResponse)34 HttpServletRequest (javax.servlet.http.HttpServletRequest)32 SimpleGrantedAuthority (org.springframework.security.core.authority.SimpleGrantedAuthority)32 AuthenticationException (org.springframework.security.core.AuthenticationException)31 UserDetails (org.springframework.security.core.userdetails.UserDetails)31 MifosUserBuilder (org.mifos.builders.MifosUserBuilder)29 HashMap (java.util.HashMap)27 HttpServletResponse (javax.servlet.http.HttpServletResponse)27 OAuth2AccessToken (org.springframework.security.oauth2.common.OAuth2AccessToken)25