use of org.springframework.security.core.authority.SimpleGrantedAuthority in project ORCID-Source by ORCID.
the class OrcidAuthorizationCodeServiceTest method getAuthorizationRequest.
public AuthorizationRequest getAuthorizationRequest(String clientId) {
Set<GrantedAuthority> grantedAuthorities = new HashSet<GrantedAuthority>(Arrays.asList(new SimpleGrantedAuthority("ROLE_USER")));
Set<String> resourceIds = new HashSet<>();
resourceIds.add("orcid");
Map<String, String> params = new HashMap<String, String>();
params.put(OAuth2Utils.CLIENT_ID, clientId);
params.put(OAuth2Utils.SCOPE, "a-scope");
AuthorizationRequest authorizationRequest = oAuth2RequestFactory.createAuthorizationRequest(params);
authorizationRequest.setAuthorities(grantedAuthorities);
authorizationRequest.setResourceIds(resourceIds);
return authorizationRequest;
}
use of org.springframework.security.core.authority.SimpleGrantedAuthority in project ORCID-Source by ORCID.
the class DefaultOAuthClientVisibilityTest method testCheckClientPermissionsAllowOnlyPublicAndLimitedVisibility.
@Test
@Transactional
@Rollback
public void testCheckClientPermissionsAllowOnlyPublicAndLimitedVisibility() throws Exception {
Set<String> resourceIds = new HashSet<String>(Arrays.asList("orcid"));
HashSet<GrantedAuthority> grantedAuthorities = new HashSet<GrantedAuthority>(Arrays.asList(new SimpleGrantedAuthority("ROLE_CLIENT")));
AuthorizationRequest request = new AuthorizationRequest("4444-4444-4444-4446", Arrays.asList("/orcid-bio/external-identifiers/create"));
request.setAuthorities(grantedAuthorities);
request.setResourceIds(resourceIds);
ProfileEntity entity = new ProfileEntity("4444-4444-4444-4446");
OrcidOauth2UserAuthentication oauth2UserAuthentication = new OrcidOauth2UserAuthentication(entity, true);
// we care only that an OAuth client request results in the correct
// visibilities
OrcidOAuth2Authentication oAuth2Authentication = new OrcidOAuth2Authentication(request, oauth2UserAuthentication, "made-up-token");
OrcidOauth2TokenDetail tokenDetail = new OrcidOauth2TokenDetail();
tokenDetail.setScope("/orcid-bio/external-identifiers/create");
tokenDetail.setDateCreated(new Date());
when(orcidOauth2TokenDetailService.findNonDisabledByTokenValue(any(String.class))).thenReturn(tokenDetail);
ScopePathType scopePathType = ScopePathType.ORCID_BIO_EXTERNAL_IDENTIFIERS_CREATE;
Set<Visibility> visibilitiesForClient = permissionChecker.obtainVisibilitiesForAuthentication(oAuth2Authentication, scopePathType, getOrcidMessage());
assertTrue(visibilitiesForClient.size() == 3);
assertTrue(visibilitiesForClient.contains(Visibility.LIMITED));
assertTrue(visibilitiesForClient.contains(Visibility.REGISTERED_ONLY));
assertTrue(visibilitiesForClient.contains(Visibility.PUBLIC));
}
use of org.springframework.security.core.authority.SimpleGrantedAuthority in project ORCID-Source by ORCID.
the class DefaultPermissionCheckerTest method testCheckPermissionsAuthenticationScopePathTypesAndOrcid.
@Test
public void testCheckPermissionsAuthenticationScopePathTypesAndOrcid() throws Exception {
Set<String> resourceIds = new HashSet<String>(Arrays.asList("orcid"));
HashSet<GrantedAuthority> grantedAuthorities = new HashSet<GrantedAuthority>(Arrays.asList(new SimpleGrantedAuthority("ROLE_CLIENT")));
AuthorizationRequest request = new AuthorizationRequest("4444-4444-4444-4441", Arrays.asList(ScopePathType.ORCID_BIO_READ_LIMITED.value()));
request.setAuthorities(grantedAuthorities);
request.setResourceIds(resourceIds);
OAuth2Authentication oAuth2Authentication = new OrcidOAuth2Authentication(request, null, "made-up-token");
ScopePathType requiredScope = ScopePathType.ORCID_BIO_READ_LIMITED;
defaultPermissionChecker.checkPermissions(oAuth2Authentication, requiredScope, "4444-4444-4444-4447");
}
use of org.springframework.security.core.authority.SimpleGrantedAuthority in project ORCID-Source by ORCID.
the class DefaultPermissionCheckerTest method testCheckUserPermissionsAuthenticationScopesOrcidAndOrcidMessageWhenWrongUser.
@Test(expected = AccessControlException.class)
@Transactional
@Rollback
public void testCheckUserPermissionsAuthenticationScopesOrcidAndOrcidMessageWhenWrongUser() throws Exception {
Set<String> resourceIds = new HashSet<String>(Arrays.asList("orcid"));
HashSet<GrantedAuthority> grantedAuthorities = new HashSet<GrantedAuthority>(Arrays.asList(new SimpleGrantedAuthority("ROLE_CLIENT")));
AuthorizationRequest request = new AuthorizationRequest("4444-4444-4444-4441", Arrays.asList("/orcid-bio/external-identifiers/create"));
request.setAuthorities(grantedAuthorities);
request.setResourceIds(resourceIds);
ProfileEntity entity = profileEntityManager.findByOrcid("4444-4444-4444-4445");
OrcidOauth2UserAuthentication oauth2UserAuthentication = new OrcidOauth2UserAuthentication(entity, true);
OAuth2Authentication oAuth2Authentication = new OrcidOAuth2Authentication(request, oauth2UserAuthentication, "made-up-token");
ScopePathType requiredScope = ScopePathType.ORCID_BIO_EXTERNAL_IDENTIFIERS_CREATE;
OrcidMessage orcidMessage = getOrcidMessage();
String messageOrcid = orcidMessage.getOrcidProfile().getOrcidIdentifier().getPath();
defaultPermissionChecker.checkPermissions(oAuth2Authentication, requiredScope, messageOrcid, orcidMessage);
}
use of org.springframework.security.core.authority.SimpleGrantedAuthority in project ORCID-Source by ORCID.
the class DefaultPermissionCheckerTest method testCheckPermissionsAuthenticationScopesAndOrcidMessage.
@Test
public void testCheckPermissionsAuthenticationScopesAndOrcidMessage() throws Exception {
Set<String> resourceIds = new HashSet<String>(Arrays.asList("orcid"));
HashSet<GrantedAuthority> grantedAuthorities = new HashSet<GrantedAuthority>(Arrays.asList(new SimpleGrantedAuthority("ROLE_CLIENT")));
AuthorizationRequest request = new AuthorizationRequest("4444-4444-4444-4441", Arrays.asList(ScopePathType.ORCID_WORKS_CREATE.value()));
request.setAuthorities(grantedAuthorities);
request.setResourceIds(resourceIds);
OAuth2Authentication oAuth2Authentication = new OrcidOAuth2Authentication(request, null, "made-up-token");
ScopePathType requiredScope = ScopePathType.ORCID_WORKS_CREATE;
OrcidMessage orcidMessage = getOrcidMessage();
defaultPermissionChecker.checkPermissions(oAuth2Authentication, requiredScope, orcidMessage);
}
Aggregations