Examples with AuthenticationContext org.wildfly.security.auth.client.AuthenticationContext used on opensource projects

Example 41 with AuthenticationContext

use of org.wildfly.security.auth.client.AuthenticationContext in project wildfly by wildfly.

the class BasicAuthnTestCase method testClientConfigProviderChooseCredentialsBasedOnDestination2.

/**
 * Test that ClientConfigProvider credentials are used when specified for requested  URL.
 */
@Test
public void testClientConfigProviderChooseCredentialsBasedOnDestination2(@ArquillianResource URL url) throws MalformedURLException {
    final URL servletUrl = new URL(url.toExternalForm() + "role1");
    AuthenticationConfiguration adminConfig = AuthenticationConfiguration.empty().useName("user1").usePassword("password1");
    AuthenticationContext context = AuthenticationContext.empty();
    context = context.with(MatchRule.ALL.matchHost(servletUrl.getHost()), adminConfig);
    context.run(() -> {
        ClientBuilder builder = ClientBuilder.newBuilder();
        Client client = builder.build();
        Response response = client.target(servletUrl.toString()).request().get();
        // will be authorized because we are calling hostname that credentials are set for
        Assert.assertEquals(SC_OK, response.getStatus());
        Assert.assertEquals("response was not GOOD", "GOOD", response.readEntity(String.class));
        client.close();
    });
}

Example 42 with AuthenticationContext

use of org.wildfly.security.auth.client.AuthenticationContext in project wildfly by wildfly.

the class BasicAuthnTestCase method testRESTEasyClientUsesElytronConfigAuthenticatedUser.

/**
 *  Test that RESTEasy client successfully uses Elytron client configuration to authenticate to the secured server with HTTP BASIC auth.
 */
@Test
public void testRESTEasyClientUsesElytronConfigAuthenticatedUser(@ArquillianResource URL url) throws MalformedURLException {
    final URL servletUrl = new URL(url.toExternalForm() + "role1");
    AuthenticationConfiguration adminConfig = AuthenticationConfiguration.empty().useName("user1").usePassword("password1");
    AuthenticationContext context = AuthenticationContext.empty();
    context = context.with(MatchRule.ALL, adminConfig);
    context.run(() -> {
        ClientBuilder builder = ClientBuilder.newBuilder();
        Client client = builder.build();
        Response response = client.target(servletUrl.toString()).request().get();
        Assert.assertEquals(SC_OK, response.getStatus());
        client.close();
    });
}

Example 43 with AuthenticationContext

use of org.wildfly.security.auth.client.AuthenticationContext in project wildfly by wildfly.

the class BasicAuthnTestCase method testClientConfigProviderChooseCredentialsBasedOnDestination.

/**
 * Test that Elytron config credentials are not used when specified for different destination of the request.
 */
@Test
public void testClientConfigProviderChooseCredentialsBasedOnDestination(@ArquillianResource URL url) throws MalformedURLException {
    final URL servletUrl = new URL(url.toExternalForm() + "role1");
    AuthenticationConfiguration adminConfig = AuthenticationConfiguration.empty().useName("user1").usePassword("password1");
    AuthenticationContext context = AuthenticationContext.empty();
    context = context.with(MatchRule.ALL.matchHost("www.some-example.com"), adminConfig);
    context.run(() -> {
        ClientBuilder builder = ClientBuilder.newBuilder();
        Client client = builder.build();
        Response response = client.target(servletUrl.toString()).request().get();
        // will be unauthorized because credentials were set for different hostname than we are calling
        Assert.assertEquals(SC_UNAUTHORIZED, response.getStatus());
        client.close();
    });
}

Example 44 with AuthenticationContext

use of org.wildfly.security.auth.client.AuthenticationContext in project quickstart by wildfly.

the class RemoteClient method main.

public static void main(String[] args) throws Exception {
    // invoke the intermediate bean using the identity configured in wildfly-config.xml
    invokeIntermediateBean();
    // now lets programmatically setup an authentication context to switch users before invoking the intermediate bean
    AuthenticationConfiguration superUser = AuthenticationConfiguration.empty().setSaslMechanismSelector(SaslMechanismSelector.NONE.addMechanism("PLAIN")).useName("quickstartAdmin").usePassword("adminPwd1!");
    final AuthenticationContext authCtx = AuthenticationContext.empty().with(MatchRule.ALL, superUser);
    AuthenticationContext.getContextManager().setThreadDefault(authCtx);
    invokeIntermediateBean();
}

Example 45 with AuthenticationContext

use of org.wildfly.security.auth.client.AuthenticationContext in project wildfly by wildfly.

the class ElytronSASClientInterceptor method createInitialContextToken.

/**
 * Create an encoded {@link InitialContextToken} with an username/password pair obtained from an Elytron client configuration
 * matched by the specified {@link URI}.
 *
 * @param uri the target {@link URI}.
 * @param secMech a reference to the {@link CompoundSecMech} that was found in the {@link ClientRequestInfo}.
 * @return the encoded {@link InitialContextToken}, if a valid username is obtained from the matched configuration;
 *         an empty {@code byte[]} otherwise;
 * @throws Exception if an error occurs while building the encoded {@link InitialContextToken}.
 */
private byte[] createInitialContextToken(final URI uri, final CompoundSecMech secMech) throws Exception {
    AuthenticationContext authContext = this.authContext == null ? AuthenticationContext.captureCurrent() : this.authContext;
    // obtain the configuration that matches the URI.
    final AuthenticationConfiguration configuration = AUTH_CONFIG_CLIENT.getAuthenticationConfiguration(uri, authContext, -1, null, null);
    // get the callback handler from the configuration and use it to obtain a username/password pair.
    final CallbackHandler handler = AUTH_CONFIG_CLIENT.getCallbackHandler(configuration);
    final NameCallback nameCallback = new NameCallback("Username: ");
    final PasswordCallback passwordCallback = new PasswordCallback("Password: ", false);
    try {
        handler.handle(new Callback[] { nameCallback, passwordCallback });
    } catch (UnsupportedCallbackException e) {
        return NO_AUTHENTICATION_TOKEN;
    }
    // if the name callback contains a valid username we create the initial context token.
    if (nameCallback.getName() != null && !nameCallback.getName().equals(AnonymousPrincipal.getInstance().getName())) {
        byte[] encodedTargetName = secMech.as_context_mech.target_name;
        String name = nameCallback.getName();
        if (name.indexOf('@') < 0) {
            byte[] decodedTargetName = CSIv2Util.decodeGssExportedName(encodedTargetName);
            String targetName = new String(decodedTargetName, StandardCharsets.UTF_8);
            // "@default"
            name += "@" + targetName;
        }
        byte[] username = name.getBytes(StandardCharsets.UTF_8);
        byte[] password = {};
        if (passwordCallback.getPassword() != null)
            password = new String(passwordCallback.getPassword()).getBytes(StandardCharsets.UTF_8);
        // create the initial context token and ASN.1-encode it, as defined in RFC 2743.
        InitialContextToken authenticationToken = new InitialContextToken(username, password, encodedTargetName);
        return CSIv2Util.encodeInitialContextToken(authenticationToken, codec);
    }
    return NO_AUTHENTICATION_TOKEN;
}