Examples with BearerTokenCredential org.wildfly.security.credential.BearerTokenCredential used on opensource projects

Search in sources :

Example 1 with BearerTokenCredential

use of org.wildfly.security.credential.BearerTokenCredential in project wildfly by wildfly.

the class ClientConfigProviderBearerTokenTest method testClientChooseCorrectBearerToken2.

/**
 * Test that request does choose credentials based on destination of the request.
 * Test will succeed since Bearer token was set on requested URL.
 */
@Test
public void testClientChooseCorrectBearerToken2() {
    BearerTokenCredential bearerTokenCredential = new BearerTokenCredential("myTestToken");
    AuthenticationConfiguration authenticationConfiguration = AuthenticationConfiguration.empty().useBearerTokenCredential(bearerTokenCredential);
    AuthenticationContext context = AuthenticationContext.empty();
    context = context.with(MatchRule.ALL.matchHost("127.0.0.1"), authenticationConfiguration);
    context.run(() -> {
        ClientBuilder builder = ClientBuilder.newBuilder();
        Client client = builder.build();
        Response response = client.target("http://127.0.0.1").register(ClientConfigProviderBearerTokenAbortFilter.class).request().get();
        Assert.assertEquals(SC_OK, response.getStatus());
        client.close();
    });
}
Also used : AuthenticationConfiguration(org.wildfly.security.auth.client.AuthenticationConfiguration) Response(javax.ws.rs.core.Response) AuthenticationContext(org.wildfly.security.auth.client.AuthenticationContext) BearerTokenCredential(org.wildfly.security.credential.BearerTokenCredential) Client(javax.ws.rs.client.Client) RunAsClient(org.jboss.arquillian.container.test.api.RunAsClient) ClientBuilder(javax.ws.rs.client.ClientBuilder) Test(org.junit.Test)

Example 2 with BearerTokenCredential

use of org.wildfly.security.credential.BearerTokenCredential in project wildfly by wildfly.

the class BasicAuthnTestCase method testClientConfigBearerTokenIsIgnoredIfBasicSpecified.

/**
 * Test secured resource with correct credentials of user that is authorized to the resource.
 * Bearer token from ClientConfigProvider impl is ignored since credentials are specified for RESTEasy client.
 */
@Test
public void testClientConfigBearerTokenIsIgnoredIfBasicSpecified(@ArquillianResource URL url) throws MalformedURLException {
    final URL servletUrl = new URL(url.toExternalForm() + "role1");
    BearerTokenCredential bearerTokenCredential = new BearerTokenCredential("myTestToken");
    AuthenticationConfiguration adminConfig = AuthenticationConfiguration.empty().useBearerTokenCredential(bearerTokenCredential);
    AuthenticationContext context = AuthenticationContext.empty();
    context = context.with(MatchRule.ALL, adminConfig);
    context.run(() -> {
        ClientBuilder builder = ClientBuilder.newBuilder();
        Client client = builder.build();
        client.register(HttpAuthorization.basic("user1", "password1"));
        client.register(ClientConfigProviderBearerTokenAbortFilter.class);
        try {
            client.target(servletUrl.toString()).request().get();
            fail("Configuration not found ex should be thrown.");
        } catch (Exception e) {
            // check that bearer token was not added
            assertTrue(e.getMessage().contains("The request authorization header is not correct expected:<B[earer myTestToken]> but was:<B[asic"));
            client.close();
        }
    });
}
Also used : AuthenticationConfiguration(org.wildfly.security.auth.client.AuthenticationConfiguration) AuthenticationContext(org.wildfly.security.auth.client.AuthenticationContext) BearerTokenCredential(org.wildfly.security.credential.BearerTokenCredential) Client(javax.ws.rs.client.Client) RunAsClient(org.jboss.arquillian.container.test.api.RunAsClient) URL(java.net.URL) URISyntaxException(java.net.URISyntaxException) MalformedURLException(java.net.MalformedURLException) IOException(java.io.IOException) ClientBuilder(javax.ws.rs.client.ClientBuilder) Test(org.junit.Test)

Example 3 with BearerTokenCredential

use of org.wildfly.security.credential.BearerTokenCredential in project wildfly by wildfly.

the class AbstractAuthenticationForwardingTestCase method testOauthbearerPropagationPasses.

/**
 * Test the authentication propagation (credentials forwarding) works for OAUTHBEARER SASL mechanism.
 *
 * <pre>
 * When: Jakarta Enterprise Beans client calls EntryBean with valid OAuth bearer token of "admin" user. The
 *       authentication forwarding is configured and WhoAmIBean is called
 * Then: the bearer token is forwarded and WhoAmIBean call returns "admin" username
 * </pre>
 */
@Test
public void testOauthbearerPropagationPasses() throws Exception {
    String[] doubleWhoAmI = AuthenticationContext.empty().with(MatchRule.ALL, AuthenticationConfiguration.empty().setSaslMechanismSelector(SaslMechanismSelector.ALL).useBearerTokenCredential(new BearerTokenCredential(createJwtToken("admin")))).runCallable(getDoubleWhoAmICallable(ReAuthnType.FORWARDED_AUTHENTICATION, null, null));
    assertNotNull("The entryBean.doubleWhoAmI() should return not-null instance", doubleWhoAmI);
    assertArrayEquals("Unexpected principal names returned from doubleWhoAmI", new String[] { "admin", "admin" }, doubleWhoAmI);
}
Also used : BearerTokenCredential(org.wildfly.security.credential.BearerTokenCredential) Test(org.junit.Test)

Example 4 with BearerTokenCredential

use of org.wildfly.security.credential.BearerTokenCredential in project wildfly by wildfly.

the class AbstractAuthenticationForwardingTestCase method testIllegalStateExceptionFromForwardedAuthn.

/**
 * Test propagation of RuntimeException back to server1 during a call using the authentication forwarding.
 *
 * <pre>
 * When: Jakarta Enterprise Beans client calls EntryBean as admin user and Elytron AuthenticationContext API is used to
 *       authentication forwarding to WhoAmIBean call with "server" user used as caller server identity
 * Then: WhoAmIBean.throwIllegalStateException call should result in expected IllegalStateException.
 * </pre>
 */
@Test
public void testIllegalStateExceptionFromForwardedAuthn() throws Exception {
    String[] doubleWhoAmI = AuthenticationContext.empty().with(MatchRule.ALL, AuthenticationConfiguration.empty().setSaslMechanismSelector(SaslMechanismSelector.ALL).useBearerTokenCredential(new BearerTokenCredential(createJwtToken("admin")))).runCallable(getWhoAmIAndIllegalStateExceptionCallable(ReAuthnType.FORWARDED_AUTHENTICATION, null, null));
    assertNotNull("The entryBean.whoAmIAndIllegalStateException() should return not-null instance", doubleWhoAmI);
    assertEquals("admin", doubleWhoAmI[0]);
    assertThat(doubleWhoAmI[1], isExpectedIllegalStateException());
}
Also used : BearerTokenCredential(org.wildfly.security.credential.BearerTokenCredential) Test(org.junit.Test)

Example 5 with BearerTokenCredential

use of org.wildfly.security.credential.BearerTokenCredential in project wildfly by wildfly.

the class AbstractAuthenticationForwardingTestCase method testClientOauthbearerInsufficientRolesFails.

/**
 * Test the Jakarta Enterprise Beans call using OAUTHBEARER SASL mechanism authentication fails when user has insufficient roles for the call.
 *
 * <pre>
 * When: Jakarta Enterprise Beans client calls EntryBean with valid OAuth bearer token of "whoami" user
 * Then: the EntryBean call fails as the "whoami" user has not roles allowed for the call
 * </pre>
 */
@Test
public void testClientOauthbearerInsufficientRolesFails() throws Exception {
    try {
        AuthenticationContext.empty().with(MatchRule.ALL, AuthenticationConfiguration.empty().setSaslMechanismSelector(SaslMechanismSelector.ALL).useBearerTokenCredential(new BearerTokenCredential(createJwtToken("whoami")))).runCallable(getDoubleWhoAmICallable(ReAuthnType.FORWARDED_AUTHENTICATION, null, null));
        fail("Call to the protected bean should fail");
    } catch (EJBAccessException e) {
    // OK - expected
    }
}
Also used : BearerTokenCredential(org.wildfly.security.credential.BearerTokenCredential) EJBAccessException(javax.ejb.EJBAccessException) Test(org.junit.Test)

Aggregations

BearerTokenCredential (org.wildfly.security.credential.BearerTokenCredential)11 Test (org.junit.Test)10 Client (javax.ws.rs.client.Client)5 ClientBuilder (javax.ws.rs.client.ClientBuilder)5 RunAsClient (org.jboss.arquillian.container.test.api.RunAsClient)5 AuthenticationConfiguration (org.wildfly.security.auth.client.AuthenticationConfiguration)5 AuthenticationContext (org.wildfly.security.auth.client.AuthenticationContext)5 Response (javax.ws.rs.core.Response)3 IOException (java.io.IOException)2 MalformedURLException (java.net.MalformedURLException)1 URISyntaxException (java.net.URISyntaxException)1 URL (java.net.URL)1 Principal (java.security.Principal)1 EJBAccessException (javax.ejb.EJBAccessException)1 UnsupportedCallbackException (javax.security.auth.callback.UnsupportedCallbackException)1 AuthorizeCallback (javax.security.sasl.AuthorizeCallback)1 KeycloakPrincipal (org.keycloak.KeycloakPrincipal)1 EvidenceVerifyCallback (org.wildfly.security.auth.callback.EvidenceVerifyCallback)1 IdentityCredentialCallback (org.wildfly.security.auth.callback.IdentityCredentialCallback)1 SecurityIdentityCallback (org.wildfly.security.auth.callback.SecurityIdentityCallback)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial