Examples with BearerTokenCredential org.wildfly.security.credential.BearerTokenCredential used on opensource projects

Example 6 with BearerTokenCredential

use of org.wildfly.security.credential.BearerTokenCredential in project wildfly by wildfly.

the class ClientConfigProviderBearerTokenTest method testClientChooseCorrectBearerToken.

/**
 * Test that request does choose bearer token based on destination of the request.
 * This test will fail since bearer token was set on different URL.
 */
@Test
public void testClientChooseCorrectBearerToken() {
    AuthenticationContext previousAuthContext = AuthenticationContext.getContextManager().getGlobalDefault();
    try {
        BearerTokenCredential bearerTokenCredential = new BearerTokenCredential("myTestToken");
        AuthenticationConfiguration adminConfig = AuthenticationConfiguration.empty().useBearerTokenCredential(bearerTokenCredential);
        AuthenticationContext context = AuthenticationContext.empty();
        context = context.with(MatchRule.ALL.matchHost("www.redhat.com"), adminConfig);
        AuthenticationContext.getContextManager().setGlobalDefault(context);
        context.run(() -> {
            ClientBuilder builder = ClientBuilder.newBuilder();
            Client client = builder.build();
            try {
                client.target(dummyUrl.toString()).register(ClientConfigProviderBearerTokenAbortFilter.class).request().get();
                fail("Configuration not found ex should be thrown.");
            } catch (Exception e) {
                assertTrue(e.getMessage().contains("The request authorization header is not correct expected:<Bearer myTestToken> but was:<null>"));
            } finally {
                client.close();
            }
        });
    } finally {
        AuthenticationContext.getContextManager().setGlobalDefault(previousAuthContext);
    }
}

Example 7 with BearerTokenCredential

use of org.wildfly.security.credential.BearerTokenCredential in project wildfly by wildfly.

the class ClientConfigProviderBearerTokenTest method testClientWithBearerTokenAndCredentials.

/**
 * Test that RESTEasy client uses Bearer token auth and not HTTP BASIC if both username with password and bearer token are present in Elytron client config.
 * This is done with registered filter that checks Authorization header.
 */
@Test
public void testClientWithBearerTokenAndCredentials() {
    AuthenticationContext previousAuthContext = AuthenticationContext.getContextManager().getGlobalDefault();
    try {
        BearerTokenCredential bearerTokenCredential = new BearerTokenCredential("myTestToken");
        AuthenticationConfiguration adminConfig = AuthenticationConfiguration.empty().useName("username").usePassword("password").useBearerTokenCredential(bearerTokenCredential);
        AuthenticationContext context = AuthenticationContext.empty();
        context = context.with(MatchRule.ALL, adminConfig);
        AuthenticationContext.getContextManager().setGlobalDefault(context);
        context.run(() -> {
            ClientBuilder builder = ClientBuilder.newBuilder();
            Client client = builder.build();
            Response response = client.target(dummyUrl.toString()).register(ClientConfigProviderBearerTokenAbortFilter.class).request().get();
            Assert.assertEquals(SC_OK, response.getStatus());
            client.close();
        });
    } finally {
        AuthenticationContext.getContextManager().setGlobalDefault(previousAuthContext);
    }
}

Example 8 with BearerTokenCredential

use of org.wildfly.security.credential.BearerTokenCredential in project wildfly by wildfly.

the class ClientConfigProviderBearerTokenTest method testClientWithBearerToken.

/**
 * Test that bearer token is loaded from Elytron client config and is used in Authorization header.
 * This is done with registered filter that checks Authorization header.
 */
@Test
public void testClientWithBearerToken() {
    AuthenticationContext previousAuthContext = AuthenticationContext.getContextManager().getGlobalDefault();
    try {
        BearerTokenCredential bearerTokenCredential = new BearerTokenCredential("myTestToken");
        AuthenticationConfiguration adminConfig = AuthenticationConfiguration.empty().useBearerTokenCredential(bearerTokenCredential);
        AuthenticationContext context = AuthenticationContext.empty();
        context = context.with(MatchRule.ALL, adminConfig);
        AuthenticationContext.getContextManager().setGlobalDefault(context);
        context.run(() -> {
            ClientBuilder builder = ClientBuilder.newBuilder();
            Client client = builder.build();
            Response response = client.target(dummyUrl.toString()).register(ClientConfigProviderBearerTokenAbortFilter.class).request().get();
            Assert.assertEquals(SC_OK, response.getStatus());
            client.close();
        });
    } finally {
        AuthenticationContext.getContextManager().setGlobalDefault(previousAuthContext);
    }
}

Example 9 with BearerTokenCredential

use of org.wildfly.security.credential.BearerTokenCredential in project wildfly by wildfly.

the class AbstractAuthenticationForwardingTestCase method testServer2ExceptionFromForwardedAuthn.

/**
 * Test propagation of Server2Exception (unknown on server1) back to server1 during a call using the authentication
 * forwarding.
 *
 * <pre>
 * When: Jakarta Enterprise Beans client calls EntryBean as admin user and Elytron AuthenticationContext API is used to
 *       authentication forwarding to WhoAmIBean call with "server" user used as caller server identity
 * Then: WhoAmIBean.throwServer2Exception call should result in expected ClassNotFoundException.
 * </pre>
 */
@Test
public void testServer2ExceptionFromForwardedAuthn() throws Exception {
    String[] doubleWhoAmI = AuthenticationContext.empty().with(MatchRule.ALL, AuthenticationConfiguration.empty().setSaslMechanismSelector(SaslMechanismSelector.ALL).useBearerTokenCredential(new BearerTokenCredential(createJwtToken("admin")))).runCallable(getWhoAmIAndServer2ExceptionCallable(ReAuthnType.FORWARDED_AUTHENTICATION, null, null));
    assertNotNull("The entryBean.whoAmIAndServer2Exception() should return not-null instance", doubleWhoAmI);
    assertEquals("admin", doubleWhoAmI[0]);
    assertThat(doubleWhoAmI[1], isClassNotFoundException_Server2Exception());
}

Example 10 with BearerTokenCredential

use of org.wildfly.security.credential.BearerTokenCredential in project wildfly by wildfly.

the class AbstractAuthenticationForwardingTestCase method testOauthbearerPropagationInsufficientRolesFails.

/**
 * Test the authentication propagation (credentials forwarding) fails for OAUTHBEARER SASL mechanism when user has
 * insufficient roles for the call.
 *
 * <pre>
 * When: Jakarta Enterprise Beans client calls EntryBean with valid OAuth bearer token of "entry" user. The
 *       authentication forwarding is configured and WhoAmIBean is called
 * Then: the WhoAmIBean call fails as the "entry" user has not roles allowed for the call
 * </pre>
 */
@Test
public void testOauthbearerPropagationInsufficientRolesFails() throws Exception {
    String[] doubleWhoAmI = AuthenticationContext.empty().with(MatchRule.ALL, AuthenticationConfiguration.empty().setSaslMechanismSelector(SaslMechanismSelector.ALL).useBearerTokenCredential(new BearerTokenCredential(createJwtToken("entry")))).runCallable(getDoubleWhoAmICallable(ReAuthnType.FORWARDED_AUTHENTICATION, null, null));
    assertNotNull("The entryBean.doubleWhoAmI() should return not-null instance", doubleWhoAmI);
    assertEquals("The result of doubleWhoAmI() has wrong lenght", 2, doubleWhoAmI.length);
    assertEquals("entry", doubleWhoAmI[0]);
    assertThat(doubleWhoAmI[1], isEjbAccessException());
}