Example 81 with Context
use of org.zaproxy.zap.model.Context in project zaproxy by zaproxy.
the class ExtensionSessionManagementUnitTest method shouldImportContextWithHttpSessionMgmtType.
@Test
void shouldImportContextWithHttpSessionMgmtType() throws ConfigurationException {
// Given
Context context = mock(Context.class);
Configuration config = new ZapXmlConfiguration();
int sessMgmtTypeId = 1;
config.addProperty(ExtensionSessionManagement.CONTEXT_CONFIG_SESSION_TYPE, sessMgmtTypeId);
// When
extSessMgmt.importContextData(context, config);
// Then
verify(context).setSessionManagementMethod(any(HttpAuthSessionManagementMethod.class));
}
Also used :
Context(org.zaproxy.zap.model.Context)
HttpAuthSessionManagementMethod(org.zaproxy.zap.session.HttpAuthSessionManagementMethodType.HttpAuthSessionManagementMethod)
Configuration(org.apache.commons.configuration.Configuration)
ZapXmlConfiguration(org.zaproxy.zap.utils.ZapXmlConfiguration)
ZapXmlConfiguration(org.zaproxy.zap.utils.ZapXmlConfiguration)
Test(org.junit.jupiter.api.Test)
WithConfigsTest(org.zaproxy.zap.WithConfigsTest)
Example 82 with Context
use of org.zaproxy.zap.model.Context in project zaproxy by zaproxy.
the class ExtensionAuthorizationUnitTest method shouldImportContextWithNoAuthorizationDetectionMethod.
@Test
void shouldImportContextWithNoAuthorizationDetectionMethod() throws ConfigurationException {
// Given
Context context = mock(Context.class);
Configuration config = new ZapXmlConfiguration();
// When
extensionAuthorization.importContextData(context, config);
// Then
verify(context, times(0)).setAuthorizationDetectionMethod(any());
}
Also used :
Context(org.zaproxy.zap.model.Context)
Configuration(org.apache.commons.configuration.Configuration)
ZapXmlConfiguration(org.zaproxy.zap.utils.ZapXmlConfiguration)
ZapXmlConfiguration(org.zaproxy.zap.utils.ZapXmlConfiguration)
Test(org.junit.jupiter.api.Test)
Example 83 with Context
use of org.zaproxy.zap.model.Context in project zaproxy by zaproxy.
the class ExtensionForcedUserUnitTest method shouldImportContextWithNoForcedUser.
@Test
void shouldImportContextWithNoForcedUser() {
// Given
Context context = mock(Context.class);
Configuration config = new ZapXmlConfiguration();
// When
extensionForcedUser.importContextData(context, config);
// Then
verify(context, times(0)).getId();
}
Also used :
Context(org.zaproxy.zap.model.Context)
Configuration(org.apache.commons.configuration.Configuration)
ZapXmlConfiguration(org.zaproxy.zap.utils.ZapXmlConfiguration)
ZapXmlConfiguration(org.zaproxy.zap.utils.ZapXmlConfiguration)
Test(org.junit.jupiter.api.Test)
WithConfigsTest(org.zaproxy.zap.WithConfigsTest)
Example 84 with Context
use of org.zaproxy.zap.model.Context in project zaproxy by zaproxy.
the class ExtensionForcedUserUnitTest method shouldNotImportContextWithUnknownForcedUser.
@Test
void shouldNotImportContextWithUnknownForcedUser() {
// Given
given(extensionLoader.getExtension(ExtensionUserManagement.class)).willReturn(new ExtensionUserManagement());
Context context = mock(Context.class);
Configuration config = new ZapXmlConfiguration();
config.setProperty("context.forceduser", Integer.MIN_VALUE);
// When / Then
assertThrows(IllegalStateException.class, () -> extensionForcedUser.importContextData(context, config));
}
Also used :
Context(org.zaproxy.zap.model.Context)
ExtensionUserManagement(org.zaproxy.zap.extension.users.ExtensionUserManagement)
Configuration(org.apache.commons.configuration.Configuration)
ZapXmlConfiguration(org.zaproxy.zap.utils.ZapXmlConfiguration)
ZapXmlConfiguration(org.zaproxy.zap.utils.ZapXmlConfiguration)
Test(org.junit.jupiter.api.Test)
WithConfigsTest(org.zaproxy.zap.WithConfigsTest)
Example 85 with Context
use of org.zaproxy.zap.model.Context in project zaproxy by zaproxy.
the class ManualAuthenticationMethodType method getSetCredentialsForUserApiAction.
@Override
public ApiDynamicActionImplementor getSetCredentialsForUserApiAction() {
return new ApiDynamicActionImplementor(ACTION_SET_CREDENTIALS, new String[] { PARAM_SESSION_NAME }, null) {
@Override
public void handleAction(JSONObject params) throws ApiException {
Context context = ApiUtils.getContextByParamId(params, UsersAPI.PARAM_CONTEXT_ID);
int userId = ApiUtils.getIntParam(params, UsersAPI.PARAM_USER_ID);
// Make sure the type of authentication method is compatible
if (!isTypeForMethod(context.getAuthenticationMethod())) {
throw new ApiException(ApiException.Type.ILLEGAL_PARAMETER, "User's credentials should match authentication method type of the context: " + context.getAuthenticationMethod().getType().getName());
}
// NOTE: no need to check if extension is loaded as this method
// is called only if
// the Users
// extension is loaded
ExtensionUserManagement extensionUserManagement = Control.getSingleton().getExtensionLoader().getExtension(ExtensionUserManagement.class);
User user = extensionUserManagement.getContextUserAuthManager(context.getId()).getUserById(userId);
if (user == null) {
throw new ApiException(Type.USER_NOT_FOUND, UsersAPI.PARAM_USER_ID);
}
String sessionName = ApiUtils.getNonEmptyStringParam(params, PARAM_SESSION_NAME);
// Get the matching session
ExtensionHttpSessions extensionHttpSessions = Control.getSingleton().getExtensionLoader().getExtension(ExtensionHttpSessions.class);
if (extensionHttpSessions == null) {
throw new ApiException(Type.NO_IMPLEMENTOR, "HttpSessions extension is not loaded.");
}
List<HttpSession> sessions = extensionHttpSessions.getHttpSessionsForContext(context);
HttpSession matchedSession = null;
for (HttpSession session : sessions) {
if (session.getName().equals(sessionName)) {
matchedSession = session;
break;
}
}
if (matchedSession == null) {
throw new ApiException(ApiException.Type.DOES_NOT_EXIST, PARAM_SESSION_NAME);
}
// Set the credentials
ManualAuthenticationCredentials credentials = createAuthenticationCredentials();
credentials.setSelectedSession(matchedSession);
user.setAuthenticationCredentials(credentials);
}
};
}
Also used :
ApiDynamicActionImplementor(org.zaproxy.zap.extension.api.ApiDynamicActionImplementor)
Context(org.zaproxy.zap.model.Context)
ExtensionUserManagement(org.zaproxy.zap.extension.users.ExtensionUserManagement)
User(org.zaproxy.zap.users.User)
JSONObject(net.sf.json.JSONObject)
HttpSession(org.zaproxy.zap.extension.httpsessions.HttpSession)
ExtensionHttpSessions(org.zaproxy.zap.extension.httpsessions.ExtensionHttpSessions)
ApiException(org.zaproxy.zap.extension.api.ApiException)
Aggregations
Context (org.zaproxy.zap.model.Context)89
ApiException (org.zaproxy.zap.extension.api.ApiException)22
Test (org.junit.jupiter.api.Test)21
ZapXmlConfiguration (org.zaproxy.zap.utils.ZapXmlConfiguration)17
WithConfigsTest (org.zaproxy.zap.WithConfigsTest)16
User (org.zaproxy.zap.users.User)15
JSONObject (net.sf.json.JSONObject)14
Configuration (org.apache.commons.configuration.Configuration)14
Session (org.parosproxy.paros.model.Session)14
ApiDynamicActionImplementor (org.zaproxy.zap.extension.api.ApiDynamicActionImplementor)13
RecordContext (org.parosproxy.paros.db.RecordContext)12
DatabaseException (org.parosproxy.paros.db.DatabaseException)10
ConfigurationException (org.apache.commons.configuration.ConfigurationException)9
HttpMessage (org.parosproxy.paros.network.HttpMessage)9
ExtensionUserManagement (org.zaproxy.zap.extension.users.ExtensionUserManagement)9
ArrayList (java.util.ArrayList)8
JMenuItem (javax.swing.JMenuItem)7
ExtensionPopupMenuItem (org.parosproxy.paros.extension.ExtensionPopupMenuItem)7
SiteNode (org.parosproxy.paros.model.SiteNode)7
IOException (java.io.IOException)6
