Search in sources :

Example 1 with FakeCredentials

use of se.inera.intyg.webcert.web.auth.fake.FakeCredentials in project webcert by sklintyg.

the class CommonFakeAuthenticationProvider method selectVardenhetFromFakeCredentials.

private void selectVardenhetFromFakeCredentials(Authentication token, Object details) {
    if (details instanceof IntygUser) {
        IntygUser user = (IntygUser) details;
        FakeCredentials fakeCredentials = (FakeCredentials) token.getCredentials();
        if (!Strings.isNullOrEmpty(fakeCredentials.getEnhetId())) {
            setVardenhetById(fakeCredentials.getEnhetId(), user);
            setVardgivareByVardenhetId(fakeCredentials.getEnhetId(), user);
        }
    }
}
Also used : FakeCredentials(se.inera.intyg.webcert.web.auth.fake.FakeCredentials) IntygUser(se.inera.intyg.infra.security.common.model.IntygUser)

Example 2 with FakeCredentials

use of se.inera.intyg.webcert.web.auth.fake.FakeCredentials in project webcert by sklintyg.

the class CommonFakeAuthenticationProvider method createSamlCredential.

private SAMLCredential createSamlCredential(Authentication token) {
    FakeCredentials fakeCredentials = (FakeCredentials) token.getCredentials();
    Assertion assertion = new AssertionBuilder().buildObject();
    attachAuthenticationContext(assertion, FAKE_AUTHENTICATION_SITHS_CONTEXT_REF);
    AttributeStatement attributeStatement = new AttributeStatementBuilder().buildObject();
    assertion.getAttributeStatements().add(attributeStatement);
    addAttribute(attributeStatement, BaseSakerhetstjanstAssertion.HSA_ID_ATTRIBUTE, fakeCredentials.getHsaId());
    NameID nameId = new NameIDBuilder().buildObject();
    nameId.setValue(token.getCredentials().toString());
    return new SAMLCredential(nameId, assertion, "fake-idp", "webcert");
}
Also used : NameIDBuilder(org.opensaml.saml2.core.impl.NameIDBuilder) AttributeStatementBuilder(org.opensaml.saml2.core.impl.AttributeStatementBuilder) FakeCredentials(se.inera.intyg.webcert.web.auth.fake.FakeCredentials) SAMLCredential(org.springframework.security.saml.SAMLCredential) NameID(org.opensaml.saml2.core.NameID) AttributeStatement(org.opensaml.saml2.core.AttributeStatement) Assertion(org.opensaml.saml2.core.Assertion) BaseSakerhetstjanstAssertion(se.inera.intyg.infra.security.siths.BaseSakerhetstjanstAssertion) AssertionBuilder(org.opensaml.saml2.core.impl.AssertionBuilder)

Example 3 with FakeCredentials

use of se.inera.intyg.webcert.web.auth.fake.FakeCredentials in project webcert by sklintyg.

the class UserApiControllerIT method testAndraValdEnhetMedOgiltigEnhetsId.

/**
 * Verify that trying to change vardEnhet to an invalid one gives an error response.
 */
@Test
public void testAndraValdEnhetMedOgiltigEnhetsId() {
    // Log in as user having medarbetaruppdrag at several vardenheter.
    FakeCredentials user = new FakeCredentials.FakeCredentialsBuilder("IFV1239877878-104B", "IFV1239877878-1042").legitimeradeYrkesgrupper(asList("Läkare")).build();
    RestAssured.sessionId = getAuthSession(user);
    // An improvement of this would be to call hsaStub rest api to add testa data as we want it to
    // avoid "magic" ids and the dependency to bootstrapped data?
    final String vardEnhetToChangeTo = "non-existing-vardenehet-id";
    ChangeSelectedUnitRequest changeRequest = new ChangeSelectedUnitRequest();
    changeRequest.setId(vardEnhetToChangeTo);
    given().cookie("ROUTEID", BaseRestIntegrationTest.routeId).contentType(ContentType.JSON).and().body(changeRequest).expect().statusCode(400).when().post("api/anvandare/andraenhet");
}
Also used : FakeCredentials(se.inera.intyg.webcert.web.auth.fake.FakeCredentials) ChangeSelectedUnitRequest(se.inera.intyg.webcert.web.web.controller.api.dto.ChangeSelectedUnitRequest) Test(org.junit.Test) BaseRestIntegrationTest(se.inera.intyg.webcert.web.web.controller.integrationtest.BaseRestIntegrationTest)

Example 4 with FakeCredentials

use of se.inera.intyg.webcert.web.auth.fake.FakeCredentials in project webcert by sklintyg.

the class CommonFakeAuthenticationProvider method applyAuthenticationMethod.

private void applyAuthenticationMethod(Authentication token, Object details) {
    if (details instanceof IntygUser) {
        if (token.getCredentials() != null && ((FakeCredentials) token.getCredentials()).getOrigin() != null) {
            String authenticationMethod = ((FakeCredentials) token.getCredentials()).getAuthenticationMethod();
            try {
                if (authenticationMethod != null && !authenticationMethod.isEmpty()) {
                    IntygUser user = (IntygUser) details;
                    AuthenticationMethod newAuthMethod = AuthenticationMethod.valueOf(authenticationMethod);
                    user.setAuthenticationMethod(newAuthMethod);
                }
            } catch (IllegalArgumentException e) {
                String allowedTypes = Arrays.asList(AuthenticationMethod.values()).stream().map(val -> val.name()).collect(Collectors.joining(", "));
                throw new AuthoritiesException("Could not set authenticationMethod '" + authenticationMethod + "'. Unknown, allowed types are " + allowedTypes);
            }
        }
    }
}
Also used : FakeCredentials(se.inera.intyg.webcert.web.auth.fake.FakeCredentials) AuthenticationMethod(se.inera.intyg.infra.security.common.model.AuthenticationMethod) AuthoritiesException(se.inera.intyg.infra.security.authorities.AuthoritiesException) IntygUser(se.inera.intyg.infra.security.common.model.IntygUser)

Example 5 with FakeCredentials

use of se.inera.intyg.webcert.web.auth.fake.FakeCredentials in project webcert by sklintyg.

the class CommonFakeAuthenticationProvider method applyUserOrigin.

private void applyUserOrigin(Authentication token, Object details) {
    if (details instanceof IntygUser) {
        if (token.getCredentials() != null && ((FakeCredentials) token.getCredentials()).getOrigin() != null) {
            String origin = ((FakeCredentials) token.getCredentials()).getOrigin();
            try {
                // Type check.
                UserOriginType.valueOf(origin);
                ((IntygUser) details).setOrigin(origin);
            } catch (IllegalArgumentException e) {
                throw new AuthoritiesException("Could not set origin '" + origin + "'. Unknown, allowed types are NORMAL, DJUPINTEGRATION, UTHOPP");
            }
        }
    }
}
Also used : FakeCredentials(se.inera.intyg.webcert.web.auth.fake.FakeCredentials) AuthoritiesException(se.inera.intyg.infra.security.authorities.AuthoritiesException) IntygUser(se.inera.intyg.infra.security.common.model.IntygUser)

Aggregations

FakeCredentials (se.inera.intyg.webcert.web.auth.fake.FakeCredentials)7 IntygUser (se.inera.intyg.infra.security.common.model.IntygUser)4 Test (org.junit.Test)2 AuthoritiesException (se.inera.intyg.infra.security.authorities.AuthoritiesException)2 ChangeSelectedUnitRequest (se.inera.intyg.webcert.web.web.controller.api.dto.ChangeSelectedUnitRequest)2 BaseRestIntegrationTest (se.inera.intyg.webcert.web.web.controller.integrationtest.BaseRestIntegrationTest)2 Assertion (org.opensaml.saml2.core.Assertion)1 AttributeStatement (org.opensaml.saml2.core.AttributeStatement)1 NameID (org.opensaml.saml2.core.NameID)1 AssertionBuilder (org.opensaml.saml2.core.impl.AssertionBuilder)1 AttributeStatementBuilder (org.opensaml.saml2.core.impl.AttributeStatementBuilder)1 NameIDBuilder (org.opensaml.saml2.core.impl.NameIDBuilder)1 SAMLCredential (org.springframework.security.saml.SAMLCredential)1 AuthenticationMethod (se.inera.intyg.infra.security.common.model.AuthenticationMethod)1 BaseSakerhetstjanstAssertion (se.inera.intyg.infra.security.siths.BaseSakerhetstjanstAssertion)1