Example 1 with FakeCredentials
use of se.inera.intyg.webcert.web.auth.fake.FakeCredentials in project webcert by sklintyg.
the class CommonFakeAuthenticationProvider method selectVardenhetFromFakeCredentials.
private void selectVardenhetFromFakeCredentials(Authentication token, Object details) {
if (details instanceof IntygUser) {
IntygUser user = (IntygUser) details;
FakeCredentials fakeCredentials = (FakeCredentials) token.getCredentials();
if (!Strings.isNullOrEmpty(fakeCredentials.getEnhetId())) {
setVardenhetById(fakeCredentials.getEnhetId(), user);
setVardgivareByVardenhetId(fakeCredentials.getEnhetId(), user);
}
}
}
Also used :
FakeCredentials(se.inera.intyg.webcert.web.auth.fake.FakeCredentials)
IntygUser(se.inera.intyg.infra.security.common.model.IntygUser)
Example 2 with FakeCredentials
use of se.inera.intyg.webcert.web.auth.fake.FakeCredentials in project webcert by sklintyg.
the class CommonFakeAuthenticationProvider method createSamlCredential.
private SAMLCredential createSamlCredential(Authentication token) {
FakeCredentials fakeCredentials = (FakeCredentials) token.getCredentials();
Assertion assertion = new AssertionBuilder().buildObject();
attachAuthenticationContext(assertion, FAKE_AUTHENTICATION_SITHS_CONTEXT_REF);
AttributeStatement attributeStatement = new AttributeStatementBuilder().buildObject();
assertion.getAttributeStatements().add(attributeStatement);
addAttribute(attributeStatement, BaseSakerhetstjanstAssertion.HSA_ID_ATTRIBUTE, fakeCredentials.getHsaId());
NameID nameId = new NameIDBuilder().buildObject();
nameId.setValue(token.getCredentials().toString());
return new SAMLCredential(nameId, assertion, "fake-idp", "webcert");
}
Also used :
NameIDBuilder(org.opensaml.saml2.core.impl.NameIDBuilder)
AttributeStatementBuilder(org.opensaml.saml2.core.impl.AttributeStatementBuilder)
FakeCredentials(se.inera.intyg.webcert.web.auth.fake.FakeCredentials)
SAMLCredential(org.springframework.security.saml.SAMLCredential)
NameID(org.opensaml.saml2.core.NameID)
AttributeStatement(org.opensaml.saml2.core.AttributeStatement)
Assertion(org.opensaml.saml2.core.Assertion)
BaseSakerhetstjanstAssertion(se.inera.intyg.infra.security.siths.BaseSakerhetstjanstAssertion)
AssertionBuilder(org.opensaml.saml2.core.impl.AssertionBuilder)
Example 3 with FakeCredentials
use of se.inera.intyg.webcert.web.auth.fake.FakeCredentials in project webcert by sklintyg.
the class UserApiControllerIT method testAndraValdEnhetMedOgiltigEnhetsId.
/**
* Verify that trying to change vardEnhet to an invalid one gives an error response.
*/
@Test
public void testAndraValdEnhetMedOgiltigEnhetsId() {
// Log in as user having medarbetaruppdrag at several vardenheter.
FakeCredentials user = new FakeCredentials.FakeCredentialsBuilder("IFV1239877878-104B", "IFV1239877878-1042").legitimeradeYrkesgrupper(asList("Läkare")).build();
RestAssured.sessionId = getAuthSession(user);
// An improvement of this would be to call hsaStub rest api to add testa data as we want it to
// avoid "magic" ids and the dependency to bootstrapped data?
final String vardEnhetToChangeTo = "non-existing-vardenehet-id";
ChangeSelectedUnitRequest changeRequest = new ChangeSelectedUnitRequest();
changeRequest.setId(vardEnhetToChangeTo);
given().cookie("ROUTEID", BaseRestIntegrationTest.routeId).contentType(ContentType.JSON).and().body(changeRequest).expect().statusCode(400).when().post("api/anvandare/andraenhet");
}
Also used :
FakeCredentials(se.inera.intyg.webcert.web.auth.fake.FakeCredentials)
ChangeSelectedUnitRequest(se.inera.intyg.webcert.web.web.controller.api.dto.ChangeSelectedUnitRequest)
Test(org.junit.Test)
BaseRestIntegrationTest(se.inera.intyg.webcert.web.web.controller.integrationtest.BaseRestIntegrationTest)
Example 4 with FakeCredentials
use of se.inera.intyg.webcert.web.auth.fake.FakeCredentials in project webcert by sklintyg.
the class CommonFakeAuthenticationProvider method applyAuthenticationMethod.
private void applyAuthenticationMethod(Authentication token, Object details) {
if (details instanceof IntygUser) {
if (token.getCredentials() != null && ((FakeCredentials) token.getCredentials()).getOrigin() != null) {
String authenticationMethod = ((FakeCredentials) token.getCredentials()).getAuthenticationMethod();
try {
if (authenticationMethod != null && !authenticationMethod.isEmpty()) {
IntygUser user = (IntygUser) details;
AuthenticationMethod newAuthMethod = AuthenticationMethod.valueOf(authenticationMethod);
user.setAuthenticationMethod(newAuthMethod);
}
} catch (IllegalArgumentException e) {
String allowedTypes = Arrays.asList(AuthenticationMethod.values()).stream().map(val -> val.name()).collect(Collectors.joining(", "));
throw new AuthoritiesException("Could not set authenticationMethod '" + authenticationMethod + "'. Unknown, allowed types are " + allowedTypes);
}
}
}
}
Also used :
FakeCredentials(se.inera.intyg.webcert.web.auth.fake.FakeCredentials)
AuthenticationMethod(se.inera.intyg.infra.security.common.model.AuthenticationMethod)
AuthoritiesException(se.inera.intyg.infra.security.authorities.AuthoritiesException)
IntygUser(se.inera.intyg.infra.security.common.model.IntygUser)
Example 5 with FakeCredentials
use of se.inera.intyg.webcert.web.auth.fake.FakeCredentials in project webcert by sklintyg.
the class CommonFakeAuthenticationProvider method applyUserOrigin.
private void applyUserOrigin(Authentication token, Object details) {
if (details instanceof IntygUser) {
if (token.getCredentials() != null && ((FakeCredentials) token.getCredentials()).getOrigin() != null) {
String origin = ((FakeCredentials) token.getCredentials()).getOrigin();
try {
// Type check.
UserOriginType.valueOf(origin);
((IntygUser) details).setOrigin(origin);
} catch (IllegalArgumentException e) {
throw new AuthoritiesException("Could not set origin '" + origin + "'. Unknown, allowed types are NORMAL, DJUPINTEGRATION, UTHOPP");
}
}
}
}
Also used :
FakeCredentials(se.inera.intyg.webcert.web.auth.fake.FakeCredentials)
AuthoritiesException(se.inera.intyg.infra.security.authorities.AuthoritiesException)
IntygUser(se.inera.intyg.infra.security.common.model.IntygUser)
Aggregations
FakeCredentials (se.inera.intyg.webcert.web.auth.fake.FakeCredentials)7
IntygUser (se.inera.intyg.infra.security.common.model.IntygUser)4
Test (org.junit.Test)2
AuthoritiesException (se.inera.intyg.infra.security.authorities.AuthoritiesException)2
ChangeSelectedUnitRequest (se.inera.intyg.webcert.web.web.controller.api.dto.ChangeSelectedUnitRequest)2
BaseRestIntegrationTest (se.inera.intyg.webcert.web.web.controller.integrationtest.BaseRestIntegrationTest)2
Assertion (org.opensaml.saml2.core.Assertion)1
AttributeStatement (org.opensaml.saml2.core.AttributeStatement)1
NameID (org.opensaml.saml2.core.NameID)1
AssertionBuilder (org.opensaml.saml2.core.impl.AssertionBuilder)1
AttributeStatementBuilder (org.opensaml.saml2.core.impl.AttributeStatementBuilder)1
NameIDBuilder (org.opensaml.saml2.core.impl.NameIDBuilder)1
SAMLCredential (org.springframework.security.saml.SAMLCredential)1
AuthenticationMethod (se.inera.intyg.infra.security.common.model.AuthenticationMethod)1
BaseSakerhetstjanstAssertion (se.inera.intyg.infra.security.siths.BaseSakerhetstjanstAssertion)1
