@Test public void testAuthFilter() throws IOException { final MultivaluedMap<String, String> headers = new MultivaluedHashMap<>(); when(mockContext.getHeaders()).thenReturn(headers); final AuthFilter<String, Principal> filter = new AnonymousAuthFilter.Builder() .setAuthenticator(new AnonymousAuthenticator()).buildAuthFilter(); filter.filter(mockContext); verify(mockContext).setSecurityContext(securityCaptor.capture()); assertEquals(Trellis.AnonymousAgent.getIRIString(), securityCaptor.getValue().getUserPrincipal().getName()); assertFalse(securityCaptor.getValue().isUserInRole("role")); assertFalse(securityCaptor.getValue().isSecure()); assertEquals("NONE", securityCaptor.getValue().getAuthenticationScheme()); }
@Test public void testAuthFilterSecure() throws IOException { final MultivaluedMap<String, String> headers = new MultivaluedHashMap<>(); when(mockContext.getHeaders()).thenReturn(headers); when(mockContext.getSecurityContext()).thenReturn(mockSecurityContext); when(mockSecurityContext.isSecure()).thenReturn(true); final AuthFilter<String, Principal> filter = new AnonymousAuthFilter.Builder() .setAuthenticator(new AnonymousAuthenticator()).buildAuthFilter(); filter.filter(mockContext); verify(mockContext).setSecurityContext(securityCaptor.capture()); assertEquals(Trellis.AnonymousAgent.getIRIString(), securityCaptor.getValue().getUserPrincipal().getName()); assertFalse(securityCaptor.getValue().isUserInRole("role")); assertTrue(securityCaptor.getValue().isSecure()); assertEquals("NONE", securityCaptor.getValue().getAuthenticationScheme()); }
@Test public void testAuthFilterNotSecure() throws IOException { final MultivaluedMap<String, String> headers = new MultivaluedHashMap<>(); when(mockContext.getHeaders()).thenReturn(headers); when(mockContext.getSecurityContext()).thenReturn(mockSecurityContext); when(mockSecurityContext.isSecure()).thenReturn(false); final AuthFilter<String, Principal> filter = new AnonymousAuthFilter.Builder() .setAuthenticator(new AnonymousAuthenticator()).buildAuthFilter(); filter.filter(mockContext); verify(mockContext).setSecurityContext(securityCaptor.capture()); assertEquals(Trellis.AnonymousAgent.getIRIString(), securityCaptor.getValue().getUserPrincipal().getName()); assertFalse(securityCaptor.getValue().isUserInRole("role")); assertFalse(securityCaptor.getValue().isSecure()); assertEquals("NONE", securityCaptor.getValue().getAuthenticationScheme()); }
@Test public void testGetAuthFilters() throws Exception { final TrellisConfiguration config = new YamlConfigurationFactory<>(TrellisConfiguration.class, Validators.newValidator(), Jackson.newObjectMapper(), "") .build(new File(getClass().getResource("/config1.yml").toURI())); final Optional<List<AuthFilter>> filters = TrellisUtils.getAuthFilters(config); assertTrue(filters.isPresent()); filters.ifPresent(f -> assertEquals(3L, f.size())); config.getAuth().getAnon().setEnabled(false); config.getAuth().getBasic().setEnabled(false); config.getAuth().getJwt().setEnabled(false); assertFalse(TrellisUtils.getAuthFilters(config).isPresent()); }
@Override public AuthFilter<?, Principal> createAuthFilter(AuthenticationBootstrap bootstrap) { final ClassLoader classLoader = getClassLoader(classPath); final Class<?> klass = loadClass(classLoader, className); final Class<AuthenticationConfig> authConfigClass = toAuthConfigClass(klass); final AuthenticationConfig loadedConfig = loadAuthenticationConfig(properties, authConfigClass); return loadedConfig.createAuthFilter(bootstrap); }
@Override public AuthFilter<?, Principal> createAuthFilter(AuthenticationBootstrap bootstrap) { return new GuestAuthFilter.Builder<>() .setAuthenticator(new GuestAuthenticator(guestUserName)) .setAuthorizer(new PermitAllAuthorizer()) .setRealm(DEFAULT_GUEST_AUTH_REALM) .buildAuthFilter(); }
@Override public AuthFilter<?, Principal> createAuthFilter(AuthenticationBootstrap bootstrap) { return new BasicCredentialAuthFilter.Builder<>() .setAuthenticator(new BasicAuthenticator(bootstrap.getUserDAO())) .setAuthorizer(new PermitAllAuthorizer()) .setRealm(realm) .buildAuthFilter(); }
@Override public AuthFilter<?, Principal> createAuthFilter(AuthenticationBootstrap bootstrap) { return new BasicCredentialAuthFilter.Builder<>() .setAuthenticator(new SpecificUsernamePwAuthenticator(username, password)) .setAuthorizer(new PermitAllAuthorizer()) .buildAuthFilter(); }
public static Optional<List<AuthFilter>> getAuthFilters(final TrellisConfiguration config) { // Authentication final List<AuthFilter> filters = new ArrayList<>(); final AuthConfiguration auth = config.getAuth(); if (auth.getJwt().getEnabled()) { filters.add(new OAuthCredentialAuthFilter.Builder<Principal>() .setAuthenticator(new JwtAuthenticator(auth.getJwt().getKey(), auth.getJwt().getBase64Encoded())) .setPrefix("Bearer") .buildAuthFilter()); } if (auth.getBasic().getEnabled()) { filters.add(new BasicCredentialAuthFilter.Builder<Principal>() .setAuthenticator(new BasicAuthenticator(auth.getBasic().getUsersFile())) .setRealm("Trellis Basic Authentication") .buildAuthFilter()); } if (auth.getAnon().getEnabled()) { filters.add(new AnonymousAuthFilter.Builder() .setAuthenticator(new AnonymousAuthenticator()) .buildAuthFilter()); } if (filters.isEmpty()) { return empty(); } return of(filters); }
@Test public void testUnauthorized() throws IOException { final MultivaluedMap<String, String> headers = new MultivaluedHashMap<>(); headers.add(HttpHeaders.AUTHORIZATION, "Bearer blahblahblah"); when(mockContext.getHeaders()).thenReturn(headers); final AuthFilter<String, Principal> filter = new AnonymousAuthFilter.Builder() .setAuthenticator(new AnonymousAuthenticator()).buildAuthFilter(); assertThrows(WebApplicationException.class, () -> filter.filter(mockContext)); }
@Override public void run(ServerConfiguration configuration, Environment environment) throws Exception { final DBIFactory factory = new DBIFactory(); final DBI jdbi = factory.build(environment, configuration.getDataSourceFactory(), "sapData"); ObjectMapper objectMapper = environment.getObjectMapper(); SapConfiguration sapConfiguration = configuration.getSapConfig(); JobConfiguration jobConfiguration = configuration.getJobConfig(); NiPingServiceBinder niPingServiceBinder = new NiPingServiceBinder(jdbi, objectMapper, sapConfiguration, jobConfiguration); ServiceLocator serviceLocator = ServiceLocatorUtilities.bind(niPingServiceBinder); SapBasicAuthenticator sapBasicAuthenticator = ServiceLocatorUtilities.getService(serviceLocator, SapBasicAuthenticator.class .getName()); SapOAuthenticator sapOAuthenticator = ServiceLocatorUtilities.getService(serviceLocator, SapOAuthenticator.class.getName()); final BasicCredentialAuthFilter basicAuthFilter = new BasicCredentialAuthFilter.Builder<BasicAuthUser>() .setAuthenticator(sapBasicAuthenticator) .buildAuthFilter(); final AuthFilter oAuthFilter = new OAuthCredentialAuthFilter.Builder<OAuthUser>() .setAuthenticator(sapOAuthenticator) .setPrefix("Bearer") .buildAuthFilter(); final PolymorphicAuthDynamicFeature feature = new PolymorphicAuthDynamicFeature<UserPrincipal>(ImmutableMap.of(BasicAuthUser .class, basicAuthFilter, OAuthUser.class, oAuthFilter)); final AbstractBinder binder = new PolymorphicAuthValueFactoryProvider.Binder<>(ImmutableSet.of(BasicAuthUser.class, OAuthUser .class)); environment.jersey().register(new AuthFilterDynamicBinding()); environment.jersey().register(feature); environment.jersey().register(binder); environment.jersey().register(niPingServiceBinder); environment.jersey().packages("com.cloudwise.sap.niping.auth"); environment.jersey().packages("com.cloudwise.sap.niping.service"); environment.jersey().packages("com.cloudwise.sap.niping.dao"); environment.jersey().packages("com.cloudwise.sap.niping.common.vo.converter"); environment.jersey().packages("com.cloudwise.sap.niping.resource"); environment.jersey().register(SessionFactoryProvider.class); environment.servlets().setSessionHandler(new SessionHandler()); }
@Override public AuthFilter<?, Principal> createAuthFilter(AuthenticationBootstrap bootstrap) { return null; }
@Override public AuthFilter<?, Principal> createAuthFilter(AuthenticationBootstrap bootstrap) { return new GuestAuthenticationConfig().createAuthFilter(bootstrap); }
AuthFilter createAuthFilter(AuthenticationBootstrap bootstrap);
