-
Notifications
You must be signed in to change notification settings - Fork 37
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Add test coverage for multiple instances of build-in mechanisms
Signed-off-by: Arjan Tijms <arjan.tijms@omnifish.ee>
- Loading branch information
1 parent
9116f6f
commit fc7b796
Showing
10 changed files
with
662 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,47 @@ | ||
<?xml version="1.0" encoding="UTF-8"?> | ||
<!-- | ||
Copyright (c) 2024 Contributors to the Eclipse Foundation. | ||
This program and the accompanying materials are made available under the | ||
terms of the Eclipse Public License v. 2.0, which is available at | ||
http://www.eclipse.org/legal/epl-2.0. | ||
This Source Code may also be made available under the following Secondary | ||
Licenses when the conditions for such availability set forth in the | ||
Eclipse Public License v. 2.0 are satisfied: GNU General Public License, | ||
version 2 with the GNU Classpath Exception, which is available at | ||
https://www.gnu.org/software/classpath/license.html. | ||
SPDX-License-Identifier: EPL-2.0 OR GPL-2.0 WITH Classpath-exception-2.0 | ||
--> | ||
|
||
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd"> | ||
<modelVersion>4.0.0</modelVersion> | ||
|
||
<parent> | ||
<groupId>org.eclipse.ee4j.security.tck</groupId> | ||
<artifactId>jakarta-security-tck</artifactId> | ||
<version>4.0.0-SNAPSHOT</version> | ||
</parent> | ||
|
||
<artifactId>app-custom-authentication-mechanism-handler2</artifactId> | ||
<packaging>war</packaging> | ||
|
||
<properties> | ||
<failOnMissingWebXml>false</failOnMissingWebXml> | ||
</properties> | ||
|
||
<dependencies> | ||
<dependency> | ||
<groupId>org.eclipse.ee4j.security.tck</groupId> | ||
<artifactId>common</artifactId> | ||
<version>${project.version}</version> | ||
</dependency> | ||
</dependencies> | ||
|
||
<build> | ||
<finalName>app-custom-authentication-mechanism-handler</finalName> | ||
</build> | ||
</project> |
49 changes: 49 additions & 0 deletions
49
...sm-handler2/src/main/java/ee/jakarta/tck/security/test/BasicAuthenticationMechanism2.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,49 @@ | ||
/* | ||
* Copyright (c) 2024 Contributors to the Eclipse Foundation. | ||
* | ||
* This program and the accompanying materials are made available under the | ||
* terms of the Eclipse Public License v. 2.0, which is available at | ||
* http://www.eclipse.org/legal/epl-2.0. | ||
* | ||
* This Source Code may also be made available under the following Secondary | ||
* Licenses when the conditions for such availability set forth in the | ||
* Eclipse Public License v. 2.0 are satisfied: GNU General Public License, | ||
* version 2 with the GNU Classpath Exception, which is available at | ||
* https://www.gnu.org/software/classpath/license.html. | ||
* | ||
* SPDX-License-Identifier: EPL-2.0 OR GPL-2.0 WITH Classpath-exception-2.0 | ||
*/ | ||
|
||
package ee.jakarta.tck.security.test; | ||
|
||
import static java.lang.annotation.ElementType.FIELD; | ||
import static java.lang.annotation.ElementType.METHOD; | ||
import static java.lang.annotation.ElementType.PARAMETER; | ||
import static java.lang.annotation.ElementType.TYPE; | ||
import static java.lang.annotation.RetentionPolicy.RUNTIME; | ||
|
||
import jakarta.enterprise.util.AnnotationLiteral; | ||
import jakarta.inject.Qualifier; | ||
import java.lang.annotation.Retention; | ||
import java.lang.annotation.Target; | ||
|
||
@Qualifier | ||
@Retention(RUNTIME) | ||
@Target({ FIELD, METHOD, TYPE, PARAMETER }) | ||
public @interface BasicAuthenticationMechanism2 { | ||
|
||
/** | ||
* Supports inline instantiation of the {@link BasicAuthenticationMechanism2} qualifier. | ||
* | ||
* @since 4.0 | ||
*/ | ||
public static final class Literal extends AnnotationLiteral<BasicAuthenticationMechanism2> implements BasicAuthenticationMechanism2 { | ||
private static final long serialVersionUID = 1L; | ||
|
||
/** | ||
* Instance of the {@link BasicAuthenticationMechanism2} qualifier. | ||
*/ | ||
public static final Literal INSTANCE = new Literal(); | ||
} | ||
|
||
} |
48 changes: 48 additions & 0 deletions
48
...sm-handler2/src/main/java/ee/jakarta/tck/security/test/BasicAuthenticationMechanism3.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,48 @@ | ||
/* | ||
* Copyright (c) 2024 Contributors to the Eclipse Foundation. | ||
* | ||
* This program and the accompanying materials are made available under the | ||
* terms of the Eclipse Public License v. 2.0, which is available at | ||
* http://www.eclipse.org/legal/epl-2.0. | ||
* | ||
* This Source Code may also be made available under the following Secondary | ||
* Licenses when the conditions for such availability set forth in the | ||
* Eclipse Public License v. 2.0 are satisfied: GNU General Public License, | ||
* version 2 with the GNU Classpath Exception, which is available at | ||
* https://www.gnu.org/software/classpath/license.html. | ||
* | ||
* SPDX-License-Identifier: EPL-2.0 OR GPL-2.0 WITH Classpath-exception-2.0 | ||
*/ | ||
package ee.jakarta.tck.security.test; | ||
|
||
import static java.lang.annotation.ElementType.FIELD; | ||
import static java.lang.annotation.ElementType.METHOD; | ||
import static java.lang.annotation.ElementType.PARAMETER; | ||
import static java.lang.annotation.ElementType.TYPE; | ||
import static java.lang.annotation.RetentionPolicy.RUNTIME; | ||
|
||
import jakarta.enterprise.util.AnnotationLiteral; | ||
import jakarta.inject.Qualifier; | ||
import java.lang.annotation.Retention; | ||
import java.lang.annotation.Target; | ||
|
||
@Qualifier | ||
@Retention(RUNTIME) | ||
@Target({ FIELD, METHOD, TYPE, PARAMETER }) | ||
public @interface BasicAuthenticationMechanism3 { | ||
|
||
/** | ||
* Supports inline instantiation of the {@link BasicAuthenticationMechanism3} qualifier. | ||
* | ||
* @since 4.0 | ||
*/ | ||
public static final class Literal extends AnnotationLiteral<BasicAuthenticationMechanism3> implements BasicAuthenticationMechanism3 { | ||
private static final long serialVersionUID = 1L; | ||
|
||
/** | ||
* Instance of the {@link BasicAuthenticationMechanism3} qualifier. | ||
*/ | ||
public static final Literal INSTANCE = new Literal(); | ||
} | ||
|
||
} |
91 changes: 91 additions & 0 deletions
91
...ler2/src/main/java/ee/jakarta/tck/security/test/CustomAuthenticationMechanismHandler.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,91 @@ | ||
/* | ||
* Copyright (c) 2024 Contributors to the Eclipse Foundation. | ||
* | ||
* This program and the accompanying materials are made available under the | ||
* terms of the Eclipse Public License v. 2.0, which is available at | ||
* http://www.eclipse.org/legal/epl-2.0. | ||
* | ||
* This Source Code may also be made available under the following Secondary | ||
* Licenses when the conditions for such availability set forth in the | ||
* Eclipse Public License v. 2.0 are satisfied: GNU General Public License, | ||
* version 2 with the GNU Classpath Exception, which is available at | ||
* https://www.gnu.org/software/classpath/license.html. | ||
* | ||
* SPDX-License-Identifier: EPL-2.0 OR GPL-2.0 WITH Classpath-exception-2.0 | ||
*/ | ||
package ee.jakarta.tck.security.test; | ||
|
||
import static jakarta.interceptor.Interceptor.Priority.APPLICATION; | ||
|
||
import jakarta.annotation.Priority; | ||
import jakarta.enterprise.context.ApplicationScoped; | ||
import jakarta.enterprise.inject.Alternative; | ||
import jakarta.inject.Inject; | ||
import jakarta.security.enterprise.AuthenticationException; | ||
import jakarta.security.enterprise.AuthenticationStatus; | ||
import jakarta.security.enterprise.authentication.mechanism.http.BasicAuthenticationMechanismDefinition; | ||
import jakarta.security.enterprise.authentication.mechanism.http.BasicAuthenticationMechanismDefinition.BasicAuthenticationMechanism; | ||
import jakarta.security.enterprise.authentication.mechanism.http.HttpAuthenticationMechanism; | ||
import jakarta.security.enterprise.authentication.mechanism.http.HttpAuthenticationMechanismHandler; | ||
import jakarta.security.enterprise.authentication.mechanism.http.HttpMessageContext; | ||
import jakarta.servlet.http.HttpServletRequest; | ||
import jakarta.servlet.http.HttpServletResponse; | ||
|
||
/** | ||
* This HttpAuthenticationMechanismHandler overrides the default provided one and delegates | ||
* requests to three individual authentication mechanisms depending on the request path. | ||
* | ||
* <p> | ||
* This tests asserts the ability to define multiple beans using | ||
* a {@code ...Definition} annotation. It specifically asserts that | ||
* those can come from a repeatable annotation ("realm2" and "realm3") | ||
* and that those can be combined with one defined elsewhere ("realm1"). | ||
* | ||
*/ | ||
@BasicAuthenticationMechanismDefinition( | ||
realmName="realm2", | ||
qualifiers = { BasicAuthenticationMechanism2.class} | ||
) | ||
|
||
@BasicAuthenticationMechanismDefinition( | ||
realmName="realm3", | ||
qualifiers = { BasicAuthenticationMechanism3.class} | ||
) | ||
|
||
@Alternative | ||
@Priority(APPLICATION) | ||
@ApplicationScoped | ||
public class CustomAuthenticationMechanismHandler implements HttpAuthenticationMechanismHandler { | ||
|
||
@Inject | ||
@BasicAuthenticationMechanism | ||
HttpAuthenticationMechanism authenticationMechanism1; | ||
|
||
@Inject | ||
@BasicAuthenticationMechanism2 | ||
HttpAuthenticationMechanism authenticationMechanism2; | ||
|
||
@Inject | ||
@BasicAuthenticationMechanism3 | ||
HttpAuthenticationMechanism authenticationMechanism3; | ||
|
||
@Override | ||
public AuthenticationStatus validateRequest(HttpServletRequest request, HttpServletResponse response, | ||
HttpMessageContext httpMessageContext) throws AuthenticationException { | ||
|
||
if (getRequestRelativeURI(request).startsWith("/protectedServlet1")) { | ||
return authenticationMechanism1.validateRequest(request, response, httpMessageContext); | ||
} | ||
|
||
if (getRequestRelativeURI(request).startsWith("/protectedServlet2")) { | ||
return authenticationMechanism2.validateRequest(request, response, httpMessageContext); | ||
} | ||
|
||
return authenticationMechanism3.validateRequest(request, response, httpMessageContext); | ||
} | ||
|
||
public static String getRequestRelativeURI(HttpServletRequest request) { | ||
return request.getRequestURI().substring(request.getContextPath().length()); | ||
} | ||
|
||
} |
82 changes: 82 additions & 0 deletions
82
...tion-mechanism-handler2/src/main/java/ee/jakarta/tck/security/test/ProtectedServlet1.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,82 @@ | ||
/* | ||
* Copyright (c) 2024 Contributors to the Eclipse Foundation. | ||
* Copyright (c) 2015, 2020 Oracle and/or its affiliates. All rights reserved. | ||
* | ||
* This program and the accompanying materials are made available under the | ||
* terms of the Eclipse Public License v. 2.0, which is available at | ||
* http://www.eclipse.org/legal/epl-2.0. | ||
* | ||
* This Source Code may also be made available under the following Secondary | ||
* Licenses when the conditions for such availability set forth in the | ||
* Eclipse Public License v. 2.0 are satisfied: GNU General Public License, | ||
* version 2 with the GNU Classpath Exception, which is available at | ||
* https://www.gnu.org/software/classpath/license.html. | ||
* | ||
* SPDX-License-Identifier: EPL-2.0 OR GPL-2.0 WITH Classpath-exception-2.0 | ||
*/ | ||
|
||
package ee.jakarta.tck.security.test; | ||
|
||
import jakarta.annotation.security.DeclareRoles; | ||
import jakarta.inject.Inject; | ||
import jakarta.security.enterprise.SecurityContext; | ||
import jakarta.security.enterprise.authentication.mechanism.http.BasicAuthenticationMechanismDefinition; | ||
import jakarta.servlet.ServletException; | ||
import jakarta.servlet.annotation.HttpConstraint; | ||
import jakarta.servlet.annotation.ServletSecurity; | ||
import jakarta.servlet.annotation.WebServlet; | ||
import jakarta.servlet.http.HttpServlet; | ||
import jakarta.servlet.http.HttpServletRequest; | ||
import jakarta.servlet.http.HttpServletResponse; | ||
import java.io.IOException; | ||
|
||
/** | ||
* Test Servlet that prints out the name of the authenticated caller and whether | ||
* this caller is in any of the roles {foo, bar, kaz} | ||
* | ||
*/ | ||
@BasicAuthenticationMechanismDefinition( | ||
realmName="realm1" | ||
) | ||
@WebServlet("/protectedServlet1") | ||
@ServletSecurity(@HttpConstraint(rolesAllowed = "foo")) | ||
@DeclareRoles({"bar", "kaz"}) | ||
public class ProtectedServlet1 extends HttpServlet { | ||
|
||
private static final long serialVersionUID = 1L; | ||
|
||
@Inject | ||
private SecurityContext securityContext; | ||
|
||
@Override | ||
public void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { | ||
|
||
response.getWriter().write("This is a servlet \n"); | ||
|
||
String webName = null; | ||
if (request.getUserPrincipal() != null) { | ||
webName = request.getUserPrincipal().getName(); | ||
} | ||
|
||
response.getWriter().write("web username: " + webName + "\n"); | ||
|
||
response.getWriter().write("web user has role \"foo\": " + request.isUserInRole("foo") + "\n"); | ||
response.getWriter().write("web user has role \"bar\": " + request.isUserInRole("bar") + "\n"); | ||
response.getWriter().write("web user has role \"kaz\": " + request.isUserInRole("kaz") + "\n"); | ||
|
||
String contextName = null; | ||
if (securityContext.getCallerPrincipal() != null) { | ||
contextName = securityContext.getCallerPrincipal().getName(); | ||
} | ||
|
||
response.getWriter().write("context username: " + contextName + "\n"); | ||
|
||
response.getWriter().write("context user has role \"foo\": " + securityContext.isCallerInRole("foo") + "\n"); | ||
response.getWriter().write("context user has role \"bar\": " + securityContext.isCallerInRole("bar") + "\n"); | ||
response.getWriter().write("context user has role \"kaz\": " + securityContext.isCallerInRole("kaz") + "\n"); | ||
|
||
response.getWriter().write("has access " + securityContext.hasAccessToWebResource("/servlets")); | ||
|
||
} | ||
|
||
} |
Oops, something went wrong.