generated from it-at-m/oss-repository-en-template
-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge pull request #703 from it-at-m/553-authenticationhandler-in-wls…
…-common-auslagern Handler um Informationen aus Authentication zu ziehen in wls-common erstellt
- Loading branch information
Showing
9 changed files
with
312 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
27 changes: 27 additions & 0 deletions
27
...chen/oss/wahllokalsystem/wls/common/security/authentication/AnonymousDetailRetriever.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,27 @@ | ||
| package de.muenchen.oss.wahllokalsystem.wls.common.security.authentication; | ||
|
|
||
| import de.muenchen.oss.wahllokalsystem.wls.common.security.Profiles; | ||
| import java.util.Optional; | ||
| import org.springframework.context.annotation.Profile; | ||
| import org.springframework.security.authentication.AnonymousAuthenticationToken; | ||
| import org.springframework.security.core.Authentication; | ||
| import org.springframework.stereotype.Component; | ||
| import org.springframework.util.Assert; | ||
|
|
||
| @Component | ||
| @Profile(Profiles.NO_SECURITY) | ||
| public class AnonymousDetailRetriever implements AuthDetailRetriever { | ||
|
|
||
| @Override | ||
| public boolean canHandle(Authentication authentication) { | ||
| Assert.notNull(authentication, "Authentication must not be null"); | ||
| return authentication instanceof AnonymousAuthenticationToken; | ||
| } | ||
|
|
||
| @Override | ||
| public Optional<String> getDetail(String detailKey, Authentication authentication) { | ||
| Assert.notNull(authentication, "Authentication must not be null"); | ||
| Assert.notNull(detailKey, "detailKey must not be null"); | ||
| return Optional.empty(); | ||
| } | ||
| } |
17 changes: 17 additions & 0 deletions
17
.../muenchen/oss/wahllokalsystem/wls/common/security/authentication/AuthDetailRetriever.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,17 @@ | ||
| package de.muenchen.oss.wahllokalsystem.wls.common.security.authentication; | ||
|
|
||
| import java.util.Optional; | ||
| import org.springframework.security.core.Authentication; | ||
|
|
||
| public interface AuthDetailRetriever { | ||
|
|
||
| /** | ||
| * @throws IllegalArgumentException when authentication is null | ||
| */ | ||
| boolean canHandle(Authentication authentication); | ||
|
|
||
| /** | ||
| * @throws IllegalArgumentException when any parameter is null | ||
| */ | ||
| Optional<String> getDetail(String detailKey, Authentication authentication); | ||
| } |
27 changes: 27 additions & 0 deletions
27
...e/muenchen/oss/wahllokalsystem/wls/common/security/authentication/JWTDetailRetriever.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,27 @@ | ||
| package de.muenchen.oss.wahllokalsystem.wls.common.security.authentication; | ||
|
|
||
| import java.util.Optional; | ||
| import org.springframework.security.core.Authentication; | ||
| import org.springframework.security.oauth2.server.resource.authentication.JwtAuthenticationToken; | ||
| import org.springframework.stereotype.Component; | ||
| import org.springframework.util.Assert; | ||
|
|
||
| @Component | ||
| public class JWTDetailRetriever implements AuthDetailRetriever { | ||
|
|
||
| @Override | ||
| public boolean canHandle(final Authentication authentication) { | ||
| Assert.notNull(authentication, "authentication must not be null"); | ||
| return authentication instanceof JwtAuthenticationToken; | ||
| } | ||
|
|
||
| public Optional<String> getDetail(final String detailKey, final Authentication authentication) { | ||
| Assert.notNull(authentication, "authentication must not be null"); | ||
| Assert.notNull(detailKey, "detailKey must not be null"); | ||
| if (authentication instanceof JwtAuthenticationToken jwtToken) { | ||
| return Optional.ofNullable(jwtToken.getToken().getClaimAsString(detailKey)); | ||
| } else { | ||
| return Optional.empty(); | ||
| } | ||
| } | ||
| } |
4 changes: 4 additions & 0 deletions
4
...java/de/muenchen/oss/wahllokalsystem/wls/common/security/authentication/package-info.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,4 @@ | ||
| @NonNullApi | ||
| package de.muenchen.oss.wahllokalsystem.wls.common.security.authentication; | ||
|
|
||
| import org.springframework.lang.NonNullApi; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
77 changes: 77 additions & 0 deletions
77
.../oss/wahllokalsystem/wls/common/security/authentication/AnonymousDetailRetrieverTest.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,77 @@ | ||
| package de.muenchen.oss.wahllokalsystem.wls.common.security.authentication; | ||
|
|
||
| import java.util.List; | ||
| import lombok.val; | ||
| import org.assertj.core.api.Assertions; | ||
| import org.junit.jupiter.api.Nested; | ||
| import org.junit.jupiter.api.Test; | ||
| import org.springframework.security.authentication.AbstractAuthenticationToken; | ||
| import org.springframework.security.authentication.AnonymousAuthenticationToken; | ||
| import org.springframework.security.core.authority.SimpleGrantedAuthority; | ||
|
|
||
| class AnonymousDetailRetrieverTest { | ||
|
|
||
| private final AnonymousDetailRetriever unitUnderTest = new AnonymousDetailRetriever(); | ||
|
|
||
| @Nested | ||
| class CanHandle { | ||
|
|
||
| @Test | ||
| void should_throwIllegalArgumentException_when_authenticationIsNull() { | ||
| Assertions.assertThatThrownBy(() -> unitUnderTest.canHandle(null)).isInstanceOf(IllegalArgumentException.class); | ||
| } | ||
|
|
||
| @Test | ||
| void should_returnTrue_when_authenticationIsAnonymousAuthenticationToken() { | ||
| Assertions.assertThat(unitUnderTest.canHandle(new AnonymousAuthenticationToken("key", "principal", List.of(new SimpleGrantedAuthority("role"))))) | ||
| .isTrue(); | ||
| } | ||
|
|
||
| @Test | ||
| void should_returnTrue_when_authenticationSubclassOfJwtAuthenticationToken() { | ||
| Assertions.assertThat(unitUnderTest.canHandle(new AnonymousAuthenticationToken("key", "principal", List.of(new SimpleGrantedAuthority("role"))) { | ||
| })).isTrue(); | ||
| } | ||
|
|
||
| @Test | ||
| void should_returnFalse_when_authenticationIsNotJwtAuthenticationToken() { | ||
| Assertions.assertThat(unitUnderTest.canHandle(new AbstractAuthenticationToken(List.of(new SimpleGrantedAuthority("role"))) { | ||
| @Override | ||
| public Object getCredentials() { | ||
| return null; | ||
| } | ||
|
|
||
| @Override | ||
| public Object getPrincipal() { | ||
| return null; | ||
| } | ||
| })).isFalse(); | ||
| } | ||
| } | ||
|
|
||
| @Nested | ||
| class GetDetail { | ||
|
|
||
| @Test | ||
| void should_returnEmptyOptional_when_called() { | ||
| val authentication = new AnonymousAuthenticationToken("key", "principal", List.of(new SimpleGrantedAuthority("role"))); | ||
|
|
||
| val result = unitUnderTest.getDetail("key", authentication); | ||
|
|
||
| Assertions.assertThat(result).isEmpty(); | ||
| } | ||
|
|
||
| @Test | ||
| void should_throwIllegalArgumentException_when_authenticationIsNull() { | ||
| Assertions.assertThatThrownBy(() -> unitUnderTest.getDetail("key", null)).isInstanceOf(IllegalArgumentException.class); | ||
| } | ||
|
|
||
| @Test | ||
| void should_throwIllegalArgumentException_when_detailKeyIsNull() { | ||
| Assertions.assertThatThrownBy( | ||
| () -> unitUnderTest.getDetail(null, new AnonymousAuthenticationToken("key", "principal", List.of(new SimpleGrantedAuthority("role"))))) | ||
| .isInstanceOf(IllegalArgumentException.class); | ||
| } | ||
| } | ||
|
|
||
| } |
118 changes: 118 additions & 0 deletions
118
...enchen/oss/wahllokalsystem/wls/common/security/authentication/JWTDetailRetrieverTest.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,118 @@ | ||
| package de.muenchen.oss.wahllokalsystem.wls.common.security.authentication; | ||
|
|
||
| import java.time.Instant; | ||
| import java.time.temporal.ChronoUnit; | ||
| import java.util.Collections; | ||
| import java.util.Map; | ||
| import java.util.Optional; | ||
| import lombok.val; | ||
| import org.assertj.core.api.Assertions; | ||
| import org.junit.jupiter.api.Nested; | ||
| import org.junit.jupiter.api.Test; | ||
| import org.springframework.security.authentication.AbstractAuthenticationToken; | ||
| import org.springframework.security.authentication.UsernamePasswordAuthenticationToken; | ||
| import org.springframework.security.oauth2.jwt.Jwt; | ||
| import org.springframework.security.oauth2.server.resource.authentication.JwtAuthenticationToken; | ||
|
|
||
| class JWTDetailRetrieverTest { | ||
|
|
||
| private final JWTDetailRetriever unitUnderTest = new JWTDetailRetriever(); | ||
|
|
||
| @Nested | ||
| class CanHandle { | ||
|
|
||
| @Test | ||
| void should_throwIllegalArgumentException_when_authenticationIsNull() { | ||
| Assertions.assertThatThrownBy(() -> unitUnderTest.canHandle(null)).isInstanceOf(IllegalArgumentException.class); | ||
| } | ||
|
|
||
| @Test | ||
| void should_returnTrue_when_authenticationIsJwtAuthenticationToken() { | ||
| val detailKey = "requestedKey"; | ||
| val detailValue = "detailValue"; | ||
| val jwt = createJWT(Map.of(detailKey, detailValue)); | ||
|
|
||
| Assertions.assertThat(unitUnderTest.canHandle(new JwtAuthenticationToken(jwt))).isTrue(); | ||
| } | ||
|
|
||
| @Test | ||
| void should_returnTrue_when_authenticationSubclassOfJwtAuthenticationToken() { | ||
| val detailKey = "requestedKey"; | ||
| val detailValue = "detailValue"; | ||
| val jwt = createJWT(Map.of(detailKey, detailValue)); | ||
|
|
||
| Assertions.assertThat(unitUnderTest.canHandle(new JwtAuthenticationToken(jwt) { | ||
| })).isTrue(); | ||
| } | ||
|
|
||
| @Test | ||
| void should_returnFalse_when_authenticationIsNotJwtAuthenticationToken() { | ||
| Assertions.assertThat(unitUnderTest.canHandle(new AbstractAuthenticationToken(Collections.emptyList()) { | ||
| @Override | ||
| public Object getCredentials() { | ||
| return null; | ||
| } | ||
|
|
||
| @Override | ||
| public Object getPrincipal() { | ||
| return null; | ||
| } | ||
| })).isFalse(); | ||
| } | ||
| } | ||
|
|
||
| @Nested | ||
| class GetDetail { | ||
|
|
||
| @Test | ||
| void should_returnEmptyOptional_when_authenticationIsNotInstanceOfJwtAuthenticationToken() { | ||
| val result = unitUnderTest.getDetail("key", new UsernamePasswordAuthenticationToken("principal", "credentials")); | ||
|
|
||
| Assertions.assertThat(result).isEmpty(); | ||
| } | ||
|
|
||
| @Test | ||
| void should_returnValues_when_claimWithKeyExists() { | ||
| val detailKey = "requestedKey"; | ||
| val detailValue = "detailValue"; | ||
|
|
||
| val jwt = createJWT(Map.of(detailKey, detailValue)); | ||
|
|
||
| val expectedResult = Optional.of(detailValue); | ||
|
|
||
| val result = unitUnderTest.getDetail(detailKey, new JwtAuthenticationToken(jwt)); | ||
|
|
||
| Assertions.assertThat(result).isEqualTo(expectedResult); | ||
| } | ||
|
|
||
| @Test | ||
| void should_returnValues_when_claimWithKeyDoesNotExists() { | ||
| val detailKey = "requestedKey"; | ||
|
|
||
| val jwt = createJWT(Map.of(detailKey + "extra", detailKey)); | ||
|
|
||
| val result = unitUnderTest.getDetail(detailKey, new JwtAuthenticationToken(jwt)); | ||
|
|
||
| Assertions.assertThat(result).isEmpty(); | ||
| } | ||
|
|
||
| @Test | ||
| void should_throwsIllegalArgumentException_when_keyIsNull() { | ||
| val detailValue = "detailValue"; | ||
|
|
||
| val jwt = createJWT(Map.of("detailKey", detailValue)); | ||
|
|
||
| Assertions.assertThatThrownBy(() -> unitUnderTest.getDetail(null, new JwtAuthenticationToken(jwt))).isInstanceOf(IllegalArgumentException.class); | ||
| } | ||
|
|
||
| @Test | ||
| void should_throwsIllegalArgumentException_when_authenticationIsNull() { | ||
| Assertions.assertThatThrownBy(() -> unitUnderTest.getDetail("key", null)).isInstanceOf(IllegalArgumentException.class); | ||
| } | ||
| } | ||
|
|
||
| private Jwt createJWT(final Map<String, Object> claims) { | ||
| return new Jwt("tokenValue", Instant.now().minus(1, ChronoUnit.HOURS), Instant.now().plus(1, ChronoUnit.HOURS), Map.of("key1", "value1"), claims); | ||
| } | ||
|
|
||
| } |