Skip to content

Commit

Permalink
Fix QuarkusSecurityIdentity.isAnonymous check
Browse files Browse the repository at this point in the history 
(cherry picked from commit fdb63d3)
  • Loading branch information
@sberyozkin @gsmet
sberyozkin authored and gsmet committed Mar 24, 2021
1 parent cedebbf commit b3378b4
Show file tree
Hide file tree
Showing 2 changed files with 159 additions and 3 deletions.
29 changes: 26 additions & 3 deletions ...s/security/runtime/src/main/java/io/quarkus/security/runtime/QuarkusSecurityIdentity.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -22,13 +22,15 @@ public class QuarkusSecurityIdentity implements SecurityIdentity {
private final Set<Credential> credentials;
private final Map<String, Object> attributes;
private final List<Function<Permission, Uni<Boolean>>> permissionCheckers;
private final boolean anonymous;

private QuarkusSecurityIdentity(Builder builder) {
this.principal = builder.principal;
this.roles = Collections.unmodifiableSet(builder.roles);
this.credentials = Collections.unmodifiableSet(builder.credentials);
this.attributes = Collections.unmodifiableMap(builder.attributes);
this.permissionCheckers = Collections.unmodifiableList(builder.permissionCheckers);
this.anonymous = builder.anonymous;
}

@Override
Expand All @@ -38,7 +40,7 @@ public Principal getPrincipal() {

@Override
public boolean isAnonymous() {
return false;
return anonymous;
}

@Override
Expand Down Expand Up @@ -121,11 +123,13 @@ public static Builder builder() {
}

public static Builder builder(SecurityIdentity identity) {
return new Builder()
Builder builder = new Builder()
.addAttributes(identity.getAttributes())
.addCredentials(identity.getCredentials())
.addRoles(identity.getRoles())
.setPrincipal(identity.getPrincipal());
.setPrincipal(identity.getPrincipal())
.setAnonymous(identity.isAnonymous());
return builder;
}

public static class Builder {
Expand All @@ -135,6 +139,7 @@ public static class Builder {
Set<Credential> credentials = new HashSet<>();
Map<String, Object> attributes = new HashMap<>();
List<Function<Permission, Uni<Boolean>>> permissionCheckers = new ArrayList<>();
private boolean anonymous;
boolean built = false;

public Builder setPrincipal(Principal principal) {
Expand Down Expand Up @@ -211,7 +216,25 @@ public Builder addPermissionChecker(Function<Permission, Uni<Boolean>> function)
return this;
}

/**
* Sets an anonymous identity status.
*
* @param anonymous the anonymous status
* @return This builder
*/
public Builder setAnonymous(boolean anonymous) {
if (built) {
throw new IllegalStateException();
}
this.anonymous = anonymous;
return this;
}

public QuarkusSecurityIdentity build() {
if (principal == null && !anonymous) {
throw new IllegalStateException("Principal is null but anonymous status is false");
}

built = true;
return new QuarkusSecurityIdentity(this);
}
Expand Down
133 changes: 133 additions & 0 deletions ...curity/runtime/src/test/java/io/quarkus/security/runtime/QuarkusSecurityIdentityTest.java
View file
Original file line number Diff line number Diff line change
@@ -1,11 +1,23 @@
package io.quarkus.security.runtime;

import static org.junit.jupiter.api.Assertions.assertEquals;
import static org.junit.jupiter.api.Assertions.assertFalse;
import static org.junit.jupiter.api.Assertions.assertNull;
import static org.junit.jupiter.api.Assertions.assertThrows;
import static org.junit.jupiter.api.Assertions.assertTrue;

import java.security.Permission;
import java.security.Principal;
import java.util.Collections;
import java.util.Map;
import java.util.Set;

import org.junit.jupiter.api.Test;

import io.quarkus.security.credential.Credential;
import io.quarkus.security.credential.PasswordCredential;
import io.quarkus.security.identity.SecurityIdentity;
import io.smallrye.mutiny.Uni;

public class QuarkusSecurityIdentityTest {

Expand All @@ -18,11 +30,132 @@ public void testCopyIdentity() throws Exception {
.addAttribute("key", "value")
.build();

assertFalse(identity1.isAnonymous());

SecurityIdentity identity2 = QuarkusSecurityIdentity.builder(identity1).build();
assertFalse(identity1.isAnonymous());

assertEquals(identity1.getAttributes(), identity2.getAttributes());
assertEquals(identity1.getPrincipal(), identity2.getPrincipal());
assertEquals(identity1.getCredentials(), identity2.getCredentials());
assertEquals(identity1.getRoles(), identity2.getRoles());
}

@Test
public void testAnonymousPrincipalWithCustomIdentity() throws Exception {
SecurityIdentity identity1 = new TestSecurityIdentityAnonymousPrincipal();
assertTrue(identity1.isAnonymous());
assertEquals("anonymous-principal", identity1.getPrincipal().getName());

SecurityIdentity identity2 = QuarkusSecurityIdentity.builder(identity1).build();
assertTrue(identity2.isAnonymous());
assertEquals("anonymous-principal", identity2.getPrincipal().getName());
}

@Test
public void testPrincipalNullAnonymousFalseWithBuilder() throws Exception {
QuarkusSecurityIdentity.Builder builder = QuarkusSecurityIdentity.builder()
.addRole("admin")
.addCredential(new PasswordCredential("password".toCharArray()))
.addAttribute("key", "value");
;

assertThrows(IllegalStateException.class, () -> builder.build());
}

@Test
public void testPrincipalNullAnonymousFalseWithCustomIdentity() throws Exception {
SecurityIdentity identity1 = new TestSecurityIdentityPrincipalNullAnonymousFalse();
assertFalse(identity1.isAnonymous());
assertNull(identity1.getPrincipal());

assertThrows(IllegalStateException.class, () -> QuarkusSecurityIdentity.builder(identity1).build());
}

@Test
public void testPrincipalNullAnonymousFalseWithCustomIdentityFixed() throws Exception {
SecurityIdentity identity1 = new TestSecurityIdentityPrincipalNullAnonymousFalse();
assertFalse(identity1.isAnonymous());
assertNull(identity1.getPrincipal());

SecurityIdentity identity2 = QuarkusSecurityIdentity.builder(identity1).setAnonymous(true).build();
assertTrue(identity2.isAnonymous());
assertNull(identity2.getPrincipal());
}

static class TestSecurityIdentityAnonymousPrincipal extends AbstractTestSecurityIdentity {

@Override
public Principal getPrincipal() {
return new Principal() {
@Override
public String getName() {
return "anonymous-principal";
}
};
}

@Override
public boolean isAnonymous() {
return true;
}

}

static class TestSecurityIdentityPrincipalNullAnonymousFalse extends AbstractTestSecurityIdentity {

@Override
public Principal getPrincipal() {
return null;
}

@Override
public boolean isAnonymous() {
return false;
}

}

static abstract class AbstractTestSecurityIdentity implements SecurityIdentity {

@Override
public Set<String> getRoles() {
return Collections.emptySet();
}

@Override
public boolean hasRole(String role) {
// TODO Auto-generated method stub
return false;
}

@Override
public <T extends Credential> T getCredential(Class<T> credentialType) {
// TODO Auto-generated method stub
return null;
}

@Override
public Set<Credential> getCredentials() {
return Collections.emptySet();
}

@Override
public <T> T getAttribute(String name) {
// TODO Auto-generated method stub
return null;
}

@Override
public Map<String, Object> getAttributes() {
return Collections.emptyMap();
}

@Override
public Uni<Boolean> checkPermission(Permission permission) {
// TODO Auto-generated method stub
return null;
}

}
}

0 comments on commit b3378b4

Please sign in to comment.