Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>
This commit is contained in:
Avgustin Marinov
@@ -21,4 +21,5 @@ public class MgmtUserInfo {
|
||||
|
||||
private String tenant;
|
||||
private String username;
|
||||
private String[] permissions;
|
||||
}
|
||||
@@ -14,6 +14,9 @@ import org.eclipse.hawkbit.mgmt.json.model.auth.MgmtUserInfo;
|
||||
import org.eclipse.hawkbit.mgmt.rest.api.MgmtBasicAuthRestApi;
|
||||
import org.eclipse.hawkbit.tenancy.TenantAware;
|
||||
import org.springframework.http.ResponseEntity;
|
||||
import org.springframework.security.core.Authentication;
|
||||
import org.springframework.security.core.GrantedAuthority;
|
||||
import org.springframework.security.core.context.SecurityContextHolder;
|
||||
import org.springframework.web.bind.annotation.RestController;
|
||||
|
||||
/**
|
||||
@@ -32,8 +35,13 @@ public class MgmtBasicAuthResource implements MgmtBasicAuthRestApi {
|
||||
@AuditLog(entity = "BasicAuth", type = AuditLog.Type.READ, message = "Validate Basic Auth")
|
||||
public ResponseEntity<MgmtUserInfo> validateBasicAuth() {
|
||||
final MgmtUserInfo userInfo = new MgmtUserInfo();
|
||||
userInfo.setUsername(tenantAware.getCurrentUsername());
|
||||
userInfo.setTenant(tenantAware.getCurrentTenant());
|
||||
userInfo.setUsername(tenantAware.getCurrentUsername());
|
||||
final Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
|
||||
if (authentication != null) {
|
||||
userInfo.setPermissions(authentication.getAuthorities().stream().map(GrantedAuthority::getAuthority).toArray(String[]::new));
|
||||
return ResponseEntity.ok(userInfo);
|
||||
}
|
||||
return ResponseEntity.ok(userInfo);
|
||||
}
|
||||
}
|
||||
@@ -10,6 +10,8 @@
|
||||
package org.eclipse.hawkbit.mgmt.rest.resource;
|
||||
|
||||
import static org.hamcrest.CoreMatchers.equalTo;
|
||||
import static org.hamcrest.CoreMatchers.hasItems;
|
||||
import static org.hamcrest.CoreMatchers.is;
|
||||
import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.get;
|
||||
import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.content;
|
||||
import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.jsonPath;
|
||||
@@ -80,20 +82,22 @@ class MgmtBasicAuthResourceTest {
|
||||
protected WebApplicationContext webApplicationContext;
|
||||
@Autowired
|
||||
MockMvc defaultMock;
|
||||
private static final String TEST_USER = "testUser";
|
||||
private static final String DEFAULT_TENANT = "DEFAULT";
|
||||
private static final String TEST_USER = "testUser";
|
||||
|
||||
@Test
|
||||
@Description("Test of userinfo api with basic auth validation")
|
||||
@WithUser(principal = TEST_USER)
|
||||
@WithUser(principal = TEST_USER, authorities = {"READ", "WRITE", "DELETE"})
|
||||
void validateBasicAuthWithUserDetails() throws Exception {
|
||||
withSecurityMock().perform(get(MgmtRestConstants.AUTH_V1_REQUEST_MAPPING))
|
||||
.andDo(MockMvcResultPrinter.print())
|
||||
.andDo(MockMvcResultPrinter.print())
|
||||
.andExpect(status().isOk())
|
||||
.andExpect(content().contentType(MediaTypes.HAL_JSON_VALUE))
|
||||
.andExpect(jsonPath("$.tenant", equalTo(DEFAULT_TENANT)))
|
||||
.andExpect(jsonPath("$.username", equalTo(TEST_USER)))
|
||||
.andExpect(jsonPath("$.tenant", equalTo(DEFAULT_TENANT)));
|
||||
.andExpect(jsonPath("$.permissions.size()", is(3)))
|
||||
.andExpect(jsonPath("$.permissions", hasItems("READ", "WRITE", "DELETE")));
|
||||
}
|
||||
|
||||
@Test
|
||||
|
||||
Reference in New Issue
Block a user