@Override public void writeString( String value ) { builder.append( base64Encoder.encodeToString( UTF8.encode( value ) ) ); builder.append( '|' ); }
static Map<String,Object> newCustomAuthToken( String principle, String credentials, String realm, String scheme, Map<String,Object> parameters ) { return newCustomAuthToken( principle, UTF8.encode( credentials ), realm, scheme, parameters ); }
@Override public void writeString( char value ) { writeStringBytes( UTF8.encode( String.valueOf( value ) ), true ); }
private LoginContext authenticate( String username, String password ) throws InvalidAuthTokenException { AuthManager authManager = authManagerSupplier.get(); Map<String,Object> authToken = newBasicAuthToken( username, password != null ? UTF8.encode( password ) : null ); return authManager.login( authToken ); }
@Override public void write( Object value, FlushableChannel into ) throws IOException { byte[] bytes = UTF8.encode( (String)value ); into.putInt( bytes.length ).put( bytes, bytes.length ); } } );
@Override public boolean matchesPassword( String password ) { return byteEquals( passwordHash, hash( salt, UTF8.encode( password ) ) ); }
@Test public void shouldMakeCustomAuthTokenAndBasicScheme() { Map<String, Object> token = AuthToken.newCustomAuthToken( "me", "my secret", "my realm", "basic" ); assertThat("Should have correct username", token.get(AuthToken.PRINCIPAL), equalTo("me")); assertThat( "Should have correct password", token.get( AuthToken.CREDENTIALS ), equalTo( UTF8.encode( "my secret" ) ) ); assertThat("Should have correct scheme", token.get(AuthToken.SCHEME_KEY), equalTo(AuthToken.BASIC_SCHEME)); assertThat("Should have correctno realm", token.get(AuthToken.REALM_KEY), equalTo( "my realm" )); }
@Test public void shouldMakeCustomAuthTokenAndCustomcScheme() { Map<String, Object> token = AuthToken.newCustomAuthToken( "me", "my secret", "my realm", "my scheme" ); assertThat("Should have correct username", token.get(AuthToken.PRINCIPAL), equalTo("me")); assertThat( "Should have correct password", token.get( AuthToken.CREDENTIALS ), equalTo( UTF8.encode( "my secret" ) ) ); assertThat("Should have correct scheme", token.get(AuthToken.SCHEME_KEY), equalTo("my scheme")); assertThat("Should have correct realm", token.get(AuthToken.REALM_KEY), equalTo( "my realm" )); }
@Test public void shouldBeAbleToUpdateCredentials() throws Exception { // When authentication.authenticate( map( "scheme", "basic", "principal", "mike", "credentials", UTF8.encode( "secret2" ), "new_credentials", UTF8.encode( "secret" ) ) ); // Then authentication.authenticate( map( "scheme", "basic", "principal", "mike", "credentials", UTF8.encode( "secret" ) ) ); }
@Test public void shouldBeAbleToUpdateExpiredCredentials() throws Exception { // When AuthenticationResult result = authentication.authenticate( map( "scheme", "basic", "principal", "bob", "credentials", UTF8.encode( "secret" ), "new_credentials", UTF8.encode( "secret2" ) ) ); // Then assertThat(result.credentialsExpired(), equalTo( false )); }
@Test public void shouldIgnoreUnknownFields() { // Given String json = "{ \"statements\" : [ { \"a\" : \"\", \"b\" : { \"k\":1 }, \"statement\" : \"blah\" } ] }"; // When StatementDeserializer de = new StatementDeserializer( new ByteArrayInputStream( UTF8.encode( json ) ) ); // Then assertThat( de.hasNext(), equalTo( true ) ); assertThat( de.next().statement(), equalTo( "blah" ) ); assertThat( de.hasNext(), equalTo( false ) ); }
private File fileContaining( FileSystemAbstraction fs, String content ) throws IOException { File shortFile = directory.file( "file" ); fs.deleteFile( shortFile ); try ( OutputStream outputStream = fs.openAsOutputStream( shortFile, false ) ) { outputStream.write( UTF8.encode( content ) ); return shortFile; } } }
static void changeVersionNumber( FileSystemAbstraction fileSystem, File storeFile, String versionString ) throws IOException { byte[] versionBytes = UTF8.encode( versionString ); try ( StoreChannel fileChannel = fileSystem.open( storeFile, OpenMode.READ_WRITE ) ) { fileChannel.position( fileSystem.getFileSize( storeFile ) - versionBytes.length ); fileChannel.write( ByteBuffer.wrap( versionBytes ) ); } }
@Test public void shouldNotDoAnythingOnSuccess() throws Exception { // When AuthenticationResult result = authentication.authenticate( map( "scheme", "basic", "principal", "mike", "credentials", UTF8.encode( "secret2" ) ) ); // Then assertThat( result.getLoginContext().subject().username(), equalTo( "mike" ) ); }
@Test public void shouldNotBeAbleToUpdateCredentialsIfOldCredentialsAreInvalid() throws Exception { // Expect exception.expect( AuthenticationException.class ); exception.expect( hasStatus( Status.Security.Unauthorized ) ); exception.expectMessage( "The client is unauthorized due to authentication failure." ); // When authentication.authenticate( map( "scheme", "basic", "principal", "bob", "credentials", UTF8.encode( "gelato" ), "new_credentials", UTF8.encode( "secret2" ) ) ); }
@Test public void newUserShouldBeAbleToChangePassword() throws Throwable { // Given authManager.newUser( "andres", UTF8.encode( "banana" ), true ); // Then assertEmpty( login("andres", "banana"), "CALL dbms.changePassword('abc')" ); }
@Test public void newUserShouldNotBeAbleToCallOtherProcedures() throws Throwable { // Given authManager.newUser( "andres", UTF8.encode( "banana" ), true ); LoginContext user = login("andres", "banana"); // Then assertFail( user, "CALL dbms.procedures", "The credentials you provided were valid, but must be changed before you can use this instance." ); }
@Test public void shouldFailOnMalformedToken() throws Exception { // Expect exception.expect( AuthenticationException.class ); exception.expect( hasStatus( Status.Security.Unauthorized ) ); exception.expectMessage( "Unsupported authentication token, the value associated with the key `principal` " + "must be a String but was: SingletonList" ); // When authentication .authenticate( map( "scheme", "basic", "principal", singletonList( "bob" ), "credentials", UTF8.encode( "secret" ) ) ); }
@Test public void shouldThrowWithNoScheme() throws Exception { // Expect exception.expect( AuthenticationException.class ); exception.expect( hasStatus( Status.Security.Unauthorized ) ); // When authentication.authenticate( map( "principal", "bob", "credentials", UTF8.encode( "secret" ) ) ); }
@Test public void shouldReturnUsersWithFlags() throws Exception { authManager.newUser( "andres", UTF8.encode( "123" ), false ); Map<String,Object> expected = map( "neo4j", listOf( PWD_CHANGE ), "andres", listOf() ); assertSuccess( admin, "CALL dbms.security.listUsers()", r -> assertKeyIsMap( r, "username", "flags", expected ) ); }