Merge branch 'restproxyattributebindingfilter' into 'master'

Add PviAttributeBindingFilter AttributeBindingFilter is a filter that is used along with rest-proxy to add headers to a request based on the attributes added with the filter. WIP for suggestions/critiques on the design and implementation. Please review: @paul.erickson @ahoffmann @bjsousa See merge request !9

Merge branch 'restproxyattributebindingfilter' into 'master'
e8e8f011 · Andy Summers · 1c7f5255 · b4aa5402 · e8e8f011 · e8e8f011
Commit e8e8f011 authored 9 years ago by Andy Summers
--- a/uw-spring-security-web/pom.xml
+++ b/uw-spring-security-web/pom.xml
@@ -20,6 +20,11 @@
 			<artifactId>junit</artifactId>
 			<scope>test</scope>
 		</dependency>
+		<dependency>
+			<groupId>org.mockito</groupId>
+			<artifactId>mockito-core</artifactId>
+			<scope>test</scope>
+		</dependency>
 		<dependency>
 			<groupId>org.slf4j</groupId>
 			<artifactId>slf4j-log4j12</artifactId>

--- a/uw-spring-security-web/src/main/java/edu/wisc/uwss/web/PviAttributeBindingFilter.java
+++ b/uw-spring-security-web/src/main/java/edu/wisc/uwss/web/PviAttributeBindingFilter.java
+package edu.wisc.uwss.web;
+
+import edu.wisc.uwss.UWUserDetails;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.security.core.Authentication;
+import org.springframework.security.core.context.SecurityContextHolder;
+import org.springframework.web.filter.GenericFilterBean;
+
+import javax.servlet.FilterChain;
+import javax.servlet.ServletException;
+import javax.servlet.ServletRequest;
+import javax.servlet.ServletResponse;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import java.io.IOException;
+
+/**
+ * Filter to a UW user's PVI to a request. This sets an attribute named "wiscedupvi" to the value
+ * of the currently authenticated user.
+ */
+public class PviAttributeBindingFilter extends GenericFilterBean {
+
+    private static final Logger logger = LoggerFactory.getLogger(PviAttributeBindingFilter.class);
+
+    /**
+     * Add an attribute to the request with the currently authenticated user's PVI.
+     *
+     * @param servletRequest the request
+     * @param servletResponse the response
+     * @param filterChain the filter chain
+     * @throws IOException
+     * @throws ServletException
+     */
+    @Override
+    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
+        HttpServletRequest req = (HttpServletRequest)servletRequest;
+        HttpServletResponse res = (HttpServletResponse)servletResponse;
+
+        Authentication auth = SecurityContextHolder.getContext().getAuthentication();
+
+        if (auth != null) {
+            Object principal = auth.getPrincipal();
+            if (principal instanceof UWUserDetails) {
+                UWUserDetails userDetails = (UWUserDetails)principal;
+                logger.debug("adding PVI attribute with value {} to request", userDetails.getPvi());
+                req.setAttribute("wiscedupvi", userDetails.getPvi());
+            }
+        }
+
+        filterChain.doFilter(req, res);
+    }
+
+}
--- a/uw-spring-security-web/src/test/java/edu/wisc/uwss/web/PviAttributeBindingFilterTest.java
+++ b/uw-spring-security-web/src/test/java/edu/wisc/uwss/web/PviAttributeBindingFilterTest.java
+package edu.wisc.uwss.web;
+
+import edu.wisc.uwss.UWUserDetails;
+import edu.wisc.uwss.UWUserDetailsImpl;
+
+import org.junit.Before;
+import org.junit.Test;
+import org.mockito.Mockito;
+import org.springframework.mock.web.MockFilterChain;
+import org.springframework.mock.web.MockHttpServletRequest;
+import org.springframework.mock.web.MockHttpServletResponse;
+import org.springframework.security.core.context.SecurityContext;
+import org.springframework.security.core.context.SecurityContextHolder;
+import org.springframework.security.web.authentication.preauth.PreAuthenticatedAuthenticationToken;
+
+import javax.servlet.ServletException;
+import java.io.IOException;
+
+import static org.junit.Assert.*;
+
+/**
+ * Tests for {@link PviAttributeBindingFilter}
+ *
+ * @author apsummers
+ */
+public class PviAttributeBindingFilterTest {
+
+    private PviAttributeBindingFilter filter;
+    private MockHttpServletRequest req;
+    private MockHttpServletResponse res;
+    private MockFilterChain filterChain;
+
+    @Before
+    public void setUp() {
+        filter = new PviAttributeBindingFilter();
+        req = new MockHttpServletRequest();
+        res = new MockHttpServletResponse();
+        filterChain = new MockFilterChain();
+    }
+
+    @Test
+    public void testDoFilter() throws ServletException, IOException {
+        // Create a UWUserDetails to represent the requesting user
+        UWUserDetails principal = new UWUserDetailsImpl("UW000A000", "admin", "password", "Amy Admin", "amy.admin@wisc.edu");
+        PreAuthenticatedAuthenticationToken preauthToken = new PreAuthenticatedAuthenticationToken(principal, null);
+
+        // Setup security context
+        SecurityContext securityContext = Mockito.mock(SecurityContext.class);
+        Mockito.when(securityContext.getAuthentication()).thenReturn(preauthToken);
+        SecurityContextHolder.setContext(securityContext);
+        
+        filter.doFilter(req, res, filterChain);
+        assertEquals("UW000A000", req.getAttribute("wiscedupvi"));
+    }
+
+}